public inbox for systemtap@sourceware.org
 help / color / mirror / Atom feed
* Problems in the use of System4.4 version
@ 2021-02-23  3:49 李 韵
  0 siblings, 0 replies; only message in thread
From: 李 韵 @ 2021-02-23  3:49 UTC (permalink / raw)
  To: systemtap

[-- Attachment #1: Type: text/plain, Size: 6907 bytes --]

Hello,
     I encountered the following problems when using system4.4. I checked the information for a long time but did not find a relevant solution. I would like to ask if I can give me some ideas to solve it.
     The simple example of printing hello world can be executed normally, but I give a script file, which is mainly used to record the information triggered by a given docker during the execution process and report errors.
     The following is the execution process, and the attachment is the execution script.(I thought it was a version problem, so I switched to the system4.4 version and tried again, but the same error was reported )
     Hope you can give me some solutions, thank you very much! :)


Yun Li
National University of Defense Technology, China
lyeeer@outlook.com



Append:
root@ly-ubuntu:/home/ly/LiCShield-master# sudo stap -g /home/ly/LiCShield-master/tracing_tool/systemtap_scripts/tracer.stp -DSTP_NO_OVERLOAD -DMAXSTRINGLEN=4096 -v -c /usr/bin/docker -d -o /root/results/python_test_0/build_trace.txt
Pass 1: parsed user script and 476 library scripts using 117424virt/86840res/5436shr/81816data kb, in 150usr/20sys/157real ms.
WARNING: confusing usage, consider @entry($file) in .return probe: identifier '$file' at /home/ly/LiCShield-master/tracing_tool/systemtap_scripts/tracer.stp:380:43
 source: path_arg[tid()] = get_path_wrapper(NULL, $file, %{ FILE %})
                                                  ^
WARNING: confusing usage, consider @entry($new_dir->mnt) in .return probe: identifier '$new_dir' at :391:30
 source: old_path = get_path_wrapper($new_dir->mnt, $old_dentry, %{ DENTRY %})
                                     ^
WARNING: confusing usage, consider @entry($old_dentry) in .return probe: identifier '$old_dentry' at :391:45
 source: old_path = get_path_wrapper($new_dir->mnt, $old_dentry, %{ DENTRY %})
                                                    ^
WARNING: confusing usage, consider @entry($new_dir->mnt) in .return probe: identifier '$new_dir' at :392:29
 source:     path = get_path_wrapper($new_dir->mnt, $new_dentry, %{ DENTRY %})
                                     ^
WARNING: confusing usage, consider @entry($new_dentry) in .return probe: identifier '$new_dentry' at :392:44
 source:     path = get_path_wrapper($new_dir->mnt, $new_dentry, %{ DENTRY %})
                                                    ^
WARNING: confusing usage, consider @entry($old_dir->mnt) in .return probe: identifier '$old_dir' at :406:30
 source: old_path = get_path_wrapper($old_dir->mnt, $old_dentry, %{ DENTRY %})
                                     ^
WARNING: confusing usage, consider @entry($old_dentry) in .return probe: identifier '$old_dentry' at :406:45
 source: old_path = get_path_wrapper($old_dir->mnt, $old_dentry, %{ DENTRY %})
                                                    ^
WARNING: confusing usage, consider @entry($new_dir->mnt) in .return probe: identifier '$new_dir' at :407:29
 source:     path = get_path_wrapper($new_dir->mnt, $new_dentry, %{ DENTRY %})
                                     ^
WARNING: confusing usage, consider @entry($new_dentry) in .return probe: identifier '$new_dentry' at :407:44
 source:     path = get_path_wrapper($new_dir->mnt, $new_dentry, %{ DENTRY %})
                                                    ^
WARNING: confusing usage, consider @entry($old_dentry) in .return probe: identifier '$old_dentry' at :411:19
 source: if(is_dentry_dir($old_dentry))
                          ^
WARNING: confusing usage, consider @entry($path) in .return probe: identifier '$path' at :563:50
 source:     mount_target[tid] = get_path_wrapper(NULL, $path, %{ PATH %})
                                                        ^
WARNING: confusing usage, consider @entry($path) in .return probe: identifier '$path' at :567:47
 source: mount_source[tid] = get_path_wrapper(NULL, $path, %{ PATH %})
                                                    ^
Pass 2: analyzed script: 34 probes, 33 functions, 100 embeds, 8 globals using 178236virt/149376res/6960shr/142628data kb, in 520usr/140sys/671real ms.
WARNING: unused command line option $1/@1
WARNING: missing unwind/symbol data for module '-o'
Pass 3: translated to C into "/tmp/stapmMi1KH/stap_5cd5ad44d49504de8d345dd53afc3efd_92600_src.c" using 178236virt/149568res/7152shr/142628data kb, in 10usr/70sys/91real ms.
/tmp/stapmMi1KH/stap_5cd5ad44d49504de8d345dd53afc3efd_92600_src.c: In function ‘prepend_name’:
/tmp/stapmMi1KH/stap_5cd5ad44d49504de8d345dd53afc3efd_92600_src.c:109:22: error: implicit declaration of function ‘ACCESS_ONCE’ [-Werror=implicit-function-declaration]
  const char *dname = ACCESS_ONCE(name->name);
                      ^
/tmp/stapmMi1KH/stap_5cd5ad44d49504de8d345dd53afc3efd_92600_src.c:109:22: error: initialization makes pointer from integer without a cast [-Werror=int-conversion]
/tmp/stapmMi1KH/stap_5cd5ad44d49504de8d345dd53afc3efd_92600_src.c: In function ‘resolve_path’:
/tmp/stapmMi1KH/stap_5cd5ad44d49504de8d345dd53afc3efd_92600_src.c:181:31: error: initialization makes pointer from integer without a cast [-Werror=int-conversion]
    struct mount *mnt_parent = ACCESS_ONCE(mnt->mnt_parent);
                               ^
/tmp/stapmMi1KH/stap_5cd5ad44d49504de8d345dd53afc3efd_92600_src.c:185:12: error: assignment makes pointer from integer without a cast [-Werror=int-conversion]
     dentry = ACCESS_ONCE(mnt->mnt_mountpoint);
            ^
/tmp/stapmMi1KH/stap_5cd5ad44d49504de8d345dd53afc3efd_92600_src.c: In function ‘function___global_task_control_group__overload_0’:
/tmp/stapmMi1KH/stap_5cd5ad44d49504de8d345dd53afc3efd_92600_src.c:9186:14: error: assignment makes pointer from integer without a cast [-Werror=int-conversion]
   if((cgroup = task_cgroup_path(p, buffer, MAXSTRINGLEN)))
              ^
cc1: all warnings being treated as errors
scripts/Makefile.build:332: recipe for target '/tmp/stapmMi1KH/stap_5cd5ad44d49504de8d345dd53afc3efd_92600_src.o' failed
make[1]: *** [/tmp/stapmMi1KH/stap_5cd5ad44d49504de8d345dd53afc3efd_92600_src.o] Error 1
Makefile:1551: recipe for target '_module_/tmp/stapmMi1KH' failed
make: *** [_module_/tmp/stapmMi1KH] Error 2
WARNING: kbuild exited with status: 2
Pass 4: compiled C into "stap_5cd5ad44d49504de8d345dd53afc3efd_92600.ko" in 6990usr/780sys/6331real ms.
Pass 4: compilation failed.  [man error::pass4]
root@ly-ubuntu:/home/ly/LiCShield-master#
root@ly-ubuntu:/home/ly/LiCShield-master# uname -r
4.15.0-45-generic
root@ly-ubuntu:/home/ly/LiCShield-master#
root@ly-ubuntu:/home/ly/LiCShield-master# stap -V
Systemtap translator/driver (version 4.3/0.165, non-git sources)
Copyright (C) 2005-2020 Red Hat, Inc. and others
This is free software; see the source for copying conditions.
tested kernel versions: 2.6.32 ... 5.7.0
enabled features: PYTHON2 NLS


[-- Attachment #2: tracer.stp --]
[-- Type: application/octet-stream, Size: 14518 bytes --]

%{
#include <linux/file.h>
#include <linux/fs.h>
#include <linux/cgroup.h>
#include <linux/fs_struct.h>
#include <linux/stat.h>
#include <linux/namei.h>
#include <linux/slab.h>
#include <linux/path.h>
#include <linux/string.h>
#include <linux/magic.h>
#include <linux/mount.h>
#include <linux/seq_file.h>
#include <linux/poll.h>

// from fs/mount.h

struct mnt_namespace {
    atomic_t                count;
    unsigned int            proc_inum;
    struct mount *root;
    struct list_head        list;
    struct user_namespace   *user_ns;
    u64                     seq;    /* Sequence number to prevent loops */
    wait_queue_head_t poll;
    int event;
};

struct mnt_pcp {
    int mnt_count;
    int mnt_writers;
};

struct mountpoint {
    struct list_head m_hash;
    struct dentry *m_dentry;
    int m_count;
};

struct mount {
    struct list_head mnt_hash;
    struct mount *mnt_parent;
    struct dentry *mnt_mountpoint;
    struct vfsmount mnt;
    struct rcu_head mnt_rcu;
#ifdef CONFIG_SMP
    struct mnt_pcp __percpu *mnt_pcp;
#else
    int mnt_count;
    int mnt_writers;
#endif
    struct list_head mnt_mounts;    /* list of children, anchored here */
    struct list_head mnt_child;     /* and going through their mnt_child */
    struct list_head mnt_instance;  /* mount instance on sb->s_mounts */
    const char *mnt_devname;        /* Name of device e.g. /dev/dsk/hda1 */
    struct list_head mnt_list;
    struct list_head mnt_expire;    /* link in fs-specific expiry list */
    struct list_head mnt_share;     /* circular list of shared mounts */
    struct list_head mnt_slave_list;/* list of slave mounts */
    struct list_head mnt_slave;     /* slave list entry */
    struct mount *mnt_master;       /* slave is on master->mnt_slave_list */
    struct mnt_namespace *mnt_ns;   /* containing namespace */
    struct mountpoint *mnt_mp;      /* where is it mounted */
#ifdef CONFIG_FSNOTIFY
    struct hlist_head mnt_fsnotify_marks;
    __u32 mnt_fsnotify_mask;
#endif
    int mnt_id;                     /* mount identifier */
    int mnt_group_id;               /* peer group identifier */
    int mnt_expiry_mark;            /* true if marked for expiry */
    int mnt_pinned;
    struct path mnt_ex_mountpoint;
};

static inline struct mount *real_mount(struct vfsmount *mnt) {
    return container_of(mnt, struct mount, mnt);
}

// from fs/dcache.c

static int prepend_name(char **buffer, int *buflen, struct qstr *name) {
	const char *dname = ACCESS_ONCE(name->name);
	u32 dlen = ACCESS_ONCE(name->len);
	char *p;

	if (*buflen < dlen + 1)
	{
		return -ENAMETOOLONG; /* File name too long */
	}

	*buflen -= dlen + 1;
	p = *buffer -= dlen + 1;
	*p++ = '/';
	while (dlen--) 
	{
		char c = *dname++;
		if (!c)
			break;
		*p++ = c;
	}
	return 0;
}

static int resolve_dentry_path(struct dentry *dentry, char **buffer, int *buflen) {
	char *bptr;
	int blen;
	int error = 0;

	blen = *buflen - 1;
	bptr = *buffer + blen;
	*bptr = '\0';
	
	rcu_read_lock();
	while (!IS_ROOT(dentry)) 
	{
		struct dentry *parent;


		parent = dentry->d_parent;
		prefetch(parent);

		error = prepend_name(&bptr, &blen, &dentry->d_name);

		if (error)
		{
			printk(KERN_ALERT "resolve_dentry_path failed: path too long %s + %s\n", bptr, dentry->d_name.name);
			break;
		}

		dentry = parent;
	}
	rcu_read_unlock();

	*buflen = blen;
	*buffer = bptr;
	return error;
}

static int resolve_path(struct dentry *dentry, struct vfsmount *vfsmnt, char **buffer, int *buflen) {
	char *bptr;
	int blen;
	int error = 0;
	struct mount *mnt = real_mount(vfsmnt);
	blen = *buflen - 1;
	bptr = *buffer + blen;
	*bptr = '\0';

	rcu_read_lock();
	for(;;)
	{
		struct dentry *parent;
		if (dentry == vfsmnt->mnt_root || IS_ROOT(dentry)) 
		{
			struct mount *mnt_parent = ACCESS_ONCE(mnt->mnt_parent);
			/* Global root? */
			if(mnt != mnt_parent)
			{
				dentry = ACCESS_ONCE(mnt->mnt_mountpoint);
				mnt = mnt_parent;
				vfsmnt = &mnt->mnt;
				continue;
			}

			break;
		}
		
		parent = dentry->d_parent;
		prefetch(parent);

		error = prepend_name(&bptr, &blen, &dentry->d_name);

		if (error)
		{
			printk(KERN_ALERT "resolve_path failed: path too long %s + %s\n", bptr, dentry->d_name.name);
			break;
		}

		dentry = parent;
	}
	rcu_read_unlock();

