04-systemtap常用探针

用户态进程探针

# 
probe process("/lib64/libc.so.6").function("*memcpy*") { /* scripts */ }
#
probe process(28888).function("*open*") { /* scripts */ }
#
probe process("/home/postgres/postgresql-12.1/bin/postgres").function("*memcpy*") {
    /* scripts */
}
#
probe process("postgres").statement("GetNewTransactionId@varsup.c:76") {
    /* scripts */
}

系统调用探针

#
probe.syscall.*
#
probe syscall.write
#
probe syscall.write.return

内核函数探针

# function()和function.call是等价的
probe kernel.function("SyS_execve@fs/exec.c:1764").call
probe kernel.function("SyS_execve@fs/exec.c:1764").return
# 语句
probe kernel.statement("generic_make_request@block/blk-core.c:*")
# 所以内核函数加探针,慎用
probe kernel.function("*").call

systemtap内置探针

probe ioblock.*
probe ioscheduler.*
probe ioscheduler_trace.*
# 进入cpu时间片
probe scheduler.cpu_on
# 从cpu时间片切出
probe scheduler.cpu_off