1.\" Copyright (c) 2013 Mark Johnston <markj@freebsd.org> 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd August 17, 2013 28.Dt SDT 9 29.Os 30.Sh NAME 31.Nm SDT 32.Nd a DTrace framework for adding statically-defined tracing probes 33.Sh SYNOPSIS 34.In sys/sdt.h 35.Fn SDT_PROVIDER_DECLARE prov 36.Fn SDT_PROVIDER_DEFINE prov 37.Fn SDT_PROBE_DECLARE prov mod func name 38.Fn SDT_PROBE_DEFINE prov mod func name sname 39.Fn SDT_PROBE_DEFINE0 prov mod func name sname 40.Fn SDT_PROBE_DEFINE1 prov mod func name sname arg0 41.Fn SDT_PROBE_DEFINE2 prov mod func name sname arg0 arg1 42.Fn SDT_PROBE_DEFINE3 prov mod func name sname arg0 arg1 arg2 43.Fn SDT_PROBE_DEFINE4 prov mod func name sname arg0 arg1 arg2 arg3 44.Fn SDT_PROBE_DEFINE5 prov mod func name sname arg0 arg1 arg2 arg3 arg4 45.Fn SDT_PROBE_DEFINE6 prov mod func name sname arg0 arg1 arg2 arg3 arg4 arg5 46.Fn SDT_PROBE_DEFINE7 prov mod func name sname arg0 arg1 arg2 arg3 arg4 arg5 \ 47 arg6 48.Fn SDT_PROBE_DEFINE0_XLATE prov mod func name sname 49.Fn SDT_PROBE_DEFINE1_XLATE prov mod func name sname arg0 xarg0 50.Fn SDT_PROBE_DEFINE2_XLATE prov mod func name sname arg0 xarg0 arg1 xarg1 51.Fn SDT_PROBE_DEFINE3_XLATE prov mod func name sname arg0 xarg0 arg1 xarg1 \ 52 arg2 xarg2 53.Fn SDT_PROBE_DEFINE4_XLATE prov mod func name sname arg0 xarg0 arg1 xarg1 \ 54 arg2 xarg2 arg3 xarg3 55.Fn SDT_PROBE_DEFINE5_XLATE prov mod func name sname arg0 xarg0 arg1 xarg1 \ 56 arg2 xarg2 arg3 xarg3 arg4 xarg4 57.Fn SDT_PROBE_DEFINE6_XLATE prov mod func name sname arg0 xarg0 arg1 xarg1 \ 58 arg2 xarg2 arg3 xarg3 arg4 xarg4 arg5 xarg5 59.Fn SDT_PROBE_DEFINE7_XLATE prov mod func name sname arg0 xarg0 arg1 xarg1 \ 60 arg2 xarg2 arg3 xarg3 arg4 xarg4 arg5 xarg5 arg6 xarg6 61.Fn SDT_PROBE0 prov mod func name 62.Fn SDT_PROBE1 prov mod func name arg0 63.Fn SDT_PROBE2 prov mod func name arg0 arg1 64.Fn SDT_PROBE3 prov mod func name arg0 arg1 arg2 65.Fn SDT_PROBE4 prov mod func name arg0 arg1 arg2 arg3 66.Fn SDT_PROBE5 prov mod func name arg0 arg1 arg2 arg3 arg4 67.Fn SDT_PROBE6 prov mod func name arg0 arg1 arg2 arg3 arg4 arg5 68.Fn SDT_PROBE7 prov mod func name arg0 arg1 arg2 arg3 arg4 arg5 arg6 69.Sh DESCRIPTION 70The 71.Nm 72macros allow programmers to define static trace points in kernel code. 73These trace points are used by the 74.Nm 75framework to create DTrace probes, allowing the code to be instrumented 76using 77.Xr dtrace 1 . 78By default, 79.Nm 80trace points are disabled and have no effect on the surrounding code. 81When a DTrace probe corresponding to a given trace point is enabled, threads 82that execute the trace point will call a handler and cause the probe to fire. 83Moreover, trace points can take arguments, making it possible to pass data 84to the DTrace framework when an enabled probe fires. 85.Pp 86Multiple trace points may correspond to a single DTrace probe, allowing 87programmers to create DTrace probes that correspond to logical system events 88rather than tying probes to specific code execution paths. 89For instance, a DTrace probe corresponding to the arrival of an IP packet into 90the network stack may be defined using two 91.Nm 92trace points: one for IPv4 packets and one for IPv6 packets. 93.Pp 94In addition to defining DTrace probes, the 95.Nm 96macros allow programmers to define new DTrace providers, making it possible to 97namespace logically-related probes. 