diff options
| author | tariromukute <tariromukute@gmail.com> | 2023-06-21 02:23:59 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-06-20 17:23:59 -0700 |
| commit | 963e4a6489f6e858aad9d9e8fcde823bf0a649b0 (patch) | |
| tree | 86616b241173f98a20c2e20722b5c055f666cddb | |
| parent | dc24158af21ee60017804c353d88334eed1bd0ae (diff) | |
| download | bcc-963e4a6489f6e858aad9d9e8fcde823bf0a649b0.tar.gz | |
argdist: print process name COMM (#4633)
* Print expression to print process name
* Update documentation to add usage of COMM agrument
| -rwxr-xr-x | tools/argdist.py | 20 | ||||
| -rw-r--r-- | tools/argdist_example.txt | 21 |
2 files changed, 40 insertions, 1 deletions
diff --git a/tools/argdist.py b/tools/argdist.py index c5876896..026ff087 100755 --- a/tools/argdist.py +++ b/tools/argdist.py @@ -21,7 +21,7 @@ import sys class Probe(object): next_probe_index = 0 streq_index = 0 - aliases = {"$PID": "(bpf_get_current_pid_tgid() >> 32)"} + aliases = {"$PID": "(bpf_get_current_pid_tgid() >> 32)", "$COMM": "&val.name"} def _substitute_aliases(self, expr): if expr is None: @@ -125,6 +125,17 @@ u64 __time = bpf_ktime_get_ns(); text += "if (%s == 0) { return 0 ; }\n" % val_name self.param_val_names[pname] = val_name return text + + def _generate_comm_prefix(self): + text = """ +struct val_t { + u32 pid; + char name[sizeof(struct __string_t)]; +}; +struct val_t val = {.pid = (bpf_get_current_pid_tgid() >> 32) }; +bpf_get_current_comm(&val.name, sizeof(val.name)); + """ + return text def _replace_entry_exprs(self): for pname, vname in self.param_val_names.items(): @@ -397,6 +408,10 @@ DATA_DECL # signatures. Other probes force it to (). signature = ", " + self.signature + # If COMM is specified prefix with code to get process name + if self.exprs.count(self.aliases['$COMM']): + prefix += self._generate_comm_prefix() + program += probe_text.replace("PROBENAME", self.probe_func_name) program = program.replace("SIGNATURE", signature) @@ -568,6 +583,9 @@ argdist -p 1005 -H 'r:c:read()' argdist -C 'r::__vfs_read():u32:$PID:$latency > 100000' Print frequency of reads by process where the latency was >0.1ms +argdist -C 'r::__vfs_read():u32:$COMM:$latency > 100000' + Print frequency of reads by process name where the latency was >0.1ms + argdist -H 'r::__vfs_read(void *file, void *buf, size_t count):size_t: $entry(count):$latency > 1000000' Print a histogram of read sizes that were longer than 1ms diff --git a/tools/argdist_example.txt b/tools/argdist_example.txt index 5ee00786..de9f819c 100644 --- a/tools/argdist_example.txt +++ b/tools/argdist_example.txt @@ -203,6 +203,24 @@ r::__vfs_read():u32:$PID:$latency > 100000 It looks like process 2780 performed 21 slow reads. +You can print the name of the process. This is helpful for short lived processes +and for easier identification of processes response. For example, we can identify +the process using the epoll I/O multiplexing system call + +# ./argdist -C 't:syscalls:sys_exit_epoll_wait():char*:$COMM' +[19:57:56] +t:syscalls:sys_exit_epoll_wait():char*:$COMM + COUNT EVENT + 4 $COMM = b'node' +[19:57:57] +t:syscalls:sys_exit_epoll_wait():char*:$COMM + COUNT EVENT + 2 $COMM = b'open5gs-sgwud' + 3 $COMM = b'open5gs-sgwcd' + 3 $COMM = b'open5gs-nrfd' + 3 $COMM = b'open5gs-udmd' + 4 $COMM = b'open5gs-scpd' + Occasionally, entry parameter values are also interesting. For example, you might be curious how long it takes malloc() to allocate memory -- nanoseconds per byte allocated. Let's go: @@ -413,6 +431,9 @@ argdist -p 1005 -H 'r:c:read()' argdist -C 'r::__vfs_read():u32:$PID:$latency > 100000' Print frequency of reads by process where the latency was >0.1ms +argdist -C 'r::__vfs_read():u32:$COMM:$latency > 100000' + Print frequency of reads by process name where the latency was >0.1ms + argdist -H 'r::__vfs_read(void *file, void *buf, size_t count):size_t:$entry(count):$latency > 1000000' Print a histogram of read sizes that were longer than 1ms |