dtrace discuss - Oct 2007 - dtrace example of userland debugging

Hi,

I am looking for an example dtrace script that is tracing and 
dereferencing userland data structures.
I can not find any examples, and am having a heck of a time getting mine 
to work as I can not even
get my dtrace script to resolve my userland data structures.

Peter

Hi Peter,

Here you go:

Here is a C program called sample.c

struct xxx
{
   int yyy;
   int zzz;
};

main()
{
   struct xxx t1 = {20, 30};
   sub1 (&t1);
}

sub1 (struct xxx *p)
{
   printf ("CProgram: %d %d\n", p->yyy, p->zzz);
}

And here is a D program called sample.d

struct xxx
{
   int yyy;
   int zzz;
};

pid$target:a.out:sub1:entry
{
   sp = (struct xxx *) copyin (arg0, sizeof (struct xxx));
   printf ("DTrace: %d %d\n", sp->yyy, sp->zzz);
   exit (0);
}

I compiled the C program with:

   /usr/sfw/bin/gcc sample.c

and then I ran the D program with:

   dtrace -s sample.d -c ./a.out

which produced this output:

dtrace: script ''sample.d'' matched 1 probe
CProgram: 20 30
CPU     ID                    FUNCTION:NAME
  0  42282                       sub1:entry DTrace: 20 30

Hope this helps!  (Note: you probably know this, but just in case, the 
reason the C output appears first is that the C program has printed its 
output, and run home before the dtrace command has a chance to get the 
trace date from the switch buffer.)

Chip


Peter Shoults wrote:
> Hi,
>
> I am looking for an example dtrace script that is tracing and 
> dereferencing userland data structures.
> I can not find any examples, and am having a heck of a time getting mine 
> to work as I can not even
> get my dtrace script to resolve my userland data structures.
>
> Peter
> _______________________________________________
> dtrace-discuss mailing list
> dtrace-discuss at opensolaris.org
>

Yeah, I was REALLY hoping to avoid having to define the structures in 
dtrace.  There are many structures I am going to be mucking with, and a 
few are really large.  I know the hex offsets I am going to be working 
with, so I was hoping there was a way I can avoid having to type in all 
these structures.

peter



Chip Bennett wrote:
> Hi Peter,
>
> Here you go:
>
> Here is a C program called sample.c
>
> struct xxx
> {
>    int yyy;
>    int zzz;
> };
>
> main()
> {
>    struct xxx t1 = {20, 30};
>    sub1 (&t1);
> }
>
> sub1 (struct xxx *p)
> {
>    printf ("CProgram: %d %d\n", p->yyy, p->zzz);
> }
>
> And here is a D program called sample.d
>
> struct xxx
> {
>    int yyy;
>    int zzz;
> };
>
> pid$target:a.out:sub1:entry
> {
>    sp = (struct xxx *) copyin (arg0, sizeof (struct xxx));
>    printf ("DTrace: %d %d\n", sp->yyy, sp->zzz);
>    exit (0);
> }
>
> I compiled the C program with:
>
>    /usr/sfw/bin/gcc sample.c
>
> and then I ran the D program with:
>
>    dtrace -s sample.d -c ./a.out
>
> which produced this output:
>
> dtrace: script ''sample.d'' matched 1 probe
> CProgram: 20 30
> CPU     ID                    FUNCTION:NAME
>   0  42282                       sub1:entry DTrace: 20 30
>
> Hope this helps!  (Note: you probably know this, but just in case, the 
> reason the C output appears first is that the C program has printed its 
> output, and run home before the dtrace command has a chance to get the 
> trace date from the switch buffer.)
>
> Chip
>
>
> Peter Shoults wrote:
>   
>> Hi,
>>
>> I am looking for an example dtrace script that is tracing and 
>> dereferencing userland data structures.
>> I can not find any examples, and am having a heck of a time getting
mine
>> to work as I can not even
>> get my dtrace script to resolve my userland data structures.
>>
>> Peter
>> _______________________________________________
>> dtrace-discuss mailing list
>> dtrace-discuss at opensolaris.org
>>   
>>     
>
> _______________________________________________
> dtrace-discuss mailing list
> dtrace-discuss at opensolaris.org
>

Well....  why don''t you put all of you structure defs in a header file,
and then #include then in both your C programs and your D scripts.  You 
can do that in D using the -C flag.  The only things that D doesn''t 
support syntactically for definitions and declarations is anything that 
happens to be a D reserved word.  (i.e. "string").

Chip

Peter Shoults wrote:
> Yeah, I was REALLY hoping to avoid having to define the structures in 
> dtrace.  There are many structures I am going to be mucking with, and 
> a few are really large.  I know the hex offsets I am going to be 
> working with, so I was hoping there was a way I can avoid having to 
> type in all these structures.
>
> peter
>
>
>
> Chip Bennett wrote:
>> Hi Peter,
>>
>> Here you go:
>>
>> Here is a C program called sample.c
>>
>> struct xxx
>> {
>>    int yyy;
>>    int zzz;
>> };
>>
>> main()
>> {
>>    struct xxx t1 = {20, 30};
>>    sub1 (&t1);
>> }
>>
>> sub1 (struct xxx *p)
>> {
>>    printf ("CProgram: %d %d\n", p->yyy, p->zzz);
>> }
>>
>> And here is a D program called sample.d
>>
>> struct xxx
>> {
>>    int yyy;
>>    int zzz;
>> };
>>
>> pid$target:a.out:sub1:entry
>> {
>>    sp = (struct xxx *) copyin (arg0, sizeof (struct xxx));
>>    printf ("DTrace: %d %d\n", sp->yyy, sp->zzz);
>>    exit (0);
>> }
>>
>> I compiled the C program with:
>>
>>    /usr/sfw/bin/gcc sample.c
>>
>> and then I ran the D program with:
>>
>>    dtrace -s sample.d -c ./a.out
>>
>> which produced this output:
>>
>> dtrace: script ''sample.d'' matched 1 probe
>> CProgram: 20 30
>> CPU     ID                    FUNCTION:NAME
>>   0  42282                       sub1:entry DTrace: 20 30
>>
>> Hope this helps!  (Note: you probably know this, but just in case, 
>> the reason the C output appears first is that the C program has 
>> printed its output, and run home before the dtrace command has a 
>> chance to get the trace date from the switch buffer.)
>>
>> Chip
>>
>>
>> Peter Shoults wrote:
>>  
>>> Hi,
>>>
>>> I am looking for an example dtrace script that is tracing and 
>>> dereferencing userland data structures.
>>> I can not find any examples, and am having a heck of a time getting
>>> mine to work as I can not even
>>> get my dtrace script to resolve my userland data structures.
>>>
>>> Peter
>>> _______________________________________________
>>> dtrace-discuss mailing list
>>> dtrace-discuss at opensolaris.org
>>>       
>>
>> _______________________________________________
>> dtrace-discuss mailing list
>> dtrace-discuss at opensolaris.org
>>   
>

Hi Peter,
> I am looking for an example dtrace script that is tracing and 
> dereferencing userland data structures. I can not find any examples,
> and am having a heck of a time getting mine to work as I can not even
> get my dtrace script to resolve my userland data structures.
I wrote up my attempts here:

<http://blogs.sun.com/peteh/entry/dereferencing_user_space_pointers_in>

It took a few attempts to get the complex hops across linked structures 
in user space working correctly and my resulting D script was not very 
portable.

Jon Haslam has chapter and verse here:

<http://blogs.sun.com/jonh/entry/accessing_a_programs_local_variables>

-- Peter

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2856 bytes
Desc: S/MIME Cryptographic Signature
URL:
<http://mail.opensolaris.org/pipermail/dtrace-discuss/attachments/20071029/9cc48e0c/attachment.bin>

On Mon, Oct 29, 2007 at 02:23:06PM +0000, Peter Harvey
wrote:
> It took a few attempts to get the complex hops across linked structures 
> in user space working correctly and my resulting D script was not very 
> portable.
Yes: we know this, frankly, sucks. We have some ideas for automatic
copyins which would allow D scripts to manipulate user-land objects much
more naturally. Unfortunately, the implementation is a ways off.

Adam

-- 
Adam Leventhal, FishWorks                        http://blogs.sun.com/ahl