Created
March 10, 2017 10:59
-
-
Save ldorau/36d87640ff0659a483342d490b66f034 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# syscalls to be traced | |
SYSCALLS_KP="futex poll epoll_wait select mmap open close write read exit fork vfork clone execve" | |
SYSCALLS_TP="futex poll epoll_wait select mmap open close write read exit" | |
function print_with_spaces { | |
local MAX=$1 | |
local STR=$2 | |
local L=$(($MAX - $(echo $STR | wc -c))) | |
echo -n "$STR" | |
printf ' %.0s' $(seq -s' ' $L) | |
} | |
# time of tracing in seconds | |
TIME=$1 | |
if [ "$TIME" == "" ]; then | |
echo "Usage: $(basename $0) <tracing-time[sec]>" | |
echo | |
echo "Will trace following syscalls: $SYSCALLS" | |
exit 1 | |
fi | |
SUDO="sudo /bin/sh -c" | |
# turn tracing off | |
$SUDO "echo 0 > /sys/kernel/debug/tracing/tracing_on" | |
echo "Disabling all current probes ..." | |
$SUDO "echo 0 > /sys/kernel/debug/tracing/events/enable" | |
echo "Removing old probe points ..." | |
$SUDO "echo > /sys/kernel/debug/tracing/kprobe_events" | |
echo "Adding new probe points ..." | |
for probe in $SYSCALLS_KP; do | |
$SUDO "echo \"r:r_$probe sys_$probe $retval\" >> /sys/kernel/debug/tracing/kprobe_events" | |
$SUDO "echo \"p:p_$probe sys_$probe\" >> /sys/kernel/debug/tracing/kprobe_events" | |
done | |
echo "Enabling new probe points ..." | |
for probe in $SYSCALLS_KP; do | |
$SUDO "echo 1 > /sys/kernel/debug/tracing/events/kprobes/r_$probe/enable" | |
$SUDO "echo 1 > /sys/kernel/debug/tracing/events/kprobes/p_$probe/enable" | |
done | |
for syscall in $SYSCALLS_TP; do | |
$SUDO "echo 1 > /sys/kernel/debug/tracing/events/syscalls/sys_enter_$syscall/enable" | |
$SUDO "echo 1 > /sys/kernel/debug/tracing/events/syscalls/sys_exit_$syscall/enable" | |
done | |
echo "Clearing old trace log ..." | |
$SUDO "echo 0 > /sys/kernel/debug/tracing/tracing_on" | |
$SUDO "echo > /sys/kernel/debug/tracing/trace" | |
echo | |
echo -n "Tracing for $TIME seconds ... " | |
$SUDO "echo 1 > /sys/kernel/debug/tracing/tracing_on" | |
sleep $TIME | |
$SUDO "echo 0 > /sys/kernel/debug/tracing/tracing_on" | |
echo "done" | |
echo -n "Saving trace log ... " | |
TRACE=$(mktemp) | |
$SUDO "cat /sys/kernel/debug/tracing/trace > $TRACE" | |
echo "done" | |
echo | |
echo "KProbes results ($TIME sec):" | |
for probe in $SYSCALLS_KP; do | |
P=$(grep "p_${probe}" $TRACE | wc -l) | |
R=$(grep "r_${probe}" $TRACE | wc -l) | |
print_with_spaces 14 "$probe:" | |
print_with_spaces 12 "p $P" | |
print_with_spaces 12 "r $R" | |
[ $R -ge $P ] && echo "(OK)" && continue | |
echo "($((100*($P-$R)/$P))% did not return ($(($P-$R))))" | |
done | |
echo | |
echo "Tracepoints results ($TIME sec):" | |
for probe in $SYSCALLS_TP; do | |
P=$(grep "sys_${probe}(" $TRACE | wc -l) | |
R=$(grep "sys_${probe} ->" $TRACE | wc -l) | |
print_with_spaces 14 "$probe:" | |
print_with_spaces 12 "p $P" | |
print_with_spaces 12 "r $R" | |
[ $R -ge $P ] && echo "(OK)" && continue | |
echo "($((100*($P-$R)/$P))% did not return ($(($P-$R))))" | |
done | |
rm -f $TRACE |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment