[lttng-dev] Branch coverage
Kai
kaiutz at yahoo.de
Wed Jun 21 20:41:20 UTC 2017
Hello together,
I already using lttng for function coverage. Now I want to trace branch
coverage as well. Is it possible to trace jump labels like jle and jne
and so on?
Could you give me a hint how to solve this? In the attached file there
is the disassembly of the function 40195c <thread_start_read_fast>. How
can I trace the jump label e.g:
4019b1: jbe 4019by <thread_start_read_fast+0x60>
At the moment iam using the liblttng-ust-cyg-profile.so for the
function_entry and function_exit.
Thanks for your help.
Best Regards
Kai
-------------- next part --------------
000000000040195c <thread_start_read_fast>:
40195c: 55 push %rbp
40195d: 48 89 e5 mov %rsp,%rbp
401960: 48 83 ec 40 sub $0x40,%rsp
401964: 64 48 8b 04 25 28 00 mov %fs:0x28,%rax
40196b: 00 00
40196d: 48 89 45 f8 mov %rax,-0x8(%rbp)
401971: 31 c0 xor %eax,%eax
401973: 48 8b 45 08 mov 0x8(%rbp),%rax
401977: 48 89 c6 mov %rax,%rsi
40197a: bf 5c 19 40 00 mov $0x40195c,%edi
40197f: e8 8c f0 ff ff callq 400a10 <__cyg_profile_func_enter at plt>
401984: c7 45 cc 00 00 00 00 movl $0x0,-0x34(%rbp)
40198b: e9 64 01 00 00 jmpq 401af4 <thread_start_read_fast+0x198>
401990: e8 ab f0 ff ff callq 400a40 <rand at plt>
401995: 66 0f ef c0 pxor %xmm0,%xmm0
401999: f2 0f 2a c0 cvtsi2sd %eax,%xmm0
40199d: f2 0f 10 0d 53 05 00 movsd 0x553(%rip),%xmm1 # 401ef8 <_IO_stdin_used+0x128>
4019a4: 00
4019a5: f2 0f 5e c1 divsd %xmm1,%xmm0
4019a9: 66 0f 2e 05 5f 05 00 ucomisd 0x55f(%rip),%xmm0 # 401f10 <_IO_stdin_used+0x140>
4019b0: 00
4019b1: 76 09 jbe 4019bc <thread_start_read_fast+0x60>
4019b3: c7 45 c8 00 00 00 00 movl $0x0,-0x38(%rbp)
4019ba: eb 07 jmp 4019c3 <thread_start_read_fast+0x67>
4019bc: c7 45 c8 01 00 00 00 movl $0x1,-0x38(%rbp)
4019c3: 8b 45 c8 mov -0x38(%rbp),%eax
4019c6: 48 63 d0 movslq %eax,%rdx
4019c9: 48 89 d0 mov %rdx,%rax
4019cc: 48 c1 e0 02 shl $0x2,%rax
4019d0: 48 01 d0 add %rdx,%rax
4019d3: 48 c1 e0 03 shl $0x3,%rax
4019d7: 48 05 40 31 60 00 add $0x603140,%rax
4019dd: 48 89 45 d0 mov %rax,-0x30(%rbp)
4019e1: f2 0f 10 05 4f 05 00 movsd 0x54f(%rip),%xmm0 # 401f38 <_IO_stdin_used+0x168>
4019e8: 00
4019e9: f2 0f 11 45 d8 movsd %xmm0,-0x28(%rbp)
4019ee: bf 60 32 60 00 mov $0x603260,%edi
4019f3: e8 38 f0 ff ff callq 400a30 <pthread_mutex_lock at plt>
4019f8: 8b 05 92 18 20 00 mov 0x201892(%rip),%eax # 603290 <data_finished>
4019fe: 85 c0 test %eax,%eax
401a00: 74 19 je 401a1b <thread_start_read_fast+0xbf>
401a02: 8b 05 8c 18 20 00 mov 0x20188c(%rip),%eax # 603294 <data_finished+0x4>
401a08: 85 c0 test %eax,%eax
401a0a: 74 0f je 401a1b <thread_start_read_fast+0xbf>
401a0c: bf 60 32 60 00 mov $0x603260,%edi
401a11: e8 aa ef ff ff callq 4009c0 <pthread_mutex_unlock at plt>
401a16: e9 e6 00 00 00 jmpq 401b01 <thread_start_read_fast+0x1a5>
401a1b: 8b 45 c8 mov -0x38(%rbp),%eax
401a1e: 48 98 cltq
