2 * Copyright (c) 1988, 1993
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 4. Neither the name of the University nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 static const char copyright[] =
32 "@(#) Copyright (c) 1988, 1993\n\
33 The Regents of the University of California. All rights reserved.\n";
38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93";
41 #include <sys/cdefs.h>
42 __FBSDID("$FreeBSD$");
46 #include <sys/errno.h>
48 #include <sys/param.h>
49 #include <sys/capsicum.h>
50 #include <sys/errno.h>
55 #include <sys/ktrace.h>
56 #include <sys/ioctl.h>
57 #include <sys/socket.h>
59 #include <sys/sysent.h>
61 #include <sys/queue.h>
63 #include <arpa/inet.h>
64 #include <netinet/in.h>
70 #ifdef HAVE_LIBCAPSICUM
71 #include <libcapsicum.h>
72 #include <libcapsicum_grp.h>
73 #include <libcapsicum_pwd.h>
74 #include <libcapsicum_service.h>
79 #ifdef HAVE_LIBCAPSICUM
91 #include "kdump_subr.h"
93 u_int abidump(struct ktr_header *);
94 int fetchprocinfo(struct ktr_header *, u_int *);
95 int fread_tail(void *, int, int);
96 void dumpheader(struct ktr_header *);
97 void ktrsyscall(struct ktr_syscall *, u_int);
98 void ktrsysret(struct ktr_sysret *, u_int);
99 void ktrnamei(char *, int);
100 void hexdump(char *, int, int);
101 void visdump(char *, int, int);
102 void ktrgenio(struct ktr_genio *, int);
103 void ktrpsig(struct ktr_psig *);
104 void ktrcsw(struct ktr_csw *);
105 void ktrcsw_old(struct ktr_csw_old *);
106 void ktruser_malloc(unsigned char *);
107 void ktruser_rtld(int, unsigned char *);
108 void ktruser(int, unsigned char *);
109 void ktrcaprights(cap_rights_t *);
110 void ktrsockaddr(struct sockaddr *);
111 void ktrstat(struct stat *);
112 void ktrstruct(char *, size_t);
113 void ktrcapfail(struct ktr_cap_fail *);
114 void ktrfault(struct ktr_fault *);
115 void ktrfaultend(struct ktr_faultend *);
116 void limitfd(int fd);
118 void ioctlname(unsigned long, int);
120 #define TIMESTAMP_NONE 0x0
121 #define TIMESTAMP_ABSOLUTE 0x1
122 #define TIMESTAMP_ELAPSED 0x2
123 #define TIMESTAMP_RELATIVE 0x4
125 int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata,
126 resolv = 0, abiflag = 0, syscallno = 0;
127 const char *tracefile = DEF_TRACEFILE;
128 struct ktr_header ktr_header;
130 #define TIME_FORMAT "%b %e %T %Y"
131 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0)
133 #define print_number(i,n,c) do { \
135 printf("%c%jd", c, (intmax_t)*i); \
137 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \
143 #if defined(__amd64__) || defined(__i386__)
145 void linux_ktrsyscall(struct ktr_syscall *);
146 void linux_ktrsysret(struct ktr_sysret *);
147 extern char *linux_syscallnames[];
148 extern int nlinux_syscalls;
152 * Linux syscalls return negative errno's, we do positive and map them
154 static int bsd_to_linux_errno[ELAST + 1] = {
155 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9,
156 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19,
157 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29,
158 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89,
159 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99,
160 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109,
161 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122,
162 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9,
163 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74,
170 TAILQ_ENTRY(proc_info) info;
175 TAILQ_HEAD(trace_procs, proc_info) trace_procs;
177 #ifdef HAVE_LIBCAPSICUM
178 static cap_channel_t *cappwd, *capgrp;
186 * Cache NLS data before entering capability mode.
187 * XXXPJD: There should be strerror_init() and strsignal_init() in libc.
189 (void)catopen("libc", NL_CAT_LOCALE);
198 * Allow localtime(3) to cache /etc/localtime content before entering
200 * XXXPJD: There should be localtime_init() in libc.
