From 4a05792180ad1299f499b5dbd77d5d4e9c4970fb Mon Sep 17 00:00:00 2001 From: ddomingo Date: Fri, 6 Mar 2009 14:57:12 +1000 Subject: added more content for tapset dev --- .../en-US/Tapset_Dev_Guide.xml | 88 +++++++++++++++++++++- 1 file changed, 86 insertions(+), 2 deletions(-) (limited to 'doc/Tapset_Reference_Guide') diff --git a/doc/Tapset_Reference_Guide/en-US/Tapset_Dev_Guide.xml b/doc/Tapset_Reference_Guide/en-US/Tapset_Dev_Guide.xml index be59d944..26ea9896 100644 --- a/doc/Tapset_Reference_Guide/en-US/Tapset_Dev_Guide.xml +++ b/doc/Tapset_Reference_Guide/en-US/Tapset_Dev_Guide.xml @@ -18,16 +18,100 @@ The first step to writing good tapsets is to create a simple model of your subject area. For example, a model of the process subsystem might include the following: + + + Key Data + + + process ID + parent process ID + process group ID + + + + + + State Transitions + + + forked + exec'd + running + stopped + terminated + + + + + + Note + Both lists are examples, and are not meant to represent a complete list. + + + + Use your subsystem expertise to find probe points (function entries and + exits) that expose the elements of the model, then define probe aliases + for those points. Be aware that some state transitions can occur in more + than one place. In those cases, an alias can place a probe in multiple + locations. + + + + For example, process execs can occur in either the do_execve() or the + compat_do_execve() functions. The following alias inserts probes at the + beginning of those functions: + + + +probe process.exec = kernel.function("do_execve"), +kernel.function("compat_do_execve") +{probe body} + + + + Try to place probes on stable interfaces (i.e., functions + that are unlikely to change at the interface level) whenever possible. This will + make the tapset less likely to break due to kernel changes. Where + kernel version or architecture dependencies are unavoidable, use + preprocessor conditionals (see the stap(1) man page for details). + + + + + Fill in the probe bodies with the key data available at the probe points. + Function entry probes can access the entry parameters specified to + the function, while exit probes can access the entry parameters and the + return value. Convert the data into meaningful forms where appropriate + (e.g., bytes to kilobytes, state values to strings, etc). + + + + You may need to use auxiliary functions to access or convert some of the data. Auxiliary + functions often use embedded C to do things that cannot be done in the + SystemTap language, like access structure fields in some contexts, follow + linked lists, etc. You can use auxiliary functions defined in other tapsets + or write your own. + + + + In the following example, copy_process() returns a + pointer to the task_struct for the new process. Note + that the process ID of the new process is retrieved by calling + task_pid() and passing it the task_struct + pointer. In this case, the auxiliary function is an embedded C function + that's defined in the task tapset (task.stp). + + info from here:http://sources.redhat.com/git/?p=systemtap.git;a=blob_plain;f=tapset/DEVGUIDE - + -- cgit