Working on -e trace
Dmitry V. Levin
ldv at altlinux.org
Thu Mar 3 00:17:59 UTC 2016
On Wed, Mar 02, 2016 at 10:45:53AM +0530, haris iqbal wrote:
[...]
> A little help is needed here. I could understand that for the -e
> option, one uses the combination of sysent_vec[][].sys_flags and the
> macros TRACE_FILE and others, which sets the proper flag in qual_vec.
> Now that qual_vec is used by qual_flg in the tcb struct (correct me if
> something is wrong).
>
> But what I could not find is where those flag is used to print only
> the syscalls that are needed (like only file related). I searched and
> followed the flow of execution and found trace_syscall_entering()
> through trace_syscall() in trace(). There is a function calles
> get_scno(), I guess its where this syscall filtering is happening but
> not sure. Can someone please point me in the right direction.
tcp->qual_flg is initialized from qual_flags[tcp->scno] in get_scno()
and later tested for QUAL_TRACE flag in trace_syscall_entering().
> NOTE:
>
> 1) I am looking at the -e option closely to come up with a POC for the
> idea "Fault injection for syscalls".
>
> 2) Waiting for a reply for the naming policy so that I can start
> working to add the sched_* and the *uid *gid ones to the -e option.
You can start with some naming policy, e.g. %sched, %uid, and %gid.
I suppose a patch might attract more comments than a general discussion
on the subject.
--
ldv
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.strace.io/pipermail/strace-devel/attachments/20160303/447956a2/attachment.bin>
More information about the Strace-devel
mailing list