]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * Copyright (c) 2015 Apple Inc. All rights reserved. | |
3 | * | |
4 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ | |
5 | * | |
6 | * This file contains Original Code and/or Modifications of Original Code | |
7 | * as defined in and that are subject to the Apple Public Source License | |
8 | * Version 2.0 (the 'License'). You may not use this file except in | |
9 | * compliance with the License. The rights granted to you under the License | |
10 | * may not be used to create, or enable the creation or redistribution of, | |
11 | * unlawful or unlicensed copies of an Apple operating system, or to | |
12 | * circumvent, violate, or enable the circumvention or violation of, any | |
13 | * terms of an Apple operating system software license agreement. | |
14 | * | |
15 | * Please obtain a copy of the License at | |
16 | * http://www.opensource.apple.com/apsl/ and read it before using this file. | |
17 | * | |
18 | * The Original Code and all software distributed under the License are | |
19 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER | |
20 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, | |
21 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, | |
22 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. | |
23 | * Please see the License for the specific language governing rights and | |
24 | * limitations under the License. | |
25 | * | |
26 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ | |
27 | */ | |
28 | ||
29 | ||
30 | /* | |
31 | * | |
32 | * THE KCDATA MANIFESTO | |
33 | * | |
34 | * Kcdata is a self-describing data serialization format. It is meant to get | |
35 | * nested data structures out of xnu with minimum fuss, but also for that data | |
36 | * to be easy to parse. It is also meant to allow us to add new fields and | |
37 | * evolve the data format without breaking old parsers. | |
38 | * | |
39 | * Kcdata is a permanent data format suitable for long-term storage including | |
40 | * in files. It is very important that we continue to be able to parse old | |
41 | * versions of kcdata-based formats. To this end, there are several | |
42 | * invariants you MUST MAINTAIN if you alter this file. | |
43 | * | |
44 | * * None of the magic numbers should ever be a byteswap of themselves or | |
45 | * of any of the other magic numbers. | |
46 | * | |
47 | * * Never remove any type. | |
48 | * | |
49 | * * All kcdata structs must be packed, and must exclusively use fixed-size | |
50 | * types. | |
51 | * | |
52 | * * Never change the definition of any type, except to add new fields to | |
53 | * the end. | |
54 | * | |
55 | * * If you do add new fields to the end of a type, do not actually change | |
56 | * the definition of the old structure. Instead, define a new structure | |
57 | * with the new fields. See thread_snapshot_v3 as an example. This | |
58 | * provides source compatibility for old readers, and also documents where | |
59 | * the potential size cutoffs are. | |
60 | * | |
61 | * * If you change libkdd, or kcdata.py run the unit tests under libkdd. | |
62 | * | |
63 | * * If you add a type or extend an existing one, add a sample test to | |
64 | * libkdd/tests so future changes to libkdd will always parse your struct | |
65 | * correctly. | |
66 | * | |
67 | * For example to add a field to this: | |
68 | * | |
69 | * struct foobar { | |
70 | * uint32_t baz; | |
71 | * uint32_t quux; | |
72 | * } __attribute__ ((packed)); | |
73 | * | |
74 | * Make it look like this: | |
75 | * | |
76 | * struct foobar { | |
77 | * uint32_t baz; | |
78 | * uint32_t quux; | |
79 | * ///////// end version 1 of foobar. sizeof(struct foobar) was 8 //////// | |
80 | * uint32_t frozzle; | |
81 | * } __attribute__ ((packed)); | |
82 | * | |
83 | * If you are parsing kcdata formats, you MUST | |
84 | * | |
85 | * * Check the length field of each struct, including array elements. If the | |
86 | * struct is longer than you expect, you must ignore the extra data. | |
87 | * | |
88 | * * Ignore any data types you do not understand. | |
89 | * | |
90 | * Additionally, we want to be as forward compatible as we can. Meaning old | |
91 | * tools should still be able to use new data whenever possible. To this end, | |
92 | * you should: | |
93 | * | |
94 | * * Try not to add new versions of types that supplant old ones. Instead | |
95 | * extend the length of existing types or add supplemental types. | |
96 | * | |
97 | * * Try not to remove information from existing kcdata formats, unless | |
98 | * removal was explicitly asked for. For example it is fine to add a | |
99 | * stackshot flag to remove unwanted information, but you should not | |
100 | * remove it from the default stackshot if the new flag is absent. | |
101 | * | |
102 | * * (TBD) If you do break old readers by removing information or | |
103 | * supplanting old structs, then increase the major version number. | |
104 | * | |
105 | * | |
106 | * | |
107 | * The following is a description of the kcdata format. | |
108 | * | |
109 | * | |
110 | * The format for data is setup in a generic format as follows | |
111 | * | |
112 | * Layout of data structure: | |
113 | * | |
114 | * | 8 - bytes | | |
115 | * | type = MAGIC | LENGTH | | |
116 | * | 0 | | |
117 | * | type | size | | |
118 | * | flags | | |
119 | * | data | | |
120 | * |___________data____________| | |
121 | * | type | size | | |
122 | * | flags | | |
123 | * |___________data____________| | |
124 | * | type = END | size=0 | | |
125 | * | 0 | | |
126 | * | |
127 | * | |
128 | * The type field describes what kind of data is passed. For example type = TASK_CRASHINFO_UUID means the following data is a uuid. | |
129 | * These types need to be defined in task_corpses.h for easy consumption by userspace inspection tools. | |
130 | * | |
131 | * Some range of types is reserved for special types like ints, longs etc. A cool new functionality made possible with this | |
132 | * extensible data format is that kernel can decide to put more information as required without requiring user space tools to | |
133 | * re-compile to be compatible. The case of rusage struct versions could be introduced without breaking existing tools. | |
134 | * | |
135 | * Feature description: Generic data with description | |
136 | * ------------------- | |
137 | * Further more generic data with description is very much possible now. For example | |
