Dmitry V. Levin [Sun, 6 Aug 2017 11:26:52 +0000 (11:26 +0000)]
Enhance fflush error diagnostics
* strace.c (flush_tcp_output): New function.
(line_ended, droptcb, print_event_exit): Use it to flush tcp->outf.
* tests/fflush.c: New file.
* tests/fflush.test: New test.
* tests/Makefile.am (MISC_TESTS): Add it.
* tests/.gitignore: Add fflush.
* tests/pure_executables.list: Likewise.
This solves potential issues when tests run first and strace is rebuilt
only after they have finished. As noted in [1], providing the current
directory explicitly should help.
When receiving a ptrace stop of an unexpected child, handle it
in the most transparent way possible:
- detach it instead of PTRACE_CONT'ing;
- send it the signal with which it has been stopped.
This should hopefully help to deal with processes that have been created
with misused CLONE_PTRACE flag set.
* strace.c (maybe_allocate_tcb) <WIFSTOPPED(status) && !followfork>:
Calculate the signal similarly to the way next_event does,
forward it to the unexpected tracee, and detach the tracee.
Dmitry V. Levin [Fri, 4 Aug 2017 18:47:59 +0000 (18:47 +0000)]
sparc64: do not bail out in get_scno if PTRACE_PEEKTEXT fails
If the kernel contains commit 84d77d3f06e7e8dea057d10e8ec77ad71f721be3,
PTRACE_PEEKTEXT becames unavailable when the process dumpable flag is
cleared. As this is not a fatal condition for get_scno, do not bail out
if PTRACE_PEEKTEXT fails.
This condition is triggered and therefore tested by prctl-dumpable test.
* linux/sparc64/get_scno.c (arch_get_scno): Do not bail out
if PTRACE_PEEKTEXT fails.
Dmitry V. Levin [Tue, 1 Aug 2017 20:59:48 +0000 (20:59 +0000)]
printpath: do not fetch more than PATH_MAX bytes from tracee's memory
The kernel does not copy more than PATH_MAX bytes from userspace
pathnames, treating non-NUL-terminated pathnames as ENAMETOOLONG.
* util.c (printpathn): Decrease buffer size to PATH_MAX.
(printpath): Specify PATH_MAX - 1 as the maximum pathname length
to match the kernel behaviour. The underlying umovestr call will fetch
up to PATH_MAX bytes from tracee's memory, but no more than first
PATH_MAX - 1 bytes will be printed.
ucopy: move process_vm_readv ENOSYS check to vm_read_mem
* ucopy.c (vm_read_mem): Set process_vm_readv_not_supported in case
of ENOSYS.
* ucopy.c (umoven, umovestr): Do not set process_vm_readv_not_supported.
Print enabled optional features in strace version output
In order to provide information to user what optionally built features
are available.
* strace.c (print_version): New variable "features". Print features string
after non-liability disclaimer (or "(none)" in case it is empty).
(print_version) [USE_LIBUNWIND]: Concatenate "stack-unwind" into features
string.
* tests/strace-V.tests (getoption): New function.
Update check in accordance with updated output.
bpf: enhance decoding of BPF_MAP_LOOKUP_ELEM and BPF_MAP_GET_NEXT_KEY
Print union bpf_attr.value field of BPF_MAP_LOOKUP_ELEM command
and union bpf_attr.next_key field of BPF_MAP_GET_NEXT_KEY command
on entering syscall. These fields are addresses specified to the
kernel from userspace. The amount of data written by the kernel
to these addresses is specified at the map creation time
by BPF_MAP_CREATE command and is not available at this point.
* bpf.c (decode_BPF_MAP_LOOKUP_ELEM): Print union bpf_attr.value
on entering syscall.
(decode_BPF_MAP_GET_NEXT_KEY): Print union bpf_attr.next_key
on entering syscall.
(bpf_map_io): Remove.
* tests/bpf.c (print_BPF_MAP_DELETE_ELEM_first,
print_BPF_MAP_DELETE_ELEM_attr, print_BPF_MAP_GET_NEXT_KEY_first,
print_BPF_MAP_GET_NEXT_KEY_attr): Replace macro redirects with
new functions.
(print_BPF_MAP_LOOKUP_ELEM_first, print_BPF_MAP_LOOKUP_ELEM_attr,
Implement decoding of map_flags and inner_map_fd fields of union bpf_attr
for BPF_MAP_CREATE command introduced by linux kernel commits
v4.6-rc1~91^2~108^2~6 and v4.12-rc1~64^3~373^2~2, respectively.
* configure.ac: Check for inner_map_fd member of union bpf_attr
instead of max_entries.
* xlat/bpf_map_flags.in: New file.
