Man pages sections > man8 > stacksnoop-bpfcc

stacksnoop - Print kernel stack traces for kernel functions. Uses Linux

stacksnoop(8) System Manager's Manual stacksnoop(8)

NAME

stacksnoop - Print kernel stack traces for kernel functions. Uses Linux eBPF/bcc.

SYNOPSIS

stacksnoop [-h] [-p PID] [-s] [-v] function

DESCRIPTION

stacksnoop traces a given kernel function and for each call, prints the kernel stack back trace for that call. This shows the ancestry of function calls, and is a quick way to investigate low frequency kernel functions and their cause. For high frequency kernel functions, see stackcount.
 
This tool only works on Linux 4.6+. Stack traces are obtained using the new BPF_STACK_TRACE` APIs. For kernels older than 4.6, see the version under tools/old.

REQUIREMENTS

CONFIG_BPF and bcc.

OPTIONS

-h
Print usage message.
-s
Show address offsets.
-v
Print more fields.
-p PID
Trace this process ID only (filtered in-kernel).
function
Kernel function name.

EXAMPLES

Print kernel stack traces for each call to ext4_sync_fs:
# stacksnoop ext4_sync_fs
Also show the symbol offsets:
# stacksnoop -s ext4_sync_fs
Show extra columns:
# stacksnoop -v ext4_sync_fs
Only trace when PID 185 is on-CPU:
# stacksnoop -p 185 ext4_sync_fs

FIELDS

TIME(s)
Time of the call, in seconds.
STACK
Kernel stack trace. The first column shows "ip" for instruction pointer, and "r#" for each return pointer in the stack. The second column is the stack trace as hexadecimal. The third column is the translated kernel symbol names.

OVERHEAD

This can have significant overhead if frequently called functions (> 1000/s) are traced, and is only intended for low frequency function calls. This is because details including the stack trace for every call is passed to user space and processed. See stackcount for higher frequency calls, which performs in-kernel summaries.

SOURCE

This is from bcc.
https://github.com/iovisor/bcc
Also look in the bcc distribution for a companion _examples.txt file containing example usage, output, and commentary for this tool.

OS

Linux

STABILITY

Unstable - in development.

AUTHOR

Brendan Gregg

SEE ALSO

stackcount(8)
2016-01-14 USER COMMANDS