Date created: Saturday, January 13, 2018 12:34:51 PM. Last modified: Monday, August 28, 2023 10:15:48 AM

Systap

Install

Ubnutu 16.04 with 4.4.0-36-generic:

Use the `stap-prep` command to prepare the system for use with systap.

 

After install completes:

bensley@ubuntu-laptop:~/C/etherate10+$ stap -L 'kernel.function("packet_snd")'
kernel.function("packet_snd@/build/linux-a2WvEb/linux-4.4.0/net/packet/af_packet.c:2626")

 

CentOS 7 with 3.10.0-693.5.2.el7.x86_64:

Running `stat-prep` says that the package `kernel-debuginfo-3.10.0-693.5.2.el7.x86_64` is needed. Running `sudo stat-prep` installs it automatically.

After install completes:

[user@ucpe_002 emt]$ stap -L 'kernel.function("packet_snd")'
kernel.function("packet_snd@net/packet/af_packet.c:2298")

 

Examples

Capture all params passed to a Kernel function, runs one time them quits:

sudo stap -e 'probe kernel.function("packet_snd") {printf("%s\n", $$parms); exit(); }'

 

Add $ suffix to $$parms to pretty print:

bensley@ubuntu-laptop:~/C/etherate10+$ sudo stap -e 'probe kernel.function("packet_snd") {printf("%s\n", $$parms$); exit(); }'
sock={.state=?, .type=?, .flags=?, .wq=?, .file=?, .sk=?, .ops=?} sock={.state=?, .type=?, .flags=?, .wq=?, .file=?, .sk=?, .ops=?} len=? msg={.msg_name=?, .msg_namelen=?, .msg_iter={...}, .msg_control=?, .msg_controllen=?, .msg_flags=?, .msg_iocb=?}

 

Add $$ suffix to $$parms to pretty print and expand nested data structures:

bensley@ubuntu-laptop:~/C/etherate10+$ sudo stap -e 'probe kernel.function("packet_snd") {printf("%s\n", $$parms$$); exit(); }'
sock={.state=?, .type=?, .flags=?, .wq=?, .file=?, .sk=?, .ops=?} sock={.state=?, .type=?, .flags=?, .wq=?, .file=?, .sk=?, .ops=?} len=? msg={.msg_name=?, .msg_namelen=?, .msg_iter={.type=?, .iov_offset=?, .count=?, <union>={.iov=?, .kvec=?, .bvec=?}, .nr_segs=?}, .msg_control=?, .msg_controllen=?, .msg_flags=?, .msg_iocb=?}

 

Not sure why all the values above are unresolved "?". The function being traced `packet_snd()` is called by `packet_sendmsg()` and tracing that parent function works fine:

bensley@ubuntu-laptop:~/C/etherate10+$ sudo stap -e 'probe kernel.function("packet_sendmsg") {printf("%s\n", $$parms$$); exit(); }'
sock={.state=1, .type=3, .flags=0, .wq=0xffff8801c48d4f00, .file=0xffff8801c3880c00, .sk=0xffff88008e02f800, .ops=0xffffffff81acb480} msg={.msg_name=0x0, .msg_namelen=0, .msg_iter={.type=1, .iov_offset=0, .count=1514, <union>={.iov=0xffff8801c3be7d50, .kvec=0xffff8801c3be7d50, .bvec=0xffff8801c3be7d50}, .nr_segs=1}, .msg_control=0x0, .msg_controllen=0, .msg_flags=0, .msg_iocb=0x0} len=1514

 


^ Top

Previous page: Ptkgen
Next page: 'adb' - Notes