6 files changed, 42 insertions, 17 deletions

diff --git a/runtime/probes/README b/runtime/probes/README
new file mode 100644
index 00000000..dd9fcd0c
--- /dev/null
+++ b/runtime/probes/README
@@ -0,0 +1,4 @@
+/** @dir probes
+This directory contains working example probes that demonstrate and test
+the runtime library. They are tested on i386 and x86_64.
+*/
diff --git a/runtime/probes/shellsnoop/README b/runtime/probes/shellsnoop/README
index fee5e4c1..70b5e614 100644
--- a/runtime/probes/shellsnoop/README
+++ b/runtime/probes/shellsnoop/README
@@ -1,7 +1,12 @@
-Sample probe.
+/** @dir shellsnoop
+Snoops on what commands are being run by shells.
 
-This is a translation of on an old dtr probe:
+This is a translation of on an old dtr probe. It demonstrates maps,
+lists, and how to use _stp_copy_argv_from_user() and  _stp_strncpy_from_user().
 
+Original dtr source:
+
+\verbatim
 # shellsnoop.probe - snoop shell execution as it occurs.
 # clone of dtrace shellsnoop example
 
@@ -64,4 +69,5 @@ probe sys_write:entry {
         }
     }
 }
-
+\endverbatim
+*/
diff --git a/runtime/probes/tasklet/README b/runtime/probes/tasklet/README
index 12efdc46..0ecdb7c7 100644
--- a/runtime/probes/tasklet/README
+++ b/runtime/probes/tasklet/README
@@ -1,6 +1,10 @@
-Sample probe.  Useful for interrupt context testing.
+/** @dir tasklet
+Sample probe in a tasklet.  Useful for interrupt context testing.
 
+\verbatim
 > ./build
 > insmod stp_tasklet.ko
 > rmmod stp_tasklet.ko
+\endverbatim
 
+*/
diff --git a/runtime/probes/test4/README b/runtime/probes/test4/README
index 20a1ad23..75d4be10 100644
--- a/runtime/probes/test4/README
+++ b/runtime/probes/test4/README
@@ -1,7 +1,9 @@
-Sample probe.
-
-This is a translation of on an old dtr probe:
+/** @dir test4
+This example probe tracks file opens, reads and writes.
+It demonstrates maps, stats, and iterators.
 
+This is a translation of on an old dtr probe.  Original source is
+\verbatim
 global {
   long @opens[string];
   sum @reads[string], @writes[string];
@@ -18,3 +20,5 @@ probe sys_read:entry {
 probe sys_write:entry {
   @writes[current->comm] << count;
 }
+\endverbatim
+*/
diff --git a/runtime/probes/test4/dtr.c b/runtime/probes/test4/dtr.c
index 1c8d8f05..8c6257e2 100644
--- a/runtime/probes/test4/dtr.c
+++ b/runtime/probes/test4/dtr.c
@@ -15,7 +15,7 @@ MAP opens, reads, writes;
 asmlinkage long inst_sys_open (const char __user * filename, int flags, int mode)
 {
   _stp_map_key_str (opens, current->comm);
-  _stp_map_set_int64 (opens, _stp_map_get_int64(opens) + 1);
+  _stp_map_add_int64 (opens, 1);
   jprobe_return();
   return 0;
 }
diff --git a/runtime/probes/where_func/README b/runtime/probes/where_func/README
index 0df3d719..4c57614b 100644
--- a/runtime/probes/where_func/README
+++ b/runtime/probes/where_func/README
@@ -1,19 +1,26 @@
+/** @dir where_func
 This is a silly little instrumentation routine to instrument functions
-entry by name. It makes use of the SystemTap runime libraries break
-down the number of times the function by caller. It also uses
-__print_symbol to map the address back to locations in functions.
+entry by name. It makes use of the SystemTap runtime libraries to break
+down the number of times the function by caller. 
+
+It demonstrates kprobes, passing a module parameter, using the print buffer,
+and using _stp_print_symbol() to map the addresses back to locations 
+in functions.
 
 By default it instruments schedule().
 
 The instrumentation module is built by having the kernel that is going
-to be instrumented currently on the machine and doing "./build"
-
+to be instrumented currently on the machine and doing 
+\code
+./build
+\endcode
 The instrumentation is inserted as root with:
-
+\code
 /sbin/insmod kprobe_funct_where.ko funct_name=function_name
-
+\endcode
 The instrumentation is removed as root with:
-
+\code
 /sbin/rmmod kprobe_funct_where
-
+\endcode
 -Will Cohen
+*/