syscall.c revision 5503dd28c6cab61af949f592e8bfcdaf1380cfef
1/* 2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl> 3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl> 4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com> 5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl> 6 * Copyright (c) 1999 IBM Deutschland Entwicklung GmbH, IBM Corporation 7 * Linux for s390 port by D.J. Barrow 8 * <barrow_dj@mail.yahoo.com,djbarrow@de.ibm.com> 9 * All rights reserved. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. The name of the author may not be used to endorse or promote products 20 * derived from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34#include "defs.h" 35#include <sys/param.h> 36 37/* for struct iovec */ 38#include <sys/uio.h> 39/* for NT_PRSTATUS */ 40#ifdef HAVE_ELF_H 41# include <elf.h> 42#endif 43 44#include "ptrace.h" 45 46#if defined(SPARC64) 47# undef PTRACE_GETREGS 48# define PTRACE_GETREGS PTRACE_GETREGS64 49# undef PTRACE_SETREGS 50# define PTRACE_SETREGS PTRACE_SETREGS64 51#endif 52 53#include "regs.h" 54 55#if defined SPARC64 56# include <asm/psrcompat.h> 57#elif defined SPARC 58# include <asm/psr.h> 59#endif 60 61#ifndef NSIG 62# warning: NSIG is not defined, using 32 63# define NSIG 32 64#endif 65 66#include "syscall.h" 67 68/* Define these shorthand notations to simplify the syscallent files. */ 69#define TD TRACE_DESC 70#define TF TRACE_FILE 71#define TI TRACE_IPC 72#define TN TRACE_NETWORK 73#define TP TRACE_PROCESS 74#define TS TRACE_SIGNAL 75#define TM TRACE_MEMORY 76#define NF SYSCALL_NEVER_FAILS 77#define MA MAX_ARGS 78#define SI STACKTRACE_INVALIDATE_CACHE 79#define SE STACKTRACE_CAPTURE_ON_ENTER 80 81const struct_sysent sysent0[] = { 82#include "syscallent.h" 83}; 84 85#if SUPPORTED_PERSONALITIES > 1 86static const struct_sysent sysent1[] = { 87# include "syscallent1.h" 88}; 89#endif 90 91#if SUPPORTED_PERSONALITIES > 2 92static const struct_sysent sysent2[] = { 93# include "syscallent2.h" 94}; 95#endif 96 97/* Now undef them since short defines cause wicked namespace pollution. */ 98#undef TD 99#undef TF 100#undef TI 101#undef TN 102#undef TP 103#undef TS 104#undef TM 105#undef NF 106#undef MA 107#undef SI 108#undef SE 109 110/* 111 * `ioctlent[012].h' files are automatically generated by the auxiliary 112 * program `ioctlsort', such that the list is sorted by the `code' field. 113 * This has the side-effect of resolving the _IO.. macros into 114 * plain integers, eliminating the need to include here everything 115 * in "/usr/include". 116 */ 117 118const char *const errnoent0[] = { 119#include "errnoent.h" 120}; 121const char *const signalent0[] = { 122#include "signalent.h" 123}; 124const struct_ioctlent ioctlent0[] = { 125#include "ioctlent0.h" 126}; 127 128#if SUPPORTED_PERSONALITIES > 1 129static const char *const errnoent1[] = { 130# include "errnoent1.h" 131}; 132static const char *const signalent1[] = { 133# include "signalent1.h" 134}; 135static const struct_ioctlent ioctlent1[] = { 136# include "ioctlent1.h" 137}; 138#endif 139 140#if SUPPORTED_PERSONALITIES > 2 141static const char *const errnoent2[] = { 142# include "errnoent2.h" 143}; 144static const char *const signalent2[] = { 145# include "signalent2.h" 146}; 147static const struct_ioctlent ioctlent2[] = { 148# include "ioctlent2.h" 149}; 150#endif 151 152enum { 153 nsyscalls0 = ARRAY_SIZE(sysent0) 154#if SUPPORTED_PERSONALITIES > 1 155 , nsyscalls1 = ARRAY_SIZE(sysent1) 156# if SUPPORTED_PERSONALITIES > 2 157 , nsyscalls2 = ARRAY_SIZE(sysent2) 158# endif 159#endif 160}; 161 162enum { 163 nerrnos0 = ARRAY_SIZE(errnoent0) 164#if SUPPORTED_PERSONALITIES > 1 165 , nerrnos1 = ARRAY_SIZE(errnoent1) 166# if SUPPORTED_PERSONALITIES > 2 167 , nerrnos2 = ARRAY_SIZE(errnoent2) 168# endif 169#endif 170}; 171 172enum { 173 nsignals0 = ARRAY_SIZE(signalent0) 174#if SUPPORTED_PERSONALITIES > 1 175 , nsignals1 = ARRAY_SIZE(signalent1) 176# if SUPPORTED_PERSONALITIES > 2 177 , nsignals2 = ARRAY_SIZE(signalent2) 178# endif 179#endif 180}; 181 182enum { 183 nioctlents0 = ARRAY_SIZE(ioctlent0) 184#if SUPPORTED_PERSONALITIES > 1 185 , nioctlents1 = ARRAY_SIZE(ioctlent1) 186# if SUPPORTED_PERSONALITIES > 2 187 , nioctlents2 = ARRAY_SIZE(ioctlent2) 188# endif 189#endif 190}; 191 192#if SUPPORTED_PERSONALITIES > 1 193const struct_sysent *sysent = sysent0; 194const char *const *errnoent = errnoent0; 195const char *const *signalent = signalent0; 196const struct_ioctlent *ioctlent = ioctlent0; 197#endif 198unsigned nsyscalls = nsyscalls0; 199unsigned nerrnos = nerrnos0; 200unsigned nsignals = nsignals0; 201unsigned nioctlents = nioctlents0; 202 203unsigned num_quals; 204qualbits_t *qual_vec[SUPPORTED_PERSONALITIES]; 205 206static const unsigned nsyscall_vec[SUPPORTED_PERSONALITIES] = { 207 nsyscalls0, 208#if SUPPORTED_PERSONALITIES > 1 209 nsyscalls1, 210#endif 211#if SUPPORTED_PERSONALITIES > 2 212 nsyscalls2, 213#endif 214}; 215static const struct_sysent *const sysent_vec[SUPPORTED_PERSONALITIES] = { 216 sysent0, 217#if SUPPORTED_PERSONALITIES > 1 218 sysent1, 219#endif 220#if SUPPORTED_PERSONALITIES > 2 221 sysent2, 222#endif 223}; 224 225enum { 226 MAX_NSYSCALLS1 = (nsyscalls0 227#if SUPPORTED_PERSONALITIES > 1 228 > nsyscalls1 ? nsyscalls0 : nsyscalls1 229#endif 230 ), 231 MAX_NSYSCALLS2 = (MAX_NSYSCALLS1 232#if SUPPORTED_PERSONALITIES > 2 233 > nsyscalls2 ? MAX_NSYSCALLS1 : nsyscalls2 234#endif 235 ), 236 MAX_NSYSCALLS = MAX_NSYSCALLS2, 237 /* We are ready for arches with up to 255 signals, 238 * even though the largest known signo is on MIPS and it is 128. 239 * The number of existing syscalls on all arches is 240 * larger that 255 anyway, so it is just a pedantic matter. 241 */ 242 MIN_QUALS = MAX_NSYSCALLS > 255 ? MAX_NSYSCALLS : 255 243}; 244 245#if SUPPORTED_PERSONALITIES > 1 246unsigned current_personality; 247 248# ifndef current_wordsize 249unsigned current_wordsize; 250static const int personality_wordsize[SUPPORTED_PERSONALITIES] = { 251 PERSONALITY0_WORDSIZE, 252 PERSONALITY1_WORDSIZE, 253# if SUPPORTED_PERSONALITIES > 2 254 PERSONALITY2_WORDSIZE, 255# endif 256}; 257# endif 258 259void 260set_personality(int personality) 261{ 262 nsyscalls = nsyscall_vec[personality]; 263 sysent = sysent_vec[personality]; 264 265 switch (personality) { 266 case 0: 267 errnoent = errnoent0; 268 nerrnos = nerrnos0; 269 ioctlent = ioctlent0; 270 nioctlents = nioctlents0; 271 signalent = signalent0; 272 nsignals = nsignals0; 273 break; 274 275 case 1: 276 errnoent = errnoent1; 277 nerrnos = nerrnos1; 278 ioctlent = ioctlent1; 279 nioctlents = nioctlents1; 280 signalent = signalent1; 281 nsignals = nsignals1; 282 break; 283 284# if SUPPORTED_PERSONALITIES > 2 285 case 2: 286 errnoent = errnoent2; 287 nerrnos = nerrnos2; 288 ioctlent = ioctlent2; 289 nioctlents = nioctlents2; 290 signalent = signalent2; 291 nsignals = nsignals2; 292 break; 293# endif 294 } 295 296 current_personality = personality; 297# ifndef current_wordsize 298 current_wordsize = personality_wordsize[personality]; 299# endif 300} 301 302static void 303update_personality(struct tcb *tcp, unsigned int personality) 304{ 305 if (personality == current_personality) 306 return; 307 set_personality(personality); 308 309 if (personality == tcp->currpers) 310 return; 311 tcp->currpers = personality; 312 313# if defined(POWERPC64) 314 if (!qflag) { 315 static const char *const names[] = {"64 bit", "32 bit"}; 316 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n", 317 tcp->pid, names[personality]); 318 } 319# elif defined(X86_64) 320 if (!qflag) { 321 static const char *const names[] = {"64 bit", "32 bit", "x32"}; 322 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n", 323 tcp->pid, names[personality]); 324 } 325# elif defined(X32) 326 if (!qflag) { 327 static const char *const names[] = {"x32", "32 bit"}; 328 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n", 329 tcp->pid, names[personality]); 330 } 331# elif defined(AARCH64) 332 if (!qflag) { 333 static const char *const names[] = {"32-bit", "AArch64"}; 334 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n", 335 tcp->pid, names[personality]); 336 } 337# elif defined(TILE) 338 if (!qflag) { 339 static const char *const names[] = {"64-bit", "32-bit"}; 340 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n", 341 tcp->pid, names[personality]); 342 } 343# endif 344} 345#endif 346 347static int qual_syscall(), qual_signal(), qual_desc(); 348 349static const struct qual_options { 350 unsigned int bitflag; 351 const char *option_name; 352 int (*qualify)(const char *, int, int); 353 const char *argument_name; 354} qual_options[] = { 355 { QUAL_TRACE, "trace", qual_syscall, "system call" }, 356 { QUAL_TRACE, "t", qual_syscall, "system call" }, 357 { QUAL_ABBREV, "abbrev", qual_syscall, "system call" }, 358 { QUAL_ABBREV, "a", qual_syscall, "system call" }, 359 { QUAL_VERBOSE, "verbose", qual_syscall, "system call" }, 360 { QUAL_VERBOSE, "v", qual_syscall, "system call" }, 361 { QUAL_RAW, "raw", qual_syscall, "system call" }, 362 { QUAL_RAW, "x", qual_syscall, "system call" }, 363 { QUAL_SIGNAL, "signal", qual_signal, "signal" }, 364 { QUAL_SIGNAL, "signals", qual_signal, "signal" }, 365 { QUAL_SIGNAL, "s", qual_signal, "signal" }, 366 { QUAL_READ, "read", qual_desc, "descriptor" }, 367 { QUAL_READ, "reads", qual_desc, "descriptor" }, 368 { QUAL_READ, "r", qual_desc, "descriptor" }, 369 { QUAL_WRITE, "write", qual_desc, "descriptor" }, 370 { QUAL_WRITE, "writes", qual_desc, "descriptor" }, 371 { QUAL_WRITE, "w", qual_desc, "descriptor" }, 372 { 0, NULL, NULL, NULL }, 373}; 374 375static void 376reallocate_qual(const unsigned int n) 377{ 378 unsigned p; 379 qualbits_t *qp; 380 for (p = 0; p < SUPPORTED_PERSONALITIES; p++) { 381 