syscall.c revision 38b295569fab7981ed677d5ccc25d0ff7e715ad0
1/* 2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl> 3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl> 4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com> 5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl> 6 * Copyright (c) 1999 IBM Deutschland Entwicklung GmbH, IBM Corporation 7 * Linux for s390 port by D.J. Barrow 8 * <barrow_dj@mail.yahoo.com,djbarrow@de.ibm.com> 9 * All rights reserved. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. The name of the author may not be used to endorse or promote products 20 * derived from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34#include "defs.h" 35#include <sys/user.h> 36#include <sys/param.h> 37 38#ifdef HAVE_SYS_REG_H 39# include <sys/reg.h> 40#endif 41 42#ifdef HAVE_LINUX_PTRACE_H 43# undef PTRACE_SYSCALL 44# ifdef HAVE_STRUCT_IA64_FPREG 45# define ia64_fpreg XXX_ia64_fpreg 46# endif 47# ifdef HAVE_STRUCT_PT_ALL_USER_REGS 48# define pt_all_user_regs XXX_pt_all_user_regs 49# endif 50# ifdef HAVE_STRUCT_PTRACE_PEEKSIGINFO_ARGS 51# define ptrace_peeksiginfo_args XXX_ptrace_peeksiginfo_args 52# endif 53# include <linux/ptrace.h> 54# undef ptrace_peeksiginfo_args 55# undef ia64_fpreg 56# undef pt_all_user_regs 57#endif 58 59#if defined(SPARC64) 60# undef PTRACE_GETREGS 61# define PTRACE_GETREGS PTRACE_GETREGS64 62# undef PTRACE_SETREGS 63# define PTRACE_SETREGS PTRACE_SETREGS64 64#endif 65 66#if defined(IA64) 67# include <asm/ptrace_offsets.h> 68# include <asm/rse.h> 69#endif 70 71/* for struct iovec */ 72#include <sys/uio.h> 73/* for NT_PRSTATUS */ 74#ifdef HAVE_ELF_H 75# include <elf.h> 76#endif 77 78#if defined(AARCH64) 79# include <asm/ptrace.h> 80#endif 81 82#if defined(XTENSA) 83# include <asm/ptrace.h> 84#endif 85 86#ifndef NSIG 87# warning: NSIG is not defined, using 32 88# define NSIG 32 89#endif 90 91#include "syscall.h" 92 93/* Define these shorthand notations to simplify the syscallent files. */ 94#define TD TRACE_DESC 95#define TF TRACE_FILE 96#define TI TRACE_IPC 97#define TN TRACE_NETWORK 98#define TP TRACE_PROCESS 99#define TS TRACE_SIGNAL 100#define TM TRACE_MEMORY 101#define NF SYSCALL_NEVER_FAILS 102#define MA MAX_ARGS 103#define SI STACKTRACE_INVALIDATE_CACHE 104#define SE STACKTRACE_CAPTURE_ON_ENTER 105 106const struct_sysent sysent0[] = { 107#include "syscallent.h" 108}; 109 110#if SUPPORTED_PERSONALITIES > 1 111static const struct_sysent sysent1[] = { 112# include "syscallent1.h" 113}; 114#endif 115 116#if SUPPORTED_PERSONALITIES > 2 117static const struct_sysent sysent2[] = { 118# include "syscallent2.h" 119}; 120#endif 121 122/* Now undef them since short defines cause wicked namespace pollution. */ 123#undef TD 124#undef TF 125#undef TI 126#undef TN 127#undef TP 128#undef TS 129#undef TM 130#undef NF 131#undef MA 132#undef SI 133#undef SE 134 135/* 136 * `ioctlent[012].h' files are automatically generated by the auxiliary 137 * program `ioctlsort', such that the list is sorted by the `code' field. 138 * This has the side-effect of resolving the _IO.. macros into 139 * plain integers, eliminating the need to include here everything 140 * in "/usr/include". 141 */ 142 143const char *const errnoent0[] = { 144#include "errnoent.h" 145}; 146const char *const signalent0[] = { 147#include "signalent.h" 148}; 149const struct_ioctlent ioctlent0[] = { 150#include "ioctlent0.h" 151}; 152 153#if SUPPORTED_PERSONALITIES > 1 154static const char *const errnoent1[] = { 155# include "errnoent1.h" 156}; 157static const char *const signalent1[] = { 158# include "signalent1.h" 159}; 160static const struct_ioctlent ioctlent1[] = { 161# include "ioctlent1.h" 162}; 163#endif 164 165#if SUPPORTED_PERSONALITIES > 2 166static const char *const errnoent2[] = { 167# include "errnoent2.h" 168}; 169static const char *const signalent2[] = { 170# include "signalent2.h" 171}; 172static const struct_ioctlent ioctlent2[] = { 173# include "ioctlent2.h" 174}; 175#endif 176 177enum { 178 nsyscalls0 = ARRAY_SIZE(sysent0) 179#if SUPPORTED_PERSONALITIES > 1 180 , nsyscalls1 = ARRAY_SIZE(sysent1) 181# if SUPPORTED_PERSONALITIES > 2 182 , nsyscalls2 = ARRAY_SIZE(sysent2) 183# endif 184#endif 185}; 186 187enum { 188 nerrnos0 = ARRAY_SIZE(errnoent0) 189#if SUPPORTED_PERSONALITIES > 1 190 , nerrnos1 = ARRAY_SIZE(errnoent1) 191# if SUPPORTED_PERSONALITIES > 2 192 , nerrnos2 = ARRAY_SIZE(errnoent2) 193# endif 194#endif 195}; 196 197enum { 198 nsignals0 = ARRAY_SIZE(signalent0) 199#if SUPPORTED_PERSONALITIES > 1 200 , nsignals1 = ARRAY_SIZE(signalent1) 201# if SUPPORTED_PERSONALITIES > 2 202 , nsignals2 = ARRAY_SIZE(signalent2) 203# endif 204#endif 205}; 206 207enum { 208 nioctlents0 = ARRAY_SIZE(ioctlent0) 209#if SUPPORTED_PERSONALITIES > 1 210 , nioctlents1 = ARRAY_SIZE(ioctlent1) 211# if SUPPORTED_PERSONALITIES > 2 212 , nioctlents2 = ARRAY_SIZE(ioctlent2) 213# endif 214#endif 215}; 216 217#if SUPPORTED_PERSONALITIES > 1 218const struct_sysent *sysent = sysent0; 219const char *const *errnoent = errnoent0; 220const char *const *signalent = signalent0; 221const struct_ioctlent *ioctlent = ioctlent0; 222#endif 223unsigned nsyscalls = nsyscalls0; 224unsigned nerrnos = nerrnos0; 225unsigned nsignals = nsignals0; 226unsigned nioctlents = nioctlents0; 227 228unsigned num_quals; 229qualbits_t *qual_vec[SUPPORTED_PERSONALITIES]; 230 231static const unsigned nsyscall_vec[SUPPORTED_PERSONALITIES] = { 232 nsyscalls0, 233#if SUPPORTED_PERSONALITIES > 1 234 nsyscalls1, 235#endif 236#if SUPPORTED_PERSONALITIES > 2 237 nsyscalls2, 238#endif 239}; 240static const struct_sysent *const sysent_vec[SUPPORTED_PERSONALITIES] = { 241 sysent0, 242#if SUPPORTED_PERSONALITIES > 1 243 sysent1, 244#endif 245#if SUPPORTED_PERSONALITIES > 2 246 sysent2, 247#endif 248}; 249 250enum { 251 MAX_NSYSCALLS1 = (nsyscalls0 252#if SUPPORTED_PERSONALITIES > 1 253 > nsyscalls1 ? nsyscalls0 : nsyscalls1 254#endif 255 ), 256 MAX_NSYSCALLS2 = (MAX_NSYSCALLS1 257#if SUPPORTED_PERSONALITIES > 2 258 > nsyscalls2 ? MAX_NSYSCALLS1 : nsyscalls2 259#endif 260 ), 261 MAX_NSYSCALLS = MAX_NSYSCALLS2, 262 /* We are ready for arches with up to 255 signals, 263 * even though the largest known signo is on MIPS and it is 128. 264 * The number of existing syscalls on all arches is 265 * larger that 255 anyway, so it is just a pedantic matter. 266 */ 267 MIN_QUALS = MAX_NSYSCALLS > 255 ? MAX_NSYSCALLS : 255 268}; 269 270#if SUPPORTED_PERSONALITIES > 1 271unsigned current_personality; 272 273# ifndef current_wordsize 274unsigned current_wordsize; 275static const int personality_wordsize[SUPPORTED_PERSONALITIES] = { 276 PERSONALITY0_WORDSIZE, 277 PERSONALITY1_WORDSIZE, 278# if SUPPORTED_PERSONALITIES > 2 279 PERSONALITY2_WORDSIZE, 280# endif 281}; 282# endif 283 284void 285set_personality(int personality) 286{ 287 nsyscalls = nsyscall_vec[personality]; 288 sysent = sysent_vec[personality]; 289 290 switch (personality) { 291 case 0: 292 errnoent = errnoent0; 293 nerrnos = nerrnos0; 294 ioctlent = ioctlent0; 295 nioctlents = nioctlents0; 296 signalent = signalent0; 297 nsignals = nsignals0; 298 break; 299 300 case 1: 301 errnoent = errnoent1; 302 nerrnos = nerrnos1; 303 ioctlent = ioctlent1; 304 nioctlents = nioctlents1; 305 signalent = signalent1; 306 nsignals = nsignals1; 307 break; 308 309# if SUPPORTED_PERSONALITIES > 2 310 case 2: 311 errnoent = errnoent2; 312 nerrnos = nerrnos2; 313 ioctlent = ioctlent2; 314 nioctlents = nioctlents2; 315 signalent = signalent2; 316 nsignals = nsignals2; 317 break; 318# endif 319 } 320 321 current_personality = personality; 322# ifndef current_wordsize 323 current_wordsize = personality_wordsize[personality]; 324# endif 325} 326 327static void 328update_personality(struct tcb *tcp, unsigned int personality) 329{ 330 if (personality == current_personality) 331 return; 332 set_personality(personality); 333 334 if (personality == tcp->currpers) 335 return; 336 tcp->currpers = personality; 337 338# if defined(POWERPC64) 339 if (!qflag) { 340 static const char *const names[] = {"64 bit", "32 bit"}; 341 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n", 342 tcp->pid, names[personality]); 343 } 344# elif defined(X86_64) 345 if (!qflag) { 346 static const char *const names[] = {"64 bit", "32 bit", "x32"}; 347 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n", 348 tcp->pid, names[personality]); 349 } 350# elif defined(X32) 351 if (!qflag) { 352 static const char *const names[] = {"x32", "32 bit"}; 353 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n", 354 tcp->pid, names[personality]); 355 } 356# elif defined(AARCH64) 357 if (!qflag) { 358 static const char *const names[] = {"32-bit", "AArch64"}; 359 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n", 360 tcp->pid, names[personality]); 361 } 362# elif defined(TILE) 363 if (!qflag) { 364 static const char *const names[] = {"64-bit", "32-bit"}; 365 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n", 366 tcp->pid, names[personality]); 367 } 368# endif 369} 370#endif 371 372static int qual_syscall(), qual_signal(), qual_desc(); 373 374static const struct qual_options { 375 unsigned int bitflag; 376 const char *option_name; 377 int (*qualify)(const char *, int, int); 378 const char *argument_name; 379} qual_options[] = { 380 { QUAL_TRACE, "trace", qual_syscall, "system call" }, 381 { QUAL_TRACE, "t", qual_syscall, "system call" }, 382 { QUAL_ABBREV, "abbrev", qual_syscall, "system call" }, 383 { QUAL_ABBREV, "a", qual_syscall, "system call" }, 384 { QUAL_VERBOSE, "verbose", qual_syscall, "system call" }, 385 { QUAL_VERBOSE, "v", qual_syscall, "system call" }, 386 { QUAL_RAW, "raw", qual_syscall, "system call" }, 387 { QUAL_RAW, "x", qual_syscall, "system call" }, 388 { QUAL_SIGNAL, "signal", qual_signal, "signal" }, 