trace.c revision 73894bdb7ef4ea81a44a7b8b3ab896f6b3cab344
1#include <stdio.h> 2#include <stdlib.h> 3#include <string.h> 4#include <errno.h> 5#include <unistd.h> 6#include <sys/types.h> 7#include <sys/wait.h> 8#include "ptrace.h" 9#include <asm/unistd.h> 10#include <assert.h> 11 12#include "common.h" 13 14/* If the system headers did not provide the constants, hard-code the normal 15 values. */ 16#ifndef PTRACE_EVENT_FORK 17 18#define PTRACE_OLDSETOPTIONS 21 19#define PTRACE_SETOPTIONS 0x4200 20#define PTRACE_GETEVENTMSG 0x4201 21 22/* options set using PTRACE_SETOPTIONS */ 23#define PTRACE_O_TRACESYSGOOD 0x00000001 24#define PTRACE_O_TRACEFORK 0x00000002 25#define PTRACE_O_TRACEVFORK 0x00000004 26#define PTRACE_O_TRACECLONE 0x00000008 27#define PTRACE_O_TRACEEXEC 0x00000010 28#define PTRACE_O_TRACEVFORKDONE 0x00000020 29#define PTRACE_O_TRACEEXIT 0x00000040 30 31/* Wait extended result codes for the above trace options. */ 32#define PTRACE_EVENT_FORK 1 33#define PTRACE_EVENT_VFORK 2 34#define PTRACE_EVENT_CLONE 3 35#define PTRACE_EVENT_EXEC 4 36#define PTRACE_EVENT_VFORK_DONE 5 37#define PTRACE_EVENT_EXIT 6 38 39#endif /* PTRACE_EVENT_FORK */ 40 41#ifdef ARCH_HAVE_UMOVELONG 42extern int arch_umovelong (Process *, void *, long *, arg_type_info *); 43int 44umovelong (Process *proc, void *addr, long *result, arg_type_info *info) { 45 return arch_umovelong (proc, addr, result, info); 46} 47#else 48/* Read a single long from the process's memory address 'addr' */ 49int 50umovelong (Process *proc, void *addr, long *result, arg_type_info *info) { 51 long pointed_to; 52 53 errno = 0; 54 pointed_to = ptrace (PTRACE_PEEKTEXT, proc->pid, addr, 0); 55 if (pointed_to == -1 && errno) 56 return -errno; 57 58 *result = pointed_to; 59 if (info) { 60 switch(info->type) { 61 case ARGTYPE_INT: 62 *result &= 0x00000000ffffffffUL; 63 default: 64 break; 65 }; 66 } 67 return 0; 68} 69#endif 70 71void 72trace_me(void) { 73 debug(DEBUG_PROCESS, "trace_me: pid=%d", getpid()); 74 if (ptrace(PTRACE_TRACEME, 0, 1, 0) < 0) { 75 perror("PTRACE_TRACEME"); 76 exit(1); 77 } 78} 79 80int 81trace_pid(pid_t pid) { 82 debug(DEBUG_PROCESS, "trace_pid: pid=%d", pid); 83 if (ptrace(PTRACE_ATTACH, pid, 1, 0) < 0) { 84 return -1; 85 } 86 87 /* man ptrace: PTRACE_ATTACH attaches to the process specified 88 in pid. The child is sent a SIGSTOP, but will not 89 necessarily have stopped by the completion of this call; 90 use wait() to wait for the child to stop. */ 91 if (waitpid (pid, NULL, __WALL) != pid) { 92 perror ("trace_pid: waitpid"); 93 return -1; 94 } 95 96 return 0; 97} 98 99void 100trace_set_options(Process *proc, pid_t pid) { 101 if (proc->tracesysgood & 0x80) 102 return; 103 104 debug(DEBUG_PROCESS, "trace_set_options: pid=%d", pid); 105 106 long options = PTRACE_O_TRACESYSGOOD | PTRACE_O_TRACEFORK | 107 PTRACE_O_TRACEVFORK | PTRACE_O_TRACECLONE | 108 PTRACE_O_TRACEEXEC; 109 if (ptrace(PTRACE_SETOPTIONS, pid, 0, options) < 0 && 110 ptrace(PTRACE_OLDSETOPTIONS, pid, 0, options) < 0) { 111 perror("PTRACE_SETOPTIONS"); 112 return; 113 } 114 proc->tracesysgood |= 0x80; 115} 116 117void 118untrace_pid(pid_t pid) { 119 debug(DEBUG_PROCESS, "untrace_pid: pid=%d", pid); 120 ptrace(PTRACE_DETACH, pid, 1, 0); 121} 122 123void 124continue_after_signal(pid_t pid, int signum) { 125 Process *proc; 126 127 debug(DEBUG_PROCESS, "continue_after_signal: pid=%d, signum=%d", pid, signum); 128 129 