This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
strace using systemtap
- From: James Dickens <jamesd dot wi at gmail dot com>
- To: systemtap at sources dot redhat dot com
- Date: Tue, 13 Sep 2005 14:07:00 -0500
- Subject: strace using systemtap
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=Q9eS+rzNI9wC3LmbUG2pKGSGvzQi+7gNcXALpubNAvE4H0lm0E2xBezFgXMEBPCiPPZ+wy7jqsroZUxEEOYgdnHbR2x/0uaafFdoFIlx6ix/K/ET2yXLCAF5o/KQBvD84l9qSYGWG8o9E4Eo0ASnslKwdoq/ILiofAcidSDB3eg=
- Reply-to: jamesd dot wi at gmail dot com
Hi
This is strace done using systemtap, it only prints the arguments as
int's but it does give you a view of what is getting executed, you can
of course filter the put based on $target, uid, pid of your choice. I
did this to test arg0, arg1, arg2 so people can get arguments of calls
with out having to know what calls are comming in or having to handle
them all.
Sample Output:
sys_read arg0 =3 arg1 =-1079192388 arg2 =16384
sys_write arg0 =4 arg1 =158817968 arg2 =256
sys_select arg0 =142 arg1 =1024 arg2 =-1077317932
sys_read arg0 =3 arg1 =-1079192340 arg2 =16384
sys_write arg0 =4 arg1 =146942360 arg2 =308
sys_select arg0 =142 arg1 =9 arg2 =146990704
sys_rt_sigprocmask arg0 =175 arg1 =0 arg2 =-1079176216
sys_rt_sigprocmask arg0 =175 arg1 =2 arg2 =-1079176088
sys_read arg0 =3 arg1 =-1079192388 arg2 =16384
function syscall_name:string () %{
char *str, buff[80];
char *tok;
str = buff;
strlcpy(str, CONTEXT->probe_point, sizeof(buff));
tok = strsep(&str, "\"");
tok = strsep(&str, "@");
sprintf(str, "%-25s", tok);
strlcpy(THIS->__retvalue, str, MAXSTRINGLEN);
%}
function arg0:long () %{
THIS->__retvalue = fetch_register (0);
%}
function arg1:long () %{
{
intptr_t addr;
{
intptr_t s0;
s0 = fetch_register (4) + 28L;
addr = s0;
}
THIS->__retvalue = deref (4, addr);
}
goto out;
if (0) goto deref_fault;
deref_fault:
c->last_error = "pointer dereference fault";
%}
function arg2:long () %{
{intptr_t addr;
{
intptr_t s0;
s0 = fetch_register (4) + 32L;
addr = s0;
}
THIS->__retvalue = deref (4, addr);
}
goto out;
if (0) goto deref_fault;
deref_fault:
c->last_error = "pointer dereference fault";
%}
probe kernel.function("sys_*") {
log(syscall_name() .
"arg0 =" . string(arg0() ) . " " .
"arg1 =" . string(arg1() ) . " " .
"arg2 =" . string(arg2() ) );
}