granicus.if.org Git - strace/log

Use dynamically-sized selected[] array for -P PATH

While at it, added a small optimization of not remembering
the path twice if it happens to be the same.

   text    data     bss     dec     hex filename
245111     680   10860 256651   3ea8b strace_old
245075     680    9804 255559   3e647 strace

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

metag,or1k: whitesace style fix. no code changes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Assorted fixes to syscallent.h

or1k was missing TM on many memory-related syscalls
sys_lookup_dcookie is 3-arg on 64-bit arches, and isn't TF
sys_recvmsg is 3-arg on all arches
sys_nfsservctl is 3-arg on all arches
sys_timerfd_create is 2-arg on all arches
sys_[f]truncate64 is 4-arg or 3-arg, never 5-arg
truncate64 is TF
sys_[l]lseek is TD
fstat[64] is TD

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Add support for Imagination Technologies Meta

Add support for Imagination Technologies Meta architecture (the
architecture/ABI is usually referred to as metag in code). The Meta
Linux kernel port is in the process of being upstreamed for v3.9 so it
uses generic system call numbers.

sys_lookup_dcookie writes a filename to buffer argument, so I've set
TF flag.
nfsservctl appears to be set to sys_ni_syscall in asm-generic/unistd.h
so I've left it blank.
truncate64/ftruncate64/pread64/pwrite64/readahead have unaligned 64bit
args which are packed tightly on metag, so less arguments on metag.
fchdir/llseek takes a file descriptor so s/TF/TD/
sync_file_range has 2 64bit args so uses 6 args, so s/4/6/
timerfd_create/msgget/msgctl/msgrcv/semget/segtimedop/semop/shmget/
shmctl/shmat/shmdt/recvmsg/migrate_pages have different number of args.
oldgetrlimit is just getrlimit for metag.
add TM flag to various memory syscalls.
metag doesn't directly use sys_mmap_pgoff for mmap2.
prlimit64/process_vm_readv/process_vm_writev take a pid so add TP flag.
fanotify_init doesn't appear to take a file descriptor so remove TD.
Add kcmp syscall.

Signed-off-by: James Hogan <james.hogan@imgtec.com>
Cc: Christian Svensson <blue@cmd.nu>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

umovestr: speed up check for NUL byte in the fetched word

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Fix trace=set regression introduced by commit v4.7-111-g9cbc15b

* syscall.c (qual_syscall, qualify): Pass personality down to
qualify_one.
* tests/qual_syscall: New test.
* tests/Makefile.am (TESTS): Add qual_syscall.

tile: handle printllval like x86_64 or powerpc64

Without this fix the tilegx build fails when it hits the new #error
about SIZEOF_LONG > 4.

* util.c (printllval): Fix printing of long long values on TILE.

Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Make -b take SYSCALL param, document it in --help and in manpage.

To not waste an option letter for just one trick,
extend -b to take a parameter:
"on which syscalls do you want to detach?".
Currently supports only execve.

While at it, fixed (by removing non-Linux and stale info)
and extended manpage text about -f.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Cleanup umoven and umovestr

Cleanup sloppy error handling.

First, EFAULT kind of errors from process_vm_readv by itself is not
something unusual, so a warning message will not be issued unless a
short read is detected.

Second, clients of umoven and umovestr are not prepared to detect and
handle short reads that can happen in these functions. The most safe
way to handle them is to return an error code.

* util.c (umoven, umovestr): Cleanup handling of errors coming from
process_vm_readv and PTRACE_PEEKDATA.

pathtrace: fix umovestr return code check

* pathtrace.c (upathmatch): Only NUL-terminated strings can be
path-matched, so fix the umovestr return code check to filter out
unsuitable strings.

Fix compilation errors uncovered by -Werror=enum-compare

This fixes regression introduced by commit v4.7-111-g9cbc15b.

* syscall.c: Merge all nsyscalls* enums into single enum.
Likewise merge nerrnos*, nsignals*, and nioctlents* into single enums.

Mass replace error_msg("%s", "literal") -> error_msg("literal")

There is no need to print literal strings through "%s".
Only untrusted strings such as filenames need that.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Make umoven report success as 0, not >=0, stop returning success on partial reads

umoven() uses process_vm_readv() when available but it returns the
return value of that syscall, which is the number of bytes copied,
while its callers expect it to simply return zero on success.

It was causing syscalls that take a user-space argument to print
the abbreviated version, e.g.:

epoll_ctl(5, EPOLL_CTL_ADD, 10, {...})

Instead of:

epoll_ctl(5, EPOLL_CTL_ADD, 10, {EPOLLIN, {u32=10, u64=10}})

* util.c (umoven): Make umove[n] report success as 0, not >=0,
stop returning "success" on partial reads.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Assorted NOMMU fixes

With -D, strdup'ing of pathname is necessary only on NOMMU.

Don't set skip_startup_execve to 1 if NOMMU and not in daemonized mode
(try "strace [-D] -b env echo HI" to see whether we detach on correct execve).

Fix test_ptrace_FOO shortcuts on NOMMU to always assume success
and _properly_ set all variables.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Shorten help text - no need to show deprecated option -F

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Merge adjacent tprint's

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Correct i > MAX_NSYSCALLS commparison: should be i >= MAX_NSYSCALLS

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Fix wrong offset display in dumpstr

BTW, the new code from prev commit is 5 times faster
than old one :)

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Fix a bug in dumpstr (no null termination). Essentially rewrote dumpstr

This is a 14 year old bug (!).

It wasn't biting us merely because outstr[80] was static, thus ended up
in bss and whatever was after it "accidentally" provided the NUL byte.
When dumpstr was changed to use on-stack buffer, the bug reared its ugly head.

This is a rewrite which is smaller and should be significantly faster
for _long_ strings.

   text    data     bss     dec     hex filename
244627     680   10860 256167   3e8a7 strace.t9/strace
244563     680   10860 256103   3e867 strace.ta/strace

* util.c (dumpstr): Rewrite to be faster and smaller.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Eliminate MAX_QUALS, make qualifier array dynamic

MAX_QUALS was 2048, even though most arches used less than 500 entries
in it. MAX_QUALS had to be maintained by hand to be higher than syscall
count. It also limited the highest possible fd to track.

This change makes qual_flagsN[] arrays start sized to the required minimum
(number of syscalls) and grow dynamically if user requested
-e read=BIGNUM. As a precaution, BIGNUM should be < 2^15, but this limit
can be raised with no cost for normal strace invocations.

qual_flags is now a define to qual_vec[current_personality].

As a bonus, this patch aliases sysent, errnoent, signalent, ioctlent
names in one-personality arches to their corresponding <foo>0 arrays,
removing one indirection level.

  text   data    bss    dec    hex filename
244471    700  12928 258099  3f033 strace.t7/strace
244627    680  10860 256167  3e8a7 strace.t8/strace

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Create and use struct_sysent and struct_ioctlent typedefs.

This is a preparatory mass replace patch with no code changes.

The future change will need to typedef sysent to sysent0,
which results in compile failures when "struct sysent" string
gets mangled into "struct sysent0".

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Use tcp->qual_flg instead of qual_flags[] in verbose() and abbrev()

We have hundreds of uses of these macros.
Result is more efficient and 1.1 kbyte shorter code:

  text    data     bss     dec     hex filename
245579     700   12928 259207   3f487 strace.t5/strace
244471     700   12928 258099   3f033 strace.t6/strace

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Remove unused QUAL_FAULT code (was used by non-Linux code only).

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Use uint8_t for qual_flags[] instead of ints.

Resulting bss reduction is ~6kbytes:

   text    data     bss     dec     hex filename
245703     700   19072 265475   40d03 strace.t4/strace
245687     700   12928 259315   3f4f3 strace.t5/strace

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Eliminate many SCNO_IS_VALID checks

By adding tcp->s_ent pointer tot syscall table entry,
we can replace sysent[tcp->scno] references by tcp->s_ent.
More importantly, we may ensure that tcp->s_ent is always valid,
regardless of tcp->scno value. This allows us to drop
SCNO_IS_VALID(tcp->scno) checks before we access syscall
table entry.

We can optimize (qual_flags[tcp->scno] & QUAL_foo) checks
with a similar technique.

Resulting code shrink:
   text    data     bss     dec     hex filename
245975     700   19072  265747   40e13 strace.t3/strace
245703     700   19072  265475   40d03 strace.t4/strace

* count.c (count_syscall): Use cheaper SCNO_IN_RANGE() check.
* defs.h: Add "int qual_flg" and "const struct sysent *s_ent"
to struct tcb. Remove "int u_nargs" from it.
Add UNDEFINED_SCNO constant which will mark undefined scnos
in tcp->qual_flg.
* pathtrace.c (pathtrace_match): Drop SCNO_IS_VALID check.
Use tcp->s_ent instead of sysent[tcp->scno].
* process.c (sys_prctl): Use tcp->s_ent->nargs instead of tcp->u_nargs.
(sys_waitid): Likewise.
* strace.c (init): Add compile-time check that DEFAULT_QUAL_FLAGS
constant is consistent with init code.
* syscall.c (decode_socket_subcall): Use tcp->s_ent->nargs
instead of tcp->u_nargs. Set tcp->qual_flg and tcp->s_ent.
(decode_ipc_subcall): Likewise.
(printargs): Use tcp->s_ent->nargs instead of tcp->u_nargs.
(printargs_lu): Likewise.
(printargs_ld): Likewise.
(get_scno): [MIPS,ALPHA] Use cheaper SCNO_IN_RANGE() check.
If !SCNO_IS_VALID, set tcp->s_ent and tcp->qual_flg to default values.
(internal_fork): Use tcp->s_ent instead of sysent[tcp->scno].
(syscall_fixup_for_fork_exec): Remove SCNO_IS_VALID check.
Use tcp->s_ent instead of sysent[tcp->scno].
(get_syscall_args): Likewise.
(get_error): Drop SCNO_IS_VALID check where it is redundant.
(dumpio): Drop SCNO_IS_VALID check where it is redundant.
Use tcp->s_ent instead of sysent[tcp->scno].
(trace_syscall_entering): Use (tcp->qual_flg & UNDEFINED_SCNO) instead
of SCNO_IS_VALID check. Use tcp->s_ent instead of sysent[tcp->scno].
Drop SCNO_IS_VALID check where it is redundant.
Print undefined syscall name with undefined_scno_name(tcp).
(trace_syscall_exiting): Likewise.
* util.c (setbpt): Use tcp->s_ent instead of sysent[tcp->scno].

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

ARM: make it one-personality arch

ARM in fact _is_ one personality.

We had two personalities for it because it has a handful of
syscalls with huge scnos (0x000f00xx).

Extending syscall table to have [0x000f0005] index is of course
not a good idea.

Someone decided to handle that by having a separate personality
just for these syscalls.

But multi-personality arch does a bit more work in other parts.

This patch is another alternative: "move" 0x000f00nn syscalls
down to the entries just above last ordinary syscall,
by manipulating scno if it falls into the 0x000f00xx range.

In order to not worsen genuine undefined scnos' printing,
the code remaps scno back to actual value before printing
"syscall_NNN" string.

* defs.h: Remove multi-reprsonality defines from ARM.
* syscall.c (shuffle_scno): New function.
(undefined_scno_name): New function.
(get_scno): [ARM] Replace personality setting with scno shuffling.
(trace_syscall_entering): Print unknown syscall name using
undefined_scno_name().
(trace_syscall_exiting): Likewise.
* linux/arm/syscallent.h: Add ARM specific syscalls at the end.
* linux/arm/errnoent1.h: Deleted.
* linux/arm/ioctlent1.h: Deleted.
* linux/arm/signalent1.h: Deleted.
* linux/arm/syscallent1.h: Deleted.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

arm: shorten syscall table for EABI - no point in storing NULL entries

Also, reformatted ARM code in get_scno(), mostly improved comments,
without code changes.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Use the same style of includes in linux/*/* files

While at it, fix some comments which say
"we use i386 syscalls/ioctls/errnos" but in reality
common ones are used.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Fix compiler warnings

With constant current_wordsize == 4 and 32-bit longs,
gcc was spooked by "1ul << (8 * current_wordsize)" = "1ul << 32".

Make such places conditional on SIZEOF_LONG > 4.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Improve comment text. No code changes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Fix NOMMU + daemonized tracer SEGV

pathname[] was getting destroyed, execve of garbage pathname
failing, and to top it off, the tracer's stack was also
smashed and trecer segfaulted.

* strace.c (exec_or_die): New function.
(startup_child): Don't use pathname[] contents after vfork,
make a malloced copy instead. Explain "NOMMU + -D bug"
and how we work around it.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Make it possible to to do test builds for NOMMU architectures

And while using it, I discovered that -D doesn't work too well
on NOMMU. Added a comment about it.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Clean up mmap decoding

Previous code merges too many similar, but different ways
of decoding mmap. For example, sys_old_mmap is "params in memory"
API... except SH[64], where it is "params in regs",
i.e. what sys_mmap ("new mmap") function does on other arches!

It's much simpler when every mmap handler has same API regardless
of arch. Where API means whether params are in regs or in memory,
and whether offset is in bytes, pages, or 4k blocks.

Then we just insert correct function pointers into
arch syscall tables.

It turns out there are four common mmap APIs over
all architectures which exist in Linux kernel,
and one outlier for S390.

A number of mmap decoders were plain wrong in arch tables.
For example, BFIN has no old_mmap. It returns ENOSYS.
I checked kernel sources for all arches nad fixed the tables.

There was dead code for x86_64 for old_mmap:
x86_64 has no old_mmap.

* mem.c: Refactor mmap functions so that we have five mmap syscall
handlers, each with the fixed API (not varying by arch).
* pathtrace.c (pathtrace_match): Adjust sys_func == mmap_func checks.
* linux/syscall.h: Declare new mmap syscall handler functions.
* linux/arm/syscallent.h: mmap2 is sys_mmap_pgoff.
* linux/avr32/syscallent.h: mmap is sys_mmap_pgoff.
* linux/bfin/syscallent.h: old_mmap is ENOSYS, mmap2 is sys_mmap_pgoff.
* linux/hppa/syscallent.h: mmap2 is sys_mmap_4koff.
* linux/i386/syscallent.h: mmap2 is sys_mmap_pgoff.
* linux/ia64/syscallent.h: mmap2 is sys_mmap_pgoff.
* linux/m68k/syscallent.h: mmap2 is sys_mmap_pgoff.
* linux/microblaze/syscallent.h: old_mmap is sys_mmap, mmap2 is sys_mmap_pgoff.
* linux/mips/syscallent.h: mmap is sys_mmap_4kgoff.
* linux/or1k/syscallent.h: mmap2 is sys_mmap_pgoff.
* linux/powerpc/syscallent.h: mmap2 is sys_mmap_4kgoff.
* linux/s390/syscallent.h: mmap2 is sys_old_mmap_pgoff.
* linux/s390x/syscallent.h: mmap is sys_old_mmap and thus has 1 arg.
* linux/sh/syscallent.h: old_mmap2 is sys_mmap, mmap2 is sys_mmap_4koff.
* linux/sh64/syscallent.h: Likewise.
* linux/sparc/syscallent1.h: mmap is TD|TM.
* linux/tile/syscallent1.h: mmap2 is sys_mmap_4koff.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Remove unused function sys_mmap64

No wonder that it is unused.
It's code looked quite questionable.

* mem.c (sys_mmap64): Remove this function.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Remove code which supports systems with long long off_t.

While looking at mmap mess, did experimenting in order
to figure out what gets used when.

Tried building armv4tl, armv5l, armv6l, mips, mipsel, i686,
x86_64 and none of they have long long off_t,
which isn't suprprising: we aren't using glibc defines
which enable that.

Moreover, we SHOULD NOT use off_t in syscall decode!
Its size depends on libc, not on arch! I.e. it is essentially
unpredictable and can even in theory vary on the same arch
with different libc.

We should use longs or long longs, in a way which matches
architectural ABI for the given syscall. There are usually
*at most* two permutations, no need to add yet another variable
(sizeof(off_t)) to the mix.

This change removes almost all HAVE_LONG_LONG_OFF_T conditionals,
which will reveal further possible simplifications.

* mem.c: Remove code conditional on HAVE_LONG_LONG_OFF_T.
As a result, never remap sys_mmap64 to sys_mmap.
(print_mmap): Compile unconditionally.
(sys_old_mmap): Compile unconditionally.
(sys_mmap): Compile unconditionally.
* io.c (sys_sendfile): Add a FIXME comment.
* file.c: Remove code conditional on HAVE_LONG_LONG_OFF_T.
As a result, never remap sys_*stat64 to sys_*stat etc.
(sys_truncate): Compile unconditionally.
(realprintstat): Likewise.
(sys_stat): Likewise.
(sys_fstat): Likewise.
(sys_lstat): Likewise.
* desc.c (printflock): Likewise.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Fixes in "new" mmap

* mem.c (sys_mmap): Ensure unsigned expansion of tcp->u_arg[5].
Add page shift of offset for I386.
Use tcp->ext_arg[5] as offset for X32.
(sys_old_mmap): [X32] Remove this function, X32 doesn't use is.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Preliminary simplifications in mmap functions

* mem.c: Move "define sys_mmap64 sys_mmap" from the top
to the only place it affects.
(print_mmap): Make offset argument unsigned, for safer implicit conversions.
(sys_old_mmap): [IA64] use unsigned narrow_arg[].
Cast u_arg[5] (offset param) to unsigned long, to prevent erroneous signed
expansion.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Remove broken HAVE_LONG_LONG conditionals

We use printllval without HAVE_LONG_LONG guards in many places,
but define it only if HAVE_LONG_LONG. This means that
on !HAVE_LONG_LONG systems we won't build for some time now.

* defs.h: Remove HAVE_LONG_LONG guard around LONG_LONG() macro
and printllval() function declaration.
* util.c: Remove HAVE_LONG_LONG guard around printllval()
function definition.
(printllval): Add compile-time error check for using wrong
if branch. Explain places where we deliberately use mismatched
types for printf formats.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Use explicit long type instead of off_t

* file.c (sys_lseek): Use long instead of off_t.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Merge two identical tables

* defs.h: Declare whence_codes[].
* desc.c: Delete static whence[].
(printflock[64]): Use whence_codes.
* file.c: Make whence_codes[] non-static.
Add SEEK_DATA and SEEK_HOLE to them.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Remove wrong x32-specific lseek

Testing confirmed what I suspected: x32 lseek uses kernel-sized
(i.e. wide) long for offset parameter.

* file.c: Delete sys_lseek32.
* linux/syscall.h: Likewise.
* linux/x32/syscallent1.h: Likewise.
* test/x32_lseek.c: New file.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Fix SEGV in lseek

I found hard way why the code was using "_whence" name.

* file.c: Rename whence[] to whence_codes[].
(sys_lseek): Fix printxval() to use whence_codes[].
(sys_lseek32): Likewise.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Comment inner workings of sys_[l]lseek

The code doesn't look fully correct to me, but I need to experiment
on actual x32 machine before I start "fixing" things.
For now, add comments, and optimize out one tprints() call...

* file.c (sys_lseek): Rename '_whence' as 'whence'.
Merge printing of ", " into subsequent tprintf.
(sys_lseek32): Likewise.
(sys_llseek): Likewise.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Cosmetic fixes to syscall tables, no code changes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Make linux/mips/syscallent.h smaller

* linux/mips/syscallent.h: Remove trailing empty elements.
Compactify huge stretches of NULL elements in the middle.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Simple optimization in get_error

* defs.h: Define SCNO_IN_RANGE(scno) macro.
* syscall.c (get_error): Change return type to void.
Use SCNO_IN_RANGE instead of SCNO_IS_VALID.
(trace_syscall_exiting): Stop checking get_error() return value.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Mass rename of SCNO_IN_RANGE define to SCNO_IS_VALID

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Finish prefixing regs struct names with arch_

* defs: Rename regs -> sparc_regs.
* signal.c (sys_sigreturn): Use new variable name.
* syscall.c: Rename regs -> sparc_regs, regs -> avr32_regs.
(getrval2): Use new variable names.
(printcall): Likewise.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Use the same type for i386_regs on 32-bit and 64-bit x86.

* defs.h: Stop including <asm/ptrace.h> for x86.
Change i386_regs from "struct pt_regs" to "struct user_regs_struct".
* syscall.c: Likewise.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Fix build error on Tile

* syscall.c (get_scno): [TILE] Remove TCB_WAITEXECVE check,
it is never true on Tile, and stopped compiling when
TCB_WAITEXECVE define was removed for Tile.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

x86: zero-extend 32-bit args in syscall entry instead of sign-extension

Zero-extension is slightly more common that sign-extension:
all pointers are zero-extended, and some other params are unsigned.

Whereas signed ones (fds, pids, etc) are often treated as
_32-bit ints_ even by kernel, so just unconditionally casting
such tcp->u_arg[N] to int works.

* syscall.c (get_syscall_args): [X86] Zero-extend 32-bit args
instead of sign-extension.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Macroize conditional signed widening operation

* defs.h: Define widen_to_long() macro.
* signal.c (sys_kill): Use it instead of open-coding it.
(sys_tgkill): Use widen_to_long() on pids.
* resource.c (decode_rlimit): Formatting fix.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

A better handling of current_wordsize

On x86_64:
  text    data     bss     dec     hex filename
435661   26628   47424 509713   7c711 strace_old
435501   26612   47440 509553   7c671 strace_new_clever_wordsize

On x32 and arm it should be even better, current_wordsize becomes
a constant there.

* defs.h: Declare current_wordsize as a variable if needed,
else declare as a constant define.
Remove declatation of personality_wordsize[].
* syscall.c: Make personality_wordsize[] static.
Declare current_wordsize as a variable if needed.
(set_personality): Set current_wordsize only if non-constant.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Remove unnecessary "return 0" statements

* util.c (change_syscall): Remove dummy "return 0"s.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

x86: fix required kernel version for GETREGSET

* syscall.c (get_regs): [X86] Use GETREGSET only if kernel >= 2.6.35

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Whitespace fix, no code changes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Add support for the OpenRISC 1000 platform

* configure.ac: Added or1k architecture..
* defs.h: Added or1k to use register reading system.
* linux/or1k/ioctlent.h.in: Use i386 ioctls.
* linux/or1k/syscallent.h: New file.
* process.c: Added or1k register defs to struct_user_offsets[].
* syscall.c: Added or1k_io iovec for or1k GETREGSET,
  regset structure for or1k.
  (printcall): Added handling for or1k.
  (get_regs): Likewise.
  (get_scno): Likewise.
  (get_syscall_args): Likewise.
  (get_syscall_result): Likewise.
  (get_error): Likewise.
* util.c (change_syscall): Added dummy handling for or1k.
* system.c (sys_or1k_atomic): New function (or1k specific syscall).

Signed-off-by: Christian Svensson <blue@cmd.nu>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

[X86] Use ptrace(PTRACE_GETREGSET, NT_PRSTATUS) to get registers.

Unlike PTRACE_GETREGS, this new method detects 32-bit processes
reliably, without checking segment register values which
are undocumented and aren't part of any sort of API.
While at it, also fixed x32 detection to use __X32_SYSCALL_BIT,
as it should have been from the beginning.

* defs.h: Declare os_release and KERNEL_VERSION.
* strace.c: Make os_release non-static, remove KERNEL_VERSION define.
* syscall.c: New struct i386_user_regs_struct,
static union x86_regs_union and struct iovec x86_io.
(printcall): Use i386_regs or x86_64_regs depending on x86_io.iov_len.
(get_regs): On x86 and kernels 2.6.30+, use PTRACE_GETREGSET,
on earlier kernels fall back to old method.
(get_scno): [X86] Determine personality based on regset size
on scno & __X32_SYSCALL_BIT.
(syscall_fixup_on_sysenter): Use i386_regs or x86_64_regs depending
on x86_io.iov_len.
(get_syscall_args): Likewise.
(get_error): Likewise.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Rename some register statics by prefixing their names with arch.

This makes it easier to grep for them.

* syscall.c: Rename variables:
r0 -> bfin_r0,alpha_r0,sh_r0.
a3 -> mips_a3.
r2 -> mips_r2.
(get_scno): Use new variable names.
(get_syscall_result): Likewise.
(get_error): Likewise.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Factor out code to check addr, fetch and print siginfo

* defs.h: Declare new function printsiginfo_at(tcp, addr).
* process.c (sys_waitid): Use printsiginfo_at().
(sys_ptrace): Likewise.
* signal.c: (printsiginfo_at): Implement this new function.
(sys_rt_sigsuspend): Use printsiginfo_at().
(sys_rt_sigtimedwait): Likewise.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Decode struct iov in PTRACE_GET/SETREGSET

* process.c (sys_ptrace): Decode struct iov in PTRACE_GET/SETREGSET.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Unify representations of struct user fields for subarchitectures

* process.c: Unify MIPS and LINUX_MIPSN32, and SH and SH64 parts of
struct_user_offsets[].

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Add start_code and start_data members of struct user

* process.c: Add start_code and start_data members of struct user
in struct_user_offsets[], where appropriate.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Remove hacks for old kernels for architectures which require new kernels

* util.c (change_syscall): For MICROBLAZE, replace code
with dummy "return 0" and a comment explaining why that is ok
for this architecture.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Remove stray syscall result reading code on syscall entry for s390

This is a leftover from sysenter/sysexit split.
I can't run-test it, but from code inspection it seems to be correct.

* syscall.c (get_scno): Remove stray syscall result reading for s390[x].

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Deobfuscate definitions of struct user offsets

The maze of ifdefs/ifndefs was scaring new contributors.
Format it so that every arch has its own ifdef block.

* process.c: Deobfuscate definitions of struct user offsets.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Remove hacks for old kernels for architectures which require new kernels

* defs.h: Do not define TCB_WAITEXECVE for AARCH64.
* util.c (change_syscall): For AARCH64 and X32, replace code
with dummy "return 0" and a comment explaining why that is ok
for these architectures.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Remove old kernel hacks for architectures which require new kernels

* defs.h: Do not define TCB_WAITEXECVE for AVR32, BFIN and TILE.
* util.c (change_syscall): For AVR32, BFIN and TILE, replace code
with dummy "return 0" and a comment explaining why that is ok
for these architectures.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Handle recv[m]msg for non-native 32-bit personality syscalls

* net.c (printmsghdr): If current_wordsize is 4 and long is wider than it,
read 32-bit struct msghdr and expand it into a native one before using it.
(printmmsghdr): Likewise for struct mmsghdr.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Fix is_negated_errno() check for X32

X32's return value is 64-bit. We were truncating it to 32-bit long
before checking for -errno.

* syscall.c (is_negated_errno_x32): New function.
(get_error): Use is_negated_errno_x32 for X32 architecture.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Remove unused / ambiguously used defines

We sometimes use LINUXSPARC and sometimes (more often)
use "defined(SPARC) || defined(SPARC64)". Better to use
one construct consistently.
LINUX_MIPS64 is altogether unused.

* defs.h: Remove LINUXSPARC and LINUX_MIPS64 defines.
Move PTRACE_xxx compat defines up, before arch-specific
machinery. Use defined(SPARC) || defined(SPARC64)
instead of LINUXSPARC.
* file.c: Use defined(SPARC) || defined(SPARC64) instead of LINUXSPARC.
* signal.c: Likewise.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Preparatory patch for "new" x86 personality detection

* syscall.c: Move PT_FLAGS_COMPAT define to its only user, get_scno().
Rename arm_regs_union's fields to names less likely to collide with
system defines.
(get_regs): Use sizeof(arm_regs_union) instead of sizeof(aarch64_regs).
This should be the same, but htis way it's cleaner.
Remove __X32_SYSCALL_MASK and use __X32_SYSCALL_BIT instead.
Explain 64-bit check in X32 build better.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Fix sigaltstack decoder

strace used to hang when decoding sigaltstack called with invalid
stack_t pointers because of mishandling umove() return code.

* signal.c (print_stack_t): Handle unfetchable stack_t properly.
Change return type to void.
(sys_sigaltstack): Update print_stack_t() usage.

Reported-by: kawillia@ucalgary.ca

Fix decoding of sysctl() when oldval fields are NULL

If you call glibc's syscall wrapper like so:
static int name[] = { CTL_NET, NET_IPV4, NET_IPV4_LOCAL_PORT_RANGE };
int buffer[2] = { 32768, 61000 };
size_t size = sizeof(buffer);
sysctl(name, 3, 0, 0, buffer, size);
(note that oldval/oldlenp are NULL).

The current strace code complains like so:
_sysctl({{CTL_NET, NET_IPV4, NET_IPV4_LOCAL_PORT_RANGE, 38}, 3, process_vm_readv: Bad address
(nil), 0, 0x7fffe23c3960, 8}) = -1 EACCES (Permission denied)

Since passing NULL for the old values is valid, handle that explicitly.
This also simplifies the code a bit by splitting up the handling of the
new and old args so that we only handle the new args once.

Now the output looks like:
_sysctl({{CTL_NET, NET_IPV4, NET_IPV4_LOCAL_PORT_RANGE, 38}, 3, NULL, 0, 0x7fff8c0c91b0, 8) = -1 EACCES (Permission denied)

* system.c (sys_sysctl): Check if info.oldval is NULL first. Move the
processing of oldlen/info.newval/info.newlen out so they always get
executed. Fix the format strings so we use %lu for unsigned long rather
than a mix of %ld and %lu.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>

If we are on a glibc system, assume it's at least glibc 2.1

It is not likely anyone uses glibc older that that:
glibc 2.1.1 was released in 1999

* net.c: Remove test for glibc >= 2.1.
* signal.c: Remove code which is compiled only for glibc < 2.1.
* util.c: Likewise.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

S390: stop using needlessly static long pc variable

* syscall.c: Remove "static long pc" variable.
(get_scno): Use an automatic long variable instead of a static.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Dying suddenly with abort() is rude, avoid if possible

* file.c (sys_utime): Don't call abort() if wordsize is strange.
Instead, warn user about it.
* desc.c (printflock): Use the same message string as in sys_utime.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Remove vestigial hacks around non-Linux struct sigactions

* signal.c: Stop using __sighandler_t glibc'ism. Remove SA_HANDLER macro.
Explain why we can't use "sa_handler" as a field name.
(sys_sigaction): Use __sa_handler instead of SA_HANDLER macro.
(sys_rt_sigaction): Likewise.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Optimize AArch64 handling of 32-bit personality

By putting aarch64_regs and arm_regs into a union,
register copying is eliminated.
No need to check and change personality on syscall exit.

* defs.h: Remove unused NUM_ARM_REGS define. Fix indentation.
* syscall.c: Put aarch64_regs and arm_regs into a union.
(update_personality): Shorten bitness message.
(printcall): Add commented-out PC printing.
(get_regs): Remove now-unnecessary 64-to-32 bits register copying.
(get_syscall_result): Drop personality changing code.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Rename some register statics by prefixing their names with arch.

This makes it easier to grep for them.

* syscall.c: Make IA64's r8, r10 global variables static.
Rename variables:
r8,r10 -> ia64_r8,ia64_r10.
d0 -> m68k_d0.
a3 -> alpha_a3.
r28 -> hppa_r28.
r9 -> sh64_r9.
r10 -> cris_r10.
r3 -> microblaze_r3.
(get_scno): Use new variable names.
(syscall_fixup_on_sysenter): Likewise.
(get_syscall_result): Likewise.
(get_error): Likewise.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Rename ARM's regs structure to arm_regs

Compile-tested.

* defs.h: Rename regs structure to arm_regs.
* syscall.c: Likewise.
(printcall): Use new name instead of old one.
(get_regs): Likewise.
(get_scno): Likewise.
(get_syscall_args): Likewise.
(get_error): Likewise.
* signal.c (sys_sigreturn): Likewise.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Stop needlessly using static variable

* syscall.c: Remove static long psr.
(get_scno): Use local psr variable.
(get_syscall_result): Likewise.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Shortcut tests for fork/exec syscalls

This change should speed up strace by a tiny bit.

More importantly, it makes it much more clear that
fork and exec fixups are not necessary for any reasonably
recent kernels. IOW: syscall_fixup_for_fork_exec() and its callees
are all dead code.

* defs.h: Declare new need_fork_exec_workarounds flag variable.
* strace.c: Define need_fork_exec_workarounds flag variable.
(test_ptrace_setoptions_followfork): Return 0/1 as success/fail indicator.
(test_ptrace_setoptions_for_all): Likewise.
(init): Set need_fork_exec_workarounds to TRUE if needed.
* syscall.c: Rename internal_syscall() to syscall_fixup_for_fork_exec().
(trace_syscall_entering): Call syscall_fixup_for_fork_exec() only if
need_fork_exec_workarounds == TRUE.
(trace_syscall_exiting): Likewise.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Improve perf_event_open argument decoding

* configure.ac (AC_CHECK_HEADERS): Add linux/perf_event.h.
* desc.c [HAVE_LINUX_PERF_EVENT_H]: Include <linux/perf_event.h>.
(perf_event_open_flags): New xlat structure.
(sys_perf_event_open): New function.
* linux/dummy.h (sys_perf_event_open): Remove.
* linux/syscall.h (sys_perf_event_open): New prototype.

Signed-off-by: Ben Noordhuis <info@bnoordhuis.nl>
Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>

tile: fix merge skew with new get_regs architecture

* defs.h [TILE]: Declare clear_regs(), get_regs() and get_regs_error.
* syscall.c (get_regs) [TILE]: Fix merge skew.
(printcall) [TILE]: fix a compiler warning about pt_reg_t in
a printf expression.

Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>

mount: decode MS_NOSEC

* system.c (MS_NOSEC): Define.
(mount_flags): Add MS_NOSEC.

Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>

mmap: decode MAP_UNINITIALIZED

* mem.c (mmap_flags): Add MAP_UNINITIALIZED.

Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>

Print 64-bit instruction pointers zero padded

* syscall.c (printcall): Print 64-bit instruction pointers zero padded.

x86_64: fix compilation warning introduced in previous commit

* syscall.c (printcall): Cast x86_64_regs.rip to the type being printed.

Simple bug fix for x86_86

* syscall.c (printcall): Use x86_64_regs.rip, not x86_64_regs.ip.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Add tilegx support to strace

tilegx support has been in the kernel since 3.0.
In addition, fix some issues with the tilepro support already
present in strace, primarily the decision to use the
<asm/unistd.h> numbering space for system calls.

* defs.h [TILE]: Include <asm/ptrace.h> and provide an extern
struct pt_regs tile_regs for efficiency. Provide compat 32-bit
personality via SUPPORTED_PERSONALITIES, PERSONALITY0_WORDSIZE,
PERSONALITY1_WORDSIZE, and DEFAULT_PERSONALITY.
* linux/tile/errnoent1.h: New file, includes linux/errnoent.h.
* linux/tile/ioctlent1.h: New file, includes linux/ioctlent.h.
* linux/tile/signalent1.h: New file, includes linux/signalent.h.
* linux/tile/syscallent.h: Update with new asm-generic syscalls.
The version previously committed was the from the first tile patch
to LKML, which subsequently was changed to use <asm-generic/unistd.h>.
* linux/tile/syscallent1.h: Copy from linux/tile/syscallent.h.
* mem.c (addtileflags) [TILE]: use %ld properly for a "long" variable.
* process.c [TILE]: Choose clone arguments correctly and properly
suppress all "struct user" related offsets in user_struct_offsets.
* signal.c [TILE]: Use tile_regs not upeek.
* syscall.c (update_personality) [TILE]: Print mode.
(PT_FLAGS_COMPAT) [TILE]: Provide if not in system headers.
(tile_regs) [TILE]: Define 'struct pt_regs' variable to hold state.
(get_regs) [TILE]: use PTRACE_GETREGS to set tile_regs rather than using upeek.
(get_scno) [TILE]: Set personality.
(get_syscall_args) [TILE]: Use tile_regs.
(get_syscall_result) [TILE]: Update tile_regs.
(get_error) [TILE]: Use tile_regs.
(printcall) [TILE]: Print pc.
(arg0_offset, arg1_offset, restore_arg0, restore_arg1) [TILE]:
Properly handle tile call semantics and support tilegx.

Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Small optimization for SPARC[64] get_scno

* syscall.c: Remove static unsigned long trap veriable.
(get_scno): Use local trap variable.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Do not compile getrval2() if not needed

* syscall.c (getrval2): Do not compile it for architetures where
it isn't ever used.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Optimize out PTRACE_PEEKUSER with -i

strace -i was fetching PC with a separate PEEKUSER
despite having GETREGS data:

ptrace(PTRACE_GETREGS, 22331, 0, 0x8087f00) = 0
ptrace(PTRACE_PEEKUSER, 22331, 4*EIP, [0x80dd7b7]) = 0
write(3, "[080dd7b7] ioctl(0, SNDCTL_TMR_T"..., 82) = 82
ptrace(PTRACE_SYSCALL, 22331, 0, SIG_0) = 0

Now it does this:

ptrace(PTRACE_GETREGS, 22549, 0, 0x8087ea0) = 0
write(3, "[080dd7b7] ioctl(0, SNDCTL_TMR_T"..., 82) = 82
ptrace(PTRACE_SYSCALL, 22549, 0, SIG_0) = 0

Analogous improvement in sys_sigreturn() is also implemented.

* defs.h: Declare extern struct pt_regs regs for SPARC[64] and ARM.
Declare clear_regs(), get_regs() and get_regs_error flag variable.
* strace.c (trace): Call get_regs(pid) as soon as we know the tcb
and that it is stopped.
* syscall.c (get_regs): New function. Used to fetch registers early,
just after tracee has stopped.
(printcall): Move it here from util.c. Use global regs.REG data,
if available on the arch, instead of re-fetching it.
(get_scno): Use global regs.REG data.
(get_syscall_result): Likewise.
* signal.c (sys_sigreturn): Likewise.
* util.c (printcall): Moved to syscall.c.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Fix sys_semtimedop decoding on s390x

The s390 and s390x pass semtimedop arguments differently from other
architectures. sys_semtimedop parser was fixed for s390 by commit
v4.6-177-ge0f5fd8, and s390x requires the same fix.

* linux/ipc.c (sys_semtimedop): Fix timespec decoding on s390x.

Signed-off-by: Stanislav Brabec <sbrabec@suse.cz>

Fix *xattr decoding

* file.c (print_xattr_val): Do not attempt to decode a zero sized array.
Fixes RH#885233.

sys_semtimedop: fix timeval argument index in wrapped call

Looking at the implementation of wrapped semtimedop() call inside glibc
and kernel, I started to believe that timeval should be located in
tcp->u_arg[4] and not tcp->u_arg[5].  Fortunately, tcp->u_arg[5] now
works correctly as well, due to side effects of decode_ipc_subcall().

declaration in header:
int semtimedop(semid, *sops, nsops, *timeout);
                 0      1      2        3

sys_ipc arguments in glibc on all patforms except s390*:
semid, (int) nsops, 0, CHECK_N (sops, nsops), timeout
  0            1    2            3                4
We have to use indexes: 0 3 1 4

sys_ipc arguments on s390*:
semid, (int) nsops, timeout, sops
  0            1       2       3
We have to use indexes: 0 3 1 2

* ipc.c (sys_semtimedop) [!S390]: Fix timeval argument index in
indirect_ipccall case.

Fix glibc version checks

* util.c: Check if __GLIBC__ is defined before using it.
* signal.c: Likewise. Fix __GLIBC_MINOR__ checks.

Add state argument to change_syscall and fix SPARC

Add a state argument to change_syscall() so that SPARC can modify that
instead of read-modify-writing the whole register set. This function is
always called within an arg_setup/arg_finish_change sequence which on
certain architectures like SPARC will also be doing a read-modify-write.
This prevents the second write (from arg_finish_change) from undoing the
effects of the change_syscall call.

* util.c (change_syscall): Move below definition of arg_setup_state.
Add state argument.
[SPARC || SPARC64] Change to set state->u_regs[U_REG_G1] rather than
read-modify-writing it with PTRACE_GETREGS and PTRACE_SETREGS.
(setbpt, clearbpt): Pass state argument to change_syscall.

Signed-off-by: James Hogan <james.hogan@imgtec.com>

Add support for tracing 32-bit ARM EABI binaries on AArch64

* defs.h [AARCH64]: Copy in the definition of arm_pt_regs and the
accessor macros, so it's possible to build on AArch64 without
ARM system headers. Set SUPPORTED_PERSONALITIES to 2.
Define PERSONALITY0_WORDSIZE and PERSONALITY1_WORDSIZE.
Set DEFAULT_PERSONALITY to 1.
* linux/aarch64/errnoent1.h: New file, includes generic errnoent.h.
* linux/aarch64/ioctlent1.h: New file, includes generic ioctlent.h.
* linux/aarch64/signalent1.h: New file, includes generic signalent.h.
* linux/aarch64/syscallent1.h: Rename from linux/aarch64/syscallent.h.
* linux/aarch64/syscallent.h: New file, includes arm/syscallent.h.
* syscall.c [AARCH64]: Define aarch64_regs.
(update_personality) [AARCH64]: Add debug output.
(get_scno) [AARCH64]: Determine if we're in ARM or AArch64 mode by
checking the size of the returned uio structure from PTRACE_GETREGSET
and interpret the structure accordingly.
(get_syscall_result): Likewise.
(get_syscall_args): Merge the AArch64 and ARM sections so that on
AArch64 we can fall back to supporting the ARM personality.
(get_error): Likewise.

Signed-off-by: Steve McIntyre <steve.mcintyre@linaro.org>