2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl>
3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl>
4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com>
5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl>
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. The name of the author may not be used to endorse or promote products
17 * derived from this software without specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 #include <sys/types.h>
38 #include <sys/param.h>
40 #include <sys/resource.h>
49 #if defined(IA64) && defined(LINUX)
50 # include <asm/ptrace_offsets.h>
58 #include <sys/stropts.h>
66 int debug = 0, followfork = 0, followvfork = 0, interactive = 0;
67 int rflag = 0, tflag = 0, dtime = 0, cflag = 0;
68 int iflag = 0, xflag = 0, qflag = 0;
71 /* Sometimes we want to print only succeeding syscalls. */
72 int not_failing_only = 0;
74 char *username = NULL;
78 int acolumn = DEFAULT_ACOLUMN;
79 int max_strlen = DEFAULT_STRLEN;
80 char *outfname = NULL;
83 unsigned int nprocs, tcbtabsize;
85 extern char **environ;
87 static int trace P((void));
88 static void cleanup P((void));
89 static void interrupt P((int sig));
90 static sigset_t empty_set, blocked_set;
92 #ifdef HAVE_SIG_ATOMIC_T
93 static volatile sig_atomic_t interrupted;
94 #else /* !HAVE_SIG_ATOMIC_T */
96 static volatile int interrupted;
98 static int interrupted;
99 #endif /* !__STDC__ */
100 #endif /* !HAVE_SIG_ATOMIC_T */
104 static struct tcb *pfd2tcb P((int pfd));
105 static void reaper P((int sig));
106 static void rebuild_pollv P((void));
107 static struct pollfd *pollv;
109 #ifndef HAVE_POLLABLE_PROCFS
111 static void proc_poll_open P((void));
112 static void proc_poller P((int pfd));
120 static int poller_pid;
121 static int proc_poll_pipe[2] = { -1, -1 };
123 #endif /* !HAVE_POLLABLE_PROCFS */
125 #ifdef HAVE_MP_PROCFS
126 #define POLLWANT POLLWRNORM
128 #define POLLWANT POLLPRI
130 #endif /* USE_PROCFS */
138 usage: strace [-dffhiqrtttTvVxx] [-a column] [-e expr] ... [-o file]\n\
139 [-p pid] ... [-s strsize] [-u username] [-E var=val] ...\n\
140 [command [arg ...]]\n\
141 or: strace -c [-e expr] ... [-O overhead] [-S sortby] [-E var=val] ...\n\
142 [command [arg ...]]\n\
143 -c -- count time, calls, and errors for each syscall and report summary\n\
144 -f -- follow forks, -ff -- with output into separate files\n\
145 -F -- attempt to follow vforks, -h -- print help message\n\
146 -i -- print instruction pointer at time of syscall\n\
147 -q -- suppress messages about attaching, detaching, etc.\n\
148 -r -- print relative timestamp, -t -- absolute timestamp, -tt -- with usecs\n\
149 -T -- print time spent in each syscall, -V -- print version\n\
150 -v -- verbose mode: print unabbreviated argv, stat, termio[s], etc. args\n\
151 -x -- print non-ascii strings in hex, -xx -- print all strings in hex\n\
152 -a column -- alignment COLUMN for printing syscall results (default %d)\n\
153 -e expr -- a qualifying expression: option=[!]all or option=[!]val1[,val2]...\n\
154 options: trace, abbrev, verbose, raw, signal, read, or write\n\
155 -o file -- send trace output to FILE instead of stderr\n\
156 -O overhead -- set overhead for tracing syscalls to OVERHEAD usecs\n\
157 -p pid -- trace process with process id PID, may be repeated\n\
158 -s strsize -- limit length of print strings to STRSIZE chars (default %d)\n\
159 -S sortby -- sort syscall counts by: time, calls, name, nothing (default %s)\n\
160 -u username -- run command as username handling setuid and/or setgid\n\
161 -E var=val -- put var=val in the environment for command\n\
162 -E var -- remove var from the environment for command\n\
163 " /* this is broken, so don't document it
164 -z -- print only succeeding syscalls\n\
166 , DEFAULT_ACOLUMN, DEFAULT_STRLEN, DEFAULT_SORTBY);
190 static char buf[BUFSIZ];
192 /* Allocate the initial tcbtab. */
193 tcbtabsize = argc; /* Surely enough for all -p args. */
194 tcbtab = (struct tcb **) malloc (tcbtabsize * sizeof tcbtab[0]);
195 tcbtab[0] = (struct tcb *) calloc (tcbtabsize, sizeof *tcbtab[0]);
196 for (tcp = tcbtab[0]; tcp < &tcbtab[0][tcbtabsize]; ++tcp)
197 tcbtab[tcp - tcbtab[0]] = &tcbtab[0][tcp - tcbtab[0]];
202 qualify("trace=all");
203 qualify("abbrev=all");
204 qualify("verbose=all");
205 qualify("signal=all");
206 set_sortby(DEFAULT_SORTBY);
207 set_personality(DEFAULT_PERSONALITY);
208 while ((c = getopt(argc, argv,
209 "+cdfFhiqrtTvVxza:e:o:O:p:s:S:u:E:")) != EOF) {
247 qualify("abbrev=none");
250 printf("%s -- version %s\n", PACKAGE_NAME, VERSION);
254 not_failing_only = 1;
257 acolumn = atoi(optarg);
263 outfname = strdup(optarg);
266 set_overhead(atoi(optarg));
269 if ((pid = atoi(optarg)) <= 0) {
270 fprintf(stderr, "%s: Invalid process id: %s\n",
274 if (pid == getpid()) {
275 fprintf(stderr, "%s: I'm sorry, I can't let you do that, Dave.\n", progname);
278 if ((tcp = alloctcb(pid)) == NULL) {
279 fprintf(stderr, "%s: out of memory\n",
283 tcp->flags |= TCB_ATTACHED;
287 max_strlen = atoi(optarg);
293 username = strdup(optarg);
296 if (putenv(optarg) < 0) {
297 fprintf(stderr, "%s: out of memory\n",
308 if (optind == argc && !pflag_seen)
311 /* See if they want to run as another user. */
312 if (username != NULL) {
315 if (getuid() != 0 || geteuid() != 0) {
317 "%s: you must be root to use the -u option\n",
321 if ((pent = getpwnam(username)) == NULL) {
322 fprintf(stderr, "%s: cannot find user `%s'\n",
326 run_uid = pent->pw_uid;
327 run_gid = pent->pw_gid;
335 setreuid(geteuid(), getuid());
338 /* Check if they want to redirect the output. */
342 /* See if they want to pipe the output. */
343 if (outfname[0] == '|' || outfname[0] == '!') {
345 * We can't do the <outfname>.PID funny business
346 * when using popen, so prohibit it.
348 if (followfork > 1) {
350 %s: piping the output and -ff are mutually exclusive options\n",
355 if ((outf = popen(outfname + 1, "w")) == NULL) {
356 fprintf(stderr, "%s: can't popen '%s': %s\n",
357 progname, outfname + 1,
362 else if ((outf = fopen(outfname, "w")) == NULL) {
363 fprintf(stderr, "%s: can't fopen '%s': %s\n",
364 progname, outfname, strerror(errno));
368 if ((f=fcntl(fileno(outf), F_GETFD)) < 0 ) {
369 perror("failed to get flags for outputfile");
373 if (fcntl(fileno(outf), F_SETFD, f|FD_CLOEXEC) < 0 ) {
374 perror("failed to set flags for outputfile");
380 setreuid(geteuid(), getuid());
383 if (!outfname || outfname[0] == '|' || outfname[0] == '!')
384 setvbuf(outf, buf, _IOLBF, BUFSIZ);
385 if (outfname && optind < argc) {
390 for (c = 0; c < tcbtabsize; c++) {
392 /* Reinitialize the output since it may have changed. */
394 if (!(tcp->flags & TCB_INUSE) || !(tcp->flags & TCB_ATTACHED))
397 if (proc_open(tcp, 1) < 0) {
398 fprintf(stderr, "trouble opening proc file\n");
402 #else /* !USE_PROCFS */
404 if (tcp->flags & TCB_CLONE_THREAD)
407 char procdir[MAXPATHLEN];
409 sprintf(procdir, "/proc/%d/task", tcp->pid);
410 dir = opendir(procdir);
412 unsigned int ntid = 0, nerr = 0;
415 while ((de = readdir(dir)) != NULL) {
416 if (de->d_fileno == 0 ||
417 de->d_name[0] == '.')
419 tid = atoi(de->d_name);
423 if (ptrace(PTRACE_ATTACH, tid,
426 else if (tid != tcbtab[c]->pid) {
427 if (nprocs == tcbtabsize &&
433 fprintf(stderr, "%s: out of memory\n",
437 tcp->flags |= TCB_ATTACHED|TCB_CLONE_THREAD|TCB_CLONE_DETACHED|TCB_FOLLOWFORK;
438 tcbtab[c]->nchildren++;
439 tcbtab[c]->nclone_threads++;
440 tcbtab[c]->nclone_detached++;
441 tcp->parent = tcbtab[c];
446 perror("attach: ptrace(PTRACE_ATTACH, ...)");
454 Process %u attached with %u threads - interrupt to quit\n",
458 Process %u attached - interrupt to quit\n",
465 if (ptrace(PTRACE_ATTACH, tcp->pid, (char *) 1, 0) < 0) {
466 perror("attach: ptrace(PTRACE_ATTACH, ...)");
470 #endif /* !USE_PROCFS */
473 "Process %u attached - interrupt to quit\n",
480 char pathname[MAXPATHLEN];
482 filename = argv[optind];
483 if (strchr(filename, '/')) {
484 if (strlen(filename) > sizeof pathname - 1) {
485 errno = ENAMETOOLONG;
486 perror("strace: exec");
489 strcpy(pathname, filename);
491 #ifdef USE_DEBUGGING_EXEC
493 * Debuggers customarily check the current directory
494 * first regardless of the path but doing that gives
495 * security geeks a panic attack.
497 else if (stat(filename, &statbuf) == 0)
498 strcpy(pathname, filename);
499 #endif /* USE_DEBUGGING_EXEC */
504 for (path = getenv("PATH"); path && *path; path += m) {
505 if (strchr(path, ':')) {
506 n = strchr(path, ':') - path;
510 m = n = strlen(path);
512 getcwd(pathname, MAXPATHLEN);
513 len = strlen(pathname);
515 else if (n > sizeof pathname - 1)
518 strncpy(pathname, path, n);
521 if (len && pathname[len - 1] != '/')
522 pathname[len++] = '/';
523 strcpy(pathname + len, filename);
524 if (stat(pathname, &statbuf) == 0 &&
525 /* Accept only regular files
526 with some execute bits set.
527 XXX not perfect, might still fail */
528 S_ISREG(statbuf.st_mode) &&
529 (statbuf.st_mode & 0111))
533 if (stat(pathname, &statbuf) < 0) {
534 fprintf(stderr, "%s: %s: command not found\n",
538 switch (pid = fork()) {
540 perror("strace: fork");
546 if (outf != stderr) close (fileno (outf));
548 /* Kludge for SGI, see proc_open for details. */
549 sa.sa_handler = foobar;
551 sigemptyset(&sa.sa_mask);
552 sigaction(SIGINT, &sa, NULL);
557 kill(getpid(), SIGSTOP); /* stop HERE */
559 #else /* !USE_PROCFS */
561 close(fileno (outf));
563 if (ptrace(PTRACE_TRACEME, 0, (char *) 1, 0) < 0) {
564 perror("strace: ptrace(PTRACE_TRACEME, ...)");
568 kill(getpid(), SIGSTOP);
570 if (username != NULL || geteuid() == 0) {
571 uid_t run_euid = run_uid;
572 gid_t run_egid = run_gid;
574 if (statbuf.st_mode & S_ISUID)
575 run_euid = statbuf.st_uid;
576 if (statbuf.st_mode & S_ISGID)
577 run_egid = statbuf.st_gid;
580 * It is important to set groups before we
581 * lose privileges on setuid.
583 if (username != NULL) {
584 if (initgroups(username, run_gid) < 0) {
585 perror("initgroups");
588 if (setregid(run_gid, run_egid) < 0) {
592 if (setreuid(run_uid, run_euid) < 0) {
599 setreuid(run_uid, run_uid);
600 #endif /* !USE_PROCFS */
602 execv(pathname, &argv[optind]);
603 perror("strace: exec");
608 if ((tcp = alloctcb(pid)) == NULL) {
609 fprintf(stderr, "tcb table full\n");
614 if (proc_open(tcp, 0) < 0) {
615 fprintf(stderr, "trouble opening proc file\n");
619 #endif /* USE_PROCFS */
622 fake_execve(tcp, pathname,
623 &argv[optind], environ);
624 #endif /* !USE_PROCFS */
629 sigemptyset(&empty_set);
630 sigemptyset(&blocked_set);
631 sa.sa_handler = SIG_IGN;
632 sigemptyset(&sa.sa_mask);
634 sigaction(SIGTTOU, &sa, NULL);
635 sigaction(SIGTTIN, &sa, NULL);
637 sigaddset(&blocked_set, SIGHUP);
638 sigaddset(&blocked_set, SIGINT);
639 sigaddset(&blocked_set, SIGQUIT);
640 sigaddset(&blocked_set, SIGPIPE);
641 sigaddset(&blocked_set, SIGTERM);
642 sa.sa_handler = interrupt;
644 /* POSIX signals on sunos4.1 are a little broken. */
645 sa.sa_flags = SA_INTERRUPT;
648 sigaction(SIGHUP, &sa, NULL);
649 sigaction(SIGINT, &sa, NULL);
650 sigaction(SIGQUIT, &sa, NULL);
651 sigaction(SIGPIPE, &sa, NULL);
652 sigaction(SIGTERM, &sa, NULL);
654 sa.sa_handler = reaper;
655 sigaction(SIGCHLD, &sa, NULL);
657 /* Make sure SIGCHLD has the default action so that waitpid
658 definitely works without losing track of children. The user
659 should not have given us a bogus state to inherit, but he might
660 have. Arguably we should detect SIG_IGN here and pass it on
661 to children, but probably noone really needs that. */
662 sa.sa_handler = SIG_DFL;
663 sigaction(SIGCHLD, &sa, NULL);
664 #endif /* USE_PROCFS */
676 char name[MAXPATHLEN];
679 if (outfname && followfork > 1) {
680 sprintf(name, "%s.%u", outfname, tcp->pid);
682 setreuid(geteuid(), getuid());
684 fp = fopen(name, "w");
686 setreuid(geteuid(), getuid());
700 /* Allocate some more TCBs and expand the table.
701 We don't want to relocate the TCBs because our
702 callers have pointers and it would be a pain.
703 So tcbtab is a table of pointers. Since we never
704 free the TCBs, we allocate a single chunk of many. */
705 struct tcb **newtab = (struct tcb **)
706 realloc(tcbtab, 2 * tcbtabsize * sizeof tcbtab[0]);
707 struct tcb *newtcbs = (struct tcb *) calloc(tcbtabsize,
710 if (newtab == NULL || newtcbs == NULL) {
715 for (i = tcbtabsize; i < 2 * tcbtabsize; ++i)
716 newtab[i] = &newtcbs[i - tcbtabsize];
731 for (i = 0; i < tcbtabsize; i++) {
733 if ((tcp->flags & TCB_INUSE) == 0) {
738 #ifdef TCB_CLONE_THREAD
739 tcp->nclone_threads = tcp->nclone_detached = 0;
740 tcp->nclone_waiting = 0;
742 tcp->flags = TCB_INUSE | TCB_STARTUP;
743 tcp->outf = outf; /* Initialise to current out file */
744 tcp->stime.tv_sec = 0;
745 tcp->stime.tv_usec = 0;
756 proc_open(tcp, attaching)
768 #ifndef HAVE_POLLABLE_PROCFS
772 #ifdef HAVE_MP_PROCFS
773 /* Open the process pseudo-files in /proc. */
774 sprintf(proc, "/proc/%d/ctl", tcp->pid);
775 if ((tcp->pfd = open(proc, O_WRONLY|O_EXCL)) < 0) {
776 perror("strace: open(\"/proc/...\", ...)");
779 if ((arg = fcntl(tcp->pfd, F_GETFD)) < 0) {
783 if (fcntl(tcp->pfd, F_SETFD, arg|FD_CLOEXEC) < 0) {
787 sprintf(proc, "/proc/%d/status", tcp->pid);
788 if ((tcp->pfd_stat = open(proc, O_RDONLY|O_EXCL)) < 0) {
789 perror("strace: open(\"/proc/...\", ...)");
792 if ((arg = fcntl(tcp->pfd_stat, F_GETFD)) < 0) {
796 if (fcntl(tcp->pfd_stat, F_SETFD, arg|FD_CLOEXEC) < 0) {
800 sprintf(proc, "/proc/%d/as", tcp->pid);
801 if ((tcp->pfd_as = open(proc, O_RDONLY|O_EXCL)) < 0) {
802 perror("strace: open(\"/proc/...\", ...)");
805 if ((arg = fcntl(tcp->pfd_as, F_GETFD)) < 0) {
809 if (fcntl(tcp->pfd_as, F_SETFD, arg|FD_CLOEXEC) < 0) {
814 /* Open the process pseudo-file in /proc. */
816 sprintf(proc, "/proc/%d", tcp->pid);
817 if ((tcp->pfd = open(proc, O_RDWR|O_EXCL)) < 0) {
819 sprintf(proc, "/proc/%d/mem", tcp->pid);
820 if ((tcp->pfd = open(proc, O_RDWR)) < 0) {
822 perror("strace: open(\"/proc/...\", ...)");
825 if ((arg = fcntl(tcp->pfd, F_GETFD)) < 0) {
829 if (fcntl(tcp->pfd, F_SETFD, arg|FD_CLOEXEC) < 0) {
835 sprintf(proc, "/proc/%d/regs", tcp->pid);
836 if ((tcp->pfd_reg = open(proc, O_RDONLY)) < 0) {
837 perror("strace: open(\"/proc/.../regs\", ...)");
841 sprintf(proc, "/proc/%d/status", tcp->pid);
842 if ((tcp->pfd_status = open(proc, O_RDONLY)) < 0) {
843 perror("strace: open(\"/proc/.../status\", ...)");
847 tcp->pfd_status = -1;
852 * Wait for the child to pause. Because of a race
853 * condition we have to poll for the event.
856 if (IOCTL_STATUS (tcp) < 0) {
857 perror("strace: PIOCSTATUS");
860 if (tcp->status.PR_FLAGS & PR_ASLEEP)
865 /* Stop the process so that we own the stop. */
866 if (IOCTL(tcp->pfd, PIOCSTOP, (char *)NULL) < 0) {
867 perror("strace: PIOCSTOP");
872 /* Set Run-on-Last-Close. */
874 if (IOCTL(tcp->pfd, PIOCSET, &arg) < 0) {
875 perror("PIOCSET PR_RLC");
878 /* Set or Reset Inherit-on-Fork. */
880 if (IOCTL(tcp->pfd, followfork ? PIOCSET : PIOCRESET, &arg) < 0) {
881 perror("PIOC{SET,RESET} PR_FORK");
886 if (ioctl(tcp->pfd, PIOCSRLC) < 0) {
890 if (ioctl(tcp->pfd, followfork ? PIOCSFORK : PIOCRFORK) < 0) {
891 perror("PIOC{S,R}FORK");
895 /* just unset the PF_LINGER flag for the Run-on-Last-Close. */
896 if (ioctl(tcp->pfd, PIOCGFL, &arg) < 0) {
901 if (ioctl(tcp->pfd, PIOCSFL, arg) < 0) {
906 #endif /* !PIOCSET */
908 /* Enable all syscall entries we care about. */
909 premptyset(&syscalls);
910 for (i = 1; i < MAX_QUALS; ++i) {
911 if (i > (sizeof syscalls) * CHAR_BIT) break;
912 if (qual_flags [i] & QUAL_TRACE) praddset (&syscalls, i);
914 praddset (&syscalls, SYS_execve);
916 praddset (&syscalls, SYS_fork);
918 praddset (&syscalls, SYS_forkall);
921 praddset (&syscalls, SYS_fork1);
924 praddset (&syscalls, SYS_rfork1);
927 praddset (&syscalls, SYS_rforkall);
930 if (IOCTL(tcp->pfd, PIOCSENTRY, &syscalls) < 0) {
931 perror("PIOCSENTRY");
934 /* Enable the syscall exits. */
935 if (IOCTL(tcp->pfd, PIOCSEXIT, &syscalls) < 0) {
939 /* Enable signals we care about. */
940 premptyset(&signals);
941 for (i = 1; i < MAX_QUALS; ++i) {
942 if (i > (sizeof signals) * CHAR_BIT) break;
943 if (qual_flags [i] & QUAL_SIGNAL) praddset (&signals, i);
945 if (IOCTL(tcp->pfd, PIOCSTRACE, &signals) < 0) {
946 perror("PIOCSTRACE");
949 /* Enable faults we care about */
951 for (i = 1; i < MAX_QUALS; ++i) {
952 if (i > (sizeof faults) * CHAR_BIT) break;
953 if (qual_flags [i] & QUAL_FAULT) praddset (&faults, i);
955 if (IOCTL(tcp->pfd, PIOCSFAULT, &faults) < 0) {
956 perror("PIOCSFAULT");
960 /* set events flags. */
961 arg = S_SIG | S_SCE | S_SCX ;
962 if(ioctl(tcp->pfd, PIOCBIS, arg) < 0) {
970 * The SGI PRSABORT doesn't work for pause() so
971 * we send it a caught signal to wake it up.
