[PATCH v3] Implement -e trace=/regex option

JingPiao Chen chenjingpiao at gmail.com
Wed Apr 12 13:31:51 UTC 2017


* qualify.c (qualify_syscall_regex): New function.
(qualify_syscall_name): Use qualify_syscall_regex function.
* strace.1: Document it.
* NEWS: Mention this.
* tests/regex.test: Check this.
* tests/Makefile.am (DECODER_TESTS): Add regex.test.
* tests/options-syntax.test:
Add check for invaild regexp and the regexp never match a syscall.
---
 NEWS                      |  1 +
 qualify.c                 | 45 ++++++++++++++++++++++++++++
 strace.1                  |  9 ++++++
 tests/Makefile.am         |  1 +
 tests/options-syntax.test | 22 ++++++++++++++
 tests/regex.test          | 74 +++++++++++++++++++++++++++++++++++++++++++++++
 6 files changed, 152 insertions(+)
 create mode 100755 tests/regex.test

diff --git a/NEWS b/NEWS
index 80e2031..dfbc542 100644
--- a/NEWS
+++ b/NEWS
@@ -12,6 +12,7 @@ Noteworthy changes in release ?.?? (????-??-??)
   * Added -e trace=%clock option for tracing clock_* syscalls.
   * Added -e trace=%statfs option for tracing statfs, statfs64 and statvfs
     syscalls.
+  * Added -e trace=/regex option for tracing match regular expression syscalls.
   * Implemented decoding of signal mask in rt_sigreturn syscall on alpha, arc,
     arm, avr32, bfin, cris, hppa, m68k, metag, microblaze, mips, nios2, or1k,
     powerpc, powerpc64, riscv, sh, sh64, sparc, sparc64, tile, x86, and xtensa
diff --git a/qualify.c b/qualify.c
index 157d313..eb67fcf 100644
--- a/qualify.c
+++ b/qualify.c
@@ -27,6 +27,7 @@
 
 #include "defs.h"
 #include "nsig.h"
+#include <regex.h>
 
 typedef unsigned int number_slot_t;
 #define BITS_PER_SLOT (sizeof(number_slot_t) * 8)
@@ -198,6 +199,48 @@ qualify_syscall_number(const char *s, struct number_set *set)
 	return done;
 }
 
