xref: /illumos-gate/usr/src/cmd/mdb/common/mdb/mdb_main.c (revision d363b1b0cb9ef6d6f3febdd8d1cba46507e97098)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  * Copyright 2012, Josef 'Jeff' Sipek <jeffpc@31bits.net>. All rights reserved.
25  */
26 
27 /*
28  * Copyright 2019 Joyent, Inc.
29  */
30 
31 #include <sys/types.h>
32 #include <sys/mman.h>
33 #include <sys/priocntl.h>
34 #include <sys/rtpriocntl.h>
35 #include <sys/resource.h>
36 #include <sys/termios.h>
37 #include <sys/param.h>
38 #include <sys/regset.h>
39 #include <sys/frame.h>
40 #include <sys/stack.h>
41 #include <sys/reg.h>
42 
43 #include <libproc.h>
44 #include <libscf.h>
45 #include <alloca.h>
46 #include <unistd.h>
47 #include <string.h>
48 #include <stdlib.h>
49 #include <fcntl.h>
50 #include <dlfcn.h>
51 #include <libctf.h>
52 #include <errno.h>
53 #include <kvm.h>
54 
55 #include <mdb/mdb_lex.h>
56 #include <mdb/mdb_debug.h>
57 #include <mdb/mdb_signal.h>
58 #include <mdb/mdb_string.h>
59 #include <mdb/mdb_modapi.h>
60 #include <mdb/mdb_target.h>
61 #include <mdb/mdb_gelf.h>
62 #include <mdb/mdb_conf.h>
63 #include <mdb/mdb_err.h>
64 #include <mdb/mdb_io_impl.h>
65 #include <mdb/mdb_frame.h>
66 #include <mdb/mdb_set.h>
67 #include <kmdb/kmdb_kctl.h>
68 #include <mdb/mdb.h>
69 
70 #ifndef STACK_BIAS
71 #define	STACK_BIAS	0
72 #endif
73 
74 #if defined(__sparc)
75 #define	STACK_REGISTER	SP
76 #else
77 #define	STACK_REGISTER	REG_FP
78 #endif
79 
80 #ifdef _LP64
81 #define	MDB_DEF_IPATH	\
82 	"%r/usr/platform/%p/lib/adb/%i:" \
83 	"%r/usr/platform/%m/lib/adb/%i:" \
84 	"%r/usr/lib/adb/%i"
85 #define	MDB_DEF_LPATH	\
86 	"%r/usr/platform/%p/lib/mdb/%t/%i:" \
87 	"%r/usr/platform/%m/lib/mdb/%t/%i:" \
88 	"%r/usr/lib/mdb/%t/%i"
89 #else
90 #define	MDB_DEF_IPATH	\
91 	"%r/usr/platform/%p/lib/adb:" \
92 	"%r/usr/platform/%m/lib/adb:" \
93 	"%r/usr/lib/adb"
94 #define	MDB_DEF_LPATH	\
95 	"%r/usr/platform/%p/lib/mdb/%t:" \
96 	"%r/usr/platform/%m/lib/mdb/%t:" \
97 	"%r/usr/lib/mdb/%t"
98 #endif
99 
100 #define	MDB_DEF_PROMPT "> "
101 
102 /*
103  * Similar to the panic_* variables in the kernel, we keep some relevant
104  * information stored in a set of global _mdb_abort_* variables; in the
105  * event that the debugger dumps core, these will aid core dump analysis.
106  */
107 const char *volatile _mdb_abort_str;	/* reason for failure */
108 siginfo_t _mdb_abort_info;		/* signal info for fatal signal */
109 ucontext_t _mdb_abort_ctx;		/* context fatal signal interrupted */
110 int _mdb_abort_rcount;			/* number of times resume requested */
111 int _mdb_self_fd = -1;			/* fd for self as for valid_frame */
112 
113 __NORETURN static void
114 terminate(int status)
115 {
116 	(void) mdb_signal_blockall();
117 	mdb_destroy();
118 	exit(status);
119 }
120 
121 static void
122 print_frame(uintptr_t pc, int fnum)
123 {
124 	Dl_info dli;
125 
126 	if (dladdr((void *)pc, &dli)) {
127 		mdb_iob_printf(mdb.m_err, "    [%d] %s`%s+0x%lx()\n", fnum,
128 		    strbasename(dli.dli_fname), dli.dli_sname,
129 		    pc - (uintptr_t)dli.dli_saddr);
130 	} else
131 		mdb_iob_printf(mdb.m_err, "    [%d] %p()\n", fnum, pc);
132 }
133 
134 static int
135 valid_frame(struct frame *fr)
136 {
137 	static struct frame fake;
138 	uintptr_t addr = (uintptr_t)fr;
139 
140 	if (pread(_mdb_self_fd, &fake, sizeof (fake), addr) != sizeof (fake)) {
141 		mdb_iob_printf(mdb.m_err, "    invalid frame (%p)\n", fr);
142 		return (0);
143 	}
144 
145 	if (addr & (STACK_ALIGN - 1)) {
146 		mdb_iob_printf(mdb.m_err, "    mis-aligned frame (%p)\n", fr);
147 		return (0);
148 	}
149 
150 	return (1);
151 }
152 
153 /*ARGSUSED*/
154 static void
155 flt_handler(int sig, siginfo_t *sip, ucontext_t *ucp, void *data)
156 {
157 	static const struct rlimit rl = {
158 		(rlim_t)RLIM_INFINITY, (rlim_t)RLIM_INFINITY
159 	};
160 
161 	const mdb_idcmd_t *idcp = NULL;
162 
163 	if (mdb.m_frame != NULL && mdb.m_frame->f_cp != NULL)
164 		idcp = mdb.m_frame->f_cp->c_dcmd;
165 
166 	if (sip != NULL)
167 		bcopy(sip, &_mdb_abort_info, sizeof (_mdb_abort_info));
168 	if (ucp != NULL)
169 		bcopy(ucp, &_mdb_abort_ctx, sizeof (_mdb_abort_ctx));
170 
171 	_mdb_abort_info.si_signo = sig;
172 	(void) mdb_signal_sethandler(sig, MDB_SIG_DFL, NULL);
173 
174 	/*
175 	 * If there is no current dcmd, or the current dcmd comes from a
176 	 * builtin module, we don't allow resume and always core dump.
