This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
Hi, I wanted to file a bug report on this, but I think the registration mail got caught up in the greylisting for now. I have a small script that detects if a process with a specific name is running, and if so, puts it to sleep straight away after detecting a system call from it. # cat stap_app.stp %{ #include <linux/signal.h> %} global countdown, p_id function do_sleep:long (process_id:long) %{ struct task_struct *sigtask; sigtask = find_task_by_pid(THIS->process_id); send_sig(SIGSTOP, sigtask, 0); printk("SOV\n"); %} probe kernel.function("sys_*") { if (execname() == "open-close") { printf("%s\n", probefunc()); do_sleep(pid()); } } Next, I run a small program that can read from a file, or write to it, or print out some info about how to use it. The code is as follows: # cat open-close.c #include <stdlib.h> #include <stdio.h> #include <string.h> int main(int argc, char *argv[]) { char *userinput = malloc(20); FILE *file; char text[100]; if (argc < 2) { printf("usage: 1 for reading, 2 'text' for writing 'text' \n"); exit(1); } if (strcmp(argv[1],"1") == 0) { file = fopen("test", "r"); fgets(text,100,file); printf("LÃst = %s\n", text); fclose(file); } else if (strcmp(argv[1],"2") == 0) { file = fopen("test", "w"); strcpy(userinput, argv[2]); fprintf(file, "%s", userinput); printf("skrevet: %s\n", userinput); fclose(file); } else { printf("usage: 1 for reading, 2 'text' for writing 'text'.. \n"); exit(1); } return 0; } When I run the stap script, and I subsequently run the program, I get this: # staprun /root/.systemtap/cache/af/stap_aff2f447749d27fd4480a10ee9a53dc8_47299.ko sys_close sys_close ----- Now for the actual question: any explanation of why two system calls are being printed out? Shouldn't the program be halted right after the first system call is made? /Lasse
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |