xref: /netbsd-src/sbin/savecore/savecore.c (revision f3cfa6f6ce31685c6c4a758bc430e69eb99f50a4) 
1 /*	$NetBSD: savecore.c,v 1.88 2018/12/27 21:25:46 mrg Exp $	*/
2 
3 /*-
4  * Copyright (c) 1986, 1992, 1993
5  *	The Regents of the University of California.  All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. Neither the name of the University nor the names of its contributors
16  *    may be used to endorse or promote products derived from this software
17  *    without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29  * SUCH DAMAGE.
30  */
31 
32 #include <sys/cdefs.h>
33 #ifndef lint
34 __COPYRIGHT("@(#) Copyright (c) 1986, 1992, 1993\
35  The Regents of the University of California.  All rights reserved.");
36 #endif /* not lint */
37 
38 #ifndef lint
39 #if 0
40 static char sccsid[] = "@(#)savecore.c	8.5 (Berkeley) 4/28/95";
41 #else
42 __RCSID("$NetBSD: savecore.c,v 1.88 2018/12/27 21:25:46 mrg Exp $");
43 #endif
44 #endif /* not lint */
45 
46 #define _KSYMS_PRIVATE
47 
48 #include <stdbool.h>
49 
50 #include <sys/param.h>
51 #include <sys/mount.h>
52 #include <sys/msgbuf.h>
53 #include <sys/syslog.h>
54 #include <sys/time.h>
55 #include <sys/ksyms.h>
56 
57 #include <dirent.h>
58 #include <errno.h>
59 #include <fcntl.h>
60 #include <nlist.h>
61 #include <paths.h>
62 #include <stddef.h>
63 #include <stdio.h>
64 #include <stdlib.h>
65 #include <string.h>
66 #include <time.h>
67 #include <tzfile.h>
68 #include <unistd.h>
69 #include <util.h>
70 #include <limits.h>
71 #include <stdarg.h>
72 #include <kvm.h>
73 
74 extern FILE *zopen(const char *fname, const char *mode);
75 
76 /*
77  * Note that KREAD_LOGWARN takes a variable name, not pointer to it, unlike
78  * KREAD() itself.
79  */
80 #define	KREAD(kd, addr, p)\
81 	(kvm_read(kd, addr, (char *)(p), sizeof(*(p))) != sizeof(*(p)))
82 #define KREAD_LOGWARN(kd, addr, p, err)					\
83 do {									\
84 	if (KREAD(kd, addr, &(p)) != 0) {				\
85 		syslog(LOG_WARNING, "%s:%d: kvm_read " #p ": %s",	\
86 			__func__, __LINE__, kvm_geterr(kd));		\
87 		err;							\
88 	}								\
89 } while (0)
90 
91 static struct nlist current_nl[] = {	/* Namelist for currently running system. */
92 #define	X_DUMPDEV	0
93 	{ .n_name = "_dumpdev" },
94 #define	X_DUMPLO	1
95 	{ .n_name = "_dumplo" },
96 #define	X_TIME_SECOND	2
97 	{ .n_name = "_time_second" },
98 #define X_TIME		3
99 	{ .n_name = "_time" },
100 #define	X_DUMPSIZE	4
101 	{ .n_name = "_dumpsize" },
102 #define	X_VERSION	5
103 	{ .n_name = "_version" },
104 #define	X_DUMPMAG	6
105 	{ .n_name = "_dumpmag" },
106 #define	X_PANICSTR	7
107 	{ .n_name = "_panicstr" },
108 #define	X_PANICSTART	8
109 	{ .n_name = "_panicstart" },
110 #define	X_PANICEND	9
111 	{ .n_name = "_panicend" },
112 #define	X_MSGBUF	10
113 	{ .n_name = "_msgbufp" },
114 #define	X_DUMPCDEV	11
115 	{ .n_name = "_dumpcdev" },
116 #define X_SYMSZ		12
117 	{ .n_name = "_ksyms_symsz" },
118 #define X_STRSZ		13
119 	{ .n_name = "_ksyms_strsz" },
120 #define X_KHDR		14
121 	{ .n_name = "_ksyms_hdr" },
122 #define X_SYMTABS	15
123 	{ .n_name = "_ksyms_symtabs" },
124 	{ .n_name = NULL },
125 };
126 static int cursyms[] = { X_DUMPDEV, X_DUMPLO, X_VERSION, X_DUMPMAG, X_DUMPCDEV, -1 };
127 static int dumpsyms[] = { X_TIME_SECOND, X_TIME, X_DUMPSIZE, X_VERSION, X_PANICSTR,
128     X_DUMPMAG, X_SYMSZ, X_STRSZ, X_KHDR, X_SYMTABS, -1 };
129 
130 static struct nlist dump_nl[] = {	/* Name list for dumped system. */
131 	{ .n_name = "_dumpdev" },	/* Entries MUST be the same as */
132 	{ .n_name = "_dumplo" },	/*	those in current_nl[].  */
133 	{ .n_name = "_time_second" },
134 	{ .n_name = "_time" },
135 	{ .n_name = "_dumpsize" },
136 	{ .n_name = "_version" },
137 	{ .n_name = "_dumpmag" },
138 	{ .n_name = "_panicstr" },
139 	{ .n_name = "_panicstart" },
140 	{ .n_name = "_panicend" },
141 	{ .n_name = "_msgbufp" },
142 	{ .n_name = "_dumpcdev" },
143 	{ .n_name = "_ksyms_symsz" },
144 	{ .n_name = "_ksyms_strsz" },
145 	{ .n_name = "_ksyms_hdr" },
146 	{ .n_name = "_ksyms_symtabs" },
147 	{ .n_name = NULL },
148 };
149 
150 /* Types match kernel declarations. */
151 static off_t	dumplo;				/* where dump starts on dumpdev */
152 static u_int32_t dumpmag;			/* magic number in dump */
153 static int	dumpsize;			/* amount of memory dumped */
154 static off_t dumpbytes;			/* in bytes */
155 
156 static const char	*kernel;		/* name of used kernel */
157 static const char	*dirname;		/* directory to save dumps in */
158 static char	*ddname;			/* name of dump device */
159 static dev_t	dumpdev;			/* dump device */
160 static dev_t	dumpcdev = NODEV;		/* dump device (char equivalent) */
161 static int	dumpfd;				/* read/write descriptor on dev */
162 static kvm_t	*kd_dump;			/* kvm descriptor on dev	*/
163 static time_t	now;				/* current date */
164 static char	panic_mesg[1024];
165 static long	panicstr;
166 static char	vers[1024];
167 static char	gzmode[3];
168 
169 static void	check_kmem(void);
170 static int	check_space(void);
171 static void	clear_dump(void);
172 static int	Create(char *, int);
173 static int	dump_exists(int);
174 static char	*find_dev(dev_t, mode_t);
175 static int	get_crashtime(void);
176 static void	kmem_setup(int);
177 static void	Lseek(int, off_t, int);
178 static int	Open(const char *, int rw);
179 static void	save_core(int);
180 __dead static void	usage(const char *fmt, ...) __printflike(1, 2);
181 
182 int
183 main(int argc, char *argv[])
184 {
185 	int ch, level, testonly, compress, force, clear, verbose;
186 	char *ep;
187 
188 	kernel = NULL;
189 	level = 1;		/* default to fastest gzip compression */
190 	force = 0;
191 	clear = 0;
192 	testonly = 0;
193 	verbose = 0;
194 	compress = 0;
195 	gzmode[0] = 'w';
196 
197 	openlog("savecore", LOG_PERROR, LOG_DAEMON);
198 
199 	while ((ch = getopt(argc, argv, "cdfnN:vzZ:")) != -1)
200 		switch(ch) {
201 		case 'c':
202 			clear = 1;
203 			break;
204 		case 'd':		/* Not documented. */
205 		case 'v':
206 			verbose = 1;
207 			break;
208 		case 'f':
209 			force = 1;
210 			break;
211 		case 'n':
212 			testonly = 1;
213 			break;
214 		case 'N':
215 			kernel = optarg;
216 			break;
217 		case 'z':
218 			compress = 1;
219 			break;
220 		case 'Z':
221 			level = (int)strtol(optarg, &ep, 10);
222 			if (level < 0 || level > 9)
223 				usage("Invalid compression `%s'", optarg);
224 			break;
225 		case '?':
226 			usage("Missing argument for flag `%c'", optopt);
227 		default:
228 			usage("Unknown flag `%c'", ch);
229 		}
230 	argc -= optind;
231 	argv += optind;
232 
233 	if (argc != 0)
234 		dirname = argv[0];
235 	else
236 		dirname = "/var/crash";
237 
238 	gzmode[1] = level + '0';
239 
240 	(void)time(&now);
241 	kmem_setup(verbose);
242 
243 	if (clear && !testonly) {
244 		clear_dump();
245 		exit(0);
246 	}
247 
248 	if (!dump_exists(verbose) && !force)
249 		exit(1);
250 
251 	if (testonly)
252 		/* If -n was passed and there was a dump, exit at level 0 */
253 		exit(0);
254 
255 	check_kmem();
256 
257 	if (panicstr)
258 		syslog(LOG_ALERT, "reboot after panic: %s", panic_mesg);
259 	else
260 		syslog(LOG_ALERT, "reboot");
261 
262 	if ((!get_crashtime() || !check_space()) && !force)
263 		exit(1);
264 
265 	save_core(compress);
266 
267 	clear_dump();
268 	exit(0);
269 }
270 
271 static void
272 kmem_setup(int verbose)
273 {
274 	long l_dumplo;
275 	kvm_t *kd_kern;
276 	char errbuf[_POSIX2_LINE_MAX];
277 	int i, hdrsz;
278 
279 	/*
280 	 * Some names we need for the currently running system, others for
281 	 * the system that was running when the dump was made.  The values
282 	 * obtained from the current system are used to look for things in
283 	 * /dev/kmem that cannot be found in the kernel namelist, but are
284 	 * presumed to be the same (since the disk partitions are probably
285 	 * the same!)
286 	 */
287 	kd_kern = kvm_openfiles(kernel, NULL, NULL, O_RDONLY, errbuf);
288 	if (kd_kern == NULL) {
289 		syslog(LOG_ERR, "%s: kvm_openfiles: %s", kernel, errbuf);
290 		exit(1);
291 	}
292 	if (kvm_nlist(kd_kern, current_nl) == -1)
293 		syslog(LOG_ERR, "%s: kvm_nlist: %s", kernel,
294 		    kvm_geterr(kd_kern));
295 
296 	for (i = 0; cursyms[i] != -1; i++) {
297 		if (current_nl[cursyms[i]].n_value != 0)
298 			continue;
299 		switch (cursyms[i]) {
300 		case X_TIME_SECOND:
301 		case X_TIME:
302 		case X_DUMPCDEV:
303 			break;
304 		default:
305 			syslog(LOG_ERR, "%s: %s not in namelist",
306 			    kernel, current_nl[cursyms[i]].n_name);
307 			exit(1);
308 		}
309 	}
310 
311 	KREAD_LOGWARN(kd_kern, current_nl[X_DUMPDEV].n_value, dumpdev, exit(1));
312 	if (dumpdev == NODEV) {
313 		syslog(LOG_WARNING, "no core dump (no dumpdev)");
314 		exit(1);
315 	}
316 	KREAD_LOGWARN(kd_kern, current_nl[X_DUMPLO].n_value, l_dumplo, exit(1));
317 	if (l_dumplo == -1) {
318 		syslog(LOG_WARNING, "no core dump (invalid dumplo)");
319 		exit(1);
320 	}
321 	dumplo = DEV_BSIZE * (off_t) l_dumplo;
322 
323 	if (verbose)
324 		(void)printf("dumplo = %lld (%ld * %ld)\n",
325 		    (long long)dumplo, (long)(dumplo / DEV_BSIZE), (long)DEV_BSIZE);
326 	KREAD_LOGWARN(kd_kern, current_nl[X_DUMPMAG].n_value, dumpmag, exit(1));
327 
328 	(void)kvm_read(kd_kern, current_nl[X_VERSION].n_value, vers,
329 	    sizeof(vers));
330 	vers[sizeof(vers) - 1] = '\0';
331 
332 	if (current_nl[X_DUMPCDEV].n_value != 0) {
333 		KREAD_LOGWARN(kd_kern, current_nl[X_DUMPCDEV].n_value, dumpcdev,
334 		    exit(1));
335 		ddname = find_dev(dumpcdev, S_IFCHR);
336 	} else
337 		ddname = find_dev(dumpdev, S_IFBLK);
338 	if (strncmp(ddname, "/dev/cons", 8) == 0 ||
339 	    strncmp(ddname, "/dev/tty", 7) == 0 ||
340 	    strncmp(ddname, "/dev/pty", 7) == 0 ||
341 	    strncmp(ddname, "/dev/pts", 7) == 0) {
342 		syslog(LOG_ERR, "dumpdev %s is tty; override kernel", ddname);
343 		exit(1);
344 	}
345 	dumpfd = Open(ddname, O_RDWR);
346 
347 	kd_dump = kvm_openfiles(kernel, ddname, NULL, O_RDWR, errbuf);
348 	if (kd_dump == NULL) {
349 		syslog(LOG_ERR, "%s: kvm_openfiles: %s", kernel, errbuf);
350 		exit(1);
351 	}
352 
353 	if (kvm_nlist(kd_dump, dump_nl) == -1)
354 		syslog(LOG_ERR, "%s: kvm_nlist: %s", kernel,
355 		    kvm_geterr(kd_dump));
356 
357 	for (i = 0; dumpsyms[i] != -1; i++)
358 		if (dump_nl[dumpsyms[i]].n_value == 0 &&
359 			dumpsyms[i] != X_TIME_SECOND &&
360 			dumpsyms[i] != X_TIME) {
361 			syslog(LOG_ERR, "%s: %s not in namelist",
362 			    kernel, dump_nl[dumpsyms[i]].n_name);
363 			exit(1);
364 		}
365 	hdrsz = kvm_dump_mkheader(kd_dump, dumplo);
366 
367 	/*
368 	 * If 'hdrsz' == 0, kvm_dump_mkheader() failed on the magic-number
369 	 * checks, ergo no dump is present...
370 	 */
371 	if (hdrsz == 0) {
372 		syslog(LOG_WARNING, "no core dump");
373 		exit(1);
374 	}
375 	if (hdrsz == -1) {
376 		syslog(LOG_ERR, "%s: kvm_dump_mkheader: %s", kernel,
377 		    kvm_geterr(kd_dump));
378 		exit(1);
379 	}
380 	dumplo += hdrsz;
381 	kvm_close(kd_kern);
382 }
383 
384 static void
385 check_kmem(void)
386 {
387 	char *cp, *bufdata;
388 	struct kern_msgbuf msgbuf, *bufp;
389 	long panicloc, panicstart, panicend;
390 	char core_vers[1024];
391 
392 	(void)kvm_read(kd_dump, dump_nl[X_VERSION].n_value, core_vers,
393 	    sizeof(core_vers));
394 	core_vers[sizeof(core_vers) - 1] = '\0';
395 
396 	if (strcmp(vers, core_vers) != 0)
397 		syslog(LOG_WARNING,
398 		    "warning: %s version mismatch:\n\t%s\nand\t%s\n",
399 		    kvm_getkernelname(kd_dump), vers, core_vers);
400 
401 	panicstart = panicend = 0;
402 	KREAD_LOGWARN(kd_dump, dump_nl[X_PANICSTART].n_value, panicstart,
403 	    goto nomsguf);
404 	KREAD_LOGWARN(kd_dump, dump_nl[X_PANICEND].n_value, panicend,
405 	    goto nomsguf);
406 
407 	if (panicstart != 0 && panicend != 0) {
408 		KREAD_LOGWARN(kd_dump, dump_nl[X_MSGBUF].n_value, bufp,
409 		    goto nomsguf);
410 		/* Reads msg_bufs[1], but doesn't matter. */
411 		KREAD_LOGWARN(kd_dump, (long)bufp, msgbuf,
412 		    goto nomsguf);
413 		if (msgbuf.msg_magic != MSG_MAGIC) {
414 			syslog(LOG_WARNING, "msgbuf magic incorrect (%lx != %lx)",
415 			    msgbuf.msg_magic, (long)MSG_MAGIC);
416 			goto nomsguf;
417 		}
418 		bufdata = malloc(msgbuf.msg_bufs);
419 		if (bufdata == NULL) {
420 			syslog(LOG_WARNING, "couldn't allocate space for msgbuf data");
421 			goto nomsguf;
422 		}
423 		if (kvm_read(kd_dump, (long)&bufp->msg_bufc, bufdata,
424 		    msgbuf.msg_bufs) != msgbuf.msg_bufs) {
425 			syslog(LOG_WARNING, "kvm_read dmesg buffer: %s",
426 			    kvm_geterr(kd_dump));
427 			free(bufdata);
428 			goto nomsguf;
429 		}
430 		cp = panic_mesg;
431 		while (panicstart != panicend && cp < &panic_mesg[sizeof(panic_mesg)-1]) {
432 			*cp++ = bufdata[panicstart];
433 			panicstart++;
434 			if (panicstart >= msgbuf.msg_bufs)
435 				panicstart = 0;
436 		}
437 		/* Don't end in a new-line */
438 		cp = &panic_mesg[strlen(panic_mesg)] - 1;
439 		if (*cp == '\n')
440 			*cp = '\0';
441 		panic_mesg[sizeof(panic_mesg) - 1] = '\0';
442 		free(bufdata);
443 
444 		panicstr = 1;	/* anything not zero */
445 		return;
446 	}
447 nomsguf:
448 	KREAD_LOGWARN(kd_dump, dump_nl[X_PANICSTR].n_value, panicstr,
449 	    return);
450 	if (panicstr) {
451 		cp = panic_mesg;
452 		panicloc = panicstr;
453 		do {
454 			if (KREAD(kd_dump, panicloc, cp) != 0) {
455 				syslog(LOG_WARNING, "kvm_read msgbuf: %s",
456 				    kvm_geterr(kd_dump));
457 				break;
458 			}
459 			panicloc++;
460 		} while (*cp++ && cp < &panic_mesg[sizeof(panic_mesg)-1]);
461 		panic_mesg[sizeof(panic_mesg) - 1] = '\0';
462 	}
463 }
464 
465 static int
466 dump_exists(int verbose)
467 {
468 	u_int32_t newdumpmag;
469 
470 	/* Read the dump magic and size. */
471 	KREAD_LOGWARN(kd_dump, dump_nl[X_DUMPMAG].n_value, newdumpmag, return 0);
472 	KREAD_LOGWARN(kd_dump, dump_nl[X_DUMPSIZE].n_value, dumpsize, return 0);
473 
474 	dumpbytes = (off_t)dumpsize * getpagesize();
475 
476 	/*
477 	 * Return zero if core dump doesn't seem to be there, and note
478 	 * it for syslog.  This check and return happens after the dump size
479 	 * is read, so dumpsize is whether or not the core is valid (for -f).
480 	 */
481 	if (newdumpmag != dumpmag) {
482 		if (verbose)
483 			syslog(LOG_WARNING, "magic number mismatch "
484 			    "(%#x != %#x)", newdumpmag, dumpmag);
485 		syslog(LOG_WARNING, "no core dump");
486 		return (0);
487 	}
488 	return (1);
489 }
490 
491 static void
492 clear_dump(void)
493 {
494 	if (kvm_dump_inval(kd_dump) == -1)
495 		syslog(LOG_ERR, "%s: kvm_dump_inval: %s", ddname,
496 		    kvm_geterr(kd_dump));
497 
498 }
499 
500 static char buf[1024 * 1024];
501 
502 static void
503 save_kernel(FILE *fp, char *path)
504 {
505 	int nw, nr, ifd;
506 
507 	ifd = Open(kernel, O_RDONLY);
508 	while ((nr = read(ifd, buf, sizeof(buf))) > 0) {
509 		nw = fwrite(buf, 1, nr, fp);
510 		if (nw != nr) {
511 			syslog(LOG_ERR, "%s: %s",
512 			    path, strerror(nw == 0 ? EIO : errno));
513 			syslog(LOG_WARNING,
514 			    "WARNING: kernel may be incomplete");
515 			exit(1);
516 		}
517 	}
518 	if (nr < 0) {
519 		syslog(LOG_ERR, "%s: %m", kernel);
520 		syslog(LOG_WARNING, "WARNING: kernel may be incomplete");
521 		exit(1);
522 	}
523 }
524 
525 static int
526 ksymsget(u_long addr, void *ptr, size_t size)
527 {
528 
529 	if ((size_t)kvm_read(kd_dump, addr, ptr, size) != size) {
530 		syslog(LOG_WARNING, "kvm_read ksyms: %s", kvm_geterr(kd_dump));
531 		return 1;
532 	}
533 	return 0;
534 }
535 
536 static int
537 save_ksyms(FILE *fp, char *path)
538 {
539 	struct ksyms_hdr khdr;
540 	int nw, symsz, strsz;
541 	TAILQ_HEAD(, ksyms_symtab) symtabs;
542 	struct ksyms_symtab st, *stptr;
543 	void *p;
544 
545 	/* Get basic info and ELF headers, check if ksyms was on. */
546 	if (ksymsget(dump_nl[X_KHDR].n_value, &khdr, sizeof(khdr)))
547 		return 1;
548 	if (ksymsget(dump_nl[X_SYMSZ].n_value, &symsz, sizeof(symsz)))
549 		return 1;
550 	if (ksymsget(dump_nl[X_STRSZ].n_value, &strsz, sizeof(strsz)))
551 		return 1;
552 	if (symsz == 0 || strsz == 0)
553 		return 1;
554 
555 	/* Update the ELF section headers for symbols/strings. */
556 	khdr.kh_shdr[SYMTAB].sh_size = symsz;
557 	khdr.kh_shdr[SYMTAB].sh_info = symsz / sizeof(Elf_Sym);
558 	khdr.kh_shdr[STRTAB].sh_offset = symsz +
559 	    khdr.kh_shdr[SYMTAB].sh_offset;
560 	khdr.kh_shdr[STRTAB].sh_size = strsz;
561 
562 	/* Write out the ELF headers. */
563 	nw = fwrite(&khdr, 1, sizeof(khdr), fp);
564 	if (nw != sizeof(khdr)) {
565 		syslog(LOG_ERR, "%s: %s",
566 		    path, strerror(nw == 0 ? EIO : errno));
567 		syslog(LOG_WARNING,
568 		    "WARNING: kernel may be incomplete");
569 		exit(1);
570         }
571 
572         /* Dump symbol table. */
573 	if (ksymsget(dump_nl[X_SYMTABS].n_value, &symtabs, sizeof(symtabs)))
574 		return 1;
575 	stptr = TAILQ_FIRST(&symtabs);
576 	while (stptr != NULL) {
577 		if (ksymsget((u_long)stptr, &st, sizeof(st)))
578 			return 1;
579 		stptr = TAILQ_NEXT(&st, sd_queue);
580 		if ((p = malloc(st.sd_symsize)) == NULL)
581 			return 1;
582 		if (ksymsget((u_long)st.sd_symstart, p, st.sd_symsize)) {
583 			free(p);
584 			return 1;
585 		}
586 		nw = fwrite(p, 1, st.sd_symsize, fp);
587 		free(p);
588 		if (nw != st.sd_symsize) {
589 			syslog(LOG_ERR, "%s: %s",
590 			    path, strerror(nw == 0 ? EIO : errno));
591 			syslog(LOG_WARNING,
592 			    "WARNING: kernel may be incomplete");
593 			exit(1);
594 		}
595 	}
596 
597 	/* Dump string table. */
598 	if (ksymsget(dump_nl[X_SYMTABS].n_value, &symtabs, sizeof(symtabs)))
599 		return 1;
600 	stptr = TAILQ_FIRST(&symtabs);
601 	while (stptr != NULL) {
602 		if (ksymsget((u_long)stptr, &st, sizeof(st)))
603 			return 1;
604 		stptr = TAILQ_NEXT(&st, sd_queue);
605 		if ((p = malloc(st.sd_symsize)) == NULL)
606 			return 1;
607 		if (ksymsget((u_long)st.sd_strstart, p, st.sd_strsize)) {
608 			free(p);
609 			return 1;
610 		}
611 		nw = fwrite(p, 1, st.sd_strsize, fp);
612 		free(p);
613 		if (nw != st.sd_strsize) {
614 			syslog(LOG_ERR, "%s: %s",
615 			    path, strerror(nw == 0 ? EIO : errno));
616 			syslog(LOG_WARNING,
617 			    "WARNING: kernel may be incomplete");
618 			exit(1);
619 		}
620 	}
621 
622 	return 0;
623 }
624 
625 static void
626 save_core(int compress)
627 {
628 	FILE *fp;
629 	int bounds, ifd, nr, nw, ofd, tryksyms;
630 	char path[MAXPATHLEN], rbuf[MAXPATHLEN];
631 	const char *rawp;
632 
633 	ofd = -1;
634 	/*
635 	 * Get the current number and update the bounds file.  Do the update
636 	 * now, because may fail later and don't want to overwrite anything.
637 	 */
638 	umask(066);
639 	(void)snprintf(path, sizeof(path), "%s/bounds", dirname);
640 	if ((fp = fopen(path, "r")) == NULL)
641 		goto err1;
642 	if (fgets(buf, sizeof(buf), fp) == NULL) {
643 		if (ferror(fp))
644 err1:			syslog(LOG_WARNING, "%s: %m", path);
645 		bounds = 0;
646 	} else
647 		bounds = atoi(buf);
648 	if (fp != NULL)
649 		(void)fclose(fp);
650 	if ((fp = fopen(path, "w")) == NULL)
651 		syslog(LOG_ERR, "%s: %m", path);
652 	else {
653 		(void)fprintf(fp, "%d\n", bounds + 1);
654 		(void)fclose(fp);
655 	}
656 
657 	/* Create the core file. */
658 	(void)snprintf(path, sizeof(path), "%s/netbsd.%d.core%s",
659 	    dirname, bounds, compress ? ".gz" : "");
660 	if (compress) {
661 		if ((fp = zopen(path, gzmode)) == NULL) {
662 			syslog(LOG_ERR, "%s: %m", path);
663 			exit(1);
664 		}
665 	} else {
666 		ofd = Create(path, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
667 		fp  = fdopen(ofd, "w");
668 		if (fp == NULL) {
669 			syslog(LOG_ERR, "%s: fdopen: %m", path);
670 			exit(1);
671 		}
672 	}
673 
674 	if (dumpcdev == NODEV) {
675 		/* Open the raw device. */
676 		rawp = getdiskrawname(rbuf, sizeof(rbuf), ddname);
677 		if (rawp == NULL) {
678 			syslog(LOG_WARNING, "%s: %m; can't convert to raw",
679 			    ddname);
680 			rawp = ddname;
681 		}
682 		if ((ifd = open(rawp, O_RDONLY)) == -1) {
683 			syslog(LOG_WARNING, "%s: %m; using block device",
684 			    rawp);
685 			ifd = dumpfd;
686 		}
687 	} else {
688 		rawp = ddname;
689 		ifd = dumpfd;
690 	}
691 
692 	/* Seek to the start of the core. */
693 	Lseek(ifd, dumplo, SEEK_SET);
694 
695 	if (kvm_dump_wrtheader(kd_dump, fp, (int32_t)dumpbytes) == -1) {
696 		syslog(LOG_ERR, "kvm_dump_wrtheader: %s : %s", path,
697 		    kvm_geterr(kd_dump));
698 		exit(1);
699 	}
700 
701 	/* Copy the core file. */
702 	syslog(LOG_NOTICE, "writing %score to %s",
703 	    compress ? "compressed " : "", path);
704 	for (; dumpbytes > (off_t)0; dumpbytes -= (off_t)nr) {
705 		char nbuf[7];
706 		humanize_number(nbuf, 7, dumpbytes, "", HN_AUTOSCALE, 0);
707 		(void)printf("%7s\r", nbuf);
708 		(void)fflush(stdout);
709 		nr = read(ifd, buf, MIN(dumpbytes, (off_t)sizeof(buf)));
710 		if (nr <= 0) {
711 			if (nr == 0)
712 				syslog(LOG_WARNING,
713 				    "WARNING: EOF on dump device");
714 			else
715 				syslog(LOG_ERR, "%s: %m", rawp);
716 			goto err2;
717 		}
718 		nw = fwrite(buf, 1, nr, fp);
719 		if (nw != nr) {
720 			syslog(LOG_ERR, "%s: %s",
721 			    path, strerror(nw == 0 ? EIO : errno));
722 err2:			syslog(LOG_WARNING,
723 			    "WARNING: core may be incomplete");
724 			(void)printf("\n");
725 			exit(1);
726 		}
727 	}
728 	if (dumpcdev == NODEV)
729 		(void)close(ifd);
730 	(void)fclose(fp);
731 
732 	/* Create a kernel. */
733 	(void)snprintf(path, sizeof(path), "%s/netbsd.%d%s",
734 	    dirname, bounds, compress ? ".gz" : "");
735 	syslog(LOG_NOTICE, "writing %skernel to %s",
736 	    compress ? "compressed " : "", path);
737 	for (tryksyms = 1;; tryksyms = 0) {
738 		if (compress) {
739 			if ((fp = zopen(path, gzmode)) == NULL) {
740 				syslog(LOG_ERR, "%s: %m", path);
741 				exit(1);
742 			}
743 		} else {
744 			ofd = Create(path, S_IRUSR | S_IWUSR);
745 			fp  = fdopen(ofd, "w");
746 			if (fp == NULL) {
747 				syslog(LOG_ERR, "fdopen: %m");
748 				exit(1);
749 			}
750 		}
751 		if (tryksyms) {
752 			if (!save_ksyms(fp, path))
753 				break;
754 			(void)fclose(fp);
755 			unlink(path);
756 		} else {
757 			save_kernel(fp, path);
758 			break;
759 		}
760 	}
761 	(void)fclose(fp);
762 
763 	/*
764 	 * For development systems where the crash occurs during boot
765 	 * to multiuser.
766 	 */
767 	sync();
768 	sleep(1);
769 	sync();
770 	sleep(1);
771 }
772 
773 static char *
774 find_dev(dev_t dev, mode_t type)
775 {
776 	DIR *dfd;
777 	struct dirent *dir;
778 	struct stat sb;
779 	char *dp, device[MAXPATHLEN + 1], *p;
780 	size_t l;
781 
782 	if ((dfd = opendir(_PATH_DEV)) == NULL) {
783 		syslog(LOG_ERR, "%s: %m", _PATH_DEV);
784 		exit(1);
785 	}
786 	strlcpy(device, _PATH_DEV, sizeof(device));
787 	p = &device[strlen(device)];
788 	l = sizeof(device) - strlen(device);
789 	while ((dir = readdir(dfd))) {
790 		strlcpy(p, dir->d_name, l);
791 		if (lstat(device, &sb)) {
792 			syslog(LOG_ERR, "%s: %m", device);
793 			continue;
794 		}
795 		if ((sb.st_mode & S_IFMT) != type)
796 			continue;
797 		if (dev == sb.st_rdev) {
798 			closedir(dfd);
799 			if ((dp = strdup(device)) == NULL) {
800 				syslog(LOG_ERR, "%m");
801 				exit(1);
802 			}
803 			return (dp);
804 		}
805 	}
806 	closedir(dfd);
807 	syslog(LOG_ERR, "can't find device %lld/%lld",
808 	    (long long)major(dev), (long long)minor(dev));
809 	exit(1);
810 }
811 
812 static int
813 get_crashtime(void)
814 {
815 	time_t dumptime;			/* Time the dump was taken. */
816 	struct timeval dtime;
817 
818 	if (KREAD(kd_dump, dump_nl[X_TIME_SECOND].n_value, &dumptime) != 0) {
819 		if (KREAD(kd_dump, dump_nl[X_TIME].n_value, &dtime) != 0) {
820 			syslog(LOG_WARNING, "kvm_read dumptime: %s (and _time_second "
821 			    "is not defined also)", kvm_geterr(kd_dump));
822 			return (0);
823 		}
824 		dumptime = dtime.tv_sec;
825 	}
826 	if (dumptime == 0) {
827 		syslog(LOG_WARNING, "dump time is zero");
828 		return (0);
829 	}
830 	syslog(LOG_INFO, "system went down at %s", ctime(&dumptime));
831 #define	LEEWAY	(60 * SECSPERDAY)
832 	if (dumptime < now - LEEWAY || dumptime > now + LEEWAY) {
833 		syslog(LOG_WARNING, "dump time is unreasonable");
834 		return (0);
835 	}
836 	return (1);
837 }
838 
839 static int
840 check_space(void)
841 {
842 	FILE *fp;
843 	off_t minfree, spacefree, kernelsize, needed;
844 	struct stat st;
845 	struct statvfs fsbuf;
846 	char mbuf[100], path[MAXPATHLEN];
847 
848 	/* XXX assume a reasonable default, unless we find a kernel. */
849 	kernelsize = 20 * 1024 * 1024;
850 	if (!stat(kernel, &st)) kernelsize = st.st_blocks * S_BLKSIZE;
851 	if (statvfs(dirname, &fsbuf) < 0) {
852 		syslog(LOG_ERR, "%s: %m", dirname);
853 		exit(1);
854 	}
855 	spacefree = fsbuf.f_bavail;
856 	spacefree *= fsbuf.f_frsize;
857 	spacefree /= 1024;
858 
859 	(void)snprintf(path, sizeof(path), "%s/minfree", dirname);
860 	if ((fp = fopen(path, "r")) == NULL)
861 		minfree = 0;
862 	else {
863 		if (fgets(mbuf, sizeof(mbuf), fp) == NULL)
864 			minfree = 0;
865 		else
866 			minfree = atoi(mbuf);
867 		(void)fclose(fp);
868 	}
869 
870 	needed = (dumpbytes + kernelsize) / 1024;
871  	if (minfree > 0 && spacefree - needed < minfree) {
872 		syslog(LOG_WARNING,
873 		    "no dump, not enough free space in %s", dirname);
874 		return (0);
875 	}
876 	if (spacefree - needed < minfree)
877 		syslog(LOG_WARNING,
878 		    "dump performed, but free space threshold crossed");
879 	return (1);
880 }
881 
882 static int
883 Open(const char *name, int rw)
884 {
885 	int fd;
886 
887 	if ((fd = open(name, rw, 0)) < 0) {
888 		syslog(LOG_ERR, "%s: %m", name);
889 		exit(1);
890 	}
891 	return (fd);
892 }
893 
894 static void
895 Lseek(int fd, off_t off, int flag)
896 {
897 	off_t ret;
898 
899 	ret = lseek(fd, off, flag);
900 	if (ret == -1) {
901 		syslog(LOG_ERR, "lseek: %m");
902 		exit(1);
903 	}
904 }
905 
906 static int
907 Create(char *file, int mode)
908 {
909 	int fd;
910 
911 	fd = open(file, O_WRONLY | O_CREAT | O_TRUNC, mode);
912 	if (fd < 0) {
913 		syslog(LOG_ERR, "%s: %m", file);
914 		exit(1);
915 	}
916 	return (fd);
917 }
918 
919 static void
920 usage(const char *fmt, ...)
921 {
922 	va_list ap;
923 	va_start(ap, fmt);
924 	(void)vsyslog(LOG_ERR, fmt, ap);
925 	va_end(ap);
926 	(void)syslog(LOG_ERR,
927 	    "Usage: %s [-cfnvz] [-N system] [-Z level] [directory]",
928 	    getprogname());
929 	exit(1);
930 }
931