strace.c revision 1201426dd43f5b4e12dfe520e2a9c5027d33dc11
1/* 2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl> 3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl> 4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com> 5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl> 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. The name of the author may not be used to endorse or promote products 17 * derived from this software without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 24 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 28 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 * 30 * $Id$ 31 */ 32 33#include "defs.h" 34 35#include <sys/types.h> 36#include <stdarg.h> 37#include <signal.h> 38#include <errno.h> 39#include <sys/param.h> 40#include <fcntl.h> 41#include <sys/resource.h> 42#include <sys/wait.h> 43#include <sys/stat.h> 44#include <pwd.h> 45#include <grp.h> 46#include <string.h> 47#include <limits.h> 48#include <dirent.h> 49 50#ifdef LINUX 51# include <asm/unistd.h> 52# if defined __NR_tgkill 53# define my_tgkill(pid, tid, sig) syscall (__NR_tgkill, (pid), (tid), (sig)) 54# elif defined __NR_tkill 55# define my_tgkill(pid, tid, sig) syscall (__NR_tkill, (tid), (sig)) 56# else 57 /* kill() may choose arbitrarily the target task of the process group 58 while we later wait on a that specific TID. PID process waits become 59 TID task specific waits for a process under ptrace(2). */ 60# warning "Neither tkill(2) nor tgkill(2) available, risk of strace hangs!" 61# define my_tgkill(pid, tid, sig) kill ((tid), (sig)) 62# endif 63#endif 64 65#if defined(IA64) && defined(LINUX) 66# include <asm/ptrace_offsets.h> 67#endif 68 69#ifdef USE_PROCFS 70#include <poll.h> 71#endif 72 73#ifdef SVR4 74#include <sys/stropts.h> 75#ifdef HAVE_MP_PROCFS 76#ifdef HAVE_SYS_UIO_H 77#include <sys/uio.h> 78#endif 79#endif 80#endif 81extern char **environ; 82extern int optind; 83extern char *optarg; 84 85 86int debug = 0, followfork = 0; 87unsigned int ptrace_setoptions_followfork = 0; 88unsigned int ptrace_setoptions_for_all = 0; 89/* Which WSTOPSIG(status) value marks syscall traps? */ 90static unsigned int syscall_trap_sig = SIGTRAP; 91int dtime = 0, xflag = 0, qflag = 0; 92cflag_t cflag = CFLAG_NONE; 93static int iflag = 0, interactive = 0, pflag_seen = 0, rflag = 0, tflag = 0; 94/* 95 * daemonized_tracer supports -D option. 96 * With this option, strace forks twice. 97 * Unlike normal case, with -D *grandparent* process exec's, 98 * becoming a traced process. Child exits (this prevents traced process 99 * from having children it doesn't expect to have), and grandchild 100 * attaches to grandparent similarly to strace -p PID. 101 * This allows for more transparent interaction in cases 102 * when process and its parent are communicating via signals, 103 * wait() etc. Without -D, strace process gets lodged in between, 104 * disrupting parent<->child link. 105 */ 106static bool daemonized_tracer = 0; 107 108/* Sometimes we want to print only succeeding syscalls. */ 109int not_failing_only = 0; 110 111/* Show path associated with fd arguments */ 112int show_fd_path = 0; 113 114/* are we filtering traces based on paths? */ 115int tracing_paths = 0; 116 117static int exit_code = 0; 118static int strace_child = 0; 119static int strace_tracer_pid = 0; 120 121static char *username = NULL; 122uid_t run_uid; 123gid_t run_gid; 124 125int acolumn = DEFAULT_ACOLUMN; 126int max_strlen = DEFAULT_STRLEN; 127static char *outfname = NULL; 128FILE *outf; 129static int curcol; 130struct tcb **tcbtab; 131unsigned int nprocs, tcbtabsize; 132const char *progname; 133extern char **environ; 134 135static int detach(struct tcb *tcp, int sig); 136static int trace(void); 137static void cleanup(void); 138static void interrupt(int sig); 139static sigset_t empty_set, blocked_set; 140 141#ifdef HAVE_SIG_ATOMIC_T 142static volatile sig_atomic_t interrupted; 143#else /* !HAVE_SIG_ATOMIC_T */ 144static volatile int interrupted; 145#endif /* !HAVE_SIG_ATOMIC_T */ 146 147#ifdef USE_PROCFS 148 149static struct tcb *pfd2tcb(int pfd); 150static void reaper(int sig); 151static void rebuild_pollv(void); 152static struct pollfd *pollv; 153 154#ifndef HAVE_POLLABLE_PROCFS 155 156static void proc_poll_open(void); 157static void proc_poller(int pfd); 158 159struct proc_pollfd { 160 int fd; 161 int revents; 162 int pid; 163}; 164 165static int poller_pid; 166static int proc_poll_pipe[2] = { -1, -1 }; 167 168#endif /* !HAVE_POLLABLE_PROCFS */ 169 170#ifdef HAVE_MP_PROCFS 171#define POLLWANT POLLWRNORM 172#else 173#define POLLWANT POLLPRI 174#endif 175#endif /* USE_PROCFS */ 176 177static void 178usage(ofp, exitval) 179FILE *ofp; 180int exitval; 181{ 182 fprintf(ofp, "\ 183usage: strace [-CdDffhiqrtttTvVxxy] [-a column] [-e expr] ... [-o file]\n\ 184 [-p pid] ... [-s strsize] [-u username] [-E var=val] ...\n\ 185 [-P path] [command [arg ...]]\n\ 186 or: strace -c [-D] [-e expr] ... [-O overhead] [-S sortby] [-E var=val] ...\n\ 187 [command [arg ...]]\n\ 188-c -- count time, calls, and errors for each syscall and report summary\n\ 189-C -- like -c but also print regular output while processes are running\n\ 190-f -- follow forks, -ff -- with output into separate files\n\ 191-F -- attempt to follow vforks, -h -- print help message\n\ 192-i -- print instruction pointer at time of syscall\n\ 193-q -- suppress messages about attaching, detaching, etc.\n\ 194-r -- print relative timestamp, -t -- absolute timestamp, -tt -- with usecs\n\ 195-T -- print time spent in each syscall, -V -- print version\n\ 196-v -- verbose mode: print unabbreviated argv, stat, termio[s], etc. args\n\ 197-x -- print non-ascii strings in hex, -xx -- print all strings in hex\n\ 198-y -- print paths associated with file descriptor arguments\n\ 199-a column -- alignment COLUMN for printing syscall results (default %d)\n\ 200-e expr -- a qualifying expression: option=[!]all or option=[!]val1[,val2]...\n\ 201 options: trace, abbrev, verbose, raw, signal, read, or write\n\ 202-o file -- send trace output to FILE instead of stderr\n\ 203-O overhead -- set overhead for tracing syscalls to OVERHEAD usecs\n\ 204-p pid -- trace process with process id PID, may be repeated\n\ 205-D -- run tracer process as a detached grandchild, not as parent\n\ 206-s strsize -- limit length of print strings to STRSIZE chars (default %d)\n\ 207-S sortby -- sort syscall counts by: time, calls, name, nothing (default %s)\n\ 208-u username -- run command as username handling setuid and/or setgid\n\ 209-E var=val -- put var=val in the environment for command\n\ 210-E var -- remove var from the environment for command\n\ 211-P path -- trace accesses to path\n\ 212" /* this is broken, so don't document it 213-z -- print only succeeding syscalls\n\ 214 */ 215, DEFAULT_ACOLUMN, DEFAULT_STRLEN, DEFAULT_SORTBY); 216 exit(exitval); 217} 218 219static void die(void) __attribute__ ((noreturn)); 220static void die(void) 221{ 222 if (strace_tracer_pid == getpid()) { 223 cflag = 0; 224 cleanup(); 225 } 226 exit(1); 227} 228 229static void verror_msg(int err_no, const char *fmt, va_list p) 230{ 231 char *msg; 232 233 msg = NULL; 234 vasprintf(&msg, fmt, p); 235 if (msg) { 236 fflush(NULL); 237 if (err_no) 238 fprintf(stderr, "%s: %s: %s\n", progname, msg, strerror(err_no)); 239 else 240 fprintf(stderr, "%s: %s\n", progname, msg); 241 free(msg); 242 } 243} 244 245void error_msg(const char *fmt, ...) 246{ 247 va_list p; 248 va_start(p, fmt); 249 verror_msg(0, fmt, p); 250 va_end(p); 251} 252 253void error_msg_and_die(const char *fmt, ...) 254{ 255 va_list p; 256 va_start(p, fmt); 257 verror_msg(0, fmt, p); 258 die(); 259} 260 261void perror_msg(const char *fmt, ...) 262{ 263 va_list p; 264 va_start(p, fmt); 265 verror_msg(errno, fmt, p); 266 va_end(p); 267} 268 269void perror_msg_and_die(const char *fmt, ...) 270{ 271 va_list p; 272 va_start(p, fmt); 273 verror_msg(errno, fmt, p); 274 die(); 275} 276 277#ifdef SVR4 278#ifdef MIPS 279void 280foobar() 281{ 282} 283#endif /* MIPS */ 284#endif /* SVR4 */ 285 286/* Glue for systems without a MMU that cannot provide fork() */ 287#ifdef HAVE_FORK 288# define strace_vforked 0 289#else 290# define strace_vforked 1 291# define fork() vfork() 292#endif 293 294static int 295set_cloexec_flag(int fd) 296{ 297 int flags, newflags; 298 299 if ((flags = fcntl(fd, F_GETFD, 0)) < 0) 300 { 301 fprintf(stderr, "%s: fcntl F_GETFD: %s\n", 302 progname, strerror(errno)); 303 return -1; 304 } 305 306 newflags = flags | FD_CLOEXEC; 307 if (flags == newflags) 308 return 0; 309 310 if (fcntl(fd, F_SETFD, newflags) < 0) 311 { 312 fprintf(stderr, "%s: fcntl F_SETFD: %s\n", 313 progname, strerror(errno)); 314 return -1; 315 } 316 317 return 0; 318} 319 320/* 321 * When strace is setuid executable, we have to swap uids 322 * before and after filesystem and process management operations. 