2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl>
3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl>
4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com>
5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl>
6 * Copyright (c) 1999 IBM Deutschland Entwicklung GmbH, IBM Corporation
7 * Linux for s390 port by D.J. Barrow
8 * <barrow_dj@mail.yahoo.com,djbarrow@de.ibm.com>
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. The name of the author may not be used to endorse or promote products
20 * derived from this software without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
42 #include <sys/syscall.h>
43 #include <sys/param.h>
47 #ifndef PTRACE_PEEKUSR
48 # define PTRACE_PEEKUSR PTRACE_PEEKUSER
50 #elif defined(HAVE_LINUX_PTRACE_H)
52 # ifdef HAVE_STRUCT_IA64_FPREG
53 # define ia64_fpreg XXX_ia64_fpreg
55 # ifdef HAVE_STRUCT_PT_ALL_USER_REGS
56 # define pt_all_user_regs XXX_pt_all_user_regs
58 #include <linux/ptrace.h>
60 # undef pt_all_user_regs
63 #if defined (LINUX) && defined (SPARC64)
64 # undef PTRACE_GETREGS
65 # define PTRACE_GETREGS PTRACE_GETREGS64
66 # undef PTRACE_SETREGS
67 # define PTRACE_SETREGS PTRACE_SETREGS64
68 #endif /* LINUX && SPARC64 */
70 #if defined(LINUX) && defined(IA64)
71 # include <asm/ptrace_offsets.h>
75 #define NR_SYSCALL_BASE 0
78 #define ERESTARTSYS 512
80 #ifndef ERESTARTNOINTR
81 #define ERESTARTNOINTR 513
83 #ifndef ERESTARTNOHAND
84 #define ERESTARTNOHAND 514 /* restart if no handler.. */
87 #define ENOIOCTLCMD 515 /* No ioctl command */
89 #ifndef ERESTART_RESTARTBLOCK
90 #define ERESTART_RESTARTBLOCK 516 /* restart by calling sys_restart_syscall */
93 #warning: NSIG is not defined, using 32
97 /* Ugh. Is this really correct? ARM has no RT signals?! */
100 #undef NR_SYSCALL_BASE
101 #define NR_SYSCALL_BASE __NR_SYSCALL_BASE
107 /* Define these shorthand notations to simplify the syscallent files. */
108 #define TD TRACE_DESC
109 #define TF TRACE_FILE
111 #define TN TRACE_NETWORK
112 #define TP TRACE_PROCESS
113 #define TS TRACE_SIGNAL
114 #define NF SYSCALL_NEVER_FAILS
117 static const struct sysent sysent0[] = {
118 #include "syscallent.h"
121 #if SUPPORTED_PERSONALITIES >= 2
122 static const struct sysent sysent1[] = {
123 #include "syscallent1.h"
127 #if SUPPORTED_PERSONALITIES >= 3
128 static const struct sysent sysent2[] = {
129 #include "syscallent2.h"
133 /* Now undef them since short defines cause wicked namespace pollution. */
145 * `ioctlent.h' may be generated from `ioctlent.raw' by the auxiliary
146 * program `ioctlsort', such that the list is sorted by the `code' field.
147 * This has the side-effect of resolving the _IO.. macros into
148 * plain integers, eliminating the need to include here everything
153 static const char *const errnoent0[] = {
154 #include "errnoent.h"
156 static const char *const signalent0[] = {
157 #include "signalent.h"
159 static const struct ioctlent ioctlent0[] = {
160 #include "ioctlent.h"
162 enum { nsyscalls0 = ARRAY_SIZE(sysent0) };
163 enum { nerrnos0 = ARRAY_SIZE(errnoent0) };
164 enum { nsignals0 = ARRAY_SIZE(signalent0) };
165 enum { nioctlents0 = ARRAY_SIZE(ioctlent0) };
166 int qual_flags0[MAX_QUALS];
168 #if SUPPORTED_PERSONALITIES >= 2
169 static const char *const errnoent1[] = {
170 #include "errnoent1.h"
172 static const char *const signalent1[] = {
173 #include "signalent1.h"
175 static const struct ioctlent ioctlent1[] = {
176 #include "ioctlent1.h"
178 enum { nsyscalls1 = ARRAY_SIZE(sysent1) };
179 enum { nerrnos1 = ARRAY_SIZE(errnoent1) };
180 enum { nsignals1 = ARRAY_SIZE(signalent1) };
181 enum { nioctlents1 = ARRAY_SIZE(ioctlent1) };
182 int qual_flags1[MAX_QUALS];
185 #if SUPPORTED_PERSONALITIES >= 3
186 static const char *const errnoent2[] = {
187 #include "errnoent2.h"
189 static const char *const signalent2[] = {
190 #include "signalent2.h"
192 static const struct ioctlent ioctlent2[] = {
193 #include "ioctlent2.h"
195 enum { nsyscalls2 = ARRAY_SIZE(sysent2) };
196 enum { nerrnos2 = ARRAY_SIZE(errnoent2) };
197 enum { nsignals2 = ARRAY_SIZE(signalent2) };
198 enum { nioctlents2 = ARRAY_SIZE(ioctlent2) };
199 int qual_flags2[MAX_QUALS];
203 const struct sysent *sysent;
204 const char *const *errnoent;
205 const char *const *signalent;
206 const struct ioctlent *ioctlent;
213 int current_personality;
215 #ifndef PERSONALITY0_WORDSIZE
216 # define PERSONALITY0_WORDSIZE sizeof(long)
218 const int personality_wordsize[SUPPORTED_PERSONALITIES] = {
219 PERSONALITY0_WORDSIZE,
220 #if SUPPORTED_PERSONALITIES > 1
221 PERSONALITY1_WORDSIZE,
223 #if SUPPORTED_PERSONALITIES > 2
224 PERSONALITY2_WORDSIZE,
229 set_personality(int personality)
231 switch (personality) {
233 errnoent = errnoent0;
236 nsyscalls = nsyscalls0;
237 ioctlent = ioctlent0;
238 nioctlents = nioctlents0;
239 signalent = signalent0;
240 nsignals = nsignals0;
241 qual_flags = qual_flags0;
244 #if SUPPORTED_PERSONALITIES >= 2
246 errnoent = errnoent1;
249 nsyscalls = nsyscalls1;
250 ioctlent = ioctlent1;
251 nioctlents = nioctlents1;
252 signalent = signalent1;
253 nsignals = nsignals1;
254 qual_flags = qual_flags1;
258 #if SUPPORTED_PERSONALITIES >= 3
260 errnoent = errnoent2;
263 nsyscalls = nsyscalls2;
264 ioctlent = ioctlent2;
265 nioctlents = nioctlents2;
266 signalent = signalent2;
267 nsignals = nsignals2;
268 qual_flags = qual_flags2;
273 current_personality = personality;
276 #if SUPPORTED_PERSONALITIES > 1
278 update_personality(struct tcb *tcp, int personality)
280 if (personality == current_personality)
282 set_personality(personality);
284 if (personality == tcp->currpers)
286 tcp->currpers = personality;
288 #if defined(POWERPC64) || defined(X86_64)
290 static const char *const names[] = {"64 bit", "32 bit"};
291 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n",
292 tcp->pid, names[personality]);
298 static int qual_syscall(), qual_signal(), qual_fault(), qual_desc();
300 static const struct qual_options {
302 const char *option_name;
303 int (*qualify)(const char *, int, int);
304 const char *argument_name;
306 { QUAL_TRACE, "trace", qual_syscall, "system call" },
307 { QUAL_TRACE, "t", qual_syscall, "system call" },
308 { QUAL_ABBREV, "abbrev", qual_syscall, "system call" },
309 { QUAL_ABBREV, "a", qual_syscall, "system call" },
310 { QUAL_VERBOSE, "verbose", qual_syscall, "system call" },
311 { QUAL_VERBOSE, "v", qual_syscall, "system call" },
312 { QUAL_RAW, "raw", qual_syscall, "system call" },
313 { QUAL_RAW, "x", qual_syscall, "system call" },
314 { QUAL_SIGNAL, "signal", qual_signal, "signal" },
315 { QUAL_SIGNAL, "signals", qual_signal, "signal" },
316 { QUAL_SIGNAL, "s", qual_signal, "signal" },
