Documentation
¶
Index ¶
- Constants
- Variables
- func PrintTraces(w io.Writer) strace.EventCallback
- func Strace(c *exec.Cmd, out io.Writer) error
- func SysCallEnter(t strace.Task, s *strace.SyscallEvent) string
- func SysCallExit(t strace.Task, s *strace.SyscallEvent) string
- type FormatSpecifier
- type FullNetAddress
- type NetAddress
- type SaneUtsname
- type SyscallInfo
- type SyscallMap
Constants ¶
View Source
const DefaultLogMaximumSize = 1024
DefaultLogMaximumSize is the default LogMaximumSize.
Variables ¶
View Source
var EventMaximumSize uint
EventMaximumSize determines the maximum size for data blobs (read, write, etc.) sent over the event channel. Default is 0 because most clients cannot do anything useful with binary text dump of byte array arguments.
View Source
var LogMaximumSize uint = DefaultLogMaximumSize
LogMaximumSize determines the maximum display size for data blobs (read, write, etc.).
Functions ¶
func PrintTraces ¶
func PrintTraces(w io.Writer) strace.EventCallback
PrintTraces prints every trace event to w.
func SysCallEnter ¶
func SysCallEnter(t strace.Task, s *strace.SyscallEvent) string
func SysCallExit ¶
func SysCallExit(t strace.Task, s *strace.SyscallEvent) string
Types ¶
type FormatSpecifier ¶
type FormatSpecifier int
FormatSpecifier values describe how an individual syscall argument should be formatted.
const ( // Hex is just a hexadecimal number. Hex FormatSpecifier = iota // Oct is just an octal number. Oct // ReadBuffer is a buffer for a read-style call. The syscall return // value is used for the length. // // Formatted after syscall execution. ReadBuffer // WriteBuffer is a buffer for a write-style call. The following arg is // used for the length. // // Contents omitted after syscall execution. WriteBuffer // ReadIOVec is a pointer to a struct iovec for a writev-style call. // The following arg is used for the length. The return value is used // for the total length. // // Complete contents only formatted after syscall execution. ReadIOVec // WriteIOVec is a pointer to a struct iovec for a writev-style call. // The following arg is used for the length. // // Complete contents only formatted before syscall execution, omitted // after. WriteIOVec // IOVec is a generic pointer to a struct iovec. Contents are not dumped. IOVec // SendMsgHdr is a pointer to a struct msghdr for a sendmsg-style call. // Contents formatted only before syscall execution, omitted after. SendMsgHdr // RecvMsgHdr is a pointer to a struct msghdr for a recvmsg-style call. // Contents formatted only after syscall execution. RecvMsgHdr // Path is a pointer to a char* path. Path // PostPath is a pointer to a char* path, formatted after syscall // execution. PostPath // ExecveStringVector is a NULL-terminated array of strings. Enforces // the maximum execve array length. ExecveStringVector // PipeFDs is an array of two FDs, formatted after syscall execution. PipeFDs // Uname is a pointer to a struct uname, formatted after syscall execution. Uname // Stat is a pointer to a struct stat, formatted after syscall execution. Stat // SockAddr is a pointer to a struct sockaddr. The following arg is // used for length. SockAddr // PostSockAddr is a pointer to a struct sockaddr, formatted after // syscall execution. The following arg is a pointer to the socklen_t // length. PostSockAddr // SockLen is a pointer to a socklen_t, formatted before and after // syscall execution. SockLen // SockFamily is a socket protocol family value. SockFamily // SockType is a socket type and flags value. SockType // SockProtocol is a socket protocol value. Argument n-2 is the socket // protocol family. SockProtocol // SockFlags are socket flags. SockFlags // Timespec is a pointer to a struct timespec. Timespec // PostTimespec is a pointer to a struct timespec, formatted after // syscall execution. PostTimespec // UTimeTimespec is a pointer to a struct timespec. Formatting includes // UTIME_NOW and UTIME_OMIT. UTimeTimespec // ItimerVal is a pointer to a struct itimerval. ItimerVal // PostItimerVal is a pointer to a struct itimerval, formatted after // syscall execution. PostItimerVal // ItimerSpec is a pointer to a struct itimerspec. ItimerSpec // PostItimerSpec is a pointer to a struct itimerspec, formatted after // syscall execution. PostItimerSpec // Timeval is a pointer to a struct timeval, formatted before and after // syscall execution. Timeval // Utimbuf is a pointer to a struct utimbuf. Utimbuf // Rusage is a struct rusage, formatted after syscall execution. Rusage // CloneFlags are clone(2) flags. CloneFlags // OpenFlags are open(2) flags. OpenFlags // Mode is a mode_t. Mode // FutexOp is the futex(2) operation. FutexOp // PtraceRequest is the ptrace(2) request. PtraceRequest // ItimerType is an itimer type (ITIMER_REAL, etc). ItimerType )
Valid FormatSpecifiers.
Unless otherwise specified, values are formatted before syscall execution and not updated after syscall execution (the same value is output).
type FullNetAddress ¶
type FullNetAddress struct {
// Addr is the network address.
Addr NetAddress
// Port is the transport port.
//
// This may not be used by all endpoint types.
Port uint16
}
func GetAddress ¶
func GetAddress(t strace.Task, addr []byte) (FullNetAddress, error)
GetAddress reads an sockaddr struct from the given address and converts it to the FullNetAddress format. It supports AF_UNIX, AF_INET and AF_INET6 addresses.
type NetAddress ¶
type NetAddress string
NetAddress is a byte slice cast as a string that represents the address of a network node. Or, in the case of unix endpoints, it may represent a path.
type SaneUtsname ¶
type SaneUtsname struct {
Sysname string
Nodename string
Release string
Version string
Machine string
Domainname string
}
func SaneUname ¶
func SaneUname(u unix.Utsname) SaneUtsname
type SyscallInfo ¶
type SyscallInfo struct {
// contains filtered or unexported fields
}
SyscallInfo captures the name and printing format of a syscall.
type SyscallMap ¶
type SyscallMap map[uintptr]SyscallInfo
SyscallMap maps syscalls into names and printing formats.
Source Files
Click to show internal directories.
Click to hide internal directories.