d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- Style(9) cleanup.

Browse Source 
Approved by:	kib (mentor)
This commit is contained in:
Andrey Zonov 2012-09-02 11:03:18 +00:00
parent bb9f214f64
commit 94355cfdfd
15 changed files with 2096 additions and 2026 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

376
usr.bin/truss/amd64-fbsd.c
View File

@ -88,18 +88,19 @@ static struct freebsd_syscall {
/* Clear up and free parts of the fsc structure. */ /* Clear up and free parts of the fsc structure. */
static __inline void static __inline void
clear_fsc(void) { clear_fsc(void)
if (fsc.args) { {
free(fsc.args); int i;
}
if (fsc.s_args) { if (fsc.args)
int i; free(fsc.args);
for (i = 0; i < fsc.nargs; i++) if (fsc.s_args) {
if (fsc.s_args[i]) for (i = 0; i < fsc.nargs; i++)
free(fsc.s_args[i]); if (fsc.s_args[i])
free(fsc.s_args); free(fsc.s_args[i]);
} free(fsc.s_args);
memset(&fsc, 0, sizeof(fsc)); }
memset(&fsc, 0, sizeof(fsc));
} }
/* /*
@ -110,147 +111,145 @@ clear_fsc(void) {
*/ */
void void
amd64_syscall_entry(struct trussinfo *trussinfo, int nargs) { amd64_syscall_entry(struct trussinfo *trussinfo, int nargs)
struct reg regs; {
int syscall_num; struct ptrace_io_desc iorequest;
int i, reg; struct reg regs;
struct syscall *sc; struct syscall *sc;
int i, reg, syscall_num;
cpid = trussinfo->curthread->tid; clear_fsc();
clear_fsc(); cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0)
{
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return;
}
/* if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
* FreeBSD has two special kinds of system call redirctions -- fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
* SYS_syscall, and SYS___syscall. The former is the old syscall() return;
* routine, basically; the latter is for quad-aligned arguments. }
*/
reg = 0;
syscall_num = regs.r_rax;
switch (syscall_num) {
case SYS_syscall:
case SYS___syscall:
syscall_num = regs.r_rdi;
reg++;
break;
}
fsc.number = syscall_num; /*
fsc.name = * FreeBSD has two special kinds of system call redirctions --
(syscall_num < 0 || syscall_num >= nsyscalls) ? NULL : syscallnames[syscall_num]; * SYS_syscall, and SYS___syscall. The former is the old syscall()
if (!fsc.name) { * routine, basically; the latter is for quad-aligned arguments.
fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num); */
} reg = 0;
syscall_num = regs.r_rax;
switch (syscall_num) {
case SYS_syscall:
case SYS___syscall:
syscall_num = regs.r_rdi;
reg++;
break;
}
if (fsc.name && (trussinfo->flags & FOLLOWFORKS) fsc.number = syscall_num;
&& ((!strcmp(fsc.name, "fork") fsc.name = (syscall_num < 0 || syscall_num >= nsyscalls) ?
|| !strcmp(fsc.name, "rfork") NULL : syscallnames[syscall_num];
|| !strcmp(fsc.name, "vfork")))) if (!fsc.name) {
{ fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n",
trussinfo->curthread->in_fork = 1; syscall_num);
} }
if (nargs == 0) if (fsc.name && (trussinfo->flags & FOLLOWFORKS) &&
return; (strcmp(fsc.name, "fork") == 0 ||
strcmp(fsc.name, "rfork") == 0||
strcmp(fsc.name, "vfork") == 0))
trussinfo->curthread->in_fork = 1;
fsc.args = malloc((1+nargs) * sizeof(unsigned long)); if (nargs == 0)
for (i = 0; i < nargs && reg < 6; i++, reg++) { return;
switch (reg) {
case 0: fsc.args[i] = regs.r_rdi; break;
case 1: fsc.args[i] = regs.r_rsi; break;
case 2: fsc.args[i] = regs.r_rdx; break;
case 3: fsc.args[i] = regs.r_rcx; break;
case 4: fsc.args[i] = regs.r_r8; break;
case 5: fsc.args[i] = regs.r_r9; break;
}
}
if (nargs > i) {
struct ptrace_io_desc iorequest;
iorequest.piod_op = PIOD_READ_D;
iorequest.piod_offs = (void *)(regs.r_rsp + sizeof(register_t));
iorequest.piod_addr = &fsc.args[i];
iorequest.piod_len = (nargs - i) * sizeof(register_t);
ptrace(PT_IO, cpid, (caddr_t)&iorequest, 0);
if (iorequest.piod_len == 0)
return;
}
sc = get_syscall(fsc.name); fsc.args = malloc((1 + nargs) * sizeof(unsigned long));
if (sc) { for (i = 0; i < nargs && reg < 6; i++, reg++) {
fsc.nargs = sc->nargs; switch (reg) {
} else { case 0: fsc.args[i] = regs.r_rdi; break;
case 1: fsc.args[i] = regs.r_rsi; break;
case 2: fsc.args[i] = regs.r_rdx; break;
case 3: fsc.args[i] = regs.r_rcx; break;
case 4: fsc.args[i] = regs.r_r8; break;
case 5: fsc.args[i] = regs.r_r9; break;
}
}
if (nargs > i) {
iorequest.piod_op = PIOD_READ_D;
iorequest.piod_offs = (void *)(regs.r_rsp + sizeof(register_t));
iorequest.piod_addr = &fsc.args[i];
iorequest.piod_len = (nargs - i) * sizeof(register_t);
ptrace(PT_IO, cpid, (caddr_t)&iorequest, 0);
if (iorequest.piod_len == 0)
return;
}
sc = get_syscall(fsc.name);
if (sc)
fsc.nargs = sc->nargs;
else {
#if DEBUG #if DEBUG
fprintf(trussinfo->outfile, "unknown syscall %s -- setting args to %d\n", fprintf(trussinfo->outfile, "unknown syscall %s -- setting "
fsc.name, nargs); "args to %d\n", fsc.name, nargs);
#endif #endif
fsc.nargs = nargs; fsc.nargs = nargs;
} }
fsc.s_args = calloc(1, (1+fsc.nargs) * sizeof(char*)); fsc.s_args = calloc(1, (1 + fsc.nargs) * sizeof(char *));
fsc.sc = sc; fsc.sc = sc;
/* /*
* At this point, we set up the system call arguments. * At this point, we set up the system call arguments.
* We ignore any OUT ones, however -- those are arguments that * We ignore any OUT ones, however -- those are arguments that
* are set by the system call, and so are probably meaningless * are set by the system call, and so are probably meaningless
* now. This doesn't currently support arguments that are * now. This doesn't currently support arguments that are
* passed in *and* out, however. * passed in *and* out, however.
*/ */
if (fsc.name) { if (fsc.name) {
#if DEBUG
fprintf(stderr, "syscall %s(", fsc.name);
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%lx%s", sc ?
fsc.args[sc->args[i].offset] : fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i],
fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG #if DEBUG
fprintf(stderr, "syscall %s(", fsc.name); fprintf(trussinfo->outfile, "\n");
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%lx%s",
sc
? fsc.args[sc->args[i].offset]
: fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i], fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG
fprintf(trussinfo->outfile, "\n");
#endif #endif
if (fsc.name != NULL && if (fsc.name != NULL && (strcmp(fsc.name, "execve") == 0 ||
(!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit"))) { strcmp(fsc.name, "exit") == 0)) {
/*
* XXX
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (strcmp(fsc.name, "execve") == 0) {
if ((trussinfo->flags & EXECVEARGS) == 0) {
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
}
if ((trussinfo->flags & EXECVEENVS) == 0) {
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
}
/* XXX return;
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (!strcmp(fsc.name, "execve")) {
if ((trussinfo->flags & EXECVEARGS) == 0)
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
if ((trussinfo->flags & EXECVEENVS) == 0)
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
return;
} }
/* /*
@ -263,68 +262,69 @@ amd64_syscall_entry(struct trussinfo *trussinfo, int nargs) {
long long
amd64_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused) amd64_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused)
{ {
struct reg regs; struct reg regs;
long retval; struct syscall *sc;
int i; long retval;
int errorp; int errorp, i;
struct syscall *sc;
if (fsc.name == NULL) if (fsc.name == NULL)
return (-1); return (-1);
cpid = trussinfo->curthread->tid; cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
{ fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n"); return (-1);
return (-1); }
}
retval = regs.r_rax;
errorp = !!(regs.r_rflags & PSL_C);
/* retval = regs.r_rax;
* This code, while simpler than the initial versions I used, could errorp = !!(regs.r_rflags & PSL_C);
* stand some significant cleaning.
*/
sc = fsc.sc;
if (!sc) {
for (i = 0; i < fsc.nargs; i++)
asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
} else {
/*
* Here, we only look for arguments that have OUT masked in --
* otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/* /*
* If an error occurred, than don't bothe getting the data; * This code, while simpler than the initial versions I used, could
* it may not be valid. * stand some significant cleaning.
*/ */
if (errorp)
asprintf(&temp, "0x%lx", fsc.args[sc->args[i].offset]);
else
temp = print_arg(&sc->args[i], fsc.args, retval, trussinfo);
fsc.s_args[i] = temp;
}
}
}
if (fsc.name != NULL && sc = fsc.sc;
(!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit"))) { if (!sc) {
trussinfo->curthread->in_syscall = 1; for (i = 0; i < fsc.nargs; i++)
} asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
} else {
/*
* Here, we only look for arguments that have OUT masked in --
* otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/*
* If an error occurred, then don't bother
* getting the data; it may not be valid.
*/
if (errorp) {
asprintf(&temp, "0x%lx",
fsc.args[sc->args[i].offset]);
} else {
temp = print_arg(&sc->args[i],
fsc.args, retval, trussinfo);
}
fsc.s_args[i] = temp;
}
}
}
/* if (fsc.name != NULL && (strcmp(fsc.name, "execve") == 0 ||
* It would probably be a good idea to merge the error handling, strcmp(fsc.name, "exit") == 0))
* but that complicates things considerably. trussinfo->curthread->in_syscall = 1;
*/
print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp, /*
retval, fsc.sc); * It would probably be a good idea to merge the error handling,
clear_fsc(); * but that complicates things considerably.
*/
return (retval); print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp,
retval, fsc.sc);
clear_fsc();
return (retval);
} }

381
usr.bin/truss/amd64-fbsd32.c
View File

@ -43,8 +43,8 @@ static const char rcsid[] =
*/ */
#include <sys/types.h> #include <sys/types.h>
#include <sys/syscall.h>
#include <sys/ptrace.h> #include <sys/ptrace.h>
#include <sys/syscall.h>
#include <machine/reg.h> #include <machine/reg.h>
#include <machine/psl.h> #include <machine/psl.h>
@ -90,21 +90,21 @@ static struct freebsd32_syscall {
/* Clear up and free parts of the fsc structure. */ /* Clear up and free parts of the fsc structure. */
static __inline void static __inline void
clear_fsc(void) { clear_fsc(void)
if (fsc.args) { {
free(fsc.args); int i;
}
if (fsc.args32) { if (fsc.args)
free(fsc.args32); free(fsc.args);
} if (fsc.args32)
if (fsc.s_args) { free(fsc.args32);
int i; if (fsc.s_args) {
for (i = 0; i < fsc.nargs; i++) for (i = 0; i < fsc.nargs; i++)
if (fsc.s_args[i]) if (fsc.s_args[i])
free(fsc.s_args[i]); free(fsc.s_args[i]);
free(fsc.s_args); free(fsc.s_args);
} }
memset(&fsc, 0, sizeof(fsc)); memset(&fsc, 0, sizeof(fsc));
} }
/* /*
@ -115,145 +115,143 @@ clear_fsc(void) {
*/ */
void void
amd64_fbsd32_syscall_entry(struct trussinfo *trussinfo, int nargs) { amd64_fbsd32_syscall_entry(struct trussinfo *trussinfo, int nargs)
struct reg regs; {
int syscall_num; struct ptrace_io_desc iorequest;
int i; struct reg regs;
unsigned long parm_offset; struct syscall *sc;
struct syscall *sc = NULL; unsigned long parm_offset;
struct ptrace_io_desc iorequest; int i, syscall_num;
cpid = trussinfo->curthread->tid;
clear_fsc(); clear_fsc();
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0)
{
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return;
}
parm_offset = regs.r_rsp + sizeof(int);
/* cpid = trussinfo->curthread->tid;
* FreeBSD has two special kinds of system call redirctions --
* SYS_syscall, and SYS___syscall. The former is the old syscall()
* routine, basically; the latter is for quad-aligned arguments.
*/
syscall_num = regs.r_rax;
switch (syscall_num) {
case SYS_syscall:
syscall_num = ptrace(PT_READ_D, cpid, (caddr_t)parm_offset, 0);
parm_offset += sizeof(int);
break;
case SYS___syscall:
syscall_num = ptrace(PT_READ_D, cpid, (caddr_t)parm_offset, 0);
parm_offset += sizeof(quad_t);
break;
}
fsc.number = syscall_num; if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
fsc.name = fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
(syscall_num < 0 || syscall_num >= nsyscalls) ? NULL : return;
freebsd32_syscallnames[syscall_num]; }
if (!fsc.name) { parm_offset = regs.r_rsp + sizeof(int);
fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num);
}
if (fsc.name && (trussinfo->flags & FOLLOWFORKS) /*
&& ((!strcmp(fsc.name, "fork") * FreeBSD has two special kinds of system call redirctions --
|| !strcmp(fsc.name, "rfork") * SYS_syscall, and SYS___syscall. The former is the old syscall()
|| !strcmp(fsc.name, "vfork")))) * routine, basically; the latter is for quad-aligned arguments.
{ */
trussinfo->curthread->in_fork = 1; syscall_num = regs.r_rax;
} switch (syscall_num) {
case SYS_syscall:
syscall_num = ptrace(PT_READ_D, cpid, (caddr_t)parm_offset, 0);
parm_offset += sizeof(int);
break;
case SYS___syscall:
syscall_num = ptrace(PT_READ_D, cpid, (caddr_t)parm_offset, 0);
parm_offset += sizeof(quad_t);
break;
}
if (nargs == 0) fsc.number = syscall_num;
return; fsc.name = (syscall_num < 0 || syscall_num >= nsyscalls) ?
NULL : freebsd32_syscallnames[syscall_num];
if (!fsc.name) {
fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n",
syscall_num);
}
fsc.args32 = malloc((1+nargs) * sizeof(unsigned int)); if (fsc.name && (trussinfo->flags & FOLLOWFORKS) &&
iorequest.piod_op = PIOD_READ_D; (strcmp(fsc.name, "fork") == 0 ||
iorequest.piod_offs = (void *)parm_offset; strcmp(fsc.name, "rfork") == 0||
iorequest.piod_addr = fsc.args32; strcmp(fsc.name, "vfork") == 0))
iorequest.piod_len = (1+nargs) * sizeof(unsigned int); trussinfo->curthread->in_fork = 1;
ptrace(PT_IO, cpid, (caddr_t)&iorequest, 0);
if (iorequest.piod_len == 0)
return;
fsc.args = malloc((1+nargs) * sizeof(unsigned long)); if (nargs == 0)
for (i = 0; i < nargs + 1; i++) return;
fsc.args[i] = fsc.args32[i];
if (fsc.name) fsc.args32 = malloc((1 + nargs) * sizeof(unsigned int));
sc = get_syscall(fsc.name); iorequest.piod_op = PIOD_READ_D;
if (sc) { iorequest.piod_offs = (void *)parm_offset;
fsc.nargs = sc->nargs; iorequest.piod_addr = fsc.args32;
} else { iorequest.piod_len = (1 + nargs) * sizeof(unsigned int);
ptrace(PT_IO, cpid, (caddr_t)&iorequest, 0);
if (iorequest.piod_len == 0)
return;
fsc.args = malloc((1 + nargs) * sizeof(unsigned long));
for (i = 0; i < nargs + 1; i++)
fsc.args[i] = fsc.args32[i];
sc = NULL;
if (fsc.name)
sc = get_syscall(fsc.name);
if (sc)
fsc.nargs = sc->nargs;
else {
#if DEBUG #if DEBUG
fprintf(trussinfo->outfile, "unknown syscall %s -- setting args to %d\n", fprintf(trussinfo->outfile, "unknown syscall %s -- setting "
fsc.name, nargs); "args to %d\n", fsc.name, nargs);
#endif #endif
fsc.nargs = nargs; fsc.nargs = nargs;
} }
fsc.s_args = calloc(1, (1+fsc.nargs) * sizeof(char*)); fsc.s_args = calloc(1, (1 + fsc.nargs) * sizeof(char *));
fsc.sc = sc; fsc.sc = sc;
/* /*
* At this point, we set up the system call arguments. * At this point, we set up the system call arguments.
* We ignore any OUT ones, however -- those are arguments that * We ignore any OUT ones, however -- those are arguments that
* are set by the system call, and so are probably meaningless * are set by the system call, and so are probably meaningless
* now. This doesn't currently support arguments that are * now. This doesn't currently support arguments that are
* passed in *and* out, however. * passed in *and* out, however.
*/ */
if (fsc.name) { if (fsc.name) {
#if DEBUG
fprintf(stderr, "syscall %s(", fsc.name);
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%x%s", sc ?
fsc.args[sc->args[i].offset] : fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i],
fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG #if DEBUG
fprintf(stderr, "syscall %s(", fsc.name); fprintf(trussinfo->outfile, "\n");
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%x%s",
sc
? fsc.args[sc->args[i].offset]
: fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i], fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG
fprintf(trussinfo->outfile, "\n");
#endif #endif
if (fsc.name != NULL && if (fsc.name != NULL && (strcmp(fsc.name, "freebsd32_execve") == 0||
(!strcmp(fsc.name, "freebsd32_execve") || !strcmp(fsc.name, "exit"))) { strcmp(fsc.name, "exit") == 0)) {
/*
* XXX
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (strcmp(fsc.name, "freebsd32_execve") == 0) {
if ((trussinfo->flags & EXECVEARGS) == 0) {
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
}
if ((trussinfo->flags & EXECVEENVS) == 0) {
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
}
/* XXX return;
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (!strcmp(fsc.name, "freebsd32_execve")) {
if ((trussinfo->flags & EXECVEARGS) == 0)
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
if ((trussinfo->flags & EXECVEENVS) == 0)
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
return;
} }
/* /*
@ -266,68 +264,69 @@ amd64_fbsd32_syscall_entry(struct trussinfo *trussinfo, int nargs) {
long long
amd64_fbsd32_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused) amd64_fbsd32_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused)
{ {
struct reg regs; struct reg regs;
long retval; struct syscall *sc;
int i; long retval;
int errorp; int errorp, i;
struct syscall *sc;
if (fsc.name == NULL) if (fsc.name == NULL)
return (-1); return (-1);
cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) cpid = trussinfo->curthread->tid;
{
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return (-1);
}
retval = regs.r_rax;
errorp = !!(regs.r_rflags & PSL_C);
/* if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
* This code, while simpler than the initial versions I used, could fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
* stand some significant cleaning. return (-1);
*/ }
retval = regs.r_rax;
errorp = !!(regs.r_rflags & PSL_C);
sc = fsc.sc;
if (!sc) {
for (i = 0; i < fsc.nargs; i++)
asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
} else {
/*
* Here, we only look for arguments that have OUT masked in --
* otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/* /*
* If an error occurred, then don't bother getting the data; * This code, while simpler than the initial versions I used, could
* it may not be valid. * stand some significant cleaning.
*/ */
if (errorp)
asprintf(&temp, "0x%lx", fsc.args[sc->args[i].offset]);
else
temp = print_arg(&sc->args[i], fsc.args, retval, trussinfo);
fsc.s_args[i] = temp;
}
}
}
if (fsc.name != NULL && sc = fsc.sc;
(!strcmp(fsc.name, "freebsd32_execve") || !strcmp(fsc.name, "exit"))) { if (!sc) {
trussinfo->curthread->in_syscall = 1; for (i = 0; i < fsc.nargs; i++)
} asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
} else {
/*
* Here, we only look for arguments that have OUT masked in --
* otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/*
* If an error occurred, then don't bother
* getting the data; it may not be valid.
*/
if (errorp) {
asprintf(&temp, "0x%lx",
fsc.args[sc->args[i].offset]);
} else {
temp = print_arg(&sc->args[i],
fsc.args, retval, trussinfo);
}
fsc.s_args[i] = temp;
}
}
}
/* if (fsc.name != NULL && (strcmp(fsc.name, "freebsd32_execve") == 0 ||
* It would probably be a good idea to merge the error handling, strcmp(fsc.name, "exit") == 0))
* but that complicates things considerably. trussinfo->curthread->in_syscall = 1;
*/
print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp, /*
retval, fsc.sc); * It would probably be a good idea to merge the error handling,
clear_fsc(); * but that complicates things considerably.
*/
return (retval); print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp,
retval, fsc.sc);
clear_fsc();
return (retval);
} }

353
usr.bin/truss/amd64-linux32.c
View File

@ -86,15 +86,17 @@ static struct linux_syscall {
/* Clear up and free parts of the fsc structure. */ /* Clear up and free parts of the fsc structure. */
static __inline void static __inline void
clear_fsc(void) { clear_fsc(void)
if (fsc.s_args) { {
int i; int i;
for (i = 0; i < fsc.nargs; i++)
if (fsc.s_args[i]) if (fsc.s_args) {
free(fsc.s_args[i]); for (i = 0; i < fsc.nargs; i++)
free(fsc.s_args); if (fsc.s_args[i])
} free(fsc.s_args[i]);
memset(&fsc, 0, sizeof(fsc)); free(fsc.s_args);
}
memset(&fsc, 0, sizeof(fsc));
} }
/* /*
@ -105,211 +107,214 @@ clear_fsc(void) {
*/ */
void void
amd64_linux32_syscall_entry(struct trussinfo *trussinfo, int nargs) { amd64_linux32_syscall_entry(struct trussinfo *trussinfo, int nargs)
struct reg regs; {
int syscall_num; struct reg regs;
int i; struct syscall *sc;
struct syscall *sc; int i, syscall_num;
cpid = trussinfo->curthread->tid; clear_fsc();
clear_fsc(); cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0)
{
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return;
}
syscall_num = regs.r_rax;
fsc.number = syscall_num; if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
fsc.name = fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
(syscall_num < 0 || syscall_num >= nsyscalls) ? NULL : linux32_syscallnames[syscall_num]; return;
if (!fsc.name) { }
fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num);
}
if (fsc.name && (trussinfo->flags & FOLLOWFORKS) syscall_num = regs.r_rax;
&& ((!strcmp(fsc.name, "linux_fork")
|| !strcmp(fsc.name, "linux_vfork"))))
{
trussinfo->curthread->in_fork = 1;
}
if (nargs == 0) fsc.number = syscall_num;
return; fsc.name = (syscall_num < 0 || syscall_num >= nsyscalls) ?
NULL : linux32_syscallnames[syscall_num];
if (!fsc.name) {
fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n",
syscall_num);
}
/* if (fsc.name && (trussinfo->flags & FOLLOWFORKS) &&
* Linux passes syscall arguments in registers, not (strcmp(fsc.name, "linux_fork") == 0||
* on the stack. Fortunately, we've got access to the strcmp(fsc.name, "linux_vfork") == 0))
* register set. Note that we don't bother checking the trussinfo->curthread->in_fork = 1;
* number of arguments. And what does linux do for syscalls
* that have more than five arguments?
*/
fsc.args[0] = regs.r_rbx; if (nargs == 0)
fsc.args[1] = regs.r_rcx; return;
fsc.args[2] = regs.r_rdx;
fsc.args[3] = regs.r_rsi;
fsc.args[4] = regs.r_rdi;
sc = get_syscall(fsc.name); /*
if (sc) { * Linux passes syscall arguments in registers, not
fsc.nargs = sc->nargs; * on the stack. Fortunately, we've got access to the
} else { * register set. Note that we don't bother checking the
* number of arguments. And what does linux do for syscalls
* that have more than five arguments?
*/
fsc.args[0] = regs.r_rbx;
fsc.args[1] = regs.r_rcx;
fsc.args[2] = regs.r_rdx;
fsc.args[3] = regs.r_rsi;
fsc.args[4] = regs.r_rdi;
sc = get_syscall(fsc.name);
if (sc)
fsc.nargs = sc->nargs;
else {
#if DEBUG #if DEBUG
fprintf(trussinfo->outfile, "unknown syscall %s -- setting args to %d\n", fprintf(trussinfo->outfile, "unknown syscall %s -- setting "
fsc.name, nargs); "args to %d\n", fsc.name, nargs);
#endif #endif
fsc.nargs = nargs; fsc.nargs = nargs;
} }
fsc.s_args = calloc(1, (1+fsc.nargs) * sizeof(char*)); fsc.s_args = calloc(1, (1 + fsc.nargs) * sizeof(char *));
fsc.sc = sc; fsc.sc = sc;
/* /*
* At this point, we set up the system call arguments. * At this point, we set up the system call arguments.
* We ignore any OUT ones, however -- those are arguments that * We ignore any OUT ones, however -- those are arguments that
* are set by the system call, and so are probably meaningless * are set by the system call, and so are probably meaningless
* now. This doesn't currently support arguments that are * now. This doesn't currently support arguments that are
* passed in *and* out, however. * passed in *and* out, however.
*/ */
if (fsc.name) { if (fsc.name) {
#if DEBUG
fprintf(stderr, "syscall %s(", fsc.name);
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%x%s", sc ?
fsc.args[sc->args[i].offset] : fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i],
fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG #if DEBUG
fprintf(stderr, "syscall %s(", fsc.name); fprintf(trussinfo->outfile, "\n");
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%x%s",
sc
? fsc.args[sc->args[i].offset]
: fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i], fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG
fprintf(trussinfo->outfile, "\n");
#endif #endif
if (fsc.name != NULL && if (fsc.name != NULL && (strcmp(fsc.name, "linux_execve") == 0 ||
(!strcmp(fsc.name, "linux_execve") || !strcmp(fsc.name, "exit"))) { strcmp(fsc.name, "exit") == 0)) {
/*
* XXX
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (strcmp(fsc.name, "linux_execve") == 0) {
if ((trussinfo->flags & EXECVEARGS) == 0) {
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
}
if ((trussinfo->flags & EXECVEENVS) == 0) {
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
}
/* XXX return;
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (!strcmp(fsc.name, "linux_execve")) {
if ((trussinfo->flags & EXECVEARGS) == 0)
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
if ((trussinfo->flags & EXECVEENVS) == 0)
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
return;
} }
/* /*
* Linux syscalls return negative errno's, we do positive and map them * Linux syscalls return negative errno's, we do positive and map them
*/ */
static const int bsd_to_linux_errno[] = { static const int bsd_to_linux_errno[] = {
-0, -1, -2, -3, -4, -5, -6, -7, -8, -9, -0, -1, -2, -3, -4, -5, -6, -7, -8, -9,
-10, -35, -12, -13, -14, -15, -16, -17, -18, -19, -10, -35, -12, -13, -14, -15, -16, -17, -18, -19,
-20, -21, -22, -23, -24, -25, -26, -27, -28, -29, -20, -21, -22, -23, -24, -25, -26, -27, -28, -29,
-30, -31, -32, -33, -34, -11,-115,-114, -88, -89, -30, -31, -32, -33, -34, -11,-115,-114, -88, -89,
-90, -91, -92, -93, -94, -95, -96, -97, -98, -99, -90, -91, -92, -93, -94, -95, -96, -97, -98, -99,
-100,-101,-102,-103,-104,-105,-106,-107,-108,-109, -100,-101,-102,-103,-104,-105,-106,-107,-108,-109,
-110,-111, -40, -36,-112,-113, -39, -11, -87,-122, -110,-111, -40, -36,-112,-113, -39, -11, -87,-122,
-116, -66, -6, -6, -6, -6, -6, -37, -38, -9, -116, -66, -6, -6, -6, -6, -6, -37, -38, -9,
-6, -6,
}; };
long long
amd64_linux32_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused) amd64_linux32_syscall_exit(struct trussinfo *trussinfo,
int syscall_num __unused)
{ {
struct reg regs; struct reg regs;
long retval; struct syscall *sc;
int i; long retval;
int errorp; int errorp, i;
struct syscall *sc;
if (fsc.name == NULL) if (fsc.name == NULL)
return (-1); return (-1);
cpid = trussinfo->curthread->tid; cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0)
{
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return (-1);
}
retval = regs.r_rax; if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
errorp = !!(regs.r_rflags & PSL_C); fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return (-1);
}
/* retval = regs.r_rax;
* This code, while simpler than the initial versions I used, could errorp = !!(regs.r_rflags & PSL_C);
* stand some significant cleaning.
*/
sc = fsc.sc;
if (!sc) {
for (i = 0; i < fsc.nargs; i++)
asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
} else {
/*
* Here, we only look for arguments that have OUT masked in --
* otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/* /*
* If an error occurred, than don't bothe getting the data; * This code, while simpler than the initial versions I used, could
* it may not be valid. * stand some significant cleaning.
*/ */
if (errorp)
asprintf(&temp, "0x%lx", fsc.args[sc->args[i].offset]);
else
temp = print_arg(&sc->args[i], fsc.args, retval, trussinfo);
fsc.s_args[i] = temp;
}
}
}
/* sc = fsc.sc;
* It would probably be a good idea to merge the error handling, if (!sc) {
* but that complicates things considerably. for (i = 0; i < fsc.nargs; i++)
*/ asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
if (errorp) { } else {
for (i = 0; (size_t)i < sizeof(bsd_to_linux_errno) / sizeof(int); i++) /*
if (retval == bsd_to_linux_errno[i]) * Here, we only look for arguments that have OUT masked in --
break; * otherwise, they were handled in the syscall_entry function.
} */
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/*
* If an error occurred, then don't bother
* getting the data; it may not be valid.
*/
if (errorp) {
asprintf(&temp, "0x%lx",
fsc.args[sc->args[i].offset]);
} else {
temp = print_arg(&sc->args[i],
fsc.args, retval, trussinfo);
}
fsc.s_args[i] = temp;
}
}
}
if (fsc.name != NULL && /*
(!strcmp(fsc.name, "linux_execve") || !strcmp(fsc.name, "exit"))) { * It would probably be a good idea to merge the error handling,
trussinfo->curthread->in_syscall = 1; * but that complicates things considerably.
} */
if (errorp) {
for (i = 0;
(size_t)i < sizeof(bsd_to_linux_errno) / sizeof(int); i++) {
if (retval == bsd_to_linux_errno[i])
break;
}
}
print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp, if (fsc.name != NULL && (strcmp(fsc.name, "linux_execve") == 0 ||
errorp ? i : retval, fsc.sc); strcmp(fsc.name, "exit") == 0))
clear_fsc(); trussinfo->curthread->in_syscall = 1;
return (retval); print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp,
errorp ? i : retval, fsc.sc);
clear_fsc();
return (retval);
} }

369
usr.bin/truss/i386-fbsd.c
View File

@ -43,8 +43,8 @@ static const char rcsid[] =
*/ */
#include <sys/types.h> #include <sys/types.h>
#include <sys/syscall.h>
#include <sys/ptrace.h> #include <sys/ptrace.h>
#include <sys/syscall.h>
#include <machine/reg.h> #include <machine/reg.h>
#include <machine/psl.h> #include <machine/psl.h>
@ -88,18 +88,19 @@ static struct freebsd_syscall {
/* Clear up and free parts of the fsc structure. */ /* Clear up and free parts of the fsc structure. */
static __inline void static __inline void
clear_fsc(void) { clear_fsc(void)
if (fsc.args) { {
free(fsc.args); int i;
}
if (fsc.s_args) { if (fsc.args)
int i; free(fsc.args);
for (i = 0; i < fsc.nargs; i++) if (fsc.s_args) {
if (fsc.s_args[i]) for (i = 0; i < fsc.nargs; i++)
free(fsc.s_args[i]); if (fsc.s_args[i])
free(fsc.s_args); free(fsc.s_args[i]);
} free(fsc.s_args);
memset(&fsc, 0, sizeof(fsc)); }
memset(&fsc, 0, sizeof(fsc));
} }
/* /*
@ -110,140 +111,139 @@ clear_fsc(void) {
*/ */
void void
i386_syscall_entry(struct trussinfo *trussinfo, int nargs) { i386_syscall_entry(struct trussinfo *trussinfo, int nargs)
struct reg regs; {
int syscall_num; struct ptrace_io_desc iorequest;
int i; struct reg regs;
unsigned int parm_offset; struct syscall *sc;
struct syscall *sc = NULL; unsigned int parm_offset;
struct ptrace_io_desc iorequest; int i, syscall_num;
cpid = trussinfo->curthread->tid;
clear_fsc(); clear_fsc();
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0)
{
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return;
}
parm_offset = regs.r_esp + sizeof(int);
/* cpid = trussinfo->curthread->tid;
* FreeBSD has two special kinds of system call redirctions --
* SYS_syscall, and SYS___syscall. The former is the old syscall()
* routine, basically; the latter is for quad-aligned arguments.
*/
syscall_num = regs.r_eax;
switch (syscall_num) {
case SYS_syscall:
syscall_num = ptrace(PT_READ_D, cpid, (caddr_t)parm_offset, 0);
parm_offset += sizeof(int);
break;
case SYS___syscall:
syscall_num = ptrace(PT_READ_D, cpid, (caddr_t)parm_offset, 0);
parm_offset += sizeof(quad_t);
break;
}
fsc.number = syscall_num; if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
fsc.name = fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
(syscall_num < 0 || syscall_num >= nsyscalls) ? NULL : syscallnames[syscall_num]; return;
if (!fsc.name) { }
fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num); parm_offset = regs.r_esp + sizeof(int);
}
if (fsc.name && (trussinfo->flags & FOLLOWFORKS) /*
&& ((!strcmp(fsc.name, "fork") * FreeBSD has two special kinds of system call redirctions --
|| !strcmp(fsc.name, "rfork") * SYS_syscall, and SYS___syscall. The former is the old syscall()
|| !strcmp(fsc.name, "vfork")))) * routine, basically; the latter is for quad-aligned arguments.
{ */
trussinfo->curthread->in_fork = 1; syscall_num = regs.r_eax;
} switch (syscall_num) {
case SYS_syscall:
syscall_num = ptrace(PT_READ_D, cpid, (caddr_t)parm_offset, 0);
parm_offset += sizeof(int);
break;
case SYS___syscall:
syscall_num = ptrace(PT_READ_D, cpid, (caddr_t)parm_offset, 0);
parm_offset += sizeof(quad_t);
break;
}
if (nargs == 0) fsc.number = syscall_num;
return; fsc.name = (syscall_num < 0 || syscall_num >= nsyscalls) ?
NULL : syscallnames[syscall_num];
if (!fsc.name) {
fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n",
syscall_num);
}
fsc.args = malloc((1+nargs) * sizeof(unsigned long)); if (fsc.name && (trussinfo->flags & FOLLOWFORKS) &&
iorequest.piod_op = PIOD_READ_D; (strcmp(fsc.name, "fork") == 0 ||
iorequest.piod_offs = (void *)parm_offset; strcmp(fsc.name, "rfork") == 0 ||
iorequest.piod_addr = fsc.args; strcmp(fsc.name, "vfork") == 0))
iorequest.piod_len = (1+nargs) * sizeof(unsigned long); trussinfo->curthread->in_fork = 1;
ptrace(PT_IO, cpid, (caddr_t)&iorequest, 0);
if (iorequest.piod_len == 0)
return;
if (fsc.name) if (nargs == 0)
sc = get_syscall(fsc.name); return;
if (sc) {
fsc.nargs = sc->nargs; fsc.args = malloc((1 + nargs) * sizeof(unsigned long));
} else { iorequest.piod_op = PIOD_READ_D;
iorequest.piod_offs = (void *)parm_offset;
iorequest.piod_addr = fsc.args;
iorequest.piod_len = (1 + nargs) * sizeof(unsigned long);
ptrace(PT_IO, cpid, (caddr_t)&iorequest, 0);
if (iorequest.piod_len == 0)
return;
sc = NULL;
if (fsc.name)
sc = get_syscall(fsc.name);
if (sc)
fsc.nargs = sc->nargs;
else {
#if DEBUG #if DEBUG
fprintf(trussinfo->outfile, "unknown syscall %s -- setting args to %d\n", fprintf(trussinfo->outfile, "unknown syscall %s -- setting "
fsc.name, nargs); "args to %d\n", fsc.name, nargs);
#endif #endif
fsc.nargs = nargs; fsc.nargs = nargs;
} }
fsc.s_args = calloc(1, (1+fsc.nargs) * sizeof(char*)); fsc.s_args = calloc(1, (1 + fsc.nargs) * sizeof(char *));
fsc.sc = sc; fsc.sc = sc;
/* /*
* At this point, we set up the system call arguments. * At this point, we set up the system call arguments.
* We ignore any OUT ones, however -- those are arguments that * We ignore any OUT ones, however -- those are arguments that
* are set by the system call, and so are probably meaningless * are set by the system call, and so are probably meaningless
* now. This doesn't currently support arguments that are * now. This doesn't currently support arguments that are
* passed in *and* out, however. * passed in *and* out, however.
*/ */
if (fsc.name) { if (fsc.name) {
#if DEBUG
fprintf(stderr, "syscall %s(", fsc.name);
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%x%s", sc ?
fsc.args[sc->args[i].offset] : fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i],
fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG #if DEBUG
fprintf(stderr, "syscall %s(", fsc.name); fprintf(trussinfo->outfile, "\n");
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%x%s",
sc
? fsc.args[sc->args[i].offset]
: fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i], fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG
fprintf(trussinfo->outfile, "\n");
#endif #endif
if (fsc.name != NULL && if (fsc.name != NULL && (strcmp(fsc.name, "execve") == 0 ||
(!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit"))) { strcmp(fsc.name, "exit") == 0)) {
/*
* XXX
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (strcmp(fsc.name, "execve") == 0) {
if ((trussinfo->flags & EXECVEARGS) == 0) {
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
}
if ((trussinfo->flags & EXECVEENVS) == 0) {
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
}
/* XXX return;
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (!strcmp(fsc.name, "execve")) {
if ((trussinfo->flags & EXECVEARGS) == 0)
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
if ((trussinfo->flags & EXECVEENVS) == 0)
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
return;
} }
/* /*
@ -256,68 +256,69 @@ i386_syscall_entry(struct trussinfo *trussinfo, int nargs) {
long long
i386_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused) i386_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused)
{ {
struct reg regs; struct reg regs;
long retval; struct syscall *sc;
int i; long retval;
int errorp; int errorp, i;
struct syscall *sc;
if (fsc.name == NULL) if (fsc.name == NULL)
return (-1); return (-1);
cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) cpid = trussinfo->curthread->tid;
{
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return (-1);
}
retval = regs.r_eax;
errorp = !!(regs.r_eflags & PSL_C);
/* if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
* This code, while simpler than the initial versions I used, could fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
* stand some significant cleaning. return (-1);
*/ }
retval = regs.r_eax;
errorp = !!(regs.r_eflags & PSL_C);
sc = fsc.sc;
if (!sc) {
for (i = 0; i < fsc.nargs; i++)
asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
} else {
/*
* Here, we only look for arguments that have OUT masked in --
* otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/* /*
* If an error occurred, then don't bother getting the data; * This code, while simpler than the initial versions I used, could
* it may not be valid. * stand some significant cleaning.
*/ */
if (errorp)
asprintf(&temp, "0x%lx", fsc.args[sc->args[i].offset]);
else
temp = print_arg(&sc->args[i], fsc.args, retval, trussinfo);
fsc.s_args[i] = temp;
}
}
}
if (fsc.name != NULL && sc = fsc.sc;
(!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit"))) { if (!sc) {
trussinfo->curthread->in_syscall = 1; for (i = 0; i < fsc.nargs; i++)
} asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
} else {
/*
* Here, we only look for arguments that have OUT masked in --
* otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/*
* If an error occurred, then don't bother
* getting the data; it may not be valid.
*/
if (errorp) {
asprintf(&temp, "0x%lx",
fsc.args[sc->args[i].offset]);
} else {
temp = print_arg(&sc->args[i],
fsc.args, retval, trussinfo);
}
fsc.s_args[i] = temp;
}
}
}
/* if (fsc.name != NULL && (strcmp(fsc.name, "execve") == 0 ||
* It would probably be a good idea to merge the error handling, strcmp(fsc.name, "exit") == 0))
* but that complicates things considerably. trussinfo->curthread->in_syscall = 1;
*/
print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp, /*
retval, fsc.sc); * It would probably be a good idea to merge the error handling,
clear_fsc(); * but that complicates things considerably.
*/
return (retval); print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp,
retval, fsc.sc);
clear_fsc();
return (retval);
} }

350
usr.bin/truss/i386-linux.c
View File

@ -86,15 +86,17 @@ static struct linux_syscall {
/* Clear up and free parts of the fsc structure. */ /* Clear up and free parts of the fsc structure. */
static __inline void static __inline void
clear_fsc(void) { clear_fsc(void)
if (fsc.s_args) { {
int i; int i;
for (i = 0; i < fsc.nargs; i++)
if (fsc.s_args[i]) if (fsc.s_args) {
free(fsc.s_args[i]); for (i = 0; i < fsc.nargs; i++)
free(fsc.s_args); if (fsc.s_args[i])
} free(fsc.s_args[i]);
memset(&fsc, 0, sizeof(fsc)); free(fsc.s_args);
}
memset(&fsc, 0, sizeof(fsc));
} }
/* /*
@ -105,211 +107,213 @@ clear_fsc(void) {
*/ */
void void
i386_linux_syscall_entry(struct trussinfo *trussinfo, int nargs) { i386_linux_syscall_entry(struct trussinfo *trussinfo, int nargs)
struct reg regs; {
int syscall_num; struct reg regs;
int i; struct syscall *sc;
struct syscall *sc; int i, syscall_num;
cpid = trussinfo->curthread->tid; clear_fsc();
clear_fsc(); cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0)
{
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return;
}
syscall_num = regs.r_eax;
fsc.number = syscall_num; if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
fsc.name = fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
(syscall_num < 0 || syscall_num >= nsyscalls) ? NULL : linux_syscallnames[syscall_num]; return;
if (!fsc.name) { }
fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num);
}
if (fsc.name && (trussinfo->flags & FOLLOWFORKS) syscall_num = regs.r_eax;
&& ((!strcmp(fsc.name, "linux_fork")
|| !strcmp(fsc.name, "linux_vfork"))))
{
trussinfo->curthread->in_fork = 1;
}
if (nargs == 0) fsc.number = syscall_num;
return; fsc.name = (syscall_num < 0 || syscall_num >= nsyscalls) ?
NULL : linux_syscallnames[syscall_num];
if (!fsc.name) {
fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n",
syscall_num);
}
/* if (fsc.name && (trussinfo->flags & FOLLOWFORKS) &&
* Linux passes syscall arguments in registers, not (strcmp(fsc.name, "linux_fork") == 0 ||
* on the stack. Fortunately, we've got access to the strcmp(fsc.name, "linux_vfork") == 0))
* register set. Note that we don't bother checking the trussinfo->curthread->in_fork = 1;
* number of arguments. And what does linux do for syscalls
* that have more than five arguments?
*/
fsc.args[0] = regs.r_ebx; if (nargs == 0)
fsc.args[1] = regs.r_ecx; return;
fsc.args[2] = regs.r_edx;
fsc.args[3] = regs.r_esi;
fsc.args[4] = regs.r_edi;
sc = get_syscall(fsc.name); /*
if (sc) { * Linux passes syscall arguments in registers, not
fsc.nargs = sc->nargs; * on the stack. Fortunately, we've got access to the
} else { * register set. Note that we don't bother checking the
* number of arguments. And what does linux do for syscalls
* that have more than five arguments?
*/
fsc.args[0] = regs.r_ebx;
fsc.args[1] = regs.r_ecx;
fsc.args[2] = regs.r_edx;
fsc.args[3] = regs.r_esi;
fsc.args[4] = regs.r_edi;
sc = get_syscall(fsc.name);
if (sc)
fsc.nargs = sc->nargs;
else {
#if DEBUG #if DEBUG
fprintf(trussinfo->outfile, "unknown syscall %s -- setting args to %d\n", fprintf(trussinfo->outfile, "unknown syscall %s -- setting "
fsc.name, nargs); "args to %d\n", fsc.name, nargs);
#endif #endif
fsc.nargs = nargs; fsc.nargs = nargs;
} }
fsc.s_args = calloc(1, (1+fsc.nargs) * sizeof(char*)); fsc.s_args = calloc(1, (1 + fsc.nargs) * sizeof(char *));
fsc.sc = sc; fsc.sc = sc;
/* /*
* At this point, we set up the system call arguments. * At this point, we set up the system call arguments.
* We ignore any OUT ones, however -- those are arguments that * We ignore any OUT ones, however -- those are arguments that
* are set by the system call, and so are probably meaningless * are set by the system call, and so are probably meaningless
* now. This doesn't currently support arguments that are * now. This doesn't currently support arguments that are
* passed in *and* out, however. * passed in *and* out, however.
*/ */
if (fsc.name) { if (fsc.name) {
#if DEBUG
fprintf(stderr, "syscall %s(", fsc.name);
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%x%s", sc ?
fsc.args[sc->args[i].offset] : fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i],
fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG #if DEBUG
fprintf(stderr, "syscall %s(", fsc.name); fprintf(trussinfo->outfile, "\n");
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%x%s",
sc
? fsc.args[sc->args[i].offset]
: fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i], fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG
fprintf(trussinfo->outfile, "\n");
#endif #endif
if (fsc.name != NULL && if (fsc.name != NULL && (strcmp(fsc.name, "linux_execve") == 0 ||
(!strcmp(fsc.name, "linux_execve") || !strcmp(fsc.name, "exit"))) { strcmp(fsc.name, "exit") == 0)) {
/*
* XXX
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (strcmp(fsc.name, "linux_execve") == 0) {
if ((trussinfo->flags & EXECVEARGS) == 0) {
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
}
if ((trussinfo->flags & EXECVEENVS) == 0) {
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
}
/* XXX return;
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (!strcmp(fsc.name, "linux_execve")) {
if ((trussinfo->flags & EXECVEARGS) == 0)
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
if ((trussinfo->flags & EXECVEENVS) == 0)
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
return;
} }
/* /*
* Linux syscalls return negative errno's, we do positive and map them * Linux syscalls return negative errno's, we do positive and map them
*/ */
static const int bsd_to_linux_errno[] = { static const int bsd_to_linux_errno[] = {
-0, -1, -2, -3, -4, -5, -6, -7, -8, -9, -0, -1, -2, -3, -4, -5, -6, -7, -8, -9,
-10, -35, -12, -13, -14, -15, -16, -17, -18, -19, -10, -35, -12, -13, -14, -15, -16, -17, -18, -19,
-20, -21, -22, -23, -24, -25, -26, -27, -28, -29, -20, -21, -22, -23, -24, -25, -26, -27, -28, -29,
-30, -31, -32, -33, -34, -11,-115,-114, -88, -89, -30, -31, -32, -33, -34, -11,-115,-114, -88, -89,
-90, -91, -92, -93, -94, -95, -96, -97, -98, -99, -90, -91, -92, -93, -94, -95, -96, -97, -98, -99,
-100,-101,-102,-103,-104,-105,-106,-107,-108,-109, -100,-101,-102,-103,-104,-105,-106,-107,-108,-109,
-110,-111, -40, -36,-112,-113, -39, -11, -87,-122, -110,-111, -40, -36,-112,-113, -39, -11, -87,-122,
-116, -66, -6, -6, -6, -6, -6, -37, -38, -9, -116, -66, -6, -6, -6, -6, -6, -37, -38, -9,
-6, -6,
}; };
long long
i386_linux_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused) i386_linux_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused)
{ {
struct reg regs; struct reg regs;
long retval; struct syscall *sc;
int i; long retval;
int errorp; int errorp, i;
struct syscall *sc;
if (fsc.name == NULL) if (fsc.name == NULL)
return (-1); return (-1);
cpid = trussinfo->curthread->tid; cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0)
{
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return (-1);
}
retval = regs.r_eax; if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
errorp = !!(regs.r_eflags & PSL_C); fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return (-1);
}
/* retval = regs.r_eax;
* This code, while simpler than the initial versions I used, could errorp = !!(regs.r_eflags & PSL_C);
* stand some significant cleaning.
*/
sc = fsc.sc;
if (!sc) {
for (i = 0; i < fsc.nargs; i++)
asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
} else {
/*
* Here, we only look for arguments that have OUT masked in --
* otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/* /*
* If an error occurred, than don't bothe getting the data; * This code, while simpler than the initial versions I used, could
* it may not be valid. * stand some significant cleaning.
*/ */
if (errorp)
asprintf(&temp, "0x%lx", fsc.args[sc->args[i].offset]);
else
temp = print_arg(&sc->args[i], fsc.args, retval, trussinfo);
fsc.s_args[i] = temp;
}
}
}
/* sc = fsc.sc;
* It would probably be a good idea to merge the error handling, if (!sc) {
* but that complicates things considerably. for (i = 0; i < fsc.nargs; i++)
*/ asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
if (errorp) { } else {
for (i = 0; (size_t)i < sizeof(bsd_to_linux_errno) / sizeof(int); i++) /*
if (retval == bsd_to_linux_errno[i]) * Here, we only look for arguments that have OUT masked in --
break; * otherwise, they were handled in the syscall_entry function.
} */
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/*
* If an error occurred, then don't bother
* getting the data; it may not be valid.
*/
if (errorp) {
asprintf(&temp, "0x%lx",
fsc.args[sc->args[i].offset]);
} else {
temp = print_arg(&sc->args[i],
fsc.args, retval, trussinfo);
}
fsc.s_args[i] = temp;
}
}
}
if (fsc.name != NULL && /*
(!strcmp(fsc.name, "linux_execve") || !strcmp(fsc.name, "exit"))) { * It would probably be a good idea to merge the error handling,
trussinfo->curthread->in_syscall = 1; * but that complicates things considerably.
} */
if (errorp) {
for (i = 0;
(size_t)i < sizeof(bsd_to_linux_errno) / sizeof(int); i++) {
if (retval == bsd_to_linux_errno[i])
break;
}
}
print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp, if (fsc.name != NULL && (strcmp(fsc.name, "linux_execve") == 0 ||
errorp ? i : retval, fsc.sc); strcmp(fsc.name, "exit") == 0))
clear_fsc(); trussinfo->curthread->in_syscall = 1;
return (retval); print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp,
errorp ? i : retval, fsc.sc);
clear_fsc();
return (retval);
} }

328
usr.bin/truss/ia64-fbsd.c
View File

@ -87,18 +87,19 @@ static struct freebsd_syscall {
/* Clear up and free parts of the fsc structure. */ /* Clear up and free parts of the fsc structure. */
static __inline void static __inline void
clear_fsc(void) { clear_fsc(void)
if (fsc.args) { {
free(fsc.args); int i;
}
if (fsc.s_args) { if (fsc.args)
int i; free(fsc.args);
for (i = 0; i < fsc.nargs; i++) if (fsc.s_args) {
if (fsc.s_args[i]) for (i = 0; i < fsc.nargs; i++)
free(fsc.s_args[i]); if (fsc.s_args[i])
free(fsc.s_args); free(fsc.s_args[i]);
} free(fsc.s_args);
memset(&fsc, 0, sizeof(fsc)); }
memset(&fsc, 0, sizeof(fsc));
} }
/* /*
@ -109,122 +110,122 @@ clear_fsc(void) {
*/ */
void void
ia64_syscall_entry(struct trussinfo *trussinfo, int nargs) { ia64_syscall_entry(struct trussinfo *trussinfo, int nargs)
struct reg regs; {
int syscall_num; struct reg regs;
int i; struct syscall *sc;
unsigned long *parm_offset; unsigned long *parm_offset;
struct syscall *sc; int i, syscall_num;
cpid = trussinfo->curthread->tid; clear_fsc();
clear_fsc(); cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return;
}
parm_offset = &regs.r_scratch.gr16;
/* if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
* FreeBSD has two special kinds of system call redirctions -- fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
* SYS_syscall, and SYS___syscall. The former is the old syscall() return;
* routine, basically; the latter is for quad-aligned arguments. }
*/ parm_offset = &regs.r_scratch.gr16;
syscall_num = regs.r_scratch.gr15; /* XXX double-check. */
if (syscall_num == SYS_syscall || syscall_num == SYS___syscall)
syscall_num = (int)*parm_offset++;
fsc.number = syscall_num; /*
fsc.name = (syscall_num < 0 || syscall_num >= nsyscalls) * FreeBSD has two special kinds of system call redirctions --
? NULL : syscallnames[syscall_num]; * SYS_syscall, and SYS___syscall. The former is the old syscall()
if (!fsc.name) { * routine, basically; the latter is for quad-aligned arguments.
fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num); */
} syscall_num = regs.r_scratch.gr15; /* XXX double-check. */
if (syscall_num == SYS_syscall || syscall_num == SYS___syscall)
syscall_num = (int)*parm_offset++;
if (fsc.name && (trussinfo->flags & FOLLOWFORKS) fsc.number = syscall_num;
&& ((!strcmp(fsc.name, "fork") fsc.name = (syscall_num < 0 || syscall_num >= nsyscalls) ?
|| !strcmp(fsc.name, "rfork") NULL : syscallnames[syscall_num];
|| !strcmp(fsc.name, "vfork")))) if (!fsc.name) {
{ fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n",
trussinfo->curthread->in_fork = 1; syscall_num);
} }
if (nargs == 0) if (fsc.name && (trussinfo->flags & FOLLOWFORKS) &&
return; (strcmp(fsc.name, "fork") == 0 ||
strcmp(fsc.name, "rfork") == 0 ||
strcmp(fsc.name, "vfork") == 0))
trussinfo->curthread->in_fork = 1;
fsc.args = malloc((1+nargs) * sizeof(unsigned long)); if (nargs == 0)
memcpy(fsc.args, parm_offset, nargs * sizeof(long)); return;
sc = get_syscall(fsc.name); fsc.args = malloc((1 + nargs) * sizeof(unsigned long));
if (sc) { memcpy(fsc.args, parm_offset, nargs * sizeof(long));
fsc.nargs = sc->nargs;
} else { sc = get_syscall(fsc.name);
if (sc)
fsc.nargs = sc->nargs;
else {
#if DEBUG #if DEBUG
fprintf(trussinfo->outfile, "unknown syscall %s -- setting args to %d\n", fprintf(trussinfo->outfile, "unknown syscall %s -- setting "
fsc.name, nargs); "args to %d\n", fsc.name, nargs);
#endif #endif
fsc.nargs = nargs; fsc.nargs = nargs;
} }
fsc.s_args = calloc(1, (1+fsc.nargs) * sizeof(char*)); fsc.s_args = calloc(1, (1 + fsc.nargs) * sizeof(char *));
fsc.sc = sc; fsc.sc = sc;
/* /*
* At this point, we set up the system call arguments. * At this point, we set up the system call arguments.
* We ignore any OUT ones, however -- those are arguments that * We ignore any OUT ones, however -- those are arguments that
* are set by the system call, and so are probably meaningless * are set by the system call, and so are probably meaningless
* now. This doesn't currently support arguments that are * now. This doesn't currently support arguments that are
* passed in *and* out, however. * passed in *and* out, however.
*/ */
if (fsc.name) { if (fsc.name) {
#if DEBUG
fprintf(stderr, "syscall %s(", fsc.name);
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%x%s", sc ?
fsc.args[sc->args[i].offset] : fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i],
fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG #if DEBUG
fprintf(stderr, "syscall %s(", fsc.name); fprintf(trussinfo->outfile, "\n");
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%x%s",
sc
? fsc.args[sc->args[i].offset]
: fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i], fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG
fprintf(trussinfo->outfile, "\n");
#endif #endif
if (fsc.name != NULL && if (fsc.name != NULL && (strcmp(fsc.name, "execve") == 0 ||
(!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit"))) { strcmp(fsc.name, "exit") == 0)) {
/*
* XXX
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (strcmp(fsc.name, "execve") == 0) {
if ((trussinfo->flags & EXECVEARGS) == 0) {
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
}
if ((trussinfo->flags & EXECVEENVS) == 0) {
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
}
/* XXX return;
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (!strcmp(fsc.name, "execve")) {
if ((trussinfo->flags & EXECVEARGS) == 0)
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
if ((trussinfo->flags & EXECVEENVS) == 0)
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
return;
} }
/* /*
@ -237,65 +238,68 @@ ia64_syscall_entry(struct trussinfo *trussinfo, int nargs) {
long long
ia64_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused) ia64_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused)
{ {
struct reg regs; struct reg regs;
long retval; struct syscall *sc;
int i; long retval;
int errorp; int errorp, i;
struct syscall *sc;
if (fsc.name == NULL) if (fsc.name == NULL)
return (-1); return (-1);
cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) { cpid = trussinfo->curthread->tid;
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return (-1);
}
retval = regs.r_scratch.gr8;
errorp = (regs.r_scratch.gr10 != 0) ? 1 : 0;
/* if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
* This code, while simpler than the initial versions I used, could fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
* stand some significant cleaning. return (-1);
*/ }
retval = regs.r_scratch.gr8;
errorp = (regs.r_scratch.gr10 != 0) ? 1 : 0;
sc = fsc.sc;
if (!sc) {
for (i = 0; i < fsc.nargs; i++)
asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
} else {
/*
* Here, we only look for arguments that have OUT masked in --
* otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/* /*
* If an error occurred, than don't bothe getting the data; * This code, while simpler than the initial versions I used, could
* it may not be valid. * stand some significant cleaning.
*/ */
if (errorp)
asprintf(&temp, "0x%lx", fsc.args[sc->args[i].offset]);
else
temp = print_arg(&sc->args[i], fsc.args, retval, trussinfo);
fsc.s_args[i] = temp;
}
}
}
if (fsc.name != NULL && sc = fsc.sc;
(!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit"))) { if (!sc) {
trussinfo->curthread->in_syscall = 1; for (i = 0; i < fsc.nargs; i++)
} asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
/* } else {
* It would probably be a good idea to merge the error handling, /*
* but that complicates things considerably. * Here, we only look for arguments that have OUT masked in --
*/ * otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/*
* If an error occurred, then don't bother
* getting the data; it may not be valid.
*/
if (errorp) {
asprintf(&temp, "0x%lx",
fsc.args[sc->args[i].offset]);
} else {
temp = print_arg(&sc->args[i],
fsc.args, retval, trussinfo);
}
fsc.s_args[i] = temp;
}
}
}
print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp, if (fsc.name != NULL && (strcmp(fsc.name, "execve") == 0 ||
retval, fsc.sc); strcmp(fsc.name, "exit") == 0))
clear_fsc(); trussinfo->curthread->in_syscall = 1;
/*
* It would probably be a good idea to merge the error handling,
* but that complicates things considerably.
*/
return (retval); print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp,
retval, fsc.sc);
clear_fsc();
return (retval);
} }

