2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl>
3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl>
4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com>
5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl>
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. The name of the author may not be used to endorse or promote products
17 * derived from this software without specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 #include <sys/types.h>
38 #include <sys/param.h>
40 #include <sys/resource.h>
48 #if defined(IA64) && defined(LINUX)
49 # include <asm/ptrace_offsets.h>
57 #include <sys/stropts.h>
65 int debug = 0, followfork = 0, followvfork = 0, interactive = 0;
66 int rflag = 0, tflag = 0, dtime = 0, cflag = 0;
67 int iflag = 0, xflag = 0, qflag = 0;
70 /* Sometimes we want to print only succeeding syscalls. */
71 int not_failing_only = 0;
73 char *username = NULL;
77 int acolumn = DEFAULT_ACOLUMN;
78 int max_strlen = DEFAULT_STRLEN;
79 char *outfname = NULL;
82 unsigned int nprocs, tcbtabsize;
84 extern char **environ;
86 static int trace P((void));
87 static void cleanup P((void));
88 static void interrupt P((int sig));
89 static sigset_t empty_set, blocked_set;
91 #ifdef HAVE_SIG_ATOMIC_T
92 static volatile sig_atomic_t interrupted;
93 #else /* !HAVE_SIG_ATOMIC_T */
95 static volatile int interrupted;
97 static int interrupted;
98 #endif /* !__STDC__ */
99 #endif /* !HAVE_SIG_ATOMIC_T */
103 static struct tcb *pfd2tcb P((int pfd));
104 static void reaper P((int sig));
105 static void rebuild_pollv P((void));
106 static struct pollfd *pollv;
108 #ifndef HAVE_POLLABLE_PROCFS
110 static void proc_poll_open P((void));
111 static void proc_poller P((int pfd));
119 static int poller_pid;
120 static int proc_poll_pipe[2] = { -1, -1 };
122 #endif /* !HAVE_POLLABLE_PROCFS */
124 #ifdef HAVE_MP_PROCFS
125 #define POLLWANT POLLWRNORM
127 #define POLLWANT POLLPRI
129 #endif /* USE_PROCFS */
137 usage: strace [-dffhiqrtttTvVxx] [-a column] [-e expr] ... [-o file]\n\
138 [-p pid] ... [-s strsize] [-u username] [-E var=val] ...\n\
139 [command [arg ...]]\n\
140 or: strace -c [-e expr] ... [-O overhead] [-S sortby] [-E var=val] ...\n\
141 [command [arg ...]]\n\
142 -c -- count time, calls, and errors for each syscall and report summary\n\
143 -f -- follow forks, -ff -- with output into separate files\n\
144 -F -- attempt to follow vforks, -h -- print help message\n\
145 -i -- print instruction pointer at time of syscall\n\
146 -q -- suppress messages about attaching, detaching, etc.\n\
147 -r -- print relative timestamp, -t -- absolute timestamp, -tt -- with usecs\n\
148 -T -- print time spent in each syscall, -V -- print version\n\
149 -v -- verbose mode: print unabbreviated argv, stat, termio[s], etc. args\n\
150 -x -- print non-ascii strings in hex, -xx -- print all strings in hex\n\
151 -a column -- alignment COLUMN for printing syscall results (default %d)\n\
152 -e expr -- a qualifying expression: option=[!]all or option=[!]val1[,val2]...\n\
153 options: trace, abbrev, verbose, raw, signal, read, or write\n\
154 -o file -- send trace output to FILE instead of stderr\n\
155 -O overhead -- set overhead for tracing syscalls to OVERHEAD usecs\n\
156 -p pid -- trace process with process id PID, may be repeated\n\
157 -s strsize -- limit length of print strings to STRSIZE chars (default %d)\n\
158 -S sortby -- sort syscall counts by: time, calls, name, nothing (default %s)\n\
159 -u username -- run command as username handling setuid and/or setgid\n\
160 -E var=val -- put var=val in the environment for command\n\
161 -E var -- remove var from the environment for command\n\
162 " /* this is broken, so don't document it
163 -z -- print only succeeding syscalls\n\
165 , DEFAULT_ACOLUMN, DEFAULT_STRLEN, DEFAULT_SORTBY);
189 static char buf[BUFSIZ];
191 /* Allocate the initial tcbtab. */
192 tcbtabsize = argc; /* Surely enough for all -p args. */
193 tcbtab = (struct tcb **) malloc (tcbtabsize * sizeof tcbtab[0]);
194 tcbtab[0] = (struct tcb *) calloc (tcbtabsize, sizeof *tcbtab[0]);
195 for (tcp = tcbtab[0]; tcp < &tcbtab[0][tcbtabsize]; ++tcp)
196 tcbtab[tcp - tcbtab[0]] = &tcbtab[0][tcp - tcbtab[0]];
201 qualify("trace=all");
202 qualify("abbrev=all");
203 qualify("verbose=all");
204 qualify("signal=all");
205 set_sortby(DEFAULT_SORTBY);
206 set_personality(DEFAULT_PERSONALITY);
207 while ((c = getopt(argc, argv,
208 "+cdfFhiqrtTvVxza:e:o:O:p:s:S:u:E:")) != EOF) {
246 qualify("abbrev=none");
249 printf("%s -- version %s\n", PACKAGE_NAME, VERSION);
253 not_failing_only = 1;
256 acolumn = atoi(optarg);
262 outfname = strdup(optarg);
265 set_overhead(atoi(optarg));
268 if ((pid = atoi(optarg)) <= 0) {
269 fprintf(stderr, "%s: Invalid process id: %s\n",
273 if (pid == getpid()) {
274 fprintf(stderr, "%s: I'm sorry, I can't let you do that, Dave.\n", progname);
277 if ((tcp = alloctcb(pid)) == NULL) {
278 fprintf(stderr, "%s: out of memory\n",
282 tcp->flags |= TCB_ATTACHED;
286 max_strlen = atoi(optarg);
292 username = strdup(optarg);
295 if (putenv(optarg) < 0) {
296 fprintf(stderr, "%s: out of memory\n",
307 /* See if they want to run as another user. */
308 if (username != NULL) {
311 if (getuid() != 0 || geteuid() != 0) {
313 "%s: you must be root to use the -u option\n",
317 if ((pent = getpwnam(username)) == NULL) {
318 fprintf(stderr, "%s: cannot find user `%s'\n",
322 run_uid = pent->pw_uid;
323 run_gid = pent->pw_gid;
331 setreuid(geteuid(), getuid());
334 /* See if they want to pipe the output. */
335 if (outfname && (outfname[0] == '|' || outfname[0] == '!')) {
336 if ((outf = popen(outfname + 1, "w")) == NULL) {
337 fprintf(stderr, "%s: can't popen '%s': %s\n",
338 progname, outfname + 1, strerror(errno));
345 /* Check if they want to redirect the output. */
349 if ((outf = fopen(outfname, "w")) == NULL) {
350 fprintf(stderr, "%s: can't fopen '%s': %s\n",
351 progname, outfname, strerror(errno));
355 if ((f=fcntl(fileno(outf), F_GETFD)) < 0 ) {
356 perror("failed to get flags for outputfile");
360 if (fcntl(fileno(outf), F_SETFD, f|FD_CLOEXEC) < 0 ) {
361 perror("failed to set flags for outputfile");
367 setreuid(geteuid(), getuid());
372 setvbuf(outf, buf, _IOLBF, BUFSIZ);
374 else if (optind < argc)
379 for (c = 0; c < tcbtabsize; c++) {
381 /* Reinitialize the output since it may have changed. */
383 if (!(tcp->flags & TCB_INUSE) || !(tcp->flags & TCB_ATTACHED))
386 if (proc_open(tcp, 1) < 0) {
387 fprintf(stderr, "trouble opening proc file\n");
391 #else /* !USE_PROCFS */
392 if (ptrace(PTRACE_ATTACH, tcp->pid, (char *) 1, 0) < 0) {
393 perror("attach: ptrace(PTRACE_ATTACH, ...)");
397 #endif /* !USE_PROCFS */
400 "Process %u attached - interrupt to quit\n",
407 char pathname[MAXPATHLEN];
409 filename = argv[optind];
410 if (strchr(filename, '/'))
411 strcpy(pathname, filename);
412 #ifdef USE_DEBUGGING_EXEC
414 * Debuggers customarily check the current directory
415 * first regardless of the path but doing that gives
416 * security geeks a panic attack.
