2 * Copyright (c) 1988, 1993
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 4. Neither the name of the University nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 static const char copyright[] =
32 "@(#) Copyright (c) 1988, 1993\n\
33 The Regents of the University of California. All rights reserved.\n";
38 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93";
41 #include <sys/cdefs.h>
42 __FBSDID("$FreeBSD$");
46 #include <sys/errno.h>
48 #include <sys/param.h>
49 #include <sys/capability.h>
50 #include <sys/errno.h>
55 #include <sys/ktrace.h>
56 #include <sys/ioctl.h>
57 #include <sys/socket.h>
59 #include <sys/sysent.h>
61 #include <sys/queue.h>
64 #include <sys/types.h>
65 #include <netipx/ipx.h>
68 #include <netatalk/at.h>
70 #include <arpa/inet.h>
71 #include <netinet/in.h>
77 #ifdef HAVE_LIBCAPSICUM
78 #include <libcapsicum.h>
79 #include <libcapsicum_grp.h>
80 #include <libcapsicum_pwd.h>
81 #include <libcapsicum_service.h>
86 #ifdef HAVE_LIBCAPSICUM
98 #include "kdump_subr.h"
100 u_int abidump(struct ktr_header *);
101 int fetchprocinfo(struct ktr_header *, u_int *);
102 int fread_tail(void *, int, int);
103 void dumpheader(struct ktr_header *);
104 void ktrsyscall(struct ktr_syscall *, u_int);
105 void ktrsysret(struct ktr_sysret *, u_int);
106 void ktrnamei(char *, int);
107 void hexdump(char *, int, int);
108 void visdump(char *, int, int);
109 void ktrgenio(struct ktr_genio *, int);
110 void ktrpsig(struct ktr_psig *);
111 void ktrcsw(struct ktr_csw *);
112 void ktrcsw_old(struct ktr_csw_old *);
113 void ktruser_malloc(unsigned char *);
114 void ktruser_rtld(int, unsigned char *);
115 void ktruser(int, unsigned char *);
116 void ktrcaprights(cap_rights_t *);
117 void ktrsockaddr(struct sockaddr *);
118 void ktrstat(struct stat *);
119 void ktrstruct(char *, size_t);
120 void ktrcapfail(struct ktr_cap_fail *);
121 void ktrfault(struct ktr_fault *);
122 void ktrfaultend(struct ktr_faultend *);
123 void limitfd(int fd);
125 void ioctlname(unsigned long, int);
127 int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata,
128 resolv = 0, abiflag = 0;
129 const char *tracefile = DEF_TRACEFILE;
130 struct ktr_header ktr_header;
132 #define TIME_FORMAT "%b %e %T %Y"
133 #define eqs(s1, s2) (strcmp((s1), (s2)) == 0)
135 #define print_number(i,n,c) do { \
137 printf("%c%jd", c, (intmax_t)*i); \
139 printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \
145 #if defined(__amd64__) || defined(__i386__)
147 void linux_ktrsyscall(struct ktr_syscall *);
148 void linux_ktrsysret(struct ktr_sysret *);
149 extern char *linux_syscallnames[];
150 extern int nlinux_syscalls;
154 * Linux syscalls return negative errno's, we do positive and map them
156 static int bsd_to_linux_errno[ELAST + 1] = {
157 -0, -1, -2, -3, -4, -5, -6, -7, -8, -9,
158 -10, -35, -12, -13, -14, -15, -16, -17, -18, -19,
159 -20, -21, -22, -23, -24, -25, -26, -27, -28, -29,
160 -30, -31, -32, -33, -34, -11,-115,-114, -88, -89,
161 -90, -91, -92, -93, -94, -95, -96, -97, -98, -99,
162 -100,-101,-102,-103,-104,-105,-106,-107,-108,-109,
163 -110,-111, -40, -36,-112,-113, -39, -11, -87,-122,
164 -116, -66, -6, -6, -6, -6, -6, -37, -38, -9,
165 -6, -6, -43, -42, -75,-125, -84, -95, -16, -74,
172 TAILQ_ENTRY(proc_info) info;
177 TAILQ_HEAD(trace_procs, proc_info) trace_procs;
179 #ifdef HAVE_LIBCAPSICUM
180 static cap_channel_t *cappwd, *capgrp;
188 * Cache NLS data before entering capability mode.
189 * XXXPJD: There should be strerror_init() and strsignal_init() in libc.
191 (void)catopen("libc", NL_CAT_LOCALE);
200 * Allow localtime(3) to cache /etc/localtime content before entering
202 * XXXPJD: There should be localtime_init() in libc.
205 (void)localtime(<ime);
208 #ifdef HAVE_LIBCAPSICUM
210 cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp)
212 cap_channel_t *capcas, *cappwdloc, *capgrploc;
213 const char *cmds[1], *fields[1];
216 if (capcas == NULL) {
217 warn("unable to contact casperd");
220 cappwdloc = cap_service_open(capcas, "system.pwd");
221 capgrploc = cap_service_open(capcas, "system.grp");
222 /* Casper capability no longer needed. */
224 if (cappwdloc == NULL || capgrploc == NULL) {
225 if (cappwdloc == NULL)
226 warn("unable to open system.pwd service");
227 if (capgrploc == NULL)
228 warn("unable to open system.grp service");
231 /* Limit system.pwd to only getpwuid() function and pw_name field. */
232 cmds[0] = "getpwuid";
233 if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) < 0)
234 err(1, "unable to limit system.pwd service");
235 fields[0] = "pw_name";
236 if (cap_pwd_limit_fields(cappwdloc, fields, 1) < 0)
237 err(1, "unable to limit system.pwd service");
238 /* Limit system.grp to only getgrgid() function and gr_name field. */
239 cmds[0] = "getgrgid";
240 if (cap_grp_limit_cmds(capgrploc, cmds, 1) < 0)
241 err(1, "unable to limit system.grp service");
242 fields[0] = "gr_name";
243 if (cap_grp_limit_fields(capgrploc, fields, 1) < 0)
244 err(1, "unable to limit system.grp service");
246 *cappwdp = cappwdloc;
247 *capgrpp = capgrploc;
250 #endif /* HAVE_LIBCAPSICUM */
253 main(int argc, char *argv[])
255 int ch, ktrlen, size;
257 int trpoints = ALL_POINTS;
262 setlocale(LC_CTYPE, "");
264 while ((ch = getopt(argc,argv,"f:dElm:np:AHRrsTt:")) != -1)
279 maxdata = atoi(optarg);
294 timestamp = 3; /* elapsed timestamp */
300 timestamp = 2; /* relative timestamp */
306 trpoints = getpoints(optarg);
308 errx(1, "unknown trace point in %s", optarg);
317 m = malloc(size = 1025);
319 errx(1, "%s", strerror(ENOMEM));
320 if (!freopen(tracefile, "r", stdin))
321 err(1, "%s", tracefile);
325 #ifdef HAVE_LIBCAPSICUM
327 if (cappwdgrp_setup(&cappwd, &capgrp) < 0) {
332 if (resolv == 0 || (cappwd != NULL && capgrp != NULL)) {
333 if (cap_enter() < 0 && errno != ENOSYS)
334 err(1, "unable to enter capability mode");
338 if (cap_enter() < 0 && errno != ENOSYS)
339 err(1, "unable to enter capability mode");
342 limitfd(STDIN_FILENO);
343 limitfd(STDOUT_FILENO);
344 limitfd(STDERR_FILENO);
346 fprintf(stderr, "capability mode sandbox enabled\n");
348 TAILQ_INIT(&trace_procs);
350 while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) {
351 if (ktr_header.ktr_type & KTR_DROP) {
352 ktr_header.ktr_type &= ~KTR_DROP;
353 if (!drop_logged && threads) {
355 "%6jd %6jd %-8.*s Events dropped.\n",
356 (intmax_t)ktr_header.ktr_pid,
357 ktr_header.ktr_tid > 0 ?
358 (intmax_t)ktr_header.ktr_tid : 0,
359 MAXCOMLEN, ktr_header.ktr_comm);
361 } else if (!drop_logged) {
362 printf("%6jd %-8.*s Events dropped.\n",
363 (intmax_t)ktr_header.ktr_pid, MAXCOMLEN,
364 ktr_header.ktr_comm);
368 if (trpoints & (1<<ktr_header.ktr_type))
369 if (pid == 0 || ktr_header.ktr_pid == pid ||
370 ktr_header.ktr_tid == pid)
371 dumpheader(&ktr_header);
372 if ((ktrlen = ktr_header.ktr_len) < 0)
373 errx(1, "bogus length 0x%x", ktrlen);
375 m = realloc(m, ktrlen+1);
377 errx(1, "%s", strerror(ENOMEM));
380 if (ktrlen && fread_tail(m, ktrlen, 1) == 0)
381 errx(1, "data too short");
382 if (fetchprocinfo(&ktr_header, (u_int *)m) != 0)
384 sv_flags = abidump(&ktr_header);
385 if (pid && ktr_header.ktr_pid != pid &&
386 ktr_header.ktr_tid != pid)
388 if ((trpoints & (1<<ktr_header.ktr_type)) == 0)
391 switch (ktr_header.ktr_type) {
393 #if defined(__amd64__) || defined(__i386__)
394 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX)
395 linux_ktrsyscall((struct ktr_syscall *)m);
398 ktrsyscall((struct ktr_syscall *)m, sv_flags);
401 #if defined(__amd64__) || defined(__i386__)
402 if ((sv_flags & SV_ABI_MASK) == SV_ABI_LINUX)
403 linux_ktrsysret((struct ktr_sysret *)m);
406 ktrsysret((struct ktr_sysret *)m, sv_flags);
413 ktrgenio((struct ktr_genio *)m, ktrlen);
416 ktrpsig((struct ktr_psig *)m);
419 if (ktrlen == sizeof(struct ktr_csw_old))
420 ktrcsw_old((struct ktr_csw_old *)m);
422 ktrcsw((struct ktr_csw *)m);
428 ktrstruct(m, ktrlen);
431 ktrcapfail((struct ktr_cap_fail *)m);
434 ktrfault((struct ktr_fault *)m);
437 ktrfaultend((struct ktr_faultend *)m);
455 cap_rights_init(&rights, CAP_FSTAT);
460 cap_rights_set(&rights, CAP_READ);
463 cap_rights_set(&rights, CAP_IOCTL, CAP_WRITE);
464 cmd = TIOCGETA; /* required by isatty(3) in printf(3) */
467 cap_rights_set(&rights, CAP_WRITE);
469 cap_rights_set(&rights, CAP_IOCTL);
477 if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS)
478 err(1, "unable to limit rights for descriptor %d", fd);
479 if (cmd != -1 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS)
480 err(1, "unable to limit ioctls for descriptor %d", fd);
484 fread_tail(void *buf, int size, int num)
488 while ((i = fread(buf, size, num, stdin)) == 0 && tail) {
496 fetchprocinfo(struct ktr_header *kth, u_int *flags)
498 struct proc_info *pi;
500 switch (kth->ktr_type) {
502 TAILQ_FOREACH(pi, &trace_procs, info) {
503 if (pi->pid == kth->ktr_pid) {
504 TAILQ_REMOVE(&trace_procs, pi, info);
508 pi = malloc(sizeof(struct proc_info));
510 errx(1, "%s", strerror(ENOMEM));
511 pi->sv_flags = *flags;
512 pi->pid = kth->ktr_pid;
513 TAILQ_INSERT_TAIL(&trace_procs, pi, info);
517 TAILQ_FOREACH(pi, &trace_procs, info) {
518 if (pi->pid == kth->ktr_pid) {
519 TAILQ_REMOVE(&trace_procs, pi, info);
531 abidump(struct ktr_header *kth)
533 struct proc_info *pi;
538 TAILQ_FOREACH(pi, &trace_procs, info) {
539 if (pi->pid == kth->ktr_pid) {
540 flags = pi->sv_flags;
548 switch (flags & SV_ABI_MASK) {
568 printf("%s%s ", abi, arch);
574 dumpheader(struct ktr_header *kth)
576 static char unknown[64];
577 static struct timeval prevtime, temp;
580 switch (kth->ktr_type) {
622 sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type);
627 * The ktr_tid field was previously the ktr_buffer field, which held
628 * the kernel pointer value for the buffer associated with data
629 * following the record header. It now holds a threadid, but only
630 * for trace files after the change. Older trace files still contain
631 * kernel pointers. Detect this and suppress the results by printing
632 * negative tid's as 0.
635 printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid,
636 kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0,
637 MAXCOMLEN, kth->ktr_comm);
639 printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN,
642 if (timestamp == 3) {
643 if (prevtime.tv_sec == 0)
644 prevtime = kth->ktr_time;
645 timevalsub(&kth->ktr_time, &prevtime);
647 if (timestamp == 2) {
648 temp = kth->ktr_time;
649 timevalsub(&kth->ktr_time, &prevtime);
652 printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec,
653 kth->ktr_time.tv_usec);
658 #include <sys/syscall.h>
660 #include <sys/kern/syscalls.c>
662 int nsyscalls = sizeof (syscallnames) / sizeof (syscallnames[0]);
665 ktrsyscall(struct ktr_syscall *ktr, u_int flags)
667 int narg = ktr->ktr_narg;
671 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) ||
672 (ktr->ktr_code >= nsyscalls || ktr->ktr_code < 0))
673 printf("[%d]", ktr->ktr_code);
675 printf("%s", syscallnames[ktr->ktr_code]);
676 ip = &ktr->ktr_args[0];
680 (flags == 0 || (flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) {
681 switch (ktr->ktr_code) {
698 atfdname(*ip, decimal);
704 switch (ktr->ktr_code) {
706 print_number(ip, narg, c);
708 ioctlname(*ip, decimal);
724 print_number(ip, narg, c);
732 print_number(ip, narg, c);
734 flagsandmodename(ip[0], ip[1], decimal);
739 print_number(ip, narg, c);
740 print_number(ip, narg, c);
742 * A flags value of zero is valid for
743 * wait4() but not for wait6(), so
744 * handle zero special here.
747 print_number(ip, narg, c);
757 idtypename(*ip, decimal);
761 print_number(ip, narg, c);
762 print_number(ip, narg, c);
771 print_number(ip, narg, c);
779 print_number(ip, narg, c);
786 print_number(ip, narg, c);
787 print_number(ip, narg, c);
789 getfsstatflagsname(*ip);
794 print_number(ip, narg, c);
795 print_number(ip, narg, c);
802 print_number(ip, narg, c);
810 print_number(ip, narg, c);
811 print_number(ip, narg, c);
813 sendrecvflagsname(*ip);
819 print_number(ip, narg, c);
820 print_number(ip, narg, c);
821 print_number(ip, narg, c);
823 sendrecvflagsname(*ip);
830 print_number(ip, narg, c);
837 print_number(ip, narg, c);
856 print_number(ip, narg, c);
857 print_number(ip, narg, c);
863 #ifdef SYS_freebsd6_mmap
864 case SYS_freebsd6_mmap:
865 print_number(ip, narg, c);
866 print_number(ip, narg, c);
878 print_number(ip, narg, c);
879 print_number(ip, narg, c);
890 print_number(ip, narg, c);
891 print_number(ip, narg, c);
898 print_number(ip, narg, c);
899 print_number(ip, narg, c);
901 madvisebehavname(*ip);
905 case SYS_setpriority:
906 print_number(ip, narg, c);
907 print_number(ip, narg, c);
914 print_number(ip, narg, c);
916 fcntlcmdname(ip[0], ip[1], decimal);
924 sockdomainname(sockdomain);
928 socktypenamewithflags(*ip);
931 if (sockdomain == PF_INET ||
932 sockdomain == PF_INET6) {
934 sockipprotoname(*ip);
943 print_number(ip, narg, c);
945 sockoptlevelname(*ip, decimal);
946 if (*ip == SOL_SOCKET) {
955 #ifdef SYS_freebsd6_lseek
956 case SYS_freebsd6_lseek:
957 print_number(ip, narg, c);
958 /* Hidden 'pad' argument, not in lseek(2) */
959 print_number(ip, narg, c);
960 print_number(ip, narg, c);
968 print_number(ip, narg, c);
969 /* Hidden 'pad' argument, not in lseek(2) */
970 print_number(ip, narg, c);
977 print_number(ip, narg, c);
987 print_number(ip, narg, c);
994 print_number(ip, narg, c);
996 shutdownhowname(*ip);
1000 case SYS_socketpair:
1002 sockdomainname(*ip);
1006 socktypenamewithflags(*ip);
1020 print_number(ip, narg, c);
1042 print_number(ip, narg, c);
1043 print_number(ip, narg, c);
1050 print_number(ip, narg, c);
1051 print_number(ip, narg, c);
1058 print_number(ip, narg, c);
1065 print_number(ip, narg, c);
1066 print_number(ip, narg, c);
1073 print_number(ip, narg, c);
1080 print_number(ip, narg, c);
1081 print_number(ip, narg, c);
1094 case SYS_lio_listio:
1096 lio_listioname(*ip);
1107 case SYS_sched_setscheduler:
1108 print_number(ip, narg, c);
1110 schedpolicyname(*ip);
1114 case SYS_sched_get_priority_max:
1115 case SYS_sched_get_priority_min:
1117 schedpolicyname(*ip);
1122 print_number(ip, narg, c);
1123 print_number(ip, narg, c);
1124 print_number(ip, narg, c);
1125 print_number(ip, narg, c);
1126 print_number(ip, narg, c);
1127 print_number(ip, narg, c);
1129 sendfileflagsname(*ip);
1134 print_number(ip, narg, c);
1140 case SYS_sigprocmask:
1142 sigprocmaskhowname(*ip);
1147 case SYS___acl_get_file:
1148 case SYS___acl_set_file:
1149 case SYS___acl_get_fd:
1150 case SYS___acl_set_fd:
1151 case SYS___acl_delete_file:
1152 case SYS___acl_delete_fd:
1153 case SYS___acl_aclcheck_file:
1154 case SYS___acl_aclcheck_fd:
1155 case SYS___acl_get_link:
1156 case SYS___acl_set_link:
1157 case SYS___acl_delete_link:
1158 case SYS___acl_aclcheck_link:
1159 print_number(ip, narg, c);
1172 case SYS_extattrctl:
1173 print_number(ip, narg, c);
1175 extattrctlname(*ip);
1180 print_number(ip, narg, c);
1181 print_number(ip, narg, c);
1183 mountflagsname(*ip);
1187 case SYS_thr_create:
1188 print_number(ip, narg, c);
1189 print_number(ip, narg, c);