proc = pid2proc(pid); 130 ptrace(PTRACE_SYSCALL, pid, 0, signum); 131} 132 133static enum ecb_status 134event_for_pid(Event * event, void * data) 135{ 136 if (event->proc != NULL && event->proc->pid == (pid_t)(uintptr_t)data) 137 return ecb_yield; 138 return ecb_cont; 139} 140 141static int 142have_events_for(pid_t pid) 143{ 144 return each_qd_event(event_for_pid, (void *)(uintptr_t)pid) != NULL; 145} 146 147void 148continue_process(pid_t pid) 149{ 150 debug(DEBUG_PROCESS, "continue_process: pid=%d", pid); 151 152 /* Only really continue the process if there are no events in 153 the queue for this process. Otherwise just for the other 154 events to arrive. */ 155 if (!have_events_for(pid)) 156 /* We always trace syscalls to control fork(), 157 * clone(), execve()... */ 158 ptrace(PTRACE_SYSCALL, pid, 0, 0); 159 else 160 debug(DEBUG_PROCESS, 161 "putting off the continue, events in que."); 162} 163 164/** 165 * This is used for bookkeeping related to PIDs that the event 166 * handlers work with. 167 */ 168struct pid_task { 169 pid_t pid; /* This may be 0 for tasks that exited 170 * mid-handling. */ 171 int sigstopped; 172 int got_event; 173 int delivered; 174} * pids; 175 176struct pid_set { 177 struct pid_task * tasks; 178 size_t count; 179 size_t alloc; 180}; 181 182/** 183 * Breakpoint re-enablement. When we hit a breakpoint, we must 184 * disable it, single-step, and re-enable it. That single-step can be 185 * done only by one task in a task group, while others are stopped, 186 * otherwise the processes would race for who sees the breakpoint 187 * disabled and who doesn't. The following is to keep track of it 188 * all. 189 */ 190struct process_stopping_handler 191{ 192 Event_Handler super; 193 194 /* The task that is doing the re-enablement. */ 195 Process * task_enabling_breakpoint; 196 197 /* The pointer being re-enabled. */ 198 Breakpoint * breakpoint_being_enabled; 199 200 enum { 201 /* We are waiting for everyone to land in t/T. */ 202 psh_stopping = 0, 203 204 /* We are doing the PTRACE_SINGLESTEP. */ 205 psh_singlestep, 206 207 /* We are waiting for all the SIGSTOPs to arrive so 208 * that we can sink them. */ 209 psh_sinking, 210 211 /* This is for tracking the ugly workaround. */ 212 psh_ugly_workaround, 213 } state; 214 215 int exiting; 216 217 struct pid_set pids; 218}; 219 220static enum pcb_status 221task_stopped(Process * task, void * data) 222{ 223 /* If the task is already stopped, don't worry about it. 224 * Likewise if it managed to become a zombie or terminate in 225 * the meantime. This can happen when the whole thread group 226 * is terminating. */ 227 switch (process_status(task->pid)) { 228 case ps_invalid: 229 case ps_tracing_stop: 230 case ps_zombie: 231 return pcb_cont; 232 default: 233 return pcb_stop; 234 } 235} 236 237static struct pid_task * 238get_task_info(struct pid_set * pids, pid_t pid) 239{ 240 assert(pid != 0); 241 size_t i; 242 for (i = 0; i < pids->count; ++i) 243 if (pids->tasks[i].pid == pid) 244 return &pids->tasks[i]; 245 246 return NULL; 247} 248 249static struct pid_task * 250add_task_info(struct pid_set * pids, pid_t pid) 251{ 252 if (pids->count == pids->alloc) { 253 size_t ns = (2 * pids->alloc) ?: 4; 254 struct pid_task * n = realloc(pids->tasks, 255 sizeof(*pids->tasks) * ns); 256 if (n == NULL) 257 return NULL; 258 pids->tasks = n; 259 pids->alloc = ns; 260 } 261 struct pid_task * task_info = &pids->tasks[pids->count++]; 262 memset(task_info, 0, sizeof(*task_info)); 263 task_info->pid = pid; 264 return task_info; 265} 266 267static enum pcb_status 268send_sigstop(Process * task, void * data) 269{ 270 Process * leader = task->leader; 271 struct pid_set * pids = data; 272 273 /* Look for pre-existing task record, or add new. */ 274 struct pid_task * task_info = get_task_info(pids, task->pid); 275 if (task_info == NULL) 276 task_info = add_task_info(pids, task->pid); 277 if (task_info == NULL) { 278 perror("send_sigstop: add_task_info"); 279 destroy_event_handler(leader); 280 /* Signal failure upwards. */ 281 return pcb_stop; 282 } 283 284 /* This task still has not been attached to. It should be 285 stopped by the kernel. */ 286 if (task->state == STATE_BEING_CREATED) 287 return pcb_cont; 288 289 /* Don't bother sending SIGSTOP if we are already stopped, or 290 * if we sent the SIGSTOP already, which happens when we 291 * inherit the handler from breakpoint re-enablement. */ 292 if (task_stopped(task, NULL) == pcb_cont) 293 return pcb_cont; 294 if (task_info->sigstopped) { 295 if (!task_info->delivered) 296 return pcb_cont; 297 task_info->delivered = 0; 298 } 299 300 if (task_kill(task->pid, SIGSTOP) >= 0) { 301 debug(DEBUG_PROCESS, "send SIGSTOP to %d", task->pid); 302 task_info->sigstopped = 1; 303 } else 304 fprintf(stderr, 305 "Warning: couldn't send SIGSTOP to %d\n", task->pid); 306 307 return pcb_cont; 308} 309 310/* On certain kernels, detaching right after a singlestep causes the 311 tracee to be killed with a SIGTRAP (that even though the singlestep 312 was properly caught by waitpid. The ugly workaround is to put a 313 breakpoint where IP points and let the process continue. After 314 this the breakpoint can be retracted and the process detached. */ 315static void 316ugly_workaround(Process * proc) 317{ 318 void * ip = get_instruction_pointer(proc); 319 Breakpoint * sbp = dict_find_entry(proc->leader->breakpoints, ip); 320 if (sbp != NULL) 321 enable_breakpoint(proc, sbp); 322 else 323 insert_breakpoint(proc, ip, NULL, 1); 324 ptrace(PTRACE_CONT, proc->pid, 0, 0); 325} 326 327static void 328process_stopping_done(struct process_stopping_handler * self, Process * leader) 329{ 330 debug(DEBUG_PROCESS, "process stopping done %d", 331 self->task_enabling_breakpoint->pid); 332 size_t i; 333 if (!self->exiting) { 334 for (i = 0; i < self->pids.count; ++i) 335 if (self->pids.tasks[i].pid != 0 336 && self->pids.tasks[i].delivered) 337 continue_process(self->pids.tasks[i].pid); 338 continue_process(self->task_enabling_breakpoint->pid); 339 destroy_event_handler(leader); 340 } else { 341 self->state = psh_ugly_workaround; 342 ugly_workaround(self->task_enabling_breakpoint); 343 } 344} 345 346/* Before we detach, we need to make sure that task's IP is on the 347 * edge of an instruction. So for tasks that have a breakpoint event 348 * in the queue, we adjust the instruction pointer, just like 349 * continue_after_breakpoint does. */ 350static enum ecb_status 351undo_breakpoint(Event * event, void * data) 352{ 353 if (event != NULL 354 && event->proc->leader == data 355 && event->type == EVENT_BREAKPOINT) 356 set_instruction_pointer(event->proc, event->e_un.brk_addr); 357 return ecb_cont; 358} 359 360static enum pcb_status 361untrace_task(Process * task, void * data) 362{ 363 if (task != data) 364 untrace_pid(task->pid); 365 return pcb_cont; 366} 367 368static enum pcb_status 369remove_task(Process * task, void * data) 370{ 371 /* Don't untrace leader just yet. */ 372 if (task != data) 373 remove_process(task); 374 return pcb_cont; 375} 376 377static void 378detach_process(Process * leader) 379{ 380 each_qd_event(&undo_breakpoint, leader); 381 disable_all_breakpoints(leader); 382 383 /* Now untrace the process, if it was attached to by -p. */ 384 struct opt_p_t * it; 385 for (it = opt_p; it != NULL; it = it->next) { 386 Process * proc = pid2proc(it->pid); 387 if (proc == NULL) 388 continue; 389 if (proc->leader == leader) { 390 each_task(leader, &untrace_task, NULL); 391 break; 392 } 393 } 394 each_task(leader, &remove_task, leader); 395 destroy_event_handler(leader); 396 remove_task(leader, NULL); 397} 398 399static void 400handle_stopping_event(struct pid_task * task_info, Event ** eventp) 401{ 402 /* Mark all events, so that we know whom to SIGCONT later. */ 403 if (task_info != NULL) 404 task_info->got_event = 1; 405 406 Event * event = *eventp; 407 408 /* In every state, sink SIGSTOP events for tasks that it was 409 * sent to. */ 410 if (task_info != NULL 411 && event->type == EVENT_SIGNAL 412 && event->e_un.signum == SIGSTOP) { 413 debug(DEBUG_PROCESS, "SIGSTOP delivered to %d", task_info->pid); 414 if (task_info->sigstopped 415 && !task_info->delivered) { 416 task_info->delivered = 1; 417 *eventp = NULL; // sink the event 418 } else 419 fprintf(stderr, "suspicious: %d got SIGSTOP, but " 420 "sigstopped=%d and delivered=%d\n", 421 task_info->pid, task_info->sigstopped, 422 task_info->delivered); 423 } 424} 425 426/* Some SIGSTOPs may have not been delivered to their respective tasks 427 * yet. They are still in the queue. If we have seen an event for 428 * that process, continue it, so that the SIGSTOP can be delivered and 429 * caught by ltrace. */ 430static void 431continue_for_sigstop_delivery(struct pid_set * pids) 432{ 433 size_t i; 434 for (i = 0; i < pids->count; ++i) { 435 if (pids->tasks[i].pid != 0 436 && pids->tasks[i].sigstopped 437 && !pids->tasks[i].delivered 438 && pids->tasks[i].got_event) { 439 debug(DEBUG_PROCESS, "continue %d for SIGSTOP delivery", 440 pids->tasks[i].pid); 441 ptrace(PTRACE_SYSCALL, pids->tasks[i].pid, 0, 0); 442 } 443 } 444} 445 446static int 447event_exit_p(Event * event) 448{ 449 return event != NULL && (event->type == EVENT_EXIT 450 || event->type == EVENT_EXIT_SIGNAL); 451} 452 453static int 454event_exit_or_none_p(Event * event) 455{ 456 return event == NULL || event_exit_p(event) 457 || event->type == EVENT_NONE; 458} 459 460static int 461await_sigstop_delivery(struct pid_set * pids, struct pid_task * task_info, 462 Event * event) 463{ 464 /* If we still didn't get our SIGSTOP, continue the process 465 * and carry on. */ 466 if (event != NULL && !event_exit_or_none_p(event) 467 && task_info != NULL && task_info->sigstopped) { 468 debug(DEBUG_PROCESS, "continue %d for SIGSTOP delivery", 469 task_info->pid); 470 /* We should get the signal the first thing 471 * after this, so it should be OK to continue 472 * even if we are over a breakpoint. */ 473 ptrace(PTRACE_SYSCALL, task_info->pid, 0, 0); 474 475 } else { 476 /* If all SIGSTOPs were delivered, uninstall the 477 * handler and continue everyone. */ 478 /* XXX I suspect that we should check tasks that are 479 * still around. Is things are now, there should be a 480 * race