IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
When signal is received, or if we have attached to a process,
current syscall (if process is in one) gets restarted.
Some syscalls are restarted via "restart_syscall()" mechanism.
On such sycalls, we don't show _which_ syscall gets restarted.
IOW: users want to see "resuming interrupted nanosleep"
instead of "resuming interrupted call" when they attach to "sleep 999".
Kernel does expose this information. The only thing we need is
to fetch syscall# on attach, and save it.
This patch does this. It adds tcp->s_prev_ent, which is
a pointer to struct_sysent of the previous syscall of this tracee.
It can be NULL.
sys_restart_syscall() is made to use it when the message is generated.
To similarly handle restart_syscall() *after signals*, not just
on attach, on each syscall exit patch saves exited syscall's data
in the same member (tcp->s_prev_ent).
Example:
$ sleep 3 & strace -p $!
Process 8728 attached
restart_syscall(<... resuming interrupted nanosleep ...>) = 0
_exit(0) = ?
+++ exited with 0 +++
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
* strace.c (startup_child): Check that the length of the command strace
is going to execute does not exceed PATH_MAX limit.
Reported-by: Cheolung Lee <chpie@grayhash.com>
Assume that the kernel is v2.5.46 or newer, i.e. PTRACE_SETOPTIONS
and PTRACE_O_TRACESYSGOOD|PTRACE_O_TRACEEXEC|PTRACE_O_TRACECLONE
are universally available.
This change removes all code that implemented post-execve SIGTRAP
handling and fork/vfork/clone->CLONE_PTRACE substitution.
* defs.h (TCB_BPTSET, TCB_WAITEXECVE): Remove macros.
(need_fork_exec_workarounds, setbpt, clearbpt): Remove declarations.
* strace.c (need_fork_exec_workarounds,
test_ptrace_setoptions_followfork, test_ptrace_setoptions_for_all):
Remove.
(syscall_trap_sig): Set to (SIGTRAP | 0x80).
(ptrace_setoptions): Set to (PTRACE_O_TRACESYSGOOD | PTRACE_O_TRACEEXEC).
(detach): Do not test for TCB_BPTSET.
(init): Do not call test_ptrace_setoptions_followfork and
test_ptrace_setoptions_for_all. Do not test for TCB_BPTSET.
* syscall.c (syscall_fixup_on_sysenter, internal_fork, internal_exec,
syscall_fixup_for_fork_exec, syscall_fixup_on_sysexit): Remove.
(trace_syscall_entering): Do not test for TCB_WAITEXECVE. Do not call
syscall_fixup_on_sysenter and syscall_fixup_for_fork_exec.
(trace_syscall_exiting): Do not call syscall_fixup_on_sysexit and
syscall_fixup_for_fork_exec.
[IA64] (ia64_ia32mode): Make static.
* linux/ia64/arch_regs.h (ia64_ia32mode): Remove declaration.
* util.c: Do not include "syscall.h".
(arg_setup, get_arg0, get_arg1, set_arg0, set_arg1, restore_arg0,
restore_arg1, arg_finish_change, change_syscall, setbpt, clearbpt):
Remove.
* tests/ptrace_setoptions.test: Remove.
* tests/Makefile.am (TESTS): Remove it.
* strace.c (print_debug_info, maybe_allocate_tcb, print_signalled,
print_exited): Remove "const" qualifier from status variable to
workaround some old implementations of WIFSIGNALED/WIFSTOPPED/WIFEXITED
macros.
* v4l2.c: Include <linux/types.h>.
(v4l2_ioctl): Check that V4L2_CTRL_FLAG_NEXT_CTRL and VIDIOC_S_EXT_CTRLS
macros are defined.
* tests/Makefile.am (AM_CPPFLAGS): Define.
As get_regs() is now guaranteed to set get_regs_error,
there is no need to reset get_regs_error before get_regs() call.
* strace.c (trace): Call clear_regs() iff !WIFSTOPPED.
* regs.h: New file.
* Makefile.am (strace_SOURCES): Add it.
* linux/arch_regs.h: New file.
* linux/alpha/arch_regs.h: Likewise.
* linux/arm/arch_regs.h: Likewise.
* linux/hppa/arch_regs.h: Likewise.
* linux/i386/arch_regs.h: Likewise.
