/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License (the "License").
 * You may not use this file except in compliance with the License.
 *
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 * or http://www.opensolaris.org/os/licensing.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 * If applicable, add the following below this CDDL HEADER, with the
 * fields enclosed by brackets "[]" replaced with your own identifying
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */

/*
 * Copyright (c) 1989, 2010, Oracle and/or its affiliates. All rights reserved.
 * Copyright 2015, Joyent, Inc.
 * Copyright 2023 Oxide Computer Company
 */

/*      Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */

#include <stdio.h>
#include <stdio_ext.h>
#include <stdlib.h>
#include <unistd.h>
#include <fcntl.h>
#include <ctype.h>
#include <string.h>
#include <memory.h>
#include <signal.h>
#include <wait.h>
#include <limits.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/time.h>
#include <sys/times.h>
#include <sys/fstyp.h>
#include <sys/fsid.h>
#include <sys/stat.h>
#include <sys/mman.h>
#include <sys/resource.h>
#include <libproc.h>
#include <priv.h>
#include "ramdata.h"
#include "proto.h"
#include "htbl.h"

/*
 * The user can trace individual threads by using the 'pid/1,3-6,8-' syntax.
 * This structure keeps track of pid/lwp specifications.  If there are no LWPs
 * specified, then 'lwps' will be NULL.
 */
typedef struct proc_set {
        pid_t           pid;
        const char      *lwps;
} proc_set_t;

/*
 * Function prototypes for static routines in this file.
 */
void    setup_basetime(hrtime_t, struct timeval *);
int     xcreat(char *);
void    setoutput(int);
void    report(private_t *, time_t);
void    prtim(timestruc_t *);
void    pids(char *, proc_set_t *);
void    psargs(private_t *);
int     control(private_t *, pid_t);
int     grabit(private_t *, proc_set_t *);
void    release(private_t *, pid_t);
void    intr(int);
int     wait4all(void);
void    letgo(private_t *);
void    child_to_file();
void    file_to_parent();
void    per_proc_init();
int     lib_sort(const void *, const void *);
int     key_sort(const void *, const void *);

void    *worker_thread(void *);
void    main_thread(int);

/*
 * Test for empty set.
 * is_empty() should not be called directly.
 */
int     is_empty(const uint32_t *, size_t);
#define isemptyset(sp) \
        is_empty((uint32_t *)(sp), sizeof (*(sp)) / sizeof (uint32_t))

/*
 * OR the second set into the first set.
 * or_set() should not be called directly.
 */
void    or_set(uint32_t *, const uint32_t *, size_t);
#define prorset(sp1, sp2) \
        or_set((uint32_t *)(sp1), (uint32_t *)(sp2), \
        sizeof (*(sp1)) / sizeof (uint32_t))

/* fetch or allocate thread-private data */
private_t *
get_private()
{
        void *value;
        private_t *pri = NULL;

        if (thr_getspecific(private_key, &value) == 0)
                pri = value;
        if (pri == NULL) {
                pri = my_malloc(sizeof (*pri), NULL);
                (void) memset(pri, 0, sizeof (*pri));
                pri->sys_path = my_malloc(pri->sys_psize = 16, NULL);
                pri->sys_string = my_malloc(pri->sys_ssize = 32, NULL);
                if (thr_setspecific(private_key, pri) == ENOMEM)
                        abend("memory allocation failure", NULL);
        }
        return (pri);
}

/* destructor function for thread-private data */
void
free_private(void *value)
{
        private_t *pri = value;

        if (pri->sys_path)
                free(pri->sys_path);
        if (pri->sys_string)
                free(pri->sys_string);
        if (pri->exec_string)
                free(pri->exec_string);
        if (pri->str_buffer)
                free(pri->str_buffer);
        free(pri);
}

/*
 * This is called by the main thread (via create_thread())
 * and is also called from other threads in worker_thread()
 * while holding truss_lock.  No further locking is required.
 */
void
insert_lwpid(lwpid_t lwpid)
{
        int i;

        truss_nlwp++;
        for (i = 0; i < truss_maxlwp; i++) {
                if (truss_lwpid[i] == 0)
                        break;
        }
        if (i == truss_maxlwp) {
                /* double the size of the array */
                truss_lwpid = my_realloc(truss_lwpid,
                    truss_maxlwp * 2 * sizeof (lwpid_t), NULL);
                (void) memset(&truss_lwpid[truss_maxlwp], 0,
                    truss_maxlwp * sizeof (lwpid_t));
                truss_maxlwp *= 2;
        }
        truss_lwpid[i] = lwpid;
}

/*
 * This is called from the first worker thread to encounter one of
 * (leave_hung || interrupt || sigusr1).  It must notify all other
 * worker threads of the same condition.  truss_lock is held.
 */
void
broadcast_signals(void)
{
        static int int_notified = FALSE;
        static int usr1_notified = FALSE;
        static int usr2_notified = FALSE;
        lwpid_t my_id = thr_self();
        lwpid_t lwpid;
        int i;

        if (interrupt && !int_notified) {
                int_notified = TRUE;
                for (i = 0; i < truss_maxlwp; i++) {
                        if ((lwpid = truss_lwpid[i]) != 0 && lwpid != my_id)
                                (void) thr_kill(lwpid, interrupt);
                }
        }
        if (sigusr1 && !usr1_notified) {
                usr1_notified = TRUE;
                for (i = 0; i < truss_maxlwp; i++) {
                        if ((lwpid = truss_lwpid[i]) != 0 && lwpid != my_id)
                                (void) thr_kill(lwpid, SIGUSR1);
                }
        }
        if (leave_hung && !usr2_notified) {
                usr2_notified = TRUE;
                for (i = 0; i < truss_maxlwp; i++) {
                        if ((lwpid = truss_lwpid[i]) != 0 && lwpid != my_id)
                                (void) thr_kill(lwpid, SIGUSR2);
                }
        }
}

static struct ps_lwphandle *
grab_lwp(lwpid_t who)
{
        struct ps_lwphandle *Lwp;
        int gcode;

        if ((Lwp = Lgrab(Proc, who, &gcode)) == NULL) {
                if (gcode != G_NOPROC) {
                        (void) fprintf(stderr,
                            "%s: cannot grab LWP %u in process %d,"
                            " reason: %s\n",
                            command, who, (int)Pstatus(Proc)->pr_pid,
                            Lgrab_error(gcode));
                        interrupt = SIGTERM;    /* post an interrupt */
                }
        }
        return (Lwp);
}

/*
 * Iteration function called for each initial lwp in the controlled process.
 */
/* ARGSUSED */
int
create_thread(void *arg, const lwpstatus_t *Lsp)
{
        struct ps_lwphandle *new_Lwp;
        lwpid_t lwpid;
        int *count = arg;

        if (lwptrace(Pstatus(Proc)->pr_pid, Lsp->pr_lwpid))
                *count += 1;

        if ((new_Lwp = grab_lwp(Lsp->pr_lwpid)) != NULL) {
                if (thr_create(NULL, 0, worker_thread, new_Lwp,
                    THR_BOUND | THR_SUSPENDED, &lwpid) != 0)
                        abend("cannot create lwp to follow child lwp", NULL);
                insert_lwpid(lwpid);
        }
        return (0);
}

int
main(int argc, char *argv[])
{
        private_t *pri;
        struct tms tms;
        struct rlimit rlim;
        int ofd = -1;
        int opt;
        int i;
        int first;
        int errflg = FALSE;
        int badname = FALSE;
        proc_set_t *grab = NULL;
        const pstatus_t *Psp;
        const lwpstatus_t *Lsp;
        int sharedmem;

        /* a few of these need to be initialized to NULL */
        Cp = NULL;
        fcall_tbl = NULL;

        /*
         * Make sure fd's 0, 1, and 2 are allocated,
         * just in case truss was invoked from init.
         */
        while ((i = open("/dev/null", O_RDWR)) >= 0 && i < 2)
                ;
        if (i > 2)
                (void) close(i);

        starttime = times(&tms);        /* for elapsed timing */

        /* this should be per-traced-process */
        pagesize = sysconf(_SC_PAGESIZE);

        /* command name (e.g., "truss") */
        if ((command = strrchr(argv[0], '/')) != NULL)
                command++;
        else
                command = argv[0];

        /* set up the initial private data */
        (void) mutex_init(&truss_lock, USYNC_THREAD, NULL);
        (void) mutex_init(&count_lock, USYNC_THREAD, NULL);
        (void) cond_init(&truss_cv, USYNC_THREAD, NULL);
        if (thr_keycreate(&private_key, free_private) == ENOMEM)
                abend("memory allocation failure", NULL);
        pri = get_private();

        Euid = geteuid();
        Egid = getegid();
        Ruid = getuid();
        Rgid = getgid();
        ancestor = getpid();

        prfillset(&trace);      /* default: trace all system calls */
        premptyset(&verbose);   /* default: no syscall verbosity */
        premptyset(&rawout);    /* default: no raw syscall interpretation */

        prfillset(&signals);    /* default: trace all signals */

        prfillset(&faults);     /* default: trace all faults */
        prdelset(&faults, FLTPAGE);     /* except this one */

        premptyset(&readfd);    /* default: dump no buffers */
        premptyset(&writefd);

        premptyset(&syshang);   /* default: hang on no system calls */
        premptyset(&sighang);   /* default: hang on no signals */
        premptyset(&flthang);   /* default: hang on no faults */

        (void) sigemptyset(&emptyset);  /* for unblocking all signals */
        (void) sigfillset(&fillset);    /* for blocking all signals */

#define OPTIONS "FpfcaeildDEht:T:v:x:s:S:m:M:u:U:r:w:o:"
        while ((opt = getopt(argc, argv, OPTIONS)) != EOF) {
                switch (opt) {
                case 'F':               /* force grabbing (no O_EXCL) */
                        Fflag = PGRAB_FORCE;
                        break;
                case 'p':               /* grab processes */
                        pflag = TRUE;
                        break;
                case 'f':               /* follow children */
                        fflag = TRUE;
                        break;
                case 'c':               /* don't trace, just count */
                        cflag = TRUE;
                        iflag = TRUE;   /* implies no interruptable syscalls */
                        break;
                case 'a':               /* display argument lists */
                        aflag = TRUE;
                        break;
                case 'e':               /* display environments */
                        eflag = TRUE;
                        break;
                case 'i':               /* don't show interruptable syscalls */
                        iflag = TRUE;
                        break;
                case 'l':               /* show lwp id for each syscall */
                        lflag = TRUE;
                        break;
                case 'h':               /* debugging: report hash stats */
                        hflag = TRUE;
                        break;
                case 'd':               /* show time stamps */
                        dflag = TRUE;
                        break;
                case 'D':               /* show time deltas */
                        Dflag = TRUE;
                        break;
                case 'E':
                        Eflag = TRUE;   /* show syscall times */
                        break;
                case 't':               /* system calls to trace */
                        if (syslist(optarg, &trace, &tflag))
                                badname = TRUE;
                        break;
                case 'T':               /* system calls to hang process */
                        if (syslist(optarg, &syshang, &Tflag))
                                badname = TRUE;
                        break;
                case 'v':               /* verbose interpretation of syscalls */
                        if (syslist(optarg, &verbose, &vflag))
                                badname = TRUE;
                        break;
                case 'x':               /* raw interpretation of syscalls */
                        if (syslist(optarg, &rawout, &xflag))
                                badname = TRUE;
                        break;
                case 's':               /* signals to trace */
                        if (siglist(pri, optarg, &signals, &sflag))
                                badname = TRUE;
                        break;
                case 'S':               /* signals to hang process */
                        if (siglist(pri, optarg, &sighang, &Sflag))
                                badname = TRUE;
                        break;
                case 'm':               /* machine faults to trace */
                        if (fltlist(optarg, &faults, &mflag))
                                badname = TRUE;
                        break;
                case 'M':               /* machine faults to hang process */
                        if (fltlist(optarg, &flthang, &Mflag))
                                badname = TRUE;
                        break;
                case 'u':               /* user library functions to trace */
                        if (liblist(optarg, 0))
                                badname = TRUE;
                        break;
                case 'U':               /* user library functions to hang */
                        if (liblist(optarg, 1))
                                badname = TRUE;
                        break;
                case 'r':               /* show contents of read(fd) */
                        if (fdlist(optarg, &readfd))
                                badname = TRUE;
                        break;
                case 'w':               /* show contents of write(fd) */
                        if (fdlist(optarg, &writefd))
                                badname = TRUE;
                        break;
                case 'o':               /* output file for trace */
                        oflag = TRUE;
                        if (ofd >= 0)
                                (void) close(ofd);
                        if ((ofd = xcreat(optarg)) < 0) {
                                perror(optarg);
                                badname = TRUE;
                        }
                        break;
                default:
                        errflg = TRUE;
                        break;
                }
        }

        if (badname)
                exit(2);

        /* if -a or -e was specified, force tracing of exec() */
        if (aflag || eflag)
                praddset(&trace, SYS_execve);

        /*
         * Make sure that all system calls, signals, and machine faults
         * that hang the process are added to their trace sets.
         */
        prorset(&trace, &syshang);
        prorset(&signals, &sighang);
        prorset(&faults, &flthang);

        argc -= optind;
        argv += optind;

        /* collect the specified process ids */
        if (pflag && argc > 0) {
                grab = my_malloc(argc * sizeof (proc_set_t),
                    "memory for process-ids");
                while (argc-- > 0)
                        pids(*argv++, grab);
        }

        if (errflg || (argc <= 0 && ngrab <= 0)) {
                (void) fprintf(stderr,
        "usage:\t%s [-fcaeildDEF] [-[tTvx] [!]syscalls] [-[sS] [!]signals]\\\n",
                    command);
                (void) fprintf(stderr,
        "\t[-[mM] [!]faults] [-[rw] [!]fds] [-[uU] [!]libs:[:][!]funcs]\\\n");
                (void) fprintf(stderr,
                    "\t[-o outfile]  command | -p pid[/lwps] ...\n");
                exit(2);
        }

        if (argc > 0) {         /* create the controlled process */
                int err;
                char path[PATH_MAX];

                Proc = Pcreate(argv[0], &argv[0], &err, path, sizeof (path));
                if (Proc == NULL) {
                        switch (err) {
                        case C_PERM:
                                (void) fprintf(stderr,
                                    "%s: cannot trace set-id or "
                                    "unreadable object file: %s\n",
                                    command, path);
                                break;
                        case C_LP64:
                                (void) fprintf(stderr,
                                    "%s: cannot control _LP64 "
                                    "program: %s\n",
                                    command, path);
                                break;
                        case C_NOEXEC:
                                (void) fprintf(stderr,
                                    "%s: cannot execute program: %s\n",
                                    command, argv[0]);
                                break;
                        case C_NOENT:
                                (void) fprintf(stderr,
                                    "%s: cannot find program: %s\n",
                                    command, argv[0]);
                                break;
                        case C_STRANGE:
                                break;
                        default:
                                (void) fprintf(stderr, "%s: %s\n",
                                    command, Pcreate_error(err));
                                break;
                        }
                        exit(2);
                }
                if (fflag || Dynpat != NULL)
                        (void) Psetflags(Proc, PR_FORK);
                else
                        (void) Punsetflags(Proc, PR_FORK);
                Psp = Pstatus(Proc);
                Lsp = &Psp->pr_lwp;
                pri->lwpstat = Lsp;
                data_model = Psp->pr_dmodel;
                created = Psp->pr_pid;
                make_pname(pri, 0);
                (void) sysentry(pri, 1);
                pri->length = 0;
                if (!cflag && prismember(&trace, SYS_execve)) {
                        pri->exec_string = my_realloc(pri->exec_string,
                            strlen(pri->sys_string) + 1, NULL);
                        (void) strcpy(pri->exec_pname, pri->pname);
                        (void) strcpy(pri->exec_string, pri->sys_string);
                        pri->length += strlen(pri->sys_string);
                        pri->exec_lwpid = pri->lwpstat->pr_lwpid;
                        pri->sys_leng = 0;
                        *pri->sys_string = '\0';
                }
                pri->syslast = Psp->pr_stime;
                pri->usrlast = Psp->pr_utime;
        }

        /*
         * Now that we have created the victim process,
         * give ourself a million file descriptors.
         * This is enough to deal with a multithreaded
         * victim process that has half a million lwps.
         */
        rlim.rlim_cur = 1024 * 1024;
        rlim.rlim_max = 1024 * 1024;
        if ((Euid != 0 || setrlimit(RLIMIT_NOFILE, &rlim) != 0) &&
            getrlimit(RLIMIT_NOFILE, &rlim) == 0) {
                /*
                 * Failing the million, give ourself as many
                 * file descriptors as we can get.
                 */
                rlim.rlim_cur = rlim.rlim_max;
                (void) setrlimit(RLIMIT_NOFILE, &rlim);
        }
        (void) enable_extended_FILE_stdio(-1, -1);

        setoutput(ofd);         /* establish truss output */
        istty = isatty(1);

        if (setvbuf(stdout, (char *)NULL, _IOFBF, MYBUFSIZ) != 0)
                abend("setvbuf() failure", NULL);

        /*
         * Set up signal dispositions.
         */
        if (created && (oflag || !istty)) {     /* ignore interrupts */
                (void) sigset(SIGHUP, SIG_IGN);
                (void) sigset(SIGINT, SIG_IGN);
                (void) sigset(SIGQUIT, SIG_IGN);
        } else {                                /* receive interrupts */
                if (sigset(SIGHUP, SIG_IGN) == SIG_DFL)
                        (void) sigset(SIGHUP, intr);
                if (sigset(SIGINT, SIG_IGN) == SIG_DFL)
                        (void) sigset(SIGINT, intr);
                if (sigset(SIGQUIT, SIG_IGN) == SIG_DFL)
                        (void) sigset(SIGQUIT, intr);
        }
        (void) sigset(SIGTERM, intr);
        (void) sigset(SIGUSR1, intr);
        (void) sigset(SIGUSR2, intr);
        (void) sigset(SIGPIPE, intr);

        /* don't accumulate zombie children */
        (void) sigset(SIGCLD, SIG_IGN);

        /* create shared mem space for global mutexes */

        sharedmem = (fflag || Dynpat != NULL || ngrab > 1);
        gps = (void *)mmap(NULL, sizeof (struct global_psinfo),
            PROT_READ|PROT_WRITE,
            MAP_ANON | (sharedmem? MAP_SHARED : MAP_PRIVATE),
            -1, (off_t)0);
        if (gps == MAP_FAILED)
                abend("cannot allocate ", "memory for counts");
        i = sharedmem? USYNC_PROCESS : USYNC_THREAD;
        (void) mutex_init(&gps->ps_mutex0, i, NULL);
        (void) mutex_init(&gps->ps_mutex1, i, NULL);
        (void) mutex_init(&gps->fork_lock, i, NULL);
        (void) cond_init(&gps->fork_cv, i, NULL);


        /* config tmp file if counting and following */
        if (fflag && cflag) {
                char *tmps = tempnam("/var/tmp", "truss");
                sfd = open(tmps, O_CREAT|O_APPEND|O_EXCL|O_RDWR, 0600);
                if (sfd == -1)
                        abend("Error creating tmpfile", NULL);
                if (unlink(tmps) == -1)
                        abend("Error unlinking tmpfile", NULL);
                free(tmps);
                tmps = NULL;
        }

        if (created) {
                per_proc_init();
                procadd(created, NULL);
                show_cred(pri, TRUE, FALSE);
        } else {                /* grab the specified processes */
                int gotone = FALSE;

                i = 0;
                while (i < ngrab) {             /* grab first process */
                        if (grabit(pri, &grab[i++])) {
                                Psp = Pstatus(Proc);
                                Lsp = &Psp->pr_lwp;
                                gotone = TRUE;
                                break;
                        }
                }
                if (!gotone)
                        abend(NULL, NULL);
                per_proc_init();
                while (i < ngrab) {             /* grab the remainder */
                        proc_set_t *set = &grab[i++];

                        (void) mutex_lock(&truss_lock);
                        switch (fork()) {
                        case -1:
                                (void) fprintf(stderr,
                        "%s: cannot fork to control process, pid# %d\n",
                                    command, (int)set->pid);
                                /* FALLTHROUGH */
                        default:
                                (void) mutex_unlock(&truss_lock);
                                continue;       /* parent carries on */

                        case 0:                 /* child grabs process */
                                (void) mutex_unlock(&truss_lock);
                                Pfree(Proc);
                                descendent = TRUE;
                                if (grabit(pri, set)) {
                                        Psp = Pstatus(Proc);
                                        Lsp = &Psp->pr_lwp;
                                        per_proc_init();
                                        break;
                                }
                                exit(2);
                        }
                        break;
                }
                free(grab);
        }


        /*
         * If running setuid-root, become root for real to avoid
         * affecting the per-user limitation on the maximum number
         * of processes (one benefit of running setuid-root).
         */
        if (Rgid != Egid)
                (void) setgid(Egid);
        if (Ruid != Euid)
                (void) setuid(Euid);

        if (!created && aflag && prismember(&trace, SYS_execve)) {
                psargs(pri);
                Flush();
        }

        if (created && Pstate(Proc) != PS_STOP) /* assertion */
                if (!(interrupt | sigusr1))
                        abend("ASSERT error: process is not stopped", NULL);

        traceeven = trace;              /* trace these system calls */

        /* trace these regardless, even if we don't report results */
        praddset(&traceeven, SYS_exit);
        praddset(&traceeven, SYS_lwp_create);
        praddset(&traceeven, SYS_lwp_exit);
        praddset(&traceeven, SYS_execve);
        praddset(&traceeven, SYS_openat);
        praddset(&traceeven, SYS_openat64);
        praddset(&traceeven, SYS_open);
        praddset(&traceeven, SYS_open64);
        praddset(&traceeven, SYS_vfork);
        praddset(&traceeven, SYS_forksys);
        praddset(&traceeven, SYS_upanic);

