[prev in list] [next in list] [prev in thread] [next in thread]
List: hpux-devtools
Subject: Re: HPUX-DEVTOOLS: Command line argument of process
From: "Ranajit Ghosh" <ranajit.ghosh () wipro ! com>
Date: 2001-10-12 5:32:28
[Download RAW message or body]
Hi Jon,
First thanks for your mail. This program is working in most of the cases.
But there is a problem also. Our program is a domain and it could monitor
any process. While testing we saw following problem.
Initially we saw very few (1 or 2) domain processes are going down. After \
investigation we have come to know that while calling ptrace() from our program it is \
sending SIGTRAP signal to the monitored process when that process calls any of the \
exec () methods. After receiving this signal the child process is going down. This is \
very difficult to simulate and occurs rarely.
Our software will be monitoring all kind of processes including web server, mail \
server and any domain servers, where they will fork number of processes at run time. \
These are all different vendor's programs and we have no access to them to install a \
signal handler there.
Please let us know how to resolve this problem.
Regards
Ranajit
Jon Dewis wrote:
> Hi,
>
> This code will do what you need, but please read all
> the disclaimers and caveats and possible issues. Of course,
> it is unsupported.
>
> It briefly attaches to the pid you give it, and reads
> the required info from the attached process address space.
> Regards
>
> Jon
>
> /**
> *
> * Copyright 1998 by Hewlett-Packard Company
> *
> * Permission to use, copy, modify, and distribute this
> * software and its documentation for any purpose and without
> * fee is hereby granted, provided that the above copyright
> * notice appear in all copies and that both that copyright
> * notice and this permission notice appear in supporting
> * documentation, and that the name of Hewlett-Packard Company not
> * be used in advertising or publicity pertaining to distribution
> * of the software without specific, written prior permission.
> * Apollo Computer, Inc. makes no representations about the
> * suitability of this software for any purpose. It is provided
> * "as is" without express or implied warranty.
> *
> *
> * Modification History: com_arg.c
>
> This program is made available through the North American
> Software Provider Program and is available free of charge
> to all our (premier) members.
>
> This program reads the argv[] array from any process. Under HP-UX
> 10.x/11.x a truncated (1st 64 chars) version of this information
> is available via pstat_getproc in the struct pst_status structure
> member : char pst_cmd[PST_CLEN]. This program returns the whole
> command line. Runs on HP-UX 11.x machines.
>
> Known problems:
>
> 1. if (pid == getppid()) then something goes
> wrong sometimes, and I don't know why.Best to
> avoid this case then.
> 2. if a process modifies its own argv[] array,
> then this program will show that, while the
> 'ps' command will not. A prime example of
> this behavior is the 'hpterm' command.
> 3. if a process modifies its own command line
> args via the pstat (PSTAT_SETCMD) system
> call, then the 'ps' command will show that,
> while this program will always show the
> actual contents of the argv[] array in the
> specified process. The 'sendmail' command
> behaves in this way.
> 4. if you run a process via a soft NFS mount,
> ptrace will fail with errno 13 (EACCES)
> "permission denied" - fix by mounting with
> -o nointr option
> 5. if you run this program under HPUX 9.X and
> give the pid of an "lcsp" process, then the
> system will crash.
>
> Author's note:
>
> This program is the creation of Rob Gardner, and is not for
> sale, trade, or barter. It may not be copied for any reason.
> It may not even be examined, and as a matter of fact, it is
> forbidden for human eyes to see this program. You are definitely
> violating this decree right now. This program is certainly the
> property of Hewlett-Packard, since they own me and everything
> I have ever done. May the Source be with you.
>
> Author: Jon Dewis, 15-June-1998
>
> To Build: cc -o com_arg com_arg.c
>
> */
>
> #include <stdio.h>
> #include <sys/ptrace.h>
> #include <signal.h>
> #include <setjmp.h>
> #include <errno.h>
>
> jmp_buf env;
>
> catcher()
> {
> longjmp(env, 1);
> }
>
> /*
> * read one word from the traced process, and cache it so that preadc()
> * can efficiently read the 4 chars stored in the word.
> *
> * address must be on a word boundary, or else ptrace will fail
> */
> int pread(pid, addr)
> int pid, addr;
> {
> static int cached_addr = 0, cached_value = 0;
>
> if (addr != cached_addr)
> cached_value = ptrace(PT_RDUSER, pid, addr, 0, 0);
> /*cached_value = *((int *)addr);*/
> if (cached_value == -1)
> {
> perror("ptrace");
> longjmp(env, 1);
> }
>
> return(cached_value);
> }
>
> /*
> * read one char from the traced process
> *
> * address does not have to be on a word boundary
> */
> unsigned char preadc(pid, addr)
> int pid, addr;
> {
> /* read from the word boundary containing the char requested */
> int value = pread(pid, addr & ~3);
>
> /* index into the word to get the char requested */
> return(*((unsigned char *)&value + (addr & 3)));
> }
>
> main(argc, argv)
> int argc;
> char *argv[];
> {
> extern __data_start; /* Can substitute '$ARGV' here */
> unsigned char c;
> int pid, i, *addr, argv0, argvi;
>
>
> if (argc < 2)
> {
> fprintf(stderr, "usage: %s pid\n", argv[0]);
> exit(1);
> }
>
> pid = atoi(argv[1]);
>
> if (ptrace(PT_ATTACH, pid, 0, 0, 0) == -1) {
> printf("errno = %d\n", errno);
> perror("ptrace request PT_ATTACH failed");
> exit(2);
> }
> wait(NULL);
>
> /* just to make sure that traced process gets released if we die */
> if (setjmp(env))
> {
> ptrace(PT_DETACH, pid, 1, 0, 0);
> exit(9);
> }
> for (i=1; i<NSIG; i++)
> signal(i, catcher);
>
> /* argv[0] appears right at __data_start */
> /* and I think __data_start is the same for everyone */
> argv0 = pread(pid, &__data_start);
>
> /* now look for argv0, and that will tell us &argv[0] */
> /* (it's possible we won't find it unless we look further) */
> #define SEARCH_LIM 2048
> for (i=0, addr = argv0; i < SEARCH_LIM; i++, addr++)
> if (pread(pid, addr) == argv0)
> break;
> if (i == SEARCH_LIM)
> {
> fprintf(stderr, "could not find pointer to argv[0]\n");
> exit(1);
> }
> /*printf(" --> computed &argv[0] as 0x%x\n", addr);*/
>
> /* at this point, addr points to &argv[0], so we can read the
> args consecutively, until addr points to a zero, signifying
> the end of the arg list */
> while ( (argvi = pread(pid, addr++)) != NULL )
> {
> /* now argvi points to argv[i], so just snarf up the string */
> while ( (c = preadc(pid, argvi++)) != '\0')
> putchar(c);
> putchar(' '); /* put space between args */
> }
> putchar('\n');
>
>
> ptrace(PT_DETACH, pid, 1, 0, 0);
> exit(0);
> }
>
> >
> >
> > This is a multi-part message in MIME format.
