1 /*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #ifndef lint 31 static const char copyright[] = 32 "@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34 #endif /* not lint */ 35 36 #ifndef lint 37 #if 0 38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39 #endif 40 #endif /* not lint */ 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #define _KERNEL 45 extern int errno; 46 #include <sys/errno.h> 47 #undef _KERNEL 48 #include <sys/param.h> 49 #include <sys/errno.h> 50 #define _KERNEL 51 #include <sys/time.h> 52 #undef _KERNEL 53 #include <sys/uio.h> 54 #include <sys/ktrace.h> 55 #include <sys/ioctl.h> 56 #include <sys/socket.h> 57 #include <sys/stat.h> 58 #include <sys/sysent.h> 59 #include <sys/un.h> 60 #include <sys/queue.h> 61 #ifdef IPX 62 #include <sys/types.h> 63 #include <netipx/ipx.h> 64 #endif 65 #ifdef NETATALK 66 #include <netatalk/at.h> 67 #endif 68 #include <arpa/inet.h> 69 #include <netinet/in.h> 70 #include <ctype.h> 71 #include <dlfcn.h> 72 #include <err.h> 73 #include <grp.h> 74 #include <inttypes.h> 75 #include <locale.h> 76 #include <pwd.h> 77 #include <stdio.h> 78 #include <stdlib.h> 79 #include <string.h> 80 #include <time.h> 81 #include <unistd.h> 82 #include <vis.h> 83 #include "ktrace.h" 84 #include "kdump_subr.h" 85 86 u_int abidump(struct ktr_header *); 87 int fetchprocinfo(struct ktr_header *, u_int *); 88 int fread_tail(void *, int, int); 89 void dumpheader(struct ktr_header *); 90 void ktrsyscall(struct ktr_syscall *, u_int); 91 void ktrsysret(struct ktr_sysret *, u_int); 92 void ktrnamei(char *, int); 93 void hexdump(char *, int, int); 94 void visdump(char *, int, int); 95 void ktrgenio(struct ktr_genio *, int); 96 void ktrpsig(struct ktr_psig *); 97 void ktrcsw(struct ktr_csw *); 98 void ktrcsw_old(struct ktr_csw_old *); 99 void ktruser_malloc(unsigned char *); 100 void ktruser_rtld(int, unsigned char *); 101 void ktruser(int, unsigned char *); 102 void ktrsockaddr(struct sockaddr *); 103 void ktrstat(struct stat *); 104 void ktrstruct(char *, size_t); 105 void ktrcapfail(struct ktr_cap_fail *); 106 void ktrfault(struct ktr_fault *); 107 void ktrfaultend(struct ktr_faultend *); 108 void usage(void); 109 void ioctlname(unsigned long, int); 110 111 int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 112 resolv = 0, abiflag = 0; 113 const char *tracefile = DEF_TRACEFILE; 114 struct ktr_header ktr_header; 115 116 #define TIME_FORMAT "%b %e %T %Y" 117 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 118 119 #define print_number(i,n,c) do { \ 120 if (decimal) \ 121 printf("%c%jd", c, (intmax_t)*i); \ 122 else \ 123 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 124 i++; \ 125 n--; \ 126 c = ','; \ 127 } while (0) 128 129 #if defined(__amd64__) || defined(__i386__) 130 131 void linux_ktrsyscall(struct ktr_syscall *); 132 void linux_ktrsysret(struct ktr_sysret *); 133 extern char *linux_syscallnames[]; 134 extern int nlinux_syscalls; 135 136 /* 137 * from linux.h 138 * Linux syscalls return negative errno's, we do positive and map them 139 */ 140 static int bsd_to_linux_errno[ELAST + 1] = { 141 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9, 142 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19, 143 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29, 144 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89, 145 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99, 146 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109, 147 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122, 148 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9, 149 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74, 150 -72, -67, -71 151 }; 152 #endif 153 154 struct proc_info 155 { 156 TAILQ_ENTRY(proc_info) info; 157 u_int sv_flags; 158 pid_t pid; 159 }; 160 161 TAILQ_HEAD(trace_procs, proc_info) trace_procs; 162 163 int 164 main(int argc, char *argv[]) 165 { 166 int ch, ktrlen, size; 167 void *m; 168 int trpoints = ALL_POINTS; 169 int drop_logged; 170 pid_t pid = 0; 171 u_int sv_flags; 172 173 setlocale(LC_CTYPE, ""); 174 175 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrsTt:")) != -1) 176 switch (ch) { 177 case 'A': 178 abiflag = 1; 179 break; 180 case 'f': 181 tracefile = optarg; 182 break; 183 case 'd': 184 decimal = 1; 185 break; 186 case 'l': 187 tail = 1; 188 break; 189 case 'm': 190 maxdata = atoi(optarg); 191 break; 192 case 'n': 193 fancy = 0; 194 break; 195 case 'p': 196 pid = atoi(optarg); 197 break; 198 case 'r': 199 resolv = 1; 200 break; 201 case 's': 202 suppressdata = 1; 203 break; 204 case 'E': 205 timestamp = 3; /* elapsed timestamp */ 206 break; 207 case 'H': 208 threads = 1; 209 break; 210 case 'R': 211 timestamp = 2; /* relative timestamp */ 212 break; 213 case 'T': 214 timestamp = 1; 215 break; 216 case 't': 217 trpoints = getpoints(optarg); 218 if (trpoints < 0) 219 errx(1, "unknown trace point in %s", optarg); 220 break; 221 default: 222 usage(); 223 } 224 225 if (argc > optind) 226 usage(); 227 228 m = malloc(size = 1025); 229 if (m == NULL) 230 errx(1, "%s", strerror(ENOMEM)); 231 if (!freopen(tracefile, "r", stdin)) 232 err(1, "%s", tracefile); 233 TAILQ_INIT(&trace_procs); 234 drop_logged = 0; 235 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 236 if (ktr_header.ktr_type & KTR_DROP) { 237 ktr_header.ktr_type &= ~KTR_DROP; 238 if (!drop_logged && threads) { 239 printf( 240 "%6jd %6jd %-8.