IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
* defs.h (addflags): Change return type from int to void.
* util.c (addflags): Change return type from int to void.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
I noticed that tcp->u_args[MAX_ARGS] array is way larger than
I'd expect: for all arches except HPPA it has 32 (!) elements.
I looked at the code and so far I spotted only one abuser of
this fact: sys_sigreturn. On several arches, it saves sigset_t
into tcp->u_args[1...N] on entry and prints it on exit, a-la
memcpy(&tcp->u_arg[1], &sc.oldmask[0], sizeof(sigset_t))
The problem here is that in glibc sigset_t is insanely large:
128 bytes, and using sizeof(sigset_t) in memcpy will overrun
&tcp->u_args[1] even with MAX_ARGS == 32:
On 32 bits, sizeof(tcp->u_args) == 32*4 == 128 bytes!
We may already have a bug there!
This commit changes the code to save NSIG / 8 bytes only.
NSIG can't ever be > 256, and in practice is <= 129,
thus NSIG / 8 is <= 16 bytes == 4 32-bit words,
and even MAX_ARGS == 5 should be enough for saving signal masks.
* defs.h: Reduce MAX_ARGS for X86_64 and I386 from 32 to 8
for FreeBSD and to 6 for everyone else. Add comment about current
state of needed MAX_ARGS.
* signal.c: Add comment about size of sigset_t.
(sprintsigmask): Reduce static string buffer from 8k to 2k.
(sys_sigreturn): Fix sigset saving to save only NSIG / 8 bytes,
not sizeof(sigset_t) bytes.
* linux/mips/syscallent.h: Reduce nargs of printargs-type syscall to 7.
* linux/arm/syscallent.h: Reduce nargs of printargs-type syscall to 6.
* linux/i386/syscallent.h: Likewise.
* linux/m68k/syscallent.h: Likewise.
* linux/powerpc/syscallent.h: Likewise.
* linux/s390/syscallent.h: Likewise.
* linux/s390x/syscallent.h: Likewise.
* linux/sh/syscallent.h: Likewise.
* linux/sh64/syscallent.h: Likewise.
* linux/sparc/syscallent.h: Likewise.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
* mem.c (sys_old_mmap): For Ia64 and 32-bit personality of x86-64,
copy narrow parameters from userspace by single umove, not by six
separate ones; then assign them to long u_arg[i]. For SH[64],
avoid copying of tcp->u_arg.
(sys_mmap): Add FIXME comment - SH64 and i386 seem to be handled
differently for no apparent reason.
* test/mmap_offset_decode.c: New test program, illustrates FIXME.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
After careful analysis, it looks like !LINUX and ALPHA
pass all seven parameters in registers; and in all other cases
parameters are on stack (pointed to by tcp->u_arg[0]).
In light of this, reorganize ifdefs, making them simpler,
without changing any logic.
After this, it's apparent we use tcp->u_arg[4,5,6] and possibly
[7] without checking that it's valid to do so.
So far, just add a comment about this.
* mem.c (sys_mmap64): Rewrite ifdefs in a much simpler way.
Add comments about apparent bugs.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
* mem.c: Indent includes to show nesting better.
(addtileflags): Fix style of this function definition;
correct wrong endif comment, add another endif comment.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
* defs.h: Add/reformat comments.
* signal.c: Remove wrong comment. Add warning directive
when we detect that NSIG is undefined. Add comment about
NSIG on ARM. Fix typo in comment.
(signame): Reformat code a bit without changes to logic.
Shorten static buffer.
(sys_rt_sigprocmask): Remove stray empty line.
* syscall.c: Add warning directive when we detect that
NSIG is undefined. Add comment about NSIG on ARM.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
* strace.c [LINUX] (kill_save_errno): New function.
(test_ptrace_setoptions_followfork): Change return type to void.
Fix and harden error handling. Use kill_save_errno() to avoid errno
clobbering. Treat EIO from ptrace() the same way as EINVAL.
(test_ptrace_setoptions_for_all): Use kill_save_errno() to avoid errno
clobbering. Treat EIO from ptrace() the same way as EINVAL.
(main): Update use of test_ptrace_setoptions_followfork().
tcp->parent is used for only two things:
(1) to send signal on detach via tgkill (need to know tgid).
Solution: use tkill, it needs only tid.
(2) to optimize out ptrace options setting for new tracees.
Not a big deal if we drop this optimization: "set options" op is fast,
doing it just one extra time once per each tracee is hardly measurable.
TCB_CLONE_THREAD is a misnomer. It used only to flag sibling we attached to
in startup_attach. This is used to prevent infinite recursive rescanning
of /proc/PID/task.
Despite the name, there is no guarantee it is set only on non-leader:
if one would run "strace -f -p THREAD_ID" and THREAD_ID is *not*
a thread leader, strace will happily attach to it and all siblings
and will think that THREAD_ID is the leader! Which is a bug, but
since we no longer detach when we think tracee is going to die,
this bug no longer matters, because we do not use the knowledge
about thread group leaders for anything. (We used it to delay
leader's exit).
IOW: after this patch strace has no need to know about threads, parents
and children, and so on. Therefore it does not track that information.
It treats all tracees as independent entities. Overall,
this simplifies code a lot.
* defs.h: Add TCB_ATTACH_DONE flag, remove TCB_CLONE_THREAD flag
and struct tcb::parent field.
* process.c (internal_fork): Don't set tcpchild->parent.
* strace.c (startup_attach): Use TCB_ATTACH_DONE flag instead of
TCB_CLONE_THREAD to avoid attach attempts on already-attached threads.
Unlike TCB_CLONE_THREAD, TCB_ATTACH_DONE bit is used only temporarily,
and only in this function. We clear it on every tcb before we return.
(detach): Use tkill instead of tgkill.
(trace): Set ptrace options on new tracees unconditionally,
not only when tcp->parent == NULL.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
Since we no longer suspend waitpid'ing tracees, we have only one case when
we suspend tracee: when we pick up a new tracee created by clone/fork/vfork.
Background: on some other OSes, attach to child is done this way:
get fork's result (pid), loop ptrace(PTRACE_ATTACH) until you hook up
new process/thread. This is ugly and not safe, but what matters for us
is that it doesn't require suspending. Suspending is required
on Linux only, because on Linux attach to child is done differently.
On Linux, we use two methods of catching new tracee:
adding CLONE_THREAD bit to syscall (if needed, we change
[v]fork into clone before that), or using ptrace options.
In both cases, it may be so that new tracee appears before one which
created it returns from syscall. In this case, current code
suspends new tracee until its creator returns. Only then
strace can determine who is its parent (it needs child's pid for this,
which is visible in parent's [v]fork/clone result).
This is inherently racy. For example, what if SIGKILL kills
creator after it succeeded creating child, but before it returns?
Looks like we will have child suspended forever.
But after previous commit, we DO NOT NEED parent<->child link for anything.
Therefore we do not need suspending too. Bingo!
This patch removes suspending code. Now new tracees will be continued
right away. Next patch will remove tcp->parent member.
* defs.h: Remove TCB_SUSPENDED constant
* process.c (handle_new_child): Delete this function.
(internal_fork): Do not call handle_new_child on syscall exit.
* strace.c (handle_ptrace_event): Delete this function.
(trace): Do not suspend new child; remove all handling
of now impossible TCB_SUSPENDED condition.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
Current code plays some ungodly tricks, trying to not detach
thread group leader until all threads exit.
Also, it detaches from a tracee when signal delivery is detected
which will cause tracee to exit.
This operation is racy (not to mention the determination
whether signal is set to SIG_DFL is a horrible hack):
after we determined that this signal is indeed fatal
but before we detach and let process die,
*other thread* may set a handler to this signal, and
we will leak the process, falsely displaying it as killed!
I need to look in the past to figure out why we even do it.
First guess is that it's a workaround for old kernel bugs:
kernel used to deliver exit notifications to the tracer,
not to real parent. These workarounds are ancient
(internal_exit is from 1995).
The patch deletes the hacks. We no longer need tcp->nclone_threads,
TCB_EXITING and TCB_GROUP_EXITING. We also lose a few rather
ugly functions.
I also added a new message: "+++ exited with EXITCODE +++"
which shows exact moment strace got exit notification.
It is analogous to existing "+++ killed by SIG +++" message.
* defs.h: Delete struct tcb::nclone_threads field,
TCB_EXITING and TCB_GROUP_EXITING constants,
declarations of sigishandled() and internal_exit().
* process.c (internal_exit): Delete this function.
(handle_new_child): Don't ++tcp->nclone_threads.
* signal.c (parse_sigset_t): Delete this function.
(sigishandled): Delete this function.
* strace.c (startup_attach): Don't tcbtab[tcbi]->nclone_threads++.
(droptcb): Don't delay dropping if tcp->nclone_threads > 0,
don't drop parent if its nclone_threads reached 0:
just drop (only) this tcb unconditionally.
(detach): don't drop parent.
(handle_group_exit): Delete this function.
(handle_ptrace_event): Instead of handle_group_exit, just drop tcb;
do not panic if we see WIFEXITED from an attached pid;
print "+++ exited with EXITCODE +++" for every WIFEXITED pid.
* syscall.c (internal_syscall): Do not treat sys_exit specially -
don't call internal_exit on it.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
* strace.c (trace): Do not recalculate "cflag ? &ru : NULL"
again and again. Do not clear errno unnecessarily.
Consistently check wait errors as pid < 0, not pid == -1.
Indent ifdefs for better readability.
Remove comments after endif if ifdef/endif block is really tiny.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
* configure.ac (AC_CHECK_DECLS): Add PTRACE_O_TRACESYSGOOD,
PTRACE_O_TRACEEXEC, PTRACE_O_TRACEEXIT, PTRACE_EVENT_EXEC,
PTRACE_EVENT_VFORK_DONE and PTRACE_EVENT_EXIT.
* defs.h [LINUX]: Define these PTRACE_* constants when they are not
provided by <sys/ptrace.h>.
Reported-by: Douglas Mencken <dougmencken@gmail.com>
Reported-by: Steve Bennett <steveb@workware.net.au>
* strace.c (trace): Change ifdef LINUX to make a bit more sense,
remove wrong comment at its endif. Slightly optimize
"+++ killed by SIG +++" message for systems without WCOREDUMP macro.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
* strace.c (alloc_tcb): Print number of allocated tcb's if -d.
(droptcb): Likewise.
(handle_ptrace_event): Remove PTRACE_EVENT_EXEC debug message.
(trace): Improve logging of waitpid: show WIFxxx, exitcode/signal,
ptrace event name, WCOREDUMP - all on one line.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
* syscall.c (syscall_enter) [BFIN]: Make register no array "static const".
[SH]: Make register no array "const", pre-multiply it by 4.
[SH64]: Make register no array "const".
[X86_64]: Make register no array "const", pre-multiply it by 8.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
syscall_enter has many long (>80 columns) lines.
It is aggravated by the fact that it has a lot of {} blocks
which are not necessary (the code is the same without them).
This patch removes {}s and deindents affected lines.
While at it, it indents ifdefs so that nesting is easier to track,
and adds a few spaces in the expressions, such as
"tcp->u_nargs*sizeof..." -> "tcp->u_nargs * sizeof...".
There is no actual changes to the code here.
* syscall.c (syscall_enter): Remove unnecessary {} blocks.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
process.c defines CLONE_PTRACE for Linux, so it can't be undefined.
Therefore ifndef CLONE_PTRACE code is dead (since at least 2004).
This patch removes it.
* process.c (handle_new_child): Remove ifdef CLONE_PTRACE/endif (but not
the code inside) and entire ifndef CLONE_PTRACE/endif block.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
TCB_FOLLOWFORK flag seems to be unnecessary, because we either follow
all [v]forks/clones or don't follow any, therefore global variable
followfork is an already existing indicator of what we want to do.
This patch drops all setting/clearing of TCB_FOLLOWFORK bit,
and replaces checks for this bit by checks of followfork value.
In internal_fork, check is moved to in front of if(), since
the check is needed on both "entering" and "exiting" branch.
* defs.h: Remove TCB_FOLLOWFORK define.
* process.c (internal_fork): Do not set/clear TCB_FOLLOWFORK,
test followfork instead of tcp->flags & TCB_FOLLOWFORK.
(handle_new_child): Likewise.
* strace.c (startup_attach): Likewise.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
This allows us to avoid having code to malloc them, and code to check
for malloc failure. Resulting code decrease:
text data bss dec hex filename
10175 0 16 10191 27cf system.o.old
9797 0 0 9797 2645 system.o
* system.c (sys_capget): Put cap_user_header_t and cap_user_data_t
on stack, rather than allocating them in heap. These structures
are very small (a few integer fields), stack is a better place
for them.
(sys_capset): Likewise.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
Error from strace_fopen in main results in call to exit(1).
Error from strace_fopen in newoutf is propagated to newoutf
callers: startup_attach (where it results in exit(1))
and alloc_tcb (where error is ignored). In second case,
the behavior doesn't seem to be right: it means with -ff
on open error for new LOGFILE.PID the output will continue
to go into *the same file as the previous process* - which
would be confusing. Moreover, on droptcb outf may be closed
and the output of other, still running process outputting
to the same outf will be lost. I don't think this is sane.
IOW: in all cases, error in strace_fopen should be fatal.
* strace.c (strace_fopen): Abort on error instead of returning NULL.
(newoutf): Change return type to void.
(startup_attach): Remove error check on newoutf return value.
(main): Remove error check on strace_fopen return value.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
set_cloexec_flag() may fail only if we pass it a bad fd,
such as -1 or non-opened one. If we do, we have a bug
in the caller. It makes no sense to try to continue
running when we detect such a blatant bug in our own code.
* strace (set_cloexec_flag): Abort instead of returning error
indicator. Change function to return void.
(strace_fopen): Remove error check on set_cloexec_flag return value.
(proc_open): Likewise.
(proc_poll_open): Likewise.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
It makes no sense to postpone abort on strace_popen error
unti it returns. Moreover, out-of-memory error was exiting
without any message.
While at it, use 0 as "none" for popen_pid, as optimization.
* strace: Initialize popen_pid to 0 - this puts it in bss.
(trace): Reset popen_pid to 0 instead of -1.
(strace_popen): Never return NULL as error indicator,
abort with good error message instead.
(main): Remove NULL check of strace_popen result.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
Get rid of fork_tcb() function. It used to do what the comment
above it says, but now it doesn't do much:
it only sets tcp->flags |= TCB_FOLLOWFORK and maybe calls
expand_tcbtab(). The second operation is not necessary, since
alloc_tcp() will do it itself when needed.
This patch deletes fork_tcb(), open-coding tcp->flags |= TCB_FOLLOWFORK
where it was formerly called. It also makes nprocs, tcbtabsize and
expand_tcbtab() static. (While at it, I nuked redundant
extern char **environ declaration: strace.c had *two* of them...)
* defs.h: Remove declarations of nprocs, tcbtabsize and
expand_tcbtab.
* process.c (fork_tcb): Remove this function.
(internal_fork): Open-code fork_tcb.
(handle_new_child): Likewise.
* strace.c: Remove redundant "extern char **environ". Declare
nprocs and tcbtabsize static.
(expand_tcbtab): Make it static.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
Get rid of a few intermediate variables, simplifies a few expressions,
and uses error_msg_and_die instead of more verbose
fprintf+cleanup+exit sequence.
In alloc_tcp, I use memset to clear entire new tcp.
This not only saves a few bytes of code, but lowers the chances
of future bugs where some data "leaks out" into new tcb's
from old ones because we forgot to re-initialize it.
* strace.c (expand_tcbtab): Simplify this function. No logic changes.
(alloc_tcb): Likewise.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
* process.c (internal_fork): Remove conditionals which make no difference
(we return 0 on both branches of these ifs).
* util.c: Fix indentation of an ifdef.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
Commit 3454e4b463
introduced a bug: sometimes, TRACECLONE/TRACE[V]FORK opts were not set.
The check (tcp->parent == NULL) in old code was meant to check
"if we are not a child created by auto-attach" - in this case,
options need to be set on the child; otherwise they are inherited
and do not need to be set.
I misunderstood the check and if tcp->parent is not NULL, I was
setting only ptrace_setoptions_for_all bits.
This change fixes the problem. Since the fixed logic makes it
unnecessary to keep two sets of options in separate variables,
I merge them back into one variable, ptrace_setoptions.
* defs.h: Merge ptrace_setoptions_followfork and ptrace_setoptions_for_all
into one variable, ptrace_setoptions.
* strace.c: Likewise.
(test_ptrace_setoptions_followfork): Use ptrace_setoptions variable.
(test_ptrace_setoptions_for_all): Likewise.
(main): Likewise.
* process.c (internal_fork): Likewise.
(internal_exec): Likewise.
* strace.c (trace): Fix the bug where different options were set
depending on "tcp->parent == NULL" condition. Add a comment
which makes it more clear why this condition is checked.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
strace used to suspend waitpid until there is a child
for waitpid'ing process to collect status from.
Apparently, it was done because in some very old kernels
(circa 2002 or even earlier) there were ptrace bugs which
were making waitpid in real parent to not see children.
This kernel bug is fixed long ago. This change removes the workaround.
test/wait_must_be_interruptible.c is a test program which
illustrates why without this change strace changes
programs's behavior.
* defs.h: Delete waitpid and nclone_waiting members from from struct tcb.
Remove declaration of internal_wait().
* process.c (internal_wait): Remove this function.
* strace.c (alloc_tcb): Do not set tcp->nclone_waiting.
(resume): Remove this function.
(resume_from_tcp): Remove this function.
(detach): Do not call resume_from_tcp().
(handle_group_exit): Do not call resume_from_tcp().
* syscall.c (internal_syscall): Do not call internal_wait().
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