203 (void)localtime(<ime);
206 #ifdef HAVE_LIBCAPSICUM
208 cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp)
210 cap_channel_t *capcas, *cappwdloc, *capgrploc;
211 const char *cmds[1], *fields[1];
214 if (capcas == NULL) {
215 warn("unable to contact casperd");
218 cappwdloc = cap_service_open(capcas, "system.pwd");
219 capgrploc = cap_service_open(capcas, "system.grp");
220 /* Casper capability no longer needed. */
222 if (cappwdloc == NULL || capgrploc == NULL) {
223 if (cappwdloc == NULL)
224 warn("unable to open system.pwd service");
225 if (capgrploc == NULL)
226 warn("unable to open system.grp service");
229 /* Limit system.pwd to only getpwuid() function and pw_name field. */
230 cmds[0] = "getpwuid";
231 if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) < 0)
232 err(1, "unable to limit system.pwd service");
233 fields[0] = "pw_name";
234 if (cap_pwd_limit_fields(cappwdloc, fields, 1) < 0)
235 err(1, "unable to limit system.pwd service");
236 /* Limit system.grp to only getgrgid() function and gr_name field. */
237 cmds[0] = "getgrgid";
238 if (cap_grp_limit_cmds(capgrploc, cmds, 1) < 0)
239 err(1, "unable to limit system.grp service");
240 fields[0] = "gr_name";
241 if (cap_grp_limit_fields(capgrploc, fields, 1) < 0)
242 err(1, "unable to limit system.grp service");
244 *cappwdp = cappwdloc;
245 *capgrpp = capgrploc;
248 #endif /* HAVE_LIBCAPSICUM */
251 main(int argc, char *argv[])
253 int ch, ktrlen, size;
255 int trpoints = ALL_POINTS;
260 setlocale(LC_CTYPE, "");
262 timestamp = TIMESTAMP_NONE;
264 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrSsTt:")) != -1)
279 maxdata = atoi(optarg);
297 timestamp |= TIMESTAMP_ELAPSED;
303 timestamp |= TIMESTAMP_RELATIVE;
306 timestamp |= TIMESTAMP_ABSOLUTE;
309 trpoints = getpoints(optarg);
311 errx(1, "unknown trace point in %s", optarg);
320 m = malloc(size = 1025);
322 errx(1, "%s", strerror(ENOMEM));
323 if (!freopen(tracefile, "r", stdin))
324 err(1, "%s", tracefile);
328 #ifdef HAVE_LIBCAPSICUM
330 if (cappwdgrp_setup(&cappwd, &capgrp) < 0) {
335 if (resolv == 0 || (cappwd != NULL && capgrp != NULL)) {
336 if (cap_enter() < 0 && errno != ENOSYS)
337 err(1, "unable to enter capability mode");
341 if (cap_enter() < 0 && errno != ENOSYS)
342 err(1, "unable to enter capability mode");
345 limitfd(STDIN_FILENO);
346 limitfd(STDOUT_FILENO);
347 limitfd(STDERR_FILENO);
349 fprintf(stderr, "capability mode sandbox enabled\n");
351 TAILQ_INIT(&trace_procs);
353 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) {
354 if (ktr_header.ktr_type & KTR_DROP) {
355 ktr_header.ktr_type &= ~KTR_DROP;
356 if (!drop_logged && threads) {
358 "%6jd %6jd %-8.*s Events dropped.\n",
359 (intmax_t)ktr_header.ktr_pid,
360 ktr_header.ktr_tid > 0 ?
