2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl>
3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl>
4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com>
5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl>
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. The name of the author may not be used to endorse or promote products
17 * derived from this software without specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
37 #include <sys/param.h>
39 #include <sys/resource.h>
47 #include <sys/stropts.h>
54 int debug = 0, followfork = 0, followvfork = 0, interactive = 0;
55 int rflag = 0, tflag = 0, dtime = 0, cflag = 0;
56 int iflag = 0, xflag = 0, qflag = 0;
59 char *username = NULL;
63 int acolumn = DEFAULT_ACOLUMN;
64 int max_strlen = DEFAULT_STRLEN;
65 char *outfname = NULL;
67 struct tcb tcbtab[MAX_PROCS];
70 extern char version[];
71 extern char **environ;
73 static struct tcb *pid2tcb P((int pid));
74 static int trace P((void));
75 static void cleanup P((void));
76 static void interrupt P((int sig));
77 static sigset_t empty_set, blocked_set;
79 #ifdef HAVE_SIG_ATOMIC_T
80 static volatile sig_atomic_t interrupted;
81 #else /* !HAVE_SIG_ATOMIC_T */
83 static volatile int interrupted;
85 static int interrupted;
86 #endif /* !__STDC__ */
87 #endif /* !HAVE_SIG_ATOMIC_T */
91 static struct tcb *pfd2tcb P((int pfd));
92 static void reaper P((int sig));
93 static void rebuild_pollv P((void));
94 struct pollfd pollv[MAX_PROCS];
96 #ifndef HAVE_POLLABLE_PROCFS
98 static void proc_poll_open P((void));
99 static void proc_poller P((int pfd));
107 static int poller_pid;
108 static int proc_poll_pipe[2] = { -1, -1 };
110 #endif /* !HAVE_POLLABLE_PROCFS */
112 #ifdef HAVE_MP_PROCFS
113 #define POLLWANT POLLWRNORM
115 #define POLLWANT POLLPRI
125 usage: strace [-dffhiqrtttTvVxx] [-a column] [-e expr] ... [-o file]\n\
126 [-p pid] ... [-s strsize] [-u username] [command [arg ...]]\n\
127 or: strace -c [-e expr] ... [-O overhead] [-S sortby] [command [arg ...]]\n\
128 -c -- count time, calls, and errors for each syscall and report summary\n\
129 -f -- follow forks, -ff -- with output into separate files\n\
130 -F -- attempt to follow vforks, -h -- print help message\n\
131 -i -- print instruction pointer at time of syscall\n\
132 -q -- suppress messages about attaching, detaching, etc.\n\
133 -r -- print relative timestamp, -t -- absolute timestamp, -tt -- with usecs\n\
134 -T -- print time spent in each syscall, -V -- print version\n\
135 -v -- verbose mode: print unabbreviated argv, stat, termio[s], etc. args\n\
136 -x -- print non-ascii strings in hex, -xx -- print all strings in hex\n\
137 -a column -- alignment COLUMN for printing syscall results (default %d)\n\
138 -e expr -- a qualifying expression: option=[!]all or option=[!]val1[,val2]...\n\
139 options: trace, abbrev, verbose, raw, signal, read, or write\n\
140 -o file -- send trace output to FILE instead of stderr\n\
141 -O overhead -- set overhead for tracing syscalls to OVERHEAD usecs\n\
142 -p pid -- trace process with process id PID, may be repeated\n\
143 -s strsize -- limit length of print strings to STRSIZE chars (default %d)\n\
144 -S sortby -- sort syscall counts by: time, calls, name, nothing (default %s)\n\
145 -u username -- run command as username handling setuid and/or setgid\n\
146 ", DEFAULT_ACOLUMN, DEFAULT_STRLEN, DEFAULT_SORTBY);
170 static char buf[BUFSIZ];
175 qualify("trace=all");
176 qualify("abbrev=all");
177 qualify("verbose=all");
178 qualify("signal=all");
179 set_sortby(DEFAULT_SORTBY);
180 set_personality(DEFAULT_PERSONALITY);
