.[root@localhost ~]# stap -v -e 'probe vfs.read {printf("read performed\n"); exit()}'

Pass : parsed user script and  library script(s) using 146900virt/23668res/3024shr/21332data kb, in 130usr/40sys/183real ms.

Pass : analyzed script:  probe(s),  function(s),  embed(s),  global(s) using 257648virt/78000res/6100shr/71736data kb, in 510usr/870sys/2099real ms.

Pass : using cached /root/.systemtap/cache/e2/stap_e2a36f2dcc498d9e1b0e44a8fa8004fa_1020.c

Pass : using cached /root/.systemtap/cache/e2/stap_e2a36f2dcc498d9e1b0e44a8fa8004fa_1020.ko

Pass : starting run.

read performed

Pass : run completed in 10usr/40sys/344real ms.

.[root@localhost ~]# uname -m

  x86_64

.[root@localhost ~]# uname -r

  2.6.-.el5

.[root@localhost ~]# uname -a

  Linux localhost.localdomain 2.6.-.el5 # SMP Wed Dec  :: EST  x86_64 x86_64 x86_64 GNU/Linux

.stap -r kernel_version script -m module_name

     stap -r 2.6.-.el5 -e 'probe vfs.read {exit()}' -m simple

     生成simple.ko

     staprun  simple.ko

. [root@localhost ~]# echo "probe timer.s(10) {exit()}" | stap -v -

   说明:To instruct stap to read a SystemTap script from standard input, use the - switch instead of the file name

.stap -e 'probe module("ext3").function("*") {println(execname()," ",pid()) }'

.stap -e 'probe timer.s(4) {println(execname()," ",pid()) }'

.stap -e 'probe begin{printf ("hello world\n"); exit() }'

.stap -e 'probe syscall.open { printf("%s(%d) open\n", execname(), pid()) }'

.[root@localhost ~]# cat >thread_indent.stp

probe kernel.function("*@net/socket.c").call

{

  printf ("%s -> %s\n", thread_indent(), probefunc())

}

probe kernel.function("*@net/socket.c").return

{

  printf ("%s <- %s\n", thread_indent(-), probefunc())

}

[root@localhost ~]# stap thread_indent.stp

      pcscd(): -> sock_poll

     pcscd(): <- sock_poll

      pcscd(): -> sock_poll

      pcscd(): <- sock_poll

.

 [root@localhost ~]# cat .stp

   probe syscall.* {

     if(pid() == target())

         printf("%s\n", name)

       }

  stap .stp -x 

.[root@localhost ~]# stap .stp -c "ls -a"

.[root@localhost ~]# stap -L 'kernel.function("vfs_read")'

kernel.function("vfs_read@fs/read_write.c:248") $file:struct file* $buf:char* $count:size_t $pos:loff_t*

.

stap -e 'probe kernel.function("vfs_read") {

                   printf ("current files_stat max_files: %d\n",

                   @var("files_stat@fs/file_table.c")->max_files);

                   exit(); }'

.打印刷 函数的(vfs_read)四个参数

[root@localhost ~]# stap -e 'probe kernel.function("vfs_read") {printf("%s\n", $$parms); exit(); }'

file=0xffff81005429d0c0 buf=0x7fff98a0c270 count=0x2004 pos=0xffff8100363d3f50    

说明:There are four parameters passed into vfs_read: file, buf, count, and pos.

The $$parms generates a string for the parameters passed into the function.

In this case all but the count parameter are pointers.

.打印数据结构

stap -e 'probe kernel.function("vfs_read") {printf("%s\n", $$parms$); exit(); }'

file={            .f_u={...},

                  .f_dentry=0xffff81003492c660,

                  .f_vfsmnt=0xffff810047fb70c0,

          .f_op=0xffffffff886594a0,

          .f_count={...},

          .f_flags=,

          .f_mode=,

          .f_pos=,

          .f_owner={...},

          .f_uid=,

          .f_gid=,

          .f_ra={...},

          .f_version=,

          .f_security=0x0,

          .private_data=0x0,

          .f_ep_links={...},

          .f_ep_lock={...},

          .f_mapping=0xffff8100346125c0

          }

buf=""

count=

pos=-

.打印更详细的数据结构

stap -e 'probe kernel.function("vfs_read") {printf("%s\n", $$parms$$); exit(); }'