1191 thrcreateflagsname(*ip);
1196 print_number(ip, narg, c);
1202 case SYS_kldunloadf:
1203 print_number(ip, narg, c);
1205 kldunloadfflagsname(*ip);
1212 print_number(ip, narg, c);
1214 atfdname(*ip, decimal);
1218 case SYS_cap_fcntls_limit:
1219 print_number(ip, narg, c);
1226 case SYS_posix_fadvise:
1227 print_number(ip, narg, c);
1228 print_number(ip, narg, c);
1229 print_number(ip, narg, c);
1231 fadvisebehavname((int)*ip);
1237 idtypename(*ip, decimal);
1241 print_number(ip, narg, c);
1243 procctlcmdname(*ip);
1250 print_number(ip, narg, c);
1258 ktrsysret(struct ktr_sysret *ktr, u_int flags)
1260 register_t ret = ktr->ktr_retval;
1261 int error = ktr->ktr_error;
1262 int code = ktr->ktr_code;
1264 if ((flags != 0 && ((flags & SV_ABI_MASK) != SV_ABI_FREEBSD)) ||
1265 (code >= nsyscalls || code < 0))
1266 printf("[%d] ", code);
1268 printf("%s ", syscallnames[code]);
1272 printf("%ld", (long)ret);
1273 if (ret < 0 || ret > 9)
1274 printf("/%#lx", (unsigned long)ret);
1277 printf("%ld", (long)ret);
1279 printf("%#lx", (unsigned long)ret);
1281 } else if (error == ERESTART)
1283 else if (error == EJUSTRETURN)
1284 printf("JUSTRETURN");
1286 printf("-1 errno %d", ktr->ktr_error);
1288 printf(" %s", strerror(ktr->ktr_error));
1294 ktrnamei(char *cp, int len)
1296 printf("\"%.*s\"\n", len, cp);
1300 hexdump(char *p, int len, int screenwidth)
1308 i = 13; /* base offset */
1309 i += (width / 2) + 1; /* spaces every second byte */
1310 i += (width * 2); /* width of bytes */
1312 i += width; /* each byte */
1314 } while (i < screenwidth);
1317 for (n = 0; n < len; n += width) {
1318 for (i = n; i < n + width; i++) {
1319 if ((i % width) == 0) { /* beginning of line */
1320 printf(" 0x%04x", i);
1326 printf("%02x", p[i] & 0xff);
1331 for (i = n; i < n + width; i++) {
1334 if (p[i] >= ' ' && p[i] <= '~')
1341 if ((i % width) != 0)
1346 visdump(char *dp, int datalen, int screenwidth)
1355 for (;datalen > 0; datalen--, dp++) {
1356 vis(visbuf, *dp, VIS_CSTYLE, *(dp+1));
1359 * Keep track of printables and
1360 * space chars (like fold(1)).
1372 width = 8 - (col&07);
1377 if (col + width > (screenwidth-2)) {
1392 ktrgenio(struct ktr_genio *ktr, int len)
1394 int datalen = len - sizeof (struct ktr_genio);
1395 char *dp = (char *)ktr + sizeof (struct ktr_genio);
1396 static int screenwidth = 0;
1399 printf("fd %d %s %d byte%s\n", ktr->ktr_fd,
1400 ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen,
1401 datalen == 1 ? "" : "s");
1404 if (screenwidth == 0) {
1407 if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 &&
1409 screenwidth = ws.ws_col;
1413 if (maxdata && datalen > maxdata)
1416 for (i = 0, binary = 0; i < datalen && binary == 0; i++) {
1417 if (dp[i] >= 32 && dp[i] < 127)
1419 if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9)
1424 hexdump(dp, datalen, screenwidth);
1426 visdump(dp, datalen, screenwidth);
1429 const char *signames[] = {
1430 "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */
1431 "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */
1432 "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */
1433 "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */
1434 "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */
1435 "USR2", NULL, /* 31 - 32 */
1439 ktrpsig(struct ktr_psig *psig)
1441 if (psig->signo > 0 && psig->signo < NSIG)
1442 printf("SIG%s ", signames[psig->signo]);
1444 printf("SIG %d ", psig->signo);
1445 if (psig->action == SIG_DFL) {
1446 printf("SIG_DFL code=");
1447 sigcodename(psig->signo, psig->code);
1450 printf("caught handler=0x%lx mask=0x%x code=",
1451 (u_long)psig->action, psig->mask.__bits[0]);
1452 sigcodename(psig->signo, psig->code);
1458 ktrcsw_old(struct ktr_csw_old *cs)
1460 printf("%s %s\n", cs->out ? "stop" : "resume",
1461 cs->user ? "user" : "kernel");
1465 ktrcsw(struct ktr_csw *cs)
1467 printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume",
1468 cs->user ? "user" : "kernel", cs->wmesg);
1471 #define UTRACE_DLOPEN_START 1
1472 #define UTRACE_DLOPEN_STOP 2
1473 #define UTRACE_DLCLOSE_START 3
1474 #define UTRACE_DLCLOSE_STOP 4
1475 #define UTRACE_LOAD_OBJECT 5
1476 #define UTRACE_UNLOAD_OBJECT 6
1477 #define UTRACE_ADD_RUNDEP 7
1478 #define UTRACE_PRELOAD_FINISHED 8
1479 #define UTRACE_INIT_CALL 9
1480 #define UTRACE_FINI_CALL 10
1482 struct utrace_rtld {
1483 char sig[4]; /* 'RTLD' */
1489 char name[MAXPATHLEN];
1493 ktruser_rtld(int len, unsigned char *p)
1495 struct utrace_rtld *ut = (struct utrace_rtld *)p;
1499 switch (ut->event) {
1500 case UTRACE_DLOPEN_START:
1502 printf("dlopen(%s, ", ut->name);
1503 switch (mode & RTLD_MODEMASK) {
1508 printf("RTLD_LAZY");
1511 printf("%#x", mode & RTLD_MODEMASK);
1513 if (mode & RTLD_GLOBAL)
1514 printf(" | RTLD_GLOBAL");
1515 if (mode & RTLD_TRACE)
1516 printf(" | RTLD_TRACE");
1517 if (mode & ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE))
1518 printf(" | %#x", mode &
1519 ~(RTLD_MODEMASK | RTLD_GLOBAL | RTLD_TRACE));
1522 case UTRACE_DLOPEN_STOP:
1523 printf("%p = dlopen(%s) ref %d\n", ut->handle, ut->name,
1526 case UTRACE_DLCLOSE_START:
1527 printf("dlclose(%p) (%s, %d)\n", ut->handle, ut->name,
1530 case UTRACE_DLCLOSE_STOP:
1531 printf("dlclose(%p) finished\n", ut->handle);
1533 case UTRACE_LOAD_OBJECT:
1534 printf("RTLD: loaded %p @ %p - %p (%s)\n", ut->handle,
1535 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1,
1538 case UTRACE_UNLOAD_OBJECT:
1539 printf("RTLD: unloaded %p @ %p - %p (%s)\n", ut->handle,
1540 ut->mapbase, (char *)ut->mapbase + ut->mapsize - 1,
1543 case UTRACE_ADD_RUNDEP:
1544 parent = ut->mapbase;
1545 printf("RTLD: %p now depends on %p (%s, %d)\n", parent,
1546 ut->handle, ut->name, ut->refcnt);
1548 case UTRACE_PRELOAD_FINISHED:
1549 printf("RTLD: LD_PRELOAD finished\n");
1551 case UTRACE_INIT_CALL:
1552 printf("RTLD: init %p for %p (%s)\n", ut->mapbase, ut->handle,
1555 case UTRACE_FINI_CALL:
1556 printf("RTLD: fini %p for %p (%s)\n", ut->mapbase, ut->handle,
1562 printf("RTLD: %d ", len);
1565 printf(" %d", *p++);
1567 printf(" %02x", *p++);
1572 struct utrace_malloc {
1579 ktruser_malloc(unsigned char *p)
1581 struct utrace_malloc *ut = (struct utrace_malloc *)p;
1583 if (ut->p == (void *)(intptr_t)(-1))
1584 printf("malloc_init()\n");
1585 else if (ut->s == 0)
1586 printf("free(%p)\n", ut->p);
1587 else if (ut->p == NULL)
1588 printf("%p = malloc(%zu)\n", ut->r, ut->s);
1590 printf("%p = realloc(%p, %zu)\n", ut->r, ut->p, ut->s);
1594 ktruser(int len, unsigned char *p)
1597 if (len >= 8 && bcmp(p, "RTLD", 4) == 0) {
1598 ktruser_rtld(len, p);
1602 if (len == sizeof(struct utrace_malloc)) {
1610 printf(" %d", *p++);
1612 printf(" %02x", *p++);
1617 ktrcaprights(cap_rights_t *rightsp)
1620 printf("cap_rights_t ");
1626 ktrsockaddr(struct sockaddr *sa)
1629 TODO: Support additional address families
1630 #include <netnatm/natm.h>
1631 struct sockaddr_natm *natm;
1632 #include <netsmb/netbios.h>
1633 struct sockaddr_nb *nb;
1638 * note: ktrstruct() has already verified that sa points to a
1639 * buffer at least sizeof(struct sockaddr) bytes long and exactly
1640 * sa->sa_len bytes long.
1642 printf("struct sockaddr { ");
1643 sockfamilyname(sa->sa_family);
1646 #define check_sockaddr_len(n) \
1647 if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \
1648 printf("invalid"); \
1652 switch(sa->sa_family) {
1654 struct sockaddr_in sa_in;
1656 memset(&sa_in, 0, sizeof(sa_in));
1657 memcpy(&sa_in, sa, sa->sa_len);
1658 check_sockaddr_len(in);
1659 inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr);
1660 printf("%s:%u", addr, ntohs(sa_in.sin_port));
1664 case AF_APPLETALK: {
1665 struct sockaddr_at sa_at;
1666 struct netrange *nr;
1668 memset(&sa_at, 0, sizeof(sa_at));
1669 memcpy(&sa_at, sa, sa->sa_len);
1670 check_sockaddr_len(at);
1671 nr = &sa_at.sat_range.r_netrange;
1672 printf("%d.%d, %d-%d, %d", ntohs(sa_at.sat_addr.s_net),
1673 sa_at.sat_addr.s_node, ntohs(nr->nr_firstnet),
1674 ntohs(nr->nr_lastnet), nr->nr_phase);
1679 struct sockaddr_in6 sa_in6;
1681 memset(&sa_in6, 0, sizeof(sa_in6));
1682 memcpy(&sa_in6, sa, sa->sa_len);
1683 check_sockaddr_len(in6);
1684 getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6),
1685 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST);
1686 printf("[%s]:%u", addr, htons(sa_in6.sin6_port));
1691 struct sockaddr_ipx sa_ipx;
1693 memset(&sa_ipx, 0, sizeof(sa_ipx));
1694 memcpy(&sa_ipx, sa, sa->sa_len);
1695 check_sockaddr_len(ipx);
1696 /* XXX wish we had ipx_ntop */
1697 printf("%s", ipx_ntoa(sa_ipx.sipx_addr));
1703 struct sockaddr_un sa_un;
1705 memset(&sa_un, 0, sizeof(sa_un));
1706 memcpy(&sa_un, sa, sa->sa_len);
1707 printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path);
1711 printf("unknown address family");
1717 ktrstat(struct stat *statp)
1719 char mode[12], timestr[PATH_MAX + 4];
1725 * note: ktrstruct() has already verified that statp points to a
1726 * buffer exactly sizeof(struct stat) bytes long.
1728 printf("struct stat {");
1729 printf("dev=%ju, ino=%ju, ",
1730 (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino);
1732 printf("mode=0%jo, ", (uintmax_t)statp->st_mode);
1734 strmode(statp->st_mode, mode);
1735 printf("mode=%s, ", mode);
1737 printf("nlink=%ju, ", (uintmax_t)statp->st_nlink);
1741 #ifdef HAVE_LIBCAPSICUM
1743 pwd = cap_getpwuid(cappwd, statp->st_uid);
1746 pwd = getpwuid(statp->st_uid);
1749 printf("uid=%ju, ", (uintmax_t)statp->st_uid);
1751 printf("uid=\"%s\", ", pwd->pw_name);
1755 #ifdef HAVE_LIBCAPSICUM
1757 grp = cap_getgrgid(capgrp, statp->st_gid);
1760 grp = getgrgid(statp->st_gid);
1763 printf("gid=%ju, ", (uintmax_t)statp->st_gid);
1765 printf("gid=\"%s\", ", grp->gr_name);
1766 printf("rdev=%ju, ", (uintmax_t)statp->st_rdev);
1769 printf("%jd", (intmax_t)statp->st_atim.tv_sec);
1771 tm = localtime(&statp->st_atim.tv_sec);
1772 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm);
1773 printf("\"%s\"", timestr);
1775 if (statp->st_atim.tv_nsec != 0)
1776 printf(".%09ld, ", statp->st_atim.tv_nsec);
1781 printf("%jd", (intmax_t)statp->st_mtim.tv_sec);
1783 tm = localtime(&statp->st_mtim.tv_sec);
1784 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm);
1785 printf("\"%s\"", timestr);
1787 if (statp->st_mtim.tv_nsec != 0)
1788 printf(".%09ld, ", statp->st_mtim.tv_nsec);
1793 printf("%jd", (intmax_t)statp->st_ctim.tv_sec);
1795 tm = localtime(&statp->st_ctim.tv_sec);
1796 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm);
1797 printf("\"%s\"", timestr);
1799 if (statp->st_ctim.tv_nsec != 0)
1800 printf(".%09ld, ", statp->st_ctim.tv_nsec);
1803 printf("birthtime=");
1805 printf("%jd", (intmax_t)statp->st_birthtim.tv_sec);
1807 tm = localtime(&statp->st_birthtim.tv_sec);
1808 strftime(timestr, sizeof(timestr), TIME_FORMAT, tm);
1809 printf("\"%s\"", timestr);
1811 if (statp->st_birthtim.tv_nsec != 0)
1812 printf(".%09ld, ", statp->st_birthtim.tv_nsec);
1815 printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x",
1816 (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize,
1817 (intmax_t)statp->st_blocks, statp->st_flags);
1822 ktrstruct(char *buf, size_t buflen)
1825 size_t namelen, datalen;
1827 cap_rights_t rights;
1829 struct sockaddr_storage ss;
1831 for (name = buf, namelen = 0;
1832 namelen < buflen && name[namelen] != '\0';
1835 if (namelen == buflen)
1837 if (name[namelen] != '\0')
1839 data = buf + namelen + 1;
1840 datalen = buflen - namelen - 1;
1844 for (i = 0; i < (int)namelen; ++i)
1845 if (!isalpha(name[i]))
1847 if (strcmp(name, "caprights") == 0) {
1848 if (datalen != sizeof(cap_rights_t))
1850 memcpy(&rights, data, datalen);
1851 ktrcaprights(&rights);
1852 } else if (strcmp(name, "stat") == 0) {
1853 if (datalen != sizeof(struct stat))
1855 memcpy(&sb, data, datalen);
1857 } else if (strcmp(name, "sockaddr") == 0) {
1858 if (datalen > sizeof(ss))
1860 memcpy(&ss, data, datalen);
1861 if (datalen != ss.ss_len)
1863 ktrsockaddr((struct sockaddr *)&ss);
1865 printf("unknown structure\n");
1869 printf("invalid record\n");
1873 ktrcapfail(struct ktr_cap_fail *ktr)
1875 switch (ktr->cap_type) {
1876 case CAPFAIL_NOTCAPABLE:
1877 /* operation on fd with insufficient capabilities */
1878 printf("operation requires ");
1879 capname(&ktr->cap_needed);
1880 printf(", descriptor holds ");
1881 capname(&ktr->cap_held);
1883 case CAPFAIL_INCREASE:
1884 /* requested more capabilities than fd already has */
1885 printf("attempt to increase capabilities from ");
1886 capname(&ktr->cap_held);
1888 capname(&ktr->cap_needed);
1890 case CAPFAIL_SYSCALL:
1891 /* called restricted syscall */
1892 printf("disallowed system call");
1894 case CAPFAIL_LOOKUP:
1895 /* used ".." in strict-relative mode */
1896 printf("restricted VFS lookup");
1899 printf("unknown capability failure: ");
1900 capname(&ktr->cap_needed);
1902 capname(&ktr->cap_held);
1909 ktrfault(struct ktr_fault *ktr)
1912 printf("0x%jx ", ktr->vaddr);
1913 vmprotname(ktr->type);
1918 ktrfaultend(struct ktr_faultend *ktr)
1921 vmresultname(ktr->result);
1925 #if defined(__amd64__) || defined(__i386__)
1927 linux_ktrsyscall(struct ktr_syscall *ktr)
1929 int narg = ktr->ktr_narg;
1932 if (ktr->ktr_code >= nlinux_syscalls || ktr->ktr_code < 0)
1933 printf("[%d]", ktr->ktr_code);
1935 printf("%s", linux_syscallnames[ktr->ktr_code]);
1936 ip = &ktr->ktr_args[0];
1940 print_number(ip, narg, c);
1947 linux_ktrsysret(struct ktr_sysret *ktr)
1949 register_t ret = ktr->ktr_retval;
1950 int error = ktr->ktr_error;
1951 int code = ktr->ktr_code;
1953 if (code >= nlinux_syscalls || code < 0)
1954 printf("[%d] ", code);
1956 printf("%s ", linux_syscallnames[code]);
1960 printf("%ld", (long)ret);
1961 if (ret < 0 || ret > 9)
1962 printf("/%#lx", (unsigned long)ret);
1965 printf("%ld", (long)ret);
1967 printf("%#lx", (unsigned long)ret);
1969 } else if (error == ERESTART)
1971 else if (error == EJUSTRETURN)
1972 printf("JUSTRETURN");
1974 if (ktr->ktr_error <= ELAST + 1)
1975 error = abs(bsd_to_linux_errno[ktr->ktr_error]);
1978 printf("-1 errno %d", error);
1980 printf(" %s", strerror(ktr->ktr_error));
1989 fprintf(stderr, "usage: kdump [-dEnlHRrsTA] [-f trfile] "
1990 "[-m maxdata] [-p pid] [-t trstr]\n");