setting breakpoint in system call. Solaris vs. Windows

Java CAPS, like other SOA/EAI products, has an adapter for ftp. We recently had to test timeout feature when ftp server hangs on logon. To reproduce the problem, I used debugger to set breakpoint in system call.


Breakpoint - Wikipedia, the free encyclopedia

a breakpoint is a means of acquiring knowledge about a program during its execution


1. Solaris

We know ftp server will read/write some stuff from/to network while authenticating. I used write() system call this time. 

# mdb -o follow_fork_mode=child,follow_exec_mode=follow -p $(pgrep inetd)
Loading modules: [ ld.so.1 libumem.so.1 libuutil.so.1 libc.so.1 libnvpair.so.1 libsysevent.so.1 ]
> ::sysbp write
> :c
mdb: target forked child process 27158 (debugger following child)   <-- ftp client tries to connect
mdb: target performed exec of /usr/sbin/in.ftpd
mdb: stop on entry to write
mdb: target stopped at:
libc.so.1`_write+8:     ta        8
>


2. Windows

What is the equivalent of write() system call on Windows? I tried ntdll.dll!NtWriteFile but it didn't work. NtWriteFile() may be strictly for local file system write. I used ws2_32.dll!send instead. 


Install Debugging Tools for Windows 32-bit Version

Current Release version 6.9.3.113 - April 29, 2008 [17.5 MB] 


$ tasklist /svc | grep -i ftp
inetinfo.exe                  2400 IISADMIN, MSFtpsvc
$ cdb -p 2400
Microsoft (R) Windows Debugger  Version 6.6.0007.5
*** wait with pending attach
Symbol search path is: SRV*e:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
ModLoad: 01000000 01006000   D:\WINDOWS\system32\inetsrv\inetinfo.exe
ModLoad: 7c950000 7ca2a000   D:\WINDOWS\system32\ntdll.dll
[...]
ModLoad: 71aa0000 71ab7000   D:\WINDOWS\system32\WS2_32.dll
[...]
0:016> X *!send
719e619f mswsock!send = 
71ab06b2 WS2_32!send = 
0:016> bp WS2_32!send
0:016> g
Breakpoint 0 hit                   <-- ftp client tries to connect
eax=00000000 ebx=6808374c ecx=0193f5d4 edx=0193f3a0 esi=0000001b edi=68083554
eip=71ab06b2 esp=0193f5b4 ebp=0193f5e0 iopl=0         nv up ei pl zr na pe nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000246
WS2_32!send:
71ab06b2 8bff            mov     edi,edi

Posted on: Nov 12, 2008

Posted by: Katsumi Inoue

Category: Sun

Trackback URL: http://blogs.sun.com/LetTheSunShineIn/entry/setting_breakpoint_in_system_call

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed

This blog copyright 2009 by Katsumi Inoue