diff options
Diffstat (limited to 'Documentation/trace/kprobetrace.txt')
-rw-r--r-- | Documentation/trace/kprobetrace.txt | 57 |
1 files changed, 32 insertions, 25 deletions
diff --git a/Documentation/trace/kprobetrace.txt b/Documentation/trace/kprobetrace.txt index 47aabeebbdf6..a9100b28eb84 100644 --- a/Documentation/trace/kprobetrace.txt +++ b/Documentation/trace/kprobetrace.txt | |||
@@ -24,6 +24,7 @@ Synopsis of kprobe_events | |||
24 | ------------------------- | 24 | ------------------------- |
25 | p[:[GRP/]EVENT] SYMBOL[+offs]|MEMADDR [FETCHARGS] : Set a probe | 25 | p[:[GRP/]EVENT] SYMBOL[+offs]|MEMADDR [FETCHARGS] : Set a probe |
26 | r[:[GRP/]EVENT] SYMBOL[+0] [FETCHARGS] : Set a return probe | 26 | r[:[GRP/]EVENT] SYMBOL[+0] [FETCHARGS] : Set a return probe |
27 | -:[GRP/]EVENT : Clear a probe | ||
27 | 28 | ||
28 | GRP : Group name. If omitted, use "kprobes" for it. | 29 | GRP : Group name. If omitted, use "kprobes" for it. |
29 | EVENT : Event name. If omitted, the event name is generated | 30 | EVENT : Event name. If omitted, the event name is generated |
@@ -37,15 +38,12 @@ Synopsis of kprobe_events | |||
37 | @SYM[+|-offs] : Fetch memory at SYM +|- offs (SYM should be a data symbol) | 38 | @SYM[+|-offs] : Fetch memory at SYM +|- offs (SYM should be a data symbol) |
38 | $stackN : Fetch Nth entry of stack (N >= 0) | 39 | $stackN : Fetch Nth entry of stack (N >= 0) |
39 | $stack : Fetch stack address. | 40 | $stack : Fetch stack address. |
40 | $argN : Fetch function argument. (N >= 0)(*) | 41 | $retval : Fetch return value.(*) |
41 | $retval : Fetch return value.(**) | 42 | +|-offs(FETCHARG) : Fetch memory at FETCHARG +|- offs address.(**) |
42 | +|-offs(FETCHARG) : Fetch memory at FETCHARG +|- offs address.(***) | ||
43 | NAME=FETCHARG: Set NAME as the argument name of FETCHARG. | 43 | NAME=FETCHARG: Set NAME as the argument name of FETCHARG. |
44 | 44 | ||
45 | (*) aN may not correct on asmlinkaged functions and at the middle of | 45 | (*) only for return probe. |
46 | function body. | 46 | (**) this is useful for fetching a field of data structures. |
47 | (**) only for return probe. | ||
48 | (***) this is useful for fetching a field of data structures. | ||
49 | 47 | ||
50 | 48 | ||
51 | Per-Probe Event Filtering | 49 | Per-Probe Event Filtering |
@@ -82,13 +80,16 @@ Usage examples | |||
82 | To add a probe as a new event, write a new definition to kprobe_events | 80 | To add a probe as a new event, write a new definition to kprobe_events |
83 | as below. | 81 | as below. |
84 | 82 | ||
85 | echo p:myprobe do_sys_open dfd=$arg0 filename=$arg1 flags=$arg2 mode=$arg3 > /sys/kernel/debug/tracing/kprobe_events | 83 | echo 'p:myprobe do_sys_open dfd=%ax filename=%dx flags=%cx mode=+4($stack)' > /sys/kernel/debug/tracing/kprobe_events |
86 | 84 | ||
87 | This sets a kprobe on the top of do_sys_open() function with recording | 85 | This sets a kprobe on the top of do_sys_open() function with recording |
88 | 1st to 4th arguments as "myprobe" event. As this example shows, users can | 86 | 1st to 4th arguments as "myprobe" event. Note, which register/stack entry is |
89 | choose more familiar names for each arguments. | 87 | assigned to each function argument depends on arch-specific ABI. If you unsure |
88 | the ABI, please try to use probe subcommand of perf-tools (you can find it | ||
89 | under tools/perf/). | ||
90 | As this example shows, users can choose more familiar names for each arguments. | ||
90 | 91 | ||