973 kill(tcp->pid, SIGINT);
976 /* The child is in a pause(), abort it. */
978 if (IOCTL (tcp->pfd, PIOCRUN, &arg) < 0) {
985 /* wake up the child if it received the SIGSTOP */
986 kill(tcp->pid, SIGCONT);
989 /* Wait for the child to do something. */
990 if (IOCTL_WSTOP (tcp) < 0) {
994 if (tcp->status.PR_WHY == PR_SYSENTRY) {
995 tcp->flags &= ~TCB_INSYSCALL;
997 if (tcp->scno == SYS_execve)
1000 /* Set it running: maybe execve will be next. */
1003 if (IOCTL(tcp->pfd, PIOCRUN, &arg) < 0) {
1005 if (IOCTL(tcp->pfd, PIOCRUN, 0) < 0) {
1006 #endif /* FREEBSD */
1011 /* handle the case where we "opened" the child before
1012 it did the kill -STOP */
1013 if (tcp->status.PR_WHY == PR_SIGNALLED &&
1014 tcp->status.PR_WHAT == SIGSTOP)
1015 kill(tcp->pid, SIGCONT);
1022 if (attaching < 2) {
1023 /* We are attaching to an already running process.
1024 * Try to figure out the state of the process in syscalls,
1025 * to handle the first event well.
1026 * This is done by having a look at the "wchan" property of the
1027 * process, which tells where it is stopped (if it is). */
1029 char wchan[20]; /* should be enough */
1031 sprintf(proc, "/proc/%d/status", tcp->pid);
1032 status = fopen(proc, "r");
1034 (fscanf(status, "%*s %*d %*d %*d %*d %*d,%*d %*s %*d,%*d"
1035 "%*d,%*d %*d,%*d %19s", wchan) == 1) &&
1036 strcmp(wchan, "nochan") && strcmp(wchan, "spread") &&
1037 strcmp(wchan, "stopevent")) {
1038 /* The process is asleep in the middle of a syscall.
1039 Fake the syscall entry event */
1040 tcp->flags &= ~(TCB_INSYSCALL|TCB_STARTUP);
1041 tcp->status.PR_WHY = PR_SYSENTRY;
1046 } /* otherwise it's a fork being followed */
1048 #endif /* FREEBSD */
1049 #ifndef HAVE_POLLABLE_PROCFS
1050 if (proc_poll_pipe[0] != -1)
1051 proc_poller(tcp->pfd);
1052 else if (nprocs > 1) {
1054 proc_poller(last_pfd);
1055 proc_poller(tcp->pfd);
1057 last_pfd = tcp->pfd;
1058 #endif /* !HAVE_POLLABLE_PROCFS */
1062 #endif /* USE_PROCFS */
1071 for (i = 0; i < tcbtabsize; i++) {
1073 if (pid && tcp->pid != pid)
1075 if (tcp->flags & TCB_INUSE)
1089 for (i = 0; i < tcbtabsize; i++) {
1090 struct tcb *tcp = tcbtab[i];
1091 if (tcp->pfd != pfd)
1093 if (tcp->flags & TCB_INUSE)
1099 #endif /* USE_PROCFS */
1107 #ifdef TCB_CLONE_THREAD
1108 if (tcp->nclone_threads > 0) {
1109 /* There are other threads left in this process, but this
1110 is the one whose PID represents the whole process.
1111 We need to keep this record around as a zombie until
1112 all the threads die. */
1113 tcp->flags |= TCB_EXITING;
1120 if (tcp->parent != NULL) {
1121 tcp->parent->nchildren--;
1122 #ifdef TCB_CLONE_THREAD
1123 if (tcp->flags & TCB_CLONE_DETACHED)
1124 tcp->parent->nclone_detached--;
1125 if (tcp->flags & TCB_CLONE_THREAD)
1126 tcp->parent->nclone_threads--;
1128 #ifdef TCB_CLONE_DETACHED
1129 if (!(tcp->flags & TCB_CLONE_DETACHED))
1131 tcp->parent->nzombies++;
1136 if (tcp->pfd != -1) {
1140 if (tcp->pfd_reg != -1) {
1141 close(tcp->pfd_reg);
1144 if (tcp->pfd_status != -1) {
1145 close(tcp->pfd_status);
1146 tcp->pfd_status = -1;
1148 #endif /* !FREEBSD */
1150 rebuild_pollv(); /* Note, flags needs to be cleared by now. */
1154 if (outfname && followfork > 1 && tcp->outf)
1169 if (!(tcp->flags & TCB_SUSPENDED)) {
1170 fprintf(stderr, "PANIC: pid %u not suspended\n", tcp->pid);
1173 tcp->flags &= ~TCB_SUSPENDED;
1174 #ifdef TCB_CLONE_THREAD
1175 if (tcp->flags & TCB_CLONE_THREAD)
1176 tcp->parent->nclone_waiting--;
1179 if (ptrace(PTRACE_SYSCALL, tcp->pid, (char *) 1, 0) < 0) {
1180 perror("resume: ptrace(PTRACE_SYSCALL, ...)");
1185 fprintf(stderr, "Process %u resumed\n", tcp->pid);
1189 #endif /* !USE_PROCFS */
1191 /* detach traced process; continue with sig */
1200 int status, resumed;
1203 if (tcp->flags & TCB_BPTSET)
1208 * Linux wrongly insists the child be stopped
1209 * before detaching. Arghh. We go through hoops
1210 * to make a clean break of things.
1213 #undef PTRACE_DETACH
1214 #define PTRACE_DETACH PTRACE_SUNDETACH
1216 if ((error = ptrace(PTRACE_DETACH, tcp->pid, (char *) 1, sig)) == 0) {
1217 /* On a clear day, you can see forever. */
1219 else if (errno != ESRCH) {
1220 /* Shouldn't happen. */
1221 perror("detach: ptrace(PTRACE_DETACH, ...)");
1223 else if (kill(tcp->pid, 0) < 0) {
1225 perror("detach: checking sanity");
1227 else if (kill(tcp->pid, SIGSTOP) < 0) {
1229 perror("detach: stopping child");
1234 if (wait4(tcp->pid, &status, __WALL, NULL) < 0) {
1235 if (errno == ECHILD) /* Already gone. */
1237 if (errno != EINVAL) {
1238 perror("detach: waiting");
1242 /* No __WALL here. */
1243 if (waitpid(tcp->pid, &status, 0) < 0) {
1244 if (errno != ECHILD) {
1245 perror("detach: waiting");
1249 /* If no processes, try clones. */
1250 if (wait4(tcp->pid, &status, __WCLONE,
1252 if (errno != ECHILD)
1253 perror("detach: waiting");
1256 #endif /* __WCLONE */
1261 if (!WIFSTOPPED(status)) {
1262 /* Au revoir, mon ami. */
1265 if (WSTOPSIG(status) == SIGSTOP) {
1266 if ((error = ptrace(PTRACE_DETACH,
1267 tcp->pid, (char *) 1, sig)) < 0) {
1269 perror("detach: ptrace(PTRACE_DETACH, ...)");
1270 /* I died trying. */
1274 if ((error = ptrace(PTRACE_CONT, tcp->pid, (char *) 1,
1275 WSTOPSIG(status) == SIGTRAP ?
1276 0 : WSTOPSIG(status))) < 0) {
1278 perror("detach: ptrace(PTRACE_CONT, ...)");
1286 /* PTRACE_DETACH won't respect `sig' argument, so we post it here. */
1287 if (sig && kill(tcp->pid, sig) < 0)
1288 perror("detach: kill");
1290 if ((error = ptrace(PTRACE_DETACH, tcp->pid, (char *) 1, sig)) < 0)
1291 perror("detach: ptrace(PTRACE_DETACH, ...)");
1297 /* XXX This won't always be quite right (but it never was).
1298 A waiter with argument 0 or < -1 is waiting for any pid in
1299 a particular pgrp, which this child might or might not be
1300 in. The waiter will only wake up if it's argument is -1
1301 or if it's waiting for tcp->pid's pgrp. It makes a
1302 difference to wake up a waiter when there might be more
1303 traced children, because it could get a false ECHILD
1304 error. OTOH, if this was the last child in the pgrp, then
1305 it ought to wake up and get ECHILD. We would have to
1306 search the system for all pid's in the pgrp to be sure.
1308 && (t->waitpid == -1 ||
1309 (t->waitpid == 0 && getpgid (tcp->pid) == getpgid (t->pid))
1310 || (t->waitpid < 0 && t->waitpid == -getpid (t->pid)))
1314 (tcp->parent->flags & TCB_SUSPENDED) &&
1315 (tcp->parent->waitpid <= 0 || tcp->parent->waitpid == tcp->pid)) {
1316 error = resume(tcp->parent);
1319 #ifdef TCB_CLONE_THREAD
1320 if (tcp->parent && tcp->parent->nclone_waiting > 0) {
1321 /* Some other threads of our parent are waiting too. */
1324 /* Resume all the threads that were waiting for this PID. */
1325 for (i = 0; i < tcbtabsize; i++) {
1326 struct tcb *t = tcbtab[i];
1327 if (t->parent == tcp->parent && t != tcp
1328 && ((t->flags & (TCB_CLONE_THREAD|TCB_SUSPENDED))
1329 == (TCB_CLONE_THREAD|TCB_SUSPENDED))
1330 && t->waitpid == tcp->pid) {
1331 error |= resume (t);
1336 /* Noone was waiting for this PID in particular,
1337 so now we might need to resume some wildcarders. */
1338 for (i = 0; i < tcbtabsize; i++) {
1339 struct tcb *t = tcbtab[i];
1340 if (t->parent == tcp->parent && t != tcp
1342 & (TCB_CLONE_THREAD|TCB_SUSPENDED))
1343 == (TCB_CLONE_THREAD|TCB_SUSPENDED))
1346 error |= resume (t);
1353 #endif /* !USE_PROCFS */
1356 fprintf(stderr, "Process %u detached\n", tcp->pid);
1371 while ((pid = waitpid(-1, &status, WNOHANG)) > 0) {
1382 #endif /* USE_PROCFS */
1390 for (i = 0; i < tcbtabsize; i++) {
1392 if (!(tcp->flags & TCB_INUSE))
1396 "cleanup: looking at pid %u\n", tcp->pid);
1398 (!outfname || followfork < 2 || tcp_last == tcp)) {
1399 tprintf(" <unfinished ...>\n");
1402 if (tcp->flags & TCB_ATTACHED)
1405 kill(tcp->pid, SIGCONT);
1406 kill(tcp->pid, SIGTERM);
1420 #ifndef HAVE_STRERROR
1422 #if !HAVE_DECL_SYS_ERRLIST
1423 extern int sys_nerr;
1424 extern char *sys_errlist[];
1425 #endif /* HAVE_DECL_SYS_ERRLIST */
1431 static char buf[64];
1433 if (errno < 1 || errno >= sys_nerr) {
1434 sprintf(buf, "Unknown error %d", errno);
1437 return sys_errlist[errno];
1440 #endif /* HAVE_STERRROR */
1442 #ifndef HAVE_STRSIGNAL
1444 #if defined HAVE_SYS_SIGLIST && !defined HAVE_DECL_SYS_SIGLIST
1445 extern char *sys_siglist[];
1447 #if defined HAVE_SYS__SIGLIST && !defined HAVE_DECL__SYS_SIGLIST
1448 extern char *_sys_siglist[];
1455 static char buf[64];
1457 if (sig < 1 || sig >= NSIG) {
1458 sprintf(buf, "Unknown signal %d", sig);
1461 #ifdef HAVE__SYS_SIGLIST
1462 return _sys_siglist[sig];
1464 return sys_siglist[sig];
1468 #endif /* HAVE_STRSIGNAL */
1479 pollv = (struct pollfd *) malloc(nprocs * sizeof pollv[0]);
1480 if (pollv == NULL) {
1481 fprintf(stderr, "strace: out of memory for poll vector\n");
1485 for (i = j = 0; i < tcbtabsize; i++) {
1486 struct tcb *tcp = tcbtab[i];
1487 if (!(tcp->flags & TCB_INUSE))
1489 pollv[j].fd = tcp->pfd;
1490 pollv[j].events = POLLWANT;
1494 fprintf(stderr, "strace: proc miscount\n");
1499 #ifndef HAVE_POLLABLE_PROCFS
1507 if (pipe(proc_poll_pipe) < 0) {
1511 for (i = 0; i < 2; i++) {
1512 if ((arg = fcntl(proc_poll_pipe[i], F_GETFD)) < 0) {
1516 if (fcntl(proc_poll_pipe[i], F_SETFD, arg|FD_CLOEXEC) < 0) {
1524 proc_poll(pollv, nfds, timeout)
1525 struct pollfd *pollv;
1531 struct proc_pollfd pollinfo;
1533 if ((n = read(proc_poll_pipe[0], &pollinfo, sizeof(pollinfo))) < 0)
1535 if (n != sizeof(struct proc_pollfd)) {
1536 fprintf(stderr, "panic: short read: %d\n", n);
1539 for (i = 0; i < nprocs; i++) {
1540 if (pollv[i].fd == pollinfo.fd)