> >
> > --------------InterScan_NT_MIME_Boundary
> > Content-Type: text/plain;
> > charset="iso-8859-1"
> > Content-Transfer-Encoding: 7bit
> >
> > In my project I need to get all the processes running in the system with
> > command
> > line arguments. I am calling pstat_getproc api. It returns an array of
> > pst_status. There the max length of pst_cmd parameter is PST_CLEN i.e. 64
> > byte.
> > In few cases total length of the process name and argument list is more than
> > even 100 (It is always true for any java process running in my systems). How
> > could
> > I get all the arguments without truncation? I am using HP Unix 10.x and
> > 11.x.
> > Please help.
> >
> > Thanks
> > Ranajit
> >
> >
> > --------------InterScan_NT_MIME_Boundary
> > Content-Type: text/plain;
> > name="Wipro_Disclaimer.txt"
> > Content-Transfer-Encoding: 7bit
> > Content-Disposition: attachment;
> > filename="Wipro_Disclaimer.txt"
> >
> > -----------------------------------------------------------------------------------------------------------------------
> > Information transmitted by this E-MAIL is proprietary to Wipro and/or its \
> > Customers and is intended for use only by the individual or entity to which it is
> > addressed, and may contain information that is privileged, confidential or
> > exempt from disclosure under applicable law. If you are not the intended
> > recipient or it appears that this mail has been forwarded to you without
> > proper authority, you are notified that any use or dissemination of this
> > information in any manner is strictly prohibited. In such cases, please
> > notify us immediately at mailto:mailadmin@wipro.com and delete this mail
> > from your records.
> > ------------------------------------------------------------------------------------------------------------------------
> >
-----------------------------------------------------------------------------------------------------------------------
Information transmitted by this E-MAIL is proprietary to Wipro and/or its Customers \
and is intended for use only by the individual or entity to which it is
addressed, and may contain information that is privileged, confidential or
exempt from disclosure under applicable law. If you are not the intended
recipient or it appears that this mail has been forwarded to you without
proper authority, you are notified that any use or dissemination of this
information in any manner is strictly prohibited. In such cases, please
notify us immediately at mailto:mailadmin@wipro.com and delete this mail
from your records.
------------------------------------------------------------------------------------------------------------------------
> > --------------InterScan_NT_MIME_Boundary--
> > _________________________________________________________________
> > To leave this mailing list, send mail to majordomo@cxx.cup.hp.com
> > with the message UNSUBSCRIBE hpux-devtools
> > _________________________________________________________________
> >
>
> --
> __ Jon Dewis, Sr. Technical Consultant
> / /\ Developer Resource Center
> / / \ 19111 Pruneridge Avenue
> __ /_/ /\ \ Cupertino,
> /_/\ __\ \ \_\ \ CA 95014
> \ \ \/ /\\ \ \/ /
> \ \ \/ \\ \ / (408)-447-2571
> \ \ /\ \\ \ \ E-Mail (UNIX) : jdewis@cup.hp.com
> \ \ \ \ \\ \ \ or
> \ \ \ \/ \ \ \ (Wintel (Exchange) Mail : jon_dewis@hp.com)
> \ \ \ \_\/
> \_\/
>
> I N V E N T
>
> The satisfaction of HP's customers is my
> #1 goal - please let me know how I'm doing!
["Wipro_Disclaimer.txt" (text/plain)]
-----------------------------------------------------------------------------------------------------------------------
Information transmitted by this E-MAIL is proprietary to Wipro and/or its Customers \
and is intended for use only by the individual or entity to which it is
addressed, and may contain information that is privileged, confidential or
exempt from disclosure under applicable law. If you are not the intended
recipient or it appears that this mail has been forwarded to you without
proper authority, you are notified that any use or dissemination of this
information in any manner is strictly prohibited. In such cases, please
notify us immediately at mailto:mailadmin@wipro.com and delete this mail
from your records.
------------------------------------------------------------------------------------------------------------------------
_________________________________________________________________
To leave this mailing list, send mail to majordomo@cxx.cup.hp.com
with the message UNSUBSCRIBE hpux-devtools
_________________________________________________________________
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic