Incorrect kCSNow #2
Description
It seems kCSNow is 0x8000000000000000llu instead of 0x80000000u. This makes sense as times are uint64_t.
This can be checked by e.g. disassembling the 64-bit part of /usr/lib/libdtrace.dylib, function symbolOwnerForName:
Source:
CSSymbolOwnerRef symbolOwnerForName(CSSymbolicatorRef symbolicator, const char* name) {
// Check for a.out specifically
if (strcmp(name, "a.out") == 0) {
__block CSSymbolOwnerRef owner = kCSNull;
if (CSSymbolicatorForeachSymbolOwnerWithFlagsAtTime(symbolicator, kCSSymbolOwnerIsAOut, kCSNow, ^(CSSymbolOwnerRef t) { owner = t; }) == 1) {
return owner;
}
return kCSNull;
}
…Disassembly:
_symbolOwnerForName:
000000000003a028 55 pushq %rbp ; XREF=_Pxlookup_by_name+89, _Plmid_to_map+42, _Psymbol_iter_by_addr+95
000000000003a029 4889E5 movq %rsp, %rbp
000000000003a02c 4157 pushq %r15
000000000003a02e 4156 pushq %r14
000000000003a030 4155 pushq %r13
000000000003a032 4154 pushq %r12
000000000003a034 53 pushq %rbx
000000000003a035 4881ECD8000000 subq $0xd8, %rsp
000000000003a03c 4889D3 movq %rdx, %rbx ; const char* name
000000000003a03f 4989F7 movq %rsi, %r15 ; CSSymbolicatorRef symbolicator
000000000003a042 4989FC movq %rdi, %r12
000000000003a045 488D35CC4C0300 leaq %ds:0x6ed18, %rsi ; "a.out", argument "s2" for method imp___stubs__strcmp
000000000003a04c 4889DF movq %rbx, %rdi ; argument "s1" for method imp___stubs__strcmp
000000000003a04f E868F80100 callq $imp___stubs__strcmp
000000000003a054 85C0 testl %eax, %eax
000000000003a056 0F8481010000 jeq $0x3a1dd
000000000003a05c 48C745B000000000 movq $0x0, %ss:var_50(%rbp)
000000000003a064 4C8D6DB0 leaq %ss:var_50(%rbp), %r13
000000000003a068 4C896DB8 movq %r13, %ss:var_48(%rbp)
000000000003a06c C745C000000000 movl $0x0, %ss:var_40(%rbp)
000000000003a073 C745C428000000 movl $0x28, %ss:var_3C(%rbp)
000000000003a07a 48C745D000000000 movq $0x0, %ss:var_30(%rbp)
000000000003a082 48C745C800000000 movq $0x0, %ss:var_38(%rbp)
000000000003a08a 4C8B35778F0300 movq %ds:imp___got___NSConcreteStackBlock, %r14
000000000003a091 4C89B560FFFFFF movq %r14, %ss:var_A0(%rbp)
000000000003a098 C78568FFFFFF00000042 movl $0x42000000, %ss:var_98(%rbp)
000000000003a0a2 C7856CFFFFFF00000000 movl $0x0, %ss:var_94(%rbp)
000000000003a0ac 488D0540020000 leaq %ds:___symbolOwnerForName_block_invoke2, %rax
000000000003a0b3 48898570FFFFFF movq %rax, %ss:var_90(%rbp)
000000000003a0ba 488D051F250400 leaq %ds:___block_descriptor_tmp5, %rax
000000000003a0c1 48898578FFFFFF movq %rax, %ss:var_88(%rbp)
000000000003a0c8 4C896D80 movq %r13, %ss:var_80(%rbp)
000000000003a0cc 4C8D8560FFFFFF leaq %ss:var_A0(%rbp), %r8 ; argument "iterator" for method imp___stubs__CSSymbolicatorForeachSymbolOwnerWithPathAtTime
000000000003a0d3 4C89E7 movq %r12, %rdi ; argument #1 for method imp___stubs__CSSymbolicatorForeachSymbolOwnerWithPathAtTime
000000000003a0d6 4C89FE movq %r15, %rsi ; argument "symbolicator" for method imp___stubs__CSSymbolicatorForeachSymbolOwnerWithPathAtTime
000000000003a0d9 4889DA movq %rbx, %rdx ; argument "name" for method imp___stubs__CSSymbolicatorForeachSymbolOwnerWithPathAtTime
000000000003a0dc 48B90000000000000080 movabsq $0x8000000000000000, %rcx ; argument "time" for method imp___stubs__CSSymbolicatorForeachSymbolOwnerWithPathAtTime
000000000003a0e6 E88DF30100 callq $imp___stubs__CSSymbolicatorForeachSymbolOwnerWithPathAtTime
000000000003a0eb 4885C0 testq %rax, %rax
000000000003a0ee 0F85D2000000 jneq $0x3a1c6