2 Copyright (C) 2008-2010, 2013, 2015 Red Hat, Inc.
3 This file is part of elfutils.
5 This file is free software; you can redistribute it and/or modify
6 it under the terms of either
8 * the GNU Lesser General Public License as published by the Free
9 Software Foundation; either version 3 of the License, or (at
10 your option) any later version
14 * the GNU General Public License as published by the Free
15 Software Foundation; either version 2 of the License, or (at
16 your option) any later version
18 or both in parallel, as here.
20 elfutils is distributed in the hope that it will be useful, but
21 WITHOUT ANY WARRANTY; without even the implied warranty of
22 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
23 General Public License for more details.
25 You should have received copies of the GNU General Public License and
26 the GNU Lesser General Public License along with this program. If
27 not, see <http://www.gnu.org/licenses/>. */
30 #include "../libelf/libelfP.h" /* For NOTE_ALIGN. */
35 #include <sys/param.h>
42 /* On failure return, we update *NEXT to point back at OFFSET. */
44 do_fail (int error, off_t *next, off_t offset)
48 //__libelf_seterrno (error);
49 __libdwfl_seterrno (DWFL_E (LIBELF, error));
53 #define fail(error) do_fail (error, next, offset)
55 /* This is a prototype of what a new libelf interface might be.
56 This implementation is pessimal for non-mmap cases and should
57 be replaced by more diddling inside libelf internals. */
59 elf_begin_rand (Elf *parent, off_t offset, off_t size, off_t *next)
64 off_t min = (parent->kind == ELF_K_ELF ?
65 (parent->class == ELFCLASS32
66 ? sizeof (Elf32_Ehdr) : sizeof (Elf64_Ehdr))
67 : parent->kind == ELF_K_AR ? SARMAG
70 if (unlikely (offset < min)
71 || unlikely (offset >= (off_t) parent->maximum_size))
72 return fail (ELF_E_RANGE);
74 /* For an archive, fetch just the size field
75 from the archive header to override SIZE. */
76 if (parent->kind == ELF_K_AR)
78 struct ar_hdr h = { .ar_size = "" };
80 if (unlikely (parent->maximum_size - offset < sizeof h))
81 return fail (ELF_E_RANGE);
83 if (parent->map_address != NULL)
84 memcpy (h.ar_size, parent->map_address + parent->start_offset + offset,
86 else if (unlikely (pread_retry (parent->fildes,
87 h.ar_size, sizeof (h.ar_size),
88 parent->start_offset + offset
89 + offsetof (struct ar_hdr, ar_size))
90 != sizeof (h.ar_size)))
91 return fail (ELF_E_READ_ERROR);
96 size = strtoll (h.ar_size, &endp, 10);
97 if (unlikely (endp == h.ar_size)
98 || unlikely ((off_t) parent->maximum_size - offset < size))
99 return fail (ELF_E_INVALID_ARCHIVE);
102 if (unlikely ((off_t) parent->maximum_size - offset < size))
103 return fail (ELF_E_RANGE);
105 /* Even if we fail at this point, update *NEXT to point past the file. */
107 *next = offset + size;
109 if (unlikely (offset == 0)
110 && unlikely (size == (off_t) parent->maximum_size))
111 return elf_clone (parent, parent->cmd);
113 /* Note the image is guaranteed live only as long as PARENT
114 lives. Using elf_memory is quite suboptimal if the whole
115 file is not mmap'd. We really should have something like
116 a generalization of the archive support. */
117 Elf_Data *data = elf_getdata_rawchunk (parent, offset, size, ELF_T_BYTE);
120 assert ((off_t) data->d_size == size);
121 return elf_memory (data->d_buf, size);
126 dwfl_report_core_segments (Dwfl *dwfl, Elf *elf, size_t phnum, GElf_Phdr *notes)
128 if (unlikely (dwfl == NULL))
134 notes->p_type = PT_NULL;
136 for (size_t ndx = 0; result >= 0 && ndx < phnum; ++ndx)
139 GElf_Phdr *phdr = gelf_getphdr (elf, ndx, &phdr_mem);
140 if (unlikely (phdr == NULL))
142 __libdwfl_seterrno (DWFL_E_LIBELF);
145 switch (phdr->p_type)
148 result = dwfl_report_segment (dwfl, ndx, phdr, 0, NULL);
164 /* Never read more than this much without mmap. */
165 #define MAX_EAGER_COST 8192
167 /* Dwfl_Module_Callback passed to and called by dwfl_segment_report_module
168 to read in a segment as ELF image directly if possible or indicate an
169 attempt must be made to read in the while segment right now. */
171 core_file_read_eagerly (Dwfl_Module *mod,
172 void **userdata __attribute__ ((unused)),
173 const char *name __attribute__ ((unused)),
174 Dwarf_Addr start __attribute__ ((unused)),
175 void **buffer, size_t *buffer_available,
176 GElf_Off cost, GElf_Off worthwhile,
178 GElf_Off contiguous __attribute__ ((unused)),
179 void *arg, Elf **elfp)
183 /* The available buffer is often the whole segment when the core file
184 was mmap'd if used together with the dwfl_elf_phdr_memory_callback.
