Translate linux_newlstat name argument

PR: 277847
MFC after: 1 week

Remove $FreeBSD$: one-line .c pattern

Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/

truss: Kill dead code

If it doesn't exist, we don't need it in the table...

Sponsored by: Netflix

truss: Add preadv(2) and pwritev(2).

We already knew how to decode readv(2)/writev(2). Add the versions with
an offset.

Reviewed by: asomers
Differential Revision: https://reviews.freebsd.org/D27531
MFC after: 2 weeks

truss: remove now-unused special case for MIPS

Reviewed by: mhorne, imp
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D37022

kdump: Decode getitimer, setitimer which argument

Reviewed by: jhb (previous version, without truss)
Differential revision: https://reviews.freebsd.org/D35231
MFC after: 2 weeks

truss: Make control message header parsing more robust

print_cmsg() was assuming that the control message chain is well-formed,
but that isn't necessarily the case for sendmsg(2). In particular, if
cmsg_len is zero, print_cmsg() will loop forever. Check for truncated
headers and try to recover if possible.

Reviewed by: tuexen
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D35476

truss: add ppoll(2) argument decoding

PR: 264029
Approved by: emaste
MFC after: 3 days

syscallarg_t: Add a type for system call arguments

This more clearly differentiates system call arguments from integer
registers and return values. On current architectures it has no effect,
but on architectures where pointers are not integers (CHERI) and may
not even share registers (CHERI-MIPS) it is necessiary to differentiate
between system call arguments (syscallarg_t) and integer register values
(register_t).

Obtained from: CheriBSD

Reviewed by: imp, kib
Differential Revision: https://reviews.freebsd.org/D33780

fd: add close_range(..., CLOSE_RANGE_CLOEXEC)

For compatibility with Linux.

MFC after: 3 days
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D34424

Revert "syscallarg_t: Add a type for system call arguments"

Missed issues in truss on at least armv7 and powerpcspe need to be
resolved before recommit.

This reverts commit 3889fb8af0b611e3126dc250ebffb01805152104.
This reverts commit 1544e0f5d1f1e3b8c10a64cb899a936976ca7ea4.

syscallarg_t: Add a type for system call arguments

This more clearly differentiates system call arguments from integer
registers and return values. On current architectures it has no effect,
but on architectures where pointers are not integers (CHERI) and may
not even share registers (CHERI-MIPS) it is necessiary to differentiate
between system call arguments (syscallarg_t) and integer register values
(register_t).

Obtained from: CheriBSD

Reviewed by: imp, kib
Differential Revision: https://reviews.freebsd.org/D33780

truss: remove write-only variable

Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D33861

struct kevent_freebsd11 -> struct freebsd11_kevent

Rename to match the naming of syscalls and allow 32 to be appended
without making an ugly name like kevent_freebsd1132.

While here, make the kevent changelist argument const.

Reviewed by: kib

truss: Decode correctly 64bits arguments on 32bits arm.

Mostly revert ebbc3140ca0d7eee154f7a67ccdae7d3d88d13fd.
We don't need to special-case anything for arm64, the check for the pointer
size is already done for us, just keep the bits about having arm and arm64
having to add padding for 32bits binaries.

MFC after: 1 week

truss: Decode correctly 64bits arguments on 32bits arm.

When decoding 32bits arm syscall, make sure we account for the padding when
decoding 64bits args. Do it too when using a 64bits truss on a 32bits binary.

MFC After: 1 week
PR: 256199

Drop cloudabi

According to https://github.com/NuxiNL/cloudlibc:
CloudABI is no longer being maintained. It was an awesome experiment,
but it never got enough traction to be sustainable.

There is no reason to keep it in FreeBSD.

Approved by: ed (private mail)
Reviewed by: emaste
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D31923

lio_listio(2): Allow LIO_READV and LIO_WRITEV.

Allow multiple vector IOs to be started with one system call.
aio_readv() and aio_writev() already used these opcodes under the
covers. This commit makes them available to user space.

Being non-standard extensions, they're only visible if __BSD_VISIBLE is
defined, like the functions.

Reviewed by: asomers, kib
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D31627

truss: minor cleanup and pedantic warning fixes

Noticed while porting the recent truss compat32 changes to CheriBSD.
This also fixes i386 tracing by zero-extending user addresses instead
of sign-extending them.

Reviewed By: jhb
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D30211

truss: fix handling of 64-bit arguments/return values for compat32

Deciding whether to combine two values to a 64-bit one should be based on
the process ABI, and not dependent on whether truss is compiled for an
LP64 ABI. This is a follow-up cleanup for D27625. I found this while
looking for uses of the `__LP64__` macro (since using this is wrong for
CHERI systems).

Test Plan: truss still works. Since I tested on AMD64 and all syscalls
in the trace have their quad argument last there was no difference
in the output. Should fix output for compat32 on MIPS64 though.

Reviewed By: jhb
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D27637

truss: Decode FreeBSD 11 mknod(2) and mknodat(2)

MFC after: 1 week
Sponsored by: The FreeBSD Foundation

poll(2): Add POLLRDHUP.

Teach poll(2) to support Linux-style POLLRDHUP events for sockets, if
requested. Triggered when the remote peer shuts down writing or closes
its end.

Reviewed by: kib
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D29757

truss: improved support for decoding compat32 arguments

Currently running `truss -a -e` does not decode any
argument values for freebsd32_* syscalls (open/readlink/etc.)

This change checks whether a syscall starts with freebsd{32,64}_ and if
so strips that prefix when looking up the syscall information. To ensure
that the truss logs include the real syscall name we create a copy of
the syscall information struct with the updated.

The other problem is that when reading string array values, truss
naively iterates over an array of char* and fetches the pointer value.
This will result in arguments not being loaded if the pointer is not
aligned to sizeof(void*), which can happens in the compat32 case. If it
happens to be aligned, we would end up printing every other value.
To fix this problem, this changes adds a pointer_size member to the
procabi struct and uses that to correctly read indirect arguments
as 64/32 bit addresses in the the compat32 case (and also compat64 on
CheriBSD).

The motivating use-case for this change is using truss for 64-bit
programs on a CHERI system, but most of the diff also applies to 32-bit
compat on a 64-bit system, so I'm upstreaming this instead of keeping it
as a local CheriBSD patch.

Output of `truss -aef ldd32 /usr/bin/ldd32` before:
39113: freebsd32_mmap(0x0,0x1000,0x3,0x1002,0xffffffff,0x0,0x0) = 543440896 (0x20644000)
39113: freebsd32_ioctl(0x1,0x402c7413,0xffffd2a0) = 0 (0x0)
/usr/bin/ldd32:
39113: write(1,"/usr/bin/ldd32:\n",16) = 16 (0x10)
39113: fork() = 39114 (0x98ca)
39114: <new process>
39114: freebsd32_execve(0xffffd97e,0xffffd680,0x20634000) EJUSTRETURN
39114: freebsd32_mmap(0x0,0x20000,0x3,0x1002,0xffffffff,0x0,0x0) = 541237248 (0x2042a000)
39114: freebsd32_mprotect(0x20427000,0x1000,0x1) = 0 (0x0)
39114: issetugid() = 0 (0x0)
39114: openat(AT_FDCWD,"/etc/libmap32.conf",O_RDONLY|O_CLOEXEC,00) ERR#2 'No such file or directory'
39114: openat(AT_FDCWD,"/var/run/ld-elf32.so.hints",O_RDONLY|O_CLOEXEC,00) = 3 (0x3)
39114: read(3,"Ehnt\^A\0\0\0\M^@\0\0\0#\0\0\0\0"...,128) = 128 (0x80)
39114: freebsd32_fstat(0x3,0xffffbd98) = 0 (0x0)
39114: freebsd32_pread(0x3,0x2042f000,0x23,0x80,0x0) = 35 (0x23)
39114: close(3) = 0 (0x0)
39114: openat(AT_FDCWD,"/usr/lib32/libc.so.7",O_RDONLY|O_CLOEXEC|O_VERIFY,00) = 3 (0x3)
39114: freebsd32_fstat(0x3,0xffffc7d0) = 0 (0x0)
39114: freebsd32_mmap(0x0,0x1000,0x1,0x40002,0x3,0x0,0x0) = 541368320 (0x2044a000)

