svn commit: r288424 - head/usr.bin/truss
John Baldwin
jhb at FreeBSD.org
Wed Sep 30 19:13:34 UTC 2015
Author: jhb
Date: Wed Sep 30 19:13:32 2015
New Revision: 288424
URL: https://svnweb.freebsd.org/changeset/base/288424
Log:
Several changes to truss.
- Refactor the interface between the ABI-independent code and the
ABI-specific backends. The backends now provide smaller hooks to
fetch system call arguments and return values. The rest of the
system call entry and exit handling that was previously duplicated
among all the backends has been moved to one place.
- Merge the loop when waiting for an event with the loop for handling stops.
This also means not emulating a procfs-like interface on top of ptrace().
Instead, use a single event loop that fetches process events via waitid().
Among other things this allows us to report the full 32-bit exit value.
- Use PT_FOLLOW_FORK to follow new child processes instead of forking a new
truss process for each new child. This allows one truss process to monitor
a tree of processes and truss -c should now display one total for the
entire tree instead of separate summaries per process.
- Use the recently added fields to ptrace_lwpinfo to determine the current
system call number and argument count. The latter is especially useful
and fixes a regression since the conversion from procfs. truss now
generally prints the correct number of arguments for most system calls
rather than printing extra arguments for any call not listed in the
table in syscalls.c.
- Actually check the new ABI when processes call exec. The comments claimed
that this happened but it was not being done (perhaps this was another
regression in the conversion to ptrace()). If the new ABI after exec
is not supported, truss detaches from the process. If truss does not
support the ABI for a newly executed process the process is killed
before it returns from exec.
- Along with the refactor, teach the various ABI-specific backends to
fetch both return values, not just the first. Use this to properly
report the full 64-bit return value from lseek(). In addition, the
handler for "pipe" now pulls the pair of descriptors out of the
return values (which is the true kernel system call interface) but
displays them as an argument (which matches the interface exported by
libc).
- Each ABI handler adds entries to a linker set rather than requiring
a statically defined table of handlers in main.c.
- The arm and mips system call fetching code was changed to follow the
same pattern as amd64 (and the in-kernel handler) of fetching register
arguments first and then reading any remaining arguments from the
stack. This should fix indirect system call arguments on at least
arm.
- The mipsn32 and n64 ABIs will now look for arguments in A4 through A7.
- Use register %ebp for the 6th system call argument for Linux/i386 ABIs
to match the in-kernel argument fetch code.
- For powerpc binaries on a powerpc64 system, fetch the extra arguments
on the stack as 32-bit values that are then copied into the 64-bit
argument array instead of reading the 32-bit values directly into the
64-bit array.
Reviewed by: kib (earlier version)
Tested on: amd64 (FreeBSD/amd64 & i386), i386, arm (earlier version)
Tested on: powerpc64 (FreeBSD/powerpc64 & powerpc)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D3575
Modified:
head/usr.bin/truss/amd64-fbsd.c
head/usr.bin/truss/amd64-fbsd32.c
head/usr.bin/truss/amd64-linux32.c
head/usr.bin/truss/arm-fbsd.c
head/usr.bin/truss/extern.h
head/usr.bin/truss/i386-fbsd.c
head/usr.bin/truss/i386-linux.c
head/usr.bin/truss/main.c
head/usr.bin/truss/mips-fbsd.c
head/usr.bin/truss/powerpc-fbsd.c
head/usr.bin/truss/powerpc64-fbsd.c
head/usr.bin/truss/setup.c
head/usr.bin/truss/sparc64-fbsd.c
head/usr.bin/truss/syscall.h
head/usr.bin/truss/syscalls.c
head/usr.bin/truss/truss.h
Modified: head/usr.bin/truss/amd64-fbsd.c
==============================================================================
--- head/usr.bin/truss/amd64-fbsd.c Wed Sep 30 17:43:02 2015 (r288423)
+++ head/usr.bin/truss/amd64-fbsd.c Wed Sep 30 19:13:32 2015 (r288424)
@@ -29,290 +29,103 @@
* SUCH DAMAGE.
*/
-#ifndef lint
-static const char rcsid[] =
- "$FreeBSD$";
-#endif /* not lint */
-
-/*
- * FreeBSD/amd64-specific system call handling. This is probably the most
- * complex part of the entire truss program, although I've got lots of
- * it handled relatively cleanly now. The system call names are generated
- * automatically, thanks to /usr/src/sys/kern/syscalls.master. The
- * names used for the various structures are confusing, I sadly admit.