*s Events dropped.\n", 241 (intmax_t)ktr_header.ktr_pid, 242 ktr_header.ktr_tid > 0 ? 243 (intmax_t)ktr_header.ktr_tid : 0, 244 MAXCOMLEN, ktr_header.ktr_comm); 245 drop_logged = 1; 246 } else if (!drop_logged) { 247 printf("%6jd %-8.*s Events dropped.\n", 248 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 249 ktr_header.ktr_comm); 250 drop_logged = 1; 251 } 252 } 253 if (trpoints & (1<<ktr_header.ktr_type)) 254 if (pid == 0 || ktr_header.ktr_pid == pid || 255 ktr_header.ktr_tid == pid) 256 dumpheader(&ktr_header); 257 if ((ktrlen = ktr_header.ktr_len) < 0) 258 errx(1, "bogus length 0x%x", ktrlen); 259 if (ktrlen > size) { 260 m = realloc(m, ktrlen+1); 261 if (m == NULL) 262 errx(1, "%s", strerror(ENOMEM)); 263 size = ktrlen; 264 } 265 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 266 errx(1, "data too short"); 267 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 268 continue; 269 sv_flags = abidump(&ktr_header); 270 if (pid && ktr_header.ktr_pid != pid && 271 ktr_header.ktr_tid != pid) 272 continue; 273 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 274 continue; 275 drop_logged = 0; 276 switch (ktr_header.ktr_type) { 277 case KTR_SYSCALL: 278 #if defined(__amd64__) || defined(__i386__) 279 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 280 linux_ktrsyscall((struct ktr_syscall *)m); 281 else 282 #endif 283 ktrsyscall((struct ktr_syscall *)m, sv_flags); 284 break; 285 case KTR_SYSRET: 286 #if defined(__amd64__) || defined(__i386__) 287 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 288 linux_ktrsysret((struct ktr_sysret *)m); 289 else 290 #endif 291 ktrsysret((struct ktr_sysret *)m, sv_flags); 292 break; 293 case KTR_NAMEI: 294 case KTR_SYSCTL: 295 ktrnamei(m, ktrlen); 296 break; 297 case KTR_GENIO: 298 ktrgenio((struct ktr_genio *)m, ktrlen); 299 break; 300 case KTR_PSIG: 301 ktrpsig((struct ktr_psig *)m); 302 break; 303 case KTR_CSW: 304 if (ktrlen == sizeof(struct ktr_csw_old)) 305 ktrcsw_old((struct ktr_csw_old *)m); 306 else 307 ktrcsw((struct ktr_csw *)m); 308 break; 309 case KTR_USER: 310 ktruser(ktrlen, m); 311 break; 312 case KTR_STRUCT: 313 ktrstruct(m, ktrlen); 314 break; 315 case KTR_CAPFAIL: 316 ktrcapfail((struct ktr_cap_fail *)m); 317 break; 318 case KTR_FAULT: 319 ktrfault((struct ktr_fault *)m); 320 break; 321 case KTR_FAULTEND: 322 ktrfaultend((struct ktr_faultend *)m); 323 break; 324 default: 325 printf("\n"); 326 break; 327 } 328 if (tail) 329 fflush(stdout); 330 } 331 return 0; 332 } 333 334 int 335 fread_tail(void *buf, int size, int num) 336 { 337 int i; 338 339 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 340 sleep(1); 341 clearerr(stdin); 342 } 343 return (i); 344 } 345 346 int 347 fetchprocinfo(struct ktr_header *kth, u_int *flags) 348 { 349 struct proc_info *pi; 350 351 switch (kth->ktr_type) { 352 case KTR_PROCCTOR: 353 TAILQ_FOREACH(pi, &trace_procs, info) { 354 if (pi->pid == kth->ktr_pid) { 355 TAILQ_REMOVE(&trace_procs, pi, info); 356 break; 357 } 358 } 359 pi = malloc(sizeof(struct proc_info)); 360 if (pi == NULL) 361 errx(1, "%s", strerror(ENOMEM)); 362 pi->sv_flags = *flags; 363 pi->pid = kth->ktr_pid; 364 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 365 return (1); 366 367 case KTR_PROCDTOR: 368 TAILQ_FOREACH(pi, &trace_procs, info) { 369 if (pi->pid == kth->ktr_pid) { 370 TAILQ_REMOVE(&trace_procs, pi, info); 371 free(pi); 372 break; 373 } 374 } 375 return (1); 376 } 377 378 return (0); 379 } 380 381 u_int 382 abidump(struct ktr_header *kth) 383 { 384 struct proc_info *pi; 385 const char *abi; 386 const char *arch; 387 u_int flags = 0; 388 389 TAILQ_FOREACH(pi, &trace_procs, info) { 390 if (pi->pid == kth->ktr_pid) { 391 flags = pi->sv_flags; 392 break; 393 } 394 } 395 396 if (abiflag == 0) 397 return (flags); 398 399 switch (flags & SV_ABI_MASK) { 400 case SV_ABI_LINUX: 401 abi = "L"; 402 break; 403 case SV_ABI_FREEBSD: 404 abi = "F"; 405 break; 406 default: 407 abi = "U"; 408 break; 409 } 410 411 if (flags != 0) { 412 if (flags & SV_LP64) 413 arch = "64"; 414 else 415 arch = "32"; 416 } else 417 arch = "00"; 418 419 printf("%s%s ", abi, arch); 420 421 return (flags); 422 } 423 424 void 425 dumpheader(struct ktr_header *kth) 426 { 427 static char unknown[64]; 428 static struct timeval prevtime, temp; 429 const char *type; 430 431 switch (kth->ktr_type) { 432 case KTR_SYSCALL: 433 type = "CALL"; 434 break; 435 case KTR_SYSRET: 436 type = "RET "; 437 break; 438 case KTR_NAMEI: 439 type = "NAMI"; 440 break; 441 case KTR_GENIO: 442 type = "GIO "; 443 break; 444 case KTR_PSIG: 445 type = "PSIG"; 446 break; 447 case KTR_CSW: 448 type = "CSW "; 449 break; 450 case KTR_USER: 451 type = "USER"; 452 break; 453 case KTR_STRUCT: 