syscall.c revision 905e8e0e2f0a1f51ab92424dcb005885ea8b2459
1/* 2 * Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl> 3 * Copyright (c) 1993 Branko Lankester <branko@hacktic.nl> 4 * Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com> 5 * Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl> 6 * Copyright (c) 1999 IBM Deutschland Entwicklung GmbH, IBM Corporation 7 * Linux for s390 port by D.J. Barrow 8 * <barrow_dj@mail.yahoo.com,djbarrow@de.ibm.com> 9 * All rights reserved. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. The name of the author may not be used to endorse or promote products 20 * derived from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34#include "defs.h" 35#include <sys/user.h> 36#include <sys/param.h> 37 38#ifdef HAVE_SYS_REG_H 39# include <sys/reg.h> 40# ifndef PTRACE_PEEKUSR 41# define PTRACE_PEEKUSR PTRACE_PEEKUSER 42# endif 43#elif defined(HAVE_LINUX_PTRACE_H) 44# undef PTRACE_SYSCALL 45# ifdef HAVE_STRUCT_IA64_FPREG 46# define ia64_fpreg XXX_ia64_fpreg 47# endif 48# ifdef HAVE_STRUCT_PT_ALL_USER_REGS 49# define pt_all_user_regs XXX_pt_all_user_regs 50# endif 51# include <linux/ptrace.h> 52# undef ia64_fpreg 53# undef pt_all_user_regs 54#endif 55 56#if defined(SPARC64) 57# undef PTRACE_GETREGS 58# define PTRACE_GETREGS PTRACE_GETREGS64 59# undef PTRACE_SETREGS 60# define PTRACE_SETREGS PTRACE_SETREGS64 61#endif 62 63#if defined(IA64) 64# include <asm/ptrace_offsets.h> 65# include <asm/rse.h> 66#endif 67 68#if defined(X86_64) || defined(X32) 69# include <linux/ptrace.h> 70# include <sys/uio.h> 71# include <elf.h> 72#endif 73 74#if defined(AARCH64) 75# include <asm/ptrace.h> 76# include <sys/uio.h> 77# include <elf.h> 78#endif 79 80#if defined(OR1K) 81# include <sys/uio.h> 82# include <elf.h> 83#endif 84 85#ifndef ERESTARTSYS 86# define ERESTARTSYS 512 87#endif 88#ifndef ERESTARTNOINTR 89# define ERESTARTNOINTR 513 90#endif 91#ifndef ERESTARTNOHAND 92# define ERESTARTNOHAND 514 /* restart if no handler */ 93#endif 94#ifndef ERESTART_RESTARTBLOCK 95# define ERESTART_RESTARTBLOCK 516 /* restart by calling sys_restart_syscall */ 96#endif 97 98#ifndef NSIG 99# warning: NSIG is not defined, using 32 100# define NSIG 32 101#endif 102#ifdef ARM 103/* Ugh. Is this really correct? ARM has no RT signals?! */ 104# undef NSIG 105# define NSIG 32 106#endif 107 108#include "syscall.h" 109 110/* Define these shorthand notations to simplify the syscallent files. */ 111#define TD TRACE_DESC 112#define TF TRACE_FILE 113#define TI TRACE_IPC 114#define TN TRACE_NETWORK 115#define TP TRACE_PROCESS 116#define TS TRACE_SIGNAL 117#define TM TRACE_MEMORY 118#define NF SYSCALL_NEVER_FAILS 119#define MA MAX_ARGS 120 121const struct_sysent sysent0[] = { 122#include "syscallent.h" 123}; 124 125#if SUPPORTED_PERSONALITIES > 1 126static const struct_sysent sysent1[] = { 127# include "syscallent1.h" 128}; 129#endif 130 131#if SUPPORTED_PERSONALITIES > 2 132static const struct_sysent sysent2[] = { 133# include "syscallent2.h" 134}; 135#endif 136 137/* Now undef them since short defines cause wicked namespace pollution. */ 138#undef TD 139#undef TF 140#undef TI 141#undef TN 142#undef TP 143#undef TS 144#undef TM 145#undef NF 146#undef MA 147 148/* 149 * `ioctlent.h' may be generated from `ioctlent.raw' by the auxiliary 150 * program `ioctlsort', such that the list is sorted by the `code' field. 151 * This has the side-effect of resolving the _IO.. macros into 152 * plain integers, eliminating the need to include here everything 153 * in "/usr/include". 154 */ 155 156const char *const errnoent0[] = { 157#include "errnoent.h" 158}; 159const char *const signalent0[] = { 160#include "signalent.h" 161}; 162const struct_ioctlent ioctlent0[] = { 163#include "ioctlent.h" 164}; 165enum { nsyscalls0 = ARRAY_SIZE(sysent0) }; 166enum { nerrnos0 = ARRAY_SIZE(errnoent0) }; 167enum { nsignals0 = ARRAY_SIZE(signalent0) }; 168enum { nioctlents0 = ARRAY_SIZE(ioctlent0) }; 169 170#if SUPPORTED_PERSONALITIES > 1 171static const char *const errnoent1[] = { 172# include "errnoent1.h" 173}; 174static const char *const signalent1[] = { 175# include "signalent1.h" 176}; 177static const struct_ioctlent ioctlent1[] = { 178# include "ioctlent1.h" 179}; 180enum { nsyscalls1 = ARRAY_SIZE(sysent1) }; 181enum { nerrnos1 = ARRAY_SIZE(errnoent1) }; 182enum { nsignals1 = ARRAY_SIZE(signalent1) }; 183enum { nioctlents1 = ARRAY_SIZE(ioctlent1) }; 184#endif 185 186#if SUPPORTED_PERSONALITIES > 2 187static const char *const errnoent2[] = { 188# include "errnoent2.h" 189}; 190static const char *const signalent2[] = { 191# include "signalent2.h" 192}; 193static const struct_ioctlent ioctlent2[] = { 194# include "ioctlent2.h" 195}; 196enum { nsyscalls2 = ARRAY_SIZE(sysent2) }; 197enum { nerrnos2 = ARRAY_SIZE(errnoent2) }; 198enum { nsignals2 = ARRAY_SIZE(signalent2) }; 199enum { nioctlents2 = ARRAY_SIZE(ioctlent2) }; 200#endif 201 202#if SUPPORTED_PERSONALITIES > 1 203const struct_sysent *sysent = sysent0; 204const char *const *errnoent = errnoent0; 205const char *const *signalent = signalent0; 206const struct_ioctlent *ioctlent = ioctlent0; 207#endif 208unsigned nsyscalls = nsyscalls0; 209unsigned nerrnos = nerrnos0; 210unsigned nsignals = nsignals0; 211unsigned nioctlents = nioctlents0; 212 213unsigned num_quals; 214qualbits_t *qual_vec[SUPPORTED_PERSONALITIES]; 215 216static const unsigned nsyscall_vec[SUPPORTED_PERSONALITIES] = { 217 nsyscalls0, 218#if SUPPORTED_PERSONALITIES > 1 219 nsyscalls1, 220#endif 221#if SUPPORTED_PERSONALITIES > 2 222 nsyscalls2, 223#endif 224}; 225static const struct_sysent *const sysent_vec[SUPPORTED_PERSONALITIES] = { 226 sysent0, 227#if SUPPORTED_PERSONALITIES > 1 228 sysent1, 229#endif 230#if SUPPORTED_PERSONALITIES > 2 231 sysent2, 232#endif 233}; 234 235enum { 236 MAX_NSYSCALLS1 = (nsyscalls0 237#if SUPPORTED_PERSONALITIES > 1 238 > nsyscalls1 ? nsyscalls0 : nsyscalls1 239#endif 240 ), 241 MAX_NSYSCALLS2 = (MAX_NSYSCALLS1 242#if SUPPORTED_PERSONALITIES > 2 243 > nsyscalls2 ? MAX_NSYSCALLS1 : nsyscalls2 244#endif 245 ), 246 MAX_NSYSCALLS = MAX_NSYSCALLS2, 247 /* We are ready for arches with up to 255 signals, 248 * even though the largest known signo is on MIPS and it is 128. 249 * The number of existing syscalls on all arches is 250 * larger that 255 anyway, so it is just a pedantic matter. 251 */ 252 MIN_QUALS = MAX_NSYSCALLS > 255 ? MAX_NSYSCALLS : 255 253}; 254 255#if SUPPORTED_PERSONALITIES > 1 256unsigned current_personality; 257 258# ifndef current_wordsize 259unsigned current_wordsize; 260static const int personality_wordsize[SUPPORTED_PERSONALITIES] = { 261 PERSONALITY0_WORDSIZE, 262 PERSONALITY1_WORDSIZE, 263# if SUPPORTED_PERSONALITIES > 2 264 PERSONALITY2_WORDSIZE, 265# endif 266}; 267# endif 268 269void 270set_personality(int personality) 271{ 272 nsyscalls = nsyscall_vec[personality]; 273 sysent = sysent_vec[personality]; 274 275 switch (personality) { 276 case 0: 277 errnoent = errnoent0; 278 nerrnos = nerrnos0; 279 ioctlent = ioctlent0; 280 nioctlents = nioctlents0; 281 signalent = signalent0; 282 nsignals = nsignals0; 283 break; 284 285 case 1: 286 errnoent = errnoent1; 287 nerrnos = nerrnos1; 288 ioctlent = ioctlent1; 289 nioctlents = nioctlents1; 290 signalent = signalent1; 291 nsignals = nsignals1; 292 break; 293 294# if SUPPORTED_PERSONALITIES > 2 295 case 2: 296 errnoent = errnoent2; 297 nerrnos = nerrnos2; 298 ioctlent = ioctlent2; 299 nioctlents = nioctlents2; 300 signalent = signalent2; 301 nsignals = nsignals2; 302 break; 303# endif 304 } 305 306 current_personality = personality; 307# ifndef current_wordsize 308 current_wordsize = personality_wordsize[personality]; 309# endif 310} 311 312static void 313update_personality(struct tcb *tcp, int personality) 314{ 315 if (personality == current_personality) 316 return; 317 set_personality(personality); 318 319 if (personality == tcp->currpers) 320 return; 321 tcp->currpers = personality; 322 323# if defined(POWERPC64) 324 if (!qflag) { 325 static const char *const names[] = {"64 bit", "32 bit"}; 326 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n", 327 tcp->pid, names[personality]); 328 } 329# elif defined(X86_64) 330 if (!qflag) { 331 static const char *const names[] = {"64 bit", "32 bit", "x32"}; 332 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n", 333 tcp->pid, names[personality]); 334 } 335# elif defined(X32) 336 if (!qflag) { 337 static const char *const names[] = {"x32", "32 bit"}; 338 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n", 339 tcp->pid, names[personality]); 340 } 341# elif defined(AARCH64) 342 if (!qflag) { 343 static const char *const names[] = {"32-bit", "AArch64"}; 344 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n", 345 tcp->pid, names[personality]); 346 } 347# elif defined(TILE) 348 if (!qflag) { 349 static const char *const names[] = {"64-bit", "32-bit"}; 350 fprintf(stderr, "[ Process PID=%d runs in %s mode. ]\n", 