- */
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+/* FreeBSD/amd64-specific system call handling. */
-#include <sys/types.h>
#include <sys/ptrace.h>
#include <sys/syscall.h>
#include <machine/reg.h>
#include <machine/psl.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <signal.h>
#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include <unistd.h>
#include "truss.h"
-#include "syscall.h"
-#include "extern.h"
#include "syscalls.h"
-static int nsyscalls = nitems(syscallnames);
-
-/*
- * This is what this particular file uses to keep track of a system call.
- * It is probably not quite sufficient -- I can probably use the same
- * structure for the various syscall personalities, and I also probably
- * need to nest system calls (for signal handlers).
- *
- * 'struct syscall' describes the system call; it may be NULL, however,
- * if we don't know about this particular system call yet.
- */
-struct freebsd_syscall {
- struct syscall *sc;
- const char *name;
- int number;
- unsigned long *args;
- int nargs; /* number of arguments -- *not* number of words! */
- char **s_args; /* the printable arguments */
-};
-
-static struct freebsd_syscall *
-alloc_fsc(void)
-{
-
- return (malloc(sizeof(struct freebsd_syscall)));
-}
-
-/* Clear up and free parts of the fsc structure. */
-static void
-free_fsc(struct freebsd_syscall *fsc)
-{
- int i;
-
- free(fsc->args);
- if (fsc->s_args) {
- for (i = 0; i < fsc->nargs; i++)
- free(fsc->s_args[i]);
- free(fsc->s_args);
- }
- free(fsc);
-}
-
-/*
- * Called when a process has entered a system call. nargs is the
- * number of words, not number of arguments (a necessary distinction
- * in some cases). Note that if the STOPEVENT() code in amd64/amd64/trap.c
- * is ever changed these functions need to keep up.
- */
-
-void
-amd64_syscall_entry(struct trussinfo *trussinfo, int nargs)
+static int
+amd64_fetch_args(struct trussinfo *trussinfo, u_int narg)
{
struct ptrace_io_desc iorequest;
struct reg regs;
- struct freebsd_syscall *fsc;
- struct syscall *sc;
+ struct current_syscall *cs;
lwpid_t tid;
- int i, reg, syscall_num;
+ u_int i, reg;
tid = trussinfo->curthread->tid;
-
+ cs = &trussinfo->curthread->cs;
if (ptrace(PT_GETREGS, tid, (caddr_t)®s, 0) < 0) {
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
- return;
+ return (-1);
}
/*
- * FreeBSD has two special kinds of system call redirctions --
+ * FreeBSD has two special kinds of system call redirections --
* SYS_syscall, and SYS___syscall. The former is the old syscall()
* routine, basically; the latter is for quad-aligned arguments.
+ *
+ * The system call argument count and code from ptrace() already
+ * account for these, but we need to skip over %rax if it contains
+ * either of these values.
*/
reg = 0;
- syscall_num = regs.r_rax;
- switch (syscall_num) {
+ switch (regs.r_rax) {
case SYS_syscall:
case SYS___syscall:
- syscall_num = regs.r_rdi;
reg++;
break;
}
- fsc = alloc_fsc();
- if (fsc == NULL)
- return;
- fsc->number = syscall_num;
- fsc->name = (syscall_num < 0 || syscall_num >= nsyscalls) ?
- NULL : syscallnames[syscall_num];
- if (!fsc->name) {
- fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n",
- syscall_num);
- }
-
- if (fsc->name && (trussinfo->flags & FOLLOWFORKS) &&
- (strcmp(fsc->name, "fork") == 0 ||
- strcmp(fsc->name, "pdfork") == 0 ||
- strcmp(fsc->name, "rfork") == 0 ||
- strcmp(fsc->name, "vfork") == 0))
- trussinfo->curthread->in_fork = 1;
-
- if (nargs == 0)
- return;
-
- fsc->args = malloc((1 + nargs) * sizeof(unsigned long));
- for (i = 0; i < nargs && reg < 6; i++, reg++) {
+ for (i = 0; i < narg && reg < 6; i++, reg++) {
switch (reg) {
- case 0: fsc->args[i] = regs.r_rdi; break;
- case 1: fsc->args[i] = regs.r_rsi; break;
- case 2: fsc->args[i] = regs.r_rdx; break;
- case 3: fsc->args[i] = regs.r_rcx; break;
- case 4: fsc->args[i] = regs.r_r8; break;
- case 5: fsc->args[i] = regs.r_r9; break;
+ case 0: cs->args[i] = regs.r_rdi; break;
+ case 1: cs->args[i] = regs.r_rsi; break;
+ case 2: cs->args[i] = regs.r_rdx; break;
+ case 3: cs->args[i] = regs.r_rcx; break;
+ case 4: cs->args[i] = regs.r_r8; break;
+ case 5: cs->args[i] = regs.r_r9; break;
}
}
- if (nargs > i) {
+ if (narg > i) {
iorequest.piod_op = PIOD_READ_D;
iorequest.piod_offs = (void *)(regs.r_rsp + sizeof(register_t));
- iorequest.piod_addr = &fsc->args[i];
- iorequest.piod_len = (nargs - i) * sizeof(register_t);
+ iorequest.piod_addr = &cs->args[i];
+ iorequest.piod_len = (narg - i) * sizeof(register_t);
ptrace(PT_IO, tid, (caddr_t)&iorequest, 0);
if (iorequest.piod_len == 0)
- return;
+ return (-1);
}
- sc = get_syscall(fsc->name);
- if (sc)
- fsc->nargs = sc->nargs;
- else {
-#if DEBUG
- fprintf(trussinfo->outfile, "unknown syscall %s -- setting "
- "args to %d\n", fsc->name, nargs);
-#endif
- fsc->nargs = nargs;
- }
-
- fsc->s_args = calloc(1, (1 + fsc->nargs) * sizeof(char *));
- fsc->sc = sc;
-
- /*
- * At this point, we set up the system call arguments.
- * We ignore any OUT ones, however -- those are arguments that
- * are set by the system call, and so are probably meaningless
- * now. This doesn't currently support arguments that are
- * passed in *and* out, however.
- */
-
- if (fsc->name) {
-#if DEBUG
- fprintf(stderr, "syscall %s(", fsc->name);
-#endif
- for (i = 0; i < fsc->nargs; i++) {
-#if DEBUG
- fprintf(stderr, "0x%lx%s", sc ?
- fsc->args[sc->args[i].offset] : fsc->args[i],
- i < (fsc->nargs - 1) ? "," : "");
-#endif
- if (sc && !(sc->args[i].type & OUT)) {
- fsc->s_args[i] = print_arg(&sc->args[i],
- fsc->args, 0, trussinfo);
- }
- }
-#if DEBUG
- fprintf(stderr, ")\n");
-#endif
- }
-
-#if DEBUG
- fprintf(trussinfo->outfile, "\n");
-#endif
-
- trussinfo->curthread->fsc = fsc;
+ return (0);
}
-/*
- * And when the system call is done, we handle it here.
- * Currently, no attempt is made to ensure that the system calls
- * match -- this needs to be fixed (and is, in fact, why S_SCX includes
- * the system call number instead of, say, an error status).
- */
-
-long
-amd64_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused)
+static int
+amd64_fetch_retval(struct trussinfo *trussinfo, long *retval, int *errorp)
{
struct reg regs;
- struct freebsd_syscall *fsc;
- struct syscall *sc;
lwpid_t tid;
- long retval;
- int errorp, i;
-
- if (trussinfo->curthread->fsc == NULL)
- return (-1);
tid = trussinfo->curthread->tid;
-
if (ptrace(PT_GETREGS, tid, (caddr_t)®s, 0) < 0) {
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return (-1);
}
- retval = regs.r_rax;
- errorp = !!(regs.r_rflags & PSL_C);
-
- /*
- * This code, while simpler than the initial versions I used, could
- * stand some significant cleaning.
- */
-
- fsc = trussinfo->curthread->fsc;
- sc = fsc->sc;
- if (!sc) {
- for (i = 0; i < fsc->nargs; i++)
- asprintf(&fsc->s_args[i], "0x%lx", fsc->args[i]);
- } else {
- /*
- * Here, we only look for arguments that have OUT masked in --
- * otherwise, they were handled in the syscall_entry function.
- */
- for (i = 0; i < sc->nargs; i++) {
- char *temp;
-
- if (sc->args[i].type & OUT) {
- /*
- * If an error occurred, then don't bother
- * getting the data; it may not be valid.
- */
- if (errorp) {
- asprintf(&temp, "0x%lx",
- fsc->args[sc->args[i].offset]);
- } else {
- temp = print_arg(&sc->args[i],
- fsc->args, retval, trussinfo);
- }
- fsc->s_args[i] = temp;
- }
- }
- }
-
- if (fsc->name != NULL && (strcmp(fsc->name, "execve") == 0 ||
- strcmp(fsc->name, "exit") == 0))
- trussinfo->curthread->in_syscall = 1;
-
- /*
- * It would probably be a good idea to merge the error handling,
- * but that complicates things considerably.
- */
+ retval[0] = regs.r_rax;
+ retval[1] = regs.r_rdx;
+ *errorp = !!(regs.r_rflags & PSL_C);
+ return (0);
+}
- print_syscall_ret(trussinfo, fsc->name, fsc->nargs, fsc->s_args, errorp,
- retval, fsc->sc);
- free_fsc(fsc);
+static struct procabi amd64_fbsd = {
+ "FreeBSD ELF64",
+ syscallnames,
+ nitems(syscallnames),
+ amd64_fetch_args,
+ amd64_fetch_retval
+};
- return (retval);
-}
+PROCABI(amd64_fbsd);
Modified: head/usr.bin/truss/amd64-fbsd32.c
==============================================================================
--- head/usr.bin/truss/amd64-fbsd32.c Wed Sep 30 17:43:02 2015 (r288423)
+++ head/usr.bin/truss/amd64-fbsd32.c Wed Sep 30 19:13:32 2015 (r288424)
@@ -29,290 +29,109 @@
* SUCH DAMAGE.
*/
-#ifndef lint
-static const char rcsid[] =
- "$FreeBSD$";
-#endif /* not lint */
-
-/*
- * FreeBSD/i386-specific system call handling. This is probably the most
- * complex part of the entire truss program, although I've got lots of
- * it handled relatively cleanly now. The system call names are generated
- * automatically, thanks to /usr/src/sys/kern/syscalls.master. The
- * names used for the various structures are confusing, I sadly admit.
- */
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+/* FreeBSD/i386-specific system call handling. */
-#include <sys/types.h>
#include <sys/ptrace.h>
#include <sys/syscall.h>
#include <machine/reg.h>
#include <machine/psl.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include <unistd.h>
#include "truss.h"
-#include "syscall.h"
-#include "extern.h"
#include "freebsd32_syscalls.h"
-static int nsyscalls = nitems(freebsd32_syscallnames);
-
-/*
- * This is what this particular file uses to keep track of a system call.
- * It is probably not quite sufficient -- I can probably use the same
- * structure for the various syscall personalities, and I also probably
- * need to nest system calls (for signal handlers).
- *
- * 'struct syscall' describes the system call; it may be NULL, however,
- * if we don't know about this particular system call yet.
- */
-struct freebsd32_syscall {
- struct syscall *sc;
- const char *name;
- int number;
- unsigned long *args;
- unsigned int *args32;
- int nargs; /* number of arguments -- *not* number of words! */
- char **s_args; /* the printable arguments */
-};
-
-static struct freebsd32_syscall *
-alloc_fsc(void)
-{
-
- return (malloc(sizeof(struct freebsd32_syscall)));
-}
-
-/* Clear up and free parts of the fsc structure. */
-static void
-free_fsc(struct freebsd32_syscall *fsc)
-{
- int i;
-
- free(fsc->args);
- free(fsc->args32);
- if (fsc->s_args) {
- for (i = 0; i < fsc->nargs; i++)
- free(fsc->s_args[i]);
- free(fsc->s_args);
- }
- free(fsc);
-}
-
-/*
- * Called when a process has entered a system call. nargs is the
- * number of words, not number of arguments (a necessary distinction
- * in some cases). Note that if the STOPEVENT() code in i386/i386/trap.c
- * is ever changed these functions need to keep up.
- */
-
-void
-amd64_fbsd32_syscall_entry(struct trussinfo *trussinfo, int nargs)
+static int
+amd64_fbsd32_fetch_args(struct trussinfo *trussinfo, u_int narg)
{
struct ptrace_io_desc iorequest;
struct reg regs;
- struct freebsd32_syscall *fsc;
- struct syscall *sc;
- lwpid_t tid;
+ struct current_syscall *cs;
+ unsigned int args32[narg];
unsigned long parm_offset;
- int i, syscall_num;
+ lwpid_t tid;
+ u_int i;
tid = trussinfo->curthread->tid;
-
+ cs = &trussinfo->curthread->cs;
if (ptrace(PT_GETREGS, tid, (caddr_t)®s, 0) < 0) {
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
- return;
+ return (-1);
}
parm_offset = regs.r_rsp + sizeof(int);
/*
- * FreeBSD has two special kinds of system call redirctions --
+ * FreeBSD has two special kinds of system call redirections --
* SYS_syscall, and SYS___syscall. The former is the old syscall()
* routine, basically; the latter is for quad-aligned arguments.
