|
Packit |
b1f7ae |
Getting Started {#start}
|
|
Packit |
b1f7ae |
========================
|
|
Packit |
b1f7ae |
|
|
Packit |
b1f7ae |
|
|
Packit |
b1f7ae |
! Copyright (c) 2013-2017, Intel Corporation
|
|
Packit |
b1f7ae |
!
|
|
Packit |
b1f7ae |
! Redistribution and use in source and binary forms, with or without
|
|
Packit |
b1f7ae |
! modification, are permitted provided that the following conditions are met:
|
|
Packit |
b1f7ae |
!
|
|
Packit |
b1f7ae |
! * Redistributions of source code must retain the above copyright notice,
|
|
Packit |
b1f7ae |
! this list of conditions and the following disclaimer.
|
|
Packit |
b1f7ae |
! * Redistributions in binary form must reproduce the above copyright notice,
|
|
Packit |
b1f7ae |
! this list of conditions and the following disclaimer in the documentation
|
|
Packit |
b1f7ae |
! and/or other materials provided with the distribution.
|
|
Packit |
b1f7ae |
! * Neither the name of Intel Corporation nor the names of its contributors
|
|
Packit |
b1f7ae |
! may be used to endorse or promote products derived from this software
|
|
Packit |
b1f7ae |
! without specific prior written permission.
|
|
Packit |
b1f7ae |
!
|
|
Packit |
b1f7ae |
! THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
|
|
Packit |
b1f7ae |
! AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
Packit |
b1f7ae |
! IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
Packit |
b1f7ae |
! ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
|
|
Packit |
b1f7ae |
! LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
|
Packit |
b1f7ae |
! CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
Packit |
b1f7ae |
! SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
Packit |
b1f7ae |
! INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
Packit |
b1f7ae |
! CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
Packit |
b1f7ae |
! ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
Packit |
b1f7ae |
! POSSIBILITY OF SUCH DAMAGE.
|
|
Packit |
b1f7ae |
!-->
|
|
Packit |
b1f7ae |
|
|
Packit |
b1f7ae |
This chapter gives a brief introduction into the sample tools using one of the
|
|
Packit |
b1f7ae |
tests as example. It assumes that you are already familiar with Intel(R)
|
|
Packit |
b1f7ae |
Processor Trace (Intel PT) and that you already built the decoder library and
|
|
Packit |
b1f7ae |
the sample tools. For detailed information about Intel PT, please refer to
|
|
Packit |
b1f7ae |
chapter 11 of the Intel Architecture Instruction Set Extensions Programming
|
|
Packit |
b1f7ae |
Reference at http://www.intel.com/products/processor/manuals/.
|
|
Packit |
b1f7ae |
|
|
Packit |
b1f7ae |
Start by compiling the loop-tnt test. It consists of a small assembly program
|
|
Packit |
b1f7ae |
with interleaved Intel PT directives:
|
|
Packit |
b1f7ae |
|
|
Packit |
b1f7ae |
$ pttc test/src/loop-tnt.ptt
|
|
Packit |
b1f7ae |
loop-tnt-ptxed.exp
|
|
Packit |
b1f7ae |
loop-tnt-ptdump.exp
|
|
Packit |
b1f7ae |
|
|
Packit |
b1f7ae |
This produces the following output files:
|
|
Packit |
b1f7ae |
|
|
Packit |
b1f7ae |
loop-tnt.lst a yasm assembly listing file
|
|
Packit |
b1f7ae |
loop-tnt.bin a raw binary file
|
|
Packit |
b1f7ae |
loop-tnt.pt a Intel PT file
|
|
Packit |
b1f7ae |
loop-tnt-ptxed.exp the expected ptxed output
|
|
Packit |
b1f7ae |
loop-tnt-ptdump.exp the expected ptdump output
|
|
Packit |
b1f7ae |
|
|
Packit |
b1f7ae |
The latter two files are generated based on the `@pt .exp(<tool>)` directives
|
|
Packit |
b1f7ae |
found in the `.ptt` file. They are used for automated testing. See
|
|
Packit |
b1f7ae |
script/test.bash for details on that.
|
|
Packit |
b1f7ae |
|
|
Packit |
b1f7ae |
|
|
Packit |
b1f7ae |
Use `ptdump` to dump the Intel PT packets:
|
|
Packit |
b1f7ae |
|
|
Packit |
b1f7ae |
$ ptdump loop-tnt.pt
|
|
Packit |
b1f7ae |
0000000000000000 psb
|
|
Packit |
b1f7ae |
0000000000000010 fup 3: 0x0000000000100000, ip=0x0000000000100000
|
|
Packit |
b1f7ae |
0000000000000017 mode.exec cs.d=0, cs.l=1 (64-bit mode)
|
|
Packit |
b1f7ae |
0000000000000019 psbend
|
|
Packit |
b1f7ae |
000000000000001b tnt8 !!.
|
|
Packit |
b1f7ae |
000000000000001c tip.pgd 3: 0x0000000000100013, ip=0x0000000000100013
|
|
Packit |
b1f7ae |
|
|
Packit |
b1f7ae |
The ptdump tool takes an Intel PT file as input and dumps the packets in
|
|
Packit |
b1f7ae |
human-readable form. The number on the very left is the offset into the Intel
|
|
Packit |
b1f7ae |
PT packet stream in hex. This is followed by the packet opcode and payload.
|
|
Packit |
b1f7ae |
|
|
Packit |
b1f7ae |
|
|
Packit |
b1f7ae |
Use `ptxed` for reconstructing the execution flow. For this, you need the Intel
|
|
Packit |
b1f7ae |
PT file as well as the corresponding binary image. You need to specify the load
|
|
Packit |
b1f7ae |
address given by the org directive in the .ptt file when using a raw binary
|
|
Packit |
b1f7ae |
file.
|
|
Packit |
b1f7ae |
|
|
Packit |
b1f7ae |
$ ptxed --pt loop-tnt.pt --raw loop-tnt.bin:0x100000
|
|
Packit |
b1f7ae |
0x0000000000100000 mov rax, 0x0
|
|
Packit |
b1f7ae |
0x0000000000100007 jmp 0x10000d
|
|
Packit |
b1f7ae |
0x000000000010000d cmp rax, 0x1
|
|
Packit |
b1f7ae |
0x0000000000100011 jle 0x100009
|
|
Packit |
b1f7ae |
0x0000000000100009 add rax, 0x1
|
|
Packit |
b1f7ae |
0x000000000010000d cmp rax, 0x1
|
|
Packit |
b1f7ae |
0x0000000000100011 jle 0x100009
|
|
Packit |
b1f7ae |
0x0000000000100009 add rax, 0x1
|
|
Packit |
b1f7ae |
0x000000000010000d cmp rax, 0x1
|
|
Packit |
b1f7ae |
0x0000000000100011 jle 0x100009
|
|
Packit |
b1f7ae |
[disabled]
|
|
Packit |
b1f7ae |
|
|
Packit |
b1f7ae |
Ptxed prints disassembled instructions in execution order as well as status
|
|
Packit |
b1f7ae |
messages enclosed in brackets.
|