361 (intmax_t)ktr_header.ktr_tid : 0,
362 MAXCOMLEN, ktr_header.ktr_comm);
364 } else if (!drop_logged) {
365 printf("%6jd %-8.*s Events dropped.\n",
366 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN,
367 ktr_header.ktr_comm);
371 if (trpoints & (1<<ktr_header.ktr_type))
372 if (pid == 0 || ktr_header.ktr_pid == pid ||
373 ktr_header.ktr_tid == pid)
374 dumpheader(&ktr_header);
375 if ((ktrlen = ktr_header.ktr_len) < 0)
376 errx(1, "bogus length 0x%x", ktrlen);
378 m = realloc(m, ktrlen+1);
380 errx(1, "%s", strerror(ENOMEM));
383 if (ktrlen && fread_tail(m, ktrlen, 1) == 0)
384 errx(1, "data too short");
385 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0)
387 sv_flags = abidump(&ktr_header);
388 if (pid && ktr_header.ktr_pid != pid &&
389 ktr_header.ktr_tid != pid)
391 if ((trpoints & (1<<ktr_header.ktr_type)) == 0)
394 switch (ktr_header.ktr_type) {
396 #if defined(__amd64__) || defined(__i386__)
397 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX)
398 linux_ktrsyscall((struct ktr_syscall *)m);
401 ktrsyscall((struct ktr_syscall *)m, sv_flags);
404 #if defined(__amd64__) || defined(__i386__)
405 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX)
406 linux_ktrsysret((struct ktr_sysret *)m);
409 ktrsysret((struct ktr_sysret *)m, sv_flags);
416 ktrgenio((struct ktr_genio *)m, ktrlen);
419 ktrpsig((struct ktr_psig *)m);
422 if (ktrlen == sizeof(struct ktr_csw_old))
423 ktrcsw_old((struct ktr_csw_old *)m);
425 ktrcsw((struct ktr_csw *)m);
431 ktrstruct(m, ktrlen);
434 ktrcapfail((struct ktr_cap_fail *)m);
437 ktrfault((struct ktr_fault *)m);
440 ktrfaultend((struct ktr_faultend *)m);
458 cap_rights_init(&rights, CAP_FSTAT);
463 cap_rights_set(&rights, CAP_READ);
466 cap_rights_set(&rights, CAP_IOCTL, CAP_WRITE);
467 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */
470 cap_rights_set(&rights, CAP_WRITE);
472 cap_rights_set(&rights, CAP_IOCTL);
480 if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS)
481 err(1, "unable to limit rights for descriptor %d", fd);
482 if (cmd != -1 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS)
483 err(1, "unable to limit ioctls for descriptor %d", fd);
487 fread_tail(void *buf, int size, int num)
491 while ((i = fread(buf, size, num, stdin)) == 0 && tail) {
499 fetchprocinfo(struct ktr_header *kth, u_int *flags)
501 struct proc_info *pi;
503 switch (kth->ktr_type) {
505 TAILQ_FOREACH(pi, &trace_procs, info) {
506 if (pi->pid == kth->ktr_pid) {
507 TAILQ_REMOVE(&trace_procs, pi, info);
511 pi = malloc(sizeof(struct proc_info));
513 errx(1, "%s", strerror(ENOMEM));
514 pi->sv_flags = *flags;
515 pi->pid = kth->ktr_pid;
516 TAILQ_INSERT_TAIL(&trace_procs, pi, info);
520 TAILQ_FOREACH(pi, &trace_procs, info) {
521 if (pi->pid == kth->ktr_pid) {
522 TAILQ_REMOVE(&trace_procs, pi, info);
534 abidump(struct ktr_header *kth)
536 struct proc_info *pi;
541 TAILQ_FOREACH(pi, &trace_procs, info) {
542 if (pi->pid == kth->ktr_pid) {
543 flags = pi->sv_flags;
551 switch (flags & SV_ABI_MASK) {
571 printf("%s%s ", abi, arch);
577 dumpheader(struct ktr_header *kth)
579 static char unknown[64];
580 static struct timeval prevtime, prevtime_e, temp;
583 switch (kth->ktr_type) {
625 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type);
630 * The ktr_tid field was previously the ktr_buffer field, which held
631 * the kernel pointer value for the buffer associated with data
632 * following the record header. It now holds a threadid, but only
633 * for trace files after the change. Older trace files still contain
634 * kernel pointers. Detect this and suppress the results by printing
635 * negative tid's as 0.
638 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid,
639 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0,
640 MAXCOMLEN, kth->ktr_comm);
642 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN,
645 if (timestamp & TIMESTAMP_ABSOLUTE) {
646 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec,
647 kth->ktr_time.tv_usec);
649 if (timestamp & TIMESTAMP_ELAPSED) {
650 if (prevtime_e.tv_sec == 0)
651 prevtime_e = kth->ktr_time;
652 timevalsub(&kth->ktr_time, &prevtime_e);
653 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec,
654 kth->ktr_time.tv_usec);
655 timevaladd(&kth->ktr_time, &prevtime_e);
657 if (timestamp & TIMESTAMP_RELATIVE) {
658 temp = kth->ktr_time;
659 timevalsub(&kth->ktr_time, &prevtime);
661 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec,
662 kth->ktr_time.tv_usec);
668 #include <sys/syscall.h>
670 #include <sys/kern/syscalls.c>
672 int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]);
675 ktrsyscall(struct ktr_syscall *ktr, u_int flags)
677 int narg = ktr->ktr_narg;
681 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) ||
682 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0))
683 printf("[%d]", ktr->ktr_code);
685 printf("%s", syscallnames[ktr->ktr_code]);
687 printf("[%d]", ktr->ktr_code);
689 ip = &ktr->ktr_args[0];
693 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) {
694 switch (ktr->ktr_code) {
711 atfdname(*ip, decimal);
717 switch (ktr->ktr_code) {
719 print_number(ip, narg, c);
721 ioctlname(*ip, decimal);
737 print_number(ip, narg, c);
745 print_number(ip, narg, c);
747 flagsandmodename(ip[0], ip[1], decimal);
752 print_number(ip, narg, c);
753 print_number(ip, narg, c);
755 * A flags value of zero is valid for
756 * wait4() but not for wait6(), so
757 * handle zero special here.
760 print_number(ip, narg, c);
770 idtypename(*ip, decimal);
774 print_number(ip, narg, c);
775 print_number(ip, narg, c);
784 print_number(ip, narg, c);
792 print_number(ip, narg, c);
799 print_number(ip, narg, c);
800 print_number(ip, narg, c);
802 getfsstatflagsname(*ip);
807 print_number(ip, narg, c);
808 print_number(ip, narg, c);
815 print_number(ip, narg, c);
823 print_number(ip, narg, c);
824 print_number(ip, narg, c);
826 sendrecvflagsname(*ip);
832 print_number(ip, narg, c);
833 print_number(ip, narg, c);
834 print_number(ip, narg, c);
836 sendrecvflagsname(*ip);
843 print_number(ip, narg, c);
850 print_number(ip, narg, c);
869 print_number(ip, narg, c);
870 print_number(ip, narg, c);
876 #ifdef SYS_freebsd6_mmap
877 case SYS_freebsd6_mmap:
878 print_number(ip, narg, c);
879 print_number(ip, narg, c);
891 print_number(ip, narg, c);
892 print_number(ip, narg, c);
903 print_number(ip, narg, c);
904 print_number(ip, narg, c);
911 print_number(ip, narg, c);
912 print_number(ip, narg, c);
914 madvisebehavname(*ip);
918 case SYS_setpriority:
919 print_number(ip, narg, c);
920 print_number(ip, narg, c);
927 print_number(ip, narg, c);
929 fcntlcmdname(ip[0], ip[1], decimal);
937 sockdomainname(sockdomain);
941 socktypenamewithflags(*ip);
944 if (sockdomain == PF_INET ||
945 sockdomain == PF_INET6) {
947 sockipprotoname(*ip);
956 print_number(ip, narg, c);
958 sockoptlevelname(*ip, decimal);
959 if (*ip == SOL_SOCKET) {
968 #ifdef SYS_freebsd6_lseek
969 case SYS_freebsd6_lseek:
970 print_number(ip, narg, c);
971 /* Hidden 'pad' argument, not in lseek(2) */
972 print_number(ip, narg, c);
973 print_number(ip, narg, c);
981 print_number(ip, narg, c);
982 /* Hidden 'pad' argument, not in lseek(2) */
983 print_number(ip, narg, c);
990 print_number(ip, narg, c);
1000 print_number(ip, narg, c);
1007 print_number(ip, narg, c);
1009 shutdownhowname(*ip);
1013 case SYS_socketpair:
1015 sockdomainname(*ip);
1019 socktypenamewithflags(*ip);
1033 print_number(ip, narg, c);
1055 print_number(ip, narg, c);
1056 print_number(ip, narg, c);
1063 print_number(ip, narg, c);
1064 print_number(ip, narg, c);
1071 print_number(ip, narg, c);
1078 print_number(ip, narg, c);
1079 print_number(ip, narg, c);
1086 print_number(ip, narg, c);
1093 print_number(ip, narg, c);
1096 printf(",0%o", ip[1]);
1101 print_number(ip, narg, c);
1102 print_number(ip, narg, c);
1115 case SYS_lio_listio:
1117 lio_listioname(*ip);
1128 case SYS_sched_setscheduler:
1129 print_number(ip, narg, c);
1131 schedpolicyname(*ip);
1135 case SYS_sched_get_priority_max:
1136 case SYS_sched_get_priority_min:
1138 schedpolicyname(*ip);
1143 print_number(ip, narg, c);
1144 print_number(ip, narg, c);
1145 print_number(ip, narg, c);
1146 print_number(ip, narg, c);
1147 print_number(ip, narg, c);
1148 print_number(ip, narg, c);
1150 sendfileflagsname(*ip);
1155 print_number(ip, narg, c);
1161 case SYS_sigprocmask:
1163 sigprocmaskhowname(*ip);
1168 case SYS___acl_get_file:
1169 case SYS___acl_set_file:
1170 case SYS___acl_get_fd:
1171 case SYS___acl_set_fd:
1172 case SYS___acl_delete_file:
1173 case SYS___acl_delete_fd:
1174 case SYS___acl_aclcheck_file:
1175 case SYS___acl_aclcheck_fd:
1176 case SYS___acl_get_link:
1177 case SYS___acl_set_link:
1178 case SYS___acl_delete_link:
1179 case SYS___acl_aclcheck_link:
1180 print_number(ip, narg, c);
1193 case SYS_extattrctl:
1194 print_number(ip, narg, c);
1196 extattrctlname(*ip);
1201 print_number(ip, narg, c);
1202 print_number(ip, narg, c);
1204 mountflagsname(*ip);
1208 case SYS_thr_create:
1209 print_number(ip, narg, c);
1210 print_number(ip, narg, c);
1212 thrcreateflagsname(*ip);
1217 print_number(ip, narg, c);
1223 case SYS_kldunloadf:
1224 print_number(ip, narg, c);
1226 kldunloadfflagsname(*ip);
1233 print_number(ip, narg, c);
1235 atfdname(*ip, decimal);
1239 case SYS_cap_fcntls_limit:
1240 print_number(ip, narg, c);
1247 case SYS_posix_fadvise:
1248 print_number(ip, narg, c);
1249 print_number(ip, narg, c);
1250 print_number(ip, narg, c);
1252 fadvisebehavname((int)*ip);
1258 idtypename(*ip, decimal);
1262 print_number(ip, narg, c);
1264 procctlcmdname(*ip);
1271 print_number(ip, narg, c);
1279 ktrsysret(struct ktr_sysret *ktr, u_int flags)
1281 register_t ret = ktr->ktr_retval;
1282 int error = ktr->ktr_error;
1283 int code = ktr->ktr_code;
1285 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) ||
1286 (code >= nsyscalls || code < 0))
1287 printf("[%d] ", code);
1289 printf("%s", syscallnames[code]);
1291 printf("[%d]", code);
1297 printf("%ld", (long)ret);
1298 if (ret < 0 || ret > 9)
1299 printf("/%#lx", (unsigned long)ret);
1302 printf("%ld", (long)ret);
1304 printf("%#lx", (unsigned long)ret);
1306 } else if (error == ERESTART)
1308 else if (error == EJUSTRETURN)
1309 printf("JUSTRETURN");
1311 printf("-1 errno %d", ktr->ktr_error);
1313 printf(" %s", strerror(ktr->ktr_error));
1319 ktrnamei(char *cp, int len)
1321 printf("\"%.*s\"\n", len, cp);
1325 hexdump(char *p, int len, int screenwidth)
1333 i = 13; /* base offset */
1334 i += (width / 2) + 1; /* spaces every second byte */
1335 i += (width * 2); /* width of bytes */
1337 i += width; /* each byte */
1339 } while (i < screenwidth);
1342 for (n = 0; n < len; n += width) {
1343 for (i = n; i < n + width; i++) {
1344 if ((i % width) == 0) { /* beginning of line */
1345 printf(" 0x%04x", i);
1351 printf("%02x", p[i] & 0xff);
1356 for (i = n; i < n + width; i++) {
1359 if (p[i] >= ' ' && p[i] <= '~')
1366 if ((i % width) != 0)
1371 visdump(char *dp, int datalen, int screenwidth)
1380 for (;datalen > 0; datalen--, dp++) {
1381 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1));
1384 * Keep track of printables and
1385 * space chars (like fold(1)).