181 while ((c = getopt(argc, argv,
182 "+cdfFhiqrtTvVxa:e:o:O:p:s:S:u:")) != EOF) {
220 qualify("abbrev=none");
223 printf("%s\n", version);
227 acolumn = atoi(optarg);
233 outfname = strdup(optarg);
236 set_overhead(atoi(optarg));
239 if ((pid = atoi(optarg)) == 0) {
240 fprintf(stderr, "%s: Invalid process id: %s\n",
244 if (pid == getpid()) {
245 fprintf(stderr, "%s: I'm sorry, I can't let you do that, Dave.\n", progname);
248 if ((tcp = alloctcb(pid)) == NULL) {
249 fprintf(stderr, "%s: tcb table full, please recompile strace\n",
253 tcp->flags |= TCB_ATTACHED;
257 max_strlen = atoi(optarg);
263 username = strdup(optarg);
271 /* See if they want to run as another user. */
272 if (username != NULL) {
275 if (getuid() != 0 || geteuid() != 0) {
277 "%s: you must be root to use the -u option\n",
281 if ((pent = getpwnam(username)) == NULL) {
282 fprintf(stderr, "%s: cannot find user `%s'\n",
286 run_uid = pent->pw_uid;
287 run_gid = pent->pw_gid;
295 setreuid(geteuid(), getuid());
298 /* See if they want to pipe the output. */
299 if (outfname && (outfname[0] == '|' || outfname[0] == '!')) {
300 if ((outf = popen(outfname + 1, "w")) == NULL) {
301 fprintf(stderr, "%s: can't popen '%s': %s\n",
302 progname, outfname + 1, strerror(errno));
309 /* Check if they want to redirect the output. */
311 if ((outf = fopen(outfname, "w")) == NULL) {
312 fprintf(stderr, "%s: can't fopen '%s': %s\n",
313 progname, outfname, strerror(errno));
319 setreuid(geteuid(), getuid());
324 setvbuf(outf, buf, _IOLBF, BUFSIZ);
326 else if (optind < argc)
331 for (c = 0, tcp = tcbtab; c < MAX_PROCS; c++, tcp++) {
332 /* Reinitialize the output since it may have changed. */
334 if (!(tcp->flags & TCB_INUSE) || !(tcp->flags & TCB_ATTACHED))
337 if (proc_open(tcp, 1) < 0) {
338 fprintf(stderr, "trouble opening proc file\n");
343 if (ptrace(PTRACE_ATTACH, tcp->pid, (char *) 1, 0) < 0) {
344 perror("attach: ptrace(PTRACE_ATTACH, ...)");
351 "Process %u attached - interrupt to quit\n",
358 char pathname[MAXPATHLEN];
360 filename = argv[optind];
361 if (strchr(filename, '/'))
362 strcpy(pathname, filename);
363 #ifdef USE_DEBUGGING_EXEC
365 * Debuggers customarily check the current directory
366 * first regardless of the path but doing that gives
367 * security geeks a panic attack.
369 else if (stat(filename, &statbuf) == 0)
370 strcpy(pathname, filename);
371 #endif /* USE_DEBUGGING_EXEC */
376 for (path = getenv("PATH"); path && *path; path += m) {
377 if (strchr(path, ':')) {
378 n = strchr(path, ':') - path;
382 m = n = strlen(path);
384 getcwd(pathname, MAXPATHLEN);
385 len = strlen(pathname);
388 strncpy(pathname, path, n);
391 if (len && pathname[len - 1] != '/')
392 pathname[len++] = '/';
393 strcpy(pathname + len, filename);
394 if (stat(pathname, &statbuf) == 0)
398 if (stat(pathname, &statbuf) < 0) {
399 fprintf(stderr, "%s: %s: command not found\n",
403 switch (pid = fork()) {
405 perror("strace: fork");
411 if (outf != stderr) close (fileno (outf));
413 /* Kludge for SGI, see proc_open for details. */
414 sa.sa_handler = foobar;
416 sigemptyset(&sa.sa_mask);
417 sigaction(SIGINT, &sa, NULL);
421 if (ptrace(PTRACE_TRACEME, 0, (char *) 1, 0) < 0) {
422 perror("strace: ptrace(PTRACE_TRACEME, ...)");
426 kill(getpid(), SIGSTOP);
428 if (username != NULL || geteuid() == 0) {
429 uid_t run_euid = run_uid;
430 gid_t run_egid = run_gid;
432 if (statbuf.st_mode & S_ISUID)
433 run_euid = statbuf.st_uid;
434 if (statbuf.st_mode & S_ISGID)
435 run_egid = statbuf.st_gid;
438 * It is important to set groups before we
439 * lose privileges on setuid.
