2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl>
3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl>
4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com>
5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl>
6 * Copyright (c) 1999 IBM Deutschland Entwicklung GmbH, IBM Corporation
7 * Linux for s390 port by D.J. Barrow
8 * <barrow_dj@mail.yahoo.com,djbarrow@de.ibm.com>
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. The name of the author may not be used to endorse or promote products
20 * derived from this software without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36 #include <sys/param.h>
40 # ifndef PTRACE_PEEKUSR
41 # define PTRACE_PEEKUSR PTRACE_PEEKUSER
43 #elif defined(HAVE_LINUX_PTRACE_H)
44 # undef PTRACE_SYSCALL
45 # ifdef HAVE_STRUCT_IA64_FPREG
46 # define ia64_fpreg XXX_ia64_fpreg
48 # ifdef HAVE_STRUCT_PT_ALL_USER_REGS
49 # define pt_all_user_regs XXX_pt_all_user_regs
51 # include <linux/ptrace.h>
53 # undef pt_all_user_regs
57 # undef PTRACE_GETREGS
58 # define PTRACE_GETREGS PTRACE_GETREGS64
59 # undef PTRACE_SETREGS
60 # define PTRACE_SETREGS PTRACE_SETREGS64
64 # include <asm/ptrace_offsets.h>
69 # include <asm/ptrace.h>
75 # define ERESTARTSYS 512
77 #ifndef ERESTARTNOINTR
78 # define ERESTARTNOINTR 513
80 #ifndef ERESTARTNOHAND
81 # define ERESTARTNOHAND 514 /* restart if no handler */
83 #ifndef ERESTART_RESTARTBLOCK
84 # define ERESTART_RESTARTBLOCK 516 /* restart by calling sys_restart_syscall */
88 # warning: NSIG is not defined, using 32
92 /* Ugh. Is this really correct? ARM has no RT signals?! */
99 /* Define these shorthand notations to simplify the syscallent files. */
100 #define TD TRACE_DESC
101 #define TF TRACE_FILE
103 #define TN TRACE_NETWORK
104 #define TP TRACE_PROCESS
105 #define TS TRACE_SIGNAL
106 #define TM TRACE_MEMORY
107 #define NF SYSCALL_NEVER_FAILS
110 static const struct sysent sysent0[] = {
111 #include "syscallent.h"
114 #if SUPPORTED_PERSONALITIES >= 2
115 static const struct sysent sysent1[] = {
116 # include "syscallent1.h"
120 #if SUPPORTED_PERSONALITIES >= 3
121 static const struct sysent sysent2[] = {
122 # include "syscallent2.h"
126 /* Now undef them since short defines cause wicked namespace pollution. */
138 * `ioctlent.h' may be generated from `ioctlent.raw' by the auxiliary
139 * program `ioctlsort', such that the list is sorted by the `code' field.
140 * This has the side-effect of resolving the _IO.. macros into
141 * plain integers, eliminating the need to include here everything
145 static const char *const errnoent0[] = {
146 #include "errnoent.h"
148 static const char *const signalent0[] = {
149 #include "signalent.h"
151 static const struct ioctlent ioctlent0[] = {
152 #include "ioctlent.h"
154 enum { nsyscalls0 = ARRAY_SIZE(sysent0) };
155 enum { nerrnos0 = ARRAY_SIZE(errnoent0) };
156 enum { nsignals0 = ARRAY_SIZE(signalent0) };
157 enum { nioctlents0 = ARRAY_SIZE(ioctlent0) };
158 int qual_flags0[MAX_QUALS];
160 #if SUPPORTED_PERSONALITIES >= 2
161 static const char *const errnoent1[] = {
162 # include "errnoent1.h"
164 static const char *const signalent1[] = {
165 # include "signalent1.h"
167 static const struct ioctlent ioctlent1[] = {
168 # include "ioctlent1.h"
170 enum { nsyscalls1 = ARRAY_SIZE(sysent1) };
171 enum { nerrnos1 = ARRAY_SIZE(errnoent1) };
172 enum { nsignals1 = ARRAY_SIZE(signalent1) };
173 enum { nioctlents1 = ARRAY_SIZE(ioctlent1) };
174 int qual_flags1[MAX_QUALS];
177 #if SUPPORTED_PERSONALITIES >= 3
178 static const char *const errnoent2[] = {
179 # include "errnoent2.h"
181 static const char *const signalent2[] = {
182 # include "signalent2.h"
184 static const struct ioctlent ioctlent2[] = {
185 # include "ioctlent2.h"
187 enum { nsyscalls2 = ARRAY_SIZE(sysent2) };
188 enum { nerrnos2 = ARRAY_SIZE(errnoent2) };
189 enum { nsignals2 = ARRAY_SIZE(signalent2) };
190 enum { nioctlents2 = ARRAY_SIZE(ioctlent2) };
191 int qual_flags2[MAX_QUALS];
194 const struct sysent *sysent = sysent0;
195 const char *const *errnoent = errnoent0;
196 const char *const *signalent = signalent0;
197 const struct ioctlent *ioctlent = ioctlent0;
198 unsigned nsyscalls = nsyscalls0;
199 unsigned nerrnos = nerrnos0;
200 unsigned nsignals = nsignals0;
201 unsigned nioctlents = nioctlents0;
202 int *qual_flags = qual_flags0;
204 #if SUPPORTED_PERSONALITIES > 1
205 int current_personality;
207 const int personality_wordsize[SUPPORTED_PERSONALITIES] = {
208 PERSONALITY0_WORDSIZE,
209 PERSONALITY1_WORDSIZE,
210 # if SUPPORTED_PERSONALITIES > 2
211 PERSONALITY2_WORDSIZE,
216 set_personality(int personality)
218 switch (personality) {
220 errnoent = errnoent0;
223 nsyscalls = nsyscalls0;
224 ioctlent = ioctlent0;
225 nioctlents = nioctlents0;
226 signalent = signalent0;
227 nsignals = nsignals0;
228 qual_flags = qual_flags0;
232 errnoent = errnoent1;
235 nsyscalls = nsyscalls1;
236 ioctlent = ioctlent1;
237 nioctlents = nioctlents1;
238 signalent = signalent1;
239 nsignals = nsignals1;
240 qual_flags = qual_flags1;
243 # if SUPPORTED_PERSONALITIES >= 3
245 errnoent = errnoent2;
248 nsyscalls = nsyscalls2;
249 ioctlent = ioctlent2;
250 nioctlents = nioctlents2;
251 signalent = signalent2;
252 nsignals = nsignals2;
253 qual_flags = qual_flags2;
258 current_personality = personality;
262 update_personality(struct tcb *tcp, int personality)
264 if (personality == current_personality)
266 set_personality(personality);
268 if (personality == tcp->currpers)
270 tcp->currpers = personality;
272 # if defined(POWERPC64)
274 static const char *const names[] = {"64 bit", "32 bit"};
275 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n",
276 tcp->pid, names[personality]);
278 # elif defined(X86_64)
280 static const char *const names[] = {"64 bit", "32 bit", "x32"};
281 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n",
282 tcp->pid, names[personality]);
286 static const char *const names[] = {"x32", "32 bit"};
287 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n",
288 tcp->pid, names[personality]);
294 static int qual_syscall(), qual_signal(), qual_fault(), qual_desc();
296 static const struct qual_options {
298 const char *option_name;
299 int (*qualify)(const char *, int, int);
300 const char *argument_name;
302 { QUAL_TRACE, "trace", qual_syscall, "system call" },
303 { QUAL_TRACE, "t", qual_syscall, "system call" },
304 { QUAL_ABBREV, "abbrev", qual_syscall, "system call" },
305 { QUAL_ABBREV, "a", qual_syscall, "system call" },
306 { QUAL_VERBOSE, "verbose", qual_syscall, "system call" },
307 { QUAL_VERBOSE, "v", qual_syscall, "system call" },
308 { QUAL_RAW, "raw", qual_syscall, "system call" },
309 { QUAL_RAW, "x", qual_syscall, "system call" },
310 { QUAL_SIGNAL, "signal", qual_signal, "signal" },
311 { QUAL_SIGNAL, "signals", qual_signal, "signal" },
312 { QUAL_SIGNAL, "s", qual_signal, "signal" },
313 { QUAL_FAULT, "fault", qual_fault, "fault" },
314 { QUAL_FAULT, "faults", qual_fault, "fault" },
315 { QUAL_FAULT, "m", qual_fault, "fault" },
316 { QUAL_READ, "read", qual_desc, "descriptor" },
317 { QUAL_READ, "reads", qual_desc, "descriptor" },
318 { QUAL_READ, "r", qual_desc, "descriptor" },
319 { QUAL_WRITE, "write", qual_desc, "descriptor" },
320 { QUAL_WRITE, "writes", qual_desc, "descriptor" },
321 { QUAL_WRITE, "w", qual_desc, "descriptor" },
322 { 0, NULL, NULL, NULL },
326 qualify_one(int n, int bitflag, int not, int pers)
328 if (pers == 0 || pers < 0) {
330 qual_flags0[n] &= ~bitflag;
332 qual_flags0[n] |= bitflag;
335 #if SUPPORTED_PERSONALITIES >= 2
336 if (pers == 1 || pers < 0) {
338 qual_flags1[n] &= ~bitflag;
340 qual_flags1[n] |= bitflag;
344 #if SUPPORTED_PERSONALITIES >= 3
345 if (pers == 2 || pers < 0) {
347 qual_flags2[n] &= ~bitflag;
349 qual_flags2[n] |= bitflag;
355 qual_syscall(const char *s, int bitflag, int not)
360 if (*s >= '0' && *s <= '9') {
361 int i = string_to_uint(s);
362 if (i < 0 || i >= MAX_QUALS)
364 qualify_one(i, bitflag, not, -1);
367 for (i = 0; i < nsyscalls0; i++)
368 if (sysent0[i].sys_name &&
369 strcmp(s, sysent0[i].sys_name) == 0) {
370 qualify_one(i, bitflag, not, 0);
374 #if SUPPORTED_PERSONALITIES >= 2
375 for (i = 0; i < nsyscalls1; i++)
376 if (sysent1[i].sys_name &&
377 strcmp(s, sysent1[i].sys_name) == 0) {
378 qualify_one(i, bitflag, not, 1);
383 #if SUPPORTED_PERSONALITIES >= 3
384 for (i = 0; i < nsyscalls2; i++)
385 if (sysent2[i].sys_name &&
386 strcmp(s, sysent2[i].sys_name) == 0) {
387 qualify_one(i, bitflag, not, 2);
396 qual_signal(const char *s, int bitflag, int not)
400 if (*s >= '0' && *s <= '9') {
401 int signo = string_to_uint(s);
402 if (signo < 0 || signo >= MAX_QUALS)
404 qualify_one(signo, bitflag, not, -1);
407 if (strncasecmp(s, "SIG", 3) == 0)
409 for (i = 0; i <= NSIG; i++) {
410 if (strcasecmp(s, signame(i) + 3) == 0) {
411 qualify_one(i, bitflag, not, -1);
419 qual_fault(const char *s, int bitflag, int not)
425 qual_desc(const char *s, int bitflag, int not)
427 if (*s >= '0' && *s <= '9') {
428 int desc = string_to_uint(s);
429 if (desc < 0 || desc >= MAX_QUALS)
431 qualify_one(desc, bitflag, not, -1);
438 lookup_class(const char *s)
440 if (strcmp(s, "file") == 0)
442 if (strcmp(s, "ipc") == 0)
444 if (strcmp(s, "network") == 0)
445 return TRACE_NETWORK;
446 if (strcmp(s, "process") == 0)
447 return TRACE_PROCESS;
448 if (strcmp(s, "signal") == 0)
450 if (strcmp(s, "desc") == 0)
452 if (strcmp(s, "memory") == 0)
458 qualify(const char *s)
460 const struct qual_options *opt;
466 opt = &qual_options[0];
467 for (i = 0; (p = qual_options[i].option_name); i++) {
469 if (strncmp(s, p, n) == 0 && s[n] == '=') {
470 opt = &qual_options[i];
480 if (strcmp(s, "none") == 0) {
484 if (strcmp(s, "all") == 0) {
485 for (i = 0; i < MAX_QUALS; i++) {
486 qualify_one(i, opt->bitflag, not, -1);
490 for (i = 0; i < MAX_QUALS; i++) {
491 qualify_one(i, opt->bitflag, !not, -1);
496 for (p = strtok(copy, ","); p; p = strtok(NULL, ",")) {
497 if (opt->bitflag == QUAL_TRACE && (n = lookup_class(p)) > 0) {
498 for (i = 0; i < nsyscalls0; i++)
499 if (sysent0[i].sys_flags & n)
500 qualify_one(i, opt->bitflag, not, 0);
502 #if SUPPORTED_PERSONALITIES >= 2
503 for (i = 0; i < nsyscalls1; i++)
504 if (sysent1[i].sys_flags & n)
505 qualify_one(i, opt->bitflag, not, 1);
508 #if SUPPORTED_PERSONALITIES >= 3
509 for (i = 0; i < nsyscalls2; i++)
510 if (sysent2[i].sys_flags & n)
511 qualify_one(i, opt->bitflag, not, 2);
516 if (opt->qualify(p, opt->bitflag, not)) {
517 error_msg_and_die("invalid %s '%s'",
518 opt->argument_name, p);
525 #ifdef SYS_socket_subcall
527 decode_socket_subcall(struct tcb *tcp)
530 unsigned int i, size;
532 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= SYS_socket_nsubcalls)
535 tcp->scno = SYS_socket_subcall + tcp->u_arg[0];
536 addr = tcp->u_arg[1];
537 tcp->u_nargs = sysent[tcp->scno].nargs;
538 size = current_wordsize;
539 for (i = 0; i < tcp->u_nargs; ++i) {
540 if (size == sizeof(int)) {
542 if (umove(tcp, addr, &arg) < 0)
548 if (umove(tcp, addr, &arg) < 0)
557 #ifdef SYS_ipc_subcall
559 decode_ipc_subcall(struct tcb *tcp)
563 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= SYS_ipc_nsubcalls)
566 tcp->scno = SYS_ipc_subcall + tcp->u_arg[0];
567 tcp->u_nargs = sysent[tcp->scno].nargs;
568 for (i = 0; i < tcp->u_nargs; i++)
569 tcp->u_arg[i] = tcp->u_arg[i + 1];
574 printargs(struct tcb *tcp)
579 for (i = 0; i < tcp->u_nargs; i++)
580 tprintf("%s%#lx", i ? ", " : "", tcp->u_arg[i]);
586 printargs_lu(struct tcb *tcp)
591 for (i = 0; i < tcp->u_nargs; i++)
592 tprintf("%s%lu", i ? ", " : "", tcp->u_arg[i]);
598 printargs_ld(struct tcb *tcp)
603 for (i = 0; i < tcp->u_nargs; i++)
604 tprintf("%s%ld", i ? ", " : "", tcp->u_arg[i]);
610 getrval2(struct tcb *tcp)
614 #if defined(SPARC) || defined(SPARC64)
616 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
618 val = regs.u_regs[U_REG_O1];
620 if (upeek(tcp, 4*(REG_REG0+1), &val) < 0)
623 if (upeek(tcp, PT_R9, &val) < 0)
631 is_restart_error(struct tcb *tcp)
633 switch (tcp->u_error) {
637 case ERESTART_RESTARTBLOCK:
646 struct pt_regs i386_regs;
647 #elif defined(X86_64) || defined(X32)
649 * On 32 bits, pt_regs and user_regs_struct are the same,
650 * but on 64 bits, user_regs_struct has six more fields:
651 * fs_base, gs_base, ds, es, fs, gs.
652 * PTRACE_GETREGS fills them too, so struct pt_regs would overflow.
654 static struct user_regs_struct x86_64_regs;
656 long r8, r10, psr; /* TODO: make static? */
657 long ia32 = 0; /* not static */
658 #elif defined(POWERPC)
659 static long ppc_result;
665 static struct pt_regs regs;
666 #elif defined(AARCH64)
667 static struct user_pt_regs regs;
672 static struct pt_regs regs;
673 #elif defined(SPARC) || defined(SPARC64)
674 static struct pt_regs regs;
675 static unsigned long trap;
676 #elif defined(LINUX_MIPSN32)
682 #elif defined(S390) || defined(S390X)
685 static long syscall_mode;
692 #elif defined(CRISV10) || defined(CRISV32)
694 #elif defined(MICROBLAZE)
699 * 0: "ignore this ptrace stop", bail out of trace_syscall_entering() silently.
700 * 1: ok, continue in trace_syscall_entering().
701 * other: error, trace_syscall_entering() should print error indicator
702 * ("????" etc) and bail out.
705 get_scno(struct tcb *tcp)
709 #if defined(S390) || defined(S390X)
710 if (upeek(tcp, PT_GPR2, &syscall_mode) < 0)
713 if (syscall_mode != -ENOSYS) {
715 * Since kernel version 2.5.44 the scno gets passed in gpr2.
720 * Old style of "passing" the scno via the SVC instruction.
722 long opcode, offset_reg, tmp;
724 static const int gpr_offset[16] = {
725 PT_GPR0, PT_GPR1, PT_ORIGGPR2, PT_GPR3,
726 PT_GPR4, PT_GPR5, PT_GPR6, PT_GPR7,
727 PT_GPR8, PT_GPR9, PT_GPR10, PT_GPR11,
728 PT_GPR12, PT_GPR13, PT_GPR14, PT_GPR15
731 if (upeek(tcp, PT_PSWADDR, &pc) < 0)
734 opcode = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)(pc-sizeof(long)), 0);
736 perror_msg("%s", "peektext(pc-oneword)");
741 * We have to check if the SVC got executed directly or via an
742 * EXECUTE instruction. In case of EXECUTE it is necessary to do
743 * instruction decoding to derive the system call number.
744 * Unfortunately the opcode sizes of EXECUTE and SVC are differently,
745 * so that this doesn't work if a SVC opcode is part of an EXECUTE
746 * opcode. Since there is no way to find out the opcode size this
747 * is the best we can do...
749 if ((opcode & 0xff00) == 0x0a00) {
751 scno = opcode & 0xff;
754 /* SVC got executed by EXECUTE instruction */
757 * Do instruction decoding of EXECUTE. If you really want to
758 * understand this, read the Principles of Operations.
760 svc_addr = (void *) (opcode & 0xfff);
763 offset_reg = (opcode & 0x000f0000) >> 16;
764 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
769 offset_reg = (opcode & 0x0000f000) >> 12;
770 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
774 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, svc_addr, 0);
783 offset_reg = (opcode & 0x00f00000) >> 20;
784 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
787 scno = (scno | tmp) & 0xff;
790 #elif defined(POWERPC)
791 if (upeek(tcp, sizeof(unsigned long)*PT_R0, &scno) < 0)
794 /* TODO: speed up strace by not doing this at every syscall.
795 * We only need to do it after execve.
800 /* Check for 64/32 bit mode. */
801 if (upeek(tcp, sizeof(unsigned long)*PT_MSR, &val) < 0)
803 /* SF is bit 0 of MSR */
808 update_personality(tcp, currpers);
811 /* Read complete register set in one go. */
812 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, ®s) < 0)
816 if (upeek(tcp, PT_ORIG_P0, &scno))
819 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &i386_regs) < 0)
821 scno = i386_regs.orig_eax;
822 #elif defined(X86_64) || defined(X32)
823 # ifndef __X32_SYSCALL_BIT
824 # define __X32_SYSCALL_BIT 0x40000000
826 # ifndef __X32_SYSCALL_MASK
827 # define __X32_SYSCALL_MASK __X32_SYSCALL_BIT
831 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &x86_64_regs) < 0)
833 scno = x86_64_regs.orig_rax;
835 /* Check CS register value. On x86-64 linux it is:
836 * 0x33 for long mode (64 bit)
837 * 0x23 for compatibility mode (32 bit)
838 * Check DS register value. On x86-64 linux it is:
839 * 0x2b for x32 mode (x86-64 in 32 bit)
841 switch (x86_64_regs.cs) {
842 case 0x23: currpers = 1; break;
844 if (x86_64_regs.ds == 0x2b) {
846 scno &= ~__X32_SYSCALL_MASK;
851 fprintf(stderr, "Unknown value CS=0x%08X while "
852 "detecting personality of process "
853 "PID=%d\n", (int)x86_64_regs.cs, tcp->pid);
854 currpers = current_personality;
858 /* This version analyzes the opcode of a syscall instruction.
859 * (int 0x80 on i386 vs. syscall on x86-64)
860 * It works, but is too complicated.
862 unsigned long val, rip, i;
864 rip = x86_64_regs.rip;
866 /* sizeof(syscall) == sizeof(int 0x80) == 2 */
870 call = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)rip, (char *)0);
872 fprintf(stderr, "ptrace_peektext failed: %s\n",
874 switch (call & 0xffff) {
875 /* x86-64: syscall = 0x0f 0x05 */
876 case 0x050f: currpers = 0; break;
877 /* i386: int 0x80 = 0xcd 0x80 */
878 case 0x80cd: currpers = 1; break;
880 currpers = current_personality;
882 "Unknown syscall opcode (0x%04X) while "
883 "detecting personality of process "
884 "PID=%d\n", (int)call, tcp->pid);
889 /* Value of currpers:
893 * Value of current_personality:
899 fprintf(stderr, "syscall_%lu (...) in unsupported "
900 "64-bit mode of process PID=%d\n",
907 update_personality(tcp, currpers);
909 # define IA64_PSR_IS ((long)1 << 34)
910 if (upeek(tcp, PT_CR_IPSR, &psr) >= 0)
911 ia32 = (psr & IA64_PSR_IS) != 0;
913 if (upeek(tcp, PT_R1, &scno) < 0)
916 if (upeek(tcp, PT_R15, &scno) < 0)
920 /* Read complete register set in one go. */
921 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (void *)®s) == -1)
925 * We only need to grab the syscall number on syscall entry.
927 if (regs.ARM_ip == 0) {
929 * Note: we only deal with only 32-bit CPUs here.
931 if (regs.ARM_cpsr & 0x20) {
933 * Get the Thumb-mode system call number
938 * Get the ARM-mode system call number
941 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, (void *)(regs.ARM_pc - 4), NULL);
945 /* Handle the EABI syscall convention. We do not
946 bother converting structures between the two
947 ABIs, but basic functionality should work even
948 if strace and the traced program have different
950 if (scno == 0xef000000) {
953 if ((scno & 0x0ff00000) != 0x0f900000) {
954 fprintf(stderr, "syscall: unknown syscall trap 0x%08lx\n",
960 * Fixup the syscall number
965 if (scno & 0x0f0000) {
967 * Handle ARM specific syscall
969 update_personality(tcp, 1);
972 update_personality(tcp, 0);
975 fprintf(stderr, "pid %d stray syscall entry\n", tcp->pid);
976 tcp->flags |= TCB_INSYSCALL;
978 #elif defined(AARCH64)
981 io.iov_len = sizeof(regs);
982 if (ptrace(PTRACE_GETREGSET, tcp->pid, NT_PRSTATUS, (void *)&io) == -1)
986 if (upeek(tcp, 4*PT_ORIG_D0, &scno) < 0)
988 #elif defined(LINUX_MIPSN32)
989 unsigned long long regs[38];
991 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
997 if (!SCNO_IN_RANGE(scno)) {
998 if (a3 == 0 || a3 == -1) {
1000 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno);
1005 if (upeek(tcp, REG_A3, &a3) < 0)
1007 if (upeek(tcp, REG_V0, &scno) < 0)
1010 if (!SCNO_IN_RANGE(scno)) {
1011 if (a3 == 0 || a3 == -1) {
1013 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno);
1017 #elif defined(ALPHA)
1018 if (upeek(tcp, REG_A3, &a3) < 0)
1020 if (upeek(tcp, REG_R0, &scno) < 0)
1024 * Do some sanity checks to figure out if it's
1025 * really a syscall entry
1027 if (!SCNO_IN_RANGE(scno)) {
1028 if (a3 == 0 || a3 == -1) {
1030 fprintf(stderr, "stray syscall exit: r0 = %ld\n", scno);
1034 #elif defined(SPARC) || defined(SPARC64)
1035 /* Everything we need is in the current register set. */
1036 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
1039 /* Disassemble the syscall trap. */
1040 /* Retrieve the syscall trap instruction. */
1042 # if defined(SPARC64)
1043 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)regs.tpc, 0);
1046 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)regs.pc, 0);
1051 /* Disassemble the trap to see what personality to use. */
1054 /* Linux/SPARC syscall trap. */
1055 update_personality(tcp, 0);
1058 /* Linux/SPARC64 syscall trap. */
1059 update_personality(tcp, 2);
1062 /* SunOS syscall trap. (pers 1) */
1063 fprintf(stderr, "syscall: SunOS no support\n");
1066 /* Solaris 2.x syscall trap. (per 2) */
1067 update_personality(tcp, 1);
1070 /* NetBSD/FreeBSD syscall trap. */
1071 fprintf(stderr, "syscall: NetBSD/FreeBSD not supported\n");
1074 /* Solaris 2.x gettimeofday */
1075 update_personality(tcp, 1);
1078 # if defined(SPARC64)
1079 fprintf(stderr, "syscall: unknown syscall trap %08lx %016lx\n", trap, regs.tpc);
1081 fprintf(stderr, "syscall: unknown syscall trap %08lx %08lx\n", trap, regs.pc);
1086 /* Extract the system call number from the registers. */
1087 if (trap == 0x91d02027)
1090 scno = regs.u_regs[U_REG_G1];
1092 scno = regs.u_regs[U_REG_O0];
1093 memmove(®s.u_regs[U_REG_O0], ®s.u_regs[U_REG_O1], 7*sizeof(regs.u_regs[0]));
1096 if (upeek(tcp, PT_GR20, &scno) < 0)
1100 * In the new syscall ABI, the system call number is in R3.
1102 if (upeek(tcp, 4*(REG_REG0+3), &scno) < 0)
1106 /* Odd as it may seem, a glibc bug has been known to cause
1107 glibc to issue bogus negative syscall numbers. So for
1108 our purposes, make strace print what it *should* have been */
1109 long correct_scno = (scno & 0xff);
1112 "Detected glibc bug: bogus system call"
1113 " number = %ld, correcting to %ld\n",
1116 scno = correct_scno;
1119 if (upeek(tcp, REG_SYSCALL, &scno) < 0)
1122 #elif defined(CRISV10) || defined(CRISV32)
1123 if (upeek(tcp, 4*PT_R9, &scno) < 0)
1126 if (upeek(tcp, PTREGS_OFFSET_REG(10), &scno) < 0)
1128 #elif defined(MICROBLAZE)
1129 if (upeek(tcp, 0, &scno) < 0)
1134 /* new syscall ABI returns result in R0 */
1135 if (upeek(tcp, 4*REG_REG0, (long *)&r0) < 0)
1138 /* ABI defines result returned in r9 */
1139 if (upeek(tcp, REG_GENERAL(9), (long *)&r9) < 0)
1147 /* Called at each syscall entry.
1149 * 0: "ignore this ptrace stop", bail out of trace_syscall_entering() silently.
1150 * 1: ok, continue in trace_syscall_entering().
1151 * other: error, trace_syscall_entering() should print error indicator
1152 * ("????" etc) and bail out.
1155 syscall_fixup_on_sysenter(struct tcb *tcp)
1157 /* A common case of "not a syscall entry" is post-execve SIGTRAP */
1159 if (i386_regs.eax != -ENOSYS) {
1161 fprintf(stderr, "not a syscall entry (eax = %ld)\n", i386_regs.eax);
1164 #elif defined(X86_64) || defined(X32)
1166 long rax = x86_64_regs.rax;
1167 if (current_personality == 1)
1168 rax = (int)rax; /* sign extend from 32 bits */
1169 if (rax != -ENOSYS) {
1171 fprintf(stderr, "not a syscall entry (rax = %ld)\n", rax);
1175 #elif defined(S390) || defined(S390X)
1176 /* TODO: we already fetched PT_GPR2 in get_scno
1177 * and stored it in syscall_mode, reuse it here
1178 * instead of re-fetching?
1180 if (upeek(tcp, PT_GPR2, &gpr2) < 0)
1182 if (syscall_mode != -ENOSYS)
1183 syscall_mode = tcp->scno;
1184 if (gpr2 != syscall_mode) {
1186 fprintf(stderr, "not a syscall entry (gpr2 = %ld)\n", gpr2);
1190 /* TODO? Eliminate upeek's in arches below like we did in x86 */
1191 if (upeek(tcp, 4*PT_D0, &d0) < 0)
1193 if (d0 != -ENOSYS) {
1195 fprintf(stderr, "not a syscall entry (d0 = %ld)\n", d0);
1199 if (upeek(tcp, PT_R10, &r10) < 0)
1201 if (upeek(tcp, PT_R8, &r8) < 0)
1203 if (ia32 && r8 != -ENOSYS) {
1205 fprintf(stderr, "not a syscall entry (r8 = %ld)\n", r8);
1208 #elif defined(CRISV10) || defined(CRISV32)
1209 if (upeek(tcp, 4*PT_R10, &r10) < 0)
1211 if (r10 != -ENOSYS) {
1213 fprintf(stderr, "not a syscall entry (r10 = %ld)\n", r10);
1216 #elif defined(MICROBLAZE)
1217 if (upeek(tcp, 3 * 4, &r3) < 0)
1219 if (r3 != -ENOSYS) {
1221 fprintf(stderr, "not a syscall entry (r3 = %ld)\n", r3);
1229 internal_fork(struct tcb *tcp)
1231 #if defined S390 || defined S390X || defined CRISV10 || defined CRISV32
1232 # define ARG_FLAGS 1
1234 # define ARG_FLAGS 0
1236 #ifndef CLONE_UNTRACED
1237 # define CLONE_UNTRACED 0x00800000
1239 if ((ptrace_setoptions
1240 & (PTRACE_O_TRACECLONE | PTRACE_O_TRACEFORK | PTRACE_O_TRACEVFORK))
1241 == (PTRACE_O_TRACECLONE | PTRACE_O_TRACEFORK | PTRACE_O_TRACEVFORK))
1247 if (entering(tcp)) {
1249 * We won't see the new child if clone is called with
1250 * CLONE_UNTRACED, so we keep the same logic with that option
1251 * and don't trace it.
1253 if ((sysent[tcp->scno].sys_func == sys_clone) &&
1254 (tcp->u_arg[ARG_FLAGS] & CLONE_UNTRACED))
1258 if (tcp->flags & TCB_BPTSET)
1263 #if defined(TCB_WAITEXECVE)
1265 internal_exec(struct tcb *tcp)
1267 /* Maybe we have post-execve SIGTRAP suppressed? */
1268 if (ptrace_setoptions & PTRACE_O_TRACEEXEC)
1269 return; /* yes, no need to do anything */
1271 if (exiting(tcp) && syserror(tcp))
1272 /* Error in execve, no post-execve SIGTRAP expected */
1273 tcp->flags &= ~TCB_WAITEXECVE;
1275 tcp->flags |= TCB_WAITEXECVE;
1280 internal_syscall(struct tcb *tcp)
1283 * We must always trace a few critical system calls in order to
1284 * correctly support following forks in the presence of tracing
1289 if (!SCNO_IN_RANGE(tcp->scno))
1292 func = sysent[tcp->scno].sys_func;
1294 if ( sys_fork == func
1295 || sys_vfork == func
1296 || sys_clone == func
1302 #if defined(TCB_WAITEXECVE)
1303 if ( sys_execve == func
1304 # if defined(SPARC) || defined(SPARC64)
1305 || sys_execv == func
1314 /* Return -1 on error or 1 on success (never 0!) */
1316 get_syscall_args(struct tcb *tcp)
1320 if (SCNO_IN_RANGE(tcp->scno))
1321 nargs = tcp->u_nargs = sysent[tcp->scno].nargs;
1323 nargs = tcp->u_nargs = MAX_ARGS;
1325 #if defined(S390) || defined(S390X)
1326 for (i = 0; i < nargs; ++i)
1327 if (upeek(tcp, i==0 ? PT_ORIGGPR2 : PT_GPR2 + i*sizeof(long), &tcp->u_arg[i]) < 0)
1329 #elif defined(ALPHA)
1330 for (i = 0; i < nargs; ++i)
1331 if (upeek(tcp, REG_A0+i, &tcp->u_arg[i]) < 0)
1335 unsigned long *out0, cfm, sof, sol;
1337 /* be backwards compatible with kernel < 2.4.4... */
1339 # define PT_RBS_END PT_AR_BSP
1342 if (upeek(tcp, PT_RBS_END, &rbs_end) < 0)
1344 if (upeek(tcp, PT_CFM, (long *) &cfm) < 0)
1347 sof = (cfm >> 0) & 0x7f;
1348 sol = (cfm >> 7) & 0x7f;
1349 out0 = ia64_rse_skip_regs((unsigned long *) rbs_end, -sof + sol);
1351 for (i = 0; i < nargs; ++i) {
1352 if (umoven(tcp, (unsigned long) ia64_rse_skip_regs(out0, i),
1353 sizeof(long), (char *) &tcp->u_arg[i]) < 0)
1357 static const int argreg[MAX_ARGS] = { PT_R11 /* EBX = out0 */,
1358 PT_R9 /* ECX = out1 */,
1359 PT_R10 /* EDX = out2 */,
1360 PT_R14 /* ESI = out3 */,
1361 PT_R15 /* EDI = out4 */,
1362 PT_R13 /* EBP = out5 */};
1364 for (i = 0; i < nargs; ++i) {
1365 if (upeek(tcp, argreg[i], &tcp->u_arg[i]) < 0)
1367 /* truncate away IVE sign-extension */
1368 tcp->u_arg[i] &= 0xffffffff;
1371 #elif defined(LINUX_MIPSN32) || defined(LINUX_MIPSN64)
1372 /* N32 and N64 both use up to six registers. */
1373 unsigned long long regs[38];
1375 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1378 for (i = 0; i < nargs; ++i) {
1379 tcp->u_arg[i] = regs[REG_A0 + i];
1380 # if defined(LINUX_MIPSN32)
1381 tcp->ext_arg[i] = regs[REG_A0 + i];
1388 if (upeek(tcp, REG_SP, &sp) < 0)
1390 for (i = 0; i < 4; ++i)
1391 if (upeek(tcp, REG_A0 + i, &tcp->u_arg[i]) < 0)
1393 umoven(tcp, sp + 16, (nargs - 4) * sizeof(tcp->u_arg[0]),
1394 (char *)(tcp->u_arg + 4));
1396 for (i = 0; i < nargs; ++i)
1397 if (upeek(tcp, REG_A0 + i, &tcp->u_arg[i]) < 0)
1400 #elif defined(POWERPC)
1402 # define PT_ORIG_R3 34
1404 for (i = 0; i < nargs; ++i) {
1405 if (upeek(tcp, (i==0) ?
1406 (sizeof(unsigned long) * PT_ORIG_R3) :
1407 ((i+PT_R3) * sizeof(unsigned long)),
1408 &tcp->u_arg[i]) < 0)
1411 #elif defined(SPARC) || defined(SPARC64)
1412 for (i = 0; i < nargs; ++i)
1413 tcp->u_arg[i] = regs.u_regs[U_REG_O0 + i];
1415 for (i = 0; i < nargs; ++i)
1416 if (upeek(tcp, PT_GR26-4*i, &tcp->u_arg[i]) < 0)
1419 for (i = 0; i < nargs; ++i)
1420 tcp->u_arg[i] = regs.uregs[i];
1421 #elif defined(AARCH64)
1422 for (i = 0; i < nargs; ++i)
1423 tcp->u_arg[i] = regs.regs[i];
1424 #elif defined(AVR32)
1427 tcp->u_arg[0] = regs.r12;
1428 tcp->u_arg[1] = regs.r11;
1429 tcp->u_arg[2] = regs.r10;
1430 tcp->u_arg[3] = regs.r9;
1431 tcp->u_arg[4] = regs.r5;
1432 tcp->u_arg[5] = regs.r3;
1434 static const int argreg[MAX_ARGS] = { PT_R0, PT_R1, PT_R2, PT_R3, PT_R4, PT_R5 };
1436 for (i = 0; i < nargs; ++i)
1437 if (upeek(tcp, argreg[i], &tcp->u_arg[i]) < 0)
1440 static const int syscall_regs[MAX_ARGS] = {
1441 4 * (REG_REG0+4), 4 * (REG_REG0+5), 4 * (REG_REG0+6),
1442 4 * (REG_REG0+7), 4 * (REG_REG0 ), 4 * (REG_REG0+1)
1445 for (i = 0; i < nargs; ++i)
1446 if (upeek(tcp, syscall_regs[i], &tcp->u_arg[i]) < 0)
1450 /* Registers used by SH5 Linux system calls for parameters */
1451 static const int syscall_regs[MAX_ARGS] = { 2, 3, 4, 5, 6, 7 };
1453 for (i = 0; i < nargs; ++i)
1454 if (upeek(tcp, REG_GENERAL(syscall_regs[i]), &tcp->u_arg[i]) < 0)
1456 #elif defined(X86_64) || defined(X32)
1459 if (current_personality != 1) { /* x86-64 or x32 ABI */
1460 tcp->u_arg[0] = x86_64_regs.rdi;
1461 tcp->u_arg[1] = x86_64_regs.rsi;
1462 tcp->u_arg[2] = x86_64_regs.rdx;
1463 tcp->u_arg[3] = x86_64_regs.r10;
1464 tcp->u_arg[4] = x86_64_regs.r8;
1465 tcp->u_arg[5] = x86_64_regs.r9;
1467 tcp->ext_arg[0] = x86_64_regs.rdi;
1468 tcp->ext_arg[1] = x86_64_regs.rsi;
1469 tcp->ext_arg[2] = x86_64_regs.rdx;
1470 tcp->ext_arg[3] = x86_64_regs.r10;
1471 tcp->ext_arg[4] = x86_64_regs.r8;
1472 tcp->ext_arg[5] = x86_64_regs.r9;
1474 } else { /* i386 ABI */
1475 /* Sign-extend lower 32 bits */
1476 tcp->u_arg[0] = (long)(int)x86_64_regs.rbx;
1477 tcp->u_arg[1] = (long)(int)x86_64_regs.rcx;
1478 tcp->u_arg[2] = (long)(int)x86_64_regs.rdx;
1479 tcp->u_arg[3] = (long)(int)x86_64_regs.rsi;
1480 tcp->u_arg[4] = (long)(int)x86_64_regs.rdi;
1481 tcp->u_arg[5] = (long)(int)x86_64_regs.rbp;
1483 #elif defined(MICROBLAZE)
1484 for (i = 0; i < nargs; ++i)
1485 if (upeek(tcp, (5 + i) * 4, &tcp->u_arg[i]) < 0)
1487 #elif defined(CRISV10) || defined(CRISV32)
1488 static const int crisregs[MAX_ARGS] = {
1489 4*PT_ORIG_R10, 4*PT_R11, 4*PT_R12,
1490 4*PT_R13 , 4*PT_MOF, 4*PT_SRP
1493 for (i = 0; i < nargs; ++i)
1494 if (upeek(tcp, crisregs[i], &tcp->u_arg[i]) < 0)
1497 for (i = 0; i < nargs; ++i)
1498 if (upeek(tcp, PTREGS_OFFSET_REG(i), &tcp->u_arg[i]) < 0)
1501 for (i = 0; i < nargs; ++i)
1502 if (upeek(tcp, (i < 5 ? i : i + 2)*4, &tcp->u_arg[i]) < 0)
1507 tcp->u_arg[0] = i386_regs.ebx;
1508 tcp->u_arg[1] = i386_regs.ecx;
1509 tcp->u_arg[2] = i386_regs.edx;
1510 tcp->u_arg[3] = i386_regs.esi;
1511 tcp->u_arg[4] = i386_regs.edi;
1512 tcp->u_arg[5] = i386_regs.ebp;
1513 #else /* Other architecture (32bits specific) */
1514 for (i = 0; i < nargs; ++i)
1515 if (upeek(tcp, i*4, &tcp->u_arg[i]) < 0)
1522 trace_syscall_entering(struct tcb *tcp)
1526 #if defined TCB_WAITEXECVE
1527 if (tcp->flags & TCB_WAITEXECVE) {
1528 /* This is the post-execve SIGTRAP. */
1529 tcp->flags &= ~TCB_WAITEXECVE;
1534 scno_good = res = get_scno(tcp);
1538 res = syscall_fixup_on_sysenter(tcp);
1542 res = get_syscall_args(tcp);
1548 tprints("????" /* anti-trigraph gap */ "(");
1549 else if (!SCNO_IN_RANGE(tcp->scno))
1550 tprintf("syscall_%lu(", tcp->scno);
1552 tprintf("%s(", sysent[tcp->scno].sys_name);
1554 * " <unavailable>" will be added later by the code which
1555 * detects ptrace errors.
1560 #if defined(SYS_socket_subcall) || defined(SYS_ipc_subcall)
1561 while (SCNO_IN_RANGE(tcp->scno)) {
1562 # ifdef SYS_socket_subcall
1563 if (sysent[tcp->scno].sys_func == sys_socketcall) {
1564 decode_socket_subcall(tcp);
1568 # ifdef SYS_ipc_subcall
1569 if (sysent[tcp->scno].sys_func == sys_ipc) {
1570 decode_ipc_subcall(tcp);
1576 #endif /* SYS_socket_subcall || SYS_ipc_subcall */
1578 internal_syscall(tcp);
1580 if ((SCNO_IN_RANGE(tcp->scno) &&
1581 !(qual_flags[tcp->scno] & QUAL_TRACE)) ||
1582 (tracing_paths && !pathtrace_match(tcp))) {
1583 tcp->flags |= TCB_INSYSCALL | TCB_FILTERED;
1587 tcp->flags &= ~TCB_FILTERED;
1589 if (cflag == CFLAG_ONLY_STATS) {
1595 if (!SCNO_IN_RANGE(tcp->scno))
1596 tprintf("syscall_%lu(", tcp->scno);
1598 tprintf("%s(", sysent[tcp->scno].sys_name);
1599 if (!SCNO_IN_RANGE(tcp->scno) ||
1600 ((qual_flags[tcp->scno] & QUAL_RAW) &&
1601 sysent[tcp->scno].sys_func != sys_exit))
1602 res = printargs(tcp);
1604 res = (*sysent[tcp->scno].sys_func)(tcp);
1608 tcp->flags |= TCB_INSYSCALL;
1609 /* Measure the entrance time as late as possible to avoid errors. */
1611 gettimeofday(&tcp->etime, NULL);
1616 * 1: ok, continue in trace_syscall_exiting().
1617 * -1: error, trace_syscall_exiting() should print error indicator
1618 * ("????" etc) and bail out.
1621 get_syscall_result(struct tcb *tcp)
1623 #if defined(S390) || defined(S390X)
1624 if (upeek(tcp, PT_GPR2, &gpr2) < 0)
1626 #elif defined(POWERPC)
1627 # define SO_MASK 0x10000000
1630 if (upeek(tcp, sizeof(unsigned long)*PT_CCR, &flags) < 0)
1632 if (upeek(tcp, sizeof(unsigned long)*PT_R3, &ppc_result) < 0)
1634 if (flags & SO_MASK)
1635 ppc_result = -ppc_result;
1637 #elif defined(AVR32)
1638 /* Read complete register set in one go. */
1639 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, ®s) < 0)
1642 if (upeek(tcp, PT_R0, &r0) < 0)
1645 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &i386_regs) < 0)
1647 #elif defined(X86_64) || defined(X32)
1648 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &x86_64_regs) < 0)
1651 # define IA64_PSR_IS ((long)1 << 34)
1652 if (upeek(tcp, PT_CR_IPSR, &psr) >= 0)
1653 ia32 = (psr & IA64_PSR_IS) != 0;
1654 if (upeek(tcp, PT_R8, &r8) < 0)
1656 if (upeek(tcp, PT_R10, &r10) < 0)
1659 /* Read complete register set in one go. */
1660 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (void *)®s) == -1)
1662 #elif defined(AARCH64)
1664 io.iov_base = ®s;
1665 io.iov_len = sizeof(regs);
1666 if (ptrace(PTRACE_GETREGSET, tcp->pid, NT_PRSTATUS, (void *)&io) == -1)
1669 if (upeek(tcp, 4*PT_D0, &d0) < 0)
1671 #elif defined(LINUX_MIPSN32)
1672 unsigned long long regs[38];
1674 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1679 if (upeek(tcp, REG_A3, &a3) < 0)
1681 if (upeek(tcp, REG_V0, &r2) < 0)
1683 #elif defined(ALPHA)
1684 if (upeek(tcp, REG_A3, &a3) < 0)
1686 if (upeek(tcp, REG_R0, &r0) < 0)
1688 #elif defined(SPARC) || defined(SPARC64)
1689 /* Everything we need is in the current register set. */
1690 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
1693 if (upeek(tcp, PT_GR28, &r28) < 0)
1697 #elif defined(CRISV10) || defined(CRISV32)
1698 if (upeek(tcp, 4*PT_R10, &r10) < 0)
1701 #elif defined(MICROBLAZE)
1702 if (upeek(tcp, 3 * 4, &r3) < 0)
1707 /* new syscall ABI returns result in R0 */
1708 if (upeek(tcp, 4*REG_REG0, (long *)&r0) < 0)
1711 /* ABI defines result returned in r9 */
1712 if (upeek(tcp, REG_GENERAL(9), (long *)&r9) < 0)
1719 /* Called at each syscall exit */
1721 syscall_fixup_on_sysexit(struct tcb *tcp)
1723 #if defined(S390) || defined(S390X)
1724 if (syscall_mode != -ENOSYS)
1725 syscall_mode = tcp->scno;
1726 if ((tcp->flags & TCB_WAITEXECVE)
1727 && (gpr2 == -ENOSYS || gpr2 == tcp->scno)) {
1729 * Return from execve.
1730 * Fake a return value of zero. We leave the TCB_WAITEXECVE
1731 * flag set for the post-execve SIGTRAP to see and reset.
1739 * Check the syscall return value register value for whether it is
1740 * a negated errno code indicating an error, or a success return value.
1743 is_negated_errno(unsigned long int val)
1745 unsigned long int max = -(long int) nerrnos;
1746 #if SUPPORTED_PERSONALITIES > 1
1747 if (current_wordsize < sizeof(val)) {
1748 val = (unsigned int) val;
1749 max = (unsigned int) max;
1756 * 1: ok, continue in trace_syscall_exiting().
1757 * -1: error, trace_syscall_exiting() should print error indicator
1758 * ("????" etc) and bail out.
1761 get_error(struct tcb *tcp)
1764 int check_errno = 1;
1765 if (SCNO_IN_RANGE(tcp->scno) &&
1766 sysent[tcp->scno].sys_flags & SYSCALL_NEVER_FAILS) {
1769 #if defined(S390) || defined(S390X)
1770 if (check_errno && is_negated_errno(gpr2)) {
1778 if (check_errno && is_negated_errno(i386_regs.eax)) {
1780 u_error = -i386_regs.eax;
1783 tcp->u_rval = i386_regs.eax;
1785 #elif defined(X86_64) || defined(X32)
1786 if (check_errno && is_negated_errno(x86_64_regs.rax)) {
1788 u_error = -x86_64_regs.rax;
1791 tcp->u_rval = x86_64_regs.rax;
1793 tcp->u_lrval = x86_64_regs.rax;
1801 if (check_errno && is_negated_errno(err)) {
1809 if (check_errno && r10) {
1817 if (check_errno && a3) {
1822 # if defined(LINUX_MIPSN32)
1826 #elif defined(POWERPC)
1827 if (check_errno && is_negated_errno(ppc_result)) {
1829 u_error = -ppc_result;
1832 tcp->u_rval = ppc_result;
1835 if (check_errno && is_negated_errno(d0)) {
1843 if (check_errno && is_negated_errno(regs.ARM_r0)) {
1845 u_error = -regs.ARM_r0;
1848 tcp->u_rval = regs.ARM_r0;
1850 #elif defined(AARCH64)
1851 if (check_errno && is_negated_errno(regs.regs[0])) {
1853 u_error = -regs.regs[0];
1856 tcp->u_rval = regs.regs[0];
1858 #elif defined(AVR32)
1859 if (check_errno && regs.r12 && (unsigned) -regs.r12 < nerrnos) {
1861 u_error = -regs.r12;
1864 tcp->u_rval = regs.r12;
1867 if (check_errno && is_negated_errno(r0)) {
1873 #elif defined(ALPHA)
1874 if (check_errno && a3) {
1881 #elif defined(SPARC)
1882 if (check_errno && regs.psr & PSR_C) {
1884 u_error = regs.u_regs[U_REG_O0];
1887 tcp->u_rval = regs.u_regs[U_REG_O0];
1889 #elif defined(SPARC64)
1890 if (check_errno && regs.tstate & 0x1100000000UL) {
1892 u_error = regs.u_regs[U_REG_O0];
1895 tcp->u_rval = regs.u_regs[U_REG_O0];
1898 if (check_errno && is_negated_errno(r28)) {
1906 if (check_errno && is_negated_errno(r0)) {
1914 if (check_errno && is_negated_errno(r9)) {
1921 #elif defined(CRISV10) || defined(CRISV32)
1922 if (check_errno && r10 && (unsigned) -r10 < nerrnos) {
1931 if (upeek(tcp, PTREGS_OFFSET_REG(0), &rval) < 0)
1933 if (check_errno && rval < 0 && rval > -nerrnos) {
1940 #elif defined(MICROBLAZE)
1941 if (check_errno && is_negated_errno(r3)) {
1949 tcp->u_error = u_error;
1954 dumpio(struct tcb *tcp)
1958 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= MAX_QUALS)
1960 if (!SCNO_IN_RANGE(tcp->scno))
1962 if (sysent[tcp->scno].sys_func == printargs)
1964 if (qual_flags[tcp->u_arg[0]] & QUAL_READ) {
1965 if (sysent[tcp->scno].sys_func == sys_read ||
1966 sysent[tcp->scno].sys_func == sys_pread ||
1967 sysent[tcp->scno].sys_func == sys_recv ||
1968 sysent[tcp->scno].sys_func == sys_recvfrom)
1969 dumpstr(tcp, tcp->u_arg[1], tcp->u_rval);
1970 else if (sysent[tcp->scno].sys_func == sys_readv)
1971 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]);
1974 if (qual_flags[tcp->u_arg[0]] & QUAL_WRITE) {
1975 if (sysent[tcp->scno].sys_func == sys_write ||
1976 sysent[tcp->scno].sys_func == sys_pwrite ||
1977 sysent[tcp->scno].sys_func == sys_send ||
1978 sysent[tcp->scno].sys_func == sys_sendto)
1979 dumpstr(tcp, tcp->u_arg[1], tcp->u_arg[2]);
1980 else if (sysent[tcp->scno].sys_func == sys_writev)
1981 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]);
1987 trace_syscall_exiting(struct tcb *tcp)
1994 /* Measure the exit time as early as possible to avoid errors. */
1996 gettimeofday(&tv, NULL);
1998 #if SUPPORTED_PERSONALITIES > 1
1999 update_personality(tcp, tcp->currpers);
2001 res = get_syscall_result(tcp);
2003 syscall_fixup_on_sysexit(tcp); /* never fails */
2004 res = get_error(tcp); /* returns 1 or -1 */
2006 internal_syscall(tcp);
2007 if (filtered(tcp)) {
2014 struct timeval t = tv;
2015 count_syscall(tcp, &t);
2016 if (cflag == CFLAG_ONLY_STATS) {
2021 /* If not in -ff mode, and printing_tcp != tcp,
2022 * then the log currently does not end with output
2023 * of _our syscall entry_, but with something else.
2024 * We need to say which syscall's return is this.
2026 * Forced reprinting via TCB_REPRINT is used only by
2027 * "strace -ff -oLOG test/threaded_execve" corner case.
2028 * It's the only case when -ff mode needs reprinting.
2030 if ((followfork < 2 && printing_tcp != tcp) || (tcp->flags & TCB_REPRINT)) {
2031 tcp->flags &= ~TCB_REPRINT;
2033 if (!SCNO_IN_RANGE(tcp->scno))
2034 tprintf("<... syscall_%lu resumed> ", tcp->scno);
2036 tprintf("<... %s resumed> ", sysent[tcp->scno].sys_name);
2041 /* There was error in one of prior ptrace ops */
2044 tprints("= ? <unavailable>\n");
2046 tcp->flags &= ~TCB_INSYSCALL;
2051 if (!SCNO_IN_RANGE(tcp->scno)
2052 || (qual_flags[tcp->scno] & QUAL_RAW)) {
2053 /* sys_res = printargs(tcp); - but it's nop on sysexit */
2055 /* FIXME: not_failing_only (IOW, option -z) is broken:
2056 * failure of syscall is known only after syscall return.
2057 * Thus we end up with something like this on, say, ENOENT:
2058 * open("doesnt_exist", O_RDONLY <unfinished ...>
2059 * {next syscall decode}
2060 * whereas the intended result is that open(...) line
2061 * is not shown at all.
2063 if (not_failing_only && tcp->u_error)
2064 goto ret; /* ignore failed syscalls */
2065 sys_res = (*sysent[tcp->scno].sys_func)(tcp);
2070 u_error = tcp->u_error;
2071 if (!SCNO_IN_RANGE(tcp->scno) ||
2072 qual_flags[tcp->scno] & QUAL_RAW) {
2074 tprintf("= -1 (errno %ld)", u_error);
2076 tprintf("= %#lx", tcp->u_rval);
2078 else if (!(sys_res & RVAL_NONE) && u_error) {
2080 /* Blocked signals do not interrupt any syscalls.
2081 * In this case syscalls don't return ERESTARTfoo codes.
2083 * Deadly signals set to SIG_DFL interrupt syscalls
2084 * and kill the process regardless of which of the codes below
2085 * is returned by the interrupted syscall.
2086 * In some cases, kernel forces a kernel-generated deadly
2087 * signal to be unblocked and set to SIG_DFL (and thus cause
2088 * death) if it is blocked or SIG_IGNed: for example, SIGSEGV
2089 * or SIGILL. (The alternative is to leave process spinning
2090 * forever on the faulty instruction - not useful).
2092 * SIG_IGNed signals and non-deadly signals set to SIG_DFL
2093 * (for example, SIGCHLD, SIGWINCH) interrupt syscalls,
2094 * but kernel will always restart them.
2097 /* Most common type of signal-interrupted syscall exit code.
2098 * The system call will be restarted with the same arguments
2099 * if SA_RESTART is set; otherwise, it will fail with EINTR.
2101 tprints("= ? ERESTARTSYS (To be restarted if SA_RESTART is set)");
2103 case ERESTARTNOINTR:
2104 /* Rare. For example, fork() returns this if interrupted.
2105 * SA_RESTART is ignored (assumed set): the restart is unconditional.
2107 tprints("= ? ERESTARTNOINTR (To be restarted)");
2109 case ERESTARTNOHAND:
2110 /* pause(), rt_sigsuspend() etc use this code.
2111 * SA_RESTART is ignored (assumed not set):
2112 * syscall won't restart (will return EINTR instead)
2113 * even after signal with SA_RESTART set.
2114 * However, after SIG_IGN or SIG_DFL signal it will.
2116 tprints("= ? ERESTARTNOHAND (Interrupted by signal)");
2118 case ERESTART_RESTARTBLOCK:
2119 /* Syscalls like nanosleep(), poll() which can't be
2120 * restarted with their original arguments use this
2121 * code. Kernel will execute restart_syscall() instead,
2122 * which changes arguments before restarting syscall.
2123 * SA_RESTART is ignored (assumed not set) similarly
2124 * to ERESTARTNOHAND. (Kernel can't honor SA_RESTART
2125 * since restart data is saved in "restart block"
2126 * in task struct, and if signal handler uses a syscall
2127 * which in turn saves another such restart block,
2128 * old data is lost and restart becomes impossible)
2130 tprints("= ? ERESTART_RESTARTBLOCK (Interrupted by signal)");
2134 tprintf("= -1 E??? (errno %ld)", u_error);
2135 else if (u_error < nerrnos)
2136 tprintf("= -1 %s (%s)", errnoent[u_error],
2139 tprintf("= -1 ERRNO_%ld (%s)", u_error,
2143 if ((sys_res & RVAL_STR) && tcp->auxstr)
2144 tprintf(" (%s)", tcp->auxstr);
2147 if (sys_res & RVAL_NONE)
2150 switch (sys_res & RVAL_MASK) {
2152 tprintf("= %#lx", tcp->u_rval);
2155 tprintf("= %#lo", tcp->u_rval);
2158 tprintf("= %lu", tcp->u_rval);
2161 tprintf("= %ld", tcp->u_rval);
2163 #if defined(LINUX_MIPSN32) || defined(X32)
2166 tprintf("= %#llx", tcp->u_lrval);
2169 tprintf("= %#llo", tcp->u_lrval);
2172 case RVAL_LUDECIMAL:
2173 tprintf("= %llu", tcp->u_lrval);
2177 tprintf("= %lld", tcp->u_lrval);
2183 "invalid rval format\n");
2187 if ((sys_res & RVAL_STR) && tcp->auxstr)
2188 tprintf(" (%s)", tcp->auxstr);
2191 tv_sub(&tv, &tv, &tcp->etime);
2192 tprintf(" <%ld.%06ld>",
2193 (long) tv.tv_sec, (long) tv.tv_usec);
2200 tcp->flags &= ~TCB_INSYSCALL;
2205 trace_syscall(struct tcb *tcp)
2207 return exiting(tcp) ?
2208 trace_syscall_exiting(tcp) : trace_syscall_entering(tcp);