91 | echo r:myretprobe do_sys_open $retval >> /sys/kernel/debug/tracing/kprobe_events | 92 | echo 'r:myretprobe do_sys_open $retval' >> /sys/kernel/debug/tracing/kprobe_events |
92 | 93 | ||
93 | This sets a kretprobe on the return point of do_sys_open() function with | 94 | This sets a kretprobe on the return point of do_sys_open() function with |
94 | recording return value as "myretprobe" event. | 95 | recording return value as "myretprobe" event. |
@@ -97,23 +98,24 @@ recording return value as "myretprobe" event. | |||
97 | 98 | ||
98 | cat /sys/kernel/debug/tracing/events/kprobes/myprobe/format | 99 | cat /sys/kernel/debug/tracing/events/kprobes/myprobe/format |
99 | name: myprobe | 100 | name: myprobe |
100 | ID: 75 | 101 | ID: 780 |
101 | format: | 102 | format: |
102 | field:unsigned short common_type; offset:0; size:2; | 103 | field:unsigned short common_type; offset:0; size:2; signed:0; |
103 | field:unsigned char common_flags; offset:2; size:1; | 104 | field:unsigned char common_flags; offset:2; size:1; signed:0; |
104 | field:unsigned char common_preempt_count; offset:3; size:1; | 105 | field:unsigned char common_preempt_count; offset:3; size:1;signed:0; |
105 | field:int common_pid; offset:4; size:4; | 106 | field:int common_pid; offset:4; size:4; signed:1; |
106 | field:int common_tgid; offset:8; size:4; | 107 | field:int common_lock_depth; offset:8; size:4; signed:1; |
107 | 108 | ||
108 | field: unsigned long ip; offset:16;tsize:8; | 109 | field:unsigned long __probe_ip; offset:12; size:4; signed:0; |
109 | field: int nargs; offset:24;tsize:4; | 110 | field:int __probe_nargs; offset:16; size:4; signed:1; |
110 | field: unsigned long dfd; offset:32;tsize:8; | 111 | field:unsigned long dfd; offset:20; size:4; signed:0; |
111 | field: unsigned long filename; offset:40;tsize:8; | 112 | field:unsigned long filename; offset:24; size:4; signed:0; |
112 | field: unsigned long flags; offset:48;tsize:8; | 113 | field:unsigned long flags; offset:28; size:4; signed:0; |
113 | field: unsigned long mode; offset:56;tsize:8; | 114 | field:unsigned long mode; offset:32; size:4; signed:0; |
114 | 115 | ||
115 | print fmt: "(%lx) dfd=%lx filename=%lx flags=%lx mode=%lx", REC->ip, REC->dfd, REC->filename, REC->flags, REC->mode | ||
116 | 116 | ||
117 | print fmt: "(%lx) dfd=%lx filename=%lx flags=%lx mode=%lx", REC->__probe_ip, | ||
118 | REC->dfd, REC->filename, REC->flags, REC->mode | ||
117 | 119 | ||
118 | You can see that the event has 4 arguments as in the expressions you specified. | 120 | You can see that the event has 4 arguments as in the expressions you specified. |
119 | 121 | ||
@@ -121,6 +123,12 @@ print fmt: "(%lx) dfd=%lx filename=%lx flags=%lx mode=%lx", REC->ip, REC->dfd, R | |||
121 | 123 | ||
122 | This clears all probe points. | 124 | This clears all probe points. |
123 | 125 | ||
126 | Or, | ||
127 | |||
128 | echo -:myprobe >> kprobe_events | ||
129 | |||
130 | This clears probe points selectively. | ||
131 | |||
124 | Right after definition, each event is disabled by default. For tracing these | 132 | Right after definition, each event is disabled by default. For tracing these |
125 | events, you need to enable it. | 133 | events, you need to enable it. |
126 | 134 | ||
@@ -146,4 +154,3 @@ events, you need to enable it. | |||
146 | returns from SYMBOL(e.g. "sys_open+0x1b/0x1d <- do_sys_open" means kernel | 154 | returns from SYMBOL(e.g. "sys_open+0x1b/0x1d <- do_sys_open" means kernel |
147 | returns from do_sys_open to sys_open+0x1b). | 155 | returns from do_sys_open to sys_open+0x1b). |
148 | 156 | ||
149 | |||