From fc03e8e8d406640d6dfa73f9e3890086c9bfb75f Mon Sep 17 00:00:00 2001 From: ddomingo Date: Tue, 28 Oct 2008 14:04:21 +1000 Subject: changes as per wcohen, minor additions --- .../en-US/Array-Operations.xml | 232 +++++++++++++++++++++ doc/SystemTap_Beginners_Guide/en-US/Arrays.xml | 85 ++------ .../en-US/ScriptConstructs.xml | 63 ++++-- doc/SystemTap_Beginners_Guide/en-US/Scripts.xml | 21 +- .../en-US/Understanding_How_SystemTap_Works.xml | 1 + .../en-US/Useful_Scripts-disktop.xml | 89 ++++---- .../en-US/Useful_Scripts-functioncalls.xml | 24 +-- .../en-US/Useful_Scripts-futexes.xml | 62 +++--- .../en-US/Useful_Scripts-inodewatch.xml | 28 +-- .../en-US/Useful_Scripts-inodewatch2.xml | 30 +-- .../en-US/Useful_Scripts-iotop.xml | 54 ++--- .../en-US/Useful_Scripts-nettop.xml | 111 +++++----- .../en-US/Useful_Scripts-paracallgraph.xml | 46 ++-- .../en-US/Useful_Scripts-sockettrace.xml | 58 +++--- .../en-US/Useful_Scripts-threadtimes.xml | 146 ++++++------- .../en-US/Useful_Scripts-traceio.xml | 51 ++--- .../en-US/Useful_Scripts-traceio2.xml | 26 ++- .../en-US/Useful_SystemTap_Scripts.xml | 9 +- 18 files changed, 702 insertions(+), 434 deletions(-) create mode 100644 doc/SystemTap_Beginners_Guide/en-US/Array-Operations.xml (limited to 'doc/SystemTap_Beginners_Guide/en-US') diff --git a/doc/SystemTap_Beginners_Guide/en-US/Array-Operations.xml b/doc/SystemTap_Beginners_Guide/en-US/Array-Operations.xml new file mode 100644 index 00000000..ebac139f --- /dev/null +++ b/doc/SystemTap_Beginners_Guide/en-US/Array-Operations.xml @@ -0,0 +1,232 @@ + + + +
+ Array Operations in SystemTap + +This section enumerates some of the most commonly used array operations in SystemTap. + +
+ Assigning an Associated Value + Use = to set an associated value to indexed unique pairs, as in: + + +array_name[index_expression] = value + + + shows a very basic example of how to set an explicit associated value to a unique key. You can also use a handler function as both your index_expression and value. For example, you can use arrays to set a timestamp as the associated value to a process name (which you wish to use as your unique key), as in: + + + Associating Timestamps to Process Names + +foo[execname()] = gettimeofday_s() + + + +Whenever an event invokes the statement in , SystemTap returns the appropriate execname() value (i.e. the name of a process, which is then used as the unique key). At the same time, SystemTap also uses the function gettimeofday_s() to set the corresponding timestamp as the associated value to the unique key defined by the function execname(). This creates an array composed of key pairs containing process names and timestamps. + +In this same example, if execname() returns a value that is already defined in the array foo, the operator will discard the original associated value to it, and replace it with the current timestamp from gettimeofday_s(). +
+
+ Reading Values From Arrays + You can also use the = operator to read values from an array. This is accomplished by simply including the array_name[index_expression] as an element in a mathematical expression. For example: + + + Using Array Values in Simple Computations + +foo[execname()] = gettimeofday_s() +delta = gettimeofday_s() - foo[execname()] + + + +In , the first statement sets a timestamp associated with the returned value of the handler function execname() as a reference point. The second statement computes a value for the variable delta by subtracting the associated value the reference point from the current gettimeofday_s(). + +In this situation, if the index_expression cannot find the unique key, it returns a null value (zero) by default. +
+
+ Incrementing Associated Values + Use ++ to increment the associated value of a unique key in an array, as in: + + +array_name[index_expression] ++ + + +Again, you can also use a handler function for your index_expression. For example, if you wanted to tally how many times a specific process performed a read to the virtual file system (using the event kernel.function("vfs_read")), you can use the following probe: + + + vfsreads.stp + +probe kernel.function("vfs_read") +{ + reads[execname()] ++ +} + + + +In , the first time that the probe returns the process name gnome-terminal (i.e. the first time gnome-terminal performs a VFS read), that process name is set as the unique key gnome-terminal with an associated value of 1. The next time that the probe returns the process name gnome-terminal, SystemTap increments the associated value of gnome-terminal by 1. SystemTap performs this operation for all process names as the probe returns them. +
+ +
+ Processing Elements in a Tuple as Iterations + Once you've collected enough information in an array, you will need to retrieve and process all elements in that array to make it useful. Consider : the script collects information about how many VFS reads each process performs, but does not specify what to do with it. The obvious means for making useful is to print the key pairs in the array reads, but how? + + The best way to process all elements in a tuple (treating each element as an iteration) is to use the foreach statement. Consider the following example: + + + cumulative-vfsreads.stp + +global reads +probe kernel.function("vfs_read") +{ + reads[execname()] ++ +} +probe timer.s(3) +{ + foreach (count in reads) + printf("%s : %d \n", count, reads[count]) +} + + + +In the second probe of , the foreach statement uses the variable count to reference each iteration of a unique key in the array reads. The reads[count] array statement in the same probe retrieves the associated value of each unique key. + +Given what we know about the first probe in , the script prints VFS-read statistics every 3 seconds, displaying names of processes that performed a VFS-read along with a corresponding VFS-read count. + +Now, remember that the foreach statement in prints all iterations of process names in the array, and in no particular order. You can instruct the script to process the iterations in a particular order by using + (ascending) or - (descending). In addition, you can also limit the number of iterations the script needs to process with the limit value option. + +For example, consider the following replacement probe: + +probe timer.s(3) +{ + foreach (count in reads+ limit 4) + printf("%s : %d \n", count, reads[count]) +} + + +This foreach statement instructs the script to process the elements in the array reads in ascending order (of associated value). The limit 4 option instructs the script to only process the first four elements in the array (i.e. the first 4, starting with the lowest value). +
+ +
+ Clearing/Deleting Arrays and Array Elements + + Sometimes, you may need to clear the associated values in array elements, or reset an entire array for re-use in another probe. in allows you to track how the number of VFS reads per process grows over time, but it does not show you the number of VFS reads each process makes per 3-second period. + + To do that, you will need to clear the values accumulated by the array. You can accomplish this using the delete operator to delete elements in an array, or an entire array. Consider the following example: + + + vfsreads-per-2secs.stp + +global reads +probe kernel.function("vfs_read") +{ + reads[execname()] ++ +} +probe timer.s(2) +{ + printf("=======\n") + foreach (count in reads+) + printf("%s : %d \n", count, reads[count]) + delete reads +} + + + +In , the second probe prints the number of VFS reads each process made within the probed 2-second period only. The delete reads statement clears the reads array within the probe. + + + Note + You can have multiple array operations within the same probe. Using the examples from and , you can track the number of VFS reads each process makes per 2-second period and tally the cumulative VFS reads of those same processes. Consider the following example: + + +global reads, totalreads + +probe kernel.function("vfs_read") +{ + reads[execname()] ++ + totalreads[execname()] ++ +} + +probe timer.s(2) +{ + printf("=======\n") + foreach (count in reads+) + printf("%s : %d \n", count, reads[count]) + delete reads + +} +probe end +{ + printf("TOTALS\n") + foreach (total in totalreads+) + printf("%s : %d \n", total, totalreads[total]) +} + + +In this example, the arrays reads and totalreads track the same information, and are printed out in a similar fashion. The only difference here is that reads is cleared every 2-second period, whereas totalreads keeps growing. + +
+
+ Using Arrays in Conditional Statements + +You can also use associative arrays in if statements. This is useful if you want to execute a subroutine once a value in the array matches a certain condition. Consider the following example: + + + vfsreads-stop-on-stapio.stp + +global reads +probe kernel.function("vfs_read") +{ + reads[execname()] ++ +} +probe timer.s(2) +{ + printf("=======\n") + foreach (count in reads+) + printf("%s : %d \n", count, reads[count]) + if(reads["stapio"] >= 20) + {exit()} +} + + + +The if(reads["stapio"] >= 20) instructs the script to execute the subroutine exit() once the value associated with the unique key stapio (in the array reads) is greater than or equal to 20. + + + Testing for Membership +You can also test whether a specific unique key is a member of an array. Further, membership in an array can be used in if statements, as in: + + + +if([index_expression] in array_name + + +To illustrate this, consider the following example: + + + vfsreads-stop-on-stapio2.stp + +global reads + +probe kernel.function("vfs_read") +{ + reads[execname()] ++ +} + +probe timer.s(2) +{ + printf("=======\n") + foreach (count in reads+) + printf("%s : %d \n", count, reads[count]) + if(["stapio"] in reads) + {printf("stapio read detected, exiting\n") + exit() + } +} + + + +The if(["stapio"] in reads) statement instructs the script to print stapio read detected, exiting once the unique key stapio is added to the array reads. +