454 type = "STRU"; 455 break; 456 case KTR_SYSCTL: 457 type = "SCTL"; 458 break; 459 case KTR_PROCCTOR: 460 /* FALLTHROUGH */ 461 case KTR_PROCDTOR: 462 return; 463 case KTR_CAPFAIL: 464 type = "CAP "; 465 break; 466 case KTR_FAULT: 467 type = "PFLT"; 468 break; 469 case KTR_FAULTEND: 470 type = "PRET"; 471 break; 472 default: 473 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 474 type = unknown; 475 } 476 477 /* 478 * The ktr_tid field was previously the ktr_buffer field, which held 479 * the kernel pointer value for the buffer associated with data 480 * following the record header. It now holds a threadid, but only 481 * for trace files after the change. Older trace files still contain 482 * kernel pointers. Detect this and suppress the results by printing 483 * negative tid's as 0. 484 */ 485 if (threads) 486 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 487 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 488 MAXCOMLEN, kth->ktr_comm); 489 else 490 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 491 kth->ktr_comm); 492 if (timestamp) { 493 if (timestamp == 3) { 494 if (prevtime.tv_sec == 0) 495 prevtime = kth->ktr_time; 496 timevalsub(&kth->ktr_time, &prevtime); 497 } 498 if (timestamp == 2) { 499 temp = kth->ktr_time; 500 timevalsub(&kth->ktr_time, &prevtime); 501 prevtime = temp; 502 } 503 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 504 kth->ktr_time.tv_usec); 505 } 506 printf("%s ", type); 507 } 508 509 #include <sys/syscall.h> 510 #define KTRACE 511 #include <sys/kern/syscalls.c> 512 #undef KTRACE 513 int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]); 514 515 void 516 ktrsyscall(struct ktr_syscall *ktr, u_int flags) 517 { 518 int narg = ktr->ktr_narg; 519 register_t *ip; 520 intmax_t arg; 521 522 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 523 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0)) 524 printf("[%d]", ktr->ktr_code); 525 else 526 printf("%s", syscallnames[ktr->ktr_code]); 527 ip = &ktr->ktr_args[0]; 528 if (narg) { 529 char c = '('; 530 if (fancy && 531 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 532 switch (ktr->ktr_code) { 533 case SYS_ioctl: { 534 print_number(ip, narg, c); 535 putchar(c); 536 ioctlname(*ip, decimal); 537 c = ','; 538 ip++; 539 narg--; 540 break; 541 } 542 case SYS_ptrace: 543 putchar('('); 544 ptraceopname(*ip); 545 c = ','; 546 ip++; 547 narg--; 548 break; 549 case SYS_access: 550 case SYS_eaccess: 551 print_number(ip, narg, c); 552 putchar(','); 553 accessmodename(*ip); 554 ip++; 555 narg--; 556 break; 557 case SYS_open: 558 print_number(ip, narg, c); 559 putchar(','); 560 flagsandmodename(ip[0], ip[1], decimal); 561 ip += 2; 562 narg -= 2; 563 break; 564 case SYS_wait4: 565 print_number(ip, narg, c); 566 print_number(ip, narg, c); 567 putchar(','); 568 wait4optname(*ip); 569 ip++; 570 narg--; 571 break; 572 case SYS_chmod: 573 case SYS_fchmod: 574 case SYS_lchmod: 575 print_number(ip, narg, c); 576 putchar(','); 577 modename(*ip); 578 ip++; 579 narg--; 580 break; 581 case SYS_mknod: 582 print_number(ip, narg, c); 583 putchar(','); 584 modename(*ip); 585 ip++; 586 narg--; 587 break; 588 case SYS_getfsstat: 589 print_number(ip, narg, c); 590 print_number(ip, narg, c); 591 putchar(','); 592 getfsstatflagsname(*ip); 593 ip++; 594 narg--; 595 break; 596 case SYS_mount: 597 print_number(ip, narg, c); 598 print_number(ip, narg, c); 599 putchar(','); 600 mountflagsname(*ip); 601 ip++; 602 narg--; 603 break; 604 case SYS_unmount: 605 print_number(ip, narg, c); 606 putchar(','); 607 mountflagsname(*ip); 608 ip++; 609 narg--; 610 break; 611 case SYS_recvmsg: 612 case SYS_sendmsg: 613 print_number(ip, narg, c); 614 print_number(ip, narg, c); 615 putchar(','); 616 sendrecvflagsname(*ip); 617 ip++; 618 narg--; 619 break; 620 case SYS_recvfrom: 621 case SYS_sendto: 622 print_number(ip, narg, c); 623 print_number(ip, narg, c); 624 print_number(ip, narg, c); 625 putchar(','); 626 sendrecvflagsname(*ip); 627 ip++; 628 narg--; 629 break; 630 case SYS_chflags: 631 case SYS_fchflags: 632 case SYS_lchflags: 633 print_number(ip, narg, c); 634 putchar(','); 635 modename(*ip); 636 ip++; 637 narg--; 638 break; 639 case SYS_kill: 640 print_number(ip, narg, c); 641 putchar(','); 642 signame(*ip); 643 ip++; 644 narg--; 645 break; 646 case SYS_reboot: 647 putchar('('); 648 rebootoptname(*ip); 649 ip++; 650 narg--; 651 break; 652 case SYS_umask: 653 putchar('('); 654 modename(*ip); 655 ip++; 656 narg--; 657 break; 658 case SYS_msync: 659 print_number(ip, narg, c); 660 print_number(ip, narg, c); 661 putchar(','); 662 msyncflagsname(*ip); 663 ip++; 664 narg--; 665 break; 666 #ifdef SYS_freebsd6_mmap 667 case SYS_freebsd6_mmap: 668 print_number(ip, narg, c); 669 print_number(ip, narg, c); 670 putchar(','); 671 mmapprotname(*ip); 672 putchar(','); 673 ip++; 674 narg--; 675 mmapflagsname(*ip); 676 ip++; 677 narg--; 678 break; 679 #endif 680 case SYS_mmap: 681 print_number(ip, narg, c); 682 print_number(ip, narg, c); 683 putchar(','); 684 mmapprotname(*ip); 685 putchar(','); 686 