442 && initgroups(username, run_gid) < 0) {
443 perror("initgroups");
446 if (setregid(run_gid, run_egid) < 0) {
450 if (setreuid(run_uid, run_euid) < 0) {
456 setreuid(run_uid, run_uid);
459 execv(pathname, &argv[optind]);
460 perror("strace: exec");
465 if ((tcp = alloctcb(pid)) == NULL) {
466 fprintf(stderr, "tcb table full\n");
471 if (proc_open(tcp, 0) < 0) {
472 fprintf(stderr, "trouble opening proc file\n");
478 fake_execve(tcp, pathname, &argv[optind], environ);
483 else if (pflag_seen == 0)
486 sigemptyset(&empty_set);
487 sigemptyset(&blocked_set);
488 sa.sa_handler = SIG_IGN;
489 sigemptyset(&sa.sa_mask);
491 sigaction(SIGTTOU, &sa, NULL);
492 sigaction(SIGTTIN, &sa, NULL);
494 sigaddset(&blocked_set, SIGHUP);
495 sigaddset(&blocked_set, SIGINT);
496 sigaddset(&blocked_set, SIGQUIT);
497 sigaddset(&blocked_set, SIGPIPE);
498 sigaddset(&blocked_set, SIGTERM);
499 sa.sa_handler = interrupt;
501 /* POSIX signals on sunos4.1 are a little broken. */
502 sa.sa_flags = SA_INTERRUPT;
505 sigaction(SIGHUP, &sa, NULL);
506 sigaction(SIGINT, &sa, NULL);
507 sigaction(SIGQUIT, &sa, NULL);
508 sigaction(SIGPIPE, &sa, NULL);
509 sigaction(SIGTERM, &sa, NULL);
511 sa.sa_handler = reaper;
512 sigaction(SIGCHLD, &sa, NULL);
525 char name[MAXPATHLEN];
528 if (outfname && followfork > 1) {
529 sprintf(name, "%s.%u", outfname, tcp->pid);
531 setreuid(geteuid(), getuid());
533 fp = fopen(name, "w");
535 setreuid(geteuid(), getuid());
553 for (i = 0, tcp = tcbtab; i < MAX_PROCS; i++, tcp++) {
554 if ((tcp->flags & TCB_INUSE) == 0) {
558 tcp->flags = TCB_INUSE | TCB_STARTUP;
559 tcp->outf = outf; /* Initialise to current out file */
560 tcp->stime.tv_sec = 0;
561 tcp->stime.tv_usec = 0;
572 proc_open(tcp, attaching)
578 sysset_t sc_enter, sc_exit;
581 #ifndef HAVE_POLLABLE_PROCFS
585 #ifdef HAVE_MP_PROCFS
586 /* Open the process pseudo-files in /proc. */
587 sprintf(proc, "/proc/%d/ctl", tcp->pid);
588 if ((tcp->pfd = open(proc, O_WRONLY|O_EXCL)) < 0) {
589 perror("strace: open(\"/proc/...\", ...)");
592 if ((arg = fcntl(tcp->pfd, F_GETFD)) < 0) {
596 if (fcntl(tcp->pfd, F_SETFD, arg|FD_CLOEXEC) < 0) {
600 sprintf(proc, "/proc/%d/status", tcp->pid);
601 if ((tcp->pfd_stat = open(proc, O_RDONLY|O_EXCL)) < 0) {
602 perror("strace: open(\"/proc/...\", ...)");
605 if ((arg = fcntl(tcp->pfd_stat, F_GETFD)) < 0) {
609 if (fcntl(tcp->pfd_stat, F_SETFD, arg|FD_CLOEXEC) < 0) {
613 sprintf(proc, "/proc/%d/as", tcp->pid);
614 if ((tcp->pfd_as = open(proc, O_RDONLY|O_EXCL)) < 0) {
615 perror("strace: open(\"/proc/...\", ...)");
618 if ((arg = fcntl(tcp->pfd_as, F_GETFD)) < 0) {
622 if (fcntl(tcp->pfd_as, F_SETFD, arg|FD_CLOEXEC) < 0) {
627 /* Open the process pseudo-file in /proc. */
628 sprintf(proc, "/proc/%d", tcp->pid);
629 if ((tcp->pfd = open(proc, O_RDWR|O_EXCL)) < 0) {
630 perror("strace: open(\"/proc/...\", ...)");
633 if ((arg = fcntl(tcp->pfd, F_GETFD)) < 0) {
637 if (fcntl(tcp->pfd, F_SETFD, arg|FD_CLOEXEC) < 0) {
645 * Wait for the child to pause. Because of a race
646 * condition we have to poll for the event.
