This is the mail archive of the
frysk@sources.redhat.com
mailing list for the frysk project.
Re: ftrace utility
- From: Wu Zhou <woodzltc at cn dot ibm dot com>
- To: Sami Wagiaalla <swagiaal at redhat dot com>
- Cc: frysk <frysk at sources dot redhat dot com>
- Date: Wed, 12 Jul 2006 12:12:41 -0400
- Subject: Re: ftrace utility
- References: <44B4199B.1070509@redhat.com>
Quoting Sami Wagiaalla <swagiaal@redhat.com>:
Hi everyone,
After recent work on system calls, i have written ftrace which is a utility
with similar functionality to strace using the frysk engine. What it does is
start start the requested process though frysk add a systemcall observer
to it and starts printing out syscall info. It is a work in progress and atm
there are some obvious bugs in it. It does work however, and it is a proof
of concept.
Please give it a run
frysk/frysk-core/prog/util/ftrace
I give it a try. It works almost ok. some observation though.
1. The first system call is normally exec or similar, ftrace misses that.
2. There are some output like this "frysk.proc.Syscall@168f60", which
should be a string representing a file directory.
3. I notice an exception when running "./prog/util/ftrace pwd"
[woodzltc@woodzltc frysk-core]$ ./prog/util/ftrace pwd
ftrace.main() Proc.getPid() 12938
<SYSCALL> brk (NULL) = 153636864
<SYSCALL> mmap (NULL,4096,3,34,-1,-38) = 0xb7fc9000
<SYSCALL> access ("frysk.proc.Syscall@168cc0,4) = -1 ERRNO=2
<SYSCALL> open ("frysk.proc.Syscall@168f60,0,0) = 3
<SYSCALL> fstat64 (3,0xbfdc758c) = 0
<SYSCALL> mmap (NULL,116510,1,2,3,-38) = 0xb7fac000
<SYSCALL> close (3) = 0
<SYSCALL> open ("frysk.proc.Syscall@168f60,0,-1208303616) = 3
<SYSCALL> read (3,0xbfdc76e8,512) = 512
<SYSCALL> fstat64 (3,0xbfdc7610) = 0
<SYSCALL> mmap (0x633000,1254780,5,2050,3,-38) = 0x633000
<SYSCALL> mmap (0x75f000,16384,3,2066,3,-38) = 0x75f000
<SYSCALL> mmap (0x763000,9596,3,50,-1,-38) = 0x763000
<SYSCALL> close (3) = 0
<SYSCALL> mmap (NULL,4096,3,34,-1,-38) = 0xb7fab000
<SYSCALL> set_thread_area (0xbfdc7ae8) = 0
<SYSCALL> mprotect (0x75f000,12288,1) = 0
<SYSCALL> mprotect (0x62f000,4096,1) = 0
<SYSCALL> munmap (0xb7fac000,116510) = 0
<SYSCALL> brk (NULL) = 153636864
<SYSCALL> brk (0x92a6000) = 153772032
<SYSCALL> open ("frysk.proc.Syscall@168f60,32768,1) = 3
<SYSCALL> fstat64 (3,0x762aa0) = 0
<SYSCALL> mmap (NULL,2097152,1,2,3,-38) = 0xb7dab000
<SYSCALL> close (3) = 0
<SYSCALL> lstat64 ("frysk.proc.Syscall@169d38,0xbfdc7c98) = 0
<SYSCALL> lstat64 ("frysk.proc.Syscall@169d38,0xbfdc7c98) = 0
Exception in thread "Thread-1" java.lang.ArrayIndexOutOfBoundsException: 295
at frysk.proc.Syscall.syscallByNum(ftrace)
at prog.util.ftrace$SyscallObserver.updateSyscallEnter(ftrace)
at frysk.proc.Task.notifySyscallEnter(ftrace)
at frysk.proc.TaskState$SyscallRunning.handleSyscalledEvent(ftrace)
at frysk.proc.Task.processSyscalledEvent(ftrace)
at frysk.proc.LinuxHost$PollWaitOnSigChld$2.syscallEvent(ftrace)
at frysk.sys.Wait.waitAllNoHang(ftrace)
at frysk.proc.LinuxHost$PollWaitOnSigChld.execute(ftrace)
at frysk.event.EventLoop.runEventLoop(ftrace)
at frysk.event.EventLoop.run(ftrace)
/root/DE-Frysk/latest-cvs/build/frysk-core
Regards
- Wu Zhou