file={.f_u={.fu_list={.next=0xffff810057a3e0f8,

                      .prev=0xffff8100440d70c0},

              .fu_rcuhead={.next=0xffff810057a3e0f8,

                           .func=0xffff8100440d70c0

                  }

              },

       .f_dentry=0xffff810032dbb150,

       .f_vfsmnt=0xffff810047fb70c0,

       .f_op=0xffffffff8865b040,

       .f_count={.counter=},

       .f_flags=,

       .f_mode=,

       .f_pos=,

       .f_owner={.lock={.raw_lock={.lock=}},

                        .pid=,

                .uid=,

                .euid=,

                .security=0x0,

                .signum=},

                .f_uid=,

                .f_gid=,

                .f_ra={.start=,

                       .size=,

                   .flags=,

                   .cache_hit=,

                   .prev_page=,

                   .ahead_start=,

                   .ahea

说明:With the “$” suffix fields that are composed of data structures are not expanded.

     The “$$” suffix will print the values contained within the nested data structures

.@cast:类型转换

function task_state:long (task:long)

{

    return @cast(task, "task_struct", "kernel<linux/sched.h>")->state

}

The function returns the value of the state field from a task_struct pointed to by the long task.

The first argument of the @cast operator, task, is the pointer to the object.

The second argument is the type to cast the object to, task_struct.

The third argument lists what file that the type definition information comes from and is optional. 

.命令行参数传递

    Use $ if you are expecting the user to enter an integer as a command-line argument,

    and @ if you are expecting a string. 

   cat >.stp

   probe kenel.function(@)

       {

            printfln( execname(),@)

       }

 [root@localhost ~]# stap  stap .stp vfs_read

 .

foo["tom"] =

foo["dick"] =

foo["harry"] =

device[pid(),execname(),uid(),ppid(),"W"] = devname

All associate arrays must be declared as global,

regardless of whether the associate array is used in one or multiple probes

.

global reads

probe vfs.read

{

  reads[execname()] ++

}

probe timer.s()

{

  foreach (count in reads)

    printf("%s : %d \n", count, reads[count])

}

.

probe timer.s()

{

  foreach (count in reads- limit )

    printf("%s : %d \n", count, reads[count])

}

reads:数组

limit :

The limit  option instructs the foreach to only process the first ten iterations

(that is, print the first , starting with the highest value).

-:in descending order 

cat >.stp

global reads

probe vfs.read

{

  reads[execname()] ++

}

probe timer.s()

{

  printf("=======\n")

  foreach (count in reads-)

    printf("%s : %d \n", count, reads[count])

  if(["stapio"] in reads) {

    printf("stapio read detected, exiting\n")

  }

  .

global reads

probe vfs.read

{

  reads[execname(),pid()] <<<

}

probe timer.s()

{

  foreach([var1,var2] in reads)

    printf("%s (%d) : %d \n", var1, var2, @count(reads[var1,var2]))

}

@count(reads[execname()]) will return how many values are stored in each unique key in array reads.

@sum(reads[execname()]) will return the total of all values stored in each unique key in array reads.

the operator <<< $count stores the amount returned by $count to

the associated value of the corresponding execname() in the reads array

systemtap 脚本示例的更多相关文章

  1. MeteoInfoLab脚本示例:闪电位置图

    这个脚本示例读取文本格式的闪电数据,读出每条闪电记录的经纬度和强度,在地图上绘制出每个闪电的位置,并用符号和颜色区分强度正负.数据格式如下:0 2009-06-06 00:01:16.6195722 ...

  2. MeteoInfoLab脚本示例:FY-3C全球火点HDF数据

    FY-3C全球火点HDF数据包含一个FIRES二维变量,第一维是火点数,第二维是一些属性,其中第3.4列分别是火点的纬度和经度.下面的脚本示例读出所有火点经纬度并绘图.脚本程序: #Add data ...

  3. MeteoInfo脚本示例:GrADS to netCDF

    这里给出一个将GrADS数据文件转为netCDF数据文件的脚本示例程序,其它格式数据转netCDF可以参考: #-------------------------------------------- ...

  4. MeteoInfoLab脚本示例:AMSR-E卫星数据投影

    AMSR-E(http://nsidc.org/data/amsre/index.html)数据中的Land3数据是HDF-EOS4格式,投影是Cylindrical_Equal_Area.这里示例读 ...

  5. MeteoInfoLab脚本示例:创建netCDF文件(合并文件)

    在MeteoInfoLab中增加了创建netCDF文件并写入数据的功能,这里利用合并多个netCDF文件为一个新的netCDF文件为例.1.创建一个可写入的netCDF文件对象(下面用ncfile表示 ...

  6. MeteoInfoLab脚本示例:Trajectory

    示例读取HYSPLIT模式输出的气团轨迹数据文件,生成轨迹图层,并显示轨迹各节点的气压图.脚本程序: f = addfile_hytraj('D:/MyProgram/Distribution/jav ...

  7. MeteoInfoLab脚本示例:Hamawari-8 netCDF data

    示例数据:ftp://ftp.bom.gov.au/anon/sample/catalogue/Satellite/IDE00220.201507140300.nc 该数据的分辨率很高(22000*2 ...

  8. MeteoInfoLab脚本示例:读取文本文件绘制散度图

    MeteoInfoLab中读取文本文件数据的函数是asciiread,获取文本文件行.列数的函数是numasciirow和numasciicol,和NCL中函数名一致,但都是小写字母.本例中的示例数据 ...

  9. MeteoInfoLab脚本示例:站点数据绘制等值线

    站点数据绘制等值线需要首先将站点数据插值为格点数据,MeteoInfo中提供了反距离权法(IDW)和cressman两个方法,其中IDW方法可以有插值半径的选项.这里示例读取一个MICAPS第一类数据 ...

随机推荐

  1. Java内存模型-final域的内存语义

    一 引言 说到final你肯定知道它是Java中的关键字,那么它所在Java中的作用你知道吗?不知道的话,请前往这篇了解下https://www.cnblogs.com/yuanfy008/p/802 ...

  2. Hibernate二级缓存(未完待续)

    1.Hibernate的cache介绍: Hibernate实现了良好的Cache机制,可以借助Hibernate内部的Cache迅速提高系统的数据读取性能.Hibernate中的Cache可分为两层 ...

  3. C# 百度搜索结果xpath分析

    using System; using System.Collections.Generic; using System.IO; using System.Linq; using System.Net ...

  4. elasticsearch安装servicewrapper插件

    1)下载elasticsearch-servicewrappergit clone https://github.com/elasticsearch/elasticsearch-servicewrap ...

  5. 如何使用windows的计划任务?计划任务?

    我们经常有一些程序想要过了几小时来运行:比如定时关机 或者说希望能够每天的几点执行一个什么程序: 这些所有的操作都需要用到windows的任务计划:或者叫计划任务:反正都一样 下面小编将指导大家创建一 ...

  6. SysV和BSD启动风格的比较

    Slackware启动脚本与System V启动脚本的区别何在? Slackware 使用BSD风格的init脚本,而很多别的发行版使用System V风格的init脚本.SysV和BSD脚本都是能让 ...

  7. Python外部脚本调用Django项目Model表

    在实际生产中有时候会出现这种情况,原本运行了一个Django项目,后面又需要一些外部脚本进行辅助,而这些脚本又不希望集成到项目当中,但是又需要用到Django项目的Model,这时候是无法像在项目当中 ...

  8. 【转】卖萌的大牛你桑不起啊 ——记CVPR2011一篇极品文章

    来源:http://blog.renren.com/share/228707015/7197269922 作者 : 庞宇 CVPR2011正在如火如荼的进行中,在网上能看到的部分文章中,我终于找到一篇 ...

  9. Spark优化之gc

    对于官方Programming Guides的GC优化一节做了阅读. 在这里记录一下我的理解,可能记录的比较混乱没有条理: 我理解其实GC优化的主要目的就是在你的任务执行中使用更少的内存,进行更少的g ...

  10. P1280 尼克的任务 线性DP

    题目描述 尼克每天上班之前都连接上英特网,接收他的上司发来的邮件,这些邮件包含了尼克主管的部门当天要完成的全部任务,每个任务由一个开始时刻与一个持续时间构成. 尼克的一个工作日为N分钟,从第一分钟开始 ...