lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 18 Jan 2012 12:48:37 +0100
From:	Frederic Weisbecker <>
To:	Akihiro Nagai <>
Cc:	Arnaldo Carvalho de Melo <>,
	Ingo Molnar <>,
	Peter Zijlstra <>,
	David Ahern <>,,
	Masami Hiramatsu <>,
Subject: Re: [PATCH -tip v4 0/5] perf script: add BTS analysis features

On Mon, Jan 16, 2012 at 02:21:46PM +0900, Akihiro Nagai wrote:
> Hi Frederic, David,
> This patch series adds the functions to analyze BTS logs to perf-script and,
> makes perf-script more informative version 4.
> The patches add the following functions.
>  - Unify the expression to "[unknown]"
>  - Fix BTS record header to resolve DSOs and symbols of user-space
>  - Resolve DSOs and symbols for BTS's branch_from addresses
>  - Show the offset of symbols with the 'offs' field specifier.
>  - Resolve the real path of [kernel.kallsym] using
>    '--show-kernel-path' option.
> Usage:
> First, get the BTS log with the following command.
> # perf record -e branches:u -c 1 -d <command>
> Second, analyze that trace data.
> # perf script -f ip,addr,sym,offs,dso [--show-kernel-path]
> This command's output format is:
> <branch_to addr> <branch_to function+offset> <branch_to DSO> <branch_from addr> <branch_from function+offset> <branch_from DSO>
> Output sample:
> # perf record -e branches:u -c 1 -d ls
> [snip]
> # perf script -f ip,addr,sym,dso,offs --show-kernel-path
> [snip]
> 402c1c main+0x0             (/root/bin/ls)       3430c21399 __libc_start_main+0xe9 (/lib64/

I was confused first, looking for the reason why we have a so strange branch flow
until I realized the format is "to from".

Can we have "from to" instead? This will be much more intuitive. "from => to" would be even better.


> 40b390 set_program_name+0x0 (/root/bin/ls)           402c41 main+0x25              (/root/bin/ls)
> 40b390 set_program_name+0x0 (/root/bin/ls) ffffffff814ac5ed irq_return+0x0         (/lib/modules/3.2.0+/build/vmlinux)
> 401e20 strrchr@...+0x0      (/root/bin/ls)           40b39e set_program_name+0xe   (/root/bin/ls)
> 401e26 strrchr@...+0x6      (/root/bin/ls)           401e20 strrchr@...+0x0        (/root/bin/ls)
> 401b80 _init+0x18           (/root/bin/ls)           401e2b strrchr@...+0xb        (/root/bin/ls)
> 3430813850 _dl_runtime_resolve+0x0 (/lib64/ 401b86 _init+0x1e           (/root/bin/ls)
> [snip]

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists