similar to: Dtrace Snooping

Strange problem on a desktop, 64 bit, SXDE3. ] ./jpg1.d dtrace: failed to compile script ./jpg1.d: "/usr/lib/dtrace/iscsi.d", line 94: syntax error near "uiscsiproto_t" Doesn''t matter what script. Even classic oneliners such as: ] dtrace -n ''syscall::open*:entry { printf("%s % s",execname,copyinstr(arg0)); }'' bomb in this way... dtrace:

G''Day Folks, I''ve found another use of dtrace, this makes your console keyboard sound like a typewriter. http://www.brendangregg.com/DTrace/typewriter-0.70.tar.gz I''ve only tested it on an UltraSPARC 5 and a Pentium laptop so far, more to follow. Ok, sorry, not actually a practical use of DTrace. :) Enjoy! Brendan [Sydney, Australia]

After building and bfu''in the lastest ON build, any time I run a dtrace script I get a Seg Fault. Is there a dtrace for dtrace :) Doug root at prae> dtrace -n ''syscall::open*:entry { printf("%s %s",execname,copyinstr(arg0)); }'' Segmentation Fault (core dumped) root at prae> pstack core core ''core'' of 101364: dtrace -n

I got a system that is hung, unable to do most unix commands like ps/who etc... I did: dtrace -c /usr/bin/ps -n ''pid$target::open*:entry {printf("%s %s",execname,copyinstr(arg0)); }'' and it hangs here: 7 65277 open:entry ps /proc/19729/psinfo 7 65277 open:entry ps /proc/11687/psinfo ^C So, I tried to kill -9 11687,

everyone, Just out of curiosity, I did a dtrace -n ''syscall:::entry { @num[execname, probefunc] = count(); }'' and looked at the entries produced by ''rm''. I see everything that rm did, *except* the unlinkat - which is unfortunate because I want to trace which processes have deleted which files. So - does dtrace contain unlinkat as a probe for a system call?

Hy! I receive an nxge driver messages on console: Aug 18 11:08:42 [hostname] nxge: NOTICE: nxge_ipp_eccue_valid_check: rd_ptr = XXX wr_ptr = YYY I find the bug description/correction at sun web page, and i know i can ignore it. I thinking about how can i delete from console only these messages (here is my first version, what is not (so) elegant): #!/usr/sbin/dtrace -qs #pragma D option

I tried some of the scripts in the toolkit (opensnoop, execsnoop, dtruss), and I keep seeing errors like this: dtrace: error on enabled probe ID 3 (ID 113: syscall::exece:return): invalid kernel access in action #5 at DIF offset 0 Anyone know what could be the problem? TIA This message posted from opensolaris.org

hi fnds, i want to print the filenames on which the stat system call is acting when a stat system call is invoked. can anyone can help me this regard. Thanks jeevan

Hi, I ran a d-program with syscall::open:entry probe but got the following error messages sometimes: dtrace: error on enabled probe ID 1 (ID 14: syscall::open:entry): invalid address (0xff34e000) in predicate at DIF offset 76 dtrace: error on enabled probe ID 6 (ID 14: syscall::open:entry): invalid address (0xff34e000) in predicate at DIF offset 28 I don''t know how to interpret these

I have a clause that look like this: syscall::write:entry /execname == "ntpd" && self->recspec/ { speculate(self->recspec); printf(" fd=%d buf=%d\n%s",arg0,arg2, stringof(copyin(arg1,arg2-1))); } The ntpd program always write a \n trminated string in this context, so I used the "arg2-1" to drop the \n. This works

Hi All, Is there a simple way to list all currently open file descriptors ? TIA.. Regards, Venkat -- This message posted from opensolaris.org

I''d like to be able to dynamically read external configuration files within a dtrace script. I know dtrace allows inclusion of C header files but only at the preprocessing stage. What we need to do is dynamically enable/disable probes based on current application settings. I''d rather not have a bunch of independant scripts running and being started and killed whenever the

I''ve been trying to get access to a userland string that''s behind a second level pointer using DTrace, but I can''t seem to get it to work. I started with the example on the Team DTrace Tips and Tricks slides: trace(copyinstr(*(uintptr_t *)copyin(arg0, curpsinfo->pr_dmodel == PR_MODEL_ILP32 ? 4 : 8))); And when I couldn''t get it to work, I started

I have just started my first ''serious'' dtrace script and can use some advice. I want to have a probe triggered when close() occurs after a succesfull write of /etc/hosts ( I want to regenerate the nameserver zone files from /etc/hosts after it has changed) At the moment I have the following code: syscall::open*:entry, syscall::creat*:entry { self->file=arg0;

Hi, Is there a way to print out full path name of execname when the following probe is touched? proc:genunix:exec_common:exec-success Thanks. ************************************************ * C P Lin, Common Technology Project Lead. * * Sun Microsystems Inc. * * E-Mail: c.lin at sun.com * * Address: 4150 Network Circle,

Hi All, One of the customer is seeing the following error messages. He is using a S10U1 system with all latest patches. Dtrace script is attached. I am not seeing these error messages on S10U2 system. What could be the problem? Thanks, Gangadhar. ------------------------------------------------------------------------ rroberto at njengsunu60-2:~$ dtrace -AFs /lib/svc/share/kcfd.d dtrace:

A user has asked us to find out who is changing one of their files and how it is being changed. I came up with the script below: #!/usr/sbin/dtrace -s #pragma D option quiet BEGIN { printf("\n Timestamp gid uid pid ppid execname function current directory file name\n\n"); } syscall::open:entry,

Hi, Has something related to speculative tracing changed between s10 FCS and the more recent nevada builds ? I was trying the specopen.d script from the Dtrace guide on a nevada machine and it failed with : dtrace: failed to enable ''./spec.d'': DIF program content is invalid To try and narrow things down a bit I wrote the following short script. This works fine on s10, but

[1] Predicates in one-liners I would like to list the probe modules in my executable and then dynamically create a dscript to trace execution of those modules alone (by excluding the 3rd party and system libraries). I tried the below script without success. The conditional given in the predicate is not taking effect. Why is this so ? $ dtrace -ln ''pid$target:::

Hi , I have posted DTrace script to snoop tcp traffic and also provided a wrapper script for it to filter out unwanted traffic. http://blogs.sun.com/roller/comments/raviswam/Weblog/tcp_snoop_using_dtrace Please let me know if you have any feedback/comments on this. Thanks Ravi