.[root@localhost ~]# stap -v -e 'probe vfs.read {printf("read performed\n"); exit()}'

Pass : parsed user script and  library script(s) using 146900virt/23668res/3024shr/21332data kb, in 130usr/40sys/183real ms.

Pass : analyzed script:  probe(s),  function(s),  embed(s),  global(s) using 257648virt/78000res/6100shr/71736data kb, in 510usr/870sys/2099real ms.

Pass : using cached /root/.systemtap/cache/e2/stap_e2a36f2dcc498d9e1b0e44a8fa8004fa_1020.c

Pass : using cached /root/.systemtap/cache/e2/stap_e2a36f2dcc498d9e1b0e44a8fa8004fa_1020.ko

Pass : starting run.

read performed

Pass : run completed in 10usr/40sys/344real ms.

.[root@localhost ~]# uname -m

  x86_64

.[root@localhost ~]# uname -r

  2.6.-.el5

.[root@localhost ~]# uname -a

  Linux localhost.localdomain 2.6.-.el5 # SMP Wed Dec  :: EST  x86_64 x86_64 x86_64 GNU/Linux

.stap -r kernel_version script -m module_name

     stap -r 2.6.-.el5 -e 'probe vfs.read {exit()}' -m simple

     生成simple.ko

     staprun  simple.ko

. [root@localhost ~]# echo "probe timer.s(10) {exit()}" | stap -v -

   说明:To instruct stap to read a SystemTap script from standard input, use the - switch instead of the file name

.stap -e 'probe module("ext3").function("*") {println(execname()," ",pid()) }'

.stap -e 'probe timer.s(4) {println(execname()," ",pid()) }'

.stap -e 'probe begin{printf ("hello world\n"); exit() }'

.stap -e 'probe syscall.open { printf("%s(%d) open\n", execname(), pid()) }'

.[root@localhost ~]# cat >thread_indent.stp

probe kernel.function("*@net/socket.c").call

{

  printf ("%s -> %s\n", thread_indent(), probefunc())

}

probe kernel.function("*@net/socket.c").return

{

  printf ("%s <- %s\n", thread_indent(-), probefunc())

}

[root@localhost ~]# stap thread_indent.stp

      pcscd(): -> sock_poll

     pcscd(): <- sock_poll

      pcscd(): -> sock_poll

      pcscd(): <- sock_poll

.

 [root@localhost ~]# cat .stp

   probe syscall.* {

     if(pid() == target())

         printf("%s\n", name)

       }

  stap .stp -x 

.[root@localhost ~]# stap .stp -c "ls -a"

.[root@localhost ~]# stap -L 'kernel.function("vfs_read")'

kernel.function("vfs_read@fs/read_write.c:248") $file:struct file* $buf:char* $count:size_t $pos:loff_t*

.

stap -e 'probe kernel.function("vfs_read") {

                   printf ("current files_stat max_files: %d\n",

                   @var("files_stat@fs/file_table.c")->max_files);

                   exit(); }'

.打印刷 函数的(vfs_read)四个参数

[root@localhost ~]# stap -e 'probe kernel.function("vfs_read") {printf("%s\n", $$parms); exit(); }'

file=0xffff81005429d0c0 buf=0x7fff98a0c270 count=0x2004 pos=0xffff8100363d3f50    

说明:There are four parameters passed into vfs_read: file, buf, count, and pos.

The $$parms generates a string for the parameters passed into the function.

In this case all but the count parameter are pointers.

.打印数据结构

stap -e 'probe kernel.function("vfs_read") {printf("%s\n", $$parms$); exit(); }'

file={            .f_u={...},

                  .f_dentry=0xffff81003492c660,

                  .f_vfsmnt=0xffff810047fb70c0,

          .f_op=0xffffffff886594a0,

          .f_count={...},

          .f_flags=,

          .f_mode=,

          .f_pos=,

          .f_owner={...},

          .f_uid=,

          .f_gid=,

          .f_ra={...},

          .f_version=,

          .f_security=0x0,

          .private_data=0x0,

          .f_ep_links={...},

          .f_ep_lock={...},

          .f_mapping=0xffff8100346125c0

          }

buf=""

