Dmitry V. Levin [Tue, 12 Nov 2013 15:09:56 +0000 (15:09 +0000)]
Use standard names of sched_param structure members
* process.c (sys_sched_setscheduler, sys_sched_getparam,
sys_sched_setparam): Use portable struct sched_param member name
sched_priority instead of glibc specific __sched_priority.
Dmitry V. Levin [Mon, 11 Nov 2013 23:54:30 +0000 (23:54 +0000)]
Make SIGEV_THREAD_ID decoding less glibc specific
SIGEV_THREAD_ID decoding requires access to an internal member of
struct sigevent. There seems to be no portable way to do it besides
adding a configure check.
* configure.ac (AC_CHECK_MEMBERS): Check for
struct sigevent._sigev_un._pad and struct sigevent.__pad.
* time.c (printsigevent): Use an appropriate struct sigevent member
to print thread id.
Denys Vlasenko [Mon, 11 Nov 2013 11:50:47 +0000 (12:50 +0100)]
Stop using external libaio.h.
This change incorporates a partial copy instead
of using external libaio.h.
Why?
Because we want to properly decode 32-bit aio calls
by 64-bit strace. For that, we need more definitions than
libaio.h provides.
(These defs are not done yet, but will eventually be done).
Keeping our local 32-bit compat defs in sync with libaio.h
_without seeing libaio structs_ is hard/more bug prone.
A smaller benefit is that we don't need libaio installed.
Denys Vlasenko [Mon, 11 Nov 2013 11:31:18 +0000 (12:31 +0100)]
sys_io_submit: simplify iocb_cmd_lookup() helper.
This helper returns two values (a string and an enum).
The caller prints the string. It's simpler to just print
the string in the caller itself. This eliminates
"return by reference" and more importantly, an intermediate
static string buffer for the string result.
Since function of the helper is different now,
it is renamed to tprint_lio_opcode().
Denys Vlasenko [Mon, 11 Nov 2013 11:24:29 +0000 (12:24 +0100)]
sys_io_submit: stop traversing iocb vector after first failure.
The program may use a very large nr but supply either outright
invalid iocbpp[], or one with far fewer elements than nr.
We used to try reading iocbpp[i] until i == nr.
With this change, we stop on the first failure.
Denys Vlasenko [Sat, 9 Nov 2013 19:40:31 +0000 (20:40 +0100)]
Fix select decoding on e.g. 32-bit ppc process by 64-bit strace.
Added next_set_bit() function which finds the next set bit,
properly taking into account word size of the traced process.
Use it in decode_select() instead of fd_isset().
Also, properly round fdsize up to word size of traced process,
not to strace's word size.
Dmitry V. Levin [Tue, 5 Nov 2013 23:00:22 +0000 (23:00 +0000)]
Fix select decoding for glibc in _FORTIFY_SOURCE mode
glibc in _FORTIFY_SOURCE mode raises SIGABRT when descriptor greater
or equal to FD_SETSIZE is passed to FD_ISSET. Select family syscalls,
however, can legitimately accept such descriptors. To overcome this
limitation, we have to replace FD_ISSET with an equivalent that imposes
no such restrictions.
* desc.c (fd_isset): New function.
(decode_select): Use it instead of FD_ISSET.
Dmitry V. Levin [Tue, 5 Nov 2013 22:46:43 +0000 (22:46 +0000)]
More select decoding fixes
* desc.c (decode_select): Actually print arg[0] as int on entering
syscall. When arg[0] is negative, do not attempt to fetch and decode
descriptor sets on entering syscall, kernel will reject it anyway.
On exiting syscall, stop checking descriptor sets as soon as all
returned descriptors are found.
Fix select decoding with bogus (huge or negative) nfds.
We used to allocate and fetch bit arrays using a sanitized
length, but then iterate over them with "j < arg[0]" condition,
where arg[0] is not sanitized. This segfaults if arg[0] is huge
or negative. This change fixes this.
Add test/select.c to capture the case.
Signed-off-by: Dr. David Alan Gilbert <dave@treblig.org> Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
Ali Polatel [Tue, 24 Sep 2013 17:04:32 +0000 (20:04 +0300)]
Work around conflict between <sys/ptrace.h> and <linux/ptrace.h>
Since glibc-2.18~39 <sys/ptrace.h> defines ptrace_peeksiginfo_args
which collides with <linux/ptrace.h>.
* configure.ac: Check for `struct ptrace_peeksiginfo_args' in
<sys/ptrace.h>.
* process.c: Work around potential conflict between <sys/ptrace.h>
and <linux/ptrace.h> by redefining ptrace_peeksiginfo_args.
* signal.c: Likewise.
* syscall.c: Likewise.
* util.c: Likewise.
Vineet Gupta [Fri, 16 Aug 2013 07:17:06 +0000 (12:47 +0530)]
Add support for ARC Cores from Synopsys
Take #2 on mainlining strace support for ARC (last one was 4.6 based back
in March 2011), see
http://sourceforge.net/p/strace/mailman/message/27210168/
The syscall ABI is asm-generic/unistd.h based (so no legacy syscalls),
hence very similar to metag port.
test/* all seem to work well.
* linux/arc/ioctlent.h.in: New file.
* linux/arc/syscallent.h: Likewise.
* Makefile.am (EXTRA_DIST): Add linux/arc/ioctlent.h.in and
linux/arc/syscallent.h.
* configure.ac: Add ARC to the list of supported architectures.
* defs.h: Add ARC support.
* process.c (struct_user_offsets): Likewise.
* signal.c (sys_sigreturn): Likewise.
* syscall.c (print_pc, get_regset, get_regs, get_scno, get_syscall_args,
get_syscall_result, get_error): Likewise.
* util.c (change_syscall): Likewise.
Signed-off-by: Vineet Gupta <vgupta@synopsys.com> Acked-by: Mike Frysinger <vapier@gentoo.org>
William Manley [Fri, 9 Aug 2013 17:04:11 +0000 (18:04 +0100)]
Add support for decoding sync_file_range
* file.c (sync_file_range_flags): New xlat structure.
(sys_sync_file_range, sys_sync_file_range2): New functions.
* linux/syscall.h (sys_sync_file_range, sys_sync_file_range2): New
prototypes.
* linux/dummy.h (sys_sync_file_range, sys_sync_file_range2): Remove.
* linux/mips/syscallent-o32.h: Set the number of sync_file_range
arguments to 7.
Mike Frysinger [Mon, 19 Aug 2013 05:00:39 +0000 (01:00 -0400)]
fanotify_mark: fix number of args for 32bit arches
The fanotify_mark func takes a 64bit mask, so 32bit arches have to split
it up into two fields. When the syscall was added, it was listed as only
having 5 fields total (since that's correct for 64bit systems).
* linux/arm/syscallent.h: Set the number of fanotify_mark arguments to 6.
* linux/bfin/syscallent.h: Likewise.
* linux/hppa/syscallent.h: Likewise.
* linux/i386/syscallent.h: Likewise.
* linux/m68k/syscallent.h: Likewise.
* linux/metag/syscallent.h: Likewise.
* linux/microblaze/syscallent.h: Likewise.
* linux/mips/syscallent-o32.h: Likewise.
* linux/or1k/syscallent.h: Likewise.
* linux/powerpc/syscallent.h: Likewise.
* linux/s390/syscallent.h: Likewise.
* linux/sh/syscallent.h: Likewise.
* linux/sparc/syscallent.h: Likewise.
* linux/tile/syscallent1.h: Likewise.
Signed-off-by: Mike Frysinger <vapier@gentoo.org> Acked-by: Chris Metcalf <cmetcalf@tilera.com> [for tile]
In almost all cases, the parameter was 1 ("decode RT sigs too").
This change hardwires it to be 1.
The cases where it was 0 are, and why the change to "decode RT sigs too"
is fine:
IA64: 64-bit arch, all 64 signals fit in one word in any case.
S390[x]: sc.oldmask is a sigset_t on kernel side,
(sigset_t *)&sc.oldmask[0] does contain all 64 signals.
TILE: uc.uc_sigmask is a sigset_t on kernel side,
memcpy(&sigm, &uc.uc_sigmask, NSIG / 8) copies all 64 signals.
