On Tue, May 18, 2010 at 10:40 PM, Bakul Shah <bakul+pl...@bitblocks.com> wrote:
> term% 8.out -c /bin/echo Boo! > 511 echo Brk 0x3233 0000b450 00000000 00000000 = 0 "" 0x11af077310cde470 > 0x11af077310d0da40 > 511 echo Pwrite 0x31d6 1 0000a458/"Boo!." 5 -0x1Boo! > = 5 "" 0x11af07731e11e758 0x11af077326aed448 > 511 echo Open 0x32c0 00009ec0/"#c/pid" 00000000 = 3 "" 0x11af0773315f14c0 > 0x11af0773316790a0 > 511 echo Pread 0x3287 3 0fffff00/"........511." 20 -0x1 = 12 "" > 0x11af07733f047958 0x11af07733f09cca0 > 511 echo Close 0x32ee 3 = 0 "" 0x11af07734a6dad78 0x11af07734a707c38 > 511 echo Exits 0x1bd5 0/""cwrite: /proc/511/syscall: failed 12 bytes: process > exited > tterm% The format arose out of discussions with nemo and others. It is a straight text layout of system call params and return. The = separates the params and return. The format is: pid textname syscall-name pc [params] = retval errstr start-nanoseconds end-nanoseconds Anything that is a pointer to memory gets printed this way: pointervalue/"string" The string has a '.' printed if isgraph(char) is 0. So, example: 511 echo Open 0x32c0 00009ec0/"#c/pid" 00000000 = 3 "" 0x11af0773315f14c0 0x11af0773316790a0 pid 511, echo, did an Open, at pc 0x32c0, file name was at 9ec0 and the value was "#c/pid", mode 0, and the result was 3, no error as the errstr was empty: "", and it took 0x11af0773316790a0 - 0x11af0773315f14c0 nanoseconds or 556000 nanoseconds. I need to fix syscalltrace to get rid of this annoying non-error: cwrite: /proc/511/syscall: failed 12 bytes: process exited Just have not done it yet, I'll take a patch. ron