Re: [9fans] system call trace version of 9vx available.

Wed, 19 May 2010 13:36:28 -0700 

On Wed, 19 May 2010 11:33:24 PDT ron minnich <[email protected]>  wrote:
> On Wed, May 19, 2010 at 11:23 AM, Bakul Shah <[email protected]> 
> wrote:
> 
> > Ok! I don't feel strongly either way. =A0But I hope you do
> > consider counted bytestrings to represent random memory.
> > It is cheap to parse and produce and doesn't lose info.
> 
> bear in mind that 99.9999999% of the time (well, that's an
> exaggeration!) people do a quick one-off run of this type of tool to
> see something. Thus, it should be biased to human readability. Counted
> bytestrings doesn't quite do that. But I can escape the characters
> that are not printable if you want.
> \...@through \whatever

Thanks.  For a quick one-off it may not matter but can be
valuable when you are looking for a needle in the haystack.
kdump for example shows all the data (and uses a sidebyside
addr,hex,ascii format when there are unprintable chars).

Note that most people are likely to use a frontend tool than
directly cat /proc/<pid>/syscall.

Which reminds me... Is there a reason why just doing

    cat /proc/<pid>/syscall

shouldn't start tracing?  Seems to me, opening the device
should be enough to start tracing and closing it enough to
stop tracing.

You write "startsyscall" to <pid>/syscall for every trace
buffer read  -- don't quite understand why that is needed.

-- bakul

truss excerpt:

read(3,"libpthread.so.1 libthr.so.1\nlib"...,4096) = 81 (0x51)
read(3,0x800535000,4096)                         = 0 (0x0)
close(3)                                         = 0 (0x0)
open("/var/run/ld-elf.so.hints",O_RDONLY,0160)   = 3 (0x3)
read(3,"ehnt\^a\0\0\0...@\0\0\0\m-,\^B\0"...,128) = 128 (0x80)

Corresponding ktrace/kdump excerpt:

 61555 cat      CALL  read(0x3,0x800535000,0x1000)
 61555 cat      GIO   fd 3 read 81 bytes
       "libpthread.so.1 libthr.so.1
        libpthread.so.2 libthr.so.2
        libkse.so.3 libthr.so.3

       "
 61555 cat      RET   read 81/0x51
 61555 cat      CALL  read(0x3,0x800535000,0x1000)
 61555 cat      GIO   fd 3 read 0 bytes
       ""
 61555 cat      RET   read 0
 61555 cat      CALL  close(0x3)
 61555 cat      RET   close 0
 61555 cat      CALL  open(0x80052d74b,O_RDONLY,<unused>0x70)
 61555 cat      NAMI  "/var/run/ld-elf.so.hints"
 61555 cat      RET   open 3
 61555 cat      CALL  read(0x3,0x7fffffffdc00,0x80)
 61555 cat      GIO   fd 3 read 128 bytes
       0x0000 4568 6e74 0100 0000 8000 0000 ac02 0000  |Ehnt............|
       0x0010 0000 0000 ab02 0000 0000 0000 0000 0000  |................|
       0x0020 0000 0000 0000 0000 0000 0000 0000 0000  |................|
       0x0030 0000 0000 0000 0000 0000 0000 0000 0000  |................|
       0x0040 0000 0000 0000 0000 0000 0000 0000 0000  |................|
       0x0050 0000 0000 0000 0000 0000 0000 0000 0000  |................|
       0x0060 0000 0000 0000 0000 0000 0000 0000 0000  |................|
       0x0070 0000 0000 0000 0000 0000 0000 0000 0000  |................|
 61555 cat      RET   read 128/0x80

More verbose but more informative and more useful.

Reply via email to