qp = qual_vec[p] = realloc(qual_vec[p], n * sizeof(qualbits_t)); 382 if (!qp) 383 die_out_of_memory(); 384 memset(&qp[num_quals], 0, (n - num_quals) * sizeof(qualbits_t)); 385 } 386 num_quals = n; 387} 388 389static void 390qualify_one(const unsigned int n, unsigned int bitflag, const int not, const int pers) 391{ 392 int p; 393 394 if (num_quals <= n) 395 reallocate_qual(n + 1); 396 397 for (p = 0; p < SUPPORTED_PERSONALITIES; p++) { 398 if (pers == p || pers < 0) { 399 if (not) 400 qual_vec[p][n] &= ~bitflag; 401 else 402 qual_vec[p][n] |= bitflag; 403 } 404 } 405} 406 407static int 408qual_syscall(const char *s, const unsigned int bitflag, const int not) 409{ 410 int p; 411 unsigned int i; 412 int rc = -1; 413 414 if (*s >= '0' && *s <= '9') { 415 i = string_to_uint(s); 416 if (i >= MAX_NSYSCALLS) 417 return -1; 418 qualify_one(i, bitflag, not, -1); 419 return 0; 420 } 421 422 for (p = 0; p < SUPPORTED_PERSONALITIES; p++) { 423 for (i = 0; i < nsyscall_vec[p]; i++) { 424 if (sysent_vec[p][i].sys_name 425 && strcmp(s, sysent_vec[p][i].sys_name) == 0 426 ) { 427 qualify_one(i, bitflag, not, p); 428 rc = 0; 429 } 430 } 431 } 432 433 return rc; 434} 435 436static int 437qual_signal(const char *s, const unsigned int bitflag, const int not) 438{ 439 unsigned int i; 440 441 if (*s >= '0' && *s <= '9') { 442 int signo = string_to_uint(s); 443 if (signo < 0 || signo > 255) 444 return -1; 445 qualify_one(signo, bitflag, not, -1); 446 return 0; 447 } 448 if (strncasecmp(s, "SIG", 3) == 0) 449 s += 3; 450 for (i = 0; i <= NSIG; i++) { 451 if (strcasecmp(s, signame(i) + 3) == 0) { 452 qualify_one(i, bitflag, not, -1); 453 return 0; 454 } 455 } 456 return -1; 457} 458 459static int 460qual_desc(const char *s, const unsigned int bitflag, const int not) 461{ 462 if (*s >= '0' && *s <= '9') { 463 int desc = string_to_uint(s); 464 if (desc < 0 || desc > 0x7fff) /* paranoia */ 465 return -1; 466 qualify_one(desc, bitflag, not, -1); 467 return 0; 468 } 469 return -1; 470} 471 472static int 473lookup_class(const char *s) 474{ 475 if (strcmp(s, "file") == 0) 476 return TRACE_FILE; 477 if (strcmp(s, "ipc") == 0) 478 return TRACE_IPC; 479 if (strcmp(s, "network") == 0) 480 return TRACE_NETWORK; 481 if (strcmp(s, "process") == 0) 482 return TRACE_PROCESS; 483 if (strcmp(s, "signal") == 0) 484 return TRACE_SIGNAL; 485 if (strcmp(s, "desc") == 0) 486 return TRACE_DESC; 487 if (strcmp(s, "memory") == 0) 488 return TRACE_MEMORY; 489 return -1; 490} 491 492void 493qualify(const char *s) 494{ 495 const struct qual_options *opt; 496 char *copy; 497 const char *p; 498 int not; 499 unsigned int i; 500 501 if (num_quals == 0) 502 reallocate_qual(MIN_QUALS); 503 504 opt = &qual_options[0]; 505 for (i = 0; (p = qual_options[i].option_name); i++) { 506 unsigned int len = strlen(p); 507 if (strncmp(s, p, len) == 0 && s[len] == '=') { 508 opt = &qual_options[i]; 509 s += len + 1; 510 break; 511 } 512 } 513 not = 0; 514 if (*s == '!') { 515 not = 1; 516 s++; 517 } 518 if (strcmp(s, "none") == 0) { 519 not = 1 - not; 520 s = "all"; 521 } 522 if (strcmp(s, "all") == 0) { 523 for (i = 0; i < num_quals; i++) { 524 qualify_one(i, opt->bitflag, not, -1); 525 } 526 return; 527 } 528 for (i = 0; i < num_quals; i++) { 529 qualify_one(i, opt->bitflag, !not, -1); 530 } 531 copy = strdup(s); 532 if (!copy) 533 die_out_of_memory(); 534 for (p = strtok(copy, ","); p; p = strtok(NULL, ",")) { 535 int n; 536 if (opt->bitflag == QUAL_TRACE && (n = lookup_class(p)) > 0) { 537 unsigned pers; 538 for (pers = 0; pers < SUPPORTED_PERSONALITIES; pers++) { 539 for (i = 0; i < nsyscall_vec[pers]; i++) 540 if (sysent_vec[pers][i].sys_flags & n) 541 qualify_one(i, opt->bitflag, not, pers); 542 } 543 continue; 544 } 545 if (opt->qualify(p, opt->bitflag, not)) { 546 error_msg_and_die("invalid %s '%s'", 547 opt->argument_name, p); 548 } 549 } 550 free(copy); 551 return; 552} 553 554#ifdef SYS_socket_subcall 555static void 556decode_socket_subcall(struct tcb *tcp) 557{ 558 unsigned long addr; 559 unsigned int i, n, size; 560 561 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= SYS_socket_nsubcalls) 562 return; 563 564 tcp->scno = SYS_socket_subcall + tcp->u_arg[0]; 565 tcp->qual_flg = qual_flags[tcp->scno]; 566 tcp->s_ent = &sysent[tcp->scno]; 567 addr = tcp->u_arg[1]; 568 size = current_wordsize; 569 n = tcp->s_ent->nargs; 570 for (i = 0; i < n; ++i) { 571 if (size == sizeof(int)) { 572 unsigned int arg; 573 if (umove(tcp, addr, &arg) < 0) 574 arg = 0; 575 tcp->u_arg[i] = arg; 576 } 577 else { 578 unsigned long arg; 579 if (umove(tcp, addr, &arg) < 0) 580 arg = 0; 581 tcp->u_arg[i] = arg; 582 } 583 addr += size; 584 } 585} 586#endif 587 588#ifdef SYS_ipc_subcall 589static void 590decode_ipc_subcall(struct tcb *tcp) 591{ 592 unsigned int i, n; 593 594 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= SYS_ipc_nsubcalls) 595 return; 596 597 tcp->scno = SYS_ipc_subcall + tcp->u_arg[0]; 598 tcp->qual_flg = qual_flags[tcp->scno]; 599 tcp->s_ent = &sysent[tcp->scno]; 600 n = tcp->s_ent->nargs; 601 for (i = 0; i < n; i++) 602 tcp->u_arg[i] = tcp->u_arg[i + 1]; 603} 604#endif 605 606int 607printargs(struct tcb *tcp) 608{ 609 if (entering(tcp)) { 610 int i; 611 int n = tcp->s_ent->nargs; 612 for (i = 0; i < n; i++) 613 tprintf("%s%#lx", i ? ", " : "", tcp->u_arg[i]); 614 } 615 return 0; 616} 617 618int 619printargs_lu(struct tcb *tcp) 620{ 621 if (entering(tcp)) { 622 int i; 623 int n = tcp->s_ent->nargs; 624 for (i = 0; i < n; i++) 625 tprintf("%s%lu", i ? ", " : "", tcp->u_arg[i]); 626 } 627 return 0; 628} 629 630int 631printargs_ld(struct tcb *tcp) 632{ 633 if (entering(tcp)) { 634 int i; 635 int n = tcp->s_ent->nargs; 636 for (i = 0; i < n; i++) 637 tprintf("%s%ld", i ? ", " : "", tcp->u_arg[i]); 638 } 639 return 0; 640} 641 642#if defined(SPARC) || defined(SPARC64) || defined(IA64) || defined(SH) 643long 644getrval2(struct tcb *tcp) 645{ 646 long val; 647 648# if defined(SPARC) || defined(SPARC64) 649 val = sparc_regs.u_regs[U_REG_O1]; 650# elif defined(SH) 651 if (upeek(tcp->pid, 4*(REG_REG0+1), &val) < 0) 652 return -1; 653# elif defined(IA64) 654 if (upeek(tcp->pid, PT_R9, &val) < 0) 655 return -1; 656# endif 657 658 return val; 659} 660#endif 661 662#if defined(I386) 663static struct user_regs_struct i386_regs; 664/* Cast suppresses signedness warning (.esp is long, not unsigned long) */ 665uint32_t *const i386_esp_ptr = (uint32_t*)&i386_regs.esp; 666# define ARCH_REGS_FOR_GETREGSET i386_regs 667#elif defined(X86_64) || defined(X32) 668/* 669 * On i386, pt_regs and user_regs_struct are the same, 670 * but on 64 bit x86, user_regs_struct has six more fields: 671 * fs_base, gs_base, ds, es, fs, gs. 672 * PTRACE_GETREGS fills them too, so struct pt_regs would overflow. 673 */ 674struct i386_user_regs_struct { 675 uint32_t ebx; 676 uint32_t ecx; 677 uint32_t edx; 678 uint32_t esi; 679 uint32_t edi; 680 uint32_t ebp; 681 uint32_t eax; 682 uint32_t xds; 683 uint32_t xes; 684 uint32_t xfs; 685 uint32_t xgs; 686 uint32_t orig_eax; 687 uint32_t eip; 688 uint32_t xcs; 689 uint32_t eflags; 690 uint32_t esp; 691 uint32_t xss; 692}; 693static union { 694 struct user_regs_struct x86_64_r; 695 struct i386_user_regs_struct i386_r; 696} x86_regs_union; 697# define x86_64_regs x86_regs_union.x86_64_r 698# define i386_regs x86_regs_union.i386_r 699uint32_t *const i386_esp_ptr = &i386_regs.esp; 700static struct iovec x86_io = { 701 .iov_base = &x86_regs_union 702}; 703#elif defined(IA64) 704bool ia64_ia32mode = 0; /* not static */ 705static long ia64_r8, ia64_r10; 706#elif defined(POWERPC) 707struct pt_regs ppc_regs; 708#elif defined(M68K) 709static long m68k_d0; 710#elif defined(BFIN) 711static long bfin_r0; 712#elif defined(ARM) 713struct pt_regs arm_regs; /* not static */ 714# define ARCH_REGS_FOR_GETREGSET arm_regs 715#elif defined(AARCH64) 716struct arm_pt_regs { 717 int uregs[18]; 718}; 719# define ARM_cpsr uregs[16] 720# define ARM_pc uregs[15] 721# define ARM_lr uregs[14] 722# define ARM_sp uregs[13] 723# define ARM_ip uregs[12] 724# define ARM_fp uregs[11] 725# define ARM_r10 uregs[10] 726# define ARM_r9 uregs[9] 727# define ARM_r8 uregs[8] 728# define ARM_r7 uregs[7] 729# define ARM_r6 uregs[6] 730# define ARM_r5 uregs[5] 731# define ARM_r4 uregs[4] 732# define ARM_r3 uregs[3] 733# define ARM_r2 uregs[2] 734# define ARM_r1 uregs[1] 735# define ARM_r0 uregs[0] 736# define ARM_ORIG_r0 uregs[17] 737static union { 738 struct user_pt_regs aarch64_r; 739 struct arm_pt_regs arm_r; 740} arm_regs_union; 741# define aarch64_regs arm_regs_union.aarch64_r 742# define arm_regs arm_regs_union.arm_r 743static struct iovec aarch64_io = { 744 .iov_base = &arm_regs_union 745}; 746#elif defined(ALPHA) 747static long alpha_r0; 748static long alpha_a3; 749#elif defined(AVR32) 750static struct pt_regs avr32_regs; 751#elif defined(SPARC) || defined(SPARC64) 752struct pt_regs sparc_regs; /* not static */ 753#elif defined(LINUX_MIPSN32) 754static long long mips_a3; 755static long long mips_r2; 756#elif defined(MIPS) 757static long mips_a3; 758static long mips_r2; 759#elif defined(S390) || defined(S390X) 760static long s390_gpr2; 761#elif defined(HPPA) 762static long hppa_r28; 763#elif defined(SH) 764static long sh_r0; 765#elif defined(SH64) 766static long sh64_r9; 767#elif defined(CRISV10) || defined(CRISV32) 768static long cris_r10; 769#elif defined(TILE) 770struct pt_regs tile_regs; 771#elif defined(MICROBLAZE) 772static long microblaze_r3; 773#elif defined(OR1K) 774static struct user_regs_struct or1k_regs; 775# define ARCH_REGS_FOR_GETREGSET or1k_regs 776#elif defined(METAG) 777static struct user_gp_regs metag_regs; 778# define ARCH_REGS_FOR_GETREGSET metag_regs 779#elif defined(XTENSA) 780static long xtensa_a2; 781# elif defined(ARC) 782static struct user_regs_struct arc_regs; 783# define ARCH_REGS_FOR_GETREGSET arc_regs 784#endif 785 786void 787print_pc(struct tcb *tcp) 788{ 789#define PRINTBADPC tprintf(sizeof(long) == 4 ? "[????????] " : \ 790 sizeof(long) == 8 ? "[????????????????] " : \ 791 NULL /* crash */) 792 if (get_regs_error) { 793 PRINTBADPC; 794 return; 795 } 796#if defined(I386) 797 tprintf("[%08lx] ", i386_regs.eip); 798#elif defined(S390) || defined(S390X) 799 long psw; 800 if (upeek(tcp->pid, PT_PSWADDR, &psw) < 0) { 801 PRINTBADPC; 802 return; 803 } 804# ifdef S390 805 tprintf("[%08lx] ", psw); 806# elif S390X 807 tprintf("[%016lx] ", psw); 808# endif 809#elif defined(X86_64) || defined(X32) 810 if (x86_io.iov_len == sizeof(i386_regs)) { 811 tprintf("[%08x] ", (unsigned) i386_regs.eip); 812 } else { 813# if defined(X86_64) 814 tprintf("[%016lx] ", (unsigned long) x86_64_regs.rip); 815# elif defined(X32) 816 /* Note: this truncates 64-bit rip to 32 bits */ 817 tprintf("[%08lx] ", (unsigned long) x86_64_regs.rip); 818# endif 819 } 820#elif defined(IA64) 821 long ip; 822 if (upeek(tcp->pid, PT_B0, &ip) < 0) { 823 PRINTBADPC; 824 return; 825 } 826 tprintf("[%08lx] ", ip); 827#elif defined(POWERPC) 828 long pc = ppc_regs.nip; 829# ifdef POWERPC64 830 tprintf("[%016lx] ", pc); 831# else 832 tprintf("[%08lx] ", pc); 833# endif 834#elif defined(M68K) 835 long pc; 836 if (upeek(tcp->pid, 4*PT_PC, &pc) < 0) { 837 tprints("[????????] "); 838 return; 839 } 840 tprintf("[%08lx] ", pc); 841#elif defined(ALPHA) 842 long pc; 843 if (upeek(tcp->pid, REG_PC, &pc) < 0) { 844 tprints("[????????????????] "); 845 return; 846 } 847 tprintf("[%08lx] ", pc); 848#elif defined(SPARC) 849 tprintf("[%08lx] ", sparc_regs.pc); 850#elif defined(SPARC64) 851 tprintf("[%08lx] ", sparc_regs.tpc); 852#elif defined(HPPA) 853 long pc; 854 if (upeek(tcp->pid, PT_IAOQ0, &pc) < 0) { 855 tprints("[????????] "); 856 return; 857 } 858 tprintf("[%08lx] ", pc); 859#elif defined(MIPS) 860 long pc; 861 if (upeek(tcp->pid, REG_EPC, &pc) < 0) { 862 tprints("[????????] "); 863 return; 864 } 865 tprintf("[%08lx] ", pc); 866#elif defined(SH) 867 long pc; 868 if (upeek(tcp->pid, 4*REG_PC, &pc) < 0) { 869 tprints("[????????] "); 870 return; 871 } 872 tprintf("[%08lx] ", pc); 873#elif defined(SH64) 874 long pc; 875 if (upeek(tcp->pid, REG_PC, &pc) < 0) { 876 tprints("[????????????????] "); 877 return; 878 } 879 tprintf("[%08lx] ", pc); 880#elif defined(ARM) 881 tprintf("[%08lx] ", arm_regs.ARM_pc); 882#elif defined(AARCH64) 883 /* tprintf("[%016lx] ", aarch64_regs.regs[???]); */ 884#elif defined(AVR32) 885 tprintf("[%08lx] ", avr32_regs.pc); 886#elif defined(BFIN) 887 long pc; 888 if (upeek(tcp->pid, PT_PC, &pc) < 0) { 889 PRINTBADPC; 890 return; 891 } 892 tprintf("[%08lx] ", pc); 893#elif defined(CRISV10) 894 long pc; 895 if (upeek(tcp->pid, 4*PT_IRP, &pc) < 0) { 896 PRINTBADPC; 897 return; 898 } 899 tprintf("[%08lx] ", pc); 900#elif defined(CRISV32) 901 long pc; 902 if (upeek(tcp->pid, 4*PT_ERP, &pc) < 0) { 903 PRINTBADPC; 904 return; 905 } 906 tprintf("[%08lx] ", pc); 907#elif defined(TILE) 908# ifdef _LP64 909 tprintf("[%016lx] ", (unsigned long) tile_regs.pc); 910# else 911 tprintf("[%08lx] ", (unsigned long) tile_regs.pc); 912# endif 913#elif defined(OR1K) 914 tprintf("[%08lx] ", or1k_regs.pc); 915#elif defined(METAG) 916 tprintf("[%08lx] ", metag_regs.pc); 917#elif defined(XTENSA) 918 long pc; 919 if (upeek(tcp->pid, REG_PC, &pc) < 0) { 920 PRINTBADPC; 921 return; 922 } 923 tprintf("[%08lx] ", pc); 924#elif defined(ARC) 925 tprintf("[%08lx] ", arc_regs.efa); 926#endif /* architecture */ 927} 928 929/* 930 * Shuffle syscall numbers so that we don't have huge gaps in syscall table. 931 * The shuffling should be an involution: shuffle_scno(shuffle_scno(n)) == n. 932 */ 933#if defined(ARM) || defined(AARCH64) /* So far only 32-bit ARM needs this */ 934static long 935shuffle_scno(unsigned long scno) 936{ 937 if (scno < ARM_FIRST_SHUFFLED_SYSCALL) 938 return scno; 939 940 /* __ARM_NR_cmpxchg? Swap with LAST_ORDINARY+1 */ 941 if (scno == ARM_FIRST_SHUFFLED_SYSCALL) 942 return 0x000ffff0; 943 if (scno == 0x000ffff0) 944 return ARM_FIRST_SHUFFLED_SYSCALL; 945 946#define ARM_SECOND_SHUFFLED_SYSCALL (ARM_FIRST_SHUFFLED_SYSCALL + 1) 947 /* 948 * Is it ARM specific syscall? 949 * Swap [0x000f0000, 0x000f0000 + LAST_SPECIAL] range 950 * with [SECOND_SHUFFLED, SECOND_SHUFFLED + LAST_SPECIAL] range. 951 */ 952 if (scno >= 0x000f0000 && 953 scno <= 0x000f0000 + ARM_LAST_SPECIAL_SYSCALL) { 954 return scno - 0x000f0000 + ARM_SECOND_SHUFFLED_SYSCALL; 955 } 956 if (scno <= ARM_SECOND_SHUFFLED_SYSCALL + ARM_LAST_SPECIAL_SYSCALL) { 957 return scno + 0x000f0000 - ARM_SECOND_SHUFFLED_SYSCALL; 958 } 959 960 return scno; 961} 962#else 963# define shuffle_scno(scno) ((long)(scno)) 964#endif 965 966static char* 967undefined_scno_name(struct tcb *tcp) 968{ 969 static char buf[sizeof("syscall_%lu") + sizeof(long)*3]; 970 971 sprintf(buf, "syscall_%lu", shuffle_scno(tcp->scno)); 972 return buf; 973} 974 975#ifdef POWERPC 976/* 977 * PTRACE_GETREGS was added to the PowerPC kernel in v2.6.23, 978 * we provide a slow fallback for old kernels. 979 */ 980static int powerpc_getregs_old(pid_t pid) 981{ 982 int i; 983 long r; 984 985 if (iflag) { 986 r = upeek(pid, sizeof(long) * PT_NIP, (long *)&ppc_regs.nip); 987 if (r) 988 goto out; 989 } 990#ifdef POWERPC64 /* else we never use it */ 991 r = upeek(pid, sizeof(long) * PT_MSR, (long *)&ppc_regs.msr); 992 if (r) 993 goto out; 994#endif 995 r = upeek(pid, sizeof(long) * PT_CCR, (long *)&ppc_regs.ccr); 996 if (r) 997 goto out; 998 r = upeek(pid, sizeof(long) * PT_ORIG_R3, (long *)&ppc_regs.orig_gpr3); 999 if (r) 1000 goto out; 1001 for (i = 0; i <= 8; i++) { 1002 r = upeek(pid, sizeof(long) * (PT_R0 + i), 1003 (long *)&ppc_regs.gpr[i]); 1004 if (r) 1005 goto out; 1006 } 1007 out: 1008 return r; 1009} 1010#endif 1011 1012#ifndef get_regs 1013long get_regs_error; 1014 1015#if defined(PTRACE_GETREGSET) && defined(NT_PRSTATUS) 1016static void get_regset(pid_t pid) 1017{ 1018/* constant iovec */ 1019# if defined(ARM) \ 1020 || defined(I386) \ 1021 || defined(METAG) \ 1022 || defined(OR1K) \ 1023 || defined(ARC) 1024 static struct iovec io = { 1025 .iov_base = &ARCH_REGS_FOR_GETREGSET, 1026 .iov_len = sizeof(ARCH_REGS_FOR_GETREGSET) 1027 }; 1028 get_regs_error = ptrace(PTRACE_GETREGSET, pid, NT_PRSTATUS, &io); 1029 1030/* variable iovec */ 1031# elif defined(X86_64) || defined(X32) 1032 /* x86_io.iov_base = &x86_regs_union; - already is */ 1033 x86_io.iov_len = sizeof(x86_regs_union); 1034 get_regs_error = ptrace(PTRACE_GETREGSET, pid, NT_PRSTATUS, &x86_io); 1035# elif defined(AARCH64) 1036 /* aarch64_io.iov_base = &arm_regs_union; - already is */ 1037 aarch64_io.iov_len = sizeof(arm_regs_union); 1038 get_regs_error = ptrace(PTRACE_GETREGSET, pid, NT_PRSTATUS, &aarch64_io); 1039# else 1040# warning both PTRACE_GETREGSET and NT_PRSTATUS are available but not yet used 1041# endif 1042} 1043#endif /* PTRACE_GETREGSET && NT_PRSTATUS */ 1044 1045void 1046get_regs(pid_t pid) 1047{ 1048/* PTRACE_GETREGSET only */ 1049# if defined(METAG) || defined(OR1K) || defined(X32) || defined(AARCH64) || defined(ARC) 1050 get_regset(pid); 1051 1052/* PTRACE_GETREGS only */ 1053# elif defined(AVR32) 1054 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, &avr32_regs); 1055# elif defined(TILE) 1056 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, &tile_regs); 1057# elif defined(SPARC) || defined(SPARC64) 1058 get_regs_error = ptrace(PTRACE_GETREGS, pid, (char *)&sparc_regs, 0); 1059# elif defined(POWERPC) 1060 static bool old_kernel = 0; 1061 if (old_kernel) 1062 goto old; 1063 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, (long) &ppc_regs); 1064 if (get_regs_error && errno == EIO) { 1065 old_kernel = 1; 1066 old: 1067 get_regs_error = powerpc_getregs_old(pid); 1068 } 1069 1070/* try PTRACE_GETREGSET first, fallback to PTRACE_GETREGS */ 1071# else 1072# if defined(PTRACE_GETREGSET) && defined(NT_PRSTATUS) 1073 static int getregset_support; 1074 1075 if (getregset_support >= 0) { 1076 get_regset(pid); 1077 if (getregset_support > 0) 1078 return; 1079 if (get_regs_error >= 0) { 1080 getregset_support = 1; 1081 return; 1082 } 1083 if (errno == EPERM || errno == ESRCH) 1084 return; 1085 getregset_support = -1; 1086 } 1087# endif /* PTRACE_GETREGSET && NT_PRSTATUS */ 1088# if defined(ARM) 1089 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, &arm_regs); 1090# elif defined(I386) 1091 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, &i386_regs); 1092# elif defined(X86_64) 1093 /* Use old method, with unreliable heuristical detection of 32-bitness. */ 1094 x86_io.iov_len = sizeof(x86_64_regs); 1095 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, &x86_64_regs); 1096 if (!get_regs_error && x86_64_regs.cs == 0x23) { 1097 x86_io.iov_len = sizeof(i386_regs); 1098 /* 1099 * The order is important: i386_regs and x86_64_regs 1100 * are overlaid in memory! 1101 */ 1102 i386_regs.ebx = x86_64_regs.rbx; 1103 i386_regs.ecx = x86_64_regs.rcx; 1104 i386_regs.edx = x86_64_regs.rdx; 1105 i386_regs.esi = x86_64_regs.rsi; 1106 i386_regs.edi = x86_64_regs.rdi; 1107 i386_regs.ebp = x86_64_regs.rbp; 1108 i386_regs.eax = x86_64_regs.rax; 1109 /* i386_regs.xds = x86_64_regs.ds; unused by strace */ 1110 /* i386_regs.xes = x86_64_regs.es; ditto... */ 1111 /* i386_regs.xfs = x86_64_regs.fs; */ 1112 /* i386_regs.xgs = x86_64_regs.gs; */ 1113 i386_regs.orig_eax = x86_64_regs.orig_rax; 1114 i386_regs.eip = x86_64_regs.rip; 1115 /* i386_regs.xcs = x86_64_regs.cs; */ 1116 /* i386_regs.eflags = x86_64_regs.eflags; */ 1117 i386_regs.esp = x86_64_regs.rsp; 1118 /* i386_regs.xss = x86_64_regs.ss; */ 1119 } 1120# else 1121# error unhandled architecture 1122# endif /* ARM || I386 || X86_64 */ 1123# endif 1124} 1125#endif /* !get_regs */ 1126 1127/* Returns: 1128 * 0: "ignore this ptrace stop", bail out of trace_syscall_entering() silently. 1129 * 1: ok, continue in trace_syscall_entering(). 1130 * other: error, trace_syscall_entering() should print error indicator 1131 * ("????" etc) and bail out. 1132 */ 1133static int 1134get_scno(struct tcb *tcp) 1135{ 1136 long scno = 0; 1137 1138#if defined(S390) || defined(S390X) 1139 if (upeek(tcp->pid, PT_GPR2, &s390_gpr2) < 0) 1140 return -1; 1141 1142 if (s390_gpr2 != -ENOSYS) { 1143 /* 1144 * Since kernel version 2.5.44 the scno gets passed in gpr2. 1145 */ 1146 scno = s390_gpr2; 1147 } else { 1148 /* 1149 * Old style of "passing" the scno via the SVC instruction. 1150 */ 1151 long psw; 1152 long opcode, offset_reg, tmp; 1153 void *svc_addr; 1154 static const int gpr_offset[16] = { 1155 PT_GPR0, PT_GPR1, PT_ORIGGPR2, PT_GPR3, 1156 PT_GPR4, PT_GPR5, PT_GPR6, PT_GPR7, 1157 PT_GPR8, PT_GPR9, PT_GPR10, PT_GPR11, 1158 PT_GPR12, PT_GPR13, PT_GPR14, PT_GPR15 1159 }; 1160 1161 if (upeek(tcp->pid, PT_PSWADDR, &psw) < 0) 1162 return -1; 1163 errno = 0; 1164 opcode = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)(psw - sizeof(long)), 0); 1165 if (errno) { 1166 perror_msg("peektext(psw-oneword)"); 1167 return -1; 1168 } 1169 1170 /* 1171 * We have to check if the SVC got executed directly or via an 1172 * EXECUTE instruction. In case of EXECUTE it is necessary to do 1173 * instruction decoding to derive the system call number. 1174 * Unfortunately the opcode sizes of EXECUTE and SVC are differently, 1175 * so that this doesn't work if a SVC opcode is part of an EXECUTE 1176 * opcode. Since there is no way to find out the opcode size this 1177 * is the best we can do... 1178 */ 1179 if ((opcode & 0xff00) == 0x0a00) { 1180 /* SVC opcode */ 1181 scno = opcode & 0xff; 1182 } 1183 else { 1184 /* SVC got executed by EXECUTE instruction */ 1185 1186 /* 1187 * Do instruction decoding of EXECUTE. If you really want to 1188 * understand this, read the Principles of Operations. 1189 */ 1190 svc_addr = (void *) (opcode & 0xfff); 1191 1192 tmp = 0; 1193 offset_reg = (opcode & 0x000f0000) >> 16; 1194 if (offset_reg && (upeek(tcp->pid, gpr_offset[offset_reg], &tmp) < 0)) 1195 return -1; 1196 svc_addr += tmp; 1197 1198 tmp = 0; 1199 offset_reg = (opcode & 0x0000f000) >> 12; 1200 if (offset_reg && (upeek(tcp->pid, gpr_offset[offset_reg], &tmp) < 0)) 1201 return -1; 1202 svc_addr += tmp; 1203 1204 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, svc_addr, 0); 1205 if (errno) 1206 return -1; 1207# if defined(S390X) 1208 scno >>= 48; 1209# else 1210 scno >>= 16; 1211# endif 1212 tmp = 0; 1213 offset_reg = (opcode & 0x00f00000) >> 20; 1214 if (offset_reg && (upeek(tcp->pid, gpr_offset[offset_reg], &tmp) < 0)) 1215 return -1; 1216 1217 scno = (scno | tmp) & 0xff; 1218 } 1219 } 1220#elif defined(POWERPC) 1221 scno = ppc_regs.gpr[0]; 1222# ifdef POWERPC64 1223 unsigned int currpers; 1224 1225 /* 1226 * Check for 64/32 bit mode. 1227 * Embedded implementations covered by Book E extension of PPC use 1228 * bit 0 (CM) of 32-bit Machine state register (MSR). 1229 * Other implementations use bit 0 (SF) of 64-bit MSR. 1230 */ 1231 currpers = (ppc_regs.msr & 0x8000000080000000) ? 0 : 1; 1232 update_personality(tcp, currpers); 1233# endif 1234#elif defined(AVR32) 1235 scno = avr32_regs.r8; 1236#elif defined(BFIN) 1237 if (upeek(tcp->pid, PT_ORIG_P0, &scno)) 1238 return -1; 1239#elif defined(I386) 1240 scno = i386_regs.orig_eax; 1241#elif defined(X86_64) || defined(X32) 1242# ifndef __X32_SYSCALL_BIT 1243# define __X32_SYSCALL_BIT 0x40000000 1244# endif 1245 unsigned int currpers; 1246# if 1 1247 /* GETREGSET of NT_PRSTATUS tells us regset size, 1248 * which unambiguously detects i386. 1249 * 1250 * Linux kernel distinguishes x86-64 and x32 processes 1251 * solely by looking at __X32_SYSCALL_BIT: 1252 * arch/x86/include/asm/compat.h::is_x32_task(): 1253 * if (task_pt_regs(current)->orig_ax & __X32_SYSCALL_BIT) 1254 * return true; 1255 */ 1256 if (x86_io.iov_len == sizeof(i386_regs)) { 1257 scno = i386_regs.orig_eax; 1258 currpers = 1; 1259 } else { 1260 scno = x86_64_regs.orig_rax; 1261 currpers = 0; 1262 if (scno & __X32_SYSCALL_BIT) { 1263 /* 1264 * Syscall number -1 requires special treatment: 1265 * it might be a side effect of SECCOMP_RET_ERRNO 1266 * filtering that sets orig_rax to -1 1267 * in some versions of linux kernel. 1268 * If that is the case, then 1269 * __X32_SYSCALL_BIT logic does not apply. 1270 */ 1271 if ((long long) x86_64_regs.orig_rax != -1) { 1272 scno -= __X32_SYSCALL_BIT; 1273 currpers = 2; 1274 } else { 1275# ifdef X32 1276 currpers = 2; 1277# endif 1278 } 1279 } 1280 } 1281# elif 0 1282 /* cs = 0x33 for long mode (native 64 bit and x32) 1283 * cs = 0x23 for compatibility mode (32 bit) 1284 * ds = 0x2b for x32 mode (x86-64 in 32 bit) 1285 */ 1286 scno = x86_64_regs.orig_rax; 1287 switch (x86_64_regs.cs) { 1288 case 0x23: currpers = 1; break; 1289 case 0x33: 1290 if (x86_64_regs.ds == 0x2b) { 1291 currpers = 2; 1292 scno &= ~__X32_SYSCALL_BIT; 1293 } else 1294 currpers = 0; 1295 break; 1296 default: 1297 fprintf(stderr, "Unknown value CS=0x%08X while " 1298 "detecting personality of process " 1299 "PID=%d\n", (int)x86_64_regs.cs, tcp->pid); 1300 currpers = current_personality; 1301 break; 1302 } 1303# elif 0 1304 /* This version analyzes the opcode of a syscall instruction. 1305 * (int 0x80 on i386 vs. syscall on x86-64) 1306 * It works, but is too complicated, and strictly speaking, unreliable. 1307 */ 1308 unsigned long call, rip = x86_64_regs.rip; 1309 /* sizeof(syscall) == sizeof(int 0x80) == 2 */ 1310 rip -= 2; 1311 errno = 0; 1312 call = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)rip, (char *)0); 1313 if (errno) 1314 fprintf(stderr, "ptrace_peektext failed: %s\n", 1315 strerror(errno)); 1316 switch (call & 0xffff) { 1317 /* x86-64: syscall = 0x0f 0x05 */ 1318 case 0x050f: currpers = 0; break; 1319 /* i386: int 0x80 = 0xcd 0x80 */ 1320 case 0x80cd: currpers = 1; break; 1321 default: 1322 currpers = current_personality; 1323 fprintf(stderr, 1324 "Unknown syscall opcode (0x%04X) while " 1325 "detecting personality of process " 1326 "PID=%d\n", (int)call, tcp->pid); 1327 break; 1328 } 1329# endif 1330 1331# ifdef X32 1332 /* If we are built for a x32 system, then personality 0 is x32 1333 * (not x86_64), and stracing of x86_64 apps is not supported. 1334 * Stracing of i386 apps is still supported. 1335 */ 1336 if (currpers == 0) { 1337 fprintf(stderr, "syscall_%lu(...) in unsupported " 1338 "64-bit mode of process PID=%d\n", 1339 scno, tcp->pid); 1340 return 0; 1341 } 1342 currpers &= ~2; /* map 2,1 to 0,1 */ 1343# endif 1344 update_personality(tcp, currpers); 1345#elif defined(IA64) 1346# define IA64_PSR_IS ((long)1 << 34) 1347 long psr; 1348 if (upeek(tcp->pid, PT_CR_IPSR, &psr) >= 0) 1349 ia64_ia32mode = ((psr & IA64_PSR_IS) != 0); 1350 if (ia64_ia32mode) { 1351 if (upeek(tcp->pid, PT_R1, &scno) < 0) 1352 return -1; 1353 } else { 1354 if (upeek(tcp->pid, PT_R15, &scno) < 0) 1355 return -1; 1356 } 1357#elif defined(AARCH64) 1358 switch (aarch64_io.iov_len) { 1359 case sizeof(aarch64_regs): 1360 /* We are in 64-bit mode */ 1361 scno = aarch64_regs.regs[8]; 1362 update_personality(tcp, 1); 1363 break; 1364 case sizeof(arm_regs): 1365 /* We are in 32-bit mode */ 1366 /* Note: we don't support OABI, unlike 32-bit ARM build */ 1367 scno = arm_regs.ARM_r7; 1368 scno = shuffle_scno(scno); 1369 update_personality(tcp, 0); 1370 break; 1371 } 1372#elif defined(ARM) 1373 if (arm_regs.ARM_ip != 0) { 1374 /* It is not a syscall entry */ 1375 fprintf(stderr, "pid %d stray syscall exit\n", tcp->pid); 1376 tcp->flags |= TCB_INSYSCALL; 1377 return 0; 1378 } 1379 /* Note: we support only 32-bit CPUs, not 26-bit */ 1380 1381# if !defined(__ARM_EABI__) || ENABLE_ARM_OABI 1382 if (arm_regs.ARM_cpsr & 0x20) 1383 /* Thumb mode */ 1384 goto scno_in_r7; 1385 /* ARM mode */ 1386 /* Check EABI/OABI by examining SVC insn's low 24 bits */ 1387 errno = 0; 1388 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, (void *)(arm_regs.ARM_pc - 4), NULL); 1389 if (errno) 1390 return -1; 1391 /* EABI syscall convention? */ 1392 if ((unsigned long) scno != 0xef000000) { 1393 /* No, it's OABI */ 1394 if ((scno & 0x0ff00000) != 0x0f900000) { 1395 fprintf(stderr, "pid %d unknown syscall trap 0x%08lx\n", 1396 tcp->pid, scno); 1397 return -1; 1398 } 1399 /* Fixup the syscall number */ 1400 scno &= 0x000fffff; 1401 } else { 1402 scno_in_r7: 1403 scno = arm_regs.ARM_r7; 1404 } 1405# else /* __ARM_EABI__ || !ENABLE_ARM_OABI */ 1406 scno = arm_regs.ARM_r7; 1407# endif 1408 scno = shuffle_scno(scno); 1409#elif defined(M68K) 1410 if (upeek(tcp->pid, 4*PT_ORIG_D0, &scno) < 0) 1411 return -1; 1412#elif defined(LINUX_MIPSN32) 1413 unsigned long long regs[38]; 1414 1415 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0) 1416 return -1; 1417 mips_a3 = regs[REG_A3]; 1418 mips_r2 = regs[REG_V0]; 1419 1420 scno = mips_r2; 1421 if (!SCNO_IN_RANGE(scno)) { 1422 if (mips_a3 == 0 || mips_a3 == -1) { 1423 if (debug_flag) 1424 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno); 1425 return 0; 1426 } 1427 } 1428#elif defined(MIPS) 1429 if (upeek(tcp->pid, REG_A3, &mips_a3) < 0) 1430 return -1; 1431 if (upeek(tcp->pid, REG_V0, &scno) < 0) 1432 return -1; 1433 1434 if (!SCNO_IN_RANGE(scno)) { 1435 if (mips_a3 == 0 || mips_a3 == -1) { 1436 if (debug_flag) 1437 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno); 1438 return 0; 1439 } 1440 } 1441#elif defined(ALPHA) 1442 if (upeek(tcp->pid, REG_A3, &alpha_a3) < 0) 1443 return -1; 1444 if (upeek(tcp->pid, REG_R0, &scno) < 