323 */ 324static void 325swap_uid(void) 326{ 327#ifndef SVR4 328 int euid = geteuid(), uid = getuid(); 329 330 if (euid != uid && setreuid(euid, uid) < 0) 331 { 332 fprintf(stderr, "%s: setreuid: %s\n", 333 progname, strerror(errno)); 334 exit(1); 335 } 336#endif 337} 338 339#if _LFS64_LARGEFILE 340# define fopen_for_output fopen64 341#else 342# define fopen_for_output fopen 343#endif 344 345static FILE * 346strace_fopen(const char *path, const char *mode) 347{ 348 FILE *fp; 349 350 swap_uid(); 351 if ((fp = fopen_for_output(path, mode)) == NULL) 352 fprintf(stderr, "%s: can't fopen '%s': %s\n", 353 progname, path, strerror(errno)); 354 swap_uid(); 355 if (fp && set_cloexec_flag(fileno(fp)) < 0) 356 { 357 fclose(fp); 358 fp = NULL; 359 } 360 return fp; 361} 362 363static int popen_pid = -1; 364 365#ifndef _PATH_BSHELL 366# define _PATH_BSHELL "/bin/sh" 367#endif 368 369/* 370 * We cannot use standard popen(3) here because we have to distinguish 371 * popen child process from other processes we trace, and standard popen(3) 372 * does not export its child's pid. 373 */ 374static FILE * 375strace_popen(const char *command) 376{ 377 int fds[2]; 378 379 swap_uid(); 380 if (pipe(fds) < 0) 381 { 382 fprintf(stderr, "%s: pipe: %s\n", 383 progname, strerror(errno)); 384 swap_uid(); 385 return NULL; 386 } 387 388 if (set_cloexec_flag(fds[1]) < 0) 389 { 390 close(fds[0]); 391 close(fds[1]); 392 swap_uid(); 393 return NULL; 394 } 395 396 if ((popen_pid = fork()) == -1) 397 { 398 fprintf(stderr, "%s: fork: %s\n", 399 progname, strerror(errno)); 400 close(fds[0]); 401 close(fds[1]); 402 swap_uid(); 403 return NULL; 404 } 405 406 if (popen_pid) 407 { 408 /* parent */ 409 close(fds[0]); 410 swap_uid(); 411 return fdopen(fds[1], "w"); 412 } else 413 { 414 /* child */ 415 close(fds[1]); 416 if (fds[0] && (dup2(fds[0], 0) || close(fds[0]))) 417 { 418 fprintf(stderr, "%s: dup2: %s\n", 419 progname, strerror(errno)); 420 _exit(1); 421 } 422 execl(_PATH_BSHELL, "sh", "-c", command, NULL); 423 fprintf(stderr, "%s: execl: %s: %s\n", 424 progname, _PATH_BSHELL, strerror(errno)); 425 _exit(1); 426 } 427} 428 429static int 430newoutf(struct tcb *tcp) 431{ 432 if (outfname && followfork > 1) { 433 char name[520 + sizeof(int) * 3]; 434 FILE *fp; 435 436 sprintf(name, "%.512s.%u", outfname, tcp->pid); 437 if ((fp = strace_fopen(name, "w")) == NULL) 438 return -1; 439 tcp->outf = fp; 440 } 441 return 0; 442} 443 444static void 445startup_attach(void) 446{ 447 int tcbi; 448 struct tcb *tcp; 449 450 /* 451 * Block user interruptions as we would leave the traced 452 * process stopped (process state T) if we would terminate in 453 * between PTRACE_ATTACH and wait4 () on SIGSTOP. 454 * We rely on cleanup () from this point on. 455 */ 456 if (interactive) 457 sigprocmask(SIG_BLOCK, &blocked_set, NULL); 458 459 if (daemonized_tracer) { 460 pid_t pid = fork(); 461 if (pid < 0) { 462 _exit(1); 463 } 464 if (pid) { /* parent */ 465 /* 466 * Wait for grandchild to attach to straced process 467 * (grandparent). Grandchild SIGKILLs us after it attached. 468 * Grandparent's wait() is unblocked by our death, 469 * it proceeds to exec the straced program. 470 */ 471 pause(); 472 _exit(0); /* paranoia */ 473 } 474 /* grandchild */ 475 /* We will be the tracer process. Remember our new pid: */ 476 strace_tracer_pid = getpid(); 477 } 478 479 for (tcbi = 0; tcbi < tcbtabsize; tcbi++) { 480 tcp = tcbtab[tcbi]; 481 if (!(tcp->flags & TCB_INUSE) || !(tcp->flags & TCB_ATTACHED)) 482 continue; 483#ifdef LINUX 484 if (tcp->flags & TCB_CLONE_THREAD) 485 continue; 486#endif 487 /* Reinitialize the output since it may have changed. */ 488 tcp->outf = outf; 489 if (newoutf(tcp) < 0) 490 exit(1); 491 492#ifdef USE_PROCFS 493 if (proc_open(tcp, 1) < 0) { 494 fprintf(stderr, "trouble opening proc file\n"); 495 droptcb(tcp); 496 continue; 497 } 498#else /* !USE_PROCFS */ 499# ifdef LINUX 500 if (followfork && !daemonized_tracer) { 501 char procdir[sizeof("/proc/%d/task") + sizeof(int) * 3]; 502 DIR *dir; 503 504 sprintf(procdir, "/proc/%d/task", tcp->pid); 505 dir = opendir(procdir); 506 if (dir != NULL) { 507 unsigned int ntid = 0, nerr = 0; 508 struct dirent *de; 509 int tid; 510 while ((de = readdir(dir)) != NULL) { 511 if (de->d_fileno == 0) 512 continue; 513 tid = atoi(de->d_name); 514 if (tid <= 0) 515 continue; 516 ++ntid; 517 if (ptrace(PTRACE_ATTACH, tid, (char *) 1, 0) < 0) 518 ++nerr; 519 else if (tid != tcbtab[tcbi]->pid) { 520 tcp = alloctcb(tid); 521 tcp->flags |= TCB_ATTACHED|TCB_CLONE_THREAD|TCB_FOLLOWFORK; 522 tcbtab[tcbi]->nchildren++; 523 tcbtab[tcbi]->nclone_threads++; 524 tcp->parent = tcbtab[tcbi]; 525 } 526 if (interactive) { 527 sigprocmask(SIG_SETMASK, &empty_set, NULL); 528 if (interrupted) 529 return; 530 sigprocmask(SIG_BLOCK, &blocked_set, NULL); 531 } 532 } 533 closedir(dir); 534 ntid -= nerr; 535 if (ntid == 0) { 536 perror("attach: ptrace(PTRACE_ATTACH, ...)"); 537 droptcb(tcp); 538 continue; 539 } 540 if (!qflag) { 541 fprintf(stderr, ntid > 1 542? "Process %u attached with %u threads - interrupt to quit\n" 543: "Process %u attached - interrupt to quit\n", 544 tcbtab[tcbi]->pid, ntid); 545 } 546 continue; 547 } /* if (opendir worked) */ 548 } /* if (-f) */ 549# endif 550 if (ptrace(PTRACE_ATTACH, tcp->pid, (char *) 1, 0) < 0) { 551 perror("attach: ptrace(PTRACE_ATTACH, ...)"); 552 droptcb(tcp); 553 continue; 554 } 555 /* INTERRUPTED is going to be checked at the top of TRACE. */ 556 557 if (daemonized_tracer) { 558 /* 559 * It is our grandparent we trace, not a -p PID. 560 * Don't want to just detach on exit, so... 561 */ 562 tcp->flags &= ~TCB_ATTACHED; 563 /* 564 * Make parent go away. 565 * Also makes grandparent's wait() unblock. 566 */ 567 kill(getppid(), SIGKILL); 568 } 569 570#endif /* !USE_PROCFS */ 571 if (!qflag) 572 fprintf(stderr, 573 "Process %u attached - interrupt to quit\n", 574 tcp->pid); 575 } 576 577 if (interactive) 578 sigprocmask(SIG_SETMASK, &empty_set, NULL); 579} 580 581static void 582startup_child(char **argv) 583{ 584 struct stat statbuf; 585 const char *filename; 586 char pathname[MAXPATHLEN]; 587 int pid = 0; 588 struct tcb *tcp; 589 590 filename = argv[0]; 591 if (strchr(filename, '/')) { 592 if (strlen(filename) > sizeof pathname - 1) { 593 errno = ENAMETOOLONG; 594 perror("strace: exec"); 595 exit(1); 596 } 597 strcpy(pathname, filename); 598 } 599#ifdef USE_DEBUGGING_EXEC 600 /* 601 * Debuggers customarily check the current directory 602 * first regardless of the path but doing that gives 603 * security geeks a panic attack. 604 */ 605 else if (stat(filename, &statbuf) == 0) 606 strcpy(pathname, filename); 607#endif /* USE_DEBUGGING_EXEC */ 608 else { 609 const char *path; 610 int m, n, len; 611 612 for (path = getenv("PATH"); path && *path; path += m) { 613 if (strchr(path, ':')) { 614 n = strchr(path, ':') - path; 615 m = n + 1; 616 } 617 else 618 m = n = strlen(path); 619 if (n == 0) { 620 if (!getcwd(pathname, MAXPATHLEN)) 621 continue; 622 len = strlen(pathname); 623 } 624 else if (n > sizeof pathname - 1) 625 continue; 626 else { 627 strncpy(pathname, path, n); 628 len = n; 629 } 630 if (len && pathname[len - 1] != '/') 631 pathname[len++] = '/'; 632 strcpy(pathname + len, filename); 633 if (stat(pathname, &statbuf) == 0 && 634 /* Accept only regular files 635 with some execute bits set. 636 XXX not perfect, might still fail */ 637 S_ISREG(statbuf.st_mode) && 638 (statbuf.st_mode & 0111)) 639 break; 640 } 641 } 642 if (stat(pathname, &statbuf) < 0) { 643 fprintf(stderr, "%s: %s: command not found\n", 644 progname, filename); 645 exit(1); 646 } 647 strace_child = pid = fork(); 648 if (pid < 0) { 649 perror("strace: fork"); 650 cleanup(); 651 exit(1); 652 } 653 if ((pid != 0 && daemonized_tracer) /* -D: parent to become a traced process */ 654 || (pid == 0 && !daemonized_tracer) /* not -D: child to become a traced process */ 655 ) { 656 pid = getpid(); 657#ifdef USE_PROCFS 658 if (outf != stderr) close (fileno (outf)); 659#ifdef MIPS 660 /* Kludge for SGI, see proc_open for details. */ 661 sa.sa_handler = foobar; 662 sa.sa_flags = 0; 663 sigemptyset(&sa.sa_mask); 664 sigaction(SIGINT, &sa, NULL); 665#endif /* MIPS */ 666#ifndef FREEBSD 667 pause(); 668#else /* FREEBSD */ 669 kill(pid, SIGSTOP); /* stop HERE */ 670#endif /* FREEBSD */ 671#else /* !USE_PROCFS */ 672 if (outf!=stderr) 673 close(fileno (outf)); 674 675 if (!daemonized_tracer) { 676 if (ptrace(PTRACE_TRACEME, 0, (char *) 1, 0) < 0) { 677 perror("strace: ptrace(PTRACE_TRACEME, ...)"); 678 exit(1); 679 } 680 if (debug) 681 kill(pid, SIGSTOP); 682 } 683 684 if (username != NULL || geteuid() == 0) { 685 uid_t run_euid = run_uid; 686 gid_t run_egid = run_gid; 687 688 if (statbuf.st_mode & S_ISUID) 689 run_euid = statbuf.st_uid; 690 if (statbuf.st_mode & S_ISGID) 691 run_egid = statbuf.st_gid; 692 693 /* 694 * It is important to set groups before we 695 * lose privileges on setuid. 696 */ 697 if (username != NULL) { 698 if (initgroups(username, run_gid) < 0) { 699 perror("initgroups"); 700 exit(1); 701 } 702 if (setregid(run_gid, run_egid) < 0) { 703 perror("setregid"); 704 exit(1); 705 } 706 if (setreuid(run_uid, run_euid) < 0) { 707 perror("setreuid"); 708 exit(1); 709 } 710 } 711 } 712 else 713 setreuid(run_uid, run_uid); 714 715 if (!daemonized_tracer) { 716 /* 717 * Induce an immediate stop so that the parent 718 * will resume us with PTRACE_SYSCALL and display 719 * this execve call normally. 720 * Unless of course we're on a no-MMU system where 721 * we vfork()-ed, so we cannot stop the child. 722 */ 723 if (!strace_vforked) 724 kill(getpid(), SIGSTOP); 725 } else { 726 struct sigaction sv_sigchld; 727 sigaction(SIGCHLD, NULL, &sv_sigchld); 728 /* 729 * Make sure it is not SIG_IGN, otherwise wait 730 * will not block. 731 */ 732 signal(SIGCHLD, SIG_DFL); 733 /* 734 * Wait for grandchild to attach to us. 735 * It kills child after that, and wait() unblocks. 736 */ 737 alarm(3); 738 wait(NULL); 739 alarm(0); 740 sigaction(SIGCHLD, &sv_sigchld, NULL); 741 } 742#endif /* !USE_PROCFS */ 743 744 execv(pathname, argv); 745 perror("strace: exec"); 746 _exit(1); 747 } 748 749 /* We are the tracer. */ 750 /* With -D, we are *child* here, IOW: different pid. Fetch it. */ 751 strace_tracer_pid = getpid(); 752 753 tcp = alloctcb(daemonized_tracer ? getppid() : pid); 754 if (daemonized_tracer) { 755 /* We want subsequent startup_attach() to attach to it. */ 756 tcp->flags |= TCB_ATTACHED; 757 } 758#ifdef USE_PROCFS 759 if (proc_open(tcp, 0) < 0) { 760 fprintf(stderr, "trouble opening proc file\n"); 761 cleanup(); 762 exit(1); 763 } 764#endif /* USE_PROCFS */ 765} 766 767#ifdef LINUX 768/* 769 * Test whether the kernel support PTRACE_O_TRACECLONE et al options. 