This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: (Noob) What's the difference between task_pid(task) and new_pid?

From: Josh Stone <jistone at redhat dot com>
To: Luis Fernando Muñoz Mejías <Luis dot Fernando dot Munoz dot Mejias at cern dot ch>
Cc: systemtap at sourceware dot org
Date: Mon, 09 Feb 2009 09:13:08 -0800
Subject: Re: (Noob) What's the difference between task_pid(task) and new_pid?
References: <200902091048.52925.Luis.Fernando.Munoz.Mejias@cern.ch>

Hi,

The tapset variable new_pid is defined as exactly task_pid(task), so at first glance, there's no difference. However, process.create is defined this way:

probe process.create = kernel.function("copy_process").return {
    task = $return
    new_pid = task_pid(task)
    if (_IS_ERR(task)) next
}

The third line is an early return in case the task return value is indicating an error instead of being a valid task_struct, but the new_pid is set _before_ the pointer is checked.

I think your script is running into a failed create, so it's trying to read the PID from an error pointer. Can you try swapping the second and third lines in the process.create tapset? I'll make a commit to this effect anyway, since it can't hurt, but I think it will fix your issue.

Thanks,

Josh

Luis Fernando Muñoz Mejías wrote:

Hello, world!

I'm doing some toy SystemTap probes and I found a weird thing. I want
to log every process that is created on my system, so I wrote this
tiny probe:

************************************************************
# Provides relevant information when a process is created
probe process.create {
        printf ("Process %d spawns child %d under uid (%d:%d)\n",
                pid(), new_pid, uid(), euid());
}
************************************************************

It does what I want it to do, but after ~3 hours it crashes. Some
annoying testing gives me a very small message like this:

"failed to access to address 0xYYYYYY on kread(&(t->tgid))"

The message I write by memory, the statement causing the crash is
exactly that one.

On the other hand, the following version:

************************************************************
# Provides relevant information when a process is created
probe process.create {
        printf ("Process %d spawns a new child %d under uid (%d:%d)\n",
                tid(), task_pid(task), uid(), euid());
}
************************************************************

has been running for three days with no problems. So, what's the
difference? Is it a bug?

I'm using systemtap-0.7.2-2.el5.el5, as shipped with RHEL 5.2.

Thanks.

Follow-Ups:
- Re: (Noob) What's the difference between task_pid(task) and new_pid?
  - From: Luis Fernando Muñoz Mejías
- Re: (Noob) What's the difference between task_pid(task) and new_pid?
  - From: Luis Fernando Muñoz Mejías

References:
- (Noob) What's the difference between task_pid(task) and new_pid?
  - From: Luis Fernando MuÃoz MejÃas

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]