Paul Chaignon's GSoC status report - #1 of 12

Paul Chaignon paul.chaignon at
Mon Jun 3 20:30:59 UTC 2019

Hi all,

I haven't made as much progress as I'd hoped last week, mostly because I
had to go back to reading the ptrace documentation.

I included my work on the z/Z options (now status qualifier) below.  I
think it makes sense in that it helps me understand parts of strace I'll
have to work on for the gdbserver backend (and to a lesser extent for

- Finished rebase of Chen Jingpiao's work.
- Tested the patchset under Linux 4.4 and 5.1 (behavior differs regarding
  the order of seccomp-stop and syscall-enter-stop, cf. ptrace
  documentation).  I both checked the debug logs (with additional log
  messages) and ran quick evaluations (strace -n -enone) counting the
  number of syscalls performed.  This mostly helped me understand the
  sequences of PTRACE_SYSCALL & PTRACE_CONT [1] and find the below minor
- Fixed a couple of minor bugs (e.g., PTRACE_O_TRACESECCOMP set regardless
  of seccomp support, missing SECCOMP events in debug logs)
- Refactored a little (remove unnecessary functions, use appropriate
  macros, etc.)
- Implemented and tested a -e status=set syntax for the status qualifier.
  Current implementation adds a is_complete_set function to number_sets
  (using popcount), which I needed to detect if at least one status is not
  traced (!is_complete_set).  If all statuses are traced, there's no need
  to setup open_memstream.
- Addressed most comments from the reviews (simplified tests, removed most
  HAVE_OPEN_MEMSTREAM guards, etc.).

- Understand and extend the tests for seccomp.  Run under kernels <3.5 (no
  seccomp), >3.5 (seccomp-stop before syscall-entry), and >4.7
  (seccomp-stop after syscall-entry).
- Fix current seccomp behavior to fallback to usual tracing in case of
- Test cases for unavailable, exited, and detached status qualifiers.
- Unfinished status qualifier?  I'm currently failing to see the
  difference between unfinished and exited status; I sent a mail to the
  mailing list on this point.

I'm hoping to send a new version of the patchset for the status qualifier
this week, and maybe an RFC patchset for seccomp next weekend (depends
mostly on time spent on tests).

Thanks for reading,

1 - In the end, seccomp allows us to reduce the number of STOPs by
    restarting in PTRACE_CONT and relying on seccomp to stop at syscalls
    of interest.

More information about the Strace-devel mailing list