+ *
+ * The system call argument count and code from ptrace() already
+ * account for these, but we need to skip over the first argument.
*/
- syscall_num = regs.r_rax;
- switch (syscall_num) {
+ switch (regs.r_rax) {
case SYS_syscall:
- syscall_num = ptrace(PT_READ_D, tid, (caddr_t)parm_offset, 0);
parm_offset += sizeof(int);
break;
case SYS___syscall:
- syscall_num = ptrace(PT_READ_D, tid, (caddr_t)parm_offset, 0);
parm_offset += sizeof(quad_t);
break;
}
- fsc = alloc_fsc();
- if (fsc == NULL)
- return;
- fsc->number = syscall_num;
- fsc->name = (syscall_num < 0 || syscall_num >= nsyscalls) ?
- NULL : freebsd32_syscallnames[syscall_num];
- if (!fsc->name) {
- fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n",
- syscall_num);
- }
-
- if (fsc->name && (trussinfo->flags & FOLLOWFORKS) &&
- (strcmp(fsc->name, "fork") == 0 ||
- strcmp(fsc->name, "pdfork") == 0 ||
- strcmp(fsc->name, "rfork") == 0 ||
- strcmp(fsc->name, "vfork") == 0))
- trussinfo->curthread->in_fork = 1;
-
- if (nargs == 0)
- return;
-
- fsc->args32 = malloc((1 + nargs) * sizeof(unsigned int));
iorequest.piod_op = PIOD_READ_D;
iorequest.piod_offs = (void *)parm_offset;
- iorequest.piod_addr = fsc->args32;
- iorequest.piod_len = (1 + nargs) * sizeof(unsigned int);
+ iorequest.piod_addr = args32;
+ iorequest.piod_len = sizeof(args32);
ptrace(PT_IO, tid, (caddr_t)&iorequest, 0);
- if (iorequest.piod_len == 0)
- return;
-
- fsc->args = malloc((1 + nargs) * sizeof(unsigned long));
- for (i = 0; i < nargs + 1; i++)
- fsc->args[i] = fsc->args32[i];
-
- sc = NULL;
- if (fsc->name)
- sc = get_syscall(fsc->name);
- if (sc)
- fsc->nargs = sc->nargs;
- else {
-#if DEBUG
- fprintf(trussinfo->outfile, "unknown syscall %s -- setting "
- "args to %d\n", fsc->name, nargs);
-#endif
- fsc->nargs = nargs;
- }
-
- fsc->s_args = calloc(1, (1 + fsc->nargs) * sizeof(char *));
- fsc->sc = sc;
-
- /*
- * At this point, we set up the system call arguments.
- * We ignore any OUT ones, however -- those are arguments that
- * are set by the system call, and so are probably meaningless
- * now. This doesn't currently support arguments that are
- * passed in *and* out, however.
- */
-
- if (fsc->name) {
-#if DEBUG
- fprintf(stderr, "syscall %s(", fsc->name);
-#endif
- for (i = 0; i < fsc->nargs; i++) {
-#if DEBUG
- fprintf(stderr, "0x%x%s", sc ?
- fsc->args[sc->args[i].offset] : fsc->args[i],
- i < (fsc->nargs - 1) ? "," : "");
-#endif
- if (sc && !(sc->args[i].type & OUT)) {
- fsc->s_args[i] = print_arg(&sc->args[i],
- fsc->args, 0, trussinfo);
- }
- }
-#if DEBUG
- fprintf(stderr, ")\n");
-#endif
+ if (iorequest.piod_len == 0) {
+ return (-1);
}
-#if DEBUG
- fprintf(trussinfo->outfile, "\n");
-#endif
-
- trussinfo->curthread->fsc = fsc;
+ for (i = 0; i < narg; i++)
+ cs->args[i] = args32[i];
+ return (0);
}
-/*
- * And when the system call is done, we handle it here.
- * Currently, no attempt is made to ensure that the system calls
- * match -- this needs to be fixed (and is, in fact, why S_SCX includes
- * the system call number instead of, say, an error status).
- */
-
-long
-amd64_fbsd32_syscall_exit(struct trussinfo *trussinfo, int syscall_num __unused)
+static int
+amd64_fbsd32_fetch_retval(struct trussinfo *trussinfo, long *retval,
+ int *errorp)
{
struct reg regs;
- struct freebsd32_syscall *fsc;
- struct syscall *sc;
lwpid_t tid;
- long retval;
- int errorp, i;
-
- if (trussinfo->curthread->fsc == NULL)
- return (-1);
tid = trussinfo->curthread->tid;
-
if (ptrace(PT_GETREGS, tid, (caddr_t)®s, 0) < 0) {
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return (-1);
}
- retval = regs.r_rax;
- errorp = !!(regs.r_rflags & PSL_C);
-
- /*
- * This code, while simpler than the initial versions I used, could
- * stand some significant cleaning.
- */
-
- fsc = trussinfo->curthread->fsc;
- sc = fsc->sc;
- if (!sc) {
- for (i = 0; i < fsc->nargs; i++)
- asprintf(&fsc->s_args[i], "0x%lx", fsc->args[i]);
- } else {
- /*
- * Here, we only look for arguments that have OUT masked in --
- * otherwise, they were handled in the syscall_entry function.
- */
- for (i = 0; i < sc->nargs; i++) {
- char *temp;
-
- if (sc->args[i].type & OUT) {
- /*
- * If an error occurred, then don't bother
- * getting the data; it may not be valid.
- */
- if (errorp) {
- asprintf(&temp, "0x%lx",
- fsc->args[sc->args[i].offset]);
- } else {
- temp = print_arg(&sc->args[i],
- fsc->args, retval, trussinfo);
- }
- fsc->s_args[i] = temp;
- }
- }
- }
+ retval[0] = regs.r_rax & 0xffffffff;
+ retval[1] = regs.r_rdx & 0xffffffff;
+ *errorp = !!(regs.r_rflags & PSL_C);
+ return (0);
+}
- if (fsc->name != NULL && (strcmp(fsc->name, "freebsd32_execve") == 0 ||
- strcmp(fsc->name, "exit") == 0))
- trussinfo->curthread->in_syscall = 1;
+static struct procabi amd64_fbsd32 = {
+ "FreeBSD ELF32",
+ freebsd32_syscallnames,
+ nitems(freebsd32_syscallnames),
+ amd64_fbsd32_fetch_args,
+ amd64_fbsd32_fetch_retval
+};
- /*
- * It would probably be a good idea to merge the error handling,
- * but that complicates things considerably.
- */
+PROCABI(amd64_fbsd32);
- print_syscall_ret(trussinfo, fsc->name, fsc->nargs, fsc->s_args, errorp,
- retval, fsc->sc);
- free_fsc(fsc);
+static struct procabi amd64_fbsd32_aout = {
+ "FreeBSD a.out",
+ freebsd32_syscallnames,
+ nitems(freebsd32_syscallnames),
+ amd64_fbsd32_fetch_args,
+ amd64_fbsd32_fetch_retval
+};
- return (retval);
-}
+PROCABI(amd64_fbsd32_aout);
Modified: head/usr.bin/truss/amd64-linux32.c
==============================================================================
--- head/usr.bin/truss/amd64-linux32.c Wed Sep 30 17:43:02 2015 (r288423)
+++ head/usr.bin/truss/amd64-linux32.c Wed Sep 30 19:13:32 2015 (r288424)
@@ -29,123 +29,36 @@
* SUCH DAMAGE.
*/
-#ifndef lint
-static const char rcsid[] =
- "$FreeBSD$";
-#endif /* not lint */
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
-/*
- * Linux/i386-specific system call handling. Given how much of this code
- * is taken from the freebsd equivalent, I can probably put even more of
- * it in support routines that can be used by any personality support.
- */
+/* Linux/i386-specific system call handling. */
-#include <sys/types.h>
#include <sys/ptrace.h>
#include <machine/reg.h>
#include <machine/psl.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <signal.h>
#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include <unistd.h>
#include "truss.h"
-#include "syscall.h"
-#include "extern.h"
#include "linux32_syscalls.h"
-static int nsyscalls = nitems(linux32_syscallnames);
-
-/*
- * This is what this particular file uses to keep track of a system call.
- * It is probably not quite sufficient -- I can probably use the same
- * structure for the various syscall personalities, and I also probably
- * need to nest system calls (for signal handlers).
- *
- * 'struct syscall' describes the system call; it may be NULL, however,
- * if we don't know about this particular system call yet.
- */
-struct linux_syscall {
- struct syscall *sc;
- const char *name;
- int number;
- unsigned long args[5];
- int nargs; /* number of arguments -- *not* number of words! */
- char **s_args; /* the printable arguments */
-};
-
-static struct linux_syscall *
-alloc_fsc(void)
-{
-
- return (malloc(sizeof(struct linux_syscall)));
-}
-
-/* Clear up and free parts of the fsc structure. */
-static void
-free_fsc(struct linux_syscall *fsc)
-{
- int i;
-
- if (fsc->s_args) {
- for (i = 0; i < fsc->nargs; i++)
- free(fsc->s_args[i]);
- free(fsc->s_args);
- }
- free(fsc);
-}
-
-/*
- * Called when a process has entered a system call. nargs is the
- * number of words, not number of arguments (a necessary distinction
- * in some cases). Note that if the STOPEVENT() code in i386/i386/trap.c
- * is ever changed these functions need to keep up.
- */
-
-void
-amd64_linux32_syscall_entry(struct trussinfo *trussinfo, int nargs)
+static int
+amd64_linux32_fetch_args(struct trussinfo *trussinfo, u_int narg)
{
struct reg regs;
- struct linux_syscall *fsc;
- struct syscall *sc;
+ struct current_syscall *cs;
lwpid_t tid;
- int i, syscall_num;
tid = trussinfo->curthread->tid;
-
+ cs = &trussinfo->curthread->cs;
if (ptrace(PT_GETREGS, tid, (caddr_t)®s, 0) < 0) {
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
- return;
- }
-
- syscall_num = regs.r_rax;
-
- fsc = alloc_fsc();
- if (fsc == NULL)
- return;
- fsc->number = syscall_num;
- fsc->name = (syscall_num < 0 || syscall_num >= nsyscalls) ?
- NULL : linux32_syscallnames[syscall_num];
- if (!fsc->name) {
- fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n",
- syscall_num);
+ return (-1);
}
- if (fsc->name && (trussinfo->flags & FOLLOWFORKS) &&
- (strcmp(fsc->name, "linux_fork") == 0 ||
- strcmp(fsc->name, "linux_vfork") == 0))
- trussinfo->curthread->in_fork = 1;
-
- if (nargs == 0)
- return;
-
/*
* Linux passes syscall arguments in registers, not
* on the stack. Fortunately, we've got access to the
@@ -153,60 +66,22 @@ amd64_linux32_syscall_entry(struct truss
* number of arguments. And what does linux do for syscalls
* that have more than five arguments?
*/
-
- fsc->args[0] = regs.r_rbx;
- fsc->args[1] = regs.r_rcx;
- fsc->args[2] = regs.r_rdx;
- fsc->args[3] = regs.r_rsi;
- fsc->args[4] = regs.r_rdi;
-
- sc = get_syscall(fsc->name);
- if (sc)
- fsc->nargs = sc->nargs;
- else {
-#if DEBUG
- fprintf(trussinfo->outfile, "unknown syscall %s -- setting "
- "args to %d\n", fsc->name, nargs);
-#endif
- fsc->nargs = nargs;
+ switch (narg) {
+ default:
+ cs->args[5] = regs.r_rbp; /* Unconfirmed */
+ case 5:
+ cs->args[4] = regs.r_rdi;
+ case 4:
+ cs->args[3] = regs.r_rsi;
+ case 3:
+ cs->args[2] = regs.r_rdx;
+ case 2:
+ cs->args[1] = regs.r_rcx;
+ case 1:
+ cs->args[0] = regs.r_rbx;
}
- fsc->s_args = calloc(1, (1 + fsc->nargs) * sizeof(char *));
- fsc->sc = sc;
-
- /*
- * At this point, we set up the system call arguments.
- * We ignore any OUT ones, however -- those are arguments that
- * are set by the system call, and so are probably meaningless
- * now. This doesn't currently support arguments that are
- * passed in *and* out, however.
- */
-
- if (fsc->name) {
-#if DEBUG
- fprintf(stderr, "syscall %s(", fsc->name);
-#endif
- for (i = 0; i < fsc->nargs; i++) {
-#if DEBUG
- fprintf(stderr, "0x%x%s", sc ?
- fsc->args[sc->args[i].offset] : fsc->args[i],
- i < (fsc->nargs - 1) ? "," : "");
-#endif
- if (sc && !(sc->args[i].type & OUT)) {
- fsc->s_args[i] = print_arg(&sc->args[i],
- fsc->args, 0, trussinfo);
- }
- }
-#if DEBUG
- fprintf(stderr, ")\n");
-#endif
- }
-
-#if DEBUG
- fprintf(trussinfo->outfile, "\n");
-#endif
-
- trussinfo->curthread->fsc = fsc;
+ return (0);
}
/*
@@ -224,83 +99,43 @@ static const int bsd_to_linux_errno[] =
-6,
};
-long
-amd64_linux32_syscall_exit(struct trussinfo *trussinfo,
- int syscall_num __unused)
+static int
+amd64_linux32_fetch_retval(struct trussinfo *trussinfo, long *retval,
+ int *errorp)
{
struct reg regs;
- struct linux_syscall *fsc;
- struct syscall *sc;
lwpid_t tid;
- long retval;
- int errorp, i;
-
- if (trussinfo->curthread->fsc == NULL)
- return (-1);
+ size_t i;
tid = trussinfo->curthread->tid;
-
if (ptrace(PT_GETREGS, tid, (caddr_t)®s, 0) < 0) {
fprintf(trussinfo->outfile, "-- CANNOT READ REGISTERS --\n");
return (-1);
}
- retval = regs.r_rax;
- errorp = !!(regs.r_rflags & PSL_C);
-
- /*
- * This code, while simpler than the initial versions I used, could
- * stand some significant cleaning.
- */
-
- fsc = trussinfo->curthread->fsc;
- sc = fsc->sc;
- if (!sc) {
- for (i = 0; i < fsc->nargs; i++)
- asprintf(&fsc->s_args[i], "0x%lx", fsc->args[i]);
- } else {
- /*
- * Here, we only look for arguments that have OUT masked in --
- * otherwise, they were handled in the syscall_entry function.
- */
- for (i = 0; i < sc->nargs; i++) {
- char *temp;
-
- if (sc->args[i].type & OUT) {
- /*
- * If an error occurred, then don't bother
- * getting the data; it may not be valid.
- */
- if (errorp) {
- asprintf(&temp, "0x%lx",
- fsc->args[sc->args[i].offset]);
- } else {
- temp = print_arg(&sc->args[i],
- fsc->args, retval, trussinfo);
- }
- fsc->s_args[i] = temp;
+ retval[0] = regs.r_rax & 0xffffffff;
+ retval[1] = regs.r_rdx & 0xffffffff;
+ *errorp = !!(regs.r_rflags & PSL_C);
+
+ if (*errorp) {
+ for (i = 0; i < nitems(bsd_to_linux_errno); i++) {
+ if (retval[0] == bsd_to_linux_errno[i]) {
+ retval[0] = i;
+ return (0);
}
}
- }
- /*
- * It would probably be a good idea to merge the error handling,
- * but that complicates things considerably.
- */
- if (errorp) {
- for (i = 0; (size_t)i < nitems(bsd_to_linux_errno); i++) {
- if (retval == bsd_to_linux_errno[i])
- break;
- }
+ /* XXX: How to handle unknown errors? */
}
+ return (0);
+}
- if (fsc->name != NULL && (strcmp(fsc->name, "linux_execve") == 0 ||
- strcmp(fsc->name, "exit") == 0))
- trussinfo->curthread->in_syscall = 1;
-
- print_syscall_ret(trussinfo, fsc->name, fsc->nargs, fsc->s_args, errorp,
- errorp ? i : retval, fsc->sc);
- free_fsc(fsc);
+static struct procabi amd64_linux32 = {
+ "Linux ELF32",
+ linux32_syscallnames,
+ nitems(linux32_syscallnames),
+ amd64_linux32_fetch_args,
+ amd64_linux32_fetch_retval
+};
- return (retval);
-}
+PROCABI(amd64_linux32);
Modified: head/usr.bin/truss/arm-fbsd.c
==============================================================================
--- head/usr.bin/truss/arm-fbsd.c Wed Sep 30 17:43:02 2015 (r288423)
+++ head/usr.bin/truss/arm-fbsd.c Wed Sep 30 19:13:32 2015 (r288424)
@@ -29,17 +29,11 @@
* SUCH DAMAGE.
*/
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-head
mailing list