Systemtap examples, Profiling - 5 Tracking Most Frequently Used System Calls

1 minute read

背景

例子来自topsys.stp 脚本, 上一篇的例子是选取一部分带来系统等待的系统调用作为事件, 输出等待事件排行前20的进程信息.  
本文说的这个例子把所有的系统调用作为触发事件, 统计所有系统调用的调用次数, 输出前20位系统调用的名称和调用次数.  
脚本内容以及注解 :   
[root@db-172-16-3-150 network]# cd /usr/share/systemtap/testsuite/systemtap.examples/profiling  
[root@db-172-16-3-150 profiling]# cat topsys.stp  
#! /usr/bin/env stap  
#  
# This script continuously lists the top 20 systemcalls in the interval   
# 5 seconds  
#  
  
global syscalls_count  
  
probe syscall.* {   // 通配符, 匹配所有的系统调用  
  syscalls_count[name]++    // 自增, 数组索引为系统调用名.   
//  在所有系统调用probe alias中都会有name变量. 可以去tapset看原型  
}  
  
function print_systop () {  // 输出系统调用统计信息的函数  
  printf ("%25s %10s\n", "SYSCALL", "COUNT")    // 头信息  
  foreach (syscall in syscalls_count- limit 20) {    // 按syscalls_count倒序输出20个数组值  
    printf("%25s %10d\n", syscall, syscalls_count[syscall])  
  }  
  delete syscalls_count    // 输出后清空数组  
}  
  
probe timer.s(5) {  
  print_systop ()    // 每隔5秒调用输出函数  
  printf("--------------------------------------------------------------\n")  
}  
  
执行输出举例 :   
[root@db-172-16-3-150 profiling]# stap topsys.stp  
                  SYSCALL      COUNT  
                    write        951  
                     read        222  
                     poll        183  
                    ioctl        132  
                  recvmsg        132  
                    ppoll         25  
           rt_sigprocmask         24  
             rt_sigaction          6  
                nanosleep          6  
                    fcntl          4  
                 pselect6          1  
               epoll_wait          1  
                   select          1  
                   socket          1  
                  connect          1  
                    close          1  
--------------------------------------------------------------  
  
查看所有支持的系统调用探针  
[root@db-172-16-3-150 profiling]# stap -L syscall.**  
syscall.accept flags:long flags_str:string name:string sockfd:long addr_uaddr:long addrlen_uaddr:long argstr:string $fd:int $upeer_sockaddr:struct sockaddr* $upeer_addrlen:int* $flags:int $address:struct __kernel_sockaddr_storage  
syscall.accept.return name:string retstr:string $return:long int $fd:int $upeer_sockaddr:struct sockaddr* $upeer_addrlen:int* $flags:int $address:struct __kernel_sockaddr_storage  
syscall.access name:string pathname:string mode:long mode_str:string argstr:string $filename:char const* $mode:int  
syscall.access.return name:string retstr:string $return:long int $filename:char const* $mode:int  
... 略  
  
查看linux系统调用  
man syscalls  
       The list of system calls that are available as at kernel 2.6.28 (or in a few cases only on older kernels) is as  
       follows:  
  
       System call                 Kernel        Notes  
       ------------------------------------------------------------------------  
  
       _llseek(2)                  1.2  
       _newselect(2)  
       _sysctl(2)  
       accept(2)  
       accept4(2)                  2.6.28  
       access(2)  
...略  

参考

1. https://sourceware.org/systemtap/SystemTap_Beginners_Guide/mainsect-profiling.html

2. https://sourceware.org/systemtap/examples/

3. /usr/share/systemtap/testsuite/systemtap.examples

4. systemtap-testsuite

5. /usr/share/systemtap/testsuite/systemtap.examples/index.txt

6. /usr/share/systemtap/testsuite/systemtap.examples/keyword-index.txt

7. /usr/share/systemtap/tapset

Flag Counter

digoal’s 大量PostgreSQL文章入口