Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/man/man4/proc.4.man.txt
+++ new/usr/src/man/man4/proc.4.man.txt
1 1 PROC(4) File Formats and Configurations PROC(4)
2 2
3 3
4 4
5 5 NAME
6 6 proc - /proc, the process file system
7 7
8 8 DESCRIPTION
9 9 /proc is a file system that provides access to the state of each
10 10 process and light-weight process (lwp) in the system. The name of each
11 11 entry in the /proc directory is a decimal number corresponding to a
12 12 process-ID. These entries are themselves subdirectories. Access to
13 13 process state is provided by additional files contained within each
14 14 subdirectory; the hierarchy is described more completely below. In this
15 15 document, ``/proc file'' refers to a non-directory file within the
16 16 hierarchy rooted at /proc. The owner of each /proc file and
17 17 subdirectory is determined by the user-ID of the process.
18 18
19 19
20 20 /proc can be mounted on any mount point, in addition to the standard
21 21 /proc mount point, and can be mounted several places at once. Such
22 22 additional mounts are allowed in order to facilitate the confinement of
23 23 processes to subtrees of the file system via chroot(1M) and yet allow
24 24 such processes access to commands like ps(1).
25 25
26 26
27 27 Standard system calls are used to access /proc files: open(2),
28 28 close(2), read(2), and write(2) (including readv(2), writev(2),
29 29 pread(2), and pwrite(2)). Most files describe process state and can
30 30 only be opened for reading. ctl and lwpctl (control) files permit
31 31 manipulation of process state and can only be opened for writing. as
32 32 (address space) files contain the image of the running process and can
33 33 be opened for both reading and writing. An open for writing allows
34 34 process control; a read-only open allows inspection but not control. In
35 35 this document, we refer to the process as open for reading or writing
36 36 if any of its associated /proc files is open for reading or writing.
37 37
38 38
39 39 In general, more than one process can open the same /proc file at the
40 40 same time. Exclusive open is an advisory mechanism provided to allow
41 41 controlling processes to avoid collisions with each other. A process
42 42 can obtain exclusive control of a target process, with respect to other
43 43 cooperating processes, if it successfully opens any /proc file in the
44 44 target process for writing (the as or ctl files, or the lwpctl file of
45 45 any lwp) while specifying O_EXCL in the open(2). Such an open will fail
46 46 if the target process is already open for writing (that is, if an as,
47 47 ctl, or lwpctl file is already open for writing). There can be any
48 48 number of concurrent read-only opens; O_EXCL is ignored on opens for
49 49 reading. It is recommended that the first open for writing by a
50 50 controlling process use the O_EXCL flag; multiple controlling processes
51 51 usually result in chaos.
52 52
53 53
54 54 If a process opens one of its own /proc files for writing, the open
55 55 succeeds regardless of O_EXCL and regardless of whether some other
56 56 process has the process open for writing. Self-opens do not count when
57 57 another process attempts an exclusive open. (A process cannot exclude a
58 58 debugger by opening itself for writing and the application of a
59 59 debugger cannot prevent a process from opening itself.) All self-opens
60 60 for writing are forced to be close-on-exec (see the F_SETFD operation
61 61 of fcntl(2)).
62 62
63 63
64 64 Data may be transferred from or to any locations in the address space
65 65 of the traced process by applying lseek(2) to position the as file at
66 66 the virtual address of interest followed by read(2) or write(2) (or by
67 67 using pread(2) or pwrite(2) for the combined operation). The address-
68 68 map files /proc/pid/map and /proc/pid/xmap can be read to determine the
69 69 accessible areas (mappings) of the address space. I/O transfers may
70 70 span contiguous mappings. An I/O request extending into an unmapped
71 71 area is truncated at the boundary. A write request beginning at an
72 72 unmapped virtual address fails with EIO; a read request beginning at an
73 73 unmapped virtual address returns zero (an end-of-file indication).
74 74
75 75
76 76 Information and control operations are provided through additional
77 77 files. <procfs.h> contains definitions of data structures and message
78 78 formats used with these files. Some of these definitions involve the
79 79 use of sets of flags. The set types sigset_t, fltset_t, and sysset_t
80 80 correspond, respectively, to signal, fault, and system call
81 81 enumerations defined in <sys/signal.h>, <sys/fault.h>, and
82 82 <sys/syscall.h>. Each set type is large enough to hold flags for its
83 83 own enumeration. Although they are of different sizes, they have a
84 84 common structure and can be manipulated by these macros:
85 85
86 86 prfillset(&set); /* turn on all flags in set */
87 87 premptyset(&set); /* turn off all flags in set */
88 88 praddset(&set, flag); /* turn on the specified flag */
89 89 prdelset(&set, flag); /* turn off the specified flag */
90 90 r = prismember(&set, flag); /* != 0 iff flag is turned on */
91 91
92 92
93 93
94 94 One of prfillset() or premptyset() must be used to initialize set
95 95 before it is used in any other operation. flag must be a member of the
96 96 enumeration corresponding to set.
97 97
98 98
99 99 Every process contains at least one light-weight process, or lwp. Each
100 100 lwp represents a flow of execution that is independently scheduled by
101 101 the operating system. All lwps in a process share its address space as
102 102 well as many other attributes. Through the use of lwpctl and ctl files
103 103 as described below, it is possible to affect individual lwps in a
104 104 process or to affect all of them at once, depending on the operation.
105 105
106 106
107 107 When the process has more than one lwp, a representative lwp is chosen
108 108 by the system for certain process status files and control operations.
109 109 The representative lwp is a stopped lwp only if all of the process's
110 110 lwps are stopped; is stopped on an event of interest only if all of the
111 111 lwps are so stopped (excluding PR_SUSPENDED lwps); is in a PR_REQUESTED
112 112 stop only if there are no other events of interest to be found; or,
113 113 failing everything else, is in a PR_SUSPENDED stop (implying that the
114 114 process is deadlocked). See the description of the status file for
115 115 definitions of stopped states. See the PCSTOP control operation for the
116 116 definition of ``event of interest''.
117 117
118 118
119 119 The representative lwp remains fixed (it will be chosen again on the
120 120 next operation) as long as all of the lwps are stopped on events of
121 121 interest or are in a PR_SUSPENDED stop and the PCRUN control operation
122 122 is not applied to any of them.
123 123
124 124
125 125 When applied to the process control file, every /proc control operation
126 126 that must act on an lwp uses the same algorithm to choose which lwp to
127 127 act upon. Together with synchronous stopping (see PCSET), this enables
128 128 a debugger to control a multiple-lwp process using only the process-
129 129 level status and control files if it so chooses. More fine-grained
130 130 control can be achieved using the lwp-specific files.
131 131
132 132
133 133 The system supports two process data models, the traditional 32-bit
134 134 data model in which ints, longs and pointers are all 32 bits wide (the
135 135 ILP32 data model), and on some platforms the 64-bit data model in which
136 136 longs and pointers, but not ints, are 64 bits in width (the LP64 data
137 137 model). In the LP64 data model some system data types, notably size_t,
138 138 off_t, time_t and dev_t, grow from 32 bits to 64 bits as well.
139 139
140 140
141 141 The /proc interfaces described here are available to both 32-bit and
142 142 64-bit controlling processes. However, many operations attempted by a
143 143 32-bit controlling process on a 64-bit target process will fail with
144 144 EOVERFLOW because the address space range of a 32-bit process cannot
145 145 encompass a 64-bit process or because the data in some 64-bit system
146 146 data type cannot be compressed to fit into the corresponding 32-bit
147 147 type without loss of information. Operations that fail in this
148 148 circumstance include reading and writing the address space, reading the
149 149 address-map files, and setting the target process's registers. There is
150 150 no restriction on operations applied by a 64-bit process to either a
151 151 32-bit or a 64-bit target processes.
152 152
153 153
154 154 The format of the contents of any /proc file depends on the data model
155 155 of the observer (the controlling process), not on the data model of the
156 156 target process. A 64-bit debugger does not have to translate the
157 157 information it reads from a /proc file for a 32-bit process from 32-bit
158 158 format to 64-bit format. However, it usually has to be aware of the
159 159 data model of the target process. The pr_dmodel field of the status
160 160 files indicates the target process's data model.
161 161
162 162
163 163 To help deal with system data structures that are read from 32-bit
164 164 processes, a 64-bit controlling program can be compiled with the C
165 165 preprocessor symbol _SYSCALL32 defined before system header files are
166 166 included. This makes explicit 32-bit fixed-width data structures (like
167 167 cstruct stat32) visible to the 64-bit program. See types32.h(3HEAD).
168 168
169 169 DIRECTORY STRUCTURE
170 170 At the top level, the directory /proc contains entries each of which
171 171 names an existing process in the system. These entries are themselves
172 172 directories. Except where otherwise noted, the files described below
173 173 can be opened for reading only. In addition, if a process becomes a
174 174 zombie (one that has exited but whose parent has not yet performed a
175 175 wait(3C) upon it), most of its associated /proc files disappear from
176 176 the hierarchy; subsequent attempts to open them, or to read or write
177 177 files opened before the process exited, will elicit the error ENOENT.
178 178
179 179
180 180 Although process state and consequently the contents of /proc files can
181 181 change from instant to instant, a single read(2) of a /proc file is
182 182 guaranteed to return a sane representation of state; that is, the read
183 183 will be atomic with respect to the state of the process. No such
184 184 guarantee applies to successive reads applied to a /proc file for a
185 185 running process. In addition, atomicity is not guaranteed for I/O
186 186 applied to the as (address-space) file for a running process or for a
187 187 process whose address space contains memory shared by another running
188 188 process.
189 189
190 190
191 191 A number of structure definitions are used to describe the files. These
192 192 structures may grow by the addition of elements at the end in future
193 193 releases of the system and it is not legitimate for a program to assume
194 194 that they will not.
195 195
196 196 STRUCTURE OF /proc/pid
197 197 A given directory /proc/pid contains the following entries. A process
198 198 can use the invisible alias /proc/self if it wishes to open one of its
199 199 own /proc files (invisible in the sense that the name ``self'' does not
200 200 appear in a directory listing of /proc obtained from ls(1),
201 201 getdents(2), or readdir(3C)).
202 202
203 203 contracts
204 204 A directory containing references to the contracts held by the process.
205 205 Each entry is a symlink to the contract's directory under
206 206 /system/contract. See contract(4).
207 207
208 208 as
209 209 Contains the address-space image of the process; it can be opened for
210 210 both reading and writing. lseek(2) is used to position the file at the
211 211 virtual address of interest and then the address space can be examined
212 212 or changed through read(2) or write(2) (or by using pread(2) or
213 213 pwrite(2) for the combined operation).
214 214
215 215 ctl
216 216 A write-only file to which structured messages are written directing
217 217 the system to change some aspect of the process's state or control its
218 218 behavior in some way. The seek offset is not relevant when writing to
219 219 this file. Individual lwps also have associated lwpctl files in the lwp
220 220 subdirectories. A control message may be written either to the
221 221 process's ctl file or to a specific lwpctl file with operation-specific
222 222 effects. The effect of a control message is immediately reflected in
223 223 the state of the process visible through appropriate status and
224 224 information files. The types of control messages are described in
225 225 detail later. See CONTROL MESSAGES.
226 226
227 227 status
228 228 Contains state information about the process and the representative
229 229 lwp. The file contains a pstatus structure which contains an embedded
230 230 lwpstatus structure for the representative lwp, as follows:
231 231
232 232 typedef struct pstatus {
233 233 int pr_flags; /* flags (see below) */
234 234 int pr_nlwp; /* number of active lwps in the process */
235 235 int pr_nzomb; /* number of zombie lwps in the process */
236 236 pid_tpr_pid; /* process id */
237 237 pid_tpr_ppid; /* parent process id */
238 238 pid_tpr_pgid; /* process group id */
239 239 pid_tpr_sid; /* session id */
240 240 id_t pr_aslwpid; /* obsolete */
241 241 id_t pr_agentid; /* lwp-id of the agent lwp, if any */
242 242 sigset_t pr_sigpend; /* set of process pending signals */
243 243 uintptr_t pr_brkbase; /* virtual address of the process heap */
244 244 size_t pr_brksize; /* size of the process heap, in bytes */
245 245 uintptr_t pr_stkbase; /* virtual address of the process stack */
246 246 size_tpr_stksize; /* size of the process stack, in bytes */
247 247 timestruc_t pr_utime; /* process user cpu time */
248 248 timestruc_t pr_stime; /* process system cpu time */
249 249 timestruc_t pr_cutime; /* sum of children's user times */
250 250 timestruc_t pr_cstime; /* sum of children's system times */
251 251 sigset_t pr_sigtrace; /* set of traced signals */
252 252 fltset_t pr_flttrace; /* set of traced faults */
253 253 sysset_t pr_sysentry; /* set of system calls traced on entry */
254 254 sysset_t pr_sysexit; /* set of system calls traced on exit */
255 255 char pr_dmodel; /* data model of the process */
256 256 taskid_t pr_taskid; /* task id */
257 257 projid_t pr_projid; /* project id */
258 258 zoneid_t pr_zoneid; /* zone id */
259 259 lwpstatus_t pr_lwp; /* status of the representative lwp */
260 260 } pstatus_t;
261 261
262 262
263 263
264 264 pr_flags is a bit-mask holding the following process flags. For
265 265 convenience, it also contains the lwp flags for the representative lwp,
266 266 described later.
