1. 统计函数每次执行耗时
bpftrace -e 'kprobe:vfs_read { @start[tid] = nsecs; } kretprobe:vfs_read /@start[tid]/ {@us[pid] = nsecs - @start[tid]; delete(@start[tid]); } END { print(@us, 0, 1000); clear(@us); clear(@start); }'
2. 谁打开了特定文件
# bpftrace -e 'kprobe:do_sys_openat2 / str(uptr(arg1)) == "/dev/cpuset/top-app/tasks" / { printf("tid=%d comm=%s open file %s\n", tid, comm, str(uptr(arg1))); }' # bpftrace -e 'kprobe:do_sys_openat2 / str(uptr(arg1)) == "/dev/cpuset/top-app/tasks" / { printf("tid=%d comm=%s open file %s, ustack: %s\n", tid, comm, str(uptr(arg1)), ustack(perf)); }'
3. 一个进程休眠了多长时间
(1) 所有进程
# bpftrace -e 'kprobe:do_nanosleep { @start[tid] = nsecs; }
kretprobe:do_nanosleep /@start[tid] != 0/ { printf("tid=%d, comm=%s, slept for %d ms\n", tid, comm, (nsecs - @start[tid]) / 1000000); delete(@start[tid]); }'
(2) 指定单个线程
# bpftrace -e 'kprobe:do_nanosleep / tid == 1681 / { @start[tid] = nsecs; }
kretprobe:do_nanosleep /@start[tid] != 0 /{ printf("tid=%d, comm=%s, slept for %d us\n", tid, comm, (nsecs - @start[tid]) / 1000); delete(@start[tid]); }' Attaching 2 probes... tid=1681, comm=surfaceflinger, slept for 844 us ^C
4. 看内核某一调用栈和次数
bpftrace -e 'tracepoint:sched:sched_switch { @[kstack] = count(); }'
5. 看某一类函数调用次数
# bpftrace -e 'tracepoint:sched:sched* { @[probe] = count(); } interval:s:5 { exit(); }' Attaching 26 probes... ^C @[tracepoint:sched:sched_stat_iowait]: 2 @[tracepoint:sched:sched_process_wait]: 4 @[tracepoint:sched:sched_process_fork]: 4
6. 单次read的字节数
bpftrace -e 'kretprobe:vfs_read { @bytes = lhist(retval, 0, 2000, 200); }'
7. 过滤指定prio优先级的线程
# 成功,若是使用"/ /"进行过滤,全局变量需要提前赋值,这里使用if bpftrace -e '#include <linux/sched.h> kretprobe:pick_next_task_rt { @prio=((struct task_struct*)retval)->prio; if (@prio == 99) {printf("cpu=%d, prio=%d\n", cpu, @prio);} }'
没有prio=99的RT线程,这个优先级谁使用了?
# let i=0; while true; do if [ i -lt 10 ]; then let i=i+1; else let i=0; sleep 0.1; fi; done & [1] 19256 # chrt -f -p 19256 99 # cat /proc/19256/sched | grep prio prio : 0 # chrt -f -p 19256 1 # cat /proc/19256/sched | grep prio prio : 98 # chrt -f -p 19256 0 chrt: 0 < 1 # chrt -f -p 19256 100 chrt: 100 > 99
参考:
https://github.com/iovisor/bpftrace/blob/master/docs/reference_guide.md
https://github.com/iovisor/bpftrace/blob/master/docs/tutorial_one_liners_chinese.md
