Page MenuHomeFreeBSD
Differential D49430

ptrace(2): expand ability to fetch syscall parameters
ClosedPublic
Actions

Authored by kib on Mar 21 2025, 1:35 AM.
Tags
None
Referenced Files
F132988575: D49430.id152552.diff
Tue, Oct 21, 8:52 PM
Unknown Object (File)
Sat, Oct 18, 4:02 AM
Unknown Object (File)
Fri, Oct 17, 7:45 AM
Unknown Object (File)
Thu, Oct 16, 5:57 PM
Unknown Object (File)
Thu, Oct 16, 5:23 PM
Unknown Object (File)
Tue, Oct 14, 2:49 PM
Unknown Object (File)
Fri, Oct 10, 12:37 AM
Unknown Object (File)
Thu, Oct 9, 8:17 PM
View All 51 Files
Subscribers
emaste
imp
olce

Details

Reviewers
markj
jhb
Commits
rG526becbf6e42: ptrace_test: add test for expanded reporting of syscall args
rGfd5bc306ff3d: ptrace(2): expand ability to fetch syscall parameters
Summary
Do not limit lwpinfo reporting of syscall number and args to SCE/SCX
events. When td_sa holds the values, we can report them. Clear
td_sa.code in TDA_SIG ast handler: this handler is run when the process
is traced, and it is run with the last ptracestop() points before the
return to userspace.

This allows debugger to infer the interrupted syscall immediately after
PT_ATTACH without the need to loose control to the debuggee' thread. It
should work even when the debuggee is stopped in AST.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kib created this revision.Mar 21 2025, 1:35 AM
Herald added subscribers: olce, imp. · View Herald TranscriptMar 21 2025, 1:35 AM
kib requested review of this revision.EditedMar 21 2025, 1:35 AM

Program utilizing this behavior: https://github.com/kostikbel/pollinfo

markj added inline comments.Mar 23 2025, 9:50 AM
sys/kern/kern_sig.c
347

I think this line needs a comment explaining the interaction with ptrace.

kib updated this revision to Diff 152552.Mar 23 2025, 10:48 AM
kib marked an inline comment as done.

Add part of the commit message into the comment.

markj added a comment.Mar 23 2025, 10:16 PM

IMO it would be nice to add a test case to tests/sys/kern/ptrace_test.c for this.

sys/kern/kern_sig.c
350

A bit clearer (esp. for someone not so familiar with how ptrace works) might be something like:

Clear td_sa.code: signal to ptrace that syscall arguments are unavailable after this point. This AST handler is the last chance for ptracestop() to signal the tracer before the tracee returns to userspace.
sys/kern/sys_process.c
1519

We don't want to clear pl_syscall_narg if td_sa.code == 0?

kib marked 2 inline comments as done.Mar 24 2025, 1:26 AM
kib added inline comments.
sys/kern/sys_process.c
1519

I think it does not matter, but ok.

kib updated this revision to Diff 152582.Mar 24 2025, 1:27 AM
kib marked an inline comment as done.

Reword the comment.
Do not assign nargs if sa_code is zero.

kib updated this revision to Diff 152602.Mar 24 2025, 3:32 AM

Add test

Herald added a subscriber: emaste. · View Herald TranscriptMar 24 2025, 3:32 AM
kib mentioned this in D49163: procstat kqueues: query and display events registered in the process kqueues.Mar 28 2025, 7:33 PM
kib added a comment.Mar 30 2025, 3:23 PM

ping?

markj accepted this revision.Mar 31 2025, 12:24 AM
markj added inline comments.
tests/sys/kern/ptrace_test.c
4163 ↗(On Diff #152602)

Extra newline.

This revision is now accepted and ready to land.Mar 31 2025, 12:24 AM
kib marked an inline comment as done.Mar 31 2025, 2:45 AM
Closed by commit rGfd5bc306ff3d: ptrace(2): expand ability to fetch syscall parameters (authored by kib). · Explain WhyMar 31 2025, 2:46 AM
This revision was automatically updated to reflect the committed changes.
kib added a commit: rGfd5bc306ff3d: ptrace(2): expand ability to fetch syscall parameters.
kib added a commit: rG526becbf6e42: ptrace_test: add test for expanded reporting of syscall args.

Revision Contents
Changeset List

PathSize
sys/
kern/
8 lines
8 lines

Diff 152882

View Options

sys/kern/kern_sig.c

Loading...
View Options

sys/kern/sys_process.c

Loading...