2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl>
3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl>
4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com>
5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl>
6 * Copyright (c) 1999 IBM Deutschland Entwicklung GmbH, IBM Corporation
7 * Linux for s390 port by D.J. Barrow
8 * <barrow_dj@mail.yahoo.com,djbarrow@de.ibm.com>
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. The name of the author may not be used to endorse or promote products
20 * derived from this software without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39 #include <sys/syscall.h>
41 #include <sys/param.h>
47 #include <machine/reg.h>
52 #if defined(linux) && (__GLIBC__ < 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ < 1))
53 #include <linux/ptrace.h>
56 #if defined(LINUX) && defined(IA64)
57 # include <asm/ptrace_offsets.h>
63 # define PTRACE_PEEKUSR PTRACE_PEEKUSER
64 #elif defined(HAVE_LINUX_PTRACE_H)
66 # ifdef HAVE_STRUCT_IA64_FPREG
67 # define ia64_fpreg XXX_ia64_fpreg
69 # ifdef HAVE_STRUCT_PT_ALL_USER_REGS
70 # define pt_all_user_regs XXX_pt_all_user_regs
72 #include <linux/ptrace.h>
74 # undef pt_all_user_regs
77 #ifdef SUNOS4_KERNEL_ARCH_KLUDGE
78 #include <sys/utsname.h>
79 #endif /* SUNOS4_KERNEL_ARCH_KLUDGE */
81 #if defined(LINUXSPARC)
83 # define fpq kernel_fpq
85 # define fpu kernel_fpu
93 # undef PTRACE_GETREGS
94 # define PTRACE_GETREGS PTRACE_GETREGS64
95 # undef PTRACE_SETREGS
96 # define PTRACE_SETREGS PTRACE_SETREGS64
99 #if !defined(__GLIBC__)
101 #include <linux/unistd.h>
103 #define _hack_syscall5(type,name,type1,arg1,type2,arg2,type3,arg3,type4,arg4,\
104 type5,arg5,syscall) \
105 type name (type1 arg1,type2 arg2,type3 arg3,type4 arg4,type5 arg5) \
109 __asm__ volatile ("or %%g0, %1, %%o0\n\t" \
110 "or %%g0, %2, %%o1\n\t" \
111 "or %%g0, %3, %%o2\n\t" \
112 "or %%g0, %4, %%o3\n\t" \
113 "or %%g0, %5, %%o4\n\t" \
114 "or %%g0, %6, %%g1\n\t" \
115 #if defined (SPARC64)
121 "or %%g0, %%o0, %0\n\t" \
122 "sub %%g0, %%o0, %0\n\t" \
125 : "0" ((long)(arg1)),"1" ((long)(arg2)), \
126 "2" ((long)(arg3)),"3" ((long)(arg4)),"4" ((long)(arg5)), \
127 "i" (__NR_##syscall) \
128 : "g1", "o0", "o1", "o2", "o3", "o4"); \
130 return (type) __res; \
135 static _hack_syscall5(int,_ptrace,int,__request,int,__pid,int,__addr,int,__data,int,__addr2,ptrace)
145 #define MAX(a,b) (((a) > (b)) ? (a) : (b))
148 #define MIN(a,b) (((a) < (b)) ? (a) : (b))
167 return a->tv_sec || a->tv_usec;
172 struct timeval *a, *b;
174 if (a->tv_sec < b->tv_sec
175 || (a->tv_sec == b->tv_sec && a->tv_usec < b->tv_usec))
177 if (a->tv_sec > b->tv_sec
178 || (a->tv_sec == b->tv_sec && a->tv_usec > b->tv_usec))
187 return tv->tv_sec + tv->tv_usec/1000000.0;
192 struct timeval *tv, *a, *b;
194 tv->tv_sec = a->tv_sec + b->tv_sec;
195 tv->tv_usec = a->tv_usec + b->tv_usec;
196 if (tv->tv_usec >= 1000000) {
198 tv->tv_usec -= 1000000;
204 struct timeval *tv, *a, *b;
206 tv->tv_sec = a->tv_sec - b->tv_sec;
207 tv->tv_usec = a->tv_usec - b->tv_usec;
208 if (((long) tv->tv_usec) < 0) {
210 tv->tv_usec += 1000000;
216 struct timeval *tv, *a;
219 tv->tv_usec = (a->tv_sec % n * 1000000 + a->tv_usec + n / 2) / n;
220 tv->tv_sec = a->tv_sec / n + tv->tv_usec / 1000000;
221 tv->tv_usec %= 1000000;
226 struct timeval *tv, *a;
229 tv->tv_usec = a->tv_usec * n;
230 tv->tv_sec = a->tv_sec * n + tv->tv_usec / 1000000;
231 tv->tv_usec %= 1000000;
235 xlookup(const struct xlat *xlat, int val)
237 for (; xlat->str != NULL; xlat++)
238 if (xlat->val == val)
244 * Generic ptrace wrapper which tracks ESRCH errors
245 * by setting tcp->ptrace_errno to ESRCH.
247 * We assume that ESRCH indicates likely process death (SIGKILL?),
248 * modulo bugs where process somehow ended up not stopped.
249 * Unfortunately kernel uses ESRCH for that case too. Oh well.
251 * Currently used by upeek() only.
252 * TODO: use this in all other ptrace() calls while decoding.
255 do_ptrace(int request, struct tcb *tcp, void *addr, void *data)
260 l = ptrace(request, tcp->pid, addr, data);
261 /* Non-ESRCH errors might be our invalid reg/mem accesses,
262 * we do not record them. */
264 tcp->ptrace_errno = ESRCH;
269 * Used when we want to unblock stopped traced process.
270 * Should be only used with PTRACE_CONT, PTRACE_DETACH and PTRACE_SYSCALL.
271 * Returns 0 on success or if error was ESRCH
272 * (presumably process was killed while we talk to it).
273 * Otherwise prints error message and returns -1.
276 ptrace_restart(int op, struct tcb *tcp, int sig)
282 ptrace(op, tcp->pid, (void *) 1, (void *) (long) sig);
284 if (!err || err == ESRCH)
287 tcp->ptrace_errno = err;
289 if (op == PTRACE_CONT)
291 if (op == PTRACE_DETACH)
293 fprintf(stderr, "strace: ptrace(PTRACE_%s,1,%d): %s\n",
294 msg, sig, strerror(err));
299 * Print entry in struct xlat table, if there.
302 printxval(const struct xlat *xlat, int val, const char *dflt)
304 const char *str = xlookup(xlat, val);
309 tprintf("%#x /* %s */", val, dflt);
313 * Interpret `xlat' as an array of flags
314 * print the entries whose bits are on in `flags'
315 * return # of flags printed.