267 267
268 268 PR_ISSYS
269 269 process is a system process (see PCSTOP).
270 270
271 271
272 272 PR_VFORKP
273 273 process is the parent of a vforked child (see PCWATCH).
274 274
275 275
276 276 PR_FORK
277 277 process has its inherit-on-fork mode set (see PCSET).
278 278
279 279
280 280 PR_RLC
281 281 process has its run-on-last-close mode set (see PCSET).
282 282
283 283
284 284 PR_KLC
285 285 process has its kill-on-last-close mode set (see PCSET).
286 286
287 287
288 288 PR_ASYNC
289 289 process has its asynchronous-stop mode set (see PCSET).
290 290
291 291
292 292 PR_MSACCT
293 293 Set by default in all processes to indicate that
294 294 microstate accounting is enabled. However, this flag has
295 295 been deprecated and no longer has any effect. Microstate
296 296 accounting may not be disabled; however, it is still
297 297 possible to toggle the flag.
298 298
299 299
300 300 PR_MSFORK
301 301 Set by default in all processes to indicate that
302 302 microstate accounting will be enabled for processes that
303 303 this parent forks(). However, this flag has been
304 304 deprecated and no longer has any effect. It is possible to
305 305 toggle this flag; however, it is not possible to disable
306 306 microstate accounting.
307 307
308 308
309 309 PR_BPTADJ
310 310 process has its breakpoint adjustment mode set (see
311 311 PCSET).
312 312
313 313
314 314 PR_PTRACE
315 315 process has its ptrace-compatibility mode set (see PCSET).
316 316
317 317
318 318
319 319 pr_nlwp is the total number of active lwps in the process. pr_nzomb is
320 320 the total number of zombie lwps in the process. A zombie lwp is a non-
321 321 detached lwp that has terminated but has not been reaped with
322 322 thr_join(3C) or pthread_join(3C).
323 323
324 324
325 325 pr_pid, pr_ppid, pr_pgid, and pr_sid are, respectively, the process ID,
326 326 the ID of the process's parent, the process's process group ID, and the
327 327 process's session ID.
328 328
329 329
330 330 pr_aslwpid is obsolete and is always zero.
331 331
332 332
333 333 pr_agentid is the lwp-ID for the /proc agent lwp (see the PCAGENT
334 334 control operation). It is zero if there is no agent lwp in the process.
335 335
336 336
337 337 pr_sigpend identifies asynchronous signals pending for the process.
338 338
339 339
340 340 pr_brkbase is the virtual address of the process heap and pr_brksize is
341 341 its size in bytes. The address formed by the sum of these values is the
342 342 process break (see brk(2)). pr_stkbase and pr_stksize are,
343 343 respectively, the virtual address of the process stack and its size in
344 344 bytes. (Each lwp runs on a separate stack; the distinguishing
345 345 characteristic of the process stack is that the operating system will
346 346 grow it when necessary.)
347 347
348 348
349 349 pr_utime, pr_stime, pr_cutime, and pr_cstime are, respectively, the
350 350 user CPU and system CPU time consumed by the process, and the
351 351 cumulative user CPU and system CPU time consumed by the process's
352 352 children, in seconds and nanoseconds.
353 353
354 354
355 355 pr_sigtrace and pr_flttrace contain, respectively, the set of signals
356 356 and the set of hardware faults that are being traced (see PCSTRACE and
357 357 PCSFAULT).
358 358
359 359
360 360 pr_sysentry and pr_sysexit contain, respectively, the sets of system
361 361 calls being traced on entry and exit (see PCSENTRY and PCSEXIT).
362 362
363 363
364 364 pr_dmodel indicates the data model of the process. Possible values are:
365 365
366 366 PR_MODEL_ILP32
367 367 process data model is ILP32.
368 368
369 369
370 370 PR_MODEL_LP64
371 371 process data model is LP64.
372 372
373 373
374 374 PR_MODEL_NATIVE
375 375 process data model is native.
376 376
377 377
378 378
379 379 The pr_taskid, pr_projid, and pr_zoneid fields contain respectively,
380 380 the numeric IDs of the task, project, and zone in which the process was
381 381 running.
382 382
383 383
384 384 The constant PR_MODEL_NATIVE reflects the data model of the controlling
385 385 process, that is, its value is PR_MODEL_ILP32 or PR_MODEL_LP64
386 386 according to whether the controlling process has been compiled as a
387 387 32-bit program or a 64-bit program, respectively.
388 388
389 389
390 390 pr_lwp contains the status information for the representative lwp:
391 391
392 392 typedef struct lwpstatus {
393 393 int pr_flags; /* flags (see below) */
394 394 id_t pr_lwpid; /* specific lwp identifier */
395 395 short pr_why; /* reason for lwp stop, if stopped */
396 396 short pr_what; /* more detailed reason */
397 397 short pr_cursig; /* current signal, if any */
398 398 siginfo_t pr_info; /* info associated with signal or fault */
399 399 sigset_t pr_lwppend; /* set of signals pending to the lwp */
400 400 sigset_t pr_lwphold; /* set of signals blocked by the lwp */
401 401 struct sigaction pr_action;/* signal action for current signal */
402 402 stack_t pr_altstack; /* alternate signal stack info */
403 403 uintptr_t pr_oldcontext; /* address of previous ucontext */
404 404 short pr_syscall; /* system call number (if in syscall) */
405 405 short pr_nsysarg; /* number of arguments to this syscall */
406 406 int pr_errno; /* errno for failed syscall */
407 407 long pr_sysarg[PRSYSARGS]; /* arguments to this syscall */
408 408 long pr_rval1; /* primary syscall return value */
409 409 long pr_rval2; /* second syscall return value, if any */
410 410 char pr_clname[PRCLSZ]; /* scheduling class name */
411 411 timestruc_t pr_tstamp; /* real-time time stamp of stop */
412 412 timestruc_t pr_utime; /* lwp user cpu time */
413 413 timestruc_t pr_stime; /* lwp system cpu time */
414 414 uintptr_t pr_ustack; /* stack boundary data (stack_t) address */
415 415 ulong_t pr_instr; /* current instruction */
416 416 prgregset_t pr_reg; /* general registers */
417 417 prfpregset_t pr_fpreg; /* floating-point registers */
418 418 } lwpstatus_t;
419 419
420 420
421 421
422 422 pr_flags is a bit-mask holding the following lwp flags. For
423 423 convenience, it also contains the process flags, described previously.
424 424
425 425 PR_STOPPED
426 426 The lwp is stopped.
427 427
428 428
429 429 PR_ISTOP
430 430 The lwp is stopped on an event of interest (see PCSTOP).
431 431
432 432
433 433 PR_DSTOP
434 434 The lwp has a stop directive in effect (see PCSTOP).
435 435
436 436
437 437 PR_STEP
438 438 The lwp has a single-step directive in effect (see
439 439 PCRUN).
440 440
441 441
442 442 PR_ASLEEP
443 443 The lwp is in an interruptible sleep within a system
444 444 call.
445 445
446 446
447 447 PR_PCINVAL
448 448 The lwp's current instruction (pr_instr) is undefined.
449 449
450 450
451 451 PR_DETACH
452 452 This is a detached lwp (see pthread_create(3C) and
453 453 pthread_join(3C)).
454 454
455 455
456 456 PR_DAEMON
457 457 This is a daemon lwp (see pthread_create(3C)).
458 458
459 459
460 460 PR_ASLWP
461 461 This flag is obsolete and is never set.
462 462
463 463
464 464 PR_AGENT
465 465 This is the /proc agent lwp for the process.
466 466
467 467
468 468
469 469 pr_lwpid names the specific lwp.
470 470
471 471
472 472 pr_why and pr_what together describe, for a stopped lwp, the reason for
473 473 the stop. Possible values of pr_why and the associated pr_what are:
474 474
475 475 PR_REQUESTED
476 476 indicates that the stop occurred in response to a stop
477 477 directive, normally because PCSTOP was applied or
478 478 because another lwp stopped on an event of interest
479 479 and the asynchronous-stop flag (see PCSET) was not set
480 480 for the process. pr_what is unused in this case.
481 481
482 482
483 483 PR_SIGNALLED
484 484 indicates that the lwp stopped on receipt of a signal
485 485 (see PCSTRACE); pr_what holds the signal number that
486 486 caused the stop (for a newly-stopped lwp, the same
487 487 value is in pr_cursig).
488 488
489 489
490 490 PR_FAULTED
491 491 indicates that the lwp stopped on incurring a hardware
492 492 fault (see PCSFAULT); pr_what holds the fault number
493 493 that caused the stop.
494 494
495 495
496 496 PR_SYSENTRY
497 497 PR_SYSEXIT
498 498 indicate a stop on entry to or exit from a system call
499 499 (see PCSENTRY and PCSEXIT); pr_what holds the system
500 500 call number.
501 501
502 502
503 503 PR_JOBCONTROL
504 504 indicates that the lwp stopped due to the default
505 505 action of a job control stop signal (see
506 506 sigaction(2)); pr_what holds the stopping signal
507 507 number.
508 508
509 509
510 510 PR_SUSPENDED
511 511 indicates that the lwp stopped due to internal
512 512 synchronization of lwps within the process. pr_what is
513 513 unused in this case.
514 514
515 515
516 516
517 517 pr_cursig names the current signal, that is, the next signal to be
518 518 delivered to the lwp, if any. pr_info, when the lwp is in a
519 519 PR_SIGNALLED or PR_FAULTED stop, contains additional information
520 520 pertinent to the particular signal or fault (see <sys/siginfo.h>).
521 521
522 522
523 523 pr_lwppend identifies any synchronous or directed signals pending for
524 524 the lwp. pr_lwphold identifies those signals whose delivery is being
525 525 blocked by the lwp (the signal mask).
526 526
527 527
528 528 pr_action contains the signal action information pertaining to the
529 529 current signal (see sigaction(2)); it is undefined if pr_cursig is
530 530 zero. pr_altstack contains the alternate signal stack information for
531 531 the lwp (see sigaltstack(2)).
532 532
533 533
534 534 pr_oldcontext, if not zero, contains the address on the lwp stack of a
535 535 ucontext structure describing the previous user-level context (see
536 536 ucontext.h(3HEAD)). It is non-zero only if the lwp is executing in the
537 537 context of a signal handler.
538 538
539 539
540 540 pr_syscall is the number of the system call, if any, being executed by
541 541 the lwp; it is non-zero if and only if the lwp is stopped on
542 542 PR_SYSENTRY or PR_SYSEXIT, or is asleep within a system call (
543 543 PR_ASLEEP is set). If pr_syscall is non-zero, pr_nsysarg is the number
544 544 of arguments to the system call and pr_sysarg contains the actual
545 545 arguments.
546 546
547 547
548 548 pr_rval1, pr_rval2, and pr_errno are defined only if the lwp is stopped
549 549 on PR_SYSEXIT or if the PR_VFORKP flag is set. If pr_errno is zero,
550 550 pr_rval1 and pr_rval2 contain the return values from the system call.
551 551 Otherwise, pr_errno contains the error number for the failing system
552 552 call (see <sys/errno.h>).
553 553
554 554
555 555 pr_clname contains the name of the lwp's scheduling class.
556 556
557 557
558 558 pr_tstamp, if the lwp is stopped, contains a time stamp marking when
559 559 the lwp stopped, in real time seconds and nanoseconds since an
560 560 arbitrary time in the past.
561 561
562 562
563 563 pr_utime is the amount of user level CPU time used by this LWP.
564 564
565 565
566 566 pr_stime is the amount of system level CPU time used by this LWP.
567 567
568 568
569 569 pr_ustack is the virtual address of the stack_t that contains the stack
570 570 boundaries for this LWP. See getustack(2) and _stack_grow(3C).
571 571
572 572
573 573 pr_instr contains the machine instruction to which the lwp's program
574 574 counter refers. The amount of data retrieved from the process is
575 575 machine-dependent. On SPARC based machines, it is a 32-bit word. On
576 576 x86-based machines, it is a single byte. In general, the size is that
577 577 of the machine's smallest instruction. If PR_PCINVAL is set, pr_instr
578 578 is undefined; this occurs whenever the lwp is not stopped or when the
579 579 program counter refers to an invalid virtual address.
580 580
581 581
582 582 pr_reg is an array holding the contents of a stopped lwp's general
583 583 registers.
584 584
585 585 SPARC
586 586 On SPARC-based machines, the predefined constants
587 587 R_G0 ... R_G7, R_O0 ... R_O7, R_L0 ... R_L7, R_I0
588 588 ... R_I7, R_PC, R_nPC, and R_Y can be used as
589 589 indices to refer to the corresponding registers;
590 590 previous register windows can be read from their
591 591 overflow locations on the stack (however, see the
592 592 gwindows file in the /proc/pid/lwp/lwpid
593 593 subdirectory).
