Date: Wed, 20 May 2009 21:56:13 -0400 From: Wesley Shields <wxs@FreeBSD.org> To: Thomas Backman <serenity@exscape.org> Cc: freebsd-current@freebsd.org Subject: Re: DTrace panic while probing syscall::open (and possibly many others) Message-ID: <20090521015612.GA2630@atarininja.org> In-Reply-To: <CCE34949-C31C-41BC-876C-7E7B0F2A4FF6@exscape.org> References: <949B5884-5303-4EFF-AC7D-293640FFA012@exscape.org> <20090518161148.GA56646@atarininja.org> <C994D84B-C67E-4BA3-9A7C-D5A3175BD29C@exscape.org> <20090519204947.GA39529@atarininja.org> <CCE34949-C31C-41BC-876C-7E7B0F2A4FF6@exscape.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, May 20, 2009 at 02:00:49PM +0200, Thomas Backman wrote:
>
> On May 19, 2009, at 10:49 PM, Wesley Shields wrote:
> > I just noticed this but shouldn't you be using copyinstr() on the
> > first
> > probe. It should look something like this:
> >
> > syscall::open:entry
> > {
> > self->path = copyinstr(arg0);
> > }
> >
> > syscall::open:return
> > / self->path /
> > {
> > printf("%s\n", self->path);
> > }
> >
> > This still doesn't solve the problem of copyinstr() causing a crash
> > though.
>
> I don't remember why, but I do remember that it was said (in older
> versions) in the Solaris DTrace guide to always copy in variables
> after the function return, not quite sure why (Possibly because they
> could be undefined in :::entry?). Brendan Gregg, who wrote the DTrace
> Toolkit, does this, anyway (see the opensnoop.d script). Sun liked his
> work so much that they hired him. :-)
It's still mentioned in the guide (page 346, "Avoiding Errors"). The
reason is the one I mentioned (the argument being copied in has to be in
a page that is faulted-in). It's quite possible that on entry into the
syscall that page is not yet faulted in.
-- WXS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090521015612.GA2630>