SystemTap Tapset: common used functions - 1

背景

Tapset这本手册很全, 罗列了大量的函数, 探针别名, 本文抽取一些常用到的函数, 方便查找 :

function::asmlinkage — Mark function as declared asmlinkage  

asmlinkage()函数在kprobe探针中常用, 在取函数变量前调用, 参考

http://blog.163.com/digoal@126/blog/static/163877040201382914152385/

function::cmdline_arg — Fetch a command line argument  
function::cmdline_args — Fetch command line arguments from current process  
取命令行参数, 或命令本身, 返回字符串.  
  
function::cmdline_str — Fetch all command line arguments from current process  
取命令行以及所有参数.  
如  
[root@db-172-16-3-150 postgresql-9.3.1]# stap -e '  
probe syscall.read {  
  if (execname() =="postgres") println(cmdline_arg(0))  
}'  
postgres: wal writer process  
[root@db-172-16-3-150 postgresql-9.3.1]# stap -e '  
probe syscall.read {  
  if (execname() =="postgres") println(cmdline_str())  
}'  
postgres: wal writer process    "" "" ""  
  
function::cpu — Returns the current cpu number  
多核CPU的情况下, 可用以区分哪个核.  
  
function::execname — Returns the execname of a target process (or group of processes)  
取进程名, 或一组进程的进程名, 例如postgresql fork出来的进程execname()都等于"postgres"  
  
function::egid — Returns the effective gid of a target process  
function::euid — Return the effective uid of a target process  
function::gid — Returns the group ID of a target process  
function::uid — Returns the user ID of a target process  
[root@db-172-16-3-150 postgresql-9.3.1]# stap -e '  
probe syscall.read {  
  if (execname() =="postgres") printdln("**",euid(),egid())  
}'  
500**500  
[root@db-172-16-3-150 postgresql-9.3.1]id pg93  
uid=500(pg93) gid=500(pg93) groups=500(pg93)  
  
function::int_arg — Return function argument as signed int  
function::long_arg — Return function argument as signed long  
function::longlong_arg — Return function argument as 64-bit value  
function::pointer_arg — Return function argument as pointer value  
function::s32_arg — Return function argument as signed 32-bit value  
function::s64_arg — Return function argument as signed 64-bit value  
function::u32_arg — Return function argument as unsigned 32-bit value  
function::u64_arg — Return function argument as unsigned 64-bit value  
function::uint_arg — Return function argument as unsigned int  
function::ulong_arg — Return function argument as unsigned long  
function::ulonglong_arg — Return function argument as 64-bit value  
kprobe中用来获取探针函数的变量值, 不同的类型使用不同的*_arg函数来获取.  

参考:

http://blog.163.com/digoal@126/blog/static/163877040201382914152385/

function::is_return — Whether the current probe context is a return probe  
判断是否为return probe. 例如  
[root@db-172-16-3-150 postgresql-9.3.1]# stap -e 'probe syscall.read.return { if (is_return()) {println(pn(), " is a return call."); exit()} else println(pn(), " is not a return call."); exit()}'  
syscall.read.return is a return call.  
[root@db-172-16-3-150 postgresql-9.3.1]# stap -e 'probe syscall.read { if (is_return()) {println(pn(), " is a return call."); exit()} else println(pn(), " is not a return call."); exit()}'  
syscall.read is not a return call.  
  
function::pexecname — Returns the execname of a target process's parent process  
function::pgrp — Returns the process group ID of the current process  
function::ppid — Returns the process ID of a target process's parent process  
function::pid — Returns the ID of a target process  
function::uid — Returns the user ID of a target process  
function::tid — Returns the thread ID of a target process  
function::pid2execname — The name of the given process identifier  
function::pid2task — The task_struct of the given process identifier  
用以得到进程的pid, gid, tid, uid; 父进程的execname, pid; 从指定进程号得到execname();  
  
function::pn — Returns the active probe name  
function::pp — Returns the active probe point  
function::ppfunc — Returns the function name parsed from pp  
function::stp_pid — The process id of the stapio process  
得到探针名, 探针, 从探针中解析到的函数名, 以及stap运行时的stapio进程的pid.  
  
function::target — Return the process ID of the target process  
在stap target process模式(stap -x or -c)中得到target process的pid.  
  
function::cpu_clock_ms — Number of milliseconds on the given cpu's clock  
function::cpu_clock_ns — Number of nanoseconds on the given cpu's clock  
function::cpu_clock_s — Number of seconds on the given cpu's clock  
function::cpu_clock_us — Number of microseconds on the given cpu's clock  
获取指定cpu的时间  
例如  
[root@db-172-16-3-150 postgresql-9.3.1]# stap -e 'probe begin {printdln("*",cpu_clock_ms(0),cpu_clock_ms(1),cpu_clock_ms(2),cpu_clock_ms(3),cpu_clock_ms(4),cpu_clock_ms(5),cpu_clock_ms(6),cpu_clock_ms(7)); exit()}'  
369796642*369796642*369796642*369796642*369796642*369796642*369796642*369796642  
  
function::gettimeofday_ms — Number of milliseconds since UNIX epoch  
function::gettimeofday_ns — Number of nanoseconds since UNIX epoch  
function::gettimeofday_s — Number of seconds since UNIX epoch  
function::gettimeofday_us — Number of microseconds since UNIX epoch  
获取UNIX epoch相对时间  
  