185 Which means that if it is complete we can just construct the whole
186 ELF image right now without having to read in anything more. */
187 if (whole <= *buffer_available)
189 /* All there ever was, we already have on hand. */
191 if (core->map_address == NULL)
193 /* We already malloc'd the buffer. */
194 *elfp = elf_memory (*buffer, whole);
195 if (unlikely (*elfp == NULL))
198 (*elfp)->flags |= ELF_F_MALLOCED;
200 *buffer_available = 0;
204 /* We can use the image inside the core file directly. */
205 *elfp = elf_begin_rand (core, *buffer - core->map_address, whole, NULL);
207 *buffer_available = 0;
208 return *elfp != NULL;
211 /* We don't have the whole file. Which either means the core file
212 wasn't mmap'd, but needs to still be read in, or that the segment
213 is truncated. Figure out if this is better than nothing. */
216 /* Caller doesn't think so. */
220 XXX would like to fall back to partial file via memory
221 when build id find_elf fails
222 also, link_map name may give file name from disk better than partial here
223 requires find_elf hook re-doing the magic to fall back if no file found
226 if (whole > MAX_EAGER_COST && mod->build_id_len > 0)
227 /* We can't cheaply read the whole file here, so we'd
228 be using a partial file. But there is a build ID that could
229 help us find the whole file, which might be more useful than
230 what we have. We'll just rely on that. */
233 /* The file is either small (most likely the vdso) or big and incomplete,
234 but we don't have a build-id. */
236 if (core->map_address != NULL)
237 /* It's cheap to get, so get it. */
240 /* Only use it if there isn't too much to be read. */
241 return cost <= MAX_EAGER_COST;
245 update_end (GElf_Phdr *pphdr, const GElf_Off align,
246 GElf_Off *pend, GElf_Addr *pend_vaddr)
248 *pend = (pphdr->p_offset + pphdr->p_filesz + align - 1) & -align;
249 *pend_vaddr = (pphdr->p_vaddr + pphdr->p_memsz + align - 1) & -align;
252 /* Use following contiguous segments to get towards SIZE. */
254 do_more (size_t size, GElf_Phdr *pphdr, const GElf_Off align,
255 Elf *elf, GElf_Off start, int *pndx,
256 GElf_Off *pend, GElf_Addr *pend_vaddr)
258 while (*pend <= start || *pend - start < size)
260 if (pphdr->p_filesz < pphdr->p_memsz)
261 /* This segment is truncated, so no following one helps us. */
264 if (unlikely (gelf_getphdr (elf, (*pndx)++, pphdr) == NULL))
267 if (pphdr->p_type == PT_LOAD)
269 if (pphdr->p_offset > *pend
270 || pphdr->p_vaddr > *pend_vaddr)
271 /* It's discontiguous! */
274 update_end (pphdr, align, pend, pend_vaddr);
280 #define more(size) do_more (size, &phdr, align, elf, start, &ndx, &end, &end_vaddr)
283 dwfl_elf_phdr_memory_callback (Dwfl *dwfl, int ndx,
284 void **buffer, size_t *buffer_available,
293 /* Called for cleanup. */
294 if (elf->map_address == NULL)
297 *buffer_available = 0;
301 const GElf_Off align = dwfl->segment_align ?: 1;
305 if (unlikely (gelf_getphdr (elf, ndx++, &phdr) == NULL))
307 while (phdr.p_type != PT_LOAD
308 || ((phdr.p_vaddr + phdr.p_memsz + align - 1) & -align) <= vaddr);
310 GElf_Off start = vaddr - phdr.p_vaddr + phdr.p_offset;
314 update_end (&phdr, align, &end, &end_vaddr);
316 /* We need at least this much. */
317 if (! more (minread))
320 /* See how much more we can get of what the caller wants. */
321 (void) more (*buffer_available);
323 /* If it's already on hand anyway, use as much as there is. */
324 if (elf->map_address != NULL)
325 (void) more (elf->maximum_size - start);
327 /* Make sure we don't look past the end of the actual file,
328 even if the headers tell us to. */
329 if (unlikely (end > elf->maximum_size))
330 end = elf->maximum_size;
332 /* If the file is too small, there is nothing at all to get. */
333 if (unlikely (start >= end))
336 if (elf->map_address != NULL)
338 void *contents = elf->map_address + elf->start_offset + start;
339 size_t size = end - start;
341 if (minread == 0) /* String mode. */
343 const void *eos = memchr (contents, '\0', size);
344 if (unlikely (eos == NULL) || unlikely (eos == contents))
346 size = eos + 1 - contents;
352 *buffer_available = size;
356 *buffer_available = MIN (size, *buffer_available);
357 memcpy (*buffer, contents, *buffer_available);
362 void *into = *buffer;
365 *buffer_available = MIN (minread ?: 512,
366 MAX (4096, MIN (end - start,
367 *buffer_available)));
368 into = malloc (*buffer_available);
369 if (unlikely (into == NULL))
371 __libdwfl_seterrno (DWFL_E_NOMEM);
376 ssize_t nread = pread_retry (elf->fildes, into, *buffer_available, start);
377 if (nread < (ssize_t) minread)
382 __libdwfl_seterrno (DWFL_E_ERRNO);
386 if (minread == 0) /* String mode. */
388 const void *eos = memchr (into, '\0', nread);
389 if (unlikely (eos == NULL) || unlikely (eos == into))
395 nread = eos + 1 - into;
400 *buffer_available = nread;
406 /* Free the contents of R_DEBUG_INFO without the R_DEBUG_INFO memory itself. */
409 clear_r_debug_info (struct r_debug_info *r_debug_info)
411 while (r_debug_info->module != NULL)
413 struct r_debug_info_module *module = r_debug_info->module;
414 r_debug_info->module = module->next;
415 elf_end (module->elf);
416 if (module->fd != -1)
424 __libdwfl_dynamic_vaddr_get (Elf *elf, GElf_Addr *vaddrp)
427 if (unlikely (elf_getphdrnum (elf, &phnum) != 0))
429 for (size_t i = 0; i < phnum; ++i)
432 GElf_Phdr *phdr = gelf_getphdr (elf, i, &phdr_mem);
433 if (unlikely (phdr == NULL))
435 if (phdr->p_type == PT_DYNAMIC)
437 *vaddrp = phdr->p_vaddr;
445 dwfl_core_file_report (Dwfl *dwfl, Elf *elf, const char *executable)
448 if (unlikely (elf_getphdrnum (elf, &phnum) != 0))
450 __libdwfl_seterrno (DWFL_E_LIBELF);
454 if (dwfl->user_core != NULL)
455 free (dwfl->user_core->executable_for_core);
456 if (executable == NULL)
458 if (dwfl->user_core != NULL)
459 dwfl->user_core->executable_for_core = NULL;
463 if (dwfl->user_core == NULL)
465 dwfl->user_core = calloc (1, sizeof (struct Dwfl_User_Core));
466 if (dwfl->user_core == NULL)
468 __libdwfl_seterrno (DWFL_E_NOMEM);
471 dwfl->user_core->fd = -1;
473 dwfl->user_core->executable_for_core = strdup (executable);
474 if (dwfl->user_core->executable_for_core == NULL)
476 __libdwfl_seterrno (DWFL_E_NOMEM);
481 /* First report each PT_LOAD segment. */
482 GElf_Phdr notes_phdr;
483 int ndx = dwfl_report_core_segments (dwfl, elf, phnum, ¬es_phdr);
