1 /* Standard libdwfl callbacks for debugging a live Linux process.
2 Copyright (C) 2005-2010, 2013, 2014 Red Hat, Inc.
3 This file is part of elfutils.
5 This file is free software; you can redistribute it and/or modify
6 it under the terms of either
8 * the GNU Lesser General Public License as published by the Free
9 Software Foundation; either version 3 of the License, or (at
10 your option) any later version
14 * the GNU General Public License as published by the Free
15 Software Foundation; either version 2 of the License, or (at
16 your option) any later version
18 or both in parallel, as here.
20 elfutils is distributed in the hope that it will be useful, but
21 WITHOUT ANY WARRANTY; without even the implied warranty of
22 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
23 General Public License for more details.
25 You should have received copies of the GNU General Public License and
26 the GNU Lesser General Public License along with this program. If
27 not, see <http://www.gnu.org/licenses/>. */
31 #include <sys/types.h>
35 #include <stdio_ext.h>
46 #define PROCMAPSFMT "/proc/%d/maps"
47 #define PROCMEMFMT "/proc/%d/mem"
48 #define PROCAUXVFMT "/proc/%d/auxv"
49 #define PROCEXEFMT "/proc/%d/exe"
52 /* Return ELFCLASS64 or ELFCLASS32 for the main ELF executable. Return
53 ELFCLASSNONE for an error. */
56 get_pid_class (pid_t pid)
59 if (asprintf (&fname, PROCEXEFMT, pid) < 0)
62 int fd = open64 (fname, O_RDONLY);
67 unsigned char buf[EI_CLASS + 1];
68 ssize_t nread = pread_retry (fd, &buf, sizeof buf, 0);
70 if (nread != sizeof buf || buf[EI_MAG0] != ELFMAG0
71 || buf[EI_MAG1] != ELFMAG1 || buf[EI_MAG2] != ELFMAG2
72 || buf[EI_MAG3] != ELFMAG3
73 || (buf[EI_CLASS] != ELFCLASS64 && buf[EI_CLASS] != ELFCLASS32))
79 /* Search /proc/PID/auxv for the AT_SYSINFO_EHDR tag.
81 It would be easiest to call get_pid_class and parse everything according to
82 the 32-bit or 64-bit class. But this would bring the overhead of syscalls
83 to open and read the "/proc/%d/exe" file.
85 Therefore this function tries to parse the "/proc/%d/auxv" content both
86 ways, as if it were the 32-bit format and also if it were the 64-bit format.
87 Only if it gives some valid data in both cases get_pid_class gets called.
88 In most cases only one of the format bit sizes gives valid data and the
89 get_pid_class call overhead can be saved. */
92 grovel_auxv (pid_t pid, Dwfl *dwfl, GElf_Addr *sysinfo_ehdr)
95 if (asprintf (&fname, PROCAUXVFMT, pid) < 0)
98 int fd = open64 (fname, O_RDONLY);
101 return errno == ENOENT ? 0 : errno;
103 GElf_Addr sysinfo_ehdr64 = 0;
104 GElf_Addr sysinfo_ehdr32 = 0;
105 GElf_Addr segment_align64 = dwfl->segment_align;
106 GElf_Addr segment_align32 = dwfl->segment_align;
111 Elf64_auxv_t a64[64];
112 Elf32_auxv_t a32[128];
116 eu_static_assert (sizeof d.a64 == sizeof d.a32);
117 nread = pread_retry (fd, d.a64, sizeof d.a64, offset);
124 for (size_t a32i = 0; a32i < nread / sizeof d.a32[0]; a32i++)
126 const Elf32_auxv_t *a32 = d.a32 + a32i;
129 case AT_SYSINFO_EHDR:
130 sysinfo_ehdr32 = a32->a_un.a_val;
133 segment_align32 = a32->a_un.a_val;
137 for (size_t a64i = 0; a64i < nread / sizeof d.a64[0]; a64i++)
139 const Elf64_auxv_t *a64 = d.a64 + a64i;
142 case AT_SYSINFO_EHDR:
143 sysinfo_ehdr64 = a64->a_un.a_val;
146 segment_align64 = a64->a_un.a_val;
152 while (nread == sizeof d.a64);
156 bool valid64 = sysinfo_ehdr64 != 0 || segment_align64 != dwfl->segment_align;
157 bool valid32 = sysinfo_ehdr32 != 0 || segment_align32 != dwfl->segment_align;
159 unsigned char pid_class = ELFCLASSNONE;
160 if (valid64 && valid32)
161 pid_class = get_pid_class (pid);
163 if (pid_class == ELFCLASS64 || (valid64 && ! valid32))
165 *sysinfo_ehdr = sysinfo_ehdr64;
166 dwfl->segment_align = segment_align64;
169 if (pid_class == ELFCLASS32 || (! valid64 && valid32))
171 *sysinfo_ehdr = sysinfo_ehdr32;
172 dwfl->segment_align = segment_align32;
179 proc_maps_report (Dwfl *dwfl, FILE *f, GElf_Addr sysinfo_ehdr, pid_t pid)
181 unsigned int last_dmajor = -1, last_dminor = -1;
182 uint64_t last_ino = -1;
183 char *last_file = NULL;
184 Dwarf_Addr low = 0, high = 0;
186 inline bool report (void)