389 { QUAL_SIGNAL, "signals", qual_signal, "signal" }, 390 { QUAL_SIGNAL, "s", qual_signal, "signal" }, 391 { QUAL_READ, "read", qual_desc, "descriptor" }, 392 { QUAL_READ, "reads", qual_desc, "descriptor" }, 393 { QUAL_READ, "r", qual_desc, "descriptor" }, 394 { QUAL_WRITE, "write", qual_desc, "descriptor" }, 395 { QUAL_WRITE, "writes", qual_desc, "descriptor" }, 396 { QUAL_WRITE, "w", qual_desc, "descriptor" }, 397 { 0, NULL, NULL, NULL }, 398}; 399 400static void 401reallocate_qual(const unsigned int n) 402{ 403 unsigned p; 404 qualbits_t *qp; 405 for (p = 0; p < SUPPORTED_PERSONALITIES; p++) { 406 qp = qual_vec[p] = realloc(qual_vec[p], n * sizeof(qualbits_t)); 407 if (!qp) 408 die_out_of_memory(); 409 memset(&qp[num_quals], 0, (n - num_quals) * sizeof(qualbits_t)); 410 } 411 num_quals = n; 412} 413 414static void 415qualify_one(const unsigned int n, unsigned int bitflag, const int not, const int pers) 416{ 417 int p; 418 419 if (num_quals <= n) 420 reallocate_qual(n + 1); 421 422 for (p = 0; p < SUPPORTED_PERSONALITIES; p++) { 423 if (pers == p || pers < 0) { 424 if (not) 425 qual_vec[p][n] &= ~bitflag; 426 else 427 qual_vec[p][n] |= bitflag; 428 } 429 } 430} 431 432static int 433qual_syscall(const char *s, const unsigned int bitflag, const int not) 434{ 435 int p; 436 unsigned int i; 437 int rc = -1; 438 439 if (*s >= '0' && *s <= '9') { 440 i = string_to_uint(s); 441 if (i >= MAX_NSYSCALLS) 442 return -1; 443 qualify_one(i, bitflag, not, -1); 444 return 0; 445 } 446 447 for (p = 0; p < SUPPORTED_PERSONALITIES; p++) { 448 for (i = 0; i < nsyscall_vec[p]; i++) { 449 if (sysent_vec[p][i].sys_name 450 && strcmp(s, sysent_vec[p][i].sys_name) == 0 451 ) { 452 qualify_one(i, bitflag, not, p); 453 rc = 0; 454 } 455 } 456 } 457 458 return rc; 459} 460 461static int 462qual_signal(const char *s, const unsigned int bitflag, const int not) 463{ 464 unsigned int i; 465 466 if (*s >= '0' && *s <= '9') { 467 int signo = string_to_uint(s); 468 if (signo < 0 || signo > 255) 469 return -1; 470 qualify_one(signo, bitflag, not, -1); 471 return 0; 472 } 473 if (strncasecmp(s, "SIG", 3) == 0) 474 s += 3; 475 for (i = 0; i <= NSIG; i++) { 476 if (strcasecmp(s, signame(i) + 3) == 0) { 477 qualify_one(i, bitflag, not, -1); 478 return 0; 479 } 480 } 481 return -1; 482} 483 484static int 485qual_desc(const char *s, const unsigned int bitflag, const int not) 486{ 487 if (*s >= '0' && *s <= '9') { 488 int desc = string_to_uint(s); 489 if (desc < 0 || desc > 0x7fff) /* paranoia */ 490 return -1; 491 qualify_one(desc, bitflag, not, -1); 492 return 0; 493 } 494 return -1; 495} 496 497static int 498lookup_class(const char *s) 499{ 500 if (strcmp(s, "file") == 0) 501 return TRACE_FILE; 502 if (strcmp(s, "ipc") == 0) 503 return TRACE_IPC; 504 if (strcmp(s, "network") == 0) 505 return TRACE_NETWORK; 506 if (strcmp(s, "process") == 0) 507 return TRACE_PROCESS; 508 if (strcmp(s, "signal") == 0) 509 return TRACE_SIGNAL; 510 if (strcmp(s, "desc") == 0) 511 return TRACE_DESC; 512 if (strcmp(s, "memory") == 0) 513 return TRACE_MEMORY; 514 return -1; 515} 516 517void 518qualify(const char *s) 519{ 520 const struct qual_options *opt; 521 char *copy; 522 const char *p; 523 int not; 524 unsigned int i; 525 526 if (num_quals == 0) 527 reallocate_qual(MIN_QUALS); 528 529 opt = &qual_options[0]; 530 for (i = 0; (p = qual_options[i].option_name); i++) { 531 unsigned int len = strlen(p); 532 if (strncmp(s, p, len) == 0 && s[len] == '=') { 533 opt = &qual_options[i]; 534 s += len + 1; 535 break; 536 } 537 } 538 not = 0; 539 if (*s == '!') { 540 not = 1; 541 s++; 542 } 543 if (strcmp(s, "none") == 0) { 544 not = 1 - not; 545 s = "all"; 546 } 547 if (strcmp(s, "all") == 0) { 548 for (i = 0; i < num_quals; i++) { 549 qualify_one(i, opt->bitflag, not, -1); 550 } 551 return; 552 } 553 for (i = 0; i < num_quals; i++) { 554 qualify_one(i, opt->bitflag, !not, -1); 555 } 556 copy = strdup(s); 557 if (!copy) 558 die_out_of_memory(); 559 for (p = strtok(copy, ","); p; p = strtok(NULL, ",")) { 560 int n; 561 if (opt->bitflag == QUAL_TRACE && (n = lookup_class(p)) > 0) { 562 unsigned pers; 563 for (pers = 0; pers < SUPPORTED_PERSONALITIES; pers++) { 564 for (i = 0; i < nsyscall_vec[pers]; i++) 565 if (sysent_vec[pers][i].sys_flags & n) 566 qualify_one(i, opt->bitflag, not, pers); 567 } 568 continue; 569 } 570 if (opt->qualify(p, opt->bitflag, not)) { 571 error_msg_and_die("invalid %s '%s'", 572 opt->argument_name, p); 573 } 574 } 575 free(copy); 576 return; 577} 578 579#ifdef SYS_socket_subcall 580static void 581decode_socket_subcall(struct tcb *tcp) 582{ 583 unsigned long addr; 584 unsigned int i, n, size; 585 586 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= SYS_socket_nsubcalls) 587 return; 588 589 tcp->scno = SYS_socket_subcall + tcp->u_arg[0]; 590 tcp->qual_flg = qual_flags[tcp->scno]; 591 tcp->s_ent = &sysent[tcp->scno]; 592 addr = tcp->u_arg[1]; 593 size = current_wordsize; 594 n = tcp->s_ent->nargs; 595 for (i = 0; i < n; ++i) { 596 if (size == sizeof(int)) { 597 unsigned int arg; 598 if (umove(tcp, addr, &arg) < 0) 599 arg = 0; 600 tcp->u_arg[i] = arg; 601 } 602 else { 603 unsigned long arg; 604 if (umove(tcp, addr, &arg) < 0) 605 arg = 0; 606 tcp->u_arg[i] = arg; 607 } 608 addr += size; 609 } 610} 611#endif 612 613#ifdef SYS_ipc_subcall 614static void 615decode_ipc_subcall(struct tcb *tcp) 616{ 617 unsigned int i, n; 618 619 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= SYS_ipc_nsubcalls) 620 return; 621 622 tcp->scno = SYS_ipc_subcall + tcp->u_arg[0]; 623 tcp->qual_flg = qual_flags[tcp->scno]; 624 tcp->s_ent = &sysent[tcp->scno]; 625 n = tcp->s_ent->nargs; 626 for (i = 0; i < n; i++) 627 tcp->u_arg[i] = tcp->u_arg[i + 1]; 628} 629#endif 630 631int 632printargs(struct tcb *tcp) 633{ 634 if (entering(tcp)) { 635 int i; 636 int n = tcp->s_ent->nargs; 637 for (i = 0; i < n; i++) 638 tprintf("%s%#lx", i ? ", " : "", tcp->u_arg[i]); 639 } 640 return 0; 641} 642 643int 644printargs_lu(struct tcb *tcp) 645{ 646 if (entering(tcp)) { 647 int i; 648 int n = tcp->s_ent->nargs; 649 for (i = 0; i < n; i++) 650 tprintf("%s%lu", i ? ", " : "", tcp->u_arg[i]); 651 } 652 return 0; 653} 654 655int 656printargs_ld(struct tcb *tcp) 657{ 658 if (entering(tcp)) { 659 int i; 660 int n = tcp->s_ent->nargs; 661 for (i = 0; i < n; i++) 662 tprintf("%s%ld", i ? ", " : "", tcp->u_arg[i]); 663 } 664 return 0; 665} 666 667#if defined(SPARC) || defined(SPARC64) || defined(IA64) || defined(SH) 668long 669getrval2(struct tcb *tcp) 670{ 671 long val; 672 673# if defined(SPARC) || defined(SPARC64) 674 val = sparc_regs.u_regs[U_REG_O1]; 675# elif defined(SH) 676 if (upeek(tcp->pid, 4*(REG_REG0+1), &val) < 0) 677 return -1; 678# elif defined(IA64) 679 if (upeek(tcp->pid, PT_R9, &val) < 0) 680 return -1; 681# endif 682 683 return val; 684} 685#endif 686 687#if defined(I386) 688static struct user_regs_struct i386_regs; 689/* Cast suppresses signedness warning (.esp is long, not unsigned long) */ 690uint32_t *const i386_esp_ptr = (uint32_t*)&i386_regs.esp; 691# define ARCH_REGS_FOR_GETREGSET i386_regs 692#elif defined(X86_64) || defined(X32) 693/* 694 * On i386, pt_regs and user_regs_struct are the same, 695 * but on 64 bit x86, user_regs_struct has six more fields: 696 * fs_base, gs_base, ds, es, fs, gs. 697 * PTRACE_GETREGS fills them too, so struct pt_regs would overflow. 698 */ 699struct i386_user_regs_struct { 700 uint32_t ebx; 701 uint32_t ecx; 702 uint32_t edx; 703 uint32_t esi; 704 uint32_t edi; 705 uint32_t ebp; 706 uint32_t eax; 707 uint32_t xds; 708 uint32_t xes; 709 uint32_t xfs; 710 uint32_t xgs; 711 uint32_t orig_eax; 712 uint32_t eip; 713 uint32_t xcs; 714 uint32_t eflags; 715 uint32_t esp; 716 uint32_t xss; 717}; 718static union { 719 struct user_regs_struct x86_64_r; 720 struct i386_user_regs_struct i386_r; 721} x86_regs_union; 722# define x86_64_regs x86_regs_union.x86_64_r 723# define i386_regs x86_regs_union.i386_r 724uint32_t *const i386_esp_ptr = &i386_regs.esp; 725static struct iovec x86_io = { 726 .iov_base = &x86_regs_union 727}; 728#elif defined(IA64) 729bool ia64_ia32mode = 0; /* not static */ 730static long ia64_r8, ia64_r10; 731#elif defined(POWERPC) 732struct pt_regs ppc_regs; 733#elif defined(M68K) 734static long m68k_d0; 735#elif defined(BFIN) 736static long bfin_r0; 737#elif defined(ARM) 738struct pt_regs arm_regs; /* not static */ 739# define ARCH_REGS_FOR_GETREGSET arm_regs 740#elif defined(AARCH64) 741static union { 742 struct user_pt_regs aarch64_r; 743 struct arm_pt_regs arm_r; 744} arm_regs_union; 745# define aarch64_regs arm_regs_union.aarch64_r 746# define arm_regs arm_regs_union.arm_r 747static struct iovec aarch64_io = { 748 .iov_base = &arm_regs_union 749}; 750#elif defined(ALPHA) 751static long alpha_r0; 752static long alpha_a3; 753#elif defined(AVR32) 754static struct pt_regs avr32_regs; 755#elif defined(SPARC) || defined(SPARC64) 756struct pt_regs sparc_regs; /* not static */ 757#elif defined(LINUX_MIPSN32) 758static long long mips_a3; 759static long long mips_r2; 760#elif defined(MIPS) 761static long mips_a3; 762static long mips_r2; 763#elif defined(S390) || defined(S390X) 764static long s390_gpr2; 765#elif defined(HPPA) 766static long hppa_r28; 767#elif defined(SH) 768static long sh_r0; 769#elif defined(SH64) 770static long sh64_r9; 771#elif defined(CRISV10) || defined(CRISV32) 772static long cris_r10; 773#elif defined(TILE) 774struct pt_regs tile_regs; 775#elif defined(MICROBLAZE) 776static long microblaze_r3; 777#elif defined(OR1K) 778static struct user_regs_struct or1k_regs; 779# define ARCH_REGS_FOR_GETREGSET or1k_regs 780#elif defined(METAG) 781static struct user_gp_regs metag_regs; 782# define ARCH_REGS_FOR_GETREGSET metag_regs 783#elif defined(XTENSA) 784static long xtensa_a2; 785# elif