SystemTap accepts script as command line option or external file, for example:
* Command-line script is passed with `-e` option
`# stap -e ‘probe syscall.write { printf("%d\n", $fd); }‘ [arguments]`
* External file as first argument:
`# stap syscalls. [arguments]`
SystemTap command line arguments may be passed to a script, but it distingushes their types: numerical arguments are accessible with `$` prefix: `$1`, `$2` ... `$n` while string arguments have `@` prefix: `@1`, `@2` ... `@n`
Here are some useful `stap(1)` options:
* `-l PROBESPEC` accepts probe specifier without `probe` keyword (but with wildcards) and prints all matching probe names (more on wildcards in [Probes][lang/probes]). `-L` will also print probe arguments and their types. For example:
`# stap -l ‘scsi.*‘`
* `-v` -- increases verbosity of SystemTap. The more letters you passed, the more diagnostic information will be printed. If only one `-v` was passed, `stap` will report only finishing of each stage.
* `-p STAGE` -- ends stap process after _STAGE_, represented with a number starting with 1 (_parse_).
* `-k` -- stap tool won‘t delete SystemTap temporary files created during compilation (sources and kernel modules kept in `/tmp/stapXXXX` directory),
* `-g` -- enables Guru-mode, that allows to bind to blacklisted probes and write into kernel memory along with using Embedded C in your scripts. Generally speaking, it allows dangerous actions.
* `-c COMMAND` and `-x PID` -- like those in DTrace, they allow to bind SystemTap to a specific process
* `-o FILE` -- redirects output to a file. If it already exists, SystemTap __rewrites__ it.
* `-m NAME` -- when compiling a module, give it meaningful name instead of `stap_<gibberish>`.
When SystemTap needs to resolve address into a symbol (for example, instruction pointer to a corresponding function name), it doesn‘t look into libraries or kernel modules.
Here are some useful command-line options that enable that:
* `-d MODULEPATH` -- enables symbol resolving for a specific library or kernel module. Note that in case it is not provided, `stap` will print a warning with corresponding `-d` option.
* `--ldd` -- for tracing process -- use `ldd` to add all linked libraries for a resolving.
* `--all-modules` -- enable resolving for all kernel modules
#### SystemTap example
Here is sample SystemTap script:
#!/usr/sbin/stap
probe syscall.write { if(pid() == target())
printf("Written %d bytes", $count); }
Save it to `test.stp` and run like this:
[email protected]# stap /root/test.stp -c "dd if=/dev/zero of=/dev/null count=1"
_Q__: Run SystemTap with following options: `# stap -vv -k -p4 /root/test.stp `, find generated directory in `/tmp` and look into created C source.
__Q__: Calculate number of probes in a `syscall` provider and number of variables provided by `syscall.write` probe:
# stap -l ‘syscall.*‘ | wc -l
# stap -L ‘syscall.write‘