594 594
595 595
596 596 SPARC V8 (32-bit)
597 597 For SPARC V8 (32-bit) controlling processes, the
598 598 predefined constants R_PSR, R_WIM, and R_TBR can
599 599 be used as indices to refer to the corresponding
600 600 special registers. For SPARC V9 (64-bit)
601 601 controlling processes, the predefined constants
602 602 R_CCR, R_ASI, and R_FPRS can be used as indices to
603 603 refer to the corresponding special registers.
604 604
605 605
606 606 x86 (32-bit)
607 607 For 32-bit x86 processes, the predefined constants
608 608 listed belowcan be used as indices to refer to the
609 609 corresponding registers.
610 610
611 611 SS
612 612 UESP
613 613 EFL
614 614 CS
615 615 EIP
616 616 ERR
617 617 TRAPNO
618 618 EAX
619 619 ECX
620 620 EDX
621 621 EBX
622 622 ESP
623 623 EBP
624 624 ESI
625 625 EDI
626 626 DS
627 627 ES
628 628 GS
629 629
630 630 The preceding constants are listed in
631 631 <sys/regset.h>.
632 632
633 633 Note that a 32-bit process can run on an x86
634 634 64-bit system, using the constants listed above.
635 635
636 636
637 637 x86 (64-bit)
638 638 To read the registers of a 32- or a 64-bit
639 639 process, a 64-bit x86 process should use the
640 640 predefined constants listed below.
641 641
642 642 REG_GSBASE
643 643 REG_FSBASE
644 644 REG_DS
645 645 REG_ES
646 646 REG_GS
647 647 REG_FS
648 648 REG_SS
649 649 REG_RSP
650 650 REG_RFL
651 651 REG_CS
652 652 REG_RIP
653 653 REG_ERR
654 654 REG_TRAPNO
655 655 REG_RAX
656 656 REG_RCX
657 657 REG_RDX
658 658 REG_RBX
659 659 REG_RBP
660 660 REG_RSI
661 661 REG_RDI
662 662 REG_R8
663 663 REG_R9
664 664 REG_R10
665 665 REG_R11
666 666 REG_R12
667 667 REG_R13
668 668 REG_R14
669 669 REG_R15
670 670
671 671 The preceding constants are listed in
672 672 <sys/regset.h>.
673 673
674 674
675 675
676 676 pr_fpreg is a structure holding the contents of the floating-point
677 677 registers.
678 678
679 679
680 680 SPARC registers, both general and floating-point, as seen by a 64-bit
681 681 controlling process are the V9 versions of the registers, even if the
682 682 target process is a 32-bit (V8) process. V8 registers are a subset of
683 683 the V9 registers.
684 684
685 685
686 686 If the lwp is not stopped, all register values are undefined.
687 687
688 688 psinfo
689 689 Contains miscellaneous information about the process and the
690 690 representative lwp needed by the ps(1) command. psinfo remains
691 691 accessible after a process becomes a zombie. The file contains a psinfo
692 692 structure which contains an embedded lwpsinfo structure for the
693 693 representative lwp, as follows:
694 694
695 695 typedef struct psinfo {
696 696 int pr_flag; /* process flags (DEPRECATED: see below) */
697 697 int pr_nlwp; /* number of active lwps in the process */
698 698 int pr_nzomb; /* number of zombie lwps in the process */
699 699 pid_t pr_pid; /* process id */
700 700 pid_t pr_ppid; /* process id of parent */
701 701 pid_t pr_pgid; /* process id of process group leader */
702 702 pid_t pr_sid; /* session id */
703 703 uid_t pr_uid; /* real user id */
704 704 uid_t pr_euid; /* effective user id */
705 705 gid_t pr_gid; /* real group id */
706 706 gid_t pr_egid; /* effective group id */
707 707 uintptr_t pr_addr; /* address of process */
708 708 size_t pr_size; /* size of process image in Kbytes */
709 709 size_t pr_rssize; /* resident set size in Kbytes */
710 710 dev_t pr_ttydev; /* controlling tty device (or PRNODEV) */
711 711 ushort_t pr_pctcpu; /* % of recent cpu time used by all lwps */
712 712 ushort_t pr_pctmem; /* % of system memory used by process */
713 713 timestruc_t pr_start; /* process start time, from the epoch */
714 714 timestruc_t pr_time; /* cpu time for this process */
715 715 timestruc_t pr_ctime; /* cpu time for reaped children */
716 716 char pr_fname[PRFNSZ]; /* name of exec'ed file */
717 717 char pr_psargs[PRARGSZ]; /* initial characters of arg list */
718 718 int pr_wstat; /* if zombie, the wait() status */
719 719 int pr_argc; /* initial argument count */
720 720 uintptr_t pr_argv; /* address of initial argument vector */
721 721 uintptr_t pr_envp; /* address of initial environment vector */
722 722 char pr_dmodel; /* data model of the process */
723 723 lwpsinfo_t pr_lwp; /* information for representative lwp */
724 724 taskid_t pr_taskid; /* task id */
725 725 projid_t pr_projid; /* project id */
726 726 poolid_t pr_poolid; /* pool id */
727 727 zoneid_t pr_zoneid; /* zone id */
728 728 ctid_t pr_contract; /* process contract id */
729 729 } psinfo_t;
730 730
731 731
732 732
733 733 Some of the entries in psinfo, such as pr_addr, refer to internal
734 734 kernel data structures and should not be expected to retain their
735 735 meanings across different versions of the operating system.
736 736
737 737
738 738 psinfo_t.pr_flag is a deprecated interface that should no longer be
739 739 used. Applications currently relying on the SSYS bit in pr_flag should
740 740 migrate to checking PR_ISSYS in the pstatus structure's pr_flags field.
741 741
742 742
743 743 pr_pctcpu and pr_pctmem are 16-bit binary fractions in the range 0.0 to
744 744 1.0 with the binary point to the right of the high-order bit (1.0 ==
745 745 0x8000). pr_pctcpu is the summation over all lwps in the process.
746 746
747 747
748 748 pr_lwp contains the ps(1) information for the representative lwp. If
749 749 the process is a zombie, pr_nlwp, pr_nzomb, and pr_lwp.pr_lwpid are
750 750 zero and the other fields of pr_lwp are undefined:
751 751
752 752 typedef struct lwpsinfo {
753 753 int pr_flag; /* lwp flags (DEPRECATED: see below) */
754 754 id_t pr_lwpid; /* lwp id */
755 755 uintptr_t pr_addr; /* internal address of lwp */
756 756 uintptr_t pr_wchan; /* wait addr for sleeping lwp */
757 757 char pr_stype; /* synchronization event type */
758 758 char pr_state; /* numeric lwp state */
759 759 char pr_sname; /* printable character for pr_state */
760 760 char pr_nice; /* nice for cpu usage */
761 761 short pr_syscall; /* system call number (if in syscall) */
762 762 char pr_oldpri; /* pre-SVR4, low value is high priority */
763 763 char pr_cpu; /* pre-SVR4, cpu usage for scheduling */
764 764 int pr_pri; /* priority, high value = high priority */
765 765 ushort_t pr_pctcpu; /* % of recent cpu time used by this lwp */
766 766 timestruc_t pr_start; /* lwp start time, from the epoch */
767 767 timestruc_t pr_time; /* cpu time for this lwp */
768 768 char pr_clname[PRCLSZ]; /* scheduling class name */
769 769 char pr_name[PRFNSZ]; /* name of system lwp */
770 770 processorid_t pr_onpro; /* processor which last ran this lwp */
771 771 processorid_t pr_bindpro;/* processor to which lwp is bound */
772 772 psetid_t pr_bindpset; /* processor set to which lwp is bound */
773 773 lgrp_id_t pr_lgrp /* home lgroup */
774 774 } lwpsinfo_t;
775 775
776 776
777 777
778 778 Some of the entries in lwpsinfo, such as pr_addr, pr_wchan, pr_stype,
779 779 pr_state, and pr_name, refer to internal kernel data structures and
780 780 should not be expected to retain their meanings across different
781 781 versions of the operating system.
782 782
783 783
784 784 lwpsinfo_t.pr_flag is a deprecated interface that should no longer be
785 785 used.
786 786
787 787
788 788 pr_pctcpu is a 16-bit binary fraction, as described above. It
789 789 represents the CPU time used by the specific lwp. On a multi-processor
790 790 machine, the maximum value is 1/N, where N is the number of CPUs.
791 791
792 792
793 793 pr_contract is the id of the process contract of which the process is a
794 794 member. See contract(4) and process(4).
795 795
796 796 cred
797 797 Contains a description of the credentials associated with the process:
798 798
799 799 typedef struct prcred {
800 800 uid_t pr_euid; /* effective user id */
801 801 uid_t pr_ruid; /* real user id */
802 802 uid_t pr_suid; /* saved user id (from exec) */
803 803 gid_t pr_egid; /* effective group id */
804 804 gid_t pr_rgid; /* real group id */
805 805 gid_t pr_sgid; /* saved group id (from exec) */
806 806 int pr_ngroups; /* number of supplementary groups */
807 807 gid_t pr_groups[1]; /* array of supplementary groups */
808 808 } prcred_t;
809 809
810 810
811 811
812 812
813 813 The array of associated supplementary groups in pr_groups is of
814 814 variable length; the cred file contains all of the supplementary
815 815 groups. pr_ngroups indicates the number of supplementary groups. (See
816 816 also the PCSCRED and PCSCREDX control operations.)
817 817
818 818 priv
819 819 Contains a description of the privileges associated with the process:
820 820
821 821 typedef struct prpriv {
822 822 uint32_t pr_nsets; /* number of privilege set */
823 823 uint32_t pr_setsize; /* size of privilege set */
824 824 uint32_t pr_infosize; /* size of supplementary data */
825 825 priv_chunk_t pr_sets[1]; /* array of sets */
826 826 } prpriv_t;
827 827
828 828
829 829
830 830 The actual dimension of the pr_sets[] field is
831 831
832 832 pr_sets[pr_nsets][pr_setsize]
|
↓ open down ↓ |
832 lines elided |
↑ open up ↑ |
833 833
834 834
835 835
836 836 which is followed by additional information about the process state
837 837 pr_infosize bytes in size.
838 838
839 839
840 840 The full size of the structure can be computed using
841 841 PRIV_PRPRIV_SIZE(prpriv_t *).
842 842
843 + secflags
844 + This file contains the security-flags of the process. It contains a
845 + description of the security flags associated with the process.
846 +
847 + typedef struct prsecflags {
848 + uint32_t pr_version; /* ABI Versioning of this structure */
849 + secflagset_t pr_effective; /* Effective flags */
850 + secflagset_t pr_inherit; /* Inheritable flags */
851 + secflagset_t pr_lower; /* Lower flags */
852 + secflagset_t pr_upper; /* Upper flags */
853 + } prsecflags_t;
854 +
855 +
856 +
857 + The pr_version field is a version number for the structure, currently
858 + PRSECFLAGS_VERSION_1.
859 +
843 860 sigact
844 861 Contains an array of sigaction structures describing the current
845 862 dispositions of all signals associated with the traced process (see
846 863 sigaction(2)). Signal numbers are displaced by 1 from array indices, so
847 864 that the action for signal number n appears in position n-1 of the
848 865 array.
849 866
850 867 auxv
851 868 Contains the initial values of the process's aux vector in an array of
852 869 auxv_t structures (see <sys/auxv.h>). The values are those that were
853 870 passed by the operating system as startup information to the dynamic
854 871 linker.
855 872
856 873 ldt
857 874 This file exists only on x86-based machines. It is non-empty only if
858 875 the process has established a local descriptor table (LDT). If non-
859 876 empty, the file contains the array of currently active LDT entries in
860 877 an array of elements of type struct ssd, defined in <sys/sysi86.h>, one
861 878 element for each active LDT entry.
862 879
863 880 map, xmap
864 881 Contain information about the virtual address map of the process. The
865 882 map file contains an array of prmap structures while the xmap file
866 883 contains an array of prxmap structures. Each structure describes a
867 884 contiguous virtual address region in the address space of the traced
868 885 process:
869 886
870 887 typedef struct prmap {
871 888 uintptr_tpr_vaddr; /* virtual address of mapping */
872 889 size_t pr_size; /* size of mapping in bytes */
873 890 char pr_mapname[PRMAPSZ]; /* name in /proc/pid/object */
874 891 offset_t pr_offset; /* offset into mapped object, if any */
875 892 int pr_mflags; /* protection and attribute flags */
876 893 int pr_pagesize; /* pagesize for this mapping in bytes */
877 894 int pr_shmid; /* SysV shared memory identifier */
878 895 } prmap_t;
879 896
880 897
881 898
882 899 typedef struct prxmap {
883 900 uintptr_t pr_vaddr; /* virtual address of mapping */
884 901 size_t pr_size; /* size of mapping in bytes */
885 902 char pr_mapname[PRMAPSZ]; /* name in /proc/pid/object */
886 903 offset_t pr_offset; /* offset into mapped object, if any */
887 904 int pr_mflags; /* protection and attribute flags */
888 905 int pr_pagesize; /* pagesize for this mapping in bytes */
889 906 int pr_shmid; /* SysV shared memory identifier */
890 907 dev_t pr_dev; /* device of mapped object, if any */
891 908 uint64_t pr_ino; /* inode of mapped object, if any */
892 909 size_t pr_rss; /* pages of resident memory */
893 910 size_t pr_anon; /* pages of resident anonymous memory */
894 911 size_t pr_locked; /* pages of locked memory */
895 912 uint64_t pr_hatpagesize; /* pagesize of mapping */
896 913 } prxmap_t;
897 914
898 915
899 916
900 917
901 918 pr_vaddr is the virtual address of the mapping within the traced
902 919 process and pr_size is its size in bytes. pr_mapname, if it does not
903 920 contain a null string, contains the name of a file in the object
904 921 directory (see below) that can be opened read-only to obtain a file
905 922 descriptor for the mapped file associated with the mapping. This
906 923 enables a debugger to find object file symbol tables without having to
907 924 know the real path names of the executable file and shared libraries of
908 925 the process. pr_offset is the 64-bit offset within the mapped file (if
909 926 any) to which the virtual address is mapped.
