1/*- 2 * Copyright (c) 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30#ifndef lint 31static const char copyright[] = 32"@(#) Copyright (c) 1988, 1993\n\ 33 The Regents of the University of California. All rights reserved.\n"; 34#endif /* not lint */ 35 36#ifndef lint 37#if 0 38static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; 39#endif 40#endif /* not lint */ 41#include <sys/cdefs.h> 42__FBSDID("$FreeBSD: stable/10/usr.bin/kdump/kdump.c 311708 2017-01-09 00:09:19Z jhb $"); 43 44#define _WANT_KERNEL_ERRNO 45#include <sys/param.h> 46#include <sys/capsicum.h> 47#include <sys/errno.h> 48#define _KERNEL 49#include <sys/time.h> 50#undef _KERNEL 51#include <sys/uio.h> 52#include <sys/ktrace.h> 53#include <sys/ioctl.h> 54#include <sys/socket.h> 55#include <sys/stat.h> 56#include <sys/sysent.h> 57#include <sys/umtx.h> 58#include <sys/un.h> 59#include <sys/queue.h> 60#include <sys/wait.h> 61#ifdef IPX 62#include <sys/types.h> 63#include <netipx/ipx.h> 64#endif 65#ifdef NETATALK 66#include <netatalk/at.h> 67#endif 68#include <arpa/inet.h> 69#include <netinet/in.h> 70#include <ctype.h> 71#include <dlfcn.h> 72#include <err.h> 73#include <grp.h> 74#include <inttypes.h> 75#include <locale.h> 76#include <netdb.h> 77#include <nl_types.h> 78#include <pwd.h> 79#include <stddef.h> 80#include <stdio.h> 81#include <stdlib.h> 82#include <string.h> 83#include <termios.h> 84#include <time.h> 85#include <unistd.h> 86#include <vis.h> 87#include "ktrace.h" 88#include "kdump_subr.h" 89 90u_int abidump(struct ktr_header *); 91int fetchprocinfo(struct ktr_header *, u_int *); 92int fread_tail(void *, int, int); 93void dumpheader(struct ktr_header *); 94void ktrsyscall(struct ktr_syscall *, u_int); 95void ktrsysret(struct ktr_sysret *, u_int); 96void ktrnamei(char *, int); 97void hexdump(char *, int, int); 98void visdump(char *, int, int); 99void ktrgenio(struct ktr_genio *, int); 100void ktrpsig(struct ktr_psig *); 101void ktrcsw(struct ktr_csw *); 102void ktrcsw_old(struct ktr_csw_old *); 103void ktruser_malloc(void *); 104void ktruser_rtld(int, void *); 105void ktruser(int, void *); 106void ktrcaprights(cap_rights_t *); 107void ktritimerval(struct itimerval *it); 108void ktrsockaddr(struct sockaddr *); 109void ktrstat(struct stat *); 110void ktrstruct(char *, size_t); 111void ktrcapfail(struct ktr_cap_fail *); 112void ktrfault(struct ktr_fault *); 113void ktrfaultend(struct ktr_faultend *); 114void limitfd(int fd); 115void usage(void); 116void ioctlname(unsigned long, int); 117 118extern const char *signames[], *syscallnames[]; 119extern int nsyscalls; 120 121static int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, 122 resolv = 0, abiflag = 0, syscallno = 0; 123static const char *tracefile = DEF_TRACEFILE; 124static struct ktr_header ktr_header; 125 126#define TIME_FORMAT "%b %e %T %Y" 127#define eqs(s1, s2) (strcmp((s1), (s2)) == 0) 128 129#define print_number64(first,i,n,c) do { \ 130 uint64_t __v; \ 131 \ 132 if (quad_align && (((ptrdiff_t)((i) - (first))) & 1) == 1) { \ 133 (i)++; \ 134 (n)--; \ 135 } \ 136 if (quad_slots == 2) \ 137 __v = (uint64_t)(uint32_t)(i)[0] | \ 138 ((uint64_t)(uint32_t)(i)[1]) << 32; \ 139 else \ 140 __v = (uint64_t)*(i); \ 141 if (decimal) \ 142 printf("%c%jd", (c), (intmax_t)__v); \ 143 else \ 144 printf("%c%#jx", (c), (uintmax_t)__v); \ 145 (i) += quad_slots; \ 146 (n) -= quad_slots; \ 147 (c) = ','; \ 148} while (0) 149 150#define print_number(i,n,c) do { \ 151 if (decimal) \ 152 printf("%c%jd", c, (intmax_t)*i); \ 153 else \ 154 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ 155 i++; \ 156 n--; \ 157 c = ','; \ 158} while (0) 159 160#if defined(__amd64__) || defined(__i386__) 161 162void linux_ktrsyscall(struct ktr_syscall *, u_int); 163void linux_ktrsysret(struct ktr_sysret *, u_int); 164extern const char *linux_syscallnames[]; 165 166#include <linux_syscalls.c> 167 168/* 169 * from linux.h 170 * Linux syscalls return negative errno's, we do positive and map them 171 */ 172static int bsd_to_linux_errno[ELAST + 1] = { 173 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9, 174 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19, 175 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29, 176 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89, 177 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99, 178 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109, 179 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122, 180 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9, 181 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74, 182 -72, -67, -71 183}; 184#endif 185 186#if defined(__amd64__) 187extern const char *linux32_syscallnames[]; 188 189#include <linux32_syscalls.c> 190#endif 191 192struct proc_info 193{ 194 TAILQ_ENTRY(proc_info) info; 195 u_int sv_flags; 196 pid_t pid; 197}; 198 199static TAILQ_HEAD(trace_procs, proc_info) trace_procs; 200 201static void 202strerror_init(void) 203{ 204 205 /* 206 * Cache NLS data before entering capability mode. 207 * XXXPJD: There should be strerror_init() and strsignal_init() in libc. 208 */ 209 (void)catopen("libc", NL_CAT_LOCALE); 210} 211 212static void 213localtime_init(void) 214{ 215 time_t ltime; 216 217 /* 218 * Allow localtime(3) to cache /etc/localtime content before entering 219 * capability mode. 220 * XXXPJD: There should be localtime_init() in libc. 221 */ 222 (void)time(<ime); 223 (void)localtime(<ime); 224} 225 226int 227main(int argc, char *argv[]) 228{ 229 int ch, ktrlen, size; 230 void *m; 231 int trpoints = ALL_POINTS; 232 int drop_logged; 233 pid_t pid = 0; 234 u_int sv_flags; 235 236 setlocale(LC_CTYPE, ""); 237 238 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrSsTt:")) != -1) 239 switch (ch) { 240 case 'A': 241 abiflag = 1; 242 break; 243 case 'f': 244 tracefile = optarg; 245 break; 246 case 'd': 247 decimal = 1; 248 break; 249 