2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl>
3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl>
4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com>
5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl>
6 * Copyright (c) 1999 IBM Deutschland Entwicklung GmbH, IBM Corporation
7 * Linux for s390 port by D.J. Barrow
8 * <barrow_dj@mail.yahoo.com,djbarrow@de.ibm.com>
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. The name of the author may not be used to endorse or promote products
20 * derived from this software without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36 #include <sys/param.h>
40 # ifndef PTRACE_PEEKUSR
41 # define PTRACE_PEEKUSR PTRACE_PEEKUSER
43 #elif defined(HAVE_LINUX_PTRACE_H)
44 # undef PTRACE_SYSCALL
45 # ifdef HAVE_STRUCT_IA64_FPREG
46 # define ia64_fpreg XXX_ia64_fpreg
48 # ifdef HAVE_STRUCT_PT_ALL_USER_REGS
49 # define pt_all_user_regs XXX_pt_all_user_regs
51 # include <linux/ptrace.h>
53 # undef pt_all_user_regs
57 # undef PTRACE_GETREGS
58 # define PTRACE_GETREGS PTRACE_GETREGS64
59 # undef PTRACE_SETREGS
60 # define PTRACE_SETREGS PTRACE_SETREGS64
64 # include <asm/ptrace_offsets.h>
69 # define ERESTARTSYS 512
71 #ifndef ERESTARTNOINTR
72 # define ERESTARTNOINTR 513
74 #ifndef ERESTARTNOHAND
75 # define ERESTARTNOHAND 514 /* restart if no handler */
77 #ifndef ERESTART_RESTARTBLOCK
78 # define ERESTART_RESTARTBLOCK 516 /* restart by calling sys_restart_syscall */
82 # warning: NSIG is not defined, using 32
86 /* Ugh. Is this really correct? ARM has no RT signals?! */
93 /* Define these shorthand notations to simplify the syscallent files. */
97 #define TN TRACE_NETWORK
98 #define TP TRACE_PROCESS
99 #define TS TRACE_SIGNAL
100 #define NF SYSCALL_NEVER_FAILS
103 static const struct sysent sysent0[] = {
104 #include "syscallent.h"
107 #if SUPPORTED_PERSONALITIES >= 2
108 static const struct sysent sysent1[] = {
109 # include "syscallent1.h"
113 #if SUPPORTED_PERSONALITIES >= 3
114 static const struct sysent sysent2[] = {
115 # include "syscallent2.h"
119 /* Now undef them since short defines cause wicked namespace pollution. */
130 * `ioctlent.h' may be generated from `ioctlent.raw' by the auxiliary
131 * program `ioctlsort', such that the list is sorted by the `code' field.
132 * This has the side-effect of resolving the _IO.. macros into
133 * plain integers, eliminating the need to include here everything
137 static const char *const errnoent0[] = {
138 #include "errnoent.h"
140 static const char *const signalent0[] = {
141 #include "signalent.h"
143 static const struct ioctlent ioctlent0[] = {
144 #include "ioctlent.h"
146 enum { nsyscalls0 = ARRAY_SIZE(sysent0) };
147 enum { nerrnos0 = ARRAY_SIZE(errnoent0) };
148 enum { nsignals0 = ARRAY_SIZE(signalent0) };
149 enum { nioctlents0 = ARRAY_SIZE(ioctlent0) };
150 int qual_flags0[MAX_QUALS];
152 #if SUPPORTED_PERSONALITIES >= 2
153 static const char *const errnoent1[] = {
154 # include "errnoent1.h"
156 static const char *const signalent1[] = {
157 # include "signalent1.h"
159 static const struct ioctlent ioctlent1[] = {
160 # include "ioctlent1.h"
162 enum { nsyscalls1 = ARRAY_SIZE(sysent1) };
163 enum { nerrnos1 = ARRAY_SIZE(errnoent1) };
164 enum { nsignals1 = ARRAY_SIZE(signalent1) };
165 enum { nioctlents1 = ARRAY_SIZE(ioctlent1) };
166 int qual_flags1[MAX_QUALS];
169 #if SUPPORTED_PERSONALITIES >= 3
170 static const char *const errnoent2[] = {
171 # include "errnoent2.h"
173 static const char *const signalent2[] = {
174 # include "signalent2.h"
176 static const struct ioctlent ioctlent2[] = {
177 # include "ioctlent2.h"
179 enum { nsyscalls2 = ARRAY_SIZE(sysent2) };
180 enum { nerrnos2 = ARRAY_SIZE(errnoent2) };
181 enum { nsignals2 = ARRAY_SIZE(signalent2) };
182 enum { nioctlents2 = ARRAY_SIZE(ioctlent2) };
183 int qual_flags2[MAX_QUALS];
186 const struct sysent *sysent = sysent0;
187 const char *const *errnoent = errnoent0;
188 const char *const *signalent = signalent0;
189 const struct ioctlent *ioctlent = ioctlent0;
190 unsigned nsyscalls = nsyscalls0;
191 unsigned nerrnos = nerrnos0;
192 unsigned nsignals = nsignals0;
193 unsigned nioctlents = nioctlents0;
194 int *qual_flags = qual_flags0;
196 #if SUPPORTED_PERSONALITIES > 1
197 int current_personality;
199 const int personality_wordsize[SUPPORTED_PERSONALITIES] = {
200 PERSONALITY0_WORDSIZE,
201 PERSONALITY1_WORDSIZE,
202 # if SUPPORTED_PERSONALITIES > 2
203 PERSONALITY2_WORDSIZE,
208 set_personality(int personality)
210 switch (personality) {
212 errnoent = errnoent0;
215 nsyscalls = nsyscalls0;
216 ioctlent = ioctlent0;
217 nioctlents = nioctlents0;
218 signalent = signalent0;
219 nsignals = nsignals0;
220 qual_flags = qual_flags0;
224 errnoent = errnoent1;
227 nsyscalls = nsyscalls1;
228 ioctlent = ioctlent1;
229 nioctlents = nioctlents1;
230 signalent = signalent1;
231 nsignals = nsignals1;
232 qual_flags = qual_flags1;
235 # if SUPPORTED_PERSONALITIES >= 3
237 errnoent = errnoent2;
240 nsyscalls = nsyscalls2;
241 ioctlent = ioctlent2;
242 nioctlents = nioctlents2;
243 signalent = signalent2;
244 nsignals = nsignals2;
245 qual_flags = qual_flags2;
250 current_personality = personality;
254 update_personality(struct tcb *tcp, int personality)
256 if (personality == current_personality)
258 set_personality(personality);
260 if (personality == tcp->currpers)
262 tcp->currpers = personality;
264 # if defined(POWERPC64)
266 static const char *const names[] = {"64 bit", "32 bit"};
267 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n",
268 tcp->pid, names[personality]);
270 # elif defined(X86_64)
272 static const char *const names[] = {"64 bit", "32 bit", "x32"};
273 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n",
274 tcp->pid, names[personality]);
278 static const char *const names[] = {"x32", "32 bit"};
279 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n",
280 tcp->pid, names[personality]);
286 static int qual_syscall(), qual_signal(), qual_fault(), qual_desc();
288 static const struct qual_options {
290 const char *option_name;
291 int (*qualify)(const char *, int, int);
292 const char *argument_name;
294 { QUAL_TRACE, "trace", qual_syscall, "system call" },
295 { QUAL_TRACE, "t", qual_syscall, "system call" },
296 { QUAL_ABBREV, "abbrev", qual_syscall, "system call" },
297 { QUAL_ABBREV, "a", qual_syscall, "system call" },
298 { QUAL_VERBOSE, "verbose", qual_syscall, "system call" },
299 { QUAL_VERBOSE, "v", qual_syscall, "system call" },
300 { QUAL_RAW, "raw", qual_syscall, "system call" },
301 { QUAL_RAW, "x", qual_syscall, "system call" },
302 { QUAL_SIGNAL, "signal", qual_signal, "signal" },
303 { QUAL_SIGNAL, "signals", qual_signal, "signal" },
304 { QUAL_SIGNAL, "s", qual_signal, "signal" },
305 { QUAL_FAULT, "fault", qual_fault, "fault" },
306 { QUAL_FAULT, "faults", qual_fault, "fault" },
307 { QUAL_FAULT, "m", qual_fault, "fault" },
308 { QUAL_READ, "read", qual_desc, "descriptor" },
309 { QUAL_READ, "reads", qual_desc, "descriptor" },
310 { QUAL_READ, "r", qual_desc, "descriptor" },
311 { QUAL_WRITE, "write", qual_desc, "descriptor" },
312 { QUAL_WRITE, "writes", qual_desc, "descriptor" },
313 { QUAL_WRITE, "w", qual_desc, "descriptor" },
314 { 0, NULL, NULL, NULL },
318 qualify_one(int n, int bitflag, int not, int pers)
320 if (pers == 0 || pers < 0) {
322 qual_flags0[n] &= ~bitflag;
324 qual_flags0[n] |= bitflag;
327 #if SUPPORTED_PERSONALITIES >= 2
328 if (pers == 1 || pers < 0) {
330 qual_flags1[n] &= ~bitflag;
332 qual_flags1[n] |= bitflag;
336 #if SUPPORTED_PERSONALITIES >= 3
337 if (pers == 2 || pers < 0) {
339 qual_flags2[n] &= ~bitflag;
341 qual_flags2[n] |= bitflag;
347 qual_syscall(const char *s, int bitflag, int not)
352 if (*s >= '0' && *s <= '9') {
353 int i = string_to_uint(s);
354 if (i < 0 || i >= MAX_QUALS)
356 qualify_one(i, bitflag, not, -1);
359 for (i = 0; i < nsyscalls0; i++)
360 if (sysent0[i].sys_name &&
361 strcmp(s, sysent0[i].sys_name) == 0) {
362 qualify_one(i, bitflag, not, 0);
366 #if SUPPORTED_PERSONALITIES >= 2
367 for (i = 0; i < nsyscalls1; i++)
368 if (sysent1[i].sys_name &&
369 strcmp(s, sysent1[i].sys_name) == 0) {
370 qualify_one(i, bitflag, not, 1);
375 #if SUPPORTED_PERSONALITIES >= 3
376 for (i = 0; i < nsyscalls2; i++)
377 if (sysent2[i].sys_name &&
378 strcmp(s, sysent2[i].sys_name) == 0) {
379 qualify_one(i, bitflag, not, 2);
388 qual_signal(const char *s, int bitflag, int not)
392 if (*s >= '0' && *s <= '9') {
393 int signo = string_to_uint(s);
394 if (signo < 0 || signo >= MAX_QUALS)
396 qualify_one(signo, bitflag, not, -1);
399 if (strncasecmp(s, "SIG", 3) == 0)
401 for (i = 0; i <= NSIG; i++) {
402 if (strcasecmp(s, signame(i) + 3) == 0) {
403 qualify_one(i, bitflag, not, -1);
411 qual_fault(const char *s, int bitflag, int not)
417 qual_desc(const char *s, int bitflag, int not)
419 if (*s >= '0' && *s <= '9') {
420 int desc = string_to_uint(s);
421 if (desc < 0 || desc >= MAX_QUALS)
423 qualify_one(desc, bitflag, not, -1);
430 lookup_class(const char *s)
432 if (strcmp(s, "file") == 0)
434 if (strcmp(s, "ipc") == 0)
436 if (strcmp(s, "network") == 0)
437 return TRACE_NETWORK;
438 if (strcmp(s, "process") == 0)
439 return TRACE_PROCESS;
440 if (strcmp(s, "signal") == 0)
442 if (strcmp(s, "desc") == 0)
448 qualify(const char *s)
450 const struct qual_options *opt;
456 opt = &qual_options[0];
457 for (i = 0; (p = qual_options[i].option_name); i++) {
459 if (strncmp(s, p, n) == 0 && s[n] == '=') {
460 opt = &qual_options[i];
470 if (strcmp(s, "none") == 0) {
474 if (strcmp(s, "all") == 0) {
475 for (i = 0; i < MAX_QUALS; i++) {
476 qualify_one(i, opt->bitflag, not, -1);
480 for (i = 0; i < MAX_QUALS; i++) {
481 qualify_one(i, opt->bitflag, !not, -1);
486 for (p = strtok(copy, ","); p; p = strtok(NULL, ",")) {
487 if (opt->bitflag == QUAL_TRACE && (n = lookup_class(p)) > 0) {
488 for (i = 0; i < nsyscalls0; i++)
489 if (sysent0[i].sys_flags & n)
490 qualify_one(i, opt->bitflag, not, 0);
492 #if SUPPORTED_PERSONALITIES >= 2
493 for (i = 0; i < nsyscalls1; i++)
494 if (sysent1[i].sys_flags & n)
495 qualify_one(i, opt->bitflag, not, 1);
498 #if SUPPORTED_PERSONALITIES >= 3
499 for (i = 0; i < nsyscalls2; i++)
500 if (sysent2[i].sys_flags & n)
501 qualify_one(i, opt->bitflag, not, 2);
506 if (opt->qualify(p, opt->bitflag, not)) {
507 error_msg_and_die("invalid %s '%s'",
508 opt->argument_name, p);
515 #ifdef SYS_socket_subcall
517 decode_socket_subcall(struct tcb *tcp)
520 unsigned int i, size;
522 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= SYS_socket_nsubcalls)
525 tcp->scno = SYS_socket_subcall + tcp->u_arg[0];
526 addr = tcp->u_arg[1];
527 tcp->u_nargs = sysent[tcp->scno].nargs;
528 size = current_wordsize;
529 for (i = 0; i < tcp->u_nargs; ++i) {
530 if (size == sizeof(int)) {
532 if (umove(tcp, addr, &arg) < 0)
538 if (umove(tcp, addr, &arg) < 0)
547 #ifdef SYS_ipc_subcall
549 decode_ipc_subcall(struct tcb *tcp)
553 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= SYS_ipc_nsubcalls)
556 tcp->scno = SYS_ipc_subcall + tcp->u_arg[0];
557 tcp->u_nargs = sysent[tcp->scno].nargs;
558 for (i = 0; i < tcp->u_nargs; i++)
559 tcp->u_arg[i] = tcp->u_arg[i + 1];
564 printargs(struct tcb *tcp)
569 for (i = 0; i < tcp->u_nargs; i++)
570 tprintf("%s%#lx", i ? ", " : "", tcp->u_arg[i]);
576 printargs_lu(struct tcb *tcp)
581 for (i = 0; i < tcp->u_nargs; i++)
582 tprintf("%s%lu", i ? ", " : "", tcp->u_arg[i]);
588 printargs_ld(struct tcb *tcp)
593 for (i = 0; i < tcp->u_nargs; i++)
594 tprintf("%s%ld", i ? ", " : "", tcp->u_arg[i]);
600 getrval2(struct tcb *tcp)
604 #if defined(SPARC) || defined(SPARC64)
606 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
608 val = regs.u_regs[U_REG_O1];
610 if (upeek(tcp, 4*(REG_REG0+1), &val) < 0)
613 if (upeek(tcp, PT_R9, &val) < 0)
621 is_restart_error(struct tcb *tcp)
623 switch (tcp->u_error) {
627 case ERESTART_RESTARTBLOCK:
636 struct pt_regs i386_regs;
637 #elif defined(X86_64) || defined(X32)
639 * On 32 bits, pt_regs and user_regs_struct are the same,
640 * but on 64 bits, user_regs_struct has six more fields:
641 * fs_base, gs_base, ds, es, fs, gs.
