2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl>
3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl>
4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com>
5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl>
6 * Copyright (c) 1999 IBM Deutschland Entwicklung GmbH, IBM Corporation
7 * Linux for s390 port by D.J. Barrow
8 * <barrow_dj@mail.yahoo.com,djbarrow@de.ibm.com>
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. The name of the author may not be used to endorse or promote products
20 * derived from this software without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
42 #include <sys/syscall.h>
43 #include <sys/param.h>
47 #ifndef PTRACE_PEEKUSR
48 # define PTRACE_PEEKUSR PTRACE_PEEKUSER
50 #elif defined(HAVE_LINUX_PTRACE_H)
52 # ifdef HAVE_STRUCT_IA64_FPREG
53 # define ia64_fpreg XXX_ia64_fpreg
55 # ifdef HAVE_STRUCT_PT_ALL_USER_REGS
56 # define pt_all_user_regs XXX_pt_all_user_regs
58 #include <linux/ptrace.h>
60 # undef pt_all_user_regs
63 #if defined (LINUX) && defined (SPARC64)
64 # undef PTRACE_GETREGS
65 # define PTRACE_GETREGS PTRACE_GETREGS64
66 # undef PTRACE_SETREGS
67 # define PTRACE_SETREGS PTRACE_SETREGS64
68 #endif /* LINUX && SPARC64 */
70 #if defined(LINUX) && defined(IA64)
71 # include <asm/ptrace_offsets.h>
75 #define NR_SYSCALL_BASE 0
78 #define ERESTARTSYS 512
80 #ifndef ERESTARTNOINTR
81 #define ERESTARTNOINTR 513
83 #ifndef ERESTARTNOHAND
84 #define ERESTARTNOHAND 514 /* restart if no handler.. */
87 #define ENOIOCTLCMD 515 /* No ioctl command */
89 #ifndef ERESTART_RESTARTBLOCK
90 #define ERESTART_RESTARTBLOCK 516 /* restart by calling sys_restart_syscall */
93 #warning: NSIG is not defined, using 32
97 /* Ugh. Is this really correct? ARM has no RT signals?! */
100 #undef NR_SYSCALL_BASE
101 #define NR_SYSCALL_BASE __NR_SYSCALL_BASE
107 /* Define these shorthand notations to simplify the syscallent files. */
108 #define TD TRACE_DESC
109 #define TF TRACE_FILE
111 #define TN TRACE_NETWORK
112 #define TP TRACE_PROCESS
113 #define TS TRACE_SIGNAL
114 #define NF SYSCALL_NEVER_FAILS
117 static const struct sysent sysent0[] = {
118 #include "syscallent.h"
121 #if SUPPORTED_PERSONALITIES >= 2
122 static const struct sysent sysent1[] = {
123 #include "syscallent1.h"
127 #if SUPPORTED_PERSONALITIES >= 3
128 static const struct sysent sysent2[] = {
129 #include "syscallent2.h"
133 /* Now undef them since short defines cause wicked namespace pollution. */
145 * `ioctlent.h' may be generated from `ioctlent.raw' by the auxiliary
146 * program `ioctlsort', such that the list is sorted by the `code' field.
147 * This has the side-effect of resolving the _IO.. macros into
148 * plain integers, eliminating the need to include here everything
153 static const char *const errnoent0[] = {
154 #include "errnoent.h"
156 static const char *const signalent0[] = {
157 #include "signalent.h"
159 static const struct ioctlent ioctlent0[] = {
160 #include "ioctlent.h"
162 enum { nsyscalls0 = ARRAY_SIZE(sysent0) };
163 enum { nerrnos0 = ARRAY_SIZE(errnoent0) };
164 enum { nsignals0 = ARRAY_SIZE(signalent0) };
165 enum { nioctlents0 = ARRAY_SIZE(ioctlent0) };
166 int qual_flags0[MAX_QUALS];
168 #if SUPPORTED_PERSONALITIES >= 2
169 static const char *const errnoent1[] = {
170 #include "errnoent1.h"
172 static const char *const signalent1[] = {
173 #include "signalent1.h"
175 static const struct ioctlent ioctlent1[] = {
176 #include "ioctlent1.h"
178 enum { nsyscalls1 = ARRAY_SIZE(sysent1) };
179 enum { nerrnos1 = ARRAY_SIZE(errnoent1) };
180 enum { nsignals1 = ARRAY_SIZE(signalent1) };
181 enum { nioctlents1 = ARRAY_SIZE(ioctlent1) };
182 int qual_flags1[MAX_QUALS];
185 #if SUPPORTED_PERSONALITIES >= 3
186 static const char *const errnoent2[] = {
187 #include "errnoent2.h"
189 static const char *const signalent2[] = {
190 #include "signalent2.h"
192 static const struct ioctlent ioctlent2[] = {
193 #include "ioctlent2.h"
195 enum { nsyscalls2 = ARRAY_SIZE(sysent2) };
196 enum { nerrnos2 = ARRAY_SIZE(errnoent2) };
197 enum { nsignals2 = ARRAY_SIZE(signalent2) };
198 enum { nioctlents2 = ARRAY_SIZE(ioctlent2) };
199 int qual_flags2[MAX_QUALS];
203 const struct sysent *sysent;
204 const char *const *errnoent;
205 const char *const *signalent;
206 const struct ioctlent *ioctlent;
213 int current_personality;
215 #ifndef PERSONALITY0_WORDSIZE
216 # define PERSONALITY0_WORDSIZE sizeof(long)
218 const int personality_wordsize[SUPPORTED_PERSONALITIES] = {
219 PERSONALITY0_WORDSIZE,
220 #if SUPPORTED_PERSONALITIES > 1
221 PERSONALITY1_WORDSIZE,
223 #if SUPPORTED_PERSONALITIES > 2
224 PERSONALITY2_WORDSIZE,
229 set_personality(int personality)
231 switch (personality) {
233 errnoent = errnoent0;
236 nsyscalls = nsyscalls0;
237 ioctlent = ioctlent0;
238 nioctlents = nioctlents0;
239 signalent = signalent0;
240 nsignals = nsignals0;
241 qual_flags = qual_flags0;
244 #if SUPPORTED_PERSONALITIES >= 2
246 errnoent = errnoent1;
249 nsyscalls = nsyscalls1;
250 ioctlent = ioctlent1;
251 nioctlents = nioctlents1;
252 signalent = signalent1;
253 nsignals = nsignals1;
254 qual_flags = qual_flags1;
258 #if SUPPORTED_PERSONALITIES >= 3
260 errnoent = errnoent2;
263 nsyscalls = nsyscalls2;
264 ioctlent = ioctlent2;
265 nioctlents = nioctlents2;
266 signalent = signalent2;
267 nsignals = nsignals2;
268 qual_flags = qual_flags2;
273 current_personality = personality;
276 #if SUPPORTED_PERSONALITIES > 1
278 update_personality(struct tcb *tcp, int personality)
280 if (personality == current_personality)
282 set_personality(personality);
284 if (personality == tcp->currpers)
286 tcp->currpers = personality;
288 #if defined(POWERPC64) || defined(X86_64)
290 static const char *const names[] = {"64 bit", "32 bit"};
291 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n",
292 tcp->pid, names[personality]);
298 static int qual_syscall(), qual_signal(), qual_fault(), qual_desc();
300 static const struct qual_options {
302 const char *option_name;
303 int (*qualify)(const char *, int, int);
304 const char *argument_name;
306 { QUAL_TRACE, "trace", qual_syscall, "system call" },
307 { QUAL_TRACE, "t", qual_syscall, "system call" },
308 { QUAL_ABBREV, "abbrev", qual_syscall, "system call" },
309 { QUAL_ABBREV, "a", qual_syscall, "system call" },
310 { QUAL_VERBOSE, "verbose", qual_syscall, "system call" },
311 { QUAL_VERBOSE, "v", qual_syscall, "system call" },
312 { QUAL_RAW, "raw", qual_syscall, "system call" },
313 { QUAL_RAW, "x", qual_syscall, "system call" },
314 { QUAL_SIGNAL, "signal", qual_signal, "signal" },
315 { QUAL_SIGNAL, "signals", qual_signal, "signal" },
316 { QUAL_SIGNAL, "s", qual_signal, "signal" },
317 { QUAL_FAULT, "fault", qual_fault, "fault" },
318 { QUAL_FAULT, "faults", qual_fault, "fault" },
319 { QUAL_FAULT, "m", qual_fault, "fault" },
320 { QUAL_READ, "read", qual_desc, "descriptor" },
321 { QUAL_READ, "reads", qual_desc, "descriptor" },
322 { QUAL_READ, "r", qual_desc, "descriptor" },
323 { QUAL_WRITE, "write", qual_desc, "descriptor" },
324 { QUAL_WRITE, "writes", qual_desc, "descriptor" },
325 { QUAL_WRITE, "w", qual_desc, "descriptor" },
326 { 0, NULL, NULL, NULL },
330 qualify_one(int n, int bitflag, int not, int pers)
332 if (pers == 0 || pers < 0) {
334 qual_flags0[n] &= ~bitflag;
336 qual_flags0[n] |= bitflag;
339 #if SUPPORTED_PERSONALITIES >= 2
340 if (pers == 1 || pers < 0) {
342 qual_flags1[n] &= ~bitflag;
344 qual_flags1[n] |= bitflag;
346 #endif /* SUPPORTED_PERSONALITIES >= 2 */
348 #if SUPPORTED_PERSONALITIES >= 3
349 if (pers == 2 || pers < 0) {
351 qual_flags2[n] &= ~bitflag;
353 qual_flags2[n] |= bitflag;
355 #endif /* SUPPORTED_PERSONALITIES >= 3 */
359 qual_syscall(const char *s, int bitflag, int not)
364 if (isdigit((unsigned char)*s)) {
366 if (i < 0 || i >= MAX_QUALS)
368 qualify_one(i, bitflag, not, -1);
371 for (i = 0; i < nsyscalls0; i++)
372 if (strcmp(s, sysent0[i].sys_name) == 0) {
373 qualify_one(i, bitflag, not, 0);
377 #if SUPPORTED_PERSONALITIES >= 2
378 for (i = 0; i < nsyscalls1; i++)
379 if (strcmp(s, sysent1[i].sys_name) == 0) {
380 qualify_one(i, bitflag, not, 1);
383 #endif /* SUPPORTED_PERSONALITIES >= 2 */
385 #if SUPPORTED_PERSONALITIES >= 3
386 for (i = 0; i < nsyscalls2; i++)
387 if (strcmp(s, sysent2[i].sys_name) == 0) {
388 qualify_one(i, bitflag, not, 2);
391 #endif /* SUPPORTED_PERSONALITIES >= 3 */
397 qual_signal(const char *s, int bitflag, int not)
402 if (isdigit((unsigned char)*s)) {
404 if (signo < 0 || signo >= MAX_QUALS)
406 qualify_one(signo, bitflag, not, -1);
409 if (strlen(s) >= sizeof buf)
413 if (strncasecmp(s, "SIG", 3) == 0)
415 for (i = 0; i <= NSIG; i++)
416 if (strcasecmp(s, signame(i) + 3) == 0) {
417 qualify_one(i, bitflag, not, -1);
424 qual_fault(const char *s, int bitflag, int not)
430 qual_desc(const char *s, int bitflag, int not)
432 if (isdigit((unsigned char)*s)) {
434 if (desc < 0 || desc >= MAX_QUALS)
436 qualify_one(desc, bitflag, not, -1);
443 lookup_class(const char *s)
445 if (strcmp(s, "file") == 0)
447 if (strcmp(s, "ipc") == 0)
449 if (strcmp(s, "network") == 0)
450 return TRACE_NETWORK;
451 if (strcmp(s, "process") == 0)
452 return TRACE_PROCESS;
453 if (strcmp(s, "signal") == 0)
455 if (strcmp(s, "desc") == 0)
461 qualify(const char *s)
463 const struct qual_options *opt;
469 opt = &qual_options[0];
470 for (i = 0; (p = qual_options[i].option_name); i++) {
472 if (strncmp(s, p, n) == 0 && s[n] == '=') {
473 opt = &qual_options[i];
483 if (strcmp(s, "none") == 0) {
487 if (strcmp(s, "all") == 0) {
488 for (i = 0; i < MAX_QUALS; i++) {
489 qualify_one(i, opt->bitflag, not, -1);
493 for (i = 0; i < MAX_QUALS; i++) {
494 qualify_one(i, opt->bitflag, !not, -1);
499 for (p = strtok(copy, ","); p; p = strtok(NULL, ",")) {
500 if (opt->bitflag == QUAL_TRACE && (n = lookup_class(p)) > 0) {
501 for (i = 0; i < nsyscalls0; i++)
502 if (sysent0[i].sys_flags & n)
503 qualify_one(i, opt->bitflag, not, 0);
505 #if SUPPORTED_PERSONALITIES >= 2
506 for (i = 0; i < nsyscalls1; i++)
507 if (sysent1[i].sys_flags & n)
508 qualify_one(i, opt->bitflag, not, 1);
509 #endif /* SUPPORTED_PERSONALITIES >= 2 */
511 #if SUPPORTED_PERSONALITIES >= 3
512 for (i = 0; i < nsyscalls2; i++)
513 if (sysent2[i].sys_flags & n)
514 qualify_one(i, opt->bitflag, not, 2);
515 #endif /* SUPPORTED_PERSONALITIES >= 3 */
519 if (opt->qualify(p, opt->bitflag, not)) {
520 fprintf(stderr, "strace: invalid %s `%s'\n",
521 opt->argument_name, p);
530 enum subcall_style { shift_style, deref_style, mask_style, door_style };
532 enum subcall_style { shift_style, deref_style, mask_style, door_style, table_style };
540 static const struct subcall subcalls_table[] = {
541 { SYS_shmsys, 5, { SYS_shmat, SYS_shmctl, SYS_shmdt, SYS_shmget, SYS_shmctl } },
543 { SYS_semsys, 4, { SYS___semctl, SYS_semget, SYS_semop, SYS_semconfig } },
545 { SYS_semsys, 3, { SYS___semctl, SYS_semget, SYS_semop } },
547 { SYS_msgsys, 4, { SYS_msgctl, SYS_msgget, SYS_msgsnd, SYS_msgrcv } },
551 #if !(defined(LINUX) && ( defined(ALPHA) || defined(MIPS) || defined(__ARM_EABI__) ))
554 decode_subcall(struct tcb *tcp, int subcall, int nsubcalls, enum subcall_style style)
556 unsigned long addr, mask;
558 int size = personality_wordsize[current_personality];
562 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= nsubcalls)
564 tcp->scno = subcall + tcp->u_arg[0];
565 tcp->u_nargs = n = sysent[tcp->scno].nargs;
566 for (i = 0; i < n; i++)
567 tcp->u_arg[i] = tcp->u_arg[i + 1];
570 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= nsubcalls)
572 tcp->scno = subcall + tcp->u_arg[0];
573 addr = tcp->u_arg[1];
574 tcp->u_nargs = n = sysent[tcp->scno].nargs;
575 for (i = 0; i < n; i++) {
576 if (size == sizeof(int)) {
578 if (umove(tcp, addr, &arg) < 0)
582 else if (size == sizeof(long)) {
584 if (umove(tcp, addr, &arg) < 0)
594 mask = (tcp->u_arg[0] >> 8) & 0xff;
595 for (i = 0; mask; i++)
599 tcp->u_arg[0] &= 0xff;
600 tcp->scno = subcall + i;
601 tcp->u_nargs = sysent[tcp->scno].nargs;
605 * Oh, yuck. The call code is the *sixth* argument.
606 * (don't you mean the *last* argument? - JH)
608 if (tcp->u_arg[5] < 0 || tcp->u_arg[5] >= nsubcalls)
610 tcp->scno = subcall + tcp->u_arg[5];
611 tcp->u_nargs = sysent[tcp->scno].nargs;
615 for (i = 0; i < ARRAY_SIZE(subcalls_table); i++)
616 if (subcalls_table[i].call == tcp->scno) break;
617 if (i < ARRAY_SIZE(subcalls_table) &&
618 tcp->u_arg[0] >= 0 && tcp->u_arg[0] < subcalls_table[i].nsubcalls) {
619 tcp->scno = subcalls_table[i].subcalls[tcp->u_arg[0]];
620 for (i = 0; i < tcp->u_nargs; i++)
621 tcp->u_arg[i] = tcp->u_arg[i + 1];
630 printargs(struct tcb *tcp)
635 for (i = 0; i < tcp->u_nargs; i++)
636 tprintf("%s%#lx", i ? ", " : "", tcp->u_arg[i]);
642 getrval2(struct tcb *tcp)
647 #if defined (SPARC) || defined (SPARC64)
649 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
651 val = regs.u_regs[U_REG_O1];
653 if (upeek(tcp, 4*(REG_REG0+1), &val) < 0)
656 if (upeek(tcp, PT_R9, &val) < 0)
662 if (upeek(tcp, uoff(u_rval2), &val) < 0)
668 val = tcp->status.PR_REG[R_O1];
671 val = tcp->status.PR_REG[EDX];
674 val = tcp->status.PR_REG[RDX];
677 val = tcp->status.PR_REG[CTX_V1];
683 pread(tcp->pfd_reg, ®s, sizeof(regs), 0);
691 * Apparently, indirect system calls have already be converted by ptrace(2),
692 * so if you see "indir" this program has gone astray.
