You are on page 1of 21

Writing SystemTap Scripts

Eugene Teo
Slides: http://www.kernel.sg/talks/lca2008/

What is SystemTap?

Trouleshooting and analysis tool

SystemTap scripting language translator

!rotected and simple inter"ace to kproes

System#wide and process#centric $iews

E%tensile "ramework to write new tools

&ree and open source so"tware '(!)*



Why use SystemTap?

To e%tend "unctionality in traditional tools

To "ind out system or process#related +ueries

Why does my disk keep writing something?

What is the current resource limits "or mingetty?

,ow many sockets and pipes did dus#launch use?

,ow can - pin down a lock contention prolem?

To write new tools and instrumentation "rameworks

- like using tool . ut it is only a$ailale in operating system /

&ault in0ection "ramework



Why use SystemTap?

)earn y looking at e%amples:

kproe1e%ample.c in linu%#2.2/3ocumentation/kproes.t%t

SystemTap e+ui$alent 4 kproe1e%ample.sh 5 regs.stp

6ompare the two di""erent implementations

6omple%ity

7mount o" code

6ode sa"ety

Write less code yet achie$e the same o0ecti$e



,ow SystemTap works?

SystemTap tool goes through 8 passes:

pass 9: parsing

pass 2: semantic analysis

pass :: translation

pass ;: compilation

pass 8: run

6omponents o" SystemTap script

Strictly typed< declaration "ree< procedural< and inspired y awk

6omments
= ... shell style< // ... 655 style< /> ... 6 style >/

gloal $ar9< $ar2 ?@ A$alueBC

i" 'E.!* STDT9 ? else STDT2 C

do STDT while 'E.!*

"or 'E.!9E E.!2E E.!:* STDT

"oreach 'F7G in 7GG7/* STDT

AAA< Hcount< Ha$g< Hhist1linear< Hhist1log


Allocations by size in bytes
value |------------------------------ count
2 | 0
4 | 0
8 |@@@@@@@@@@@@@@@ 15
16 | 0
32 |@@@@@@@@@@@@@@@ 15
64 |@@@@@@@@@@@@@@@ 15
128 | 0
256 | 0

6omponents o" SystemTap script

!roes

proe kernel."unction'!7TTEGI9* J ?stmt ...C K

!7TTEGI9 can e L"unctionHpath/to/"ile.c:92:M

proe module'!7TTEGI2*."unction'!7TTEGI9* J ?stmt ...C K

!7TTEGI2 can e Le%t:M or Lscsi1modM< etc.

proe netde$.transmit J ?stmt ...C K

&unctions

"unction translate1mask 'mask* J Astmt ...B K

"unction get1task1struct:long 'pid:long* NJ A61stmts ...B NK



)etOs look at kproe1e%ample.sh

The SystemTap script is called within the shell script

addr is gotten "rom /proc/kallsyms $ia the shell script

get1eip1in"o'* and get1e"lags1in"o'* are "rom regs.stp tapset

Gecap: tapset @ reuse @ e%tensile "ramework< no Dake"iles



6omponents o" SystemTap Tapset

Think o" this as a lirary

Geusale proes and "unctions

Encapsulate knowledge o" kernel susystem

Same synta% as a SystemTap script

7lso ends with .stpE located at /usr/share/systemtap/tapset

Pse stap #- 3-G to speci"y path to additional tapset scripts

Q grep stap kproe1e%ample.sh


/usr/in/en$ stap #pQ9 #- ./ #e R

)etOs look at regs.stp

7dditional helper routines that can e reused y other scripts

kread'* macro 4 de"ined in runtime/loc2c#runtime.h

To dere"erence pointers that could potentially e in$alid

Pse it with 67T6,13EGE&1&7P)T'*

Gecap: code sa"ety< reuse and reduce code< reduce comple%ity



(etting started

-" it is not already installed< run:

yum install systemtap kernel#de$el

yum 4enalerepo@"edora#deugin"o install kernel#deugin"o

Sr try out leeding edge $ersion:

read src/GE73DE

System 7dministrators 4 Pse e%isting SystemTap scripts

http://sourceware.org/systemtap/wiki/WarStories

src/e%amples< src/e%amples/small1demos

3e$elopers 4 )earn "rom e%isting scripts< write your own or reuse



Some interesting
'and use"ul* scripts

nettop.stp

3e"ined netde$.transmit and netde$.recei$e proes

!rints network acti$ity e$ery 8 secs

simpress sends and recei$es packets sometimes. Why?



iotop.stp

!rints -/S acti$ity



p"iles

Fery nice tool< inspired y SolarisO p"iles tool

Daps process !-3 to "ile descriptors

3isplays open socket in"ormation

)ists opened "iles that are locked



plimit

-nspired y SolarisO plimit tool



psig

-nspired y SolarisO psig tool



sig1y1proc.stp

!rints signal counts y process name in descending order



socktop

-nspired y 3traceOs socktop

Tracks reads and writes on sockets y process



WhatOs ne%t

Wiki: http://www.sourceware.org/systemtap/wiki

)anguage re"erence: http://sourceware.org/systemtap/langre"/

Dailing list: systemtapHsources.redhat.com

Dy log: http://www.kernel.sg/log/category/systemtap/

This work is licensed under a 6reati$e 6ommons


7ttriution#Share 7like :.0 Pnported )icense.

Writing SystemTap Scripts
Eugene Teo
Slides: http://www.kernel.sg/talks/lca2008/

You might also like