1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _KERNEL 45 extern int errno; 46 #include <sys/errno.h> 47 #undef _KERNEL 48 #include <sys/param.h> 49 #include <sys/errno.h> 50 #define _KERNEL 51 #include <sys/time.h> 52 #undef _KERNEL 53 #include <sys/uio.h> 54 #include <sys/ktrace.h> 55 #include <sys/ioctl.h> 56 #include <sys/socket.h> 57 #include <sys/stat.h> 58 #include <sys/sysent.h> 59 #include <sys/un.h> 60 #include <sys/queue.h> 61 #ifdef IPX 62 #include <sys/types.h> 63 #include <netipx/ipx.h> 64 #endif 65 #ifdef NETATALK 66 #include <netatalk/at.h> 67 #endif 68 #include <arpa/inet.h> 69 #include <netinet/in.h> 70 #include <ctype.h> 71 #include <dlfcn.h> 72 #include <err.h> 73 #include <grp.h> 74 #include <inttypes.h> 75 #include <locale.h> 76 #include <pwd.h> 77 #include <stdio.h> 78 #include <stdlib.h> 79 #include <string.h> 80 #include <time.h> 81 #include <unistd.h> 82 #include <vis.h> 83 #include "ktrace.h" 84 #include "kdump_subr.h" 85 86 u_int abidump(struct ktr_header *); 87 int fetchprocinfo(struct ktr_header *, u_int *); 88 int fread_tail(void *, int, int); 89 void dumpheader(struct ktr_header *); 90 void ktrsyscall(struct ktr_syscall *, u_int); 91 void ktrsysret(struct ktr_sysret *, u_int); 92 void ktrnamei(char *, int); 93 void hexdump(char *, int, int); 94 void visdump(char *, int, int); 95 void ktrgenio(struct ktr_genio *, int); 96 void ktrpsig(struct ktr_psig *); 97 void ktrcsw(struct ktr_csw *); 98 void ktrcsw_old(struct ktr_csw_old *); 99 void ktruser_malloc(unsigned char *); 100 void ktruser_rtld(int, unsigned char *); 101 void ktruser(int, unsigned char *); 102 void ktrsockaddr(struct sockaddr *); 103 void ktrstat(struct stat *); 104 void ktrstruct(char *, size_t); 105 void ktrcapfail(struct ktr_cap_fail *); 106 void ktrfault(struct ktr_fault *); 107 void ktrfaultend(struct ktr_faultend *); 108 void usage(void); 109 void ioctlname(unsigned long, int); 110 111 int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 112 resolv = 0, abiflag = 0; 113 const char *tracefile = DEF_TRACEFILE; 114 struct ktr_header ktr_header; 115 116 #define TIME_FORMAT "%b %e %T %Y" 117 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 118 119 #define print_number(i,n,c) do { \ 120 if (decimal) \ 121 printf("%c%jd", c, (intmax_t)*i); \ 122 else \ 123 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 124 i++; \ 125 n--; \ 126 c = ','; \ 127 } while (0) 128 129 #if defined(__amd64__) || defined(__i386__) 130 131 void linux_ktrsyscall(struct ktr_syscall *); 132 void linux_ktrsysret(struct ktr_sysret *); 133 extern char *linux_syscallnames[]; 134 extern int nlinux_syscalls; 135 136 /* 137 * from linux.h 138 * Linux syscalls return negative errno's, we do positive and map them 139 */ 140 static int bsd_to_linux_errno[ELAST + 1] = { 141 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9, 142 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19, 143 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29, 144 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89, 145 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99, 146 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109, 147 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122, 148 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9, 149 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74, 150 -72, -67, -71 151 }; 152 #endif 153 154 struct proc_info 155 { 156 TAILQ_ENTRY(proc_info) info; 157 u_int sv_flags; 158 pid_t pid; 159 }; 160 161 TAILQ_HEAD(trace_procs, proc_info) trace_procs; 162 163 int 164 main(int argc, char *argv[]) 165 { 166 int ch, ktrlen, size; 167 void *m; 168 int trpoints = ALL_POINTS; 169 int drop_logged; 170 pid_t pid = 0; 171 u_int sv_flags; 172 173 setlocale(LC_CTYPE, ""); 174 175 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrsTt:")) != -1) 176 switch (ch) { 177 case 'A': 178 abiflag = 1; 179 break; 180 case 'f': 181 tracefile = optarg; 182 break; 183 case 'd': 184 decimal = 1; 185 break; 186 case 'l': 187 tail = 1; 188 break; 189 case 'm': 190 maxdata = atoi(optarg); 191 break; 192 case 'n': 193 fancy = 0; 194 break; 195 case 'p': 196 pid = atoi(optarg); 197 break; 198 case 'r': 199 resolv = 1; 200 break; 201 case 's': 202 suppressdata = 1; 203 break; 204 case 'E': 205 timestamp = 3; /* elapsed timestamp */ 206 break; 207 case 'H': 208 threads = 1; 209 break; 210 case 'R': 211 timestamp = 2; /* relative timestamp */ 212 break; 213 case 'T': 214 timestamp = 1; 215 break; 216 case 't': 217 trpoints = getpoints(optarg); 218 if (trpoints < 0) 219 errx(1, "unknown trace point in %s", optarg); 220 break; 221 default: 222 usage(); 223 } 224 225 if (argc > optind) 226 usage(); 227 228 m = malloc(size = 1025); 229 if (m == NULL) 230 errx(1, "%s", strerror(ENOMEM)); 231 if (!freopen(tracefile, "r", stdin)) 232 err(1, "%s", tracefile); 233 TAILQ_INIT(&trace_procs); 234 drop_logged = 0; 235 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 236 if (ktr_header.ktr_type & KTR_DROP) { 237 ktr_header.ktr_type &= ~KTR_DROP; 238 if (!drop_logged && threads) { 239 printf( 240 "%6jd %6jd %-8.