RHBA-2010:0074 - Bug Fix Advisory

Topic

An updated strace package that fixes bugs related to tracing multithreaded
programs is now available.

Description

The strace program intercepts and records the system calls called and received
by a running process, and is able to print a record of each system call, its
arguments, and its return value.

This updated strace package includes fixes for the following bugs:

• when the command "strace -f" was executed on a multithreaded program that

terminated abnormally, such as by receiving the SIGKILL signal, the trace became
unresponsive and never completed due to a race condition. With this update,
strace no longer waits for a targeted program's state to change; it now performs
multiple checks of the target program's state and is able to restart system
calls, such as ptrace, instead of waiting for a targeted program which is no
longer running, and thereby becoming unresponsive. (BZ#532951)

Important: the kernel component of the fix for this issue was addressed in
BZ#555869 of the RHSA-2010:0076 kernel security and bug fix errata, which is
linked to in the References. However, during the course of testing for the
strace issue described above, BZ#532951, it was determined that the
previously-released kernel update does not fully resolve this issue; it provides
a partial fix.

As a result, the full fix for this issue will be resolved in a future kernel
errata update for the Red Hat Enterprise Linux 4.8.z channel.

• when attaching to a processs that is currently executing the execve system

call, a race condition could have caused strace to misinterpret the state of the
program, thus losing track of the enter/exit state of system calls. With this
update, strace ensures that the kernel reports trace events in a special way
that avoids misinterpretation. Note that this problem only occurred on Itanium,
PowerPC and IBM S/390 based systems. (BZ#567206)

All users of strace are advised to upgrade to this updated package, which
resolves these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

• Red Hat Enterprise Linux Server 4 x86_64
• Red Hat Enterprise Linux Server 4 ia64
• Red Hat Enterprise Linux Server 4 i386
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.8 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.8 ia64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.8 i386
• Red Hat Enterprise Linux Workstation 4 x86_64
• Red Hat Enterprise Linux Workstation 4 ia64
• Red Hat Enterprise Linux Workstation 4 i386
• Red Hat Enterprise Linux Desktop 4 x86_64
• Red Hat Enterprise Linux Desktop 4 i386
• Red Hat Enterprise Linux for IBM z Systems 4 s390x
• Red Hat Enterprise Linux for IBM z Systems 4 s390
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8 s390x
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8 s390
• Red Hat Enterprise Linux for Power, big endian 4 ppc
• Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.8 ppc

Fixes

• BZ - 532951 - [4.7] The strace hangs when strace is executed against a multi-thread process.
• BZ - 567206 - [REG][4.8] IA64 strace stops logging a trace

CVEs

(none)

References

(none)