351 tcp->pid, names[personality]); 352 } 353# endif 354} 355#endif 356 357static int qual_syscall(), qual_signal(), qual_desc(); 358 359static const struct qual_options { 360 int bitflag; 361 const char *option_name; 362 int (*qualify)(const char *, int, int); 363 const char *argument_name; 364} qual_options[] = { 365 { QUAL_TRACE, "trace", qual_syscall, "system call" }, 366 { QUAL_TRACE, "t", qual_syscall, "system call" }, 367 { QUAL_ABBREV, "abbrev", qual_syscall, "system call" }, 368 { QUAL_ABBREV, "a", qual_syscall, "system call" }, 369 { QUAL_VERBOSE, "verbose", qual_syscall, "system call" }, 370 { QUAL_VERBOSE, "v", qual_syscall, "system call" }, 371 { QUAL_RAW, "raw", qual_syscall, "system call" }, 372 { QUAL_RAW, "x", qual_syscall, "system call" }, 373 { QUAL_SIGNAL, "signal", qual_signal, "signal" }, 374 { QUAL_SIGNAL, "signals", qual_signal, "signal" }, 375 { QUAL_SIGNAL, "s", qual_signal, "signal" }, 376 { QUAL_READ, "read", qual_desc, "descriptor" }, 377 { QUAL_READ, "reads", qual_desc, "descriptor" }, 378 { QUAL_READ, "r", qual_desc, "descriptor" }, 379 { QUAL_WRITE, "write", qual_desc, "descriptor" }, 380 { QUAL_WRITE, "writes", qual_desc, "descriptor" }, 381 { QUAL_WRITE, "w", qual_desc, "descriptor" }, 382 { 0, NULL, NULL, NULL }, 383}; 384 385static void 386reallocate_qual(int n) 387{ 388 unsigned p; 389 qualbits_t *qp; 390 for (p = 0; p < SUPPORTED_PERSONALITIES; p++) { 391 qp = qual_vec[p] = realloc(qual_vec[p], n * sizeof(qualbits_t)); 392 if (!qp) 393 die_out_of_memory(); 394 memset(&qp[num_quals], 0, (n - num_quals) * sizeof(qualbits_t)); 395 } 396 num_quals = n; 397} 398 399static void 400qualify_one(int n, int bitflag, int not, int pers) 401{ 402 unsigned p; 403 404 if (num_quals <= n) 405 reallocate_qual(n + 1); 406 407 for (p = 0; p < SUPPORTED_PERSONALITIES; p++) { 408 if (pers == p || pers < 0) { 409 if (not) 410 qual_vec[p][n] &= ~bitflag; 411 else 412 qual_vec[p][n] |= bitflag; 413 } 414 } 415} 416 417static int 418qual_syscall(const char *s, int bitflag, int not) 419{ 420 unsigned p; 421 unsigned i; 422 int rc = -1; 423 424 if (*s >= '0' && *s <= '9') { 425 i = string_to_uint(s); 426 if (i >= MAX_NSYSCALLS) 427 return -1; 428 qualify_one(i, bitflag, not, -1); 429 return 0; 430 } 431 432 for (p = 0; p < SUPPORTED_PERSONALITIES; p++) { 433 for (i = 0; i < nsyscall_vec[p]; i++) { 434 if (sysent_vec[p][i].sys_name 435 && strcmp(s, sysent_vec[p][i].sys_name) == 0 436 ) { 437 qualify_one(i, bitflag, not, 0); 438 rc = 0; 439 } 440 } 441 } 442 443 return rc; 444} 445 446static int 447qual_signal(const char *s, int bitflag, int not) 448{ 449 int i; 450 451 if (*s >= '0' && *s <= '9') { 452 int signo = string_to_uint(s); 453 if (signo < 0 || signo > 255) 454 return -1; 455 qualify_one(signo, bitflag, not, -1); 456 return 0; 457 } 458 if (strncasecmp(s, "SIG", 3) == 0) 459 s += 3; 460 for (i = 0; i <= NSIG; i++) { 461 if (strcasecmp(s, signame(i) + 3) == 0) { 462 qualify_one(i, bitflag, not, -1); 463 return 0; 464 } 465 } 466 return -1; 467} 468 469static int 470qual_desc(const char *s, int bitflag, int not) 471{ 472 if (*s >= '0' && *s <= '9') { 473 int desc = string_to_uint(s); 474 if (desc < 0 || desc > 0x7fff) /* paranoia */ 475 return -1; 476 qualify_one(desc, bitflag, not, -1); 477 return 0; 478 } 479 return -1; 480} 481 482static int 483lookup_class(const char *s) 484{ 485 if (strcmp(s, "file") == 0) 486 return TRACE_FILE; 487 if (strcmp(s, "ipc") == 0) 488 return TRACE_IPC; 489 if (strcmp(s, "network") == 0) 490 return TRACE_NETWORK; 491 if (strcmp(s, "process") == 0) 492 return TRACE_PROCESS; 493 if (strcmp(s, "signal") == 0) 494 return TRACE_SIGNAL; 495 if (strcmp(s, "desc") == 0) 496 return TRACE_DESC; 497 if (strcmp(s, "memory") == 0) 498 return TRACE_MEMORY; 499 return -1; 500} 501 502void 503qualify(const char *s) 504{ 505 const struct qual_options *opt; 506 int not; 507 char *copy; 508 const char *p; 509 int i, n; 510 511 if (num_quals == 0) 512 reallocate_qual(MIN_QUALS); 513 514 opt = &qual_options[0]; 515 for (i = 0; (p = qual_options[i].option_name); i++) { 516 n = strlen(p); 517 if (strncmp(s, p, n) == 0 && s[n] == '=') { 518 opt = &qual_options[i]; 519 s += n + 1; 520 break; 521 } 522 } 523 not = 0; 524 if (*s == '!') { 525 not = 1; 526 s++; 527 } 528 if (strcmp(s, "none") == 0) { 529 not = 1 - not; 530 s = "all"; 531 } 532 if (strcmp(s, "all") == 0) { 533 for (i = 0; i < num_quals; i++) { 534 qualify_one(i, opt->bitflag, not, -1); 535 } 536 return; 537 } 538 for (i = 0; i < num_quals; i++) { 539 qualify_one(i, opt->bitflag, !not, -1); 540 } 541 copy = strdup(s); 542 if (!copy) 543 die_out_of_memory(); 544 for (p = strtok(copy, ","); p; p = strtok(NULL, ",")) { 545 if (opt->bitflag == QUAL_TRACE && (n = lookup_class(p)) > 0) { 546 unsigned pers; 547 for (pers = 0; pers < SUPPORTED_PERSONALITIES; pers++) { 548 for (i = 0; i < nsyscall_vec[pers]; i++) 549 if (sysent_vec[pers][i].sys_flags & n) 550 qualify_one(i, opt->bitflag, not, 0); 551 } 552 continue; 553 } 554 if (opt->qualify(p, opt->bitflag, not)) { 555 error_msg_and_die("invalid %s '%s'", 556 opt->argument_name, p); 557 } 558 } 559 free(copy); 560 return; 561} 562 563#ifdef SYS_socket_subcall 564static void 565decode_socket_subcall(struct tcb *tcp) 566{ 567 unsigned long addr; 568 unsigned int i, n, size; 569 570 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= SYS_socket_nsubcalls) 571 return; 572 573 tcp->scno = SYS_socket_subcall + tcp->u_arg[0]; 574 tcp->qual_flg = qual_flags[tcp->scno]; 575 tcp->s_ent = &sysent[tcp->scno]; 576 addr = tcp->u_arg[1]; 577 size = current_wordsize; 578 n = tcp->s_ent->nargs; 579 for (i = 0; i < n; ++i) { 580 if (size == sizeof(int)) { 581 unsigned int arg; 582 if (umove(tcp, addr, &arg) < 0) 583 arg = 0; 584 tcp->u_arg[i] = arg; 585 } 586 else { 587 unsigned long arg; 588 if (umove(tcp, addr, &arg) < 0) 589 arg = 0; 590 tcp->u_arg[i] = arg; 591 } 592 addr += size; 593 } 594} 595#endif 596 597#ifdef SYS_ipc_subcall 598static void 599decode_ipc_subcall(struct tcb *tcp) 600{ 601 unsigned int i, n; 602 603 if (tcp->u_arg[0] < 0 || tcp->u_arg[0] >= SYS_ipc_nsubcalls) 604 return; 605 606 tcp->scno = SYS_ipc_subcall + tcp->u_arg[0]; 607 tcp->qual_flg = qual_flags[tcp->scno]; 608 tcp->s_ent = &sysent[tcp->scno]; 609 n = tcp->s_ent->nargs; 610 for (i = 0; i < n; i++) 611 tcp->u_arg[i] = tcp->u_arg[i + 1]; 612} 613#endif 614 615int 616printargs(struct tcb *tcp) 617{ 618 if (entering(tcp)) { 619 int i; 620 int n = tcp->s_ent->nargs; 621 for (i = 0; i < n; i++) 622 tprintf("%s%#lx", i ? ", " : "", tcp->u_arg[i]); 623 } 624 return 0; 625} 626 627int 628printargs_lu(struct tcb *tcp) 629{ 630 if (entering(tcp)) { 631 int i; 632 int n = tcp->s_ent->nargs; 633 for (i = 0; i < n; i++) 634 tprintf("%s%lu", i ? ", " : "", tcp->u_arg[i]); 635 } 636 return 0; 637} 638 639int 640printargs_ld(struct tcb *tcp) 641{ 642 if (entering(tcp)) { 643 int i; 644 int n = tcp->s_ent->nargs; 645 for (i = 0; i < n; i++) 646 tprintf("%s%ld", i ? ", " : "", tcp->u_arg[i]); 647 } 648 return 0; 649} 650 651#if defined(SPARC) || defined(SPARC64) || defined(IA64) || defined(SH) 652long 653getrval2(struct tcb *tcp) 654{ 655 long val; 656 657# if defined(SPARC) || defined(SPARC64) 658 val = sparc_regs.u_regs[U_REG_O1]; 659# elif defined(SH) 660 if (upeek(tcp, 4*(REG_REG0+1), &val) < 0) 661 return -1; 662# elif defined(IA64) 663 if (upeek(tcp, PT_R9, &val) < 0) 664 return -1; 665# endif 666 667 return val; 668} 669#endif 670 671int 672is_restart_error(struct tcb *tcp) 673{ 674 switch (tcp->u_error) { 675 case ERESTARTSYS: 676 case ERESTARTNOINTR: 677 case ERESTARTNOHAND: 678 case ERESTART_RESTARTBLOCK: 679 return 1; 680 default: 681 break; 682 } 683 return 0; 684} 685 686#if defined(I386) 687struct user_regs_struct i386_regs; 688#elif defined(X86_64) || defined(X32) 689/* 690 * On i386, pt_regs and user_regs_struct are the same, 691 * but on 64 bit x86, user_regs_struct has six more fields: 692 * fs_base, gs_base, ds, es, fs, gs. 693 * PTRACE_GETREGS fills them too, so struct pt_regs would overflow. 