138 | * | |
139 | * - kcdata_add_uint64_with_description(cdatainfo, 0x700, "NUM MACH PORTS"); | |
140 | * - and more functions that allow adding description. | |
141 | * The userspace tools can then look at the description and print the data even if they are not compiled with knowledge of the field apriori. | |
142 | * | |
143 | * Example data: | |
144 | * 0000 57 f1 ad de 00 00 00 00 00 00 00 00 00 00 00 00 W............... | |
145 | * 0010 01 00 00 00 00 00 00 00 30 00 00 00 00 00 00 00 ........0....... | |
146 | * 0020 50 49 44 00 00 00 00 00 00 00 00 00 00 00 00 00 PID............. | |
147 | * 0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | |
148 | * 0040 9c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | |
149 | * 0050 01 00 00 00 00 00 00 00 30 00 00 00 00 00 00 00 ........0....... | |
150 | * 0060 50 41 52 45 4e 54 20 50 49 44 00 00 00 00 00 00 PARENT PID...... | |
151 | * 0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | |
152 | * 0080 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | |
153 | * 0090 ed 58 91 f1 | |
154 | * | |
155 | * Feature description: Container markers for compound data | |
156 | * ------------------ | |
157 | * If a given kernel data type is complex and requires adding multiple optional fields inside a container | |
158 | * object for a consumer to understand arbitrary data, we package it using container markers. | |
159 | * | |
160 | * For example, the stackshot code gathers information and describes the state of a given task with respect | |
161 | * to many subsystems. It includes data such as io stats, vm counters, process names/flags and syscall counts. | |
162 | * | |
163 | * kcdata_add_container_marker(kcdata_p, KCDATA_TYPE_CONTAINER_BEGIN, STACKSHOT_KCCONTAINER_TASK, task_uniqueid); | |
164 | * // add multiple data, or add_<type>_with_description()s here | |
165 | * | |
166 | * kcdata_add_container_marker(kcdata_p, KCDATA_TYPE_CONTAINER_END, STACKSHOT_KCCONTAINER_TASK, task_uniqueid); | |
167 | * | |
168 | * Feature description: Custom Data formats on demand | |
169 | * -------------------- | |
170 | * With the self describing nature of format, the kernel provider can describe a data type (uniquely identified by a number) and use | |
171 | * it in the buffer for sending data. The consumer can parse the type information and have knowledge of describing incoming data. | |
172 | * Following is an example of how we can describe a kernel specific struct sample_disk_io_stats in buffer. | |
173 | * | |
174 | * struct sample_disk_io_stats { | |
175 | * uint64_t disk_reads_count; | |
176 | * uint64_t disk_reads_size; | |
177 | * uint64_t io_priority_count[4]; | |
178 | * uint64_t io_priority_size; | |
179 | * } __attribute__ ((packed)); | |
180 | * | |
181 | * | |
182 | * struct kcdata_subtype_descriptor disk_io_stats_def[] = { | |
183 | * {KCS_SUBTYPE_FLAGS_NONE, KC_ST_UINT64, 0 * sizeof(uint64_t), sizeof(uint64_t), "disk_reads_count"}, | |
184 | * {KCS_SUBTYPE_FLAGS_NONE, KC_ST_UINT64, 1 * sizeof(uint64_t), sizeof(uint64_t), "disk_reads_size"}, | |
185 | * {KCS_SUBTYPE_FLAGS_ARRAY, KC_ST_UINT64, 2 * sizeof(uint64_t), KCS_SUBTYPE_PACK_SIZE(4, sizeof(uint64_t)), "io_priority_count"}, | |
186 | * {KCS_SUBTYPE_FLAGS_ARRAY, KC_ST_UINT64, (2 + 4) * sizeof(uint64_t), sizeof(uint64_t), "io_priority_size"}, | |
187 | * }; | |
188 | * | |
189 | * Now you can add this custom type definition into the buffer as | |
190 | * kcdata_add_type_definition(kcdata_p, KCTYPE_SAMPLE_DISK_IO_STATS, "sample_disk_io_stats", | |
191 | * &disk_io_stats_def[0], sizeof(disk_io_stats_def)/sizeof(struct kcdata_subtype_descriptor)); | |
192 | * | |
193 | */ | |
194 | ||
195 | ||
196 | #ifndef _KCDATA_H_ | |
197 | #define _KCDATA_H_ | |
198 | ||
199 | #include <stdint.h> | |
200 | #include <string.h> | |
201 | #include <uuid/uuid.h> | |
202 | ||
203 | #define KCDATA_DESC_MAXLEN 32 /* including NULL byte at end */ | |
204 | ||
205 | #define KCDATA_FLAGS_STRUCT_PADDING_MASK 0xf | |
206 | #define KCDATA_FLAGS_STRUCT_HAS_PADDING 0x80 | |
207 | ||
208 | /* | |
209 | * kcdata aligns elements to 16 byte boundaries. | |
210 | */ | |
211 | #define KCDATA_ALIGNMENT_SIZE 0x10 | |
212 | ||
213 | struct kcdata_item { | |
214 | uint32_t type; | |
215 | uint32_t size; /* len(data) */ | |
216 | /* flags. | |
217 | * | |
218 | * For structures: | |
219 | * padding = flags & 0xf | |
220 | * has_padding = (flags & 0x80) >> 7 | |
221 | * | |
222 | * has_padding is needed to disambiguate cases such as | |
223 | * thread_snapshot_v2 and thread_snapshot_v3. Their | |
224 | * respective sizes are 0x68 and 0x70, and thread_snapshot_v2 | |
225 | * was emmitted by old kernels *before* we started recording | |
226 | * padding. Since legacy thread_snapsht_v2 and modern | |
227 | * thread_snapshot_v3 will both record 0 for the padding | |
228 | * flags, we need some other bit which will be nonzero in the | |
229 | * flags to disambiguate. | |
230 | * | |
231 | * This is why we hardcode a special case for | |
232 | * STACKSHOT_KCTYPE_THREAD_SNAPSHOT into the iterator | |
233 | * functions below. There is only a finite number of such | |
234 | * hardcodings which will ever be needed. They can occur | |
235 | * when: | |
236 | * | |
237 | * * We have a legacy structure that predates padding flags | |
238 | * | |
239 | * * which we want to extend without changing the kcdata type | |
240 | * | |
241 | * * by only so many bytes as would fit in the space that | |
242 | * was previously unused padding. | |
243 | * | |
244 | * For containers: | |
245 | * container_id = flags | |
246 | * | |
247 | * For arrays: | |
248 | * element_count = flags & UINT32_MAX | |
249 | * element_type = (flags >> 32) & UINT32_MAX | |
250 | */ | |
251 | uint64_t flags; | |
252 | char data[]; /* must be at the end */ | |
253 | }; | |
254 | ||
255 | typedef struct kcdata_item * kcdata_item_t; | |
256 | ||
257 | enum KCDATA_SUBTYPE_TYPES { KC_ST_CHAR = 1, KC_ST_INT8, KC_ST_UINT8, KC_ST_INT16, KC_ST_UINT16, KC_ST_INT32, KC_ST_UINT32, KC_ST_INT64, KC_ST_UINT64 }; | |
258 | typedef enum KCDATA_SUBTYPE_TYPES kctype_subtype_t; | |
259 | ||
260 | /* | |
261 | * A subtype description structure that defines | |
262 | * how a compound data is laid out in memory. This | |
263 | * provides on the fly definition of types and consumption | |
264 | * by the parser. | |
265 | */ | |
266 | struct kcdata_subtype_descriptor { | |
267 | uint8_t kcs_flags; | |
268 | #define KCS_SUBTYPE_FLAGS_NONE 0x0 | |
269 | #define KCS_SUBTYPE_FLAGS_ARRAY 0x1 | |
270 | /* Force struct type even if only one element. | |
271 | * | |
272 | * Normally a kcdata_type_definition is treated as a structure if it has | |
273 | * more than one subtype descriptor. Otherwise it is treated as a simple | |
274 | * type. For example libkdd will represent a simple integer 42 as simply | |
275 | * 42, but it will represent a structure containing an integer 42 as | |
276 | * {"field_name": 42}.. | |
277 | * | |
278 | * If a kcdata_type_definition has only single subtype, then it will be | |
279 | * treated as a structure iff KCS_SUBTYPE_FLAGS_STRUCT is set. If it has | |
280 | * multiple subtypes, it will always be treated as a structure. | |
281 | * | |
282 | * KCS_SUBTYPE_FLAGS_MERGE has the opposite effect. If this flag is used then | |
283 | * even if there are multiple elements, they will all be treated as individual | |
284 | * properties of the parent dictionary. | |
285 | */ | |
286 | #define KCS_SUBTYPE_FLAGS_STRUCT 0x2 /* force struct type even if only one element */ | |
287 | #define KCS_SUBTYPE_FLAGS_MERGE 0x4 /* treat as multiple elements of parents instead of struct */ | |
288 | uint8_t kcs_elem_type; /* restricted to kctype_subtype_t */ | |
289 | uint16_t kcs_elem_offset; /* offset in struct where data is found */ | |
290 | uint32_t kcs_elem_size; /* size of element (or) packed state for array type */ | |
291 | char kcs_name[KCDATA_DESC_MAXLEN]; /* max 31 bytes for name of field */ | |
292 | }; | |
293 | ||
294 | typedef struct kcdata_subtype_descriptor * kcdata_subtype_descriptor_t; | |
295 | ||
296 | /* | |
297 | * In case of array of basic c types in kctype_subtype_t, | |
298 | * size is packed in lower 16 bits and | |
299 | * count is packed in upper 16 bits of kcs_elem_size field. | |
300 | */ | |
301 | #define KCS_SUBTYPE_PACK_SIZE(e_count, e_size) (((e_count)&0xffffu) << 16 | ((e_size)&0xffffu)) | |
302 | ||
303 | static inline uint32_t | |
304 | kcs_get_elem_size(kcdata_subtype_descriptor_t d) | |
305 | { | |
306 | if (d->kcs_flags & KCS_SUBTYPE_FLAGS_ARRAY) { | |
307 | /* size is composed as ((count &0xffff)<<16 | (elem_size & 0xffff)) */ | |
308 | return (uint32_t)((d->kcs_elem_size & 0xffff) * ((d->kcs_elem_size & 0xffff0000)>>16)); | |
309 | } | |
310 | return d->kcs_elem_size; | |
311 | } | |
312 | ||
313 | static inline uint32_t | |
314 | kcs_get_elem_count(kcdata_subtype_descriptor_t d) | |
315 | { | |
316 | if (d->kcs_flags & KCS_SUBTYPE_FLAGS_ARRAY) | |
317 | return (d->kcs_elem_size >> 16) & 0xffff; | |
318 | return 1; | |
319 | } | |
320 | ||
321 | static inline int | |
322 | kcs_set_elem_size(kcdata_subtype_descriptor_t d, uint32_t size, uint32_t count) | |
323 | { | |
324 | if (count > 1) { | |
325 | /* means we are setting up an array */ | |
326 | if (size > 0xffff || count > 0xffff) | |
327 | return -1; //invalid argument | |
328 | d->kcs_elem_size = ((count & 0xffff) << 16 | (size & 0xffff)); | |
329 | } | |
330 | else | |
331 | { | |
332 | d->kcs_elem_size = size; | |
333 | } | |
334 | return 0; | |
335 | } | |
336 | ||
337 | struct kcdata_type_definition { | |
338 | uint32_t kct_type_identifier; | |
339 | uint32_t kct_num_elements; | |
340 | char kct_name[KCDATA_DESC_MAXLEN]; | |
341 | struct kcdata_subtype_descriptor kct_elements[]; | |
342 | }; | |
343 | ||
344 | ||
345 | /* chunk type definitions. 0 - 0x7ff are reserved and defined here | |
346 | * NOTE: Please update kcdata/libkdd/kcdtypes.c if you make any changes | |
347 | * in STACKSHOT_KCTYPE_* types. | |
348 | */ | |
349 | ||
350 | /* | |
351 | * Types with description value. | |
352 | * these will have KCDATA_DESC_MAXLEN-1 length string description | |
353 | * and rest of kcdata_iter_size() - KCDATA_DESC_MAXLEN bytes as data | |
354 | */ | |
355 | #define KCDATA_TYPE_INVALID 0x0u | |
356 | #define KCDATA_TYPE_STRING_DESC 0x1u | |
357 | #define KCDATA_TYPE_UINT32_DESC 0x2u | |
358 | #define KCDATA_TYPE_UINT64_DESC 0x3u | |
359 | #define KCDATA_TYPE_INT32_DESC 0x4u | |
360 | #define KCDATA_TYPE_INT64_DESC 0x5u | |
361 | #define KCDATA_TYPE_BINDATA_DESC 0x6u | |
362 | ||
363 | /* | |
364 | * Compound type definitions | |
365 | */ | |
366 | #define KCDATA_TYPE_ARRAY 0x11u /* Array of data OBSOLETE DONT USE THIS*/ | |
367 | #define KCDATA_TYPE_TYPEDEFINTION 0x12u /* Meta type that describes a type on the fly. */ | |
368 | #define KCDATA_TYPE_CONTAINER_BEGIN \ | |
369 | 0x13u /* Container type which has corresponding CONTAINER_END header. \ | |
370 | * KCDATA_TYPE_CONTAINER_BEGIN has type in the data segment. \ | |
371 | * Both headers have (uint64_t) ID for matching up nested data. \ | |
372 | */ | |
373 | #define KCDATA_TYPE_CONTAINER_END 0x14u | |
374 | ||
375 | #define KCDATA_TYPE_ARRAY_PAD0 0x20u /* Array of data with 0 byte of padding*/ | |
376 | #define KCDATA_TYPE_ARRAY_PAD1 0x21u /* Array of data with 1 byte of padding*/ | |
377 | #define KCDATA_TYPE_ARRAY_PAD2 0x22u /* Array of data with 2 byte of padding*/ | |
378 | #define KCDATA_TYPE_ARRAY_PAD3 0x23u /* Array of data with 3 byte of padding*/ | |
379 | #define KCDATA_TYPE_ARRAY_PAD4 0x24u /* Array of data with 4 byte of padding*/ | |
380 | #define KCDATA_TYPE_ARRAY_PAD5 0x25u /* Array of data with 5 byte of padding*/ | |
381 | #define KCDATA_TYPE_ARRAY_PAD6 0x26u /* Array of data with 6 byte of padding*/ | |
382 | #define KCDATA_TYPE_ARRAY_PAD7 0x27u /* Array of data with 7 byte of padding*/ | |
383 | #define KCDATA_TYPE_ARRAY_PAD8 0x28u /* Array of data with 8 byte of padding*/ | |
384 | #define KCDATA_TYPE_ARRAY_PAD9 0x29u /* Array of data with 9 byte of padding*/ | |
385 | #define KCDATA_TYPE_ARRAY_PADa 0x2au /* Array of data with a byte of padding*/ | |
386 | #define KCDATA_TYPE_ARRAY_PADb 0x2bu /* Array of data with b byte of padding*/ | |
387 | #define KCDATA_TYPE_ARRAY_PADc 0x2cu /* Array of data with c byte of padding*/ | |
388 | #define KCDATA_TYPE_ARRAY_PADd 0x2du /* Array of data with d byte of padding*/ | |
389 | #define KCDATA_TYPE_ARRAY_PADe 0x2eu /* Array of data with e byte of padding*/ | |
390 | #define KCDATA_TYPE_ARRAY_PADf 0x2fu /* Array of data with f byte of padding*/ | |
391 | ||
392 | /* | |
393 | * Generic data types that are most commonly used | |
394 | */ | |
395 | #define KCDATA_TYPE_LIBRARY_LOADINFO 0x30u /* struct dyld_uuid_info_32 */ | |
