2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl>
3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl>
4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com>
5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl>
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. The name of the author may not be used to endorse or promote products
17 * derived from this software without specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 #include <sys/types.h>
38 #include <sys/param.h>
40 #include <sys/resource.h>
49 #if defined(IA64) && defined(LINUX)
50 # include <asm/ptrace_offsets.h>
58 #include <sys/stropts.h>
66 int debug = 0, followfork = 0, followvfork = 0, interactive = 0;
67 int rflag = 0, tflag = 0, dtime = 0, cflag = 0;
68 int iflag = 0, xflag = 0, qflag = 0;
71 /* Sometimes we want to print only succeeding syscalls. */
72 int not_failing_only = 0;
74 char *username = NULL;
78 int acolumn = DEFAULT_ACOLUMN;
79 int max_strlen = DEFAULT_STRLEN;
80 char *outfname = NULL;
83 unsigned int nprocs, tcbtabsize;
85 extern char **environ;
87 static int trace P((void));
88 static void cleanup P((void));
89 static void interrupt P((int sig));
90 static sigset_t empty_set, blocked_set;
92 #ifdef HAVE_SIG_ATOMIC_T
93 static volatile sig_atomic_t interrupted;
94 #else /* !HAVE_SIG_ATOMIC_T */
96 static volatile int interrupted;
98 static int interrupted;
99 #endif /* !__STDC__ */
100 #endif /* !HAVE_SIG_ATOMIC_T */
104 static struct tcb *pfd2tcb P((int pfd));
105 static void reaper P((int sig));
106 static void rebuild_pollv P((void));
107 static struct pollfd *pollv;
109 #ifndef HAVE_POLLABLE_PROCFS
111 static void proc_poll_open P((void));
112 static void proc_poller P((int pfd));
120 static int poller_pid;
121 static int proc_poll_pipe[2] = { -1, -1 };
123 #endif /* !HAVE_POLLABLE_PROCFS */
125 #ifdef HAVE_MP_PROCFS
126 #define POLLWANT POLLWRNORM
128 #define POLLWANT POLLPRI
130 #endif /* USE_PROCFS */
138 usage: strace [-dffhiqrtttTvVxx] [-a column] [-e expr] ... [-o file]\n\
139 [-p pid] ... [-s strsize] [-u username] [-E var=val] ...\n\
140 [command [arg ...]]\n\
141 or: strace -c [-e expr] ... [-O overhead] [-S sortby] [-E var=val] ...\n\
142 [command [arg ...]]\n\
143 -c -- count time, calls, and errors for each syscall and report summary\n\
144 -f -- follow forks, -ff -- with output into separate files\n\
145 -F -- attempt to follow vforks, -h -- print help message\n\
146 -i -- print instruction pointer at time of syscall\n\
147 -q -- suppress messages about attaching, detaching, etc.\n\
148 -r -- print relative timestamp, -t -- absolute timestamp, -tt -- with usecs\n\
149 -T -- print time spent in each syscall, -V -- print version\n\
150 -v -- verbose mode: print unabbreviated argv, stat, termio[s], etc. args\n\
151 -x -- print non-ascii strings in hex, -xx -- print all strings in hex\n\
152 -a column -- alignment COLUMN for printing syscall results (default %d)\n\
153 -e expr -- a qualifying expression: option=[!]all or option=[!]val1[,val2]...\n\
154 options: trace, abbrev, verbose, raw, signal, read, or write\n\
155 -o file -- send trace output to FILE instead of stderr\n\
156 -O overhead -- set overhead for tracing syscalls to OVERHEAD usecs\n\
157 -p pid -- trace process with process id PID, may be repeated\n\
158 -s strsize -- limit length of print strings to STRSIZE chars (default %d)\n\
159 -S sortby -- sort syscall counts by: time, calls, name, nothing (default %s)\n\
160 -u username -- run command as username handling setuid and/or setgid\n\
161 -E var=val -- put var=val in the environment for command\n\
162 -E var -- remove var from the environment for command\n\
163 " /* this is broken, so don't document it
164 -z -- print only succeeding syscalls\n\
166 , DEFAULT_ACOLUMN, DEFAULT_STRLEN, DEFAULT_SORTBY);
190 static char buf[BUFSIZ];
192 /* Allocate the initial tcbtab. */
193 tcbtabsize = argc; /* Surely enough for all -p args. */
194 tcbtab = (struct tcb **) malloc (tcbtabsize * sizeof tcbtab[0]);
195 tcbtab[0] = (struct tcb *) calloc (tcbtabsize, sizeof *tcbtab[0]);
196 for (tcp = tcbtab[0]; tcp < &tcbtab[0][tcbtabsize]; ++tcp)
197 tcbtab[tcp - tcbtab[0]] = &tcbtab[0][tcp - tcbtab[0]];
202 qualify("trace=all");
203 qualify("abbrev=all");
204 qualify("verbose=all");
205 qualify("signal=all");
206 set_sortby(DEFAULT_SORTBY);
207 set_personality(DEFAULT_PERSONALITY);
208 while ((c = getopt(argc, argv,
209 "+cdfFhiqrtTvVxza:e:o:O:p:s:S:u:E:")) != EOF) {
247 qualify("abbrev=none");
250 printf("%s -- version %s\n", PACKAGE_NAME, VERSION);
254 not_failing_only = 1;
257 acolumn = atoi(optarg);
263 outfname = strdup(optarg);
266 set_overhead(atoi(optarg));
269 if ((pid = atoi(optarg)) <= 0) {
270 fprintf(stderr, "%s: Invalid process id: %s\n",
274 if (pid == getpid()) {
275 fprintf(stderr, "%s: I'm sorry, I can't let you do that, Dave.\n", progname);
278 if ((tcp = alloctcb(pid)) == NULL) {
279 fprintf(stderr, "%s: out of memory\n",
283 tcp->flags |= TCB_ATTACHED;
287 max_strlen = atoi(optarg);
293 username = strdup(optarg);
296 if (putenv(optarg) < 0) {
297 fprintf(stderr, "%s: out of memory\n",
308 if (optind == argc && !pflag_seen)
311 /* See if they want to run as another user. */
312 if (username != NULL) {
315 if (getuid() != 0 || geteuid() != 0) {
317 "%s: you must be root to use the -u option\n",
321 if ((pent = getpwnam(username)) == NULL) {
322 fprintf(stderr, "%s: cannot find user `%s'\n",
326 run_uid = pent->pw_uid;
327 run_gid = pent->pw_gid;
335 setreuid(geteuid(), getuid());
338 /* Check if they want to redirect the output. */
342 /* See if they want to pipe the output. */
343 if (outfname[0] == '|' || outfname[0] == '!') {
345 * We can't do the <outfname>.PID funny business
346 * when using popen, so prohibit it.