	*buffer = bptr;
	*buflen = blen;
	return error;
}

#define FILE 0
#define DENTRY 1
#define PATH 2

static int get_path (void *pointer1, void *pointer2, int type, char *output_path) {
	struct vfsmount *vfsmnt = NULL;
	struct dentry *dentry = NULL;
	char *buffer = NULL;
	char *path = NULL;
	struct path f_path;
	int error;
	int buflen;

	if(pointer2 == NULL)
	{
		return -1;
	}

	switch(type)
	{
		case FILE:
			f_path = ((struct file *)pointer2)->f_path;
			dentry = f_path.dentry;
			vfsmnt = f_path.mnt;
			break;
		case DENTRY:
			dentry = (struct dentry *)pointer2;
			vfsmnt = (struct vfsmount *)pointer1;
			break;
		case PATH:
			f_path = *((struct path *)pointer2);
			dentry = f_path.dentry;
			vfsmnt = f_path.mnt;
			break;
	}
    if(dentry && vfsmnt)
    {
    	buflen = MAXSTRINGLEN;
		buffer = (char *)kmalloc(buflen, GFP_ATOMIC);
		if(buffer)
		{
	    	char *last_char = (dentry->d_inode && S_ISDIR(dentry->d_inode->i_mode))? "/" : "";
		    if (vfsmnt->mnt_flags & MNT_INTERNAL) 
		    {
				/* it is not mounted anywhere */
				path = buffer;
				error = resolve_dentry_path(dentry, &path, &buflen);
				if (error)
				{
					kfree(buffer);
					return error;
				}

				if (dentry->d_sb && (dentry->d_sb->s_magic == PROC_SUPER_MAGIC) &&
					strncmp(path, "/sys/", 5) == 0) 
				{
					snprintf(output_path, MAXSTRINGLEN, "/proc%s%s", path, last_char);
				}else
				{
					snprintf(output_path, MAXSTRINGLEN, "%s%s", path, last_char);
				}
			}else
			{
			    path = buffer;
			    error = resolve_path(dentry, vfsmnt, &path, &buflen);
				if (error)
				{
					kfree(buffer);
					return error;
				}
				snprintf(output_path, MAXSTRINGLEN, "%s%s", path, last_char);
			}
			kfree(buffer);
			return 0;
		}
	}
	return -1;
}

%}

function get_path_wrapper:string (pointer1:long, pointer2:long, type:long) %{ /* pure */
	int error = get_path((void *)STAP_ARG_pointer1, (void *)STAP_ARG_pointer2, (int)STAP_ARG_type, (char *)STAP_RETVALUE);
	if(error)
		STAP_RETVALUE[0] = '\0';
%}

function task_executable_path:string (task:long) %{ /* pure */
	struct task_struct *p = (struct task_struct *) STAP_ARG_task;
	struct mm_struct *mm = p->mm;
	
	if(mm)
	{
		if (mm->exe_file) 
		{
			int error = get_path(NULL, (void *)mm->exe_file, FILE, (char *)STAP_RETVALUE);
	        if(error)
	        {
				STAP_RETVALUE[0] = '\0';
	        }
		} 
	}
%}

function task_control_group:string (task:long) %{ /* pure */
	struct task_struct *p = (struct task_struct *) STAP_ARG_task;
	char *cgroup = (char *)kmalloc(MAXSTRINGLEN, GFP_ATOMIC);

	if (cgroup)
	{ 
#if LINUX_VERSION_CODE < KERNEL_VERSION(3,15,0)
		if(task_cgroup_path(p, cgroup, MAXSTRINGLEN) == 0) 
		{
			snprintf(STAP_RETVALUE, MAXSTRINGLEN, "%s", cgroup);
		}
		kfree(cgroup);
#else 
		char *buffer = cgroup;
		if((cgroup = task_cgroup_path(p, buffer, MAXSTRINGLEN))) 
		{
			snprintf(STAP_RETVALUE, MAXSTRINGLEN, "%s", cgroup);
		}
		kfree(buffer);
#endif
	}
%}

function is_mode_dir:long (mode:long) %{ /* pure */
	int mode = (int) STAP_ARG_mode;
	STAP_RETVALUE = S_ISDIR(mode);
%}

function is_dentry_dir:long (dentry:long) %{ /* pure */
	struct dentry *dentry = (struct dentry *) STAP_ARG_dentry;
	STAP_RETVALUE = (dentry && dentry->d_inode && S_ISDIR(dentry->d_inode->i_mode));
%}