defined(ARC) 786static struct user_regs_struct arc_regs; 787# define ARCH_REGS_FOR_GETREGSET arc_regs 788#endif 789 790void 791print_pc(struct tcb *tcp) 792{ 793#define PRINTBADPC tprintf(sizeof(long) == 4 ? "[????????] " : \ 794 sizeof(long) == 8 ? "[????????????????] " : \ 795 NULL /* crash */) 796 if (get_regs_error) { 797 PRINTBADPC; 798 return; 799 } 800#if defined(I386) 801 tprintf("[%08lx] ", i386_regs.eip); 802#elif defined(S390) || defined(S390X) 803 long psw; 804 if (upeek(tcp->pid, PT_PSWADDR, &psw) < 0) { 805 PRINTBADPC; 806 return; 807 } 808# ifdef S390 809 tprintf("[%08lx] ", psw); 810# elif S390X 811 tprintf("[%016lx] ", psw); 812# endif 813#elif defined(X86_64) || defined(X32) 814 if (x86_io.iov_len == sizeof(i386_regs)) { 815 tprintf("[%08x] ", (unsigned) i386_regs.eip); 816 } else { 817# if defined(X86_64) 818 tprintf("[%016lx] ", (unsigned long) x86_64_regs.rip); 819# elif defined(X32) 820 /* Note: this truncates 64-bit rip to 32 bits */ 821 tprintf("[%08lx] ", (unsigned long) x86_64_regs.rip); 822# endif 823 } 824#elif defined(IA64) 825 long ip; 826 if (upeek(tcp->pid, PT_B0, &ip) < 0) { 827 PRINTBADPC; 828 return; 829 } 830 tprintf("[%08lx] ", ip); 831#elif defined(POWERPC) 832 long pc = ppc_regs.nip; 833# ifdef POWERPC64 834 tprintf("[%016lx] ", pc); 835# else 836 tprintf("[%08lx] ", pc); 837# endif 838#elif defined(M68K) 839 long pc; 840 if (upeek(tcp->pid, 4*PT_PC, &pc) < 0) { 841 tprints("[????????] "); 842 return; 843 } 844 tprintf("[%08lx] ", pc); 845#elif defined(ALPHA) 846 long pc; 847 if (upeek(tcp->pid, REG_PC, &pc) < 0) { 848 tprints("[????????????????] "); 849 return; 850 } 851 tprintf("[%08lx] ", pc); 852#elif defined(SPARC) 853 tprintf("[%08lx] ", sparc_regs.pc); 854#elif defined(SPARC64) 855 tprintf("[%08lx] ", sparc_regs.tpc); 856#elif defined(HPPA) 857 long pc; 858 if (upeek(tcp->pid, PT_IAOQ0, &pc) < 0) { 859 tprints("[????????] "); 860 return; 861 } 862 tprintf("[%08lx] ", pc); 863#elif defined(MIPS) 864 long pc; 865 if (upeek(tcp->pid, REG_EPC, &pc) < 0) { 866 tprints("[????????] "); 867 return; 868 } 869 tprintf("[%08lx] ", pc); 870#elif defined(SH) 871 long pc; 872 if (upeek(tcp->pid, 4*REG_PC, &pc) < 0) { 873 tprints("[????????] "); 874 return; 875 } 876 tprintf("[%08lx] ", pc); 877#elif defined(SH64) 878 long pc; 879 if (upeek(tcp->pid, REG_PC, &pc) < 0) { 880 tprints("[????????????????] "); 881 return; 882 } 883 tprintf("[%08lx] ", pc); 884#elif defined(ARM) 885 tprintf("[%08lx] ", arm_regs.ARM_pc); 886#elif defined(AARCH64) 887 /* tprintf("[%016lx] ", aarch64_regs.regs[???]); */ 888#elif defined(AVR32) 889 tprintf("[%08lx] ", avr32_regs.pc); 890#elif defined(BFIN) 891 long pc; 892 if (upeek(tcp->pid, PT_PC, &pc) < 0) { 893 PRINTBADPC; 894 return; 895 } 896 tprintf("[%08lx] ", pc); 897#elif defined(CRISV10) 898 long pc; 899 if (upeek(tcp->pid, 4*PT_IRP, &pc) < 0) { 900 PRINTBADPC; 901 return; 902 } 903 tprintf("[%08lx] ", pc); 904#elif defined(CRISV32) 905 long pc; 906 if (upeek(tcp->pid, 4*PT_ERP, &pc) < 0) { 907 PRINTBADPC; 908 return; 909 } 910 tprintf("[%08lx] ", pc); 911#elif defined(TILE) 912# ifdef _LP64 913 tprintf("[%016lx] ", (unsigned long) tile_regs.pc); 914# else 915 tprintf("[%08lx] ", (unsigned long) tile_regs.pc); 916# endif 917#elif defined(OR1K) 918 tprintf("[%08lx] ", or1k_regs.pc); 919#elif defined(METAG) 920 tprintf("[%08lx] ", metag_regs.pc); 921#elif defined(XTENSA) 922 long pc; 923 if (upeek(tcp->pid, REG_PC, &pc) < 0) { 924 PRINTBADPC; 925 return; 926 } 927 tprintf("[%08lx] ", pc); 928#elif defined(ARC) 929 tprintf("[%08lx] ", arc_regs.efa); 930#endif /* architecture */ 931} 932 933/* 934 * Shuffle syscall numbers so that we don't have huge gaps in syscall table. 935 * The shuffling should be an involution: shuffle_scno(shuffle_scno(n)) == n. 936 */ 937#if defined(ARM) || defined(AARCH64) /* So far only 32-bit ARM needs this */ 938static long 939shuffle_scno(unsigned long scno) 940{ 941 if (scno < ARM_FIRST_SHUFFLED_SYSCALL) 942 return scno; 943 944 /* __ARM_NR_cmpxchg? Swap with LAST_ORDINARY+1 */ 945 if (scno == ARM_FIRST_SHUFFLED_SYSCALL) 946 return 0x000ffff0; 947 if (scno == 0x000ffff0) 948 return ARM_FIRST_SHUFFLED_SYSCALL; 949 950#define ARM_SECOND_SHUFFLED_SYSCALL (ARM_FIRST_SHUFFLED_SYSCALL + 1) 951 /* 952 * Is it ARM specific syscall? 953 * Swap [0x000f0000, 0x000f0000 + LAST_SPECIAL] range 954 * with [SECOND_SHUFFLED, SECOND_SHUFFLED + LAST_SPECIAL] range. 955 */ 956 if (scno >= 0x000f0000 && 957 scno <= 0x000f0000 + ARM_LAST_SPECIAL_SYSCALL) { 958 return scno - 0x000f0000 + ARM_SECOND_SHUFFLED_SYSCALL; 959 } 960 if (scno <= ARM_SECOND_SHUFFLED_SYSCALL + ARM_LAST_SPECIAL_SYSCALL) { 961 return scno + 0x000f0000 - ARM_SECOND_SHUFFLED_SYSCALL; 962 } 963 964 return scno; 965} 966#else 967# define shuffle_scno(scno) ((long)(scno)) 968#endif 969 970static char* 971undefined_scno_name(struct tcb *tcp) 972{ 973 static char buf[sizeof("syscall_%lu") + sizeof(long)*3]; 974 975 sprintf(buf, "syscall_%lu", shuffle_scno(tcp->scno)); 976 return buf; 977} 978 979#ifdef POWERPC 980/* 981 * PTRACE_GETREGS was added to the PowerPC kernel in v2.6.23, 982 * we provide a slow fallback for old kernels. 983 */ 984static int powerpc_getregs_old(pid_t pid) 985{ 986 int i; 987 long r; 988 989 if (iflag) { 990 r = upeek(pid, sizeof(long) * PT_NIP, (long *)&ppc_regs.nip); 991 if (r) 992 goto out; 993 } 994#ifdef POWERPC64 /* else we never use it */ 995 r = upeek(pid, sizeof(long) * PT_MSR, (long *)&ppc_regs.msr); 996 if (r) 997 goto out; 998#endif 999 r = upeek(pid, sizeof(long) * PT_CCR, (long *)&ppc_regs.ccr); 1000 if (r) 1001 goto out; 1002 r = upeek(pid, sizeof(long) * PT_ORIG_R3, (long *)&ppc_regs.orig_gpr3); 1003 if (r) 1004 goto out; 1005 for (i = 0; i <= 8; i++) { 1006 r = upeek(pid, sizeof(long) * (PT_R0 + i), 1007 (long *)&ppc_regs.gpr[i]); 1008 if (r) 1009 goto out; 1010 } 1011 out: 1012 return r; 1013} 1014#endif 1015 1016#ifndef get_regs 1017long get_regs_error; 1018 1019#if defined(PTRACE_GETREGSET) && defined(NT_PRSTATUS) 1020static void get_regset(pid_t pid) 1021{ 1022/* constant iovec */ 1023# if defined(ARM) \ 1024 || defined(I386) \ 1025 || defined(METAG) \ 1026 || defined(OR1K) \ 1027 || defined(ARC) 1028 static struct iovec io = { 1029 .iov_base = &ARCH_REGS_FOR_GETREGSET, 1030 .iov_len = sizeof(ARCH_REGS_FOR_GETREGSET) 1031 }; 1032 get_regs_error = ptrace(PTRACE_GETREGSET, pid, NT_PRSTATUS, &io); 1033 1034/* variable iovec */ 1035# elif defined(X86_64) || defined(X32) 1036 /* x86_io.iov_base = &x86_regs_union; - already is */ 1037 x86_io.iov_len = sizeof(x86_regs_union); 1038 get_regs_error = ptrace(PTRACE_GETREGSET, pid, NT_PRSTATUS, &x86_io); 1039# elif defined(AARCH64) 1040 /* aarch64_io.iov_base = &arm_regs_union; - already is */ 1041 aarch64_io.iov_len = sizeof(arm_regs_union); 1042 get_regs_error = ptrace(PTRACE_GETREGSET, pid, NT_PRSTATUS, &aarch64_io); 1043# else 1044# warning both PTRACE_GETREGSET and NT_PRSTATUS are available but not yet used 1045# endif 1046} 1047#endif /* PTRACE_GETREGSET && NT_PRSTATUS */ 1048 1049void 1050get_regs(pid_t pid) 1051{ 1052/* PTRACE_GETREGSET only */ 1053# if defined(METAG) || defined(OR1K) || defined(X32) || defined(AARCH64) || defined(ARC) 1054 get_regset(pid); 1055 1056/* PTRACE_GETREGS only */ 1057# elif defined(AVR32) 1058 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, &avr32_regs); 1059# elif defined(TILE) 1060 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, &tile_regs); 1061# elif defined(SPARC) || defined(SPARC64) 1062 get_regs_error = ptrace(PTRACE_GETREGS, pid, (char *)&sparc_regs, 0); 1063# elif defined(POWERPC) 1064 static bool old_kernel = 0; 1065 if (old_kernel) 1066 goto old; 1067 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, (long) &ppc_regs); 1068 if (get_regs_error && errno == EIO) { 1069 old_kernel = 1; 1070 old: 1071 get_regs_error = powerpc_getregs_old(pid); 1072 } 1073 1074/* try PTRACE_GETREGSET first, fallback to PTRACE_GETREGS */ 1075# else 1076# if defined(PTRACE_GETREGSET) && defined(NT_PRSTATUS) 1077 static int getregset_support; 1078 1079 if (getregset_support >= 0) { 1080 get_regset(pid); 1081 if (getregset_support > 0) 1082 return; 1083 if (get_regs_error >= 0) { 1084 getregset_support = 1; 1085 return; 1086 } 1087 if (errno == EPERM || errno == ESRCH) 1088 return; 1089 getregset_support = -1; 1090 } 1091# endif /* PTRACE_GETREGSET && NT_PRSTATUS */ 1092# if defined(ARM) 1093 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, &arm_regs); 1094# elif defined(I386) 1095 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, &i386_regs); 1096# elif defined(X86_64) 1097 /* Use old method, with unreliable heuristical detection of 32-bitness. */ 1098 x86_io.iov_len = sizeof(x86_64_regs); 1099 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, &x86_64_regs); 1100 if (!get_regs_error && x86_64_regs.cs == 0x23) { 1101 x86_io.iov_len = sizeof(i386_regs); 1102 /* 1103 * The order is important: i386_regs and x86_64_regs 1104 * are overlaid in memory! 1105 */ 1106 i386_regs.ebx = x86_64_regs.rbx; 1107 i386_regs.ecx = x86_64_regs.rcx; 1108 i386_regs.edx = x86_64_regs.rdx; 1109 i386_regs.esi = x86_64_regs.rsi; 1110 i386_regs.edi = x86_64_regs.rdi; 1111 i386_regs.ebp = x86_64_regs.rbp; 1112 i386_regs.eax = x86_64_regs.rax; 1113 /* i386_regs.xds = x86_64_regs.ds; unused by strace */ 1114 /* i386_regs.xes = x86_64_regs.es; ditto... */ 1115 /* i386_regs.xfs = x86_64_regs.fs; */ 1116 /* i386_regs.xgs = x86_64_regs.gs; */ 1117 i386_regs.orig_eax = x86_64_regs.orig_rax; 1118 i386_regs.eip = x86_64_regs.rip; 1119 /* i386_regs.xcs = x86_64_regs.cs; */ 1120 /* i386_regs.eflags = x86_64_regs.eflags; */ 1121 i386_regs.esp = x86_64_regs.rsp; 1122 /* i386_regs.xss = x86_64_regs.ss; */ 1123 } 1124# else 1125# error unhandled architecture 1126# endif /* ARM || I386 || X86_64 */ 1127# endif 1128} 1129#endif /* !get_regs */ 1130 1131/* Returns: 1132 * 0: "ignore this ptrace stop", bail out of trace_syscall_entering() silently. 1133 * 1: ok, continue in trace_syscall_entering(). 1134 * other: error, trace_syscall_entering() should print error indicator 1135 * ("????" etc) and bail out. 1136 */ 1137static int 1138get_scno(struct tcb *tcp) 1139{ 1140 long scno = 0; 1141 1142#if defined(S390) || defined(S390X) 1143 if (upeek(tcp->pid, PT_GPR2, &s390_gpr2) < 0) 1144 return -1; 1145 1146 if (s390_gpr2 != -ENOSYS) { 1147 /* 1148 * Since kernel version 2.5.44 the scno gets passed in gpr2. 1149 */ 1150 scno = s390_gpr2; 1151 } else { 1152 /* 1153 * Old style of "passing" the scno via the SVC instruction. 1154 */ 1155 long psw; 1156 long opcode, offset_reg, tmp; 1157 void *svc_addr; 1158 static const int gpr_offset[16] = { 1159 PT_GPR0, PT_GPR1, PT_ORIGGPR2, PT_GPR3, 1160 PT_GPR4, PT_GPR5, PT_GPR6, PT_GPR7, 1161 PT_GPR8, PT_GPR9, PT_GPR10, PT_GPR11, 1162 PT_GPR12, PT_GPR13, PT_GPR14, PT_GPR15 1163 }; 1164 1165 if (upeek(tcp->pid, PT_PSWADDR, &psw) < 0) 1166 return -1; 1167 errno = 0; 1168 opcode = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)(psw - sizeof(long)), 0); 1169 if (errno) { 1170 perror_msg("peektext(psw-oneword)"); 1171 return -1; 1172 } 1173 1174 /* 1175 * We have to check if the SVC got executed directly or via an 1176 * EXECUTE instruction. In case of EXECUTE it is necessary to do 1177 * instruction decoding to derive the system call number. 1178 * Unfortunately the opcode sizes of EXECUTE and SVC are differently, 1179 * so that this doesn't work if a SVC opcode is part of an EXECUTE 1180 * opcode. Since there is no way to find out the opcode size this 1181 * is the best we can do... 1182 */ 1183 if ((opcode & 0xff00) == 0x0a00) { 1184 /* SVC opcode */ 1185 scno = opcode & 0xff; 1186 } 1187 else { 1188 /* SVC got executed by EXECUTE instruction */ 1189 1190 /* 1191 * Do instruction decoding of EXECUTE. If you really want to 1192 * understand this, read the Principles of Operations. 1193 */ 1194 svc_addr = (void *) (opcode & 0xfff); 1195 1196 tmp = 0; 1197 offset_reg = (opcode & 0x000f0000) >> 16; 1198 if (offset_reg && (upeek(tcp->pid, gpr_offset[offset_reg], &tmp) < 0)) 1199 return -1; 1200 svc_addr += tmp; 1201 1202 tmp = 0; 1203 offset_reg = (opcode & 0x0000f000) >> 12; 1204 if (offset_reg && (upeek(tcp->pid, gpr_offset[offset_reg], &tmp) < 0)) 1205 return -1; 1206 svc_addr += tmp; 1207 1208 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, svc_addr, 0); 1209 if (errno) 1210 return -1; 1211# if defined(S390X) 1212 scno >>= 48; 1213# else 1214 scno >>= 16; 1215# endif 1216 tmp = 0; 1217 offset_reg = (opcode & 0x00f00000) >> 20; 1218 if (offset_reg && (upeek(tcp->pid, gpr_offset[offset_reg], &tmp) < 0)) 1219 return -1; 1220 1221 scno = (scno | tmp) & 0xff; 1222 } 1223 } 1224#elif defined(POWERPC) 1225 scno = ppc_regs.gpr[0]; 1226# ifdef POWERPC64 1227 unsigned int currpers; 1228 1229 /* 1230 * Check for 64/32 bit mode. 1231 * Embedded implementations covered by Book E extension of PPC use 1232 * bit 0 (CM) of 32-bit Machine state register (MSR). 1233 * Other implementations use bit 0 (SF) of 64-bit MSR. 1234 */ 1235 currpers = (ppc_regs.msr & 0x8000000080000000) ? 0 : 1; 1236 update_personality(tcp, currpers); 1237# endif 1238#elif defined(AVR32) 1239 scno = avr32_regs.r8; 1240#elif defined(BFIN) 1241 if (upeek(tcp->pid, PT_ORIG_P0, &scno)) 1242 return -1; 1243#elif defined(I386) 1244 scno = i386_regs.orig_eax; 1245#elif defined(X86_64) || defined(X32) 1246# ifndef __X32_SYSCALL_BIT 1247# define __X32_SYSCALL_BIT 0x40000000 1248# endif 1249 unsigned int currpers; 1250# if 1 1251 /* GETREGSET of NT_PRSTATUS tells us regset size, 1252 * which unambiguously detects i386. 1253 * 1254 * Linux kernel distinguishes x86-64 and x32 processes 1255 * solely by looking at __X32_SYSCALL_BIT: 1256 * arch/x86/include/asm/compat.h::is_x32_task(): 1257 * if (task_pt_regs(current)->orig_ax & __X32_SYSCALL_BIT) 1258 * return true; 1259 */ 1260 if (x86_io.iov_len == sizeof(i386_regs)) { 1261 scno = i386_regs.orig_eax; 1262 currpers = 1; 1263 } else { 1264 scno = x86_64_regs.orig_rax; 1265 currpers = 0; 1266 if (scno & __X32_SYSCALL_BIT) { 1267 /* 1268 * Syscall number -1 requires special treatment: 1269 * it might be a side effect of SECCOMP_RET_ERRNO 1270 * filtering that sets orig_rax to -1 1271 * in some versions of linux kernel. 1272 * If that is the case, then 1273 * __X32_SYSCALL_BIT logic does not apply. 1274 */ 1275 if ((long long) x86_64_regs.orig_rax != -1) { 1276 scno -= __X32_SYSCALL_BIT; 1277 currpers = 2; 1278 } else { 1279# ifdef X32 1280 currpers = 2; 1281# endif 1282 } 1283 } 1284 } 1285# elif 0 1286 /* cs = 0x33 for long mode (native 64 bit and x32) 1287 * cs = 0x23 for compatibility mode (32 bit) 1288 * ds = 0x2b for x32 mode (x86-64 in 32 bit) 1289 */ 1290 scno = x86_64_regs.orig_rax; 1291 switch (x86_64_regs.cs) { 1292 case 0x23: currpers = 1; break; 1293 case 0x33: 1294 if (x86_64_regs.ds == 0x2b) { 1295 currpers = 2; 1296 scno &= ~__X32_SYSCALL_BIT; 1297 } else 1298 currpers = 0; 1299 break; 1300 default: 1301 fprintf(stderr, "Unknown value CS=0x%08X while " 1302 "detecting personality of process " 1303 "PID=%d\n", (int)x86_64_regs.cs, tcp->pid); 1304 currpers = current_personality; 1305 break; 1306 } 1307# elif 0 1308 /* This version analyzes the opcode of a syscall instruction. 1309 * (int 0x80 on i386 vs. syscall on x86-64) 1310 * It works, but is too complicated, and strictly speaking, unreliable. 1311 */ 1312 unsigned long call, rip = x86_64_regs.rip; 1313 /* sizeof(syscall) == sizeof(int 0x80) == 2 */ 1314 rip -= 2; 1315 errno = 0; 1316 call = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)rip, (char *)0); 1317 if (errno) 1318 fprintf(stderr, "ptrace_peektext failed: %s\n", 1319 strerror(errno)); 1320 switch (call & 0xffff) { 1321 /* x86-64: syscall = 0x0f 0x05 */ 1322 case 0x050f: currpers = 0; break; 1323 /* i386: int 0x80 = 0xcd 0x80 */ 1324 case 0x80cd: currpers = 1; break; 1325 default: 1326 currpers = current_personality; 1327 fprintf(stderr, 1328 "Unknown syscall opcode (0x%04X) while " 1329 "detecting personality of process " 1330 "PID=%d\n", (int)call, tcp->pid); 1331 break; 1332 } 1333# endif 1334 1335# ifdef X32 1336 /* If we are built for a x32 system, then personality 0 is x32 1337 * (not x86_64), and stracing of x86_64 apps is not supported. 1338 * Stracing of i386 apps is still supported. 1339 */ 1340 if (currpers == 0) { 1341 fprintf(stderr, "syscall_%lu(...) in unsupported " 1342 "64-bit mode of process PID=%d\n", 1343 scno, tcp->pid); 1344 return 0; 1345 } 1346 currpers &= ~2; /* map 2,1 to 0,1 */ 1347# endif 1348 update_personality(tcp, currpers); 1349#elif defined(IA64) 1350# define IA64_PSR_IS ((long)1 << 34) 1351 long psr; 1352 if (upeek(tcp->pid, PT_CR_IPSR, &psr) >= 0) 1353 ia64_ia32mode = ((psr & IA64_PSR_IS) != 0); 1354 if (ia64_ia32mode) { 1355 if (upeek(tcp->pid, PT_R1, &scno) < 0) 1356 return -1; 1357 } else { 1358 if (upeek(tcp->pid, PT_R15, &scno) < 0) 1359 return -1; 1360 } 1361#elif defined(AARCH64) 1362 switch (aarch64_io.iov_len) { 1363 case sizeof(aarch64_regs): 1364 /* We are in 64-bit mode */ 1365 scno = aarch64_regs.regs[8]; 1366 update_personality(tcp, 1); 1367 break; 1368 case sizeof(arm_regs): 1369 /* We are in 32-bit mode */ 1370 /* Note: we don't support OABI, unlike 32-bit ARM build */ 1371 scno = arm_regs.ARM_r7; 1372 scno = shuffle_scno(scno); 1373 update_personality(tcp, 0); 1374 break; 1375 } 1376#elif defined(ARM) 1377 if (arm_regs.ARM_ip != 0) { 1378 /* It is not a syscall entry */ 1379 fprintf(stderr, "pid %d stray syscall exit\n", tcp->pid); 1380 tcp->flags |= TCB_INSYSCALL; 1381 return 0; 1382 } 1383 /* Note: we support only 32-bit CPUs, not 26-bit */ 1384 1385# if !defined(__ARM_EABI__) || ENABLE_ARM_OABI 1386 if (arm_regs.ARM_cpsr & 0x20) 1387 /* Thumb mode */ 1388 goto scno_in_r7; 1389 /* ARM mode */ 1390 /* Check EABI/OABI by examining SVC insn's low 24 bits */ 1391 errno = 0; 1392 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, (void *)(arm_regs.ARM_pc - 4), NULL); 1393 if (errno) 1394 return -1; 1395 /* EABI syscall convention? */ 1396 if ((unsigned long) scno != 0xef000000) { 1397 /* No, it's OABI */ 1398 if ((scno & 0x0ff00000) != 0x0f900000) { 1399 fprintf(stderr, "pid %d unknown syscall trap 0x%08lx\n", 1400 tcp->pid, scno); 1401 return -1; 1402 } 1403 /* Fixup the syscall number */ 1404 scno &= 0x000fffff; 1405 } else { 1406 scno_in_r7: 1407 scno = arm_regs.ARM_r7; 1408 } 1409# else /* __ARM_EABI__ || !ENABLE_ARM_OABI */ 1410 scno = arm_regs.ARM_r7; 1411# endif 1412 scno = shuffle_scno(scno); 1413#elif defined(M68K) 1414 if (upeek(tcp->pid, 4*PT_ORIG_D0, &scno) < 0) 1415 return -1; 1416#elif defined(LINUX_MIPSN32) 1417 unsigned long long regs[38]; 1418 1419 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0) 1420 return -1; 1421 mips_a3 = regs[REG_A3]; 1422 mips_r2 = regs[REG_V0]; 1423 1424 scno = mips_r2; 1425 if (!SCNO_IN_RANGE(scno)) { 1426 if (mips_a3 == 0 || mips_a3 == -1) { 1427 if (debug_flag) 1428 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno); 1429 return 0; 1430 } 1431 } 1432#elif defined(MIPS) 1433 if (upeek(tcp->pid, REG_A3, &mips_a3) < 0) 1434 return -1; 1435 if (upeek(tcp->pid, REG_V0, &scno) < 0) 1436 return -1; 1437 1438 if (!SCNO_IN_RANGE(scno)) { 1439 if (mips_a3 == 0 || mips_a3 == -1) { 1440 if (debug_flag) 1441 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno); 1442 return 0; 1443 } 1444 } 1445#elif defined(ALPHA) 1446 if (upeek(tcp->pid, REG_A3, &alpha_a3) < 0) 1447 return -1; 1448 if (upeek(tcp->pid, REG_R0, &scno) < 0) 1449 return -1; 1450 1451 /* 1452 * Do some sanity checks to figure out if it's 1453 * really a syscall entry 1454 */ 1455 if (!SCNO_IN_RANGE(scno)) { 1456 if (alpha_a3 == 0 || alpha_a3 == -1) { 1457 if (debug_flag) 1458 fprintf(stderr, "stray syscall exit: r0 = %ld\n", scno); 1459 return 0; 1460 } 1461 } 1462#elif defined(SPARC) || defined(SPARC64) 1463 /* Disassemble the syscall trap. */ 1464 /* Retrieve the syscall trap instruction. */ 1465 unsigned long trap; 1466 errno = 0; 1467# if defined(SPARC64) 1468 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)sparc_regs.tpc, 0); 1469 trap >>= 32; 1470# else 1471 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)sparc_regs.pc, 0); 1472# endif 1473 if (errno) 1474 return -1; 1475 1476 /* Disassemble the trap to see what personality to use. */ 1477 switch (trap) { 1478 case 0x91d02010: 1479 /* Linux/SPARC syscall trap. */ 1480 update_personality(tcp, 0); 1481 break; 1482 case 0x91d0206d: 1483 /* Linux/SPARC64 syscall trap. */ 1484 update_personality(tcp, 2); 1485 break; 1486 case 0x91d02000: 1487 /* SunOS syscall trap. (pers 1) */ 1488 fprintf(stderr, "syscall: SunOS no support\n"); 1489 return -1; 1490 case 0x91d02008: 1491 /* Solaris 2.x syscall trap. (per 2) */ 1492 update_personality(tcp, 1); 1493 break; 1494 case 0x91d02009: 1495 /* NetBSD/FreeBSD syscall trap. */ 1496 fprintf(stderr, "syscall: NetBSD/FreeBSD not supported\n"); 1497 return -1; 1498 case 0x91d02027: 1499 /* Solaris 2.x gettimeofday */ 1500 update_personality(tcp, 1); 1501 break; 1502 default: 1503# if defined(SPARC64) 1504 fprintf(stderr, "syscall: unknown syscall trap %08lx %016lx\n", trap, sparc_regs.tpc); 1505# else 1506 fprintf(stderr, "syscall: unknown syscall trap %08lx %08lx\n", trap, sparc_regs.pc); 1507# endif 1508 return -1; 1509 } 1510 1511 /* Extract the system call number from the registers. */ 1512 if (trap == 0x91d02027) 1513 scno = 156; 1514 else 1515 scno = sparc_regs.u_regs[U_REG_G1]; 1516 if (scno == 0) { 1517 scno = sparc_regs.u_regs[U_REG_O0]; 1518 memmove(&sparc_regs.u_regs[U_REG_O0], &sparc_regs.u_regs[U_REG_O1], 7*sizeof(sparc_regs.u_regs[0])); 1519 } 1520#elif defined(HPPA) 1521 if (upeek(tcp->pid, PT_GR20, &scno) < 0) 1522 return -1; 1523#elif defined(SH) 1524 /* 1525 * In the new syscall ABI, the system call number is in R3. 1526 */ 1527 if (upeek(tcp->pid, 4*(REG_REG0+3), &scno) < 0) 1528 return -1; 1529 1530 if (scno < 0) { 1531 /* Odd as it may seem, a glibc bug has been known to cause 1532 glibc to issue bogus negative syscall numbers. So for 1533 our purposes, make strace print what it *should* have been */ 1534 long correct_scno = (scno & 0xff); 1535 if (debug_flag) 1536 fprintf(stderr, 1537 "Detected glibc bug: bogus system call" 1538 " number = %ld, correcting to %ld\n", 1539 scno, 1540 correct_scno); 1541 scno = correct_scno; 1542 } 1543#elif defined(SH64) 1544 if (upeek(tcp->pid, REG_SYSCALL, &scno) < 0) 1545 return -1; 1546 scno &= 0xFFFF; 1547#elif defined(CRISV10) || defined(CRISV32) 1548 if (upeek(tcp->pid, 4*PT_R9, &scno) < 0) 1549 return -1; 1550#elif defined(TILE) 1551 unsigned int currpers; 1552 scno = tile_regs.regs[10]; 1553# ifdef __tilepro__ 1554 currpers = 1; 1555# else 1556# ifndef PT_FLAGS_COMPAT 1557# define PT_FLAGS_COMPAT 0x10000 /* from Linux 3.8 on */ 1558# endif 1559 if (tile_regs.flags & PT_FLAGS_COMPAT) 1560 currpers = 1; 1561 else 1562 currpers = 0; 1563# endif 1564 update_personality(tcp, currpers); 1565#elif defined(MICROBLAZE) 1566 if (upeek(tcp->pid, 0, &scno) < 0) 1567 return -1; 1568#elif defined(OR1K) 1569 scno = or1k_regs.gpr[11]; 1570#elif defined(METAG) 1571 scno = metag_regs.dx[0][1]; /* syscall number in D1Re0 (D1.0) */ 1572#elif defined(XTENSA) 1573 if (upeek(tcp->pid, SYSCALL_NR, &scno) < 0) 1574 return -1; 1575# elif defined(ARC) 1576 scno = arc_regs.scratch.r8; 1577#endif 1578 1579 tcp->scno = scno; 1580 if (SCNO_IS_VALID(tcp->scno)) { 1581 tcp->s_ent = &sysent[scno]; 1582 tcp->qual_flg = qual_flags[scno]; 1583 } else { 1584 static const struct_sysent unknown = { 1585 .nargs = MAX_ARGS, 1586 .sys_flags = 0, 1587 .sys_func = printargs, 1588 .sys_name = "unknown", /* not used */ 1589 }; 1590 tcp->s_ent = &unknown; 1591 tcp->qual_flg = UNDEFINED_SCNO | QUAL_RAW | DEFAULT_QUAL_FLAGS; 1592 } 1593 return 1; 1594} 1595 1596/* Called at each syscall entry. 1597 * Returns: 1598 * 0: "ignore this ptrace stop", bail out of trace_syscall_entering() silently. 1599 * 1: ok, continue in trace_syscall_entering(). 1600 * other: error, trace_syscall_entering() should print error indicator 1601 * ("????" etc) and bail out. 1602 */ 1603static int 1604syscall_fixup_on_sysenter(struct tcb *tcp) 1605{ 1606 /* A common case of "not a syscall entry" is post-execve SIGTRAP */ 1607#if defined(I386) 1608 /* 1609 * Syscall number -1 requires special treatment. 1610 * On X86, it might be a side effect of SECCOMP_RET_ERRNO filtering 1611 * that sets orig_eax to -1 in some versions of linux kernel. 1612 */ 1613 if (i386_regs.orig_eax != -1 && 1614 i386_regs.eax != -ENOSYS) { 1615 if (debug_flag) 1616 fprintf(stderr, 1617 "not a syscall entry (eax = %ld, orig_eax = %ld)\n", 1618 i386_regs.eax, i386_regs.orig_eax); 1619 return 0; 1620 } 1621#elif defined(X86_64) || defined(X32) 1622 /* 1623 * Syscall number -1 requires special treatment. 1624 * On X86_64/X32, it might be a side effect of SECCOMP_RET_ERRNO 1625 * filtering that sets orig_rax to -1 in some versions of linux kernel. 1626 */ 1627 if (x86_io.iov_len == sizeof(i386_regs)) { 1628 if ((int) i386_regs.orig_eax != -1 && 1629 (int) i386_regs.eax != -ENOSYS) { 1630 if (debug_flag) 1631 fprintf(stderr, 1632 "not a syscall entry (eax = %d, orig_eax = %d)\n", 1633 (int) i386_regs.eax, 1634 (int) i386_regs.orig_eax); 1635 return 0; 1636 } 1637 } else { 1638 if ((long long) x86_64_regs.orig_rax != -1 && 1639 (long long) x86_64_regs.rax != -ENOSYS) { 1640 if (debug_flag) 1641 fprintf(stderr, 1642 "not a syscall entry (rax = %lld, orig_rax = %lld)\n", 1643 (long long) x86_64_regs.rax, 1644 (long long) x86_64_regs.orig_rax); 1645 return 0; 1646 } 1647 } 1648#elif defined(M68K) 1649 /* TODO? Eliminate upeek's in arches below like we did in x86 */ 1650 if (upeek(tcp->pid, 4*PT_D0, &m68k_d0) < 0) 1651 return -1; 1652 if (m68k_d0 != -ENOSYS) { 1653 if (debug_flag) 1654 fprintf(stderr, "not a syscall entry (d0 = %ld)\n", m68k_d0); 1655 return 0; 1656 } 1657#elif defined(IA64) 1658 if (upeek(tcp->pid, PT_R10, &ia64_r10) < 0) 1659 return -1; 1660 if (upeek(tcp->pid, PT_R8, &ia64_r8) < 0) 1661 return -1; 1662 if (ia64_ia32mode && ia64_r8 != -ENOSYS) { 1663 if (debug_flag) 1664 fprintf(stderr, "not a syscall entry (r8 = %ld)\n", ia64_r8); 1665 return 0; 1666 } 1667#elif defined(CRISV10) || defined(CRISV32) 1668 if (upeek(tcp->pid, 4*PT_R10, &cris_r10) < 0) 1669 return -1; 1670 if (cris_r10 != -ENOSYS) { 1671 if (debug_flag) 1672 fprintf(stderr, "not a syscall entry (r10 = %ld)\n", cris_r10); 1673 return 0; 1674 } 1675#elif defined(MICROBLAZE) 1676 if (upeek(tcp->pid, 3 * 4, µblaze_r3) < 0) 1677 return -1; 1678 if (microblaze_r3 != -ENOSYS) { 1679 if (debug_flag) 1680 fprintf(stderr, "not a syscall entry (r3 = %ld)\n", microblaze_r3); 1681 return 0; 1682 } 1683#endif 1684 return 1; 1685} 1686 1687static void 1688internal_fork(struct tcb *tcp) 1689{ 1690#if defined S390 || defined S390X || defined CRISV10 || defined CRISV32 1691# define ARG_FLAGS 1 1692#else 1693# define ARG_FLAGS 0 1694#endif 1695#ifndef CLONE_UNTRACED 1696# define CLONE_UNTRACED 0x00800000 1697#endif 1698 if ((ptrace_setoptions 1699 & (PTRACE_O_TRACECLONE | PTRACE_O_TRACEFORK | PTRACE_O_TRACEVFORK)) 1700 == (PTRACE_O_TRACECLONE | PTRACE_O_TRACEFORK | PTRACE_O_TRACEVFORK)) 1701 return; 1702 1703 if (!followfork) 1704 return; 1705 1706 if (entering(tcp)) { 1707 /* 1708 * We won't see the new child if clone is called with 1709 * CLONE_UNTRACED, so we keep the same logic with that option 1710 * and don't trace it. 1711 */ 1712 if ((tcp->s_ent->sys_func == sys_clone) 1713 && (tcp->u_arg[ARG_FLAGS] & CLONE_UNTRACED) 1714 ) 1715 return; 1716 setbpt(tcp); 1717 } else { 1718 if (tcp->flags & TCB_BPTSET) 1719 clearbpt(tcp); 1720 } 1721} 1722 1723#if defined(TCB_WAITEXECVE) 1724static void 1725internal_exec(struct tcb *tcp) 1726{ 1727 /* Maybe we have post-execve SIGTRAP suppressed? */ 1728 if (ptrace_setoptions & PTRACE_O_TRACEEXEC) 1729 return; /* yes, no need to do anything */ 1730 1731 if (exiting(tcp) && syserror(tcp)) 1732 /* Error in execve, no post-execve SIGTRAP expected */ 1733 tcp->flags &= ~TCB_WAITEXECVE; 1734 else 1735 tcp->flags |= TCB_WAITEXECVE; 1736} 1737#endif 1738 1739static void 1740syscall_fixup_for_fork_exec(struct tcb *tcp) 1741{ 1742 /* 1743 * We must always trace a few critical system calls in order to 1744 * correctly support following forks in the presence of tracing 1745 * qualifiers. 1746 */ 1747 int (*func)(); 1748 1749 func = tcp->s_ent->sys_func; 1750 1751 if ( sys_fork == func 1752 || sys_clone == func 1753 ) { 1754 internal_fork(tcp); 1755 return; 1756 } 1757 1758#if defined(TCB_WAITEXECVE) 1759 if ( sys_execve == func 1760# if defined(SPARC) || defined(SPARC64) 1761 || sys_execv == func 1762# endif 1763 ) { 1764 internal_exec(tcp); 1765 return; 1766 } 1767#endif 1768} 1769 1770/* Return -1 on error or 1 on success (never 0!) */ 1771static int 1772get_syscall_args(struct tcb *tcp) 1773{ 1774 int i, nargs; 1775 1776 nargs = tcp->s_ent->nargs; 1777 1778#if defined(S390) || defined(S390X) 1779 for (i = 0; i < nargs; ++i) 1780 if (upeek(tcp->pid, i==0 ? PT_ORIGGPR2 : PT_GPR2 + i*sizeof(long), &tcp->u_arg[i]) < 0) 1781 return -1; 1782#elif defined(ALPHA) 1783 for (i = 0; i < nargs; ++i) 1784 if (upeek(tcp->pid, REG_A0+i, &tcp->u_arg[i]) < 0) 1785 return -1; 1786#elif defined(IA64) 1787 if (!ia64_ia32mode) { 1788 unsigned long *out0, cfm, sof, sol; 1789 long rbs_end; 1790 /* be backwards compatible with kernel < 2.4.4... */ 1791# ifndef PT_RBS_END 1792# define PT_RBS_END PT_AR_BSP 1793# endif 1794 1795 if (upeek(tcp->pid, PT_RBS_END, &rbs_end) < 0) 1796 return -1; 1797 if (upeek(tcp->pid, PT_CFM, (long *) &cfm) < 0) 1798 return -1; 1799 1800 sof = (cfm >> 0) & 0x7f; 1801 sol = (cfm >> 7) & 0x7f; 1802 out0 = ia64_rse_skip_regs((unsigned long *) rbs_end, -sof + sol); 1803 1804 for (i = 0; i < nargs; ++i) { 1805 if (umoven(tcp, (unsigned long) ia64_rse_skip_regs(out0, i), 1806 sizeof(long), (char *) &tcp->u_arg[i]) < 0) 1807 return -1; 1808 } 1809 } else { 1810 static const int argreg[MAX_ARGS] = { PT_R11 /* EBX = out0 */, 1811 PT_R9 /* ECX = out1 */, 1812 PT_R10 /* EDX = out2 */, 1813 PT_R14 /* ESI = out3 */, 1814 PT_R15 /* EDI = out4 */, 1815 PT_R13 /* EBP = out5 */}; 1816 1817 for (i = 0; i < nargs; ++i) { 1818 if (upeek(tcp->pid, argreg[i], &tcp->u_arg[i]) < 0) 1819 return -1; 1820 /* truncate away IVE sign-extension */ 1821 tcp->u_arg[i] &= 0xffffffff; 1822 } 1823 } 1824#elif defined(LINUX_MIPSN32) || defined(LINUX_MIPSN64) 1825 /* N32 and N64 both use up to six registers. */ 1826 unsigned long long regs[38]; 1827 1828 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0) 1829 return -1; 1830 1831 for (i = 0; i < nargs; ++i) { 1832 tcp->u_arg[i] = regs[REG_A0 + i]; 1833# if defined(LINUX_MIPSN32) 1834 tcp->ext_arg[i] = regs[REG_A0 + i]; 1835# endif 1836 } 1837#elif defined(MIPS) 1838 if (nargs > 4) { 1839 long sp; 1840 1841 if (upeek(tcp->pid, REG_SP, &sp) < 0) 1842 return -1; 1843 for (i = 0; i < 4; ++i) 1844 if (upeek(tcp->pid, REG_A0 + i, &tcp->u_arg[i]) < 0) 1845 return -1; 1846 umoven(tcp, sp + 16, (nargs - 4) * sizeof(tcp->u_arg[0]), 1847 (char *)(tcp->u_arg + 4)); 1848 } else { 1849 for (i = 0; i < nargs; ++i) 1850 if (upeek(tcp->pid, REG_A0 + i, &tcp->u_arg[i]) < 0) 1851 return -1; 1852 } 1853#elif defined(POWERPC) 1854 (void)i; 1855 (void)nargs; 1856 tcp->u_arg[0] = ppc_regs.orig_gpr3; 1857 tcp->u_arg[1] = ppc_regs.gpr[4]; 1858 tcp->u_arg[2] = ppc_regs.gpr[5]; 1859 tcp->u_arg[3] = ppc_regs.gpr[6]; 1860 tcp->u_arg[4] = ppc_regs.gpr[7]; 1861 tcp->u_arg[5] = ppc_regs.gpr[8]; 1862#elif defined(SPARC) || defined(SPARC64) 1863 for (i = 0; i < nargs; ++i) 1864 tcp->u_arg[i] = sparc_regs.u_regs[U_REG_O0 + i]; 1865#elif defined(HPPA) 1866 for (i = 0; i < nargs; ++i) 1867 if (upeek(tcp->pid, PT_GR26-4*i, &tcp->u_arg[i]) < 0) 1868 return -1; 1869#elif defined(ARM) || defined(AARCH64) 1870# if defined(AARCH64) 1871 if (tcp->currpers == 1) 1872 for (i = 0; i < nargs; ++i) 1873 tcp->u_arg[i] = aarch64_regs.regs[i]; 1874 else 1875# endif 1876 for (i = 0; i < nargs; ++i) 1877 tcp->u_arg[i] = arm_regs.uregs[i]; 1878#elif defined(AVR32) 1879 (void)i; 1880 (void)nargs; 1881 tcp->u_arg[0] = avr32_regs.r12; 1882 tcp->u_arg[1] = avr32_regs.r11; 1883 tcp->u_arg[2] = avr32_regs.r10; 1884 tcp->u_arg[3] = avr32_regs.r9; 1885 tcp->u_arg[4] = avr32_regs.r5; 1886 tcp->u_arg[5] = avr32_regs.r3; 1887#elif defined(BFIN) 1888 static const int argreg[MAX_ARGS] = { PT_R0, PT_R1, PT_R2, PT_R3, PT_R4, PT_R5 }; 1889 1890 for (i = 0; i < nargs; ++i) 1891 if (upeek(tcp->pid, argreg[i], &tcp->u_arg[i]) < 0) 1892 return -1; 1893#elif defined(SH) 1894 static const int syscall_regs[MAX_ARGS] = { 1895 4 * (REG_REG0+4), 4 * (REG_REG0+5), 4 * (REG_REG0+6), 1896 4 * (REG_REG0+7), 4 * (REG_REG0 ), 4 * (REG_REG0+1) 1897 }; 1898 1899 for (i = 0; i < nargs; ++i) 1900 if (upeek(tcp->pid, syscall_regs[i], &tcp->u_arg[i]) < 0) 1901 return -1; 1902#elif defined(SH64) 1903 int i; 1904 /* Registers used by SH5 Linux system calls for parameters */ 1905 static const int syscall_regs[MAX_ARGS] = { 2, 3, 4, 5, 6, 7 }; 1906 1907 for (i = 0; i < nargs; ++i) 1908 if (upeek(tcp->pid, REG_GENERAL(syscall_regs[i]), &tcp->u_arg[i]) < 0) 1909 return -1; 1910#elif defined(I386) 1911 (void)i; 1912 (void)nargs; 1913 tcp->u_arg[0] = i386_regs.ebx; 1914 tcp->u_arg[1] = i386_regs.ecx; 1915 tcp->u_arg[2] = i386_regs.edx; 1916 tcp->u_arg[3] = i386_regs.esi; 1917 tcp->u_arg[4] = i386_regs.edi; 1918 tcp->u_arg[5] = i386_regs.ebp; 1919#elif defined(X86_64) || defined(X32) 1920 (void)i; 1921 (void)nargs; 1922 if (x86_io.iov_len != sizeof(i386_regs)) { 1923 /* x86-64 or x32 ABI */ 1924 tcp->u_arg[0] = x86_64_regs.rdi; 1925 tcp->u_arg[1] = x86_64_regs.rsi; 1926 tcp->u_arg[2] = x86_64_regs.rdx; 1927 tcp->u_arg[3] = x86_64_regs.r10; 1928 tcp->u_arg[4] = x86_64_regs.r8; 1929 tcp->u_arg[5] = x86_64_regs.r9; 1930# ifdef X32 1931 tcp->ext_arg[0] = x86_64_regs.rdi; 1932 tcp->ext_arg[1] = x86_64_regs.rsi; 1933 tcp->ext_arg[2] = x86_64_regs.rdx; 1934 tcp->ext_arg[3] = x86_64_regs.r10; 1935 tcp->ext_arg[4] = x86_64_regs.r8; 1936 tcp->ext_arg[5] = x86_64_regs.r9; 1937# endif 1938 } else { 1939 /* i386 ABI */ 1940 /* Zero-extend from 32 bits */ 1941 /* Use widen_to_long(tcp->u_arg[N]) in syscall handlers 1942 * if you need to use *sign-extended* parameter. 1943 */ 1944 tcp->u_arg[0] = (long)(uint32_t)i386_regs.ebx; 1945 tcp->u_arg[1] = (long)(uint32_t)i386_regs.ecx; 1946 tcp->u_arg[2] = (long)(uint32_t)i386_regs.edx; 1947 tcp->u_arg[3] = (long)(uint32_t)i386_regs.esi; 1948 tcp->u_arg[4] = (long)(uint32_t)i386_regs.edi; 1949 tcp->u_arg[5] = (long)(uint32_t)i386_regs.ebp; 1950 } 1951#elif defined(MICROBLAZE) 1952 for (i = 0; i < nargs; ++i) 1953 if (upeek(tcp->pid, (5 + i) * 4, &tcp->u_arg[i]) < 0) 1954 return -1; 1955#elif defined(CRISV10) || defined(CRISV32) 1956 static const int crisregs[MAX_ARGS] = { 1957 4*PT_ORIG_R10, 4*PT_R11, 4*PT_R12, 1958 4*PT_R13 , 4*PT_MOF, 4*PT_SRP 1959 }; 1960 1961 for (i = 0; i < nargs; ++i) 1962 if (upeek(tcp->pid, crisregs[i], &tcp->u_arg[i]) < 0) 1963 return -1; 1964#elif defined(TILE) 1965 for (i = 0; i < nargs; ++i) 1966 tcp->u_arg[i] = tile_regs.regs[i]; 1967#elif defined(M68K) 1968 for (i = 0; i < nargs; ++i) 1969 if (upeek(tcp->pid, (i < 5 ? i : i + 2)*4, &tcp->u_arg[i]) < 0) 1970 return -1; 1971#elif defined(OR1K) 1972 (void)nargs; 1973 for (i = 0; i < 6; ++i) 1974 tcp->u_arg[i] = or1k_regs.gpr[3 + i]; 1975#elif defined(METAG) 1976 for (i = 0; i < nargs; i++) 1977 /* arguments go backwards from D1Ar1 (D1.3) */ 1978 tcp->u_arg[i] = ((unsigned long *)&metag_regs.dx[3][1])[-i]; 1979#elif defined(XTENSA) 1980 /* arg0: a6, arg1: a3, arg2: a4, arg3: a5, arg4: a8, arg5: a9 */ 1981 static const int xtensaregs[MAX_ARGS] = { 6, 3, 4, 5, 8, 9 }; 1982 for (i = 0; i < nargs; ++i) 1983 if (upeek(tcp->pid, REG_A_BASE + xtensaregs[i], &tcp->u_arg[i]) < 0) 1984 return -1; 1985# elif defined(ARC) 1986 long *arc_args = &arc_regs.scratch.r0; 1987 for (i = 0; i < nargs; ++i) 1988 tcp->u_arg[i] = *arc_args--; 1989 1990#else /* Other architecture (32bits specific) */ 1991 for (i = 0; i < nargs; ++i) 1992 if (upeek(tcp->pid, i*4, &tcp->u_arg[i]) < 0) 1993 return -1; 1994#endif 1995 return 1; 1996} 1997 1998static int 1999trace_syscall_entering(struct tcb *tcp) 2000{ 2001 int res, scno_good; 2002 2003#if defined TCB_WAITEXECVE 2004 if (tcp->flags & TCB_WAITEXECVE) { 2005 /* This is the post-execve SIGTRAP. */ 2006 tcp->flags &= ~TCB_WAITEXECVE; 2007 return 0; 2008 } 2009#endif 2010 2011 scno_good = res = (get_regs_error ? -1 : get_scno(tcp)); 2012 if (res == 0) 2013 return res; 2014 if (res == 1) { 2015 res = syscall_fixup_on_sysenter(tcp); 2016 if (res == 0) 2017 return res; 2018 if (res == 1) 2019 res = get_syscall_args(tcp); 2020 } 2021 2022 if (res != 1) { 2023 printleader(tcp); 2024 if (scno_good != 1) 2025 tprints("????" /* anti-trigraph gap */ "("); 2026 else if (tcp->qual_flg & UNDEFINED_SCNO) 2027 tprintf("%s(", undefined_scno_name(tcp)); 2028 else 2029 tprintf("%s(", tcp->s_ent->sys_name); 2030 /* 2031 * " <unavailable>" will be added later by the code which 2032 * detects ptrace errors. 2033 */ 2034 goto ret; 2035 } 2036 2037 if ( sys_execve == tcp->s_ent->sys_func 2038# if defined(SPARC) || defined(SPARC64) 2039 || sys_execv == tcp->s_ent->sys_func 2040# endif 2041 ) { 2042 hide_log_until_execve = 0; 2043 } 2044 2045#if defined(SYS_socket_subcall) || defined(SYS_ipc_subcall) 2046 while (1) { 2047# ifdef SYS_socket_subcall 2048 if (tcp->s_ent->sys_func == sys_socketcall) { 2049 decode_socket_subcall(tcp); 2050 break; 2051 } 2052# endif 2053# ifdef SYS_ipc_subcall 2054 if (tcp->s_ent->sys_func == sys_ipc) { 2055 decode_ipc_subcall(tcp); 2056 break; 2057 } 2058# endif 2059 break; 2060 } 2061#endif 2062 2063 if (need_fork_exec_workarounds) 2064 syscall_fixup_for_fork_exec(tcp); 2065 2066 if (!(tcp->qual_flg & QUAL_TRACE) 2067 || (tracing_paths && !pathtrace_match(tcp)) 2068 ) { 2069 tcp->flags |= TCB_INSYSCALL | TCB_FILTERED; 2070 return 0; 2071 } 2072 2073 tcp->flags &= ~TCB_FILTERED; 2074 2075 if (cflag == CFLAG_ONLY_STATS || hide_log_until_execve) { 2076 res = 0; 2077 goto ret; 2078 } 2079 2080#ifdef USE_LIBUNWIND 2081 if (stack_trace_enabled) { 2082 if (tcp->s_ent->sys_flags & STACKTRACE_CAPTURE_ON_ENTER) 2083 unwind_capture_stacktrace(tcp); 2084 } 2085#endif 2086 2087 printleader(tcp); 2088 if (tcp->qual_flg & UNDEFINED_SCNO) 2089 tprintf("%s(", undefined_scno_name(tcp)); 2090 else 2091 tprintf("%s(", tcp->s_ent->sys_name); 2092 if ((tcp->qual_flg & QUAL_RAW) && tcp->s_ent->sys_func != sys_exit) 2093 res = printargs(tcp); 2094 else 2095 res = tcp->s_ent->sys_func(tcp); 2096 2097 fflush(tcp->outf); 2098 ret: 2099 tcp->flags |= TCB_INSYSCALL; 2100 /* Measure the entrance time as late as possible to avoid errors. */ 2101 if (Tflag || cflag) 2102 gettimeofday(&tcp->etime, NULL); 2103 return res; 2104} 2105 2106/* Returns: 2107 * 1: ok, continue in trace_syscall_exiting(). 