+static bool
+qualify_syscall_regex(const char *s, struct number_set *set)
+{
+	regex_t preg;
+	int rc;
+
+	if ((rc = regcomp(&preg, s, REG_EXTENDED | REG_NOSUB)) != 0) {
+		size_t len = regerror(rc, &preg, NULL, 0);
+		char buf[len];
+
+		regerror(rc, &preg, buf, len);
+		error_msg_and_die("regcomp: '%s' (%s)", s, buf);
+	}
+
+	unsigned int p;
+	bool found = false;
+	for (p = 0; p < SUPPORTED_PERSONALITIES; ++p) {
+		unsigned int i;
+
+		for (i = 0; i < nsyscall_vec[p]; ++i) {
+			if (!sysent_vec[p][i].sys_name)
+				continue;
+			rc = regexec(&preg, sysent_vec[p][i].sys_name,
+				     0, NULL, 0);
+			if (rc == REG_NOMATCH)
+				continue;
+			else if (rc) {
+				size_t len = regerror(rc, &preg, NULL, 0);
+				char buf[len];
+
+				regerror(rc, &preg, buf, len);
+				error_msg_and_die("regexec: '%s' (%s)", s, buf);
+			}
+			add_number_to_set(i, &set[p]);
+			found = true;
+		}
+	}
+
+	regfree(&preg);
+	return found;
+}
+
 static unsigned int
 lookup_class(const char *s)
 {
@@ -284,6 +327,8 @@ qualify_syscall(const char *token, struct number_set *set)
 {
 	if (*token >= '0' && *token <= '9')
 		return qualify_syscall_number(token, set);
+	if (*token == '/')
+		return qualify_syscall_regex(token + 1, set);
 	return qualify_syscall_class(token, set)
 	       || qualify_syscall_name(token, set);
 }
diff --git a/strace.1 b/strace.1
index 84ff4ee..33c8233 100644
--- a/strace.1
+++ b/strace.1
@@ -383,6 +383,15 @@ about the user/kernel boundary if only a subset of system calls
 are being monitored.  The default is
 .BR trace = all .
 .PP
+.TP
+.BR "\-e\ trace" = /regex
+Trace only the system calls match the
+.BR regex .
+You can use
+.B POSIX
+Extended Regular Expression syntax (see
+.BR regex (7)).
+.PP
 .BR "\-e\ trace" = %file
 .TP
 .BR "\-e\ trace" = file " (deprecated)"
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 96dcb6e..77ac13a 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -534,6 +534,7 @@ DECODER_TESTS = \
 	qual_fault-exit_group.test \
 	read-write.test \
 	readv.test \
+	regex.test \
 	sched.test \
 	scm_rights-fd.test \
 	seccomp-strict.test \
diff --git a/tests/options-syntax.test b/tests/options-syntax.test
index 8aa7cf0..2dd56aa 100755
--- a/tests/options-syntax.test
+++ b/tests/options-syntax.test
@@ -72,6 +72,7 @@ check_e "invalid system call '-2'" -e -2
 check_e "invalid system call '-3'" -etrace=-3
 check_e "invalid system call '-4'" -e trace=-4
 check_e "invalid system call '-5'" -e trace=1,-5
+check_e "invalid system call '/non_syscall'" -e trace=/non_syscall
 check_e "invalid system call '2147483647'" -e 2147483647
 check_e "invalid system call '2147483648'" -e 2147483648
 check_e "invalid system call '4294967295'" -e 4294967295
@@ -144,3 +145,24 @@ done
 [ -z "$args" ] ||
 	dump_log_and_fail_with \
 		"strace $args failed to print expected diagnostics"
+
+# Check regular expression
+# ignore the error message print by library function
+check_regex_e()
+{
+	local pattern="$1"; shift
+	cat > "$EXP" << __EOF__
+$strace_exp: $pattern
+__EOF__
+	$STRACE "$@" 2> "$LOG" &&
+		dump_log_and_fail_with \
+			"strace $* failed to handle the error properly"
+	match_grep "$LOG" "$EXP" ||
+		dump_log_and_fail_with \
+			"strace $* failed to print expected diagnostics"
+}
+
+check_regex_e "regcomp: '\?id' \(.*\)$" -e trace='/?id'
+check_regex_e "regcomp: '\+id' \(.*\)$" -e trace='/+id'
+check_regex_e "regcomp: '\*id' \(.*\)$" -e trace='/*id'
+check_regex_e "regcomp: '\(id' \(.*\)$" -e trace='/(id'
diff --git a/tests/regex.test b/tests/regex.test
new file mode 100755
index 0000000..0f1c8a2
--- /dev/null
+++ b/tests/regex.test
@@ -0,0 +1,74 @@
+#!/bin/sh
+#
+# Check -e trace=/regex option.
+#
+# Copyright (c) 2017 The strace developers.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+# 3. The name of the author may not be used to endorse or promote products
+#    derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+. "${srcdir=.}/init.sh"
+
+while read w s; do {
+	try_run_prog "../$s" || continue
+	run_strace -a$w -e/^clock ../$s > "$EXP"
+	match_diff "$LOG" "$EXP"
+} < /dev/null; done << EOF
+37 clock_adjtime
+40 clock_nanosleep
+36 clock_xettime
+EOF
+
+# Surprised that fcntl*, futimesat, utime, utimensat, and utimes tests
+# linked with musl use clock_gettime?  Me too!
+grep -E -v '^(#|clock_|times$|fcntl|futimesat$|utime)' \
+	< "$srcdir/pure_executables.list" > negative.list
+
+while read s; do {
+	try_run_prog "../$s" || continue
+	run_strace -qq -esignal=none -e/^clock ../$s > /dev/null
+	match_diff "$LOG" /dev/null
+} < /dev/null; done < negative.list
+
+while read w s; do {
+	try_run_prog "../$s" || continue
+	run_strace -a$w -e/^sched_ ../$s > "$EXP"
+	match_diff "$LOG" "$EXP"
+} < /dev/null; done << EOF
+28 sched_xetaffinity
+23 sched_xetparam
+31 sched_rr_get_interval
+33 sched_get_priority_mxx
+29 sched_xetattr
+22 sched_xetscheduler
+14 sched_yield
+EOF
+
+grep -E -v '^(#|sched_|times$)' \
+	< "$srcdir/pure_executables.list" > negative.list
+
+while read s; do {
+	try_run_prog "../$s" || continue
+	run_strace -qq -esignal=none -e/^sched_ ../$s > /dev/null
+	match_diff "$LOG" /dev/null
+} < /dev/null; done < negative.list
-- 
2.7.4





More information about the Strace-devel mailing list