2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl>
3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl>
4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com>
5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl>
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. The name of the author may not be used to endorse or promote products
17 * derived from this software without specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35 #include <sys/types.h>
38 #include <sys/param.h>
40 #include <sys/resource.h>
50 # include <asm/unistd.h>
51 # if defined __NR_tgkill
52 # define my_tgkill(pid, tid, sig) syscall (__NR_tgkill, (pid), (tid), (sig))
53 # elif defined __NR_tkill
54 # define my_tgkill(pid, tid, sig) syscall (__NR_tkill, (tid), (sig))
56 /* kill() may choose arbitrarily the target task of the process group
57 while we later wait on a that specific TID. PID process waits become
58 TID task specific waits for a process under ptrace(2). */
59 # warning "Neither tkill(2) nor tgkill(2) available, risk of strace hangs!"
60 # define my_tgkill(pid, tid, sig) kill ((tid), (sig))
64 #if defined(IA64) && defined(LINUX)
65 # include <asm/ptrace_offsets.h>
73 #include <sys/stropts.h>
81 int debug = 0, followfork = 0;
82 int dtime = 0, cflag = 0, xflag = 0, qflag = 0;
83 static int iflag = 0, interactive = 0, pflag_seen = 0, rflag = 0, tflag = 0;
85 /* Sometimes we want to print only succeeding syscalls. */
86 int not_failing_only = 0;
88 static char *username = NULL;
92 int acolumn = DEFAULT_ACOLUMN;
93 int max_strlen = DEFAULT_STRLEN;
94 static char *outfname = NULL;
97 unsigned int nprocs, tcbtabsize;
99 extern char **environ;
101 static int detach P((struct tcb *tcp, int sig));
102 static int trace P((void));
103 static void cleanup P((void));
104 static void interrupt P((int sig));
105 static sigset_t empty_set, blocked_set;
107 #ifdef HAVE_SIG_ATOMIC_T
108 static volatile sig_atomic_t interrupted;
109 #else /* !HAVE_SIG_ATOMIC_T */
111 static volatile int interrupted;
112 #else /* !__STDC__ */
113 static int interrupted;
114 #endif /* !__STDC__ */
115 #endif /* !HAVE_SIG_ATOMIC_T */
119 static struct tcb *pfd2tcb P((int pfd));
120 static void reaper P((int sig));
121 static void rebuild_pollv P((void));
122 static struct pollfd *pollv;
124 #ifndef HAVE_POLLABLE_PROCFS
126 static void proc_poll_open P((void));
127 static void proc_poller P((int pfd));
135 static int poller_pid;
136 static int proc_poll_pipe[2] = { -1, -1 };
138 #endif /* !HAVE_POLLABLE_PROCFS */
140 #ifdef HAVE_MP_PROCFS
141 #define POLLWANT POLLWRNORM
143 #define POLLWANT POLLPRI
145 #endif /* USE_PROCFS */
153 usage: strace [-dffhiqrtttTvVxx] [-a column] [-e expr] ... [-o file]\n\
154 [-p pid] ... [-s strsize] [-u username] [-E var=val] ...\n\
155 [command [arg ...]]\n\
156 or: strace -c [-e expr] ... [-O overhead] [-S sortby] [-E var=val] ...\n\
157 [command [arg ...]]\n\
158 -c -- count time, calls, and errors for each syscall and report summary\n\
159 -f -- follow forks, -ff -- with output into separate files\n\
160 -F -- attempt to follow vforks, -h -- print help message\n\
161 -i -- print instruction pointer at time of syscall\n\
162 -q -- suppress messages about attaching, detaching, etc.\n\
163 -r -- print relative timestamp, -t -- absolute timestamp, -tt -- with usecs\n\
164 -T -- print time spent in each syscall, -V -- print version\n\
165 -v -- verbose mode: print unabbreviated argv, stat, termio[s], etc. args\n\
166 -x -- print non-ascii strings in hex, -xx -- print all strings in hex\n\
167 -a column -- alignment COLUMN for printing syscall results (default %d)\n\
168 -e expr -- a qualifying expression: option=[!]all or option=[!]val1[,val2]...\n\
169 options: trace, abbrev, verbose, raw, signal, read, or write\n\
170 -o file -- send trace output to FILE instead of stderr\n\
171 -O overhead -- set overhead for tracing syscalls to OVERHEAD usecs\n\
172 -p pid -- trace process with process id PID, may be repeated\n\
173 -s strsize -- limit length of print strings to STRSIZE chars (default %d)\n\
174 -S sortby -- sort syscall counts by: time, calls, name, nothing (default %s)\n\
175 -u username -- run command as username handling setuid and/or setgid\n\
176 -E var=val -- put var=val in the environment for command\n\
177 -E var -- remove var from the environment for command\n\
178 " /* this is broken, so don't document it
179 -z -- print only succeeding syscalls\n\
181 , DEFAULT_ACOLUMN, DEFAULT_STRLEN, DEFAULT_SORTBY);
195 set_cloexec_flag(int fd)
199 if ((flags = fcntl(fd, F_GETFD, 0)) < 0)
201 fprintf(stderr, "%s: fcntl F_GETFD: %s\n",
202 progname, strerror(errno));
206 newflags = flags | FD_CLOEXEC;
207 if (flags == newflags)
210 if (fcntl(fd, F_SETFD, newflags) < 0)
212 fprintf(stderr, "%s: fcntl F_SETFD: %s\n",
213 progname, strerror(errno));
221 * When strace is setuid executable, we have to swap uids
222 * before and after filesystem and process management operations.
228 int euid = geteuid(), uid = getuid();
230 if (euid != uid && setreuid(euid, uid) < 0)
232 fprintf(stderr, "%s: setreuid: %s\n",
233 progname, strerror(errno));
240 # define fopen_for_output fopen64
242 # define fopen_for_output fopen
246 strace_fopen(const char *path, const char *mode)
251 if ((fp = fopen_for_output(path, mode)) == NULL)
252 fprintf(stderr, "%s: can't fopen '%s': %s\n",
253 progname, path, strerror(errno));
255 if (fp && set_cloexec_flag(fileno(fp)) < 0)
263 static int popen_pid = -1;
266 # define _PATH_BSHELL "/bin/sh"
270 * We cannot use standard popen(3) here because we have to distinguish
271 * popen child process from other processes we trace, and standard popen(3)
272 * does not export its child's pid.
275 strace_popen(const char *command)
282 fprintf(stderr, "%s: pipe: %s\n",
283 progname, strerror(errno));
288 if (set_cloexec_flag(fds[1]) < 0)
296 if ((popen_pid = fork()) == -1)
298 fprintf(stderr, "%s: fork: %s\n",
299 progname, strerror(errno));
311 return fdopen(fds[1], "w");
316 if (fds[0] && (dup2(fds[0], 0) || close(fds[0])))
318 fprintf(stderr, "%s: dup2: %s\n",
319 progname, strerror(errno));
322 execl(_PATH_BSHELL, "sh", "-c", command, NULL);
323 fprintf(stderr, "%s: execl: %s: %s\n",
324 progname, _PATH_BSHELL, strerror(errno));
330 newoutf(struct tcb *tcp)
332 if (outfname && followfork > 1) {
333 char name[MAXPATHLEN];
336 sprintf(name, "%s.%u", outfname, tcp->pid);
337 if ((fp = strace_fopen(name, "w")) == NULL)
351 * Block user interruptions as we would leave the traced
352 * process stopped (process state T) if we would terminate in
353 * between PTRACE_ATTACH and wait4 () on SIGSTOP.
354 * We rely on cleanup () from this point on.
357 sigprocmask(SIG_BLOCK, &blocked_set, NULL);
359 for (tcbi = 0; tcbi < tcbtabsize; tcbi++) {
361 if (!(tcp->flags & TCB_INUSE) || !(tcp->flags & TCB_ATTACHED))
364 if (tcp->flags & TCB_CLONE_THREAD)
367 /* Reinitialize the output since it may have changed. */
369 if (newoutf(tcp) < 0)
373 if (proc_open(tcp, 1) < 0) {
374 fprintf(stderr, "trouble opening proc file\n");
378 #else /* !USE_PROCFS */
381 char procdir[MAXPATHLEN];
384 sprintf(procdir, "/proc/%d/task", tcp->pid);
385 dir = opendir(procdir);
387 unsigned int ntid = 0, nerr = 0;
390 while ((de = readdir(dir)) != NULL) {
391 if (de->d_fileno == 0 ||
392 de->d_name[0] == '.')
394 tid = atoi(de->d_name);
398 if (ptrace(PTRACE_ATTACH, tid,
401 else if (tid != tcbtab[tcbi]->pid) {
402 if (nprocs == tcbtabsize &&
409 tcp->flags |= TCB_ATTACHED|TCB_CLONE_THREAD|TCB_CLONE_DETACHED|TCB_FOLLOWFORK;
410 tcbtab[tcbi]->nchildren++;
411 tcbtab[tcbi]->nclone_threads++;
412 tcbtab[tcbi]->nclone_detached++;
413 tcp->parent = tcbtab[tcbi];
416 sigprocmask(SIG_SETMASK, &empty_set, NULL);
419 sigprocmask(SIG_BLOCK, &blocked_set, NULL);
424 perror("attach: ptrace(PTRACE_ATTACH, ...)");
432 Process %u attached with %u threads - interrupt to quit\n",
436 Process %u attached - interrupt to quit\n",
443 if (ptrace(PTRACE_ATTACH, tcp->pid, (char *) 1, 0) < 0) {
444 perror("attach: ptrace(PTRACE_ATTACH, ...)");
448 /* INTERRUPTED is going to be checked at the top of TRACE. */
449 #endif /* !USE_PROCFS */
452 "Process %u attached - interrupt to quit\n",
457 sigprocmask(SIG_SETMASK, &empty_set, NULL);
461 startup_child (char **argv)
464 const char *filename;
465 char pathname[MAXPATHLEN];
470 if (strchr(filename, '/')) {
471 if (strlen(filename) > sizeof pathname - 1) {
472 errno = ENAMETOOLONG;
473 perror("strace: exec");
476 strcpy(pathname, filename);
478 #ifdef USE_DEBUGGING_EXEC
480 * Debuggers customarily check the current directory
481 * first regardless of the path but doing that gives
482 * security geeks a panic attack.
484 else if (stat(filename, &statbuf) == 0)
485 strcpy(pathname, filename);
486 #endif /* USE_DEBUGGING_EXEC */
491 for (path = getenv("PATH"); path && *path; path += m) {
492 if (strchr(path, ':')) {
493 n = strchr(path, ':') - path;
497 m = n = strlen(path);
499 if (!getcwd(pathname, MAXPATHLEN))
501 len = strlen(pathname);
503 else if (n > sizeof pathname - 1)
506 strncpy(pathname, path, n);
509 if (len && pathname[len - 1] != '/')
510 pathname[len++] = '/';
511 strcpy(pathname + len, filename);
512 if (stat(pathname, &statbuf) == 0 &&
513 /* Accept only regular files
514 with some execute bits set.
515 XXX not perfect, might still fail */
516 S_ISREG(statbuf.st_mode) &&
517 (statbuf.st_mode & 0111))
521 if (stat(pathname, &statbuf) < 0) {
522 fprintf(stderr, "%s: %s: command not found\n",
526 switch (pid = fork()) {
528 perror("strace: fork");
534 if (outf != stderr) close (fileno (outf));
536 /* Kludge for SGI, see proc_open for details. */
537 sa.sa_handler = foobar;
539 sigemptyset(&sa.sa_mask);
540 sigaction(SIGINT, &sa, NULL);
545 kill(getpid(), SIGSTOP); /* stop HERE */
547 #else /* !USE_PROCFS */
549 close(fileno (outf));
551 if (ptrace(PTRACE_TRACEME, 0, (char *) 1, 0) < 0) {
552 perror("strace: ptrace(PTRACE_TRACEME, ...)");
556 kill(getpid(), SIGSTOP);
558 if (username != NULL || geteuid() == 0) {
559 uid_t run_euid = run_uid;
560 gid_t run_egid = run_gid;
562 if (statbuf.st_mode & S_ISUID)
563 run_euid = statbuf.st_uid;
564 if (statbuf.st_mode & S_ISGID)
565 run_egid = statbuf.st_gid;
568 * It is important to set groups before we
569 * lose privileges on setuid.
571 if (username != NULL) {
572 if (initgroups(username, run_gid) < 0) {
573 perror("initgroups");
576 if (setregid(run_gid, run_egid) < 0) {
580 if (setreuid(run_uid, run_euid) < 0) {
587 setreuid(run_uid, run_uid);
590 * Induce an immediate stop so that the parent
591 * will resume us with PTRACE_SYSCALL and display
592 * this execve call normally.
594 kill(getpid(), SIGSTOP);
595 #endif /* !USE_PROCFS */
597 execv(pathname, argv);
598 perror("strace: exec");
603 if ((tcp = alloctcb(pid)) == NULL) {
608 if (proc_open(tcp, 0) < 0) {
609 fprintf(stderr, "trouble opening proc file\n");
613 #endif /* USE_PROCFS */
619 main(int argc, char *argv[])
628 static char buf[BUFSIZ];
630 progname = argv[0] ? argv[0] : "strace";
632 /* Allocate the initial tcbtab. */
633 tcbtabsize = argc; /* Surely enough for all -p args. */
634 if ((tcbtab = calloc (tcbtabsize, sizeof tcbtab[0])) == NULL) {
635 fprintf(stderr, "%s: out of memory\n", progname);
638 if ((tcbtab[0] = calloc (tcbtabsize, sizeof tcbtab[0][0])) == NULL) {
639 fprintf(stderr, "%s: out of memory\n", progname);
642 for (tcp = tcbtab[0]; tcp < &tcbtab[0][tcbtabsize]; ++tcp)
643 tcbtab[tcp - tcbtab[0]] = &tcbtab[0][tcp - tcbtab[0]];
647 set_sortby(DEFAULT_SORTBY);
648 set_personality(DEFAULT_PERSONALITY);
649 qualify("trace=all");
650 qualify("abbrev=all");
651 qualify("verbose=all");
652 qualify("signal=all");
653 while ((c = getopt(argc, argv,
654 "+cdfFhiqrtTvVxza:e:o:O:p:s:S:u:E:")) != EOF) {
692 qualify("abbrev=none");
695 printf("%s -- version %s\n", PACKAGE_NAME, VERSION);
699 not_failing_only = 1;
702 acolumn = atoi(optarg);
708 outfname = strdup(optarg);
711 set_overhead(atoi(optarg));
714 if ((pid = atoi(optarg)) <= 0) {
715 fprintf(stderr, "%s: Invalid process id: %s\n",
719 if (pid == getpid()) {
720 fprintf(stderr, "%s: I'm sorry, I can't let you do that, Dave.\n", progname);
723 if ((tcp = alloc_tcb(pid, 0)) == NULL) {
724 fprintf(stderr, "%s: out of memory\n",
728 tcp->flags |= TCB_ATTACHED;
732 max_strlen = atoi(optarg);
733 if (max_strlen < 0) {
735 "%s: invalid -s argument: %s\n",
744 username = strdup(optarg);
747 if (putenv(optarg) < 0) {
748 fprintf(stderr, "%s: out of memory\n",
759 if ((optind == argc) == !pflag_seen)
765 if (followfork > 1 && cflag) {
767 "%s: -c and -ff are mutually exclusive options\n",
772 /* See if they want to run as another user. */
773 if (username != NULL) {
776 if (getuid() != 0 || geteuid() != 0) {
778 "%s: you must be root to use the -u option\n",
782 if ((pent = getpwnam(username)) == NULL) {
783 fprintf(stderr, "%s: cannot find user `%s'\n",
787 run_uid = pent->pw_uid;
788 run_gid = pent->pw_gid;
795 /* Check if they want to redirect the output. */
797 /* See if they want to pipe the output. */
798 if (outfname[0] == '|' || outfname[0] == '!') {
800 * We can't do the <outfname>.PID funny business
801 * when using popen, so prohibit it.
