2 * Copyright (c) 1988, 1993
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 4. Neither the name of the University nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 static const char copyright[] =
32 "@(#) Copyright (c) 1988, 1993\n\
33 The Regents of the University of California. All rights reserved.\n";
38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93";
41 #include <sys/cdefs.h>
42 __FBSDID("$FreeBSD$");
46 #include <sys/errno.h>
48 #include <sys/param.h>
49 #include <sys/capsicum.h>
50 #include <sys/errno.h>
55 #include <sys/ktrace.h>
56 #include <sys/ioctl.h>
57 #include <sys/socket.h>
59 #include <sys/sysent.h>
62 #include <sys/queue.h>
65 #include <sys/types.h>
66 #include <netipx/ipx.h>
69 #include <netatalk/at.h>
71 #include <arpa/inet.h>
72 #include <netinet/in.h>
90 #include "kdump_subr.h"
92 u_int abidump(struct ktr_header *);
93 int fetchprocinfo(struct ktr_header *, u_int *);
94 int fread_tail(void *, int, int);
95 void dumpheader(struct ktr_header *);
96 void ktrsyscall(struct ktr_syscall *, u_int);
97 void ktrsysret(struct ktr_sysret *, u_int);
98 void ktrnamei(char *, int);
99 void hexdump(char *, int, int);
100 void visdump(char *, int, int);
101 void ktrgenio(struct ktr_genio *, int);
102 void ktrpsig(struct ktr_psig *);
103 void ktrcsw(struct ktr_csw *);
104 void ktrcsw_old(struct ktr_csw_old *);
105 void ktruser_malloc(void *);
106 void ktruser_rtld(int, void *);
107 void ktruser(int, void *);
108 void ktrcaprights(cap_rights_t *);
109 void ktritimerval(struct itimerval *it);
110 void ktrsockaddr(struct sockaddr *);
111 void ktrstat(struct stat *);
112 void ktrstruct(char *, size_t);
113 void ktrcapfail(struct ktr_cap_fail *);
114 void ktrfault(struct ktr_fault *);
115 void ktrfaultend(struct ktr_faultend *);
116 void limitfd(int fd);
118 void ioctlname(unsigned long, int);
120 extern const char *signames[], *syscallnames[];
121 extern int nsyscalls;
123 static int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata,
124 resolv = 0, abiflag = 0, syscallno = 0;
125 static const char *tracefile = DEF_TRACEFILE;
126 static struct ktr_header ktr_header;
128 #define TIME_FORMAT "%b %e %T %Y"
129 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0)
131 #define print_number(i,n,c) do { \
133 printf("%c%jd", c, (intmax_t)*i); \
135 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \
141 #if defined(__amd64__) || defined(__i386__)
143 void linux_ktrsyscall(struct ktr_syscall *, u_int);
144 void linux_ktrsysret(struct ktr_sysret *, u_int);
145 extern const char *linux_syscallnames[];
147 #include <linux_syscalls.c>
151 * Linux syscalls return negative errno's, we do positive and map them
153 static int bsd_to_linux_errno[ELAST + 1] = {
154 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9,
155 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19,
156 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29,
157 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89,
158 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99,
159 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109,
160 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122,
161 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9,
162 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74,
167 #if defined(__amd64__)
168 extern const char *linux32_syscallnames[];
170 #include <linux32_syscalls.c>
175 TAILQ_ENTRY(proc_info) info;
180 static TAILQ_HEAD(trace_procs, proc_info) trace_procs;
187 * Cache NLS data before entering capability mode.
188 * XXXPJD: There should be strerror_init() and strsignal_init() in libc.
190 (void)catopen("libc", NL_CAT_LOCALE);
199 * Allow localtime(3) to cache /etc/localtime content before entering
201 * XXXPJD: There should be localtime_init() in libc.
