Systemtap Userspace probing - 3
背景
接上一篇BLOG
http://blog.163.com/digoal@126/blog/static/16387704020138301545039/
本文要说的是指令探针, 可以对单步指令, 或者指令块设置探针.
Instruction probes
Constructs:
process("PATH").insn
process(PID).insn
process("PATH").insn.block
process(PID).insn.block
介绍 :
The process().insn and process().insn.block probes inspect the process after each instruction or block of instructions is executed.
These probes are not implemented on all architectures. If they are not implemented on your system, you will receive an error message when the script starts.
The .insn probe is called for every single-stepped instruction of the process described by PID or PATH.
The .insn.block probe is called for every block-stepped instruction of the process described by PID or PATH.
To count the total number of instructions that a process executes, type a command similar to:
$ stap -e 'global steps; probe process("/bin/ls").insn {steps++}
probe end {printf("Total instructions: %d\n", steps);}' \
-c /bin/ls
Using this feature will significantly slow process execution.
使用指令探针可能搞挂已经在执行的程序, 例如 :
[root@db-172-16-3-39 lib]# ps -ewf|grep postgres
pg93 3917 1 0 Sep26 ? 00:00:00 /opt/pgsql9.3beta2/bin/postgres
以下探针执行后把数据库搞挂了
[root@db-172-16-3-39 lib]# stap --vp 05 -e 'global cnt probe process("/opt/pgsql9.3beta2/bin/postgres").insn { cnt<<<1 } probe timer.s(10) { printf("cnt:%d\n", @count(cnt)); exit();}'
Eliding side-effect-free singleton block operator '{' at <input>:1:66
Pass 2: analyzed script: 2 probe(s), 1 function(s), 0 embed(s), 1 global(s) using 147324virt/24452res/3276shr/21920data kb, in 10usr/0sys/6real ms.
cnt:2808509
stap执行完后, postgres进程没了.
[root@db-172-16-3-39 lib]# ps -ewf|grep postgres
root 15059 4174 0 16:28 pts/2 00:00:00 grep postgres
所以建议不要在已有进程上使用, 可以使用目标进程模式.
例如 :
[root@db-172-16-3-39 lib]# stap --vp 05 -e 'global cnt probe process("/bin/ls").insn { cnt<<<1 } probe timer.s(1) { printf("cnt:%d\n", @count(cnt)); exit();}' -c /bin/ls
Eliding side-effect-free singleton block operator '{' at <input>:1:42
Pass 2: analyzed script: 2 probe(s), 1 function(s), 0 embed(s), 1 global(s) using 147324virt/24452res/3276shr/21920data kb, in 0usr/0sys/6real ms.
bdevid libcidn-2.5.so libe4p.so.2.3 libnss_db.so.2 libssl.so.4
cpp libcidn.so.1 libexpat.so.0 libnss_dns-2.5.so libssl.so.6
firmware libcom_err.so.2 libexpat.so.0.5.0 libnss_dns.so.2 libss.so.2
i686 libcom_err.so.2.1 libext2fs.so.2 libnss_files-2.5.so libss.so.2.0
kbd libcrypt-2.5.so libext2fs.so.2.4 libnss_files.so.2 libtermcap.so.2
ld-2.5.so libcrypto.so.0.9.7a libext4fs.so.2 libnss_hesiod-2.5.so libtermcap.so.2.0.8
ld-linux.so.2 libcrypto.so.0.9.8e libext4fs.so.2.4 libnss_hesiod.so.2 libthread_db-1.0.so
ld-lsb.so.3 libcrypto.so.4 libfuse.so libnss_ldap-2.5.so libthread_db.so.1