51
usr.bin/truss/main.c
View File

@ -59,7 +59,7 @@ __FBSDID("$FreeBSD$");
#include "extern.h" #include "extern.h"
#include "syscall.h" #include "syscall.h"
#define MAXARGS 6 #define MAXARGS 6
static void static void
usage(void) usage(void)
@ -113,19 +113,19 @@ static struct ex_types {
/* /*
* Set the execution type. This is called after every exec, and when * Set the execution type. This is called after every exec, and when
* a process is first monitored. * a process is first monitored.
*/ */
static struct ex_types * static struct ex_types *
set_etype(struct trussinfo *trussinfo) set_etype(struct trussinfo *trussinfo)
{ {
struct ex_types *funcs; struct ex_types *funcs;
char progt[32]; size_t len;
size_t len = sizeof(progt);
int mib[4];
int error; int error;
int mib[4];
char progt[32];
len = sizeof(progt);
mib[0] = CTL_KERN; mib[0] = CTL_KERN;
mib[1] = KERN_PROC; mib[1] = KERN_PROC;
mib[2] = KERN_PROC_SV_NAME; mib[2] = KERN_PROC_SV_NAME;
@ -135,7 +135,7 @@ set_etype(struct trussinfo *trussinfo)
err(2, "can not get etype"); err(2, "can not get etype");
for (funcs = ex_types; funcs->type; funcs++) for (funcs = ex_types; funcs->type; funcs++)
if (!strcmp(funcs->type, progt)) if (strcmp(funcs->type, progt) == 0)
break; break;
if (funcs->type == NULL) { if (funcs->type == NULL) {
@ -163,16 +163,13 @@ strsig(int sig)
int int
main(int ac, char **av) main(int ac, char **av)
{ {
int c;
int i;
pid_t childpid;
int status;
char **command;
struct ex_types *funcs; struct ex_types *funcs;
int initial_open;
char *fname;
struct trussinfo *trussinfo; struct trussinfo *trussinfo;
char *fname;
char *signame; char *signame;
char **command;
pid_t childpid;
int c, i, initial_open, status;
fname = NULL; fname = NULL;
initial_open = 1; initial_open = 1;
@ -192,7 +189,7 @@ main(int ac, char **av)
case 'p': /* specified pid */ case 'p': /* specified pid */
trussinfo->pid = atoi(optarg); trussinfo->pid = atoi(optarg);
/* make sure i don't trace me */ /* make sure i don't trace me */
if(trussinfo->pid == getpid()) { if (trussinfo->pid == getpid()) {
fprintf(stderr, "attempt to grab self.\n"); fprintf(stderr, "attempt to grab self.\n");
exit(2); exit(2);
} }
@ -221,7 +218,7 @@ main(int ac, char **av)
case 's': /* Specified string size */ case 's': /* Specified string size */
trussinfo->strsize = atoi(optarg); trussinfo->strsize = atoi(optarg);
break; break;
case 'S': /* Don't trace signals */ case 'S': /* Don't trace signals */
trussinfo->flags |= NOSIGS; trussinfo->flags |= NOSIGS;
break; break;
default: default:
@ -288,7 +285,7 @@ main(int ac, char **av)
struct timespec timediff; struct timespec timediff;
waitevent(trussinfo); waitevent(trussinfo);
switch(i = trussinfo->pr_why) { switch (i = trussinfo->pr_why) {
case S_SCE: case S_SCE:
funcs->enter_syscall(trussinfo, MAXARGS); funcs->enter_syscall(trussinfo, MAXARGS);
clock_gettime(CLOCK_REALTIME, clock_gettime(CLOCK_REALTIME,
@ -301,9 +298,8 @@ main(int ac, char **av)
if (trussinfo->curthread->in_fork && if (trussinfo->curthread->in_fork &&
(trussinfo->flags & FOLLOWFORKS)) { (trussinfo->flags & FOLLOWFORKS)) {
trussinfo->curthread->in_fork = 0; trussinfo->curthread->in_fork = 0;
childpid = childpid = funcs->exit_syscall(trussinfo,
funcs->exit_syscall(trussinfo, trussinfo->pr_data);
trussinfo->pr_data);
/* /*
* Fork a new copy of ourself to trace * Fork a new copy of ourself to trace
@ -359,10 +355,10 @@ main(int ac, char **av)
timediff.tv_nsec); timediff.tv_nsec);
} }
if (trussinfo->flags & RELATIVETIMESTAMPS) { if (trussinfo->flags & RELATIVETIMESTAMPS) {
timespecsubt(&trussinfo->after, timespecsubt(&trussinfo->after,
&trussinfo->before, &timediff); &trussinfo->before, &timediff);
fprintf(trussinfo->outfile, "%ld.%09ld ", fprintf(trussinfo->outfile, "%ld.%09ld ",
(long)timediff.tv_sec, timediff.tv_nsec); (long)timediff.tv_sec, timediff.tv_nsec);
} }
fprintf(trussinfo->outfile, fprintf(trussinfo->outfile,
"process exit, rval = %u\n", trussinfo->pr_data); "process exit, rval = %u\n", trussinfo->pr_data);
@ -372,13 +368,14 @@ main(int ac, char **av)
} }
} while (trussinfo->pr_why != S_EXIT); } while (trussinfo->pr_why != S_EXIT);
if (trussinfo->flags & FOLLOWFORKS) if (trussinfo->flags & FOLLOWFORKS) {
do { do {
childpid = wait(&status); childpid = wait(&status);
} while (childpid != -1); } while (childpid != -1);
}
if (trussinfo->flags & COUNTONLY) if (trussinfo->flags & COUNTONLY)
print_summary(trussinfo); print_summary(trussinfo);
fflush(trussinfo->outfile); fflush(trussinfo->outfile);

427
usr.bin/truss/mips-fbsd.c
View File

@ -92,18 +92,19 @@ static struct freebsd_syscall {
/* Clear up and free parts of the fsc structure. */ /* Clear up and free parts of the fsc structure. */
static __inline void static __inline void
clear_fsc(void) { clear_fsc(void)
if (fsc.args) { {
free(fsc.args); int i;
}
if (fsc.s_args) { if (fsc.args)
int i; free(fsc.args);
for (i = 0; i < fsc.nargs; i++) if (fsc.s_args) {
if (fsc.s_args[i]) for (i = 0; i < fsc.nargs; i++)
free(fsc.s_args[i]); if (fsc.s_args[i])
free(fsc.s_args); free(fsc.s_args[i]);
} free(fsc.s_args);
memset(&fsc, 0, sizeof(fsc)); }
memset(&fsc, 0, sizeof(fsc));
} }
/* /*
@ -114,162 +115,169 @@ clear_fsc(void) {
*/ */
void void
mips_syscall_entry(struct trussinfo *trussinfo, int nargs) { mips_syscall_entry(struct trussinfo *trussinfo, int nargs)
struct reg regs; {
int syscall_num; struct ptrace_io_desc iorequest;
int i; struct reg regs;
struct syscall *sc; struct syscall *sc;
int indir = 0; /* indirect system call */ int i, syscall_num;
struct ptrace_io_desc iorequest; int indir; /* indirect system call */
cpid = trussinfo->curthread->tid; clear_fsc();
clear_fsc(); cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return;
}
syscall_num = regs.r_regs[V0]; if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
if (syscall_num == SYS_syscall) { fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
indir = 1; return;
syscall_num = regs.r_regs[A0]; }
}
fsc.number = syscall_num; indir = 0;
fsc.name = syscall_num = regs.r_regs[V0];
(syscall_num < 0 || syscall_num >= nsyscalls) ? NULL : syscallnames[syscall_num]; if (syscall_num == SYS_syscall) {
if (!fsc.name) { indir = 1;
fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num); syscall_num = regs.r_regs[A0];
} }
if (fsc.name && (trussinfo->flags & FOLLOWFORKS) fsc.number = syscall_num;
&& ((!strcmp(fsc.name, "fork") fsc.name = (syscall_num < 0 || syscall_num >= nsyscalls) ?
|| !strcmp(fsc.name, "rfork") NULL : syscallnames[syscall_num];
|| !strcmp(fsc.name, "vfork")))) if (!fsc.name) {
{ fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n",
trussinfo->curthread->in_fork = 1; syscall_num);
} }
if (nargs == 0) if (fsc.name && (trussinfo->flags & FOLLOWFORKS) &&
return; (strcmp(fsc.name, "fork") == 0 ||
strcmp(fsc.name, "rfork") == 0 ||
strcmp(fsc.name, "vfork") == 0))
trussinfo->curthread->in_fork = 1;
fsc.args = malloc((1+nargs) * sizeof(unsigned long)); if (nargs == 0)
return;
fsc.args = malloc((1 + nargs) * sizeof(unsigned long));
#if 0 // XXX #if 0 // XXX
iorequest.piod_op = PIOD_READ_D;
iorequest.piod_offs = (void *)parm_offset;
iorequest.piod_addr = fsc.args;
iorequest.piod_len = (1+nargs) * sizeof(unsigned long);
ptrace(PT_IO, cpid, (caddr_t)&iorequest, 0);
if (iorequest.piod_len == 0)
return;
#else
iorequest.piod_op = PIOD_READ_D;
#endif
switch (nargs) {
default:
/*
* The OS doesn't seem to allow more than 10 words of
* parameters (yay!). So we shouldn't be here.
*/
warn("More than 10 words (%d) of arguments!\n", nargs);
break;
case 10: case 9: case 8: case 7: case 6: case 5:
/*
* If there are 7-10 words of arguments, they are placed
* on the stack, as is normal for other processors.
* The fall-through for all of these is deliberate!!!
*/
// XXX BAD constant used here
iorequest.piod_op = PIOD_READ_D; iorequest.piod_op = PIOD_READ_D;
iorequest.piod_offs = (void *)(regs.r_regs[SP] + 4 * sizeof(uint32_t)); iorequest.piod_offs = (void *)parm_offset;
iorequest.piod_addr = &fsc.args[4]; iorequest.piod_addr = fsc.args;
iorequest.piod_len = (nargs - 4) * sizeof(fsc.args[0]); iorequest.piod_len = (1 + nargs) * sizeof(unsigned long);
ptrace(PT_IO, cpid, (caddr_t)&iorequest, 0); ptrace(PT_IO, cpid, (caddr_t)&iorequest, 0);
if (iorequest.piod_len == 0) return; if (iorequest.piod_len == 0)
case 4: fsc.args[3] = regs.r_regs[A3]; return;
case 3: fsc.args[2] = regs.r_regs[A2]; #else
case 2: fsc.args[1] = regs.r_regs[A1]; iorequest.piod_op = PIOD_READ_D;
case 1: fsc.args[0] = regs.r_regs[A0];
case 0:
break;
}
if (indir) {
memmove(&fsc.args[0], &fsc.args[1], (nargs-1) * sizeof(fsc.args[0]));
}
sc = get_syscall(fsc.name);
if (sc) {
fsc.nargs = sc->nargs;
} else {
#if DEBUG
fprintf(trussinfo->outfile, "unknown syscall %s -- setting args to %d\n",
fsc.name, nargs);
#endif
fsc.nargs = nargs;
}
fsc.s_args = calloc(1, (1+fsc.nargs) * sizeof(char*));
fsc.sc = sc;
/*
* At this point, we set up the system call arguments.
* We ignore any OUT ones, however -- those are arguments that
* are set by the system call, and so are probably meaningless
* now. This doesn't currently support arguments that are
* passed in *and* out, however.
*/
if (fsc.name) {
#if DEBUG
fprintf(stderr, "syscall %s(", fsc.name);
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%x%s",
sc
? fsc.args[sc->args[i].offset]
: fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i], fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG
fprintf(trussinfo->outfile, "\n");
#endif #endif
if (fsc.name != NULL && switch (nargs) {
(!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit"))) { default:
/*
* The OS doesn't seem to allow more than 10 words of
* parameters (yay!). So we shouldn't be here.
*/
warn("More than 10 words (%d) of arguments!\n", nargs);
break;
case 10:
case 9:
case 8:
case 7:
case 6:
case 5:
/*
* If there are 7-10 words of arguments, they are placed
* on the stack, as is normal for other processors.
* The fall-through for all of these is deliberate!!!
*/
// XXX BAD constant used here
iorequest.piod_op = PIOD_READ_D;
iorequest.piod_offs = (void *)(regs.r_regs[SP] +
4 * sizeof(uint32_t));
iorequest.piod_addr = &fsc.args[4];
iorequest.piod_len = (nargs - 4) * sizeof(fsc.args[0]);
ptrace(PT_IO, cpid, (caddr_t)&iorequest, 0);
if (iorequest.piod_len == 0)
return;
case 4: fsc.args[3] = regs.r_regs[A3];
case 3: fsc.args[2] = regs.r_regs[A2];
case 2: fsc.args[1] = regs.r_regs[A1];
case 1: fsc.args[0] = regs.r_regs[A0];
case 0: break;
}
if (indir) {
memmove(&fsc.args[0], &fsc.args[1],
(nargs - 1) * sizeof(fsc.args[0]));
}
/* XXX sc = get_syscall(fsc.name);
* This could be done in a more general if (sc)
* manner but it still wouldn't be very pretty. fsc.nargs = sc->nargs;
*/ else {
if (!strcmp(fsc.name, "execve")) { #if DEBUG
if ((trussinfo->flags & EXECVEARGS) == 0) fprintf(trussinfo->outfile, "unknown syscall %s -- setting "
if (fsc.s_args[1]) { "args to %d\n", fsc.name, nargs);
free(fsc.s_args[1]); #endif
fsc.s_args[1] = NULL; fsc.nargs = nargs;
} }
if ((trussinfo->flags & EXECVEENVS) == 0)
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
return; fsc.s_args = calloc(1, (1 + fsc.nargs) * sizeof(char *));
fsc.sc = sc;
/*
* At this point, we set up the system call arguments.
* We ignore any OUT ones, however -- those are arguments that
* are set by the system call, and so are probably meaningless
* now. This doesn't currently support arguments that are
* passed in *and* out, however.
*/
if (fsc.name) {
#if DEBUG
fprintf(stderr, "syscall %s(", fsc.name);
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%x%s", sc ?
fsc.args[sc->args[i].offset] : fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i],
fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG
fprintf(trussinfo->outfile, "\n");
#endif
if (fsc.name != NULL && (strcmp(fsc.name, "execve") == 0 ||
strcmp(fsc.name, "exit") == 0)) {
/*
* XXX
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (strcmp(fsc.name, "execve") == 0) {
if ((trussinfo->flags & EXECVEARGS) == 0) {
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
}
if ((trussinfo->flags & EXECVEENVS) == 0) {
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
}
return;
} }
/* /*
@ -280,66 +288,71 @@ mips_syscall_entry(struct trussinfo *trussinfo, int nargs) {
*/ */
long long
mips_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused) { mips_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused)
struct reg regs; {
long retval; struct reg regs;
int i; struct syscall *sc;
int errorp; long retval;
struct syscall *sc; int errorp, i;
if (fsc.name == NULL) if (fsc.name == NULL)
return (-1); return (-1);
cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) { cpid = trussinfo->curthread->tid;
fprintf(trussinfo->outfile, "\n");
return (-1);
}
retval = regs.r_regs[V0];
errorp = !!regs.r_regs[A3];
/* if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
* This code, while simpler than the initial versions I used, could fprintf(trussinfo->outfile, "\n");
* stand some significant cleaning. return (-1);
*/ }
retval = regs.r_regs[V0];
errorp = !!regs.r_regs[A3];
sc = fsc.sc;
if (!sc) {
for (i = 0; i < fsc.nargs; i++)
asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
} else {
/*
* Here, we only look for arguments that have OUT masked in --
* otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/* /*
* If an error occurred, than don't bothe getting the data; * This code, while simpler than the initial versions I used, could
* it may not be valid. * stand some significant cleaning.
*/ */
if (errorp)
asprintf(&temp, "0x%lx", fsc.args[sc->args[i].offset]);
else
temp = print_arg(&sc->args[i], fsc.args, retval, trussinfo);
fsc.s_args[i] = temp;
}
}
}
if (fsc.name != NULL && sc = fsc.sc;
(!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit"))) { if (!sc) {
trussinfo->curthread->in_syscall = 1; for (i = 0; i < fsc.nargs; i++)
} asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
/* } else {
* It would probably be a good idea to merge the error handling, /*
* but that complicates things considerably. * Here, we only look for arguments that have OUT masked in --
*/ * otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/*
* If an error occurred, then don't bother
* getting the data; it may not be valid.
*/
if (errorp) {
asprintf(&temp, "0x%lx",
fsc.args[sc->args[i].offset]);
} else {
temp = print_arg(&sc->args[i],
fsc.args, retval, trussinfo);
}
fsc.s_args[i] = temp;
}
}
}
print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp, if (fsc.name != NULL && (strcmp(fsc.name, "execve") == 0 ||
retval, fsc.sc); strcmp(fsc.name, "exit") == 0))
clear_fsc(); trussinfo->curthread->in_syscall = 1;
return (retval); /*
* It would probably be a good idea to merge the error handling,
* but that complicates things considerably.
*/
print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp,
retval, fsc.sc);
clear_fsc();
return (retval);
} }

387
usr.bin/truss/powerpc-fbsd.c
View File

@ -65,7 +65,7 @@ static int cpid = -1;
#ifdef __powerpc64__ /* 32-bit compatibility */ #ifdef __powerpc64__ /* 32-bit compatibility */
#include "freebsd32_syscalls.h" #include "freebsd32_syscalls.h"
#define syscallnames freebsd32_syscallnames #define syscallnames freebsd32_syscallnames
#else /* native 32-bit */ #else /* native 32-bit */
#include "syscalls.h" #include "syscalls.h"
#endif #endif
@ -92,18 +92,19 @@ static struct freebsd_syscall {
/* Clear up and free parts of the fsc structure. */ /* Clear up and free parts of the fsc structure. */
static __inline void static __inline void
clear_fsc(void) { clear_fsc(void)
if (fsc.args) { {
free(fsc.args); int i;
}
if (fsc.s_args) { if (fsc.args)
int i; free(fsc.args);
for (i = 0; i < fsc.nargs; i++) if (fsc.s_args) {
if (fsc.s_args[i]) for (i = 0; i < fsc.nargs; i++)
free(fsc.s_args[i]); if (fsc.s_args[i])
free(fsc.s_args); free(fsc.s_args[i]);
} free(fsc.s_args);
memset(&fsc, 0, sizeof(fsc)); }
memset(&fsc, 0, sizeof(fsc));
} }
/* /*
@ -114,147 +115,146 @@ clear_fsc(void) {
*/ */
void void
powerpc_syscall_entry(struct trussinfo *trussinfo, int nargs) { powerpc_syscall_entry(struct trussinfo *trussinfo, int nargs)
struct reg regs; {
void *args; struct ptrace_io_desc iorequest;
int syscall_num; struct reg regs;
int i; struct syscall *sc;
int regargs; void *args;
struct syscall *sc; int i, regargs, syscall_num;
/* Account for a 64-bit argument with corresponding alignment. */ /* Account for a 64-bit argument with corresponding alignment. */
nargs += 2; nargs += 2;
cpid = trussinfo->curthread->tid; clear_fsc();
clear_fsc(); cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return;
}
/* if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
* FreeBSD has two special kinds of system call redirctions -- fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
* SYS_syscall, and SYS___syscall. The former is the old syscall() return;
* routine, basically; the latter is for quad-aligned arguments. }
*/
regargs = NARGREG;
syscall_num = regs.fixreg[0];
args = &regs.fixreg[3];
if (syscall_num == SYS_syscall) {
args = &regs.fixreg[4];
regargs -= 1;
syscall_num = regs.fixreg[3];
} else if (syscall_num == SYS___syscall) {
args = &regs.fixreg[5];
regargs -= 2;
syscall_num = regs.fixreg[4];
}
fsc.number = syscall_num; /*
fsc.name = * FreeBSD has two special kinds of system call redirctions --
(syscall_num < 0 || syscall_num >= nsyscalls) ? NULL : syscallnames[syscall_num]; * SYS_syscall, and SYS___syscall. The former is the old syscall()
if (!fsc.name) { * routine, basically; the latter is for quad-aligned arguments.
fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num); */
} regargs = NARGREG;
syscall_num = regs.fixreg[0];
args = &regs.fixreg[3];
if (syscall_num == SYS_syscall) {
args = &regs.fixreg[4];
regargs -= 1;
syscall_num = regs.fixreg[3];
} else if (syscall_num == SYS___syscall) {
args = &regs.fixreg[5];
regargs -= 2;
syscall_num = regs.fixreg[4];
}
if (fsc.name && (trussinfo->flags & FOLLOWFORKS) fsc.number = syscall_num;
&& ((!strcmp(fsc.name, "fork") fsc.name = (syscall_num < 0 || syscall_num >= nsyscalls) ?
|| !strcmp(fsc.name, "rfork") NULL : syscallnames[syscall_num];
|| !strcmp(fsc.name, "vfork")))) if (!fsc.name) {
{ fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n",
trussinfo->curthread->in_fork = 1; syscall_num);
} }
if (nargs == 0) if (fsc.name && (trussinfo->flags & FOLLOWFORKS) &&
return; (strcmp(fsc.name, "fork") == 0 ||
strcmp(fsc.name, "rfork") == 0 ||
strcmp(fsc.name, "vfork") == 0))
trussinfo->curthread->in_fork = 1;
fsc.args = malloc((1+nargs) * sizeof(unsigned long)); if (nargs == 0)
return;
if (nargs > regargs) { fsc.args = malloc((1 + nargs) * sizeof(unsigned long));
struct ptrace_io_desc iorequest;
memmove(&fsc.args[0], args, regargs * sizeof(fsc.args[0]));
iorequest.piod_op = PIOD_READ_D; if (nargs > regargs) {
iorequest.piod_offs = (void *)(regs.fixreg[1] + 8); memmove(&fsc.args[0], args, regargs * sizeof(fsc.args[0]));
iorequest.piod_addr = &fsc.args[regargs];
iorequest.piod_len = (nargs - regargs) * sizeof(fsc.args[0]);
ptrace(PT_IO, cpid, (caddr_t)&iorequest, 0);
if (iorequest.piod_len == 0)
return;
} else {
memmove(&fsc.args[0], args, nargs * sizeof(fsc.args[0]));
}
sc = get_syscall(fsc.name); iorequest.piod_op = PIOD_READ_D;
if (sc) { iorequest.piod_offs = (void *)(regs.fixreg[1] + 8);
fsc.nargs = sc->nargs; iorequest.piod_addr = &fsc.args[regargs];
} else { iorequest.piod_len = (nargs - regargs) * sizeof(fsc.args[0]);
ptrace(PT_IO, cpid, (caddr_t)&iorequest, 0);
if (iorequest.piod_len == 0)
return;
} else
memmove(&fsc.args[0], args, nargs * sizeof(fsc.args[0]));
sc = get_syscall(fsc.name);
if (sc)
fsc.nargs = sc->nargs;
else {
#if DEBUG #if DEBUG
fprintf(trussinfo->outfile, "unknown syscall %s -- setting args to %d\n", fprintf(trussinfo->outfile, "unknown syscall %s -- setting "
fsc.name, nargs); "args to %d\n", fsc.name, nargs);
#endif #endif
fsc.nargs = nargs; fsc.nargs = nargs;
} }
fsc.s_args = calloc(1, (1+fsc.nargs) * sizeof(char*)); fsc.s_args = calloc(1, (1 + fsc.nargs) * sizeof(char *));
fsc.sc = sc; fsc.sc = sc;
/* /*
* At this point, we set up the system call arguments. * At this point, we set up the system call arguments.
* We ignore any OUT ones, however -- those are arguments that * We ignore any OUT ones, however -- those are arguments that
* are set by the system call, and so are probably meaningless * are set by the system call, and so are probably meaningless
* now. This doesn't currently support arguments that are * now. This doesn't currently support arguments that are
* passed in *and* out, however. * passed in *and* out, however.
*/ */
if (fsc.name) { if (fsc.name) {
#if DEBUG
fprintf(stderr, "syscall %s(", fsc.name);
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%x%s", sc ?
fsc.args[sc->args[i].offset] : fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i],
fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG #if DEBUG
fprintf(stderr, "syscall %s(", fsc.name); fprintf(trussinfo->outfile, "\n");
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%x%s",
sc
? fsc.args[sc->args[i].offset]
: fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i], fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG
fprintf(trussinfo->outfile, "\n");
#endif #endif
if (fsc.name && (!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit"))) { if (fsc.name && (strcmp(fsc.name, "execve") == 0 ||
strcmp(fsc.name, "exit") == 0)) {
/*
* XXX
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (strcmp(fsc.name, "execve") == 0) {
if ((trussinfo->flags & EXECVEARGS) == 0) {
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
}
if ((trussinfo->flags & EXECVEENVS) == 0) {
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
}
/* XXX return;
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (!strcmp(fsc.name, "execve")) {
if ((trussinfo->flags & EXECVEARGS) == 0)
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
if ((trussinfo->flags & EXECVEENVS) == 0)
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
return;
} }
/* /*
@ -267,76 +267,77 @@ powerpc_syscall_entry(struct trussinfo *trussinfo, int nargs) {
long long
powerpc_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused) powerpc_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused)
{ {
struct reg regs; struct reg regs;
long retval; struct syscall *sc;
int i; long retval;
int errorp; int errorp, i;
struct syscall *sc;
if (fsc.name == NULL) if (fsc.name == NULL)
return (-1); return (-1);
cpid = trussinfo->curthread->tid; cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) { if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
fprintf(trussinfo->outfile, "\n"); fprintf(trussinfo->outfile, "\n");
return (-1); return (-1);
} }
retval = regs.fixreg[3];
errorp = !!(regs.cr & 0x10000000);
/* retval = regs.fixreg[3];
* This code, while simpler than the initial versions I used, could errorp = !!(regs.cr & 0x10000000);
* stand some significant cleaning.
*/
sc = fsc.sc;
if (!sc) {
for (i = 0; i < fsc.nargs; i++)
asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
} else {
/*
* On 32-bit big-endian, the low word of a 64-bit return is
* in the greater address. Switch to this. XXX note that
* print_syscall_ret can't handle 64-bit return values (llseek)
*/
if (sc->ret_type == 2)
retval = regs.fixreg[4];
/*
* Here, we only look for arguments that have OUT masked in --
* otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/* /*
* If an error occurred, than don't bothe getting the data; * This code, while simpler than the initial versions I used, could
* it may not be valid. * stand some significant cleaning.
*/ */
if (errorp)
asprintf(&temp, "0x%lx", fsc.args[sc->args[i].offset]);
else
temp = print_arg(&sc->args[i], fsc.args, retval, trussinfo);
fsc.s_args[i] = temp;
}
}
}
if (fsc.name != NULL && sc = fsc.sc;
(!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit"))) { if (!sc) {
trussinfo->curthread->in_syscall = 1; for (i = 0; i < fsc.nargs; i++)
} asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
} else {
/*
* On 32-bit big-endian, the low word of a 64-bit return is
* in the greater address. Switch to this. XXX note that
* print_syscall_ret can't handle 64-bit return values (llseek)
*/
if (sc->ret_type == 2)
retval = regs.fixreg[4];
/*
* Here, we only look for arguments that have OUT masked in --
* otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/*
* If an error occurred, then don't bother
* getting the data; it may not be valid.
*/
if (errorp) {
asprintf(&temp, "0x%lx",
fsc.args[sc->args[i].offset]);
} else {
temp = print_arg(&sc->args[i],
fsc.args, retval, trussinfo);
}
fsc.s_args[i] = temp;
}
}
}
/* if (fsc.name != NULL && (strcmp(fsc.name, "execve") == 0 ||
* It would probably be a good idea to merge the error handling, strcmp(fsc.name, "exit") == 0))
* but that complicates things considerably. trussinfo->curthread->in_syscall = 1;
*/
print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp, /*
retval, fsc.sc); * It would probably be a good idea to merge the error handling,
clear_fsc(); * but that complicates things considerably.
*/
return (retval); print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp,
retval, fsc.sc);
clear_fsc();
return (retval);
} }

357
usr.bin/truss/powerpc64-fbsd.c
View File

@ -87,18 +87,19 @@ static struct freebsd_syscall {
/* Clear up and free parts of the fsc structure. */ /* Clear up and free parts of the fsc structure. */
static __inline void static __inline void
clear_fsc(void) { clear_fsc(void)
if (fsc.args) { {
free(fsc.args); int i;
}
if (fsc.s_args) { if (fsc.args)
int i; free(fsc.args);
for (i = 0; i < fsc.nargs; i++) if (fsc.s_args) {
if (fsc.s_args[i]) for (i = 0; i < fsc.nargs; i++)
free(fsc.s_args[i]); if (fsc.s_args[i])
free(fsc.s_args); free(fsc.s_args[i]);
} free(fsc.s_args);
memset(&fsc, 0, sizeof(fsc)); }
memset(&fsc, 0, sizeof(fsc));
} }
/* /*
@ -109,140 +110,139 @@ clear_fsc(void) {
*/ */
void void
powerpc64_syscall_entry(struct trussinfo *trussinfo, int nargs) { powerpc64_syscall_entry(struct trussinfo *trussinfo, int nargs)
struct reg regs; {
void *args; struct ptrace_io_desc iorequest;
int syscall_num; struct reg regs;
int i; struct syscall *sc;
int regargs; void *args;
struct syscall *sc; int i, regargs, syscall_num;
cpid = trussinfo->curthread->tid; clear_fsc();
clear_fsc(); cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return;
}
/* if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
* FreeBSD has two special kinds of system call redirctions -- fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
* SYS_syscall, and SYS___syscall. The former is the old syscall() return;
* routine, basically; the latter is for quad-aligned arguments. }
*/
regargs = NARGREG;
syscall_num = regs.fixreg[0];
args = &regs.fixreg[3];
if (syscall_num == SYS_syscall || syscall_num == SYS___syscall) {
args = &regs.fixreg[4];
regargs -= 1;
syscall_num = regs.fixreg[3];
}
fsc.number = syscall_num; /*
fsc.name = * FreeBSD has two special kinds of system call redirctions --
(syscall_num < 0 || syscall_num >= nsyscalls) ? NULL : syscallnames[syscall_num]; * SYS_syscall, and SYS___syscall. The former is the old syscall()
if (!fsc.name) { * routine, basically; the latter is for quad-aligned arguments.
fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num); */
} regargs = NARGREG;
syscall_num = regs.fixreg[0];
args = &regs.fixreg[3];
if (syscall_num == SYS_syscall || syscall_num == SYS___syscall) {
args = &regs.fixreg[4];
regargs -= 1;
syscall_num = regs.fixreg[3];
}
if (fsc.name && (trussinfo->flags & FOLLOWFORKS) fsc.number = syscall_num;
&& ((!strcmp(fsc.name, "fork") fsc.name = (syscall_num < 0 || syscall_num >= nsyscalls) ?
|| !strcmp(fsc.name, "rfork") NULL : syscallnames[syscall_num];
|| !strcmp(fsc.name, "vfork")))) if (!fsc.name) {
{ fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n",
trussinfo->curthread->in_fork = 1; syscall_num);
} }
if (nargs == 0) if (fsc.name && (trussinfo->flags & FOLLOWFORKS) &&
return; (strcmp(fsc.name, "fork") == 0 ||
strcmp(fsc.name, "rfork") == 0 ||
strcmp(fsc.name, "vfork") == 0))
trussinfo->curthread->in_fork = 1;
fsc.args = malloc((1+nargs) * sizeof(unsigned long)); if (nargs == 0)
return;
if (nargs > regargs) { fsc.args = malloc((1 + nargs) * sizeof(unsigned long));
struct ptrace_io_desc iorequest;
memmove(&fsc.args[0], args, regargs * sizeof(fsc.args[0]));
iorequest.piod_op = PIOD_READ_D; if (nargs > regargs) {
iorequest.piod_offs = (void *)(regs.fixreg[1] + 48); memmove(&fsc.args[0], args, regargs * sizeof(fsc.args[0]));
iorequest.piod_addr = &fsc.args[regargs];
iorequest.piod_len = (nargs - regargs) * sizeof(fsc.args[0]);
ptrace(PT_IO, cpid, (caddr_t)&iorequest, 0);
if (iorequest.piod_len == 0)
return;
} else {
memmove(&fsc.args[0], args, nargs * sizeof(fsc.args[0]));
}
sc = get_syscall(fsc.name); iorequest.piod_op = PIOD_READ_D;
if (sc) { iorequest.piod_offs = (void *)(regs.fixreg[1] + 48);
fsc.nargs = sc->nargs; iorequest.piod_addr = &fsc.args[regargs];
} else { iorequest.piod_len = (nargs - regargs) * sizeof(fsc.args[0]);
ptrace(PT_IO, cpid, (caddr_t)&iorequest, 0);
if (iorequest.piod_len == 0)
return;
} else
memmove(&fsc.args[0], args, nargs * sizeof(fsc.args[0]));
sc = get_syscall(fsc.name);
if (sc)
fsc.nargs = sc->nargs;
else {
#if DEBUG #if DEBUG
fprintf(trussinfo->outfile, "unknown syscall %s -- setting args to %d\n", fprintf(trussinfo->outfile, "unknown syscall %s -- setting "
fsc.name, nargs); "args to %d\n", fsc.name, nargs);
#endif #endif
fsc.nargs = nargs; fsc.nargs = nargs;
} }
fsc.s_args = calloc(1, (1+fsc.nargs) * sizeof(char*)); fsc.s_args = calloc(1, (1 + fsc.nargs) * sizeof(char *));
fsc.sc = sc; fsc.sc = sc;
/* /*
* At this point, we set up the system call arguments. * At this point, we set up the system call arguments.
* We ignore any OUT ones, however -- those are arguments that * We ignore any OUT ones, however -- those are arguments that
* are set by the system call, and so are probably meaningless * are set by the system call, and so are probably meaningless
* now. This doesn't currently support arguments that are * now. This doesn't currently support arguments that are
* passed in *and* out, however. * passed in *and* out, however.
*/ */
if (fsc.name) { if (fsc.name) {
#if DEBUG
fprintf(stderr, "syscall %s(", fsc.name);
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%x%s", sc ?
fsc.args[sc->args[i].offset] : fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i],
fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG #if DEBUG
fprintf(stderr, "syscall %s(", fsc.name); fprintf(trussinfo->outfile, "\n");
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%x%s",
sc
? fsc.args[sc->args[i].offset]
: fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i], fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG
fprintf(trussinfo->outfile, "\n");
#endif #endif
if (fsc.name && (!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit"))) { if (fsc.name && (strcmp(fsc.name, "execve") == 0 ||
strcmp(fsc.name, "exit") == 0)) {
/*
* XXX
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (strcmp(fsc.name, "execve") == 0) {
if ((trussinfo->flags & EXECVEARGS) == 0) {
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
}
if ((trussinfo->flags & EXECVEENVS) == 0) {
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
}
/* XXX return;
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (!strcmp(fsc.name, "execve")) {
if ((trussinfo->flags & EXECVEARGS) == 0)
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
if ((trussinfo->flags & EXECVEENVS) == 0)
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
return;
} }
/* /*
@ -255,68 +255,69 @@ powerpc64_syscall_entry(struct trussinfo *trussinfo, int nargs) {
long long
powerpc64_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused) powerpc64_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused)
{ {
struct reg regs; struct reg regs;
long retval; struct syscall *sc;
int i; long retval;
int errorp; int errorp, i;
struct syscall *sc;
if (fsc.name == NULL) if (fsc.name == NULL)
return (-1); return (-1);
cpid = trussinfo->curthread->tid; cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) { if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
fprintf(trussinfo->outfile, "\n"); fprintf(trussinfo->outfile, "\n");
return (-1); return (-1);
} }
retval = regs.fixreg[3];
errorp = !!(regs.cr & 0x10000000);
/* retval = regs.fixreg[3];
* This code, while simpler than the initial versions I used, could errorp = !!(regs.cr & 0x10000000);
* stand some significant cleaning.
*/
sc = fsc.sc;
if (!sc) {
for (i = 0; i < fsc.nargs; i++)
asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
} else {
/*
* Here, we only look for arguments that have OUT masked in --
* otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/* /*
* If an error occurred, than don't bothe getting the data; * This code, while simpler than the initial versions I used, could
* it may not be valid. * stand some significant cleaning.
*/ */
if (errorp)
asprintf(&temp, "0x%lx", fsc.args[sc->args[i].offset]);
else
temp = print_arg(&sc->args[i], fsc.args, retval, trussinfo);
fsc.s_args[i] = temp;
}
}
}
if (fsc.name != NULL && sc = fsc.sc;
(!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit"))) { if (!sc) {
trussinfo->curthread->in_syscall = 1; for (i = 0; i < fsc.nargs; i++)
} asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
} else {
/*
* Here, we only look for arguments that have OUT masked in --
* otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/*
* If an error occurred, then don't bother
* getting the data; it may not be valid.
*/
if (errorp) {
asprintf(&temp, "0x%lx",
fsc.args[sc->args[i].offset]);
} else {
temp = print_arg(&sc->args[i],
fsc.args, retval, trussinfo);
}
fsc.s_args[i] = temp;
}
}
}
if (fsc.name != NULL && (strcmp(fsc.name, "execve") == 0 ||
strcmp(fsc.name, "exit") == 0))
trussinfo->curthread->in_syscall = 1;
/* /*
* It would probably be a good idea to merge the error handling, * It would probably be a good idea to merge the error handling,
* but that complicates things considerably. * but that complicates things considerably.
*/ */
print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp, print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp,
retval, fsc.sc); retval, fsc.sc);
clear_fsc(); clear_fsc();
return (retval); return (retval);
} }

47
usr.bin/truss/setup.c
View File

@ -73,15 +73,14 @@ setup_and_wait(char *command[])
int waitval; int waitval;
pid = vfork(); pid = vfork();
if (pid == -1) { if (pid == -1)
err(1, "fork failed"); err(1, "fork failed");
}
if (pid == 0) { /* Child */ if (pid == 0) { /* Child */
ptrace(PT_TRACE_ME, 0, 0, 0); ptrace(PT_TRACE_ME, 0, 0, 0);
execvp(command[0], command); execvp(command[0], command);
err(1, "execvp %s", command[0]); err(1, "execvp %s", command[0]);
} }
/* Only in the parent here */ /* Only in the parent here */
if (waitpid(pid, &waitval, 0) < 0) { if (waitpid(pid, &waitval, 0) < 0) {
err(1, "unexpect stop in waitpid"); err(1, "unexpect stop in waitpid");
@ -89,7 +88,7 @@ setup_and_wait(char *command[])
} }
child_pid = pid; child_pid = pid;
return (pid); return (pid);
} }
@ -102,19 +101,18 @@ setup_and_wait(char *command[])
int int
start_tracing(pid_t pid) start_tracing(pid_t pid)
{ {
int waitval; int ret, retry, waitval;
int ret;
int retry = 10;
retry = 10;
do { do {
ret = ptrace(PT_ATTACH, pid, NULL, 0); ret = ptrace(PT_ATTACH, pid, NULL, 0);
usleep(200); usleep(200);
} while(ret && retry-- > 0); } while (ret && retry-- > 0);
if (ret) if (ret)
err(1, "can not attach to target process"); err(1, "can not attach to target process");
child_pid = pid; child_pid = pid;
if (waitpid(pid, &waitval, 0) < 0) if (waitpid(pid, &waitval, 0) < 0)
err(1, "Unexpect stop in waitpid"); err(1, "Unexpect stop in waitpid");
return (0); return (0);
@ -131,14 +129,14 @@ restore_proc(int signo __unused)
{ {
int waitval; int waitval;
/* stop the child so that we can detach */ /* stop the child so that we can detach */
kill(child_pid, SIGSTOP); kill(child_pid, SIGSTOP);
if (waitpid(child_pid, &waitval, 0) < 0) if (waitpid(child_pid, &waitval, 0) < 0)
err(1, "Unexpected stop in waitpid"); err(1, "Unexpected stop in waitpid");
if (ptrace(PT_DETACH, child_pid, (caddr_t)1, 0) < 0) if (ptrace(PT_DETACH, child_pid, (caddr_t)1, 0) < 0)
err(1, "Can not detach the process"); err(1, "Can not detach the process");
kill(child_pid, SIGCONT); kill(child_pid, SIGCONT);
exit(0); exit(0);
} }
@ -150,12 +148,13 @@ restore_proc(int signo __unused)
static void static void
find_thread(struct trussinfo *info, lwpid_t lwpid) find_thread(struct trussinfo *info, lwpid_t lwpid)
{ {
info->curthread = NULL;
struct threadinfo *np; struct threadinfo *np;
info->curthread = NULL;
SLIST_FOREACH(np, &info->threadlist, entries) { SLIST_FOREACH(np, &info->threadlist, entries) {
if (np->tid == lwpid) { if (np->tid == lwpid) {
info->curthread = np; info->curthread = np;
return; return;
} }
} }
@ -177,16 +176,16 @@ find_thread(struct trussinfo *info, lwpid_t lwpid)
void void
waitevent(struct trussinfo *info) waitevent(struct trussinfo *info)
{ {
int waitval; struct ptrace_lwpinfo lwpinfo;
static int pending_signal = 0; static int pending_signal = 0;
int waitval;
ptrace(PT_SYSCALL, info->pid, (caddr_t)1, pending_signal); ptrace(PT_SYSCALL, info->pid, (caddr_t)1, pending_signal);
pending_signal = 0; pending_signal = 0;
if (waitpid(info->pid, &waitval, 0) < 0) { if (waitpid(info->pid, &waitval, 0) < 0)
err(1, "Unexpected stop in waitpid"); err(1, "Unexpected stop in waitpid");
}
if (WIFCONTINUED(waitval)) { if (WIFCONTINUED(waitval)) {
info->pr_why = S_NONE; info->pr_why = S_NONE;
return; return;
@ -197,10 +196,10 @@ waitevent(struct trussinfo *info)
return; return;
} }
if (WIFSTOPPED(waitval)) { if (WIFSTOPPED(waitval)) {
struct ptrace_lwpinfo lwpinfo; ptrace(PT_LWPINFO, info->pid, (caddr_t)&lwpinfo,
ptrace(PT_LWPINFO, info->pid, (caddr_t)&lwpinfo, sizeof(lwpinfo)); sizeof(lwpinfo));
find_thread(info, lwpinfo.pl_lwpid); find_thread(info, lwpinfo.pl_lwpid);
switch(WSTOPSIG(waitval)) { switch (WSTOPSIG(waitval)) {
case SIGTRAP: case SIGTRAP:
if (lwpinfo.pl_flags & PL_FLAG_SCE) { if (lwpinfo.pl_flags & PL_FLAG_SCE) {
info->pr_why = S_SCE; info->pr_why = S_SCE;

413
usr.bin/truss/sparc64-fbsd.c
View File

@ -93,18 +93,19 @@ static struct freebsd_syscall {
/* Clear up and free parts of the fsc structure. */ /* Clear up and free parts of the fsc structure. */
static __inline void static __inline void
clear_fsc(void) { clear_fsc(void)
if (fsc.args) { {
free(fsc.args); int i;
}
if (fsc.s_args) { if (fsc.args)
int i; free(fsc.args);
for (i = 0; i < fsc.nargs; i++) if (fsc.s_args) {
if (fsc.s_args[i]) for (i = 0; i < fsc.nargs; i++)
free(fsc.s_args[i]); if (fsc.s_args[i])
free(fsc.s_args); free(fsc.s_args[i]);
} free(fsc.s_args);
memset(&fsc, 0, sizeof(fsc)); }
memset(&fsc, 0, sizeof(fsc));
} }
/* /*
@ -115,159 +116,162 @@ clear_fsc(void) {
*/ */
void void
sparc64_syscall_entry(struct trussinfo *trussinfo, int nargs) { sparc64_syscall_entry(struct trussinfo *trussinfo, int nargs)
struct reg regs; {
int syscall_num; struct ptrace_io_desc iorequest;
int i; struct reg regs;
struct syscall *sc; struct syscall *sc;
int indir = 0; /* indirect system call */ int i, syscall_num;
struct ptrace_io_desc iorequest; int indir; /* indirect system call */
cpid = trussinfo->curthread->tid; clear_fsc();
clear_fsc(); cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return;
}
/* if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
* FreeBSD has two special kinds of system call redirctions -- fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
* SYS_syscall, and SYS___syscall. The former is the old syscall() return;
* routine, basically; the latter is for quad-aligned arguments. }
*/
syscall_num = regs.r_global[1];
if (syscall_num == SYS_syscall || syscall_num == SYS___syscall) {
indir = 1;
syscall_num = regs.r_out[0];
}
fsc.number = syscall_num;
fsc.name =
(syscall_num < 0 || syscall_num >= nsyscalls) ? NULL : syscallnames[syscall_num];
if (!fsc.name) {
fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num);
}
if (fsc.name && (trussinfo->flags & FOLLOWFORKS)
&& ((!strcmp(fsc.name, "fork")
|| !strcmp(fsc.name, "rfork")
|| !strcmp(fsc.name, "vfork"))))
{
trussinfo->curthread->in_fork = 1;
}
if (nargs == 0)
return;
fsc.args = malloc((1+nargs) * sizeof(unsigned long));
switch (nargs) {
default:
/* /*
* The OS doesn't seem to allow more than 10 words of * FreeBSD has two special kinds of system call redirctions --
* parameters (yay!). So we shouldn't be here. * SYS_syscall, and SYS___syscall. The former is the old syscall()
* routine, basically; the latter is for quad-aligned arguments.
*/ */
warn("More than 10 words (%d) of arguments!\n", nargs); indir = 0;
break; syscall_num = regs.r_global[1];
case 10: case 9: case 8: case 7: if (syscall_num == SYS_syscall || syscall_num == SYS___syscall) {
indir = 1;
syscall_num = regs.r_out[0];
}
fsc.number = syscall_num;
fsc.name = (syscall_num < 0 || syscall_num >= nsyscalls) ?
NULL : syscallnames[syscall_num];
if (!fsc.name) {
fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n",
syscall_num);
}
if (fsc.name && (trussinfo->flags & FOLLOWFORKS) &&
(strcmp(fsc.name, "fork") == 0 ||
strcmp(fsc.name, "rfork") == 0 ||
strcmp(fsc.name, "vfork") == 0))
trussinfo->curthread->in_fork = 1;
if (nargs == 0)
return;
fsc.args = malloc((1 + nargs) * sizeof(unsigned long));
switch (nargs) {
default:
/*
* The OS doesn't seem to allow more than 10 words of
* parameters (yay!). So we shouldn't be here.
*/
warn("More than 10 words (%d) of arguments!\n", nargs);
break;
case 10:
case 9:
case 8:
case 7:
/*
* If there are 7-10 words of arguments, they are placed
* on the stack, as is normal for other processors.
* The fall-through for all of these is deliberate!!!
*/
iorequest.piod_op = PIOD_READ_D;
iorequest.piod_offs = (void *)(regs.r_out[6] + SPOFF +
offsetof(struct frame, fr_pad[6]));
iorequest.piod_addr = &fsc.args[6];
iorequest.piod_len = (nargs - 6) * sizeof(fsc.args[0]);
ptrace(PT_IO, cpid, (caddr_t)&iorequest, 0);
if (iorequest.piod_len == 0)
return;
case 6: fsc.args[5] = regs.r_out[5];
case 5: fsc.args[4] = regs.r_out[4];
case 4: fsc.args[3] = regs.r_out[3];
case 3: fsc.args[2] = regs.r_out[2];
case 2: fsc.args[1] = regs.r_out[1];
case 1: fsc.args[0] = regs.r_out[0];
case 0:
break;
}
if (indir)
memmove(&fsc.args[0], &fsc.args[1], (nargs - 1) *
sizeof(fsc.args[0]));
sc = get_syscall(fsc.name);
if (sc)
fsc.nargs = sc->nargs;
else {
#if DEBUG
fprintf(trussinfo->outfile, "unknown syscall %s -- setting "
"args to %d\n", fsc.name, nargs);
#endif
fsc.nargs = nargs;
}
fsc.s_args = calloc(1, (1 + fsc.nargs) * sizeof(char *));
fsc.sc = sc;
/* /*
* If there are 7-10 words of arguments, they are placed * At this point, we set up the system call arguments.
* on the stack, as is normal for other processors. * We ignore any OUT ones, however -- those are arguments that
* The fall-through for all of these is deliberate!!! * are set by the system call, and so are probably meaningless
* now. This doesn't currently support arguments that are
* passed in *and* out, however.
*/ */
iorequest.piod_op = PIOD_READ_D;
iorequest.piod_offs = (void *)(regs.r_out[6] + SPOFF +
offsetof(struct frame, fr_pad[6]));
iorequest.piod_addr = &fsc.args[6];
iorequest.piod_len = (nargs - 6) * sizeof(fsc.args[0]);
ptrace(PT_IO, cpid, (caddr_t)&iorequest, 0);
if (iorequest.piod_len == 0) return;
case 6: fsc.args[5] = regs.r_out[5]; if (fsc.name) {
case 5: fsc.args[4] = regs.r_out[4];
case 4: fsc.args[3] = regs.r_out[3];
case 3: fsc.args[2] = regs.r_out[2];
case 2: fsc.args[1] = regs.r_out[1];
case 1: fsc.args[0] = regs.r_out[0];
case 0:
break;
}
if (indir) {
memmove(&fsc.args[0], &fsc.args[1], (nargs-1) * sizeof(fsc.args[0]));
}
sc = get_syscall(fsc.name);
if (sc) {
fsc.nargs = sc->nargs;
} else {
#if DEBUG #if DEBUG
fprintf(trussinfo->outfile, "unknown syscall %s -- setting args to %d\n", fprintf(stderr, "syscall %s(", fsc.name);
fsc.name, nargs);
#endif #endif
fsc.nargs = nargs; for (i = 0; i < fsc.nargs; i++) {
} #if DEBUG
fprintf(stderr, "0x%x%s", sc ?
fsc.s_args = calloc(1, (1+fsc.nargs) * sizeof(char*)); fsc.args[sc->args[i].offset] : fsc.args[i],
fsc.sc = sc; i < (fsc.nargs - 1) ? "," : "");
#endif
/* if (sc && !(sc->args[i].type & OUT)) {
* At this point, we set up the system call arguments. fsc.s_args[i] = print_arg(&sc->args[i],
* We ignore any OUT ones, however -- those are arguments that fsc.args, 0, trussinfo);
* are set by the system call, and so are probably meaningless }
* now. This doesn't currently support arguments that are }
* passed in *and* out, however. #if DEBUG
*/ fprintf(stderr, ")\n");
#endif
if (fsc.name) { }
#if DEBUG #if DEBUG
fprintf(stderr, "syscall %s(", fsc.name); fprintf(trussinfo->outfile, "\n");
#endif
for (i = 0; i < fsc.nargs; i++) {
#if DEBUG
fprintf(stderr, "0x%x%s",
sc
? fsc.args[sc->args[i].offset]
: fsc.args[i],
i < (fsc.nargs - 1) ? "," : "");
#endif
if (sc && !(sc->args[i].type & OUT)) {
fsc.s_args[i] = print_arg(&sc->args[i], fsc.args, 0, trussinfo);
}
}
#if DEBUG
fprintf(stderr, ")\n");
#endif
}
#if DEBUG
fprintf(trussinfo->outfile, "\n");
#endif #endif
if (fsc.name != NULL && if (fsc.name != NULL && (strcmp(fsc.name, "execve") == 0 ||
(!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit"))) { strcmp(fsc.name, "exit") == 0)) {
/*
* XXX
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (strcmp(fsc.name, "execve") == 0) {
if ((trussinfo->flags & EXECVEARGS) == 0) {
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
}
if ((trussinfo->flags & EXECVEENVS) == 0) {
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
}
/* XXX return;
* This could be done in a more general
* manner but it still wouldn't be very pretty.
*/
if (!strcmp(fsc.name, "execve")) {
if ((trussinfo->flags & EXECVEARGS) == 0)
if (fsc.s_args[1]) {
free(fsc.s_args[1]);
fsc.s_args[1] = NULL;
}
if ((trussinfo->flags & EXECVEENVS) == 0)
if (fsc.s_args[2]) {
free(fsc.s_args[2]);
fsc.s_args[2] = NULL;
}
}
}
return;
} }
/* /*
@ -278,66 +282,71 @@ sparc64_syscall_entry(struct trussinfo *trussinfo, int nargs) {
*/ */
long long
sparc64_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused) { sparc64_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused)
struct reg regs; {
long retval; struct reg regs;
int i; struct syscall *sc;
int errorp; long retval;
struct syscall *sc; int errorp, i;
if (fsc.name == NULL) if (fsc.name == NULL)
return (-1); return (-1);
cpid = trussinfo->curthread->tid;
if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) { cpid = trussinfo->curthread->tid;
fprintf(trussinfo->outfile, "\n");
return (-1);
}
retval = regs.r_out[0];
errorp = !!(regs.r_tstate & TSTATE_XCC_C);
/* if (ptrace(PT_GETREGS, cpid, (caddr_t)&regs, 0) < 0) {
* This code, while simpler than the initial versions I used, could fprintf(trussinfo->outfile, "\n");
* stand some significant cleaning. return (-1);
*/ }
retval = regs.r_out[0];
errorp = !!(regs.r_tstate & TSTATE_XCC_C);
sc = fsc.sc;
if (!sc) {
for (i = 0; i < fsc.nargs; i++)
asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
} else {
/*
* Here, we only look for arguments that have OUT masked in --
* otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/* /*
* If an error occurred, than don't bothe getting the data; * This code, while simpler than the initial versions I used, could
* it may not be valid. * stand some significant cleaning.
*/ */
if (errorp)
asprintf(&temp, "0x%lx", fsc.args[sc->args[i].offset]);
else
temp = print_arg(&sc->args[i], fsc.args, retval, trussinfo);
fsc.s_args[i] = temp;
}
}
}
if (fsc.name != NULL && sc = fsc.sc;
(!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit"))) { if (!sc) {
trussinfo->curthread->in_syscall = 1; for (i = 0; i < fsc.nargs; i++)
} asprintf(&fsc.s_args[i], "0x%lx", fsc.args[i]);
/* } else {
* It would probably be a good idea to merge the error handling, /*
* but that complicates things considerably. * Here, we only look for arguments that have OUT masked in --
*/ * otherwise, they were handled in the syscall_entry function.
*/
for (i = 0; i < sc->nargs; i++) {
char *temp;
if (sc->args[i].type & OUT) {
/*
* If an error occurred, then don't bother
* getting the data; it may not be valid.
*/
if (errorp) {
asprintf(&temp, "0x%lx",
fsc.args[sc->args[i].offset]);
} else {
temp = print_arg(&sc->args[i],
fsc.args, retval, trussinfo);
}
fsc.s_args[i] = temp;
}
}
}
print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp, if (fsc.name != NULL && (strcmp(fsc.name, "execve") == 0 ||
retval, fsc.sc); strcmp(fsc.name, "exit") == 0))
clear_fsc(); trussinfo->curthread->in_syscall = 1;
return (retval); /*
* It would probably be a good idea to merge the error handling,
* but that complicates things considerably.
*/
print_syscall_ret(trussinfo, fsc.name, fsc.nargs, fsc.s_args, errorp,
retval, fsc.sc);
clear_fsc();
return (retval);
} }

6
usr.bin/truss/syscall.h
View File

@ -42,9 +42,9 @@ enum Argtype { None = 1, Hex, Octal, Int, Name, Ptr, Stat, Ioctl, Quad,
Fcntlflag, Rusage, BinString, Shutdown, Resource, Rlimit, Timeval2, Fcntlflag, Rusage, BinString, Shutdown, Resource, Rlimit, Timeval2,
Pathconf }; Pathconf };
#define ARG_MASK 0xff #define ARG_MASK 0xff
#define OUT 0x100 #define OUT 0x100
#define IN /*0x20*/0 #define IN /*0x20*/0
struct syscall_args { struct syscall_args {
enum Argtype type; enum Argtype type;

245
usr.bin/truss/syscalls.c
View File

@ -269,8 +269,8 @@ struct xlat {
const char *str; const char *str;
}; };
#define X(a) { a, #a }, #define X(a) { a, #a },
#define XEND { 0, NULL } #define XEND { 0, NULL }
static struct xlat kevent_filters[] = { static struct xlat kevent_filters[] = {
X(EVFILT_READ) X(EVFILT_WRITE) X(EVFILT_AIO) X(EVFILT_VNODE) X(EVFILT_READ) X(EVFILT_WRITE) X(EVFILT_AIO) X(EVFILT_VNODE)
@ -414,10 +414,11 @@ xlookup(struct xlat *xlat, int val)
static char * static char *
xlookup_bits(struct xlat *xlat, int val) xlookup_bits(struct xlat *xlat, int val)
{ {
int len, rem;
static char str[512]; static char str[512];
int len = 0;
int rem = val;
len = 0;
rem = val;
for (; xlat->str != NULL; xlat++) { for (; xlat->str != NULL; xlat++) {
if ((xlat->val & rem) == xlat->val) { if ((xlat->val & rem) == xlat->val) {
/* don't print the "all-bits-zero" string unless all /* don't print the "all-bits-zero" string unless all
@ -445,12 +446,13 @@ xlookup_bits(struct xlat *xlat, int val)
struct syscall * struct syscall *
get_syscall(const char *name) get_syscall(const char *name)
{ {
struct syscall *sc = syscalls; struct syscall *sc;
sc = syscalls;
if (name == NULL) if (name == NULL)
return (NULL); return (NULL);
while (sc->name) { while (sc->name) {
if (!strcmp(name, sc->name)) if (strcmp(name, sc->name) == 0)
return (sc); return (sc);
sc++; sc++;
} }
@ -477,8 +479,8 @@ get_struct(pid_t pid, void *offset, void *buf, int len)
return (0); return (0);
} }
#define MAXSIZE 4096 #define MAXSIZE 4096
#define BLOCKSIZE 1024 #define BLOCKSIZE 1024
/* /*
* get_string * get_string
* Copy a string from the process. Note that it is * Copy a string from the process. Note that it is
@ -489,12 +491,11 @@ get_struct(pid_t pid, void *offset, void *buf, int len)
static char * static char *
get_string(pid_t pid, void *offset, int max) get_string(pid_t pid, void *offset, int max)
{ {
char *buf;
struct ptrace_io_desc iorequest; struct ptrace_io_desc iorequest;
int totalsize, size; char *buf;
int diff = 0; int diff, i, size, totalsize;
int i;
diff = 0;
totalsize = size = max ? (max + 1) : BLOCKSIZE; totalsize = size = max ? (max + 1) : BLOCKSIZE;
buf = malloc(totalsize); buf = malloc(totalsize);
if (buf == NULL) if (buf == NULL)
@ -536,11 +537,14 @@ get_string(pid_t pid, void *offset, int max)
*/ */
char * char *
print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trussinfo *trussinfo) print_arg(struct syscall_args *sc, unsigned long *args, long retval,
struct trussinfo *trussinfo)
{ {
char *tmp = NULL; char *tmp;
pid_t pid = trussinfo->pid; pid_t pid;
tmp = NULL;
pid = trussinfo->pid;
switch (sc->type & ARG_MASK) { switch (sc->type & ARG_MASK) {
case Hex: case Hex:
asprintf(&tmp, "0x%x", (int)args[sc->offset]); asprintf(&tmp, "0x%x", (int)args[sc->offset]);
@ -581,15 +585,18 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
len = max_string; len = max_string;
truncated = 1; truncated = 1;
} }
if (len && get_struct(pid, (void*)args[sc->offset], &tmp2, len) != -1) { if (len && get_struct(pid, (void*)args[sc->offset], &tmp2, len)
!= -1) {
tmp3 = malloc(len * 4 + 1); tmp3 = malloc(len * 4 + 1);
while (len) { while (len) {
if (strvisx(tmp3, tmp2, len, VIS_CSTYLE|VIS_TAB|VIS_NL) <= max_string) if (strvisx(tmp3, tmp2, len,
VIS_CSTYLE|VIS_TAB|VIS_NL) <= max_string)
break; break;
len--; len--;
truncated = 1; truncated = 1;
}; };
asprintf(&tmp, "\"%s\"%s", tmp3, truncated?"...":""); asprintf(&tmp, "\"%s\"%s", tmp3, truncated ?
"..." : "");
free(tmp3); free(tmp3);
} else { } else {
asprintf(&tmp, "0x%lx", args[sc->offset]); asprintf(&tmp, "0x%lx", args[sc->offset]);
@ -602,10 +609,9 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
char *string; char *string;
char *strarray[100]; /* XXX This is ugly. */ char *strarray[100]; /* XXX This is ugly. */
if (get_struct(pid, (void *)args[sc->offset], (void *)&strarray, if (get_struct(pid, (void *)args[sc->offset],
sizeof(strarray)) == -1) { (void *)&strarray, sizeof(strarray)) == -1)
err(1, "get_struct %p", (void *)args[sc->offset]); err(1, "get_struct %p", (void *)args[sc->offset]);
}
num = 0; num = 0;
size = 0; size = 0;
@ -623,7 +629,8 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
tmp2 += sprintf(tmp2, " ["); tmp2 += sprintf(tmp2, " [");
for (i = 0; i < num; i++) { for (i = 0; i < num; i++) {
string = get_string(pid, (void*)strarray[i], 0); string = get_string(pid, (void*)strarray[i], 0);
tmp2 += sprintf(tmp2, " \"%s\"%c", string, (i+1 == num) ? ' ' : ','); tmp2 += sprintf(tmp2, " \"%s\"%c", string,
(i + 1 == num) ? ' ' : ',');
free(string); free(string);
} }
tmp2 += sprintf(tmp2, "]"); tmp2 += sprintf(tmp2, "]");
@ -657,20 +664,22 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
} }
case Ioctl: { case Ioctl: {
const char *temp = ioctlname(args[sc->offset]); const char *temp = ioctlname(args[sc->offset]);
if (temp) { if (temp)
tmp = strdup(temp); tmp = strdup(temp);
} else { else {
unsigned long arg = args[sc->offset]; unsigned long arg = args[sc->offset];
asprintf(&tmp, "0x%lx { IO%s%s 0x%lx('%c'), %lu, %lu }", arg, asprintf(&tmp, "0x%lx { IO%s%s 0x%lx('%c'), %lu, %lu }",
arg&IOC_OUT?"R":"", arg&IOC_IN?"W":"", arg, arg & IOC_OUT ? "R" : "",
IOCGROUP(arg), isprint(IOCGROUP(arg))?(char)IOCGROUP(arg):'?', arg & IOC_IN ? "W" : "", IOCGROUP(arg),
isprint(IOCGROUP(arg)) ? (char)IOCGROUP(arg) : '?',
arg & 0xFF, IOCPARM_LEN(arg)); arg & 0xFF, IOCPARM_LEN(arg));
} }
break; break;
} }
case Umtx: { case Umtx: {
struct umtx umtx; struct umtx umtx;
if (get_struct(pid, (void *)args[sc->offset], &umtx, sizeof(umtx)) != -1) if (get_struct(pid, (void *)args[sc->offset], &umtx,
sizeof(umtx)) != -1)
asprintf(&tmp, "{ 0x%lx }", (long)umtx.u_owner); asprintf(&tmp, "{ 0x%lx }", (long)umtx.u_owner);
else else
asprintf(&tmp, "0x%lx", args[sc->offset]); asprintf(&tmp, "0x%lx", args[sc->offset]);
@ -678,23 +687,28 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
} }
case Timespec: { case Timespec: {
struct timespec ts; struct timespec ts;
if (get_struct(pid, (void *)args[sc->offset], &ts, sizeof(ts)) != -1) if (get_struct(pid, (void *)args[sc->offset], &ts,
asprintf(&tmp, "{%ld.%09ld }", (long)ts.tv_sec, ts.tv_nsec); sizeof(ts)) != -1)
asprintf(&tmp, "{%ld.%09ld }", (long)ts.tv_sec,
ts.tv_nsec);
else else
asprintf(&tmp, "0x%lx", args[sc->offset]); asprintf(&tmp, "0x%lx", args[sc->offset]);
break; break;
} }
case Timeval: { case Timeval: {
struct timeval tv; struct timeval tv;
if (get_struct(pid, (void *)args[sc->offset], &tv, sizeof(tv)) != -1) if (get_struct(pid, (void *)args[sc->offset], &tv, sizeof(tv))
asprintf(&tmp, "{%ld.%06ld }", (long)tv.tv_sec, tv.tv_usec); != -1)
asprintf(&tmp, "{%ld.%06ld }", (long)tv.tv_sec,
tv.tv_usec);
else else
asprintf(&tmp, "0x%lx", args[sc->offset]); asprintf(&tmp, "0x%lx", args[sc->offset]);
break; break;
} }
case Timeval2: { case Timeval2: {
struct timeval tv[2]; struct timeval tv[2];
if (get_struct(pid, (void *)args[sc->offset], &tv, sizeof(tv)) != -1) if (get_struct(pid, (void *)args[sc->offset], &tv, sizeof(tv))
!= -1)
asprintf(&tmp, "{%ld.%06ld, %ld.%06ld }", asprintf(&tmp, "{%ld.%06ld, %ld.%06ld }",
(long)tv[0].tv_sec, tv[0].tv_usec, (long)tv[0].tv_sec, tv[0].tv_usec,
(long)tv[1].tv_sec, tv[1].tv_usec); (long)tv[1].tv_sec, tv[1].tv_usec);
@ -704,7 +718,8 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
} }
case Itimerval: { case Itimerval: {
struct itimerval itv; struct itimerval itv;
if (get_struct(pid, (void *)args[sc->offset], &itv, sizeof(itv)) != -1) if (get_struct(pid, (void *)args[sc->offset], &itv,
sizeof(itv)) != -1)
asprintf(&tmp, "{%ld.%06ld, %ld.%06ld }", asprintf(&tmp, "{%ld.%06ld, %ld.%06ld }",
(long)itv.it_interval.tv_sec, (long)itv.it_interval.tv_sec,
itv.it_interval.tv_usec, itv.it_interval.tv_usec,
@ -716,8 +731,9 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
} }
case Pollfd: { case Pollfd: {
/* /*
* XXX: A Pollfd argument expects the /next/ syscall argument to be * XXX: A Pollfd argument expects the /next/ syscall argument
* the number of fds in the array. This matches the poll syscall. * to be the number of fds in the array. This matches the poll
* syscall.
*/ */
struct pollfd *pfd; struct pollfd *pfd;
int numfds = args[sc->offset+1]; int numfds = args[sc->offset+1];
@ -726,22 +742,22 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
const int per_fd = 100; const int per_fd = 100;
if ((pfd = malloc(bytes)) == NULL) if ((pfd = malloc(bytes)) == NULL)
err(1, "Cannot malloc %d bytes for pollfd array", bytes); err(1, "Cannot malloc %d bytes for pollfd array",
if (get_struct(pid, (void *)args[sc->offset], pfd, bytes) != -1) { bytes);
if (get_struct(pid, (void *)args[sc->offset], pfd, bytes)
!= -1) {
used = 0; used = 0;
tmpsize = 1 + per_fd * numfds + 2; tmpsize = 1 + per_fd * numfds + 2;
if ((tmp = malloc(tmpsize)) == NULL) if ((tmp = malloc(tmpsize)) == NULL)
err(1, "Cannot alloc %d bytes for poll output", tmpsize); err(1, "Cannot alloc %d bytes for poll output",
tmpsize);
tmp[used++] = '{'; tmp[used++] = '{';
for (i = 0; i < numfds; i++) { for (i = 0; i < numfds; i++) {
u = snprintf(tmp + used, per_fd, u = snprintf(tmp + used, per_fd, "%s%d/%s",
"%s%d/%s", i > 0 ? " " : "", pfd[i].fd,
i > 0 ? " " : "", xlookup_bits(poll_flags, pfd[i].events));
pfd[i].fd,
xlookup_bits(poll_flags, pfd[i].events) );
if (u > 0) if (u > 0)
used += u < per_fd ? u : per_fd; used += u < per_fd ? u : per_fd;
} }
@ -755,8 +771,9 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
} }
case Fd_set: { case Fd_set: {
/* /*
* XXX: A Fd_set argument expects the /first/ syscall argument to be * XXX: A Fd_set argument expects the /first/ syscall argument
* the number of fds in the array. This matches the select syscall. * to be the number of fds in the array. This matches the
* select syscall.
*/ */
fd_set *fds; fd_set *fds;
int numfds = args[0]; int numfds = args[0];
@ -765,17 +782,21 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
const int per_fd = 20; const int per_fd = 20;
if ((fds = malloc(bytes)) == NULL) if ((fds = malloc(bytes)) == NULL)
err(1, "Cannot malloc %d bytes for fd_set array", bytes); err(1, "Cannot malloc %d bytes for fd_set array",
if (get_struct(pid, (void *)args[sc->offset], fds, bytes) != -1) { bytes);
if (get_struct(pid, (void *)args[sc->offset], fds, bytes)
!= -1) {
used = 0; used = 0;
tmpsize = 1 + numfds * per_fd + 2; tmpsize = 1 + numfds * per_fd + 2;
if ((tmp = malloc(tmpsize)) == NULL) if ((tmp = malloc(tmpsize)) == NULL)
err(1, "Cannot alloc %d bytes for fd_set output", tmpsize); err(1, "Cannot alloc %d bytes for fd_set "
"output", tmpsize);
tmp[used++] = '{'; tmp[used++] = '{';
for (i = 0; i < numfds; i++) { for (i = 0; i < numfds; i++) {
if (FD_ISSET(i, fds)) { if (FD_ISSET(i, fds)) {
u = snprintf(tmp + used, per_fd, "%d ", i); u = snprintf(tmp + used, per_fd, "%d ",
i);
if (u > 0) if (u > 0)
used += u < per_fd ? u : per_fd; used += u < per_fd ? u : per_fd;
} }
@ -784,9 +805,8 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
used--; used--;
tmp[used++] = '}'; tmp[used++] = '}';
tmp[used++] = '\0'; tmp[used++] = '\0';
} else { } else
asprintf(&tmp, "0x%lx", args[sc->offset]); asprintf(&tmp, "0x%lx", args[sc->offset]);
}
free(fds); free(fds);
break; break;
} }
@ -805,16 +825,16 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
int i, used; int i, used;
sig = args[sc->offset]; sig = args[sc->offset];
if (get_struct(pid, (void *)args[sc->offset], (void *)&ss, sizeof(ss)) == -1) { if (get_struct(pid, (void *)args[sc->offset], (void *)&ss,
sizeof(ss)) == -1) {
asprintf(&tmp, "0x%lx", args[sc->offset]); asprintf(&tmp, "0x%lx", args[sc->offset]);
break; break;
} }
tmp = malloc(sys_nsig * 8); /* 7 bytes avg per signal name */ tmp = malloc(sys_nsig * 8); /* 7 bytes avg per signal name */
used = 0; used = 0;
for (i = 1; i < sys_nsig; i++) { for (i = 1; i < sys_nsig; i++) {
if (sigismember(&ss, i)) { if (sigismember(&ss, i))
used += sprintf(tmp + used, "%s|", strsig(i)); used += sprintf(tmp + used, "%s|", strsig(i));
}
} }
if (used) if (used)
tmp[used-1] = 0; tmp[used-1] = 0;
@ -824,7 +844,7 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
} }
case Sigprocmask: { case Sigprocmask: {
switch (args[sc->offset]) { switch (args[sc->offset]) {
#define S(a) case a: tmp = strdup(#a); break; #define S(a) case a: tmp = strdup(#a); break;
S(SIG_BLOCK); S(SIG_BLOCK);
S(SIG_UNBLOCK); S(SIG_UNBLOCK);
S(SIG_SETMASK); S(SIG_SETMASK);
@ -838,10 +858,12 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
/* XXX output depends on the value of the previous argument */ /* XXX output depends on the value of the previous argument */
switch (args[sc->offset-1]) { switch (args[sc->offset-1]) {
case F_SETFD: case F_SETFD:
tmp = strdup(xlookup_bits(fcntlfd_arg, args[sc->offset])); tmp = strdup(xlookup_bits(fcntlfd_arg,
args[sc->offset]));
break; break;
case F_SETFL: case F_SETFL:
tmp = strdup(xlookup_bits(fcntlfl_arg, args[sc->offset])); tmp = strdup(xlookup_bits(fcntlfl_arg,
args[sc->offset]));
break; break;
case F_GETFD: case F_GETFD:
case F_GETFL: case F_GETFL:
@ -902,7 +924,7 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
/* yuck: get ss_len */ /* yuck: get ss_len */
if (get_struct(pid, (void *)args[sc->offset], (void *)&ss, if (get_struct(pid, (void *)args[sc->offset], (void *)&ss,
sizeof(ss.ss_len) + sizeof(ss.ss_family)) == -1) sizeof(ss.ss_len) + sizeof(ss.ss_family)) == -1)
err(1, "get_struct %p", (void *)args[sc->offset]); err(1, "get_struct %p", (void *)args[sc->offset]);
/* /*
* If ss_len is 0, then try to guess from the sockaddr type. * If ss_len is 0, then try to guess from the sockaddr type.
@ -922,8 +944,8 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
break; break;
} }
} }
if (get_struct(pid, (void *)args[sc->offset], (void *)&ss, ss.ss_len) if (get_struct(pid, (void *)args[sc->offset], (void *)&ss,
== -1) { ss.ss_len) == -1) {
err(2, "get_struct %p", (void *)args[sc->offset]); err(2, "get_struct %p", (void *)args[sc->offset]);
} }
@ -931,12 +953,15 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
case AF_INET: case AF_INET:
lsin = (struct sockaddr_in *)&ss; lsin = (struct sockaddr_in *)&ss;
inet_ntop(AF_INET, &lsin->sin_addr, addr, sizeof addr); inet_ntop(AF_INET, &lsin->sin_addr, addr, sizeof addr);
asprintf(&tmp, "{ AF_INET %s:%d }", addr, htons(lsin->sin_port)); asprintf(&tmp, "{ AF_INET %s:%d }", addr,
htons(lsin->sin_port));
break; break;
case AF_INET6: case AF_INET6:
lsin6 = (struct sockaddr_in6 *)&ss; lsin6 = (struct sockaddr_in6 *)&ss;
inet_ntop(AF_INET6, &lsin6->sin6_addr, addr, sizeof addr); inet_ntop(AF_INET6, &lsin6->sin6_addr, addr,
asprintf(&tmp, "{ AF_INET6 [%s]:%d }", addr, htons(lsin6->sin6_port)); sizeof addr);
asprintf(&tmp, "{ AF_INET6 [%s]:%d }", addr,
htons(lsin6->sin6_port));
break; break;
case AF_UNIX: case AF_UNIX:
sun = (struct sockaddr_un *)&ss; sun = (struct sockaddr_un *)&ss;
@ -944,12 +969,14 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
break; break;
default: default:
sa = (struct sockaddr *)&ss; sa = (struct sockaddr *)&ss;
asprintf(&tmp, "{ sa_len = %d, sa_family = %d, sa_data = {%n%*s } }", asprintf(&tmp, "{ sa_len = %d, sa_family = %d, sa_data "
(int)sa->sa_len, (int)sa->sa_family, &i, "= {%n%*s } }", (int)sa->sa_len, (int)sa->sa_family,
6 * (int)(sa->sa_len - ((char *)&sa->sa_data - (char *)sa)), ""); &i, 6 * (int)(sa->sa_len - ((char *)&sa->sa_data -
(char *)sa)), "");
if (tmp != NULL) { if (tmp != NULL) {
p = tmp + i; p = tmp + i;
for (q = (u_char *)&sa->sa_data; q < (u_char *)sa + sa->sa_len; q++) for (q = (u_char *)&sa->sa_data;
q < (u_char *)sa + sa->sa_len; q++)
p += sprintf(p, " %#02x,", *q); p += sprintf(p, " %#02x,", *q);
} }
} }
@ -960,8 +987,8 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
char *hand; char *hand;
const char *h; const char *h;
if (get_struct(pid, (void *)args[sc->offset], &sa, sizeof(sa)) != -1) { if (get_struct(pid, (void *)args[sc->offset], &sa, sizeof(sa))
!= -1) {
asprintf(&hand, "%p", sa.sa_handler); asprintf(&hand, "%p", sa.sa_handler);
if (sa.sa_handler == SIG_DFL) if (sa.sa_handler == SIG_DFL)
h = "SIG_DFL"; h = "SIG_DFL";
@ -970,13 +997,11 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
else else
h = hand; h = hand;
asprintf(&tmp, "{ %s %s ss_t }", asprintf(&tmp, "{ %s %s ss_t }", h,
h,
xlookup_bits(sigaction_flags, sa.sa_flags)); xlookup_bits(sigaction_flags, sa.sa_flags));
free(hand); free(hand);
} else { } else
asprintf(&tmp, "0x%lx", args[sc->offset]); asprintf(&tmp, "0x%lx", args[sc->offset]);
}
break; break;
} }
case Kevent: { case Kevent: {
@ -1001,12 +1026,15 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
if (numevents >= 0) if (numevents >= 0)
bytes = sizeof(struct kevent) * numevents; bytes = sizeof(struct kevent) * numevents;
if ((ke = malloc(bytes)) == NULL) if ((ke = malloc(bytes)) == NULL)
err(1, "Cannot malloc %d bytes for kevent array", bytes); err(1, "Cannot malloc %d bytes for kevent array",
if (numevents >= 0 && get_struct(pid, (void *)args[sc->offset], ke, bytes) != -1) { bytes);
if (numevents >= 0 && get_struct(pid, (void *)args[sc->offset],
ke, bytes) != -1) {
used = 0; used = 0;
tmpsize = 1 + per_ke * numevents + 2; tmpsize = 1 + per_ke * numevents + 2;
if ((tmp = malloc(tmpsize)) == NULL) if ((tmp = malloc(tmpsize)) == NULL)
err(1, "Cannot alloc %d bytes for kevent output", tmpsize); err(1, "Cannot alloc %d bytes for kevent "
"output", tmpsize);
tmp[used++] = '{'; tmp[used++] = '{';
for (i = 0; i < numevents; i++) { for (i = 0; i < numevents; i++) {
@ -1032,12 +1060,14 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
} }
case Stat: { case Stat: {
struct stat st; struct stat st;
if (get_struct(pid, (void *)args[sc->offset], &st, sizeof(st)) != -1) { if (get_struct(pid, (void *)args[sc->offset], &st, sizeof(st))
!= -1) {
char mode[12]; char mode[12];
strmode(st.st_mode, mode); strmode(st.st_mode, mode);
asprintf(&tmp, "{ mode=%s,inode=%jd,size=%jd,blksize=%ld }", asprintf(&tmp,
mode, "{ mode=%s,inode=%jd,size=%jd,blksize=%ld }", mode,
(intmax_t)st.st_ino,(intmax_t)st.st_size,(long)st.st_blksize); (intmax_t)st.st_ino, (intmax_t)st.st_size,
(long)st.st_blksize);
} else { } else {
asprintf(&tmp, "0x%lx", args[sc->offset]); asprintf(&tmp, "0x%lx", args[sc->offset]);
} }
@ -1045,24 +1075,25 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
} }
case Rusage: { case Rusage: {
struct rusage ru; struct rusage ru;
if (get_struct(pid, (void *)args[sc->offset], &ru, sizeof(ru)) != -1) { if (get_struct(pid, (void *)args[sc->offset], &ru, sizeof(ru))
asprintf(&tmp, "{ u=%ld.%06ld,s=%ld.%06ld,in=%ld,out=%ld }", != -1) {
asprintf(&tmp,
"{ u=%ld.%06ld,s=%ld.%06ld,in=%ld,out=%ld }",
(long)ru.ru_utime.tv_sec, ru.ru_utime.tv_usec, (long)ru.ru_utime.tv_sec, ru.ru_utime.tv_usec,
(long)ru.ru_stime.tv_sec, ru.ru_stime.tv_usec, (long)ru.ru_stime.tv_sec, ru.ru_stime.tv_usec,
ru.ru_inblock, ru.ru_oublock); ru.ru_inblock, ru.ru_oublock);
} else { } else
asprintf(&tmp, "0x%lx", args[sc->offset]); asprintf(&tmp, "0x%lx", args[sc->offset]);
}
break; break;
} }
case Rlimit: { case Rlimit: {
struct rlimit rl; struct rlimit rl;
if (get_struct(pid, (void *)args[sc->offset], &rl, sizeof(rl)) != -1) { if (get_struct(pid, (void *)args[sc->offset], &rl, sizeof(rl))
!= -1) {
asprintf(&tmp, "{ cur=%ju,max=%ju }", asprintf(&tmp, "{ cur=%ju,max=%ju }",
rl.rlim_cur, rl.rlim_max); rl.rlim_cur, rl.rlim_max);
} else { } else
asprintf(&tmp, "0x%lx", args[sc->offset]); asprintf(&tmp, "0x%lx", args[sc->offset]);
}
break; break;
} }
default: default:
@ -1079,21 +1110,24 @@ print_arg(struct syscall_args *sc, unsigned long *args, long retval, struct trus
*/ */
void void
print_syscall(struct trussinfo *trussinfo, const char *name, int nargs, char **s_args) print_syscall(struct trussinfo *trussinfo, const char *name, int nargs,
char **s_args)
{ {
int i;
int len = 0;
struct timespec timediff; struct timespec timediff;
int i, len;
len = 0;
if (trussinfo->flags & FOLLOWFORKS) if (trussinfo->flags & FOLLOWFORKS)
len += fprintf(trussinfo->outfile, "%5d: ", trussinfo->pid); len += fprintf(trussinfo->outfile, "%5d: ", trussinfo->pid);
if (name != NULL && (!strcmp(name, "execve") || !strcmp(name, "exit"))) { if (name != NULL && (strcmp(name, "execve") == 0||
strcmp(name, "exit") == 0)) {
clock_gettime(CLOCK_REALTIME, &trussinfo->after); clock_gettime(CLOCK_REALTIME, &trussinfo->after);
} }
if (trussinfo->flags & ABSOLUTETIMESTAMPS) { if (trussinfo->flags & ABSOLUTETIMESTAMPS) {
timespecsubt(&trussinfo->after, &trussinfo->start_time, &timediff); timespecsubt(&trussinfo->after, &trussinfo->start_time,
&timediff);
len += fprintf(trussinfo->outfile, "%ld.%09ld ", len += fprintf(trussinfo->outfile, "%ld.%09ld ",
(long)timediff.tv_sec, timediff.tv_nsec); (long)timediff.tv_sec, timediff.tv_nsec);
} }
@ -1110,8 +1144,10 @@ print_syscall(struct trussinfo *trussinfo, const char *name, int nargs, char **s
if (s_args[i]) if (s_args[i])
len += fprintf(trussinfo->outfile, "%s", s_args[i]); len += fprintf(trussinfo->outfile, "%s", s_args[i]);
else else
len += fprintf(trussinfo->outfile, "<missing argument>"); len += fprintf(trussinfo->outfile,
len += fprintf(trussinfo->outfile, "%s", i < (nargs - 1) ? "," : ""); "<missing argument>");
len += fprintf(trussinfo->outfile, "%s", i < (nargs - 1) ?
"," : "");
} }
len += fprintf(trussinfo->outfile, ")"); len += fprintf(trussinfo->outfile, ")");
for (i = 0; i < 6 - (len / 8); i++) for (i = 0; i < 6 - (len / 8); i++)
@ -1138,14 +1174,15 @@ print_syscall_ret(struct trussinfo *trussinfo, const char *name, int nargs,
print_syscall(trussinfo, name, nargs, s_args); print_syscall(trussinfo, name, nargs, s_args);
fflush(trussinfo->outfile); fflush(trussinfo->outfile);
if (errorp) { if (errorp)
fprintf(trussinfo->outfile, " ERR#%ld '%s'\n", retval, strerror(retval)); fprintf(trussinfo->outfile, " ERR#%ld '%s'\n", retval,
} else { strerror(retval));
else {
/* /*
* Because pipe(2) has a special assembly glue to provide the * Because pipe(2) has a special assembly glue to provide the
* libc API, we have to adjust retval. * libc API, we have to adjust retval.
*/ */
if (name != NULL && !strcmp(name, "pipe")) if (name != NULL && strcmp(name, "pipe") == 0)
retval = 0; retval = 0;
fprintf(trussinfo->outfile, " = %ld (0x%lx)\n", retval, retval); fprintf(trussinfo->outfile, " = %ld (0x%lx)\n", retval, retval);
} }
@ -1154,12 +1191,12 @@ print_syscall_ret(struct trussinfo *trussinfo, const char *name, int nargs,
void void
print_summary(struct trussinfo *trussinfo) print_summary(struct trussinfo *trussinfo)
{ {
struct syscall *sc;
struct timespec total = {0, 0}; struct timespec total = {0, 0};
struct syscall *sc;
int ncall, nerror; int ncall, nerror;
fprintf(trussinfo->outfile, "%-20s%15s%8s%8s\n", fprintf(trussinfo->outfile, "%-20s%15s%8s%8s\n",
"syscall", "seconds", "calls", "errors"); "syscall", "seconds", "calls", "errors");
ncall = nerror = 0; ncall = nerror = 0;
for (sc = syscalls; sc->name != NULL; sc++) for (sc = syscalls; sc->name != NULL; sc++)
if (sc->ncalls) { if (sc->ncalls) {
@ -1171,7 +1208,7 @@ print_summary(struct trussinfo *trussinfo)
nerror += sc->nerror; nerror += sc->nerror;
} }
fprintf(trussinfo->outfile, "%20s%15s%8s%8s\n", fprintf(trussinfo->outfile, "%20s%15s%8s%8s\n",
"", "-------------", "-------", "-------"); "", "-------------", "-------", "-------");
fprintf(trussinfo->outfile, "%-20s%5jd.%09ld%8d%8d\n", fprintf(trussinfo->outfile, "%-20s%5jd.%09ld%8d%8d\n",
"", (intmax_t)total.tv_sec, total.tv_nsec, ncall, nerror); "", (intmax_t)total.tv_sec, total.tv_nsec, ncall, nerror);
} }

32
usr.bin/truss/truss.h
View File

@ -27,13 +27,13 @@
#include <sys/queue.h> #include <sys/queue.h>
#define FOLLOWFORKS 0x00000001 #define FOLLOWFORKS 0x00000001
#define RELATIVETIMESTAMPS 0x00000002 #define RELATIVETIMESTAMPS 0x00000002
#define ABSOLUTETIMESTAMPS 0x00000004 #define ABSOLUTETIMESTAMPS 0x00000004
#define NOSIGS 0x00000008 #define NOSIGS 0x00000008
#define EXECVEARGS 0x00000010 #define EXECVEARGS 0x00000010
#define EXECVEENVS 0x00000020 #define EXECVEENVS 0x00000020
#define COUNTONLY 0x00000040 #define COUNTONLY 0x00000040
struct threadinfo struct threadinfo
{ {
@ -57,11 +57,11 @@ struct trussinfo
struct timespec after; struct timespec after;
struct threadinfo *curthread; struct threadinfo *curthread;
SLIST_HEAD(, threadinfo) threadlist; SLIST_HEAD(, threadinfo) threadlist;
}; };
#define timespecsubt(tvp, uvp, vvp) \ #define timespecsubt(tvp, uvp, vvp) \
do { \ do { \
(vvp)->tv_sec = (tvp)->tv_sec - (uvp)->tv_sec; \ (vvp)->tv_sec = (tvp)->tv_sec - (uvp)->tv_sec; \
(vvp)->tv_nsec = (tvp)->tv_nsec - (uvp)->tv_nsec; \ (vvp)->tv_nsec = (tvp)->tv_nsec - (uvp)->tv_nsec; \
@ -71,7 +71,7 @@ struct trussinfo
} \ } \
} while (0) } while (0)
#define timespecadd(tvp, uvp, vvp) \ #define timespecadd(tvp, uvp, vvp) \
do { \ do { \
(vvp)->tv_sec = (tvp)->tv_sec + (uvp)->tv_sec; \ (vvp)->tv_sec = (tvp)->tv_sec + (uvp)->tv_sec; \
(vvp)->tv_nsec = (tvp)->tv_nsec + (uvp)->tv_nsec; \ (vvp)->tv_nsec = (tvp)->tv_nsec + (uvp)->tv_nsec; \
@ -81,9 +81,9 @@ struct trussinfo
} \ } \
} while (0) } while (0)
#define S_NONE 0 #define S_NONE 0
#define S_SCE 1 #define S_SCE 1
#define S_SCX 2 #define S_SCX 2
#define S_EXIT 3 #define S_EXIT 3
#define S_SIG 4 #define S_SIG 4
#define S_EXEC 5 #define S_EXEC 5