2108 * -1: error, trace_syscall_exiting() should print error indicator 2109 * ("????" etc) and bail out. 2110 */ 2111static int 2112get_syscall_result(struct tcb *tcp) 2113{ 2114#if defined(S390) || defined(S390X) 2115 if (upeek(tcp->pid, PT_GPR2, &s390_gpr2) < 0) 2116 return -1; 2117#elif defined(POWERPC) 2118 /* already done by get_regs */ 2119#elif defined(AVR32) 2120 /* already done by get_regs */ 2121#elif defined(BFIN) 2122 if (upeek(tcp->pid, PT_R0, &bfin_r0) < 0) 2123 return -1; 2124#elif defined(I386) 2125 /* already done by get_regs */ 2126#elif defined(X86_64) || defined(X32) 2127 /* already done by get_regs */ 2128#elif defined(IA64) 2129# define IA64_PSR_IS ((long)1 << 34) 2130 long psr; 2131 if (upeek(tcp->pid, PT_CR_IPSR, &psr) >= 0) 2132 ia64_ia32mode = ((psr & IA64_PSR_IS) != 0); 2133 if (upeek(tcp->pid, PT_R8, &ia64_r8) < 0) 2134 return -1; 2135 if (upeek(tcp->pid, PT_R10, &ia64_r10) < 0) 2136 return -1; 2137#elif defined(ARM) 2138 /* already done by get_regs */ 2139#elif defined(AARCH64) 2140 /* register reading already done by get_regs */ 2141 2142 /* Used to do this, but we did it on syscall entry already: */ 2143 /* We are in 64-bit mode (personality 1) if register struct is aarch64_regs, 2144 * else it's personality 0. 2145 */ 2146 /*update_personality(tcp, aarch64_io.iov_len == sizeof(aarch64_regs));*/ 2147#elif defined(M68K) 2148 if (upeek(tcp->pid, 4*PT_D0, &m68k_d0) < 0) 2149 return -1; 2150#elif defined(LINUX_MIPSN32) 2151 unsigned long long regs[38]; 2152 2153 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0) 2154 return -1; 2155 mips_a3 = regs[REG_A3]; 2156 mips_r2 = regs[REG_V0]; 2157#elif defined(MIPS) 2158 if (upeek(tcp->pid, REG_A3, &mips_a3) < 0) 2159 return -1; 2160 if (upeek(tcp->pid, REG_V0, &mips_r2) < 0) 2161 return -1; 2162#elif defined(ALPHA) 2163 if (upeek(tcp->pid, REG_A3, &alpha_a3) < 0) 2164 return -1; 2165 if (upeek(tcp->pid, REG_R0, &alpha_r0) < 0) 2166 return -1; 2167#elif defined(SPARC) || defined(SPARC64) 2168 /* already done by get_regs */ 2169#elif defined(HPPA) 2170 if (upeek(tcp->pid, PT_GR28, &hppa_r28) < 0) 2171 return -1; 2172#elif defined(SH) 2173 /* new syscall ABI returns result in R0 */ 2174 if (upeek(tcp->pid, 4*REG_REG0, (long *)&sh_r0) < 0) 2175 return -1; 2176#elif defined(SH64) 2177 /* ABI defines result returned in r9 */ 2178 if (upeek(tcp->pid, REG_GENERAL(9), (long *)&sh64_r9) < 0) 2179 return -1; 2180#elif defined(CRISV10) || defined(CRISV32) 2181 if (upeek(tcp->pid, 4*PT_R10, &cris_r10) < 0) 2182 return -1; 2183#elif defined(TILE) 2184 /* already done by get_regs */ 2185#elif defined(MICROBLAZE) 2186 if (upeek(tcp->pid, 3 * 4, µblaze_r3) < 0) 2187 return -1; 2188#elif defined(OR1K) 2189 /* already done by get_regs */ 2190#elif defined(METAG) 2191 /* already done by get_regs */ 2192#elif defined(XTENSA) 2193 if (upeek(tcp->pid, REG_A_BASE + 2, &xtensa_a2) < 0) 2194 return -1; 2195#elif defined(ARC) 2196 /* already done by get_regs */ 2197#endif 2198 return 1; 2199} 2200 2201/* Called at each syscall exit */ 2202static void 2203syscall_fixup_on_sysexit(struct tcb *tcp) 2204{ 2205#if defined(S390) || defined(S390X) 2206 if ((tcp->flags & TCB_WAITEXECVE) 2207 && (s390_gpr2 == -ENOSYS || s390_gpr2 == tcp->scno)) { 2208 /* 2209 * Return from execve. 2210 * Fake a return value of zero. We leave the TCB_WAITEXECVE 2211 * flag set for the post-execve SIGTRAP to see and reset. 2212 */ 2213 s390_gpr2 = 0; 2214 } 2215#endif 2216} 2217 2218/* 2219 * Check the syscall return value register value for whether it is 2220 * a negated errno code indicating an error, or a success return value. 2221 */ 2222#ifndef X32 2223static inline int 2224is_negated_errno(unsigned long int val) 2225{ 2226 unsigned long int max = -(long int) nerrnos; 2227#if SUPPORTED_PERSONALITIES > 1 && SIZEOF_LONG > 4 2228 if (current_wordsize < sizeof(val)) { 2229 val = (unsigned int) val; 2230 max = (unsigned int) max; 2231 } 2232#endif 2233 return val > max; 2234} 2235 2236#else /* X32 */ 2237 2238static inline int 2239is_negated_errno(unsigned long long val) 2240{ 2241 unsigned long long max = -(long long) nerrnos; 2242 /* 2243 * current_wordsize is 4 even in personality 0 (native X32) 2244 * but truncation _must not_ be done in it. 2245 * can't check current_wordsize here! 2246 */ 2247 if (current_personality != 0) { 2248 val = (uint32_t) val; 2249 max = (uint32_t) max; 2250 } 2251 return val > max; 2252} 2253#endif /* X32 */ 2254 2255/* Returns: 2256 * 1: ok, continue in trace_syscall_exiting(). 2257 * -1: error, trace_syscall_exiting() should print error indicator 2258 * ("????" etc) and bail out. 2259 */ 2260static void 2261get_error(struct tcb *tcp) 2262{ 2263 int u_error = 0; 2264 int check_errno = 1; 2265 if (tcp->s_ent->sys_flags & SYSCALL_NEVER_FAILS) { 2266 check_errno = 0; 2267 } 2268#if defined(S390) || defined(S390X) 2269 if (check_errno && is_negated_errno(s390_gpr2)) { 2270 tcp->u_rval = -1; 2271 u_error = -s390_gpr2; 2272 } 2273 else { 2274 tcp->u_rval = s390_gpr2; 2275 } 2276#elif defined(I386) 2277 if (check_errno && is_negated_errno(i386_regs.eax)) { 2278 tcp->u_rval = -1; 2279 u_error = -i386_regs.eax; 2280 } 2281 else { 2282 tcp->u_rval = i386_regs.eax; 2283 } 2284#elif defined(X86_64) 2285 long rax; 2286 if (x86_io.iov_len == sizeof(i386_regs)) { 2287 /* Sign extend from 32 bits */ 2288 rax = (int32_t)i386_regs.eax; 2289 } else { 2290 rax = x86_64_regs.rax; 2291 } 2292 if (check_errno && is_negated_errno(rax)) { 2293 tcp->u_rval = -1; 2294 u_error = -rax; 2295 } 2296 else { 2297 tcp->u_rval = rax; 2298 } 2299#elif defined(X32) 2300 /* In X32, return value is 64-bit (llseek uses one). 2301 * Using merely "long rax" would not work. 2302 */ 2303 long long rax; 2304 if (x86_io.iov_len == sizeof(i386_regs)) { 2305 /* Sign extend from 32 bits */ 2306 rax = (int32_t)i386_regs.eax; 2307 } else { 2308 rax = x86_64_regs.rax; 2309 } 2310 if (check_errno && is_negated_errno(rax)) { 2311 tcp->u_rval = -1; 2312 u_error = -rax; 2313 } 2314 else { 2315 tcp->u_rval = rax; /* truncating */ 2316 tcp->u_lrval = rax; 2317 } 2318#elif defined(IA64) 2319 if (ia64_ia32mode) { 2320 int err; 2321 2322 err = (int)ia64_r8; 2323 if (check_errno && is_negated_errno(err)) { 2324 tcp->u_rval = -1; 2325 u_error = -err; 2326 } 2327 else { 2328 tcp->u_rval = err; 2329 } 2330 } else { 2331 if (check_errno && ia64_r10) { 2332 tcp->u_rval = -1; 2333 u_error = ia64_r8; 2334 } else { 2335 tcp->u_rval = ia64_r8; 2336 } 2337 } 2338#elif defined(MIPS) 2339 if (check_errno && mips_a3) { 2340 tcp->u_rval = -1; 2341 u_error = mips_r2; 2342 } else { 2343 tcp->u_rval = mips_r2; 2344# if defined(LINUX_MIPSN32) 2345 tcp->u_lrval = mips_r2; 2346# endif 2347 } 2348#elif defined(POWERPC) 2349 if (check_errno && (ppc_regs.ccr & 0x10000000)) { 2350 tcp->u_rval = -1; 2351 u_error = ppc_regs.gpr[3]; 2352 } 2353 else { 2354 tcp->u_rval = ppc_regs.gpr[3]; 2355 } 2356#elif defined(M68K) 2357 if (check_errno && is_negated_errno(m68k_d0)) { 2358 tcp->u_rval = -1; 2359 u_error = -m68k_d0; 2360 } 2361 else { 2362 tcp->u_rval = m68k_d0; 2363 } 2364#elif defined(ARM) || defined(AARCH64) 2365# if defined(AARCH64) 2366 if (tcp->currpers == 1) { 2367 if (check_errno && is_negated_errno(aarch64_regs.regs[0])) { 2368 tcp->u_rval = -1; 2369 u_error = -aarch64_regs.regs[0]; 2370 } 2371 else { 2372 tcp->u_rval = aarch64_regs.regs[0]; 2373 } 2374 } 2375 else 2376# endif 2377 { 2378 if (check_errno && is_negated_errno(arm_regs.ARM_r0)) { 2379 tcp->u_rval = -1; 2380 u_error = -arm_regs.ARM_r0; 2381 } 2382 else { 2383 tcp->u_rval = arm_regs.ARM_r0; 2384 } 2385 } 2386#elif defined(AVR32) 2387 if (check_errno && avr32_regs.r12 && (unsigned) -avr32_regs.r12 < nerrnos) { 2388 tcp->u_rval = -1; 2389 u_error = -avr32_regs.r12; 2390 } 2391 else { 2392 tcp->u_rval = avr32_regs.r12; 2393 } 2394#elif defined(BFIN) 2395 if (check_errno && is_negated_errno(bfin_r0)) { 2396 tcp->u_rval = -1; 2397 u_error = -bfin_r0; 2398 } else { 2399 tcp->u_rval = bfin_r0; 2400 } 2401#elif defined(ALPHA) 2402 if (check_errno && alpha_a3) { 2403 tcp->u_rval = -1; 2404 u_error = alpha_r0; 2405 } 2406 else { 2407 tcp->u_rval = alpha_r0; 2408 } 2409#elif defined(SPARC) 2410 if (check_errno && sparc_regs.psr & PSR_C) { 2411 tcp->u_rval = -1; 2412 u_error = sparc_regs.u_regs[U_REG_O0]; 2413 } 2414 else { 2415 tcp->u_rval = sparc_regs.u_regs[U_REG_O0]; 2416 } 2417#elif defined(SPARC64) 2418 if (check_errno && sparc_regs.tstate & 0x1100000000UL) { 2419 tcp->u_rval = -1; 2420 u_error = sparc_regs.u_regs[U_REG_O0]; 2421 } 2422 else { 2423 tcp->u_rval = sparc_regs.u_regs[U_REG_O0]; 2424 } 2425#elif defined(HPPA) 2426 if (check_errno && is_negated_errno(hppa_r28)) { 2427 tcp->u_rval = -1; 2428 u_error = -hppa_r28; 2429 } 2430 else { 2431 tcp->u_rval = hppa_r28; 2432 } 2433#elif defined(SH) 2434 if (check_errno && is_negated_errno(sh_r0)) { 2435 tcp->u_rval = -1; 2436 u_error = -sh_r0; 2437 } 2438 else { 2439 tcp->u_rval = sh_r0; 2440 } 2441#elif defined(SH64) 2442 if (check_errno && is_negated_errno(sh64_r9)) { 2443 tcp->u_rval = -1; 2444 u_error = -sh64_r9; 2445 } 2446 else { 2447 tcp->u_rval = sh64_r9; 2448 } 2449#elif defined(METAG) 2450 /* result pointer in D0Re0 (D0.0) */ 2451 if (check_errno && is_negated_errno(metag_regs.dx[0][0])) { 2452 tcp->u_rval = -1; 2453 u_error = -metag_regs.dx[0][0]; 2454 } 2455 else { 2456 tcp->u_rval = metag_regs.dx[0][0]; 2457 } 2458#elif defined(CRISV10) || defined(CRISV32) 2459 if (check_errno && cris_r10 && (unsigned) -cris_r10 < nerrnos) { 2460 tcp->u_rval = -1; 2461 u_error = -cris_r10; 2462 } 2463 else { 2464 tcp->u_rval = cris_r10; 2465 } 2466#elif defined(TILE) 2467 /* 2468 * The standard tile calling convention returns the value (or negative 2469 * errno) in r0, and zero (or positive errno) in r1. 