KEDR is a framework to facilitate dynamic analysis of kernel modules in Linux ("KEDR" is an acronym for "KErnel-mode Drivers in Runtime"). KEDR allows you to intercept the calls that a kernel module makes to the functions exported by other modules and by the kernel proper. The tools provided by the framework can record the arguments and return values of these functions to a trace, perform fault simulation according to user-defined scenarios, and check the kernel modules for memory leaks and some other kinds of problems. Custom data collection and analysis tools for the Linux kernel can also be built on top of KEDR framework.
|Tags||Linux Kernel Debugging Memory Issues Tracing kernel module driver runtime fault injection call interception fault simulation|
|Implementation||C C++ cmake shell script|
When the rumors started that BerliOS Developer could close in 2012, I created a project for KEDR at GoogleCode. Here it is: http://code.google.com/p/kedr/ Fortunately, BerliOS Developer seems to have received support these days and the project hosting will continue working. I plan to maintain both project sites for KEDR. The project site at GoogleCode is going to be the main one. The site at BerliOS Developer will continue hosting the source code repository for KEDR as well as up-to-date downloads and online documentation (except Wiki, may be). As far as the bug tracker and the mailing lists are concerned, please use the project site at GoogleCode. To avoid duplication, I would like to disable the corresponding facilities at the project site at BerliOS Developer. For bug reports and feature requests, please use the following tracker: http://code.google.com/p/kedr/issues/ Mailing list (Google Group) for the discussion of KEDR, announcements, help and support requests, etc.: http://groups.google.com/group/kedr-discuss Anyone can read the messages in this group. If you would like to post your messages there, you need to join it first, it should be easy.
Release Notes: KEDR now works with kernel versions 3.10-3.15 (as of -rc4). It is now possible to make LeakCheck show the current set of allocated but not freed blocks at any time, and discard the collected data (if requested). LeakCheck now also shows information about the processes which allocated the leaked memory blocks. The call stack is now output for each simulated failure to simplify the analysis. Many fixes were made to the LeakCheck and Fault Simulation subsystem.
Release Notes: The most significant enhancement in this version is support for Linux kernel versions 3.7 and 3.8. Several bugs were fixed.
Release Notes: This release works on kernel versions 3.3-3.6 too. LeakCheck has been redesigned: the analysis engine has been separated from data collection. The API it provides allows you to use the memory leak detector in more cases than before. Handling of the information about signatures of the processed functions has been revisited. 12 more functions that allocate or deallocate memory are now processed, as are the functions kfree_rcu() expands to. Many fixes have been made in LeakCheck, fault simulation, and other subsystems.
Release Notes: Handling of intercepted function calls has been revisited to allow doing several kinds of analysis at the same time. The components responsible for fault simulation are now decoupled from call monitoring facilities. Several enhancements and fixes have been applied to the trace capturing utility. The stack trace-related API has been revisited and simplified. Handling of allocations and frees in the memory leak detector is now deferred via a work queue. This allows you to significantly reduce the time spent with locks held.
Release Notes: The build system was enhanced. It now allows building KEDR for a kernel different from the one running on the build machine. It is also possible to build KEDR for a different system (e.g. for Chromium OS, x86-generic).