1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _KERNEL 45 extern int errno; 46 #include <sys/errno.h> 47 #undef _KERNEL 48 #include <sys/param.h> 49 #include <sys/errno.h> 50 #define _KERNEL 51 #include <sys/time.h> 52 #undef _KERNEL 53 #include <sys/uio.h> 54 #include <sys/ktrace.h> 55 #include <sys/ioctl.h> 56 #include <sys/socket.h> 57 #include <sys/stat.h> 58 #include <sys/sysent.h> 59 #include <sys/un.h> 60 #include <sys/queue.h> 61 #ifdef IPX 62 #include <sys/types.h> 63 #include <netipx/ipx.h> 64 #endif 65 #ifdef NETATALK 66 #include <netatalk/at.h> 67 #endif 68 #include <arpa/inet.h> 69 #include <netinet/in.h> 70 #include <ctype.h> 71 #include <dlfcn.h> 72 #include <err.h> 73 #include <grp.h> 74 #include <inttypes.h> 75 #include <locale.h> 76 #include <pwd.h> 77 #include <stdio.h> 78 #include <stdlib.h> 79 #include <string.h> 80 #include <time.h> 81 #include <unistd.h> 82 #include <vis.h> 83 #include "ktrace.h" 84 #include "kdump_subr.h" 85 86 u_int abidump(struct ktr_header *); 87 int fetchprocinfo(struct ktr_header *, u_int *); 88 int fread_tail(void *, int, int); 89 void dumpheader(struct ktr_header *); 90 void ktrsyscall(struct ktr_syscall *, u_int); 91 void ktrsysret(struct ktr_sysret *, u_int); 92 void ktrnamei(char *, int); 93 void hexdump(char *, int, int); 94 void visdump(char *, int, int); 95 void ktrgenio(struct ktr_genio *, int); 96 void ktrpsig(struct ktr_psig *); 97 void ktrcsw(struct ktr_csw *); 98 void ktrcsw_old(struct ktr_csw_old *); 99 void ktruser_malloc(unsigned char *); 100 void ktruser_rtld(int, unsigned char *); 101 void ktruser(int, unsigned char *); 102 void ktrsockaddr(struct sockaddr *); 103 void ktrstat(struct stat *); 104 void ktrstruct(char *, size_t); 105 void ktrcapfail(struct ktr_cap_fail *); 106 void ktrfault(struct ktr_fault *); 107 void ktrfaultend(struct ktr_faultend *); 108 void usage(void); 109 void ioctlname(unsigned long, int); 110 111 int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 112 resolv = 0, abiflag = 0; 113 const char *tracefile = DEF_TRACEFILE; 114 struct ktr_header ktr_header; 115 116 #define TIME_FORMAT "%b %e %T %Y" 117 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 118 119 #define print_number(i,n,c) do { \ 120 if (decimal) \ 121 printf("%c%jd", c, (intmax_t)*i); \ 122 else \ 123 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 124 i++; \ 125 n--; \ 126 c = ','; \ 127 } while (0) 128 129 #if defined(__amd64__) || defined(__i386__) 130 131 void linux_ktrsyscall(struct ktr_syscall *); 132 void linux_ktrsysret(struct ktr_sysret *); 133 extern char *linux_syscallnames[]; 134 extern int nlinux_syscalls; 135 136 /* 137 * from linux.h 138 * Linux syscalls return negative errno's, we do positive and map them 139 */ 140 static int bsd_to_linux_errno[ELAST + 1] = { 141 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9, 142 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19, 143 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29, 144 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89, 145 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99, 146 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109, 147 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122, 148 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9, 149 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74, 150 -72, -67, -71 151 }; 152 #endif 153 154 struct proc_info 155 { 156 TAILQ_ENTRY(proc_info) info; 157 u_int sv_flags; 158 pid_t pid; 159 }; 160 161 TAILQ_HEAD(trace_procs, proc_info) trace_procs; 162 163 int 164 main(int argc, char *argv[]) 165 { 166 int ch, ktrlen, size; 167 void *m; 168 int trpoints = ALL_POINTS; 169 int drop_logged; 170 pid_t pid = 0; 171 u_int sv_flags; 172 173 setlocale(LC_CTYPE, ""); 174 175 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrsTt:")) != -1) 176 switch (ch) { 177 case 'A': 178 abiflag = 1; 179 break; 180 case 'f': 181 tracefile = optarg; 182 break; 183 case 'd': 184 decimal = 1; 185 break; 186 case 'l': 187 tail = 1; 188 break; 189 case 'm': 190 maxdata = atoi(optarg); 191 break; 192 case 'n': 193 fancy = 0; 194 break; 195 case 'p': 196 pid = atoi(optarg); 197 break; 198 case 'r': 199 resolv = 1; 200 break; 201 case 's': 202 suppressdata = 1; 203 break; 204 case 'E': 205 timestamp = 3; /* elapsed timestamp */ 206 break; 207 case 'H': 208 threads = 1; 209 break; 210 case 'R': 211 timestamp = 2; /* relative timestamp */ 212 break; 213 case 'T': 214 timestamp = 1; 215 break; 216 case 't': 217 trpoints = getpoints(optarg); 218 if (trpoints < 0) 219 errx(1, "unknown trace point in %s", optarg); 220 break; 221 default: 222 usage(); 223 } 224 225 if (argc > optind) 226 usage(); 227 228 m = malloc(size = 1025); 229 if (m == NULL) 230 errx(1, "%s", strerror(ENOMEM)); 231 if (!freopen(tracefile, "r", stdin)) 232 err(1, "%s", tracefile); 233 TAILQ_INIT(&trace_procs); 234 drop_logged = 0; 235 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 236 if (ktr_header.ktr_type & KTR_DROP) { 237 ktr_header.ktr_type &= ~KTR_DROP; 238 if (!drop_logged && threads) { 239 printf( 240 "%6jd %6jd %-8.