[PATCH] Decode paths associated with file descriptors returned by syscalls

Mon Jun 2 14:05:55 UTC 2014

Hey Dmitry,

>> $ strace -yeclose cat /dev/null
>> close(3</etc/ld.so.cache>)              = 0</dev/pts/1>
>> close(3</lib64/libc-2.19.so>)           = 0</dev/pts/1>
>> close(3</dev/null>)                     = 0</dev/pts/1>
>> close(1</dev/pts/1>)                    = 0</dev/pts/1>
>> close(2</dev/pts/1>)                    = 0</dev/pts/1>
>> +++ exited with 0 +++

I had tested it out by running it on a few binaries. I hadn't noticed
that erroneous decoding in the output, but it was present.

> btw, wouldn't it be better to introduce a new return value code, e.g.
> RVAL_FD, and update these several handlers to return RVAL_FD instead
> of RVAL_DECIMAL, so that no sys_func checks would be necessary?
>
> sys_dup and sys_delete_module would have to be split out anyway.

Got it. Please find below a git diff of the code changes to have
return fd decoding for sys_open. I'll send over a patch as soon as I'm
done with the other syscalls.

Do the changes to RVAL macros look good?

diff --git a/defs.h b/defs.h
index c862de5..7f23f45 100644
--- a/defs.h
+++ b/defs.h
@@ -533,10 +533,11 @@ extern const struct xlat whence_codes[];
 # endif
 # define RVAL_LUDECIMAL 007 /* long unsigned decimal format */
 #endif
-#define RVAL_MASK 007 /* mask for these values */
+#define RVAL_FD 010
+#define RVAL_MASK 017 /* mask for these values */

-#define RVAL_STR 010 /* Print `auxstr' field after return val */
-#define RVAL_NONE 020 /* Print nothing */
+#define RVAL_STR 020 /* Print `auxstr' field after return val */
+#define RVAL_NONE 040 /* Print nothing */

 #define TRACE_FILE 001 /* Trace file-related syscalls. */
 #define TRACE_IPC 002 /* Trace IPC-related syscalls. */
diff --git a/desc.c b/desc.c
index 0c9a817..28197e3 100644
--- a/desc.c
+++ b/desc.c
@@ -265,6 +265,15 @@ sys_close(struct tcb *tcp)
  return 0;
 }

+int
+sys_dup(struct tcb *tcp)
+{
+ if (entering(tcp)) {
+ printfd(tcp, tcp->u_arg[0]);
+ }
+ return RVAL_FD;
+}
+
 static int
 do_dup2(struct tcb *tcp, int flags_arg)
 {
diff --git a/linux/dummy.h b/linux/dummy.h
index 4f3e920..7a4a746 100644
--- a/linux/dummy.h
+++ b/linux/dummy.h
@@ -58,7 +58,6 @@
 #define sys_chroot sys_chdir
 #define sys_clock_getres sys_clock_gettime
 #define sys_delete_module sys_open
-#define sys_dup sys_close
 #define sys_fchdir sys_close
 #define sys_fdatasync sys_close
 #define sys_fsync sys_close
diff --git a/linux/syscall.h b/linux/syscall.h
index 1943297..6c40039 100644
--- a/linux/syscall.h
+++ b/linux/syscall.h
@@ -52,6 +52,7 @@ int sys_close();
 int sys_connect();
 int sys_creat();
 int sys_create_module();
+int sys_dup();
 int sys_dup2();
 int sys_dup3();
 int sys_epoll_create();
diff --git a/syscall.c b/syscall.c
index c95eb6c..b0ad47e 100644
--- a/syscall.c
+++ b/syscall.c
@@ -2688,6 +2688,14 @@ trace_syscall_exiting(struct tcb *tcp)
  case RVAL_DECIMAL:
  tprintf("= %ld", tcp->u_rval);
  break;
+ case RVAL_FD:
+ if (show_fd_path) {
+ tprints("= ");
+ printfd(tcp, tcp->u_rval);
+ }
+ else
+ tprintf("= %ld", tcp->u_rval);
+ break;
 #if defined(LINUX_MIPSN32) || defined(X32)
  /*
  case RVAL_LHEX:

Some sample output here :-
$ ~/strace-code/strace -y -edup,close,dup2 ./test3
close(3</etc/ld.so.cache>)              = 0
close(3</lib/x86_64-linux-gnu/libc-2.15.so>) = 0
dup(3</home/zm/tests/test3.c>)          = 4</home/zm/tests/test3.c>
dup2(3</home/zm/tests/test3.c>, 0</dev/pts/1>) = 0
+++ exited with 255 +++



-- zm


