make fork/execce trace hooks lket internally and turned on by default.
add stoptrace_fork and stoptrace_execve flags for lket to control
stopping fork/execve in user scripts.
update lket-b2a and lket man page.
.B \-f
convert and dump trace data into local file. For more details,
See the following section.
+.TP
+.B \-n
+name_flag. name_flag set to 0 means not printing the event
+description string and 1 means printing. Only valid with -f
+option. name_flag is set to 1 by default.
+.TP
+.B \-i
+id_flag. id_flag set to 0 means not printing event groupid and
+hookid and 1 means printing. Only valid with -f option. id_flag
+is set to 0 by default.
+.TP
+.B \-a
+appname_flag. appname_flag set to 0 means not printing process
+name and 1 means printing. Only valid with -f option. appname_flag
+is set to 1 by default.
.SH DUMP TRACE DATA INTO LOCAL FILE
Big endian: YES
Timing method: do_gettimeofday()
Bits width: 64
-Initial CPU timebase: 187994 (cycles per microsecond)
-
-0.2084 APPNAME: (null) PID:20922 CPU:3 HOOKGRP:3 HOOKID:1 tid:20936,pid:20936,ppid:35,pname:systemtap/0,
-0.2086 APPNAME: (null) PID:20922 CPU:3 HOOKGRP:3 HOOKID:1 tid:20937,pid:20937,ppid:35,pname:systemtap/1,
-0.2087 APPNAME: (null) PID:20922 CPU:3 HOOKGRP:3 HOOKID:1 tid:20938,pid:20938,ppid:35,pname:systemtap/2,
+Initial CPU timebase: 1596405 (cycles per microsecond)
[...]
-10.24319 APPNAME: sshd PID:7203 CPU:3 HOOKGRP:2 HOOKID:2 syscall:write,
-10.24324 APPNAME: sshd PID:7203 CPU:3 HOOKGRP:2 HOOKID:1 syscall:compat_sys_select,
+2.527880 CPU:0 PID:2450 APPNAME:gnome-panel EVT_NAME:iosyscall.read.entry fd:3,buff_addr:-1081126904,count:32,
+2.527887 CPU:0 PID:2450 APPNAME:gnome-panel EVT_NAME:iosyscall.read.return return:32,
+2.534343 CPU:0 PID:1450 APPNAME:kjournald EVT_NAME:scsi.ioentry major:8,minor:0,sdev_state:2,request_addr:3806880208,
+2.534359 CPU:0 PID:1450 APPNAME:kjournald EVT_NAME:scsi.iodispatching host:0,channel:0,lun:0,dev_id:0,dev_state:2,data_dir:1,reqbuf_addr:3248315840,reqbuf_len:8192,request_addr:3806880208,
[...]
.ESAMPLE
.I common_data, syscall_name(STRING)
.SS PROCESS CREATION
-This group contains three sub event hooks.
-You could use
-.I addevent.process
-to trace fork and execve of processes(note that process_snapshot()
-won't be included).
+This group contains three sub event hooks. All of them are turned on
+by default. You can use the flags stoptrace_fork and stoptrace_exec to stop
+tracing fork/execve in your script, e.g.:
+
+.SAMPLE
+probe begin
+{
+ stoptrace_fork = 1
+ stoptrace_exec = 1
+}
+...
+.ESAMPLE
+
.P
.TP
.B process_snapshot()
.P
.TP
-.B addevent.process.fork
+.B lket_internal.process.fork
Trace fork of processes
Data format is:
.I common_data, new_tid(INT32), new_pid(INT32), ppid(INT32)
.TP
-.B addevent.process.execve
+.B lket_internal.process.execve
Trace execve of new processes
Data format is:
+2006-11-09 Li Guanglei <guanglei@cn.ibm.com>
+
+ * runtime/lket/b2a/lket_b2a.[ch]: add options to control
+ the output data fields of lket.out
+
2006-11-02 Martin Hunt <hunt@redhat.com>
* sym.c (_stp_module_relocate): New function. Needed by the
/* A flag indicate whether to store the trace
data into local file/MySQL database */
int into_file, into_db;
-
+int name_flag=1, id_flag=0, appname_flag=1;
#ifdef HAS_MYSQL
#define SQLSIZE 1024*1024
lket-b2a Options INFILE1 [INFILE2...]\n\
Options:\n\
-f dump the trace data into a local file named \"lket.out\"\n\
- -m dump the trace data into MySQL\n");
+ -n name_flag. name_flag set to 0 means not printing the event\n\
+ description string and 1 means printing. Only valid with -f\n\
+ option. name_flag is set to 1 by default.\n\
+ -i id_flag. id_flag set to 0 means not printing event groupid and\n\
+ hookid and 1 means printing. Only valid with -f option. id_flag\n\
+ is set to 0 by default.\n\
+ -a appname_flag. appname_flag set to 0 means not printing process\n\
+ name and 1 means printing. Only valid with -f option. appname_flag\n\
+ is set to 1 by default.\n\
+ -m dump the trace data into MySQL\n\
+ Example:\n\
+ lket-b2a -f -a 1 -i 1 -n 0 stpd_cpu*\n\
+ lket-b2a -m stpd_cpu*\n");
}
int main(int argc, char *argv[])
strftime(database, 18, "DB%Y%m%d%H%M%S", tm);
while (1) {
- int c = getopt(argc, argv, "mf");
+ int c = getopt(argc, argv, "mfi:n:a:");