177 	 */
178 	if (idcp == NULL || idcp->idc_modp == NULL ||
179 	    idcp->idc_modp == &mdb.m_rmod || idcp->idc_modp->mod_hdl == NULL)
180 		goto dump;
181 
182 	if (mdb.m_term != NULL) {
183 		struct frame *fr = (struct frame *)
184 		    (ucp->uc_mcontext.gregs[STACK_REGISTER] + STACK_BIAS);
185 
186 		char signame[SIG2STR_MAX];
187 		int i = 1;
188 		char c;
189 
190 		if (sig2str(sig, signame) == -1) {
191 			mdb_iob_printf(mdb.m_err,
192 			    "\n*** %s: received signal %d at:\n",
193 			    mdb.m_pname, sig);
194 		} else {
195 			mdb_iob_printf(mdb.m_err,
196 			    "\n*** %s: received signal %s at:\n",
197 			    mdb.m_pname, signame);
198 		}
199 
200 		if (ucp->uc_mcontext.gregs[REG_PC] != 0)
201 			print_frame(ucp->uc_mcontext.gregs[REG_PC], i++);
202 
203 		while (fr != NULL && valid_frame(fr) && fr->fr_savpc != 0) {
204 			print_frame(fr->fr_savpc, i++);
205 			fr = (struct frame *)
206 			    ((uintptr_t)fr->fr_savfp + STACK_BIAS);
207 		}
208 
209 query:
210 		mdb_iob_printf(mdb.m_err, "\n%s: (c)ore dump, (q)uit, "
211 		    "(r)ecover, or (s)top for debugger [cqrs]? ", mdb.m_pname);
212 
213 		mdb_iob_flush(mdb.m_err);
214 
215 		for (;;) {
216 			if (IOP_READ(mdb.m_term, &c, sizeof (c)) != sizeof (c))
217 				goto dump;
218 
219 			switch (c) {
220 			case 'c':
221 			case 'C':
222 				(void) setrlimit(RLIMIT_CORE, &rl);
223 				mdb_iob_printf(mdb.m_err, "\n%s: attempting "
224 				    "to dump core ...\n", mdb.m_pname);
225 				goto dump;
226 
227 			case 'q':
228 			case 'Q':
229 				mdb_iob_discard(mdb.m_out);
230 				mdb_iob_nl(mdb.m_err);
231 				(void) mdb_signal_unblockall();
232 				terminate(1);
233 				/*NOTREACHED*/
234 
235 			case 'r':
236 			case 'R':
237 				mdb_iob_printf(mdb.m_err, "\n%s: unloading "
238 				    "module '%s' ...\n", mdb.m_pname,
239 				    idcp->idc_modp->mod_name);
240 
241 				(void) mdb_module_unload(
242 				    idcp->idc_modp->mod_name, 0);
243 
244 				(void) mdb_signal_sethandler(sig,
245 				    flt_handler, NULL);
246 
247 				_mdb_abort_rcount++;
248 				mdb.m_intr = 0;
249 				mdb.m_pend = 0;
250 
251 				(void) mdb_signal_unblockall();
252 				longjmp(mdb.m_frame->f_pcb, MDB_ERR_ABORT);
253 				/*NOTREACHED*/
254 
255 			case 's':
256 			case 'S':
257 				mdb_iob_printf(mdb.m_err, "\n%s: "
258 				    "attempting to stop pid %d ...\n",
259 				    mdb.m_pname, (int)getpid());
260 
261 				/*
262 				 * Stop ourself; if this fails or we are
263 				 * subsequently continued, ask again.
264 				 */
265 				(void) mdb_signal_raise(SIGSTOP);
266 				(void) mdb_signal_unblockall();
267 				goto query;
268 			}
269 		}
270 	}
271 
272 dump:
273 	if (SI_FROMUSER(sip)) {
274 		(void) mdb_signal_block(sig);
275 		(void) mdb_signal_raise(sig);
276 	}
277 
278 	(void) sigfillset(&ucp->uc_sigmask);
279 	(void) sigdelset(&ucp->uc_sigmask, sig);
280 
281 	if (_mdb_abort_str == NULL)
282 		_mdb_abort_str = "fatal signal received";
283 
284 	ucp->uc_flags |= UC_SIGMASK;
285 	(void) setcontext(ucp);
286 }
287 
288 /*ARGSUSED*/
289 static void
290 int_handler(int sig, siginfo_t *sip, ucontext_t *ucp, void *data)
291 {
292 	if (mdb.m_intr == 0)
293 		longjmp(mdb.m_frame->f_pcb, MDB_ERR_SIGINT);
294 	else
295 		mdb.m_pend++;
296 }
297 
298 static void
299 control_kmdb(int start)
300 {
301 	int fd;
302 
303 	if ((fd = open("/dev/kmdb", O_RDONLY)) < 0)
304 		die("failed to open /dev/kmdb");
305 
306 	if (start) {
307 		char *state = mdb_get_config();
308 
309 		if (ioctl(fd, KMDB_IOC_START, state) < 0)
310 			die("failed to start kmdb");
311 
312 		strfree(state);
313 	} else {
314 		if (ioctl(fd, KMDB_IOC_STOP) < 0)
315 			die("failed to stop kmdb");
316 	}
317 
318 	(void) close(fd);
319 }
320 
321 static void
322 usage(int status)
323 {
324 	mdb_iob_printf(mdb.m_err, "Usage: %s [-fkmuwyAFKMSUW] [+/-o option] "
325 	    "[-b VM] [-p pid] [-s dist] [-I path] [-L path]\n\t[-P prompt] "
326 	    "[-R root] [-V dis-version] [-e expr] "
327 	    "[object [core] | core | suffix]\n\n",
328 	    mdb.m_pname);
329 
330 	mdb_iob_puts(mdb.m_err,
331 	    "\t-b attach to specified bhyve VM\n"
332 	    "\t-e evaluate expr and return status\n"
333 	    "\t-f force raw file debugging mode\n"
334 	    "\t-k force kernel debugging mode\n"
335 	    "\t-m disable demand-loading of module symbols\n"
336 	    "\t-o set specified debugger option (+o to unset)\n"
337 	    "\t-p attach to specified process-id\n"
338 	    "\t-s set symbol matching distance\n"
339 	    "\t-u force user program debugging mode\n"
340 	    "\t-w enable write mode\n"
341 	    "\t-y send terminal initialization sequences for tty mode\n"
342 	    "\t-A disable automatic loading of mdb modules\n"
343 	    "\t-F enable forcible takeover mode\n"
344 	    "\t-K stop operating system and enter live kernel debugger\n"
345 	    "\t-M preload all module symbols\n"
346 	    "\t-I set initial path for macro files\n"
347 	    "\t-L set initial path for module libs\n"
348 	    "\t-P set command-line prompt\n"
349 	    "\t-R set root directory for pathname expansion\n"
350 	    "\t-S suppress processing of ~/.mdbrc file\n"
351 	    "\t-U unload live kernel debugger\n"
352 	    "\t-W enable I/O-mapped memory access (kernel only)\n"
353 	    "\t-V set disassembler version\n");
354 
355 	terminate(status);
356 }
357 
358 static char *
359 mdb_scf_console_term(void)
360 {
361 	scf_simple_prop_t *prop;
362 	char *term = NULL;
363 
364 	if ((prop = scf_simple_prop_get(NULL,
365 	    "svc:/system/console-login:default", "ttymon",
366 	    "terminal_type")) == NULL)
367 		return (NULL);
368 
369 	if (scf_simple_prop_type(prop) == SCF_TYPE_ASTRING &&
370 	    (term = scf_simple_prop_next_astring(prop)) != NULL)
371 		term = strdup(term);
372 
373 	scf_simple_prop_free(prop);
374 	return (term);
375 }
376 
377 /*
378  * Unpleasant hack: we might be debugging a hypervisor domain dump.
379  * Earlier versions use a non-ELF file.  Later versions are ELF, but are
380  * /always/ ELF64, so our standard ehdr check isn't good enough.  Since
381  * we don't want to know too much about the file format, we'll ask
382  * mdb_kb.
383  */
384 #ifdef __x86
385 static int
386 identify_xvm_file(const char *file, int *longmode)
387 {
388 	int (*identify)(const char *, int *);
389 
390 	if (mdb_module_load("mdb_kb", MDB_MOD_GLOBAL | MDB_MOD_SILENT) != 0)
391 		return (0);
392 
393 	identify = (int (*)())dlsym(RTLD_NEXT, "xkb_identify");
394 
395 	if (identify == NULL)
396 		return (0);
397 
398 	return (identify(file, longmode));
399 }
400 #else
401 /*ARGSUSED*/
402 static int
403 identify_xvm_file(const char *file, int *longmode)
404 {
405 	return (0);
406 }
407 #endif /* __x86 */
408 
409 #ifndef __amd64
410 /*
411  * There is no bhyve target in a 32bit x86 or any SPARC mdb. This dummy helps
412  * keep the code simpler.
413  */
414 /*ARGSUSED*/
415 static int
416 mdb_bhyve_tgt_create(mdb_tgt_t *t, int argc, const char *argv[])
417 {
418 	return (set_errno(EINVAL));
419 }
420 #endif
421 
422 int
423 main(int argc, char *argv[], char *envp[])
424 {
425 	extern int mdb_kvm_is_compressed_dump(mdb_io_t *);
426 	extern int mdb_kvm_is_dump(mdb_io_t *);
427 	mdb_tgt_ctor_f *tgt_ctor = NULL;
428 	const char **tgt_argv = alloca((argc + 2) * sizeof (char *));
429 	int tgt_argc = 0;
430 	mdb_tgt_t *tgt;
431 
432 	char object[MAXPATHLEN], execname[MAXPATHLEN];
433 	mdb_io_t *in_io, *out_io, *err_io, *null_io;
434 	struct termios tios;
435 	int status, c;
436 	char *p;
437 
438 	const char *Iflag = NULL, *Lflag = NULL, *Vflag = NULL, *pidarg = NULL;
439 	const char *eflag = NULL;
440 	int fflag = 0, Kflag = 0, Rflag = 0, Sflag = 0, Oflag = 0, Uflag = 0;
441 	int bflag = 0;
442 
443 	int ttylike;
444 	int longmode = 0;
445 
446 	stack_t sigstack;
447 
448 	if (realpath(getexecname(), execname) == NULL) {
449 		(void) strncpy(execname, argv[0], MAXPATHLEN);
450 		execname[MAXPATHLEN - 1] = '\0';
451 	}
452 
453 	mdb_create(execname, argv[0]);
454 	bzero(tgt_argv, argc * sizeof (char *));
455 	argv[0] = (char *)mdb.m_pname;
456 	_mdb_self_fd = open("/proc/self/as", O_RDONLY);
457 
458 	mdb.m_env = envp;
459 
460 	out_io = mdb_fdio_create(STDOUT_FILENO);
461 	mdb.m_out = mdb_iob_create(out_io, MDB_IOB_WRONLY);
462 
463 	err_io = mdb_fdio_create(STDERR_FILENO);
464 	mdb.m_err = mdb_iob_create(err_io, MDB_IOB_WRONLY);
465 	mdb_iob_clrflags(mdb.m_err, MDB_IOB_AUTOWRAP);
466 
467 	null_io = mdb_nullio_create();
468 	mdb.m_null = mdb_iob_create(null_io, MDB_IOB_WRONLY);
469 
470 	in_io = mdb_fdio_create(STDIN_FILENO);
471 	if ((mdb.m_termtype = getenv("TERM")) != NULL) {
472 		mdb.m_termtype = strdup(mdb.m_termtype);
473 		mdb.m_flags |= MDB_FL_TERMGUESS;
474 	}
475 	mdb.m_term = NULL;
476 
477 	mdb_dmode(mdb_dstr2mode(getenv("MDB_DEBUG")));
478 	mdb.m_pgid = getpgrp();
479 
480 	if (getenv("_MDB_EXEC") != NULL)
481 		mdb.m_flags |= MDB_FL_EXEC;
482 
483 	/*
484 	 * Setup an alternate signal stack.  When tearing down pipelines in
485 	 * terminate(), we may have to destroy the stack of the context in
486 	 * which we are currently executing the signal handler.
487 	 */
488 	sigstack.ss_sp = mmap(NULL, SIGSTKSZ, PROT_READ | PROT_WRITE,
489 	    MAP_PRIVATE | MAP_ANON, -1, 0);
490 	if (sigstack.ss_sp == MAP_FAILED)
491 		die("could not allocate signal stack");
492 	sigstack.ss_size = SIGSTKSZ;
493 	sigstack.ss_flags = 0;
494 	if (sigaltstack(&sigstack, NULL) != 0)
495 		die("could not set signal stack");
496 
497 	(void) mdb_signal_sethandler(SIGPIPE, MDB_SIG_IGN, NULL);
498 	(void) mdb_signal_sethandler(SIGQUIT, MDB_SIG_IGN, NULL);
499 
500 	(void) mdb_signal_sethandler(SIGILL, flt_handler, NULL);
501 	(void) mdb_signal_sethandler(SIGTRAP, flt_handler, NULL);
502 	(void) mdb_signal_sethandler(SIGIOT, flt_handler, NULL);
503 	(void) mdb_signal_sethandler(SIGEMT, flt_handler, NULL);
504 	(void) mdb_signal_sethandler(SIGFPE, flt_handler, NULL);
505 	(void) mdb_signal_sethandler(SIGBUS, flt_handler, NULL);
506 	(void) mdb_signal_sethandler(SIGSEGV, flt_handler, NULL);
507 
508 	(void) mdb_signal_sethandler(SIGHUP,
509 	    (mdb_signal_f *)(uintptr_t)terminate, NULL);
510 	(void) mdb_signal_sethandler(SIGTERM,
511 	    (mdb_signal_f *)(uintptr_t)terminate, NULL);
512 
513 	for (mdb.m_rdvers = RD_VERSION; mdb.m_rdvers > 0; mdb.m_rdvers--) {
514 		if (rd_init(mdb.m_rdvers) == RD_OK)
515 			break;
516 	}
517 
518 	for (mdb.m_ctfvers = CTF_VERSION; mdb.m_ctfvers > 0; mdb.m_ctfvers--) {
519 		if (ctf_version(mdb.m_ctfvers) != -1)
520 			break;
521 	}
522 
523 	if ((p = getenv("HISTSIZE")) != NULL && strisnum(p)) {
524 		mdb.m_histlen = strtoi(p);
525 		if (mdb.m_histlen < 1)
526 			mdb.m_histlen = 1;
527 	}
528 
529 	while (optind < argc) {
530 		while ((c = getopt(argc, argv,
531 		    "be:fkmo:p:s:uwyACD:FI:KL:MOP:R:SUV:W")) != (int)EOF) {
532 			switch (c) {
533 			case 'b':
534 				bflag++;
535 				tgt_ctor = mdb_bhyve_tgt_create;
536 				break;
537 			case 'e':
538 				if (eflag != NULL) {
539 					warn("-e already specified\n");
540 					terminate(2);
541 				}
542 				eflag = optarg;
543 				break;
544 			case 'f':
545 				fflag++;
546 				tgt_ctor = mdb_rawfile_tgt_create;
547 				break;
548 			case 'k':
549 				tgt_ctor = mdb_kvm_tgt_create;
550 				break;
551 			case 'm':
552 				mdb.m_tgtflags |= MDB_TGT_F_NOLOAD;
553 				mdb.m_tgtflags &= ~MDB_TGT_F_PRELOAD;
554 				break;
555 			case 'o':
556 				if (!mdb_set_options(optarg, TRUE))
557 					terminate(2);
558 				break;
559 			case 'p':
560 				tgt_ctor = mdb_proc_tgt_create;
561 				pidarg = optarg;
562 				break;
563 			case 's':
564 				if (!strisnum(optarg)) {
565 					warn("expected integer following -s\n");
566 					terminate(2);
567 				}
568 				mdb.m_symdist = (size_t)(uint_t)strtoi(optarg);
569 				break;
570 			case 'u':
571 				tgt_ctor = mdb_proc_tgt_create;
572 				break;
573 			case 'w':
574 				mdb.m_tgtflags |= MDB_TGT_F_RDWR;
575 				break;
576 			case 'y':
577 				mdb.m_flags |= MDB_FL_USECUP;
578 				break;
579 			case 'A':
580 				(void) mdb_set_options("nomods", TRUE);
581 				break;
582 			case 'C':
583 				(void) mdb_set_options("noctf", TRUE);
584 				break;
585 			case 'D':
586 				mdb_dmode(mdb_dstr2mode(optarg));
587 				break;
588 			case 'F':
589 				mdb.m_tgtflags |= MDB_TGT_F_FORCE;
590 				break;
591 			case 'I':
592 				Iflag = optarg;
593 				break;
594 			case 'L':
595 				Lflag = optarg;
596 				break;
597 			case 'K':
598 				Kflag++;
599 				break;
600 			case 'M':
601 				mdb.m_tgtflags |= MDB_TGT_F_PRELOAD;
602 				mdb.m_tgtflags &= ~MDB_TGT_F_NOLOAD;
603 				break;
604 			case 'O':
605 				Oflag++;
606 				break;
607 			case 'P':
608 				if (!mdb_set_prompt(optarg))
609 					terminate(2);
610 				break;
611 			case 'R':
612 				(void) strncpy(mdb.m_root, optarg, MAXPATHLEN);
613 				mdb.m_root[MAXPATHLEN - 1] = '\0';
614 				Rflag++;
615 				break;
616 			case 'S':
617 				Sflag++;
618 				break;
619 			case 'U':
620 				Uflag++;
621 				break;
622 			case 'V':
623 				Vflag = optarg;
624 				break;
625 			case 'W':
626 				mdb.m_tgtflags |= MDB_TGT_F_ALLOWIO;
627 				break;
628 			case '?':
629 				if (optopt == '?')
630 					usage(0);
631 				/* FALLTHROUGH */
632 			default:
633 				usage(2);
634 			}
635 		}
636 
637 		if (optind < argc) {
638 			const char *arg = argv[optind++];
639 
640 			if (arg[0] == '+' && strlen(arg) == 2) {
641 				if (arg[1] != 'o') {
642 					warn("illegal option -- %s\n", arg);
643 					terminate(2);
644 				}
645 				if (optind >= argc) {
646 					warn("option requires an argument -- "
647 					    "%s\n", arg);
648 					terminate(2);
649 				}
650 				if (!mdb_set_options(argv[optind++], FALSE))
651 					terminate(2);
652 			} else
653 				tgt_argv[tgt_argc++] = arg;
654 		}
655 	}
656 
657 	if (rd_ctl(RD_CTL_SET_HELPPATH, (void *)mdb.m_root) != RD_OK) {
658 		warn("cannot set librtld_db helper path to %s\n", mdb.m_root);
659 		terminate(2);
660 	}
661 
662 	if (mdb.m_debug & MDB_DBG_HELP)
663 		terminate(0); /* Quit here if we've printed out the tokens */
664 
665 
666 	if (Iflag != NULL && strchr(Iflag, ';') != NULL) {
667 		warn("macro path cannot contain semicolons\n");
668 		terminate(2);
669 	}
670 
671 	if (Lflag != NULL && strchr(Lflag, ';') != NULL) {
672 		warn("module path cannot contain semicolons\n");
673 		terminate(2);
674 	}
675 
676 	if (Kflag || Uflag) {
677 		char *nm;
678 
679 		if (tgt_ctor != NULL || Iflag != NULL) {
680 			warn("neither -f, -k, -p, -u, nor -I "
681 			    "may be used with -K\n");
682 			usage(2);
683 		}
684 
685 		if (Lflag != NULL)
686 			mdb_set_lpath(Lflag);
687 
688 		if ((nm = ttyname(STDIN_FILENO)) == NULL ||
689 		    strcmp(nm, "/dev/console") != 0) {
690 			/*
691 			 * Due to the consequences of typing mdb -K instead of
692 			 * mdb -k on a tty other than /dev/console, we require
693 			 * -F when starting kmdb from a tty other than
694 			 * /dev/console.
695 			 */
696 			if (!(mdb.m_tgtflags & MDB_TGT_F_FORCE)) {
697 				die("-F must also be supplied to start kmdb "
698 				    "from non-console tty\n");
699 			}
700 
701 			if (mdb.m_termtype == NULL || (mdb.m_flags &
702 			    MDB_FL_TERMGUESS)) {
703 				if (mdb.m_termtype != NULL)
704 					strfree(mdb.m_termtype);
705 
706 				if ((mdb.m_termtype = mdb_scf_console_term()) !=
707 				    NULL)
708 					mdb.m_flags |= MDB_FL_TERMGUESS;
709 			}
710 		} else {
711 			/*
712 			 * When on console, $TERM (if set) takes precedence over
713 			 * the SMF setting.
714 			 */
715 			if (mdb.m_termtype == NULL && (mdb.m_termtype =
716 			    mdb_scf_console_term()) != NULL)
717 				mdb.m_flags |= MDB_FL_TERMGUESS;
718 		}
719 
720 		control_kmdb(Kflag);
721 		terminate(0);
722 		/*NOTREACHED*/
723 	}
724 
725 	if (eflag != NULL) {
726 		IOP_CLOSE(in_io);
727 		in_io = mdb_strio_create(eflag);
728 		mdb.m_lastret = 0;
729 	}
730 
731 	/*
732 	 * If standard input appears to have tty attributes, attempt to
733 	 * initialize a terminal i/o backend on top of stdin and stdout.
734 	 */
735 	ttylike = (IOP_CTL(in_io, TCGETS, &tios) == 0);
736 	if (ttylike) {
737 		if ((mdb.m_term = mdb_termio_create(mdb.m_termtype,
738 		    in_io, out_io)) == NULL) {
739 			if (!(mdb.m_flags & MDB_FL_EXEC)) {
740 				warn("term init failed: command-line editing "
741 				    "and prompt will not be available\n");
742 			}
743 		} else {
744 			in_io = mdb.m_term;
745 		}
746 	}
747 
748 	mdb.m_in = mdb_iob_create(in_io, MDB_IOB_RDONLY);
749 	if (mdb.m_term != NULL) {
750 		mdb_iob_setpager(mdb.m_out, mdb.m_term);
751 		if (mdb.m_flags & MDB_FL_PAGER)
752 			mdb_iob_setflags(mdb.m_out, MDB_IOB_PGENABLE);
753 		else
754 			mdb_iob_clrflags(mdb.m_out, MDB_IOB_PGENABLE);
755 	} else if (ttylike)
756 		mdb_iob_setflags(mdb.m_in, MDB_IOB_TTYLIKE);
757 	else
758 		mdb_iob_setbuf(mdb.m_in, mdb_alloc(1, UM_SLEEP), 1);
759 
760 	mdb_pservice_init();
761 	mdb_lex_reset();
762 
763 	if ((mdb.m_shell = getenv("SHELL")) == NULL)
764 		mdb.m_shell = "/bin/sh";
765 
766 	/*
767 	 * If the debugger state is to be inherited from a previous instance,
768 	 * restore it now prior to path evaluation so that %R is updated.
769 	 */
770 	if ((p = getenv(MDB_CONFIG_ENV_VAR)) != NULL) {
771 		mdb_set_config(p);
772 		(void) unsetenv(MDB_CONFIG_ENV_VAR);
773 	}
774 
775 	/*
776 	 * Path evaluation part 1: Create the initial module path to allow
777 	 * the target constructor to load a support module.  Then expand
778 	 * any command-line arguments that modify the paths.
779 	 */
780 	if (Iflag != NULL)
781 		mdb_set_ipath(Iflag);
782 	else
783 		mdb_set_ipath(MDB_DEF_IPATH);
784 
785 	if (Lflag != NULL)
786 		mdb_set_lpath(Lflag);
787 	else
788 		mdb_set_lpath(MDB_DEF_LPATH);
789 
790 	if (mdb_get_prompt() == NULL && !(mdb.m_flags & MDB_FL_ADB))
791 		(void) mdb_set_prompt(MDB_DEF_PROMPT);
792 
793 	if (tgt_ctor == mdb_kvm_tgt_create) {
794 		if (pidarg != NULL) {
795 			warn("-p and -k options are mutually exclusive\n");
796 			terminate(2);
797 		}
798 
799 		if (tgt_argc == 0)
800 			tgt_argv[tgt_argc++] = "/dev/ksyms";
801 		if (tgt_argc == 1 && strisnum(tgt_argv[0]) == 0) {
802 			if (mdb.m_tgtflags & MDB_TGT_F_ALLOWIO)
803 				tgt_argv[tgt_argc++] = "/dev/allkmem";
804 			else
805 				tgt_argv[tgt_argc++] = "/dev/kmem";
806 		}
807 	}
808 
809 	if (pidarg != NULL) {
810 		if (tgt_argc != 0) {
811 			warn("-p may not be used with other arguments\n");
812 			terminate(2);
813 		}
814 		if (proc_arg_psinfo(pidarg, PR_ARG_PIDS, NULL, &status) == -1) {
815 			die("cannot attach to %s: %s\n",
816 			    pidarg, Pgrab_error(status));
817 		}
818 		if (strchr(pidarg, '/') != NULL)
819 			(void) mdb_iob_snprintf(object, MAXPATHLEN,
820 			    "%s/object/a.out", pidarg);
821 		else
822 			(void) mdb_iob_snprintf(object, MAXPATHLEN,
823 			    "/proc/%s/object/a.out", pidarg);
824 		tgt_argv[tgt_argc++] = object;
825 		tgt_argv[tgt_argc++] = pidarg;
826 	}
827 
828 	/*
829 	 * Find the first argument that is not a special "-" token.  If one is
830 	 * found, we will examine this file and make some inferences below.
831 	 */
832 	for (c = 0; c < tgt_argc && strcmp(tgt_argv[c], "-") == 0; c++)
833 		continue;
834 
835 	if (c < tgt_argc) {
836 		Elf32_Ehdr ehdr;
837 		mdb_io_t *io;
838 
839 		/*
840 		 * If special "-" tokens preceded an argument, shift the entire
841 		 * argument list to the left to remove the leading "-" args.
842 		 */
843 		if (c > 0) {
844 			bcopy(&tgt_argv[c], tgt_argv,
845 			    sizeof (const char *) * (tgt_argc - c));
846 			tgt_argc -= c;
847 		}
848 
849 		if (fflag)
850 			goto tcreate; /* skip re-exec and just create target */
851 
852 		/* bhyve: directly create target, or re-exec in case of 32bit */
853 		if (bflag) {
854 #ifndef __amd64
855 			goto reexec;
856 #else
857 			goto tcreate;
858 #endif
859 		}
860 
861 		/*
862 		 * If we just have an object file name, and that file doesn't
863 		 * exist, and it's a string of digits, infer it to be a
864 		 * sequence number referring to a pair of crash dump files.
865 		 */
866 		if (tgt_argc == 1 && access(tgt_argv[0], F_OK) == -1 &&
867 		    strisnum(tgt_argv[0])) {
868 
869 			size_t len = strlen(tgt_argv[0]) + 8;
870 			const char *object = tgt_argv[0];
871 
872 			tgt_argv[0] = alloca(len);
873 			tgt_argv[1] = alloca(len);
874 
875 			(void) strcpy((char *)tgt_argv[0], "unix.");
876 			(void) strcat((char *)tgt_argv[0], object);
877 			(void) strcpy((char *)tgt_argv[1], "vmcore.");
878 			(void) strcat((char *)tgt_argv[1], object);
879 
880 			if (access(tgt_argv[0], F_OK) == -1 &&
881 			    access(tgt_argv[1], F_OK) != -1) {
882 				/*
883 				 * If we have a vmcore but not a unix file,
884 				 * set the symbol table to be the vmcore to
885 				 * force libkvm to extract it out of the dump.
886 				 */
887 				tgt_argv[0] = tgt_argv[1];
888 			} else if (access(tgt_argv[0], F_OK) == -1 &&
889 			    access(tgt_argv[1], F_OK) == -1) {
890 				(void) strcpy((char *)tgt_argv[1], "vmdump.");
891 				(void) strcat((char *)tgt_argv[1], object);
892 				if (access(tgt_argv[1], F_OK) == 0) {
893 					mdb_iob_printf(mdb.m_err,
894 					    "cannot open compressed dump; "
895 					    "decompress using savecore -f %s\n",
896 					    tgt_argv[1]);
897 					terminate(0);
898 				}
899 			}
900 
901 			tgt_argc = 2;
902 		}
903 
904 		/*
905 		 * We need to open the object file in order to determine its
906 		 * ELF class and potentially re-exec ourself.
907 		 */
908 		if ((io = mdb_fdio_create_path(NULL, tgt_argv[0],
909 		    O_RDONLY, 0)) == NULL)
910 			die("failed to open %s", tgt_argv[0]);
911 
912 		if (tgt_argc == 1) {
913 			if (mdb_kvm_is_compressed_dump(io)) {
914 				/*
915 				 * We have a single vmdump.N compressed dump
916 				 * file; give a helpful message.
917 				 */
918 				mdb_iob_printf(mdb.m_err,
919 				    "cannot open compressed dump; "
920 				    "decompress using savecore -f %s\n",
921 				    tgt_argv[0]);
922 				terminate(0);
923 			} else if (mdb_kvm_is_dump(io)) {
924 				/*
925 				 * We have an uncompressed dump as our only
926 				 * argument; specify the dump as the symbol
927 				 * table to force libkvm to dig it out of the
928 				 * dump.
929 				 */
930 				tgt_argv[tgt_argc++] = tgt_argv[0];
931 			}
932 		}
933 
934 		/*
935 		 * If the target is unknown or is not the rawfile target, do
936 		 * a gelf_check to determine if the file is an ELF file.  If
937 		 * it is not and the target is unknown, use the rawfile tgt.
938 		 * Otherwise an ELF-based target is needed, so we must abort.
939 		 */
940 		if (mdb_gelf_check(io, &ehdr, ET_NONE) == -1) {
941 			if (tgt_ctor != NULL) {
942 				(void) mdb_gelf_check(io, &ehdr, ET_EXEC);
943 				mdb_io_destroy(io);
944 				terminate(1);
945 			} else
946 				tgt_ctor = mdb_rawfile_tgt_create;
947 		}
948 
949 		mdb_io_destroy(io);
950 
951 		if (identify_xvm_file(tgt_argv[0], &longmode) == 1) {
952 #ifdef _LP64
953 			if (!longmode)
954 				goto reexec;
955 #else
956 			if (longmode)
957 				goto reexec;
958 #endif
959 			tgt_ctor = mdb_kvm_tgt_create;
960 			goto tcreate;
961 		}
962 
963 		/*
964 		 * The object file turned out to be a user core file (ET_CORE),
965 		 * and no other arguments were specified, swap 0 and 1.  The
966 		 * proc target will infer the executable for us.
967 		 */
968 		if (ehdr.e_type == ET_CORE) {
969 			tgt_argv[tgt_argc++] = tgt_argv[0];
970 			tgt_argv[0] = NULL;
971 			tgt_ctor = mdb_proc_tgt_create;
972 		}
973 
974 		/*
975 		 * If tgt_argv[1] is filled in, open it up and determine if it
976 		 * is a vmcore file.  If it is, gelf_check will fail and we
977 		 * set tgt_ctor to 'kvm'; otherwise we use the default.
978 		 */
979 		if (tgt_argc > 1 && strcmp(tgt_argv[1], "-") != 0 &&
980 		    tgt_argv[0] != NULL && pidarg == NULL) {
981 			Elf32_Ehdr chdr;
982 
983 			if (access(tgt_argv[1], F_OK) == -1)
984 				die("failed to access %s", tgt_argv[1]);
985 
986 			/* *.N case: drop vmdump.N from the list */
987 			if (tgt_argc == 3) {
988 				if ((io = mdb_fdio_create_path(NULL,
989 				    tgt_argv[2], O_RDONLY, 0)) == NULL)
990 					die("failed to open %s", tgt_argv[2]);
991 				if (mdb_kvm_is_compressed_dump(io))
992 					tgt_argv[--tgt_argc] = NULL;
993 				mdb_io_destroy(io);
994 			}
995 
996 			if ((io = mdb_fdio_create_path(NULL, tgt_argv[1],
997 			    O_RDONLY, 0)) == NULL)
998 				die("failed to open %s", tgt_argv[1]);
999 
1000 			if (mdb_gelf_check(io, &chdr, ET_NONE) == -1)
1001 				tgt_ctor = mdb_kvm_tgt_create;
1002 
1003 			mdb_io_destroy(io);
1004 		}
1005 
1006 		/*
1007 		 * At this point, we've read the ELF header for either an
1008 		 * object file or core into ehdr.  If the class does not match
1009 		 * ours, attempt to exec the mdb of the appropriate class.
1010 		 */
1011 #ifdef _LP64
1012 		if (ehdr.e_ident[EI_CLASS] == ELFCLASS32)
1013 			goto reexec;
1014 #else
1015 		if (ehdr.e_ident[EI_CLASS] == ELFCLASS64)
1016 			goto reexec;
1017 #endif
1018 	}
1019 
1020 tcreate:
1021 	if (tgt_ctor == NULL)
1022 		tgt_ctor = mdb_proc_tgt_create;
1023 
1024 	tgt = mdb_tgt_create(tgt_ctor, mdb.m_tgtflags, tgt_argc, tgt_argv);
1025 
1026 	if (tgt == NULL) {
1027 		if (errno == EINVAL)
1028 			usage(2); /* target can return EINVAL to get usage */
1029 		if (errno == EMDB_TGT)
1030 			terminate(1); /* target already printed error msg */
1031 		die("failed to initialize target");
1032 	}
1033 
1034 	mdb_tgt_activate(tgt);
1035 
1036 	mdb_create_loadable_disasms();
1037 
1038 	if (Vflag != NULL && mdb_dis_select(Vflag) == -1)
1039 		warn("invalid disassembler mode -- %s\n", Vflag);
1040 
1041 
1042 	if (Rflag && mdb.m_term != NULL)
1043 		warn("Using proto area %s\n", mdb.m_root);
1044 
1045 	/*
1046 	 * If the target was successfully constructed and -O was specified,
1047 	 * we now attempt to enter piggy-mode for debugging jurassic problems.
1048 	 */
1049 	if (Oflag) {
1050 		pcinfo_t pci;
1051 
1052 		(void) strcpy(pci.pc_clname, "RT");
1053 
1054 		if (priocntl(P_LWPID, P_MYID, PC_GETCID, (caddr_t)&pci) != -1) {
1055 			pcparms_t pcp;
1056 			rtparms_t *rtp = (rtparms_t *)pcp.pc_clparms;
1057 
1058 			rtp->rt_pri = 35;
1059 			rtp->rt_tqsecs = 0;
1060 			rtp->rt_tqnsecs = RT_TQDEF;
1061 
1062 			pcp.pc_cid = pci.pc_cid;
1063 
1064 			if (priocntl(P_LWPID, P_MYID, PC_SETPARMS,
1065 			    (caddr_t)&pcp) == -1) {
1066 				warn("failed to set RT parameters");
1067 				Oflag = 0;
1068 			}
1069 		} else {
1070 			warn("failed to get RT class id");
1071 			Oflag = 0;
1072 		}
1073 
1074 		if (mlockall(MCL_CURRENT | MCL_FUTURE) == -1) {
1075 			warn("failed to lock address space");
1076 			Oflag = 0;
1077 		}
1078 
1079 		if (Oflag)
1080 			mdb_printf("%s: oink, oink!\n", mdb.m_pname);
1081 	}
1082 
1083 	/*
1084 	 * Path evaluation part 2: Re-evaluate the path now that the target
1085 	 * is ready (and thus we have access to the real platform string).
1086 	 * Do this before reading ~/.mdbrc to allow path modifications prior
1087 	 * to performing module auto-loading.
1088 	 */
1089 	mdb_set_ipath(mdb.m_ipathstr);
1090 	mdb_set_lpath(mdb.m_lpathstr);
1091 
1092 	if (!Sflag && (p = getenv("HOME")) != NULL) {
1093 		char rcpath[MAXPATHLEN];
1094 		mdb_io_t *rc_io;
1095 		int fd;
1096 
1097 		(void) mdb_iob_snprintf(rcpath, MAXPATHLEN, "%s/.mdbrc", p);
1098 		fd = open64(rcpath, O_RDONLY);
1099 
1100 		if (fd >= 0 && (rc_io = mdb_fdio_create_named(fd, rcpath))) {
1101 			mdb_iob_t *iob = mdb_iob_create(rc_io, MDB_IOB_RDONLY);
1102 			mdb_iob_t *old = mdb.m_in;
1103 
1104 			mdb.m_in = iob;
1105 			(void) mdb_run();
1106 			mdb.m_in = old;
1107 		}
1108 	}
1109 
1110 	if (!(mdb.m_flags & MDB_FL_NOMODS))
1111 		mdb_module_load_all(0);
1112 
1113 	(void) mdb_signal_sethandler(SIGINT, int_handler, NULL);
1114 	while ((status = mdb_run()) == MDB_ERR_ABORT ||
1115 	    status == MDB_ERR_OUTPUT) {
1116 		/*
1117 		 * If a write failed on stdout, give up.  A more informative
1118 		 * error message will already have been printed by mdb_run().
1119 		 */
1120 		if (status == MDB_ERR_OUTPUT &&
1121 		    mdb_iob_getflags(mdb.m_out) & MDB_IOB_ERR) {
1122 			mdb_warn("write to stdout failed, exiting\n");
1123 			break;
1124 		}
1125 		continue;
1126 	}
1127 
1128 	terminate((status == MDB_ERR_QUIT || status == 0) ?
1129 	    (eflag != NULL && mdb.m_lastret != 0 ? 1 : 0) : 1);
1130 	/*NOTREACHED*/
1131 
1132 reexec:
1133 	if ((p = strrchr(execname, '/')) == NULL)
1134 		die("cannot determine absolute pathname\n");
1135 #ifdef _LP64
1136 #ifdef __sparc
1137 	(void) strcpy(p, "/../sparcv7/");
1138 #else
1139 	(void) strcpy(p, "/../i86/");
1140 #endif
1141 #else
1142 #ifdef __sparc
1143 	(void) strcpy(p, "/../sparcv9/");
1144 #else
1145 	(void) strcpy(p, "/../amd64/");
1146 #endif
1147 #endif
1148 	(void) strcat(p, mdb.m_pname);
1149 
1150 	if (mdb.m_term != NULL)
1151 		(void) IOP_CTL(in_io, TCSETSW, &tios);
1152 
1153 	(void) putenv("_MDB_EXEC=1");
1154 	(void) execv(execname, argv);
1155 
1156 	/*
1157 	 * If execv fails, suppress ENOEXEC.  Experience shows the most common
1158 	 * reason is that the machine is booted under a 32-bit kernel, in which
1159 	 * case it is clearer to only print the message below.
1160 	 */
1161 	if (errno != ENOEXEC)
1162 		warn("failed to exec %s", execname);
1163 #ifdef _LP64
1164 	die("64-bit %s cannot debug 32-bit program %s\n",
1165 	    mdb.m_pname, tgt_argv[0] ?
1166 	    tgt_argv[0] : tgt_argv[1]);
1167 #else
1168 	die("32-bit %s cannot debug 64-bit program %s\n",
1169 	    mdb.m_pname, tgt_argv[0] ?
1170 	    tgt_argv[0] : tgt_argv[1]);
1171 #endif
1172 
1173 	goto tcreate;
1174 }
1175