1 /*
2 * Copyright 1997 Sean Eric Fagan
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * 3. All advertising materials mentioning features or use of this software
13 * must display the following acknowledgement:
14 * This product includes software developed by Sean Eric Fagan
15 * 4. Neither the name of the author may be used to endorse or promote
16 * products derived from this software without specific prior written
17 * permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 #ifndef lint
33 static const char rcsid[] =
34 "$FreeBSD: stable/9/usr.bin/truss/syscalls.c 260208 2014-01-02 21:57:03Z jhb $";
35 #endif /* not lint */
36
37 /*
38 * This file has routines used to print out system calls and their
39 * arguments.
40 */
41
42 #include <sys/types.h>
43 #include <sys/mman.h>
44 #include <sys/procctl.h>
45 #include <sys/ptrace.h>
46 #include <sys/socket.h>
47 #include <sys/time.h>
48 #include <sys/un.h>
49 #include <sys/wait.h>
50 #include <netinet/in.h>
51 #include <arpa/inet.h>
52 #include <sys/ioccom.h>
53 #include <machine/atomic.h>
54 #include <errno.h>
55 #include <sys/umtx.h>
56 #include <sys/event.h>
57 #include <sys/stat.h>
58 #include <sys/resource.h>
59
60 #include <ctype.h>
61 #include <err.h>
62 #include <fcntl.h>
63 #include <poll.h>
64 #include <signal.h>
65 #include <stdint.h>
66 #include <stdio.h>
67 #include <stdlib.h>
68 #include <string.h>
69 #include <time.h>
70 #include <unistd.h>
71 #include <vis.h>
72
73 #include "truss.h"
74 #include "extern.h"
75 #include "syscall.h"
76
77 /* 64-bit alignment on 32-bit platforms. */
78 #ifdef __powerpc__
79 #define QUAD_ALIGN 1
80 #else
81 #define QUAD_ALIGN 0
82 #endif
83
84 /* Number of slots needed for a 64-bit argument. */
85 #ifdef __LP64__
86 #define QUAD_SLOTS 1
87 #else
88 #define QUAD_SLOTS 2
89 #endif
90
91 /*
92 * This should probably be in its own file, sorted alphabetically.
93 */
94 struct syscall syscalls[] = {
95 { .name = "fcntl", .ret_type = 1, .nargs = 3,
96 .args = { { Int, 0 } , { Fcntl, 1 }, { Fcntlflag | OUT, 2 } } },
97 { .name = "fork", .ret_type = 1, .nargs = 0 },
98 { .name = "vfork", .ret_type = 1, .nargs = 0 },
99 { .name = "rfork", .ret_type = 1, .nargs = 1,
100 .args = { { Rforkflags, 0 } } },
101 { .name = "getegid", .ret_type = 1, .nargs = 0 },
102 { .name = "geteuid", .ret_type = 1, .nargs = 0 },
103 { .name = "getgid", .ret_type = 1, .nargs = 0 },
104 { .name = "getpid", .ret_type = 1, .nargs = 0 },
105 { .name = "getpgid", .ret_type = 1, .nargs = 1,
106 .args = { { Int, 0 } } },
107 { .name = "getpgrp", .ret_type = 1, .nargs = 0 },
108 { .name = "getppid", .ret_type = 1, .nargs = 0 },
109 { .name = "getsid", .ret_type = 1, .nargs = 1,
110 .args = { { Int, 0 } } },
111 { .name = "getuid", .ret_type = 1, .nargs = 0 },
112 { .name = "readlink", .ret_type = 1, .nargs = 3,
113 .args = { { Name, 0 } , { Readlinkres | OUT, 1 }, { Int, 2 } } },
114 { .name = "lseek", .ret_type = 2, .nargs = 3,
115 .args = { { Int, 0 }, { Quad, 1 + QUAD_ALIGN }, { Whence, 1 + QUAD_SLOTS + QUAD_ALIGN } } },
116 { .name = "linux_lseek", .ret_type = 2, .nargs = 3,
117 .args = { { Int, 0 }, { Int, 1 }, { Whence, 2 } } },
118 { .name = "mmap", .ret_type = 2, .nargs = 6,
119 .args = { { Ptr, 0 }, { Int, 1 }, { Mprot, 2 }, { Mmapflags, 3 }, { Int, 4 }, { Quad, 5 + QUAD_ALIGN } } },
120 { .name = "mprotect", .ret_type = 1, .nargs = 3,
121 .args = { { Ptr, 0 }, { Int, 1 }, { Mprot, 2 } } },
122 { .name = "open", .ret_type = 1, .nargs = 3,
123 .args = { { Name | IN, 0 } , { Open, 1 }, { Octal, 2 } } },
124 { .name = "mkdir", .ret_type = 1, .nargs = 2,
125 .args = { { Name, 0 } , { Octal, 1 } } },
126 { .name = "linux_open", .ret_type = 1, .nargs = 3,
127 .args = { { Name, 0 }, { Hex, 1 }, { Octal, 2 } } },
128 { .name = "close", .ret_type = 1, .nargs = 1,
129 .args = { { Int, 0 } } },
130 { .name = "link", .ret_type = 0, .nargs = 2,
131 .args = { { Name, 0 }, { Name, 1 } } },
132 { .name = "unlink", .ret_type = 0, .nargs = 1,
133 .args = { { Name, 0 } } },
134 { .name = "chdir", .ret_type = 0, .nargs = 1,
135 .args = { { Name, 0 } } },
136 { .name = "chroot", .ret_type = 0, .nargs = 1,
137 .args = { { Name, 0 } } },
138 { .name = "mknod", .ret_type = 0, .nargs = 3,
139 .args = { { Name, 0 }, { Octal, 1 }, { Int, 3 } } },
140 { .name = "chmod", .ret_type = 0, .nargs = 2,
141 .args = { { Name, 0 }, { Octal, 1 } } },
142 { .name = "chown", .ret_type = 0, .nargs = 3,
143 .args = { { Name, 0 }, { Int, 1 }, { Int, 2 } } },
144 { .name = "mount", .ret_type = 0, .nargs = 4,
145 .args = { { Name, 0 }, { Name, 1 }, { Int, 2 }, { Ptr, 3 } } },
146 { .name = "umount", .ret_type = 0, .nargs = 2,
147 .args = { { Name, 0 }, { Int, 2 } } },
148 { .name = "fstat", .ret_type = 1, .nargs = 2,
149 .args = { { Int, 0 }, { Stat | OUT , 1 } } },
150 { .name = "stat", .ret_type = 1, .nargs = 2,
151 .args = { { Name | IN, 0 }, { Stat | OUT, 1 } } },
152 { .name = "lstat", .ret_type = 1, .nargs = 2,
153 .args = { { Name | IN, 0 }, { Stat | OUT, 1 } } },
154 { .name = "linux_newstat", .ret_type = 1, .nargs = 2,
155 .args = { { Name | IN, 0 }, { Ptr | OUT, 1 } } },
156 { .name = "linux_newfstat", .ret_type = 1, .nargs = 2,
157 .args = { { Int, 0 }, { Ptr | OUT, 1 } } },
158 { .name = "write", .ret_type = 1, .nargs = 3,
159 .args = { { Int, 0 }, { BinString | IN, 1 }, { Int, 2 } } },
160 { .name = "ioctl", .ret_type = 1, .nargs = 3,
161 .args = { { Int, 0 }, { Ioctl, 1 }, { Hex, 2 } } },
162 { .name = "break", .ret_type = 1, .nargs = 1,
163 .args = { { Ptr, 0 } } },
164 { .name = "exit", .ret_type = 0, .nargs = 1,
165 .args = { { Hex, 0 } } },
166 { .name = "access", .ret_type = 1, .nargs = 2,
167 .args = { { Name | IN, 0 }, { Int, 1 } } },
168 { .name = "sigaction", .ret_type = 1, .nargs = 3,
169 .args = { { Signal, 0 }, { Sigaction | IN, 1 }, { Sigaction | OUT, 2 } } },
170 { .name = "accept", .ret_type = 1, .nargs = 3,
171 .args = { { Int, 0 }, { Sockaddr | OUT, 1 }, { Ptr | OUT, 2 } } },
172 { .name = "bind", .ret_type = 1, .nargs = 3,
173 .args = { { Int, 0 }, { Sockaddr | IN, 1 }, { Int, 2 } } },
174 { .name = "connect", .ret_type = 1, .nargs = 3,
175 .args = { { Int, 0 }, { Sockaddr | IN, 1 }, { Int, 2 } } },
176 { .name = "getpeername", .ret_type = 1, .nargs = 3,
177 .args = { { Int, 0 }, { Sockaddr | OUT, 1 }, { Ptr | OUT, 2 } } },
178 { .name = "getsockname", .ret_type = 1, .nargs = 3,
179 .args = { { Int, 0 }, { Sockaddr | OUT, 1 }, { Ptr | OUT, 2 } } },
180 { .name = "recvfrom", .ret_type = 1, .nargs = 6,
181 .args = { { Int, 0 }, { BinString | OUT, 1 }, { Int, 2 }, { Hex, 3 }, { Sockaddr | OUT, 4 }, { Ptr | OUT, 5 } } },
182 { .name = "sendto", .ret_type = 1, .nargs = 6,
183 .args = { { Int, 0 }, { BinString | IN, 1 }, { Int, 2 }, { Hex, 3 }, { Sockaddr | IN, 4 }, { Ptr | IN, 5 } } },
184 { .name = "execve", .ret_type = 1, .nargs = 3,
185 .args = { { Name | IN, 0 }, { StringArray | IN, 1 }, { StringArray | IN, 2 } } },
186 { .name = "linux_execve", .ret_type = 1, .nargs = 3,
187 .args = { { Name | IN, 0 }, { StringArray | IN, 1 }, { StringArray | IN, 2 } } },
188 { .name = "kldload", .ret_type = 0, .nargs = 1,
189 .args = { { Name | IN, 0 } } },
190 { .name = "kldunload", .ret_type = 0, .nargs = 1,
191 .args = { { Int, 0 } } },
192 { .name = "kldfind", .ret_type = 0, .nargs = 1,
193 .args = { { Name | IN, 0 } } },
194 { .name = "kldnext", .ret_type = 0, .nargs = 1,
195 .args = { { Int, 0 } } },
196 { .name = "kldstat", .ret_type = 0, .nargs = 2,
197 .args = { { Int, 0 }, { Ptr, 1 } } },
198 { .name = "kldfirstmod", .ret_type = 0, .nargs = 1,
199 .args = { { Int, 0 } } },
200 { .name = "nanosleep", .ret_type = 0, .nargs = 1,
201 .args = { { Timespec, 0 } } },
202 { .name = "select", .ret_type = 1, .nargs = 5,
203 .args = { { Int, 0 }, { Fd_set, 1 }, { Fd_set, 2 }, { Fd_set, 3 }, { Timeval, 4 } } },
204 { .name = "poll", .ret_type = 1, .nargs = 3,
205 .args = { { Pollfd, 0 }, { Int, 1 }, { Int, 2 } } },
206 { .name = "gettimeofday", .ret_type = 1, .nargs = 2,
207 .args = { { Timeval | OUT, 0 }, { Ptr, 1 } } },
208 { .name = "clock_gettime", .ret_type = 1, .nargs = 2,
209 .args = { { Int, 0 }, { Timespec | OUT, 1 } } },
210 { .name = "getitimer", .ret_type = 1, .nargs = 2,
211 .args = { { Int, 0 }, { Itimerval | OUT, 2 } } },
212 { .name = "setitimer", .ret_type = 1, .nargs = 3,
213 .args = { { Int, 0 }, { Itimerval, 1 } , { Itimerval | OUT, 2 } } },
214 { .name = "kse_release", .ret_type = 0, .nargs = 1,
215 .args = { { Timespec, 0 } } },
216 { .name = "kevent", .ret_type = 0, .nargs = 6,
217 .args = { { Int, 0 }, { Kevent, 1 }, { Int, 2 }, { Kevent | OUT, 3 }, { Int, 4 }, { Timespec, 5 } } },
218 { .name = "_umtx_lock", .ret_type = 0, .nargs = 1,
219 .args = { { Umtx, 0 } } },
220 { .name = "_umtx_unlock", .ret_type = 0, .nargs = 1,
221 .args = { { Umtx, 0 } } },
222 { .name = "sigprocmask", .ret_type = 0, .nargs = 3,
223 .args = { { Sigprocmask, 0 }, { Sigset, 1 }, { Sigset | OUT, 2 } } },
224 { .name = "unmount", .ret_type = 1, .nargs = 2,
225 .args = { { Name, 0 }, { Int, 1 } } },
226 { .name = "socket", .ret_type = 1, .nargs = 3,
227 .args = { { Sockdomain, 0 }, { Socktype, 1 }, { Int, 2 } } },
228 { .name = "getrusage", .ret_type = 1, .nargs = 2,
229 .args = { { Int, 0 }, { Rusage | OUT, 1 } } },
230 { .name = "__getcwd", .ret_type = 1, .nargs = 2,
231 .args = { { Name | OUT, 0 }, { Int, 1 } } },
232 { .name = "shutdown", .ret_type = 1, .nargs = 2,
233 .args = { { Int, 0 }, { Shutdown, 1 } } },
234 { .name = "getrlimit", .ret_type = 1, .nargs = 2,
235 .args = { { Resource, 0 }, { Rlimit | OUT, 1 } } },
236 { .name = "setrlimit", .ret_type = 1, .nargs = 2,
237 .args = { { Resource, 0 }, { Rlimit | IN, 1 } } },
238 { .name = "utimes", .ret_type = 1, .nargs = 2,
239 .args = { { Name | IN, 0 }, { Timeval2 | IN, 1 } } },
240 { .name = "lutimes", .ret_type = 1, .nargs = 2,
241 .args = { { Name | IN, 0 }, { Timeval2 | IN, 1 } } },
242 { .name = "futimes", .ret_type = 1, .nargs = 2,
243 .args = { { Int, 0 }, { Timeval | IN, 1 } } },
244 { .name = "chflags", .ret_type = 1, .nargs = 2,
245 .args = { { Name | IN, 0 }, { Hex, 1 } } },
246 { .name = "lchflags", .ret_type = 1, .nargs = 2,
247 .args = { { Name | IN, 0 }, { Hex, 1 } } },
248 { .name = "pathconf", .ret_type = 1, .nargs = 2,
249 .args = { { Name | IN, 0 }, { Pathconf, 1 } } },
250 { .name = "pipe", .ret_type = 1, .nargs = 1,
251 .args = { { Ptr, 0 } } },
252 { .name = "truncate", .ret_type = 1, .nargs = 3,
253 .args = { { Name | IN, 0 }, { Int | IN, 1 }, { Quad | IN, 2 } } },
254 { .name = "ftruncate", .ret_type = 1, .nargs = 3,
255 .args = { { Int | IN, 0 }, { Int | IN, 1 }, { Quad | IN, 2 } } },
256 { .name = "kill", .ret_type = 1, .nargs = 2,
257 .args = { { Int | IN, 0 }, { Signal | IN, 1 } } },
258 { .name = "munmap", .ret_type = 1, .nargs = 2,
259 .args = { { Ptr, 0 }, { Int, 1 } } },
260 { .name = "read", .ret_type = 1, .nargs = 3,
261 .args = { { Int, 0 }, { BinString | OUT, 1 }, { Int, 2 } } },
262 { .name = "rename", .ret_type = 1, .nargs = 2,
263 .args = { { Name , 0 } , { Name, 1 } } },
264 { .name = "symlink", .ret_type = 1, .nargs = 2,
265 .args = { { Name , 0 } , { Name, 1 } } },
266 { .name = "posix_openpt", .ret_type = 1, .nargs = 1,
267 .args = { { Open, 0 } } },
268 { .name = "wait4", .ret_type = 1, .nargs = 4,
269 .args = { { Int, 0 }, { ExitStatus | OUT, 1 }, { Waitoptions, 2 },
270 { Rusage | OUT, 3 } } },
271 { .name = "wait6", .ret_type = 1, .nargs = 6,
272 .args = { { Idtype, 0 }, { Int, 1 }, { ExitStatus | OUT, 2 },
273 { Waitoptions, 3 }, { Rusage | OUT, 4 }, { Ptr, 5 } } },
274 { .name = "procctl", .ret_type = 1, .nargs = 4,
275 .args = { { Idtype, 0 }, { Int, 1 }, { Procctl, 2 }, { Ptr, 3 } } },
276 { .name = 0 },
277 };
278
279 /* Xlat idea taken from strace */
280 struct xlat {
281 int val;
282 const char *str;
283 };
284
285 #define X(a) { a, #a },
286 #define XEND { 0, NULL }
287
288 static struct xlat kevent_filters[] = {
289 X(EVFILT_READ) X(EVFILT_WRITE) X(EVFILT_AIO) X(EVFILT_VNODE)
290 X(EVFILT_PROC) X(EVFILT_SIGNAL) X(EVFILT_TIMER)
291 X(EVFILT_FS) X(EVFILT_READ) XEND
292 };
293
294 static struct xlat kevent_flags[] = {
295 X(EV_ADD) X(EV_DELETE) X(EV_ENABLE) X(EV_DISABLE) X(EV_ONESHOT)
296 X(EV_CLEAR) X(EV_FLAG1) X(EV_ERROR) X(EV_EOF) XEND
297 };
298
299 struct xlat poll_flags[] = {
300 X(POLLSTANDARD) X(POLLIN) X(POLLPRI) X(POLLOUT) X(POLLERR)
301 X(POLLHUP) X(POLLNVAL) X(POLLRDNORM) X(POLLRDBAND)
302 X(POLLWRBAND) X(POLLINIGNEOF) XEND
303 };
304
305 static struct xlat mmap_flags[] = {
306 X(MAP_SHARED) X(MAP_PRIVATE) X(MAP_FIXED) X(MAP_RENAME)
307 X(MAP_NORESERVE) X(MAP_RESERVED0080) X(MAP_RESERVED0100)
308 X(MAP_HASSEMAPHORE) X(MAP_STACK) X(MAP_NOSYNC) X(MAP_ANON)
309 X(MAP_NOCORE) X(MAP_PREFAULT_READ) XEND
310 };
311
312 static struct xlat mprot_flags[] = {
313 X(PROT_NONE) X(PROT_READ) X(PROT_WRITE) X(PROT_EXEC) XEND
314 };
315
316 static struct xlat whence_arg[] = {
317 X(SEEK_SET) X(SEEK_CUR) X(SEEK_END) XEND
318 };
319
320 static struct xlat sigaction_flags[] = {
321 X(SA_ONSTACK) X(SA_RESTART) X(SA_RESETHAND) X(SA_NOCLDSTOP)
322 X(SA_NODEFER) X(SA_NOCLDWAIT) X(SA_SIGINFO) XEND
323 };
324
325 static struct xlat fcntl_arg[] = {
326 X(F_DUPFD) X(F_GETFD) X(F_SETFD) X(F_GETFL) X(F_SETFL)
327 X(F_GETOWN) X(F_SETOWN) X(F_GETLK) X(F_SETLK) X(F_SETLKW) XEND
328 };
329
330 static struct xlat fcntlfd_arg[] = {
331 X(FD_CLOEXEC) XEND
332 };
333
334 static struct xlat fcntlfl_arg[] = {
335 X(O_APPEND) X(O_ASYNC) X(O_FSYNC) X(O_NONBLOCK) X(O_NOFOLLOW)
336 X(O_DIRECT) XEND
337 };
338
339 static struct xlat sockdomain_arg[] = {
340 X(PF_UNSPEC) X(PF_LOCAL) X(PF_UNIX) X(PF_INET) X(PF_IMPLINK)
341 X(PF_PUP) X(PF_CHAOS) X(PF_NETBIOS) X(PF_ISO) X(PF_OSI)
342 X(PF_ECMA) X(PF_DATAKIT) X(PF_CCITT) X(PF_SNA) X(PF_DECnet)
343 X(PF_DLI) X(PF_LAT) X(PF_HYLINK) X(PF_APPLETALK) X(PF_ROUTE)
344 X(PF_LINK) X(PF_XTP) X(PF_COIP) X(PF_CNT) X(PF_SIP) X(PF_IPX)
345 X(PF_RTIP) X(PF_PIP) X(PF_ISDN) X(PF_KEY) X(PF_INET6)
346 X(PF_NATM) X(PF_ATM) X(PF_NETGRAPH) X(PF_SLOW) X(PF_SCLUSTER)
347 X(PF_ARP) X(PF_BLUETOOTH) XEND
348 };
349
350 static struct xlat socktype_arg[] = {
351 X(SOCK_STREAM) X(SOCK_DGRAM) X(SOCK_RAW) X(SOCK_RDM)
352 X(SOCK_SEQPACKET) XEND
353 };
354
355 static struct xlat open_flags[] = {
356 X(O_RDONLY) X(O_WRONLY) X(O_RDWR) X(O_ACCMODE) X(O_NONBLOCK)
357 X(O_APPEND) X(O_SHLOCK) X(O_EXLOCK) X(O_ASYNC) X(O_FSYNC)
358 X(O_NOFOLLOW) X(O_CREAT) X(O_TRUNC) X(O_EXCL) X(O_NOCTTY)
359 X(O_DIRECT) X(O_DIRECTORY) X(O_EXEC) X(O_TTY_INIT) X(O_CLOEXEC) XEND
360 };
361
362 static struct xlat shutdown_arg[] = {
363 X(SHUT_RD) X(SHUT_WR) X(SHUT_RDWR) XEND
364 };
365
366 static struct xlat resource_arg[] = {
367 X(RLIMIT_CPU) X(RLIMIT_FSIZE) X(RLIMIT_DATA) X(RLIMIT_STACK)
368 X(RLIMIT_CORE) X(RLIMIT_RSS) X(RLIMIT_MEMLOCK) X(RLIMIT_NPROC)
369 X(RLIMIT_NOFILE) X(RLIMIT_SBSIZE) X(RLIMIT_VMEM) XEND
370 };
371
372 static struct xlat pathconf_arg[] = {
373 X(_PC_LINK_MAX) X(_PC_MAX_CANON) X(_PC_MAX_INPUT)
374 X(_PC_NAME_MAX) X(_PC_PATH_MAX) X(_PC_PIPE_BUF)
375 X(_PC_CHOWN_RESTRICTED) X(_PC_NO_TRUNC) X(_PC_VDISABLE)
376 X(_PC_ASYNC_IO) X(_PC_PRIO_IO) X(_PC_SYNC_IO)
377 X(_PC_ALLOC_SIZE_MIN) X(_PC_FILESIZEBITS)
378 X(_PC_REC_INCR_XFER_SIZE) X(_PC_REC_MAX_XFER_SIZE)
379 X(_PC_REC_MIN_XFER_SIZE) X(_PC_REC_XFER_ALIGN)
380 X(_PC_SYMLINK_MAX) X(_PC_ACL_EXTENDED) X(_PC_ACL_PATH_MAX)