*s Events dropped.\n", 241 (intmax_t)ktr_header.ktr_pid, 242 ktr_header.ktr_tid > 0 ? 243 (intmax_t)ktr_header.ktr_tid : 0, 244 MAXCOMLEN, ktr_header.ktr_comm); 245 drop_logged = 1; 246 } else if (!drop_logged) { 247 printf("%6jd %-8.*s Events dropped.\n", 248 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 249 ktr_header.ktr_comm); 250 drop_logged = 1; 251 } 252 } 253 if (trpoints & (1<<ktr_header.ktr_type)) 254 if (pid == 0 || ktr_header.ktr_pid == pid || 255 ktr_header.ktr_tid == pid) 256 dumpheader(&ktr_header); 257 if ((ktrlen = ktr_header.ktr_len) < 0) 258 errx(1, "bogus length 0x%x", ktrlen); 259 if (ktrlen > size) { 260 m = realloc(m, ktrlen+1); 261 if (m == NULL) 262 errx(1, "%s", strerror(ENOMEM)); 263 size = ktrlen; 264 } 265 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 266 errx(1, "data too short"); 267 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 268 continue; 269 sv_flags = abidump(&ktr_header); 270 if (pid && ktr_header.ktr_pid != pid && 271 ktr_header.ktr_tid != pid) 272 continue; 273 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 274 continue; 275 drop_logged = 0; 276 switch (ktr_header.ktr_type) { 277 case KTR_SYSCALL: 278 #if defined(__amd64__) || defined(__i386__) 279 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 280 linux_ktrsyscall((struct ktr_syscall *)m); 281 else 282 #endif 283 ktrsyscall((struct ktr_syscall *)m, sv_flags); 284 break; 285 case KTR_SYSRET: 286 #if defined(__amd64__) || defined(__i386__) 287 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 288 linux_ktrsysret((struct ktr_sysret *)m); 289 else 290 #endif 291 ktrsysret((struct ktr_sysret *)m, sv_flags); 292 break; 293 case KTR_NAMEI: 294 case KTR_SYSCTL: 295 ktrnamei(m, ktrlen); 296 break; 297 case KTR_GENIO: 298 ktrgenio((struct ktr_genio *)m, ktrlen); 299 break; 300 case KTR_PSIG: 301 ktrpsig((struct ktr_psig *)m); 302 break; 303 case KTR_CSW: 304 if (ktrlen == sizeof(struct ktr_csw_old)) 305 ktrcsw_old((struct ktr_csw_old *)m); 306 else 307 ktrcsw((struct ktr_csw *)m); 308 break; 309 case KTR_USER: 310 ktruser(ktrlen, m); 311 break; 312 case KTR_STRUCT: 313 ktrstruct(m, ktrlen); 314 break; 315 case KTR_CAPFAIL: 316 ktrcapfail((struct ktr_cap_fail *)m); 317 break; 318 case KTR_FAULT: 319 ktrfault((struct ktr_fault *)m); 320 break; 321 case KTR_FAULTEND: 322 ktrfaultend((struct ktr_faultend *)m); 323 break; 324 default: 325 printf("\n"); 326 break; 327 } 328 if (tail) 329 fflush(stdout); 330 } 331 return 0; 332 } 333 334 int 335 fread_tail(void *buf, int size, int num) 336 { 337 int i; 338 339 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 340 sleep(1); 341 clearerr(stdin); 342 } 343 return (i); 344 } 345 346 int 347 fetchprocinfo(struct ktr_header *kth, u_int *flags) 348 { 349 struct proc_info *pi; 350 351 switch (kth->ktr_type) { 352 case KTR_PROCCTOR: 353 TAILQ_FOREACH(pi, &trace_procs, info) { 354 if (pi->pid == kth->ktr_pid) { 355 TAILQ_REMOVE(&trace_procs, pi, info); 356 break; 357 } 358 } 359 pi = malloc(sizeof(struct proc_info)); 360 if (pi == NULL) 361 errx(1, "%s", strerror(ENOMEM)); 362 pi->sv_flags = *flags; 363 pi->pid = kth->ktr_pid; 364 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 365 return (1); 366 367 case KTR_PROCDTOR: 368 TAILQ_FOREACH(pi, &trace_procs, info) { 369 if (pi->pid == kth->ktr_pid) { 370 TAILQ_REMOVE(&trace_procs, pi, info); 371 free(pi); 372 break; 373 } 374 } 375 return (1); 376 } 377 378 return (0); 379 } 380 381 u_int 382 abidump(struct ktr_header *kth) 383 { 384 struct proc_info *pi; 385 const char *abi; 386 const char *arch; 387 u_int flags = 0; 388 389 TAILQ_FOREACH(pi, &trace_procs, info) { 390 if (pi->pid == kth->ktr_pid) { 391 flags = pi->sv_flags; 392 break; 393 } 394 } 395 396 if (abiflag == 0) 397 return (flags); 398 399 switch (flags & SV_ABI_MASK) { 400 case SV_ABI_LINUX: 401 abi = "L"; 402 break; 403 case SV_ABI_FREEBSD: 404 abi = "F"; 405 break; 406 default: 407 abi = "U"; 408 break; 409 } 410 411 if (flags != 0) { 412 if (flags & SV_LP64) 413 arch = "64"; 414 else 415 arch = "32"; 416 } else 417 arch = "00"; 418 419 printf("%s%s ", abi, arch); 420 421 return (flags); 422 } 423 424 void 425 dumpheader(struct ktr_header *kth) 426 { 427 static char unknown[64]; 428 static struct timeval prevtime, temp; 429 const char *type; 430 431 switch (kth->ktr_type) { 432 case KTR_SYSCALL: 433 type = "CALL"; 434 break; 435 case KTR_SYSRET: 436 type = "RET "; 437 break; 438 case KTR_NAMEI: 439 type = "NAMI"; 440 break; 441 case KTR_GENIO: 442 type = "GIO "; 443 break; 444 case KTR_PSIG: 445 type = "PSIG"; 446 break; 447 case KTR_CSW: 448 type = "CSW "; 449 break; 450 case KTR_USER: 451 type = "USER"; 452 break; 453 case KTR_STRUCT: 454 type = "STRU"; 455 break; 456 case KTR_SYSCTL: 457 type = "SCTL"; 458 break; 459 case KTR_PROCCTOR: 460 /* FALLTHROUGH */ 461 case KTR_PROCDTOR: 462 return; 463 case KTR_CAPFAIL: 464 type = "CAP "; 465 break; 466 case KTR_FAULT: 467 type = "PFLT"; 468 break; 469 case KTR_FAULTEND: 470 type = "PRET"; 471 break; 472 default: 473 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 474 type = unknown; 475 } 476 477 /* 478 * The ktr_tid field was previously the ktr_buffer field, which held 479 * the kernel pointer value for the buffer associated with data 480 * following the record header. It now holds a threadid, but only 481 * for trace files after the change. Older trace files still contain 482 * kernel pointers. Detect this and suppress the results by printing 483 * negative tid's as 0. 484 */ 485 if (threads) 486 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 487 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 488 MAXCOMLEN, kth->ktr_comm); 489 else 490 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 491 kth->ktr_comm); 492 if (timestamp) { 493 if (timestamp == 3) { 494 if (prevtime.tv_sec == 0) 495 prevtime = kth->ktr_time; 496 timevalsub(&kth->ktr_time, &prevtime); 497 } 498 if (timestamp == 2) { 499 temp = kth->ktr_time; 500 timevalsub(&kth->ktr_time, &prevtime); 501 prevtime = temp; 502 } 503 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 504 kth->ktr_time.tv_usec); 505 } 506 printf("%s ", type); 507 } 508 509 #include <sys/syscall.h> 510 #define KTRACE 511 #include <sys/kern/syscalls.c> 512 #undef KTRACE 513 int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]); 514 515 void 516 ktrsyscall(struct ktr_syscall *ktr, u_int flags) 517 { 518 int narg = ktr->ktr_narg; 519 register_t *ip; 520 intmax_t arg; 521 522 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 523 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0)) 524 printf("[%d]", ktr->ktr_code); 525 else 526 printf("%s", syscallnames[ktr->ktr_code]); 527 ip = &ktr->ktr_args[0]; 528 if (narg) { 529 char c = '('; 530 if (fancy && 531 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 532 switch (ktr->ktr_code) { 533 case SYS_ioctl: { 534 print_number(ip, narg, c); 535 putchar(c); 536 ioctlname(*ip, decimal); 537 c = ','; 538 ip++; 539 narg--; 540 break; 541 } 542 case SYS_ptrace: 543 putchar('('); 544 ptraceopname(*ip); 545 c = ','; 546 ip++; 547 narg--; 548 break; 549 case SYS_access: 550 case SYS_eaccess: 551 print_number(ip, narg, c); 552 putchar(','); 553 accessmodename(*ip); 554 ip++; 555 narg--; 556 break; 557 case SYS_open: 558 print_number(ip, narg, c); 559 putchar(','); 560 flagsandmodename(ip[0], ip[1], decimal); 561 ip += 2; 562 narg -= 2; 563 break; 564 case SYS_wait4: 565 print_number(ip, narg, c); 566 print_number(ip, narg, c); 567 putchar(','); 568 wait4optname(*ip); 569 ip++; 570 narg--; 571 break; 572 case SYS_chmod: 573 case SYS_fchmod: 574 case SYS_lchmod: 575 print_number(ip, narg, c); 576 putchar(','); 577 modename(*ip); 578 ip++; 579 narg--; 580 break; 581 case SYS_mknod: 582 print_number(ip, narg, c); 583 putchar(','); 584 modename(*ip); 585 ip++; 586 narg--; 587 break; 588 case SYS_getfsstat: 589 print_number(ip, narg, c); 590 print_number(ip, narg, c); 591 putchar(','); 592 getfsstatflagsname(*ip); 593 ip++; 594 narg--; 595 break; 596 case SYS_mount: 597 print_number(ip, narg, c); 598 print_number(ip, narg, c); 599 putchar(','); 600 mountflagsname(*ip); 601 ip++; 602 narg--; 603 break; 604 case SYS_unmount: 605 print_number(ip, narg, c); 606 putchar(','); 607 mountflagsname(*ip); 608 ip++; 609 narg--; 610 break; 611 case SYS_recvmsg: 612 case SYS_sendmsg: 613 print_number(ip, narg, c); 614 print_number(ip, narg, c); 615 putchar(','); 616 sendrecvflagsname(*ip); 617 ip++; 618 narg--; 619 break; 620 case SYS_recvfrom: 621 case SYS_sendto: 622 print_number(ip, narg, c); 623 print_number(ip, narg, c); 624 print_number(ip, narg, c); 625 putchar(','); 626 sendrecvflagsname(*ip); 627 ip++; 628 narg--; 629 break; 630 case SYS_chflags: 631 case SYS_fchflags: 632 case SYS_lchflags: 633 print_number(ip, narg, c); 634 putchar(','); 635 modename(*ip); 636 ip++; 637 narg--; 638 break; 639 case SYS_kill: 640 print_number(ip, narg, c); 641 putchar(','); 642 signame(*ip); 643 ip++; 644 narg--; 645 break; 646 case SYS_reboot: 647 putchar('('); 648 rebootoptname(*ip); 649 ip++; 650 narg--; 651 break; 652 case SYS_umask: 653 putchar('('); 654 modename(*ip); 655 ip++; 656 narg--; 657 break; 658 case SYS_msync: 659 print_number(ip, narg, c); 660 print_number(ip, narg, c); 661 putchar(','); 662 msyncflagsname(*ip); 663 ip++; 664 narg--; 665 break; 666 #ifdef SYS_freebsd6_mmap 667 case SYS_freebsd6_mmap: 668 print_number(ip, narg, c); 669 print_number(ip, narg, c); 670 putchar(','); 671 mmapprotname(*ip); 672 putchar(','); 673 ip++; 674 narg--; 675 mmapflagsname(*ip); 676 ip++; 677 narg--; 678 break; 679 #endif 680 case SYS_mmap: 681 print_number(ip, narg, c); 682 print_number(ip, narg, c); 683 putchar(','); 684 mmapprotname(*ip); 685 putchar(','); 686 ip++; 687 narg--; 688 mmapflagsname(*ip); 689 ip++; 690 narg--; 691 break; 692 case SYS_mprotect: 693 print_number(ip, narg, c); 694 print_number(ip, narg, c); 