Google Git
Sign in
fuchsia/third_party/github.com/jacereda/fsatrace/d1908500fef457eeea949ad97abca4663284a9a0
commit
d1908500fef457eeea949ad97abca4663284a9a0
[log]
author
Charles Celerier <chcl@google.com>
Thu Feb 06 11:31:01 2025 -0500
committer
Charles Celerier <chcl@google.com>
Fri Feb 07 16:38:05 2025 -0500
tree
b7b4b84e7c6ed67b7e0d98f63203e14368188272
parent
bc9f8de7ea06a0307209031b8e59e49f7168350f [diff]
Poll the fifo once before reading to detect when a process never loads libc

The fifo should be opened for writing from the traced process itself
after the LD_PRELOAD injection. This however will not happen if the
process does not dynamically link libc. And this happens to be the case
in most Go programs.

This change adds two tests to ensure fsatrace exits when run on a
process that does not load libc and does not hang if the write end of
the fifo exits before the read end consumes any bytes.

Change-Id: If1a717614f42761c706724d1b6e560db055a5539
7 files changed
tree: b7b4b84e7c6ed67b7e0d98f63203e14368188272
  1. src/
  2. test/
  3. .clang-format
  4. .ghci
  5. .gitignore
  6. .travis.yml
  7. appveyor.yml
  8. LICENSE
  9. Makefile
  10. README.fuchsia
  11. README.md
  12. unix.mk
  13. win.mk
README.md

Filesystem Access Tracer

This tool injects code into other applications in order to trace file accesses.

Why?

This can be useful for things like build systems, since it allows to automatically generate dependencies in a toolchain-agnostic way or to ensure declared dependencies match the real ones.

Compiling

On Unix, type make to generate the fsatrace executable and the fsatrace.so shared library.

On Windows, you'll need recent 64-bit and 32-bit versions of mingw. You can either adapt the Makefile to point to your compilers or, alternatively, install https://github.com/commercialhaskell/stack and run the following sequence to get the required compilers:

stack setup --resolver ghc-8.6.5 --arch=x86_64
stack setup --resolver ghc-8.6.5 --arch=i386
stack exec -- pacman -S make

After that, invoke:

stack exec -- make

That should generate fsatrace.exe, fsatracehelper.exe, fsatrace32.dll and fsatrace64.dll.

Usage

Make sure the .dll or .so files are in the same path as the fsatrace executable and run:

fsatrace <options> <output-file> -- <command>

Options is a combination of the following characters:

  • v: print args vector
  • r: dump read operations
  • w: dump write operations
  • m: dump file move operations
  • d: dump file delete operations
  • q: dump file stat operations
  • t: dump touch operations

Environment Variables

  • FSAT_BUF_SIZE: when set, overwrites size of buffer for trace output.

macOS usage

In order to use fsatrace on systems newer than OS X 10.10, System Integrity Protection must be disabled as detailed in https://developer.apple.com/library/content/documentation/Security/Conceptual/System_Integrity_Protection_Guide/ConfiguringSystemIntegrityProtection/ConfiguringSystemIntegrityProtection.html

Use at your own risk!

Output format

Newline-separated sequence with the following possibilities:

  • r|path-to-file-opened-for-write
  • w|path-to-file-opened-for-read
  • m|path-to-destination-of-move|path-to-source-of-move
  • d|path-to-deleted-file
  • q|path-to-queried-file
  • t|path-to-touched-file