How to construct from_ip from TIP.PGE packet
whensungoesdown opened this issue · 4 comments
When I trace a module, I set an IP filter on it. So that only the code of that module is traced. When outside code call/jump/ret into the module, pt generates a TIP.PGE packet. But at this point, I can't construct the from_ip. According to SDM, the TIP.PGE's payload only contains to_ip. There is no previous packets because it's out of the module (IP filter).
So I can't tell whether it's a "call" or "ret". When using perf, the from_ip is set to 0 and the instruction buffer will not be updated, hence the assembly code of this instruction is wrong.
(Sorry, I know here is not right place for perf)
for example, (only gnome-calendar is traced, it calls an outside function)
55f8835530a6 [unknown] (/usr/bin/gnome-calendar) => 7fc614c9b600 g_hash_table_new_full+0x0 (/usr/lib/libglib-2.0.so.0.6200.3) insn: ff 15 dc 01 07 00
0 [unknown] ([unknown]) => 55f8835530ac [unknown] (/usr/bin/gnome-calendar) insn: ff 15 dc 01 07 00
The latter should be a "c3". Since the insn buffer is not updated, it shows the previous one.
Is there a way that I can get the from_ip.
Thanks!
You can't get the from_ip for a TIP.PGE. With IP filters, you only get packets on branches, so you know that it must be some branch that ends at the TIP.PGE IP - you're not walking into the filter region. But that's really all you know.
Thanks:) Then there is no way to tell if it's calling/jumping/returning into the filter region. I am trying to get involved callbacks of a module.
Not with PT using filters. You could trace everything if that's an option. Or you could look into other perf options. It supports recording PT in snapshot mode, where you would get only a few pages of PT. The only way I know of to trigger this is to send the perf process SIGUSR2, though, which probably doesn't work in your case. You could instrument your callbacks to do that but then you might just use backtrace(3) or GDB.
Thanks for the suggestions, snapshot mode seems good. I am tracing GUI based programs which generates a lot of data. That's why I set up a filter region. To be more specific, I am trying to relate GUI elements with their callback. For example, one button clicked, I check which callbacks are invoked.