642 * PTRACE_GETREGS fills them too, so struct pt_regs would overflow.
644 static struct user_regs_struct x86_64_regs;
646 long r8, r10, psr; /* TODO: make static? */
647 long ia32 = 0; /* not static */
648 #elif defined(POWERPC)
649 static long ppc_result;
655 static struct pt_regs regs;
660 static struct pt_regs regs;
661 #elif defined(SPARC) || defined(SPARC64)
662 static struct pt_regs regs;
663 static unsigned long trap;
664 #elif defined(LINUX_MIPSN32)
670 #elif defined(S390) || defined(S390X)
673 static long syscall_mode;
680 #elif defined(CRISV10) || defined(CRISV32)
682 #elif defined(MICROBLAZE)
687 * 0: "ignore this ptrace stop", bail out of trace_syscall_entering() silently.
688 * 1: ok, continue in trace_syscall_entering().
689 * other: error, trace_syscall_entering() should print error indicator
690 * ("????" etc) and bail out.
693 get_scno(struct tcb *tcp)
697 #if defined(S390) || defined(S390X)
698 if (upeek(tcp, PT_GPR2, &syscall_mode) < 0)
701 if (syscall_mode != -ENOSYS) {
703 * Since kernel version 2.5.44 the scno gets passed in gpr2.
708 * Old style of "passing" the scno via the SVC instruction.
710 long opcode, offset_reg, tmp;
712 static const int gpr_offset[16] = {
713 PT_GPR0, PT_GPR1, PT_ORIGGPR2, PT_GPR3,
714 PT_GPR4, PT_GPR5, PT_GPR6, PT_GPR7,
715 PT_GPR8, PT_GPR9, PT_GPR10, PT_GPR11,
716 PT_GPR12, PT_GPR13, PT_GPR14, PT_GPR15
719 if (upeek(tcp, PT_PSWADDR, &pc) < 0)
722 opcode = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)(pc-sizeof(long)), 0);
724 perror_msg("%s", "peektext(pc-oneword)");
729 * We have to check if the SVC got executed directly or via an
730 * EXECUTE instruction. In case of EXECUTE it is necessary to do
731 * instruction decoding to derive the system call number.
732 * Unfortunately the opcode sizes of EXECUTE and SVC are differently,
733 * so that this doesn't work if a SVC opcode is part of an EXECUTE
734 * opcode. Since there is no way to find out the opcode size this
735 * is the best we can do...
737 if ((opcode & 0xff00) == 0x0a00) {
739 scno = opcode & 0xff;
742 /* SVC got executed by EXECUTE instruction */
745 * Do instruction decoding of EXECUTE. If you really want to
746 * understand this, read the Principles of Operations.
748 svc_addr = (void *) (opcode & 0xfff);
751 offset_reg = (opcode & 0x000f0000) >> 16;
752 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
757 offset_reg = (opcode & 0x0000f000) >> 12;
758 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
762 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, svc_addr, 0);
771 offset_reg = (opcode & 0x00f00000) >> 20;
772 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
775 scno = (scno | tmp) & 0xff;
778 #elif defined(POWERPC)
779 if (upeek(tcp, sizeof(unsigned long)*PT_R0, &scno) < 0)
782 /* TODO: speed up strace by not doing this at every syscall.
783 * We only need to do it after execve.
788 /* Check for 64/32 bit mode. */
789 if (upeek(tcp, sizeof(unsigned long)*PT_MSR, &val) < 0)
791 /* SF is bit 0 of MSR */
796 update_personality(tcp, currpers);
799 /* Read complete register set in one go. */
800 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, ®s) < 0)
804 if (upeek(tcp, PT_ORIG_P0, &scno))
807 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &i386_regs) < 0)
809 scno = i386_regs.orig_eax;
810 #elif defined(X86_64) || defined(X32)
811 # ifndef __X32_SYSCALL_BIT
812 # define __X32_SYSCALL_BIT 0x40000000
814 # ifndef __X32_SYSCALL_MASK
815 # define __X32_SYSCALL_MASK __X32_SYSCALL_BIT
819 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &x86_64_regs) < 0)
821 scno = x86_64_regs.orig_rax;
823 /* Check CS register value. On x86-64 linux it is:
824 * 0x33 for long mode (64 bit)
825 * 0x23 for compatibility mode (32 bit)
826 * Check DS register value. On x86-64 linux it is:
827 * 0x2b for x32 mode (x86-64 in 32 bit)
829 switch (x86_64_regs.cs) {
830 case 0x23: currpers = 1; break;
832 if (x86_64_regs.ds == 0x2b) {
834 scno &= ~__X32_SYSCALL_MASK;
839 fprintf(stderr, "Unknown value CS=0x%08X while "
840 "detecting personality of process "
841 "PID=%d\n", (int)x86_64_regs.cs, tcp->pid);
842 currpers = current_personality;
846 /* This version analyzes the opcode of a syscall instruction.
847 * (int 0x80 on i386 vs. syscall on x86-64)
848 * It works, but is too complicated.
850 unsigned long val, rip, i;
852 rip = x86_64_regs.rip;
854 /* sizeof(syscall) == sizeof(int 0x80) == 2 */
858 call = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)rip, (char *)0);
860 fprintf(stderr, "ptrace_peektext failed: %s\n",
862 switch (call & 0xffff) {
863 /* x86-64: syscall = 0x0f 0x05 */
864 case 0x050f: currpers = 0; break;
865 /* i386: int 0x80 = 0xcd 0x80 */
866 case 0x80cd: currpers = 1; break;
868 currpers = current_personality;
870 "Unknown syscall opcode (0x%04X) while "
871 "detecting personality of process "
872 "PID=%d\n", (int)call, tcp->pid);
877 /* Value of currpers:
881 * Value of current_personality:
887 fprintf(stderr, "syscall_%lu (...) in unsupported "
888 "64-bit mode of process PID=%d\n",
895 update_personality(tcp, currpers);
897 # define IA64_PSR_IS ((long)1 << 34)
898 if (upeek(tcp, PT_CR_IPSR, &psr) >= 0)
899 ia32 = (psr & IA64_PSR_IS) != 0;
901 if (upeek(tcp, PT_R1, &scno) < 0)
904 if (upeek(tcp, PT_R15, &scno) < 0)
908 /* Read complete register set in one go. */
909 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (void *)®s) == -1)
913 * We only need to grab the syscall number on syscall entry.
915 if (regs.ARM_ip == 0) {
917 * Note: we only deal with only 32-bit CPUs here.
919 if (regs.ARM_cpsr & 0x20) {
921 * Get the Thumb-mode system call number
926 * Get the ARM-mode system call number
929 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, (void *)(regs.ARM_pc - 4), NULL);
933 /* Handle the EABI syscall convention. We do not
934 bother converting structures between the two
935 ABIs, but basic functionality should work even
936 if strace and the traced program have different
938 if (scno == 0xef000000) {
941 if ((scno & 0x0ff00000) != 0x0f900000) {
942 fprintf(stderr, "syscall: unknown syscall trap 0x%08lx\n",
948 * Fixup the syscall number
953 if (scno & 0x0f0000) {
955 * Handle ARM specific syscall
957 update_personality(tcp, 1);
960 update_personality(tcp, 0);
963 fprintf(stderr, "pid %d stray syscall entry\n", tcp->pid);
964 tcp->flags |= TCB_INSYSCALL;
967 if (upeek(tcp, 4*PT_ORIG_D0, &scno) < 0)
969 #elif defined(LINUX_MIPSN32)
970 unsigned long long regs[38];
972 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
978 if (!SCNO_IN_RANGE(scno)) {
979 if (a3 == 0 || a3 == -1) {
981 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno);
986 if (upeek(tcp, REG_A3, &a3) < 0)
988 if (upeek(tcp, REG_V0, &scno) < 0)
991 if (!SCNO_IN_RANGE(scno)) {
992 if (a3 == 0 || a3 == -1) {
994 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno);
999 if (upeek(tcp, REG_A3, &a3) < 0)
1001 if (upeek(tcp, REG_R0, &scno) < 0)
1005 * Do some sanity checks to figure out if it's
1006 * really a syscall entry
1008 if (!SCNO_IN_RANGE(scno)) {
1009 if (a3 == 0 || a3 == -1) {
1011 fprintf(stderr, "stray syscall exit: r0 = %ld\n", scno);
1015 #elif defined(SPARC) || defined(SPARC64)
1016 /* Everything we need is in the current register set. */
1017 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
1020 /* Disassemble the syscall trap. */
1021 /* Retrieve the syscall trap instruction. */
1023 # if defined(SPARC64)
1024 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)regs.tpc, 0);
1027 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)regs.pc, 0);
1032 /* Disassemble the trap to see what personality to use. */
1035 /* Linux/SPARC syscall trap. */
1036 update_personality(tcp, 0);
1039 /* Linux/SPARC64 syscall trap. */
1040 update_personality(tcp, 2);
1043 /* SunOS syscall trap. (pers 1) */
1044 fprintf(stderr, "syscall: SunOS no support\n");
1047 /* Solaris 2.x syscall trap. (per 2) */
1048 update_personality(tcp, 1);
1051 /* NetBSD/FreeBSD syscall trap. */
1052 fprintf(stderr, "syscall: NetBSD/FreeBSD not supported\n");
1055 /* Solaris 2.x gettimeofday */
1056 update_personality(tcp, 1);
1059 # if defined(SPARC64)
1060 fprintf(stderr, "syscall: unknown syscall trap %08lx %016lx\n", trap, regs.tpc);
1062 fprintf(stderr, "syscall: unknown syscall trap %08lx %08lx\n", trap, regs.pc);
1067 /* Extract the system call number from the registers. */
1068 if (trap == 0x91d02027)
1071 scno = regs.u_regs[U_REG_G1];
1073 scno = regs.u_regs[U_REG_O0];
1074 memmove(®s.u_regs[U_REG_O0], ®s.u_regs[U_REG_O1], 7*sizeof(regs.u_regs[0]));
1077 if (upeek(tcp, PT_GR20, &scno) < 0)
1081 * In the new syscall ABI, the system call number is in R3.
1083 if (upeek(tcp, 4*(REG_REG0+3), &scno) < 0)
1087 /* Odd as it may seem, a glibc bug has been known to cause
1088 glibc to issue bogus negative syscall numbers. So for
1089 our purposes, make strace print what it *should* have been */
1090 long correct_scno = (scno & 0xff);
1093 "Detected glibc bug: bogus system call"
1094 " number = %ld, correcting to %ld\n",
1097 scno = correct_scno;
1100 if (upeek(tcp, REG_SYSCALL, &scno) < 0)
1103 #elif defined(CRISV10) || defined(CRISV32)
1104 if (upeek(tcp, 4*PT_R9, &scno) < 0)
1107 if (upeek(tcp, PTREGS_OFFSET_REG(10), &scno) < 0)
1109 #elif defined(MICROBLAZE)
1110 if (upeek(tcp, 0, &scno) < 0)
1115 /* new syscall ABI returns result in R0 */
1116 if (upeek(tcp, 4*REG_REG0, (long *)&r0) < 0)
1119 /* ABI defines result returned in r9 */
1120 if (upeek(tcp, REG_GENERAL(9), (long *)&r9) < 0)
1128 /* Called at each syscall entry.
1130 * 0: "ignore this ptrace stop", bail out of trace_syscall_entering() silently.
1131 * 1: ok, continue in trace_syscall_entering().
1132 * other: error, trace_syscall_entering() should print error indicator
1133 * ("????" etc) and bail out.
1136 syscall_fixup_on_sysenter(struct tcb *tcp)
1138 /* A common case of "not a syscall entry" is post-execve SIGTRAP */
1140 if (i386_regs.eax != -ENOSYS) {
1142 fprintf(stderr, "not a syscall entry (eax = %ld)\n", i386_regs.eax);
1145 #elif defined(X86_64) || defined(X32)
1147 long rax = x86_64_regs.rax;
1148 if (current_personality == 1)
1149 rax = (int)rax; /* sign extend from 32 bits */
1150 if (rax != -ENOSYS) {
1152 fprintf(stderr, "not a syscall entry (rax = %ld)\n", rax);
1156 #elif defined(S390) || defined(S390X)
1157 /* TODO: we already fetched PT_GPR2 in get_scno
1158 * and stored it in syscall_mode, reuse it here
1159 * instead of re-fetching?
1161 if (upeek(tcp, PT_GPR2, &gpr2) < 0)
1163 if (syscall_mode != -ENOSYS)
1164 syscall_mode = tcp->scno;
1165 if (gpr2 != syscall_mode) {
1167 fprintf(stderr, "not a syscall entry (gpr2 = %ld)\n", gpr2);
1171 /* TODO? Eliminate upeek's in arches below like we did in x86 */
1172 if (upeek(tcp, 4*PT_D0, &d0) < 0)
1174 if (d0 != -ENOSYS) {
1176 fprintf(stderr, "not a syscall entry (d0 = %ld)\n", d0);
1180 if (upeek(tcp, PT_R10, &r10) < 0)
1182 if (upeek(tcp, PT_R8, &r8) < 0)
1184 if (ia32 && r8 != -ENOSYS) {
1186 fprintf(stderr, "not a syscall entry (r8 = %ld)\n", r8);
1189 #elif defined(CRISV10) || defined(CRISV32)
1190 if (upeek(tcp, 4*PT_R10, &r10) < 0)
1192 if (r10 != -ENOSYS) {
1194 fprintf(stderr, "not a syscall entry (r10 = %ld)\n", r10);
1197 #elif defined(MICROBLAZE)
1198 if (upeek(tcp, 3 * 4, &r3) < 0)
1200 if (r3 != -ENOSYS) {
1202 fprintf(stderr, "not a syscall entry (r3 = %ld)\n", r3);
1210 internal_fork(struct tcb *tcp)
1212 #if defined S390 || defined S390X || defined CRISV10 || defined CRISV32
1213 # define ARG_FLAGS 1
1215 # define ARG_FLAGS 0
1217 #ifndef CLONE_UNTRACED
1218 # define CLONE_UNTRACED 0x00800000
1220 if ((ptrace_setoptions
1221 & (PTRACE_O_TRACECLONE | PTRACE_O_TRACEFORK | PTRACE_O_TRACEVFORK))
1222 == (PTRACE_O_TRACECLONE | PTRACE_O_TRACEFORK | PTRACE_O_TRACEVFORK))
1228 if (entering(tcp)) {
1230 * We won't see the new child if clone is called with
1231 * CLONE_UNTRACED, so we keep the same logic with that option
1232 * and don't trace it.
1234 if ((sysent[tcp->scno].sys_func == sys_clone) &&
1235 (tcp->u_arg[ARG_FLAGS] & CLONE_UNTRACED))
1239 if (tcp->flags & TCB_BPTSET)
1244 #if defined(TCB_WAITEXECVE)
1246 internal_exec(struct tcb *tcp)
1248 /* Maybe we have post-execve SIGTRAP suppressed? */
1249 if (ptrace_setoptions & PTRACE_O_TRACEEXEC)
1250 return; /* yes, no need to do anything */
1252 if (exiting(tcp) && syserror(tcp))
1253 /* Error in execve, no post-execve SIGTRAP expected */
1254 tcp->flags &= ~TCB_WAITEXECVE;
1256 tcp->flags |= TCB_WAITEXECVE;
1261 internal_syscall(struct tcb *tcp)
1264 * We must always trace a few critical system calls in order to
1265 * correctly support following forks in the presence of tracing
1270 if (!SCNO_IN_RANGE(tcp->scno))
1273 func = sysent[tcp->scno].sys_func;
1275 if ( sys_fork == func
1276 || sys_vfork == func
1277 || sys_clone == func
1283 #if defined(TCB_WAITEXECVE)
1284 if ( sys_execve == func
1285 # if defined(SPARC) || defined(SPARC64)
1286 || sys_execv == func
1295 /* Return -1 on error or 1 on success (never 0!) */
1297 get_syscall_args(struct tcb *tcp)
1301 if (SCNO_IN_RANGE(tcp->scno))
1302 nargs = tcp->u_nargs = sysent[tcp->scno].nargs;
1304 nargs = tcp->u_nargs = MAX_ARGS;
1306 #if defined(S390) || defined(S390X)
1307 for (i = 0; i < nargs; ++i)
1308 if (upeek(tcp, i==0 ? PT_ORIGGPR2 : PT_GPR2 + i*sizeof(long), &tcp->u_arg[i]) < 0)
1310 #elif defined(ALPHA)
1311 for (i = 0; i < nargs; ++i)
1312 if (upeek(tcp, REG_A0+i, &tcp->u_arg[i]) < 0)
1316 unsigned long *out0, cfm, sof, sol;
1318 /* be backwards compatible with kernel < 2.4.4... */
1320 # define PT_RBS_END PT_AR_BSP
1323 if (upeek(tcp, PT_RBS_END, &rbs_end) < 0)
1325 if (upeek(tcp, PT_CFM, (long *) &cfm) < 0)
1328 sof = (cfm >> 0) & 0x7f;
1329 sol = (cfm >> 7) & 0x7f;
1330 out0 = ia64_rse_skip_regs((unsigned long *) rbs_end, -sof + sol);
1332 for (i = 0; i < nargs; ++i) {
1333 if (umoven(tcp, (unsigned long) ia64_rse_skip_regs(out0, i),
1334 sizeof(long), (char *) &tcp->u_arg[i]) < 0)
1338 static const int argreg[MAX_ARGS] = { PT_R11 /* EBX = out0 */,
1339 PT_R9 /* ECX = out1 */,
1340 PT_R10 /* EDX = out2 */,
1341 PT_R14 /* ESI = out3 */,
1342 PT_R15 /* EDI = out4 */,
1343 PT_R13 /* EBP = out5 */};
1345 for (i = 0; i < nargs; ++i) {
1346 if (upeek(tcp, argreg[i], &tcp->u_arg[i]) < 0)
1348 /* truncate away IVE sign-extension */
1349 tcp->u_arg[i] &= 0xffffffff;
1352 #elif defined(LINUX_MIPSN32) || defined(LINUX_MIPSN64)
1353 /* N32 and N64 both use up to six registers. */
1354 unsigned long long regs[38];
1356 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1359 for (i = 0; i < nargs; ++i) {
1360 tcp->u_arg[i] = regs[REG_A0 + i];
1361 # if defined(LINUX_MIPSN32)
1362 tcp->ext_arg[i] = regs[REG_A0 + i];
1369 if (upeek(tcp, REG_SP, &sp) < 0)
1371 for (i = 0; i < 4; ++i)
1372 if (upeek(tcp, REG_A0 + i, &tcp->u_arg[i]) < 0)
1374 umoven(tcp, sp + 16, (nargs - 4) * sizeof(tcp->u_arg[0]),
1375 (char *)(tcp->u_arg + 4));
1377 for (i = 0; i < nargs; ++i)
1378 if (upeek(tcp, REG_A0 + i, &tcp->u_arg[i]) < 0)
1381 #elif defined(POWERPC)
1383 # define PT_ORIG_R3 34
1385 for (i = 0; i < nargs; ++i) {
1386 if (upeek(tcp, (i==0) ?
1387 (sizeof(unsigned long) * PT_ORIG_R3) :
1388 ((i+PT_R3) * sizeof(unsigned long)),
1389 &tcp->u_arg[i]) < 0)
1392 #elif defined(SPARC) || defined(SPARC64)
1393 for (i = 0; i < nargs; ++i)
1394 tcp->u_arg[i] = regs.u_regs[U_REG_O0 + i];
1396 for (i = 0; i < nargs; ++i)
1397 if (upeek(tcp, PT_GR26-4*i, &tcp->u_arg[i]) < 0)
1400 for (i = 0; i < nargs; ++i)
1401 tcp->u_arg[i] = regs.uregs[i];
1402 #elif defined(AVR32)
1405 tcp->u_arg[0] = regs.r12;
1406 tcp->u_arg[1] = regs.r11;
1407 tcp->u_arg[2] = regs.r10;
1408 tcp->u_arg[3] = regs.r9;
1409 tcp->u_arg[4] = regs.r5;
1410 tcp->u_arg[5] = regs.r3;
1412 static const int argreg[MAX_ARGS] = { PT_R0, PT_R1, PT_R2, PT_R3, PT_R4, PT_R5 };
1414 for (i = 0; i < nargs; ++i)
1415 if (upeek(tcp, argreg[i], &tcp->u_arg[i]) < 0)
1418 static const int syscall_regs[MAX_ARGS] = {
1419 4 * (REG_REG0+4), 4 * (REG_REG0+5), 4 * (REG_REG0+6),
1420 4 * (REG_REG0+7), 4 * (REG_REG0 ), 4 * (REG_REG0+1)
1423 for (i = 0; i < nargs; ++i)
1424 if (upeek(tcp, syscall_regs[i], &tcp->u_arg[i]) < 0)
1428 /* Registers used by SH5 Linux system calls for parameters */
1429 static const int syscall_regs[MAX_ARGS] = { 2, 3, 4, 5, 6, 7 };
1431 for (i = 0; i < nargs; ++i)
1432 if (upeek(tcp, REG_GENERAL(syscall_regs[i]), &tcp->u_arg[i]) < 0)
1434 #elif defined(X86_64) || defined(X32)
1437 if (current_personality != 1) { /* x86-64 or x32 ABI */
1438 tcp->u_arg[0] = x86_64_regs.rdi;
1439 tcp->u_arg[1] = x86_64_regs.rsi;
1440 tcp->u_arg[2] = x86_64_regs.rdx;
1441 tcp->u_arg[3] = x86_64_regs.r10;
1442 tcp->u_arg[4] = x86_64_regs.r8;
1443 tcp->u_arg[5] = x86_64_regs.r9;
1445 tcp->ext_arg[0] = x86_64_regs.rdi;
1446 tcp->ext_arg[1] = x86_64_regs.rsi;
1447 tcp->ext_arg[2] = x86_64_regs.rdx;
1448 tcp->ext_arg[3] = x86_64_regs.r10;
1449 tcp->ext_arg[4] = x86_64_regs.r8;
1450 tcp->ext_arg[5] = x86_64_regs.r9;
1452 } else { /* i386 ABI */
1453 /* Sign-extend lower 32 bits */
1454 tcp->u_arg[0] = (long)(int)x86_64_regs.rbx;
1455 tcp->u_arg[1] = (long)(int)x86_64_regs.rcx;
1456 tcp->u_arg[2] = (long)(int)x86_64_regs.rdx;
1457 tcp->u_arg[3] = (long)(int)x86_64_regs.rsi;
1458 tcp->u_arg[4] = (long)(int)x86_64_regs.rdi;
1459 tcp->u_arg[5] = (long)(int)x86_64_regs.rbp;
1461 #elif defined(MICROBLAZE)
1462 for (i = 0; i < nargs; ++i)
1463 if (upeek(tcp, (5 + i) * 4, &tcp->u_arg[i]) < 0)
1465 #elif defined(CRISV10) || defined(CRISV32)
1466 static const int crisregs[MAX_ARGS] = {
1467 4*PT_ORIG_R10, 4*PT_R11, 4*PT_R12,
1468 4*PT_R13 , 4*PT_MOF, 4*PT_SRP
1471 for (i = 0; i < nargs; ++i)
1472 if (upeek(tcp, crisregs[i], &tcp->u_arg[i]) < 0)
1475 for (i = 0; i < nargs; ++i)
1476 if (upeek(tcp, PTREGS_OFFSET_REG(i), &tcp->u_arg[i]) < 0)
1479 for (i = 0; i < nargs; ++i)
1480 if (upeek(tcp, (i < 5 ? i : i + 2)*4, &tcp->u_arg[i]) < 0)
1485 tcp->u_arg[0] = i386_regs.ebx;
1486 tcp->u_arg[1] = i386_regs.ecx;
1487 tcp->u_arg[2] = i386_regs.edx;
1488 tcp->u_arg[3] = i386_regs.esi;
1489 tcp->u_arg[4] = i386_regs.edi;
1490 tcp->u_arg[5] = i386_regs.ebp;
1491 #else /* Other architecture (32bits specific) */
1492 for (i = 0; i < nargs; ++i)
1493 if (upeek(tcp, i*4, &tcp->u_arg[i]) < 0)
1500 trace_syscall_entering(struct tcb *tcp)
1504 #if defined TCB_WAITEXECVE
1505 if (tcp->flags & TCB_WAITEXECVE) {
1506 /* This is the post-execve SIGTRAP. */
1507 tcp->flags &= ~TCB_WAITEXECVE;
1512 scno_good = res = get_scno(tcp);
1516 res = syscall_fixup_on_sysenter(tcp);
1520 res = get_syscall_args(tcp);
1526 tprints("????" /* anti-trigraph gap */ "(");
1527 else if (!SCNO_IN_RANGE(tcp->scno))
1528 tprintf("syscall_%lu(", tcp->scno);
1530 tprintf("%s(", sysent[tcp->scno].sys_name);
1532 * " <unavailable>" will be added later by the code which
1533 * detects ptrace errors.
1538 #if defined(SYS_socket_subcall) || defined(SYS_ipc_subcall)
1539 while (SCNO_IN_RANGE(tcp->scno)) {
1540 # ifdef SYS_socket_subcall
1541 if (sysent[tcp->scno].sys_func == sys_socketcall) {
1542 decode_socket_subcall(tcp);
1546 # ifdef SYS_ipc_subcall
1547 if (sysent[tcp->scno].sys_func == sys_ipc) {
1548 decode_ipc_subcall(tcp);
1554 #endif /* SYS_socket_subcall || SYS_ipc_subcall */
1556 internal_syscall(tcp);
1558 if ((SCNO_IN_RANGE(tcp->scno) &&
1559 !(qual_flags[tcp->scno] & QUAL_TRACE)) ||
1560 (tracing_paths && !pathtrace_match(tcp))) {
1561 tcp->flags |= TCB_INSYSCALL | TCB_FILTERED;
1565 tcp->flags &= ~TCB_FILTERED;
1567 if (cflag == CFLAG_ONLY_STATS) {
1573 if (!SCNO_IN_RANGE(tcp->scno))
1574 tprintf("syscall_%lu(", tcp->scno);
1576 tprintf("%s(", sysent[tcp->scno].sys_name);
1577 if (!SCNO_IN_RANGE(tcp->scno) ||
1578 ((qual_flags[tcp->scno] & QUAL_RAW) &&
1579 sysent[tcp->scno].sys_func != sys_exit))
1580 res = printargs(tcp);
1582 res = (*sysent[tcp->scno].sys_func)(tcp);
1584 if (fflush(tcp->outf) == EOF)
1587 tcp->flags |= TCB_INSYSCALL;
1588 /* Measure the entrance time as late as possible to avoid errors. */
1590 gettimeofday(&tcp->etime, NULL);
1595 * 1: ok, continue in trace_syscall_exiting().
1596 * -1: error, trace_syscall_exiting() should print error indicator
1597 * ("????" etc) and bail out.
1600 get_syscall_result(struct tcb *tcp)
1602 #if defined(S390) || defined(S390X)
1603 if (upeek(tcp, PT_GPR2, &gpr2) < 0)
1605 #elif defined(POWERPC)
1606 # define SO_MASK 0x10000000
1609 if (upeek(tcp, sizeof(unsigned long)*PT_CCR, &flags) < 0)
1611 if (upeek(tcp, sizeof(unsigned long)*PT_R3, &ppc_result) < 0)
1613 if (flags & SO_MASK)
1614 ppc_result = -ppc_result;
1616 #elif defined(AVR32)
1617 /* Read complete register set in one go. */
1618 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, ®s) < 0)
1621 if (upeek(tcp, PT_R0, &r0) < 0)
1624 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &i386_regs) < 0)
1626 #elif defined(X86_64) || defined(X32)
1627 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &x86_64_regs) < 0)
1630 # define IA64_PSR_IS ((long)1 << 34)
1631 if (upeek(tcp, PT_CR_IPSR, &psr) >= 0)
1632 ia32 = (psr & IA64_PSR_IS) != 0;
1633 if (upeek(tcp, PT_R8, &r8) < 0)
1635 if (upeek(tcp, PT_R10, &r10) < 0)
1638 /* Read complete register set in one go. */
1639 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (void *)®s) == -1)
1642 if (upeek(tcp, 4*PT_D0, &d0) < 0)
1644 #elif defined(LINUX_MIPSN32)
1645 unsigned long long regs[38];
1647 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1652 if (upeek(tcp, REG_A3, &a3) < 0)
1654 if (upeek(tcp, REG_V0, &r2) < 0)
1656 #elif defined(ALPHA)
1657 if (upeek(tcp, REG_A3, &a3) < 0)
1659 if (upeek(tcp, REG_R0, &r0) < 0)
1661 #elif defined(SPARC) || defined(SPARC64)
1662 /* Everything we need is in the current register set. */
1663 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
1666 if (upeek(tcp, PT_GR28, &r28) < 0)
1670 #elif defined(CRISV10) || defined(CRISV32)
1671 if (upeek(tcp, 4*PT_R10, &r10) < 0)
1674 #elif defined(MICROBLAZE)
1675 if (upeek(tcp, 3 * 4, &r3) < 0)
1680 /* new syscall ABI returns result in R0 */
1681 if (upeek(tcp, 4*REG_REG0, (long *)&r0) < 0)
1684 /* ABI defines result returned in r9 */
1685 if (upeek(tcp, REG_GENERAL(9), (long *)&r9) < 0)
1692 /* Called at each syscall exit */
1694 syscall_fixup_on_sysexit(struct tcb *tcp)
1696 #if defined(S390) || defined(S390X)
1697 if (syscall_mode != -ENOSYS)
1698 syscall_mode = tcp->scno;
1699 if ((tcp->flags & TCB_WAITEXECVE)
1700 && (gpr2 == -ENOSYS || gpr2 == tcp->scno)) {
1702 * Return from execve.
1703 * Fake a return value of zero. We leave the TCB_WAITEXECVE
1704 * flag set for the post-execve SIGTRAP to see and reset.
1712 * Check the syscall return value register value for whether it is
1713 * a negated errno code indicating an error, or a success return value.
1716 is_negated_errno(unsigned long int val)
1718 unsigned long int max = -(long int) nerrnos;
1719 #if SUPPORTED_PERSONALITIES > 1
1720 if (current_wordsize < sizeof(val)) {
1721 val = (unsigned int) val;
1722 max = (unsigned int) max;
1729 * 1: ok, continue in trace_syscall_exiting().
1730 * -1: error, trace_syscall_exiting() should print error indicator
1731 * ("????" etc) and bail out.
1734 get_error(struct tcb *tcp)
1737 int check_errno = 1;
1738 if (SCNO_IN_RANGE(tcp->scno) &&
1739 sysent[tcp->scno].sys_flags & SYSCALL_NEVER_FAILS) {
1742 #if defined(S390) || defined(S390X)
1743 if (check_errno && is_negated_errno(gpr2)) {
1751 if (check_errno && is_negated_errno(i386_regs.eax)) {
1753 u_error = -i386_regs.eax;
1756 tcp->u_rval = i386_regs.eax;
1758 #elif defined(X86_64) || defined(X32)
1759 if (check_errno && is_negated_errno(x86_64_regs.rax)) {
1761 u_error = -x86_64_regs.rax;
1764 tcp->u_rval = x86_64_regs.rax;
1766 tcp->u_lrval = x86_64_regs.rax;
1774 if (check_errno && is_negated_errno(err)) {
1782 if (check_errno && r10) {
1790 if (check_errno && a3) {
1795 # if defined(LINUX_MIPSN32)
1799 #elif defined(POWERPC)
1800 if (check_errno && is_negated_errno(ppc_result)) {
1802 u_error = -ppc_result;
1805 tcp->u_rval = ppc_result;
1808 if (check_errno && is_negated_errno(d0)) {
1816 if (check_errno && is_negated_errno(regs.ARM_r0)) {
1818 u_error = -regs.ARM_r0;
1821 tcp->u_rval = regs.ARM_r0;
1823 #elif defined(AVR32)
1824 if (check_errno && regs.r12 && (unsigned) -regs.r12 < nerrnos) {
1826 u_error = -regs.r12;
1829 tcp->u_rval = regs.r12;
1832 if (check_errno && is_negated_errno(r0)) {
1838 #elif defined(ALPHA)
1839 if (check_errno && a3) {
1846 #elif defined(SPARC)
1847 if (check_errno && regs.psr & PSR_C) {
1849 u_error = regs.u_regs[U_REG_O0];
1852 tcp->u_rval = regs.u_regs[U_REG_O0];
1854 #elif defined(SPARC64)
1855 if (check_errno && regs.tstate & 0x1100000000UL) {
1857 u_error = regs.u_regs[U_REG_O0];
1860 tcp->u_rval = regs.u_regs[U_REG_O0];
1863 if (check_errno && is_negated_errno(r28)) {
1871 if (check_errno && is_negated_errno(r0)) {
1879 if (check_errno && is_negated_errno(r9)) {
1886 #elif defined(CRISV10) || defined(CRISV32)
1887 if (check_errno && r10 && (unsigned) -r10 < nerrnos) {
1896 if (upeek(tcp, PTREGS_OFFSET_REG(0), &rval) < 0)
1898 if (check_errno && rval < 0 && rval > -nerrnos) {
1905 #elif defined(MICROBLAZE)
1906 if (check_errno && is_negated_errno(r3)) {
1914 tcp->u_error = u_error;
1919 dumpio(struct tcb *tcp)
1923 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= MAX_QUALS)
1925 if (!SCNO_IN_RANGE(tcp->scno))
1927 if (sysent[tcp->scno].sys_func == printargs)
1929 if (qual_flags[tcp->u_arg[0]] & QUAL_READ) {
1930 if (sysent[tcp->scno].sys_func == sys_read ||
1931 sysent[tcp->scno].sys_func == sys_pread ||
1932 sysent[tcp->scno].sys_func == sys_recv ||
1933 sysent[tcp->scno].sys_func == sys_recvfrom)
1934 dumpstr(tcp, tcp->u_arg[1], tcp->u_rval);
1935 else if (sysent[tcp->scno].sys_func == sys_readv)
1936 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]);
1939 if (qual_flags[tcp->u_arg[0]] & QUAL_WRITE) {
1940 if (sysent[tcp->scno].sys_func == sys_write ||
1941 sysent[tcp->scno].sys_func == sys_pwrite ||
1942 sysent[tcp->scno].sys_func == sys_send ||
1943 sysent[tcp->scno].sys_func == sys_sendto)
1944 dumpstr(tcp, tcp->u_arg[1], tcp->u_arg[2]);
1945 else if (sysent[tcp->scno].sys_func == sys_writev)
1946 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]);
1952 trace_syscall_exiting(struct tcb *tcp)
1959 /* Measure the exit time as early as possible to avoid errors. */
1961 gettimeofday(&tv, NULL);
1963 #if SUPPORTED_PERSONALITIES > 1
1964 update_personality(tcp, tcp->currpers);
1966 res = get_syscall_result(tcp);
1968 syscall_fixup_on_sysexit(tcp); /* never fails */
1969 res = get_error(tcp); /* returns 1 or -1 */
1971 internal_syscall(tcp);
1972 if (filtered(tcp)) {
1979 struct timeval t = tv;
1980 count_syscall(tcp, &t);
1981 if (cflag == CFLAG_ONLY_STATS) {
1986 /* If not in -ff mode, and printing_tcp != tcp,
1987 * then the log currently does not end with output
1988 * of _our syscall entry_, but with something else.
1989 * We need to say which syscall's return is this.
1991 * Forced reprinting via TCB_REPRINT is used only by
1992 * "strace -ff -oLOG test/threaded_execve" corner case.
1993 * It's the only case when -ff mode needs reprinting.
1995 if ((followfork < 2 && printing_tcp != tcp) || (tcp->flags & TCB_REPRINT)) {
1996 tcp->flags &= ~TCB_REPRINT;
1998 if (!SCNO_IN_RANGE(tcp->scno))
1999 tprintf("<... syscall_%lu resumed> ", tcp->scno);
2001 tprintf("<... %s resumed> ", sysent[tcp->scno].sys_name);
2006 /* There was error in one of prior ptrace ops */
2009 tprints("= ? <unavailable>\n");
2011 tcp->flags &= ~TCB_INSYSCALL;
2016 if (!SCNO_IN_RANGE(tcp->scno)
2017 || (qual_flags[tcp->scno] & QUAL_RAW)) {
2018 /* sys_res = printargs(tcp); - but it's nop on sysexit */
2020 /* FIXME: not_failing_only (IOW, option -z) is broken:
2021 * failure of syscall is known only after syscall return.
2022 * Thus we end up with something like this on, say, ENOENT:
2023 * open("doesnt_exist", O_RDONLY <unfinished ...>
2024 * {next syscall decode}
2025 * whereas the intended result is that open(...) line
2026 * is not shown at all.
2028 if (not_failing_only && tcp->u_error)
2029 goto ret; /* ignore failed syscalls */
2030 sys_res = (*sysent[tcp->scno].sys_func)(tcp);
2035 u_error = tcp->u_error;
2036 if (!SCNO_IN_RANGE(tcp->scno) ||
2037 qual_flags[tcp->scno] & QUAL_RAW) {
2039 tprintf("= -1 (errno %ld)", u_error);
2041 tprintf("= %#lx", tcp->u_rval);
2043 else if (!(sys_res & RVAL_NONE) && u_error) {
2045 /* Blocked signals do not interrupt any syscalls.
2046 * In this case syscalls don't return ERESTARTfoo codes.
2048 * Deadly signals set to SIG_DFL interrupt syscalls
2049 * and kill the process regardless of which of the codes below
2050 * is returned by the interrupted syscall.
2051 * In some cases, kernel forces a kernel-generated deadly
2052 * signal to be unblocked and set to SIG_DFL (and thus cause
2053 * death) if it is blocked or SIG_IGNed: for example, SIGSEGV
2054 * or SIGILL. (The alternative is to leave process spinning
2055 * forever on the faulty instruction - not useful).
2057 * SIG_IGNed signals and non-deadly signals set to SIG_DFL
2058 * (for example, SIGCHLD, SIGWINCH) interrupt syscalls,
2059 * but kernel will always restart them.
2062 /* Most common type of signal-interrupted syscall exit code.
2063 * The system call will be restarted with the same arguments
2064 * if SA_RESTART is set; otherwise, it will fail with EINTR.
2066 tprints("= ? ERESTARTSYS (To be restarted if SA_RESTART is set)");
2068 case ERESTARTNOINTR:
2069 /* Rare. For example, fork() returns this if interrupted.
2070 * SA_RESTART is ignored (assumed set): the restart is unconditional.
2072 tprints("= ? ERESTARTNOINTR (To be restarted)");
2074 case ERESTARTNOHAND:
2075 /* pause(), rt_sigsuspend() etc use this code.
2076 * SA_RESTART is ignored (assumed not set):
2077 * syscall won't restart (will return EINTR instead)
2078 * even after signal with SA_RESTART set.
2079 * However, after SIG_IGN or SIG_DFL signal it will.
2081 tprints("= ? ERESTARTNOHAND (Interrupted by signal)");
2083 case ERESTART_RESTARTBLOCK:
2084 /* Syscalls like nanosleep(), poll() which can't be
2085 * restarted with their original arguments use this
2086 * code. Kernel will execute restart_syscall() instead,
2087 * which changes arguments before restarting syscall.
2088 * SA_RESTART is ignored (assumed not set) similarly
2089 * to ERESTARTNOHAND. (Kernel can't honor SA_RESTART
2090 * since restart data is saved in "restart block"
2091 * in task struct, and if signal handler uses a syscall
2092 * which in turn saves another such restart block,
2093 * old data is lost and restart becomes impossible)
2095 tprints("= ? ERESTART_RESTARTBLOCK (Interrupted by signal)");
2099 tprintf("= -1 E??? (errno %ld)", u_error);
2100 else if (u_error < nerrnos)
2101 tprintf("= -1 %s (%s)", errnoent[u_error],
2104 tprintf("= -1 ERRNO_%ld (%s)", u_error,
2108 if ((sys_res & RVAL_STR) && tcp->auxstr)
2109 tprintf(" (%s)", tcp->auxstr);
2112 if (sys_res & RVAL_NONE)
2115 switch (sys_res & RVAL_MASK) {
2117 tprintf("= %#lx", tcp->u_rval);
2120 tprintf("= %#lo", tcp->u_rval);
2123 tprintf("= %lu", tcp->u_rval);
2126 tprintf("= %ld", tcp->u_rval);
2128 #if defined(LINUX_MIPSN32) || defined(X32)
2131 tprintf("= %#llx", tcp->u_lrval);
2134 tprintf("= %#llo", tcp->u_lrval);
2137 case RVAL_LUDECIMAL:
2138 tprintf("= %llu", tcp->u_lrval);
2142 tprintf("= %lld", tcp->u_lrval);
2148 "invalid rval format\n");
2152 if ((sys_res & RVAL_STR) && tcp->auxstr)
2153 tprintf(" (%s)", tcp->auxstr);
2156 tv_sub(&tv, &tv, &tcp->etime);
2157 tprintf(" <%ld.%06ld>",
2158 (long) tv.tv_sec, (long) tv.tv_usec);
2165 tcp->flags &= ~TCB_INSYSCALL;
2170 trace_syscall(struct tcb *tcp)
2172 return exiting(tcp) ?
2173 trace_syscall_exiting(tcp) : trace_syscall_entering(tcp);