2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl>
3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl>
4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com>
5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl>
6 * Copyright (c) 1999 IBM Deutschland Entwicklung GmbH, IBM Corporation
7 * Linux for s390 port by D.J. Barrow
8 * <barrow_dj@mail.yahoo.com,djbarrow@de.ibm.com>
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. The name of the author may not be used to endorse or promote products
20 * derived from this software without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
42 #include <sys/syscall.h>
43 #include <sys/param.h>
47 #ifndef PTRACE_PEEKUSR
48 # define PTRACE_PEEKUSR PTRACE_PEEKUSER
50 #elif defined(HAVE_LINUX_PTRACE_H)
52 # ifdef HAVE_STRUCT_IA64_FPREG
53 # define ia64_fpreg XXX_ia64_fpreg
55 # ifdef HAVE_STRUCT_PT_ALL_USER_REGS
56 # define pt_all_user_regs XXX_pt_all_user_regs
58 #include <linux/ptrace.h>
60 # undef pt_all_user_regs
63 #if defined (LINUX) && defined (SPARC64)
64 # undef PTRACE_GETREGS
65 # define PTRACE_GETREGS PTRACE_GETREGS64
66 # undef PTRACE_SETREGS
67 # define PTRACE_SETREGS PTRACE_SETREGS64
68 #endif /* LINUX && SPARC64 */
70 #if defined(LINUX) && defined(IA64)
71 # include <asm/ptrace_offsets.h>
75 #define NR_SYSCALL_BASE 0
78 #define ERESTARTSYS 512
80 #ifndef ERESTARTNOINTR
81 #define ERESTARTNOINTR 513
83 #ifndef ERESTARTNOHAND
84 #define ERESTARTNOHAND 514 /* restart if no handler.. */
87 #define ENOIOCTLCMD 515 /* No ioctl command */
89 #ifndef ERESTART_RESTARTBLOCK
90 #define ERESTART_RESTARTBLOCK 516 /* restart by calling sys_restart_syscall */
93 #warning: NSIG is not defined, using 32
97 /* Ugh. Is this really correct? ARM has no RT signals?! */
100 #undef NR_SYSCALL_BASE
101 #define NR_SYSCALL_BASE __NR_SYSCALL_BASE
107 /* Define these shorthand notations to simplify the syscallent files. */
108 #define TD TRACE_DESC
109 #define TF TRACE_FILE
111 #define TN TRACE_NETWORK
112 #define TP TRACE_PROCESS
113 #define TS TRACE_SIGNAL
114 #define NF SYSCALL_NEVER_FAILS
117 static const struct sysent sysent0[] = {
118 #include "syscallent.h"
121 #if SUPPORTED_PERSONALITIES >= 2
122 static const struct sysent sysent1[] = {
123 #include "syscallent1.h"
127 #if SUPPORTED_PERSONALITIES >= 3
128 static const struct sysent sysent2[] = {
129 #include "syscallent2.h"
133 /* Now undef them since short defines cause wicked namespace pollution. */
145 * `ioctlent.h' may be generated from `ioctlent.raw' by the auxiliary
146 * program `ioctlsort', such that the list is sorted by the `code' field.
147 * This has the side-effect of resolving the _IO.. macros into
148 * plain integers, eliminating the need to include here everything
153 static const char *const errnoent0[] = {
154 #include "errnoent.h"
156 static const char *const signalent0[] = {
157 #include "signalent.h"
159 static const struct ioctlent ioctlent0[] = {
160 #include "ioctlent.h"
162 enum { nsyscalls0 = ARRAY_SIZE(sysent0) };
163 enum { nerrnos0 = ARRAY_SIZE(errnoent0) };
164 enum { nsignals0 = ARRAY_SIZE(signalent0) };
165 enum { nioctlents0 = ARRAY_SIZE(ioctlent0) };
166 int qual_flags0[MAX_QUALS];
168 #if SUPPORTED_PERSONALITIES >= 2
169 static const char *const errnoent1[] = {
170 #include "errnoent1.h"
172 static const char *const signalent1[] = {
173 #include "signalent1.h"
175 static const struct ioctlent ioctlent1[] = {
176 #include "ioctlent1.h"
178 enum { nsyscalls1 = ARRAY_SIZE(sysent1) };
179 enum { nerrnos1 = ARRAY_SIZE(errnoent1) };
180 enum { nsignals1 = ARRAY_SIZE(signalent1) };
181 enum { nioctlents1 = ARRAY_SIZE(ioctlent1) };
182 int qual_flags1[MAX_QUALS];
185 #if SUPPORTED_PERSONALITIES >= 3
186 static const char *const errnoent2[] = {
187 #include "errnoent2.h"
189 static const char *const signalent2[] = {
190 #include "signalent2.h"
192 static const struct ioctlent ioctlent2[] = {
193 #include "ioctlent2.h"
195 enum { nsyscalls2 = ARRAY_SIZE(sysent2) };
196 enum { nerrnos2 = ARRAY_SIZE(errnoent2) };
197 enum { nsignals2 = ARRAY_SIZE(signalent2) };
198 enum { nioctlents2 = ARRAY_SIZE(ioctlent2) };
199 int qual_flags2[MAX_QUALS];
203 const struct sysent *sysent;
204 const char *const *errnoent;
205 const char *const *signalent;
206 const struct ioctlent *ioctlent;
213 int current_personality;
215 #ifndef PERSONALITY0_WORDSIZE
216 # define PERSONALITY0_WORDSIZE sizeof(long)
218 const int personality_wordsize[SUPPORTED_PERSONALITIES] = {
219 PERSONALITY0_WORDSIZE,
220 #if SUPPORTED_PERSONALITIES > 1
221 PERSONALITY1_WORDSIZE,
223 #if SUPPORTED_PERSONALITIES > 2
224 PERSONALITY2_WORDSIZE,
229 set_personality(int personality)
231 switch (personality) {
233 errnoent = errnoent0;
236 nsyscalls = nsyscalls0;
237 ioctlent = ioctlent0;
238 nioctlents = nioctlents0;
239 signalent = signalent0;
240 nsignals = nsignals0;
241 qual_flags = qual_flags0;
244 #if SUPPORTED_PERSONALITIES >= 2
246 errnoent = errnoent1;
249 nsyscalls = nsyscalls1;
250 ioctlent = ioctlent1;
251 nioctlents = nioctlents1;
252 signalent = signalent1;
253 nsignals = nsignals1;
254 qual_flags = qual_flags1;
258 #if SUPPORTED_PERSONALITIES >= 3
260 errnoent = errnoent2;
263 nsyscalls = nsyscalls2;
264 ioctlent = ioctlent2;
265 nioctlents = nioctlents2;
266 signalent = signalent2;
267 nsignals = nsignals2;
268 qual_flags = qual_flags2;
273 current_personality = personality;
276 #if SUPPORTED_PERSONALITIES > 1
278 update_personality(struct tcb *tcp, int personality)
280 if (personality == current_personality)
282 set_personality(personality);
284 if (personality == tcp->currpers)
286 tcp->currpers = personality;
288 #if defined(POWERPC64) || defined(X86_64)
290 static const char *const names[] = {"64 bit", "32 bit"};
291 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n",
292 tcp->pid, names[personality]);
298 static int qual_syscall(), qual_signal(), qual_fault(), qual_desc();
300 static const struct qual_options {
302 const char *option_name;
303 int (*qualify)(const char *, int, int);
304 const char *argument_name;
306 { QUAL_TRACE, "trace", qual_syscall, "system call" },
307 { QUAL_TRACE, "t", qual_syscall, "system call" },
308 { QUAL_ABBREV, "abbrev", qual_syscall, "system call" },
309 { QUAL_ABBREV, "a", qual_syscall, "system call" },
310 { QUAL_VERBOSE, "verbose", qual_syscall, "system call" },
311 { QUAL_VERBOSE, "v", qual_syscall, "system call" },
312 { QUAL_RAW, "raw", qual_syscall, "system call" },
313 { QUAL_RAW, "x", qual_syscall, "system call" },
314 { QUAL_SIGNAL, "signal", qual_signal, "signal" },
315 { QUAL_SIGNAL, "signals", qual_signal, "signal" },
316 { QUAL_SIGNAL, "s", qual_signal, "signal" },
317 { QUAL_FAULT, "fault", qual_fault, "fault" },
318 { QUAL_FAULT, "faults", qual_fault, "fault" },
319 { QUAL_FAULT, "m", qual_fault, "fault" },
320 { QUAL_READ, "read", qual_desc, "descriptor" },
321 { QUAL_READ, "reads", qual_desc, "descriptor" },
322 { QUAL_READ, "r", qual_desc, "descriptor" },
323 { QUAL_WRITE, "write", qual_desc, "descriptor" },
324 { QUAL_WRITE, "writes", qual_desc, "descriptor" },
325 { QUAL_WRITE, "w", qual_desc, "descriptor" },
326 { 0, NULL, NULL, NULL },
330 qualify_one(int n, int bitflag, int not, int pers)
332 if (pers == 0 || pers < 0) {
334 qual_flags0[n] &= ~bitflag;
336 qual_flags0[n] |= bitflag;
339 #if SUPPORTED_PERSONALITIES >= 2
340 if (pers == 1 || pers < 0) {
342 qual_flags1[n] &= ~bitflag;
344 qual_flags1[n] |= bitflag;
346 #endif /* SUPPORTED_PERSONALITIES >= 2 */
348 #if SUPPORTED_PERSONALITIES >= 3
349 if (pers == 2 || pers < 0) {
351 qual_flags2[n] &= ~bitflag;
353 qual_flags2[n] |= bitflag;
355 #endif /* SUPPORTED_PERSONALITIES >= 3 */
359 qual_syscall(const char *s, int bitflag, int not)
364 if (isdigit((unsigned char)*s)) {
366 if (i < 0 || i >= MAX_QUALS)
368 qualify_one(i, bitflag, not, -1);
371 for (i = 0; i < nsyscalls0; i++)
372 if (strcmp(s, sysent0[i].sys_name) == 0) {
373 qualify_one(i, bitflag, not, 0);
377 #if SUPPORTED_PERSONALITIES >= 2
378 for (i = 0; i < nsyscalls1; i++)
379 if (strcmp(s, sysent1[i].sys_name) == 0) {
380 qualify_one(i, bitflag, not, 1);
383 #endif /* SUPPORTED_PERSONALITIES >= 2 */
385 #if SUPPORTED_PERSONALITIES >= 3
386 for (i = 0; i < nsyscalls2; i++)
387 if (strcmp(s, sysent2[i].sys_name) == 0) {
388 qualify_one(i, bitflag, not, 2);
391 #endif /* SUPPORTED_PERSONALITIES >= 3 */
397 qual_signal(const char *s, int bitflag, int not)
402 if (isdigit((unsigned char)*s)) {
404 if (signo < 0 || signo >= MAX_QUALS)
406 qualify_one(signo, bitflag, not, -1);
409 if (strlen(s) >= sizeof buf)
413 if (strncasecmp(s, "SIG", 3) == 0)
415 for (i = 0; i <= NSIG; i++)
416 if (strcasecmp(s, signame(i) + 3) == 0) {
417 qualify_one(i, bitflag, not, -1);
424 qual_fault(const char *s, int bitflag, int not)
430 qual_desc(const char *s, int bitflag, int not)
432 if (isdigit((unsigned char)*s)) {
434 if (desc < 0 || desc >= MAX_QUALS)
436 qualify_one(desc, bitflag, not, -1);
443 lookup_class(const char *s)
445 if (strcmp(s, "file") == 0)
447 if (strcmp(s, "ipc") == 0)
449 if (strcmp(s, "network") == 0)
450 return TRACE_NETWORK;
451 if (strcmp(s, "process") == 0)
452 return TRACE_PROCESS;
453 if (strcmp(s, "signal") == 0)
455 if (strcmp(s, "desc") == 0)
461 qualify(const char *s)
463 const struct qual_options *opt;
469 opt = &qual_options[0];
470 for (i = 0; (p = qual_options[i].option_name); i++) {
472 if (strncmp(s, p, n) == 0 && s[n] == '=') {
473 opt = &qual_options[i];
483 if (strcmp(s, "none") == 0) {
487 if (strcmp(s, "all") == 0) {
488 for (i = 0; i < MAX_QUALS; i++) {
489 qualify_one(i, opt->bitflag, not, -1);
493 for (i = 0; i < MAX_QUALS; i++) {
494 qualify_one(i, opt->bitflag, !not, -1);
499 for (p = strtok(copy, ","); p; p = strtok(NULL, ",")) {
500 if (opt->bitflag == QUAL_TRACE && (n = lookup_class(p)) > 0) {
501 for (i = 0; i < nsyscalls0; i++)
502 if (sysent0[i].sys_flags & n)
503 qualify_one(i, opt->bitflag, not, 0);
505 #if SUPPORTED_PERSONALITIES >= 2
506 for (i = 0; i < nsyscalls1; i++)
507 if (sysent1[i].sys_flags & n)
508 qualify_one(i, opt->bitflag, not, 1);
509 #endif /* SUPPORTED_PERSONALITIES >= 2 */
511 #if SUPPORTED_PERSONALITIES >= 3
512 for (i = 0; i < nsyscalls2; i++)
513 if (sysent2[i].sys_flags & n)
514 qualify_one(i, opt->bitflag, not, 2);
515 #endif /* SUPPORTED_PERSONALITIES >= 3 */
519 if (opt->qualify(p, opt->bitflag, not)) {
520 fprintf(stderr, "strace: invalid %s `%s'\n",
521 opt->argument_name, p);
530 enum subcall_style { shift_style, deref_style, mask_style, door_style };
532 enum subcall_style { shift_style, deref_style, mask_style, door_style, table_style };
540 static const struct subcall subcalls_table[] = {
541 { SYS_shmsys, 5, { SYS_shmat, SYS_shmctl, SYS_shmdt, SYS_shmget, SYS_shmctl } },
543 { SYS_semsys, 4, { SYS___semctl, SYS_semget, SYS_semop, SYS_semconfig } },
545 { SYS_semsys, 3, { SYS___semctl, SYS_semget, SYS_semop } },
547 { SYS_msgsys, 4, { SYS_msgctl, SYS_msgget, SYS_msgsnd, SYS_msgrcv } },
551 #if !(defined(LINUX) && ( defined(ALPHA) || defined(MIPS) || defined(__ARM_EABI__) ))
554 decode_subcall(struct tcb *tcp, int subcall, int nsubcalls, enum subcall_style style)
556 unsigned long addr, mask;
558 int size = personality_wordsize[current_personality];
562 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= nsubcalls)
564 tcp->scno = subcall + tcp->u_arg[0];
565 tcp->u_nargs = n = sysent[tcp->scno].nargs;
566 for (i = 0; i < n; i++)
567 tcp->u_arg[i] = tcp->u_arg[i + 1];
570 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= nsubcalls)
572 tcp->scno = subcall + tcp->u_arg[0];
573 addr = tcp->u_arg[1];
574 tcp->u_nargs = n = sysent[tcp->scno].nargs;
575 for (i = 0; i < n; i++) {
576 if (size == sizeof(int)) {
578 if (umove(tcp, addr, &arg) < 0)
582 else if (size == sizeof(long)) {
584 if (umove(tcp, addr, &arg) < 0)
594 mask = (tcp->u_arg[0] >> 8) & 0xff;
595 for (i = 0; mask; i++)
599 tcp->u_arg[0] &= 0xff;
600 tcp->scno = subcall + i;
601 tcp->u_nargs = sysent[tcp->scno].nargs;
605 * Oh, yuck. The call code is the *sixth* argument.
606 * (don't you mean the *last* argument? - JH)
608 if (tcp->u_arg[5] < 0 || tcp->u_arg[5] >= nsubcalls)
610 tcp->scno = subcall + tcp->u_arg[5];
611 tcp->u_nargs = sysent[tcp->scno].nargs;
615 for (i = 0; i < ARRAY_SIZE(subcalls_table); i++)
616 if (subcalls_table[i].call == tcp->scno) break;
617 if (i < ARRAY_SIZE(subcalls_table) &&
618 tcp->u_arg[0] >= 0 && tcp->u_arg[0] < subcalls_table[i].nsubcalls) {
619 tcp->scno = subcalls_table[i].subcalls[tcp->u_arg[0]];
620 for (i = 0; i < tcp->u_nargs; i++)
621 tcp->u_arg[i] = tcp->u_arg[i + 1];
630 printargs(struct tcb *tcp)
635 for (i = 0; i < tcp->u_nargs; i++)
636 tprintf("%s%#lx", i ? ", " : "", tcp->u_arg[i]);
642 getrval2(struct tcb *tcp)
647 #if defined (SPARC) || defined (SPARC64)
649 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
651 val = regs.u_regs[U_REG_O1];
653 if (upeek(tcp, 4*(REG_REG0+1), &val) < 0)
656 if (upeek(tcp, PT_R9, &val) < 0)
662 if (upeek(tcp, uoff(u_rval2), &val) < 0)
668 val = tcp->status.PR_REG[R_O1];
671 val = tcp->status.PR_REG[EDX];
674 val = tcp->status.PR_REG[RDX];
677 val = tcp->status.PR_REG[CTX_V1];
683 pread(tcp->pfd_reg, ®s, sizeof(regs), 0);
691 * Apparently, indirect system calls have already be converted by ptrace(2),
692 * so if you see "indir" this program has gone astray.
695 sys_indir(struct tcb *tcp)
701 scno = tcp->u_arg[0];
702 if (!SCNO_IN_RANGE(scno)) {
703 fprintf(stderr, "Bogus syscall: %ld\n", scno);
706 nargs = sysent[scno].nargs;
707 tprints(sysent[scno].sys_name);
708 for (i = 0; i < nargs; i++)
709 tprintf(", %#lx", tcp->u_arg[i+1]);
716 is_restart_error(struct tcb *tcp)
719 switch (tcp->u_error) {
723 case ERESTART_RESTARTBLOCK:
734 struct pt_regs i386_regs;
735 # elif defined(X86_64)
737 * On 32 bits, pt_regs and user_regs_struct are the same,
738 * but on 64 bits, user_regs_struct has six more fields:
739 * fs_base, gs_base, ds, es, fs, gs.
740 * PTRACE_GETREGS fills them too, so struct pt_regs would overflow.
742 static struct user_regs_struct x86_64_regs;
743 # elif defined (IA64)
744 long r8, r10, psr; /* TODO: make static? */
745 long ia32 = 0; /* not static */
746 # elif defined (POWERPC)
748 # elif defined (M68K)
753 static struct pt_regs regs;
754 # elif defined (ALPHA)
757 # elif defined(AVR32)
758 static struct pt_regs regs;
759 # elif defined (SPARC) || defined (SPARC64)
760 static struct pt_regs regs;
761 static unsigned long trap;
762 # elif defined(LINUX_MIPSN32)
768 # elif defined(S390) || defined(S390X)
771 static long syscall_mode;
778 # elif defined(CRISV10) || defined(CRISV32)
780 # elif defined(MICROBLAZE)
785 struct reg regs; /* TODO: make static? */
789 * 0: "ignore this ptrace stop", bail out of trace_syscall() silently.
790 * 1: ok, continue in trace_syscall().
791 * other: error, trace_syscall() should print error indicator
792 * ("????" etc) and bail out.
798 get_scno(struct tcb *tcp)
803 # if defined(S390) || defined(S390X)
804 if (upeek(tcp, PT_GPR2, &syscall_mode) < 0)
807 if (syscall_mode != -ENOSYS) {
809 * Since kernel version 2.5.44 the scno gets passed in gpr2.
814 * Old style of "passing" the scno via the SVC instruction.
816 long opcode, offset_reg, tmp;
818 static const int gpr_offset[16] = {
819 PT_GPR0, PT_GPR1, PT_ORIGGPR2, PT_GPR3,
820 PT_GPR4, PT_GPR5, PT_GPR6, PT_GPR7,
821 PT_GPR8, PT_GPR9, PT_GPR10, PT_GPR11,
822 PT_GPR12, PT_GPR13, PT_GPR14, PT_GPR15
825 if (upeek(tcp, PT_PSWADDR, &pc) < 0)
828 opcode = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)(pc-sizeof(long)), 0);
830 perror("peektext(pc-oneword)");
835 * We have to check if the SVC got executed directly or via an
836 * EXECUTE instruction. In case of EXECUTE it is necessary to do
837 * instruction decoding to derive the system call number.
838 * Unfortunately the opcode sizes of EXECUTE and SVC are differently,
839 * so that this doesn't work if a SVC opcode is part of an EXECUTE
840 * opcode. Since there is no way to find out the opcode size this
841 * is the best we can do...
843 if ((opcode & 0xff00) == 0x0a00) {
845 scno = opcode & 0xff;
848 /* SVC got executed by EXECUTE instruction */
851 * Do instruction decoding of EXECUTE. If you really want to
852 * understand this, read the Principles of Operations.
854 svc_addr = (void *) (opcode & 0xfff);
857 offset_reg = (opcode & 0x000f0000) >> 16;
858 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
863 offset_reg = (opcode & 0x0000f000) >> 12;
864 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
868 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, svc_addr, 0);
877 offset_reg = (opcode & 0x00f00000) >> 20;
878 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0))
881 scno = (scno | tmp) & 0xff;
884 # elif defined (POWERPC)
885 if (upeek(tcp, sizeof(unsigned long)*PT_R0, &scno) < 0)
888 /* TODO: speed up strace by not doing this at every syscall.
889 * We only need to do it after execve.
895 /* Check for 64/32 bit mode. */
896 if (upeek(tcp, sizeof(unsigned long)*PT_MSR, &val) < 0)
898 /* SF is bit 0 of MSR */
903 update_personality(tcp, currpers);
905 # elif defined(AVR32)
906 /* Read complete register set in one go. */
907 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, ®s) < 0)
911 if (upeek(tcp, PT_ORIG_P0, &scno))
913 # elif defined (I386)
914 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &i386_regs) < 0)
916 scno = i386_regs.orig_eax;
917 # elif defined (X86_64)
919 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &x86_64_regs) < 0)
921 scno = x86_64_regs.orig_rax;
923 /* Check CS register value. On x86-64 linux it is:
924 * 0x33 for long mode (64 bit)
925 * 0x23 for compatibility mode (32 bit)
927 switch (x86_64_regs.cs) {
928 case 0x23: currpers = 1; break;
929 case 0x33: currpers = 0; break;
931 fprintf(stderr, "Unknown value CS=0x%08X while "
932 "detecting personality of process "
933 "PID=%d\n", (int)x86_64_regs.cs, tcp->pid);
934 currpers = current_personality;
938 /* This version analyzes the opcode of a syscall instruction.
939 * (int 0x80 on i386 vs. syscall on x86-64)
940 * It works, but is too complicated.
942 unsigned long val, rip, i;
944 rip = x86_64_regs.rip;
946 /* sizeof(syscall) == sizeof(int 0x80) == 2 */
950 call = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)rip, (char *)0);
952 fprintf(stderr, "ptrace_peektext failed: %s\n",
954 switch (call & 0xffff) {
955 /* x86-64: syscall = 0x0f 0x05 */
956 case 0x050f: currpers = 0; break;
957 /* i386: int 0x80 = 0xcd 0x80 */
958 case 0x80cd: currpers = 1; break;
960 currpers = current_personality;
962 "Unknown syscall opcode (0x%04X) while "
963 "detecting personality of process "
964 "PID=%d\n", (int)call, tcp->pid);
968 update_personality(tcp, currpers);
970 # define IA64_PSR_IS ((long)1 << 34)
971 if (upeek(tcp, PT_CR_IPSR, &psr) >= 0)
972 ia32 = (psr & IA64_PSR_IS) != 0;
974 if (upeek(tcp, PT_R1, &scno) < 0)
977 if (upeek(tcp, PT_R15, &scno) < 0)
981 /* Read complete register set in one go. */
982 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (void *)®s) == -1)
986 * We only need to grab the syscall number on syscall entry.
988 if (regs.ARM_ip == 0) {
990 * Note: we only deal with only 32-bit CPUs here.
992 if (regs.ARM_cpsr & 0x20) {
994 * Get the Thumb-mode system call number
999 * Get the ARM-mode system call number
1002 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, (void *)(regs.ARM_pc - 4), NULL);
1006 /* Handle the EABI syscall convention. We do not
1007 bother converting structures between the two
1008 ABIs, but basic functionality should work even
1009 if strace and the traced program have different
1011 if (scno == 0xef000000) {
1014 if ((scno & 0x0ff00000) != 0x0f900000) {
1015 fprintf(stderr, "syscall: unknown syscall trap 0x%08lx\n",
1021 * Fixup the syscall number
1026 if (scno & 0x0f0000) {
1028 * Handle ARM specific syscall
1030 update_personality(tcp, 1);
1033 update_personality(tcp, 0);
1036 fprintf(stderr, "pid %d stray syscall entry\n", tcp->pid);
1037 tcp->flags |= TCB_INSYSCALL;
1039 # elif defined (M68K)
1040 if (upeek(tcp, 4*PT_ORIG_D0, &scno) < 0)
1042 # elif defined (LINUX_MIPSN32)
1043 unsigned long long regs[38];
1045 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1051 if (!SCNO_IN_RANGE(scno)) {
1052 if (a3 == 0 || a3 == -1) {
1054 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno);
1058 # elif defined (MIPS)
1059 if (upeek(tcp, REG_A3, &a3) < 0)
1061 if (upeek(tcp, REG_V0, &scno) < 0)
1064 if (!SCNO_IN_RANGE(scno)) {
1065 if (a3 == 0 || a3 == -1) {
1067 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno);
1071 # elif defined (ALPHA)
1072 if (upeek(tcp, REG_A3, &a3) < 0)
1074 if (upeek(tcp, REG_R0, &scno) < 0)
1078 * Do some sanity checks to figure out if it's
1079 * really a syscall entry
1081 if (!SCNO_IN_RANGE(scno)) {
1082 if (a3 == 0 || a3 == -1) {
1084 fprintf(stderr, "stray syscall exit: r0 = %ld\n", scno);
1088 # elif defined (SPARC) || defined (SPARC64)
1089 /* Everything we need is in the current register set. */
1090 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
1093 /* Disassemble the syscall trap. */
1094 /* Retrieve the syscall trap instruction. */
1096 # if defined(SPARC64)
1097 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)regs.tpc, 0);
1100 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)regs.pc, 0);
1105 /* Disassemble the trap to see what personality to use. */
1108 /* Linux/SPARC syscall trap. */
1109 update_personality(tcp, 0);
1112 /* Linux/SPARC64 syscall trap. */
1113 update_personality(tcp, 2);
1116 /* SunOS syscall trap. (pers 1) */
1117 fprintf(stderr, "syscall: SunOS no support\n");
1120 /* Solaris 2.x syscall trap. (per 2) */
1121 update_personality(tcp, 1);
1124 /* NetBSD/FreeBSD syscall trap. */
1125 fprintf(stderr, "syscall: NetBSD/FreeBSD not supported\n");
1128 /* Solaris 2.x gettimeofday */
1129 update_personality(tcp, 1);
1132 # if defined (SPARC64)
1133 fprintf(stderr, "syscall: unknown syscall trap %08lx %016lx\n", trap, regs.tpc);
1135 fprintf(stderr, "syscall: unknown syscall trap %08lx %08lx\n", trap, regs.pc);
1140 /* Extract the system call number from the registers. */
1141 if (trap == 0x91d02027)
1144 scno = regs.u_regs[U_REG_G1];
1146 scno = regs.u_regs[U_REG_O0];
1147 memmove(®s.u_regs[U_REG_O0], ®s.u_regs[U_REG_O1], 7*sizeof(regs.u_regs[0]));
1149 # elif defined(HPPA)
1150 if (upeek(tcp, PT_GR20, &scno) < 0)
1154 * In the new syscall ABI, the system call number is in R3.
1156 if (upeek(tcp, 4*(REG_REG0+3), &scno) < 0)
1160 /* Odd as it may seem, a glibc bug has been known to cause
1161 glibc to issue bogus negative syscall numbers. So for
1162 our purposes, make strace print what it *should* have been */
1163 long correct_scno = (scno & 0xff);
1166 "Detected glibc bug: bogus system call"
1167 " number = %ld, correcting to %ld\n",
1170 scno = correct_scno;
1172 # elif defined(SH64)
1173 if (upeek(tcp, REG_SYSCALL, &scno) < 0)
1176 # elif defined(CRISV10) || defined(CRISV32)
1177 if (upeek(tcp, 4*PT_R9, &scno) < 0)
1179 # elif defined(TILE)
1180 if (upeek(tcp, PTREGS_OFFSET_REG(10), &scno) < 0)
1182 # elif defined(MICROBLAZE)
1183 if (upeek(tcp, 0, &scno) < 0)
1189 if (upeek(tcp, uoff(u_arg[7]), &scno) < 0)
1192 /* new syscall ABI returns result in R0 */
1193 if (upeek(tcp, 4*REG_REG0, (long *)&r0) < 0)
1196 /* ABI defines result returned in r9 */
1197 if (upeek(tcp, REG_GENERAL(9), (long *)&r9) < 0)
1202 # ifdef HAVE_PR_SYSCALL
1203 scno = tcp->status.PR_SYSCALL;
1206 scno = tcp->status.PR_WHAT;
1208 if (pread(tcp->pfd_reg, ®s, sizeof(regs), 0) < 0) {
1212 switch (regs.r_eax) {
1215 pread(tcp->pfd, &scno, sizeof(scno), regs.r_esp + sizeof(int));
1221 # endif /* FREEBSD */
1222 # endif /* !HAVE_PR_SYSCALL */
1223 #endif /* USE_PROCFS */
1230 known_scno(struct tcb *tcp)
1232 long scno = tcp->scno;
1233 #if SUPPORTED_PERSONALITIES > 1
1234 if (SCNO_IN_RANGE(scno) && sysent[scno].native_scno != 0)
1235 scno = sysent[scno].native_scno;
1238 scno += NR_SYSCALL_BASE;
1242 /* Called at each syscall entry.
1244 * 0: "ignore this ptrace stop", bail out of trace_syscall() silently.
1245 * 1: ok, continue in trace_syscall().
1246 * other: error, trace_syscall() should print error indicator
1247 * ("????" etc) and bail out.
1250 syscall_fixup_on_sysenter(struct tcb *tcp)
1253 int scno = known_scno(tcp);
1255 if (tcp->status.PR_WHY != PR_SYSENTRY) {
1259 || scno == SYS_vfork
1262 || scno == SYS_fork1
1265 || scno == SYS_forkall
1268 || scno == SYS_rfork1
1271 || scno == SYS_rforkall
1274 /* We are returning in the child, fake it. */
1275 tcp->status.PR_WHY = PR_SYSENTRY;
1277 tcp->status.PR_WHY = PR_SYSEXIT;
1280 fprintf(stderr, "syscall: missing entry\n");
1281 tcp->flags |= TCB_INSYSCALL;
1284 #endif /* USE_PROCFS */
1288 fprintf(stderr, "syscall: missing entry\n");
1289 tcp->flags |= TCB_INSYSCALL;
1294 /* A common case of "not a syscall entry" is post-execve SIGTRAP */
1296 if (i386_regs.eax != -ENOSYS) {
1298 fprintf(stderr, "not a syscall entry (eax = %ld)\n", i386_regs.eax);
1301 #elif defined (X86_64)
1303 long rax = x86_64_regs.rax;
1304 if (current_personality == 1)
1305 rax = (int)rax; /* sign extend from 32 bits */
1306 if (rax != -ENOSYS) {
1308 fprintf(stderr, "not a syscall entry (rax = %ld)\n", rax);
1312 #elif defined (S390) || defined (S390X)
1313 /* TODO: we already fetched PT_GPR2 in get_scno
1314 * and stored it in syscall_mode, reuse it here
1315 * instead of re-fetching?
1317 if (upeek(tcp, PT_GPR2, &gpr2) < 0)
1319 if (syscall_mode != -ENOSYS)
1320 syscall_mode = tcp->scno;
1321 if (gpr2 != syscall_mode) {
1323 fprintf(stderr, "not a syscall entry (gpr2 = %ld)\n", gpr2);
1326 #elif defined (M68K)
1327 /* TODO? Eliminate upeek's in arches below like we did in x86 */
1328 if (upeek(tcp, 4*PT_D0, &d0) < 0)
1330 if (d0 != -ENOSYS) {
1332 fprintf(stderr, "not a syscall entry (d0 = %ld)\n", d0);
1336 if (upeek(tcp, PT_R10, &r10) < 0)
1338 if (upeek(tcp, PT_R8, &r8) < 0)
1340 if (ia32 && r8 != -ENOSYS) {
1342 fprintf(stderr, "not a syscall entry (r8 = %ld)\n", r8);
1345 #elif defined(CRISV10) || defined(CRISV32)
1346 if (upeek(tcp, 4*PT_R10, &r10) < 0)
1348 if (r10 != -ENOSYS) {
1350 fprintf(stderr, "not a syscall entry (r10 = %ld)\n", r10);
1353 #elif defined(MICROBLAZE)
1354 if (upeek(tcp, 3 * 4, &r3) < 0)
1356 if (r3 != -ENOSYS) {
1358 fprintf(stderr, "not a syscall entry (r3 = %ld)\n", r3);
1367 internal_syscall(struct tcb *tcp)
1370 * We must always trace a few critical system calls in order to
1371 * correctly support following forks in the presence of tracing
1376 if (!SCNO_IN_RANGE(tcp->scno))
1379 func = sysent[tcp->scno].sys_func;
1381 if ( sys_fork == func
1382 #if defined(FREEBSD) || defined(LINUX) || defined(SUNOS4)
1383 || sys_vfork == func
1386 || sys_clone == func
1389 || sys_rfork == func
1392 return internal_fork(tcp);
1394 #if defined SUNOS4 || (defined LINUX && defined TCB_WAITEXECVE)
1395 if ( sys_execve == func
1396 # if defined(SPARC) || defined(SPARC64) || defined(SUNOS4)
1397 || sys_execv == func
1400 || sys_rexecve == func
1403 return internal_exec(tcp);
1410 syscall_enter(struct tcb *tcp)
1415 if (SCNO_IN_RANGE(tcp->scno))
1416 nargs = tcp->u_nargs = sysent[tcp->scno].nargs;
1418 nargs = tcp->u_nargs = MAX_ARGS;
1420 # if defined(S390) || defined(S390X)
1421 for (i = 0; i < nargs; ++i)
1422 if (upeek(tcp, i==0 ? PT_ORIGGPR2 : PT_GPR2 + i*sizeof(long), &tcp->u_arg[i]) < 0)
1424 # elif defined(ALPHA)
1425 for (i = 0; i < nargs; ++i)
1426 if (upeek(tcp, REG_A0+i, &tcp->u_arg[i]) < 0)
1428 # elif defined(IA64)
1430 unsigned long *out0, cfm, sof, sol;
1432 /* be backwards compatible with kernel < 2.4.4... */
1434 # define PT_RBS_END PT_AR_BSP
1437 if (upeek(tcp, PT_RBS_END, &rbs_end) < 0)
1439 if (upeek(tcp, PT_CFM, (long *) &cfm) < 0)
1442 sof = (cfm >> 0) & 0x7f;
1443 sol = (cfm >> 7) & 0x7f;
1444 out0 = ia64_rse_skip_regs((unsigned long *) rbs_end, -sof + sol);
1446 for (i = 0; i < nargs; ++i) {
1447 if (umoven(tcp, (unsigned long) ia64_rse_skip_regs(out0, i),
1448 sizeof(long), (char *) &tcp->u_arg[i]) < 0)
1452 static const int argreg[MAX_ARGS] = { PT_R11 /* EBX = out0 */,
1453 PT_R9 /* ECX = out1 */,
1454 PT_R10 /* EDX = out2 */,
1455 PT_R14 /* ESI = out3 */,
1456 PT_R15 /* EDI = out4 */,
1457 PT_R13 /* EBP = out5 */};
1459 for (i = 0; i < nargs; ++i) {
1460 if (upeek(tcp, argreg[i], &tcp->u_arg[i]) < 0)
1462 /* truncate away IVE sign-extension */
1463 tcp->u_arg[i] &= 0xffffffff;
1466 # elif defined(LINUX_MIPSN32) || defined(LINUX_MIPSN64)
1467 /* N32 and N64 both use up to six registers. */
1468 unsigned long long regs[38];
1470 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1473 for (i = 0; i < nargs; ++i) {
1474 tcp->u_arg[i] = regs[REG_A0 + i];
1475 # if defined(LINUX_MIPSN32)
1476 tcp->ext_arg[i] = regs[REG_A0 + i];
1479 # elif defined(MIPS)
1483 if (upeek(tcp, REG_SP, &sp) < 0)
1485 for (i = 0; i < 4; ++i)
1486 if (upeek(tcp, REG_A0 + i, &tcp->u_arg[i]) < 0)
1488 umoven(tcp, sp + 16, (nargs - 4) * sizeof(tcp->u_arg[0]),
1489 (char *)(tcp->u_arg + 4));
1491 for (i = 0; i < nargs; ++i)
1492 if (upeek(tcp, REG_A0 + i, &tcp->u_arg[i]) < 0)
1495 # elif defined(POWERPC)
1497 # define PT_ORIG_R3 34
1499 for (i = 0; i < nargs; ++i) {
1500 if (upeek(tcp, (i==0) ?
1501 (sizeof(unsigned long) * PT_ORIG_R3) :
1502 ((i+PT_R3) * sizeof(unsigned long)),
1503 &tcp->u_arg[i]) < 0)
1506 # elif defined(SPARC) || defined(SPARC64)
1507 for (i = 0; i < nargs; ++i)
1508 tcp->u_arg[i] = regs.u_regs[U_REG_O0 + i];
1509 # elif defined(HPPA)
1510 for (i = 0; i < nargs; ++i)
1511 if (upeek(tcp, PT_GR26-4*i, &tcp->u_arg[i]) < 0)
1514 for (i = 0; i < nargs; ++i)
1515 tcp->u_arg[i] = regs.uregs[i];
1516 # elif defined(AVR32)
1519 tcp->u_arg[0] = regs.r12;
1520 tcp->u_arg[1] = regs.r11;
1521 tcp->u_arg[2] = regs.r10;
1522 tcp->u_arg[3] = regs.r9;
1523 tcp->u_arg[4] = regs.r5;
1524 tcp->u_arg[5] = regs.r3;
1525 # elif defined(BFIN)
1526 static const int argreg[MAX_ARGS] = { PT_R0, PT_R1, PT_R2, PT_R3, PT_R4, PT_R5 };
1528 for (i = 0; i < nargs; ++i)
1529 if (upeek(tcp, argreg[i], &tcp->u_arg[i]) < 0)
1532 static const int syscall_regs[MAX_ARGS] = {
1533 4 * (REG_REG0+4), 4 * (REG_REG0+5), 4 * (REG_REG0+6),
1534 4 * (REG_REG0+7), 4 * (REG_REG0 ), 4 * (REG_REG0+1)
1537 for (i = 0; i < nargs; ++i)
1538 if (upeek(tcp, syscall_regs[i], &tcp->u_arg[i]) < 0)
1540 # elif defined(SH64)
1542 /* Registers used by SH5 Linux system calls for parameters */
1543 static const int syscall_regs[MAX_ARGS] = { 2, 3, 4, 5, 6, 7 };
1545 for (i = 0; i < nargs; ++i)
1546 if (upeek(tcp, REG_GENERAL(syscall_regs[i]), &tcp->u_arg[i]) < 0)
1548 # elif defined(X86_64)
1551 if (current_personality == 0) { /* x86-64 ABI */
1552 tcp->u_arg[0] = x86_64_regs.rdi;
1553 tcp->u_arg[1] = x86_64_regs.rsi;
1554 tcp->u_arg[2] = x86_64_regs.rdx;
1555 tcp->u_arg[3] = x86_64_regs.r10;
1556 tcp->u_arg[4] = x86_64_regs.r8;
1557 tcp->u_arg[5] = x86_64_regs.r9;
1558 } else { /* i386 ABI */
1559 /* Sign-extend lower 32 bits */
1560 tcp->u_arg[0] = (long)(int)x86_64_regs.rbx;
1561 tcp->u_arg[1] = (long)(int)x86_64_regs.rcx;
1562 tcp->u_arg[2] = (long)(int)x86_64_regs.rdx;
1563 tcp->u_arg[3] = (long)(int)x86_64_regs.rsi;
1564 tcp->u_arg[4] = (long)(int)x86_64_regs.rdi;
1565 tcp->u_arg[5] = (long)(int)x86_64_regs.rbp;
1567 # elif defined(MICROBLAZE)
1568 for (i = 0; i < nargs; ++i)
1569 if (upeek(tcp, (5 + i) * 4, &tcp->u_arg[i]) < 0)
1571 # elif defined(CRISV10) || defined(CRISV32)
1572 static const int crisregs[MAX_ARGS] = {
1573 4*PT_ORIG_R10, 4*PT_R11, 4*PT_R12,
1574 4*PT_R13 , 4*PT_MOF, 4*PT_SRP
1577 for (i = 0; i < nargs; ++i)
1578 if (upeek(tcp, crisregs[i], &tcp->u_arg[i]) < 0)
1580 # elif defined(TILE)
1581 for (i = 0; i < nargs; ++i)
1582 if (upeek(tcp, PTREGS_OFFSET_REG(i), &tcp->u_arg[i]) < 0)
1584 # elif defined(M68K)
1585 for (i = 0; i < nargs; ++i)
1586 if (upeek(tcp, (i < 5 ? i : i + 2)*4, &tcp->u_arg[i]) < 0)
1588 # elif defined(I386)
1591 tcp->u_arg[0] = i386_regs.ebx;
1592 tcp->u_arg[1] = i386_regs.ecx;
1593 tcp->u_arg[2] = i386_regs.edx;
1594 tcp->u_arg[3] = i386_regs.esi;
1595 tcp->u_arg[4] = i386_regs.edi;
1596 tcp->u_arg[5] = i386_regs.ebp;
1597 # else /* Other architecture (32bits specific) */
1598 for (i = 0; i < nargs; ++i)
1599 if (upeek(tcp, i*4, &tcp->u_arg[i]) < 0)
1605 if (SCNO_IN_RANGE(tcp->scno))
1606 nargs = tcp->u_nargs = sysent[tcp->scno].nargs;
1608 nargs = tcp->u_nargs = MAX_ARGS;
1609 for (i = 0; i < nargs; i++) {
1612 if (upeek(tcp, uoff(u_arg[0]) +
1613 (i * sizeof(u->u_arg[0])), &tcp->u_arg[i]) < 0)
1620 * SGI is broken: even though it has pr_sysarg, it doesn't
1621 * set them on system call entry. Get a clue.
1623 if (SCNO_IN_RANGE(tcp->scno))
1624 tcp->u_nargs = sysent[tcp->scno].nargs;
1626 tcp->u_nargs = tcp->status.pr_nsysarg;
1627 if (tcp->u_nargs > 4) {
1628 memcpy(tcp->u_arg, &tcp->status.pr_reg[CTX_A0],
1629 4 * sizeof(tcp->u_arg[0]));
1630 umoven(tcp, tcp->status.pr_reg[CTX_SP] + 16,
1631 (tcp->u_nargs - 4) * sizeof(tcp->u_arg[0]), (char *) (tcp->u_arg + 4));
1634 memcpy(tcp->u_arg, &tcp->status.pr_reg[CTX_A0],
1635 tcp->u_nargs * sizeof(tcp->u_arg[0]));
1637 # elif UNIXWARE >= 2
1639 * Like SGI, UnixWare doesn't set pr_sysarg until system call exit
1641 if (SCNO_IN_RANGE(tcp->scno))
1642 tcp->u_nargs = sysent[tcp->scno].nargs;
1644 tcp->u_nargs = tcp->status.pr_lwp.pr_nsysarg;
1645 umoven(tcp, tcp->status.PR_REG[UESP] + 4,
1646 tcp->u_nargs * sizeof(tcp->u_arg[0]), (char *) tcp->u_arg);
1647 # elif defined(HAVE_PR_SYSCALL)
1649 if (SCNO_IN_RANGE(tcp->scno))
1650 tcp->u_nargs = sysent[tcp->scno].nargs;
1652 tcp->u_nargs = tcp->status.pr_nsysarg;
1653 for (i = 0; i < tcp->u_nargs; i++)
1654 tcp->u_arg[i] = tcp->status.pr_sysarg[i];
1655 # elif defined(I386)
1656 if (SCNO_IN_RANGE(tcp->scno))
1657 tcp->u_nargs = sysent[tcp->scno].nargs;
1660 if (tcp->u_nargs > 0)
1661 umoven(tcp, tcp->status.PR_REG[UESP] + 4,
1662 tcp->u_nargs * sizeof(tcp->u_arg[0]), (char *) tcp->u_arg);
1664 I DONT KNOW WHAT TO DO
1668 if (SCNO_IN_RANGE(tcp->scno) &&
1669 sysent[tcp->scno].nargs > tcp->status.val)
1670 tcp->u_nargs = sysent[tcp->scno].nargs;
1672 tcp->u_nargs = tcp->status.val;
1673 if (tcp->u_nargs < 0)
1675 if (tcp->u_nargs > MAX_ARGS)
1676 tcp->u_nargs = MAX_ARGS;
1677 switch (regs.r_eax) {
1679 pread(tcp->pfd, &tcp->u_arg, tcp->u_nargs * sizeof(unsigned long),
1680 regs.r_esp + sizeof(int) + sizeof(quad_t));
1683 pread(tcp->pfd, &tcp->u_arg, tcp->u_nargs * sizeof(unsigned long),
1684 regs.r_esp + 2 * sizeof(int));
1687 pread(tcp->pfd, &tcp->u_arg, tcp->u_nargs * sizeof(unsigned long),
1688 regs.r_esp + sizeof(int));
1691 #endif /* FREEBSD */
1696 trace_syscall_entering(struct tcb *tcp)
1700 #if defined TCB_WAITEXECVE
1701 if (tcp->flags & TCB_WAITEXECVE) {
1702 /* This is the post-execve SIGTRAP. */
1703 tcp->flags &= ~TCB_WAITEXECVE;
1708 scno_good = res = get_scno(tcp);
1712 res = syscall_fixup_on_sysenter(tcp);
1716 res = syscall_enter(tcp);
1722 tcp->flags &= ~TCB_REPRINT;
1724 tprintf("????" /* anti-trigraph gap */ "(");
1725 else if (!SCNO_IN_RANGE(tcp->scno))
1726 tprintf("syscall_%lu(", tcp->scno);
1728 tprintf("%s(", sysent[tcp->scno].sys_name);
1730 * " <unavailable>" will be added later by the code which
1731 * detects ptrace errors.
1736 switch (known_scno(tcp)) {
1737 #ifdef SYS_socket_subcall
1738 case SYS_socketcall:
1739 decode_subcall(tcp, SYS_socket_subcall,
1740 SYS_socket_nsubcalls, deref_style);
1743 #ifdef SYS_ipc_subcall
1745 decode_subcall(tcp, SYS_ipc_subcall,
1746 SYS_ipc_nsubcalls, shift_style);
1750 #ifdef SYS_pgrpsys_subcall
1752 decode_subcall(tcp, SYS_pgrpsys_subcall,
1753 SYS_pgrpsys_nsubcalls, shift_style);
1755 #endif /* SYS_pgrpsys_subcall */
1756 #ifdef SYS_sigcall_subcall
1758 decode_subcall(tcp, SYS_sigcall_subcall,
1759 SYS_sigcall_nsubcalls, mask_style);
1761 #endif /* SYS_sigcall_subcall */
1763 decode_subcall(tcp, SYS_msgsys_subcall,
1764 SYS_msgsys_nsubcalls, shift_style);
1767 decode_subcall(tcp, SYS_shmsys_subcall,
1768 SYS_shmsys_nsubcalls, shift_style);
1771 decode_subcall(tcp, SYS_semsys_subcall,
1772 SYS_semsys_nsubcalls, shift_style);
1775 decode_subcall(tcp, SYS_sysfs_subcall,
1776 SYS_sysfs_nsubcalls, shift_style);
1779 decode_subcall(tcp, SYS_spcall_subcall,
1780 SYS_spcall_nsubcalls, shift_style);
1782 #ifdef SYS_context_subcall
1784 decode_subcall(tcp, SYS_context_subcall,
1785 SYS_context_nsubcalls, shift_style);
1787 #endif /* SYS_context_subcall */
1788 #ifdef SYS_door_subcall
1790 decode_subcall(tcp, SYS_door_subcall,
1791 SYS_door_nsubcalls, door_style);
1793 #endif /* SYS_door_subcall */
1794 #ifdef SYS_kaio_subcall
1796 decode_subcall(tcp, SYS_kaio_subcall,
1797 SYS_kaio_nsubcalls, shift_style);
1805 decode_subcall(tcp, 0, 0, table_style);
1810 decode_subcall(tcp, SYS_semsys_subcall,
1811 SYS_semsys_nsubcalls, shift_style);
1814 decode_subcall(tcp, SYS_msgsys_subcall,
1815 SYS_msgsys_nsubcalls, shift_style);
1818 decode_subcall(tcp, SYS_shmsys_subcall,
1819 SYS_shmsys_nsubcalls, shift_style);
1824 internal_syscall(tcp);
1826 if ((SCNO_IN_RANGE(tcp->scno) &&
1827 !(qual_flags[tcp->scno] & QUAL_TRACE)) ||
1828 (tracing_paths && !pathtrace_match(tcp))) {
1829 tcp->flags |= TCB_INSYSCALL | TCB_FILTERED;
1833 tcp->flags &= ~TCB_FILTERED;
1835 if (cflag == CFLAG_ONLY_STATS) {
1841 tcp->flags &= ~TCB_REPRINT;
1842 if (!SCNO_IN_RANGE(tcp->scno))
1843 tprintf("syscall_%lu(", tcp->scno);
1845 tprintf("%s(", sysent[tcp->scno].sys_name);
1846 if (!SCNO_IN_RANGE(tcp->scno) ||
1847 ((qual_flags[tcp->scno] & QUAL_RAW) &&
1848 sysent[tcp->scno].sys_func != sys_exit))
1849 res = printargs(tcp);
1851 res = (*sysent[tcp->scno].sys_func)(tcp);
1853 if (fflush(tcp->outf) == EOF)
1856 tcp->flags |= TCB_INSYSCALL;
1857 /* Measure the entrance time as late as possible to avoid errors. */
1859 gettimeofday(&tcp->etime, NULL);
1864 * 0: "ignore this ptrace stop", bail out of trace_syscall() silently.
1865 * 1: ok, continue in trace_syscall().
1866 * other: error, trace_syscall() should print error indicator
1867 * ("????" etc) and bail out.
1870 get_syscall_result(struct tcb *tcp)
1873 # if defined(S390) || defined(S390X)
1874 if (upeek(tcp, PT_GPR2, &gpr2) < 0)
1876 # elif defined (POWERPC)
1877 # define SO_MASK 0x10000000
1880 if (upeek(tcp, sizeof(unsigned long)*PT_CCR, &flags) < 0)
1882 if (upeek(tcp, sizeof(unsigned long)*PT_R3, &result) < 0)
1884 if (flags & SO_MASK)
1887 # elif defined(AVR32)
1888 /* Read complete register set in one go. */
1889 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, ®s) < 0)
1891 # elif defined(BFIN)
1892 if (upeek(tcp, PT_R0, &r0) < 0)
1894 # elif defined (I386)
1895 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &i386_regs) < 0)
1897 # elif defined (X86_64)
1898 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) &x86_64_regs) < 0)
1900 # elif defined(IA64)
1901 # define IA64_PSR_IS ((long)1 << 34)
1902 if (upeek(tcp, PT_CR_IPSR, &psr) >= 0)
1903 ia32 = (psr & IA64_PSR_IS) != 0;
1904 if (upeek(tcp, PT_R8, &r8) < 0)
1906 if (upeek(tcp, PT_R10, &r10) < 0)
1908 # elif defined (ARM)
1909 /* Read complete register set in one go. */
1910 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (void *)®s) == -1)
1912 # elif defined (M68K)
1913 if (upeek(tcp, 4*PT_D0, &d0) < 0)
1915 # elif defined (LINUX_MIPSN32)
1916 unsigned long long regs[38];
1918 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0)
1922 # elif defined (MIPS)
1923 if (upeek(tcp, REG_A3, &a3) < 0)
1925 if (upeek(tcp, REG_V0, &r2) < 0)
1927 # elif defined (ALPHA)
1928 if (upeek(tcp, REG_A3, &a3) < 0)
1930 if (upeek(tcp, REG_R0, &r0) < 0)
1932 # elif defined (SPARC) || defined (SPARC64)
1933 /* Everything we need is in the current register set. */
1934 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0)
1936 # elif defined(HPPA)
1937 if (upeek(tcp, PT_GR28, &r28) < 0)
1940 # elif defined(SH64)
1941 # elif defined(CRISV10) || defined(CRISV32)
1942 if (upeek(tcp, 4*PT_R10, &r10) < 0)
1944 # elif defined(TILE)
1945 # elif defined(MICROBLAZE)
1946 if (upeek(tcp, 3 * 4, &r3) < 0)
1953 /* new syscall ABI returns result in R0 */
1954 if (upeek(tcp, 4*REG_REG0, (long *)&r0) < 0)
1957 /* ABI defines result returned in r9 */
1958 if (upeek(tcp, REG_GENERAL(9), (long *)&r9) < 0)
1963 # ifndef HAVE_PR_SYSCALL
1965 if (pread(tcp->pfd_reg, ®s, sizeof(regs), 0) < 0) {
1969 # endif /* FREEBSD */
1970 # endif /* !HAVE_PR_SYSCALL */
1971 #endif /* USE_PROCFS */
1976 /* Called at each syscall exit.
1978 * 0: "ignore this ptrace stop", bail out of trace_syscall() silently.
1979 * 1: ok, continue in trace_syscall().
1980 * other: error, trace_syscall() should print error indicator
1981 * ("????" etc) and bail out.
1984 syscall_fixup_on_sysexit(struct tcb *tcp)
1987 if (tcp->status.PR_WHY != PR_SYSEXIT) {
1988 fprintf(stderr, "syscall: missing exit\n");
1989 tcp->flags &= ~TCB_INSYSCALL;
1991 #endif /* USE_PROCFS */
1995 int scno = known_scno(tcp);
1999 * This happens when a signal handler
2000 * for a signal which interrupted a
2001 * a system call makes another system call.
2003 fprintf(stderr, "syscall: missing exit\n");
2005 tcp->flags &= ~TCB_INSYSCALL;
2011 # if defined (S390) || defined (S390X)
2012 if (syscall_mode != -ENOSYS)
2013 syscall_mode = tcp->scno;
2014 if ((tcp->flags & TCB_WAITEXECVE)
2015 && (gpr2 == -ENOSYS || gpr2 == tcp->scno)) {
2017 * Return from execve.
2018 * Fake a return value of zero. We leave the TCB_WAITEXECVE
2019 * flag set for the post-execve SIGTRAP to see and reset.
2030 * Check the syscall return value register value for whether it is
2031 * a negated errno code indicating an error, or a success return value.
2034 is_negated_errno(unsigned long int val)
2036 unsigned long int max = -(long int) nerrnos;
2037 # if SUPPORTED_PERSONALITIES > 1
2038 if (personality_wordsize[current_personality] < sizeof(val)) {
2039 val = (unsigned int) val;
2040 max = (unsigned int) max;
2048 get_error(struct tcb *tcp)
2052 int check_errno = 1;
2053 if (SCNO_IN_RANGE(tcp->scno) &&
2054 sysent[tcp->scno].sys_flags & SYSCALL_NEVER_FAILS) {
2057 # if defined(S390) || defined(S390X)
2058 if (check_errno && is_negated_errno(gpr2)) {
2065 # elif defined(I386)
2066 if (check_errno && is_negated_errno(i386_regs.eax)) {
2068 u_error = -i386_regs.eax;
2071 tcp->u_rval = i386_regs.eax;
2073 # elif defined(X86_64)
2074 if (check_errno && is_negated_errno(x86_64_regs.rax)) {
2076 u_error = -x86_64_regs.rax;
2079 tcp->u_rval = x86_64_regs.rax;
2081 # elif defined(IA64)
2086 if (check_errno && is_negated_errno(err)) {
2094 if (check_errno && r10) {
2101 # elif defined(MIPS)
2102 if (check_errno && a3) {
2108 # elif defined(POWERPC)
2109 if (check_errno && is_negated_errno(result)) {
2114 tcp->u_rval = result;
2116 # elif defined(M68K)
2117 if (check_errno && is_negated_errno(d0)) {
2125 if (check_errno && is_negated_errno(regs.ARM_r0)) {
2127 u_error = -regs.ARM_r0;
2130 tcp->u_rval = regs.ARM_r0;
2132 # elif defined(AVR32)
2133 if (check_errno && regs.r12 && (unsigned) -regs.r12 < nerrnos) {
2135 u_error = -regs.r12;
2138 tcp->u_rval = regs.r12;
2140 # elif defined(BFIN)
2141 if (check_errno && is_negated_errno(r0)) {
2147 # elif defined(ALPHA)
2148 if (check_errno && a3) {
2155 # elif defined(SPARC)
2156 if (check_errno && regs.psr & PSR_C) {
2158 u_error = regs.u_regs[U_REG_O0];
2161 tcp->u_rval = regs.u_regs[U_REG_O0];
2163 # elif defined(SPARC64)
2164 if (check_errno && regs.tstate & 0x1100000000UL) {
2166 u_error = regs.u_regs[U_REG_O0];
2169 tcp->u_rval = regs.u_regs[U_REG_O0];
2171 # elif defined(HPPA)
2172 if (check_errno && is_negated_errno(r28)) {
2180 if (check_errno && is_negated_errno(r0)) {
2187 # elif defined(SH64)
2188 if (check_errno && is_negated_errno(r9)) {
2195 # elif defined(CRISV10) || defined(CRISV32)
2196 if (check_errno && r10 && (unsigned) -r10 < nerrnos) {
2203 # elif defined(TILE)
2205 if (upeek(tcp, PTREGS_OFFSET_REG(0), &rval) < 0)
2207 if (check_errno && rval < 0 && rval > -nerrnos) {
2214 # elif defined(MICROBLAZE)
2215 if (check_errno && is_negated_errno(r3)) {
2225 /* get error code from user struct */
2226 if (upeek(tcp, uoff(u_error), &u_error) < 0)
2228 u_error >>= 24; /* u_error is a char */
2230 /* get system call return value */
2231 if (upeek(tcp, uoff(u_rval1), &tcp->u_rval) < 0)
2236 /* Judicious guessing goes a long way. */
2237 if (tcp->status.pr_reg[R_PSR] & 0x100000) {
2239 u_error = tcp->status.pr_reg[R_O0];
2242 tcp->u_rval = tcp->status.pr_reg[R_O0];
2246 if (tcp->status.PR_REG[EFL] & 0x1) {
2248 u_error = tcp->status.PR_REG[EAX];
2251 tcp->u_rval = tcp->status.PR_REG[EAX];
2252 # ifdef HAVE_LONG_LONG
2254 ((unsigned long long) tcp->status.PR_REG[EDX] << 32) +
2255 tcp->status.PR_REG[EAX];
2260 if (tcp->status.PR_REG[EFLAGS] & 0x1) {
2262 u_error = tcp->status.PR_REG[RAX];
2265 tcp->u_rval = tcp->status.PR_REG[RAX];
2267 # endif /* X86_64 */
2269 if (tcp->status.pr_reg[CTX_A3]) {
2271 u_error = tcp->status.pr_reg[CTX_V0];
2274 tcp->u_rval = tcp->status.pr_reg[CTX_V0];
2279 if (regs.r_eflags & PSL_C) {
2281 u_error = regs.r_eax;
2283 tcp->u_rval = regs.r_eax;
2285 ((unsigned long long) regs.r_edx << 32) + regs.r_eax;
2287 #endif /* FREEBSD */
2288 tcp->u_error = u_error;
2293 dumpio(struct tcb *tcp)
2297 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= MAX_QUALS)
2299 if (!SCNO_IN_RANGE(tcp->scno))
2301 if (sysent[tcp->scno].sys_func == printargs)
2303 if (qual_flags[tcp->u_arg[0]] & QUAL_READ) {
2304 if (sysent[tcp->scno].sys_func == sys_read ||
2305 sysent[tcp->scno].sys_func == sys_pread ||
2306 sysent[tcp->scno].sys_func == sys_pread64 ||
2307 sysent[tcp->scno].sys_func == sys_recv ||
2308 sysent[tcp->scno].sys_func == sys_recvfrom)
2309 dumpstr(tcp, tcp->u_arg[1], tcp->u_rval);
2310 else if (sysent[tcp->scno].sys_func == sys_readv)
2311 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]);
2314 if (qual_flags[tcp->u_arg[0]] & QUAL_WRITE) {
2315 if (sysent[tcp->scno].sys_func == sys_write ||
2316 sysent[tcp->scno].sys_func == sys_pwrite ||
2317 sysent[tcp->scno].sys_func == sys_pwrite64 ||
2318 sysent[tcp->scno].sys_func == sys_send ||
2319 sysent[tcp->scno].sys_func == sys_sendto)
2320 dumpstr(tcp, tcp->u_arg[1], tcp->u_arg[2]);
2321 else if (sysent[tcp->scno].sys_func == sys_writev)
2322 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]);
2328 trace_syscall_exiting(struct tcb *tcp)
2335 /* Measure the exit time as early as possible to avoid errors. */
2337 gettimeofday(&tv, NULL);
2339 #if SUPPORTED_PERSONALITIES > 1
2340 update_personality(tcp, tcp->currpers);
2342 res = get_syscall_result(tcp);
2346 res = syscall_fixup_on_sysexit(tcp);
2350 res = get_error(tcp);
2354 internal_syscall(tcp);
2356 if (res == 1 && filtered(tcp)) {
2360 if (tcp->flags & TCB_REPRINT) {
2362 if (!SCNO_IN_RANGE(tcp->scno))
2363 tprintf("<... syscall_%lu resumed> ", tcp->scno);
2365 tprintf("<... %s resumed> ", sysent[tcp->scno].sys_name);
2369 struct timeval t = tv;
2370 count_syscall(tcp, &t);
2371 if (cflag == CFLAG_ONLY_STATS) {
2379 tprints("= ? <unavailable>\n");
2380 printing_tcp = NULL;
2381 tcp->flags &= ~TCB_INSYSCALL;
2385 if (!SCNO_IN_RANGE(tcp->scno)
2386 || (qual_flags[tcp->scno] & QUAL_RAW))
2387 sys_res = printargs(tcp);
2389 /* FIXME: not_failing_only (IOW, option -z) is broken:
2390 * failure of syscall is known only after syscall return.
2391 * Thus we end up with something like this on, say, ENOENT:
2392 * open("doesnt_exist", O_RDONLY <unfinished ...>
2393 * {next syscall decode}
2394 * whereas the intended result is that open(...) line
2395 * is not shown at all.
2397 if (not_failing_only && tcp->u_error)
2398 goto ret; /* ignore failed syscalls */
2399 sys_res = (*sysent[tcp->scno].sys_func)(tcp);
2404 u_error = tcp->u_error;
2405 if (!SCNO_IN_RANGE(tcp->scno) ||
2406 qual_flags[tcp->scno] & QUAL_RAW) {
2408 tprintf("= -1 (errno %ld)", u_error);
2410 tprintf("= %#lx", tcp->u_rval);
2412 else if (!(sys_res & RVAL_NONE) && u_error) {
2415 /* Blocked signals do not interrupt any syscalls.
2416 * In this case syscalls don't return ERESTARTfoo codes.
2418 * Deadly signals set to SIG_DFL interrupt syscalls
2419 * and kill the process regardless of which of the codes below
2420 * is returned by the interrupted syscall.
2421 * In some cases, kernel forces a kernel-generated deadly
2422 * signal to be unblocked and set to SIG_DFL (and thus cause
2423 * death) if it is blocked or SIG_IGNed: for example, SIGSEGV
2424 * or SIGILL. (The alternative is to leave process spinning
2425 * forever on the faulty instruction - not useful).
2427 * SIG_IGNed signals and non-deadly signals set to SIG_DFL
2428 * (for example, SIGCHLD, SIGWINCH) interrupt syscalls,
2429 * but kernel will always restart them.
2432 /* Most common type of signal-interrupted syscall exit code.
2433 * The system call will be restarted with the same arguments
2434 * if SA_RESTART is set; otherwise, it will fail with EINTR.
2436 tprints("= ? ERESTARTSYS (To be restarted if SA_RESTART is set)");
2438 case ERESTARTNOINTR:
2439 /* Rare. For example, fork() returns this if interrupted.
2440 * SA_RESTART is ignored (assumed set): the restart is unconditional.
2442 tprints("= ? ERESTARTNOINTR (To be restarted)");
2444 case ERESTARTNOHAND:
2445 /* pause(), rt_sigsuspend() etc use this code.
2446 * SA_RESTART is ignored (assumed not set):
2447 * syscall won't restart (will return EINTR instead)
2448 * even after signal with SA_RESTART set.
2449 * However, after SIG_IGN or SIG_DFL signal it will.
2451 tprints("= ? ERESTARTNOHAND (Interrupted by signal)");
2453 case ERESTART_RESTARTBLOCK:
2454 /* Syscalls like nanosleep(), poll() which can't be
2455 * restarted with their original arguments use this
2456 * code. Kernel will execute restart_syscall() instead,
2457 * which changes arguments before restarting syscall.
2458 * SA_RESTART is ignored (assumed not set) similarly
2459 * to ERESTARTNOHAND. (Kernel can't honor SA_RESTART
2460 * since restart data is saved in "restart block"
2461 * in task struct, and if signal handler uses a syscall
2462 * which in turn saves another such restart block,
2463 * old data is lost and restart becomes impossible)
2465 tprints("= ? ERESTART_RESTARTBLOCK (Interrupted by signal)");
2470 tprintf("= -1 E??? (errno %ld)", u_error);
2471 else if (u_error < nerrnos)
2472 tprintf("= -1 %s (%s)", errnoent[u_error],
2475 tprintf("= -1 ERRNO_%ld (%s)", u_error,
2479 if ((sys_res & RVAL_STR) && tcp->auxstr)
2480 tprintf(" (%s)", tcp->auxstr);
2483 if (sys_res & RVAL_NONE)
2486 switch (sys_res & RVAL_MASK) {
2488 tprintf("= %#lx", tcp->u_rval);
2491 tprintf("= %#lo", tcp->u_rval);
2494 tprintf("= %lu", tcp->u_rval);
2497 tprintf("= %ld", tcp->u_rval);
2499 #ifdef HAVE_LONG_LONG
2501 tprintf("= %#llx", tcp->u_lrval);
2504 tprintf("= %#llo", tcp->u_lrval);
2506 case RVAL_LUDECIMAL:
2507 tprintf("= %llu", tcp->u_lrval);
2510 tprintf("= %lld", tcp->u_lrval);
2515 "invalid rval format\n");
2519 if ((sys_res & RVAL_STR) && tcp->auxstr)
2520 tprintf(" (%s)", tcp->auxstr);
2523 tv_sub(&tv, &tv, &tcp->etime);
2524 tprintf(" <%ld.%06ld>",
2525 (long) tv.tv_sec, (long) tv.tv_usec);
2528 printing_tcp = NULL;
2531 if (fflush(tcp->outf) == EOF)
2534 tcp->flags &= ~TCB_INSYSCALL;
2539 trace_syscall(struct tcb *tcp)
2541 return exiting(tcp) ?
2542 trace_syscall_exiting(tcp) : trace_syscall_entering(tcp);
projects / strace / blob