When truss is detaching from very active process it is possible to
hang on waitpid(2) in restore_proc() forever, because
ptrace(PT_SYSCALL) must be called before detaching, to allow the
debugging process to continue execution. Also when truss called with
'-c' argument, it does not print anything after detach, because it
immediately exits from restore_proc().
To fix these two problems make detaching deferred, but then it is
impossible to detach from a process which does not do any system call.
To fix this issue use sigaction(2) instead of signal(3) to disable
SA_RESTART flag for waitpid(2) that makes it non-restartable. Remove
global variable child_pid, because now detaching is handled in context
where child's pid is known.
Reported by: mjg
Tested by: mjg, swills
Approved by: kib (mentor)
MFC after: 2 weeks
This matches the constants from <signal.h> with 'SIG' removed, which POSIX
requires kill and trap to accept and 'kill -l' to write.
'kill -l', 'trap', 'trap -l' output is now upper case.
In Turkish locales, signal names with an upper case 'I' are now accepted,
while signal names with a lower case 'i' are no longer accepted, and the
output of 'killall -l' now contains proper capital 'I' without dot instead
of a dotted capital 'I'.
with the -o option. Setting the flag for stderr (the default) could
cause the traced process to redirect stderr to a random file.
PR: bin/152151
Submitted by: ashish
MFC after: 5 days
been extensively tested. And the ELF64 stuff likely is not quite
right...
# There's a lot of cut-n-paste code here that could easily be
# refactored, at least for FreeBSD syscalls.
- Fix logic handling execve(). We will not be able to
obtain information otherwise.
- truss coredump [1].
- truss does not work against itself [2].
PR: bin/58970 [1], bin/45193 [2]
Submitted by: Howard Su
Approved by: re (kensmith)
rename, __getcwd, shutdown, getrlimit, setrlimit, _umtx_lock, _umtx_unlock,
pathconf, truncate, ftruncate, kill
- Decode more arguments of open, mprot, *stat, and fcntl.
- Convert all constant-macro and bitfield decoding to lookup tables; much
cleaner than previous code.
- Print the timestamp of process exit and signal reception when -d or -D are in
use
- Try six times with 1/2 second delay to debug the child
PR: bin/52190 (updated)
Submitted by: Dan Nelson <dnelson@allantgroup.com>
Approved by: alfred
type which is a String type that has no -s limitations applied to it.
Change most Strings in the code to Names and add a few extra syscalls,
namely munmap, read, rename and symlink. This was enough to facilitate
following file descriptor allocations in the code more easily and
getting a hint at what's being read/written from/to files. More
syscalls should really be added.
While here, fix an off-by-one bug in the buffer truncation code and
add a fflush so that truss's output reflects the syscall that the
program is stuck in.
Sponsored by: Sophos/Activestate
MFC after: 2 weeks
In my last change I made sure that the signal as reported from a truss
exit is the same as if truss wasn't between parent and trussed
program. I was smart enough to not have it coredump on SIGQUIT but it
didn't ocur to me SIGSEGV might cause a coredump, too :-)
So get rid of SIGQUIT extra hack and limit coredumpsize to zero
instead.
Tested: still works, correct signal reported. No more codedumps from
SIGSEGV in the trussed proces. This file compiles cleanly on AMD64
(sledge).
PR:
Submitted by:
Reviewed by:
Approved by:
Obtained from:
MFC after:
o Syscall return values do not fit in int on 64-bit architectures.
Change the type of retval in <arch>_syscall_exit() to long and
change the prototype of said function to return a long as well.
o Change the prototype of print_syscall_ret() to take a long for
the return address and change the format string accordingly.
o Replace the code sequence
tmp = malloc(X);
sprintf(tmp, format, ...);
with X by definition too small on 64-bit platforms by
asprintf(&tmp, format, ...);
With these changes the output makes sense again, although it does
mess up the tabulation on ia64. Go widescreen...
Not tested on: alpha, sparc64.
depend on namespace pollution in <signal.h>. (truss shouldn't be
using timevals anyway, since it was implemented long after timevals
were obsoleted by timespecs.)
stdout. Unfortunately, DES mfc'ed this change in 1.15.2.1 (this
part probably should not have been) so it is broken there too.
truss is documented to use stderr, and other implementations use stderr.
Submitted by: Arne Dag Fidjestøl <adf@idi.ntnu.no>