348 if (followfork > 1) {
350 %s: piping the output and -ff are mutually exclusive options\n",
355 if ((outf = popen(outfname + 1, "w")) == NULL) {
356 fprintf(stderr, "%s: can't popen '%s': %s\n",
357 progname, outfname + 1,
362 else if ((outf = fopen(outfname, "w")) == NULL) {
363 fprintf(stderr, "%s: can't fopen '%s': %s\n",
364 progname, outfname, strerror(errno));
368 if ((f=fcntl(fileno(outf), F_GETFD)) < 0 ) {
369 perror("failed to get flags for outputfile");
373 if (fcntl(fileno(outf), F_SETFD, f|FD_CLOEXEC) < 0 ) {
374 perror("failed to set flags for outputfile");
380 setreuid(geteuid(), getuid());
383 if (!outfname || outfname[0] == '|' || outfname[0] == '!')
384 setvbuf(outf, buf, _IOLBF, BUFSIZ);
385 if (outfname && optind < argc) {
390 for (c = 0; c < tcbtabsize; c++) {
392 /* Reinitialize the output since it may have changed. */
394 if (!(tcp->flags & TCB_INUSE) || !(tcp->flags & TCB_ATTACHED))
397 if (proc_open(tcp, 1) < 0) {
398 fprintf(stderr, "trouble opening proc file\n");
402 #else /* !USE_PROCFS */
404 if (tcp->flags & TCB_CLONE_THREAD)
407 char procdir[MAXPATHLEN];
409 sprintf(procdir, "/proc/%d/task", tcp->pid);
410 dir = opendir(procdir);
412 unsigned int ntid = 0, nerr = 0;
415 while ((de = readdir(dir)) != NULL) {
416 if (de->d_fileno == 0 ||
417 de->d_name[0] == '.')
419 tid = atoi(de->d_name);
423 if (ptrace(PTRACE_ATTACH, tid,
426 else if (tid != tcbtab[c]->pid) {
427 if (nprocs == tcbtabsize &&
433 fprintf(stderr, "%s: out of memory\n",
437 tcp->flags |= TCB_ATTACHED|TCB_CLONE_THREAD|TCB_CLONE_DETACHED|TCB_FOLLOWFORK;
438 tcbtab[c]->nchildren++;
439 tcbtab[c]->nclone_threads++;
440 tcbtab[c]->nclone_detached++;
441 tcp->parent = tcbtab[c];
446 perror("attach: ptrace(PTRACE_ATTACH, ...)");
454 Process %u attached with %u threads - interrupt to quit\n",
458 Process %u attached - interrupt to quit\n",
465 if (ptrace(PTRACE_ATTACH, tcp->pid, (char *) 1, 0) < 0) {
466 perror("attach: ptrace(PTRACE_ATTACH, ...)");
470 #endif /* !USE_PROCFS */
473 "Process %u attached - interrupt to quit\n",
480 char pathname[MAXPATHLEN];
482 filename = argv[optind];
483 if (strchr(filename, '/')) {
484 if (strlen(filename) > sizeof pathname - 1) {
485 errno = ENAMETOOLONG;
486 perror("strace: exec");
489 strcpy(pathname, filename);
491 #ifdef USE_DEBUGGING_EXEC
493 * Debuggers customarily check the current directory
494 * first regardless of the path but doing that gives
495 * security geeks a panic attack.
497 else if (stat(filename, &statbuf) == 0)
498 strcpy(pathname, filename);
499 #endif /* USE_DEBUGGING_EXEC */
504 for (path = getenv("PATH"); path && *path; path += m) {
505 if (strchr(path, ':')) {
506 n = strchr(path, ':') - path;
510 m = n = strlen(path);
512 getcwd(pathname, MAXPATHLEN);
513 len = strlen(pathname);
515 else if (n > sizeof pathname - 1)
518 strncpy(pathname, path, n);
521 if (len && pathname[len - 1] != '/')
522 pathname[len++] = '/';
523 strcpy(pathname + len, filename);
524 if (stat(pathname, &statbuf) == 0 &&
525 /* Accept only regular files
526 with some execute bits set.
527 XXX not perfect, might still fail */
528 S_ISREG(statbuf.st_mode) &&
529 (statbuf.st_mode & 0111))
533 if (stat(pathname, &statbuf) < 0) {
534 fprintf(stderr, "%s: %s: command not found\n",
538 switch (pid = fork()) {
540 perror("strace: fork");
546 if (outf != stderr) close (fileno (outf));
548 /* Kludge for SGI, see proc_open for details. */
549 sa.sa_handler = foobar;
551 sigemptyset(&sa.sa_mask);
552 sigaction(SIGINT, &sa, NULL);
557 kill(getpid(), SIGSTOP); /* stop HERE */
559 #else /* !USE_PROCFS */
561 close(fileno (outf));
563 if (ptrace(PTRACE_TRACEME, 0, (char *) 1, 0) < 0) {
564 perror("strace: ptrace(PTRACE_TRACEME, ...)");
568 kill(getpid(), SIGSTOP);
570 if (username != NULL || geteuid() == 0) {
571 uid_t run_euid = run_uid;
572 gid_t run_egid = run_gid;
574 if (statbuf.st_mode & S_ISUID)
575 run_euid = statbuf.st_uid;
576 if (statbuf.st_mode & S_ISGID)
577 run_egid = statbuf.st_gid;
580 * It is important to set groups before we
581 * lose privileges on setuid.
583 if (username != NULL) {
584 if (initgroups(username, run_gid) < 0) {
585 perror("initgroups");
588 if (setregid(run_gid, run_egid) < 0) {
592 if (setreuid(run_uid, run_euid) < 0) {
599 setreuid(run_uid, run_uid);
600 #endif /* !USE_PROCFS */
602 execv(pathname, &argv[optind]);
603 perror("strace: exec");
608 if ((tcp = alloctcb(pid)) == NULL) {
609 fprintf(stderr, "tcb table full\n");
614 if (proc_open(tcp, 0) < 0) {
615 fprintf(stderr, "trouble opening proc file\n");
619 #endif /* USE_PROCFS */
621 fake_execve(tcp, pathname, &argv[optind], environ);
622 #endif /* !USE_PROCFS */
627 sigemptyset(&empty_set);
628 sigemptyset(&blocked_set);
629 sa.sa_handler = SIG_IGN;
630 sigemptyset(&sa.sa_mask);
632 sigaction(SIGTTOU, &sa, NULL);
633 sigaction(SIGTTIN, &sa, NULL);
635 sigaddset(&blocked_set, SIGHUP);
636 sigaddset(&blocked_set, SIGINT);
637 sigaddset(&blocked_set, SIGQUIT);
638 sigaddset(&blocked_set, SIGPIPE);
639 sigaddset(&blocked_set, SIGTERM);
640 sa.sa_handler = interrupt;
642 /* POSIX signals on sunos4.1 are a little broken. */
643 sa.sa_flags = SA_INTERRUPT;
646 sigaction(SIGHUP, &sa, NULL);
647 sigaction(SIGINT, &sa, NULL);
648 sigaction(SIGQUIT, &sa, NULL);
649 sigaction(SIGPIPE, &sa, NULL);
650 sigaction(SIGTERM, &sa, NULL);
652 sa.sa_handler = reaper;
653 sigaction(SIGCHLD, &sa, NULL);
655 /* Make sure SIGCHLD has the default action so that waitpid
656 definitely works without losing track of children. The user
657 should not have given us a bogus state to inherit, but he might
658 have. Arguably we should detect SIG_IGN here and pass it on
659 to children, but probably noone really needs that. */
660 sa.sa_handler = SIG_DFL;
661 sigaction(SIGCHLD, &sa, NULL);
662 #endif /* USE_PROCFS */
674 char name[MAXPATHLEN];
677 if (outfname && followfork > 1) {
678 sprintf(name, "%s.%u", outfname, tcp->pid);
680 setreuid(geteuid(), getuid());
682 fp = fopen(name, "w");
684 setreuid(geteuid(), getuid());
698 /* Allocate some more TCBs and expand the table.
699 We don't want to relocate the TCBs because our
700 callers have pointers and it would be a pain.
701 So tcbtab is a table of pointers. Since we never
702 free the TCBs, we allocate a single chunk of many. */
703 struct tcb **newtab = (struct tcb **)
704 realloc(tcbtab, 2 * tcbtabsize * sizeof tcbtab[0]);
705 struct tcb *newtcbs = (struct tcb *) calloc(tcbtabsize,
708 if (newtab == NULL || newtcbs == NULL) {
713 for (i = tcbtabsize; i < 2 * tcbtabsize; ++i)
714 newtab[i] = &newtcbs[i - tcbtabsize];
729 for (i = 0; i < tcbtabsize; i++) {
731 if ((tcp->flags & TCB_INUSE) == 0) {
736 #ifdef TCB_CLONE_THREAD
737 tcp->nclone_threads = tcp->nclone_detached = 0;
738 tcp->nclone_waiting = 0;
740 tcp->flags = TCB_INUSE | TCB_STARTUP;
741 tcp->outf = outf; /* Initialise to current out file */
742 tcp->stime.tv_sec = 0;
743 tcp->stime.tv_usec = 0;
754 proc_open(tcp, attaching)
766 #ifndef HAVE_POLLABLE_PROCFS
770 #ifdef HAVE_MP_PROCFS
771 /* Open the process pseudo-files in /proc. */
772 sprintf(proc, "/proc/%d/ctl", tcp->pid);
773 if ((tcp->pfd = open(proc, O_WRONLY|O_EXCL)) < 0) {
774 perror("strace: open(\"/proc/...\", ...)");
777 if ((arg = fcntl(tcp->pfd, F_GETFD)) < 0) {
781 if (fcntl(tcp->pfd, F_SETFD, arg|FD_CLOEXEC) < 0) {
785 sprintf(proc, "/proc/%d/status", tcp->pid);
786 if ((tcp->pfd_stat = open(proc, O_RDONLY|O_EXCL)) < 0) {
787 perror("strace: open(\"/proc/...\", ...)");
790 if ((arg = fcntl(tcp->pfd_stat, F_GETFD)) < 0) {
794 if (fcntl(tcp->pfd_stat, F_SETFD, arg|FD_CLOEXEC) < 0) {
798 sprintf(proc, "/proc/%d/as", tcp->pid);
799 if ((tcp->pfd_as = open(proc, O_RDONLY|O_EXCL)) < 0) {
800 perror("strace: open(\"/proc/...\", ...)");
803 if ((arg = fcntl(tcp->pfd_as, F_GETFD)) < 0) {
807 if (fcntl(tcp->pfd_as, F_SETFD, arg|FD_CLOEXEC) < 0) {
812 /* Open the process pseudo-file in /proc. */
814 sprintf(proc, "/proc/%d", tcp->pid);
815 if ((tcp->pfd = open(proc, O_RDWR|O_EXCL)) < 0) {
817 sprintf(proc, "/proc/%d/mem", tcp->pid);
818 if ((tcp->pfd = open(proc, O_RDWR)) < 0) {
820 perror("strace: open(\"/proc/...\", ...)");
823 if ((arg = fcntl(tcp->pfd, F_GETFD)) < 0) {
827 if (fcntl(tcp->pfd, F_SETFD, arg|FD_CLOEXEC) < 0) {
833 sprintf(proc, "/proc/%d/regs", tcp->pid);
834 if ((tcp->pfd_reg = open(proc, O_RDONLY)) < 0) {
835 perror("strace: open(\"/proc/.../regs\", ...)");
839 sprintf(proc, "/proc/%d/status", tcp->pid);
840 if ((tcp->pfd_status = open(proc, O_RDONLY)) < 0) {
841 perror("strace: open(\"/proc/.../status\", ...)");
845 tcp->pfd_status = -1;
850 * Wait for the child to pause. Because of a race
851 * condition we have to poll for the event.
854 if (IOCTL_STATUS (tcp) < 0) {
855 perror("strace: PIOCSTATUS");
858 if (tcp->status.PR_FLAGS & PR_ASLEEP)
863 /* Stop the process so that we own the stop. */
864 if (IOCTL(tcp->pfd, PIOCSTOP, (char *)NULL) < 0) {
865 perror("strace: PIOCSTOP");
870 /* Set Run-on-Last-Close. */
872 if (IOCTL(tcp->pfd, PIOCSET, &arg) < 0) {
873 perror("PIOCSET PR_RLC");
876 /* Set or Reset Inherit-on-Fork. */
878 if (IOCTL(tcp->pfd, followfork ? PIOCSET : PIOCRESET, &arg) < 0) {
879 perror("PIOC{SET,RESET} PR_FORK");
884 if (ioctl(tcp->pfd, PIOCSRLC) < 0) {
888 if (ioctl(tcp->pfd, followfork ? PIOCSFORK : PIOCRFORK) < 0) {
889 perror("PIOC{S,R}FORK");
893 /* just unset the PF_LINGER flag for the Run-on-Last-Close. */
894 if (ioctl(tcp->pfd, PIOCGFL, &arg) < 0) {
899 if (ioctl(tcp->pfd, PIOCSFL, arg) < 0) {
904 #endif /* !PIOCSET */
906 /* Enable all syscall entries we care about. */
907 premptyset(&syscalls);
908 for (i = 1; i < MAX_QUALS; ++i) {
909 if (i > (sizeof syscalls) * CHAR_BIT) break;
910 if (qual_flags [i] & QUAL_TRACE) praddset (&syscalls, i);
912 praddset (&syscalls, SYS_execve);
914 praddset (&syscalls, SYS_fork);
916 praddset (&syscalls, SYS_forkall);
919 praddset (&syscalls, SYS_fork1);
922 praddset (&syscalls, SYS_rfork1);
925 praddset (&syscalls, SYS_rforkall);
928 if (IOCTL(tcp->pfd, PIOCSENTRY, &syscalls) < 0) {
929 perror("PIOCSENTRY");
932 /* Enable the syscall exits. */
933 if (IOCTL(tcp->pfd, PIOCSEXIT, &syscalls) < 0) {
937 /* Enable signals we care about. */
938 premptyset(&signals);
939 for (i = 1; i < MAX_QUALS; ++i) {
940 if (i > (sizeof signals) * CHAR_BIT) break;
941 if (qual_flags [i] & QUAL_SIGNAL) praddset (&signals, i);
943 if (IOCTL(tcp->pfd, PIOCSTRACE, &signals) < 0) {
944 perror("PIOCSTRACE");
947 /* Enable faults we care about */
949 for (i = 1; i < MAX_QUALS; ++i) {
950 if (i > (sizeof faults) * CHAR_BIT) break;
951 if (qual_flags [i] & QUAL_FAULT) praddset (&faults, i);
953 if (IOCTL(tcp->pfd, PIOCSFAULT, &faults) < 0) {
954 perror("PIOCSFAULT");
958 /* set events flags. */
959 arg = S_SIG | S_SCE | S_SCX ;
960 if(ioctl(tcp->pfd, PIOCBIS, arg) < 0) {
968 * The SGI PRSABORT doesn't work for pause() so
969 * we send it a caught signal to wake it up.
971 kill(tcp->pid, SIGINT);
974 /* The child is in a pause(), abort it. */
976 if (IOCTL (tcp->pfd, PIOCRUN, &arg) < 0) {
983 /* wake up the child if it received the SIGSTOP */
984 kill(tcp->pid, SIGCONT);
987 /* Wait for the child to do something. */
988 if (IOCTL_WSTOP (tcp) < 0) {
992 if (tcp->status.PR_WHY == PR_SYSENTRY) {
993 tcp->flags &= ~TCB_INSYSCALL;
995 if (tcp->scno == SYS_execve)
998 /* Set it running: maybe execve will be next. */
1001 if (IOCTL(tcp->pfd, PIOCRUN, &arg) < 0) {
1003 if (IOCTL(tcp->pfd, PIOCRUN, 0) < 0) {
1004 #endif /* FREEBSD */
1009 /* handle the case where we "opened" the child before
1010 it did the kill -STOP */
1011 if (tcp->status.PR_WHY == PR_SIGNALLED &&
1012 tcp->status.PR_WHAT == SIGSTOP)
1013 kill(tcp->pid, SIGCONT);
1020 if (attaching < 2) {
1021 /* We are attaching to an already running process.
1022 * Try to figure out the state of the process in syscalls,
1023 * to handle the first event well.
1024 * This is done by having a look at the "wchan" property of the
1025 * process, which tells where it is stopped (if it is). */
1027 char wchan[20]; /* should be enough */
1029 sprintf(proc, "/proc/%d/status", tcp->pid);
1030 status = fopen(proc, "r");
1032 (fscanf(status, "%*s %*d %*d %*d %*d %*d,%*d %*s %*d,%*d"
1033 "%*d,%*d %*d,%*d %19s", wchan) == 1) &&
1034 strcmp(wchan, "nochan") && strcmp(wchan, "spread") &&
1035 strcmp(wchan, "stopevent")) {
1036 /* The process is asleep in the middle of a syscall.
1037 Fake the syscall entry event */
1038 tcp->flags &= ~(TCB_INSYSCALL|TCB_STARTUP);
1039 tcp->status.PR_WHY = PR_SYSENTRY;
1044 } /* otherwise it's a fork being followed */
1046 #endif /* FREEBSD */
1047 #ifndef HAVE_POLLABLE_PROCFS
1048 if (proc_poll_pipe[0] != -1)
1049 proc_poller(tcp->pfd);
1050 else if (nprocs > 1) {
1052 proc_poller(last_pfd);
1053 proc_poller(tcp->pfd);
1055 last_pfd = tcp->pfd;
1056 #endif /* !HAVE_POLLABLE_PROCFS */
1060 #endif /* USE_PROCFS */
1069 for (i = 0; i < tcbtabsize; i++) {
1071 if (pid && tcp->pid != pid)
1073 if (tcp->flags & TCB_INUSE)
1087 for (i = 0; i < tcbtabsize; i++) {
1088 struct tcb *tcp = tcbtab[i];
1089 if (tcp->pfd != pfd)
1091 if (tcp->flags & TCB_INUSE)
1097 #endif /* USE_PROCFS */
1105 #ifdef TCB_CLONE_THREAD
1106 if (tcp->nclone_threads > 0) {
1107 /* There are other threads left in this process, but this
1108 is the one whose PID represents the whole process.
1109 We need to keep this record around as a zombie until
1110 all the threads die. */
1111 tcp->flags |= TCB_EXITING;
1118 if (tcp->parent != NULL) {
1119 tcp->parent->nchildren--;
1120 #ifdef TCB_CLONE_THREAD
1121 if (tcp->flags & TCB_CLONE_DETACHED)
1122 tcp->parent->nclone_detached--;
1123 if (tcp->flags & TCB_CLONE_THREAD)
1124 tcp->parent->nclone_threads--;
1126 #ifdef TCB_CLONE_DETACHED
1127 if (!(tcp->flags & TCB_CLONE_DETACHED))
1129 tcp->parent->nzombies++;
1134 if (tcp->pfd != -1) {
1138 if (tcp->pfd_reg != -1) {
1139 close(tcp->pfd_reg);
1142 if (tcp->pfd_status != -1) {
1143 close(tcp->pfd_status);
1144 tcp->pfd_status = -1;
1146 #endif /* !FREEBSD */
1148 rebuild_pollv(); /* Note, flags needs to be cleared by now. */
1152 if (outfname && followfork > 1 && tcp->outf)
1167 if (!(tcp->flags & TCB_SUSPENDED)) {
1168 fprintf(stderr, "PANIC: pid %u not suspended\n", tcp->pid);
1171 tcp->flags &= ~TCB_SUSPENDED;
1172 #ifdef TCB_CLONE_THREAD
1173 if (tcp->flags & TCB_CLONE_THREAD)
1174 tcp->parent->nclone_waiting--;
1177 if (ptrace(PTRACE_SYSCALL, tcp->pid, (char *) 1, 0) < 0) {
1178 perror("resume: ptrace(PTRACE_SYSCALL, ...)");
1183 fprintf(stderr, "Process %u resumed\n", tcp->pid);
1187 #endif /* !USE_PROCFS */
1189 /* detach traced process; continue with sig */
1198 int status, resumed;
1201 if (tcp->flags & TCB_BPTSET)
1206 * Linux wrongly insists the child be stopped
1207 * before detaching. Arghh. We go through hoops
1208 * to make a clean break of things.