+ +
\ No newline at end of file diff --git a/doc/SystemTap_Beginners_Guide/en-US/Arrays.xml b/doc/SystemTap_Beginners_Guide/en-US/Arrays.xml index 0df6c817..6fc99f1d 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Arrays.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Arrays.xml @@ -5,15 +5,15 @@
Associative Arrays -SystemTap also supports the use of associative arrays. While an ordinary variable represents a single value, associative arrays can represent a list of values arranged in tabular format. Simply put, an associative array is a collection of unique keys; each key in the array has a value associated with it. Illustrating this visually would be similar to creating a two-column table: the first column would have the unique key, while the second column would have each key's associated value. Each unique key and its associated value is referred to as a key pair. +SystemTap also supports the use of associative arrays. While an ordinary variable represents a single value, associative arrays can represent a list of values. Simply put, an associative array is a collection of unique keys; each key in the array has a value associated with it. Illustrating this visually would be similar to creating a two-column table: the first column would have the unique key, while the second column would have each key's associated value. Each unique key and its associated value is referred to as a key pair. -Since associative arrays are normally processed in multiple probes (as we will demonstrate later), they are declared as global variables in the SystemTap script. The syntax for manipulating arrays is similar to that of awk, and is as follows: +Since associative arrays are normally processed in multiple probes (as we will demonstrate later), they are declared as global variables in the SystemTap script. The syntax for manipulating arrays (i.e. accessing elements in an associative array) is similar to that of awk, and is as follows: -array_name[index expression] operation +array_name[index_expression] operation -Here, the array_name is any arbitrary name the array uses. The index expression is used to refer to a specific unique key (or set of unique keys) in the array, and the operation defines what to do with the index expression. To illustrate, let us try to build an array named foo that specifies the ages of three people (i.e. the unique keys): tom, dick, and harry. To assign them the ages (i.e. associated values) of 23, 24, and 25 respectively, we'd use the following array statements: +Here, the array_name is any arbitrary name the array uses. The index_expression is used to refer to a specific unique key (or set of unique keys) in the array, and the operation defines what to do with the index_expression. To illustrate, let us try to build an array named foo that specifies the ages of three people (i.e. the unique keys): tom, dick, and harry. To assign them the ages (i.e. associated values) of 23, 24, and 25 respectively, we'd use the following array statements: @@ -25,9 +25,15 @@ foo["harry"] = 25 + + Important + Arrays are normally used in multiple probes throughout a script: in most cases, one probe builds the arrays while another probe processes the information collected by the array (e.g. print its elements). Since the treatment of arrays is similar to that of variables, arrays must also be declared globally with the statement global when they are used by multiple probes. + + +
Tuples -Another important point to remember in arrays is that each exists in a slot in the array. A key pair's slot is defined by the order in which each pair's unique key is defined. In our sample array foo in , the key pair that uses the unique key tom is in the first slot, since tom was the first unique key to be defined. dick is in the second slot, and so on. +Another important point to remember in arrays is that each element therein (i.e. the indexed expression) exists in a slot. A key pair's slot is defined by the order in which each pair's unique key is defined. In our sample array foo in , the key pair that uses the unique key tom is in the first slot, since tom was the first unique key to be defined. dick is in the