* bpf.c: Include "xlat/bpf_map_flags.h".
(decode_BPF_MAP_CREATE): Add map_flags and inner_map_fd fields
to the structure, print them.
* tests/bpf.c: Update macro guards of BPF_MAP_CREATE decoder test.
(init_BPF_MAP_CREATE_first, print_BPF_MAP_CREATE_attr): Update expected
output.
(init_BPF_MAP_CREATE_attr): Initialize map_flags and inner_map_fd
fields, update offset.
Implement decoding of union bpf_attr.prog_flags field for BPF_PROG_LOAD
command introduced by linux kernel commit v4.12-rc2~34^2~29^2~2.
* configure.ac: Check for prog_flags member of union bpf_attr
instead of kern_version.
* xlat/bpf_prog_flags.in: New file.
* bpf.c: Include "xlat/bpf_prog_flags.h".
(decode_BPF_PROG_LOAD): Add prog_flags field to the structure, print it.
* tests/bpf.c: Update macro guards of BPF_PROG_LOAD decoder test.
(init_BPF_PROG_LOAD_first, print_BPF_PROG_LOAD_attr): Update expected
output.
(init_BPF_PROG_LOAD_attr): Initialize prog_flags field, update offset.
bpf: print unused fields of union bpf_attr if one of them is non-zero
When the size argument specifies more data than necessary for the given
command, kernel checks that all unused fields of union bpf_attr are
zero. Print this extra data when it contains non-zero bytes to enhance
debugging experience.
* bpf.c (decode_attr_extra_data): New function.
(decode_BPF_MAP_CREATE, decode_BPF_MAP_UPDATE_ELEM,
decode_BPF_MAP_DELETE_ELEM, bpf_map_io, decode_BPF_PROG_LOAD,
decode_BPF_OBJ_PIN, decode_BPF_OBJ_GET, decode_BPF_PROG_ATTACH,
decode_BPF_PROG_DETACH): Use it to print extra data passed
via bpf_attr pointer.
(bpf_obj_manage, bpf_prog_attach_detach): Remove.
* tests/bpf.c (map_delete_elem): New function.
(main): Use it.
bpf: change handling of big and unaccessible data to match the kernel
When the size argument exceeds PAGE_SIZE, the kernel fails with E2BIG
without parsing union bpf_attr.
When the whole chunk of memory specified by addr and size arguments is
not readable, the kernel fails with EFAULT.
* bpf.c (DECL_BPF_CMD_DECODER) <bpf_cmd_decoder>: Add const qualifier
to size argument, add data argument.
(decode_BPF_MAP_CREATE, decode_BPF_MAP_UPDATE_ELEM,
decode_BPF_MAP_DELETE_ELEM, bpf_map_io, decode_BPF_PROG_LOAD,
bpf_obj_manage, bpf_prog_attach_detach): Move size argument check and
memory fetching ...
(SYS_FUNC(bpf)) ... here, add PAGE_SIZE check, pass fetched memory
to command-specific parsers.
bpf: replace big switch statement with a dispatch table
* bpf.c (DECL_BPF_CMD_DECODER, DEF_BPF_CMD_DECODER, BPF_CMD_ENTRY):
New macros.
(bpf_cmd_decoder_t): New typedef.
Rename static parser functions using DEF_BPF_CMD_DECODER.
(decode_BPF_MAP_LOOKUP_ELEM, decode_BPF_MAP_GET_NEXT_KEY): New proxy
functions.
(SYS_FUNC(bpf)): Replace big switch statement with a dispatch table.
* print_fields.h (PRINT_FIELD_STR, PRINT_FIELD_PATH): New macros.
* bpf.c: Include "print_fields.h".
(bpf_map_create): Use PRINT_FIELD_U and PRINT_FIELD_XVAL.
(bpf_map_update_elem): Use PRINT_FIELD_FD, PRINT_FIELD_X, and
PRINT_FIELD_XVAL.
(bpf_map_delete_elem, bpf_map_io): Use PRINT_FIELD_FD and PRINT_FIELD_X.
(bpf_prog_load): Use PRINT_FIELD_STR, PRINT_FIELD_U, PRINT_FIELD_X,
and PRINT_FIELD_XVAL.
(bpf_obj_manage): Use PRINT_FIELD_FD and PRINT_FIELD_PATH.
(bpf_prog_attach_detach): Use PRINT_FIELD_FD, PRINT_FIELD_FLAGS,
and PRINT_FIELD_XVAL.
In many places where kernel expects a NUL-terminated string of length
up to a known fixed limit, e.g. when a NUL-terminated string is
a fixed-size field of a structure, strace does not print the last byte
assuming it is NUL, which is not always the case.