1211 #undef PTRACE_DETACH
1212 #define PTRACE_DETACH PTRACE_SUNDETACH
1214 if ((error = ptrace(PTRACE_DETACH, tcp->pid, (char *) 1, sig)) == 0) {
1215 /* On a clear day, you can see forever. */
1217 else if (errno != ESRCH) {
1218 /* Shouldn't happen. */
1219 perror("detach: ptrace(PTRACE_DETACH, ...)");
1221 else if (kill(tcp->pid, 0) < 0) {
1223 perror("detach: checking sanity");
1225 else if (kill(tcp->pid, SIGSTOP) < 0) {
1227 perror("detach: stopping child");
1232 if (wait4(tcp->pid, &status, __WALL, NULL) < 0) {
1233 if (errno == ECHILD) /* Already gone. */
1235 if (errno != EINVAL) {
1236 perror("detach: waiting");
1240 /* No __WALL here. */
1241 if (waitpid(tcp->pid, &status, 0) < 0) {
1242 if (errno != ECHILD) {
1243 perror("detach: waiting");
1247 /* If no processes, try clones. */
1248 if (wait4(tcp->pid, &status, __WCLONE,
1250 if (errno != ECHILD)
1251 perror("detach: waiting");
1254 #endif /* __WCLONE */
1259 if (!WIFSTOPPED(status)) {
1260 /* Au revoir, mon ami. */
1263 if (WSTOPSIG(status) == SIGSTOP) {
1264 if ((error = ptrace(PTRACE_DETACH,
1265 tcp->pid, (char *) 1, sig)) < 0) {
1267 perror("detach: ptrace(PTRACE_DETACH, ...)");
1268 /* I died trying. */
1272 if ((error = ptrace(PTRACE_CONT, tcp->pid, (char *) 1,
1273 WSTOPSIG(status) == SIGTRAP ?
1274 0 : WSTOPSIG(status))) < 0) {
1276 perror("detach: ptrace(PTRACE_CONT, ...)");
1284 /* PTRACE_DETACH won't respect `sig' argument, so we post it here. */
1285 if (sig && kill(tcp->pid, sig) < 0)
1286 perror("detach: kill");
1288 if ((error = ptrace(PTRACE_DETACH, tcp->pid, (char *) 1, sig)) < 0)
1289 perror("detach: ptrace(PTRACE_DETACH, ...)");
1295 /* XXX This won't always be quite right (but it never was).
1296 A waiter with argument 0 or < -1 is waiting for any pid in
1297 a particular pgrp, which this child might or might not be
1298 in. The waiter will only wake up if it's argument is -1
1299 or if it's waiting for tcp->pid's pgrp. It makes a
1300 difference to wake up a waiter when there might be more
1301 traced children, because it could get a false ECHILD
1302 error. OTOH, if this was the last child in the pgrp, then
1303 it ought to wake up and get ECHILD. We would have to
1304 search the system for all pid's in the pgrp to be sure.
1306 && (t->waitpid == -1 ||
1307 (t->waitpid == 0 && getpgid (tcp->pid) == getpgid (t->pid))
1308 || (t->waitpid < 0 && t->waitpid == -getpid (t->pid)))
1312 (tcp->parent->flags & TCB_SUSPENDED) &&
1313 (tcp->parent->waitpid <= 0 || tcp->parent->waitpid == tcp->pid)) {
1314 error = resume(tcp->parent);
1317 #ifdef TCB_CLONE_THREAD
1318 if (tcp->parent && tcp->parent->nclone_waiting > 0) {
1319 /* Some other threads of our parent are waiting too. */
1322 /* Resume all the threads that were waiting for this PID. */
1323 for (i = 0; i < tcbtabsize; i++) {
1324 struct tcb *t = tcbtab[i];
1325 if (t->parent == tcp->parent && t != tcp
1326 && ((t->flags & (TCB_CLONE_THREAD|TCB_SUSPENDED))
1327 == (TCB_CLONE_THREAD|TCB_SUSPENDED))
1328 && t->waitpid == tcp->pid) {
1329 error |= resume (t);
1334 /* Noone was waiting for this PID in particular,
1335 so now we might need to resume some wildcarders. */
1336 for (i = 0; i < tcbtabsize; i++) {
1337 struct tcb *t = tcbtab[i];
1338 if (t->parent == tcp->parent && t != tcp
1340 & (TCB_CLONE_THREAD|TCB_SUSPENDED))
1341 == (TCB_CLONE_THREAD|TCB_SUSPENDED))
1344 error |= resume (t);
1351 #endif /* !USE_PROCFS */
1354 fprintf(stderr, "Process %u detached\n", tcp->pid);
1369 while ((pid = waitpid(-1, &status, WNOHANG)) > 0) {
1380 #endif /* USE_PROCFS */
1388 for (i = 0; i < tcbtabsize; i++) {
1390 if (!(tcp->flags & TCB_INUSE))
1394 "cleanup: looking at pid %u\n", tcp->pid);
1396 (!outfname || followfork < 2 || tcp_last == tcp)) {
1397 tprintf(" <unfinished ...>\n");
1400 if (tcp->flags & TCB_ATTACHED)
1403 kill(tcp->pid, SIGCONT);
1404 kill(tcp->pid, SIGTERM);
1418 #ifndef HAVE_STRERROR
1420 #if !HAVE_DECL_SYS_ERRLIST
1421 extern int sys_nerr;
1422 extern char *sys_errlist[];
1423 #endif /* HAVE_DECL_SYS_ERRLIST */
1429 static char buf[64];
1431 if (errno < 1 || errno >= sys_nerr) {
1432 sprintf(buf, "Unknown error %d", errno);
1435 return sys_errlist[errno];
1438 #endif /* HAVE_STERRROR */
1440 #ifndef HAVE_STRSIGNAL
1442 #if defined HAVE_SYS_SIGLIST && !defined HAVE_DECL_SYS_SIGLIST
1443 extern char *sys_siglist[];
1445 #if defined HAVE_SYS__SIGLIST && !defined HAVE_DECL__SYS_SIGLIST
1446 extern char *_sys_siglist[];
1453 static char buf[64];
1455 if (sig < 1 || sig >= NSIG) {
1456 sprintf(buf, "Unknown signal %d", sig);
1459 #ifdef HAVE__SYS_SIGLIST
1460 return _sys_siglist[sig];
1462 return sys_siglist[sig];
1466 #endif /* HAVE_STRSIGNAL */
1477 pollv = (struct pollfd *) malloc(nprocs * sizeof pollv[0]);
1478 if (pollv == NULL) {
1479 fprintf(stderr, "strace: out of memory for poll vector\n");
1483 for (i = j = 0; i < tcbtabsize; i++) {
1484 struct tcb *tcp = tcbtab[i];
1485 if (!(tcp->flags & TCB_INUSE))
1487 pollv[j].fd = tcp->pfd;
1488 pollv[j].events = POLLWANT;
1492 fprintf(stderr, "strace: proc miscount\n");
1497 #ifndef HAVE_POLLABLE_PROCFS
1505 if (pipe(proc_poll_pipe) < 0) {
1509 for (i = 0; i < 2; i++) {
1510 if ((arg = fcntl(proc_poll_pipe[i], F_GETFD)) < 0) {
1514 if (fcntl(proc_poll_pipe[i], F_SETFD, arg|FD_CLOEXEC) < 0) {
1522 proc_poll(pollv, nfds, timeout)
1523 struct pollfd *pollv;
1529 struct proc_pollfd pollinfo;
1531 if ((n = read(proc_poll_pipe[0], &pollinfo, sizeof(pollinfo))) < 0)
1533 if (n != sizeof(struct proc_pollfd)) {
1534 fprintf(stderr, "panic: short read: %d\n", n);
1537 for (i = 0; i < nprocs; i++) {
1538 if (pollv[i].fd == pollinfo.fd)
