On Wed, May 20, 2009 at 02:00:49PM +0200, Thomas Backman wrote: > > On May 19, 2009, at 10:49 PM, Wesley Shields wrote: > > I just noticed this but shouldn't you be using copyinstr() on the > > first > > probe. It should look something like this: > > > > syscall::open:entry > > { > > self->path = copyinstr(arg0); > > } > > > > syscall::open:return > > / self->path / > > { > > printf("%s\n", self->path); > > } > > > > This still doesn't solve the problem of copyinstr() causing a crash > > though. > > I don't remember why, but I do remember that it was said (in older > versions) in the Solaris DTrace guide to always copy in variables > after the function return, not quite sure why (Possibly because they > could be undefined in :::entry?). Brendan Gregg, who wrote the DTrace > Toolkit, does this, anyway (see the opensnoop.d script). Sun liked his > work so much that they hired him. :-) It's still mentioned in the guide (page 346, "Avoiding Errors"). The reason is the one I mentioned (the argument being copied in has to be in a page that is faulted-in). It's quite possible that on entry into the syscall that page is not yet faulted in. -- WXSReceived on Wed May 20 2009 - 23:56:14 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:48 UTC