Commit Graph

2401 Commits

Author SHA1 Message Date
45e7b189e2 Prepare for -yy option support
* defs.h (show_fd_path): Change type to unsigned int.
* strace.c (show_fd_path): Likewise.
(init): Handle repeated -y option.
2014-08-08 23:38:26 +00:00
20b84a6769 Fix preadv/pwritev offset decoding on ILP32 architectures
This fixes regression introduced by the previous commit.

* io.c (print_llu_from_low_high_val) [SIZEOF_LONG != SIZEOF_LONG_LONG]:
Cast argument to unsigned long before casting it to unsigned long long.
2014-08-07 11:42:46 +00:00
3c49b02e98 Fix preadv/pwritev offset decoding on bigendian architectures
This partially reverts commit 7845a42b39.

* util.c (printllval): Remove align argument.
* defs.h (printllval): Update prototype.
(printllval_aligned, printllval_unaligned): Remove.
* file.c (sys_readahead, sys_truncate64, sys_ftruncate64, sys_fadvise64,
sys_fadvise64_64, sys_sync_file_range, sys_sync_file_range2,
sys_fallocate): Replace printllval_aligned call with printllval.
* io.c (sys_pread, sys_pwrite): Likewise.
(print_llu_from_low_high_val): New function.
(sys_preadv, sys_pwritev): Use it instead of printllval_unaligned.
2014-08-07 00:30:26 +00:00
15114ec215 Decode file descriptors returned by accept and accept4 syscalls
* net.c (do_accept): Rename to do_sockname.
(sys_accept, sys_accept4): Update callers, return RVAL_FD.
(sys_getsockname, sys_getpeername): Call do_sockname directly.
* tests/net-fd.test: Update.
2014-08-06 16:49:59 +00:00
Mike Frysinger
212287c56c x32: update io_{setup,submit} syscalls
Starting in 3.16, these two syscalls have gotten their own entry
point for x32.  See linux 7fd44dacdd803c0bbf38bf478d51d280902bb0f1.

* linux/x32/syscallent.h: Change existing io_{setup,submit} to 64bit,
and add new entry points for x32 specifically.
2014-08-01 14:25:12 +00:00
Max Filippov
57fac759ca xtensa: sort values in struct_user_offsets
Otherwise ptrace syscall argument decoding is wrong:
  ptrace(PTRACE_PEEKUSER, 296, syscall_nr, [0x4048eb]) = 0
  ptrace(PTRACE_PEEKUSER, 296, syscall_nr, [0x3fa6cd30]) = 0
  ptrace(PTRACE_PEEKUSER, 296, syscall_nr, [0x8040676d]) = 0
instead of
  ptrace(PTRACE_PEEKUSER, 296, pc, [0x4048eb]) = 0
  ptrace(PTRACE_PEEKUSER, 296, a1, [0x3fa6cd30]) = 0
  ptrace(PTRACE_PEEKUSER, 296, a0, [0x8040676d]) = 0

* process.c (struct_user_offsets) [XTENSA]: Sort values.
2014-06-18 15:41:25 +00:00
2734a7010f Document -k option as experimental
strace -k does not produce a reliable output on all supported
configurations yet, even basic strace-k.test is known to fail
on some of them.

* strace.c (usage): Document -k option as experimental.
* strace.1: Likewise.
* NEWS: Likewise.
2014-06-18 15:41:19 +00:00
b076420692 tests: robustify -k test
Split stack-fcall.c into several compilation units so that intermediate
function calls would not be optimized out by compiler.

* tests/stack-fcall.c: Move intermediate functions to ...
* tests/stack-fcall-*.c: ... new files.
* tests/Makefile.am (stack_fcall_SOURCES): Add stack-fcall-*.c.
2014-06-18 15:18:47 +00:00
c588b205be tests: enhance -k test
Add two more function calls to the stack.  Suggested by Masatake YAMATO.

* tests/stack-fcall.c (f1): Rename to f3.
(f1, f2): New functions.
* tests/strace-k.test: Update.
2014-06-13 15:58:01 +00:00
73741d2e2e unwind: ignore memory mappings that have no PROT_EXEC bit set
* unwind.c (build_mmap_cache): For each memory mapping being scanned,
save its PROT_EXEC bit and skip the mapping if it is not set.
2014-06-13 15:58:00 +00:00
9a349c7779 unwind: cleanup build_mmap_cache
* unwind.c (build_mmap_cache): Move local variables to the code branch
where they are used.  Check return code of sscanf and strdup.  Do not
treat unusual memory mappings as fatal errors.  Do not skip memory
mappings with path names starting with "[".
2014-06-13 15:56:40 +00:00
2222b928c6 unwind: remove unused field from mmap_cache_t
* unwind.c (mmap_cache_t): Remove "deleted" field.
(build_mmap_cache): Remove initialization of "deleted" field.
2014-06-13 18:20:08 +04:00
52840ede0c unwind: refactor stacktrace_walk
* unwind.c (stacktrace_walk): Move stack frame printing code
to separate function print_stack_frame.
2014-06-12 22:12:31 +00:00
806539c55c unwind: constify binary_filename and symbol_name functions arguments
* unwind.c (call_action_fn, print_call_cb, sprint_call_or_error,
queue_put, queue_put_call): Add const qualifier to binary_filename and
symbol_name arguments.
2014-06-12 22:10:59 +00:00
Luca Clementi
f1d73110a0 unwind: disable stack trace with multiple personalities
* unwind.c (unwind_cache_invalidate, unwind_print_stacktrace,
unwind_capture_stacktrace): Disable stack tracing of non-default
personality processes.
2014-06-11 00:09:55 +00:00
6555711a6e unwind: rename function_off_set to function_offset
* unwind.c (call_action_fn, stacktrace_walk, STACK_ENTRY_SYMBOL_FMT,
print_call_cb, sprint_call_or_error, queue_put, queue_put_call):
Rename function_off_set to function_offset.
2014-06-05 23:00:28 +00:00
c12eb1117c unwind: fix a bug in range updating of binary search
* unwind.c (print_stacktrace): Fix another off-by-one error in binary search.
2014-06-05 21:40:43 +00:00
c903c822ee unwind: use fopen64 instead of fopen
* unwind.c (fopen_for_input): Define to fopen64 iff
[_LARGEFILE64_SOURCE && HAVE_FOPEN64], otherwise define it to fopen.
(build_mmap_cache): Use fopen_for_input instead of fopen.
2014-06-05 15:42:05 +00:00
e411397489 unwind: fix build on 32-bit architectures
Fix compilation warnings in unwind.c on 32-bit architectures.
On some architectures getuid is actually getuid32, so change the test
to use getpid instead of getuid.

* unwind.c (STACK_ENTRY_SYMBOL_FMT): Explicitly cast function_off_set
to unsigned long.
(queue_put_error): Change the 3rd argument's type to unsigned long.
* tests/stack-fcall.c (f1): Use getpid instead of getuid.
* tests/strace-k.test: Likewise.
2014-06-05 15:42:05 +00:00
6e7ba0d8fe tests: robustify -w option test
* tests/count.test: Allow nanosleep to spend a bit less time than 1 second.
2014-06-05 15:42:04 +00:00
d04bb2bb80 Fix delete_module decoding
* xlat/delete_module_flags.in: New file.
* file.c (sys_delete_module): Move ...
* bjm.c (sys_delete_module): ... to here.
Decode 1st argument using printstr instead of printpath.
* NEWS: Mention it.
2014-06-04 16:29:18 +00:00
Zubin Mithra
64aa1b1e2d Decode paths associated with file descriptors returned by syscalls
* defs.h (RVAL_FD): New macro.
(RVAL_MASK, RVAL_STR, RVAL_NONE): Update.
* desc.c (sys_dup, sys_delete_module): New functions.
(do_dup2, decode_open, sys_creat): Change return value to RVAL_FD.
* linux/dummy.h (sys_delete_module, sys_dup): Remove.
* linux/syscall.h (sys_delete_module, sys_dup): New prototypes.
* syscall.c (trace_syscall_exiting): Handle RVAL_FD.