*s Events dropped.\n", 241 (intmax_t)ktr_header.ktr_pid, 242 ktr_header.ktr_tid > 0 ? 243 (intmax_t)ktr_header.ktr_tid : 0, 244 MAXCOMLEN, ktr_header.ktr_comm); 245 drop_logged = 1; 246 } else if (!drop_logged) { 247 printf("%6jd %-8.*s Events dropped.\n", 248 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 249 ktr_header.ktr_comm); 250 drop_logged = 1; 251 } 252 } 253 if (trpoints & (1<<ktr_header.ktr_type)) 254 if (pid == 0 || ktr_header.ktr_pid == pid) 255 dumpheader(&ktr_header); 256 if ((ktrlen = ktr_header.ktr_len) < 0) 257 errx(1, "bogus length 0x%x", ktrlen); 258 if (ktrlen > size) { 259 m = realloc(m, ktrlen+1); 260 if (m == NULL) 261 errx(1, "%s", strerror(ENOMEM)); 262 size = ktrlen; 263 } 264 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 265 errx(1, "data too short"); 266 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 267 continue; 268 sv_flags = abidump(&ktr_header); 269 if (pid && ktr_header.ktr_pid != pid) 270 continue; 271 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 272 continue; 273 drop_logged = 0; 274 switch (ktr_header.ktr_type) { 275 case KTR_SYSCALL: 276 #if defined(__amd64__) || defined(__i386__) 277 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 278 linux_ktrsyscall((struct ktr_syscall *)m); 279 else 280 #endif 281 ktrsyscall((struct ktr_syscall *)m, sv_flags); 282 break; 283 case KTR_SYSRET: 284 #if defined(__amd64__) || defined(__i386__) 285 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 286 linux_ktrsysret((struct ktr_sysret *)m); 287 else 288 #endif 289 ktrsysret((struct ktr_sysret *)m, sv_flags); 290 break; 291 case KTR_NAMEI: 292 case KTR_SYSCTL: 293 ktrnamei(m, ktrlen); 294 break; 295 case KTR_GENIO: 296 ktrgenio((struct ktr_genio *)m, ktrlen); 297 break; 298 case KTR_PSIG: 299 ktrpsig((struct ktr_psig *)m); 300 break; 301 case KTR_CSW: 302 if (ktrlen == sizeof(struct ktr_csw_old)) 303 ktrcsw_old((struct ktr_csw_old *)m); 304 else 305 ktrcsw((struct ktr_csw *)m); 306 break; 307 case KTR_USER: 308 ktruser(ktrlen, m); 309 break; 310 case KTR_STRUCT: 311 ktrstruct(m, ktrlen); 312 break; 313 case KTR_CAPFAIL: 314 ktrcapfail((struct ktr_cap_fail *)m); 315 break; 316 case KTR_FAULT: 317 ktrfault((struct ktr_fault *)m); 318 break; 319 case KTR_FAULTEND: 320 ktrfaultend((struct ktr_faultend *)m); 321 break; 322 default: 323 printf("\n"); 324 break; 325 } 326 if (tail) 327 fflush(stdout); 328 } 329 return 0; 330 } 331 332 int 333 fread_tail(void *buf, int size, int num) 334 { 335 int i; 336 337 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 338 sleep(1); 339 clearerr(stdin); 340 } 341 return (i); 342 } 343 344 int 345 fetchprocinfo(struct ktr_header *kth, u_int *flags) 346 { 347 struct proc_info *pi; 348 349 switch (kth->ktr_type) { 350 case KTR_PROCCTOR: 351 TAILQ_FOREACH(pi, &trace_procs, info) { 352 if (pi->pid == kth->ktr_pid) { 353 TAILQ_REMOVE(&trace_procs, pi, info); 354 break; 355 } 356 } 357 pi = malloc(sizeof(struct proc_info)); 358 if (pi == NULL) 359 errx(1, "%s", strerror(ENOMEM)); 360 pi->sv_flags = *flags; 361 pi->pid = kth->ktr_pid; 362 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 363 return (1); 364 365 case KTR_PROCDTOR: 366 TAILQ_FOREACH(pi, &trace_procs, info) { 367 if (pi->pid == kth->ktr_pid) { 368 TAILQ_REMOVE(&trace_procs, pi, info); 369 free(pi); 370 break; 371 } 372 } 373 return (1); 374 } 375 376 return (0); 377 } 378 379 u_int 380 abidump(struct ktr_header *kth) 381 { 382 struct proc_info *pi; 383 const char *abi; 384 const char *arch; 385 u_int flags = 0; 386 387 TAILQ_FOREACH(pi, &trace_procs, info) { 388 if (pi->pid == kth->ktr_pid) { 389 flags = pi->sv_flags; 390 break; 391 } 392 } 393 394 if (abiflag == 0) 395 return (flags); 396 397 switch (flags & SV_ABI_MASK) { 398 case SV_ABI_LINUX: 399 abi = "L"; 400 break; 401 case SV_ABI_FREEBSD: 402 abi = "F"; 403 break; 404 default: 405 abi = "U"; 406 break; 407 } 408 409 if (flags != 0) { 410 if (flags & SV_LP64) 411 arch = "64"; 412 else 413 arch = "32"; 414 } else 415 arch = "00"; 416 417 printf("%s%s ", abi, arch); 418 419 return (flags); 420 } 421 422 void 423 dumpheader(struct ktr_header *kth) 424 { 425 static char unknown[64]; 426 static struct timeval prevtime, temp; 427 const char *type; 428 429 switch (kth->ktr_type) { 430 case KTR_SYSCALL: 431 type = "CALL"; 432 break; 433 case KTR_SYSRET: 434 type = "RET "; 435 break; 436 case KTR_NAMEI: 437 type = "NAMI"; 438 break; 439 case KTR_GENIO: 440 type = "GIO "; 441 break; 442 case KTR_PSIG: 443 type = "PSIG"; 444 break; 445 case KTR_CSW: 446 type = "CSW "; 447 break; 448 case KTR_USER: 449 type = "USER"; 450 break; 451 case KTR_STRUCT: 452 type = "STRU"; 453 break; 454 case KTR_SYSCTL: 455 type = "SCTL"; 456 break; 457 case KTR_PROCCTOR: 458 /* FALLTHROUGH */ 459 case KTR_PROCDTOR: 460 return; 461 case KTR_CAPFAIL: 462 type = "CAP "; 463 break; 464 case KTR_FAULT: 465 type = "PFLT"; 466 break; 467 case KTR_FAULTEND: 468 type = "PRET"; 469 break; 470 default: 471 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 472 type = unknown; 473 } 474 475 /* 476 * The ktr_tid field was previously the ktr_buffer field, which held 477 * the kernel pointer value for the buffer associated with data 478 * following the record header. It now holds a threadid, but only 479 * for trace files after the change. Older trace files still contain 480 * kernel pointers. Detect this and suppress the results by printing 481 * negative tid's as 0. 482 */ 483 if (threads) 484 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 485 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 486 MAXCOMLEN, kth->ktr_comm); 487 else 488 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 489 kth->ktr_comm); 490 if (timestamp) { 491 if (timestamp == 3) { 492 if (prevtime.tv_sec == 0) 493 prevtime = kth->ktr_time; 494 timevalsub(&kth->ktr_time, &prevtime); 495 } 496 if (timestamp == 2) { 497 temp = kth->ktr_time; 498 timevalsub(&kth->ktr_time, &prevtime); 499 prevtime = temp; 500 } 501 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 502 kth->ktr_time.tv_usec); 503 } 504 printf("%s ", type); 505 } 506 507 #include <sys/syscall.h> 508 #define KTRACE 509 #include <sys/kern/syscalls.c> 510 #undef KTRACE 511 int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]); 512 513 void 514 ktrsyscall(struct ktr_syscall *ktr, u_int flags) 515 { 516 int narg = ktr->ktr_narg; 517 register_t *ip; 518 intmax_t arg; 519 520 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 521 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0)) 522 printf("[%d]", ktr->ktr_code); 523 else 524 printf("%s", syscallnames[ktr->ktr_code]); 525 ip = &ktr->ktr_args[0]; 526 if (narg) { 527 char c = '('; 528 if (fancy && 529 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 530 switch (ktr->ktr_code) { 531 case SYS_ioctl: { 532 print_number(ip, narg, c); 533 putchar(c); 534 ioctlname(*ip, decimal); 535 c = ','; 536 ip++; 537 narg--; 538 break; 539 } 540 case SYS_ptrace: 541 putchar('('); 542 ptraceopname(*ip); 543 c = ','; 544 ip++; 545 narg--; 546 break; 547 case SYS_access: 548 case SYS_eaccess: 549 print_number(ip, narg, c); 550 putchar(','); 551 accessmodename(*ip); 552 ip++; 553 narg--; 554 break; 555 case SYS_open: 556 print_number(ip, narg, c); 557 putchar(','); 558 flagsandmodename(ip[0], ip[1], decimal); 559 ip += 2; 560 narg -= 2; 561 break; 562 case SYS_wait4: 563 print_number(ip, narg, c); 564 print_number(ip, narg, c); 565 putchar(','); 566 wait4optname(*ip); 567 ip++; 568 narg--; 569 break; 570 case SYS_chmod: 571 case SYS_fchmod: 572 case SYS_lchmod: 573 print_number(ip, narg, c); 574 putchar(','); 575 modename(*ip); 576 ip++; 577 narg--; 578 break; 579 case SYS_mknod: 580 print_number(ip, narg, c); 581 putchar(','); 582 modename(*ip); 583 ip++; 584 narg--; 585 break; 586 case SYS_getfsstat: 587 print_number(ip, narg, c); 588 print_number(ip, narg, c); 589 putchar(','); 590 getfsstatflagsname(*ip); 591 ip++; 592 narg--; 593 break; 594 case SYS_mount: 595 print_number(ip, narg, c); 596 print_number(ip, narg, c); 597 putchar(','); 598 mountflagsname(*ip); 599 ip++; 600 narg--; 601 break; 602 case SYS_unmount: 603 print_number(ip, narg, c); 604 putchar(','); 605 mountflagsname(*ip); 606 ip++; 607 narg--; 608 break; 609 case SYS_recvmsg: 610 case SYS_sendmsg: 611 print_number(ip, narg, c); 612 print_number(ip, narg, c); 613 putchar(','); 614 sendrecvflagsname(*ip); 615 ip++; 616 narg--; 617 break; 618 case SYS_recvfrom: 619 case SYS_sendto: 620 print_number(ip, narg, c); 621 print_number(ip, narg, c); 622 print_number(ip, narg, c); 623 putchar(','); 624 sendrecvflagsname(*ip); 625 ip++; 626 narg--; 627 break; 628 case SYS_chflags: 629 case SYS_fchflags: 630 case SYS_lchflags: 631 print_number(ip, narg, c); 632 putchar(','); 633 modename(*ip); 634 ip++; 635 narg--; 636 break; 637 case SYS_kill: 638 print_number(ip, narg, c); 639 putchar(','); 640 signame(*ip); 641 ip++; 642 narg--; 643 break; 644 case SYS_reboot: 645 putchar('('); 646 rebootoptname(*ip); 647 ip++; 648 narg--; 649 break; 650 case SYS_umask: 651 putchar('('); 652 modename(*ip); 653 ip++; 654 narg--; 655 break; 656 case SYS_msync: 657 print_number(ip, narg, c); 658 print_number(ip, narg, c); 659 putchar(','); 660 msyncflagsname(*ip); 661 ip++; 662 narg--; 663 break; 664 #ifdef SYS_freebsd6_mmap 665 case SYS_freebsd6_mmap: 666 print_number(ip, narg, c); 667 print_number(ip, narg, c); 668 putchar(','); 669 mmapprotname(*ip); 670 putchar(','); 671 ip++; 672 narg--; 673 mmapflagsname(*ip); 674 ip++; 675 narg--; 676 break; 677 #endif 678 case SYS_mmap: 679 print_number(ip, narg, c); 680 print_number(ip, narg, c); 681 putchar(','); 682 mmapprotname(*ip); 683 putchar(','); 684 ip++; 685 narg--; 686 mmapflagsname(*ip); 687 ip++; 688 narg--; 689 break; 690 case SYS_mprotect: 691 print_number(ip, narg, c); 692 print_number(ip, narg, c); 693 putchar(','); 694 