381 X(_PC_CAP_PRESENT) X(_PC_INF_PRESENT) X(_PC_MAC_PRESENT)
382 XEND
383 };
384
385 static struct xlat rfork_flags[] = {
386 X(RFPROC) X(RFNOWAIT) X(RFFDG) X(RFCFDG) X(RFTHREAD) X(RFMEM)
387 X(RFSIGSHARE) X(RFTSIGZMB) X(RFLINUXTHPN) XEND
388 };
389
390 static struct xlat wait_options[] = {
391 X(WNOHANG) X(WUNTRACED) X(WCONTINUED) X(WNOWAIT) X(WEXITED)
392 X(WTRAPPED) XEND
393 };
394
395 static struct xlat idtype_arg[] = {
396 X(P_PID) X(P_PPID) X(P_PGID) X(P_SID) X(P_CID) X(P_UID) X(P_GID)
397 X(P_ALL) X(P_LWPID) X(P_TASKID) X(P_PROJID) X(P_POOLID) X(P_JAILID)
398 X(P_CTID) X(P_CPUID) X(P_PSETID) XEND
399 };
400
401 static struct xlat procctl_arg[] = {
402 X(PROC_SPROTECT) XEND
403 };
404
405 #undef X
406 #undef XEND
407
408 /*
409 * Searches an xlat array for a value, and returns it if found. Otherwise
410 * return a string representation.
411 */
412 static const char *
lookup(struct xlat * xlat,int val,int base)413 lookup(struct xlat *xlat, int val, int base)
414 {
415 static char tmp[16];
416
417 for (; xlat->str != NULL; xlat++)
418 if (xlat->val == val)
419 return (xlat->str);
420 switch (base) {
421 case 8:
422 sprintf(tmp, "0%o", val);
423 break;
424 case 16:
425 sprintf(tmp, "0x%x", val);
426 break;
427 case 10:
428 sprintf(tmp, "%u", val);
429 break;
430 default:
431 errx(1,"Unknown lookup base");
432 break;
433 }
434 return (tmp);
435 }
436
437 static const char *
xlookup(struct xlat * xlat,int val)438 xlookup(struct xlat *xlat, int val)
439 {
440
441 return (lookup(xlat, val, 16));
442 }
443
444 /* Searches an xlat array containing bitfield values. Remaining bits
445 set after removing the known ones are printed at the end:
446 IN|0x400 */
447 static char *
xlookup_bits(struct xlat * xlat,int val)448 xlookup_bits(struct xlat *xlat, int val)
449 {
450 int len, rem;
451 static char str[512];
452
453 len = 0;
454 rem = val;
455 for (; xlat->str != NULL; xlat++) {
456 if ((xlat->val & rem) == xlat->val) {
457 /* don't print the "all-bits-zero" string unless all
458 bits are really zero */
459 if (xlat->val == 0 && val != 0)
460 continue;
461 len += sprintf(str + len, "%s|", xlat->str);
462 rem &= ~(xlat->val);
463 }
464 }
465 /* if we have leftover bits or didn't match anything */
466 if (rem || len == 0)
467 len += sprintf(str + len, "0x%x", rem);
468 if (len && str[len - 1] == '|')
469 len--;
470 str[len] = 0;
471 return (str);
472 }
473
474 /*
475 * If/when the list gets big, it might be desirable to do it
476 * as a hash table or binary search.
477 */
478
479 struct syscall *
get_syscall(const char * name)480 get_syscall(const char *name)
481 {
482 struct syscall *sc;
483
484 sc = syscalls;
485 if (name == NULL)
486 return (NULL);
487 while (sc->name) {
488 if (strcmp(name, sc->name) == 0)
489 return (sc);
490 sc++;
491 }
492 return (NULL);
493 }
494
495 /*
496 * get_struct
497 *
498 * Copy a fixed amount of bytes from the process.
499 */
500
501 static int
get_struct(pid_t pid,void * offset,void * buf,int len)502 get_struct(pid_t pid, void *offset, void *buf, int len)
503 {
504 struct ptrace_io_desc iorequest;
505
506 iorequest.piod_op = PIOD_READ_D;
507 iorequest.piod_offs = offset;
508 iorequest.piod_addr = buf;
509 iorequest.piod_len = len;
510 if (ptrace(PT_IO, pid, (caddr_t)&iorequest, 0) < 0)
511 return (-1);
512 return (0);
513 }
514
515 #define MAXSIZE 4096
516 #define BLOCKSIZE 1024
517 /*
518 * get_string
519 * Copy a string from the process. Note that it is
520 * expected to be a C string, but if max is set, it will
521 * only get that much.
522 */
523
524 static char *
get_string(pid_t pid,void * offset,int max)525 get_string(pid_t pid, void *offset, int max)
526 {
527 struct ptrace_io_desc iorequest;
528 char *buf;
529 int diff, i, size, totalsize;
530
531 diff = 0;
532 totalsize = size = max ? (max + 1) : BLOCKSIZE;
533 buf = malloc(totalsize);
534 if (buf == NULL)
535 return (NULL);
536 for (;;) {
537 diff = totalsize - size;
538 iorequest.piod_op = PIOD_READ_D;
539 iorequest.piod_offs = (char *)offset + diff;
540 iorequest.piod_addr = buf + diff;
541 iorequest.piod_len = size;
542 if (ptrace(PT_IO, pid, (caddr_t)&iorequest, 0) < 0) {
543 free(buf);
544 return (NULL);
545 }
546 for (i = 0 ; i < size; i++) {
547 if (buf[diff + i] == '\0')
548 return (buf);
549 }
550 if (totalsize < MAXSIZE - BLOCKSIZE && max == 0) {
551 totalsize += BLOCKSIZE;
552 buf = realloc(buf, totalsize);
553 size = BLOCKSIZE;
554 } else {
555 buf[totalsize - 1] = '\0';
556 return (buf);
557 }
558 }
559 }
560
561 static char *
strsig2(int sig)562 strsig2(int sig)
563 {
564 char *tmp;
565
566 tmp = strsig(sig);
567 if (tmp == NULL)
568 asprintf(&tmp, "%d", sig);
569 return (tmp);
570 }
571
572 /*
573 * print_arg
574 * Converts a syscall argument into a string. Said string is
575 * allocated via malloc(), so needs to be free()'d. The file
576 * descriptor is for the process' memory (via /proc), and is used
577 * to get any data (where the argument is a pointer). sc is
578 * a pointer to the syscall description (see above); args is
579 * an array of all of the system call arguments.
580 */
581
582 char *
print_arg(struct syscall_args * sc,unsigned long * args,long retval,struct trussinfo * trussinfo)583 print_arg(struct syscall_args *sc, unsigned long *args, long retval,
584 struct trussinfo *trussinfo)
585 {
586 char *tmp;
587 pid_t pid;
588
589 tmp = NULL;
590 pid = trussinfo->pid;
591 switch (sc->type & ARG_MASK) {
592 case Hex:
593 asprintf(&tmp, "0x%x", (int)args[sc->offset]);
594 break;
595 case Octal:
596 asprintf(&tmp, "0%o", (int)args[sc->offset]);
597 break;
598 case Int:
599 asprintf(&tmp, "%d", (int)args[sc->offset]);
600 break;
601 case Name: {
602 /* NULL-terminated string. */
603 char *tmp2;
604 tmp2 = get_string(pid, (void*)args[sc->offset], 0);
605 asprintf(&tmp, "\"%s\"", tmp2);
606 free(tmp2);
607 break;
608 }
609 case BinString: {
610 /* Binary block of data that might have printable characters.
611 XXX If type|OUT, assume that the length is the syscall's
612 return value. Otherwise, assume that the length of the block
613 is in the next syscall argument. */
614 int max_string = trussinfo->strsize;
615 char tmp2[max_string+1], *tmp3;
616 int len;
617 int truncated = 0;
618
619 if (sc->type & OUT)
620 len = retval;
621 else
622 len = args[sc->offset + 1];
623
624 /* Don't print more than max_string characters, to avoid word
625 wrap. If we have to truncate put some ... after the string.
626 */
627 if (len > max_string) {
628 len = max_string;
629 truncated = 1;
630 }
631 if (len && get_struct(pid, (void*)args[sc->offset], &tmp2, len)
632 != -1) {
633 tmp3 = malloc(len * 4 + 1);
634 while (len) {
635 if (strvisx(tmp3, tmp2, len,
636 VIS_CSTYLE|VIS_TAB|VIS_NL) <= max_string)
637 break;
638 len--;
639 truncated = 1;
640 };
641 asprintf(&tmp, "\"%s\"%s", tmp3, truncated ?
642 "..." : "");
643 free(tmp3);
644 } else {
645 asprintf(&tmp, "0x%lx", args[sc->offset]);
646 }
647 break;
648 }
649 case StringArray: {
650 int num, size, i;
651 char *tmp2;
652 char *string;
653 char *strarray[100]; /* XXX This is ugly. */
654
655 if (get_struct(pid, (void *)args[sc->offset],
656 (void *)&strarray, sizeof(strarray)) == -1)
657 err(1, "get_struct %p", (void *)args[sc->offset]);
658 num = 0;
659 size = 0;
660
661 /* Find out how large of a buffer we'll need. */
662 while (strarray[num] != NULL) {
663 string = get_string(pid, (void*)strarray[num], 0);
664 size += strlen(string);
665 free(string);
666 num++;
667 }
668 size += 4 + (num * 4);
669 tmp = (char *)malloc(size);
670 tmp2 = tmp;
671
672 tmp2 += sprintf(tmp2, " [");
673 for (i = 0; i < num; i++) {
674 string = get_string(pid, (void*)strarray[i], 0);
675 tmp2 += sprintf(tmp2, " \"%s\"%c", string,
676 (i + 1 == num) ? ' ' : ',');
677 free(string);
678 }
679 tmp2 += sprintf(tmp2, "]");
680 break;
681 }
682 #ifdef __LP64__
683 case Quad:
684 asprintf(&tmp, "0x%lx", args[sc->offset]);
685 break;
686 #else
687 case Quad: {
688 unsigned long long ll;
689 ll = *(unsigned long long *)(args + sc->offset);
690 asprintf(&tmp, "0x%llx", ll);
691 break;
692 }
693 #endif
694 case Ptr:
695 asprintf(&tmp, "0x%lx", args[sc->offset]);
696 break;
697 case Readlinkres: {
698 char *tmp2;
699 if (retval == -1) {
700 tmp = strdup("");
701 break;
702 }
703 tmp2 = get_string(pid, (void*)args[sc->offset], retval);
704 asprintf(&tmp, "\"%s\"", tmp2);
705 free(tmp2);
706 break;
707 }
708 case Ioctl: {
709 const char *temp = ioctlname(args[sc->offset]);
710 if (temp)
711 tmp = strdup(temp);
712 else {
713 unsigned long arg = args[sc->offset];
714 asprintf(&tmp, "0x%lx { IO%s%s 0x%lx('%c'), %lu, %lu }",
715 arg, arg & IOC_OUT ? "R" : "",
716 arg & IOC_IN ? "W" : "", IOCGROUP(arg),
717 isprint(IOCGROUP(arg)) ? (char)IOCGROUP(arg) : '?',
718 arg & 0xFF, IOCPARM_LEN(arg));
719 }
720 break;
721 }
722 case Umtx: {
723 struct umtx umtx;
724 if (get_struct(pid, (void *)args[sc->offset], &umtx,
725 sizeof(umtx)) != -1)
726 asprintf(&tmp, "{ 0x%lx }", (long)umtx.u_owner);
727 else
728 asprintf(&tmp, "0x%lx", args[sc->offset]);
729 break;
730 }
731 case Timespec: {
732 struct timespec ts;
733 if (get_struct(pid, (void *)args[sc->offset], &ts,
734 sizeof(ts)) != -1)
735 asprintf(&tmp, "{%ld.%09ld }", (long)ts.tv_sec,
736 ts.tv_nsec);
737 else
738 asprintf(&tmp, "0x%lx", args[sc->offset]);
739 break;
740 }
741 case Timeval: {
742 struct timeval tv;
743 if (get_struct(pid, (void *)args[sc->offset], &tv, sizeof(tv))
744 != -1)
745 asprintf(&tmp, "{%ld.%06ld }", (long)tv.tv_sec,
746 tv.tv_usec);
747 else
748 asprintf(&tmp, "0x%lx", args[sc->offset]);
749 break;
750 }
751 case Timeval2: {
752 struct timeval tv[2];
753 if (get_struct(pid, (void *)args[sc->offset], &tv, sizeof(tv))
754 != -1)
755 asprintf(&tmp, "{%ld.%06ld, %ld.%06ld }",
756 (long)tv[0].tv_sec, tv[0].tv_usec,
757 (long)tv[1].tv_sec, tv[1].tv_usec);
758 else
759 asprintf(&tmp, "0x%lx", args[sc->offset]);
760 break;
761 }
762 case Itimerval: {
763 struct itimerval itv;
764 if (get_struct(pid, (void *)args[sc->offset], &itv,
765 sizeof(itv)) != -1)
766 asprintf(&tmp, "{%ld.%06ld, %ld.%06ld }",
767 (long)itv.it_interval.tv_sec,
768 itv.it_interval.tv_usec,
769 (long)itv.it_value.tv_sec,
770 itv.it_value.tv_usec);
771 else
772 asprintf(&tmp, "0x%lx", args[sc->offset]);
773 break;
774 }
775 case Pollfd: {
776 /*
777 * XXX: A Pollfd argument expects the /next/ syscall argument
778 * to be the number of fds in the array. This matches the poll
779 * syscall.
780 */
781 struct pollfd *pfd;
782 int numfds = args[sc->offset+1];
783 int bytes = sizeof(struct pollfd) * numfds;
784 int i, tmpsize, u, used;
785 const int per_fd = 100;
786
787 if ((pfd = malloc(bytes)) == NULL)
788 err(1, "Cannot malloc %d bytes for pollfd array",
789 bytes);
790 if (get_struct(pid, (void *)args[sc->offset], pfd, bytes)
791 != -1) {
792 used = 0;
793 tmpsize = 1 + per_fd * numfds + 2;
794 if ((tmp = malloc(tmpsize)) == NULL)
795 err(1, "Cannot alloc %d bytes for poll output",
796 tmpsize);
797
798 tmp[used++] = '{';
799 for (i = 0; i < numfds; i++) {
800
801 u = snprintf(tmp + used, per_fd, "%s%d/%s",
802 i > 0 ? " " : "", pfd[i].fd,
803 xlookup_bits(poll_flags, pfd[i].events));
804 if (u > 0)
805 used += u < per_fd ? u : per_fd;
806 }
807 tmp[used++] = '}';
808 tmp[used++] = '\0';
809 } else {
810 asprintf(&tmp, "0x%lx", args[sc->offset]);
811 }
812 free(pfd);
813 break;
814 }
815 case Fd_set: {
816 /*
817 * XXX: A Fd_set argument expects the /first/ syscall argument
818 * to be the number of fds in the array. This matches the
819 * select syscall.
820 */
821 fd_set *fds;
822 int numfds = args[0];
823 int bytes = _howmany(numfds, _NFDBITS) * _NFDBITS;
824 int i, tmpsize, u, used;
825 const int per_fd = 20;
826
827 if ((fds = malloc(bytes)) == NULL)
828 err(1, "Cannot malloc %d bytes for fd_set array",
829 bytes);
830 if (get_struct(pid, (void *)args[sc->offset], fds, bytes)
831 != -1) {
832 used = 0;
833 tmpsize = 1 + numfds * per_fd + 2;
834 if ((tmp = malloc(tmpsize)) == NULL)
835 err(1, "Cannot alloc %d bytes for fd_set "
836 "output", tmpsize);
837
838 tmp[used++] = '{';
839 for (i = 0; i < numfds; i++) {
840 if (FD_ISSET(i, fds)) {
841 u = snprintf(tmp + used, per_fd, "%d ",
842 i);
843 if (u > 0)
844 used += u < per_fd ? u : per_fd;
845 }
846 }
847 if (tmp[used-1] == ' ')
848 used--;
849 tmp[used++] = '}';
850 tmp[used++] = '\0';
851 } else
852 asprintf(&tmp, "0x%lx", args[sc->offset]);
853 free(fds);
854 break;
855 }
856 case Signal:
857 tmp = strsig2(args[sc->offset]);
858 break;
859 case Sigset: {
860 long sig;
861 sigset_t ss;
862 int i, used;
863 char *signame;
864
865 sig = args[sc->offset];
866 if (get_struct(pid, (void *)args[sc->offset], (void *)&ss,
867 sizeof(ss)) == -1) {
868 asprintf(&tmp, "0x%lx", args[sc->offset]);
869 break;
870 }
871 tmp = malloc(sys_nsig * 8); /* 7 bytes avg per signal name */
872 used = 0;
873 for (i = 1; i < sys_nsig; i++) {
874 if (sigismember(&ss, i)) {
875 signame = strsig(i);
876 used += sprintf(tmp + used, "%s|", signame);
877 free(signame);
878 }
879 }
880 if (used)
881 tmp[used-1] = 0;
882 else
883 strcpy(tmp, "0x0");
884 break;
885 }
886 case Sigprocmask: {
887 switch (args[sc->offset]) {
888 #define S(a) case a: tmp = strdup(#a); break;
889 S(SIG_BLOCK);
890 S(SIG_UNBLOCK);
891 S(SIG_SETMASK);
892 #undef S
893 }
894 if (tmp == NULL)
895 asprintf(&tmp, "0x%lx", args[sc->offset]);
896 break;
897 }
898 case Fcntlflag: {
899 /* XXX output depends on the value of the previous argument */
900 switch (args[sc->offset-1]) {
901 case F_SETFD:
902 tmp = strdup(xlookup_bits(fcntlfd_arg,
903 args[sc->offset]));
904 break;
905 case F_SETFL:
906 tmp = strdup(xlookup_bits(fcntlfl_arg,
907 args[sc->offset]));
908 break;
909 case F_GETFD:
910 case F_GETFL:
911 case F_GETOWN:
912 tmp = strdup("");
913 break;
914 default:
915 asprintf(&tmp, "0x%lx", args[sc->offset]);
916 break;
917 }
918 break;
919 }
920 case Open:
921 tmp = strdup(xlookup_bits(open_flags, args[sc->offset]));
922 break;
923 case Fcntl:
924 tmp = strdup(xlookup(fcntl_arg, args[sc->offset]));
925 break;
926 case Mprot:
927 tmp = strdup(xlookup_bits(mprot_flags, args[sc->offset]));
928 break;
929 case Mmapflags: {
930 char *base, *alignstr;
931 int align, flags;
932
933 /*
934 * MAP_ALIGNED can't be handled by xlookup_bits(), so
935 * generate that string manually and prepend it to the
936 * string from xlookup_bits(). Have to be careful to
937 * avoid outputting MAP_ALIGNED|0 if MAP_ALIGNED is
938 * the only flag.
939 */
940 flags = args[sc->offset] & ~MAP_ALIGNMENT_MASK;
941 align = args[sc->offset] & MAP_ALIGNMENT_MASK;
942 if (align != 0) {
943 if (align == MAP_ALIGNED_SUPER)
944 alignstr = strdup("MAP_ALIGNED_SUPER");
945 else
946 asprintf(&alignstr, "MAP_ALIGNED(%d)",
947 align >> MAP_ALIGNMENT_SHIFT);
948 if (flags == 0) {
949 tmp = alignstr;
950 break;
951 }
952 } else
953 alignstr = NULL;
954 base = strdup(xlookup_bits(mmap_flags, flags));
955 if (alignstr == NULL) {
956 tmp = base;
957 break;
958 }
959 asprintf(&tmp, "%s|%s", alignstr, base);
960 free(alignstr);
961 free(base);
962 break;
963 }
964 case Whence:
965 tmp = strdup(xlookup(whence_arg, args[sc->offset]));
966 break;
967 case Sockdomain:
968 tmp = strdup(xlookup(sockdomain_arg, args[sc->offset]));
969 break;
970 case Socktype:
971 tmp = strdup(xlookup(socktype_arg, args[sc->offset]));
972 break;
973 case Shutdown:
974 tmp = strdup(xlookup(shutdown_arg, args[sc->offset]));
975 break;
976 case Resource:
977 tmp = strdup(xlookup(resource_arg, args[sc->offset]));
978 break;
979 case Pathconf:
980 tmp = strdup(xlookup(pathconf_arg, args[sc->offset]));
981 break;
982 case Rforkflags:
983 tmp = strdup(xlookup_bits(rfork_flags, args[sc->offset]));
984 break;
985 case Sockaddr: {
986 struct sockaddr_storage ss;
987 char addr[64];
988 struct sockaddr_in *lsin;
989 struct sockaddr_in6 *lsin6;
990 struct sockaddr_un *sun;
991 struct sockaddr *sa;
992 char *p;
993 u_char *q;
994 int i;
995
996 if (args[sc->offset] == 0) {
997 asprintf(&tmp, "NULL");
998 break;
999 }
1000
1001 /* yuck: get ss_len */
1002 if (get_struct(pid, (void *)args[sc->offset], (void *)&ss,
1003 sizeof(ss.ss_len) + sizeof(ss.ss_family)) == -1)
1004 err(1, "get_struct %p", (void *)args[sc->offset]);
1005 /*
1006 * If ss_len is 0, then try to guess from the sockaddr type.
