superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/include
History
Breno Leitao f30186b0c7
coredump: add tracepoint for coredump events 
Coredump is a generally useful and interesting event in the lifetime
of a process. Add a tracepoint so it can be monitored through the
standard kernel tracing infrastructure.

BPF-based crash monitoring is an advanced approach that
allows real-time crash interception: by attaching a BPF program at
this point, tools can use bpf_get_stack() with BPF_F_USER_STACK to
capture the user-space stack trace at the exact moment of the crash,
before the process is fully terminated, without waiting for a
coredump file to be written and parsed.

However, there is currently no stable kernel API for this use case.
Existing tools rely on attaching fentry probes to do_coredump(),
which is an internal function whose signature changes across kernel
versions, breaking these tools.

Add a stable tracepoint that fires at the beginning of
do_coredump(), providing BPF programs a reliable attachment point.
At tracepoint time, the crashing process context is still live, so
BPF programs can call bpf_get_stack() with BPF_F_USER_STACK to
extract the user-space backtrace.

The tracepoint records:
  - sig: signal number that triggered the coredump
  - comm: process name

Example output:

  $ echo 1 > /sys/kernel/tracing/events/coredump/coredump/enable
  $ sleep 999 &
  $ kill -SEGV $!
  $ cat /sys/kernel/tracing/trace
  #           TASK-PID     CPU#  |||||  TIMESTAMP  FUNCTION
  #              | |         |   |||||     |         |
             sleep-634     [036] .....   145.222206: coredump: sig=11 comm=sleep

Suggested-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Breno Leitao <leitao@debian.org>
Link: https://patch.msgid.link/20260323-coredump_tracepoint-v2-1-afced083b38d@debian.org
Signed-off-by: Christian Brauner <brauner@kernel.org>
 		2026-03-23 13:15:52 +01:00
..
acpi mailbox: platform and core updates 2026-02-14 11:13:32 -08:00
asm-generic mm.git review status for linus..mm-nonmm-stable 2026-02-12 12:13:01 -08:00
clocksource
crypto Networking changes for 7.0 2026-02-11 19:31:52 -08:00
cxl
drm
dt-bindings Not much changed in the clk framework this time except the clk.h consumer API 2026-02-15 08:18:57 -08:00
hyperv KVM SVM changes for 6.20 2026-02-09 18:51:37 +01:00
keys
kunit
kvm
linux fs: remove do_sys_truncate 2026-03-23 12:41:58 +01:00
math-emu
media [GIT PULL for v7.0] media updates 2026-02-11 12:20:25 -08:00
memory
misc
net RDMA v7.0 merge window 2026-02-12 17:05:20 -08:00
pcmcia
ras
rdma RDMA v7.0 merge window 2026-02-12 17:05:20 -08:00
rv
scsi SCSI misc on 20260212 2026-02-12 15:43:02 -08:00
soc
sound
target
trace coredump: add tracepoint for coredump events 2026-03-23 13:15:52 +01:00
uapi vfs-7.0-rc1.misc.2 2026-02-16 13:00:36 -08:00
ufs
vdso
video
xen
Kbuild