2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl>
3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl>
4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com>
5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl>
6 * Copyright (c) 1999 IBM Deutschland Entwicklung GmbH, IBM Corporation
7 * Linux for s390 port by D.J. Barrow
8 * <barrow_dj@mail.yahoo.com,djbarrow@de.ibm.com>
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. The name of the author may not be used to endorse or promote products
20 * derived from this software without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
42 #include <sys/syscall.h>
43 #include <sys/param.h>
47 #ifndef PTRACE_PEEKUSR
48 # define PTRACE_PEEKUSR PTRACE_PEEKUSER
50 #elif defined(HAVE_LINUX_PTRACE_H)
52 # ifdef HAVE_STRUCT_IA64_FPREG
53 # define ia64_fpreg XXX_ia64_fpreg
55 # ifdef HAVE_STRUCT_PT_ALL_USER_REGS
56 # define pt_all_user_regs XXX_pt_all_user_regs
58 #include <linux/ptrace.h>
60 # undef pt_all_user_regs
63 #if defined (LINUX) && defined (SPARC64)
64 # undef PTRACE_GETREGS
65 # define PTRACE_GETREGS PTRACE_GETREGS64
66 # undef PTRACE_SETREGS
67 # define PTRACE_SETREGS PTRACE_SETREGS64
68 #endif /* LINUX && SPARC64 */
70 #if defined(LINUX) && defined(IA64)
71 # include <asm/ptrace_offsets.h>
77 #define ERESTARTSYS 512
79 #ifndef ERESTARTNOINTR
80 #define ERESTARTNOINTR 513
82 #ifndef ERESTARTNOHAND
83 #define ERESTARTNOHAND 514 /* restart if no handler.. */
86 #define ENOIOCTLCMD 515 /* No ioctl command */
88 #ifndef ERESTART_RESTARTBLOCK
89 #define ERESTART_RESTARTBLOCK 516 /* restart by calling sys_restart_syscall */
92 #warning: NSIG is not defined, using 32
96 /* Ugh. Is this really correct? ARM has no RT signals?! */
104 /* Define these shorthand notations to simplify the syscallent files. */
105 #define TD TRACE_DESC
106 #define TF TRACE_FILE
108 #define TN TRACE_NETWORK
109 #define TP TRACE_PROCESS
110 #define TS TRACE_SIGNAL
111 #define NF SYSCALL_NEVER_FAILS
114 static const struct sysent sysent0[] = {
115 #include "syscallent.h"
118 #if SUPPORTED_PERSONALITIES >= 2
119 static const struct sysent sysent1[] = {
120 #include "syscallent1.h"
124 #if SUPPORTED_PERSONALITIES >= 3
125 static const struct sysent sysent2[] = {
126 #include "syscallent2.h"
130 /* Now undef them since short defines cause wicked namespace pollution. */
142 * `ioctlent.h' may be generated from `ioctlent.raw' by the auxiliary
143 * program `ioctlsort', such that the list is sorted by the `code' field.
144 * This has the side-effect of resolving the _IO.. macros into
145 * plain integers, eliminating the need to include here everything
150 static const char *const errnoent0[] = {
151 #include "errnoent.h"
153 static const char *const signalent0[] = {
154 #include "signalent.h"
156 static const struct ioctlent ioctlent0[] = {
157 #include "ioctlent.h"
159 enum { nsyscalls0 = ARRAY_SIZE(sysent0) };
160 enum { nerrnos0 = ARRAY_SIZE(errnoent0) };
161 enum { nsignals0 = ARRAY_SIZE(signalent0) };
162 enum { nioctlents0 = ARRAY_SIZE(ioctlent0) };
163 int qual_flags0[MAX_QUALS];
165 #if SUPPORTED_PERSONALITIES >= 2
166 static const char *const errnoent1[] = {
167 #include "errnoent1.h"
169 static const char *const signalent1[] = {
170 #include "signalent1.h"
172 static const struct ioctlent ioctlent1[] = {
173 #include "ioctlent1.h"
175 enum { nsyscalls1 = ARRAY_SIZE(sysent1) };
176 enum { nerrnos1 = ARRAY_SIZE(errnoent1) };
177 enum { nsignals1 = ARRAY_SIZE(signalent1) };
178 enum { nioctlents1 = ARRAY_SIZE(ioctlent1) };
179 int qual_flags1[MAX_QUALS];
182 #if SUPPORTED_PERSONALITIES >= 3
183 static const char *const errnoent2[] = {
184 #include "errnoent2.h"
186 static const char *const signalent2[] = {
187 #include "signalent2.h"
189 static const struct ioctlent ioctlent2[] = {
190 #include "ioctlent2.h"
192 enum { nsyscalls2 = ARRAY_SIZE(sysent2) };
193 enum { nerrnos2 = ARRAY_SIZE(errnoent2) };
194 enum { nsignals2 = ARRAY_SIZE(signalent2) };
195 enum { nioctlents2 = ARRAY_SIZE(ioctlent2) };
196 int qual_flags2[MAX_QUALS];
200 const struct sysent *sysent;
201 const char *const *errnoent;
202 const char *const *signalent;
203 const struct ioctlent *ioctlent;
210 int current_personality;
212 #ifndef PERSONALITY0_WORDSIZE
213 # define PERSONALITY0_WORDSIZE sizeof(long)
215 const int personality_wordsize[SUPPORTED_PERSONALITIES] = {
216 PERSONALITY0_WORDSIZE,
217 #if SUPPORTED_PERSONALITIES > 1
218 PERSONALITY1_WORDSIZE,
220 #if SUPPORTED_PERSONALITIES > 2
221 PERSONALITY2_WORDSIZE,
226 set_personality(int personality)
228 switch (personality) {
230 errnoent = errnoent0;
233 nsyscalls = nsyscalls0;
234 ioctlent = ioctlent0;
235 nioctlents = nioctlents0;
236 signalent = signalent0;
237 nsignals = nsignals0;
238 qual_flags = qual_flags0;
241 #if SUPPORTED_PERSONALITIES >= 2
243 errnoent = errnoent1;
246 nsyscalls = nsyscalls1;
247 ioctlent = ioctlent1;
248 nioctlents = nioctlents1;
249 signalent = signalent1;
250 nsignals = nsignals1;
251 qual_flags = qual_flags1;
255 #if SUPPORTED_PERSONALITIES >= 3
257 errnoent = errnoent2;
260 nsyscalls = nsyscalls2;
261 ioctlent = ioctlent2;
262 nioctlents = nioctlents2;
263 signalent = signalent2;
264 nsignals = nsignals2;
265 qual_flags = qual_flags2;
270 current_personality = personality;
273 #if SUPPORTED_PERSONALITIES > 1
275 update_personality(struct tcb *tcp, int personality)
277 if (personality == current_personality)
279 set_personality(personality);
281 if (personality == tcp->currpers)
283 tcp->currpers = personality;
285 #if defined(POWERPC64) || defined(X86_64)
287 static const char *const names[] = {"64 bit", "32 bit"};
288 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n",
289 tcp->pid, names[personality]);
295 static int qual_syscall(), qual_signal(), qual_fault(), qual_desc();
297 static const struct qual_options {
299 const char *option_name;
300 int (*qualify)(const char *, int, int);
301 const char *argument_name;
303 { QUAL_TRACE, "trace", qual_syscall, "system call" },
304 { QUAL_TRACE, "t", qual_syscall, "system call" },
305 { QUAL_ABBREV, "abbrev", qual_syscall, "system call" },
306 { QUAL_ABBREV, "a", qual_syscall, "system call" },
307 { QUAL_VERBOSE, "verbose", qual_syscall, "system call" },
308 { QUAL_VERBOSE, "v", qual_syscall, "system call" },
309 { QUAL_RAW, "raw", qual_syscall, "system call" },
310 { QUAL_RAW, "x", qual_syscall, "system call" },
311 { QUAL_SIGNAL, "signal", qual_signal, "signal" },
312 { QUAL_SIGNAL, "signals", qual_signal, "signal" },
313 { QUAL_SIGNAL, "s", qual_signal, "signal" },
314 { QUAL_FAULT, "fault", qual_fault, "fault" },
315 { QUAL_FAULT, "faults", qual_fault, "fault" },
316 { QUAL_FAULT, "m", qual_fault, "fault" },
317 { QUAL_READ, "read", qual_desc, "descriptor" },
318 { QUAL_READ, "reads", qual_desc, "descriptor" },
319 { QUAL_READ, "r", qual_desc, "descriptor" },
320 { QUAL_WRITE, "write", qual_desc, "descriptor" },
321 { QUAL_WRITE, "writes", qual_desc, "descriptor" },
322 { QUAL_WRITE, "w", qual_desc, "descriptor" },
323 { 0, NULL, NULL, NULL },
327 qualify_one(int n, int bitflag, int not, int pers)
329 if (pers == 0 || pers < 0) {
331 qual_flags0[n] &= ~bitflag;
333 qual_flags0[n] |= bitflag;
336 #if SUPPORTED_PERSONALITIES >= 2
337 if (pers == 1 || pers < 0) {
339 qual_flags1[n] &= ~bitflag;
341 qual_flags1[n] |= bitflag;
343 #endif /* SUPPORTED_PERSONALITIES >= 2 */
345 #if SUPPORTED_PERSONALITIES >= 3
346 if (pers == 2 || pers < 0) {
348 qual_flags2[n] &= ~bitflag;
350 qual_flags2[n] |= bitflag;
352 #endif /* SUPPORTED_PERSONALITIES >= 3 */
356 qual_syscall(const char *s, int bitflag, int not)
361 if (isdigit((unsigned char)*s)) {
363 if (i < 0 || i >= MAX_QUALS)
365 qualify_one(i, bitflag, not, -1);
368 for (i = 0; i < nsyscalls0; i++)
369 if (strcmp(s, sysent0[i].sys_name) == 0) {
370 qualify_one(i, bitflag, not, 0);
374 #if SUPPORTED_PERSONALITIES >= 2
375 for (i = 0; i < nsyscalls1; i++)
376 if (strcmp(s, sysent1[i].sys_name) == 0) {
377 qualify_one(i, bitflag, not, 1);
380 #endif /* SUPPORTED_PERSONALITIES >= 2 */
382 #if SUPPORTED_PERSONALITIES >= 3
383 for (i = 0; i < nsyscalls2; i++)
384 if (strcmp(s, sysent2[i].sys_name) == 0) {
385 qualify_one(i, bitflag, not, 2);
388 #endif /* SUPPORTED_PERSONALITIES >= 3 */
394 qual_signal(const char *s, int bitflag, int not)
399 if (isdigit((unsigned char)*s)) {
401 if (signo < 0 || signo >= MAX_QUALS)
403 qualify_one(signo, bitflag, not, -1);
406 if (strlen(s) >= sizeof buf)
410 if (strncasecmp(s, "SIG", 3) == 0)
412 for (i = 0; i <= NSIG; i++)
413 if (strcasecmp(s, signame(i) + 3) == 0) {
414 qualify_one(i, bitflag, not, -1);
421 qual_fault(const char *s, int bitflag, int not)
427 qual_desc(const char *s, int bitflag, int not)
429 if (isdigit((unsigned char)*s)) {
431 if (desc < 0 || desc >= MAX_QUALS)
433 qualify_one(desc, bitflag, not, -1);
440 lookup_class(const char *s)
442 if (strcmp(s, "file") == 0)
444 if (strcmp(s, "ipc") == 0)
446 if (strcmp(s, "network") == 0)
447 return TRACE_NETWORK;
448 if (strcmp(s, "process") == 0)
449 return TRACE_PROCESS;
450 if (strcmp(s, "signal") == 0)
452 if (strcmp(s, "desc") == 0)
458 qualify(const char *s)
460 const struct qual_options *opt;
466 opt = &qual_options[0];
467 for (i = 0; (p = qual_options[i].option_name); i++) {
469 if (strncmp(s, p, n) == 0 && s[n] == '=') {
470 opt = &qual_options[i];
480 if (strcmp(s, "none") == 0) {
484 if (strcmp(s, "all") == 0) {
485 for (i = 0; i < MAX_QUALS; i++) {
486 qualify_one(i, opt->bitflag, not, -1);
490 for (i = 0; i < MAX_QUALS; i++) {
491 qualify_one(i, opt->bitflag, !not, -1);
496 for (p = strtok(copy, ","); p; p = strtok(NULL, ",")) {
497 if (opt->bitflag == QUAL_TRACE && (n = lookup_class(p)) > 0) {
498 for (i = 0; i < nsyscalls0; i++)
499 if (sysent0[i].sys_flags & n)
500 qualify_one(i, opt->bitflag, not, 0);
502 #if SUPPORTED_PERSONALITIES >= 2
503 for (i = 0; i < nsyscalls1; i++)
504 if (sysent1[i].sys_flags & n)
505 qualify_one(i, opt->bitflag, not, 1);
506 #endif /* SUPPORTED_PERSONALITIES >= 2 */
508 #if SUPPORTED_PERSONALITIES >= 3
509 for (i = 0; i < nsyscalls2; i++)
510 if (sysent2[i].sys_flags & n)
511 qualify_one(i, opt->bitflag, not, 2);
512 #endif /* SUPPORTED_PERSONALITIES >= 3 */
516 if (opt->qualify(p, opt->bitflag, not)) {
517 fprintf(stderr, "strace: invalid %s `%s'\n",
518 opt->argument_name, p);
527 enum subcall_style { shift_style, deref_style, mask_style, door_style };
529 enum subcall_style { shift_style, deref_style, mask_style, door_style, table_style };
537 static const struct subcall subcalls_table[] = {
538 { SYS_shmsys, 5, { SYS_shmat, SYS_shmctl, SYS_shmdt, SYS_shmget, SYS_shmctl } },
540 { SYS_semsys, 4, { SYS___semctl, SYS_semget, SYS_semop, SYS_semconfig } },
542 { SYS_semsys, 3, { SYS___semctl, SYS_semget, SYS_semop } },
544 { SYS_msgsys, 4, { SYS_msgctl, SYS_msgget, SYS_msgsnd, SYS_msgrcv } },
548 #if !(defined(LINUX) && ( defined(ALPHA) || defined(MIPS) || defined(__ARM_EABI__) ))
551 decode_subcall(struct tcb *tcp, int subcall, int nsubcalls, enum subcall_style style)
553 unsigned long addr, mask;
555 int size = personality_wordsize[current_personality];
559 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= nsubcalls)
561 tcp->scno = subcall + tcp->u_arg[0];
562 tcp->u_nargs = n = sysent[tcp->scno].nargs;
563 for (i = 0; i < n; i++)
564 tcp->u_arg[i] = tcp->u_arg[i + 1];
567 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= nsubcalls)
569 tcp->scno = subcall + tcp->u_arg[0];
570 addr = tcp->u_arg[1];
571 tcp->u_nargs = n = sysent[tcp->scno].nargs;
572 for (i = 0; i < n; i++) {
573 if (size == sizeof(int)) {
575 if (umove(tcp, addr, &arg) < 0)
579 else if (size == sizeof(long)) {
581 if (umove(tcp, addr, &arg) < 0)
591 mask = (tcp->u_arg[0] >> 8) & 0xff;
592 for (i = 0; mask; i++)
596 tcp->u_arg[0] &= 0xff;
597 tcp->scno = subcall + i;
598 tcp->u_nargs = sysent[tcp->scno].nargs;
602 * Oh, yuck. The call code is the *sixth* argument.
603 * (don't you mean the *last* argument? - JH)
605 if (tcp->u_arg[5] < 0 || tcp->u_arg[5] >= nsubcalls)
607 tcp->scno = subcall + tcp->u_arg[5];
608 tcp->u_nargs = sysent[tcp->scno].nargs;
612 for (i = 0; i < ARRAY_SIZE(subcalls_table); i++)
613 if (subcalls_table[i].call == tcp->scno) break;
614 if (i < ARRAY_SIZE(subcalls_table) &&
615 tcp->u_arg[0] >= 0 && tcp->u_arg[0] < subcalls_table[i].nsubcalls) {
616 tcp->scno = subcalls_table[i].subcalls[tcp->u_arg[0]];
617 for (i = 0; i < tcp->u_nargs; i++)
618 tcp->u_arg[i] = tcp->u_arg[i + 1];
627 printargs(struct tcb *tcp)
632 for (i = 0; i < tcp->u_nargs; i++)
633 tprintf("%s%#lx", i ? ", " : "", tcp->u_arg[i]);
639 getrval2(struct tcb *tcp)
644 #if defined (SPARC) || defined (SPARC64)
646 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
648 val = regs.u_regs[U_REG_O1];
650 if (upeek(tcp, 4*(REG_REG0+1), &val) < 0)
653 if (upeek(tcp, PT_R9, &val) < 0)
659 if (upeek(tcp, uoff(u_rval2), &val) < 0)
665 val = tcp->status.PR_REG[R_O1];
668 val = tcp->status.PR_REG[EDX];
671 val = tcp->status.PR_REG[RDX];
674 val = tcp->status.PR_REG[CTX_V1];
680 pread(tcp->pfd_reg, ®s, sizeof(regs), 0);
688 * Apparently, indirect system calls have already be converted by ptrace(2),
689 * so if you see "indir" this program has gone astray.
692 sys_indir(struct tcb *tcp)
698 scno = tcp->u_arg[0];
699 if (!SCNO_IN_RANGE(scno)) {
700 fprintf(stderr, "Bogus syscall: %ld\n", scno);
703 nargs = sysent[scno].nargs;
704 tprints(sysent[scno].sys_name);
705 for (i = 0; i < nargs; i++)
706 tprintf(", %#lx", tcp->u_arg[i+1]);
713 is_restart_error(struct tcb *tcp)
716 switch (tcp->u_error) {
720 case ERESTART_RESTARTBLOCK:
731 struct pt_regs i386_regs;
732 # elif defined(X86_64)
734 * On 32 bits, pt_regs and user_regs_struct are the same,
735 * but on 64 bits, user_regs_struct has six more fields:
736 * fs_base, gs_base, ds, es, fs, gs.
737 * PTRACE_GETREGS fills them too, so struct pt_regs would overflow.
739 static struct user_regs_struct x86_64_regs;
740 # elif defined (IA64)
741 long r8, r10, psr; /* TODO: make static? */
742 long ia32 = 0; /* not static */
743 # elif defined (POWERPC)
745 # elif defined (M68K)
750 static struct pt_regs regs;
751 # elif defined (ALPHA)
754 # elif defined(AVR32)
755 static struct pt_regs regs;
756 # elif defined (SPARC) || defined (SPARC64)
757 static struct pt_regs regs;
758 static unsigned long trap;
759 # elif defined(LINUX_MIPSN32)
765 # elif defined(S390) || defined(S390X)
768 static long syscall_mode;
775 # elif defined(CRISV10) || defined(CRISV32)
777 # elif defined(MICROBLAZE)
782 struct reg regs; /* TODO: make static? */
786 * 0: "ignore this ptrace stop", bail out of trace_syscall() silently.
787 * 1: ok, continue in trace_syscall().
788 * other: error, trace_syscall() should print error indicator
789 * ("????" etc) and bail out.
795 get_scno(struct tcb *tcp)
800 # if defined(S390) || defined(S390X)
801 if (upeek(tcp, PT_GPR2, &syscall_mode) < 0)
804 if (syscall_mode != -ENOSYS) {
806 * Since kernel version 2.5.44 the scno gets passed in gpr2.
811 * Old style of "passing" the scno via the SVC instruction.
813 long opcode, offset_reg, tmp;
815 static const int gpr_offset[16] = {
816 PT_GPR0, PT_GPR1, PT_ORIGGPR2, PT_GPR3,
817 PT_GPR4, PT_GPR5, PT_GPR6, PT_GPR7,
818 PT_GPR8, PT_GPR9, PT_GPR10, PT_GPR11,
819 PT_GPR12, PT_GPR13, PT_GPR14, PT_GPR15
822 if (upeek(tcp, PT_PSWADDR, &pc) < 0)
825 opcode = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)(pc-sizeof(long)), 0);
827 perror("peektext(pc-oneword)");
832 * We have to check if the SVC got executed directly or via an
833 * EXECUTE instruction. In case of EXECUTE it is necessary to do
834 * instruction decoding to derive the system call number.
835 * Unfortunately the opcode sizes of EXECUTE and SVC are differently,
836 * so that this doesn't work if a SVC opcode is part of an EXECUTE
837 * opcode. Since there is no way to find out the opcode size this
838 * is the best we can do...
840 if ((opcode & 0xff00) == 0x0a00) {
842 scno = opcode & 0xff;
845 /* SVC got executed by EXECUTE instruction */
848 * Do instruction decoding of EXECUTE. If you really want to
849 * understand this, read the Principles of Operations.
851 svc_addr = (void *) (opcode & 0xfff);
854 offset_reg = (opcode & 0x000f0000) >> 16;
855 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
860 offset_reg = (opcode & 0x0000f000) >> 12;
861 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
865 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, svc_addr, 0);
874 offset_reg = (opcode & 0x00f00000) >> 20;
875 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
878 scno = (scno | tmp) & 0xff;
881 # elif defined (POWERPC)
882 if (upeek(tcp, sizeof(unsigned long)*PT_R0, &scno) < 0)
885 /* TODO: speed up strace by not doing this at every syscall.
886 * We only need to do it after execve.
892 /* Check for 64/32 bit mode. */
893 if (upeek(tcp, sizeof(unsigned long)*PT_MSR, &val) < 0)
895 /* SF is bit 0 of MSR */
900 update_personality(tcp, currpers);
902 # elif defined(AVR32)
903 /* Read complete register set in one go. */
904 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, ®s) < 0)
908 if (upeek(tcp, PT_ORIG_P0, &scno))
910 # elif defined (I386)
911 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &i386_regs) < 0)
913 scno = i386_regs.orig_eax;
914 # elif defined (X86_64)
916 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &x86_64_regs) < 0)
918 scno = x86_64_regs.orig_rax;
920 /* Check CS register value. On x86-64 linux it is:
921 * 0x33 for long mode (64 bit)
922 * 0x23 for compatibility mode (32 bit)
924 switch (x86_64_regs.cs) {
925 case 0x23: currpers = 1; break;
926 case 0x33: currpers = 0; break;
928 fprintf(stderr, "Unknown value CS=0x%08X while "
929 "detecting personality of process "
930 "PID=%d\n", (int)x86_64_regs.cs, tcp->pid);
931 currpers = current_personality;
935 /* This version analyzes the opcode of a syscall instruction.
936 * (int 0x80 on i386 vs. syscall on x86-64)
937 * It works, but is too complicated.
939 unsigned long val, rip, i;
941 rip = x86_64_regs.rip;
943 /* sizeof(syscall) == sizeof(int 0x80) == 2 */
947 call = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)rip, (char *)0);
949 fprintf(stderr, "ptrace_peektext failed: %s\n",
951 switch (call & 0xffff) {
952 /* x86-64: syscall = 0x0f 0x05 */
953 case 0x050f: currpers = 0; break;
954 /* i386: int 0x80 = 0xcd 0x80 */
955 case 0x80cd: currpers = 1; break;
957 currpers = current_personality;
959 "Unknown syscall opcode (0x%04X) while "
960 "detecting personality of process "
961 "PID=%d\n", (int)call, tcp->pid);
965 update_personality(tcp, currpers);
967 # define IA64_PSR_IS ((long)1 << 34)
968 if (upeek(tcp, PT_CR_IPSR, &psr) >= 0)
969 ia32 = (psr & IA64_PSR_IS) != 0;
971 if (upeek(tcp, PT_R1, &scno) < 0)
974 if (upeek(tcp, PT_R15, &scno) < 0)
978 /* Read complete register set in one go. */
979 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (void *)®s) == -1)
983 * We only need to grab the syscall number on syscall entry.
985 if (regs.ARM_ip == 0) {
987 * Note: we only deal with only 32-bit CPUs here.
989 if (regs.ARM_cpsr & 0x20) {
991 * Get the Thumb-mode system call number
996 * Get the ARM-mode system call number
999 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, (void *)(regs.ARM_pc - 4), NULL);
1003 /* Handle the EABI syscall convention. We do not
1004 bother converting structures between the two
1005 ABIs, but basic functionality should work even
1006 if strace and the traced program have different
1008 if (scno == 0xef000000) {
1011 if ((scno & 0x0ff00000) != 0x0f900000) {
1012 fprintf(stderr, "syscall: unknown syscall trap 0x%08lx\n",
1018 * Fixup the syscall number
1023 if (scno & 0x0f0000) {
1025 * Handle ARM specific syscall
1027 update_personality(tcp, 1);
1030 update_personality(tcp, 0);
1033 fprintf(stderr, "pid %d stray syscall entry\n", tcp->pid);
1034 tcp->flags |= TCB_INSYSCALL;
1036 # elif defined (M68K)
1037 if (upeek(tcp, 4*PT_ORIG_D0, &scno) < 0)
1039 # elif defined (LINUX_MIPSN32)
1040 unsigned long long regs[38];
1042 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1048 if (!SCNO_IN_RANGE(scno)) {
1049 if (a3 == 0 || a3 == -1) {
1051 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno);
1055 # elif defined (MIPS)
1056 if (upeek(tcp, REG_A3, &a3) < 0)
1058 if (upeek(tcp, REG_V0, &scno) < 0)
1061 if (!SCNO_IN_RANGE(scno)) {
1062 if (a3 == 0 || a3 == -1) {
1064 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno);
1068 # elif defined (ALPHA)
1069 if (upeek(tcp, REG_A3, &a3) < 0)
1071 if (upeek(tcp, REG_R0, &scno) < 0)
1075 * Do some sanity checks to figure out if it's
1076 * really a syscall entry
1078 if (!SCNO_IN_RANGE(scno)) {
1079 if (a3 == 0 || a3 == -1) {
1081 fprintf(stderr, "stray syscall exit: r0 = %ld\n", scno);
1085 # elif defined (SPARC) || defined (SPARC64)
1086 /* Everything we need is in the current register set. */
1087 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
1090 /* Disassemble the syscall trap. */
1091 /* Retrieve the syscall trap instruction. */
1093 # if defined(SPARC64)
1094 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)regs.tpc, 0);
1097 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)regs.pc, 0);
1102 /* Disassemble the trap to see what personality to use. */
1105 /* Linux/SPARC syscall trap. */
1106 update_personality(tcp, 0);
1109 /* Linux/SPARC64 syscall trap. */
1110 update_personality(tcp, 2);
1113 /* SunOS syscall trap. (pers 1) */
1114 fprintf(stderr, "syscall: SunOS no support\n");
1117 /* Solaris 2.x syscall trap. (per 2) */
1118 update_personality(tcp, 1);
1121 /* NetBSD/FreeBSD syscall trap. */
1122 fprintf(stderr, "syscall: NetBSD/FreeBSD not supported\n");
1125 /* Solaris 2.x gettimeofday */
1126 update_personality(tcp, 1);
1129 # if defined (SPARC64)
1130 fprintf(stderr, "syscall: unknown syscall trap %08lx %016lx\n", trap, regs.tpc);
1132 fprintf(stderr, "syscall: unknown syscall trap %08lx %08lx\n", trap, regs.pc);
1137 /* Extract the system call number from the registers. */
1138 if (trap == 0x91d02027)
1141 scno = regs.u_regs[U_REG_G1];
1143 scno = regs.u_regs[U_REG_O0];
1144 memmove(®s.u_regs[U_REG_O0], ®s.u_regs[U_REG_O1], 7*sizeof(regs.u_regs[0]));
1146 # elif defined(HPPA)
1147 if (upeek(tcp, PT_GR20, &scno) < 0)
1151 * In the new syscall ABI, the system call number is in R3.
1153 if (upeek(tcp, 4*(REG_REG0+3), &scno) < 0)
1157 /* Odd as it may seem, a glibc bug has been known to cause
1158 glibc to issue bogus negative syscall numbers. So for
1159 our purposes, make strace print what it *should* have been */
1160 long correct_scno = (scno & 0xff);
1163 "Detected glibc bug: bogus system call"
1164 " number = %ld, correcting to %ld\n",
1167 scno = correct_scno;
1169 # elif defined(SH64)
1170 if (upeek(tcp, REG_SYSCALL, &scno) < 0)
1173 # elif defined(CRISV10) || defined(CRISV32)
1174 if (upeek(tcp, 4*PT_R9, &scno) < 0)
1176 # elif defined(TILE)
1177 if (upeek(tcp, PTREGS_OFFSET_REG(10), &scno) < 0)
1179 # elif defined(MICROBLAZE)
1180 if (upeek(tcp, 0, &scno) < 0)
1186 if (upeek(tcp, uoff(u_arg[7]), &scno) < 0)
1189 /* new syscall ABI returns result in R0 */
1190 if (upeek(tcp, 4*REG_REG0, (long *)&r0) < 0)
1193 /* ABI defines result returned in r9 */
1194 if (upeek(tcp, REG_GENERAL(9), (long *)&r9) < 0)
1199 # ifdef HAVE_PR_SYSCALL
1200 scno = tcp->status.PR_SYSCALL;
1203 scno = tcp->status.PR_WHAT;
1205 if (pread(tcp->pfd_reg, ®s, sizeof(regs), 0) < 0) {
1209 switch (regs.r_eax) {
1212 pread(tcp->pfd, &scno, sizeof(scno), regs.r_esp + sizeof(int));
1218 # endif /* FREEBSD */
1219 # endif /* !HAVE_PR_SYSCALL */
1220 #endif /* USE_PROCFS */
1226 /* Called at each syscall entry.
1228 * 0: "ignore this ptrace stop", bail out of trace_syscall() silently.
1229 * 1: ok, continue in trace_syscall().
1230 * other: error, trace_syscall() should print error indicator
1231 * ("????" etc) and bail out.
1234 syscall_fixup_on_sysenter(struct tcb *tcp)
1237 int scno = tcp->scno;
1239 if (tcp->status.PR_WHY != PR_SYSENTRY) {
1243 || scno == SYS_vfork
1246 || scno == SYS_fork1
1249 || scno == SYS_forkall
1252 || scno == SYS_rfork1
1255 || scno == SYS_rforkall
1258 /* We are returning in the child, fake it. */
1259 tcp->status.PR_WHY = PR_SYSENTRY;
1261 tcp->status.PR_WHY = PR_SYSEXIT;
1264 fprintf(stderr, "syscall: missing entry\n");
1265 tcp->flags |= TCB_INSYSCALL;
1268 #endif /* USE_PROCFS */
1272 fprintf(stderr, "syscall: missing entry\n");
1273 tcp->flags |= TCB_INSYSCALL;
1278 /* A common case of "not a syscall entry" is post-execve SIGTRAP */
1280 if (i386_regs.eax != -ENOSYS) {
1282 fprintf(stderr, "not a syscall entry (eax = %ld)\n", i386_regs.eax);
1285 #elif defined (X86_64)
1287 long rax = x86_64_regs.rax;
1288 if (current_personality == 1)
1289 rax = (int)rax; /* sign extend from 32 bits */
1290 if (rax != -ENOSYS) {
1292 fprintf(stderr, "not a syscall entry (rax = %ld)\n", rax);
1296 #elif defined (S390) || defined (S390X)
1297 /* TODO: we already fetched PT_GPR2 in get_scno
1298 * and stored it in syscall_mode, reuse it here
1299 * instead of re-fetching?
1301 if (upeek(tcp, PT_GPR2, &gpr2) < 0)
1303 if (syscall_mode != -ENOSYS)
1304 syscall_mode = tcp->scno;
1305 if (gpr2 != syscall_mode) {
1307 fprintf(stderr, "not a syscall entry (gpr2 = %ld)\n", gpr2);
1310 #elif defined (M68K)
1311 /* TODO? Eliminate upeek's in arches below like we did in x86 */
1312 if (upeek(tcp, 4*PT_D0, &d0) < 0)
1314 if (d0 != -ENOSYS) {
1316 fprintf(stderr, "not a syscall entry (d0 = %ld)\n", d0);
1320 if (upeek(tcp, PT_R10, &r10) < 0)
1322 if (upeek(tcp, PT_R8, &r8) < 0)
1324 if (ia32 && r8 != -ENOSYS) {
1326 fprintf(stderr, "not a syscall entry (r8 = %ld)\n", r8);