1539 pollv[i].revents = pollinfo.revents;
1541 pollv[i].revents = 0;
1543 poller_pid = pollinfo.pid;
1557 struct proc_pollfd pollinfo;
1558 struct sigaction sa;
1559 sigset_t blocked_set, empty_set;
1564 struct procfs_status pfs;
1565 #endif /* FREEBSD */
1577 sa.sa_handler = interactive ? SIG_DFL : SIG_IGN;
1579 sigemptyset(&sa.sa_mask);
1580 sigaction(SIGHUP, &sa, NULL);
1581 sigaction(SIGINT, &sa, NULL);
1582 sigaction(SIGQUIT, &sa, NULL);
1583 sigaction(SIGPIPE, &sa, NULL);
1584 sigaction(SIGTERM, &sa, NULL);
1585 sa.sa_handler = wakeup_handler;
1586 sigaction(SIGUSR1, &sa, NULL);
1587 sigemptyset(&blocked_set);
1588 sigaddset(&blocked_set, SIGUSR1);
1589 sigprocmask(SIG_BLOCK, &blocked_set, NULL);
1590 sigemptyset(&empty_set);
1592 if (getrlimit(RLIMIT_NOFILE, &rl) < 0) {
1593 perror("getrlimit(RLIMIT_NOFILE, ...)");
1597 for (i = 0; i < n; i++) {
1598 if (i != pfd && i != proc_poll_pipe[1])
1603 pollinfo.pid = getpid();
1606 if (ioctl(pfd, PIOCWSTOP, NULL) < 0)
1608 if (ioctl(pfd, PIOCWSTOP, &pfs) < 0)
1609 #endif /* FREEBSD */
1615 pollinfo.revents = POLLERR;
1618 pollinfo.revents = POLLHUP;
1621 perror("proc_poller: PIOCWSTOP");
1623 write(proc_poll_pipe[1], &pollinfo, sizeof(pollinfo));
1626 pollinfo.revents = POLLWANT;
1627 write(proc_poll_pipe[1], &pollinfo, sizeof(pollinfo));
1628 sigsuspend(&empty_set);
1632 #endif /* !HAVE_POLLABLE_PROCFS */
1642 if (followfork < 2 &&
1643 last < nprocs && (pollv[last].revents & POLLWANT)) {
1645 * The previous process is ready to run again. We'll
1646 * let it do so if it is currently in a syscall. This
1647 * heuristic improves the readability of the trace.
1649 tcp = pfd2tcb(pollv[last].fd);
1650 if (tcp && (tcp->flags & TCB_INSYSCALL))
1651 return pollv[last].fd;
1654 for (i = 0; i < nprocs; i++) {
1655 /* Let competing children run round robin. */
1656 j = (i + last + 1) % nprocs;
1657 if (pollv[j].revents & (POLLHUP | POLLERR)) {
1658 tcp = pfd2tcb(pollv[j].fd);
1660 fprintf(stderr, "strace: lost proc\n");
1666 if (pollv[j].revents & POLLWANT) {
1671 fprintf(stderr, "strace: nothing ready\n");
1679 struct tcb *in_syscall = NULL;
1684 int ioctl_result = 0, ioctl_errno = 0;
1689 sigprocmask(SIG_SETMASK, &empty_set, NULL);
1696 #ifndef HAVE_POLLABLE_PROCFS
1697 if (proc_poll_pipe[0] == -1) {
1706 #ifndef HAVE_POLLABLE_PROCFS
1708 /* fall through ... */
1709 #endif /* !HAVE_POLLABLE_PROCFS */
1711 #ifdef HAVE_POLLABLE_PROCFS
1713 /* On some systems (e.g. UnixWare) we get too much ugly
1714 "unfinished..." stuff when multiple proceses are in
1715 syscalls. Here's a nasty hack */
1722 pv.events = POLLWANT;
1723 if ((what = poll (&pv, 1, 1)) < 0) {
1728 else if (what == 1 && pv.revents & POLLWANT) {
1734 if (poll(pollv, nprocs, INFTIM) < 0) {
1739 #else /* !HAVE_POLLABLE_PROCFS */
1740 if (proc_poll(pollv, nprocs, INFTIM) < 0) {
1745 #endif /* !HAVE_POLLABLE_PROCFS */
1752 /* Look up `pfd' in our table. */
1753 if ((tcp = pfd2tcb(pfd)) == NULL) {
1754 fprintf(stderr, "unknown pfd: %u\n", pfd);
1760 /* Get the status of the process. */
1763 ioctl_result = IOCTL_WSTOP (tcp);
1765 /* Thanks to some scheduling mystery, the first poller
1766 sometimes waits for the already processed end of fork
1767 event. Doing a non blocking poll here solves the problem. */
1768 if (proc_poll_pipe[0] != -1)
1769 ioctl_result = IOCTL_STATUS (tcp);
1771 ioctl_result = IOCTL_WSTOP (tcp);
1772 #endif /* FREEBSD */
1773 ioctl_errno = errno;
1774 #ifndef HAVE_POLLABLE_PROCFS
1775 if (proc_poll_pipe[0] != -1) {
1776 if (ioctl_result < 0)
1777 kill(poller_pid, SIGKILL);
1779 kill(poller_pid, SIGUSR1);
1781 #endif /* !HAVE_POLLABLE_PROCFS */
1787 sigprocmask(SIG_BLOCK, &blocked_set, NULL);
1789 if (ioctl_result < 0) {
1790 /* Find out what happened if it failed. */
1791 switch (ioctl_errno) {
1802 perror("PIOCWSTOP");
1808 if ((tcp->flags & TCB_STARTUP) && (tcp->status.PR_WHY == PR_SYSEXIT)) {
1809 /* discard first event for a syscall we never entered */
1810 IOCTL (tcp->pfd, PIOCRUN, 0);
1815 /* clear the just started flag */
1816 tcp->flags &= ~TCB_STARTUP;
1818 /* set current output file */
1822 struct timeval stime;
1827 if ((len = pread(tcp->pfd_status, buf, sizeof(buf) - 1, 0)) > 0) {
1830 "%*s %*d %*d %*d %*d %*d,%*d %*s %*d,%*d %*d,%*d %ld,%ld",
1831 &stime.tv_sec, &stime.tv_usec);
1833 stime.tv_sec = stime.tv_usec = 0;
1834 #else /* !FREEBSD */
1835 stime.tv_sec = tcp->status.pr_stime.tv_sec;
1836 stime.tv_usec = tcp->status.pr_stime.tv_nsec/1000;
1837 #endif /* !FREEBSD */
1838 tv_sub(&tcp->dtime, &stime, &tcp->stime);
1841 what = tcp->status.PR_WHAT;
1842 switch (tcp->status.PR_WHY) {
1845 if (tcp->status.PR_FLAGS & PR_ASLEEP) {
1846 tcp->status.PR_WHY = PR_SYSENTRY;
1847 if (trace_syscall(tcp) < 0) {
1848 fprintf(stderr, "syscall trouble\n");
1853 #endif /* !FREEBSD */
1859 if (trace_syscall(tcp) < 0) {
1860 fprintf(stderr, "syscall trouble\n");
1865 if (!cflag && (qual_flags[what] & QUAL_SIGNAL)) {
1867 tprintf("--- %s (%s) ---",
1868 signame(what), strsignal(what));
1871 if (tcp->status.PR_INFO.si_signo == what) {
1873 tprintf(" siginfo=");
1874 printsiginfo(&tcp->status.PR_INFO, 1);
1881 if (!cflag && (qual_flags[what] & QUAL_FAULT)) {
1883 tprintf("=== FAULT %d ===", what);
1888 case 0: /* handle case we polled for nothing */
1892 fprintf(stderr, "odd stop %d\n", tcp->status.PR_WHY);
1898 if (IOCTL (tcp->pfd, PIOCRUN, &arg) < 0) {
1900 if (IOCTL (tcp->pfd, PIOCRUN, 0) < 0) {
1909 #else /* !USE_PROCFS */
1911 #ifdef TCB_GROUP_EXITING
1912 /* Handle an exit detach or death signal that is taking all the
1913 related clone threads with it. This is called in three circumstances:
1914 SIG == -1 TCP has already died (TCB_ATTACHED is clear, strace is parent).
1915 SIG == 0 Continuing TCP will perform an exit_group syscall.
1916 SIG == other Continuing TCP with SIG will kill the process.
1919 handle_group_exit(struct tcb *tcp, int sig)
1921 /* We need to locate our records of all the clone threads
1922 related to TCP, either its children or siblings. */
1923 struct tcb *leader = ((tcp->flags & TCB_CLONE_THREAD)
1925 : tcp->nclone_detached > 0
1929 if (leader != NULL && leader != tcp)
1931 "PANIC: handle_group_exit: %d leader %d\n",
1932 tcp->pid, leader ? leader->pid : -1);
1933 droptcb(tcp); /* Already died. */
1936 if (tcp->flags & TCB_ATTACHED) {
1937 if (leader != NULL && leader != tcp) {
1938 /* We need to detach the leader so that the
1939 process death will be reported to its real
1940 parent. But we kill it first to prevent
1941 it doing anything before we kill the whole
1942 process in a moment. We can use
1943 PTRACE_KILL on a thread that's not already
1944 stopped. Then the value we pass in
1945 PTRACE_DETACH just sets the death
1946 signal reported to the real parent. */
1947 ptrace(PTRACE_KILL, leader->pid, 0, 0);
1950 " [%d exit %d kills %d]\n",
1951 tcp->pid, sig, leader->pid);
1952 detach(leader, sig);
1956 else if (ptrace(PTRACE_CONT, tcp->pid, (char *) 1, sig) < 0) {
1957 perror("strace: ptrace(PTRACE_CONT, ...)");
1962 if (leader != NULL && leader != tcp)
1964 /* The leader will report to us as parent now,
1965 and then we'll get to the SIG==-1 case. */
1970 /* Note that TCP and LEADER are no longer valid,
1971 but we can still compare against them. */
1972 if (leader != NULL) {
1974 for (i = 0; i < tcbtabsize; i++) {
1975 struct tcb *t = tcbtab[i];
1976 if (t != tcp && (t->flags & TCB_CLONE_DETACHED)
1977 && t->parent == leader)
1996 static int wait4_options = __WALL;
2000 while (nprocs != 0) {
2002 sigprocmask(SIG_SETMASK, &empty_set, NULL);
2005 pid = wait4(-1, &status, wait4_options, cflag ? &ru : NULL);
2006 if (pid < 0 && (wait4_options & __WALL) && errno == EINVAL) {
2007 /* this kernel does not support __WALL */
2008 wait4_options &= ~__WALL;
2010 pid = wait4(-1, &status, wait4_options,
2011 cflag ? &ru : NULL);
2013 if (pid < 0 && !(wait4_options & __WALL) && errno == ECHILD) {
2014 /* most likely a "cloned" process */
2015 pid = wait4(-1, &status, __WCLONE,
2016 cflag ? &ru : NULL);
2018 fprintf(stderr, "strace: clone wait4 "
2019 "failed: %s\n", strerror(errno));
2023 pid = wait4(-1, &status, 0, cflag ? &ru : NULL);
2027 pid = wait(&status);
2031 sigprocmask(SIG_BLOCK, &blocked_set, NULL);
2037 switch (wait_errno) {
2042 * We would like to verify this case
2043 * but sometimes a race in Solbourne's
2044 * version of SunOS sometimes reports
2045 * ECHILD before sending us SIGCHILD.
2050 fprintf(stderr, "strace: proc miscount\n");
2056 perror("strace: wait");
2061 fprintf(stderr, " [wait(%#x) = %u]\n", status, pid);
2063 /* Look up `pid' in our table. */
2064 if ((tcp = pid2tcb(pid)) == NULL) {
2066 if (followfork || followvfork) {
2067 /* This is needed to go with the CLONE_PTRACE
2068 changes in process.c/util.c: we might see
2069 the child's initial trap before we see the
2070 parent return from the clone syscall.
2071 Leave the child suspended until the parent
2072 returns from its system call. Only then
2073 will we have the association of parent and
2074 child so that we know how to do clearbpt
2076 if ((tcp = alloctcb(pid)) == NULL) {
2077 fprintf(stderr, " [tcb table full]\n");
2078 kill(pid, SIGKILL); /* XXX */
2081 tcp->flags |= TCB_ATTACHED | TCB_SUSPENDED;
2085 Process %d attached (waiting for parent)\n",
2089 /* This can happen if a clone call used
2090 CLONE_PTRACE itself. */
2093 fprintf(stderr, "unknown pid: %u\n", pid);
2094 if (WIFSTOPPED(status))
2095 ptrace(PTRACE_CONT, pid, (char *) 1, 0);
2099 /* set current output file */
2103 tv_sub(&tcp->dtime, &ru.ru_stime, &tcp->stime);
2104 tcp->stime = ru.ru_stime;
2108 if (tcp->flags & TCB_SUSPENDED) {
2110 * Apparently, doing any ptrace() call on a stopped
2111 * process, provokes the kernel to report the process
2112 * status again on a subsequent wait(), even if the
2113 * process has not been actually restarted.
2114 * Since we have inspected the arguments of suspended
2115 * processes we end up here testing for this case.