318 addflags(xlat, flags)
319 const struct xlat *xlat;
324 for (n = 0; xlat->str; xlat++) {
325 if (xlat->val && (flags & xlat->val) == xlat->val) {
326 tprintf("|%s", xlat->str);
332 tprintf("|%#x", flags);
339 * Interpret `xlat' as an array of flags/
340 * Print to static string the entries whose bits are on in `flags'
341 * Return static string.
344 sprintflags(const char *prefix, const struct xlat *xlat, int flags)
346 static char outstr[1024];
349 strcpy(outstr, prefix);
351 for (; xlat->str; xlat++) {
352 if ((flags & xlat->val) == xlat->val) {
355 strcat(outstr, xlat->str);
363 sprintf(outstr + strlen(outstr), "%#x", flags);
370 printflags(xlat, flags, dflt)
371 const struct xlat *xlat;
378 if (flags == 0 && xlat->val == 0) {
379 tprintf("%s", xlat->str);
384 for (n = 0; xlat->str; xlat++) {
385 if (xlat->val && (flags & xlat->val) == xlat->val) {
386 tprintf("%s%s", sep, xlat->str);
395 tprintf("%s%#x", sep, flags);
400 tprintf("%#x", flags);
402 tprintf(" /* %s */", dflt);
413 printnum(tcp, addr, fmt)
424 if (umove(tcp, addr, &num) < 0) {
425 tprintf("%#lx", addr);
434 printnum_int(tcp, addr, fmt)
445 if (umove(tcp, addr, &num) < 0) {
446 tprintf("%#lx", addr);
460 tprintf((uid == -1) ? "%ld" : "%lu", uid);
463 static char path[MAXPATHLEN + 1];
466 * Quote string `instr' of length `size'
467 * Write up to (3 + `size' * 4) bytes to `outstr' buffer.
468 * If `len' < 0, treat `instr' as a NUL-terminated string
469 * and quote at most (`size' - 1) bytes.
472 string_quote(const char *instr, char *outstr, int len, int size)
474 const unsigned char *ustr = (const unsigned char *) instr;
476 int usehex = 0, c, i;
481 /* Check for presence of symbol which require
482 to hex-quote the whole string. */
483 for (i = 0; i < size; ++i) {
485 /* Check for NUL-terminated string. */
489 /* Quote at most size - 1 bytes. */
493 if (!isprint(c) && !isspace(c)) {
503 /* Hex-quote the whole string. */
504 for (i = 0; i < size; ++i) {
506 /* Check for NUL-terminated string. */
510 /* Quote at most size - 1 bytes. */
514 sprintf(s, "\\x%02x", c);
518 for (i = 0; i < size; ++i) {
520 /* Check for NUL-terminated string. */
524 /* Quote at most size - 1 bytes. */
529 case '\"': case '\\':
556 else if (i + 1 < size
557 && isdigit(ustr[i + 1])) {
558 sprintf(s, "\\%03o", c);
561 sprintf(s, "\\%o", c);
572 /* Return nonzero if the string was unterminated. */
577 * Print path string specified by address `addr' and length `n'.
578 * If path length exceeds `n', append `...' to the output.
581 printpathn(struct tcb *tcp, long addr, int n)
588 /* Cap path length to the path buffer size,
589 and NUL-terminate the buffer. */
590 if (n > sizeof path - 1)
594 /* Fetch one byte more to find out whether path length > n. */
595 if (umovestr(tcp, addr, n + 1, path) < 0)
596 tprintf("%#lx", addr);
598 static char outstr[4*(sizeof path - 1) + sizeof "\"...\""];
599 int trunc = (path[n] != '\0');
603 (void) string_quote(path, outstr, -1, n + 1);
605 strcat(outstr, "...");
606 tprintf("%s", outstr);
611 printpath(struct tcb *tcp, long addr)
613 printpathn(tcp, addr, sizeof path - 1);
617 * Print string specified by address `addr' and length `len'.
618 * If `len' < 0, treat the string as a NUL-terminated string.
619 * If string length exceeds `max_strlen', append `...' to the output.
622 printstr(struct tcb *tcp, long addr, int len)
624 static char *str = NULL;
632 /* Allocate static buffers if they are not allocated yet. */
634 str = malloc(max_strlen + 1);
636 outstr = malloc(4 * max_strlen + sizeof "\"...\"");
637 if (!str || !outstr) {
638 fprintf(stderr, "out of memory\n");
639 tprintf("%#lx", addr);
645 * Treat as a NUL-terminated string: fetch one byte more
646 * because string_quote() quotes one byte less.
648 size = max_strlen + 1;
649 str[max_strlen] = '\0';
650 if (umovestr(tcp, addr, size, str) < 0) {
651 tprintf("%#lx", addr);
656 size = MIN(len, max_strlen);
657 if (umoven(tcp, addr, size, str) < 0) {
658 tprintf("%#lx", addr);
663 if (string_quote(str, outstr, len, size) &&
664 (len < 0 || len > max_strlen))
665 strcat(outstr, "...");
667 tprintf("%s", outstr);
672 dumpiov(tcp, len, addr)
677 #if defined(LINUX) && SUPPORTED_PERSONALITIES > 1
679 struct { u_int32_t base; u_int32_t len; } *iov32;
680 struct { u_int64_t base; u_int64_t len; } *iov64;
682 #define iov iovu.iov64
684 (personality_wordsize[current_personality] == 4 \
685 ? sizeof(*iovu.iov32) : sizeof(*iovu.iov64))
686 #define iov_iov_base(i) \
687 (personality_wordsize[current_personality] == 4 \
688 ? (u_int64_t) iovu.iov32[i].base : iovu.iov64[i].base)
689 #define iov_iov_len(i) \
690 (personality_wordsize[current_personality] == 4 \
691 ? (u_int64_t) iovu.iov32[i].len : iovu.iov64[i].len)
694 #define sizeof_iov sizeof(*iov)
695 #define iov_iov_base(i) iov[i].iov_base
696 #define iov_iov_len(i) iov[i].iov_len
701 size = sizeof_iov * (unsigned long) len;
702 if (size / sizeof_iov != len
703 || (iov = malloc(size)) == NULL) {
704 fprintf(stderr, "out of memory\n");
707 if (umoven(tcp, addr, size, (char *) iov) >= 0) {