695 sys_indir(struct tcb *tcp)
701 scno = tcp->u_arg[0];
702 if (!SCNO_IN_RANGE(scno)) {
703 fprintf(stderr, "Bogus syscall: %ld\n", scno);
706 nargs = sysent[scno].nargs;
707 tprints(sysent[scno].sys_name);
708 for (i = 0; i < nargs; i++)
709 tprintf(", %#lx", tcp->u_arg[i+1]);
716 is_restart_error(struct tcb *tcp)
719 switch (tcp->u_error) {
723 case ERESTART_RESTARTBLOCK:
734 struct pt_regs i386_regs;
735 # elif defined(X86_64)
737 * On 32 bits, pt_regs and user_regs_struct are the same,
738 * but on 64 bits, user_regs_struct has six more fields:
739 * fs_base, gs_base, ds, es, fs, gs.
740 * PTRACE_GETREGS fills them too, so struct pt_regs would overflow.
742 static struct user_regs_struct x86_64_regs;
743 # elif defined (IA64)
744 long r8, r10, psr; /* TODO: make static? */
745 long ia32 = 0; /* not static */
746 # elif defined (POWERPC)
748 # elif defined (M68K)
753 static struct pt_regs regs;
754 # elif defined (ALPHA)
757 # elif defined(AVR32)
758 static struct pt_regs regs;
759 # elif defined (SPARC) || defined (SPARC64)
760 static struct pt_regs regs;
761 static unsigned long trap;
762 # elif defined(LINUX_MIPSN32)
768 # elif defined(S390) || defined(S390X)
771 static long syscall_mode;
778 # elif defined(CRISV10) || defined(CRISV32)
780 # elif defined(MICROBLAZE)
785 struct reg regs; /* TODO: make static? */
789 * 0: "ignore this ptrace stop", bail out of trace_syscall() silently.
790 * 1: ok, continue in trace_syscall().
791 * other: error, trace_syscall() should print error indicator
792 * ("????" etc) and bail out.
798 get_scno(struct tcb *tcp)
803 # if defined(S390) || defined(S390X)
804 if (upeek(tcp, PT_GPR2, &syscall_mode) < 0)
807 if (syscall_mode != -ENOSYS) {
809 * Since kernel version 2.5.44 the scno gets passed in gpr2.
814 * Old style of "passing" the scno via the SVC instruction.
816 long opcode, offset_reg, tmp;
818 static const int gpr_offset[16] = {
819 PT_GPR0, PT_GPR1, PT_ORIGGPR2, PT_GPR3,
820 PT_GPR4, PT_GPR5, PT_GPR6, PT_GPR7,
821 PT_GPR8, PT_GPR9, PT_GPR10, PT_GPR11,
822 PT_GPR12, PT_GPR13, PT_GPR14, PT_GPR15
825 if (upeek(tcp, PT_PSWADDR, &pc) < 0)
828 opcode = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)(pc-sizeof(long)), 0);
830 perror("peektext(pc-oneword)");
835 * We have to check if the SVC got executed directly or via an
836 * EXECUTE instruction. In case of EXECUTE it is necessary to do
837 * instruction decoding to derive the system call number.
838 * Unfortunately the opcode sizes of EXECUTE and SVC are differently,
839 * so that this doesn't work if a SVC opcode is part of an EXECUTE
840 * opcode. Since there is no way to find out the opcode size this
841 * is the best we can do...
843 if ((opcode & 0xff00) == 0x0a00) {
845 scno = opcode & 0xff;
848 /* SVC got executed by EXECUTE instruction */
851 * Do instruction decoding of EXECUTE. If you really want to
852 * understand this, read the Principles of Operations.
854 svc_addr = (void *) (opcode & 0xfff);
857 offset_reg = (opcode & 0x000f0000) >> 16;
858 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
863 offset_reg = (opcode & 0x0000f000) >> 12;
864 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
868 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, svc_addr, 0);
877 offset_reg = (opcode & 0x00f00000) >> 20;
878 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
881 scno = (scno | tmp) & 0xff;
884 # elif defined (POWERPC)
885 if (upeek(tcp, sizeof(unsigned long)*PT_R0, &scno) < 0)
888 /* TODO: speed up strace by not doing this at every syscall.
889 * We only need to do it after execve.
895 /* Check for 64/32 bit mode. */
896 if (upeek(tcp, sizeof(unsigned long)*PT_MSR, &val) < 0)
898 /* SF is bit 0 of MSR */
903 update_personality(tcp, currpers);
905 # elif defined(AVR32)
906 /* Read complete register set in one go. */
907 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, ®s) < 0)
911 if (upeek(tcp, PT_ORIG_P0, &scno))
913 # elif defined (I386)
914 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &i386_regs) < 0)
916 scno = i386_regs.orig_eax;
917 # elif defined (X86_64)
919 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &x86_64_regs) < 0)
921 scno = x86_64_regs.orig_rax;
923 /* Check CS register value. On x86-64 linux it is:
924 * 0x33 for long mode (64 bit)
925 * 0x23 for compatibility mode (32 bit)
927 switch (x86_64_regs.cs) {
928 case 0x23: currpers = 1; break;
929 case 0x33: currpers = 0; break;
931 fprintf(stderr, "Unknown value CS=0x%08X while "
932 "detecting personality of process "
933 "PID=%d\n", (int)x86_64_regs.cs, tcp->pid);
934 currpers = current_personality;
938 /* This version analyzes the opcode of a syscall instruction.
939 * (int 0x80 on i386 vs. syscall on x86-64)
940 * It works, but is too complicated.
942 unsigned long val, rip, i;
944 rip = x86_64_regs.rip;
946 /* sizeof(syscall) == sizeof(int 0x80) == 2 */
950 call = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)rip, (char *)0);
952 fprintf(stderr, "ptrace_peektext failed: %s\n",
954 switch (call & 0xffff) {
955 /* x86-64: syscall = 0x0f 0x05 */
956 case 0x050f: currpers = 0; break;
957 /* i386: int 0x80 = 0xcd 0x80 */
958 case 0x80cd: currpers = 1; break;
960 currpers = current_personality;
962 "Unknown syscall opcode (0x%04X) while "
963 "detecting personality of process "
964 "PID=%d\n", (int)call, tcp->pid);
968 update_personality(tcp, currpers);
970 # define IA64_PSR_IS ((long)1 << 34)
971 if (upeek(tcp, PT_CR_IPSR, &psr) >= 0)
972 ia32 = (psr & IA64_PSR_IS) != 0;
974 if (upeek(tcp, PT_R1, &scno) < 0)
977 if (upeek(tcp, PT_R15, &scno) < 0)
981 /* Read complete register set in one go. */
982 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (void *)®s) == -1)
986 * We only need to grab the syscall number on syscall entry.
988 if (regs.ARM_ip == 0) {
990 * Note: we only deal with only 32-bit CPUs here.
992 if (regs.ARM_cpsr & 0x20) {
994 * Get the Thumb-mode system call number
999 * Get the ARM-mode system call number
1002 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, (void *)(regs.ARM_pc - 4), NULL);
1006 /* Handle the EABI syscall convention. We do not
1007 bother converting structures between the two
1008 ABIs, but basic functionality should work even
1009 if strace and the traced program have different
1011 if (scno == 0xef000000) {
1014 if ((scno & 0x0ff00000) != 0x0f900000) {
1015 fprintf(stderr, "syscall: unknown syscall trap 0x%08lx\n",
1021 * Fixup the syscall number
1026 if (scno & 0x0f0000) {
1028 * Handle ARM specific syscall
1030 update_personality(tcp, 1);
1033 update_personality(tcp, 0);
1036 fprintf(stderr, "pid %d stray syscall entry\n", tcp->pid);
1037 tcp->flags |= TCB_INSYSCALL;
1039 # elif defined (M68K)
1040 if (upeek(tcp, 4*PT_ORIG_D0, &scno) < 0)
1042 # elif defined (LINUX_MIPSN32)
1043 unsigned long long regs[38];
1045 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1051 if (!SCNO_IN_RANGE(scno)) {
1052 if (a3 == 0 || a3 == -1) {
1054 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno);
1058 # elif defined (MIPS)
1059 if (upeek(tcp, REG_A3, &a3) < 0)
1061 if (upeek(tcp, REG_V0, &scno) < 0)
1064 if (!SCNO_IN_RANGE(scno)) {
1065 if (a3 == 0 || a3 == -1) {
1067 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno);
1071 # elif defined (ALPHA)
1072 if (upeek(tcp, REG_A3, &a3) < 0)
1074 if (upeek(tcp, REG_R0, &scno) < 0)
1078 * Do some sanity checks to figure out if it's
1079 * really a syscall entry
1081 if (!SCNO_IN_RANGE(scno)) {
1082 if (a3 == 0 || a3 == -1) {
1084 fprintf(stderr, "stray syscall exit: r0 = %ld\n", scno);
1088 # elif defined (SPARC) || defined (SPARC64)
1089 /* Everything we need is in the current register set. */
1090 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
1093 /* Disassemble the syscall trap. */
1094 /* Retrieve the syscall trap instruction. */
1096 # if defined(SPARC64)
1097 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)regs.tpc, 0);
1100 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)regs.pc, 0);
1105 /* Disassemble the trap to see what personality to use. */
1108 /* Linux/SPARC syscall trap. */
1109 update_personality(tcp, 0);
1112 /* Linux/SPARC64 syscall trap. */
1113 update_personality(tcp, 2);
1116 /* SunOS syscall trap. (pers 1) */
1117 fprintf(stderr, "syscall: SunOS no support\n");
1120 /* Solaris 2.x syscall trap. (per 2) */
1121 update_personality(tcp, 1);
1124 /* NetBSD/FreeBSD syscall trap. */
1125 fprintf(stderr, "syscall: NetBSD/FreeBSD not supported\n");
1128 /* Solaris 2.x gettimeofday */
1129 update_personality(tcp, 1);
1132 # if defined (SPARC64)
1133 fprintf(stderr, "syscall: unknown syscall trap %08lx %016lx\n", trap, regs.tpc);
1135 fprintf(stderr, "syscall: unknown syscall trap %08lx %08lx\n", trap, regs.pc);
1140 /* Extract the system call number from the registers. */
1141 if (trap == 0x91d02027)
1144 scno = regs.u_regs[U_REG_G1];
1146 scno = regs.u_regs[U_REG_O0];
1147 memmove(®s.u_regs[U_REG_O0], ®s.u_regs[U_REG_O1], 7*sizeof(regs.u_regs[0]));
1149 # elif defined(HPPA)
1150 if (upeek(tcp, PT_GR20, &scno) < 0)
1154 * In the new syscall ABI, the system call number is in R3.
1156 if (upeek(tcp, 4*(REG_REG0+3), &scno) < 0)
1160 /* Odd as it may seem, a glibc bug has been known to cause
1161 glibc to issue bogus negative syscall numbers. So for
1162 our purposes, make strace print what it *should* have been */
1163 long correct_scno = (scno & 0xff);
1166 "Detected glibc bug: bogus system call"
1167 " number = %ld, correcting to %ld\n",
1170 scno = correct_scno;
1172 # elif defined(SH64)
1173 if (upeek(tcp, REG_SYSCALL, &scno) < 0)
1176 # elif defined(CRISV10) || defined(CRISV32)
1177 if (upeek(tcp, 4*PT_R9, &scno) < 0)
1179 # elif defined(TILE)
1180 if (upeek(tcp, PTREGS_OFFSET_REG(10), &scno) < 0)
1182 # elif defined(MICROBLAZE)
1183 if (upeek(tcp, 0, &scno) < 0)
1189 if (upeek(tcp, uoff(u_arg[7]), &scno) < 0)
1192 /* new syscall ABI returns result in R0 */
1193 if (upeek(tcp, 4*REG_REG0, (long *)&r0) < 0)
1196 /* ABI defines result returned in r9 */
1197 if (upeek(tcp, REG_GENERAL(9), (long *)&r9) < 0)
1202 # ifdef HAVE_PR_SYSCALL
1203 scno = tcp->status.PR_SYSCALL;
1206 scno = tcp->status.PR_WHAT;
1208 if (pread(tcp->pfd_reg, ®s, sizeof(regs), 0) < 0) {
1212 switch (regs.r_eax) {
1215 pread(tcp->pfd, &scno, sizeof(scno), regs.r_esp + sizeof(int));
1221 # endif /* FREEBSD */
1222 # endif /* !HAVE_PR_SYSCALL */
1223 #endif /* USE_PROCFS */
1230 known_scno(struct tcb *tcp)
1232 long scno = tcp->scno;
1233 #if SUPPORTED_PERSONALITIES > 1
1234 if (SCNO_IN_RANGE(scno) && sysent[scno].native_scno != 0)
1235 scno = sysent[scno].native_scno;
1238 scno += NR_SYSCALL_BASE;
1242 /* Called at each syscall entry.
1244 * 0: "ignore this ptrace stop", bail out of trace_syscall() silently.
1245 * 1: ok, continue in trace_syscall().
1246 * other: error, trace_syscall() should print error indicator
1247 * ("????" etc) and bail out.
1250 syscall_fixup_on_sysenter(struct tcb *tcp)
1253 int scno = known_scno(tcp);
1255 if (tcp->status.PR_WHY != PR_SYSENTRY) {
1259 || scno == SYS_vfork
1262 || scno == SYS_fork1
1265 || scno == SYS_forkall
1268 || scno == SYS_rfork1
1271 || scno == SYS_rforkall
1274 /* We are returning in the child, fake it. */
1275 tcp->status.PR_WHY = PR_SYSENTRY;
1277 tcp->status.PR_WHY = PR_SYSEXIT;
1280 fprintf(stderr, "syscall: missing entry\n");
1281 tcp->flags |= TCB_INSYSCALL;
1284 #endif /* USE_PROCFS */
1288 fprintf(stderr, "syscall: missing entry\n");
1289 tcp->flags |= TCB_INSYSCALL;
1294 /* A common case of "not a syscall entry" is post-execve SIGTRAP */
1296 if (i386_regs.eax != -ENOSYS) {
1298 fprintf(stderr, "not a syscall entry (eax = %ld)\n", i386_regs.eax);
1301 #elif defined (X86_64)
1303 long rax = x86_64_regs.rax;
1304 if (current_personality == 1)
1305 rax = (int)rax; /* sign extend from 32 bits */
1306 if (rax != -ENOSYS) {
1308 fprintf(stderr, "not a syscall entry (rax = %ld)\n", rax);
1312 #elif defined (S390) || defined (S390X)
1313 /* TODO: we already fetched PT_GPR2 in get_scno
1314 * and stored it in syscall_mode, reuse it here
1315 * instead of re-fetching?
1317 if (upeek(tcp, PT_GPR2, &gpr2) < 0)
1319 if (syscall_mode != -ENOSYS)
1320 syscall_mode = tcp->scno;
1321 if (gpr2 != syscall_mode) {
1323 fprintf(stderr, "not a syscall entry (gpr2 = %ld)\n", gpr2);
1326 #elif defined (M68K)
1327 /* TODO? Eliminate upeek's in arches below like we did in x86 */
1328 if (upeek(tcp, 4*PT_D0, &d0) < 0)
1330 if (d0 != -ENOSYS) {
1332 fprintf(stderr, "not a syscall entry (d0 = %ld)\n", d0);
1336 if (upeek(tcp, PT_R10, &r10) < 0)
1338 if (upeek(tcp, PT_R8, &r8) < 0)
1340 if (ia32 && r8 != -ENOSYS) {
1342 fprintf(stderr, "not a syscall entry (r8 = %ld)\n", r8);
1345 #elif defined(CRISV10) || defined(CRISV32)
1346 if (upeek(tcp, 4*PT_R10, &r10) < 0)
1348 if (r10 != -ENOSYS) {
1350 fprintf(stderr, "not a syscall entry (r10 = %ld)\n", r10);
1353 #elif defined(MICROBLAZE)
1354 if (upeek(tcp, 3 * 4, &r3) < 0)
1356 if (r3 != -ENOSYS) {
1358 fprintf(stderr, "not a syscall entry (r3 = %ld)\n", r3);
1367 internal_syscall(struct tcb *tcp)
1370 * We must always trace a few critical system calls in order to
1371 * correctly support following forks in the presence of tracing
1376 if (!SCNO_IN_RANGE(tcp->scno))
1379 func = sysent[tcp->scno].sys_func;
1381 if ( sys_fork == func
1382 #if defined(FREEBSD) || defined(LINUX) || defined(SUNOS4)
1383 || sys_vfork == func
1386 || sys_clone == func
1389 || sys_rfork == func
1392 return internal_fork(tcp);
1394 #if defined SUNOS4 || (defined LINUX && defined TCB_WAITEXECVE)
1395 if ( sys_execve == func
1396 # if defined(SPARC) || defined(SPARC64) || defined(SUNOS4)
1397 || sys_execv == func
1400 || sys_rexecve == func
1403 return internal_exec(tcp);
1410 syscall_enter(struct tcb *tcp)
1415 if (SCNO_IN_RANGE(tcp->scno))
1416 nargs = tcp->u_nargs = sysent[tcp->scno].nargs;
1418 nargs = tcp->u_nargs = MAX_ARGS;
1420 # if defined(S390) || defined(S390X)
1421 for (i = 0; i < nargs; ++i)
1422 if (upeek(tcp, i==0 ? PT_ORIGGPR2 : PT_GPR2 + i*sizeof(long), &tcp->u_arg[i]) < 0)
1424 # elif defined(ALPHA)
1425 for (i = 0; i < nargs; ++i)
1426 if (upeek(tcp, REG_A0+i, &tcp->u_arg[i]) < 0)
1428 # elif defined(IA64)
1430 unsigned long *out0, cfm, sof, sol;
1432 /* be backwards compatible with kernel < 2.4.4... */
1434 # define PT_RBS_END PT_AR_BSP
1437 if (upeek(tcp, PT_RBS_END, &rbs_end) < 0)
1439 if (upeek(tcp, PT_CFM, (long *) &cfm) < 0)
1442 sof = (cfm >> 0) & 0x7f;
1443 sol = (cfm >> 7) & 0x7f;
1444 out0 = ia64_rse_skip_regs((unsigned long *) rbs_end, -sof + sol);
1446 for (i = 0; i < nargs; ++i) {
1447 if (umoven(tcp, (unsigned long) ia64_rse_skip_regs(out0, i),
1448 sizeof(long), (char *) &tcp->u_arg[i]) < 0)
1452 static const int argreg[MAX_ARGS] = { PT_R11 /* EBX = out0 */,
1453 PT_R9 /* ECX = out1 */,
1454 PT_R10 /* EDX = out2 */,
1455 PT_R14 /* ESI = out3 */,
1456 PT_R15 /* EDI = out4 */,
1457 PT_R13 /* EBP = out5 */};
1459 for (i = 0; i < nargs; ++i) {
1460 if (upeek(tcp, argreg[i], &tcp->u_arg[i]) < 0)
1462 /* truncate away IVE sign-extension */
1463 tcp->u_arg[i] &= 0xffffffff;
1466 # elif defined(LINUX_MIPSN32) || defined(LINUX_MIPSN64)
1467 /* N32 and N64 both use up to six registers. */
1468 unsigned long long regs[38];
1470 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1473 for (i = 0; i < nargs; ++i) {
1474 tcp->u_arg[i] = regs[REG_A0 + i];
1475 # if defined(LINUX_MIPSN32)
1476 tcp->ext_arg[i] = regs[REG_A0 + i];
1479 # elif defined(MIPS)
1483 if (upeek(tcp, REG_SP, &sp) < 0)
1485 for (i = 0; i < 4; ++i)
1486 if (upeek(tcp, REG_A0 + i, &tcp->u_arg[i]) < 0)
1488 umoven(tcp, sp + 16, (nargs - 4) * sizeof(tcp->u_arg[0]),
1489 (char *)(tcp->u_arg + 4));
1491 for (i = 0; i < nargs; ++i)
1492 if (upeek(tcp, REG_A0 + i, &tcp->u_arg[i]) < 0)
1495 # elif defined(POWERPC)
1497 # define PT_ORIG_R3 34
1499 for (i = 0; i < nargs; ++i) {
1500 if (upeek(tcp, (i==0) ?
1501 (sizeof(unsigned long) * PT_ORIG_R3) :
1502 ((i+PT_R3) * sizeof(unsigned long)),
1503 &tcp->u_arg[i]) < 0)
1506 # elif defined(SPARC) || defined(SPARC64)
1507 for (i = 0; i < nargs; ++i)
1508 tcp->u_arg[i] = regs.u_regs[U_REG_O0 + i];
1509 # elif defined(HPPA)
1510 for (i = 0; i < nargs; ++i)
1511 if (upeek(tcp, PT_GR26-4*i, &tcp->u_arg[i]) < 0)
1514 for (i = 0; i < nargs; ++i)
1515 tcp->u_arg[i] = regs.uregs[i];
1516 # elif defined(AVR32)
1519 tcp->u_arg[0] = regs.r12;
1520 tcp->u_arg[1] = regs.r11;
1521 tcp->u_arg[2] = regs.r10;
1522 tcp->u_arg[3] = regs.r9;
1523 tcp->u_arg[4] = regs.r5;
1524 tcp->u_arg[5] = regs.r3;
1525 # elif defined(BFIN)
1526 static const int argreg[MAX_ARGS] = { PT_R0, PT_R1, PT_R2, PT_R3, PT_R4, PT_R5 };
1528 for (i = 0; i < nargs; ++i)
1529 if (upeek(tcp, argreg[i], &tcp->u_arg[i]) < 0)
1532 static const int syscall_regs[MAX_ARGS] = {
1533 4 * (REG_REG0+4), 4 * (REG_REG0+5), 4 * (REG_REG0+6),
1534 4 * (REG_REG0+7), 4 * (REG_REG0 ), 4 * (REG_REG0+1)
1537 for (i = 0; i < nargs; ++i)
1538 if (upeek(tcp, syscall_regs[i], &tcp->u_arg[i]) < 0)
1540 # elif defined(SH64)
1542 /* Registers used by SH5 Linux system calls for parameters */
1543 static const int syscall_regs[MAX_ARGS] = { 2, 3, 4, 5, 6, 7 };
1545 for (i = 0; i < nargs; ++i)
1546 if (upeek(tcp, REG_GENERAL(syscall_regs[i]), &tcp->u_arg[i]) < 0)
1548 # elif defined(X86_64)
1551 if (current_personality == 0) { /* x86-64 ABI */
1552 tcp->u_arg[0] = x86_64_regs.rdi;
1553 tcp->u_arg[1] = x86_64_regs.rsi;
1554 tcp->u_arg[2] = x86_64_regs.rdx;
1555 tcp->u_arg[3] = x86_64_regs.r10;
1556 tcp->u_arg[4] = x86_64_regs.r8;
1557 tcp->u_arg[5] = x86_64_regs.r9;
1558 } else { /* i386 ABI */
1559 /* Sign-extend lower 32 bits */
1560 tcp->u_arg[0] = (long)(int)x86_64_regs.rbx;
1561 tcp->u_arg[1] = (long)(int)x86_64_regs.rcx;
1562 tcp->u_arg[2] = (long)(int)x86_64_regs.rdx;
1563 tcp->u_arg[3] = (long)(int)x86_64_regs.rsi;
1564 tcp->u_arg[4] = (long)(int)x86_64_regs.rdi;
1565 tcp->u_arg[5] = (long)(int)x86_64_regs.rbp;
1567 # elif defined(MICROBLAZE)
1568 for (i = 0; i < nargs; ++i)
1569 if (upeek(tcp, (5 + i) * 4, &tcp->u_arg[i]) < 0)
1571 # elif defined(CRISV10) || defined(CRISV32)
1572 static const int crisregs[MAX_ARGS] = {
1573 4*PT_ORIG_R10, 4*PT_R11, 4*PT_R12,
1574 4*PT_R13 , 4*PT_MOF, 4*PT_SRP
1577 for (i = 0; i < nargs; ++i)
1578 if (upeek(tcp, crisregs[i], &tcp->u_arg[i]) < 0)
1580 # elif defined(TILE)
1581 for (i = 0; i < nargs; ++i)
1582 if (upeek(tcp, PTREGS_OFFSET_REG(i), &tcp->u_arg[i]) < 0)
1584 # elif defined(M68K)
1585 for (i = 0; i < nargs; ++i)
1586 if (upeek(tcp, (i < 5 ? i : i + 2)*4, &tcp->u_arg[i]) < 0)
1588 # elif defined(I386)
1591 tcp->u_arg[0] = i386_regs.ebx;
1592 tcp->u_arg[1] = i386_regs.ecx;
1593 tcp->u_arg[2] = i386_regs.edx;
1594 tcp->u_arg[3] = i386_regs.esi;
1595 tcp->u_arg[4] = i386_regs.edi;
1596 tcp->u_arg[5] = i386_regs.ebp;
1597 # else /* Other architecture (32bits specific) */
1598 for (i = 0; i < nargs; ++i)
1599 if (upeek(tcp, i*4, &tcp->u_arg[i]) < 0)
1605 if (SCNO_IN_RANGE(tcp->scno))
1606 nargs = tcp->u_nargs = sysent[tcp->scno].nargs;
1608 nargs = tcp->u_nargs = MAX_ARGS;
1609 for (i = 0; i < nargs; i++) {
1612 if (upeek(tcp, uoff(u_arg[0]) +
1613 (i * sizeof(u->u_arg[0])), &tcp->u_arg[i]) < 0)
1620 * SGI is broken: even though it has pr_sysarg, it doesn't
1621 * set them on system call entry. Get a clue.
1623 if (SCNO_IN_RANGE(tcp->scno))
1624 tcp->u_nargs = sysent[tcp->scno].nargs;
1626 tcp->u_nargs = tcp->status.pr_nsysarg;
1627 if (tcp->u_nargs > 4) {
1628 memcpy(tcp->u_arg, &tcp->status.pr_reg[CTX_A0],
1629 4 * sizeof(tcp->u_arg[0]));
1630 umoven(tcp, tcp->status.pr_reg[CTX_SP] + 16,
1631 (tcp->u_nargs - 4) * sizeof(tcp->u_arg[0]), (char *) (tcp->u_arg + 4));
1634 memcpy(tcp->u_arg, &tcp->status.pr_reg[CTX_A0],
1635 tcp->u_nargs * sizeof(tcp->u_arg[0]));
1637 # elif UNIXWARE >= 2
1639 * Like SGI, UnixWare doesn't set pr_sysarg until system call exit
1641 if (SCNO_IN_RANGE(tcp->scno))
1642 tcp->u_nargs = sysent[tcp->scno].nargs;
1644 tcp->u_nargs = tcp->status.pr_lwp.pr_nsysarg;
1645 umoven(tcp, tcp->status.PR_REG[UESP] + 4,
1646 tcp->u_nargs * sizeof(tcp->u_arg[0]), (char *) tcp->u_arg);
1647 # elif defined(HAVE_PR_SYSCALL)
1649 if (SCNO_IN_RANGE(tcp->scno))
1650 tcp->u_nargs = sysent[tcp->scno].nargs;
1652 tcp->u_nargs = tcp->status.pr_nsysarg;
1653 for (i = 0; i < tcp->u_nargs; i++)
1654 tcp->u_arg[i] = tcp->status.pr_sysarg[i];
1655 # elif defined(I386)
1656 if (SCNO_IN_RANGE(tcp->scno))
1657 tcp->u_nargs = sysent[tcp->scno].nargs;
1660 if (tcp->u_nargs > 0)
1661 umoven(tcp, tcp->status.PR_REG[UESP] + 4,
1662 tcp->u_nargs * sizeof(tcp->u_arg[0]), (char *) tcp->u_arg);
1664 I DONT KNOW WHAT TO DO
1668 if (SCNO_IN_RANGE(tcp->scno) &&
1669 sysent[tcp->scno].nargs > tcp->status.val)
1670 tcp->u_nargs = sysent[tcp->scno].nargs;
1672 tcp->u_nargs = tcp->status.val;
1673 if (tcp->u_nargs < 0)
1675 if (tcp->u_nargs > MAX_ARGS)
1676 tcp->u_nargs = MAX_ARGS;
1677 switch (regs.r_eax) {
1679 pread(tcp->pfd, &tcp->u_arg, tcp->u_nargs * sizeof(unsigned long),
1680 regs.r_esp + sizeof(int) + sizeof(quad_t));
1683 pread(tcp->pfd, &tcp->u_arg, tcp->u_nargs * sizeof(unsigned long),
1684 regs.r_esp + 2 * sizeof(int));
1687 pread(tcp->pfd, &tcp->u_arg, tcp->u_nargs * sizeof(unsigned long),
1688 regs.r_esp + sizeof(int));
1691 #endif /* FREEBSD */
1696 trace_syscall_entering(struct tcb *tcp)
1700 #if defined TCB_WAITEXECVE
1701 if (tcp->flags & TCB_WAITEXECVE) {
1702 /* This is the post-execve SIGTRAP. */
1703 tcp->flags &= ~TCB_WAITEXECVE;
1708 scno_good = res = get_scno(tcp);
1712 res = syscall_fixup_on_sysenter(tcp);
1716 res = syscall_enter(tcp);
1722 tcp->flags &= ~TCB_REPRINT;
1724 tprintf("????" /* anti-trigraph gap */ "(");
1725 else if (!SCNO_IN_RANGE(tcp->scno))
1726 tprintf("syscall_%lu(", tcp->scno);
1728 tprintf("%s(", sysent[tcp->scno].sys_name);
1730 * " <unavailable>" will be added later by the code which
1731 * detects ptrace errors.
1736 #if defined(SYS_socket_subcall) || defined(SYS_ipc_subcall)
1737 while (SCNO_IN_RANGE(tcp->scno)) {
1738 #ifdef SYS_socket_subcall
1739 if (sysent[tcp->scno].sys_func == sys_socketcall) {
1740 decode_subcall(tcp, SYS_socket_subcall,
1741 SYS_socket_nsubcalls, deref_style);
1745 #ifdef SYS_ipc_subcall
1746 if (sysent[tcp->scno].sys_func == sys_ipc) {
1747 decode_subcall(tcp, SYS_ipc_subcall,
1748 SYS_ipc_nsubcalls, shift_style);
1754 #endif /* SYS_socket_subcall || SYS_ipc_subcall */
1756 #if defined(SVR4) || defined(FREEBSD) || defined(SUNOS4)
1757 switch (known_scno(tcp)) {
1759 #ifdef SYS_pgrpsys_subcall
1761 decode_subcall(tcp, SYS_pgrpsys_subcall,
1762 SYS_pgrpsys_nsubcalls, shift_style);
1764 #endif /* SYS_pgrpsys_subcall */
1765 #ifdef SYS_sigcall_subcall
1767 decode_subcall(tcp, SYS_sigcall_subcall,
1768 SYS_sigcall_nsubcalls, mask_style);
1770 #endif /* SYS_sigcall_subcall */
1772 decode_subcall(tcp, SYS_msgsys_subcall,
1773 SYS_msgsys_nsubcalls, shift_style);
1776 decode_subcall(tcp, SYS_shmsys_subcall,
1777 SYS_shmsys_nsubcalls, shift_style);
1780 decode_subcall(tcp, SYS_semsys_subcall,
1781 SYS_semsys_nsubcalls, shift_style);
1784 decode_subcall(tcp, SYS_sysfs_subcall,
1785 SYS_sysfs_nsubcalls, shift_style);
1788 decode_subcall(tcp, SYS_spcall_subcall,
1789 SYS_spcall_nsubcalls, shift_style);
1791 #ifdef SYS_context_subcall
1793 decode_subcall(tcp, SYS_context_subcall,
1794 SYS_context_nsubcalls, shift_style);
1796 #endif /* SYS_context_subcall */
1797 #ifdef SYS_door_subcall
1799 decode_subcall(tcp, SYS_door_subcall,
1800 SYS_door_nsubcalls, door_style);
1802 #endif /* SYS_door_subcall */
1803 #ifdef SYS_kaio_subcall
1805 decode_subcall(tcp, SYS_kaio_subcall,
1806 SYS_kaio_nsubcalls, shift_style);
1814 decode_subcall(tcp, 0, 0, table_style);
1819 decode_subcall(tcp, SYS_semsys_subcall,
1820 SYS_semsys_nsubcalls, shift_style);
1823 decode_subcall(tcp, SYS_msgsys_subcall,
1824 SYS_msgsys_nsubcalls, shift_style);
1827 decode_subcall(tcp, SYS_shmsys_subcall,
1828 SYS_shmsys_nsubcalls, shift_style);
1832 #endif /* SVR4 || FREEBSD || SUNOS4 */
1834 internal_syscall(tcp);
1836 if ((SCNO_IN_RANGE(tcp->scno) &&
1837 !(qual_flags[tcp->scno] & QUAL_TRACE)) ||
1838 (tracing_paths && !pathtrace_match(tcp))) {
1839 tcp->flags |= TCB_INSYSCALL | TCB_FILTERED;
1843 tcp->flags &= ~TCB_FILTERED;
1845 if (cflag == CFLAG_ONLY_STATS) {
1851 tcp->flags &= ~TCB_REPRINT;
1852 if (!SCNO_IN_RANGE(tcp->scno))
1853 tprintf("syscall_%lu(", tcp->scno);
1855 tprintf("%s(", sysent[tcp->scno].sys_name);
1856 if (!SCNO_IN_RANGE(tcp->scno) ||
1857 ((qual_flags[tcp->scno] & QUAL_RAW) &&
1858 sysent[tcp->scno].sys_func != sys_exit))
1859 res = printargs(tcp);
1861 res = (*sysent[tcp->scno].sys_func)(tcp);
1863 if (fflush(tcp->outf) == EOF)
1866 tcp->flags |= TCB_INSYSCALL;
1867 /* Measure the entrance time as late as possible to avoid errors. */
1869 gettimeofday(&tcp->etime, NULL);
1874 * 0: "ignore this ptrace stop", bail out of trace_syscall() silently.
1875 * 1: ok, continue in trace_syscall().
1876 * other: error, trace_syscall() should print error indicator
1877 * ("????" etc) and bail out.
1880 get_syscall_result(struct tcb *tcp)
1883 # if defined(S390) || defined(S390X)
1884 if (upeek(tcp, PT_GPR2, &gpr2) < 0)
1886 # elif defined (POWERPC)
1887 # define SO_MASK 0x10000000
1890 if (upeek(tcp, sizeof(unsigned long)*PT_CCR, &flags) < 0)
1892 if (upeek(tcp, sizeof(unsigned long)*PT_R3, &result) < 0)
1894 if (flags & SO_MASK)
1897 # elif defined(AVR32)
1898 /* Read complete register set in one go. */
1899 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, ®s) < 0)
1901 # elif defined(BFIN)
1902 if (upeek(tcp, PT_R0, &r0) < 0)
1904 # elif defined (I386)
1905 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &i386_regs) < 0)
1907 # elif defined (X86_64)
1908 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &x86_64_regs) < 0)
1910 # elif defined(IA64)
1911 # define IA64_PSR_IS ((long)1 << 34)
1912 if (upeek(tcp, PT_CR_IPSR, &psr) >= 0)
1913 ia32 = (psr & IA64_PSR_IS) != 0;
1914 if (upeek(tcp, PT_R8, &r8) < 0)
1916 if (upeek(tcp, PT_R10, &r10) < 0)
1918 # elif defined (ARM)
1919 /* Read complete register set in one go. */
1920 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (void *)®s) == -1)
1922 # elif defined (M68K)
1923 if (upeek(tcp, 4*PT_D0, &d0) < 0)
1925 # elif defined (LINUX_MIPSN32)
1926 unsigned long long regs[38];
1928 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1932 # elif defined (MIPS)
1933 if (upeek(tcp, REG_A3, &a3) < 0)
1935 if (upeek(tcp, REG_V0, &r2) < 0)
1937 # elif defined (ALPHA)
1938 if (upeek(tcp, REG_A3, &a3) < 0)
1940 if (upeek(tcp, REG_R0, &r0) < 0)
1942 # elif defined (SPARC) || defined (SPARC64)
1943 /* Everything we need is in the current register set. */
1944 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
1946 # elif defined(HPPA)
1947 if (upeek(tcp, PT_GR28, &r28) < 0)
1950 # elif defined(SH64)
1951 # elif defined(CRISV10) || defined(CRISV32)
1952 if (upeek(tcp, 4*PT_R10, &r10) < 0)
1954 # elif defined(TILE)
1955 # elif defined(MICROBLAZE)
1956 if (upeek(tcp, 3 * 4, &r3) < 0)
1963 /* new syscall ABI returns result in R0 */
1964 if (upeek(tcp, 4*REG_REG0, (long *)&r0) < 0)
1967 /* ABI defines result returned in r9 */
1968 if (upeek(tcp, REG_GENERAL(9), (long *)&r9) < 0)
1973 # ifndef HAVE_PR_SYSCALL
1975 if (pread(tcp->pfd_reg, ®s, sizeof(regs), 0) < 0) {
1979 # endif /* FREEBSD */
1980 # endif /* !HAVE_PR_SYSCALL */
1981 #endif /* USE_PROCFS */
1986 /* Called at each syscall exit.
1988 * 0: "ignore this ptrace stop", bail out of trace_syscall() silently.
1989 * 1: ok, continue in trace_syscall().
1990 * other: error, trace_syscall() should print error indicator
1991 * ("????" etc) and bail out.
1994 syscall_fixup_on_sysexit(struct tcb *tcp)
1997 if (tcp->status.PR_WHY != PR_SYSEXIT) {
1998 fprintf(stderr, "syscall: missing exit\n");
1999 tcp->flags &= ~TCB_INSYSCALL;
2001 #endif /* USE_PROCFS */
2005 int scno = known_scno(tcp);
2009 * This happens when a signal handler
2010 * for a signal which interrupted a
2011 * a system call makes another system call.
2013 fprintf(stderr, "syscall: missing exit\n");
2015 tcp->flags &= ~TCB_INSYSCALL;
2021 # if defined (S390) || defined (S390X)
2022 if (syscall_mode != -ENOSYS)
2023 syscall_mode = tcp->scno;
2024 if ((tcp->flags & TCB_WAITEXECVE)
2025 && (gpr2 == -ENOSYS || gpr2 == tcp->scno)) {
2027 * Return from execve.
2028 * Fake a return value of zero. We leave the TCB_WAITEXECVE
2029 * flag set for the post-execve SIGTRAP to see and reset.
2040 * Check the syscall return value register value for whether it is
2041 * a negated errno code indicating an error, or a success return value.
2044 is_negated_errno(unsigned long int val)
2046 unsigned long int max = -(long int) nerrnos;
2047 # if SUPPORTED_PERSONALITIES > 1
2048 if (personality_wordsize[current_personality] < sizeof(val)) {
2049 val = (unsigned int) val;
2050 max = (unsigned int) max;
2058 get_error(struct tcb *tcp)
2062 int check_errno = 1;
2063 if (SCNO_IN_RANGE(tcp->scno) &&
2064 sysent[tcp->scno].sys_flags & SYSCALL_NEVER_FAILS) {
2067 # if defined(S390) || defined(S390X)
2068 if (check_errno && is_negated_errno(gpr2)) {
2075 # elif defined(I386)
2076 if (check_errno && is_negated_errno(i386_regs.eax)) {
2078 u_error = -i386_regs.eax;
2081 tcp->u_rval = i386_regs.eax;
2083 # elif defined(X86_64)
2084 if (check_errno && is_negated_errno(x86_64_regs.rax)) {
2086 u_error = -x86_64_regs.rax;
2089 tcp->u_rval = x86_64_regs.rax;
2091 # elif defined(IA64)
2096 if (check_errno && is_negated_errno(err)) {
2104 if (check_errno && r10) {
2111 # elif defined(MIPS)
2112 if (check_errno && a3) {
2118 # elif defined(POWERPC)
2119 if (check_errno && is_negated_errno(result)) {
2124 tcp->u_rval = result;
2126 # elif defined(M68K)
2127 if (check_errno && is_negated_errno(d0)) {
2135 if (check_errno && is_negated_errno(regs.ARM_r0)) {
2137 u_error = -regs.ARM_r0;
2140 tcp->u_rval = regs.ARM_r0;
2142 # elif defined(AVR32)
2143 if (check_errno && regs.r12 && (unsigned) -regs.r12 < nerrnos) {
2145 u_error = -regs.r12;
2148 tcp->u_rval = regs.r12;
2150 # elif defined(BFIN)
2151 if (check_errno && is_negated_errno(r0)) {
2157 # elif defined(ALPHA)
2158 if (check_errno && a3) {
2165 # elif defined(SPARC)
2166 if (check_errno && regs.psr & PSR_C) {
2168 u_error = regs.u_regs[U_REG_O0];
2171 tcp->u_rval = regs.u_regs[U_REG_O0];
2173 # elif defined(SPARC64)
2174 if (check_errno && regs.tstate & 0x1100000000UL) {
2176 u_error = regs.u_regs[U_REG_O0];
2179 tcp->u_rval = regs.u_regs[U_REG_O0];
2181 # elif defined(HPPA)
2182 if (check_errno && is_negated_errno(r28)) {
2190 if (check_errno && is_negated_errno(r0)) {
2197 # elif defined(SH64)
2198 if (check_errno && is_negated_errno(r9)) {
2205 # elif defined(CRISV10) || defined(CRISV32)
2206 if (check_errno && r10 && (unsigned) -r10 < nerrnos) {
2213 # elif defined(TILE)
2215 if (upeek(tcp, PTREGS_OFFSET_REG(0), &rval) < 0)
2217 if (check_errno && rval < 0 && rval > -nerrnos) {
2224 # elif defined(MICROBLAZE)
2225 if (check_errno && is_negated_errno(r3)) {
2235 /* get error code from user struct */
2236 if (upeek(tcp, uoff(u_error), &u_error) < 0)
2238 u_error >>= 24; /* u_error is a char */
2240 /* get system call return value */
2241 if (upeek(tcp, uoff(u_rval1), &tcp->u_rval) < 0)
2246 /* Judicious guessing goes a long way. */
2247 if (tcp->status.pr_reg[R_PSR] & 0x100000) {
2249 u_error = tcp->status.pr_reg[R_O0];
2252 tcp->u_rval = tcp->status.pr_reg[R_O0];
2256 if (tcp->status.PR_REG[EFL] & 0x1) {
2258 u_error = tcp->status.PR_REG[EAX];
2261 tcp->u_rval = tcp->status.PR_REG[EAX];
2262 # ifdef HAVE_LONG_LONG
2264 ((unsigned long long) tcp->status.PR_REG[EDX] << 32) +
2265 tcp->status.PR_REG[EAX];
2270 if (tcp->status.PR_REG[EFLAGS] & 0x1) {
2272 u_error = tcp->status.PR_REG[RAX];
2275 tcp->u_rval = tcp->status.PR_REG[RAX];
2277 # endif /* X86_64 */
2279 if (tcp->status.pr_reg[CTX_A3]) {
2281 u_error = tcp->status.pr_reg[CTX_V0];
2284 tcp->u_rval = tcp->status.pr_reg[CTX_V0];
2289 if (regs.r_eflags & PSL_C) {
2291 u_error = regs.r_eax;
2293 tcp->u_rval = regs.r_eax;
2295 ((unsigned long long) regs.r_edx << 32) + regs.r_eax;
2297 #endif /* FREEBSD */
2298 tcp->u_error = u_error;
2303 dumpio(struct tcb *tcp)
2307 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= MAX_QUALS)
2309 if (!SCNO_IN_RANGE(tcp->scno))
2311 if (sysent[tcp->scno].sys_func == printargs)
2313 if (qual_flags[tcp->u_arg[0]] & QUAL_READ) {
2314 if (sysent[tcp->scno].sys_func == sys_read ||
2315 sysent[tcp->scno].sys_func == sys_pread ||
2317 #if _LFS64_LARGEFILE
2318 sysent[tcp->scno].sys_func == sys_pread64 ||
2321 sysent[tcp->scno].sys_func == sys_recv ||
2322 sysent[tcp->scno].sys_func == sys_recvfrom)
2323 dumpstr(tcp, tcp->u_arg[1], tcp->u_rval);
2324 else if (sysent[tcp->scno].sys_func == sys_readv)
2325 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]);
2328 if (qual_flags[tcp->u_arg[0]] & QUAL_WRITE) {
2329 if (sysent[tcp->scno].sys_func == sys_write ||
2330 sysent[tcp->scno].sys_func == sys_pwrite ||
2332 #if _LFS64_LARGEFILE
2333 sysent[tcp->scno].sys_func == sys_pwrite64 ||
2336 sysent[tcp->scno].sys_func == sys_send ||
2337 sysent[tcp->scno].sys_func == sys_sendto)
2338 dumpstr(tcp, tcp->u_arg[1], tcp->u_arg[2]);
2339 else if (sysent[tcp->scno].sys_func == sys_writev)
2340 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]);
2346 trace_syscall_exiting(struct tcb *tcp)
2353 /* Measure the exit time as early as possible to avoid errors. */
2355 gettimeofday(&tv, NULL);
2357 #if SUPPORTED_PERSONALITIES > 1
2358 update_personality(tcp, tcp->currpers);
2360 res = get_syscall_result(tcp);
2364 res = syscall_fixup_on_sysexit(tcp);
2368 res = get_error(tcp);
2372 internal_syscall(tcp);
2374 if (res == 1 && filtered(tcp)) {
2378 if (tcp->flags & TCB_REPRINT) {
2380 if (!SCNO_IN_RANGE(tcp->scno))
2381 tprintf("<... syscall_%lu resumed> ", tcp->scno);
2383 tprintf("<... %s resumed> ", sysent[tcp->scno].sys_name);
2387 struct timeval t = tv;
2388 count_syscall(tcp, &t);
2389 if (cflag == CFLAG_ONLY_STATS) {
2397 tprints("= ? <unavailable>\n");
2398 printing_tcp = NULL;
2399 tcp->flags &= ~TCB_INSYSCALL;
2403 if (!SCNO_IN_RANGE(tcp->scno)
2404 || (qual_flags[tcp->scno] & QUAL_RAW))
2405 sys_res = printargs(tcp);
2407 /* FIXME: not_failing_only (IOW, option -z) is broken:
2408 * failure of syscall is known only after syscall return.
2409 * Thus we end up with something like this on, say, ENOENT:
2410 * open("doesnt_exist", O_RDONLY <unfinished ...>
2411 * {next syscall decode}
2412 * whereas the intended result is that open(...) line
2413 * is not shown at all.
2415 if (not_failing_only && tcp->u_error)
2416 goto ret; /* ignore failed syscalls */
2417 sys_res = (*sysent[tcp->scno].sys_func)(tcp);
2422 u_error = tcp->u_error;
2423 if (!SCNO_IN_RANGE(tcp->scno) ||
2424 qual_flags[tcp->scno] & QUAL_RAW) {
2426 tprintf("= -1 (errno %ld)", u_error);
2428 tprintf("= %#lx", tcp->u_rval);
2430 else if (!(sys_res & RVAL_NONE) && u_error) {
2433 /* Blocked signals do not interrupt any syscalls.
2434 * In this case syscalls don't return ERESTARTfoo codes.
2436 * Deadly signals set to SIG_DFL interrupt syscalls
2437 * and kill the process regardless of which of the codes below
2438 * is returned by the interrupted syscall.
2439 * In some cases, kernel forces a kernel-generated deadly
2440 * signal to be unblocked and set to SIG_DFL (and thus cause
2441 * death) if it is blocked or SIG_IGNed: for example, SIGSEGV
2442 * or SIGILL. (The alternative is to leave process spinning
2443 * forever on the faulty instruction - not useful).
2445 * SIG_IGNed signals and non-deadly signals set to SIG_DFL
2446 * (for example, SIGCHLD, SIGWINCH) interrupt syscalls,
2447 * but kernel will always restart them.
2450 /* Most common type of signal-interrupted syscall exit code.
2451 * The system call will be restarted with the same arguments
2452 * if SA_RESTART is set; otherwise, it will fail with EINTR.
2454 tprints("= ? ERESTARTSYS (To be restarted if SA_RESTART is set)");
2456 case ERESTARTNOINTR:
2457 /* Rare. For example, fork() returns this if interrupted.
2458 * SA_RESTART is ignored (assumed set): the restart is unconditional.
2460 tprints("= ? ERESTARTNOINTR (To be restarted)");
2462 case ERESTARTNOHAND:
2463 /* pause(), rt_sigsuspend() etc use this code.
2464 * SA_RESTART is ignored (assumed not set):
2465 * syscall won't restart (will return EINTR instead)
2466 * even after signal with SA_RESTART set.
2467 * However, after SIG_IGN or SIG_DFL signal it will.
2469 tprints("= ? ERESTARTNOHAND (Interrupted by signal)");
2471 case ERESTART_RESTARTBLOCK:
2472 /* Syscalls like nanosleep(), poll() which can't be
2473 * restarted with their original arguments use this
2474 * code. Kernel will execute restart_syscall() instead,
2475 * which changes arguments before restarting syscall.
2476 * SA_RESTART is ignored (assumed not set) similarly
2477 * to ERESTARTNOHAND. (Kernel can't honor SA_RESTART
2478 * since restart data is saved in "restart block"
2479 * in task struct, and if signal handler uses a syscall
2480 * which in turn saves another such restart block,
2481 * old data is lost and restart becomes impossible)
2483 tprints("= ? ERESTART_RESTARTBLOCK (Interrupted by signal)");
2488 tprintf("= -1 E??? (errno %ld)", u_error);
2489 else if (u_error < nerrnos)
2490 tprintf("= -1 %s (%s)", errnoent[u_error],
2493 tprintf("= -1 ERRNO_%ld (%s)", u_error,
2497 if ((sys_res & RVAL_STR) && tcp->auxstr)
2498 tprintf(" (%s)", tcp->auxstr);
2501 if (sys_res & RVAL_NONE)
2504 switch (sys_res & RVAL_MASK) {
2506 tprintf("= %#lx", tcp->u_rval);
2509 tprintf("= %#lo", tcp->u_rval);
2512 tprintf("= %lu", tcp->u_rval);
2515 tprintf("= %ld", tcp->u_rval);
2517 #ifdef HAVE_LONG_LONG
2519 tprintf("= %#llx", tcp->u_lrval);
2522 tprintf("= %#llo", tcp->u_lrval);
2524 case RVAL_LUDECIMAL:
2525 tprintf("= %llu", tcp->u_lrval);
2528 tprintf("= %lld", tcp->u_lrval);
2533 "invalid rval format\n");
2537 if ((sys_res & RVAL_STR) && tcp->auxstr)
2538 tprintf(" (%s)", tcp->auxstr);
2541 tv_sub(&tv, &tv, &tcp->etime);
2542 tprintf(" <%ld.%06ld>",
2543 (long) tv.tv_sec, (long) tv.tv_usec);
2546 printing_tcp = NULL;
2549 if (fflush(tcp->outf) == EOF)
2552 tcp->flags &= ~TCB_INSYSCALL;
2557 trace_syscall(struct tcb *tcp)
2559 return exiting(tcp) ?
2560 trace_syscall_exiting(tcp) : trace_syscall_entering(tcp);