11.3.3 fbt Examples

You can easily use the fbt provider to explore the kernel's implementation. The following example script records the first gettimeofday call from any clock process and then follows the subsequent code path through the kernel. Type the following D source code and save it in a file named xgettimeofday.d: 

/*
 * To make the output more readable, indent every function entry
 * and unindent every function return.  This is done by setting the
 * "flowindent" option.
 */
#pragma D option flowindent

syscall::gettimeofday:entry
/execname == "clock" && guard++ == 0/
{
        self->traceme = 1;
        printf("start");
}

fbt:::
/self->traceme/
{}

syscall::gettimeofday:return
/self->traceme/
{
        self->traceme = 0;
        exit(0);
}

Running this script results in output that is similar to the following: 

# dtrace -s ./xgettimeofday.d
dtrace: script './xgettimeofday.d' matched 92115 probes
CPU FUNCTION
  0  => gettimeofday                          start
  0    -> SyS_gettimeofday
  0      -> getnstimeofday64
  0        -> __getnstimeofday64
  0        <- __getnstimeofday64
  0      <- getnstimeofday64
  0      -> _copy_to_user
  0      <- _copy_to_user
  0    <- SyS_gettimeofday
  0  <= gettimeofday

The previous output shows the internal kernel functions that are called when the gettimeofday system call is made.

Copyright © 2013, 2018, Oracle and/or its affiliates. All rights reserved. Legal Notices