DTrace panic while probing syscall::open (and possibly many
others)
Thomas Backman
serenity at exscape.org
Wed May 20 12:01:02 UTC 2009
On May 19, 2009, at 10:49 PM, Wesley Shields wrote:
> I just noticed this but shouldn't you be using copyinstr() on the
> first
> probe. It should look something like this:
>
> syscall::open:entry
> {
> self->path = copyinstr(arg0);
> }
>
> syscall::open:return
> / self->path /
> {
> printf("%s\n", self->path);
> }
>
> This still doesn't solve the problem of copyinstr() causing a crash
> though.
I don't remember why, but I do remember that it was said (in older
versions) in the Solaris DTrace guide to always copy in variables
after the function return, not quite sure why (Possibly because they
could be undefined in :::entry?). Brendan Gregg, who wrote the DTrace
Toolkit, does this, anyway (see the opensnoop.d script). Sun liked his
work so much that they hired him. :-)
Regards,
Thomas
More information about the freebsd-current
mailing list