2 * This file is part of ltrace.
3 * Copyright (C) 2011,2012,2013 Petr Machata, Red Hat Inc.
4 * Copyright (C) 2010 Zachary T Welch, CodeSourcery
5 * Copyright (C) 2010 Joe Damato
6 * Copyright (C) 1998,2008,2009 Juan Cespedes
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License as
10 * published by the Free Software Foundation; either version 2 of the
11 * License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
24 #define _GNU_SOURCE /* For getline. */
28 #include <sys/syscall.h>
29 #include <sys/types.h>
43 #include "breakpoint.h"
48 #include "ltrace-elf.h"
51 /* /proc/pid doesn't exist just after the fork, and sometimes `ltrace'
52 * couldn't open it to find the executable. So it may be necessary to
56 #define MAX_DELAY 100000 /* 100000 microseconds = 0.1 seconds */
58 #define PROC_PID_FILE(VAR, FORMAT, PID) \
59 char VAR[strlen(FORMAT) + 6]; \
60 sprintf(VAR, FORMAT, PID)
63 * Returns a (malloc'd) file name corresponding to a running pid
70 PROC_PID_FILE(proc_exe, "/proc/%d/exe", pid);
72 while (delay < MAX_DELAY) {
73 if (!access(proc_exe, F_OK)) {
74 return strdup(proc_exe);
76 delay += 1000; /* 1 milisecond */
83 open_status_file(pid_t pid)
85 PROC_PID_FILE(fn, "/proc/%d/status", pid);
86 /* Don't complain if we fail. This would typically happen
87 when the process is about to terminate, and these files are
88 not available anymore. This function is called from the
89 event loop, and we don't want to clutter the output just
90 because the process terminates. */
91 return fopen(fn, "r");
95 find_line_starting(FILE * file, const char * prefix, size_t len)
100 if (getline(&line, &line_len, file) < 0)
102 if (strncmp(line, prefix, len) == 0)
109 each_line_starting(FILE *file, const char *prefix,
110 enum callback_status (*cb)(const char *line,
115 size_t len = strlen(prefix);
117 while ((line = find_line_starting(file, prefix, len)) != NULL) {
118 enum callback_status st = (*cb)(line, prefix, data);
125 static enum callback_status
126 process_leader_cb(const char *line, const char *prefix, void *data)
129 *pidp = atoi(line + strlen(prefix));
134 process_leader(pid_t pid)
137 FILE * file = open_status_file(pid);
139 each_line_starting(file, "Tgid:\t", &process_leader_cb, &tgid);
146 static enum callback_status
147 process_stopped_cb(const char *line, const char *prefix, void *data)
149 char c = line[strlen(prefix)];
150 // t:tracing stop, T:job control stop
151 *(int *)data = (c == 't' || c == 'T');
156 process_stopped(pid_t pid)
159 FILE * file = open_status_file(pid);
161 each_line_starting(file, "State:\t", &process_stopped_cb,
168 static enum callback_status
169 process_status_cb(const char *line, const char *prefix, void *data)
171 const char * status = line + strlen(prefix);
172 const char c = *status;
174 #define RETURN(C) do { \
175 *(enum process_status *)data = C; \
180 case 'Z': RETURN(PS_ZOMBIE);
181 case 't': RETURN(PS_TRACING_STOP);
183 /* This can be either "T (stopped)" or, for older
184 * kernels, "T (tracing stop)". */
185 if (!strcmp(status, "T (stopped)\n"))
187 else if (!strcmp(status, "T (tracing stop)\n"))
188 RETURN(PS_TRACING_STOP);
190 fprintf(stderr, "Unknown process status: %s",
192 RETURN(PS_STOP); /* Some sort of stop
196 case 'S': RETURN(PS_SLEEPING);
204 process_status(pid_t pid)
206 enum process_status ret = PS_INVALID;
207 FILE * file = open_status_file(pid);
209 each_line_starting(file, "State:\t", &process_status_cb, &ret);
211 if (ret == PS_INVALID)