        /* for I/O buffer dumps, force tracing of read()s and write()s */
        if (!isemptyset(&readfd)) {
                praddset(&traceeven, SYS_read);
                praddset(&traceeven, SYS_readv);
                praddset(&traceeven, SYS_pread);
                praddset(&traceeven, SYS_pread64);
                praddset(&traceeven, SYS_recv);
                praddset(&traceeven, SYS_recvfrom);
                praddset(&traceeven, SYS_recvmsg);
        }
        if (!isemptyset(&writefd)) {
                praddset(&traceeven, SYS_write);
                praddset(&traceeven, SYS_writev);
                praddset(&traceeven, SYS_pwrite);
                praddset(&traceeven, SYS_pwrite64);
                praddset(&traceeven, SYS_send);
                praddset(&traceeven, SYS_sendto);
                praddset(&traceeven, SYS_sendmsg);
        }

        if (cflag || Eflag) {
                Psetsysentry(Proc, &traceeven);
        }
        Psetsysexit(Proc, &traceeven);

        /* special case -- cannot trace sysexit because context is changed */
        if (prismember(&trace, SYS_context)) {
                (void) Psysentry(Proc, SYS_context, TRUE);
                (void) Psysexit(Proc, SYS_context, FALSE);
                prdelset(&traceeven, SYS_context);
        }

        /* special case -- trace exec() on entry to get the args */
        (void) Psysentry(Proc, SYS_execve, TRUE);

        /* special case -- sysexit never reached */
        (void) Psysentry(Proc, SYS_exit, TRUE);
        (void) Psysentry(Proc, SYS_lwp_exit, TRUE);
        (void) Psysentry(Proc, SYS_upanic, TRUE);
        (void) Psysexit(Proc, SYS_exit, FALSE);
        (void) Psysexit(Proc, SYS_lwp_exit, FALSE);
        (void) Psysexit(Proc, SYS_upanic, FALSE);

        Psetsignal(Proc, &signals);     /* trace these signals */
        Psetfault(Proc, &faults);       /* trace these faults */

        /* for function call tracing */
        if (Dynpat != NULL) {
                /* trace these regardless, to deal with function calls */
                (void) Pfault(Proc, FLTBPT, TRUE);
                (void) Pfault(Proc, FLTTRACE, TRUE);

                /* needed for x86 */
                (void) Psetflags(Proc, PR_BPTADJ);

                /*
                 * Find functions and set breakpoints on grabbed process.
                 * A process stopped on exec() gets its breakpoints set below.
                 */
                if ((Lsp->pr_why != PR_SYSENTRY &&
                    Lsp->pr_why != PR_SYSEXIT) ||
                    Lsp->pr_what != SYS_execve) {
                        establish_breakpoints();
                        establish_stacks();
                }
        }

        /*
         * Use asynchronous-stop for multithreaded truss.
         * truss runs one lwp for each lwp in the target process.
         */
        (void) Psetflags(Proc, PR_ASYNC);

        /* flush out all tracing flags now. */
        Psync(Proc);

        /*
         * If we grabbed a running process, set it running again.
         * Since we are tracing lwp_create() and lwp_exit(), the
         * lwps will not change in the process until we create all
         * of the truss worker threads.
         * We leave a created process stopped so its exec() can be reported.
         */
        first = created? FALSE : TRUE;
        if (!created &&
            ((Pstate(Proc) == PS_STOP && Lsp->pr_why == PR_REQUESTED) ||
            (Lsp->pr_flags & PR_DSTOP)))
                first = FALSE;

        main_thread(first);
        return (0);
}

/*
 * Called from main() and from control() after fork().
 */
void
main_thread(int first)
{
        private_t *pri = get_private();
        struct tms tms;
        int flags;
        int retc;
        int i;
        int count;

        /*
         * Block all signals in the main thread.
         * Some worker thread will receive signals.
         */
        (void) thr_sigsetmask(SIG_SETMASK, &fillset, NULL);

        /*
         * If we are dealing with a previously hung process,
         * arrange not to leave it hung on the same system call.
         */
        primary_lwp = (first && Pstate(Proc) == PS_STOP)?
            Pstatus(Proc)->pr_lwp.pr_lwpid : 0;

        /*
         * Create worker threads to match the lwps in the target process.
         */
        truss_nlwp = 0;
        truss_maxlwp = 1;
        truss_lwpid = my_realloc(truss_lwpid, sizeof (lwpid_t), NULL);
        truss_lwpid[0] = 0;
        count = 0;
        (void) Plwp_iter(Proc, create_thread, &count);

        if (count == 0) {
                (void) printf("(Warning: no matching active LWPs found, "
                    "waiting)\n");
                Flush();
        }

        /*
         * Set all of the truss worker threads running now.
         */
        (void) mutex_lock(&truss_lock);
        for (i = 0; i < truss_maxlwp; i++) {
                if (truss_lwpid[i])
                        (void) thr_continue(truss_lwpid[i]);
        }
        (void) mutex_unlock(&truss_lock);

        /*
         * Wait until all worker threads terminate.
         */
        while (thr_join(0, NULL, NULL) == 0)
                continue;

        (void) Punsetflags(Proc, PR_ASYNC);
        Psync(Proc);
        if (sigusr1)
                letgo(pri);
        flags = PRELEASE_CLEAR;
        if (leave_hung)
                flags |= PRELEASE_HANG;
        Prelease(Proc, flags);

        procdel();
        retc = (leave_hung? 0 : wait4all());

        if (!descendent) {
                interrupt = 0;  /* another interrupt kills the report */
                if (cflag) {
                        if (fflag)
                                file_to_parent();
                        report(pri, times(&tms) - starttime);
                }
        } else if (cflag && fflag) {
                child_to_file();
        }

        exit(retc);     /* exit with exit status of created process, else 0 */
}

void *
worker_thread(void *arg)
{
        struct ps_lwphandle *Lwp = (struct ps_lwphandle *)arg;
        const pstatus_t *Psp = Pstatus(Proc);
        const lwpstatus_t *Lsp = Lstatus(Lwp);
        struct syscount *scp;
        lwpid_t who = Lsp->pr_lwpid;
        int first = (who == primary_lwp);
        private_t *pri = get_private();
        int req_flag = 0;
        int leave_it_hung = FALSE;
        int reset_traps = FALSE;
        int gcode;
        int what;
        int ow_in_effect = 0;
        long ow_syscall = 0;
        long ow_subcode = 0;
        char *ow_string = NULL;
        sysset_t full_set;
        sysset_t running_set;
        int dotrace = lwptrace(Psp->pr_pid, Lsp->pr_lwpid);

        pri->Lwp = Lwp;
        pri->lwpstat = Lsp;
        pri->syslast = Lsp->pr_stime;
        pri->usrlast = Lsp->pr_utime;
        make_pname(pri, 0);

        prfillset(&full_set);

        /* we were created with all signals blocked; unblock them */
        (void) thr_sigsetmask(SIG_SETMASK, &emptyset, NULL);

        /*
         * Run this loop until the victim lwp terminates or we receive
         * a termination condition (leave_hung | interrupt | sigusr1).
         */
        for (;;) {
                if (interrupt | sigusr1) {
                        (void) Lstop(Lwp, MILLISEC);
                        if (Lstate(Lwp) == PS_RUN)
                                break;
                }
                if (Lstate(Lwp) == PS_RUN) {
                        /* millisecond timeout is for sleeping syscalls */
                        uint_t tout = (iflag || req_flag)? 0 : MILLISEC;

                        /*
                         * If we are to leave this lwp stopped in sympathy
                         * with another lwp that has been left hung, or if
                         * we have been interrupted or instructed to release
                         * our victim process, and this lwp is stopped but
                         * not on an event of interest to /proc, then just
                         * leave it in that state.
                         */
                        if ((leave_hung | interrupt | sigusr1) &&
                            (Lsp->pr_flags & (PR_STOPPED|PR_ISTOP))
                            == PR_STOPPED)
                                break;

                        (void) Lwait(Lwp, tout);
                        if (Lstate(Lwp) == PS_RUN &&
                            tout != 0 && !(interrupt | sigusr1)) {
                                (void) mutex_lock(&truss_lock);
                                if ((Lsp->pr_flags & PR_STOPPED) &&
                                    Lsp->pr_why == PR_JOBCONTROL)
                                        req_flag = jobcontrol(pri, dotrace);
                                else
                                        req_flag = requested(pri, req_flag,
                                            dotrace);
                                (void) mutex_unlock(&truss_lock);
                        }
                        continue;
                }
                data_model = Psp->pr_dmodel;
                if (Lstate(Lwp) == PS_UNDEAD)
                        break;
                if (Lstate(Lwp) == PS_LOST) {   /* we lost control */
                        /*
                         * After exec(), only one LWP remains in the process.
                         * /proc makes the thread following that LWP receive
                         * EAGAIN (PS_LOST) if the program being exec()ed
                         * is a set-id program.  Every other controlling
                         * thread receives ENOENT (because its LWP vanished).
                         * We are the controlling thread for the exec()ing LWP.
                         * We must wait until all of our siblings terminate
                         * before attempting to reopen the process.
                         */
                        (void) mutex_lock(&truss_lock);
                        while (truss_nlwp > 1)
                                (void) cond_wait(&truss_cv, &truss_lock);
                        if (Preopen(Proc) == 0) { /* we got control back */
                                /*
                                 * We have to free and re-grab the LWP.
                                 * The process is guaranteed to be at exit
                                 * from exec() or execve() and have only
                                 * one LWP, namely this one, and the LWP
                                 * is guaranteed to have lwpid == 1.
                                 * This "cannot fail".
                                 */
                                who = 1;
                                Lfree(Lwp);
                                pri->Lwp = Lwp =
                                    Lgrab(Proc, who, &gcode);
                                if (Lwp == NULL)
                                        abend("Lgrab error: ",
                                            Lgrab_error(gcode));
                                pri->lwpstat = Lsp = Lstatus(Lwp);
                                (void) mutex_unlock(&truss_lock);
                                continue;
                        }

                        /* we really lost it */
                        if (pri->exec_string && *pri->exec_string) {
                                if (pri->exec_pname[0] != '\0')
                                        (void) fputs(pri->exec_pname, stdout);
                                timestamp(pri);
                                (void) fputs(pri->exec_string, stdout);
                                (void) fputc('\n', stdout);
                        } else if (pri->length) {
                                (void) fputc('\n', stdout);
                        }
                        if (pri->sys_valid)
                                (void) printf(
                        "%s\t*** cannot trace across exec() of %s ***\n",
                                    pri->pname, pri->sys_path);
                        else
                                (void) printf(
                                "%s\t*** lost control of process ***\n",
                                    pri->pname);
                        pri->length = 0;
                        Flush();
                        (void) mutex_unlock(&truss_lock);
                        break;
                }
                if (Lstate(Lwp) != PS_STOP) {
                        (void) fprintf(stderr,
                            "%s: state = %d\n", command, Lstate(Lwp));
                        abend(pri->pname, "uncaught status of subject lwp");
                }

                make_pname(pri, 0);