ip++; 687 narg--; 688 mmapflagsname(*ip); 689 ip++; 690 narg--; 691 break; 692 case SYS_mprotect: 693 print_number(ip, narg, c); 694 print_number(ip, narg, c); 695 putchar(','); 696 mmapprotname(*ip); 697 ip++; 698 narg--; 699 break; 700 case SYS_madvise: 701 print_number(ip, narg, c); 702 print_number(ip, narg, c); 703 putchar(','); 704 madvisebehavname(*ip); 705 ip++; 706 narg--; 707 break; 708 case SYS_setpriority: 709 print_number(ip, narg, c); 710 print_number(ip, narg, c); 711 putchar(','); 712 prioname(*ip); 713 ip++; 714 narg--; 715 break; 716 case SYS_fcntl: 717 print_number(ip, narg, c); 718 putchar(','); 719 fcntlcmdname(ip[0], ip[1], decimal); 720 ip += 2; 721 narg -= 2; 722 break; 723 case SYS_socket: { 724 int sockdomain; 725 putchar('('); 726 sockdomain = *ip; 727 sockdomainname(sockdomain); 728 ip++; 729 narg--; 730 putchar(','); 731 socktypename(*ip); 732 ip++; 733 narg--; 734 if (sockdomain == PF_INET || 735 sockdomain == PF_INET6) { 736 putchar(','); 737 sockipprotoname(*ip); 738 ip++; 739 narg--; 740 } 741 c = ','; 742 break; 743 } 744 case SYS_setsockopt: 745 case SYS_getsockopt: 746 print_number(ip, narg, c); 747 putchar(','); 748 sockoptlevelname(*ip, decimal); 749 if (*ip == SOL_SOCKET) { 750 ip++; 751 narg--; 752 putchar(','); 753 sockoptname(*ip); 754 } 755 ip++; 756 narg--; 757 break; 758 #ifdef SYS_freebsd6_lseek 759 case SYS_freebsd6_lseek: 760 print_number(ip, narg, c); 761 /* Hidden 'pad' argument, not in lseek(2) */ 762 print_number(ip, narg, c); 763 print_number(ip, narg, c); 764 putchar(','); 765 whencename(*ip); 766 ip++; 767 narg--; 768 break; 769 #endif 770 case SYS_lseek: 771 print_number(ip, narg, c); 772 /* Hidden 'pad' argument, not in lseek(2) */ 773 print_number(ip, narg, c); 774 putchar(','); 775 whencename(*ip); 776 ip++; 777 narg--; 778 break; 779 case SYS_flock: 780 print_number(ip, narg, c); 781 putchar(','); 782 flockname(*ip); 783 ip++; 784 narg--; 785 break; 786 case SYS_mkfifo: 787 case SYS_mkdir: 788 print_number(ip, narg, c); 789 putchar(','); 790 modename(*ip); 791 ip++; 792 narg--; 793 break; 794 case SYS_shutdown: 795 print_number(ip, narg, c); 796 putchar(','); 797 shutdownhowname(*ip); 798 ip++; 799 narg--; 800 break; 801 case SYS_socketpair: 802 putchar('('); 803 sockdomainname(*ip); 804 ip++; 805 narg--; 806 putchar(','); 807 socktypename(*ip); 808 ip++; 809 narg--; 810 c = ','; 811 break; 812 case SYS_getrlimit: 813 case SYS_setrlimit: 814 putchar('('); 815 rlimitname(*ip); 816 ip++; 817 narg--; 818 c = ','; 819 break; 820 case SYS_quotactl: 821 print_number(ip, narg, c); 822 putchar(','); 823 quotactlname(*ip); 824 ip++; 825 narg--; 826 c = ','; 827 break; 828 case SYS_nfssvc: 829 putchar('('); 830 nfssvcname(*ip); 831 ip++; 832 narg--; 833 c = ','; 834 break; 835 case SYS_rtprio: 836 putchar('('); 837 rtprioname(*ip); 838 ip++; 839 narg--; 840 c = ','; 841 break; 842 case SYS___semctl: 843 print_number(ip, narg, c); 844 print_number(ip, narg, c); 845 putchar(','); 846 semctlname(*ip); 847 ip++; 848 narg--; 849 break; 850 case SYS_semget: 851 print_number(ip, narg, c); 852 print_number(ip, narg, c); 853 putchar(','); 854 semgetname(*ip); 855 ip++; 856 narg--; 857 break; 858 case SYS_msgctl: 859 print_number(ip, narg, c); 860 putchar(','); 861 shmctlname(*ip); 862 ip++; 863 narg--; 864 break; 865 case SYS_shmat: 866 print_number(ip, narg, c); 867 print_number(ip, narg, c); 868 putchar(','); 869 shmatname(*ip); 870 ip++; 871 narg--; 872 break; 873 case SYS_shmctl: 874 print_number(ip, narg, c); 875 putchar(','); 876 shmctlname(*ip); 877 ip++; 878 narg--; 879 break; 880 case SYS_minherit: 881 print_number(ip, narg, c); 882 print_number(ip, narg, c); 883 putchar(','); 884 minheritname(*ip); 885 ip++; 886 narg--; 887 break; 888 case SYS_rfork: 889 putchar('('); 890 rforkname(*ip); 891 ip++; 892 narg--; 893 c = ','; 894 break; 895 case SYS_lio_listio: 896 putchar('('); 897 lio_listioname(*ip); 898 ip++; 899 narg--; 900 c = ','; 901 break; 902 case SYS_mlockall: 903 putchar('('); 904 mlockallname(*ip); 905 ip++; 906 narg--; 907 break; 908 case SYS_sched_setscheduler: 909 print_number(ip, narg, c); 910 putchar(','); 911 schedpolicyname(*ip); 912 ip++; 913 narg--; 914 break; 915 case SYS_sched_get_priority_max: 916 case SYS_sched_get_priority_min: 917 putchar('('); 918 schedpolicyname(*ip); 919 ip++; 920 narg--; 921 break; 922 case SYS_sendfile: 923 print_number(ip, narg, c); 924 print_number(ip, narg, c); 925 print_number(ip, narg, c); 926 print_number(ip, narg, c); 927 print_number(ip, narg, c); 928 print_number(ip, narg, c); 929 putchar(','); 930 sendfileflagsname(*ip); 931 ip++; 932 narg--; 933 break; 934 case SYS_kldsym: 935 print_number(ip, narg, c); 936 putchar(','); 937 kldsymcmdname(*ip); 938 ip++; 939 narg--; 940 break; 941 case SYS_sigprocmask: 942 putchar('('); 943 sigprocmaskhowname(*ip); 944 ip++; 945 narg--; 946 c = ','; 947 break; 948 case SYS___acl_get_file: 949 case SYS___acl_set_file: 950 case SYS___acl_get_fd: 951 case SYS___acl_set_fd: 952 case SYS___acl_delete_file: 953 case