803 if (followfork > 1) {
805 %s: piping the output and -ff are mutually exclusive options\n",
810 if ((outf = strace_popen(outfname + 1)) == NULL)
813 else if (followfork <= 1 &&
814 (outf = strace_fopen(outfname, "w")) == NULL)
818 if (!outfname || outfname[0] == '|' || outfname[0] == '!')
819 setvbuf(outf, buf, _IOLBF, BUFSIZ);
820 if (outfname && optind < argc) {
824 /* Valid states here:
825 optind < argc pflag_seen outfname interactive
832 /* STARTUP_CHILD must be called before the signal handlers get
833 installed below as they are inherited into the spawned process.
834 Also we do not need to be protected by them as during interruption
835 in the STARTUP_CHILD mode we kill the spawned process anyway. */
837 startup_child(&argv[optind]);
839 sigemptyset(&empty_set);
840 sigemptyset(&blocked_set);
841 sa.sa_handler = SIG_IGN;
842 sigemptyset(&sa.sa_mask);
844 sigaction(SIGTTOU, &sa, NULL);
845 sigaction(SIGTTIN, &sa, NULL);
847 sigaddset(&blocked_set, SIGHUP);
848 sigaddset(&blocked_set, SIGINT);
849 sigaddset(&blocked_set, SIGQUIT);
850 sigaddset(&blocked_set, SIGPIPE);
851 sigaddset(&blocked_set, SIGTERM);
852 sa.sa_handler = interrupt;
854 /* POSIX signals on sunos4.1 are a little broken. */
855 sa.sa_flags = SA_INTERRUPT;
858 sigaction(SIGHUP, &sa, NULL);
859 sigaction(SIGINT, &sa, NULL);
860 sigaction(SIGQUIT, &sa, NULL);
861 sigaction(SIGPIPE, &sa, NULL);
862 sigaction(SIGTERM, &sa, NULL);
864 sa.sa_handler = reaper;
865 sigaction(SIGCHLD, &sa, NULL);
867 /* Make sure SIGCHLD has the default action so that waitpid
868 definitely works without losing track of children. The user
869 should not have given us a bogus state to inherit, but he might
870 have. Arguably we should detect SIG_IGN here and pass it on
871 to children, but probably noone really needs that. */
872 sa.sa_handler = SIG_DFL;
873 sigaction(SIGCHLD, &sa, NULL);
874 #endif /* USE_PROCFS */
888 /* Allocate some more TCBs and expand the table.
889 We don't want to relocate the TCBs because our
890 callers have pointers and it would be a pain.
891 So tcbtab is a table of pointers. Since we never
892 free the TCBs, we allocate a single chunk of many. */
893 struct tcb **newtab = (struct tcb **)
894 realloc(tcbtab, 2 * tcbtabsize * sizeof tcbtab[0]);
895 struct tcb *newtcbs = (struct tcb *) calloc(tcbtabsize,
898 if (newtab == NULL || newtcbs == NULL) {
901 fprintf(stderr, "%s: expand_tcbtab: out of memory\n",
905 for (i = tcbtabsize; i < 2 * tcbtabsize; ++i)
906 newtab[i] = &newtcbs[i - tcbtabsize];
915 alloc_tcb(int pid, int command_options_parsed)
920 for (i = 0; i < tcbtabsize; i++) {
922 if ((tcp->flags & TCB_INUSE) == 0) {
927 #ifdef TCB_CLONE_THREAD
928 tcp->nclone_threads = tcp->nclone_detached = 0;
929 tcp->nclone_waiting = 0;
931 tcp->flags = TCB_INUSE | TCB_STARTUP;
932 tcp->outf = outf; /* Initialise to current out file */
933 tcp->stime.tv_sec = 0;
934 tcp->stime.tv_usec = 0;
937 if (command_options_parsed)
942 fprintf(stderr, "%s: alloc_tcb: tcb table full\n", progname);
948 proc_open(tcp, attaching)
960 #ifndef HAVE_POLLABLE_PROCFS
964 #ifdef HAVE_MP_PROCFS
965 /* Open the process pseudo-files in /proc. */
966 sprintf(proc, "/proc/%d/ctl", tcp->pid);
967 if ((tcp->pfd = open(proc, O_WRONLY|O_EXCL)) < 0) {
968 perror("strace: open(\"/proc/...\", ...)");
971 if (set_cloexec_flag(tcp->pfd) < 0) {
974 sprintf(proc, "/proc/%d/status", tcp->pid);
975 if ((tcp->pfd_stat = open(proc, O_RDONLY|O_EXCL)) < 0) {
976 perror("strace: open(\"/proc/...\", ...)");
979 if (set_cloexec_flag(tcp->pfd_stat) < 0) {
982 sprintf(proc, "/proc/%d/as", tcp->pid);
983 if ((tcp->pfd_as = open(proc, O_RDONLY|O_EXCL)) < 0) {
984 perror("strace: open(\"/proc/...\", ...)");
987 if (set_cloexec_flag(tcp->pfd_as) < 0) {
991 /* Open the process pseudo-file in /proc. */
993 sprintf(proc, "/proc/%d", tcp->pid);
994 if ((tcp->pfd = open(proc, O_RDWR|O_EXCL)) < 0) {
996 sprintf(proc, "/proc/%d/mem", tcp->pid);
997 if ((tcp->pfd = open(proc, O_RDWR)) < 0) {
999 perror("strace: open(\"/proc/...\", ...)");
1002 if (set_cloexec_flag(tcp->pfd) < 0) {
1007 sprintf(proc, "/proc/%d/regs", tcp->pid);
1008 if ((tcp->pfd_reg = open(proc, O_RDONLY)) < 0) {
1009 perror("strace: open(\"/proc/.../regs\", ...)");
1013 sprintf(proc, "/proc/%d/status", tcp->pid);
1014 if ((tcp->pfd_status = open(proc, O_RDONLY)) < 0) {
1015 perror("strace: open(\"/proc/.../status\", ...)");
1019 tcp->pfd_status = -1;
1020 #endif /* FREEBSD */
1024 * Wait for the child to pause. Because of a race
1025 * condition we have to poll for the event.