694 */ 695struct i386_user_regs_struct { 696 uint32_t ebx; 697 uint32_t ecx; 698 uint32_t edx; 699 uint32_t esi; 700 uint32_t edi; 701 uint32_t ebp; 702 uint32_t eax; 703 uint32_t xds; 704 uint32_t xes; 705 uint32_t xfs; 706 uint32_t xgs; 707 uint32_t orig_eax; 708 uint32_t eip; 709 uint32_t xcs; 710 uint32_t eflags; 711 uint32_t esp; 712 uint32_t xss; 713}; 714static union { 715 struct user_regs_struct x86_64_r; 716 struct i386_user_regs_struct i386_r; 717} x86_regs_union; 718# define x86_64_regs x86_regs_union.x86_64_r 719# define i386_regs x86_regs_union.i386_r 720static struct iovec x86_io = { 721 .iov_base = &x86_regs_union 722}; 723#elif defined(IA64) 724long ia32 = 0; /* not static */ 725static long ia64_r8, ia64_r10; 726#elif defined(POWERPC) 727static long ppc_result; 728#elif defined(M68K) 729static long m68k_d0; 730#elif defined(BFIN) 731static long bfin_r0; 732#elif defined(ARM) 733struct pt_regs arm_regs; /* not static */ 734#elif defined(AARCH64) 735static union { 736 struct user_pt_regs aarch64_r; 737 struct arm_pt_regs arm_r; 738} arm_regs_union; 739# define aarch64_regs arm_regs_union.aarch64_r 740# define arm_regs arm_regs_union.arm_r 741static struct iovec aarch64_io = { 742 .iov_base = &arm_regs_union 743}; 744#elif defined(ALPHA) 745static long alpha_r0; 746static long alpha_a3; 747#elif defined(AVR32) 748static struct pt_regs avr32_regs; 749#elif defined(SPARC) || defined(SPARC64) 750struct pt_regs sparc_regs; /* not static */ 751#elif defined(LINUX_MIPSN32) 752static long long mips_a3; 753static long long mips_r2; 754#elif defined(MIPS) 755static long mips_a3; 756static long mips_r2; 757#elif defined(S390) || defined(S390X) 758static long gpr2; 759static long syscall_mode; 760#elif defined(HPPA) 761static long hppa_r28; 762#elif defined(SH) 763static long sh_r0; 764#elif defined(SH64) 765static long sh64_r9; 766#elif defined(CRISV10) || defined(CRISV32) 767static long cris_r10; 768#elif defined(TILE) 769struct pt_regs tile_regs; 770#elif defined(MICROBLAZE) 771static long microblaze_r3; 772#elif defined(OR1K) 773static struct user_regs_struct or1k_regs; 774static struct iovec or1k_io = { 775 .iov_base = &or1k_regs 776}; 777#endif 778 779void 780printcall(struct tcb *tcp) 781{ 782#define PRINTBADPC tprintf(sizeof(long) == 4 ? "[????????] " : \ 783 sizeof(long) == 8 ? "[????????????????] " : \ 784 NULL /* crash */) 785 if (get_regs_error) { 786 PRINTBADPC; 787 return; 788 } 789#if defined(I386) 790 tprintf("[%08lx] ", i386_regs.eip); 791#elif defined(S390) || defined(S390X) 792 long psw; 793 if (upeek(tcp, PT_PSWADDR, &psw) < 0) { 794 PRINTBADPC; 795 return; 796 } 797# ifdef S390 798 tprintf("[%08lx] ", psw); 799# elif S390X 800 tprintf("[%016lx] ", psw); 801# endif 802#elif defined(X86_64) || defined(X32) 803 if (x86_io.iov_len == sizeof(i386_regs)) { 804 tprintf("[%08x] ", (unsigned) i386_regs.eip); 805 } else { 806# if defined(X86_64) 807 tprintf("[%016lx] ", (unsigned long) x86_64_regs.rip); 808# elif defined(X32) 809 /* Note: this truncates 64-bit rip to 32 bits */ 810 tprintf("[%08lx] ", (unsigned long) x86_64_regs.rip); 811# endif 812 } 813#elif defined(IA64) 814 long ip; 815 if (upeek(tcp, PT_B0, &ip) < 0) { 816 PRINTBADPC; 817 return; 818 } 819 tprintf("[%08lx] ", ip); 820#elif defined(POWERPC) 821 long pc; 822 if (upeek(tcp, sizeof(unsigned long)*PT_NIP, &pc) < 0) { 823 PRINTBADPC; 824 return; 825 } 826# ifdef POWERPC64 827 tprintf("[%016lx] ", pc); 828# else 829 tprintf("[%08lx] ", pc); 830# endif 831#elif defined(M68K) 832 long pc; 833 if (upeek(tcp, 4*PT_PC, &pc) < 0) { 834 tprints("[????????] "); 835 return; 836 } 837 tprintf("[%08lx] ", pc); 838#elif defined(ALPHA) 839 long pc; 840 if (upeek(tcp, REG_PC, &pc) < 0) { 841 tprints("[????????????????] "); 842 return; 843 } 844 tprintf("[%08lx] ", pc); 845#elif defined(SPARC) 846 tprintf("[%08lx] ", sparc_regs.pc); 847#elif defined(SPARC64) 848 tprintf("[%08lx] ", sparc_regs.tpc); 849#elif defined(HPPA) 850 long pc; 851 if (upeek(tcp, PT_IAOQ0, &pc) < 0) { 852 tprints("[????????] "); 853 return; 854 } 855 tprintf("[%08lx] ", pc); 856#elif defined(MIPS) 857 long pc; 858 if (upeek(tcp, REG_EPC, &pc) < 0) { 859 tprints("[????????] "); 860 return; 861 } 862 tprintf("[%08lx] ", pc); 863#elif defined(SH) 864 long pc; 865 if (upeek(tcp, 4*REG_PC, &pc) < 0) { 866 tprints("[????????] "); 867 return; 868 } 869 tprintf("[%08lx] ", pc); 870#elif defined(SH64) 871 long pc; 872 if (upeek(tcp, REG_PC, &pc) < 0) { 873 tprints("[????????????????] "); 874 return; 875 } 876 tprintf("[%08lx] ", pc); 877#elif defined(ARM) 878 tprintf("[%08lx] ", arm_regs.ARM_pc); 879#elif defined(AARCH64) 880 /* tprintf("[%016lx] ", aarch64_regs.regs[???]); */ 881#elif defined(AVR32) 882 tprintf("[%08lx] ", avr32_regs.pc); 883#elif defined(BFIN) 884 long pc; 885 if (upeek(tcp, PT_PC, &pc) < 0) { 886 PRINTBADPC; 887 return; 888 } 889 tprintf("[%08lx] ", pc); 890#elif defined(CRISV10) 891 long pc; 892 if (upeek(tcp, 4*PT_IRP, &pc) < 0) { 893 PRINTBADPC; 894 return; 895 } 896 tprintf("[%08lx] ", pc); 897#elif defined(CRISV32) 898 long pc; 899 if (upeek(tcp, 4*PT_ERP, &pc) < 0) { 900 PRINTBADPC; 901 return; 902 } 903 tprintf("[%08lx] ", pc); 904#elif defined(TILE) 905# ifdef _LP64 906 tprintf("[%016lx] ", (unsigned long) tile_regs.pc); 907# else 908 tprintf("[%08lx] ", (unsigned long) tile_regs.pc); 909# endif 910#elif defined(OR1K) 911 tprintf("[%08lx] ", or1k_regs.pc); 912#endif /* architecture */ 913} 914 915/* Shuffle syscall numbers so that we don't have huge gaps in syscall table. 916 * The shuffling should be reversible: shuffle_scno(shuffle_scno(n)) == n. 917 */ 918#if defined(ARM) /* So far only ARM needs this */ 919static long 920shuffle_scno(unsigned long scno) 921{ 922 if (scno <= ARM_LAST_ORDINARY_SYSCALL) 923 return scno; 924 925 /* __ARM_NR_cmpxchg? Swap with LAST_ORDINARY+1 */ 926 if (scno == 0x000ffff0) 927 return ARM_LAST_ORDINARY_SYSCALL+1; 928 if (scno == ARM_LAST_ORDINARY_SYSCALL+1) 929 return 0x000ffff0; 930 931 /* Is it ARM specific syscall? 932 * Swap with [LAST_ORDINARY+2, LAST_ORDINARY+2 + LAST_SPECIAL] range. 933 */ 934 if (scno >= 0x000f0000 935 && scno <= 0x000f0000 + ARM_LAST_SPECIAL_SYSCALL 936 ) { 937 return scno - 0x000f0000 + (ARM_LAST_ORDINARY_SYSCALL+2); 938 } 939 if (/* scno >= ARM_LAST_ORDINARY_SYSCALL+2 - always true */ 1 940 && scno <= (ARM_LAST_ORDINARY_SYSCALL+2) + ARM_LAST_SPECIAL_SYSCALL 941 ) { 942 return scno + 0x000f0000 - (ARM_LAST_ORDINARY_SYSCALL+2); 943 } 944 945 return scno; 946} 947#else 948# define shuffle_scno(scno) ((long)(scno)) 949#endif 950 951static char* 952undefined_scno_name(struct tcb *tcp) 953{ 954 static char buf[sizeof("syscall_%lu") + sizeof(long)*3]; 955 956 sprintf(buf, "syscall_%lu", shuffle_scno(tcp->scno)); 957 return buf; 958} 959 960#ifndef get_regs 961long get_regs_error; 962void 963get_regs(pid_t pid) 964{ 965# if defined(AVR32) 966 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, &avr32_regs); 967# elif defined(I386) 968 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, (long) &i386_regs); 969# elif defined(X86_64) || defined(X32) 970 /* 971 * PTRACE_GETREGSET was introduced in 2.6.33. 972 * Let's be paranoid and require a bit later kernel. 973 */ 974 if (os_release >= KERNEL_VERSION(2,6,35)) { 975 /*x86_io.iov_base = &x86_regs_union; - already is */ 976 x86_io.iov_len = sizeof(x86_regs_union); 977 get_regs_error = ptrace(PTRACE_GETREGSET, pid, NT_PRSTATUS, (long) &x86_io); 978 } else { 979 /* Use old method, with heuristical detection of 32-bitness */ 980 x86_io.iov_len = sizeof(x86_64_regs); 981 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, (long) &x86_64_regs); 982 if (!get_regs_error && x86_64_regs.cs == 0x23) { 983 x86_io.iov_len = sizeof(i386_regs); 984 /* 985 * The order is important: i386_regs and x86_64_regs 986 * are overlaid in memory! 987 */ 988 i386_regs.ebx = x86_64_regs.rbx; 989 i386_regs.ecx = x86_64_regs.rcx; 990 i386_regs.edx = x86_64_regs.rdx; 991 i386_regs.esi = x86_64_regs.rsi; 992 i386_regs.edi = x86_64_regs.rdi; 993 i386_regs.ebp = x86_64_regs.rbp; 994 i386_regs.eax = x86_64_regs.rax; 995 /*i386_regs.xds = x86_64_regs.ds; unused by strace */ 996 /*i386_regs.xes = x86_64_regs.es; ditto... */ 997 /*i386_regs.xfs = x86_64_regs.fs;*/ 998 /*i386_regs.xgs = x86_64_regs.gs;*/ 999 i386_regs.orig_eax = x86_64_regs.orig_rax; 1000 i386_regs.eip = x86_64_regs.rip; 1001 /*i386_regs.xcs = x86_64_regs.cs;*/ 1002 /*i386_regs.eflags = x86_64_regs.eflags;*/ 1003 i386_regs.esp = x86_64_regs.rsp; 1004 /*i386_regs.xss = x86_64_regs.ss;*/ 1005 } 1006 } 1007# elif defined(ARM) 1008 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, (void *)&arm_regs); 1009# elif defined(AARCH64) 1010 /*aarch64_io.iov_base = &arm_regs_union; - already is */ 1011 aarch64_io.iov_len = sizeof(arm_regs_union); 1012 get_regs_error = ptrace(PTRACE_GETREGSET, pid, NT_PRSTATUS, (void *)&aarch64_io); 1013# if 0 1014 /* Paranoia checks */ 1015 if (get_regs_error) 1016 return; 1017 switch (aarch64_io.iov_len) { 1018 case sizeof(aarch64_regs): 1019 /* We are in 64-bit mode */ 1020 break; 1021 case sizeof(arm_regs): 1022 /* We are in 32-bit mode */ 1023 break; 1024 default: 1025 get_regs_error = -1; 1026 break; 1027 } 1028# endif 1029# elif defined(SPARC) || defined(SPARC64) 1030 get_regs_error = ptrace(PTRACE_GETREGS, pid, (char *)&sparc_regs, 0); 1031# elif defined(TILE) 1032 get_regs_error = ptrace(PTRACE_GETREGS, pid, NULL, (long) &tile_regs); 1033# elif defined(OR1K) 1034 or1k_io.iov_len = sizeof(or1k_regs); 1035 get_regs_error = ptrace(PTRACE_GETREGSET, pid, NT_PRSTATUS, &or1k_io); 1036# endif 1037} 1038#endif 1039 1040/* Returns: 1041 * 0: "ignore this ptrace stop", bail out of trace_syscall_entering() silently. 1042 * 1: ok, continue in trace_syscall_entering(). 