On Thu, Oct 02, 2008 at 12:31:30PM +0200, Vladimir Kotal wrote:
> Jonathan Adams wrote:
> >On Wed, Oct 01, 2008 at 02:18:55PM +0200, Vladimir Kotal wrote:
>
> <snip>
>
> >>dtrace -w -n 'fbt:genunix:sigtoproc:entry/arg2 == 11/ {
> >>self->pid=((proc_t *)arg0)->p_pidp->pid_id; stop();
> >>system("/usr/bin/gcore %d", self->pid); system("/usr/bin/prun %d",
> >>self->pid); }'
> >
> >This is stopping the signal sender, not the signal receiver.
>
> I see. In my scenario it worked because it was the case of HW caused
> trap so ttoproc(curthread) was equal to first argument of sigtoproc().
Indeed.
> BTW appcrash ensures this via 'pid == args[1]->pr_pid' condition in the
> predicate used for proc:::signal-send.
>
> <snip>
>
> > stop();
> > system("/usr/bin/prun %d", pid);
> >}
>
> Maybe stupid/ignorant question but I'll ask anyway: why there is no
> start()/run() in dtrace ?
Probably because we want to minimize "funky" processed-in-user-context actions.
system(prun) makes it obvious what's going on.
> >This should work regardless of the source of the segv. (the main trick is
> >calling stop() at the top of issig_forreal(); that will stop the process
> >before
> >the SEGV is processed, letting dtrace get a stack trace from it.)
>
> The script works fine, thanks a lot for it.
I'm glad it works for you.
Cheers,
- jonathan
_______________________________________________
dtrace-discuss mailing list
[email protected]