213 "Couldn't determine status of process %d: %s\n",
214 pid, strerror(errno));
216 /* If the file is not present, the process presumably
225 all_digits(const char *str)
227 while (isdigit(*str))
233 process_tasks(pid_t pid, pid_t **ret_tasks, size_t *ret_n)
235 PROC_PID_FILE(fn, "/proc/%d/task", pid);
236 DIR *d = opendir(fn);
246 struct dirent *result;
247 if (readdir_r(d, &entry, &result) != 0) {
255 if (result->d_type == DT_DIR && all_digits(result->d_name)) {
256 pid_t npid = atoi(result->d_name);
258 alloc = alloc > 0 ? (2 * alloc) : 8;
259 pid_t *ntasks = realloc(tasks,
260 sizeof(*tasks) * alloc);
277 /* On native 64-bit system, we need to be careful when handling cross
278 * tracing. This select appropriate pointer depending on host and
279 * target architectures. XXX Really we should abstract this into the
280 * ABI object, as theorized about somewhere on pmachata/revamp
283 select_32_64(struct process *proc, void *p32, void *p64)
285 if (sizeof(long) == 4 || proc->mask_32bit)
292 fetch_dyn64(struct process *proc, arch_addr_t *addr, Elf64_Dyn *ret)
294 if (umovebytes(proc, *addr, ret, sizeof(*ret)) != sizeof(*ret))
296 *addr += sizeof(*ret);
301 fetch_dyn32(struct process *proc, arch_addr_t *addr, Elf64_Dyn *ret)
304 if (umovebytes(proc, *addr, &dyn, sizeof(dyn)) != sizeof(dyn))
307 *addr += sizeof(dyn);
308 ret->d_tag = dyn.d_tag;
309 ret->d_un.d_val = dyn.d_un.d_val;
315 dyn_fetcher(struct process *proc))(struct process *,
316 arch_addr_t *, Elf64_Dyn *)
318 return select_32_64(proc, fetch_dyn32, fetch_dyn64);
322 proc_find_dynamic_entry_addr(struct process *proc, arch_addr_t src_addr,
323 int d_tag, arch_addr_t *ret)
325 debug(DEBUG_FUNCTION, "find_dynamic_entry()");
327 if (ret == NULL || src_addr == 0 || d_tag < 0)
333 if (dyn_fetcher(proc)(proc, &src_addr, &entry) < 0
334 || entry.d_tag == DT_NULL
335 || i++ > 100) { /* Arbitrary cut-off so that we
336 * don't loop forever if the
337 * binary is corrupted. */
338 debug(2, "Couldn't find address for dtag!");
342 if (entry.d_tag == d_tag) {
343 /* XXX The double cast should be removed when
344 * arch_addr_t becomes integral type. */
345 *ret = (arch_addr_t)(uintptr_t)entry.d_un.d_val;
346 debug(2, "found address: %p in dtag %d", *ret, d_tag);
352 /* Our own type for representing 32-bit linkmap. We can't rely on the
353 * definition in link.h, because that's only accurate for our host
354 * architecture, not for target architecture (where the traced process
356 #define LT_LINK_MAP(BITS) \
358 Elf##BITS##_Addr l_addr; \
359 Elf##BITS##_Addr l_name; \
360 Elf##BITS##_Addr l_ld; \
361 Elf##BITS##_Addr l_next; \
362 Elf##BITS##_Addr l_prev; \
364 struct lt_link_map_32 LT_LINK_MAP(32);
365 struct lt_link_map_64 LT_LINK_MAP(64);
368 fetch_lm64(struct process *proc, arch_addr_t addr,
369 struct lt_link_map_64 *ret)
371 if (umovebytes(proc, addr, ret, sizeof(*ret)) != sizeof(*ret))
377 fetch_lm32(struct process *proc, arch_addr_t addr,
378 struct lt_link_map_64 *ret)
380 struct lt_link_map_32 lm;
381 if (umovebytes(proc, addr, &lm, sizeof(lm)) != sizeof(lm))
384 ret->l_addr = lm.l_addr;
385 ret->l_name = lm.l_name;
387 ret->l_next = lm.l_next;
388 ret->l_prev = lm.l_prev;
394 lm_fetcher(struct process *proc))(struct process *,
395 arch_addr_t, struct lt_link_map_64 *)
397 return select_32_64(proc, fetch_lm32, fetch_lm64);
400 /* The same as above holds for struct r_debug. */
401 #define LT_R_DEBUG(BITS) \
404 Elf##BITS##_Addr r_map; \
