1 /* 2 * Copyright 1997 Sean Eric Fagan 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 3. All advertising materials mentioning features or use of this software 13 * must display the following acknowledgement: 14 * This product includes software developed by Sean Eric Fagan 15 * 4. Neither the name of the author may be used to endorse or promote 16 * products derived from this software without specific prior written 17 * permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #ifndef lint 33 static const char rcsid[] = 34 "$FreeBSD$"; 35 #endif /* not lint */ 36 37 /* 38 * This file has routines used to print out system calls and their 39 * arguments. 40 */ 41 42 #include <sys/types.h> 43 #include <sys/mman.h> 44 #include <sys/procctl.h> 45 #include <sys/ptrace.h> 46 #include <sys/socket.h> 47 #include <sys/time.h> 48 #include <sys/un.h> 49 #include <sys/wait.h> 50 #include <netinet/in.h> 51 #include <arpa/inet.h> 52 #include <sys/ioccom.h> 53 #include <machine/atomic.h> 54 #include <errno.h> 55 #include <sys/umtx.h> 56 #include <sys/event.h> 57 #include <sys/stat.h> 58 #include <sys/resource.h> 59 60 #include <ctype.h> 61 #include <err.h> 62 #include <fcntl.h> 63 #include <poll.h> 64 #include <signal.h> 65 #include <stdint.h> 66 #include <stdio.h> 67 #include <stdlib.h> 68 #include <string.h> 69 #include <time.h> 70 #include <unistd.h> 71 #include <vis.h> 72 73 #include "truss.h" 74 #include "extern.h" 75 #include "syscall.h" 76 77 /* 64-bit alignment on 32-bit platforms. */ 78 #ifdef __powerpc__ 79 #define QUAD_ALIGN 1 80 #else 81 #define QUAD_ALIGN 0 82 #endif 83 84 /* Number of slots needed for a 64-bit argument. */ 85 #ifdef __LP64__ 86 #define QUAD_SLOTS 1 87 #else 88 #define QUAD_SLOTS 2 89 #endif 90 91 /* 92 * This should probably be in its own file, sorted alphabetically. 93 */ 94 static struct syscall syscalls[] = { 95 { .name = "fcntl", .ret_type = 1, .nargs = 3, 96 .args = { { Int, 0 } , { Fcntl, 1 }, { Fcntlflag | OUT, 2 } } }, 97 { .name = "fork", .ret_type = 1, .nargs = 0 }, 98 { .name = "vfork", .ret_type = 1, .nargs = 0 }, 99 { .name = "rfork", .ret_type = 1, .nargs = 1, 100 .args = { { Rforkflags, 0 } } }, 101 { .name = "getegid", .ret_type = 1, .nargs = 0 }, 102 { .name = "geteuid", .ret_type = 1, .nargs = 0 }, 103 { .name = "getgid", .ret_type = 1, .nargs = 0 }, 104 { .name = "getpid", .ret_type = 1, .nargs = 0 }, 105 { .name = "getpgid", .ret_type = 1, .nargs = 1, 106 .args = { { Int, 0 } } }, 107 { .name = "getpgrp", .ret_type = 1, .nargs = 0 }, 108 { .name = "getppid", .ret_type = 1, .nargs = 0 }, 109 { .name = "getsid", .ret_type = 1, .nargs = 1, 110 .args = { { Int, 0 } } }, 111 { .name = "getuid", .ret_type = 1, .nargs = 0 }, 112 { .name = "readlink", .ret_type = 1, .nargs = 3, 113 .args = { { Name, 0 } , { Readlinkres | OUT, 1 }, { Int, 2 } } }, 114 { .name = "lseek", .ret_type = 2, .nargs = 3, 115 .args = { { Int, 0 }, { Quad, 1 + QUAD_ALIGN }, { Whence, 1 + QUAD_SLOTS + QUAD_ALIGN } } }, 116 { .name = "linux_lseek", .ret_type = 2, .nargs = 3, 117 .args = { { Int, 0 }, { Int, 1 }, { Whence, 2 } } }, 118 { .name = "mmap", .ret_type = 2, .nargs = 6, 119 .args = { { Ptr, 0 }, { Int, 1 }, { Mprot, 2 }, { Mmapflags, 3 }, { Int, 4 }, { Quad, 5 + QUAD_ALIGN } } }, 120 { .name = "mprotect", .ret_type = 1, .nargs = 3, 121 .args = { { Ptr, 0 }, { Int, 1 }, { Mprot, 2 } } }, 122 { .name = "open", .ret_type = 1, .nargs = 3, 123 .args = { { Name | IN, 0 } , { Open, 1 }, { Octal, 2 } } }, 124 { .name = "mkdir", .ret_type = 1, .nargs = 2, 125 .args = { { Name, 0 } , { Octal, 1 } } }, 126 { .name = "linux_open", .ret_type = 1, .nargs = 3, 127 .args = { { Name, 0 }, { Hex, 1 }, { Octal, 2 } } }, 128 { .name = "close", .ret_type = 1, .nargs = 1, 129 .args = { { Int, 0 } } }, 130 { .name = "link", .ret_type = 0, .nargs = 2, 131 .args = { { Name, 0 }, { Name, 1 } } }, 132 { .name = "unlink", .ret_type = 0, .nargs = 1, 133 .args = { { Name, 0 } } }, 134 { .name = "chdir", .ret_type = 0, .nargs = 1, 135 .args = { { Name, 0 } } }, 136 { .name = "chroot", .ret_type = 0, .nargs = 1, 137 .args = { { Name, 0 } } }, 138 { .name = "mknod", .ret_type = 0, .nargs = 3, 139 .args = { { Name, 0 }, { Octal, 1 }, { Int, 3 } } }, 140 { .name = "chmod", .ret_type = 0, .nargs = 2, 141 .args = { { Name, 0 }, { Octal, 1 } } }, 142 { .name = "chown", .ret_type = 0, .nargs = 3, 143 .args = { { Name, 0 }, { Int, 1 }, { Int, 2 } } }, 144 { .name = "mount", .ret_type = 0, .nargs = 4, 145 .args = { { Name, 0 }, { Name, 1 }, { Int, 2 }, { Ptr, 3 } } }, 146 { .name = "umount", .ret_type = 0, .nargs = 2, 147 .args = { { Name, 0 }, { Int, 2 } } }, 148 { .name = "fstat", .ret_type = 1, .nargs = 2, 149 .args = { { Int, 0 }, { Stat | OUT , 1 } } }, 150 { .name = "stat", .ret_type = 1, .nargs = 2, 151 .args = { { Name | IN, 0 }, { Stat | OUT, 1 } } }, 152 { .name = "lstat", .ret_type = 1, .nargs = 2, 153 .args = { { Name | IN, 0 }, { Stat | OUT, 1 } } }, 154 { .name = "linux_newstat", .ret_type = 1, .nargs = 2, 155 .args = { { Name | IN, 0 }, { Ptr | OUT, 1 } } }, 156 { .name = "linux_newfstat", .ret_type = 1, .nargs = 2, 157 .args = { { Int, 0 }, { Ptr | OUT, 1 } } }, 158 { .name = "write", .ret_type = 1, .nargs = 3, 159 .args = { { Int, 0 }, { BinString | IN, 1 }, { Int, 2 } } }, 160 { .name = "ioctl", .ret_type = 1, .nargs = 3, 161 .args = { { Int, 0 }, { Ioctl, 1 }, { Hex, 2 } } }, 162 { .name = "break", .ret_type = 1, .nargs = 1, 163 .args = { { Ptr, 0 } } }, 164 { .name = "exit", .ret_type = 0, .nargs = 1, 165 .args = { { Hex, 0 } } }, 166 { .name = "access", .ret_type = 1, .nargs = 2, 167 .args = { { Name | IN, 0 }, { Int, 1 } } }, 168 { .name = "sigaction", .ret_type = 1, .nargs = 3, 169 .args = { { Signal, 0 }, { Sigaction | IN, 1 }, { Sigaction | OUT, 2 } } }, 170 { .name = "accept", .ret_type = 1, .nargs = 3, 171 .args = { { Int, 0 }, { Sockaddr | OUT, 1 }, { Ptr | OUT, 2 } } }, 172 { .name = "bind", .ret_type = 1, .nargs = 3, 173 .args = { { Int, 0 }, { Sockaddr | IN, 1 }, { Int, 2 } } }, 174 { .name = "connect", .ret_type = 1, .nargs = 3, 175 .args = { { Int, 0 }, { Sockaddr | IN, 1 }, { Int, 2 } } }, 176 { .name = "getpeername", .ret_type = 1, .nargs = 3, 177 .args = { { Int, 0 }, { Sockaddr | OUT, 1 }, { Ptr | OUT, 2 } } }, 178 { .name = "getsockname", .ret_type = 1, .nargs = 3, 179 .args = { { Int, 0 }, { Sockaddr | OUT, 1 }, { Ptr | OUT, 2 } } }, 180 { .name = "recvfrom", .ret_type = 1, .nargs = 6, 181 .args = { { Int, 0 }, { BinString | OUT, 1 }, { Int, 2 }, { Hex, 3 }, { Sockaddr | OUT, 4 }, { Ptr | OUT, 5 } } }, 182 { .name = "sendto", .ret_type = 1, .nargs = 6, 183 .args = { { Int, 0 }, { BinString | IN, 1 }, { Int, 2 }, { Hex, 3 }, { Sockaddr | IN, 4 }, { Ptr | IN, 5 } } }, 184 { .name = "execve", .ret_type = 1, .nargs = 3, 185 .args = { { Name | IN, 0 }, { StringArray | IN, 1 }, { StringArray | IN, 2 } } }, 186 { .name = "linux_execve", .ret_type = 1, .nargs = 3, 187 .args = { { Name | IN, 0 }, { StringArray | IN, 1 }, { StringArray | IN, 2 } } }, 188 { .name = "kldload", .ret_type = 0, .nargs = 1, 189 .args = { { Name | IN, 0 } } }, 190 { .name = "kldunload", .ret_type = 0, .nargs = 1, 191 .args = { { Int, 0 } } }, 192 { .name = "kldfind", .ret_type = 0, .nargs = 1, 193 .args = { { Name | IN, 0 } } }, 194 { .name = "kldnext", .ret_type = 0, .nargs = 1, 195 .args = { { Int, 0 } } }, 196 { .name = "kldstat", .ret_type = 0, .nargs = 2, 197 .args = { { Int, 0 }, { Ptr, 1 } } }, 198 { .name = "kldfirstmod", .ret_type = 0, .nargs = 1, 199 .args = { { Int, 0 } } }, 200 { .name = "nanosleep", .ret_type = 0, .nargs = 1, 201 .args = { { Timespec, 0 } } }, 202 { .name = "select", .ret_type = 1, .nargs = 5, 203 .args = { { Int, 0 }, { Fd_set, 1 }, { Fd_set, 2 }, { Fd_set, 3 }, { Timeval, 4 } } }, 204 { .name = "poll", .ret_type = 1, .nargs = 3, 205 .args = { { Pollfd, 0 }, { Int, 1 }, { Int, 2 } } }, 206 { .name = "gettimeofday", .ret_type = 1, .nargs = 2, 207 .args = { { Timeval | OUT, 0 }, { Ptr, 1 } } }, 208 { .name = "clock_gettime", .ret_type = 1, .nargs = 2, 209 .args = { { Int, 0 }, { Timespec | OUT, 1 } } }, 210 { .name = "getitimer", .ret_type = 1, .nargs = 2, 211 .args = { { Int, 0 }, { Itimerval | OUT, 2 } } }, 212 { .name = "setitimer", .ret_type = 1, .nargs = 3, 213 .args = { { Int, 0 }, { Itimerval, 1 } , { Itimerval | OUT, 2 } } }, 214 { .name = "kse_release", .ret_type = 0, .nargs = 1, 215 .args = { { Timespec, 0 } } }, 216 { .name = "kevent", .ret_type = 0, .nargs = 6, 217 .args = { { Int, 0 }, { Kevent, 1 }, { Int, 2 }, { Kevent | OUT, 3 }, { Int, 4 }, { Timespec, 5 } } }, 218 { .name = "_umtx_lock", .ret_type = 0, .nargs = 1, 219 .args = { { Umtx, 0 } } }, 220 { .name = "_umtx_unlock", .ret_type = 0, .nargs = 1, 221 .args = { { Umtx, 0 } } }, 222 { .name = "sigprocmask", .ret_type = 0, .nargs = 3, 223 .args = { { Sigprocmask, 0 }, { Sigset, 1 }, { Sigset | OUT, 2 } } }, 224 { .name = "unmount", .ret_type = 1, .nargs = 2, 225 .args = { { Name, 0 }, { Int, 1 } } }, 226 { .name = "socket", .ret_type = 1, .nargs = 3, 227 .args = { { Sockdomain, 0 }, { Socktype, 1 }, { Int, 2 } } }, 228 { .name = "getrusage", .ret_type = 1, .nargs = 2, 229 .args = { { Int, 0 }, { Rusage | OUT, 1 } } }, 230 { .name = "__getcwd", .ret_type = 1, .nargs = 2, 231 .args = { { Name | OUT, 0 }, { Int, 1 } } }, 232 { .name = "shutdown", .ret_type = 1, .nargs = 2, 233 .args = { { Int, 0 }, { Shutdown, 1 } } }, 234 { .name = "getrlimit", .ret_type = 1, .nargs = 2, 235 .args = { { Resource, 0 }, { Rlimit | OUT, 1 } } }, 236 { .name = "setrlimit", .ret_type = 1, .nargs = 2, 237 .args = { { Resource, 0 }, { Rlimit | IN, 1 } } }, 238 { .name = "utimes", .ret_type = 1, .nargs = 2, 239 .args = { { Name | IN, 0 }, { Timeval2 | IN, 1 } } }, 240 { .name = "lutimes", .ret_type = 1, .nargs = 2, 241 .args = { { Name | IN, 0 }, { Timeval2 | IN, 1 } } }, 242 { .name = "futimes", .ret_type = 1, .nargs = 2, 243 .args = { { Int, 0 }, { Timeval | IN, 1 } } }, 244 { .name = "chflags", .ret_type = 1, .nargs = 2, 245 .args = { { Name | IN, 0 }, { Hex, 1 } } }, 246 { .name = "lchflags", .ret_type = 1, .nargs = 2, 247 .args = { { Name | IN, 0 }, { Hex, 1 } } }, 248 { .name = "pathconf", .ret_type = 1, .nargs = 2, 249 .args = { { Name | IN, 0 }, { Pathconf, 1 } } }, 250 { .name = "pipe", .ret_type = 1, .nargs = 1, 251 .args = { { Ptr, 0 } } }, 252 { .name = "truncate", .ret_type = 1, .nargs = 3, 253 .args = { { Name | IN, 0 }, { Int | IN, 1 }, { Quad | IN, 2 } } }, 254 { .name = "ftruncate", .ret_type = 1, .nargs = 3, 255 .args = { { Int | IN, 0 }, { Int | IN, 1 }, { Quad | IN, 2 } } }, 256 { .name = "kill", .ret_type = 1, .nargs = 2, 257 .args = { { Int | IN, 0 }, { Signal | IN, 1 } } }, 258 { .name = "munmap", .ret_type = 1, .nargs = 2, 259 .args = { { Ptr, 0 }, { Int, 1 } } }, 260 { .name = "read", .ret_type = 1, .nargs = 3, 261 .args = { { Int, 0 }, { BinString | OUT, 1 }, { Int, 2 } } }, 262 { .name = "rename", .ret_type = 1, .nargs = 2, 263 .args = { { Name , 0 } , { Name, 1 } } }, 264 { .name = "symlink", .ret_type = 1, .nargs = 2, 265 .args = { { Name , 0 } , { Name, 1 } } }, 266 { .name = "posix_openpt", .ret_type = 1, .nargs = 1, 267 .args = { { Open, 0 } } }, 268 { .name = "wait4", .ret_type = 1, .nargs = 4, 269 .args = { { Int, 0 }, { ExitStatus | OUT, 1 }, { Waitoptions, 2 }, 270 { Rusage | OUT, 3 } } }, 271 { .name = "wait6", .ret_type = 1, .nargs = 6, 272 .args = { { Idtype, 0 }, { Int, 1 }, { ExitStatus | OUT, 2 }, 273 { Waitoptions, 3 }, { Rusage | OUT, 4 }, { Ptr, 5 } } }, 274 { .name = "procctl", .ret_type = 1, .nargs = 4, 275 .args = { { Idtype, 0 }, { Int, 1 }, { Procctl, 2 }, { Ptr, 3 } } }, 276 { .name = 0 }, 277 }; 278 279 /* Xlat idea taken from strace */ 280 struct xlat { 281 int val; 282 const char *str; 283 }; 284 285 #define X(a) { a, #a }, 286 #define XEND { 0, NULL } 287 288 static struct xlat kevent_filters[] = { 289 X(EVFILT_READ) X(EVFILT_WRITE) X(EVFILT_AIO) X(EVFILT_VNODE) 290 X(EVFILT_PROC) X(EVFILT_SIGNAL) X(EVFILT_TIMER) 291 X(EVFILT_FS) X(EVFILT_READ) XEND 292 }; 293 294 static struct xlat kevent_flags[] = { 295 X(EV_ADD) X(EV_DELETE) X(EV_ENABLE) X(EV_DISABLE) X(EV_ONESHOT) 296 X(EV_CLEAR) X(EV_FLAG1) X(EV_ERROR) X(EV_EOF) XEND 297 }; 298 299 static struct xlat poll_flags[] = { 300 X(POLLSTANDARD) X(POLLIN) X(POLLPRI) X(POLLOUT) X(POLLERR) 301 X(POLLHUP) X(POLLNVAL) X(POLLRDNORM) X(POLLRDBAND) 302 X(POLLWRBAND) X(POLLINIGNEOF) XEND 303 }; 304 305 static struct xlat mmap_flags[] = { 306 X(MAP_SHARED) X(MAP_PRIVATE) X(MAP_FIXED) X(MAP_RENAME) 307 X(MAP_NORESERVE) X(MAP_RESERVED0080) X(MAP_RESERVED0100) 308 X(MAP_HASSEMAPHORE) X(MAP_STACK) X(MAP_NOSYNC) X(MAP_ANON) 309 X(MAP_NOCORE) X(MAP_PREFAULT_READ) 310 #ifdef MAP_32BIT 311 X(MAP_32BIT) 312 #endif 313 XEND 314 }; 315 316 static struct xlat mprot_flags[] = { 317 X(PROT_NONE) X(PROT_READ) X(PROT_WRITE) X(PROT_EXEC) XEND 318 }; 319 320 static struct xlat whence_arg[] = { 321 X(SEEK_SET) X(SEEK_CUR) X(SEEK_END) XEND 322 }; 323 324 static struct xlat sigaction_flags[] = { 325 X(SA_ONSTACK) X(SA_RESTART) X(SA_RESETHAND) X(SA_NOCLDSTOP) 326 X(SA_NODEFER) X(SA_NOCLDWAIT) X(SA_SIGINFO) XEND 327 }; 328 329 static struct xlat fcntl_arg[] = { 330 X(F_DUPFD) X(F_GETFD) X(F_SETFD) X(F_GETFL) X(F_SETFL) 331 X(F_GETOWN) X(F_SETOWN) X(F_GETLK) X(F_SETLK) X(F_SETLKW) XEND 332 }; 333 334 static struct xlat fcntlfd_arg[] = { 335 X(FD_CLOEXEC) XEND 336 }; 337 338 static struct xlat fcntlfl_arg[] = { 339 X(O_APPEND) X(O_ASYNC) X(O_FSYNC) X(O_NONBLOCK) X(O_NOFOLLOW) 340 X(O_DIRECT) XEND 341 }; 342 343 static struct xlat sockdomain_arg[] = { 344 X(PF_UNSPEC) X(PF_LOCAL) X(PF_UNIX) X(PF_INET) X(PF_IMPLINK) 345 X(PF_PUP) X(PF_CHAOS) X(PF_NETBIOS) X(PF_ISO) X(PF_OSI) 346 X(PF_ECMA) X(PF_DATAKIT) X(PF_CCITT) X(PF_SNA) X(PF_DECnet) 347 X(PF_DLI) X(PF_LAT) X(PF_HYLINK) X(PF_APPLETALK) X(PF_ROUTE) 348 X(PF_LINK) X(PF_XTP) X(PF_COIP) X(PF_CNT) X(PF_SIP) X(PF_IPX) 349 X(PF_RTIP) X(PF_PIP) X(PF_ISDN) X(PF_KEY) X(PF_INET6) 350 X(PF_NATM) X(PF_ATM) X(PF_NETGRAPH) X(PF_SLOW) X(PF_SCLUSTER) 351 X(PF_ARP) X(PF_BLUETOOTH) XEND 352 }; 353 354 static struct xlat socktype_arg[] = { 355 X(SOCK_STREAM) X(SOCK_DGRAM) X(SOCK_RAW) X(SOCK_RDM) 356 X(SOCK_SEQPACKET) XEND 357 }; 358 359 static struct xlat open_flags[] = { 360 X(O_RDONLY) X(O_WRONLY) X(O_RDWR) X(O_ACCMODE) X(O_NONBLOCK) 361 X(O_APPEND) X(O_SHLOCK) X(O_EXLOCK) X(O_ASYNC) X(O_FSYNC) 362 X(O_NOFOLLOW) X(O_CREAT) X(O_TRUNC) X(O_EXCL) X(O_NOCTTY) 363 X(O_DIRECT) X(O_DIRECTORY) X(O_EXEC) X(O_TTY_INIT) X(O_CLOEXEC) XEND 364 }; 365 366 static struct xlat shutdown_arg[] = { 367 X(SHUT_RD) X(SHUT_WR) X(SHUT_RDWR) XEND 368 }; 369 370 static struct xlat resource_arg[] = { 371 X(RLIMIT_CPU) X(RLIMIT_FSIZE) X(RLIMIT_DATA) X(RLIMIT_STACK) 372 X(RLIMIT_CORE) X(RLIMIT_RSS) X(RLIMIT_MEMLOCK) X(RLIMIT_NPROC) 373 X(RLIMIT_NOFILE) X(RLIMIT_SBSIZE) X(RLIMIT_VMEM) XEND 374 }; 375 376 static struct xlat pathconf_arg[] = { 377 X(_PC_LINK_MAX) X(_PC_MAX_CANON) X(_PC_MAX_INPUT) 378 X(_PC_NAME_MAX) X(_PC_PATH_MAX) X(_PC_PIPE_BUF) 379 X(_PC_CHOWN_RESTRICTED) X(_PC_NO_TRUNC) X(_PC_VDISABLE) 380 X(_PC_ASYNC_IO) X(_PC_PRIO_IO) X(_PC_SYNC_IO) 381 X(_PC_ALLOC_SIZE_MIN) X(_PC_FILESIZEBITS) 382 X(_PC_REC_INCR_XFER_SIZE) X(_PC_REC_MAX_XFER_SIZE) 383 X(_PC_REC_MIN_XFER_SIZE) X(_PC_REC_XFER_ALIGN) 384 X(_PC_SYMLINK_MAX) X(_PC_ACL_EXTENDED) X(_PC_ACL_PATH_MAX) 385 X(_PC_CAP_PRESENT) X(_PC_INF_PRESENT) X(_PC_MAC_PRESENT) 386 XEND 387 }; 388 389 static struct xlat rfork_flags[] = { 390 X(RFPROC) X(RFNOWAIT) X(RFFDG) X(RFCFDG) X(RFTHREAD) X(RFMEM) 391 X(RFSIGSHARE) X(RFTSIGZMB) X(RFLINUXTHPN) XEND 392 }; 393 394 static struct xlat wait_options[] = { 395 X(WNOHANG) X(WUNTRACED) X(WCONTINUED) X(WNOWAIT) X(WEXITED) 396 X(WTRAPPED) XEND 397 }; 398 399 static struct xlat idtype_arg[] = { 400 X(P_PID) X(P_PPID) X(P_PGID) X(P_SID) X(P_CID) X(P_UID) X(P_GID) 401 X(P_ALL) X(P_LWPID) X(P_TASKID) X(P_PROJID) X(P_POOLID) X(P_JAILID) 402 X(P_CTID) X(P_CPUID) X(P_PSETID) XEND 403 }; 404 405 static struct xlat procctl_arg[] = { 406 X(PROC_SPROTECT) XEND 407 }; 408 409 #undef X 410 #undef XEND 411 412 /* 413 * Searches an xlat array for a value, and returns it if found. Otherwise 414 * return a string representation. 415 */ 416 static const char * 417 lookup(struct xlat *xlat, int val, int base) 418 { 419 static char tmp[16]; 420 421 for (; xlat->str != NULL; xlat++) 422 if (xlat->val == val) 423 return (xlat->str); 424 switch (base) { 425 case 8: 426 sprintf(tmp, "0%o", val); 427 break; 428 case 16: 429 sprintf(tmp, "0x%x", val); 430 break; 431 case 10: 432 sprintf(tmp, "%u", val); 433 break; 434 default: 435 errx(1,"Unknown lookup base"); 436 break; 437 } 438 return (tmp); 439 } 440 441 static const char * 442 xlookup(struct xlat *xlat, int val) 443 { 444 445 return (lookup(xlat, val, 16)); 446 } 447 448 /* Searches an xlat array containing bitfield values. Remaining bits 449 set after removing the known ones are printed at the end: 450 IN|0x400 */ 451 static char * 452 xlookup_bits(struct xlat *xlat, int val) 453 { 454 int len, rem; 455 static char str[512]; 456 457 len = 0; 458 rem = val; 459 for (; xlat->str != NULL; xlat++) { 460 if ((xlat->val & rem) == xlat->val) { 461 /* don't print the "all-bits-zero" string unless all 462 bits are really zero */ 463 if (xlat->val == 0 && val != 0) 464 continue; 465 len += sprintf(str + len, "%s|", xlat->str); 466 rem &= ~(xlat->val); 467 } 468 } 469 /* if we have leftover bits or didn't match anything */ 470 if (rem || len == 0) 471 len += sprintf(str + len, "0x%x", rem); 472 if (len && str[len - 1] == '|') 473 len--; 474 str[len] = 0; 475 return (str); 476 } 477 478 /* 479 * If/when the list gets big, it might be desirable to do it 480 * as a hash table or binary search. 481 */ 482 483 struct syscall * 484 get_syscall(const char *name) 485 { 486 struct syscall *sc; 487 488 sc = syscalls; 489 if (name == NULL) 490 return (NULL); 491 while (sc->name) { 492 if (strcmp(name, sc->name) == 0) 493 return (sc); 494 sc++; 495 } 496 return (NULL); 497 } 498 499 /* 500 * get_struct 501 * 502 * Copy a fixed amount of bytes from the process. 503 */ 504 505 static int 506 get_struct(pid_t pid, void *offset, void *buf, int len) 507 { 508 struct ptrace_io_desc iorequest; 509 510 iorequest.piod_op = PIOD_READ_D; 511 iorequest.piod_offs = offset; 512 iorequest.piod_addr = buf; 513 iorequest.piod_len = len; 514 if (ptrace(PT_IO, pid, (caddr_t)&iorequest, 0) < 0) 515 return (-1); 516 return (0); 517 } 518 519 #define MAXSIZE 4096 520 #define BLOCKSIZE 1024 521 /* 522 * get_string 523 * Copy a string from the process. Note that it is 524 * expected to be a C string, but if max is set, it will 525 * only get that much. 526 */ 527 528 static char * 529 get_string(pid_t pid, void *offset, int max) 530 { 531 struct ptrace_io_desc iorequest; 532 char *buf; 533 int diff, i, size, totalsize; 534 535 diff = 0; 536 totalsize = size = max ? (max + 1) : BLOCKSIZE; 537 buf = malloc(totalsize); 538 if (buf == NULL) 539 return (NULL); 540 for (;;) { 541 diff = totalsize - size; 542 iorequest.piod_op = PIOD_READ_D; 543 iorequest.piod_offs = (char *)offset + diff; 544 iorequest.piod_addr = buf + diff; 545 iorequest.piod_len = size; 546 if (ptrace(PT_IO, pid, (caddr_t)&iorequest, 0) < 0) { 547 free(buf); 548 return (NULL); 549 } 550 for (i = 0 ; i < size; i++) { 551 if (buf[diff + i] == '\0') 552 return (buf); 553 } 554 if (totalsize < MAXSIZE - BLOCKSIZE && max == 0) { 555 totalsize += BLOCKSIZE; 556 buf = realloc(buf, totalsize); 557 size = BLOCKSIZE; 558 } else { 559 buf[totalsize - 1] = '\0'; 560 return (buf); 561 } 562 } 563 } 564 565 static char * 566 strsig2(int sig) 567 { 568 char *tmp; 569 570 tmp = strsig(sig); 571 if (tmp == NULL) 572 asprintf(&tmp, "%d", sig); 573 return (tmp); 574 } 575 576 /* 577 * print_arg 578 * Converts a syscall argument into a string. Said string is 579 * allocated via malloc(), so needs to be free()'d. The file 580 * descriptor is for the process' memory (via /proc), and is used 581 * to get any data (where the argument is a pointer). sc is 582 * a pointer to the syscall description (see above); args is 583 * an array of all of the system call arguments. 