On Mar 5 17:15, Ryan Johnson wrote:
Might it be possible to do an LD_PRELOAD of some sort which hooks
into fork() at the critical moment and prints the differences
between /proc/$parent/maps and /proc/$child/maps? The code doesn't
even need to be efficient; it just needs to be able to run when
whatever internal helper of fork() returns an error but before the
nascent child process is terminated.
If there exists such a convenient instrumentation point, I might be
up to the task of exploiting it, but I wouldn't know where to start.
It's not that easy. LD_PRELOAD is only honored after the other
stuff to duplicate the parent process has already taken place.
This is definitely not something for 1.7.9, but maybe we can utilize
the functionality we already have on board at one point. In
fhandler_process.cc we have the function format_process_maps(), which
creates a buffer with the content of /proc/$PID/maps. It might be
possible to call this function from fork for parent and child if fork
fails for this reason, and print this information.
Just an idea. Somebody still would have to do it(*).