401a20: 8b 04 85 90 32 60 00 mov 0x603290(,%rax,4),%eax
401a27: 85 c0 test %eax,%eax
401a29: 74 0f je 401a3a <thread_start_read_fast+0xde>
401a2b: bf 60 32 60 00 mov $0x603260,%edi
401a30: e8 8b ef ff ff callq 4009c0 <pthread_mutex_unlock at plt>
401a35: e9 b6 00 00 00 jmpq 401af0 <thread_start_read_fast+0x194>
401a3a: bf 60 32 60 00 mov $0x603260,%edi
401a3f: e8 7c ef ff ff callq 4009c0 <pthread_mutex_unlock at plt>
401a44: f2 0f 10 45 d8 movsd -0x28(%rbp),%xmm0
401a49: f2 0f 2c c0 cvttsd2si %xmm0,%eax
401a4d: 48 98 cltq
401a4f: 48 89 45 e0 mov %rax,-0x20(%rbp)
401a53: f2 0f 10 45 d8 movsd -0x28(%rbp),%xmm0
401a58: f2 0f 2c c0 cvttsd2si %xmm0,%eax
401a5c: 66 0f ef c0 pxor %xmm0,%xmm0
401a60: f2 0f 2a c0 cvtsi2sd %eax,%xmm0
401a64: f2 0f 10 4d d8 movsd -0x28(%rbp),%xmm1
401a69: f2 0f 5c c8 subsd %xmm0,%xmm1
401a6d: 66 0f 28 c1 movapd %xmm1,%xmm0
401a71: f2 0f 10 0d 87 04 00 movsd 0x487(%rip),%xmm1 # 401f00 <_IO_stdin_used+0x130>
401a78: 00
401a79: f2 0f 59 c1 mulsd %xmm1,%xmm0
401a7d: f2 48 0f 2c c0 cvttsd2si %xmm0,%rax
401a82: 48 89 45 e8 mov %rax,-0x18(%rbp)
401a86: 48 8d 45 e0 lea -0x20(%rbp),%rax
401a8a: be 00 00 00 00 mov $0x0,%esi
401a8f: 48 89 c7 mov %rax,%rdi
401a92: e8 c9 ee ff ff callq 400960 <nanosleep at plt>
401a97: 48 8b 45 d0 mov -0x30(%rbp),%rax
401a9b: 48 89 c7 mov %rax,%rdi
401a9e: e8 8d ef ff ff callq 400a30 <pthread_mutex_lock at plt>
401aa3: e8 eb fa ff ff callq 401593 <cs_fast_lock_access>
401aa8: 48 8b 45 d0 mov -0x30(%rbp),%rax
401aac: 48 89 c7 mov %rax,%rdi
401aaf: e8 0c ef ff ff callq 4009c0 <pthread_mutex_unlock at plt>
401ab4: 8b 4d cc mov -0x34(%rbp),%ecx
401ab7: ba 1f 85 eb 51 mov $0x51eb851f,%edx
401abc: 89 c8 mov %ecx,%eax
401abe: f7 ea imul %edx
401ac0: c1 fa 05 sar $0x5,%edx
401ac3: 89 c8 mov %ecx,%eax
401ac5: c1 f8 1f sar $0x1f,%eax
401ac8: 29 c2 sub %eax,%edx
401aca: 89 d0 mov %edx,%eax
401acc: 6b c0 64 imul $0x64,%eax,%eax
401acf: 29 c1 sub %eax,%ecx
401ad1: 89 c8 mov %ecx,%eax
401ad3: 85 c0 test %eax,%eax
401ad5: 75 19 jne 401af0 <thread_start_read_fast+0x194>
401ad7: 8b 45 cc mov -0x34(%rbp),%eax
401ada: ba 10 27 00 00 mov $0x2710,%edx
401adf: 89 c6 mov %eax,%esi
401ae1: bf 51 1e 40 00 mov $0x401e51,%edi
401ae6: b8 00 00 00 00 mov $0x0,%eax
401aeb: e8 60 ee ff ff callq 400950 <printf at plt>
401af0: 83 45 cc 01 addl $0x1,-0x34(%rbp)
401af4: 81 7d cc 0f 27 00 00 cmpl $0x270f,-0x34(%rbp)
401afb: 0f 8e 8f fe ff ff jle 401990 <thread_start_read_fast+0x34>
401b01: bf 0c 1e 40 00 mov $0x401e0c,%edi
401b06: e8 25 ee ff ff callq 400930 <puts at plt>
401b0b: bf 00 00 00 00 mov $0x0,%edi
401b10: e8 bb ee ff ff callq 4009d0 <pthread_exit at plt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: thread_start_read_fast.c
Type: text/x-csrc
Size: 990 bytes
Desc: not available
URL: <https://lists.lttng.org/pipermail/lttng-dev/attachments/20170621/fc4823f1/attachment-0001.c>
More information about the lttng-dev
mailing list