if (c < 0) // no more options
break;
switch (c) {
case 'f':
into_file = 1;
break;
+ case 'n':
+ name_flag = atoi(optarg);
+ if(name_flag!=0 && name_flag!=1) {
+ fprintf(stderr, "you must specify 0 or 1 for -n option\n");
+ usage();
+ exit(-1);
+ }
+ break;
+ case 'i':
+ id_flag = atoi(optarg);
+ if(id_flag!=0 && id_flag!=1) {
+ fprintf(stderr, "you must specify 0 or 1 for -i option\n");
+ usage();
+ exit(-1);
+ }
+ break;
+ case 'a':
+ appname_flag = atoi(optarg);
+ if(appname_flag!=0 && appname_flag!=1) {
+ fprintf(stderr, "you must specify 0 or 1 for -a option\n");
+ usage();
+ exit(-1);
+ }
+ break;
+
default:
printf("Error in options\n");
usage();
hookid = HDR_HookID(phdr);
pid = HDR_PID(phdr);
- if(into_file)
- fprintf(outfp, "\n%d.%d APPNAME: %s PID:%d CPU:%d HOOKGRP:%d HOOKID:%d ",
- sec, usec,
- (char *)(g_tree_lookup(appNameTree, (gconstpointer)((long)pid))),
- pid, HDR_CpuID(phdr), grpid, hookid);
+ if(into_file) {
+ fprintf(outfp, "\n%d.%d CPU:%d PID:%d ", sec, usec, HDR_CpuID(phdr), pid);
+ if(appname_flag==1)
+ fprintf(outfp, "APPNAME:%s ", (char *)(g_tree_lookup(appNameTree,(gconstpointer)((long)pid))));
+ if(name_flag==1)
+ fprintf(outfp, "EVT_NAME:%s ", events_des[_HOOKID_REGSYSEVT][grpid][hookid]->description);
+ if(id_flag==1)
+ fprintf(outfp, "HOOKGRP:%d HOOKID:%d ", grpid, hookid);
+ }
#ifdef HAS_MYSQL
if(into_db) {
static int has_table = 0;
#endif
int grpid, hookid;
+ int len = 0;
char *evt_body;
evt_body = malloc(size);
fread(evt_body, size, 1, infp);
grpid = *(int8_t *)evt_body;
hookid = *(int8_t *)(evt_body+1);
-
+ len = strlen(evt_body+2)+2;
if(!events_des[_HOOKID_REGSYSEVT][grpid][hookid])
events_des[_HOOKID_REGSYSEVT][grpid][hookid] = malloc(sizeof(event_desc));
+ if(!events_des[_HOOKID_REGSYSEVT][grpid][hookid]->description)
+ events_des[_HOOKID_REGSYSEVT][grpid][hookid]->description = malloc(len);
+ strncpy(events_des[_HOOKID_REGSYSEVT][grpid][hookid]->description, evt_body+2, len);
#ifdef HAS_MYSQL
events_des[_HOOKID_REGSYSEVT][grpid][hookid]->entrytime = g_tree_new_full(
compareFunc, NULL, NULL, destroyTreeData);
char evt_fmt[MAX_FIELDS][7]; /* e.g. INT8,STRING,INT16,... */
char evt_names[MAX_FIELDS][MAX_FIELDNAME_LEN]; /* e.g. protocal,dev_name,buff_len,... */
char fmt[256]; /* e.g. %1b,%0s,%2b,... */
+ char *description; /* a string description of this event, such as "iosyscall.read.entry" */
int count; /* # of fields */
int flag; /* a flag indicates whether exists trace data for this event */
} event_desc;
+2006-11-09 Li Guanglei <guanglei@cn.ibm.com>
+
+ * process.stp: make fork/execce trace hooks
+ lket internally and turned on by default.
+ add stoptrace_fork and stoptrace_execve flags to
+ control stopping fork/execve in user scripts
+
2006-10-31 Li Guanglei <guanglei@cn.ibm.com>
* register_event.stp: changes of all event_desc
GROUP_PROCESS,
HOOKID_PROCESS_SNAPSHOT, HOOKID_PROCESS_FORK,
HOOKID_PROCESS_EXECVE,
+ stoptrace_exec, stoptrace_fork,
/* io scheduler */
GROUP_IOSCHED,
// Public License (GPL); either version 2, or (at your option) any
// later version.
+/* the trace hooks defined here are used by lket internally and they
+ will be turned on by default */
+
/* record the newly created process name */
function log_execve_tracedata(var_id:long, var:long)
%{
}
%}
-probe addevent.process
- = addevent.process.execve,
- addevent.process.fork
+probe lket_internal.process { }
+
+probe lket_internal.process
+ = lket_internal.process.execve,
+ lket_internal.process.fork
{}
/*
we should capture both do_execve for 64-bit app
and compat_do_execve for 32-bit app
*/
-probe addevent.process.execve
- += _addevent.process.execve
+probe lket_internal.process.execve
+ += _lket_internal.process.execve
{
update_record()
}
-probe _addevent.process.execve
+probe _lket_internal.process.execve
= process.exec
{
+ if(stoptrace_exec==1) next;
log_execve_tracedata(HOOKID_PROCESS_EXECVE, $filename)
}
-probe addevent.process.fork
- += _addevent.process.fork
+probe lket_internal.process.fork
+ += _lket_internal.process.fork
{
update_record()
}
-probe _addevent.process.fork
+probe _lket_internal.process.fork
= process.create
{
+ if(stoptrace_fork==1) next;
log_fork_tracedata(HOOKID_PROCESS_FORK, $return)
}
git://sourceware.org / systemtap.git / commitdiff