proc.c revision ea8eb9a606096fd072abe104b4239f67883ad39a
1#define _GNU_SOURCE /* For getline. */ 2#include "config.h" 3 4#include <sys/types.h> 5#include <sys/stat.h> 6#include <fcntl.h> 7#include <inttypes.h> 8#include <link.h> 9#include <stdio.h> 10#include <string.h> 11#include <signal.h> 12#include <unistd.h> 13#include <dirent.h> 14#include <ctype.h> 15#include <errno.h> 16#include <sys/syscall.h> 17#include <error.h> 18 19#include "common.h" 20#include "breakpoint.h" 21#include "proc.h" 22#include "library.h" 23 24/* /proc/pid doesn't exist just after the fork, and sometimes `ltrace' 25 * couldn't open it to find the executable. So it may be necessary to 26 * have a bit delay 27 */ 28 29#define MAX_DELAY 100000 /* 100000 microseconds = 0.1 seconds */ 30 31#define PROC_PID_FILE(VAR, FORMAT, PID) \ 32 char VAR[strlen(FORMAT) + 6]; \ 33 sprintf(VAR, FORMAT, PID) 34 35/* 36 * Returns a (malloc'd) file name corresponding to a running pid 37 */ 38char * 39pid2name(pid_t pid) { 40 if (!kill(pid, 0)) { 41 int delay = 0; 42 43 PROC_PID_FILE(proc_exe, "/proc/%d/exe", pid); 44 45 while (delay < MAX_DELAY) { 46 if (!access(proc_exe, F_OK)) { 47 return strdup(proc_exe); 48 } 49 delay += 1000; /* 1 milisecond */ 50 } 51 } 52 return NULL; 53} 54 55static FILE * 56open_status_file(pid_t pid) 57{ 58 PROC_PID_FILE(fn, "/proc/%d/status", pid); 59 /* Don't complain if we fail. This would typically happen 60 when the process is about to terminate, and these files are 61 not available anymore. This function is called from the 62 event loop, and we don't want to clutter the output just 63 because the process terminates. */ 64 return fopen(fn, "r"); 65} 66 67static char * 68find_line_starting(FILE * file, const char * prefix, size_t len) 69{ 70 char * line = NULL; 71 size_t line_len = 0; 72 while (!feof(file)) { 73 if (getline(&line, &line_len, file) < 0) 74 return NULL; 75 if (strncmp(line, prefix, len) == 0) 76 return line; 77 } 78 return NULL; 79} 80 81static void 82each_line_starting(FILE *file, const char *prefix, 83 enum callback_status (*cb)(const char *line, 84 const char *prefix, 85 void *data), 86 void *data) 87{ 88 size_t len = strlen(prefix); 89 char * line; 90 while ((line = find_line_starting(file, prefix, len)) != NULL) { 91 enum callback_status st = (*cb)(line, prefix, data); 92 free (line); 93 if (st == CBS_STOP) 94 return; 95 } 96} 97 98static enum callback_status 99process_leader_cb(const char *line, const char *prefix, void *data) 100{ 101 pid_t * pidp = data; 102 *pidp = atoi(line + strlen(prefix)); 103 return CBS_STOP; 104} 105 106pid_t 107process_leader(pid_t pid) 108{ 109 pid_t tgid = 0; 110 FILE * file = open_status_file(pid); 111 if (file != NULL) { 112 each_line_starting(file, "Tgid:\t", &process_leader_cb, &tgid); 113 fclose(file); 114 } 115 116 return tgid; 117} 118 119static enum callback_status 120process_stopped_cb(const char *line, const char *prefix, void *data) 121{ 122 char c = line[strlen(prefix)]; 123 // t:tracing stop, T:job control stop 124 *(int *)data = (c == 't' || c == 'T'); 125 return CBS_STOP; 126} 127 128int 129process_stopped(pid_t pid) 130{ 131 int is_stopped = -1; 132 FILE * file = open_status_file(pid); 133 if (file != NULL) { 134 each_line_starting(file, "State:\t", &process_stopped_cb, 135 &is_stopped); 136 fclose(file); 137 } 138 return is_stopped; 139} 140 141static enum callback_status 142process_status_cb(const char *line, const char *prefix, void *data) 143{ 144 const char * status = line + strlen(prefix); 145 const char c = *status; 146 147#define RETURN(C) do { \ 148 *(enum process_status *)data = C; \ 149 return CBS_STOP; \ 150 } while (0) 151 152 switch (c) { 153 case 'Z': RETURN(ps_zombie); 154 case 't': RETURN(ps_tracing_stop); 155 case 'T': 156 /* This can be either "T (stopped)" or, for older 157 * kernels, "T (tracing stop)". */ 158 if (!strcmp(status, "T (stopped)\n")) 159 RETURN(ps_stop); 160 else if (!strcmp(status, "T (tracing stop)\n")) 161 RETURN(ps_tracing_stop); 162 else { 163 fprintf(stderr, "Unknown process status: %s", 164 status); 165 RETURN(ps_stop); /* Some sort of stop 166 * anyway. */ 167 } 168 case 'D': 169 case 'S': RETURN(ps_sleeping); 170 } 171 172 RETURN(ps_other); 173#undef RETURN 174} 175 176enum process_status 177process_status(pid_t pid) 178{ 179 enum process_status ret = ps_invalid; 180 FILE * file = open_status_file(pid); 181 if (file != NULL) { 182 each_line_starting(file, "State:\t", &process_status_cb, &ret); 183 fclose(file); 184 if (ret == ps_invalid) 185 error(0, errno, "process_status %d", pid); 186 } else 187 /* If the file is not present, the process presumably 188 * exited already. */ 189 ret = ps_zombie; 190 191 return ret; 192} 193 194static int 195all_digits(const char *str) 196{ 197 while (isdigit(*str)) 198 str++; 199 return !*str; 200} 201 202int 203process_tasks(pid_t pid, pid_t **ret_tasks, size_t *ret_n) 204{ 205 PROC_PID_FILE(fn, "/proc/%d/task", pid); 206 DIR * d = opendir(fn); 207 if (d == NULL) 208 return -1; 209 210 pid_t *tasks = NULL; 211 size_t n = 0; 212 size_t alloc = 0; 213 214 while (1) { 215 struct dirent entry; 216 struct dirent *result; 217 if (readdir_r(d, &entry, &result) != 0) { 218 free(tasks); 219 return -1; 220 } 221 if (result == NULL) 222 break; 223 if (result->d_type == DT_DIR && all_digits(result->d_name)) { 224 pid_t npid = atoi(result->d_name); 225 if (n >= alloc) { 226 alloc = alloc > 0 ? (2 * alloc) : 8; 227 pid_t *ntasks = realloc(tasks, 228 sizeof(*tasks) * alloc); 229 if (ntasks == NULL) { 230 free(tasks); 231 return -1; 232 } 233 tasks = ntasks; 234 } 235 if (n >= alloc) 236 abort(); 237 tasks[n++] = npid; 238 } 239 } 240 241 closedir(d); 242 243 *ret_tasks = tasks; 244 *ret_n = n; 245 return 0; 246} 247 248/* On native 64-bit system, we need to be careful when handling cross 249 * tracing. This select appropriate pointer depending on host and 250 * target architectures. XXX Really we should abstract this into the 251 * ABI object, as theorized about somewhere on pmachata/revamp 252 * branch. */ 253static void * 254select_32_64(struct Process *proc, void *p32, void *p64) 255{ 256 if (sizeof(long) == 4 || proc->mask_32bit) 257 return p32; 258 else 259 return p64; 260} 261 262static int 263fetch_dyn64(struct Process *proc, target_address_t *addr, Elf64_Dyn *ret) 264{ 265 if (umovebytes(proc, *addr, ret, sizeof(*ret)) != sizeof(*ret)) 266 return -1; 267 *addr += sizeof(*ret); 268 return 0; 269} 270 271static int 272fetch_dyn32(struct Process *proc, target_address_t *addr, Elf64_Dyn *ret) 273{ 274 Elf32_Dyn dyn; 275 if (umovebytes(proc, *addr, &dyn, sizeof(dyn)) != sizeof(dyn)) 276 return -1; 277 278 *addr += sizeof(dyn); 279 ret->d_tag = dyn.d_tag; 280 ret->d_un.d_val = dyn.d_un.d_val; 281 282 return 0; 283} 284 285static int (* 286dyn_fetcher(struct Process *proc))(struct Process *, 287 target_address_t *, Elf64_Dyn *) 288{ 289 return select_32_64(proc, fetch_dyn32, fetch_dyn64); 290} 291 292static int 293find_dynamic_entry_addr(struct Process *proc, target_address_t src_addr, 294 int d_tag, target_address_t *ret) 295{ 296 debug(DEBUG_FUNCTION, "find_dynamic_entry()"); 297 298 if (ret == NULL || src_addr == 0 || d_tag < 0 || d_tag > DT_NUM) 299 return -1; 300 301 int i = 0; 302 while (1) { 303 Elf64_Dyn entry; 304 if (dyn_fetcher(proc)(proc, &src_addr, &entry) < 0 305 || entry.d_tag == DT_NULL 306 || i++ > 100) { /* Arbitrary cut-off so that we 307 * don't loop forever if the 308 * binary is corrupted. */ 309 debug(2, "Couldn't find address for dtag!"); 310 return -1; 311 } 312 313 if (entry.d_tag == d_tag) { 314 /* XXX The double cast should be removed when 315 * target_address_t becomes integral type. */ 316 *ret = (target_address_t)(uintptr_t)entry.d_un.d_val; 317 debug(2, "found address: %p in dtag %d\n", *ret, d_tag); 318 return 0; 319 } 320 } 321} 322 323/* Our own type for representing 32-bit linkmap. We can't rely on the 324 * definition in link.h, because that's only accurate for our host 325 * architecture, not for target architecture (where the traced process 326 * runs). */ 327#define LT_LINK_MAP(BITS) \ 328 { \ 329 Elf##BITS##_Addr l_addr; \ 330 Elf##BITS##_Addr l_name; \ 331 Elf##BITS##_Addr l_ld; \ 332 Elf##BITS##_Addr l_next; \ 333 Elf##BITS##_Addr l_prev; \ 334 } 335struct lt_link_map_32 LT_LINK_MAP(32); 336struct lt_link_map_64 LT_LINK_MAP(64); 337 338static int 339fetch_lm64(struct Process *proc, target_address_t addr, 340 struct lt_link_map_64 *ret) 341{ 342 if (umovebytes(proc, addr, ret, sizeof(*ret)) != sizeof(*ret)) 343 return -1; 344 return 0; 345} 346 347static int 348fetch_lm32(struct Process *proc, target_address_t addr, 349 struct lt_link_map_64 *ret) 350{ 351 struct lt_link_map_32 lm; 352 if (umovebytes(proc, addr, &lm, sizeof(lm)) != sizeof(lm)) 353 return -1; 354 355 ret->l_addr = lm.l_addr; 356 ret->l_name = lm.l_name; 357 ret->l_ld = lm.l_ld; 358 ret->l_next = lm.l_next; 359 ret->l_prev = lm.l_prev; 360 361 return 0; 362} 363 364static int (* 365lm_fetcher(struct Process *proc))(struct Process *, 366 target_address_t, struct lt_link_map_64 *) 367{ 368 return select_32_64(proc, fetch_lm32, fetch_lm64); 369} 370 371/* The same as above holds for struct r_debug. */ 372#define LT_R_DEBUG(BITS) \ 373 { \ 374 int r_version; \ 375 Elf##BITS##_Addr r_map; \ 376 Elf##BITS##_Addr r_brk; \ 377 int r_state; \ 378 Elf##BITS##_Addr r_ldbase; \ 379 } 380 381struct lt_r_debug_32 LT_R_DEBUG(32); 382struct lt_r_debug_64 LT_R_DEBUG(64); 383 384static int 385fetch_rd64(struct Process *proc, target_address_t addr, 386 struct lt_r_debug_64 *ret) 387{ 388 if (umovebytes(proc, addr, ret, sizeof(*ret)) != sizeof(*ret)) 389 return -1; 390 return 0; 391} 392 393static int 394fetch_rd32(struct Process *proc, target_address_t addr, 395 struct lt_r_debug_64 *ret) 396{ 397 struct lt_r_debug_32 rd; 398 if (umovebytes(proc, addr, &rd, sizeof(rd)) != sizeof(rd)) 399 return -1; 400 401 ret->r_version = rd.r_version; 402 ret->r_map = rd.r_map; 403 ret->r_brk = rd.r_brk; 404 ret->r_state = rd.r_state; 405 ret->r_ldbase = rd.r_ldbase; 406 407 return 0; 408} 409 410static int (* 411rdebug_fetcher(struct Process *proc))(struct Process *, 412 target_address_t, struct lt_r_debug_64 *) 413{ 414 return select_32_64(proc, fetch_rd32, fetch_rd64); 415} 416 417static void 418crawl_linkmap(struct Process *proc, struct lt_r_debug_64 *dbg) 419{ 420 debug (DEBUG_FUNCTION, "crawl_linkmap()"); 421 422 if (!dbg || !dbg->r_map) { 423 debug(2, "Debug structure or it's linkmap are NULL!"); 424 return; 425 } 426 427 /* XXX The double cast should be removed when 428 * target_address_t becomes integral type. */ 429 target_address_t addr = (target_address_t)(uintptr_t)dbg->r_map; 430 431 while (addr != 0) { 432 struct lt_link_map_64 rlm; 433 if (lm_fetcher(proc)(proc, addr, &rlm) < 0) { 434 debug(2, "Unable to read link map"); 435 return; 436 } 437 438 target_address_t key = addr; 439 /* XXX The double cast should be removed when 440 * target_address_t becomes integral type. */ 441 addr = (target_address_t)(uintptr_t)rlm.l_next; 442 if (rlm.l_name == 0) { 443 debug(2, "Name of mapped library is NULL"); 444 return; 445 } 446 447 char lib_name[BUFSIZ]; 448 /* XXX The double cast should be removed when 449 * target_address_t becomes integral type. */ 450 umovebytes(proc, (target_address_t)(uintptr_t)rlm.l_name, 451 lib_name, sizeof(lib_name)); 452 453 if (*lib_name == '\0') { 454 /* VDSO. No associated file, XXX but we might 455 * load it from the address space of the 456 * process. */ 457 continue; 458 } 459 460 /* Do we have that library already? */ 461 if (proc_each_library(proc, NULL, library_with_key_cb, &key)) 462 continue; 463 464 struct library *lib = malloc(sizeof(*lib)); 465 if (lib == NULL) { 466 fail: 467 if (lib != NULL) 468 library_destroy(lib); 469 error(0, errno, "Couldn't load ELF object %s\n", 470 lib_name); 471 continue; 472 } 473 library_init(lib, LT_LIBTYPE_DSO); 474 475 if (ltelf_read_library(lib, proc, lib_name, rlm.l_addr) < 0) 476 goto fail; 477 478 lib->key = key; 479 proc_add_library(proc, lib); 480 } 481 return; 482} 483 484/* A struct stored at proc->debug. */ 485struct debug_struct 486{ 487 target_address_t debug_addr; 488 int state; 489}; 490 491static int 492load_debug_struct(struct Process *proc, struct lt_r_debug_64 *ret) 493{ 494 debug(DEBUG_FUNCTION, "load_debug_struct"); 495 496 struct debug_struct *debug = proc->debug; 497 498 if (rdebug_fetcher(proc)(proc, debug->debug_addr, ret) < 0) { 499 debug(2, "This process does not have a debug structure!\n"); 500 return -1; 501 } 502 503 return 0; 504} 505 506static void 507rdebug_bp_on_hit(struct breakpoint *bp, struct Process *proc) 508{ 509 debug(DEBUG_FUNCTION, "arch_check_dbg"); 510 511 struct lt_r_debug_64 rdbg; 512 if (load_debug_struct(proc, &rdbg) < 0) { 513 debug(2, "Unable to load debug structure!"); 514 return; 515 } 516 517 struct debug_struct *debug = proc->debug; 518 if (rdbg.r_state == RT_CONSISTENT) { 519 debug(2, "Linkmap is now consistent"); 520 if (debug->state == RT_ADD) { 521 debug(2, "Adding DSO to linkmap"); 522 //data.proc = proc; 523 crawl_linkmap(proc, &rdbg); 524 //&data); 525 } else if (debug->state == RT_DELETE) { 526 debug(2, "Removing DSO from linkmap"); 527 } else { 528 debug(2, "Unexpected debug state!"); 529 } 530 } 531 532 debug->state = rdbg.r_state; 533} 534 535int 536linkmap_init(struct Process *proc, target_address_t dyn_addr) 537{ 538 debug(DEBUG_FUNCTION, "linkmap_init()"); 539 540 struct debug_struct *debug = malloc(sizeof(*debug)); 541 if (debug == NULL) { 542 error(0, errno, "couldn't allocate debug struct"); 543 fail: 544 proc->debug = NULL; 545 free(debug); 546 return -1; 547 } 548 proc->debug = debug; 549 550 if (find_dynamic_entry_addr(proc, dyn_addr, DT_DEBUG, 551 &debug->debug_addr) == -1) { 552 debug(2, "Couldn't find debug structure!"); 553 goto fail; 554 } 555 556 int status; 557 struct lt_r_debug_64 rdbg; 558 if ((status = load_debug_struct(proc, &rdbg)) < 0) { 559 debug(2, "No debug structure or no memory to allocate one!"); 560 return status; 561 } 562 563 /* XXX The double cast should be removed when 564 * target_address_t becomes integral type. */ 565 target_address_t addr = (target_address_t)(uintptr_t)rdbg.r_brk; 566 if (arch_translate_address(proc, addr, &addr) < 0) 567 goto fail; 568 569 struct breakpoint *rdebug_bp = insert_breakpoint(proc, addr, NULL); 570 static struct bp_callbacks rdebug_callbacks = { 571 .on_hit = rdebug_bp_on_hit, 572 }; 573 rdebug_bp->cbs = &rdebug_callbacks; 574 575 crawl_linkmap(proc, &rdbg); 576 577 return 0; 578} 579 580static int 581fetch_auxv64_entry(int fd, Elf64_auxv_t *ret) 582{ 583 /* Reaching EOF is as much problem as not reading whole 584 * entry. */ 585 return read(fd, ret, sizeof(*ret)) == sizeof(*ret) ? 0 : -1; 586} 587 588static int 589fetch_auxv32_entry(int fd, Elf64_auxv_t *ret) 590{ 591 Elf32_auxv_t auxv; 592 if (read(fd, &auxv, sizeof(auxv)) != sizeof(auxv)) 593 return -1; 594 595 ret->a_type = auxv.a_type; 596 ret->a_un.a_val = auxv.a_un.a_val; 597 return 0; 598} 599 600static int (* 601auxv_fetcher(struct Process *proc))(int, Elf64_auxv_t *) 602{ 603 return select_32_64(proc, fetch_auxv32_entry, fetch_auxv64_entry); 604} 605 606int 607process_get_entry(struct Process *proc, 608 target_address_t *entryp, 609 target_address_t *interp_biasp) 610{ 611 PROC_PID_FILE(fn, "/proc/%d/auxv", proc->pid); 612 int fd = open(fn, O_RDONLY); 613 if (fd == -1) { 614 fail: 615 error(0, errno, "couldn't read %s", fn); 616 done: 617 if (fd != -1) 618 close(fd); 619 return fd == -1 ? -1 : 0; 620 } 621 622 target_address_t at_entry = 0; 623 target_address_t at_bias = 0; 624 while (1) { 625 Elf64_auxv_t entry; 626 if (auxv_fetcher(proc)(fd, &entry) < 0) 627 goto fail; 628 629 switch (entry.a_type) { 630 case AT_BASE: 631 /* XXX The double cast should be removed when 632 * target_address_t becomes integral type. */ 633 at_bias = (target_address_t) 634 (uintptr_t)entry.a_un.a_val; 635 continue; 636 637 case AT_ENTRY: 638 /* XXX The double cast should be removed when 639 * target_address_t becomes integral type. */ 640 at_entry = (target_address_t) 641 (uintptr_t)entry.a_un.a_val; 642 default: 643 continue; 644 645 case AT_NULL: 646 break; 647 } 648 break; 649 } 650 651 *entryp = at_entry; 652 *interp_biasp = at_bias; 653 goto done; 654} 655 656int 657task_kill (pid_t pid, int sig) 658{ 659 // Taken from GDB 660 int ret; 661 662 errno = 0; 663 ret = syscall (__NR_tkill, pid, sig); 664 return ret; 665} 666