Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp2812302pxb; Mon, 18 Oct 2021 02:20:32 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzWPtTT3q0I7mJbYJbfx9xH5XzkLQR8ZJmndB+7gVcLR+kl9uv3nqn0qEaMHVle50D2yvZ3 X-Received: by 2002:a17:906:1290:: with SMTP id k16mr28434755ejb.566.1634548832154; Mon, 18 Oct 2021 02:20:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1634548832; cv=none; d=google.com; s=arc-20160816; b=tPZ2lAPIBCKKlgeXCyna/P8Cfip5EkxWdVgsNeNJvCCIUKYk2blbxHY3kGXMuVdGZO HS4cz7VFIbchkGi02KhVZ3YWGARy6VVyYs2euBjn0CGxtmJPWbrHWvtrponjELcVw6DX aGykPHPyoKeZL7Hqua7nln96/CrZCSXfP5hlX0safQlT4TO9tg5xxifcQvIkEbwl4YDe yWwl6h1FYb3/yG916KClhd+meSN+HsIJpw41QNPEMF4wNL+aEiWKYtReaa1j0TQYIen6 XuzJAOr+xiKR0MaDono0v60ZSyVmaynYBLh9eSBYAjoZo3NBF6oPkforqT+Z2KXDzE++ Wvnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=aLlmgHnuhA1/ROy7+zrFqL9FIiWkD7fVE+0wV9VNoxs=; b=CT/SNH59ZC+JI0vxaw8+fiSH1R6omvobGS8HRcGCiZ3LZk9J5AFsjipN7SAMvIOPtm 1/Q/Auevk3iCugmMHLoOlZYpbJaZg+JZC/1ONl5mnhWltp6AJZjKVQE60xadki5MQzEK CIMV579hnhY4XRUoz57zkGs8sBMd+EAYmb9PzZI5ma5V8bF9o+/DDMGnjdytrqqBTx9p H00el/KzXfAQCBqUIKsGHmx1Cl2e5LnQOo98j1irGowdT2oKbVxiS/H1/Xg2KS8EL5qZ ql7BhiPjLf50YboM9YXnwuIG7An7gGEghKez07+H9qe1ZUWjov48gmHgIJXeIKkc7WN6 o4cQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b="dVj/eB58"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id y11si31362867eda.178.2021.10.18.02.20.07; Mon, 18 Oct 2021 02:20:32 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b="dVj/eB58"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231398AbhJRJUd (ORCPT + 99 others); Mon, 18 Oct 2021 05:20:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60624 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231491AbhJRJU0 (ORCPT ); Mon, 18 Oct 2021 05:20:26 -0400 Received: from mail-ed1-x532.google.com (mail-ed1-x532.google.com [IPv6:2a00:1450:4864:20::532]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1BABBC061745 for ; Mon, 18 Oct 2021 02:18:15 -0700 (PDT) Received: by mail-ed1-x532.google.com with SMTP id 5so37867732edw.7 for ; Mon, 18 Oct 2021 02:18:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=aLlmgHnuhA1/ROy7+zrFqL9FIiWkD7fVE+0wV9VNoxs=; b=dVj/eB58UTHPvhQOG73AXJms5NusneVxXNA38zTLiU2DfcJM/gxaYsQa4DerqgEQtu 045ZeVDoINNS+fYNgB9lIBoJGSC4nYxiiEhoWYrQGjyoCjDWRPGsGHoGyUKPtvYgtQZs QwSOHf2VgwS8KChAsIsA+xqTw4aFZfYYBZVy1/uRcrbj0uxp5mcwz1GzXmV4NhCnsqjF uLkqh8l/nAFhS7aZxn4nj77T5LrHNqeoe2MV5K+PSng/d0s+eTHiCeFArptVGoJIW0va f9+md9941WIByPA1pGOG9FWJZvWbnjfJhDt56pQpgR2swUI9utPGv37IRGHhVc6gfzL0 XjDg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=aLlmgHnuhA1/ROy7+zrFqL9FIiWkD7fVE+0wV9VNoxs=; b=Cb4qssnbrLtlCEO80eDClvLZwpaDIUP+2Uq+mNJOWDclZQySQFlxWlJJE/r2YQvOlP uTp2J6zenZQpnlHff9HlK/WY+bbvaEw/r56m6eSZMGZ1jkwdteib93WVik90YBFYzTjv jUHCo58DZRgiej1ySlTHKDoTR6u5NukW2WHg5UHr5Auj36qM4ZsXLHT+3IZRT5etpjl2 /s848SExyKBW7vdxXwxNT3IvkfHbRhmOnezf37/Ye8TEA9oz9irfjV6gPRxzKDuNKH7k oGKCypmK7f+xoleqr8oX3g8U5NZcAi2EOgWTN/wtkj4u14VmbQNpF/COO66wWdFWQaZg LWkQ== X-Gm-Message-State: AOAM531QUWdIfZIei/F02oa2lOHVKR4Hr9zjF4wb5VM5LlZL0jTBf11K