zoukankan      html  css  js  c++  java
  • systemtap如何写C函数 捎带着看看ret kprobe怎么用

    systemstap中自定义函数

    Embedded C can be the body of a script function. Instead enclosing the function body statements in { and
    }, use %{ and %}. Any enclosed C code is literally transcribed into the kernel module: it is up to you to make
    it safe and correct. In order to take parameters and return a value, macros STAP_ARG_* and STAP_RETVALUE
    are made available. The familiar data-gathering functions pid(), execname(), and their neighbours are all
    embedded C functions. Figure 10 contains another example.


    Since systemtap cannot examine the C code to infer these types, an optional annotation syntax is available
    to assist the type inference process. Simply suffix parameter names and/or the function name with :string
    or :long to designate the string or numeric type. In addition, the script may include a %{ %} block at the
    outermost level of the script, in order to transcribe declarative code like #include <linux/foo.h>. These
    enable the embedded C functions to refer to general kernel types.
    There are a number of safety-related constraints that should be observed by developers of embedded C code.
    1. Do not dereference pointers that are not known or testable valid.
    2. Do not call any kernel routine that may cause a sleep or fault.
    3. Consider possible undesirable recursion, where your embedded C function calls a routine that may be
    the subject of a probe. If that probe handler calls your embedded C function, you may suffer infinite
    regress. Similar problems may arise with respect to non-reentrant locks.
    4. If locking of a data structure is necessary, use a trylock type call to attempt to take the lock. If that
    fails, give up, do not block.

    下面是tutorial中发出来的一个例子:

    # cat embedded-C.stp
    %{
    #include <linux/sched.h>
    #include <linux/list.h>
    %}
    function task_execname_by_pid:string (pid:long) %{
    struct task_struct *p;
    struct list_head *_p, *_n;
    list_for_each_safe(_p, _n, &current->tasks) {
    p = list_entry(_p, struct task_struct, tasks);
    if (p->pid == (int)STAP_ARG_pid)
    snprintf(STAP_RETVALUE, MAXSTRINGLEN, "%s", p->comm);
    }
    %}
    probe begin;
    {
    printf("%s(%d)
    ", task_execname_by_pid(target()), target())
    exit()
    }
    

     https://sourceware.org/systemtap/tutorial.pdf

    使用最新的systemtap去使用print_backtrace呀,并且最后一定要make install

    @在stap中都是有特殊的意义的,比如@count, @define @const(转化成内核定义的宏)

    In addition, you can take their address (the &operator), pretty-print structures (the $ and $$ suffix), pretty- print multiple variables in scope (the
    $$vars and related variables), or 
    cast pointers to their types (the @cast
    operator), or
    test their existence / resolvability (the @defined operator).

    @__private30是啥意思

     

  • 相关阅读:
    Ubuntu中的vsftpd配置
    Ubuntu学习-增加更新源及安装软件及卸载软件
    Ubuntu16.04下安装sublime text3
    需要读的书
    同一机器 部署 两个 jboss
    log4j 总结 精华
    oracle 笔记
    oracle 用户 多个表空间
    json
    json 基础
  • 原文地址:https://www.cnblogs.com/honpey/p/8542854.html
Copyright © 2011-2022 走看看