count=

pos=-

.打印更详细的数据结构

stap -e 'probe kernel.function("vfs_read") {printf("%s\n", $$parms$$); exit(); }'

file={.f_u={.fu_list={.next=0xffff810057a3e0f8,

                      .prev=0xffff8100440d70c0},

              .fu_rcuhead={.next=0xffff810057a3e0f8,

                           .func=0xffff8100440d70c0

                  }

              },

       .f_dentry=0xffff810032dbb150,

       .f_vfsmnt=0xffff810047fb70c0,

       .f_op=0xffffffff8865b040,

       .f_count={.counter=},

       .f_flags=,

       .f_mode=,

       .f_pos=,

       .f_owner={.lock={.raw_lock={.lock=}},

                        .pid=,

                .uid=,

                .euid=,

                .security=0x0,

                .signum=},

                .f_uid=,

                .f_gid=,

                .f_ra={.start=,

                       .size=,

                   .flags=,

                   .cache_hit=,

                   .prev_page=,

                   .ahead_start=,

                   .ahea

说明:With the “$” suffix fields that are composed of data structures are not expanded.

     The “$$” suffix will print the values contained within the nested data structures

.@cast:类型转换

function task_state:long (task:long)

{

    return @cast(task, "task_struct", "kernel<linux/sched.h>")->state

}

The function returns the value of the state field from a task_struct pointed to by the long task.

The first argument of the @cast operator, task, is the pointer to the object.

The second argument is the type to cast the object to, task_struct.

The third argument lists what file that the type definition information comes from and is optional. 

.命令行参数传递

    Use $ if you are expecting the user to enter an integer as a command-line argument,

    and @ if you are expecting a string. 

   cat >.stp

   probe kenel.function(@)

       {

            printfln( execname(),@)

       }

 [root@localhost ~]# stap  stap .stp vfs_read

 .

foo["tom"] =

foo["dick"] =

foo["harry"] =

device[pid(),execname(),uid(),ppid(),"W"] = devname

All associate arrays must be declared as global,

regardless of whether the associate array is used in one or multiple probes

.

global reads

probe vfs.read

{

  reads[execname()] ++

}

probe timer.s()

{

  foreach (count in reads)

    printf("%s : %d \n", count, reads[count])

}

.

probe timer.s()

{

  foreach (count in reads- limit )

    printf("%s : %d \n", count, reads[count])

}

reads:数组

limit :

The limit  option instructs the foreach to only process the first ten iterations

(that is, print the first , starting with the highest value).

-:in descending order 

cat >.stp

global reads

probe vfs.read

{

  reads[execname()] ++

}

probe timer.s()

{

  printf("=======\n")

  foreach (count in reads-)

    printf("%s : %d \n", count, reads[count])

  if(["stapio"] in reads) {

    printf("stapio read detected, exiting\n")

  }

  .

global reads

probe vfs.read

{

  reads[execname(),pid()] <<<

}

probe timer.s()

{

  foreach([var1,var2] in reads)

    printf("%s (%d) : %d \n", var1, var2, @count(reads[var1,var2]))

}

@count(reads[execname()]) will return how many values are stored in each unique key in array reads.

@sum(reads[execname()]) will return the total of all values stored in each unique key in array reads.

the operator <<< $count stores the amount returned by $count to

the associated value of the corresponding execname() in the reads array

systemtap 脚本示例的更多相关文章

  1. MeteoInfoLab脚本示例:闪电位置图

    这个脚本示例读取文本格式的闪电数据,读出每条闪电记录的经纬度和强度,在地图上绘制出每个闪电的位置,并用符号和颜色区分强度正负.数据格式如下:0 2009-06-06 00:01:16.6195722 ...

  2. MeteoInfoLab脚本示例:FY-3C全球火点HDF数据

    FY-3C全球火点HDF数据包含一个FIRES二维变量,第一维是火点数,第二维是一些属性,其中第3.4列分别是火点的纬度和经度.下面的脚本示例读出所有火点经纬度并绘图.脚本程序: #Add data ...

  3. MeteoInfo脚本示例:GrADS to netCDF

    这里给出一个将GrADS数据文件转为netCDF数据文件的脚本示例程序,其它格式数据转netCDF可以参考: #-------------------------------------------- ...

  4. MeteoInfoLab脚本示例:AMSR-E卫星数据投影

    AMSR-E(http://nsidc.org/data/amsre/index.html)数据中的Land3数据是HDF-EOS4格式,投影是Cylindrical_Equal_Area.这里示例读 ...

  5. MeteoInfoLab脚本示例:创建netCDF文件(合并文件)

    在MeteoInfoLab中增加了创建netCDF文件并写入数据的功能,这里利用合并多个netCDF文件为一个新的netCDF文件为例.1.创建一个可写入的netCDF文件对象(下面用ncfile表示 ...

  6. MeteoInfoLab脚本示例:Trajectory

    示例读取HYSPLIT模式输出的气团轨迹数据文件,生成轨迹图层,并显示轨迹各节点的气压图.脚本程序: f = addfile_hytraj('D:/MyProgram/Distribution/jav ...

  7. MeteoInfoLab脚本示例:Hamawari-8 netCDF data

    示例数据:ftp://ftp.bom.gov.au/anon/sample/catalogue/Satellite/IDE00220.201507140300.nc 该数据的分辨率很高(22000*2 ...

  8. MeteoInfoLab脚本示例:读取文本文件绘制散度图

    MeteoInfoLab中读取文本文件数据的函数是asciiread,获取文本文件行.列数的函数是numasciirow和numasciicol,和NCL中函数名一致,但都是小写字母.本例中的示例数据 ...

  9. MeteoInfoLab脚本示例:站点数据绘制等值线

    站点数据绘制等值线需要首先将站点数据插值为格点数据,MeteoInfo中提供了反距离权法(IDW)和cressman两个方法,其中IDW方法可以有插值半径的选项.这里示例读取一个MICAPS第一类数据 ...

随机推荐

  1. vue需要注意的事宜

    1.Vue在进行点击事件的时候大部分是在标签上进行添加的,一般在标签上添加@click: 如果需要在组件上面进行点击事件的时候,直接写@click是木有变化的,需要在后面添加一个.native就如@c ...

  2. aps.net webform框架下页面服务器端控件和html控件用法

    (1)select 下拉框 前端: <select name="gameserverlist" id="gameserverlist" runat=&qu ...

  3. mysql.user细节三问

    一.如何拒绝用户从某个精确ip访问数据库假如在mysql.user表中存在用户'mydba'@'192.168.85.%',现在想拒绝此用户从某个精确ip访问数据库 # 创建精确ip用户,分配不同的密 ...

  4. if语句引起的bug

    最近维护高手留下的api项目,客户端反馈一个bug过来,然后查找到可能出错的代码位置,是一个if语句,乍一看好像没什么问题,代码如下: if (company.UserId != userId || ...

  5. BGM时长

    1.can u feel it 00:08-00:30 22s 2.纤夫的爱 00:43-00:54 11s 3.渡情 00:55-01:52 57s 4.nobody 01:56-02:25 29s ...

  6. IE WebBrowser内核设置

    public class IEVersion { /// <summary> /// IE WebBrowser内核设置 /// </summary> public stati ...

  7. centos7下安装配置redis3.0.4

    安装redis 1.进入redis官网(redis.io)下载redis稳定版安装包,目前稳定版本为3.0.4 2.在linux  /usr文件夹下新建redis文件夹,拷贝安装包redis-3.0. ...

  8. Heist

    CF#509 div2 A 第一次用自己的号打CF祭. 题目描述 昨晚有一家电子商店被抢劫了. 昨天在商店里的所有键盘都是从x开始按升序编号的.例如,如果x=4,并且商店中有3个键盘,那么编号就为4, ...

  9. nio--自己总结

    阻塞/非阻塞  +  同步/异步 其实,这两者存在本质的区别,面向的对象是不同的. 阻塞/非阻塞:进程/线程需要操作的数据如果尚未就绪,是否妨碍了当前进程/线程的后续操作. 同步/异步:数据如果尚未就 ...

  10. Java 在方法和作用域内的内部类

    通常,如果所读写 的代码包含了内部类,那么它们都是"平凡的"内部类,简单并且容易理解,然而,内部类的语法覆盖了大量其它的更加难以理解的计数,例如可以在一个方法里或者在任意的作用域里 ...