This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Puzzling output of stp script

From: Adrien Kunysz <adrien at kunysz dot be>
To: Josh Stone <jistone at redhat dot com>
Cc: contemplating zombie <contemplatingzombie at gmail dot com>, systemtap at sourceware dot org
Date: Sun, 25 Dec 2011 11:09:52 +0000
Subject: Re: Puzzling output of stp script
References: <CAO_gTC6yXVN-6a-aj6YFy4Z_7wGaMRzbHTWWWdQOyWgD=g0rOQ@mail.gmail.com> <CAO_gTC5M4q3-CS_xuY8C2BQ-4teLUer6DSEZpRdKp8_PJ-ep_w@mail.gmail.com> <4EF6BAEB.7000006@redhat.com>

On Sat, Dec 24, 2011 at 09:55:55PM -0800, Josh Stone wrote:
> On 12/24/2011 10:31 AM, contemplating zombie wrote:
> > Hi,
> > 
> > I am new to systemtap and I was trying out following example script
> > given in the documentation:
> > 
> > probe kernel.function("*@net/socket.c") {
> >       printf ("%s -> %s\n", thread_indent(1), probefunc())
> > }
> > 
> > probe kernel.function("*@net/socket.c").return {
> >       printf ("%s <- %s\n", thread_indent(-1), probefunc())
> > }
> > 
> > I sshed into a remote machine and executed it. What I see is that the
> > stack frames just keep on growing to right and do not return. Won't
> > that cause a stack overflow eventually?
> 
> The reason is that you are probing more functions on entry than you are
> on return.  There's no stack issue; the probes are just imbalanced.
> 
> There are two flavors of entry probe: .call and .inline.  If you don't
> specify, then you get a union of both.  However, .return probes only
> work for the .call flavor, because there is no real return from inlined
> functions.
> 
> So when you need balanced probes for entering and leaving functions, use
> .call and .return.  You could also be clever and represent the .inline
> separately with thread_indent(0).

And that particular example was already fixed a while ago btw:
http://sourceware.org/git/gitweb.cgi?p=systemtap.git;a=commitdiff;h=396afcee5ada2d207b7a6691d4b7ce473e7b2a65

> >      0 sshd(804): -> sock_poll
> >     11 sshd(804): <- sock_poll
> >      0 sshd(804): -> sock_aio_read
> >      2 sshd(804):  -> alloc_sock_iocb
> >      3 sshd(804):  <- alloc_sock_iocb
> >      5 sshd(804):  -> do_sock_read
> >      7 sshd(804):   -> __sock_recvmsg
> >      9 sshd(804):    -> __sock_recvmsg_nosec
> >     15 sshd(804):    <- sock_aio_read
> 
> Notice right here, you got a return from sock_aio_read, jumping back
> over three other "calls".  I'll bet that do_sock_read, __sock_recvmsg,
> and __sock_recvmsg_nosec were all inlined in your kernel.

Attachment: signature.asc
Description: Digital signature

Follow-Ups:
- Re: Puzzling output of stp script
  - From: Mark Wielaard

References:
- Puzzling output of stp script
  - From: contemplating zombie
- Re: Puzzling output of stp script
  - From: Josh Stone

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]