freebsd-skq/cddl
markj 3ecc6f1298 Add a function, memstr, which can be used to convert a buffer of
null-separated strings to a single string. This can be used to print the
full arguments of a process using execsnoop (from the DTrace toolkit) or
with the following one-liner:

dtrace -n 'syscall::execve:return {trace(curpsinfo->pr_psargs);}'

Note that this relies on the process arguments being cached via the struct
proc, which means that it will not work for argvs longer than
kern.ps_arg_cache_limit. However, the following rather non-portable
script can be used to extract any argv at exec time:

fbt::kern_execve:entry
{
    printf("%s", memstr(args[1]->begin_argv, ' ',
        args[1]->begin_envv - args[1]->begin_argv));
}

The debug.dtrace.memstr_max sysctl limits the maximum argument size to
memstr(). Thanks to Brendan Gregg for helpful comments on freebsd-dtrace.

Tested by:	Fabian Keil (earlier version)
MFC after:	2 weeks
2013-10-16 01:39:26 +00:00
..
compat/opensolaris
contrib Add a function, memstr, which can be used to convert a buffer of 2013-10-16 01:39:26 +00:00
lib Add a function, memstr, which can be used to convert a buffer of 2013-10-16 01:39:26 +00:00
sbin WiP merge of libzfs_core (MFV r238590, r238592) 2013-03-05 08:09:53 +00:00
usr.bin Build all ZFS testing & debugging tools with -g. 2013-08-27 04:01:31 +00:00
usr.sbin Build all ZFS testing & debugging tools with -g. 2013-08-27 04:01:31 +00:00
Makefile
Makefile.inc