695 putchar(','); 696 mmapprotname(*ip); 697 ip++; 698 narg--; 699 break; 700 case SYS_madvise: 701 print_number(ip, narg, c); 702 print_number(ip, narg, c); 703 putchar(','); 704 madvisebehavname(*ip); 705 ip++; 706 narg--; 707 break; 708 case SYS_setpriority: 709 print_number(ip, narg, c); 710 print_number(ip, narg, c); 711 putchar(','); 712 prioname(*ip); 713 ip++; 714 narg--; 715 break; 716 case SYS_fcntl: 717 print_number(ip, narg, c); 718 putchar(','); 719 fcntlcmdname(ip[0], ip[1], decimal); 720 ip += 2; 721 narg -= 2; 722 break; 723 case SYS_socket: { 724 int sockdomain; 725 putchar('('); 726 sockdomain = *ip; 727 sockdomainname(sockdomain); 728 ip++; 729 narg--; 730 putchar(','); 731 socktypename(*ip); 732 ip++; 733 narg--; 734 if (sockdomain == PF_INET || 735 sockdomain == PF_INET6) { 736 putchar(','); 737 sockipprotoname(*ip); 738 ip++; 739 narg--; 740 } 741 c = ','; 742 break; 743 } 744 case SYS_setsockopt: 745 case SYS_getsockopt: 746 print_number(ip, narg, c); 747 putchar(','); 748 sockoptlevelname(*ip, decimal); 749 if (*ip == SOL_SOCKET) { 750 ip++; 751 narg--; 752 putchar(','); 753 sockoptname(*ip); 754 } 755 ip++; 756 narg--; 757 break; 758 #ifdef SYS_freebsd6_lseek 759 case SYS_freebsd6_lseek: 760 print_number(ip, narg, c); 761 /* Hidden 'pad' argument, not in lseek(2) */ 762 print_number(ip, narg, c); 763 print_number(ip, narg, c); 764 putchar(','); 765 whencename(*ip); 766 ip++; 767 narg--; 768 break; 769 #endif 770 case SYS_lseek: 771 print_number(ip, narg, c); 772 /* Hidden 'pad' argument, not in lseek(2) */ 773 print_number(ip, narg, c); 774 putchar(','); 775 whencename(*ip); 776 ip++; 777 narg--; 778 break; 779 case SYS_flock: 780 print_number(ip, narg, c); 781 putchar(','); 782 flockname(*ip); 783 ip++; 784 narg--; 785 break; 786 case SYS_mkfifo: 787 case SYS_mkdir: 788 print_number(ip, narg, c); 789 putchar(','); 790 modename(*ip); 791 ip++; 792 narg--; 793 break; 794 case SYS_shutdown: 795 print_number(ip, narg, c); 796 putchar(','); 797 shutdownhowname(*ip); 798 ip++; 799 narg--; 800 break; 801 case SYS_socketpair: 802 putchar('('); 803 sockdomainname(*ip); 804 ip++; 805 narg--; 806 putchar(','); 807 socktypename(*ip); 808 ip++; 809 narg--; 810 c = ','; 811 break; 812 case SYS_getrlimit: 813 case SYS_setrlimit: 814 putchar('('); 815 rlimitname(*ip); 816 ip++; 817 narg--; 818 c = ','; 819 break; 820 case SYS_quotactl: 821 print_number(ip, narg, c); 822 putchar(','); 823 quotactlname(*ip); 824 ip++; 825 narg--; 826 c = ','; 827 break; 828 case SYS_nfssvc: 829 putchar('('); 830 nfssvcname(*ip); 831 ip++; 832 narg--; 833 c = ','; 834 break; 835 case SYS_rtprio: 836 putchar('('); 837 rtprioname(*ip); 838 ip++; 839 narg--; 840 c = ','; 841 break; 842 case SYS___semctl: 843 print_number(ip, narg, c); 844 print_number(ip, narg, c); 845 putchar(','); 846 semctlname(*ip); 847 ip++; 848 narg--; 849 break; 850 case SYS_semget: 851 print_number(ip, narg, c); 852 print_number(ip, narg, c); 853 putchar(','); 854 semgetname(*ip); 855 ip++; 856 narg--; 857 break; 858 case SYS_msgctl: 859 print_number(ip, narg, c); 860 putchar(','); 861 shmctlname(*ip); 862 ip++; 863 narg--; 864 break; 865 case SYS_shmat: 866 print_number(ip, narg, c); 867 print_number(ip, narg, c); 868 putchar(','); 869 shmatname(*ip); 870 ip++; 871 narg--; 872 break; 873 case SYS_shmctl: 874 print_number(ip, narg, c); 875 putchar(','); 876 shmctlname(*ip); 877 ip++; 878 narg--; 879 break; 880 case SYS_minherit: 881 print_number(ip, narg, c); 882 print_number(ip, narg, c); 883 putchar(','); 884 minheritname(*ip); 885 ip++; 886 narg--; 887 break; 888 case SYS_rfork: 889 putchar('('); 890 rforkname(*ip); 891 ip++; 892 narg--; 893 c = ','; 894 break; 895 case SYS_lio_listio: 896 putchar('('); 897 lio_listioname(*ip); 898 ip++; 899 narg--; 900 c = ','; 901 break; 902 case SYS_mlockall: 903 putchar('('); 904 mlockallname(*ip); 905 ip++; 906 narg--; 907 break; 908 case SYS_sched_setscheduler: 909 print_number(ip, narg, c); 910 putchar(','); 911 schedpolicyname(*ip); 912 ip++; 913 narg--; 914 break; 915 case SYS_sched_get_priority_max: 916 case SYS_sched_get_priority_min: 917 putchar('('); 918 schedpolicyname(*ip); 919 ip++; 920 narg--; 921 break; 922 case SYS_sendfile: 923 print_number(ip, narg, c); 924 print_number(ip, narg, c); 925 print_number(ip, narg, c); 926 print_number(ip, narg, c); 927 print_number(ip, narg, c); 928 print_number(ip, narg, c); 929 putchar(','); 930 sendfileflagsname(*ip); 931 ip++; 932 narg--; 933 break; 934 case SYS_kldsym: 935 print_number(ip, narg, c); 936 putchar(','); 937 kldsymcmdname(*ip); 938 ip++; 939 narg--; 940 break; 941 case SYS_sigprocmask: 942 putchar('('); 943 sigprocmaskhowname(*ip); 944 ip++; 945 narg--; 946 c = ','; 947 break; 948 case SYS___acl_get_file: 949 case SYS___acl_set_file: 950 case SYS___acl_get_fd: 951 case SYS___acl_set_fd: 952 case SYS___acl_delete_file: 953 case SYS___acl_delete_fd: 954 case SYS___acl_aclcheck_file: 955 case SYS___acl_aclcheck_fd: 956 case