kHSB29wc+byBfFdZ9f32klHjhrX1kTrEhWLr8gk= X-Received: by 2002:a17:906:f6cd:: with SMTP id jo13mr27789835ejb.563.1634548687386; Mon, 18 Oct 2021 02:18:07 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Dongliang Mu Date: Mon, 18 Oct 2021 17:17:41 +0800 Message-ID: Subject: Re: Any tracing mechanism can track the executed instructions of a user process in the kernel? To: FMDF Cc: kernelnewbies , linux-kernel , Greg KH , Dan Carpenter , Pavel Skripkin , Brendan Gregg Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org +Brendan Gregg On Mon, Oct 18, 2021 at 4:41 PM Dongliang Mu wr= ote: > > On Mon, Oct 18, 2021 at 4:07 PM FMDF wrote: > > > > On Mon, 18 Oct 2021, 04:46 Dongliang Mu, wr= ote: > >> > >> Hi all, > >> > >> I am writing to kindly ask one question: is there any tracing > >> mechanism in Linux kernel that can trace all the executed instructions > >> of a user process? If this user process is run on different > >> processors, traces of this process on different processors should be > >> also recorded. > > > > > > You've not explained in detail what is the purpose of the tracing that = you want to do. Missing this information I can only provide you a list of l= inks to various tools and methods. Take a look by yourself and try to figur= e out what is better suited for your needs... > > I want to log all the executed instructions of a user process (e.g., > poc.c in syzkaller) in the kernel mode and then would like to leverage > backward analysis to capture the root cause of kernel panic/crash. > > Therefore, I need the instruction-level tracing mechanisms or tools. > > > > > https://lwn.net/Kernel/Index/#Development_tools-Kernel_tracing > > trace-cmd: https://trace-cmd.org > > Ftrace is working at the function level. Therefore, ftrace and tracers > based on ftrace are not suitable for my scenario. > > > perf ftrace: /tools/perf/Documentation/perf-trace.txt > > perf-tools: https://github.com/brendangregg/perf-tools > > I am not familiar with the perf tool and cannot verify if it works for > my scenario. > > > > > In particular, the "function_graph" tracer of ftrace seems to be suited= for your purposes: > > > > https://man7.org/linux/man-pages/man1/trace-cmd.1.html > > https://man7.org/linux/man-pages/man1/trace-cmd-record.1.html > > https://man7.org/linux/man-pages/man1/trace-cmd-report.1.html > > > > Obviously, gdb (and friends) is still invaluable (but it may be difficu= lt to use, depending on your knowledge and experience, so use it if you rea= lly know that you need it): > > > > https://www.kernel.org/doc/html/latest/dev-tools/gdb-kernel-debugging.h= tml > > https://www.kernel.org/doc/html/latest/dev-tools/kgdb.html > > > > Regards, > > > > Fabio M. De Francesco > > > >> > >> Any comment is welcome. > >> > >> -- > >> My best regards to you. > >> > >> No System Is Safe! > >> Dongliang Mu > >> > >> _______________________________________________ > >> Kernelnewbies mailing list > >> Kernelnewbies@kernelnewbies.org > >> https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies