1 /* $NetBSD: dump.c,v 1.24 2005/12/11 11:30:06 christos Exp $ */ 2 3 /*- 4 * Copyright (c) 1988, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 #ifndef lint 34 __COPYRIGHT("@(#) Copyright (c) 1988, 1993\n\ 35 The Regents of the University of California. All rights reserved.\n"); 36 #endif /* not lint */ 37 38 #ifndef lint 39 #if 0 40 static char sccsid[] = "@(#)kdump.c 8.4 (Berkeley) 4/28/95"; 41 #endif 42 __RCSID("$NetBSD: dump.c,v 1.24 2005/12/11 11:30:06 christos Exp $"); 43 #endif /* not lint */ 44 45 #include <sys/param.h> 46 #define _KERNEL 47 #include <sys/errno.h> 48 #undef _KERNEL 49 #include <sys/ioctl.h> 50 #include <sys/time.h> 51 #include <sys/uio.h> 52 #include <sys/ktrace.h> 53 #include <sys/ptrace.h> 54 #include <sys/queue.h> 55 56 #include <err.h> 57 #include <signal.h> 58 #include <stdarg.h> 59 #include <stddef.h> 60 #include <stdio.h> 61 #include <stdlib.h> 62 #include <string.h> 63 #include <unistd.h> 64 #include <vis.h> 65 66 #include "ktrace.h" 67 #include "misc.h" 68 #include "setemul.h" 69 70 int timestamp, decimal, fancy = 1, tail, maxdata; 71 72 int width; /* Keep track of current columns. */ 73 74 #include <sys/syscall.h> 75 76 static const char *const ptrace_ops[] = { 77 "PT_TRACE_ME", "PT_READ_I", "PT_READ_D", "PT_READ_U", 78 "PT_WRITE_I", "PT_WRITE_D", "PT_WRITE_U", "PT_CONTINUE", 79 "PT_KILL", "PT_ATTACH", "PT_DETACH", 80 }; 81 82 struct ktr_entry { 83 TAILQ_ENTRY(ktr_entry) kte_list; 84 struct ktr_header kte_kth; 85 }; 86 87 TAILQ_HEAD(kteq, ktr_entry) ktependq = TAILQ_HEAD_INITIALIZER(ktependq); 88 89 void argprint(const char *, register_t **, int *); 90 void dumpheader(struct ktr_header *); 91 int dumprecord(int, FILE *); 92 void flushpendq(struct ktr_entry *); 93 int fread_tail(void *, int, int, FILE *); 94 void genioprint(struct ktr_header *); 95 struct ktr_entry * 96 getpendq(struct ktr_header *, int, struct kteq *); 97 struct ktr_entry * 98 getrecord(FILE *); 99 void indent(int); 100 void ioctldecode(u_long); 101 void ktrcsw(struct ktr_entry *); 102 void ktremul(struct ktr_entry *); 103 void ktrgenio(struct ktr_entry *); 104 void ktrnamei(struct ktr_entry *); 105 void ktrpsig(struct ktr_entry *); 106 void ktrsyscall(struct ktr_entry *); 107 void ktrsysret(struct ktr_entry *); 108 void nameiargprint(const char *, struct ktr_header *, register_t **, int *); 109 void nameiprint(struct ktr_header *); 110 void newline(void); 111 void putpendq(struct ktr_entry *); 112 void syscallnameprint(int); 113 void syscallprint(struct ktr_header *); 114 void sysretprint(struct ktr_header *); 115 int wprintf(const char *, ...); 116 void *xrealloc(void *, size_t *, size_t); 117 118 int 119 wprintf(const char *fmt, ...) 120 { 121 va_list ap; 122 int w; 123 124 va_start(ap, fmt); 125 w = vprintf(fmt, ap); 126 if (w == -1) 127 warn("vprintf"); 128 else 129 width += w; 130 va_end(ap); 131 return (w); 132 } 133 134 void 135 newline(void) 136 { 137 138 if (width > 0) { 139 printf("\n"); 140 width = 0; 141 } 142 } 143 144 void 145 indent(int col) 146 { 147 148 while (width < col) 149 if (wprintf(" ") < 0) 150 break; 151 } 152 153 void * 154 xrealloc(void *p, size_t *siz, size_t req) 155 { 156 157 if (*siz < req) { 158 if (*siz == 0) 159 *siz = 1; 160 while (*siz < req) 161 *siz <<= 1; 162 p = realloc(p, *siz); 163 if (p == NULL) 164 err(EXIT_FAILURE, "realloc: %lu bytes", 165 (u_long)*siz); 166 } 167 return (p); 168 } 169 170 struct ktr_entry * 171 getrecord(FILE *fp) 172 { 173 struct ktr_entry *kte; 174 struct ktr_header *kth; 175 char *cp; 176 size_t siz, len; 177 178 siz = 0; 179 kte = xrealloc(NULL, &siz, sizeof(struct ktr_entry)); 180 kth = &kte->kte_kth; 181 if (fread_tail(kth, sizeof(struct ktr_header), 1, fp) == 0) { 182 free(kte); 183 return (NULL); 184 } 185 186 len = kth->ktr_len; 187 if (len < 0) 188 errx(EXIT_FAILURE, "bogus length 0x%lx", (long)len); 189 if (len > 0) { 190 /* + 1 to ensure room for NUL terminate */ 191 kte = xrealloc(kte, &siz, sizeof(struct ktr_entry) + len + 1); 192 if (fread_tail(cp = (char *)(&kte->kte_kth + 1), 193 len, 1, fp) == 0) 194 errx(EXIT_FAILURE, "data too short"); 195 cp[len] = 0; 196 } 197 198 return (kte); 199 } 200 201 /* XXX: lwp. */ 202 #define KTE_TYPE(kte) ((kte)->kte_kth.ktr_type) 203 #define KTE_PID(kte) ((kte)->kte_kth.ktr_pid) 204 #define KTE_MATCH(kte, type, pid) \ 205 (KTE_TYPE(kte) == (type) && KTE_PID(kte) == (pid)) 206 207 void 208 putpendq(struct ktr_entry *kte) 209 { 210 211 TAILQ_INSERT_TAIL(&ktependq, kte, kte_list); 212 } 213 214 void 215 flushpendq(struct ktr_entry *us) 216 { 217 struct ktr_entry *kte, *kte_next; 218 int pid = KTE_PID(us); 219 220 for (kte = TAILQ_FIRST(&ktependq); kte != NULL; kte = kte_next) { 221 kte_next = TAILQ_NEXT(kte, kte_list); 222 if (KTE_PID(kte) == pid) { 223 TAILQ_REMOVE(&ktependq, kte, kte_list); 224 free(kte); 225 } 226 } 227 } 228 229 struct ktr_entry * 230 getpendq(struct ktr_header *us, int type, struct kteq *kteq) 231 { 232 struct ktr_entry *kte, *kte_next; 233 int pid = us->ktr_pid; 234 235 if (kteq != NULL) 236 TAILQ_INIT(kteq); 237 for (kte = TAILQ_FIRST(&ktependq); kte != NULL; kte = kte_next) { 238 kte_next = TAILQ_NEXT(kte, kte_list); 239 if (KTE_MATCH(kte, type, pid)) { 240 TAILQ_REMOVE(&ktependq, kte, kte_list); 241 if (kteq != NULL) 242 TAILQ_INSERT_TAIL(kteq, kte, kte_list); 243 else 244 break; 245 } 246 } 247 248 return (kteq ? TAILQ_FIRST(kteq) : kte); 249 } 250 251 int 252 dumprecord(int trpoints, FILE *fp) 253 { 254 struct ktr_entry *kte; 255 struct ktr_header *kth; 256 257 kte = getrecord(fp); 258 if (kte == NULL) 259 return (0); 260 261 kth = &kte->kte_kth; 262 if ((trpoints & (1 << kth->ktr_type)) == 0) { 263 free(kte); 264 goto out; 265 } 266 267 /* Update context to match currently processed record. */ 268 ectx_sanify(kth->ktr_pid); 269 270 switch (kth->ktr_type) { 271 case KTR_SYSCALL: 272 ktrsyscall(kte); 273 break; 274 case KTR_SYSRET: 275 ktrsysret(kte); 276 break; 277 case KTR_NAMEI: 278 putpendq(kte); 279 break; 280 case KTR_GENIO: 281 putpendq(kte); 282 break; 283 case KTR_PSIG: 284 ktrpsig(kte); 285 break; 286 case KTR_CSW: 287 ktrcsw(kte); 288 break; 289 case KTR_EMUL: 290 ktremul(kte); 291 break; 292 default: 293 /* 294 * XXX: Other types added recently. 295 */ 296 free(kte); 297 break; 298 } 299 newline(); 300 301 out: 302 return (1); 303 } 304 305 void 306 dumpfile(const char *file, int fd, int trpoints) 307 { 308 FILE *fp; 309 310 if (file == NULL || *file == 0) { 311 if ((fp = fdopen(fd, "r")) == NULL) 312 err(EXIT_FAILURE, "fdopen(%d)", fd); 313 } else if (strcmp(file, "-") == 0) 314 fp = stdin; 315 else if ((fp = fopen(file, "r")) == NULL) 316 err(EXIT_FAILURE, "fopen: %s", file); 317 318 for (width = 0; dumprecord(trpoints, fp) != 0;) 319 if (tail) 320 (void)fflush(stdout); 321 322 newline(); 323 324 /* 325 * XXX: Dump pending KTR_SYSCALL if any? 326 */ 327 } 328 329 int 330 fread_tail(void *buf, int size, int num, FILE *fp) 331 { 332 int i; 333 334 while ((i = fread(buf, size, num, fp)) == 0 && tail) { 335 (void)sleep(1); 336 clearerr(fp); 337 } 338 return (i); 339 } 340 341 void 342 dumpheader(struct ktr_header *kth) 343 { 344 union timeholder { 345 struct timeval tv; 346 struct timespec ts; 347 }; 348 static union timeholder prevtime; 349 union timeholder temp; 350 351 wprintf("%6d ", kth->ktr_pid); 352 if (kth->ktr_version > KTRFACv0) 353 wprintf("%6d ", kth->ktr_lid); 354 wprintf("%-8.*s ", MAXCOMLEN, kth->ktr_comm); 355 if (timestamp) { 356 if (timestamp == 2) { 357 if (kth->ktr_version == KTRFACv0) { 358 if (prevtime.tv.tv_sec == 0) 359 temp.tv.tv_sec = temp.tv.tv_usec = 0; 360 else 361 timersub(&kth->ktr_tv, 362 &prevtime.tv, &temp.tv); 363 prevtime.tv = kth->ktr_tv; 364 } else { 365 if (prevtime.ts.tv_sec == 0) 366 temp.ts.tv_sec = temp.ts.tv_nsec = 0; 367 else 368 timespecsub(&kth->ktr_time, 369 &prevtime.ts, &temp.ts); 370 prevtime.ts = kth->ktr_time; 371 } 372 } else { 373 if (kth->ktr_version == KTRFACv0) 374 temp.tv = kth->ktr_tv; 375 else 376 temp.ts = kth->ktr_time; 377 } 378 if (kth->ktr_version == KTRFACv0) 379 wprintf("%ld.%06ld ", 380 (long)temp.tv.tv_sec, (long)temp.tv.tv_usec); 381 else 382 wprintf("%ld.%09ld ", 383 (long)temp.ts.tv_sec, (long)temp.ts.tv_nsec); 384 } 385 } 386 387 void 388 ioctldecode(u_long cmd) 389 { 390 char dirbuf[4], *dir = dirbuf; 391 392 if (cmd & IOC_OUT) 393 *dir++ = 'W'; 394 if (cmd & IOC_IN) 395 *dir++ = 'R'; 396 *dir = '\0'; 397 398 wprintf(decimal ? ", _IO%s('%c',%ld" : ", _IO%s('%c',%#lx", 399 dirbuf, (int) ((cmd >> 8) & 0xff), cmd & 0xff); 400 if ((cmd & IOC_VOID) == 0) 401 wprintf(decimal ? ",%ld)" : ",%#lx)", 402 (cmd >> 16) & 0xff); 403 else 404 wprintf(")"); 405 } 406 407 void 408 nameiargprint(const char *prefix, struct ktr_header *kth, 409 register_t **ap, int *argsize) 410 { 411 struct ktr_entry *kte; 412 413 if (*argsize == 0) 414 errx(EXIT_FAILURE, "argument expected"); 415 /* 416 * XXX: binary emulation mode. 417 */ 418 kte = getpendq(kth, KTR_NAMEI, NULL); 419 if (kte == NULL) 420 argprint(prefix, ap, argsize); 421 else { 422 wprintf("%s", prefix); 423 nameiprint(&kte->kte_kth); 424 free(kte); 425 (*ap)++; 426 *argsize -= sizeof(register_t); 427 } 428 } 429 430 void 431 syscallnameprint(int code) 432 { 433 434 if (code >= cur_emul->nsysnames || code < 0) 435 wprintf("[%d]", code); 436 else 437 wprintf("%s", cur_emul->sysnames[code]); 438 } 439 440 void 441 argprint(const char *prefix, register_t **ap, int *argsize) 442 { 443 444 if (decimal) 445 wprintf("%s%ld", prefix, (long)**ap); 446 else 447 wprintf("%s%#lx", prefix, (long)**ap); 448 (*ap)++; 449 *argsize -= sizeof(register_t); 450 } 451 452 void 453 syscallprint(struct ktr_header *kth) 454 { 455 struct ktr_syscall *ktr = (struct ktr_syscall *)(kth + 1); 456 register_t *ap; 457 const char *s; 458 int argsize; 459 460 syscallnameprint(ktr->ktr_code); 461 462 /* 463 * Arguments processing. 464 */ 465 argsize = ktr->ktr_argsize; 466 if (argsize == 0) { 467 wprintf("("); 468 goto noargument; 469 } 470 471 ap = (register_t *)(ktr + 1); 472 if (!fancy) 473 goto print_first; 474 475 switch (ktr->ktr_code) { 476 /* 477 * All these have a path as the first param. 478 * The order is same as syscalls.master. 479 */ 480 case SYS_open: 481 case SYS_link: 482 case SYS_unlink: 483 case SYS_chdir: 484 case SYS_mknod: 485 case SYS_chmod: 486 case SYS_chown: 487 case SYS_unmount: 488 case SYS_access: 489 case SYS_chflags: 490 case SYS_acct: 491 case SYS_revoke: 492 case SYS_symlink: 493 case SYS_readlink: 494 case SYS_execve: 495 case SYS_chroot: 496 case SYS_rename: 497 case SYS_mkfifo: 498 case SYS_mkdir: 499 case SYS_rmdir: 500 case SYS_utimes: 501 case SYS_quotactl: 502 case SYS_statvfs1: 503 case SYS_getfh: 504 case SYS_pathconf: 505 case SYS_truncate: 506 case SYS_undelete: 507 case SYS___posix_rename: 508 case SYS_lchmod: 509 case SYS_lchown: 510 case SYS_lutimes: 511 case SYS___stat30: 512 case SYS___lstat30: 513 case SYS___posix_chown: 514 case SYS___posix_lchown: 515 case SYS_lchflags: 516 nameiargprint("(", kth, &ap, &argsize); 517 518 /* 519 * 2nd argument is also pathname. 520 */ 521 switch (ktr->ktr_code) { 522 case SYS_link: 523 case SYS_rename: 524 case SYS___posix_rename: 525 nameiargprint(", ", kth, &ap, &argsize); 526 break; 527 } 528 break; 529 530 case SYS_compat_16___sigaction14 : 531 wprintf("(%s", signals[(int)*ap].name); 532 ap++; 533 argsize -= sizeof(register_t); 534 break; 535 536 case SYS_ioctl : 537 argprint("(", &ap, &argsize); 538 if ((s = ioctlname(*ap)) != NULL) 539 wprintf(", %s", s); 540 else 541 ioctldecode(*ap); 542 ap++; 543 argsize -= sizeof(register_t); 544 break; 545 546 case SYS_ptrace : 547 if (*ap >= 0 && 548 *ap < sizeof(ptrace_ops) / sizeof(ptrace_ops[0])) 549 wprintf("(%s", ptrace_ops[*ap]); 550 else 551 wprintf("(%ld", (long)*ap); 552 ap++; 553 argsize -= sizeof(register_t); 554 break; 555 556 default: 557 print_first: 558 argprint("(", &ap, &argsize); 559 break; 560 } 561 562 /* Print rest of argument. */ 563 while (argsize > 0) 564 argprint(", ", &ap, &argsize); 565 566 noargument: 567 wprintf(")"); 568 } 569 570 void 571 ktrsyscall(struct ktr_entry *kte) 572 { 573 struct ktr_header *kth = &kte->kte_kth; 574 struct ktr_syscall *ktr = (struct ktr_syscall *)(kth + 1); 575 576 switch (ktr->ktr_code) { 577 case SYS_exit: 578 dumpheader(kth); 579 syscallprint(kth); 580 break; 581 default: 582 putpendq(kte); 583 return; 584 } 585 586 free(kte); 587 } 588 589 void 590 sysretprint(struct ktr_header *kth) 591 { 592 struct ktr_sysret *ktr = (struct ktr_sysret *)(kth + 1); 593 register_t ret = ktr->ktr_retval; 594 int error = ktr->ktr_error; 595 596 indent(50); 597 if (error == EJUSTRETURN) 598 wprintf(" JUSTRETURN"); 599 else if (error == ERESTART) 600 wprintf(" RESTART"); 601 else if (error) { 602 wprintf(" Err#%d", error); 603 if (error < MAXERRNOS && error >= -2) 604 wprintf(" %s", errnos[error].name); 605 } else 606 switch (ktr->ktr_code) { 607 case SYS_mmap: 608 wprintf(" = %p", (long)ret); 609 break; 610 default: 611 wprintf(" = %ld", (long)ret); 612 if (kth->ktr_len > offsetof(struct ktr_sysret, 613 ktr_retval_1) && ktr->ktr_retval_1 != 0) 614 wprintf(", %ld", (long)ktr->ktr_retval_1); 615 break; 616 } 617 } 618 619 void 620 ktrsysret(struct ktr_entry *kte) 621 { 622 struct ktr_header *kth = &kte->kte_kth; 623 struct ktr_sysret *ktr = (struct ktr_sysret *)(kth + 1); 624 struct ktr_entry *genio; 625 struct ktr_entry *syscall_ent; 626 627 dumpheader(kth); 628 629 /* Print syscall name and arguments. */ 630 syscall_ent = getpendq(kth, KTR_SYSCALL, NULL); 631 if (syscall_ent == NULL) 632 /* 633 * Possibilly a child of fork/vfork, or tracing of 634 * process started during system call. 635 */ 636 syscallnameprint(ktr->ktr_code); 637 else { 638 syscallprint(&syscall_ent->kte_kth); 639 free(syscall_ent); 640 } 641 642 /* Print return value and an error if any. */ 643 sysretprint(kth); 644 645 genio = getpendq(kth, KTR_GENIO, NULL); 646 if (genio != NULL) { 647 genioprint(&genio->kte_kth); 648 free(genio); 649 } 650 651 flushpendq(kte); 652 free(kte); 653 } 654 655 void 656 nameiprint(struct ktr_header *kth) 657 { 658 659 wprintf("\"%.*s\"", kth->ktr_len, (char *)(kth + 1)); 660 } 661 662 #ifdef notused 663 void 664 ktrnamei(struct ktr_entry *kte) 665 { 666 struct ktr_header *kth = &kte->kte_kth; 667 668 dumpheader(kth); 669 wprintf("namei("); 670 nameiprint(kth); 671 wprintf(")"); 672 673 free(kte); 674 } 675 #endif 676 677 void 678 ktremul(struct ktr_entry *kte) 679 { 680 struct ktr_header *kth = &kte->kte_kth; 681 char *emul = (char *)(kth + 1); 682 683 dumpheader(kth); 684 wprintf("emul(%s)", emul); 685 setemul(emul, kth->ktr_pid, 1); 686 687 free(kte); 688 } 689 690 void 691 genioprint(struct ktr_header *kth) 692 { 693 struct ktr_genio *ktr = (struct ktr_genio *)(kth + 1); 694 static int screenwidth = 0; 695 int datalen = kth->ktr_len - sizeof(struct ktr_genio); 696 /* 697 * Need to be unsigned type so that positive value is passed 698 * to vis(), which will call isgraph(). 699 */ 700 unsigned char *dp = (unsigned char *)(ktr + 1); 701 int w; 702 char visbuf[5]; 703 704 if (screenwidth == 0) { 705 struct winsize ws; 706 707 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && 708 ws.ws_col > 8) 709 screenwidth = ws.ws_col; 710 else 711 screenwidth = 80; 712 } 713 714 if (maxdata && datalen > maxdata) 715 datalen = maxdata; 716 newline(); 717 wprintf(" \""); 718 for (; datalen > 0; datalen--, dp++) { 719 (void) vis(visbuf, *dp, VIS_NL|VIS_TAB|VIS_CSTYLE, 720 /* We put NUL at the end of buffer when reading */ 721 *(dp + 1)); 722 visbuf[4] = '\0'; 723 w = strlen(visbuf); 724 if (width + w + 2 >= screenwidth) 725 break; 726 wprintf("%s", visbuf); 727 if (width + 2 >= screenwidth) 728 break; 729 } 730 wprintf("\""); 731 } 732 733 #ifdef notused 734 void 735 ktrgenio(struct ktr_entry *kte) 736 { 737 struct ktr_header *kth = &kte->kte_kth; 738 struct ktr_genio *ktr = (struct ktr_genio *)(kth + 1); 739 740 dumpheader(kth); 741 wprintf("genio fd %d %s", 742 ktr->ktr_fd, ktr->ktr_rw ? "write" : "read"); 743 genioprint(kth); 744 745 free(kte); 746 } 747 #endif 748 749 void 750 ktrpsig(struct ktr_entry *kte) 751 { 752 struct ktr_header *kth = &kte->kte_kth; 753 struct ktr_psig *psig = (struct ktr_psig *)(kth + 1); 754 755 dumpheader(kth); 756 wprintf("SIG%s ", sys_signame[psig->signo]); 757 if (psig->action == SIG_DFL) 758 wprintf("SIG_DFL"); 759 else { 760 wprintf("caught handler=0x%lx mask=0x%lx code=0x%x", 761 (u_long)psig->action, (unsigned long)psig->mask.__bits[0], 762 psig->code); 763 } 764 765 free(kte); 766 } 767 768 void 769 ktrcsw(struct ktr_entry *kte) 770 { 771 struct ktr_header *kth = &kte->kte_kth; 772 struct ktr_csw *cs = (struct ktr_csw *)(kth + 1); 773 774 dumpheader(kth); 775 wprintf("%s %s", cs->out ? "stop" : "resume", 776 cs->user ? "user" : "kernel"); 777 778 free(kte); 779 } 780