708 for (i = 0; i < len; i++) {
709 /* include the buffer number to make it easy to
710 * match up the trace with the source */
711 tprintf(" * %lu bytes in buffer %d\n",
712 (unsigned long)iov_iov_len(i), i);
713 dumpstr(tcp, (long) iov_iov_base(i),
726 dumpstr(tcp, addr, len)
731 static int strsize = -1;
732 static unsigned char *str;
733 static char outstr[80];
740 if ((str = malloc(len)) == NULL) {
741 fprintf(stderr, "out of memory\n");
747 if (umoven(tcp, addr, len, (char *) str) < 0)
750 for (i = 0; i < len; i += 16) {
752 sprintf(s, " | %05x ", i);
754 for (j = 0; j < 16; j++) {
758 sprintf(s, " %02x", str[i + j]);
762 *s++ = ' '; *s++ = ' '; *s++ = ' ';
765 *s++ = ' '; *s++ = ' ';
766 for (j = 0; j < 16; j++) {
770 if (isprint(str[i + j]))
778 tprintf("%s |\n", outstr);
782 #define PAGMASK (~(PAGSIZ - 1))
784 * move `len' bytes of data from process `pid'
785 * at address `addr' to our space at `laddr'
788 umoven(tcp, addr, len, laddr)
801 char x[sizeof(long)];
804 if (addr & (sizeof(long) - 1)) {
805 /* addr not a multiple of sizeof(long) */
806 n = addr - (addr & -sizeof(long)); /* residue */
807 addr &= -sizeof(long); /* residue */
809 u.val = ptrace(PTRACE_PEEKDATA, pid, (char *) addr, 0);
811 if (started && (errno==EPERM || errno==EIO)) {
812 /* Ran into 'end of memory' - stupid "printpath" */
815 /* But if not started, we had a bogus address. */
816 if (addr != 0 && errno != EIO)
817 perror("ptrace: umoven");
821 memcpy(laddr, &u.x[n], m = MIN(sizeof(long) - n, len));
822 addr += sizeof(long), laddr += m, len -= m;
826 u.val = ptrace(PTRACE_PEEKDATA, pid, (char *) addr, 0);
828 if (started && (errno==EPERM || errno==EIO)) {
829 /* Ran into 'end of memory' - stupid "printpath" */
832 if (addr != 0 && errno != EIO)
833 perror("ptrace: umoven");
837 memcpy(laddr, u.x, m = MIN(sizeof(long), len));
838 addr += sizeof(long), laddr += m, len -= m;
848 char x[sizeof(long)];
851 if (addr & (sizeof(long) - 1)) {
852 /* addr not a multiple of sizeof(long) */
853 n = addr - (addr & -sizeof(long)); /* residue */
854 addr &= -sizeof(long); /* residue */
856 u.val = ptrace(PTRACE_PEEKDATA, pid, (char *) addr, 0);
861 memcpy(laddr, &u.x[n], m = MIN(sizeof(long) - n, len));
862 addr += sizeof(long), laddr += m, len -= m;
866 u.val = ptrace(PTRACE_PEEKDATA, pid, (char *) addr, 0);
871 memcpy(laddr, u.x, m = MIN(sizeof(long), len));
872 addr += sizeof(long), laddr += m, len -= m;
878 n = MIN(len, PAGSIZ);
879 n = MIN(n, ((addr + PAGSIZ) & PAGMASK) - addr);
880 if (ptrace(PTRACE_READDATA, pid,
881 (char *) addr, len, laddr) < 0) {
882 perror("umoven: ptrace(PTRACE_READDATA, ...)");
894 #ifdef HAVE_MP_PROCFS
895 int fd = tcp->pfd_as;
899 lseek(fd, addr, SEEK_SET);
900 if (read(fd, laddr, len) == -1)
902 #endif /* USE_PROCFS */
908 * like `umove' but make the additional effort of looking
909 * for a terminating zero byte.
912 umovestr(tcp, addr, len, laddr)
919 #ifdef HAVE_MP_PROCFS
920 int fd = tcp->pfd_as;
924 /* Some systems (e.g. FreeBSD) can be upset if we read off the
925 end of valid memory, avoid this by trying to read up
926 to page boundaries. But we don't know what a page is (and
927 getpagesize(2) (if it exists) doesn't necessarily return
928 hardware page size). Assume all pages >= 1024 (a-historical
931 int page = 1024; /* How to find this? */
932 int move = page - (addr & (page - 1));
935 lseek(fd, addr, SEEK_SET);
938 if (move > left) move = left;
939 if ((move = read(fd, laddr, move)) <= 0)
940 return left != len ? 0 : -1;
941 if (memchr (laddr, 0, move)) break;
947 #else /* !USE_PROCFS */
953 char x[sizeof(long)];
956 if (addr & (sizeof(long) - 1)) {
957 /* addr not a multiple of sizeof(long) */
958 n = addr - (addr & -sizeof(long)); /* residue */
959 addr &= -sizeof(long); /* residue */
961 u.val = ptrace(PTRACE_PEEKDATA, pid, (char *)addr, 0);
963 if (started && (errno==EPERM || errno==EIO)) {
964 /* Ran into 'end of memory' - stupid "printpath" */
967 if (addr != 0 && errno != EIO)
972 memcpy(laddr, &u.x[n], m = MIN(sizeof(long)-n,len));
973 while (n & (sizeof(long) - 1))
974 if (u.x[n++] == '\0')
976 addr += sizeof(long), laddr += m, len -= m;
980 u.val = ptrace(PTRACE_PEEKDATA, pid, (char *)addr, 0);
982 if (started && (errno==EPERM || errno==EIO)) {
983 /* Ran into 'end of memory' - stupid "printpath" */
986 if (addr != 0 && errno != EIO)
991 memcpy(laddr, u.x, m = MIN(sizeof(long), len));
992 for (i = 0; i < sizeof(long); i++)
996 addr += sizeof(long), laddr += m, len -= m;
998 #endif /* !USE_PROCFS */
1003 #if !defined (SPARC) && !defined(SPARC64)
1004 #define PTRACE_WRITETEXT 101
1005 #define PTRACE_WRITEDATA 102
1006 #endif /* !SPARC && !SPARC64 */
1012 uload(cmd, pid, addr, len, laddr)
1023 n = MIN(len, PAGSIZ);
1024 n = MIN(n, ((addr + PAGSIZ) & PAGMASK) - addr);
1025 if (ptrace(cmd, pid, (char *)addr, n, laddr) < 0) {
1026 perror("uload: ptrace(PTRACE_WRITE, ...)");
1038 char x[sizeof(long)];
1041 if (cmd == PTRACE_WRITETEXT) {
1042 peek = PTRACE_PEEKTEXT;
1043 poke = PTRACE_POKETEXT;
1046 peek = PTRACE_PEEKDATA;
1047 poke = PTRACE_POKEDATA;
1049 if (addr & (sizeof(long) - 1)) {
1050 /* addr not a multiple of sizeof(long) */
1051 n = addr - (addr & -sizeof(long)); /* residue */
1052 addr &= -sizeof(long);
1054 u.val = ptrace(peek, pid, (char *) addr, 0);
1056 perror("uload: POKE");
1059 memcpy(&u.x[n], laddr, m = MIN(sizeof(long) - n, len));
1060 if (ptrace(poke, pid, (char *)addr, u.val) < 0) {
1061 perror("uload: POKE");
1064 addr += sizeof(long), laddr += m, len -= m;
1067 if (len < sizeof(long))
1068 u.val = ptrace(peek, pid, (char *) addr, 0);
1069 memcpy(u.x, laddr, m = MIN(sizeof(long), len));
1070 if (ptrace(poke, pid, (char *) addr, u.val) < 0) {
1071 perror("uload: POKE");
1074 addr += sizeof(long), laddr += m, len -= m;
1081 tload(pid, addr, len, laddr)
1086 return uload(PTRACE_WRITETEXT, pid, addr, len, laddr);
1090 dload(pid, addr, len, laddr)
1096 return uload(PTRACE_WRITEDATA, pid, addr, len, laddr);
1104 upeek(tcp, off, res)
1111 #ifdef SUNOS4_KERNEL_ARCH_KLUDGE
1113 static int is_sun4m = -1;
1114 struct utsname name;
1116 /* Round up the usual suspects. */
1117 if (is_sun4m == -1) {
1118 if (uname(&name) < 0) {
1119 perror("upeek: uname?");
1122 is_sun4m = strcmp(name.machine, "sun4m") == 0;
1124 extern const struct xlat struct_user_offsets[];
1125 const struct xlat *x;
1127 for (x = struct_user_offsets; x->str; x++)
1134 #endif /* SUNOS4_KERNEL_ARCH_KLUDGE */
1136 val = do_ptrace(PTRACE_PEEKUSER, tcp, (char *) off, 0);
1137 if (val == -1 && errno) {
1138 if (errno != ESRCH) {
1140 sprintf(buf,"upeek: ptrace(PTRACE_PEEKUSER,%d,%lu,0)", tcp->pid, off);
1149 #endif /* !USE_PROCFS */
1160 if (upeek(tcp, 4*EIP, &pc) < 0)
1162 #elif defined(X86_64)
1163 if (upeek(tcp, 8*RIP, &pc) < 0)
1166 if (upeek(tcp, PT_B0, &pc) < 0)
1169 if (upeek(tcp, 4*15, &pc) < 0)
1172 if (upeek(tcp, REG_PC, &pc) < 0)
1174 #elif defined(POWERPC)
1175 if (upeek(tcp, sizeof(unsigned long)*PT_NIP, &pc) < 0)
1178 if (upeek(tcp, 4*PT_PC, &pc) < 0)
1180 #elif defined(ALPHA)
1181 if (upeek(tcp, REG_PC, &pc) < 0)
1184 if (upeek(tcp, REG_EPC, &pc) < 0)
1186 #elif defined(SPARC) || defined(SPARC64)
1188 if (ptrace(PTRACE_GETREGS,tcp->pid,(char *)®s,0) < 0)
1191 #elif defined(S390) || defined(S390X)
1192 if(upeek(tcp,PT_PSWADDR,&pc) < 0)
1195 if(upeek(tcp,PT_IAOQ0,&pc) < 0)
1198 if (upeek(tcp, 4*REG_PC ,&pc) < 0)
1201 if (upeek(tcp, REG_PC ,&pc) < 0)
1209 * Return current program counter for `pid'
1210 * Assumes PC is never 0xffffffff
1214 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *) ®s, 0) < 0) {
1215 perror("getpc: ptrace(PTRACE_GETREGS, ...)");
1228 pread(tcp->pfd_reg, ®s, sizeof(regs), 0);
1230 #endif /* FREEBSD */
1238 #define PRINTBADPC tprintf(sizeof(long) == 4 ? "[????????] " : \
1239 sizeof(long) == 8 ? "[????????????????] " : \
1246 if (upeek(tcp, 4*EIP, &eip) < 0) {
1250 tprintf("[%08lx] ", eip);
1252 #elif defined(S390) || defined(S390X)
1254 if(upeek(tcp,PT_PSWADDR,&psw) < 0) {
1259 tprintf("[%08lx] ", psw);
1261 tprintf("[%16lx] ", psw);
1264 #elif defined(X86_64)
1267 if (upeek(tcp, 8*RIP, &rip) < 0) {
1271 tprintf("[%16lx] ", rip);
1275 if (upeek(tcp, PT_B0, &ip) < 0) {
1279 tprintf("[%08lx] ", ip);
1280 #elif defined(POWERPC)
1283 if (upeek(tcp, sizeof(unsigned long)*PT_NIP, &pc) < 0) {
1284 tprintf ("[????????] ");
1287 tprintf("[%08lx] ", pc);
1291 if (upeek(tcp, 4*PT_PC, &pc) < 0) {
1292 tprintf ("[????????] ");
1295 tprintf("[%08lx] ", pc);
1296 #elif defined(ALPHA)
1299 if (upeek(tcp, REG_PC, &pc) < 0) {
1300 tprintf ("[????????????????] ");
1303 tprintf("[%08lx] ", pc);
1304 #elif defined(SPARC) || defined(SPARC64)
1306 if (ptrace(PTRACE_GETREGS,tcp->pid,(char *)®s,0) < 0) {
1310 tprintf("[%08lx] ", regs.r_pc);
1314 if(upeek(tcp,PT_IAOQ0,&pc) < 0) {
1315 tprintf ("[????????] ");
1318 tprintf("[%08lx] ", pc);
1322 if (upeek(tcp, REG_EPC, &pc) < 0) {
1323 tprintf ("[????????] ");
1326 tprintf("[%08lx] ", pc);
1330 if (upeek(tcp, 4*REG_PC, &pc) < 0) {
1331 tprintf ("[????????] ");
1334 tprintf("[%08lx] ", pc);
1338 if (upeek(tcp, REG_PC, &pc) < 0) {
1339 tprintf ("[????????????????] ");
1342 tprintf("[%08lx] ", pc);
1346 if (upeek(tcp, 4*15, &pc) < 0) {
1350 tprintf("[%08lx] ", pc);
1354 if (upeek(tcp, PT_PC, &pc) < 0) {
1358 tprintf("[%08lx] ", pc);
1359 #endif /* !architecture */
1365 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *) ®s, 0) < 0) {
1366 perror("printcall: ptrace(PTRACE_GETREGS, ...)");
1370 tprintf("[%08x] ", regs.r_o7);
1380 pread(tcp->pfd_reg, ®s, sizeof(regs), 0);
1381 tprintf("[%08x] ", regs.r_eip);
1382 #endif /* FREEBSD */
1389 #include "syscall.h"
1391 #include <sys/syscall.h>
1392 #ifndef CLONE_PTRACE
1393 # define CLONE_PTRACE 0x00002000
1396 # define CLONE_VFORK 0x00004000
1399 # define CLONE_VM 0x00000100
1401 #ifndef CLONE_STOPPED
1402 # define CLONE_STOPPED 0x02000000
1407 /* We don't have fork()/vfork() syscalls on ia64 itself, but the ia32
1408 subsystem has them for x86... */
1410 #define SYS_vfork 190
1412 typedef unsigned long *arg_setup_state;
1415 arg_setup(struct tcb *tcp, arg_setup_state *state)
1417 unsigned long cfm, sof, sol;
1421 /* Satisfy a false GCC warning. */
1426 if (upeek(tcp, PT_AR_BSP, &bsp) < 0)
1428 if (upeek(tcp, PT_CFM, (long *) &cfm) < 0)
1431 sof = (cfm >> 0) & 0x7f;
1432 sol = (cfm >> 7) & 0x7f;
1433 bsp = (long) ia64_rse_skip_regs((unsigned long *) bsp, -sof + sol);
1435 *state = (unsigned long *) bsp;
1439 # define arg_finish_change(tcp, state) 0
1443 get_arg0 (struct tcb *tcp, arg_setup_state *state, long *valp)
1448 ret = upeek (tcp, PT_R11, valp);
1451 (unsigned long) ia64_rse_skip_regs(*state, 0),
1452 sizeof(long), (void *) valp);
1457 get_arg1 (struct tcb *tcp, arg_setup_state *state, long *valp)
1462 ret = upeek (tcp, PT_R9, valp);
1465 (unsigned long) ia64_rse_skip_regs(*state, 1),
1466 sizeof(long), (void *) valp);
1472 set_arg0 (struct tcb *tcp, arg_setup_state *state, long val)
1474 int req = PTRACE_POKEDATA;
1478 ap = (void *) (intptr_t) PT_R11; /* r11 == EBX */
1479 req = PTRACE_POKEUSER;
1481 ap = ia64_rse_skip_regs(*state, 0);
1483 ptrace(req, tcp->pid, ap, val);
1484 return errno ? -1 : 0;
1488 set_arg1 (struct tcb *tcp, arg_setup_state *state, long val)
1490 int req = PTRACE_POKEDATA;
1494 ap = (void *) (intptr_t) PT_R9; /* r9 == ECX */
1495 req = PTRACE_POKEUSER;
1497 ap = ia64_rse_skip_regs(*state, 1);
1499 ptrace(req, tcp->pid, ap, val);
1500 return errno ? -1 : 0;
1503 /* ia64 does not return the input arguments from functions (and syscalls)
1504 according to ia64 RSE (Register Stack Engine) behavior. */
1506 # define restore_arg0(tcp, state, val) ((void) (state), 0)
1507 # define restore_arg1(tcp, state, val) ((void) (state), 0)
1509 #elif defined (SPARC) || defined (SPARC64)
1511 typedef struct regs arg_setup_state;
1513 # define arg_setup(tcp, state) \
1514 (ptrace (PTRACE_GETREGS, tcp->pid, (char *) (state), 0))
1515 # define arg_finish_change(tcp, state) \
1516 (ptrace (PTRACE_SETREGS, tcp->pid, (char *) (state), 0))
1518 # define get_arg0(tcp, state, valp) (*(valp) = (state)->r_o0, 0)
1519 # define get_arg1(tcp, state, valp) (*(valp) = (state)->r_o1, 0)
1520 # define set_arg0(tcp, state, val) ((state)->r_o0 = (val), 0)
1521 # define set_arg1(tcp, state, val) ((state)->r_o1 = (val), 0)
1522 # define restore_arg0(tcp, state, val) 0
1526 # if defined S390 || defined S390X
1527 /* Note: this is only true for the `clone' system call, which handles
1528 arguments specially. We could as well say that its first two arguments
1529 are swapped relative to other architectures, but that would just be
1530 another #ifdef in the calls. */
1531 # define arg0_offset PT_GPR3
1532 # define arg1_offset PT_ORIGGPR2
1533 # define restore_arg0(tcp, state, val) ((void) (state), 0)
1534 # define restore_arg1(tcp, state, val) ((void) (state), 0)
1535 # define arg0_index 1
1536 # define arg1_index 0
1537 # elif defined (ALPHA) || defined (MIPS)
1538 # define arg0_offset REG_A0
1539 # define arg1_offset (REG_A0+1)
1540 # elif defined (POWERPC)
1541 # define arg0_offset (sizeof(unsigned long)*PT_R3)
1542 # define arg1_offset (sizeof(unsigned long)*PT_R4)
1543 # define restore_arg0(tcp, state, val) ((void) (state), 0)
1544 # elif defined (HPPA)
1545 # define arg0_offset PT_GR26
1546 # define arg1_offset (PT_GR26-4)
1547 # elif defined (X86_64)
1548 # define arg0_offset ((long)(8*(current_personality ? RBX : RDI)))
1549 # define arg1_offset ((long)(8*(current_personality ? RCX : RSI)))
1551 # define arg0_offset (4*(REG_REG0+4))
1552 # define arg1_offset (4*(REG_REG0+5))
1553 # elif defined (SH64)
1554 /* ABI defines arg0 & 1 in r2 & r3 */
1555 # define arg0_offset (REG_OFFSET+16)
1556 # define arg1_offset (REG_OFFSET+24)
1557 # define restore_arg0(tcp, state, val) 0
1559 # define arg0_offset 0
1560 # define arg1_offset 4
1562 # define restore_arg0(tcp, state, val) 0
1566 typedef int arg_setup_state;
1568 # define arg_setup(tcp, state) (0)
1569 # define arg_finish_change(tcp, state) 0
1570 # define get_arg0(tcp, cookie, valp) \
1571 (upeek ((tcp), arg0_offset, (valp)))
1572 # define get_arg1(tcp, cookie, valp) \
1573 (upeek ((tcp), arg1_offset, (valp)))
1576 set_arg0 (struct tcb *tcp, void *cookie, long val)
1578 return ptrace (PTRACE_POKEUSER, tcp->pid, (char*)arg0_offset, val);
1582 set_arg1 (struct tcb *tcp, void *cookie, long val)
1584 return ptrace (PTRACE_POKEUSER, tcp->pid, (char*)arg1_offset, val);
1589 #ifndef restore_arg0
1590 # define restore_arg0(tcp, state, val) set_arg0((tcp), (state), (val))
1592 #ifndef restore_arg1
1593 # define restore_arg1(tcp, state, val) set_arg1((tcp), (state), (val))
1597 # define arg0_index 0
1598 # define arg1_index 1
1605 static int clone_scno[SUPPORTED_PERSONALITIES] = { SYS_clone };
1606 extern int change_syscall(struct tcb *, int);
1607 arg_setup_state state;
1609 if (tcp->flags & TCB_BPTSET) {
1610 fprintf(stderr, "PANIC: TCB already set in pid %u\n", tcp->pid);
1615 * It's a silly kludge to initialize this with a search at runtime.
1616 * But it's better than maintaining another magic thing in the
1617 * godforsaken tables.
1619 if (clone_scno[current_personality] == 0) {
1621 for (i = 0; i < nsyscalls; ++i)
1622 if (sysent[i].sys_func == sys_clone) {
1623 clone_scno[current_personality] = i;
1628 switch (known_scno(tcp)) {
1635 #if defined SYS_fork || defined SYS_vfork
1636 if (arg_setup (tcp, &state) < 0
1637 || get_arg0 (tcp, &state, &tcp->inst[0]) < 0
1638 || get_arg1 (tcp, &state, &tcp->inst[1]) < 0
1639 || change_syscall(tcp, clone_scno[current_personality]) < 0
1640 || set_arg0 (tcp, &state, CLONE_PTRACE|SIGCHLD) < 0
1641 || set_arg1 (tcp, &state, 0) < 0
1642 || arg_finish_change (tcp, &state) < 0)
1644 tcp->u_arg[arg0_index] = CLONE_PTRACE|SIGCHLD;
1645 tcp->u_arg[arg1_index] = 0;
1646 tcp->flags |= TCB_BPTSET;
1654 /* ia64 calls directly `clone (CLONE_VFORK | CLONE_VM)'
1655 contrary to x86 SYS_vfork above. Even on x86 we turn the
1656 vfork semantics into plain fork - each application must not
1657 depend on the vfork specifics according to POSIX. We would
1658 hang waiting for the parent resume otherwise. We need to
1659 clear also CLONE_VM but only in the CLONE_VFORK case as
1660 otherwise we would break pthread_create. */
1662 if ((arg_setup (tcp, &state) < 0
1663 || set_arg0 (tcp, &state,
1664 (tcp->u_arg[arg0_index] | CLONE_PTRACE)
1665 & ~(tcp->u_arg[arg0_index] & CLONE_VFORK
1666 ? CLONE_VFORK | CLONE_VM : 0)) < 0
1667 || arg_finish_change (tcp, &state) < 0))
1669 tcp->flags |= TCB_BPTSET;
1670 tcp->inst[0] = tcp->u_arg[arg0_index];
1671 tcp->inst[1] = tcp->u_arg[arg1_index];
1675 fprintf(stderr, "PANIC: setbpt for syscall %ld on %u???\n",
1676 tcp->scno, tcp->pid);
1687 arg_setup_state state;
1688 if (arg_setup (tcp, &state) < 0
1689 || restore_arg0 (tcp, &state, tcp->inst[0]) < 0
1690 || restore_arg1 (tcp, &state, tcp->inst[1]) < 0
1691 || arg_finish_change (tcp, &state))
1693 tcp->flags &= ~TCB_BPTSET;
1705 #if defined (SPARC) || defined (SPARC64)
1706 /* We simply use the SunOS breakpoint code. */
1710 #define LOOPA 0x30800000 /* ba,a 0 */
1712 if (tcp->flags & TCB_BPTSET) {
1713 fprintf(stderr, "PANIC: TCB already set in pid %u\n", tcp->pid);
1716 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0) {
1717 perror("setbpt: ptrace(PTRACE_GETREGS, ...)");
1720 tcp->baddr = regs.r_o7 + 8;
1722 tcp->inst[0] = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)tcp->baddr, 0);
1724 perror("setbpt: ptrace(PTRACE_PEEKTEXT, ...)");
1729 * XXX - BRUTAL MODE ON
1730 * We cannot set a real BPT in the child, since it will not be
1731 * traced at the moment it will reach the trap and would probably
1732 * die with a core dump.
1733 * Thus, we are force our way in by taking out two instructions
1734 * and insert an eternal loop instead, in expectance of the SIGSTOP
1735 * generated by out PTRACE_ATTACH.
1736 * Of cause, if we evaporate ourselves in the middle of all this...
1740 #if defined (SPARC64)
1742 inst |= (tcp->inst[0] & 0xffffffffUL);
1744 ptrace(PTRACE_POKETEXT, tcp->pid, (char *) tcp->baddr, inst);
1746 perror("setbpt: ptrace(PTRACE_POKETEXT, ...)");
1749 tcp->flags |= TCB_BPTSET;
1751 #else /* !SPARC && !SPARC64 */
1754 # define LOOP 0x0000feeb
1755 if (tcp->flags & TCB_BPTSET) {
1756 fprintf(stderr, "PANIC: bpt already set in pid %u\n",
1760 if (upeek(tcp, PT_CR_IIP, &tcp->baddr) < 0)
1763 fprintf(stderr, "[%d] setting bpt at %lx\n",
1764 tcp->pid, tcp->baddr);
1765 tcp->inst[0] = ptrace(PTRACE_PEEKTEXT, tcp->pid,
1766 (char *) tcp->baddr, 0);
1768 perror("setbpt: ptrace(PTRACE_PEEKTEXT, ...)");
1771 ptrace(PTRACE_POKETEXT, tcp->pid, (char *) tcp->baddr, LOOP);
1773 perror("setbpt: ptrace(PTRACE_POKETEXT, ...)");
1776 tcp->flags |= TCB_BPTSET;
1779 * Our strategy here is to replace the bundle that
1780 * contained the clone() syscall with a bundle of the
1783 * { 1: br 1b; br 1b; br 1b }
1785 * This ensures that the newly forked child will loop
1786 * endlessly until we've got a chance to attach to it.
1788 # define LOOP0 0x0000100000000017
1789 # define LOOP1 0x4000000000200000
1790 unsigned long addr, ipsr;
1794 if (upeek(tcp, PT_CR_IPSR, &ipsr) < 0)
1796 if (upeek(tcp, PT_CR_IIP, &addr) < 0)
1798 /* store "ri" in low two bits */
1799 tcp->baddr = addr | ((ipsr >> 41) & 0x3);
1802 tcp->inst[0] = ptrace(PTRACE_PEEKTEXT, pid, (char *) addr + 0,
1804 tcp->inst[1] = ptrace(PTRACE_PEEKTEXT, pid, (char *) addr + 8,
1807 perror("setbpt: ptrace(PTRACE_PEEKTEXT, ...)");
1812 ptrace(PTRACE_POKETEXT, pid, (char *) addr + 0, LOOP0);
1813 ptrace(PTRACE_POKETEXT, pid, (char *) addr + 8, LOOP1);
1815 perror("setbpt: ptrace(PTRACE_POKETEXT, ...)");
1818 tcp->flags |= TCB_BPTSET;
1822 #if defined (I386) || defined(X86_64)
1823 #define LOOP 0x0000feeb
1824 #elif defined (M68K)
1825 #define LOOP 0x60fe0000
1826 #elif defined (ALPHA)
1827 #define LOOP 0xc3ffffff
1828 #elif defined (POWERPC)
1829 #define LOOP 0x48000000
1831 #define LOOP 0xEAFFFFFE
1833 #define LOOP 0x1000ffff
1835 #define LOOP 0xa7f40000 /* BRC 15,0 */
1836 #elif defined(S390X)
1837 #define LOOP 0xa7f4000000000000UL /* BRC 15,0 */
1839 #define LOOP 0xe81f1ff7 /* b,l,n <loc>,r0 */
1841 #ifdef __LITTLE_ENDIAN__
1842 #define LOOP 0x0000affe
1844 #define LOOP 0xfeaf0000
1847 #error unknown architecture
1850 if (tcp->flags & TCB_BPTSET) {
1851 fprintf(stderr, "PANIC: bpt already set in pid %u\n", tcp->pid);
1855 if (upeek(tcp, 4*EIP, &tcp->baddr) < 0)
1857 #elif defined (X86_64)
1858 if (upeek(tcp, 8*RIP, &tcp->baddr) < 0)
1860 #elif defined (M68K)
1861 if (upeek(tcp, 4*PT_PC, &tcp->baddr) < 0)
1863 #elif defined (ALPHA)
1867 #elif defined (MIPS)
1868 return -1; /* FIXME: I do not know what i do - Flo */
1869 #elif defined (POWERPC)
1870 if (upeek(tcp, sizeof(unsigned long)*PT_NIP, &tcp->baddr) < 0)
1872 #elif defined(S390) || defined(S390X)
1873 if (upeek(tcp,PT_PSWADDR, &tcp->baddr) < 0)
1876 if (upeek(tcp, PT_IAOQ0, &tcp->baddr) < 0)
1878 tcp->baddr &= ~0x03;
1880 if (upeek(tcp, 4*REG_PC, &tcp->baddr) < 0)
1883 #error unknown architecture
1886 fprintf(stderr, "[%d] setting bpt at %lx\n", tcp->pid, tcp->baddr);
1887 tcp->inst[0] = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *) tcp->baddr, 0);
1889 perror("setbpt: ptrace(PTRACE_PEEKTEXT, ...)");
1892 ptrace(PTRACE_POKETEXT, tcp->pid, (char *) tcp->baddr, LOOP);
1894 perror("setbpt: ptrace(PTRACE_POKETEXT, ...)");
1897 tcp->flags |= TCB_BPTSET;
1900 #endif /* SPARC || SPARC64 */
1904 #ifdef SPARC /* This code is slightly sparc specific */
1907 #define BPT 0x91d02001 /* ta 1 */
1908 #define LOOP 0x10800000 /* ba 0 */
1909 #define LOOPA 0x30800000 /* ba,a 0 */
1910 #define NOP 0x01000000
1912 static int loopdeloop[1] = {LOOPA};
1914 static int loopdeloop[2] = {LOOP, NOP};
1917 if (tcp->flags & TCB_BPTSET) {
1918 fprintf(stderr, "PANIC: TCB already set in pid %u\n", tcp->pid);
1921 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0) {
1922 perror("setbpt: ptrace(PTRACE_GETREGS, ...)");
1925 tcp->baddr = regs.r_o7 + 8;
1926 if (ptrace(PTRACE_READTEXT, tcp->pid, (char *)tcp->baddr,
1927 sizeof tcp->inst, (char *)tcp->inst) < 0) {
1928 perror("setbpt: ptrace(PTRACE_READTEXT, ...)");
1933 * XXX - BRUTAL MODE ON
1934 * We cannot set a real BPT in the child, since it will not be
1935 * traced at the moment it will reach the trap and would probably
1936 * die with a core dump.
1937 * Thus, we are force our way in by taking out two instructions
1938 * and insert an eternal loop in stead, in expectance of the SIGSTOP
1939 * generated by out PTRACE_ATTACH.
1940 * Of cause, if we evaporate ourselves in the middle of all this...
1942 if (ptrace(PTRACE_WRITETEXT, tcp->pid, (char *) tcp->baddr,
1943 sizeof loopdeloop, (char *) loopdeloop) < 0) {
1944 perror("setbpt: ptrace(PTRACE_WRITETEXT, ...)");
1947 tcp->flags |= TCB_BPTSET;
1961 #if defined(I386) || defined(X86_64)
1963 #elif defined(POWERPC)
1967 #elif defined(ALPHA)
1973 #endif /* architecture */
1975 #if defined (SPARC) || defined (SPARC64)
1976 /* Again, we borrow the SunOS breakpoint code. */
1977 if (!(tcp->flags & TCB_BPTSET)) {
1978 fprintf(stderr, "PANIC: TCB not set in pid %u\n", tcp->pid);
1982 ptrace(PTRACE_POKETEXT, tcp->pid, (char *) tcp->baddr, tcp->inst[0]);
1984 perror("clearbtp: ptrace(PTRACE_POKETEXT, ...)");
1987 tcp->flags &= ~TCB_BPTSET;
1993 fprintf(stderr, "[%d] clearing bpt\n", tcp->pid);
1994 if (!(tcp->flags & TCB_BPTSET)) {
1995 fprintf(stderr, "PANIC: TCB not set in pid %u\n", tcp->pid);
1999 ptrace(PTRACE_POKETEXT, tcp->pid, (char *) tcp->baddr, tcp->inst[0]);
2001 perror("clearbtp: ptrace(PTRACE_POKETEXT, ...)");
2004 tcp->flags &= ~TCB_BPTSET;
2006 if (upeek(tcp, PT_CR_IIP, &addr) < 0)
2008 if (addr != tcp->baddr) {
2009 /* The breakpoint has not been reached yet. */
2012 "NOTE: PC not at bpt (pc %#lx baddr %#lx)\n",
2017 unsigned long addr, ipsr;
2022 if (upeek(tcp, PT_CR_IPSR, &ipsr) < 0)
2024 if (upeek(tcp, PT_CR_IIP, &addr) < 0)
2027 /* restore original bundle: */
2029 ptrace(PTRACE_POKETEXT, pid, (char *) addr + 0, tcp->inst[0]);
2030 ptrace(PTRACE_POKETEXT, pid, (char *) addr + 8, tcp->inst[1]);
2032 perror("clearbpt: ptrace(PTRACE_POKETEXT, ...)");
2036 /* restore original "ri" in ipsr: */
2037 ipsr = (ipsr & ~(0x3ul << 41)) | ((tcp->baddr & 0x3) << 41);
2039 ptrace(PTRACE_POKEUSER, pid, (char *) PT_CR_IPSR, ipsr);
2041 perror("clrbpt: ptrace(PTRACE_POKEUSER, ...)");
2045 tcp->flags &= ~TCB_BPTSET;
2047 if (addr != (tcp->baddr & ~0x3)) {
2048 /* the breakpoint has not been reached yet. */
2050 fprintf(stderr, "NOTE: PC not at bpt (pc %#lx baddr %#lx)\n",
2055 #else /* !IA64 && !SPARC && !SPARC64 */
2058 fprintf(stderr, "[%d] clearing bpt\n", tcp->pid);
2059 if (!(tcp->flags & TCB_BPTSET)) {
2060 fprintf(stderr, "PANIC: TCB not set in pid %u\n", tcp->pid);
2064 ptrace(PTRACE_POKETEXT, tcp->pid, (char *) tcp->baddr, tcp->inst[0]);
2066 perror("clearbtp: ptrace(PTRACE_POKETEXT, ...)");
2069 tcp->flags &= ~TCB_BPTSET;
2072 if (upeek(tcp, 4*EIP, &eip) < 0)
2074 if (eip != tcp->baddr) {
2075 /* The breakpoint has not been reached yet. */
2078 "NOTE: PC not at bpt (pc %#lx baddr %#lx)\n",
2082 #elif defined(X86_64)
2083 if (upeek(tcp, 8*RIP, &eip) < 0)
2085 if (eip != tcp->baddr) {
2086 /* The breakpoint has not been reached yet. */
2089 "NOTE: PC not at bpt (pc %#lx baddr %#lx)\n",
2093 #elif defined(POWERPC)
2094 if (upeek(tcp, sizeof(unsigned long)*PT_NIP, &pc) < 0)
2096 if (pc != tcp->baddr) {
2097 /* The breakpoint has not been reached yet. */
2099 fprintf(stderr, "NOTE: PC not at bpt (pc %#lx baddr %#lx)\n",
2104 if (upeek(tcp, 4*PT_PC, &pc) < 0)
2106 if (pc != tcp->baddr) {
2107 /* The breakpoint has not been reached yet. */
2109 fprintf(stderr, "NOTE: PC not at bpt (pc %#lx baddr %#lx)\n",
2113 #elif defined(ALPHA)
2114 if (upeek(tcp, REG_PC, &pc) < 0)
2116 if (pc != tcp->baddr) {
2117 /* The breakpoint has not been reached yet. */
2119 fprintf(stderr, "NOTE: PC not at bpt (pc %#lx baddr %#lx)\n",
2124 if (upeek(tcp, PT_IAOQ0, &iaoq) < 0)
2127 if (iaoq != tcp->baddr && iaoq != tcp->baddr + 4) {
2128 /* The breakpoint has not been reached yet. */
2130 fprintf(stderr, "NOTE: PC not at bpt (iaoq %#lx baddr %#lx)\n",
2134 iaoq = tcp->baddr | 3;
2135 /* We should be pointing at a 'ldi -1000,r1' in glibc, so it is
2136 * safe to set both IAOQ0 and IAOQ1 to that so the PSW N bit
2137 * has no significant effect.
2139 ptrace(PTRACE_POKEUSER, tcp->pid, (void *)PT_IAOQ0, iaoq);
2140 ptrace(PTRACE_POKEUSER, tcp->pid, (void *)PT_IAOQ1, iaoq);
2142 if (upeek(tcp, 4*REG_PC, &pc) < 0)
2144 if (pc != tcp->baddr) {
2145 /* The breakpoint has not been reached yet. */
2147 fprintf(stderr, "NOTE: PC not at bpt (pc %#lx baddr %#lx)\n",
2153 #endif /* !SPARC && !SPARC64 && !IA64 */
2163 if (!(tcp->flags & TCB_BPTSET)) {
2164 fprintf(stderr, "PANIC: TCB not set in pid %u\n", tcp->pid);
2167 if (ptrace(PTRACE_WRITETEXT, tcp->pid, (char *) tcp->baddr,
2168 sizeof tcp->inst, (char *) tcp->inst) < 0) {
2169 perror("clearbtp: ptrace(PTRACE_WRITETEXT, ...)");
2172 tcp->flags &= ~TCB_BPTSET;
2176 * Since we don't have a single instruction breakpoint, we may have
2177 * to adjust the program counter after removing the our `breakpoint'.
2179 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0) {
2180 perror("clearbpt: ptrace(PTRACE_GETREGS, ...)");
2183 if ((regs.r_pc < tcp->baddr) ||
2184 (regs.r_pc > tcp->baddr + 4)) {
2185 /* The breakpoint has not been reached yet */
2188 "NOTE: PC not at bpt (pc %#x baddr %#x)\n",
2189 regs.r_pc, tcp->parent->baddr);
2192 if (regs.r_pc != tcp->baddr)
2194 fprintf(stderr, "NOTE: PC adjusted (%#x -> %#x\n",
2195 regs.r_pc, tcp->baddr);
2197 regs.r_pc = tcp->baddr;
2198 if (ptrace(PTRACE_SETREGS, tcp->pid, (char *)®s, 0) < 0) {
2199 perror("clearbpt: ptrace(PTRACE_SETREGS, ...)");
2211 #endif /* !USE_PROCFS */
2222 for (n = 0; n < sizeof *hdr; n += 4) {
2224 if (upeek(tcp, uoff(u_exdata) + n, &res) < 0)
2226 memcpy(((char *) hdr) + n, &res, 4);
2229 fprintf(stderr, "[struct exec: magic: %o version %u Mach %o\n",
2230 hdr->a_magic, hdr->a_toolversion, hdr->a_machtype);
2231 fprintf(stderr, "Text %lu Data %lu Bss %lu Syms %lu Entry %#lx]\n",
2232 hdr->a_text, hdr->a_data, hdr->a_bss, hdr->a_syms, hdr->a_entry);
2243 * Change `vfork' in a freshly exec'ed dynamically linked
2244 * executable's (internal) symbol table to plain old `fork'
2248 struct link_dynamic dyn;
2249 struct link_dynamic_2 ld;
2252 if (getex(tcp, &hdr) < 0)
2257 if (umove(tcp, (int) N_DATADDR(hdr), &dyn) < 0) {
2258 fprintf(stderr, "Cannot read DYNAMIC\n");
2261 if (umove(tcp, (int) dyn.ld_un.ld_2, &ld) < 0) {
2262 fprintf(stderr, "Cannot read link_dynamic_2\n");
2265 if ((strtab = malloc((unsigned)ld.ld_symb_size)) == NULL) {
2266 fprintf(stderr, "out of memory\n");
2269 if (umoven(tcp, (int)ld.ld_symbols+(int)N_TXTADDR(hdr),
2270 (int)ld.ld_symb_size, strtab) < 0)
2274 for (cp = strtab; cp < strtab + ld.ld_symb_size; ) {
2275 fprintf(stderr, "[symbol: %s]\n", cp);
2280 for (cp = strtab; cp < strtab + ld.ld_symb_size; ) {
2281 if (strcmp(cp, "_vfork") == 0) {
2283 fprintf(stderr, "fixvfork: FOUND _vfork\n");
2284 strcpy(cp, "_fork");
2289 if (cp < strtab + ld.ld_symb_size)
2291 * Write entire symbol table back to avoid
2292 * memory alignment bugs in ptrace
2294 if (tload(pid, (int)ld.ld_symbols+(int)N_TXTADDR(hdr),
2295 (int)ld.ld_symb_size, strtab) < 0)