204 (void)localtime(<ime);
208 main(int argc, char *argv[])
210 int ch, ktrlen, size;
212 int trpoints = ALL_POINTS;
217 setlocale(LC_CTYPE, "");
219 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrSsTt:")) != -1)
234 maxdata = atoi(optarg);
252 timestamp = 3; /* elapsed timestamp */
258 timestamp = 2; /* relative timestamp */
264 trpoints = getpoints(optarg);
266 errx(1, "unknown trace point in %s", optarg);
275 m = malloc(size = 1025);
277 errx(1, "%s", strerror(ENOMEM));
278 if (!freopen(tracefile, "r", stdin))
279 err(1, "%s", tracefile);
285 if (cap_enter() < 0 && errno != ENOSYS)
286 err(1, "unable to enter capability mode");
288 limitfd(STDIN_FILENO);
289 limitfd(STDOUT_FILENO);
290 limitfd(STDERR_FILENO);
292 TAILQ_INIT(&trace_procs);
294 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) {
295 if (ktr_header.ktr_type & KTR_DROP) {
296 ktr_header.ktr_type &= ~KTR_DROP;
297 if (!drop_logged && threads) {
299 "%6jd %6jd %-8.*s Events dropped.\n",
300 (intmax_t)ktr_header.ktr_pid,
301 ktr_header.ktr_tid > 0 ?
302 (intmax_t)ktr_header.ktr_tid : 0,
303 MAXCOMLEN, ktr_header.ktr_comm);
305 } else if (!drop_logged) {
306 printf("%6jd %-8.*s Events dropped.\n",
307 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN,
308 ktr_header.ktr_comm);
312 if (trpoints & (1<<ktr_header.ktr_type))
313 if (pid == 0 || ktr_header.ktr_pid == pid ||
314 ktr_header.ktr_tid == pid)
315 dumpheader(&ktr_header);
316 if ((ktrlen = ktr_header.ktr_len) < 0)
317 errx(1, "bogus length 0x%x", ktrlen);
319 m = realloc(m, ktrlen+1);
321 errx(1, "%s", strerror(ENOMEM));
324 if (ktrlen && fread_tail(m, ktrlen, 1) == 0)
325 errx(1, "data too short");
326 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0)
328 sv_flags = abidump(&ktr_header);
329 if (pid && ktr_header.ktr_pid != pid &&
330 ktr_header.ktr_tid != pid)
332 if ((trpoints & (1<<ktr_header.ktr_type)) == 0)
335 switch (ktr_header.ktr_type) {
337 #if defined(__amd64__) || defined(__i386__)
338 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX)
339 linux_ktrsyscall((struct ktr_syscall *)m,
343 ktrsyscall((struct ktr_syscall *)m, sv_flags);
346 #if defined(__amd64__) || defined(__i386__)
347 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX)
348 linux_ktrsysret((struct ktr_sysret *)m,
352 ktrsysret((struct ktr_sysret *)m, sv_flags);
359 ktrgenio((struct ktr_genio *)m, ktrlen);
362 ktrpsig((struct ktr_psig *)m);
365 if (ktrlen == sizeof(struct ktr_csw_old))
366 ktrcsw_old((struct ktr_csw_old *)m);
368 ktrcsw((struct ktr_csw *)m);
374 ktrstruct(m, ktrlen);
377 ktrcapfail((struct ktr_cap_fail *)m);
380 ktrfault((struct ktr_fault *)m);
383 ktrfaultend((struct ktr_faultend *)m);
401 cap_rights_init(&rights, CAP_FSTAT);
406 cap_rights_set(&rights, CAP_READ);
409 cap_rights_set(&rights, CAP_IOCTL, CAP_WRITE);
410 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */
413 cap_rights_set(&rights, CAP_WRITE);
415 cap_rights_set(&rights, CAP_IOCTL);
423 if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS)
424 err(1, "unable to limit rights for descriptor %d", fd);
425 if (cmd != 0 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS)
426 err(1, "unable to limit ioctls for descriptor %d", fd);
430 fread_tail(void *buf, int size, int num)
434 while ((i = fread(buf, size, num, stdin)) == 0 && tail) {
442 fetchprocinfo(struct ktr_header *kth, u_int *flags)
444 struct proc_info *pi;
446 switch (kth->ktr_type) {
448 TAILQ_FOREACH(pi, &trace_procs, info) {
449 if (pi->pid == kth->ktr_pid) {
450 TAILQ_REMOVE(&trace_procs, pi, info);
454 pi = malloc(sizeof(struct proc_info));
456 errx(1, "%s", strerror(ENOMEM));
457 pi->sv_flags = *flags;
458 pi->pid = kth->ktr_pid;
459 TAILQ_INSERT_TAIL(&trace_procs, pi, info);
463 TAILQ_FOREACH(pi, &trace_procs, info) {
464 if (pi->pid == kth->ktr_pid) {
465 TAILQ_REMOVE(&trace_procs, pi, info);
477 abidump(struct ktr_header *kth)
479 struct proc_info *pi;
484 TAILQ_FOREACH(pi, &trace_procs, info) {
485 if (pi->pid == kth->ktr_pid) {
486 flags = pi->sv_flags;
494 switch (flags & SV_ABI_MASK) {
514 printf("%s%s ", abi, arch);
520 dumpheader(struct ktr_header *kth)
522 static char unknown[64];
523 static struct timeval prevtime, temp;
526 switch (kth->ktr_type) {
568 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type);
573 * The ktr_tid field was previously the ktr_buffer field, which held
574 * the kernel pointer value for the buffer associated with data
575 * following the record header. It now holds a threadid, but only
576 * for trace files after the change. Older trace files still contain
577 * kernel pointers. Detect this and suppress the results by printing
578 * negative tid's as 0.
581 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid,
582 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0,
583 MAXCOMLEN, kth->ktr_comm);
585 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN,
588 if (timestamp == 3) {
589 if (prevtime.tv_sec == 0)
590 prevtime = kth->ktr_time;
591 timevalsub(&kth->ktr_time, &prevtime);
593 if (timestamp == 2) {
594 temp = kth->ktr_time;
595 timevalsub(&kth->ktr_time, &prevtime);
598 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec,
599 kth->ktr_time.tv_usec);
604 #include <sys/syscall.h>
606 #include <sys/kern/syscalls.c>
608 int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]);
611 ktrsyscall(struct ktr_syscall *ktr, u_int flags)
613 int narg = ktr->ktr_narg;
617 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) ||
618 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0))
619 printf("[%d]", ktr->ktr_code);
621 printf("%s", syscallnames[ktr->ktr_code]);
623 printf("[%d]", ktr->ktr_code);
625 ip = &ktr->ktr_args[0];
629 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) {
630 switch (ktr->ktr_code) {
648 atfdname(*ip, decimal);
654 switch (ktr->ktr_code) {
656 print_number(ip, narg, c);
658 ioctlname(*ip, decimal);
674 print_number(ip, narg, c);
682 print_number(ip, narg, c);
684 flagsandmodename(ip[0], ip[1], decimal);
689 print_number(ip, narg, c);
690 print_number(ip, narg, c);
692 * A flags value of zero is valid for
693 * wait4() but not for wait6(), so
694 * handle zero special here.
697 print_number(ip, narg, c);
707 idtypename(*ip, decimal);
711 print_number(ip, narg, c);
712 print_number(ip, narg, c);
721 print_number(ip, narg, c);
729 print_number(ip, narg, c);
736 print_number(ip, narg, c);
737 print_number(ip, narg, c);
739 getfsstatflagsname(*ip);
744 print_number(ip, narg, c);
745 print_number(ip, narg, c);
752 print_number(ip, narg, c);
760 print_number(ip, narg, c);
761 print_number(ip, narg, c);
763 sendrecvflagsname(*ip);
769 print_number(ip, narg, c);
770 print_number(ip, narg, c);
771 print_number(ip, narg, c);
773 sendrecvflagsname(*ip);
780 print_number(ip, narg, c);
787 print_number(ip, narg, c);
806 print_number(ip, narg, c);
807 print_number(ip, narg, c);
813 #ifdef SYS_freebsd6_mmap
814 case SYS_freebsd6_mmap:
815 print_number(ip, narg, c);
816 print_number(ip, narg, c);
828 print_number(ip, narg, c);
829 print_number(ip, narg, c);
840 print_number(ip, narg, c);
841 print_number(ip, narg, c);
848 print_number(ip, narg, c);
849 print_number(ip, narg, c);
851 madvisebehavname(*ip);
855 case SYS_setpriority:
856 print_number(ip, narg, c);
857 print_number(ip, narg, c);
864 print_number(ip, narg, c);
866 fcntlcmdname(ip[0], ip[1], decimal);
874 sockdomainname(sockdomain);
878 socktypenamewithflags(*ip);
881 if (sockdomain == PF_INET ||
882 sockdomain == PF_INET6) {
884 sockipprotoname(*ip);
893 print_number(ip, narg, c);
895 sockoptlevelname(*ip, decimal);
896 if (*ip == SOL_SOCKET) {
905 #ifdef SYS_freebsd6_lseek
906 case SYS_freebsd6_lseek:
907 print_number(ip, narg, c);
908 /* Hidden 'pad' argument, not in lseek(2) */
909 print_number(ip, narg, c);
910 print_number(ip, narg, c);
918 print_number(ip, narg, c);
919 /* Hidden 'pad' argument, not in lseek(2) */
920 print_number(ip, narg, c);
927 print_number(ip, narg, c);
937 print_number(ip, narg, c);
944 print_number(ip, narg, c);
946 shutdownhowname(*ip);
956 socktypenamewithflags(*ip);
970 print_number(ip, narg, c);
992 print_number(ip, narg, c);
993 print_number(ip, narg, c);
1000 print_number(ip, narg, c);
1001 print_number(ip, narg, c);
1008 print_number(ip, narg, c);
1015 print_number(ip, narg, c);
1016 print_number(ip, narg, c);
1023 print_number(ip, narg, c);
1030 print_number(ip, narg, c);
1033 printf(",0%o", (unsigned int)ip[1]);
1038 print_number(ip, narg, c);
1039 print_number(ip, narg, c);
1052 case SYS_lio_listio:
1054 lio_listioname(*ip);
1065 case SYS_sched_setscheduler:
1066 print_number(ip, narg, c);
1068 schedpolicyname(*ip);
1072 case SYS_sched_get_priority_max:
1073 case SYS_sched_get_priority_min:
1075 schedpolicyname(*ip);
1080 print_number(ip, narg, c);
1081 print_number(ip, narg, c);
1082 print_number(ip, narg, c);
1083 print_number(ip, narg, c);
1084 print_number(ip, narg, c);
1085 print_number(ip, narg, c);
1087 sendfileflagsname(*(int *)ip);
1092 print_number(ip, narg, c);
1098 case SYS_sigprocmask:
1100 sigprocmaskhowname(*ip);
1105 case SYS___acl_get_file:
1106 case SYS___acl_set_file:
1107 case SYS___acl_get_fd:
1108 case SYS___acl_set_fd:
1109 case SYS___acl_delete_file:
1110 case SYS___acl_delete_fd:
1111 case SYS___acl_aclcheck_file:
1112 case SYS___acl_aclcheck_fd:
1113 case SYS___acl_get_link:
1114 case SYS___acl_set_link:
1115 case SYS___acl_delete_link:
1116 case SYS___acl_aclcheck_link:
1117 print_number(ip, narg, c);
1130 case SYS_extattrctl:
1131 print_number(ip, narg, c);
1133 extattrctlname(*ip);
1138 print_number(ip, narg, c);
1139 print_number(ip, narg, c);
1141 mountflagsname(*ip);
1145 case SYS_thr_create:
1146 print_number(ip, narg, c);
1147 print_number(ip, narg, c);
1149 thrcreateflagsname(*ip);
1154 print_number(ip, narg, c);
1160 case SYS_kldunloadf:
1161 print_number(ip, narg, c);
1163 kldunloadfflagsname(*ip);
1170 print_number(ip, narg, c);
1172 atfdname(*ip, decimal);
1176 case SYS_cap_fcntls_limit:
1177 print_number(ip, narg, c);
1184 case SYS_posix_fadvise:
1185 print_number(ip, narg, c);
1186 print_number(ip, narg, c);
1187 print_number(ip, narg, c);
1189 fadvisebehavname((int)*ip);
1195 idtypename(*ip, decimal);
1199 print_number(ip, narg, c);
1201 procctlcmdname(*ip);
1206 print_number(ip, narg, c);
1210 case UMTX_OP_CV_WAIT:
1214 umtxcvwaitflags(*ip);
1216 case UMTX_OP_RW_RDLOCK:
1220 umtxrwlockflags(*ip);
1228 print_number(ip, narg, c);
1236 ktrsysret(struct ktr_sysret *ktr, u_int flags)
1238 register_t ret = ktr->ktr_retval;
1239 int error = ktr->ktr_error;
1240 int code = ktr->ktr_code;
1242 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) ||
1243 (code >= nsyscalls || code < 0))
1244 printf("[%d] ", code);
1246 printf("%s", syscallnames[code]);
1248 printf("[%d]", code);
1254 printf("%ld", (long)ret);
1255 if (ret < 0 || ret > 9)
1256 printf("/%#lx", (unsigned long)ret);
1259 printf("%ld", (long)ret);
1261 printf("%#lx", (unsigned long)ret);
1263 } else if (error == ERESTART)
1265 else if (error == EJUSTRETURN)
1266 printf("JUSTRETURN");
1268 printf("-1 errno %d", ktr->ktr_error);
1270 printf(" %s", strerror(ktr->ktr_error));
1276 ktrnamei(char *cp, int len)
1278 printf("\"%.*s\"\n", len, cp);
1282 hexdump(char *p, int len, int screenwidth)
1290 i = 13; /* base offset */
1291 i += (width / 2) + 1; /* spaces every second byte */
1292 i += (width * 2); /* width of bytes */
1294 i += width; /* each byte */
1296 } while (i < screenwidth);
1299 for (n = 0; n < len; n += width) {
1300 for (i = n; i < n + width; i++) {
1301 if ((i % width) == 0) { /* beginning of line */
1302 printf(" 0x%04x", i);
1308 printf("%02x", p[i] & 0xff);
1313 for (i = n; i < n + width; i++) {
1316 if (p[i] >= ' ' && p[i] <= '~')
1323 if ((i % width) != 0)
1328 visdump(char *dp, int datalen, int screenwidth)
1337 for (;datalen > 0; datalen--, dp++) {
1338 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1));
1341 * Keep track of printables and
1342 * space chars (like fold(1)).
1354 width = 8 - (col&07);
1359 if (col + width > (screenwidth-2)) {
1374 ktrgenio(struct ktr_genio *ktr, int len)
1376 int datalen = len - sizeof (struct ktr_genio);
1377 char *dp = (char *)ktr + sizeof (struct ktr_genio);
1378 static int screenwidth = 0;
1381 printf("fd %d %s %d byte%s\n", ktr->ktr_fd,
1382 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen,
1383 datalen == 1 ? "" : "s");
1386 if (screenwidth == 0) {
1389 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 &&
1391 screenwidth = ws.ws_col;
1395 if (maxdata && datalen > maxdata)
1398 for (i = 0, binary = 0; i < datalen && binary == 0; i++) {
1399 if (dp[i] >= 32 && dp[i] < 127)
1401 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9)
1406 hexdump(dp, datalen, screenwidth);
1408 visdump(dp, datalen, screenwidth);
1411 const char *signames[] = {
1412 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */
1413 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */
1414 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */
1415 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */
1416 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */
1417 "USR2", NULL, /* 31 - 32 */
1421 ktrpsig(struct ktr_psig *psig)
1423 if (psig->signo > 0 && psig->signo < NSIG)
1424 printf("SIG%s ", signames[psig->signo]);
1426 printf("SIG %d ", psig->signo);
1427 if (psig->action == SIG_DFL) {
1428 printf("SIG_DFL code=");
1429 sigcodename(psig->signo, psig->code);
1432 printf("caught handler=0x%lx mask=0x%x code=",
1433 (u_long)psig->action, psig->mask.__bits[0]);
1434 sigcodename(psig->signo, psig->code);
1440 ktrcsw_old(struct ktr_csw_old *cs)
1442 printf("%s %s\n", cs->out ? "stop" : "resume",
1443 cs->user ? "user" : "kernel");
1447 ktrcsw(struct ktr_csw *cs)
1449 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume",
1450 cs->user ? "user" : "kernel", cs->wmesg);
1453 #define UTRACE_DLOPEN_START 1
1454 #define UTRACE_DLOPEN_STOP 2
1455 #define UTRACE_DLCLOSE_START 3
1456 #define UTRACE_DLCLOSE_STOP 4
1457 #define UTRACE_LOAD_OBJECT 5
1458 #define UTRACE_UNLOAD_OBJECT 6
1459 #define UTRACE_ADD_RUNDEP 7
1460 #define UTRACE_PRELOAD_FINISHED 8
1461 #define UTRACE_INIT_CALL 9
1462 #define UTRACE_FINI_CALL 10
1463 #define UTRACE_DLSYM_START 11
1464 #define UTRACE_DLSYM_STOP 12
1466 struct utrace_rtld {
1467 char sig[4]; /* 'RTLD' */
1473 char name[MAXPATHLEN];
1477 ktruser_rtld(int len, void *p)
1479 struct utrace_rtld *ut = p;
1484 switch (ut->event) {
1485 case UTRACE_DLOPEN_START:
1487 printf("dlopen(%s, ", ut->name);
1488 switch (mode & RTLD_MODEMASK) {
1493 printf("RTLD_LAZY");
1496 printf("%#x", mode & RTLD_MODEMASK);
1498 if (mode & RTLD_GLOBAL)
1499 printf(" | RTLD_GLOBAL");
1500 if (mode & RTLD_TRACE)
1501 printf(" | RTLD_TRACE");
