Print this page
15254 %ymm registers not restored after signal handler
15367 x86 getfpregs() summons corrupting %xmm ghosts
15333 want x86 /proc xregs support (libc_db, libproc, mdb, etc.)
15336 want libc functions for extended ucontext_t
15334 want ps_lwphandle-specific reg routines
15328 FPU_CW_INIT mistreats reserved bit
15335 i86pc fpu_subr.c isn't really platform-specific
15332 setcontext(2) isn't actually noreturn
15331 need <sys/stdalign.h>
Change-Id: I7060aa86042dfb989f77fc3323c065ea2eafa9ad
Conflicts:
usr/src/uts/common/fs/proc/prcontrol.c
usr/src/uts/intel/os/archdep.c
usr/src/uts/intel/sys/ucontext.h
usr/src/uts/intel/syscall/getcontext.c
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/man/man5/proc.5.man.txt
+++ new/usr/src/man/man5/proc.5.man.txt
1 1 PROC(5) File Formats and Configurations PROC(5)
2 2
3 3 NAME
4 4 proc - /proc, the process file system
5 5
6 6 DESCRIPTION
7 7 /proc is a file system that provides access to the state of each process
8 8 and light-weight process (lwp) in the system. The name of each entry in
9 9 the /proc directory is a decimal number corresponding to a process-ID.
10 10 These entries are themselves subdirectories. Access to process state is
11 11 provided by additional files contained within each subdirectory; the
12 12 hierarchy is described more completely below. In this document, "/proc
13 13 file" refers to a non-directory file within the hierarchy rooted at
14 14 /proc. The owner of each /proc file and subdirectory is determined by
15 15 the user-ID of the process.
16 16
17 17 /proc can be mounted on any mount point, in addition to the standard
18 18 /proc mount point, and can be mounted several places at once. Such
19 19 additional mounts are allowed in order to facilitate the confinement of
20 20 processes to subtrees of the file system via chroot(2) and yet allow such
21 21 processes access to commands like ps(1).
22 22
23 23 Standard system calls are used to access /proc files: open(2), close(2),
24 24 read(2), and write(2) (including readv(2), writev(2), pread(2), and
25 25 pwrite(2)). Most files describe process state and can only be opened for
26 26 reading. ctl and lwpctl (control) files permit manipulation of process
27 27 state and can only be opened for writing. as (address space) files
28 28 contain the image of the running process and can be opened for both
29 29 reading and writing. An open for writing allows process control; a read-
30 30 only open allows inspection but not control. In this document, we refer
31 31 to the process as open for reading or writing if any of its associated
32 32 /proc files is open for reading or writing.
33 33
34 34 In general, more than one process can open the same /proc file at the
35 35 same time. Exclusive open is an advisory mechanism provided to allow
36 36 controlling processes to avoid collisions with each other. A process can
37 37 obtain exclusive control of a target process, with respect to other
38 38 cooperating processes, if it successfully opens any /proc file in the
39 39 target process for writing (the as or ctl files, or the lwpctl file of
40 40 any lwp) while specifying O_EXCL in the open(2). Such an open will fail
41 41 if the target process is already open for writing (that is, if an as,
42 42 ctl, or lwpctl file is already open for writing). There can be any
43 43 number of concurrent read-only opens; O_EXCL is ignored on opens for
44 44 reading. It is recommended that the first open for writing by a
45 45 controlling process use the O_EXCL flag; multiple controlling processes
46 46 usually result in chaos.
47 47
48 48 If a process opens one of its own /proc files for writing, the open
49 49 succeeds regardless of O_EXCL and regardless of whether some other
50 50 process has the process open for writing. Self-opens do not count when
51 51 another process attempts an exclusive open. (A process cannot exclude a
52 52 debugger by opening itself for writing and the application of a debugger
53 53 cannot prevent a process from opening itself.) All self-opens for
54 54 writing are forced to be close-on-exec (see the F_SETFD operation of
55 55 fcntl(2)).
56 56
57 57 Data may be transferred from or to any locations in the address space of
58 58 the traced process by applying lseek(2) to position the as file at the
59 59 virtual address of interest followed by read(2) or write(2) (or by using
60 60 pread(2) or pwrite(2) for the combined operation). The address-map files
61 61 /proc/pid/map and /proc/pid/xmap can be read to determine the accessible
62 62 areas (mappings) of the address space. I/O transfers may span contiguous
63 63 mappings. An I/O request extending into an unmapped area is truncated at
64 64 the boundary. A write request beginning at an unmapped virtual address
65 65 fails with EIO; a read request beginning at an unmapped virtual address
66 66 returns zero (an end-of-file indication).
67 67
68 68 Information and control operations are provided through additional files.
69 69 <procfs.h> contains definitions of data structures and message formats
70 70 used with these files. Some of these definitions involve the use of sets
71 71 of flags. The set types sigset_t, fltset_t, and sysset_t correspond,
72 72 respectively, to signal, fault, and system call enumerations defined in
73 73 <sys/signal.h>, <sys/fault.h>, and <sys/syscall.h>. Each set type is
74 74 large enough to hold flags for its own enumeration. Although they are of
75 75 different sizes, they have a common structure and can be manipulated by
76 76 these macros:
77 77
78 78 prfillset(&set); /* turn on all flags in set */
79 79 premptyset(&set); /* turn off all flags in set */
80 80 praddset(&set, flag); /* turn on the specified flag */
81 81 prdelset(&set, flag); /* turn off the specified flag */
82 82 r = prismember(&set, flag); /* != 0 iff flag is turned on */
83 83
84 84 One of prfillset() or premptyset() must be used to initialize set before
85 85 it is used in any other operation. flag must be a member of the
86 86 enumeration corresponding to set.
87 87
88 88 Every process contains at least one light-weight process, or lwp. Each
89 89 lwp represents a flow of execution that is independently scheduled by the
90 90 operating system. All lwps in a process share its address space as well
91 91 as many other attributes. Through the use of lwpctl and ctl files as
92 92 described below, it is possible to affect individual lwps in a process or
93 93 to affect all of them at once, depending on the operation.
94 94
95 95 When the process has more than one lwp, a representative lwp is chosen by
96 96 the system for certain process status files and control operations. The
97 97 representative lwp is a stopped lwp only if all of the process's lwps are
98 98 stopped; is stopped on an event of interest only if all of the lwps are
99 99 so stopped (excluding PR_SUSPENDED lwps); is in a PR_REQUESTED stop only
100 100 if there are no other events of interest to be found; or, failing
101 101 everything else, is in a PR_SUSPENDED stop (implying that the process is
102 102 deadlocked). See the description of the status file for definitions of
103 103 stopped states. See the PCSTOP control operation for the definition of
104 104 "event of interest".
105 105
106 106 The representative lwp remains fixed (it will be chosen again on the next
107 107 operation) as long as all of the lwps are stopped on events of interest
108 108 or are in a PR_SUSPENDED stop and the PCRUN control operation is not
109 109 applied to any of them.
110 110
111 111 When applied to the process control file, every /proc control operation
112 112 that must act on an lwp uses the same algorithm to choose which lwp to
113 113 act upon. Together with synchronous stopping (see PCSET), this enables a
114 114 debugger to control a multiple-lwp process using only the process-level
115 115 status and control files if it so chooses. More fine-grained control can
116 116 be achieved using the lwp-specific files.
117 117
118 118 The system supports two process data models, the traditional 32-bit data
119 119 model in which ints, longs and pointers are all 32 bits wide (the ILP32
120 120 data model), and on some platforms the 64-bit data model in which longs
121 121 and pointers, but not ints, are 64 bits in width (the LP64 data model).
122 122 In the LP64 data model some system data types, notably size_t, off_t,
123 123 time_t and dev_t, grow from 32 bits to 64 bits as well.
124 124
125 125 The /proc interfaces described here are available to both 32-bit and
126 126 64-bit controlling processes. However, many operations attempted by a
127 127 32-bit controlling process on a 64-bit target process will fail with
128 128 EOVERFLOW because the address space range of a 32-bit process cannot
129 129 encompass a 64-bit process or because the data in some 64-bit system data
130 130 type cannot be compressed to fit into the corresponding 32-bit type
131 131 without loss of information. Operations that fail in this circumstance
132 132 include reading and writing the address space, reading the address-map
133 133 files, and setting the target process's registers. There is no
134 134 restriction on operations applied by a 64-bit process to either a 32-bit
135 135 or a 64-bit target processes.
136 136
137 137 The format of the contents of any /proc file depends on the data model of
138 138 the observer (the controlling process), not on the data model of the
139 139 target process. A 64-bit debugger does not have to translate the
140 140 information it reads from a /proc file for a 32-bit process from 32-bit
141 141 format to 64-bit format. However, it usually has to be aware of the data
142 142 model of the target process. The pr_dmodel field of the status files
143 143 indicates the target process's data model.
144 144
145 145 To help deal with system data structures that are read from 32-bit
146 146 processes, a 64-bit controlling program can be compiled with the C
147 147 preprocessor symbol _SYSCALL32 defined before system header files are
148 148 included. This makes explicit 32-bit fixed-width data structures (like
149 149 struct stat32) visible to the 64-bit program. See types32.h(3HEAD).
150 150
151 151 DIRECTORY STRUCTURE
152 152 At the top level, the directory /proc contains entries each of which
153 153 names an existing process in the system. These entries are themselves
154 154 directories. Except where otherwise noted, the files described below can
155 155 be opened for reading only. In addition, if a process becomes a zombie
156 156 (one that has exited but whose parent has not yet performed a wait(3C)
157 157 upon it), most of its associated /proc files disappear from the
158 158 hierarchy; subsequent attempts to open them, or to read or write files
159 159 opened before the process exited, will elicit the error ENOENT.
160 160
161 161 Although process state and consequently the contents of /proc files can
162 162 change from instant to instant, a single read(2) of a /proc file is
163 163 guaranteed to return a sane representation of state; that is, the read
164 164 will be atomic with respect to the state of the process. No such
165 165 guarantee applies to successive reads applied to a /proc file for a
166 166 running process. In addition, atomicity is not guaranteed for I/O
167 167 applied to the as (address-space) file for a running process or for a
168 168 process whose address space contains memory shared by another running
169 169 process.
170 170
171 171 A number of structure definitions are used to describe the files. These
172 172 structures may grow by the addition of elements at the end in future
173 173 releases of the system and it is not legitimate for a program to assume
174 174 that they will not.
175 175
176 176 STRUCTURE OF /proc/pid
177 177 A given directory /proc/pid contains the following entries. A process
178 178 can use the invisible alias /proc/self if it wishes to open one of its
179 179 own /proc files (invisible in the sense that the name "self" does not
180 180 appear in a directory listing of /proc obtained from ls(1), getdents(2),
181 181 or readdir(3C)).
182 182
183 183 contracts
184 184 A directory containing references to the contracts held by the process.
185 185 Each entry is a symlink to the contract's directory under
186 186 /system/contract. See contract(5).
187 187
188 188 as
189 189 Contains the address-space image of the process; it can be opened for
190 190 both reading and writing. lseek(2) is used to position the file at the
191 191 virtual address of interest and then the address space can be examined or
192 192 changed through read(2) or write(2) (or by using pread(2) or pwrite(2)
193 193 for the combined operation).
194 194
195 195 ctl
196 196 A write-only file to which structured messages are written directing the
197 197 system to change some aspect of the process's state or control its
198 198 behavior in some way. The seek offset is not relevant when writing to
199 199 this file. Individual lwps also have associated lwpctl files in the lwp
200 200 subdirectories. A control message may be written either to the process's
201 201 ctl file or to a specific lwpctl file with operation-specific effects.
202 202 The effect of a control message is immediately reflected in the state of
203 203 the process visible through appropriate status and information files.
204 204 The types of control messages are described in detail later. See CONTROL
205 205 MESSAGES.
206 206
207 207 status
208 208 Contains state information about the process and the representative lwp.
209 209 The file contains a pstatus structure which contains an embedded
210 210 lwpstatus structure for the representative lwp, as follows:
211 211
212 212 typedef struct pstatus {
213 213 int pr_flags; /* flags (see below) */
214 214 int pr_nlwp; /* number of active lwps in the process */
215 215 int pr_nzomb; /* number of zombie lwps in the process */
216 216 pid_tpr_pid; /* process id */
217 217 pid_tpr_ppid; /* parent process id */
218 218 pid_tpr_pgid; /* process group id */
219 219 pid_tpr_sid; /* session id */
220 220 id_t pr_aslwpid; /* obsolete */
221 221 id_t pr_agentid; /* lwp-id of the agent lwp, if any */
222 222 sigset_t pr_sigpend; /* set of process pending signals */
223 223 uintptr_t pr_brkbase; /* virtual address of the process heap */
224 224 size_t pr_brksize; /* size of the process heap, in bytes */
225 225 uintptr_t pr_stkbase; /* virtual address of the process stack */
226 226 size_tpr_stksize; /* size of the process stack, in bytes */
227 227 timestruc_t pr_utime; /* process user cpu time */
228 228 timestruc_t pr_stime; /* process system cpu time */
229 229 timestruc_t pr_cutime; /* sum of children's user times */
230 230 timestruc_t pr_cstime; /* sum of children's system times */
231 231 sigset_t pr_sigtrace; /* set of traced signals */
232 232 fltset_t pr_flttrace; /* set of traced faults */
233 233 sysset_t pr_sysentry; /* set of system calls traced on entry */
234 234 sysset_t pr_sysexit; /* set of system calls traced on exit */
235 235 char pr_dmodel; /* data model of the process */
236 236 taskid_t pr_taskid; /* task id */
237 237 projid_t pr_projid; /* project id */
238 238 zoneid_t pr_zoneid; /* zone id */
239 239 lwpstatus_t pr_lwp; /* status of the representative lwp */
240 240 } pstatus_t;
241 241
242 242 pr_flags is a bit-mask holding the following process flags. For
243 243 convenience, it also contains the lwp flags for the representative lwp,
244 244 described later.
245 245
246 246 PR_ISSYS process is a system process (see PCSTOP).
247 247
248 248 PR_VFORKP process is the parent of a vforked child (see PCWATCH).
249 249
250 250 PR_FORK process has its inherit-on-fork mode set (see PCSET).
251 251
252 252 PR_RLC process has its run-on-last-close mode set (see PCSET).
253 253
254 254 PR_KLC process has its kill-on-last-close mode set (see PCSET).
255 255
256 256 PR_ASYNC process has its asynchronous-stop mode set (see PCSET).
257 257
258 258 PR_MSACCT Set by default in all processes to indicate that
259 259 microstate accounting is enabled. However, this flag
260 260 has been deprecated and no longer has any effect.
261 261 Microstate accounting may not be disabled; however, it
262 262 is still possible to toggle the flag.
263 263
264 264 PR_MSFORK Set by default in all processes to indicate that
265 265 microstate accounting will be enabled for processes that
266 266 this parent fork(2)s. However, this flag has been
267 267 deprecated and no longer has any effect. It is possible
268 268 to toggle this flag; however, it is not possible to
269 269 disable microstate accounting.
270 270
271 271 PR_BPTADJ process has its breakpoint adjustment mode set (see
272 272 PCSET).
273 273
274 274 PR_PTRACE process has its ptrace-compatibility mode set (see
275 275 PCSET).
276 276
277 277 pr_nlwp is the total number of active lwps in the process. pr_nzomb is
278 278 the total number of zombie lwps in the process. A zombie lwp is a non-
279 279 detached lwp that has terminated but has not been reaped with
280 280 thr_join(3C) or pthread_join(3C).
281 281
282 282 pr_pid, pr_ppi, pr_pgid, and pr_sid are, respectively, the process ID,
283 283 the ID of the process's parent, the process's process group ID, and the
284 284 process's session ID.
285 285
286 286 pr_aslwpid is obsolete and is always zero.
287 287
288 288 pr_agentid is the lwp-ID for the /proc agent lwp (see the PCAGENT control
289 289 operation). It is zero if there is no agent lwp in the process.
290 290
291 291 pr_sigpend identifies asynchronous signals pending for the process.
292 292
293 293 pr_brkbase is the virtual address of the process heap and pr_brksize is
294 294 its size in bytes. The address formed by the sum of these values is the
295 295 process break (see brk(2)). pr_stkbase and pr_stksize are, respectively,
296 296 the virtual address of the process stack and its size in bytes. (Each
297 297 lwp runs on a separate stack; the distinguishing characteristic of the
298 298 process stack is that the operating system will grow it when necessary.)
299 299
300 300 pr_utime, pr_stime, pr_cutime, and pr_cstime are, respectively, the user
301 301 CPU and system CPU time consumed by the process, and the cumulative user
302 302 CPU and system CPU time consumed by the process's children, in seconds
303 303 and nanoseconds.
304 304
305 305 pr_sigtrace and pr_flttrace contain, respectively, the set of signals and
306 306 the set of hardware faults that are being traced (see PCSTRACE and
307 307 PCSFAULT).
308 308
309 309 pr_sysentry and pr_sysexit contain, respectively, the sets of system
310 310 calls being traced on entry and exit (see PCSENTRY and PCSEXIT).
311 311
312 312 pr_dmodel indicates the data model of the process. Possible values are:
313 313
314 314 PR_MODEL_ILP32 process data model is ILP32.
315 315
316 316 PR_MODEL_LP64 process data model is LP64.
317 317
318 318 PR_MODEL_NATIVE process data model is native.
319 319
320 320 The pr_taskid, pr_projid, and pr_zoneid fields contain respectively, the
321 321 numeric IDs of the task, project, and zone in which the process was
322 322 running.
323 323
324 324 The constant PR_MODEL_NATIVE reflects the data model of the controlling
325 325 process, that is, its value is PR_MODEL_ILP32 or PR_MODEL_LP64 according
326 326 to whether the controlling process has been compiled as a 32-bit program
327 327 or a 64-bit program, respectively.
328 328
329 329 pr_lwp contains the status information for the representative lwp:
330 330
331 331 typedef struct lwpstatus {
332 332 int pr_flags; /* flags (see below) */
333 333 id_t pr_lwpid; /* specific lwp identifier */
334 334 short pr_why; /* reason for lwp stop, if stopped */
335 335 short pr_what; /* more detailed reason */
336 336 short pr_cursig; /* current signal, if any */
337 337 siginfo_t pr_info; /* info associated with signal or fault */
338 338 sigset_t pr_lwppend; /* set of signals pending to the lwp */
339 339 sigset_t pr_lwphold; /* set of signals blocked by the lwp */
340 340 struct sigaction pr_action;/* signal action for current signal */
341 341 stack_t pr_altstack; /* alternate signal stack info */
342 342 uintptr_t pr_oldcontext; /* address of previous ucontext */
343 343 short pr_syscall; /* system call number (if in syscall) */
344 344 short pr_nsysarg; /* number of arguments to this syscall */
345 345 int pr_errno; /* errno for failed syscall */
346 346 long pr_sysarg[PRSYSARGS]; /* arguments to this syscall */
347 347 long pr_rval1; /* primary syscall return value */
348 348 long pr_rval2; /* second syscall return value, if any */
349 349 char pr_clname[PRCLSZ]; /* scheduling class name */
350 350 timestruc_t pr_tstamp; /* real-time time stamp of stop */
351 351 timestruc_t pr_utime; /* lwp user cpu time */
352 352 timestruc_t pr_stime; /* lwp system cpu time */
353 353 uintptr_t pr_ustack; /* stack boundary data (stack_t) address */
354 354 ulong_t pr_instr; /* current instruction */
355 355 prgregset_t pr_reg; /* general registers */
356 356 prfpregset_t pr_fpreg; /* floating-point registers */
357 357 } lwpstatus_t;
358 358
359 359 pr_flags is a bit-mask holding the following lwp flags. For convenience,
360 360 it also contains the process flags, described previously.
361 361
362 362 PR_STOPPED The lwp is stopped.
363 363
364 364 PR_ISTOP The lwp is stopped on an event of interest (see
365 365 PCSTOP).
366 366
367 367 PR_DSTOP The lwp has a stop directive in effect (see PCSTOP).
368 368
369 369 PR_STEP The lwp has a single-step directive in effect (see
370 370 PCRUN).
371 371
372 372 PR_ASLEEP The lwp is in an interruptible sleep within a system
373 373 call.
374 374
375 375 PR_PCINVAL The lwp's current instruction (pr_instr) is undefined.
376 376
377 377 PR_DETACH This is a detached lwp (see pthread_create(3C) and
378 378 pthread_join(3C)).
379 379
380 380 PR_DAEMON This is a daemon lwp (see pthread_create(3C)).
381 381
382 382 PR_ASLWP This flag is obsolete and is never set.
383 383
384 384 PR_AGENT This is the /proc agent lwp for the process.
385 385
386 386 pr_lwpid names the specific lwp.
387 387
388 388 pr_why and pr_what together describe, for a stopped lwp, the reason for
389 389 the stop. Possible values of pr_why and the associated pr_what are:
390 390
391 391 PR_REQUESTED indicates that the stop occurred in response to a stop
392 392 directive, normally because PCSTOP was applied or
393 393 because another lwp stopped on an event of interest
394 394 and the asynchronous-stop flag (see PCSET) was not set
395 395 for the process. pr_what is unused in this case.
396 396
397 397 PR_SIGNALLED indicates that the lwp stopped on receipt of a signal
398 398 (see PCSTRACE); pr_what holds the signal number that
399 399 caused the stop (for a newly-stopped lwp, the same
400 400 value is in pr_cursig).
401 401
402 402 PR_FAULTED indicates that the lwp stopped on incurring a hardware
403 403 fault (see PCSFAULT); pr_what holds the fault number
404 404 that caused the stop.
405 405
406 406 PR_SYSENTRY
407 407
408 408 PR_SYSEXIT indicate a stop on entry to or exit from a system call
409 409 (see PCSENTRY and PCSEXIT); pr_what holds the system
410 410 call number.
411 411
412 412 PR_JOBCONTROL indicates that the lwp stopped due to the default
413 413 action of a job control stop signal (see
414 414 sigaction(2)); pr_what holds the stopping signal
415 415 number.
416 416
417 417 PR_SUSPENDED indicates that the lwp stopped due to internal
418 418 synchronization of lwps within the process. pr_what
419 419 is unused in this case.
420 420
421 421 PR_BRAND indicates that the lwp stopped for a brand-specific
422 422 reason. Interpretation of the value of pr_what
423 423 depends on which zone brand is in use. It is not
424 424 generally expected that an lwp stopped in this state
425 425 will be restarted by native proc(4) consumers.
426 426
427 427 pr_cursig names the current signal, that is, the next signal to be
428 428 delivered to the lwp, if any. pr_info, when the lwp is in a PR_SIGNALLED
429 429 or PR_FAULTED stop, contains additional information pertinent to the
430 430 particular signal or fault (see <sys/siginfo.h>).
431 431
432 432 pr_lwppend identifies any synchronous or directed signals pending for the
433 433 lwp. pr_lwphold identifies those signals whose delivery is being blocked
434 434 by the lwp (the signal mask).
435 435
436 436 pr_action contains the signal action information pertaining to the
437 437 current signal (see sigaction(2)); it is undefined if pr_cursig is zero.
438 438 pr_altstack contains the alternate signal stack information for the lwp
439 439 (see sigaltstack(2)).
440 440
441 441 pr_oldcontext, if not zero, contains the address on the lwp stack of a
442 442 ucontext structure describing the previous user-level context (see
443 443 ucontext.h(3HEAD)). It is non-zero only if the lwp is executing in the
444 444 context of a signal handler.
445 445
446 446 pr_syscall is the number of the system call, if any, being executed by
447 447 the lwp; it is non-zero if and only if the lwp is stopped on PR_SYSENTRY
448 448 or PR_SYSEXIT, or is asleep within a system call (PR_ASLEEP is set). If
449 449 pr_syscall is non-zero, pr_nsysarg is the number of arguments to the
450 450 system call and pr_sysarg contains the actual arguments.
451 451
452 452 pr_rval1, pr_rval2, and pr_errno are defined only if the lwp is stopped
453 453 on PR_SYSEXIT or if the PR_VFORKP flag is set. If pr_errno is zero,
454 454 pr_rval1 and pr_rval2 contain the return values from the system call.
455 455 Otherwise, pr_errno contains the error number for the failing system call
456 456 (see <sys/errno.h>).
457 457
458 458 pr_clname contains the name of the lwp's scheduling class.
459 459
460 460 pr_tstamp, if the lwp is stopped, contains a time stamp marking when the
461 461 lwp stopped, in real time seconds and nanoseconds since an arbitrary time
462 462 in the past.
463 463
464 464 pr_utime is the amount of user level CPU time used by this LWP.
465 465
466 466 pr_stime is the amount of system level CPU time used by this LWP.
467 467
468 468 pr_ustack is the virtual address of the stack_t that contains the stack
469 469 boundaries for this LWP. See getustack(2) and _stack_grow(3C).
470 470
471 471 pr_instr contains the machine instruction to which the lwp's program
472 472 counter refers. The amount of data retrieved from the process is
473 473 machine-dependent. On SPARC based machines, it is a 32-bit word. On
474 474 x86-based machines, it is a single byte. In general, the size is that of
475 475 the machine's smallest instruction. If PR_PCINVAL is set, pr_instr is
476 476 undefined; this occurs whenever the lwp is not stopped or when the
477 477 program counter refers to an invalid virtual address.
478 478
479 479 pr_reg is an array holding the contents of a stopped lwp's general
480 480 registers.
481 481
482 482 SPARC On SPARC-based machines, the predefined constants
483 483 R_G0 ... R_G7, R_O0 ... R_O7, R_L0 ... R_L7,
484 484 R_I0 ... R_I7, R_PC, R_nPC, and R_Y can be used
485 485 as indices to refer to the corresponding
486 486 registers; previous register windows can be read
487 487 from their overflow locations on the stack
488 488 (however, see the gwindows file in the
489 489 /proc/pid/lwp/lwpid subdirectory).
490 490
491 491 SPARC V8 (32-bit) For SPARC V8 (32-bit) controlling processes, the
492 492 predefined constants R_PSR, R_WIM, and R_TBR can
493 493 be used as indices to refer to the corresponding
494 494 special registers. For SPARC V9 (64-bit)
495 495 controlling processes, the predefined constants
496 496 R_CCR, R_ASI, and R_FPRS can be used as indices to
497 497 refer to the corresponding special registers.
498 498
499 499 x86 (32-bit) For 32-bit x86 processes, the predefined constants
500 500 listed belowcan be used as indices to refer to the
501 501 corresponding registers.
502 502 SS
503 503 UESP
504 504 EFL
505 505 CS
506 506 EIP
507 507 ERR
508 508 TRAPNO
509 509 EAX
510 510 ECX
511 511 EDX
512 512 EBX
513 513 ESP
514 514 EBP
515 515 ESI
516 516 EDI
517 517 DS
518 518 ES
519 519 GS
520 520
521 521 The preceding constants are listed in
522 522 <sys/regset.h>.
523 523
524 524 Note that a 32-bit process can run on an x86
525 525 64-bit system, using the constants listed above.
526 526
527 527 x86 (64-bit) To read the registers of a 32- or a 64-bit
528 528 process, a 64-bit x86 process should use the
529 529 predefined constants listed below.
530 530 REG_GSBASE
531 531 REG_FSBASE
532 532 REG_DS
533 533 REG_ES
534 534 REG_GS
535 535 REG_FS
536 536 REG_SS
537 537 REG_RSP
538 538 REG_RFL
539 539 REG_CS
540 540 REG_RIP
541 541 REG_ERR
542 542 REG_TRAPNO
543 543 REG_RAX
544 544 REG_RCX
545 545 REG_RDX
546 546 REG_RBX
547 547 REG_RBP
548 548 REG_RSI
549 549 REG_RDI
550 550 REG_R8
551 551 REG_R9
552 552 REG_R10
553 553 REG_R11
554 554 REG_R12
555 555 REG_R13
556 556 REG_R14
557 557 REG_R15
558 558
559 559 The preceding constants are listed in
560 560 <sys/regset.h>.
561 561
562 562 pr_fpreg is a structure holding the contents of the floating-point
563 563 registers.
564 564
565 565 SPARC registers, both general and floating-point, as seen by a 64-bit
566 566 controlling process are the V9 versions of the registers, even if the
567 567 target process is a 32-bit (V8) process. V8 registers are a subset of
568 568 the V9 registers.
569 569
570 570 If the lwp is not stopped, all register values are undefined.
571 571
572 572 psinfo
573 573 Contains miscellaneous information about the process and the
574 574 representative lwp needed by the ps(1) command. psinfo remains
575 575 accessible after a process becomes a zombie. The file contains a psinfo
576 576 structure which contains an embedded lwpsinfo structure for the
577 577 representative lwp, as follows:
578 578
579 579 typedef struct psinfo {
580 580 int pr_flag; /* process flags (DEPRECATED: see below) */
581 581 int pr_nlwp; /* number of active lwps in the process */
582 582 int pr_nzomb; /* number of zombie lwps in the process */
583 583 pid_t pr_pid; /* process id */
584 584 pid_t pr_ppid; /* process id of parent */
585 585 pid_t pr_pgid; /* process id of process group leader */
586 586 pid_t pr_sid; /* session id */
587 587 uid_t pr_uid; /* real user id */
588 588 uid_t pr_euid; /* effective user id */
589 589 gid_t pr_gid; /* real group id */
590 590 gid_t pr_egid; /* effective group id */
591 591 uintptr_t pr_addr; /* address of process */
592 592 size_t pr_size; /* size of process image in Kbytes */
593 593 size_t pr_rssize; /* resident set size in Kbytes */
594 594 dev_t pr_ttydev; /* controlling tty device (or PRNODEV) */
595 595 ushort_t pr_pctcpu; /* % of recent cpu time used by all lwps */
596 596 ushort_t pr_pctmem; /* % of system memory used by process */
597 597 timestruc_t pr_start; /* process start time, from the epoch */
598 598 timestruc_t pr_time; /* cpu time for this process */
599 599 timestruc_t pr_ctime; /* cpu time for reaped children */
600 600 char pr_fname[PRFNSZ]; /* name of exec'ed file */
601 601 char pr_psargs[PRARGSZ]; /* initial characters of arg list */
602 602 int pr_wstat; /* if zombie, the wait() status */
603 603 int pr_argc; /* initial argument count */
604 604 uintptr_t pr_argv; /* address of initial argument vector */
605 605 uintptr_t pr_envp; /* address of initial environment vector */
606 606 char pr_dmodel; /* data model of the process */
607 607 taskid_t pr_taskid; /* task id */
608 608 projid_t pr_projid; /* project id */
609 609 poolid_t pr_poolid; /* pool id */
610 610 zoneid_t pr_zoneid; /* zone id */
611 611 ctid_t pr_contract; /* process contract id */
612 612 lwpsinfo_t pr_lwp; /* information for representative lwp */
613 613 } psinfo_t;
614 614
615 615 Some of the entries in psinfo, such as pr_addr, refer to internal kernel
616 616 data structures and should not be expected to retain their meanings
617 617 across different versions of the operating system.
618 618
619 619 psinfo_t.pr_flag is a deprecated interface that should no longer be used.
620 620 Applications currently relying on the SSYS bit in pr_flag should migrate
621 621 to checking PR_ISSYS in the pstatus structure's pr_flags field.
622 622
623 623 pr_pctcpu and pr_pctmem are 16-bit binary fractions in the range 0.0 to
624 624 1.0 with the binary point to the right of the high-order bit (1.0 ==
625 625 0x8000). pr_pctcpu is the summation over all lwps in the process.
626 626
627 627 The pr_fname and pr_psargs are writable by the owner of the process. To
628 628 write to them, the psinfo file should be open for writing and the desired
629 629 value for the field should be written at the file offset that corresponds
630 630 to the member of structure. No other entry may be written to; if a write
631 631 is attempted to an offset that does not represent one of these two
632 632 memers, or if the size of the write is not exactly the size of the member
633 633 being written, no bytes will be written and zero will be returned.
634 634
635 635 pr_lwp contains the ps(1) information for the representative lwp. If the
636 636 process is a zombie, pr_nlwp, pr_nzomb, and pr_lwp.pr_lwpid are zero and
637 637 the other fields of pr_lwp are undefined:
638 638
639 639 typedef struct lwpsinfo {
640 640 int pr_flag; /* lwp flags (DEPRECATED: see below) */
641 641 id_t pr_lwpid; /* lwp id */
642 642 uintptr_t pr_addr; /* internal address of lwp */
643 643 uintptr_t pr_wchan; /* wait addr for sleeping lwp */
644 644 char pr_stype; /* synchronization event type */
645 645 char pr_state; /* numeric lwp state */
646 646 char pr_sname; /* printable character for pr_state */
647 647 char pr_nice; /* nice for cpu usage */
648 648 short pr_syscall; /* system call number (if in syscall) */
649 649 char pr_oldpri; /* pre-SVR4, low value is high priority */
650 650 char pr_cpu; /* pre-SVR4, cpu usage for scheduling */
651 651 int pr_pri; /* priority, high value = high priority */
652 652 ushort_t pr_pctcpu; /* % of recent cpu time used by this lwp */
653 653 timestruc_t pr_start; /* lwp start time, from the epoch */
654 654 timestruc_t pr_time; /* cpu time for this lwp */
655 655 char pr_clname[PRCLSZ]; /* scheduling class name */
656 656 char pr_name[PRFNSZ]; /* name of system lwp */
657 657 processorid_t pr_onpro; /* processor which last ran this lwp */
658 658 processorid_t pr_bindpro;/* processor to which lwp is bound */
659 659 psetid_t pr_bindpset; /* processor set to which lwp is bound */
660 660 lgrp_id_t pr_lgrp; /* home lgroup */
661 661 } lwpsinfo_t;
662 662
663 663 Some of the entries in lwpsinfo, such as pr_addr, pr_wchan, pr_stype,
664 664 pr_state, and pr_name, refer to internal kernel data structures and
665 665 should not be expected to retain their meanings across different versions
666 666 of the operating system.
667 667
668 668 lwpsinfo_t.pr_flag is a deprecated interface that should no longer be
669 669 used.
670 670
671 671 pr_pctcpu is a 16-bit binary fraction, as described above. It represents
672 672 the CPU time used by the specific lwp. On a multi-processor machine, the
673 673 maximum value is 1/N, where N is the number of CPUs.
674 674
675 675 pr_contract is the id of the process contract of which the process is a
676 676 member. See contract(5) and process(5).
677 677
678 678 cred
679 679 Contains a description of the credentials associated with the process:
680 680
681 681 typedef struct prcred {
682 682 uid_t pr_euid; /* effective user id */
683 683 uid_t pr_ruid; /* real user id */
684 684 uid_t pr_suid; /* saved user id (from exec) */
685 685 gid_t pr_egid; /* effective group id */
686 686 gid_t pr_rgid; /* real group id */
687 687 gid_t pr_sgid; /* saved group id (from exec) */
688 688 int pr_ngroups; /* number of supplementary groups */
689 689 gid_t pr_groups[1]; /* array of supplementary groups */
690 690 } prcred_t;
691 691
692 692 The array of associated supplementary groups in pr_groups
693 693 is of variable length; the cred file contains all of the supplementary
694 694 groups. pr_ngroups indicates the number of supplementary groups. (See
695 695 also the PCSCRED and PCSCREDX control operations.)
696 696
697 697 priv
698 698 Contains a description of the privileges associated with the process:
699 699
700 700 typedef struct prpriv {
701 701 uint32_t pr_nsets; /* number of privilege set */
702 702 uint32_t pr_setsize; /* size of privilege set */
703 703 uint32_t pr_infosize; /* size of supplementary data */
704 704 priv_chunk_t pr_sets[1]; /* array of sets */
705 705 } prpriv_t;
706 706
707 707 The actual dimension of the pr_sets[] field is
708 708 pr_sets[pr_nsets][pr_setsize]
709 709
710 710 which is followed by additional information about the process state
711 711 pr_infosize bytes in size.
712 712
713 713 The full size of the structure can be computed using
714 714 PRIV_PRPRIV_SIZE(prpriv_t *).
715 715
716 716 secflags
717 717 This file contains the security-flags of the process. It contains a
718 718 description of the security flags associated with the process.
719 719
720 720 typedef struct prsecflags {
721 721 uint32_t pr_version; /* ABI Versioning of this structure */
722 722 secflagset_t pr_effective; /* Effective flags */
723 723 secflagset_t pr_inherit; /* Inheritable flags */
724 724 secflagset_t pr_lower; /* Lower flags */
725 725 secflagset_t pr_upper; /* Upper flags */
726 726 } prsecflags_t;
727 727
728 728 The pr_version field is a version number for the structure, currently
729 729 PRSECFLAGS_VERSION_1.
730 730
731 731 sigact
732 732 Contains an array of sigaction structures describing the current
733 733 dispositions of all signals associated with the traced process (see
734 734 sigaction(2)). Signal numbers are displaced by 1 from array indices, so
735 735 that the action for signal number n appears in position n-1 of the array.
736 736
737 737 auxv
738 738 Contains the initial values of the process's aux vector in an array of
739 739 auxv_t structures (see <sys/auxv.h>). The values are those that were
740 740 passed by the operating system as startup information to the dynamic
741 741 linker.
742 742
743 743 argv
744 744 Contains the concatenation of each of the argument strings, including
745 745 their NUL terminators, in the argument vector (argv) for the process. If
746 746 the process has modified either its argument vector, or the contents of
747 747 any of the strings referenced by that vector, those changes will be
748 748 visible here.
749 749
750 750 ldt
751 751 This file exists only on x86-based machines. It is non-empty only if the
752 752 process has established a local descriptor table (LDT). If non-empty,
753 753 the file contains the array of currently active LDT entries in an array
754 754 of elements of type struct ssd, defined in <sys/sysi86.h>, one element
755 755 for each active LDT entry.
756 756
757 757 map, xmap
758 758 Contain information about the virtual address map of the process. The
759 759 map file contains an array of prmap structures while the xmap file
760 760 contains an array of prxmap structures. Each structure describes a
761 761 contiguous virtual address region in the address space of the traced
762 762 process:
763 763
764 764 typedef struct prmap {
765 765 uintptr_tpr_vaddr; /* virtual address of mapping */
766 766 size_t pr_size; /* size of mapping in bytes */
767 767 char pr_mapname[PRMAPSZ]; /* name in /proc/pid/object */
768 768 offset_t pr_offset; /* offset into mapped object, if any */
769 769 int pr_mflags; /* protection and attribute flags */
770 770 int pr_pagesize; /* pagesize for this mapping in bytes */
771 771 int pr_shmid; /* SysV shared memory identifier */
772 772 } prmap_t;
773 773
774 774 typedef struct prxmap {
775 775 uintptr_t pr_vaddr; /* virtual address of mapping */
776 776 size_t pr_size; /* size of mapping in bytes */
777 777 char pr_mapname[PRMAPSZ]; /* name in /proc/pid/object */
778 778 offset_t pr_offset; /* offset into mapped object, if any */
779 779 int pr_mflags; /* protection and attribute flags */
780 780 int pr_pagesize; /* pagesize for this mapping in bytes */
781 781 int pr_shmid; /* SysV shared memory identifier */
782 782 dev_t pr_dev; /* device of mapped object, if any */
783 783 uint64_t pr_ino; /* inode of mapped object, if any */
784 784 size_t pr_rss; /* pages of resident memory */
785 785 size_t pr_anon; /* pages of resident anonymous memory */
786 786 size_t pr_locked; /* pages of locked memory */
787 787 uint64_t pr_hatpagesize; /* pagesize of mapping */
788 788 } prxmap_t;
789 789
790 790 pr_vaddr is the virtual address of the mapping within the traced process
791 791 and pr_size is its size in bytes. pr_mapname, if it does not contain a
792 792 null string, contains the name of a file in the object directory (see
793 793 below) that can be opened read-only to obtain a file descriptor for the
794 794 mapped file associated with the mapping. This enables a debugger to find
795 795 object file symbol tables without having to know the real path names of
796 796 the executable file and shared libraries of the process. pr_offset is
797 797 the 64-bit offset within the mapped file (if any) to which the virtual
798 798 address is mapped.
799 799
800 800 pr_mflags is a bit-mask of protection and attribute flags:
801 801
802 802 MA_READ mapping is readable by the traced process.
803 803
804 804 MA_WRITE mapping is writable by the traced process.
805 805
806 806 MA_EXEC mapping is executable by the traced process.
807 807
808 808 MA_SHARED mapping changes are shared by the mapped object.
809 809
810 810 MA_ISM mapping is intimate shared memory (shared MMU
811 811 resources)
812 812
813 813 MAP_NORESERVE
814 814 mapping does not have swap space reserved (mapped with
815 815 MAP_NORESERVE)
816 816
817 817 MA_SHM mapping System V shared memory
818 818
819 819 A contiguous area of the address space having the same underlying mapped
820 820 object may appear as multiple mappings due to varying read, write, and
821 821 execute attributes. The underlying mapped object does not change over
822 822 the range of a single mapping. An I/O operation to a mapping marked
823 823 MA_SHARED fails if applied at a virtual address not corresponding to a
824 824 valid page in the underlying mapped object. A write to a MA_SHARED
825 825 mapping that is not marked MA_WRITE fails. Reads and writes to private
826 826 mappings always succeed. Reads and writes to unmapped addresses fail.
827 827
828 828 pr_pagesize is the page size for the mapping, currently always the system
829 829 pagesize.
830 830
831 831 pr_shmid is the shared memory identifier, if any, for the mapping. Its
832 832 value is -1 if the mapping is not System V shared memory. See shmget(2).
833 833
834 834 pr_dev is the device of the mapped object, if any, for the mapping. Its
835 835 value is PRNODEV (-1) if the mapping does not have a device.
836 836
837 837 pr_ino is the inode of the mapped object, if any, for the mapping. Its
838 838 contents are only valid if pr_dev is not PRNODEV.
839 839
840 840 pr_rss is the number of resident pages of memory for the mapping. The
841 841 number of resident bytes for the mapping may be determined by multiplying
842 842 pr_rss by the page size given by pr_pagesize.
843 843
844 844 pr_anon is the number of resident anonymous memory pages (pages which are
845 845 private to this process) for the mapping.
846 846
847 847 pr_locked is the number of locked pages for the mapping. Pages which are
848 848 locked are always resident in memory.
849 849
850 850 pr_hatpagesize is the size, in bytes, of the HAT (MMU) translation for
851 851 the mapping. pr_hatpagesize may be different than pr_pagesize. The
852 852 possible values are hardware architecture specific, and may change over a
853 853 mapping's lifetime.
854 854
855 855 rmap
856 856 Contains information about the reserved address ranges of the process.
857 857 The file contains an array of prmap structures, as defined above for the
858 858 map file. Each structure describes a contiguous virtual address region
859 859 in the address space of the traced process that is reserved by the system
860 860 in the sense that an mmap(2) system call that does not specify MAP_FIXED
861 861 will not use any part of it for the new mapping. Examples of such
862 862 reservations include the address ranges reserved for the process stack
863 863 and the individual thread stacks of a multi-threaded process.
864 864
865 865 cwd
866 866 A symbolic link to the process's current working directory. See
867 867 chdir(2). A readlink(2) of /proc/pid/cwd yields a null string. However,
868 868 it can be opened, listed, and searched as a directory, and can be the
869 869 target of chdir(2).
870 870
871 871 root
872 872 A symbolic link to the process's root directory. /proc/pid/root can
873 873 differ from the system root directory if the process or one of its
874 874 ancestors executed chroot(2) as super user. It has the same semantics as
875 875 /proc/pid/cwd.
876 876
877 877 fd
878 878 A directory containing references to the open files of the process. Each
879 879 entry is a decimal number corresponding to an open file descriptor in the
880 880 process.
881 881
882 882 If an entry refers to a regular file, it can be opened with normal file
883 883 system semantics but, to ensure that the controlling process cannot gain
884 884 greater access than the controlled process, with no file access modes
885 885 other than its read/write open modes in the controlled process. If an
886 886 entry refers to a directory, it can be accessed with the same semantics
887 887 as /proc/pid/cwd. An attempt to open any other type of entry fails with
888 888 EACCES.