484 if (unlikely (ndx <= 0))
487 /* Next, we should follow the chain from DT_DEBUG. */
489 const void *auxv = NULL;
490 const void *note_file = NULL;
491 size_t auxv_size = 0;
492 size_t note_file_size = 0;
493 if (likely (notes_phdr.p_type == PT_NOTE))
495 /* PT_NOTE -> NT_AUXV -> AT_PHDR -> PT_DYNAMIC -> DT_DEBUG */
497 Elf_Data *notes = elf_getdata_rawchunk (elf,
501 if (likely (notes != NULL))
507 while ((pos = gelf_getnote (notes, pos, &nhdr,
508 &name_pos, &desc_pos)) > 0)
509 if (nhdr.n_namesz == sizeof "CORE"
510 && !memcmp (notes->d_buf + name_pos, "CORE", sizeof "CORE"))
512 if (nhdr.n_type == NT_AUXV)
514 auxv = notes->d_buf + desc_pos;
515 auxv_size = nhdr.n_descsz;
517 if (nhdr.n_type == NT_FILE)
519 note_file = notes->d_buf + desc_pos;
520 note_file_size = nhdr.n_descsz;
526 /* Now we have NT_AUXV contents. From here on this processing could be
527 used for a live process with auxv read from /proc. */
529 struct r_debug_info r_debug_info;
530 memset (&r_debug_info, 0, sizeof r_debug_info);
531 int retval = dwfl_link_map_report (dwfl, auxv, auxv_size,
532 dwfl_elf_phdr_memory_callback, elf,
534 int listed = retval > 0 ? retval : 0;
536 /* Now sniff segment contents for modules hinted by information gathered
542 int seg = dwfl_segment_report_module (dwfl, ndx, NULL,
543 &dwfl_elf_phdr_memory_callback, elf,
544 core_file_read_eagerly, elf,
545 note_file, note_file_size,
547 if (unlikely (seg < 0))
549 clear_r_debug_info (&r_debug_info);
560 while (ndx < (int) phnum);
562 /* Now report the modules from dwfl_link_map_report which were not filtered
563 out by dwfl_segment_report_module. */
565 Dwfl_Module **lastmodp = &dwfl->modulelist;
566 while (*lastmodp != NULL)
567 lastmodp = &(*lastmodp)->next;
568 for (struct r_debug_info_module *module = r_debug_info.module;
569 module != NULL; module = module->next)
571 if (module->elf == NULL)
573 GElf_Addr file_dynamic_vaddr;
574 if (! __libdwfl_dynamic_vaddr_get (module->elf, &file_dynamic_vaddr))
577 mod = __libdwfl_report_elf (dwfl, basename (module->name), module->name,
578 module->fd, module->elf,
579 module->l_ld - file_dynamic_vaddr,
586 /* Move this module to the end of the list, so that we end
587 up with a list in the same order as the link_map chain. */
588 if (mod->next != NULL)
590 if (*lastmodp != mod)
592 lastmodp = &dwfl->modulelist;
593 while (*lastmodp != mod)
594 lastmodp = &(*lastmodp)->next;
596 *lastmodp = mod->next;
598 while (*lastmodp != NULL)
599 lastmodp = &(*lastmodp)->next;
602 lastmodp = &mod->next;
605 clear_r_debug_info (&r_debug_info);
607 /* We return the number of modules we found if we found any.
608 If we found none, we return -1 instead of 0 if there was an
609 error rather than just nothing found. */
610 return listed > 0 ? listed : retval;
612 INTDEF (dwfl_core_file_report)
613 NEW_VERSION (dwfl_core_file_report, ELFUTILS_0.158)
615 #ifdef SYMBOL_VERSIONING
616 int _compat_without_executable_dwfl_core_file_report (Dwfl *dwfl, Elf *elf);
617 COMPAT_VERSION_NEWPROTO (dwfl_core_file_report, ELFUTILS_0.146,
621 _compat_without_executable_dwfl_core_file_report (Dwfl *dwfl, Elf *elf)
623 return dwfl_core_file_report (dwfl, elf, NULL);