2119 if (WIFSIGNALED(status)) {
2121 && (qual_flags[WTERMSIG(status)] & QUAL_SIGNAL)) {
2123 tprintf("+++ killed by %s %s+++",
2124 signame(WTERMSIG(status)),
2126 WCOREDUMP(status) ? "(core dumped) " :
2131 #ifdef TCB_GROUP_EXITING
2132 handle_group_exit(tcp, -1);
2138 if (WIFEXITED(status)) {
2140 fprintf(stderr, "pid %u exited\n", pid);
2141 if (tcp->flags & TCB_ATTACHED)
2143 "PANIC: attached pid %u exited\n",
2145 if (tcp == tcp_last) {
2146 if ((tcp->flags & (TCB_INSYSCALL|TCB_REPRINT))
2148 tprintf(" <unfinished ... exit status %d>\n",
2149 WEXITSTATUS(status));
2152 #ifdef TCB_GROUP_EXITING
2153 handle_group_exit(tcp, -1);
2159 if (!WIFSTOPPED(status)) {
2160 fprintf(stderr, "PANIC: pid %u not stopped\n", pid);
2165 fprintf(stderr, "pid %u stopped, [%s]\n",
2166 pid, signame(WSTOPSIG(status)));
2168 if (tcp->flags & TCB_STARTUP) {
2170 * This flag is there to keep us in sync.
2171 * Next time this process stops it should
2172 * really be entering a system call.
2174 tcp->flags &= ~TCB_STARTUP;
2175 if (tcp->flags & TCB_ATTACHED) {
2177 * Interestingly, the process may stop
2178 * with STOPSIG equal to some other signal
2179 * than SIGSTOP if we happend to attach
2180 * just before the process takes a signal.
2182 if (!WIFSTOPPED(status)) {
2184 "pid %u not stopped\n", pid);
2185 detach(tcp, WSTOPSIG(status));
2191 /* A child of us stopped at exec */
2192 if (WSTOPSIG(status) == SIGTRAP && followvfork)
2196 if (tcp->flags & TCB_BPTSET) {
2197 if (clearbpt(tcp) < 0) /* Pretty fatal */ {
2206 if (WSTOPSIG(status) != SIGTRAP) {
2207 if (WSTOPSIG(status) == SIGSTOP &&
2208 (tcp->flags & TCB_SIGTRAPPED)) {
2210 * Trapped attempt to block SIGTRAP
2211 * Hope we are back in control now.
2213 tcp->flags &= ~(TCB_INSYSCALL | TCB_SIGTRAPPED);
2214 if (ptrace(PTRACE_SYSCALL,
2215 pid, (char *) 1, 0) < 0) {
2216 perror("trace: ptrace(PTRACE_SYSCALL, ...)");
2223 && (qual_flags[WSTOPSIG(status)] & QUAL_SIGNAL)) {
2224 unsigned long addr = 0, pc = 0;
2225 #ifdef PT_GETSIGINFO
2230 upeek(pid, PT_CR_IPSR, &psr);
2231 upeek(pid, PT_CR_IIP, &pc);
2233 pc += (psr >> PSR_RI) & 0x3;
2234 ptrace(PT_GETSIGINFO, pid, 0, (long) &si);
2235 addr = (unsigned long) si.si_addr;
2238 tprintf("--- %s (%s) @ %lx (%lx) ---",
2239 signame(WSTOPSIG(status)),
2240 strsignal(WSTOPSIG(status)), pc, addr);
2243 if ((tcp->flags & TCB_ATTACHED) &&
2244 !sigishandled(tcp, WSTOPSIG(status))) {
2245 #ifdef TCB_GROUP_EXITING
2246 handle_group_exit(tcp, WSTOPSIG(status));
2248 detach(tcp, WSTOPSIG(status));
2252 if (ptrace(PTRACE_SYSCALL, pid, (char *) 1,
2253 WSTOPSIG(status)) < 0) {
2254 perror("trace: ptrace(PTRACE_SYSCALL, ...)");
2258 tcp->flags &= ~TCB_SUSPENDED;
2261 if (trace_syscall(tcp) < 0) {
2262 if (tcp->flags & TCB_ATTACHED)
2266 tcp->pid, (char *) 1, SIGTERM);
2271 if (tcp->flags & TCB_EXITING) {
2272 #ifdef TCB_GROUP_EXITING
2273 if (tcp->flags & TCB_GROUP_EXITING) {
2274 if (handle_group_exit(tcp, 0) < 0)
2279 if (tcp->flags & TCB_ATTACHED)
2281 else if (ptrace(PTRACE_CONT, pid, (char *) 1, 0) < 0) {
2282 perror("strace: ptrace(PTRACE_CONT, ...)");
2288 if (tcp->flags & TCB_SUSPENDED) {
2290 fprintf(stderr, "Process %u suspended\n", pid);
2294 if (ptrace(PTRACE_SYSCALL, pid, (char *) 1, 0) < 0) {
2295 perror("trace: ptrace(PTRACE_SYSCALL, ...)");
2303 #endif /* !USE_PROCFS */
2309 #define VA_START(a, b) va_start(a, b)
2311 #include <varargs.h>
2312 #define VA_START(a, b) va_start(a)
2317 tprintf(const char *fmt, ...)
2319 tprintf(fmt, va_alist)
2326 VA_START(args, fmt);
2328 int n = vfprintf(outf, fmt, args);
2329 if (n < 0 && outf != stderr)
2330 perror(outfname == NULL
2331 ? "<writing to pipe>" : outfname);
2343 if (tcp_last && (!outfname || followfork < 2 || tcp_last == tcp)) {
2344 tcp_last->flags |= TCB_REPRINT;
2345 tprintf(" <unfinished ...>\n");
2348 if ((followfork == 1 || pflag_seen > 1) && outfname)
2349 tprintf("%-5d ", tcp->pid);
2350 else if (nprocs > 1 && !outfname)
2351 tprintf("[pid %5u] ", tcp->pid);
2353 char str[sizeof("HH:MM:SS")];
2354 struct timeval tv, dtv;
2355 static struct timeval otv;
2357 gettimeofday(&tv, NULL);
2359 if (otv.tv_sec == 0)
2361 tv_sub(&dtv, &tv, &otv);
2362 tprintf("%6ld.%06ld ",
2363 (long) dtv.tv_sec, (long) dtv.tv_usec);
2366 else if (tflag > 2) {
2367 tprintf("%ld.%06ld ",
2368 (long) tv.tv_sec, (long) tv.tv_usec);
2371 time_t local = tv.tv_sec;
2372 strftime(str, sizeof(str), "%T", localtime(&local));
2374 tprintf("%s.%06ld ", str, (long) tv.tv_usec);
2376 tprintf("%s ", str);
2388 tprintf("%*s", col - curcol, "");
2399 #ifdef HAVE_MP_PROCFS
2401 int mp_ioctl (int fd, int cmd, void *arg, int size) {
2403 struct iovec iov[2];
2406 iov[0].iov_base = &cmd;
2407 iov[0].iov_len = sizeof cmd;
2410 iov[1].iov_base = arg;
2411 iov[1].iov_len = size;
2414 return writev (fd, iov, n);
projects / strace / blob