Trouble with ptrace

Timo Juhani Lindfors timo.lindfors at iki.fi
Tue Jan 20 11:44:44 CET 2009


wind_cheng <Wind_cheng at asustek.com.cn> writes:
> I want to know system call number, after your method, I print
> regs.ARM_ORIG_r0. it's 0

On ARM the syscall number is not in register r0.

> and i find out none of them is the right one.
> i make a system call execve, it's system call number is 11, but none of the
> regs is 11.
> Please tell me how should i do to get system call number .

apt-get source strace

shows

/*
 * Get the ARM-mode system call number
 */
errno = 0;
scno = ptrace(PTRACE_PEEKTEXT, pid, (void *)(regs.ARM_pc - 4), NULL);
if (errno)
        return -1;

if (scno == 0 && (tcp->flags & TCB_WAITEXECVE)) {
        tcp->flags &= ~TCB_WAITEXECVE;
        return 0;
}

/* Handle the EABI syscall convention.  We do not
   bother converting structures between the two
   ABIs, but basic functionality should work even
   if strace and the traced program have different
   ABIs.  */
if (scno == 0xef000000) {
        scno = regs.ARM_r7;
} else {
        if ((scno & 0x0ff00000) != 0x0f900000) {
                fprintf(stderr, "syscall: unknown syscall trap 0x%08lx\n",
                        scno);
                return -1;
        }

        /*
         * Fixup the syscall number
         */
        scno &= 0x000fffff;
}

Just curious, why are you trying to reimplement this?



More information about the support mailing list