Questions tagged [tracing]
The tracing tag has no summary.
39 questions
1
vote
0
answers
113
views
Is the TASK-PID in trace-cmd output the TID of the thread handling TAP interface I/O?
I'm working on an networking lab tool leveraging QEMU-based VM virtualization and docker technology to run VMs and containers respectively on a Linux host. The underlying lab connectivity is ...
- 385
2
votes
1
answer
42
views
DTrace cannot reference the external kernel variable `ticks` on FreeBSD
I've come across the following DTrace one-liner on https://wiki.freebsd.org/DTrace/One-Liners:
# Summarize TCP life span in seconds:
dtrace -n 'fbt::tcp_close:entry {
@["TCP life span (...
- 5,003
0
votes
0
answers
19
views
Why does comm stay as the old name even after multiple task_rename and sched_process_exec events?
I am analyzing some trace-cmd (event) output filtered for some specific PID. The workflow is as follows (parse.py is just a custom python to parse for specific PIDs, $EVENTS_ARGS is just a list of the ...
9
votes
1
answer
2k
views
Does mtrace() still work in modern distros?
tldr: Does mtrace still work or am I just doing it wrong?
I was attempting to use mtrace and have been unable to get it to write data to a file. I followed the instructions in man 3 mtrace:
t_mtrace.c:...
- 265
1
vote
0
answers
249
views
How to trace DMA transactions by using dma_debug?
I am currently working on some PCI-e device stuff, that requires me to get the trace for DMA transactions on a specific (say GPU or NIC ) PCI card. After doing some research I found a useful post by ...
- 11
1
vote
1
answer
6k
views
How to clear the /sys/kernel/debug/tracing/trace_pipe quickly?
I am using the bpf_printk() helper to print to the kernel debug to trace some BPF programs. The usage is as follows:
#include <stdio.h>
#include <linux/bpf.h>
#include <sys/socket.h>...
- 125
1
vote
1
answer
861
views
Log all commands executed regardless of shell?
Suppose a user runs the following command:
zcat file.gz | grep something | gzip > grepped.gz
I'm looking for a kernel feature (a BPF filter perhaps?) that would note all of the execves, chain ...
- 1,298
0
votes
1
answer
600
views
Systemtap probe kernel module function while that module is loaded
How to use a Systemtap probe on a kernel module function while that module is loaded. I am trying to print the functions being called for a particular module while it is being loaded. Suppose I have a ...
- 309
0
votes
1
answer
182
views
How to view quickly spawned/killed processes on a Fedora Linux machine?
On Windows, there is a program available for download which is part of what's called the sysinternals suite of tools. This program is called Process Explorer 64 aka ProcExp64. The program is useful ...
- 414
2
votes
1
answer
65
views
How to convert an int to a string in DTrace?
I'd like to be able to concatenate a string and an int using strjoin(), e.g.,
strjoin("ada", args[1]->unit_number);
but in order to do that I have to make sure that the int is first ...
- 5,003
1
vote
0
answers
602
views
Is it possible to trace/record every file IO being done by one or all applications, both through syscalls and mmap?
I want to trace every IO operation an application does in its lifetime and don't want any caching effect to interfere. I cannot change the application source code, using a shim would be OK. ...
- 271
0
votes
2
answers
39
views
extract application name from rawpacket
Sounds dumb, but can you extract application name from a packet/pcap.
For eg: If a packet destination is to chrome process, can you extract that information from packet?
2
votes
1
answer
337
views
How can I profile virtual memory accesses made in user mode and kernel mode?
I would like to generate a log of all virtual memory accesses performed in user mode and kernel mode as a result of running some program.
Besides collecting memory access locations, I also want to ...
- 21
6
votes
1
answer
3k
views
How to trace DMA?
I am working on software that communicates with a PCI card through direct memory access (DMA) transactions. My programs use a suit of drivers and a library that handles the DMA. Everything runs on a ...
- 2,269
0
votes
1
answer
337
views
Suspicious pgrep run as root user on debian bullseye
I experience quite a bit of fan activity on my laptop, even the machine should be idle. When I take a look at my processes with top I have a pgrep process appear once in a while, taking some CPU. It ...
- 6,094