0) 1445 return -1; 1446 1447 /* 1448 * Do some sanity checks to figure out if it's 1449 * really a syscall entry 1450 */ 1451 if (!SCNO_IN_RANGE(scno)) { 1452 if (alpha_a3 == 0 || alpha_a3 == -1) { 1453 if (debug_flag) 1454 fprintf(stderr, "stray syscall exit: r0 = %ld\n", scno); 1455 return 0; 1456 } 1457 } 1458#elif defined(SPARC) || defined(SPARC64) 1459 /* Disassemble the syscall trap. */ 1460 /* Retrieve the syscall trap instruction. */ 1461 unsigned long trap; 1462 errno = 0; 1463# if defined(SPARC64) 1464 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)sparc_regs.tpc, 0); 1465 trap >>= 32; 1466# else 1467 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)sparc_regs.pc, 0); 1468# endif 1469 if (errno) 1470 return -1; 1471 1472 /* Disassemble the trap to see what personality to use. */ 1473 switch (trap) { 1474 case 0x91d02010: 1475 /* Linux/SPARC syscall trap. */ 1476 update_personality(tcp, 0); 1477 break; 1478 case 0x91d0206d: 1479 /* Linux/SPARC64 syscall trap. */ 1480 update_personality(tcp, 2); 1481 break; 1482 case 0x91d02000: 1483 /* SunOS syscall trap. (pers 1) */ 1484 fprintf(stderr, "syscall: SunOS no support\n"); 1485 return -1; 1486 case 0x91d02008: 1487 /* Solaris 2.x syscall trap. (per 2) */ 1488 update_personality(tcp, 1); 1489 break; 1490 case 0x91d02009: 1491 /* NetBSD/FreeBSD syscall trap. */ 1492 fprintf(stderr, "syscall: NetBSD/FreeBSD not supported\n"); 1493 return -1; 1494 case 0x91d02027: 1495 /* Solaris 2.x gettimeofday */ 1496 update_personality(tcp, 1); 1497 break; 1498 default: 1499# if defined(SPARC64) 1500 fprintf(stderr, "syscall: unknown syscall trap %08lx %016lx\n", trap, sparc_regs.tpc); 1501# else 1502 fprintf(stderr, "syscall: unknown syscall trap %08lx %08lx\n", trap, sparc_regs.pc); 1503# endif 1504 return -1; 1505 } 1506 1507 /* Extract the system call number from the registers. */ 1508 if (trap == 0x91d02027) 1509 scno = 156; 1510 else 1511 scno = sparc_regs.u_regs[U_REG_G1]; 1512 if (scno == 0) { 1513 scno = sparc_regs.u_regs[U_REG_O0]; 1514 memmove(&sparc_regs.u_regs[U_REG_O0], &sparc_regs.u_regs[U_REG_O1], 7*sizeof(sparc_regs.u_regs[0])); 1515 } 1516#elif defined(HPPA) 1517 if (upeek(tcp->pid, PT_GR20, &scno) < 0) 1518 return -1; 1519#elif defined(SH) 1520 /* 1521 * In the new syscall ABI, the system call number is in R3. 1522 */ 1523 if (upeek(tcp->pid, 4*(REG_REG0+3), &scno) < 0) 1524 return -1; 1525 1526 if (scno < 0) { 1527 /* Odd as it may seem, a glibc bug has been known to cause 1528 glibc to issue bogus negative syscall numbers. So for 1529 our purposes, make strace print what it *should* have been */ 1530 long correct_scno = (scno & 0xff); 1531 if (debug_flag) 1532 fprintf(stderr, 1533 "Detected glibc bug: bogus system call" 1534 " number = %ld, correcting to %ld\n", 1535 scno, 1536 correct_scno); 1537 scno = correct_scno; 1538 } 1539#elif defined(SH64) 1540 if (upeek(tcp->pid, REG_SYSCALL, &scno) < 0) 1541 return -1; 1542 scno &= 0xFFFF; 1543#elif defined(CRISV10) || defined(CRISV32) 1544 if (upeek(tcp->pid, 4*PT_R9, &scno) < 0) 1545 return -1; 1546#elif defined(TILE) 1547 unsigned int currpers; 1548 scno = tile_regs.regs[10]; 1549# ifdef __tilepro__ 1550 currpers = 1; 1551# else 1552# ifndef PT_FLAGS_COMPAT 1553# define PT_FLAGS_COMPAT 0x10000 /* from Linux 3.8 on */ 1554# endif 1555 if (tile_regs.flags & PT_FLAGS_COMPAT) 1556 currpers = 1; 1557 else 1558 currpers = 0; 1559# endif 1560 update_personality(tcp, currpers); 1561#elif defined(MICROBLAZE) 1562 if (upeek(tcp->pid, 0, &scno) < 0) 1563 return -1; 1564#elif defined(OR1K) 1565 scno = or1k_regs.gpr[11]; 1566#elif defined(METAG) 1567 scno = metag_regs.dx[0][1]; /* syscall number in D1Re0 (D1.0) */ 1568#elif defined(XTENSA) 1569 if (upeek(tcp->pid, SYSCALL_NR, &scno) < 0) 1570 return -1; 1571# elif defined(ARC) 1572 scno = arc_regs.scratch.r8; 1573#endif 1574 1575 tcp->scno = scno; 1576 if (SCNO_IS_VALID(tcp->scno)) { 1577 tcp->s_ent = &sysent[scno]; 1578 tcp->qual_flg = qual_flags[scno]; 1579 } else { 1580 static const struct_sysent unknown = { 1581 .nargs = MAX_ARGS, 1582 .sys_flags = 0, 1583 .sys_func = printargs, 1584 .sys_name = "unknown", /* not used */ 1585 }; 1586 tcp->s_ent = &unknown; 1587 tcp->qual_flg = UNDEFINED_SCNO | QUAL_RAW | DEFAULT_QUAL_FLAGS; 1588 } 1589 return 1; 1590} 1591 1592/* 1593 * Cannot rely on __kernel_[u]long_t being defined, 1594 * it is quite a recent feature of <asm/posix_types.h>. 1595 */ 1596#ifdef __kernel_long_t 1597typedef __kernel_long_t kernel_long_t; 1598typedef __kernel_ulong_t kernel_ulong_t; 1599#else 1600# ifdef X32 1601typedef long long kernel_long_t; 1602typedef unsigned long long kernel_ulong_t; 1603# else 1604typedef long kernel_long_t; 1605typedef unsigned long kernel_ulong_t; 1606# endif 1607#endif 1608 1609/* 1610 * Check the syscall return value register value for whether it is 1611 * a negated errno code indicating an error, or a success return value. 1612 */ 1613static inline bool 1614is_negated_errno(kernel_ulong_t val) 1615{ 1616 /* 1617 * Thanks to SECCOMP_RET_DATA == 0xffff, abnormally large errno 1618 * values could be easily seen when a seccomp filter is used, e.g. 1619 * BPF_STMT(BPF_RET, SECCOMP_RET_ERRNO | SECCOMP_RET_DATA) 1620 */ 1621 kernel_ulong_t max = -(kernel_long_t) 0x10000; /* SECCOMP_RET_DATA + 1 */ 1622 1623#if SUPPORTED_PERSONALITIES > 1 && SIZEOF_LONG > 4 1624 if (current_wordsize < sizeof(val)) { 1625 val = (uint32_t) val; 1626 max = (uint32_t) max; 1627 } 1628#elif defined X32 1629 /* 1630 * current_wordsize is 4 even in personality 0 (native X32) 1631 * but truncation _must not_ be done in it. 1632 * can't check current_wordsize here! 1633 */ 1634 if (current_personality != 0) { 1635 val = (uint32_t) val; 1636 max = (uint32_t) max; 1637 } 1638#endif 1639 1640 return val > max; 1641} 1642 1643/* Called at each syscall entry. 1644 * Returns: 1645 * 0: "ignore this ptrace stop", bail out of trace_syscall_entering() silently. 1646 * 1: ok, continue in trace_syscall_entering(). 1647 * other: error, trace_syscall_entering() should print error indicator 1648 * ("????" etc) and bail out. 1649 */ 1650static int 1651syscall_fixup_on_sysenter(struct tcb *tcp) 1652{ 1653 /* Do we have post-execve SIGTRAP suppressed? */ 1654 if (ptrace_setoptions & PTRACE_O_TRACEEXEC) 1655 return 1; 1656 1657 /* 1658 * No, unfortunately. Apply -ENOSYS heuristics. 1659 * We don't have to workaround SECCOMP_RET_ERRNO side effects 1660 * because any kernel with SECCOMP_RET_ERRNO support surely 1661 * implements PTRACE_O_TRACEEXEC. 1662 */ 1663#if defined(I386) 1664 if (i386_regs.eax != -ENOSYS) { 1665 if (debug_flag) 1666 fprintf(stderr, "not a syscall entry (eax = %ld)\n", 1667 i386_regs.eax); 1668 return 0; 1669 } 1670#elif defined(X86_64) || defined(X32) 1671 if (x86_io.iov_len == sizeof(i386_regs)) { 1672 if ((int) i386_regs.eax != -ENOSYS) { 1673 if (debug_flag) 1674 fprintf(stderr, 1675 "not a syscall entry (eax = %d)\n", 1676 (int) i386_regs.eax); 1677 return 0; 1678 } 1679 } else { 1680 if ((long long) x86_64_regs.rax != -ENOSYS) { 1681 if (debug_flag) 1682 fprintf(stderr, 1683 "not a syscall entry (rax = %lld)\n", 1684 (long long) x86_64_regs.rax); 1685 return 0; 1686 } 1687 } 1688#elif defined(M68K) 1689 /* TODO? Eliminate upeek's in arches below like we did in x86 */ 1690 if (upeek(tcp->pid, 4*PT_D0, &m68k_d0) < 0) 1691 return -1; 1692 if (m68k_d0 != -ENOSYS) { 1693 if (debug_flag) 1694 fprintf(stderr, "not a syscall entry (d0 = %ld)\n", m68k_d0); 1695 return 0; 1696 } 1697#elif defined(IA64) 1698 if (upeek(tcp->pid, PT_R10, &ia64_r10) < 0) 1699 return -1; 1700 if (upeek(tcp->pid, PT_R8, &ia64_r8) < 0) 1701 return -1; 1702 if (ia64_ia32mode && ia64_r8 != -ENOSYS) { 1703 if (debug_flag) 1704 fprintf(stderr, "not a syscall entry (r8 = %ld)\n", ia64_r8); 1705 return 0; 1706 } 1707#elif defined(CRISV10) || defined(CRISV32) 1708 if (upeek(tcp->pid, 4*PT_R10, &cris_r10) < 0) 1709 return -1; 1710 if (cris_r10 != -ENOSYS) { 1711 if (debug_flag) 1712 fprintf(stderr, "not a syscall entry (r10 = %ld)\n", cris_r10); 1713 return 0; 1714 } 1715#elif defined(MICROBLAZE) 1716 if (upeek(tcp->pid, 3 * 4, µblaze_r3) < 0) 1717 return -1; 1718 if (microblaze_r3 != -ENOSYS) { 1719 if (debug_flag) 1720 fprintf(stderr, "not a syscall entry (r3 = %ld)\n", microblaze_r3); 1721 return 0; 1722 } 1723#endif 1724 return 1; 1725} 1726 1727static void 1728internal_fork(struct tcb *tcp) 1729{ 1730#if defined S390 || defined S390X || defined CRISV10 || defined CRISV32 1731# define ARG_FLAGS 1 1732#else 1733# define ARG_FLAGS 0 1734#endif 1735#ifndef CLONE_UNTRACED 1736# define CLONE_UNTRACED 0x00800000 1737#endif 1738 if ((ptrace_setoptions 1739 & (PTRACE_O_TRACECLONE | PTRACE_O_TRACEFORK | PTRACE_O_TRACEVFORK)) 1740 == (PTRACE_O_TRACECLONE | PTRACE_O_TRACEFORK | PTRACE_O_TRACEVFORK)) 1741 return; 1742 1743 if (!followfork) 1744 return; 1745 1746 if (entering(tcp)) { 1747 /* 1748 * We won't see the new child if clone is called with 1749 * CLONE_UNTRACED, so we keep the same logic with that option 1750 * and don't trace it. 1751 */ 1752 if ((tcp->s_ent->sys_func == sys_clone) 1753 && (tcp->u_arg[ARG_FLAGS] & CLONE_UNTRACED) 1754 ) 1755 return; 1756 setbpt(tcp); 1757 } else { 1758 if (tcp->flags & TCB_BPTSET) 1759 clearbpt(tcp); 1760 } 1761} 1762 1763#if defined(TCB_WAITEXECVE) 1764static void 1765internal_exec(struct tcb *tcp) 1766{ 1767 /* Maybe we have post-execve SIGTRAP suppressed? */ 1768 if (ptrace_setoptions & PTRACE_O_TRACEEXEC) 1769 return; /* yes, no need to do anything */ 1770 1771 if (exiting(tcp) && syserror(tcp)) 1772 /* Error in execve, no post-execve SIGTRAP expected */ 1773 tcp->flags &= ~TCB_WAITEXECVE; 1774 else 1775 tcp->flags |= TCB_WAITEXECVE; 1776} 1777#endif 1778 1779static void 1780syscall_fixup_for_fork_exec(struct tcb *tcp) 1781{ 1782 /* 1783 * We must always trace a few critical system calls in order to 1784 * correctly support following forks in the presence of tracing 1785 * qualifiers. 1786 */ 1787 int (*func)(); 1788 1789 func = tcp->s_ent->sys_func; 1790 1791 if ( sys_fork == func 1792 || sys_clone == func 1793 ) { 1794 internal_fork(tcp); 1795 return; 1796 } 1797 1798#if defined(TCB_WAITEXECVE) 1799 if ( sys_execve == func 1800# if defined(SPARC) || defined(SPARC64) 1801 || sys_execv == func 1802# endif 1803 ) { 1804 internal_exec(tcp); 1805 return; 1806 } 1807#endif 1808} 1809 1810/* Return -1 on error or 1 on success (never 0!) */ 1811static int 1812get_syscall_args(struct tcb *tcp) 1813{ 1814 int i, nargs; 1815 1816 nargs = tcp->s_ent->nargs; 1817 1818#if defined(S390) || defined(S390X) 1819 for (i = 0; i < nargs; ++i) 1820 if (upeek(tcp->pid, i==0 ? PT_ORIGGPR2 : PT_GPR2 + i*sizeof(long), &tcp->u_arg[i]) < 0) 1821 return -1; 1822#elif defined(ALPHA) 1823 for (i = 0; i < nargs; ++i) 1824 if (upeek(tcp->pid, REG_A0+i, &tcp->u_arg[i]) < 0) 1825 return -1; 1826#elif defined(IA64) 1827 if (!ia64_ia32mode) { 1828 unsigned long *out0, cfm, sof, sol; 1829 long rbs_end; 1830 /* be backwards compatible with kernel < 2.4.4... */ 1831# ifndef PT_RBS_END 1832# define PT_RBS_END PT_AR_BSP 1833# endif 1834 1835 if (upeek(tcp->pid, PT_RBS_END, &rbs_end) < 0) 1836 return -1; 1837 if (upeek(tcp->pid, PT_CFM, (long *) &cfm) < 0) 1838 return -1; 1839 1840 sof = (cfm >> 0) & 0x7f; 1841 sol = (cfm >> 7) & 0x7f; 1842 out0 = ia64_rse_skip_regs((unsigned long *) rbs_end, -sof + sol); 1843 1844 for (i = 0; i < nargs; ++i) { 1845 if (umoven(tcp, (unsigned long) ia64_rse_skip_regs(out0, i), 1846 sizeof(long), (char *) &tcp->u_arg[i]) < 0) 1847 return -1; 1848 } 1849 } else { 1850 static const int argreg[MAX_ARGS] = { PT_R11 /* EBX = out0 */, 1851 PT_R9 /* ECX = out1 */, 1852 PT_R10 /* EDX = out2 */, 1853 PT_R14 /* ESI = out3 */, 1854 PT_R15 /* EDI = out4 */, 1855 PT_R13 /* EBP = out5 */}; 1856 1857 for (i = 0; i < nargs; ++i) { 1858 if (upeek(tcp->pid, argreg[i], &tcp->u_arg[i]) < 0) 1859 return -1; 1860 /* truncate away IVE sign-extension */ 1861 tcp->u_arg[i] &= 0xffffffff; 1862 } 1863 } 1864#elif defined(LINUX_MIPSN32) || defined(LINUX_MIPSN64) 1865 /* N32 and N64 both use up to six registers. */ 1866 unsigned long long regs[38]; 1867 1868 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0) 1869 return -1; 1870 1871 for (i = 0; i < nargs; ++i) { 1872 tcp->u_arg[i] = regs[REG_A0 + i]; 1873# if defined(LINUX_MIPSN32) 1874 tcp->ext_arg[i] = regs[REG_A0 + i]; 1875# endif 1876 } 1877#elif defined(MIPS) 1878 if (nargs > 4) { 1879 long sp; 1880 1881 if (upeek(tcp->pid, REG_SP, &sp) < 0) 1882 return -1; 1883 for (i = 0; i < 4; ++i) 1884 if (upeek(tcp->pid, REG_A0 + i, &tcp->u_arg[i]) < 0) 1885 return -1; 1886 umoven(tcp, sp + 16, (nargs - 4) * sizeof(tcp->u_arg[0]), 1887 (char *)(tcp->u_arg + 4)); 1888 } else { 1889 for (i = 0; i < nargs; ++i) 1890 if (upeek(tcp->pid, REG_A0 + i, &tcp->u_arg[i]) < 0) 1891 return -1; 1892 } 1893#elif defined(POWERPC) 1894 (void)i; 1895 (void)nargs; 1896 tcp->u_arg[0] = ppc_regs.orig_gpr3; 1897 tcp->u_arg[1] = ppc_regs.gpr[4]; 1898 tcp->u_arg[2] = ppc_regs.gpr[5]; 1899 tcp->u_arg[3] = ppc_regs.gpr[6]; 1900 tcp->u_arg[4] = ppc_regs.gpr[7]; 1901 tcp->u_arg[5] = ppc_regs.gpr[8]; 1902#elif defined(SPARC) || defined(SPARC64) 1903 for (i = 0; i < nargs; ++i) 1904 tcp->u_arg[i] = sparc_regs.u_regs[U_REG_O0 + i]; 1905#elif defined(HPPA) 1906 for (i = 0; i < nargs; ++i) 1907 if (upeek(tcp->pid, PT_GR26-4*i, &tcp->u_arg[i]) < 0) 1908 return -1; 1909#elif defined(ARM) || defined(AARCH64) 1910# if defined(AARCH64) 1911 if (tcp->currpers == 1) 1912 for (i = 0; i < nargs; ++i) 1913 tcp->u_arg[i] = aarch64_regs.regs[i]; 1914 else 1915# endif 1916 for (i = 0; i < nargs; ++i) 1917 tcp->u_arg[i] = arm_regs.uregs[i]; 1918#elif defined(AVR32) 1919 (void)i; 1920 (void)nargs; 1921 tcp->u_arg[0] = avr32_regs.r12; 1922 tcp->u_arg[1] = avr32_regs.r11; 1923 tcp->u_arg[2] = avr32_regs.r10; 1924 tcp->u_arg[3] = avr32_regs.r9; 1925 tcp->u_arg[4] = avr32_regs.r5; 1926 tcp->u_arg[5] = avr32_regs.r3; 1927#elif defined(BFIN) 1928 static const int argreg[MAX_ARGS] = { PT_R0, PT_R1, PT_R2, PT_R3, PT_R4, PT_R5 }; 1929 1930 for (i = 0; i < nargs; ++i) 1931 if (upeek(tcp->pid, argreg[i], &tcp->u_arg[i]) < 0) 1932 return -1; 1933#elif defined(SH) 1934 static const int syscall_regs[MAX_ARGS] = { 1935 4 * (REG_REG0+4), 4 * (REG_REG0+5), 4 * (REG_REG0+6), 1936 4 * (REG_REG0+7), 4 * (REG_REG0 ), 4 * (REG_REG0+1) 1937 }; 1938 1939 for (i = 0; i < nargs; ++i) 1940 if (upeek(tcp->pid, syscall_regs[i], &tcp->u_arg[i]) < 0) 1941 return -1; 1942#elif defined(SH64) 1943 int i; 1944 /* Registers used by SH5 Linux system calls for parameters */ 1945 static const int syscall_regs[MAX_ARGS] = { 2, 3, 4, 5, 6, 7 }; 1946 1947 for (i = 0; i < nargs; ++i) 1948 if (upeek(tcp->pid, REG_GENERAL(syscall_regs[i]), &tcp->u_arg[i]) < 0) 1949 return -1; 1950#elif defined(I386) 1951 (void)i; 1952 (void)nargs; 1953 tcp->u_arg[0] = i386_regs.ebx; 1954 tcp->u_arg[1] = i386_regs.ecx; 1955 tcp->u_arg[2] = i386_regs.edx; 1956 tcp->u_arg[3] = i386_regs.esi; 1957 tcp->u_arg[4] = i386_regs.edi; 1958 tcp->u_arg[5] = i386_regs.ebp; 1959#elif defined(X86_64) || defined(X32) 1960 (void)i; 1961 (void)nargs; 1962 if (x86_io.iov_len != sizeof(i386_regs)) { 1963 /* x86-64 or x32 ABI */ 1964 tcp->u_arg[0] = x86_64_regs.rdi; 1965 tcp->u_arg[1] = x86_64_regs.rsi; 1966 tcp->u_arg[2] = x86_64_regs.rdx; 1967 tcp->u_arg[3] = x86_64_regs.r10; 1968 tcp->u_arg[4] = x86_64_regs.r8; 1969 tcp->u_arg[5] = x86_64_regs.r9; 1970# ifdef X32 1971 tcp->ext_arg[0] = x86_64_regs.rdi; 1972 tcp->ext_arg[1] = x86_64_regs.rsi; 1973 tcp->ext_arg[2] = x86_64_regs.rdx; 1974 tcp->ext_arg[3] = x86_64_regs.r10; 1975 tcp->ext_arg[4] = x86_64_regs.r8; 1976 tcp->ext_arg[5] = x86_64_regs.r9; 1977# endif 1978 } else { 1979 /* i386 ABI */ 1980 /* Zero-extend from 32 bits */ 1981 /* Use widen_to_long(tcp->u_arg[N]) in syscall handlers 1982 * if you need to use *sign-extended* parameter. 1983 */ 1984 tcp->u_arg[0] = (long)(uint32_t)i386_regs.ebx; 1985 tcp->u_arg[1] = (long)(uint32_t)i386_regs.ecx; 1986 tcp->u_arg[2] = (long)(uint32_t)i386_regs.edx; 1987 tcp->u_arg[3] = (long)(uint32_t)i386_regs.esi; 1988 tcp->u_arg[4] = (long)(uint32_t)i386_regs.edi; 1989 tcp->u_arg[5] = (long)(uint32_t)i386_regs.ebp; 1990 } 1991#elif defined(MICROBLAZE) 1992 for (i = 0; i < nargs; ++i) 1993 if (upeek(tcp->pid, (5 + i) * 4, &tcp->u_arg[i]) < 0) 1994 return -1; 1995#elif defined(CRISV10) || defined(CRISV32) 1996 static const int crisregs[MAX_ARGS] = { 1997 4*PT_ORIG_R10, 4*PT_R11, 4*PT_R12, 1998 4*PT_R13 , 4*PT_MOF, 4*PT_SRP 1999 }; 2000 2001 for (i = 0; i < nargs; ++i) 2002 if (upeek(tcp->pid, crisregs[i], &tcp->u_arg[i]) < 0) 2003 return -1; 2004#elif defined(TILE) 2005 for (i = 0; i < nargs; ++i) 2006 tcp->u_arg[i] = tile_regs.regs[i]; 2007#elif defined(M68K) 2008 for (i = 0; i < nargs; ++i) 2009 if (upeek(tcp->pid, (i < 5 ? i : i + 2)*4, &tcp->u_arg[i]) < 0) 2010 return -1; 2011#elif defined(OR1K) 2012 (void)nargs; 2013 for (i = 0; i < 6; ++i) 2014 tcp->u_arg[i] = or1k_regs.gpr[3 + i]; 2015#elif defined(METAG) 2016 for (i = 0; i < nargs; i++) 2017 /* arguments go backwards from D1Ar1 (D1.3) */ 2018 tcp->u_arg[i] = ((unsigned long *)&metag_regs.dx[3][1])[-i]; 2019#elif defined(XTENSA) 2020 /* arg0: a6, arg1: a3, arg2: a4, arg3: a5, arg4: a8, arg5: a9 */ 2021 static const int xtensaregs[MAX_ARGS] = { 6, 3, 4, 5, 8, 9 }; 2022 for (i = 0; i < nargs; ++i) 2023 if (upeek(tcp->pid, REG_A_BASE + xtensaregs[i], &tcp->u_arg[i]) < 0) 2024 return -1; 2025# elif defined(ARC) 2026 long *arc_args = &arc_regs.scratch.r0; 2027 for (i = 0; i < nargs; ++i) 2028 tcp->u_arg[i] = *arc_args--; 2029 2030#else /* Other architecture (32bits specific) */ 2031 for (i = 0; i < nargs; ++i) 2032 if (upeek(tcp->pid, i*4, &tcp->u_arg[i]) < 0) 2033 return -1; 2034#endif 2035 return 1; 2036} 2037 2038static int 2039trace_syscall_entering(struct tcb *tcp) 2040{ 2041 int res, scno_good; 2042 2043#if defined TCB_WAITEXECVE 2044 if (tcp->flags & TCB_WAITEXECVE) { 2045 /* This is the post-execve SIGTRAP. */ 2046 tcp->flags &= ~TCB_WAITEXECVE; 2047 return 0; 2048 } 2049#endif 2050 2051 scno_good = res = (get_regs_error ? -1 : get_scno(tcp)); 2052 if (res == 0) 2053 return res; 2054 if (res == 1) { 2055 res = syscall_fixup_on_sysenter(tcp); 2056 if (res == 0) 2057 return res; 2058 if (res == 1) 2059 res = get_syscall_args(tcp); 2060 } 2061 2062 if (res != 1) { 2063 printleader(tcp); 2064 if (scno_good != 1) 2065 tprints("????" /* anti-trigraph gap */ "("); 2066 else if (tcp->qual_flg & UNDEFINED_SCNO) 2067 tprintf("%s(", undefined_scno_name(tcp)); 2068 else 2069 tprintf("%s(", tcp->s_ent->sys_name); 2070 /* 2071 * " <unavailable>" will be added later by the code which 2072 * detects ptrace errors. 2073 */ 2074 goto ret; 2075 } 2076 2077 if ( sys_execve == tcp->s_ent->sys_func 2078# if defined(SPARC) || defined(SPARC64) 2079 || sys_execv == tcp->s_ent->sys_func 2080# endif 2081 ) { 2082 hide_log_until_execve = 0; 2083 } 2084 2085#if defined(SYS_socket_subcall) || defined(SYS_ipc_subcall) 2086 while (1) { 2087# ifdef SYS_socket_subcall 2088 if (tcp->s_ent->sys_func == sys_socketcall) { 2089 decode_socket_subcall(tcp); 2090 break; 2091 } 2092# endif 2093# ifdef SYS_ipc_subcall 2094 if (tcp->s_ent->sys_func == sys_ipc) { 2095 decode_ipc_subcall(tcp); 2096 break; 2097 } 2098# endif 2099 break; 2100 } 2101#endif 2102 2103 if (need_fork_exec_workarounds) 2104 syscall_fixup_for_fork_exec(tcp); 2105 2106 if (!