Change output format for such strings to distinguish NUL-terminated
strings from non-NUL-terminated ones: append ellipsis to the output
when the string is not NUL-terminated.
* defs.h (print_quoted_cstring): New prototype.
* util.c (print_quoted_cstring): New function.
(printpathn): Use it instead of print_quoted_string with
QUOTE_0_TERMINATED argument.
* print_fields.h (PRINT_FIELD_CSTRING): Likewise.
* btrfs.c (btrfs_ioctl): Likewise.
* dirent.c (SYS_FUNC(getdents)): Likewise.
* dirent64.c (SYS_FUNC(getdents64)): Likewise.
* print_ifindex.c (print_ifindex): Likewise.
* sysmips.c (SYS_FUNC(sysmips)): Likewise.
* ubi.c (ubi_ioctl): Likewise.
* tests/tests.h (print_quoted_cstring): New prototype.
* tests/print_quoted_string.c (print_quoted_cstring): New function.
* tests/ioctl_block.c (main): Update expected output.
* tests/ioctl_dm.c (main): Likewise.
* tests/ioctl_loop.c (print_loop_info, print_loop_info64): Likewise.
* tests/netlink_crypto.c (test_crypto_msg_newalg): Likewise.
* configure.ac (AC_CHECK_TYPES): Check for crypto_report_aead,
crypto_report_blkcipher, crypto_report_cipher, crypto_report_hash,
and crypto_report_rng structures in <linux/cryptouser.h>.
* netlink_crypto.c (decode_crypto_report_generic,
decode_crypto_report_hash, decode_crypto_report_blkcipher,
decode_crypto_report_aead, decode_crypto_report_rng,
decode_crypto_report_cipher): New functions.
(crypto_user_alg_nla_decoders): New array.
(decode_crypto_user_alg): Use it.
* xlat/crypto_nl_attrs.in: New file.
* NEWS: Mention this.
* tests/netlink_crypto.c: Include "test_netlink.h"
instead of "netlink.h".
(test_crypto_msg_newalg, test_crypto_msg_unspec): New functions.
(main): Use them.
netlink_sock_diag: replace NLA_ALIGN with NLMSG_ALIGN
In several netlink_sock_diag parsers NLA_ALIGN was used instead of
NLMSG_ALIGN to align the length of netlink messages. Fortunately,
both macros round the given length to the closest multiple of 4,
so technically there is no difference, but the use of wrong macro
is misleading.
m4: remove equal sign from define directive in ax_valgrind_check.m4
Support for providing equal sign in define directives has been added
only in GNU Make 3.82 [1] and it provides the same semantics (variables
should be recursively expanded) as when it is omitted at all, so let's
remove it in order to preserve compatibility with older GNU Make
versions (like the one used on Travis).
If strace -t is running too long, it might happen that time stamps
before and after its invocation differ for more than a second.
Adjust expected output to handle this rare but possible case.
* tests/strace-t.test: Allow any time stamp between start and finish
of strace invocation.
As make -j$N check-valgrind cannot parallelize properly, add
recursive targets for each of valgrind checks. This way one can run
for t in $valgrind_enabled_tools; do
make -k check-valgrind-$n || rc=$?
done
in $top_builddir.
* configure.ac (AM_EXTRA_RECURSIVE_TARGETS): Remove.
* m4/ax_valgrind_check.m4 (AX_VALGRIND_CHECK): Add check-valgrind
and check-valgrind-* to AM_EXTRA_RECURSIVE_TARGETS.
This guarantees that ksysent.h and scno.h, along with other targets
listed in BUILT_SOURCES, are made on 'make all', 'make check',
and 'make check-valgrind' before other targets are processed.
* m4/ax_code_coverage.m4: Update to serial 24. In particular,
this version has no lcov version check.
* Makefile.am (strace_LDADD): Rename CODE_COVERAGE_LDFLAGS
to CODE_COVERAGE_LIBS.
* netlink.c: Include "nlattr.h" and "xlat/nlmsgerr_attrs.h".
(print_cookie, decode_nlmsgerr_attr_cookie): New functions.
(nlmsgerr_nla_decoders): New array.
(decode_nlmsgerr): Use it.
* xlat/nlmsgerr_attrs.in: New file.
* NEWS: Mention this.
* netlink.c: Include "xlat/netlink_ack_flags.h".
(decode_nlmsg_flags): Decode ack flags when type == NLMSG_ERROR.
* xlat/netlink_ack_flags.in: New file.
* NEWS: Mention this.
* tests/netlink_protocol.c (test_ack_flags): New function, check this.
(main): Use it.
* tests/init.sh (dump_log_and_fail_with): Dump $LOG to stderr instead
of stdout as the latter is more likely to be redirected to a temporary
file in the context where this function is called.
* tests/init.sh: Trap SIGXCPU.
* tests/run.sh: Send SIGXCPU instead of SIGKILL in case of timeout, send
SIGKILL if the command is still running 5 seconds after SIGXCPU.
userfaultfd: decode struct uffdio_api.features as flags
* xlat/uffd_api_features.in: New file.
* userfaultfd.c: Include "xlat/uffd_api_features.h".
(uffdio_ioctl): Print struct uffdio_api.features using
PRINT_FIELD_FLAGS64 and uffd_api_features.
* NEWS: Mention this.
* tests/ioctl_uffdio.c: Include "xlat.h" and "xlat/uffd_api_features.h".
(main): Update expected output.
userfaultfd: enhance decoding of struct uffdio_api.features
As struct uffdio_api.features has read-write semantics,
print the value returned by the kernel only when it differs
from the value passed to the kernel.
* userfaultfd.c (uffdio_ioctl) <UFFDIO_API>: On entering syscall,
save the value of struct uffdio_api.features. On exiting syscall, do
not print struct uffdio_api.features when it's the same as on entering.
* tests/ioctl_uffdio.c (main): Update expected output.
This also fixes output correctness for struct uffdio_api.features.
* userfaultfd.c: Include "print_fields.h".
(tprintf_uffdio_range): Use PRINT_FIELD_X.
(PRINT_FIELD_UFFDIO_RANGE): New macro.
(uffdio_ioctl): Use it, PRINT_FIELD_FLAGS64, and PRINT_FIELD_X.
* tests/ioctl_uffdio.c (main): Update expected output.
* xlat/bpf_commands.in: Add BPF_PROG_TEST_RUN, BPF_PROG_GET_NEXT_ID,
BPF_MAP_GET_NEXT_ID, BPF_PROG_GET_FD_BY_ID, BPF_MAP_GET_FD_BY_ID,
and BPF_OBJ_GET_INFO_BY_FD introduced by linux kernel commits
v4.12-rc1~64^3~287^2~5, v4.13-rc1~157^2~271^2~5,
v4.13-rc1~157^2~271^2~4, v4.13-rc1~157^2~271^2~3, and
v4.13-rc1~157^2~271^2~1, respectively.
* xlat/bpf_attach_type.in: Add BPF_CGROUP_SOCK_OPS introduced
by linux kernel commit v4.13-rc1~157^2~37^2~15.
* xlat/bpf_prog_types.in: Add BPF_PROG_TYPE_SOCK_OPS introduced
by the same commit.
* test_netlink.h (TEST_NETLINK_OBJECT): New macro.
* tests/netlink_selinux.c: Include "test_netlink.h"
instead of "netlink.h".
(test_selnl_msg_unspec, test_selnl_msg_setenforce,
test_selnl_msg_policyload): New functions.
(main): Use them.
* sg_io_v3.c: Include "print_fields.h".
(PRINT_FIELD_SG_IO_BUFFER): New macro.
(decode_request, decode_response): Use it, PRINT_FIELD_D, PRINT_FIELD_U,
PRINT_FIELD_X, PRINT_FIELD_PTR, PRINT_FIELD_FLAGS, and PRINT_FIELD_XVAL.
Move is_negated_errno() to new header negated_errno.h
Move is_negated_errno() to a separate new header file negated_errno.h
and include it just for architectures which require it.
is_negated_errno() is not used on those architectures
that have a dedicated register to signal a syscall error.
The issue was raised when compiling with clang, which is more
strict regarding semantics of unused static inline functions
defined in C files and will issue a -Wunused-function warrning
if they are not used anywhere.
* sg_io_v4.c: Include "print_fields.h".
(PRINT_FIELD_SG_IO_BUFFER): New macro.
(decode_request, decode_response): Use it, PRINT_FIELD_D, PRINT_FIELD_U,
PRINT_FIELD_X, PRINT_FIELD_FLAGS, and PRINT_FIELD_XVAL.
mips64: fix PRI__64 macro definition when compiled for Android
By default for MIPS64 in Android __u64 type is exported
as unsigned long long. This caused compilation -Wformat warnings
and would break the build if -Werror is used.
* defs.h [SIZEOF_LONG != 4 && MIPS && __ANDROID__] (PRI__64): Change
from "l" to "ll".
netlink_sock_diag: enhance decoding of long meminfo arrays
Print trailing dots instead of silent truncation if the array
is too long.
* netlink_sock_diag.c (decode_meminfo): Do not apply SK_MEMINFO_VARS
limit to nmemb, specify element count to print_array instead.
(print_meminfo): Check element count and terminate printing
if the element count exceeds SK_MEMINFO_VARS.
* tests/nlattr_inet_diag_msg.c (main): Check it.