Commit Graph

135 Commits

Author SHA1 Message Date
Marcel Moolenaar
f235995090 Print integer-typed arguments as integers. This makes sure that
on 64-bit platforms the result is more reliable. For example,
-1 was previously printed as 0xffffffff.

Approved by: re (kensmith)
2007-07-28 23:18:39 +00:00
Marcel Moolenaar
2c02627ff8 Fix handling of Quad-type arguments. Previously, syscalls
containing 64-bit arguments would have explicit padding.
On 64-bit platforms there was no padding, so the dummy
argument was not covering anything. On 32-bit platforms
with weak alignment (i.e. i386) the 64-bit argument did
not need to be aligned, so there too an aditional argument
was introduced. On 32-bit platforms with strong alignment
(i.e. PowerPC) the dummy argument in fact cover the padding.
By elimininating the dummy argument, 64-bit platforms now
have 1 argument less. This also applies to 32-bit platforms
with weak alignment. On PowerPC this doesn't matter, because
the padding is still there. We just don't "name" it.
Deal with those 3 cases.

Approved by: re (kensmith)
2007-07-28 23:15:04 +00:00
Marcel Moolenaar
3e1b607837 Syscalls have at most 6 argument, not 5. See mmap(2) for example.
Previously the offset argument to mmap(2) would be bogus as we
weren't reading it in.

Approved by: re (kensmith)
2007-07-28 23:00:42 +00:00
Xin LI
ef29ac7f76 MFp4: Bugfixes for truss(1):
- Fix logic handling execve().  We will not be able to
   obtain information otherwise.
 - truss coredump [1].
 - truss does not work against itself [2].

PR:		bin/58970 [1], bin/45193 [2]
Submitted by:	Howard Su
Approved by:	re (kensmith)
2007-06-26 22:42:37 +00:00
Ruslan Ermilov
a688ea13f5 Don't want a stray systrace_args.c in objdir. 2007-05-22 10:36:12 +00:00
Giorgos Keramidas
42aff2e46d Remove duplicate ' 2' manpage section number.
Submitted by:	 Rui Paulo
MFC after:	 3 days
2007-05-21 20:33:51 +00:00
Xin LI
5d2d083c92 Make use of ptrace(2) instead of procfs in truss(1), eliminating
yet another need of an available /proc/ mount.

Tested with:	make universe
Submitted by:	howardsu
Reviewed by:	alfred
2007-04-10 04:03:34 +00:00
Ruslan Ermilov
353067fc31 Add missing markup bits. 2006-12-11 11:34:44 +00:00
Ruslan Ermilov
cb29445a92 Markup fixes. 2006-09-29 15:20:48 +00:00
Ruslan Ermilov
2d05c776ef Remove alpha-specific stuff. 2006-08-23 12:12:56 +00:00
Xin LI
1aeafe6572 Make sure that the sc pointer gets initialized. No functional change
should happen with this change.
2006-07-26 08:58:00 +00:00
Pav Lucistnik
e4dfa7fd78 - Fix warning when compiling with -DDEBUG
Approved by:	alfred
2006-05-15 22:09:45 +00:00
Pav Lucistnik
081e5c4890 - Add decoding of kse_release, kevent, sigprocmask, unmount, socket, getrusage,
rename, __getcwd, shutdown, getrlimit, setrlimit, _umtx_lock, _umtx_unlock,
  pathconf, truncate, ftruncate, kill

- Decode more arguments of open, mprot, *stat, and fcntl.

- Convert all constant-macro and bitfield decoding to lookup tables; much
  cleaner than previous code.

- Print the timestamp of process exit and signal reception when -d or -D are in
  use

- Try six times with 1/2 second delay to debug the child

PR:		bin/52190 (updated)
Submitted by:	Dan Nelson <dnelson@allantgroup.com>
Approved by:	alfred
2006-05-15 21:18:28 +00:00
Pav Lucistnik
1675c32154 - Fix crash when hitting unknown syscall. Copied from i386-fbsd.c
Approved by:	alfred
2006-05-15 21:03:02 +00:00
Peter Grehan
7fa9dc1c36 Add powerpc support for truss.
Initial work by:  Orlando Bassotto  < orlando at break net >
Modified by:	  grehan
2006-01-05 05:57:47 +00:00
Brian Somers
0cf21b4f58 Add a -s flag for the same functionality as strace. Introduce a Name
type which is a String type that has no -s limitations applied to it.
Change most Strings in the code to Names and add a few extra syscalls,
namely munmap, read, rename and symlink.  This was enough to facilitate
following file descriptor allocations in the code more easily and
getting a hint at what's being read/written from/to files.  More
syscalls should really be added.

While here, fix an off-by-one bug in the buffer truncation code and
add a fflush so that truss's output reflects the syscall that the
program is stuck in.

Sponsored by:	Sophos/Activestate
MFC after:	2 weeks
2006-01-02 08:36:25 +00:00
Alfred Perlstein
6a6567612d The kernel accepts sockaddrs with len set to zero for sockaddr_in
types, so refactor the code here to grab them when length is zero.
2005-10-15 06:17:29 +00:00
Giorgos Keramidas
6fb9b618f5 Fix all the spelling mistakes I could find in the man pages for words
that have at least 3 characters.

MFC after:	1 week
Thanks to:	Music band ``Chingon''
		for keeping me company while searching for these.
2005-07-31 03:30:48 +00:00
Alfred Perlstein
3969f0fa13 Decode chroot(2) args.
Approved by: re
2005-06-14 21:51:08 +00:00
Alfred Perlstein
dfafebf72e decode utimes, lutimes, futimes, chflags, lchflags. 2005-05-26 22:49:06 +00:00
Alfred Perlstein
42af4f5099 decode mkdir args. 2005-05-26 20:06:57 +00:00
Alfred Perlstein
72aa911a29 When doing the initial open of the proc via procfs, complain if we are
unable to open the /proc/pid/mem file.  Otherwise doing a truss on
a nonexistant pid makes us return success even though no such process
exists.
2005-03-27 12:53:25 +00:00
Alfred Perlstein
5321ae8649 I've been working on this somewhat so I'm moving the
parts I'm touching to be as style(9) compliant as I can.
2005-03-27 12:47:04 +00:00
Alfred Perlstein
9c6519b0a2 Change fix a bug where the length of data written by snprintf was
being mishandled by using accumulation (into an uninitialized
variable) instead of direct assignment.

Reviewed by: scottl
2005-03-03 17:20:36 +00:00
Ruslan Ermilov
a35d88931c For variables that are only checked with defined(), don't provide
any fake value.
2004-10-24 15:33:08 +00:00
Dima Dorfman
399f52f868 Improve markup and language. 2004-09-07 13:22:28 +00:00
Marcel Moolenaar
10aeefc913 Fix Quad handling on 64-bit architectures. On 64-bit machines, a Quad
also occupies a single slot. There's no need for any special handling
of Quads. While here, remove the silly make_quad() function. We have
the 2 longs on 32-bit machines already lined up in the argument array,
so we can fetch the Quad with a simple cast.

Before:
  lseek(1,0x123456789,0xd0d0d0d0d0d0d0d0) = 4886718345 (0x123456789)
After:
  lseek(1,0x123456789,SEEK_SET)           = 4886718345 (0x123456789)
2004-09-05 05:27:30 +00:00
Alfred Perlstein
18858a0704 Update doc dates.
Pointed out by: ru
2004-09-03 18:56:59 +00:00
Alfred Perlstein
4bcd2254f3 xref and give a hint as to what procctl can be used for. 2004-09-03 17:52:55 +00:00
Alfred Perlstein
d10f73b311 don't seg if the syscall is invalid for i386fbsd. 2004-08-08 23:29:36 +00:00
Stefan Farfeleder
14cc87e479 Use the length modifier 'll' instead of 'q' to print long longs. 2004-07-28 16:03:13 +00:00
Alfred Perlstein
2bae4eb308 Support readlink(2) better. Readlink does not nul terminate the
result buffer, so we need to format it ourselves.  The problem is
that the length is stored as the return value from readlink, so we
need to pass the return value from our syscall into print_arg.

Motivated by: truss garbage on my screen from reading /etc/malloc.conf.
2004-07-17 19:48:49 +00:00
Alfred Perlstein
d75300bfa5 When reporting reciept of a signal, print the signal's name. 2004-07-17 19:19:36 +00:00
Alfred Perlstein
fde3a7d1e9 Decode the "wence" arg to lseek and linux_lseek. 2004-07-10 09:23:53 +00:00
Bruce M Simpson
63fb96902c Fix unterminated RCSID.
Submitted by:	Liam J. Foy
2004-06-13 18:06:49 +00:00
David Malone
a5d31d1631 A first stab at truss support for amd64, basically cogged from i386.
It seems to work in my limited tests.
2004-06-12 22:49:06 +00:00
Poul-Henning Kamp
01b8b4dc80 COMPAT_SUNOS is gone. 2004-06-11 11:58:07 +00:00
David Malone
e45a5a0d08 Add support for decoding Timespec, Timeval, Itimerval, Pollfd,
Fd_set and Sigaction structures. Use these for printing the arguments
to sigaction(), nanosleep(), select(), poll(), gettimeofday(),
clock_gettime(), recvfrom(), getitimer() and setitimer().

This is based on Dan's patch from the PR but I've hacked it for
style and some other issues. While Dan has checked this patch, any
goofs are probably my fault.

(The PR also contains support for the dual return values of pipe().
These will follow once I've ported that support to platforms other
than i386.)

PR:		52190
Submitted by:	Dan Nelson <dnelson@allantgroup.com>
2004-03-23 12:37:02 +00:00
David Malone
b637237cba Use pread to implement pread, rather than taking a detour throug stdio.
PR:		52190
Submitted by:	Dan Nelson <dnelson@allantgroup.com>
2004-03-23 12:29:17 +00:00
Alfred Perlstein
5214320f76 decode mprotect args while i'm here. 2004-03-23 09:16:18 +00:00
Alfred Perlstein
894b8f7afb decode fcntl and mmap arguments. 2004-03-23 09:04:06 +00:00
David Malone
1bc99f1144 Move declarations of Procfd to a header file. 2004-01-07 14:29:45 +00:00
David Malone
9b83b9f75c Fix a printf format warning. 2004-01-07 14:27:30 +00:00
Martin Cracauer
5cdf6a132b Fix signal behaviour.
In my last change I made sure that the signal as reported from a truss
exit is the same as if truss wasn't between parent and trussed
program.  I was smart enough to not have it coredump on SIGQUIT but it
didn't ocur to me SIGSEGV might cause a coredump, too :-)

So get rid of SIGQUIT extra hack and limit coredumpsize to zero
instead.

Tested: still works, correct signal reported.  No more codedumps from
SIGSEGV in the trussed proces.  This file compiles cleanly on AMD64
(sledge).

PR:
Submitted by:
Reviewed by:
Approved by:
Obtained from:
MFC after:
2003-12-28 01:20:03 +00:00
Marcel Moolenaar
4e92419dcd Do not ignore any possible errors that fseeko() may have. The fact
is that fseeko() fails in very predictable and frequent ways on ia64.
This is because the offset is actually an address in the process'
address space, which on ia64 can be larger than long (for lseek) or
off_t (for fseeko). The crux is the signedness. The register stack
and memory stack are in region 4 on ia64. This means that the sign bit
is 1. The large positive virtual address is wrongly interpreted as
a negative file offset.

There's no quick fix. Even if you get around the API by using a
SEEK_SET up to LONG_MAX and follow it up with a SEEK_CUR for the
remainder, the kernel simply cannot deal with it. and the second
seek will just fail.

Therefore, this change does not actually fix the root cause. It just
makes sure we're not spitting out all kinds of garbage or that the
get_struct() function in particular does not cause truss(1) to exit.
This, I might add, invariably happened way too soon for truss(1) to
be of any use on ia64...
2003-11-13 09:04:24 +00:00
Marcel Moolenaar
1bcb5f5a96 Port truss(1) to 64-bit architectures:
o  Syscall return values do not fit in int on 64-bit architectures.
   Change the type of retval in <arch>_syscall_exit() to long and
   change the prototype of said function to return a long as well.
o  Change the prototype of print_syscall_ret() to take a long for
   the return address and change the format string accordingly.
o  Replace the code sequence
	tmp = malloc(X);
	sprintf(tmp, format, ...);
   with X by definition too small on 64-bit platforms by
        asprintf(&tmp, format, ...);

With these changes the output makes sense again, although it does
mess up the tabulation on ia64. Go widescreen...

Not tested on: alpha, sparc64.
2003-11-09 03:48:13 +00:00
Marcel Moolenaar
a7a08c7e63 Fix truss so that it doesn't abort/exit when a syscall has been given
a NULL-pointer for a sockaddr argument.
2003-10-27 06:50:57 +00:00
Philippe Charnier
b956c13cfe Add FBSDID. Do not \n terminate warnx() argument. fprint() -> warnx(). 2003-09-07 15:50:43 +00:00
Dag-Erling Smørgrav
99d1300607 send() and recv() are just wrappers, not actual syscalls. 2003-08-05 19:34:36 +00:00
Dag-Erling Smørgrav
9b2f78c553 Add recv(2), recvfrom(2), send(2) and sendfrom(2). 2003-08-05 10:45:06 +00:00