1007 * AF_UNIX may be initialized incorrectly, so always frob
1008 * it by using the "right" size.
1009 */
1010 if (ss.ss_len == 0 || ss.ss_family == AF_UNIX) {
1011 switch (ss.ss_family) {
1012 case AF_INET:
1013 ss.ss_len = sizeof(*lsin);
1014 break;
1015 case AF_UNIX:
1016 ss.ss_len = sizeof(*sun);
1017 break;
1018 default:
1019 /* hurrrr */
1020 break;
1021 }
1022 }
1023 if (get_struct(pid, (void *)args[sc->offset], (void *)&ss,
1024 ss.ss_len) == -1) {
1025 err(2, "get_struct %p", (void *)args[sc->offset]);
1026 }
1027
1028 switch (ss.ss_family) {
1029 case AF_INET:
1030 lsin = (struct sockaddr_in *)&ss;
1031 inet_ntop(AF_INET, &lsin->sin_addr, addr, sizeof addr);
1032 asprintf(&tmp, "{ AF_INET %s:%d }", addr,
1033 htons(lsin->sin_port));
1034 break;
1035 case AF_INET6:
1036 lsin6 = (struct sockaddr_in6 *)&ss;
1037 inet_ntop(AF_INET6, &lsin6->sin6_addr, addr,
1038 sizeof addr);
1039 asprintf(&tmp, "{ AF_INET6 [%s]:%d }", addr,
1040 htons(lsin6->sin6_port));
1041 break;
1042 case AF_UNIX:
1043 sun = (struct sockaddr_un *)&ss;
1044 asprintf(&tmp, "{ AF_UNIX \"%s\" }", sun->sun_path);
1045 break;
1046 default:
1047 sa = (struct sockaddr *)&ss;
1048 asprintf(&tmp, "{ sa_len = %d, sa_family = %d, sa_data "
1049 "= {%n%*s } }", (int)sa->sa_len, (int)sa->sa_family,
1050 &i, 6 * (int)(sa->sa_len - ((char *)&sa->sa_data -
1051 (char *)sa)), "");
1052 if (tmp != NULL) {
1053 p = tmp + i;
1054 for (q = (u_char *)&sa->sa_data;
1055 q < (u_char *)sa + sa->sa_len; q++)
1056 p += sprintf(p, " %#02x,", *q);
1057 }
1058 }
1059 break;
1060 }
1061 case Sigaction: {
1062 struct sigaction sa;
1063 char *hand;
1064 const char *h;
1065
1066 if (get_struct(pid, (void *)args[sc->offset], &sa, sizeof(sa))
1067 != -1) {
1068 asprintf(&hand, "%p", sa.sa_handler);
1069 if (sa.sa_handler == SIG_DFL)
1070 h = "SIG_DFL";
1071 else if (sa.sa_handler == SIG_IGN)
1072 h = "SIG_IGN";
1073 else
1074 h = hand;
1075
1076 asprintf(&tmp, "{ %s %s ss_t }", h,
1077 xlookup_bits(sigaction_flags, sa.sa_flags));
1078 free(hand);
1079 } else
1080 asprintf(&tmp, "0x%lx", args[sc->offset]);
1081 break;
1082 }
1083 case Kevent: {
1084 /*
1085 * XXX XXX: the size of the array is determined by either the
1086 * next syscall argument, or by the syscall returnvalue,
1087 * depending on which argument number we are. This matches the
1088 * kevent syscall, but luckily that's the only syscall that uses
1089 * them.
1090 */
1091 struct kevent *ke;
1092 int numevents = -1;
1093 int bytes = 0;
1094 int i, tmpsize, u, used;
1095 const int per_ke = 100;
1096
1097 if (sc->offset == 1)
1098 numevents = args[sc->offset+1];
1099 else if (sc->offset == 3 && retval != -1)
1100 numevents = retval;
1101
1102 if (numevents >= 0)
1103 bytes = sizeof(struct kevent) * numevents;
1104 if ((ke = malloc(bytes)) == NULL)
1105 err(1, "Cannot malloc %d bytes for kevent array",
1106 bytes);
1107 if (numevents >= 0 && get_struct(pid, (void *)args[sc->offset],
1108 ke, bytes) != -1) {
1109 used = 0;
1110 tmpsize = 1 + per_ke * numevents + 2;
1111 if ((tmp = malloc(tmpsize)) == NULL)
1112 err(1, "Cannot alloc %d bytes for kevent "
1113 "output", tmpsize);
1114
1115 tmp[used++] = '{';
1116 for (i = 0; i < numevents; i++) {
1117 u = snprintf(tmp + used, per_ke,
1118 "%s%p,%s,%s,%d,%p,%p",
1119 i > 0 ? " " : "",
1120 (void *)ke[i].ident,
1121 xlookup(kevent_filters, ke[i].filter),
1122 xlookup_bits(kevent_flags, ke[i].flags),
1123 ke[i].fflags,
1124 (void *)ke[i].data,
1125 (void *)ke[i].udata);
1126 if (u > 0)
1127 used += u < per_ke ? u : per_ke;
1128 }
1129 tmp[used++] = '}';
1130 tmp[used++] = '\0';
1131 } else {
1132 asprintf(&tmp, "0x%lx", args[sc->offset]);
1133 }
1134 free(ke);
1135 break;
1136 }
1137 case Stat: {
1138 struct stat st;
1139 if (get_struct(pid, (void *)args[sc->offset], &st, sizeof(st))
1140 != -1) {
1141 char mode[12];
1142 strmode(st.st_mode, mode);
1143 asprintf(&tmp,
1144 "{ mode=%s,inode=%jd,size=%jd,blksize=%ld }", mode,
1145 (intmax_t)st.st_ino, (intmax_t)st.st_size,
1146 (long)st.st_blksize);
1147 } else {
1148 asprintf(&tmp, "0x%lx", args[sc->offset]);
1149 }
1150 break;
1151 }
1152 case Rusage: {
1153 struct rusage ru;
1154 if (get_struct(pid, (void *)args[sc->offset], &ru, sizeof(ru))
1155 != -1) {
1156 asprintf(&tmp,
1157 "{ u=%ld.%06ld,s=%ld.%06ld,in=%ld,out=%ld }",
1158 (long)ru.ru_utime.tv_sec, ru.ru_utime.tv_usec,
1159 (long)ru.ru_stime.tv_sec, ru.ru_stime.tv_usec,
1160 ru.ru_inblock, ru.ru_oublock);
1161 } else
1162 asprintf(&tmp, "0x%lx", args[sc->offset]);
1163 break;
1164 }
1165 case Rlimit: {
1166 struct rlimit rl;
1167 if (get_struct(pid, (void *)args[sc->offset], &rl, sizeof(rl))
1168 != -1) {
1169 asprintf(&tmp, "{ cur=%ju,max=%ju }",
1170 rl.rlim_cur, rl.rlim_max);
1171 } else
1172 asprintf(&tmp, "0x%lx", args[sc->offset]);
1173 break;
1174 }
1175 case ExitStatus: {
1176 char *signame;
1177 int status;
1178 signame = NULL;
1179 if (get_struct(pid, (void *)args[sc->offset], &status,
1180 sizeof(status)) != -1) {
1181 if (WIFCONTINUED(status))
1182 tmp = strdup("{ CONTINUED }");
1183 else if (WIFEXITED(status))
1184 asprintf(&tmp, "{ EXITED,val=%d }",
1185 WEXITSTATUS(status));
1186 else if (WIFSIGNALED(status))
1187 asprintf(&tmp, "{ SIGNALED,sig=%s%s }",
1188 signame = strsig2(WTERMSIG(status)),
1189 WCOREDUMP(status) ? ",cored" : "");
1190 else
1191 asprintf(&tmp, "{ STOPPED,sig=%s }",
1192 signame = strsig2(WTERMSIG(status)));
1193 } else
1194 asprintf(&tmp, "0x%lx", args[sc->offset]);
1195 free(signame);
1196 break;
1197 }
1198 case Waitoptions:
1199 tmp = strdup(xlookup_bits(wait_options, args[sc->offset]));
1200 break;
1201 case Idtype:
1202 tmp = strdup(xlookup(idtype_arg, args[sc->offset]));
1203 break;
1204 case Procctl:
1205 tmp = strdup(xlookup(procctl_arg, args[sc->offset]));
1206 break;
1207 default:
1208 errx(1, "Invalid argument type %d\n", sc->type & ARG_MASK);
1209 }
1210 return (tmp);
1211 }
1212
1213 /*
1214 * print_syscall
1215 * Print (to outfile) the system call and its arguments. Note that
1216 * nargs is the number of arguments (not the number of words; this is
1217 * potentially confusing, I know).
1218 */
1219
1220 void
print_syscall(struct trussinfo * trussinfo,const char * name,int nargs,char ** s_args)1221 print_syscall(struct trussinfo *trussinfo, const char *name, int nargs,
1222 char **s_args)
1223 {
1224 struct timespec timediff;
1225 int i, len;
1226
1227 len = 0;
1228 if (trussinfo->flags & FOLLOWFORKS)
1229 len += fprintf(trussinfo->outfile, "%5d: ", trussinfo->pid);
1230
1231 if (name != NULL && (strcmp(name, "execve") == 0 ||
1232 strcmp(name, "exit") == 0)) {
1233 clock_gettime(CLOCK_REALTIME, &trussinfo->curthread->after);
1234 }
1235
1236 if (trussinfo->flags & ABSOLUTETIMESTAMPS) {
1237 timespecsubt(&trussinfo->curthread->after,
1238 &trussinfo->start_time, &timediff);
1239 len += fprintf(trussinfo->outfile, "%ld.%09ld ",
1240 (long)timediff.tv_sec, timediff.tv_nsec);
1241 }
1242
1243 if (trussinfo->flags & RELATIVETIMESTAMPS) {
1244 timespecsubt(&trussinfo->curthread->after,
1245 &trussinfo->curthread->before, &timediff);
1246 len += fprintf(trussinfo->outfile, "%ld.%09ld ",
1247 (long)timediff.tv_sec, timediff.tv_nsec);
1248 }
1249
1250 len += fprintf(trussinfo->outfile, "%s(", name);
1251
1252 for (i = 0; i < nargs; i++) {
1253 if (s_args[i])
1254 len += fprintf(trussinfo->outfile, "%s", s_args[i]);
1255 else
1256 len += fprintf(trussinfo->outfile,
1257 "<missing argument>");
1258 len += fprintf(trussinfo->outfile, "%s", i < (nargs - 1) ?
1259 "," : "");
1260 }
1261 len += fprintf(trussinfo->outfile, ")");
1262 for (i = 0; i < 6 - (len / 8); i++)
1263 fprintf(trussinfo->outfile, "\t");
1264 }
1265
1266 void
print_syscall_ret(struct trussinfo * trussinfo,const char * name,int nargs,char ** s_args,int errorp,long retval,struct syscall * sc)1267 print_syscall_ret(struct trussinfo *trussinfo, const char *name, int nargs,
1268 char **s_args, int errorp, long retval, struct syscall *sc)
1269 {
1270 struct timespec timediff;
1271
1272 if (trussinfo->flags & COUNTONLY) {
1273 if (!sc)
1274 return;
1275 clock_gettime(CLOCK_REALTIME, &trussinfo->curthread->after);
1276 timespecsubt(&trussinfo->curthread->after,
1277 &trussinfo->curthread->before, &timediff);
1278 timespecadd(&sc->time, &timediff, &sc->time);
1279 sc->ncalls++;
1280 if (errorp)
1281 sc->nerror++;
1282 return;
1283 }
1284
1285 print_syscall(trussinfo, name, nargs, s_args);
1286 fflush(trussinfo->outfile);
1287 if (errorp)
1288 fprintf(trussinfo->outfile, " ERR#%ld '%s'\n", retval,
1289 strerror(retval));
1290 else {
1291 /*
1292 * Because pipe(2) has a special assembly glue to provide the
1293 * libc API, we have to adjust retval.
1294 */
1295 if (name != NULL && strcmp(name, "pipe") == 0)
1296 retval = 0;
1297 fprintf(trussinfo->outfile, " = %ld (0x%lx)\n", retval, retval);
1298 }
1299 }
1300
1301 void
print_summary(struct trussinfo * trussinfo)1302 print_summary(struct trussinfo *trussinfo)
1303 {
1304 struct timespec total = {0, 0};
1305 struct syscall *sc;
1306 int ncall, nerror;
1307
1308 fprintf(trussinfo->outfile, "%-20s%15s%8s%8s\n",
1309 "syscall", "seconds", "calls", "errors");
1310 ncall = nerror = 0;
1311 for (sc = syscalls; sc->name != NULL; sc++)
1312 if (sc->ncalls) {
1313 fprintf(trussinfo->outfile, "%-20s%5jd.%09ld%8d%8d\n",
1314 sc->name, (intmax_t)sc->time.tv_sec,
1315 sc->time.tv_nsec, sc->ncalls, sc->nerror);
1316 timespecadd(&total, &sc->time, &total);
1317 ncall += sc->ncalls;
1318 nerror += sc->nerror;
1319 }
1320 fprintf(trussinfo->outfile, "%20s%15s%8s%8s\n",
1321 "", "-------------", "-------", "-------");
1322 fprintf(trussinfo->outfile, "%-20s%5jd.%09ld%8d%8d\n",
1323 "", (intmax_t)total.tv_sec, total.tv_nsec, ncall, nerror);
1324 }
1325