From c7415f95827be9b6bee3e635d0118231cdd8b638 Mon Sep 17 00:00:00 2001 From: ddomingo Date: Wed, 1 Oct 2008 09:29:07 +1000 Subject: removed brackets in replaceables, my mistake --- doc/SystemTap_Beginners_Guide/en-US/Scripts.xml | 32 ++++++++++++------------- 1 file changed, 16 insertions(+), 16 deletions(-) (limited to 'doc/SystemTap_Beginners_Guide/en-US/Scripts.xml') diff --git a/doc/SystemTap_Beginners_Guide/en-US/Scripts.xml b/doc/SystemTap_Beginners_Guide/en-US/Scripts.xml index 160597bf..fec9aee7 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Scripts.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Scripts.xml @@ -36,11 +36,11 @@ -probe [event], -[another event] +probe event, +another event { - [handler] + handler exit() } @@ -66,7 +66,7 @@ probe [event], - kernel.function("[function]") + kernel.function("function") The entry to the kernel function function. For example, kernel.function("sys_open") refers to the "event" that occurs when the kernel function sys_open is called by any thread in the system. To specify the return of the kernel function sys_open, append the return string to the event statement; i.e. kernel.function("sys_open").return. @@ -83,16 +83,16 @@ probe kernel.function("*@net/socket.c").return { } - syscall.[system_call] + syscall.system_call - The entry to the system call [system_call]. Similar to kernel.function, appending a return to the statement specifies the exit of the system call. For example, to specify the entry of the system call close, use syscall.close.return. + The entry to the system call system_call. Similar to kernel.function, appending a return to the statement specifies the exit of the system call. For example, to specify the entry of the system call close, use syscall.close.return. To identify what system calls are made by a specific program/command, use strace command. - module("[module]").function("[function]") + module("module").function("function") Allows you to probe functions within modules. For example: @@ -108,7 +108,7 @@ probe kernel.function("*@net/socket.c").return { } - A system's loaded modules are typically located in /lib/modules/[kernel version], where kernel version refers to the currently loaded kernel. Modules use the filename extension .ko. + A system's loaded modules are typically located in /lib/modules/kernel version, where kernel version refers to the currently loaded kernel. Modules use the filename extension .ko. @@ -160,15 +160,15 @@ probe timer.ms(4000) -timer.s([seconds]) +timer.s(seconds) -timer.us([microseconds]) +timer.us(microseconds) -timer.ns([nanoseconds]) +timer.ns(nanoseconds) -timer.hz([hertz]) +timer.hz(hertz) -timer.jiffies([jiffies]) +timer.jiffies(jiffies) @@ -238,11 +238,11 @@ probe begin -printf ("[format string]\n", [argument]) +printf ("format string\n", argument) - The [format string] region specifies how [argument] should be displayed. The format string of simply instructs SystemTap to print hello world, and contains no arguments. + The format string region specifies how argument should be displayed. The format string of simply instructs SystemTap to print hello world, and contains no arguments. @@ -411,7 +411,7 @@ probe kernel.function("*@net/socket.c").return SystemTap scripts go one step further by allowing you more flexibility with regard to handlers. Events serve as the triggers for handlers to run; handlers can be specified to trap specified data and print it in a certain manner. @@ -37,16 +40,14 @@ probe event, -another event { handler - - exit() } - The exit() condition is optional; this condition safely terminates the session once the script successfully traps the required information the first time. - + Important @@ -59,9 +60,13 @@ probe event, SystemTap events can be broadly classified into two types: synchronous and asynchronous. Synchronous Events - A synchronous event occurs when any processor executes an instruction matched by the specification. This gives other events a reference point (or instruction address) from which more contextual data may be available. +A synchronous event occurs when any process executes an instruction that references a particular location in kernel code. This gives other events a reference point from which more contextual data may be available. + + + + Examples of synchronous events include: @@ -70,7 +75,7 @@ probe event, The entry to the kernel function function. For example, kernel.function("sys_open") refers to the "event" that occurs when the kernel function sys_open is called by any thread in the system. To specify the return of the kernel function sys_open, append the return string to the event statement; i.e. kernel.function("sys_open").return. - When defining functions, you can use asterisk (*) for wildcards. You can also trace the entry/exit of a function in a kernel source file. Consider the following example: + When defining functions, you can use asterisk (*) for wildcards. You can also trace the entry or exit of a function in a kernel source file. Consider the following example: Wildcards and Kernel Source Files in an Event probe kernel.function("*@net/socket.c") { } @@ -118,7 +123,8 @@ probe kernel.function("*@net/socket.c").return { } Asynchronous Events - Asynchronous events, on the other hand, do not point to any reference point. This family of probe points consists mainly of counters, timers, and similar constructs. + Asynchronous events, on the other hand, occur as instructed in the probe itself, rather than waiting for a particular instruction in kernel code to be executed by a process. This family of probe points consists mainly of counters, timers, and similar constructs. + Examples of asynchronous events include: @@ -144,19 +150,19 @@ probe kernel.function("*@net/socket.c").return { } timer events - An event that specifies a handler to be executed "after X number of milliseconds". For example: + An event that specifies a handler to be executed every specified period of time. For example: Using timer.ms probe timer.ms(4000) { - exit() + printf("hello world\n") } - is an example of a probe that allows you to terminate the script after 4000 milliseconds. Note that you can also use the following timer events: + is an example of a probe that prints hello world every 4000 milliseconds. Note that you can also use the following timer events: @@ -172,8 +178,12 @@ probe timer.ms(4000) - When used in conjunction with another probe that traps a large quantity of data, timer events allow you to limit the information your script is collecting (and printing out). + When used in conjunction with another probe that collects information that updates periodically, timer events allows you to see how that information changes over time. + @@ -231,7 +241,7 @@ probe begin printf ( ) Statements - The printf () statement is one of the simplest functions for printing data. printf () can also be used to trap data using a wide variety of SystemTap handler functions using the following format: + The printf () statement is one of the simplest functions for printing data. printf () can also be used to display data using a wide variety of SystemTap functions in the following format: @@ -288,13 +298,13 @@ hald(2360) open - Handler Functions - SystemTap supports a wide variety of handler functions that can be used as printf () arguments. uses the handler functions execname() (current process name) and pid() (current process ID). + SystemTap Functions + SystemTap supports a wide variety of functions that can be used as printf () arguments. uses the SystemTap functions execname() (current process name) and pid() (current process ID). -is "handler function" an appropriate term? +is "handler function" an appropriate term? wcohen: use "SystemTap functions" to match up language in man pages - The following is a list of commonly-used handler functions: + The following is a list of commonly-used SystemTap functions: @@ -349,7 +359,7 @@ hald(2360) open thread_indent() - This particular handler function is quite useful, providing you with a way to better organize your print results. When used with an indentation parameter (for example, -1), it allows the probe to internally store an "indentation counter" for each thread (identified by ID, as in tid). It then returns a string with some generic trace data along with an appropriate number of indentation spaces. + This particular function is quite useful, providing you with a way to better organize your print results. When used with an indentation parameter (for example, -1), it allows the probe to internally store an "indentation counter" for each thread (identified by ID, as in tid). It then returns a string with some generic trace data along with an appropriate number of indentation spaces. The generic data included in the returned string includes a timestamp (number of microseconds since the most recent initial indentation), a process name, and the thread ID. This allows you to identify what functions were called, who called them, and the duration of each function call. @@ -405,9 +415,9 @@ probe kernel.function("*@net/socket.c").return --> -For more information about supported handler functions, refer to man stapfuncs. +For more information about supported SystemTap functions, refer to man stapfuncs. -will need a complete listing of supported handler functions? also, handler function descriptions seem ambiguous, please advise. +will need a complete listing of supported handler functions? also, SystemTap function descriptions seem ambiguous, please advise.