After:
783: freebsd32_mmap(0x0,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON|MAP_ALIGNED(12),-1,0x0) = 543543296 (0x2065d000)
783: freebsd32_ioctl(1,TIOCGETA,0xffffd7b0) = 0 (0x0)
/usr/bin/ldd32:
783: write(1,"/usr/bin/ldd32:\n",16) = 16 (0x10)
784: <new process>
783: fork() = 784 (0x310)
784: freebsd32_execve("/usr/bin/ldd32",[ "(null)" ],[ "LD_32_TRACE_LOADED_OBJECTS_PROGNAME=/usr/bin/ldd32", "LD_TRACE_LOADED_OBJECTS_PROGNAME=/usr/bin/ldd32", "LD_32_TRACE_LOADED_OBJECTS=yes", "LD_TRACE_LOADED_OBJECTS=yes", "USER=root", "LOGNAME=root", "HOME=/root", "SHELL=/bin/csh", "BLOCKSIZE=K", "MAIL=/var/mail/root", "MM_CHARSET=UTF-8", "LANG=C.UTF-8", "PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/root/bin", "TERM=vt100", "HOSTTYPE=FreeBSD", "VENDOR=amd", "OSTYPE=FreeBSD", "MACHTYPE=x86_64", "SHLVL=1", "PWD=/root", "GROUP=wheel", "HOST=freebsd-amd64", "EDITOR=vi", "PAGER=less" ]) EJUSTRETURN
784: freebsd32_mmap(0x0,135168,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 541212672 (0x20424000)
784: freebsd32_mprotect(0x20421000,4096,PROT_READ) = 0 (0x0)
784: issetugid() = 0 (0x0)
784: sigfastblock(0x1,0x204234fc) = 0 (0x0)
784: open("/etc/libmap32.conf",O_RDONLY|O_CLOEXEC,00) ERR#2 'No such file or directory'
784: open("/var/run/ld-elf32.so.hints",O_RDONLY|O_CLOEXEC,00) = 3 (0x3)
784: read(3,"Ehnt\^A\0\0\0\M^@\0\0\0\v\0\0\0"...,128) = 128 (0x80)
784: freebsd32_fstat(3,{ mode=-r--r--r-- ,inode=18680,size=32768,blksize=0 }) = 0 (0x0)
784: freebsd32_pread(3,"/usr/lib32\0",11,0x80) = 11 (0xb)

Reviewed By: jhb
Differential Revision: https://reviews.freebsd.org/D27625

truss: split counting of syscalls and syscall calling convention

This change is a refactoring cleanup to improve support for compat32
syscalls (and compat64 on CHERI systems). Each process ABI now has it's
own struct sycall instead of using one global list. The list of all
syscalls is replaced with a list of seen syscalls. Looking up the syscall
argument passing convention now interates over the fixed-size array instead
of using a link-list that's populated on startup so we no longer need the
init_syscall() function.
The actual functional changes are in D27625.

Reviewed By: jhb
Differential Revision: https://reviews.freebsd.org/D27636

truss: Decode sendfile(2) arguments

MFC after: 2 weeks

truss: Add AIO syscalls.

Display the arguments of aio_read(2), aio_write(2), aio_suspend(2),
aio_error(2), aio_return(2), aio_cancel(2), aio_fsync(2), aio_mlock(2),
aio_waitcomplete(2) and lio_listio(2) in human-readable form.

Reviewed by: asomers
Differential Revision: https://reviews.freebsd.org/D27518

kdump/truss: decode new _umtx_op flags

In both cases, print the flag bits first followed by the command.

Output now looks something like this:

(ktrace)
_umtx_op(0x8605f7008,0xf<UMTX_OP_WAIT_UINT_PRIVATE>,0,0,0)
_umtx_op(0x9fffdce8,0x80000003<UMTX_OP__32BIT|UMTX_OP_WAKE>,0x1,0,0)

(truss)
_umtx_op(0x7fffffffda50,UMTX_OP_WAKE,0x1,0x0,0x0) = 0 (0x0)
_umtx_op(0x9fffdd08,UMTX_OP__32BIT|UMTX_OP_WAKE,0x1,0x0,0x0) = 0 (0x0)

Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D27325

Enable iterating all sysctls, even ones with CTLFLAG_SKIP

Add an "nextnoskip" sysctl that allows for listing of sysctls intended to be
normally skipped for cost reasons.

This makes it so the names/descriptions of those sysctls can be discovered with
sysctl -aN/sysctl -ad/sysctl -at.

It also makes it so children are visited when a node flagged with CTLFLAG_SKIP
is explicitly requested.

The intended use case is to mark the root "kstat" node with CTLFLAG_SKIP so that
the extensive and expensive stats are skipped by default but may still be easily
obtained without having to know them all (which may not even be possible) and
request each one-by-one.

Reviewed by: jhb
MFC after: 2 weeks
Relnotes: yes
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D26560

truss: print more information about traced sysctls

MFC after: 2 weeks
Sponsored by: Mysterious Code Ltd.

Decode the file descriptor argument to closefrom(2) as an Integer.
This is consistent with what we are doing for close(2) and it makes
it a bit easier to follow when debugging file descriptor operations.
i.e. many other syscalls are decoding fds as integers rather than
base 16 numbers.

MFC after: 1 week

vfs: add realpathat syscall

realpath(3) is used a lot e.g., by clang and is a major source of getcwd
and fstatat calls. This can be done more efficiently in the kernel.

This works by performing a regular lookup while saving the name and found
parent directory. If the terminal vnode is a directory we can resolve it using
usual means. Otherwise we can use the name saved by lookup and resolve the
parent.

See the review for sample syscall counts.

Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D23574

truss: fix shm_open2 oversight (BinString -> Name)

BinString assumes a length in the next argument; Name is more appropriate
for the final argument.

truss: decode shm_open2

shm_open2 is similar to shm_open, except it also takes shmflags and optional
name to label the anonymous region for, e.g., debugging purposes.

The appropriate support for decoding shmflags was added to libsysdecode in
r358115.

This is a part of D23733.

Reviewed by: kaktus

Miscellaneous typo fixes

Submitted by: Gordon Bergling <gbergling_gmail.com>
Differential Revision: https://reviews.freebsd.org/D23453

truss: centralize pointer-constructing casts.

In nearly all cases, the caller has a uintptr_t compatible argument so
this eliminates a large number of casts.

Add a print_pointer function to centralize printing pointers.

Reviewed by: jhb
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D22212

Fix a typo in a comment.

Add an shm_rename syscall

Add an atomic shm rename operation, similar in spirit to a file
rename. Atomically unlink an shm from a source path and link it to a
destination path. If an existing shm is linked at the destination
path, unlink it as part of the same atomic operation. The caller needs
the same permissions as shm_unlink to the shm being renamed, and the
same permissions for the shm at the destination which is being
unlinked, if it exists. If those fail, EACCES is returned, as with the
other shm_* syscalls.

truss support is included; audit support will come later.

This commit includes only the implementation; the sysent-generated
bits will come in a follow-on commit.

Submitted by: Matthew Bryan <matthew.bryan@isilon.com>
Reviewed by: jilles (earlier revision)
Reviewed by: brueffer (manpages, earlier revision)
Relnotes: yes
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D21423

truss: decode sysctl names.

Submitted by: Pawel Biernacki
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D21688

Use PT_GET_SC_ARGS and PT_GET_SC_RET in truss.

This removes all of the architecture-specific functions from truss.

A per-ABI structure is still needed to map syscall numbers to names
and FreeBSD errno values to ABI error values as well as hold syscall
counters. However, the linker set of ABI structures is now replaced
with a simple table mapping ABI names to structures. This approach
permits sharing the same ABI structure among separate names such as
i386 a.out and ELF binaries as well as ELF v1 vs ELF v2 for powerpc64.

A few differences are visible due to using PT_GET_SC_RET to fetch the
error value of a system call. Note that ktrace/kdump have had the
"new" behaviors for a long time already:
- System calls that return with EJUSTRETURN or ERESTART will now be
noticed and logged as such. Previously sigreturn (which uses
EJUSTRETURN) would report whatever random value was in the register
holding errno from the previous system call for example. Now it
reports EJUSTRETURN.
- System calls that return errno as their error value such as
posix_fallocate() and posix_fadvise() now report non-zero return
values as errors instead of success with a non-zero return value.

Reviewed by: kib
MFC after: 1 month
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D20963

truss: Add support for fsync(2) and fdatasync(2).

The default handling showed the argument as hex. Add explicit handling so
we can show it as decimal, since that's how we show file descriptors
everywhere else.

Approved by: mjg (mentor)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D19295

truss: Fix display of shm_open(SHM_ANON, ...).

Currently truss(1) shows shm_open(SHM_ANON, ...) as shm_open("(null)", ...).
Detect the special value and display it by name.

