Manualshelf

System information

ManualsBrandsRed Hat ManualsOtherENTERPRISE LINUX 5.4 - SYSTEMTAP BEGINNERS GUIDE
101102103104105106107108109110
88 System Analysis and Tuning Guide
6.1 Supported Architectures
Kernel probes are fully implemented on the following architectures:
i386
x86_64 (AMD-64, EM64T)
ppc64
arm
ppc
Kernel probes are partially implemented on the following architectures:
ia64 (does not support probes on instruction slot1)
sparc64 (return probes not yet implemented)
6.2 Types of Kernel Probes
There are three types of kernel probes: kprobes, jprobes, and kretprobes. Kret-
probes are sometimes referred to as return probes. You can find vivid source code
examples of all three type of kernel probes in the /usr/src/linux/sam
ples/kprobes/ directory (package kernel-source).
6.2.1 Kprobe
Kprobe can be attached to any instruction in the Linux kernel. When it is registered,
it inserts a break-point at the first bytes of the probed instruction. When the processor
hits this break-point, the processor registers are saved, and the processing passes to
kprobes. First, a pre-handler is executed, then the probed instruction is stepped, and,
finally a post-handler is executed. The control is then passed to the instruction follow-
ing the probe point.