649 if (IOCTL_STATUS (tcp) < 0) {
650 perror("strace: PIOCSTATUS");
653 if (tcp->status.PR_FLAGS & PR_ASLEEP)
657 /* Stop the process so that we own the stop. */
658 if (IOCTL(tcp->pfd, PIOCSTOP, NULL) < 0) {
659 perror("strace: PIOCSTOP");
663 /* Set Run-on-Last-Close. */
665 if (IOCTL(tcp->pfd, PIOCSET, &arg) < 0) {
666 perror("PIOCSET PR_RLC");
669 /* Set or Reset Inherit-on-Fork. */
671 if (IOCTL(tcp->pfd, followfork ? PIOCSET : PIOCRESET, &arg) < 0) {
672 perror("PIOC{SET,RESET} PR_FORK");
676 if (ioctl(tcp->pfd, PIOCSRLC) < 0) {
680 if (ioctl(tcp->pfd, followfork ? PIOCSFORK : PIOCRFORK) < 0) {
681 perror("PIOC{S,R}FORK");
684 #endif /* !PIOCSET */
685 /* Enable all syscall entries. */
686 prfillset(&sc_enter);
687 if (IOCTL(tcp->pfd, PIOCSENTRY, &sc_enter) < 0) {
688 perror("PIOCSENTRY");
691 /* Enable all syscall exits. */
693 if (IOCTL(tcp->pfd, PIOCSEXIT, &sc_exit) < 0) {
697 /* Enable all signals. */
699 if (IOCTL(tcp->pfd, PIOCSTRACE, &signals) < 0) {
700 perror("PIOCSTRACE");
703 /* Enable all faults. */
705 if (IOCTL(tcp->pfd, PIOCSFAULT, &faults) < 0) {
706 perror("PIOCSFAULT");
712 * The SGI PRSABORT doesn't work for pause() so
713 * we send it a caught signal to wake it up.
715 kill(tcp->pid, SIGINT);
717 /* The child is in a pause(), abort it. */
719 if (IOCTL (tcp->pfd, PIOCRUN, &arg) < 0) {
725 /* Wait for the child to do something. */
726 if (IOCTL_WSTOP (tcp) < 0) {
730 if (tcp->status.PR_WHY == PR_SYSENTRY) {
731 #ifdef HAVE_PR_SYSCALL
732 int scno = tcp->status.pr_syscall;
733 #else /* !HAVE_PR_SYSCALL */
734 int scno = tcp->status.PR_WHAT;
735 #endif /* !HAVE_PR_SYSCALL */
736 if (scno == SYS_execve)
739 /* Set it running: maybe execve will be next. */
741 if (IOCTL(tcp->pfd, PIOCRUN, &arg) < 0) {
747 #ifndef HAVE_POLLABLE_PROCFS
748 if (proc_poll_pipe[0] != -1)
749 proc_poller(tcp->pfd);
750 else if (nprocs > 1) {
752 proc_poller(last_pfd);
753 proc_poller(tcp->pfd);
756 #endif /* !HAVE_POLLABLE_PROCFS */
769 for (i = 0, tcp = tcbtab; i < MAX_PROCS; i++, tcp++) {
770 if (pid && tcp->pid != pid)
772 if (tcp->flags & TCB_INUSE)
787 for (i = 0, tcp = tcbtab; i < MAX_PROCS; i++, tcp++) {
790 if (tcp->flags & TCB_INUSE)
807 if (tcp->pfd != -1) {
814 if (tcp->parent != NULL) {
815 tcp->parent->nchildren--;
819 if (tcp->outf != stderr)
834 if (!(tcp->flags & TCB_SUSPENDED)) {
835 fprintf(stderr, "PANIC: pid %u not suspended\n", tcp->pid);
838 tcp->flags &= ~TCB_SUSPENDED;
840 if (ptrace(PTRACE_SYSCALL, tcp->pid, (char *) 1, 0) < 0) {
841 perror("resume: ptrace(PTRACE_SYSCALL, ...)");
846 fprintf(stderr, "Process %u resumed\n", tcp->pid);
852 /* detach traced process; continue with sig */
864 if (tcp->flags & TCB_BPTSET)
869 * Linux wrongly insists the child be stopped
870 * before detaching. Arghh. We go through hoops
871 * to make a clean break of things.