Replace print_sigset() with print_sigset_addr_len(),
which takes not only addr, but also len parameter.
This allows us to drop "do we need to print RT signals?" parameter,
and this fixes RT signals printing in many syscalls.
sys_sigprocmask: print_sigset -> print_sigset_addr_len(current_wordsize),
no change in functionality.
sys_sigpending: use print_sigset_addr_len(current_wordsize)
instead of open-coding it.
sys_rt_sigprocmask: use print_sigset_addr_len instead of open-coding it.
sys_rt_sigpending: ditto.
sys_rt_sigsuspend: ditto.
sys_rt_sigtimedwait: ditto.
do_signalfd: print_sigset -> print_sigset_addr_len. This fixes
RT signals printing (wasn't showing them before).
sys_ppoll: ditto.
copy_sigset_len() is folded into its only user, print_sigset_addr_len(),
and copy_sigset() is gone.
While at it, checked kernel sources and noted where kernel enforces
sigset_size == NSIG / 8 (== sizeof(kernel_sigset_t)),
and where it allows word-sized sigset_size ([rt_]sigpending).
In practice, we always copy as many bytes as syscall param says
(8, or 16 on mips). However, malicious program can call sigaction
with wrong sigset size. Such syscall will result in EINVAL,
but we (strace) end up copying 128 bytes (sizeof(sigset_t)),
which copyes some garbage from stack after struct sigaction.
Now we always copy NSIG / 8 bytes (which is 8 bytes, or 16 on mips).
ARM in fact has 64 signals (1..64), and NSIG should be 65
(as usual, rememebr that NSIG_libc == NSIG_kernel+1).
I carefully reviewed all usages of NSIG. In syscall.c,
the only usage is:
for (i = 0; i <= NSIG; i++)
if (strcasecmp(s, signame(i) + 3) == 0)...
which is safe even if NSIG is way too big - signame(i)
returns a well-formed string for any i.
In signal.c, memcpy(&sigset, &sc.sc_mask, NSIG / 8) is used by
IA64 and TILE code, so ARM change can't affect it. And final
usage is:
struct new_sigaction::unsigned long sa_mask[NSIG / sizeof(long)];
It will grow on ARM (and become correct in the process).
Its only use is
memcpy(&sigset, &sa.sa_mask, NSIG / 8);
printsigmask(&sigset, 1);
which used to copy garbage in high bits, now it will copy actual data.
PTRACE_SEIZE can set ptrace options immediately, use this feature
This eliminates some rare bugs, such as post-execve SIGTRAP
generation when we attach to a process, and it manages to finish
execve'ing before we set TRACEEXEC option to suppress that.
s390[x]: get rid of syscall_mode, delete code which never triggers
Before this change, the logic was as follows:
syscall entry:
get_scno:
syscall_mode = GPR2
scno = syscall_mode unless syscall_mode == -ENOSYS
(if -ENOSYS, scn is retrieved by decoding current insn)
fixup:
gpr2 = GPR2
syscall_mode = scno unless syscall_mode == -ENOSYS
if (gpr2 != syscall_mode) stray_entry
syscall exit:
get_res:
gpr2 = GRP2
fixup:
syscall_mode = scno unless syscall_mode == -ENOSYS
if (WAITEXECVE && gpr2 in (-ENOSYS, scno)) gpr2 = 0;
get_error:
gpr2 is retval
Entry fixup's if() can never trigger:
regardless whether GPR2 is -ENOSYS or not, syscall_mode is always
equal to GRP2 value there. So it can be removed.
On sysexit path, syscall mode is never used.
Therefore, syscall_mode variable is deleted. grp2 is read from
GPR2 register in get_scno, redundant read in entry fixup is removed.
As a result, entry fixup's s390 code block vanishes completely.
gpr2 variable is renamed s390_gpr2 to match the convention used
by other arches.
Replace suspicious popen_pid assignment with an obviously correct one
popen_pid = vfork() does work correctly, but for a subtle reason
that wrong assignment of 0 happens in the child _first_,
and _then_ correct value overwrites it in the parent.
(And in a hyphothetical system where vfork = fork,
popen_pid wouldn't be shared, so it will also be ok.)
However, it's not necessary to be difficult.
This change makes it so that assignment is done only in parent.
Anton Blanchard [Wed, 26 Jun 2013 13:53:33 +0000 (15:53 +0200)]
powerpc: Use PTRACE_GETREGS to fetch all registers
* defs.h: declare ppc_regs and get_regs_error.
* signal.c (sys_sigreturn): Use ppc_regs instead of upeek.
* syscall.c: define ppc_regs.
(printcall): Use ppc_regs instead of upeek.
(get_scno): Replace multiple upeek calls with one PTRACE_GETREGS call.
(get_syscall_result): Likewise.
Signed-off-by: Anton Blanchard <anton@samba.org> Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
Denys Vlasenko [Thu, 20 Jun 2013 10:10:21 +0000 (12:10 +0200)]
detach(): warn if we see ECHILD from waitpid
* strace.c (detach): Warn if we see ECHILD from waitpid.
Explain in comments that we don't normally expect !WIFSTOPPED
either, and also that PTRACE_CONT failure isn't expected
(the "break" there is a "I'm confused, bailing out" code style)..
Denys Vlasenko [Wed, 19 Jun 2013 13:31:39 +0000 (15:31 +0200)]
USE_SEIZE: fix detaching from stopped processes
V3: split SEIZE/!SEIZE code paths to reduce confusion.
Extensively comment every possible case.
Verified that all tests/detach* tests work in both SEIZE and !SEIZE
cases.
* strace.c (detach): If PTRACE_SEIZE API is in use, stop the tracee
using PTRACE_INTERRUPT instead of sending it a SIGSTOP.
In a subsequent waitpid loop, correctly wait and suppress SIGSTOP
on detach if PTRACE_INTERRUPT wasn't used, or wait for any ptrace
stop and detach without suppressing signals.
Dmitry V. Levin [Wed, 19 Jun 2013 14:57:05 +0000 (14:57 +0000)]
tests: disable /proc based checks when /proc is not mounted
* tests/detach-running: Disable /proc based checks when
/proc/self/status is not available.
* tests/detach-sleeping: Likewise.
* tests/detach-stopped: Likewise.
Dmitry V. Levin [Tue, 28 May 2013 20:27:10 +0000 (20:27 +0000)]
Do not suppress signal delivery messages with -qq
Current implementation of -qq does not allow suppressing exit status
messages without suppressing signal delivery messages, which is not
good. There is a traditional "-e signal=none" syntax that can be used
to suppress all signal delivery messages.
This partially reverts commit v4.7-222-g01997cf.
* strace.c (trace): Do not suppress signal delivery messages with -qq.
* strace.1: Update documentation about -qq option.
Chris Metcalf [Tue, 21 May 2013 20:40:50 +0000 (16:40 -0400)]
tile: remove MAP_CACHE_xxx support in mem.c
These flags support functionality in mmap() that has not been
pushed back to the community, and which may or may not eventually
end up being the final community model. In the interim, having
these flags unconditionally present for "#ifdef TILE" just means
that the TILE build breaks if using the community versions of
the kernel and glibc, so just revert the code until such time
as it may end up in the community.
Signed-off-by: Chris Metcalf <cmetcalf@tilera.com> Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
Dmitry V. Levin [Tue, 14 May 2013 22:35:46 +0000 (22:35 +0000)]
NOMMU: do not hide startup syscalls unless in -D mode
On NOMMU systems in "strace PROG" case, we have no way to attach to
the tracee before it calls execve unless in -D mode. That is, the
first execve call is very likely to be missed, and setting
hide_log_until_execve just results to empty log.
* strace.c (init) [NOMMU_SYSTEM]: Do not set hide_log_until_execve
unless in -D mode.
Dmitry V. Levin [Mon, 13 May 2013 18:43:28 +0000 (18:43 +0000)]
Make -D mode work when the Yama LSM is enabled
* strace.c [HAVE_PRCTL]: Include sys/prctl.h.
(startup_child) [HAVE_PRCTL && PR_SET_PTRACER && PR_SET_PTRACER_ANY]:
In -D mode, allow tracing the process that is going to become the
tracee.
projects / strace / log