98An example is FreeBSD's sctp provider, which contains 99.Nm 100probes for FreeBSD's 101.Xr sctp 4 102implementation. 103.Pp 104The 105.Fn SDT_PROVIDER_DECLARE 106and 107.Fn SDT_PROVIDER_DEFINE 108macros are used respectively to declare and define a DTrace provider named 109.Ar prov 110with the 111.Nm 112framework. 113A provider need only be defined once; however, the provider must be declared 114before defining any 115.Nm 116probes belonging to that provider. 117.Pp 118Similarly, the 119.Fn SDT_PROBE_DECLARE 120and 121.Fn SDT_PROBE_DEFINE* 122macros are used to declare and define DTrace probes using the 123.Nm 124framework. 125Once a probe has been defined, trace points for that probe may be added to 126kernel code. 127DTrace probe identifiers consist of a provider, module, function and name, all 128of which may be specified in the 129.Nm 130probe definition. 131Note that probes should not specify a module name: the module name of a probe is 132used to determine whether or not it should be destroyed when a kernel module is 133unloaded. 134See the 135.Sx BUGS 136section. 137Note in particular that probes must not be defined across multiple kernel 138modules. 139The 140.Fn SDT_PROBE_DEFINE* 141macros also take an extra 142.Ar sname 143parameter. 144This is used to allow the creation of probes with names containing the 145.Ql - 146character. 147Specifically, the 148.Ar name 149argument should contain the probe name with all dashes converted to underscores, 150and the 151.Ar sname 152argument should be the probe name as it will be referenced by D scripts. 153.Pp 154The 155.Fn SDT_PROBE_DEFINE* 156macros also allow programmers to declare the types of the arguments that are 157passed to probes. 158This is optional; if the argument types are omitted (through use of the 159.Fn SDT_PROBE_DEFINE 160macro), users wishing to make use of the arguments will have to manually cast 161them to the correct types in their D scripts. 162It is strongly recommended that probe definitions include a declaration of their 163argument types. 164.Pp 165The 166.Fn SDT_PROBE_DEFINE*_XLATE 167macros are used for probes whose argument types are to be dynamically translated 168to the types specified by the corresponding 169.Ar xarg 170arguments. 171This is mainly useful when porting probe definitions from other operating 172systems. 173As seen by 174.Xr dtrace 1 , 175the arguments of a probe defined using these macros will have types which match 176the 177.Ar xarg 178types in the probe definition. 179However, the arguments passed in at the trace point will have types matching the 180native argument types in the probe definition, and thus the native type is 181dynamically translated to the translated type. 182So long as an appropriate translator is defined in 183.Pa /usr/lib/dtrace , 184scripts making use of the probe need not concern themselves with the underlying 185type of a given 186.Nm 187probe argument. 188.Pp 189The 190.Fn SDT_PROBE* 191macros are used to create 192.Nm 193trace points. 194They are meant to be added to executable code and can be used to instrument the 195code in which they are called. 196.Sh EXAMPLES 197The following probe definition will create a DTrace probe called 198.Ql icmp::unreach:pkt-receive , 199which would hypothetically be triggered when the kernel receives an ICMP packet 200of type Destination Unreachable: 201.Bd -literal -offset indent 202SDT_PROVIDER_DECLARE(icmp); 203 204SDT_PROBE_DEFINE1(icmp, , unreach, pkt_receive, pkt-receive, 205 "struct icmp *"); 206 207.Ed 208This particular probe would take a single argument: a pointer to the struct 209containing the ICMP header for the packet. 