mmapprotname(*ip); 695 ip++; 696 narg--; 697 break; 698 case SYS_madvise: 699 print_number(ip, narg, c); 700 print_number(ip, narg, c); 701 putchar(','); 702 madvisebehavname(*ip); 703 ip++; 704 narg--; 705 break; 706 case SYS_setpriority: 707 print_number(ip, narg, c); 708 print_number(ip, narg, c); 709 putchar(','); 710 prioname(*ip); 711 ip++; 712 narg--; 713 break; 714 case SYS_fcntl: 715 print_number(ip, narg, c); 716 putchar(','); 717 fcntlcmdname(ip[0], ip[1], decimal); 718 ip += 2; 719 narg -= 2; 720 break; 721 case SYS_socket: { 722 int sockdomain; 723 putchar('('); 724 sockdomain = *ip; 725 sockdomainname(sockdomain); 726 ip++; 727 narg--; 728 putchar(','); 729 socktypename(*ip); 730 ip++; 731 narg--; 732 if (sockdomain == PF_INET || 733 sockdomain == PF_INET6) { 734 putchar(','); 735 sockipprotoname(*ip); 736 ip++; 737 narg--; 738 } 739 c = ','; 740 break; 741 } 742 case SYS_setsockopt: 743 case SYS_getsockopt: 744 print_number(ip, narg, c); 745 putchar(','); 746 sockoptlevelname(*ip, decimal); 747 if (*ip == SOL_SOCKET) { 748 ip++; 749 narg--; 750 putchar(','); 751 sockoptname(*ip); 752 } 753 ip++; 754 narg--; 755 break; 756 #ifdef SYS_freebsd6_lseek 757 case SYS_freebsd6_lseek: 758 print_number(ip, narg, c); 759 /* Hidden 'pad' argument, not in lseek(2) */ 760 print_number(ip, narg, c); 761 print_number(ip, narg, c); 762 putchar(','); 763 whencename(*ip); 764 ip++; 765 narg--; 766 break; 767 #endif 768 case SYS_lseek: 769 print_number(ip, narg, c); 770 /* Hidden 'pad' argument, not in lseek(2) */ 771 print_number(ip, narg, c); 772 putchar(','); 773 whencename(*ip); 774 ip++; 775 narg--; 776 break; 777 case SYS_flock: 778 print_number(ip, narg, c); 779 putchar(','); 780 flockname(*ip); 781 ip++; 782 narg--; 783 break; 784 case SYS_mkfifo: 785 case SYS_mkdir: 786 print_number(ip, narg, c); 787 putchar(','); 788 modename(*ip); 789 ip++; 790 narg--; 791 break; 792 case SYS_shutdown: 793 print_number(ip, narg, c); 794 putchar(','); 795 shutdownhowname(*ip); 796 ip++; 797 narg--; 798 break; 799 case SYS_socketpair: 800 putchar('('); 801 sockdomainname(*ip); 802 ip++; 803 narg--; 804 putchar(','); 805 socktypename(*ip); 806 ip++; 807 narg--; 808 c = ','; 809 break; 810 case SYS_getrlimit: 811 case SYS_setrlimit: 812 putchar('('); 813 rlimitname(*ip); 814 ip++; 815 narg--; 816 c = ','; 817 break; 818 case SYS_quotactl: 819 print_number(ip, narg, c); 820 putchar(','); 821 quotactlname(*ip); 822 ip++; 823 narg--; 824 c = ','; 825 break; 826 case SYS_nfssvc: 827 putchar('('); 828 nfssvcname(*ip); 829 ip++; 830 narg--; 831 c = ','; 832 break; 833 case SYS_rtprio: 834 putchar('('); 835 rtprioname(*ip); 836 ip++; 837 narg--; 838 c = ','; 839 break; 840 case SYS___semctl: 841 print_number(ip, narg, c); 842 print_number(ip, narg, c); 843 putchar(','); 844 semctlname(*ip); 845 ip++; 846 narg--; 847 break; 848 case SYS_semget: 849 print_number(ip, narg, c); 850 print_number(ip, narg, c); 851 putchar(','); 852 semgetname(*ip); 853 ip++; 854 narg--; 855 break; 856 case SYS_msgctl: 857 print_number(ip, narg, c); 858 putchar(','); 859 shmctlname(*ip); 860 ip++; 861 narg--; 862 break; 863 case SYS_shmat: 864 print_number(ip, narg, c); 865 print_number(ip, narg, c); 866 putchar(','); 867 shmatname(*ip); 868 ip++; 869 narg--; 870 break; 871 case SYS_shmctl: 872 print_number(ip, narg, c); 873 putchar(','); 874 shmctlname(*ip); 875 ip++; 876 narg--; 877 break; 878 case SYS_minherit: 879 print_number(ip, narg, c); 880 print_number(ip, narg, c); 881 putchar(','); 882 minheritname(*ip); 883 ip++; 884 narg--; 885 break; 886 case SYS_rfork: 887 putchar('('); 888 rforkname(*ip); 889 ip++; 890 narg--; 891 c = ','; 892 break; 893 case SYS_lio_listio: 894 putchar('('); 895 lio_listioname(*ip); 896 ip++; 897 narg--; 898 c = ','; 899 break; 900 case SYS_mlockall: 901 putchar('('); 902 mlockallname(*ip); 903 ip++; 904 narg--; 905 break; 906 case SYS_sched_setscheduler: 907 print_number(ip, narg, c); 908 putchar(','); 909 schedpolicyname(*ip); 910 ip++; 911 narg--; 912 break; 913 case SYS_sched_get_priority_max: 914 case SYS_sched_get_priority_min: 915 putchar('('); 916 schedpolicyname(*ip); 917 ip++; 918 narg--; 919 break; 920 case SYS_sendfile: 921 print_number(ip, narg, c); 922 print_number(ip, narg, c); 923 print_number(ip, narg, c); 924 print_number(ip, narg, c); 925 print_number(ip, narg, c); 926 print_number(ip, narg, c); 927 putchar(','); 928 sendfileflagsname(*ip); 929 ip++; 930 narg--; 931 break; 932 case SYS_kldsym: 933 print_number(ip, narg, c); 934 putchar(','); 935 kldsymcmdname(*ip); 936 ip++; 937 narg--; 938 break; 939 case SYS_sigprocmask: 940 putchar('('); 941 sigprocmaskhowname(*ip); 942 ip++; 943 narg--; 944 c = ','; 945 break; 946 case SYS___acl_get_file: 947 case SYS___acl_set_file: 948 case SYS___acl_get_fd: 949 case SYS___acl_set_fd: 950 case SYS___acl_delete_file: 951 case SYS___acl_delete_fd: 952 case SYS___acl_aclcheck_file: 953 case SYS___acl_aclcheck_fd: 954 case SYS___acl_get_link: 955 