396 | #define KCDATA_TYPE_LIBRARY_LOADINFO64 0x31u /* struct dyld_uuid_info_64 */ | |
397 | #define KCDATA_TYPE_TIMEBASE 0x32u /* struct mach_timebase_info */ | |
398 | #define KCDATA_TYPE_MACH_ABSOLUTE_TIME 0x33u /* uint64_t */ | |
399 | #define KCDATA_TYPE_TIMEVAL 0x34u /* struct timeval64 */ | |
400 | #define KCDATA_TYPE_USECS_SINCE_EPOCH 0x35u /* time in usecs uint64_t */ | |
401 | #define KCDATA_TYPE_PID 0x36u /* int32_t */ | |
402 | #define KCDATA_TYPE_PROCNAME 0x37u /* char * */ | |
403 | #define KCDATA_TYPE_NESTED_KCDATA 0x38u /* nested kcdata buffer */ | |
404 | ||
405 | #define KCDATA_TYPE_BUFFER_END 0xF19158EDu | |
406 | ||
407 | /* MAGIC numbers defined for each class of chunked data | |
408 | * | |
409 | * To future-proof against big-endian arches, make sure none of these magic | |
410 | * numbers are byteswaps of each other | |
411 | */ | |
412 | ||
413 | #define KCDATA_BUFFER_BEGIN_CRASHINFO 0xDEADF157u /* owner: corpses/task_corpse.h */ | |
414 | /* type-range: 0x800 - 0x8ff */ | |
415 | #define KCDATA_BUFFER_BEGIN_STACKSHOT 0x59a25807u /* owner: sys/stackshot.h */ | |
416 | /* type-range: 0x900 - 0x93f */ | |
417 | #define KCDATA_BUFFER_BEGIN_DELTA_STACKSHOT 0xDE17A59Au /* owner: sys/stackshot.h */ | |
418 | /* type-range: 0x940 - 0x9ff */ | |
419 | #define KCDATA_BUFFER_BEGIN_OS_REASON 0x53A20900u /* owner: sys/reason.h */ | |
420 | /* type-range: 0x1000-0x103f */ | |
421 | #define KCDATA_BUFFER_BEGIN_XNUPOST_CONFIG 0x1e21c09fu /* owner: osfmk/tests/kernel_tests.c */ | |
422 | /* type-range: 0x1040-0x105f */ | |
423 | ||
424 | /* next type range number available 0x1060 */ | |
425 | /**************** definitions for XNUPOST *********************/ | |
426 | #define XNUPOST_KCTYPE_TESTCONFIG 0x1040 | |
427 | ||
428 | /**************** definitions for stackshot *********************/ | |
429 | ||
430 | /* This value must always match IO_NUM_PRIORITIES defined in thread_info.h */ | |
431 | #define STACKSHOT_IO_NUM_PRIORITIES 4 | |
432 | /* This value must always match MAXTHREADNAMESIZE used in bsd */ | |
433 | #define STACKSHOT_MAX_THREAD_NAME_SIZE 64 | |
434 | ||
435 | /* | |
436 | * NOTE: Please update kcdata/libkdd/kcdtypes.c if you make any changes | |
437 | * in STACKSHOT_KCTYPE_* types. | |
438 | */ | |
439 | #define STACKSHOT_KCTYPE_IOSTATS 0x901u /* io_stats_snapshot */ | |
440 | #define STACKSHOT_KCTYPE_GLOBAL_MEM_STATS 0x902u /* struct mem_and_io_snapshot */ | |
441 | #define STACKSHOT_KCCONTAINER_TASK 0x903u | |
442 | #define STACKSHOT_KCCONTAINER_THREAD 0x904u | |
443 | #define STACKSHOT_KCTYPE_TASK_SNAPSHOT 0x905u /* task_snapshot_v2 */ | |
444 | #define STACKSHOT_KCTYPE_THREAD_SNAPSHOT 0x906u /* thread_snapshot_v2, thread_snapshot_v3 */ | |
445 | #define STACKSHOT_KCTYPE_DONATING_PIDS 0x907u /* int[] */ | |
446 | #define STACKSHOT_KCTYPE_SHAREDCACHE_LOADINFO 0x908u /* same as KCDATA_TYPE_LIBRARY_LOADINFO64 */ | |
447 | #define STACKSHOT_KCTYPE_THREAD_NAME 0x909u /* char[] */ | |
448 | #define STACKSHOT_KCTYPE_KERN_STACKFRAME 0x90Au /* struct stack_snapshot_frame32 */ | |
449 | #define STACKSHOT_KCTYPE_KERN_STACKFRAME64 0x90Bu /* struct stack_snapshot_frame64 */ | |
450 | #define STACKSHOT_KCTYPE_USER_STACKFRAME 0x90Cu /* struct stack_snapshot_frame32 */ | |
451 | #define STACKSHOT_KCTYPE_USER_STACKFRAME64 0x90Du /* struct stack_snapshot_frame64 */ | |
452 | #define STACKSHOT_KCTYPE_BOOTARGS 0x90Eu /* boot args string */ | |
453 | #define STACKSHOT_KCTYPE_OSVERSION 0x90Fu /* os version string */ | |
454 | #define STACKSHOT_KCTYPE_KERN_PAGE_SIZE 0x910u /* kernel page size in uint32_t */ | |
455 | #define STACKSHOT_KCTYPE_JETSAM_LEVEL 0x911u /* jetsam level in uint32_t */ | |
456 | #define STACKSHOT_KCTYPE_DELTA_SINCE_TIMESTAMP 0x912u /* timestamp used for the delta stackshot */ | |
457 | ||
458 | #define STACKSHOT_KCTYPE_TASK_DELTA_SNAPSHOT 0x940u /* task_delta_snapshot_v2 */ | |
459 | #define STACKSHOT_KCTYPE_THREAD_DELTA_SNAPSHOT 0x941u /* thread_delta_snapshot_v2 */ | |
460 | ||
461 | #define STACKSHOT_KCTYPE_KERN_STACKLR 0x913u /* uint32_t */ | |
462 | #define STACKSHOT_KCTYPE_KERN_STACKLR64 0x914u /* uint64_t */ | |
463 | #define STACKSHOT_KCTYPE_USER_STACKLR 0x915u /* uint32_t */ | |
464 | #define STACKSHOT_KCTYPE_USER_STACKLR64 0x916u /* uint64_t */ | |
465 | #define STACKSHOT_KCTYPE_NONRUNNABLE_TIDS 0x917u /* uint64_t */ | |
466 | #define STACKSHOT_KCTYPE_NONRUNNABLE_TASKS 0x918u /* uint64_t */ | |
467 | #define STACKSHOT_KCTYPE_CPU_TIMES 0x919u /* struct stackshot_cpu_times */ | |
468 | #define STACKSHOT_KCTYPE_STACKSHOT_DURATION 0x91au /* struct stackshot_duration */ | |
469 | #define STACKSHOT_KCTYPE_STACKSHOT_FAULT_STATS 0x91bu /* struct stackshot_fault_stats */ | |
470 | #define STACKSHOT_KCTYPE_KERNELCACHE_LOADINFO 0x91cu /* kernelcache UUID -- same as KCDATA_TYPE_LIBRARY_LOADINFO64 */ | |
471 | #define STACKSHOT_KCTYPE_THREAD_WAITINFO 0x91du /* struct stackshot_thread_waitinfo */ | |
472 | #define STACKSHOT_KCTYPE_THREAD_GROUP_SNAPSHOT 0x91eu /* struct thread_group_snapshot */ | |
473 | #define STACKSHOT_KCTYPE_THREAD_GROUP 0x91fu /* uint64_t */ | |
474 | #define STACKSHOT_KCTYPE_JETSAM_COALITION_SNAPSHOT 0x920u /* struct jetsam_coalition_snapshot */ | |
475 | #define STACKSHOT_KCTYPE_JETSAM_COALITION 0x921u /* uint64_t */ | |
476 | #define STACKSHOT_KCTYPE_INSTRS_CYCLES 0x923u /* struct instrs_cycles_snapshot */ | |
477 | ||
478 | #define STACKSHOT_KCTYPE_THREAD_POLICY_VERSION 0x922u /* THREAD_POLICY_INTERNAL_STRUCT_VERSION in uint32 */ | |
479 | ||
480 | struct stack_snapshot_frame32 { | |
481 | uint32_t lr; | |
482 | uint32_t sp; | |
483 | }; | |
484 | ||
485 | struct stack_snapshot_frame64 { | |
486 | uint64_t lr; | |
487 | uint64_t sp; | |
488 | }; | |
489 | ||
490 | struct dyld_uuid_info_32 { | |
491 | uint32_t imageLoadAddress; /* base address image is mapped at */ | |
492 | uuid_t imageUUID; | |
493 | }; | |
494 | ||
495 | struct dyld_uuid_info_64 { | |
496 | uint64_t imageLoadAddress; /* XXX image slide */ | |
497 | uuid_t imageUUID; | |
498 | }; | |
499 | ||
500 | struct dyld_uuid_info_64_v2 { | |
501 | uint64_t imageLoadAddress; /* XXX image slide */ | |
502 | uuid_t imageUUID; | |
503 | /* end of version 1 of dyld_uuid_info_64. sizeof v1 was 24 */ | |
504 | uint64_t imageSlidBaseAddress; /* slid base address of image */ | |
505 | }; | |
506 | ||
507 | struct user32_dyld_uuid_info { | |
508 | uint32_t imageLoadAddress; /* base address image is mapped into */ | |
509 | uuid_t imageUUID; /* UUID of image */ | |
510 | }; | |
511 | ||
512 | struct user64_dyld_uuid_info { | |
513 | uint64_t imageLoadAddress; /* base address image is mapped into */ | |
514 | uuid_t imageUUID; /* UUID of image */ | |
515 | }; | |
516 | ||
517 | enum task_snapshot_flags { | |
518 | kTaskRsrcFlagged = 0x4, // In the EXC_RESOURCE danger zone? | |
519 | kTerminatedSnapshot = 0x8, | |
520 | kPidSuspended = 0x10, // true for suspended task | |
521 | kFrozen = 0x20, // true for hibernated task (along with pidsuspended) | |
522 | kTaskDarwinBG = 0x40, | |
523 | kTaskExtDarwinBG = 0x80, | |
524 | kTaskVisVisible = 0x100, | |
525 | kTaskVisNonvisible = 0x200, | |
526 | kTaskIsForeground = 0x400, | |
527 | kTaskIsBoosted = 0x800, | |
528 | kTaskIsSuppressed = 0x1000, | |
529 | kTaskIsTimerThrottled = 0x2000, /* deprecated */ | |
530 | kTaskIsImpDonor = 0x4000, | |
531 | kTaskIsLiveImpDonor = 0x8000, | |
532 | kTaskIsDirty = 0x10000, | |
533 | kTaskWqExceededConstrainedThreadLimit = 0x20000, | |
534 | kTaskWqExceededTotalThreadLimit = 0x40000, | |
535 | kTaskWqFlagsAvailable = 0x80000, | |
536 | kTaskUUIDInfoFaultedIn = 0x100000, /* successfully faulted in some UUID info */ | |
537 | kTaskUUIDInfoMissing = 0x200000, /* some UUID info was paged out */ | |
538 | kTaskUUIDInfoTriedFault = 0x400000, /* tried to fault in UUID info */ | |
539 | kTaskSharedRegionInfoUnavailable = 0x800000, /* shared region info unavailable */ | |
540 | }; | |
541 | ||
542 | enum thread_snapshot_flags { | |
543 | kHasDispatchSerial = 0x4, | |
544 | kStacksPCOnly = 0x8, /* Stack traces have no frame pointers. */ | |
545 | kThreadDarwinBG = 0x10, /* Thread is darwinbg */ | |
546 | kThreadIOPassive = 0x20, /* Thread uses passive IO */ | |
547 | kThreadSuspended = 0x40, /* Thread is suspended */ | |
548 | kThreadTruncatedBT = 0x80, /* Unmapped pages caused truncated backtrace */ | |
549 | kGlobalForcedIdle = 0x100, /* Thread performs global forced idle */ | |
550 | kThreadFaultedBT = 0x200, /* Some thread stack pages were faulted in as part of BT */ | |
551 | kThreadTriedFaultBT = 0x400, /* We tried to fault in thread stack pages as part of BT */ | |
552 | kThreadOnCore = 0x800, /* Thread was on-core when we entered debugger context */ | |
553 | kThreadIdleWorker = 0x1000, /* Thread is an idle libpthread worker thread */ | |
554 | kThreadMain = 0x2000, /* Thread is the main thread */ | |
555 | }; | |
556 | ||
557 | struct mem_and_io_snapshot { | |
558 | uint32_t snapshot_magic; | |
559 | uint32_t free_pages; | |
560 | uint32_t active_pages; | |
561 | uint32_t inactive_pages; | |
562 | uint32_t purgeable_pages; | |
563 | uint32_t wired_pages; | |
564 | uint32_t speculative_pages; | |
565 | uint32_t throttled_pages; | |
566 | uint32_t filebacked_pages; | |
567 | uint32_t compressions; | |
568 | uint32_t decompressions; | |
569 | uint32_t compressor_size; | |
570 | int32_t busy_buffer_count; | |
571 | uint32_t pages_wanted; | |
572 | uint32_t pages_reclaimed; | |
573 | uint8_t pages_wanted_reclaimed_valid; // did mach_vm_pressure_monitor succeed? | |
574 | } __attribute__((packed)); | |
575 | ||
576 | /* SS_TH_* macros are for ths_state */ | |
577 | #define SS_TH_WAIT 0x01 /* queued for waiting */ | |
578 | #define SS_TH_SUSP 0x02 /* stopped or requested to stop */ | |
579 | #define SS_TH_RUN 0x04 /* running or on runq */ | |
580 | #define SS_TH_UNINT 0x08 /* waiting uninteruptibly */ | |
581 | #define SS_TH_TERMINATE 0x10 /* halted at termination */ | |
582 | #define SS_TH_TERMINATE2 0x20 /* added to termination queue */ | |
583 | #define SS_TH_IDLE 0x80 /* idling processor */ | |
584 | ||
585 | struct thread_snapshot_v2 { | |
586 | uint64_t ths_thread_id; | |
587 | uint64_t ths_wait_event; | |
588 | uint64_t ths_continuation; | |
589 | uint64_t ths_total_syscalls; | |
590 | uint64_t ths_voucher_identifier; | |
591 | uint64_t ths_dqserialnum; | |
592 | uint64_t ths_user_time; | |
593 | uint64_t ths_sys_time; | |
594 | uint64_t ths_ss_flags; | |
595 | uint64_t ths_last_run_time; | |
596 | uint64_t ths_last_made_runnable_time; | |
597 | uint32_t ths_state; | |
598 | uint32_t ths_sched_flags; | |
599 | int16_t ths_base_priority; | |
600 | int16_t ths_sched_priority; | |
601 | uint8_t ths_eqos; | |
602 | uint8_t ths_rqos; | |
603 | uint8_t ths_rqos_override; | |
604 | uint8_t ths_io_tier; | |
605 | } __attribute__((packed)); | |
606 | ||
607 | struct thread_snapshot_v3 { | |
608 | uint64_t ths_thread_id; | |
609 | uint64_t ths_wait_event; | |
610 | uint64_t ths_continuation; | |
611 | uint64_t ths_total_syscalls; | |
612 | uint64_t ths_voucher_identifier; | |
613 | uint64_t ths_dqserialnum; | |
614 | uint64_t ths_user_time; | |
615 | uint64_t ths_sys_time; | |
616 | uint64_t ths_ss_flags; | |
617 | uint64_t ths_last_run_time; | |
618 | uint64_t ths_last_made_runnable_time; | |
619 | uint32_t ths_state; | |
620 | uint32_t ths_sched_flags; | |
621 | int16_t ths_base_priority; | |
622 | int16_t ths_sched_priority; | |
623 | uint8_t ths_eqos; | |
624 | uint8_t ths_rqos; | |
625 | uint8_t ths_rqos_override; | |
626 | uint8_t ths_io_tier; | |
627 | uint64_t ths_thread_t; | |
628 | } __attribute__((packed)); | |
629 | ||
630 | ||
631 | struct thread_snapshot_v4 { | |
632 | uint64_t ths_thread_id; | |
633 | uint64_t ths_wait_event; | |
634 | uint64_t ths_continuation; | |
635 | uint64_t ths_total_syscalls; | |
636 | uint64_t ths_voucher_identifier; | |
637 | uint64_t ths_dqserialnum; | |
638 | uint64_t ths_user_time; | |
639 | uint64_t ths_sys_time; | |
640 | uint64_t ths_ss_flags; | |
641 | uint64_t ths_last_run_time; | |
642 | uint64_t ths_last_made_runnable_time; | |
643 | uint32_t ths_state; | |
644 | uint32_t ths_sched_flags; | |
645 | int16_t ths_base_priority; | |
646 | int16_t ths_sched_priority; | |
647 | uint8_t ths_eqos; | |
648 | uint8_t ths_rqos; | |
649 | uint8_t ths_rqos_override; | |
650 | uint8_t ths_io_tier; | |
651 | uint64_t ths_thread_t; | |
652 | uint64_t ths_requested_policy; | |
653 | uint64_t ths_effective_policy; | |
654 | } __attribute__((packed)); | |
655 | ||
656 | ||
657 | struct thread_group_snapshot { | |
658 | uint64_t tgs_id; | |
659 | char tgs_name[16]; | |
660 | } __attribute__((packed)); | |
661 | ||
662 | enum coalition_flags { | |
663 | kCoalitionTermRequested = 0x1, | |
664 | kCoalitionTerminated = 0x2, | |
665 | kCoalitionReaped = 0x4, | |
666 | kCoalitionPrivileged = 0x8, | |
667 | }; | |
668 | ||
669 | struct jetsam_coalition_snapshot { | |
670 | uint64_t jcs_id; | |
671 | uint64_t jcs_flags; | |
672 | uint64_t jcs_thread_group; | |
673 | uint64_t jcs_leader_task_uniqueid; | |
674 | } __attribute__((packed)); | |
675 | ||
676 | struct instrs_cycles_snapshot { | |
677 | uint64_t ics_instructions; | |
678 | uint64_t ics_cycles; | |
679 | } __attribute__((packed)); | |
680 | ||
681 | struct thread_delta_snapshot_v2 { | |
682 | uint64_t tds_thread_id; | |
683 | uint64_t tds_voucher_identifier; | |
684 | uint64_t tds_ss_flags; | |
685 | uint64_t tds_last_made_runnable_time; | |
686 | uint32_t tds_state; | |
687 | uint32_t tds_sched_flags; | |
688 | int16_t tds_base_priority; | |
689 | int16_t tds_sched_priority; | |
690 | uint8_t tds_eqos; | |
691 | uint8_t tds_rqos; | |
692 | uint8_t tds_rqos_override; | |
693 | uint8_t tds_io_tier; | |
694 | } __attribute__ ((packed)); | |
695 | ||
696 | struct io_stats_snapshot | |
697 | { | |
698 | /* | |
699 | * I/O Statistics | |
700 | * XXX: These fields must be together. | |
701 | */ | |
702 | uint64_t ss_disk_reads_count; | |
703 | uint64_t ss_disk_reads_size; | |
704 | uint64_t ss_disk_writes_count; | |
705 | uint64_t ss_disk_writes_size; | |
706 | uint64_t ss_io_priority_count[STACKSHOT_IO_NUM_PRIORITIES]; | |
707 | uint64_t ss_io_priority_size[STACKSHOT_IO_NUM_PRIORITIES]; | |
708 | uint64_t ss_paging_count; | |
709 | uint64_t ss_paging_size; | |
710 | uint64_t ss_non_paging_count; | |
711 | uint64_t ss_non_paging_size; | |
712 | uint64_t ss_data_count; | |
713 | uint64_t ss_data_size; | |
714 | uint64_t ss_metadata_count; | |
715 | uint64_t ss_metadata_size; | |
716 | /* XXX: I/O Statistics end */ | |
717 | ||
718 | } __attribute__ ((packed)); | |
719 | ||
720 | struct task_snapshot_v2 { | |
721 | uint64_t ts_unique_pid; | |
722 | uint64_t ts_ss_flags; | |
723 | uint64_t ts_user_time_in_terminated_threads; | |
724 | uint64_t ts_system_time_in_terminated_threads; | |
725 | uint64_t ts_p_start_sec; | |
726 | uint64_t ts_task_size; | |
727 | uint64_t ts_max_resident_size; | |
728 | uint32_t ts_suspend_count; | |
729 | uint32_t ts_faults; | |
730 | uint32_t ts_pageins; | |
731 | uint32_t ts_cow_faults; | |
732 | uint32_t ts_was_throttled; | |
733 | uint32_t ts_did_throttle; | |
734 | uint32_t ts_latency_qos; | |
735 | int32_t ts_pid; | |
736 | char ts_p_comm[32]; | |
737 | } __attribute__ ((packed)); | |
738 | ||
739 | struct task_delta_snapshot_v2 { | |
740 | uint64_t tds_unique_pid; | |
741 | uint64_t tds_ss_flags; | |
742 | uint64_t tds_user_time_in_terminated_threads; | |
743 | uint64_t tds_system_time_in_terminated_threads; | |
744 | uint64_t tds_task_size; | |
745 | uint64_t tds_max_resident_size; | |
746 | uint32_t tds_suspend_count; | |
747 | uint32_t tds_faults; | |
748 | uint32_t tds_pageins; | |
749 | uint32_t tds_cow_faults; | |
750 | uint32_t tds_was_throttled; | |
751 | uint32_t tds_did_throttle; | |
752 | uint32_t tds_latency_qos; | |
753 | } __attribute__ ((packed)); | |
754 | ||
755 | struct stackshot_cpu_times { | |
756 | uint64_t user_usec; | |
757 | uint64_t system_usec; | |
758 | } __attribute__((packed)); | |
759 | ||
760 | struct stackshot_duration { | |
761 | uint64_t stackshot_duration; | |
762 | uint64_t stackshot_duration_outer; | |
763 | } __attribute__((packed)); | |
764 | ||
765 | struct stackshot_fault_stats { | |
766 | uint32_t sfs_pages_faulted_in; /* number of pages faulted in using KDP fault path */ | |
767 | uint64_t sfs_time_spent_faulting; /* MATUs spent faulting */ | |
768 | uint64_t sfs_system_max_fault_time; /* MATUs fault time limit per stackshot */ | |
769 | uint8_t sfs_stopped_faulting; /* we stopped decompressing because we hit the limit */ | |
770 | } __attribute__((packed)); | |
771 | ||
772 | typedef struct stackshot_thread_waitinfo { | |
773 | uint64_t owner; /* The thread that owns the object */ | |
774 | uint64_t waiter; /* The thread that's waiting on the object */ | |
775 | uint64_t context; /* A context uniquely identifying the object */ | |
776 | uint8_t wait_type; /* The type of object that the thread is waiting on */ | |
777 | } __attribute__((packed)) thread_waitinfo_t; | |
778 | ||
779 | #define STACKSHOT_WAITOWNER_KERNEL (UINT64_MAX - 1) | |
780 | #define STACKSHOT_WAITOWNER_PORT_LOCKED (UINT64_MAX - 2) | |
781 | #define STACKSHOT_WAITOWNER_PSET_LOCKED (UINT64_MAX - 3) | |
782 | #define STACKSHOT_WAITOWNER_INTRANSIT (UINT64_MAX - 4) | |
783 | #define STACKSHOT_WAITOWNER_MTXSPIN (UINT64_MAX - 5) | |
784 | #define STACKSHOT_WAITOWNER_THREQUESTED (UINT64_MAX - 6) /* workloop waiting for a new worker thread */ | |
785 | #define STACKSHOT_WAITOWNER_SUSPENDED (UINT64_MAX - 7) /* workloop is suspended */ | |
786 | ||
787 | ||
788 | /**************** definitions for crashinfo *********************/ | |
789 | ||
790 | /* | |
791 | * NOTE: Please update kcdata/libkdd/kcdtypes.c if you make any changes | |
792 | * in TASK_CRASHINFO_* types. | |
793 | */ | |
794 | ||
795 | /* FIXME some of these types aren't clean (fixed width, packed, and defined *here*) */ | |
796 | ||
797 | #define TASK_CRASHINFO_BEGIN KCDATA_BUFFER_BEGIN_CRASHINFO | |
798 | #define TASK_CRASHINFO_STRING_DESC KCDATA_TYPE_STRING_DESC | |
799 | #define TASK_CRASHINFO_UINT32_DESC KCDATA_TYPE_UINT32_DESC | |
800 | #define TASK_CRASHINFO_UINT64_DESC KCDATA_TYPE_UINT64_DESC | |
801 | ||
802 | #define TASK_CRASHINFO_EXTMODINFO 0x801 | |
803 | #define TASK_CRASHINFO_BSDINFOWITHUNIQID 0x802 /* struct proc_uniqidentifierinfo */ | |
804 | #define TASK_CRASHINFO_TASKDYLD_INFO 0x803 | |
805 | #define TASK_CRASHINFO_UUID 0x804 | |
806 | #define TASK_CRASHINFO_PID 0x805 | |
807 | #define TASK_CRASHINFO_PPID 0x806 | |
808 | #define TASK_CRASHINFO_RUSAGE 0x807 /* struct rusage DEPRECATED do not use. | |
809 | This struct has longs in it */ | |
810 | #define TASK_CRASHINFO_RUSAGE_INFO 0x808 /* struct rusage_info_v3 from resource.h */ | |
811 | #define TASK_CRASHINFO_PROC_NAME 0x809 /* char * */ | |
812 | #define TASK_CRASHINFO_PROC_STARTTIME 0x80B /* struct timeval64 */ | |
813 | #define TASK_CRASHINFO_USERSTACK 0x80C /* uint64_t */ | |
814 | #define TASK_CRASHINFO_ARGSLEN 0x80D | |
815 | #define TASK_CRASHINFO_EXCEPTION_CODES 0x80E /* mach_exception_data_t */ | |
816 | #define TASK_CRASHINFO_PROC_PATH 0x80F /* string of len MAXPATHLEN */ | |
817 | #define TASK_CRASHINFO_PROC_CSFLAGS 0x810 /* uint32_t */ | |
818 | #define TASK_CRASHINFO_PROC_STATUS 0x811 /* char */ | |
819 | #define TASK_CRASHINFO_UID 0x812 /* uid_t */ | |
820 | #define TASK_CRASHINFO_GID 0x813 /* gid_t */ | |
821 | #define TASK_CRASHINFO_PROC_ARGC 0x814 /* int */ | |
822 | #define TASK_CRASHINFO_PROC_FLAGS 0x815 /* unsigned int */ | |
823 | #define TASK_CRASHINFO_CPUTYPE 0x816 /* cpu_type_t */ | |
824 | #define TASK_CRASHINFO_WORKQUEUEINFO 0x817 /* struct proc_workqueueinfo */ | |
825 | #define TASK_CRASHINFO_RESPONSIBLE_PID 0x818 /* pid_t */ | |
826 | #define TASK_CRASHINFO_DIRTY_FLAGS 0x819 /* int */ | |
827 | #define TASK_CRASHINFO_CRASHED_THREADID 0x81A /* uint64_t */ | |
828 | #define TASK_CRASHINFO_COALITION_ID 0x81B /* uint64_t */ | |
829 | #define TASK_CRASHINFO_UDATA_PTRS 0x81C /* uint64_t */ | |
830 | #define TASK_CRASHINFO_MEMORY_LIMIT 0x81D /* uint64_t */ | |
831 | ||
832 | #define TASK_CRASHINFO_END KCDATA_TYPE_BUFFER_END | |
833 | ||
834 | /**************** definitions for os reasons *********************/ | |
835 | ||
836 | #define EXIT_REASON_SNAPSHOT 0x1001 | |
837 | #define EXIT_REASON_USER_DESC 0x1002 /* string description of reason */ | |
838 | #define EXIT_REASON_USER_PAYLOAD 0x1003 /* user payload data */ | |
839 | #define EXIT_REASON_CODESIGNING_INFO 0x1004 | |
840 | #define EXIT_REASON_WORKLOOP_ID 0x1005 | |
841 | #define EXIT_REASON_DISPATCH_QUEUE_NO 0x1006 | |
842 | ||
843 | struct exit_reason_snapshot { | |
844 | uint32_t ers_namespace; | |
845 | uint64_t ers_code; | |
846 | /* end of version 1 of exit_reason_snapshot. sizeof v1 was 12 */ | |
847 | uint64_t ers_flags; | |
848 | } __attribute__((packed)); | |
849 | ||
850 | #define EXIT_REASON_CODESIG_PATH_MAX 1024 | |
851 | ||
852 | struct codesigning_exit_reason_info { | |
853 | uint64_t ceri_virt_addr; | |
854 | uint64_t ceri_file_offset; | |
855 | char ceri_pathname[EXIT_REASON_CODESIG_PATH_MAX]; | |
856 | char ceri_filename[EXIT_REASON_CODESIG_PATH_MAX]; | |
857 | uint64_t ceri_codesig_modtime_secs; | |
858 | uint64_t ceri_codesig_modtime_nsecs; | |
859 | uint64_t ceri_page_modtime_secs; | |
860 | uint64_t ceri_page_modtime_nsecs; | |
861 | uint8_t ceri_path_truncated; | |
862 | uint8_t ceri_object_codesigned; | |
863 | uint8_t ceri_page_codesig_validated; | |
864 | uint8_t ceri_page_codesig_tainted; | |
865 | uint8_t ceri_page_codesig_nx; | |
866 | uint8_t ceri_page_wpmapped; | |
867 | uint8_t ceri_page_slid; | |
868 | uint8_t ceri_page_dirty; | |
869 | uint32_t ceri_page_shadow_depth; | |
870 | } __attribute__((packed)); | |
871 | ||
872 | #define EXIT_REASON_USER_DESC_MAX_LEN 1024 | |
873 | #define EXIT_REASON_PAYLOAD_MAX_LEN 2048 | |
874 | /**************** safe iterators *********************/ | |
875 | ||
876 | typedef struct kcdata_iter { | |
877 | kcdata_item_t item; | |
878 | void *end; | |
879 | } kcdata_iter_t; | |
880 | ||
881 | ||
882 | static inline | |
883 | kcdata_iter_t kcdata_iter(void *buffer, unsigned long size) { | |
884 | kcdata_iter_t iter; | |
885 | iter.item = (kcdata_item_t) buffer; | |
886 | iter.end = (void*) (((uintptr_t)buffer) + size); | |
887 | return iter; | |
888 | } | |
889 | ||
890 | static inline | |
891 | kcdata_iter_t kcdata_iter_unsafe(void *buffer) __attribute__((deprecated)); | |
892 | ||
893 | static inline | |
894 | kcdata_iter_t kcdata_iter_unsafe(void *buffer) { | |
895 | kcdata_iter_t iter; | |
896 | iter.item = (kcdata_item_t) buffer; | |
897 | iter.end = (void*) (uintptr_t) ~0; | |
898 | return iter; | |
899 | } | |
900 | ||
901 | static const kcdata_iter_t kcdata_invalid_iter = { .item = 0, .end = 0 }; | |
902 | ||
903 | static inline | |
904 | int kcdata_iter_valid(kcdata_iter_t iter) { | |
905 | return | |
906 | ( (uintptr_t)iter.item + sizeof(struct kcdata_item) <= (uintptr_t)iter.end ) && | |
907 | ( (uintptr_t)iter.item + sizeof(struct kcdata_item) + iter.item->size <= (uintptr_t)iter.end); | |
908 | } | |
909 | ||
910 | ||
911 | static inline | |
912 | kcdata_iter_t kcdata_iter_next(kcdata_iter_t iter) { | |
913 | iter.item = (kcdata_item_t) (((uintptr_t)iter.item) + sizeof(struct kcdata_item) + (iter.item->size)); | |
914 | return iter; | |
915 | } | |
916 | ||
917 | static inline uint32_t | |
918 | kcdata_iter_type(kcdata_iter_t iter) | |
919 | { | |
920 | if ((iter.item->type & ~0xfu) == KCDATA_TYPE_ARRAY_PAD0) | |
921 | return KCDATA_TYPE_ARRAY; | |
922 | else | |
923 | return iter.item->type; | |
924 | } | |
925 | ||
926 | static inline uint32_t | |
927 | kcdata_calc_padding(uint32_t size) | |
928 | { | |
929 | /* calculate number of bits to add to size to get something divisible by 16 */ | |
930 | return (-size) & 0xf; | |
931 | } | |
932 | ||
933 | static inline uint32_t | |
934 | kcdata_flags_get_padding(uint64_t flags) | |
935 | { | |
936 | return flags & KCDATA_FLAGS_STRUCT_PADDING_MASK; | |
937 | } | |
938 | ||
939 | /* see comment above about has_padding */ | |
940 | static inline int | |
941 | kcdata_iter_is_legacy_item(kcdata_iter_t iter, uint32_t legacy_size) | |
942 | { | |
943 | uint32_t legacy_size_padded = legacy_size + kcdata_calc_padding(legacy_size); | |
944 | return (iter.item->size == legacy_size_padded && | |
945 | (iter.item->flags & (KCDATA_FLAGS_STRUCT_PADDING_MASK | KCDATA_FLAGS_STRUCT_HAS_PADDING)) == 0); | |
946 | ||
947 | } | |
948 | ||
949 | static inline uint32_t | |
950 | kcdata_iter_size(kcdata_iter_t iter) | |
951 | { | |
952 | uint32_t legacy_size = 0; | |
953 | ||
954 | switch (kcdata_iter_type(iter)) { | |
955 | case KCDATA_TYPE_ARRAY: | |
956 | case KCDATA_TYPE_CONTAINER_BEGIN: | |
957 | return iter.item->size; | |
958 | case STACKSHOT_KCTYPE_THREAD_SNAPSHOT: { | |
959 | legacy_size = sizeof(struct thread_snapshot_v2); | |
960 | if (kcdata_iter_is_legacy_item(iter, legacy_size)) { | |
961 | return legacy_size; | |
962 | } | |
963 | ||
964 | goto not_legacy; | |
965 | } | |
966 | case STACKSHOT_KCTYPE_SHAREDCACHE_LOADINFO: { | |
967 | legacy_size = sizeof(struct dyld_uuid_info_64); | |
968 | if (kcdata_iter_is_legacy_item(iter, legacy_size)) { | |
969 | return legacy_size; | |
970 | } | |
971 | ||
972 | goto not_legacy; | |
973 | } | |
974 | not_legacy: | |
975 | default: | |
976 | if (iter.item->size < kcdata_flags_get_padding(iter.item->flags)) | |
977 | return 0; | |
978 | else | |
979 | return iter.item->size - kcdata_flags_get_padding(iter.item->flags); | |