Reviewed by: jhb, allanjude, tuexen
Approved by: mjg (mentor)
MFC with: r339224
Differential Revision: https://reviews.freebsd.org/D17461

Teach truss how to display shm_open(2), shm_unlink(2)

Submitted by: Thomas Munro <munro@ip9.org>
Reviewed by: tuexen, kib
Approved by: re (rgrimes)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D17457

Make timespecadd(3) and friends public

The timespecadd(3) family of macros were imported from NetBSD back in
r35029. However, they were initially guarded by #ifdef _KERNEL. In the
meantime, we have grown at least 28 syscalls that use timespecs in some
way, leading many programs both inside and outside of the base system to
redefine those macros. It's better just to make the definitions public.

Our kernel currently defines two-argument versions of timespecadd and
timespecsub. NetBSD, OpenBSD, and FreeDesktop.org's libbsd, however, define
three-argument versions. Solaris also defines a three-argument version, but
only in its kernel. This revision changes our definition to match the
common three-argument version.

Bump _FreeBSD_version due to the breaking KPI change.

Discussed with: cem, jilles, ian, bde
Differential Revision: https://reviews.freebsd.org/D14725

Rename ClouduABIFDSFlags to CloudABIFDSFlags.

Implement getrandom(2) and getentropy(3)

The general idea here is to provide userspace programs with well-defined
sources of entropy, in a fashion that doesn't require opening a new file
descriptor (ulimits) or accessing paths (/dev/urandom may be restricted
by chroot or capsicum).

getrandom(2) is the more general API, and comes from the Linux world.
Since our urandom and random devices are identical, the GRND_RANDOM flag
is ignored.

getentropy(3) is added as a compatibility shim for the OpenBSD API.

truss(1) support is included.

Tests for both system calls are provided. Coverage is believed to be at
least as comprehensive as LTP getrandom(2) test coverage. Additionally,
instructions for running the LTP tests directly against FreeBSD are provided
in the "Test Plan" section of the Differential revision linked below. (They
pass, of course.)

PR: 194204
Reported by: David CARLIER <david.carlier AT hardenedbsd.org>
Discussed with: cperciva, delphij, jhb, markj
Relnotes: maybe
Differential Revision: https://reviews.freebsd.org/D14500

Add missing assignment to make sure non-first cmsgs are handled as such.

Improve the printing of cmgs when the length is 0. Fix error handling.

Using %p already prints "0x", so don't do it explicitly.

Rename 'recv' to 'receive' to appease shadow warnings from GCC.

Keep list sorted. Thanks to jhb@ to pointing out that I put it at the
wrong place in r327919.

Decode msghdr argument of sendmsg() and recvmsg().

Sponsored by: Netflix, Inc.

Improve support for sctp_generic_recvmsg() and sctp_generic_sendmsg()
and add support for sctp_generic_sendmsg_iov().

Handle the struct iovec argument and the struct sctp_sndrcvinfo
arguments.

Mark the iovec parameters of writev() and readv() as IN and OUT.
This makes truss work on readv() as expected.

Fix a typo introduced in r327919.

Add support for readv() and writev() to truss.

Sponsored by: Netflix, Inc.

Decode kevent structures logged via ktrace(2) in kdump.

- Add a new KTR_STRUCT_ARRAY ktrace record type which dumps an array of
structures.

The structure name in the record payload is preceded by a size_t
containing the size of the individual structures. Use this to
replace the previous code that dumped the kevent arrays dumped for
kevent(). kdump is now able to decode the kevent structures rather
than dumping their contents via a hexdump.

One change from before is that the 'changes' and 'events' arrays are
not marked with separate 'read' and 'write' annotations in kdump
output. Instead, the first array is the 'changes' array, and the
second array (only present if kevent doesn't fail with an error) is
the 'events' array. For kevent(), empty arrays are denoted by an
entry with an array containing zero entries rather than no record.

- Move kevent decoding tables from truss to libsysdecode.

This adds three new functions to decode members of struct kevent:
sysdecode_kevent_filter, sysdecode_kevent_flags, and
sysdecode_kevent_fflags.

kdump uses these helper functions to pretty-print kevent fields.

- Move structure definitions for freebsd11 and freebsd32 kevent
structures to <sys/event.h> so that they can be shared with userland.
The 32-bit structures are only exposed if _WANT_KEVENT32 is defined.
The freebsd11 structures are only exposed if _WANT_FREEBSD11_KEVENT is
defined. The 32-bit freebsd11 structure requires both.

- Decode freebsd11 kevent structures in truss for the compat11.kevent()
system call.

- Log 32-bit kevent structures via ktrace for 32-bit compat kevent()
system calls.

- While here, constify the 'void *data' argument to ktrstruct().

Reviewed by: kib (earlier version)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D12470

spdx: initial adoption of licensing ID tags.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.

Initially, only tag files that use BSD 4-Clause "Original" license.

RelNotes: yes
Differential Revision: https://reviews.freebsd.org/D13133

Import the latest CloudABI definitions, version 0.16.

The most important change in this release is the removal of the
poll_fd() system call; CloudABI's equivalent of kevent(). Though I think
that kqueue is a lot saner than many of its alternatives, our
experience is that emulating this system call on other systems
accurately isn't easy. It has become a complex API, even though I'm not
convinced this complexity is needed. This is why we've decided to take a
different approach, by looking one layer up.

We're currently adding an event loop to CloudABI's C library that is API
compatible with libuv (except when incompatible with Capsicum).
Initially, this event loop will be built on top of plain inefficient
poll() calls. Only after this is finished, we'll work our way backwards
and design a new set of system calls to optimize it.

Interesting challenges will include integrating asynchronous I/O into
such a system call API. libuv currently doesn't aio(4) on Linux/BSD, due
to it being unreliable and having undesired semantics.

Obtained from: https://github.com/NuxiNL/cloudabi

Merge pipes and socket pairs.

Now that CloudABI's sockets API has been changed to be addressless and
only connected socket instances are used (e.g., socket pairs), they have
become fairly similar to pipes. The only differences on CloudABI is that
socket pairs additionally support shutdown(), send() and recv().

To simplify the ABI, we've therefore decided to remove pipes as a
separate file descriptor type and just let pipe() return a socket pair
of type SOCK_STREAM. S_ISFIFO() and S_ISSOCK() are now defined
identically.

Decode pathconf() names, *at() flags, and sysarch() numbers in libsysdecode.

Move tables that were previously in truss over to libsysdecode. truss
output is unchanged, but kdump has been updated to decode these fields.
In addition, sysdecode_sysarch_number() should support all platforms
whereas the old table in truss only supported x86.

Decode signal information returned by system calls.

Specifically, decode the siginfo structure returned by sigtimedwait(),
sigwaitinfo(), and wait6(). While here, also decode the signal number
returned in the second argument to sigwait().

Complete the CloudABI networking refactoring.

Now that all of the packaged software has been adjusted to either use
Flower (https://github.com/NuxiNL/flower) for making incoming/outgoing
network connections or can have connections injected, there is no longer
need to keep accept() around. It is now a lot easier to write networked
services that are address family independent, dual-stack, testable, etc.

Remove all of the bits related to accept(), but also to
getsockopt(SO_ACCEPTCONN).

Decode arguments passed to thr_set_name().

MFC after: 1 month

Sync CloudABI compatibility against the latest upstream version (v0.13).

With Flower (CloudABI's network connection daemon) becoming more
complete, there is no longer any need for creating any unconnected
sockets. Socket pairs in combination with file descriptor passing is all
that is necessary, as that is what is used by Flower to pass network
connections from the public internet to listening processes.

Remove all of the kernel bits that were used to implement socket(),
listen(), bindat() and connectat(). In principle, accept() and
SO_ACCEPTCONN may also be removed, but there are still some consumers
left.

Obtained from: https://github.com/NuxiNL/cloudabi
MFC after: 1 month

Upgrade to the latest sources generated from the CloudABI specification.

The CloudABI specification has had some minor changes over the last half
year. No substantial features have been added, but some features that
are deemed unnecessary in retrospect have been removed:

- mlock()/munlock():

These calls tend to be used for two different purposes: real-time
support and handling of sensitive (cryptographic) material that
shouldn't end up in swap. The former use case is out of scope for
CloudABI. The latter may also be handled by encrypting swap.

Removing this has the advantage that we no longer need to worry about
having resource limits put in place.

- SOCK_SEQPACKET:

Support for SOCK_SEQPACKET is rather inconsistent across various
operating systems. Some operating systems supported by CloudABI (e.g.,
macOS) don't support it at all. Considering that they are rarely used,
remove support for the time being.

- getsockname(), getpeername(), etc.:

A shortcoming of the sockets API is that it doesn't allow you to
create socket(pair)s, having fake socket addresses associated with
them. This makes it harder to test applications or transparently
forward (proxy) connections to them.

With CloudABI, we're slowly moving networking connectivity into a
separate daemon called Flower. In addition to passing around socket
file descriptors, this daemon provides address information in the form
of arbitrary string labels. There is thus no longer any need for
requesting socket address information from the kernel itself.

This change also updates consumers of the generated code accordingly.
Even though system calls end up getting renumbered, this won't cause any
problems in practice. CloudABI programs always call into the kernel
through a kernel-supplied vDSO that has the numbers updated as well.

Obtained from: https://github.com/NuxiNL/cloudabi

Decode FreeBSD11 fstatat calls.

Sort the compat11.* syscalls I added. Remove duplicate compat11.stat.

Submitted by: jhb@

Decode FreeBSD 11 compat stat, fstat and lstat calls.

Add abstime kqueue(2) timers and expand struct kevent members.

This change implements NOTE_ABSTIME flag for EVFILT_TIMER, which
specifies that the data field contains absolute time to fire the
event.

To make this useful, data member of the struct kevent must be extended
to 64bit. Using the opportunity, I also added ext members. This
changes struct kevent almost to Apple struct kevent64, except I did
not changed type of ident and udata, the later would cause serious API
incompatibilities.

The type of ident was kept uintptr_t since EVFILT_AIO returns a
pointer in this field, and e.g. CHERI is sensitive to the type
(discussed with brooks, jhb).

Unlike Apple kevent64, symbol versioning allows us to claim ABI
compatibility and still name the new syscall kevent(2). Compat shims
are provided for both host native and compat32.

Requested by: bapt
Reviewed by: bapt, brooks, ngie (previous version)
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D11025

Decode arguments to sched_* family of system calls.

This includes decoding both scheduler policy constants and the sched_param
structure for sched_get_priority_max(), sched_get_priority_min(),
sched_getparam(), sched_getscheduler(), sched_rr_get_interval(),
sched_setparam(), and sched_setscheduler().

Decode arguments to rtprio() and rtprio_thread().

Decode the 'howto' argument to reboot().

Decode the arguments to quotactl().

Decode the arguments to ptrace().

This does not decode structures returned by ptrace().

Decode arguments to getpriority() and setpriority().

Decode arguments passed to msync().

Decode flags passed to mount(), nmount(), and unmount().

Decode arguments to mlock(), mlockall(), and munlock().

Decode arguments to minherit().

Decode arguments passed to extended attribute related system calls.

The cmd argument passed to extattrctl() is not decoded as a string constant
but is just printed in hex. The value is filesystem-specific but in
practice is only used with UFS1 filesystems.

Decode arguments to ACL related system calls.

This only decodes the raw arguments but not the contents of the struct acl
objects.

Decode arguments to dup, dup2, getdirentries, pread, and pwrite.

- dup and dup2 print fd arguments in decimal.
- pread and pwrite are similar to read and write with the addition of the
file offset.
- getdirentries displays the output entries as a string for now and also
prints the value returned in *basep. Eventually the buffer for
getdirentries should perhaps be decoded as an array of dirent
structures.

PR: 214885
Submitted by: Jonathan de Boyne Pollard <J.deBoynePollard-newsgroups@NTLWorld.COM>

Decode the 'who' argument passed to getrusage().

Add a new sysdecode_getrusage_who() which decodes the RUSAGE_* constant
passed as the first argument to getrusage(). Use this function in both
kdump and truss to decode the first argument to getrusage().

PR: 215448
Submitted by: Anton Yuzhaninov <citrin+pr@citrin.ru>
MFC after: 1 month

Decode the argument passed to cap_getmode().

The returned integer value is output.

Decode the arguments passed to __cap_rights_get() and cap_rights_limit().

Submitted by: tobik

Improve the decoding of the third argument of the socket() call.

Decoding of the third argument depends on the first one. For doing this,
add a corresponding function to libsysdecode.

Thanks to jhb@ for suggesting this.

Add support for sctp_generic_sendmsg() and sctp_generic_recvmsg().

Add support for sendmsg() and recvmsg().

Decode the fourth argument of sendto and recvfrom call.

Add support for [gs]etsockopt().

Decode the third argument of socket().

Add Socklent for handling args of type socklen_t.

Add support for listen() call.

Improve decoding of last arguments to ioctl() and sendto().

Decode the last argument to ioctl() as a pointer rather than an int.
Eventually this could use 'int' for the _IOWINT() case and pointers for
all others.

The last argument to sendto() is a socklen_t value, not a pointer.

Decode arguments to madvise().

Add a Sizet type for 'size_t' values and use it instead of Int.

Various size_t arguments were previously decoded as Int values instead
which would have truncated values above 2^31 on 64-bit systems.

Decode arguments passed to kldsym() and kldunloadf().

This does not currently decode the kld_sym_lookup structure passed to
kldsym().

Decode arguments passed to getfsstat().

Note that this does not yet decode the statfs structures returned by
getfsstat().

Decode flock() operation.

Decode file flags passed to *chflags*().

While here, decode arguments passed to fchflags() and chflagsat().

Decode arguments passed to posix_fadvise().

Decode the arguments passed to cap_fcntls_get() and cap_fcntls_limit().

Automate the handling of QUAD_ALIGN and QUAD_SLOTS.

Previously, the offset in a system call description specified the
array index of the start of a system call argument. For most system
call arguments this was the same as the index of the argument in the
function signature. 64-bit arguments (off_t and id_t values) passed
on 32-bit platforms use two slots in the array however. This was
handled by adding (QUAD_SLOTS - 1) to the slot indicies of any
subsequent arguments after a 64-bit argument (though written as ("{
Quad, 1 }, { Int, 1 + QUAD_SLOTS }" rather than "{ Quad, 1 }, { Int, 2
+ QUAD_SLOTS - 1 }"). If a system call contained multiple 64-bit
arguments (such as posix_fadvise()), then additional arguments would
need to use 'QUAD_SLOTS * 2' but remember to subtract 2 from the
initial number, etc. In addition, 32-bit powerpc requires 64-bit
arguments to be 64-bit aligned, so if the effective index in the array
of a 64-bit argument is odd, it needs QUAD_ALIGN added to the current
and any subsequent slots. However, if the effective index in the
array of a 64-bit argument was even, QUAD_ALIGN was omitted.

This approach was messy and error prone. This commit replaces it with
automated pre-processing of the system call table to do fixups for
64-bit argument offsets. The offset in a system call description now
indicates the index of an argument in the associated function call's
signature. A fixup function is run against each decoded system call
description during startup on 32-bit platforms. The fixup function
maintains an 'offset' value which holds an offset to be added to each
remaining system call argument's index. Initially offset is 0. When
a 64-bit system call argument is encountered, the offset is first
aligned to a 64-bit boundary (only on powerpc) and then incremented to
account for the second argument slot used by the argument. This
modified 'offset' is then applied to any remaining arguments. This
approach does require a few things that were not previously required:

1) Each system call description must now list arguments in ascending
order (existing ones all do) without using duplicate slots in the
register array. A new assert() should catch any future
descriptions which violate this rule.

2) A system call description is still permitted to omit arguments
(though none currently do), but if the call accepts 64-bit
arguments those cannot be omitted or incorrect results will be
displated on 32-bit systems.

Tested on: amd64 and i386

Remove duplicate argument from linux_stat64() decoding.

Rework syscall structure lookups.

Avoid always using an O(n^2) loop over known syscall structures with
strcmp() on each system call. Instead, use a per-ABI cache indexed by
the system call number. The first 1024 system calls (which should cover
all of the normal system calls in currently-supported ABIs) use a flat array
indexed by the system call number to find system call structure. For other
system calls, a linked list of structures storing an integer to structure
mapping is stored in the ABI. The linked list isn't very smart, but it
should only be used by buggy applications invoking unknown system calls.

This also fixes handling of unknown system calls which currently trigger
a NULL pointer dereference.

Reviewed by: kib
MFC after: 2 weeks

Move mksubr from kdump into libsysdecode.

Restructure this script so that it generates a header of tables instead
of a source file. The tables are included in a flags.c source file which
provides functions to decode various system call arguments.

For functions that decode an enumeration, the function returns a pointer
to a string for known values and NULL for unknown values.

For functions that do more complex decoding (typically of a bitmask), the
function accepts a pointer to a FILE object (open_memstream() can be used
as a string builder) to which decoded values are written. If the
function operates on a bitmask, the function returns true if any bits
were decoded or false if the entire value was valid. Additionally, the
third argument accepts a pointer to a value to which any undecoded bits
are stored. This pointer can be NULL if the caller doesn't care about
remaining bits.