case SYS___acl_set_link: 956 case SYS___acl_delete_link: 957 case SYS___acl_aclcheck_link: 958 print_number(ip, narg, c); 959 putchar(','); 960 acltypename(*ip); 961 ip++; 962 narg--; 963 break; 964 case SYS_sigaction: 965 putchar('('); 966 signame(*ip); 967 ip++; 968 narg--; 969 c = ','; 970 break; 971 case SYS_extattrctl: 972 print_number(ip, narg, c); 973 putchar(','); 974 extattrctlname(*ip); 975 ip++; 976 narg--; 977 break; 978 case SYS_nmount: 979 print_number(ip, narg, c); 980 print_number(ip, narg, c); 981 putchar(','); 982 mountflagsname(*ip); 983 ip++; 984 narg--; 985 break; 986 case SYS_thr_create: 987 print_number(ip, narg, c); 988 print_number(ip, narg, c); 989 putchar(','); 990 thrcreateflagsname(*ip); 991 ip++; 992 narg--; 993 break; 994 case SYS_thr_kill: 995 print_number(ip, narg, c); 996 putchar(','); 997 signame(*ip); 998 ip++; 999 narg--; 1000 break; 1001 case SYS_kldunloadf: 1002 print_number(ip, narg, c); 1003 putchar(','); 1004 kldunloadfflagsname(*ip); 1005 ip++; 1006 narg--; 1007 break; 1008 case SYS_cap_new: 1009 print_number(ip, narg, c); 1010 putchar(','); 1011 arg = *ip; 1012 ip++; 1013 narg--; 1014 /* 1015 * Hack: the second argument is a 1016 * cap_rights_t, which 64 bits wide, so on 1017 * 32-bit systems, it is split between two 1018 * registers. 1019 * 1020 * Since sizeof() is not evaluated by the 1021 * preprocessor, we can't use an #ifdef, 1022 * but the compiler will probably optimize 1023 * the code out anyway. 1024 */ 1025 if (sizeof(cap_rights_t) > sizeof(register_t)) { 1026 #if _BYTE_ORDER == _LITTLE_ENDIAN 1027 arg = ((intmax_t)*ip << 32) + arg; 1028 #else 1029 arg = (arg << 32) + *ip; 1030 #endif 1031 ip++; 1032 narg--; 1033 } 1034 capname(arg); 1035 break; 1036 case SYS_posix_fadvise: 1037 print_number(ip, narg, c); 1038 print_number(ip, narg, c); 1039 print_number(ip, narg, c); 1040 (void)putchar(','); 1041 fadvisebehavname((int)*ip); 1042 ip++; 1043 narg--; 1044 break; 1045 } 1046 } 1047 while (narg > 0) { 1048 print_number(ip, narg, c); 1049 } 1050 putchar(')'); 1051 } 1052 putchar('\n'); 1053 } 1054 1055 void 1056 ktrsysret(struct ktr_sysret *ktr, u_int flags) 1057 { 1058 register_t ret = ktr->ktr_retval; 1059 int error = ktr->ktr_error; 1060 int code = ktr->ktr_code; 1061 1062 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 1063 (code >= nsyscalls || code < 0)) 1064 printf("[%d] ", code); 1065 else 1066 printf("%s ", syscallnames[code]); 1067 1068 if (error == 0) { 1069 if (fancy) { 1070 printf("%ld", (long)ret); 1071 if (ret < 0 || ret > 9) 1072 printf("/%#lx", (unsigned long)ret); 1073 } else { 1074 if (decimal) 1075 printf("%ld", (long)ret); 1076 else 1077 printf("%#lx", (unsigned long)ret); 1078 } 1079 } else if (error == ERESTART) 1080 printf("RESTART"); 1081 else if (error == EJUSTRETURN) 1082 printf("JUSTRETURN"); 1083 else { 1084 printf("-1 errno %d", ktr->ktr_error); 1085 if (fancy) 1086 printf(" %s", strerror(ktr->ktr_error)); 1087 } 1088 putchar('\n'); 1089 } 1090 1091 void 1092 ktrnamei(char *cp, int len) 1093 { 1094 printf("\"%.*s\"\n", len, cp); 1095 } 1096 1097 void 1098 hexdump(char *p, int len, int screenwidth) 1099 { 1100 int n, i; 1101 int width; 1102 1103 width = 0; 1104 do { 1105 width += 2; 1106 i = 13; /* base offset */ 1107 i += (width / 2) + 1; /* spaces every second byte */ 1108 i += (width * 2); /* width of bytes */ 1109 i += 3; /* " |" */ 1110 i += width; /* each byte */ 1111 i += 1; /* "|" */ 1112 } while (i < screenwidth); 1113 width -= 2; 1114 1115 for (n = 0; n < len; n += width) { 1116 for (i = n; i < n + width; i++) { 1117 if ((i % width) == 0) { /* beginning of line */ 1118 printf(" 0x%04x", i); 1119 } 1120 if ((i % 2) == 0) { 1121 printf(" "); 1122 } 1123 if (i < len) 1124 printf("%02x", p[i] & 0xff); 1125 else 1126 printf(" "); 1127 } 1128 printf(" |"); 1129 for (i = n; i < n + width; i++) { 1130 if (i >= len) 1131 break; 1132 if (p[i] >= ' ' && p[i] <= '~') 1133 printf("%c", p[i]); 1134 else 1135 printf("."); 1136 } 1137 printf("|\n"); 1138 } 1139 if ((i % width) != 0) 1140 printf("\n"); 1141 } 1142 1143 void 1144 visdump(char *dp, int datalen, int screenwidth) 1145 { 1146 int col = 0; 1147 char *cp; 1148 int width; 1149 char visbuf[5]; 1150 1151 printf(" \""); 1152 col = 8; 1153 for (;datalen > 0; datalen--, dp++) { 1154 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1155 cp = visbuf; 1156 /* 1157 * Keep track of printables and 1158 * space chars (like fold(1)). 