Signed-off-by: Zubin Mithra <zubin.mithra@gmail.com>
2014-06-04 16:28:04 +00:00
327102c7f6 NEWS: Prepare for 4.9 release 2014-06-03 13:31:37 +00:00
2727aae37c Warn about flags that have no effect with -c
* strace.c (init): Issue a warning if -i, -k, -r, -t, -T, or -y is used
along with -c.
This fixes Debian bug #443895.
2014-06-03 13:20:05 +00:00
4182981f6d debian: enable security hardening features
* debian/rules: Follow the advice in https://wiki.debian.org/Hardening
and enable maximum hardening as for programs that handle untrusted data.
Patch by Markus <waldeck@gmx.de>.
2014-06-03 13:04:06 +00:00
05cd5b2a04 debian: update control file
* debian/control (strace64): Fix a typo in package description.
Patch by Pascal De Vuyst <pascal.devuyst@gmail.com>.
(strace, strace-udeb): Add x32 to architecture list.
Patch by Guillaume Morin <guillaume@morinfr.org>.
(strace, strace-udeb): Add or1k to architecture list.
Patch by Christian Svensson <debian@cmd.nu>.
(strace, strace-udeb): Add arm64 to architecture list,
and remove defunct arm.
Patch by Wookey <wookey@debian.org>.

This fixes Debian bugs: #697625, #727018, #742235, #749956.
2014-06-03 12:36:20 +00:00
a197832282 manpage: minor corrections
$ groff -ww -mandoc -z strace.1
strace.1:65: warning: macro `IX' not defined

* strace.1: define IX macro as empty for groff.
Change remaining '-' as minus to '\-'.
Have two word spaces after a full stop as an end of sentence.
Use extra space ('\,' or '\/') between roman and italic characters.
Based on patch by Bjarni Ingi Gislason <bjarniig@rhi.hi.is>.
This fixes Debian bug #725987.
2014-06-03 12:36:14 +00:00
Masatake YAMATO
9682107053 unwind: tests: add a test for -k option
* tests/stack-fcall.c: New test target.
* tests/strace-k.test: New test driver.
* tests/Makefile.am (check_PROGRAMS): Add stack-fcall.
(TESTS): Add strace-k.test.
* tests/.gitignore: Add stack-fcall.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>
2014-05-30 22:59:27 +00:00
Masatake YAMATO
ed69fc2dc3 unwind: move stacktrace capturing and mmap cache invalidating to trace_syscall_entering
Instead of handling stacktrace capturing and mmap cache invalidating in
sys_* functions, handle them uniformly in trace_syscall_entering using
new flags introduced by previous two commits.

The patch is simpler than its older version(v3).  The value of
hide_log_until_execve is just ignored.  I found the value is nothing
to do with this patch.  unwind_cache_invalidate is mentioned only
once in trace_syscall_exiting.
Both are suggested by Dmitry Levin.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
2014-05-30 22:59:01 +00:00
549e2c4a98 unwind: add SE and SI flags to syscall entries for all architectures
Add SE flag to execve, exit, and exit_group syscall entries.
Add SI flag to brk, execve, mmap, mprotect, mremap, munmap,
remap_file_pages, shmat, and shmdt syscall entries.
2014-05-30 22:58:47 +00:00
Masatake YAMATO
1d78d22058 unwind: introduce markers specifying the needs of special care in unwinding
Some system calls require capturing the stack trace before they are
processed in kernel.  Typical one is execve.  Some system calls require
invalidating mmap cache after they are processed in kernel.

In current implementation these requirements are handled directly by
appropriate syscall handlers.  However, it is difficult to keep the
source code maintainable using this approach to cover all system calls
which have such requirements.

A more generic way to implement this is to flag all syscalls that
require special processing, and handle these flags right in
trace_syscall_entering instead of changing syscall handlers.

This patch just defines new flags: STACKTRACE_INVALIDATE_CACHE and
STACKTRACE_CAPTURE_ON_ENTER.

The names of macros are suggested by Dmitry Levin.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
2014-05-30 22:57:56 +00:00
Masatake YAMATO
a0b4ee7b38 unwind: enable dwarf cache of libunwind
Here is the benchmark of the dwarf cache.

Target program:

    #include <sched.h>
    int main(void)
    {
      unsigned int max = 0x6fff, i;
      for (i = 0; i < max; i++)
	sched_yield();
      return 0;
    }

Command line:

	./strace -o /dev/null -k a.out

With the dwarf cache:

    real	0m12.081s
    user	0m3.858s
    sys 	0m8.194s

Without the dwarf cache:

    real	0m22.326s
    user	0m5.218s
    sys		0m16.952s

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
2014-05-30 22:57:39 +00:00
Masatake YAMATO
b45b7faa1f unwind: report expected backtracing error
When a file mmap'ed to the target process is unlink'ed, backtracing the
stack would fail.  Current implementation reports it as
"backtracing_error".  To avoid confusion, the message is changed to
"expected_backtracing_error".

Here is the reproducer:

  $ cat ./p-deleted.c
  #include <unistd.h>

  int main(int argc, char **argv) {
    return unlink(argv[0]) < 0;
  }

  $ strace -e unlink -k ./p-deleted
  unlink("./p-deleted")                   = 0
   > /usr/lib64/libc-2.18.so(unlink+0x7) [0xe7f17]
   > /home/yamato/var/strace/t_unwind/p-deleted (deleted)(+0x0) [0x575]
   > /usr/lib64/libc-2.18.so(__libc_start_main+0xf5) [0x21d65]
   > backtracing_error [0x7ffff1365590]
  +++ exited with 0 +++

p-deleted is deleted therefore backtracing_error is reported.  This
patch records the deleted marker when making mmap cache and refers the
recorded information in the case "backtracing_error" to switch the
message.

Here is the output of this patch:

  $ strace -e unlink -k ./p-deleted
  unlink("./p-deleted")                   = 0
   > /usr/lib64/libc-2.18.so(unlink+0x7) [0xe7f17]
   > /home/yamato/var/strace/t_unwind/p-deleted (deleted)(+0x0) [0x575]
   > /usr/lib64/libc-2.18.so(__libc_start_main+0xf5) [0x21d65]
   > expected_backtracing_error [0x7ffff1365590]
  +++ exited with 0 +++

This solution is not perfect: if a file is unlink'ed after making the
mmap cache and before unwinding, strace cannot have a chance to record
the deleted marker.

In this version of patch, hardcoded magic number used in comparing "(delete)"
string is replaced with strlen as suggested by Dmitry Levin.

In old version of patch, the deleted entry was thrown away from mmap
cache to avoid to report "backtracing_error".  In this patch I keep it,
and just switch the error message.
Inspired by the review comment from Dmitry Levin.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
2014-05-30 22:57:19 +00:00
Masatake YAMATO
2b09df9731 unwind: call unwind_tcb_fin before printing detached message
captured stacktrace is printed in unwind_tcb_fin if tcp->queue is not
empty.  This should happen before printing detached message, so
unwind_tcb_fin is moved to the top of droptcb.

This is implicitly suggested by Dmitry Levin in patch review process.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
2014-05-30 22:56:38 +00:00
Masatake YAMATO
9bc6561588 unwind: implement automatic mmap cache invalidation
A mmap cache belonging to a tcb was updated when a system call which
changed the memory mapping was called.  This implementation was assumed
the mapping was changed only by the tcb.  However, this assumption is
incorrect if the target application is multi-threaded; more than two
tcbs can shared the same memory mapping and a tcb can modify it without
being noticed by the others.

This change introduces a global integer variable mmap_cache_generation,
and mmap_cache_generation field to struct tcb.  The variable
is incremented each time a process enters a syscall that can modify its
memory mapping.  Each tcb records the value of this variable at the
moment if  building its mmap cache.  Every mmap cache associated with
the given tcb can be validated by comparing its mmap_cache_generation
field with the variable mmap_cache_generation.

This implementation is inefficient.  If strace attaches two processes
which don't share the memory mapping, rebuilding mmap cache of a tcb
triggered by another tcb's mmap system call is not necessary.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
2014-05-30 22:56:14 +00:00
Masatake YAMATO
f8e39d7b7a unwind: introduce queue_t for capturing stacktrace
This is the second step for splitting capturing from printing.

New `queue' field is added to tcb.  Captured stacktrace is stored here.
The field is initialized/finalized at unwind_tcb_init/unwind_tcb_fin.

New API function unwind_capture_stacktrace is added.  This function
captures the currest stack using stracktrace_walker and records it in
tcb.  It's printing is delayed to the next call of
unwind_print_stacktrace.

unwind_print_stacktrace is extended.  Now it checks queue field of
the given tcb at the start of function.  If the function finds a
captured stack trace, the latter is printed using stracktrace_walker.

Currently unwind_capture_stacktrace invocations are added directly to
handlers of mmap, munmap, mprotect, and execve.

Here is the difference of output with/without patch:

(without patch)
  execve("./test-fork", ["./test-fork"], [/* 56 vars */]) = 0
   > /usr/lib64/ld-2.18.so(check_one_fd.part.0+0x82) [0x11f0]

(with patch)
  execve("./test-fork", ["./test-fork"], [/* 54 vars */]) = 0
   > /usr/lib64/libc-2.18.so(execve+0x7) [0xbcd27]
   > /home/yamato/var/strace/strace(exec_or_die+0x10c) [0x26ac]
   > /home/yamato/var/strace/strace(startup_child+0x346) [0x134f6]
   > /home/yamato/var/strace/strace(init+0x89f) [0x13dff]
   > /home/yamato/var/strace/strace(main+0xa) [0x26ca]
   > /usr/lib64/libc-2.18.so(__libc_start_main+0xf5) [0x21d65]
   > /home/yamato/var/strace/strace(_start+0x29) [0x2799]

In older version output lines of captured elements were built when
printing.  In this version they are built when capturing the stack.
As result, unneeded dynamic memory allocations are avoided.
Suggested by Luca Clementi.

In older version the combination of snprintf and realloc were used.
In this version they are replaced with asprintf.
Suggested by Dmitry Levin.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
2014-05-30 22:55:08 +00:00
Masatake YAMATO
4e121e5bb4 unwind: introduce own debug macro
* unwind.c (DPRINTF): New macro, to be utilized in debugging cache
management code.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
2014-05-30 22:54:07 +00:00
Masatake YAMATO
2d534daaa6 unwind: introduce stacktrace_walker
In current implementation, the stack trace is captured and printed at
the same time, in trace_syscall_exiting.  This approach cannot
provide user expected information when a system call changes the
memory mapping.  In such cases, the stack trace should be captured on
entering syscall and printed on exiting.

