Branch Tracer for Linux

What is btrax? | The features of btrax | Screen shots | Link

The development of this program is partly supported by IPA (Information-Technology Promotion Agency, Japan).

What is btrax?

btrax(Branch Tracer for Linux) is a branch instruction tracer using the branch record mechanism that is the debugging function of Pentium4 and Xeon CPU. It can trace branch instruction of kernel, driver, application and library without making a change to the kernel source code. Traced log information is analyzed, and branch coverage information and the execution path can be displayed.

btrax programs

btrax consists of the following two parts.

Tracer of the branch instructions.
Analyzer of the traced log.

As for the branch instruction tracing part, the development result of another project shown as follows is included excluding the driver of the branch tracer. To facilitate the installation of btrax, these drivers are bundling it to the btrax package. The future, there is a possibility not to be bundled.

djprobe --- Driver to set hook point without changing the kernel source.
ctr --- Driver to set hook point to entrance/exit of system calls.
relayfs --- Driver to transmit a large amount of data from kernel space to user space.

Branch coverage information and the execution path can be displayed by the log analysis part. It is composed by the following programs.

bt_split --- Trace log splitter.
bt_coverage --- Branch coverage analyzer.
bt_execpath --- Execution path analyzer.

Compile/Execution environment

Because btrax uses the debugging function of Pentium4 and Xeon CPU, the machine equipped with these processors is necessary.
The following are necessary to compile, and to execute btrax.

Kernel header files necessary for the driver's compilation (kernel-devel package).
Uncompressed vmlinux (kernel-debuginfo package).
binutils

Moreover, it is necessary to support the following by the kernel.

procfs
kallsyms
apic

btrax can work on the following environment.

RedHat Enterprise Linux App Server 4 Update 1 (2.6.9-11.ELsmp)

The features of btrax

Getting trace log

btrax supports the application, library, kernel, and driver's trace. In the trace of the application and the kernel, the following points are different.

application --- Start the application and get pid, and execute the trace command with this pid.
kernel --- The trace log capacity is limited to the size of the buffer. It traces it from or to an arbitrary symbol/address only by the capacity of the buffer.

Starting or terminating of the kernel trace uses the hook that is inserted by djprobe, and djprobe has the limitation in the hook insert point. Please refer to djprobe's home page for details.

Analyzing trace log

The range of the address to be analyzed can be specified. The following information can be analyzed and referred to.

branch coverage
execution path

As the branch coverage information, the function coverage and branch execution coverage can be analyzed.
Moreover, it has an simple repetition check function, and it is possible to display it omitting repeating in the execution path analysis function.

Screen shots

Example of tracing application(dav) execution.

Example of tracing since function ext3_unlink execution.

Link

Projects
- Japan OSS Promotion Forum : http://www.ipa.go.jp/software/open/forum
- kstrax(English Page) : http://sourceforge.net/projects/kstrax/
- kstrax(Japanese Page) : http://sourceforge.jp/projects/kstrax/
- dav(English Page) : http://sourceforge.net/projects/davtools/
- dav(Japanese Page) : http://sourceforge.jp/projects/dav/
- LKST(English Page ) : http://sourceforge.net/projects/lkst/
- LKST(Japanese Page) : http://sourceforge.jp/projects/lkst/
- DLE(English Page) : http://sourceforge.net/projects/dle/
- DLE(Japanese Page) : http://sourceforge.jp/projects/dle/

Manual
- Btrax 1.0.6 Manual(Japanese)http://btrax.sourceforge.net/manual/1.0.6/howto_ja.html

Others
- Hitachi,Ltd.：http://www.hitachi.co.jp

This website is hosted by