                (void) mutex_lock(&truss_lock);

                what = Lsp->pr_what;
                req_flag = 0;

                switch (Lsp->pr_why) {
                case PR_REQUESTED:
                        break;
                case PR_SIGNALLED:
                        req_flag = signalled(pri, req_flag, dotrace);
                        if (Sflag && !first && prismember(&sighang, what))
                                leave_it_hung = TRUE;
                        break;
                case PR_FAULTED:
                        if (what == FLTBPT) {
                                int rval;

                                (void) Pstop(Proc, 0);
                                rval = function_trace(pri, first, 0, dotrace);
                                if (rval == 1)
                                        leave_it_hung = TRUE;
                                if (rval >= 0)
                                        break;
                        }
                        if (faulted(pri, dotrace) &&
                            Mflag && !first && prismember(&flthang, what))
                                leave_it_hung = TRUE;
                        break;
                case PR_JOBCONTROL:     /* can't happen except first time */
                        req_flag = jobcontrol(pri, dotrace);
                        break;
                case PR_SYSENTRY:
                        /* protect ourself from operating system error */
                        if (what <= 0 || what > PRMAXSYS)
                                what = PRMAXSYS;
                        pri->length = 0;
                        /*
                         * ow_in_effect checks to see whether or not we
                         * are attempting to quantify the time spent in
                         * a one way system call.  This is necessary as
                         * some system calls never return, yet it is desireable
                         * to determine how much time the traced process
                         * spends in these calls.  To do this, a one way
                         * flag is set on SYSENTRY when the call is recieved.
                         * After this, the call mask for the SYSENTRY events
                         * is filled so that the traced process will stop
                         * on the entry to the very next system call.
                         * This appears to the the best way to determine
                         * system time elapsed between a one way system call.
                         * Once the next call occurs, values that have been
                         * stashed are used to record the correct syscall
                         * and time, and the SYSENTRY event mask is restored
                         * so that the traced process may continue.
                         */
                        if (dotrace && ow_in_effect) {
                                if (cflag) {
                                        (void) mutex_lock(&count_lock);
                                        scp = Cp->syscount[ow_syscall];
                                        if (ow_subcode != -1)
                                                scp += ow_subcode;
                                        scp->count++;
                                        accumulate(&scp->stime,
                                            &Lsp->pr_stime, &pri->syslast);
                                        accumulate(&Cp->usrtotal,
                                            &Lsp->pr_utime, &pri->usrlast);
                                        pri->syslast = Lsp->pr_stime;
                                        pri->usrlast = Lsp->pr_utime;
                                        (void) mutex_unlock(&count_lock);
                                } else if (Eflag) {
                                        putpname(pri);
                                        timestamp(pri);
                                        (void) printf("%s\n", ow_string);
                                        free(ow_string);
                                        ow_string = NULL;
                                        pri->syslast = Lsp->pr_stime;
                                }
                                ow_in_effect = 0;
                                Psetsysentry(Proc, &running_set);
                        }

                        /*
                         * Special cases.  Most syscalls are traced on exit.
                         */
                        switch (what) {
                        case SYS_exit:                  /* exit() */
                        case SYS_lwp_exit:              /* lwp_exit() */
                        case SYS_upanic:                /* upanic() */
                        case SYS_context:               /* [get|set]context() */
                                if (dotrace && cflag &&
                                    prismember(&trace, what)) {
                                        ow_in_effect = 1;
                                        ow_syscall = what;
                                        ow_subcode = getsubcode(pri);
                                        pri->syslast = Lsp->pr_stime;
                                        running_set =
                                            (Pstatus(Proc))->pr_sysentry;
                                        Psetsysentry(Proc, &full_set);
                                } else if (dotrace && Eflag &&
                                    prismember(&trace, what)) {
                                        (void) sysentry(pri, dotrace);
                                        ow_in_effect = 1;
                                        ow_string = my_malloc(
                                            strlen(pri->sys_string) + 1, NULL);
                                        (void) strcpy(ow_string,
                                            pri->sys_string);
                                        running_set =
                                            (Pstatus(Proc))->pr_sysentry;
                                        Psetsysentry(Proc, &full_set);
                                        pri->syslast = Lsp->pr_stime;
                                } else if (dotrace &&
                                    prismember(&trace, what)) {
                                        (void) sysentry(pri, dotrace);
                                        putpname(pri);
                                        timestamp(pri);
                                        pri->length +=
                                            printf("%s\n", pri->sys_string);
                                        Flush();
                                }
                                pri->sys_leng = 0;
                                *pri->sys_string = '\0';

                                if (what == SYS_exit)
                                        exit_called = TRUE;
                                break;
                        case SYS_execve:
                                show_cred(pri, FALSE, TRUE);
                                (void) sysentry(pri, dotrace);
                                if (dotrace && !cflag &&
                                    prismember(&trace, what)) {
                                        pri->exec_string =
                                            my_realloc(pri->exec_string,
                                            strlen(pri->sys_string) + 1,
                                            NULL);
                                        (void) strcpy(pri->exec_pname,
                                            pri->pname);
                                        (void) strcpy(pri->exec_string,
                                            pri->sys_string);
                                        pri->length += strlen(pri->sys_string);
                                        pri->exec_lwpid = Lsp->pr_lwpid;
                                }
                                pri->sys_leng = 0;
                                *pri->sys_string = '\0';
                                break;
                        default:
                                if (dotrace && (cflag || Eflag) &&
                                    prismember(&trace, what)) {
                                        pri->syslast = Lsp->pr_stime;
                                }
                                break;
                        }
                        if (dotrace && Tflag && !first &&
                            (prismember(&syshang, what) ||
                            (exit_called && prismember(&syshang, SYS_exit))))
                                leave_it_hung = TRUE;
                        break;
                case PR_SYSEXIT:
                        /* check for write open of a /proc file */
                        if (what == SYS_openat || what == SYS_openat64 ||
                            what == SYS_open || what == SYS_open64) {
                                int readonly;

                                (void) sysentry(pri, dotrace);
                                pri->Errno = Lsp->pr_errno;
                                pri->ErrPriv = Lsp->pr_errpriv;
                                readonly =
                                    ((what == SYS_openat ||
                                    what == SYS_openat64) &&
                                    pri->sys_nargs > 2 &&
                                    (pri->sys_args[2]&0x3) == O_RDONLY) ||
                                    ((what == SYS_open ||
                                    what == SYS_open64) &&
                                    pri->sys_nargs > 1 &&
                                    (pri->sys_args[1]&0x3) == O_RDONLY);
                                if ((pri->Errno == 0 || pri->Errno == EBUSY) &&
                                    pri->sys_valid && !readonly) {
                                        int rv = checkproc(pri);
                                        if (rv == 1 && Fflag != PGRAB_FORCE) {
                                                /*
                                                 * The process opened itself
                                                 * and no -F flag was specified.
                                                 * Just print the open() call
                                                 * and let go of the process.
                                                 */
                                                if (dotrace && !cflag &&
                                                    prismember(&trace, what)) {
                                                        putpname(pri);
                                                        timestamp(pri);
                                                        (void) printf("%s\n",
                                                            pri->sys_string);
                                                        Flush();
                                                }
                                                sigusr1 = TRUE;
                                                (void) mutex_unlock(
                                                    &truss_lock);
                                                goto out;
                                        }
                                        if (rv == 2) {
                                                /*
                                                 * Process opened someone else.
                                                 * The open is being reissued.
                                                 * Don't report this one.
                                                 */
                                                pri->sys_leng = 0;
                                                *pri->sys_string = '\0';
                                                pri->sys_nargs = 0;
                                                break;
                                        }
                                }
                        }
                        if (what == SYS_execve && Lsp->pr_errno == 0) {
                                /*
                                 * Refresh the data model on exec() in case it
                                 * is different from the parent.  Lwait()
                                 * doesn't update process-wide status, so we
                                 * have to explicitly call Pstopstatus() to get
                                 * the new state.
                                 */
                                (void) Pstopstatus(Proc, PCNULL, 0);
                                data_model = Psp->pr_dmodel;
                        }
                        if (sysexit(pri, dotrace))
                                Flush();
                        if (what == SYS_lwp_create && pri->Rval1 != 0) {
                                struct ps_lwphandle *new_Lwp;
                                lwpid_t lwpid;

                                if ((new_Lwp = grab_lwp(pri->Rval1)) != NULL) {
                                        (void) thr_sigsetmask(SIG_SETMASK,
                                            &fillset, NULL);
                                        if (thr_create(NULL, 0, worker_thread,
                                            new_Lwp, THR_BOUND | THR_SUSPENDED,
                                            &lwpid) != 0)
                                                abend("cannot create lwp ",
                                                    "to follow child lwp");
                                        insert_lwpid(lwpid);
                                        (void) thr_continue(lwpid);
                                        (void) thr_sigsetmask(SIG_SETMASK,
                                            &emptyset, NULL);
                                }
                        }
                        pri->sys_nargs = 0;
                        if (dotrace && Tflag && !first &&
                            prismember(&syshang, what))
                                leave_it_hung = TRUE;
                        if (what == SYS_execve && pri->Errno == 0) {
                                is_vfork_child = FALSE;
                                reset_breakpoints();
                                /*
                                 * exec() resets the calling LWP's lwpid to 1.
                                 * If the LWP has changed its lwpid, then
                                 * we have to free and re-grab the LWP
                                 * in order to keep libproc consistent.
                                 * This "cannot fail".
                                 */
                                if (who != Lsp->pr_lwpid) {
                                        /*
                                         * We must wait for all of our
                                         * siblings to terminate.
                                         */
                                        while (truss_nlwp > 1)
                                                (void) cond_wait(&truss_cv,
                                                    &truss_lock);
                                        who = Lsp->pr_lwpid;
                                        Lfree(Lwp);
                                        pri->Lwp = Lwp =
                                            Lgrab(Proc, who, &gcode);
                                        if (Lwp == NULL)
                                                abend("Lgrab error: ",
                                                    Lgrab_error(gcode));
                                        pri->lwpstat = Lsp = Lstatus(Lwp);
                                }
                        }
                        break;
                default:
                        req_flag = 0;
                        (void) fprintf(stderr,
                            "unknown reason for stopping: %d/%d\n",
                            Lsp->pr_why, what);
                        abend(NULL, NULL);
                }

                if (pri->child) {       /* controlled process fork()ed */
                        if (fflag || Dynpat != NULL)  {
                                if (Lsp->pr_why == PR_SYSEXIT &&
                                    (Lsp->pr_what == SYS_vfork ||
                                    (Lsp->pr_what == SYS_forksys &&
                                    Lsp->pr_sysarg[0] == 2))) {
                                        is_vfork_child = TRUE;
                                        (void) Pstop(Proc, 0);
                                }
                                if (control(pri, pri->child)) {
                                        (void) mutex_unlock(&truss_lock);
                                        pri->child = 0;
                                        if (!fflag) {
                                                /*
                                                 * If this is vfork(), then
                                                 * this clears the breakpoints
                                                 * in the parent's address space
                                                 * as well as in the child's.
                                                 */
                                                clear_breakpoints();
                                                Prelease(Proc, PRELEASE_CLEAR);
                                                _exit(0);
                                        }
                                        main_thread(FALSE);
                                        /* NOTREACHED */
                                }

                                /*
                                 * Here, we are still the parent truss.
                                 * If the child messes with the breakpoints and
                                 * this is vfork(), we have to set them again.
                                 */
                                if (Dynpat != NULL && is_vfork_child && !fflag)
                                        reset_traps = TRUE;
                                is_vfork_child = FALSE;
                        }
                        pri->child = 0;
                }

                if (leave_it_hung) {
                        (void) mutex_unlock(&truss_lock);
                        break;
                }

                if (reset_traps) {
                        /*
                         * To recover from vfork, we must catch the lwp
                         * that issued the vfork() when it returns to user
                         * level, with all other lwps remaining stopped.
                         * For this purpose, we have directed all lwps to
                         * stop and we now set the vfork()ing lwp running
                         * with the PRSTEP flag.  We expect to capture it
                         * when it stops again showing PR_FAULTED/FLTTRACE.
                         * We are holding truss_lock, so no other threads
                         * in truss will set any other lwps in the victim
                         * process running.
                         */
                        reset_traps = FALSE;
                        (void) Lsetrun(Lwp, 0, PRSTEP);
                        do {
                                (void) Lwait(Lwp, 0);
                        } while (Lstate(Lwp) == PS_RUN);
                        if (Lstate(Lwp) == PS_STOP &&
                            Lsp->pr_why == PR_FAULTED &&
                            Lsp->pr_what == FLTTRACE) {
                                reestablish_traps();
                                (void) Lsetrun(Lwp, 0, PRCFAULT|PRSTOP);
                        } else {
                                (void) printf("%s\t*** Expected PR_FAULTED/"
                                    "FLTTRACE stop following vfork()\n",
                                    pri->pname);
                        }
                }

                if (Lstate(Lwp) == PS_STOP) {
                        int flags = 0;

                        if (interrupt | sigusr1) {
                                (void) mutex_unlock(&truss_lock);
                                break;
                        }
                        /*
                         * If we must leave this lwp hung is sympathy with
                         * another lwp that is being left hung on purpose,
                         * then push the state onward toward PR_REQUESTED.
                         */
                        if (leave_hung) {
                                if (Lsp->pr_why == PR_REQUESTED) {
                                        (void) mutex_unlock(&truss_lock);
                                        break;
                                }
                                flags |= PRSTOP;
                        }
                        if (Lsetrun(Lwp, 0, flags) != 0 &&
                            Lstate(Lwp) != PS_LOST &&
                            Lstate(Lwp) != PS_UNDEAD) {
                                (void) mutex_unlock(&truss_lock);
                                perror("Lsetrun");
                                abend("cannot start subject lwp", NULL);
                                /* NOTREACHED */
                        }
                }
                first = FALSE;

                (void) mutex_unlock(&truss_lock);
        }

out:
        /* block all signals in preparation for exiting */
        (void) thr_sigsetmask(SIG_SETMASK, &fillset, NULL);

        if (Lstate(Lwp) == PS_UNDEAD || Lstate(Lwp) == PS_LOST)
                (void) mutex_lock(&truss_lock);
        else {
                (void) Lstop(Lwp, MILLISEC);
                (void) mutex_lock(&truss_lock);
                if (Lstate(Lwp) == PS_STOP &&
                    Lsp->pr_why == PR_FAULTED &&
                    Lsp->pr_what == FLTBPT)
                        (void) function_trace(pri, 0, 1, dotrace);
        }

        if (dotrace && ow_in_effect) {
                if (cflag) {
                        (void) mutex_lock(&count_lock);
                        scp = Cp->syscount[ow_syscall];
                        if (ow_subcode != -1)
                                scp += ow_subcode;
                        scp->count++;
                        accumulate(&scp->stime,
                            &Lsp->pr_stime, &pri->syslast);
                        accumulate(&Cp->usrtotal,
                            &Lsp->pr_utime, &pri->usrlast);
                        pri->syslast = Lsp->pr_stime;
                        pri->usrlast = Lsp->pr_utime;
                        (void) mutex_unlock(&count_lock);
                } else if (Eflag) {
                        putpname(pri);
                        timestamp(pri);
                        (void) printf("%s\n", ow_string);
                        free(ow_string);
                        ow_string = NULL;
                        pri->syslast = Lsp->pr_stime;
                }
                ow_in_effect = 0;
                Psetsysentry(Proc, &running_set);
        }

        if (Lstate(Lwp) == PS_UNDEAD || Lstate(Lwp) == PS_LOST) {
                /*
                 * The victim thread has exited or we lost control of
                 * the process.  Remove ourself from the list of all
                 * truss threads and notify everyone waiting for this.
                 */
                lwpid_t my_id = thr_self();
                int i;

                for (i = 0; i < truss_maxlwp; i++) {
                        if (truss_lwpid[i] == my_id) {
                                truss_lwpid[i] = 0;
                                break;
                        }
                }
                if (--truss_nlwp != 0) {
                        (void) cond_broadcast(&truss_cv);
                } else {
                        /*
                         * The last truss worker thread is terminating.
                         * The address space is gone (UNDEAD) or is
                         * inaccessible (LOST) so we cannot clear the
                         * breakpoints.  Just report the htable stats.
                         */
                        report_htable_stats();
                }
        } else {
                /*
                 * The victim thread is not a zombie thread, and we have not
                 * lost control of the process.  We must have gotten here due
                 * to (leave_hung || leave_it_hung || interrupt || sigusr1).
                 * In these cases, we must carefully uninstrument the process
                 * and either set it running or leave it stopped and abandoned.
                 */
                static int nstopped = 0;
                static int cleared = 0;

                if (leave_it_hung)
                        leave_hung = TRUE;
                if ((leave_hung | interrupt | sigusr1) == 0)
                        abend("(leave_hung | interrupt | sigusr1) == 0", NULL);

                /*
                 * The first truss thread through here needs to instruct all
                 * application threads to stop -- they're not necessarily
                 * going to stop on their own.
                 */
                if (nstopped++ == 0)
                        (void) Pdstop(Proc);

                /*
                 * Notify all other worker threads about the reason
                 * for being here (leave_hung || interrupt || sigusr1).
                 */
                broadcast_signals();

                /*
                 * Once the last thread has reached this point, then and
                 * only then is it safe to remove breakpoints and other
                 * instrumentation.  Since breakpoints are executed without
                 * truss_lock held, a monitor thread can't exit until all
                 * breakpoints have been removed, and we can't be sure the
                 * procedure to execute a breakpoint won't temporarily
                 * reinstall a breakpont.  Accordingly, we need to wait
                 * until all threads are in a known state.
                 */
                while (nstopped != truss_nlwp)
                        (void) cond_wait(&truss_cv, &truss_lock);

                /*
                 * All truss threads have reached this point.
                 * One of them clears the breakpoints and
                 * wakes up everybody else to finish up.
                 */
                if (cleared++ == 0) {
                        /*
                         * All threads should already be stopped,
                         * but just to be safe...
                         */
                        (void) Pstop(Proc, MILLISEC);
                        clear_breakpoints();
                        (void) Psysexit(Proc, SYS_vfork, FALSE);
                        (void) Psysexit(Proc, SYS_forksys, FALSE);
                        (void) Punsetflags(Proc, PR_FORK);
                        Psync(Proc);
                        fflag = 0;
                        (void) cond_broadcast(&truss_cv);
                }

                if (!leave_hung && Lstate(Lwp) == PS_STOP)
                        (void) Lsetrun(Lwp, 0, 0);
        }

        (void) Lfree(Lwp);
        (void) mutex_unlock(&truss_lock);
        return (NULL);
}

/*
 * Give a base date for time stamps, adjusted to the
 * stop time of the selected (first or created) process.
 */
void
setup_basetime(hrtime_t basehrtime, struct timeval *basedate)
{
        const pstatus_t *Psp = Pstatus(Proc);
        (void) mutex_lock(&count_lock);
        Cp->basetime = Psp->pr_lwp.pr_tstamp;
        (void) mutex_unlock(&count_lock);

        if ((dflag|Dflag) && !cflag) {
                const struct tm *ptm;
                const char *ptime;
                const char *pdst;
                hrtime_t delta = basehrtime -
                    ((hrtime_t)Cp->basetime.tv_sec * NANOSEC +
                    Cp->basetime.tv_nsec);

                if (delta > 0) {
                        basedate->tv_sec -= (time_t)(delta / NANOSEC);
                        basedate->tv_usec -= (delta % NANOSEC) / 1000;
                        if (basedate->tv_usec < 0) {
                                basedate->tv_sec--;
                                basedate->tv_usec += MICROSEC;
                        }
                }
                ptm = localtime(&basedate->tv_sec);
                ptime = asctime(ptm);
                if ((pdst = tzname[ptm->tm_isdst ? 1 : 0]) == NULL)
                        pdst = "???";
                if (dflag) {
                        (void) printf(
                            "Base time stamp:  %ld.%4.4ld  [ %.20s%s %.4s ]\n",
                            basedate->tv_sec, basedate->tv_usec / 100,
                            ptime, pdst, ptime + 20);
                        Flush();
                }
        }
}

/*
 * Performs per-process initializations. If truss is following a victim
 * process it will fork additional truss processes to follow new processes
 * created.  Here is where each new truss process gets its per-process data
 * initialized.
 */

void
per_proc_init()
{
        void *pmem;
        struct timeval basedate;
        hrtime_t basehrtime;
        struct syscount *scp;
        int i;
        timestruc_t c_basetime;

        /* Make sure we only configure the basetime for the first truss proc */

        if (Cp == NULL) {
                pmem = my_malloc(sizeof (struct counts) + maxsyscalls() *
                    sizeof (struct syscount), NULL);
                Cp = (struct counts *)pmem;
                basehrtime = gethrtime();
                (void) gettimeofday(&basedate, NULL);
                setup_basetime(basehrtime, &basedate);
        }

        c_basetime = Cp->basetime;

        (void) memset(Cp, 0, sizeof (struct counts) + maxsyscalls() *
            sizeof (struct syscount));

        Cp->basetime = c_basetime;

        if (fcall_tbl != NULL)
                destroy_hash(fcall_tbl);
        fcall_tbl = init_hash(4096);

        (void) mutex_lock(&count_lock);
        scp = (struct syscount *)(Cp + 1);
        for (i = 0; i <= PRMAXSYS; i++) {
                Cp->syscount[i] = scp;
                scp += nsubcodes(i);
        }
        (void) mutex_unlock(&count_lock);
}


/*
 * Writes child state to a tempfile where it can be read and
 * accumulated by the parent process. The file descriptor is shared
 * among the processes.  Ordering of writes does not matter, it is, however,
 * necessary to ensure that all writes are atomic.
 */

void
child_to_file()
{
        hiter_t *itr;
        hentry_t *ntry;
        hdntry_t fentry;
        char *s = NULL;
        char *t = NULL;
        unsigned char *buf = NULL;
        size_t bufsz = 0;
        size_t i = 0;
        size_t j = 0;

        /* ensure that we are in fact a child process */
        if (!descendent)
                return;

        /* enumerate fcall_tbl (tbl locked until freed) */
        if (Dynpat != NULL) {
                itr = iterate_hash(fcall_tbl);

                ntry = iter_next(itr);
                while (ntry != NULL) {
                        fentry.type = HD_hashntry;
                        fentry.count = ntry->count;
                        s = ntry->key;
                        t = ntry->lib;
                        i = strlen(s) + 1;
                        j = strlen(t) + 1;
                        fentry.sz_key = i;
                        fentry.sz_lib = j;
                        if (i + sizeof (fentry) > bufsz) {
                                buf = my_realloc(buf, i + j + sizeof (fentry),
                                    NULL);
                                bufsz = i + j + sizeof (fentry);
                        }
                        (void) memcpy(buf, &fentry, sizeof (fentry));
                        (void) strlcpy((char *)(buf + sizeof (fentry)), t, j);
                        (void) strlcpy((char *)(buf + sizeof (fentry) + j),
                            s, i);
                        if (write(sfd, buf, sizeof (fentry) + i + j) == -1)
                                abend("Error writing to tmp file", NULL);
                        ntry = iter_next(itr);
                }
                iter_free(itr);
        }

        /* Now write the count/syscount structs down */
        bufsz = sizeof (fentry) + (sizeof (struct counts) + maxsyscalls() *
            sizeof (struct syscount));
        buf = my_realloc(buf, bufsz, NULL);
        fentry.type = HD_cts_syscts;
        fentry.count = 0;       /* undefined, really */
        fentry.sz_key = bufsz - sizeof (fentry);
        fentry.sz_lib = 0;      /* also undefined */
        (void) memcpy(buf, &fentry, sizeof (fentry));
        (void) memcpy((char *)(buf + sizeof (fentry)), Cp,
            bufsz - sizeof (fentry));
        if (write(sfd, buf, bufsz) == -1)
                abend("Error writing cts/syscts to tmpfile", NULL);

        free(buf);
}

/*
 * The following reads entries from the tempfile back to the parent
 * so that information can be collected and summed for overall statistics.
 * This reads records out of the tempfile.  If they are hash table entries,
 * the record is merged with the hash table kept by the parent process.
 * If the information is a struct count/struct syscount pair, they are
 * copied and added into the count/syscount array kept by the parent.
 */

void
file_to_parent()
{
        hdntry_t ntry;
        char *s = NULL;
        char *t = NULL;
        size_t c_offset = 0;
        size_t filesz;
        size_t t_strsz = 0;
        size_t s_strsz = 0;
        struct stat fsi;

        if (descendent)
                return;

        if (fstat(sfd, &fsi) == -1)
                abend("Error stat-ing tempfile", NULL);
        filesz = fsi.st_size;

        while (c_offset < filesz) {
                /* first get hdntry */
                if (pread(sfd, &ntry, sizeof (hdntry_t), c_offset) !=
                    sizeof (hdntry_t))
                        abend("Unable to perform full read of hdntry", NULL);
                c_offset += sizeof (hdntry_t);

                switch (ntry.type) {
                case HD_hashntry:

                        /* first get lib string */
                        if (ntry.sz_lib > t_strsz) {
                                t = my_realloc(t, ntry.sz_lib, NULL);
                                t_strsz = ntry.sz_lib;
                        }

                        (void) memset(t, 0, t_strsz);

                        /* now actually get the string */
                        if (pread(sfd, t, ntry.sz_lib, c_offset) != ntry.sz_lib)
                                abend("Unable to perform full read of lib str",
                                    NULL);
                        c_offset += ntry.sz_lib;

                        /* now get key string */

                        if (ntry.sz_key > s_strsz) {
                                s = my_realloc(s, ntry.sz_key, NULL);
                                s_strsz = ntry.sz_key;
                        }
                        (void) memset(s, 0, s_strsz);
                        if (pread(sfd, s, ntry.sz_key, c_offset) != ntry.sz_key)
                                abend("Unable to perform full read of key str",
                                    NULL);
                        c_offset += ntry.sz_key;

                        add_fcall(fcall_tbl, t, s, ntry.count);
                        break;

                case HD_cts_syscts:
                {
                        struct counts *ncp;
                        size_t bfsz = sizeof (struct counts) + maxsyscalls()
                            * sizeof (struct syscount);
                        int i;
                        struct syscount *sscp;

                        if (ntry.sz_key != bfsz)
                                abend("cts/syscts size does not sanity check",
                                    NULL);
                        ncp = my_malloc(ntry.sz_key, NULL);

                        if (pread(sfd, ncp, ntry.sz_key, c_offset) !=
                            ntry.sz_key)
                                abend("Unable to perform full read of cts",
                                    NULL);
                        c_offset += ntry.sz_key;

                        sscp = (struct syscount *)(ncp + 1);

                        (void) mutex_lock(&count_lock);

                        Cp->usrtotal.tv_sec += ncp->usrtotal.tv_sec;
                        Cp->usrtotal.tv_nsec += ncp->usrtotal.tv_nsec;
                        if (Cp->usrtotal.tv_nsec >= NANOSEC) {
                                Cp->usrtotal.tv_nsec -= NANOSEC;
                                Cp->usrtotal.tv_sec++;
                        }
                        for (i = 0; i <= PRMAXSYS; i++) {
                                ncp->syscount[i] = sscp;
                                sscp += nsubcodes(i);
                        }

                        for (i = 0; i <= PRMAXFAULT; i++) {
                                Cp->fltcount[i] += ncp->fltcount[i];
                        }

                        for (i = 0; i <= PRMAXSIG; i++) {
                                Cp->sigcount[i] += ncp->sigcount[i];
                        }

                        for (i = 0; i <= PRMAXSYS; i++) {
                                struct syscount *scp = Cp->syscount[i];
                                struct syscount *nscp = ncp->syscount[i];
                                int n = nsubcodes(i);
                                int subcode;

                                for (subcode = 0; subcode < n; subcode++,
                                    scp++, nscp++) {
                                        scp->count += nscp->count;
                                        scp->error += nscp->error;
                                        scp->stime.tv_sec += nscp->stime.tv_sec;
                                        scp->stime.tv_nsec +=
                                            nscp->stime.tv_nsec;
                                        if (scp->stime.tv_nsec >= NANOSEC) {
                                                scp->stime.tv_nsec -= NANOSEC;
                                                scp->stime.tv_sec++;
                                        }
                                }
                        }
                        (void) mutex_unlock(&count_lock);
                        free(ncp);
                        break;
                }
                default:

                        abend("Unknown file entry type encountered", NULL);
                        break;

                }

                if (fstat(sfd, &fsi) == -1)
                        abend("Error stat-ing tempfile", NULL);
                filesz = fsi.st_size;
        }
        if (s != NULL)
                free(s);
        if (t != NULL)
                free(t);
}

void
make_pname(private_t *pri, id_t tid)
{
        if (!cflag) {
                int ff = (fflag || ngrab > 1);
                int lf = (lflag | tid | (Thr_agent != NULL) | (truss_nlwp > 1));
                pid_t pid = Pstatus(Proc)->pr_pid;
                id_t lwpid = pri->lwpstat->pr_lwpid;

                if (ff != pri->pparam.ff ||
                    lf != pri->pparam.lf ||
                    pid != pri->pparam.pid ||
                    lwpid != pri->pparam.lwpid ||
                    tid != pri->pparam.tid) {
                        char *s = pri->pname;

                        if (ff)
                                s += sprintf(s, "%d", (int)pid);
                        if (lf)
                                s += sprintf(s, "/%d", (int)lwpid);
                        if (tid)
                                s += sprintf(s, "@%d", (int)tid);
                        if (ff || lf)
                                *s++ = ':', *s++ = '\t';
                        if (ff && lf && s < pri->pname + 9)
                                *s++ = '\t';
                        *s = '\0';
                        pri->pparam.ff = ff;
                        pri->pparam.lf = lf;
                        pri->pparam.pid = pid;
                        pri->pparam.lwpid = lwpid;
                        pri->pparam.tid = tid;
                }
        }
}

/*
 * Print the pri->pname[] string, if any.
 */
void
putpname(private_t *pri)
{
        if (pri->pname[0])
                (void) fputs(pri->pname, stdout);
}

/*
 * Print the timestamp, if requested (-d, -D, or -E).
 */
void
timestamp(private_t *pri)
{
        const lwpstatus_t *Lsp = pri->lwpstat;
        int seconds;
        int fraction;

        if (!(dflag|Dflag|Eflag) || !(Lsp->pr_flags & PR_STOPPED))
                return;

        seconds = Lsp->pr_tstamp.tv_sec - Cp->basetime.tv_sec;
        fraction = Lsp->pr_tstamp.tv_nsec - Cp->basetime.tv_nsec;
        if (fraction < 0) {
                seconds--;
                fraction += NANOSEC;
        }
        /* fraction in 1/10 milliseconds, rounded up */
        fraction = (fraction + 50000) / 100000;
        if (fraction >= (MILLISEC * 10)) {
                seconds++;
                fraction -= (MILLISEC * 10);
        }

        if (dflag)              /* time stamp */
                (void) printf("%2d.%4.4d\t", seconds, fraction);

        if (Dflag) {            /* time delta */
                int oseconds = pri->seconds;
                int ofraction = pri->fraction;

                pri->seconds = seconds;
                pri->fraction = fraction;
                seconds -= oseconds;
                fraction -= ofraction;
                if (fraction < 0) {
                        seconds--;
                        fraction += (MILLISEC * 10);
                }
                (void) printf("%2d.%4.4d\t", seconds, fraction);
        }

        if (Eflag) {
                seconds = Lsp->pr_stime.tv_sec - pri->syslast.tv_sec;
                fraction = Lsp->pr_stime.tv_nsec - pri->syslast.tv_nsec;

                if (fraction < 0) {
                        seconds--;
                        fraction += NANOSEC;
                }
                /* fraction in 1/10 milliseconds, rounded up */
                fraction = (fraction + 50000) / 100000;
                if (fraction >= (MILLISEC * 10)) {
                        seconds++;
                        fraction -= (MILLISEC * 10);
                }
                (void) printf("%2d.%4.4d\t", seconds, fraction);
        }
}

/*
 * Create output file, being careful about
 * suid/sgid and file descriptor 0, 1, 2 issues.
 */
int
xcreat(char *path)
{
        int fd;
        int mode = 0666;

        if (Euid == Ruid && Egid == Rgid)       /* not set-id */
                fd = creat(path, mode);
        else if (access(path, F_OK) != 0) {     /* file doesn't exist */
                /* if directory permissions OK, create file & set ownership */

                char *dir;
                char *p;
                char dot[4];

                /* generate path for directory containing file */
                if ((p = strrchr(path, '/')) == NULL) { /* no '/' */
                        p = dir = dot;
                        *p++ = '.';             /* current directory */
                        *p = '\0';
                } else if (p == path) {                 /* leading '/' */
                        p = dir = dot;
                        *p++ = '/';             /* root directory */
                        *p = '\0';
                } else {                                /* embedded '/' */
                        dir = path;             /* directory path */
                        *p = '\0';
                }

                if (access(dir, W_OK|X_OK) != 0) {
                        /* not writeable/searchable */
                        *p = '/';
                        fd = -1;
                } else {        /* create file and set ownership correctly */
                        *p = '/';
                        if ((fd = creat(path, mode)) >= 0)
                                (void) chown(path, (int)Ruid, (int)Rgid);
                }
        } else if (access(path, W_OK) != 0)     /* file not writeable */
                fd = -1;
        else
                fd = creat(path, mode);

        /*
         * Make sure it's not one of 0, 1, or 2.
         * This allows truss to work when spawned by init(8).
         */
        if (0 <= fd && fd <= 2) {
                int dfd = fcntl(fd, F_DUPFD, 3);
                (void) close(fd);
                fd = dfd;
        }

        /*
         * Mark it close-on-exec so created processes don't inherit it.
         */
        if (fd >= 0)
                (void) fcntl(fd, F_SETFD, FD_CLOEXEC);

        return (fd);
}

void
setoutput(int ofd)
{
        if (ofd < 0) {
                (void) close(1);
                (void) fcntl(2, F_DUPFD, 1);
        } else if (ofd != 1) {
                (void) close(1);
                (void) fcntl(ofd, F_DUPFD, 1);
                (void) close(ofd);
                /* if no stderr, make it the same file */
                if ((ofd = dup(2)) < 0)
                        (void) fcntl(1, F_DUPFD, 2);
                else
                        (void) close(ofd);
        }
}

/*
 * Accumulate time differencies:  a += e - s;
 */
void
accumulate(timestruc_t *ap, const timestruc_t *ep, const timestruc_t *sp)
{
        ap->tv_sec += ep->tv_sec - sp->tv_sec;
        ap->tv_nsec += ep->tv_nsec - sp->tv_nsec;
        if (ap->tv_nsec >= NANOSEC) {
                ap->tv_nsec -= NANOSEC;
                ap->tv_sec++;
        } else if (ap->tv_nsec < 0) {
                ap->tv_nsec += NANOSEC;
                ap->tv_sec--;
        }
}

int
lib_sort(const void *p1, const void *p2)
{
        int cmpr = 0;
        long i;
        long j;

        hentry_t *t1 = (hentry_t *)p1;
        hentry_t *t2 = (hentry_t *)p2;

        char *p = t1->lib;
        char *q = t2->lib;

        if ((cmpr = strcmp(p, q)) == 0) {
                i = t1->count;
                j = t2->count;
                if (i > j)
                        return (-1);
                else if (i < j)
                        return (1);
                else {
                        p = t1->key;
                        q = t2->key;
                        return (strcmp(p, q));
                }
        } else
                return (cmpr);
}

void
report(private_t *pri, time_t lapse)    /* elapsed time, clock ticks */
{
        int i;
        long count;
        const char *name;
        long error;
        long total;
        long errtot;
        timestruc_t tickzero;
        timestruc_t ticks;
        timestruc_t ticktot;

        if (descendent)
                return;

        for (i = 0, total = 0; i <= PRMAXFAULT && !interrupt; i++) {
                if ((count = Cp->fltcount[i]) != 0) {
                        if (total == 0)         /* produce header */
                                (void) printf("faults -------------\n");

                        name = proc_fltname(i, pri->flt_name,
                            sizeof (pri->flt_name));

                        (void) printf("%s%s\t%4ld\n", name,
                            (((int)strlen(name) < 8)?
                            (const char *)"\t" : (const char *)""),
                            count);
                        total += count;
                }
        }
        if (total && !interrupt)
                (void) printf("total:\t\t%4ld\n\n", total);

        for (i = 0, total = 0; i <= PRMAXSIG && !interrupt; i++) {
                if ((count = Cp->sigcount[i]) != 0) {
                        if (total == 0)         /* produce header */
                                (void) printf("signals ------------\n");
                        name = signame(pri, i);
                        (void) printf("%s%s\t%4ld\n", name,
                            (((int)strlen(name) < 8)?
                            (const char *)"\t" : (const char *)""),
                            count);
                        total += count;
                }
        }
        if (total && !interrupt)
                (void) printf("total:\t\t%4ld\n\n", total);

        if ((Dynpat != NULL) && !interrupt) {
                size_t elem = elements_in_table(fcall_tbl);
                hiter_t *itr = iterate_hash(fcall_tbl);
                hentry_t *tmp = iter_next(itr);
                hentry_t *stbl = my_malloc(elem * sizeof (hentry_t), NULL);
                i = 0;
                while ((tmp != NULL) && (i < elem)) {
                        stbl[i].prev = tmp->prev;
                        stbl[i].next = tmp->next;
                        stbl[i].lib = tmp->lib;
                        stbl[i].key = tmp->key;
                        stbl[i].count = tmp->count;
                        tmp = iter_next(itr);
                        i++;
                }
                qsort((void *)stbl, elem, sizeof (hentry_t),
                    lib_sort);
                (void) printf(
                    "\n%-20s %-40s %s\n", "Library:", "Function", "calls");
                for (i = 0; i < elem; i++) {
                        (void) printf("%-20s %-40s %ld\n", stbl[i].lib,
                            stbl[i].key, stbl[i].count);
                }
                iter_free(itr);
                free(stbl);
                itr = NULL;
        }

        if (!interrupt)
                (void) printf(
                "\nsyscall               seconds   calls  errors\n");

        total = errtot = 0;
        tickzero.tv_sec = ticks.tv_sec = ticktot.tv_sec = 0;
        tickzero.tv_nsec = ticks.tv_nsec = ticktot.tv_nsec = 0;
        for (i = 0; i <= PRMAXSYS && !interrupt; i++) {
                struct syscount *scp = Cp->syscount[i];
                int n = nsubcodes(i);
                int subcode;

                for (subcode = 0; subcode < n; subcode++, scp++) {
                        if ((count = scp->count) != 0 || scp->error) {
                                (void) printf("%-19.19s ",
                                    sysname(pri, i, subcode));

                                ticks = scp->stime;
                                accumulate(&ticktot, &ticks, &tickzero);
                                prtim(&ticks);

                                (void) printf(" %7ld", count);
                                if ((error = scp->error) != 0)
                                        (void) printf(" %7ld", error);
                                (void) fputc('\n', stdout);
                                total += count;
                                errtot += error;
                        }
                }
        }

        if (!interrupt) {
                (void) printf(
                "                     --------  ------   ----\n");
                (void) printf("sys totals:         ");
                prtim(&ticktot);
                (void) printf(" %7ld %6ld\n", total, errtot);
        }

        if (!interrupt) {
                (void) printf("usr time:           ");
                prtim(&Cp->usrtotal);
                (void) fputc('\n', stdout);
        }

        if (!interrupt) {
                int hz = (int)sysconf(_SC_CLK_TCK);

                ticks.tv_sec = lapse / hz;
                ticks.tv_nsec = (lapse % hz) * (1000000000 / hz);
                (void) printf("elapsed:            ");
                prtim(&ticks);
                (void) fputc('\n', stdout);
        }
}

void
prtim(timestruc_t *tp)
{
        time_t sec;

        if ((sec = tp->tv_sec) != 0)                    /* whole seconds */
                (void) printf("%5lu", sec);
        else
                (void) printf("     ");

        (void) printf(".%3.3ld", tp->tv_nsec/1000000);  /* fraction */
}

/*
 * Gather process id's.
 * Return 0 on success, != 0 on failure.
 */
void
pids(char *arg, proc_set_t *grab)
{
        pid_t pid = -1;
        int i;
        const char *lwps = NULL;

        if ((pid = proc_arg_xpsinfo(arg, PR_ARG_PIDS, NULL, &i, &lwps)) < 0) {
                (void) fprintf(stderr, "%s: cannot trace '%s': %s\n",
                    command, arg, Pgrab_error(i));
                return;
        }

        for (i = 0; i < ngrab; i++)
                if (grab[i].pid == pid) /* duplicate */
                        break;

        if (i == ngrab) {
                grab[ngrab].pid = pid;
                grab[ngrab].lwps = lwps;
                ngrab++;
        } else {
                (void) fprintf(stderr, "%s: duplicate process-id ignored: %d\n",
                    command, (int)pid);
        }
}

/*
 * Report psargs string.
 */
void
psargs(private_t *pri)
{
        pid_t pid = Pstatus(Proc)->pr_pid;
        psinfo_t psinfo;

        if (proc_get_psinfo(pid, &psinfo) == 0)
                (void) printf("%spsargs: %.64s\n",
                    pri->pname, psinfo.pr_psargs);
        else {
                perror("psargs()");
                (void) printf("%s\t*** Cannot read psinfo file for pid %d\n",
                    pri->pname, (int)pid);
        }
}

char *
fetchstring(private_t *pri, long addr, int maxleng)
{
        int nbyte;
        int leng = 0;
        char string[41];

        string[40] = '\0';
        if (pri->str_bsize == 0)  /* initial allocation of string buffer */
                pri->str_buffer =
                    my_malloc(pri->str_bsize = 16, "string buffer");
        *pri->str_buffer = '\0';

        for (nbyte = 40; nbyte == 40 && leng < maxleng; addr += 40) {
                if ((nbyte = Pread(Proc, string, 40, addr)) <= 0)
                        return (leng? pri->str_buffer : NULL);
                if (nbyte > 0 &&
                    (nbyte = strlen(string)) > 0) {
                        while (leng + nbyte >= pri->str_bsize)
                                pri->str_buffer =
                                    my_realloc(pri->str_buffer,
                                    pri->str_bsize *= 2, "string buffer");
                        (void) strcpy(pri->str_buffer+leng, string);
                        leng += nbyte;
                }
        }

        if (leng > maxleng)
                leng = maxleng;
        pri->str_buffer[leng] = '\0';

        return (pri->str_buffer);
}

static priv_set_t *
getset(prpriv_t *p, priv_ptype_t set)
{
        return ((priv_set_t *)
            &p->pr_sets[priv_getsetbyname(set) * p->pr_setsize]);
}

void
show_cred(private_t *pri, int new, int loadonly)
{
        prcred_t cred;
        prpriv_t *privs;

        if (proc_get_cred(Pstatus(Proc)->pr_pid, &cred, 0) < 0) {
                perror("show_cred() - credential");
                (void) printf("%s\t*** Cannot get credentials\n", pri->pname);
                return;
        }
        if ((privs = proc_get_priv(Pstatus(Proc)->pr_pid)) == NULL) {
                perror("show_cred() - privileges");
                (void) printf("%s\t*** Cannot get privileges\n", pri->pname);
                return;
        }

        if (!loadonly && !cflag && prismember(&trace, SYS_execve)) {
                if (new)
                        credentials = cred;
                if ((new && cred.pr_ruid != cred.pr_suid) ||
                    cred.pr_ruid != credentials.pr_ruid ||
                    cred.pr_suid != credentials.pr_suid)
                        (void) printf(
                "%s    *** SUID: ruid/euid/suid = %d / %d / %d  ***\n",
                            pri->pname,
                            (int)cred.pr_ruid,
                            (int)cred.pr_euid,
                            (int)cred.pr_suid);
                if ((new && cred.pr_rgid != cred.pr_sgid) ||
                    cred.pr_rgid != credentials.pr_rgid ||
                    cred.pr_sgid != credentials.pr_sgid)
                        (void) printf(
                "%s    *** SGID: rgid/egid/sgid = %d / %d / %d  ***\n",
                            pri->pname,
                            (int)cred.pr_rgid,
                            (int)cred.pr_egid,
                            (int)cred.pr_sgid);
                if (privdata != NULL && cred.pr_euid != 0) {
                        priv_set_t *npset = getset(privs, PRIV_PERMITTED);
                        priv_set_t *opset = getset(privdata, PRIV_PERMITTED);
                        char *s, *t;
                        if (!priv_issubset(npset, opset)) {
                                /* Use the to be freed privdata as scratch */
                                priv_inverse(opset);
                                priv_intersect(npset, opset);
                                s = priv_set_to_str(opset, ',', PRIV_STR_SHORT);
                                t = priv_set_to_str(npset, ',', PRIV_STR_SHORT);
                                (void) printf("%s    *** FPRIV: P/E: %s ***\n",
                                    pri->pname,
                                    strlen(s) > strlen(t) ? t : s);
                                free(s);
                                free(t);
                        }
                }
        }

        if (privdata != NULL)
                proc_free_priv(privdata);
        credentials = cred;
        privdata = privs;
}

/*
 * Take control of a child process.
 * We come here with truss_lock held.
 */
int
control(private_t *pri, pid_t pid)
{
        const pstatus_t *Psp;
        const lwpstatus_t *Lsp;
        pid_t childpid = 0;
        long flags;
        int rc;

        (void) mutex_lock(&gps->fork_lock);
        while (gps->fork_pid != 0)
                (void) cond_wait(&gps->fork_cv, &gps->fork_lock);
        gps->fork_pid = getpid();       /* parent pid */
        if ((childpid = fork()) == -1) {
                (void) printf("%s\t*** Cannot fork() to control process #%d\n",
                    pri->pname, (int)pid);
                Flush();
                gps->fork_pid = 0;
                (void) cond_broadcast(&gps->fork_cv);
                (void) mutex_unlock(&gps->fork_lock);
                release(pri, pid);
                return (FALSE);
        }

        if (childpid != 0) {
                /*
                 * The parent carries on, after a brief pause.
                 * The parent must wait until the child executes procadd(pid).
                 */
                while (gps->fork_pid != childpid)
                        (void) cond_wait(&gps->fork_cv, &gps->fork_lock);
                gps->fork_pid = 0;
                (void) cond_broadcast(&gps->fork_cv);
                (void) mutex_unlock(&gps->fork_lock);
                return (FALSE);
        }

        childpid = getpid();
        descendent = TRUE;
        exit_called = FALSE;
        Pfree(Proc);    /* forget old process */

        /*
         * The parent process owns the shared gps->fork_lock.
         * The child must grab it again.
         */
        (void) mutex_lock(&gps->fork_lock);

        /*
         * Child grabs the process and retains the tracing flags.
         */
        if ((Proc = Pgrab(pid, PGRAB_RETAIN, &rc)) == NULL) {
                (void) fprintf(stderr,
                    "%s: cannot control child process, pid# %d: %s\n",
                    command, (int)pid, Pgrab_error(rc));
                gps->fork_pid = childpid;
                (void) cond_broadcast(&gps->fork_cv);
                (void) mutex_unlock(&gps->fork_lock);
                exit(2);
        }

        per_proc_init();
        /*
         * Add ourself to the set of truss processes
         * and notify the parent to carry on.
         */
        procadd(pid, NULL);
        gps->fork_pid = childpid;
        (void) cond_broadcast(&gps->fork_cv);
        (void) mutex_unlock(&gps->fork_lock);

        /*
         * We may have grabbed the child before it is fully stopped on exit
         * from fork.  Wait one second (at most) for it to settle down.
         */
        (void) Pwait(Proc, MILLISEC);
        if (Rdb_agent != NULL)
                Rdb_agent = Prd_agent(Proc);

        Psp = Pstatus(Proc);
        Lsp = &Psp->pr_lwp;
        pri->lwpstat = Lsp;
        data_model = Psp->pr_dmodel;

        make_pname(pri, 0);

        pri->syslast = Psp->pr_stime;
        pri->usrlast = Psp->pr_utime;

        flags = PR_FORK | PR_ASYNC;
        if (Dynpat != NULL)
                flags |= PR_BPTADJ;     /* needed for x86 */
        (void) Psetflags(Proc, flags);

        return (TRUE);
}

/*
 * Take control of an existing process.
 */
int
grabit(private_t *pri, proc_set_t *set)
{
        const pstatus_t *Psp;
        const lwpstatus_t *Lsp;
        int gcode;

        /*
         * Don't force the takeover unless the -F option was specified.
         */
        if ((Proc = Pgrab(set->pid, Fflag, &gcode)) == NULL) {
                (void) fprintf(stderr, "%s: %s: %d\n",
                    command, Pgrab_error(gcode), (int)set->pid);
                pri->lwpstat = NULL;
                return (FALSE);
        }
        Psp = Pstatus(Proc);
        Lsp = &Psp->pr_lwp;
        pri->lwpstat = Lsp;

        make_pname(pri, 0);

        data_model = Psp->pr_dmodel;
        pri->syslast = Psp->pr_stime;
        pri->usrlast = Psp->pr_utime;

        if (fflag || Dynpat != NULL)
                (void) Psetflags(Proc, PR_FORK);
        else
                (void) Punsetflags(Proc, PR_FORK);
        procadd(set->pid, set->lwps);
        show_cred(pri, TRUE, FALSE);
        return (TRUE);
}

/*
 * Release process from control.
 */
void
release(private_t *pri, pid_t pid)
{
        /*
         * The process in question is the child of a traced process.
         * We are here to turn off the inherited tracing flags.
         */
        int fd;
        char ctlname[100];
        long ctl[2];

        ctl[0] = PCSET;
        ctl[1] = PR_RLC;

        /* process is freshly forked, no need for exclusive open */
        (void) sprintf(ctlname, "/proc/%d/ctl", (int)pid);
        if ((fd = open(ctlname, O_WRONLY)) < 0 ||
            write(fd, (char *)ctl, sizeof (ctl)) < 0) {
                perror("release()");
                (void) printf(
                    "%s\t*** Cannot release child process, pid# %d\n",
                    pri->pname, (int)pid);
                Flush();
        }
        if (fd >= 0)    /* run-on-last-close sets the process running */
                (void) close(fd);
}

void
intr(int sig)
{
        /*
         * SIGUSR1 is special.  It is used by one truss process to tell
         * another truss process to release its controlled process.
         * SIGUSR2 is also special.  It is used to wake up threads waiting
         * for a victim lwp to stop after an event that will leave the
         * process hung (stopped and abandoned) has occurred.
         */
        if (sig == SIGUSR1) {
                sigusr1 = TRUE;
        } else if (sig == SIGUSR2) {
                void *value;
                private_t *pri;
                struct ps_lwphandle *Lwp;

                if (thr_getspecific(private_key, &value) == 0 &&
                    (pri = value) != NULL &&
                    (Lwp = pri->Lwp) != NULL)
                        (void) Lstop(Lwp, MILLISEC / 10);
        } else {
                interrupt = sig;
        }
}

void
errmsg(const char *s, const char *q)
{
        char msg[512];

        if (s || q) {
                msg[0] = '\0';
                if (command) {
                        (void) strcpy(msg, command);
                        (void) strcat(msg, ": ");
                }
                if (s)
                        (void) strcat(msg, s);
                if (q)
                        (void) strcat(msg, q);
                (void) strcat(msg, "\n");
                (void) write(2, msg, (size_t)strlen(msg));
        }
}

void
abend(const char *s, const char *q)
{
        (void) thr_sigsetmask(SIG_SETMASK, &fillset, NULL);
        if (Proc) {
                Flush();
                errmsg(s, q);
                clear_breakpoints();
                (void) Punsetflags(Proc, PR_ASYNC);
                Prelease(Proc, created? PRELEASE_KILL : PRELEASE_CLEAR);
                procdel();
                (void) wait4all();
        } else {
                errmsg(s, q);
        }
        exit(2);
}

/*
 * Allocate memory.
 * If allocation fails then print a message and abort.
 */
void *
my_realloc(void *buf, size_t size, const char *msg)
{
        if ((buf = realloc(buf, size)) == NULL) {
                if (msg != NULL)
                        abend("cannot allocate ", msg);
                else
                        abend("memory allocation failure", NULL);
        }

        return (buf);
}

void *
my_calloc(size_t nelem, size_t elsize, const char *msg)
{
        void *buf = NULL;

        if ((buf = calloc(nelem, elsize)) == NULL) {
                if (msg != NULL)
                        abend("cannot allocate ", msg);
                else
                        abend("memory allocation failure", NULL);
        }

        return (buf);
}

void *
my_malloc(size_t size, const char *msg)
{
        return (my_realloc(NULL, size, msg));
}

int
wait4all()
{
        int i;
        pid_t pid;
        int rc = 0;
        int status;

        for (i = 0; i < 10; i++) {
                while ((pid = wait(&status)) != -1) {
                        /* return exit() code of the created process */
                        if (pid == created) {
                                if (WIFEXITED(status))
                                        rc = WEXITSTATUS(status);
                                else
                                        rc |= 0x80; /* +128 to indicate sig */
                        }
                }
                if (errno != EINTR && errno != ERESTART)
                        break;
        }

        if (i >= 10)    /* repeated interrupts */
                rc = 2;

        return (rc);
}

void
letgo(private_t *pri)
{
        (void) printf("%s\t*** process otherwise traced, releasing ...\n",
            pri->pname);
}

/*
 * Test for empty set.
 * support routine used by isemptyset() macro.
 */
int
is_empty(const uint32_t *sp,    /* pointer to set (array of int32's) */
    size_t n)                   /* number of int32's in set */
{
        if (n) {
                do {
                        if (*sp++)
                                return (FALSE);
                } while (--n);
        }

        return (TRUE);
}

/*
 * OR the second set into the first.
 * The sets must be the same size.
 */
void
or_set(uint32_t *sp1, const uint32_t *sp2, size_t n)
{
        if (n) {
                do {
                        *sp1++ |= *sp2++;
                } while (--n);
        }
}