2470 * Until at least kernel 3.8, however, the r1 value is not reflected 2471 * in ptregs at this point, so we use r0 here. 2472 */ 2473 if (check_errno && is_negated_errno(tile_regs.regs[0])) { 2474 tcp->u_rval = -1; 2475 u_error = -tile_regs.regs[0]; 2476 } else { 2477 tcp->u_rval = tile_regs.regs[0]; 2478 } 2479#elif defined(MICROBLAZE) 2480 if (check_errno && is_negated_errno(microblaze_r3)) { 2481 tcp->u_rval = -1; 2482 u_error = -microblaze_r3; 2483 } 2484 else { 2485 tcp->u_rval = microblaze_r3; 2486 } 2487#elif defined(OR1K) 2488 if (check_errno && is_negated_errno(or1k_regs.gpr[11])) { 2489 tcp->u_rval = -1; 2490 u_error = -or1k_regs.gpr[11]; 2491 } 2492 else { 2493 tcp->u_rval = or1k_regs.gpr[11]; 2494 } 2495#elif defined(XTENSA) 2496 if (check_errno && is_negated_errno(xtensa_a2)) { 2497 tcp->u_rval = -1; 2498 u_error = -xtensa_a2; 2499 } 2500 else { 2501 tcp->u_rval = xtensa_a2; 2502 } 2503#elif defined(ARC) 2504 if (check_errno && is_negated_errno(arc_regs.scratch.r0)) { 2505 tcp->u_rval = -1; 2506 u_error = -arc_regs.scratch.r0; 2507 } 2508 else { 2509 tcp->u_rval = arc_regs.scratch.r0; 2510 } 2511#endif 2512 tcp->u_error = u_error; 2513} 2514 2515static void 2516dumpio(struct tcb *tcp) 2517{ 2518 int (*func)(); 2519 2520 if (syserror(tcp)) 2521 return; 2522 if ((unsigned long) tcp->u_arg[0] >= num_quals) 2523 return; 2524 func = tcp->s_ent->sys_func; 2525 if (func == printargs) 2526 return; 2527 if (qual_flags[tcp->u_arg[0]] & QUAL_READ) { 2528 if (func == sys_read || 2529 func == sys_pread || 2530 func == sys_recv || 2531 func == sys_recvfrom) { 2532 dumpstr(tcp, tcp->u_arg[1], tcp->u_rval); 2533 return; 2534 } else if (func == sys_readv) { 2535 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]); 2536 return; 2537#if HAVE_SENDMSG 2538 } else if (func == sys_recvmsg) { 2539 dumpiov_in_msghdr(tcp, tcp->u_arg[1]); 2540 return; 2541 } else if (func == sys_recvmmsg) { 2542 dumpiov_in_mmsghdr(tcp, tcp->u_arg[1]); 2543 return; 2544#endif 2545 } 2546 } 2547 if (qual_flags[tcp->u_arg[0]] & QUAL_WRITE) { 2548 if (func == sys_write || 2549 func == sys_pwrite || 2550 func == sys_send || 2551 func == sys_sendto) 2552 dumpstr(tcp, tcp->u_arg[1], tcp->u_arg[2]); 2553 else if (func == sys_writev) 2554 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]); 2555#if HAVE_SENDMSG 2556 else if (func == sys_sendmsg) 2557 dumpiov_in_msghdr(tcp, tcp->u_arg[1]); 2558 else if (func == sys_sendmmsg) 2559 dumpiov_in_mmsghdr(tcp, tcp->u_arg[1]); 2560#endif 2561 } 2562} 2563 2564static int 2565trace_syscall_exiting(struct tcb *tcp) 2566{ 2567 int sys_res; 2568 struct timeval tv; 2569 int res; 2570 long u_error; 2571 2572 /* Measure the exit time as early as possible to avoid errors. */ 2573 if (Tflag || cflag) 2574 gettimeofday(&tv, NULL); 2575 2576#ifdef USE_LIBUNWIND 2577 if (stack_trace_enabled) { 2578 if (tcp->s_ent->sys_flags & STACKTRACE_INVALIDATE_CACHE) 2579 unwind_cache_invalidate(tcp); 2580 } 2581#endif 2582 2583#if SUPPORTED_PERSONALITIES > 1 2584 update_personality(tcp, tcp->currpers); 2585#endif 2586 res = (get_regs_error ? -1 : get_syscall_result(tcp)); 2587 if (res == 1) { 2588 syscall_fixup_on_sysexit(tcp); /* never fails */ 2589 get_error(tcp); /* never fails */ 2590 if (need_fork_exec_workarounds) 2591 syscall_fixup_for_fork_exec(tcp); 2592 if (filtered(tcp) || hide_log_until_execve) 2593 goto ret; 2594 } 2595 2596 if (cflag) { 2597 count_syscall(tcp, &tv); 2598 if (cflag == CFLAG_ONLY_STATS) { 2599 goto ret; 2600 } 2601 } 2602 2603 /* If not in -ff mode, and printing_tcp != tcp, 2604 * then the log currently does not end with output 2605 * of _our syscall entry_, but with something else. 2606 * We need to say which syscall's return is this. 2607 * 2608 * Forced reprinting via TCB_REPRINT is used only by 2609 * "strace -ff -oLOG test/threaded_execve" corner case. 2610 * It's the only case when -ff mode needs reprinting. 2611 */ 2612 if ((followfork < 2 && printing_tcp != tcp) || (tcp->flags & TCB_REPRINT)) { 2613 tcp->flags &= ~TCB_REPRINT; 2614 printleader(tcp); 2615 if (tcp->qual_flg & UNDEFINED_SCNO) 2616 tprintf("<... %s resumed> ", undefined_scno_name(tcp)); 2617 else 2618 tprintf("<... %s resumed> ", tcp->s_ent->sys_name); 2619 } 2620 printing_tcp = tcp; 2621 2622 if (res != 1) { 2623 /* There was error in one of prior ptrace ops */ 2624 tprints(") "); 2625 tabto(); 2626 tprints("= ? <unavailable>\n"); 2627 line_ended(); 2628 tcp->flags &= ~TCB_INSYSCALL; 2629 return res; 2630 } 2631 2632 sys_res = 0; 2633 if (tcp->qual_flg & QUAL_RAW) { 2634 /* sys_res = printargs(tcp); - but it's nop on sysexit */ 2635 } else { 2636 /* FIXME: not_failing_only (IOW, option -z) is broken: 2637 * failure of syscall is known only after syscall return. 2638 * Thus we end up with something like this on, say, ENOENT: 2639 * open("doesnt_exist", O_RDONLY <unfinished ...> 2640 * {next syscall decode} 2641 * whereas the intended result is that open(...) line 2642 * is not shown at all. 2643 */ 2644 if (not_failing_only && tcp->u_error) 2645 goto ret; /* ignore failed syscalls */ 2646 sys_res = tcp->s_ent->sys_func(tcp); 2647 } 2648 2649 tprints(") "); 2650 tabto(); 2651 u_error = tcp->u_error; 2652 if (tcp->qual_flg & QUAL_RAW) { 2653 if (u_error) 2654 tprintf("= -1 (errno %ld)", u_error); 2655 else 2656 tprintf("= %#lx", tcp->u_rval); 2657 } 2658 else if (!(sys_res & RVAL_NONE) && u_error) { 2659 switch (u_error) { 2660 /* Blocked signals do not interrupt any syscalls. 2661 * In this case syscalls don't return ERESTARTfoo codes. 2662 * 2663 * Deadly signals set to SIG_DFL interrupt syscalls 2664 * and kill the process regardless of which of the codes below 2665 * is returned by the interrupted syscall. 2666 * In some cases, kernel forces a kernel-generated deadly 2667 * signal to be unblocked and set to SIG_DFL (and thus cause 2668 * death) if it is blocked or SIG_IGNed: for example, SIGSEGV 2669 * or SIGILL. (The alternative is to leave process spinning 2670 * forever on the faulty instruction - not useful). 2671 * 2672 * SIG_IGNed signals and non-deadly signals set to SIG_DFL 2673 * (for example, SIGCHLD, SIGWINCH) interrupt syscalls, 2674 * but kernel will always restart them. 2675 */ 2676 case ERESTARTSYS: 2677 /* Most common type of signal-interrupted syscall exit code. 2678 * The system call will be restarted with the same arguments 2679 * if SA_RESTART is set; otherwise, it will fail with EINTR. 2680 */ 2681 tprints("= ? ERESTARTSYS (To be restarted if SA_RESTART is set)"); 2682 break; 2683 case ERESTARTNOINTR: 2684 /* Rare. For example, fork() returns this if interrupted. 2685 * SA_RESTART is ignored (assumed set): the restart is unconditional. 2686 */ 2687 tprints("= ? ERESTARTNOINTR (To be restarted)"); 2688 break; 2689 case ERESTARTNOHAND: 2690 /* pause(), rt_sigsuspend() etc use this code. 2691 * SA_RESTART is ignored (assumed not set): 2692 * syscall won't restart (will return EINTR instead) 2693 * even after signal with SA_RESTART set. However, 2694 * after SIG_IGN or SIG_DFL signal it will restart 2695 * (thus the name "restart only if has no handler"). 2696 */ 2697 tprints("= ? ERESTARTNOHAND (To be restarted if no handler)"); 2698 break; 2699 case ERESTART_RESTARTBLOCK: 2700 /* Syscalls like nanosleep(), poll() which can't be 2701 * restarted with their original arguments use this 2702 * code. Kernel will execute restart_syscall() instead, 2703 * which changes arguments before restarting syscall. 2704 * SA_RESTART is ignored (assumed not set) similarly 2705 * to ERESTARTNOHAND. (Kernel can't honor SA_RESTART 2706 * since restart data is saved in "restart block" 2707 * in task struct, and if signal handler uses a syscall 2708 * which in turn saves another such restart block, 2709 * old data is lost and restart becomes impossible) 2710 */ 2711 tprints("= ? ERESTART_RESTARTBLOCK (Interrupted by signal)"); 2712 break; 2713 default: 2714 if (u_error < 0) 2715 tprintf("= -1 E??? (errno %ld)", u_error); 2716 else if ((unsigned long) u_error < nerrnos) 2717 tprintf("= -1 %s (%s)", errnoent[u_error], 2718 strerror(u_error)); 2719 else 2720 tprintf("= -1 ERRNO_%ld (%s)", u_error, 2721 strerror(u_error)); 2722 break; 2723 } 2724 if ((sys_res & RVAL_STR) && tcp->auxstr) 2725 tprintf(" (%s)", tcp->auxstr); 2726 } 2727 else { 2728 if (sys_res & RVAL_NONE) 2729 tprints("= ?"); 2730 else { 2731 switch (sys_res & RVAL_MASK) { 2732 case RVAL_HEX: 2733 tprintf("= %#lx", tcp->u_rval); 2734 break; 2735 case RVAL_OCTAL: 2736 tprintf("= %#lo", tcp->u_rval); 2737 break; 2738 case RVAL_UDECIMAL: 2739 tprintf("= %lu", tcp->u_rval); 2740 break; 2741 case RVAL_DECIMAL: 2742 tprintf("= %ld", tcp->u_rval); 2743 break; 2744 case RVAL_FD: 2745 if (show_fd_path) { 2746 tprints("= "); 2747 printfd(tcp, tcp->u_rval); 2748 } 2749 else 2750 tprintf("= %ld", tcp->u_rval); 2751 break; 2752#if defined(LINUX_MIPSN32) || defined(X32) 2753 /* 2754 case RVAL_LHEX: 2755 tprintf("= %#llx", tcp->u_lrval); 2756 break; 2757 case RVAL_LOCTAL: 2758 tprintf("= %#llo", tcp->u_lrval); 2759 break; 2760 */ 2761 case RVAL_LUDECIMAL: 2762 tprintf("= %llu", tcp->u_lrval); 2763 break; 2764 /* 2765 case RVAL_LDECIMAL: 2766 tprintf("= %lld", tcp->u_lrval); 2767 break; 2768 */ 2769#endif 2770 default: 2771 fprintf(stderr, 2772 "invalid rval format\n"); 2773 break; 2774 } 2775 } 2776 if ((sys_res & RVAL_STR) && tcp->auxstr) 2777 tprintf(" (%s)", tcp->auxstr); 2778 } 2779 if (Tflag) { 2780 tv_sub(&tv, &tv, &tcp->etime); 2781 tprintf(" <%ld.%06ld>", 2782 (long) tv.tv_sec, (long) tv.tv_usec); 2783 } 2784 tprints("\n"); 2785 dumpio(tcp); 2786 line_ended(); 2787 2788#ifdef USE_LIBUNWIND 2789 if (stack_trace_enabled) 2790 unwind_print_stacktrace(tcp); 2791#endif 2792 2793 ret: 2794 tcp->flags &= ~TCB_INSYSCALL; 2795 return 0; 2796} 2797 2798int 2799trace_syscall(struct tcb *tcp) 2800{ 2801 return exiting(tcp) ? 2802 trace_syscall_exiting(tcp) : trace_syscall_entering(tcp); 2803} 2804