Skip to content

Systrack v0.3
Compare
Choose a tag to compare
@mebeim mebeim released this 12 Jul 07:15
· 64 commits to master since this release
v0.3
99a86e6
This commit was signed with the committer’s verified signature.
mebeim Marco Bonelli
GPG key ID: C04CE01493A1AD82
Learn about vigilant mode.

New arch support: PowerPC 64-bit, all ABIs, tested on v5.0+ kernels.

Improvements:

  • Add ABI bits (integer) and compat (boolean) fields to JSON output.
  • Support ELF symbols with weird names (special chars in the name).
  • Support function descriptors for syscall table entries (useful for PowerPC64 and Itanium 64).
  • Support weird arch-specific SYSCALL_DEFINEn macros.
  • Building kernels now generates relative paths in DWARF debug symbols through -fdebug-prefix-map.
  • Improve stdout output and add a table header.
  • Use null instead of ??/? for unknown file/line info in JSON output.
  • x86: improve dummy syscall implementation detection (handling endbr64/32 instructions).
  • ARM OABI: output syscall number location for the calling convention (swi <NR>).

Bug fixes:

  • Correctly report socketcall depending on CONFIG_NET=y.
  • Correctly strip more syscall symbol prefixes for more accurate syscall names.
  • Fix bad symbol prefix detection in some weird edge cases, leading to wrong syscall names.
  • x86: fix wrong register names for x86-64 compat 32-bit ABI (IA-32).

Internal changes:

  • Reorganize arch-specific code.
  • Handle SIGINT for more graceful termination.
  • Auto-remap definition locations relative to KDIR for ease of use.
Assets 2
Loading