Skip to content

Full tracing of gethostbyXXX calls.

July 7, 2008

The gethostbyname.d “one liner” is now no longer anywhere near a one liner as to not be funny. It does however do all the things you would want it to do. Printing the entire hostent1 structure on success and all the h_error values on failure.

: enoexec.eu FSS 257 $; pfexec /usr/sbin/dtrace -32 -CZs gethostbyXXXX.d -c getent hosts www.ibm.com  
129.42.56.216	www.ibm.com www.ibm.com.cs186.net 
Look up: www.ibm.com: took 3276803us 
Host: www.ibm.com 	
h_alias[0]: www.ibm.com.cs186.net 	
h_address[0]: 129.42.56.216  
: enoexec.eu FSS 258 $; pfexec /usr/sbin/dtrace -32 -CZs gethostbyXXXX.d -c getent hosts this.host.does.not.exist.sun.com 
Look up: this.host.does.not.exist.sun.com:
took 31789us gethostbyname_r failed. 
h_errno: 1: 
Host not found  
: enoexec.eu FSS 259 $;  pfexec /usr/sbin/dtrace -32 -CZs gethostbyXXXX.d -c getent hosts 127.0.0.1 
127.0.0.1	localhost 
Look up: 127.0.0.1 took 247882us: 
Host: localhost 	
h_address[0]: 127.0.0.1  
: enoexec.eu FSS 260 $;

I learned some useful things while writing this:

  1. Writing userland scripts is much harder than kernel scripts. If your script has “#include in it then you are entering a world of hurt. Specifically make sure you set the data model of dtrace to match that of the application you are scripting.

  2. The various copyin() routines write into scratch memory. Scratch memory is only good during the current clause so if you want to move the data from clause to clause you need to store it. Thanks again to Jon for pointing this out.

  3. How cool would “follow fork” be for dtrace? Very.

  4. It would be really nice to bundle this script up as “getXXXbyYYY.d and include all the other getXXXbyYYY routines that there are (getpwbyname, getpwbyuid etc etc) however even this script is on the edge of producing DIF that is to large for the standard settings so having more probes would make it unworkable. Anyway they make a good exercise for the reader.

The script is here: gethostbyXXXX.d

1Well only the first 10 host name aliases and the first 10 IP addresses are printed. Adding more is trivial but you will need to up the size of the DIF that the kernel is prepared to accept.

From → Solaris

One Comment
  1. The dot in ... --- ... permalink

    [Trackback] When I wrote the
    D script to decode gethostbyname() and gethostbyaddr() library
    calls I fully intended to proactive write the script to do
    getipnodebyname() and getipnodebyaddr() and for that matter all the
    getXbyY routines. However that spare fi…

    Reply

Leave a reply to The dot in ... --- ... Cancel reply

«
»