2 * This file is part of ltrace.
3 * Copyright (C) 2011,2012,2013 Petr Machata, Red Hat Inc.
4 * Copyright (C) 2010 Zachary T Welch, CodeSourcery
5 * Copyright (C) 2010 Joe Damato
6 * Copyright (C) 1998,2008,2009 Juan Cespedes
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License as
10 * published by the Free Software Foundation; either version 2 of the
11 * License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
24 #define _GNU_SOURCE /* For getline. */
28 #include <sys/syscall.h>
29 #include <sys/types.h>
43 #include "breakpoint.h"
48 #include "ltrace-elf.h"
51 /* /proc/pid doesn't exist just after the fork, and sometimes `ltrace'
52 * couldn't open it to find the executable. So it may be necessary to
56 #define MAX_DELAY 100000 /* 100000 microseconds = 0.1 seconds */
58 #define PROC_PID_FILE(VAR, FORMAT, PID) \
59 char VAR[strlen(FORMAT) + 6]; \
60 sprintf(VAR, FORMAT, PID)
63 * Returns a (malloc'd) file name corresponding to a running pid
70 PROC_PID_FILE(proc_exe, "/proc/%d/exe", pid);
72 while (delay < MAX_DELAY) {
73 if (!access(proc_exe, F_OK)) {
74 return strdup(proc_exe);
76 delay += 1000; /* 1 milisecond */
83 open_status_file(pid_t pid)
85 PROC_PID_FILE(fn, "/proc/%d/status", pid);
86 /* Don't complain if we fail. This would typically happen
87 when the process is about to terminate, and these files are
88 not available anymore. This function is called from the
89 event loop, and we don't want to clutter the output just
90 because the process terminates. */
91 return fopen(fn, "r");
95 find_line_starting(FILE * file, const char * prefix, size_t len)
100 if (getline(&line, &line_len, file) < 0)
102 if (strncmp(line, prefix, len) == 0)
109 each_line_starting(FILE *file, const char *prefix,
110 enum callback_status (*cb)(const char *line,
115 size_t len = strlen(prefix);
117 while ((line = find_line_starting(file, prefix, len)) != NULL) {
118 enum callback_status st = (*cb)(line, prefix, data);
125 static enum callback_status
126 process_leader_cb(const char *line, const char *prefix, void *data)
129 *pidp = atoi(line + strlen(prefix));
134 process_leader(pid_t pid)
137 FILE * file = open_status_file(pid);
139 each_line_starting(file, "Tgid:\t", &process_leader_cb, &tgid);
146 static enum callback_status
147 process_stopped_cb(const char *line, const char *prefix, void *data)
149 char c = line[strlen(prefix)];
150 // t:tracing stop, T:job control stop
151 *(int *)data = (c == 't' || c == 'T');
156 process_stopped(pid_t pid)
159 FILE * file = open_status_file(pid);
161 each_line_starting(file, "State:\t", &process_stopped_cb,
168 static enum callback_status
169 process_status_cb(const char *line, const char *prefix, void *data)
171 const char * status = line + strlen(prefix);
172 const char c = *status;
174 #define RETURN(C) do { \
175 *(enum process_status *)data = C; \
180 case 'Z': RETURN(PS_ZOMBIE);
181 case 't': RETURN(PS_TRACING_STOP);
183 /* This can be either "T (stopped)" or, for older
184 * kernels, "T (tracing stop)". */
185 if (!strcmp(status, "T (stopped)\n"))
187 else if (!strcmp(status, "T (tracing stop)\n"))
188 RETURN(PS_TRACING_STOP);
190 fprintf(stderr, "Unknown process status: %s",
192 RETURN(PS_STOP); /* Some sort of stop
196 case 'S': RETURN(PS_SLEEPING);
204 process_status(pid_t pid)
206 enum process_status ret = PS_INVALID;
207 FILE * file = open_status_file(pid);
209 each_line_starting(file, "State:\t", &process_status_cb, &ret);
211 if (ret == PS_INVALID)
213 "Couldn't determine status of process %d: %s\n",
214 pid, strerror(errno));
216 /* If the file is not present, the process presumably
225 all_digits(const char *str)
227 while (isdigit(*str))
233 process_tasks(pid_t pid, pid_t **ret_tasks, size_t *ret_n)
235 PROC_PID_FILE(fn, "/proc/%d/task", pid);
236 DIR *d = opendir(fn);
245 struct dirent *result;
249 if (result->d_type == DT_DIR && all_digits(result->d_name)) {
250 pid_t npid = atoi(result->d_name);
252 alloc = alloc > 0 ? (2 * alloc) : 8;
253 pid_t *ntasks = realloc(tasks,
254 sizeof(*tasks) * alloc);
255 if (ntasks == NULL) {
274 /* On native 64-bit system, we need to be careful when handling cross
275 * tracing. This select appropriate pointer depending on host and
276 * target architectures. XXX Really we should abstract this into the
277 * ABI object, as theorized about somewhere on pmachata/revamp
280 select_32_64(struct process *proc, void *p32, void *p64)
282 if (sizeof(long) == 4 || proc->mask_32bit)
289 fetch_dyn64(struct process *proc, arch_addr_t *addr, Elf64_Dyn *ret)
291 if (umovebytes(proc, *addr, ret, sizeof(*ret)) != sizeof(*ret))
293 *addr += sizeof(*ret);
298 fetch_dyn32(struct process *proc, arch_addr_t *addr, Elf64_Dyn *ret)
301 if (umovebytes(proc, *addr, &dyn, sizeof(dyn)) != sizeof(dyn))
304 *addr += sizeof(dyn);
305 ret->d_tag = dyn.d_tag;
306 ret->d_un.d_val = dyn.d_un.d_val;
312 dyn_fetcher(struct process *proc))(struct process *,
313 arch_addr_t *, Elf64_Dyn *)
315 return select_32_64(proc, fetch_dyn32, fetch_dyn64);
319 proc_find_dynamic_entry_addr(struct process *proc, arch_addr_t src_addr,
320 int d_tag, arch_addr_t *ret)
322 debug(DEBUG_FUNCTION, "find_dynamic_entry()");
324 if (ret == NULL || src_addr == 0 || d_tag < 0)
330 if (dyn_fetcher(proc)(proc, &src_addr, &entry) < 0
331 || entry.d_tag == DT_NULL
332 || i++ > 100) { /* Arbitrary cut-off so that we
333 * don't loop forever if the
334 * binary is corrupted. */
335 debug(2, "Couldn't find address for dtag!");
339 if (entry.d_tag == d_tag) {
340 /* XXX The double cast should be removed when
341 * arch_addr_t becomes integral type. */
342 *ret = (arch_addr_t)(uintptr_t)entry.d_un.d_val;
343 debug(2, "found address: %p in dtag %d", *ret, d_tag);
349 /* Our own type for representing 32-bit linkmap. We can't rely on the
350 * definition in link.h, because that's only accurate for our host
351 * architecture, not for target architecture (where the traced process
353 #define LT_LINK_MAP(BITS) \
355 Elf##BITS##_Addr l_addr; \
356 Elf##BITS##_Addr l_name; \
357 Elf##BITS##_Addr l_ld; \
358 Elf##BITS##_Addr l_next; \
359 Elf##BITS##_Addr l_prev; \
361 struct lt_link_map_32 LT_LINK_MAP(32);
362 struct lt_link_map_64 LT_LINK_MAP(64);
365 fetch_lm64(struct process *proc, arch_addr_t addr,
366 struct lt_link_map_64 *ret)
368 if (umovebytes(proc, addr, ret, sizeof(*ret)) != sizeof(*ret))
374 fetch_lm32(struct process *proc, arch_addr_t addr,
375 struct lt_link_map_64 *ret)
377 struct lt_link_map_32 lm;
378 if (umovebytes(proc, addr, &lm, sizeof(lm)) != sizeof(lm))
381 ret->l_addr = lm.l_addr;
382 ret->l_name = lm.l_name;
384 ret->l_next = lm.l_next;
385 ret->l_prev = lm.l_prev;
391 lm_fetcher(struct process *proc))(struct process *,
392 arch_addr_t, struct lt_link_map_64 *)
394 return select_32_64(proc, fetch_lm32, fetch_lm64);
397 /* The same as above holds for struct r_debug. */
398 #define LT_R_DEBUG(BITS) \
401 Elf##BITS##_Addr r_map; \
402 Elf##BITS##_Addr r_brk; \
404 Elf##BITS##_Addr r_ldbase; \
407 struct lt_r_debug_32 LT_R_DEBUG(32);
408 struct lt_r_debug_64 LT_R_DEBUG(64);
411 fetch_rd64(struct process *proc, arch_addr_t addr,
412 struct lt_r_debug_64 *ret)
414 if (umovebytes(proc, addr, ret, sizeof(*ret)) != sizeof(*ret))
420 fetch_rd32(struct process *proc, arch_addr_t addr,
421 struct lt_r_debug_64 *ret)
423 struct lt_r_debug_32 rd;
424 if (umovebytes(proc, addr, &rd, sizeof(rd)) != sizeof(rd))
427 ret->r_version = rd.r_version;
428 ret->r_map = rd.r_map;
429 ret->r_brk = rd.r_brk;
430 ret->r_state = rd.r_state;
431 ret->r_ldbase = rd.r_ldbase;
437 rdebug_fetcher(struct process *proc))(struct process *,
438 arch_addr_t, struct lt_r_debug_64 *)
440 return select_32_64(proc, fetch_rd32, fetch_rd64);
444 fetch_auxv64_entry(int fd, Elf64_auxv_t *ret)
446 /* Reaching EOF is as much problem as not reading whole
448 return read(fd, ret, sizeof(*ret)) == sizeof(*ret) ? 0 : -1;
452 fetch_auxv32_entry(int fd, Elf64_auxv_t *ret)
455 if (read(fd, &auxv, sizeof(auxv)) != sizeof(auxv))
458 ret->a_type = auxv.a_type;
459 ret->a_un.a_val = auxv.a_un.a_val;
464 auxv_fetcher(struct process *proc))(int, Elf64_auxv_t *)
466 return select_32_64(proc, fetch_auxv32_entry, fetch_auxv64_entry);
470 crawl_linkmap(struct process *proc, struct lt_r_debug_64 *dbg)
472 debug (DEBUG_FUNCTION, "crawl_linkmap()");
474 if (!dbg || !dbg->r_map) {
475 debug(2, "Debug structure or it's linkmap are NULL!");
479 /* XXX The double cast should be removed when
480 * arch_addr_t becomes integral type. */
481 arch_addr_t addr = (arch_addr_t)(uintptr_t)dbg->r_map;
484 struct lt_link_map_64 rlm = {};
485 if (lm_fetcher(proc)(proc, addr, &rlm) < 0) {
486 debug(2, "Unable to read link map");
490 arch_addr_t key = addr;
491 /* XXX The double cast should be removed when
492 * arch_addr_t becomes integral type. */
493 addr = (arch_addr_t)(uintptr_t)rlm.l_next;
494 if (rlm.l_name == 0) {
495 debug(2, "Name of mapped library is NULL");
499 char lib_name[BUFSIZ];
500 /* XXX The double cast should be removed when
501 * arch_addr_t becomes integral type. */
502 umovebytes(proc, (arch_addr_t)(uintptr_t)rlm.l_name,
503 lib_name, sizeof(lib_name));
505 /* Library name can be an empty string, in which case
506 * the entry represents either the main binary, or a
507 * VDSO. Unfortunately we can't rely on that, as in
508 * recent glibc, that entry is initialized to VDSO
511 * It's not clear how to detect VDSO in this case. We
512 * can't assume that l_name of real DSOs will be
513 * either absolute or relative (for LD_LIBRARY_PATH=:
514 * it will be neither). We can't compare l_addr with
515 * AT_SYSINFO_EHDR either, as l_addr is bias (which
516 * also means it's not unique, and therefore useless
517 * for this). We could load VDSO from process image
518 * and at least compare actual SONAMEs. For now, this
519 * kludge is about the best that we can do. */
521 || strcmp(lib_name, "linux-vdso.so.1") == 0
522 || strcmp(lib_name, "linux-gate.so.1") == 0
523 || strcmp(lib_name, "linux-vdso32.so.1") == 0
524 || strcmp(lib_name, "linux-vdso64.so.1") == 0)
527 /* Do we have that library already? */
528 if (proc_each_library(proc, NULL, library_with_key_cb, &key))
531 struct library *lib = malloc(sizeof(*lib));
535 fprintf(stderr, "Couldn't load ELF object %s: %s\n",
536 lib_name, strerror(errno));
540 if (library_init(lib, LT_LIBTYPE_DSO) < 0)
543 if (ltelf_read_library(lib, proc, lib_name, rlm.l_addr) < 0) {