1043 * other: error, trace_syscall_entering() should print error indicator 1044 * ("????" etc) and bail out. 1045 */ 1046static int 1047get_scno(struct tcb *tcp) 1048{ 1049 long scno = 0; 1050 1051#if defined(S390) || defined(S390X) 1052 if (upeek(tcp, PT_GPR2, &syscall_mode) < 0) 1053 return -1; 1054 1055 if (syscall_mode != -ENOSYS) { 1056 /* 1057 * Since kernel version 2.5.44 the scno gets passed in gpr2. 1058 */ 1059 scno = syscall_mode; 1060 } else { 1061 /* 1062 * Old style of "passing" the scno via the SVC instruction. 1063 */ 1064 long psw; 1065 long opcode, offset_reg, tmp; 1066 void *svc_addr; 1067 static const int gpr_offset[16] = { 1068 PT_GPR0, PT_GPR1, PT_ORIGGPR2, PT_GPR3, 1069 PT_GPR4, PT_GPR5, PT_GPR6, PT_GPR7, 1070 PT_GPR8, PT_GPR9, PT_GPR10, PT_GPR11, 1071 PT_GPR12, PT_GPR13, PT_GPR14, PT_GPR15 1072 }; 1073 1074 if (upeek(tcp, PT_PSWADDR, &psw) < 0) 1075 return -1; 1076 errno = 0; 1077 opcode = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)(psw - sizeof(long)), 0); 1078 if (errno) { 1079 perror_msg("peektext(psw-oneword)"); 1080 return -1; 1081 } 1082 1083 /* 1084 * We have to check if the SVC got executed directly or via an 1085 * EXECUTE instruction. In case of EXECUTE it is necessary to do 1086 * instruction decoding to derive the system call number. 1087 * Unfortunately the opcode sizes of EXECUTE and SVC are differently, 1088 * so that this doesn't work if a SVC opcode is part of an EXECUTE 1089 * opcode. Since there is no way to find out the opcode size this 1090 * is the best we can do... 1091 */ 1092 if ((opcode & 0xff00) == 0x0a00) { 1093 /* SVC opcode */ 1094 scno = opcode & 0xff; 1095 } 1096 else { 1097 /* SVC got executed by EXECUTE instruction */ 1098 1099 /* 1100 * Do instruction decoding of EXECUTE. If you really want to 1101 * understand this, read the Principles of Operations. 1102 */ 1103 svc_addr = (void *) (opcode & 0xfff); 1104 1105 tmp = 0; 1106 offset_reg = (opcode & 0x000f0000) >> 16; 1107 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0)) 1108 return -1; 1109 svc_addr += tmp; 1110 1111 tmp = 0; 1112 offset_reg = (opcode & 0x0000f000) >> 12; 1113 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0)) 1114 return -1; 1115 svc_addr += tmp; 1116 1117 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, svc_addr, 0); 1118 if (errno) 1119 return -1; 1120# if defined(S390X) 1121 scno >>= 48; 1122# else 1123 scno >>= 16; 1124# endif 1125 tmp = 0; 1126 offset_reg = (opcode & 0x00f00000) >> 20; 1127 if (offset_reg && (upeek(tcp, gpr_offset[offset_reg], &tmp) < 0)) 1128 return -1; 1129 1130 scno = (scno | tmp) & 0xff; 1131 } 1132 } 1133#elif defined(POWERPC) 1134 if (upeek(tcp, sizeof(unsigned long)*PT_R0, &scno) < 0) 1135 return -1; 1136# ifdef POWERPC64 1137 /* TODO: speed up strace by not doing this at every syscall. 1138 * We only need to do it after execve. 1139 */ 1140 int currpers; 1141 long val; 1142 1143 /* Check for 64/32 bit mode. */ 1144 if (upeek(tcp, sizeof(unsigned long)*PT_MSR, &val) < 0) 1145 return -1; 1146 /* SF is bit 0 of MSR */ 1147 if (val < 0) 1148 currpers = 0; 1149 else 1150 currpers = 1; 1151 update_personality(tcp, currpers); 1152# endif 1153#elif defined(AVR32) 1154 scno = avr32_regs.r8; 1155#elif defined(BFIN) 1156 if (upeek(tcp, PT_ORIG_P0, &scno)) 1157 return -1; 1158#elif defined(I386) 1159 scno = i386_regs.orig_eax; 1160#elif defined(X86_64) || defined(X32) 1161# ifndef __X32_SYSCALL_BIT 1162# define __X32_SYSCALL_BIT 0x40000000 1163# endif 1164 int currpers; 1165# if 1 1166 /* GETREGSET of NT_PRSTATUS tells us regset size, 1167 * which unambiguously detects i386. 1168 * 1169 * Linux kernel distinguishes x86-64 and x32 processes 1170 * solely by looking at __X32_SYSCALL_BIT: 1171 * arch/x86/include/asm/compat.h::is_x32_task(): 1172 * if (task_pt_regs(current)->orig_ax & __X32_SYSCALL_BIT) 1173 * return true; 1174 */ 1175 if (x86_io.iov_len == sizeof(i386_regs)) { 1176 scno = i386_regs.orig_eax; 1177 currpers = 1; 1178 } else { 1179 scno = x86_64_regs.orig_rax; 1180 currpers = 0; 1181 if (scno & __X32_SYSCALL_BIT) { 1182 scno -= __X32_SYSCALL_BIT; 1183 currpers = 2; 1184 } 1185 } 1186# elif 0 1187 /* cs = 0x33 for long mode (native 64 bit and x32) 1188 * cs = 0x23 for compatibility mode (32 bit) 1189 * ds = 0x2b for x32 mode (x86-64 in 32 bit) 1190 */ 1191 scno = x86_64_regs.orig_rax; 1192 switch (x86_64_regs.cs) { 1193 case 0x23: currpers = 1; break; 1194 case 0x33: 1195 if (x86_64_regs.ds == 0x2b) { 1196 currpers = 2; 1197 scno &= ~__X32_SYSCALL_BIT; 1198 } else 1199 currpers = 0; 1200 break; 1201 default: 1202 fprintf(stderr, "Unknown value CS=0x%08X while " 1203 "detecting personality of process " 1204 "PID=%d\n", (int)x86_64_regs.cs, tcp->pid); 1205 currpers = current_personality; 1206 break; 1207 } 1208# elif 0 1209 /* This version analyzes the opcode of a syscall instruction. 1210 * (int 0x80 on i386 vs. syscall on x86-64) 1211 * It works, but is too complicated, and strictly speaking, unreliable. 1212 */ 1213 unsigned long call, rip = x86_64_regs.rip; 1214 /* sizeof(syscall) == sizeof(int 0x80) == 2 */ 1215 rip -= 2; 1216 errno = 0; 1217 call = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)rip, (char *)0); 1218 if (errno) 1219 fprintf(stderr, "ptrace_peektext failed: %s\n", 1220 strerror(errno)); 1221 switch (call & 0xffff) { 1222 /* x86-64: syscall = 0x0f 0x05 */ 1223 case 0x050f: currpers = 0; break; 1224 /* i386: int 0x80 = 0xcd 0x80 */ 1225 case 0x80cd: currpers = 1; break; 1226 default: 1227 currpers = current_personality; 1228 fprintf(stderr, 1229 "Unknown syscall opcode (0x%04X) while " 1230 "detecting personality of process " 1231 "PID=%d\n", (int)call, tcp->pid); 1232 break; 1233 } 1234# endif 1235 1236# ifdef X32 1237 /* If we are built for a x32 system, then personality 0 is x32 1238 * (not x86_64), and stracing of x86_64 apps is not supported. 1239 * Stracing of i386 apps is still supported. 1240 */ 1241 if (currpers == 0) { 1242 fprintf(stderr, "syscall_%lu(...) in unsupported " 1243 "64-bit mode of process PID=%d\n", 1244 scno, tcp->pid); 1245 return 0; 1246 } 1247 currpers &= ~2; /* map 2,1 to 0,1 */ 1248# endif 1249 update_personality(tcp, currpers); 1250#elif defined(IA64) 1251# define IA64_PSR_IS ((long)1 << 34) 1252 long psr; 1253 if (upeek(tcp, PT_CR_IPSR, &psr) >= 0) 1254 ia32 = (psr & IA64_PSR_IS) != 0; 1255 if (ia32) { 1256 if (upeek(tcp, PT_R1, &scno) < 0) 1257 return -1; 1258 } else { 1259 if (upeek(tcp, PT_R15, &scno) < 0) 1260 return -1; 1261 } 1262#elif defined(AARCH64) 1263 switch (aarch64_io.iov_len) { 1264 case sizeof(aarch64_regs): 1265 /* We are in 64-bit mode */ 1266 scno = aarch64_regs.regs[8]; 1267 update_personality(tcp, 1); 1268 break; 1269 case sizeof(arm_regs): 1270 /* We are in 32-bit mode */ 1271 scno = arm_regs.ARM_r7; 1272 update_personality(tcp, 0); 1273 break; 1274 } 1275#elif defined(ARM) 1276 if (arm_regs.ARM_ip != 0) { 1277 /* It is not a syscall entry */ 1278 fprintf(stderr, "pid %d stray syscall exit\n", tcp->pid); 1279 tcp->flags |= TCB_INSYSCALL; 1280 return 0; 1281 } 1282 /* Note: we support only 32-bit CPUs, not 26-bit */ 1283 1284 if (arm_regs.ARM_cpsr & 0x20) { 1285 /* Thumb mode */ 1286 scno = arm_regs.ARM_r7; 1287 } else { 1288 /* ARM mode */ 1289 errno = 0; 1290 scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, (void *)(arm_regs.ARM_pc - 4), NULL); 1291 if (errno) 1292 return -1; 1293 1294 /* EABI syscall convention? */ 1295 if (scno == 0xef000000) { 1296 scno = arm_regs.ARM_r7; /* yes */ 1297 } else { 1298 if ((scno & 0x0ff00000) != 0x0f900000) { 1299 fprintf(stderr, "pid %d unknown syscall trap 0x%08lx\n", 1300 tcp->pid, scno); 1301 return -1; 1302 } 1303 /* Fixup the syscall number */ 1304 scno &= 0x000fffff; 1305 } 1306 } 1307 1308 scno = shuffle_scno(scno); 1309#elif defined(M68K) 1310 if (upeek(tcp, 4*PT_ORIG_D0, &scno) < 0) 1311 return -1; 1312#elif defined(LINUX_MIPSN32) 1313 unsigned long long regs[38]; 1314 1315 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0) 1316 return -1; 1317 mips_a3 = regs[REG_A3]; 1318 mips_r2 = regs[REG_V0]; 1319 1320 scno = mips_r2; 1321 if (!SCNO_IN_RANGE(scno)) { 1322 if (mips_a3 == 0 || mips_a3 == -1) { 1323 if (debug_flag) 1324 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno); 1325 return 0; 1326 } 1327 } 1328#elif defined(MIPS) 1329 if (upeek(tcp, REG_A3, &mips_a3) < 0) 1330 return -1; 1331 if (upeek(tcp, REG_V0, &scno) < 0) 1332 return -1; 1333 1334 if (!SCNO_IN_RANGE(scno)) { 1335 if (mips_a3 == 0 || mips_a3 == -1) { 1336 if (debug_flag) 1337 fprintf(stderr, "stray syscall exit: v0 = %ld\n", scno); 1338 return 0; 1339 } 1340 } 1341#elif defined(ALPHA) 1342 if (upeek(tcp, REG_A3, &alpha_a3) < 0) 1343 return -1; 1344 if (upeek(tcp, REG_R0, &scno) < 0) 1345 return -1; 1346 1347 /* 1348 * Do some sanity checks to figure out if it's 1349 * really a syscall entry 1350 */ 1351 if (!SCNO_IN_RANGE(scno)) { 1352 if (alpha_a3 == 0 || alpha_a3 == -1) { 1353 if (debug_flag) 1354 fprintf(stderr, "stray syscall exit: r0 = %ld\n", scno); 1355 return 0; 1356 } 1357 } 1358#elif defined(SPARC) || defined(SPARC64) 1359 /* Disassemble the syscall trap. */ 1360 /* Retrieve the syscall trap instruction. */ 1361 unsigned long trap; 1362 errno = 0; 1363# if defined(SPARC64) 1364 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)sparc_regs.tpc, 0); 1365 trap >>= 32; 1366# else 1367 trap = ptrace(PTRACE_PEEKTEXT, tcp->pid, (char *)sparc_regs.pc, 0); 1368# endif 1369 if (errno) 1370 return -1; 1371 1372 /* Disassemble the trap to see what personality to use. */ 1373 switch (trap) { 1374 case 0x91d02010: 1375 /* Linux/SPARC syscall trap. */ 1376 update_personality(tcp, 0); 1377 break; 1378 case 0x91d0206d: 1379 /* Linux/SPARC64 syscall trap. */ 1380 update_personality(tcp, 2); 1381 break; 1382 case 0x91d02000: 1383 /* SunOS syscall trap. (pers 1) */ 1384 fprintf(stderr, "syscall: SunOS no support\n"); 1385 return -1; 1386 case 0x91d02008: 1387 /* Solaris 2.x syscall trap. (per 2) */ 1388 update_personality(tcp, 1); 1389 break; 1390 case 0x91d02009: 1391 /* NetBSD/FreeBSD syscall trap. */ 1392 fprintf(stderr, "syscall: NetBSD/FreeBSD not supported\n"); 1393 return -1; 1394 case 0x91d02027: 1395 /* Solaris 2.x gettimeofday */ 1396 update_personality(tcp, 1); 1397 break; 1398 default: 1399# if defined(SPARC64) 1400 fprintf(stderr, "syscall: unknown syscall trap %08lx %016lx\n", trap, sparc_regs.tpc); 1401# else 1402 fprintf(stderr, "syscall: unknown syscall trap %08lx %08lx\n", trap, sparc_regs.pc); 1403# endif 1404 return -1; 1405 } 1406 1407 /* Extract the system call number from the registers. */ 1408 if (trap == 0x91d02027) 1409 scno = 156; 1410 else 1411 scno = sparc_regs.u_regs[U_REG_G1]; 1412 if (scno == 0) { 1413 scno = sparc_regs.u_regs[U_REG_O0]; 1414 memmove(&sparc_regs.u_regs[U_REG_O0], &sparc_regs.u_regs[U_REG_O1], 7*sizeof(sparc_regs.u_regs[0])); 1415 } 1416#elif defined(HPPA) 1417 if (upeek(tcp, PT_GR20, &scno) < 0) 1418 return -1; 1419#elif defined(SH) 1420 /* 1421 * In the new syscall ABI, the system call number is in R3. 1422 */ 1423 if (upeek(tcp, 4*(REG_REG0+3), &scno) < 0) 1424 return -1; 1425 1426 if (scno < 0) { 1427 /* Odd as it may seem, a glibc bug has been known to cause 1428 glibc to issue bogus negative syscall numbers. So for 1429 our purposes, make strace print what it *should* have been */ 1430 long correct_scno = (scno & 0xff); 1431 if (debug_flag) 1432 fprintf(stderr, 1433 "Detected glibc bug: bogus system call" 1434 " number = %ld, correcting to %ld\n", 1435 scno, 1436 correct_scno); 1437 scno = correct_scno; 1438 } 1439#elif defined(SH64) 1440 if (upeek(tcp, REG_SYSCALL, &scno) < 0) 1441 return -1; 1442 scno &= 0xFFFF; 1443#elif defined(CRISV10) || defined(CRISV32) 1444 if (upeek(tcp, 4*PT_R9, &scno) < 0) 1445 return -1; 1446#elif defined(TILE) 1447 int currpers; 1448 scno = tile_regs.regs[10]; 1449# ifdef __tilepro__ 1450 currpers = 1; 1451# else 1452# ifndef PT_FLAGS_COMPAT 1453# define PT_FLAGS_COMPAT 0x10000 /* from Linux 3.8 on */ 1454# endif 1455 if (tile_regs.flags & PT_FLAGS_COMPAT) 1456 currpers = 1; 1457 else 1458 currpers = 0; 1459# endif 1460 update_personality(tcp, currpers); 1461#elif defined(MICROBLAZE) 1462 if (upeek(tcp, 0, &scno) < 0) 1463 return -1; 1464#elif defined(OR1K) 1465 scno = or1k_regs.gpr[11]; 1466#endif 1467 1468 tcp->scno = scno; 1469 if (SCNO_IS_VALID(tcp->scno)) { 1470 tcp->s_ent = &sysent[scno]; 1471 tcp->qual_flg = qual_flags[scno]; 1472 } else { 1473 static const struct_sysent unknown = { 1474 .nargs = MAX_ARGS, 1475 .sys_flags = 0, 1476 .sys_func = printargs, 1477 .sys_name = "unknown", /* not used */ 1478 }; 1479 tcp->s_ent = &unknown; 1480 tcp->qual_flg = UNDEFINED_SCNO | QUAL_RAW | DEFAULT_QUAL_FLAGS; 1481 } 1482 return 1; 1483} 1484 1485/* Called at each syscall entry. 1486 * Returns: 1487 * 0: "ignore this ptrace stop", bail out of trace_syscall_entering() silently. 1488 * 1: ok, continue in trace_syscall_entering(). 1489 * other: error, trace_syscall_entering() should print error indicator 1490 * ("????" etc) and bail out. 1491 */ 1492static int 1493syscall_fixup_on_sysenter(struct tcb *tcp) 1494{ 1495 /* A common case of "not a syscall entry" is post-execve SIGTRAP */ 1496#if defined(I386) 1497 if (i386_regs.eax != -ENOSYS) { 1498 if (debug_flag) 1499 fprintf(stderr, "not a syscall entry (eax = %ld)\n", i386_regs.eax); 1500 return 0; 1501 } 1502#elif defined(X86_64) || defined(X32) 1503 { 1504 long rax; 1505 if (x86_io.iov_len == sizeof(i386_regs)) { 1506 /* Sign extend from 32 bits */ 1507 rax = (int32_t)i386_regs.eax; 1508 } else { 1509 /* Note: in X32 build, this truncates 64 to 32 bits */ 1510 rax = x86_64_regs.rax; 1511 } 1512 if (rax != -ENOSYS) { 1513 if (debug_flag) 1514 fprintf(stderr, "not a syscall entry (rax = %ld)\n", rax); 1515 return 0; 1516 } 1517 } 1518#elif defined(S390) || defined(S390X) 1519 /* TODO: we already fetched PT_GPR2 in get_scno 1520 * and stored it in syscall_mode, reuse it here 1521 * instead of re-fetching? 1522 */ 1523 if (upeek(tcp, PT_GPR2, &gpr2) < 0) 1524 return -1; 1525 if (syscall_mode != -ENOSYS) 1526 syscall_mode = tcp->scno; 1527 if (gpr2 != syscall_mode) { 1528 if (debug_flag) 1529 fprintf(stderr, "not a syscall entry (gpr2 = %ld)\n", gpr2); 1530 return 0; 1531 } 1532#elif defined(M68K) 1533 /* TODO? Eliminate upeek's in arches below like we did in x86 */ 1534 if (upeek(tcp, 4*PT_D0, &m68k_d0) < 0) 1535 return -1; 1536 if (m68k_d0 != -ENOSYS) { 1537 if (debug_flag) 1538 fprintf(stderr, "not a syscall entry (d0 = %ld)\n", m68k_d0); 1539 return 0; 1540 } 1541#elif defined(IA64) 1542 if (upeek(tcp, PT_R10, &ia64_r10) < 0) 1543 return -1; 1544 if (upeek(tcp, PT_R8, &ia64_r8) < 0) 1545 return -1; 1546 if (ia32 && ia64_r8 != -ENOSYS) { 1547 if (debug_flag) 1548 fprintf(stderr, "not a syscall entry (r8 = %ld)\n", ia64_r8); 1549 return 0; 1550 } 1551#elif defined(CRISV10) || defined(CRISV32) 1552 if (upeek(tcp, 4*PT_R10, &cris_r10) < 0) 1553 return -1; 1554 if (cris_r10 != -ENOSYS) { 1555 if (debug_flag) 1556 fprintf(stderr, "not a syscall entry (r10 = %ld)\n", cris_r10); 1557 return 0; 1558 } 1559#elif defined(MICROBLAZE) 1560 if (upeek(tcp, 3 * 4, µblaze_r3) < 0) 1561 return -1; 1562 if (microblaze_r3 != -ENOSYS) { 1563 if (debug_flag) 1564 fprintf(stderr, "not a syscall entry (r3 = %ld)\n", microblaze_r3); 1565 return 0; 1566 } 1567#endif 1568 return 1; 1569} 1570 1571static void 1572internal_fork(struct tcb *tcp) 1573{ 1574#if defined S390 || defined S390X || defined CRISV10 || defined CRISV32 1575# define ARG_FLAGS 1 1576#else 1577# define ARG_FLAGS 0 1578#endif 1579#ifndef CLONE_UNTRACED 1580# define CLONE_UNTRACED 0x00800000 1581#endif 1582 if ((ptrace_setoptions 1583 & (PTRACE_O_TRACECLONE | PTRACE_O_TRACEFORK | PTRACE_O_TRACEVFORK)) 1584 == (PTRACE_O_TRACECLONE | PTRACE_O_TRACEFORK | PTRACE_O_TRACEVFORK)) 1585 return; 1586 1587 if (!followfork) 1588 return; 1589 1590 if (entering(tcp)) { 1591 /* 1592 * We won't see the new child if clone is called with 1593 * CLONE_UNTRACED, so we keep the same logic with that option 1594 * and don't trace it. 1595 */ 1596 if ((tcp->s_ent->sys_func == sys_clone) 1597 && (tcp->u_arg[ARG_FLAGS] & CLONE_UNTRACED) 1598 ) 1599 return; 1600 setbpt(tcp); 1601 } else { 1602 if (tcp->flags & TCB_BPTSET) 1603 clearbpt(tcp); 1604 } 1605} 1606 1607#if defined(TCB_WAITEXECVE) 1608static void 1609internal_exec(struct tcb *tcp) 1610{ 1611 /* Maybe we have post-execve SIGTRAP suppressed? */ 1612 if (ptrace_setoptions & PTRACE_O_TRACEEXEC) 1613 return; /* yes, no need to do anything */ 1614 1615 if (exiting(tcp) && syserror(tcp)) 1616 /* Error in execve, no post-execve SIGTRAP expected */ 1617 tcp->flags &= ~TCB_WAITEXECVE; 1618 else 1619 tcp->flags |= TCB_WAITEXECVE; 1620} 1621#endif 1622 1623static void 1624syscall_fixup_for_fork_exec(struct tcb *tcp) 1625{ 1626 /* 1627 * We must always trace a few critical system calls in order to 1628 * correctly support following forks in the presence of tracing 1629 * qualifiers. 