Highest Voted 'tracepoint' Questions

0

votes

1 answer

error mounting "/sys/kernel/debug/tracing" to rootfs

I'm using ebpf in container environment to trace several kernel tracepoints. Part of the code is shown beloew: SEC("tp/sched/sched_wakeup") int handle__sched_wakeup(struct sched_wakeup_tp_args *ctx) { struct task_struct *task = (void…

asked Mar 22 '23 at 06:20

54vault

39
4

0

votes

0 answers

perf_event_open tracepoint with bpf for a specific cpu

I want to write a C program that triggers execution of a bpf program when a syscall is executed on a specific CPU by any process/thread So the idea is to do a perf_event_open(pattr, -1, {MY_CPU_NUM}, -1, 0) followed by ret = ioctl(efd,…

c profiling perf ebpf tracepoint

asked Sep 27 '22 at 08:33

zephyr0110

223
1
11

0

votes

0 answers

How to have linux kernel trace printed to console

I am debugging an problem wherein sometimes, reboot command just does not boot. Very similar to…

linux-kernel embedded-linux tracepoint

asked Sep 11 '22 at 12:28

ksrikanth

71
9

0

votes

1 answer

Get HTTP Request and response pairs with eBPF tracepoints

I am trying to write a small program that leverages Linux's tracepoints sys_enter_recvfrom and sys_enter_sendto to display the pairs of HTTP requests and responses that occur on the system. First of all, I defined the following C structure that can…

c linux ebpf tracepoint

asked Aug 03 '22 at 15:52

Odess4

420
5
17

0

votes

1 answer

How to redirect tracepoint output to a file in Ruby?

I am using the TracePoint class to trace a specific method in a large project, however, I need to also interact with the console the project provides. Although interaction works. I need to see any prompts the console makes, which is not possible due…

ruby debugging logging methods tracepoint

asked Jun 03 '22 at 08:11

CSMan

11
3

0

votes

1 answer

What is the correct way for reading kernel tracepoint arguments?

I am trying to read the arguments of the following tracepoint program: // Declared at /sys/kernel/debug/tracing/events/net/netif_receive_skb/format struct netif_receive_skb_context { unsigned short type; unsigned char flags; unsigned…

c ebpf tracepoint

asked Mar 02 '22 at 08:06

Nimrodshn

859
3
13
29

0

votes

1 answer

In a Linux system call, are system call parameters preserved in registers after the syscall finished (at the sys_exit tracepoint)?

Is it guaranteed to be able to read all the syscall parameters at sys_exit tracepoint? sysdig driver is a kernel module to capture syscall using kernel static tracepoint. In this project some of system call parameters are read at sys_enter…

linux-kernel system-calls tracepoint

asked Jan 23 '21 at 12:23

user2828102

125
1
12

0

votes

0 answers

Run pdb whenever a variale is accessed in python?

I'm trying to debug some code that creates an error dictionary and returns it (rather than return an error as soon as something occurs). To do this, it would be useful to track: When a particular key in a dictionary is accessed and When this…

python debugging pdb tracepoint

asked Aug 09 '20 at 15:13

Att Righ

1,439
1
16
29

0

votes

1 answer

process name (comm) as key for BPF map

I've been trying to design a tool wherein I can do per-process tracing, but this implies that I need a key for each process so that I can store key-value map pairings for each process. I instinctually don't like using structs or strings as keys, and…

ctypes bpf bcc-bpf tracepoint

asked Apr 24 '20 at 19:15

byrnesj1

189
1
14

0

votes

0 answers

Can't remove kernel driver after enabling tracepoint

I added a new trace point to a kernel module that I built. A few seconds after insmod, my driver refcnt stays on 1 and from this point I can't unload my module. I've followed the instructions on https://lwn.net/Articles/383362/. Running on Ubuntu…

c module linux-kernel trace tracepoint

asked Mar 09 '20 at 13:24

Avi Zana

89
8

0

votes

1 answer

Can't access correctly to tracepoint context struct fields

GOAL: write in the trace_pipe only if openat is called with O_RDONLY flag. I've build the struct looking the format contained here /sys/kernel/debug/tracing/events/syscalls/sys_enter_open/format PROBLEM I think I'm not accessing to the flags field …

c bpf ebpf tracepoint

asked Aug 30 '19 at 08:42

Maicake

1,046
10
34

0

votes

1 answer

tracepoint/syscalls/sys_enter doesn't trigger bpf_trace_printk

GOAL: print Hello every time a system call is executed. CODE: _kern.c #include #include "bpf_helpers.h" SEC("tracepoint/syscalls/sys_enter") int bpf_sys(struct syscalls_enter_open_args *ctx) { char fmt[] = "Hello\n"; …

c bpf ebpf tracepoint

asked Aug 26 '19 at 12:40

Maicake

1,046
10
34

0

votes

0 answers

How to use tracepoints in Kernel Module

I have started to learn these things recently. Regarding this matter, I came across plenty of resources regarding kprobes, BPF, eBPF, tracepoints and perf. I wanted to test some irq events in the kernel (before it arrived to the device driver).…

linux-kernel kernel-module bpf tracepoint

asked May 01 '18 at 23:09

cooshal

758
8
21

0

votes

1 answer

What happens to unused parameters in macro?

this question comes from reading the kernel, more specifically the trace macros. I got to them when I was studying how the kernel modules executes binary, elf and scripts files (fs/exec.c). For some reason, I don't remember which got to the…

c kernel tracepoint

asked May 01 '17 at 19:08

morcillo

1,091
5
19
51

0

votes

1 answer

Ruby TracePoint: How to trap definition of a specific class?

I am trying to find out how to use Ruby's TracePoint API to trap the definition and subsequent redefinitions of a specific class (e.g. 'Resolv'). I am able to trap all class definitions using: TracePoint.trace(:class) do |tp| require 'pry';…

ruby class tracepoint

asked Mar 05 '17 at 11:34

Keith Bennett

4,722
1
25
35

Questions tagged [tracepoint]