| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4A847EA7.20307@redhat.com>
Date: Thu, 13 Aug 2009 16:59:19 -0400
From: Masami Hiramatsu <mhiramat@...hat.com>
To: Ingo Molnar <mingo@...e.hu>, Steven Rostedt <rostedt@...dmis.org>,
lkml <linux-kernel@...r.kernel.org>
CC: Ananth N Mavinakayanahalli <ananth@...ibm.com>,
Avi Kivity <avi@...hat.com>, Andi Kleen <ak@...ux.intel.com>,
Christoph Hellwig <hch@...radead.org>,
"Frank Ch. Eigler" <fche@...hat.com>,
Frederic Weisbecker <fweisbec@...il.com>,
"H. Peter Anvin" <hpa@...or.com>, Jason Baron <jbaron@...hat.com>,
Jim Keniston <jkenisto@...ibm.com>,
"K.Prasad" <prasad@...ux.vnet.ibm.com>,
Lai Jiangshan <laijs@...fujitsu.com>,
Li Zefan <lizf@...fujitsu.com>,
PrzemysławPawełczyk <przemyslaw@...elczyk.it>,
Roland McGrath <roland@...hat.com>,
Sam Ravnborg <sam@...nborg.org>,
Srikar Dronamraju <srikar@...ux.vnet.ibm.com>,
Tom Zanussi <tzanussi@...il.com>,
Vegard Nossum <vegard.nossum@...il.com>,
systemtap <systemtap@...rces.redhat.com>,
kvm <kvm@...r.kernel.org>,
DLE <dle-develop@...ts.sourceforge.net>
Subject: [TOOL] c2kpe: C expression to kprobe event format converter
This program converts probe point in C expression to kprobe event
format for kprobe-based event tracer. This helps to define kprobes
events by C source line number or function name, and local variable
name. Currently, this supports only x86(32/64) kernels.
Compile
--------
Before compilation, please install libelf and libdwarf development
packages.
(e.g. elfutils-libelf-devel and libdwarf-devel on Fedora)
$ gcc -Wall -lelf -ldwarf c2kpe.c -o c2kpe
Synopsis
--------
$ c2kpe [options] FUNCTION[+OFFS][@SRC] [VAR [VAR ...]]
or
$ c2kpe [options] @SRC:LINE [VAR [VAR ...]]
FUNCTION: Probing function name.
OFFS: Offset in bytes.
SRC: Source file path.
LINE: Line number
VAR: Local variable name.
options:
-r KREL Kernel release version (e.g. 2.6.31-rc5)
-m DEBUGINFO Dwarf-format binary file (vmlinux or kmodule)
Example
-------
$ c2kpe sys_read fd buf count
sys_read+0 %di %si %dx
$ c2kpe @mm/filemap.c:339 inode pos
sync_page_range+125 -48(%bp) %r14
Example with kprobe-tracer
--------------------------
Since C expression may be converted multiple results, I recommend to use
readline.
$ c2kpe sys_read fd buf count | while read i; do \
echo "p $i" > $DEBUGFS/tracing/kprobe_events ;\
done
Note
----
- This requires a kernel compiled with CONFIG_DEBUG_INFO.
- Specifying @SRC speeds up c2kpe, because we can skip CUs which don't
include specified SRC file.
- c2kpe doesn't check whether the offset byte is correctly on the
instruction boundary. I recommend you to use @SRC:LINE expression for
tracing function body.
- This tool doesn't search kmodule file. You need to specify kmodule
file if you want to probe it.
TODO
----
- Fix bugs.
- Support multiple probepoints from stdin.
- Better kmodule support.
- Use elfutils-libdw?
- Merge into trace-cmd or perf-tools?
--
Masami Hiramatsu
Software Engineer
Hitachi Computer Products (America), Inc.
Software Solutions Division
e-mail: mhiramat@...hat.com
View attachment "c2kpe.c" of type "text/plain" (21095 bytes)
Powered by blists - more mailing lists