As the initial step for splitting capturing from printing, this change
introduces stacktrace_walker utility function.  It can be used both for
capturing in trace_syscall_entering and printing in
trace_syscall_exiting.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
2014-05-30 22:43:04 +00:00
Masatake YAMATO
6141392856 unwind: give all exported functions "unwind_" prefix
* unwind.c (init_unwind_addr_space): Rename to unwind_init.
(init_libunwind_ui): Rename to unwind_tcb_init.
(free_libunwind_ui): Rename to unwind_tcb_fin.
(delete_mmap_cache): Rename to unwind_cache_invalidate.
(print_stacktrace): Rename to unwind_print_stacktrace.
* defs.h: Update prototypes.
* mem.c: All callers updated.
* process.c: Likewise.
* strace.c: Likewise.
* syscall.c: Likewise.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
2014-05-30 22:40:22 +00:00
Masatake YAMATO
7721499fc7 unwind: delete mmap cache in free_libunwind_ui
free_libunwind_ui is expected to release all unwind related resources
attached to tcp.

* strace.c (droptcb): Move delete_mmap_cache call ...
* unwind.c (free_libunwind_ui): ... to here.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
2014-05-30 22:30:07 +00:00
Masatake YAMATO
b65042fbdb unwind: make alloc_mmap_cache function local
* defs.h (alloc_mmap_cache): Remove.
* unwind.c (alloc_mmap_cache): Add static qualifier.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
2014-05-30 22:28:15 +00:00
Masatake YAMATO
b4a2de8eff unwind: fix a bug in range updating of binary search
* unwind.c (print_stacktrace): Fix off-by-one error in binary search.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
Signed-off-by: Luca Clementi <luca.clementi@gmail.com>
2014-05-30 22:26:42 +00:00
Luca Clementi
327064b637 Add -k option to print stack trace after each syscall
Print the stack trace of the traced process after each system call when
-k option is specified.  It is implemented using libunwind to unwind the
stack and to obtain the function name pointed by the IP.

Based on the code that was originally taken from strace-plus
of Philip J. Guo.

* configure.ac: Add --with-libunwind option.  Check libunwind support.
* Makefile.am: Add libunwind support.
* defs.h (struct tcb) [USE_LIBUNWIND]: Append libunwind specific fields.
[USE_LIBUNWIND] (stack_trace_enabled, alloc_mmap_cache,
delete_mmap_cache, print_stacktrace): New prototypes.
* mem.c (print_mmap, sys_munmap, sys_mprotect): Add libunwind support.
* process.c (sys_execve): Likewise.
* strace.c (usage, alloctcb, droptcb, init): Likewise.
* syscall.c (trace_syscall_exiting): Likewise.
* unwind.c: New file.
* strace.1: Document -k option.
2014-05-30 22:24:31 +00:00
6dbbe0737a sysctl: update CTL_*, KERN_*, NET_*, and VM_* constants
* configure.ac (AC_CHECK_DECLS): Add CTL_*, KERN_*, NET_*, and
VM_* constants.
* system.c (CTL_PROC, CTL_CPU): Remove definitions.
* xlat/sysctl_*.in: Update.
2014-05-30 22:10:21 +00:00
d8ad1ddc76 Check for constants used by waitid function
* configure.ac (AC_CHECK_DECLS): Add P_* constants.
2014-05-30 22:10:21 +00:00
baf60d92f1 Check for LO_FLAGS_READ_ONLY constant
* configure.ac (AC_CHECK_DECLS): Add LO_FLAGS_READ_ONLY.
2014-05-30 22:10:21 +00:00
d35bdcad13 Compress blank lines
Suppress empty lines left after automated xlat conversion.
2014-05-30 22:10:21 +00:00
63ebcfc559 xlat: cleanup the aftermath of automatic conversion 2014-05-30 22:10:00 +00:00
0ed617bd66 Generate xlat/*.in files
Automatically convert xlat structures from *.c files to xlat/*.in files
using "./generate_xlat_in.sh *.c" command.
2014-05-30 21:40:03 +00:00
297b59401c Rename several xlat structures to avoid collisions
* bjm.c (which): Rename to qm_which.
* ipc.c (msg_flags): Rename to ipc_msg_flags.
* time.c (which): Rename to itimer_which.
2014-05-30 21:39:04 +00:00