405 Elf##BITS##_Addr r_brk; \
407 Elf##BITS##_Addr r_ldbase; \
410 struct lt_r_debug_32 LT_R_DEBUG(32);
411 struct lt_r_debug_64 LT_R_DEBUG(64);
414 fetch_rd64(struct process *proc, arch_addr_t addr,
415 struct lt_r_debug_64 *ret)
417 if (umovebytes(proc, addr, ret, sizeof(*ret)) != sizeof(*ret))
423 fetch_rd32(struct process *proc, arch_addr_t addr,
424 struct lt_r_debug_64 *ret)
426 struct lt_r_debug_32 rd;
427 if (umovebytes(proc, addr, &rd, sizeof(rd)) != sizeof(rd))
430 ret->r_version = rd.r_version;
431 ret->r_map = rd.r_map;
432 ret->r_brk = rd.r_brk;
433 ret->r_state = rd.r_state;
434 ret->r_ldbase = rd.r_ldbase;
440 rdebug_fetcher(struct process *proc))(struct process *,
441 arch_addr_t, struct lt_r_debug_64 *)
443 return select_32_64(proc, fetch_rd32, fetch_rd64);
447 fetch_auxv64_entry(int fd, Elf64_auxv_t *ret)
449 /* Reaching EOF is as much problem as not reading whole
451 return read(fd, ret, sizeof(*ret)) == sizeof(*ret) ? 0 : -1;
455 fetch_auxv32_entry(int fd, Elf64_auxv_t *ret)
458 if (read(fd, &auxv, sizeof(auxv)) != sizeof(auxv))
461 ret->a_type = auxv.a_type;
462 ret->a_un.a_val = auxv.a_un.a_val;
467 auxv_fetcher(struct process *proc))(int, Elf64_auxv_t *)
469 return select_32_64(proc, fetch_auxv32_entry, fetch_auxv64_entry);
473 crawl_linkmap(struct process *proc, struct lt_r_debug_64 *dbg)
475 debug (DEBUG_FUNCTION, "crawl_linkmap()");
477 if (!dbg || !dbg->r_map) {
478 debug(2, "Debug structure or it's linkmap are NULL!");
482 /* XXX The double cast should be removed when
483 * arch_addr_t becomes integral type. */
484 arch_addr_t addr = (arch_addr_t)(uintptr_t)dbg->r_map;
487 struct lt_link_map_64 rlm = {};
488 if (lm_fetcher(proc)(proc, addr, &rlm) < 0) {
489 debug(2, "Unable to read link map");
493 arch_addr_t key = addr;
494 /* XXX The double cast should be removed when
495 * arch_addr_t becomes integral type. */
496 addr = (arch_addr_t)(uintptr_t)rlm.l_next;
497 if (rlm.l_name == 0) {
498 debug(2, "Name of mapped library is NULL");
502 char lib_name[BUFSIZ];
503 /* XXX The double cast should be removed when
504 * arch_addr_t becomes integral type. */
505 umovebytes(proc, (arch_addr_t)(uintptr_t)rlm.l_name,
506 lib_name, sizeof(lib_name));
508 /* Library name can be an empty string, in which case
509 * the entry represents either the main binary, or a
510 * VDSO. Unfortunately we can't rely on that, as in
511 * recent glibc, that entry is initialized to VDSO
514 * It's not clear how to detect VDSO in this case. We
515 * can't assume that l_name of real DSOs will be
516 * either absolute or relative (for LD_LIBRARY_PATH=:
517 * it will be neither). We can't compare l_addr with
518 * AT_SYSINFO_EHDR either, as l_addr is bias (which
519 * also means it's not unique, and therefore useless
520 * for this). We could load VDSO from process image
521 * and at least compare actual SONAMEs. For now, this
522 * kludge is about the best that we can do. */
524 || strcmp(lib_name, "linux-vdso.so.1") == 0
525 || strcmp(lib_name, "linux-gate.so.1") == 0
526 || strcmp(lib_name, "linux-vdso32.so.1") == 0
527 || strcmp(lib_name, "linux-vdso64.so.1") == 0)
530 /* Do we have that library already? */
531 if (proc_each_library(proc, NULL, library_with_key_cb, &key))
534 struct library *lib = malloc(sizeof(*lib));
538 fprintf(stderr, "Couldn't load ELF object %s: %s\n",
539 lib_name, strerror(errno));
543 if (library_init(lib, LT_LIBTYPE_DSO) < 0)
546 if (ltelf_read_library(lib, proc, lib_name, rlm.l_addr) < 0) {
547 library_destroy(lib);
552 proc_add_library(proc, lib);
558 load_debug_struct(struct process *proc, struct lt_r_debug_64 *ret)
560 debug(DEBUG_FUNCTION, "load_debug_struct");
562 if (rdebug_fetcher(proc)(proc, proc->os.debug_addr, ret) < 0) {
563 debug(2, "This process does not have a debug structure!");
571 rdebug_bp_on_hit(struct breakpoint *bp, struct process *proc)
573 debug(DEBUG_FUNCTION, "arch_check_dbg");
575 struct lt_r_debug_64 rdbg;
576 if (load_debug_struct(proc, &rdbg) < 0) {
577 debug(2, "Unable to load debug structure!");
581 if (rdbg.r_state == RT_CONSISTENT) {
582 debug(2, "Linkmap is now consistent");
583 switch (proc->os.debug_state) {
585 debug(2, "Adding DSO to linkmap");
586 crawl_linkmap(proc, &rdbg);
589 debug(2, "Removing DSO from linkmap");
590 // XXX unload that library
593 debug(2, "Unexpected debug state!");
597 proc->os.debug_state = rdbg.r_state;
600 #ifndef ARCH_HAVE_FIND_DL_DEBUG
602 arch_find_dl_debug(struct process *proc, arch_addr_t dyn_addr,
605 return proc_find_dynamic_entry_addr(proc, dyn_addr, DT_DEBUG, ret);
610 linkmap_init(struct process *proc, arch_addr_t dyn_addr)
612 debug(DEBUG_FUNCTION, "linkmap_init(%d, dyn_addr=%p)", proc->pid, dyn_addr);
614 if (arch_find_dl_debug(proc, dyn_addr, &proc->os.debug_addr) == -1) {
615 debug(2, "Couldn't find debug structure!");
620 struct lt_r_debug_64 rdbg;
621 if ((status = load_debug_struct(proc, &rdbg)) < 0) {
622 debug(2, "No debug structure or no memory to allocate one!");
626 crawl_linkmap(proc, &rdbg);
628 /* XXX The double cast should be removed when
629 * arch_addr_t becomes integral type. */
630 arch_addr_t addr = (arch_addr_t)(uintptr_t)rdbg.r_brk;
631 if (arch_translate_address_dyn(proc, addr, &addr) < 0)
634 struct breakpoint *rdebug_bp = insert_breakpoint_at(proc, addr, NULL);
635 if (rdebug_bp == NULL) {
636 /* This is not fatal, the tracing can continue with
637 * reduced functionality. */
639 "Couldn't insert _r_debug breakpoint to %d: %s.\n"
640 "As a result of that, ltrace will not be able to "
641 "detect and trace\nnewly-loaded libraries.\n",
642 proc->pid, strerror(errno));
644 static struct bp_callbacks rdebug_callbacks = {
645 .on_hit = rdebug_bp_on_hit,
647 rdebug_bp->cbs = &rdebug_callbacks;
654 task_kill (pid_t pid, int sig)
660 ret = syscall (__NR_tkill, pid, sig);
665 process_removed(struct process *proc)
667 delete_events_for(proc);
671 process_get_entry(struct process *proc,
673 arch_addr_t *interp_biasp)
675 PROC_PID_FILE(fn, "/proc/%d/auxv", proc->pid);
676 int fd = open(fn, O_RDONLY);
680 fprintf(stderr, "couldn't read %s: %s", fn, strerror(errno));
688 arch_addr_t at_entry = 0;
689 arch_addr_t at_bias = 0;
691 Elf64_auxv_t entry = {};
692 if (auxv_fetcher(proc)(fd, &entry) < 0)
695 switch (entry.a_type) {
697 /* XXX The double cast should be removed when
698 * arch_addr_t becomes integral type. */
699 at_bias = (arch_addr_t)(uintptr_t)entry.a_un.a_val;
703 /* XXX The double cast should be removed when
704 * arch_addr_t becomes integral type. */
705 at_entry = (arch_addr_t)(uintptr_t)entry.a_un.a_val;
717 if (interp_biasp != NULL)
718 *interp_biasp = at_bias;
723 os_process_init(struct process *proc)
725 proc->os.debug_addr = 0;
726 proc->os.debug_state = 0;
731 os_process_destroy(struct process *proc)
736 os_process_clone(struct process *retp, struct process *proc)
743 os_process_exec(struct process *proc)
projects / platform / upstream / ltrace.git / blob