dtrace's curpsinfo->pr_psargs is neutered?

I'm wondering the same thing. Is there some sort of workaround? It would be really useful.

I also had the same problem. To resolve it, I read dtrace's source code.
Unfortunately, I found that the function was omitted.

dtrace-48.1/scripts/darwin.d:
pr_psargs = T->p_comm; /* XXX omits command line arguments XXX */



But I need arguments strongly, I decided to grab them from the executed process stack.
The below is the code.



#!/usr/sbin/dtrace -C -s

#pragma D option quiet

proc::posix spawn:exec-success,proc::__macexecve:exec-success
{
this->isx64=(curproc->p_flag & P_LP64)!=0;
#define SELECT 6486(x64, x86) (this->isx64 ? (x64) : (x86))
#define GET_POINTER(base, offset) (user addr_t)SELECT_64_86(*(uint64t )((base)+sizeof(uint64_t)(offset)), *(uint32_t )((base)+sizeof(uint32_t)(offset)))

this->ptrsize=SELECT 64_86(sizeof(uint64_t),sizeof(uint32t));
this->argc=curproc->p_argc;

// I havn't recognized whether the x64 occurs tha same problem (argv\[0\] points invalid area)
this->isClean=SELECT 6486(1, (curproc->p dtrace_argv==(uregs[R_SP]sizeof(uint32_t)sizeof(uint32t))));
this->argv=(uint64 t)copyin(curproc->p_dtraceargv,this->ptrsize*this->argc);

/* printf("%s with args:%d (%p, %p)\n",execname, this->argc, curproc->p dtraceargv, uregs\[R_SP\]); */

printf("%s ", (0 < this->argc && this->isClean) ? copyinstr(GET_POINTER(this->argv,0)) : "");
printf("%s ", (1 < this->argc && this->isClean) ? copyinstr(GET_POINTER(this->argv,1)) : "");
printf("%s ", (2 < this->argc && this->isClean) ? copyinstr(GET_POINTER(this->argv,2)) : "");
printf("%s ", (3 < this->argc && this->isClean) ? copyinstr(GET_POINTER(this->argv,3)) : "");
printf("%s ", (4 < this->argc && this->isClean) ? copyinstr(GET_POINTER(this->argv,4)) : "");
printf("%s ", (5 < this->argc && this->isClean) ? copyinstr(GET_POINTER(this->argv,5)) : "");
printf("%s ", (6 < this->argc && this->isClean) ? copyinstr(GET_POINTER(this->argv,6)) : "");
printf("%s ", (7 < this->argc && this->isClean) ? copyinstr(GET_POINTER(this->argv,7)) : "");
printf("%s ", (8 < this->argc && this->isClean) ? copyinstr(GET_POINTER(this->argv,8)) : "");
printf("%s ", (9 < this->argc && this->isClean) ? copyinstr(GET_POINTER(this->argv,9)) : "");
printf("\n");

#undef GET_POINTER
#undef SELECT 6486
}

*Work as:*
$ sudo dtrace -C -s args.d
cc1: warning: /dev/fd/5 is shorter than expected
gls -Fh --color=auto
gls -Fh --color=auto -al
/Applications/OmniGraffle Professional 4.app/Contents/MacOS/OmniGraffle Professional -psn 05780867


Attention:
This sometimes works not well (checked by this->isClean), and I couldn't find out the reason.
This dtrace can get 10 arguments maximally, since dtrace has no control-flow instructions.
Parsing the execve's arguments (arg1) fails more frequently than the above way.

Message was edited by: Hi_Toshi