DTrace panic while probing syscall::open (and possibly many others)

Thomas Backman serenity at exscape.org
Wed May 20 12:01:02 UTC 2009

On May 19, 2009, at 10:49 PM, Wesley Shields wrote:
> I just noticed this but shouldn't you be using copyinstr() on the  
> first
> probe. It should look something like this:
> syscall::open:entry
> {
> 		self->path = copyinstr(arg0);
> }
> syscall::open:return
> / self->path /
> {
> 		printf("%s\n", self->path);
> }
> This still doesn't solve the problem of copyinstr() causing a crash
> though.

I don't remember why, but I do remember that it was said (in older  
versions) in the Solaris DTrace guide to always copy in variables  
after the function return, not quite sure why (Possibly because they  
could be undefined in :::entry?). Brendan Gregg, who wrote the DTrace  
Toolkit, does this, anyway (see the opensnoop.d script). Sun liked his  
work so much that they hired him. :-)


More information about the freebsd-current mailing list