SYS___acl_get_link: 957 case SYS___acl_set_link: 958 case SYS___acl_delete_link: 959 case SYS___acl_aclcheck_link: 960 print_number(ip, narg, c); 961 putchar(','); 962 acltypename(*ip); 963 ip++; 964 narg--; 965 break; 966 case SYS_sigaction: 967 putchar('('); 968 signame(*ip); 969 ip++; 970 narg--; 971 c = ','; 972 break; 973 case SYS_extattrctl: 974 print_number(ip, narg, c); 975 putchar(','); 976 extattrctlname(*ip); 977 ip++; 978 narg--; 979 break; 980 case SYS_nmount: 981 print_number(ip, narg, c); 982 print_number(ip, narg, c); 983 putchar(','); 984 mountflagsname(*ip); 985 ip++; 986 narg--; 987 break; 988 case SYS_thr_create: 989 print_number(ip, narg, c); 990 print_number(ip, narg, c); 991 putchar(','); 992 thrcreateflagsname(*ip); 993 ip++; 994 narg--; 995 break; 996 case SYS_thr_kill: 997 print_number(ip, narg, c); 998 putchar(','); 999 signame(*ip); 1000 ip++; 1001 narg--; 1002 break; 1003 case SYS_kldunloadf: 1004 print_number(ip, narg, c); 1005 putchar(','); 1006 kldunloadfflagsname(*ip); 1007 ip++; 1008 narg--; 1009 break; 1010 case SYS_cap_new: 1011 print_number(ip, narg, c); 1012 putchar(','); 1013 arg = *ip; 1014 ip++; 1015 narg--; 1016 /* 1017 * Hack: the second argument is a 1018 * cap_rights_t, which 64 bits wide, so on 1019 * 32-bit systems, it is split between two 1020 * registers. 1021 * 1022 * Since sizeof() is not evaluated by the 1023 * preprocessor, we can't use an #ifdef, 1024 * but the compiler will probably optimize 1025 * the code out anyway. 1026 */ 1027 if (sizeof(cap_rights_t) > sizeof(register_t)) { 1028 #if _BYTE_ORDER == _LITTLE_ENDIAN 1029 arg = ((intmax_t)*ip << 32) + arg; 1030 #else 1031 arg = (arg << 32) + *ip; 1032 #endif 1033 ip++; 1034 narg--; 1035 } 1036 capname(arg); 1037 break; 1038 case SYS_posix_fadvise: 1039 print_number(ip, narg, c); 1040 print_number(ip, narg, c); 1041 print_number(ip, narg, c); 1042 (void)putchar(','); 1043 fadvisebehavname((int)*ip); 1044 ip++; 1045 narg--; 1046 break; 1047 } 1048 } 1049 while (narg > 0) { 1050 print_number(ip, narg, c); 1051 } 1052 putchar(')'); 1053 } 1054 putchar('\n'); 1055 } 1056 1057 void 1058 ktrsysret(struct ktr_sysret *ktr, u_int flags) 1059 { 1060 register_t ret = ktr->ktr_retval; 1061 int error = ktr->ktr_error; 1062 int code = ktr->ktr_code; 1063 1064 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 1065 (code >= nsyscalls || code < 0)) 1066 printf("[%d] ", code); 1067 else 1068 printf("%s ", syscallnames[code]); 1069 1070 if (error == 0) { 1071 if (fancy) { 1072 printf("%ld", (long)ret); 1073 if (ret < 0 || ret > 9) 1074 printf("/%#lx", (unsigned long)ret); 1075 } else { 1076 if (decimal) 1077 printf("%ld", (long)ret); 1078 else 1079 printf("%#lx", (unsigned long)ret); 1080 } 1081 } else if (error == ERESTART) 1082 printf("RESTART"); 1083 else if (error == EJUSTRETURN) 1084 printf("JUSTRETURN"); 1085 else { 1086 printf("-1 errno %d", ktr->ktr_error); 1087 if (fancy) 1088 printf(" %s", strerror(ktr->ktr_error)); 1089 } 1090 putchar('\n'); 1091 } 1092 1093 void 1094 ktrnamei(char *cp, int len) 1095 { 1096 printf("\"%.*s\"\n", len, cp); 1097 } 1098 1099 void 1100 hexdump(char *p, int len, int screenwidth) 1101 { 1102 int n, i; 1103 int width; 1104 1105 width = 0; 1106 do { 1107 width += 2; 1108 i = 13; /* base offset */ 1109 i += (width / 2) + 1; /* spaces every second byte */ 1110 i += (width * 2); /* width of bytes */ 1111 i += 3; /* " |" */ 1112 i += width; /* each byte */ 1113 i += 1; /* "|" */ 1114 } while (i < screenwidth); 1115 width -= 2; 1116 1117 for (n = 0; n < len; n += width) { 1118 for (i = n; i < n + width; i++) { 1119 if ((i % width) == 0) { /* beginning of line */ 1120 printf(" 0x%04x", i); 1121 } 1122 if ((i % 2) == 0) { 1123 printf(" "); 1124 } 1125 if (i < len) 1126 printf("%02x", p[i] & 0xff); 1127 else 1128 printf(" "); 1129 } 1130 printf(" |"); 1131 for (i = n; i < n + width; i++) { 1132 if (i >= len) 1133 break; 1134 if (p[i] >= ' ' && p[i] <= '~') 1135 printf("%c", p[i]); 1136 else 1137 printf("."); 1138 } 1139 printf("|\n"); 1140 } 1141 if ((i % width) != 0) 1142 printf("\n"); 1143 } 1144 1145 void 1146 visdump(char *dp, int datalen, int screenwidth) 1147 { 1148 int col = 0; 1149 char *cp; 1150 int width; 1151 char visbuf[5]; 1152 1153 printf(" \""); 1154 col = 8; 1155 for (;datalen > 0; datalen--, dp++) { 1156 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1157 cp = visbuf; 1158 /* 1159 * Keep track of printables and 1160 * space chars (like fold(1)). 