210Note that the module name of this probe is not specified. 211.Pp 212Consider a DTrace probe which fires when the network stack receives an IP 213packet. 214Such a probe would be defined by multiple tracepoints: 215.Bd -literal -offset indent 216SDT_PROBE_DEFINE3(ip, , , receive, receive, "struct ifnet *", 217 "struct ip *", "struct ip6_hdr *"); 218 219int 220ip_input(struct mbuf *m) 221{ 222 struct ip *ip; 223 ... 224 ip = mtod(m, struct ip *); 225 SDT_PROBE3(ip, , , receive, m->m_pkthdr.rcvif, ip, NULL); 226 ... 227} 228 229int 230ip6_input(struct mbuf *m) 231{ 232 struct ip6_hdr *ip6; 233 ... 234 ip6 = mtod(m, struct ip6_hdr *); 235 SDT_PROBE3(ip, , , receive, m->m_pkthdr.rcvif, NULL, ip6); 236 ... 237} 238 239.Ed 240In particular, the probe should fire when the kernel receives either an IPv4 241packet or an IPv6 packet. 242.Pp 243Consider the ICMP probe discussed above. 244We note that its second argument is of type 245.Ar struct icmp , 246which is a type defined in the FreeBSD kernel to represent the ICMP header of 247an ICMP packet, defined in RFC 792. 248Linux has a corresponding type, 249.Ar struct icmphdr , 250for the same purpose, but its field names differ from FreeBSD's 251.Ar struct icmp . 252Similarly, illumos defines the 253.Ar icmph_t 254type, again with different field names. 255Even with the 256.Ql icmp:::pkt-receive 257probes defined in all three operating systems, 258one would still have to write OS-specific scripts to extract a given field out 259of the ICMP header argument. 260Dynamically-translated types solve this problem: one can define an 261OS-independent 262.Xr c 7 263struct to represent an ICMP header, say 264.Ar struct icmp_hdr_dt , 265and define translators from each of the three OS-specific types to 266.Ar struct icmp_hdr_dt , 267all in the 268.Xr dtrace 1 269library path. 270Then the FreeBSD probe above can be defined with: 271.Bd -literal -offset indent 272SDT_PROBE_DEFINE1_XLATE(ip, , , receive, receive, "struct icmp *", 273 "struct icmp_hdr_dt *"); 274.Ed 275.Sh SEE ALSO 276.Xr dtrace 1 277.Sh AUTHORS 278.An -nosplit 279DTrace and the 280.Nm 281framework were originally ported to FreeBSD from Solaris by 282.An John Birrell Aq jb@FreeBSD.org . 283This manual page was written by 284.An Mark Johnston Aq markj@FreeBSD.org . 285.Sh BUGS 286The 287.Nm 288macros allow the module name of a probe to be specified as part of a probe 289definition. 290However, the DTrace framework uses the module name of probes to determine 291which probes should be destroyed when a kernel module is unloaded, so the module 292name of a probe should match the name of the module in which its defined. 293.Nm 294will set the module name properly if it is left unspecified in the probe 295definition; see the 296.Sx EXAMPLES 297section. 298.Pp 299One of the goals of the original 300.Nm 301implementation (and by extension, of FreeBSD's port) is that inactive 302.Nm 303probes should have no performance impact. 304This is unfortunately not the case; 305.Nm 306trace points will add a small but non-zero amount of latency to the code 307in which they are defined. 308A more sophisticated implementation of the probes will help alleviate this 309problem. 310