1028 if (IOCTL_STATUS (tcp) < 0) {
1029 perror("strace: PIOCSTATUS");
1032 if (tcp->status.PR_FLAGS & PR_ASLEEP)
1037 /* Stop the process so that we own the stop. */
1038 if (IOCTL(tcp->pfd, PIOCSTOP, (char *)NULL) < 0) {
1039 perror("strace: PIOCSTOP");
1044 /* Set Run-on-Last-Close. */
1046 if (IOCTL(tcp->pfd, PIOCSET, &arg) < 0) {
1047 perror("PIOCSET PR_RLC");
1050 /* Set or Reset Inherit-on-Fork. */
1052 if (IOCTL(tcp->pfd, followfork ? PIOCSET : PIOCRESET, &arg) < 0) {
1053 perror("PIOC{SET,RESET} PR_FORK");
1056 #else /* !PIOCSET */
1058 if (ioctl(tcp->pfd, PIOCSRLC) < 0) {
1062 if (ioctl(tcp->pfd, followfork ? PIOCSFORK : PIOCRFORK) < 0) {
1063 perror("PIOC{S,R}FORK");
1067 /* just unset the PF_LINGER flag for the Run-on-Last-Close. */
1068 if (ioctl(tcp->pfd, PIOCGFL, &arg) < 0) {
1073 if (ioctl(tcp->pfd, PIOCSFL, arg) < 0) {
1077 #endif /* FREEBSD */
1078 #endif /* !PIOCSET */
1080 /* Enable all syscall entries we care about. */
1081 premptyset(&syscalls);
1082 for (i = 1; i < MAX_QUALS; ++i) {
1083 if (i > (sizeof syscalls) * CHAR_BIT) break;
1084 if (qual_flags [i] & QUAL_TRACE) praddset (&syscalls, i);
1086 praddset (&syscalls, SYS_execve);
1088 praddset (&syscalls, SYS_fork);
1090 praddset (&syscalls, SYS_forkall);
1093 praddset (&syscalls, SYS_fork1);
1096 praddset (&syscalls, SYS_rfork1);
1099 praddset (&syscalls, SYS_rforkall);
1102 if (IOCTL(tcp->pfd, PIOCSENTRY, &syscalls) < 0) {
1103 perror("PIOCSENTRY");
1106 /* Enable the syscall exits. */
1107 if (IOCTL(tcp->pfd, PIOCSEXIT, &syscalls) < 0) {
1111 /* Enable signals we care about. */
1112 premptyset(&signals);
1113 for (i = 1; i < MAX_QUALS; ++i) {
1114 if (i > (sizeof signals) * CHAR_BIT) break;
1115 if (qual_flags [i] & QUAL_SIGNAL) praddset (&signals, i);
1117 if (IOCTL(tcp->pfd, PIOCSTRACE, &signals) < 0) {
1118 perror("PIOCSTRACE");
1121 /* Enable faults we care about */
1122 premptyset(&faults);
1123 for (i = 1; i < MAX_QUALS; ++i) {
1124 if (i > (sizeof faults) * CHAR_BIT) break;
1125 if (qual_flags [i] & QUAL_FAULT) praddset (&faults, i);
1127 if (IOCTL(tcp->pfd, PIOCSFAULT, &faults) < 0) {
1128 perror("PIOCSFAULT");
1132 /* set events flags. */
1133 arg = S_SIG | S_SCE | S_SCX ;
1134 if(ioctl(tcp->pfd, PIOCBIS, arg) < 0) {
1138 #endif /* FREEBSD */
1142 * The SGI PRSABORT doesn't work for pause() so
1143 * we send it a caught signal to wake it up.
1145 kill(tcp->pid, SIGINT);
1148 /* The child is in a pause(), abort it. */
1150 if (IOCTL (tcp->pfd, PIOCRUN, &arg) < 0) {
1157 /* wake up the child if it received the SIGSTOP */
1158 kill(tcp->pid, SIGCONT);
1161 /* Wait for the child to do something. */
1162 if (IOCTL_WSTOP (tcp) < 0) {
1163 perror("PIOCWSTOP");
1166 if (tcp->status.PR_WHY == PR_SYSENTRY) {
1167 tcp->flags &= ~TCB_INSYSCALL;
1169 if (known_scno(tcp) == SYS_execve)
1172 /* Set it running: maybe execve will be next. */
1175 if (IOCTL(tcp->pfd, PIOCRUN, &arg) < 0) {
1177 if (IOCTL(tcp->pfd, PIOCRUN, 0) < 0) {
1178 #endif /* FREEBSD */
1183 /* handle the case where we "opened" the child before
1184 it did the kill -STOP */
1185 if (tcp->status.PR_WHY == PR_SIGNALLED &&
1186 tcp->status.PR_WHAT == SIGSTOP)
1187 kill(tcp->pid, SIGCONT);
1194 if (attaching < 2) {
1195 /* We are attaching to an already running process.
1196 * Try to figure out the state of the process in syscalls,
1197 * to handle the first event well.
1198 * This is done by having a look at the "wchan" property of the
1199 * process, which tells where it is stopped (if it is). */
1201 char wchan[20]; /* should be enough */
1203 sprintf(proc, "/proc/%d/status", tcp->pid);
1204 status = fopen(proc, "r");
1206 (fscanf(status, "%*s %*d %*d %*d %*d %*d,%*d %*s %*d,%*d"
1207 "%*d,%*d %*d,%*d %19s", wchan) == 1) &&
1208 strcmp(wchan, "nochan") && strcmp(wchan, "spread") &&
1209 strcmp(wchan, "stopevent")) {
1210 /* The process is asleep in the middle of a syscall.
1211 Fake the syscall entry event */
1212 tcp->flags &= ~(TCB_INSYSCALL|TCB_STARTUP);
1213 tcp->status.PR_WHY = PR_SYSENTRY;
1218 } /* otherwise it's a fork being followed */
1220 #endif /* FREEBSD */
1221 #ifndef HAVE_POLLABLE_PROCFS
1222 if (proc_poll_pipe[0] != -1)
1223 proc_poller(tcp->pfd);
1224 else if (nprocs > 1) {
1226 proc_poller(last_pfd);
1227 proc_poller(tcp->pfd);
1229 last_pfd = tcp->pfd;
1230 #endif /* !HAVE_POLLABLE_PROCFS */
1234 #endif /* USE_PROCFS */
1243 for (i = 0; i < tcbtabsize; i++) {
1245 if (pid && tcp->pid != pid)
1247 if (tcp->flags & TCB_INUSE)
1261 for (i = 0; i < tcbtabsize; i++) {
1262 struct tcb *tcp = tcbtab[i];
1263 if (tcp->pfd != pfd)
1265 if (tcp->flags & TCB_INUSE)
1271 #endif /* USE_PROCFS */
1279 #ifdef TCB_CLONE_THREAD
1280 if (tcp->nclone_threads > 0) {
1281 /* There are other threads left in this process, but this
1282 is the one whose PID represents the whole process.
1283 We need to keep this record around as a zombie until
1284 all the threads die. */
1285 tcp->flags |= TCB_EXITING;
1292 if (tcp->parent != NULL) {
1293 tcp->parent->nchildren--;
1294 #ifdef TCB_CLONE_THREAD
1295 if (tcp->flags & TCB_CLONE_DETACHED)
1296 tcp->parent->nclone_detached--;
1297 if (tcp->flags & TCB_CLONE_THREAD)
1298 tcp->parent->nclone_threads--;
1300 #ifdef TCB_CLONE_DETACHED
1301 if (!(tcp->flags & TCB_CLONE_DETACHED))
1303 tcp->parent->nzombies++;
1305 /* Update `tcp->parent->parent->nchildren' and the other fields
1306 like NCLONE_DETACHED, only for zombie group leader that has
1307 already reported and been short-circuited at the top of this
1308 function. The same condition as at the top of DETACH. */
1309 if ((tcp->flags & TCB_CLONE_THREAD) &&
1310 tcp->parent->nclone_threads == 0 &&
1311 (tcp->parent->flags & TCB_EXITING))
1312 droptcb(tcp->parent);
1318 if (tcp->pfd != -1) {
1322 if (tcp->pfd_reg != -1) {
1323 close(tcp->pfd_reg);
1326 if (tcp->pfd_status != -1) {
1327 close(tcp->pfd_status);
1328 tcp->pfd_status = -1;
1330 #endif /* !FREEBSD */
1332 rebuild_pollv(); /* Note, flags needs to be cleared by now. */
1336 if (outfname && followfork > 1 && tcp->outf)
1351 if (!(tcp->flags & TCB_SUSPENDED)) {
1352 fprintf(stderr, "PANIC: pid %u not suspended\n", tcp->pid);
1355 tcp->flags &= ~TCB_SUSPENDED;
1356 #ifdef TCB_CLONE_THREAD
1357 if (tcp->flags & TCB_CLONE_THREAD)
1358 tcp->parent->nclone_waiting--;
1361 if (ptrace(PTRACE_SYSCALL, tcp->pid, (char *) 1, 0) < 0) {
1362 perror("resume: ptrace(PTRACE_SYSCALL, ...)");
1367 fprintf(stderr, "Process %u resumed\n", tcp->pid);
1372 resume_from_tcp (struct tcb *tcp)
1377 /* XXX This won't always be quite right (but it never was).