second slot, and so on. The sequence in which each key pair appears in an array (as defined by each pair's slot) is referred to as a tuple. Tuples allow us to refer to key pairs in an array by the order in which they appear in the sequence. @@ -46,7 +52,7 @@ foo[2] ++ Note - You can specify up to 5 index index expressons in an array statement, each one delimited by a comma (,). This is useful if you wish to perform the same operation to a set of key pairs. For example, to increase the associated value of all the key pairs defined by , you can use the following statement: + You can specify up to 5 index expressons in an array statement, each one delimited by a comma (,). This is useful if you wish to perform the same operation to a set of key pairs. For example, to increase the associated value of all the key pairs defined by , you can use the following statement: foo["tom",2,"harry"] ++ @@ -55,63 +61,7 @@ foo["tom",2,"harry"] ++
- -
- Commonly Used Array Operators in SystemTap - -This section enumerates some of the most commonly used array operators in SystemTap. - - - - - Assigning Associated Value - - Use = to set an associated value to indexed unique pairs, as in: - -array_name[index expression] = value - - - shows a very basic example of how to set an explicit associated value to a unique key. You can also use a handler function as both your index expression and value. For example, you can use arrays to set a timestamp as the associated value to a process name (which you wish to use as your unique key), as in: - - - Associating Timestamps to Process Names - -foo[execname()] = gettimeofday_s() - - - -Whenever an event invokes the statement in , SystemTap returns the appropriate execname() value (i.e. the name of a process, which is then used as the unique key). At the same time, SystemTap also uses the function gettimeofday_s() to set the corresponding timestamp as the associated value to the unique key defined by the function execname(). This creates an array composed of key pairs containing process names and timestamps. - -In this same example, if execname() returns a value that is already defined in the array foo, the operator will discard the original associated value to it, and replace it with the current timestamp from gettimeofday_s(). - - - - - Incrementing Associated Values - - Use ++ to increment the associated value of a unique key in an array, as in: - -array_name[index expression] ++ - - -Again, you can also use a handler function for your index expression. For example, if you wanted to tally how many times a specific process performed a read to the virtual file system (using the event kernel.function("vfs_read")), you can use the following probe: - - - vfsreads.stp - - -probe kernel.function("vfs_read") -{ - reads[execname()] ++ -} - - - - -In , the first time that the probe returns the process name gnome-terminal (i.e. the first time gnome-terminal performs a VFS read), that process name is set as the unique key gnome-terminal with an associated value of 1. The next time that the probe returns the process name gnome-terminal, SystemTap increments the associated value of gnome-terminal by 1. SystemTap performs this operation for all process names as the probe returns them. - - - + - - -need to add a link to a more complete list of commonly used array operators! -
- - + @@ -139,7 +84,7 @@ probe kernel.function("vfs_read") The simplest form of data manipulation in associative arrays is incrementing the associated value of a unique key in the array. The syntax for this operation is as follows: -array_name[index expression"] ++ +array_name[index_expression"] ++ Here, the ++ operation instructs SystemTap to increment the associated value of unique_key by value. For example, to increase the associated value of unique key hello in array foo by 4, use: diff --git a/doc/SystemTap_Beginners_Guide/en-US/ScriptConstructs.xml b/doc/SystemTap_Beginners_Guide/en-US/ScriptConstructs.xml index 42054cb9..b1f40669 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/ScriptConstructs.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/ScriptConstructs.xml @@ -47,9 +47,7 @@ probe timer.jiffies(100) { count_jiffies ++ } In some cases, such as in , a variable may be declared without any specific value as yet. You need to declare such values as integers using the notation ++. --> -
- - +