418 else if (stat(filename, &statbuf) == 0)
419 strcpy(pathname, filename);
420 #endif /* USE_DEBUGGING_EXEC */
425 for (path = getenv("PATH"); path && *path; path += m) {
426 if (strchr(path, ':')) {
427 n = strchr(path, ':') - path;
431 m = n = strlen(path);
433 getcwd(pathname, MAXPATHLEN);
434 len = strlen(pathname);
437 strncpy(pathname, path, n);
440 if (len && pathname[len - 1] != '/')
441 pathname[len++] = '/';
442 strcpy(pathname + len, filename);
443 if (stat(pathname, &statbuf) == 0)
447 if (stat(pathname, &statbuf) < 0) {
448 fprintf(stderr, "%s: %s: command not found\n",
452 switch (pid = fork()) {
454 perror("strace: fork");
460 if (outf != stderr) close (fileno (outf));
462 /* Kludge for SGI, see proc_open for details. */
463 sa.sa_handler = foobar;
465 sigemptyset(&sa.sa_mask);
466 sigaction(SIGINT, &sa, NULL);
471 kill(getpid(), SIGSTOP); /* stop HERE */
473 #else /* !USE_PROCFS */
475 close(fileno (outf));
477 if (ptrace(PTRACE_TRACEME, 0, (char *) 1, 0) < 0) {
478 perror("strace: ptrace(PTRACE_TRACEME, ...)");
482 kill(getpid(), SIGSTOP);
484 if (username != NULL || geteuid() == 0) {
485 uid_t run_euid = run_uid;
486 gid_t run_egid = run_gid;
488 if (statbuf.st_mode & S_ISUID)
489 run_euid = statbuf.st_uid;
490 if (statbuf.st_mode & S_ISGID)
491 run_egid = statbuf.st_gid;
494 * It is important to set groups before we
495 * lose privileges on setuid.
497 if (username != NULL) {
498 if (initgroups(username, run_gid) < 0) {
499 perror("initgroups");
502 if (setregid(run_gid, run_egid) < 0) {
506 if (setreuid(run_uid, run_euid) < 0) {
513 setreuid(run_uid, run_uid);
514 #endif /* !USE_PROCFS */
516 execv(pathname, &argv[optind]);
517 perror("strace: exec");
522 if ((tcp = alloctcb(pid)) == NULL) {
523 fprintf(stderr, "tcb table full\n");
528 if (proc_open(tcp, 0) < 0) {
529 fprintf(stderr, "trouble opening proc file\n");
533 #endif /* USE_PROCFS */
535 fake_execve(tcp, pathname, &argv[optind], environ);
536 #endif /* !USE_PROCFS */
540 else if (pflag_seen == 0)
543 sigemptyset(&empty_set);
544 sigemptyset(&blocked_set);
545 sa.sa_handler = SIG_IGN;
546 sigemptyset(&sa.sa_mask);
548 sigaction(SIGTTOU, &sa, NULL);
549 sigaction(SIGTTIN, &sa, NULL);
551 sigaddset(&blocked_set, SIGHUP);
552 sigaddset(&blocked_set, SIGINT);
553 sigaddset(&blocked_set, SIGQUIT);
554 sigaddset(&blocked_set, SIGPIPE);
555 sigaddset(&blocked_set, SIGTERM);
556 sa.sa_handler = interrupt;
558 /* POSIX signals on sunos4.1 are a little broken. */
559 sa.sa_flags = SA_INTERRUPT;
562 sigaction(SIGHUP, &sa, NULL);
563 sigaction(SIGINT, &sa, NULL);
564 sigaction(SIGQUIT, &sa, NULL);
565 sigaction(SIGPIPE, &sa, NULL);
566 sigaction(SIGTERM, &sa, NULL);
568 sa.sa_handler = reaper;
569 sigaction(SIGCHLD, &sa, NULL);
571 /* Make sure SIGCHLD has the default action so that waitpid
572 definitely works without losing track of children. The user
573 should not have given us a bogus state to inherit, but he might
574 have. Arguably we should detect SIG_IGN here and pass it on
575 to children, but probably noone really needs that. */
576 sa.sa_handler = SIG_DFL;
577 sigaction(SIGCHLD, &sa, NULL);
578 #endif /* USE_PROCFS */
590 char name[MAXPATHLEN];
593 if (outfname && followfork > 1) {
594 sprintf(name, "%s.%u", outfname, tcp->pid);
596 setreuid(geteuid(), getuid());
598 fp = fopen(name, "w");
600 setreuid(geteuid(), getuid());
618 for (i = 0; i < tcbtabsize; i++) {
620 if ((tcp->flags & TCB_INUSE) == 0) {
624 #ifdef TCB_CLONE_THREAD
625 tcp->nclone_threads = tcp->nclone_detached = 0;
626 tcp->nclone_waiting = 0;
628 tcp->flags = TCB_INUSE | TCB_STARTUP;
629 tcp->outf = outf; /* Initialise to current out file */
630 tcp->stime.tv_sec = 0;
631 tcp->stime.tv_usec = 0;
642 proc_open(tcp, attaching)
654 #ifndef HAVE_POLLABLE_PROCFS
658 #ifdef HAVE_MP_PROCFS
659 /* Open the process pseudo-files in /proc. */
