Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 4 Dec 2011 20:53:52 +0200
From:      Kostik Belousov <kostikbel@gmail.com>
To:        Dan Nelson <dnelson@allantgroup.com>
Cc:        freebsd-stable@freebsd.org, Eivind Evensen <eivinde@terraplane.org>
Subject:   Re: Something missing in truss
Message-ID:  <20111204185352.GH50300@deviant.kiev.zoral.com.ua>
In-Reply-To: <20111203195458.GF7771@dan.emsphone.com>
References:  <20111202094502.GA20626@klump.hjerdalen.lokalnett> <20111203195458.GF7771@dan.emsphone.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

--2Fd+pYVjDujftXaL
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Dec 03, 2011 at 01:54:58PM -0600, Dan Nelson wrote:
> In the last episode (Dec 02), Eivind Evensen said:
> > Does anybody else see this or know why?
> >=20
> > The machine here is running :
> >=20
> > > uname -a
> > FreeBSD elg.hjerdalen.lokalnett 8.2-STABLE FreeBSD 8.2-STABLE #36: Wed =
Nov 30 22:03:07 CET 2011     rumrunner@elg.hjerdalen.lokalnett:/usr/obj/usr=
/src/sys/RUM  amd64
> >=20
> > While trying to weed out some firefox problems, I've noticed
> > that truss doesn't recognise certain syscalls :
> >=20
> > getpid()					 =3D 1519 (0x5ef)
> > clock_gettime(4,{48496.335142903 })		 =3D 0 (0x0)
> > kevent(20,{0x23,EVFILT_READ,EV_ADD,0,0x0,0x809ec9d80},1,{0x15,EVFILT_RE=
AD,0x0,0,0x1,0x809ec9e80},64,0x0) =3D 1 (0x1)
> > clock_gettime(4,{48496.335293202 })		 =3D 0 (0x0)
> > read(21,"\0",1)					 =3D 1 (0x1)
> > clock_gettime(4,{48496.335382599 })		 =3D 0 (0x0)
> > umask(0x80a52ee20,0x8,0x0,0x80a52ee00,0x7fffff1f9eb0,0x80a52ee00) =3D 1=
16 (0x74)
> > -- UNKNOWN SYSCALL -14704864 --
> > syscall(0x7fffff1f9ec0,0x0,0x18745,0x7fffff1f9eb0,0x1,0x7fffff1f9e90) =
=3D 454 (0x1c6)
> > umask(0x80a52ee20,0x8,0x0,0x80a52ee00,0x7fffff1f9eb0,0x80a52ee00) =3D 1=
16 (0x74)
> > -- UNKNOWN SYSCALL -14704864 --
> > syscall(0x7fffff1f9ec0,0x0,0x18745,0x7fffff1f9eb0,0x1,0x7fffff1f9e90) =
=3D 454 (0x1c6)
> > umask(0x80a52ee20,0x8,0x0,0x80a52ee00,0x7fffff1f9eb0,0x80a52ee00) =3D 1=
16 (0x74)
> > -- UNKNOWN SYSCALL -14704864 --
> > syscall(0x7fffff1f9ec0,0x0,0x18745,0x7fffff1f9eb0,0x1,0x7fffff1f9e90) =
=3D 454 (0x1c6)
> > umask(0x80a52ee20,0x8,0x0,0x80a52ee00,0x7fffff1f9eb0,0x80a52ee00) =3D 1=
16 (0x74)
> > -- UNKNOWN SYSCALL -14704864 --
> > syscall(0x7fffff1f9ec0,0x0,0x18745,0x7fffff1f9eb0,0x1,0x7fffff1f9e90) =
=3D 454 (0x1c6)
> > umask(0x80a52ee20,0x8,0x0,0x80a52ee00,0x7fffff1f9eb0,0x80a52ee00) =3D 1=
16 (0x74)
> > -- UNKNOWN SYSCALL -14704864 --
> > syscall(0x7fffff1f9ec0,0x0,0x18745,0x7fffff1f9eb0,0x1,0x7fffff1f9e90) =
=3D 454 (0x1c6)
>=20
> Two problems: truss get confused when you attach to a process that's
> currently executing a syscall, and it gets even more confused when you ha=
ve
> a threaded process waiting in many syscalls at once.
>=20
> The following patch fixes problem #1, but problem #2 involves keeping more
> per-thread state and ends up touching a lot of the truss code.  See
> http://www.evoy.net/FreeBSD/truss.diff for one solution (and more syscall
> decodes).
>=20
> Index: setup.c
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> --- setup.c	(revision 228242)
> +++ setup.c	(working copy)
> @@ -202,8 +202,10 @@
>  		find_thread(info, lwpinfo.pl_lwpid);
>  		switch(WSTOPSIG(waitval)) {
>  		case SIGTRAP:
> -			info->pr_why =3D info->curthread->in_syscall?S_SCX:S_SCE;
> -			info->curthread->in_syscall =3D 1 - info->curthread->in_syscall;
> +			if ((lwpinfo.pl_flags&(PL_FLAG_SCE|PL_FLAG_SCX)) =3D=3D 0)
> +				err(1,"pl_flags=3D%x contains neither PL_FLAG_SCE or PL_FLAG_SCX", l=
wpinfo.pl_flags);
> +			info->pr_why =3D (lwpinfo.pl_flags&PL_FLAG_SCE) ? S_SCE:S_SCX;
> +			info->curthread->in_syscall =3D (info->pr_why =3D=3D S_SCE) ? 1:0;
>  			break;
>  		default:
>  			info->pr_why =3D S_SIG;
>=20
I started the similar but bigger patch to handle syscalls entry, leave using
explicit kernel hints. The patch is bigger because it also aims to also
handle execve(2) kind of syscalls to properly change ABI decoder, and
forks to attach to the childs in race-free manner. Unfortunately, it is
stalled.

I just committed the similar change from the patch, adding your assertion
for the case when no PL_FLAG_SCE/SCX were provided. I think that assertion
is in fact not quite right, and code should fall to the default case in
the switch. The reason is that SIGTRAP may be sent as a normal signal.
But this change is more controversial, and the patch should be an improveme=
nt
over the current situation.

Also, I should note that the patch cannot be merged even to stable/9,
because MIPS and ARM still does not properly support PL_FLAGS_XXX.
I hope to handle the merges after 9.0 is released.

--2Fd+pYVjDujftXaL
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)

iEYEARECAAYFAk7bwcAACgkQC3+MBN1Mb4izNwCeP6sw7S9vpO2isPnBDTqKEPmP
iuEAoNglHtPEE/ycUaMOAuG0lHAUreXK
=h+d5
-----END PGP SIGNATURE-----

--2Fd+pYVjDujftXaL--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20111204185352.GH50300>