This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: please help


Peter Teoh wrote:
> Alternatively, as Frank earlier said in another email:
> 
>  probe process("a.out").function("*") { log ($$parms) }

Another alternative to think about is using LTTNG
(<http://ltt.polymtl.ca/>).  LTTNG ("Linux Trace Toolkit Next
Generation") is more of a tracing tool than systemtap is and might be
better suited to what you are looking for.

LTTNG and systemtap use some of the same kernel features under the hood
to do their work.

> On Tue, Oct 14, 2008 at 11:14 AM, Peter Teoh <htmldeveloper@gmail.com> wrote:
>> first to use systemtap, u need to roughly know which kernel APIs u
>> want to trace.   to do that, u can use "strace" to trace the userspace
>> execution of the program, and from the system call output, (usually
>> :-)) add the sys_xxx to derive the kernel API version, eg, for
>> execve() it is sys_execve():
>>
>> The following is your program:
>>
>> /root>strace ./a.out
>> execve("./a.out", ["./a.out"], [/* 28 vars */]) = 0
>> brk(0)                                  = 0x804a000
>> access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
>> mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
>> 0) = 0xb7ef5000
>> access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
>> open("/etc/ld.so.cache", O_RDONLY)      = 3
>> fstat64(3, {st_mode=S_IFREG|0644, st_size=54870, ...}) = 0
>> mmap2(NULL, 54870, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7ee7000
>> close(3)                                = 0
>> access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
>> open("/lib/tls/i686/cmov/libc.so.6", O_RDONLY) = 3
>> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\0`\1\000"...,
>> 512) = 512
>> fstat64(3, {st_mode=S_IFREG|0644, st_size=1307104, ...}) = 0
>> mmap2(NULL, 1312164, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE,
>> 3, 0) = 0xb7da6000
>> mmap2(0xb7ee1000, 12288, PROT_READ|PROT_WRITE,
>> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x13b) = 0xb7ee1000
>> mmap2(0xb7ee4000, 9636, PROT_READ|PROT_WRITE,
>> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7ee4000
>> close(3)                                = 0
>> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
>> 0) = 0xb7da5000
>> set_thread_area({entry_number:-1 -> 6, base_addr:0xb7da56c0,
>> limit:1048575, seg_32bit:1, contents:0, read_exec_only:0,
>> limit_in_pages:1, seg_not_present:0, useable:1}) = 0
>> mprotect(0xb7ee1000, 4096, PROT_READ)   = 0
>> munmap(0xb7ee7000, 54870)               = 0
>> fstat64(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 1), ...}) = 0
>> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
>> 0) = 0xb7ef4000
>> write(1, "Test kernel", 11Test kernel)             = 11
>> exit_group(11)                          = ?
>>
>> And sys_execve() in arch/x86/kernel/process_32.c is your start (mine
>> kernel is 2.6.20).   Well, it will be a long long path towards full
>> understanding even of this simple program.   Alternatively, pick a
>> topic of interest, and understand in greater depth about it.   Eg,
>> tracing the filesystem VFS APIs etc.
>>
>> On Sat, Oct 11, 2008 at 10:12 PM, siddharam suresh
>> <siddharam.s.t@gmail.com> wrote:
>>> i want visualize what all the stuffs happening inside the Linux kernel
>>> when this program is executed
>>>
>>>
>>> #include<stdio.h>
>>> void main()
>>> {
>>> printf("Test kernel");  <-- here i want know what are all the system
>>> calls and the kernel data structure kernel is used by the kernel. Is
>>> it possible to put break points here and can we see what are the
>>> things happening inside the kernel when printf is executed
>>>
>>> }
>>>
>>>
>>> is it possible to put break points in side the my program using the
>>> system tap i want to visualize what are system calls and kernel data
>>> structure used by particular statement.
>>>
>>> as above stated test.c program i what see what is happening inside the
>>> kernel when printf("Test Kernel"); is executed .This because when the
>>> my program become large it will show so many information which may not
>>> be use full to me and very difficult to get the particular
>>> information.Is there any facilities like step in and step out in
>>> system tap
>>>
>>>
>>>
>>> thank you in advance
>>> waiting great response
>>>
>>
>>
>> --
>> Regards,
>> Peter Teoh
>>
> 
> 
> 


-- 
David Smith
dsmith@redhat.com
Red Hat
http://www.redhat.com
256.217.0141 (direct)
256.837.0057 (fax)


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]