lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.DEB.2.00.0905300009230.14994@gandalf.stny.rr.com>
Date:	Sat, 30 May 2009 00:11:26 -0400 (EDT)
From:	Steven Rostedt <rostedt@...dmis.org>
To:	Masami Hiramatsu <mhiramat@...hat.com>
cc:	Ingo Molnar <mingo@...e.hu>, lkml <linux-kernel@...r.kernel.org>,
	systemtap <systemtap@...rces.redhat.com>,
	kvm <kvm@...r.kernel.org>,
	DLE <dle-develop@...ts.sourceforge.net>,
	Christoph Hellwig <hch@...radead.org>,
	Ananth N Mavinakayanahalli <ananth@...ibm.com>,
	Frederic Weisbecker <fweisbec@...il.com>,
	Tom Zanussi <tzanussi@...il.com>
Subject: Re: [PATCH -tip v8 7/7] tracing: add kprobe-based event tracer




On Thu, 28 May 2009, Masami Hiramatsu wrote:

> +#undef SHOW_FIELD
> +#define SHOW_FIELD(type, item, name)					\
> +	do {								\
> +		ret = trace_seq_printf(s, "\tfield: " #type " %s;\t"	\
> +				"offset:%u;tsize:%u;\n", name,		\
> +				(unsigned)offsetof(typeof(field), item),\
> +				(unsigned)sizeof(type));		\
> +		if (!ret)						\
> +			return 0;					\
> +	} while (0)
> +
> +static int __probe_event_show_format(struct ftrace_event_call *event_call,
> +				     struct trace_seq *s, const char *fmt,
> +				     const char *arg)
> +{
> +	struct kprobe_trace_entry field __attribute__((unused));

You use kprobe_trace_entry for both kprobe and kretprobe.

> +	int ret, i;
> +	char buf[MAX_ARGSTR_LEN + 1];
> +	struct trace_probe *tp = container_of(event_call,
> +					      struct trace_probe, call);
> +
> +	/* Show fields */
> +	for (i = 0; i < tp->nr_args; i++) {
> +		sprintf(buf, "arg%d", i);
> +		SHOW_FIELD(unsigned long, args[i], buf);
> +	}
> +	trace_seq_puts(s, "\n");
> +
> +	/* Show aliases */
> +	for (i = 0; i < tp->nr_args; i++) {
> +		if (trace_arg_string(buf, MAX_ARGSTR_LEN, &tp->args[i]))
> +			return 0;
> +		if (!trace_seq_printf(s, "\talias: %s;\toriginal: arg%d;\n",
> +				      buf, i))
> +			return 0;
> +	}
> +	/* Show format */
> +	if (!trace_seq_printf(s, "\nprint fmt: \"%s", fmt))
> +		return 0;
> +
> +	for (i = 0; i < tp->nr_args; i++)
> +		if (!trace_seq_puts(s, " 0x%lx"))
> +			return 0;
> +
> +	if (!trace_seq_printf(s, "\", %s", arg))
> +		return 0;
> +
> +	for (i = 0; i < tp->nr_args; i++)
> +		if (!trace_seq_printf(s, ", arg%d", i))
> +			return 0;
> +
> +	return trace_seq_puts(s, "\n");
> +}
> +
> +static int kprobe_event_show_format(struct ftrace_event_call *call,
> +				    struct trace_seq *s)
> +{
> +	struct kprobe_trace_entry field __attribute__((unused));
> +	int ret;
> +
> +	SHOW_FIELD(unsigned long, ip, "ip");
> +	SHOW_FIELD(int, nargs, "nargs");
> +
> +	return __probe_event_show_format(call, s, "%lx:", "ip");
> +}
> +
> +static int kretprobe_event_show_format(struct ftrace_event_call *call,
> +				       struct trace_seq *s)
> +{
> +	struct kretprobe_trace_entry field __attribute__((unused));
> +	int ret;
> +
> +	SHOW_FIELD(unsigned long, func, "func");
> +	SHOW_FIELD(unsigned long, ret_ip, "ret_ip");
> +	SHOW_FIELD(int, nargs, "nargs");
> +
> +	return __probe_event_show_format(call, s, "%lx <- %lx:",
> +					  "func, ret_ip");
> +}

Thus we end up with:

format:
	field:unsigned short common_type;	offset:0;	size:2;
	field:unsigned char common_flags;	offset:2;	size:1;
	field:unsigned char common_preempt_count;	offset:3;	
size:1;
	field:int common_pid;	offset:4;	size:4;
	field:int common_tgid;	offset:8;	size:4;

	field: unsigned long func;	offset:16;tsize:8;
	field: unsigned long ret_ip;	offset:24;tsize:8;
	field: int nargs;	offset:32;tsize:4;
	field: unsigned long arg0;	offset:32;tsize:8;
	field: unsigned long arg1;	offset:40;tsize:8;
	field: unsigned long arg2;	offset:48;tsize:8;
	field: unsigned long arg3;	offset:56;tsize:8;

Notice that nargs and arg0 are both at offest 32.

-- Steve

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