On Wed, 19 May 2010 08:09:50 PDT ron minnich <rminn...@gmail.com> wrote:
>
> The format arose out of discussions with nemo and others.
>
> It is a straight text layout of system call params and return. The =
> separates the params and return. The format is:
> pid textname syscall-name pc [params] = retval errstr
> start-nanoseconds end-nanoseconds
>
> Anything that is a pointer to memory gets printed this way:
> pointervalue/"string"
>
> The string has a '.' printed if isgraph(char) is 0.
One can grok most of this by staring at the syscalltrace
output. The small hex value after syscall name -- is it the
return pc?
Very nice but now some gripes!
0. Name syscalltrace is too long :-)
1. Curiously, an actual errstr is not enclosed in "..".
2. Seems long long values are printed as two numbers
(but I haven't checked carefully enough to be sure).
3. Printing . for isgraph(char) loses information.
4. Perhaps buffersize should be settable to deal with
args pointing to large areas.
5. Occasional hangs. Not sure what the cause is.
What happens if the passed in ptr points to invalid memory?
Given 3., in the kernel I would've just copied a binary
structure and let the userland worry about any formatting.
I "fixed" a few things in syscalltrace (diff below):
- strace -c echo boo # extra look up in /bin if needed
- strace -c rc -c 'ls /' # allow - args to command
- strace -c strace -c echo foo # allow recursive use
strace -c rc </dev/null |[2] wc
# send trace output to stderr, not stdout.
There is still some bug that makes syscalltrace hang,
particularly if its output is piped to another process.
Trivia: rc makes 192 syscalls, on freebsd $PLAN9/bin/rc makes
157, /bin/sh makes 87, and zsh makes 11259 calls!
I can imagine showing syscalls of each traced process on a
separate scrolling time line. This will allow one to see
timing relationships and call patterns. Zoom to see
appropriate scale, click on a call (or select a range) to see
call details. Can also show who forks whom, with a
connecting line to the new timeline that just popped up for
the new process. Color can be used for procs or syscalls.
etc. Not sure when/if I will get around to implementing
something like this though.
-- bakul
diff ../syscalltrace/syscalltrace.c ./syscalltrace.c
4a5
> #include <stdio.h>
121c122
< print("%s", s->buf);
---
> fprint(2, "%s", s->buf);
151c152
< break;
---
> goto done;
155c156
<
---
> done:
164a166,170
> if (cmd[0] != '/') {
> char* pcmd = malloc(strlen(cmd) + 5);
> sprintf(pcmd, "/bin/%s", cmd);
> exec(pcmd, args);
> }