889 889
890 890 fdinfo
891 891 A directory containing information about each of the process's open
892 892 files. Each entry is a decimal number corresponding to an open file
893 893 descriptor in the process. Each file contains a prfdinfo_t structure
894 894 defined as follows:
895 895
896 896 typedef struct prfdinfo {
897 897 int pr_fd; /* file descriptor number */
898 898 mode_t pr_mode; /* (see st_mode in stat(2)) */
899 899 uint64_t pr_ino; /* inode number */
900 900 uint64_t pr_size; /* file size */
901 901 int64_t pr_offset; /* current offset of file descriptor */
902 902 uid_t pr_uid; /* owner's user id */
903 903 gid_t pr_gid; /* owner's group id */
904 904 major_t pr_major; /* major number of device containing file */
905 905 minor_t pr_minor; /* minor number of device containing file */
906 906 major_t pr_rmajor; /* major number (if special file) */
907 907 minor_t pr_rminor; /* minor number (if special file) */
908 908 int pr_fileflags; /* (see F_GETXFL in fcntl(2)) */
909 909 int pr_fdflags; /* (see F_GETFD in fcntl(2)) */
910 910 short pr_locktype; /* (see F_GETLK in fcntl(2)) */
911 911 pid_t pr_lockpid; /* process holding file lock (see F_GETLK) */
912 912 int pr_locksysid; /* sysid of locking process (see F_GETLK) */
913 913 pid_t pr_peerpid; /* peer process (socket, door) */
914 914 int pr_filler[25]; /* reserved for future use */
915 915 char pr_peername[PRFNSZ]; /* peer process name */
916 916 #if __STDC_VERSION__ >= 199901L
917 917 char pr_misc[]; /* self describing structures */
918 918 #else
919 919 char pr_misc[1];
920 920 #endif
921 921 } prfdinfo_t;
922 922
923 923 The pr_misc element points to a list of additional miscellaneous data
924 924 items, each of which has a header of type pr_misc_header_t specifying the
925 925 size and type, and some data which immediately follow the header.
926 926
927 927 typedef struct pr_misc_header {
928 928 uint_t pr_misc_size;
929 929 uint_t pr_misc_type;
930 930 } pr_misc_header_t;
931 931
932 932 The pr_misc_size field is the sum of the sizes of the header and the
933 933 associated data and any trailing padding bytes which will be set to zero.
934 934 The end of the list is indicated by a header with a zero size and a type
935 935 with all bits set.
936 936
937 937 The following miscellaneous data types can be present:
938 938
939 939 PR_PATHNAME The file descriptor's path in the
940 940 filesystem. This is a NUL-terminated
941 941 sequence of characters.
942 942
943 943 PR_SOCKETNAME A sockaddr structure representing the
944 944 local socket name for this file
945 945 descriptor, as would be returned by
946 946 calling getsockname() within the process.
947 947
948 948 PR_PEERSOCKNAME A sockaddr structure representing the peer
949 949 socket name for this file descriptor, as
950 950 would be returned by calling getpeername()
951 951 within the process.
952 952
953 953 PR_SOCKOPTS_BOOL_OPTS An unsigned integer which has bits set
954 954 corresponding to options which are set on
955 955 the underlying socket. The following bits
956 956 may be set:
957 957
958 958 PR_SO_DEBUG
959 959
960 960 PR_SO_REUSEADDR
961 961
962 962 PR_SO_REUSEPORT
963 963
964 964 PR_SO_KEEPALIVE
965 965
966 966 PR_SO_DONTROUTE
967 967
968 968 PR_SO_BROADCAST
969 969
970 970 PR_SO_OOBINLINE
971 971
972 972 PR_SO_DGRAM_ERRIND
973 973
974 974 PR_SO_ALLZONES
975 975
976 976 PR_SO_MAC_EXEMPT
977 977
978 978 PR_SO_EXCLBIND
979 979
980 980 PR_SO_PASSIVE_CONNECT
981 981
982 982 PR_SO_ACCEPTCONN
983 983
984 984 PR_UDP_NAT_T_ENDPOINT
985 985
986 986 PR_SO_VRRP
987 987
988 988 PR_SO_MAC_IMPLICIT
989 989
990 990 PR_SOCKOPT_LINGER A struct linger as would be returned by
991 991 calling getsockopt(SO_LINGER) within the
992 992 process.
993 993
994 994 PR_SOCKOPT_SNDBUF The data that would be returned by calling
995 995 getsockopt(SO_SNDBUF) within the process.
996 996
997 997 PR_SOCKOPT_RCVBUF The data that would be returned by calling
998 998 getsockopt(SO_RCVBUF) within the process.
999 999
1000 1000 PR_SOCKOPT_IP_NEXTHOP The data that would be returned by calling
1001 1001 getsockopt(IPPROTO_IP, IP_NEXTHOP) within
1002 1002 the process.
1003 1003
1004 1004 PR_SOCKOPT_IPV6_NEXTHOP The data that would be returned by calling
1005 1005 getsockopt(IPPROTO_IPV6, IPV6_NEXTHOP)
1006 1006 within the process.
1007 1007
1008 1008 PR_SOCKOPT_TYPE The data that would be returned by calling
1009 1009 getsockopt(SO_TYPE) within the process.
1010 1010
1011 1011 PR_SOCKOPT_TCP_CONGESTION For TCP sockets, the data that would be
1012 1012 returned by calling
1013 1013 getsockopt(IPPROTO_TCP, TCP_CONGESTION)
1014 1014 within the process. This is a NUL-
1015 1015 terminated character array containing the
1016 1016 name of the congestion algorithm in use
1017 1017 for the socket.
1018 1018
1019 1019 PR_SOCKFILTERS_PRIV Private data relating to up to the first
1020 1020 32 socket filters pushed on this
1021 1021 descriptor.
1022 1022
1023 1023 object
1024 1024 A directory containing read-only files with names corresponding to the
1025 1025 pr_mapname entries in the map and pagedata files. Opening such a file
1026 1026 yields a file descriptor for the underlying mapped file associated with
1027 1027 an address-space mapping in the process. The file name a.out appears in
1028 1028 the directory as an alias for the process's executable file.
1029 1029
1030 1030 The object directory makes it possible for a controlling process to gain
1031 1031 access to the object file and any shared libraries (and consequently the
1032 1032 symbol tables) without having to know the actual path names of the
1033 1033 executable files.
1034 1034
1035 1035 path
1036 1036 A directory containing symbolic links to files opened by the process.
1037 1037 The directory includes one entry for cwd and root. The directory also
1038 1038 contains a numerical entry for each file descriptor in the fd directory,
1039 1039 and entries matching those in the object directory. If this information
1040 1040 is not available, any attempt to read the contents of the symbolic link
1041 1041 will fail. This is most common for files that do not exist in the
1042 1042 filesystem namespace (such as FIFOs and sockets), but can also happen for
1043 1043 regular files. For the file descriptor entries, the path may be
1044 1044 different from the one used by the process to open the file.
1045 1045
1046 1046 pagedata
1047 1047 Opening the page data file enables tracking of address space references
1048 1048 and modifications on a per-page basis.
1049 1049
1050 1050 A read(2) of the page data file descriptor returns structured page data
1051 1051 and atomically clears the page data maintained for the file by the
1052 1052 system. That is to say, each read returns data collected since the last
1053 1053 read; the first read returns data collected since the file was opened.
1054 1054 When the call completes, the read buffer contains the following structure
1055 1055 as its header and thereafter contains a number of section header
1056 1056 structures and associated byte arrays that must be accessed by walking
1057 1057 linearly through the buffer.
1058 1058
1059 1059 typedef struct prpageheader {
1060 1060 timestruc_t pr_tstamp; /* real time stamp, time of read() */
1061 1061 ulong_t pr_nmap; /* number of address space mappings */
1062 1062 ulong_t pr_npage; /* total number of pages */
1063 1063 } prpageheader_t;
1064 1064
1065 1065 The header is followed by pr_nmap prasmap structures and associated data
1066 1066 arrays. The prasmap structure contains the following elements:
1067 1067
1068 1068 typedef struct prasmap {
1069 1069 uintptr_t pr_vaddr; /* virtual address of mapping */
1070 1070 ulong_t pr_npage; /* number of pages in mapping */
1071 1071 char pr_mapname[PRMAPSZ]; /* name in /proc/pid/object */
1072 1072 offset_t pr_offset; /* offset into mapped object, if any */
1073 1073 int pr_mflags; /* protection and attribute flags */
1074 1074 int pr_pagesize; /* pagesize for this mapping in bytes */
1075 1075 int pr_shmid; /* SysV shared memory identifier */
1076 1076 } prasmap_t;
1077 1077
1078 1078 Each section header is followed by pr_npage bytes, one byte for each page
1079 1079 in the mapping, plus 0-7 null bytes at the end so that the next prasmap
1080 1080 structure begins on an eight-byte aligned boundary. Each data byte may
1081 1081 contain these flags:
1082 1082
1083 1083 PG_REFERENCED page has been referenced.
1084 1084
1085 1085 PG_MODIFIED page has been modified.
1086 1086
1087 1087 If the read buffer is not large enough to contain all of the page data,
1088 1088 the read fails with E2BIG and the page data is not cleared. The required
1089 1089 size of the read buffer can be determined through fstat(2). Application
1090 1090 of lseek(2) to the page data file descriptor is ineffective; every read
1091 1091 starts from the beginning of the file. Closing the page data file
1092 1092 descriptor terminates the system overhead associated with collecting the
1093 1093 data.
1094 1094
1095 1095 More than one page data file descriptor for the same process can be
1096 1096 opened, up to a system-imposed limit per traced process. A read of one
1097 1097 does not affect the data being collected by the system for the others.
1098 1098 An open of the page data file will fail with ENOMEM if the system-imposed
1099 1099 limit would be exceeded.
1100 1100
1101 1101 watch
1102 1102 Contains an array of prwatch structures, one for each watched area
1103 1103 established by the PCWATCH control operation. See PCWATCH for details.
1104 1104
1105 1105 usage
1106 1106 Contains process usage information described by a prusage structure which
1107 1107 contains at least the following fields:
1108 1108
1109 1109 typedef struct prusage {
1110 1110 id_t pr_lwpid; /* lwp id. 0: process or defunct */
1111 1111 int pr_count; /* number of contributing lwps */
1112 1112 timestruc_t pr_tstamp; /* real time stamp, time of read() */
1113 1113 timestruc_t pr_create; /* process/lwp creation time stamp */
1114 1114 timestruc_t pr_term; /* process/lwp termination time stamp */
1115 1115 timestruc_t pr_rtime; /* total lwp real (elapsed) time */
1116 1116 timestruc_t pr_utime; /* user level CPU time */
1117 1117 timestruc_t pr_stime; /* system call CPU time */
1118 1118 timestruc_t pr_ttime; /* other system trap CPU time */
1119 1119 timestruc_t pr_tftime; /* text page fault sleep time */
1120 1120 timestruc_t pr_dftime; /* data page fault sleep time */
1121 1121 timestruc_t pr_kftime; /* kernel page fault sleep time */
1122 1122 timestruc_t pr_ltime; /* user lock wait sleep time */
1123 1123 timestruc_t pr_slptime; /* all other sleep time */
1124 1124 timestruc_t pr_wtime; /* wait-cpu (latency) time */
1125 1125 timestruc_t pr_stoptime; /* stopped time */
1126 1126 ulong_t pr_minf; /* minor page faults */
1127 1127 ulong_t pr_majf; /* major page faults */
1128 1128 ulong_t pr_nswap; /* swaps */
1129 1129 ulong_t pr_inblk; /* input blocks */
1130 1130 ulong_t pr_oublk; /* output blocks */
1131 1131 ulong_t pr_msnd; /* messages sent */
1132 1132 ulong_t pr_mrcv; /* messages received */
1133 1133 ulong_t pr_sigs; /* signals received */
1134 1134 ulong_t pr_vctx; /* voluntary context switches */
1135 1135 ulong_t pr_ictx; /* involuntary context switches */
1136 1136 ulong_t pr_sysc; /* system calls */
1137 1137 ulong_t pr_ioch; /* chars read and written */
1138 1138 } prusage_t;
1139 1139
1140 1140 Microstate accounting is now continuously enabled. While this
1141 1141 information was previously an estimate, if microstate accounting were not
1142 1142 enabled, the current information is now never an estimate represents time
1143 1143 the process has spent in various states.
1144 1144
1145 1145 lstatus
1146 1146 Contains a prheader structure followed by an array of lwpstatus
1147 1147 structures, one for each active lwp in the process (see also
1148 1148 /proc/pid/lwp/lwpid/lwpstatus, below). The prheader structure describes
1149 1149 the number and size of the array entries that follow.
1150 1150
1151 1151 typedef struct prheader {
1152 1152 long pr_nent; /* number of entries */
1153 1153 size_t pr_entsize; /* size of each entry, in bytes */
1154 1154 } prheader_t;
1155 1155
1156 1156 The lwpstatus structure may grow by the addition of elements at the end
1157 1157 in future releases of the system. Programs must use pr_entsize in the
1158 1158 file header to index through the array. These comments apply to all
1159 1159 /proc files that include a prheader structure (lpsinfo and lusage,
1160 1160 below).
1161 1161
1162 1162 lpsinfo
1163 1163 Contains a prheader structure followed by an array of lwpsinfo
1164 1164 structures, one for eachactive and zombie lwp in the process. See also
1165 1165 /proc/pid/lwp/lwpid/lwpsinfo, below.
1166 1166
1167 1167 lusage
1168 1168 Contains a prheader structure followed by an array of prusage structures,
1169 1169 one for each active lwp in the process, plus an additional element at the
1170 1170 beginning that contains the summation over all defunct lwps (lwps that
1171 1171 once existed but no longer exist in the process). Excluding the
1172 1172 pr_lwpid, pr_tstamp, pr_create, and pr_term entries, the entry-by-entry
1173 1173 summation over all these structures is the definition of the process
1174 1174 usage information obtained from the usage file. (See also
1175 1175 /proc/pid/lwp/lwpid/lwpusage, below.)
1176 1176
1177 1177 lwp
1178 1178 A directory containing entries each of which names an active or zombie
1179 1179 lwp within the process. These entries are themselves directories
1180 1180 containing additional files as described below. Only the lwpsinfo file
1181 1181 exists in the directory of a zombie lwp.
1182 1182
1183 1183 STRUCTURE OF /proc/pid/lwp/lwpid
1184 1184 A given directory /proc/pid/lwp/lwpid contains the following entries:
1185 1185
1186 1186 lwpctl
1187 1187 Write-only control file. The messages written to this file affect the
1188 1188 specific lwp rather than the representative lwp, as is the case for the
1189 1189 process's ctl file.