* linux/ia64/arch_regs.h: Likewise.
* linux/mips/arch_regs.h: Likewise.
* linux/powerpc/arch_regs.h: Likewise.
* linux/sh64/arch_regs.h: Likewise.
* linux/sparc/arch_regs.h: Likewise.
* linux/sparc64/arch_regs.h: Likewise.
* linux/tile/arch_regs.h: Likewise.
* linux/x86_64/arch_regs.h: Likewise.
* Makefile.am (EXTRA_DIST): Add them.
* defs.h: Remove definitions of PTRACE_*, REG_*, PT_*, U_REG_*,
and ARM_* macros.
Remove declarations of struct pt_regs variables.
[SPARC]: Do not include <asm/psr.h>.
[SPARC64]: Do not include <asm/psrcompat.h>.
* bjm.c: Do not include <sys/user.h>.
* process.c: Include "regs.h".
Do not include <sys/user.h> and <sys/reg.h>.
[IA64]: Do not include <asm/ptrace_offsets.h> and <asm/rse.h>.
* util.c: Likewise.
* syscall.c: Likewise.
[AARCH64]: Define struct arm_pt_regs and ARM_* macros.
[SPARC]: Include <asm/psr.h>.
[SPARC64]: Include <asm/psrcompat.h>.
* signal.c: Include "regs.h".
Do not include <sys/user.h> and <sys/reg.h>.
[IA64]: Do not include <asm/ptrace_offsets.h>.
* strace.c [IA64]: Do not include <asm/ptrace_offsets.h>.
The process stared by strace can exit/terminate only once. When this
happens, forget its pid, so that any other event or action related to a
process with the same pid as the pid of that first process would not be
confused with that first process.
* strace.c (print_signalled, print_exited): Clear strace_child when it
equals to the given pid.
* strace.c (maybe_allocate_tcb): If detach_on_execve is set, do not warn
about !WIFSTOPPED process with pid == strace_child.
* tests/bexecve.test: New test.
* tests/Makefile.am (TESTS): Add it.
This change moves the main loop back to main() and splits trace()
into several functions. There are no algorithmic changes.
* strace.c (print_debug_info, maybe_allocate_tcb, maybe_switch_tcbs,
print_signalled, print_exited, print_stopped, startup_tcb): New
functions.
(trace) Use them. Move the main loop ...
(main): ... here.
MAXPATHLEN is defined to PATH_MAX, so replace the former with the latter.
* strace.c (startup_child): Replace MAXPATHLEN with PATH_MAX.
* util.c (printpathn, printpath): Likewise.
When two ore more -y options are given, print local and remote ip:port
pairs associated with socket descriptors. This implementation uses
NETLINK_INET_DIAG for sockaddr lookup; it's based on the patch
prepared by Zubin Mithra as a part of his GSoC 2014 strace project.
* Makefile.am (strace_SOURCES): Add socketutils.c
(EXTRA_DIST): Add linux/inet_diag.h and linux/sock_diag.h.
* defs.h (print_sockaddr_by_inode): New prototype.
* linux/inet_diag.h: New file.
* linux/sock_diag.h: Likewise.
* socketutils.c: Likewise.
* strace.1: Document -yy option.
* strace.c (usage): Likewise.
* util.c (printfd): Use print_sockaddr_by_inode.
* configure.ac (gl_WARN_ADD): Add -Wsign-compare.
* defs.h (struct tcb): Change 'currpers' type to unsigned.
(struct xlat): Change 'val' type to unsigned
(signame): Add 'const' qualifier to its argument.
(xlookup, printxval): Add 'const' qualifier to the 2nd argument and
change its type to unsigned.
(printpathn): Change the 3rd argument type to unsigned.
(ioctl_lookup): Change 1st argument type to unsigned.
* count.c (call_summary_pers, call_summary): Change 'i' type to unsigned.
* file.c (print_xattr_list): Fix comparisons between signed and unsigned
long values.
* ioctl.c (compare): Fix cast.
(ioctl_lookup): Change 1st argument type to to unsigned.
(ioctl_next_match): Change 'code' type to unsigned.
* mem.c (sys_move_pages): Change 'i' type to unsigned.
* mtd.c (mtd_ioctl): Change 'i' and 'j' types to unsigned.
Print 'i' using %u format string.
* process.c (sys_prctl): Change 'i' type to unsigned.
(printargv): Change 'n' type to unsigned.
(sys_ptrace): Change 'addr' type to unsigned.
* scsi.c (print_sg_io_buffer): Add 'const' qualifier to 'len' argument
and change its type to unsigned. Change 'i' and 'allocated' types
to unsigned.
* signal.c (signame): Add 'const' qualifier to its argument.
Fix comparisons between signed and unsigned values.
(sprintsigmask_n, printsiginfo): Fix comparisons between signed and
unsigned values.
* sock.c (sock_ioctl): Change 'i' and 'nifra' types to unsigned.
* strace.c (expand_tcbtab, alloctcb): Change 'i' type to unsigned.
(detach): Change 'sig' type to unsigned.
(startup_attach): Change 'tcbi' type to unsigned.
(startup_child): Change 'm', 'n', and 'len' types to unsigned.
(init): Use new variable to iterate 'tcbtab'.
(pid2tcb): Change 'i' type to unsigned.
(cleanup): Change 'i' and 'sig' types to unsigned.
* syscall.c (update_personality): Change 'personality' argument type
to unsigned.
(struct qual_options): Change 'bitflag' type to unsigned.
(reallocate_qual): Add 'const' qualifier to its argument and change its
type to unsigned.
(qualify_one): Change 'n' and 'bitflag' arguments types to unsigned.
Add 'const' qualifier to 'n', 'not', and 'pers' arguments.
Change 'p' type to signed int.
(qual_syscall): Change 'bitflag' argument type to unsigned.
Add 'const' qualifier to 'bitflag' and 'not' arguments.
Change 'p' type to signed int.
(qual_signal): Change 'bitflag' argument type to unsigned.
Add 'const' qualifier to 'bitflag' and 'not' arguments.
Change 'i' type to unsigned.
(qual_desc): Change 'bitflag' argument type to unsigned.
Add 'const' qualifier to 'bitflag' and 'not' arguments.
(qualify): Change 'i' type to unsigned.
(get_scno): Change 'currpers' type to unsigned.
Fix a comparison between signed and unsigned values.
* system.c (sys_sysctl): Change 'cnt' and 'max_cnt' types to unsigned.
Fix comparisons between signed and unsigned values.
* util.c (xlookup, printxval): Add 'const' qualifier to 'val' argument
and change its type to unsigned.
(printuid): Fix a comparison between signed and unsigned values.
(printpathn): Change 'n' argument type to unsigned.
(printstr): Change 'size' type to unsigned.
Fix a comparison between signed and unsigned values.
(setbpt): Change 'i' type to unsigned.
* net.c (printsock): Silence a compilation warning.
* reboot.c (sys_reboot): Likewise.
strace -k does not produce a reliable output on all supported
configurations yet, even basic strace-k.test is known to fail
on some of them.
* strace.c (usage): Document -k option as experimental.
* strace.1: Likewise.
* NEWS: Likewise.
captured stacktrace is printed in unwind_tcb_fin if tcp->queue is not
empty. This should happen before printing detached message, so
unwind_tcb_fin is moved to the top of droptcb.
This is implicitly suggested by Dmitry Levin in patch review process.
Signed-off-by: Masatake YAMATO <yamato@redhat.com>
free_libunwind_ui is expected to release all unwind related resources
attached to tcp.
* strace.c (droptcb): Move delete_mmap_cache call ...
* unwind.c (free_libunwind_ui): ... to here.
Signed-off-by: Masatake YAMATO <yamato@redhat.com>
Print the stack trace of the traced process after each system call when
-k option is specified. It is implemented using libunwind to unwind the
stack and to obtain the function name pointed by the IP.
Based on the code that was originally taken from strace-plus
of Philip J. Guo.
* configure.ac: Add --with-libunwind option. Check libunwind support.
* Makefile.am: Add libunwind support.
* defs.h (struct tcb) [USE_LIBUNWIND]: Append libunwind specific fields.
[USE_LIBUNWIND] (stack_trace_enabled, alloc_mmap_cache,
delete_mmap_cache, print_stacktrace): New prototypes.
* mem.c (print_mmap, sys_munmap, sys_mprotect): Add libunwind support.
* process.c (sys_execve): Likewise.
* strace.c (usage, alloctcb, droptcb, init): Likewise.
* syscall.c (trace_syscall_exiting): Likewise.
* unwind.c: New file.
* strace.1: Document -k option.
Time spent in system time is not useful where a syscall depends on some
non-CPU resource, eg. typically open() or stat() to a network drive.
This patch adds a new flag (-w) to produce a summary of the time
difference between beginning and end of the system call (ie. latency)
This functionality has been useful to profile slow processes that
are not CPU-bound.
Signed-off-by: Mark Hills <mark.hills@framestore.com>
I found that I use it quite often. Lets make it so that
after cut-n-pasting it into a file, there is no need
to edit the result (e.g. no need to remove C comment
chars from every line.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
Add generic tests for fopen64 and fputs_unlocked functions to fix build
with Bionic libc that does not provide them.
* configure.ac (AC_CHECK_FUNCS): Add fopen64 and fputs_unlocked.
* strace.c [_LARGEFILE64_SOURCE]: Use fopen instead of fopen64
if !HAVE_FOPEN64.
Use fputs instead of fputs_unlocked if !HAVE_FPUTS_UNLOCKED.
* vsprintf.c: Use fputs instead of fputs_unlocked
if !HAVE_FPUTS_UNLOCKED.
Reported-by: Elliott Hughes <enh@google.com>
There is only one place left in the code where strace guesses whether
libc provides LFS64 functions and structures. The most natural thing to
do there is to check for _LARGEFILE64_SOURCE - the macro provided by
glibc. Other libc implementations that provide nondegenerate LFS64
interfaces are expected to define this macro as well.
* defs.h (_LFS64_LARGEFILE): Remove.
* strace.c: Use _LARGEFILE64_SOURCE instead of _LFS64_LARGEFILE.
This eliminates some rare bugs, such as post-execve SIGTRAP
generation when we attach to a process, and it manages to finish
execve'ing before we set TRACEEXEC option to suppress that.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
popen_pid = vfork() does work correctly, but for a subtle reason
that wrong assignment of 0 happens in the child _first_,
and _then_ correct value overwrites it in the parent.
(And in a hyphothetical system where vfork = fork,
popen_pid wouldn't be shared, so it will also be ok.)
However, it's not necessary to be difficult.
This change makes it so that assignment is done only in parent.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
The cleanup sequence in error cases, and on normal code path
was nearly the same, no point in duplicating it.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
"strace_child = pid" assignment was racing in NOMMU case
because of vfork (no way to know which process would win).
After this change, strace_child is set to nonzero only
in one process after [v]fork.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
We can use tcb::pid == 0 as an indicator of free tcb,
and we already have strace_child variable which holds
pid of our child, if any.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
I stumbeld over this case when I used "exec stace ...".
* strace.c (trace): Do not exit if we see an unknown pid in wait4.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
* strace.c (detach): Use goto's instead of excessive nesting.
Drop sigstop_expected and interrupt_done variables.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
* strace.c (detach): If TCB_IGNORE_ONE_SIGSTOP is set,
di not PTRACE_DETACH - wait for SIGSTOP first.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
* strace.c (detach): Warn if we see ECHILD from waitpid.
Explain in comments that we don't normally expect !WIFSTOPPED
either, and also that PTRACE_CONT failure isn't expected
(the "break" there is a "I'm confused, bailing out" code style)..
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
* strace.c (detach): Change return type from int to void.
Improve error meesages: show PID, tell exactly which operation fails.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
__WALL is available and working at least since 2.4 kernels: 10 years ago.
* strace (detach): Remove workarounds for ancient kernels lacking __WALL.
Add missing EINTR check.
(trace): Remove workarounds for ancient kernels lacking __WALL.
Remove redundant double error printout.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
V3: split SEIZE/!SEIZE code paths to reduce confusion.
Extensively comment every possible case.
Verified that all tests/detach* tests work in both SEIZE and !SEIZE
cases.
* strace.c (detach): If PTRACE_SEIZE API is in use, stop the tracee
using PTRACE_INTERRUPT instead of sending it a SIGSTOP.
In a subsequent waitpid loop, correctly wait and suppress SIGSTOP
on detach if PTRACE_INTERRUPT wasn't used, or wait for any ptrace
stop and detach without suppressing signals.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