1541 pollv[i].revents = pollinfo.revents;
1543 pollv[i].revents = 0;
1545 poller_pid = pollinfo.pid;
1559 struct proc_pollfd pollinfo;
1560 struct sigaction sa;
1561 sigset_t blocked_set, empty_set;
1566 struct procfs_status pfs;
1567 #endif /* FREEBSD */
1579 sa.sa_handler = interactive ? SIG_DFL : SIG_IGN;
1581 sigemptyset(&sa.sa_mask);
1582 sigaction(SIGHUP, &sa, NULL);
1583 sigaction(SIGINT, &sa, NULL);
1584 sigaction(SIGQUIT, &sa, NULL);
1585 sigaction(SIGPIPE, &sa, NULL);
1586 sigaction(SIGTERM, &sa, NULL);
1587 sa.sa_handler = wakeup_handler;
1588 sigaction(SIGUSR1, &sa, NULL);
1589 sigemptyset(&blocked_set);
1590 sigaddset(&blocked_set, SIGUSR1);
1591 sigprocmask(SIG_BLOCK, &blocked_set, NULL);
1592 sigemptyset(&empty_set);
1594 if (getrlimit(RLIMIT_NOFILE, &rl) < 0) {
1595 perror("getrlimit(RLIMIT_NOFILE, ...)");
1599 for (i = 0; i < n; i++) {
1600 if (i != pfd && i != proc_poll_pipe[1])
1605 pollinfo.pid = getpid();
1608 if (ioctl(pfd, PIOCWSTOP, NULL) < 0)
1610 if (ioctl(pfd, PIOCWSTOP, &pfs) < 0)
1611 #endif /* FREEBSD */
1617 pollinfo.revents = POLLERR;
1620 pollinfo.revents = POLLHUP;
1623 perror("proc_poller: PIOCWSTOP");
1625 write(proc_poll_pipe[1], &pollinfo, sizeof(pollinfo));
1628 pollinfo.revents = POLLWANT;
1629 write(proc_poll_pipe[1], &pollinfo, sizeof(pollinfo));
1630 sigsuspend(&empty_set);
1634 #endif /* !HAVE_POLLABLE_PROCFS */
1644 if (followfork < 2 &&
1645 last < nprocs && (pollv[last].revents & POLLWANT)) {
1647 * The previous process is ready to run again. We'll
1648 * let it do so if it is currently in a syscall. This
1649 * heuristic improves the readability of the trace.
1651 tcp = pfd2tcb(pollv[last].fd);
1652 if (tcp && (tcp->flags & TCB_INSYSCALL))
1653 return pollv[last].fd;
1656 for (i = 0; i < nprocs; i++) {
1657 /* Let competing children run round robin. */
1658 j = (i + last + 1) % nprocs;
1659 if (pollv[j].revents & (POLLHUP | POLLERR)) {
1660 tcp = pfd2tcb(pollv[j].fd);
1662 fprintf(stderr, "strace: lost proc\n");
1668 if (pollv[j].revents & POLLWANT) {
1673 fprintf(stderr, "strace: nothing ready\n");
1681 struct tcb *in_syscall = NULL;
1686 int ioctl_result = 0, ioctl_errno = 0;
1691 sigprocmask(SIG_SETMASK, &empty_set, NULL);
1698 #ifndef HAVE_POLLABLE_PROCFS
1699 if (proc_poll_pipe[0] == -1) {
1708 #ifndef HAVE_POLLABLE_PROCFS
1710 /* fall through ... */
1711 #endif /* !HAVE_POLLABLE_PROCFS */
1713 #ifdef HAVE_POLLABLE_PROCFS
1715 /* On some systems (e.g. UnixWare) we get too much ugly
1716 "unfinished..." stuff when multiple proceses are in
1717 syscalls. Here's a nasty hack */
1724 pv.events = POLLWANT;
1725 if ((what = poll (&pv, 1, 1)) < 0) {
1730 else if (what == 1 && pv.revents & POLLWANT) {
1736 if (poll(pollv, nprocs, INFTIM) < 0) {
1741 #else /* !HAVE_POLLABLE_PROCFS */
1742 if (proc_poll(pollv, nprocs, INFTIM) < 0) {
1747 #endif /* !HAVE_POLLABLE_PROCFS */
1754 /* Look up `pfd' in our table. */
1755 if ((tcp = pfd2tcb(pfd)) == NULL) {
1756 fprintf(stderr, "unknown pfd: %u\n", pfd);
1762 /* Get the status of the process. */
1765 ioctl_result = IOCTL_WSTOP (tcp);
1767 /* Thanks to some scheduling mystery, the first poller
1768 sometimes waits for the already processed end of fork
1769 event. Doing a non blocking poll here solves the problem. */
1770 if (proc_poll_pipe[0] != -1)
1771 ioctl_result = IOCTL_STATUS (tcp);
1773 ioctl_result = IOCTL_WSTOP (tcp);
1774 #endif /* FREEBSD */
1775 ioctl_errno = errno;
1776 #ifndef HAVE_POLLABLE_PROCFS
1777 if (proc_poll_pipe[0] != -1) {
1778 if (ioctl_result < 0)
1779 kill(poller_pid, SIGKILL);
1781 kill(poller_pid, SIGUSR1);
1783 #endif /* !HAVE_POLLABLE_PROCFS */
1789 sigprocmask(SIG_BLOCK, &blocked_set, NULL);
1791 if (ioctl_result < 0) {
1792 /* Find out what happened if it failed. */
1793 switch (ioctl_errno) {
1804 perror("PIOCWSTOP");
1810 if ((tcp->flags & TCB_STARTUP) && (tcp->status.PR_WHY == PR_SYSEXIT)) {
1811 /* discard first event for a syscall we never entered */
1812 IOCTL (tcp->pfd, PIOCRUN, 0);
1817 /* clear the just started flag */
1818 tcp->flags &= ~TCB_STARTUP;
1820 /* set current output file */
1824 struct timeval stime;
1829 if ((len = pread(tcp->pfd_status, buf, sizeof(buf) - 1, 0)) > 0) {
1832 "%*s %*d %*d %*d %*d %*d,%*d %*s %*d,%*d %*d,%*d %ld,%ld",
1833 &stime.tv_sec, &stime.tv_usec);
1835 stime.tv_sec = stime.tv_usec = 0;
1836 #else /* !FREEBSD */
1837 stime.tv_sec = tcp->status.pr_stime.tv_sec;
1838 stime.tv_usec = tcp->status.pr_stime.tv_nsec/1000;
1839 #endif /* !FREEBSD */
1840 tv_sub(&tcp->dtime, &stime, &tcp->stime);
1843 what = tcp->status.PR_WHAT;
1844 switch (tcp->status.PR_WHY) {
1847 if (tcp->status.PR_FLAGS & PR_ASLEEP) {
1848 tcp->status.PR_WHY = PR_SYSENTRY;
1849 if (trace_syscall(tcp) < 0) {
1850 fprintf(stderr, "syscall trouble\n");
1855 #endif /* !FREEBSD */
1861 if (trace_syscall(tcp) < 0) {
1862 fprintf(stderr, "syscall trouble\n");
1867 if (!cflag && (qual_flags[what] & QUAL_SIGNAL)) {
1869 tprintf("--- %s (%s) ---",
1870 signame(what), strsignal(what));
1873 if (tcp->status.PR_INFO.si_signo == what) {
1875 tprintf(" siginfo=");
1876 printsiginfo(&tcp->status.PR_INFO, 1);
1883 if (!cflag && (qual_flags[what] & QUAL_FAULT)) {
1885 tprintf("=== FAULT %d ===", what);
1890 case 0: /* handle case we polled for nothing */
1894 fprintf(stderr, "odd stop %d\n", tcp->status.PR_WHY);
1900 if (IOCTL (tcp->pfd, PIOCRUN, &arg) < 0) {
1902 if (IOCTL (tcp->pfd, PIOCRUN, 0) < 0) {
1911 #else /* !USE_PROCFS */
1913 #ifdef TCB_GROUP_EXITING
1914 /* Handle an exit detach or death signal that is taking all the
1915 related clone threads with it. This is called in three circumstances:
1916 SIG == -1 TCP has already died (TCB_ATTACHED is clear, strace is parent).
1917 SIG == 0 Continuing TCP will perform an exit_group syscall.
1918 SIG == other Continuing TCP with SIG will kill the process.
1921 handle_group_exit(struct tcb *tcp, int sig)
1923 /* We need to locate our records of all the clone threads
1924 related to TCP, either its children or siblings. */
1925 struct tcb *leader = ((tcp->flags & TCB_CLONE_THREAD)
1927 : tcp->nclone_detached > 0
1931 if (leader != NULL && leader != tcp &&
1932 !(leader->flags & TCB_GROUP_EXITING))
1934 "PANIC: handle_group_exit: %d leader %d\n",
1935 tcp->pid, leader ? leader->pid : -1);
1936 droptcb(tcp); /* Already died. */
1939 if (tcp->flags & TCB_ATTACHED) {
1940 if (leader != NULL && leader != tcp) {
1941 if (leader->flags & TCB_ATTACHED) {
1942 /* We need to detach the leader so
1943 that the process death will be
1944 reported to its real parent.
1945 But we kill it first to prevent
1946 it doing anything before we kill
1947 the whole process in a moment.
1948 We can use PTRACE_KILL on a
1949 thread that's not already
1950 stopped. Then the value we pass
1951 in PTRACE_DETACH just sets the
1952 death signal reported to the
1954 ptrace(PTRACE_KILL, leader->pid, 0, 0);
1957 " [%d exit %d kills %d]\n",
1958 tcp->pid, sig, leader->pid);
1959 detach(leader, sig);
1962 leader->flags |= TCB_GROUP_EXITING;
1966 else if (ptrace(PTRACE_CONT, tcp->pid, (char *) 1, sig) < 0) {
1967 perror("strace: ptrace(PTRACE_CONT, ...)");
1973 leader->flags |= TCB_GROUP_EXITING;
1974 if (leader != NULL && leader != tcp)
1976 /* The leader will report to us as parent now,
1977 and then we'll get to the SIG==-1 case. */
1996 static int wait4_options = __WALL;
2000 while (nprocs != 0) {
2002 sigprocmask(SIG_SETMASK, &empty_set, NULL);
2005 pid = wait4(-1, &status, wait4_options, cflag ? &ru : NULL);
2006 if (pid < 0 && (wait4_options & __WALL) && errno == EINVAL) {
2007 /* this kernel does not support __WALL */
2008 wait4_options &= ~__WALL;
2010 pid = wait4(-1, &status, wait4_options,
2011 cflag ? &ru : NULL);
2013 if (pid < 0 && !(wait4_options & __WALL) && errno == ECHILD) {
2014 /* most likely a "cloned" process */
2015 pid = wait4(-1, &status, __WCLONE,
2016 cflag ? &ru : NULL);
2018 fprintf(stderr, "strace: clone wait4 "
2019 "failed: %s\n", strerror(errno));
2023 pid = wait4(-1, &status, 0, cflag ? &ru : NULL);
2027 pid = wait(&status);
2031 sigprocmask(SIG_BLOCK, &blocked_set, NULL);
2037 switch (wait_errno) {
2042 * We would like to verify this case
2043 * but sometimes a race in Solbourne's
2044 * version of SunOS sometimes reports
2045 * ECHILD before sending us SIGCHILD.
2050 fprintf(stderr, "strace: proc miscount\n");
2056 perror("strace: wait");
2061 fprintf(stderr, " [wait(%#x) = %u]\n", status, pid);
2063 /* Look up `pid' in our table. */
2064 if ((tcp = pid2tcb(pid)) == NULL) {
2066 if (followfork || followvfork) {
2067 /* This is needed to go with the CLONE_PTRACE
2068 changes in process.c/util.c: we might see
2069 the child's initial trap before we see the
2070 parent return from the clone syscall.
2071 Leave the child suspended until the parent
2072 returns from its system call. Only then
2073 will we have the association of parent and
2074 child so that we know how to do clearbpt
2076 if ((tcp = alloctcb(pid)) == NULL) {
2077 fprintf(stderr, " [tcb table full]\n");
2078 kill(pid, SIGKILL); /* XXX */
2081 tcp->flags |= TCB_ATTACHED | TCB_SUSPENDED;
2085 Process %d attached (waiting for parent)\n",
2089 /* This can happen if a clone call used
2090 CLONE_PTRACE itself. */
2093 fprintf(stderr, "unknown pid: %u\n", pid);
2094 if (WIFSTOPPED(status))
2095 ptrace(PTRACE_CONT, pid, (char *) 1, 0);
2099 /* set current output file */
2103 tv_sub(&tcp->dtime, &ru.ru_stime, &tcp->stime);
2104 tcp->stime = ru.ru_stime;
2108 if (tcp->flags & TCB_SUSPENDED) {
2110 * Apparently, doing any ptrace() call on a stopped
2111 * process, provokes the kernel to report the process
2112 * status again on a subsequent wait(), even if the
2113 * process has not been actually restarted.
2114 * Since we have inspected the arguments of suspended
2115 * processes we end up here testing for this case.
