Sunday, July 6, 2008

Analyzing linux resources with Systemtap

Systemp lets you gather information about your running linux system. So you can diagnose performance and problems on your system(I/O activity, network, sockets,etc.). It provides a command line interface and a scripting language. There is also a gui interface called stapgui on Installing it on Ubuntu is straight forward

sudo apt-get install systemtap
sudo apt-get install linux-image-debug-generic
sudo ln -s /boot/vmlinux-debug-$(uname -r) /lib/modules/$(uname -r)/vmlinux

Systemtap uses kprobes to trace events. Kprobes are markers which are placed on predefined points in kernel. For example if you like to see which programs are run by your system you call syscall exec probe.
Here is a simple stap script which shows which programs are run by your system.

#!/usr/bin/env stap
probe syscall.exec* {
printf("exec %s %s\n", execname(), argstr)

As you can see, stap is similiar to C language.
The key point is to choose which probe point you would like to use.
It is also possible to probe only which process you want by pid or it's name.For example:
probe process("/bin/bash").syscall

Here is another example, suppose you have a disk I/O activity and want to know which processes are causing this.

#!/usr/bin/env stap

global reads, writes, total_io
probe kernel.function("vfs_read").return {
reads[execname()] = total_io[execname()] += $return
probe kernel.function("vfs_write").return {
writes[execname()] = total_io[execname()] += $return
probe timer.s(1) {
foreach(p in total_io- limit 10)
printf("%15s r: %8d KiB w: %8d KiB\n",p, reads[p]/1024,writes[p]/1024)

You can read further at systemtap site

No comments: