kprobe address of sys_waitpid
Li Guanglei
guanglei@cn.ibm.com
Fri Jan 13 10:37:00 GMT 2006
I wrote a very simple stap script to probe entry & return of
sys_waitpid & sys_wait4, but I got the output like:
entry of sys_wait4
return of sys_wait4
entry of sys_waitpid
return of sys_waitpid
the sys_waitpid in kernel is something like:
sys_waitpid()
{
return sys_wait4();
}
So I think the right order should be:
entry of sys_waitpid
entry of sys_wait4
return of sys_wait4
return of sys_waitpid
I found systemtap will put the probe on address 0xc0125a6c:
c0125a56 <sys_waitpid>:
c0125a56: 6a 00 push $0x0
c0125a58: ff 74 24 10 pushl 0x10(%esp)
c0125a5c: ff 74 24 10 pushl 0x10(%esp)
c0125a60: ff 74 24 10 pushl 0x10(%esp)
c0125a64: e8 c3 ff ff ff call c0125a2c <sys_wait4>
c0125a69: 83 c4 10 add $0x10,%esp
c0125a6c: c3 ret
static struct kprobe dwarf_kprobe_0[1]= {
{.addr= (void *) 0xc0125a6c}
};
char const * dwarf_kprobe_0_location_names[1] = {
"kernel.function(\"sys_waitpid@kernel/exit.c:1541\")"
};
I got this from 2.6.9-27EL on x86. But it seems ok on 2.6.9-27EL/ppc64
More information about the Systemtap
mailing list