910 927
911 928
912 929 pr_mflags is a bit-mask of protection and attribute flags:
913 930
914 931 MA_READ
915 932 mapping is readable by the traced process.
916 933
917 934
918 935 MA_WRITE
919 936 mapping is writable by the traced process.
920 937
921 938
922 939 MA_EXEC
923 940 mapping is executable by the traced process.
924 941
925 942
926 943 MA_SHARED
927 944 mapping changes are shared by the mapped object.
928 945
929 946
930 947 MA_ISM
931 948 mapping is intimate shared memory (shared MMU
932 949 resources)
933 950
934 951
935 952 MAP_NORESERVE
936 953 mapping does not have swap space reserved (mapped with
937 954 MAP_NORESERVE)
938 955
939 956
940 957 MA_SHM
941 958 mapping System V shared memory
942 959
943 960
944 961
945 962 A contiguous area of the address space having the same underlying
946 963 mapped object may appear as multiple mappings due to varying read,
947 964 write, and execute attributes. The underlying mapped object does not
948 965 change over the range of a single mapping. An I/O operation to a
949 966 mapping marked MA_SHARED fails if applied at a virtual address not
950 967 corresponding to a valid page in the underlying mapped object. A write
951 968 to a MA_SHARED mapping that is not marked MA_WRITE fails. Reads and
952 969 writes to private mappings always succeed. Reads and writes to unmapped
953 970 addresses fail.
954 971
955 972
956 973 pr_pagesize is the page size for the mapping, currently always the
957 974 system pagesize.
958 975
959 976
960 977 pr_shmid is the shared memory identifier, if any, for the mapping. Its
961 978 value is -1 if the mapping is not System V shared memory. See
962 979 shmget(2).
963 980
964 981
965 982 pr_dev is the device of the mapped object, if any, for the mapping. Its
966 983 value is PRNODEV (-1) if the mapping does not have a device.
967 984
968 985
969 986 pr_ino is the inode of the mapped object, if any, for the mapping. Its
970 987 contents are only valid if pr_dev is not PRNODEV.
971 988
972 989
973 990 pr_rss is the number of resident pages of memory for the mapping. The
974 991 number of resident bytes for the mapping may be determined by
975 992 multiplying pr_rss by the page size given by pr_pagesize.
976 993
977 994
978 995 pr_anon is the number of resident anonymous memory pages (pages which
979 996 are private to this process) for the mapping.
980 997
981 998
982 999 pr_locked is the number of locked pages for the mapping. Pages which
983 1000 are locked are always resident in memory.
984 1001
985 1002
986 1003 pr_hatpagesize is the size, in bytes, of the HAT (MMU) translation for
987 1004 the mapping. pr_hatpagesize may be different than pr_pagesize. The
988 1005 possible values are hardware architecture specific, and may change over
989 1006 a mapping's lifetime.
990 1007
991 1008 rmap
992 1009 Contains information about the reserved address ranges of the process.
993 1010 The file contains an array of prmap structures, as defined above for
994 1011 the map file. Each structure describes a contiguous virtual address
995 1012 region in the address space of the traced process that is reserved by
996 1013 the system in the sense that an mmap(2) system call that does not
997 1014 specify MAP_FIXED will not use any part of it for the new mapping.
998 1015 Examples of such reservations include the address ranges reserved for
999 1016 the process stack and the individual thread stacks of a multi-threaded
1000 1017 process.
1001 1018
1002 1019 cwd
1003 1020 A symbolic link to the process's current working directory. See
1004 1021 chdir(2). A readlink(2) of /proc/pid/cwd yields a null string.
1005 1022 However, it can be opened, listed, and searched as a directory, and can
1006 1023 be the target of chdir(2).
1007 1024
1008 1025 root
1009 1026 A symbolic link to the process's root directory. /proc/pid/root can
1010 1027 differ from the system root directory if the process or one of its
1011 1028 ancestors executed chroot(2) as super user. It has the same semantics
1012 1029 as /proc/pid/cwd.
1013 1030
1014 1031 fd
1015 1032 A directory containing references to the open files of the process.
1016 1033 Each entry is a decimal number corresponding to an open file descriptor
1017 1034 in the process.
1018 1035
1019 1036
1020 1037 If an entry refers to a regular file, it can be opened with normal file
1021 1038 system semantics but, to ensure that the controlling process cannot
1022 1039 gain greater access than the controlled process, with no file access
1023 1040 modes other than its read/write open modes in the controlled process.
1024 1041 If an entry refers to a directory, it can be accessed with the same
1025 1042 semantics as /proc/pid/cwd. An attempt to open any other type of entry
1026 1043 fails with EACCES.
1027 1044
1028 1045 object
1029 1046 A directory containing read-only files with names corresponding to the
1030 1047 pr_mapname entries in the map and pagedata files. Opening such a file
1031 1048 yields a file descriptor for the underlying mapped file associated with
1032 1049 an address-space mapping in the process. The file name a.out appears in
1033 1050 the directory as an alias for the process's executable file.
1034 1051
1035 1052
1036 1053 The object directory makes it possible for a controlling process to
1037 1054 gain access to the object file and any shared libraries (and
1038 1055 consequently the symbol tables) without having to know the actual path
1039 1056 names of the executable files.
1040 1057
1041 1058 path
1042 1059 A directory containing symbolic links to files opened by the process.
1043 1060 The directory includes one entry for cwd and root. The directory also
1044 1061 contains a numerical entry for each file descriptor in the fd
1045 1062 directory, and entries matching those in the object directory. If this
1046 1063 information is not available, any attempt to read the contents of the
1047 1064 symbolic link will fail. This is most common for files that do not
1048 1065 exist in the filesystem namespace (such as FIFOs and sockets), but can
1049 1066 also happen for regular files. For the file descriptor entries, the
1050 1067 path may be different from the one used by the process to open the
1051 1068 file.
1052 1069
1053 1070 pagedata
1054 1071 Opening the page data file enables tracking of address space references
1055 1072 and modifications on a per-page basis.
1056 1073
1057 1074
1058 1075 A read(2) of the page data file descriptor returns structured page data
1059 1076 and atomically clears the page data maintained for the file by the
1060 1077 system. That is to say, each read returns data collected since the last
1061 1078 read; the first read returns data collected since the file was opened.
1062 1079 When the call completes, the read buffer contains the following
1063 1080 structure as its header and thereafter contains a number of section
1064 1081 header structures and associated byte arrays that must be accessed by
1065 1082 walking linearly through the buffer.
1066 1083
1067 1084 typedef struct prpageheader {
1068 1085 timestruc_t pr_tstamp; /* real time stamp, time of read() */
1069 1086 ulong_t pr_nmap; /* number of address space mappings */
1070 1087 ulong_t pr_npage; /* total number of pages */
1071 1088 } prpageheader_t;
1072 1089
1073 1090
1074 1091
1075 1092 The header is followed by pr_nmap prasmap structures and associated
1076 1093 data arrays. The prasmap structure contains the following elements:
1077 1094
1078 1095 typedef struct prasmap {
1079 1096 uintptr_t pr_vaddr; /* virtual address of mapping */
1080 1097 ulong_t pr_npage; /* number of pages in mapping */
1081 1098 char pr_mapname[PRMAPSZ]; /* name in /proc/pid/object */
1082 1099 offset_t pr_offset; /* offset into mapped object, if any */
1083 1100 int pr_mflags; /* protection and attribute flags */
1084 1101 int pr_pagesize; /* pagesize for this mapping in bytes */
1085 1102 int pr_shmid; /* SysV shared memory identifier */
1086 1103 } prasmap_t;
1087 1104
1088 1105
1089 1106
1090 1107 Each section header is followed by pr_npage bytes, one byte for each
1091 1108 page in the mapping, plus 0-7 null bytes at the end so that the next
1092 1109 prasmap structure begins on an eight-byte aligned boundary. Each data
1093 1110 byte may contain these flags:
1094 1111
1095 1112 PG_REFERENCED
1096 1113 page has been referenced.
1097 1114
1098 1115
1099 1116 PG_MODIFIED
1100 1117 page has been modified.
1101 1118
1102 1119
1103 1120
1104 1121 If the read buffer is not large enough to contain all of the page data,
1105 1122 the read fails with E2BIG and the page data is not cleared. The
1106 1123 required size of the read buffer can be determined through fstat(2).
1107 1124 Application of lseek(2) to the page data file descriptor is
1108 1125 ineffective; every read starts from the beginning of the file. Closing
1109 1126 the page data file descriptor terminates the system overhead associated
1110 1127 with collecting the data.
1111 1128
1112 1129
1113 1130 More than one page data file descriptor for the same process can be
1114 1131 opened, up to a system-imposed limit per traced process. A read of one
1115 1132 does not affect the data being collected by the system for the others.
1116 1133 An open of the page data file will fail with ENOMEM if the system-
1117 1134 imposed limit would be exceeded.
1118 1135
1119 1136 watch
1120 1137 Contains an array of prwatch structures, one for each watched area
1121 1138 established by the PCWATCH control operation. See PCWATCH for details.
1122 1139
1123 1140 usage
1124 1141 Contains process usage information described by a prusage structure
1125 1142 which contains at least the following fields:
1126 1143
1127 1144 typedef struct prusage {
1128 1145 id_t pr_lwpid; /* lwp id. 0: process or defunct */
1129 1146 int pr_count; /* number of contributing lwps */
1130 1147 timestruc_t pr_tstamp; /* real time stamp, time of read() */
1131 1148 timestruc_t pr_create; /* process/lwp creation time stamp */
1132 1149 timestruc_t pr_term; /* process/lwp termination time stamp */
1133 1150 timestruc_t pr_rtime; /* total lwp real (elapsed) time */
1134 1151 timestruc_t pr_utime; /* user level CPU time */
1135 1152 timestruc_t pr_stime; /* system call CPU time */
1136 1153 timestruc_t pr_ttime; /* other system trap CPU time */
1137 1154 timestruc_t pr_tftime; /* text page fault sleep time */
1138 1155 timestruc_t pr_dftime; /* data page fault sleep time */
1139 1156 timestruc_t pr_kftime; /* kernel page fault sleep time */
1140 1157 timestruc_t pr_ltime; /* user lock wait sleep time */
1141 1158 timestruc_t pr_slptime; /* all other sleep time */
1142 1159 timestruc_t pr_wtime; /* wait-cpu (latency) time */
1143 1160 timestruc_t pr_stoptime; /* stopped time */
1144 1161 ulong_t pr_minf; /* minor page faults */
1145 1162 ulong_t pr_majf; /* major page faults */
1146 1163 ulong_t pr_nswap; /* swaps */
1147 1164 ulong_t pr_inblk; /* input blocks */
1148 1165 ulong_t pr_oublk; /* output blocks */
1149 1166 ulong_t pr_msnd; /* messages sent */
1150 1167 ulong_t pr_mrcv; /* messages received */
1151 1168 ulong_t pr_sigs; /* signals received */
1152 1169 ulong_t pr_vctx; /* voluntary context switches */
1153 1170 ulong_t pr_ictx; /* involuntary context switches */
1154 1171 ulong_t pr_sysc; /* system calls */
1155 1172 ulong_t pr_ioch; /* chars read and written */
1156 1173 } prusage_t;
1157 1174
1158 1175
1159 1176
1160 1177 Microstate accounting is now continuously enabled. While this
1161 1178 information was previously an estimate, if microstate accounting were
1162 1179 not enabled, the current information is now never an estimate
1163 1180 represents time the process has spent in various states.
1164 1181
1165 1182 lstatus
1166 1183 Contains a prheader structure followed by an array of lwpstatus
1167 1184 structures, one for each active lwp in the process (see also
1168 1185 /proc/pid/lwp/lwpid/lwpstatus, below). The prheader structure describes
1169 1186 the number and size of the array entries that follow.
1170 1187
1171 1188 typedef struct prheader {
1172 1189 long pr_nent; /* number of entries */
1173 1190 size_t pr_entsize; /* size of each entry, in bytes */
1174 1191 } prheader_t;
1175 1192
1176 1193
1177 1194
1178 1195 The lwpstatus structure may grow by the addition of elements at the end
1179 1196 in future releases of the system. Programs must use pr_entsize in the
1180 1197 file header to index through the array. These comments apply to all
1181 1198 /proc files that include a prheader structure (lpsinfo and lusage,
1182 1199 below).
1183 1200
1184 1201 lpsinfo
1185 1202 Contains a prheader structure followed by an array of lwpsinfo
1186 1203 structures, one for eachactive and zombie lwp in the process. See also
1187 1204 /proc/pid/lwp/lwpid/lwpsinfo, below.
1188 1205
1189 1206 lusage
1190 1207 Contains a prheader structure followed by an array of prusage
1191 1208 structures, one for each active lwp in the process, plus an additional
1192 1209 element at the beginning that contains the summation over all defunct
1193 1210 lwps (lwps that once existed but no longer exist in the process).
1194 1211 Excluding the pr_lwpid, pr_tstamp, pr_create, and pr_term entries, the
1195 1212 entry-by-entry summation over all these structures is the definition of
1196 1213 the process usage information obtained from the usage file. (See also
1197 1214 /proc/pid/lwp/lwpid/lwpusage, below.)
1198 1215
1199 1216 lwp
1200 1217 A directory containing entries each of which names an active or zombie
1201 1218 lwp within the process. These entries are themselves directories
1202 1219 containing additional files as described below. Only the lwpsinfo file
1203 1220 exists in the directory of a zombie lwp.
1204 1221
1205 1222 STRUCTURE OF /proc/pid/lwp/lwpid
1206 1223 A given directory /proc/pid/lwp/lwpid contains the following entries:
1207 1224
1208 1225 lwpctl
1209 1226 Write-only control file. The messages written to this file affect the
1210 1227 specific lwp rather than the representative lwp, as is the case for the
1211 1228 process's ctl file.
1212 1229
1213 1230 lwpstatus
1214 1231 lwp-specific state information. This file contains the lwpstatus
1215 1232 structure for the specific lwp as described above for the
1216 1233 representative lwp in the process's status file.
1217 1234
1218 1235 lwpsinfo
1219 1236 lwp-specific ps(1) information. This file contains the lwpsinfo
1220 1237 structure for the specific lwp as described above for the
1221 1238 representative lwp in the process's psinfo file. The lwpsinfo file
1222 1239 remains accessible after an lwp becomes a zombie.
1223 1240
1224 1241 lwpusage
1225 1242 This file contains the prusage structure for the specific lwp as
1226 1243 described above for the process's usage file.
1227 1244
1228 1245 gwindows
1229 1246 This file exists only on SPARC based machines. If it is non-empty, it
1230 1247 contains a gwindows_t structure, defined in <sys/regset.h>, with the
1231 1248 values of those SPARC register windows that could not be stored on the
1232 1249 stack when the lwp stopped. Conditions under which register windows are
1233 1250 not stored on the stack are: the stack pointer refers to nonexistent
1234 1251 process memory or the stack pointer is improperly aligned. If the lwp
1235 1252 is not stopped or if there are no register windows that could not be
1236 1253 stored on the stack, the file is empty (the usual case).
1237 1254
1238 1255 xregs
1239 1256 Extra state registers. The extra state register set is architecture
1240 1257 dependent; this file is empty if the system does not support extra
1241 1258 state registers. If the file is non-empty, it contains an architecture
1242 1259 dependent structure of type prxregset_t, defined in <procfs.h>, with
1243 1260 the values of the lwp's extra state registers. If the lwp is not
1244 1261 stopped, all register values are undefined. See also the PCSXREG
1245 1262 control operation, below.
1246 1263
1247 1264 asrs
1248 1265 This file exists only for 64-bit SPARC V9 processes. It contains an
1249 1266 asrset_t structure, defined in <sys/regset.h>, containing the values of
1250 1267 the lwp's platform-dependent ancillary state registers. If the lwp is
1251 1268 not stopped, all register values are undefined. See also the PCSASRS
1252 1269 control operation, below.
1253 1270
1254 1271 spymaster
1255 1272 For an agent lwp (see PCAGENT), this file contains a psinfo_t structure
1256 1273 that corresponds to the process that created the agent lwp at the time
1257 1274 the agent was created. This structure is identical to that retrieved
1258 1275 via the psinfo file, with one modification: the pr_time field does not
1259 1276 correspond to the CPU time for the process, but rather to the creation
1260 1277 time of the agent lwp.
1261 1278
1262 1279 templates
1263 1280 A directory which contains references to the active templates for the
1264 1281 lwp, named by the contract type. Changes made to an active template
1265 1282 descriptor do not affect the original template which was activated,
1266 1283 though they do affect the active template. It is not possible to
1267 1284 activate an active template descriptor. See contract(4).
1268 1285
1269 1286 CONTROL MESSAGES
1270 1287 Process state changes are effected through messages written to a
1271 1288 process's ctl file or to an individual lwp's lwpctl file. All control
1272 1289 messages consist of a long that names the specific operation followed
1273 1290 by additional data containing the operand, if any.
1274 1291
1275 1292
1276 1293 Multiple control messages may be combined in a single write(2) (or
1277 1294 writev(2)) to a control file, but no partial writes are permitted. That
1278 1295 is, each control message, operation code plus operand, if any, must be
1279 1296 presented in its entirety to the write(2) and not in pieces over
1280 1297 several system calls. If a control operation fails, no subsequent
1281 1298 operations contained in the same write(2) are attempted.
1282 1299
1283 1300
1284 1301 Descriptions of the allowable control messages follow. In all cases,
1285 1302 writing a message to a control file for a process or lwp that has
1286 1303 terminated elicits the error ENOENT.
1287 1304
1288 1305 PCSTOP PCDSTOP PCWSTOP PCTWSTOP
1289 1306 When applied to the process control file, PCSTOP directs all lwps to
1290 1307 stop and waits for them to stop, PCDSTOP directs all lwps to stop
1291 1308 without waiting for them to stop, and PCWSTOP simply waits for all lwps
1292 1309 to stop. When applied to an lwp control file, PCSTOP directs the
1293 1310 specific lwp to stop and waits until it has stopped, PCDSTOP directs
1294 1311 the specific lwp to stop without waiting for it to stop, and PCWSTOP
1295 1312 simply waits for the specific lwp to stop. When applied to an lwp
1296 1313 control file, PCSTOP and PCWSTOP complete when the lwp stops on an
1297 1314 event of interest, immediately if already so stopped; when applied to
1298 1315 the process control file, they complete when every lwp has stopped
1299 1316 either on an event of interest or on a PR_SUSPENDED stop.
1300 1317
1301 1318
1302 1319 PCTWSTOP is identical to PCWSTOP except that it enables the operation
1303 1320 to time out, to avoid waiting forever for a process or lwp that may
1304 1321 never stop on an event of interest. PCTWSTOP takes a long operand
1305 1322 specifying a number of milliseconds; the wait will terminate
1306 1323 successfully after the specified number of milliseconds even if the
1307 1324 process or lwp has not stopped; a timeout value of zero makes the
1308 1325 operation identical to PCWSTOP.
1309 1326
1310 1327
1311 1328 An ``event of interest'' is either a PR_REQUESTED stop or a stop that
1312 1329 has been specified in the process's tracing flags (set by PCSTRACE,
1313 1330 PCSFAULT, PCSENTRY, and PCSEXIT). PR_JOBCONTROL and PR_SUSPENDED stops
1314 1331 are specifically not events of interest. (An lwp may stop twice due to
1315 1332 a stop signal, first showing PR_SIGNALLED if the signal is traced and
1316 1333 again showing PR_JOBCONTROL if the lwp is set running without clearing
1317 1334 the signal.) If PCSTOP or PCDSTOP is applied to an lwp that is stopped,
1318 1335 but not on an event of interest, the stop directive takes effect when
1319 1336 the lwp is restarted by the competing mechanism. At that time, the lwp
1320 1337 enters a PR_REQUESTED stop before executing any user-level code.
1321 1338
1322 1339
1323 1340 A write of a control message that blocks is interruptible by a signal
1324 1341 so that, for example, an alarm(2) can be set to avoid waiting forever
1325 1342 for a process or lwp that may never stop on an event of interest. If
1326 1343 PCSTOP is interrupted, the lwp stop directives remain in effect even
1327 1344 though the write(2) returns an error. (Use of PCTWSTOP with a non-zero
1328 1345 timeout is recommended over PCWSTOP with an alarm(2).)
1329 1346
1330 1347
1331 1348 A system process (indicated by the PR_ISSYS flag) never executes at
1332 1349 user level, has no user-level address space visible through /proc, and
1333 1350 cannot be stopped. Applying one of these operations to a system process
1334 1351 or any of its lwps elicits the error EBUSY.
1335 1352
1336 1353 PCRUN
1337 1354 Make an lwp runnable again after a stop. This operation takes a long
1338 1355 operand containing zero or more of the following flags:
1339 1356
1340 1357 PRCSIG
1341 1358 clears the current signal, if any (see PCCSIG).
1342 1359
1343 1360
1344 1361 PRCFAULT
1345 1362 clears the current fault, if any (see PCCFAULT).
1346 1363
1347 1364
1348 1365 PRSTEP
1349 1366 directs the lwp to execute a single machine instruction. On
1350 1367 completion of the instruction, a trace trap occurs. If
1351 1368 FLTTRACE is being traced, the lwp stops; otherwise, it is
1352 1369 sent SIGTRAP. If SIGTRAP is being traced and is not
1353 1370 blocked, the lwp stops. When the lwp stops on an event of
1354 1371 interest, the single-step directive is cancelled, even if
1355 1372 the stop occurs before the instruction is executed. This
1356 1373 operation requires hardware and operating system support
1357 1374 and may not be implemented on all processors. It is
1358 1375 implemented on SPARC and x86-based machines.
1359 1376
1360 1377
1361 1378 PRSABORT
1362 1379 is meaningful only if the lwp is in a PR_SYSENTRY stop or
1363 1380 is marked PR_ASLEEP; it instructs the lwp to abort
1364 1381 execution of the system call (see PCSENTRY and PCSEXIT).
1365 1382
1366 1383
1367 1384 PRSTOP
1368 1385 directs the lwp to stop again as soon as possible after
1369 1386 resuming execution (see PCDSTOP). In particular, if the lwp
1370 1387 is stopped on PR_SIGNALLED or PR_FAULTED, the next stop
1371 1388 will show PR_REQUESTED, no other stop will have intervened,
1372 1389 and the lwp will not have executed any user-level code.
1373 1390
1374 1391
1375 1392
1376 1393 When applied to an lwp control file, PCRUN clears any outstanding
1377 1394 directed-stop request and makes the specific lwp runnable. The
1378 1395 operation fails with EBUSY if the specific lwp is not stopped on an
1379 1396 event of interest or has not been directed to stop or if the agent lwp
1380 1397 exists and this is not the agent lwp (see PCAGENT).
1381 1398
1382 1399
1383 1400 When applied to the process control file, a representative lwp is
1384 1401 chosen for the operation as described for /proc/pid/status. The
1385 1402 operation fails with EBUSY if the representative lwp is not stopped on
1386 1403 an event of interest or has not been directed to stop or if the agent
1387 1404 lwp exists. If PRSTEP or PRSTOP was requested, the representative lwp
1388 1405 is made runnable and its outstanding directed-stop request is cleared;
1389 1406 otherwise all outstanding directed-stop requests are cleared and, if it
1390 1407 was stopped on an event of interest, the representative lwp is marked
1391 1408 PR_REQUESTED. If, as a consequence, all lwps are in the PR_REQUESTED or
1392 1409 PR_SUSPENDED stop state, all lwps showing PR_REQUESTED are made
1393 1410 runnable.
1394 1411
1395 1412 PCSTRACE
1396 1413 Define a set of signals to be traced in the process. The receipt of one
1397 1414 of these signals by an lwp causes the lwp to stop. The set of signals
1398 1415 is defined using an operand sigset_t contained in the control message.
1399 1416 Receipt of SIGKILL cannot be traced; if specified, it is silently
1400 1417 ignored.
1401 1418
1402 1419
1403 1420 If a signal that is included in an lwp's held signal set (the signal
1404 1421 mask) is sent to the lwp, the signal is not received and does not cause
1405 1422 a stop until it is removed from the held signal set, either by the lwp
1406 1423 itself or by setting the held signal set with PCSHOLD.
1407 1424
1408 1425 PCCSIG
1409 1426 The current signal, if any, is cleared from the specific or
1410 1427 representative lwp.
1411 1428
1412 1429 PCSSIG
1413 1430 The current signal and its associated signal information for the
1414 1431 specific or representative lwp are set according to the contents of the
1415 1432 operand siginfo structure (see <sys/siginfo.h>). If the specified
1416 1433 signal number is zero, the current signal is cleared. The semantics of
1417 1434 this operation are different from those of kill(2) in that the signal
1418 1435 is delivered to the lwp immediately after execution is resumed (even if
1419 1436 it is being blocked) and an additional PR_SIGNALLED stop does not
1420 1437 intervene even if the signal is traced. Setting the current signal to
1421 1438 SIGKILL terminates the process immediately.
1422 1439
1423 1440 PCKILL
1424 1441 If applied to the process control file, a signal is sent to the process
1425 1442 with semantics identical to those of kill(2). If applied to an lwp
1426 1443 control file, a directed signal is sent to the specific lwp. The signal
1427 1444 is named in a long operand contained in the message. Sending SIGKILL
1428 1445 terminates the process immediately.