660 sprintf(proc, "/proc/%d/ctl", tcp->pid);
661 if ((tcp->pfd = open(proc, O_WRONLY|O_EXCL)) < 0) {
662 perror("strace: open(\"/proc/...\", ...)");
665 if ((arg = fcntl(tcp->pfd, F_GETFD)) < 0) {
669 if (fcntl(tcp->pfd, F_SETFD, arg|FD_CLOEXEC) < 0) {
673 sprintf(proc, "/proc/%d/status", tcp->pid);
674 if ((tcp->pfd_stat = open(proc, O_RDONLY|O_EXCL)) < 0) {
675 perror("strace: open(\"/proc/...\", ...)");
678 if ((arg = fcntl(tcp->pfd_stat, F_GETFD)) < 0) {
682 if (fcntl(tcp->pfd_stat, F_SETFD, arg|FD_CLOEXEC) < 0) {
686 sprintf(proc, "/proc/%d/as", tcp->pid);
687 if ((tcp->pfd_as = open(proc, O_RDONLY|O_EXCL)) < 0) {
688 perror("strace: open(\"/proc/...\", ...)");
691 if ((arg = fcntl(tcp->pfd_as, F_GETFD)) < 0) {
695 if (fcntl(tcp->pfd_as, F_SETFD, arg|FD_CLOEXEC) < 0) {
700 /* Open the process pseudo-file in /proc. */
702 sprintf(proc, "/proc/%d", tcp->pid);
703 if ((tcp->pfd = open(proc, O_RDWR|O_EXCL)) < 0) {
705 sprintf(proc, "/proc/%d/mem", tcp->pid);
706 if ((tcp->pfd = open(proc, O_RDWR)) < 0) {
708 perror("strace: open(\"/proc/...\", ...)");
711 if ((arg = fcntl(tcp->pfd, F_GETFD)) < 0) {
715 if (fcntl(tcp->pfd, F_SETFD, arg|FD_CLOEXEC) < 0) {
721 sprintf(proc, "/proc/%d/regs", tcp->pid);
722 if ((tcp->pfd_reg = open(proc, O_RDONLY)) < 0) {
723 perror("strace: open(\"/proc/.../regs\", ...)");
727 sprintf(proc, "/proc/%d/status", tcp->pid);
728 if ((tcp->pfd_status = open(proc, O_RDONLY)) < 0) {
729 perror("strace: open(\"/proc/.../status\", ...)");
733 tcp->pfd_status = -1;
738 * Wait for the child to pause. Because of a race
739 * condition we have to poll for the event.
742 if (IOCTL_STATUS (tcp) < 0) {
743 perror("strace: PIOCSTATUS");
746 if (tcp->status.PR_FLAGS & PR_ASLEEP)
751 /* Stop the process so that we own the stop. */
752 if (IOCTL(tcp->pfd, PIOCSTOP, (char *)NULL) < 0) {
753 perror("strace: PIOCSTOP");
758 /* Set Run-on-Last-Close. */
760 if (IOCTL(tcp->pfd, PIOCSET, &arg) < 0) {
761 perror("PIOCSET PR_RLC");
764 /* Set or Reset Inherit-on-Fork. */
766 if (IOCTL(tcp->pfd, followfork ? PIOCSET : PIOCRESET, &arg) < 0) {
767 perror("PIOC{SET,RESET} PR_FORK");
772 if (ioctl(tcp->pfd, PIOCSRLC) < 0) {
776 if (ioctl(tcp->pfd, followfork ? PIOCSFORK : PIOCRFORK) < 0) {
777 perror("PIOC{S,R}FORK");
781 /* just unset the PF_LINGER flag for the Run-on-Last-Close. */
782 if (ioctl(tcp->pfd, PIOCGFL, &arg) < 0) {
787 if (ioctl(tcp->pfd, PIOCSFL, arg) < 0) {
792 #endif /* !PIOCSET */
794 /* Enable all syscall entries we care about. */
795 premptyset(&syscalls);
796 for (i = 1; i < MAX_QUALS; ++i) {
797 if (i > (sizeof syscalls) * CHAR_BIT) break;
798 if (qual_flags [i] & QUAL_TRACE) praddset (&syscalls, i);
800 praddset (&syscalls, SYS_execve);
802 praddset (&syscalls, SYS_fork);
804 praddset (&syscalls, SYS_forkall);
807 praddset (&syscalls, SYS_fork1);
810 praddset (&syscalls, SYS_rfork1);
813 praddset (&syscalls, SYS_rforkall);
816 if (IOCTL(tcp->pfd, PIOCSENTRY, &syscalls) < 0) {
817 perror("PIOCSENTRY");
820 /* Enable the syscall exits. */
821 if (IOCTL(tcp->pfd, PIOCSEXIT, &syscalls) < 0) {
825 /* Enable signals we care about. */
826 premptyset(&signals);
827 for (i = 1; i < MAX_QUALS; ++i) {
828 if (i > (sizeof signals) * CHAR_BIT) break;
829 if (qual_flags [i] & QUAL_SIGNAL) praddset (&signals, i);
831 if (IOCTL(tcp->pfd, PIOCSTRACE, &signals) < 0) {
832 perror("PIOCSTRACE");
835 /* Enable faults we care about */
837 for (i = 1; i < MAX_QUALS; ++i) {
838 if (i > (sizeof faults) * CHAR_BIT) break;
839 if (qual_flags [i] & QUAL_FAULT) praddset (&faults, i);
841 if (IOCTL(tcp->pfd, PIOCSFAULT, &faults) < 0) {
842 perror("PIOCSFAULT");
846 /* set events flags. */
847 arg = S_SIG | S_SCE | S_SCX ;
848 if(ioctl(tcp->pfd, PIOCBIS, arg) < 0) {
856 * The SGI PRSABORT doesn't work for pause() so
857 * we send it a caught signal to wake it up.
859 kill(tcp->pid, SIGINT);
862 /* The child is in a pause(), abort it. */
864 if (IOCTL (tcp->pfd, PIOCRUN, &arg) < 0) {
871 /* wake up the child if it received the SIGSTOP */
872 kill(tcp->pid, SIGCONT);
875 /* Wait for the child to do something. */
876 if (IOCTL_WSTOP (tcp) < 0) {
880 if (tcp->status.PR_WHY == PR_SYSENTRY) {
881 tcp->flags &= ~TCB_INSYSCALL;
883 if (tcp->scno == SYS_execve)
886 /* Set it running: maybe execve will be next. */
889 if (IOCTL(tcp->pfd, PIOCRUN, &arg) < 0) {
891 if (IOCTL(tcp->pfd, PIOCRUN, 0) < 0) {
897 /* handle the case where we "opened" the child before
898 it did the kill -STOP */
899 if (tcp->status.PR_WHY == PR_SIGNALLED &&
900 tcp->status.PR_WHAT == SIGSTOP)
901 kill(tcp->pid, SIGCONT);
909 /* We are attaching to an already running process.
910 * Try to figure out the state of the process in syscalls,
911 * to handle the first event well.
912 * This is done by having a look at the "wchan" property of the
913 * process, which tells where it is stopped (if it is). */
915 char wchan[20]; /* should be enough */
917 sprintf(proc, "/proc/%d/status", tcp->pid);
918 status = fopen(proc, "r");
920 (fscanf(status, "%*s %*d %*d %*d %*d %*d,%*d %*s %*d,%*d"
921 "%*d,%*d %*d,%*d %19s", wchan) == 1) &&
922 strcmp(wchan, "nochan") && strcmp(wchan, "spread") &&
923 strcmp(wchan, "stopevent")) {
924 /* The process is asleep in the middle of a syscall.
925 Fake the syscall entry event */
926 tcp->flags &= ~(TCB_INSYSCALL|TCB_STARTUP);
927 tcp->status.PR_WHY = PR_SYSENTRY;
932 } /* otherwise it's a fork being followed */
935 #ifndef HAVE_POLLABLE_PROCFS
936 if (proc_poll_pipe[0] != -1)
937 proc_poller(tcp->pfd);
938 else if (nprocs > 1) {
940 proc_poller(last_pfd);
941 proc_poller(tcp->pfd);
944 #endif /* !HAVE_POLLABLE_PROCFS */
948 #endif /* USE_PROCFS */
957 for (i = 0; i < tcbtabsize; i++) {
959 if (pid && tcp->pid != pid)
961 if (tcp->flags & TCB_INUSE)
975 for (i = 0; i < tcbtabsize; i++) {
976 struct tcb *tcp = tcbtab[i];
979 if (tcp->flags & TCB_INUSE)
985 #endif /* USE_PROCFS */
993 #ifdef TCB_CLONE_THREAD
994 if (tcp->nclone_threads > 0) {
995 /* There are other threads left in this process, but this
996 is the one whose PID represents the whole process.
997 We need to keep this record around as a zombie until
998 all the threads die. */
999 tcp->flags |= TCB_EXITING;
1006 if (tcp->parent != NULL) {
1007 tcp->parent->nchildren--;
1008 #ifdef TCB_CLONE_THREAD
1009 if (tcp->flags & TCB_CLONE_DETACHED)
1010 tcp->parent->nclone_detached--;
1011 if (tcp->flags & TCB_CLONE_THREAD)
1012 tcp->parent->nclone_threads--;
1018 if (tcp->pfd != -1) {
1022 if (tcp->pfd_reg != -1) {
1023 close(tcp->pfd_reg);
1026 if (tcp->pfd_status != -1) {
1027 close(tcp->pfd_status);
1028 tcp->pfd_status = -1;
1030 #endif /* !FREEBSD */
1032 rebuild_pollv(); /* Note, flags needs to be cleared by now. */
1036 if (outfname && followfork > 1 && tcp->outf)
1051 if (!(tcp->flags & TCB_SUSPENDED)) {
1052 fprintf(stderr, "PANIC: pid %u not suspended\n", tcp->pid);
1055 tcp->flags &= ~TCB_SUSPENDED;
1056 #ifdef TCB_CLONE_THREAD
1057 if (tcp->flags & TCB_CLONE_THREAD)
1058 tcp->parent->nclone_waiting--;
1061 if (ptrace(PTRACE_SYSCALL, tcp->pid, (char *) 1, 0) < 0) {
1062 perror("resume: ptrace(PTRACE_SYSCALL, ...)");
1067 fprintf(stderr, "Process %u resumed\n", tcp->pid);
1071 #endif /* !USE_PROCFS */
1073 /* detach traced process; continue with sig */
1082 int status, resumed;
1085 if (tcp->flags & TCB_BPTSET)
1090 * Linux wrongly insists the child be stopped
1091 * before detaching. Arghh. We go through hoops
1092 * to make a clean break of things.
1095 #undef PTRACE_DETACH
1096 #define PTRACE_DETACH PTRACE_SUNDETACH
1098 if ((error = ptrace(PTRACE_DETACH, tcp->pid, (char *) 1, sig)) == 0) {
1099 /* On a clear day, you can see forever. */
1101 else if (errno != ESRCH) {
1102 /* Shouldn't happen. */
1103 perror("detach: ptrace(PTRACE_DETACH, ...)");
1105 else if (kill(tcp->pid, 0) < 0) {
1107 perror("detach: checking sanity");
1109 else if (kill(tcp->pid, SIGSTOP) < 0) {
1111 perror("detach: stopping child");
1116 if (wait4(tcp->pid, &status, __WALL, NULL) < 0) {
1117 if (errno == ECHILD) /* Already gone. */
1119 if (errno != EINVAL) {
1120 perror("detach: waiting");
1124 /* No __WALL here. */
1125 if (waitpid(tcp->pid, &status, 0) < 0) {
1126 if (errno != ECHILD) {
1127 perror("detach: waiting");
1131 /* If no processes, try clones. */
1132 if (wait4(tcp->pid, &status, __WCLONE,
1134 if (errno != ECHILD)
1135 perror("detach: waiting");
1138 #endif /* __WCLONE */
1143 if (!WIFSTOPPED(status)) {
1144 /* Au revoir, mon ami. */
1147 if (WSTOPSIG(status) == SIGSTOP) {
1148 if ((error = ptrace(PTRACE_DETACH,
1149 tcp->pid, (char *) 1, sig)) < 0) {
1151 perror("detach: ptrace(PTRACE_DETACH, ...)");
1152 /* I died trying. */
1156 if ((error = ptrace(PTRACE_CONT, tcp->pid, (char *) 1,
1157 WSTOPSIG(status) == SIGTRAP ?
1158 0 : WSTOPSIG(status))) < 0) {
1160 perror("detach: ptrace(PTRACE_CONT, ...)");
1168 /* PTRACE_DETACH won't respect `sig' argument, so we post it here. */
1169 if (sig && kill(tcp->pid, sig) < 0)
1170 perror("detach: kill");
1172 if ((error = ptrace(PTRACE_DETACH, tcp->pid, (char *) 1, sig)) < 0)
1173 perror("detach: ptrace(PTRACE_DETACH, ...)");
1179 /* XXX This won't always be quite right (but it never was).
1180 A waiter with argument 0 or < -1 is waiting for any pid in
1181 a particular pgrp, which this child might or might not be
1182 in. The waiter will only wake up if it's argument is -1
1183 or if it's waiting for tcp->pid's pgrp. It makes a
1184 difference to wake up a waiter when there might be more
1185 traced children, because it could get a false ECHILD
1186 error. OTOH, if this was the last child in the pgrp, then
1187 it ought to wake up and get ECHILD. We would have to
1188 search the system for all pid's in the pgrp to be sure.
1190 && (t->waitpid == -1 ||
1191 (t->waitpid == 0 && getpgid (tcp->pid) == getpgid (t->pid))
1192 || (t->waitpid < 0 && t->waitpid == -getpid (t->pid)))
1196 (tcp->parent->flags & TCB_SUSPENDED) &&
1197 (tcp->parent->waitpid <= 0 || tcp->parent->waitpid == tcp->pid)) {
1198 error = resume(tcp->parent);
1201 #ifdef TCB_CLONE_THREAD
1202 if (tcp->parent && tcp->parent->nclone_waiting > 0) {
1203 /* Some other threads of our parent are waiting too. */
1206 /* Resume all the threads that were waiting for this PID. */
1207 for (i = 0; i < tcbtabsize; i++) {
1208 struct tcb *t = tcbtab[i];
1209 if (t->parent == tcp->parent && t != tcp
1210 && ((t->flags & (TCB_CLONE_THREAD|TCB_SUSPENDED))
1211 == (TCB_CLONE_THREAD|TCB_SUSPENDED))
1212 && t->waitpid == tcp->pid) {
1213 error |= resume (t);
1218 /* Noone was waiting for this PID in particular,
1219 so now we might need to resume some wildcarders. */
1220 for (i = 0; i < tcbtabsize; i++) {
1221 struct tcb *t = tcbtab[i];
1222 if (t->parent == tcp->parent && t != tcp
1224 & (TCB_CLONE_THREAD|TCB_SUSPENDED))
1225 == (TCB_CLONE_THREAD|TCB_SUSPENDED))
1228 error |= resume (t);
1235 #endif /* !USE_PROCFS */
1238 fprintf(stderr, "Process %u detached\n", tcp->pid);
1253 while ((pid = waitpid(-1, &status, WNOHANG)) > 0) {
1264 #endif /* USE_PROCFS */
1272 for (i = 0; i < tcbtabsize; i++) {
1274 if (!(tcp->flags & TCB_INUSE))
1278 "cleanup: looking at pid %u\n", tcp->pid);
1280 (!outfname || followfork < 2 || tcp_last == tcp)) {
1281 tprintf(" <unfinished ...>\n");
1284 if (tcp->flags & TCB_ATTACHED)
1287 kill(tcp->pid, SIGCONT);
1288 kill(tcp->pid, SIGTERM);
1302 #ifndef HAVE_STRERROR
1304 #if !HAVE_DECL_SYS_ERRLIST
1305 extern int sys_nerr;
1306 extern char *sys_errlist[];
1307 #endif /* HAVE_DECL_SYS_ERRLIST */
1313 static char buf[64];
1315 if (errno < 1 || errno >= sys_nerr) {
1316 sprintf(buf, "Unknown error %d", errno);
1319 return sys_errlist[errno];
1322 #endif /* HAVE_STERRROR */
1324 #ifndef HAVE_STRSIGNAL
1326 #if defined HAVE_SYS_SIGLIST && !defined HAVE_DECL_SYS_SIGLIST
1327 extern char *sys_siglist[];
1329 #if defined HAVE_SYS__SIGLIST && !defined HAVE_DECL__SYS_SIGLIST
1330 extern char *_sys_siglist[];
1337 static char buf[64];
1339 if (sig < 1 || sig >= NSIG) {
1340 sprintf(buf, "Unknown signal %d", sig);
1343 #ifdef HAVE__SYS_SIGLIST
1344 return _sys_siglist[sig];
1346 return sys_siglist[sig];
1350 #endif /* HAVE_STRSIGNAL */
1361 pollv = (struct pollfd *) malloc(nprocs * sizeof pollv[0]);
1362 if (pollv == NULL) {
1363 fprintf(stderr, "strace: out of memory for poll vector\n");
1367 for (i = j = 0; i < tcbtabsize; i++) {
1368 struct tcb *tcp = tcbtab[i];
1369 if (!(tcp->flags & TCB_INUSE))
1371 pollv[j].fd = tcp->pfd;
1372 pollv[j].events = POLLWANT;
1376 fprintf(stderr, "strace: proc miscount\n");
1381 #ifndef HAVE_POLLABLE_PROCFS
1389 if (pipe(proc_poll_pipe) < 0) {
1393 for (i = 0; i < 2; i++) {
1394 if ((arg = fcntl(proc_poll_pipe[i], F_GETFD)) < 0) {
1398 if (fcntl(proc_poll_pipe[i], F_SETFD, arg|FD_CLOEXEC) < 0) {
1406 proc_poll(pollv, nfds, timeout)
1407 struct pollfd *pollv;
1413 struct proc_pollfd pollinfo;
1415 if ((n = read(proc_poll_pipe[0], &pollinfo, sizeof(pollinfo))) < 0)
1417 if (n != sizeof(struct proc_pollfd)) {
1418 fprintf(stderr, "panic: short read: %d\n", n);
1421 for (i = 0; i < nprocs; i++) {
1422 if (pollv[i].fd == pollinfo.fd)
1423 pollv[i].revents = pollinfo.revents;
1425 pollv[i].revents = 0;
1427 poller_pid = pollinfo.pid;
1441 struct proc_pollfd pollinfo;
1442 struct sigaction sa;
1443 sigset_t blocked_set, empty_set;
1448 struct procfs_status pfs;
1449 #endif /* FREEBSD */
1461 sa.sa_handler = interactive ? SIG_DFL : SIG_IGN;
1463 sigemptyset(&sa.sa_mask);
1464 sigaction(SIGHUP, &sa, NULL);
1465 sigaction(SIGINT, &sa, NULL);
1466 sigaction(SIGQUIT, &sa, NULL);
1467 sigaction(SIGPIPE, &sa, NULL);
1468 sigaction(SIGTERM, &sa, NULL);
1469 sa.sa_handler = wakeup_handler;
1470 sigaction(SIGUSR1, &sa, NULL);
1471 sigemptyset(&blocked_set);
1472 sigaddset(&blocked_set, SIGUSR1);
1473 sigprocmask(SIG_BLOCK, &blocked_set, NULL);
1474 sigemptyset(&empty_set);
1476 if (getrlimit(RLIMIT_NOFILE, &rl) < 0) {
1477 perror("getrlimit(RLIMIT_NOFILE, ...)");
1481 for (i = 0; i < n; i++) {
1482 if (i != pfd && i != proc_poll_pipe[1])
1487 pollinfo.pid = getpid();
1490 if (ioctl(pfd, PIOCWSTOP, NULL) < 0)
1492 if (ioctl(pfd, PIOCWSTOP, &pfs) < 0)
1493 #endif /* FREEBSD */
1499 pollinfo.revents = POLLERR;
1502 pollinfo.revents = POLLHUP;
1505 perror("proc_poller: PIOCWSTOP");
1507 write(proc_poll_pipe[1], &pollinfo, sizeof(pollinfo));
1510 pollinfo.revents = POLLWANT;
1511 write(proc_poll_pipe[1], &pollinfo, sizeof(pollinfo));
1512 sigsuspend(&empty_set);
1516 #endif /* !HAVE_POLLABLE_PROCFS */
1526 if (followfork < 2 &&
1527 last < nprocs && (pollv[last].revents & POLLWANT)) {
1529 * The previous process is ready to run again. We'll
1530 * let it do so if it is currently in a syscall. This
1531 * heuristic improves the readability of the trace.
1533 tcp = pfd2tcb(pollv[last].fd);
1534 if (tcp && (tcp->flags & TCB_INSYSCALL))
1535 return pollv[last].fd;
1538 for (i = 0; i < nprocs; i++) {
1539 /* Let competing children run round robin. */
1540 j = (i + last + 1) % nprocs;
1541 if (pollv[j].revents & (POLLHUP | POLLERR)) {
1542 tcp = pfd2tcb(pollv[j].fd);
1544 fprintf(stderr, "strace: lost proc\n");
1550 if (pollv[j].revents & POLLWANT) {
1555 fprintf(stderr, "strace: nothing ready\n");
1563 struct tcb *in_syscall = NULL;
1568 int ioctl_result = 0, ioctl_errno = 0;
1573 sigprocmask(SIG_SETMASK, &empty_set, NULL);
1580 #ifndef HAVE_POLLABLE_PROCFS
1581 if (proc_poll_pipe[0] == -1) {
1590 #ifndef HAVE_POLLABLE_PROCFS
1592 /* fall through ... */
1593 #endif /* !HAVE_POLLABLE_PROCFS */
1595 #ifdef HAVE_POLLABLE_PROCFS
1597 /* On some systems (e.g. UnixWare) we get too much ugly
1598 "unfinished..." stuff when multiple proceses are in
1599 syscalls. Here's a nasty hack */
1606 pv.events = POLLWANT;
1607 if ((what = poll (&pv, 1, 1)) < 0) {
1612 else if (what == 1 && pv.revents & POLLWANT) {
1618 if (poll(pollv, nprocs, INFTIM) < 0) {
1623 #else /* !HAVE_POLLABLE_PROCFS */
1624 if (proc_poll(pollv, nprocs, INFTIM) < 0) {
1629 #endif /* !HAVE_POLLABLE_PROCFS */
1636 /* Look up `pfd' in our table. */
1637 if ((tcp = pfd2tcb(pfd)) == NULL) {
1638 fprintf(stderr, "unknown pfd: %u\n", pfd);
1644 /* Get the status of the process. */
1647 ioctl_result = IOCTL_WSTOP (tcp);
1649 /* Thanks to some scheduling mystery, the first poller
1650 sometimes waits for the already processed end of fork
1651 event. Doing a non blocking poll here solves the problem. */
1652 if (proc_poll_pipe[0] != -1)
1653 ioctl_result = IOCTL_STATUS (tcp);
1655 ioctl_result = IOCTL_WSTOP (tcp);
1656 #endif /* FREEBSD */
1657 ioctl_errno = errno;
1658 #ifndef HAVE_POLLABLE_PROCFS
1659 if (proc_poll_pipe[0] != -1) {
1660 if (ioctl_result < 0)
1661 kill(poller_pid, SIGKILL);
1663 kill(poller_pid, SIGUSR1);
1665 #endif /* !HAVE_POLLABLE_PROCFS */
1671 sigprocmask(SIG_BLOCK, &blocked_set, NULL);
1673 if (ioctl_result < 0) {
1674 /* Find out what happened if it failed. */
1675 switch (ioctl_errno) {
1686 perror("PIOCWSTOP");
1692 if ((tcp->flags & TCB_STARTUP) && (tcp->status.PR_WHY == PR_SYSEXIT)) {
1693 /* discard first event for a syscall we never entered */
1694 IOCTL (tcp->pfd, PIOCRUN, 0);
1699 /* clear the just started flag */
1700 tcp->flags &= ~TCB_STARTUP;
1702 /* set current output file */
1706 struct timeval stime;
1711 if ((len = pread(tcp->pfd_status, buf, sizeof(buf) - 1, 0)) > 0) {
1714 "%*s %*d %*d %*d %*d %*d,%*d %*s %*d,%*d %*d,%*d %ld,%ld",
1715 &stime.tv_sec, &stime.tv_usec);
1717 stime.tv_sec = stime.tv_usec = 0;
1718 #else /* !FREEBSD */
1719 stime.tv_sec = tcp->status.pr_stime.tv_sec;
1720 stime.tv_usec = tcp->status.pr_stime.tv_nsec/1000;
1721 #endif /* !FREEBSD */
1722 tv_sub(&tcp->dtime, &stime, &tcp->stime);
1725 what = tcp->status.PR_WHAT;
1726 switch (tcp->status.PR_WHY) {
1729 if (tcp->status.PR_FLAGS & PR_ASLEEP) {
1730 tcp->status.PR_WHY = PR_SYSENTRY;
1731 if (trace_syscall(tcp) < 0) {
1732 fprintf(stderr, "syscall trouble\n");
1737 #endif /* !FREEBSD */
1743 if (trace_syscall(tcp) < 0) {
1744 fprintf(stderr, "syscall trouble\n");
1749 if (!cflag && (qual_flags[what] & QUAL_SIGNAL)) {
1751 tprintf("--- %s (%s) ---",
1752 signame(what), strsignal(what));
1755 if (tcp->status.PR_INFO.si_signo == what) {
1757 tprintf(" siginfo=");
1758 printsiginfo(&tcp->status.PR_INFO, 1);
1765 if (!cflag && (qual_flags[what] & QUAL_FAULT)) {
1767 tprintf("=== FAULT %d ===", what);
1772 case 0: /* handle case we polled for nothing */
1776 fprintf(stderr, "odd stop %d\n", tcp->status.PR_WHY);
1782 if (IOCTL (tcp->pfd, PIOCRUN, &arg) < 0) {
1784 if (IOCTL (tcp->pfd, PIOCRUN, 0) < 0) {
1793 #else /* !USE_PROCFS */
1795 #ifdef TCB_GROUP_EXITING
1796 /* Handle an exit detach or death signal that is taking all the
1797 related clone threads with it. This is called in three circumstances:
1798 SIG == -1 TCP has already died (TCB_ATTACHED is clear, strace is parent).
1799 SIG == 0 Continuing TCP will perform an exit_group syscall.
1800 SIG == other Continuing TCP with SIG will kill the process.
1803 handle_group_exit(struct tcb *tcp, int sig)
1805 /* We need to locate our records of all the clone threads
1806 related to TCP, either its children or siblings. */
1807 struct tcb *leader = ((tcp->flags & TCB_CLONE_THREAD)
1809 : tcp->nclone_detached > 0
1813 if (leader != NULL && leader != tcp)
1815 "PANIC: handle_group_exit: %d leader %d\n",
1816 tcp->pid, leader ? leader->pid : -1);
1817 droptcb(tcp); /* Already died. */
1820 if (tcp->flags & TCB_ATTACHED) {
1821 if (leader != NULL && leader != tcp) {
1822 /* We need to detach the leader so that the
1823 process death will be reported to its real
1824 parent. But we kill it first to prevent
1825 it doing anything before we kill the whole
1826 process in a moment. We can use
1827 PTRACE_KILL on a thread that's not already
1828 stopped. Then the value we pass in
1829 PTRACE_DETACH just sets the death
1830 signal reported to the real parent. */
1831 ptrace(PTRACE_KILL, leader->pid, 0, 0);
1834 " [%d exit %d kills %d]\n",
1835 tcp->pid, sig, leader->pid);
1836 detach(leader, sig);
1840 else if (ptrace(PTRACE_CONT, tcp->pid, (char *) 1, sig) < 0) {
1841 perror("strace: ptrace(PTRACE_CONT, ...)");
1846 if (leader != NULL && leader != tcp)
1848 /* The leader will report to us as parent now,
1849 and then we'll get to the SIG==-1 case. */
1854 /* Note that TCP and LEADER are no longer valid,
1855 but we can still compare against them. */
1856 if (leader != NULL) {
1858 for (i = 0; i < tcbtabsize; i++) {
1859 struct tcb *t = tcbtab[i];
1860 if (t != tcp && (t->flags & TCB_CLONE_DETACHED)
1861 && t->parent == leader)
1880 static int wait4_options = __WALL;
1884 while (nprocs != 0) {
1886 sigprocmask(SIG_SETMASK, &empty_set, NULL);
1889 pid = wait4(-1, &status, wait4_options, cflag ? &ru : NULL);
1890 if (pid < 0 && (wait4_options & __WALL) && errno == EINVAL) {
1891 /* this kernel does not support __WALL */
1892 wait4_options &= ~__WALL;
1894 pid = wait4(-1, &status, wait4_options,
1895 cflag ? &ru : NULL);
1897 if (pid < 0 && !(wait4_options & __WALL) && errno == ECHILD) {
1898 /* most likely a "cloned" process */
1899 pid = wait4(-1, &status, __WCLONE,
1900 cflag ? &ru : NULL);
1902 fprintf(stderr, "strace: clone wait4 "
1903 "failed: %s\n", strerror(errno));
1907 pid = wait4(-1, &status, 0, cflag ? &ru : NULL);
1911 pid = wait(&status);
1915 sigprocmask(SIG_BLOCK, &blocked_set, NULL);
1921 switch (wait_errno) {
1926 * We would like to verify this case
1927 * but sometimes a race in Solbourne's
1928 * version of SunOS sometimes reports
1929 * ECHILD before sending us SIGCHILD.
1934 fprintf(stderr, "strace: proc miscount\n");
1940 perror("strace: wait");
1945 fprintf(stderr, " [wait(%#x) = %u]\n", status, pid);
1947 /* Look up `pid' in our table. */
1948 if ((tcp = pid2tcb(pid)) == NULL) {
1950 if (followfork || followvfork) {
1951 /* This is needed to go with the CLONE_PTRACE
1952 changes in process.c/util.c: we might see
1953 the child's initial trap before we see the
1954 parent return from the clone syscall.
1955 Leave the child suspended until the parent
1956 returns from its system call. Only then
1957 will we have the association of parent and
1958 child so that we know how to do clearbpt
1960 if ((tcp = alloctcb(pid)) == NULL) {
1961 fprintf(stderr, " [tcb table full]\n");
1962 kill(pid, SIGKILL); /* XXX */
1965 tcp->flags |= TCB_ATTACHED | TCB_SUSPENDED;
1969 Process %d attached (waiting for parent)\n",
1973 /* This can happen if a clone call used
1974 CLONE_PTRACE itself. */
1977 fprintf(stderr, "unknown pid: %u\n", pid);
1978 if (WIFSTOPPED(status))
1979 ptrace(PTRACE_CONT, pid, (char *) 1, 0);
1983 /* set current output file */
1987 tv_sub(&tcp->dtime, &ru.ru_stime, &tcp->stime);
1988 tcp->stime = ru.ru_stime;
1992 if (tcp->flags & TCB_SUSPENDED) {
1994 * Apparently, doing any ptrace() call on a stopped
1995 * process, provokes the kernel to report the process
1996 * status again on a subsequent wait(), even if the
1997 * process has not been actually restarted.
1998 * Since we have inspected the arguments of suspended
1999 * processes we end up here testing for this case.
