![[Go to CFHT Home Page]](/images/cfht-icon.gif){kind=icon}
Man Pages 
Back to Software Index 
Manpage Top Level
#include <kvm.h> #include <fcntl.h>
kvm_t *kvm_open(char *namelist, char *corefile, char *swapfile, int flag, char *errstr);
int kvm_close(kvm_t *kd);
Unsafe
kvm_open() initializes a set of file descriptors to be used in subsequent calls to kernel VM routines. It returns a pointer to a kernel identifier that must be used as the kd argument in subsequent kernel VM function calls.
The namelist argument specifies an unstripped executable file whose symbol table will be used to locate various offsets in corefile. If namelist is NULL , the symbol table of the currently running kernel is used to determine offsets in the core image. In this case, it is up to the implementation to select an appropriate way to resolve symbolic references (for instance, using /dev/ksyms as a default namelist file).
corefile specifies a file that contains an image of physical memory, for instance, a kernel crash dump file (see savecore(1M) ) or the special device /dev/mem. If corefile is NULL , the currently running kernel is accessed (using /dev/mem and /dev/kmem).
swapfile specifies a file that represents the swap device. If both corefile and swapfile are NULL , the swap device of the ‘‘currently running kernel’’ is accessed. Otherwise, if swapfile is NULL , kvm_open() may succeed but subsequent kvm_getu(3K) function calls may fail if the desired information is swapped out.
flag is used to specify read or write access for corefile and may have one of the following values:
open for reading and writing
- O_RDONLY
- open for reading
- O_RDWR
errstr is used to control error reporting. If it is a NULL pointer, no error messages will be printed. If it is non-NULL , it is assumed to be the address of a string that will be used to prefix error messages generated by kvm_open. Errors are printed to stderr. A useful value to supply for errstr would be argv[0]. This has the effect of printing the process name in front of any error messages.
kvm_close() closes all file descriptors that were associated with kd. These files are also closed on exit(2) and execve() (see exec(2) ). kvm_close() also resets the proc pointer associated with kvm_nextproc(3K) and flushes any cached kernel data.
kvm_open() returns a non-NULL value suitable for use with subsequent kernel VM function calls. On failure, it returns NULL and no files are opened.
kvm_close() returns:
Programs using libkvm are likely to be platform and release dependent.
Kernel core dumps should be examined on the same platform they were created on.