Mike Frysinger [Thu, 27 Sep 2012 05:12:39 +0000 (01:12 -0400)]
x32: add 64bit annotation too
Since someone can invoke these entry points directly with syscall(),
at least decode their name and show that they're 64bit versions rather
than just showing syscall_###.
* linux/x32/syscallent.h: Sync all missing entries below 312 with x86_64.
strace used to honor fflush(3) return value in trace_syscall_entering
which resulted to tracees not being PTRACE_SYSCALL'ed which in turn
caused nasty hangups like this one:
$ strace -o'|:' pwd
|:: Broken pipe
There is little strace can do in case of fflush(3) returning EOF, and
hangup is certainly not the best solution for the issue.
Mike Frysinger [Wed, 22 Aug 2012 15:56:15 +0000 (11:56 -0400)]
x32: update {g,s}etsockopt syscall numbers
Starting with linux 3.6 (and backported to earlier kernels), these two
syscalls have changed numbers (moving from native to compat entry points).
Update the strace syscall list accordingly.
* linux/x32/syscallent.h: Move setsockopt from 54 to 541, and move
getsockopt from 55 to 542.
* defs.h: Define USE_SEIZE to 1. Remove PTRACE_SEIZE_DEVEL
and PTRACE_EVENT_STOP1.
* strace.c (ptrace_attach_or_seize): Replace PTRACE_SEIZE_DEVEL
with 0.
(trace): Do not check for PTRACE_EVENT_STOP1.
Denys Vlasenko [Fri, 18 May 2012 00:03:24 +0000 (02:03 +0200)]
Merge adjacent printing operations in a few places
* file.c (sys_readahead): Merge tprints() with following printllval().
(sys_ftruncate64): Likewise.
(sys_fadvise64): Likewise.
(sys_fadvise64_64): Likewise.
(sys_fallocate): Merge tprints() with following tprintf().
Denys Vlasenko [Wed, 16 May 2012 10:23:58 +0000 (12:23 +0200)]
Fix a few goofs in sys_sysctl()
* system.c (sys_sysctl): Cast pointer to long, not size_t,
when we intend to use it as an address. Set oldlen to 0 prior
to reading into it - we want to have deterministic result
if read fails.
Denys Vlasenko [Tue, 15 May 2012 13:35:52 +0000 (15:35 +0200)]
Remove outdated comment about suspending new tracees
We no longer track parent/child relationship between tracees.
Therefore, we no longer suspend new tracee until parent is seen
exiting form [v]fork/clone. The comment is obsolete.
Denys Vlasenko [Tue, 15 May 2012 12:28:56 +0000 (14:28 +0200)]
Make sure current_wordsize and PERSONALITY0_WORDSIZE are ints in all arches
On 64bit systems with a single personality, they used to be sizeof(long),
which has type "long", not "int", which complicates printf formats.
* defs.h: Ensure that PERSONALITY0_WORDSIZE;s tyoe is int.
This in turn makes sure current_wordsize is also an int.
* count.c (call_summary): Revert the change which added cast to int.
Mike Frysinger [Fri, 4 May 2012 23:37:29 +0000 (19:37 -0400)]
util: fix building when glibc has a stub process_vm_readv
If you have a newer glibc which provides process_vm_readv, but it is built
against older kernel headers which lack __NR_process_vm_readv, the library
will contain a stub implementation that just returns ENOSYS. Autoconf
checks for this case explicitly and will declare it as unavailable. So we
end up in a case where the headers provide the prototype, but autoconf has
not defined HAVE_PROCESS_VM_READV, so we hit the same build failure again:
util.c:738:16: error: static declaration of 'process_vm_readv' follows non-static declaration
/usr/include/bits/uio.h:58:16: note: previous declaration of 'process_vm_readv' was here
So rename our local function to something unique, and add a define so the
callers all hit the right place.
* util.c (strace_process_vm_readv): Rename from process_vm_readv.
(process_vm_readv): Define to strace_process_vm_readv.
Dmitry V. Levin [Wed, 2 May 2012 10:21:49 +0000 (10:21 +0000)]
Fix build with <linux/loop.h> from 2.6.18 kernel headers
* configure.ac: Check for LO_FLAGS_AUTOCLEAR and LO_FLAGS_PARTSCAN
declarations.
* loop.c (loop_flags_options): Use LO_FLAGS_AUTOCLEAR and
LO_FLAGS_PARTSCAN only when appropriate declarations are available.
(loop_ioctl): Use LOOP_SET_CAPACITY only when it is defined.
Dmitry V. Levin [Tue, 1 May 2012 21:04:18 +0000 (21:04 +0000)]
NEWS: update for release
* NEWS (Improvements): Mention recent recvmsg/recvmmsg decoders
enhancements.
(Portability): Add a recommendation for the minimum Linux kernel
version to use.
Dmitry V. Levin [Tue, 1 May 2012 20:41:40 +0000 (20:41 +0000)]
Fix recvmmsg decode: do not show more data than actually returned
This change complements recent fix for recvmsg decoding.
* net.c (printmmsghdr): Add msg_len parameter to pass down to do_msghdr.
When this parameter is zero, pass mmsghdr.msg_len to do_msghdr instead.
(decode_mmsg): Add msg_len parameter, pass it down to printmmsghdr.
(sys_sendmmsg): Call decode_mmsg with msg_len == (unsigned long) -1L.
(sys_recvmmsg): Call decode_mmsg with msg_len == 0.
We often pass syscall params and other long-sized values
as printstr(len). Truncating them to int may be a bad thing.
* defs.h: Change len parameter's type from int to long in
string_quote and printstr function declarations.
* util.c (string_quote): Special-case only len==-1, not all len<0.
(printstr): Likewise.
Fix recvmsg decode: do not show more data than actually returned
I noticed that "hostname -d" talks over netlink and gets 20 bytes
of response, but we show entire 1024 bytes of iov.
This changes fixes that.
* defs.h: New function tprint_iov_upto.
* io.c (tprint_iov_upto): Definition of this function.
(tprint_iov): Call tprint_iov_upto.
* net.c (do_msghdr): Add data_size parameter, pass it down to tprint_iov_upto.
(printmsghdr): Add data_size parameter, pass it down to do_msghdr.
(printmmsghdr): Call do_msghdr with data_size==ULONG_MAX.
(sys_sendmsg): Call printmsghdr with data_size==ULONG_MAX.
(sys_recvmsg): Call printmsghdr with data_size==tcp->u_rval.
Mike Frysinger [Fri, 27 Apr 2012 22:58:20 +0000 (18:58 -0400)]
Cast current_wordsize to an int
On 64bit systems with a single personality, we see:
count.c: In function 'call_summary':
count.c:223:5: warning: format '%u' expects type 'unsigned int',
but argument 3 has type 'long unsigned int'
Since on multi-personality systems this is an array of ints, cast
the multiplication to an int and update the printf format.
* count.c (call_summary): Change %u to %d and cast first argument to int.
Mike Frysinger [Wed, 18 Apr 2012 02:19:31 +0000 (22:19 -0400)]
Decode /dev/loop ioctls
Needed to debug some losetup failures, and it's easier when you can see
what the kernel is getting vs what you think you're sending, so add some
decoders for those ioctls.
* loop.c: New file.
* Makefile.am (strace_SOURCES): Add loop.c.
* defs.h (loop_ioctl): New prototype.
(string_quote): Likewise.
* ioctl.c (ioctl_decode): Call loop_ioctl when code is 'L'.
* util.c (string_quote): Remove static keyword.
H.J. Lu [Tue, 17 Apr 2012 18:05:04 +0000 (11:05 -0700)]
x32: add ia32 support
* Makefile.am (EXTRA_DIST): Add linux/x32/errnoent1.h,
linux/x32/ioctlent1.h, linux/x32/signalent1.h and
linux/x32/syscallent1.h.
* configure.ac: Remove AC_GNU_SOURCE, obsoleted by
AC_USE_SYSTEM_EXTENSIONS.
* defs.h (SUPPORTED_PERSONALITIES): Set to 2 for X32.
(PERSONALITY1_WORDSIZE): Set to 4 for X32.
* file.c (stat64): New struct for X32.
(sys_lseek32): New function for X32.
(stat64): Undef.
(sys_fstat64): Likewise.
(sys_stat64): Likewise.
(realprintstat64): New function for X32.
(sys_fstat64): Likewise.
(sys_stat64): Likewise.
* mem.c (sys_old_mmap): New function for X32.
* pathtrace.c (pathtrace_match): Also check sys_old_mmap for X32.
* syscall.c (update_personality): Add X32 support.
(get_scno): Support currpers == 1 for X32.
* linux/syscall.h (sys_lseek32): New function prototype for X32.
* linux/x32/errnoent1.h: New file.
* linux/x32/ioctlent1.h: Likewise.
* linux/x32/signalent1.h: Likewise.
* linux/x32/syscallent1.h: Likewise.
Add custom (faster) vfprintf implementation (disabled by default)
* defs.h: Declare strace_vfprintf either as a alias to vfprintf
or as a bona fide function. USE_CUSTOM_PRINTF define controls whether
we use strace_vfprintf. By default, we don't.
* strace.c (tprintf): Call strace_vfprintf instead of vfprintf.
* vsprintf.c: New file, implements strace_vfprintf.
This is needed for simplified printf, and reduces code size a bit.
* block.c (block_ioctl): Cast the value to unsinged and use %u
instead of using %hu.
* desc.c (sys_io_cancel): Likewise.
* resource.c (sys_sysinfo): Likewise.
H.J. Lu [Mon, 16 Apr 2012 11:00:01 +0000 (13:00 +0200)]
Add x32 support to strace
X32 support is added to Linux kernel 3.4. In a nutshell, x32 is x86-64 with
32bit pointers. At system call level, x32 is also identical to x86-64,
as shown by many changes like "defined(X86_64) || defined(X32)". The
main differerence bewteen x32 and x86-64 is off_t in x32 is long long
instead of long.
This patch adds x32 support to strace. Tested on Linux/x32.
* configure.ac: Support X32.
* defs.h: Set SUPPORTED_PERSONALITIES to 3 for X86_64,
Set PERSONALITY2_WORDSIZE to 4 for X86_64.
Add tcb::ext_arg for X32.
* file.c (stat): New for X32.
(sys_lseek): Use 64-bit version for X32.
(printstat64): Check current_personality != 1 for X86_64.
* ipc.c (indirect_ipccall): Check current_personality == 1
for X86_64.
* mem.c (sys_mmap64): Also use tcp->u_arg for X32. Print NULL
for zero address. Call printllval for offset for X32.
* pathtrace.c (pathtrace_match): Don't check sys_old_mmap for
X32.
* process.c (ARG_FLAGS): Defined for X32.
(ARG_STACK): Likewise.
(ARG_PTID): Likewise.
(change_syscall): Handle X32.
(struct_user_offsets): Support X32.
(sys_arch_prctl): Likewise.
* signal.c: Include <asm/sigcontext.h> for X32.
(SA_RESTORER): Also define for X32.
* syscall.c (update_personality): Support X32 for X86_64.
(is_restart_error): Likewise.
(syscall_fixup_on_sysenter): Likewise.
(get_syscall_args): Likewise.
(get_syscall_result): Likewise.
(get_error): Likewise.
(__X32_SYSCALL_BIT): Define if not defined.
(__X32_SYSCALL_MASK): Likewise.
(get_scno): Check DS register value for X32. Use
__X32_SYSCALL_MASK on X32 system calls.
* util.c (printllval): Use ext_arg for X32.
(printcall): Support X32.
(change_syscall): Likewise.
(arg0_offset): Likewise.
(arg1_offset): Likewise.
* Makefile.am (EXTRA_DIST): Add linux/x32/errnoent.h,
linux/x32/ioctlent.h.in, linux/x32/signalent.h,
linux/x32/syscallent.h, linux/x86_64/errnoent2.h,
linux/x86_64/ioctlent2.h, linux/x86_64/signalent2.h and
linux/x86_64/syscallent2.h.
* linux/x32/errnoent.h: New.
* linux/x32/ioctlent.h.in: Likewise.
* linux/x32/signalent.h: Likewise.
* linux/x32/syscallent.h: Likewise.
* linux/x86_64/errnoent2.h: Likewise.
* linux/x86_64/ioctlent2.h: Likewise.
* linux/x86_64/signalent2.h: Likewise.
* linux/x86_64/syscallent2.h: Likewise.
Signed-off-by: H.J. Lu <hongjiu.lu@intel.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
H.J. Lu [Mon, 16 Apr 2012 10:16:45 +0000 (12:16 +0200)]
Restore tcb::u_lrval; fix lseek on MIPS-n32
Linux kernel v3.4 adds x32 support. Both x32 and n32 use 64bit offset
for lseek parameter and return value. We need u_lrval to handle it
properly. Also we shouldn't check HAVE_LONG_LONG_OFF_T for n32 lseek.
This patch fixes it properly and prepares lseek for x32.
* defs.h (tcb): Restore tcb::u_lrval field, RVAL_Lfoo constants.
Set RVAL_MASK to 7.
* file.c (sys_lseek): Print 64bit offset and return RVAL_LUDECIMAL
for n32.
* syscall.c (get_error): Set u_lrval for MIPS-n32.
(trace_syscall_exiting): Handle RVAL_Lfoo return value types.
Signed-off-by: H.J. Lu <hongjiu.lu@intel.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Mike Frysinger [Thu, 5 Apr 2012 05:52:25 +0000 (01:52 -0400)]
Fix indefinite hang on no-mmu systems
The ptrace setoptions code will fork a child which goes to sleep and
expects the parent to continue on to do tests. Unfortunately, this
does not work on no-mmu systems as fork() is actually vfork() and any
vforked children will hang the parent until it exits or execs.
We might be able to make this test work on no-mmu systems with a bit
of work, but easier to just disable this for the release so it works
now.
* strace.c (test_ptrace_setoptions_for_all): Return if strace_vforked.
Dmitry V. Levin [Sun, 25 Mar 2012 21:49:48 +0000 (21:49 +0000)]
Robustify parsing of numbers from strings
* defs.h (string_to_uint): New prototype.
* util.c (string_to_uint): New function.
* strace.c (error_opt_arg): New function.
(process_opt_p_list): Use string_to_uint instead of atoi.
Terminate in case of invalid process id.
(init): Use string_to_uint instead of atoi.
Use error_opt_arg in case of invalid option argument.
* syscall.c (qual_syscall, qual_signal, qual_desc): Use string_to_uint
instead of atoi.
After: movzbl (%eax),%edx
sub $0x30,%edx
cmp $0x9,%dl
ja lbl
text data bss dec hex filename
236869 704 18944 256517 3ea05 strace.before
236719 700 18944 256363 3e96b strace
* defs.h: Alias sigemptyset to __sigemptyset on glibc.
* syscall.c (qual_syscall): Open-code isdigit.
(qual_desc): Likewise.
(qual_signal): Open-code isdigit. Remove string copying
which was done for no apparent reason.
Denys Vlasenko [Thu, 22 Mar 2012 08:56:20 +0000 (09:56 +0100)]
Simplify current tcp switching and current column handling
Instead of using "static FILE *outf and static unsigned int curcol"
to cache current outfile and its position, we can simply
remember current tcb and use its ->outf and ->curcol.
This allows to drop numerous "tcp->curcol = curcol" ops in trace().
Turns out we can't drop "static FILE *outf", but now its role is
a bit clearer: it newer changes after init, stays == stderr or
opened to shared log (which may be the same thing if neither -o
nor -ff was specified). Let's rename it then.
text data bss dec hex filename
236953 704 18944 256601 3ea59 strace.before.prev.commit
236905 704 18944 256553 3ea29 strace.before
236869 704 18944 256517 3ea05 strace
* strace.c: Replace curcol static variable by struct tcb *current_tcp.
Rename static FILE *outf to shared_log (since it no longer caches tcp->outf).
(ptrace_restart): Use current_tcp->curcol instead of curcol.
(tprintf): Check current_tcp != NULL instead of outf != NULL.
Use current_tcp->outf instead of outf, current_tcp->curcol instead of curcol.
(tprints): Likewise.
(line_ended): Likewise.
(printleader): Switch current tcb by "current_tcp = tcp" istead of
assignments to outf and curcol.
(droptcb): Set current_tcp to NULL if we dropped it.
(startup_child): Rename outf to shared_log.
(init): Likewise.
(cleanup): Likewise.
(trace): Simplify current tcp switching and current column handling.
Denys Vlasenko [Thu, 22 Mar 2012 08:35:51 +0000 (09:35 +0100)]
Make threaded execve handling code more reabable and somewhat simpler
* strace.c (droptcb): Remove outfname check in "outfname && followfork >= 2" -
with recent changes, followfork >= 2 check guarantees that outfile
was specified, and _is already opened_.
(trace): Move tcb existence check before threaded execve handling.
This allows to remove tcp != NULL checks in threaded execve handling.
Rewrite threaded execve handling code to be less indented,
keeping the same logic.
Denys Vlasenko [Wed, 21 Mar 2012 10:06:20 +0000 (11:06 +0100)]
Replace reprinting decision logic
After this change, we no longer need to decide when we need
to set TCB_REPRINT, and when we don't: it's never needed :)
Well, almost. That pesky pid-changing execve needs special treatment.
If not it, it'd be possible to nuke TCB_REPRINT...
While at it, fix a case of mishandled -C.
* strace.c (printleader): Do not set TCB_REPRINT.
(trace): Set TCB_REPRINT only for execve with changing pid.
Fix mishandling of -C.
* syscall.c (trace_syscall_entering): Do not clear TCB_REPRINT.
(trace_syscall_exiting): Replace reprinting decision logic.
Remove call to printargs(): it is known to just return 0 here.
This tells user that strace failed to let sendto syscall
to be entered - process was dead at that point of time.
It is (marginally) better than to always say "<unfinished ...>"
While at it, patch removes tcp->ptrace_errno.
I added it many months ago, and it looks that after all
it is not needed for ptrace error detection: I failed to execute
a single existing code path which is accessible
through that variable only.
Denys Vlasenko [Tue, 20 Mar 2012 16:10:35 +0000 (17:10 +0100)]
Remove redundant checks in syscall entry/exit, rename badly named function
* syscall.c (syscall_enter): Rename to get_syscall_args.
Document its return values.
(trace_syscall_entering): Don't check get_syscall_args() return
value for 0, it never returns that.
(syscall_fixup_on_sysexit): Make it return void.
(trace_syscall_exiting): Fix up syscall_fixup_on_sysexit()
call site accordingly.
Denys Vlasenko [Tue, 20 Mar 2012 09:57:41 +0000 (10:57 +0100)]
Simplify search in ioctl table
text data bss dec hex filename
236973 704 18944 256621 3ea6d strace.before
236929 704 18944 256577 3ea41 strace
* ioctl.c (compare): Simplify generation of compare result.
(ioctl_lookup): Pass key directly, not as part of dummy struct.
(ioctl_next_match): More readable code. No logic changes.
Denys Vlasenko [Mon, 19 Mar 2012 08:51:42 +0000 (09:51 +0100)]
Shrink space needed by undefined syscalls in syscall tables.
Undefined syscall looked like this before this change:
{ 5, 0, printargs, "SYS_53" },
That is, "SYS_53" string had to be allocated and stored in strace binary.
Since now SCNO_IN_RANGE() macro requires sysent[scno].sys_func != NULL
for valid syscalls, we can replace printargs with NULL in such lines
and make them "invalid", thus not requiring syscall name string.
Savings on i386:
text data bss dec hex filename
237389 704 18944 257037 3ec0d strace.before
236973 704 18944 256621 3ea6d strace
Savings on mips:
336551 153692 38320 528563 810b3 strace.before
275543 153688 38320 467551 7225f strace
Tested to still decode undefined syscalls correctly (syscall no. 222 on i386).
* linux/*/syscallent.h: Replace 'printargs, "SYS_nnn"' with
'NULL, NULL'.
Denys Vlasenko [Sun, 18 Mar 2012 21:10:48 +0000 (22:10 +0100)]
Make internal_fork and internal_exec static
text data bss dec hex filename
237917 672 18980 257569 3ee21 strace
237845 672 18980 257497 3edd9 strace_new
* defs.h: Remove declarations of internal_fork and internal_exec.
* process.c: Remove definitions of internal_fork and internal_exec.
* syscall.c: Move them here.
(internal_syscall): Return void instead of int. We were always
returning zero, and callers weren't checking it anyway.
Denys Vlasenko [Sun, 18 Mar 2012 03:16:59 +0000 (04:16 +0100)]
Remove code which is not used on Linux
Compile tested in qemu on armv4l,armv4tl,armv5l,armv6l,i686,
mipsel,mips,x86_64
* syscall.c: Remove code which handles RVAL_Lfoo constants.
* defs.h: Remove struct tcb::u_lrval member - it is never set.
Remove RVAL_Lfoo constants which signify return of "long" result -
they are never used.
Denys Vlasenko [Sun, 18 Mar 2012 03:13:14 +0000 (04:13 +0100)]
Remove unused version of sys_lseek
It is buggy: it returns RVAL_LUDECIMAL, which means the return value
is in tcp->u_lrval. But tcp->u_lrval is never set
(on Linux - it used to be set on other OSes).
* file.c (sys_lseek): Remove a version of this function which is
supposed to be used if off_t is long long. It appears to be buggy
and unused.
Denys Vlasenko [Sat, 17 Mar 2012 15:26:47 +0000 (16:26 +0100)]
Simplify sys_lseek64 conditional compilation.
It looks like sys_lseek64() is never used.
For one, it is buggy (always shows 0 return value), and no one complains.
From code inspection: sys_lseek64 name is not used anywhere.
It is defined to sys_lseek if HAVE_LONG_LONG_OFF_T is true.
Thus, if !HAVE_LONG_LONG_OFF_T, it is never used.
Therefore "if _LFS64_LARGEFILE || HAVE_LONG_LONG_OFF_T"
conditional it sits in can be simplified to
"if HAVE_LONG_LONG_OFF_T".
Therefore, we can move it a bit up and merge with
"if !HAVE_LONG_LONG_OFF_T, use this sys_lseek()" code block,
by addind an "else" clause to it.
To simplify it more, drop define and just rename sys_lseek64 ->
sys_lseek.
Since the function is buggy, I think it is unused and we can
just drop it. (I checked: at least I386 never uses it).
* file.c (sys_lseek64): Rename to sys_lseek; don't compile it
if _LFS64_LARGEFILE but !HAVE_LONG_LONG_OFF_T since in this case
it is never used.
Denys Vlasenko [Sat, 17 Mar 2012 12:23:00 +0000 (13:23 +0100)]
Remove underscores from a few syscall names which have them
Affected names are "_newselect", "_llseek", "_sysctl".
I see no apparent reason why they have leading underscores.
Moreover, some arches have underscored names and some have
non-underscored ones. This is not consistent.
I verified that every architectire I touched did not have
a similarly named syscall without underscore, thus this change
does not introduce new ambiquities.
I left "_exit" untouched for now, but the same points stand for it too:
some architectures use "exit" and no one complains. So why many
arches are using "_exit"?
* linux/*/syscallent.h: Remove underscores from displayed
syscall names for _newselect, _llseek, _sysctl.
projects / strace / log