1190 1190
1191 1191 lwpname
1192 1192 A buffer of THREAD_NAME_MAX bytes representing the LWP name; the buffer
1193 1193 is zero-filled if the thread name is shorter than the buffer. If no
1194 1194 thread name is set, the buffer contains the empty string. A read with a
1195 1195 buffer shorter than THREAD_NAME_MAX bytes is not guaranteed to be NUL-
1196 1196 terminated. Writing to this file will set the LWP name for the specific
1197 1197 lwp. This file may not be present in older operating system versions.
1198 1198 THREAD_NAME_MAX may increase in the future; clients should be prepared
1199 1199 for this.
1200 1200
1201 1201 lwpstatus
1202 1202 lwp-specific state information. This file contains the lwpstatus
1203 1203 structure for the specific lwp as described above for the representative
1204 1204 lwp in the process's status file.
1205 1205
1206 1206 lwpsinfo
1207 1207 lwp-specific ps(1) information. This file contains the lwpsinfo
1208 1208 structure for the specific lwp as described above for the representative
1209 1209 lwp in the process's psinfo file. The lwpsinfo file remains accessible
1210 1210 after an lwp becomes a zombie.
1211 1211
1212 1212 lwpusage
1213 1213 This file contains the prusage structure for the specific lwp as
1214 1214 described above for the process's usage file.
1215 1215
1216 1216 gwindows
1217 1217 This file exists only on SPARC based machines. If it is non-empty, it
1218 1218 contains a gwindows_t structure, defined in <sys/regset.h>, with the
1219 1219 values of those SPARC register windows that could not be stored on the
1220 1220 stack when the lwp stopped. Conditions under which register windows are
1221 1221 not stored on the stack are: the stack pointer refers to nonexistent
1222 1222 process memory or the stack pointer is improperly aligned. If the lwp is
1223 1223 not stopped or if there are no register windows that could not be stored
1224 1224 on the stack, the file is empty (the usual case).
1225 1225
1226 1226 xregs
1227 1227 Extra state registers. The extra state register set is architecture
1228 1228 dependent; this file is empty if the system does not support extra state
1229 1229 registers. If the file is non-empty, it contains an architecture
1230 1230 dependent structure of type prxregset_t, defined in <procfs.h>, with the
1231 1231 values of the lwp's extra state registers. If the lwp is not stopped,
1232 1232 all register values are undefined. See also the PCSXREG control
1233 1233 operation, below.
1234 1234
1235 1235 asrs
1236 1236 This file exists only for 64-bit SPARC V9 processes. It contains an
1237 1237 asrset_t structure, defined in <sys/regset.h>, containing the values of
1238 1238 the lwp's platform-dependent ancillary state registers. If the lwp is
1239 1239 not stopped, all register values are undefined. See also the PCSASRS
1240 1240 control operation, below.
1241 1241
1242 1242 spymaster
1243 1243 For an agent lwp (see PCAGENT), this file contains a psinfo_t structure
1244 1244 that corresponds to the process that created the agent lwp at the time
1245 1245 the agent was created. This structure is identical to that retrieved via
1246 1246 the psinfo file, with one modification: the pr_time field does not
|
↓ open down ↓ |
1246 lines elided |
↑ open up ↑ |
1247 1247 correspond to the CPU time for the process, but rather to the creation
1248 1248 time of the agent lwp.
1249 1249
1250 1250 templates
1251 1251 A directory which contains references to the active templates for the
1252 1252 lwp, named by the contract type. Changes made to an active template
1253 1253 descriptor do not affect the original template which was activated,
1254 1254 though they do affect the active template. It is not possible to
1255 1255 activate an active template descriptor. See contract(5).
1256 1256
1257 +ARCHITECTURE-SPECIFIC STRUCTURES
1258 + x86
1259 + The x86 prxregset_t structure is opaque and is made up of several
1260 + different components due to the fact that different x86 processors
1261 + enumerate different architectural extensions.
1262 +
1263 + The structure begins with a header, the prxregset_hdr_t, which is
1264 + followed by a number of different information sections which describe
1265 + different possible extended registers. Each of those is covered by a
1266 + prxregset_info_t, and then finally there are different data payloads that
1267 + represent each extended register.
1268 +
1269 + The number of different informational entries varies from system to
1270 + system based on the set of architectural features that the system
1271 + supports and the corresponding OS enablement for them. This structure is
1272 + built around the idea of the x86 xsave structure. That is, there is a
1273 + central header which describes a bit-vector of what extended features are
1274 + present and have valid state.
1275 +
1276 + Each x86 xregs file begins with the prxregset_hdr_t which looks like:
1277 +
1278 + typedef struct prxregset_hdr {
1279 + uint32_t pr_type;
1280 + uint32_t pr_size;
1281 + uint32_t pr_flags;
1282 + uint32_t pr_pad[4];
1283 + uint32_t pr_ninfo;
1284 + prxregset_info_t pr_info[];
1285 + } prxregset_hdr_t;
1286 +
1287 + The pr_type member is always set to PR_TYPE_XSAVE. This is used to
1288 + indicate the type of file that is present. There may be different file
1289 + types in the future on x86 so this value should always be checked. If it
1290 + is not PR_TYPE_XSAVE then the rest of the structure may look different.
1291 + The pr_size member indicates the size in bytes of the overall structure.
1292 + The pr_flags and pr_pad values are currently reserved for future use.
1293 + They will be set to zero right now when read and must be set to zero when
1294 + writing the data. The pr_ninfo member indicates the number of
1295 + informational items are present in pr_info. There will be one
1296 + informational item for each register set that exists.
1297 +
1298 + The pr_info member points to an array of informational members. These
1299 + immediately follow the structure, though the pr_info member may not be
1300 + available directly if not in an environment compatible with some C99
1301 + features. Each prxregset_info_t structure looks like:
1302 +
1303 + typedef struct prxregset_info {
1304 + uint32_t pri_type;
1305 + uint32_t pri_flags;
1306 + uint32_t pri_size;
1307 + uint32_t pri_offset;
1308 + } prxregset_info_t;
1309 +
1310 + The pri_type member is used to indicate the type of data and its format
1311 + that this represents. Types are listed below. The pri_flags member is
1312 + used to indicate future extensions or information about these items.
1313 + Right now, these are all zero. The pri_size member indicates the size in
1314 + bytes of the type's data. The pri_offset member indicates the offset to
1315 + the start of the data section from the beginning of the xregs file. That
1316 + is an offset of 0 would be the first byte of the prxregset_hdr_t.
1317 +
1318 + The following types of structures and their corresponding data structures
1319 + are currently defined:
1320 +
1321 + PRX_INFO_XCR - prxregset_xcr_t
1322 + This structure provides read-only access to understanding the
1323 + CPU's settings for this thread. In particular, it lets you see
1324 + what is set in the x86 %xcr0 register which is the extended
1325 + feature control register and controls what extended features the
1326 + CPU actually uses. It also contains the x86 extended feature
1327 + disable MSR which controls features that are ignored. The
1328 + prxregset_xcr_t looks like:
1329 +
1330 + typedef struct prxregset_xcr {
1331 + uint64_t prx_xcr_xcr0;
1332 + uint64_t prx_xcr_xfd;
1333 + uint64_t prx_xcr_pad[2];
1334 + } prxregset_xcr_t;
1335 +
1336 + When setting the xregs, this entry can be left out. If it is
1337 + included, it must match the existing entries, otherwise an error
1338 + will be generated.
1339 +
1340 + PRX_INFO_XSAVE - prxregset_xsave_t
1341 + This structure represents the same as the actual Intel xsave
1342 + structure, which has both the traditional XMM state that comes
1343 + from the fxsave instruction and then also contains the xsave
1344 + header itself. The structure varies between 32-bit and 64-bit
1345 + applications. The structure itself looks like:
1346 +
1347 + typedef struct prxregset_xsave {
1348 + uint16_t prx_fx_fcw;
1349 + uint16_t prx_fx_fsw;
1350 + uint16_t prx_fx_fctw; /* compressed tag word */
1351 + uint16_t prx_fx_fop;
1352 + #if defined(__amd64)
1353 + uint64_t prx_fx_rip;
1354 + uint64_t prx_fx_rdp;
1355 + #else
1356 + uint32_t prx_fx_eip;
1357 + uint16_t prx_fx_cs;
1358 + uint16_t __prx_fx_ign0;
1359 + uint32_t prx_fx_dp;
1360 + uint16_t prx_fx_ds;
1361 + uint16_t __prx_fx_ign1;
1362 + #endif
1363 + uint32_t prx_fx_mxcsr;
1364 + uint32_t prx_fx_mxcsr_mask;
1365 + union {
1366 + uint16_t prx_fpr_16[5]; /* 80-bits of x87 state */
1367 + u_longlong_t prx_fpr_mmx; /* 64-bit mmx register */
1368 + uint32_t _prx__fpr_pad[4]; /* (pad out to 128-bits) */
1369 + } fx_st[8];
1370 + #if defined(__amd64)
1371 + upad128_t prx_fx_xmm[16]; /* 128-bit registers */
1372 + upad128_t __prx_fx_ign2[6];
1373 + #else
1374 + upad128_t prx_fx_xmm[8]; /* 128-bit registers */
1375 + upad128_t __prx_fx_ign2[14];
1376 + #endif
1377 + uint64_t prx_xsh_xstate_bv;
1378 + uint64_t prx_xsh_xcomp_bv;
1379 + uint64_t prx_xsh_reserved[6];
1380 + } prxregset_xsave_t;
1381 +
1382 + In the classical fxsave portion of the structure, most of the
1383 + members follow the same meaning and match their presence in the
1384 + fpregs file and their use as discussed in the Intel and AMD
1385 + software developer manuals. The one exception is that when
1386 + setting the prx_fx_mxcsr member reserved bits that are set will
1387 + be masked off and ignored.
1388 +
1389 + The most notable fields to consider here right now are the last
1390 + few members which are part of the xsave header itself. In
1391 + particular, the prx_xsh_xstate_bv component is used to track the
1392 + actual features whose content are valid. When reading the
1393 + registers, if a given entry is not valid, the register state will
1394 + write out the informational entry in its default state. When
1395 + setting the extended registers, this notes which features will be
1396 + loaded from their default state (as defined by Intel and AMD's
1397 + manuals) and which will be loaded from the informational entries.
1398 + If a bit is set in the prx_xsh_xstate_bv entry, then it must be
1399 + present as its own informational entry otherwise a write will
1400 + fail. If an informational entry is present in a write, but not
1401 + set in the prx_xsh_xstate_bv then its contents will be ignored.
1402 +
1403 + The xregs format currently does not support any compressed items
1404 + being specified nor does it specify any, so the prx_xsh_xcomp_bv
1405 + member will be always set to zero and it and the reserved members
1406 + prx_xsh_reserved must all be left as zero.
1407 +
1408 + PRX_INFO_YMM - prxregset_ymm_t
1409 + This structure contains the upper 128-bits of the first 16 %ymm
1410 + registers (8 for 32-bit applications). To construct a full
1411 + vector register, it must be combined with the prx_fx_xmm member
1412 + of the PRX_INFO_XSAVE data. In 32-bit applications, the reserved
1413 + registers must be written as zero. The structure itself looks
1414 + like:
1415 +
1416 + typedef struct prxregset_ymm {
1417 + #if defined(__amd64)
1418 + upad128_t prx_ymm[16];
1419 + #else
1420 + upad128_t prx_ymm[8];
1421 + upad128_t prx_rsvd[8];
1422 + #endif
1423 + } prxregset_ymm_t;
1424 +
1425 + PRX_INFO_OPMASK - prxregset_opmask_t
1426 + This structure represents one portion of Intel's AVX-512 state:
1427 + the 8 64-bit mask registers, %k0 through %k7. The structure
1428 + looks like:
1429 +
1430 + typedef struct prxregset_opmask {
1431 + uint64_t prx_opmask[8];
1432 + } prxregset_opmask_t;
1433 +
1434 + PRX_INFO_ZMM - prxregset_zmm_t
1435 + This structure represents one portion of Intel's AVX-512 state:
1436 + the upper 256 bits of the 512-bit %zmm0 through %zmm15 registers.
1437 + Bits 0-127 are found in the prx_fx_xmm member of the
1438 + PRX_INFO_XSAVE data and bits 128-255 are found in the prx_ymm
1439 + member of the PRX_INFO_YMM. 32-bit applications only have access
1440 + to %zmm0 through %zmm7. This structure looks like:
1441 +
1442 + typedef struct prxregset_zmm {
1443 + #if defined(__amd64)
1444 + upad256_t prx_zmm[16];
1445 + #else
1446 + upad256_t prx_zmm[8];
1447 + upad256_t prx_rsvd[8];
1448 + #endif
1449 + } prxregset_zmm_t;
1450 +
1451 + PRX_INFO_HI_ZMM - prxregset_hi_zmm_t
1452 + This structure represents the third portion of Intel's AVX-512
1453 + state: the additional 16 512-bit registers that are available to
1454 + 64-bit applications, but not 32-bit applications. This
1455 + represents %zmm16 through %zmm31. This structure looks like:
1456 +
1457 + typedef struct prxregset_hi_zmm {
1458 + #if defined(__amd64)
1459 + upad512_t prx_hi_zmm[16];
1460 + #else
1461 + upad512_t prx_rsvd[16];
1462 + #endif
1463 + } prxregset_hi_zmm_t;
1464 +
1465 + Unlike the other lower %zmm registers of %zmm0 through %zmm15, this contains the
1466 + entire 512-bit register in one spot and there is no need to look at other
1467 + information items to reconstitute the entire vector.
1468 +
1469 + When setting the extended registers, at least the PRX_INFO_XSAVE
1470 + component must be present. None of the component offsets may
1471 + overlap with the prxregset_hdr_t or any of the prxregset_info_t
1472 + structures. In the written data file, it is expected that the
1473 + various structures start with their naturally expected alignment,
1474 + which is most often 16 bytes (that is the value that the C
1475 + alignof() keyword will return). The structures that we use are
1476 + all multiples of 16 bytes to make this easier. The kernel will
1477 + write out structures with a greater alignment such that the
1478 + portions of registers are aligned and safely usable with
1479 + instructions that move aligned integers such as vmovdqu64.
1480 +
1257 1481 CONTROL MESSAGES
1258 1482 Process state changes are effected through messages written to a
1259 1483 process's ctl file or to an individual lwp's lwpctl file. All control
1260 1484 messages consist of a long that names the specific operation followed by
1261 1485 additional data containing the operand, if any.
1262 1486
1263 1487 Multiple control messages may be combined in a single write(2) (or
1264 1488 writev(2)) to a control file, but no partial writes are permitted. That
1265 1489 is, each control message, operation code plus operand, if any, must be
1266 1490 presented in its entirety to the write(2) and not in pieces over several
1267 1491 system calls. If a control operation fails, no subsequent operations
1268 1492 contained in the same write(2) are attempted.