SYS___acl_delete_fd: 954 case SYS___acl_aclcheck_file: 955 case SYS___acl_aclcheck_fd: 956 case SYS___acl_get_link: 957 case SYS___acl_set_link: 958 case SYS___acl_delete_link: 959 case SYS___acl_aclcheck_link: 960 print_number(ip, narg, c); 961 putchar(','); 962 acltypename(*ip); 963 ip++; 964 narg--; 965 break; 966 case SYS_sigaction: 967 putchar('('); 968 signame(*ip); 969 ip++; 970 narg--; 971 c = ','; 972 break; 973 case SYS_extattrctl: 974 print_number(ip, narg, c); 975 putchar(','); 976 extattrctlname(*ip); 977 ip++; 978 narg--; 979 break; 980 case SYS_nmount: 981 print_number(ip, narg, c); 982 print_number(ip, narg, c); 983 putchar(','); 984 mountflagsname(*ip); 985 ip++; 986 narg--; 987 break; 988 case SYS_thr_create: 989 print_number(ip, narg, c); 990 print_number(ip, narg, c); 991 putchar(','); 992 thrcreateflagsname(*ip); 993 ip++; 994 narg--; 995 break; 996 case SYS_thr_kill: 997 print_number(ip, narg, c); 998 putchar(','); 999 signame(*ip); 1000 ip++; 1001 narg--; 1002 break; 1003 case SYS_kldunloadf: 1004 print_number(ip, narg, c); 1005 putchar(','); 1006 kldunloadfflagsname(*ip); 1007 ip++; 1008 narg--; 1009 break; 1010 case SYS_cap_new: 1011 case SYS_cap_rights_limit: 1012 print_number(ip, narg, c); 1013 putchar(','); 1014 arg = *ip; 1015 ip++; 1016 narg--; 1017 /* 1018 * Hack: the second argument is a 1019 * cap_rights_t, which 64 bits wide, so on 1020 * 32-bit systems, it is split between two 1021 * registers. 1022 * 1023 * Since sizeof() is not evaluated by the 1024 * preprocessor, we can't use an #ifdef, 1025 * but the compiler will probably optimize 1026 * the code out anyway. 1027 */ 1028 if (sizeof(cap_rights_t) > sizeof(register_t)) { 1029 #if _BYTE_ORDER == _LITTLE_ENDIAN 1030 arg = ((intmax_t)*ip << 32) + arg; 1031 #else 1032 arg = (arg << 32) + *ip; 1033 #endif 1034 ip++; 1035 narg--; 1036 } 1037 capname(arg); 1038 break; 1039 case SYS_cap_fcntls_limit: 1040 print_number(ip, narg, c); 1041 putchar(','); 1042 arg = *ip; 1043 ip++; 1044 narg--; 1045 capfcntlname(arg); 1046 break; 1047 case SYS_posix_fadvise: 1048 print_number(ip, narg, c); 1049 print_number(ip, narg, c); 1050 print_number(ip, narg, c); 1051 (void)putchar(','); 1052 fadvisebehavname((int)*ip); 1053 ip++; 1054 narg--; 1055 break; 1056 } 1057 } 1058 while (narg > 0) { 1059 print_number(ip, narg, c); 1060 } 1061 putchar(')'); 1062 } 1063 putchar('\n'); 1064 } 1065 1066 void 1067 ktrsysret(struct ktr_sysret *ktr, u_int flags) 1068 { 1069 register_t ret = ktr->ktr_retval; 1070 int error = ktr->ktr_error; 1071 int code = ktr->ktr_code; 1072 1073 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 1074 (code >= nsyscalls || code < 0)) 1075 printf("[%d] ", code); 1076 else 1077 printf("%s ", syscallnames[code]); 1078 1079 if (error == 0) { 1080 if (fancy) { 1081 printf("%ld", (long)ret); 1082 if (ret < 0 || ret > 9) 1083 printf("/%#lx", (unsigned long)ret); 1084 } else { 1085 if (decimal) 1086 printf("%ld", (long)ret); 1087 else 1088 printf("%#lx", (unsigned long)ret); 1089 } 1090 } else if (error == ERESTART) 1091 printf("RESTART"); 1092 else if (error == EJUSTRETURN) 1093 printf("JUSTRETURN"); 1094 else { 1095 printf("-1 errno %d", ktr->ktr_error); 1096 if (fancy) 1097 printf(" %s", strerror(ktr->ktr_error)); 1098 } 1099 putchar('\n'); 1100 } 1101 1102 void 1103 ktrnamei(char *cp, int len) 1104 { 1105 printf("\"%.*s\"\n", len, cp); 1106 } 1107 1108 void 1109 hexdump(char *p, int len, int screenwidth) 1110 { 1111 int n, i; 1112 int width; 1113 1114 width = 0; 1115 do { 1116 width += 2; 1117 i = 13; /* base offset */ 1118 i += (width / 2) + 1; /* spaces every second byte */ 1119 i += (width * 2); /* width of bytes */ 1120 i += 3; /* " |" */ 1121 i += width; /* each byte */ 1122 i += 1; /* "|" */ 1123 } while (i < screenwidth); 1124 width -= 2; 1125 1126 for (n = 0; n < len; n += width) { 1127 for (i = n; i < n + width; i++) { 1128 if ((i % width) == 0) { /* beginning of line */ 1129 printf(" 0x%04x", i); 1130 } 1131 if ((i % 2) == 0) { 1132 printf(" "); 1133 } 1134 if (i < len) 1135 printf("%02x", p[i] & 0xff); 1136 else 1137 printf(" "); 1138 } 1139 printf(" |"); 1140 for (i = n; i < n + width; i++) { 1141 if (i >= len) 1142 break; 1143 if (p[i] >= ' ' && p[i] <= '~') 1144 printf("%c", p[i]); 1145 else 1146 printf("."); 1147 } 1148 printf("|\n"); 1149 } 1150 if ((i % width) != 0) 1151 printf("\n"); 1152 } 1153 1154 void 1155 visdump(char *dp, int datalen, int screenwidth) 1156 { 1157 int col = 0; 1158 char *cp; 1159 int width; 1160 char visbuf[5]; 1161 1162 printf(" \""); 1163 col = 8; 1164 for (;datalen > 0; datalen--, dp++) { 1165 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1166 cp = visbuf; 1167 /* 1168 * Keep track of printables and 1169 * space chars (like fold(1)). 1170 */ 1171 if (col == 0) { 1172 putchar('\t'); 1173 col = 8; 1174 } 1175 switch(*cp) { 1176 case '\n': 1177 col = 0; 1178 putchar('\n'); 1179 continue; 1180 case '\t': 1181 width = 8 - (col&07); 1182 break; 1183 default: 1184 width = strlen(cp); 1185 } 1186 if (col + width > (screenwidth-2)) { 1187 printf("\\\n\t"); 1188 col = 8; 1189 } 1190 col += width; 1191 do { 1192 putchar(*cp++); 1193 } while (*cp); 1194 } 1195 if (col == 0) 1196 printf(" "); 1197 printf("\"\n"); 1198 } 1199 1200 void 1201 ktrgenio(struct ktr_genio *ktr, int len) 1202 { 1203 int datalen = len - sizeof (struct ktr_genio); 1204 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1205 static int screenwidth = 0; 1206 int i, binary; 1207 1208 if (screenwidth == 0) { 1209 struct winsize ws; 1210 1211 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1212 ws.ws_col > 8) 1213 screenwidth = ws.ws_col; 1214 else 1215 screenwidth = 80; 1216 } 1217 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1218 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1219 datalen == 1 ? "" : "s"); 1220 if (suppressdata) 1221 return; 1222 if (maxdata && datalen > maxdata) 1223 datalen = maxdata; 1224 1225 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1226 if (dp[i] >= 32 && dp[i] < 127) 1227 continue; 1228 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1229 continue; 1230 binary = 1; 1231 } 1232 if (binary) 1233 hexdump(dp, datalen, screenwidth); 1234 else 1235 visdump(dp, datalen, screenwidth); 1236 } 1237 1238 const char *signames[] = { 1239 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1240 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1241 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1242 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1243 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1244 "USR2", NULL, /* 31 - 32 */ 1245 }; 1246 1247 void 1248 ktrpsig(struct ktr_psig *psig) 1249 { 1250 if (psig->signo > 0 && psig->signo < NSIG) 1251 printf("SIG%s ", signames[psig->signo]); 1252 else 1253 printf("SIG %d ", psig->signo); 1254 if (psig->action == SIG_DFL) { 1255 printf("SIG_DFL code="); 1256 sigcodename(psig->signo, psig->code); 1257 putchar('\n'); 1258 } else { 1259 printf("caught handler=0x%lx mask=0x%x code=", 1260 (u_long)psig->action, psig->mask.__bits[0]); 1261 sigcodename(psig->signo, psig->code); 1262 putchar('\n'); 1263 } 1264 } 1265 1266 void 1267 ktrcsw_old(struct ktr_csw_old *cs) 1268 { 1269 printf("%s %s\n", cs->out ? "stop" : "resume", 1270 cs->user ? "user" : "kernel"); 1271 } 1272 1273 void 1274 ktrcsw(struct ktr_csw *cs) 1275 { 1276 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1277 cs->user ? "user" : "kernel", cs->wmesg); 1278 } 1279 1280 #define UTRACE_DLOPEN_START 1 1281 #define UTRACE_DLOPEN_STOP 2 1282 #define UTRACE_DLCLOSE_START 3 1283 #define UTRACE_DLCLOSE_STOP 4 1284 #define UTRACE_LOAD_OBJECT 5 1285 #define UTRACE_UNLOAD_OBJECT 6 1286 #define UTRACE_ADD_RUNDEP 7 1287 #define UTRACE_PRELOAD_FINISHED 8 1288 #define UTRACE_INIT_CALL 9 1289 #define UTRACE_FINI_CALL 10 1290 1291 struct utrace_rtld { 1292 char sig[4]; /* 'RTLD' */ 1293 int event; 1294 void *handle; 1295 void *mapbase; 1296 size_t mapsize; 1297 int refcnt; 1298 char name[MAXPATHLEN]; 1299 }; 1300 1301 void 1302 ktruser_rtld(int len, unsigned char *p) 1303 { 1304 struct utrace_rtld *ut = (struct utrace_rtld *)p; 1305 void *parent; 1306 int mode; 1307 1308 switch (ut->event) { 1309 case UTRACE_DLOPEN_START: 1310 mode = ut->refcnt; 1311 printf("dlopen(%s, ", ut->name); 1312 switch (mode & RTLD_MODEMASK) { 1313 case RTLD_NOW: 1314 printf("RTLD_NOW"); 1315 break; 1316 case RTLD_LAZY: 1317 printf("RTLD_LAZY"); 1318 break; 1319 default: 1320 printf("%#x", mode & RTLD_MODEMASK); 1321 } 1322 if (mode & RTLD_GLOBAL) 1323 printf(" | RTLD_GLOBAL"); 1324 if (mode & RTLD_TRACE) 1325 printf(" | RTLD_TRACE"); 1326 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)) 1327 printf(" | %#x", mode & 1328 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)); 1329 printf(")\n"); 1330 break; 1331 case UTRACE_DLOPEN_STOP: 1332 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name, 1333 ut->refcnt); 1334 break; 1335 case UTRACE_DLCLOSE_START: 1336 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name, 1337 ut->refcnt); 1338 break; 1339 case UTRACE_DLCLOSE_STOP: 1340 printf("dlclose(%p) finished\n", ut->handle); 1341 break; 1342 case UTRACE_LOAD_OBJECT: 1343 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle, 1344 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1345 ut->name); 1346 break; 1347 case UTRACE_UNLOAD_OBJECT: 1348 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle, 1349 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1350 ut->name); 1351 break; 1352 case UTRACE_ADD_RUNDEP: 1353 parent = ut->mapbase; 1354 printf("RTLD: %p now depends on %p (%s, %d)\n", parent, 1355 ut->handle, ut->name, ut->refcnt); 1356 break; 1357 case UTRACE_PRELOAD_FINISHED: 1358 printf("RTLD: LD_PRELOAD finished\n"); 1359 break; 1360 case UTRACE_INIT_CALL: 1361 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle, 1362 ut->name); 1363 break; 1364 case UTRACE_FINI_CALL: 1365 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle, 1366 ut->name); 1367 break; 1368 default: 1369 p += 4; 1370 len -= 4; 1371 printf("RTLD: %d ", len); 1372 while (len--) 1373 if (decimal) 1374 printf(" %d", *p++); 1375 else 1376 printf(" %02x", *p++); 1377 printf("\n"); 1378 } 1379 } 1380 1381 struct utrace_malloc { 1382 void *p; 1383 size_t s; 1384 void *r; 1385 }; 1386 1387 void 1388 ktruser_malloc(unsigned char *p) 1389 { 1390 struct utrace_malloc *ut = (struct utrace_malloc *)p; 1391 1392 if (ut->p == (void *)(intptr_t)(-1)) 1393 printf("malloc_init()\n"); 1394 else if (ut->s == 0) 1395 printf("free(%p)\n", ut->p); 1396 else if (ut->p == NULL) 1397 printf("%p = malloc(%zu)\n", ut->r, ut->s); 1398 else 1399 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s); 1400 } 1401 1402 void 1403 ktruser(int len, unsigned char *p) 1404 { 1405 1406 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) { 1407 ktruser_rtld(len, p); 1408 return; 1409 } 1410 1411 if (len == sizeof(struct utrace_malloc)) { 1412 ktruser_malloc(p); 1413 return; 1414 } 1415 1416 printf("%d ", len); 1417 while (len--) 1418 if (decimal) 1419 printf(" %d", *p++); 1420 else 1421 printf(" %02x", *p++); 1422 printf("\n"); 1423 } 1424 1425 void 1426 ktrsockaddr(struct sockaddr *sa) 1427 { 1428 /* 1429 TODO: Support additional address families 1430 #include <netnatm/natm.h> 1431 struct sockaddr_natm *natm; 1432 */ 1433 char addr[64]; 1434 1435 /* 1436 * note: ktrstruct() has already verified that sa points to a 1437 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1438 * sa->sa_len bytes long. 1439 */ 1440 printf("struct sockaddr { "); 1441 sockfamilyname(sa->sa_family); 1442 printf(", "); 1443 1444 #define check_sockaddr_len(n) \ 1445 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1446 printf("invalid"); \ 1447 break; \ 1448 } 1449 1450 switch(sa->sa_family) { 1451 case AF_INET: { 1452 struct sockaddr_in sa_in; 1453 1454 memset(&sa_in, 0, sizeof(sa_in)); 1455 memcpy(&sa_in, sa, sa->sa_len); 1456 check_sockaddr_len(in); 1457 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1458 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1459 break; 1460 } 1461 #ifdef NETATALK 1462 case AF_APPLETALK: { 1463 struct sockaddr_at sa_at; 1464 struct netrange *nr; 1465 1466 memset(&sa_at, 0, sizeof(sa_at)); 1467 memcpy(&sa_at, sa, sa->sa_len); 1468 check_sockaddr_len(at); 1469 nr = &sa_at.sat_range.r_netrange; 1470 printf("%d.%d, %d-%d, %d", ntohs(sa_at.sat_addr.s_net), 1471 sa_at.sat_addr.s_node, ntohs(nr->nr_firstnet), 1472 ntohs(nr->nr_lastnet), nr->nr_phase); 1473 break; 1474 } 1475 #endif 1476 case AF_INET6: { 1477 struct sockaddr_in6 sa_in6; 1478 1479 memset(&sa_in6, 0, sizeof(sa_in6)); 1480 memcpy(&sa_in6, sa, sa->sa_len); 1481 check_sockaddr_len(in6); 1482 inet_ntop(AF_INET6, &sa_in6.sin6_addr, addr, sizeof addr); 1483 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1484 break; 1485 } 1486 #ifdef IPX 1487 case AF_IPX: { 1488 struct sockaddr_ipx sa_ipx; 1489 1490 memset(&sa_ipx, 0, sizeof(sa_ipx)); 1491 memcpy(&sa_ipx, sa, sa->sa_len); 1492 check_sockaddr_len(ipx); 1493 /* XXX wish we had ipx_ntop */ 1494 printf("%s", ipx_ntoa(sa_ipx.sipx_addr)); 1495 free(sa_ipx); 1496 break; 1497 } 1498 #endif 1499 case AF_UNIX: { 1500 struct sockaddr_un sa_un; 1501 1502 memset(&sa_un, 0, sizeof(sa_un)); 1503 memcpy(&sa_un, sa, sa->sa_len); 1504 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1505 break; 1506 } 1507 default: 1508 printf("unknown address family"); 1509 } 1510 printf(" }\n"); 1511 } 1512 1513 void 1514 ktrstat(struct stat *statp) 1515 { 1516 char mode[12], timestr[PATH_MAX + 4]; 1517 struct passwd *pwd; 1518 struct group *grp; 1519 struct tm *tm; 1520 1521 /* 1522 * note: ktrstruct() has already verified that statp points to a 1523 * buffer exactly sizeof(struct stat) bytes long. 1524 */ 1525 printf("struct stat {"); 1526 strmode(statp->st_mode, mode); 1527 printf("dev=%ju, ino=%ju, mode=%s, nlink=%ju, ", 1528 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino, mode, 1529 (uintmax_t)statp->st_nlink); 1530 if (resolv == 0 || (pwd = getpwuid(statp->st_uid)) == NULL) 1531 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1532 else 1533 printf("uid=\"%s\", ", pwd->pw_name); 1534 if (resolv == 0 || (grp = getgrgid(statp->st_gid)) == NULL) 1535 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1536 else 1537 printf("gid=\"%s\", ", grp->gr_name); 1538 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1539 printf("atime="); 1540 if (resolv == 0) 1541 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1542 else { 1543 tm = localtime(&statp->st_atim.tv_sec); 1544 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1545 printf("\"%s\"", timestr); 1546 } 1547 if (statp->st_atim.tv_nsec != 0) 1548 printf(".