(tcp->qual_flg & QUAL_TRACE) 2107 || (tracing_paths && !pathtrace_match(tcp)) 2108 ) { 2109 tcp->flags |= TCB_INSYSCALL | TCB_FILTERED; 2110 return 0; 2111 } 2112 2113 tcp->flags &= ~TCB_FILTERED; 2114 2115 if (cflag == CFLAG_ONLY_STATS || hide_log_until_execve) { 2116 res = 0; 2117 goto ret; 2118 } 2119 2120#ifdef USE_LIBUNWIND 2121 if (stack_trace_enabled) { 2122 if (tcp->s_ent->sys_flags & STACKTRACE_CAPTURE_ON_ENTER) 2123 unwind_capture_stacktrace(tcp); 2124 } 2125#endif 2126 2127 printleader(tcp); 2128 if (tcp->qual_flg & UNDEFINED_SCNO) 2129 tprintf("%s(", undefined_scno_name(tcp)); 2130 else 2131 tprintf("%s(", tcp->s_ent->sys_name); 2132 if ((tcp->qual_flg & QUAL_RAW) && tcp->s_ent->sys_func != sys_exit) 2133 res = printargs(tcp); 2134 else 2135 res = tcp->s_ent->sys_func(tcp); 2136 2137 fflush(tcp->outf); 2138 ret: 2139 tcp->flags |= TCB_INSYSCALL; 2140 /* Measure the entrance time as late as possible to avoid errors. */ 2141 if (Tflag || cflag) 2142 gettimeofday(&tcp->etime, NULL); 2143 return res; 2144} 2145 2146/* Returns: 2147 * 1: ok, continue in trace_syscall_exiting(). 2148 * -1: error, trace_syscall_exiting() should print error indicator 2149 * ("????" etc) and bail out. 2150 */ 2151static int 2152get_syscall_result(struct tcb *tcp) 2153{ 2154#if defined(S390) || defined(S390X) 2155 if (upeek(tcp->pid, PT_GPR2, &s390_gpr2) < 0) 2156 return -1; 2157#elif defined(POWERPC) 2158 /* already done by get_regs */ 2159#elif defined(AVR32) 2160 /* already done by get_regs */ 2161#elif defined(BFIN) 2162 if (upeek(tcp->pid, PT_R0, &bfin_r0) < 0) 2163 return -1; 2164#elif defined(I386) 2165 /* already done by get_regs */ 2166#elif defined(X86_64) || defined(X32) 2167 /* already done by get_regs */ 2168#elif defined(IA64) 2169# define IA64_PSR_IS ((long)1 << 34) 2170 long psr; 2171 if (upeek(tcp->pid, PT_CR_IPSR, &psr) >= 0) 2172 ia64_ia32mode = ((psr & IA64_PSR_IS) != 0); 2173 if (upeek(tcp->pid, PT_R8, &ia64_r8) < 0) 2174 return -1; 2175 if (upeek(tcp->pid, PT_R10, &ia64_r10) < 0) 2176 return -1; 2177#elif defined(ARM) 2178 /* already done by get_regs */ 2179#elif defined(AARCH64) 2180 /* register reading already done by get_regs */ 2181 2182 /* Used to do this, but we did it on syscall entry already: */ 2183 /* We are in 64-bit mode (personality 1) if register struct is aarch64_regs, 2184 * else it's personality 0. 2185 */ 2186 /*update_personality(tcp, aarch64_io.iov_len == sizeof(aarch64_regs));*/ 2187#elif defined(M68K) 2188 if (upeek(tcp->pid, 4*PT_D0, &m68k_d0) < 0) 2189 return -1; 2190#elif defined(LINUX_MIPSN32) 2191 unsigned long long regs[38]; 2192 2193 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0) 2194 return -1; 2195 mips_a3 = regs[REG_A3]; 2196 mips_r2 = regs[REG_V0]; 2197#elif defined(MIPS) 2198 if (upeek(tcp->pid, REG_A3, &mips_a3) < 0) 2199 return -1; 2200 if (upeek(tcp->pid, REG_V0, &mips_r2) < 0) 2201 return -1; 2202#elif defined(ALPHA) 2203 if (upeek(tcp->pid, REG_A3, &alpha_a3) < 0) 2204 return -1; 2205 if (upeek(tcp->pid, REG_R0, &alpha_r0) < 0) 2206 return -1; 2207#elif defined(SPARC) || defined(SPARC64) 2208 /* already done by get_regs */ 2209#elif defined(HPPA) 2210 if (upeek(tcp->pid, PT_GR28, &hppa_r28) < 0) 2211 return -1; 2212#elif defined(SH) 2213 /* new syscall ABI returns result in R0 */ 2214 if (upeek(tcp->pid, 4*REG_REG0, (long *)&sh_r0) < 0) 2215 return -1; 2216#elif defined(SH64) 2217 /* ABI defines result returned in r9 */ 2218 if (upeek(tcp->pid, REG_GENERAL(9), (long *)&sh64_r9) < 0) 2219 return -1; 2220#elif defined(CRISV10) || defined(CRISV32) 2221 if (upeek(tcp->pid, 4*PT_R10, &cris_r10) < 0) 2222 return -1; 2223#elif defined(TILE) 2224 /* already done by get_regs */ 2225#elif defined(MICROBLAZE) 2226 if (upeek(tcp->pid, 3 * 4, µblaze_r3) < 0) 2227 return -1; 2228#elif defined(OR1K) 2229 /* already done by get_regs */ 2230#elif defined(METAG) 2231 /* already done by get_regs */ 2232#elif defined(XTENSA) 2233 if (upeek(tcp->pid, REG_A_BASE + 2, &xtensa_a2) < 0) 2234 return -1; 2235#elif defined(ARC) 2236 /* already done by get_regs */ 2237#endif 2238 return 1; 2239} 2240 2241/* Called at each syscall exit */ 2242static void 2243syscall_fixup_on_sysexit(struct tcb *tcp) 2244{ 2245#if defined(S390) || defined(S390X) 2246 if ((tcp->flags & TCB_WAITEXECVE) 2247 && (s390_gpr2 == -ENOSYS || s390_gpr2 == tcp->scno)) { 2248 /* 2249 * Return from execve. 2250 * Fake a return value of zero. We leave the TCB_WAITEXECVE 2251 * flag set for the post-execve SIGTRAP to see and reset. 2252 */ 2253 s390_gpr2 = 0; 2254 } 2255#endif 2256} 2257 2258/* Returns: 2259 * 1: ok, continue in trace_syscall_exiting(). 2260 * -1: error, trace_syscall_exiting() should print error indicator 2261 * ("????" etc) and bail out. 2262 */ 2263static void 2264get_error(struct tcb *tcp) 2265{ 2266 int u_error = 0; 2267 int check_errno = 1; 2268 if (tcp->s_ent->sys_flags & SYSCALL_NEVER_FAILS) { 2269 check_errno = 0; 2270 } 2271#if defined(S390) || defined(S390X) 2272 if (check_errno && is_negated_errno(s390_gpr2)) { 2273 tcp->u_rval = -1; 2274 u_error = -s390_gpr2; 2275 } 2276 else { 2277 tcp->u_rval = s390_gpr2; 2278 } 2279#elif defined(I386) 2280 if (check_errno && is_negated_errno(i386_regs.eax)) { 2281 tcp->u_rval = -1; 2282 u_error = -i386_regs.eax; 2283 } 2284 else { 2285 tcp->u_rval = i386_regs.eax; 2286 } 2287#elif defined(X86_64) || defined(X32) 2288 /* 2289 * In X32, return value is 64-bit (llseek uses one). 2290 * Using merely "long rax" would not work. 2291 */ 2292 kernel_long_t rax; 2293 2294 if (x86_io.iov_len == sizeof(i386_regs)) { 2295 /* Sign extend from 32 bits */ 2296 rax = (int32_t) i386_regs.eax; 2297 } else { 2298 rax = x86_64_regs.rax; 2299 } 2300 if (check_errno && is_negated_errno(rax)) { 2301 tcp->u_rval = -1; 2302 u_error = -rax; 2303 } 2304 else { 2305 tcp->u_rval = rax; 2306# ifdef X32 2307 /* tcp->u_rval contains a truncated value */ 2308 tcp->u_lrval = rax; 2309# endif 2310 } 2311#elif defined(IA64) 2312 if (ia64_ia32mode) { 2313 int err; 2314 2315 err = (int)ia64_r8; 2316 if (check_errno && is_negated_errno(err)) { 2317 tcp->u_rval = -1; 2318 u_error = -err; 2319 } 2320 else { 2321 tcp->u_rval = err; 2322 } 2323 } else { 2324 if (check_errno && ia64_r10) { 2325 tcp->u_rval = -1; 2326 u_error = ia64_r8; 2327 } else { 2328 tcp->u_rval = ia64_r8; 2329 } 2330 } 2331#elif defined(MIPS) 2332 if (check_errno && mips_a3) { 2333 tcp->u_rval = -1; 2334 u_error = mips_r2; 2335 } else { 2336 tcp->u_rval = mips_r2; 2337# if defined(LINUX_MIPSN32) 2338 tcp->u_lrval = mips_r2; 2339# endif 2340 } 2341#elif defined(POWERPC) 2342 if (check_errno && (ppc_regs.ccr & 0x10000000)) { 2343 tcp->u_rval = -1; 2344 u_error = ppc_regs.gpr[3]; 2345 } 2346 else { 2347 tcp->u_rval = ppc_regs.gpr[3]; 2348 } 2349#elif defined(M68K) 2350 if (check_errno && is_negated_errno(m68k_d0)) { 2351 tcp->u_rval = -1; 2352 u_error = -m68k_d0; 2353 } 2354 else { 2355 tcp->u_rval = m68k_d0; 2356 } 2357#elif defined(ARM) || defined(AARCH64) 2358# if defined(AARCH64) 2359 if (tcp->currpers == 1) { 2360 if (check_errno && is_negated_errno(aarch64_regs.regs[0])) { 2361 tcp->u_rval = -1; 2362 u_error = -aarch64_regs.regs[0]; 2363 } 2364 else { 2365 tcp->u_rval = aarch64_regs.regs[0]; 2366 } 2367 } 2368 else 2369# endif 2370 { 2371 if (check_errno && is_negated_errno(arm_regs.ARM_r0)) { 2372 tcp->u_rval = -1; 2373 u_error = -arm_regs.ARM_r0; 2374 } 2375 else { 2376 tcp->u_rval = arm_regs.ARM_r0; 2377 } 2378 } 2379#elif defined(AVR32) 2380 if (check_errno && avr32_regs.r12 && (unsigned) -avr32_regs.r12 < nerrnos) { 2381 tcp->u_rval = -1; 2382 u_error = -avr32_regs.r12; 2383 } 2384 else { 2385 tcp->u_rval = avr32_regs.r12; 2386 } 2387#elif defined(BFIN) 2388 if (check_errno && is_negated_errno(bfin_r0)) { 2389 tcp->u_rval = -1; 2390 u_error = -bfin_r0; 2391 } else { 2392 tcp->u_rval = bfin_r0; 2393 } 2394#elif defined(ALPHA) 2395 if (check_errno && alpha_a3) { 2396 tcp->u_rval = -1; 2397 u_error = alpha_r0; 2398 } 2399 else { 2400 tcp->u_rval = alpha_r0; 2401 } 2402#elif defined(SPARC) 2403 if (check_errno && sparc_regs.psr & PSR_C) { 2404 tcp->u_rval = -1; 2405 u_error = sparc_regs.u_regs[U_REG_O0]; 2406 } 2407 else { 2408 tcp->u_rval = sparc_regs.u_regs[U_REG_O0]; 2409 } 2410#elif defined(SPARC64) 2411 if (check_errno && sparc_regs.tstate & 0x1100000000UL) { 2412 tcp->u_rval = -1; 2413 u_error = sparc_regs.u_regs[U_REG_O0]; 2414 } 2415 else { 2416 tcp->u_rval = sparc_regs.u_regs[U_REG_O0]; 2417 } 2418#elif defined(HPPA) 2419 if (check_errno && is_negated_errno(hppa_r28)) { 2420 tcp->u_rval = -1; 2421 u_error = -hppa_r28; 2422 } 2423 else { 2424 tcp->u_rval = hppa_r28; 2425 } 2426#elif defined(SH) 2427 if (check_errno && is_negated_errno(sh_r0)) { 2428 tcp->u_rval = -1; 2429 u_error = -sh_r0; 2430 } 2431 else { 2432 tcp->u_rval = sh_r0; 2433 } 2434#elif defined(SH64) 2435 if (check_errno && is_negated_errno(sh64_r9)) { 2436 tcp->u_rval = -1; 2437 u_error = -sh64_r9; 2438 } 2439 else { 2440 tcp->u_rval = sh64_r9; 2441 } 2442#elif defined(METAG) 2443 /* result pointer in D0Re0 (D0.0) */ 2444 if (check_errno && is_negated_errno(metag_regs.dx[0][0])) { 2445 tcp->u_rval = -1; 2446 u_error = -metag_regs.dx[0][0]; 2447 } 2448 else { 2449 tcp->u_rval = metag_regs.dx[0][0]; 2450 } 2451#elif defined(CRISV10) || defined(CRISV32) 2452 if (check_errno && cris_r10 && (unsigned) -cris_r10 < nerrnos) { 2453 tcp->u_rval = -1; 2454 u_error = -cris_r10; 2455 } 2456 else { 2457 tcp->u_rval = cris_r10; 2458 } 2459#elif defined(TILE) 2460 /* 2461 * The standard tile calling convention returns the value (or negative 2462 * errno) in r0, and zero (or positive errno) in r1. 2463 * Until at least kernel 3.8, however, the r1 value is not reflected 2464 * in ptregs at this point, so we use r0 here. 2465 */ 2466 if (check_errno && is_negated_errno(tile_regs.regs[0])) { 2467 tcp->u_rval = -1; 2468 u_error = -tile_regs.regs[0]; 2469 } else { 2470 tcp->u_rval = tile_regs.regs[0]; 2471 } 2472#elif defined(MICROBLAZE) 2473 if (check_errno && is_negated_errno(microblaze_r3)) { 2474 tcp->u_rval = -1; 2475 u_error = -microblaze_r3; 2476 } 2477 else { 2478 tcp->u_rval = microblaze_r3; 2479 } 2480#elif defined(OR1K) 2481 if (check_errno && is_negated_errno(or1k_regs.gpr[11])) { 2482 tcp->u_rval = -1; 2483 u_error = -or1k_regs.gpr[11]; 2484 } 2485 else { 2486 tcp->u_rval = or1k_regs.gpr[11]; 2487 } 2488#elif defined(XTENSA) 2489 if (check_errno && is_negated_errno(xtensa_a2)) { 2490 tcp->u_rval = -1; 2491 u_error = -xtensa_a2; 2492 } 2493 else { 2494 tcp->u_rval = xtensa_a2; 2495 } 2496#elif defined(ARC) 2497 if (check_errno && is_negated_errno(arc_regs.scratch.r0)) { 2498 tcp->u_rval = -1; 2499 u_error = -arc_regs.scratch.r0; 2500 } 2501 else { 2502 tcp->u_rval = arc_regs.scratch.r0; 2503 } 2504#endif 2505 tcp->u_error = u_error; 2506} 2507 2508static void 2509dumpio(struct tcb *tcp) 2510{ 2511 int (*func)(); 2512 2513 if (syserror(tcp)) 2514 return; 2515 if ((unsigned long) tcp->u_arg[0] >= num_quals) 2516 return; 2517 func = tcp->s_ent->sys_func; 2518 if (func == printargs) 2519 return; 2520 if (qual_flags[tcp->u_arg[0]] & QUAL_READ) { 2521 if (func == sys_read || 2522 func == sys_pread || 2523 func == sys_recv || 2524 func == sys_recvfrom) { 2525 dumpstr(tcp, tcp->u_arg[1], tcp->u_rval); 2526 return; 2527 } else if (func == sys_readv) { 2528 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]); 2529 return; 2530#if HAVE_SENDMSG 2531 } else if (func == sys_recvmsg) { 2532 dumpiov_in_msghdr(tcp, tcp->u_arg[1]); 2533 return; 2534 } else if (func == sys_recvmmsg) { 2535 dumpiov_in_mmsghdr(tcp, tcp->u_arg[1]); 2536 return; 2537#endif 2538 } 2539 } 2540 if (qual_flags[tcp->u_arg[0]] & QUAL_WRITE) { 2541 if (func == sys_write || 2542 func == sys_pwrite || 2543 func == sys_send || 2544 func == sys_sendto) 2545 dumpstr(tcp, tcp->u_arg[1], tcp->u_arg[2]); 2546 else if (func == sys_writev) 2547 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]); 2548#if HAVE_SENDMSG 2549 else if (func == sys_sendmsg) 2550 dumpiov_in_msghdr(tcp, tcp->u_arg[1]); 2551 else if (func == sys_sendmmsg) 2552 dumpiov_in_mmsghdr(tcp, tcp->u_arg[1]); 2553#endif 2554 } 2555} 2556 2557static int 2558trace_syscall_exiting(struct tcb *tcp) 2559{ 2560 int sys_res; 2561 struct timeval tv; 2562 int res; 2563 long u_error; 2564 2565 /* Measure the exit time as early as possible to avoid errors. */ 2566 if (Tflag || cflag) 2567 gettimeofday(&tv, NULL); 2568 2569#ifdef USE_LIBUNWIND 2570 if (stack_trace_enabled) { 2571 if (tcp->s_ent->sys_flags & STACKTRACE_INVALIDATE_CACHE) 2572 unwind_cache_invalidate(tcp); 2573 } 2574#endif 2575 2576#if SUPPORTED_PERSONALITIES > 1 2577 update_personality(tcp, tcp->currpers); 2578#endif 2579 res = (get_regs_error ? -1 : get_syscall_result(tcp)); 2580 if (res == 1) { 2581 syscall_fixup_on_sysexit(tcp); /* never fails */ 2582 get_error(tcp); /* never fails */ 2583 if (need_fork_exec_workarounds) 2584 syscall_fixup_for_fork_exec(tcp); 2585 if (filtered(tcp) || hide_log_until_execve) 2586 goto ret; 2587 } 2588 2589 if (cflag) { 2590 count_syscall(tcp, &tv); 2591 if (cflag == CFLAG_ONLY_STATS) { 2592 goto ret; 2593 } 2594 } 2595 2596 /* If not in -ff mode, and printing_tcp != tcp, 2597 * then the log currently does not end with output 2598 * of _our syscall entry_, but with something else. 2599 * We need to say which syscall's return is this. 2600 * 2601 * Forced reprinting via TCB_REPRINT is used only by 2602 * "strace -ff -oLOG test/threaded_execve" corner case. 2603 * It's the only case when -ff mode needs reprinting. 2604 */ 2605 if ((followfork < 2 && printing_tcp != tcp) || (tcp->flags & TCB_REPRINT)) { 2606 tcp->flags &= ~TCB_REPRINT; 2607 printleader(tcp); 2608 if (tcp->qual_flg & UNDEFINED_SCNO) 2609 tprintf("<... %s resumed> ", undefined_scno_name(tcp)); 2610 else 2611 tprintf("<... %s resumed> ", tcp->s_ent->sys_name); 2612 } 2613 printing_tcp = tcp; 2614 2615 if (res != 1) { 2616 /* There was error in one of prior ptrace ops */ 2617 tprints(") "); 2618 tabto(); 2619 tprints("= ? <unavailable>\n"); 2620 line_ended(); 2621 tcp->flags &= ~TCB_INSYSCALL; 2622 return res; 2623 } 2624 2625 sys_res = 0; 2626 if (tcp->qual_flg & QUAL_RAW) { 2627 /* sys_res = printargs(tcp); - but it's nop on sysexit */ 2628 } else { 2629 /* FIXME: not_failing_only (IOW, option -z) is broken: 2630 * failure of syscall is known only after syscall return. 2631 * Thus we end up with something like this on, say, ENOENT: 2632 * open("doesnt_exist", O_RDONLY <unfinished ...> 2633 * {next syscall decode} 2634 * whereas the intended result is that open(...) line 2635 * is not shown at all. 2636 */ 2637 if (not_failing_only && tcp->u_error) 2638 goto ret; /* ignore failed syscalls */ 2639 sys_res = tcp->s_ent->sys_func(tcp); 2640 } 2641 2642 tprints(") "); 2643 tabto(); 2644 u_error = tcp->u_error; 2645 if (tcp->qual_flg & QUAL_RAW) { 2646 if (u_error) 2647 tprintf("= -1 (errno %ld)", u_error); 2648 else 2649 tprintf("= %#lx", tcp->u_rval); 2650 } 2651 else if (!(sys_res & RVAL_NONE) && u_error) { 2652 switch (u_error) { 2653 /* Blocked signals do not interrupt any syscalls. 2654 * In this case syscalls don't return ERESTARTfoo codes. 2655 * 2656 * Deadly signals set to SIG_DFL interrupt syscalls 2657 * and kill the process regardless of which of the codes below 2658 * is returned by the interrupted syscall. 2659 * In some cases, kernel forces a kernel-generated deadly 2660 * signal to be unblocked and set to SIG_DFL (and thus cause 2661 * death) if it is blocked or SIG_IGNed: for example, SIGSEGV 2662 * or SIGILL. (The alternative is to leave process spinning 2663 * forever on the faulty instruction - not useful). 2664 * 2665 * SIG_IGNed signals and non-deadly signals set to SIG_DFL 2666 * (for example, SIGCHLD, SIGWINCH) interrupt syscalls, 2667 * but kernel will always restart them. 2668 */ 2669 case ERESTARTSYS: 2670 /* Most common type of signal-interrupted syscall exit code. 2671 * The system call will be restarted with the same arguments 2672 * if SA_RESTART is set; otherwise, it will fail with EINTR. 2673 */ 2674 tprints("= ? ERESTARTSYS (To be restarted if SA_RESTART is set)"); 2675 break; 2676 case ERESTARTNOINTR: 2677 /* Rare. For example, fork() returns this if interrupted. 2678 * SA_RESTART is ignored (assumed set): the restart is unconditional. 2679 */ 2680 tprints("= ? ERESTARTNOINTR (To be restarted)"); 2681 break; 2682 case ERESTARTNOHAND: 2683 /* pause(), rt_sigsuspend() etc use this code. 2684 * SA_RESTART is ignored (assumed not set): 2685 * syscall won't restart (will return EINTR instead) 2686 * even after signal with SA_RESTART set. However, 2687 * after SIG_IGN or SIG_DFL signal it will restart 2688 * (thus the name "restart only if has no handler"). 2689 */ 2690 tprints("= ? ERESTARTNOHAND (To be restarted if no handler)"); 2691 break; 2692 case ERESTART_RESTARTBLOCK: 2693 /* Syscalls like nanosleep(), poll() which can't be 2694 * restarted with their original arguments use this 2695 * code. Kernel will execute restart_syscall() instead, 2696 * which changes arguments before restarting syscall. 2697 * SA_RESTART is ignored (assumed not set) similarly 2698 * to ERESTARTNOHAND. (Kernel can't honor SA_RESTART 2699 * since restart data is saved in "restart block" 2700 * in task struct, and if signal handler uses a syscall 2701 * which in turn saves another such restart block, 2702 * old data is lost and restart becomes impossible) 2703 */ 2704 tprints("= ? ERESTART_RESTARTBLOCK (Interrupted by signal)"); 2705 break; 2706 default: 2707 if (u_error < 0) 2708 tprintf("= -1 E??? (errno %ld)", u_error); 2709 else if ((unsigned long) u_error < nerrnos) 2710 tprintf("= -1 %s (%s)", errnoent[u_error], 2711 strerror(u_error)); 2712 else 2713 tprintf("= -1 ERRNO_%ld (%s)", u_error, 2714 strerror(u_error)); 2715 break; 2716 } 2717 if ((sys_res & RVAL_STR) && tcp->auxstr) 2718 tprintf(" (%s)", tcp->auxstr); 2719 } 2720 else { 2721 if (sys_res & RVAL_NONE) 2722 tprints("= ?"); 2723 else { 2724 switch (sys_res & RVAL_MASK) { 2725 case RVAL_HEX: 2726 tprintf("= %#lx", tcp->u_rval); 2727 break; 2728 case RVAL_OCTAL: 2729 tprintf("= %#lo", tcp->u_rval); 2730 break; 2731 case RVAL_UDECIMAL: 2732 tprintf("= %lu", tcp->u_rval); 2733 break; 2734 case RVAL_DECIMAL: 2735 tprintf("= %ld", tcp->u_rval); 2736 break; 2737 case RVAL_FD: 2738 if (show_fd_path) { 2739 tprints("= "); 2740 printfd(tcp, tcp->u_rval); 2741 } 2742 else 2743 tprintf("= %ld", tcp->u_rval); 2744 break; 2745#if defined(LINUX_MIPSN32) || defined(X32) 2746 /* 2747 case RVAL_LHEX: 2748 tprintf("= %#llx", tcp->u_lrval); 2749 break; 2750 case RVAL_LOCTAL: 2751 tprintf("= %#llo", tcp->u_lrval); 2752 break; 2753 */ 2754 case RVAL_LUDECIMAL: 2755 tprintf("= %llu", tcp->u_lrval); 2756 break; 2757 /* 2758 case RVAL_LDECIMAL: 2759 tprintf("= %lld", tcp->u_lrval); 2760 break; 2761 */ 2762#endif 2763 default: 2764 fprintf(stderr, 2765 "invalid rval format\n"); 2766 break; 2767 } 2768 } 2769 if ((sys_res & RVAL_STR) && tcp->auxstr) 2770 tprintf(" (%s)", tcp->auxstr); 2771 } 2772 if (Tflag) { 2773 tv_sub(&tv, &tv, &tcp->etime); 2774 tprintf(" <%ld.%06ld>", 2775 (long) tv.tv_sec, (long) tv.tv_usec); 2776 } 2777 tprints("\n"); 2778 dumpio(tcp); 2779 line_ended(); 2780 2781#ifdef USE_LIBUNWIND 2782 if (stack_trace_enabled) 2783 unwind_print_stacktrace(tcp); 2784#endif 2785 2786 ret: 2787 tcp->flags &= ~TCB_INSYSCALL; 2788 return 0; 2789} 2790 2791int 2792trace_syscall(struct tcb *tcp) 2793{ 2794 return exiting(tcp) ? 2795 trace_syscall_exiting(tcp) : trace_syscall_entering(tcp); 2796} 2797