980 | } | |
981 | } | |
982 | ||
983 | static inline uint64_t | |
984 | kcdata_iter_flags(kcdata_iter_t iter) | |
985 | { | |
986 | return iter.item->flags; | |
987 | } | |
988 | ||
989 | static inline | |
990 | void * kcdata_iter_payload(kcdata_iter_t iter) { | |
991 | return &iter.item->data; | |
992 | } | |
993 | ||
994 | ||
995 | static inline | |
996 | uint32_t kcdata_iter_array_elem_type(kcdata_iter_t iter) { | |
997 | return (iter.item->flags >> 32) & UINT32_MAX; | |
998 | } | |
999 | ||
1000 | static inline | |
1001 | uint32_t kcdata_iter_array_elem_count(kcdata_iter_t iter) { | |
1002 | return (iter.item->flags) & UINT32_MAX; | |
1003 | } | |
1004 | ||
1005 | /* KCDATA_TYPE_ARRAY is ambiguous about the size of the array elements. Size is | |
1006 | * calculated as total_size / elements_count, but total size got padded out to a | |
1007 | * 16 byte alignment. New kernels will generate KCDATA_TYPE_ARRAY_PAD* instead | |
1008 | * to explicitly tell us how much padding was used. Here we have a fixed, never | |
1009 | * to be altered list of the sizes of array elements that were used before I | |
1010 | * discovered this issue. If you find a KCDATA_TYPE_ARRAY that is not one of | |
1011 | * these types, treat it as invalid data. */ | |
1012 | ||
1013 | static inline | |
1014 | uint32_t | |
1015 | kcdata_iter_array_size_switch(kcdata_iter_t iter) { | |
1016 | switch(kcdata_iter_array_elem_type(iter)) { | |
1017 | case KCDATA_TYPE_LIBRARY_LOADINFO: | |
1018 | return sizeof(struct dyld_uuid_info_32); | |
1019 | case KCDATA_TYPE_LIBRARY_LOADINFO64: | |
1020 | return sizeof(struct dyld_uuid_info_64); | |
1021 | case STACKSHOT_KCTYPE_KERN_STACKFRAME: | |
1022 | case STACKSHOT_KCTYPE_USER_STACKFRAME: | |
1023 | return sizeof(struct stack_snapshot_frame32); | |
1024 | case STACKSHOT_KCTYPE_KERN_STACKFRAME64: | |
1025 | case STACKSHOT_KCTYPE_USER_STACKFRAME64: | |
1026 | return sizeof(struct stack_snapshot_frame64); | |
1027 | case STACKSHOT_KCTYPE_DONATING_PIDS: | |
1028 | return sizeof(int32_t); | |
1029 | case STACKSHOT_KCTYPE_THREAD_DELTA_SNAPSHOT: | |
1030 | return sizeof(struct thread_delta_snapshot_v2); | |
1031 | // This one is only here to make some unit tests work. It should be OK to | |
1032 | // remove. | |
1033 | case TASK_CRASHINFO_CRASHED_THREADID: | |
1034 | return sizeof(uint64_t); | |
1035 | default: | |
1036 | return 0; | |
1037 | } | |
1038 | } | |
1039 | ||
1040 | static inline | |
1041 | int kcdata_iter_array_valid(kcdata_iter_t iter) { | |
1042 | if (!kcdata_iter_valid(iter)) | |
1043 | return 0; | |
1044 | if (kcdata_iter_type(iter) != KCDATA_TYPE_ARRAY) | |
1045 | return 0; | |
1046 | if (kcdata_iter_array_elem_count(iter) == 0) | |
1047 | return iter.item->size == 0; | |
1048 | if (iter.item->type == KCDATA_TYPE_ARRAY) { | |
1049 | uint32_t elem_size = kcdata_iter_array_size_switch(iter); | |
1050 | if (elem_size == 0) | |
1051 | return 0; | |
1052 | /* sizes get aligned to the nearest 16. */ | |
1053 | return | |
1054 | kcdata_iter_array_elem_count(iter) <= iter.item->size / elem_size && | |
1055 | iter.item->size % kcdata_iter_array_elem_count(iter) < 16; | |
1056 | } else { | |
1057 | return | |
1058 | (iter.item->type & 0xf) <= iter.item->size && | |
1059 | kcdata_iter_array_elem_count(iter) <= iter.item->size - (iter.item->type & 0xf) && | |
1060 | (iter.item->size - (iter.item->type & 0xf)) % kcdata_iter_array_elem_count(iter) == 0; | |
1061 | } | |
1062 | } | |
1063 | ||
1064 | ||
1065 | static inline | |
1066 | uint32_t kcdata_iter_array_elem_size(kcdata_iter_t iter) { | |
1067 | if (iter.item->type == KCDATA_TYPE_ARRAY) | |
1068 | return kcdata_iter_array_size_switch(iter); | |
1069 | if (kcdata_iter_array_elem_count(iter) == 0) | |
1070 | return 0; | |
1071 | return (iter.item->size - (iter.item->type & 0xf)) / kcdata_iter_array_elem_count(iter); | |
1072 | } | |
1073 | ||
1074 | static inline | |
1075 | int kcdata_iter_container_valid(kcdata_iter_t iter) { | |
1076 | return | |
1077 | kcdata_iter_valid(iter) && | |
1078 | kcdata_iter_type(iter) == KCDATA_TYPE_CONTAINER_BEGIN && | |
1079 | iter.item->size >= sizeof(uint32_t); | |
1080 | } | |
1081 | ||
1082 | static inline | |
1083 | uint32_t kcdata_iter_container_type(kcdata_iter_t iter) { | |
1084 | return * (uint32_t *) kcdata_iter_payload(iter); | |
1085 | } | |
1086 | ||
1087 | static inline | |
1088 | uint64_t kcdata_iter_container_id(kcdata_iter_t iter) { | |
1089 | return iter.item->flags; | |
1090 | } | |
1091 | ||
1092 | ||
1093 | #define KCDATA_ITER_FOREACH(iter) for(; kcdata_iter_valid(iter) && iter.item->type != KCDATA_TYPE_BUFFER_END; iter = kcdata_iter_next(iter)) | |
1094 | #define KCDATA_ITER_FOREACH_FAILED(iter) (!kcdata_iter_valid(iter) || (iter).item->type != KCDATA_TYPE_BUFFER_END) | |
1095 | ||
1096 | static inline | |
1097 | kcdata_iter_t | |
1098 | kcdata_iter_find_type(kcdata_iter_t iter, uint32_t type) | |
1099 | { | |
1100 | KCDATA_ITER_FOREACH(iter) | |
1101 | { | |
1102 | if (kcdata_iter_type(iter) == type) | |
1103 | return iter; | |
1104 | } | |
1105 | return kcdata_invalid_iter; | |
1106 | } | |
1107 | ||
1108 | static inline | |
1109 | int kcdata_iter_data_with_desc_valid(kcdata_iter_t iter, uint32_t minsize) { | |
1110 | return | |
1111 | kcdata_iter_valid(iter) && | |
1112 | kcdata_iter_size(iter) >= KCDATA_DESC_MAXLEN + minsize && | |
1113 | ((char*)kcdata_iter_payload(iter))[KCDATA_DESC_MAXLEN-1] == 0; | |
1114 | } | |
1115 | ||
1116 | static inline | |
1117 | char *kcdata_iter_string(kcdata_iter_t iter, uint32_t offset) { | |
1118 | if (offset > kcdata_iter_size(iter)) { | |
1119 | return NULL; | |
1120 | } | |
1121 | uint32_t maxlen = kcdata_iter_size(iter) - offset; | |
1122 | char *s = ((char*)kcdata_iter_payload(iter)) + offset; | |
1123 | if (strnlen(s, maxlen) < maxlen) { | |
1124 | return s; | |
1125 | } else { | |
1126 | return NULL; | |
1127 | } | |
1128 | } | |
1129 | ||
1130 | static inline void kcdata_iter_get_data_with_desc(kcdata_iter_t iter, char **desc_ptr, void **data_ptr, uint32_t *size_ptr) { | |
1131 | if (desc_ptr) | |
1132 | *desc_ptr = (char *)kcdata_iter_payload(iter); | |
1133 | if (data_ptr) | |
1134 | *data_ptr = (void *)((uintptr_t)kcdata_iter_payload(iter) + KCDATA_DESC_MAXLEN); | |
1135 | if (size_ptr) | |
1136 | *size_ptr = kcdata_iter_size(iter) - KCDATA_DESC_MAXLEN; | |
1137 | } | |
1138 | ||
1139 | #endif |