Something missing in truss
Dan Nelson
dnelson at allantgroup.com
Sat Dec 3 20:10:13 UTC 2011
In the last episode (Dec 02), Eivind Evensen said:
> Does anybody else see this or know why?
>
> The machine here is running :
>
> > uname -a
> FreeBSD elg.hjerdalen.lokalnett 8.2-STABLE FreeBSD 8.2-STABLE #36: Wed Nov 30 22:03:07 CET 2011 rumrunner at elg.hjerdalen.lokalnett:/usr/obj/usr/src/sys/RUM amd64
>
> While trying to weed out some firefox problems, I've noticed
> that truss doesn't recognise certain syscalls :
>
> getpid() = 1519 (0x5ef)
> clock_gettime(4,{48496.335142903 }) = 0 (0x0)
> kevent(20,{0x23,EVFILT_READ,EV_ADD,0,0x0,0x809ec9d80},1,{0x15,EVFILT_READ,0x0,0,0x1,0x809ec9e80},64,0x0) = 1 (0x1)
> clock_gettime(4,{48496.335293202 }) = 0 (0x0)
> read(21,"\0",1) = 1 (0x1)
> clock_gettime(4,{48496.335382599 }) = 0 (0x0)
> umask(0x80a52ee20,0x8,0x0,0x80a52ee00,0x7fffff1f9eb0,0x80a52ee00) = 116 (0x74)
> -- UNKNOWN SYSCALL -14704864 --
> syscall(0x7fffff1f9ec0,0x0,0x18745,0x7fffff1f9eb0,0x1,0x7fffff1f9e90) = 454 (0x1c6)
> umask(0x80a52ee20,0x8,0x0,0x80a52ee00,0x7fffff1f9eb0,0x80a52ee00) = 116 (0x74)
> -- UNKNOWN SYSCALL -14704864 --
> syscall(0x7fffff1f9ec0,0x0,0x18745,0x7fffff1f9eb0,0x1,0x7fffff1f9e90) = 454 (0x1c6)
> umask(0x80a52ee20,0x8,0x0,0x80a52ee00,0x7fffff1f9eb0,0x80a52ee00) = 116 (0x74)
> -- UNKNOWN SYSCALL -14704864 --
> syscall(0x7fffff1f9ec0,0x0,0x18745,0x7fffff1f9eb0,0x1,0x7fffff1f9e90) = 454 (0x1c6)
> umask(0x80a52ee20,0x8,0x0,0x80a52ee00,0x7fffff1f9eb0,0x80a52ee00) = 116 (0x74)
> -- UNKNOWN SYSCALL -14704864 --
> syscall(0x7fffff1f9ec0,0x0,0x18745,0x7fffff1f9eb0,0x1,0x7fffff1f9e90) = 454 (0x1c6)
> umask(0x80a52ee20,0x8,0x0,0x80a52ee00,0x7fffff1f9eb0,0x80a52ee00) = 116 (0x74)
> -- UNKNOWN SYSCALL -14704864 --
> syscall(0x7fffff1f9ec0,0x0,0x18745,0x7fffff1f9eb0,0x1,0x7fffff1f9e90) = 454 (0x1c6)
Two problems: truss get confused when you attach to a process that's
currently executing a syscall, and it gets even more confused when you have
a threaded process waiting in many syscalls at once.
The following patch fixes problem #1, but problem #2 involves keeping more
per-thread state and ends up touching a lot of the truss code. See
http://www.evoy.net/FreeBSD/truss.diff for one solution (and more syscall
decodes).
Index: setup.c
===================================================================
--- setup.c (revision 228242)
+++ setup.c (working copy)
@@ -202,8 +202,10 @@
find_thread(info, lwpinfo.pl_lwpid);
switch(WSTOPSIG(waitval)) {
case SIGTRAP:
- info->pr_why = info->curthread->in_syscall?S_SCX:S_SCE;
- info->curthread->in_syscall = 1 - info->curthread->in_syscall;
+ if ((lwpinfo.pl_flags&(PL_FLAG_SCE|PL_FLAG_SCX)) == 0)
+ err(1,"pl_flags=%x contains neither PL_FLAG_SCE or PL_FLAG_SCX", lwpinfo.pl_flags);
+ info->pr_why = (lwpinfo.pl_flags&PL_FLAG_SCE) ? S_SCE:S_SCX;
+ info->curthread->in_syscall = (info->pr_why == S_SCE) ? 1:0;
break;
default:
info->pr_why = S_SIG;
--
Dan Nelson
dnelson at allantgroup.com
More information about the freebsd-stable
mailing list