From cc20d8532b08f7755642ecb30f22126f7ac332c2 Mon Sep 17 00:00:00 2001 From: Eugene Teo Date: Fri, 3 Apr 2009 13:47:57 -0400 Subject: new process/errsnoop.stp sample script --- testsuite/systemtap.examples/process/errsnoop.meta | 7 ++++ testsuite/systemtap.examples/process/errsnoop.stp | 43 ++++++++++++++++++++++ 2 files changed, 50 insertions(+) create mode 100644 testsuite/systemtap.examples/process/errsnoop.meta create mode 100644 testsuite/systemtap.examples/process/errsnoop.stp (limited to 'testsuite/systemtap.examples/process') diff --git a/testsuite/systemtap.examples/process/errsnoop.meta b/testsuite/systemtap.examples/process/errsnoop.meta new file mode 100644 index 00000000..34b8cb7c --- /dev/null +++ b/testsuite/systemtap.examples/process/errsnoop.meta @@ -0,0 +1,7 @@ +title: tabulate system call errors +name: errsnoop.stp +keywords: process syscall +subsystem: general +description: The script prints a periodic tabular report about failing system calls, by process and by syscall failure. The first optional argument specifies the reporting interval (in seconds, default 5); the second optional argument gives a screen height (number of lines in the report, default 20). +test_check: stap -p4 errsnoop.stp +test_installcheck: stap errsnoop.stp 1 10 -c "sleep 3" diff --git a/testsuite/systemtap.examples/process/errsnoop.stp b/testsuite/systemtap.examples/process/errsnoop.stp new file mode 100644 index 00000000..d9fba3b7 --- /dev/null +++ b/testsuite/systemtap.examples/process/errsnoop.stp @@ -0,0 +1,43 @@ +#!/usr/bin/env stap +# errsnoop.stp +# Copyright (C) 2009 Red Hat, Inc., Eugene Teo +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 as +# published by the Free Software Foundation. +# +# attack "stupid userspace" apps +# + +global error, trace + +probe syscall.* { + # assume syscall don't nest + trace[tid()] = argstr +} + +probe syscall.*.return { + errno = errno_p(returnval()) + if (errno != 0) { + t = tid() + argstr = trace[t] + delete trace[t] + + error[name, execname(), pid(), errno, argstr] <<< 1 + } +} + +probe timer.s(%( $# > 0 %? $1 %: 5 %)) { + ansi_clear_screen() + printf("%17s %15s %5s %4s %-12s %s\n", + "SYSCALL", "PROCESS", "PID", "HITS", "ERRSTR", "ARGSTR") + foreach([fn, comm, pid, errno, argstr] in error- limit %( $# > 1 %? $2 %: 20 %)) { + errstr = sprintf("%3d (%s)", errno, errno_str(errno)) + printf("%17s %15s %5d %4d %-12s %s\n", fn, comm, pid, + @count(error[fn, comm, pid, errno, argstr]), +# errstr, substr(argstr,0,22)) # within cols#80 + errstr, argstr) + + } + delete error +} -- cgit