1397 width = 8 - (col&07);
1402 if (col + width > (screenwidth-2)) {
1417 ktrgenio(struct ktr_genio *ktr, int len)
1419 int datalen = len - sizeof (struct ktr_genio);
1420 char *dp = (char *)ktr + sizeof (struct ktr_genio);
1421 static int screenwidth = 0;
1424 printf("fd %d %s %d byte%s\n", ktr->ktr_fd,
1425 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen,
1426 datalen == 1 ? "" : "s");
1429 if (screenwidth == 0) {
1432 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 &&
1434 screenwidth = ws.ws_col;
1438 if (maxdata && datalen > maxdata)
1441 for (i = 0, binary = 0; i < datalen && binary == 0; i++) {
1442 if (dp[i] >= 32 && dp[i] < 127)
1444 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9)
1449 hexdump(dp, datalen, screenwidth);
1451 visdump(dp, datalen, screenwidth);
1454 const char *signames[] = {
1455 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */
1456 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */
1457 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */
1458 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */
1459 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */
1460 "USR2", NULL, /* 31 - 32 */
1464 ktrpsig(struct ktr_psig *psig)
1466 if (psig->signo > 0 && psig->signo < NSIG)
1467 printf("SIG%s ", signames[psig->signo]);
1469 printf("SIG %d ", psig->signo);
1470 if (psig->action == SIG_DFL) {
1471 printf("SIG_DFL code=");
1472 sigcodename(psig->signo, psig->code);
1475 printf("caught handler=0x%lx mask=0x%x code=",
1476 (u_long)psig->action, psig->mask.__bits[0]);
1477 sigcodename(psig->signo, psig->code);
1483 ktrcsw_old(struct ktr_csw_old *cs)
1485 printf("%s %s\n", cs->out ? "stop" : "resume",
1486 cs->user ? "user" : "kernel");
1490 ktrcsw(struct ktr_csw *cs)
1492 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume",
1493 cs->user ? "user" : "kernel", cs->wmesg);
1496 #define UTRACE_DLOPEN_START 1
1497 #define UTRACE_DLOPEN_STOP 2
1498 #define UTRACE_DLCLOSE_START 3
1499 #define UTRACE_DLCLOSE_STOP 4
1500 #define UTRACE_LOAD_OBJECT 5
1501 #define UTRACE_UNLOAD_OBJECT 6
1502 #define UTRACE_ADD_RUNDEP 7
1503 #define UTRACE_PRELOAD_FINISHED 8
1504 #define UTRACE_INIT_CALL 9
1505 #define UTRACE_FINI_CALL 10
1507 struct utrace_rtld {
1508 char sig[4]; /* 'RTLD' */
1514 char name[MAXPATHLEN];
1518 ktruser_rtld(int len, unsigned char *p)
1520 struct utrace_rtld *ut = (struct utrace_rtld *)p;
1524 switch (ut->event) {
1525 case UTRACE_DLOPEN_START:
1527 printf("dlopen(%s, ", ut->name);
1528 switch (mode & RTLD_MODEMASK) {
1533 printf("RTLD_LAZY");
1536 printf("%#x", mode & RTLD_MODEMASK);
1538 if (mode & RTLD_GLOBAL)
1539 printf(" | RTLD_GLOBAL");
1540 if (mode & RTLD_TRACE)
1541 printf(" | RTLD_TRACE");
1542 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE))
1543 printf(" | %#x", mode &
1544 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE));
1547 case UTRACE_DLOPEN_STOP:
1548 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name,
1551 case UTRACE_DLCLOSE_START:
1552 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name,
1555 case UTRACE_DLCLOSE_STOP:
1556 printf("dlclose(%p) finished\n", ut->handle);
1558 case UTRACE_LOAD_OBJECT:
1559 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle,
1560 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1,
1563 case UTRACE_UNLOAD_OBJECT:
1564 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle,
1565 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1,
1568 case UTRACE_ADD_RUNDEP:
1569 parent = ut->mapbase;
1570 printf("RTLD: %p now depends on %p (%s, %d)\n", parent,
1571 ut->handle, ut->name, ut->refcnt);
1573 case UTRACE_PRELOAD_FINISHED:
1574 printf("RTLD: LD_PRELOAD finished\n");
1576 case UTRACE_INIT_CALL:
1577 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle,
1580 case UTRACE_FINI_CALL:
1581 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle,
1587 printf("RTLD: %d ", len);
1590 printf(" %d", *p++);
1592 printf(" %02x", *p++);
1597 struct utrace_malloc {
1604 ktruser_malloc(unsigned char *p)
1606 struct utrace_malloc *ut = (struct utrace_malloc *)p;
1608 if (ut->p == (void *)(intptr_t)(-1))
1609 printf("malloc_init()\n");
1610 else if (ut->s == 0)
1611 printf("free(%p)\n", ut->p);
1612 else if (ut->p == NULL)
1613 printf("%p = malloc(%zu)\n", ut->r, ut->s);
1615 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s);
1619 ktruser(int len, unsigned char *p)
1622 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) {
1623 ktruser_rtld(len, p);
1627 if (len == sizeof(struct utrace_malloc)) {
1635 printf(" %d", *p++);
1637 printf(" %02x", *p++);
1642 ktrcaprights(cap_rights_t *rightsp)
1645 printf("cap_rights_t ");
1651 ktrsockaddr(struct sockaddr *sa)
1654 TODO: Support additional address families
1655 #include <netnatm/natm.h>
1656 struct sockaddr_natm *natm;
1657 #include <netsmb/netbios.h>
1658 struct sockaddr_nb *nb;
1663 * note: ktrstruct() has already verified that sa points to a
1664 * buffer at least sizeof(struct sockaddr) bytes long and exactly
1665 * sa->sa_len bytes long.
