add options for lket-b2a to control the output data fields of lket.out.

make fork/execce trace hooks lket internally and turned on by default. add stoptrace_fork and stoptrace_execve flags for lket to control stopping fork/execve in user scripts. update lket-b2a and lket man page.
author: guanglei <guanglei> 2006-11-09 12:19:22 +0000
committer: guanglei <guanglei> 2006-11-09 12:19:22 +0000
commit: ef30b199413f3316ee82091444bc3e32ba615144 (patch)
tree: 3061db69d5379b36fca058f2fc3ef6cd2e2e522d
parent: d1b3549da1b8013bd791b27f02cee2293505b075 (diff)
download: systemtap-steved-ef30b199413f3316ee82091444bc3e32ba615144.tar.gz
systemtap-steved-ef30b199413f3316ee82091444bc3e32ba615144.tar.xz
systemtap-steved-ef30b199413f3316ee82091444bc3e32ba615144.zip
8 files changed, 119 insertions, 32 deletions
diff --git a/lket-b2a.1.in b/lket-b2a.1.in
index 753d8348..da77f25a 100644
--- a/lket-b2a.1.in
+++ b/lket-b2a.1.in
@@ -57,6 +57,21 @@ See the following section.
 .B \-f
 convert and dump trace data into local file. For more details,
 See the following section.
+.TP
+.B \-n     
+name_flag. name_flag set to 0 means not printing the event
+description string and 1 means printing. Only valid with -f
+option. name_flag is set to 1 by default.
+.TP
+.B \-i     
+id_flag. id_flag set to 0 means not printing event groupid and
+hookid and 1 means printing. Only valid with -f option. id_flag
+is set to 0 by default.
+.TP
+.B \-a     
+appname_flag. appname_flag set to 0 means not printing process
+name and 1 means printing. Only valid with -f option. appname_flag
+is set to 1 by default.
 
 .SH DUMP TRACE DATA INTO LOCAL FILE
 
@@ -74,14 +89,12 @@ Version Minor:  1
 Big endian:     YES
 Timing method:  do_gettimeofday()
 Bits width:     64
-Initial CPU timebase:   187994 (cycles per microsecond)
-
-0.2084 APPNAME: (null) PID:20922 CPU:3 HOOKGRP:3 HOOKID:1 tid:20936,pid:20936,ppid:35,pname:systemtap/0,
-0.2086 APPNAME: (null) PID:20922 CPU:3 HOOKGRP:3 HOOKID:1 tid:20937,pid:20937,ppid:35,pname:systemtap/1,
-0.2087 APPNAME: (null) PID:20922 CPU:3 HOOKGRP:3 HOOKID:1 tid:20938,pid:20938,ppid:35,pname:systemtap/2,
+Initial CPU timebase:   1596405 (cycles per microsecond)
 [...]
-10.24319 APPNAME: sshd PID:7203 CPU:3 HOOKGRP:2 HOOKID:2 syscall:write,
-10.24324 APPNAME: sshd PID:7203 CPU:3 HOOKGRP:2 HOOKID:1 syscall:compat_sys_select,
+2.527880 CPU:0 PID:2450 APPNAME:gnome-panel EVT_NAME:iosyscall.read.entry fd:3,buff_addr:-1081126904,count:32,
+2.527887 CPU:0 PID:2450 APPNAME:gnome-panel EVT_NAME:iosyscall.read.return return:32,
+2.534343 CPU:0 PID:1450 APPNAME:kjournald EVT_NAME:scsi.ioentry major:8,minor:0,sdev_state:2,request_addr:3806880208,
+2.534359 CPU:0 PID:1450 APPNAME:kjournald EVT_NAME:scsi.iodispatching host:0,channel:0,lun:0,dev_id:0,dev_state:2,data_dir:1,reqbuf_addr:3248315840,reqbuf_len:8192,request_addr:3806880208,
 [...]
 .ESAMPLE
 
diff --git a/lket.5.in b/lket.5.in
index f7b252f7..c9b8253b 100644
--- a/lket.5.in
+++ b/lket.5.in
@@ -240,11 +240,19 @@ Data format is:
 .I common_data, syscall_name(STRING)
 
