ftrace works - Godson platform
First, the injection of trace function calls
1. In kernel_thread and sys_fork example, the source code shown in Figure 1-1:
Figure 1-1 Source
2. When compiling the kernel, the gcc -pg option, compile-time, the beginning of the function call is automatically inserted ftrace_caller.
The above-described two functions assembler code shown in Figure 1-2.
FIG assembly code code generation 1-2
In Figure 1-1, the source did not call ftrace_caller, but the kernel has finished compiling has joined calls.
3. Next Analysis ftrace_caller source 1-3, Figure 1-4 shows the assembly code.
FIG. 1-3 ftrace_caller source
FIG. 1-4 ftrace_caller assembly code
Two, ftrace operating status
1. After starting the system, and the default state kernel_thread sys_fork binary code shown in Figure 2-1, ftrace_caller assembler code shown in Figure 2-2.
Figure 2-1 system boot code binary script
FIG. 2-2 ftrace_caller after system startup script
Compare FIGS. 2-1 and 1-2, found 0x0c085428 i.e. jump instruction address 0x8024137c ftrace_caller function and 0x802413bc original address after the system starts to 0 (i.e. nop instruction).
Compare FIGS. 2-2 and FIGS. 1-4, the instruction address 0x10000027 i.e. jump found ftrace_stub 0x802150a0 original function after the system starts to 0 (i.e. nop instruction).
Calling system initialization ftrace_init the above changes: ftrace_dyn_arch_init (& addr) function call ftrace_modify_code (MCOUNT_ADDR, INSN_NOP) will begin ftrace_caller b ftrace
nop instruction modified to _stub instruction. Function ftrace_process_locs (NULL, __ start_mcount_loc,
__stop_mcount_loc) to accomplish all functions of the instruction is modified to contain jal ftrace_caller nop. Start
_Mcount_loc contents of all addresses (generated at compile time), easy to find and modify call jal ftrace_caller address of the region in an address 0x0x8024137c (kernel_thread) and address 0x802413bc
(sys_fork)。
Changes in the functions and variables 2.echo function> current_tracer in the system
kernel_thread sys_fork source and change script shown in Figure 2-3, ftrace_caller source code change instruction shown in Figure 2-4.
FIG. 2-3 sys_fork & kernel_thread Script
FIG. 2-4 ftrace_caller Script
Compare Figures 2-3 and 2-1, and the address of the found address 0x8024137c 0x802413bc original 0x0 (i.e. nop instruction) becomes the address of the instruction at the jump ftrace_caller 0x0c08542a i.e. +8 function addresses (i.e. 0x802150a8).
Compare FIGS. 2-4 and FIG. 2-2, 0 found from the original address 0x80215104 (NOP) that is modified to 0x0c0b9ff2 ftrace_ops_no_ops jump function (address 0x802e7fc8).
ftrace_ops_no_ops source 2-5, the scanning function calls the function list ftrace_ops_list registered.
2-5 ftrace_ops_no_ops key functions in the source code of FIG.
By disassembly ftrace_ops_list look at the contents of the list, the contents of the compiled kernel shown in Figure 2-6,
By echo function> current_tracer the contents shown in Figure 2-7.
Figure 2-6 ftrace_ops_list content
FIG. 2-7 ftrace_ops_list contents code
By the figure may have the original content ftrace_ops_list 0x81024060 (i.e. ftrace_list_end) modified 0x81037510 (i.e. global_ops). global_ops original content 0x80215140 (i.e. ftrace_stub), modified as 0x80301330 (i.e. function_trace_call function).
Currently added function calls ftrace_caller final function call is function_trace_call function.
echo function> current_tracer function is called by the action tracing_set_trace_write (), which takes out the function "function" characters from the same global variable trace_types the tracer. All tracer calling register_tracer () function to complete the registration, the registration process function as shown in Figure 2-8 (init stages of completion).
tracing_set_trace_write () function call in the function init function function_trace_init i.e. to perform other initialization, such as calling register_ftrace_function (& trace_ops) function to complete the registration trace_ops will trace_ops added global_ops list; ftrace_trace_function assignments as a global variable and the like. And ultimately makes the call ftrace_caller can call to function_trace_call function.
3.echo function> current_tracer the system can now call functions, but the real trace has not yet begun, need to echo 1> after tracing_on, the system will start.
In the function function_trace_call () is called trace_function recording information ring_buffer in.
echo 1> tracing_on general call operation rb_simple_write (), call tr-> current_trace-> start calling i.e. function_trace_start () function, the buffer-> record_disabled minus 1, the cpu_
buffer-> record_disabled buffer minus 1 is enabled on to enable the log. Trace_function logging function in which two record_disabled ring_buffer_lock_reserve will determine whether the requirements have been met, if they meet the log, otherwise quit.
How 4.ring_buffer work?
Specific Reference: http://blog.chinaunix.net/uid-20543183-id-1930845.html
