2007-10-19 02:41:08 -04:00
|
|
|
Using the Linux Kernel Markers
|
|
|
|
|
|
|
|
Mathieu Desnoyers
|
|
|
|
|
|
|
|
|
|
|
|
This document introduces Linux Kernel Markers and their use. It provides
|
|
|
|
examples of how to insert markers in the kernel and connect probe functions to
|
|
|
|
them and provides some examples of probe functions.
|
|
|
|
|
|
|
|
|
|
|
|
* Purpose of markers
|
|
|
|
|
|
|
|
A marker placed in code provides a hook to call a function (probe) that you can
|
|
|
|
provide at runtime. A marker can be "on" (a probe is connected to it) or "off"
|
|
|
|
(no probe is attached). When a marker is "off" it has no effect, except for
|
|
|
|
adding a tiny time penalty (checking a condition for a branch) and space
|
|
|
|
penalty (adding a few bytes for the function call at the end of the
|
|
|
|
instrumented function and adds a data structure in a separate section). When a
|
|
|
|
marker is "on", the function you provide is called each time the marker is
|
|
|
|
executed, in the execution context of the caller. When the function provided
|
|
|
|
ends its execution, it returns to the caller (continuing from the marker site).
|
|
|
|
|
|
|
|
You can put markers at important locations in the code. Markers are
|
|
|
|
lightweight hooks that can pass an arbitrary number of parameters,
|
|
|
|
described in a printk-like format string, to the attached probe function.
|
|
|
|
|
|
|
|
They can be used for tracing and performance accounting.
|
|
|
|
|
|
|
|
|
|
|
|
* Usage
|
|
|
|
|
|
|
|
In order to use the macro trace_mark, you should include linux/marker.h.
|
|
|
|
|
|
|
|
#include <linux/marker.h>
|
|
|
|
|
|
|
|
And,
|
|
|
|
|
2007-11-14 19:59:49 -05:00
|
|
|
trace_mark(subsystem_event, "myint %d mystring %s", someint, somestring);
|
2007-10-19 02:41:08 -04:00
|
|
|
Where :
|
|
|
|
- subsystem_event is an identifier unique to your event
|
|
|
|
- subsystem is the name of your subsystem.
|
|
|
|
- event is the name of the event to mark.
|
2007-11-14 19:59:49 -05:00
|
|
|
- "myint %d mystring %s" is the formatted string for the serializer. "myint" and
|
|
|
|
"mystring" are repectively the field names associated with the first and
|
|
|
|
second parameter.
|
2007-10-19 02:41:08 -04:00
|
|
|
- someint is an integer.
|
|
|
|
- somestring is a char pointer.
|
|
|
|
|
|
|
|
Connecting a function (probe) to a marker is done by providing a probe (function
|
|
|
|
to call) for the specific marker through marker_probe_register() and can be
|
|
|
|
activated by calling marker_arm(). Marker deactivation can be done by calling
|
|
|
|
marker_disarm() as many times as marker_arm() has been called. Removing a probe
|
2008-09-29 11:10:34 -04:00
|
|
|
is done through marker_probe_unregister(); it will disarm the probe.
|
2008-11-27 03:14:44 -05:00
|
|
|
|
|
|
|
marker_synchronize_unregister() must be called between probe unregistration and
|
|
|
|
the first occurrence of
|
|
|
|
- the end of module exit function,
|
|
|
|
to make sure there is no caller left using the probe;
|
|
|
|
- the free of any resource used by the probes,
|
|
|
|
to make sure the probes wont be accessing invalid data.
|
|
|
|
This, and the fact that preemption is disabled around the probe call, make sure
|
|
|
|
that probe removal and module unload are safe. See the "Probe example" section
|
|
|
|
below for a sample probe module.
|
2007-10-19 02:41:08 -04:00
|
|
|
|
|
|
|
The marker mechanism supports inserting multiple instances of the same marker.
|
|
|
|
Markers can be put in inline functions, inlined static functions, and
|
|
|
|
unrolled loops as well as regular functions.
|
|
|
|
|
|
|
|
The naming scheme "subsystem_event" is suggested here as a convention intended
|
|
|
|
to limit collisions. Marker names are global to the kernel: they are considered
|
|
|
|
as being the same whether they are in the core kernel image or in modules.
|
|
|
|
Conflicting format strings for markers with the same name will cause the markers
|
|
|
|
to be detected to have a different format string not to be armed and will output
|
|
|
|
a printk warning which identifies the inconsistency:
|
|
|
|
|
|
|
|
"Format mismatch for probe probe_name (format), marker (format)"
|
|
|
|
|
2008-11-14 17:47:40 -05:00
|
|
|
Another way to use markers is to simply define the marker without generating any
|
|
|
|
function call to actually call into the marker. This is useful in combination
|
|
|
|
with tracepoint probes in a scheme like this :
|
|
|
|
|
|
|
|
void probe_tracepoint_name(unsigned int arg1, struct task_struct *tsk);
|
|
|
|
|
|
|
|
DEFINE_MARKER_TP(marker_eventname, tracepoint_name, probe_tracepoint_name,
|
|
|
|
"arg1 %u pid %d");
|
|
|
|
|
|
|
|
notrace void probe_tracepoint_name(unsigned int arg1, struct task_struct *tsk)
|
|
|
|
{
|
|
|
|
struct marker *marker = &GET_MARKER(kernel_irq_entry);
|
|
|
|
/* write data to trace buffers ... */
|
|
|
|
}
|
2007-10-19 02:41:08 -04:00
|
|
|
|
|
|
|
* Probe / marker example
|
|
|
|
|
|
|
|
See the example provided in samples/markers/src
|
|
|
|
|
|
|
|
Compile them with your kernel.
|
|
|
|
|
|
|
|
Run, as root :
|
|
|
|
modprobe marker-example (insmod order is not important)
|
|
|
|
modprobe probe-example
|
|
|
|
cat /proc/marker-example (returns an expected error)
|
|
|
|
rmmod marker-example probe-example
|
|
|
|
dmesg
|