1378 A waiter with argument 0 or < -1 is waiting for any pid in
1379 a particular pgrp, which this child might or might not be
1380 in. The waiter will only wake up if it's argument is -1
1381 or if it's waiting for tcp->pid's pgrp. It makes a
1382 difference to wake up a waiter when there might be more
1383 traced children, because it could get a false ECHILD
1384 error. OTOH, if this was the last child in the pgrp, then
1385 it ought to wake up and get ECHILD. We would have to
1386 search the system for all pid's in the pgrp to be sure.
1388 && (t->waitpid == -1 ||
1389 (t->waitpid == 0 && getpgid (tcp->pid) == getpgid (t->pid))
1390 || (t->waitpid < 0 && t->waitpid == -getpid (t->pid)))
1394 (tcp->parent->flags & TCB_SUSPENDED) &&
1395 (tcp->parent->waitpid <= 0 || tcp->parent->waitpid == tcp->pid)) {
1396 error = resume(tcp->parent);
1399 #ifdef TCB_CLONE_THREAD
1400 if (tcp->parent && tcp->parent->nclone_waiting > 0) {
1401 /* Some other threads of our parent are waiting too. */
1404 /* Resume all the threads that were waiting for this PID. */
1405 for (i = 0; i < tcbtabsize; i++) {
1406 struct tcb *t = tcbtab[i];
1407 if (t->parent == tcp->parent && t != tcp
1408 && ((t->flags & (TCB_CLONE_THREAD|TCB_SUSPENDED))
1409 == (TCB_CLONE_THREAD|TCB_SUSPENDED))
1410 && t->waitpid == tcp->pid) {
1411 error |= resume (t);
1416 /* Noone was waiting for this PID in particular,
1417 so now we might need to resume some wildcarders. */
1418 for (i = 0; i < tcbtabsize; i++) {
1419 struct tcb *t = tcbtab[i];
1420 if (t->parent == tcp->parent && t != tcp
1422 & (TCB_CLONE_THREAD|TCB_SUSPENDED))
1423 == (TCB_CLONE_THREAD|TCB_SUSPENDED))
1426 error |= resume (t);
1436 #endif /* !USE_PROCFS */
1438 /* detach traced process; continue with sig
1439 Never call DETACH twice on the same process as both unattached and
1440 attached-unstopped processes give the same ESRCH. For unattached process we
1441 would SIGSTOP it and wait for its SIGSTOP notification forever. */
1450 int status, catch_sigstop;
1451 struct tcb *zombie = NULL;
1453 /* If the group leader is lingering only because of this other
1454 thread now dying, then detach the leader as well. */
1455 if ((tcp->flags & TCB_CLONE_THREAD) &&
1456 tcp->parent->nclone_threads == 1 &&
1457 (tcp->parent->flags & TCB_EXITING))
1458 zombie = tcp->parent;
1461 if (tcp->flags & TCB_BPTSET)
1466 * Linux wrongly insists the child be stopped
1467 * before detaching. Arghh. We go through hoops
1468 * to make a clean break of things.
1471 #undef PTRACE_DETACH
1472 #define PTRACE_DETACH PTRACE_SUNDETACH
1475 * On TCB_STARTUP we did PTRACE_ATTACH but still did not get the
1476 * expected SIGSTOP. We must catch exactly one as otherwise the
1477 * detached process would be left stopped (process state T).
1479 catch_sigstop = (tcp->flags & TCB_STARTUP);
1480 if ((error = ptrace(PTRACE_DETACH, tcp->pid, (char *) 1, sig)) == 0) {
1481 /* On a clear day, you can see forever. */
1483 else if (errno != ESRCH) {
1484 /* Shouldn't happen. */
1485 perror("detach: ptrace(PTRACE_DETACH, ...)");
1487 else if (my_tgkill((tcp->flags & TCB_CLONE_THREAD ? tcp->parent->pid
1491 perror("detach: checking sanity");
1493 else if (!catch_sigstop && my_tgkill((tcp->flags & TCB_CLONE_THREAD
1494 ? tcp->parent->pid : tcp->pid),
1495 tcp->pid, SIGSTOP) < 0) {
1497 perror("detach: stopping child");
1504 if (wait4(tcp->pid, &status, __WALL, NULL) < 0) {
1505 if (errno == ECHILD) /* Already gone. */
1507 if (errno != EINVAL) {
1508 perror("detach: waiting");
1512 /* No __WALL here. */
1513 if (waitpid(tcp->pid, &status, 0) < 0) {
1514 if (errno != ECHILD) {
1515 perror("detach: waiting");
1519 /* If no processes, try clones. */
1520 if (wait4(tcp->pid, &status, __WCLONE,
1522 if (errno != ECHILD)
1523 perror("detach: waiting");
1526 #endif /* __WCLONE */
1531 if (!WIFSTOPPED(status)) {
1532 /* Au revoir, mon ami. */
1535 if (WSTOPSIG(status) == SIGSTOP) {
1536 if ((error = ptrace(PTRACE_DETACH,
1537 tcp->pid, (char *) 1, sig)) < 0) {
1539 perror("detach: ptrace(PTRACE_DETACH, ...)");
1540 /* I died trying. */
1544 if ((error = ptrace(PTRACE_CONT, tcp->pid, (char *) 1,
1545 WSTOPSIG(status) == SIGTRAP ?
1546 0 : WSTOPSIG(status))) < 0) {
1548 perror("detach: ptrace(PTRACE_CONT, ...)");
1555 /* PTRACE_DETACH won't respect `sig' argument, so we post it here. */
1556 if (sig && kill(tcp->pid, sig) < 0)
1557 perror("detach: kill");
1559 if ((error = ptrace(PTRACE_DETACH, tcp->pid, (char *) 1, sig)) < 0)
1560 perror("detach: ptrace(PTRACE_DETACH, ...)");
1564 error |= resume_from_tcp (tcp);
1568 fprintf(stderr, "Process %u detached\n", tcp->pid);
1573 if (zombie != NULL) {
1574 /* TCP no longer exists therefore you must not detach () it. */
1591 while ((pid = waitpid(-1, &status, WNOHANG)) > 0) {
1602 #endif /* USE_PROCFS */
1610 for (i = 0; i < tcbtabsize; i++) {
1612 if (!(tcp->flags & TCB_INUSE))
1616 "cleanup: looking at pid %u\n", tcp->pid);
1618 (!outfname || followfork < 2 || tcp_last == tcp)) {
1619 tprintf(" <unfinished ...>\n");
1622 if (tcp->flags & TCB_ATTACHED)
1625 kill(tcp->pid, SIGCONT);
1626 kill(tcp->pid, SIGTERM);
1640 #ifndef HAVE_STRERROR
1642 #if !HAVE_DECL_SYS_ERRLIST
1643 extern int sys_nerr;
1644 extern char *sys_errlist[];
1645 #endif /* HAVE_DECL_SYS_ERRLIST */
1651 static char buf[64];
1653 if (errno < 1 || errno >= sys_nerr) {
1654 sprintf(buf, "Unknown error %d", errno);
1657 return sys_errlist[errno];
1660 #endif /* HAVE_STERRROR */
1662 #ifndef HAVE_STRSIGNAL
1664 #if defined HAVE_SYS_SIGLIST && !defined HAVE_DECL_SYS_SIGLIST
1665 extern char *sys_siglist[];
1667 #if defined HAVE_SYS__SIGLIST && !defined HAVE_DECL__SYS_SIGLIST
1668 extern char *_sys_siglist[];
1675 static char buf[64];
1677 if (sig < 1 || sig >= NSIG) {
1678 sprintf(buf, "Unknown signal %d", sig);
1681 #ifdef HAVE__SYS_SIGLIST
1682 return _sys_siglist[sig];
1684 return sys_siglist[sig];
1688 #endif /* HAVE_STRSIGNAL */
1699 pollv = (struct pollfd *) malloc(nprocs * sizeof pollv[0]);
1700 if (pollv == NULL) {
1701 fprintf(stderr, "%s: out of memory\n", progname);
1705 for (i = j = 0; i < tcbtabsize; i++) {
1706 struct tcb *tcp = tcbtab[i];
1707 if (!(tcp->flags & TCB_INUSE))
1709 pollv[j].fd = tcp->pfd;
1710 pollv[j].events = POLLWANT;
1714 fprintf(stderr, "strace: proc miscount\n");
1719 #ifndef HAVE_POLLABLE_PROCFS
1726 if (pipe(proc_poll_pipe) < 0) {
1730 for (i = 0; i < 2; i++) {
1731 if (set_cloexec_flag(proc_poll_pipe[i]) < 0) {
1738 proc_poll(pollv, nfds, timeout)
1739 struct pollfd *pollv;
1745 struct proc_pollfd pollinfo;
1747 if ((n = read(proc_poll_pipe[0], &pollinfo, sizeof(pollinfo))) < 0)
1749 if (n != sizeof(struct proc_pollfd)) {
1750 fprintf(stderr, "panic: short read: %d\n", n);
1753 for (i = 0; i < nprocs; i++) {
1754 if (pollv[i].fd == pollinfo.fd)
1755 pollv[i].revents = pollinfo.revents;
1757 pollv[i].revents = 0;
1759 poller_pid = pollinfo.pid;
1773 struct proc_pollfd pollinfo;
1774 struct sigaction sa;
1775 sigset_t blocked_set, empty_set;
1780 struct procfs_status pfs;
1781 #endif /* FREEBSD */
1793 sa.sa_handler = interactive ? SIG_DFL : SIG_IGN;
1795 sigemptyset(&sa.sa_mask);
1796 sigaction(SIGHUP, &sa, NULL);
1797 sigaction(SIGINT, &sa, NULL);
1798 sigaction(SIGQUIT, &sa, NULL);
1799 sigaction(SIGPIPE, &sa, NULL);
1800 sigaction(SIGTERM, &sa, NULL);
1801 sa.sa_handler = wakeup_handler;
1802 sigaction(SIGUSR1, &sa, NULL);
1803 sigemptyset(&blocked_set);
1804 sigaddset(&blocked_set, SIGUSR1);
1805 sigprocmask(SIG_BLOCK, &blocked_set, NULL);
1806 sigemptyset(&empty_set);
1808 if (getrlimit(RLIMIT_NOFILE, &rl) < 0) {
1809 perror("getrlimit(RLIMIT_NOFILE, ...)");
1813 for (i = 0; i < n; i++) {
1814 if (i != pfd && i != proc_poll_pipe[1])
1819 pollinfo.pid = getpid();
1822 if (ioctl(pfd, PIOCWSTOP, NULL) < 0)
1824 if (ioctl(pfd, PIOCWSTOP, &pfs) < 0)
1825 #endif /* FREEBSD */
1831 pollinfo.revents = POLLERR;
1834 pollinfo.revents = POLLHUP;
1837 perror("proc_poller: PIOCWSTOP");
1839 write(proc_poll_pipe[1], &pollinfo, sizeof(pollinfo));
1842 pollinfo.revents = POLLWANT;
1843 write(proc_poll_pipe[1], &pollinfo, sizeof(pollinfo));
1844 sigsuspend(&empty_set);
1848 #endif /* !HAVE_POLLABLE_PROCFS */
1858 if (followfork < 2 &&
1859 last < nprocs && (pollv[last].revents & POLLWANT)) {
1861 * The previous process is ready to run again. We'll
1862 * let it do so if it is currently in a syscall. This
1863 * heuristic improves the readability of the trace.
1865 tcp = pfd2tcb(pollv[last].fd);
1866 if (tcp && (tcp->flags & TCB_INSYSCALL))
1867 return pollv[last].fd;
1870 for (i = 0; i < nprocs; i++) {
1871 /* Let competing children run round robin. */
1872 j = (i + last + 1) % nprocs;
1873 if (pollv[j].revents & (POLLHUP | POLLERR)) {
1874 tcp = pfd2tcb(pollv[j].fd);
1876 fprintf(stderr, "strace: lost proc\n");
1882 if (pollv[j].revents & POLLWANT) {
1887 fprintf(stderr, "strace: nothing ready\n");
1895 struct tcb *in_syscall = NULL;
1900 int ioctl_result = 0, ioctl_errno = 0;
1905 sigprocmask(SIG_SETMASK, &empty_set, NULL);
1912 #ifndef HAVE_POLLABLE_PROCFS
1913 if (proc_poll_pipe[0] == -1) {
1922 #ifndef HAVE_POLLABLE_PROCFS
1924 /* fall through ... */
1925 #endif /* !HAVE_POLLABLE_PROCFS */
1927 #ifdef HAVE_POLLABLE_PROCFS
1929 /* On some systems (e.g. UnixWare) we get too much ugly
1930 "unfinished..." stuff when multiple proceses are in
1931 syscalls. Here's a nasty hack */
1938 pv.events = POLLWANT;
1939 if ((what = poll (&pv, 1, 1)) < 0) {
1944 else if (what == 1 && pv.revents & POLLWANT) {
1950 if (poll(pollv, nprocs, INFTIM) < 0) {
1955 #else /* !HAVE_POLLABLE_PROCFS */
1956 if (proc_poll(pollv, nprocs, INFTIM) < 0) {
1961 #endif /* !HAVE_POLLABLE_PROCFS */
1968 /* Look up `pfd' in our table. */
1969 if ((tcp = pfd2tcb(pfd)) == NULL) {
1970 fprintf(stderr, "unknown pfd: %u\n", pfd);
1976 /* Get the status of the process. */
1979 ioctl_result = IOCTL_WSTOP (tcp);
1981 /* Thanks to some scheduling mystery, the first poller
1982 sometimes waits for the already processed end of fork
1983 event. Doing a non blocking poll here solves the problem. */
1984 if (proc_poll_pipe[0] != -1)
1985 ioctl_result = IOCTL_STATUS (tcp);
1987 ioctl_result = IOCTL_WSTOP (tcp);
1988 #endif /* FREEBSD */
1989 ioctl_errno = errno;
1990 #ifndef HAVE_POLLABLE_PROCFS
1991 if (proc_poll_pipe[0] != -1) {
1992 if (ioctl_result < 0)
1993 kill(poller_pid, SIGKILL);
1995 kill(poller_pid, SIGUSR1);
1997 #endif /* !HAVE_POLLABLE_PROCFS */
2003 sigprocmask(SIG_BLOCK, &blocked_set, NULL);
2005 if (ioctl_result < 0) {
2006 /* Find out what happened if it failed. */
2007 switch (ioctl_errno) {
2018 perror("PIOCWSTOP");
2024 if ((tcp->flags & TCB_STARTUP) && (tcp->status.PR_WHY == PR_SYSEXIT)) {
2025 /* discard first event for a syscall we never entered */
2026 IOCTL (tcp->pfd, PIOCRUN, 0);
2031 /* clear the just started flag */
2032 tcp->flags &= ~TCB_STARTUP;
2034 /* set current output file */
2038 struct timeval stime;
2043 if ((len = pread(tcp->pfd_status, buf, sizeof(buf) - 1, 0)) > 0) {
2046 "%*s %*d %*d %*d %*d %*d,%*d %*s %*d,%*d %*d,%*d %ld,%ld",
2047 &stime.tv_sec, &stime.tv_usec);
2049 stime.tv_sec = stime.tv_usec = 0;
2050 #else /* !FREEBSD */
2051 stime.tv_sec = tcp->status.pr_stime.tv_sec;
2052 stime.tv_usec = tcp->status.pr_stime.tv_nsec/1000;
2053 #endif /* !FREEBSD */
2054 tv_sub(&tcp->dtime, &stime, &tcp->stime);
2057 what = tcp->status.PR_WHAT;
2058 switch (tcp->status.PR_WHY) {
2061 if (tcp->status.PR_FLAGS & PR_ASLEEP) {
2062 tcp->status.PR_WHY = PR_SYSENTRY;
2063 if (trace_syscall(tcp) < 0) {
2064 fprintf(stderr, "syscall trouble\n");
2069 #endif /* !FREEBSD */
2075 if (trace_syscall(tcp) < 0) {
2076 fprintf(stderr, "syscall trouble\n");
2081 if (!cflag && (qual_flags[what] & QUAL_SIGNAL)) {
2083 tprintf("--- %s (%s) ---",
2084 signame(what), strsignal(what));
2087 if (tcp->status.PR_INFO.si_signo == what) {
2089 tprintf(" siginfo=");
2090 printsiginfo(&tcp->status.PR_INFO, 1);
2097 if (!cflag && (qual_flags[what] & QUAL_FAULT)) {
2099 tprintf("=== FAULT %d ===", what);
2104 case 0: /* handle case we polled for nothing */
2108 fprintf(stderr, "odd stop %d\n", tcp->status.PR_WHY);
2114 if (IOCTL (tcp->pfd, PIOCRUN, &arg) < 0) {
2116 if (IOCTL (tcp->pfd, PIOCRUN, 0) < 0) {
2125 #else /* !USE_PROCFS */
2127 #ifdef TCB_GROUP_EXITING
2128 /* Handle an exit detach or death signal that is taking all the
2129 related clone threads with it. This is called in three circumstances:
2130 SIG == -1 TCP has already died (TCB_ATTACHED is clear, strace is parent).
2131 SIG == 0 Continuing TCP will perform an exit_group syscall.
2132 SIG == other Continuing TCP with SIG will kill the process.
2135 handle_group_exit(struct tcb *tcp, int sig)
2137 /* We need to locate our records of all the clone threads
2138 related to TCP, either its children or siblings. */
2139 struct tcb *leader = ((tcp->flags & TCB_CLONE_THREAD)
2141 : tcp->nclone_detached > 0
2145 if (leader != NULL && leader != tcp &&
2146 !(leader->flags & TCB_GROUP_EXITING))
2148 "PANIC: handle_group_exit: %d leader %d\n",
2149 tcp->pid, leader ? leader->pid : -1);
2150 /* TCP no longer exists therefore you must not detach () it. */
2152 resume_from_tcp (tcp);
2154 droptcb(tcp); /* Already died. */
2157 /* Mark that we are taking the process down. */
2158 tcp->flags |= TCB_EXITING | TCB_GROUP_EXITING;
2159 if (tcp->flags & TCB_ATTACHED) {
2161 if (leader != NULL && leader != tcp)
2162 leader->flags |= TCB_GROUP_EXITING;
2164 else if (ptrace(PTRACE_CONT, tcp->pid, (char *) 1, sig) < 0) {
2165 perror("strace: ptrace(PTRACE_CONT, ...)");
2171 leader->flags |= TCB_GROUP_EXITING;
2172 if (leader != NULL && leader != tcp)
2174 /* The leader will report to us as parent now,
2175 and then we'll get to the SIG==-1 case. */
2194 static int wait4_options = __WALL;
2198 while (nprocs != 0) {
2202 sigprocmask(SIG_SETMASK, &empty_set, NULL);
2205 pid = wait4(-1, &status, wait4_options, cflag ? &ru : NULL);
2206 if (pid < 0 && (wait4_options & __WALL) && errno == EINVAL) {
2207 /* this kernel does not support __WALL */
2208 wait4_options &= ~__WALL;
2210 pid = wait4(-1, &status, wait4_options,
2211 cflag ? &ru : NULL);
2213 if (pid < 0 && !(wait4_options & __WALL) && errno == ECHILD) {
2214 /* most likely a "cloned" process */
2215 pid = wait4(-1, &status, __WCLONE,
2216 cflag ? &ru : NULL);
2218 fprintf(stderr, "strace: clone wait4 "
2219 "failed: %s\n", strerror(errno));
2223 pid = wait4(-1, &status, 0, cflag ? &ru : NULL);
2227 pid = wait(&status);
2231 sigprocmask(SIG_BLOCK, &blocked_set, NULL);
2234 switch (wait_errno) {
2239 * We would like to verify this case
2240 * but sometimes a race in Solbourne's
2241 * version of SunOS sometimes reports
2242 * ECHILD before sending us SIGCHILD.
2247 fprintf(stderr, "strace: proc miscount\n");
2253 perror("strace: wait");
2257 if (pid == popen_pid) {
2258 if (WIFEXITED(status) || WIFSIGNALED(status))
2263 fprintf(stderr, " [wait(%#x) = %u]\n", status, pid);
2265 /* Look up `pid' in our table. */
2266 if ((tcp = pid2tcb(pid)) == NULL) {
2269 /* This is needed to go with the CLONE_PTRACE
2270 changes in process.c/util.c: we might see
2271 the child's initial trap before we see the
2272 parent return from the clone syscall.
2273 Leave the child suspended until the parent
2274 returns from its system call. Only then
2275 will we have the association of parent and
2276 child so that we know how to do clearbpt
2278 if (nprocs == tcbtabsize &&
2282 tcp = alloctcb(pid);
2284 kill(pid, SIGKILL); /* XXX */
2287 tcp->flags |= TCB_ATTACHED | TCB_SUSPENDED;
2290 Process %d attached (waiting for parent)\n",
2294 /* This can happen if a clone call used
2295 CLONE_PTRACE itself. */
2298 fprintf(stderr, "unknown pid: %u\n", pid);
2299 if (WIFSTOPPED(status))
2300 ptrace(PTRACE_CONT, pid, (char *) 1, 0);
2304 /* set current output file */
2308 tv_sub(&tcp->dtime, &ru.ru_stime, &tcp->stime);
2309 tcp->stime = ru.ru_stime;
2313 if (tcp->flags & TCB_SUSPENDED) {
2315 * Apparently, doing any ptrace() call on a stopped
2316 * process, provokes the kernel to report the process
2317 * status again on a subsequent wait(), even if the
2318 * process has not been actually restarted.
2319 * Since we have inspected the arguments of suspended
2320 * processes we end up here testing for this case.
2324 if (WIFSIGNALED(status)) {
2326 && (qual_flags[WTERMSIG(status)] & QUAL_SIGNAL)) {
2328 tprintf("+++ killed by %s %s+++",
2329 signame(WTERMSIG(status)),
2331 WCOREDUMP(status) ? "(core dumped) " :
2336 #ifdef TCB_GROUP_EXITING
2337 handle_group_exit(tcp, -1);
2343 if (WIFEXITED(status)) {
2345 fprintf(stderr, "pid %u exited\n", pid);
2346 if ((tcp->flags & TCB_ATTACHED)
2347 #ifdef TCB_GROUP_EXITING
2348 && !(tcp->parent && (tcp->parent->flags &
2350 && !(tcp->flags & TCB_GROUP_EXITING)
2354 "PANIC: attached pid %u exited\n",
2356 if (tcp == tcp_last) {
2357 if ((tcp->flags & (TCB_INSYSCALL|TCB_REPRINT))
2359 tprintf(" <unfinished ... exit status %d>\n",
2360 WEXITSTATUS(status));
2363 #ifdef TCB_GROUP_EXITING
2364 handle_group_exit(tcp, -1);
2370 if (!WIFSTOPPED(status)) {
2371 fprintf(stderr, "PANIC: pid %u not stopped\n", pid);
2376 fprintf(stderr, "pid %u stopped, [%s]\n",
2377 pid, signame(WSTOPSIG(status)));
2380 * Interestingly, the process may stop
2381 * with STOPSIG equal to some other signal
2382 * than SIGSTOP if we happend to attach
2383 * just before the process takes a signal.
2385 if ((tcp->flags & TCB_STARTUP) && WSTOPSIG(status) == SIGSTOP) {
2387 * This flag is there to keep us in sync.
2388 * Next time this process stops it should
2389 * really be entering a system call.
2391 tcp->flags &= ~TCB_STARTUP;
2392 if (tcp->flags & TCB_BPTSET) {
2394 * One example is a breakpoint inherited from
2395 * parent through fork ().
2397 if (clearbpt(tcp) < 0) /* Pretty fatal */ {
2406 if (WSTOPSIG(status) != SIGTRAP) {
2407 if (WSTOPSIG(status) == SIGSTOP &&
2408 (tcp->flags & TCB_SIGTRAPPED)) {
2410 * Trapped attempt to block SIGTRAP
2411 * Hope we are back in control now.
2413 tcp->flags &= ~(TCB_INSYSCALL | TCB_SIGTRAPPED);
2414 if (ptrace(PTRACE_SYSCALL,
2415 pid, (char *) 1, 0) < 0) {
2416 perror("trace: ptrace(PTRACE_SYSCALL, ...)");
2423 && (qual_flags[WSTOPSIG(status)] & QUAL_SIGNAL)) {
2424 unsigned long addr = 0;
2426 #if defined(PT_CR_IPSR) && defined(PT_CR_IIP) && defined(PT_GETSIGINFO)
2431 upeek(pid, PT_CR_IPSR, &psr);
2432 upeek(pid, PT_CR_IIP, &pc);
2434 pc += (psr >> PSR_RI) & 0x3;
2435 ptrace(PT_GETSIGINFO, pid, 0, (long) &si);
2436 addr = (unsigned long) si.si_addr;
2437 #elif defined PTRACE_GETSIGINFO
2438 if (WSTOPSIG(status) == SIGSEGV ||
2439 WSTOPSIG(status) == SIGBUS) {
2441 if (ptrace(PTRACE_GETSIGINFO, pid,
2443 addr = (unsigned long)
2448 tprintf("--- %s (%s) @ %lx (%lx) ---",
2449 signame(WSTOPSIG(status)),
2450 strsignal(WSTOPSIG(status)), pc, addr);
2453 if (((tcp->flags & TCB_ATTACHED) ||
2454 tcp->nclone_threads > 0) &&
2455 !sigishandled(tcp, WSTOPSIG(status))) {
2456 #ifdef TCB_GROUP_EXITING
2457 handle_group_exit(tcp, WSTOPSIG(status));
2459 detach(tcp, WSTOPSIG(status));
2463 if (ptrace(PTRACE_SYSCALL, pid, (char *) 1,
2464 WSTOPSIG(status)) < 0) {
2465 perror("trace: ptrace(PTRACE_SYSCALL, ...)");
2469 tcp->flags &= ~TCB_SUSPENDED;
2472 /* we handled the STATUS, we are permitted to interrupt now. */
2475 if (trace_syscall(tcp) < 0) {
2476 if (tcp->flags & TCB_ATTACHED)
2480 tcp->pid, (char *) 1, SIGTERM);
2485 if (tcp->flags & TCB_EXITING) {
2486 #ifdef TCB_GROUP_EXITING
2487 if (tcp->flags & TCB_GROUP_EXITING) {
2488 if (handle_group_exit(tcp, 0) < 0)
2493 if (tcp->flags & TCB_ATTACHED)
2495 else if (ptrace(PTRACE_CONT, pid, (char *) 1, 0) < 0) {
2496 perror("strace: ptrace(PTRACE_CONT, ...)");
2502 if (tcp->flags & TCB_SUSPENDED) {
2504 fprintf(stderr, "Process %u suspended\n", pid);
2508 if (ptrace(PTRACE_SYSCALL, pid, (char *) 1, 0) < 0) {
2509 perror("trace: ptrace(PTRACE_SYSCALL, ...)");
2517 #endif /* !USE_PROCFS */
2523 #define VA_START(a, b) va_start(a, b)
2525 #include <varargs.h>
2526 #define VA_START(a, b) va_start(a)
2531 tprintf(const char *fmt, ...)
2533 tprintf(fmt, va_alist)
2540 VA_START(args, fmt);
2542 int n = vfprintf(outf, fmt, args);
2543 if (n < 0 && outf != stderr)
2544 perror(outfname == NULL
2545 ? "<writing to pipe>" : outfname);
2557 if (tcp_last && (!outfname || followfork < 2 || tcp_last == tcp)) {
2558 tcp_last->flags |= TCB_REPRINT;
2559 tprintf(" <unfinished ...>\n");
2562 if ((followfork == 1 || pflag_seen > 1) && outfname)
2563 tprintf("%-5d ", tcp->pid);
2564 else if (nprocs > 1 && !outfname)
2565 tprintf("[pid %5u] ", tcp->pid);
2567 char str[sizeof("HH:MM:SS")];
2568 struct timeval tv, dtv;
2569 static struct timeval otv;
2571 gettimeofday(&tv, NULL);
2573 if (otv.tv_sec == 0)
2575 tv_sub(&dtv, &tv, &otv);
2576 tprintf("%6ld.%06ld ",
2577 (long) dtv.tv_sec, (long) dtv.tv_usec);
2580 else if (tflag > 2) {
2581 tprintf("%ld.%06ld ",
2582 (long) tv.tv_sec, (long) tv.tv_usec);
2585 time_t local = tv.tv_sec;
2586 strftime(str, sizeof(str), "%T", localtime(&local));
2588 tprintf("%s.%06ld ", str, (long) tv.tv_usec);
2590 tprintf("%s ", str);
2602 tprintf("%*s", col - curcol, "");
2613 #ifdef HAVE_MP_PROCFS
2615 int mp_ioctl (int fd, int cmd, void *arg, int size) {
2617 struct iovec iov[2];
2620 iov[0].iov_base = &cmd;
2621 iov[0].iov_len = sizeof cmd;
2624 iov[1].iov_base = arg;
2625 iov[1].iov_len = size;
2628 return writev (fd, iov, n);
projects / strace / blob