Can you verify that the tracepoints are NOPs in the binaries? If yes, how?
Yes, we can verify that the tracepoints are indeed nop assembly operations in a Bitcoin Core binary with tracepoints.
Listing tracepoint locations in the binary
The Bitcoin Core doc/tracing.md contains a section on listing avaliabe tracepoints.
For example, readelf -n src/bitcoind can be used to list ELF notes in the binary. There is an ELF note in the stapsdt section for each tracepoint. This note contains the location of the tracepoint in the binary.
$ readelf -n src/bitcoind
[..]
Displaying notes found in: .note.stapsdt
Owner Data size Description
stapsdt 0x0000005c NT_STAPSDT (SystemTap probe descriptors)
Provider: net
Name: outbound_message
Location: 0x00000000000e89e8, Base: 0x000000000057ff20, Semaphore: 0x0000000000000000
Arguments: -8@%r13 8@%r15 8@%rdi 8@24(%r14) 8@%rax 8@%rdx
[..]The tracepoint location can be listed with gdb too. Using the command info probes in a gdb session with the Bitcoin Core binary loaded lists information about the tracepoints too.
$ gdb src/bitcoind
GNU gdb (GDB) 10.2
[..]
Reading symbols from src/bitcoind...
(gdb) info probes
Type Provider Name Where Semaphore Object
stap net inbound_message 0x000000000011ebef /home/user/path/to/bitcoin/src/bitcoind
stap net outbound_message 0x00000000000e89e8 /home/user/path/to/bitcoin/src/bitcoind
[..]The location of the net:outbound_message tracepoint is 0x00000000000e89e8 (or 0xe89e8) in both cases.
Showing NOPs
In a gdb session we can show the instruction at the address 0xe89e8 using the display command.
(gdb) display /i 0xe89e8
1: x/i 0xe89e8
0xe89e8 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+968>: nopAditionally, we can have a look at the instructions before the nop instruction using the command display /-40i with the address 0xe89e9 (0xe89e8 + 1).
(gdb) display/-40i 0xe89e9
0xe8924 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+772>: cmp %rax,%rdi
0xe8927 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+775>: je 0xe893a <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+794>
0xe8929 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+777>: mov 0xb0(%rsp),%rax
0xe8931 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+785>: lea 0x1(%rax),%rsi
0xe8935 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+789>: call 0x24bc0 <_ZdlPvm@plt>
0xe893a <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+794>: mov 0xc0(%rsp),%rdi
0xe8942 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+802>: lea 0xd0(%rsp),%rax
0xe894a <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+810>: cmp %rax,%rdi
0xe894d <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+813>: je 0xe8960 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+832>
0xe894f <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+815>: mov 0xd0(%rsp),%rax
0xe8957 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+823>: lea 0x1(%rax),%rsi
0xe895b <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+827>: call 0x24bc0 <_ZdlPvm@plt>
0xe8960 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+832>: lea 0x180(%rsp),%r12
0xe8968 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+840>: lea 0x41570d(%rip),%rsi # 0x4fe07c
0xe896f <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+847>: mov %r12,%rdi
0xe8972 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+850>: call 0xce4f0 <_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEC4IS3_EEPKcRKS3_>
0xe8977 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+855>: xor %edx,%edx
0xe8979 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+857>: mov %r12,%rsi
0xe897c <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+860>: lea 0x570d1d(%rip),%rdi # 0x6596a0 <gArgs>
0xe8983 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+867>: call 0x41da40 <_ZNK11ArgsManager10GetBoolArgERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEb>
0xe8988 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+872>: mov 0x180(%rsp),%rdi
0xe8990 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+880>: lea 0x190(%rsp),%rbx
0xe8998 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+888>: mov %eax,%r13d
0xe899b <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+891>: cmp %rbx,%rdi
0xe899e <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+894>: je 0xe89b1 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+913>
0xe89a0 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+896>: mov 0x190(%rsp),%rax
0xe89a8 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+904>: lea 0x1(%rax),%rsi
0xe89ac <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+908>: call 0x24bc0 <_ZdlPvm@plt>
0xe89b1 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+913>: test %r13b,%r13b
0xe89b4 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+916>: jne 0xe8cd0 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+1712>
0xe89ba <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+922>: mov 0x2d8(%rbp),%esi
0xe89c0 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+928>: mov %r12,%rdi
0xe89c3 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+931>: mov 0x2c8(%rbp),%r13
0xe89ca <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+938>: mov 0x200(%rbp),%r15
0xe89d1 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+945>: call 0xd1640 <_Z22ConnectionTypeAsStringB5cxx1114ConnectionType>
0xe89d6 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+950>: mov (%r14),%rdx
0xe89d9 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+953>: mov 0x8(%r14),%rax
0xe89dd <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+957>: mov 0x180(%rsp),%rdi
0xe89e5 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+965>: sub %rdx,%rax
0xe89e8 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+968>: nopThis shows (a part of) the instructions for the net:outbound_message tracepoint's arguments.
The NOP can also be displayed with objdump by setting the --start-address to 0xe89e8 and the --end-address to 0xe89e9
$ objdump --start-address 0xe89e8 --stop-address 0xe89e9 -d src/bitcoind
src/bitcoind: file format elf64-x86-64
Disassembly of section .text:
00000000000e89e8 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+0x3c8>:
e89e8: 90 nopThe instructions before the NOP can be displayed with:
$ objdump --start-address 0xe8924 --stop-address 0xe89e9 -d src/bitcoind
src/bitcoind: file format elf64-x86-64
Disassembly of section .text:
00000000000e8924 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+0x304>:
e8924: 48 39 c7 cmp %rax,%rdi
e8927: 74 11 je e893a <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+0x31a>
e8929: 48 8b 84 24 b0 00 00 mov 0xb0(%rsp),%rax
e8930: 00
e8931: 48 8d 70 01 lea 0x1(%rax),%rsi
e8935: e8 86 c2 f3 ff callq 24bc0 <_ZdlPvm@plt>
e893a: 48 8b bc 24 c0 00 00 mov 0xc0(%rsp),%rdi
e8941: 00
e8942: 48 8d 84 24 d0 00 00 lea 0xd0(%rsp),%rax
e8949: 00
e894a: 48 39 c7 cmp %rax,%rdi
e894d: 74 11 je e8960 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+0x340>
e894f: 48 8b 84 24 d0 00 00 mov 0xd0(%rsp),%rax
e8956: 00
e8957: 48 8d 70 01 lea 0x1(%rax),%rsi
e895b: e8 60 c2 f3 ff callq 24bc0 <_ZdlPvm@plt>
e8960: 4c 8d a4 24 80 01 00 lea 0x180(%rsp),%r12
e8967: 00
e8968: 48 8d 35 0d 57 41 00 lea 0x41570d(%rip),%rsi # 4fe07c <_ZTSN4init12_GLOBAL__N_112BitcoindInitE+0x64fc>
e896f: 4c 89 e7 mov %r12,%rdi
e8972: e8 79 5b fe ff callq ce4f0 <_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEC2IS3_EEPKcRKS3_.constprop.0>
e8977: 31 d2 xor %edx,%edx
e8979: 4c 89 e6 mov %r12,%rsi
e897c: 48 8d 3d 1d 0d 57 00 lea 0x570d1d(%rip),%rdi # 6596a0 <gArgs>
e8983: e8 b8 50 33 00 callq 41da40 <_ZNK11ArgsManager10GetBoolArgERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEb>
e8988: 48 8b bc 24 80 01 00 mov 0x180(%rsp),%rdi
e898f: 00
e8990: 48 8d 9c 24 90 01 00 lea 0x190(%rsp),%rbx
e8997: 00
e8998: 41 89 c5 mov %eax,%r13d
e899b: 48 39 df cmp %rbx,%rdi
e899e: 74 11 je e89b1 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+0x391>
e89a0: 48 8b 84 24 90 01 00 mov 0x190(%rsp),%rax
e89a7: 00
e89a8: 48 8d 70 01 lea 0x1(%rax),%rsi
e89ac: e8 0f c2 f3 ff callq 24bc0 <_ZdlPvm@plt>
e89b1: 45 84 ed test %r13b,%r13b
e89b4: 0f 85 16 03 00 00 jne e8cd0 <_ZN8CConnman11PushMessageEP5CNodeO17CSerializedNetMsg+0x6b0>
e89ba: 8b b5 d8 02 00 00 mov 0x2d8(%rbp),%esi
e89c0: 4c 89 e7 mov %r12,%rdi
e89c3: 4c 8b ad c8 02 00 00 mov 0x2c8(%rbp),%r13
e89ca: 4c 8b bd 00 02 00 00 mov 0x200(%rbp),%r15
e89d1: e8 6a 8c fe ff callq d1640 <_Z22ConnectionTypeAsStringB5cxx1114ConnectionType>
e89d6: 49 8b 16 mov (%r14),%rdx
e89d9: 49 8b 46 08 mov 0x8(%r14),%rax
e89dd: 48 8b bc 24 80 01 00 mov 0x180(%rsp),%rdi
e89e4: 00
e89e5: 48 29 d0 sub %rdx,%rax
e89e8: 90 nop