function::local_clock_ms — Number of milliseconds on the local cpu's clock  
function::local_clock_ns — Number of nanoseconds on the local cpu's clock  
function::local_clock_s — Number of seconds on the local cpu's clock  
function::local_clock_us — Number of microseconds on the local cpu's clock  
获取本地CPU的时间,   
[root@db-172-16-3-150 postgresql-9.3.1]# stap -e 'probe begin {printdln("*", gettimeofday_ns(), local_clock_ns()); exit()}'  
1381991942316960497*370059058163884  
重启后本地时间归0  
[root@db-172-16-3-150 ~]#  stap -e 'probe begin {printdln("*", gettimeofday_ns(), local_clock_s()); exit()}'  
1381992447423506944*160  
[root@db-172-16-3-150 ~]# w  
 14:47:30 up 2 min,  1 user,  load average: 0.20, 0.05, 0.01  
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT  
root     pts/0    172.16.8.31      14:47    0.00s  0.02s  0.00s w  
  
function::ctime — Convert seconds since epoch into human readable date/time string  
function::tz_ctime — Convert seconds since epoch into human readable date/time string, with local time zone  
function::tz_gmtoff — Return local time zone offset  
function::tz_name — Return local time zone name  
转换成可读时间  
[root@db-172-16-3-150 ~]#  stap -e 'probe begin {println(ctime(gettimeofday_s())); exit()}'  
Thu Oct 17 06:48:35 2013  
[root@db-172-16-3-150 ~]#  stap -e 'probe begin {println(tz_ctime(gettimeofday_s())); exit()}'  
Thu Oct 17 14:49:35 2013 CST  
  
function::system — Issue a command to the system  
在stap脚本中执行外部命令  
[root@db-172-16-3-150 ~]# stap -e 'probe begin {system("echo -e \"hello\" > ./t"); exit()}'  
[root@db-172-16-3-150 ~]# cat t  
hello  
  
function::bytes_to_string — Human readable string for given bytes  
输入数字, 单位为byte, 转换成可读的存储容量字符串.  
[root@db-172-16-3-150 ~]# stap -e 'probe begin {println(bytes_to_string(12)); exit()}'  
   12  
[root@db-172-16-3-150 ~]# stap -e 'probe begin {println(bytes_to_string(120)); exit()}'  
  120  
[root@db-172-16-3-150 ~]# stap -e 'probe begin {println(bytes_to_string(1200000000000000000)); exit()}'  
1117587089G  
[root@db-172-16-3-150 ~]# stap -e 'probe begin {println(bytes_to_string(120000000)); exit()}'  
 114M  
  
function::mem_page_size — Number of bytes in a page for this architecture  
返回内存一页大小字节.  
[root@db-172-16-3-150 ~]# stap -e 'probe begin {println(mem_page_size()); exit()}'  
4096  
  
function::pages_to_string — Turns pages into a human readable string  
输入数字, 单位为page, 转换成可读的存储容量字符串.  
[root@db-172-16-3-150 ~]# stap -e 'probe begin {println(pages_to_string(120000000)); exit()}'  
 457G  
  
function::proc_mem_data — Program data size (data + stack) in pages  
function::proc_mem_data_pid — Program data size (data + stack) in pages  
function::proc_mem_rss — Program resident set size in pages  
function::proc_mem_rss_pid — Program resident set size in pages  
function::proc_mem_shr — Program shared pages (from shared mappings)  
function::proc_mem_shr_pid — Program shared pages (from shared mappings)  
function::proc_mem_size — Total program virtual memory size in pages  
function::proc_mem_size_pid — Total program virtual memory size in pages  
function::proc_mem_string — Human readable string of current proc memory usage  
function::proc_mem_string_pid — Human readable string of process memory usage  
function::proc_mem_txt — Program text (code) size in pages  
function::proc_mem_txt_pid — Program text (code) size in pages  
获取程序内存中各个区块的空间大小. 单位内存页.  
[root@db-172-16-3-150 ~]# ps -ewf|grep postgres  
pg93      5345     1  0 14:58 pts/0    00:00:00 /home/pg93/pgsql9.3.1/bin/postgres  
# - Memory -  
  
shared_buffers = 2048MB                 # min 128kB  
                                        # (change requires restart)  
  
[root@db-172-16-3-150 ~]# stap -e 'probe begin {println(proc_mem_shr_pid(5345)); exit()}'  
17785  
  
function::cputime_to_msecs — Translates the given cputime into milliseconds  
function::cputime_to_string — Human readable string for given cputime  
function::msecs_to_string — Human readable string for given milliseconds  
function::task_stime — System time of the current task  
function::task_stime_tid — System time of the given task  
function::task_time_string — Human readable string of task time usage  
function::task_time_string_tid — Human readable string of task time usage  
function::task_utime — User time of the current task  
function::task_utime_tid — User time of the given task  
任务消耗的CPUtime, 区分user time, sys time.  
[root@db-172-16-3-150 ~]# ps -ewf|grep pg93  
pg93      5345     1  0 14:58 pts/0    00:00:00 /home/pg93/pgsql9.3.1/bin/postgres  
[root@db-172-16-3-150 ~]# stap -e 'probe begin {println(task_time_string_tid(5345)); exit()}'  
usr: 0m0.028s, sys: 0m0.059s  

参考

1. https://sourceware.org/systemtap/tapsets/

digoal’s 大量PostgreSQL文章入口