1630 */ 1631 int (*func)(); 1632 1633 func = tcp->s_ent->sys_func; 1634 1635 if ( sys_fork == func 1636 || sys_vfork == func 1637 || sys_clone == func 1638 ) { 1639 internal_fork(tcp); 1640 return; 1641 } 1642 1643#if defined(TCB_WAITEXECVE) 1644 if ( sys_execve == func 1645# if defined(SPARC) || defined(SPARC64) 1646 || sys_execv == func 1647# endif 1648 ) { 1649 internal_exec(tcp); 1650 return; 1651 } 1652#endif 1653} 1654 1655/* Return -1 on error or 1 on success (never 0!) */ 1656static int 1657get_syscall_args(struct tcb *tcp) 1658{ 1659 int i, nargs; 1660 1661 nargs = tcp->s_ent->nargs; 1662 1663#if defined(S390) || defined(S390X) 1664 for (i = 0; i < nargs; ++i) 1665 if (upeek(tcp, i==0 ? PT_ORIGGPR2 : PT_GPR2 + i*sizeof(long), &tcp->u_arg[i]) < 0) 1666 return -1; 1667#elif defined(ALPHA) 1668 for (i = 0; i < nargs; ++i) 1669 if (upeek(tcp, REG_A0+i, &tcp->u_arg[i]) < 0) 1670 return -1; 1671#elif defined(IA64) 1672 if (!ia32) { 1673 unsigned long *out0, cfm, sof, sol; 1674 long rbs_end; 1675 /* be backwards compatible with kernel < 2.4.4... */ 1676# ifndef PT_RBS_END 1677# define PT_RBS_END PT_AR_BSP 1678# endif 1679 1680 if (upeek(tcp, PT_RBS_END, &rbs_end) < 0) 1681 return -1; 1682 if (upeek(tcp, PT_CFM, (long *) &cfm) < 0) 1683 return -1; 1684 1685 sof = (cfm >> 0) & 0x7f; 1686 sol = (cfm >> 7) & 0x7f; 1687 out0 = ia64_rse_skip_regs((unsigned long *) rbs_end, -sof + sol); 1688 1689 for (i = 0; i < nargs; ++i) { 1690 if (umoven(tcp, (unsigned long) ia64_rse_skip_regs(out0, i), 1691 sizeof(long), (char *) &tcp->u_arg[i]) < 0) 1692 return -1; 1693 } 1694 } else { 1695 static const int argreg[MAX_ARGS] = { PT_R11 /* EBX = out0 */, 1696 PT_R9 /* ECX = out1 */, 1697 PT_R10 /* EDX = out2 */, 1698 PT_R14 /* ESI = out3 */, 1699 PT_R15 /* EDI = out4 */, 1700 PT_R13 /* EBP = out5 */}; 1701 1702 for (i = 0; i < nargs; ++i) { 1703 if (upeek(tcp, argreg[i], &tcp->u_arg[i]) < 0) 1704 return -1; 1705 /* truncate away IVE sign-extension */ 1706 tcp->u_arg[i] &= 0xffffffff; 1707 } 1708 } 1709#elif defined(LINUX_MIPSN32) || defined(LINUX_MIPSN64) 1710 /* N32 and N64 both use up to six registers. */ 1711 unsigned long long regs[38]; 1712 1713 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0) 1714 return -1; 1715 1716 for (i = 0; i < nargs; ++i) { 1717 tcp->u_arg[i] = regs[REG_A0 + i]; 1718# if defined(LINUX_MIPSN32) 1719 tcp->ext_arg[i] = regs[REG_A0 + i]; 1720# endif 1721 } 1722#elif defined(MIPS) 1723 if (nargs > 4) { 1724 long sp; 1725 1726 if (upeek(tcp, REG_SP, &sp) < 0) 1727 return -1; 1728 for (i = 0; i < 4; ++i) 1729 if (upeek(tcp, REG_A0 + i, &tcp->u_arg[i]) < 0) 1730 return -1; 1731 umoven(tcp, sp + 16, (nargs - 4) * sizeof(tcp->u_arg[0]), 1732 (char *)(tcp->u_arg + 4)); 1733 } else { 1734 for (i = 0; i < nargs; ++i) 1735 if (upeek(tcp, REG_A0 + i, &tcp->u_arg[i]) < 0) 1736 return -1; 1737 } 1738#elif defined(POWERPC) 1739# ifndef PT_ORIG_R3 1740# define PT_ORIG_R3 34 1741# endif 1742 for (i = 0; i < nargs; ++i) { 1743 if (upeek(tcp, (i==0) ? 1744 (sizeof(unsigned long) * PT_ORIG_R3) : 1745 ((i+PT_R3) * sizeof(unsigned long)), 1746 &tcp->u_arg[i]) < 0) 1747 return -1; 1748 } 1749#elif defined(SPARC) || defined(SPARC64) 1750 for (i = 0; i < nargs; ++i) 1751 tcp->u_arg[i] = sparc_regs.u_regs[U_REG_O0 + i]; 1752#elif defined(HPPA) 1753 for (i = 0; i < nargs; ++i) 1754 if (upeek(tcp, PT_GR26-4*i, &tcp->u_arg[i]) < 0) 1755 return -1; 1756#elif defined(ARM) || defined(AARCH64) 1757# if defined(AARCH64) 1758 if (tcp->currpers == 1) 1759 for (i = 0; i < nargs; ++i) 1760 tcp->u_arg[i] = aarch64_regs.regs[i]; 1761 else 1762# endif 1763 for (i = 0; i < nargs; ++i) 1764 tcp->u_arg[i] = arm_regs.uregs[i]; 1765#elif defined(AVR32) 1766 (void)i; 1767 (void)nargs; 1768 tcp->u_arg[0] = avr32_regs.r12; 1769 tcp->u_arg[1] = avr32_regs.r11; 1770 tcp->u_arg[2] = avr32_regs.r10; 1771 tcp->u_arg[3] = avr32_regs.r9; 1772 tcp->u_arg[4] = avr32_regs.r5; 1773 tcp->u_arg[5] = avr32_regs.r3; 1774#elif defined(BFIN) 1775 static const int argreg[MAX_ARGS] = { PT_R0, PT_R1, PT_R2, PT_R3, PT_R4, PT_R5 }; 1776 1777 for (i = 0; i < nargs; ++i) 1778 if (upeek(tcp, argreg[i], &tcp->u_arg[i]) < 0) 1779 return -1; 1780#elif defined(SH) 1781 static const int syscall_regs[MAX_ARGS] = { 1782 4 * (REG_REG0+4), 4 * (REG_REG0+5), 4 * (REG_REG0+6), 1783 4 * (REG_REG0+7), 4 * (REG_REG0 ), 4 * (REG_REG0+1) 1784 }; 1785 1786 for (i = 0; i < nargs; ++i) 1787 if (upeek(tcp, syscall_regs[i], &tcp->u_arg[i]) < 0) 1788 return -1; 1789#elif defined(SH64) 1790 int i; 1791 /* Registers used by SH5 Linux system calls for parameters */ 1792 static const int syscall_regs[MAX_ARGS] = { 2, 3, 4, 5, 6, 7 }; 1793 1794 for (i = 0; i < nargs; ++i) 1795 if (upeek(tcp, REG_GENERAL(syscall_regs[i]), &tcp->u_arg[i]) < 0) 1796 return -1; 1797#elif defined(I386) 1798 (void)i; 1799 (void)nargs; 1800 tcp->u_arg[0] = i386_regs.ebx; 1801 tcp->u_arg[1] = i386_regs.ecx; 1802 tcp->u_arg[2] = i386_regs.edx; 1803 tcp->u_arg[3] = i386_regs.esi; 1804 tcp->u_arg[4] = i386_regs.edi; 1805 tcp->u_arg[5] = i386_regs.ebp; 1806#elif defined(X86_64) || defined(X32) 1807 (void)i; 1808 (void)nargs; 1809 if (x86_io.iov_len != sizeof(i386_regs)) { 1810 /* x86-64 or x32 ABI */ 1811 tcp->u_arg[0] = x86_64_regs.rdi; 1812 tcp->u_arg[1] = x86_64_regs.rsi; 1813 tcp->u_arg[2] = x86_64_regs.rdx; 1814 tcp->u_arg[3] = x86_64_regs.r10; 1815 tcp->u_arg[4] = x86_64_regs.r8; 1816 tcp->u_arg[5] = x86_64_regs.r9; 1817# ifdef X32 1818 tcp->ext_arg[0] = x86_64_regs.rdi; 1819 tcp->ext_arg[1] = x86_64_regs.rsi; 1820 tcp->ext_arg[2] = x86_64_regs.rdx; 1821 tcp->ext_arg[3] = x86_64_regs.r10; 1822 tcp->ext_arg[4] = x86_64_regs.r8; 1823 tcp->ext_arg[5] = x86_64_regs.r9; 1824# endif 1825 } else { 1826 /* i386 ABI */ 1827 /* Zero-extend from 32 bits */ 1828 /* Use widen_to_long(tcp->u_arg[N]) in syscall handlers 1829 * if you need to use *sign-extended* parameter. 1830 */ 1831 tcp->u_arg[0] = (long)(uint32_t)i386_regs.ebx; 1832 tcp->u_arg[1] = (long)(uint32_t)i386_regs.ecx; 1833 tcp->u_arg[2] = (long)(uint32_t)i386_regs.edx; 1834 tcp->u_arg[3] = (long)(uint32_t)i386_regs.esi; 1835 tcp->u_arg[4] = (long)(uint32_t)i386_regs.edi; 1836 tcp->u_arg[5] = (long)(uint32_t)i386_regs.ebp; 1837 } 1838#elif defined(MICROBLAZE) 1839 for (i = 0; i < nargs; ++i) 1840 if (upeek(tcp, (5 + i) * 4, &tcp->u_arg[i]) < 0) 1841 return -1; 1842#elif defined(CRISV10) || defined(CRISV32) 1843 static const int crisregs[MAX_ARGS] = { 1844 4*PT_ORIG_R10, 4*PT_R11, 4*PT_R12, 1845 4*PT_R13 , 4*PT_MOF, 4*PT_SRP 1846 }; 1847 1848 for (i = 0; i < nargs; ++i) 1849 if (upeek(tcp, crisregs[i], &tcp->u_arg[i]) < 0) 1850 return -1; 1851#elif defined(TILE) 1852 for (i = 0; i < nargs; ++i) 1853 tcp->u_arg[i] = tile_regs.regs[i]; 1854#elif defined(M68K) 1855 for (i = 0; i < nargs; ++i) 1856 if (upeek(tcp, (i < 5 ? i : i + 2)*4, &tcp->u_arg[i]) < 0) 1857 return -1; 1858#elif defined(OR1K) 1859 (void)nargs; 1860 for (i = 0; i < 6; ++i) 1861 tcp->u_arg[i] = or1k_regs.gpr[3 + i]; 1862#else /* Other architecture (32bits specific) */ 1863 for (i = 0; i < nargs; ++i) 1864 if (upeek(tcp, i*4, &tcp->u_arg[i]) < 0) 1865 return -1; 1866#endif 1867 return 1; 1868} 1869 1870static int 1871trace_syscall_entering(struct tcb *tcp) 1872{ 1873 int res, scno_good; 1874 1875#if defined TCB_WAITEXECVE 1876 if (tcp->flags & TCB_WAITEXECVE) { 1877 /* This is the post-execve SIGTRAP. */ 1878 tcp->flags &= ~TCB_WAITEXECVE; 1879 return 0; 1880 } 1881#endif 1882 1883 scno_good = res = (get_regs_error ? -1 : get_scno(tcp)); 1884 if (res == 0) 1885 return res; 1886 if (res == 1) { 1887 res = syscall_fixup_on_sysenter(tcp); 1888 if (res == 0) 1889 return res; 1890 if (res == 1) 1891 res = get_syscall_args(tcp); 1892 } 1893 1894 if (res != 1) { 1895 printleader(tcp); 1896 if (scno_good != 1) 1897 tprints("????" /* anti-trigraph gap */ "("); 1898 else if (tcp->qual_flg & UNDEFINED_SCNO) 1899 tprintf("%s(", undefined_scno_name(tcp)); 1900 else 1901 tprintf("%s(", tcp->s_ent->sys_name); 1902 /* 1903 * " <unavailable>" will be added later by the code which 1904 * detects ptrace errors. 1905 */ 1906 goto ret; 1907 } 1908 1909#if defined(SYS_socket_subcall) || defined(SYS_ipc_subcall) 1910 while (1) { 1911# ifdef SYS_socket_subcall 1912 if (tcp->s_ent->sys_func == sys_socketcall) { 1913 decode_socket_subcall(tcp); 1914 break; 1915 } 1916# endif 1917# ifdef SYS_ipc_subcall 1918 if (tcp->s_ent->sys_func == sys_ipc) { 1919 decode_ipc_subcall(tcp); 1920 break; 1921 } 1922# endif 1923 break; 1924 } 1925#endif 1926 1927 if (need_fork_exec_workarounds) 1928 syscall_fixup_for_fork_exec(tcp); 1929 1930 if (!(tcp->qual_flg & QUAL_TRACE) 1931 || (tracing_paths && !pathtrace_match(tcp)) 1932 ) { 1933 tcp->flags |= TCB_INSYSCALL | TCB_FILTERED; 1934 return 0; 1935 } 1936 1937 tcp->flags &= ~TCB_FILTERED; 1938 1939 if (cflag == CFLAG_ONLY_STATS) { 1940 res = 0; 1941 goto ret; 1942 } 1943 1944 printleader(tcp); 1945 if (tcp->qual_flg & UNDEFINED_SCNO) 1946 tprintf("%s(", undefined_scno_name(tcp)); 1947 else 1948 tprintf("%s(", tcp->s_ent->sys_name); 1949 if ((tcp->qual_flg & QUAL_RAW) && tcp->s_ent->sys_func != sys_exit) 1950 res = printargs(tcp); 1951 else 1952 res = tcp->s_ent->sys_func(tcp); 1953 1954 fflush(tcp->outf); 1955 ret: 1956 tcp->flags |= TCB_INSYSCALL; 1957 /* Measure the entrance time as late as possible to avoid errors. */ 1958 if (Tflag || cflag) 1959 gettimeofday(&tcp->etime, NULL); 1960 return res; 1961} 1962 1963/* Returns: 1964 * 1: ok, continue in trace_syscall_exiting(). 1965 * -1: error, trace_syscall_exiting() should print error indicator 1966 * ("????" etc) and bail out. 1967 */ 1968static int 1969get_syscall_result(struct tcb *tcp) 1970{ 1971#if defined(S390) || defined(S390X) 1972 if (upeek(tcp, PT_GPR2, &gpr2) < 0) 1973 return -1; 1974#elif defined(POWERPC) 1975# define SO_MASK 0x10000000 1976 { 1977 long flags; 1978 if (upeek(tcp, sizeof(unsigned long)*PT_CCR, &flags) < 0) 1979 return -1; 1980 if (upeek(tcp, sizeof(unsigned long)*PT_R3, &ppc_result) < 0) 1981 return -1; 1982 if (flags & SO_MASK) 1983 ppc_result = -ppc_result; 1984 } 1985#elif defined(AVR32) 1986 /* already done by get_regs */ 1987#elif defined(BFIN) 1988 if (upeek(tcp, PT_R0, &bfin_r0) < 0) 1989 return -1; 1990#elif defined(I386) 1991 /* already done by get_regs */ 1992#elif defined(X86_64) || defined(X32) 1993 /* already done by get_regs */ 1994#elif defined(IA64) 1995# define IA64_PSR_IS ((long)1 << 34) 1996 long psr; 1997 if (upeek(tcp, PT_CR_IPSR, &psr) >= 0) 1998 ia32 = (psr & IA64_PSR_IS) != 0; 1999 if (upeek(tcp, PT_R8, &ia64_r8) < 0) 2000 return -1; 2001 if (upeek(tcp, PT_R10, &ia64_r10) < 0) 2002 return -1; 2003#elif defined(ARM) 2004 /* already done by get_regs */ 2005#elif defined(AARCH64) 2006 /* register reading already done by get_regs */ 2007 2008 /* Used to do this, but we did it on syscall entry already: */ 2009 /* We are in 64-bit mode (personality 1) if register struct is aarch64_regs, 2010 * else it's personality 0. 2011 */ 2012 /*update_personality(tcp, aarch64_io.iov_len == sizeof(aarch64_regs));*/ 2013#elif defined(M68K) 2014 if (upeek(tcp, 4*PT_D0, &m68k_d0) < 0) 2015 return -1; 2016#elif defined(LINUX_MIPSN32) 2017 unsigned long long regs[38]; 2018 2019 if (ptrace(PTRACE_GETREGS, tcp->pid, NULL, (long) ®s) < 0) 2020 return -1; 2021 mips_a3 = regs[REG_A3]; 2022 mips_r2 = regs[REG_V0]; 2023#elif defined(MIPS) 2024 if (upeek(tcp, REG_A3, &mips_a3) < 0) 2025 return -1; 2026 if (upeek(tcp, REG_V0, &mips_r2) < 0) 2027 return -1; 2028#elif defined(ALPHA) 2029 if (upeek(tcp, REG_A3, &alpha_a3) < 0) 2030 return -1; 2031 if (upeek(tcp, REG_R0, &alpha_r0) < 0) 2032 return -1; 2033#elif defined(SPARC) || defined(SPARC64) 2034 /* already done by get_regs */ 2035#elif defined(HPPA) 2036 if (upeek(tcp, PT_GR28, &hppa_r28) < 0) 2037 return -1; 2038#elif defined(SH) 2039 /* new syscall ABI returns result in R0 */ 2040 if (upeek(tcp, 4*REG_REG0, (long *)&sh_r0) < 0) 2041 return -1; 2042#elif defined(SH64) 2043 /* ABI defines result returned in r9 */ 2044 if (upeek(tcp, REG_GENERAL(9), (long *)&sh64_r9) < 0) 2045 return -1; 2046#elif defined(CRISV10) || defined(CRISV32) 2047 if (upeek(tcp, 4*PT_R10, &cris_r10) < 0) 2048 return -1; 2049#elif defined(TILE) 2050 /* already done by get_regs */ 2051#elif defined(MICROBLAZE) 2052 if (upeek(tcp, 3 * 4, µblaze_r3) < 0) 2053 return -1; 2054#elif defined(OR1K) 2055 /* already done by get_regs */ 2056#endif 2057 return 1; 2058} 2059 2060/* Called at each syscall exit */ 2061static void 2062syscall_fixup_on_sysexit(struct tcb *tcp) 2063{ 2064#if defined(S390) || defined(S390X) 2065 if (syscall_mode != -ENOSYS) 2066 syscall_mode = tcp->scno; 2067 if ((tcp->flags & TCB_WAITEXECVE) 2068 && (gpr2 == -ENOSYS || gpr2 == tcp->scno)) { 2069 /* 2070 * Return from execve. 2071 * Fake a return value of zero. We leave the TCB_WAITEXECVE 2072 * flag set for the post-execve SIGTRAP to see and reset. 2073 */ 2074 gpr2 = 0; 2075 } 2076#endif 2077} 2078 2079/* 2080 * Check the syscall return value register value for whether it is 2081 * a negated errno code indicating an error, or a success return value. 2082 */ 2083static inline int 2084is_negated_errno(unsigned long int val) 2085{ 2086 unsigned long int max = -(long int) nerrnos; 2087#if SUPPORTED_PERSONALITIES > 1 && SIZEOF_LONG > 4 2088 if (current_wordsize < sizeof(val)) { 2089 val = (unsigned int) val; 2090 max = (unsigned int) max; 2091 } 2092#endif 2093 return val > max; 2094} 2095 2096#if defined(X32) 2097static inline int 2098is_negated_errno_x32(unsigned long long val) 2099{ 2100 unsigned long long max = -(long long) nerrnos; 2101 /* 2102 * current_wordsize is 4 even in personality 0 (native X32) 2103 * but truncation _must not_ be done in it. 2104 * can't check current_wordsize here! 2105 */ 2106 if (current_personality != 0) { 2107 val = (uint32_t) val; 2108 max = (uint32_t) max; 2109 } 2110 return val > max; 2111} 2112#endif 2113 2114/* Returns: 2115 * 1: ok, continue in trace_syscall_exiting(). 2116 * -1: error, trace_syscall_exiting() should print error indicator 2117 * ("????" etc) and bail out. 2118 */ 2119static void 2120get_error(struct tcb *tcp) 2121{ 2122 int u_error = 0; 2123 int check_errno = 1; 2124 if (tcp->s_ent->sys_flags & SYSCALL_NEVER_FAILS) { 2125 check_errno = 0; 2126 } 2127#if defined(S390) || defined(S390X) 2128 if (check_errno && is_negated_errno(gpr2)) { 2129 tcp->u_rval = -1; 2130 u_error = -gpr2; 2131 } 2132 else { 2133 tcp->u_rval = gpr2; 2134 } 2135#elif defined(I386) 2136 if (check_errno && is_negated_errno(i386_regs.eax)) { 2137 tcp->u_rval = -1; 2138 u_error = -i386_regs.eax; 2139 } 2140 else { 2141 tcp->u_rval = i386_regs.eax; 2142 } 2143#elif defined(X86_64) 2144 long rax; 2145 if (x86_io.iov_len == sizeof(i386_regs)) { 2146 /* Sign extend from 32 bits */ 2147 rax = (int32_t)i386_regs.eax; 2148 } else { 2149 rax = x86_64_regs.rax; 2150 } 2151 if (check_errno && is_negated_errno(rax)) { 2152 tcp->u_rval = -1; 2153 u_error = -rax; 2154 } 2155 else { 2156 tcp->u_rval = rax; 2157 } 2158#elif defined(X32) 2159 /* In X32, return value is 64-bit (llseek uses one). 2160 * Using merely "long rax" would not work. 2161 */ 2162 long long rax; 2163 if (x86_io.iov_len == sizeof(i386_regs)) { 2164 /* Sign extend from 32 bits */ 2165 rax = (int32_t)i386_regs.eax; 2166 } else { 2167 rax = x86_64_regs.rax; 2168 } 2169 /* Careful: is_negated_errno() works only on longs */ 2170 if (check_errno && is_negated_errno_x32(rax)) { 2171 tcp->u_rval = -1; 2172 u_error = -rax; 2173 } 2174 else { 2175 tcp->u_rval = rax; /* truncating */ 2176 tcp->u_lrval = rax; 2177 } 2178#elif defined(IA64) 2179 if (ia32) { 2180 int err; 2181 2182 err = (int)ia64_r8; 2183 if (check_errno && is_negated_errno(err)) { 2184 tcp->u_rval = -1; 2185 u_error = -err; 2186 } 2187 else { 2188 tcp->u_rval = err; 2189 } 2190 } else { 2191 if (check_errno && ia64_r10) { 2192 tcp->u_rval = -1; 2193 u_error = ia64_r8; 2194 } else { 2195 tcp->u_rval = ia64_r8; 2196 } 2197 } 2198#elif defined(MIPS) 2199 if (check_errno && mips_a3) { 2200 tcp->u_rval = -1; 2201 u_error = mips_r2; 2202 } else { 2203 tcp->u_rval = mips_r2; 2204# if defined(LINUX_MIPSN32) 2205 tcp->u_lrval = mips_r2; 2206# endif 2207 } 2208#elif defined(POWERPC) 2209 if (check_errno && is_negated_errno(ppc_result)) { 2210 tcp->u_rval = -1; 2211 u_error = -ppc_result; 2212 } 2213 else { 2214 tcp->u_rval = ppc_result; 2215 } 2216#elif defined(M68K) 2217 if (check_errno && is_negated_errno(m68k_d0)) { 2218 tcp->u_rval = -1; 2219 u_error = -m68k_d0; 2220 } 2221 else { 2222 tcp->u_rval = m68k_d0; 2223 } 2224#elif defined(ARM) || defined(AARCH64) 2225# if defined(AARCH64) 2226 if (tcp->currpers == 1) { 2227 if (check_errno && is_negated_errno(aarch64_regs.regs[0])) { 2228 tcp->u_rval = -1; 2229 u_error = -aarch64_regs.regs[0]; 2230 } 2231 else { 2232 tcp->u_rval = aarch64_regs.regs[0]; 2233 } 2234 } 2235 else 2236# endif 2237 { 2238 if (check_errno && is_negated_errno(arm_regs.ARM_r0)) { 2239 tcp->u_rval = -1; 2240 u_error = -arm_regs.ARM_r0; 2241 } 2242 else { 2243 tcp->u_rval = arm_regs.ARM_r0; 2244 } 2245 } 2246#elif defined(AVR32) 2247 if (check_errno && avr32_regs.r12 && (unsigned) -avr32_regs.r12 < nerrnos) { 2248 tcp->u_rval = -1; 2249 u_error = -avr32_regs.r12; 2250 } 2251 else { 2252 tcp->u_rval = avr32_regs.r12; 2253 } 2254#elif defined(BFIN) 2255 if (check_errno && is_negated_errno(bfin_r0)) { 2256 tcp->u_rval = -1; 2257 u_error = -bfin_r0; 2258 } else { 2259 tcp->u_rval = bfin_r0; 2260 } 2261#elif defined(ALPHA) 2262 if (check_errno && alpha_a3) { 2263 tcp->u_rval = -1; 2264 u_error = alpha_r0; 2265 } 2266 else { 2267 tcp->u_rval = alpha_r0; 2268 } 2269#elif defined(SPARC) 2270 if (check_errno && sparc_regs.psr & PSR_C) { 2271 tcp->u_rval = -1; 2272 u_error = sparc_regs.u_regs[U_REG_O0]; 2273 } 2274 else { 2275 tcp->u_rval = sparc_regs.u_regs[U_REG_O0]; 2276 } 2277#elif defined(SPARC64) 2278 if (check_errno && sparc_regs.tstate & 0x1100000000UL) { 2279 tcp->u_rval = -1; 2280 u_error = sparc_regs.u_regs[U_REG_O0]; 2281 } 2282 else { 2283 tcp->u_rval = sparc_regs.u_regs[U_REG_O0]; 2284 } 2285#elif defined(HPPA) 2286 if (check_errno && is_negated_errno(hppa_r28)) { 2287 tcp->u_rval = -1; 2288 u_error = -hppa_r28; 2289 } 2290 else { 2291 tcp->u_rval = hppa_r28; 2292 } 2293#elif defined(SH) 2294 if (check_errno && is_negated_errno(sh_r0)) { 2295 tcp->u_rval = -1; 2296 u_error = -sh_r0; 2297 } 2298 else { 2299 tcp->u_rval = sh_r0; 2300 } 2301#elif defined(SH64) 2302 if (check_errno && is_negated_errno(sh64_r9)) { 2303 tcp->u_rval = -1; 2304 u_error = -sh64_r9; 2305 } 2306 else { 2307 tcp->u_rval = sh64_r9; 2308 } 2309#elif defined(CRISV10) || defined(CRISV32) 2310 if (check_errno && cris_r10 && (unsigned) -cris_r10 < nerrnos) { 2311 tcp->u_rval = -1; 2312 u_error = -cris_r10; 2313 } 2314 else { 2315 tcp->u_rval = cris_r10; 2316 } 2317#elif defined(TILE) 2318 /* 2319 * The standard tile calling convention returns the value (or negative 2320 * errno) in r0, and zero (or positive errno) in r1. 