between waiting for everyone to stop and one 481 * of the tasks exiting. */ 482 int all_clear = 1; 483 size_t i; 484 for (i = 0; i < pids->count; ++i) 485 if (pids->tasks[i].pid != 0 486 && pids->tasks[i].sigstopped 487 && !pids->tasks[i].delivered) { 488 all_clear = 0; 489 break; 490 } 491 return all_clear; 492 } 493 494 return 0; 495} 496 497static int 498all_stops_accountable(struct pid_set * pids) 499{ 500 size_t i; 501 for (i = 0; i < pids->count; ++i) 502 if (pids->tasks[i].pid != 0 503 && !pids->tasks[i].got_event 504 && !have_events_for(pids->tasks[i].pid)) 505 return 0; 506 return 1; 507} 508 509/* This event handler is installed when we are in the process of 510 * stopping the whole thread group to do the pointer re-enablement for 511 * one of the threads. We pump all events to the queue for later 512 * processing while we wait for all the threads to stop. When this 513 * happens, we let the re-enablement thread to PTRACE_SINGLESTEP, 514 * re-enable, and continue everyone. */ 515static Event * 516process_stopping_on_event(Event_Handler * super, Event * event) 517{ 518 struct process_stopping_handler * self = (void *)super; 519 Process * task = event->proc; 520 Process * leader = task->leader; 521 Breakpoint * sbp = self->breakpoint_being_enabled; 522 Process * teb = self->task_enabling_breakpoint; 523 524 debug(DEBUG_PROCESS, 525 "pid %d; event type %d; state %d", 526 task->pid, event->type, self->state); 527 528 struct pid_task * task_info = get_task_info(&self->pids, task->pid); 529 if (task_info == NULL) 530 fprintf(stderr, "new task??? %d\n", task->pid); 531 handle_stopping_event(task_info, &event); 532 533 int state = self->state; 534 int event_to_queue = !event_exit_or_none_p(event); 535 536 /* Deactivate the entry if the task exits. */ 537 if (event_exit_p(event) && task_info != NULL) 538 task_info->pid = 0; 539 540 switch (state) { 541 case psh_stopping: 542 /* If everyone is stopped, singlestep. */ 543 if (each_task(leader, &task_stopped, NULL) == NULL) { 544 debug(DEBUG_PROCESS, "all stopped, now SINGLESTEP %d", 545 teb->pid); 546 if (sbp->enabled) 547 disable_breakpoint(teb, sbp); 548 if (ptrace(PTRACE_SINGLESTEP, teb->pid, 0, 0)) 549 perror("PTRACE_SINGLESTEP"); 550 self->state = state = psh_singlestep; 551 } 552 break; 553 554 case psh_singlestep: { 555 /* In singlestep state, breakpoint signifies that we 556 * have now stepped, and can re-enable the breakpoint. */ 557 if (event != NULL && task == teb) { 558 /* Essentially we don't care what event caused 559 * the thread to stop. We can do the 560 * re-enablement now. */ 561 if (sbp->enabled) 562 enable_breakpoint(teb, sbp); 563 564 continue_for_sigstop_delivery(&self->pids); 565 566 self->breakpoint_being_enabled = NULL; 567 self->state = state = psh_sinking; 568 569 if (event->type == EVENT_BREAKPOINT) 570 event = NULL; // handled 571 } else 572 break; 573 } 574 575 /* fall-through */ 576 577 case psh_sinking: 578 if (await_sigstop_delivery(&self->pids, task_info, event)) 579 process_stopping_done(self, leader); 580 break; 581 582 case psh_ugly_workaround: 583 if (event == NULL) 584 break; 585 if (event->type == EVENT_BREAKPOINT) { 586 undo_breakpoint(event, leader); 587 if (task == teb) 588 self->task_enabling_breakpoint = NULL; 589 } 590 if (self->task_enabling_breakpoint == NULL 591 && all_stops_accountable(&self->pids)) { 592 undo_breakpoint(event, leader); 593 