1269 1493
|
↓ open down ↓ |
3 lines elided |
↑ open up ↑ |
1270 1494 Descriptions of the allowable control messages follow. In all cases,
1271 1495 writing a message to a control file for a process or lwp that has
1272 1496 terminated elicits the error ENOENT.
1273 1497
1274 1498 PCSTOP PCDSTOP PCWSTOP PCTWSTOP
1275 1499 When applied to the process control file, PCSTOP directs all lwps to stop
1276 1500 and waits for them to stop, PCDSTOP directs all lwps to stop without
1277 1501 waiting for them to stop, and PCWSTOP simply waits for all lwps to stop.
1278 1502 When applied to an lwp control file, PCSTOP directs the specific lwp to
1279 1503 stop and waits until it has stopped, PCDSTOP directs the specific lwp to
1280 - stop without waiting for it to stop, and PCWSTOP
1281 - simply waits for the specific lwp to stop. When applied to an lwp
1282 - control file, PCSTOP and PCWSTOP complete when the lwp stops on an event
1283 - of interest, immediately if already so stopped; when applied to the
1284 - process control file, they complete when every lwp has stopped either on
1285 - an event of interest or on a PR_SUSPENDED stop.
1504 + stop without waiting for it to stop, and PCWSTOP simply waits for the
1505 + specific lwp to stop. When applied to an lwp control file, PCSTOP and
1506 + PCWSTOP complete when the lwp stops on an event of interest, immediately
1507 + if already so stopped; when applied to the process control file, they
1508 + complete when every lwp has stopped either on an event of interest or on
1509 + a PR_SUSPENDED stop.
1286 1510
1287 1511 PCTWSTOP is identical to PCWSTOP except that it enables the operation to
1288 1512 time out, to avoid waiting forever for a process or lwp that may never
1289 1513 stop on an event of interest. PCTWSTOP takes a long operand specifying a
1290 1514 number of milliseconds; the wait will terminate successfully after the
1291 1515 specified number of milliseconds even if the process or lwp has not
1292 1516 stopped; a timeout value of zero makes the operation identical to
1293 1517 PCWSTOP.
1294 1518
1295 1519 An "event of interest" is either a PR_REQUESTED stop or a stop that has
1296 1520 been specified in the process's tracing flags (set by PCSTRACE, PCSFAULT,
1297 - PCSENTRY, and PCSEXIT). PR_JOBCONTROL
1298 - and PR_SUSPENDED stops are specifically not events of interest. (An lwp
1299 - may stop twice due to a stop signal, first showing PR_SIGNALLED if the
1300 - signal is traced and again showing PR_JOBCONTROL if the lwp is set
1301 - running without clearing the signal.) If PCSTOP or PCDSTOP is applied to
1302 - an lwp that is stopped, but not on an event of interest, the stop
1303 - directive takes effect when the lwp is restarted by the competing
1304 - mechanism. At that time, the lwp enters a PR_REQUESTED stop before
1305 - executing any user-level code.
1521 + PCSENTRY, and PCSEXIT). PR_JOBCONTROL and PR_SUSPENDED stops are
1522 + specifically not events of interest. (An lwp may stop twice due to a
1523 + stop signal, first showing PR_SIGNALLED if the signal is traced and again
1524 + showing PR_JOBCONTROL if the lwp is set running without clearing the
1525 + signal.) If PCSTOP or PCDSTOP is applied to an lwp that is stopped, but
1526 + not on an event of interest, the stop directive takes effect when the lwp
1527 + is restarted by the competing mechanism. At that time, the lwp enters a
1528 + PR_REQUESTED stop before executing any user-level code.
1306 1529
1307 1530 A write of a control message that blocks is interruptible by a signal so
1308 1531 that, for example, an alarm(2) can be set to avoid waiting forever for a
1309 1532 process or lwp that may never stop on an event of interest. If PCSTOP is
1310 1533 interrupted, the lwp stop directives remain in effect even though the
1311 1534 write(2) returns an error. (Use of PCTWSTOP with a non-zero timeout is
1312 1535 recommended over PCWSTOP with an alarm(2).)
1313 1536
1314 1537 A system process (indicated by the PR_ISSYS flag) never executes at user
1315 1538 level, has no user-level address space visible through /proc, and cannot
1316 1539 be stopped. Applying one of these operations to a system process or any
1317 1540 of its lwps elicits the error EBUSY.
1318 1541
1319 1542 PCRUN
1320 1543 Make an lwp runnable again after a stop. This operation takes a long
1321 1544 operand containing zero or more of the following flags:
1322 1545
1323 1546 PRCSIG clears the current signal, if any (see PCCSIG).
1324 1547
1325 1548 PRCFAULT clears the current fault, if any (see PCCFAULT).
1326 1549
1327 1550 PRSTEP directs the lwp to execute a single machine instruction.
1328 1551 On completion of the instruction, a trace trap occurs. If
1329 1552 FLTTRACE is being traced, the lwp stops; otherwise, it is
1330 1553 sent SIGTRAP. If SIGTRAP is being traced and is not
1331 1554 blocked, the lwp stops. When the lwp stops on an event of
1332 1555 interest, the single-step directive is cancelled, even if
1333 1556 the stop occurs before the instruction is executed. This
1334 1557 operation requires hardware and operating system support
1335 1558 and may not be implemented on all processors. It is
1336 1559 implemented on SPARC and x86-based machines.
1337 1560
1338 1561 PRSABORT is meaningful only if the lwp is in a PR_SYSENTRY stop or
1339 1562 is marked PR_ASLEEP; it instructs the lwp to abort
1340 1563 execution of the system call (see PCSENTRY and PCSEXIT).
1341 1564
1342 1565 PRSTOP directs the lwp to stop again as soon as possible after
1343 1566 resuming execution (see PCDSTOP). In particular, if the
1344 1567 lwp is stopped on PR_SIGNALLED or PR_FAULTED, the next stop
1345 1568 will show PR_REQUESTED, no other stop will have intervened,
1346 1569 and the lwp will not have executed any user-level code.
1347 1570
1348 1571 When applied to an lwp control file, PCRUN clears any outstanding
1349 1572 directed-stop request and makes the specific lwp runnable. The operation
1350 1573 fails with EBUSY if the specific lwp is not stopped on an event of
1351 1574 interest or has not been directed to stop or if the agent lwp exists and
1352 1575 this is not the agent lwp (see PCAGENT).
1353 1576
1354 1577 When applied to the process control file, a representative lwp is chosen
1355 1578 for the operation as described for /proc/pid/status. The operation fails
1356 1579 with EBUSY if the representative lwp is not stopped on an event of
1357 1580 interest or has not been directed to stop or if the agent lwp exists. If
1358 1581 PRSTEP or PRSTOP was requested, the representative lwp is made runnable
1359 1582 and its outstanding directed-stop request is cleared; otherwise all
1360 1583 outstanding directed-stop requests are cleared and, if it was stopped on
1361 1584 an event of interest, the representative lwp is marked PR_REQUESTED. If,
1362 1585 as a consequence, all lwps are in the PR_REQUESTED or PR_SUSPENDED stop
1363 1586 state, all lwps showing PR_REQUESTED are made runnable.
1364 1587
1365 1588 PCSTRACE
1366 1589 Define a set of signals to be traced in the process. The receipt of one
1367 1590 of these signals by an lwp causes the lwp to stop. The set of signals is
1368 1591 defined using an operand sigset_t contained in the control message.
1369 1592 Receipt of SIGKILL cannot be traced; if specified, it is silently
1370 1593 ignored.
1371 1594
1372 1595 If a signal that is included in an lwp's held signal set (the signal
1373 1596 mask) is sent to the lwp, the signal is not received and does not cause a
1374 1597 stop until it is removed from the held signal set, either by the lwp
1375 1598 itself or by setting the held signal set with PCSHOLD.
1376 1599
1377 1600 PCCSIG
1378 1601 The current signal, if any, is cleared from the specific or
1379 1602 representative lwp.
1380 1603
1381 1604 PCSSIG
1382 1605 The current signal and its associated signal information for the specific
1383 1606 or representative lwp are set according to the contents of the operand
1384 1607 siginfo structure (see <sys/siginfo.h>). If the specified signal number
1385 1608 is zero, the current signal is cleared. The semantics of this operation
1386 1609 are different from those of kill(2) in that the signal is delivered to
1387 1610 the lwp immediately after execution is resumed (even if it is being
1388 1611 blocked) and an additional PR_SIGNALLED stop does not intervene even if
1389 1612 the signal is traced. Setting the current signal to SIGKILL terminates
1390 1613 the process immediately.
1391 1614
1392 1615 PCKILL
1393 1616 If applied to the process control file, a signal is sent to the process
1394 1617 with semantics identical to those of kill(2) If applied to an lwp control
1395 1618 file, a directed signal is sent to the specific lwp. The signal is named
1396 1619 in a long operand contained in the message. Sending SIGKILL terminates
1397 1620 the process immediately.
1398 1621
1399 1622 PCUNKILL
1400 1623 A signal is deleted, that is, it is removed from the set of pending
1401 1624 signals. If applied to the process control file, the signal is deleted
1402 1625 from the process's pending signals. If applied to an lwp control file,
1403 1626 the signal is deleted from the lwp's pending signals. The current signal
1404 1627 (if any) is unaffected. The signal is named in a long operand in the
1405 1628 control message. It is an error (EINVAL) to attempt to delete SIGKILL.
1406 1629
1407 1630 PCSHOLD
1408 1631 Set the set of held signals for the specific or representative lwp
1409 1632 (signals whose delivery will be blocked if sent to the lwp). The set of
1410 1633 signals is specified with a sigset_t operand. SIGKILL and SIGSTOP cannot
1411 1634 be held; if specified, they are silently ignored.
1412 1635
1413 1636 PCSFAULT
1414 1637 Define a set of hardware faults to be traced in the process. On
1415 1638 incurring one of these faults, an lwp stops. The set is defined via the
1416 1639 operand fltset_t structure. Fault names are defined in <sys/fault.h> and
1417 1640 include the following. Some of these may not occur on all processors;
1418 1641 there may be processor-specific faults in addition to these.
1419 1642
1420 1643 FLTILL illegal instruction
1421 1644
1422 1645 FLTPRIV privileged instruction
1423 1646
1424 1647 FLTBPT breakpoint trap
1425 1648
1426 1649 FLTTRACE trace trap (single-step)
1427 1650
1428 1651 FLTWATCH watchpoint trap
1429 1652
1430 1653 FLTACCESS memory access fault (bus error)
1431 1654
1432 1655 FLTBOUNDS memory bounds violation
1433 1656
1434 1657 FLTIOVF integer overflow
1435 1658
1436 1659 FLTIZDIV integer zero divide
1437 1660
1438 1661 FLTFPE floating-point exception
1439 1662
1440 1663 FLTSTACK unrecoverable stack fault
1441 1664
1442 1665 FLTPAGE recoverable page fault
1443 1666
1444 1667 When not traced, a fault normally results in the posting of a signal to
1445 1668 the lwp that incurred the fault. If an lwp stops on a fault, the signal
1446 1669 is posted to the lwp when execution is resumed unless the fault is
1447 1670 cleared by PCCFAULT or by the PRCFAULT option of PCRUN. FLTPAGE is an
1448 1671 exception; no signal is posted. The pr_info field in the lwpstatus
1449 1672 structure identifies the signal to be sent and contains machine-specific
1450 1673 information about the fault.
1451 1674
1452 1675 PCCFAULT
1453 1676 The current fault, if any, is cleared; the associated signal will not be
1454 1677 sent to the specific or representative lwp.
1455 1678
1456 1679 PCSENTRY PCSEXIT
1457 1680 These control operations instruct the process's lwps to stop on entry to
1458 1681 or exit from specified system calls. The set of system calls to be
1459 1682 traced is defined via an operand sysset_t structure.
1460 1683
1461 1684 When entry to a system call is being traced, an lwp stops after having
1462 1685 begun the call to the system but before the system call arguments have
1463 1686 been fetched from the lwp. When exit from a system call is being traced,
1464 1687 an lwp stops on completion of the system call just prior to checking for
1465 1688 signals and returning to user level. At this point, all return values
1466 1689 have been stored into the lwp's registers.
1467 1690
1468 1691 If an lwp is stopped on entry to a system call (PR_SYSENTRY) or when
1469 1692 sleeping in an interruptible system call (PR_ASLEEP is set), it may be
1470 1693 instructed to go directly to system call exit by specifying the PRSABORT
1471 1694 flag in a PCRUN control message. Unless exit from the system call is
1472 1695 being traced, the lwp returns to user level showing EINTR.
1473 1696
1474 1697 PCWATCH
1475 1698 Set or clear a watched area in the controlled process from a prwatch
1476 1699 structure operand:
1477 1700
1478 1701 typedef struct prwatch {
1479 1702 uintptr_t pr_vaddr; /* virtual address of watched area */
1480 1703 size_t pr_size; /* size of watched area in bytes */
1481 1704 int pr_wflags; /* watch type flags */
1482 1705 } prwatch_t;
1483 1706
1484 1707 pr_vaddr specifies the virtual address of an area of memory to be watched
1485 1708 in the controlled process. pr_size specifies the size of the area, in
1486 1709 bytes. pr_wflags specifies the type of memory access to be monitored as
1487 1710 a bit-mask of the following flags:
1488 1711
1489 1712 WA_READ read access
1490 1713
1491 1714 WA_WRITE write access
1492 1715
1493 1716 WA_EXEC execution access
1494 1717
1495 1718 WA_TRAPAFTER trap after the instruction completes
1496 1719
1497 1720 If pr_wflags is non-empty, a watched area is established for the virtual
1498 1721 address range specified by pr_vaddr and pr_size. If pr_wflags is empty,
1499 1722 any previously-established watched area starting at the specified virtual
1500 1723 address is cleared; pr_size is ignored.
1501 1724
1502 1725 A watchpoint is triggered when an lwp in the traced process makes a
1503 1726 memory reference that covers at least one byte of a watched area and the
1504 1727 memory reference is as specified in pr_wflags. When an lwp triggers a
1505 1728 watchpoint, it incurs a watchpoint trap. If FLTWATCH is being traced,
1506 1729 the lwp stops; otherwise, it is sent a SIGTRAP signal; if SIGTRAP is
1507 1730 being traced and is not blocked, the lwp stops.
1508 1731
1509 1732 The watchpoint trap occurs before the instruction completes unless
1510 1733 WA_TRAPAFTER was specified, in which case it occurs after the instruction
1511 1734 completes. If it occurs before completion, the memory is not modified.
1512 1735 If it occurs after completion, the memory is modified (if the access is a
1513 1736 write access).
1514 1737
1515 1738 Physical i/o is an exception for watchpoint traps. In this instance,
1516 1739 there is no guarantee that memory before the watched area has already
1517 1740 been modified (or in the case of WA_TRAPAFTER, that the memory following
1518 1741 the watched area has not been modified) when the watchpoint trap occurs
1519 1742 and the lwp stops.