// to force page fault resolution
function defer_pointer:string (pointer:long) %{ /* pure */
	snprintf(STAP_RETVALUE, MAXSTRINGLEN, "%s", ((char *)STAP_ARG_pointer));
%}

/* PRINT FUNCTIONS */

/* functions path argument */
global path_arg

function print_preamble(name)
{
	task = task_current()
	executable_path = task_executable_path(task)
	cgroup = task_control_group(task)
	update_root()

	printf("%s %s {%s}", name, cgroup, executable_path)	
}

function print_path(name)
{
	tid = tid()

	if(path_arg[tid] != "")
	{
		print_preamble(name)
		printf(" {%s} {%s}\n", path_arg[tid], mount_namespaces_roots[pid()])	
	}	

	delete path_arg[tid]
}

/* tracks the namespace root directory */
global mount_namespaces_roots

/* update mount_namespaces_roots */
function update_root()
{
	pid = pid()

	if (!([pid] in mount_namespaces_roots)) {
		mount_namespaces_roots[pid] = mount_namespaces_roots[ppid()]
	}
}

/* initialize mount_namespaces_roots */
probe 	begin {
	mount_namespaces_roots[target()] = "/"
}

probe 	kernel.function("security_file_lock").return
{
    /* skip if process is not in the target tree */
    if (!target_set_pid(pid())) next;

	path_arg[tid()] = get_path_wrapper(NULL, $file, %{ FILE %})

    print_path(ppfunc())
}

probe 	kernel.function("security_path_link").return
{
	pid = pid()
	/* skip if process is not in the target tree */
    if (!target_set_pid(pid)) next;

	old_path = get_path_wrapper($new_dir->mnt, $old_dentry, %{ DENTRY %})
    path = get_path_wrapper($new_dir->mnt, $new_dentry, %{ DENTRY %})

    if(old_path == "" || path == "") next;

	print_preamble(ppfunc())
	printf(" {%s} {%s} {%s}\n", old_path, path, mount_namespaces_roots[pid])	
}

probe 	kernel.function("security_path_rename").return
{
	pid = pid()
	/* skip if process is not in the target tree */
    if (!target_set_pid(pid)) next;

	old_path = get_path_wrapper($old_dir->mnt, $old_dentry, %{ DENTRY %})
    path = get_path_wrapper($new_dir->mnt, $new_dentry, %{ DENTRY %})

    if(old_path == "" || path == "") next;

	if(is_dentry_dir($old_dentry))
		path = sprintf("%s/", path)

	print_preamble(ppfunc())
	printf(" {%s} {%s} {%s}\n", old_path, path, mount_namespaces_roots[pid])	
}

probe	kernel.function("security_path_unlink"),
		kernel.function("security_path_rmdir"),
		kernel.function("security_path_symlink")
{
	/* skip if process is not in the target tree */
    if (!target_set_pid(pid())) next;

    path_arg[tid()] = get_path_wrapper($dir->mnt, $dentry, %{ DENTRY %})
    print_path(ppfunc())
}

probe	kernel.function("security_path_mknod")
{
	/* skip if process is not in the target tree */
    if (!target_set_pid(pid())) next;

    path = get_path_wrapper($dir->mnt, $dentry, %{ DENTRY %})

    if(is_mode_dir($mode))
    {
    	path_arg[tid()] = sprintf("%s/", path)
    }else
    {
    	path_arg[tid()] = path
    }
    print_path(ppfunc())
}

probe	kernel.function("security_path_mkdir")
{
	/* skip if process is not in the target tree */
    if (!target_set_pid(pid())) next;

    path_arg[tid()] = sprintf("%s/", get_path_wrapper($dir->mnt, $dentry, %{ DENTRY %}))
    print_path(ppfunc())
}

probe	kernel.function("security_sb_pivotroot")
{
	pid = pid()
	/* skip if process is not in the target tree */
    if (!target_set_pid(pid)) next;

    old_root = get_path_wrapper(NULL, $old_path, %{ PATH %})
    new_root = get_path_wrapper(NULL, $new_path, %{ PATH %})

    if(old_root == "" || new_root == "") next;

	print_preamble(ppfunc())
	printf(" {%s} {%s} {%s}\n", old_root, new_root, mount_namespaces_roots[pid])

	/* change the namespace root directory for the current task */
	mount_namespaces_roots[pid] = new_root
}

probe 	kernel.function("security_path_truncate"),
		kernel.function("security_path_chmod"),
		kernel.function("security_path_chown"),
		kernel.function("security_path_chroot")
{
	/* skip if process is not in the target tree */
    if (!target_set_pid(pid())) next;

    path_arg[tid()] = get_path_wrapper(NULL, $path, %{ PATH %})

    print_path(ppfunc())
}

probe	kernel.function("security_mmap_file")
{
	/* skip if process is not in the target tree */
    if (!target_set_pid(pid())) next;

    path = get_path_wrapper(NULL, $file, %{ FILE %})

	if(path == "") next;

	print_preamble(ppfunc())
	printf(" %d {%s} {%s}\n", $prot, path, mount_namespaces_roots[pid()])
}

probe	kernel.function("security_file_mprotect")
{
	/* skip if process is not in the target tree */
    if (!target_set_pid(pid())) next;

    path = get_path_wrapper(NULL, $vma->vm_file, %{ FILE %})

	if(path == "") next;

	print_preamble(ppfunc())
	printf(" %d {%s} {%s}\n", $prot, path, mount_namespaces_roots[pid()])
}

probe 	kernel.function("security_file_open")
{
    /* skip if process is not in the target tree */
    if (!target_set_pid(pid())) next;

    path = get_path_wrapper(NULL, $file, %{ FILE %})

	if(path == "") next;

	print_preamble(ppfunc())
	printf(" %d {%s} {%s}\n", $file->f_flags, path, mount_namespaces_roots[pid()])
}

/* MOUNT */

global mount_source
global mount_target
global mount_type
global mount_flags

probe 	kernel.function("do_mount")
{
    /* skip if process is not in the target tree */
    if (!target_set_pid(pid())) next;

    tid = tid()
    mount_source[tid] = defer_pointer($dev_name)
    mount_type[tid] = defer_pointer($type_page)
    mount_flags[tid] = $flags
}

/* in case of do_loopback and do_move_mount the dev_name is resolved like a normal path
   so you need to clear mount_source[tid] to get its real value from the kern_path function
*/
probe 	kernel.function("do_loopback"),
	 	kernel.function("do_move_mount")
{
	tid = tid()
    if (!([tid] in mount_flags)) next;
    
	delete mount_source[tid]
}

probe 	kernel.function("kern_path").return
{
	tid = tid()
    
    if ([tid] in mount_flags)
    {
	    if(!([tid] in mount_target))
	    {
	    	mount_target[tid] = get_path_wrapper(NULL, $path, %{ PATH %})
	    }
	    else if(!([tid] in mount_source))
		{
			mount_source[tid] = get_path_wrapper(NULL, $path, %{ PATH %})
		}
	}
}

probe 	kernel.function("do_mount").return
{
	pid = pid()
    /* skip if process is not in the target tree */
    if (!target_set_pid(pid)) next;

    tid = tid()

    if(mount_target[tid] != "")
    {
		print_preamble(ppfunc())
		printf(" {%s} {%s} {%s} {%d} {%s}\n", 
			mount_source[tid], mount_target[tid], 
			mount_type[tid], mount_flags[tid], 
			mount_namespaces_roots[pid])
	}

	delete mount_source[tid]
	delete mount_target[tid]
	delete mount_type[tid]
	delete mount_flags[tid]
}

probe 	syscall.clone,
		syscall.fork, 
		syscall.vfork
{
    /* skip if process is not in the target tree */
    if (!target_set_pid(pid())) next;

	update_root()
}

probe 	syscall.exit
{ 
    /* skip if process is not in the target tree */
    if (!target_set_pid(pid())) next;

	delete path_arg[tid()]
}

probe 	syscall.exit_group
{ 
	pid = pid()
    /* skip if process is not in the target tree */
    if (!target_set_pid(pid)) next;

    delete mount_namespaces_roots[pid]
	delete path_arg[tid()]
}

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2021-02-23  3:49 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-23  3:49 Problems in the use of System4.4 version 李 韵

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).