770 * First fork a new child, call ptrace with PTRACE_SETOPTIONS on it, 771 * and then see which options are supported by the kernel. 772 */ 773static int 774test_ptrace_setoptions_followfork(void) 775{ 776 int pid, expected_grandchild = 0, found_grandchild = 0; 777 const unsigned int test_options = PTRACE_O_TRACECLONE | 778 PTRACE_O_TRACEFORK | 779 PTRACE_O_TRACEVFORK; 780 781 if ((pid = fork()) < 0) 782 return -1; 783 else if (pid == 0) { 784 if (ptrace(PTRACE_TRACEME, 0, (char *)1, 0) < 0) 785 _exit(1); 786 kill(getpid(), SIGSTOP); 787 _exit(fork() < 0); 788 } 789 790 while (1) { 791 int status, tracee_pid; 792 793 tracee_pid = wait(&status); 794 if (tracee_pid == -1) { 795 if (errno == EINTR) 796 continue; 797 else if (errno == ECHILD) 798 break; 799 perror("test_ptrace_setoptions_followfork"); 800 return -1; 801 } 802 if (tracee_pid != pid) { 803 found_grandchild = tracee_pid; 804 if (ptrace(PTRACE_CONT, tracee_pid, 0, 0) < 0 && 805 errno != ESRCH) 806 kill(tracee_pid, SIGKILL); 807 } 808 else if (WIFSTOPPED(status)) { 809 switch (WSTOPSIG(status)) { 810 case SIGSTOP: 811 if (ptrace(PTRACE_SETOPTIONS, pid, 812 NULL, test_options) < 0) { 813 kill(pid, SIGKILL); 814 return -1; 815 } 816 break; 817 case SIGTRAP: 818 if (status >> 16 == PTRACE_EVENT_FORK) { 819 long msg = 0; 820 821 if (ptrace(PTRACE_GETEVENTMSG, pid, 822 NULL, (long) &msg) == 0) 823 expected_grandchild = msg; 824 } 825 break; 826 } 827 if (ptrace(PTRACE_SYSCALL, pid, 0, 0) < 0 && 828 errno != ESRCH) 829 kill(pid, SIGKILL); 830 } 831 } 832 if (expected_grandchild && expected_grandchild == found_grandchild) 833 ptrace_setoptions_followfork |= test_options; 834 return 0; 835} 836 837/* 838 * Test whether the kernel support PTRACE_O_TRACESYSGOOD. 839 * First fork a new child, call ptrace(PTRACE_SETOPTIONS) on it, 840 * and then see whether it will stop with (SIGTRAP | 0x80). 841 * 842 * Use of this option enables correct handling of user-generated SIGTRAPs, 843 * and SIGTRAPs generated by special instructions such as int3 on x86: 844 * _start: .globl _start 845 * int3 846 * movl $42, %ebx 847 * movl $1, %eax 848 * int $0x80 849 * (compile with: "gcc -nostartfiles -nostdlib -o int3 int3.S") 850 */ 851static void 852test_ptrace_setoptions_for_all(void) 853{ 854 const unsigned int test_options = PTRACE_O_TRACESYSGOOD | PTRACE_O_TRACEEXEC; 855 int pid; 856 int it_worked = 0; 857 858 pid = fork(); 859 if (pid < 0) 860 perror_msg_and_die("fork"); 861 862 if (pid == 0) { 863 pid = getpid(); 864 if (ptrace(PTRACE_TRACEME, 0L, 0L, 0L) < 0) 865 /* Note: exits with exitcode 1 */ 866 perror_msg_and_die("%s: PTRACE_TRACEME doesn't work", __func__); 867 kill(pid, SIGSTOP); 868 _exit(0); /* parent should see entry into this syscall */ 869 } 870 871 while (1) { 872 int status, tracee_pid; 873 874 errno = 0; 875 tracee_pid = wait(&status); 876 if (tracee_pid <= 0) { 877 if (errno == EINTR) 878 continue; 879 kill(pid, SIGKILL); 880 perror_msg_and_die("%s: unexpected wait result %d", __func__, tracee_pid); 881 } 882 if (WIFEXITED(status)) { 883 if (WEXITSTATUS(status) == 0) 884 break; 885 /* PTRACE_TRACEME failed in child. This is fatal. */ 886 exit(1); 887 } 888 if (!WIFSTOPPED(status)) { 889 kill(pid, SIGKILL); 890 error_msg_and_die("%s: unexpected wait status %x", __func__, status); 891 } 892 if (WSTOPSIG(status) == SIGSTOP) { 893 /* 894 * We don't check "options aren't accepted" error. 895 * If it happens, we'll never get (SIGTRAP | 0x80), 896 * and thus will decide to not use the option. 897 * IOW: the outcome of the test will be correct. 898 */ 899 if (ptrace(PTRACE_SETOPTIONS, pid, 0L, test_options) < 0) 900 if (errno != EINVAL) 901 perror_msg("PTRACE_SETOPTIONS"); 902 } 903 if (WSTOPSIG(status) == (SIGTRAP | 0x80)) { 904 it_worked = 1; 905 } 906 if (ptrace(PTRACE_SYSCALL, pid, 0L, 0L) < 0) { 907 kill(pid, SIGKILL); 908 perror_msg_and_die("PTRACE_SYSCALL doesn't work"); 909 } 910 } 911 912 if (it_worked) { 913 syscall_trap_sig = (SIGTRAP | 0x80); 914 ptrace_setoptions_for_all = test_options; 915 if (debug) 916 fprintf(stderr, "ptrace_setoptions_for_all = %#x\n", 917 ptrace_setoptions_for_all); 918 return; 919 } 920 921 fprintf(stderr, 922 "Test for PTRACE_O_TRACESYSGOOD failed, giving up using this feature.\n"); 923} 924#endif 925 926int 927main(int argc, char *argv[]) 928{ 929 struct tcb *tcp; 930 int c, pid = 0; 931 int optF = 0; 932 struct sigaction sa; 933 934 static char buf[BUFSIZ]; 935 936 progname = argv[0] ? argv[0] : "strace"; 937 938 strace_tracer_pid = getpid(); 939 940 /* Allocate the initial tcbtab. */ 941 tcbtabsize = argc; /* Surely enough for all -p args. */ 942 if ((tcbtab = calloc(tcbtabsize, sizeof tcbtab[0])) == NULL) { 943 fprintf(stderr, "%s: out of memory\n", progname); 944 exit(1); 945 } 946 if ((tcbtab[0] = calloc(tcbtabsize, sizeof tcbtab[0][0])) == NULL) { 947 fprintf(stderr, "%s: out of memory\n", progname); 948 exit(1); 949 } 950 for (tcp = tcbtab[0]; tcp < &tcbtab[0][tcbtabsize]; ++tcp) 951 tcbtab[tcp - tcbtab[0]] = &tcbtab[0][tcp - tcbtab[0]]; 952 953 outf = stderr; 954 interactive = 1; 955 set_sortby(DEFAULT_SORTBY); 956 set_personality(DEFAULT_PERSONALITY); 957 qualify("trace=all"); 958 qualify("abbrev=all"); 959 qualify("verbose=all"); 960 qualify("signal=all"); 961 while ((c = getopt(argc, argv, 962 "+cCdfFhiqrtTvVxyz" 963#ifndef USE_PROCFS 964 "D" 965#endif 966 "a:e:o:O:p:s:S:u:E:P:")) != EOF) { 967 switch (c) { 968 case 'c': 969 if (cflag == CFLAG_BOTH) { 970 fprintf(stderr, "%s: -c and -C are mutually exclusive options\n", 971 progname); 972 exit(1); 973 } 974 cflag = CFLAG_ONLY_STATS; 975 break; 976 case 'C': 977 if (cflag == CFLAG_ONLY_STATS) { 978 fprintf(stderr, "%s: -c and -C are mutually exclusive options\n", 979 progname); 980 exit(1); 981 } 982 cflag = CFLAG_BOTH; 983 break; 984 case 'd': 985 debug++; 986 break; 987#ifndef USE_PROCFS 988 case 'D': 989 daemonized_tracer = 1; 990 break; 991#endif 992 case 'F': 993 optF = 1; 994 break; 995 case 'f': 996 followfork++; 997 break; 998 case 'h': 999 usage(stdout, 0); 1000 break; 1001 case 'i': 1002 iflag++; 1003 break; 1004 case 'q': 1005 qflag++; 1006 break; 1007 case 'r': 1008 rflag++; 1009 tflag++; 1010 break; 1011 case 't': 1012 tflag++; 1013 break; 1014 case 'T': 1015 dtime++; 1016 break; 1017 case 'x': 1018 xflag++; 1019 break; 1020 case 'y': 1021 show_fd_path = 1; 1022 break; 1023 case 'v': 1024 qualify("abbrev=none"); 1025 break; 1026 case 'V': 1027 printf("%s -- version %s\n", PACKAGE_NAME, VERSION); 1028 exit(0); 1029 break; 1030 case 'z': 1031 not_failing_only = 1; 1032 break; 1033 case 'a': 1034 acolumn = atoi(optarg); 1035 break; 1036 case 'e': 1037 qualify(optarg); 1038 break; 1039 case 'o': 1040 outfname = strdup(optarg); 1041 break; 1042 case 'O': 1043 set_overhead(atoi(optarg)); 1044 break; 1045 case 'p': 1046 if ((pid = atoi(optarg)) <= 0) { 1047 fprintf(stderr, "%s: Invalid process id: %s\n", 1048 progname, optarg); 1049 break; 1050 } 1051 if (pid == strace_tracer_pid) { 1052 fprintf(stderr, "%s: I'm sorry, I can't let you do that, Dave.\n", progname); 1053 break; 1054 } 1055 tcp = alloc_tcb(pid, 0); 1056 tcp->flags |= TCB_ATTACHED; 1057 pflag_seen++; 1058 break; 1059 case 'P': 1060 tracing_paths = 1; 1061 if (pathtrace_select(optarg)) { 1062 fprintf(stderr,"%s : failed to select path '%s'\n", progname, optarg); 1063 exit(1); 1064 } 1065 break; 1066 case 's': 1067 max_strlen = atoi(optarg); 1068 if (max_strlen < 0) { 1069 fprintf(stderr, 1070 "%s: invalid -s argument: %s\n", 1071 progname, optarg); 1072 exit(1); 1073 } 1074 break; 1075 case 'S': 1076 set_sortby(optarg); 1077 break; 1078 case 'u': 1079 username = strdup(optarg); 1080 break; 1081 case 'E': 1082 if (putenv(optarg) < 0) { 1083 fprintf(stderr, "%s: out of memory\n", 1084 progname); 1085 exit(1); 1086 } 1087 break; 1088 default: 1089 usage(stderr, 1); 1090 break; 1091 } 1092 } 1093 1094 if ((optind == argc) == !pflag_seen) 1095 usage(stderr, 1); 1096 1097 if (pflag_seen && daemonized_tracer) { 1098 fprintf(stderr, 1099 "%s: -D and -p are mutually exclusive options\n", 1100 progname); 1101 exit(1); 1102 } 1103 1104 if (!followfork) 1105 followfork = optF; 1106 1107 if (followfork > 1 && cflag) { 1108 fprintf(stderr, 1109 "%s: (-c or -C) and -ff are mutually exclusive options\n", 1110 progname); 1111 exit(1); 1112 } 1113 1114 /* See if they want to run as another user. */ 1115 if (username != NULL) { 1116 struct passwd *pent; 1117 1118 if (getuid() != 0 || geteuid() != 0) { 1119 fprintf(stderr, 1120 "%s: you must be root to use the -u option\n", 1121 progname); 1122 exit(1); 1123 } 1124 if ((pent = getpwnam(username)) == NULL) { 1125 fprintf(stderr, "%s: cannot find user `%s'\n", 1126 progname, username); 1127 exit(1); 1128 } 1129 run_uid = pent->pw_uid; 1130 run_gid = pent->pw_gid; 1131 } 1132 else { 1133 run_uid = getuid(); 1134 run_gid = getgid(); 1135 } 1136 1137#ifdef LINUX 1138 if (followfork) { 1139 if (test_ptrace_setoptions_followfork() < 0) { 1140 fprintf(stderr, 1141 "Test for options supported by PTRACE_SETOPTIONS " 1142 "failed, giving up using this feature.\n"); 1143 ptrace_setoptions_followfork = 0; 1144 } 1145 if (debug) 1146 fprintf(stderr, "ptrace_setoptions_followfork = %#x\n", 1147 ptrace_setoptions_followfork); 1148 } 1149 test_ptrace_setoptions_for_all(); 1150#endif 1151 1152 /* Check if they want to redirect the output. */ 1153 if (outfname) { 1154 /* See if they want to pipe the output. */ 1155 if (outfname[0] == '|' || outfname[0] == '!') { 1156 /* 1157 * We can't do the <outfname>.PID funny business 1158 * when using popen, so prohibit it. 1159 */ 1160 if (followfork > 1) { 1161 fprintf(stderr, "\ 1162%s: piping the output and -ff are mutually exclusive options\n", 1163 progname); 1164 exit(1); 1165 } 1166 1167 if ((outf = strace_popen(outfname + 1)) == NULL) 1168 exit(1); 1169 } 1170 else if (followfork <= 1 && 1171 (outf = strace_fopen(outfname, "w")) == NULL) 1172 exit(1); 1173 } 1174 1175 if (!outfname || outfname[0] == '|' || outfname[0] == '!') 