544 library_destroy(lib);
549 proc_add_library(proc, lib);
555 load_debug_struct(struct process *proc, struct lt_r_debug_64 *ret)
557 debug(DEBUG_FUNCTION, "load_debug_struct");
559 if (rdebug_fetcher(proc)(proc, proc->os.debug_addr, ret) < 0) {
560 debug(2, "This process does not have a debug structure!");
568 rdebug_bp_on_hit(struct breakpoint *bp, struct process *proc)
570 debug(DEBUG_FUNCTION, "arch_check_dbg");
572 struct lt_r_debug_64 rdbg;
573 if (load_debug_struct(proc, &rdbg) < 0) {
574 debug(2, "Unable to load debug structure!");
578 if (rdbg.r_state == RT_CONSISTENT) {
579 debug(2, "Linkmap is now consistent");
580 switch (proc->os.debug_state) {
582 debug(2, "Adding DSO to linkmap");
583 crawl_linkmap(proc, &rdbg);
586 debug(2, "Removing DSO from linkmap");
587 // XXX unload that library
590 debug(2, "Unexpected debug state!");
594 proc->os.debug_state = rdbg.r_state;
597 #ifndef ARCH_HAVE_FIND_DL_DEBUG
599 arch_find_dl_debug(struct process *proc, arch_addr_t dyn_addr,
602 return proc_find_dynamic_entry_addr(proc, dyn_addr, DT_DEBUG, ret);
607 linkmap_init(struct process *proc, arch_addr_t dyn_addr)
609 debug(DEBUG_FUNCTION, "linkmap_init(%d, dyn_addr=%p)", proc->pid, dyn_addr);
611 if (arch_find_dl_debug(proc, dyn_addr, &proc->os.debug_addr) == -1) {
612 debug(2, "Couldn't find debug structure!");
617 struct lt_r_debug_64 rdbg;
618 if ((status = load_debug_struct(proc, &rdbg)) < 0) {
619 debug(2, "No debug structure or no memory to allocate one!");
623 crawl_linkmap(proc, &rdbg);
625 /* XXX The double cast should be removed when
626 * arch_addr_t becomes integral type. */
627 arch_addr_t addr = (arch_addr_t)(uintptr_t)rdbg.r_brk;
628 if (arch_translate_address_dyn(proc, addr, &addr) < 0)
631 struct breakpoint *rdebug_bp = insert_breakpoint_at(proc, addr, NULL);
632 if (rdebug_bp == NULL) {
633 /* This is not fatal, the tracing can continue with
634 * reduced functionality. */
636 "Couldn't insert _r_debug breakpoint to %d: %s.\n"
637 "As a result of that, ltrace will not be able to "
638 "detect and trace\nnewly-loaded libraries.\n",
639 proc->pid, strerror(errno));
641 static struct bp_callbacks rdebug_callbacks = {
642 .on_hit = rdebug_bp_on_hit,
644 rdebug_bp->cbs = &rdebug_callbacks;
651 task_kill (pid_t pid, int sig)
657 ret = syscall (__NR_tkill, pid, sig);
662 process_removed(struct process *proc)
664 delete_events_for(proc);
668 process_get_entry(struct process *proc,
670 arch_addr_t *interp_biasp)
672 PROC_PID_FILE(fn, "/proc/%d/auxv", proc->pid);
673 int fd = open(fn, O_RDONLY);
677 fprintf(stderr, "couldn't read %s: %s", fn, strerror(errno));
685 arch_addr_t at_entry = 0;
686 arch_addr_t at_bias = 0;
688 Elf64_auxv_t entry = {};
689 if (auxv_fetcher(proc)(fd, &entry) < 0)
692 switch (entry.a_type) {
694 /* XXX The double cast should be removed when
695 * arch_addr_t becomes integral type. */
696 at_bias = (arch_addr_t)(uintptr_t)entry.a_un.a_val;
700 /* XXX The double cast should be removed when
701 * arch_addr_t becomes integral type. */
702 at_entry = (arch_addr_t)(uintptr_t)entry.a_un.a_val;
714 if (interp_biasp != NULL)
715 *interp_biasp = at_bias;
720 os_process_init(struct process *proc)
722 proc->os.debug_addr = 0;
723 proc->os.debug_state = 0;
728 os_process_destroy(struct process *proc)
733 os_process_clone(struct process *retp, struct process *proc)
740 os_process_exec(struct process *proc)
projects / platform / upstream / ltrace.git / blob