This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Possible bug in putting processes to sleep


Hi,

I wanted to file a bug report on this, but I think the registration mail
got caught up in the greylisting for now.

I have a small script that detects if a process with a specific name is
running, and if so, puts it to sleep straight away after detecting a
system call from it.

# cat stap_app.stp
%{
#include <linux/signal.h>
%}

global countdown, p_id

function do_sleep:long (process_id:long)
%{
    struct task_struct *sigtask;
    sigtask = find_task_by_pid(THIS->process_id);
    send_sig(SIGSTOP, sigtask, 0);

    printk("SOV\n");
%}

probe kernel.function("sys_*") {
    if (execname() == "open-close") {
        printf("%s\n", probefunc());

        do_sleep(pid());
    }
}

Next, I run a small program that can read from a file, or write to it, or print out some info about how to use it.

The code is as follows:
# cat open-close.c
#include <stdlib.h>
#include <stdio.h>
#include <string.h>

int main(int argc, char *argv[])
{
        char *userinput = malloc(20);
        FILE *file;
        char text[100];

        if (argc < 2) {
                printf("usage: 1 for reading, 2 'text' for writing 'text' \n");
                exit(1);
        }

        if (strcmp(argv[1],"1") == 0) {
                file = fopen("test", "r");

                fgets(text,100,file);
                printf("LÃst = %s\n", text);

                fclose(file);
        } else if (strcmp(argv[1],"2") == 0) {
                file = fopen("test", "w");

                strcpy(userinput, argv[2]);
                fprintf(file, "%s", userinput);
                printf("skrevet: %s\n", userinput);

                fclose(file);
        } else {
                printf("usage: 1 for reading, 2 'text' for writing 'text'.. \n");
                exit(1);
        }

        return 0;
}

When I run the stap script, and I subsequently run the program, I get
this:
# staprun /root/.systemtap/cache/af/stap_aff2f447749d27fd4480a10ee9a53dc8_47299.ko
sys_close
sys_close

-----

Now for the actual question: any explanation of why two system calls are
being printed out?

Shouldn't the program be halted right after the first system call is
made?

/Lasse

Attachment: smime.p7s
Description: S/MIME cryptographic signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]