2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl>
3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl>
4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com>
5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl>
6 * Copyright (c) 1999 IBM Deutschland Entwicklung GmbH, IBM Corporation
7 * Linux for s390 port by D.J. Barrow
8 * <barrow_dj@mail.yahoo.com,djbarrow@de.ibm.com>
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. The name of the author may not be used to endorse or promote products
20 * derived from this software without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39 #include <sys/syscall.h>
41 #include <sys/param.h>
47 #include <machine/reg.h>
52 #if defined(linux) && (__GLIBC__ < 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ < 1))
53 #include <linux/ptrace.h>
56 #if defined(LINUX) && defined(IA64)
57 # include <asm/ptrace_offsets.h>
63 # define PTRACE_PEEKUSR PTRACE_PEEKUSER
64 #elif defined(HAVE_LINUX_PTRACE_H)
66 #include <linux/ptrace.h>
69 #ifdef SUNOS4_KERNEL_ARCH_KLUDGE
70 #include <sys/utsname.h>
71 #endif /* SUNOS4_KERNEL_ARCH_KLUDGE */
73 #if defined(LINUX) && defined(SPARC)
75 # define fpq kernel_fpq
77 # define fpu kernel_fpu
83 #if !defined(__GLIBC__)
85 #include <linux/unistd.h>
87 #define _hack_syscall5(type,name,type1,arg1,type2,arg2,type3,arg3,type4,arg4,\
89 type name (type1 arg1,type2 arg2,type3 arg3,type4 arg4,type5 arg5) \
93 __asm__ volatile ("or %%g0, %1, %%o0\n\t" \
94 "or %%g0, %2, %%o1\n\t" \
95 "or %%g0, %3, %%o2\n\t" \
96 "or %%g0, %4, %%o3\n\t" \
97 "or %%g0, %5, %%o4\n\t" \
98 "or %%g0, %6, %%g1\n\t" \
101 "or %%g0, %%o0, %0\n\t" \
102 "sub %%g0, %%o0, %0\n\t" \
105 : "0" ((long)(arg1)),"1" ((long)(arg2)), \
106 "2" ((long)(arg3)),"3" ((long)(arg4)),"4" ((long)(arg5)), \
107 "i" (__NR_##syscall) \
108 : "g1", "o0", "o1", "o2", "o3", "o4"); \
110 return (type) __res; \
115 static _hack_syscall5(int,_ptrace,int,__request,int,__pid,int,__addr,int,__data,int,__addr2,ptrace)
125 #define MAX(a,b) (((a) > (b)) ? (a) : (b))
128 #define MIN(a,b) (((a) < (b)) ? (a) : (b))
145 return a->tv_sec || a->tv_usec;
150 struct timeval *a, *b;
152 if (a->tv_sec < b->tv_sec
153 || (a->tv_sec == b->tv_sec && a->tv_usec < b->tv_usec))
155 if (a->tv_sec > b->tv_sec
156 || (a->tv_sec == b->tv_sec && a->tv_usec > b->tv_usec))
165 return tv->tv_sec + tv->tv_usec/1000000.0;
170 struct timeval *tv, *a, *b;
172 tv->tv_sec = a->tv_sec + b->tv_sec;
173 tv->tv_usec = a->tv_usec + b->tv_usec;
174 if (tv->tv_usec > 1000000) {
176 tv->tv_usec -= 1000000;
182 struct timeval *tv, *a, *b;
184 tv->tv_sec = a->tv_sec - b->tv_sec;
185 tv->tv_usec = a->tv_usec - b->tv_usec;
186 if (((long) tv->tv_usec) < 0) {
188 tv->tv_usec += 1000000;
194 struct timeval *tv, *a;
197 tv->tv_usec = (a->tv_sec % n * 1000000 + a->tv_usec + n / 2) / n;
198 tv->tv_sec = a->tv_sec / n + tv->tv_usec / 1000000;
199 tv->tv_usec %= 1000000;
204 struct timeval *tv, *a;
207 tv->tv_usec = a->tv_usec * n;
208 tv->tv_sec = a->tv_sec * n + a->tv_usec / 1000000;
209 tv->tv_usec %= 1000000;
217 for (; xlat->str != NULL; xlat++)
218 if (xlat->val == val)
224 * Print entry in struct xlat table, if there.
227 printxval(xlat, val, dflt)
232 char *str = xlookup(xlat, val);
237 tprintf("%#x /* %s */", val, dflt);
241 * Interpret `xlat' as an array of flags
242 * print the entries whose bits are on in `flags'
243 * return # of flags printed.
246 addflags(xlat, flags)
252 for (n = 0; xlat->str; xlat++) {
253 if (xlat->val && (flags & xlat->val) == xlat->val) {
254 tprintf("|%s", xlat->str);
260 tprintf("|%#x", flags);
267 printflags(xlat, flags)
274 if (flags == 0 && xlat->val == 0) {
275 tprintf("%s", xlat->str);
280 for (n = 0; xlat->str; xlat++) {
281 if (xlat->val && (flags & xlat->val) == xlat->val) {
282 tprintf("%s%s", sep, xlat->str);
289 tprintf("%s%#x", sep, flags);
296 printnum(tcp, addr, fmt)
307 if (umove(tcp, addr, &num) < 0) {
308 tprintf("%#lx", addr);
316 static char path[MAXPATHLEN + 1];
322 char buf[2 * MAXPATHLEN + 1];
325 if (!strpbrk(str, "\"\'\\")) {
326 tprintf("\"%s\"", str);
329 for (s = buf; *str; str++) {
331 case '\"': case '\'': case '\\':
332 *s++ = '\\'; *s++ = *str; break;
338 tprintf("\"%s\"", buf);
346 if (umovestr(tcp, addr, MAXPATHLEN, path) < 0)
347 tprintf("%#lx", addr);
354 printpathn(tcp, addr, n)
359 if (umovestr(tcp, addr, n, path) < 0)
360 tprintf("%#lx", addr);
368 printstr(tcp, addr, len)
373 static unsigned char *str = NULL;
383 if ((str = malloc(max_strlen)) == NULL
384 || (outstr = malloc(2*max_strlen)) == NULL) {
385 fprintf(stderr, "printstr: no memory\n");
386 tprintf("%#lx", addr);
390 outend = outstr + max_strlen * 2 - 10;
393 if (umovestr(tcp, addr, n, (char *) str) < 0) {
394 tprintf("%#lx", addr);
399 n = MIN(len, max_strlen);
400 if (umoven(tcp, addr, n, (char *) str) < 0) {
401 tprintf("%#lx", addr);
410 for (i = 0; i < n; i++) {
412 if (len < 0 && c == '\0')
414 if (!isprint(c) && !isspace(c)) {
425 for (i = 0; i < n; i++) {
427 if (len < 0 && c == '\0')
429 sprintf(s, "\\x%02x", c);
436 for (i = 0; i < n; i++) {
438 if (len < 0 && c == '\0')
441 case '\"': case '\'': case '\\':
442 *s++ = '\\'; *s++ = c; break;
444 *s++ = '\\'; *s++ = 'f'; break;
446 *s++ = '\\'; *s++ = 'n'; break;
448 *s++ = '\\'; *s++ = 'r'; break;
450 *s++ = '\\'; *s++ = 't'; break;
452 *s++ = '\\'; *s++ = 'v'; break;
456 else if (i < n - 1 && isdigit(str[i + 1])) {
457 sprintf(s, "\\%03o", c);
461 sprintf(s, "\\%o", c);
472 if (i < len || (len < 0 && (i == n || s > outend))) {
473 *s++ = '.'; *s++ = '.'; *s++ = '.';
476 tprintf("%s", outstr);
481 dumpiov(tcp, len, addr)
490 if ((iov = (struct iovec *) malloc(len * sizeof *iov)) == NULL) {
491 fprintf(stderr, "dump: No memory");
494 if (umoven(tcp, addr,
495 len * sizeof *iov, (char *) iov) >= 0) {
497 for (i = 0; i < len; i++) {
498 /* include the buffer number to make it easy to
499 * match up the trace with the source */
500 tprintf(" * %lu bytes in buffer %d\n",
501 (unsigned long)iov[i].iov_len, i);
502 dumpstr(tcp, (long) iov[i].iov_base,
512 dumpstr(tcp, addr, len)
517 static int strsize = -1;
518 static unsigned char *str;
519 static char outstr[80];
526 if ((str = malloc(len)) == NULL) {
527 fprintf(stderr, "dump: no memory\n");
533 if (umoven(tcp, addr, len, (char *) str) < 0)
536 for (i = 0; i < len; i += 16) {
538 sprintf(s, " | %05x ", i);
540 for (j = 0; j < 16; j++) {
544 sprintf(s, " %02x", str[i + j]);
548 *s++ = ' '; *s++ = ' '; *s++ = ' ';
551 *s++ = ' '; *s++ = ' ';
552 for (j = 0; j < 16; j++) {
556 if (isprint(str[i + j]))
564 tprintf("%s |\n", outstr);
568 #define PAGMASK (~(PAGSIZ - 1))
570 * move `len' bytes of data from process `pid'
571 * at address `addr' to our space at `laddr'
574 umoven(tcp, addr, len, laddr)
587 char x[sizeof(long)];
590 if (addr & (sizeof(long) - 1)) {
591 /* addr not a multiple of sizeof(long) */
592 n = addr - (addr & -sizeof(long)); /* residue */
593 addr &= -sizeof(long); /* residue */
595 u.val = ptrace(PTRACE_PEEKDATA, pid, (char *) addr, 0);
597 if (started && (errno==EPERM || errno==EIO)) {
598 /* Ran into 'end of memory' - stupid "printpath" */
601 /* But if not started, we had a bogus address. */
602 perror("ptrace: umoven");
606 memcpy(laddr, &u.x[n], m = MIN(sizeof(long) - n, len));
607 addr += sizeof(long), laddr += m, len -= m;
611 u.val = ptrace(PTRACE_PEEKDATA, pid, (char *) addr, 0);
613 if (started && (errno==EPERM || errno==EIO)) {
614 /* Ran into 'end of memory' - stupid "printpath" */
618 perror("ptrace: umoven");
622 memcpy(laddr, u.x, m = MIN(sizeof(long), len));
623 addr += sizeof(long), laddr += m, len -= m;
633 char x[sizeof(long)];
636 if (addr & (sizeof(long) - 1)) {
637 /* addr not a multiple of sizeof(long) */
638 n = addr - (addr & -sizeof(long)); /* residue */
639 addr &= -sizeof(long); /* residue */
641 u.val = ptrace(PTRACE_PEEKDATA, pid, (char *) addr, 0);
646 memcpy(laddr, &u.x[n], m = MIN(sizeof(long) - n, len));
647 addr += sizeof(long), laddr += m, len -= m;
651 u.val = ptrace(PTRACE_PEEKDATA, pid, (char *) addr, 0);
656 memcpy(laddr, u.x, m = MIN(sizeof(long), len));
657 addr += sizeof(long), laddr += m, len -= m;
663 n = MIN(len, PAGSIZ);
664 n = MIN(n, ((addr + PAGSIZ) & PAGMASK) - addr);
665 if (ptrace(PTRACE_READDATA, pid,
666 (char *) addr, len, laddr) < 0) {
667 perror("umoven: ptrace(PTRACE_READDATA, ...)");
679 #ifdef HAVE_MP_PROCFS
680 int fd = tcp->pfd_as;
684 lseek(fd, addr, SEEK_SET);
685 if (read(fd, laddr, len) == -1)
687 #endif /* USE_PROCFS */
693 * like `umove' but make the additional effort of looking
694 * for a terminating zero byte.
697 umovestr(tcp, addr, len, laddr)
704 #ifdef HAVE_MP_PROCFS
705 int fd = tcp->pfd_as;
709 /* Some systems (e.g. FreeBSD) can be upset if we read off the
710 end of valid memory, avoid this by trying to read up
711 to page boundaries. But we don't know what a page is (and
712 getpagesize(2) (if it exists) doesn't necessarily return
713 hardware page size). Assume all pages >= 1024 (a-historical
716 int page = 1024; /* How to find this? */
717 int move = page - (addr & (page - 1));
720 lseek(fd, addr, SEEK_SET);
723 if (move > left) move = left;
724 if ((move = read(fd, laddr, move)) <= 0)
725 return left != len ? 0 : -1;
726 if (memchr (laddr, 0, move)) break;
732 #else /* !USE_PROCFS */
738 char x[sizeof(long)];
741 if (addr & (sizeof(long) - 1)) {
742 /* addr not a multiple of sizeof(long) */
743 n = addr - (addr & -sizeof(long)); /* residue */
744 addr &= -sizeof(long); /* residue */
746 u.val = ptrace(PTRACE_PEEKDATA, pid, (char *)addr, 0);
748 if (started && (errno==EPERM || errno==EIO)) {
749 /* Ran into 'end of memory' - stupid "printpath" */
756 memcpy(laddr, &u.x[n], m = MIN(sizeof(long)-n,len));
757 while (n & (sizeof(long) - 1))
758 if (u.x[n++] == '\0')
760 addr += sizeof(long), laddr += m, len -= m;
764 u.val = ptrace(PTRACE_PEEKDATA, pid, (char *)addr, 0);
766 if (started && (errno==EPERM || errno==EIO)) {
767 /* Ran into 'end of memory' - stupid "printpath" */
774 memcpy(laddr, u.x, m = MIN(sizeof(long), len));
775 for (i = 0; i < sizeof(long); i++)
779 addr += sizeof(long), laddr += m, len -= m;
781 #endif /* !USE_PROCFS */
787 #define PTRACE_WRITETEXT 101
788 #define PTRACE_WRITEDATA 102
795 uload(cmd, pid, addr, len, laddr)
806 n = MIN(len, PAGSIZ);
807 n = MIN(n, ((addr + PAGSIZ) & PAGMASK) - addr);
808 if (ptrace(cmd, pid, (char *)addr, n, laddr) < 0) {
809 perror("uload: ptrace(PTRACE_WRITE, ...)");
821 char x[sizeof(long)];
824 if (cmd == PTRACE_WRITETEXT) {
825 peek = PTRACE_PEEKTEXT;
826 poke = PTRACE_POKETEXT;
829 peek = PTRACE_PEEKDATA;
830 poke = PTRACE_POKEDATA;
832 if (addr & (sizeof(long) - 1)) {
833 /* addr not a multiple of sizeof(long) */
834 n = addr - (addr & -sizeof(long)); /* residue */
835 addr &= -sizeof(long);
837 u.val = ptrace(peek, pid, (char *) addr, 0);
839 perror("uload: POKE");
842 memcpy(&u.x[n], laddr, m = MIN(sizeof(long) - n, len));
843 if (ptrace(poke, pid, (char *)addr, u.val) < 0) {
844 perror("uload: POKE");
847 addr += sizeof(long), laddr += m, len -= m;
850 if (len < sizeof(long))
851 u.val = ptrace(peek, pid, (char *) addr, 0);
852 memcpy(u.x, laddr, m = MIN(sizeof(long), len));
853 if (ptrace(poke, pid, (char *) addr, u.val) < 0) {
854 perror("uload: POKE");
857 addr += sizeof(long), laddr += m, len -= m;
864 tload(pid, addr, len, laddr)
869 return uload(PTRACE_WRITETEXT, pid, addr, len, laddr);
873 dload(pid, addr, len, laddr)
879 return uload(PTRACE_WRITEDATA, pid, addr, len, laddr);
894 #ifdef SUNOS4_KERNEL_ARCH_KLUDGE
896 static int is_sun4m = -1;
899 /* Round up the usual suspects. */
900 if (is_sun4m == -1) {
901 if (uname(&name) < 0) {
902 perror("upeek: uname?");
905 is_sun4m = strcmp(name.machine, "sun4m") == 0;
907 extern struct xlat struct_user_offsets[];
910 for (x = struct_user_offsets; x->str; x++)
917 #endif /* SUNOS4_KERNEL_ARCH_KLUDGE */
919 val = ptrace(PTRACE_PEEKUSER, pid, (char *) off, 0);
920 if (val == -1 && errno) {
922 sprintf(buf,"upeek: ptrace(PTRACE_PEEKUSER,%d,%lu,0)",pid,off);
930 #endif /* !USE_PROCFS */
940 if (upeek(tcp->pid, 4*EIP, &pc) < 0)
942 #elif defined(X86_64)
943 if (upeek(tcp->pid, 8*RIP, &pc) < 0)
946 if (upeek(tcp->pid, PT_B0, &pc) < 0)
949 if (upeek(tcp->pid, 4*15, &pc) < 0)
951 #elif defined(POWERPC)
952 if (upeek(tcp->pid, sizeof(unsigned long)*PT_NIP, &pc) < 0)
955 if (upeek(tcp->pid, 4*PT_PC, &pc) < 0)
958 if (upeek(tcp->pid, REG_PC, &pc) < 0)
961 if (upeek(tcp->pid, REG_EPC, &pc) < 0)
965 if (ptrace(PTRACE_GETREGS,tcp->pid,(char *)®s,0) < 0)
968 #elif defined(S390) || defined(S390X)
969 if(upeek(tcp->pid,PT_PSWADDR,&pc) < 0)
972 if(upeek(tcp->pid,PT_IAOQ0,&pc) < 0)
975 if (upeek(tcp->pid, 4*REG_PC ,&pc) < 0)
983 * Return current program counter for `pid'
984 * Assumes PC is never 0xffffffff
988 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *) ®s, 0) < 0) {
989 perror("getpc: ptrace(PTRACE_GETREGS, ...)");
1002 pread(tcp->pfd_reg, ®s, sizeof(regs), 0);
1004 #endif /* FREEBSD */
1016 if (upeek(tcp->pid, 4*EIP, &eip) < 0) {
1017 tprintf("[????????] ");
1020 tprintf("[%08lx] ", eip);
1021 #elif defined(X86_64)
1024 if (upeek(tcp->pid, 8*RIP, &rip) < 0) {
1025 tprintf("[????????] ");
1028 tprintf("[%16lx] ", rip);
1032 if (upeek(tcp->pid, PT_B0, &ip) < 0) {
1033 tprintf("[????????] ");
1036 tprintf("[%08lx] ", ip);
1037 #elif defined(POWERPC)
1040 if (upeek(tcp->pid, sizeof(unsigned long)*PT_NIP, &pc) < 0) {
1041 tprintf ("[????????] ");
1044 tprintf("[%08lx] ", pc);
1048 if (upeek(tcp->pid, 4*PT_PC, &pc) < 0) {
1049 tprintf ("[????????] ");
1052 tprintf("[%08lx] ", pc);
1053 #elif defined(ALPHA)
1056 if (upeek(tcp->pid, REG_PC, &pc) < 0) {
1057 tprintf ("[????????] ");
1060 tprintf("[%08lx] ", pc);
1061 #elif defined(SPARC)
1063 if (ptrace(PTRACE_GETREGS,tcp->pid,(char *)®s,0) < 0) {
1064 tprintf("[????????] ");
1067 tprintf("[%08lx] ", regs.r_pc);
1071 if(upeek(tcp->pid,PT_IAOQ0,&pc) < 0) {
1072 tprintf ("[????????] ");
1075 tprintf("[%08lx] ", pc);
1079 if (upeek(tcp->pid, REG_EPC, &pc) < 0) {
1080 tprintf ("[????????] ");
1083 tprintf("[%08lx] ", pc);
1087 if (upeek(tcp->pid, 4*REG_PC, &pc) < 0) {
1088 tprintf ("[????????] ");
1091 tprintf("[%08lx] ", pc);
1092 #endif /* !architecture */
1098 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *) ®s, 0) < 0) {
1099 perror("printcall: ptrace(PTRACE_GETREGS, ...)");
1100 tprintf("[????????] ");
1103 tprintf("[%08x] ", regs.r_o7);
1108 tprintf("[????????] ");
1113 pread(tcp->pfd_reg, ®s, sizeof(regs), 0);
1114 tprintf("[%08x] ", regs.r_eip);
1115 #endif /* FREEBSD */
1122 #include <sys/syscall.h>
1123 #ifndef CLONE_PTRACE
1124 # define CLONE_PTRACE 0x00002000
1129 typedef unsigned long *arg_setup_state;
1132 arg_setup(struct tcb *tcp, arg_setup_state *state)
1134 unsigned long *bsp, cfm, sof, sol;
1136 if (upeek(tcp->pid, PT_AR_BSP, (long *) &bsp) < 0)
1138 if (upeek(tcp->pid, PT_CFM, (long *) &cfm) < 0)
1141 sof = (cfm >> 0) & 0x7f;
1142 sol = (cfm >> 7) & 0x7f;
1143 bsp = ia64_rse_skip_regs(bsp, -sof + sol);
1149 # define arg_finish_change(tcp, state) 0
1153 get_arg0 (struct tcb *tcp, arg_setup_state *state, long *valp)
1155 return umoven (tcp, (unsigned long) ia64_rse_skip_regs(*state, 0),
1156 sizeof(long), (void *) valp);
1160 get_arg1 (struct tcb *tcp, arg_setup_state *state, long *valp)
1162 return umoven (tcp, (unsigned long) ia64_rse_skip_regs(*state, 1),
1163 sizeof(long), (void *) valp);
1168 set_arg0 (struct tcb *tcp, arg_setup_state *state, long val)
1171 ap = ia64_rse_skip_regs(*state, 0);
1173 ptrace(PTRACE_POKEDATA, tcp->pid, (void *) ap, val);
1174 return errno ? -1 : 0;
1178 set_arg1 (struct tcb *tcp, arg_setup_state *state, long val)
1181 ap = ia64_rse_skip_regs(*state, 1);
1183 ptrace(PTRACE_POKEDATA, tcp->pid, (void *) ap, val);
1184 return errno ? -1 : 0;
1187 #elif defined (SPARC)
1189 typedef struct regs arg_setup_state;
1191 # define arg_setup(tcp, state) \
1192 (ptrace (PTRACE_GETREGS, tcp->pid, (char *) (state), 0))
1193 # define arg_finish_change(tcp, state) \
1194 (ptrace (PTRACE_SETREGS, tcp->pid, (char *) (state), 0))
1196 # define get_arg0(tcp, state, valp) (*(valp) = (state)->r_o0, 0)
1197 # define get_arg1(tcp, state, valp) (*(valp) = (state)->r_o1, 0)
1198 # define set_arg0(tcp, state, val) ((state)->r_o0 = (val), 0)
1199 # define set_arg1(tcp, state, val) ((state)->r_o1 = (val), 0)
1200 # define restore_arg0(tcp, state, val) 0
1204 # if defined S390 || defined S390X
1205 /* Note: this is only true for the `clone' system call, which handles
1206 arguments specially. We could as well say that its first two arguments
1207 are swapped relative to other architectures, but that would just be
1208 another #ifdef in the calls. */
1209 # define arg0_offset PT_GPR3
1210 # define arg1_offset PT_ORIGGPR2
1211 # define restore_arg0(tcp, state, val) ((void) (state), 0)
1212 # define restore_arg1(tcp, state, val) ((void) (state), 0)
1213 # elif defined (ALPHA) || defined (MIPS)
1214 # define arg0_offset REG_A0
1215 # define arg1_offset (REG_A0+1)
1216 # elif defined (POWERPC)
1217 # define arg0_offset (sizeof(unsigned long)*PT_R3)
1218 # define arg1_offset (sizeof(unsigned long)*PT_R4)
1219 # define restore_arg0(tcp, state, val) ((void) (state), 0)
1220 # elif defined (HPPA)
1221 # define arg0_offset PT_GR26
1222 # define arg1_offset (PT_GR26-4)
1223 # elif defined (X86_64)
1224 # define arg0_offset ((long)(8*(current_personality ? RBX : RDI)))
1225 # define arg1_offset ((long)(8*(current_personality ? RCX : RSI)))
1227 # define arg0_offset (4*(REG_REG0+4))
1228 # define arg1_offset (4*(REG_REG0+5))
1230 # define arg0_offset 0
1231 # define arg1_offset 4
1233 # define restore_arg0(tcp, state, val) 0
1237 typedef int arg_setup_state;
1239 # define arg_setup(tcp, state) (0)
1240 # define arg_finish_change(tcp, state) 0
1241 # define get_arg0(tcp, cookie, valp) \
1242 (upeek ((tcp)->pid, arg0_offset, (valp)))
1243 # define get_arg1(tcp, cookie, valp) \
1244 (upeek ((tcp)->pid, arg1_offset, (valp)))
1247 set_arg0 (struct tcb *tcp, void *cookie, long val)
1249 return ptrace (PTRACE_POKEUSER, tcp->pid, (char*)arg0_offset, val);
1253 set_arg1 (struct tcb *tcp, void *cookie, long val)
1255 return ptrace (PTRACE_POKEUSER, tcp->pid, (char*)arg1_offset, val);
1260 #ifndef restore_arg0
1261 # define restore_arg0(tcp, state, val) set_arg0((tcp), (state), (val))
1263 #ifndef restore_arg1
1264 # define restore_arg1(tcp, state, val) set_arg1((tcp), (state), (val))
1271 extern int change_syscall(struct tcb *, int);
1272 arg_setup_state state;
1274 if (tcp->flags & TCB_BPTSET) {
1275 fprintf(stderr, "PANIC: TCB already set in pid %u\n", tcp->pid);
1279 switch (tcp->scno) {
1286 #if defined SYS_fork || defined SYS_vfork
1287 if (arg_setup (tcp, &state) < 0
1288 || get_arg0 (tcp, &state, &tcp->inst[0]) < 0
1289 || get_arg1 (tcp, &state, &tcp->inst[1]) < 0
1290 || change_syscall(tcp, SYS_clone) < 0
1291 || set_arg0 (tcp, &state, CLONE_PTRACE|SIGCHLD) < 0
1292 || set_arg1 (tcp, &state, 0) < 0
1293 || arg_finish_change (tcp, &state) < 0)
1295 tcp->u_arg[0] = CLONE_PTRACE|SIGCHLD;
1297 tcp->flags |= TCB_BPTSET;
1305 if ((tcp->u_arg[0] & CLONE_PTRACE) == 0
1306 && (arg_setup (tcp, &state) < 0
1307 || set_arg0 (tcp, &state, tcp->u_arg[0] | CLONE_PTRACE) < 0
1308 || arg_finish_change (tcp, &state) < 0))
1310 tcp->flags |= TCB_BPTSET;
1311 tcp->inst[0] = tcp->u_arg[0];
1312 tcp->inst[1] = tcp->u_arg[1];
1316 fprintf(stderr, "PANIC: setbpt for syscall %ld on %u???\n",
1317 tcp->scno, tcp->pid);
1328 arg_setup_state state;
1329 if (arg_setup (tcp, &state) < 0
1330 || restore_arg0 (tcp, &state, tcp->inst[0]) < 0
1331 || restore_arg1 (tcp, &state, tcp->inst[1]) < 0
1332 || arg_finish_change (tcp, &state))
1334 tcp->flags &= ~TCB_BPTSET;
1347 /* We simply use the SunOS breakpoint code. */
1350 #define LOOPA 0x30800000 /* ba,a 0 */
1352 if (tcp->flags & TCB_BPTSET) {
1353 fprintf(stderr, "PANIC: TCB already set in pid %u\n", tcp->pid);
1356 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0) {
1357 perror("setbpt: ptrace(PTRACE_GETREGS, ...)");
1360 tcp->baddr = regs.r_o7 + 8;
1362 tcp->inst[0] = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)tcp->baddr, 0);
1364 perror("setbpt: ptrace(PTRACE_PEEKTEXT, ...)");
1369 * XXX - BRUTAL MODE ON
1370 * We cannot set a real BPT in the child, since it will not be
1371 * traced at the moment it will reach the trap and would probably
1372 * die with a core dump.
1373 * Thus, we are force our way in by taking out two instructions
1374 * and insert an eternal loop instead, in expectance of the SIGSTOP
1375 * generated by out PTRACE_ATTACH.
1376 * Of cause, if we evaporate ourselves in the middle of all this...
1379 ptrace(PTRACE_POKETEXT, tcp->pid, (char *) tcp->baddr, LOOPA);
1381 perror("setbpt: ptrace(PTRACE_POKETEXT, ...)");
1384 tcp->flags |= TCB_BPTSET;
1389 # define LOOP 0x0000feeb
1390 if (tcp->flags & TCB_BPTSET) {
1391 fprintf(stderr, "PANIC: bpt already set in pid %u\n",
1395 if (upeek(tcp->pid, PT_CR_IIP, &tcp->baddr) < 0)
1398 fprintf(stderr, "[%d] setting bpt at %lx\n",
1399 tcp->pid, tcp->baddr);
1400 tcp->inst[0] = ptrace(PTRACE_PEEKTEXT, tcp->pid,
1401 (char *) tcp->baddr, 0);
1403 perror("setbpt: ptrace(PTRACE_PEEKTEXT, ...)");
1406 ptrace(PTRACE_POKETEXT, tcp->pid, (char *) tcp->baddr, LOOP);
1408 perror("setbpt: ptrace(PTRACE_POKETEXT, ...)");
1411 tcp->flags |= TCB_BPTSET;
1414 * Our strategy here is to replace the bundle that
1415 * contained the clone() syscall with a bundle of the
1418 * { 1: br 1b; br 1b; br 1b }
1420 * This ensures that the newly forked child will loop
1421 * endlessly until we've got a chance to attach to it.
1423 # define LOOP0 0x0000100000000017
1424 # define LOOP1 0x4000000000200000
1425 unsigned long addr, ipsr;
1429 if (upeek(pid, PT_CR_IPSR, &ipsr) < 0)
1431 if (upeek(pid, PT_CR_IIP, &addr) < 0)
1433 /* store "ri" in low two bits */
1434 tcp->baddr = addr | ((ipsr >> 41) & 0x3);
1437 tcp->inst[0] = ptrace(PTRACE_PEEKTEXT, pid, (char *) addr + 0,
1439 tcp->inst[1] = ptrace(PTRACE_PEEKTEXT, pid, (char *) addr + 8,
1442 perror("setbpt: ptrace(PTRACE_PEEKTEXT, ...)");
1447 ptrace(PTRACE_POKETEXT, pid, (char *) addr + 0, LOOP0);
1448 ptrace(PTRACE_POKETEXT, pid, (char *) addr + 8, LOOP1);
1450 perror("setbpt: ptrace(PTRACE_POKETEXT, ...)");
1453 tcp->flags |= TCB_BPTSET;
1457 #if defined (I386) || defined(X86_64)
1458 #define LOOP 0x0000feeb
1459 #elif defined (M68K)
1460 #define LOOP 0x60fe0000
1461 #elif defined (ALPHA)
1462 #define LOOP 0xc3ffffff
1463 #elif defined (POWERPC)
1464 #define LOOP 0x48000000
1466 #define LOOP 0xEAFFFFFE
1468 #define LOOP 0x1000ffff
1470 #define LOOP 0xa7f40000 /* BRC 15,0 */
1471 #elif defined(S390X)
1472 #define LOOP 0xa7f4000000000000UL /* BRC 15,0 */
1474 #define LOOP 0xe81f1ff7 /* b,l,n <loc>,r0 */
1476 #ifdef __LITTLE_ENDIAN__
1477 #define LOOP 0x0000affe
1479 #define LOOP 0xfeaf0000
1482 #error unknown architecture
1485 if (tcp->flags & TCB_BPTSET) {
1486 fprintf(stderr, "PANIC: bpt already set in pid %u\n", tcp->pid);
1490 if (upeek(tcp->pid, 4*EIP, &tcp->baddr) < 0)
1492 #elif defined (X86_64)
1493 if (upeek(tcp->pid, 8*RIP, &tcp->baddr) < 0)
1495 #elif defined (M68K)
1496 if (upeek(tcp->pid, 4*PT_PC, &tcp->baddr) < 0)
1498 #elif defined (ALPHA)
1502 #elif defined (MIPS)
1503 return -1; /* FIXME: I do not know what i do - Flo */
1504 #elif defined (POWERPC)
1505 if (upeek(tcp->pid, sizeof(unsigned long)*PT_NIP, &tcp->baddr) < 0)
1507 #elif defined(S390) || defined(S390X)
1508 if (upeek(tcp->pid,PT_PSWADDR, &tcp->baddr) < 0)
1511 if (upeek(tcp->pid, PT_IAOQ0, &tcp->baddr) < 0)
1513 tcp->baddr &= ~0x03;
1515 if (upeek(tcp->pid, 4*REG_PC, &tcp->baddr) < 0)
1518 #error unknown architecture
1521 fprintf(stderr, "[%d] setting bpt at %lx\n", tcp->pid, tcp->baddr);
1522 tcp->inst[0] = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *) tcp->baddr, 0);
1524 perror("setbpt: ptrace(PTRACE_PEEKTEXT, ...)");
1527 ptrace(PTRACE_POKETEXT, tcp->pid, (char *) tcp->baddr, LOOP);
1529 perror("setbpt: ptrace(PTRACE_POKETEXT, ...)");
1532 tcp->flags |= TCB_BPTSET;
1539 #ifdef SPARC /* This code is slightly sparc specific */
1542 #define BPT 0x91d02001 /* ta 1 */
1543 #define LOOP 0x10800000 /* ba 0 */
1544 #define LOOPA 0x30800000 /* ba,a 0 */
1545 #define NOP 0x01000000
1547 static int loopdeloop[1] = {LOOPA};
1549 static int loopdeloop[2] = {LOOP, NOP};
1552 if (tcp->flags & TCB_BPTSET) {
1553 fprintf(stderr, "PANIC: TCB already set in pid %u\n", tcp->pid);
1556 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0) {
1557 perror("setbpt: ptrace(PTRACE_GETREGS, ...)");
1560 tcp->baddr = regs.r_o7 + 8;
1561 if (ptrace(PTRACE_READTEXT, tcp->pid, (char *)tcp->baddr,
1562 sizeof tcp->inst, (char *)tcp->inst) < 0) {
1563 perror("setbpt: ptrace(PTRACE_READTEXT, ...)");
1568 * XXX - BRUTAL MODE ON
1569 * We cannot set a real BPT in the child, since it will not be
1570 * traced at the moment it will reach the trap and would probably
1571 * die with a core dump.
1572 * Thus, we are force our way in by taking out two instructions
1573 * and insert an eternal loop in stead, in expectance of the SIGSTOP
1574 * generated by out PTRACE_ATTACH.
1575 * Of cause, if we evaporate ourselves in the middle of all this...
1577 if (ptrace(PTRACE_WRITETEXT, tcp->pid, (char *) tcp->baddr,
1578 sizeof loopdeloop, (char *) loopdeloop) < 0) {
1579 perror("setbpt: ptrace(PTRACE_WRITETEXT, ...)");
1582 tcp->flags |= TCB_BPTSET;
1596 #if defined(I386) || defined(X86_64)
1598 #elif defined(POWERPC)
1602 #elif defined(ALPHA)
1608 #endif /* architecture */
1611 /* Again, we borrow the SunOS breakpoint code. */
1612 if (!(tcp->flags & TCB_BPTSET)) {
1613 fprintf(stderr, "PANIC: TCB not set in pid %u\n", tcp->pid);
1617 ptrace(PTRACE_POKETEXT, tcp->pid, (char *) tcp->baddr, tcp->inst[0]);
1619 perror("clearbtp: ptrace(PTRACE_POKETEXT, ...)");
1622 tcp->flags &= ~TCB_BPTSET;
1628 fprintf(stderr, "[%d] clearing bpt\n", tcp->pid);
1629 if (!(tcp->flags & TCB_BPTSET)) {
1630 fprintf(stderr, "PANIC: TCB not set in pid %u\n", tcp->pid);
1634 ptrace(PTRACE_POKETEXT, tcp->pid, (char *) tcp->baddr, tcp->inst[0]);
1636 perror("clearbtp: ptrace(PTRACE_POKETEXT, ...)");
1639 tcp->flags &= ~TCB_BPTSET;
1641 if (upeek(tcp->pid, PT_CR_IIP, &addr) < 0)
1643 if (addr != tcp->baddr) {
1644 /* The breakpoint has not been reached yet. */
1647 "NOTE: PC not at bpt (pc %#lx baddr %#lx)\n",
1652 unsigned long addr, ipsr;
1657 if (upeek(pid, PT_CR_IPSR, &ipsr) < 0)
1659 if (upeek(pid, PT_CR_IIP, &addr) < 0)
1662 /* restore original bundle: */
1664 ptrace(PTRACE_POKETEXT, pid, (char *) addr + 0, tcp->inst[0]);
1665 ptrace(PTRACE_POKETEXT, pid, (char *) addr + 8, tcp->inst[1]);
1667 perror("clearbpt: ptrace(PTRACE_POKETEXT, ...)");
1671 /* restore original "ri" in ipsr: */
1672 ipsr = (ipsr & ~(0x3ul << 41)) | ((tcp->baddr & 0x3) << 41);
1674 ptrace(PTRACE_POKEUSER, pid, (char *) PT_CR_IPSR, ipsr);
1676 perror("clrbpt: ptrace(PTRACE_POKEUSER, ...)");
1680 tcp->flags &= ~TCB_BPTSET;
1682 if (addr != (tcp->baddr & ~0x3)) {
1683 /* the breakpoint has not been reached yet. */
1685 fprintf(stderr, "NOTE: PC not at bpt (pc %#lx baddr %#lx)\n",
1690 #else /* !IA64 && ! SPARC */
1693 fprintf(stderr, "[%d] clearing bpt\n", tcp->pid);
1694 if (!(tcp->flags & TCB_BPTSET)) {
1695 fprintf(stderr, "PANIC: TCB not set in pid %u\n", tcp->pid);
1699 ptrace(PTRACE_POKETEXT, tcp->pid, (char *) tcp->baddr, tcp->inst[0]);
1701 perror("clearbtp: ptrace(PTRACE_POKETEXT, ...)");
1704 tcp->flags &= ~TCB_BPTSET;
1707 if (upeek(tcp->pid, 4*EIP, &eip) < 0)
1709 if (eip != tcp->baddr) {
1710 /* The breakpoint has not been reached yet. */
1713 "NOTE: PC not at bpt (pc %#lx baddr %#lx)\n",
1717 #elif defined(X86_64)
1718 if (upeek(tcp->pid, 8*RIP, &eip) < 0)
1720 if (eip != tcp->baddr) {
1721 /* The breakpoint has not been reached yet. */
1724 "NOTE: PC not at bpt (pc %#lx baddr %#lx)\n",
1728 #elif defined(POWERPC)
1729 if (upeek(tcp->pid, sizeof(unsigned long)*PT_NIP, &pc) < 0)
1731 if (pc != tcp->baddr) {
1732 /* The breakpoint has not been reached yet. */
1734 fprintf(stderr, "NOTE: PC not at bpt (pc %#lx baddr %#lx)\n",
1739 if (upeek(tcp->pid, 4*PT_PC, &pc) < 0)
1741 if (pc != tcp->baddr) {
1742 /* The breakpoint has not been reached yet. */
1744 fprintf(stderr, "NOTE: PC not at bpt (pc %#lx baddr %#lx)\n",
1748 #elif defined(ALPHA)
1749 if (upeek(tcp->pid, REG_PC, &pc) < 0)
1751 if (pc != tcp->baddr) {
1752 /* The breakpoint has not been reached yet. */
1754 fprintf(stderr, "NOTE: PC not at bpt (pc %#lx baddr %#lx)\n",
1759 if (upeek(tcp->pid, PT_IAOQ0, &iaoq) < 0)
1762 if (iaoq != tcp->baddr && iaoq != tcp->baddr + 4) {
1763 /* The breakpoint has not been reached yet. */
1765 fprintf(stderr, "NOTE: PC not at bpt (iaoq %#lx baddr %#lx)\n",
1769 iaoq = tcp->baddr | 3;
1770 /* We should be pointing at a 'ldi -1000,r1' in glibc, so it is
1771 * safe to set both IAOQ0 and IAOQ1 to that so the PSW N bit
1772 * has no significant effect.
1774 ptrace(PTRACE_POKEUSER, tcp->pid, (void *)PT_IAOQ0, iaoq);
1775 ptrace(PTRACE_POKEUSER, tcp->pid, (void *)PT_IAOQ1, iaoq);
1777 if (upeek(tcp->pid, 4*REG_PC, &pc) < 0)
1779 if (pc != tcp->baddr) {
1780 /* The breakpoint has not been reached yet. */
1782 fprintf(stderr, "NOTE: PC not at bpt (pc %#lx baddr %#lx)\n",
1788 #endif /* !SPARC && !IA64 */
1798 if (!(tcp->flags & TCB_BPTSET)) {
1799 fprintf(stderr, "PANIC: TCB not set in pid %u\n", tcp->pid);
1802 if (ptrace(PTRACE_WRITETEXT, tcp->pid, (char *) tcp->baddr,
1803 sizeof tcp->inst, (char *) tcp->inst) < 0) {
1804 perror("clearbtp: ptrace(PTRACE_WRITETEXT, ...)");
1807 tcp->flags &= ~TCB_BPTSET;
1811 * Since we don't have a single instruction breakpoint, we may have
1812 * to adjust the program counter after removing the our `breakpoint'.
1814 if (ptrace(PTRACE_GETREGS, tcp->pid, (char *)®s, 0) < 0) {
1815 perror("clearbpt: ptrace(PTRACE_GETREGS, ...)");
1818 if ((regs.r_pc < tcp->baddr) ||
1819 (regs.r_pc > tcp->baddr + 4)) {
1820 /* The breakpoint has not been reached yet */
1823 "NOTE: PC not at bpt (pc %#x baddr %#x)\n",
1824 regs.r_pc, tcp->parent->baddr);
1827 if (regs.r_pc != tcp->baddr)
1829 fprintf(stderr, "NOTE: PC adjusted (%#x -> %#x\n",
1830 regs.r_pc, tcp->baddr);
1832 regs.r_pc = tcp->baddr;
1833 if (ptrace(PTRACE_SETREGS, tcp->pid, (char *)®s, 0) < 0) {
1834 perror("clearbpt: ptrace(PTRACE_SETREGS, ...)");
1846 #endif /* !USE_PROCFS */
1857 for (n = 0; n < sizeof *hdr; n += 4) {
1859 if (upeek(pid, uoff(u_exdata) + n, &res) < 0)
1861 memcpy(((char *) hdr) + n, &res, 4);
1864 fprintf(stderr, "[struct exec: magic: %o version %u Mach %o\n",
1865 hdr->a_magic, hdr->a_toolversion, hdr->a_machtype);
1866 fprintf(stderr, "Text %lu Data %lu Bss %lu Syms %lu Entry %#lx]\n",
1867 hdr->a_text, hdr->a_data, hdr->a_bss, hdr->a_syms, hdr->a_entry);
1878 * Change `vfork' in a freshly exec'ed dynamically linked
1879 * executable's (internal) symbol table to plain old `fork'
1883 struct link_dynamic dyn;
1884 struct link_dynamic_2 ld;
1887 if (getex(pid, &hdr) < 0)
1892 if (umove(tcp, (int) N_DATADDR(hdr), &dyn) < 0) {
1893 fprintf(stderr, "Cannot read DYNAMIC\n");
1896 if (umove(tcp, (int) dyn.ld_un.ld_2, &ld) < 0) {
1897 fprintf(stderr, "Cannot read link_dynamic_2\n");
1900 if ((strtab = malloc((unsigned)ld.ld_symb_size)) == NULL) {
1901 fprintf(stderr, "fixvfork: out of memory\n");
1904 if (umoven(tcp, (int)ld.ld_symbols+(int)N_TXTADDR(hdr),
1905 (int)ld.ld_symb_size, strtab) < 0)
1909 for (cp = strtab; cp < strtab + ld.ld_symb_size; ) {
1910 fprintf(stderr, "[symbol: %s]\n", cp);
1915 for (cp = strtab; cp < strtab + ld.ld_symb_size; ) {
1916 if (strcmp(cp, "_vfork") == 0) {
1918 fprintf(stderr, "fixvfork: FOUND _vfork\n");
1919 strcpy(cp, "_fork");
1924 if (cp < strtab + ld.ld_symb_size)
1926 * Write entire symbol table back to avoid
1927 * memory alignment bugs in ptrace
1929 if (tload(pid, (int)ld.ld_symbols+(int)N_TXTADDR(hdr),
1930 (int)ld.ld_symb_size, strtab) < 0)
projects / strace / blob