1159 */ 1160 if (col == 0) { 1161 putchar('\t'); 1162 col = 8; 1163 } 1164 switch(*cp) { 1165 case '\n': 1166 col = 0; 1167 putchar('\n'); 1168 continue; 1169 case '\t': 1170 width = 8 - (col&07); 1171 break; 1172 default: 1173 width = strlen(cp); 1174 } 1175 if (col + width > (screenwidth-2)) { 1176 printf("\\\n\t"); 1177 col = 8; 1178 } 1179 col += width; 1180 do { 1181 putchar(*cp++); 1182 } while (*cp); 1183 } 1184 if (col == 0) 1185 printf(" "); 1186 printf("\"\n"); 1187 } 1188 1189 void 1190 ktrgenio(struct ktr_genio *ktr, int len) 1191 { 1192 int datalen = len - sizeof (struct ktr_genio); 1193 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1194 static int screenwidth = 0; 1195 int i, binary; 1196 1197 if (screenwidth == 0) { 1198 struct winsize ws; 1199 1200 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1201 ws.ws_col > 8) 1202 screenwidth = ws.ws_col; 1203 else 1204 screenwidth = 80; 1205 } 1206 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1207 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1208 datalen == 1 ? "" : "s"); 1209 if (suppressdata) 1210 return; 1211 if (maxdata && datalen > maxdata) 1212 datalen = maxdata; 1213 1214 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1215 if (dp[i] >= 32 && dp[i] < 127) 1216 continue; 1217 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1218 continue; 1219 binary = 1; 1220 } 1221 if (binary) 1222 hexdump(dp, datalen, screenwidth); 1223 else 1224 visdump(dp, datalen, screenwidth); 1225 } 1226 1227 const char *signames[] = { 1228 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1229 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1230 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1231 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1232 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1233 "USR2", NULL, /* 31 - 32 */ 1234 }; 1235 1236 void 1237 ktrpsig(struct ktr_psig *psig) 1238 { 1239 if (psig->signo > 0 && psig->signo < NSIG) 1240 printf("SIG%s ", signames[psig->signo]); 1241 else 1242 printf("SIG %d ", psig->signo); 1243 if (psig->action == SIG_DFL) 1244 printf("SIG_DFL code=0x%x\n", psig->code); 1245 else { 1246 printf("caught handler=0x%lx mask=0x%x code=0x%x\n", 1247 (u_long)psig->action, psig->mask.__bits[0], psig->code); 1248 } 1249 } 1250 1251 void 1252 ktrcsw_old(struct ktr_csw_old *cs) 1253 { 1254 printf("%s %s\n", cs->out ? "stop" : "resume", 1255 cs->user ? "user" : "kernel"); 1256 } 1257 1258 void 1259 ktrcsw(struct ktr_csw *cs) 1260 { 1261 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1262 cs->user ? "user" : "kernel", cs->wmesg); 1263 } 1264 1265 #define UTRACE_DLOPEN_START 1 1266 #define UTRACE_DLOPEN_STOP 2 1267 #define UTRACE_DLCLOSE_START 3 1268 #define UTRACE_DLCLOSE_STOP 4 1269 #define UTRACE_LOAD_OBJECT 5 1270 #define UTRACE_UNLOAD_OBJECT 6 1271 #define UTRACE_ADD_RUNDEP 7 1272 #define UTRACE_PRELOAD_FINISHED 8 1273 #define UTRACE_INIT_CALL 9 1274 #define UTRACE_FINI_CALL 10 1275 1276 struct utrace_rtld { 1277 char sig[4]; /* 'RTLD' */ 1278 int event; 1279 void *handle; 1280 void *mapbase; 1281 size_t mapsize; 1282 int refcnt; 1283 char name[MAXPATHLEN]; 1284 }; 1285 1286 void 1287 ktruser_rtld(int len, unsigned char *p) 1288 { 1289 struct utrace_rtld *ut = (struct utrace_rtld *)p; 1290 void *parent; 1291 int mode; 1292 1293 switch (ut->event) { 1294 case UTRACE_DLOPEN_START: 1295 mode = ut->refcnt; 1296 printf("dlopen(%s, ", ut->name); 1297 switch (mode & RTLD_MODEMASK) { 1298 case RTLD_NOW: 1299 printf("RTLD_NOW"); 1300 break; 1301 case RTLD_LAZY: 1302 printf("RTLD_LAZY"); 1303 break; 1304 default: 1305 printf("%#x", mode & RTLD_MODEMASK); 1306 } 1307 if (mode & RTLD_GLOBAL) 1308 printf(" | RTLD_GLOBAL"); 1309 if (mode & RTLD_TRACE) 1310 printf(" | RTLD_TRACE"); 1311 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)) 1312 printf(" | %#x", mode & 1313 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)); 1314 printf(")\n"); 1315 break; 1316 case UTRACE_DLOPEN_STOP: 1317 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name, 1318 ut->refcnt); 1319 break; 1320 case UTRACE_DLCLOSE_START: 1321 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name, 1322 ut->refcnt); 1323 break; 1324 case UTRACE_DLCLOSE_STOP: 1325 printf("dlclose(%p) finished\n", ut->handle); 1326 break; 1327 case UTRACE_LOAD_OBJECT: 1328 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle, 1329 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1330 ut->name); 1331 break; 1332 case UTRACE_UNLOAD_OBJECT: 1333 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle, 1334 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1335 ut->name); 1336 break; 1337 case UTRACE_ADD_RUNDEP: 1338 parent = ut->mapbase; 1339 printf("RTLD: %p now depends on %p (%s, %d)\n", parent, 1340 ut->handle, ut->name, ut->refcnt); 1341 break; 1342 case UTRACE_PRELOAD_FINISHED: 1343 printf("RTLD: LD_PRELOAD finished\n"); 1344 break; 1345 case UTRACE_INIT_CALL: 1346 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle, 1347 ut->name); 1348 break; 1349 case UTRACE_FINI_CALL: 1350 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle, 1351 ut->name); 1352 break; 1353 default: 1354 p += 4; 1355 len -= 4; 1356 printf("RTLD: %d ", len); 1357 while (len--) 1358 if (decimal) 1359 printf(" %d", *p++); 1360 else 1361 printf(" %02x", *p++); 1362 printf("\n"); 1363 } 1364 } 1365 1366 struct utrace_malloc { 1367 void *p; 1368 size_t s; 1369 void *r; 1370 }; 1371 1372 void 1373 ktruser_malloc(unsigned char *p) 1374 { 1375 struct utrace_malloc *ut = (struct utrace_malloc *)p; 1376 1377 if (ut->p == (void *)(intptr_t)(-1)) 1378 printf("malloc_init()\n"); 1379 else if (ut->s == 0) 1380 printf("free(%p)\n", ut->p); 1381 else if (ut->p == NULL) 1382 printf("%p = malloc(%zu)\n", ut->r, ut->s); 1383 else 1384 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s); 1385 } 1386 1387 void 1388 ktruser(int len, unsigned char *p) 1389 { 1390 1391 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) { 1392 ktruser_rtld(len, p); 1393 return; 1394 } 1395 1396 if (len == sizeof(struct utrace_malloc)) { 1397 ktruser_malloc(p); 1398 return; 1399 } 1400 1401 printf("%d ", len); 1402 while (len--) 1403 if (decimal) 1404 printf(" %d", *p++); 1405 else 1406 printf(" %02x", *p++); 1407 printf("\n"); 1408 } 1409 1410 void 1411 ktrsockaddr(struct sockaddr *sa) 1412 { 1413 /* 1414 TODO: Support additional address families 1415 #include <netnatm/natm.h> 1416 struct sockaddr_natm *natm; 1417 #include <netsmb/netbios.h> 1418 struct sockaddr_nb *nb; 1419 */ 1420 char addr[64]; 1421 1422 /* 1423 * note: ktrstruct() has already verified that sa points to a 1424 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1425 * sa->sa_len bytes long. 1426 */ 1427 printf("struct sockaddr { "); 1428 sockfamilyname(sa->sa_family); 1429 printf(", "); 1430 1431 #define check_sockaddr_len(n) \ 1432 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1433 printf("invalid"); \ 1434 break; \ 1435 } 1436 1437 switch(sa->sa_family) { 1438 case AF_INET: { 1439 struct sockaddr_in sa_in; 1440 1441 memset(&sa_in, 0, sizeof(sa_in)); 1442 memcpy(&sa_in, sa, sizeof(sa)); 1443 check_sockaddr_len(in); 1444 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1445 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1446 break; 1447 } 1448 #ifdef NETATALK 1449 case AF_APPLETALK: { 1450 struct sockaddr_at sa_at; 1451 struct netrange *nr; 1452 1453 memset(&sa_at, 0, sizeof(sa_at)); 1454 memcpy(&sa_at, sa, sizeof(sa)); 1455 check_sockaddr_len(at); 1456 nr = &sa_at.sat_range.r_netrange; 1457 printf("%d.%d, %d-%d, %d", ntohs(sa_at.sat_addr.s_net), 1458 sa_at.sat_addr.s_node, ntohs(nr->nr_firstnet), 1459 ntohs(nr->nr_lastnet), nr->nr_phase); 1460 break; 1461 } 1462 #endif 1463 case AF_INET6: { 1464 struct sockaddr_in6 sa_in6; 1465 1466 memset(&sa_in6, 0, sizeof(sa_in6)); 1467 memcpy(&sa_in6, sa, sizeof(sa)); 1468 check_sockaddr_len(in6); 1469 inet_ntop(AF_INET6, &sa_in6.sin6_addr, addr, sizeof addr); 1470 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1471 break; 1472 } 1473 #ifdef IPX 1474 case AF_IPX: { 1475 struct sockaddr_ipx sa_ipx; 1476 1477 memset(&sa_ipx, 0, sizeof(sa_ipx)); 1478 memcpy(&sa_ipx, sa, sizeof(sa)); 1479 check_sockaddr_len(ipx); 1480 /* XXX wish we had ipx_ntop */ 1481 printf("%s", ipx_ntoa(sa_ipx.sipx_addr)); 1482 free(sa_ipx); 1483 break; 1484 } 1485 #endif 1486 case AF_UNIX: { 1487 struct sockaddr_un sa_un; 1488 1489 memset(&sa_un, 0, sizeof(sa_un)); 1490 memcpy(&sa_un, sa, sizeof(sa)); 1491 check_sockaddr_len(un); 1492 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1493 break; 1494 } 1495 default: 1496 printf("unknown address family"); 1497 } 1498 printf(" }\n"); 1499 } 1500 1501 void 1502 ktrstat(struct stat *statp) 1503 { 1504 char mode[12], timestr[PATH_MAX + 4]; 1505 struct passwd *pwd; 1506 struct group *grp; 1507 struct tm *tm; 1508 1509 /* 1510 * note: ktrstruct() has already verified that statp points to a 1511 * buffer exactly sizeof(struct stat) bytes long. 1512 */ 1513 printf("struct stat {"); 1514 strmode(statp->st_mode, mode); 1515 printf("dev=%ju, ino=%ju, mode=%s, nlink=%ju, ", 1516 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino, mode, 1517 (uintmax_t)statp->st_nlink); 1518 if (resolv == 0 || (pwd = getpwuid(statp->st_uid)) == NULL) 1519 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1520 else 1521 printf("uid=\"%s\", ", pwd->pw_name); 1522 if (resolv == 0 || (grp = getgrgid(statp->st_gid)) == NULL) 1523 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1524 else 1525 printf("gid=\"%s\", ", grp->gr_name); 1526 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1527 printf("atime="); 1528 if (resolv == 0) 1529 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1530 else { 1531 tm = localtime(&statp->st_atim.tv_sec); 1532 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1533 printf("\"%s\"", timestr); 1534 } 1535 if (statp->st_atim.tv_nsec != 0) 1536 printf(".%09ld, ", statp->st_atim.tv_nsec); 1537 else 1538 printf(", "); 1539 printf("stime="); 1540 if (resolv == 0) 1541 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1542 else { 1543 tm = localtime(&statp->st_mtim.tv_sec); 1544 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1545 printf("\"%s\"", timestr); 1546 } 1547 if (statp->st_mtim.tv_nsec != 0) 1548 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1549 else 1550 printf(", "); 1551 printf("ctime="); 1552 if (resolv == 0) 1553 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1554 else { 1555 tm = localtime(&statp->st_ctim.tv_sec); 1556 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1557 printf("\"%s\"", timestr); 1558 } 1559 if (statp->st_ctim.tv_nsec != 0) 1560 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1561 else 1562 printf(", "); 1563 printf("birthtime="); 1564 if (resolv == 0) 1565 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1566 else { 1567 tm = localtime(&statp->st_birthtim.tv_sec); 1568 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1569 printf("\"%s\"", timestr); 1570 } 1571 if (statp->st_birthtim.tv_nsec != 0) 1572 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1573 else 1574 printf(", "); 1575 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1576 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1577 (intmax_t)statp->st_blocks, statp->st_flags); 1578 printf(" }\n"); 1579 } 1580 1581 void 1582 ktrstruct(char *buf, size_t buflen) 1583 { 1584 char *name, *data; 1585 size_t namelen, datalen; 1586 int i; 1587 struct stat sb; 1588 struct sockaddr_storage ss; 1589 1590 for (name = buf, namelen = 0; 1591 namelen < buflen && name[namelen] != '\0'; 1592 ++namelen) 1593 /* nothing */; 1594 if (namelen == buflen) 1595 goto invalid; 1596 if (name[namelen] != '\0') 1597 goto invalid; 1598 data = buf + namelen + 1; 1599 datalen = buflen - namelen - 1; 1600 if (datalen == 0) 1601 goto invalid; 1602 /* sanity check */ 1603 for (i = 0; i < (int)namelen; ++i) 1604 if (!isalpha(name[i])) 1605 goto invalid; 1606 if (strcmp(name, "stat") == 0) { 1607 if (datalen != sizeof(struct stat)) 1608 goto invalid; 1609 memcpy(&sb, data, datalen); 1610 ktrstat(&sb); 1611 } else if (strcmp(name, "sockaddr") == 0) { 1612 if (datalen > sizeof(ss)) 1613 goto invalid; 1614 memcpy(&ss, data, datalen); 1615 if (datalen < sizeof(struct sockaddr) || 1616 datalen != ss.ss_len) 1617 goto invalid; 1618 ktrsockaddr((struct sockaddr *)&ss); 1619 } else { 1620 printf("unknown structure\n"); 1621 } 1622 return; 1623 invalid: 1624 printf("invalid record\n"); 1625 } 1626 1627 void 1628 ktrcapfail(struct ktr_cap_fail *ktr) 1629 { 1630 switch (ktr->cap_type) { 1631 case CAPFAIL_NOTCAPABLE: 1632 /* operation on fd with insufficient capabilities */ 1633 printf("operation requires "); 1634 capname((intmax_t)ktr->cap_needed); 1635 printf(", process holds "); 1636 capname((intmax_t)ktr->cap_held); 1637 break; 1638 case CAPFAIL_INCREASE: 1639 /* requested more capabilities than fd already has */ 1640 printf("attempt to increase capabilities from "); 1641 capname((intmax_t)ktr->cap_held); 1642 printf(" to "); 1643 capname((intmax_t)ktr->cap_needed); 1644 break; 1645 case CAPFAIL_SYSCALL: 1646 /* called restricted syscall */ 1647 printf("disallowed system call"); 1648 break; 1649 case CAPFAIL_LOOKUP: 1650 /* used ".." in strict-relative mode */ 1651 printf("restricted VFS lookup"); 1652 break; 1653 default: 1654 printf("unknown capability failure: "); 1655 capname((intmax_t)ktr->cap_needed); 1656 printf(" "); 1657 capname((intmax_t)ktr->cap_held); 1658 break; 1659 } 1660 printf("\n"); 1661 } 1662 1663 void 1664 ktrfault(struct ktr_fault *ktr) 1665 { 1666 1667 printf("0x%jx ", ktr->vaddr); 1668 vmprotname(ktr->type); 1669 printf("\n"); 1670 } 1671 1672 void 1673 ktrfaultend(struct ktr_faultend *ktr) 1674 { 1675 1676 vmresultname(ktr->result); 1677 printf("\n"); 1678 } 1679 1680 #if defined(__amd64__) || defined(__i386__) 1681 void 1682 linux_ktrsyscall(struct ktr_syscall *ktr) 1683 { 1684 int narg = ktr->ktr_narg; 1685 register_t *ip; 1686 1687 if (ktr->ktr_code >= nlinux_syscalls || ktr->ktr_code < 0) 1688 printf("[%d]", ktr->ktr_code); 1689 else 1690 printf("%s", linux_syscallnames[ktr->ktr_code]); 1691 ip = &ktr->ktr_args[0]; 1692 if (narg) { 1693 char c = '('; 1694 while (narg > 0) 1695 print_number(ip, narg, c); 1696 putchar(')'); 1697 } 1698 putchar('\n'); 1699 } 1700 1701 void 1702 linux_ktrsysret(struct ktr_sysret *ktr) 1703 { 1704 register_t ret = ktr->ktr_retval; 1705 int error = ktr->ktr_error; 1706 int code = ktr->ktr_code; 1707 1708 if (code >= nlinux_syscalls || code < 0) 1709 printf("[%d] ", code); 1710 else 1711 printf("%s ", linux_syscallnames[code]); 1712 1713 if (error == 0) { 1714 if (fancy) { 1715 printf("%ld", (long)ret); 1716 if (ret < 0 || ret > 9) 1717 printf("/%#lx", (unsigned long)ret); 1718 } else { 1719 if (decimal) 1720 printf("%ld", (long)ret); 1721 else 1722 printf("%#lx", (unsigned long)ret); 1723 } 1724 } else if (error == ERESTART) 1725 printf("RESTART"); 1726 else if (error == EJUSTRETURN) 1727 printf("JUSTRETURN"); 1728 else { 1729 if (ktr->ktr_error <= ELAST + 1) 1730 error = abs(bsd_to_linux_errno[ktr->ktr_error]); 1731 else 1732 error = 999; 1733 printf("-1 errno %d", error); 1734 if (fancy) 1735 printf(" %s", strerror(ktr->ktr_error)); 1736 } 1737 putchar('\n'); 1738 } 1739 #endif 1740 1741 void 1742 usage(void) 1743 { 1744 fprintf(stderr, "usage: kdump [-dEnlHRrsTA] [-f trfile] " 1745 "[-m maxdata] [-p pid] [-t trstr]\n"); 1746 exit(1); 1747 } 1748