| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This removes all of the architecture-specific functions from truss.
A per-ABI structure is still needed to map syscall numbers to names
and FreeBSD errno values to ABI error values as well as hold syscall
counters. However, the linker set of ABI structures is now replaced
with a simple table mapping ABI names to structures. This approach
permits sharing the same ABI structure among separate names such as
i386 a.out and ELF binaries as well as ELF v1 vs ELF v2 for powerpc64.
A few differences are visible due to using PT_GET_SC_RET to fetch the
error value of a system call. Note that ktrace/kdump have had the
"new" behaviors for a long time already:
- System calls that return with EJUSTRETURN or ERESTART will now be
noticed and logged as such. Previously sigreturn (which uses
EJUSTRETURN) would report whatever random value was in the register
holding errno from the previous system call for example. Now it
reports EJUSTRETURN.
- System calls that return errno as their error value such as
posix_fallocate() and posix_fadvise() now report non-zero return
values as errors instead of success with a non-zero return value.
Reviewed by: kib
MFC after: 1 month
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D20963
Notes:
svn path=/head/; revision=350069
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
Initially, only tag files that use BSD 4-Clause "Original" license.
RelNotes: yes
Differential Revision: https://reviews.freebsd.org/D13133
Notes:
svn path=/head/; revision=325966
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Avoid always using an O(n^2) loop over known syscall structures with
strcmp() on each system call. Instead, use a per-ABI cache indexed by
the system call number. The first 1024 system calls (which should cover
all of the normal system calls in currently-supported ABIs) use a flat array
indexed by the system call number to find system call structure. For other
system calls, a linked list of structures storing an integer to structure
mapping is stored in the ABI. The linked list isn't very smart, but it
should only be used by buggy applications invoking unknown system calls.
This also fixes handling of unknown system calls which currently trigger
a NULL pointer dereference.
Reviewed by: kib
MFC after: 2 weeks
Notes:
svn path=/head/; revision=309589
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Restructure this script so that it generates a header of tables instead
of a source file. The tables are included in a flags.c source file which
provides functions to decode various system call arguments.
For functions that decode an enumeration, the function returns a pointer
to a string for known values and NULL for unknown values.
For functions that do more complex decoding (typically of a bitmask), the
function accepts a pointer to a FILE object (open_memstream() can be used
as a string builder) to which decoded values are written. If the
function operates on a bitmask, the function returns true if any bits
were decoded or false if the entire value was valid. Additionally, the
third argument accepts a pointer to a value to which any undecoded bits
are stored. This pointer can be NULL if the caller doesn't care about
remaining bits.
Convert kdump over to using decoder functions from libsysdecode instead of
mksubr. truss also uses decoders from libsysdecode instead of private
lookup tables, though lookup tables for objects not decoded by kdump remain
in truss for now. Eventually most of these tables should move into
libsysdecode as the automated table generation approach from mksubr is
less stale than the static tables in truss.
Some changes have been made to truss and kdump output:
- The flags passed to open() are now properly decoded in that one of
O_RDONLY, O_RDWR, O_WRONLY, or O_EXEC is always included in a decoded
mask.
- Optional arguments to open(), openat(), and fcntl() are only printed
in kdump if they exist (e.g. the mode is only printed for open() if
O_CREAT is set in the flags).
- Print argument to F_GETLK/SETLK/SETLKW in kdump as a pointer, not int.
- Include all procctl() commands.
- Correctly decode pipe2() flags in truss by not assuming full
open()-like flags with O_RDONLY, etc.
- Decode file flags passed to *chflags() as file flags (UF_* and SF_*)
rather than as a file mode.
- Fix decoding of quotactl() commands by splitting out the two command
components instead of assuming the raw command value matches the
primary command component.
In addition, truss and kdump now build without triggering any warnings.
All of the sysdecode manpages now include the required headers in the
synopsis.
Reviewed by: kib (several older versions), wblock (manpages)
MFC after: 2 months
Differential Revision: https://reviews.freebsd.org/D7847
Notes:
svn path=/head/; revision=307538
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add two new functions, sysdecode_abi_to_freebsd_errno() and
sysdecode_freebsd_to_abi_errno(), which convert errno values between
the native FreeBSD ABI and other supported ABIs. Note that the
mappings are not necessarily perfect meaning in some cases multiple
errors in one ABI might map to a single error in another ABI. In that
case, the reverse mapping will return one of the errors that maps, but
which error is non-deterministic.
Change truss to always report the raw error value to the user but
use libsysdecode to map it to a native errno value that can be used
with strerror() to generate a description. Previously truss reported
the "converted" error value. Now the user will always see the exact
error value that the application sees.
Change kdump to report the truly raw error value to the user. Previously
kdump would report the absolute value of the raw error value (so for
Linux binaries it didn't output the FreeBSD error value, but the positive
value of the Linux error). Now it reports the real (i.e. negative) error
value for Linux binaries. Also, use libsysdecode to convert the native
FreeBSD error reported in the ktrace record to the raw error used by the
ABI. This means that the Linux ABI can now be handled directly in
ktrsysret() and removes the need for linux_ktrsysret().
Reviewed by: bdrewery, kib
Helpful notes: wblock (manpage)
Differential Revision: https://reviews.freebsd.org/D5314
Notes:
svn path=/head/; revision=295931
|
| |
|
|
|
|
|
|
|
| |
This allows truss to work for these binaries again after r288424.
MFC after: 3 days
Notes:
svn path=/head/; revision=295637
|
| |
|
|
|
|
|
|
|
| |
Suggested by: jmallett
Reviewed by: bdrewery, jmallett
Differential Revision: https://reviews.freebsd.org/D5123
Notes:
svn path=/head/; revision=295056
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new sysdecode_syscallname() function accepts a system call code and
returns a string of the corresponding name (or NULL if the code is
unknown). To support different process ABIs, the new function accepts a
value from a new sysdecode_abi enum as its first argument to select the
ABI in use. Current ABIs supported include FREEBSD (native binaries),
FREEBSD32, LINUX, LINUX32, and CLOUDABI64. Note that not all ABIs are
supported by all platforms. In general, a given ABI is only supported
if a platform can execute binaries for that ABI.
To simplify the implementation, libsysdecode's build reuses the
existing pre-generated files from the kernel source tree rather than
duplicating new copies of said files during the build.
kdump(1) and truss(1) now use these functions to map system call
identifiers to names. For kdump(1), a new 'syscallname()' function
consolidates duplicated code from ktrsyscall() and ktrsyscallret().
The Linux ABI no longer requires custom handling for ktrsyscall() and
linux_ktrsyscall() has been removed as a result.
Reviewed by: bdrewery
Differential Revision: https://reviews.freebsd.org/D4823
Notes:
svn path=/head/; revision=294849
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is to make the Makefile more easily extendable for new ABIs.
This also makes several other subtle changes:
- The build now is given a list of ABIs to use based on the MACHINE_ARCH or
MACHINE_CPUARCH. These ABIs have a related path in sys/ that is used
to generate their syscalls. For each ABI to build check for a
ABI.c, MACHINE_ARCH-ABI.c, or a MACHINE_CPUARCH-ABI.c. This matches
the old behavior needed for archs such as powerpc* and mips*.
- The ABI source file selection allows for simpler assignment of common
ABIs such as "fbsd32" from sys/compat/freebsd32, or cloudabi64.
- Expand 'fbsd' to 'freebsd' everywhere for consistency.
- Split out the powerpc-fbsd.c file into a powerpc64-freebsd32.c to be more
like the amd64-freebsd32.c file and to more easily allow the auto-generation
of ABI handling to work.
- Rename 'syscalls.h' to 'fbsd_syscalls.h' to lessen the ambiguity and
avoid confusion with syscall.h (such as in r288997).
- For non-native syscall header files, they are now renamed to be
ABI_syscalls.h, where ABI is what ABI the Makefile is building.
- Remove all of the makesyscalls config files. The "native" one being
name i386.conf was a long outstanding bug. They were all the same
except for the data they generated, so now it is just auto-generated
as a build artifact.
- The syscalls array is now fixed to be static in the syscalls header to
remove the compiler warning about non-extern. This was worked around
in the aarch64-fbsd.c file but not the others.
- All syscall table names are now just 'syscallnames' since they don't
need to be different as they are all static in their own ABI files. The
alternative is to name them ABI_syscallnames which does not seem
necessary.
Reviewed by: ed, jhb
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D3851
Notes:
svn path=/head/; revision=289239
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Refactor the interface between the ABI-independent code and the
ABI-specific backends. The backends now provide smaller hooks to
fetch system call arguments and return values. The rest of the
system call entry and exit handling that was previously duplicated
among all the backends has been moved to one place.
- Merge the loop when waiting for an event with the loop for handling stops.
This also means not emulating a procfs-like interface on top of ptrace().
Instead, use a single event loop that fetches process events via waitid().
Among other things this allows us to report the full 32-bit exit value.
- Use PT_FOLLOW_FORK to follow new child processes instead of forking a new
truss process for each new child. This allows one truss process to monitor
a tree of processes and truss -c should now display one total for the
entire tree instead of separate summaries per process.
- Use the recently added fields to ptrace_lwpinfo to determine the current
system call number and argument count. The latter is especially useful
and fixes a regression since the conversion from procfs. truss now
generally prints the correct number of arguments for most system calls
rather than printing extra arguments for any call not listed in the
table in syscalls.c.
- Actually check the new ABI when processes call exec. The comments claimed
that this happened but it was not being done (perhaps this was another
regression in the conversion to ptrace()). If the new ABI after exec
is not supported, truss detaches from the process. If truss does not
support the ABI for a newly executed process the process is killed
before it returns from exec.
- Along with the refactor, teach the various ABI-specific backends to
fetch both return values, not just the first. Use this to properly
report the full 64-bit return value from lseek(). In addition, the
handler for "pipe" now pulls the pair of descriptors out of the
return values (which is the true kernel system call interface) but
displays them as an argument (which matches the interface exported by
libc).
- Each ABI handler adds entries to a linker set rather than requiring
a statically defined table of handlers in main.c.
- The arm and mips system call fetching code was changed to follow the
same pattern as amd64 (and the in-kernel handler) of fetching register
arguments first and then reading any remaining arguments from the
stack. This should fix indirect system call arguments on at least
arm.
- The mipsn32 and n64 ABIs will now look for arguments in A4 through A7.
- Use register %ebp for the 6th system call argument for Linux/i386 ABIs
to match the in-kernel argument fetch code.
- For powerpc binaries on a powerpc64 system, fetch the extra arguments
on the stack as 32-bit values that are then copied into the 64-bit
argument array instead of reading the 32-bit values directly into the
64-bit array.
Reviewed by: kib (earlier version)
Tested on: amd64 (FreeBSD/amd64 & i386), i386, arm (earlier version)
Tested on: powerpc64 (FreeBSD/powerpc64 & powerpc)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D3575
Notes:
svn path=/head/; revision=288424
|
| |
|
|
|
|
|
|
|
|
|
|
| |
arrays generically rather than duplicating a hack in all of the backends.
- Add two new system call argument types and use them instead of StringArray
for the argument and environment arguments execve and linux_execve.
- Honor the -a/-e flags in the handling of these new types.
- Instead of printing "<missing argument>" when the decoding is disabled,
print the raw pointer value.
Notes:
svn path=/head/; revision=286963
|
| |
|
|
| |
Notes:
svn path=/head/; revision=286938
|
| |
|
|
| |
Notes:
svn path=/head/; revision=286937
|
| |
|
|
|
|
|
|
| |
Approved by: kib (mentor)
MFC after: 2 weeks
Notes:
svn path=/head/; revision=240562
|
| |
|
|
|
|
|
| |
Approved by: kib (mentor)
Notes:
svn path=/head/; revision=240005
|
| |
|
|
|
|
|
|
|
| |
There are some tables in the source code that are only used by the
individual source files themselves. Therefore there is no need to export
them.
Notes:
svn path=/head/; revision=228396
|
| |
|
|
|
|
|
|
| |
PR: 139825
Submitted by: Ruslan Mahmatkhanov
Notes:
svn path=/head/; revision=204977
|
| |
|
|
|
|
|
|
|
|
|
| |
is nsyscalls.
PR: bin/134916
Submitted by: Steven Hartland <steven hartland multiplay co uk>
MFC after: 2 weeks
Notes:
svn path=/head/; revision=192943
|
| |
|
|
| |
Notes:
svn path=/head/; revision=192153
|
| |
|
|
|
|
|
| |
Reviewed by: alfred
Notes:
svn path=/head/; revision=192025
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Fix logic handling execve(). We will not be able to
obtain information otherwise.
- truss coredump [1].
- truss does not work against itself [2].
PR: bin/58970 [1], bin/45193 [2]
Submitted by: Howard Su
Approved by: re (kensmith)
Notes:
svn path=/head/; revision=171055
|
| |
|
|
|
|
|
|
|
|
|
| |
yet another need of an available /proc/ mount.
Tested with: make universe
Submitted by: howardsu
Reviewed by: alfred
Notes:
svn path=/head/; revision=168569
|
| |
|
|
|
|
|
| |
Approved by: alfred
Notes:
svn path=/head/; revision=158626
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
type which is a String type that has no -s limitations applied to it.
Change most Strings in the code to Names and add a few extra syscalls,
namely munmap, read, rename and symlink. This was enough to facilitate
following file descriptor allocations in the code more easily and
getting a hint at what's being read/written from/to files. More
syscalls should really be added.