%09ld, ", statp->st_atim.tv_nsec); 1549 else 1550 printf(", "); 1551 printf("stime="); 1552 if (resolv == 0) 1553 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1554 else { 1555 tm = localtime(&statp->st_mtim.tv_sec); 1556 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1557 printf("\"%s\"", timestr); 1558 } 1559 if (statp->st_mtim.tv_nsec != 0) 1560 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1561 else 1562 printf(", "); 1563 printf("ctime="); 1564 if (resolv == 0) 1565 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1566 else { 1567 tm = localtime(&statp->st_ctim.tv_sec); 1568 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1569 printf("\"%s\"", timestr); 1570 } 1571 if (statp->st_ctim.tv_nsec != 0) 1572 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1573 else 1574 printf(", "); 1575 printf("birthtime="); 1576 if (resolv == 0) 1577 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1578 else { 1579 tm = localtime(&statp->st_birthtim.tv_sec); 1580 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1581 printf("\"%s\"", timestr); 1582 } 1583 if (statp->st_birthtim.tv_nsec != 0) 1584 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1585 else 1586 printf(", "); 1587 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1588 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1589 (intmax_t)statp->st_blocks, statp->st_flags); 1590 printf(" }\n"); 1591 } 1592 1593 void 1594 ktrstruct(char *buf, size_t buflen) 1595 { 1596 char *name, *data; 1597 size_t namelen, datalen; 1598 int i; 1599 struct stat sb; 1600 struct sockaddr_storage ss; 1601 1602 for (name = buf, namelen = 0; 1603 namelen < buflen && name[namelen] != '\0'; 1604 ++namelen) 1605 /* nothing */; 1606 if (namelen == buflen) 1607 goto invalid; 1608 if (name[namelen] != '\0') 1609 goto invalid; 1610 data = buf + namelen + 1; 1611 datalen = buflen - namelen - 1; 1612 if (datalen == 0) 1613 goto invalid; 1614 /* sanity check */ 1615 for (i = 0; i < (int)namelen; ++i) 1616 if (!isalpha(name[i])) 1617 goto invalid; 1618 if (strcmp(name, "stat") == 0) { 1619 if (datalen != sizeof(struct stat)) 1620 goto invalid; 1621 memcpy(&sb, data, datalen); 1622 ktrstat(&sb); 1623 } else if (strcmp(name, "sockaddr") == 0) { 1624 if (datalen > sizeof(ss)) 1625 goto invalid; 1626 memcpy(&ss, data, datalen); 1627 if (datalen != ss.ss_len) 1628 goto invalid; 1629 ktrsockaddr((struct sockaddr *)&ss); 1630 } else { 1631 printf("unknown structure\n"); 1632 } 1633 return; 1634 invalid: 1635 printf("invalid record\n"); 1636 } 1637 1638 void 1639 ktrcapfail(struct ktr_cap_fail *ktr) 1640 { 1641 switch (ktr->cap_type) { 1642 case CAPFAIL_NOTCAPABLE: 1643 /* operation on fd with insufficient capabilities */ 1644 printf("operation requires "); 1645 capname((intmax_t)ktr->cap_needed); 1646 printf(", process holds "); 1647 capname((intmax_t)ktr->cap_held); 1648 break; 1649 case CAPFAIL_INCREASE: 1650 /* requested more capabilities than fd already has */ 1651 printf("attempt to increase capabilities from "); 1652 capname((intmax_t)ktr->cap_held); 1653 printf(" to "); 1654 capname((intmax_t)ktr->cap_needed); 1655 break; 1656 case CAPFAIL_SYSCALL: 1657 /* called restricted syscall */ 1658 printf("disallowed system call"); 1659 break; 1660 case CAPFAIL_LOOKUP: 1661 /* used ".." in strict-relative mode */ 1662 printf("restricted VFS lookup"); 1663 break; 1664 default: 1665 printf("unknown capability failure: "); 1666 capname((intmax_t)ktr->cap_needed); 1667 printf(" "); 1668 capname((intmax_t)ktr->cap_held); 1669 break; 1670 } 1671 printf("\n"); 1672 } 1673 1674 void 1675 ktrfault(struct ktr_fault *ktr) 1676 { 1677 1678 printf("0x%jx ", ktr->vaddr); 1679 vmprotname(ktr->type); 1680 printf("\n"); 1681 } 1682 1683 void 1684 ktrfaultend(struct ktr_faultend *ktr) 1685 { 1686 1687 vmresultname(ktr->result); 1688 printf("\n"); 1689 } 1690 1691 #if defined(__amd64__) || defined(__i386__) 1692 void 1693 linux_ktrsyscall(struct ktr_syscall *ktr) 1694 { 1695 int narg = ktr->ktr_narg; 1696 register_t *ip; 1697 1698 if (ktr->ktr_code >= nlinux_syscalls || ktr->ktr_code < 0) 1699 printf("[%d]", ktr->ktr_code); 1700 else 1701 printf("%s", linux_syscallnames[ktr->ktr_code]); 1702 ip = &ktr->ktr_args[0]; 1703 if (narg) { 1704 char c = '('; 1705 while (narg > 0) 1706 print_number(ip, narg, c); 1707 putchar(')'); 1708 } 1709 putchar('\n'); 1710 } 1711 1712 void 1713 linux_ktrsysret(struct ktr_sysret *ktr) 1714 { 1715 register_t ret = ktr->ktr_retval; 1716 int error = ktr->ktr_error; 1717 int code = ktr->ktr_code; 1718 1719 if (code >= nlinux_syscalls || code < 0) 1720 printf("[%d] ", code); 1721 else 1722 printf("%s ", linux_syscallnames[code]); 1723 1724 if (error == 0) { 1725 if (fancy) { 1726 printf("%ld", (long)ret); 1727 if (ret < 0 || ret > 9) 1728 printf("/%#lx", (unsigned long)ret); 1729 } else { 1730 if (decimal) 1731 printf("%ld", (long)ret); 1732 else 1733 printf("%#lx", (unsigned long)ret); 1734 } 1735 } else if (error == ERESTART) 1736 printf("RESTART"); 1737 else if (error == EJUSTRETURN) 1738 printf("JUSTRETURN"); 1739 else { 1740 if (ktr->ktr_error <= ELAST + 1) 1741 error = abs(bsd_to_linux_errno[ktr->ktr_error]); 1742 else 1743 error = 999; 1744 printf("-1 errno %d", error); 1745 if (fancy) 1746 printf(" %s", strerror(ktr->ktr_error)); 1747 } 1748 putchar('\n'); 1749 } 1750 #endif 1751 1752 void 1753 usage(void) 1754 { 1755 fprintf(stderr, "usage: kdump [-dEnlHRrsTA] [-f trfile] " 1756 "[-m maxdata] [-p pid] [-t trstr]\n"); 1757 exit(1); 1758 } 1759