This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: probing a plt

From: Mark Wielaard <mjw at redhat dot com>
To: Stan Cox <scox at redhat dot com>
Cc: systemtap at sourceware dot org
Date: Wed, 07 Sep 2011 12:41:59 +0200
Subject: Re: probing a plt
References: <4E6121E1.6040305@redhat.com> <4E669883.6010506@redhat.com>

Hi Stan,

On Tue, 2011-09-06 at 18:02 -0400, Stan Cox wrote:
> On 09/02/2011 02:35 PM, Stan Cox wrote:
> > I would expect the __libc_start_main probe to have appeared first and
> > the printf probe to have been hit twice
> 
> I'm seeing this puzzling behavior for this simple program:
>    char *abc = "abcdefghijklmnopqrstuvwxyz";
>    char *xyz = "zyxwvutsrqpomnlkjihgfedcba";
>    int x;
>    struct timeval tp;
>    struct timezone tzp;
>    gettimeofday (&tp, &tzp);
>    printf ("length %d %s %d%d\n", strlen(abc), abc, tp.tv_sec, tp.tv_usec);
>    printf ("length %d %s\n", strlen(xyz), xyz);
>    puts ("a string");
>    return 0;

I am assuming this is wrapped in a main() function and compiled with gcc
with which flags? Could you maybe just attach the actual source file and
post the gcc command line to build it? Which architecture is this?

> If I set a break at every callsite for a function in the plt and at the 
> plt entry then gdb does what I expect; I get matching "plt ref" 
> (callsite) and "plt entry" (foo@plt entry)
> GDB:
> plt ref __libc_start_main @400494 rip=0x400494
> plt entry __libc_start_main @0000000000400460 rip=0x400460
> plt entry  @0000000000400420 rip=0x400420
> plt ref gettimeofday @400580 rip=0x400580
> plt entry gettimeofday @0000000000400450 rip=0x400450
> plt entry  @0000000000400420 rip=0x400420
> plt ref printf @4005cd rip=0x4005cd
> plt entry printf @0000000000400430 rip=0x400430
> plt entry  @0000000000400420 rip=0x400420
> length 26 abcdefghijklmnopqrstuvwxyz 1315342376852950
> plt ref printf @40060f rip=0x40060f
> plt entry printf @0000000000400430 rip=0x400430
> length 26 zyxwvutsrqpomnlkjihgfedcba
> plt ref puts @40061b rip=0x40061b
> plt entry puts @0000000000400440 rip=0x400440
> plt entry  @0000000000400420 rip=0x400420
> a string
> 
> However stap gives output in an unusual order and the printf plt entry 
> is only hit once.  (The gdb breakpoints and awk probes are automatically 
> generated with an awk script and are thus equivalent)

Could you post the awk script and the exact way you invoke gdb and stap?

> length 26 abcdefghijklmnopqrstuvwxyz 1315342362875422
> length 26 zyxwvutsrqpomnlkjihgfedcba
> a string
> STAP:
> plt ref __libc_start_main @400494 rip=0x400470
> plt entry  @0000000000400420 rip=0x400408
> plt entry printf @0000000000400430 rip=0x400408
> plt entry puts @0000000000400440 rip=0x400408
> plt entry gettimeofday @0000000000400450 rip=0x400408
> plt entry __libc_start_main @0000000000400460 rip=0x400408
> plt ref gettimeofday @400580 rip=0x400554
> plt ref printf @4005cd rip=0x400554
> plt ref printf @40060f rip=0x400554
> plt ref puts @40061b rip=0x400554

Thanks,

Mark

Follow-Ups:
- Re: probing a plt
  - From: Stan Cox

References:
- probing a plt
  - From: Stan Cox
- Re: probing a plt
  - From: Stan Cox

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]