 .SS PROCESS CREATION 
-This group contains three sub event hooks.
-You could use
-.I addevent.process
-to trace fork and execve of processes(note that process_snapshot()
-won't be included).
+This group contains three sub event hooks. All of them are turned on
+by default. You can use the flags stoptrace_fork and stoptrace_exec to stop
+tracing fork/execve in your script, e.g.:
+
+.SAMPLE
+probe begin
+{
+  stoptrace_fork = 1
+  stoptrace_exec = 1
+}
+...
+.ESAMPLE
+
 .P
 .TP
 .B process_snapshot()
@@ -257,14 +265,14 @@ Data format is:
 
 .P
 .TP
-.B addevent.process.fork 
+.B lket_internal.process.fork 
 Trace fork of processes
 
 Data format is:
 
 .I common_data, new_tid(INT32), new_pid(INT32), ppid(INT32)
 .TP
-.B addevent.process.execve 
+.B lket_internal.process.execve 
 Trace execve of new processes
 
 Data format is:
diff --git a/runtime/ChangeLog b/runtime/ChangeLog
index 9b908cc1..c04a56cc 100644
--- a/runtime/ChangeLog
+++ b/runtime/ChangeLog
@@ -1,3 +1,8 @@
+2006-11-09  Li Guanglei <guanglei@cn.ibm.com>
+
+	* runtime/lket/b2a/lket_b2a.[ch]: add options to control
+	the output data fields of lket.out
+
 2006-11-02  Martin Hunt  <hunt@redhat.com>
 
 	* sym.c (_stp_module_relocate): New function. Needed by the 
diff --git a/runtime/lket/b2a/lket_b2a.c b/runtime/lket/b2a/lket_b2a.c
index 9169537a..ffbde3b9 100644
--- a/runtime/lket/b2a/lket_b2a.c
+++ b/runtime/lket/b2a/lket_b2a.c
@@ -23,7 +23,7 @@
 /* A flag indicate whether to store the trace
    data into local file/MySQL database */
 int into_file, into_db;
-
+int name_flag=1, id_flag=0, appname_flag=1;
 #ifdef HAS_MYSQL
 
 #define SQLSIZE 1024*1024
@@ -69,7 +69,19 @@ printf("Usage:\n\
   lket-b2a Options INFILE1 [INFILE2...]\n\
     Options:\n\
        -f     dump the trace data into a local file named \"lket.out\"\n\
-       -m     dump the trace data into MySQL\n");
+       -n     name_flag. name_flag set to 0 means not printing the event\n\
+              description string and 1 means printing. Only valid with -f\n\
+              option. name_flag is set to 1 by default.\n\
+       -i     id_flag. id_flag set to 0 means not printing event groupid and\n\
+              hookid and 1 means printing. Only valid with -f option. id_flag\n\
+              is set to 0 by default.\n\
+       -a     appname_flag. appname_flag set to 0 means not printing process\n\
+              name and 1 means printing. Only valid with -f option. appname_flag\n\
+              is set to 1 by default.\n\
+       -m     dump the trace data into MySQL\n\
+   Example:\n\
+       lket-b2a -f -a 1 -i 1 -n 0 stpd_cpu*\n\
+       lket-b2a -m stpd_cpu*\n");
 }
 
 int main(int argc, char *argv[])
@@ -89,7 +101,7 @@ int main(int argc, char *argv[])
         strftime(database, 18,  "DB%Y%m%d%H%M%S", tm);
 
         while (1) {
-                int c = getopt(argc, argv, "mf");
+                int c = getopt(argc, argv, "mfi:n:a:");
                 if (c < 0) // no more options
                         break;
                 switch (c) {
@@ -99,6 +111,31 @@ int main(int argc, char *argv[])
 		case 'f':
 			into_file = 1;
 			break;
+		case 'n':
+			name_flag = atoi(optarg);
+			if(name_flag!=0 && name_flag!=1) {
+				fprintf(stderr, "you must specify 0 or 1 for -n option\n");
+				usage();
+				exit(-1);
+			}
+			break;
+		case 'i':
+			id_flag = atoi(optarg);
+			if(id_flag!=0 && id_flag!=1) {
+				fprintf(stderr, "you must specify 0 or 1 for -i option\n");
+				usage();
+				exit(-1);
+			}
+			break;
+		case 'a':
+			appname_flag = atoi(optarg);
+			if(appname_flag!=0 && appname_flag!=1) {
+				fprintf(stderr, "you must specify 0 or 1 for -a option\n");
+				usage();
+				exit(-1);
+			}
+			break;
+
 		default:
 			printf("Error in options\n");
 			usage();
@@ -578,11 +615,15 @@ void print_pkt_header(lket_pkt_header *phdr)
 	hookid = HDR_HookID(phdr);
 	pid = HDR_PID(phdr);
 
-	if(into_file)
-		fprintf(outfp, "\n%d.%d APPNAME: %s PID:%d CPU:%d HOOKGRP:%d HOOKID:%d ",
-			sec, usec,
-			(char *)(g_tree_lookup(appNameTree, (gconstpointer)((long)pid))),
-			pid, HDR_CpuID(phdr), grpid, hookid);
+	if(into_file) {
+		fprintf(outfp, "\n%d.%d CPU:%d PID:%d ", sec, usec, HDR_CpuID(phdr), pid);
+		if(appname_flag==1)
+			fprintf(outfp, "APPNAME:%s ", (char *)(g_tree_lookup(appNameTree,(gconstpointer)((long)pid))));
+		if(name_flag==1)
+			fprintf(outfp, "EVT_NAME:%s ", events_des[_HOOKID_REGSYSEVT][grpid][hookid]->description);
+		if(id_flag==1)
+			fprintf(outfp, "HOOKGRP:%d HOOKID:%d ", grpid, hookid);
+	}
 
 #ifdef HAS_MYSQL
 	if(into_db)  {
@@ -639,15 +680,19 @@ void register_evt_desc(FILE *infp, size_t size)
 	static int has_table = 0;
 #endif
 	int grpid, hookid;
+	int len = 0;
 	char *evt_body;
 	evt_body = malloc(size);
 	fread(evt_body, size, 1, infp);
 	grpid = *(int8_t *)evt_body;
         hookid  = *(int8_t *)(evt_body+1);
-
+	len = strlen(evt_body+2)+2;
 	if(!events_des[_HOOKID_REGSYSEVT][grpid][hookid])
 		events_des[_HOOKID_REGSYSEVT][grpid][hookid] = malloc(sizeof(event_desc));
+	if(!events_des[_HOOKID_REGSYSEVT][grpid][hookid]->description)
+		events_des[_HOOKID_REGSYSEVT][grpid][hookid]->description = malloc(len);
 
+	strncpy(events_des[_HOOKID_REGSYSEVT][grpid][hookid]->description, evt_body+2, len);
 #ifdef HAS_MYSQL
 	events_des[_HOOKID_REGSYSEVT][grpid][hookid]->entrytime = g_tree_new_full(
 		compareFunc, NULL, NULL, destroyTreeData);
diff --git a/runtime/lket/b2a/lket_b2a.h b/runtime/lket/b2a/lket_b2a.h
index 6b28efb1..464742db 100644
--- a/runtime/lket/b2a/lket_b2a.h
+++ b/runtime/lket/b2a/lket_b2a.h
@@ -61,6 +61,7 @@ typedef struct {
 	char evt_fmt[MAX_FIELDS][7]; /* e.g. INT8,STRING,INT16,... */
 	char evt_names[MAX_FIELDS][MAX_FIELDNAME_LEN]; /* e.g. protocal,dev_name,buff_len,... */
 	char fmt[256];  /* e.g. %1b,%0s,%2b,... */
+	char *description; /* a string description of this event, such as "iosyscall.read.entry" */
 	int count; /* # of fields */
 	int flag; /* a flag indicates whether exists trace data for this event */
 } event_desc;
diff --git a/tapset/LKET/Changelog b/tapset/LKET/Changelog
index cbdc3fc7..89e18e48 100644
--- a/tapset/LKET/Changelog
+++ b/tapset/LKET/Changelog
@@ -1,3 +1,10 @@
+2006-11-09  Li Guanglei <guanglei@cn.ibm.com>
+
+	* process.stp: make fork/execce trace hooks
+	lket internally and turned on by default.
+	add stoptrace_fork and stoptrace_execve flags to
+	control stopping fork/execve in user scripts
+
 2006-10-31  Li Guanglei <guanglei@cn.ibm.com>
 