libacl.so libcrypto.so.6 libfuse.so.2 libnss_ldap.so.2 libulockmgr.so
libacl.so.1 libcrypt.so.1 libfuse.so.2.7.4 libnss_nis-2.5.so libulockmgr.so.1
libacl.so.1.1.0 libc.so.6 libgcc_s-4.1.2-20080825.so.1 libnss_nisplus-2.5.so libulockmgr.so.1.0.1
libanl-2.5.so libdb-4.1.so libgcc_s.so.1 libnss_nisplus.so.2 libutil-2.5.so
libanl.so.1 libdb-4.2.so libglib-2.0.so.0 libnss_nis.so.2 libutil.so.1
libasound.so.2 libdb-4.3.so libglib-2.0.so.0.1200.3 libpamc.so.0 libuuid.so.1
libasound.so.2.0.0 libdb_cxx-4.1.so libgmodule-2.0.so.0 libpamc.so.0.81.0 libuuid.so.1.2
libattr.so libdb_cxx-4.2.so libgmodule-2.0.so.0.1200.3 libpam_misc.so.0 libvolume_id.so.0
libattr.so.1 libdbus-1.so libgobject-2.0.so.0 libpam_misc.so.0.81.2 libvolume_id.so.0.66.0
libattr.so.1.1.0 libdbus-1.so.3 libgobject-2.0.so.0.1200.3 libpam.so.0 libwrap.so.0
libaudit.so.0 libdbus-1.so.3.4.0 libgthread-2.0.so.0 libpam.so.0.81.5 libwrap.so.0.7.6
libaudit.so.0.0.0 libdevmapper.a libgthread-2.0.so.0.1200.3 libpthread-2.5.so libz.so
libauparse.so.0 libdevmapper-event.a libiw.so.28 libpthread.so.0 libz.so.1
libauparse.so.0.0.0 libdevmapper-event.so libkeyutils-1.2.so libresolv-2.5.so libz.so.1.2.3
libblkid.so.1 libdevmapper-event.so.1.02 libkeyutils.so.1 libresolv.so.2 lsb
libblkid.so.1.0 libdevmapper.so libm-2.5.so librt-2.5.so modules
libBrokenLocale-2.5.so libdevmapper.so.1.02 libm.so.6 librt.so.1 rtkaio
libBrokenLocale.so.1 libdl-2.5.so libnsl-2.5.so libSegFault.so security
libc-2.5.so libdl.so.2 libnsl.so.1 libselinux.so.1 udev
libcap.so libe2p.so.2 libnss_compat-2.5.so libsepol.so.1
libcap.so.1 libe2p.so.2.3 libnss_compat.so.2 libssl.so.0.9.7a
libcap.so.1.10 libe4p.so.2 libnss_db-2.2.so libssl.so.0.9.8e
cnt:855389
前面提到, 是否支持指令模式和硬件架构有关系 , 例如以下报错, 说明测试环境架构不支持指令块探针.
ERROR: insn probe init: arch does not support block step mode
[root@db-172-16-3-39 lib]# stap --vp 05 -e 'global cnt; probe process("/bin/ls").insn { cnt[1]<<<1 } probe process("/bin/ls").insn.block { cnt[2]<<<1 } probe timer.s(1) { printf("stepcnt:%d, blockcnt:%d\n", @count(cnt[1]), @count(cnt[2])); exit();}' -c /bin/ls
Eliding side-effect-free singleton block operator '{' at <input>:1:43
Eliding side-effect-free singleton block operator '{' at <input>:1:94
Pass 2: analyzed script: 3 probe(s), 1 function(s), 0 embed(s), 1 global(s) using 147332virt/24472res/3272shr/21928data kb, in 10usr/0sys/6real ms.
ERROR: insn probe init: arch does not support block step mode
ERROR: probe timer.s(1) registration error (rc -1)
Warning: child process exited with signal 9 (Killed)
WARNING: /usr/bin/staprun exited with status: 1
Pass 5: run failed. Try again with another '--vp 00001' option.
参考
1. http://blog.163.com/digoal@126/blog/static/163877040201382941342901/
2. http://blog.163.com/digoal@126/blog/static/16387704020138301545039/