875 #define PTRACE_DETACH PTRACE_SUNDETACH
877 if ((error = ptrace(PTRACE_DETACH, tcp->pid, (char *) 1, sig)) == 0) {
878 /* On a clear day, you can see forever. */
880 else if (errno != ESRCH) {
881 /* Shouldn't happen. */
882 perror("detach: ptrace(PTRACE_DETACH, ...)");
884 else if (kill(tcp->pid, 0) < 0) {
886 perror("detach: checking sanity");
888 else if (kill(tcp->pid, SIGSTOP) < 0) {
890 perror("detach: stopping child");
894 if (waitpid(tcp->pid, &status, 0) < 0) {
896 perror("detach: waiting");
899 if (!WIFSTOPPED(status)) {
900 /* Au revoir, mon ami. */
903 if (WSTOPSIG(status) == SIGSTOP) {
904 if ((error = ptrace(PTRACE_DETACH,
905 tcp->pid, (char *) 1, sig)) < 0) {
907 perror("detach: ptrace(PTRACE_DETACH, ...)");
912 if ((error = ptrace(PTRACE_CONT, tcp->pid, (char *) 1,
913 WSTOPSIG(status) == SIGTRAP ?
914 0 : WSTOPSIG(status))) < 0) {
916 perror("detach: ptrace(PTRACE_CONT, ...)");
924 /* PTRACE_DETACH won't respect `sig' argument, so we post it here. */
925 if (sig && kill(tcp->pid, sig) < 0)
926 perror("detach: kill");
928 if ((error = ptrace(PTRACE_DETACH, tcp->pid, (char *) 1, sig)) < 0)
929 perror("detach: ptrace(PTRACE_DETACH, ...)");
933 if (waiting_parent(tcp))
934 error = resume(tcp->parent);
938 fprintf(stderr, "Process %u detached\n", tcp->pid);
953 while ((pid = waitpid(-1, &status, WNOHANG)) > 0) {
972 for (i = 0, tcp = tcbtab; i < MAX_PROCS; i++, tcp++) {
973 if (!(tcp->flags & TCB_INUSE))
977 "cleanup: looking at pid %u\n", tcp->pid);
979 (!outfname || followfork < 2 || tcp_last == tcp)) {
980 tprintf(" <unfinished ...>\n");
983 if (tcp->flags & TCB_ATTACHED)
986 kill(tcp->pid, SIGCONT);
987 kill(tcp->pid, SIGTERM);
1001 #ifndef HAVE_STRERROR
1003 #ifndef SYS_ERRLIST_DECLARED
1004 extern int sys_nerr;
1005 extern char *sys_errlist[];
1006 #endif /* SYS_ERRLIST_DECLARED */
1012 static char buf[64];
1014 if (errno < 1 || errno >= sys_nerr) {
1015 sprintf(buf, "Unknown error %d", errno);
1018 return sys_errlist[errno];
1021 #endif /* HAVE_STERRROR */
1023 #ifndef HAVE_STRSIGNAL
1025 #ifndef SYS_SIGLIST_DECLARED
1026 #ifdef HAVE__SYS_SIGLIST
1027 extern char *_sys_siglist[];
1029 extern char *sys_siglist[];
1031 #endif /* SYS_SIGLIST_DECLARED */
1037 static char buf[64];
1039 if (sig < 1 || sig >= NSIG) {
1040 sprintf(buf, "Unknown signal %d", sig);
1043 #ifdef HAVE__SYS_SIGLIST
1044 return _sys_siglist[sig];
1046 return sys_siglist[sig];
1050 #endif /* HAVE_STRSIGNAL */
1060 for (i = j = 0, tcp = tcbtab; i < MAX_PROCS; i++, tcp++) {
1061 if (!(tcp->flags & TCB_INUSE))
1063 pollv[j].fd = tcp->pfd;
1064 pollv[j].events = POLLWANT;
1068 fprintf(stderr, "strace: proc miscount\n");
1073 #ifndef HAVE_POLLABLE_PROCFS
1081 if (pipe(proc_poll_pipe) < 0) {
1085 for (i = 0; i < 2; i++) {
1086 if ((arg = fcntl(proc_poll_pipe[i], F_GETFD)) < 0) {
1090 if (fcntl(proc_poll_pipe[i], F_SETFD, arg|FD_CLOEXEC) < 0) {
1098 proc_poll(pollv, nfds, timeout)
1099 struct pollfd *pollv;
1105 struct proc_pollfd pollinfo;
1107 if ((n = read(proc_poll_pipe[0], &pollinfo, sizeof(pollinfo))) < 0)
1109 if (n != sizeof(struct proc_pollfd)) {
1110 fprintf(stderr, "panic: short read: %d\n", n);
1113 for (i = 0; i < nprocs; i++) {
1114 if (pollv[i].fd == pollinfo.fd)
