ÔÚ SystemTap ³öÏÖ֮ǰ£¬¶ÔÓÚ Linux ³ÌÐòÔ±»òÕßϵͳ¹ÜÀíÔ±¶øÑÔ£¬µ÷ÊÔÄÚºËÍùÍùÊÇÒ»³¡Ø¬ÃΡ£ÀýÈ磬Ä㻳ÒÉ´«µÝ¸øϵͳµ÷Óà read µÄ²ÎÊý fd ³öÁËÎÊÌ⣬Ïë°ÑËü´òÓ¡³öÀ´£¬ÄãÐèÒª×öµÄÊÇ£ºÊ×Ïȵõ½Ò»·ÝÄÚºËÔ´Â룬ÕÒµ½ sys_read() µÄº¯ÊýÌåÖвåÈë printk() Óï¾ä£¬½ÓÏÂÀ´ÖØбàÒëÄںˣ¬È»ºóÓÃеÄÄÚºËÖØÐÂÆô¶¯ÏµÍ³¡£Ð»ÌìлµØ£¬Äã×ÜËã¿´µ½ÁËÄãÏëÒª¿´µ½µÄ¶«Î÷£¬²»¹ýÄãÂíÉϻᷢÏÖÓöµ½ÁËÒ»¸öеÄÂé·³£º³ý·ÇÖØÐÂÆô¶¯ÏµÍ³µ½ÔÀ´µÄÄںˣ¬printk() »áÎÞÐÝÖ¹µØ´òÓ¡ÏÂÈ¥¡£
SystemTap µÄÄ¿µÄ¾ÍÊÇÒª°ÑÈËÃÇ´ÓÕâÖÖÄà̶Öнâ¾È³öÀ´¡£SystemTap ÌṩÁËÒ»¸ö¼òµ¥µÄÃüÁîÐнӿںÍÇ¿´óµÄ½Å±¾ÓïÑÔ£¬Í¬Ê±Ô¤¶¨ÒåÁ˷ḻµÄ½Å±¾¿â¡£»ùÓÚÄÚºËÖÐµÄ kprobe£¬SystemTapÔÊÐíÄã×ÔÓɵشÓÔËÐÐÖеÄÄÚºËÎÞº¦µØÊÕ¼¯µ÷ÊÔÐÅÏ¢ºÍÐÔÄÜÊý¾Ý£¬À´ÓÃÓÚÖ®ºóµÄ·ÖÎöºÍ´¦Àí¡£Äã¿ÉÒÔËæʱ¿ªÊ¼»òÕßÍ£Ö¹ÕâÖÖÊÕ¼¯¹ý³Ì£¬¶øÎÞÐèÂþ³¤µÄÐ޸ĴúÂë¡¢±àÒëÄں˺ÍÖØÆôϵͳµÄ±¯²ÒÑ»·¡£SystemTap ʹµÃÉÏÃæµÄÎÊÌâ±äµÃ¼òµ¥ÁË£¬¼òµ¥µÃÖ»ÐèÒªÒ»ÌõÃüÁî¾Í¿ÉÒÔ×öµ½£º
stap -e 'probe syscall.read { printf("fd = %d\n",fd) }
SystemTapµÄ¹¦ÄܺÍSunµÄDTraceºÍIBMµÄdprobe¹¤¾ßÏàËÆ¡£µ«ÊǺÍËüÃDz»Í¬µÄÊÇ£¬ SystemTapÊÇ×ñÑGPLµÄ¿ªÔ´Èí¼þÏîÄ¿¡£ËüµÄ³öÏÖʹµÃLinuxÉçÇøÒ²ÓµÓÐÁ˹¦ÄÜÇ¿´ó¶øÇÒÒ×ÓÚʹÓõĶ¯Ì¬Äں˵÷ÊÔ¹¤¾ß¡£Ä¿Ç°£¬SystemTap µÄÖ÷Òª¿ª·¢³ÉÔ±À´×ÔÓÚRedHat¡¢IBM¡¢IntelºÍHitachi£¬ÆäÖл¹°üÀ¨À´×ÔIBMÖйú¿ª·¢ÖÐÐĵŤ³Ìʦ¡£
°²×°SystemTap
ÔÚ°²×°SystemTap֮ǰ£¬ÐèҪȷ±£ÏµÍ³ÖÐÒѾ°²×°ÁËÆäËüÁ½¸öÈí¼þ°ü£º
kernel-debuginfo RPM£ºSystemTapÐèҪͨ¹ýÄں˵÷ÊÔÐÅÏ¢À´¶¨Î»Äں˺¯ÊýºÍ±äÁ¿µÄλÖ᣶ÔÓÚͨ³£µÄ·¢Ðа棬²¢Ã»Óа²×°kernel-debuginfo RPM£¬ÎÒÃÇ¿ÉÒÔµ½·¢ÐаæµÄÏÂÔØÕ¾µãÏÂÔØ¡£¶ÔÓÚÎÒµÄThinkPadÉϵÄFedora Core 6£¬Õâ¸öµØÖ·ÊÇ£º http://download.fedora.redhat.com/pub/fedora/linux/core/6/i386/debug/ elfutils RPM£ºSystemTapÐèÒªelfutilsÈí¼þ°üÌṩµÄ¿âº¯ÊýÀ´·ÖÎöµ÷ÊÔÐÅÏ¢¡£Ä¿Ç°µÄSystemTapÒªÇó°²×°elfutils-0.123ÒÔÉÏ°æ±¾¡£Ä¿Ç°×îеİ汾ÊÇ0.124-0.1¡£Èç¹ûÐèÒª£¬ÎÒÃÇ¿ÉÒÔ´ÓSystemTapµÄÕ¾µãÏÂÔØRPM»òÕßÔ´ÂëÀ´Éý¼¶¡£ÏÂÔصØÖ·ÊÇ£º FTP://sources.redhat.com/pub/SystemTap/elfutils/i386/½ÓÏÂÀ´¾Í¿ÉÒÔ°²×°SystemTapÁË£¬ÕâÓÐͨ¹ýRPM»òÕßÔ´Âë°²×°Á½ÖÖ·½Ê½£º
1£® ͨ¹ýRPM°²×° Fedora Core 6ȱʡÇé¿öÏÂÒѾ°²×°ÁËsystemtap¡£Èç¹ûûÓУ¬Ò²¿ÉÒÔ´ÓÈçϵĵØÖ·ÏÂÔØ£º http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/6/i386/SystemTap-0.5.10-1.fc6.i386.rpm
2£®Í¨¹ýÔ´Âë°²×°£º
´ÓSystemTapµÄFTPÕ¾µãÏÂÔØ×îеÄÔ´Âë
ftp://sources.redhat.com/pub/SystemTap/snapshots/SystemTap-20061104.tar.bz2
È»ºó°²×°ÈçÏ£º
/root > tar -jxf SystemTap-20061104.tar.bz2 /root > cd src /root/src> ./configure /root/src> make /root/src> make install
ÔËÐÐSystemTap
ÔËÐÐSystemTapÊ×ÏÈÐèÒªrootȨÏÞ¡£
ÔËÐÐSystemTapÓÐÈýÖÖÐÎʽ£º
1£® ´ÓÎļþ(ͨ³£ÒÔ.stp×÷ΪÎļþÃûºó׺)ÖжÁÈë²¢ÔËÐнű¾£ºstap [Ñ¡Ïî] ÎļþÃû
2£® ´Ó±ê×¼ÊäÈëÖжÁÈë²¢ÔËÐнű¾£º stap [Ñ¡Ïî] -
3£® ÔËÐÐÃüÁîÐÐÖеĽű¾£ºstap [Ñ¡Ïî] -e ½Å±¾
4£® Ö±½ÓÔËÐнű¾Îļþ(ÐèÒª¿ÉÖ´ÐÐÊôÐÔ²¢ÇÒµÚÒ»ÐмÓÉÏ#!/usr/bin/stap)£º./½Å±¾ÎļþÃûʹÓÃ"Ctrl+C"ÖÐÖ¹SystemTapµÄÔËÐС£
systemtapµÄÑ¡ÏÔÚ²»¶ÏµÄÀ©Õ¹ºÍ¸üÐÂÖУ¬ÆäÖÐ×î³£ÓõÄÑ¡Ïî°üÀ¨£º
-v -- ´òÓ¡ÖмäÐÅÏ¢
-p NUM -- ÔËÐÐÍêPass NumºóÍ£Ö¹(ȱʡÊÇÔËÐе½Pass 5)
-k -- ÔËÐнáÊøºó±£ÁôÁÙʱÎļþ²»É¾³ý
-b -- ʹÓÃRelayFSÎļþϵͳÀ´½«Êý¾Ý´ÓÄں˿ռ䴫Êäµ½Óû§¿Õ¼ä
-M -- ½öµ±Ê¹ÓÃ-bÑ¡ÏîʱÓÐЧ£¬ÔËÐнáÊøʱ²»ºÏ²¢Ã¿¸öCPUµÄµ¥¶ÀÊý¾ÝÎļþ
-o FILE -- Êä³öµ½Îļþ£¬¶ø²»ÊÇÊä³öµ½±ê×¼Êä³ö
-c CMD -- Æô¶¯Ì½²âºó£¬ÔËÐÐCMDÃüÁֱµ½ÃüÁî½áÊøºóÍ˳ö
-g -- ²ÉÓÃguruģʽ£¬ÔÊÐí½Å±¾ÖÐǶÈëCÓï¾ä
ÆäËü¸ü¶àÑ¡ÏîÇë²Î¿´stapµÄÊֲᡣ
SystemTapµÄÓï·¨
ÎÒÃÇÀûÓÃÒ»¸ö¼òµ¥µÄsystemtap½Å±¾À´½éÉÜÒ»ÏÂSystemTapµÄÓï·¨£º
#!/usr/local/bin/stap global count function report(stat) { printf("stat=%d\n", stat) } probe kernel.function("sys_read") { ++count } probe end { report() }
̽²âµã(probe)£ºÃ¿¸ösystemtap½Å±¾ÖÐÖÁÉÙÐèÒª¶¨ÒåÒ»¸ö̽²âµã£¬Ò²¾ÍÊÇÖ¸¶¨ÁËÔÚÄں˵ÄʲôλÖýøÐÐ̽²â¡£Ì½²âµãÃû³ÆºóÃæ½ô¸úµÄÒ»×é´óÀ¨ºÅÄÚ¶¨ÒåÁËÿ´ÎÄÚºËÔËÐе½¸Ã̽²âµãʱÐèÒªÔËÐеIJÙ×÷£¬ÕâЩ²Ù×÷Íê³ÉºóÔÙ·µ»Ø̽²âµã£¬¼ÌÐøÏÂÃæµÄÖ¸Áî¡£ÕâÀï¸ø³öÁËsystemtapÄ¿Ç°Ö§³ÖµÄËùÓÐ̽²âµãÀàÐÍ¡£ È«¾Ö±äÁ¿(global)£ºÓÃÀ´¶¨ÒåÈ«¾Ö±äÁ¿¡£µ¥¸ö̽²âµãº¯ÊýÌåÖÐʹÓõľֲ¿±äÁ¿²»ÐèÒªÔ¤Ïȶ¨Ò壬µ«ÊÇÈç¹ûÒ»¸ö±äÁ¿ÐèÒªÔÚ¶à¸ö̽²âµãº¯ÊýÌåÖÐʹÓã¬ÔòÐèÒª¶¨ÒåΪȫ¾Ö±äÁ¿¡£ º¯Êý(function)£ºÓÃÀ´¶¨Òå̽²âµãº¯ÊýÌåÖÐÐèÒªÓõ½µÄº¯Êý¡£³ýÁË¿ÉÒÔÓýű¾ÓïÑÔ¶¨Ò庯ÊýÒÔÍ⣬»¹¿ÉÒÔÓÃCÓïÑÔÀ´¶¨Ò庯Êý£¬Ö»ÊÇÕâʱº¯ÊýÃûºóÃæµÄ´óÀ¨ºÅ¶ÔÐèÒª»»³É%{ %}¡£ÀýÈ磬ǰÃæµÄreport()º¯Êý¿ÉÒÔд³É£ºfunction report(stat) %{ _stp_printf("stat=%d\n", THIS->stat); %}
SystemTapµÄÀý×Ó
Á˽âÁËSystemTapµÄ»ù±¾Ó÷¨£¬ÏÂÃæÈÃÎÒÃÇÀ´¿´¼¸¸öÓÐȤµÄÀý×Ó¡£
ͳ¼Æµ±Ç°ÏµÍ³Öе÷ÓÃ×î¶àµÄÇ°10¸öϵͳµ÷ÓÃ
ÔÚ½øÐÐÐÔÄÜ·ÖÎöµÄʱºò£¬ÎÒÃdz£³£ÐèÒªÖªµÀÄÇЩº¯Êýµ÷ÓôÎÊý×î¶à£¬²ÅÄÜÓеķÅʸµØÕ¹¿ª·ÖÎö¡£ÏÂÃæÕâ¸ö¼òµ¥µÄÀý×Ó¿ÉÒÔ´òÓ¡³öÔÚ¹ýÈ¥µÄ5ÃëÖÓÀïµ÷ÓôÎÊý×î¶àµÄÄÇЩϵͳµ÷Óá£
#!/usr/bin/env stap # # display the top 10 syscalls called in last 5 seconds # global syscalls function print_top () { cnt=0 log ("SYSCALL\t\t\t\tCOUNT") foreach ([name] in syscalls-) { printf("%-20s\t\t%5d\n",name, syscalls[name]) if (cnt++ == 10) break } printf("--------------------------------------\n") delete syscalls } probe syscall.* { syscalls[probefunc()]++ } probe timer.ms(5000) { print_top () }
ËüµÄÊä³ö½á¹ûһĿÁËÈ»£º
¿´¿´ÊÇËÔÚ͵͵¶¯ÎÒµÄÎļþ
ÓÐʱºò£¬ÎÒÃÇÈç¹ûÖÐÁ˶ñÒâµÄ²¡¶¾Èí¼þ£¬»á·¢ÏÖijЩÎļþĪÃûÆäÃîµÄ±»Ð޸ģ¬ÏÂÃæÕâ¸öÀý×Ó¿ÉÒÔ°ïÄã¼àÊÓËÔÚÐÞ¸ÄÄãµÄÎļþ¡£
#!/usr/bin/env stap # # monitor who is messing my file of secrets # probe generic.fop.open { if(filename == "secrets") printf("%s is opening my file: %s\n", execname(), filename) }
ÎÒÃÇÔËÐÐÕâ¸ö½Å±¾£¬ÔÚÁíÍâÒ»¸ö´°¿Ú×öһЩ²Ù×÷£¬À´¿´¿´ËüµÄÊä³ö½á¹û£º
¸ü¶àµÄÇë¿´£ºhttp://www.QQread.com/windows/2003/index.Html
´òÓ¡ANSI×Ö·û´®
SystemTap²»½ö½öÊÇÒ»¸ö¼òµ¥µÄµ÷ÊÔ¹¤¾ß£¬Ç¿´óµÄ½Å±¾ÓïÑÔÄÜÁ¦ÈÃËüͬÑùÄÜ×öһЩÓÐȤµÄÊÂÇ飬ÏÂÃæÕâ¸öÀý×ӾͿÉÒÔ¶ÔÊä³öµÄ×Ö·û½øÐÐÃÀ»¯£º
#!/usr/bin/env stap # # print colorful ANSI strings # probe begin { printf("a \\ b "); for (c = 40; c < 48; c++) printf(" %d ", c); printf("\12"); for (l = 0; l < 71; l++) printf("-"); printf("\12"); for (r = 30; r < 38; r++) for (t = 0; t < 2; t++) { printf("%d ", r); for (c = 40; c < 48; c++) printf("\033[%d;%d%s %s \033[0;0m", r, c, !t ? "m" : ";1m", !t ? "Normal" : "Bold "); printf("\12"); } exit(); }
À´¿´¿´ËüµÄÊä³ö£º
SystemTapµÄ»ù±¾ÔÀí
ÏÖÔÚ£¬´ó¼ÒÒѾÊìϤÁËSystemTapµÄ»ù±¾Ó÷¨¡£ÔÚ½áÊø֮ǰ£¬ÈÃÎÒÃÇÔÙÀ´Á˽âÒ»ÏÂSystemTapµÄ»ù±¾ÔÀíºÍ¹¤×÷Á÷³ÌÒÔ¼ÓÉîÀí½â¡£
¿ÉÒÔ¿´³ö£¬SystemTapÔËÐеĹý³ÌÒÀ´Î·ÖΪÎå¸ö½×¶Î£¬Í¨³£³ÆΪPass 1 - Pass 5¡£¾ÍÏñÇ°Ãæ½éÉÜÓ÷¨µÄʱºòÌáµ½µÄ£¬ÔÚÃüÁîÐÐÖмÓÉÏ-p NUMÑ¡Ïî¿ÉÒÔʹµÃSystemTapÔÚÔËÐÐÍêPass NUMÖ®ºóÍ£Ö¹£¬¶ø²»ÊÇÔËÐе½Pass 5¡£ÕâÔÊÐíÄã·ÖÎöSystemTapÔÚÿһ¸ö½×¶ÎµÄÊä³ö£¬¶ÔÓÚµ÷ÊԽű¾ÓÈÆäÓÐÓá£
ÏÂÃæÀ´½éÉÜÿһ¸ö½×¶ÎµÄÖ÷Òª¹¦ÄÜ£º
Pass 1 - parse£ºÕâ¸ö½×¶ÎÖ÷ÒªÊǼì²éÊäÈë½Å±¾ÊÇ·ñ´æÔÚÓï·¨´íÎó£¬ÀýÈç´óÀ¨ºÅÊÇ·ñÆ¥Å䣬±äÁ¿¶¨ÒåÊÇ·ñ¹æ·¶µÈ Pass 2 - elaborate£ºÕâ¸ö½×¶ÎÖ÷ÒªÊǶÔÊäÈë½Å±¾Öж¨ÒåµÄ̽²âµã»òÕßÓõ½µÄº¯ÊýÕ¹¿ª£¬²»µ«ÐèÒª×ÛºÏSystemTapµÄÔ¤¶¨Òå½Å±¾¿â£¬»¹ÐèÒª·ÖÎöÄں˻òÕßÄÚºËÄ£¿éµÄµ÷ÊÔÐÅÏ¢ Pass 3 - translate: ÔÚÕâ¸ö½×¶Î£¬½«Õ¹¿ªºóµÄ½Å±¾×ª»»³ÉCÎļþ¡£Ç°Èý¸ö½×¶ÎµÄ¹¦ÄÜÀàËÆÓÚ±àÒëÆ÷£¬½«.stpÎļþ±àÒë³ÉΪÍêÕûµÄ.cÎļþ£¬Òò´ËÓÖ±»ºÏÆðÀ´³ÆΪת»»Æ÷(translator) Pass 4 - build£ºÔÚÕâ¸ö½×¶Î£¬½«CÔ´Îļþ±àÒë³ÉÄÚºËÄ£¿é£¬ÔÚÕâ¹ý³ÌÖл¹»áÓõ½SystemTapµÄÔËÐÐʱ¿âº¯Êý¡£ Pass 5 - run£ºÕâ¸ö½×¶Î£¬½«±àÒëºÃµÄÄÚºËÄ£¿é²åÈëÄںˣ¬¿ªÊ¼½øÐÐÊý¾ÝÊÕ¼¯ºÍ´«Ê䡣С½á
SystemTapÊÇÒ»¸öÈ«ÐµĹ¤¾ß£¬µ«ÒѾ±íÏÖ³öÁËÇ¿´óµÄ¹¦Äܺ͹㷺µÄÊÊÓÃÐÔ¡£SystemTapʹµÃ¶¯Ì¬ÊÕ¼¯LinuxÄÚºËÐÅÏ¢ºÍÐÔÄÜÊý¾Ý±äµÃÇá¶øÒ×¾Ù£¬Õâ¾ÍʹÈË¿ÉÒÔ´Ó·±ËöµÄÊý¾Ý²É¼¯Öнâ·Å³öÀ´£¬¶øרעÓÚÊý¾ÝµÄ´¦ÀíºÍ·ÖÎö£¬ÕâÎÞÒÉÊÇÄں˿ª·¢ÈËÔ±ºÍϵͳ¹ÜÀíÈËÔ±µÄ¸£Òô¡£Ëæ×ÅÔ½À´Ô½¶àÓû§µÄÌåÑ飬ԽÀ´Ô½¶àµÄbug»á±»±¨¸æºÍÐÞÕý£¬Ô½À´Ô½¶àµÄй¦ÄܻᱻÌí¼Ó£¬SystemTapÒ²»á±äµÃÔ½À´Ô½Îȶ¨ºÍÍêÉÆ¡£
ÔÎÄÁ´½Ó£ºhttp://www-128.ibm.com/developerworks/cn/linux/l-systemtap/index.html
£¨³ö´¦£ºhttp://www.sheup.com£©