Documentation ¶
Index ¶
- Constants
- Variables
- func ArgumentSimple(t strace.Task, format Type, arg strace.SyscallArgument, maximumBlobSize uint) any
- func ArgumentsStrings(si SyscallInfo, t strace.Task, args strace.SyscallArguments, ...) []any
- func SignalString(s unix.Signal) string
- type Arg
- type FullNetAddress
- type NetAddress
- type SaneUtsname
- type Stackt
- type SyscallInfo
- type SyscallMap
- type Type
Constants ¶
const DefaultLogMaximumSize = 1024
DefaultLogMaximumSize is the default LogMaximumSize.
Variables ¶
var EventMaximumSize uint
EventMaximumSize determines the maximum size for data blobs (read, write, etc.) sent over the event channel. Default is 0 because most clients cannot do anything useful with binary text dump of byte array arguments.
var LogMaximumSize uint = DefaultLogMaximumSize
LogMaximumSize determines the maximum display size for data blobs (read, write, etc.).
Functions ¶
func ArgumentSimple ¶
func ArgumentsStrings ¶
func ArgumentsStrings(si SyscallInfo, t strace.Task, args strace.SyscallArguments, rval strace.SyscallArgument, maximumBlobSize uint) []any
ArgumentsStrings fills arguments for a system call. If an argument cannot be interpreted, then a hex value will be used. Note that a full output slice will always be provided, that is len(return) == len(args).
func SignalString ¶
Types ¶
type FullNetAddress ¶
type FullNetAddress struct { // Addr is the network address. Addr NetAddress // Port is the transport port. // // This may not be used by all endpoint types. Port uint16 }
func GetAddress ¶
func GetAddress(t strace.Task, addr []byte) (FullNetAddress, error)
GetAddress reads an sockaddr struct from the given address and converts it to the FullNetAddress format. It supports AF_UNIX, AF_INET and AF_INET6 addresses.
type NetAddress ¶
type NetAddress string
NetAddress is a byte slice cast as a string that represents the address of a network node. Or, in the case of unix endpoints, it may represent a path.
type SaneUtsname ¶
type SaneUtsname struct { Sysname string Nodename string Release string Version string Machine string Domainname string }
func SaneUname ¶
func SaneUname(u unix.Utsname) SaneUtsname
type SyscallInfo ¶
type SyscallInfo struct { // Name of a syscall. Name string // ArgTypes contains the type specifiers for each argument. ArgTypes []Type // ReturnType is a type specifier of the return value. ReturnType Type }
SyscallInfo specifies syscall signature.
func Details ¶
func Details(s *strace.SyscallEvent) SyscallInfo
type SyscallMap ¶
type SyscallMap map[uintptr]SyscallInfo
SyscallMap maps syscalls into names and printing formats.
type Type ¶
type Type int
Type specifies an individual syscall argument type.
const ( // Hex is just a hexadecimal number. Hex Type = iota // Dec is just a decimal number. Dec // Oct is just an octal number. Oct // PID is process ID. PID // ReadBuffer is a buffer for a read-style call. The syscall return // value is used for the length. // // Formatted after syscall execution. ReadBuffer // WriteBuffer is a buffer for a write-style call. The following arg is // used for the length. // // Contents omitted after syscall execution. WriteBuffer // ReadIOVec is a pointer to a struct iovec for a writev-style call. // The following arg is used for the length. The return value is used // for the total length. // // Complete contents only formatted after syscall execution. ReadIOVec // WriteIOVec is a pointer to a struct iovec for a writev-style call. // The following arg is used for the length. // // Complete contents only formatted before syscall execution, omitted // after. WriteIOVec // IOVec is a generic pointer to a struct iovec. Contents are not dumped. IOVec // SendMsgHdr is a pointer to a struct msghdr for a sendmsg-style call. // Contents formatted only before syscall execution, omitted after. SendMsgHdr // RecvMsgHdr is a pointer to a struct msghdr for a recvmsg-style call. // Contents formatted only after syscall execution. RecvMsgHdr // Path is a pointer to a char* path. Path // PostPath is a pointer to a char* path, formatted after syscall // execution. PostPath // ExecveStringVector is a NULL-terminated array of strings. Enforces // the maximum execve array length. ExecveStringVector // FD is a file descriptor. FD // PipeFDs is an array of two FDs, formatted after syscall execution. PipeFDs // Uname is a pointer to a struct uname, formatted after syscall execution. Uname // Stat is a pointer to a struct stat, formatted after syscall execution. Stat // SockAddr is a pointer to a struct sockaddr. The following arg is // used for length. SockAddr // PostSockAddr is a pointer to a struct sockaddr, formatted after // syscall execution. The following arg is a pointer to the socklen_t // length. PostSockAddr // SockLen is a pointer to a socklen_t, formatted before and after // syscall execution. SockLen // SockFamily is a socket protocol family value. SockFamily // SockType is a socket type and flags value. SockType // SockProtocol is a socket protocol value. Argument n-2 is the socket // protocol family. SockProtocol // SockFlags are socket flags. SockFlags // Timespec is a pointer to a struct timespec. Timespec // PostTimespec is a pointer to a struct timespec, formatted after // syscall execution. PostTimespec // UTimeTimespec is a pointer to a struct timespec. Formatting includes // UTIME_NOW and UTIME_OMIT. UTimeTimespec // ItimerVal is a pointer to a struct itimerval. ItimerVal // PostItimerVal is a pointer to a struct itimerval, formatted after // syscall execution. PostItimerVal // ItimerSpec is a pointer to a struct itimerspec. ItimerSpec // PostItimerSpec is a pointer to a struct itimerspec, formatted after // syscall execution. PostItimerSpec // Timeval is a pointer to a struct timeval, formatted before and after // syscall execution. Timeval // Utimbuf is a pointer to a struct utimbuf. Utimbuf // Rusage is a struct rusage, formatted after syscall execution. Rusage // CloneFlags are clone(2) flags. CloneFlags // OpenFlags are open(2) flags. OpenFlags // Mode is a mode_t. Mode // FutexOp is the futex(2) operation. FutexOp // PtraceRequest is the ptrace(2) request. PtraceRequest // ItimerType is an itimer type (ITIMER_REAL, etc). ItimerType // CPUSet is a cpu_set_t. CPUSet // MMapProt is an mmap(2) protection flags. MMapProt // MMapFlags is an mmap(2) flags. MMapFlags // MADVFlags is an madvise(2) flags. MADVFlags // ArchPrctl is an arch_prctl(2) code. ArchPrctl // Signal is a process signal. Signal // StackT is a signal stack descriptor. StackT )
Valid TypeSpecifiers.
Unless otherwise specified, values are formatted before syscall execution and not updated after syscall execution (the same value is output).