1329 #elif defined(CRISV10) || defined(CRISV32)
1330 if (upeek(tcp, 4*PT_R10, &r10) < 0)
1332 if (r10 != -ENOSYS) {
1334 fprintf(stderr, "not a syscall entry (r10 = %ld)\n", r10);
1337 #elif defined(MICROBLAZE)
1338 if (upeek(tcp, 3 * 4, &r3) < 0)
1340 if (r3 != -ENOSYS) {
1342 fprintf(stderr, "not a syscall entry (r3 = %ld)\n", r3);
1351 internal_syscall(struct tcb *tcp)
1354 * We must always trace a few critical system calls in order to
1355 * correctly support following forks in the presence of tracing
1360 if (!SCNO_IN_RANGE(tcp->scno))
1363 func = sysent[tcp->scno].sys_func;
1365 if ( sys_fork == func
1366 #if defined(FREEBSD) || defined(LINUX) || defined(SUNOS4)
1367 || sys_vfork == func
1370 || sys_clone == func
1373 || sys_rfork == func
1376 return internal_fork(tcp);
1378 #if defined SUNOS4 || (defined LINUX && defined TCB_WAITEXECVE)
1379 if ( sys_execve == func
1380 # if defined(SPARC) || defined(SPARC64) || defined(SUNOS4)
1381 || sys_execv == func
1384 || sys_rexecve == func
1387 return internal_exec(tcp);
1394 syscall_enter(struct tcb *tcp)
1399 if (SCNO_IN_RANGE(tcp->scno))
1400 nargs = tcp->u_nargs = sysent[tcp->scno].nargs;
1402 nargs = tcp->u_nargs = MAX_ARGS;
1404 # if defined(S390) || defined(S390X)
1405 for (i = 0; i < nargs; ++i)
1406 if (upeek(tcp, i==0 ? PT_ORIGGPR2 : PT_GPR2 + i*sizeof(long), &tcp->u_arg[i]) < 0)
1408 # elif defined(ALPHA)
1409 for (i = 0; i < nargs; ++i)
1410 if (upeek(tcp, REG_A0+i, &tcp->u_arg[i]) < 0)
1412 # elif defined(IA64)
1414 unsigned long *out0, cfm, sof, sol;
1416 /* be backwards compatible with kernel < 2.4.4... */
1418 # define PT_RBS_END PT_AR_BSP
1421 if (upeek(tcp, PT_RBS_END, &rbs_end) < 0)
1423 if (upeek(tcp, PT_CFM, (long *) &cfm) < 0)
1426 sof = (cfm >> 0) & 0x7f;
1427 sol = (cfm >> 7) & 0x7f;
1428 out0 = ia64_rse_skip_regs((unsigned long *) rbs_end, -sof + sol);
1430 for (i = 0; i < nargs; ++i) {
1431 if (umoven(tcp, (unsigned long) ia64_rse_skip_regs(out0, i),
1432 sizeof(long), (char *) &tcp->u_arg[i]) < 0)
1436 static const int argreg[MAX_ARGS] = { PT_R11 /* EBX = out0 */,
1437 PT_R9 /* ECX = out1 */,
1438 PT_R10 /* EDX = out2 */,
1439 PT_R14 /* ESI = out3 */,
1440 PT_R15 /* EDI = out4 */,
1441 PT_R13 /* EBP = out5 */};
1443 for (i = 0; i < nargs; ++i) {
1444 if (upeek(tcp, argreg[i], &tcp->u_arg[i]) < 0)
1446 /* truncate away IVE sign-extension */
1447 tcp->u_arg[i] &= 0xffffffff;
1450 # elif defined(LINUX_MIPSN32) || defined(LINUX_MIPSN64)
1451 /* N32 and N64 both use up to six registers. */
1452 unsigned long long regs[38];
1454 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1457 for (i = 0; i < nargs; ++i) {
1458 tcp->u_arg[i] = regs[REG_A0 + i];
1459 # if defined(LINUX_MIPSN32)
1460 tcp->ext_arg[i] = regs[REG_A0 + i];
1463 # elif defined(MIPS)
1467 if (upeek(tcp, REG_SP, &sp) < 0)
1469 for (i = 0; i < 4; ++i)
1470 if (upeek(tcp, REG_A0 + i, &tcp->u_arg[i]) < 0)
1472 umoven(tcp, sp + 16, (nargs - 4) * sizeof(tcp->u_arg[0]),
1473 (char *)(tcp->u_arg + 4));
1475 for (i = 0; i < nargs; ++i)
1476 if (upeek(tcp, REG_A0 + i, &tcp->u_arg[i]) < 0)
1479 # elif defined(POWERPC)
1481 # define PT_ORIG_R3 34
1483 for (i = 0; i < nargs; ++i) {
1484 if (upeek(tcp, (i==0) ?
1485 (sizeof(unsigned long) * PT_ORIG_R3) :
1486 ((i+PT_R3) * sizeof(unsigned long)),
1487 &tcp->u_arg[i]) < 0)
1490 # elif defined(SPARC) || defined(SPARC64)
1491 for (i = 0; i < nargs; ++i)
1492 tcp->u_arg[i] = regs.u_regs[U_REG_O0 + i];
1493 # elif defined(HPPA)
1494 for (i = 0; i < nargs; ++i)
1495 if (upeek(tcp, PT_GR26-4*i, &tcp->u_arg[i]) < 0)
1498 for (i = 0; i < nargs; ++i)
1499 tcp->u_arg[i] = regs.uregs[i];
1500 # elif defined(AVR32)
1503 tcp->u_arg[0] = regs.r12;
1504 tcp->u_arg[1] = regs.r11;
1505 tcp->u_arg[2] = regs.r10;
1506 tcp->u_arg[3] = regs.r9;
1507 tcp->u_arg[4] = regs.r5;
1508 tcp->u_arg[5] = regs.r3;
1509 # elif defined(BFIN)
1510 static const int argreg[MAX_ARGS] = { PT_R0, PT_R1, PT_R2, PT_R3, PT_R4, PT_R5 };
1512 for (i = 0; i < nargs; ++i)
1513 if (upeek(tcp, argreg[i], &tcp->u_arg[i]) < 0)
1516 static const int syscall_regs[MAX_ARGS] = {
1517 4 * (REG_REG0+4), 4 * (REG_REG0+5), 4 * (REG_REG0+6),
1518 4 * (REG_REG0+7), 4 * (REG_REG0 ), 4 * (REG_REG0+1)
1521 for (i = 0; i < nargs; ++i)
1522 if (upeek(tcp, syscall_regs[i], &tcp->u_arg[i]) < 0)
1524 # elif defined(SH64)
1526 /* Registers used by SH5 Linux system calls for parameters */
1527 static const int syscall_regs[MAX_ARGS] = { 2, 3, 4, 5, 6, 7 };
1529 for (i = 0; i < nargs; ++i)
1530 if (upeek(tcp, REG_GENERAL(syscall_regs[i]), &tcp->u_arg[i]) < 0)
1532 # elif defined(X86_64)
1535 if (current_personality == 0) { /* x86-64 ABI */
1536 tcp->u_arg[0] = x86_64_regs.rdi;
1537 tcp->u_arg[1] = x86_64_regs.rsi;
1538 tcp->u_arg[2] = x86_64_regs.rdx;
1539 tcp->u_arg[3] = x86_64_regs.r10;
1540 tcp->u_arg[4] = x86_64_regs.r8;
1541 tcp->u_arg[5] = x86_64_regs.r9;
1542 } else { /* i386 ABI */
1543 /* Sign-extend lower 32 bits */
1544 tcp->u_arg[0] = (long)(int)x86_64_regs.rbx;
1545 tcp->u_arg[1] = (long)(int)x86_64_regs.rcx;
1546 tcp->u_arg[2] = (long)(int)x86_64_regs.rdx;
1547 tcp->u_arg[3] = (long)(int)x86_64_regs.rsi;
1548 tcp->u_arg[4] = (long)(int)x86_64_regs.rdi;
1549 tcp->u_arg[5] = (long)(int)x86_64_regs.rbp;
1551 # elif defined(MICROBLAZE)
1552 for (i = 0; i < nargs; ++i)
1553 if (upeek(tcp, (5 + i) * 4, &tcp->u_arg[i]) < 0)
1555 # elif defined(CRISV10) || defined(CRISV32)
1556 static const int crisregs[MAX_ARGS] = {
1557 4*PT_ORIG_R10, 4*PT_R11, 4*PT_R12,
1558 4*PT_R13 , 4*PT_MOF, 4*PT_SRP
1561 for (i = 0; i < nargs; ++i)
1562 if (upeek(tcp, crisregs[i], &tcp->u_arg[i]) < 0)
1564 # elif defined(TILE)
1565 for (i = 0; i < nargs; ++i)
1566 if (upeek(tcp, PTREGS_OFFSET_REG(i), &tcp->u_arg[i]) < 0)
1568 # elif defined(M68K)
1569 for (i = 0; i < nargs; ++i)
1570 if (upeek(tcp, (i < 5 ? i : i + 2)*4, &tcp->u_arg[i]) < 0)
1572 # elif defined(I386)
1575 tcp->u_arg[0] = i386_regs.ebx;
1576 tcp->u_arg[1] = i386_regs.ecx;
1577 tcp->u_arg[2] = i386_regs.edx;
1578 tcp->u_arg[3] = i386_regs.esi;
1579 tcp->u_arg[4] = i386_regs.edi;
1580 tcp->u_arg[5] = i386_regs.ebp;
1581 # else /* Other architecture (32bits specific) */
1582 for (i = 0; i < nargs; ++i)
1583 if (upeek(tcp, i*4, &tcp->u_arg[i]) < 0)
1589 if (SCNO_IN_RANGE(tcp->scno))
1590 nargs = tcp->u_nargs = sysent[tcp->scno].nargs;
1592 nargs = tcp->u_nargs = MAX_ARGS;
1593 for (i = 0; i < nargs; i++) {
1596 if (upeek(tcp, uoff(u_arg[0]) +
1597 (i * sizeof(u->u_arg[0])), &tcp->u_arg[i]) < 0)
1604 * SGI is broken: even though it has pr_sysarg, it doesn't
1605 * set them on system call entry. Get a clue.
1607 if (SCNO_IN_RANGE(tcp->scno))
1608 tcp->u_nargs = sysent[tcp->scno].nargs;
1610 tcp->u_nargs = tcp->status.pr_nsysarg;
1611 if (tcp->u_nargs > 4) {
1612 memcpy(tcp->u_arg, &tcp->status.pr_reg[CTX_A0],
1613 4 * sizeof(tcp->u_arg[0]));
1614 umoven(tcp, tcp->status.pr_reg[CTX_SP] + 16,
1615 (tcp->u_nargs - 4) * sizeof(tcp->u_arg[0]), (char *) (tcp->u_arg + 4));
1618 memcpy(tcp->u_arg, &tcp->status.pr_reg[CTX_A0],
1619 tcp->u_nargs * sizeof(tcp->u_arg[0]));
1621 # elif UNIXWARE >= 2
1623 * Like SGI, UnixWare doesn't set pr_sysarg until system call exit
1625 if (SCNO_IN_RANGE(tcp->scno))
1626 tcp->u_nargs = sysent[tcp->scno].nargs;
1628 tcp->u_nargs = tcp->status.pr_lwp.pr_nsysarg;
1629 umoven(tcp, tcp->status.PR_REG[UESP] + 4,
1630 tcp->u_nargs * sizeof(tcp->u_arg[0]), (char *) tcp->u_arg);
1631 # elif defined(HAVE_PR_SYSCALL)
1633 if (SCNO_IN_RANGE(tcp->scno))
1634 tcp->u_nargs = sysent[tcp->scno].nargs;
1636 tcp->u_nargs = tcp->status.pr_nsysarg;
1637 for (i = 0; i < tcp->u_nargs; i++)
1638 tcp->u_arg[i] = tcp->status.pr_sysarg[i];
1639 # elif defined(I386)
1640 if (SCNO_IN_RANGE(tcp->scno))
1641 tcp->u_nargs = sysent[tcp->scno].nargs;
1644 if (tcp->u_nargs > 0)
1645 umoven(tcp, tcp->status.PR_REG[UESP] + 4,
1646 tcp->u_nargs * sizeof(tcp->u_arg[0]), (char *) tcp->u_arg);
1648 I DONT KNOW WHAT TO DO
1652 if (SCNO_IN_RANGE(tcp->scno) &&
1653 sysent[tcp->scno].nargs > tcp->status.val)
1654 tcp->u_nargs = sysent[tcp->scno].nargs;
1656 tcp->u_nargs = tcp->status.val;
1657 if (tcp->u_nargs < 0)
1659 if (tcp->u_nargs > MAX_ARGS)
1660 tcp->u_nargs = MAX_ARGS;
1661 switch (regs.r_eax) {
1663 pread(tcp->pfd, &tcp->u_arg, tcp->u_nargs * sizeof(unsigned long),
1664 regs.r_esp + sizeof(int) + sizeof(quad_t));
1667 pread(tcp->pfd, &tcp->u_arg, tcp->u_nargs * sizeof(unsigned long),
1668 regs.r_esp + 2 * sizeof(int));
1671 pread(tcp->pfd, &tcp->u_arg, tcp->u_nargs * sizeof(unsigned long),
1672 regs.r_esp + sizeof(int));
1675 #endif /* FREEBSD */
1680 trace_syscall_entering(struct tcb *tcp)
1684 #if defined TCB_WAITEXECVE
1685 if (tcp->flags & TCB_WAITEXECVE) {
1686 /* This is the post-execve SIGTRAP. */
1687 tcp->flags &= ~TCB_WAITEXECVE;
1692 scno_good = res = get_scno(tcp);
1696 res = syscall_fixup_on_sysenter(tcp);
1700 res = syscall_enter(tcp);
1706 tcp->flags &= ~TCB_REPRINT;
1708 tprintf("????" /* anti-trigraph gap */ "(");
1709 else if (!SCNO_IN_RANGE(tcp->scno))
1710 tprintf("syscall_%lu(", tcp->scno);
1712 tprintf("%s(", sysent[tcp->scno].sys_name);
1714 * " <unavailable>" will be added later by the code which
1715 * detects ptrace errors.
1720 #if defined(SYS_socket_subcall) || defined(SYS_ipc_subcall)
1721 while (SCNO_IN_RANGE(tcp->scno)) {
1722 #ifdef SYS_socket_subcall
1723 if (sysent[tcp->scno].sys_func == sys_socketcall) {
1724 decode_subcall(tcp, SYS_socket_subcall,
1725 SYS_socket_nsubcalls, deref_style);
1729 #ifdef SYS_ipc_subcall
1730 if (sysent[tcp->scno].sys_func == sys_ipc) {
1731 decode_subcall(tcp, SYS_ipc_subcall,
1732 SYS_ipc_nsubcalls, shift_style);
1738 #endif /* SYS_socket_subcall || SYS_ipc_subcall */
1740 #if defined(SVR4) || defined(FREEBSD) || defined(SUNOS4)
1741 switch (tcp->scno) {
1743 #ifdef SYS_pgrpsys_subcall
1745 decode_subcall(tcp, SYS_pgrpsys_subcall,
1746 SYS_pgrpsys_nsubcalls, shift_style);
1748 #endif /* SYS_pgrpsys_subcall */
1749 #ifdef SYS_sigcall_subcall
1751 decode_subcall(tcp, SYS_sigcall_subcall,
1752 SYS_sigcall_nsubcalls, mask_style);
1754 #endif /* SYS_sigcall_subcall */
1756 decode_subcall(tcp, SYS_msgsys_subcall,
1757 SYS_msgsys_nsubcalls, shift_style);
1760 decode_subcall(tcp, SYS_shmsys_subcall,
1761 SYS_shmsys_nsubcalls, shift_style);
1764 decode_subcall(tcp, SYS_semsys_subcall,
1765 SYS_semsys_nsubcalls, shift_style);
1768 decode_subcall(tcp, SYS_sysfs_subcall,
1769 SYS_sysfs_nsubcalls, shift_style);
1772 decode_subcall(tcp, SYS_spcall_subcall,
1773 SYS_spcall_nsubcalls, shift_style);
1775 #ifdef SYS_context_subcall
1777 decode_subcall(tcp, SYS_context_subcall,
1778 SYS_context_nsubcalls, shift_style);
1780 #endif /* SYS_context_subcall */
1781 #ifdef SYS_door_subcall
1783 decode_subcall(tcp, SYS_door_subcall,
1784 SYS_door_nsubcalls, door_style);
1786 #endif /* SYS_door_subcall */
1787 #ifdef SYS_kaio_subcall
1789 decode_subcall(tcp, SYS_kaio_subcall,
1790 SYS_kaio_nsubcalls, shift_style);
1798 decode_subcall(tcp, 0, 0, table_style);
1803 decode_subcall(tcp, SYS_semsys_subcall,
1804 SYS_semsys_nsubcalls, shift_style);
1807 decode_subcall(tcp, SYS_msgsys_subcall,
1808 SYS_msgsys_nsubcalls, shift_style);
1811 decode_subcall(tcp, SYS_shmsys_subcall,
1812 SYS_shmsys_nsubcalls, shift_style);
1816 #endif /* SVR4 || FREEBSD || SUNOS4 */
1818 internal_syscall(tcp);
1820 if ((SCNO_IN_RANGE(tcp->scno) &&
1821 !(qual_flags[tcp->scno] & QUAL_TRACE)) ||
1822 (tracing_paths && !pathtrace_match(tcp))) {
1823 tcp->flags |= TCB_INSYSCALL | TCB_FILTERED;
1827 tcp->flags &= ~TCB_FILTERED;
1829 if (cflag == CFLAG_ONLY_STATS) {
1835 tcp->flags &= ~TCB_REPRINT;
1836 if (!SCNO_IN_RANGE(tcp->scno))
1837 tprintf("syscall_%lu(", tcp->scno);
1839 tprintf("%s(", sysent[tcp->scno].sys_name);
1840 if (!SCNO_IN_RANGE(tcp->scno) ||
1841 ((qual_flags[tcp->scno] & QUAL_RAW) &&
1842 sysent[tcp->scno].sys_func != sys_exit))
1843 res = printargs(tcp);
1845 res = (*sysent[tcp->scno].sys_func)(tcp);
1847 if (fflush(tcp->outf) == EOF)
1850 tcp->flags |= TCB_INSYSCALL;
1851 /* Measure the entrance time as late as possible to avoid errors. */
1853 gettimeofday(&tcp->etime, NULL);
1858 * 0: "ignore this ptrace stop", bail out of trace_syscall() silently.
1859 * 1: ok, continue in trace_syscall().
1860 * other: error, trace_syscall() should print error indicator
1861 * ("????" etc) and bail out.
1864 get_syscall_result(struct tcb *tcp)
1867 # if defined(S390) || defined(S390X)
1868 if (upeek(tcp, PT_GPR2, &gpr2) < 0)
1870 # elif defined (POWERPC)
1871 # define SO_MASK 0x10000000
1874 if (upeek(tcp, sizeof(unsigned long)*PT_CCR, &flags) < 0)
1876 if (upeek(tcp, sizeof(unsigned long)*PT_R3, &result) < 0)
1878 if (flags & SO_MASK)
1881 # elif defined(AVR32)
1882 /* Read complete register set in one go. */
1883 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, ®s) < 0)
1885 # elif defined(BFIN)
1886 if (upeek(tcp, PT_R0, &r0) < 0)
1888 # elif defined (I386)
1889 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &i386_regs) < 0)
1891 # elif defined (X86_64)
1892 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &x86_64_regs) < 0)
1894 # elif defined(IA64)
1895 # define IA64_PSR_IS ((long)1 << 34)
1896 if (upeek(tcp, PT_CR_IPSR, &psr) >= 0)
1897 ia32 = (psr & IA64_PSR_IS) != 0;
1898 if (upeek(tcp, PT_R8, &r8) < 0)
1900 if (upeek(tcp, PT_R10, &r10) < 0)
1902 # elif defined (ARM)
1903 /* Read complete register set in one go. */
1904 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (void *)®s) == -1)
1906 # elif defined (M68K)
1907 if (upeek(tcp, 4*PT_D0, &d0) < 0)
1909 # elif defined (LINUX_MIPSN32)
1910 unsigned long long regs[38];
1912 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1916 # elif defined (MIPS)
1917 if (upeek(tcp, REG_A3, &a3) < 0)
1919 if (upeek(tcp, REG_V0, &r2) < 0)
1921 # elif defined (ALPHA)
1922 if (upeek(tcp, REG_A3, &a3) < 0)
1924 if (upeek(tcp, REG_R0, &r0) < 0)
1926 # elif defined (SPARC) || defined (SPARC64)
1927 /* Everything we need is in the current register set. */
1928 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
1930 # elif defined(HPPA)
1931 if (upeek(tcp, PT_GR28, &r28) < 0)
1934 # elif defined(SH64)
1935 # elif defined(CRISV10) || defined(CRISV32)
1936 if (upeek(tcp, 4*PT_R10, &r10) < 0)
1938 # elif defined(TILE)
1939 # elif defined(MICROBLAZE)
1940 if (upeek(tcp, 3 * 4, &r3) < 0)
1947 /* new syscall ABI returns result in R0 */
1948 if (upeek(tcp, 4*REG_REG0, (long *)&r0) < 0)
1951 /* ABI defines result returned in r9 */
1952 if (upeek(tcp, REG_GENERAL(9), (long *)&r9) < 0)
1957 # ifndef HAVE_PR_SYSCALL
1959 if (pread(tcp->pfd_reg, ®s, sizeof(regs), 0) < 0) {
1963 # endif /* FREEBSD */
1964 # endif /* !HAVE_PR_SYSCALL */
1965 #endif /* USE_PROCFS */
1970 /* Called at each syscall exit.
1972 * 0: "ignore this ptrace stop", bail out of trace_syscall() silently.
1973 * 1: ok, continue in trace_syscall().
1974 * other: error, trace_syscall() should print error indicator
1975 * ("????" etc) and bail out.
1978 syscall_fixup_on_sysexit(struct tcb *tcp)
1981 if (tcp->status.PR_WHY != PR_SYSEXIT) {
1982 fprintf(stderr, "syscall: missing exit\n");
1983 tcp->flags &= ~TCB_INSYSCALL;
1985 #endif /* USE_PROCFS */
1989 int scno = tcp->scno;
1993 * This happens when a signal handler
1994 * for a signal which interrupted a
1995 * a system call makes another system call.
1997 fprintf(stderr, "syscall: missing exit\n");
1999 tcp->flags &= ~TCB_INSYSCALL;
2005 # if defined (S390) || defined (S390X)
2006 if (syscall_mode != -ENOSYS)
2007 syscall_mode = tcp->scno;
2008 if ((tcp->flags & TCB_WAITEXECVE)
2009 && (gpr2 == -ENOSYS || gpr2 == tcp->scno)) {
2011 * Return from execve.
2012 * Fake a return value of zero. We leave the TCB_WAITEXECVE
2013 * flag set for the post-execve SIGTRAP to see and reset.
2024 * Check the syscall return value register value for whether it is
2025 * a negated errno code indicating an error, or a success return value.
2028 is_negated_errno(unsigned long int val)
2030 unsigned long int max = -(long int) nerrnos;
2031 # if SUPPORTED_PERSONALITIES > 1
2032 if (personality_wordsize[current_personality] < sizeof(val)) {
2033 val = (unsigned int) val;
2034 max = (unsigned int) max;
2042 get_error(struct tcb *tcp)
2046 int check_errno = 1;
2047 if (SCNO_IN_RANGE(tcp->scno) &&
2048 sysent[tcp->scno].sys_flags & SYSCALL_NEVER_FAILS) {
2051 # if defined(S390) || defined(S390X)
2052 if (check_errno && is_negated_errno(gpr2)) {
2059 # elif defined(I386)
2060 if (check_errno && is_negated_errno(i386_regs.eax)) {
2062 u_error = -i386_regs.eax;
2065 tcp->u_rval = i386_regs.eax;
2067 # elif defined(X86_64)
2068 if (check_errno && is_negated_errno(x86_64_regs.rax)) {
2070 u_error = -x86_64_regs.rax;
2073 tcp->u_rval = x86_64_regs.rax;
2075 # elif defined(IA64)
2080 if (check_errno && is_negated_errno(err)) {
2088 if (check_errno && r10) {
2095 # elif defined(MIPS)
2096 if (check_errno && a3) {
2102 # elif defined(POWERPC)
2103 if (check_errno && is_negated_errno(result)) {
2108 tcp->u_rval = result;
2110 # elif defined(M68K)
2111 if (check_errno && is_negated_errno(d0)) {
2119 if (check_errno && is_negated_errno(regs.ARM_r0)) {
2121 u_error = -regs.ARM_r0;
2124 tcp->u_rval = regs.ARM_r0;
2126 # elif defined(AVR32)
2127 if (check_errno && regs.r12 && (unsigned) -regs.r12 < nerrnos) {
2129 u_error = -regs.r12;
2132 tcp->u_rval = regs.r12;
2134 # elif defined(BFIN)
2135 if (check_errno && is_negated_errno(r0)) {
2141 # elif defined(ALPHA)
2142 if (check_errno && a3) {
2149 # elif defined(SPARC)
2150 if (check_errno && regs.psr & PSR_C) {
2152 u_error = regs.u_regs[U_REG_O0];
2155 tcp->u_rval = regs.u_regs[U_REG_O0];
2157 # elif defined(SPARC64)
2158 if (check_errno && regs.tstate & 0x1100000000UL) {
2160 u_error = regs.u_regs[U_REG_O0];
2163 tcp->u_rval = regs.u_regs[U_REG_O0];
2165 # elif defined(HPPA)
2166 if (check_errno && is_negated_errno(r28)) {
2174 if (check_errno && is_negated_errno(r0)) {
2181 # elif defined(SH64)
2182 if (check_errno && is_negated_errno(r9)) {
2189 # elif defined(CRISV10) || defined(CRISV32)
2190 if (check_errno && r10 && (unsigned) -r10 < nerrnos) {
2197 # elif defined(TILE)
2199 if (upeek(tcp, PTREGS_OFFSET_REG(0), &rval) < 0)
2201 if (check_errno && rval < 0 && rval > -nerrnos) {
2208 # elif defined(MICROBLAZE)
2209 if (check_errno && is_negated_errno(r3)) {
2219 /* get error code from user struct */
2220 if (upeek(tcp, uoff(u_error), &u_error) < 0)
2222 u_error >>= 24; /* u_error is a char */
2224 /* get system call return value */
2225 if (upeek(tcp, uoff(u_rval1), &tcp->u_rval) < 0)
2230 /* Judicious guessing goes a long way. */
2231 if (tcp->status.pr_reg[R_PSR] & 0x100000) {
2233 u_error = tcp->status.pr_reg[R_O0];
2236 tcp->u_rval = tcp->status.pr_reg[R_O0];
2240 if (tcp->status.PR_REG[EFL] & 0x1) {
2242 u_error = tcp->status.PR_REG[EAX];
2245 tcp->u_rval = tcp->status.PR_REG[EAX];
2246 # ifdef HAVE_LONG_LONG
2248 ((unsigned long long) tcp->status.PR_REG[EDX] << 32) +
2249 tcp->status.PR_REG[EAX];
2254 if (tcp->status.PR_REG[EFLAGS] & 0x1) {
