This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

strace using systemtap


Hi

This is strace done using systemtap, it only prints the arguments as
int's but it does give you a view of what is getting executed, you can
of course filter the put based on $target, uid, pid  of your choice. I
did this to test arg0, arg1, arg2 so people can get arguments of calls
with out having to know what calls are comming in or having to handle
them all.

Sample Output:

sys_read                 arg0 =3 arg1 =-1079192388 arg2 =16384
sys_write                arg0 =4 arg1 =158817968 arg2 =256
sys_select               arg0 =142 arg1 =1024 arg2 =-1077317932
sys_read                 arg0 =3 arg1 =-1079192340 arg2 =16384
sys_write                arg0 =4 arg1 =146942360 arg2 =308
sys_select               arg0 =142 arg1 =9 arg2 =146990704
sys_rt_sigprocmask       arg0 =175 arg1 =0 arg2 =-1079176216
sys_rt_sigprocmask       arg0 =175 arg1 =2 arg2 =-1079176088
sys_read                 arg0 =3 arg1 =-1079192388 arg2 =16384


function syscall_name:string () %{
       char *str, buff[80];
       char *tok;
       str = buff;
       strlcpy(str, CONTEXT->probe_point, sizeof(buff));
       tok = strsep(&str, "\"");
       tok = strsep(&str, "@");
       sprintf(str, "%-25s", tok);
       strlcpy(THIS->__retvalue, str, MAXSTRINGLEN);
%}

function arg0:long () %{
         THIS->__retvalue = fetch_register (0);
    %}

function arg1:long () %{
    { 
    intptr_t addr;
          {
              intptr_t s0;
              s0 = fetch_register (4) + 28L;
              addr = s0;
              }
    THIS->__retvalue = deref (4, addr);
    }
    goto out;
    if (0) goto deref_fault;
    deref_fault:
    c->last_error = "pointer dereference fault";
    %}

function arg2:long () %{
     {intptr_t addr;
          {
              intptr_t s0;
              s0 = fetch_register (4) + 32L;
              addr = s0;
              }
    THIS->__retvalue = deref (4, addr);
    }
    goto out;
    if (0) goto deref_fault;
    deref_fault:
    c->last_error = "pointer dereference fault";
    %}

probe kernel.function("sys_*") {
        log(syscall_name() .
               "arg0 =" . string(arg0() ) . " " .
                   "arg1 =" . string(arg1() ) . " " .
                   "arg2 =" .  string(arg2() ) ); 
    }


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]