2321 * Until at least kernel 3.8, however, the r1 value is not reflected 2322 * in ptregs at this point, so we use r0 here. 2323 */ 2324 if (check_errno && is_negated_errno(tile_regs.regs[0])) { 2325 tcp->u_rval = -1; 2326 u_error = -tile_regs.regs[0]; 2327 } else { 2328 tcp->u_rval = tile_regs.regs[0]; 2329 } 2330#elif defined(MICROBLAZE) 2331 if (check_errno && is_negated_errno(microblaze_r3)) { 2332 tcp->u_rval = -1; 2333 u_error = -microblaze_r3; 2334 } 2335 else { 2336 tcp->u_rval = microblaze_r3; 2337 } 2338#elif defined(OR1K) 2339 if (check_errno && is_negated_errno(or1k_regs.gpr[11])) { 2340 tcp->u_rval = -1; 2341 u_error = -or1k_regs.gpr[11]; 2342 } 2343 else { 2344 tcp->u_rval = or1k_regs.gpr[11]; 2345 } 2346#endif 2347 tcp->u_error = u_error; 2348} 2349 2350static void 2351dumpio(struct tcb *tcp) 2352{ 2353 int (*func)(); 2354 2355 if (syserror(tcp)) 2356 return; 2357 if ((unsigned long) tcp->u_arg[0] >= num_quals) 2358 return; 2359 func = tcp->s_ent->sys_func; 2360 if (func == printargs) 2361 return; 2362 if (qual_flags[tcp->u_arg[0]] & QUAL_READ) { 2363 if (func == sys_read || 2364 func == sys_pread || 2365 func == sys_recv || 2366 func == sys_recvfrom) 2367 dumpstr(tcp, tcp->u_arg[1], tcp->u_rval); 2368 else if (func == sys_readv) 2369 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]); 2370 return; 2371 } 2372 if (qual_flags[tcp->u_arg[0]] & QUAL_WRITE) { 2373 if (func == sys_write || 2374 func == sys_pwrite || 2375 func == sys_send || 2376 func == sys_sendto) 2377 dumpstr(tcp, tcp->u_arg[1], tcp->u_arg[2]); 2378 else if (func == sys_writev) 2379 dumpiov(tcp, tcp->u_arg[2], tcp->u_arg[1]); 2380 return; 2381 } 2382} 2383 2384static int 2385trace_syscall_exiting(struct tcb *tcp) 2386{ 2387 int sys_res; 2388 struct timeval tv; 2389 int res; 2390 long u_error; 2391 2392 /* Measure the exit time as early as possible to avoid errors. */ 2393 if (Tflag || cflag) 2394 gettimeofday(&tv, NULL); 2395 2396#if SUPPORTED_PERSONALITIES > 1 2397 update_personality(tcp, tcp->currpers); 2398#endif 2399 res = (get_regs_error ? -1 : get_syscall_result(tcp)); 2400 if (res == 1) { 2401 syscall_fixup_on_sysexit(tcp); /* never fails */ 2402 get_error(tcp); /* never fails */ 2403 if (need_fork_exec_workarounds) 2404 syscall_fixup_for_fork_exec(tcp); 2405 if (filtered(tcp)) 2406 goto ret; 2407 } 2408 2409 if (cflag) { 2410 struct timeval t = tv; 2411 count_syscall(tcp, &t); 2412 if (cflag == CFLAG_ONLY_STATS) { 2413 goto ret; 2414 } 2415 } 2416 2417 /* If not in -ff mode, and printing_tcp != tcp, 2418 * then the log currently does not end with output 2419 * of _our syscall entry_, but with something else. 2420 * We need to say which syscall's return is this. 2421 * 2422 * Forced reprinting via TCB_REPRINT is used only by 2423 * "strace -ff -oLOG test/threaded_execve" corner case. 2424 * It's the only case when -ff mode needs reprinting. 2425 */ 2426 if ((followfork < 2 && printing_tcp != tcp) || (tcp->flags & TCB_REPRINT)) { 2427 tcp->flags &= ~TCB_REPRINT; 2428 printleader(tcp); 2429 if (tcp->qual_flg & UNDEFINED_SCNO) 2430 tprintf("<... %s resumed> ", undefined_scno_name(tcp)); 2431 else 2432 tprintf("<... %s resumed> ", tcp->s_ent->sys_name); 2433 } 2434 printing_tcp = tcp; 2435 2436 if (res != 1) { 2437 /* There was error in one of prior ptrace ops */ 2438 tprints(") "); 2439 tabto(); 2440 tprints("= ? <unavailable>\n"); 2441 line_ended(); 2442 tcp->flags &= ~TCB_INSYSCALL; 2443 return res; 2444 } 2445 2446 sys_res = 0; 2447 if (tcp->qual_flg & QUAL_RAW) { 2448 /* sys_res = printargs(tcp); - but it's nop on sysexit */ 2449 } else { 2450 /* FIXME: not_failing_only (IOW, option -z) is broken: 2451 * failure of syscall is known only after syscall return. 2452 * Thus we end up with something like this on, say, ENOENT: 2453 * open("doesnt_exist", O_RDONLY <unfinished ...> 2454 * {next syscall decode} 2455 * whereas the intended result is that open(...) line 2456 * is not shown at all. 2457 */ 2458 if (not_failing_only && tcp->u_error) 2459 goto ret; /* ignore failed syscalls */ 2460 sys_res = tcp->s_ent->sys_func(tcp); 2461 } 2462 2463 tprints(") "); 2464 tabto(); 2465 u_error = tcp->u_error; 2466 if (tcp->qual_flg & QUAL_RAW) { 2467 if (u_error) 2468 tprintf("= -1 (errno %ld)", u_error); 2469 else 2470 tprintf("= %#lx", tcp->u_rval); 2471 } 2472 else if (!(sys_res & RVAL_NONE) && u_error) { 2473 switch (u_error) { 2474 /* Blocked signals do not interrupt any syscalls. 2475 * In this case syscalls don't return ERESTARTfoo codes. 2476 * 2477 * Deadly signals set to SIG_DFL interrupt syscalls 2478 * and kill the process regardless of which of the codes below 2479 * is returned by the interrupted syscall. 2480 * In some cases, kernel forces a kernel-generated deadly 2481 * signal to be unblocked and set to SIG_DFL (and thus cause 2482 * death) if it is blocked or SIG_IGNed: for example, SIGSEGV 2483 * or SIGILL. (The alternative is to leave process spinning 2484 * forever on the faulty instruction - not useful). 2485 * 2486 * SIG_IGNed signals and non-deadly signals set to SIG_DFL 2487 * (for example, SIGCHLD, SIGWINCH) interrupt syscalls, 2488 * but kernel will always restart them. 2489 */ 2490 case ERESTARTSYS: 2491 /* Most common type of signal-interrupted syscall exit code. 2492 * The system call will be restarted with the same arguments 2493 * if SA_RESTART is set; otherwise, it will fail with EINTR. 2494 */ 2495 tprints("= ? ERESTARTSYS (To be restarted if SA_RESTART is set)"); 2496 break; 2497 case ERESTARTNOINTR: 2498 /* Rare. For example, fork() returns this if interrupted. 2499 * SA_RESTART is ignored (assumed set): the restart is unconditional. 2500 */ 2501 tprints("= ? ERESTARTNOINTR (To be restarted)"); 2502 break; 2503 case ERESTARTNOHAND: 2504 /* pause(), rt_sigsuspend() etc use this code. 2505 * SA_RESTART is ignored (assumed not set): 2506 * syscall won't restart (will return EINTR instead) 2507 * even after signal with SA_RESTART set. However, 2508 * after SIG_IGN or SIG_DFL signal it will restart 2509 * (thus the name "restart only if has no handler"). 2510 */ 2511 tprints("= ? ERESTARTNOHAND (Interrupted by signal)"); 2512 break; 2513 case ERESTART_RESTARTBLOCK: 2514 /* Syscalls like nanosleep(), poll() which can't be 2515 * restarted with their original arguments use this 2516 * code. Kernel will execute restart_syscall() instead, 2517 * which changes arguments before restarting syscall. 2518 * SA_RESTART is ignored (assumed not set) similarly 2519 * to ERESTARTNOHAND. (Kernel can't honor SA_RESTART 2520 * since restart data is saved in "restart block" 2521 * in task struct, and if signal handler uses a syscall 2522 * which in turn saves another such restart block, 2523 * old data is lost and restart becomes impossible) 2524 */ 2525 tprints("= ? ERESTART_RESTARTBLOCK (Interrupted by signal)"); 2526 break; 2527 default: 2528 if (u_error < 0) 2529 tprintf("= -1 E??? (errno %ld)", u_error); 2530 else if (u_error < nerrnos) 2531 tprintf("= -1 %s (%s)", errnoent[u_error], 2532 strerror(u_error)); 2533 else 2534 tprintf("= -1 ERRNO_%ld (%s)", u_error, 2535 strerror(u_error)); 2536 break; 2537 } 2538 if ((sys_res & RVAL_STR) && tcp->auxstr) 2539 tprintf(" (%s)", tcp->auxstr); 2540 } 2541 else { 2542 if (sys_res & RVAL_NONE) 2543 tprints("= ?"); 2544 else { 2545 switch (sys_res & RVAL_MASK) { 2546 case RVAL_HEX: 2547 tprintf("= %#lx", tcp->u_rval); 2548 break; 2549 case RVAL_OCTAL: 2550 tprintf("= %#lo", tcp->u_rval); 2551 break; 2552 case RVAL_UDECIMAL: 2553 tprintf("= %lu", tcp->u_rval); 2554 break; 2555 case RVAL_DECIMAL: 2556 tprintf("= %ld", tcp->u_rval); 2557 break; 2558#if defined(LINUX_MIPSN32) || defined(X32) 2559 /* 2560 case RVAL_LHEX: 2561 tprintf("= %#llx", tcp->u_lrval); 2562 break; 2563 case RVAL_LOCTAL: 2564 tprintf("= %#llo", tcp->u_lrval); 2565 break; 2566 */ 2567 case RVAL_LUDECIMAL: 2568 tprintf("= %llu", tcp->u_lrval); 2569 break; 2570 /* 2571 case RVAL_LDECIMAL: 2572 tprintf("= %lld", tcp->u_lrval); 2573 break; 2574 */ 2575#endif 2576 default: 2577 fprintf(stderr, 2578 "invalid rval format\n"); 2579 break; 2580 } 2581 } 2582 if ((sys_res & RVAL_STR) && tcp->auxstr) 2583 tprintf(" (%s)", tcp->auxstr); 2584 } 2585 if (Tflag) { 2586 tv_sub(&tv, &tv, &tcp->etime); 2587 tprintf(" <%ld.%06ld>", 2588 (long) tv.tv_sec, (long) tv.tv_usec); 2589 } 2590 tprints("\n"); 2591 dumpio(tcp); 2592 line_ended(); 2593 2594 ret: 2595 tcp->flags &= ~TCB_INSYSCALL; 2596 return 0; 2597} 2598 2599int 2600trace_syscall(struct tcb *tcp) 2601{ 2602 return exiting(tcp) ? 2603 trace_syscall_exiting(tcp) : trace_syscall_entering(tcp); 2604} 2605