On Tue, Dec 08, 2009 at 05:27:58PM +0100, Juhasz Balint wrote:
> Hy!
>
>
> I have a problem with my script:
> # cat process_ps.d
> #!/usr/sbin/dtrace -qs
> #pragma D option quiet
>
> syscall::open:entry
> / (arg0 != NULL) && ( execname == "ps" ) && ( copyinstr(arg0) ==
> "/proc/1305/psinfo" ) /
> {
> printf("%s:%s:%s:%s\t->\t%s (%d)\n", probeprov, probemod,
> probefunc, probename, copyinstr(arg0), strlen(copyinstr(arg0)));
> }
>
> The output of this script:
>
> # ./process_ps.d
> syscall::open:entry -> /proc/1305/psinfo (17)
> syscall::open:entry -> /proc/1305/psinfo (17)
> dtrace: error on enabled probe ID 1 (ID 4538: syscall::open:entry):
> invalid address (0xff358000) in predicate at DIF offset 120
> dtrace: error on enabled probe ID 1 (ID 4538: syscall::open:entry):
> invalid address (0xff358000) in predicate at DIF offset 120
> syscall::open:entry -> /proc/1305/psinfo (17)
> syscall::open:entry -> /proc/1305/psinfo (17)
> syscall::open:entry -> /proc/1305/psinfo (17)
> dtrace: error on enabled probe ID 1 (ID 4538: syscall::open:entry):
> invalid address (0xff358000) in predicate at DIF offset 120
> syscall::open:entry -> /proc/1305/psinfo (17)
> dtrace: error on enabled probe ID 1 (ID 4538: syscall::open:entry):
> invalid address (0xff358000) in predicate at DIF offset 120
> syscall::open:entry -> /proc/1305/psinfo (17)
> dtrace: error on enabled probe ID 1 (ID 4538: syscall::open:entry):
> invalid address (0xff358000) in predicate at DIF offset 120
> syscall::open:entry -> /proc/1305/psinfo (17)
> dtrace: error on enabled probe ID 1 (ID 4538: syscall::open:entry):
> invalid address (0xff358000) in predicate at DIF offset 120
> syscall::open:entry -> /proc/1305/psinfo (17)
> syscall::open:entry -> /proc/1305/psinfo (17)
> dtrace: error on enabled probe ID 1 (ID 4538: syscall::open:entry):
> invalid address (0xff358000) in predicate at DIF offset 120
> syscall::open:entry -> /proc/1305/psinfo (17)
> ...
This is a classic userland data access issue; if the memory holding the
string has not been touched by either the program or the kernel, it's not
possible to map it in from a dtrace probe. The usual workaround is to delay
doing the copyin until after the kernel has read the string, typically by
using the return probe. Your script would look like:
--- cut here ---
#!/usr/sbin/dtrace -s
dtrace:::BEGIN
{
printf("Parameter(s):\t%s\n", $$1);
}
syscall::open:entry
/ arg0 != NULL && execname == "ps" /
{
self->file = arg0;
}
syscall::open:return
/ self->file && copyinstr(self->file) == ("/proc/" + $$1 + "/psinfo") /
{
printf("%s:%s:%s:%s\t->\t%s (%d)\n", probeprov, probemod,
probefunc, probename, copyinstr(self->file),
strlen(copyinstr(self->file)));
}
/* free the thread-local variable after we're done, or if the thread exits */
syscall::open:return, proc:::lwp-exit
/self->file/
{
self->file = 0;
}
--- cut here ---
Make sense?
Cheers,
- jonathan
> 1. question:
> I doesn't understand why are there these "invalid address (0xff358000)
> in predicate at DIF offset 120" errors.
>
> If i modify my script:
> # cat process_ps.d
> #!/usr/sbin/dtrace -qs
> #pragma D option quiet
>
> BEGIN {
> printf("Your parameter(s):\t%s\n", $$1);
> self->pida = strjoin(strjoin("/proc/",$$1),"/psinfo");
> printf("New variable(s):\t%s (%d)\n", self->pida, strlen(self->pida));
> }
>
> syscall::open:entry
> / (arg0 != NULL) && ( execname == "ps" ) && ( copyinstr(arg0) == self->pida )
> /
> {
> printf("%s:%s:%s:%s\t->\t%s (%d)\n", probeprov, probemod,
> probefunc, probename, copyinstr(arg0), strlen(copyinstr(arg0)));
> }
>
> # ./process_ps.d 1305
> Your parameter(s): 1305
> New variable(s): /proc/1305/psinfo (17)
> dtrace: error on enabled probe ID 2 (ID 4538: syscall::open:entry):
> invalid address (0xff358000) in predicate at DIF offset 120
> dtrace: error on enabled probe ID 2 (ID 4538: syscall::open:entry):
> invalid address (0xff358000) in predicate at DIF offset 120
> ... and write nothing ...
>
> 2. question
> I don't understand why it is happen, i think the error is in "(
> copyinstr(arg0) == self->pida )" but i think the syntax is ok.
>
> Thanks a lot.
>
> Br.:
> Cni
> _______________________________________________
> dtrace-discuss mailing list
> dtrace-discuss@opensolaris.org
_______________________________________________
dtrace-discuss mailing list
dtrace-discuss@opensolaris.org