317 { QUAL_FAULT, "fault", qual_fault, "fault" },
318 { QUAL_FAULT, "faults", qual_fault, "fault" },
319 { QUAL_FAULT, "m", qual_fault, "fault" },
320 { QUAL_READ, "read", qual_desc, "descriptor" },
321 { QUAL_READ, "reads", qual_desc, "descriptor" },
322 { QUAL_READ, "r", qual_desc, "descriptor" },
323 { QUAL_WRITE, "write", qual_desc, "descriptor" },
324 { QUAL_WRITE, "writes", qual_desc, "descriptor" },
325 { QUAL_WRITE, "w", qual_desc, "descriptor" },
326 { 0, NULL, NULL, NULL },
330 qualify_one(int n, int bitflag, int not, int pers)
332 if (pers == 0 || pers < 0) {
334 qual_flags0[n] &= ~bitflag;
336 qual_flags0[n] |= bitflag;
339 #if SUPPORTED_PERSONALITIES >= 2
340 if (pers == 1 || pers < 0) {
342 qual_flags1[n] &= ~bitflag;
344 qual_flags1[n] |= bitflag;
346 #endif /* SUPPORTED_PERSONALITIES >= 2 */
348 #if SUPPORTED_PERSONALITIES >= 3
349 if (pers == 2 || pers < 0) {
351 qual_flags2[n] &= ~bitflag;
353 qual_flags2[n] |= bitflag;
355 #endif /* SUPPORTED_PERSONALITIES >= 3 */
359 qual_syscall(const char *s, int bitflag, int not)
364 if (isdigit((unsigned char)*s)) {
366 if (i < 0 || i >= MAX_QUALS)
368 qualify_one(i, bitflag, not, -1);
371 for (i = 0; i < nsyscalls0; i++)
372 if (strcmp(s, sysent0[i].sys_name) == 0) {
373 qualify_one(i, bitflag, not, 0);
377 #if SUPPORTED_PERSONALITIES >= 2
378 for (i = 0; i < nsyscalls1; i++)
379 if (strcmp(s, sysent1[i].sys_name) == 0) {
380 qualify_one(i, bitflag, not, 1);
383 #endif /* SUPPORTED_PERSONALITIES >= 2 */
385 #if SUPPORTED_PERSONALITIES >= 3
386 for (i = 0; i < nsyscalls2; i++)
387 if (strcmp(s, sysent2[i].sys_name) == 0) {
388 qualify_one(i, bitflag, not, 2);
391 #endif /* SUPPORTED_PERSONALITIES >= 3 */
397 qual_signal(const char *s, int bitflag, int not)
402 if (isdigit((unsigned char)*s)) {
404 if (signo < 0 || signo >= MAX_QUALS)
406 qualify_one(signo, bitflag, not, -1);
409 if (strlen(s) >= sizeof buf)
413 if (strncasecmp(s, "SIG", 3) == 0)
415 for (i = 0; i <= NSIG; i++)
416 if (strcasecmp(s, signame(i) + 3) == 0) {
417 qualify_one(i, bitflag, not, -1);
424 qual_fault(const char *s, int bitflag, int not)
430 qual_desc(const char *s, int bitflag, int not)
432 if (isdigit((unsigned char)*s)) {
434 if (desc < 0 || desc >= MAX_QUALS)
436 qualify_one(desc, bitflag, not, -1);
443 lookup_class(const char *s)
445 if (strcmp(s, "file") == 0)
447 if (strcmp(s, "ipc") == 0)
449 if (strcmp(s, "network") == 0)
450 return TRACE_NETWORK;
451 if (strcmp(s, "process") == 0)
452 return TRACE_PROCESS;
453 if (strcmp(s, "signal") == 0)
455 if (strcmp(s, "desc") == 0)
461 qualify(const char *s)
463 const struct qual_options *opt;
469 opt = &qual_options[0];
470 for (i = 0; (p = qual_options[i].option_name); i++) {
472 if (strncmp(s, p, n) == 0 && s[n] == '=') {
473 opt = &qual_options[i];
483 if (strcmp(s, "none") == 0) {
487 if (strcmp(s, "all") == 0) {
488 for (i = 0; i < MAX_QUALS; i++) {
489 qualify_one(i, opt->bitflag, not, -1);
493 for (i = 0; i < MAX_QUALS; i++) {
494 qualify_one(i, opt->bitflag, !not, -1);
499 for (p = strtok(copy, ","); p; p = strtok(NULL, ",")) {
500 if (opt->bitflag == QUAL_TRACE && (n = lookup_class(p)) > 0) {
501 for (i = 0; i < nsyscalls0; i++)
502 if (sysent0[i].sys_flags & n)
503 qualify_one(i, opt->bitflag, not, 0);
505 #if SUPPORTED_PERSONALITIES >= 2
506 for (i = 0; i < nsyscalls1; i++)
507 if (sysent1[i].sys_flags & n)
508 qualify_one(i, opt->bitflag, not, 1);
509 #endif /* SUPPORTED_PERSONALITIES >= 2 */
511 #if SUPPORTED_PERSONALITIES >= 3
512 for (i = 0; i < nsyscalls2; i++)
513 if (sysent2[i].sys_flags & n)
514 qualify_one(i, opt->bitflag, not, 2);
515 #endif /* SUPPORTED_PERSONALITIES >= 3 */
519 if (opt->qualify(p, opt->bitflag, not)) {
520 fprintf(stderr, "strace: invalid %s `%s'\n",
521 opt->argument_name, p);
530 enum subcall_style { shift_style, deref_style, mask_style, door_style };
532 enum subcall_style { shift_style, deref_style, mask_style, door_style, table_style };
540 static const struct subcall subcalls_table[] = {
541 { SYS_shmsys, 5, { SYS_shmat, SYS_shmctl, SYS_shmdt, SYS_shmget, SYS_shmctl } },
543 { SYS_semsys, 4, { SYS___semctl, SYS_semget, SYS_semop, SYS_semconfig } },
545 { SYS_semsys, 3, { SYS___semctl, SYS_semget, SYS_semop } },
547 { SYS_msgsys, 4, { SYS_msgctl, SYS_msgget, SYS_msgsnd, SYS_msgrcv } },
551 #if !(defined(LINUX) && ( defined(ALPHA) || defined(MIPS) || defined(__ARM_EABI__) ))
554 decode_subcall(struct tcb *tcp, int subcall, int nsubcalls, enum subcall_style style)
556 unsigned long addr, mask;
558 int size = personality_wordsize[current_personality];
562 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= nsubcalls)
564 tcp->scno = subcall + tcp->u_arg[0];
565 tcp->u_nargs = n = sysent[tcp->scno].nargs;
566 for (i = 0; i < n; i++)
567 tcp->u_arg[i] = tcp->u_arg[i + 1];
570 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= nsubcalls)
572 tcp->scno = subcall + tcp->u_arg[0];
573 addr = tcp->u_arg[1];
574 tcp->u_nargs = n = sysent[tcp->scno].nargs;
575 for (i = 0; i < n; i++) {
576 if (size == sizeof(int)) {
578 if (umove(tcp, addr, &arg) < 0)
582 else if (size == sizeof(long)) {
584 if (umove(tcp, addr, &arg) < 0)
594 mask = (tcp->u_arg[0] >> 8) & 0xff;
595 for (i = 0; mask; i++)
599 tcp->u_arg[0] &= 0xff;
600 tcp->scno = subcall + i;
601 tcp->u_nargs = sysent[tcp->scno].nargs;
605 * Oh, yuck. The call code is the *sixth* argument.
606 * (don't you mean the *last* argument? - JH)
608 if (tcp->u_arg[5] < 0 || tcp->u_arg[5] >= nsubcalls)
610 tcp->scno = subcall + tcp->u_arg[5];
611 tcp->u_nargs = sysent[tcp->scno].nargs;
615 for (i = 0; i < ARRAY_SIZE(subcalls_table); i++)
616 if (subcalls_table[i].call == tcp->scno) break;
617 if (i < ARRAY_SIZE(subcalls_table) &&
618 tcp->u_arg[0] >= 0 && tcp->u_arg[0] < subcalls_table[i].nsubcalls) {
619 tcp->scno = subcalls_table[i].subcalls[tcp->u_arg[0]];
620 for (i = 0; i < tcp->u_nargs; i++)
621 tcp->u_arg[i] = tcp->u_arg[i + 1];
630 printargs(struct tcb *tcp)
635 for (i = 0; i < tcp->u_nargs; i++)
636 tprintf("%s%#lx", i ? ", " : "", tcp->u_arg[i]);
642 getrval2(struct tcb *tcp)
647 #if defined (SPARC) || defined (SPARC64)
649 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
651 val = regs.u_regs[U_REG_O1];
653 if (upeek(tcp, 4*(REG_REG0+1), &val) < 0)
656 if (upeek(tcp, PT_R9, &val) < 0)
662 if (upeek(tcp, uoff(u_rval2), &val) < 0)
668 val = tcp->status.PR_REG[R_O1];
671 val = tcp->status.PR_REG[EDX];
674 val = tcp->status.PR_REG[RDX];
677 val = tcp->status.PR_REG[CTX_V1];
683 pread(tcp->pfd_reg, ®s, sizeof(regs), 0);
691 * Apparently, indirect system calls have already be converted by ptrace(2),
692 * so if you see "indir" this program has gone astray.
695 sys_indir(struct tcb *tcp)
701 scno = tcp->u_arg[0];
702 if (!SCNO_IN_RANGE(scno)) {
703 fprintf(stderr, "Bogus syscall: %ld\n", scno);
706 nargs = sysent[scno].nargs;
707 tprints(sysent[scno].sys_name);
708 for (i = 0; i < nargs; i++)
709 tprintf(", %#lx", tcp->u_arg[i+1]);
716 is_restart_error(struct tcb *tcp)
721 switch (tcp->u_error) {
725 case ERESTART_RESTARTBLOCK:
734 struct tcb *tcp_last = NULL;
738 struct pt_regs i386_regs;
739 # elif defined(X86_64)
741 * On 32 bits, pt_regs and user_regs_struct are the same,
742 * but on 64 bits, user_regs_struct has six more fields:
743 * fs_base, gs_base, ds, es, fs, gs.
744 * PTRACE_GETREGS fills them too, so struct pt_regs would overflow.
746 static struct user_regs_struct x86_64_regs;
747 # elif defined (IA64)
748 long r8, r10, psr; /* TODO: make static? */
749 long ia32 = 0; /* not static */
750 # elif defined (POWERPC)
752 # elif defined (M68K)
757 static struct pt_regs regs;
758 # elif defined (ALPHA)
761 # elif defined(AVR32)
762 static struct pt_regs regs;
763 # elif defined (SPARC) || defined (SPARC64)
764 static struct pt_regs regs;
765 static unsigned long trap;
766 # elif defined(LINUX_MIPSN32)
772 # elif defined(S390) || defined(S390X)
775 static long syscall_mode;
782 # elif defined(CRISV10) || defined(CRISV32)
784 # elif defined(MICROBLAZE)
789 struct reg regs; /* TODO: make static? */
793 * 0: "ignore this ptrace stop", bail out of trace_syscall() silently.
794 * 1: ok, continue in trace_syscall().
795 * other: error, trace_syscall() should print error indicator
796 * ("????" etc) and bail out.
802 get_scno(struct tcb *tcp)
807 # if defined(S390) || defined(S390X)
808 if (upeek(tcp, PT_GPR2, &syscall_mode) < 0)
811 if (syscall_mode != -ENOSYS) {
813 * Since kernel version 2.5.44 the scno gets passed in gpr2.
818 * Old style of "passing" the scno via the SVC instruction.
820 long opcode, offset_reg, tmp;
822 static const int gpr_offset[16] = {
823 PT_GPR0, PT_GPR1, PT_ORIGGPR2, PT_GPR3,
824 PT_GPR4, PT_GPR5, PT_GPR6, PT_GPR7,
825 PT_GPR8, PT_GPR9, PT_GPR10, PT_GPR11,
826 PT_GPR12, PT_GPR13, PT_GPR14, PT_GPR15
829 if (upeek(tcp, PT_PSWADDR, &pc) < 0)
832 opcode = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)(pc-sizeof(long)), 0);
834 perror("peektext(pc-oneword)");
839 * We have to check if the SVC got executed directly or via an
840 * EXECUTE instruction. In case of EXECUTE it is necessary to do
841 * instruction decoding to derive the system call number.
842 * Unfortunately the opcode sizes of EXECUTE and SVC are differently,
843 * so that this doesn't work if a SVC opcode is part of an EXECUTE
844 * opcode. Since there is no way to find out the opcode size this
845 * is the best we can do...
847 if ((opcode & 0xff00) == 0x0a00) {
849 scno = opcode & 0xff;
852 /* SVC got executed by EXECUTE instruction */
855 * Do instruction decoding of EXECUTE. If you really want to
856 * understand this, read the Principles of Operations.
858 svc_addr = (void *) (opcode & 0xfff);
861 offset_reg = (opcode & 0x000f0000) >> 16;
862 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
867 offset_reg = (opcode & 0x0000f000) >> 12;
868 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
872 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, svc_addr, 0);
881 offset_reg = (opcode & 0x00f00000) >> 20;
882 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
885 scno = (scno | tmp) & 0xff;
888 # elif defined (POWERPC)
889 if (upeek(tcp, sizeof(unsigned long)*PT_R0, &scno) < 0)
892 /* TODO: speed up strace by not doing this at every syscall.
893 * We only need to do it after execve.
899 /* Check for 64/32 bit mode. */
900 if (upeek(tcp, sizeof(unsigned long)*PT_MSR, &val) < 0)
902 /* SF is bit 0 of MSR */
907 update_personality(tcp, currpers);
909 # elif defined(AVR32)
910 /* Read complete register set in one go. */
911 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, ®s) < 0)
915 if (upeek(tcp, PT_ORIG_P0, &scno))
917 # elif defined (I386)
918 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &i386_regs) < 0)
920 scno = i386_regs.orig_eax;
921 # elif defined (X86_64)
923 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &x86_64_regs) < 0)
925 scno = x86_64_regs.orig_rax;
927 /* Check CS register value. On x86-64 linux it is:
928 * 0x33 for long mode (64 bit)
929 * 0x23 for compatibility mode (32 bit)
931 switch (x86_64_regs.cs) {
932 case 0x23: currpers = 1; break;
933 case 0x33: currpers = 0; break;
935 fprintf(stderr, "Unknown value CS=0x%08X while "
936 "detecting personality of process "
937 "PID=%d\n", (int)x86_64_regs.cs, tcp->pid);
938 currpers = current_personality;
942 /* This version analyzes the opcode of a syscall instruction.
943 * (int 0x80 on i386 vs. syscall on x86-64)
944 * It works, but is too complicated.
946 unsigned long val, rip, i;
948 rip = x86_64_regs.rip;
950 /* sizeof(syscall) == sizeof(int 0x80) == 2 */
954 call = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)rip, (char *)0);
956 fprintf(stderr, "ptrace_peektext failed: %s\n",
958 switch (call & 0xffff) {
959 /* x86-64: syscall = 0x0f 0x05 */
960 case 0x050f: currpers = 0; break;
961 /* i386: int 0x80 = 0xcd 0x80 */
962 case 0x80cd: currpers = 1; break;
964 currpers = current_personality;
966 "Unknown syscall opcode (0x%04X) while "
967 "detecting personality of process "
968 "PID=%d\n", (int)call, tcp->pid);
972 update_personality(tcp, currpers);
974 # define IA64_PSR_IS ((long)1 << 34)
975 if (upeek(tcp, PT_CR_IPSR, &psr) >= 0)
976 ia32 = (psr & IA64_PSR_IS) != 0;
978 if (upeek(tcp, PT_R1, &scno) < 0)
981 if (upeek(tcp, PT_R15, &scno) < 0)
985 /* Read complete register set in one go. */
986 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (void *)®s) == -1)
990 * We only need to grab the syscall number on syscall entry.
992 if (regs.ARM_ip == 0) {
994 * Note: we only deal with only 32-bit CPUs here.
996 if (regs.ARM_cpsr & 0x20) {
998 * Get the Thumb-mode system call number
1003 * Get the ARM-mode system call number
1006 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, (void *)(regs.ARM_pc - 4), NULL);
1010 /* Handle the EABI syscall convention. We do not
1011 bother converting structures between the two
1012 ABIs, but basic functionality should work even
1013 if strace and the traced program have different
1015 if (scno == 0xef000000) {
1018 if ((scno & 0x0ff00000) != 0x0f900000) {
1019 fprintf(stderr, "syscall: unknown syscall trap 0x%08lx\n",
1025 * Fixup the syscall number
1030 if (scno & 0x0f0000) {
1032 * Handle ARM specific syscall
1034 update_personality(tcp, 1);
1037 update_personality(tcp, 0);
1040 fprintf(stderr, "pid %d stray syscall entry\n", tcp->pid);
1041 tcp->flags |= TCB_INSYSCALL;
1043 # elif defined (M68K)
1044 if (upeek(tcp, 4*PT_ORIG_D0, &scno) < 0)
1046 # elif defined (LINUX_MIPSN32)
1047 unsigned long long regs[38];
1049 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1055 if (!SCNO_IN_RANGE(scno)) {
1056 if (a3 == 0 || a3 == -1) {
1058 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno);
1062 # elif defined (MIPS)
1063 if (upeek(tcp, REG_A3, &a3) < 0)
1065 if (upeek(tcp, REG_V0, &scno) < 0)
1068 if (!SCNO_IN_RANGE(scno)) {
1069 if (a3 == 0 || a3 == -1) {
1071 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno);
1075 # elif defined (ALPHA)
1076 if (upeek(tcp, REG_A3, &a3) < 0)
1078 if (upeek(tcp, REG_R0, &scno) < 0)
1082 * Do some sanity checks to figure out if it's
1083 * really a syscall entry
1085 if (!SCNO_IN_RANGE(scno)) {
1086 if (a3 == 0 || a3 == -1) {
1088 fprintf(stderr, "stray syscall exit: r0 = %ld\n", scno);
1092 # elif defined (SPARC) || defined (SPARC64)
1093 /* Everything we need is in the current register set. */
1094 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
1097 /* Disassemble the syscall trap. */
1098 /* Retrieve the syscall trap instruction. */
1100 # if defined(SPARC64)
1101 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)regs.tpc, 0);
1104 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)regs.pc, 0);
1109 /* Disassemble the trap to see what personality to use. */
1112 /* Linux/SPARC syscall trap. */
1113 update_personality(tcp, 0);
1116 /* Linux/SPARC64 syscall trap. */
1117 update_personality(tcp, 2);
1120 /* SunOS syscall trap. (pers 1) */
1121 fprintf(stderr, "syscall: SunOS no support\n");
1124 /* Solaris 2.x syscall trap. (per 2) */
1125 update_personality(tcp, 1);
1128 /* NetBSD/FreeBSD syscall trap. */
1129 fprintf(stderr, "syscall: NetBSD/FreeBSD not supported\n");
1132 /* Solaris 2.x gettimeofday */
1133 update_personality(tcp, 1);
1136 # if defined (SPARC64)
1137 fprintf(stderr, "syscall: unknown syscall trap %08lx %016lx\n", trap, regs.tpc);
1139 fprintf(stderr, "syscall: unknown syscall trap %08lx %08lx\n", trap, regs.pc);
1144 /* Extract the system call number from the registers. */
1145 if (trap == 0x91d02027)
1148 scno = regs.u_regs[U_REG_G1];
1150 scno = regs.u_regs[U_REG_O0];
1151 memmove(®s.u_regs[U_REG_O0], ®s.u_regs[U_REG_O1], 7*sizeof(regs.u_regs[0]));
1153 # elif defined(HPPA)
1154 if (upeek(tcp, PT_GR20, &scno) < 0)
1158 * In the new syscall ABI, the system call number is in R3.
1160 if (upeek(tcp, 4*(REG_REG0+3), &scno) < 0)
1164 /* Odd as it may seem, a glibc bug has been known to cause
1165 glibc to issue bogus negative syscall numbers. So for
1166 our purposes, make strace print what it *should* have been */
1167 long correct_scno = (scno & 0xff);
1170 "Detected glibc bug: bogus system call"
1171 " number = %ld, correcting to %ld\n",
1174 scno = correct_scno;
1176 # elif defined(SH64)
1177 if (upeek(tcp, REG_SYSCALL, &scno) < 0)
1180 # elif defined(CRISV10) || defined(CRISV32)
1181 if (upeek(tcp, 4*PT_R9, &scno) < 0)
1183 # elif defined(TILE)
1184 if (upeek(tcp, PTREGS_OFFSET_REG(10), &scno) < 0)
1186 # elif defined(MICROBLAZE)
1187 if (upeek(tcp, 0, &scno) < 0)
1193 if (upeek(tcp, uoff(u_arg[7]), &scno) < 0)
1196 /* new syscall ABI returns result in R0 */
1197 if (upeek(tcp, 4*REG_REG0, (long *)&r0) < 0)
1200 /* ABI defines result returned in r9 */
1201 if (upeek(tcp, REG_GENERAL(9), (long *)&r9) < 0)
1206 # ifdef HAVE_PR_SYSCALL
1207 scno = tcp->status.PR_SYSCALL;
1210 scno = tcp->status.PR_WHAT;
1212 if (pread(tcp->pfd_reg, ®s, sizeof(regs), 0) < 0) {
1216 switch (regs.r_eax) {
1219 pread(tcp->pfd, &scno, sizeof(scno), regs.r_esp + sizeof(int));
1225 # endif /* FREEBSD */
1226 # endif /* !HAVE_PR_SYSCALL */
1227 #endif /* USE_PROCFS */
1234 known_scno(struct tcb *tcp)
1236 long scno = tcp->scno;
1237 #if SUPPORTED_PERSONALITIES > 1
1238 if (SCNO_IN_RANGE(scno) && sysent[scno].native_scno != 0)
1239 scno = sysent[scno].native_scno;
1242 scno += NR_SYSCALL_BASE;
1246 /* Called at each syscall entry.
1248 * 0: "ignore this ptrace stop", bail out of trace_syscall() silently.
1249 * 1: ok, continue in trace_syscall().
1250 * other: error, trace_syscall() should print error indicator
1251 * ("????" etc) and bail out.
1254 syscall_fixup_on_sysenter(struct tcb *tcp)
1257 int scno = known_scno(tcp);
1259 if (tcp->status.PR_WHY != PR_SYSENTRY) {
1263 || scno == SYS_vfork
1266 || scno == SYS_fork1
1269 || scno == SYS_forkall
1272 || scno == SYS_rfork1
1275 || scno == SYS_rforkall
1278 /* We are returning in the child, fake it. */
1279 tcp->status.PR_WHY = PR_SYSENTRY;
1281 tcp->status.PR_WHY = PR_SYSEXIT;
1284 fprintf(stderr, "syscall: missing entry\n");
1285 tcp->flags |= TCB_INSYSCALL;
1288 #endif /* USE_PROCFS */
1292 fprintf(stderr, "syscall: missing entry\n");
1293 tcp->flags |= TCB_INSYSCALL;
1298 /* A common case of "not a syscall entry" is post-execve SIGTRAP */
1300 if (i386_regs.eax != -ENOSYS) {
1302 fprintf(stderr, "not a syscall entry (eax = %ld)\n", i386_regs.eax);
1305 #elif defined (X86_64)
1307 long rax = x86_64_regs.rax;
1308 if (current_personality == 1)
1309 rax = (int)rax; /* sign extend from 32 bits */
1310 if (rax != -ENOSYS) {
1312 fprintf(stderr, "not a syscall entry (rax = %ld)\n", rax);
1316 #elif defined (S390) || defined (S390X)
1317 /* TODO: we already fetched PT_GPR2 in get_scno
1318 * and stored it in syscall_mode, reuse it here
1319 * instead of re-fetching?
1321 if (upeek(tcp, PT_GPR2, &gpr2) < 0)
1323 if (syscall_mode != -ENOSYS)
1324 syscall_mode = tcp->scno;
1325 if (gpr2 != syscall_mode) {
1327 fprintf(stderr, "not a syscall entry (gpr2 = %ld)\n", gpr2);
1330 #elif defined (M68K)
1331 /* TODO? Eliminate upeek's in arches below like we did in x86 */
1332 if (upeek(tcp, 4*PT_D0, &d0) < 0)
1334 if (d0 != -ENOSYS) {
1336 fprintf(stderr, "not a syscall entry (d0 = %ld)\n", d0);
1340 if (upeek(tcp, PT_R10, &r10) < 0)
1342 if (upeek(tcp, PT_R8, &r8) < 0)
1344 if (ia32 && r8 != -ENOSYS) {
1346 fprintf(stderr, "not a syscall entry (r8 = %ld)\n", r8);
1349 #elif defined(CRISV10) || defined(CRISV32)
1350 if (upeek(tcp, 4*PT_R10, &r10) < 0)
1352 if (r10 != -ENOSYS) {
1354 fprintf(stderr, "not a syscall entry (r10 = %ld)\n", r10);
1357 #elif defined(MICROBLAZE)
1358 if (upeek(tcp, 3 * 4, &r3) < 0)
1360 if (r3 != -ENOSYS) {
1362 fprintf(stderr, "not a syscall entry (r3 = %ld)\n", r3);
1371 internal_syscall(struct tcb *tcp)
1374 * We must always trace a few critical system calls in order to
1375 * correctly support following forks in the presence of tracing
1380 if (!SCNO_IN_RANGE(tcp->scno))
1383 func = sysent[tcp->scno].sys_func;
1385 if ( sys_fork == func
1386 #if defined(FREEBSD) || defined(LINUX) || defined(SUNOS4)
1387 || sys_vfork == func
1390 || sys_clone == func
1393 || sys_rfork == func
1396 return internal_fork(tcp);
1398 #if defined SUNOS4 || (defined LINUX && defined TCB_WAITEXECVE)
1399 if ( sys_execve == func
1400 # if defined(SPARC) || defined(SPARC64) || defined(SUNOS4)
1401 || sys_execv == func
1404 || sys_rexecve == func
1407 return internal_exec(tcp);
1414 syscall_enter(struct tcb *tcp)
1419 if (SCNO_IN_RANGE(tcp->scno))
1420 nargs = tcp->u_nargs = sysent[tcp->scno].nargs;
1422 nargs = tcp->u_nargs = MAX_ARGS;
1424 # if defined(S390) || defined(S390X)
1425 for (i = 0; i < nargs; ++i)
1426 if (upeek(tcp, i==0 ? PT_ORIGGPR2 : PT_GPR2 + i*sizeof(long), &tcp->u_arg[i]) < 0)
1428 # elif defined(ALPHA)
1429 for (i = 0; i < nargs; ++i)
1430 if (upeek(tcp, REG_A0+i, &tcp->u_arg[i]) < 0)
1432 # elif defined(IA64)
1434 unsigned long *out0, cfm, sof, sol;
1436 /* be backwards compatible with kernel < 2.4.4... */
1438 # define PT_RBS_END PT_AR_BSP
1441 if (upeek(tcp, PT_RBS_END, &rbs_end) < 0)
1443 if (upeek(tcp, PT_CFM, (long *) &cfm) < 0)
1446 sof = (cfm >> 0) & 0x7f;
1447 sol = (cfm >> 7) & 0x7f;
1448 out0 = ia64_rse_skip_regs((unsigned long *) rbs_end, -sof + sol);
1450 for (i = 0; i < nargs; ++i) {
1451 if (umoven(tcp, (unsigned long) ia64_rse_skip_regs(out0, i),
1452 sizeof(long), (char *) &tcp->u_arg[i]) < 0)
1456 static const int argreg[MAX_ARGS] = { PT_R11 /* EBX = out0 */,
1457 PT_R9 /* ECX = out1 */,
1458 PT_R10 /* EDX = out2 */,
1459 PT_R14 /* ESI = out3 */,
1460 PT_R15 /* EDI = out4 */,
1461 PT_R13 /* EBP = out5 */};
1463 for (i = 0; i < nargs; ++i) {
1464 if (upeek(tcp, argreg[i], &tcp->u_arg[i]) < 0)
1466 /* truncate away IVE sign-extension */
1467 tcp->u_arg[i] &= 0xffffffff;
1470 # elif defined(LINUX_MIPSN32) || defined(LINUX_MIPSN64)
1471 /* N32 and N64 both use up to six registers. */
1472 unsigned long long regs[38];
1474 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1477 for (i = 0; i < nargs; ++i) {
1478 tcp->u_arg[i] = regs[REG_A0 + i];
1479 # if defined(LINUX_MIPSN32)
1480 tcp->ext_arg[i] = regs[REG_A0 + i];
1483 # elif defined(MIPS)
1487 if (upeek(tcp, REG_SP, &sp) < 0)
1489 for (i = 0; i < 4; ++i)
1490 if (upeek(tcp, REG_A0 + i, &tcp->u_arg[i]) < 0)
1492 umoven(tcp, sp + 16, (nargs - 4) * sizeof(tcp->u_arg[0]),
1493 (char *)(tcp->u_arg + 4));
1495 for (i = 0; i < nargs; ++i)
1496 if (upeek(tcp, REG_A0 + i, &tcp->u_arg[i]) < 0)
1499 # elif defined(POWERPC)
1501 # define PT_ORIG_R3 34
1503 for (i = 0; i < nargs; ++i) {
1504 if (upeek(tcp, (i==0) ?
1505 (sizeof(unsigned long) * PT_ORIG_R3) :
1506 ((i+PT_R3) * sizeof(unsigned long)),
1507 &tcp->u_arg[i]) < 0)
1510 # elif defined(SPARC) || defined(SPARC64)
1511 for (i = 0; i < nargs; ++i)
1512 tcp->u_arg[i] = regs.u_regs[U_REG_O0 + i];
1513 # elif defined(HPPA)
1514 for (i = 0; i < nargs; ++i)
1515 if (upeek(tcp, PT_GR26-4*i, &tcp->u_arg[i]) < 0)
1518 for (i = 0; i < nargs; ++i)
1519 tcp->u_arg[i] = regs.uregs[i];
1520 # elif defined(AVR32)
1523 tcp->u_arg[0] = regs.r12;
1524 tcp->u_arg[1] = regs.r11;
1525 tcp->u_arg[2] = regs.r10;
1526 tcp->u_arg[3] = regs.r9;
1527 tcp->u_arg[4] = regs.r5;
1528 tcp->u_arg[5] = regs.r3;
1529 # elif defined(BFIN)
1530 static const int argreg[MAX_ARGS] = { PT_R0, PT_R1, PT_R2, PT_R3, PT_R4, PT_R5 };
1532 for (i = 0; i < nargs; ++i)
1533 if (upeek(tcp, argreg[i], &tcp->u_arg[i]) < 0)
1536 static const int syscall_regs[MAX_ARGS] = {
1537 4 * (REG_REG0+4), 4 * (REG_REG0+5), 4 * (REG_REG0+6),
1538 4 * (REG_REG0+7), 4 * (REG_REG0 ), 4 * (REG_REG0+1)
1541 for (i = 0; i < nargs; ++i)
1542 if (upeek(tcp, syscall_regs[i], &tcp->u_arg[i]) < 0)
1544 # elif defined(SH64)
1546 /* Registers used by SH5 Linux system calls for parameters */
1547 static const int syscall_regs[MAX_ARGS] = { 2, 3, 4, 5, 6, 7 };
1549 for (i = 0; i < nargs; ++i)
1550 if (upeek(tcp, REG_GENERAL(syscall_regs[i]), &tcp->u_arg[i]) < 0)
1552 # elif defined(X86_64)
1555 if (current_personality == 0) { /* x86-64 ABI */
1556 tcp->u_arg[0] = x86_64_regs.rdi;
1557 tcp->u_arg[1] = x86_64_regs.rsi;
1558 tcp->u_arg[2] = x86_64_regs.rdx;
1559 tcp->u_arg[3] = x86_64_regs.r10;
1560 tcp->u_arg[4] = x86_64_regs.r8;
1561 tcp->u_arg[5] = x86_64_regs.r9;
1562 } else { /* i386 ABI */
1563 /* Sign-extend lower 32 bits */
1564 tcp->u_arg[0] = (long)(int)x86_64_regs.rbx;
1565 tcp->u_arg[1] = (long)(int)x86_64_regs.rcx;
1566 tcp->u_arg[2] = (long)(int)x86_64_regs.rdx;
1567 tcp->u_arg[3] = (long)(int)x86_64_regs.rsi;
1568 tcp->u_arg[4] = (long)(int)x86_64_regs.rdi;
1569 tcp->u_arg[5] = (long)(int)x86_64_regs.rbp;
1571 # elif defined(MICROBLAZE)
1572 for (i = 0; i < nargs; ++i)
1573 if (upeek(tcp, (5 + i) * 4, &tcp->u_arg[i]) < 0)
1575 # elif defined(CRISV10) || defined(CRISV32)
1576 static const int crisregs[MAX_ARGS] = {
1577 4*PT_ORIG_R10, 4*PT_R11, 4*PT_R12,
1578 4*PT_R13 , 4*PT_MOF, 4*PT_SRP
1581 for (i = 0; i < nargs; ++i)
1582 if (upeek(tcp, crisregs[i], &tcp->u_arg[i]) < 0)
1584 # elif defined(TILE)
1585 for (i = 0; i < nargs; ++i)
1586 if (upeek(tcp, PTREGS_OFFSET_REG(i), &tcp->u_arg[i]) < 0)
1588 # elif defined(M68K)
1589 for (i = 0; i < nargs; ++i)
1590 if (upeek(tcp, (i < 5 ? i : i + 2)*4, &tcp->u_arg[i]) < 0)
1592 # elif defined(I386)
1595 tcp->u_arg[0] = i386_regs.ebx;
1596 tcp->u_arg[1] = i386_regs.ecx;
1597 tcp->u_arg[2] = i386_regs.edx;
1598 tcp->u_arg[3] = i386_regs.esi;
1599 tcp->u_arg[4] = i386_regs.edi;
1600 tcp->u_arg[5] = i386_regs.ebp;
1601 # else /* Other architecture (32bits specific) */
1602 for (i = 0; i < nargs; ++i)
1603 if (upeek(tcp, i*4, &tcp->u_arg[i]) < 0)
1609 if (SCNO_IN_RANGE(tcp->scno))
1610 nargs = tcp->u_nargs = sysent[tcp->scno].nargs;
1612 nargs = tcp->u_nargs = MAX_ARGS;
1613 for (i = 0; i < nargs; i++) {
1616 if (upeek(tcp, uoff(u_arg[0]) +
1617 (i * sizeof(u->u_arg[0])), &tcp->u_arg[i]) < 0)
1624 * SGI is broken: even though it has pr_sysarg, it doesn't
1625 * set them on system call entry. Get a clue.
1627 if (SCNO_IN_RANGE(tcp->scno))
1628 tcp->u_nargs = sysent[tcp->scno].nargs;
1630 tcp->u_nargs = tcp->status.pr_nsysarg;
1631 if (tcp->u_nargs > 4) {
1632 memcpy(tcp->u_arg, &tcp->status.pr_reg[CTX_A0],
1633 4 * sizeof(tcp->u_arg[0]));
1634 umoven(tcp, tcp->status.pr_reg[CTX_SP] + 16,
1635 (tcp->u_nargs - 4) * sizeof(tcp->u_arg[0]), (char *) (tcp->u_arg + 4));
1638 memcpy(tcp->u_arg, &tcp->status.pr_reg[CTX_A0],
1639 tcp->u_nargs * sizeof(tcp->u_arg[0]));
1641 # elif UNIXWARE >= 2
1643 * Like SGI, UnixWare doesn't set pr_sysarg until system call exit
1645 if (SCNO_IN_RANGE(tcp->scno))
1646 tcp->u_nargs = sysent[tcp->scno].nargs;
1648 tcp->u_nargs = tcp->status.pr_lwp.pr_nsysarg;
1649 umoven(tcp, tcp->status.PR_REG[UESP] + 4,
1650 tcp->u_nargs * sizeof(tcp->u_arg[0]), (char *) tcp->u_arg);
1651 # elif defined(HAVE_PR_SYSCALL)
1653 if (SCNO_IN_RANGE(tcp->scno))
1654 tcp->u_nargs = sysent[tcp->scno].nargs;
1656 tcp->u_nargs = tcp->status.pr_nsysarg;
1657 for (i = 0; i < tcp->u_nargs; i++)
1658 tcp->u_arg[i] = tcp->status.pr_sysarg[i];
1659 # elif defined(I386)
1660 if (SCNO_IN_RANGE(tcp->scno))
1661 tcp->u_nargs = sysent[tcp->scno].nargs;
1664 if (tcp->u_nargs > 0)
1665 umoven(tcp, tcp->status.PR_REG[UESP] + 4,
1666 tcp->u_nargs * sizeof(tcp->u_arg[0]), (char *) tcp->u_arg);
1668 I DONT KNOW WHAT TO DO
1672 if (SCNO_IN_RANGE(tcp->scno) &&
1673 sysent[tcp->scno].nargs > tcp->status.val)
1674 tcp->u_nargs = sysent[tcp->scno].nargs;
1676 tcp->u_nargs = tcp->status.val;
1677 if (tcp->u_nargs < 0)
1679 if (tcp->u_nargs > MAX_ARGS)
1680 tcp->u_nargs = MAX_ARGS;
1681 switch (regs.r_eax) {
1683 pread(tcp->pfd, &tcp->u_arg, tcp->u_nargs * sizeof(unsigned long),
1684 regs.r_esp + sizeof(int) + sizeof(quad_t));
1687 pread(tcp->pfd, &tcp->u_arg, tcp->u_nargs * sizeof(unsigned long),
1688 regs.r_esp + 2 * sizeof(int));
1691 pread(tcp->pfd, &tcp->u_arg, tcp->u_nargs * sizeof(unsigned long),
1692 regs.r_esp + sizeof(int));
1695 #endif /* FREEBSD */
1700 trace_syscall_entering(struct tcb *tcp)
1704 #if defined TCB_WAITEXECVE
1705 if (tcp->flags & TCB_WAITEXECVE) {
1706 /* This is the post-execve SIGTRAP. */
1707 tcp->flags &= ~TCB_WAITEXECVE;
1712 scno_good = res = get_scno(tcp);
1716 res = syscall_fixup_on_sysenter(tcp);
1720 res = syscall_enter(tcp);
1726 tcp->flags &= ~TCB_REPRINT;
1729 tprintf("????" /* anti-trigraph gap */ "(");
1730 else if (!SCNO_IN_RANGE(tcp->scno))
1731 tprintf("syscall_%lu(", tcp->scno);
1733 tprintf("%s(", sysent[tcp->scno].sys_name);
1735 * " <unavailable>" will be added later by the code which
1736 * detects ptrace errors.
1741 switch (known_scno(tcp)) {
1742 #ifdef SYS_socket_subcall
1743 case SYS_socketcall:
1744 decode_subcall(tcp, SYS_socket_subcall,
1745 SYS_socket_nsubcalls, deref_style);
1748 #ifdef SYS_ipc_subcall
1750 decode_subcall(tcp, SYS_ipc_subcall,
1751 SYS_ipc_nsubcalls, shift_style);
1755 #ifdef SYS_pgrpsys_subcall
1757 decode_subcall(tcp, SYS_pgrpsys_subcall,
1758 SYS_pgrpsys_nsubcalls, shift_style);
1760 #endif /* SYS_pgrpsys_subcall */
1761 #ifdef SYS_sigcall_subcall
1763 decode_subcall(tcp, SYS_sigcall_subcall,
1764 SYS_sigcall_nsubcalls, mask_style);
1766 #endif /* SYS_sigcall_subcall */
1768 decode_subcall(tcp, SYS_msgsys_subcall,
1769 SYS_msgsys_nsubcalls, shift_style);
1772 decode_subcall(tcp, SYS_shmsys_subcall,
1773 SYS_shmsys_nsubcalls, shift_style);
1776 decode_subcall(tcp, SYS_semsys_subcall,
1777 SYS_semsys_nsubcalls, shift_style);
1780 decode_subcall(tcp, SYS_sysfs_subcall,
1781 SYS_sysfs_nsubcalls, shift_style);
1784 decode_subcall(tcp, SYS_spcall_subcall,
1785 SYS_spcall_nsubcalls, shift_style);
1787 #ifdef SYS_context_subcall
1789 decode_subcall(tcp, SYS_context_subcall,
1790 SYS_context_nsubcalls, shift_style);
1792 #endif /* SYS_context_subcall */
1793 #ifdef SYS_door_subcall
1795 decode_subcall(tcp, SYS_door_subcall,
1796 SYS_door_nsubcalls, door_style);
1798 #endif /* SYS_door_subcall */
1799 #ifdef SYS_kaio_subcall
1801 decode_subcall(tcp, SYS_kaio_subcall,
1802 SYS_kaio_nsubcalls, shift_style);
1810 decode_subcall(tcp, 0, 0, table_style);
1815 decode_subcall(tcp, SYS_semsys_subcall,
1816 SYS_semsys_nsubcalls, shift_style);
1819 decode_subcall(tcp, SYS_msgsys_subcall,
1820 SYS_msgsys_nsubcalls, shift_style);
1823 decode_subcall(tcp, SYS_shmsys_subcall,
1824 SYS_shmsys_nsubcalls, shift_style);
1829 internal_syscall(tcp);
1831 if ((SCNO_IN_RANGE(tcp->scno) &&
1832 !(qual_flags[tcp->scno] & QUAL_TRACE)) ||
1833 (tracing_paths && !pathtrace_match(tcp))) {
1834 tcp->flags |= TCB_INSYSCALL | TCB_FILTERED;
1838 tcp->flags &= ~TCB_FILTERED;
1840 if (cflag == CFLAG_ONLY_STATS) {
1846 tcp->flags &= ~TCB_REPRINT;
1848 if (!SCNO_IN_RANGE(tcp->scno))
1849 tprintf("syscall_%lu(", tcp->scno);
1851 tprintf("%s(", sysent[tcp->scno].sys_name);
1852 if (!SCNO_IN_RANGE(tcp->scno) ||
1853 ((qual_flags[tcp->scno] & QUAL_RAW) &&
1854 sysent[tcp->scno].sys_func != sys_exit))
1855 res = printargs(tcp);
1857 res = (*sysent[tcp->scno].sys_func)(tcp);
1859 if (fflush(tcp->outf) == EOF)
1862 tcp->flags |= TCB_INSYSCALL;
1863 /* Measure the entrance time as late as possible to avoid errors. */
1865 gettimeofday(&tcp->etime, NULL);
1870 * 0: "ignore this ptrace stop", bail out of trace_syscall() silently.
1871 * 1: ok, continue in trace_syscall().
1872 * other: error, trace_syscall() should print error indicator
1873 * ("????" etc) and bail out.
1876 get_syscall_result(struct tcb *tcp)
1879 # if defined(S390) || defined(S390X)
1880 if (upeek(tcp, PT_GPR2, &gpr2) < 0)
1882 # elif defined (POWERPC)
1883 # define SO_MASK 0x10000000
1886 if (upeek(tcp, sizeof(unsigned long)*PT_CCR, &flags) < 0)
1888 if (upeek(tcp, sizeof(unsigned long)*PT_R3, &result) < 0)
1890 if (flags & SO_MASK)
1893 # elif defined(AVR32)
1894 /* Read complete register set in one go. */
1895 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, ®s) < 0)
1897 # elif defined(BFIN)
1898 if (upeek(tcp, PT_R0, &r0) < 0)
1900 # elif defined (I386)
1901 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &i386_regs) < 0)
1903 # elif defined (X86_64)
1904 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &x86_64_regs) < 0)
1906 # elif defined(IA64)
1907 # define IA64_PSR_IS ((long)1 << 34)
1908 if (upeek(tcp, PT_CR_IPSR, &psr) >= 0)
1909 ia32 = (psr & IA64_PSR_IS) != 0;
1910 if (upeek(tcp, PT_R8, &r8) < 0)
1912 if (upeek(tcp, PT_R10, &r10) < 0)
1914 # elif defined (ARM)
1915 /* Read complete register set in one go. */
1916 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (void *)®s) == -1)
1918 # elif defined (M68K)
1919 if (upeek(tcp, 4*PT_D0, &d0) < 0)
1921 # elif defined (LINUX_MIPSN32)
1922 unsigned long long regs[38];
1924 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1928 # elif defined (MIPS)
1929 if (upeek(tcp, REG_A3, &a3) < 0)
1931 if (upeek(tcp, REG_V0, &r2) < 0)
1933 # elif defined (ALPHA)
1934 if (upeek(tcp, REG_A3, &a3) < 0)
1936 if (upeek(tcp, REG_R0, &r0) < 0)
1938 # elif defined (SPARC) || defined (SPARC64)
1939 /* Everything we need is in the current register set. */
1940 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
1942 # elif defined(HPPA)
1943 if (upeek(tcp, PT_GR28, &r28) < 0)
1946 # elif defined(SH64)
1947 # elif defined(CRISV10) || defined(CRISV32)
1948 if (upeek(tcp, 4*PT_R10, &r10) < 0)
1950 # elif defined(TILE)
1951 # elif defined(MICROBLAZE)
1952 if (upeek(tcp, 3 * 4, &r3) < 0)
1959 /* new syscall ABI returns result in R0 */
1960 if (upeek(tcp, 4*REG_REG0, (long *)&r0) < 0)
1963 /* ABI defines result returned in r9 */
1964 if (upeek(tcp, REG_GENERAL(9), (long *)&r9) < 0)
1969 # ifndef HAVE_PR_SYSCALL
1971 if (pread(tcp->pfd_reg, ®s, sizeof(regs), 0) < 0) {
1975 # endif /* FREEBSD */
1976 # endif /* !HAVE_PR_SYSCALL */
1977 #endif /* USE_PROCFS */
1982 /* Called at each syscall exit.
1984 * 0: "ignore this ptrace stop", bail out of trace_syscall() silently.
1985 * 1: ok, continue in trace_syscall().
1986 * other: error, trace_syscall() should print error indicator
1987 * ("????" etc) and bail out.
1990 syscall_fixup_on_sysexit(struct tcb *tcp)
1993 if (tcp->status.PR_WHY != PR_SYSEXIT) {
1994 fprintf(stderr, "syscall: missing exit\n");
1995 tcp->flags &= ~TCB_INSYSCALL;
1997 #endif /* USE_PROCFS */
2001 int scno = known_scno(tcp);
2005 * This happens when a signal handler
2006 * for a signal which interrupted a
2007 * a system call makes another system call.
2009 fprintf(stderr, "syscall: missing exit\n");
2011 tcp->flags &= ~TCB_INSYSCALL;
2017 # if defined (S390) || defined (S390X)
2018 if (syscall_mode != -ENOSYS)
2019 syscall_mode = tcp->scno;
2020 if ((tcp->flags & TCB_WAITEXECVE)
2021 && (gpr2 == -ENOSYS || gpr2 == tcp->scno)) {
2023 * Return from execve.
2024 * Fake a return value of zero. We leave the TCB_WAITEXECVE
2025 * flag set for the post-execve SIGTRAP to see and reset.
2036 * Check the syscall return value register value for whether it is
2037 * a negated errno code indicating an error, or a success return value.
2040 is_negated_errno(unsigned long int val)
2042 unsigned long int max = -(long int) nerrnos;
2043 # if SUPPORTED_PERSONALITIES > 1
2044 if (personality_wordsize[current_personality] < sizeof(val)) {
2045 val = (unsigned int) val;
2046 max = (unsigned int) max;
2054 get_error(struct tcb *tcp)
2058 int check_errno = 1;
2059 if (SCNO_IN_RANGE(tcp->scno) &&
2060 sysent[tcp->scno].sys_flags & SYSCALL_NEVER_FAILS) {
2063 # if defined(S390) || defined(S390X)
2064 if (check_errno && is_negated_errno(gpr2)) {
2071 # elif defined(I386)
2072 if (check_errno && is_negated_errno(i386_regs.eax)) {
2074 u_error = -i386_regs.eax;
2077 tcp->u_rval = i386_regs.eax;
2079 # elif defined(X86_64)
2080 if (check_errno && is_negated_errno(x86_64_regs.rax)) {
2082 u_error = -x86_64_regs.rax;
2085 tcp->u_rval = x86_64_regs.rax;
2087 # elif defined(IA64)
2092 if (check_errno && is_negated_errno(err)) {
2100 if (check_errno && r10) {
2107 # elif defined(MIPS)
2108 if (check_errno && a3) {
2114 # elif defined(POWERPC)
2115 if (check_errno && is_negated_errno(result)) {
2120 tcp->u_rval = result;
2122 # elif defined(M68K)
2123 if (check_errno && is_negated_errno(d0)) {
2131 if (check_errno && is_negated_errno(regs.ARM_r0)) {
2133 u_error = -regs.ARM_r0;
2136 tcp->u_rval = regs.ARM_r0;
2138 # elif defined(AVR32)
2139 if (check_errno && regs.r12 && (unsigned) -regs.r12 < nerrnos) {
2141 u_error = -regs.r12;
2144 tcp->u_rval = regs.r12;
2146 # elif defined(BFIN)
2147 if (check_errno && is_negated_errno(r0)) {
2153 # elif defined(ALPHA)
2154 if (check_errno && a3) {
2161 # elif defined(SPARC)
2162 if (check_errno && regs.psr & PSR_C) {
2164 u_error = regs.u_regs[U_REG_O0];
2167 tcp->u_rval = regs.u_regs[U_REG_O0];
2169 # elif defined(SPARC64)
2170 if (check_errno && regs.tstate & 0x1100000000UL) {
2172 u_error = regs.u_regs[U_REG_O0];
2175 tcp->u_rval = regs.u_regs[U_REG_O0];
2177 # elif defined(HPPA)
2178 if (check_errno && is_negated_errno(r28)) {
2186 if (check_errno && is_negated_errno(r0)) {
2193 # elif defined(SH64)
2194 if (check_errno && is_negated_errno(r9)) {
2201 # elif defined(CRISV10) || defined(CRISV32)
2202 if (check_errno && r10 && (unsigned) -r10 < nerrnos) {
2209 # elif defined(TILE)
2211 if (upeek(tcp, PTREGS_OFFSET_REG(0), &rval) < 0)
2213 if (check_errno && rval < 0 && rval > -nerrnos) {
2220 # elif defined(MICROBLAZE)
2221 if (check_errno && is_negated_errno(r3)) {
2231 /* get error code from user struct */
2232 if (upeek(tcp, uoff(u_error), &u_error) < 0)
2234 u_error >>= 24; /* u_error is a char */
2236 /* get system call return value */
2237 if (upeek(tcp, uoff(u_rval1), &tcp->u_rval) < 0)
2242 /* Judicious guessing goes a long way. */
2243 if (tcp->status.pr_reg[R_PSR] & 0x100000) {
2245 u_error = tcp->status.pr_reg[R_O0];
2248 tcp->u_rval = tcp->status.pr_reg[R_O0];
2252 if (tcp->status.PR_REG[EFL] & 0x1) {
2254 u_error = tcp->status.PR_REG[EAX];
2257 tcp->u_rval = tcp->status.PR_REG[EAX];
2258 # ifdef HAVE_LONG_LONG
2260 ((unsigned long long) tcp->status.PR_REG[EDX] << 32) +
2261 tcp->status.PR_REG[EAX];
2266 if (tcp->status.PR_REG[EFLAGS] & 0x1) {
2268 u_error = tcp->status.PR_REG[RAX];
2271 tcp->u_rval = tcp->status.PR_REG[RAX];
2273 # endif /* X86_64 */
2275 if (tcp->status.pr_reg[CTX_A3]) {
2277 u_error = tcp->status.pr_reg[CTX_V0];
2280 tcp->u_rval = tcp->status.pr_reg[CTX_V0];
2285 if (regs.r_eflags & PSL_C) {
2287 u_error = regs.r_eax;
2289 tcp->u_rval = regs.r_eax;
2291 ((unsigned long long) regs.r_edx << 32) + regs.r_eax;
2293 #endif /* FREEBSD */
2294 tcp->u_error = u_error;
2299 dumpio(struct tcb *tcp)
2303 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= MAX_QUALS)
2305 if (!SCNO_IN_RANGE(tcp->scno))
2307 if (sysent[tcp->scno].sys_func == printargs)
2309 if (qual_flags[tcp->u_arg[0]] & QUAL_READ) {
2310 if (sysent[tcp->scno].sys_func == sys_read ||
2311 sysent[tcp->scno].sys_func == sys_pread ||
2312 sysent[tcp->scno].sys_func == sys_pread64 ||
2313 sysent[tcp->scno].sys_func == sys_recv ||
2314 sysent[tcp->scno].sys_func == sys_recvfrom)
2315 dumpstr(tcp, tcp->u_arg[1], tcp->u_rval);
2316 else if (sysent[tcp->scno].sys_func == sys_readv)
2317 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]);
2320 if (qual_flags[tcp->u_arg[0]] & QUAL_WRITE) {
2321 if (sysent[tcp->scno].sys_func == sys_write ||
2322 sysent[tcp->scno].sys_func == sys_pwrite ||
2323 sysent[tcp->scno].sys_func == sys_pwrite64 ||
2324 sysent[tcp->scno].sys_func == sys_send ||
2325 sysent[tcp->scno].sys_func == sys_sendto)
2326 dumpstr(tcp, tcp->u_arg[1], tcp->u_arg[2]);
2327 else if (sysent[tcp->scno].sys_func == sys_writev)
2328 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]);
2334 trace_syscall_exiting(struct tcb *tcp)
2341 /* Measure the exit time as early as possible to avoid errors. */
2343 gettimeofday(&tv, NULL);
2345 #if SUPPORTED_PERSONALITIES > 1
2346 update_personality(tcp, tcp->currpers);
2348 res = get_syscall_result(tcp);
2352 res = syscall_fixup_on_sysexit(tcp);
2356 res = get_error(tcp);
2360 internal_syscall(tcp);
2362 if (res == 1 && filtered(tcp)) {
2366 if (tcp->flags & TCB_REPRINT) {
2368 if (!SCNO_IN_RANGE(tcp->scno))
2369 tprintf("<... syscall_%lu resumed> ", tcp->scno);
2371 tprintf("<... %s resumed> ", sysent[tcp->scno].sys_name);
2375 struct timeval t = tv;
2376 count_syscall(tcp, &t);
2377 if (cflag == CFLAG_ONLY_STATS) {
2385 tprints("= ? <unavailable>");
2387 tcp->flags &= ~TCB_INSYSCALL;
2391 if (!SCNO_IN_RANGE(tcp->scno)
2392 || (qual_flags[tcp->scno] & QUAL_RAW))
2393 sys_res = printargs(tcp);
2395 /* FIXME: not_failing_only (IOW, option -z) is broken:
2396 * failure of syscall is known only after syscall return.
2397 * Thus we end up with something like this on, say, ENOENT:
2398 * open("doesnt_exist", O_RDONLY <unfinished ...>
2399 * {next syscall decode}
2400 * whereas the intended result is that open(...) line
2401 * is not shown at all.
2403 if (not_failing_only && tcp->u_error)
2404 goto ret; /* ignore failed syscalls */
2405 sys_res = (*sysent[tcp->scno].sys_func)(tcp);
2410 u_error = tcp->u_error;
2411 if (!SCNO_IN_RANGE(tcp->scno) ||
2412 qual_flags[tcp->scno] & QUAL_RAW) {
2414 tprintf("= -1 (errno %ld)", u_error);
2416 tprintf("= %#lx", tcp->u_rval);
2418 else if (!(sys_res & RVAL_NONE) && u_error) {
2421 /* Blocked signals do not interrupt any syscalls.
2422 * In this case syscalls don't return ERESTARTfoo codes.
2424 * Deadly signals set to SIG_DFL interrupt syscalls
2425 * and kill the process regardless of which of the codes below
2426 * is returned by the interrupted syscall.
2427 * In some cases, kernel forces a kernel-generated deadly
2428 * signal to be unblocked and set to SIG_DFL (and thus cause
2429 * death) if it is blocked or SIG_IGNed: for example, SIGSEGV
2430 * or SIGILL. (The alternative is to leave process spinning
2431 * forever on the faulty instruction - not useful).
2433 * SIG_IGNed signals and non-deadly signals set to SIG_DFL
2434 * (for example, SIGCHLD, SIGWINCH) interrupt syscalls,
2435 * but kernel will always restart them.
2438 /* Most common type of signal-interrupted syscall exit code.
2439 * The system call will be restarted with the same arguments
2440 * if SA_RESTART is set; otherwise, it will fail with EINTR.
2442 tprints("= ? ERESTARTSYS (To be restarted if SA_RESTART is set)");
2444 case ERESTARTNOINTR:
2445 /* Rare. For example, fork() returns this if interrupted.
2446 * SA_RESTART is ignored (assumed set): the restart is unconditional.
2448 tprints("= ? ERESTARTNOINTR (To be restarted)");
2450 case ERESTARTNOHAND:
2451 /* pause(), rt_sigsuspend() etc use this code.
2452 * SA_RESTART is ignored (assumed not set):
2453 * syscall won't restart (will return EINTR instead)
2454 * even after signal with SA_RESTART set.
2455 * However, after SIG_IGN or SIG_DFL signal it will.
2457 tprints("= ? ERESTARTNOHAND (Interrupted by signal)");
2459 case ERESTART_RESTARTBLOCK:
2460 /* Syscalls like nanosleep(), poll() which can't be
2461 * restarted with their original arguments use this
2462 * code. Kernel will execute restart_syscall() instead,
2463 * which changes arguments before restarting syscall.
2464 * SA_RESTART is ignored (assumed not set) similarly
2465 * to ERESTARTNOHAND. (Kernel can't honor SA_RESTART
2466 * since restart data is saved in "restart block"
2467 * in task struct, and if signal handler uses a syscall
2468 * which in turn saves another such restart block,
2469 * old data is lost and restart becomes impossible)
2471 tprints("= ? ERESTART_RESTARTBLOCK (Interrupted by signal)");
2476 tprintf("= -1 E??? (errno %ld)", u_error);
2477 else if (u_error < nerrnos)
2478 tprintf("= -1 %s (%s)", errnoent[u_error],
2481 tprintf("= -1 ERRNO_%ld (%s)", u_error,
2485 if ((sys_res & RVAL_STR) && tcp->auxstr)
2486 tprintf(" (%s)", tcp->auxstr);
2489 if (sys_res & RVAL_NONE)
2492 switch (sys_res & RVAL_MASK) {
2494 tprintf("= %#lx", tcp->u_rval);
2497 tprintf("= %#lo", tcp->u_rval);
2500 tprintf("= %lu", tcp->u_rval);
2503 tprintf("= %ld", tcp->u_rval);
2505 #ifdef HAVE_LONG_LONG
2507 tprintf("= %#llx", tcp->u_lrval);
2510 tprintf("= %#llo", tcp->u_lrval);
2512 case RVAL_LUDECIMAL:
2513 tprintf("= %llu", tcp->u_lrval);
2516 tprintf("= %lld", tcp->u_lrval);
2521 "invalid rval format\n");
2525 if ((sys_res & RVAL_STR) && tcp->auxstr)
2526 tprintf(" (%s)", tcp->auxstr);
2529 tv_sub(&tv, &tv, &tcp->etime);
2530 tprintf(" <%ld.%06ld>",
2531 (long) tv.tv_sec, (long) tv.tv_usec);
2536 if (fflush(tcp->outf) == EOF)
2539 tcp->flags &= ~TCB_INSYSCALL;
2544 trace_syscall(struct tcb *tcp)
2546 return exiting(tcp) ?
2547 trace_syscall_exiting(tcp) : trace_syscall_entering(tcp);
projects / strace / blob