1520 1743
1521 1744 pr_info in the lwpstatus structure contains information pertinent to the
1522 1745 watchpoint trap. In particular, the si_addr field contains the virtual
1523 1746 address of the memory reference that triggered the watchpoint, and the
1524 1747 si_code field contains one of TRAP_RWATCH, TRAP_WWATCH, or TRAP_XWATCH,
1525 1748 indicating read, write, or execute access, respectively. The
1526 1749 si_trapafter field is zero unless WA_TRAPAFTER is in effect for this
1527 1750 watched area; non-zero indicates that the current instruction is not the
1528 1751 instruction that incurred the watchpoint trap. The si_pc field contains
1529 1752 the virtual address of the instruction that incurred the trap.
1530 1753
1531 1754 A watchpoint trap may be triggered while executing a system call that
1532 1755 makes reference to the traced process's memory. The lwp that is
1533 1756 executing the system call incurs the watchpoint trap while still in the
1534 1757 system call. If it stops as a result, the lwpstatus structure contains
1535 1758 the system call number and its arguments. If the lwp does not stop, or
1536 1759 if it is set running again without clearing the signal or fault, the
1537 1760 system call fails with EFAULT. If WA_TRAPAFTER was specified, the memory
1538 1761 reference will have completed and the memory will have been modified (if
1539 1762 the access was a write access) when the watchpoint trap occurs.
1540 1763
1541 1764 If more than one of WA_READ, WA_WRITE, and WA_EXEC is specified for a
1542 1765 watched area, and a single instruction incurs more than one of the
1543 1766 specified types, only one is reported when the watchpoint trap occurs.
1544 1767 The precedence is WA_EXEC, WA_READ, WA_WRITE (WA_EXEC and WA_READ take
1545 1768 precedence over WA_WRITE), unless WA_TRAPAFTER was specified, in which
1546 1769 case it is WA_WRITE, WA_READ, WA_EXEC (WA_WRITE takes precedence).
1547 1770
1548 1771 PCWATCH fails with EINVAL if an attempt is made to specify overlapping
1549 1772 watched areas or if pr_wflags contains flags other than those specified
1550 1773 above. It fails with ENOMEM if an attempt is made to establish more
1551 1774 watched areas than the system can support (the system can support
1552 1775 thousands).
1553 1776
1554 1777 The child of a vfork(2) borrows the parent's address space. When a
1555 1778 vfork(2) is executed by a traced process, all watched areas established
1556 1779 for the parent are suspended until the child terminates or performs an
1557 1780 exec(2). Any watched areas established independently in the child are
1558 1781 cancelled when the parent resumes after the child's termination or
1559 1782 exec(2). PCWATCH fails with EBUSY if applied to the parent of a vfork(2)
1560 1783 before the child has terminated or performed an exec(2). The PR_VFORKP
1561 1784 flag is set in the pstatus structure for such a parent process.
1562 1785
1563 1786 Certain accesses of the traced process's address space by the operating
1564 1787 system are immune to watchpoints. The initial construction of a signal
1565 1788 stack frame when a signal is delivered to an lwp will not trigger a
1566 1789 watchpoint trap even if the new frame covers watched areas of the stack.
1567 1790 Once the signal handler is entered, watchpoint traps occur normally. On
1568 1791 SPARC based machines, register window overflow and underflow will not
1569 1792 trigger watchpoint traps, even if the register window save areas cover
1570 1793 watched areas of the stack.
1571 1794
1572 1795 Watched areas are not inherited by child processes, even if the traced
1573 1796 process's inherit-on-fork mode, PR_FORK, is set (see PCSET, below). All
1574 1797 watched areas are cancelled when the traced process performs a successful
1575 1798 exec(2).
1576 1799
1577 1800 PCSET PCUNSET
1578 1801 PCSET sets one or more modes of operation for the traced process.
1579 1802 PCUNSET unsets these modes. The modes to be set or unset are specified
1580 1803 by flags in an operand long in the control message:
1581 1804
1582 1805 PR_FORK (inherit-on-fork): When set, the process's tracing flags
1583 1806 and its inherit-on-fork mode are inherited by the child of
1584 1807 a fork(2), fork1(2), or vfork(2). When unset, child
1585 1808 processes start with all tracing flags cleared.
1586 1809
1587 1810 PR_RLC (run-on-last-close): When set and the last writable /proc
1588 1811 file descriptor referring to the traced process or any of
1589 1812 its lwps is closed, all of the process's tracing flags and
1590 1813 watched areas are cleared, any outstanding stop directives
1591 1814 are canceled, and if any lwps are stopped on events of
1592 1815 interest, they are set running as though PCRUN had been
1593 1816 applied to them. When unset, the process's tracing flags
1594 1817 and watched areas are retained and lwps are not set
1595 1818 running on last close.
1596 1819
1597 1820 PR_KLC (kill-on-last-close): When set and the last writable /proc
1598 1821 file descriptor referring to the traced process or any of
1599 1822 its lwps is closed, the process is terminated with
1600 1823 SIGKILL.
1601 1824
1602 1825 PR_ASYNC (asynchronous-stop): When set, a stop on an event of
1603 1826 interest by one lwp does not directly affect any other lwp
1604 1827 in the process. When unset and an lwp stops on an event
1605 1828 of interest other than PR_REQUESTED, all other lwps in the
1606 1829 process are directed to stop.
1607 1830
1608 1831 PR_MSACCT (microstate accounting): Microstate accounting is now
1609 1832 continuously enabled. This flag is deprecated and no
1610 1833 longer has any effect upon microstate accounting.
1611 1834 Applications may toggle this flag; however, microstate
1612 1835 accounting will remain enabled regardless.
1613 1836
1614 1837 PR_MSFORK (inherit microstate accounting): All processes now inherit
1615 1838 microstate accounting, as it is continuously enabled.
1616 1839 This flag has been deprecated and its use no longer has
1617 1840 any effect upon the behavior of microstate accounting.
1618 1841
1619 1842 PR_BPTADJ (breakpoint trap pc adjustment): On x86-based machines, a
1620 1843 breakpoint trap leaves the program counter (the EIP)
1621 1844 referring to the breakpointed instruction plus one byte.
1622 1845 When PR_BPTADJ is set, the system will adjust the program
1623 1846 counter back to the location of the breakpointed
1624 1847 instruction when the lwp stops on a breakpoint. This flag
1625 1848 has no effect on SPARC based machines, where breakpoint
1626 1849 traps leave the program counter referring to the
1627 1850 breakpointed instruction.
1628 1851
1629 1852 PR_PTRACE (ptrace-compatibility): When set, a stop on an event of
1630 1853 interest by the traced process is reported to the parent
1631 1854 of the traced process by wait(3C), SIGTRAP is sent to the
1632 1855 traced process when it executes a successful exec(2),
1633 1856 setuid/setgid flags are not honored for execs performed by
1634 1857 the traced process, any exec of an object file that the
1635 1858 traced process cannot read fails, and the process dies
1636 1859 when its parent dies. This mode is deprecated; it is
1637 1860 provided only to allow ptrace(3C) to be implemented as a
1638 1861 library function using /proc.
1639 1862
1640 1863 It is an error (EINVAL) to specify flags other than those described above
1641 1864 or to apply these operations to a system process. The current modes are
1642 1865 reported in the pr_flags field of /proc/pid/status and
1643 1866 /proc/pid/lwp/lwp/lwpstatus.
1644 1867
1645 1868 PCSREG
1646 1869 Set the general registers for the specific or representative lwp
1647 1870 according to the operand prgregset_t structure.
1648 1871
1649 1872 On SPARC based systems, only the condition-code bits of the processor-
1650 1873 status register (R_PSR) of SPARC V8 (32-bit) processes can be modified by
1651 1874 PCSREG. Other privileged registers cannot be modified at all.
1652 1875
1653 1876 On x86-based systems, only certain bits of the flags register (EFL) can
1654 1877 be modified by PCSREG: these include the condition codes, direction-bit,
1655 1878 and overflow-bit.
1656 1879
1657 1880 PCSREG fails with EBUSY if the lwp is not stopped on an event of
1658 1881 interest.
1659 1882
1660 1883 PCSVADDR
1661 1884 Set the address at which execution will resume for the specific or
1662 1885 representative lwp from the operand long. On SPARC based systems, both
1663 1886 %pc and %npc are set, with %npc set to the instruction following the
1664 1887 virtual address. On x86-based systems, only %eip is set. PCSVADDR fails
1665 1888 with EBUSY if the lwp is not stopped on an event of interest.
1666 1889
1667 1890 PCSFPREG
1668 1891 Set the floating-point registers for the specific or representative lwp
|
↓ open down ↓ |
353 lines elided |
↑ open up ↑ |
1669 1892 according to the operand prfpregset_t structure. An error (EINVAL) is
1670 1893 returned if the system does not support floating-point operations (no
1671 1894 floating-point hardware and the system does not emulate floating-point
1672 1895 machine instructions). PCSFPREG fails with EBUSY if the lwp is not
1673 1896 stopped on an event of interest.
1674 1897
1675 1898 PCSXREG
1676 1899 Set the extra state registers for the specific or representative lwp
1677 1900 according to the architecture-dependent operand prxregset_t structure.
1678 1901 An error (EINVAL) is returned if the system does not support extra state
1679 - registers. PCSXREG fails with EBUSY if the lwp is not stopped on an
1680 - event of interest.
1902 + registers or the register state is invalid. PCSXREG fails with EBUSY if
1903 + the lwp is not stopped on an event of interest.
1681 1904
1682 1905 PCSASRS
1683 1906 Set the ancillary state registers for the specific or representative lwp
1684 1907 according to the SPARC V9 platform-dependent operand asrset_t structure.
1685 1908 An error (EINVAL) is returned if either the target process or the
1686 1909 controlling process is not a 64-bit SPARC V9 process. Most of the
1687 1910 ancillary state registers are privileged registers that cannot be
1688 1911 modified. Only those that can be modified are set; all others are
1689 1912 silently ignored. PCSASRS fails with EBUSY if the lwp is not stopped on
1690 1913 an event of interest.
1691 1914
1692 1915 PCAGENT
1693 1916 Create an agent lwp in the controlled process with register values from
1694 1917 the operand prgregset_t structure (see PCSREG, above). The agent lwp is
1695 1918 created in the stopped state showing PR_REQUESTED and with its held
1696 1919 signal set (the signal mask) having all signals except SIGKILL and
1697 1920 SIGSTOP blocked.
1698 1921
1699 1922 The PCAGENT operation fails with EBUSY unless the process is fully
1700 1923 stopped via /proc, that is, unless all of the lwps in the process are
1701 1924 stopped either on events of interest or on PR_SUSPENDED, or are stopped
1702 1925 on PR_JOBCONTROL and have been directed to stop via PCDSTOP. It fails
1703 1926 with EBUSY if an agent lwp already exists. It fails with ENOMEM if
1704 1927 system resources for creating new lwps have been exhausted.
1705 1928
1706 1929 Any PCRUN operation applied to the process control file or to the control
1707 1930 file of an lwp other than the agent lwp fails with EBUSY as long as the
1708 1931 agent lwp exists. The agent lwp must be caused to terminate by executing
1709 1932 the SYS_lwp_exit system call trap before the process can be restarted.
1710 1933
1711 1934 Once the agent lwp is created, its lwp-ID can be found by reading the
1712 1935 process status file. To facilitate opening the agent lwp's control and
1713 1936 status files, the directory name /proc/pid/lwp/agent is accepted for
1714 1937 lookup operations as an invisible alias for /proc/pid/lwp/lwpid, lwpid
1715 1938 being the lwp-ID of the agent lwp (invisible in the sense that the name
1716 1939 "agent" does not appear in a directory listing of /proc/pid/lwp obtained
1717 1940 from ls(1), getdents(2), or readdir(3C).
1718 1941
1719 1942 The purpose of the agent lwp is to perform operations in the controlled
1720 1943 process on behalf of the controlling process: to gather information not
1721 1944 directly available via /proc files, or in general to make the process
1722 1945 change state in ways not directly available via /proc control operations.
1723 1946 To make use of an agent lwp, the controlling process must be capable of
1724 1947 making it execute system calls (specifically, the SYS_lwp_exit system
1725 1948 call trap). The register values given to the agent lwp on creation are
1726 1949 typically the registers of the representative lwp, so that the agent lwp
1727 1950 can use its stack.
1728 1951
1729 1952 If the controlling process neglects to force the agent lwp to execute the
1730 1953 SYS_lwp_exit system call (due to either logic error or fatal failure on
1731 1954 the part of the controlling process), the agent lwp will remain in the
1732 1955 target process. For purposes of being able to debug these otherwise
1733 1956 rogue agents, information as to the creator of the agent lwp is reflected
1734 1957 in that lwp's spymaster file in /proc. Should the target process
1735 1958 generate a core dump with the agent lwp in place, this information will
1736 1959 be available via the NT_SPYMASTER note in the core file (see core(5)).
1737 1960
1738 1961 The agent lwp is not allowed to execute any variation of the SYS_fork or
1739 1962 SYS_exec system call traps. Attempts to do so yield ENOTSUP to the agent
1740 1963 lwp.
1741 1964
1742 1965 Symbolic constants for system call trap numbers like SYS_lwp_exit and
1743 1966 SYS_lwp_create can be found in the header file <sys/syscall.h>.
1744 1967
1745 1968 PCREAD PCWRITE
1746 1969 Read or write the target process's address space via a priovec structure
1747 1970 operand:
1748 1971
1749 1972 typedef struct priovec {
1750 1973 void *pio_base; /* buffer in controlling process */
1751 1974 size_t pio_len; /* size of read/write request in bytes */
1752 1975 off_t pio_offset; /* virtual address in target process */
1753 1976 } priovec_t;
1754 1977
1755 1978 These operations have the same effect as pread(2) and pwrite(2),
1756 1979 respectively, of the target process's address space file. The difference
1757 1980 is that more than one PCREAD or PCWRITE control operation can be written
1758 1981 to the control file at once, and they can be interspersed with other
1759 1982 control operations in a single write to the control file. This is
1760 1983 useful, for example, when planting many breakpoint instructions in the
1761 1984 process's address space, or when stepping over a breakpointed
1762 1985 instruction. Unlike pread(2) and pwrite(2), no provision is made for
1763 1986 partial reads or writes; if the operation cannot be performed completely,
1764 1987 it fails with EIO.
1765 1988
1766 1989 PCNICE
1767 1990 The traced process's nice(2) value is incremented by the amount in the
1768 1991 operand long. Only a process with the {PRIV_PROC_PRIOCNTL} privilege
1769 1992 asserted in its effective set can better a process's priority in this
1770 1993 way, but any user may lower the priority. This operation is not
1771 1994 meaningful for all scheduling classes.
1772 1995
1773 1996 PCSCRED
1774 1997 Set the target process credentials to the values contained in the
1775 1998 prcred_t structure operand (see /proc/pid/cred). The effective, real,
1776 1999 and saved user-IDs and group-IDs of the target process are set. The
1777 2000 target process's supplementary groups are not changed; the pr_ngroups and
1778 2001 pr_groups members of the structure operand are ignored. Only the
1779 2002 privileged processes can perform this operation; for all others it fails
1780 2003 with EPERM.
1781 2004
1782 2005 PCSCREDX
1783 2006 Operates like PCSCRED but also sets the supplementary groups; the length
1784 2007 of the data written with this control operation should be "sizeof
1785 2008 (prcred_t) + sizeof (gid_t) * (#groups - 1)".
1786 2009
1787 2010 PCSPRIV
1788 2011 Set the target process privilege to the values contained in the prpriv_t
1789 2012 operand (see /proc/pid/priv). The effective, permitted, inheritable, and
1790 2013 limit sets are all changed. Privilege flags can also be set. The
1791 2014 process is made privilege aware unless it can relinquish privilege
1792 2015 awareness. See privileges(7).
1793 2016
1794 2017 The limit set of the target process cannot be grown. The other privilege
1795 2018 sets must be subsets of the intersection of the effective set of the
1796 2019 calling process with the new limit set of the target process or subsets
1797 2020 of the original values of the sets in the target process.
1798 2021
1799 2022 If any of the above restrictions are not met, EPERM is returned. If the
1800 2023 structure written is improperly formatted, EINVAL is returned.
1801 2024
1802 2025 PROGRAMMING NOTES
1803 2026 For security reasons, except for the psinfo, usage, lpsinfo, lusage,
1804 2027 lwpsinfo, and lwpusage files, which are world-readable, and except for
1805 2028 privileged processes, an open of a /proc file fails unless both the user-
1806 2029 ID and group-ID of the caller match those of the traced process and the
1807 2030 process's object file is readable by the caller. The effective set of
1808 2031 the caller is a superset of both the inheritable and the permitted set of
1809 2032 the target process. The limit set of the caller is a superset of the
1810 2033 limit set of the target process. Except for the world-readable files
1811 2034 just mentioned, files corresponding to setuid and setgid processes can be
1812 2035 opened only by the appropriately privileged process.
1813 2036
1814 2037 A process that is missing the basic privilege {PRIV_PROC_INFO} cannot see
1815 2038 any processes under /proc that it cannot send a signal to.
1816 2039
1817 2040 A process that has {PRIV_PROC_OWNER} asserted in its effective set can
1818 2041 open any file for reading. To manipulate or control a process, the
1819 2042 controlling process must have at least as many privileges in its
1820 2043 effective set as the target process has in its effective, inheritable,
1821 2044 and permitted sets. The limit set of the controlling process must be a
1822 2045 superset of the limit set of the target process. Additional restrictions
1823 2046 apply if any of the uids of the target process are 0. See privileges(7).
1824 2047
1825 2048 Even if held by a privileged process, an open process or lwp file
1826 2049 descriptor (other than file descriptors for the world-readable files)
1827 2050 becomes invalid if the traced process performs an exec(2) of a
1828 2051 setuid/setgid object file or an object file that the traced process
1829 2052 cannot read. Any operation performed on an invalid file descriptor,
1830 2053 except close(2), fails with EAGAIN. In this situation, if any tracing
1831 2054 flags are set and the process or any lwp file descriptor is open for
1832 2055 writing, the process will have been directed to stop and its run-on-last-
1833 2056 close flag will have been set (see PCSET). This enables a controlling
1834 2057 process (if it has permission) to reopen the /proc files to get new valid
1835 2058 file descriptors, close the invalid file descriptors, unset the run-on-
1836 2059 last-close flag (if desired), and proceed. Just closing the invalid file
1837 2060 descriptors causes the traced process to resume execution with all
1838 2061 tracing flags cleared. Any process not currently open for writing via
1839 2062 /proc, but that has left-over tracing flags from a previous open, and
1840 2063 that executes a setuid/setgid or unreadable object file, will not be
1841 2064 stopped but will have all its tracing flags cleared.
1842 2065
1843 2066 To wait for one or more of a set of processes or lwps to stop or
1844 2067 terminate, /proc file descriptors (other than those obtained by opening
1845 2068 the cwd or root directories or by opening files in the fd or object
1846 2069 directories) can be used in a poll(2) system call. When requested and
1847 2070 returned, either of the polling events POLLPRI or POLLWRNORM indicates
1848 2071 that the process or lwp stopped on an event of interest. Although they
1849 2072 cannot be requested, the polling events POLLHUP, POLLERR, and POLLNVAL
1850 2073 may be returned. POLLHUP indicates that the process or lwp has
1851 2074 terminated. POLLERR indicates that the file descriptor has become
1852 2075 invalid. POLLNVAL is returned immediately if POLLPRI or POLLWRNORM is
1853 2076 requested on a file descriptor referring to a system process (see
1854 2077 PCSTOP). The requested events may be empty to wait simply for
1855 2078 termination.
1856 2079
1857 2080 FILES
1858 2081 /proc directory (list of processes)
1859 2082 /proc/pid
1860 2083 specific process directory
1861 2084 /proc/self
1862 2085 alias for a process's own directory
1863 2086 /proc/pid/as
1864 2087 address space file
1865 2088 /proc/pid/ctl
1866 2089 process control file
1867 2090 /proc/pid/status
1868 2091 process status
1869 2092 /proc/pid/lstatus
1870 2093 array of lwp status structs
1871 2094 /proc/pid/psinfo
1872 2095 process ps(1) info
1873 2096 /proc/pid/lpsinfo
1874 2097 array of lwp ps(1) info structs
1875 2098 /proc/pid/map
1876 2099 address space map
1877 2100 /proc/pid/xmap
1878 2101 extended address space map
1879 2102 /proc/pid/rmap
1880 2103 reserved address map
1881 2104 /proc/pid/cred
1882 2105 process credentials
1883 2106 /proc/pid/priv
1884 2107 process privileges
1885 2108 /proc/pid/sigact
1886 2109 process signal actions
1887 2110 /proc/pid/auxv
1888 2111 process aux vector
1889 2112 /proc/pid/argv
1890 2113 process argument vector
1891 2114 /proc/pid/ldt
1892 2115 process LDT (x86 only)
1893 2116 /proc/pid/usage
1894 2117 process usage
1895 2118 /proc/pid/lusage
1896 2119 array of lwp usage structs
1897 2120 /proc/pid/path
1898 2121 symbolic links to process open files
1899 2122 /proc/pid/pagedata
1900 2123 process page data
1901 2124 /proc/pid/watch
1902 2125 active watchpoints
1903 2126 /proc/pid/cwd
1904 2127 alias for the current working directory
1905 2128 /proc/pid/root
1906 2129 alias for the root directory
1907 2130 /proc/pid/fd
1908 2131 directory (list of open files)
1909 2132 /proc/pid/fd/*
1910 2133 aliases for process's open files
1911 2134 /proc/pid/object
1912 2135 directory (list of mapped files)
1913 2136 /proc/pid/object/a.out
1914 2137 alias for process's executable file
1915 2138 /proc/pid/object/*
1916 2139 aliases for other mapped files
1917 2140 /proc/pid/lwp
1918 2141 directory (list of lwps)
1919 2142 /proc/pid/lwp/lwpid
1920 2143 specific lwp directory
1921 2144 /proc/pid/lwp/agent
1922 2145 alias for the agent lwp directory
1923 2146 /proc/pid/lwp/lwpid/lwpctl
1924 2147 lwp control file
1925 2148 /proc/pid/lwp/lwpid/lwpstatus
1926 2149 lwp status
1927 2150 /proc/pid/lwp/lwpid/lwpsinfo
1928 2151 lwp ps(1) info
1929 2152 /proc/pid/lwp/lwpid/lwpusage
1930 2153 lwp usage
1931 2154 /proc/pid/lwp/lwpid/gwindows
1932 2155 register windows (SPARC only)
1933 2156 /proc/pid/lwp/lwpid/xregs
1934 2157 extra state registers
1935 2158 /proc/pid/lwp/lwpid/asrs
1936 2159 ancillary state registers (SPARC V9 only)
1937 2160 /proc/pid/lwp/lwpid/spymaster
1938 2161 For an agent LWP, the controlling process
1939 2162
1940 2163 DIAGNOSTICS
1941 2164 Errors that can occur in addition to the errors normally associated with
1942 2165 file system access:
1943 2166
1944 2167 E2BIG Data to be returned in a read(2) of the page data file
1945 2168 exceeds the size of the read buffer provided by the
1946 2169 caller.
1947 2170
1948 2171 EACCES An attempt was made to examine a process that ran under a
1949 2172 different uid than the controlling process and
1950 2173 {PRIV_PROC_OWNER} was not asserted in the effective set.
1951 2174
1952 2175 EAGAIN The traced process has performed an exec(2) of a
1953 2176 setuid/setgid object file or of an object file that it
1954 2177 cannot read; all further operations on the process or lwp
1955 2178 file descriptor (except close(2)) elicit this error.
1956 2179
1957 2180 EBUSY PCSTOP, PCDSTOP, PCWSTOP, or PCTWSTOP was applied to a
1958 2181 system process; an exclusive open(2) was attempted on a
1959 2182 /proc file for a process already open for writing; PCRUN,
1960 2183 PCSREG, PCSVADDR, PCSFPREG, or PCSXREG was applied to a
1961 2184 process or lwp not stopped on an event of interest; an
1962 2185 attempt was made to mount /proc when it was already
1963 2186 mounted; PCAGENT was applied to a process that was not
1964 2187 fully stopped or that already had an agent lwp.
1965 2188
1966 2189 EINVAL In general, this means that some invalid argument was
1967 2190 supplied to a system call. A non-exhaustive list of
1968 2191 conditions eliciting this error includes: a control
1969 2192 message operation code is undefined; an out-of-range
1970 2193 signal number was specified with PCSSIG, PCKILL, or
1971 2194 PCUNKILL; SIGKILL was specified with PCUNKILL; PCSFPREG
1972 2195 was applied on a system that does not support floating-
1973 2196 point operations; PCSXREG was applied on a system that
1974 2197 does not support extra state registers.
1975 2198
1976 2199 EINTR A signal was received by the controlling process while
1977 2200 waiting for the traced process or lwp to stop via PCSTOP,
1978 2201 PCWSTOP, or PCTWSTOP.
1979 2202
1980 2203 EIO A write(2) was attempted at an illegal address in the
1981 2204 traced process.
1982 2205
1983 2206 ENOENT The traced process or lwp has terminated after being
1984 2207 opened. The basic privilege {PRIV_PROC_INFO} is not
1985 2208 asserted in the effective set of the calling process and
1986 2209 the calling process cannot send a signal to the target
1987 2210 process.
1988 2211
1989 2212 ENOMEM The system-imposed limit on the number of page data file
1990 2213 descriptors was reached on an open of /proc/pid/pagedata;
1991 2214 an attempt was made with PCWATCH to establish more watched
1992 2215 areas than the system can support; the PCAGENT operation
1993 2216 was issued when the system was out of resources for
1994 2217 creating lwps.
1995 2218
1996 2219 ENOSYS An attempt was made to perform an unsupported operation
1997 2220 (such as creat(2), link(2), or unlink(2)) on an entry in
1998 2221 /proc.
1999 2222
2000 2223 EOVERFLOW A 32-bit controlling process attempted to read or write
2001 2224 the as file or attempted to read the map, rmap, or
2002 2225 pagedata file of a 64-bit target process. A 32-bit
2003 2226 controlling process attempted to apply one of the control
2004 2227 operations PCSREG, PCSXREG, PCSVADDR, PCWATCH, PCAGENT,
2005 2228 PCREAD, PCWRITE to a 64-bit target process.
2006 2229
2007 2230 EPERM The process that issued the PCSCRED or PCSCREDX operation
2008 2231 did not have the {PRIV_PROC_SETID} privilege asserted in
2009 2232 its effective set, or the process that issued the PCNICE
2010 2233 operation did not have the {PRIV_PROC_PRIOCNTL} in its
2011 2234 effective set.
2012 2235
2013 2236 An attempt was made to control a process of which the E,
2014 2237 P, and I privilege sets were not a subset of the effective
2015 2238 set of the controlling process or the limit set of the
2016 2239 controlling process is not a superset of limit set of the
2017 2240 controlled process.
2018 2241
2019 2242 Any of the uids of the target process are 0 or an attempt
2020 2243 was made to change any of the uids to 0 using PCSCRED and
2021 2244 the security policy imposed additional restrictions. See
2022 2245 privileges(7).
2023 2246
2024 2247 SEE ALSO
2025 2248 ls(1), ps(1), alarm(2), brk(2), chdir(2), chroot(2), close(2), creat(2),
2026 2249 dup(2), exec(2), fcntl(2), fork(2), fork1(2), fstat(2), getdents(2),
2027 2250 getustack(2), kill(2), lseek(2), mmap(2), nice(2), open(2), poll(2),
2028 2251 pread(2), pwrite(2), read(2), readlink(2), readv(2), shmget(2),
2029 2252 sigaction(2), sigaltstack(2), vfork(2), write(2), writev(2),
2030 2253 _stack_grow(3C), pthread_create(3C), pthread_join(3C), ptrace(3C),
2031 2254 readdir(3C), thr_create(3C), thr_join(3C), wait(3C), siginfo.h(3HEAD),
2032 2255 signal.h(3HEAD), types32.h(3HEAD), ucontext.h(3HEAD), contract(5),
2033 2256 core(5), process(5), lfcompile(7), privileges(7), security-flags(7),
2034 2257 chroot(8)
2035 2258
2036 2259 NOTES
2037 2260 Descriptions of structures in this document include only interesting
2038 2261 structure elements, not filler and padding fields, and may show elements
2039 2262 out of order for descriptive clarity. The actual structure definitions
2040 2263 are contained in <procfs.h>.
2041 2264
2042 2265 BUGS
2043 2266 Because the old ioctl(2)-based version of /proc is currently supported
2044 2267 for binary compatibility with old applications, the top-level directory
2045 2268 for a process, /proc/pid, is not world-readable, but it is world-
2046 2269 searchable. Thus, anyone can open /proc/pid/psinfo even though ls(1)
2047 2270 applied to /proc/pid will fail for anyone but the owner or an
2048 2271 appropriately privileged process. Support for the old ioctl(2)-based
2049 2272 version of /proc will be dropped in a future release, at which time the
2050 2273 top-level directory for a process will be made world-readable.
2051 2274
2052 2275 On SPARC based machines, the types gregset_t and fpregset_t defined in
2053 2276 <sys/regset.h> are similar to but not the same as the types prgregset_t
2054 2277 and prfpregset_t defined in <procfs.h>.
2055 2278
2056 2279 illumos May 17, 2020 illumos
|
↓ open down ↓ |
366 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX