How Can I Count malloc in linux kernel with kprobe

2019-06-04 08:18发布

I want to count the malloc system call with Kprobe in fedora. I know that malloc is not a system call and is implemented in user space, but I want to count malloc with kprobe if its possible.

What is the name of system call that I must give to Kprobe? For example for do_work:

kp.addr = (kprobe_opcode_t *) kallsyms_lookup_name("do_fork");

标签： linux-kernel malloc system-calls fedora kprobe

1条回答

趁早两清

2楼-- · 2019-06-04 09:08

This is not possible with kprobes because, as you said, malloc is not a system call.

You can, however, use USDTs to trace userspace processes. The bcc tools contain an example with uobjnew. It traces object allocations in the given process:

$ ./uobjnew -h
usage: uobjnew.py [-h] [-l {java,ruby,c}] [-C TOP_COUNT] [-S TOP_SIZE] [-v]
                  pid [interval]

Summarize object allocations in high-level languages.

positional arguments:
  pid                   process id to attach to
  interval              print every specified number of seconds

optional arguments:
  -h, --help            show this help message and exit
  -l {java,ruby,c}, --language {java,ruby,c}
                        language to trace
  -C TOP_COUNT, --top-count TOP_COUNT
                        number of most frequently allocated types to print
  -S TOP_SIZE, --top-size TOP_SIZE
                        number of largest types by allocated bytes to print
  -v, --verbose         verbose mode: print the BPF program (for debugging
                        purposes)

examples:
    ./uobjnew -l java 145         # summarize Java allocations in process 145
    ./uobjnew -l c 2020 1         # grab malloc() sizes and print every second
    ./uobjnew -l ruby 6712 -C 10  # top 10 Ruby types by number of allocations
    ./uobjnew -l ruby 6712 -S 10 # top 10 Ruby types by total size

0人赞添加讨论(0) 举报

How Can I Count malloc in linux kernel with kprobe

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间