2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl>
3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl>
4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com>
5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl>
6 * Copyright (c) 1999 IBM Deutschland Entwicklung GmbH, IBM Corporation
7 * Linux for s390 port by D.J. Barrow
8 * <barrow_dj@mail.yahoo.com,djbarrow@de.ibm.com>
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. The name of the author may not be used to endorse or promote products
20 * derived from this software without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36 #include <sys/param.h>
40 # ifndef PTRACE_PEEKUSR
41 # define PTRACE_PEEKUSR PTRACE_PEEKUSER
43 #elif defined(HAVE_LINUX_PTRACE_H)
44 # undef PTRACE_SYSCALL
45 # ifdef HAVE_STRUCT_IA64_FPREG
46 # define ia64_fpreg XXX_ia64_fpreg
48 # ifdef HAVE_STRUCT_PT_ALL_USER_REGS
49 # define pt_all_user_regs XXX_pt_all_user_regs
51 # include <linux/ptrace.h>
53 # undef pt_all_user_regs
57 # undef PTRACE_GETREGS
58 # define PTRACE_GETREGS PTRACE_GETREGS64
59 # undef PTRACE_SETREGS
60 # define PTRACE_SETREGS PTRACE_SETREGS64
64 # include <asm/ptrace_offsets.h>
69 # include <asm/ptrace.h>
75 # ifndef PT_FLAGS_COMPAT
76 # define PT_FLAGS_COMPAT 0x10000 /* from Linux 3.8 on */
81 # define ERESTARTSYS 512
83 #ifndef ERESTARTNOINTR
84 # define ERESTARTNOINTR 513
86 #ifndef ERESTARTNOHAND
87 # define ERESTARTNOHAND 514 /* restart if no handler */
89 #ifndef ERESTART_RESTARTBLOCK
90 # define ERESTART_RESTARTBLOCK 516 /* restart by calling sys_restart_syscall */
94 # warning: NSIG is not defined, using 32
98 /* Ugh. Is this really correct? ARM has no RT signals?! */
105 /* Define these shorthand notations to simplify the syscallent files. */
106 #define TD TRACE_DESC
107 #define TF TRACE_FILE
109 #define TN TRACE_NETWORK
110 #define TP TRACE_PROCESS
111 #define TS TRACE_SIGNAL
112 #define TM TRACE_MEMORY
113 #define NF SYSCALL_NEVER_FAILS
116 static const struct sysent sysent0[] = {
117 #include "syscallent.h"
120 #if SUPPORTED_PERSONALITIES >= 2
121 static const struct sysent sysent1[] = {
122 # include "syscallent1.h"
126 #if SUPPORTED_PERSONALITIES >= 3
127 static const struct sysent sysent2[] = {
128 # include "syscallent2.h"
132 /* Now undef them since short defines cause wicked namespace pollution. */
144 * `ioctlent.h' may be generated from `ioctlent.raw' by the auxiliary
145 * program `ioctlsort', such that the list is sorted by the `code' field.
146 * This has the side-effect of resolving the _IO.. macros into
147 * plain integers, eliminating the need to include here everything
151 static const char *const errnoent0[] = {
152 #include "errnoent.h"
154 static const char *const signalent0[] = {
155 #include "signalent.h"
157 static const struct ioctlent ioctlent0[] = {
158 #include "ioctlent.h"
160 enum { nsyscalls0 = ARRAY_SIZE(sysent0) };
161 enum { nerrnos0 = ARRAY_SIZE(errnoent0) };
162 enum { nsignals0 = ARRAY_SIZE(signalent0) };
163 enum { nioctlents0 = ARRAY_SIZE(ioctlent0) };
164 int qual_flags0[MAX_QUALS];
166 #if SUPPORTED_PERSONALITIES >= 2
167 static const char *const errnoent1[] = {
168 # include "errnoent1.h"
170 static const char *const signalent1[] = {
171 # include "signalent1.h"
173 static const struct ioctlent ioctlent1[] = {
174 # include "ioctlent1.h"
176 enum { nsyscalls1 = ARRAY_SIZE(sysent1) };
177 enum { nerrnos1 = ARRAY_SIZE(errnoent1) };
178 enum { nsignals1 = ARRAY_SIZE(signalent1) };
179 enum { nioctlents1 = ARRAY_SIZE(ioctlent1) };
180 int qual_flags1[MAX_QUALS];
183 #if SUPPORTED_PERSONALITIES >= 3
184 static const char *const errnoent2[] = {
185 # include "errnoent2.h"
187 static const char *const signalent2[] = {
188 # include "signalent2.h"
190 static const struct ioctlent ioctlent2[] = {
191 # include "ioctlent2.h"
193 enum { nsyscalls2 = ARRAY_SIZE(sysent2) };
194 enum { nerrnos2 = ARRAY_SIZE(errnoent2) };
195 enum { nsignals2 = ARRAY_SIZE(signalent2) };
196 enum { nioctlents2 = ARRAY_SIZE(ioctlent2) };
197 int qual_flags2[MAX_QUALS];
200 const struct sysent *sysent = sysent0;
201 const char *const *errnoent = errnoent0;
202 const char *const *signalent = signalent0;
203 const struct ioctlent *ioctlent = ioctlent0;
204 unsigned nsyscalls = nsyscalls0;
205 unsigned nerrnos = nerrnos0;
206 unsigned nsignals = nsignals0;
207 unsigned nioctlents = nioctlents0;
208 int *qual_flags = qual_flags0;
210 #if SUPPORTED_PERSONALITIES > 1
211 int current_personality;
213 const int personality_wordsize[SUPPORTED_PERSONALITIES] = {
214 PERSONALITY0_WORDSIZE,
215 PERSONALITY1_WORDSIZE,
216 # if SUPPORTED_PERSONALITIES > 2
217 PERSONALITY2_WORDSIZE,
222 set_personality(int personality)
224 switch (personality) {
226 errnoent = errnoent0;
229 nsyscalls = nsyscalls0;
230 ioctlent = ioctlent0;
231 nioctlents = nioctlents0;
232 signalent = signalent0;
233 nsignals = nsignals0;
234 qual_flags = qual_flags0;
238 errnoent = errnoent1;
241 nsyscalls = nsyscalls1;
242 ioctlent = ioctlent1;
243 nioctlents = nioctlents1;
244 signalent = signalent1;
245 nsignals = nsignals1;
246 qual_flags = qual_flags1;
249 # if SUPPORTED_PERSONALITIES >= 3
251 errnoent = errnoent2;
254 nsyscalls = nsyscalls2;
255 ioctlent = ioctlent2;
256 nioctlents = nioctlents2;
257 signalent = signalent2;
258 nsignals = nsignals2;
259 qual_flags = qual_flags2;
264 current_personality = personality;
268 update_personality(struct tcb *tcp, int personality)
270 if (personality == current_personality)
272 set_personality(personality);
274 if (personality == tcp->currpers)
276 tcp->currpers = personality;
278 # if defined(POWERPC64)
280 static const char *const names[] = {"64 bit", "32 bit"};
281 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n",
282 tcp->pid, names[personality]);
284 # elif defined(X86_64)
286 static const char *const names[] = {"64 bit", "32 bit", "x32"};
287 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n",
288 tcp->pid, names[personality]);
292 static const char *const names[] = {"x32", "32 bit"};
293 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n",
294 tcp->pid, names[personality]);
296 # elif defined(AARCH64)
298 static const char *const names[] = {"32-bit ARM", "AArch64"};
299 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n",
300 tcp->pid, names[personality]);
304 static const char *const names[] = {"64-bit", "32-bit"};
305 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n",
306 tcp->pid, names[personality]);
312 static int qual_syscall(), qual_signal(), qual_fault(), qual_desc();
314 static const struct qual_options {
316 const char *option_name;
317 int (*qualify)(const char *, int, int);
318 const char *argument_name;
320 { QUAL_TRACE, "trace", qual_syscall, "system call" },
321 { QUAL_TRACE, "t", qual_syscall, "system call" },
322 { QUAL_ABBREV, "abbrev", qual_syscall, "system call" },
323 { QUAL_ABBREV, "a", qual_syscall, "system call" },
324 { QUAL_VERBOSE, "verbose", qual_syscall, "system call" },
325 { QUAL_VERBOSE, "v", qual_syscall, "system call" },
326 { QUAL_RAW, "raw", qual_syscall, "system call" },
327 { QUAL_RAW, "x", qual_syscall, "system call" },
328 { QUAL_SIGNAL, "signal", qual_signal, "signal" },
329 { QUAL_SIGNAL, "signals", qual_signal, "signal" },
330 { QUAL_SIGNAL, "s", qual_signal, "signal" },
331 { QUAL_FAULT, "fault", qual_fault, "fault" },
332 { QUAL_FAULT, "faults", qual_fault, "fault" },
333 { QUAL_FAULT, "m", qual_fault, "fault" },
334 { QUAL_READ, "read", qual_desc, "descriptor" },
335 { QUAL_READ, "reads", qual_desc, "descriptor" },
336 { QUAL_READ, "r", qual_desc, "descriptor" },
337 { QUAL_WRITE, "write", qual_desc, "descriptor" },
338 { QUAL_WRITE, "writes", qual_desc, "descriptor" },
339 { QUAL_WRITE, "w", qual_desc, "descriptor" },
340 { 0, NULL, NULL, NULL },
344 qualify_one(int n, int bitflag, int not, int pers)
346 if (pers == 0 || pers < 0) {
348 qual_flags0[n] &= ~bitflag;
350 qual_flags0[n] |= bitflag;
353 #if SUPPORTED_PERSONALITIES >= 2
354 if (pers == 1 || pers < 0) {
356 qual_flags1[n] &= ~bitflag;
358 qual_flags1[n] |= bitflag;
362 #if SUPPORTED_PERSONALITIES >= 3
363 if (pers == 2 || pers < 0) {
365 qual_flags2[n] &= ~bitflag;
367 qual_flags2[n] |= bitflag;
373 qual_syscall(const char *s, int bitflag, int not)
378 if (*s >= '0' && *s <= '9') {
379 int i = string_to_uint(s);
380 if (i < 0 || i >= MAX_QUALS)
382 qualify_one(i, bitflag, not, -1);
385 for (i = 0; i < nsyscalls0; i++)
386 if (sysent0[i].sys_name &&
387 strcmp(s, sysent0[i].sys_name) == 0) {
388 qualify_one(i, bitflag, not, 0);
392 #if SUPPORTED_PERSONALITIES >= 2
393 for (i = 0; i < nsyscalls1; i++)
394 if (sysent1[i].sys_name &&
395 strcmp(s, sysent1[i].sys_name) == 0) {
396 qualify_one(i, bitflag, not, 1);
401 #if SUPPORTED_PERSONALITIES >= 3
402 for (i = 0; i < nsyscalls2; i++)
403 if (sysent2[i].sys_name &&
404 strcmp(s, sysent2[i].sys_name) == 0) {
405 qualify_one(i, bitflag, not, 2);
414 qual_signal(const char *s, int bitflag, int not)
418 if (*s >= '0' && *s <= '9') {
419 int signo = string_to_uint(s);
420 if (signo < 0 || signo >= MAX_QUALS)
422 qualify_one(signo, bitflag, not, -1);
425 if (strncasecmp(s, "SIG", 3) == 0)
427 for (i = 0; i <= NSIG; i++) {
428 if (strcasecmp(s, signame(i) + 3) == 0) {
429 qualify_one(i, bitflag, not, -1);
437 qual_fault(const char *s, int bitflag, int not)
443 qual_desc(const char *s, int bitflag, int not)
445 if (*s >= '0' && *s <= '9') {
446 int desc = string_to_uint(s);
447 if (desc < 0 || desc >= MAX_QUALS)
449 qualify_one(desc, bitflag, not, -1);
456 lookup_class(const char *s)
458 if (strcmp(s, "file") == 0)
460 if (strcmp(s, "ipc") == 0)
462 if (strcmp(s, "network") == 0)
463 return TRACE_NETWORK;
464 if (strcmp(s, "process") == 0)
465 return TRACE_PROCESS;
466 if (strcmp(s, "signal") == 0)
468 if (strcmp(s, "desc") == 0)
470 if (strcmp(s, "memory") == 0)
476 qualify(const char *s)
478 const struct qual_options *opt;
484 opt = &qual_options[0];
485 for (i = 0; (p = qual_options[i].option_name); i++) {
487 if (strncmp(s, p, n) == 0 && s[n] == '=') {
488 opt = &qual_options[i];
498 if (strcmp(s, "none") == 0) {
502 if (strcmp(s, "all") == 0) {
503 for (i = 0; i < MAX_QUALS; i++) {
504 qualify_one(i, opt->bitflag, not, -1);
508 for (i = 0; i < MAX_QUALS; i++) {
509 qualify_one(i, opt->bitflag, !not, -1);
514 for (p = strtok(copy, ","); p; p = strtok(NULL, ",")) {
515 if (opt->bitflag == QUAL_TRACE && (n = lookup_class(p)) > 0) {
516 for (i = 0; i < nsyscalls0; i++)
517 if (sysent0[i].sys_flags & n)
518 qualify_one(i, opt->bitflag, not, 0);
520 #if SUPPORTED_PERSONALITIES >= 2
521 for (i = 0; i < nsyscalls1; i++)
522 if (sysent1[i].sys_flags & n)
523 qualify_one(i, opt->bitflag, not, 1);
526 #if SUPPORTED_PERSONALITIES >= 3
527 for (i = 0; i < nsyscalls2; i++)
528 if (sysent2[i].sys_flags & n)
529 qualify_one(i, opt->bitflag, not, 2);
534 if (opt->qualify(p, opt->bitflag, not)) {
535 error_msg_and_die("invalid %s '%s'",
536 opt->argument_name, p);
543 #ifdef SYS_socket_subcall
545 decode_socket_subcall(struct tcb *tcp)
548 unsigned int i, size;
550 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= SYS_socket_nsubcalls)
553 tcp->scno = SYS_socket_subcall + tcp->u_arg[0];
554 addr = tcp->u_arg[1];
555 tcp->u_nargs = sysent[tcp->scno].nargs;
556 size = current_wordsize;
557 for (i = 0; i < tcp->u_nargs; ++i) {
558 if (size == sizeof(int)) {
560 if (umove(tcp, addr, &arg) < 0)
566 if (umove(tcp, addr, &arg) < 0)
575 #ifdef SYS_ipc_subcall
577 decode_ipc_subcall(struct tcb *tcp)
581 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= SYS_ipc_nsubcalls)
584 tcp->scno = SYS_ipc_subcall + tcp->u_arg[0];
585 tcp->u_nargs = sysent[tcp->scno].nargs;
586 for (i = 0; i < tcp->u_nargs; i++)
587 tcp->u_arg[i] = tcp->u_arg[i + 1];
592 printargs(struct tcb *tcp)
597 for (i = 0; i < tcp->u_nargs; i++)
598 tprintf("%s%#lx", i ? ", " : "", tcp->u_arg[i]);
604 printargs_lu(struct tcb *tcp)
609 for (i = 0; i < tcp->u_nargs; i++)
610 tprintf("%s%lu", i ? ", " : "", tcp->u_arg[i]);
616 printargs_ld(struct tcb *tcp)
621 for (i = 0; i < tcp->u_nargs; i++)
622 tprintf("%s%ld", i ? ", " : "", tcp->u_arg[i]);
627 #if defined(SPARC) || defined(SPARC64) || defined(IA64) || defined(SH)
629 getrval2(struct tcb *tcp)
633 # if defined(SPARC) || defined(SPARC64)
634 val = regs.u_regs[U_REG_O1];
636 if (upeek(tcp, 4*(REG_REG0+1), &val) < 0)
639 if (upeek(tcp, PT_R9, &val) < 0)
648 is_restart_error(struct tcb *tcp)
650 switch (tcp->u_error) {
654 case ERESTART_RESTARTBLOCK:
663 struct pt_regs i386_regs;
664 #elif defined(X86_64) || defined(X32)
666 * On 32 bits, pt_regs and user_regs_struct are the same,
667 * but on 64 bits, user_regs_struct has six more fields:
668 * fs_base, gs_base, ds, es, fs, gs.
669 * PTRACE_GETREGS fills them too, so struct pt_regs would overflow.
671 static struct user_regs_struct x86_64_regs;
673 long r8, r10, psr; /* TODO: make static? */
674 long ia32 = 0; /* not static */
675 #elif defined(POWERPC)
676 static long ppc_result;
682 struct pt_regs regs; /* not static */
683 #elif defined(AARCH64)
684 static struct user_pt_regs aarch64_regs;
685 static struct arm_pt_regs regs;
686 static struct iovec aarch64_io = {
687 .iov_base = &aarch64_regs
693 static struct pt_regs regs;
694 #elif defined(SPARC) || defined(SPARC64)
695 struct pt_regs regs; /* not static */
696 #elif defined(LINUX_MIPSN32)
702 #elif defined(S390) || defined(S390X)
705 static long syscall_mode;
712 #elif defined(CRISV10) || defined(CRISV32)
715 struct pt_regs tile_regs;
716 #elif defined(MICROBLAZE)
721 printcall(struct tcb *tcp)
723 #define PRINTBADPC tprintf(sizeof(long) == 4 ? "[????????] " : \
724 sizeof(long) == 8 ? "[????????????????] " : \
726 if (get_regs_error) {
731 tprintf("[%08lx] ", i386_regs.eip);
732 #elif defined(S390) || defined(S390X)
734 if (upeek(tcp, PT_PSWADDR, &psw) < 0) {
739 tprintf("[%08lx] ", psw);
741 tprintf("[%16lx] ", psw);
743 #elif defined(X86_64) || defined(X32)
744 tprintf("[%16lx] ", x86_64_regs.ip);
748 if (upeek(tcp, PT_B0, &ip) < 0) {
752 tprintf("[%08lx] ", ip);
753 #elif defined(POWERPC)
756 if (upeek(tcp, sizeof(unsigned long)*PT_NIP, &pc) < 0) {
761 tprintf("[%016lx] ", pc);
763 tprintf("[%08lx] ", pc);
768 if (upeek(tcp, 4*PT_PC, &pc) < 0) {
769 tprints("[????????] ");
772 tprintf("[%08lx] ", pc);
776 if (upeek(tcp, REG_PC, &pc) < 0) {
777 tprints("[????????????????] ");
780 tprintf("[%08lx] ", pc);
782 tprintf("[%08lx] ", regs.pc);
783 #elif defined(SPARC64)
784 tprintf("[%08lx] ", regs.tpc);
788 if (upeek(tcp, PT_IAOQ0, &pc) < 0) {
789 tprints("[????????] ");
792 tprintf("[%08lx] ", pc);
796 if (upeek(tcp, REG_EPC, &pc) < 0) {
797 tprints("[????????] ");
800 tprintf("[%08lx] ", pc);
804 if (upeek(tcp, 4*REG_PC, &pc) < 0) {
805 tprints("[????????] ");
808 tprintf("[%08lx] ", pc);
812 if (upeek(tcp, REG_PC, &pc) < 0) {
813 tprints("[????????????????] ");
816 tprintf("[%08lx] ", pc);
818 tprintf("[%08lx] ", regs.ARM_pc);
819 /*#elif defined(AARCH64) ??? */
821 tprintf("[%08lx] ", regs.pc);
825 if (upeek(tcp, PT_PC, &pc) < 0) {
829 tprintf("[%08lx] ", pc);
830 #elif defined(CRISV10)
833 if (upeek(tcp, 4*PT_IRP, &pc) < 0) {
837 tprintf("[%08lx] ", pc);
838 #elif defined(CRISV32)
841 if (upeek(tcp, 4*PT_ERP, &pc) < 0) {
845 tprintf("[%08lx] ", pc);
848 tprintf("[%16lx] ", tile_regs.pc);
850 tprintf("[%08lx] ", tile_regs.pc);
852 #endif /* architecture */
857 void get_regs(pid_t pid)
860 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, ®s);
862 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, (long) &i386_regs);
863 # elif defined(X86_64) || defined(X32)
864 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, (long) &x86_64_regs);
865 # elif defined(AARCH64)
866 /*aarch64_io.iov_base = &aarch64_regs; - already is */
867 aarch64_io.iov_len = sizeof(aarch64_regs);
868 get_regs_error = ptrace(PTRACE_GETREGSET, pid, NT_PRSTATUS, (void *)&aarch64_io);
871 switch (aarch64_io.iov_len) {
873 /* We are in 32-bit mode */
874 memcpy(®s, &aarch64_regs, sizeof(regs));
876 case sizeof(aarch64_regs):
877 /* We are in 64-bit mode */
878 /* Data is already in aarch64_regs */
885 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, (void *)®s);
886 # elif defined(SPARC) || defined(SPARC64)
887 get_regs_error = ptrace(PTRACE_GETREGS, pid, (char *)®s, 0);
889 get_regs_error = ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &tile_regs);
895 * 0: "ignore this ptrace stop", bail out of trace_syscall_entering() silently.
896 * 1: ok, continue in trace_syscall_entering().
897 * other: error, trace_syscall_entering() should print error indicator
898 * ("????" etc) and bail out.
901 get_scno(struct tcb *tcp)
905 #if defined(S390) || defined(S390X)
906 if (upeek(tcp, PT_GPR2, &syscall_mode) < 0)
909 if (syscall_mode != -ENOSYS) {
911 * Since kernel version 2.5.44 the scno gets passed in gpr2.
916 * Old style of "passing" the scno via the SVC instruction.
918 long opcode, offset_reg, tmp;
920 static const int gpr_offset[16] = {
921 PT_GPR0, PT_GPR1, PT_ORIGGPR2, PT_GPR3,
922 PT_GPR4, PT_GPR5, PT_GPR6, PT_GPR7,
923 PT_GPR8, PT_GPR9, PT_GPR10, PT_GPR11,
924 PT_GPR12, PT_GPR13, PT_GPR14, PT_GPR15
927 if (upeek(tcp, PT_PSWADDR, &pc) < 0)
930 opcode = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)(pc-sizeof(long)), 0);
932 perror_msg("%s", "peektext(pc-oneword)");
937 * We have to check if the SVC got executed directly or via an
938 * EXECUTE instruction. In case of EXECUTE it is necessary to do
939 * instruction decoding to derive the system call number.
940 * Unfortunately the opcode sizes of EXECUTE and SVC are differently,
941 * so that this doesn't work if a SVC opcode is part of an EXECUTE
942 * opcode. Since there is no way to find out the opcode size this
943 * is the best we can do...
945 if ((opcode & 0xff00) == 0x0a00) {
947 scno = opcode & 0xff;
950 /* SVC got executed by EXECUTE instruction */
953 * Do instruction decoding of EXECUTE. If you really want to
954 * understand this, read the Principles of Operations.
956 svc_addr = (void *) (opcode & 0xfff);
959 offset_reg = (opcode & 0x000f0000) >> 16;
960 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
965 offset_reg = (opcode & 0x0000f000) >> 12;
966 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
970 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, svc_addr, 0);
979 offset_reg = (opcode & 0x00f00000) >> 20;
980 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
983 scno = (scno | tmp) & 0xff;
986 #elif defined(POWERPC)
987 if (upeek(tcp, sizeof(unsigned long)*PT_R0, &scno) < 0)
990 /* TODO: speed up strace by not doing this at every syscall.
991 * We only need to do it after execve.
996 /* Check for 64/32 bit mode. */
997 if (upeek(tcp, sizeof(unsigned long)*PT_MSR, &val) < 0)
999 /* SF is bit 0 of MSR */
1004 update_personality(tcp, currpers);
1006 #elif defined(AVR32)
1009 if (upeek(tcp, PT_ORIG_P0, &scno))
1012 scno = i386_regs.orig_eax;
1013 #elif defined(X86_64) || defined(X32)
1014 # ifndef __X32_SYSCALL_BIT
1015 # define __X32_SYSCALL_BIT 0x40000000
1017 # ifndef __X32_SYSCALL_MASK
1018 # define __X32_SYSCALL_MASK __X32_SYSCALL_BIT
1022 scno = x86_64_regs.orig_rax;
1024 /* Check CS register value. On x86-64 linux it is:
1025 * 0x33 for long mode (64 bit)
1026 * 0x23 for compatibility mode (32 bit)
1027 * Check DS register value. On x86-64 linux it is:
1028 * 0x2b for x32 mode (x86-64 in 32 bit)
1030 switch (x86_64_regs.cs) {
1031 case 0x23: currpers = 1; break;
1033 if (x86_64_regs.ds == 0x2b) {
1035 scno &= ~__X32_SYSCALL_MASK;
1040 fprintf(stderr, "Unknown value CS=0x%08X while "
1041 "detecting personality of process "
1042 "PID=%d\n", (int)x86_64_regs.cs, tcp->pid);
1043 currpers = current_personality;
1047 /* This version analyzes the opcode of a syscall instruction.
1048 * (int 0x80 on i386 vs. syscall on x86-64)
1049 * It works, but is too complicated.
1051 unsigned long val, rip, i;
1053 rip = x86_64_regs.rip;
1055 /* sizeof(syscall) == sizeof(int 0x80) == 2 */
1059 call = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)rip, (char *)0);
1061 fprintf(stderr, "ptrace_peektext failed: %s\n",
1063 switch (call & 0xffff) {
1064 /* x86-64: syscall = 0x0f 0x05 */
1065 case 0x050f: currpers = 0; break;
1066 /* i386: int 0x80 = 0xcd 0x80 */
1067 case 0x80cd: currpers = 1; break;
1069 currpers = current_personality;
1071 "Unknown syscall opcode (0x%04X) while "
1072 "detecting personality of process "
1073 "PID=%d\n", (int)call, tcp->pid);
1078 /* Value of currpers:
1082 * Value of current_personality:
1088 fprintf(stderr, "syscall_%lu (...) in unsupported "
1089 "64-bit mode of process PID=%d\n",
1096 update_personality(tcp, currpers);
1098 # define IA64_PSR_IS ((long)1 << 34)
1099 if (upeek(tcp, PT_CR_IPSR, &psr) >= 0)
1100 ia32 = (psr & IA64_PSR_IS) != 0;
1102 if (upeek(tcp, PT_R1, &scno) < 0)
1105 if (upeek(tcp, PT_R15, &scno) < 0)
1108 #elif defined(AARCH64)
1109 switch (aarch64_io.iov_len) {
1110 case sizeof(aarch64_regs):
1111 /* We are in 64-bit mode */
1112 scno = aarch64_regs.regs[8];
1113 update_personality(tcp, 1);
1116 /* We are in 32-bit mode */
1117 scno = regs.uregs[7];
1118 update_personality(tcp, 0);
1123 * We only need to grab the syscall number on syscall entry.
1125 if (regs.ARM_ip == 0) {
1127 * Note: we only deal with only 32-bit CPUs here.
1129 if (regs.ARM_cpsr & 0x20) {
1131 * Get the Thumb-mode system call number
1136 * Get the ARM-mode system call number
1139 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, (void *)(regs.ARM_pc - 4), NULL);
1143 /* Handle the EABI syscall convention. We do not
1144 bother converting structures between the two
1145 ABIs, but basic functionality should work even
1146 if strace and the traced program have different
1148 if (scno == 0xef000000) {
1151 if ((scno & 0x0ff00000) != 0x0f900000) {
1152 fprintf(stderr, "syscall: unknown syscall trap 0x%08lx\n",
1158 * Fixup the syscall number
1163 if (scno & 0x0f0000) {
1165 * Handle ARM specific syscall
1167 update_personality(tcp, 1);
1170 update_personality(tcp, 0);
1173 fprintf(stderr, "pid %d stray syscall entry\n", tcp->pid);
1174 tcp->flags |= TCB_INSYSCALL;
1177 if (upeek(tcp, 4*PT_ORIG_D0, &scno) < 0)
1179 #elif defined(LINUX_MIPSN32)
1180 unsigned long long regs[38];
1182 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1188 if (!SCNO_IN_RANGE(scno)) {
1189 if (a3 == 0 || a3 == -1) {
1191 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno);
1196 if (upeek(tcp, REG_A3, &a3) < 0)
1198 if (upeek(tcp, REG_V0, &scno) < 0)
1201 if (!SCNO_IN_RANGE(scno)) {
1202 if (a3 == 0 || a3 == -1) {
1204 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno);
1208 #elif defined(ALPHA)
1209 if (upeek(tcp, REG_A3, &a3) < 0)
1211 if (upeek(tcp, REG_R0, &scno) < 0)
1215 * Do some sanity checks to figure out if it's
1216 * really a syscall entry
1218 if (!SCNO_IN_RANGE(scno)) {
1219 if (a3 == 0 || a3 == -1) {
1221 fprintf(stderr, "stray syscall exit: r0 = %ld\n", scno);
1225 #elif defined(SPARC) || defined(SPARC64)
1226 /* Disassemble the syscall trap. */
1227 /* Retrieve the syscall trap instruction. */
1230 # if defined(SPARC64)
1231 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)regs.tpc, 0);
1234 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)regs.pc, 0);
1239 /* Disassemble the trap to see what personality to use. */
1242 /* Linux/SPARC syscall trap. */
1243 update_personality(tcp, 0);
1246 /* Linux/SPARC64 syscall trap. */
1247 update_personality(tcp, 2);
1250 /* SunOS syscall trap. (pers 1) */
1251 fprintf(stderr, "syscall: SunOS no support\n");
1254 /* Solaris 2.x syscall trap. (per 2) */
1255 update_personality(tcp, 1);
1258 /* NetBSD/FreeBSD syscall trap. */
1259 fprintf(stderr, "syscall: NetBSD/FreeBSD not supported\n");
1262 /* Solaris 2.x gettimeofday */
1263 update_personality(tcp, 1);
1266 # if defined(SPARC64)
1267 fprintf(stderr, "syscall: unknown syscall trap %08lx %016lx\n", trap, regs.tpc);
1269 fprintf(stderr, "syscall: unknown syscall trap %08lx %08lx\n", trap, regs.pc);
1274 /* Extract the system call number from the registers. */
1275 if (trap == 0x91d02027)
1278 scno = regs.u_regs[U_REG_G1];
1280 scno = regs.u_regs[U_REG_O0];
1281 memmove(®s.u_regs[U_REG_O0], ®s.u_regs[U_REG_O1], 7*sizeof(regs.u_regs[0]));
1284 if (upeek(tcp, PT_GR20, &scno) < 0)
1288 * In the new syscall ABI, the system call number is in R3.
1290 if (upeek(tcp, 4*(REG_REG0+3), &scno) < 0)
1294 /* Odd as it may seem, a glibc bug has been known to cause
1295 glibc to issue bogus negative syscall numbers. So for
1296 our purposes, make strace print what it *should* have been */
1297 long correct_scno = (scno & 0xff);
1300 "Detected glibc bug: bogus system call"
1301 " number = %ld, correcting to %ld\n",
1304 scno = correct_scno;
1307 if (upeek(tcp, REG_SYSCALL, &scno) < 0)
1310 #elif defined(CRISV10) || defined(CRISV32)
1311 if (upeek(tcp, 4*PT_R9, &scno) < 0)
1315 scno = tile_regs.regs[10];
1319 if (tile_regs.flags & PT_FLAGS_COMPAT)
1324 update_personality(tcp, currpers);
1326 if (!(tcp->flags & TCB_INSYSCALL)) {
1327 /* Check if we return from execve. */
1328 if (tcp->flags & TCB_WAITEXECVE) {
1329 tcp->flags &= ~TCB_WAITEXECVE;
1333 #elif defined(MICROBLAZE)
1334 if (upeek(tcp, 0, &scno) < 0)
1339 /* new syscall ABI returns result in R0 */
1340 if (upeek(tcp, 4*REG_REG0, (long *)&r0) < 0)
1343 /* ABI defines result returned in r9 */
1344 if (upeek(tcp, REG_GENERAL(9), (long *)&r9) < 0)
1352 /* Called at each syscall entry.
1354 * 0: "ignore this ptrace stop", bail out of trace_syscall_entering() silently.
1355 * 1: ok, continue in trace_syscall_entering().
1356 * other: error, trace_syscall_entering() should print error indicator
1357 * ("????" etc) and bail out.
1360 syscall_fixup_on_sysenter(struct tcb *tcp)
1362 /* A common case of "not a syscall entry" is post-execve SIGTRAP */
1364 if (i386_regs.eax != -ENOSYS) {
1366 fprintf(stderr, "not a syscall entry (eax = %ld)\n", i386_regs.eax);
1369 #elif defined(X86_64) || defined(X32)
1371 long rax = x86_64_regs.rax;
1372 if (current_personality == 1)
1373 rax = (int)rax; /* sign extend from 32 bits */
1374 if (rax != -ENOSYS) {
1376 fprintf(stderr, "not a syscall entry (rax = %ld)\n", rax);
1380 #elif defined(S390) || defined(S390X)
1381 /* TODO: we already fetched PT_GPR2 in get_scno
1382 * and stored it in syscall_mode, reuse it here
1383 * instead of re-fetching?
1385 if (upeek(tcp, PT_GPR2, &gpr2) < 0)
1387 if (syscall_mode != -ENOSYS)
1388 syscall_mode = tcp->scno;
1389 if (gpr2 != syscall_mode) {
1391 fprintf(stderr, "not a syscall entry (gpr2 = %ld)\n", gpr2);
1395 /* TODO? Eliminate upeek's in arches below like we did in x86 */
1396 if (upeek(tcp, 4*PT_D0, &d0) < 0)
1398 if (d0 != -ENOSYS) {
1400 fprintf(stderr, "not a syscall entry (d0 = %ld)\n", d0);
1404 if (upeek(tcp, PT_R10, &r10) < 0)
1406 if (upeek(tcp, PT_R8, &r8) < 0)
1408 if (ia32 && r8 != -ENOSYS) {
1410 fprintf(stderr, "not a syscall entry (r8 = %ld)\n", r8);
1413 #elif defined(CRISV10) || defined(CRISV32)
1414 if (upeek(tcp, 4*PT_R10, &r10) < 0)
1416 if (r10 != -ENOSYS) {
1418 fprintf(stderr, "not a syscall entry (r10 = %ld)\n", r10);
1421 #elif defined(MICROBLAZE)
1422 if (upeek(tcp, 3 * 4, &r3) < 0)
1424 if (r3 != -ENOSYS) {
1426 fprintf(stderr, "not a syscall entry (r3 = %ld)\n", r3);
1434 internal_fork(struct tcb *tcp)
1436 #if defined S390 || defined S390X || defined CRISV10 || defined CRISV32
1437 # define ARG_FLAGS 1
1439 # define ARG_FLAGS 0
1441 #ifndef CLONE_UNTRACED
1442 # define CLONE_UNTRACED 0x00800000
1444 if ((ptrace_setoptions
1445 & (PTRACE_O_TRACECLONE | PTRACE_O_TRACEFORK | PTRACE_O_TRACEVFORK))
1446 == (PTRACE_O_TRACECLONE | PTRACE_O_TRACEFORK | PTRACE_O_TRACEVFORK))
1452 if (entering(tcp)) {
1454 * We won't see the new child if clone is called with
1455 * CLONE_UNTRACED, so we keep the same logic with that option
1456 * and don't trace it.
1458 if ((sysent[tcp->scno].sys_func == sys_clone) &&
1459 (tcp->u_arg[ARG_FLAGS] & CLONE_UNTRACED))
1463 if (tcp->flags & TCB_BPTSET)
1468 #if defined(TCB_WAITEXECVE)
1470 internal_exec(struct tcb *tcp)
1472 /* Maybe we have post-execve SIGTRAP suppressed? */
1473 if (ptrace_setoptions & PTRACE_O_TRACEEXEC)
1474 return; /* yes, no need to do anything */
1476 if (exiting(tcp) && syserror(tcp))
1477 /* Error in execve, no post-execve SIGTRAP expected */
1478 tcp->flags &= ~TCB_WAITEXECVE;
1480 tcp->flags |= TCB_WAITEXECVE;
1485 internal_syscall(struct tcb *tcp)
1488 * We must always trace a few critical system calls in order to
1489 * correctly support following forks in the presence of tracing
1494 if (!SCNO_IN_RANGE(tcp->scno))
1497 func = sysent[tcp->scno].sys_func;
1499 if ( sys_fork == func
1500 || sys_vfork == func
1501 || sys_clone == func
1507 #if defined(TCB_WAITEXECVE)
1508 if ( sys_execve == func
1509 # if defined(SPARC) || defined(SPARC64)
1510 || sys_execv == func
1519 /* Return -1 on error or 1 on success (never 0!) */
1521 get_syscall_args(struct tcb *tcp)
1525 if (SCNO_IN_RANGE(tcp->scno))
1526 nargs = tcp->u_nargs = sysent[tcp->scno].nargs;
1528 nargs = tcp->u_nargs = MAX_ARGS;
1530 #if defined(S390) || defined(S390X)
1531 for (i = 0; i < nargs; ++i)
1532 if (upeek(tcp, i==0 ? PT_ORIGGPR2 : PT_GPR2 + i*sizeof(long), &tcp->u_arg[i]) < 0)
1534 #elif defined(ALPHA)
1535 for (i = 0; i < nargs; ++i)
1536 if (upeek(tcp, REG_A0+i, &tcp->u_arg[i]) < 0)
1540 unsigned long *out0, cfm, sof, sol;
1542 /* be backwards compatible with kernel < 2.4.4... */
1544 # define PT_RBS_END PT_AR_BSP
1547 if (upeek(tcp, PT_RBS_END, &rbs_end) < 0)
1549 if (upeek(tcp, PT_CFM, (long *) &cfm) < 0)
1552 sof = (cfm >> 0) & 0x7f;
1553 sol = (cfm >> 7) & 0x7f;
1554 out0 = ia64_rse_skip_regs((unsigned long *) rbs_end, -sof + sol);
1556 for (i = 0; i < nargs; ++i) {
1557 if (umoven(tcp, (unsigned long) ia64_rse_skip_regs(out0, i),
1558 sizeof(long), (char *) &tcp->u_arg[i]) < 0)
1562 static const int argreg[MAX_ARGS] = { PT_R11 /* EBX = out0 */,
1563 PT_R9 /* ECX = out1 */,
1564 PT_R10 /* EDX = out2 */,
1565 PT_R14 /* ESI = out3 */,
1566 PT_R15 /* EDI = out4 */,
1567 PT_R13 /* EBP = out5 */};
1569 for (i = 0; i < nargs; ++i) {
1570 if (upeek(tcp, argreg[i], &tcp->u_arg[i]) < 0)
1572 /* truncate away IVE sign-extension */
1573 tcp->u_arg[i] &= 0xffffffff;
1576 #elif defined(LINUX_MIPSN32) || defined(LINUX_MIPSN64)
1577 /* N32 and N64 both use up to six registers. */
1578 unsigned long long regs[38];
1580 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1583 for (i = 0; i < nargs; ++i) {
1584 tcp->u_arg[i] = regs[REG_A0 + i];
1585 # if defined(LINUX_MIPSN32)
1586 tcp->ext_arg[i] = regs[REG_A0 + i];
1593 if (upeek(tcp, REG_SP, &sp) < 0)
1595 for (i = 0; i < 4; ++i)
1596 if (upeek(tcp, REG_A0 + i, &tcp->u_arg[i]) < 0)
1598 umoven(tcp, sp + 16, (nargs - 4) * sizeof(tcp->u_arg[0]),
1599 (char *)(tcp->u_arg + 4));
1601 for (i = 0; i < nargs; ++i)
1602 if (upeek(tcp, REG_A0 + i, &tcp->u_arg[i]) < 0)
1605 #elif defined(POWERPC)
1607 # define PT_ORIG_R3 34
1609 for (i = 0; i < nargs; ++i) {
1610 if (upeek(tcp, (i==0) ?
1611 (sizeof(unsigned long) * PT_ORIG_R3) :
1612 ((i+PT_R3) * sizeof(unsigned long)),
1613 &tcp->u_arg[i]) < 0)
1616 #elif defined(SPARC) || defined(SPARC64)
1617 for (i = 0; i < nargs; ++i)
1618 tcp->u_arg[i] = regs.u_regs[U_REG_O0 + i];
1620 for (i = 0; i < nargs; ++i)
1621 if (upeek(tcp, PT_GR26-4*i, &tcp->u_arg[i]) < 0)
1623 #elif defined(ARM) || defined(AARCH64)
1624 # if defined(AARCH64)
1625 if (tcp->currpers == 1)
1626 for (i = 0; i < nargs; ++i)
1627 tcp->u_arg[i] = aarch64_regs.regs[i];
1629 # endif /* AARCH64 */
1630 for (i = 0; i < nargs; ++i)
1631 tcp->u_arg[i] = regs.uregs[i];
1632 #elif defined(AVR32)
1635 tcp->u_arg[0] = regs.r12;
1636 tcp->u_arg[1] = regs.r11;
1637 tcp->u_arg[2] = regs.r10;
1638 tcp->u_arg[3] = regs.r9;
1639 tcp->u_arg[4] = regs.r5;
1640 tcp->u_arg[5] = regs.r3;
1642 static const int argreg[MAX_ARGS] = { PT_R0, PT_R1, PT_R2, PT_R3, PT_R4, PT_R5 };
1644 for (i = 0; i < nargs; ++i)
1645 if (upeek(tcp, argreg[i], &tcp->u_arg[i]) < 0)
1648 static const int syscall_regs[MAX_ARGS] = {
1649 4 * (REG_REG0+4), 4 * (REG_REG0+5), 4 * (REG_REG0+6),
1650 4 * (REG_REG0+7), 4 * (REG_REG0 ), 4 * (REG_REG0+1)
1653 for (i = 0; i < nargs; ++i)
1654 if (upeek(tcp, syscall_regs[i], &tcp->u_arg[i]) < 0)
1658 /* Registers used by SH5 Linux system calls for parameters */
1659 static const int syscall_regs[MAX_ARGS] = { 2, 3, 4, 5, 6, 7 };
1661 for (i = 0; i < nargs; ++i)
1662 if (upeek(tcp, REG_GENERAL(syscall_regs[i]), &tcp->u_arg[i]) < 0)
1664 #elif defined(X86_64) || defined(X32)
1667 if (current_personality != 1) { /* x86-64 or x32 ABI */
1668 tcp->u_arg[0] = x86_64_regs.rdi;
1669 tcp->u_arg[1] = x86_64_regs.rsi;
1670 tcp->u_arg[2] = x86_64_regs.rdx;
1671 tcp->u_arg[3] = x86_64_regs.r10;
1672 tcp->u_arg[4] = x86_64_regs.r8;
1673 tcp->u_arg[5] = x86_64_regs.r9;
1675 tcp->ext_arg[0] = x86_64_regs.rdi;
1676 tcp->ext_arg[1] = x86_64_regs.rsi;
1677 tcp->ext_arg[2] = x86_64_regs.rdx;
1678 tcp->ext_arg[3] = x86_64_regs.r10;
1679 tcp->ext_arg[4] = x86_64_regs.r8;
1680 tcp->ext_arg[5] = x86_64_regs.r9;
1682 } else { /* i386 ABI */
1683 /* Sign-extend lower 32 bits */
1684 tcp->u_arg[0] = (long)(int)x86_64_regs.rbx;
1685 tcp->u_arg[1] = (long)(int)x86_64_regs.rcx;
1686 tcp->u_arg[2] = (long)(int)x86_64_regs.rdx;
1687 tcp->u_arg[3] = (long)(int)x86_64_regs.rsi;
1688 tcp->u_arg[4] = (long)(int)x86_64_regs.rdi;
1689 tcp->u_arg[5] = (long)(int)x86_64_regs.rbp;
1691 #elif defined(MICROBLAZE)
1692 for (i = 0; i < nargs; ++i)
1693 if (upeek(tcp, (5 + i) * 4, &tcp->u_arg[i]) < 0)
1695 #elif defined(CRISV10) || defined(CRISV32)
1696 static const int crisregs[MAX_ARGS] = {
1697 4*PT_ORIG_R10, 4*PT_R11, 4*PT_R12,
1698 4*PT_R13 , 4*PT_MOF, 4*PT_SRP
1701 for (i = 0; i < nargs; ++i)
1702 if (upeek(tcp, crisregs[i], &tcp->u_arg[i]) < 0)
1705 for (i = 0; i < nargs; ++i)
1706 tcp->u_arg[i] = tile_regs.regs[i];
1708 for (i = 0; i < nargs; ++i)
1709 if (upeek(tcp, (i < 5 ? i : i + 2)*4, &tcp->u_arg[i]) < 0)
1714 tcp->u_arg[0] = i386_regs.ebx;
1715 tcp->u_arg[1] = i386_regs.ecx;
1716 tcp->u_arg[2] = i386_regs.edx;
1717 tcp->u_arg[3] = i386_regs.esi;
1718 tcp->u_arg[4] = i386_regs.edi;
1719 tcp->u_arg[5] = i386_regs.ebp;
1720 #else /* Other architecture (32bits specific) */
1721 for (i = 0; i < nargs; ++i)
1722 if (upeek(tcp, i*4, &tcp->u_arg[i]) < 0)
1729 trace_syscall_entering(struct tcb *tcp)
1733 #if defined TCB_WAITEXECVE
1734 if (tcp->flags & TCB_WAITEXECVE) {
1735 /* This is the post-execve SIGTRAP. */
1736 tcp->flags &= ~TCB_WAITEXECVE;
1741 scno_good = res = (get_regs_error ? -1 : get_scno(tcp));
1745 res = syscall_fixup_on_sysenter(tcp);
1749 res = get_syscall_args(tcp);
1755 tprints("????" /* anti-trigraph gap */ "(");
1756 else if (!SCNO_IN_RANGE(tcp->scno))
1757 tprintf("syscall_%lu(", tcp->scno);
1759 tprintf("%s(", sysent[tcp->scno].sys_name);
1761 * " <unavailable>" will be added later by the code which
1762 * detects ptrace errors.
1767 #if defined(SYS_socket_subcall) || defined(SYS_ipc_subcall)
1768 while (SCNO_IN_RANGE(tcp->scno)) {
1769 # ifdef SYS_socket_subcall
1770 if (sysent[tcp->scno].sys_func == sys_socketcall) {
1771 decode_socket_subcall(tcp);
1775 # ifdef SYS_ipc_subcall
1776 if (sysent[tcp->scno].sys_func == sys_ipc) {
1777 decode_ipc_subcall(tcp);
1783 #endif /* SYS_socket_subcall || SYS_ipc_subcall */
1785 internal_syscall(tcp);
1787 if ((SCNO_IN_RANGE(tcp->scno) &&
1788 !(qual_flags[tcp->scno] & QUAL_TRACE)) ||
1789 (tracing_paths && !pathtrace_match(tcp))) {
1790 tcp->flags |= TCB_INSYSCALL | TCB_FILTERED;
1794 tcp->flags &= ~TCB_FILTERED;
1796 if (cflag == CFLAG_ONLY_STATS) {
1802 if (!SCNO_IN_RANGE(tcp->scno))
1803 tprintf("syscall_%lu(", tcp->scno);
1805 tprintf("%s(", sysent[tcp->scno].sys_name);
1806 if (!SCNO_IN_RANGE(tcp->scno) ||
1807 ((qual_flags[tcp->scno] & QUAL_RAW) &&
1808 sysent[tcp->scno].sys_func != sys_exit))
1809 res = printargs(tcp);
1811 res = (*sysent[tcp->scno].sys_func)(tcp);
1815 tcp->flags |= TCB_INSYSCALL;
1816 /* Measure the entrance time as late as possible to avoid errors. */
1818 gettimeofday(&tcp->etime, NULL);
1823 * 1: ok, continue in trace_syscall_exiting().
1824 * -1: error, trace_syscall_exiting() should print error indicator
1825 * ("????" etc) and bail out.
1828 get_syscall_result(struct tcb *tcp)
1830 #if defined(S390) || defined(S390X)
1831 if (upeek(tcp, PT_GPR2, &gpr2) < 0)
1833 #elif defined(POWERPC)
1834 # define SO_MASK 0x10000000
1837 if (upeek(tcp, sizeof(unsigned long)*PT_CCR, &flags) < 0)
1839 if (upeek(tcp, sizeof(unsigned long)*PT_R3, &ppc_result) < 0)
1841 if (flags & SO_MASK)
1842 ppc_result = -ppc_result;
1844 #elif defined(AVR32)
1845 /* already done by get_regs */
1847 if (upeek(tcp, PT_R0, &r0) < 0)
1850 /* already done by get_regs */
1851 #elif defined(X86_64) || defined(X32)
1852 /* already done by get_regs */
1854 # define IA64_PSR_IS ((long)1 << 34)
1855 if (upeek(tcp, PT_CR_IPSR, &psr) >= 0)
1856 ia32 = (psr & IA64_PSR_IS) != 0;
1857 if (upeek(tcp, PT_R8, &r8) < 0)
1859 if (upeek(tcp, PT_R10, &r10) < 0)
1861 #elif defined(AARCH64)
1862 /* FIXME: uh, why do we do it on syscall *exit*? We did it on entry already... */
1863 /* We are in 64-bit mode (personality 1) if register struct is aarch64_regs,
1864 * else it's personality 0.
1866 update_personality(tcp, aarch64_io.iov_len == sizeof(aarch64_regs));
1868 /* already done by get_regs */
1870 if (upeek(tcp, 4*PT_D0, &d0) < 0)
1872 #elif defined(LINUX_MIPSN32)
1873 unsigned long long regs[38];
1875 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1880 if (upeek(tcp, REG_A3, &a3) < 0)
1882 if (upeek(tcp, REG_V0, &r2) < 0)
1884 #elif defined(ALPHA)
1885 if (upeek(tcp, REG_A3, &a3) < 0)
1887 if (upeek(tcp, REG_R0, &r0) < 0)
1889 #elif defined(SPARC) || defined(SPARC64)
1890 /* already done by get_regs */
1892 if (upeek(tcp, PT_GR28, &r28) < 0)
1895 /* new syscall ABI returns result in R0 */
1896 if (upeek(tcp, 4*REG_REG0, (long *)&r0) < 0)
1899 /* ABI defines result returned in r9 */
1900 if (upeek(tcp, REG_GENERAL(9), (long *)&r9) < 0)
1902 #elif defined(CRISV10) || defined(CRISV32)
1903 if (upeek(tcp, 4*PT_R10, &r10) < 0)
1906 /* already done by get_regs */
1907 #elif defined(MICROBLAZE)
1908 if (upeek(tcp, 3 * 4, &r3) < 0)
1914 /* Called at each syscall exit */
1916 syscall_fixup_on_sysexit(struct tcb *tcp)
1918 #if defined(S390) || defined(S390X)
1919 if (syscall_mode != -ENOSYS)
1920 syscall_mode = tcp->scno;
1921 if ((tcp->flags & TCB_WAITEXECVE)
1922 && (gpr2 == -ENOSYS || gpr2 == tcp->scno)) {
1924 * Return from execve.
1925 * Fake a return value of zero. We leave the TCB_WAITEXECVE
1926 * flag set for the post-execve SIGTRAP to see and reset.
1934 * Check the syscall return value register value for whether it is
1935 * a negated errno code indicating an error, or a success return value.
1938 is_negated_errno(unsigned long int val)
1940 unsigned long int max = -(long int) nerrnos;
1941 #if SUPPORTED_PERSONALITIES > 1
1942 if (current_wordsize < sizeof(val)) {
1943 val = (unsigned int) val;
1944 max = (unsigned int) max;
1951 * 1: ok, continue in trace_syscall_exiting().
1952 * -1: error, trace_syscall_exiting() should print error indicator
1953 * ("????" etc) and bail out.
1956 get_error(struct tcb *tcp)
1959 int check_errno = 1;
1960 if (SCNO_IN_RANGE(tcp->scno) &&
1961 sysent[tcp->scno].sys_flags & SYSCALL_NEVER_FAILS) {
1964 #if defined(S390) || defined(S390X)
1965 if (check_errno && is_negated_errno(gpr2)) {
1973 if (check_errno && is_negated_errno(i386_regs.eax)) {
1975 u_error = -i386_regs.eax;
1978 tcp->u_rval = i386_regs.eax;
1980 #elif defined(X86_64) || defined(X32)
1981 if (check_errno && is_negated_errno(x86_64_regs.rax)) {
1983 u_error = -x86_64_regs.rax;
1986 tcp->u_rval = x86_64_regs.rax;
1988 tcp->u_lrval = x86_64_regs.rax;
1996 if (check_errno && is_negated_errno(err)) {
2004 if (check_errno && r10) {
2012 if (check_errno && a3) {
2017 # if defined(LINUX_MIPSN32)
2021 #elif defined(POWERPC)
2022 if (check_errno && is_negated_errno(ppc_result)) {
2024 u_error = -ppc_result;
2027 tcp->u_rval = ppc_result;
2030 if (check_errno && is_negated_errno(d0)) {
2037 #elif defined(ARM) || defined(AARCH64)
2038 # if defined(AARCH64)
2039 if (tcp->currpers == 1) {
2040 if (check_errno && is_negated_errno(aarch64_regs.regs[0])) {
2042 u_error = -aarch64_regs.regs[0];
2045 tcp->u_rval = aarch64_regs.regs[0];
2049 # endif /* AARCH64 */
2051 if (check_errno && is_negated_errno(regs.ARM_r0)) {
2053 u_error = -regs.ARM_r0;
2056 tcp->u_rval = regs.ARM_r0;
2059 #elif defined(AVR32)
2060 if (check_errno && regs.r12 && (unsigned) -regs.r12 < nerrnos) {
2062 u_error = -regs.r12;
2065 tcp->u_rval = regs.r12;
2068 if (check_errno && is_negated_errno(r0)) {
2074 #elif defined(ALPHA)
2075 if (check_errno && a3) {
2082 #elif defined(SPARC)
2083 if (check_errno && regs.psr & PSR_C) {
2085 u_error = regs.u_regs[U_REG_O0];
2088 tcp->u_rval = regs.u_regs[U_REG_O0];
2090 #elif defined(SPARC64)
2091 if (check_errno && regs.tstate & 0x1100000000UL) {
2093 u_error = regs.u_regs[U_REG_O0];
2096 tcp->u_rval = regs.u_regs[U_REG_O0];
2099 if (check_errno && is_negated_errno(r28)) {
2107 if (check_errno && is_negated_errno(r0)) {
2115 if (check_errno && is_negated_errno(r9)) {
2122 #elif defined(CRISV10) || defined(CRISV32)
2123 if (check_errno && r10 && (unsigned) -r10 < nerrnos) {
2132 * The standard tile calling convention returns the value (or negative
2133 * errno) in r0, and zero (or positive errno) in r1.
2134 * Until at least kernel 3.8, however, the r1 value is not reflected
2135 * in ptregs at this point, so we use r0 here.
2137 if (check_errno && is_negated_errno(tile_regs.regs[0])) {
2139 u_error = -tile_regs.regs[0];
2141 tcp->u_rval = tile_regs.regs[0];
2143 #elif defined(MICROBLAZE)
2144 if (check_errno && is_negated_errno(r3)) {
2152 tcp->u_error = u_error;
2157 dumpio(struct tcb *tcp)
2161 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= MAX_QUALS)
2163 if (!SCNO_IN_RANGE(tcp->scno))
2165 if (sysent[tcp->scno].sys_func == printargs)
2167 if (qual_flags[tcp->u_arg[0]] & QUAL_READ) {
2168 if (sysent[tcp->scno].sys_func == sys_read ||
2169 sysent[tcp->scno].sys_func == sys_pread ||
2170 sysent[tcp->scno].sys_func == sys_recv ||
2171 sysent[tcp->scno].sys_func == sys_recvfrom)
2172 dumpstr(tcp, tcp->u_arg[1], tcp->u_rval);
2173 else if (sysent[tcp->scno].sys_func == sys_readv)
2174 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]);
2177 if (qual_flags[tcp->u_arg[0]] & QUAL_WRITE) {
2178 if (sysent[tcp->scno].sys_func == sys_write ||
2179 sysent[tcp->scno].sys_func == sys_pwrite ||
2180 sysent[tcp->scno].sys_func == sys_send ||
2181 sysent[tcp->scno].sys_func == sys_sendto)
2182 dumpstr(tcp, tcp->u_arg[1], tcp->u_arg[2]);
2183 else if (sysent[tcp->scno].sys_func == sys_writev)
2184 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]);
2190 trace_syscall_exiting(struct tcb *tcp)
2197 /* Measure the exit time as early as possible to avoid errors. */
2199 gettimeofday(&tv, NULL);
2201 #if SUPPORTED_PERSONALITIES > 1
2202 update_personality(tcp, tcp->currpers);
2204 res = (get_regs_error ? -1 : get_syscall_result(tcp));
2206 syscall_fixup_on_sysexit(tcp); /* never fails */
2207 res = get_error(tcp); /* returns 1 or -1 */
2209 internal_syscall(tcp);
2210 if (filtered(tcp)) {
2217 struct timeval t = tv;
2218 count_syscall(tcp, &t);
2219 if (cflag == CFLAG_ONLY_STATS) {
2224 /* If not in -ff mode, and printing_tcp != tcp,
2225 * then the log currently does not end with output
2226 * of _our syscall entry_, but with something else.
2227 * We need to say which syscall's return is this.
2229 * Forced reprinting via TCB_REPRINT is used only by
2230 * "strace -ff -oLOG test/threaded_execve" corner case.
2231 * It's the only case when -ff mode needs reprinting.
2233 if ((followfork < 2 && printing_tcp != tcp) || (tcp->flags & TCB_REPRINT)) {
2234 tcp->flags &= ~TCB_REPRINT;
2236 if (!SCNO_IN_RANGE(tcp->scno))
2237 tprintf("<... syscall_%lu resumed> ", tcp->scno);
2239 tprintf("<... %s resumed> ", sysent[tcp->scno].sys_name);
2244 /* There was error in one of prior ptrace ops */
2247 tprints("= ? <unavailable>\n");
2249 tcp->flags &= ~TCB_INSYSCALL;
2254 if (!SCNO_IN_RANGE(tcp->scno)
2255 || (qual_flags[tcp->scno] & QUAL_RAW)) {
2256 /* sys_res = printargs(tcp); - but it's nop on sysexit */
2258 /* FIXME: not_failing_only (IOW, option -z) is broken:
2259 * failure of syscall is known only after syscall return.
2260 * Thus we end up with something like this on, say, ENOENT:
2261 * open("doesnt_exist", O_RDONLY <unfinished ...>
2262 * {next syscall decode}
2263 * whereas the intended result is that open(...) line
2264 * is not shown at all.
2266 if (not_failing_only && tcp->u_error)
2267 goto ret; /* ignore failed syscalls */
2268 sys_res = (*sysent[tcp->scno].sys_func)(tcp);
2273 u_error = tcp->u_error;
2274 if (!SCNO_IN_RANGE(tcp->scno) ||
2275 qual_flags[tcp->scno] & QUAL_RAW) {
2277 tprintf("= -1 (errno %ld)", u_error);
2279 tprintf("= %#lx", tcp->u_rval);
2281 else if (!(sys_res & RVAL_NONE) && u_error) {
2283 /* Blocked signals do not interrupt any syscalls.
2284 * In this case syscalls don't return ERESTARTfoo codes.
2286 * Deadly signals set to SIG_DFL interrupt syscalls
2287 * and kill the process regardless of which of the codes below
2288 * is returned by the interrupted syscall.
2289 * In some cases, kernel forces a kernel-generated deadly
2290 * signal to be unblocked and set to SIG_DFL (and thus cause
2291 * death) if it is blocked or SIG_IGNed: for example, SIGSEGV
2292 * or SIGILL. (The alternative is to leave process spinning
2293 * forever on the faulty instruction - not useful).
2295 * SIG_IGNed signals and non-deadly signals set to SIG_DFL
2296 * (for example, SIGCHLD, SIGWINCH) interrupt syscalls,
2297 * but kernel will always restart them.
2300 /* Most common type of signal-interrupted syscall exit code.
2301 * The system call will be restarted with the same arguments
2302 * if SA_RESTART is set; otherwise, it will fail with EINTR.
2304 tprints("= ? ERESTARTSYS (To be restarted if SA_RESTART is set)");
2306 case ERESTARTNOINTR:
2307 /* Rare. For example, fork() returns this if interrupted.
2308 * SA_RESTART is ignored (assumed set): the restart is unconditional.
2310 tprints("= ? ERESTARTNOINTR (To be restarted)");
2312 case ERESTARTNOHAND:
2313 /* pause(), rt_sigsuspend() etc use this code.
2314 * SA_RESTART is ignored (assumed not set):
2315 * syscall won't restart (will return EINTR instead)
2316 * even after signal with SA_RESTART set.
2317 * However, after SIG_IGN or SIG_DFL signal it will.
2319 tprints("= ? ERESTARTNOHAND (Interrupted by signal)");
2321 case ERESTART_RESTARTBLOCK:
2322 /* Syscalls like nanosleep(), poll() which can't be
2323 * restarted with their original arguments use this
2324 * code. Kernel will execute restart_syscall() instead,
2325 * which changes arguments before restarting syscall.
2326 * SA_RESTART is ignored (assumed not set) similarly
2327 * to ERESTARTNOHAND. (Kernel can't honor SA_RESTART
2328 * since restart data is saved in "restart block"
2329 * in task struct, and if signal handler uses a syscall
2330 * which in turn saves another such restart block,
2331 * old data is lost and restart becomes impossible)
2333 tprints("= ? ERESTART_RESTARTBLOCK (Interrupted by signal)");
2337 tprintf("= -1 E??? (errno %ld)", u_error);
2338 else if (u_error < nerrnos)
2339 tprintf("= -1 %s (%s)", errnoent[u_error],
2342 tprintf("= -1 ERRNO_%ld (%s)", u_error,
2346 if ((sys_res & RVAL_STR) && tcp->auxstr)
2347 tprintf(" (%s)", tcp->auxstr);
2350 if (sys_res & RVAL_NONE)
2353 switch (sys_res & RVAL_MASK) {
2355 tprintf("= %#lx", tcp->u_rval);
2358 tprintf("= %#lo", tcp->u_rval);
2361 tprintf("= %lu", tcp->u_rval);
2364 tprintf("= %ld", tcp->u_rval);
2366 #if defined(LINUX_MIPSN32) || defined(X32)
2369 tprintf("= %#llx", tcp->u_lrval);
2372 tprintf("= %#llo", tcp->u_lrval);
2375 case RVAL_LUDECIMAL:
2376 tprintf("= %llu", tcp->u_lrval);
2380 tprintf("= %lld", tcp->u_lrval);
2386 "invalid rval format\n");
2390 if ((sys_res & RVAL_STR) && tcp->auxstr)
2391 tprintf(" (%s)", tcp->auxstr);
2394 tv_sub(&tv, &tv, &tcp->etime);
2395 tprintf(" <%ld.%06ld>",
2396 (long) tv.tv_sec, (long) tv.tv_usec);
2403 tcp->flags &= ~TCB_INSYSCALL;
2408 trace_syscall(struct tcb *tcp)
2410 return exiting(tcp) ?
2411 trace_syscall_exiting(tcp) : trace_syscall_entering(tcp);