forked from iovisor/bcc
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathshmsnoop.8
74 lines (73 loc) · 1.46 KB
/
shmsnoop.8
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
.TH shmsnoop 8 "2018-09-24" "USER COMMANDS"
.SH NAME
shmsnoop \- Trace System V shared memory syscalls. Uses Linux eBPF/bcc.
.SH SYNOPSIS
.B shmsnoop [\-h] [\-T] [\-p] [\-t] [\-d DURATION] [\-n NAME]
.SH DESCRIPTION
shmsnoop traces System V shared memory syscalls: shmget, shmat, shmdt, shmctl
Since this uses BPF, only the root user can use this tool.
.SH REQUIREMENTS
CONFIG_BPF and bcc.
.SH OPTIONS
.TP
\-h
Print usage message.
.TP
\-T
Include a timestamp column.
.TP
\-p PID
Trace this process ID only (filtered in-kernel).
.TP
\-t TID
Trace this thread ID only (filtered in-kernel).
.TP
\-d DURATION
Total duration of trace in seconds.
.TP
\-n NAME
Only print command lines matching this command name (regex)
.SH EXAMPLES
.TP
Trace all shm* syscalls:
#
.B shmsnoop
.TP
Trace all shm* syscalls, and include timestamps:
#
.B shmsnoop \-T
.TP
Only trace shm* syscalls where the process contains "server":
#
.B shmsnoop \-n server
.SH FIELDS
.TP
TIME(s)
Time of shm syscall return, in seconds.
.TP
PID
Process ID
.TP
COMM
Parent process/command name.
.TP
RET
Return value of shm syscall.
.TP
ARGS
"arg: value" couples that represent given syscall arguments as described in their manpage
.SH SOURCE
This is from bcc.
.IP
https://github.com/iovisor/bcc
.PP
Also look in the bcc distribution for a companion _examples.txt file containing
example usage, output, and commentary for this tool.
.SH OS
Linux
.SH STABILITY
Unstable - in development.
.SH AUTHOR
Jiri Olsa
.SH SEE ALSO
opensnoop(1)