584 */ 585 586 char * 587 print_arg(struct syscall_args *sc, unsigned long *args, long retval, 588 struct trussinfo *trussinfo) 589 { 590 char *tmp; 591 pid_t pid; 592 593 tmp = NULL; 594 pid = trussinfo->pid; 595 switch (sc->type & ARG_MASK) { 596 case Hex: 597 asprintf(&tmp, "0x%x", (int)args[sc->offset]); 598 break; 599 case Octal: 600 asprintf(&tmp, "0%o", (int)args[sc->offset]); 601 break; 602 case Int: 603 asprintf(&tmp, "%d", (int)args[sc->offset]); 604 break; 605 case Name: { 606 /* NULL-terminated string. */ 607 char *tmp2; 608 tmp2 = get_string(pid, (void*)args[sc->offset], 0); 609 asprintf(&tmp, "\"%s\"", tmp2); 610 free(tmp2); 611 break; 612 } 613 case BinString: { 614 /* Binary block of data that might have printable characters. 615 XXX If type|OUT, assume that the length is the syscall's 616 return value. Otherwise, assume that the length of the block 617 is in the next syscall argument. */ 618 int max_string = trussinfo->strsize; 619 char tmp2[max_string+1], *tmp3; 620 int len; 621 int truncated = 0; 622 623 if (sc->type & OUT) 624 len = retval; 625 else 626 len = args[sc->offset + 1]; 627 628 /* Don't print more than max_string characters, to avoid word 629 wrap. If we have to truncate put some ... after the string. 630 */ 631 if (len > max_string) { 632 len = max_string; 633 truncated = 1; 634 } 635 if (len && get_struct(pid, (void*)args[sc->offset], &tmp2, len) 636 != -1) { 637 tmp3 = malloc(len * 4 + 1); 638 while (len) { 639 if (strvisx(tmp3, tmp2, len, 640 VIS_CSTYLE|VIS_TAB|VIS_NL) <= max_string) 641 break; 642 len--; 643 truncated = 1; 644 }; 645 asprintf(&tmp, "\"%s\"%s", tmp3, truncated ? 646 "..." : ""); 647 free(tmp3); 648 } else { 649 asprintf(&tmp, "0x%lx", args[sc->offset]); 650 } 651 break; 652 } 653 case StringArray: { 654 int num, size, i; 655 char *tmp2; 656 char *string; 657 char *strarray[100]; /* XXX This is ugly. */ 658 659 if (get_struct(pid, (void *)args[sc->offset], 660 (void *)&strarray, sizeof(strarray)) == -1) 661 err(1, "get_struct %p", (void *)args[sc->offset]); 662 num = 0; 663 size = 0; 664 665 /* Find out how large of a buffer we'll need. */ 666 while (strarray[num] != NULL) { 667 string = get_string(pid, (void*)strarray[num], 0); 668 size += strlen(string); 669 free(string); 670 num++; 671 } 672 size += 4 + (num * 4); 673 tmp = (char *)malloc(size); 674 tmp2 = tmp; 675 676 tmp2 += sprintf(tmp2, " ["); 677 for (i = 0; i < num; i++) { 678 string = get_string(pid, (void*)strarray[i], 0); 679 tmp2 += sprintf(tmp2, " \"%s\"%c", string, 680 (i + 1 == num) ? ' ' : ','); 681 free(string); 682 } 683 tmp2 += sprintf(tmp2, "]"); 684 break; 685 } 686 #ifdef __LP64__ 687 case Quad: 688 asprintf(&tmp, "0x%lx", args[sc->offset]); 689 break; 690 #else 691 case Quad: { 692 unsigned long long ll; 693 ll = *(unsigned long long *)(args + sc->offset); 694 asprintf(&tmp, "0x%llx", ll); 695 break; 696 } 697 #endif 698 case Ptr: 699 asprintf(&tmp, "0x%lx", args[sc->offset]); 700 break; 701 case Readlinkres: { 702 char *tmp2; 703 if (retval == -1) { 704 tmp = strdup(""); 705 break; 706 } 707 tmp2 = get_string(pid, (void*)args[sc->offset], retval); 708 asprintf(&tmp, "\"%s\"", tmp2); 709 free(tmp2); 710 break; 711 } 712 case Ioctl: { 713 const char *temp = ioctlname(args[sc->offset]); 714 if (temp) 715 tmp = strdup(temp); 716 else { 717 unsigned long arg = args[sc->offset]; 718 asprintf(&tmp, "0x%lx { IO%s%s 0x%lx('%c'), %lu, %lu }", 719 arg, arg & IOC_OUT ? "R" : "", 720 arg & IOC_IN ? "W" : "", IOCGROUP(arg), 721 isprint(IOCGROUP(arg)) ? (char)IOCGROUP(arg) : '?', 722 arg & 0xFF, IOCPARM_LEN(arg)); 723 } 724 break; 725 } 726 case Umtx: { 727 struct umtx umtx; 728 if (get_struct(pid, (void *)args[sc->offset], &umtx, 729 sizeof(umtx)) != -1) 730 asprintf(&tmp, "{ 0x%lx }", (long)umtx.u_owner); 731 else 732 asprintf(&tmp, "0x%lx", args[sc->offset]); 733 break; 734 } 735 case Timespec: { 736 struct timespec ts; 737 if (get_struct(pid, (void *)args[sc->offset], &ts, 738 sizeof(ts)) != -1) 739 asprintf(&tmp, "{%ld.%09ld }", (long)ts.tv_sec, 740 ts.tv_nsec); 741 else 742 asprintf(&tmp, "0x%lx", args[sc->offset]); 743 break; 744 } 745 case Timeval: { 746 struct timeval tv; 747 if (get_struct(pid, (void *)args[sc->offset], &tv, sizeof(tv)) 748 != -1) 749 asprintf(&tmp, "{%ld.%06ld }", (long)tv.tv_sec, 750 tv.tv_usec); 751 else 752 asprintf(&tmp, "0x%lx", args[sc->offset]); 753 break; 754 } 755 case Timeval2: { 756 struct timeval tv[2]; 757 if (get_struct(pid, (void *)args[sc->offset], &tv, sizeof(tv)) 758 != -1) 759 asprintf(&tmp, "{%ld.%06ld, %ld.%06ld }", 760 (long)tv[0].tv_sec, tv[0].tv_usec, 761 (long)tv[1].tv_sec, tv[1].tv_usec); 762 else 763 asprintf(&tmp, "0x%lx", args[sc->offset]); 764 break; 765 } 766 case Itimerval: { 767 struct itimerval itv; 768 if (get_struct(pid, (void *)args[sc->offset], &itv, 769 sizeof(itv)) != -1) 770 asprintf(&tmp, "{%ld.%06ld, %ld.%06ld }", 771 (long)itv.it_interval.tv_sec, 772 itv.it_interval.tv_usec, 773 (long)itv.it_value.tv_sec, 774 itv.it_value.tv_usec); 775 else 776 asprintf(&tmp, "0x%lx", args[sc->offset]); 777 break; 778 } 779 case Pollfd: { 780 /* 781 * XXX: A Pollfd argument expects the /next/ syscall argument 782 * to be the number of fds in the array. This matches the poll 783 * syscall. 784 */ 785 struct pollfd *pfd; 786 int numfds = args[sc->offset+1]; 787 int bytes = sizeof(struct pollfd) * numfds; 788 int i, tmpsize, u, used; 789 const int per_fd = 100; 790 791 if ((pfd = malloc(bytes)) == NULL) 792 err(1, "Cannot malloc %d bytes for pollfd array", 793 bytes); 794 if (get_struct(pid, (void *)args[sc->offset], pfd, bytes) 795 != -1) { 796 used = 0; 797 tmpsize = 1 + per_fd * numfds + 2; 798 if ((tmp = malloc(tmpsize)) == NULL) 799 err(1, "Cannot alloc %d bytes for poll output", 800 tmpsize); 801 802 tmp[used++] = '{'; 803 for (i = 0; i < numfds; i++) { 804 805 u = snprintf(tmp + used, per_fd, "%s%d/%s", 806 i > 0 ? " " : "", pfd[i].fd, 807 xlookup_bits(poll_flags, pfd[i].events)); 808 if (u > 0) 809 used += u < per_fd ? u : per_fd; 810 } 811 tmp[used++] = '}'; 812 tmp[used++] = '\0'; 813 } else { 814 asprintf(&tmp, "0x%lx", args[sc->offset]); 815 } 816 free(pfd); 817 break; 818 } 819 case Fd_set: { 820 /* 821 * XXX: A Fd_set argument expects the /first/ syscall argument 822 * to be the number of fds in the array. This matches the 823 * select syscall. 824 */ 825 fd_set *fds; 826 int numfds = args[0]; 827 int bytes = _howmany(numfds, _NFDBITS) * _NFDBITS; 828 int i, tmpsize, u, used; 829 const int per_fd = 20; 830 831 if ((fds = malloc(bytes)) == NULL) 832 err(1, "Cannot malloc %d bytes for fd_set array", 833 bytes); 834 if (get_struct(pid, (void *)args[sc->offset], fds, bytes) 835 != -1) { 836 used = 0; 837 tmpsize = 1 + numfds * per_fd + 2; 838 if ((tmp = malloc(tmpsize)) == NULL) 839 err(1, "Cannot alloc %d bytes for fd_set " 840 "output", tmpsize); 841 842 tmp[used++] = '{'; 843 for (i = 0; i < numfds; i++) { 844 if (FD_ISSET(i, fds)) { 845 u = snprintf(tmp + used, per_fd, "%d ", 846 i); 847 if (u > 0) 848 used += u < per_fd ? u : per_fd; 849 } 850 } 851 if (tmp[used-1] == ' ') 852 used--; 853 tmp[used++] = '}'; 854 tmp[used++] = '\0'; 855 } else 856 asprintf(&tmp, "0x%lx", args[sc->offset]); 857 free(fds); 858 break; 859 } 860 case Signal: 861 tmp = strsig2(args[sc->offset]); 862 break; 863 case Sigset: { 864 long sig; 865 sigset_t ss; 866 int i, used; 867 char *signame; 868 869 sig = args[sc->offset]; 870 if (get_struct(pid, (void *)args[sc->offset], (void *)&ss, 871 sizeof(ss)) == -1) { 872 asprintf(&tmp, "0x%lx", args[sc->offset]); 873 break; 874 } 875 tmp = malloc(sys_nsig * 8); /* 7 bytes avg per signal name */ 876 used = 0; 877 for (i = 1; i < sys_nsig; i++) { 878 if (sigismember(&ss, i)) { 879 signame = strsig(i); 880 used += sprintf(tmp + used, "%s|", signame); 881 free(signame); 882 } 883 } 884 if (used) 885 tmp[used-1] = 0; 886 else 887 strcpy(tmp, "0x0"); 888 break; 889 } 890 case Sigprocmask: { 891 switch (args[sc->offset]) { 892 #define S(a) case a: tmp = strdup(#a); break; 893 S(SIG_BLOCK); 894 S(SIG_UNBLOCK); 895 S(SIG_SETMASK); 896 #undef S 897 } 898 if (tmp == NULL) 899 asprintf(&tmp, "0x%lx", args[sc->offset]); 900 break; 901 } 902 case Fcntlflag: { 903 /* XXX output depends on the value of the previous argument */ 904 switch (args[sc->offset-1]) { 905 case F_SETFD: 906 tmp = strdup(xlookup_bits(fcntlfd_arg, 907 args[sc->offset])); 908 break; 909 case F_SETFL: 910 tmp = strdup(xlookup_bits(fcntlfl_arg, 911 args[sc->offset])); 912 break; 913 case F_GETFD: 914 case F_GETFL: 915 case F_GETOWN: 916 tmp = strdup(""); 917 break; 918 default: 919 asprintf(&tmp, "0x%lx", args[sc->offset]); 920 break; 921 } 922 break; 923 } 924 case Open: 925 tmp = strdup(xlookup_bits(open_flags, args[sc->offset])); 926 break; 927 case Fcntl: 928 tmp = strdup(xlookup(fcntl_arg, args[sc->offset])); 929 break; 930 case Mprot: 931 tmp = strdup(xlookup_bits(mprot_flags, args[sc->offset])); 932 break; 933 case Mmapflags: { 934 char *base, *alignstr; 935 int align, flags; 936 937 /* 938 * MAP_ALIGNED can't be handled by xlookup_bits(), so 939 * generate that string manually and prepend it to the 940 * string from xlookup_bits(). Have to be careful to 941 * avoid outputting MAP_ALIGNED|0 if MAP_ALIGNED is 942 * the only flag. 943 */ 944 flags = args[sc->offset] & ~MAP_ALIGNMENT_MASK; 945 align = args[sc->offset] & MAP_ALIGNMENT_MASK; 946 if (align != 0) { 947 if (align == MAP_ALIGNED_SUPER) 948 alignstr = strdup("MAP_ALIGNED_SUPER"); 949 else 950 asprintf(&alignstr, "MAP_ALIGNED(%d)", 951 align >> MAP_ALIGNMENT_SHIFT); 952 if (flags == 0) { 953 tmp = alignstr; 954 break; 955 } 956 } else 957 alignstr = NULL; 958 base = strdup(xlookup_bits(mmap_flags, flags)); 959 if (alignstr == NULL) { 960 tmp = base; 961 break; 962 } 963 asprintf(&tmp, "%s|%s", alignstr, base); 964 free(alignstr); 965 free(base); 966 break; 967 } 968 case Whence: 969 tmp = strdup(xlookup(whence_arg, args[sc->offset])); 970 break; 971 case Sockdomain: 972 tmp = strdup(xlookup(sockdomain_arg, args[sc->offset])); 973 break; 974 case Socktype: 975 tmp = strdup(xlookup(socktype_arg, args[sc->offset])); 976 break; 977 case Shutdown: 978 tmp = strdup(xlookup(shutdown_arg, args[sc->offset])); 979 break; 980 case Resource: 981 tmp = strdup(xlookup(resource_arg, args[sc->offset])); 982 break; 983 case Pathconf: 984 tmp = strdup(xlookup(pathconf_arg, args[sc->offset])); 985 break; 986 case Rforkflags: 987 tmp = strdup(xlookup_bits(rfork_flags, args[sc->offset])); 988 break; 989 case Sockaddr: { 990 struct sockaddr_storage ss; 991 char addr[64]; 992 struct sockaddr_in *lsin; 993 struct sockaddr_in6 *lsin6; 994 struct sockaddr_un *sun; 995 struct sockaddr *sa; 996 char *p; 997 u_char *q; 998 int i; 999 1000 if (args[sc->offset] == 0) { 1001 asprintf(&tmp, "NULL"); 1002 break; 1003 } 1004 1005 /* yuck: get ss_len */ 1006 if (get_struct(pid, (void *)args[sc->offset], (void *)&ss, 1007 sizeof(ss.ss_len) + sizeof(ss.ss_family)) == -1) 1008 err(1, "get_struct %p", (void *)args[sc->offset]); 1009 /* 1010 * If ss_len is 0, then try to guess from the sockaddr type. 1011 * AF_UNIX may be initialized incorrectly, so always frob 1012 * it by using the "right" size. 1013 */ 1014 if (ss.ss_len == 0 || ss.ss_family == AF_UNIX) { 1015 switch (ss.ss_family) { 1016 case AF_INET: 1017 ss.ss_len = sizeof(*lsin); 1018 break; 1019 case AF_UNIX: 1020 ss.ss_len = sizeof(*sun); 1021 break; 1022 default: 1023 /* hurrrr */ 1024 break; 1025 } 1026 } 1027 if (get_struct(pid, (void *)args[sc->offset], (void *)&ss, 1028 ss.ss_len) == -1) { 1029 err(2, "get_struct %p", (void *)args[sc->offset]); 1030 } 1031 1032 switch (ss.ss_family) { 1033 case AF_INET: 1034 lsin = (struct sockaddr_in *)&ss; 1035 inet_ntop(AF_INET, &lsin->sin_addr, addr, sizeof addr); 1036 asprintf(&tmp, "{ AF_INET %s:%d }", addr, 1037 htons(lsin->sin_port)); 1038 break; 1039 case AF_INET6: 1040 lsin6 = (struct sockaddr_in6 *)&ss; 1041 inet_ntop(AF_INET6, &lsin6->sin6_addr, addr, 1042 sizeof addr); 1043 asprintf(&tmp, "{ AF_INET6 [%s]:%d }", addr, 1044 htons(lsin6->sin6_port)); 1045 break; 1046 case AF_UNIX: 1047 sun = (struct sockaddr_un *)&ss; 1048 asprintf(&tmp, "{ AF_UNIX \"%s\" }", sun->sun_path); 1049 break; 1050 default: 1051 sa = (struct sockaddr *)&ss; 1052 asprintf(&tmp, "{ sa_len = %d, sa_family = %d, sa_data " 1053 "= {%n%*s } }", (int)sa->sa_len, (int)sa->sa_family, 1054 &i, 6 * (int)(sa->sa_len - ((char *)&sa->sa_data - 1055 (char *)sa)), ""); 1056 if (tmp != NULL) { 1057 p = tmp + i; 1058 for (q = (u_char *)&sa->sa_data; 1059 q < (u_char *)sa + sa->sa_len; q++) 1060 p += sprintf(p, " %#02x,", *q); 1061 } 1062 } 1063 break; 1064 } 1065 case Sigaction: { 1066 struct sigaction sa; 1067 char *hand; 1068 const char *h; 1069 1070 if (get_struct(pid, (void *)args[sc->offset], &sa, sizeof(sa)) 1071 != -1) { 1072 asprintf(&hand, "%p", sa.sa_handler); 1073 if (sa.sa_handler == SIG_DFL) 1074 h = "SIG_DFL"; 1075 else if (sa.sa_handler == SIG_IGN) 1076 h = "SIG_IGN"; 1077 else 1078 h = hand; 1079 1080 asprintf(&tmp, "{ %s %s ss_t }", h, 1081 xlookup_bits(sigaction_flags, sa.sa_flags)); 1082 free(hand); 1083 } else 1084 asprintf(&tmp, "0x%lx", args[sc->offset]); 1085 break; 1086 } 1087 case Kevent: { 1088 /* 1089 * XXX XXX: the size of the array is determined by either the 1090 * next syscall argument, or by the syscall returnvalue, 1091 * depending on which argument number we are. This matches the 1092 * kevent syscall, but luckily that's the only syscall that uses 1093 * them. 1094 */ 1095 struct kevent *ke; 1096 int numevents = -1; 1097 int bytes = 0; 1098 int i, tmpsize, u, used; 1099 const int per_ke = 100; 1100 1101 if (sc->offset == 1) 1102 numevents = args[sc->offset+1]; 1103 else if (sc->offset == 3 && retval != -1) 1104 numevents = retval; 1105 1106 if (numevents >= 0) 1107 bytes = sizeof(struct kevent) * numevents; 1108 if ((ke = malloc(bytes)) == NULL) 1109 err(1, "Cannot malloc %d bytes for kevent array", 1110 bytes); 1111 if (numevents >= 0 && get_struct(pid, (void *)args[sc->offset], 1112 ke, bytes) != -1) { 1113 used = 0; 1114 tmpsize = 1 + per_ke * numevents + 2; 1115 if ((tmp = malloc(tmpsize)) == NULL) 1116 err(1, "Cannot alloc %d bytes for kevent " 1117 "output", tmpsize); 1118 1119 tmp[used++] = '{'; 1120 for (i = 0; i < numevents; i++) { 1121 u = snprintf(tmp + used, per_ke, 1122 "%s%p,%s,%s,%d,%p,%p", 1123 i > 0 ? " " : "", 1124 (void *)ke[i].ident, 1125 xlookup(kevent_filters, ke[i].filter), 1126 xlookup_bits(kevent_flags, ke[i].flags), 1127 ke[i].fflags, 1128 (void *)ke[i].data, 1129 (void *)ke[i].udata); 1130 if (u > 0) 1131 used += u < per_ke ? u : per_ke; 1132 } 1133 tmp[used++] = '}'; 1134 tmp[used++] = '\0'; 1135 } else { 1136 asprintf(&tmp, "0x%lx", args[sc->offset]); 1137 } 1138 free(ke); 1139 break; 1140 } 1141 case Stat: { 1142 struct stat st; 1143 if (get_struct(pid, (void *)args[sc->offset], &st, sizeof(st)) 1144 != -1) { 1145 char mode[12]; 1146 strmode(st.st_mode, mode); 1147 asprintf(&tmp, 1148 "{ mode=%s,inode=%jd,size=%jd,blksize=%ld }", mode, 1149 (intmax_t)st.st_ino, (intmax_t)st.st_size, 1150 (long)st.st_blksize); 1151 } else { 1152 asprintf(&tmp, "0x%lx", args[sc->offset]); 1153 } 1154 break; 1155 } 1156 case Rusage: { 1157 struct rusage ru; 1158 if (get_struct(pid, (void *)args[sc->offset], &ru, sizeof(ru)) 1159 != -1) { 1160 asprintf(&tmp, 1161 "{ u=%ld.%06ld,s=%ld.%06ld,in=%ld,out=%ld }", 1162 (long)ru.ru_utime.tv_sec, ru.ru_utime.tv_usec, 1163 (long)ru.ru_stime.tv_sec, ru.ru_stime.tv_usec, 1164 ru.ru_inblock, ru.ru_oublock); 1165 } else 1166 asprintf(&tmp, "0x%lx", args[sc->offset]); 1167 break; 1168 } 1169 case Rlimit: { 1170 struct rlimit rl; 1171 if (get_struct(pid, (void *)args[sc->offset], &rl, sizeof(rl)) 1172 != -1) { 1173 asprintf(&tmp, "{ cur=%ju,max=%ju }", 1174 rl.rlim_cur, rl.rlim_max); 1175 } else 1176 asprintf(&tmp, "0x%lx", args[sc->offset]); 1177 break; 1178 } 1179 case ExitStatus: { 1180 char *signame; 1181 int status; 1182 signame = NULL; 1183 if (get_struct(pid, (void *)args[sc->offset], &status, 1184 sizeof(status)) != -1) { 1185 if (WIFCONTINUED(status)) 1186 tmp = strdup("{ CONTINUED }"); 1187 else if (WIFEXITED(status)) 1188 asprintf(&tmp, "{ EXITED,val=%d }", 1189 WEXITSTATUS(status)); 1190 else if (WIFSIGNALED(status)) 1191 asprintf(&tmp, "{ SIGNALED,sig=%s%s }", 1192 signame = strsig2(WTERMSIG(status)), 1193 WCOREDUMP(status) ? ",cored" : ""); 1194 else 1195 asprintf(&tmp, "{ STOPPED,sig=%s }", 1196 signame = strsig2(WTERMSIG(status))); 1197 } else 1198 asprintf(&tmp, "0x%lx", args[sc->offset]); 1199 free(signame); 1200 break; 1201 } 1202 case Waitoptions: 1203 tmp = strdup(xlookup_bits(wait_options, args[sc->offset])); 1204 break; 1205 case Idtype: 1206 tmp = strdup(xlookup(idtype_arg, args[sc->offset])); 1207 break; 1208 case Procctl: 1209 tmp = strdup(xlookup(procctl_arg, args[sc->offset])); 1210 break; 1211 default: 1212 errx(1, "Invalid argument type %d\n", sc->type & ARG_MASK); 1213 } 1214 return (tmp); 1215 } 1216 1217 /* 1218 * print_syscall 1219 * Print (to outfile) the system call and its arguments. Note that 1220 * nargs is the number of arguments (not the number of words; this is 1221 * potentially confusing, I know). 1222 */ 1223 1224 void 1225 print_syscall(struct trussinfo *trussinfo, const char *name, int nargs, 1226 char **s_args) 1227 { 1228 struct timespec timediff; 1229 int i, len; 1230 1231 len = 0; 1232 if (trussinfo->flags & FOLLOWFORKS) 1233 len += fprintf(trussinfo->outfile, "%5d: ", trussinfo->pid); 1234 1235 if (name != NULL && (strcmp(name, "execve") == 0 || 1236 strcmp(name, "exit") == 0)) { 1237 clock_gettime(CLOCK_REALTIME, &trussinfo->curthread->after); 1238 } 1239 1240 if (trussinfo->flags & ABSOLUTETIMESTAMPS) { 1241 timespecsubt(&trussinfo->curthread->after, 1242 &trussinfo->start_time, &timediff); 1243 len += fprintf(trussinfo->outfile, "%ld.%09ld ", 1244 (long)timediff.tv_sec, timediff.tv_nsec); 1245 } 1246 1247 if (trussinfo->flags & RELATIVETIMESTAMPS) { 1248 timespecsubt(&trussinfo->curthread->after, 1249 &trussinfo->curthread->before, &timediff); 1250 len += fprintf(trussinfo->outfile, "%ld.%09ld ", 1251 (long)timediff.tv_sec, timediff.tv_nsec); 1252 } 1253 1254 len += fprintf(trussinfo->outfile, "%s(", name); 1255 1256 for (i = 0; i < nargs; i++) { 1257 if (s_args[i]) 1258 len += fprintf(trussinfo->outfile, "%s", s_args[i]); 1259 else 1260 len += fprintf(trussinfo->outfile, 1261 "<missing argument>"); 1262 len += fprintf(trussinfo->outfile, "%s", i < (nargs - 1) ? 1263 "," : ""); 1264 } 1265 len += fprintf(trussinfo->outfile, ")"); 1266 for (i = 0; i < 6 - (len / 8); i++) 1267 fprintf(trussinfo->outfile, "\t"); 1268 } 1269 1270 void 1271 print_syscall_ret(struct trussinfo *trussinfo, const char *name, int nargs, 1272 char **s_args, int errorp, long retval, struct syscall *sc) 1273 { 1274 struct timespec timediff; 1275 1276 if (trussinfo->flags & COUNTONLY) { 1277 if (!sc) 1278 return; 1279 clock_gettime(CLOCK_REALTIME, &trussinfo->curthread->after); 1280 timespecsubt(&trussinfo->curthread->after, 1281 &trussinfo->curthread->before, &timediff); 1282 timespecadd(&sc->time, &timediff, &sc->time); 1283 sc->ncalls++; 1284 if (errorp) 1285 sc->nerror++; 1286 return; 1287 } 1288 1289 print_syscall(trussinfo, name, nargs, s_args); 1290 fflush(trussinfo->outfile); 1291 if (errorp) 1292 fprintf(trussinfo->outfile, " ERR#%ld '%s'\n", retval, 1293 strerror(retval)); 1294 else { 1295 /* 1296 * Because pipe(2) has a special assembly glue to provide the 1297 * libc API, we have to adjust retval. 1298 */ 1299 if (name != NULL && strcmp(name, "pipe") == 0) 1300 retval = 0; 1301 fprintf(trussinfo->outfile, " = %ld (0x%lx)\n", retval, retval); 1302 } 1303 } 1304 1305 void 1306 print_summary(struct trussinfo *trussinfo) 1307 { 1308 struct timespec total = {0, 0}; 1309 struct syscall *sc; 1310 int ncall, nerror; 1311 1312 fprintf(trussinfo->outfile, "%-20s%15s%8s%8s\n", 1313 "syscall", "seconds", "calls", "errors"); 1314 ncall = nerror = 0; 1315 for (sc = syscalls; sc->name != NULL; sc++) 1316 if (sc->ncalls) { 1317 fprintf(trussinfo->outfile, "%-20s%5jd.%09ld%8d%8d\n", 1318 sc->name, (intmax_t)sc->time.tv_sec, 1319 sc->time.tv_nsec, sc->ncalls, sc->nerror); 1320 timespecadd(&total, &sc->time, &total); 1321 ncall += sc->ncalls; 1322 nerror += sc->nerror; 1323 } 1324 fprintf(trussinfo->outfile, "%20s%15s%8s%8s\n", 1325 "", "-------------", "-------", "-------"); 1326 fprintf(trussinfo->outfile, "%-20s%5jd.%09ld%8d%8d\n", 1327 "", (intmax_t)total.tv_sec, total.tv_nsec, ncall, nerror); 1328 } 1329