1667 printf("struct sockaddr { ");
1668 sockfamilyname(sa->sa_family);
1671 #define check_sockaddr_len(n) \
1672 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \
1673 printf("invalid"); \
1677 switch(sa->sa_family) {
1679 struct sockaddr_in sa_in;
1681 memset(&sa_in, 0, sizeof(sa_in));
1682 memcpy(&sa_in, sa, sa->sa_len);
1683 check_sockaddr_len(in);
1684 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr);
1685 printf("%s:%u", addr, ntohs(sa_in.sin_port));
1689 struct sockaddr_in6 sa_in6;
1691 memset(&sa_in6, 0, sizeof(sa_in6));
1692 memcpy(&sa_in6, sa, sa->sa_len);
1693 check_sockaddr_len(in6);
1694 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6),
1695 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST);
1696 printf("[%s]:%u", addr, htons(sa_in6.sin6_port));
1700 struct sockaddr_un sa_un;
1702 memset(&sa_un, 0, sizeof(sa_un));
1703 memcpy(&sa_un, sa, sa->sa_len);
1704 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path);
1708 printf("unknown address family");
1714 ktrstat(struct stat *statp)
1716 char mode[12], timestr[PATH_MAX + 4];
1722 * note: ktrstruct() has already verified that statp points to a
1723 * buffer exactly sizeof(struct stat) bytes long.
1725 printf("struct stat {");
1726 printf("dev=%ju, ino=%ju, ",
1727 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino);
1729 printf("mode=0%jo, ", (uintmax_t)statp->st_mode);
1731 strmode(statp->st_mode, mode);
1732 printf("mode=%s, ", mode);
1734 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink);
1738 #ifdef HAVE_LIBCAPSICUM
1740 pwd = cap_getpwuid(cappwd, statp->st_uid);
1743 pwd = getpwuid(statp->st_uid);
1746 printf("uid=%ju, ", (uintmax_t)statp->st_uid);
1748 printf("uid=\"%s\", ", pwd->pw_name);
1752 #ifdef HAVE_LIBCAPSICUM
1754 grp = cap_getgrgid(capgrp, statp->st_gid);
1757 grp = getgrgid(statp->st_gid);
1760 printf("gid=%ju, ", (uintmax_t)statp->st_gid);
1762 printf("gid=\"%s\", ", grp->gr_name);
1763 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev);
1766 printf("%jd", (intmax_t)statp->st_atim.tv_sec);
1768 tm = localtime(&statp->st_atim.tv_sec);
1769 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm);
1770 printf("\"%s\"", timestr);
1772 if (statp->st_atim.tv_nsec != 0)
1773 printf(".%09ld, ", statp->st_atim.tv_nsec);
1778 printf("%jd", (intmax_t)statp->st_mtim.tv_sec);
1780 tm = localtime(&statp->st_mtim.tv_sec);
1781 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm);
1782 printf("\"%s\"", timestr);
1784 if (statp->st_mtim.tv_nsec != 0)
1785 printf(".%09ld, ", statp->st_mtim.tv_nsec);
1790 printf("%jd", (intmax_t)statp->st_ctim.tv_sec);
1792 tm = localtime(&statp->st_ctim.tv_sec);
1793 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm);
1794 printf("\"%s\"", timestr);
1796 if (statp->st_ctim.tv_nsec != 0)
1797 printf(".%09ld, ", statp->st_ctim.tv_nsec);
1800 printf("birthtime=");
1802 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec);
1804 tm = localtime(&statp->st_birthtim.tv_sec);
1805 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm);
1806 printf("\"%s\"", timestr);
1808 if (statp->st_birthtim.tv_nsec != 0)
1809 printf(".%09ld, ", statp->st_birthtim.tv_nsec);
1812 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x",
1813 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize,
1814 (intmax_t)statp->st_blocks, statp->st_flags);
1819 ktrstruct(char *buf, size_t buflen)
1822 size_t namelen, datalen;
1824 cap_rights_t rights;
1826 struct sockaddr_storage ss;
1828 for (name = buf, namelen = 0;
1829 namelen < buflen && name[namelen] != '\0';
1832 if (namelen == buflen)
1834 if (name[namelen] != '\0')
1836 data = buf + namelen + 1;
1837 datalen = buflen - namelen - 1;
1841 for (i = 0; i < (int)namelen; ++i)
1842 if (!isalpha(name[i]))
1844 if (strcmp(name, "caprights") == 0) {
1845 if (datalen != sizeof(cap_rights_t))
1847 memcpy(&rights, data, datalen);
1848 ktrcaprights(&rights);
1849 } else if (strcmp(name, "stat") == 0) {
1850 if (datalen != sizeof(struct stat))
1852 memcpy(&sb, data, datalen);
1854 } else if (strcmp(name, "sockaddr") == 0) {
1855 if (datalen > sizeof(ss))
1857 memcpy(&ss, data, datalen);
1858 if (datalen != ss.ss_len)
1860 ktrsockaddr((struct sockaddr *)&ss);
1862 printf("unknown structure\n");
1866 printf("invalid record\n");
1870 ktrcapfail(struct ktr_cap_fail *ktr)
1872 switch (ktr->cap_type) {
1873 case CAPFAIL_NOTCAPABLE:
1874 /* operation on fd with insufficient capabilities */
1875 printf("operation requires ");
1876 capname(&ktr->cap_needed);
1877 printf(", descriptor holds ");
1878 capname(&ktr->cap_held);
1880 case CAPFAIL_INCREASE:
1881 /* requested more capabilities than fd already has */
1882 printf("attempt to increase capabilities from ");
1883 capname(&ktr->cap_held);
1885 capname(&ktr->cap_needed);
1887 case CAPFAIL_SYSCALL:
1888 /* called restricted syscall */
1889 printf("disallowed system call");
1891 case CAPFAIL_LOOKUP:
1892 /* used ".." in strict-relative mode */
1893 printf("restricted VFS lookup");
1896 printf("unknown capability failure: ");
1897 capname(&ktr->cap_needed);
1899 capname(&ktr->cap_held);
1906 ktrfault(struct ktr_fault *ktr)
1909 printf("0x%jx ", ktr->vaddr);
1910 vmprotname(ktr->type);
1915 ktrfaultend(struct ktr_faultend *ktr)
1918 vmresultname(ktr->result);
1922 #if defined(__amd64__) || defined(__i386__)
1924 linux_ktrsyscall(struct ktr_syscall *ktr)
1926 int narg = ktr->ktr_narg;
1929 if (ktr->ktr_code >= nlinux_syscalls || ktr->ktr_code < 0)
1930 printf("[%d]", ktr->ktr_code);
1932 printf("%s", linux_syscallnames[ktr->ktr_code]);
1934 printf("[%d]", ktr->ktr_code);
1936 ip = &ktr->ktr_args[0];
1940 print_number(ip, narg, c);
1947 linux_ktrsysret(struct ktr_sysret *ktr)
1949 register_t ret = ktr->ktr_retval;
1950 int error = ktr->ktr_error;
1951 int code = ktr->ktr_code;
1953 if (code >= nlinux_syscalls || code < 0)
1954 printf("[%d] ", code);
1956 printf("%s", linux_syscallnames[code]);
1958 printf("[%d]", code);
1964 printf("%ld", (long)ret);
1965 if (ret < 0 || ret > 9)
1966 printf("/%#lx", (unsigned long)ret);
1969 printf("%ld", (long)ret);
1971 printf("%#lx", (unsigned long)ret);
1973 } else if (error == ERESTART)
1975 else if (error == EJUSTRETURN)
1976 printf("JUSTRETURN");
1978 if (ktr->ktr_error <= ELAST + 1)
1979 error = abs(bsd_to_linux_errno[ktr->ktr_error]);
1982 printf("-1 errno %d", error);
1984 printf(" %s", strerror(ktr->ktr_error));
1993 fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] "
1994 "[-m maxdata] [-p pid] [-t trstr]\n");