[PATCH] correctly handle "kill -TRAP $straced_programs_pid" and int3
Denys Vlasenko
dvlasenk at redhat.com
Tue Dec 16 20:25:46 UTC 2008
2008-12-16 Denys Vlasenko <dvlasenk at redhat.com>
* defs.h: Add new field "sigtrap80" to struct tcb.
* strace.c (alloc_tcb): Initialize it.
(detach, trace): Use it in place of constant SIGTRAP.
(trace): Set PTRACE_O_TRACESYSGOOD and PTRACE_O_TRACEEXEC
options on newly traced threads; detect these
options if they are inherited across clone(); detect
and handle execve's ptrace stop; add paranoia checks
if real SIGTRAP is seen.
Run tested on vanilla and utrace-based kernels.
Tested with "kill -TRAP $pid":
strace sleep N
strace sh -c "trap 'echo Oi' TRAP; sleep 1; sleep 1; sleep 1; sleep 1"
strace -f -oLOG firefox
None of the above works correctly with unpatched strace,
with patch SIGTRAP is visible in strace and acts
as any other signal.
Testing how we strace trapping instruction:
# cat z.S
_start: .globl _start
int3
movl $42,%ebx
movl $1,%eax
int $0x80
# gcc -nostartfiles -nostdlib -oz z.S
# ./strace ./z
execve("./z", ["./z"], [/* 55 vars */]) = 0
--- SIGTRAP (Trace/breakpoint trap) @ 0 (0) ---
+++ killed by SIGTRAP +++
Unpatched strace:
# strace ./z
execve("./z", ["./z"], [/* 55 vars */]) = 0
write(0, NULL, 0 <unfinished ... exit status 42>
--
vda
More information about the Strace-devel
mailing list