2256 u_error = tcp->status.PR_REG[RAX];
2259 tcp->u_rval = tcp->status.PR_REG[RAX];
2261 # endif /* X86_64 */
2263 if (tcp->status.pr_reg[CTX_A3]) {
2265 u_error = tcp->status.pr_reg[CTX_V0];
2268 tcp->u_rval = tcp->status.pr_reg[CTX_V0];
2273 if (regs.r_eflags & PSL_C) {
2275 u_error = regs.r_eax;
2277 tcp->u_rval = regs.r_eax;
2279 ((unsigned long long) regs.r_edx << 32) + regs.r_eax;
2281 #endif /* FREEBSD */
2282 tcp->u_error = u_error;
2287 dumpio(struct tcb *tcp)
2291 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= MAX_QUALS)
2293 if (!SCNO_IN_RANGE(tcp->scno))
2295 if (sysent[tcp->scno].sys_func == printargs)
2297 if (qual_flags[tcp->u_arg[0]] & QUAL_READ) {
2298 if (sysent[tcp->scno].sys_func == sys_read ||
2299 sysent[tcp->scno].sys_func == sys_pread ||
2301 #if _LFS64_LARGEFILE
2302 sysent[tcp->scno].sys_func == sys_pread64 ||
2305 sysent[tcp->scno].sys_func == sys_recv ||
2306 sysent[tcp->scno].sys_func == sys_recvfrom)
2307 dumpstr(tcp, tcp->u_arg[1], tcp->u_rval);
2308 else if (sysent[tcp->scno].sys_func == sys_readv)
2309 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]);
2312 if (qual_flags[tcp->u_arg[0]] & QUAL_WRITE) {
2313 if (sysent[tcp->scno].sys_func == sys_write ||
2314 sysent[tcp->scno].sys_func == sys_pwrite ||
2316 #if _LFS64_LARGEFILE
2317 sysent[tcp->scno].sys_func == sys_pwrite64 ||
2320 sysent[tcp->scno].sys_func == sys_send ||
2321 sysent[tcp->scno].sys_func == sys_sendto)
2322 dumpstr(tcp, tcp->u_arg[1], tcp->u_arg[2]);
2323 else if (sysent[tcp->scno].sys_func == sys_writev)
2324 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]);
2330 trace_syscall_exiting(struct tcb *tcp)
2337 /* Measure the exit time as early as possible to avoid errors. */
2339 gettimeofday(&tv, NULL);
2341 #if SUPPORTED_PERSONALITIES > 1
2342 update_personality(tcp, tcp->currpers);
2344 res = get_syscall_result(tcp);
2348 res = syscall_fixup_on_sysexit(tcp);
2352 res = get_error(tcp);
2356 internal_syscall(tcp);
2358 if (res == 1 && filtered(tcp)) {
2362 if (tcp->flags & TCB_REPRINT) {
2364 if (!SCNO_IN_RANGE(tcp->scno))
2365 tprintf("<... syscall_%lu resumed> ", tcp->scno);
2367 tprintf("<... %s resumed> ", sysent[tcp->scno].sys_name);
2371 struct timeval t = tv;
2372 count_syscall(tcp, &t);
2373 if (cflag == CFLAG_ONLY_STATS) {
2381 tprints("= ? <unavailable>\n");
2382 printing_tcp = NULL;
2383 tcp->flags &= ~TCB_INSYSCALL;
2387 if (!SCNO_IN_RANGE(tcp->scno)
2388 || (qual_flags[tcp->scno] & QUAL_RAW))
2389 sys_res = printargs(tcp);
2391 /* FIXME: not_failing_only (IOW, option -z) is broken:
2392 * failure of syscall is known only after syscall return.
2393 * Thus we end up with something like this on, say, ENOENT:
2394 * open("doesnt_exist", O_RDONLY <unfinished ...>
2395 * {next syscall decode}
2396 * whereas the intended result is that open(...) line
2397 * is not shown at all.
2399 if (not_failing_only && tcp->u_error)
2400 goto ret; /* ignore failed syscalls */
2401 sys_res = (*sysent[tcp->scno].sys_func)(tcp);
2406 u_error = tcp->u_error;
2407 if (!SCNO_IN_RANGE(tcp->scno) ||
2408 qual_flags[tcp->scno] & QUAL_RAW) {
2410 tprintf("= -1 (errno %ld)", u_error);
2412 tprintf("= %#lx", tcp->u_rval);
2414 else if (!(sys_res & RVAL_NONE) && u_error) {
2417 /* Blocked signals do not interrupt any syscalls.
2418 * In this case syscalls don't return ERESTARTfoo codes.
2420 * Deadly signals set to SIG_DFL interrupt syscalls
2421 * and kill the process regardless of which of the codes below
2422 * is returned by the interrupted syscall.
2423 * In some cases, kernel forces a kernel-generated deadly
2424 * signal to be unblocked and set to SIG_DFL (and thus cause
2425 * death) if it is blocked or SIG_IGNed: for example, SIGSEGV
2426 * or SIGILL. (The alternative is to leave process spinning
2427 * forever on the faulty instruction - not useful).
2429 * SIG_IGNed signals and non-deadly signals set to SIG_DFL
2430 * (for example, SIGCHLD, SIGWINCH) interrupt syscalls,
2431 * but kernel will always restart them.
2434 /* Most common type of signal-interrupted syscall exit code.
2435 * The system call will be restarted with the same arguments
2436 * if SA_RESTART is set; otherwise, it will fail with EINTR.
2438 tprints("= ? ERESTARTSYS (To be restarted if SA_RESTART is set)");
2440 case ERESTARTNOINTR:
2441 /* Rare. For example, fork() returns this if interrupted.
2442 * SA_RESTART is ignored (assumed set): the restart is unconditional.
2444 tprints("= ? ERESTARTNOINTR (To be restarted)");
2446 case ERESTARTNOHAND:
2447 /* pause(), rt_sigsuspend() etc use this code.
2448 * SA_RESTART is ignored (assumed not set):
2449 * syscall won't restart (will return EINTR instead)
2450 * even after signal with SA_RESTART set.
2451 * However, after SIG_IGN or SIG_DFL signal it will.
2453 tprints("= ? ERESTARTNOHAND (Interrupted by signal)");
2455 case ERESTART_RESTARTBLOCK:
2456 /* Syscalls like nanosleep(), poll() which can't be
2457 * restarted with their original arguments use this
2458 * code. Kernel will execute restart_syscall() instead,
2459 * which changes arguments before restarting syscall.
2460 * SA_RESTART is ignored (assumed not set) similarly
2461 * to ERESTARTNOHAND. (Kernel can't honor SA_RESTART
2462 * since restart data is saved in "restart block"
2463 * in task struct, and if signal handler uses a syscall
2464 * which in turn saves another such restart block,
2465 * old data is lost and restart becomes impossible)
2467 tprints("= ? ERESTART_RESTARTBLOCK (Interrupted by signal)");
2472 tprintf("= -1 E??? (errno %ld)", u_error);
2473 else if (u_error < nerrnos)
2474 tprintf("= -1 %s (%s)", errnoent[u_error],
2477 tprintf("= -1 ERRNO_%ld (%s)", u_error,
2481 if ((sys_res & RVAL_STR) && tcp->auxstr)
2482 tprintf(" (%s)", tcp->auxstr);
2485 if (sys_res & RVAL_NONE)
2488 switch (sys_res & RVAL_MASK) {
2490 tprintf("= %#lx", tcp->u_rval);
2493 tprintf("= %#lo", tcp->u_rval);
2496 tprintf("= %lu", tcp->u_rval);
2499 tprintf("= %ld", tcp->u_rval);
2501 #ifdef HAVE_LONG_LONG
2503 tprintf("= %#llx", tcp->u_lrval);
2506 tprintf("= %#llo", tcp->u_lrval);
2508 case RVAL_LUDECIMAL:
2509 tprintf("= %llu", tcp->u_lrval);
2512 tprintf("= %lld", tcp->u_lrval);
2517 "invalid rval format\n");
2521 if ((sys_res & RVAL_STR) && tcp->auxstr)
2522 tprintf(" (%s)", tcp->auxstr);
2525 tv_sub(&tv, &tv, &tcp->etime);
2526 tprintf(" <%ld.%06ld>",
2527 (long) tv.tv_sec, (long) tv.tv_usec);
2530 printing_tcp = NULL;
2533 if (fflush(tcp->outf) == EOF)
2536 tcp->flags &= ~TCB_INSYSCALL;
2541 trace_syscall(struct tcb *tcp)
2543 return exiting(tcp) ?
2544 trace_syscall_exiting(tcp) : trace_syscall_entering(tcp);
projects / strace / blob