1115 pollv[i].revents = pollinfo.revents;
1117 pollv[i].revents = 0;
1119 poller_pid = pollinfo.pid;
1133 struct proc_pollfd pollinfo;
1134 struct sigaction sa;
1135 sigset_t blocked_set, empty_set;
1150 sa.sa_handler = interactive ? SIG_DFL : SIG_IGN;
1152 sigemptyset(&sa.sa_mask);
1153 sigaction(SIGHUP, &sa, NULL);
1154 sigaction(SIGINT, &sa, NULL);
1155 sigaction(SIGQUIT, &sa, NULL);
1156 sigaction(SIGPIPE, &sa, NULL);
1157 sigaction(SIGTERM, &sa, NULL);
1158 sa.sa_handler = wakeup_handler;
1159 sigaction(SIGUSR1, &sa, NULL);
1160 sigemptyset(&blocked_set);
1161 sigaddset(&blocked_set, SIGUSR1);
1162 sigprocmask(SIG_BLOCK, &blocked_set, NULL);
1163 sigemptyset(&empty_set);
1165 if (getrlimit(RLIMIT_NOFILE, &rl) < 0) {
1166 perror("getrlimit(RLIMIT_NOFILE, ...)");
1170 for (i = 0; i < n; i++) {
1171 if (i != pfd && i != proc_poll_pipe[1])
1176 pollinfo.pid = getpid();
1178 if (ioctl(pfd, PIOCWSTOP, NULL) < 0)
1184 pollinfo.revents = POLLERR;
1187 pollinfo.revents = POLLHUP;
1190 perror("proc_poller: PIOCWSTOP");
1192 write(proc_poll_pipe[1], &pollinfo, sizeof(pollinfo));
1195 pollinfo.revents = POLLWANT;
1196 write(proc_poll_pipe[1], &pollinfo, sizeof(pollinfo));
1197 sigsuspend(&empty_set);
1201 #endif /* !HAVE_POLLABLE_PROCFS */
1211 if (followfork < 2 &&
1212 last < nprocs && (pollv[last].revents & POLLWANT)) {
1214 * The previous process is ready to run again. We'll
1215 * let it do so if it is currently in a syscall. This
1216 * heuristic improves the readability of the trace.
1218 tcp = pfd2tcb(pollv[last].fd);
1219 if (tcp && (tcp->flags & TCB_INSYSCALL))
1220 return pollv[last].fd;
1223 for (i = 0; i < nprocs; i++) {
1224 /* Let competing children run round robin. */
1225 j = (i + last + 1) % nprocs;
1226 if (pollv[j].revents & (POLLHUP | POLLERR)) {
1227 tcp = pfd2tcb(pollv[j].fd);
1229 fprintf(stderr, "strace: lost proc\n");
1235 if (pollv[j].revents & POLLWANT) {
1240 fprintf(stderr, "strace: nothing ready\n");
1248 struct tcb *in_syscall;
1253 int ioctl_result = 0, ioctl_errno = 0;
1258 sigprocmask(SIG_SETMASK, &empty_set, NULL);
1265 #ifndef HAVE_POLLABLE_PROCFS
1266 if (proc_poll_pipe[0] == -1) {
1275 #ifndef HAVE_POLLABLE_PROCFS
1277 /* fall through ... */
1278 #endif /* !HAVE_POLLABLE_PROCFS */
1280 #ifdef HAVE_POLLABLE_PROCFS
1282 /* On some systems (e.g. UnixWare) we get too much ugly
1283 "unfinished..." stuff when multiple proceses are in
1284 syscalls. Here's a nasty hack */
1291 pv.events = POLLWANT;
1292 if ((what = poll (&pv, 1, 1)) < 0) {
1297 else if (what == 1 && pv.revents & POLLWANT) {
1303 if (poll(pollv, nprocs, INFTIM) < 0) {
1308 #else /* !HAVE_POLLABLE_PROCFS */
1309 if (proc_poll(pollv, nprocs, INFTIM) < 0) {
1314 #endif /* !HAVE_POLLABLE_PROCFS */
1321 /* Look up `pfd' in our table. */
1322 if ((tcp = pfd2tcb(pfd)) == NULL) {
1323 fprintf(stderr, "unknown pfd: %u\n", pfd);
1327 /* Get the status of the process. */
1329 ioctl_result = IOCTL_WSTOP (tcp);
1330 ioctl_errno = errno;
1331 #ifndef HAVE_POLLABLE_PROCFS
1332 if (proc_poll_pipe[0] != -1) {
1333 if (ioctl_result < 0)
1334 kill(poller_pid, SIGKILL);
1336 kill(poller_pid, SIGUSR1);
1338 #endif /* !HAVE_POLLABLE_PROCFS */
1344 sigprocmask(SIG_BLOCK, &blocked_set, NULL);
1346 if (ioctl_result < 0) {
1347 /* Find out what happened if it failed. */
1348 switch (ioctl_errno) {
1356 perror("PIOCWSTOP");
1361 /* clear the just started flag */
1362 tcp->flags &= ~TCB_STARTUP;
1364 /* set current output file */
1368 struct timeval stime;
1370 stime.tv_sec = tcp->status.pr_stime.tv_sec;
1371 stime.tv_usec = tcp->status.pr_stime.tv_nsec/1000;
1372 tv_sub(&tcp->dtime, &stime, &tcp->stime);
1376 what = tcp->status.PR_WHAT;
1377 switch (tcp->status.PR_WHY) {
1379 if (tcp->status.PR_FLAGS & PR_ASLEEP) {
1380 tcp->status.PR_WHY = PR_SYSENTRY;
1381 if (trace_syscall(tcp) < 0) {
1382 fprintf(stderr, "syscall trouble\n");
1392 if (trace_syscall(tcp) < 0) {
1393 fprintf(stderr, "syscall trouble\n");
1398 if (!cflag && (qual_flags[what] & QUAL_SIGNAL)) {
1400 tprintf("--- %s (%s) ---",
1401 signame(what), strsignal(what));
1406 if (!cflag && (qual_flags[what] & QUAL_FAULT)) {
1408 tprintf("=== FAULT %d ===", what);
1413 fprintf(stderr, "odd stop %d\n", tcp->status.PR_WHY);
1418 if (IOCTL (tcp->pfd, PIOCRUN, &arg) < 0) {
1439 while (nprocs != 0) {
1441 sigprocmask(SIG_SETMASK, &empty_set, NULL);
1443 pid = wait4(-1, &status, 0, cflag ? &ru : NULL);
1446 pid = wait(&status);
1450 sigprocmask(SIG_BLOCK, &blocked_set, NULL);
1456 switch (wait_errno) {
1461 * We would like to verify this case
1462 * but sometimes a race in Solbourne's
1463 * version of SunOS sometimes reports
1464 * ECHILD before sending us SIGCHILD.
1469 fprintf(stderr, "strace: proc miscount\n");
1475 perror("strace: wait");
1480 fprintf(stderr, " [wait(%#x) = %u]\n", status, pid);
1482 /* Look up `pid' in our table. */
1483 if ((tcp = pid2tcb(pid)) == NULL) {
1484 fprintf(stderr, "unknown pid: %u\n", pid);
1485 if (WIFSTOPPED(status))
1486 ptrace(PTRACE_CONT, pid, (char *) 1, 0);
1489 /* set current output file */
1493 tv_sub(&tcp->dtime, &ru.ru_stime, &tcp->stime);
1494 tcp->stime = ru.ru_stime;
1498 if (tcp->flags & TCB_SUSPENDED) {
1500 * Apparently, doing any ptrace() call on a stopped
1501 * process, provokes the kernel to report the process
1502 * status again on a subsequent wait(), even if the
1503 * process has not been actually restarted.
1504 * Since we have inspected the arguments of suspended
1505 * processes we end up here testing for this case.
1509 if (WIFSIGNALED(status)) {
1511 && (qual_flags[WTERMSIG(status)] & QUAL_SIGNAL)) {
1513 tprintf("+++ killed by %s +++",
1514 signame(WTERMSIG(status)));
1520 if (WIFEXITED(status)) {
1522 fprintf(stderr, "pid %u exited\n", pid);
1523 if (tcp->flags & TCB_ATTACHED)
1525 "PANIC: attached pid %u exited\n",
1530 if (!WIFSTOPPED(status)) {
1531 fprintf(stderr, "PANIC: pid %u not stopped\n", pid);
1536 fprintf(stderr, "pid %u stopped, [%s]\n",
1537 pid, signame(WSTOPSIG(status)));
1539 if (tcp->flags & TCB_STARTUP) {
1541 * This flag is there to keep us in sync.
1542 * Next time this process stops it should
1543 * really be entering a system call.
1545 tcp->flags &= ~TCB_STARTUP;
1546 if (tcp->flags & TCB_ATTACHED) {
1548 * Interestingly, the process may stop
1549 * with STOPSIG equal to some other signal
1550 * than SIGSTOP if we happend to attach
1551 * just before the process takes a signal.
