2 * Copyright (c) 2011, 2012 Konstantin Belousov <kib@FreeBSD.org>
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 #include <sys/cdefs.h>
27 __FBSDID("$FreeBSD$");
29 #include <sys/types.h>
30 #include <sys/ptrace.h>
31 #include <sys/sysctl.h>
44 decode_wait_status(int status)
52 if (WIFCONTINUED(status)) {
54 strlcat(c, "CONT", sizeof(c));
56 if (WIFEXITED(status)) {
60 strlcat(c, ",", sizeof(c));
61 snprintf(b, sizeof(b), "EXIT(%d)", WEXITSTATUS(status));
62 strlcat(c, b, sizeof(c));
64 if (WIFSIGNALED(status)) {
68 strlcat(c, ",", sizeof(c));
69 snprintf(b, sizeof(b), "SIG(%s)", strsignal(WTERMSIG(status)));
70 strlcat(c, b, sizeof(c));
71 if (WCOREDUMP(status))
72 strlcat(c, ",CORE", sizeof(c));
74 if (WIFSTOPPED(status)) {
78 strlcat(c, ",", sizeof(c));
79 snprintf(b, sizeof(b), "SIG(%s)", strsignal(WSTOPSIG(status)));
80 strlcat(c, b, sizeof(c));
86 decode_pl_flags(struct ptrace_lwpinfo *lwpinfo)
89 static struct decode_tag {
94 { PL_FLAG_BOUND, "BOUND" },
95 { PL_FLAG_SCE, "SCE" },
96 { PL_FLAG_SCX, "SCX" },
97 { PL_FLAG_EXEC, "EXEC" },
99 { PL_FLAG_FORKED, "FORKED" },
102 unsigned first, flags, i;
106 flags = lwpinfo->pl_flags;
107 for (i = 0; i < sizeof(decode) / sizeof(decode[0]); i++) {
108 if ((flags & decode[i].flag) != 0) {
112 strlcat(c, ",", sizeof(c));
113 strlcat(c, decode[i].desc, sizeof(c));
114 flags &= ~decode[i].flag;
117 for (i = 0; i < sizeof(flags) * NBBY; i++) {
118 if ((flags & (1 << i)) != 0) {
122 strlcat(c, ",", sizeof(c));
123 snprintf(de, sizeof(de), "<%d>", i);
124 strlcat(c, de, sizeof(c));
131 decode_pl_event(struct ptrace_lwpinfo *lwpinfo)
134 switch (lwpinfo->pl_event) {
138 case PL_EVENT_SIGNAL:
147 get_pathname(pid_t pid)
149 char pathname[PATH_MAX];
155 name[2] = KERN_PROC_PATHNAME;
158 len = sizeof(pathname);
159 error = sysctl(name, 4, pathname, &len, NULL, 0);
161 if (errno != ESRCH) {
162 fprintf(stderr, "sysctl kern.proc.pathname.%d: %s\n",
163 pid, strerror(errno));
166 fprintf(stderr, "pid %d exited\n", pid);
169 if (len == 0 || strlen(pathname) == 0) {
170 fprintf(stderr, "No cached pathname for process %d\n", pid);
173 printf(TRACE "pid %d path %s\n", pid, pathname);
177 wait_info(int pid, int status, struct ptrace_lwpinfo *lwpinfo)
180 printf(TRACE "pid %d wait %s", pid,
181 decode_wait_status(status));
182 if (lwpinfo != NULL) {
183 printf(" event %s flags %s",
184 decode_pl_event(lwpinfo), decode_pl_flags(lwpinfo));
192 struct ptrace_lwpinfo lwpinfo;
195 if (ptrace(PT_TO_SCE, pid, (caddr_t)1, 0) < 0) {
197 ptrace(PT_KILL, pid, NULL, 0);
201 if (waitpid(pid, &status, 0) == -1) {
205 if (WIFEXITED(status) || WIFSIGNALED(status)) {
206 wait_info(pid, status, NULL);
209 assert(WIFSTOPPED(status));
210 assert(WSTOPSIG(status) == SIGTRAP);
212 if (ptrace(PT_LWPINFO, pid, (caddr_t)&lwpinfo, sizeof(lwpinfo)) < 0) {
213 perror("PT_LWPINFO");
214 ptrace(PT_KILL, pid, NULL, 0);
217 wait_info(pid, status, &lwpinfo);
218 assert(lwpinfo.pl_flags & PL_FLAG_SCE);
220 if (ptrace(PT_TO_SCX, pid, (caddr_t)1, 0) < 0) {
222 ptrace(PT_KILL, pid, NULL, 0);
226 if (waitpid(pid, &status, 0) == -1) {
230 if (WIFEXITED(status) || WIFSIGNALED(status)) {
231 wait_info(pid, status, NULL);
234 assert(WIFSTOPPED(status));
235 assert(WSTOPSIG(status) == SIGTRAP);
237 if (ptrace(PT_LWPINFO, pid, (caddr_t)&lwpinfo, sizeof(lwpinfo)) < 0) {
238 perror("PT_LWPINFO");
239 ptrace(PT_KILL, pid, NULL, 0);
242 wait_info(pid, status, &lwpinfo);
243 assert(lwpinfo.pl_flags & PL_FLAG_SCX);
245 if (lwpinfo.pl_flags & PL_FLAG_EXEC)
248 if (lwpinfo.pl_flags & PL_FLAG_FORKED) {
249 printf(TRACE "forked child %d\n", lwpinfo.pl_child_pid);
250 return (lwpinfo.pl_child_pid);
258 struct ptrace_lwpinfo lwpinfo;
261 if (ptrace(PT_CONTINUE, pid, (caddr_t)1, 0) < 0) {
262 perror("PT_CONTINUE");
263 ptrace(PT_KILL, pid, NULL, 0);
267 if (waitpid(pid, &status, 0) == -1) {
271 if (WIFEXITED(status) || WIFSIGNALED(status)) {
272 wait_info(pid, status, NULL);
275 assert(WIFSTOPPED(status));
276 assert(WSTOPSIG(status) == SIGTRAP);
278 if (ptrace(PT_LWPINFO, pid, (caddr_t)&lwpinfo, sizeof(lwpinfo)) < 0) {
279 perror("PT_LWPINFO");
280 ptrace(PT_KILL, pid, NULL, 0);
283 wait_info(pid, status, &lwpinfo);
285 if ((lwpinfo.pl_flags & (PL_FLAG_EXEC | PL_FLAG_SCX)) ==
286 (PL_FLAG_EXEC | PL_FLAG_SCX))
289 if ((lwpinfo.pl_flags & (PL_FLAG_FORKED | PL_FLAG_SCX)) ==
290 (PL_FLAG_FORKED | PL_FLAG_SCX)) {
291 printf(TRACE "forked child %d\n", lwpinfo.pl_child_pid);
292 return (lwpinfo.pl_child_pid);
298 static int trace_syscalls = 1;
304 return (trace_syscalls ? trace_sc(pid) : trace_cont(pid));
309 main(int argc, char *argv[])
311 struct ptrace_lwpinfo lwpinfo;
312 int c, status, use_vfork;
317 while ((c = getopt(argc, argv, "csv")) != -1) {
330 fprintf(stderr, "Usage: %s [-c] [-s] [-v]\n", argv[0]);
335 if ((pid = fork()) < 0) {
340 if (ptrace(PT_TRACE_ME, 0, NULL, 0) < 0) {
341 perror("PT_TRACE_ME");
344 kill(getpid(), SIGSTOP);
346 if ((pid1 = use_vfork ? vfork() : fork()) < 0) {
349 } else if (pid1 == 0) {
350 printf("Hi from child %d\n", getpid());
351 execl("/bin/ls", "ls", "/", (char *)NULL);
355 if (waitpid(pid, &status, 0) == -1) {
359 assert(WIFSTOPPED(status));
360 assert(WSTOPSIG(status) == SIGSTOP);
362 if (ptrace(PT_LWPINFO, pid, (caddr_t)&lwpinfo,
363 sizeof(lwpinfo)) < 0) {
364 perror("PT_LWPINFO");
365 ptrace(PT_KILL, pid, NULL, 0);
368 wait_info(pid, status, &lwpinfo);
370 if (ptrace(PT_FOLLOW_FORK, pid, 0, 1) < 0) {
371 perror("PT_FOLLOW_FORK");
372 ptrace(PT_KILL, pid, NULL, 0);
376 while ((pid1 = trace(pid)) >= 0) {
378 printf(TRACE "attached to pid %d\n", pid1);
382 if (waitpid(pid1, &status, 0) == -1) {
386 printf(TRACE "nested loop, pid %d status %s\n",
387 pid1, decode_wait_status(status));
388 assert(WIFSTOPPED(status));
389 assert(WSTOPSIG(status) == SIGSTOP);
390 if (ptrace(PT_LWPINFO, pid1, (caddr_t)&lwpinfo,
391 sizeof(lwpinfo)) < 0) {
392 perror("PT_LWPINFO");
393 ptrace(PT_KILL, pid1, NULL, 0);
396 wait_info(pid1, status, &lwpinfo);
398 while (trace(pid1) >= 0)
403 ptrace(PT_CONTINUE, pid, (caddr_t)1, 0);