1161 */ 1162 if (col == 0) { 1163 putchar('\t'); 1164 col = 8; 1165 } 1166 switch(*cp) { 1167 case '\n': 1168 col = 0; 1169 putchar('\n'); 1170 continue; 1171 case '\t': 1172 width = 8 - (col&07); 1173 break; 1174 default: 1175 width = strlen(cp); 1176 } 1177 if (col + width > (screenwidth-2)) { 1178 printf("\\\n\t"); 1179 col = 8; 1180 } 1181 col += width; 1182 do { 1183 putchar(*cp++); 1184 } while (*cp); 1185 } 1186 if (col == 0) 1187 printf(" "); 1188 printf("\"\n"); 1189 } 1190 1191 void 1192 ktrgenio(struct ktr_genio *ktr, int len) 1193 { 1194 int datalen = len - sizeof (struct ktr_genio); 1195 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1196 static int screenwidth = 0; 1197 int i, binary; 1198 1199 if (screenwidth == 0) { 1200 struct winsize ws; 1201 1202 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1203 ws.ws_col > 8) 1204 screenwidth = ws.ws_col; 1205 else 1206 screenwidth = 80; 1207 } 1208 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1209 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1210 datalen == 1 ? "" : "s"); 1211 if (suppressdata) 1212 return; 1213 if (maxdata && datalen > maxdata) 1214 datalen = maxdata; 1215 1216 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1217 if (dp[i] >= 32 && dp[i] < 127) 1218 continue; 1219 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1220 continue; 1221 binary = 1; 1222 } 1223 if (binary) 1224 hexdump(dp, datalen, screenwidth); 1225 else 1226 visdump(dp, datalen, screenwidth); 1227 } 1228 1229 const char *signames[] = { 1230 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1231 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1232 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1233 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1234 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1235 "USR2", NULL, /* 31 - 32 */ 1236 }; 1237 1238 void 1239 ktrpsig(struct ktr_psig *psig) 1240 { 1241 if (psig->signo > 0 && psig->signo < NSIG) 1242 printf("SIG%s ", signames[psig->signo]); 1243 else 1244 printf("SIG %d ", psig->signo); 1245 if (psig->action == SIG_DFL) { 1246 printf("SIG_DFL code="); 1247 sigcodename(psig->signo, psig->code); 1248 putchar('\n'); 1249 } else { 1250 printf("caught handler=0x%lx mask=0x%x code=", 1251 (u_long)psig->action, psig->mask.__bits[0]); 1252 sigcodename(psig->signo, psig->code); 1253 putchar('\n'); 1254 } 1255 } 1256 1257 void 1258 ktrcsw_old(struct ktr_csw_old *cs) 1259 { 1260 printf("%s %s\n", cs->out ? "stop" : "resume", 1261 cs->user ? "user" : "kernel"); 1262 } 1263 1264 void 1265 ktrcsw(struct ktr_csw *cs) 1266 { 1267 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1268 cs->user ? "user" : "kernel", cs->wmesg); 1269 } 1270 1271 #define UTRACE_DLOPEN_START 1 1272 #define UTRACE_DLOPEN_STOP 2 1273 #define UTRACE_DLCLOSE_START 3 1274 #define UTRACE_DLCLOSE_STOP 4 1275 #define UTRACE_LOAD_OBJECT 5 1276 #define UTRACE_UNLOAD_OBJECT 6 1277 #define UTRACE_ADD_RUNDEP 7 1278 #define UTRACE_PRELOAD_FINISHED 8 1279 #define UTRACE_INIT_CALL 9 1280 #define UTRACE_FINI_CALL 10 1281 1282 struct utrace_rtld { 1283 char sig[4]; /* 'RTLD' */ 1284 int event; 1285 void *handle; 1286 void *mapbase; 1287 size_t mapsize; 1288 int refcnt; 1289 char name[MAXPATHLEN]; 1290 }; 1291 1292 void 1293 ktruser_rtld(int len, unsigned char *p) 1294 { 1295 struct utrace_rtld *ut = (struct utrace_rtld *)p; 1296 void *parent; 1297 int mode; 1298 1299 switch (ut->event) { 1300 case UTRACE_DLOPEN_START: 1301 mode = ut->refcnt; 1302 printf("dlopen(%s, ", ut->name); 1303 switch (mode & RTLD_MODEMASK) { 1304 case RTLD_NOW: 1305 printf("RTLD_NOW"); 1306 break; 1307 case RTLD_LAZY: 1308 printf("RTLD_LAZY"); 1309 break; 1310 default: 1311 printf("%#x", mode & RTLD_MODEMASK); 1312 } 1313 if (mode & RTLD_GLOBAL) 1314 printf(" | RTLD_GLOBAL"); 1315 if (mode & RTLD_TRACE) 1316 printf(" | RTLD_TRACE"); 1317 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)) 1318 printf(" | %#x", mode & 1319 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)); 1320 printf(")\n"); 1321 break; 1322 case UTRACE_DLOPEN_STOP: 1323 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name, 1324 ut->refcnt); 1325 break; 1326 case UTRACE_DLCLOSE_START: 1327 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name, 1328 ut->refcnt); 1329 break; 1330 case UTRACE_DLCLOSE_STOP: 1331 printf("dlclose(%p) finished\n", ut->handle); 1332 break; 1333 case UTRACE_LOAD_OBJECT: 1334 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle, 1335 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1336 ut->name); 1337 break; 1338 case UTRACE_UNLOAD_OBJECT: 1339 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle, 1340 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1341 ut->name); 1342 break; 1343 case UTRACE_ADD_RUNDEP: 1344 parent = ut->mapbase; 1345 printf("RTLD: %p now depends on %p (%s, %d)\n", parent, 1346 ut->handle, ut->name, ut->refcnt); 1347 break; 1348 case UTRACE_PRELOAD_FINISHED: 1349 printf("RTLD: LD_PRELOAD finished\n"); 1350 break; 1351 case UTRACE_INIT_CALL: 1352 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle, 1353 ut->name); 1354 break; 1355 case UTRACE_FINI_CALL: 1356 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle, 1357 ut->name); 1358 break; 1359 default: 1360 p += 4; 1361 len -= 4; 1362 printf("RTLD: %d ", len); 1363 while (len--) 1364 if (decimal) 1365 printf(" %d", *p++); 1366 else 1367 printf(" %02x", *p++); 1368 printf("\n"); 1369 } 1370 } 1371 1372 struct utrace_malloc { 1373 void *p; 1374 size_t s; 1375 void *r; 1376 }; 1377 1378 void 1379 ktruser_malloc(unsigned char *p) 1380 { 1381 struct utrace_malloc *ut = (struct utrace_malloc *)p; 1382 1383 if (ut->p == (void *)(intptr_t)(-1)) 1384 printf("malloc_init()\n"); 1385 else if (ut->s == 0) 1386 printf("free(%p)\n", ut->p); 1387 else if (ut->p == NULL) 1388 printf("%p = malloc(%zu)\n", ut->r, ut->s); 1389 else 1390 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s); 1391 } 1392 1393 void 1394 ktruser(int len, unsigned char *p) 1395 { 1396 1397 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) { 1398 ktruser_rtld(len, p); 1399 return; 1400 } 1401 1402 if (len == sizeof(struct utrace_malloc)) { 1403 ktruser_malloc(p); 1404 return; 1405 } 1406 1407 printf("%d ", len); 1408 while (len--) 1409 if (decimal) 1410 printf(" %d", *p++); 1411 else 1412 printf(" %02x", *p++); 1413 printf("\n"); 1414 } 1415 1416 void 1417 ktrsockaddr(struct sockaddr *sa) 1418 { 1419 /* 1420 TODO: Support additional address families 1421 #include <netnatm/natm.h> 1422 struct sockaddr_natm *natm; 1423 */ 1424 char addr[64]; 1425 1426 /* 1427 * note: ktrstruct() has already verified that sa points to a 1428 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1429 * sa->sa_len bytes long. 1430 */ 1431 printf("struct sockaddr { "); 1432 sockfamilyname(sa->sa_family); 1433 printf(", "); 1434 1435 #define check_sockaddr_len(n) \ 1436 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1437 printf("invalid"); \ 1438 break; \ 1439 } 1440 1441 switch(sa->sa_family) { 1442 case AF_INET: { 1443 struct sockaddr_in sa_in; 1444 1445 memset(&sa_in, 0, sizeof(sa_in)); 1446 memcpy(&sa_in, sa, sizeof(sa)); 1447 check_sockaddr_len(in); 1448 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1449 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1450 break; 1451 } 1452 #ifdef NETATALK 1453 case AF_APPLETALK: { 1454 struct sockaddr_at sa_at; 1455 struct netrange *nr; 1456 1457 memset(&sa_at, 0, sizeof(sa_at)); 1458 memcpy(&sa_at, sa, sizeof(sa)); 1459 check_sockaddr_len(at); 1460 nr = &sa_at.sat_range.r_netrange; 1461 printf("%d.%d, %d-%d, %d", ntohs(sa_at.sat_addr.s_net), 1462 sa_at.sat_addr.s_node, ntohs(nr->nr_firstnet), 1463 ntohs(nr->nr_lastnet), nr->nr_phase); 1464 break; 1465 } 1466 #endif 1467 case AF_INET6: { 1468 struct sockaddr_in6 sa_in6; 1469 1470 memset(&sa_in6, 0, sizeof(sa_in6)); 1471 memcpy(&sa_in6, sa, sizeof(sa)); 1472 check_sockaddr_len(in6); 1473 inet_ntop(AF_INET6, &sa_in6.sin6_addr, addr, sizeof addr); 1474 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1475 break; 1476 } 1477 #ifdef IPX 1478 case AF_IPX: { 1479 struct sockaddr_ipx sa_ipx; 1480 1481 memset(&sa_ipx, 0, sizeof(sa_ipx)); 1482 memcpy(&sa_ipx, sa, sizeof(sa)); 1483 check_sockaddr_len(ipx); 1484 /* XXX wish we had ipx_ntop */ 1485 printf("%s", ipx_ntoa(sa_ipx.sipx_addr)); 1486 free(sa_ipx); 1487 break; 1488 } 1489 #endif 1490 case AF_UNIX: { 1491 struct sockaddr_un sa_un; 1492 1493 memset(&sa_un, 0, sizeof(sa_un)); 1494 memcpy(&sa_un, sa, sizeof(sa)); 1495 check_sockaddr_len(un); 1496 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1497 break; 1498 } 1499 default: 1500 printf("unknown address family"); 1501 } 1502 printf(" }\n"); 1503 } 1504 1505 void 1506 ktrstat(struct stat *statp) 1507 { 1508 char mode[12], timestr[PATH_MAX + 4]; 1509 struct passwd *pwd; 1510 struct group *grp; 1511 struct tm *tm; 1512 1513 /* 1514 * note: ktrstruct() has already verified that statp points to a 1515 * buffer exactly sizeof(struct stat) bytes long. 1516 */ 1517 printf("struct stat {"); 1518 strmode(statp->st_mode, mode); 1519 printf("dev=%ju, ino=%ju, mode=%s, nlink=%ju, ", 1520 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino, mode, 1521 (uintmax_t)statp->st_nlink); 1522 if (resolv == 0 || (pwd = getpwuid(statp->st_uid)) == NULL) 1523 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1524 else 1525 printf("uid=\"%s\", ", pwd->pw_name); 1526 if (resolv == 0 || (grp = getgrgid(statp->st_gid)) == NULL) 1527 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1528 else 1529 printf("gid=\"%s\", ", grp->gr_name); 1530 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1531 printf("atime="); 1532 if (resolv == 0) 1533 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1534 else { 1535 tm = localtime(&statp->st_atim.tv_sec); 1536 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1537 printf("\"%s\"", timestr); 1538 } 1539 if (statp->st_atim.tv_nsec != 0) 1540 printf(".