case 'l': 250 tail = 1; 251 break; 252 case 'm': 253 maxdata = atoi(optarg); 254 break; 255 case 'n': 256 fancy = 0; 257 break; 258 case 'p': 259 pid = atoi(optarg); 260 break; 261 case 'r': 262 resolv = 1; 263 break; 264 case 'S': 265 syscallno = 1; 266 break; 267 case 's': 268 suppressdata = 1; 269 break; 270 case 'E': 271 timestamp = 3; /* elapsed timestamp */ 272 break; 273 case 'H': 274 threads = 1; 275 break; 276 case 'R': 277 timestamp = 2; /* relative timestamp */ 278 break; 279 case 'T': 280 timestamp = 1; 281 break; 282 case 't': 283 trpoints = getpoints(optarg); 284 if (trpoints < 0) 285 errx(1, "unknown trace point in %s", optarg); 286 break; 287 default: 288 usage(); 289 } 290 291 if (argc > optind) 292 usage(); 293 294 m = malloc(size = 1025); 295 if (m == NULL) 296 errx(1, "%s", strerror(ENOMEM)); 297 if (!freopen(tracefile, "r", stdin)) 298 err(1, "%s", tracefile); 299 300 strerror_init(); 301 localtime_init(); 302 303 if (resolv == 0) { 304 if (cap_enter() < 0 && errno != ENOSYS) 305 err(1, "unable to enter capability mode"); 306 } 307 limitfd(STDIN_FILENO); 308 limitfd(STDOUT_FILENO); 309 limitfd(STDERR_FILENO); 310 311 TAILQ_INIT(&trace_procs); 312 drop_logged = 0; 313 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { 314 if (ktr_header.ktr_type & KTR_DROP) { 315 ktr_header.ktr_type &= ~KTR_DROP; 316 if (!drop_logged && threads) { 317 printf( 318 "%6jd %6jd %-8.*s Events dropped.\n", 319 (intmax_t)ktr_header.ktr_pid, 320 ktr_header.ktr_tid > 0 ? 321 (intmax_t)ktr_header.ktr_tid : 0, 322 MAXCOMLEN, ktr_header.ktr_comm); 323 drop_logged = 1; 324 } else if (!drop_logged) { 325 printf("%6jd %-8.*s Events dropped.\n", 326 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, 327 ktr_header.ktr_comm); 328 drop_logged = 1; 329 } 330 } 331 if (trpoints & (1<<ktr_header.ktr_type)) 332 if (pid == 0 || ktr_header.ktr_pid == pid || 333 ktr_header.ktr_tid == pid) 334 dumpheader(&ktr_header); 335 if ((ktrlen = ktr_header.ktr_len) < 0) 336 errx(1, "bogus length 0x%x", ktrlen); 337 if (ktrlen > size) { 338 m = realloc(m, ktrlen+1); 339 if (m == NULL) 340 errx(1, "%s", strerror(ENOMEM)); 341 size = ktrlen; 342 } 343 if (ktrlen && fread_tail(m, ktrlen, 1) == 0) 344 errx(1, "data too short"); 345 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) 346 continue; 347 sv_flags = abidump(&ktr_header); 348 if (pid && ktr_header.ktr_pid != pid && 349 ktr_header.ktr_tid != pid) 350 continue; 351 if ((trpoints & (1<<ktr_header.ktr_type)) == 0) 352 continue; 353 drop_logged = 0; 354 switch (ktr_header.ktr_type) { 355 case KTR_SYSCALL: 356#if defined(__amd64__) || defined(__i386__) 357 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 358 linux_ktrsyscall((struct ktr_syscall *)m, 359 sv_flags); 360 else 361#endif 362 ktrsyscall((struct ktr_syscall *)m, sv_flags); 363 break; 364 case KTR_SYSRET: 365#if defined(__amd64__) || defined(__i386__) 366 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX) 367 linux_ktrsysret((struct ktr_sysret *)m, 368 sv_flags); 369 else 370#endif 371 ktrsysret((struct ktr_sysret *)m, sv_flags); 372 break; 373 case KTR_NAMEI: 374 case KTR_SYSCTL: 375 ktrnamei(m, ktrlen); 376 break; 377 case KTR_GENIO: 378 ktrgenio((struct ktr_genio *)m, ktrlen); 379 break; 380 case KTR_PSIG: 381 ktrpsig((struct ktr_psig *)m); 382 break; 383 case KTR_CSW: 384 if (ktrlen == sizeof(struct ktr_csw_old)) 385 ktrcsw_old((struct ktr_csw_old *)m); 386 else 387 ktrcsw((struct ktr_csw *)m); 388 break; 389 case KTR_USER: 390 ktruser(ktrlen, m); 391 break; 392 case KTR_STRUCT: 393 ktrstruct(m, ktrlen); 394 break; 395 case KTR_CAPFAIL: 396 ktrcapfail((struct ktr_cap_fail *)m); 397 break; 398 case KTR_FAULT: 399 ktrfault((struct ktr_fault *)m); 400 break; 401 case KTR_FAULTEND: 402 ktrfaultend((struct ktr_faultend *)m); 403 break; 404 default: 405 printf("\n"); 406 break; 407 } 408 if (tail) 409 fflush(stdout); 410 } 411 return 0; 412} 413 414void 415limitfd(int fd) 416{ 417 cap_rights_t rights; 418 unsigned long cmd; 419 420 cap_rights_init(&rights, CAP_FSTAT); 421 cmd = 0; 422 423 switch (fd) { 424 case STDIN_FILENO: 425 cap_rights_set(&rights, CAP_READ); 426 break; 427 case STDOUT_FILENO: 428 cap_rights_set(&rights, CAP_IOCTL, CAP_WRITE); 429 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */ 430 break; 431 case STDERR_FILENO: 432 cap_rights_set(&rights, CAP_WRITE); 433 if (!suppressdata) { 434 cap_rights_set(&rights, CAP_IOCTL); 435 cmd = TIOCGWINSZ; 436 } 437 break; 438 default: 439 abort(); 440 } 441 442 if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) 443 err(1, "unable to limit rights for descriptor %d", fd); 444 if (cmd != 0 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS) 445 err(1, "unable to limit ioctls for descriptor %d", fd); 446} 447 448int 449fread_tail(void *buf, int size, int num) 450{ 451 int i; 452 453 while ((i = fread(buf, size, num, stdin)) == 0 && tail) { 454 sleep(1); 455 clearerr(stdin); 456 } 457 return (i); 458} 459 460int 461fetchprocinfo(struct ktr_header *kth, u_int *flags) 462{ 463 struct proc_info *pi; 464 465 switch (kth->ktr_type) { 466 case KTR_PROCCTOR: 467 TAILQ_FOREACH(pi, &trace_procs, info) { 468 if (pi->pid == kth->ktr_pid) { 469 TAILQ_REMOVE(&trace_procs, pi, info); 470 break; 471 } 472 } 473 pi = malloc(sizeof(struct proc_info)); 474 if (pi == NULL) 475 errx(1, "%s", strerror(ENOMEM)); 476 pi->sv_flags = *flags; 477 pi->pid = kth->ktr_pid; 478 TAILQ_INSERT_TAIL(&trace_procs, pi, info); 479 return (1); 480 481 case KTR_PROCDTOR: 482 TAILQ_FOREACH(pi, &trace_procs, info) { 483 if (pi->pid == kth->ktr_pid) { 484 TAILQ_REMOVE(&trace_procs, pi, info); 485 free(pi); 486 break; 487 } 488 } 489 return (1); 490 } 491 492 return (0); 493} 494 495u_int 496abidump(struct ktr_header *kth) 497{ 498 struct proc_info *pi; 499 const char *abi; 500 const char *arch; 501 u_int flags = 0; 502 503 TAILQ_FOREACH(pi, &trace_procs, info) { 504 if (pi->pid == kth->ktr_pid) { 505 flags = pi->sv_flags; 506 break; 507 } 508 } 509 510 if (abiflag == 0) 511 return (flags); 512 513 switch (flags & SV_ABI_MASK) { 514 case SV_ABI_LINUX: 515 abi = "L"; 516 break; 517 case SV_ABI_FREEBSD: 518 abi = "F"; 519 break; 520 default: 521 abi = "U"; 522 break; 523 } 524 525 if (flags != 0) { 526 if (flags & SV_LP64) 527 arch = "64"; 528 else 529 arch = "32"; 530 } else 531 arch = "00"; 532 533 printf("%s%s ", abi, arch); 534 535 return (flags); 536} 537 538void 539dumpheader(struct ktr_header *kth) 540{ 541 static char unknown[64]; 542 static struct timeval prevtime, temp; 543 const char *type; 544 545 switch (kth->ktr_type) { 546 case KTR_SYSCALL: 547 type = "CALL"; 548 break; 549 case KTR_SYSRET: 550 type = "RET "; 551 break; 552 case KTR_NAMEI: 553 type = "NAMI"; 554 break; 555 case KTR_GENIO: 556 type = "GIO "; 557 break; 558 case KTR_PSIG: 559 type = "PSIG"; 560 break; 561 case KTR_CSW: 562 type = "CSW "; 563 break; 564 case KTR_USER: 565 type = "USER"; 566 break; 567 case KTR_STRUCT: 568 type = "STRU"; 569 break; 570 case KTR_SYSCTL: 571 type = "SCTL"; 572 break; 573 case KTR_PROCCTOR: 574 /* FALLTHROUGH */ 575 case KTR_PROCDTOR: 576 return; 577 case KTR_CAPFAIL: 578 type = "CAP "; 579 break; 580 case KTR_FAULT: 581 type = "PFLT"; 582 break; 583 case KTR_FAULTEND: 584 type = "PRET"; 585 break; 586 default: 587 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); 588 type = unknown; 589 } 590 591 /* 592 * The ktr_tid field was previously the ktr_buffer field, which held 593 * the kernel pointer value for the buffer associated with data 594 * following the record header. It now holds a threadid, but only 595 * for trace files after the change. Older trace files still contain 596 * kernel pointers. Detect this and suppress the results by printing 597 * negative tid's as 0. 598 */ 599 if (threads) 600 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, 601 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, 602 MAXCOMLEN, kth->ktr_comm); 603 else 604 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, 605 kth->ktr_comm); 606 if (timestamp) { 607 if (timestamp == 3) { 608 if (prevtime.tv_sec == 0) 609 prevtime = kth->ktr_time; 610 timevalsub(&kth->ktr_time, &prevtime); 611 } 612 if (timestamp == 2) { 613 temp = kth->ktr_time; 614 timevalsub(&kth->ktr_time, &prevtime); 615 prevtime = temp; 616 } 617 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, 618 kth->ktr_time.tv_usec); 619 } 620 printf("%s ", type); 621} 622 623#include <sys/syscall.h> 624#define KTRACE 625#include <sys/kern/syscalls.c> 626#undef KTRACE 627int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]); 628 629void 630ktrsyscall(struct ktr_syscall *ktr, u_int flags) 631{ 632 int narg = ktr->ktr_narg; 633 register_t *ip, *first; 634 intmax_t arg; 635 int quad_align, quad_slots; 636 637 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 638 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0)) 639 printf("[%d]", ktr->ktr_code); 640 else { 641 printf("%s", syscallnames[ktr->ktr_code]); 642 if (syscallno) 643 printf("[%d]", ktr->ktr_code); 644 } 645 ip = first = &ktr->ktr_args[0]; 646 if (narg) { 647 char c = '('; 648 if (fancy && 649 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { 650 quad_align = 0; 651 if (flags & SV_ILP32) { 652#ifdef __powerpc__ 653 quad_align = 1; 654#endif 655 quad_slots = 2; 656 } else 657 quad_slots = 1; 658 switch (ktr->ktr_code) { 659 case SYS_bindat: 660 case SYS_connectat: 661 case SYS_faccessat: 662 case SYS_fchmodat: 663 case SYS_fchownat: 664 case SYS_fstatat: 665 case SYS_futimesat: 666 case SYS_linkat: 667 case SYS_mkdirat: 668 case SYS_mkfifoat: 669 case SYS_mknodat: 670 case SYS_openat: 671 case SYS_readlinkat: 672 case SYS_renameat: 673 case SYS_unlinkat: 674 case SYS_utimensat: 675 putchar('('); 676 atfdname(*ip, decimal); 677 c = ','; 678 ip++; 679 narg--; 680 break; 681 } 682 switch (ktr->ktr_code) { 683 case SYS_ioctl: { 684 print_number(ip, narg, c); 685 putchar(c); 686 ioctlname(*ip, decimal); 687 c = ','; 688 ip++; 689 narg--; 690 break; 691 } 692 case SYS_ptrace: 693 putchar('('); 694 ptraceopname(*ip); 695 c = ','; 696 ip++; 697 narg--; 698 break; 699 case SYS_access: 700 case SYS_eaccess: 701 case SYS_faccessat: 702 print_number(ip, narg, c); 703 putchar(','); 704 accessmodename(*ip); 705 ip++; 706 narg--; 707 break; 708 case SYS_open: 709 case SYS_openat: 710 print_number(ip, narg, c); 711 putchar(','); 712 flagsandmodename(ip[0], ip[1], decimal); 713 ip += 2; 714 narg -= 2; 715 break; 716 case SYS_wait4: 717 print_number(ip, narg, c); 718 print_number(ip, narg, c); 719 /* 720 * A flags value of zero is valid for 721 * wait4() but not for wait6(), so 722 * handle zero special here. 723 */ 724 if (*ip == 0) { 725 print_number(ip, narg, c); 726 } else { 727 putchar(','); 728 wait6optname(*ip); 729 ip++; 730 narg--; 731 } 732 break; 733 case SYS_wait6: 734 putchar('('); 735 idtypename(*ip, decimal); 736 c = ','; 737 ip++; 738 narg--; 739 print_number64(first, ip, narg, c); 740 print_number(ip, narg, c); 741 putchar(','); 742 wait6optname(*ip); 743 ip++; 744 narg--; 745 break; 746 case SYS_chmod: 747 case SYS_fchmod: 748 case SYS_lchmod: 749 print_number(ip, narg, c); 750 putchar(','); 751 modename(*ip); 752 ip++; 753 narg--; 754 break; 755 case SYS_mknod: 756 case SYS_mknodat: 757 print_number(ip, narg, c); 758 putchar(','); 759 modename(*ip); 760 ip++; 761 narg--; 762 break; 763 case SYS_getfsstat: 764 print_number(ip, narg, c); 765 print_number(ip, narg, c); 766 putchar(','); 767 getfsstatflagsname(*ip); 768 ip++; 769 narg--; 770 break; 771 case SYS_mount: 772 print_number(ip, narg, c); 773 print_number(ip, narg, c); 774 putchar(','); 775 mountflagsname(*ip); 776 ip++; 777 narg--; 778 break; 779 case SYS_unmount: 780 print_number(ip, narg, c); 781 putchar(','); 782 mountflagsname(*ip); 783 ip++; 784 narg--; 785 break; 786 case SYS_recvmsg: 787 case SYS_sendmsg: 788 print_number(ip, narg, c); 789 print_number(ip, narg, c); 790 putchar(','); 791 sendrecvflagsname(*ip); 792 ip++; 793 narg--; 794 break; 795 case SYS_recvfrom: 796 case SYS_sendto: 797 print_number(ip, narg, c); 798 print_number(ip, narg, c); 799 print_number(ip, narg, c); 800 putchar(','); 801 sendrecvflagsname(*ip); 802 ip++; 803 narg--; 804 break; 805 case SYS_chflags: 806 case SYS_fchflags: 807 case SYS_lchflags: 808 print_number(ip, narg, c); 809 putchar(','); 810 modename(*ip); 811 ip++; 812 narg--; 813 break; 814 case SYS_kill: 815 print_number(ip, narg, c); 816 putchar(','); 817 signame(*ip); 818 ip++; 819 narg--; 820 break; 821 case SYS_reboot: 822 putchar('('); 823 rebootoptname(*ip); 824 ip++; 825 narg--; 826 break; 827 case SYS_umask: 828 putchar('('); 829 modename(*ip); 830 ip++; 831 narg--; 832 break; 833 case SYS_msync: 834 print_number(ip, narg, c); 835 print_number(ip, narg, c); 836 putchar(','); 837 msyncflagsname(*ip); 838 ip++; 839 narg--; 840 break; 841#ifdef SYS_freebsd6_mmap 842 case SYS_freebsd6_mmap: 843 print_number(ip, narg, c); 844 print_number(ip, narg, c); 845 putchar(','); 846 mmapprotname(*ip); 847 putchar(','); 848 ip++; 849 narg--; 850 mmapflagsname(*ip); 851 ip++; 852 narg--; 853 break; 854#endif 855 case SYS_mmap: 856 print_number(ip, narg, c); 857 print_number(ip, narg, c); 858 putchar(','); 859 mmapprotname(*ip); 860 putchar(','); 861 ip++; 862 narg--; 863 mmapflagsname(*ip); 864 ip++; 865 narg--; 866 break; 867 case SYS_mprotect: 868 print_number(ip, narg, c); 869 print_number(ip, narg, c); 870 putchar(','); 871 mmapprotname(*ip); 872 ip++; 873 narg--; 874 break; 875 case SYS_madvise: 876 print_number(ip, narg, c); 877 print_number(ip, narg, c); 878 putchar(','); 879 madvisebehavname(*ip); 880 ip++; 881 narg--; 882 break; 883 case SYS_setpriority: 884 print_number(ip, narg, c); 885 print_number(ip, narg, c); 886 putchar(','); 887 prioname(*ip); 888 ip++; 889 narg--; 890 break; 891 case SYS_fcntl: 892 print_number(ip, narg, c); 893 putchar(','); 894 fcntlcmdname(ip[0], ip[1], decimal); 895 ip += 2; 896 narg -= 2; 897 break; 898 case SYS_socket: { 899 int sockdomain; 900 putchar('('); 901 sockdomain = *ip; 902 sockdomainname(sockdomain); 903 ip++; 904 narg--; 905 putchar(','); 906 socktypenamewithflags(*ip); 907 ip++; 908 narg--; 909 if (sockdomain == PF_INET || 910 sockdomain == PF_INET6) { 911 putchar(','); 912 sockipprotoname(*ip); 913 ip++; 914 narg--; 915 } 916 c = ','; 917 break; 918 } 919 case SYS_setsockopt: 920 case SYS_getsockopt: 921 print_number(ip, narg, c); 922 putchar(','); 923 sockoptlevelname(*ip, decimal); 924 if (*ip == SOL_SOCKET) { 925 ip++; 926 narg--; 927 putchar(','); 928 sockoptname(*ip); 929 } 930 ip++; 931 narg--; 932 break; 933#ifdef SYS_freebsd6_lseek 934 case SYS_freebsd6_lseek: 935 print_number(ip, narg, c); 936 /* Hidden 'pad' argument, not in lseek(2) */ 937 print_number(ip, narg, c); 938 print_number64(first, ip, narg, c); 939 putchar(','); 940 whencename(*ip); 941 ip++; 942 narg--; 943 break; 944#endif 945 case SYS_lseek: 946 print_number(ip, narg, c); 947 print_number64(first, ip, narg, c); 948 putchar(','); 949 whencename(*ip); 950 ip++; 951 narg--; 952 break; 953 case SYS_flock: 954 print_number(ip, narg, c); 955 putchar(','); 956 flockname(*ip); 957 ip++; 958 narg--; 959 break; 960 case SYS_mkfifo: 961 case SYS_mkfifoat: 962 case SYS_mkdir: 963 case SYS_mkdirat: 964 print_number(ip, narg, c); 965 putchar(','); 966 modename(*ip); 967 ip++; 968 narg--; 969 break; 970 case SYS_shutdown: 971 print_number(ip, narg, c); 972 putchar(','); 973 shutdownhowname(*ip); 974 ip++; 975 narg--; 976 break; 977 case SYS_socketpair: 978 putchar('('); 979 sockdomainname(*ip); 980 ip++; 981 narg--; 982 putchar(','); 983 socktypenamewithflags(*ip); 984 ip++; 985 narg--; 986 c = ','; 987 break; 988 case SYS_getrlimit: 989 case SYS_setrlimit: 990 putchar('('); 991 rlimitname(*ip); 992 ip++; 993 narg--; 994 c = ','; 995 break; 996 case SYS_quotactl: 997 print_number(ip, narg, c); 998 putchar(','); 999 quotactlname(*ip); 1000 ip++; 1001 narg--; 1002 c = ','; 1003 break; 1004 case SYS_nfssvc: 1005 putchar('('); 1006 nfssvcname(*ip); 1007 ip++; 1008 narg--; 1009 c = ','; 1010 break; 1011 case SYS_rtprio: 1012 putchar('('); 1013 rtprioname(*ip); 1014 ip++; 1015 narg--; 1016 c = ','; 1017 break; 1018 case SYS___semctl: 1019 print_number(ip, narg, c); 1020 print_number(ip, narg, c); 1021 putchar(','); 1022 semctlname(*ip); 1023 ip++; 1024 narg--; 1025 break; 1026 case SYS_semget: 1027 print_number(ip, narg, c); 1028 print_number(ip, narg, c); 1029 putchar(','); 1030 semgetname(*ip); 1031 ip++; 1032 narg--; 1033 break; 1034 case SYS_msgctl: 1035 print_number(ip, narg, c); 1036 putchar(','); 1037 shmctlname(*ip); 1038 ip++; 1039 narg--; 1040 break; 1041 case SYS_shmat: 1042 print_number(ip, narg, c); 1043 print_number(ip, narg, c); 1044 putchar(','); 1045 shmatname(*ip); 1046 ip++; 1047 narg--; 1048 break; 1049 case SYS_shmctl: 1050 print_number(ip, narg, c); 1051 putchar(','); 1052 shmctlname(*ip); 1053 ip++; 1054 narg--; 1055 break; 1056 case SYS_shm_open: 1057 print_number(ip, narg, c); 1058 putchar(','); 1059 flagsname(ip[0]); 1060 printf(",0%o", (unsigned int)ip[1]); 1061 ip += 3; 1062 narg -= 3; 1063 break; 1064 case SYS_minherit: 1065 print_number(ip, narg, c); 1066 print_number(ip, narg, c); 1067 putchar(','); 1068 minheritname(*ip); 1069 ip++; 1070 narg--; 1071 break; 1072 case SYS_rfork: 1073 putchar('('); 1074 rforkname(*ip); 1075 ip++; 1076 narg--; 1077 c = ','; 1078 break; 1079 case SYS_lio_listio: 1080 putchar('('); 1081 lio_listioname(*ip); 1082 ip++; 1083 narg--; 1084 c = ','; 1085 break; 1086 case SYS_mlockall: 1087 putchar('('); 1088 mlockallname(*ip); 1089 ip++; 1090 narg--; 1091 break; 1092 case SYS_sched_setscheduler: 1093 print_number(ip, narg, c); 1094 putchar(','); 1095 schedpolicyname(*ip); 1096 ip++; 1097 narg--; 1098 break; 1099 case SYS_sched_get_priority_max: 1100 case SYS_sched_get_priority_min: 1101 putchar('('); 1102 schedpolicyname(*ip); 1103 ip++; 1104 narg--; 1105 break; 1106 case SYS_sendfile: 1107 print_number(ip, narg, c); 1108 print_number(ip, narg, c); 1109 print_number(ip, narg, c); 1110 print_number(ip, narg, c); 1111 print_number(ip, narg, c); 1112 print_number(ip, narg, c); 1113 putchar(','); 1114 sendfileflagsname(*(int *)ip); 1115 ip++; 1116 narg--; 1117 break; 1118 case SYS_kldsym: 1119 print_number(ip, narg, c); 1120 putchar(','); 1121 kldsymcmdname(*ip); 1122 ip++; 1123 narg--; 1124 break; 1125 case SYS_sigprocmask: 1126 putchar('('); 1127 sigprocmaskhowname(*ip); 1128 ip++; 1129 narg--; 1130 c = ','; 1131 break; 1132 case SYS___acl_get_file: 1133 case SYS___acl_set_file: 1134 case SYS___acl_get_fd: 1135 case SYS___acl_set_fd: 1136 case SYS___acl_delete_file: 1137 case SYS___acl_delete_fd: 1138 case SYS___acl_aclcheck_file: 1139 case SYS___acl_aclcheck_fd: 1140 case SYS___acl_get_link: 1141 case SYS___acl_set_link: 1142 case SYS___acl_delete_link: 1143 case SYS___acl_aclcheck_link: 1144 print_number(ip, narg, c); 1145 putchar(','); 1146 acltypename(*ip); 1147 ip++; 1148 narg--; 1149 break; 1150 case SYS_sigaction: 1151 putchar('('); 1152 signame(*ip); 1153 ip++; 1154 narg--; 1155 c = ','; 1156 break; 1157 case SYS_extattrctl: 1158 print_number(ip, narg, c); 1159 putchar(','); 1160 extattrctlname(*ip); 1161 ip++; 1162 narg--; 1163 break; 1164 case SYS_nmount: 1165 print_number(ip, narg, c); 1166 print_number(ip, narg, c); 1167 putchar(','); 1168 mountflagsname(*ip); 1169 ip++; 1170 narg--; 1171 break; 1172 case SYS_thr_create: 1173 print_number(ip, narg, c); 1174 print_number(ip, narg, c); 1175 putchar(','); 1176 thrcreateflagsname(*ip); 1177 ip++; 1178 narg--; 1179 break; 1180 case SYS_thr_kill: 1181 print_number(ip, narg, c); 1182 putchar(','); 1183 signame(*ip); 1184 ip++; 1185 narg--; 1186 break; 1187 case SYS_kldunloadf: 1188 print_number(ip, narg, c); 1189 putchar(','); 1190 kldunloadfflagsname(*ip); 1191 ip++; 1192 narg--; 1193 break; 1194 case SYS_linkat: 1195 case SYS_renameat: 1196 case SYS_symlinkat: 1197 print_number(ip, narg, c); 1198 putchar(','); 1199 atfdname(*ip, decimal); 1200 ip++; 1201 narg--; 1202 break; 1203 case SYS_cap_fcntls_limit: 1204 print_number(ip, narg, c); 1205 putchar(','); 1206 arg = *ip; 1207 ip++; 1208 narg--; 1209 capfcntlname(arg); 1210 break; 1211 case SYS_posix_fadvise: 1212 print_number(ip, narg, c); 1213 print_number(ip, narg, c); 1214 print_number(ip, narg, c); 1215 (void)putchar(','); 1216 fadvisebehavname((int)*ip); 1217 ip++; 1218 narg--; 1219 break; 1220 case SYS_procctl: 1221 putchar('('); 1222 idtypename(*ip, decimal); 1223 c = ','; 1224 ip++; 1225 narg--; 1226 print_number64(first, ip, narg, c); 1227 putchar(','); 1228 procctlcmdname(*ip); 1229 ip++; 1230 narg--; 1231 break; 1232 case SYS__umtx_op: 1233 print_number(ip, narg, c); 1234 putchar(','); 1235 umtxopname(*ip); 1236 switch (*ip) { 1237 case UMTX_OP_CV_WAIT: 1238 ip++; 1239 narg--; 1240 putchar(','); 1241 umtxcvwaitflags(*ip); 1242 break; 1243 case UMTX_OP_RW_RDLOCK: 1244 ip++; 1245 narg--; 1246 putchar(','); 1247 umtxrwlockflags(*ip); 1248 break; 1249 } 1250 ip++; 1251 narg--; 1252 break; 1253 case SYS_ftruncate: 1254 case SYS_truncate: 1255 print_number(ip, narg, c); 1256 print_number64(first, ip, narg, c); 1257 break; 1258 } 1259 } 1260 while (narg > 0) { 1261 print_number(ip, narg, c); 1262 } 1263 putchar(')'); 1264 } 1265 putchar('\n'); 1266} 1267 1268void 1269ktrsysret(struct ktr_sysret *ktr, u_int flags) 1270{ 1271 register_t ret = ktr->ktr_retval; 1272 int error = ktr->ktr_error; 1273 int code = ktr->ktr_code; 1274 1275 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) || 1276 (code >= nsyscalls || code < 0)) 1277 printf("[%d] ", code); 1278 else { 1279 printf("%s", syscallnames[code]); 1280 if (syscallno) 1281 printf("[%d]", code); 1282 printf(" "); 1283 } 1284 1285 if (error == 0) { 1286 if (fancy) { 1287 printf("%ld", (long)ret); 1288 if (ret < 0 || ret > 9) 1289 printf("/%#lx", (unsigned long)ret); 1290 } else { 1291 if (decimal) 1292 printf("%ld", (long)ret); 1293 else 1294 printf("%#lx", (unsigned long)ret); 1295 } 1296 } else if (error == ERESTART) 1297 printf("RESTART"); 1298 else if (error == EJUSTRETURN) 1299 printf("JUSTRETURN"); 1300 else { 1301 printf("-1 errno %d", ktr->ktr_error); 1302 if (fancy) 1303 printf(" %s", strerror(ktr->ktr_error)); 1304 } 1305 putchar('\n'); 1306} 1307 1308void 1309ktrnamei(char *cp, int len) 1310{ 1311 printf("\"%.*s\"\n", len, cp); 1312} 1313 1314void 1315hexdump(char *p, int len, int screenwidth) 1316{ 1317 int n, i; 1318 int width; 1319 1320 width = 0; 1321 do { 1322 width += 2; 1323 i = 13; /* base offset */ 1324 i += (width / 2) + 1; /* spaces every second byte */ 1325 i += (width * 2); /* width of bytes */ 1326 i += 3; /* " |" */ 1327 i += width; /* each byte */ 1328 i += 1; /* "|" */ 1329 } while (i < screenwidth); 1330 width -= 2; 1331 1332 for (n = 0; n < len; n += width) { 1333 for (i = n; i < n + width; i++) { 1334 if ((i % width) == 0) { /* beginning of line */ 1335 printf(" 0x%04x", i); 1336 } 1337 if ((i % 2) == 0) { 1338 printf(" "); 1339 } 1340 if (i < len) 1341 printf("%02x", p[i] & 0xff); 1342 else 1343 printf(" "); 1344 } 1345 printf(" |"); 1346 for (i = n; i < n + width; i++) { 1347 if (i >= len) 1348 break; 1349 if (p[i] >= ' ' && p[i] <= '~') 1350 printf("%c", p[i]); 1351 else 1352 printf("."); 1353 } 1354 printf("|\n"); 1355 } 1356 if ((i % width) != 0) 1357 printf("\n"); 1358} 1359 1360void 1361visdump(char *dp, int datalen, int screenwidth) 1362{ 1363 int col = 0; 1364 char *cp; 1365 int width; 1366 char visbuf[5]; 1367 1368 printf(" \""); 1369 col = 8; 1370 for (;datalen > 0; datalen--, dp++) { 1371 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); 1372 cp = visbuf; 1373 /* 1374 * Keep track of printables and 1375 * space chars (like fold(1)). 1376 */ 1377 if (col == 0) { 1378 putchar('\t'); 1379 col = 8; 1380 } 1381 switch(*cp) { 1382 case '\n': 1383 col = 0; 1384 putchar('\n'); 1385 continue; 1386 case '\t': 1387 width = 8 - (col&07); 1388 break; 1389 default: 1390 width = strlen(cp); 1391 } 1392 if (col + width > (screenwidth-2)) { 1393 printf("\\\n\t"); 1394 col = 8; 1395 } 1396 col += width; 1397 do { 1398 putchar(*cp++); 1399 } while (*cp); 1400 } 1401 if (col == 0) 1402 printf(" "); 1403 printf("\"\n"); 1404} 1405 1406void 1407ktrgenio(struct ktr_genio *ktr, int len) 1408{ 1409 int datalen = len - sizeof (struct ktr_genio); 1410 char *dp = (char *)ktr + sizeof (struct ktr_genio); 1411 static int screenwidth = 0; 1412 int i, binary; 1413 1414 printf("fd %d %s %d byte%s\n", ktr->ktr_fd, 1415 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, 1416 datalen == 1 ? "" : "s"); 1417 if (suppressdata) 1418 return; 1419 if (screenwidth == 0) { 1420 struct winsize ws; 1421 1422 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 1423 ws.ws_col > 8) 1424 screenwidth = ws.ws_col; 1425 else 1426 screenwidth = 80; 1427 } 1428 if (maxdata && datalen > maxdata) 1429 datalen = maxdata; 1430 1431 for (i = 0, binary = 0; i < datalen && binary == 0; i++) { 1432 if (dp[i] >= 32 && dp[i] < 127) 1433 continue; 1434 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) 1435 continue; 1436 binary = 1; 1437 } 1438 if (binary) 1439 hexdump(dp, datalen, screenwidth); 1440 else 1441 visdump(dp, datalen, screenwidth); 1442} 1443 1444const char *signames[] = { 1445 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ 1446 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ 1447 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ 1448 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ 1449 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ 1450 "USR2", NULL, /* 31 - 32 */ 1451}; 1452 1453void 1454ktrpsig(struct ktr_psig *psig) 1455{ 1456 if (psig->signo > 0 && psig->signo < NSIG) 1457 printf("SIG%s ", signames[psig->signo]); 1458 else 1459 printf("SIG %d ", psig->signo); 1460 if (psig->action == SIG_DFL) { 1461 printf("SIG_DFL code="); 1462 sigcodename(psig->signo, psig->code); 1463 putchar('\n'); 1464 } else { 1465 printf("caught handler=0x%lx mask=0x%x code=", 1466 (u_long)psig->action, psig->mask.__bits[0]); 1467 sigcodename(psig->signo, psig->code); 1468 putchar('\n'); 1469 } 1470} 1471 1472void 1473ktrcsw_old(struct ktr_csw_old *cs) 1474{ 1475 printf("%s %s\n", cs->out ? "stop" : "resume", 1476 cs->user ? "user" : "kernel"); 1477} 1478 1479void 1480ktrcsw(struct ktr_csw *cs) 1481{ 1482 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", 1483 cs->user ? "user" : "kernel", cs->wmesg); 1484} 1485 1486#define UTRACE_DLOPEN_START 1 1487#define UTRACE_DLOPEN_STOP 2 1488#define UTRACE_DLCLOSE_START 3 1489#define UTRACE_DLCLOSE_STOP 4 1490#define UTRACE_LOAD_OBJECT 5 1491#define UTRACE_UNLOAD_OBJECT 6 1492#define UTRACE_ADD_RUNDEP 7 1493#define UTRACE_PRELOAD_FINISHED 8 1494#define UTRACE_INIT_CALL 9 1495#define UTRACE_FINI_CALL 10 1496#define UTRACE_DLSYM_START 11 1497#define UTRACE_DLSYM_STOP 12 1498 1499struct utrace_rtld { 1500 char sig[4]; /* 'RTLD' */ 1501 int event; 1502 void *handle; 1503 void *mapbase; 1504 size_t mapsize; 1505 int refcnt; 1506 char name[MAXPATHLEN]; 1507}; 1508 1509void 1510ktruser_rtld(int len, void *p) 1511{ 1512 struct utrace_rtld *ut = p; 1513 unsigned char *cp; 1514 void *parent; 1515 int mode; 1516 1517 switch (ut->event) { 1518 case UTRACE_DLOPEN_START: 1519 mode = ut->refcnt; 1520 printf("dlopen(%s, ", ut->name); 1521 switch (mode & RTLD_MODEMASK) { 1522 case RTLD_NOW: 1523 printf("RTLD_NOW"); 1524 break; 1525 case RTLD_LAZY: 1526 printf("RTLD_LAZY"); 1527 break; 1528 default: 1529 printf("%#x", mode & RTLD_MODEMASK); 1530 } 1531 if (mode & RTLD_GLOBAL) 1532 printf(" | RTLD_GLOBAL"); 1533 if (mode & RTLD_TRACE) 1534 printf(" | RTLD_TRACE"); 1535 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)) 1536 printf(" | %#x", mode & 1537 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE)); 1538 printf(")\n"); 1539 break; 1540 case UTRACE_DLOPEN_STOP: 1541 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name, 1542 ut->refcnt); 1543 break; 1544 case UTRACE_DLCLOSE_START: 1545 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name, 1546 ut->refcnt); 1547 break; 1548 case UTRACE_DLCLOSE_STOP: 1549 printf("dlclose(%p) finished\n", ut->handle); 1550 break; 1551 case UTRACE_LOAD_OBJECT: 1552 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle, 1553 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1554 ut->name); 1555 break; 1556 case UTRACE_UNLOAD_OBJECT: 1557 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle, 1558 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1, 1559 ut->name); 1560 break; 1561 case UTRACE_ADD_RUNDEP: 1562 parent = ut->mapbase; 1563 printf("RTLD: %p now depends on %p (%s, %d)\n", parent, 1564 ut->handle, ut->name, ut->refcnt); 1565 break; 1566 case UTRACE_PRELOAD_FINISHED: 1567 printf("RTLD: LD_PRELOAD finished\n"); 1568 break; 1569 case UTRACE_INIT_CALL: 1570 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle, 1571 ut->name); 1572 break; 1573 case UTRACE_FINI_CALL: 1574 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle, 1575 ut->name); 1576 break; 1577 case UTRACE_DLSYM_START: 1578 printf("RTLD: dlsym(%p, %s)\n", ut->handle, ut->name); 1579 break; 1580 case UTRACE_DLSYM_STOP: 1581 printf("RTLD: %p = dlsym(%p, %s)\n", ut->mapbase, ut->handle, 1582 ut->name); 1583 break; 1584 default: 1585 cp = p; 1586 cp += 4; 1587 len -= 4; 1588 printf("RTLD: %d ", len); 1589 while (len--) 1590 if (decimal) 1591 printf(" %d", *cp++); 1592 else 1593 printf(" %02x", *cp++); 1594 printf("\n"); 1595 } 1596} 1597 1598struct utrace_malloc { 1599 void *p; 1600 size_t s; 1601 void *r; 1602}; 1603 1604void 1605ktruser_malloc(void *p) 1606{ 1607 struct utrace_malloc *ut = p; 1608 1609 if (ut->p == (void *)(intptr_t)(-1)) 1610 printf("malloc_init()\n"); 1611 else if (ut->s == 0) 1612 printf("free(%p)\n", ut->p); 1613 else if (ut->p == NULL) 1614 printf("%p = malloc(%zu)\n", ut->r, ut->s); 1615 else 1616 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s); 1617} 1618 1619void 1620ktruser(int len, void *p) 1621{ 1622 unsigned char *cp; 1623 1624 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) { 1625 ktruser_rtld(len, p); 1626 return; 1627 } 1628 1629 if (len == sizeof(struct utrace_malloc)) { 1630 ktruser_malloc(p); 1631 return; 1632 } 1633 1634 printf("%d ", len); 1635 cp = p; 1636 while (len--) 1637 if (decimal) 1638 printf(" %d", *cp++); 1639 else 1640 printf(" %02x", *cp++); 1641 printf("\n"); 1642} 1643 1644void 1645ktrcaprights(cap_rights_t *rightsp) 1646{ 1647 1648 printf("cap_rights_t "); 1649 capname(rightsp); 1650 printf("\n"); 1651} 1652 1653static void 1654ktrtimeval(struct timeval *tv) 1655{ 1656 1657 printf("{%ld, %ld}", (long)tv->tv_sec, tv->tv_usec); 1658} 1659 1660void 1661ktritimerval(struct itimerval *it) 1662{ 1663 1664 printf("itimerval { .interval = "); 1665 ktrtimeval(&it->it_interval); 1666 printf(", .value = "); 1667 ktrtimeval(&it->it_value); 1668 printf(" }\n"); 1669} 1670 1671void 1672ktrsockaddr(struct sockaddr *sa) 1673{ 1674/* 1675 TODO: Support additional address families 1676 #include <netnatm/natm.h> 1677 struct sockaddr_natm *natm; 1678 #include <netsmb/netbios.h> 1679 struct sockaddr_nb *nb; 1680*/ 1681 char addr[64]; 1682 1683 /* 1684 * note: ktrstruct() has already verified that sa points to a 1685 * buffer at least sizeof(struct sockaddr) bytes long and exactly 1686 * sa->sa_len bytes long. 1687 */ 1688 printf("struct sockaddr { "); 1689 sockfamilyname(sa->sa_family); 1690 printf(", "); 1691 1692#define check_sockaddr_len(n) \ 1693 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ 1694 printf("invalid"); \ 1695 break; \ 1696 } 1697 1698 switch(sa->sa_family) { 1699 case AF_INET: { 1700 struct sockaddr_in sa_in; 1701 1702 memset(&sa_in, 0, sizeof(sa_in)); 1703 memcpy(&sa_in, sa, sa->sa_len); 1704 check_sockaddr_len(in); 1705 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); 1706 printf("%s:%u", addr, ntohs(sa_in.sin_port)); 1707 break; 1708 } 1709#ifdef NETATALK 1710 case AF_APPLETALK: { 1711 struct sockaddr_at sa_at; 1712 struct netrange *nr; 1713 1714 memset(&sa_at, 0, sizeof(sa_at)); 1715 memcpy(&sa_at, sa, sa->sa_len); 1716 check_sockaddr_len(at); 1717 nr = &sa_at.sat_range.r_netrange; 1718 printf("%d.%d, %d-%d, %d", ntohs(sa_at.sat_addr.s_net), 1719 sa_at.sat_addr.s_node, ntohs(nr->nr_firstnet), 1720 ntohs(nr->nr_lastnet), nr->nr_phase); 1721 break; 1722 } 1723#endif 1724 case AF_INET6: { 1725 struct sockaddr_in6 sa_in6; 1726 1727 memset(&sa_in6, 0, sizeof(sa_in6)); 1728 memcpy(&sa_in6, sa, sa->sa_len); 1729 check_sockaddr_len(in6); 1730 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), 1731 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); 1732 printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); 1733 break; 1734 } 1735#ifdef IPX 1736 case AF_IPX: { 1737 struct sockaddr_ipx sa_ipx; 1738 1739 memset(&sa_ipx, 0, sizeof(sa_ipx)); 1740 memcpy(&sa_ipx, sa, sa->sa_len); 1741 check_sockaddr_len(ipx); 1742 /* XXX wish we had ipx_ntop */ 1743 printf("%s", ipx_ntoa(sa_ipx.sipx_addr)); 1744 free(sa_ipx); 1745 break; 1746 } 1747#endif 1748 case AF_UNIX: { 1749 struct sockaddr_un sa_un; 1750 1751 memset(&sa_un, 0, sizeof(sa_un)); 1752 memcpy(&sa_un, sa, sa->sa_len); 1753 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); 1754 break; 1755 } 1756 default: 1757 printf("unknown address family"); 1758 } 1759 printf(" }\n"); 1760} 1761 1762void 1763ktrstat(struct stat *statp) 1764{ 1765 char mode[12], timestr[PATH_MAX + 4]; 1766 struct passwd *pwd; 1767 struct group *grp; 1768 struct tm *tm; 1769 1770 /* 1771 * note: ktrstruct() has already verified that statp points to a 1772 * buffer exactly sizeof(struct stat) bytes long. 1773 */ 1774 printf("struct stat {"); 1775 printf("dev=%ju, ino=%ju, ", 1776 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino); 1777 if (resolv == 0) 1778 printf("mode=0%jo, ", (uintmax_t)statp->st_mode); 1779 else { 1780 strmode(statp->st_mode, mode); 1781 printf("mode=%s, ", mode); 1782 } 1783 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink); 1784 if (resolv == 0 || (pwd = getpwuid(statp->st_uid)) == NULL) 1785 printf("uid=%ju, ", (uintmax_t)statp->st_uid); 1786 else 1787 printf("uid=\"%s\", ", pwd->pw_name); 1788 if (resolv == 0 || (grp = getgrgid(statp->st_gid)) == NULL) 1789 printf("gid=%ju, ", (uintmax_t)statp->st_gid); 1790 else 1791 printf("gid=\"%s\", ", grp->gr_name); 1792 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); 1793 printf("atime="); 1794 if (resolv == 0) 1795 printf("%jd", (intmax_t)statp->st_atim.tv_sec); 1796 else { 1797 tm = localtime(&statp->st_atim.tv_sec); 1798 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1799 printf("\"%s\"", timestr); 1800 } 1801 if (statp->st_atim.tv_nsec != 0) 1802 printf(".%09ld, ", statp->st_atim.tv_nsec); 1803 else 1804 printf(", "); 1805 printf("mtime="); 1806 if (resolv == 0) 1807 printf("%jd", (intmax_t)statp->st_mtim.tv_sec); 1808 else { 1809 tm = localtime(&statp->st_mtim.tv_sec); 1810 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1811 printf("\"%s\"", timestr); 1812 } 1813 if (statp->st_mtim.tv_nsec != 0) 1814 printf(".%09ld, ", statp->st_mtim.tv_nsec); 1815 else 1816 printf(", "); 1817 printf("ctime="); 1818 if (resolv == 0) 1819 printf("%jd", (intmax_t)statp->st_ctim.tv_sec); 1820 else { 1821 tm = localtime(&statp->st_ctim.tv_sec); 1822 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1823 printf("\"%s\"", timestr); 1824 } 1825 if (statp->st_ctim.tv_nsec != 0) 1826 printf(".%09ld, ", statp->st_ctim.tv_nsec); 1827 else 1828 printf(", "); 1829 printf("birthtime="); 1830 if (resolv == 0) 1831 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); 1832 else { 1833 tm = localtime(&statp->st_birthtim.tv_sec); 1834 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); 1835 printf("\"%s\"", timestr); 1836 } 1837 if (statp->st_birthtim.tv_nsec != 0) 1838 printf(".%09ld, ", statp->st_birthtim.tv_nsec); 1839 else 1840 printf(", "); 1841 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", 1842 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, 1843 (intmax_t)statp->st_blocks, statp->st_flags); 1844 printf(" }\n"); 1845} 1846 1847void 1848ktrstruct(char *buf, size_t buflen) 1849{ 1850 char *name, *data; 1851 size_t namelen, datalen; 1852 int i; 1853 cap_rights_t rights; 1854 struct itimerval it; 1855 struct stat sb; 1856 struct sockaddr_storage ss; 1857 1858 for (name = buf, namelen = 0; 1859 namelen < buflen && name[namelen] != '\0'; 1860 ++namelen) 1861 /* nothing */; 1862 if (namelen == buflen) 1863 goto invalid; 1864 if (name[namelen] != '\0') 1865 goto invalid; 1866 data = buf + namelen + 1; 1867 datalen = buflen - namelen - 1; 1868 if (datalen == 0) 1869 goto invalid; 1870 /* sanity check */ 1871 for (i = 0; i < (int)namelen; ++i) 1872 if (!isalpha(name[i])) 1873 goto invalid; 1874 if (strcmp(name, "caprights") == 0) { 1875 if (datalen != sizeof(cap_rights_t)) 1876 goto invalid; 1877 memcpy(&rights, data, datalen); 1878 ktrcaprights(&rights); 1879 } else if (strcmp(name, "itimerval") == 0) { 1880 if (datalen != sizeof(struct itimerval)) 1881 goto invalid; 1882 memcpy(&it, data, datalen); 1883 ktritimerval(&it); 1884 } else if (strcmp(name, "stat") == 0) { 1885 if (datalen != sizeof(struct stat)) 1886 goto invalid; 1887 memcpy(&sb, data, datalen); 1888 ktrstat(&sb); 1889 } else if (strcmp(name, "sockaddr") == 0) { 1890 if (datalen > sizeof(ss)) 1891 goto invalid; 1892 memcpy(&ss, data, datalen); 1893 if (datalen != ss.ss_len) 1894 goto invalid; 1895 ktrsockaddr((struct sockaddr *)&ss); 1896 } else { 1897 printf("unknown structure\n"); 1898 } 1899 return; 1900invalid: 1901 printf("invalid record\n"); 1902} 1903 1904void 1905ktrcapfail(struct ktr_cap_fail *ktr) 1906{ 1907 switch (ktr->cap_type) { 1908 case CAPFAIL_NOTCAPABLE: 1909 /* operation on fd with insufficient capabilities */ 1910 printf("operation requires "); 1911 capname(&ktr->cap_needed); 1912 printf(", process holds "); 1913 capname(&ktr->cap_held); 1914 break; 1915 case CAPFAIL_INCREASE: 1916 /* requested more capabilities than fd already has */ 1917 printf("attempt to increase capabilities from "); 1918 capname(&ktr->cap_held); 1919 printf(" to "); 1920 capname(&ktr->cap_needed); 1921 break; 1922 case CAPFAIL_SYSCALL: 1923 /* called restricted syscall */ 1924 printf("disallowed system call"); 1925 break; 1926 case CAPFAIL_LOOKUP: 1927 /* used ".." in strict-relative mode */ 1928 printf("restricted VFS lookup"); 1929 break; 1930 default: 1931 printf("unknown capability failure: "); 1932 capname(&ktr->cap_needed); 1933 printf(" "); 1934 capname(&ktr->cap_held); 1935 break; 1936 } 1937 printf("\n"); 1938} 1939 1940void 1941ktrfault(struct ktr_fault *ktr) 1942{ 1943 1944 printf("0x%jx ", (uintmax_t)ktr->vaddr); 1945 vmprotname(ktr->type); 1946 printf("\n"); 1947} 1948 1949void 1950ktrfaultend(struct ktr_faultend *ktr) 1951{ 1952 1953 vmresultname(ktr->result); 1954 printf("\n"); 1955} 1956 1957#if defined(__amd64__) || defined(__i386__) 1958 1959#if defined(__amd64__) 1960#define NLINUX_SYSCALLS(v) ((v) & SV_ILP32 ? \ 1961 nitems(linux32_syscallnames) : nitems(linux_syscallnames)) 1962#define LINUX_SYSCALLNAMES(v, i) ((v) & SV_ILP32 ? \ 1963 linux32_syscallnames[i] : linux_syscallnames[i]) 1964#else 1965#define NLINUX_SYSCALLS(v) (nitems(linux_syscallnames)) 1966#define LINUX_SYSCALLNAMES(v, i) (linux_syscallnames[i]) 1967#endif 1968 1969void 1970linux_ktrsyscall(struct ktr_syscall *ktr, u_int sv_flags) 1971{ 1972 int narg = ktr->ktr_narg; 1973 unsigned code = ktr->ktr_code; 1974 register_t *ip; 1975 1976 if (ktr->ktr_code < 0 || code >= NLINUX_SYSCALLS(sv_flags)) 1977 printf("[%d]", ktr->ktr_code); 1978 else { 1979 printf("%s", LINUX_SYSCALLNAMES(sv_flags, ktr->ktr_code)); 1980 if (syscallno) 1981 printf("[%d]", ktr->ktr_code); 1982 } 1983 ip = &ktr->ktr_args[0]; 1984 if (narg) { 1985 char c = '('; 1986 while (narg > 0) 1987 print_number(ip, narg, c); 1988 putchar(')'); 1989 } 1990 putchar('\n'); 1991} 1992 1993void 1994linux_ktrsysret(struct ktr_sysret *ktr, u_int sv_flags) 1995{ 1996 register_t ret = ktr->ktr_retval; 1997 unsigned code = ktr->ktr_code; 1998 int error = ktr->ktr_error; 1999 2000 if (ktr->ktr_code < 0 || code >= NLINUX_SYSCALLS(sv_flags)) 2001 printf("[%d] ", ktr->ktr_code); 2002 else { 2003 printf("%s ", LINUX_SYSCALLNAMES(sv_flags, code)); 2004 if (syscallno) 2005 printf("[%d]", code); 2006 printf(" "); 2007 } 2008 2009 if (error == 0) { 2010 if (fancy) { 2011 printf("%ld", (long)ret); 2012 if (ret < 0 || ret > 9) 2013 printf("/%#lx", (unsigned long)ret); 2014 } else { 2015 if (decimal) 2016 printf("%ld", (long)ret); 2017 else 2018 printf("%#lx", (unsigned long)ret); 2019 } 2020 } else if (error == ERESTART) 2021 printf("RESTART"); 2022 else if (error == EJUSTRETURN) 2023 printf("JUSTRETURN"); 2024 else { 2025 if (ktr->ktr_error <= ELAST + 1) 2026 error = abs(bsd_to_linux_errno[ktr->ktr_error]); 2027 else 2028 error = 999; 2029 printf("-1 errno %d", error); 2030 if (fancy) 2031 printf(" %s", strerror(ktr->ktr_error)); 2032 } 2033 putchar('\n'); 2034} 2035#endif 2036 2037void 2038usage(void) 2039{ 2040 fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] " 2041 "[-m maxdata] [-p pid] [-t trstr]\n"); 2042 exit(1); 2043} 2044