1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
<?xml version='1.0'?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
<section id="sockettracesect">
<title>Tracing Functions Called in Network Socket Code</title>
<indexterm>
<primary>script examples</primary>
<secondary>tracing functions called in network socket code</secondary>
</indexterm>
<indexterm>
<primary>examples of SystemTap scripts</primary>
<secondary>tracing functions called in network socket code</secondary>
</indexterm>
<indexterm>
<primary>tracing functions called in network socket code</primary>
<secondary>examples of SystemTap scripts</secondary>
</indexterm>
<indexterm>
<primary>network socket code, tracing functions called in</primary>
<secondary>examples of SystemTap scripts</secondary>
</indexterm>
<indexterm>
<primary>functions called in network socket code, tracing</primary>
<secondary>examples of SystemTap scripts</secondary>
</indexterm>
<remark>
http://sourceware.org/systemtap/examples/network/socket-trace.stp
</remark>
<indexterm>
<primary>script examples</primary>
<secondary>net/socket.c, tracing functions from</secondary>
</indexterm>
<indexterm>
<primary>examples of SystemTap scripts</primary>
<secondary>net/socket.c, tracing functions from</secondary>
</indexterm>
<indexterm>
<primary>net/socket.c, tracing functions from</primary>
<secondary>examples of SystemTap scripts</secondary>
</indexterm>
<para>This section describes how to trace functions called from the kernel's <filename>net/socket.c</filename> file. This task helps you identify, in finer detail, how each process interacts with the network at the kernel level.</para>
<formalpara id="sockettrace">
<title>socket-trace.stp</title>
<para>
<programlisting>
<xi:include parse="text" href="../testsuite/systemtap.examples/network/socket-trace.stp" xmlns:xi="http://www.w3.org/2001/XInclude" />
</programlisting>
</para>
</formalpara>
<para><xref linkend="sockettrace"/> is identical to <xref linkend="thread_indent"/>, which was earlier used in <xref linkend="systemtapscript-functions"/> to illustrate how <command>thread_indent()</command> works.</para>
<example id="sockettraceoutput">
<title><xref linkend="sockettrace"/> Sample Output</title>
<screen>
[...]
0 Xorg(3611): -> sock_poll
3 Xorg(3611): <- sock_poll
0 Xorg(3611): -> sock_poll
3 Xorg(3611): <- sock_poll
0 gnome-terminal(11106): -> sock_poll
5 gnome-terminal(11106): <- sock_poll
0 scim-bridge(3883): -> sock_poll
3 scim-bridge(3883): <- sock_poll
0 scim-bridge(3883): -> sys_socketcall
4 scim-bridge(3883): -> sys_recv
8 scim-bridge(3883): -> sys_recvfrom
12 scim-bridge(3883):-> sock_from_file
16 scim-bridge(3883):<- sock_from_file
20 scim-bridge(3883):-> sock_recvmsg
24 scim-bridge(3883):<- sock_recvmsg
28 scim-bridge(3883): <- sys_recvfrom
31 scim-bridge(3883): <- sys_recv
35 scim-bridge(3883): <- sys_socketcall
[...]
</screen>
</example>
<para><xref linkend="sockettraceoutput"/> contains a 3-second excerpt of the output for <xref linkend="sockettrace"/>. For more information about the output of this script as provided by <command>thread_indent()</command>, refer to <xref linkend="systemtapscript-functions"/> <xref linkend="thread_indent"/>. </para>
<!--
<para><xref linkend="sockettraceoutput"/> contains a 3-second excerpt of the output for <xref linkend="sockettrace"/>. Each line contains the following information, on the order that they appear:</para>
<itemizedlist>
<listitem><para>The time delta (in microseconds) since the previous entry; i.e. the number of microseconds since the last traced function call.</para></listitem>
<listitem><para>The process name (and its corresponding ID) that made the function call.</para></listitem>
<listitem><para>An arrow signifying whether the call was an entry (<computeroutput><-</computeroutput>) or an exit (<computeroutput>-></computeroutput>); the indentations help you match specific function call entries with their corresponding exits.</para></listitem>
<listitem><para>The name of the function called by the process.</para></listitem>
</itemizedlist> -->
<!--
probe kernel.function("*@net/socket.c").call {
printf ("%s -> %s\n", thread_indent(1), probefunc())
}
probe kernel.function("*@net/socket.c").return {
printf ("%s <- %s\n", thread_indent(-1), probefunc())
}
-->
</section>
|