detach_process(leader); 594 event = NULL; // handled 595 } 596 } 597 598 if (event != NULL && event_to_queue) { 599 enque_event(event); 600 event = NULL; // sink the event 601 } 602 603 return event; 604} 605 606static void 607process_stopping_destroy(Event_Handler * super) 608{ 609 struct process_stopping_handler * self = (void *)super; 610 free(self->pids.tasks); 611} 612 613void 614continue_after_breakpoint(Process *proc, Breakpoint *sbp) 615{ 616 set_instruction_pointer(proc, sbp->addr); 617 if (sbp->enabled == 0) { 618 continue_process(proc->pid); 619 } else { 620 debug(DEBUG_PROCESS, 621 "continue_after_breakpoint: pid=%d, addr=%p", 622 proc->pid, sbp->addr); 623#if defined __sparc__ || defined __ia64___ || defined __mips__ 624 /* we don't want to singlestep here */ 625 continue_process(proc->pid); 626#else 627 struct process_stopping_handler * handler 628 = calloc(sizeof(*handler), 1); 629 if (handler == NULL) { 630 perror("malloc breakpoint disable handler"); 631 fatal: 632 /* Carry on not bothering to re-enable. */ 633 continue_process(proc->pid); 634 return; 635 } 636 637 handler->super.on_event = process_stopping_on_event; 638 handler->super.destroy = process_stopping_destroy; 639 handler->task_enabling_breakpoint = proc; 640 handler->breakpoint_being_enabled = sbp; 641 install_event_handler(proc->leader, &handler->super); 642 643 if (each_task(proc->leader, &send_sigstop, 644 &handler->pids) != NULL) 645 goto fatal; 646 647 /* And deliver the first fake event, in case all the 648 * conditions are already fulfilled. */ 649 Event ev; 650 ev.type = EVENT_NONE; 651 ev.proc = proc; 652 process_stopping_on_event(&handler->super, &ev); 653#endif 654 } 655} 656 657/** 658 * Ltrace exit. When we are about to exit, we have to go through all 659 * the processes, stop them all, remove all the breakpoints, and then 660 * detach the processes that we attached to using -p. If we left the 661 * other tasks running, they might hit stray return breakpoints and 662 * produce artifacts, so we better stop everyone, even if it's a bit 663 * of extra work. 664 */ 665struct ltrace_exiting_handler 666{ 667 Event_Handler super; 668 struct pid_set pids; 669}; 670 671static Event * 672ltrace_exiting_on_event(Event_Handler * super, Event * event) 673{ 674 struct ltrace_exiting_handler * self = (void *)super; 675 Process * task = event->proc; 676 Process * leader = task->leader; 677 678 debug(DEBUG_PROCESS, "pid %d; event type %d", task->pid, event->type); 679 680 struct pid_task * task_info = get_task_info(&self->pids, task->pid); 681 handle_stopping_event(task_info, &event); 682 683 if (event != NULL && event->type == EVENT_BREAKPOINT) 684 undo_breakpoint(event, leader); 685 686 if (await_sigstop_delivery(&self->pids, task_info, event) 687 && all_stops_accountable(&self->pids)) 688 detach_process(leader); 689 690 /* Sink all non-exit events. We are about to exit, so we 691 * don't bother with queuing them. */ 692 if (event_exit_or_none_p(event)) 693 return event; 694 695 return NULL; 696} 697 698static void 699ltrace_exiting_destroy(Event_Handler * super) 700{ 701 struct ltrace_exiting_handler * self = (void *)super; 702 free(self->pids.tasks); 703} 704 705static int 706ltrace_exiting_install_handler(Process * proc) 707{ 708 /* Only install to leader. */ 709 if (proc->leader != proc) 710 return 0; 711 712 /* Perhaps we are already installed, if the user passed 713 * several -p options that are tasks of one process. */ 714 if (proc->event_handler != NULL 715 && proc->event_handler->on_event == <race_exiting_on_event) 716 return 0; 717 718 /* If stopping handler is already present, let it do the 719 * work. */ 720 if (proc->event_handler != NULL) { 721 assert(proc->event_handler->on_event 722 == &process_stopping_on_event); 723 struct process_stopping_handler * other 724 = (void *)proc->event_handler; 725 other->exiting = 1; 726 return 0; 727 } 728 729 struct ltrace_exiting_handler * handler 730 = calloc(sizeof(*handler), 1); 731 if (handler == NULL) { 732 perror("malloc exiting handler"); 733 fatal: 734 /* XXXXXXXXXXXXXXXXXXX fixme */ 735 return -1; 736 } 737 738 handler->super.on_event = ltrace_exiting_on_event; 739 handler->super.destroy = ltrace_exiting_destroy; 740 install_event_handler(proc->leader, &handler->super); 741 742 if (each_task(proc->leader, &send_sigstop, 743 &handler->pids) != NULL) 744 goto fatal; 745 746 return 0; 747} 748 749/* If ltrace gets SIGINT, the processes directly or indirectly run by 750 * ltrace get it too. We just have to wait long enough for the signal 751 * to be delivered and the process terminated, which we notice and 752 * exit ltrace, too. So there's not much we need to do there. We 753 * want to keep tracing those processes as usual, in case they just 754 * SIG_IGN the SIGINT to do their shutdown etc. 755 * 756 * For processes ran on the background, we want to install an exit 757 * handler that stops all the threads, removes all breakpoints, and 758 * detaches. 759 */ 760void 761ltrace_exiting(void) 762{ 763 struct opt_p_t * it; 764 for (it = opt_p; it != NULL; it = it->next) { 765 Process * proc = pid2proc(it->pid); 766 if (proc == NULL || proc->leader == NULL) 767 continue; 768 if (ltrace_exiting_install_handler(proc->leader) < 0) 769 fprintf(stderr, 770 "Couldn't install exiting handler for %d.\n", 771 proc->pid); 772 } 773} 774 775size_t 776umovebytes(Process *proc, void *addr, void *laddr, size_t len) { 777 778 union { 779 long a; 780 char c[sizeof(long)]; 781 } a; 782 int started = 0; 783 size_t offset = 0, bytes_read = 0; 784 785 while (offset < len) { 786 a.a = ptrace(PTRACE_PEEKTEXT, proc->pid, addr + offset, 0); 787 if (a.a == -1 && errno) { 788 if (started && errno == EIO) 789 return bytes_read; 790 else 791 return -1; 792 } 793 started = 1; 794 795 if (len - offset >= sizeof(long)) { 796 memcpy(laddr + offset, &a.c[0], sizeof(long)); 797 bytes_read += sizeof(long); 798 } 799 else { 800 memcpy(laddr + offset, &a.c[0], len - offset); 801 bytes_read += (len - offset); 802 } 803 offset += sizeof(long); 804 } 805 806 return bytes_read; 807} 808 809/* Read a series of bytes starting at the process's memory address 810 'addr' and continuing until a NUL ('\0') is seen or 'len' bytes 811 have been read. 812*/ 813int 814umovestr(Process *proc, void *addr, int len, void *laddr) { 815 union { 816 long a; 817 char c[sizeof(long)]; 818 } a; 819 unsigned i; 820 int offset = 0; 821 822 while (offset < len) { 823 a.a = ptrace(PTRACE_PEEKTEXT, proc->pid, addr + offset, 0); 824 for (i = 0; i < sizeof(long); i++) { 825 if (a.c[i] && offset + (signed)i < len) { 826 *(char *)(laddr + offset + i) = a.c[i]; 827 } else { 828 *(char *)(laddr + offset + i) = '\0'; 829 return 0; 830 } 831 } 832 offset += sizeof(long); 833 } 834 *(char *)(laddr + offset) = '\0'; 835 return 0; 836} 837