1176 setvbuf(outf, buf, _IOLBF, BUFSIZ); 1177 if (outfname && optind < argc) { 1178 interactive = 0; 1179 qflag = 1; 1180 } 1181 1182 /* Valid states here: 1183 optind < argc pflag_seen outfname interactive 1184 1 0 0 1 1185 0 1 0 1 1186 1 0 1 0 1187 0 1 1 1 1188 */ 1189 1190 /* STARTUP_CHILD must be called before the signal handlers get 1191 installed below as they are inherited into the spawned process. 1192 Also we do not need to be protected by them as during interruption 1193 in the STARTUP_CHILD mode we kill the spawned process anyway. */ 1194 if (!pflag_seen) 1195 startup_child(&argv[optind]); 1196 1197 sigemptyset(&empty_set); 1198 sigemptyset(&blocked_set); 1199 sa.sa_handler = SIG_IGN; 1200 sigemptyset(&sa.sa_mask); 1201 sa.sa_flags = 0; 1202 sigaction(SIGTTOU, &sa, NULL); 1203 sigaction(SIGTTIN, &sa, NULL); 1204 if (interactive) { 1205 sigaddset(&blocked_set, SIGHUP); 1206 sigaddset(&blocked_set, SIGINT); 1207 sigaddset(&blocked_set, SIGQUIT); 1208 sigaddset(&blocked_set, SIGPIPE); 1209 sigaddset(&blocked_set, SIGTERM); 1210 sa.sa_handler = interrupt; 1211#ifdef SUNOS4 1212 /* POSIX signals on sunos4.1 are a little broken. */ 1213 sa.sa_flags = SA_INTERRUPT; 1214#endif /* SUNOS4 */ 1215 } 1216 sigaction(SIGHUP, &sa, NULL); 1217 sigaction(SIGINT, &sa, NULL); 1218 sigaction(SIGQUIT, &sa, NULL); 1219 sigaction(SIGPIPE, &sa, NULL); 1220 sigaction(SIGTERM, &sa, NULL); 1221#ifdef USE_PROCFS 1222 sa.sa_handler = reaper; 1223 sigaction(SIGCHLD, &sa, NULL); 1224#else 1225 /* Make sure SIGCHLD has the default action so that waitpid 1226 definitely works without losing track of children. The user 1227 should not have given us a bogus state to inherit, but he might 1228 have. Arguably we should detect SIG_IGN here and pass it on 1229 to children, but probably noone really needs that. */ 1230 sa.sa_handler = SIG_DFL; 1231 sigaction(SIGCHLD, &sa, NULL); 1232#endif /* USE_PROCFS */ 1233 1234 if (pflag_seen || daemonized_tracer) 1235 startup_attach(); 1236 1237 if (trace() < 0) 1238 exit(1); 1239 cleanup(); 1240 fflush(NULL); 1241 if (exit_code > 0xff) { 1242 /* Child was killed by a signal, mimic that. */ 1243 exit_code &= 0xff; 1244 signal(exit_code, SIG_DFL); 1245 raise(exit_code); 1246 /* Paranoia - what if this signal is not fatal? 1247 Exit with 128 + signo then. */ 1248 exit_code += 128; 1249 } 1250 exit(exit_code); 1251} 1252 1253void 1254expand_tcbtab(void) 1255{ 1256 /* Allocate some more TCBs and expand the table. 1257 We don't want to relocate the TCBs because our 1258 callers have pointers and it would be a pain. 1259 So tcbtab is a table of pointers. Since we never 1260 free the TCBs, we allocate a single chunk of many. */ 1261 struct tcb **newtab = (struct tcb **) 1262 realloc(tcbtab, 2 * tcbtabsize * sizeof tcbtab[0]); 1263 struct tcb *newtcbs = (struct tcb *) calloc(tcbtabsize, 1264 sizeof *newtcbs); 1265 int i; 1266 if (newtab == NULL || newtcbs == NULL) { 1267 fprintf(stderr, "%s: expand_tcbtab: out of memory\n", 1268 progname); 1269 cleanup(); 1270 exit(1); 1271 } 1272 for (i = tcbtabsize; i < 2 * tcbtabsize; ++i) 1273 newtab[i] = &newtcbs[i - tcbtabsize]; 1274 tcbtabsize *= 2; 1275 tcbtab = newtab; 1276} 1277 1278struct tcb * 1279alloc_tcb(int pid, int command_options_parsed) 1280{ 1281 int i; 1282 struct tcb *tcp; 1283 1284 if (nprocs == tcbtabsize) 1285 expand_tcbtab(); 1286 1287 for (i = 0; i < tcbtabsize; i++) { 1288 tcp = tcbtab[i]; 1289 if ((tcp->flags & TCB_INUSE) == 0) { 1290 tcp->pid = pid; 1291 tcp->parent = NULL; 1292 tcp->nchildren = 0; 1293 tcp->nzombies = 0; 1294#ifdef TCB_CLONE_THREAD 1295 tcp->nclone_threads = 0; 1296 tcp->nclone_waiting = 0; 1297#endif 1298 tcp->flags = TCB_INUSE | TCB_STARTUP; 1299 tcp->outf = outf; /* Initialise to current out file */ 1300 tcp->curcol = 0; 1301 tcp->stime.tv_sec = 0; 1302 tcp->stime.tv_usec = 0; 1303 tcp->pfd = -1; 1304 nprocs++; 1305 if (command_options_parsed) 1306 newoutf(tcp); 1307 return tcp; 1308 } 1309 } 1310 fprintf(stderr, "%s: bug in alloc_tcb\n", progname); 1311 cleanup(); 1312 exit(1); 1313} 1314 1315#ifdef USE_PROCFS 1316int 1317proc_open(struct tcb *tcp, int attaching) 1318{ 1319 char proc[32]; 1320 long arg; 1321#ifdef SVR4 1322 int i; 1323 sysset_t syscalls; 1324 sigset_t signals; 1325 fltset_t faults; 1326#endif 1327#ifndef HAVE_POLLABLE_PROCFS 1328 static int last_pfd; 1329#endif 1330 1331#ifdef HAVE_MP_PROCFS 1332 /* Open the process pseudo-files in /proc. */ 1333 sprintf(proc, "/proc/%d/ctl", tcp->pid); 1334 if ((tcp->pfd = open(proc, O_WRONLY|O_EXCL)) < 0) { 1335 perror("strace: open(\"/proc/...\", ...)"); 1336 return -1; 1337 } 1338 if (set_cloexec_flag(tcp->pfd) < 0) { 1339 return -1; 1340 } 1341 sprintf(proc, "/proc/%d/status", tcp->pid); 1342 if ((tcp->pfd_stat = open(proc, O_RDONLY|O_EXCL)) < 0) { 1343 perror("strace: open(\"/proc/...\", ...)"); 1344 return -1; 1345 } 1346 if (set_cloexec_flag(tcp->pfd_stat) < 0) { 1347 return -1; 1348 } 1349 sprintf(proc, "/proc/%d/as", tcp->pid); 1350 if ((tcp->pfd_as = open(proc, O_RDONLY|O_EXCL)) < 0) { 1351 perror("strace: open(\"/proc/...\", ...)"); 1352 return -1; 1353 } 1354 if (set_cloexec_flag(tcp->pfd_as) < 0) { 1355 return -1; 1356 } 1357#else 1358 /* Open the process pseudo-file in /proc. */ 1359#ifndef FREEBSD 1360 sprintf(proc, "/proc/%d", tcp->pid); 1361 tcp->pfd = open(proc, O_RDWR|O_EXCL); 1362#else /* FREEBSD */ 1363 sprintf(proc, "/proc/%d/mem", tcp->pid); 1364 tcp->pfd = open(proc, O_RDWR); 1365#endif /* FREEBSD */ 1366 if (tcp->pfd < 0) { 1367 perror("strace: open(\"/proc/...\", ...)"); 1368 return -1; 1369 } 1370 if (set_cloexec_flag(tcp->pfd) < 0) { 1371 return -1; 1372 } 1373#endif 1374#ifdef FREEBSD 1375 sprintf(proc, "/proc/%d/regs", tcp->pid); 1376 if ((tcp->pfd_reg = open(proc, O_RDONLY)) < 0) { 1377 perror("strace: open(\"/proc/.../regs\", ...)"); 1378 return -1; 1379 } 1380 if (cflag) { 1381 sprintf(proc, "/proc/%d/status", tcp->pid); 1382 if ((tcp->pfd_status = open(proc, O_RDONLY)) < 0) { 1383 perror("strace: open(\"/proc/.../status\", ...)"); 1384 return -1; 1385 } 1386 } else 1387 tcp->pfd_status = -1; 1388#endif /* FREEBSD */ 1389 rebuild_pollv(); 1390 if (!attaching) { 1391 /* 1392 * Wait for the child to pause. Because of a race 1393 * condition we have to poll for the event. 1394 */ 1395 for (;;) { 1396 if (IOCTL_STATUS (tcp) < 0) { 1397 perror("strace: PIOCSTATUS"); 1398 return -1; 1399 } 1400 if (tcp->status.PR_FLAGS & PR_ASLEEP) 1401 break; 1402 } 1403 } 1404#ifndef FREEBSD 1405 /* Stop the process so that we own the stop. */ 1406 if (IOCTL(tcp->pfd, PIOCSTOP, (char *)NULL) < 0) { 1407 perror("strace: PIOCSTOP"); 1408 return -1; 1409 } 1410#endif 1411#ifdef PIOCSET 1412 /* Set Run-on-Last-Close. */ 1413 arg = PR_RLC; 1414 if (IOCTL(tcp->pfd, PIOCSET, &arg) < 0) { 1415 perror("PIOCSET PR_RLC"); 1416 return -1; 1417 } 1418 /* Set or Reset Inherit-on-Fork. */ 1419 arg = PR_FORK; 1420 if (IOCTL(tcp->pfd, followfork ? PIOCSET : PIOCRESET, &arg) < 0) { 1421 perror("PIOC{SET,RESET} PR_FORK"); 1422 return -1; 1423 } 1424#else /* !PIOCSET */ 1425#ifndef FREEBSD 1426 if (ioctl(tcp->pfd, PIOCSRLC) < 0) { 1427 perror("PIOCSRLC"); 1428 return -1; 1429 } 1430 if (ioctl(tcp->pfd, followfork ? PIOCSFORK : PIOCRFORK) < 0) { 1431 perror("PIOC{S,R}FORK"); 1432 return -1; 1433 } 1434#else /* FREEBSD */ 1435 /* just unset the PF_LINGER flag for the Run-on-Last-Close. */ 1436 if (ioctl(tcp->pfd, PIOCGFL, &arg) < 0) { 1437 perror("PIOCGFL"); 1438 return -1; 1439 } 1440 arg &= ~PF_LINGER; 1441 if (ioctl(tcp->pfd, PIOCSFL, arg) < 0) { 1442 perror("PIOCSFL"); 1443 return -1; 1444 } 1445#endif /* FREEBSD */ 1446#endif /* !PIOCSET */ 1447#ifndef FREEBSD 1448 /* Enable all syscall entries we care about. */ 1449 premptyset(&syscalls); 1450 for (i = 1; i < MAX_QUALS; ++i) { 1451 if (i > (sizeof syscalls) * CHAR_BIT) break; 1452 if (qual_flags [i] & QUAL_TRACE) praddset (&syscalls, i); 1453 } 1454 praddset (&syscalls, SYS_execve); 1455 if (followfork) { 1456 praddset (&syscalls, SYS_fork); 1457#ifdef SYS_forkall 1458 praddset (&syscalls, SYS_forkall); 1459#endif 1460#ifdef SYS_fork1 1461 praddset (&syscalls, SYS_fork1); 1462#endif 1463#ifdef SYS_rfork1 1464 praddset (&syscalls, SYS_rfork1); 1465#endif 1466#ifdef SYS_rforkall 1467 praddset (&syscalls, SYS_rforkall); 1468#endif 1469 } 1470 if (IOCTL(tcp->pfd, PIOCSENTRY, &syscalls) < 0) { 1471 perror("PIOCSENTRY"); 1472 return -1; 1473 } 1474 /* Enable the syscall exits. */ 1475 if (IOCTL(tcp->pfd, PIOCSEXIT, &syscalls) < 0) { 1476 perror("PIOSEXIT"); 1477 return -1; 1478 } 1479 /* Enable signals we care about. */ 1480 premptyset(&signals); 1481 for (i = 1; i < MAX_QUALS; ++i) { 1482 if (i > (sizeof signals) * CHAR_BIT) break; 1483 if (qual_flags [i] & QUAL_SIGNAL) praddset (&signals, i); 1484 } 1485 if (IOCTL(tcp->pfd, PIOCSTRACE, &signals) < 0) { 1486 perror("PIOCSTRACE"); 1487 return -1; 1488 } 1489 /* Enable faults we care about */ 1490 premptyset(&faults); 1491 for (i = 1; i < MAX_QUALS; ++i) { 1492 if (i > (sizeof faults) * CHAR_BIT) break; 1493 if (qual_flags [i] & QUAL_FAULT) praddset (&faults, i); 1494 } 1495 if (IOCTL(tcp->pfd, PIOCSFAULT, &faults) < 0) { 1496 perror("PIOCSFAULT"); 1497 return -1; 1498 } 1499#else /* FREEBSD */ 1500 /* set events flags. */ 1501 arg = S_SIG | S_SCE | S_SCX ; 1502 if(ioctl(tcp->pfd, PIOCBIS, arg) < 