1
請讓我知道什麼是_nocancel()系統調用(如__pwrite_nocancel()的方式,以及是否有創建方式一個LD_PRELOAD庫來攔截這些調用,下面是一些背景:什麼是_nocancel()系統調用在Linux和有使用LD_PRELOAD去攔截
我正在調查Oracle數據庫的功能,並且希望使用LD_PRELOAD添加一個小的填充圖層來捕獲用戶空間中的調用信息。我知道使用系統抽頭捕獲這些信息的其他方法,但使用LD_PRELOAD是來自客戶的一個硬性要求。 strace顯示此特定進程正在重複調用pwrite();同樣,pstack堆棧跟蹤顯示__pwrite_nocancel( )被稱爲t他最後一次進入堆棧。我試圖複製我自己__libc_pwrite()函數,並宣佈 extern ssize_t pwrite(int fd, const void *buf, size_t numBytes, off_t offset)__attribute__((weak, alias ("__libc_pwrite"))); 但是當我鏈接庫和運行納米-a | grep的PWRITE,我得到這個:
000000000006c190 T __libc_pwrite
000000000006c190 W pwrite
,納米-a/lib64的/ libpthread.so.0 | grep的PWRITE給出如下:
000000000000eaf0 t __libc_pwrite
000000000000eaf0 t __libc_pwrite64
000000000000eaf0 W pwrite
000000000000eaf0 t __pwrite
000000000000eaf0 W pwrite64
000000000000eaf0 W __pwrite64
0000000000000000 a pwrite64.c
000000000000eaf9 t __pwrite_nocancel
我已經注意到,_nocancel版本是提前__pwrite的只有9個字節,但看源代碼,我不能確定在何處正在創建:
/* Copyright (C) 1997, 1998, 2000, 2002, 2003, 2004, 2006
Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Ulrich Drepper <[email protected]>, 1997.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
#include <assert.h>
#include <errno.h>
#include <unistd.h>
#include <endian.h>
#include <sysdep-cancel.h>
#include <sys/syscall.h>
#include <bp-checks.h>
#include <kernel-features.h>
#ifdef __NR_pwrite64 /* Newer kernels renamed but it's the same. */
# ifdef __NR_pwrite
# error "__NR_pwrite and __NR_pwrite64 both defined???"
# endif
# define __NR_pwrite __NR_pwrite64
#endif
#if defined __NR_pwrite || __ASSUME_PWRITE_SYSCALL > 0
# if __ASSUME_PWRITE_SYSCALL == 0
static ssize_t __emulate_pwrite (int fd, const void *buf, size_t count,
off_t offset) internal_function;
# endif
ssize_t
__libc_pwrite (fd, buf, count, offset)
int fd;
const void *buf;
size_t count;
off_t offset;
{
ssize_t result;
if (SINGLE_THREAD_P)
{
/* First try the syscall. */
result = INLINE_SYSCALL (pwrite, 6, fd, CHECK_N (buf, count), count, 0,
__LONG_LONG_PAIR (offset >> 31, offset));
# if __ASSUME_PWRITE_SYSCALL == 0
if (result == -1 && errno == ENOSYS)
/* No system call available. Use the emulation. */
result = __emulate_pwrite (fd, buf, count, offset);
# endif
return result;
}
int oldtype = LIBC_CANCEL_ASYNC();
/* First try the syscall. */
result = INLINE_SYSCALL (pwrite, 6, fd, CHECK_N (buf, count), count, 0,
__LONG_LONG_PAIR (offset >> 31, offset));
# if __ASSUME_PWRITE_SYSCALL == 0
if (result == -1 && errno == ENOSYS)
/* No system call available. Use the emulation. */
result = __emulate_pwrite (fd, buf, count, offset);
# endif
LIBC_CANCEL_RESET (oldtype);
return result;
}
strong_alias (__libc_pwrite, __pwrite)
weak_alias (__libc_pwrite, pwrite)
# define __libc_pwrite(fd, buf, count, offset) \
static internal_function __emulate_pwrite (fd, buf, count, offset)
#endif
#if __ASSUME_PWRITE_SYSCALL == 0
# include <sysdeps/posix/pwrite.c>
#endif
任何幫助表示讚賞。
感謝您的信息;幸運的是,儘管LD_PRELOAD似乎無視版本符號(可能因爲只定義了一個版本)而覆蓋了該函數,所以我不必經歷櫻桃挑選符號的麻煩。當我做objdump -T時,libpthread符號的確顯示爲GLIBC-2.2.5,而我的是Base。經過一番挖掘,__pwrite_nocancel()實際上來自我沒有導出的pwrite64符號。在添加了另一個弱別名之後,沒關係。再次感謝您的回覆。 – Leo