fche changed the topic of #systemtap to: http://sourceware.org/systemtap; email systemtap@sourceware.org if answers here not timely, conversations may be logged
pwithnall____ has quit [Ping timeout: 255 seconds]
<sj0rz>
fche: so how can i best overwrite this behavior in my .stp script?
<sj0rz>
i'm having trouble getting it to work
<sj0rz>
the default tapset contains probes for the execve syscall for multiple arches, can i overwrite the behavior for all of them in my .stp script somehow?
<fche>
what would you like to overwrite?
<fche>
stap -L syscall.execve
<fche>
syscall.execve name:string filename:string __argv:long args:string __envp:long env_str:string argstr:string $filename:long int $argv:long int $envp:long int
<fche>
you want to provide some decoded form of env_str somehow?
<sj0rz>
yeah i basically wanted to replace:
<sj0rz>
env_str = __count_envp(pointer_arg(3))
<sj0rz>
by:
<sj0rz>
env_str = __get_argv(pointer_arg(3), 0)
<sj0rz>
in the default execve probe
<sj0rz>
i have a probe for probe nd_syscall.* that logs to a file
<sj0rz>
but i want the output of execve to use the expanded env format
<fche>
can you give me an example of the difference?
<fche>
if it's naturally better, we can make it work by changing the tapset source directly, I guess conditionally on %( systemtap_v %)
brolley has joined #systemtap
<sj0rz>
yeah that was what i was thinking (like the strace -v flag)
<sj0rz>
example of the difference in what, output?
<fche>
so the stap equivalent - difference between that _count_envp and _get_argv
<sj0rz>
oh, if i just modify the default stp file directly you mean? so was i correct in concluding that there is no convenient way to overwrite the behavior from my custom .stp file?
<sj0rz>
i thought if i just don't use the alias name, but instead define my overwriting probe for kprobe.function("sys_execve")
<sj0rz>
it should overwrite, but that doesn't seem to work as i expected
<fche>
you can write your own probe in your own stp file probe kprobe.function("sys_exceve") { /* do whatever you want */ }
<fche>
to change a default, so that the env_str is depicted differently for every user from now on, yeah change the tapset .stp file
drsmith is now known as drsmith_away
drsmith_away is now known as drsmith
<sj0rz>
ok i'll do that
<sj0rz>
so what is the idea between the non arch specific vs arch specific .stp file?