From defee526a9b3e69d50468c5299dd66cd6fd36f0f Mon Sep 17 00:00:00 2001 From: Mattias Andrée Date: Sat, 30 May 2020 22:32:44 +0200 Subject: Continue vfork parent after child execs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Mattias Andrée --- common.h | 3 ++- sctrace.c | 25 ++++++++++++++++++++++--- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/common.h b/common.h index 376e0f9..c4de909 100644 --- a/common.h +++ b/common.h @@ -70,7 +70,8 @@ enum state { ForkChild, VforkChild, ForkParent, - VforkParent + VforkParent, + Exec }; struct process { diff --git a/sctrace.c b/sctrace.c index 43afce7..34bd3ac 100644 --- a/sctrace.c +++ b/sctrace.c @@ -68,6 +68,14 @@ handle_syscall(struct process *proc) proc->state = Normal; break; + case Exec: + if (ptrace(PTRACE_SYSCALL, proc->pid, NULL, 0)) + eprintf("ptrace PTRACE_SYSCALL %ju NULL 0", (uintmax_t)proc->pid); + if (ptrace(PTRACE_SYSCALL, proc->pid, NULL, 0)) + eprintf("ptrace PTRACE_SYSCALL %ju NULL 0", (uintmax_t)proc->pid); + proc->state = Normal; + break; + case VforkParent: if (ptrace(PTRACE_SYSCALL, proc->pid, NULL, 0)) eprintf("ptrace PTRACE_SYSCALL %ju NULL 0", (uintmax_t)proc->pid); @@ -92,11 +100,10 @@ main(int argc, char **argv) FILE *outfp = stderr; const char *num = NULL; int status, exit_value = 0, trace_event, with_argv0 = 0; - unsigned long int trace_options = PTRACE_O_EXITKILL | PTRACE_O_TRACESYSGOOD; + unsigned long int trace_options = PTRACE_O_EXITKILL | PTRACE_O_TRACESYSGOOD | PTRACE_O_TRACEEXEC; struct process *proc, *proc2; unsigned long int event; - /* TODO add support for exec after vfork */ /* TODO add option to trace threads (-t) */ /* TODO add option to trace signals (-s) */ ARGBEGIN { @@ -198,7 +205,7 @@ have_outfp: proc2 = proc->continue_on_exit; remove_process(proc); if (proc2) { - tprintf(proc2, "Process continue do to exit of vfork child\n"); + tprintf(proc2, "Process continues due to exit of vfork child\n"); handle_syscall(proc2); } @@ -234,6 +241,18 @@ have_outfp: handle_syscall(proc2); break; + case PTRACE_EVENT_EXEC: + proc->state = Exec; + handle_syscall(proc); + proc2 = proc->continue_on_exit; + if (proc2) { + proc->continue_on_exit = NULL; + proc2->vfork_waiting_on = NULL; + tprintf(proc2, "Process continues due to exec(2) of vfork child\n"); + handle_syscall(proc2); + } + break; + default: goto print_signal; } -- cgit v1.2.3-70-g09d2