SystemTap accepts script as command line option or external file, for example:
* Command-line script is passed with `-e` option
`# stap -e 'probe syscall.write { printf("%d\n", $fd); }' [arguments]`
* External file as first argument:
`# stap syscalls. [arguments]`
SystemTap command line arguments may be passed to a script, but it distingushes their types: numerical arguments are accessible with `$` prefix: `$1`, `$2` ... `$n` while string arguments have `@` prefix: `@1`, `@2` ... `@n`
Here are some useful `stap(1)` options:
* `-l PROBESPEC` accepts probe specifier without `probe` keyword (but with wildcards) and prints all matching probe names (more on wildcards in [Probes][lang/probes]). `-L` will also print probe arguments and their types. For example:
`# stap -l 'scsi.*'`
* `-v` -- increases verbosity of SystemTap. The more letters you passed, the more diagnostic information will be printed. If only one `-v` was passed, `stap` will report only finishing of each stage.
* `-p STAGE` -- ends stap process after _STAGE_, represented with a number starting with 1 (_parse_).
* `-k` -- stap tool won't delete SystemTap temporary files created during compilation (sources and kernel modules kept in `/tmp/stapXXXX` directory),
* `-g` -- enables Guru-mode, that allows to bind to blacklisted probes and write into kernel memory along with using Embedded C in your scripts. Generally speaking, it allows dangerous actions.
* `-c COMMAND` and `-x PID` -- like those in DTrace, they allow to bind SystemTap to a specific process
* `-o FILE` -- redirects output to a file. If it already exists, SystemTap __rewrites__ it.
* `-m NAME` -- when compiling a module, give it meaningful name instead of `stap_<gibberish>`.
When SystemTap needs to resolve address into a symbol (for example, instruction pointer to a corresponding function name), it doesn't look into libraries or kernel modules.
Here are some useful command-line options that enable that:
* `-d MODULEPATH` -- enables symbol resolving for a specific library or kernel module. Note that in case it is not provided, `stap` will print a warning with corresponding `-d` option.
* `--ldd` -- for tracing process -- use `ldd` to add all linked libraries for a resolving.
* `--all-modules` -- enable resolving for all kernel modules
#### SystemTap example
Here is sample SystemTap script:
#!/usr/sbin/stap
probe syscall.write { if(pid() == target())
printf("Written %d bytes", $count); }
Save it to `test.stp` and run like this:
root@host# stap /root/test.stp -c "dd if=/dev/zero of=/dev/null count=1"
_Q__: Run SystemTap with following options: `# stap -vv -k -p4 /root/test.stp `, find generated directory in `/tmp` and look into created C source.
__Q__: Calculate number of probes in a `syscall` provider and number of variables provided by `syscall.write` probe:
# stap -l 'syscall.*' | wc -l
# stap -L 'syscall.write'
執行SystemTap。
執行SystemTap首先需要root許可權。
執行SystemTap有三種形式:
1. 從文件(通常以.stp作為文件名字尾)中讀入並執行指令碼:stap [選項] 文件名。
2. 從標準輸入中讀入並執行指令碼: stap [選項]。
3. 執行命令列中的指令碼:stap [選項] -e 指令碼。
4. 直接執行指令碼文件(需要可執行屬性並且第一行加上#!/usr/bin/stap):./指令碼文件名用"Ctrl C"中止SystemTap的執行。
systemtap的選項還在不斷的擴充套件和更新中,其中最常用的選項包括:
-v -- 列印中間資訊;
-p NUM -- 執行完Pass Num後停止(預設是執行到Pass 5);
-k -- 執行結束後保留臨時文件不刪除;
-b -- 使用RelayFS文件系統來將資料從核心空間傳輸到使用者空間;
-M -- 僅當使用-b選項時有效,執行結束時不合並每個CPU的單獨資料文件;
-o FILE -- 輸出到文件,而不是輸出到標準輸出;
-c CMD -- 啟動探測後,執行CMD命令,直到命令結束後退出;
-g -- 採用guru模式,允許指令碼中嵌入C語句;