1502 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE))
1503 printf(" | %#x", mode &
1504 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE));
1507 case UTRACE_DLOPEN_STOP:
1508 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name,
1511 case UTRACE_DLCLOSE_START:
1512 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name,
1515 case UTRACE_DLCLOSE_STOP:
1516 printf("dlclose(%p) finished\n", ut->handle);
1518 case UTRACE_LOAD_OBJECT:
1519 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle,
1520 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1,
1523 case UTRACE_UNLOAD_OBJECT:
1524 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle,
1525 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1,
1528 case UTRACE_ADD_RUNDEP:
1529 parent = ut->mapbase;
1530 printf("RTLD: %p now depends on %p (%s, %d)\n", parent,
1531 ut->handle, ut->name, ut->refcnt);
1533 case UTRACE_PRELOAD_FINISHED:
1534 printf("RTLD: LD_PRELOAD finished\n");
1536 case UTRACE_INIT_CALL:
1537 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle,
1540 case UTRACE_FINI_CALL:
1541 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle,
1544 case UTRACE_DLSYM_START:
1545 printf("RTLD: dlsym(%p, %s)\n", ut->handle, ut->name);
1547 case UTRACE_DLSYM_STOP:
1548 printf("RTLD: %p = dlsym(%p, %s)\n", ut->mapbase, ut->handle,
1555 printf("RTLD: %d ", len);
1558 printf(" %d", *cp++);
1560 printf(" %02x", *cp++);
1565 struct utrace_malloc {
1572 ktruser_malloc(void *p)
1574 struct utrace_malloc *ut = p;
1576 if (ut->p == (void *)(intptr_t)(-1))
1577 printf("malloc_init()\n");
1578 else if (ut->s == 0)
1579 printf("free(%p)\n", ut->p);
1580 else if (ut->p == NULL)
1581 printf("%p = malloc(%zu)\n", ut->r, ut->s);
1583 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s);
1587 ktruser(int len, void *p)
1591 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) {
1592 ktruser_rtld(len, p);
1596 if (len == sizeof(struct utrace_malloc)) {
1605 printf(" %d", *cp++);
1607 printf(" %02x", *cp++);
1612 ktrcaprights(cap_rights_t *rightsp)
1615 printf("cap_rights_t ");
1621 ktrtimeval(struct timeval *tv)
1624 printf("{%ld, %ld}", (long)tv->tv_sec, tv->tv_usec);
1628 ktritimerval(struct itimerval *it)
1631 printf("itimerval { .interval = ");
1632 ktrtimeval(&it->it_interval);
1633 printf(", .value = ");
1634 ktrtimeval(&it->it_value);
1639 ktrsockaddr(struct sockaddr *sa)
1642 TODO: Support additional address families
1643 #include <netnatm/natm.h>
1644 struct sockaddr_natm *natm;
1645 #include <netsmb/netbios.h>
1646 struct sockaddr_nb *nb;
1651 * note: ktrstruct() has already verified that sa points to a
1652 * buffer at least sizeof(struct sockaddr) bytes long and exactly
1653 * sa->sa_len bytes long.
1655 printf("struct sockaddr { ");
1656 sockfamilyname(sa->sa_family);
1659 #define check_sockaddr_len(n) \
1660 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \
1661 printf("invalid"); \
1665 switch(sa->sa_family) {
1667 struct sockaddr_in sa_in;
1669 memset(&sa_in, 0, sizeof(sa_in));
1670 memcpy(&sa_in, sa, sa->sa_len);
1671 check_sockaddr_len(in);
1672 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr);
1673 printf("%s:%u", addr, ntohs(sa_in.sin_port));
1677 case AF_APPLETALK: {
1678 struct sockaddr_at sa_at;
1679 struct netrange *nr;
1681 memset(&sa_at, 0, sizeof(sa_at));
1682 memcpy(&sa_at, sa, sa->sa_len);
1683 check_sockaddr_len(at);
1684 nr = &sa_at.sat_range.r_netrange;
1685 printf("%d.%d, %d-%d, %d", ntohs(sa_at.sat_addr.s_net),
1686 sa_at.sat_addr.s_node, ntohs(nr->nr_firstnet),
1687 ntohs(nr->nr_lastnet), nr->nr_phase);
1692 struct sockaddr_in6 sa_in6;
1694 memset(&sa_in6, 0, sizeof(sa_in6));
1695 memcpy(&sa_in6, sa, sa->sa_len);
1696 check_sockaddr_len(in6);
1697 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6),
1698 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST);
1699 printf("[%s]:%u", addr, htons(sa_in6.sin6_port));
1704 struct sockaddr_ipx sa_ipx;
1706 memset(&sa_ipx, 0, sizeof(sa_ipx));
1707 memcpy(&sa_ipx, sa, sa->sa_len);
1708 check_sockaddr_len(ipx);
1709 /* XXX wish we had ipx_ntop */
1710 printf("%s", ipx_ntoa(sa_ipx.sipx_addr));
1716 struct sockaddr_un sa_un;
1718 memset(&sa_un, 0, sizeof(sa_un));
1719 memcpy(&sa_un, sa, sa->sa_len);
1720 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path);
1724 printf("unknown address family");
1730 ktrstat(struct stat *statp)
1732 char mode[12], timestr[PATH_MAX + 4];
1738 * note: ktrstruct() has already verified that statp points to a
1739 * buffer exactly sizeof(struct stat) bytes long.
1741 printf("struct stat {");
1742 printf("dev=%ju, ino=%ju, ",
1743 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino);
1745 printf("mode=0%jo, ", (uintmax_t)statp->st_mode);
1747 strmode(statp->st_mode, mode);
1748 printf("mode=%s, ", mode);
1750 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink);
1751 if (resolv == 0 || (pwd = getpwuid(statp->st_uid)) == NULL)
1752 printf("uid=%ju, ", (uintmax_t)statp->st_uid);
1754 printf("uid=\"%s\", ", pwd->pw_name);
1755 if (resolv == 0 || (grp = getgrgid(statp->st_gid)) == NULL)
1756 printf("gid=%ju, ", (uintmax_t)statp->st_gid);
1758 printf("gid=\"%s\", ", grp->gr_name);
1759 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev);
1762 printf("%jd", (intmax_t)statp->st_atim.tv_sec);
1764 tm = localtime(&statp->st_atim.tv_sec);
1765 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm);
1766 printf("\"%s\"", timestr);
1768 if (statp->st_atim.tv_nsec != 0)
1769 printf(".%09ld, ", statp->st_atim.tv_nsec);
1774 printf("%jd", (intmax_t)statp->st_mtim.tv_sec);
1776 tm = localtime(&statp->st_mtim.tv_sec);
1777 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm);
1778 printf("\"%s\"", timestr);
1780 if (statp->st_mtim.tv_nsec != 0)
1781 printf(".%09ld, ", statp->st_mtim.tv_nsec);
1786 printf("%jd", (intmax_t)statp->st_ctim.tv_sec);
1788 tm = localtime(&statp->st_ctim.tv_sec);
1789 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm);
1790 printf("\"%s\"", timestr);
1792 if (statp->st_ctim.tv_nsec != 0)
1793 printf(".%09ld, ", statp->st_ctim.tv_nsec);
1796 printf("birthtime=");
1798 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec);
1800 tm = localtime(&statp->st_birthtim.tv_sec);
1801 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm);
1802 printf("\"%s\"", timestr);
1804 if (statp->st_birthtim.tv_nsec != 0)
1805 printf(".%09ld, ", statp->st_birthtim.tv_nsec);
1808 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x",
1809 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize,
1810 (intmax_t)statp->st_blocks, statp->st_flags);
1815 ktrstruct(char *buf, size_t buflen)
1818 size_t namelen, datalen;
1820 cap_rights_t rights;
1821 struct itimerval it;
1823 struct sockaddr_storage ss;
1825 for (name = buf, namelen = 0;
1826 namelen < buflen && name[namelen] != '\0';
1829 if (namelen == buflen)
1831 if (name[namelen] != '\0')
1833 data = buf + namelen + 1;
1834 datalen = buflen - namelen - 1;
1838 for (i = 0; i < (int)namelen; ++i)
1839 if (!isalpha(name[i]))
1841 if (strcmp(name, "caprights") == 0) {
1842 if (datalen != sizeof(cap_rights_t))
1844 memcpy(&rights, data, datalen);
1845 ktrcaprights(&rights);
1846 } else if (strcmp(name, "itimerval") == 0) {
1847 if (datalen != sizeof(struct itimerval))
1849 memcpy(&it, data, datalen);
1851 } else if (strcmp(name, "stat") == 0) {
1852 if (datalen != sizeof(struct stat))
1854 memcpy(&sb, data, datalen);
1856 } else if (strcmp(name, "sockaddr") == 0) {
1857 if (datalen > sizeof(ss))
1859 memcpy(&ss, data, datalen);
1860 if (datalen != ss.ss_len)
1862 ktrsockaddr((struct sockaddr *)&ss);
1864 printf("unknown structure\n");
1868 printf("invalid record\n");
1872 ktrcapfail(struct ktr_cap_fail *ktr)
1874 switch (ktr->cap_type) {
1875 case CAPFAIL_NOTCAPABLE:
1876 /* operation on fd with insufficient capabilities */
1877 printf("operation requires ");
1878 capname(&ktr->cap_needed);
1879 printf(", process holds ");
1880 capname(&ktr->cap_held);
1882 case CAPFAIL_INCREASE:
1883 /* requested more capabilities than fd already has */
1884 printf("attempt to increase capabilities from ");
1885 capname(&ktr->cap_held);
1887 capname(&ktr->cap_needed);
1889 case CAPFAIL_SYSCALL:
1890 /* called restricted syscall */
1891 printf("disallowed system call");
1893 case CAPFAIL_LOOKUP:
1894 /* used ".." in strict-relative mode */
1895 printf("restricted VFS lookup");
1898 printf("unknown capability failure: ");
1899 capname(&ktr->cap_needed);
1901 capname(&ktr->cap_held);
1908 ktrfault(struct ktr_fault *ktr)
1911 printf("0x%jx ", (uintmax_t)ktr->vaddr);
1912 vmprotname(ktr->type);
1917 ktrfaultend(struct ktr_faultend *ktr)
1920 vmresultname(ktr->result);
1924 #if defined(__amd64__) || defined(__i386__)
1926 #if defined(__amd64__)
1927 #define NLINUX_SYSCALLS(v) ((v) & SV_ILP32 ? \
1928 nitems(linux32_syscallnames) : nitems(linux_syscallnames))
1929 #define LINUX_SYSCALLNAMES(v, i) ((v) & SV_ILP32 ? \
1930 linux32_syscallnames[i] : linux_syscallnames[i])
1932 #define NLINUX_SYSCALLS(v) (nitems(linux_syscallnames))
1933 #define LINUX_SYSCALLNAMES(v, i) (linux_syscallnames[i])
1937 linux_ktrsyscall(struct ktr_syscall *ktr, u_int sv_flags)
1939 int narg = ktr->ktr_narg;
1940 unsigned code = ktr->ktr_code;
1943 if (ktr->ktr_code < 0 || code >= NLINUX_SYSCALLS(sv_flags))
1944 printf("[%d]", ktr->ktr_code);
1946 printf("%s", LINUX_SYSCALLNAMES(sv_flags, ktr->ktr_code));
1948 printf("[%d]", ktr->ktr_code);
1950 ip = &ktr->ktr_args[0];
1954 print_number(ip, narg, c);
1961 linux_ktrsysret(struct ktr_sysret *ktr, u_int sv_flags)
1963 register_t ret = ktr->ktr_retval;
1964 unsigned code = ktr->ktr_code;
1965 int error = ktr->ktr_error;
1967 if (ktr->ktr_code < 0 || code >= NLINUX_SYSCALLS(sv_flags))
1968 printf("[%d] ", ktr->ktr_code);
1970 printf("%s ", LINUX_SYSCALLNAMES(sv_flags, code));
1972 printf("[%d]", code);
1978 printf("%ld", (long)ret);
1979 if (ret < 0 || ret > 9)
1980 printf("/%#lx", (unsigned long)ret);
1983 printf("%ld", (long)ret);
1985 printf("%#lx", (unsigned long)ret);
1987 } else if (error == ERESTART)
1989 else if (error == EJUSTRETURN)
1990 printf("JUSTRETURN");
1992 if (ktr->ktr_error <= ELAST + 1)
1993 error = abs(bsd_to_linux_errno[ktr->ktr_error]);
1996 printf("-1 errno %d", error);
1998 printf(" %s", strerror(ktr->ktr_error));
2007 fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] "
2008 "[-m maxdata] [-p pid] [-t trstr]\n");