While here, fix an off-by-one bug in the buffer truncation code and
add a fflush so that truss's output reflects the syscall that the
program is stuck in.
Sponsored by: Sophos/Activestate
MFC after: 2 weeks
Notes:
svn path=/head/; revision=153963
|
| |
|
|
|
|
|
|
|
|
|
| |
result buffer, so we need to format it ourselves. The problem is
that the length is stored as the return value from readlink, so we
need to pass the return value from our syscall into print_arg.
Motivated by: truss garbage on my screen from reading /etc/malloc.conf.
Notes:
svn path=/head/; revision=132308
|
| |
|
|
| |
Notes:
svn path=/head/; revision=124217
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
o Syscall return values do not fit in int on 64-bit architectures.
Change the type of retval in <arch>_syscall_exit() to long and
change the prototype of said function to return a long as well.
o Change the prototype of print_syscall_ret() to take a long for
the return address and change the format string accordingly.
o Replace the code sequence
tmp = malloc(X);
sprintf(tmp, format, ...);
with X by definition too small on 64-bit platforms by
asprintf(&tmp, format, ...);
With these changes the output makes sense again, although it does
mess up the tabulation on ia64. Go widescreen...
Not tested on: alpha, sparc64.
Notes:
svn path=/head/; revision=122348
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
1) Missing include.
2) Constness.
3) ANSIfication.
4) Avoid some shadowing.
5) Add/clarify some error messages.
6) Some int functions were using return without a value.
7) Mark some parameters as unused.
8) Cast a value we know is non-negative to a size_t before comparing.
Notes:
svn path=/head/; revision=106713
|
| |
|
|
|
|
|
|
|
| |
- Fix printf format errors.
Submitted by: bde
Notes:
svn path=/head/; revision=101423
|
| |
|
|
| |
Notes:
svn path=/head/; revision=101374
|
| |
|
|
|
|
|
|
|
| |
depend on namespace pollution in <signal.h>. (truss shouldn't be
using timevals anyway, since it was implemented long after timevals
were obsoleted by timespecs.)
Notes:
svn path=/head/; revision=101309
|
| |
|
|
|
|
|
|
|
|
|
|
| |
execve().
This could be done in a more general manner but it still wouldn't
be very pretty.
MFC after: 3 weeks
Notes:
svn path=/head/; revision=101289
|
| |
|
|
| |
Notes:
svn path=/head/; revision=101286
|
| |
|
|
|
|
|
|
| |
PR: bin/25587 (in part)
MFC after: 3 weeks
Notes:
svn path=/head/; revision=101283
|
| |
|
|
|
|
|
|
| |
PR: bin/25587 (in part)
MFC after: 3 weeks
Notes:
svn path=/head/; revision=101282
|
| |
|
|
| |
Notes:
svn path=/head/; revision=100357
|
| |
|
|
|
|
|
| |
Use __FBSDID().
Notes:
svn path=/head/; revision=87703
|
| |
|
|
|
|
|
|
|
| |
Submitted by: Vitezslav Novy <vita@fio.cz>
PR: 32036
MFC after: 1 week
Notes:
svn path=/head/; revision=86501
|
| |
|
|
|
|
|
| |
reorder includes everywhere to conform to style(9).
Notes:
svn path=/head/; revision=85301
|
| |
|
|
|
|
|
|
|
| |
really is much nicer looking.)
Submitted by: "Matthew N. Dodd" <winter@jurai.net>
Notes:
svn path=/head/; revision=58224
|
| |
|
|
| |
Notes:
svn path=/head/; revision=50477
|
| |
|
|
| |
Notes:
svn path=/head/; revision=37453
|
| |
|
|
| |
Notes:
svn path=/head/; revision=32367
|
| |
|
|
|
|
|
|
|
|
| |
some header files (e.g., <err.h>) include <machine/something.h>, and this
will not pick up the right header files, so it may be removed eventually
anyway. But some people who are not willing to build the right way
apparantly want this, so this is for them.
Notes:
svn path=/head/; revision=32355
|
| |
|
|
|
|
|
|
|
| |
Correct usage: one of {-p pid, command} is required.
Open output file when command line is fully analyzed: incorrect `truss -o f'
command does not create an empty file anymore.
Notes:
svn path=/head/; revision=32275
|
| |
|
|
|
|
|
| |
syscall.h just refers to another file for the copyright notice.
Notes:
svn path=/head/; revision=31899
|
|
|
Notes:
svn path=/head/; revision=31567
|
