1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
/* See LICENSE file for copyright and license details. */
#include <sys/uio.h>
#include <sys/wait.h>
#include <ctype.h>
#include <errno.h>
#include <limits.h>
#include <signal.h>
#include <stdarg.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#if defined(__linux__)
# include "linux/os.h"
#else
# error "This program is only implemented for Linux"
#endif
#include "arg.h"
#include "list-errnos.h"
#include "list-signums.h"
struct process;
enum type {
Unknown,
Void,
Int,
UInt,
OInt,
XInt,
Long,
ULong,
OLong,
XLong,
LLong,
ULLong,
OLLong,
XLLong,
Ptr
};
enum state {
Normal,
Syscall,
CloneChild,
ForkChild,
VforkChild,
CloneParent,
ForkParent,
VforkParent,
Exec
};
struct output {
int ells;
char fmt;
unsigned long long int size;
void (*func)(struct process *, size_t);
};
struct process {
pid_t pid;
pid_t thread_leader;
struct process *next;
struct process *prev;
enum state state;
int silent_until_execed; /* 2 until exec, 1 until "= 0", 0 afterwards */
/* Syscall data */
unsigned long long int scall;
unsigned long long int args[6];
unsigned long long int ret;
enum type ret_type;
struct output outputs[6];
/* multiarch support */
unsigned long long int scall_xor;
int long_is_int;
int ptr_is_int;
int mode;
/* vfork(2) data */
struct process *continue_on_exit;
struct process *vfork_waiting_on;
};
/* consts.c */
const char *get_errno_name(int err);
const char *get_signum_name(int sig);
/* memory.c */
char *get_string(pid_t pid, unsigned long int addr, size_t *lenp, const char **errorp);
int get_struct(pid_t pid, unsigned long int addr, void *out, size_t size, const char **errorp);
char *get_memory(pid_t pid, unsigned long int addr, size_t n, const char **errorp);
char *escape_memory(char *str, size_t m);
char *get_escaped_string(pid_t pid, unsigned long int addr, size_t *lenp, const char **errorp);
char *get_escaped_memory(pid_t pid, unsigned long int addr, size_t n, const char **errorp);
/* print.c */
void print_systemcall(struct process *proc);
void print_systemcall_exit(struct process *proc);
/* process.c */
void init_process_list(void);
struct process *find_process(pid_t pid);
struct process *add_process(pid_t pid, unsigned long int trace_options);
void remove_process(struct process *proc);
/* util.c */
void setup_trace_output(FILE *fp, int multiprocess);
void tprintf(struct process *proc, const char *fmt, ...);
void weprintf(const char *fmt, ...);
#define eprintf(...) (weprintf(__VA_ARGS__), exit(1))
#define eprintf_and_kill(PID, ...) (weprintf(__VA_ARGS__), kill((PID), SIGKILL), exit(1))
FILE *xfopen(const char *file, const char *mode);
|