1429 1446
1430 1447 PCUNKILL
1431 1448 A signal is deleted, that is, it is removed from the set of pending
1432 1449 signals. If applied to the process control file, the signal is deleted
1433 1450 from the process's pending signals. If applied to an lwp control file,
1434 1451 the signal is deleted from the lwp's pending signals. The current
1435 1452 signal (if any) is unaffected. The signal is named in a long operand in
1436 1453 the control message. It is an error (EINVAL) to attempt to delete
1437 1454 SIGKILL.
1438 1455
1439 1456 PCSHOLD
1440 1457 Set the set of held signals for the specific or representative lwp
1441 1458 (signals whose delivery will be blocked if sent to the lwp). The set of
1442 1459 signals is specified with a sigset_t operand. SIGKILL and SIGSTOP
1443 1460 cannot be held; if specified, they are silently ignored.
1444 1461
1445 1462 PCSFAULT
1446 1463 Define a set of hardware faults to be traced in the process. On
1447 1464 incurring one of these faults, an lwp stops. The set is defined via the
1448 1465 operand fltset_t structure. Fault names are defined in <sys/fault.h>
1449 1466 and include the following. Some of these may not occur on all
1450 1467 processors; there may be processor-specific faults in addition to
1451 1468 these.
1452 1469
1453 1470 FLTILL
1454 1471 illegal instruction
1455 1472
1456 1473
1457 1474 FLTPRIV
1458 1475 privileged instruction
1459 1476
1460 1477
1461 1478 FLTBPT
1462 1479 breakpoint trap
1463 1480
1464 1481
1465 1482 FLTTRACE
1466 1483 trace trap (single-step)
1467 1484
1468 1485
1469 1486 FLTWATCH
1470 1487 watchpoint trap
1471 1488
1472 1489
1473 1490 FLTACCESS
1474 1491 memory access fault (bus error)
1475 1492
1476 1493
1477 1494 FLTBOUNDS
1478 1495 memory bounds violation
1479 1496
1480 1497
1481 1498 FLTIOVF
1482 1499 integer overflow
1483 1500
1484 1501
1485 1502 FLTIZDIV
1486 1503 integer zero divide
1487 1504
1488 1505
1489 1506 FLTFPE
1490 1507 floating-point exception
1491 1508
1492 1509
1493 1510 FLTSTACK
1494 1511 unrecoverable stack fault
1495 1512
1496 1513
1497 1514 FLTPAGE
1498 1515 recoverable page fault
1499 1516
1500 1517
1501 1518
1502 1519 When not traced, a fault normally results in the posting of a signal to
1503 1520 the lwp that incurred the fault. If an lwp stops on a fault, the signal
1504 1521 is posted to the lwp when execution is resumed unless the fault is
1505 1522 cleared by PCCFAULT or by the PRCFAULT option of PCRUN. FLTPAGE is an
1506 1523 exception; no signal is posted. The pr_info field in the lwpstatus
1507 1524 structure identifies the signal to be sent and contains machine-
1508 1525 specific information about the fault.
1509 1526
1510 1527 PCCFAULT
1511 1528 The current fault, if any, is cleared; the associated signal will not
1512 1529 be sent to the specific or representative lwp.
1513 1530
1514 1531 PCSENTRY PCSEXIT
1515 1532 These control operations instruct the process's lwps to stop on entry
1516 1533 to or exit from specified system calls. The set of system calls to be
1517 1534 traced is defined via an operand sysset_t structure.
1518 1535
1519 1536
1520 1537 When entry to a system call is being traced, an lwp stops after having
1521 1538 begun the call to the system but before the system call arguments have
1522 1539 been fetched from the lwp. When exit from a system call is being
1523 1540 traced, an lwp stops on completion of the system call just prior to
1524 1541 checking for signals and returning to user level. At this point, all
1525 1542 return values have been stored into the lwp's registers.
1526 1543
1527 1544
1528 1545 If an lwp is stopped on entry to a system call (PR_SYSENTRY) or when
1529 1546 sleeping in an interruptible system call (PR_ASLEEP is set), it may be
1530 1547 instructed to go directly to system call exit by specifying the
1531 1548 PRSABORT flag in a PCRUN control message. Unless exit from the system
1532 1549 call is being traced, the lwp returns to user level showing EINTR.
1533 1550
1534 1551 PCWATCH
1535 1552 Set or clear a watched area in the controlled process from a prwatch
1536 1553 structure operand:
1537 1554
1538 1555 typedef struct prwatch {
1539 1556 uintptr_t pr_vaddr; /* virtual address of watched area */
1540 1557 size_t pr_size; /* size of watched area in bytes */
1541 1558 int pr_wflags; /* watch type flags */
1542 1559 } prwatch_t;
1543 1560
1544 1561
1545 1562
1546 1563 pr_vaddr specifies the virtual address of an area of memory to be
1547 1564 watched in the controlled process. pr_size specifies the size of the
1548 1565 area, in bytes. pr_wflags specifies the type of memory access to be
1549 1566 monitored as a bit-mask of the following flags:
1550 1567
1551 1568 WA_READ
1552 1569 read access
1553 1570
1554 1571
1555 1572 WA_WRITE
1556 1573 write access
1557 1574
1558 1575
1559 1576 WA_EXEC
1560 1577 execution access
1561 1578
1562 1579
1563 1580 WA_TRAPAFTER
1564 1581 trap after the instruction completes
1565 1582
1566 1583
1567 1584
1568 1585 If pr_wflags is non-empty, a watched area is established for the
1569 1586 virtual address range specified by pr_vaddr and pr_size. If pr_wflags
1570 1587 is empty, any previously-established watched area starting at the
1571 1588 specified virtual address is cleared; pr_size is ignored.
1572 1589
1573 1590
1574 1591 A watchpoint is triggered when an lwp in the traced process makes a
1575 1592 memory reference that covers at least one byte of a watched area and
1576 1593 the memory reference is as specified in pr_wflags. When an lwp triggers
1577 1594 a watchpoint, it incurs a watchpoint trap. If FLTWATCH is being traced,
1578 1595 the lwp stops; otherwise, it is sent a SIGTRAP signal; if SIGTRAP is
1579 1596 being traced and is not blocked, the lwp stops.
1580 1597
1581 1598
1582 1599 The watchpoint trap occurs before the instruction completes unless
1583 1600 WA_TRAPAFTER was specified, in which case it occurs after the
1584 1601 instruction completes. If it occurs before completion, the memory is
1585 1602 not modified. If it occurs after completion, the memory is modified (if
1586 1603 the access is a write access).
1587 1604
1588 1605
1589 1606 Physical i/o is an exception for watchpoint traps. In this instance,
1590 1607 there is no guarantee that memory before the watched area has already
1591 1608 been modified (or in the case of WA_TRAPAFTER, that the memory
1592 1609 following the watched area has not been modified) when the watchpoint
1593 1610 trap occurs and the lwp stops.
1594 1611
1595 1612
1596 1613 pr_info in the lwpstatus structure contains information pertinent to
1597 1614 the watchpoint trap. In particular, the si_addr field contains the
1598 1615 virtual address of the memory reference that triggered the watchpoint,
1599 1616 and the si_code field contains one of TRAP_RWATCH, TRAP_WWATCH, or
1600 1617 TRAP_XWATCH, indicating read, write, or execute access, respectively.
1601 1618 The si_trapafter field is zero unless WA_TRAPAFTER is in effect for
1602 1619 this watched area; non-zero indicates that the current instruction is
1603 1620 not the instruction that incurred the watchpoint trap. The si_pc field
1604 1621 contains the virtual address of the instruction that incurred the trap.
1605 1622
1606 1623
1607 1624 A watchpoint trap may be triggered while executing a system call that
1608 1625 makes reference to the traced process's memory. The lwp that is
1609 1626 executing the system call incurs the watchpoint trap while still in the
1610 1627 system call. If it stops as a result, the lwpstatus structure contains
1611 1628 the system call number and its arguments. If the lwp does not stop, or
1612 1629 if it is set running again without clearing the signal or fault, the
1613 1630 system call fails with EFAULT. If WA_TRAPAFTER was specified, the
1614 1631 memory reference will have completed and the memory will have been
1615 1632 modified (if the access was a write access) when the watchpoint trap
1616 1633 occurs.
1617 1634
1618 1635
1619 1636 If more than one of WA_READ, WA_WRITE, and WA_EXEC is specified for a
1620 1637 watched area, and a single instruction incurs more than one of the
1621 1638 specified types, only one is reported when the watchpoint trap occurs.
1622 1639 The precedence is WA_EXEC, WA_READ, WA_WRITE (WA_EXEC and WA_READ take
1623 1640 precedence over WA_WRITE), unless WA_TRAPAFTER was specified, in which
1624 1641 case it is WA_WRITE, WA_READ, WA_EXEC (WA_WRITE takes precedence).
1625 1642
1626 1643
1627 1644 PCWATCH fails with EINVAL if an attempt is made to specify overlapping
1628 1645 watched areas or if pr_wflags contains flags other than those specified
1629 1646 above. It fails with ENOMEM if an attempt is made to establish more
1630 1647 watched areas than the system can support (the system can support
1631 1648 thousands).
1632 1649
1633 1650
1634 1651 The child of a vfork(2) borrows the parent's address space. When a
1635 1652 vfork(2) is executed by a traced process, all watched areas established
1636 1653 for the parent are suspended until the child terminates or performs an
1637 1654 exec(2). Any watched areas established independently in the child are
1638 1655 cancelled when the parent resumes after the child's termination or
1639 1656 exec(2). PCWATCH fails with EBUSY if applied to the parent of a
1640 1657 vfork(2) before the child has terminated or performed an exec(2). The
1641 1658 PR_VFORKP flag is set in the pstatus structure for such a parent
1642 1659 process.
1643 1660
1644 1661
1645 1662 Certain accesses of the traced process's address space by the operating
1646 1663 system are immune to watchpoints. The initial construction of a signal
1647 1664 stack frame when a signal is delivered to an lwp will not trigger a
1648 1665 watchpoint trap even if the new frame covers watched areas of the
1649 1666 stack. Once the signal handler is entered, watchpoint traps occur
1650 1667 normally. On SPARC based machines, register window overflow and
1651 1668 underflow will not trigger watchpoint traps, even if the register
1652 1669 window save areas cover watched areas of the stack.
1653 1670
1654 1671
1655 1672 Watched areas are not inherited by child processes, even if the traced
1656 1673 process's inherit-on-fork mode, PR_FORK, is set (see PCSET, below).
1657 1674 All watched areas are cancelled when the traced process performs a
1658 1675 successful exec(2).
1659 1676
1660 1677 PCSET PCUNSET
1661 1678 PCSET sets one or more modes of operation for the traced process.
1662 1679 PCUNSET unsets these modes. The modes to be set or unset are specified
1663 1680 by flags in an operand long in the control message:
1664 1681
1665 1682 PR_FORK
1666 1683 (inherit-on-fork): When set, the process's tracing flags
1667 1684 and its inherit-on-fork mode are inherited by the child of
1668 1685 a fork(2), fork1(2), or vfork(2). When unset, child
1669 1686 processes start with all tracing flags cleared.
1670 1687
1671 1688
1672 1689 PR_RLC
1673 1690 (run-on-last-close): When set and the last writable /proc
1674 1691 file descriptor referring to the traced process or any of
1675 1692 its lwps is closed, all of the process's tracing flags and
1676 1693 watched areas are cleared, any outstanding stop directives
1677 1694 are canceled, and if any lwps are stopped on events of
1678 1695 interest, they are set running as though PCRUN had been
1679 1696 applied to them. When unset, the process's tracing flags
1680 1697 and watched areas are retained and lwps are not set
1681 1698 running on last close.
1682 1699
1683 1700
1684 1701 PR_KLC
1685 1702 (kill-on-last-close): When set and the last writable /proc
1686 1703 file descriptor referring to the traced process or any of
1687 1704 its lwps is closed, the process is terminated with
1688 1705 SIGKILL.
1689 1706
1690 1707
1691 1708 PR_ASYNC
1692 1709 (asynchronous-stop): When set, a stop on an event of
1693 1710 interest by one lwp does not directly affect any other lwp
1694 1711 in the process. When unset and an lwp stops on an event of
1695 1712 interest other than PR_REQUESTED, all other lwps in the
1696 1713 process are directed to stop.
1697 1714
1698 1715
1699 1716 PR_MSACCT
1700 1717 (microstate accounting): Microstate accounting is now
1701 1718 continuously enabled. This flag is deprecated and no
1702 1719 longer has any effect upon microstate accounting.
1703 1720 Applications may toggle this flag; however, microstate
1704 1721 accounting will remain enabled regardless.
1705 1722
1706 1723
1707 1724 PR_MSFORK
1708 1725 (inherit microstate accounting): All processes now inherit
1709 1726 microstate accounting, as it is continuously enabled. This
1710 1727 flag has been deprecated and its use no longer has any
1711 1728 effect upon the behavior of microstate accounting.
1712 1729
1713 1730
1714 1731 PR_BPTADJ
1715 1732 (breakpoint trap pc adjustment): On x86-based machines, a
1716 1733 breakpoint trap leaves the program counter (the EIP)
1717 1734 referring to the breakpointed instruction plus one byte.
1718 1735 When PR_BPTADJ is set, the system will adjust the program
1719 1736 counter back to the location of the breakpointed
1720 1737 instruction when the lwp stops on a breakpoint. This flag
1721 1738 has no effect on SPARC based machines, where breakpoint
1722 1739 traps leave the program counter referring to the
1723 1740 breakpointed instruction.
1724 1741
1725 1742
1726 1743 PR_PTRACE
1727 1744 (ptrace-compatibility): When set, a stop on an event of
1728 1745 interest by the traced process is reported to the parent
1729 1746 of the traced process by wait(3C), SIGTRAP is sent to the
1730 1747 traced process when it executes a successful exec(2),
1731 1748 setuid/setgid flags are not honored for execs performed by
1732 1749 the traced process, any exec of an object file that the
1733 1750 traced process cannot read fails, and the process dies
1734 1751 when its parent dies. This mode is deprecated; it is
1735 1752 provided only to allow ptrace(3C) to be implemented as a
1736 1753 library function using /proc.
1737 1754
1738 1755
1739 1756
1740 1757 It is an error (EINVAL) to specify flags other than those described
1741 1758 above or to apply these operations to a system process. The current
1742 1759 modes are reported in the pr_flags field of /proc/pid/status and
1743 1760 /proc/pid/lwp/lwp/lwpstatus.
1744 1761
1745 1762 PCSREG
1746 1763 Set the general registers for the specific or representative lwp
1747 1764 according to the operand prgregset_t structure.
1748 1765
1749 1766
1750 1767 On SPARC based systems, only the condition-code bits of the processor-
1751 1768 status register (R_PSR) of SPARC V8 (32-bit) processes can be modified
1752 1769 by PCSREG. Other privileged registers cannot be modified at all.
1753 1770
1754 1771
1755 1772 On x86-based systems, only certain bits of the flags register (EFL) can
1756 1773 be modified by PCSREG: these include the condition codes, direction-
1757 1774 bit, and overflow-bit.
1758 1775
1759 1776
1760 1777 PCSREG fails with EBUSY if the lwp is not stopped on an event of
1761 1778 interest.
1762 1779
1763 1780 PCSVADDR
1764 1781 Set the address at which execution will resume for the specific or
1765 1782 representative lwp from the operand long. On SPARC based systems, both
1766 1783 %pc and %npc are set, with %npc set to the instruction following the
1767 1784 virtual address. On x86-based systems, only %eip is set. PCSVADDR fails
1768 1785 with EBUSY if the lwp is not stopped on an event of interest.
1769 1786
1770 1787 PCSFPREG
1771 1788 Set the floating-point registers for the specific or representative lwp
1772 1789 according to the operand prfpregset_t structure. An error (EINVAL) is
1773 1790 returned if the system does not support floating-point operations (no
1774 1791 floating-point hardware and the system does not emulate floating-point
1775 1792 machine instructions). PCSFPREG fails with EBUSY if the lwp is not
1776 1793 stopped on an event of interest.
1777 1794
1778 1795 PCSXREG
1779 1796 Set the extra state registers for the specific or representative lwp
1780 1797 according to the architecture-dependent operand prxregset_t structure.
1781 1798 An error (EINVAL) is returned if the system does not support extra
1782 1799 state registers. PCSXREG fails with EBUSY if the lwp is not stopped on
1783 1800 an event of interest.
1784 1801
1785 1802 PCSASRS
1786 1803 Set the ancillary state registers for the specific or representative
1787 1804 lwp according to the SPARC V9 platform-dependent operand asrset_t
1788 1805 structure. An error (EINVAL) is returned if either the target process
1789 1806 or the controlling process is not a 64-bit SPARC V9 process. Most of
1790 1807 the ancillary state registers are privileged registers that cannot be
1791 1808 modified. Only those that can be modified are set; all others are
1792 1809 silently ignored. PCSASRS fails with EBUSY if the lwp is not stopped on
1793 1810 an event of interest.
1794 1811
1795 1812 PCAGENT
1796 1813 Create an agent lwp in the controlled process with register values from
1797 1814 the operand prgregset_t structure (see PCSREG, above). The agent lwp is
1798 1815 created in the stopped state showing PR_REQUESTED and with its held
1799 1816 signal set (the signal mask) having all signals except SIGKILL and
1800 1817 SIGSTOP blocked.
1801 1818
1802 1819
1803 1820 The PCAGENT operation fails with EBUSY unless the process is fully
1804 1821 stopped via /proc, that is, unless all of the lwps in the process are
1805 1822 stopped either on events of interest or on PR_SUSPENDED, or are stopped
1806 1823 on PR_JOBCONTROL and have been directed to stop via PCDSTOP. It fails
1807 1824 with EBUSY if an agent lwp already exists. It fails with ENOMEM if
1808 1825 system resources for creating new lwps have been exhausted.
1809 1826
1810 1827
1811 1828 Any PCRUN operation applied to the process control file or to the
1812 1829 control file of an lwp other than the agent lwp fails with EBUSY as
1813 1830 long as the agent lwp exists. The agent lwp must be caused to terminate
1814 1831 by executing the SYS_lwp_exit system call trap before the process can
1815 1832 be restarted.
1816 1833
1817 1834
1818 1835 Once the agent lwp is created, its lwp-ID can be found by reading the
1819 1836 process status file. To facilitate opening the agent lwp's control and
1820 1837 status files, the directory name /propc/pid/lwp/agent is accepted for
1821 1838 lookup operations as an invisible alias for /proc/pid/lwp/lwpid, lwpid
1822 1839 being the lwp-ID of the agent lwp (invisible in the sense that the name
1823 1840 ``agent'' does not appear in a directory listing of /proc/pid/lwp
1824 1841 obtained from ls(1), getdents(2), or readdir(3C)).
1825 1842
1826 1843
1827 1844 The purpose of the agent lwp is to perform operations in the controlled
1828 1845 process on behalf of the controlling process: to gather information not
1829 1846 directly available via /proc files, or in general to make the process
1830 1847 change state in ways not directly available via /proc control
1831 1848 operations. To make use of an agent lwp, the controlling process must
1832 1849 be capable of making it execute system calls (specifically, the
1833 1850 SYS_lwp_exit system call trap). The register values given to the agent
1834 1851 lwp on creation are typically the registers of the representative lwp,
1835 1852 so that the agent lwp can use its stack.
1836 1853
1837 1854
1838 1855 If the controlling process neglects to force the agent lwp to execute
1839 1856 the SYS_lwp_exit system call (due to either logic error or fatal
1840 1857 failure on the part of the controlling process), the agent lwp will
1841 1858 remain in the target process. For purposes of being able to debug
1842 1859 these otherwise rogue agents, information as to the creator of the
1843 1860 agent lwp is reflected in that lwp's spymaster file in /proc. Should
1844 1861 the target process generate a core dump with the agent lwp in place,
1845 1862 this information will be available via the NT_SPYMASTER note in the
1846 1863 core file (see core(4)).
1847 1864
1848 1865
1849 1866 The agent lwp is not allowed to execute any variation of the SYS_fork
1850 1867 or SYS_exec system call traps. Attempts to do so yield ENOTSUP to the
1851 1868 agent lwp.
1852 1869
1853 1870
1854 1871 Symbolic constants for system call trap numbers like SYS_lwp_exit and
1855 1872 SYS_lwp_create can be found in the header file <sys/syscall.h>.
1856 1873
1857 1874 PCREAD PCWRITE
1858 1875 Read or write the target process's address space via a priovec
1859 1876 structure operand:
1860 1877
1861 1878 typedef struct priovec {
1862 1879 void *pio_base; /* buffer in controlling process */
1863 1880 size_t pio_len; /* size of read/write request in bytes */
1864 1881 off_t pio_offset; /* virtual address in target process */
1865 1882 } priovec_t;
1866 1883
1867 1884
1868 1885
1869 1886 These operations have the same effect as pread(2) and pwrite(2),
1870 1887 respectively, of the target process's address space file. The
1871 1888 difference is that more than one PCREAD or PCWRITE control operation
1872 1889 can be written to the control file at once, and they can be
1873 1890 interspersed with other control operations in a single write to the
1874 1891 control file. This is useful, for example, when planting many
1875 1892 breakpoint instructions in the process's address space, or when
1876 1893 stepping over a breakpointed instruction. Unlike pread(2) and
1877 1894 pwrite(2), no provision is made for partial reads or writes; if the
1878 1895 operation cannot be performed completely, it fails with EIO.
1879 1896
1880 1897 PCNICE
1881 1898 The traced process's nice(2) value is incremented by the amount in the
1882 1899 operand long. Only a process with the {PRIV_PROC_PRIOCNTL} privilege
1883 1900 asserted in its effective set can better a process's priority in this
1884 1901 way, but any user may lower the priority. This operation is not
1885 1902 meaningful for all scheduling classes.
1886 1903
1887 1904 PCSCRED
1888 1905 Set the target process credentials to the values contained in the
1889 1906 prcred_t structure operand (see /proc/pid/cred). The effective, real,
1890 1907 and saved user-IDs and group-IDs of the target process are set. The
1891 1908 target process's supplementary groups are not changed; the pr_ngroups
1892 1909 and pr_groups members of the structure operand are ignored. Only the
1893 1910 privileged processes can perform this operation; for all others it
1894 1911 fails with EPERM.
1895 1912
1896 1913 PCSCREDX
1897 1914 Operates like PCSCRED but also sets the supplementary groups; the
1898 1915 length of the data written with this control operation should be
1899 1916 "sizeof (prcred_t) + sizeof (gid_t) * (#groups - 1)".
1900 1917
1901 1918 PCSPRIV
1902 1919 Set the target process privilege to the values contained in the
1903 1920 prpriv_t operand (see /proc/pid/priv). The effective, permitted,
1904 1921 inheritable, and limit sets are all changed. Privilege flags can also
1905 1922 be set. The process is made privilege aware unless it can relinquish
1906 1923 privilege awareness. See privileges(5).
1907 1924
1908 1925
1909 1926 The limit set of the target process cannot be grown. The other
1910 1927 privilege sets must be subsets of the intersection of the effective set
1911 1928 of the calling process with the new limit set of the target process or
1912 1929 subsets of the original values of the sets in the target process.
1913 1930
1914 1931
1915 1932 If any of the above restrictions are not met, EPERM is returned. If the
1916 1933 structure written is improperly formatted, EINVAL is returned.
1917 1934
1918 1935 PROGRAMMING NOTES
1919 1936 For security reasons, except for the psinfo, usage, lpsinfo, lusage,
1920 1937 lwpsinfo, and lwpusage files, which are world-readable, and except for
1921 1938 privileged processes, an open of a /proc file fails unless both the
1922 1939 user-ID and group-ID of the caller match those of the traced process
1923 1940 and the process's object file is readable by the caller. The effective
1924 1941 set of the caller is a superset of both the inheritable and the
1925 1942 permitted set of the target process. The limit set of the caller is a
1926 1943 superset of the limit set of the target process. Except for the world-
1927 1944 readable files just mentioned, files corresponding to setuid and setgid
1928 1945 processes can be opened only by the appropriately privileged process.
1929 1946
1930 1947
1931 1948 A process that is missing the basic privilege {PRIV_PROC_INFO} cannot
1932 1949 see any processes under /proc that it cannot send a signal to.
1933 1950
1934 1951
1935 1952 A process that has {PRIV_PROC_OWNER} asserted in its effective set can
1936 1953 open any file for reading. To manipulate or control a process, the
1937 1954 controlling process must have at least as many privileges in its
1938 1955 effective set as the target process has in its effective, inheritable,
1939 1956 and permitted sets. The limit set of the controlling process must be a
1940 1957 superset of the limit set of the target process. Additional
1941 1958 restrictions apply if any of the uids of the target process are 0. See
1942 1959 privileges(5).
1943 1960
1944 1961
1945 1962 Even if held by a privileged process, an open process or lwp file
1946 1963 descriptor (other than file descriptors for the world-readable files)
1947 1964 becomes invalid if the traced process performs an exec(2) of a
1948 1965 setuid/setgid object file or an object file that the traced process
1949 1966 cannot read. Any operation performed on an invalid file descriptor,
1950 1967 except close(2), fails with EAGAIN. In this situation, if any tracing
1951 1968 flags are set and the process or any lwp file descriptor is open for
1952 1969 writing, the process will have been directed to stop and its run-on-
1953 1970 last-close flag will have been set (see PCSET). This enables a
1954 1971 controlling process (if it has permission) to reopen the /proc files to
1955 1972 get new valid file descriptors, close the invalid file descriptors,
1956 1973 unset the run-on-last-close flag (if desired), and proceed. Just
1957 1974 closing the invalid file descriptors causes the traced process to
1958 1975 resume execution with all tracing flags cleared. Any process not
1959 1976 currently open for writing via /proc, but that has left-over tracing
1960 1977 flags from a previous open, and that executes a setuid/setgid or
1961 1978 unreadable object file, will not be stopped but will have all its
1962 1979 tracing flags cleared.
1963 1980
1964 1981
1965 1982 To wait for one or more of a set of processes or lwps to stop or
1966 1983 terminate, /proc file descriptors (other than those obtained by opening
1967 1984 the cwd or root directories or by opening files in the fd or object
1968 1985 directories) can be used in a poll(2) system call. When requested and
1969 1986 returned, either of the polling events POLLPRI or POLLWRNORM indicates
1970 1987 that the process or lwp stopped on an event of interest. Although they
1971 1988 cannot be requested, the polling events POLLHUP, POLLERR, and POLLNVAL
1972 1989 may be returned. POLLHUP indicates that the process or lwp has
1973 1990 terminated. POLLERR indicates that the file descriptor has become
1974 1991 invalid. POLLNVAL is returned immediately if POLLPRI or POLLWRNORM is
1975 1992 requested on a file descriptor referring to a system process (see
1976 1993 PCSTOP). The requested events may be empty to wait simply for
1977 1994 termination.
1978 1995
1979 1996 FILES
1980 1997 /proc
1981 1998
1982 1999 directory (list of processes)
1983 2000
1984 2001
1985 2002 /proc/pid
1986 2003
1987 2004 specific process directory
1988 2005
1989 2006
1990 2007 /proc/self
1991 2008
1992 2009 alias for a process's own directory
1993 2010
1994 2011
1995 2012 /proc/pid/as
1996 2013
1997 2014 address space file
1998 2015
1999 2016
2000 2017 /proc/pid/ctl
2001 2018
2002 2019 process control file
2003 2020
2004 2021
2005 2022 /proc/pid/status
2006 2023
2007 2024 process status
2008 2025
2009 2026
2010 2027 /proc/pid/lstatus
2011 2028
2012 2029 array of lwp status structs
2013 2030
2014 2031
2015 2032 /proc/pid/psinfo
2016 2033
2017 2034 process ps(1) info
2018 2035
2019 2036
2020 2037 /proc/pid/lpsinfo
2021 2038
2022 2039 array of lwp ps(1) info structs
2023 2040
2024 2041
2025 2042 /proc/pid/map
2026 2043
2027 2044 address space map
2028 2045
2029 2046
2030 2047 /proc/pid/xmap
2031 2048
2032 2049 extended address space map
2033 2050
2034 2051
2035 2052 /proc/pid/rmap
2036 2053
2037 2054 reserved address map
2038 2055
2039 2056
2040 2057 /proc/pid/cred
2041 2058
2042 2059 process credentials
2043 2060
2044 2061
2045 2062 /proc/pid/priv
2046 2063
2047 2064 process privileges
2048 2065
2049 2066
2050 2067 /proc/pid/sigact
2051 2068
2052 2069 process signal actions
2053 2070
2054 2071
2055 2072 /proc/pid/auxv
2056 2073
2057 2074 process aux vector
2058 2075
2059 2076
2060 2077 /proc/pid/ldt
2061 2078
2062 2079 process LDT (x86 only)
2063 2080
2064 2081
2065 2082 /proc/pid/usage
2066 2083
2067 2084 process usage
2068 2085
2069 2086
2070 2087 /proc/pid/lusage
2071 2088
2072 2089 array of lwp usage structs
2073 2090
2074 2091
2075 2092 /proc/pid/path
2076 2093
2077 2094 symbolic links to process open files
2078 2095
2079 2096
2080 2097 /proc/pid/pagedata
2081 2098
2082 2099 process page data
2083 2100
2084 2101
2085 2102 /proc/pid/watch
2086 2103
2087 2104 active watchpoints
2088 2105
2089 2106
2090 2107 /proc/pid/cwd
2091 2108
2092 2109 alias for the current working directory
2093 2110
2094 2111
2095 2112 /proc/pid/root
2096 2113
2097 2114 alias for the root directory
2098 2115
2099 2116
2100 2117 /proc/pid/fd
2101 2118
2102 2119 directory (list of open files)
2103 2120
2104 2121
2105 2122 /proc/pid/fd/*
2106 2123
2107 2124 aliases for process's open files
2108 2125
2109 2126
2110 2127 /proc/pid/object
2111 2128
2112 2129 directory (list of mapped files)
2113 2130
2114 2131
2115 2132 /proc/pid/object/a.out
2116 2133
2117 2134 alias for process's executable file
2118 2135
2119 2136
2120 2137 /proc/pid/object/*
2121 2138
2122 2139 aliases for other mapped files
2123 2140
2124 2141
2125 2142 /proc/pid/lwp
2126 2143
2127 2144 directory (list of lwps)
2128 2145
2129 2146
2130 2147 /proc/pid/lwp/lwpid
2131 2148
2132 2149 specific lwp directory
2133 2150
2134 2151
2135 2152 /proc/pid/lwp/agent
2136 2153
2137 2154 alias for the agent lwp directory
2138 2155
2139 2156
2140 2157 /proc/pid/lwp/lwpid/lwpctl
2141 2158
2142 2159 lwp control file
2143 2160
2144 2161
2145 2162 /proc/pid/lwp/lwpid/lwpstatus
2146 2163
2147 2164 lwp status
2148 2165
2149 2166
2150 2167 /proc/pid/lwp/lwpid/lwpsinfo
2151 2168
2152 2169 lwp ps(1) info
2153 2170
2154 2171
2155 2172 /proc/pid/lwp/lwpid/lwpusage
2156 2173
2157 2174 lwp usage
2158 2175
2159 2176
2160 2177 /proc/pid/lwp/lwpid/gwindows
2161 2178
2162 2179 register windows (SPARC only)
2163 2180
2164 2181
2165 2182 /proc/pid/lwp/lwpid/xregs
2166 2183
2167 2184 extra state registers
2168 2185
2169 2186
2170 2187 /proc/pid/lwp/lwpid/asrs
2171 2188
2172 2189 ancillary state registers (SPARC V9 only)
2173 2190
2174 2191
2175 2192 /proc/pid/lwp/lwpid/spymaster
2176 2193
2177 2194 For an agent LWP, the controlling process
2178 2195
2179 2196
|
↓ open down ↓ |
1327 lines elided |
↑ open up ↑ |
2180 2197 SEE ALSO
2181 2198 ls(1), ps(1), chroot(1M), alarm(2), brk(2), chdir(2), chroot(2),
2182 2199 close(2), creat(2), dup(2), exec(2), fcntl(2), fork(2), fork1(2),
2183 2200 fstat(2), getdents(2), getustack(2), kill(2), lseek(2), mmap(2),
2184 2201 nice(2), open(2), poll(2), pread(2), ptrace(3C), pwrite(2), read(2),
2185 2202 readlink(2), readv(2), shmget(2), sigaction(2), sigaltstack(2),
2186 2203 vfork(2), write(2), writev(2), _stack_grow(3C), readdir(3C),
2187 2204 pthread_create(3C), pthread_join(3C), siginfo.h(3HEAD),
2188 2205 signal.h(3HEAD), thr_create(3C), thr_join(3C), types32.h(3HEAD),
2189 2206 ucontext.h(3HEAD), wait(3C), contract(4), core(4), process(4),
2190 - lfcompile(5), privileges(5)
2207 + lfcompile(5), privileges(5), security-flags(5)
2191 2208
2192 2209 DIAGNOSTICS
2193 2210 Errors that can occur in addition to the errors normally associated
2194 2211 with file system access:
2195 2212
2196 2213 E2BIG
2197 2214 Data to be returned in a read(2) of the page data file
2198 2215 exceeds the size of the read buffer provided by the
2199 2216 caller.
2200 2217
2201 2218
2202 2219 EACCES
2203 2220 An attempt was made to examine a process that ran under a
2204 2221 different uid than the controlling process and
2205 2222 {PRIV_PROC_OWNER} was not asserted in the effective set.
2206 2223
2207 2224
2208 2225 EAGAIN
2209 2226 The traced process has performed an exec(2) of a
2210 2227 setuid/setgid object file or of an object file that it
2211 2228 cannot read; all further operations on the process or lwp
2212 2229 file descriptor (except close(2)) elicit this error.
2213 2230
2214 2231
2215 2232 EBUSY
2216 2233 PCSTOP, PCDSTOP, PCWSTOP, or PCTWSTOP was applied to a
2217 2234 system process; an exclusive open(2) was attempted on a
2218 2235 /proc file for a process already open for writing; PCRUN,
2219 2236 PCSREG, PCSVADDR, PCSFPREG, or PCSXREG was applied to a
2220 2237 process or lwp not stopped on an event of interest; an
2221 2238 attempt was made to mount /proc when it was already
2222 2239 mounted; PCAGENT was applied to a process that was not
2223 2240 fully stopped or that already had an agent lwp.
2224 2241
2225 2242
2226 2243 EINVAL
2227 2244 In general, this means that some invalid argument was
2228 2245 supplied to a system call. A non-exhaustive list of
2229 2246 conditions eliciting this error includes: a control
2230 2247 message operation code is undefined; an out-of-range
2231 2248 signal number was specified with PCSSIG, PCKILL, or
2232 2249 PCUNKILL; SIGKILL was specified with PCUNKILL; PCSFPREG
2233 2250 was applied on a system that does not support floating-
2234 2251 point operations; PCSXREG was applied on a system that
2235 2252 does not support extra state registers.
2236 2253
2237 2254
2238 2255 EINTR
2239 2256 A signal was received by the controlling process while
2240 2257 waiting for the traced process or lwp to stop via PCSTOP,
2241 2258 PCWSTOP, or PCTWSTOP.
2242 2259
2243 2260
2244 2261 EIO
2245 2262 A write(2) was attempted at an illegal address in the
2246 2263 traced process.
2247 2264
2248 2265
2249 2266 ENOENT
2250 2267 The traced process or lwp has terminated after being
2251 2268 opened. The basic privilege {PRIV_PROC_INFO} is not
2252 2269 asserted in the effective set of the calling process and
2253 2270 the calling process cannot send a signal to the target
2254 2271 process.
2255 2272
2256 2273
2257 2274 ENOMEM
2258 2275 The system-imposed limit on the number of page data file
2259 2276 descriptors was reached on an open of /proc/pid/pagedata;
2260 2277 an attempt was made with PCWATCH to establish more watched
2261 2278 areas than the system can support; the PCAGENT operation
2262 2279 was issued when the system was out of resources for
2263 2280 creating lwps.
2264 2281
2265 2282
2266 2283 ENOSYS
2267 2284 An attempt was made to perform an unsupported operation
2268 2285 (such as creat(2), link(2), or unlink(2)) on an entry in
2269 2286 /proc.
2270 2287
2271 2288
2272 2289 EOVERFLOW
2273 2290 A 32-bit controlling process attempted to read or write
2274 2291 the as file or attempted to read the map, rmap, or
2275 2292 pagedata file of a 64-bit target process. A 32-bit
2276 2293 controlling process attempted to apply one of the control
2277 2294 operations PCSREG, PCSXREG, PCSVADDR, PCWATCH, PCAGENT,
2278 2295 PCREAD, PCWRITE to a 64-bit target process.
2279 2296
2280 2297
2281 2298 EPERM
2282 2299 The process that issued the PCSCRED or PCSCREDX operation
2283 2300 did not have the {PRIV_PROC_SETID} privilege asserted in
2284 2301 its effective set, or the process that issued the PCNICE
2285 2302 operation did not have the {PRIV_PROC_PRIOCNTL} in its
2286 2303 effective set.
2287 2304
2288 2305 An attempt was made to control a process of which the E,
2289 2306 P, and I privilege sets were not a subset of the effective
2290 2307 set of the controlling process or the limit set of the
2291 2308 controlling process is not a superset of limit set of the
2292 2309 controlled process.
2293 2310
2294 2311 Any of the uids of the target process are 0 or an attempt
2295 2312 was made to change any of the uids to 0 using PCSCRED and
2296 2313 the security policy imposed additional restrictions. See
2297 2314 privileges(5).
2298 2315
2299 2316
2300 2317 NOTES
2301 2318 Descriptions of structures in this document include only interesting
2302 2319 structure elements, not filler and padding fields, and may show
2303 2320 elements out of order for descriptive clarity. The actual structure
2304 2321 definitions are contained in <procfs.h>.
2305 2322
2306 2323 BUGS
2307 2324 Because the old ioctl(2)-based version of /proc is currently supported
2308 2325 for binary compatibility with old applications, the top-level directory
2309 2326 for a process, /proc/pid, is not world-readable, but it is world-
2310 2327 searchable. Thus, anyone can open /proc/pid/psinfo even though ls(1)
2311 2328 applied to /proc/pid will fail for anyone but the owner or an
2312 2329 appropriately privileged process. Support for the old ioctl(2)-based
|
↓ open down ↓ |
112 lines elided |
↑ open up ↑ |
2313 2330 version of /proc will be dropped in a future release, at which time the
2314 2331 top-level directory for a process will be made world-readable.
2315 2332
2316 2333
2317 2334 On SPARC based machines, the types gregset_t and fpregset_t defined in
2318 2335 <sys/regset.h> are similar to but not the same as the types prgregset_t
2319 2336 and prfpregset_t defined in <procfs.h>.
2320 2337
2321 2338
2322 2339
2323 - March 31, 2013 PROC(4)
2340 + July 23, 2015 PROC(4)
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX