warnings from backtrace

Gary E. Miller gem at rellim.com
Fri Jun 2 21:23:43 UTC 2017

Yo Hal!

On Fri, 02 Jun 2017 14:08:30 -0700
Hal Murray <hmurray at megapathdsl.net> wrote:

> [context is signal from signal handler]
> >> How much does the handler need?  
> >What do you mean 'need'?  
> What syscalls does the handler use?  (and hence need to get its job
> done)

Dunno, a bunch.  One problematic one is writev, which is enabled but
still seems to double trap.

> Backing up a bit.  Here is what a SIGLARM looks like:
> 2301  13:00:55 --- SIGALRM {si_signo=SIGALRM, si_code=SI_KERNEL} ---
> 2301  13:00:55 rt_sigreturn({mask=[HUP INT QUIT USR1 USR2 ALRM
> TERM]}) = -1 EINTR (Interrupted system call)
> So it doesn't do any syscalls.  (at least not in this case.)

OK, I did not think it would do syscalls.

> The problem is that pthread_create is blocking signals and the chunk
> of syscalls that I had commented out includes something that
> pthread_create uses (while blocking SIGSYS).


> If pthread_create uses something we don't allow, it will crash
> without any message.  That can happen on a familiar system if they
> change the implementation to use a new syscall, or on a new system
> with a different thread implementation where we haven't collected the
> syscalls used by thread/DNS yet.

Yup, seccomp can be a PITA.

> It will be easy to debug with strace or gdb, but mysterious until we
> guess what is going on.

I'm about to push a patch to git.  Seems like there are times in startup
when if you call mysyslog() you get no output, by 'design'.  That is:
termlogit and syslogit are both false!

> I have a strace log from a simple trap at recvfrom that worked as
> expected.
> The msyslog stuff only calls write.  I don't even see a call to get
> the time. ???

Correct.  That is a libc optimization.  time() is not a syscall, it
is memmapped directly into user space.

> I assume the futex call (sem_xxx) is part of the backtrace.

I think it is part of the mysyslog() output stuff, not sure.

> Here is the log info:
> Do we have a recipe for turning those hex offsets into something
> useful?

Nope, those are static functions, so they are not in the symbol table.

Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at rellim.com  Tel:+1 541 382 8588

	    Veritas liberabit vos. -- Quid est veritas?
    "If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20170602/bcd36388/attachment.bin>

More information about the devel mailing list