188 if (last_file != NULL)
190 Dwfl_Module *mod = INTUSE(dwfl_report_module) (dwfl, last_file,
194 if (unlikely (mod == NULL))
203 while ((len = getline (&line, &linesz, f)) > 0)
205 if (line[len - 1] == '\n')
206 line[len - 1] = '\0';
208 Dwarf_Addr start, end, offset;
209 unsigned int dmajor, dminor;
212 if (sscanf (line, "%" PRIx64 "-%" PRIx64 " %*s %" PRIx64
213 " %x:%x %" PRIi64 " %n",
214 &start, &end, &offset, &dmajor, &dminor, &ino, &nread) < 6
221 /* If this is the special mapping AT_SYSINFO_EHDR pointed us at,
222 report the last one and then this special one. */
223 if (start == sysinfo_ehdr && start != 0)
234 if (asprintf (&last_file, "[vdso: %d]", (int) pid) < 0
239 char *file = line + nread + strspn (line + nread, " \t");
240 if (file[0] != '/' || (ino == 0 && dmajor == 0 && dminor == 0))
241 /* This line doesn't indicate a file mapping. */
244 if (last_file != NULL
245 && ino == last_ino && dmajor == last_dmajor && dminor == last_dminor)
247 /* This is another portion of the same file's mapping. */
248 if (strcmp (last_file, file) != 0)
254 /* This is a different file mapping. Report the last one. */
259 last_file = strdup (file);
261 last_dmajor = dmajor;
262 last_dminor = dminor;
267 int result = ferror_unlocked (f) ? errno : feof_unlocked (f) ? 0 : ENOEXEC;
269 /* Report the final one. */
270 bool lose = report ();
272 return result != 0 ? result : lose ? -1 : 0;
276 dwfl_linux_proc_maps_report (Dwfl *dwfl, FILE *f)
278 return proc_maps_report (dwfl, f, 0, 0);
280 INTDEF (dwfl_linux_proc_maps_report)
283 dwfl_linux_proc_report (Dwfl *dwfl, pid_t pid)
288 /* We'll notice the AT_SYSINFO_EHDR address specially when we hit it. */
289 GElf_Addr sysinfo_ehdr = 0;
290 int result = grovel_auxv (pid, dwfl, &sysinfo_ehdr);
295 if (asprintf (&fname, PROCMAPSFMT, pid) < 0)
298 FILE *f = fopen (fname, "r");
303 (void) __fsetlocking (f, FSETLOCKING_BYCALLER);
305 result = proc_maps_report (dwfl, f, sysinfo_ehdr, pid);
311 INTDEF (dwfl_linux_proc_report)
314 read_proc_memory (void *arg, void *data, GElf_Addr address,
315 size_t minread, size_t maxread)
317 const int fd = *(const int *) arg;
318 ssize_t nread = pread64 (fd, data, maxread, (off64_t) address);
319 /* Some kernels don't actually let us do this read, ignore those errors. */
320 if (nread < 0 && (errno == EINVAL || errno == EPERM))
322 if (nread > 0 && (size_t) nread < minread)
327 extern Elf *elf_from_remote_memory (GElf_Addr ehdr_vma,
329 GElf_Addr *loadbasep,
330 ssize_t (*read_memory) (void *arg,
338 /* Dwfl_Callbacks.find_elf */
341 dwfl_linux_proc_find_elf (Dwfl_Module *mod __attribute__ ((unused)),
342 void **userdata __attribute__ ((unused)),
343 const char *module_name, Dwarf_Addr base,
344 char **file_name, Elf **elfp)
347 if (module_name[0] == '/')
349 /* When this callback is used together with dwfl_linux_proc_report
350 then we might see mappings of special character devices. Make
351 sure we only open and return regular files. Special devices
352 might hang on open or read. (deleted) files are super special.
353 The image might come from memory if we are attached. */
355 if (stat (module_name, &sb) == -1 || (sb.st_mode & S_IFMT) != S_IFREG)
357 if (strcmp (strrchr (module_name, ' ') ?: "", " (deleted)") == 0)
358 pid = INTUSE(dwfl_pid) (mod->dwfl);
365 int fd = open64 (module_name, O_RDONLY);
368 *file_name = strdup (module_name);
369 if (*file_name == NULL)
379 if (pid != -1 || sscanf (module_name, "[vdso: %d]", &pid) == 1)
381 /* Special case for in-memory ELF image. */
384 bool tid_was_stopped = false;
385 struct __libdwfl_pid_arg *pid_arg = __libdwfl_get_pid_arg (mod->dwfl);
386 if (pid_arg != NULL && ! pid_arg->assume_ptrace_stopped)
388 /* If any thread is already attached we are fine. Read
389 through that thread. It doesn't have to be the main
391 pid_t tid = pid_arg->tid_attached;
395 detach = __libdwfl_ptrace_attach (pid, &tid_was_stopped);
399 if (asprintf (&fname, PROCMEMFMT, pid) < 0)
402 int fd = open64 (fname, O_RDONLY);
407 *elfp = elf_from_remote_memory (base, getpagesize (), NULL,
408 &read_proc_memory, &fd);
416 __libdwfl_ptrace_detach (pid, tid_was_stopped);
422 INTDEF (dwfl_linux_proc_find_elf)