%09ld, ", statp->st_atim.tv_nsec); 1541 else 1542 printf(", "); 1543 printf("stime="); 1544 if (resolv == 0) 1545 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1546 else { 1547 tm = localtime(&statp->st_mtim.tv_sec); 1548 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1549 printf("\"%s\"", timestr); 1550 } 1551 if (statp->st_mtim.tv_nsec != 0) 1552 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1553 else 1554 printf(", "); 1555 printf("ctime="); 1556 if (resolv == 0) 1557 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1558 else { 1559 tm = localtime(&statp->st_ctim.tv_sec); 1560 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1561 printf("\"%s\"", timestr); 1562 } 1563 if (statp->st_ctim.tv_nsec != 0) 1564 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1565 else 1566 printf(", "); 1567 printf("birthtime="); 1568 if (resolv == 0) 1569 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1570 else { 1571 tm = localtime(&statp->st_birthtim.tv_sec); 1572 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1573 printf("\"%s\"", timestr); 1574 } 1575 if (statp->st_birthtim.tv_nsec != 0) 1576 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1577 else 1578 printf(", "); 1579 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1580 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1581 (intmax_t)statp->st_blocks, statp->st_flags); 1582 printf(" }\n"); 1583 } 1584 1585 void 1586 ktrstruct(char *buf, size_t buflen) 1587 { 1588 char *name, *data; 1589 size_t namelen, datalen; 1590 int i; 1591 struct stat sb; 1592 struct sockaddr_storage ss; 1593 1594 for (name = buf, namelen = 0; 1595 namelen < buflen && name[namelen] != '\0'; 1596 ++namelen) 1597 /* nothing */; 1598 if (namelen == buflen) 1599 goto invalid; 1600 if (name[namelen] != '\0') 1601 goto invalid; 1602 data = buf + namelen + 1; 1603 datalen = buflen - namelen - 1; 1604 if (datalen == 0) 1605 goto invalid; 1606 /* sanity check */ 1607 for (i = 0; i < (int)namelen; ++i) 1608 if (!isalpha(name[i])) 1609 goto invalid; 1610 if (strcmp(name, "stat") == 0) { 1611 if (datalen != sizeof(struct stat)) 1612 goto invalid; 1613 memcpy(&sb, data, datalen); 1614 ktrstat(&sb); 1615 } else if (strcmp(name, "sockaddr") == 0) { 1616 if (datalen > sizeof(ss)) 1617 goto invalid; 1618 memcpy(&ss, data, datalen); 1619 if (datalen < sizeof(struct sockaddr) || 1620 datalen != ss.ss_len) 1621 goto invalid; 1622 ktrsockaddr((struct sockaddr *)&ss); 1623 } else { 1624 printf("unknown structure\n"); 1625 } 1626 return; 1627 invalid: 1628 printf("invalid record\n"); 1629 } 1630 1631 void 1632 ktrcapfail(struct ktr_cap_fail *ktr) 1633 { 1634 switch (ktr->cap_type) { 1635 case CAPFAIL_NOTCAPABLE: 1636 /* operation on fd with insufficient capabilities */ 1637 printf("operation requires "); 1638 capname((intmax_t)ktr->cap_needed); 1639 printf(", process holds "); 1640 capname((intmax_t)ktr->cap_held); 1641 break; 1642 case CAPFAIL_INCREASE: 1643 /* requested more capabilities than fd already has */ 1644 printf("attempt to increase capabilities from "); 1645 capname((intmax_t)ktr->cap_held); 1646 printf(" to "); 1647 capname((intmax_t)ktr->cap_needed); 1648 break; 1649 case CAPFAIL_SYSCALL: 1650 /* called restricted syscall */ 1651 printf("disallowed system call"); 1652 break; 1653 case CAPFAIL_LOOKUP: 1654 /* used ".." in strict-relative mode */ 1655 printf("restricted VFS lookup"); 1656 break; 1657 default: 1658 printf("unknown capability failure: "); 1659 capname((intmax_t)ktr->cap_needed); 1660 printf(" "); 1661 capname((intmax_t)ktr->cap_held); 1662 break; 1663 } 1664 printf("\n"); 1665 } 1666 1667 void 1668 ktrfault(struct ktr_fault *ktr) 1669 { 1670 1671 printf("0x%jx ", ktr->vaddr); 1672 vmprotname(ktr->type); 1673 printf("\n"); 1674 } 1675 1676 void 1677 ktrfaultend(struct ktr_faultend *ktr) 1678 { 1679 1680 vmresultname(ktr->result); 1681 printf("\n"); 1682 } 1683 1684 #if defined(__amd64__) || defined(__i386__) 1685 void 1686 linux_ktrsyscall(struct ktr_syscall *ktr) 1687 { 1688 int narg = ktr->ktr_narg; 1689 register_t *ip; 1690 1691 if (ktr->ktr_code >= nlinux_syscalls || ktr->ktr_code < 0) 1692 printf("[%d]", ktr->ktr_code); 1693 else 1694 printf("%s", linux_syscallnames[ktr->ktr_code]); 1695 ip = &ktr->ktr_args[0]; 1696 if (narg) { 1697 char c = '('; 1698 while (narg > 0) 1699 print_number(ip, narg, c); 1700 putchar(')'); 1701 } 1702 putchar('\n'); 1703 } 1704 1705 void 1706 linux_ktrsysret(struct ktr_sysret *ktr) 1707 { 1708 register_t ret = ktr->ktr_retval; 1709 int error = ktr->ktr_error; 1710 int code = ktr->ktr_code; 1711 1712 if (code >= nlinux_syscalls || code < 0) 1713 printf("[%d] ", code); 1714 else 1715 printf("%s ", linux_syscallnames[code]); 1716 1717 if (error == 0) { 1718 if (fancy) { 1719 printf("%ld", (long)ret); 1720 if (ret < 0 || ret > 9) 1721 printf("/%#lx", (unsigned long)ret); 1722 } else { 1723 if (decimal) 1724 printf("%ld", (long)ret); 1725 else 1726 printf("%#lx", (unsigned long)ret); 1727 } 1728 } else if (error == ERESTART) 1729 printf("RESTART"); 1730 else if (error == EJUSTRETURN) 1731 printf("JUSTRETURN"); 1732 else { 1733 if (ktr->ktr_error <= ELAST + 1) 1734 error = abs(bsd_to_linux_errno[ktr->ktr_error]); 1735 else 1736 error = 999; 1737 printf("-1 errno %d", error); 1738 if (fancy) 1739 printf(" %s", strerror(ktr->ktr_error)); 1740 } 1741 putchar('\n'); 1742 } 1743 #endif 1744 1745 void 1746 usage(void) 1747 { 1748 fprintf(stderr, "usage: kdump [-dEnlHRrsTA] [-f trfile] " 1749 "[-m maxdata] [-p pid] [-t trstr]\n"); 1750 exit(1); 1751 } 1752