0) { 1503 perror("PIOCBIS"); 1504 return -1; 1505 } 1506#endif /* FREEBSD */ 1507 if (!attaching) { 1508#ifdef MIPS 1509 /* 1510 * The SGI PRSABORT doesn't work for pause() so 1511 * we send it a caught signal to wake it up. 1512 */ 1513 kill(tcp->pid, SIGINT); 1514#else /* !MIPS */ 1515#ifdef PRSABORT 1516 /* The child is in a pause(), abort it. */ 1517 arg = PRSABORT; 1518 if (IOCTL (tcp->pfd, PIOCRUN, &arg) < 0) { 1519 perror("PIOCRUN"); 1520 return -1; 1521 } 1522#endif 1523#endif /* !MIPS*/ 1524#ifdef FREEBSD 1525 /* wake up the child if it received the SIGSTOP */ 1526 kill(tcp->pid, SIGCONT); 1527#endif 1528 for (;;) { 1529 /* Wait for the child to do something. */ 1530 if (IOCTL_WSTOP (tcp) < 0) { 1531 perror("PIOCWSTOP"); 1532 return -1; 1533 } 1534 if (tcp->status.PR_WHY == PR_SYSENTRY) { 1535 tcp->flags &= ~TCB_INSYSCALL; 1536 get_scno(tcp); 1537 if (known_scno(tcp) == SYS_execve) 1538 break; 1539 } 1540 /* Set it running: maybe execve will be next. */ 1541#ifndef FREEBSD 1542 arg = 0; 1543 if (IOCTL(tcp->pfd, PIOCRUN, &arg) < 0) { 1544#else /* FREEBSD */ 1545 if (IOCTL(tcp->pfd, PIOCRUN, 0) < 0) { 1546#endif /* FREEBSD */ 1547 perror("PIOCRUN"); 1548 return -1; 1549 } 1550#ifdef FREEBSD 1551 /* handle the case where we "opened" the child before 1552 it did the kill -STOP */ 1553 if (tcp->status.PR_WHY == PR_SIGNALLED && 1554 tcp->status.PR_WHAT == SIGSTOP) 1555 kill(tcp->pid, SIGCONT); 1556#endif 1557 } 1558#ifndef FREEBSD 1559 } 1560#else /* FREEBSD */ 1561 } else { 1562 if (attaching < 2) { 1563 /* We are attaching to an already running process. 1564 * Try to figure out the state of the process in syscalls, 1565 * to handle the first event well. 1566 * This is done by having a look at the "wchan" property of the 1567 * process, which tells where it is stopped (if it is). */ 1568 FILE * status; 1569 char wchan[20]; /* should be enough */ 1570 1571 sprintf(proc, "/proc/%d/status", tcp->pid); 1572 status = fopen(proc, "r"); 1573 if (status && 1574 (fscanf(status, "%*s %*d %*d %*d %*d %*d,%*d %*s %*d,%*d" 1575 "%*d,%*d %*d,%*d %19s", wchan) == 1) && 1576 strcmp(wchan, "nochan") && strcmp(wchan, "spread") && 1577 strcmp(wchan, "stopevent")) { 1578 /* The process is asleep in the middle of a syscall. 1579 Fake the syscall entry event */ 1580 tcp->flags &= ~(TCB_INSYSCALL|TCB_STARTUP); 1581 tcp->status.PR_WHY = PR_SYSENTRY; 1582 trace_syscall(tcp); 1583 } 1584 if (status) 1585 fclose(status); 1586 } /* otherwise it's a fork being followed */ 1587 } 1588#endif /* FREEBSD */ 1589#ifndef HAVE_POLLABLE_PROCFS 1590 if (proc_poll_pipe[0] != -1) 1591 proc_poller(tcp->pfd); 1592 else if (nprocs > 1) { 1593 proc_poll_open(); 1594 proc_poller(last_pfd); 1595 proc_poller(tcp->pfd); 1596 } 1597 last_pfd = tcp->pfd; 1598#endif /* !HAVE_POLLABLE_PROCFS */ 1599 return 0; 1600} 1601 1602#endif /* USE_PROCFS */ 1603 1604struct tcb * 1605pid2tcb(int pid) 1606{ 1607 int i; 1608 1609 if (pid <= 0) 1610 return NULL; 1611 1612 for (i = 0; i < tcbtabsize; i++) { 1613 struct tcb *tcp = tcbtab[i]; 1614 if (tcp->pid == pid && (tcp->flags & TCB_INUSE)) 1615 return tcp; 1616 } 1617 1618 return NULL; 1619} 1620 1621#ifdef USE_PROCFS 1622 1623static struct tcb * 1624first_used_tcb(void) 1625{ 1626 int i; 1627 struct tcb *tcp; 1628 for (i = 0; i < tcbtabsize; i++) { 1629 tcp = tcbtab[i]; 1630 if (tcp->flags & TCB_INUSE) 1631 return tcp; 1632 } 1633 return NULL; 1634} 1635 1636static struct tcb * 1637pfd2tcb(int pfd) 1638{ 1639 int i; 1640 1641 for (i = 0; i < tcbtabsize; i++) { 1642 struct tcb *tcp = tcbtab[i]; 1643 if (tcp->pfd != pfd) 1644 continue; 1645 if (tcp->flags & TCB_INUSE) 1646 return tcp; 1647 } 1648 return NULL; 1649} 1650 1651#endif /* USE_PROCFS */ 1652 1653void 1654droptcb(struct tcb *tcp) 1655{ 1656 if (tcp->pid == 0) 1657 return; 1658#ifdef TCB_CLONE_THREAD 1659 if (tcp->nclone_threads > 0) { 1660 /* There are other threads left in this process, but this 1661 is the one whose PID represents the whole process. 1662 We need to keep this record around as a zombie until 1663 all the threads die. */ 1664 tcp->flags |= TCB_EXITING; 1665 return; 1666 } 1667#endif 1668 nprocs--; 1669 tcp->pid = 0; 1670 1671 if (tcp->parent != NULL) { 1672 tcp->parent->nchildren--; 1673#ifdef TCB_CLONE_THREAD 1674 if (tcp->flags & TCB_CLONE_THREAD) 1675 tcp->parent->nclone_threads--; 1676#endif 1677 tcp->parent->nzombies++; 1678#ifdef LINUX 1679 /* Update `tcp->parent->parent->nchildren' and the other fields 1680 like NCLONE_DETACHED, only for zombie group leader that has 1681 already reported and been short-circuited at the top of this 1682 function. The same condition as at the top of DETACH. */ 1683 if ((tcp->flags & TCB_CLONE_THREAD) && 1684 tcp->parent->nclone_threads == 0 && 1685 (tcp->parent->flags & TCB_EXITING)) 1686 droptcb(tcp->parent); 1687#endif 1688 tcp->parent = NULL; 1689 } 1690 1691 tcp->flags = 0; 1692 if (tcp->pfd != -1) { 1693 close(tcp->pfd); 1694 tcp->pfd = -1; 1695#ifdef FREEBSD 1696 if (tcp->pfd_reg != -1) { 1697 close(tcp->pfd_reg); 1698 tcp->pfd_reg = -1; 1699 } 1700 if (tcp->pfd_status != -1) { 1701 close(tcp->pfd_status); 1702 tcp->pfd_status = -1; 1703 } 1704#endif /* !FREEBSD */ 1705#ifdef USE_PROCFS 1706 rebuild_pollv(); /* Note, flags needs to be cleared by now. */ 1707#endif 1708 } 1709 1710 if (outfname && followfork > 1 && tcp->outf) 1711 fclose(tcp->outf); 1712 1713 tcp->outf = 0; 1714} 1715 1716#ifndef USE_PROCFS 1717 1718static int 1719resume(struct tcb *tcp) 1720{ 1721 if (tcp == NULL) 1722 return -1; 1723 1724 if (!(tcp->flags & TCB_SUSPENDED)) { 1725 fprintf(stderr, "PANIC: pid %u not suspended\n", tcp->pid); 1726 return -1; 1727 } 1728 tcp->flags &= ~TCB_SUSPENDED; 1729#ifdef TCB_CLONE_THREAD 1730 if (tcp->flags & TCB_CLONE_THREAD) 1731 tcp->parent->nclone_waiting--; 1732#endif 1733 1734 if (ptrace_restart(PTRACE_SYSCALL, tcp, 0) < 0) 1735 return -1; 1736 1737 if (!qflag) 1738 fprintf(stderr, "Process %u resumed\n", tcp->pid); 1739 return 0; 1740} 1741 1742static int 1743resume_from_tcp(struct tcb *tcp) 1744{ 1745 int error = 0; 1746 int resumed = 0; 1747 1748 /* XXX This won't always be quite right (but it never was). 1749 A waiter with argument 0 or < -1 is waiting for any pid in 1750 a particular pgrp, which this child might or might not be 1751 in. The waiter will only wake up if it's argument is -1 1752 or if it's waiting for tcp->pid's pgrp. It makes a 1753 difference to wake up a waiter when there might be more 1754 traced children, because it could get a false ECHILD 1755 error. OTOH, if this was the last child in the pgrp, then 1756 it ought to wake up and get ECHILD. We would have to 1757 search the system for all pid's in the pgrp to be sure. 1758 1759 && (t->waitpid == -1 || 1760 (t->waitpid == 0 && getpgid (tcp->pid) == getpgid (t->pid)) 1761 || (t->waitpid < 0 && t->waitpid == -getpid (t->pid))) 1762 */ 1763 1764 if (tcp->parent && 1765 (tcp->parent->flags & TCB_SUSPENDED) && 1766 (tcp->parent->waitpid <= 0 || tcp->parent->waitpid == tcp->pid)) { 1767 error = resume(tcp->parent); 1768 ++resumed; 1769 } 1770#ifdef TCB_CLONE_THREAD 1771 if (tcp->parent && tcp->parent->nclone_waiting > 0) { 1772 /* Some other threads of our parent are waiting too. */ 1773 unsigned int i; 1774 1775 /* Resume all the threads that were waiting for this PID. */ 1776 for (i = 0; i < tcbtabsize; i++) { 1777 struct tcb *t = tcbtab[i]; 1778 if (t->parent == tcp->parent && t != tcp 1779 && ((t->flags & (TCB_CLONE_THREAD|TCB_SUSPENDED)) 1780 == (TCB_CLONE_THREAD|TCB_SUSPENDED)) 1781 && t->waitpid == tcp->pid) { 1782 error |= resume (t); 1783 ++resumed; 1784 } 1785 } 1786 if (resumed == 0) 1787 /* Noone was waiting for this PID in particular, 1788 so now we might need to resume some wildcarders. */ 1789 for (i = 0; i < tcbtabsize; i++) { 1790 struct tcb *t = tcbtab[i]; 1791 if (t->parent == tcp->parent && t != tcp 1792 && ((t->flags 1793 & (TCB_CLONE_THREAD|TCB_SUSPENDED)) 1794 == (TCB_CLONE_THREAD|TCB_SUSPENDED)) 1795 && t->waitpid <= 0 1796 ) { 1797 error |= resume (t); 1798 break; 1799 } 1800 } 1801 } 1802#endif 1803 1804 return error; 1805} 1806 1807#endif /* !USE_PROCFS */ 1808 1809/* detach traced process; continue with sig 1810 Never call DETACH twice on the same process as both unattached and 1811 attached-unstopped processes give the same ESRCH. For unattached process we 1812 would SIGSTOP it and wait for its SIGSTOP notification forever. */ 1813 1814static int 1815detach(struct tcb *tcp, int sig) 1816{ 1817 int error = 0; 1818#ifdef LINUX 1819 int status, catch_sigstop; 1820 struct tcb *zombie = NULL; 1821 1822 /* If the group leader is lingering only because of this other 1823 thread now dying, then detach the leader as well. */ 1824 if ((tcp->flags & TCB_CLONE_THREAD) && 1825 tcp->parent->nclone_threads == 1 && 1826 (tcp->parent->flags & TCB_EXITING)) 1827 zombie = tcp->parent; 1828#endif 1829 1830 if (tcp->flags & TCB_BPTSET) 1831 clearbpt(tcp); 1832 1833#ifdef LINUX 1834 /* 1835 * Linux wrongly insists the child be stopped 1836 * before detaching. Arghh. We go through hoops 1837 * to make a clean break of things. 1838 */ 1839#if defined(SPARC) 1840#undef PTRACE_DETACH 1841#define PTRACE_DETACH PTRACE_SUNDETACH 1842#endif 1843 /* 1844 * On TCB_STARTUP we did PTRACE_ATTACH but still did not get the 1845 * expected SIGSTOP. We must catch exactly one as otherwise the 1846 * detached process would be left stopped (process state T). 1847 */ 1848 catch_sigstop = (tcp->flags & TCB_STARTUP); 1849 if ((error = ptrace(PTRACE_DETACH, tcp->pid, (char *) 1, sig)) == 0) { 1850 /* On a clear day, you can see forever. */ 1851 } 1852 else if (errno != ESRCH) { 1853 /* Shouldn't happen. */ 1854 perror("detach: ptrace(PTRACE_DETACH, ...)"); 1855 } 1856 else if (my_tgkill((tcp->flags & TCB_CLONE_THREAD ? tcp->parent->pid 1857 : tcp->pid), 1858 tcp->pid, 0) < 0) { 1859 if (errno != ESRCH) 1860 perror("detach: checking sanity"); 1861 } 1862 else if (!catch_sigstop && my_tgkill((tcp->flags & TCB_CLONE_THREAD 1863 ? tcp->parent->pid : tcp->pid), 1864 tcp->pid, SIGSTOP) < 0) { 1865 if (errno != ESRCH) 1866 perror("detach: stopping child"); 1867 } 1868 else 1869 catch_sigstop = 1; 1870 if (catch_sigstop) { 1871 for (;;) { 1872#ifdef __WALL 1873 if (wait4(tcp->pid, &status, __WALL, NULL) < 0) { 1874 if (errno == ECHILD) /* Already gone. */ 1875 break; 1876 if (errno != EINVAL) { 1877 perror("detach: waiting"); 1878 break; 1879 } 1880#endif /* __WALL */ 1881 /* No __WALL here. */ 1882 if (waitpid(tcp->pid, &status, 0) < 0) { 1883 if (errno != ECHILD) { 1884 perror("detach: waiting"); 1885 break; 1886 } 1887#ifdef __WCLONE 1888 /* If no processes, try clones. */ 1889 if (wait4(tcp->pid, &status, __WCLONE, 1890 NULL) < 0) { 1891 if (errno != ECHILD) 1892 perror("detach: waiting"); 1893 break; 1894 } 1895#endif /* __WCLONE */ 1896 } 1897#ifdef __WALL 1898 } 1899#endif 1900 if (!WIFSTOPPED(status)) { 1901 /* Au revoir, mon ami. */ 1902 break; 1903 } 1904 if (WSTOPSIG(status) == SIGSTOP) { 1905 ptrace_restart(PTRACE_DETACH, tcp, sig); 1906 break; 1907 } 1908 error = ptrace_restart(PTRACE_CONT, tcp, 1909 WSTOPSIG(status) == syscall_trap_sig ? 0 1910 : WSTOPSIG(status)); 1911 if (error < 0) 1912 break; 1913 } 1914 } 1915#endif /* LINUX */ 1916 1917#if defined(SUNOS4) 1918 /* PTRACE_DETACH won't respect `sig' argument, so we post it here. */ 1919 if (sig && kill(tcp->pid, sig) < 0) 1920 perror("detach: kill"); 1921 sig = 0; 1922 error = ptrace_restart(PTRACE_DETACH, tcp, sig); 1923#endif /* SUNOS4 */ 1924 1925#ifndef USE_PROCFS 1926 error |= resume_from_tcp (tcp); 1927#endif 1928 1929 if (!qflag) 1930 fprintf(stderr, "Process %u detached\n", tcp->pid); 1931 1932 droptcb(tcp); 1933 1934#ifdef LINUX 1935 if (zombie != NULL) { 1936 /* TCP no longer exists therefore you must not detach () it. */ 1937 droptcb(zombie); 1938 } 1939#endif 1940 1941 return error; 1942} 1943 1944#ifdef USE_PROCFS 1945 1946static void reaper(int sig) 1947{ 1948 int pid; 1949 int status; 1950 1951 while ((pid = waitpid(-1, &status, WNOHANG)) > 0) { 1952 } 1953} 1954 1955#endif /* USE_PROCFS */ 1956 1957static void 1958cleanup(void) 1959{ 1960 int i; 1961 struct tcb *tcp; 1962 1963 for (i = 0; i < tcbtabsize; i++) { 1964 tcp = tcbtab[i]; 1965 if (!(tcp->flags & TCB_INUSE)) 1966 continue; 1967 if (debug) 1968 fprintf(stderr, 1969 "cleanup: looking at pid %u\n", tcp->pid); 1970 if (tcp_last && 1971 (!outfname || followfork < 2 || tcp_last == tcp)) { 1972 tprintf(" <unfinished ...>"); 1973 printtrailer(); 1974 } 1975 if (tcp->flags & TCB_ATTACHED) 1976 detach(tcp, 0); 1977 else { 1978 kill(tcp->pid, SIGCONT); 1979 kill(tcp->pid, SIGTERM); 1980 } 1981 } 1982 if (cflag) 1983 call_summary(outf); 1984} 1985 1986static void 1987interrupt(int sig) 1988{ 1989 interrupted = 1; 1990} 1991 1992#ifndef HAVE_STRERROR 1993 1994#if !HAVE_DECL_SYS_ERRLIST 1995extern int sys_nerr; 1996extern char *sys_errlist[]; 1997#endif /* HAVE_DECL_SYS_ERRLIST */ 1998 1999const char * 2000strerror(int err_no) 2001{ 2002 static char buf[64]; 2003 2004 if (err_no < 1 || err_no >= sys_nerr) { 2005 sprintf(buf, "Unknown error %d", err_no); 2006 return buf; 2007 } 2008 return sys_errlist[err_no]; 2009} 2010 2011#endif /* HAVE_STERRROR */ 2012 2013#ifndef HAVE_STRSIGNAL 2014 2015#if defined HAVE_SYS_SIGLIST && !defined HAVE_DECL_SYS_SIGLIST 2016extern char *sys_siglist[]; 2017#endif 2018#if defined HAVE_SYS__SIGLIST && !defined HAVE_DECL__SYS_SIGLIST 2019extern char *_sys_siglist[]; 2020#endif 2021 2022const char * 2023strsignal(int sig) 2024{ 2025 static char buf[64]; 2026 2027 if (sig < 1 || sig >= NSIG) { 2028 sprintf(buf, "Unknown signal %d", sig); 2029 return buf; 2030 } 2031#ifdef HAVE__SYS_SIGLIST 2032 return _sys_siglist[sig]; 2033#else 2034 return sys_siglist[sig]; 2035#endif 2036} 2037 2038#endif /* HAVE_STRSIGNAL */ 2039 2040#ifdef USE_PROCFS 2041 2042static void 2043rebuild_pollv(void) 2044{ 2045 int i, j; 2046 2047 if (pollv != NULL) 2048 free (pollv); 2049 pollv = (struct pollfd *) malloc(nprocs * sizeof pollv[0]); 2050 if (pollv == NULL) { 2051 fprintf(stderr, "%s: out of memory\n", progname); 2052 exit(1); 2053 } 2054 2055 for (i = j = 0; i < tcbtabsize; i++) { 2056 struct tcb *tcp = tcbtab[i]; 2057 if (!(tcp->flags & TCB_INUSE)) 2058 continue; 2059 pollv[j].fd = tcp->pfd; 2060 pollv[j].events = POLLWANT; 2061 j++; 2062 } 2063 if (j != nprocs) { 2064 fprintf(stderr, "strace: proc miscount\n"); 2065 exit(1); 2066 } 2067} 2068 2069#ifndef HAVE_POLLABLE_PROCFS 2070 2071static void 2072proc_poll_open(void) 2073{ 2074 int i; 2075 2076 if (pipe(proc_poll_pipe) < 0) { 2077 perror("pipe"); 2078 exit(1); 2079 } 2080 for (i = 0; i < 2; i++) { 2081 if (set_cloexec_flag(proc_poll_pipe[i]) < 0) { 2082 exit(1); 2083 } 2084 } 2085} 2086 2087static int 2088proc_poll(struct pollfd *pollv, int nfds, int timeout) 2089{ 2090 int i; 2091 int n; 2092 struct proc_pollfd pollinfo; 2093 2094 if ((n = read(proc_poll_pipe[0], &pollinfo, sizeof(pollinfo))) < 0) 2095 return n; 2096 if (n != sizeof(struct proc_pollfd)) { 2097 fprintf(stderr, "panic: short read: %d\n", n); 2098 exit(1); 2099 } 2100 for (i = 0; i < nprocs; i++) { 2101 if (pollv[i].fd == pollinfo.fd) 2102 pollv[i].revents = pollinfo.revents; 2103 else 2104 pollv[i].revents = 0; 2105 } 2106 poller_pid = pollinfo.pid; 2107 return 1; 2108} 2109 2110static void 2111wakeup_handler(int sig) 2112{ 2113} 2114 2115static void 2116proc_poller(int pfd) 2117{ 2118 struct proc_pollfd pollinfo; 2119 struct sigaction sa; 2120 sigset_t blocked_set, empty_set; 2121 int i; 2122 int n; 2123 struct rlimit rl; 2124#ifdef FREEBSD 2125 struct procfs_status pfs; 2126#endif /* FREEBSD */ 2127 2128 switch (fork()) { 2129 case -1: 2130 perror("fork"); 2131 _exit(1); 2132 case 0: 2133 break; 2134 default: 2135 return; 2136 } 2137 2138 sa.sa_handler = interactive ? SIG_DFL : SIG_IGN; 2139 sa.sa_flags = 0; 2140 sigemptyset(&sa.sa_mask); 2141 sigaction(SIGHUP, &sa, NULL); 2142 sigaction(SIGINT, &sa, NULL); 2143 sigaction(SIGQUIT, &sa, NULL); 2144 sigaction(SIGPIPE, &sa, NULL); 2145 sigaction(SIGTERM, &sa, NULL); 2146 sa.sa_handler = wakeup_handler; 2147 sigaction(SIGUSR1, &sa, NULL); 2148 sigemptyset(&blocked_set); 2149 sigaddset(&blocked_set, SIGUSR1); 2150 sigprocmask(SIG_BLOCK, &blocked_set, NULL); 2151 sigemptyset(&empty_set); 2152 2153 if (getrlimit(RLIMIT_NOFILE, &rl) < 0) { 2154 perror("getrlimit(RLIMIT_NOFILE, ...)"); 2155 _exit(1); 2156 } 2157 n = rl.rlim_cur; 2158 for (i = 0; i < n; i++) { 2159 if (i != pfd && i != proc_poll_pipe[1]) 2160 close(i); 2161 } 2162 2163 pollinfo.fd = pfd; 2164 pollinfo.pid = getpid(); 2165 for (;;) { 2166#ifndef FREEBSD 2167 if (ioctl(pfd, PIOCWSTOP, NULL) < 0) 2168#else 2169 if (ioctl(pfd, PIOCWSTOP, &pfs) < 0) 2170#endif 2171 { 2172 switch (errno) { 2173 case EINTR: 2174 continue; 2175 case EBADF: 2176 pollinfo.revents = POLLERR; 2177 break; 2178 case ENOENT: 2179 pollinfo.revents = POLLHUP; 2180 break; 2181 default: 2182 perror("proc_poller: PIOCWSTOP"); 2183 } 2184 write(proc_poll_pipe[1], &pollinfo, sizeof(pollinfo)); 2185 _exit(0); 2186 } 2187 pollinfo.revents = POLLWANT; 2188 write(proc_poll_pipe[1], &pollinfo, sizeof(pollinfo)); 2189 sigsuspend(&empty_set); 2190 } 2191} 2192 2193#endif /* !HAVE_POLLABLE_PROCFS */ 2194 2195static int 2196choose_pfd() 2197{ 2198 int i, j; 2199 struct tcb *tcp; 2200 2201 static int last; 2202 2203 if (followfork < 2 && 2204 last < nprocs && (pollv[last].revents & POLLWANT)) { 2205 /* 2206 * The previous process is ready to run again. We'll 2207 * let it do so if it is currently in a syscall. This 2208 * heuristic improves the readability of the trace. 2209 */ 2210 tcp = pfd2tcb(pollv[last].fd); 2211 if (tcp && (tcp->flags & TCB_INSYSCALL)) 2212 return pollv[last].fd; 2213 } 2214 2215 for (i = 0; i < nprocs; i++) { 2216 /* Let competing children run round robin. */ 2217 j = (i + last + 1) % nprocs; 2218 if (pollv[j].revents & (POLLHUP | POLLERR)) { 2219 tcp = pfd2tcb(pollv[j].fd); 2220 if (!tcp) { 2221 fprintf(stderr, "strace: lost proc\n"); 2222 exit(1); 2223 } 2224 droptcb(tcp); 2225 return -1; 2226 } 2227 if (pollv[j].revents & POLLWANT) { 2228 last = j; 2229 return pollv[j].fd; 2230 } 2231 } 2232 fprintf(stderr, "strace: nothing ready\n"); 2233 exit(1); 2234} 2235 2236static int 2237trace(void) 2238{ 2239#ifdef POLL_HACK 2240 struct tcb *in_syscall = NULL; 2241#endif 2242 struct tcb *tcp; 2243 int pfd; 2244 int what; 2245 int ioctl_result = 0, ioctl_errno = 0; 2246 long arg; 2247 2248 for (;;) { 2249 if (interactive) 2250 sigprocmask(SIG_SETMASK, &empty_set, NULL); 2251 2252 if (nprocs == 0) 2253 break; 2254 2255 switch (nprocs) { 2256 case 1: 2257#ifndef HAVE_POLLABLE_PROCFS 2258 if (proc_poll_pipe[0] == -1) { 2259#endif 2260 tcp = first_used_tcb(); 2261 if (!tcp) 2262 continue; 2263 pfd = tcp->pfd; 2264 if (pfd == -1) 2265 continue; 2266 break; 2267#ifndef HAVE_POLLABLE_PROCFS 2268 } 2269 /* fall through ... */ 2270#endif /* !HAVE_POLLABLE_PROCFS */ 2271 default: 2272#ifdef HAVE_POLLABLE_PROCFS 2273#ifdef POLL_HACK 2274 /* On some systems (e.g. UnixWare) we get too much ugly 2275 "unfinished..." stuff when multiple proceses are in 2276 syscalls. Here's a nasty hack */ 2277 2278 if (in_syscall) { 2279 struct pollfd pv; 2280 tcp = in_syscall; 2281 in_syscall = NULL; 2282 pv.fd = tcp->pfd; 2283 pv.events = POLLWANT; 2284 if ((what = poll (&pv, 1, 1)) < 0) { 2285 if (interrupted) 2286 return 0; 2287 continue; 2288 } 2289 else if (what == 1 && pv.revents & POLLWANT) { 2290 goto FOUND; 2291 } 2292 } 2293#endif 2294 2295 if (poll(pollv, nprocs, INFTIM) < 0) { 2296 if (interrupted) 2297 return 0; 2298 continue; 2299 } 2300#else /* !HAVE_POLLABLE_PROCFS */ 2301 if (proc_poll(pollv, nprocs, INFTIM) < 0) { 2302 if (interrupted) 2303 return 0; 2304 continue; 2305 } 2306#endif /* !HAVE_POLLABLE_PROCFS */ 2307 pfd = choose_pfd(); 2308 if (pfd == -1) 2309 continue; 2310 break; 2311 } 2312 2313 /* Look up `pfd' in our table. */ 2314 if ((tcp = pfd2tcb(pfd)) == NULL) { 2315 fprintf(stderr, "unknown pfd: %u\n", pfd); 2316 exit(1); 2317 } 2318#ifdef POLL_HACK 2319 FOUND: 2320#endif 2321 /* Get the status of the process. */ 2322 if (!interrupted) { 2323#ifndef FREEBSD 2324 ioctl_result = IOCTL_WSTOP (tcp); 2325#else /* FREEBSD */ 2326 /* Thanks to some scheduling mystery, the first poller 2327 sometimes waits for the already processed end of fork 2328 event. Doing a non blocking poll here solves the problem. */ 2329 if (proc_poll_pipe[0] != -1) 2330 ioctl_result = IOCTL_STATUS (tcp); 2331 else 2332 ioctl_result = IOCTL_WSTOP (tcp); 2333#endif /* FREEBSD */ 2334 ioctl_errno = errno; 2335#ifndef HAVE_POLLABLE_PROCFS 2336 if (proc_poll_pipe[0] != -1) { 2337 if (ioctl_result < 0) 2338 kill(poller_pid, SIGKILL); 2339 else 2340 kill(poller_pid, SIGUSR1); 2341 } 2342#endif /* !HAVE_POLLABLE_PROCFS */ 2343 } 2344 if (interrupted) 2345 return 0; 2346 2347 if (interactive) 2348 sigprocmask(SIG_BLOCK, &blocked_set, NULL); 2349 2350 if (ioctl_result < 0) { 2351 /* Find out what happened if it failed. */ 2352 switch (ioctl_errno) { 2353 case EINTR: 2354 case EBADF: 2355 continue; 2356#ifdef FREEBSD 2357 case ENOTTY: 2358#endif 2359 case ENOENT: 2360 droptcb(tcp); 2361 continue; 2362 default: 2363 perror("PIOCWSTOP"); 2364 exit(1); 2365 } 2366 } 2367 2368#ifdef FREEBSD 2369 if ((tcp->flags & TCB_STARTUP) && (tcp->status.PR_WHY == PR_SYSEXIT)) { 2370 /* discard first event for a syscall we never entered */ 2371 IOCTL (tcp->pfd, PIOCRUN, 0); 2372 continue; 2373 } 2374#endif 2375 2376 /* clear the just started flag */ 2377 tcp->flags &= ~TCB_STARTUP; 2378 2379 /* set current output file */ 2380 outf = tcp->outf; 2381 curcol = tcp->curcol; 2382 2383 if (cflag) { 2384 struct timeval stime; 2385#ifdef FREEBSD 2386 char buf[1024]; 2387 int len; 2388 2389 if ((len = pread(tcp->pfd_status, buf, sizeof(buf) - 1, 0)) > 0) { 2390 buf[len] = '\0'; 2391 sscanf(buf, 2392 "%*s %*d %*d %*d %*d %*d,%*d %*s %*d,%*d %*d,%*d %ld,%ld", 2393 &stime.tv_sec, &stime.tv_usec); 2394 } else 2395 stime.tv_sec = stime.tv_usec = 0; 2396#else /* !FREEBSD */ 2397 stime.tv_sec = tcp->status.pr_stime.tv_sec; 2398 stime.tv_usec = tcp->status.pr_stime.tv_nsec/1000; 2399#endif /* !FREEBSD */ 2400 tv_sub(&tcp->dtime, &stime, &tcp->stime); 2401 tcp->stime = stime; 2402 } 2403 what = tcp->status.PR_WHAT; 2404 switch (tcp->status.PR_WHY) { 2405#ifndef FREEBSD 2406 case PR_REQUESTED: 2407 if (tcp->status.PR_FLAGS & PR_ASLEEP) { 2408 tcp->status.PR_WHY = PR_SYSENTRY; 2409 if (trace_syscall(tcp) < 0) { 2410 fprintf(stderr, "syscall trouble\n"); 2411 exit(1); 2412 } 2413 } 2414 break; 2415#endif /* !FREEBSD */ 2416 case PR_SYSENTRY: 2417#ifdef POLL_HACK 2418 in_syscall = tcp; 2419#endif 2420 case PR_SYSEXIT: 2421 if (trace_syscall(tcp) < 0) { 2422 fprintf(stderr, "syscall trouble\n"); 2423 exit(1); 2424 } 2425 break; 2426 case PR_SIGNALLED: 2427 if (cflag != CFLAG_ONLY_STATS 2428 && (qual_flags[what] & QUAL_SIGNAL)) { 2429 printleader(tcp); 2430 tprintf("--- %s (%s) ---", 2431 signame(what), strsignal(what)); 2432 printtrailer(); 2433#ifdef PR_INFO 2434 if (tcp->status.PR_INFO.si_signo == what) { 2435 printleader(tcp); 2436 tprintf(" siginfo="); 2437 printsiginfo(&tcp->status.PR_INFO, 1); 2438 printtrailer(); 2439 } 2440#endif 2441 } 2442 break; 2443 case PR_FAULTED: 2444 if (cflag != CFLAGS_ONLY_STATS 2445 && (qual_flags[what] & QUAL_FAULT)) { 2446 printleader(tcp); 2447 tprintf("=== FAULT %d ===", what); 2448 printtrailer(); 2449 } 2450 break; 2451#ifdef FREEBSD 2452 case 0: /* handle case we polled for nothing */ 2453 continue; 2454#endif 2455 default: 2456 fprintf(stderr, "odd stop %d\n", tcp->status.PR_WHY); 2457 exit(1); 2458 break; 2459 } 2460 /* Remember current print column before continuing. */ 2461 tcp->curcol = curcol; 2462 arg = 0; 2463#ifndef FREEBSD 2464 if (IOCTL (tcp->pfd, PIOCRUN, &arg) < 0) 2465#else 2466 if (IOCTL (tcp->pfd, PIOCRUN, 0) < 0) 2467#endif 2468 { 2469 perror("PIOCRUN"); 2470 exit(1); 2471 } 2472 } 2473 return 0; 2474} 2475 2476#else /* !USE_PROCFS */ 2477 2478#ifdef TCB_GROUP_EXITING 2479/* Handle an exit detach or death signal that is taking all the 2480 related clone threads with it. This is called in three circumstances: 2481 SIG == -1 TCP has already died (TCB_ATTACHED is clear, strace is parent). 2482 SIG == 0 Continuing TCP will perform an exit_group syscall. 2483 SIG == other Continuing TCP with SIG will kill the process. 2484*/ 2485static int 2486handle_group_exit(struct tcb *tcp, int sig) 2487{ 2488 /* We need to locate our records of all the clone threads 2489 related to TCP, either its children or siblings. */ 2490 struct tcb *leader = NULL; 2491 2492 if (tcp->flags & TCB_CLONE_THREAD) 2493 leader = tcp->parent; 2494 2495 if (sig < 0) { 2496 if (leader != NULL && leader != tcp 2497 && !(leader->flags & TCB_GROUP_EXITING) 2498 && !(tcp->flags & TCB_STARTUP) 2499 ) { 2500 fprintf(stderr, 2501 "PANIC: handle_group_exit: %d leader %d\n", 2502 tcp->pid, leader ? leader->pid : -1); 2503 } 2504 /* TCP no longer exists therefore you must not detach() it. */ 2505#ifndef USE_PROCFS 2506 resume_from_tcp(tcp); 2507#endif 2508 droptcb(tcp); /* Already died. */ 2509 } 2510 else { 2511 /* Mark that we are taking the process down. */ 2512 tcp->flags |= TCB_EXITING | TCB_GROUP_EXITING; 2513 if (tcp->flags & TCB_ATTACHED) { 2514 detach(tcp, sig); 2515 if (leader != NULL && leader != tcp) 2516 leader->flags |= TCB_GROUP_EXITING; 2517 } else { 2518 if (ptrace_restart(PTRACE_CONT, tcp, sig) < 0) { 2519 cleanup(); 2520 return -1; 2521 } 2522 if (leader != NULL) { 2523 leader->flags |= TCB_GROUP_EXITING; 2524 if (leader != tcp) 2525 droptcb(tcp); 2526 } 2527 /* The leader will report to us as parent now, 2528 and then we'll get to the SIG==-1 case. */ 2529 return 0; 2530 } 2531 } 2532 2533 return 0; 2534} 2535#endif 2536 2537#ifdef LINUX 2538static int 2539handle_ptrace_event(int status, struct tcb *tcp) 2540{ 2541 if (status >> 16 == PTRACE_EVENT_VFORK || 2542 status >> 16 == PTRACE_EVENT_CLONE || 2543 status >> 16 == PTRACE_EVENT_FORK) { 2544 long childpid; 2545 2546 if (do_ptrace(PTRACE_GETEVENTMSG, tcp, NULL, &childpid) < 0) { 2547 if (errno != ESRCH) { 2548 fprintf(stderr, "\ 2549%s: handle_ptrace_event: ptrace cannot get new child's pid\n", 2550 progname); 2551 cleanup(); 2552 exit(1); 2553 } 2554 return -1; 2555 } 2556 return handle_new_child(tcp, childpid, 0); 2557 } 2558 if (status >> 16 == PTRACE_EVENT_EXEC) { 2559 if (debug) 2560 fprintf(stderr, "PTRACE_EVENT_EXEC on pid %d (ignored)\n", tcp->pid); 2561 return 0; 2562 } 2563 /* Some PTRACE_EVENT_foo we didn't ask for?! */ 2564 error_msg("Unexpected status %x on pid %d", status, tcp->pid); 2565 return 1; 2566} 2567#endif 2568 2569static int 2570trace() 2571{ 2572 int pid; 2573 int wait_errno; 2574 int status; 2575 struct tcb *tcp; 2576#ifdef LINUX 2577 struct rusage ru; 2578#ifdef __WALL 2579 static int wait4_options = __WALL; 2580#endif 2581#endif /* LINUX */ 2582 2583 while (nprocs != 0) { 2584 if (interrupted) 2585 return 0; 2586 if (interactive) 2587 sigprocmask(SIG_SETMASK, &empty_set, NULL); 2588#ifdef LINUX 2589#ifdef __WALL 2590 pid = wait4(-1, &status, wait4_options, cflag ? &ru : NULL); 2591 if (pid < 0 && (wait4_options & __WALL) && errno == EINVAL) { 2592 /* this kernel does not support __WALL */ 2593 wait4_options &= ~__WALL; 2594 errno = 0; 2595 pid = wait4(-1, &status, wait4_options, 2596 cflag ? &ru : NULL); 2597 } 2598 if (pid < 0 && !(wait4_options & __WALL) && errno == ECHILD) { 2599 /* most likely a "cloned" process */ 2600 pid = wait4(-1, &status, __WCLONE, 2601 cflag ? &ru : NULL); 2602 if (pid == -1) { 2603 fprintf(stderr, "strace: clone wait4 " 2604 "failed: %s\n", strerror(errno)); 2605 } 2606 } 2607#else 2608 pid = wait4(-1, &status, 0, cflag ? &ru : NULL); 2609#endif /* __WALL */ 2610#endif /* LINUX */ 2611#ifdef SUNOS4 2612 pid = wait(&status); 2613#endif /* SUNOS4 */ 2614 wait_errno = errno; 2615 if (interactive) 2616 sigprocmask(SIG_BLOCK, &blocked_set, NULL); 2617 2618 if (pid == -1) { 2619 switch (wait_errno) { 2620 case EINTR: 2621 continue; 2622 case ECHILD: 2623 /* 2624 * We would like to verify this case 2625 * but sometimes a race in Solbourne's 2626 * version of SunOS sometimes reports 2627 * ECHILD before sending us SIGCHILD. 2628 */ 2629 return 0; 2630 default: 2631 errno = wait_errno; 2632 perror("strace: wait"); 2633 return -1; 2634 } 2635 } 2636 if (pid == popen_pid) { 2637 if (WIFEXITED(status) || WIFSIGNALED(status)) 2638 popen_pid = -1; 2639 continue; 2640 } 2641 if (debug) 2642 fprintf(stderr, " [wait(%#x) = %u]\n", status, pid); 2643 2644 /* Look up `pid' in our table. */ 2645 if ((tcp = pid2tcb(pid)) == NULL) { 2646#ifdef LINUX 2647 if (followfork) { 2648 /* This is needed to go with the CLONE_PTRACE 2649 changes in process.c/util.c: we might see 2650 the child's initial trap before we see the 2651 parent return from the clone syscall. 2652 Leave the child suspended until the parent 2653 returns from its system call. Only then 2654 will we have the association of parent and 2655 child so that we know how to do clearbpt 2656 in the child. */ 2657 tcp = alloctcb(pid); 2658 tcp->flags |= TCB_ATTACHED | TCB_SUSPENDED; 2659 if (!qflag) 2660 fprintf(stderr, "\ 2661Process %d attached (waiting for parent)\n", 2662 pid); 2663 } 2664 else 2665 /* This can happen if a clone call used 2666 CLONE_PTRACE itself. */ 2667#endif 2668 { 2669 fprintf(stderr, "unknown pid: %u\n", pid); 2670 if (WIFSTOPPED(status)) 2671 ptrace(PTRACE_CONT, pid, (char *) 1, 0); 2672 exit(1); 2673 } 2674 } 2675 /* set current output file */ 2676 outf = tcp->outf; 2677 curcol = tcp->curcol; 2678 if (cflag) { 2679#ifdef LINUX 2680 tv_sub(&tcp->dtime, &ru.ru_stime, &tcp->stime); 2681 tcp->stime = ru.ru_stime; 2682#endif /* !LINUX */ 2683 } 2684 2685 if (tcp->flags & TCB_SUSPENDED) { 2686 /* 2687 * Apparently, doing any ptrace() call on a stopped 2688 * process, provokes the kernel to report the process 2689 * status again on a subsequent wait(), even if the 2690 * process has not been actually restarted. 2691 * Since we have inspected the arguments of suspended 2692 * processes we end up here testing for this case. 2693 */ 2694 continue; 2695 } 2696 if (WIFSIGNALED(status)) { 2697 if (pid == strace_child) 2698 exit_code = 0x100 | WTERMSIG(status); 2699 if (cflag != CFLAG_ONLY_STATS 2700 && (qual_flags[WTERMSIG(status)] & QUAL_SIGNAL)) { 2701 printleader(tcp); 2702 tprintf("+++ killed by %s %s+++", 2703 signame(WTERMSIG(status)), 2704#ifdef WCOREDUMP 2705 WCOREDUMP(status) ? "(core dumped) " : 2706#endif 2707 ""); 2708 printtrailer(); 2709 } 2710#ifdef TCB_GROUP_EXITING 2711 handle_group_exit(tcp, -1); 2712#else 2713 droptcb(tcp); 2714#endif 2715 continue; 2716 } 2717 if (WIFEXITED(status)) { 2718 if (pid == strace_child) 2719 exit_code = WEXITSTATUS(status); 2720 if (debug) 2721 fprintf(stderr, "pid %u exited with %d\n", pid, WEXITSTATUS(status)); 2722 if ((tcp->flags & (TCB_ATTACHED|TCB_STARTUP)) == TCB_ATTACHED 2723#ifdef TCB_GROUP_EXITING 2724 && !(tcp->parent && (tcp->parent->flags & TCB_GROUP_EXITING)) 2725 && !(tcp->flags & TCB_GROUP_EXITING) 2726#endif 2727 ) { 2728 fprintf(stderr, 2729 "PANIC: attached pid %u exited with %d\n", 2730 pid, WEXITSTATUS(status)); 2731 } 2732 if (tcp == tcp_last) { 2733 if ((tcp->flags & (TCB_INSYSCALL|TCB_REPRINT)) == TCB_INSYSCALL) 2734 tprintf(" <unfinished ... exit status %d>\n", 2735 WEXITSTATUS(status)); 2736 tcp_last = NULL; 2737 } 2738#ifdef TCB_GROUP_EXITING 2739 handle_group_exit(tcp, -1); 2740#else 2741 droptcb(tcp); 2742#endif 2743 continue; 2744 } 2745 if (!WIFSTOPPED(status)) { 2746 fprintf(stderr, "PANIC: pid %u not stopped\n", pid); 2747 droptcb(tcp); 2748 continue; 2749 } 2750 if (debug) 2751 fprintf(stderr, "pid %u stopped, [%s]\n", 2752 pid, signame(WSTOPSIG(status))); 2753 2754 if (status >> 16) { 2755 if (handle_ptrace_event(status, tcp) != 1) 2756 goto tracing; 2757 } 2758 2759 /* 2760 * Interestingly, the process may stop 2761 * with STOPSIG equal to some other signal 2762 * than SIGSTOP if we happend to attach 2763 * just before the process takes a signal. 2764 * A no-MMU vforked child won't send up a signal, 2765 * so skip the first (lost) execve notification. 2766 */ 2767 if ((tcp->flags & TCB_STARTUP) && 2768 (WSTOPSIG(status) == SIGSTOP || strace_vforked)) { 2769 /* 2770 * This flag is there to keep us in sync. 2771 * Next time this process stops it should 2772 * really be entering a system call. 2773 */ 2774 tcp->flags &= ~TCB_STARTUP; 2775 if (tcp->flags & TCB_BPTSET) { 2776 /* 2777 * One example is a breakpoint inherited from 2778 * parent through fork (). 2779 */ 2780 if (clearbpt(tcp) < 0) /* Pretty fatal */ { 2781 droptcb(tcp); 2782 cleanup(); 2783 return -1; 2784 } 2785 } 2786#ifdef LINUX 2787 int options = ptrace_setoptions_for_all; 2788 if (followfork && (tcp->parent == NULL)) 2789 options |= ptrace_setoptions_followfork; 2790 if (options) { 2791 if (debug) 2792 fprintf(stderr, "setting opts %x on pid %d\n", options, tcp->pid); 2793 if (ptrace(PTRACE_SETOPTIONS, tcp->pid, NULL, options) < 0) { 2794 if (errno != ESRCH) { 2795 /* Should never happen, really */ 2796 perror_msg_and_die("PTRACE_SETOPTIONS"); 2797 } 2798 } 2799 } 2800#endif 2801 goto tracing; 2802 } 2803 2804 if (WSTOPSIG(status) != syscall_trap_sig) { 2805 if (WSTOPSIG(status) == SIGSTOP && 2806 (tcp->flags & TCB_SIGTRAPPED)) { 2807 /* 2808 * Trapped attempt to block SIGTRAP 2809 * Hope we are back in control now. 2810 */ 2811 tcp->flags &= ~(TCB_INSYSCALL | TCB_SIGTRAPPED); 2812 if (ptrace_restart(PTRACE_SYSCALL, tcp, 0) < 0) { 2813 cleanup(); 2814 return -1; 2815 } 2816 continue; 2817 } 2818 if (cflag != CFLAG_ONLY_STATS 2819 && (qual_flags[WSTOPSIG(status)] & QUAL_SIGNAL)) { 2820 siginfo_t si; 2821#if defined(PT_CR_IPSR) && defined(PT_CR_IIP) 2822 long pc = 0; 2823 long psr = 0; 2824 2825 upeek(tcp, PT_CR_IPSR, &psr); 2826 upeek(tcp, PT_CR_IIP, &pc); 2827 2828# define PSR_RI 41 2829 pc += (psr >> PSR_RI) & 0x3; 2830# define PC_FORMAT_STR " @ %lx" 2831# define PC_FORMAT_ARG pc 2832#else 2833# define PC_FORMAT_STR "%s" 2834# define PC_FORMAT_ARG "" 2835#endif 2836 printleader(tcp); 2837 if (ptrace(PTRACE_GETSIGINFO, pid, 0, &si) == 0) { 2838 tprintf("--- "); 2839 printsiginfo(&si, verbose(tcp)); 2840 tprintf(" (%s)" PC_FORMAT_STR " ---", 2841 strsignal(WSTOPSIG(status)), 2842 PC_FORMAT_ARG); 2843 } else 2844 tprintf("--- %s by %s" PC_FORMAT_STR " ---", 2845 strsignal(WSTOPSIG(status)), 2846 signame(WSTOPSIG(status)), 2847 PC_FORMAT_ARG); 2848 printtrailer(); 2849 } 2850 if (((tcp->flags & TCB_ATTACHED) || 2851 tcp->nclone_threads > 0) && 2852 !sigishandled(tcp, WSTOPSIG(status))) { 2853#ifdef TCB_GROUP_EXITING 2854 handle_group_exit(tcp, WSTOPSIG(status)); 2855#else 2856 detach(tcp, WSTOPSIG(status)); 2857#endif 2858 continue; 2859 } 2860 if (ptrace_restart(PTRACE_SYSCALL, tcp, WSTOPSIG(status)) < 0) { 2861 cleanup(); 2862 return -1; 2863 } 2864 tcp->flags &= ~TCB_SUSPENDED; 2865 continue; 2866 } 2867 /* we handled the STATUS, we are permitted to interrupt now. */ 2868 if (interrupted) 2869 return 0; 2870 if (trace_syscall(tcp) < 0 && !tcp->ptrace_errno) { 2871 /* ptrace() failed in trace_syscall() with ESRCH. 2872 * Likely a result of process disappearing mid-flight. 2873 * Observed case: exit_group() terminating 2874 * all processes in thread group. In this case, threads 2875 * "disappear" in an unpredictable moment without any 2876 * notification to strace via wait(). 2877 */ 2878 if (tcp->flags & TCB_ATTACHED) { 2879 if (tcp_last) { 2880 /* Do we have dangling line "syscall(param, param"? 2881 * Finish the line then. We cannot 2882 */ 2883 tcp_last->flags |= TCB_REPRINT; 2884 tprintf(" <unfinished ...>"); 2885 printtrailer(); 2886 } 2887 detach(tcp, 0); 2888 } else { 2889 ptrace(PTRACE_KILL, 2890 tcp->pid, (char *) 1, SIGTERM); 2891 droptcb(tcp); 2892 } 2893 continue; 2894 } 2895 if (tcp->flags & TCB_EXITING) { 2896#ifdef TCB_GROUP_EXITING 2897 if (tcp->flags & TCB_GROUP_EXITING) { 2898 if (handle_group_exit(tcp, 0) < 0) 2899 return -1; 2900 continue; 2901 } 2902#endif 2903 if (tcp->flags & TCB_ATTACHED) 2904 detach(tcp, 0); 2905 else if (ptrace_restart(PTRACE_CONT, tcp, 0) < 0) { 2906 cleanup(); 2907 return -1; 2908 } 2909 continue; 2910 } 2911 if (tcp->flags & TCB_SUSPENDED) { 2912 if (!qflag) 2913 fprintf(stderr, "Process %u suspended\n", pid); 2914 continue; 2915 } 2916 tracing: 2917 /* Remember current print column before continuing. */ 2918 tcp->curcol = curcol; 2919 if (ptrace_restart(PTRACE_SYSCALL, tcp, 0) < 0) { 2920 cleanup(); 2921 return -1; 2922 } 2923 } 2924 return 0; 2925} 2926 2927#endif /* !USE_PROCFS */ 2928 2929#include <stdarg.h> 2930 2931void 2932tprintf(const char *fmt, ...) 2933{ 2934 va_list args; 2935 2936 va_start(args, fmt); 2937 if (outf) { 2938 int n = vfprintf(outf, fmt, args); 2939 if (n < 0) { 2940 if (outf != stderr) 2941 perror(outfname == NULL 2942 ? "<writing to pipe>" : outfname); 2943 } else 2944 curcol += n; 2945 } 2946 va_end(args); 2947 return; 2948} 2949 2950void 2951printleader(struct tcb *tcp) 2952{ 2953 if (tcp_last) { 2954 if (tcp_last->ptrace_errno) { 2955 if (tcp_last->flags & TCB_INSYSCALL) { 2956 tprintf(" <unavailable>)"); 2957 tabto(acolumn); 2958 } 2959 tprintf("= ? <unavailable>\n"); 2960 tcp_last->ptrace_errno = 0; 2961 } else if (!outfname || followfork < 2 || tcp_last == tcp) { 2962 tcp_last->flags |= TCB_REPRINT; 2963 tprintf(" <unfinished ...>\n"); 2964 } 2965 } 2966 curcol = 0; 2967 if ((followfork == 1 || pflag_seen > 1) && outfname) 2968 tprintf("%-5d ", tcp->pid); 2969 else if (nprocs > 1 && !outfname) 2970 tprintf("[pid %5u] ", tcp->pid); 2971 if (tflag) { 2972 char str[sizeof("HH:MM:SS")]; 2973 struct timeval tv, dtv; 2974 static struct timeval otv; 2975 2976 gettimeofday(&tv, NULL); 2977 if (rflag) { 2978 if (otv.tv_sec == 0) 2979 otv = tv; 2980 tv_sub(&dtv, &tv, &otv); 2981 tprintf("%6ld.%06ld ", 2982 (long) dtv.tv_sec, (long) dtv.tv_usec); 2983 otv = tv; 2984 } 2985 else if (tflag > 2) { 2986 tprintf("%ld.%06ld ", 2987 (long) tv.tv_sec, (long) tv.tv_usec); 2988 } 2989 else { 2990 time_t local = tv.tv_sec; 2991 strftime(str, sizeof(str), "%T", localtime(&local)); 2992 if (tflag > 1) 2993 tprintf("%s.%06ld ", str, (long) tv.tv_usec); 2994 else 2995 tprintf("%s ", str); 2996 } 2997 } 2998 if (iflag) 2999 printcall(tcp); 3000} 3001 3002void 3003tabto(int col) 3004{ 3005 if (curcol < col) 3006 tprintf("%*s", col - curcol, ""); 3007} 3008 3009void 3010printtrailer(void) 3011{ 3012 tprintf("\n"); 3013 tcp_last = NULL; 3014} 3015 3016#ifdef HAVE_MP_PROCFS 3017 3018int 3019mp_ioctl(int fd, int cmd, void *arg, int size) 3020{ 3021 struct iovec iov[2]; 3022 int n = 1; 3023 3024 iov[0].iov_base = &cmd; 3025 iov[0].iov_len = sizeof cmd; 3026 if (arg) { 3027 ++n; 3028 iov[1].iov_base = arg; 3029 iov[1].iov_len = size; 3030 } 3031 3032 return writev(fd, iov, n); 3033} 3034 3035#endif 3036