2003 if (WIFSIGNALED(status)) {
2005 && (qual_flags[WTERMSIG(status)] & QUAL_SIGNAL)) {
2007 tprintf("+++ killed by %s +++",
2008 signame(WTERMSIG(status)));
2011 #ifdef TCB_GROUP_EXITING
2012 handle_group_exit(tcp, -1);
2018 if (WIFEXITED(status)) {
2020 fprintf(stderr, "pid %u exited\n", pid);
2021 if (tcp->flags & TCB_ATTACHED)
2023 "PANIC: attached pid %u exited\n",
2025 #ifdef TCB_GROUP_EXITING
2026 handle_group_exit(tcp, -1);
2032 if (!WIFSTOPPED(status)) {
2033 fprintf(stderr, "PANIC: pid %u not stopped\n", pid);
2038 fprintf(stderr, "pid %u stopped, [%s]\n",
2039 pid, signame(WSTOPSIG(status)));
2041 if (tcp->flags & TCB_STARTUP) {
2043 * This flag is there to keep us in sync.
2044 * Next time this process stops it should
2045 * really be entering a system call.
2047 tcp->flags &= ~TCB_STARTUP;
2048 if (tcp->flags & TCB_ATTACHED) {
2050 * Interestingly, the process may stop
2051 * with STOPSIG equal to some other signal
2052 * than SIGSTOP if we happend to attach
2053 * just before the process takes a signal.
2055 if (!WIFSTOPPED(status)) {
2057 "pid %u not stopped\n", pid);
2058 detach(tcp, WSTOPSIG(status));
2064 /* A child of us stopped at exec */
2065 if (WSTOPSIG(status) == SIGTRAP && followvfork)
2069 if (tcp->flags & TCB_BPTSET) {
2070 if (clearbpt(tcp) < 0) /* Pretty fatal */ {
2079 if (WSTOPSIG(status) != SIGTRAP) {
2080 if (WSTOPSIG(status) == SIGSTOP &&
2081 (tcp->flags & TCB_SIGTRAPPED)) {
2083 * Trapped attempt to block SIGTRAP
2084 * Hope we are back in control now.
2086 tcp->flags &= ~(TCB_INSYSCALL | TCB_SIGTRAPPED);
2087 if (ptrace(PTRACE_SYSCALL,
2088 pid, (char *) 1, 0) < 0) {
2089 perror("trace: ptrace(PTRACE_SYSCALL, ...)");
2096 && (qual_flags[WSTOPSIG(status)] & QUAL_SIGNAL)) {
2097 unsigned long addr = 0, pc = 0;
2098 #ifdef PT_GETSIGINFO
2103 upeek(pid, PT_CR_IPSR, &psr);
2104 upeek(pid, PT_CR_IIP, &pc);
2106 pc += (psr >> PSR_RI) & 0x3;
2107 ptrace(PT_GETSIGINFO, pid, 0, (long) &si);
2108 addr = (unsigned long) si.si_addr;
2111 tprintf("--- %s (%s) @ %lx (%lx) ---",
2112 signame(WSTOPSIG(status)),
2113 strsignal(WSTOPSIG(status)), pc, addr);
2116 if ((tcp->flags & TCB_ATTACHED) &&
2117 !sigishandled(tcp, WSTOPSIG(status))) {
2118 #ifdef TCB_GROUP_EXITING
2119 handle_group_exit(tcp, WSTOPSIG(status));
2121 detach(tcp, WSTOPSIG(status));
2125 if (ptrace(PTRACE_SYSCALL, pid, (char *) 1,
2126 WSTOPSIG(status)) < 0) {
2127 perror("trace: ptrace(PTRACE_SYSCALL, ...)");
2131 tcp->flags &= ~TCB_SUSPENDED;
2134 if (trace_syscall(tcp) < 0) {
2135 if (tcp->flags & TCB_ATTACHED)
2139 tcp->pid, (char *) 1, SIGTERM);
2144 if (tcp->flags & TCB_EXITING) {
2145 #ifdef TCB_GROUP_EXITING
2146 if (tcp->flags & TCB_GROUP_EXITING) {
2147 if (handle_group_exit(tcp, 0) < 0)
2152 if (tcp->flags & TCB_ATTACHED)
2154 else if (ptrace(PTRACE_CONT, pid, (char *) 1, 0) < 0) {
2155 perror("strace: ptrace(PTRACE_CONT, ...)");
2161 if (tcp->flags & TCB_SUSPENDED) {
2163 fprintf(stderr, "Process %u suspended\n", pid);
2167 if (ptrace(PTRACE_SYSCALL, pid, (char *) 1, 0) < 0) {
2168 perror("trace: ptrace(PTRACE_SYSCALL, ...)");
2176 #endif /* !USE_PROCFS */
2182 #define VA_START(a, b) va_start(a, b)
2184 #include <varargs.h>
2185 #define VA_START(a, b) va_start(a)
2190 tprintf(const char *fmt, ...)
2192 tprintf(fmt, va_alist)
2199 VA_START(args, fmt);
2201 curcol += vfprintf(outf, fmt, args);
2210 if (tcp_last && (!outfname || followfork < 2 || tcp_last == tcp)) {
2211 tcp_last->flags |= TCB_REPRINT;
2212 tprintf(" <unfinished ...>\n");
2215 if ((followfork == 1 || pflag_seen > 1) && outfname)
2216 tprintf("%-5d ", tcp->pid);
2217 else if (nprocs > 1 && !outfname)
2218 tprintf("[pid %5u] ", tcp->pid);
2220 char str[sizeof("HH:MM:SS")];
2221 struct timeval tv, dtv;
2222 static struct timeval otv;
2224 gettimeofday(&tv, NULL);
2226 if (otv.tv_sec == 0)
2228 tv_sub(&dtv, &tv, &otv);
2229 tprintf("%6ld.%06ld ",
2230 (long) dtv.tv_sec, (long) dtv.tv_usec);
2233 else if (tflag > 2) {
2234 tprintf("%ld.%06ld ",
2235 (long) tv.tv_sec, (long) tv.tv_usec);
2238 time_t local = tv.tv_sec;
2239 strftime(str, sizeof(str), "%T", localtime(&local));
2241 tprintf("%s.%06ld ", str, (long) tv.tv_usec);
2243 tprintf("%s ", str);
2255 tprintf("%*s", col - curcol, "");
2266 #ifdef HAVE_MP_PROCFS
2268 int mp_ioctl (int fd, int cmd, void *arg, int size) {
2270 struct iovec iov[2];
2273 iov[0].iov_base = &cmd;
2274 iov[0].iov_len = sizeof cmd;
2277 iov[1].iov_base = arg;
2278 iov[1].iov_len = size;
2281 return writev (fd, iov, n);
projects / strace / blob