1553 if (!WIFSTOPPED(status)) {
1555 "pid %u not stopped\n", pid);
1556 detach(tcp, WSTOPSIG(status));
1562 /* A child of us stopped at exec */
1563 if (WSTOPSIG(status) == SIGTRAP && followvfork)
1567 if (tcp->flags & TCB_BPTSET) {
1568 if (clearbpt(tcp) < 0) /* Pretty fatal */ {
1577 if (WSTOPSIG(status) != SIGTRAP) {
1578 if (WSTOPSIG(status) == SIGSTOP &&
1579 (tcp->flags & TCB_SIGTRAPPED)) {
1581 * Trapped attempt to block SIGTRAP
1582 * Hope we are back in control now.
1584 tcp->flags &= ~(TCB_INSYSCALL | TCB_SIGTRAPPED);
1585 if (ptrace(PTRACE_SYSCALL,
1586 pid, (char *) 1, 0) < 0) {
1587 perror("trace: ptrace(PTRACE_SYSCALL, ...)");
1594 && (qual_flags[WSTOPSIG(status)] & QUAL_SIGNAL)) {
1596 tprintf("--- %s (%s) ---",
1597 signame(WSTOPSIG(status)),
1598 strsignal(WSTOPSIG(status)));
1601 if ((tcp->flags & TCB_ATTACHED) &&
1602 !sigishandled(tcp, WSTOPSIG(status))) {
1603 detach(tcp, WSTOPSIG(status));
1606 if (ptrace(PTRACE_SYSCALL, pid, (char *) 1,
1607 WSTOPSIG(status)) < 0) {
1608 perror("trace: ptrace(PTRACE_SYSCALL, ...)");
1612 tcp->flags &= ~TCB_SUSPENDED;
1615 if (trace_syscall(tcp) < 0) {
1616 if (tcp->flags & TCB_ATTACHED)
1620 tcp->pid, (char *) 1, SIGTERM);
1625 if (tcp->flags & TCB_EXITING) {
1626 if (tcp->flags & TCB_ATTACHED)
1628 else if (ptrace(PTRACE_CONT, pid, (char *) 1, 0) < 0) {
1629 perror("strace: ptrace(PTRACE_CONT, ...)");
1635 if (tcp->flags & TCB_SUSPENDED) {
1637 fprintf(stderr, "Process %u suspended\n", pid);
1641 if (ptrace(PTRACE_SYSCALL, pid, (char *) 1, 0) < 0) {
1642 perror("trace: ptrace(PTRACE_SYSCALL, ...)");
1656 #define VA_START(a, b) va_start(a, b)
1658 #include <varargs.h>
1659 #define VA_START(a, b) va_start(a)
1664 tprintf(const char *fmt, ...)
1666 tprintf(fmt, va_alist)
1673 VA_START(args, fmt);
1675 curcol += vfprintf(outf, fmt, args);
1684 if (tcp_last && (!outfname || followfork < 2 || tcp_last == tcp)) {
1685 tcp_last->flags |= TCB_REPRINT;
1686 tprintf(" <unfinished ...>\n");
1689 if ((followfork == 1 || pflag_seen > 1) && outfname)
1690 tprintf("%-5d ", tcp->pid);
1691 else if (nprocs > 1 && !outfname)
1692 tprintf("[pid %5u] ", tcp->pid);
1694 char str[sizeof("HH:MM:SS")];
1695 struct timeval tv, dtv;
1696 static struct timeval otv;
1698 gettimeofday(&tv, NULL);
1700 if (otv.tv_sec == 0)
1702 tv_sub(&dtv, &tv, &otv);
1703 tprintf("%6ld.%06ld ",
1704 (long) dtv.tv_sec, (long) dtv.tv_usec);
1707 else if (tflag > 2) {
1708 tprintf("%ld.%06ld ",
1709 (long) tv.tv_sec, (long) tv.tv_usec);
1712 time_t local = tv.tv_sec;
1713 strftime(str, sizeof(str), "%T", localtime(&local));
1715 tprintf("%s.%06ld ", str, (long) tv.tv_usec);
1717 tprintf("%s ", str);
1729 tprintf("%*s", col - curcol, "");
1740 #ifdef HAVE_MP_PROCFS
1742 int mp_ioctl (int fd, int cmd, void *arg, int size) {
1744 struct iovec iov[2];
1747 iov[0].iov_base = &cmd;
1748 iov[0].iov_len = sizeof cmd;
1751 iov[1].iov_base = arg;
1752 iov[1].iov_len = size;
1755 return writev (fd, iov, n);
projects / strace / blob