 	* register_event.stp: changes of all event_desc 
diff --git a/tapset/LKET/hookid_defs.stp b/tapset/LKET/hookid_defs.stp
index 1097dfb3..07c43ea7 100755
--- a/tapset/LKET/hookid_defs.stp
+++ b/tapset/LKET/hookid_defs.stp
@@ -13,6 +13,7 @@ global
 	GROUP_PROCESS,
 	HOOKID_PROCESS_SNAPSHOT, HOOKID_PROCESS_FORK, 
 	HOOKID_PROCESS_EXECVE, 
+	stoptrace_exec, stoptrace_fork,
 
 	/* io scheduler */
 	GROUP_IOSCHED,
diff --git a/tapset/LKET/process.stp b/tapset/LKET/process.stp
index be46c4e7..b30dacec 100755
--- a/tapset/LKET/process.stp
+++ b/tapset/LKET/process.stp
@@ -5,6 +5,9 @@
 // Public License (GPL); either version 2, or (at your option) any
 // later version.
 
+/* the trace hooks defined here are used by lket internally and they
+   will be turned on by default */
+
 /* record the newly created process name */
 function log_execve_tracedata(var_id:long, var:long)
 %{
@@ -56,35 +59,39 @@ function process_snapshot()
 	}
 %}
 
-probe addevent.process
-	= addevent.process.execve,
-	addevent.process.fork
+probe lket_internal.process { }
+
+probe lket_internal.process
+	= lket_internal.process.execve,
+	lket_internal.process.fork
 {}
 
 /* 
   we should capture both do_execve for 64-bit app
   and compat_do_execve for 32-bit app           
 */
-probe addevent.process.execve
-	+= _addevent.process.execve
+probe lket_internal.process.execve
+	+= _lket_internal.process.execve
 {
 	update_record()
 }
 
-probe _addevent.process.execve
+probe _lket_internal.process.execve
 	=  process.exec
 {
+	if(stoptrace_exec==1) next;
 	log_execve_tracedata(HOOKID_PROCESS_EXECVE, $filename)
 }
 
-probe addevent.process.fork
-	+= _addevent.process.fork
+probe lket_internal.process.fork
+	+= _lket_internal.process.fork
 {
 	update_record()
 }
 
-probe _addevent.process.fork
+probe _lket_internal.process.fork
 	= process.create
 {
+	if(stoptrace_fork==1) next;
 	log_fork_tracedata(HOOKID_PROCESS_FORK, $return)
 }
author	guanglei <guanglei>	2006-11-09 12:19:22 +0000
committer	guanglei <guanglei>	2006-11-09 12:19:22 +0000
commit	ef30b199413f3316ee82091444bc3e32ba615144 (patch)
tree	3061db69d5379b36fca058f2fc3ef6cd2e2e522d
parent	d1b3549da1b8013bd791b27f02cee2293505b075 (diff)
download	systemtap-steved-ef30b199413f3316ee82091444bc3e32ba615144.tar.gz systemtap-steved-ef30b199413f3316ee82091444bc3e32ba615144.tar.xz systemtap-steved-ef30b199413f3316ee82091444bc3e32ba615144.zip