Convert kdump over to using decoder functions from libsysdecode instead of
mksubr. truss also uses decoders from libsysdecode instead of private
lookup tables, though lookup tables for objects not decoded by kdump remain
in truss for now. Eventually most of these tables should move into
libsysdecode as the automated table generation approach from mksubr is
less stale than the static tables in truss.

Some changes have been made to truss and kdump output:
- The flags passed to open() are now properly decoded in that one of
O_RDONLY, O_RDWR, O_WRONLY, or O_EXEC is always included in a decoded
mask.
- Optional arguments to open(), openat(), and fcntl() are only printed
in kdump if they exist (e.g. the mode is only printed for open() if
O_CREAT is set in the flags).
- Print argument to F_GETLK/SETLK/SETLKW in kdump as a pointer, not int.
- Include all procctl() commands.
- Correctly decode pipe2() flags in truss by not assuming full
open()-like flags with O_RDONLY, etc.
- Decode file flags passed to *chflags() as file flags (UF_* and SF_*)
rather than as a file mode.
- Fix decoding of quotactl() commands by splitting out the two command
components instead of assuming the raw command value matches the
primary command component.

In addition, truss and kdump now build without triggering any warnings.
All of the sysdecode manpages now include the required headers in the
synopsis.

Reviewed by: kib (several older versions), wblock (manpages)
MFC after: 2 months
Differential Revision: https://reviews.freebsd.org/D7847

Fix printf format warning.

Import the new automatically generated system call table for CloudABI.

Now that we've switched over to using the vDSO on CloudABI, it becomes a
lot easier for us to phase out old features. System call numbering is no
longer something that's part of the ABI. It's fully based on names. As
long as the numbering used by the kernel and the vDSO is consistent
(which it always is), it's all right.

Let's put this to the test by removing a system call (thread_tcb_set())
that's already unused for quite some time now, but was only left intact
to serve as a placeholder. Sync in the new system call table that uses
alphabetic sorting of system calls.

Obtained from: https://github.com/NuxiNL/cloudabi

Fix sorting in r303934.

Reported by: jhb
X-MFC-With: r303934
MFC after: 3 days
Sponsored by: EMC / Isilon Storage Division

Use proper argument length for rmdir(2) for r303934.

Reported by: kib
X-MFC-With: r303934
MFC after: 3 days
Sponsored by: EMC / Isilon Storage Division

Support rmdir(2).

MFC after: 3 days
Sponsored by: EMC / Isilon Storage Division

Cleanup unnecessary semicolons from utilities we all love.

Replace the CloudABI system call table by a machine generated version.

The type definitions and constants that were used by COMPAT_CLOUDABI64
are a literal copy of some headers stored inside of CloudABI's C
library, cloudlibc. What is annoying is that we can't make use of
cloudlibc's system call list, as the format is completely different and
doesn't provide enough information. It had to be synced in manually.

We recently decided to solve this (and some other problems) by moving
the ABI definitions into a separate file:

https://github.com/NuxiNL/cloudabi/blob/master/cloudabi.txt

This file is processed by a pile of Python scripts to generate the
header files like before, documentation (markdown), but in our case more
importantly: a FreeBSD system call table.

This change discards the old files in sys/contrib/cloudabi and replaces
them by the latest copies, which requires some minor changes here and
there. Because cloudabi.txt also enforces consistent names of the system
call arguments, we have to patch up a small number of system call
implementations to use the new argument names.

The new header files can also be included directly in FreeBSD kernel
space without needing any includes/defines, so we can now remove
cloudabi_syscalldefs.h and cloudabi64_syscalldefs.h. Patch up the
sources to include the definitions directly from sys/contrib/cloudabi
instead.

Use ptrace(2) LWP events to track threads reliably in truss.

- truss can now log the system call invoked by a thread during a
voluntary process exit. No return value is logged, but the value passed
to exit() is included in the trace output. Arguments passed to thread
exit system calls such as thr_exit() are not logged as voluntary thread
exits cannot be distinguished from involuntary thread exits during a
system call.
- New events are now reported for thread births and exits similar to the
recently added events for new child processes when following forks.

Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D5561

Add handling for non-native error values to libsysdecode.

Add two new functions, sysdecode_abi_to_freebsd_errno() and
sysdecode_freebsd_to_abi_errno(), which convert errno values between
the native FreeBSD ABI and other supported ABIs. Note that the
mappings are not necessarily perfect meaning in some cases multiple
errors in one ABI might map to a single error in another ABI. In that
case, the reverse mapping will return one of the errors that maps, but
which error is non-deterministic.

Change truss to always report the raw error value to the user but
use libsysdecode to map it to a native errno value that can be used
with strerror() to generate a description. Previously truss reported
the "converted" error value. Now the user will always see the exact
error value that the application sees.

Change kdump to report the truly raw error value to the user. Previously
kdump would report the absolute value of the raw error value (so for
Linux binaries it didn't output the FreeBSD error value, but the positive
value of the Linux error). Now it reports the real (i.e. negative) error
value for Linux binaries. Also, use libsysdecode to convert the native
FreeBSD error reported in the ktrace record to the raw error used by the
ABI. This means that the Linux ABI can now be handled directly in
ktrsysret() and removes the need for linux_ktrsysret().

Reviewed by: bdrewery, kib
Helpful notes: wblock (manpage)
Differential Revision: https://reviews.freebsd.org/D5314

Add support for displaying thread IDs to truss(1).

- Consolidate duplicate code for printing the metadata at the start of
each line into a shared function.
- Add an -H option which will log the thread ID of the relevant thread
for each event.

While here, remove some extraneous calls to clock_gettime() in
print_syscall() and print_syscall_ret(). The caller of print_syscall_ret()
always updates the current thread's "after" time before it is called.

Reviewed by: kib
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D5363

Remove an unused variable that snuck into the previous revision.

Fetch the current thread and it's syscall state from the trussinfo object
instead of passing some of that state as arguments to print_syscall() and
print_syscallret(). This just makes the calls of these functions shorter
and easier to read.

Move the mkioctls script to libsysdecode and use it to generate a
sysdecode_ioctlname() function. This function matches the behavior
of the truss variant in that it returns a pointer to a string description
for known ioctls. The caller is responsible for displaying unknown
ioctl requests. For kdump this meant moving the logic to handle unknown
ioctl requests out of the generated function and into an ioctlname()
function in kdump.c instead.

Differential Revision: https://reviews.freebsd.org/D4610

Start on a new library (libsysdecode) that provides routines for decoding
system call information such as system call arguments. Initially this
will consist of pulling duplicated code out of truss and kdump though it
may prove useful for other utilities in the future.

This commit moves the shared utrace(2) record parser out of kdump into
the library and updates kdump and truss to use it. One difference from
the previous version is that the library version treats unknown events
that start with the "RTLD" signature as unknown events. This simplifies
the interface and allows the consumer to decide how to handle all
non-recognized events. Instead, this function only generates a string
description for known malloc() and RTLD records.

Reviewed by: bdrewery
Differential Revision: https://reviews.freebsd.org/D4537

Properly format pointer size independent CloudABI system calls.

CloudABI has approximately 50 system calls that do not depend on the
pointer size of the system. As the ABI is pretty compact, it takes
little effort to each truss(8) the formatting rules for these system
calls. Start off by formatting pointer size independent system calls.

Changes:

- Make it possible to include the CloudABI system call definitions in
FreeBSD userspace builds. Add ${root}/sys to the truss(8) Makefile so
we can pull in <compat/cloudabi/cloudabi_syscalldefs.h>.
- Refactoring: patch up amd64-cloudabi64.c to use the CLOUDABI_*
constants instead of rolling our own table.
- Add table entries for all of the system calls.
- Add new generic formatting types (UInt, IntArray) that we'll be using
to format unsigned integers and arrays of integers.
- Add CloudABI specific formatting types.

Approved by: jhb
Differential Revision: https://reviews.freebsd.org/D3836

truss: Add support for utrace(2).

This uses the kdump(1) utrace support code directly until a common library
is created.

This allows malloc(3) tracing with MALLOC_CONF=utrace:true and rtld tracing
with LD_UTRACE=1. Unknown utrace(2) data is just printed as hex.

PR: 43819 [inspired by]
Reviewed by: jhb
MFC after: 2 weeks
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D3819

Group the decoded system calls by ABI and sort the calls within each ABI.

Reviewed by: bdrewery
Glanced at by: kib
Differential Revision: https://reviews.freebsd.org/D3823

Add decoding for modfind(2)

Fix tracking of unknown syscalls for 'truss -c'.

This is done by changing get_syscall() to either lookup the known syscall
or add it into the list with the default handlers for printing.

This also simplifies some code to not have to check if the syscall variable
is set or NULL.

Reviewed by: jhb
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D3792

Style fix.

Add decoding for struct statfs.

Reviewed by: jhb (briefly)

Rather than groveling around in a socket address structure for a socket
address's length (and then overriding it if it "looks wrong"), use the
next argument to the system call to determine the length. This is more
reliable since this is what the kernel depends on anyway and is also
simpler.

The id_t type used to pass IDs to wait6(2) and procctl(6) is a 64-bit
integer. Fix the argument decoding to treat this as a quad instead of an
int. This includes using QUAD_ALIGN and QUAD_SLOTS as necessary. To
continue printing IDs in decimal, add a new QuadHex argument type that
prints a 64-bit integer in hex, use QuadHex for the existing off_t arguments,
repurpose Quad to print a 64-bit integer in decimal, and use Quad for id_t
arguments.

This fixes the decoding of wait6(2) and procctl(2) on 32-bit platforms.

- Remove extra integer argument from truncate() and ftruncate(). This is
probably fallout from the removal of the extra padding argument before
off_t in 7. However, that padding still exists for 32-bit powerpc, so
use QUAD_ALIGN.
- Fix QUAD_ALIGN to be zero for powerpc64. It should only be set to 1
for 32-bit platforms that add padding to align 64-bit arguments.

Several changes to truss.
- Refactor the interface between the ABI-independent code and the
ABI-specific backends. The backends now provide smaller hooks to
fetch system call arguments and return values. The rest of the
system call entry and exit handling that was previously duplicated
among all the backends has been moved to one place.
- Merge the loop when waiting for an event with the loop for handling stops.
This also means not emulating a procfs-like interface on top of ptrace().
Instead, use a single event loop that fetches process events via waitid().
Among other things this allows us to report the full 32-bit exit value.
- Use PT_FOLLOW_FORK to follow new child processes instead of forking a new
truss process for each new child. This allows one truss process to monitor
a tree of processes and truss -c should now display one total for the
entire tree instead of separate summaries per process.
- Use the recently added fields to ptrace_lwpinfo to determine the current
system call number and argument count. The latter is especially useful
and fixes a regression since the conversion from procfs. truss now
generally prints the correct number of arguments for most system calls
rather than printing extra arguments for any call not listed in the
table in syscalls.c.
- Actually check the new ABI when processes call exec. The comments claimed
that this happened but it was not being done (perhaps this was another
regression in the conversion to ptrace()). If the new ABI after exec
is not supported, truss detaches from the process. If truss does not
support the ABI for a newly executed process the process is killed
before it returns from exec.
- Along with the refactor, teach the various ABI-specific backends to
fetch both return values, not just the first. Use this to properly
report the full 64-bit return value from lseek(). In addition, the
handler for "pipe" now pulls the pair of descriptors out of the
return values (which is the true kernel system call interface) but
displays them as an argument (which matches the interface exported by
libc).
- Each ABI handler adds entries to a linker set rather than requiring
a statically defined table of handlers in main.c.
- The arm and mips system call fetching code was changed to follow the
same pattern as amd64 (and the in-kernel handler) of fetching register
arguments first and then reading any remaining arguments from the
stack. This should fix indirect system call arguments on at least
arm.
- The mipsn32 and n64 ABIs will now look for arguments in A4 through A7.
- Use register %ebp for the 6th system call argument for Linux/i386 ABIs
to match the in-kernel argument fetch code.
- For powerpc binaries on a powerpc64 system, fetch the extra arguments
on the stack as 32-bit values that are then copied into the 64-bit
argument array instead of reading the 32-bit values directly into the
64-bit array.

Reviewed by: kib (earlier version)
Tested on: amd64 (FreeBSD/amd64 & i386), i386, arm (earlier version)
Tested on: powerpc64 (FreeBSD/powerpc64 & powerpc)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D3575

Trim trailing whitespace.

Decode recently added procctl(2) operations.

Handle the conditional decoding of execve() argument and environment
arrays generically rather than duplicating a hack in all of the backends.
- Add two new system call argument types and use them instead of StringArray
for the argument and environment arguments execve and linux_execve.
- Honor the -a/-e flags in the handling of these new types.
- Instead of printing "<missing argument>" when the decoding is disabled,
print the raw pointer value.

Rework the argv and env string fetching for execve to be more robust.
Before truss would fetch 100 string pointers and happily walk off the end
of the array if it never found a NULL. This also means for a short argv
list it could fail entirely if the 100 string pointers spanned into an
unmapped page.

Instead, fetch page-aligned blocks of string pointers in a loop fetching
each string until a NULL is found.

While here, make use of the open memstream file descriptor instead of
allocating a temporary array. This allows us to fetch each string once
instead of twice.

ino_t is unsigned, so use uintmax_t instead of intmax_t when printing it.

Submitted by: bde (sort of)

Always use %j with an intmax_t cast to print time_t values. time_t is
longer than long on 32-bit platforms with a 64-bit time_t.

Inspired by: mail from bde

Various style and whitespace fixes.

Expand the decoding of kevent structures.
- Print the ident value as decimal instead of hexadecimal for filter types
that use "small" values such as file descriptors and PIDs.
- Decode NOTE_* flags in the fflags field of kevents for several system
filter types.

Change the argument formatting function to use a stdio FILE object opened
with open_memstream() to build the string for each argument. This allows
for more complicated argument building without resorting to intermediate
malloc's, etc.

Related, the strsig*() functions no longer return allocated strings but
use a static global buffer instead.

Use an xlat table and xlookup() instead of a home-rolled version for the
sigprocmask operation type.

Tidy the linux_socketcall decoding:
- Don't exit if get_struct() fails, instead print the raw pointer value to
match all other argument decoding cases.
- Use an xlat table instead of a home-rolled switch for the operation name.
- Display the nested socketcall args structure as a structure instead of as
two inline arguments.

Decode the optional SOCK_NONBLOCK and SOCK_CLOEXEC flags passed in a
socket type.

- Decode the arguments for several signal-related system calls: sigpending,
sigqueue, sigreturn, sigsuspend, sigtimedwait, sigwait, sigwaitinfo, and
thr_kill.
- Print signal sets as a structure (with {}'s) and in particular use this to
differentiate empty sets from a NULL pointer.
- Decode arguments for some other system calls: issetugid, pipe2, sysarch
(operations are only decoded for amd64 and i386), and thr_self.

Consistently use both leading and trailing spaces inside of the {}'s
when pretty-printing structures. Most structures used both spaces,
but some only used a trailing space and some used neither.

Whitespace fixes to consistently use spaces before }'s and
wrap long lines.

Decode the arguments passed to the *at() family of system calls. This is
especially useful now that libc's open() always calls openat(). While here,
fix a few other things:
- Decode the mode argument passed to access(), eaccess(), and faccessat().
- Decode the atfd paramete to pretty-print AT_FDCWD.
- Decode the special AT_* flags used with some of the *at() system calls.
- Decode arguments for fchmod(), lchmod(), fchown(), lchown(), eaccess(),
and futimens().
- Decode both of the timeval structures passed to futimes() instead of just
the first one.

Decode the arguments to mkfifo() and fix an off-by-one error in the arguments
to mknod().

Don't mark the fcntl flag argument as an output parameter so that it is
always decoded. Previously the argument was not decoded if fcntl() failed.

Add recently added values of various flags and enumerations including
kevent filters, kevent flags, flags to mmap, seek locations, fcntl
operations, file flags, socket domains, open flags, resource limits, and
pathconf values.

Rework get_string() to make it more robust when fetching strings of unknown
length. In particular, instead of blinding fetching 1k blocks, do an initial
fetch up to the end of the current page followed by page-sized fetches up to
the maximum size. Previously if the 1k buffer crossed a page boundary and
the second page was not valid, the entire operation would fail.

Whitespace fix: remove some spurious spaces before commas.

The current POSIX semaphore implementation stores the _has_waiters flag
in a separate word from the _count. This does not permit both items to
be updated atomically in a portable manner. As a result, sem_post()
must always perform a system call to safely clear _has_waiters.

This change removes the _has_waiters field and instead uses the high bit
of _count as the _has_waiters flag. A new umtx object type (_usem2) and
two new umtx operations are added (SEM_WAIT2 and SEM_WAKE2) to implement
these semantics. The older operations are still supported under the
COMPAT_FREEBSD9/10 options. The POSIX semaphore API in libc has
been updated to use the new implementation. Note that the new
implementation is not compatible with the previous implementation.
However, this only affects static binaries (which cannot be helped by
symbol versioning). Binaries using a dynamic libc will continue to work
fine. SEM_MAGIC has been bumped so that mismatched binaries will error
rather than corrupting a shared semaphore. In addition, a padding field
has been added to sem_t so that it remains the same size.

Differential Revision: https://reviews.freebsd.org/D961
Reported by: adrian
Reviewed by: kib, jilles (earlier version)
Sponsored by: Norse

Retire the unimplemented MAP_RENAME and MAP_NORESERVE flags to mmap(2).
Older binaries are still permitted to use these flags.

PR: 193961 (exp-run in ports)
Differential Revision: https://reviews.freebsd.org/D848
Reviewed by: kib

Decode the arguments passed to _umtx_op(). In particular, decode the
opcode.

MFC after: 1 week
Sponsored by: Norse

Add Linux socket call decoding to truss

MFC after: 1 month

Remove dead code from umtx support:
- Retire long time unused (basically always unused) sys__umtx_lock()
and sys__umtx_unlock() syscalls
- struct umtx and their supporting definitions
- UMUTEX_ERROR_CHECK flag
- Retire UMTX_OP_LOCK/UMTX_OP_UNLOCK from _umtx_op() syscall

__FreeBSD_version is not bumped yet because it is expected that further
breakages to the umtx interface will follow up in the next days.
However there will be a final bump when necessary.

Sponsored by: EMC / Isilon storage division
Reviewed by: jhb

Extend the support for exempting processes from being killed when swap is
exhausted.
- Add a new protect(1) command that can be used to set or revoke protection
from arbitrary processes. Similar to ktrace it can apply a change to all
existing descendants of a process as well as future descendants.
- Add a new procctl(2) system call that provides a generic interface for
control operations on processes (as opposed to the debugger-specific
operations provided by ptrace(2)). procctl(2) uses a combination of
idtype_t and an id to identify the set of processes on which to operate
similar to wait6().
- Add a PROC_SPROTECT control operation to manage the protection status
of a set of processes. MADV_PROTECT still works for backwards
compatability.
- Add a p_flag2 to struct proc (and a corresponding ki_flag2 to kinfo_proc)
the first bit of which is used to track if P_PROTECT should be inherited
by new child processes.

Reviewed by: kib, jilles (earlier version)
Approved by: re (delphij)
MFC after: 1 month

- Decode the idtype argument passed to wait6() in kdump and truss.
- Don't treat an options argument of 0 to wait4() as an error in
kdump.
- Decode the wait options passed to wait4() and wait6() in truss
and decode the returned rusage and exit status.

Approved by: re (kib)
MFC after: 1 week

Add a mmap flag (MAP_32BIT) on 64-bit platforms to request that a mapping use
an address in the first 2GB of the process's address space. This flag should
have the same semantics as the same flag on Linux.

To facilitate this, add a new parameter to vm_map_find() that specifies an
optional maximum virtual address. While here, fix several callers of
vm_map_find() to use a VMFS_* constant for the findspace argument instead of
TRUE and FALSE.

Reviewed by: alc
Approved by: re (kib)

Remove incorrect 'const' qualifier from pointers to dynamic string
buffers I added in the previous commit.

Pointy hat to: jhb
MFC after: 1 month

Add new mmap(2) flags to permit applications to request specific virtual
address alignment of mappings.
- MAP_ALIGNED(n) requests a mapping aligned on a boundary of (1 << n).
Requests for n >= number of bits in a pointer or less than the size of
a page fail with EINVAL. This matches the API provided by NetBSD.
- MAP_ALIGNED_SUPER is a special case of MAP_ALIGNED. It can be used
to optimize the chances of using large pages. By default it will align
the mapping on a large page boundary (the system is free to choose any
large page size to align to that seems best for the mapping request).
However, if the object being mapped is already using large pages, then
it will align the virtual mapping to match the existing large pages in
the object instead.
- Internally, VMFS_ALIGNED_SPACE is now renamed to VMFS_SUPER_SPACE, and
VMFS_ALIGNED_SPACE(n) is repurposed for specifying a specific alignment.
MAP_ALIGNED(n) maps to using VMFS_ALIGNED_SPACE(n), while
MAP_ALIGNED_SUPER maps to VMFS_SUPER_SPACE.
- mmap() of a device object now uses VMFS_OPTIMAL_SPACE rather than
explicitly using VMFS_SUPER_SPACE. All device objects are forced to
use a specific color on creation, so VMFS_OPTIMAL_SPACE is effectively
equivalent.

Reviewed by: alc
MFC after: 1 month

Properly print arguments to vfork(2) and rfork(2).

PR: 180976
Submitted by: Yuri <yuri@tsoft.com> (original patch)
MFC after: 1 week

truss: recognize O_DIRECTORY, O_EXEC, O_TTY_INIT and O_CLOEXEC

MFC after: 3 days

Revert r247300 for now. I'll post a new changeset for review.

Expose timespec and timeval macros when __BSD_VISIBLE is defined. This
allows userland application to use the following macros:

timespecclear, timespecisset, timespeccmp, timespecadd,
timespecsub;

timevalclear, timevalisset, timevalcmp.

MFC after: 1 month

- Make truss thread-aware.

Approved by: kib (mentor)
MFC after: 2 weeks

- Style(9) cleanup.

Approved by: kib (mentor)

- Use pid_t type instead of just int.

Approved by: kib (mentor)

Add more static keywords to truss(1) source code.

There are some tables in the source code that are only used by the
individual source files themselves. Therefore there is no need to export
them.

Don't write the terminating NUL past end of buffer.

PR: bin/152345
Submitted by: Mateusz Guzik

A new jail(8) with a configuration file, to replace the work currently done
by /etc/rc.d/jail.

Fix copyright spelling.

PR: 139825
Submitted by: Ruslan Mahmatkhanov

Create the altix project branch. The altix project will add support
for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting
is a two-module system, consisting of a base compute module and a
CPU expansion module. SGI's NUMAFlex architecture can be an excellent
platform to test CPU affinity and NUMA-aware features in FreeBSD.

MFC r200781:

Cast time_t values to intmax_t and use %jd with printf.

MFC r200780:

Remove non-working special case for pipe(2) from amd64-fbsd32.c and
i386-fbsd.c. Add pipe(2) to syscall table to decode it's pointer
argument properly and re-add special handling for pipe(2) return value
to print_syscall_ret().

PR: bin/120870

MFC r200751:

Add fork(2), getegid(2), geteuid(2), getgid(2), getpid(2), getpgid(2),
getpgrp(2), getppid(2), getsid(2) and getuid(2) to syscall table to
decode their arguments correctly.

MFC r201350:

The devices that supported EVFILT_NETDEV kqueue filters were removed in
r195175. Remove all definitions, documentation, and usage.

The change of function signature for vlan_link_state() was not merged to
maintain the ABI.

The devices that supported EVFILT_NETDEV kqueue filters were removed in
r195175. Remove all definitions, documentation, and usage.

fifo_misc.c:
Remove all kqueue tests as fifo_io.c performs all those that
would have remained.

Reviewed by: rwatson
MFC after: 3 weeks
X-MFC note: don't change vlan_link_state() function signature

Allow proper tracing of posix_openpt(2).

Cast time_t values to intmax_t and use %jd with printf.

OK'ed by: delphij
Approved by: trasz (mentor)

Remove non-working special case for pipe(2) from amd64-fbsd32.c and
i386-fbsd.c. Add pipe(2) to syscall table to decode it's pointer
argument properly and re-add special handling for pipe(2) return value
to print_syscall_ret().

PR: bin/120870
Approved by: trasz (mentor)

Add fork(2), getegid(2), geteuid(2), getgid(2), getpid(2), getpgid(2),
getpgrp(2), getppid(2), getsid(2) and getuid(2) to syscall table to
decode their arguments correctly.

OK'ed by: delphij
Approved by: trasz (mentor)

Add -c option to summarize number of calls, errors, and system time.

Reviewed by: alfred

- Import the HEAD csup code which is the basis for the cvsmode work.

Try to make this code slightly less painful to read.

The break() system call takes a pointer argument, not an integer. This
change fixes output for break() on LP64 systems.

Print integer-typed arguments as integers. This makes sure that
on 64-bit platforms the result is more reliable. For example,
-1 was previously printed as 0xffffffff.

Approved by: re (kensmith)

Fix handling of Quad-type arguments. Previously, syscalls
containing 64-bit arguments would have explicit padding.
On 64-bit platforms there was no padding, so the dummy
argument was not covering anything. On 32-bit platforms
with weak alignment (i.e. i386) the 64-bit argument did
not need to be aligned, so there too an aditional argument
was introduced. On 32-bit platforms with strong alignment
(i.e. PowerPC) the dummy argument in fact cover the padding.
By elimininating the dummy argument, 64-bit platforms now
have 1 argument less. This also applies to 32-bit platforms
with weak alignment. On PowerPC this doesn't matter, because
the padding is still there. We just don't "name" it.
Deal with those 3 cases.

Approved by: re (kensmith)

Make use of ptrace(2) instead of procfs in truss(1), eliminating
yet another need of an available /proc/ mount.

Tested with: make universe
Submitted by: howardsu
Reviewed by: alfred

- Add decoding of kse_release, kevent, sigprocmask, unmount, socket, getrusage,
rename, __getcwd, shutdown, getrlimit, setrlimit, _umtx_lock, _umtx_unlock,
pathconf, truncate, ftruncate, kill

- Decode more arguments of open, mprot, *stat, and fcntl.

- Convert all constant-macro and bitfield decoding to lookup tables; much
cleaner than previous code.

- Print the timestamp of process exit and signal reception when -d or -D are in
use

- Try six times with 1/2 second delay to debug the child

PR: bin/52190 (updated)
Submitted by: Dan Nelson <dnelson@allantgroup.com>
Approved by: alfred

Add a -s flag for the same functionality as strace. Introduce a Name
type which is a String type that has no -s limitations applied to it.
Change most Strings in the code to Names and add a few extra syscalls,
namely munmap, read, rename and symlink. This was enough to facilitate
following file descriptor allocations in the code more easily and
getting a hint at what's being read/written from/to files. More
syscalls should really be added.

While here, fix an off-by-one bug in the buffer truncation code and
add a fflush so that truss's output reflects the syscall that the
program is stuck in.

Sponsored by: Sophos/Activestate
MFC after: 2 weeks

The kernel accepts sockaddrs with len set to zero for sockaddr_in
types, so refactor the code here to grab them when length is zero.

Decode chroot(2) args.

Approved by: re

decode utimes, lutimes, futimes, chflags, lchflags.

decode mkdir args.

Change fix a bug where the length of data written by snprintf was
being mishandled by using accumulation (into an uninitialized
variable) instead of direct assignment.

Reviewed by: scottl

Fix Quad handling on 64-bit architectures. On 64-bit machines, a Quad
also occupies a single slot. There's no need for any special handling
of Quads. While here, remove the silly make_quad() function. We have
the 2 longs on 32-bit machines already lined up in the argument array,
so we can fetch the Quad with a simple cast.

Before:
lseek(1,0x123456789,0xd0d0d0d0d0d0d0d0) = 4886718345 (0x123456789)
After:
lseek(1,0x123456789,SEEK_SET) = 4886718345 (0x123456789)

don't seg if the syscall is invalid for i386fbsd.

Use the length modifier 'll' instead of 'q' to print long longs.

Support readlink(2) better. Readlink does not nul terminate the
result buffer, so we need to format it ourselves. The problem is
that the length is stored as the return value from readlink, so we
need to pass the return value from our syscall into print_arg.

Motivated by: truss garbage on my screen from reading /etc/malloc.conf.

When reporting reciept of a signal, print the signal's name.

Decode the "wence" arg to lseek and linux_lseek.

COMPAT_SUNOS is gone.

Add support for decoding Timespec, Timeval, Itimerval, Pollfd,
Fd_set and Sigaction structures. Use these for printing the arguments
to sigaction(), nanosleep(), select(), poll(), gettimeofday(),
clock_gettime(), recvfrom(), getitimer() and setitimer().

This is based on Dan's patch from the PR but I've hacked it for
style and some other issues. While Dan has checked this patch, any
goofs are probably my fault.

(The PR also contains support for the dual return values of pipe().
These will follow once I've ported that support to platforms other
than i386.)

PR: 52190
Submitted by: Dan Nelson <dnelson@allantgroup.com>

Use pread to implement pread, rather than taking a detour throug stdio.

PR: 52190
Submitted by: Dan Nelson <dnelson@allantgroup.com>

decode mprotect args while i'm here.

decode fcntl and mmap arguments.

Fix a printf format warning.

Do not ignore any possible errors that fseeko() may have. The fact
is that fseeko() fails in very predictable and frequent ways on ia64.
This is because the offset is actually an address in the process'
address space, which on ia64 can be larger than long (for lseek) or
off_t (for fseeko). The crux is the signedness. The register stack
and memory stack are in region 4 on ia64. This means that the sign bit
is 1. The large positive virtual address is wrongly interpreted as
a negative file offset.

There's no quick fix. Even if you get around the API by using a
SEEK_SET up to LONG_MAX and follow it up with a SEEK_CUR for the
remainder, the kernel simply cannot deal with it. and the second
seek will just fail.

Therefore, this change does not actually fix the root cause. It just
makes sure we're not spitting out all kinds of garbage or that the
get_struct() function in particular does not cause truss(1) to exit.
This, I might add, invariably happened way too soon for truss(1) to
be of any use on ia64...

Port truss(1) to 64-bit architectures:
o Syscall return values do not fit in int on 64-bit architectures.
Change the type of retval in <arch>_syscall_exit() to long and
change the prototype of said function to return a long as well.
o Change the prototype of print_syscall_ret() to take a long for
the return address and change the format string accordingly.
o Replace the code sequence
tmp = malloc(X);
sprintf(tmp, format, ...);
with X by definition too small on 64-bit platforms by
asprintf(&tmp, format, ...);

With these changes the output makes sense again, although it does
mess up the tabulation on ia64. Go widescreen...

Not tested on: alpha, sparc64.

Fix truss so that it doesn't abort/exit when a syscall has been given
a NULL-pointer for a sockaddr argument.

send() and recv() are just wrappers, not actual syscalls.

Add recv(2), recvfrom(2), send(2) and sendfrom(2).

Decode a few more syscalls.

Check if name is NULL before we strcmp the syscall name. This was
sometimes triggered if you began trussing a process while it was
in a syscall, as the name is filled in when the syscall is made.

Don't depend on <signal.h> to include <sys/time.h>, instead include
<sys/time.h> directly. This is mostly bogus since CLOCK_REALTIME
should be defined in <time.h>, which these files already include.

Remove an unnecessary cast.

- Use time.h not sys/time.h.
- Fix printf format errors.

Submitted by: bde

Remove extra space in output.

Use timespec not timeval.

Add options to print the argument and environment string parameters to
execve().

This could be done in a more general manner but it still wouldn't
be very pretty.

MFC after: 3 weeks

Add options to print absolute and relative timestamps.

PR: bin/25587 (in part)
MFC after: 3 weeks

Allow tracking fork()ed children.

PR: bin/25587 (in part)
MFC after: 3 weeks

Parameterize globals.

PR: bin/25587 (in part)
MFC after: 3 weeks

Use fseeko and uintptr_t to make sure that we get a sensible offset
when trying to read from the stack.

PR: 37104
Submitted by: Thomas Quinot <thomas@cuivre.fr.eu.org>
MFC after: 3 weeks

Print open(2) flags in hex instread of decimal for clarity.

Partial WARNS=1 fizes with NO_WERROR set to prevent world breakage.
Use __FBSDID().

Add missing include for <ctype.h>

Make sockaddr printing code unbad.

Always copy in sizeof(sockaddr_un) bytes for an AF_UNIX sockaddr,
despite what the length may be.

Teach truss(1) to display sockaddrs. It currently knows about AF_INET,
AF_INET6 and AF_UNIX sockaddrs, and will recognize accept(), bind(),
connect(), getpeername() and getsockname() as syscalls taking sockaddr
arguments. Some enterprising soul might want to add (and test) support
for the send() / recv() family of syscalls as well.

MFC after: 1 week

In get_string(), 0-terminate the contents of buf ``just in case'';
otherwise, if the very first fgetc() already yielded EOF, the returned
string won't get terminated at all.

MFC after: 1 day

Change the output of truss to more closely resemble SysV's. (Yes, it
really is much nicer looking.)

Submitted by: "Matthew N. Dodd" <winter@jurai.net>

Fix a leak. (Thanks Bruce, this was a bonehead mistake on my part :).)

Submitted by: Bruce Evans

$Id$ -> $FreeBSD$

Teach truss to print symbolic signal names (e.g. SIGHUP instead of 0x01).

Add access(2) to the list of recognized syscalls.

Add lstat() as a known system call.

Fixed printf format errors.

Sort Xrefs. Use err(3). Remove uneeded #include.
Correct usage: one of {-p pid, command} is required.
Open output file when command line is fully analyzed: incorrect `truss -o f'
command does not create an empty file anymore.

Add some copyright and license terms, at Jordan's request. Note that
syscall.h just refers to another file for the copyright notice.

First cut at printing out ioctl names intelligently. Note that this doesn't
handle linux ioctls (yet?). This uses the mkioctl script from kdump,
bless its little heart.

Reviewed by: Mike Smith

Truss program. Requires procfs.