Conditional Statements @@ -74,20 +72,21 @@ if (condition) ifelse.stp global countread, countnonread -probe vfs.read,vfs.write +probe kernel.function("vfs_read"),kernel.function("vfs_write") { if (probefunc()=="vfs_read") { countread ++ } else {countnonread ++} } -probe timer.s(5) { - exit()} -probe end { - printf("VFS reads total %d\n VFS writes total %d\n", countread, countnonread)} +probe timer.s(5) { exit() } +probe end +{ + printf("VFS reads total %d\n VFS writes total %d\n", countread, countnonread) +} - is a script that counts how many virtual file system reads (vfs.read) and writes (vfs.write) the system performs within a 5-second span. When run, the script increments the value of the variable countread by 1 if the name of the function it probed matches vfs_read (as noted by the condition if (probefunc()=="vfs_read")); otherwise, it increments countnonread (else {countnonread ++}). + is a script that counts how many virtual file system reads (vfs_read) and writes (vfs_write) the system performs within a 5-second span. When run, the script increments the value of the variable countread by 1 if the name of the function it probed matches vfs_read (as noted by the condition if (probefunc()=="vfs_read")); otherwise, it increments countnonread (else {countnonread ++}). @@ -103,11 +102,11 @@ while (condition) {statement while.stp -global foo -probe timer.s(1) { -foo ++ -while (foo<6) {printf("hello world\n")} -printf("goodbye world\n") +global foo +probe timer.s(1) { +foo ++ +while (foo<6) {printf("hello world\n")} +printf("goodbye world\n") @@ -137,10 +136,40 @@ for (argument1; argument2; --> - -These constructs are better illustrated in the different examples available in . + + +need simple, simple examples for FOR and WHILE + + + Conditional Operators +Aside from == ("is equal to"), you can also use the following operators in your conditional statements: + + + + + + >= + + Greater than or equal to + + + + + <= + + Less than or equal to + + + + + != + + Is not equal to + + -will get back to these ones later +
Command-Line Arguments diff --git a/doc/SystemTap_Beginners_Guide/en-US/Scripts.xml b/doc/SystemTap_Beginners_Guide/en-US/Scripts.xml index fad12dee..ca360e06 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Scripts.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Scripts.xml @@ -38,9 +38,23 @@ SystemTap scripts use the file extension .stp, and are written in the following format: - + probe event, {handler} - + + + + Sometimes, you may need to recycle a handler accross multiple probes. Rather than rewrite handler statements accross probes, you can simply recycle them using functions, as in: + + + +function function_name {handler1} +probe event {function_name} + + +Here, the probe executes handler1 as the handler for the probed event. + + + @@ -353,13 +367,14 @@ hald(2360) open A string describing the probe point currently being handled. - + thread_indent() diff --git a/doc/SystemTap_Beginners_Guide/en-US/Understanding_How_SystemTap_Works.xml b/doc/SystemTap_Beginners_Guide/en-US/Understanding_How_SystemTap_Works.xml index 81926b34..f63a8ca5 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Understanding_How_SystemTap_Works.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Understanding_How_SystemTap_Works.xml @@ -53,6 +53,7 @@
+ diff --git a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-functioncalls.xml b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-functioncalls.xml index 4ebfa6fa..0be71417 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-functioncalls.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-functioncalls.xml @@ -19,19 +19,10 @@ no script in examples This section describes how to identify how many times the system called a specific kernel function in a 30-second sample. Depending on your use of wildcards, you can also use this script to target multiple kernel functions. - countcalls.stp + functioncallcount.stp -probe kernel.function(@1) { # probe function passed as argument from stdin -called[probefunc()] <<< 1 # add a count efficiently -} -global called -probe end,timer.ms(30000) { - foreach (fn+ in called) # Sort by function name - # (fn in called-) # Sort by call count (in decreasing order) - printf("%s %d\n", fn, @count(called[fn])) - exit() -} + @@ -74,7 +65,16 @@ atomic_inc_and_test 1 [...] - + diff --git a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-futexes.xml b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-futexes.xml index 64a3f1c1..6f61d456 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-futexes.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-futexes.xml @@ -23,10 +23,39 @@ no script in examples To do this, probes the futex system call. - futexcontention.stp + futexes.stp -global thread_thislock # short + + + + + + needs to be manually stopped; upon exit, it prints the following information: + + + Name and ID of the process responsible for a contention + The region of memory it contested + How many times the region of memory was contended + Average time of contention throughout the probe + + + contains an excerpt from the output of upon exiting the script (after approximately 20 seconds). + + + + <xref linkend="futexcontention"/> Sample Output + +[...] +automount[2825] lock 0x00bc7784 contended 18 times, 999931 avg us +synergyc[3686] lock 0x0861e96c contended 192 times, 101991 avg us +synergyc[3758] lock 0x08d98744 contended 192 times, 101990 avg us +synergyc[3938] lock 0x0982a8b4 contended 192 times, 101997 avg us +[...] + + + + diff --git a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-inodewatch.xml b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-inodewatch.xml index 96e58bb4..55465428 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-inodewatch.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-inodewatch.xml @@ -19,20 +19,10 @@ no script in examples This section describes how to monitor reads from and writes to a file in real time. - inodewatch.stp + inodewatch-simple.stp -probe kernel.function ("vfs_write"), - kernel.function ("vfs_read") -{ - dev_nr = $file->f_dentry->d_inode->i_sb->s_dev - inode_nr = $file->f_dentry->d_inode->i_ino - - if (dev_nr == ($1 << 20 | $2) # major/minor device - && inode_nr == $3) - printf ("%s(%d) %s 0x%x/%u\n", - execname(), pid(), probefunc(), dev_nr, inode_nr) -} + @@ -66,6 +56,20 @@ cat(16437) vfs_read 0x800005/1078319 + diff --git a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-inodewatch2.xml b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-inodewatch2.xml index 28dbcf75..d13f3a79 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-inodewatch2.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-inodewatch2.xml @@ -19,21 +19,10 @@ no script in examples This section describes how to monitor if any processes are changing the attributes of a targeted file, in real time. - inodewatch2.stp + inodewatch2-simple.stp -global ATTR_MODE = 1 - -probe kernel.function("inode_setattr") { - dev_nr = $inode->i_sb->s_dev - inode_nr = $inode->i_ino - - if (dev_nr == ($1 << 20 | $2) # major/minor device - && inode_nr == $3 - && $attr->ia_valid & ATTR_MODE) - printf ("%s(%d) %s 0x%x/%u %o %d\n", - execname(), pid(), probefunc(), dev_nr, inode_nr, $attr->ia_mode, uid()) - } + @@ -51,7 +40,22 @@ chmod(17448) inode_setattr 0x800005/6011835 100777 500 chmod(17449) inode_setattr 0x800005/6011835 100666 500 + diff --git a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-iotop.xml b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-iotop.xml index 42b9e025..9c56c971 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-iotop.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-iotop.xml @@ -11,31 +11,7 @@ iotop.stp -global reads, writes, total_io - -probe kernel.function("vfs_read") { - reads[execname()] += $count -} - -probe kernel.function("vfs_write") { - writes[execname()] += $count -} - -# print top 10 IO processes every 5 seconds -probe timer.s(5) { - foreach (name in writes) - total_io[name] += writes[name] - foreach (name in reads) - total_io[name] += reads[name] - printf ("%16s\t%10s\t%10s\n", "Process", "KB Read", "KB Written") - foreach (name in total_io- limit 10) - printf("%16s\t%10d\t%10d\n", name, - reads[name]/1024, writes[name]/1024) - delete reads - delete writes - delete total_io - print("\n") -} + @@ -73,4 +49,32 @@ probe timer.s(5) { displays top I/O writes and reads within a random 10-second interval. Note that also detects I/O resulting from SystemTap activity — also displays reads done by staprun. + + \ No newline at end of file diff --git a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-nettop.xml b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-nettop.xml index 331f49a6..40b5ac08 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-nettop.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-nettop.xml @@ -22,59 +22,7 @@ nettop.stp -global ifxmit, ifrecv, ifdevs, ifpid, execname, user - -probe netdev.transmit -{ - p = pid() - execname[p] = execname() - user[p] = uid() - ifdevs[p, dev_name] = dev_name - ifxmit[p, dev_name] <<< length - ifpid[p, dev_name] ++ -} - -probe netdev.receive -{ - p = pid() - execname[p] = execname() - user[p] = uid() - ifdevs[p, dev_name] = dev_name - ifrecv[p, dev_name] <<< length - ifpid[p, dev_name] ++ -} - - -function print_activity() -{ - printf("%5s %5s %-7s %7s %7s %7s %7s %-15s\n", - "PID", "UID", "DEV", "XMIT_PK", "RECV_PK", - "XMIT_KB", "RECV_KB", "COMMAND") - - foreach ([pid, dev] in ifpid-) { - n_xmit = @count(ifxmit[pid, dev]) - n_recv = @count(ifrecv[pid, dev]) - printf("%5d %5d %-7s %7d %7d %7d %7d %-15s\n", - pid, user[pid], dev, n_xmit, n_recv, - n_xmit ? @sum(ifxmit[pid, dev])/1024 : 0, - n_recv ? @sum(ifrecv[pid, dev])/1024 : 0, - execname[pid]) - } - - print("\n") - - delete execname - delete user - delete ifdevs - delete ifxmit - delete ifrecv - delete ifpid -} - -probe timer.ms(5000) -{ - print_activity() -} + @@ -126,6 +74,61 @@ probe timer.ms(5000) - + diff --git a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-paracallgraph.xml b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-paracallgraph.xml index 8547a235..9d726177 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-paracallgraph.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-paracallgraph.xml @@ -19,29 +19,10 @@ This section describes how to trace incoming and outgoing function calls. - para-callgraph.stp + para-callgraph-simple.stp -function trace(entry_p) { - if(tid() in trace) - printf("%s%s%s\n",thread_indent(entry_p), - (entry_p>0?"->":"<-"), - probefunc()) -} - -global trace -probe kernel.function(@1).call { - if (execname() == "stapio") next # skip our own helper process - trace[tid()] = 1 - trace(1) -} -probe kernel.function(@1).return { - trace(-1) - delete trace[tid()] -} - -probe kernel.function(@2).call { trace(1) } -probe kernel.function(@2).return { trace(-1) } + @@ -94,6 +75,29 @@ probe kernel.function(@2).return { trace(-1) } + diff --git a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-sockettrace.xml b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-sockettrace.xml index 43173516..a0afd2c7 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-sockettrace.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-sockettrace.xml @@ -15,15 +15,10 @@ This section describes how to trace functions called from the kernel's net/socket.c file. This task helps you identify, in finer detail, how each process interacts with the network at the kernel level. - sockettrace.stp + socket-trace.stp -probe kernel.function("*@net/socket.c").call { - printf ("%s -> %s\n", thread_indent(1), probefunc()) -} -probe kernel.function("*@net/socket.c").return { - printf ("%s <- %s\n", thread_indent(-1), probefunc()) -} + @@ -34,24 +29,24 @@ probe kernel.function("*@net/socket.c").return { <xref linkend="sockettrace"/> Sample Output [...] -0 Xorg(3611): -> sock_poll -3 Xorg(3611): <- sock_poll -0 Xorg(3611): -> sock_poll -3 Xorg(3611): <- sock_poll -0 gnome-terminal(11106): -> sock_poll -5 gnome-terminal(11106): <- sock_poll -0 scim-bridge(3883): -> sock_poll -3 scim-bridge(3883): <- sock_poll -0 scim-bridge(3883): -> sys_socketcall -4 scim-bridge(3883): -> sys_recv -8 scim-bridge(3883): -> sys_recvfrom -12 scim-bridge(3883):-> sock_from_file -16 scim-bridge(3883):<- sock_from_file -20 scim-bridge(3883):-> sock_recvmsg -24 scim-bridge(3883):<- sock_recvmsg -28 scim-bridge(3883): <- sys_recvfrom -31 scim-bridge(3883): <- sys_recv -35 scim-bridge(3883): <- sys_socketcall +0 Xorg(3611): -> sock_poll +3 Xorg(3611): <- sock_poll +0 Xorg(3611): -> sock_poll +3 Xorg(3611): <- sock_poll +0 gnome-terminal(11106): -> sock_poll +5 gnome-terminal(11106): <- sock_poll +0 scim-bridge(3883): -> sock_poll +3 scim-bridge(3883): <- sock_poll +0 scim-bridge(3883): -> sys_socketcall +4 scim-bridge(3883): -> sys_recv +8 scim-bridge(3883): -> sys_recvfrom +12 scim-bridge(3883):-> sock_from_file +16 scim-bridge(3883):<- sock_from_file +20 scim-bridge(3883):-> sock_recvmsg +24 scim-bridge(3883):<- sock_recvmsg +28 scim-bridge(3883): <- sys_recvfrom +31 scim-bridge(3883): <- sys_recv +35 scim-bridge(3883): <- sys_socketcall [...] @@ -67,5 +62,16 @@ probe kernel.function("*@net/socket.c").return { The name of the function called by the process. - + + + diff --git a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-threadtimes.xml b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-threadtimes.xml index ccf8f8d0..16e843f6 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-threadtimes.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-threadtimes.xml @@ -15,92 +15,96 @@ This section illustrates how to determine the amount of time any given thread is spending in either kernel or user-space. - threadtimes.stp + thread-times.stp -function pc:long () %{ /* pure */ - if (CONTEXT->regs) - THIS->__retvalue = (uint64_t) REG_IP (CONTEXT->regs); -%} - -function kta:long (pc:long) %{ /* pure */ /* is given PC a kernel text address? */ -#if defined (__ia64__) - THIS->__retvalue = ((unsigned long)REG_IP(CONTEXT->regs) >= (unsigned long)KERNEL_START); -#else - THIS->__retvalue = ((unsigned long)REG_IP(CONTEXT->regs) >= (unsigned long)PAGE_OFFSET); -#endif -%} - -probe timer.profile { - tid=tid() - kernel_p = kta(pc()) - if (kernel_p) - kticks[tid] <<< 1 - else - uticks[tid] <<< 1 - ticks <<< 1 -} - -global uticks, kticks, ticks - -global tids - -probe timer.s(10), end { - # gather all seen tids into a single array - foreach (tid in kticks) tids[tid] += @count(kticks[tid]) - foreach (tid in uticks) tids[tid] += @count(uticks[tid]) - - allticks = @count(ticks) - printf ("%5s %7s %7s (of %d ticks)\n", "tid", "%user", "%kernel", allticks) - foreach (tid in tids- limit 20) { - uscaled = @count(uticks[tid])*10000/allticks - kscaled = @count(kticks[tid])*10000/allticks - printf ("%5d %3d.%02d%% %3d.%02d%%\n", - tid, uscaled/100, uscaled%100, kscaled/100, kscaled%100) - } - printf("\n") - - delete uticks - delete kticks - delete ticks - delete tids -} + lists the top 20 processes currently taking up CPU time within a 5-second sample, along with the total number of CPU ticks made during the sample. The output of this script also notes the percentage of CPU time each process used, as well as whether that time was spent in kernel space or user space. - -To run , you need to use the -g option (i.e. stap -g threadtimes.stp). This is because the script contains embedded C. + contains a 5-second sample of the output for : <xref linkend="threadtimes"/> Sample Output - tid %user %kernel (of 20002 ticks) - 0 0.00% 87.88% -32169 5.24% 0.03% - 9815 3.33% 0.36% - 9859 0.95% 0.00% - 3611 0.56% 0.12% - 9861 0.62% 0.01% -11106 0.37% 0.02% -32167 0.08% 0.08% - 3897 0.01% 0.08% - 3800 0.03% 0.00% - 2886 0.02% 0.00% - 3243 0.00% 0.01% - 3862 0.01% 0.00% - 3782 0.00% 0.00% -21767 0.00% 0.00% - 2522 0.00% 0.00% - 3883 0.00% 0.00% - 3775 0.00% 0.00% - 3943 0.00% 0.00% - 3873 0.00% 0.00% + tid %user %kernel (of 20002 ticks) + 0 0.00% 87.88% +32169 5.24% 0.03% + 9815 3.33% 0.36% + 9859 0.95% 0.00% + 3611 0.56% 0.12% + 9861 0.62% 0.01% +11106 0.37% 0.02% +32167 0.08% 0.08% + 3897 0.01% 0.08% + 3800 0.03% 0.00% + 2886 0.02% 0.00% + 3243 0.00% 0.01% + 3862 0.01% 0.00% + 3782 0.00% 0.00% +21767 0.00% 0.00% + 2522 0.00% 0.00% + 3883 0.00% 0.00% + 3775 0.00% 0.00% + 3943 0.00% 0.00% + 3873 0.00% 0.00% + diff --git a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-traceio.xml b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-traceio.xml index 51f57f6f..892d95ef 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-traceio.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-traceio.xml @@ -12,29 +12,7 @@ traceio.stp -global reads, writes, total_io - -probe kernel.function("vfs_read").return { - reads[execname()] += $return -} - -probe kernel.function("vfs_write").return { - writes[execname()] += $return -} - -probe timer.s(1) { - foreach (p in reads) - total_io[p] += reads[p] - foreach (p in writes) - total_io[p] += writes[p] - foreach(p in total_io- limit 10) - printf("%15s r: %8d KiB w: %8d KiB\n", - p, reads[p]/1024, - writes[p]/1024) - printf("\n") - # Note we don't zero out reads, writes and total_io, - # so the values are cumulative since the script started. -} + @@ -68,6 +46,31 @@ pam_timestamp_c r: 138 KiB w: 0 KiB cupsd r: 4 KiB w: 18 KiB - + + + diff --git a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-traceio2.xml b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-traceio2.xml index 342f163b..263d9b69 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-traceio2.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Useful_Scripts-traceio2.xml @@ -22,21 +22,16 @@ - traceio2.stp + traceio2-simple.stp -probe kernel.function ("vfs_write"), - kernel.function ("vfs_read") -{ - dev_nr = $file->f_dentry->d_inode->i_sb->s_dev - inode_nr = $file->f_dentry->d_inode->i_ino - if (dev_nr == ($1 << 20 | $2)) - printf ("%s(%d) %s 0x%x\n", execname(), pid(), probefunc(), dev_nr) -} + +in new SystemTap, returned a warning, but ran ok. + For some kernel versions (e.g. 2.6.21-1.3194.fc7), you may need to revise accordingly. SystemTap will output the following error if you need to do so: @@ -74,7 +69,18 @@ cupsd(2889) vfs_write 0x800005 cupsd(2889) vfs_write 0x800005 [...] - + + + + diff --git a/doc/SystemTap_Beginners_Guide/en-US/Useful_SystemTap_Scripts.xml b/doc/SystemTap_Beginners_Guide/en-US/Useful_SystemTap_Scripts.xml index 49c10b9f..6007b3e2 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Useful_SystemTap_Scripts.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Useful_SystemTap_Scripts.xml @@ -5,11 +5,11 @@ Useful SystemTap Scripts - This chapter enumerates several SystemTap scripts you can use to monitor and investigate different subsystems. All of these scripts are available at the following link: - + This chapter enumerates several SystemTap scripts you can use to monitor and investigate different subsystems. All of these scripts are available at /usr/share/systemtap/testsuite/systemtap.examples/ once you install the systemtap-testsuite RPM. + short intro, reference to online source (http://sourceware.org/systemtap/examples/subsystem-index.html); "always updated" @@ -29,7 +29,8 @@ - + -- cgit