2119 if (WIFSIGNALED(status)) {
2121 && (qual_flags[WTERMSIG(status)] & QUAL_SIGNAL)) {
2123 tprintf("+++ killed by %s %s+++",
2124 signame(WTERMSIG(status)),
2126 WCOREDUMP(status) ? "(core dumped) " :
2131 #ifdef TCB_GROUP_EXITING
2132 handle_group_exit(tcp, -1);
2138 if (WIFEXITED(status)) {
2140 fprintf(stderr, "pid %u exited\n", pid);
2141 if ((tcp->flags & TCB_ATTACHED)
2142 #ifdef TCB_GROUP_EXITING
2143 && !(tcp->parent && (tcp->parent->flags &
2148 "PANIC: attached pid %u exited\n",
2150 if (tcp == tcp_last) {
2151 if ((tcp->flags & (TCB_INSYSCALL|TCB_REPRINT))
2153 tprintf(" <unfinished ... exit status %d>\n",
2154 WEXITSTATUS(status));
2157 #ifdef TCB_GROUP_EXITING
2158 handle_group_exit(tcp, -1);
2164 if (!WIFSTOPPED(status)) {
2165 fprintf(stderr, "PANIC: pid %u not stopped\n", pid);
2170 fprintf(stderr, "pid %u stopped, [%s]\n",
2171 pid, signame(WSTOPSIG(status)));
2173 if (tcp->flags & TCB_STARTUP) {
2175 * This flag is there to keep us in sync.
2176 * Next time this process stops it should
2177 * really be entering a system call.
2179 tcp->flags &= ~TCB_STARTUP;
2180 if (tcp->flags & TCB_ATTACHED) {
2182 * Interestingly, the process may stop
2183 * with STOPSIG equal to some other signal
2184 * than SIGSTOP if we happend to attach
2185 * just before the process takes a signal.
2187 if (!WIFSTOPPED(status)) {
2189 "pid %u not stopped\n", pid);
2190 detach(tcp, WSTOPSIG(status));
2196 /* A child of us stopped at exec */
2197 if (WSTOPSIG(status) == SIGTRAP && followvfork)
2201 if (tcp->flags & TCB_BPTSET) {
2202 if (clearbpt(tcp) < 0) /* Pretty fatal */ {
2211 if (WSTOPSIG(status) != SIGTRAP) {
2212 if (WSTOPSIG(status) == SIGSTOP &&
2213 (tcp->flags & TCB_SIGTRAPPED)) {
2215 * Trapped attempt to block SIGTRAP
2216 * Hope we are back in control now.
2218 tcp->flags &= ~(TCB_INSYSCALL | TCB_SIGTRAPPED);
2219 if (ptrace(PTRACE_SYSCALL,
2220 pid, (char *) 1, 0) < 0) {
2221 perror("trace: ptrace(PTRACE_SYSCALL, ...)");
2228 && (qual_flags[WSTOPSIG(status)] & QUAL_SIGNAL)) {
2229 unsigned long addr = 0, pc = 0;
2230 #ifdef PT_GETSIGINFO
2235 upeek(pid, PT_CR_IPSR, &psr);
2236 upeek(pid, PT_CR_IIP, &pc);
2238 pc += (psr >> PSR_RI) & 0x3;
2239 ptrace(PT_GETSIGINFO, pid, 0, (long) &si);
2240 addr = (unsigned long) si.si_addr;
2243 tprintf("--- %s (%s) @ %lx (%lx) ---",
2244 signame(WSTOPSIG(status)),
2245 strsignal(WSTOPSIG(status)), pc, addr);
2248 if (((tcp->flags & TCB_ATTACHED) ||
2249 tcp->nclone_threads > 0) &&
2250 !sigishandled(tcp, WSTOPSIG(status))) {
2251 #ifdef TCB_GROUP_EXITING
2252 handle_group_exit(tcp, WSTOPSIG(status));
2254 detach(tcp, WSTOPSIG(status));
2258 if (ptrace(PTRACE_SYSCALL, pid, (char *) 1,
2259 WSTOPSIG(status)) < 0) {
2260 perror("trace: ptrace(PTRACE_SYSCALL, ...)");
2264 tcp->flags &= ~TCB_SUSPENDED;
2267 if (trace_syscall(tcp) < 0) {
2268 if (tcp->flags & TCB_ATTACHED)
2272 tcp->pid, (char *) 1, SIGTERM);
2277 if (tcp->flags & TCB_EXITING) {
2278 #ifdef TCB_GROUP_EXITING
2279 if (tcp->flags & TCB_GROUP_EXITING) {
2280 if (handle_group_exit(tcp, 0) < 0)
2285 if (tcp->flags & TCB_ATTACHED)
2287 else if (ptrace(PTRACE_CONT, pid, (char *) 1, 0) < 0) {
2288 perror("strace: ptrace(PTRACE_CONT, ...)");
2294 if (tcp->flags & TCB_SUSPENDED) {
2296 fprintf(stderr, "Process %u suspended\n", pid);
2300 if (ptrace(PTRACE_SYSCALL, pid, (char *) 1, 0) < 0) {
2301 perror("trace: ptrace(PTRACE_SYSCALL, ...)");
2309 #endif /* !USE_PROCFS */
2315 #define VA_START(a, b) va_start(a, b)
2317 #include <varargs.h>
2318 #define VA_START(a, b) va_start(a)
2323 tprintf(const char *fmt, ...)
2325 tprintf(fmt, va_alist)
2332 VA_START(args, fmt);
2334 int n = vfprintf(outf, fmt, args);
2335 if (n < 0 && outf != stderr)
2336 perror(outfname == NULL
2337 ? "<writing to pipe>" : outfname);
2349 if (tcp_last && (!outfname || followfork < 2 || tcp_last == tcp)) {
2350 tcp_last->flags |= TCB_REPRINT;
2351 tprintf(" <unfinished ...>\n");
2354 if ((followfork == 1 || pflag_seen > 1) && outfname)
2355 tprintf("%-5d ", tcp->pid);
2356 else if (nprocs > 1 && !outfname)
2357 tprintf("[pid %5u] ", tcp->pid);
2359 char str[sizeof("HH:MM:SS")];
2360 struct timeval tv, dtv;
2361 static struct timeval otv;
2363 gettimeofday(&tv, NULL);
2365 if (otv.tv_sec == 0)
2367 tv_sub(&dtv, &tv, &otv);
2368 tprintf("%6ld.%06ld ",
2369 (long) dtv.tv_sec, (long) dtv.tv_usec);
2372 else if (tflag > 2) {
2373 tprintf("%ld.%06ld ",
2374 (long) tv.tv_sec, (long) tv.tv_usec);
2377 time_t local = tv.tv_sec;
2378 strftime(str, sizeof(str), "%T", localtime(&local));
2380 tprintf("%s.%06ld ", str, (long) tv.tv_usec);
2382 tprintf("%s ", str);
2394 tprintf("%*s", col - curcol, "");
2405 #ifdef HAVE_MP_PROCFS
2407 int mp_ioctl (int fd, int cmd, void *arg, int size) {
2409 struct iovec iov[2];
2412 iov[0].iov_base = &cmd;
2413 iov[0].iov_len = sizeof cmd;
2416 iov[1].iov_base = arg;
2417 iov[1].iov_len = size;
2420 return writev (fd, iov, n);