proc.c revision efd12cfb10ccd2c612838c0e22069554ce60637c
1/* 2 * This file is part of ltrace. 3 * Copyright (C) 2011,2012 Petr Machata, Red Hat Inc. 4 * Copyright (C) 2010 Zachary T Welch, CodeSourcery 5 * Copyright (C) 2010 Joe Damato 6 * Copyright (C) 1998,2008,2009 Juan Cespedes 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License as 10 * published by the Free Software Foundation; either version 2 of the 11 * License, or (at your option) any later version. 12 * 13 * This program is distributed in the hope that it will be useful, but 14 * WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 16 * General Public License for more details. 17 * 18 * You should have received a copy of the GNU General Public License 19 * along with this program; if not, write to the Free Software 20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 21 * 02110-1301 USA 22 */ 23 24#define _GNU_SOURCE /* For getline. */ 25#include "config.h" 26 27#include <sys/stat.h> 28#include <sys/syscall.h> 29#include <sys/types.h> 30#include <ctype.h> 31#include <dirent.h> 32#include <errno.h> 33#include <fcntl.h> 34#include <inttypes.h> 35#include <link.h> 36#include <signal.h> 37#include <stdio.h> 38#include <stdlib.h> 39#include <string.h> 40#include <unistd.h> 41 42#include "backend.h" 43#include "breakpoint.h" 44#include "config.h" 45#include "debug.h" 46#include "events.h" 47#include "library.h" 48#include "ltrace-elf.h" 49#include "proc.h" 50 51/* /proc/pid doesn't exist just after the fork, and sometimes `ltrace' 52 * couldn't open it to find the executable. So it may be necessary to 53 * have a bit delay 54 */ 55 56#define MAX_DELAY 100000 /* 100000 microseconds = 0.1 seconds */ 57 58#define PROC_PID_FILE(VAR, FORMAT, PID) \ 59 char VAR[strlen(FORMAT) + 6]; \ 60 sprintf(VAR, FORMAT, PID) 61 62/* 63 * Returns a (malloc'd) file name corresponding to a running pid 64 */ 65char * 66pid2name(pid_t pid) { 67 if (!kill(pid, 0)) { 68 int delay = 0; 69 70 PROC_PID_FILE(proc_exe, "/proc/%d/exe", pid); 71 72 while (delay < MAX_DELAY) { 73 if (!access(proc_exe, F_OK)) { 74 return strdup(proc_exe); 75 } 76 delay += 1000; /* 1 milisecond */ 77 } 78 } 79 return NULL; 80} 81 82static FILE * 83open_status_file(pid_t pid) 84{ 85 PROC_PID_FILE(fn, "/proc/%d/status", pid); 86 /* Don't complain if we fail. This would typically happen 87 when the process is about to terminate, and these files are 88 not available anymore. This function is called from the 89 event loop, and we don't want to clutter the output just 90 because the process terminates. */ 91 return fopen(fn, "r"); 92} 93 94static char * 95find_line_starting(FILE * file, const char * prefix, size_t len) 96{ 97 char * line = NULL; 98 size_t line_len = 0; 99 while (!feof(file)) { 100 if (getline(&line, &line_len, file) < 0) 101 return NULL; 102 if (strncmp(line, prefix, len) == 0) 103 return line; 104 } 105 return NULL; 106} 107 108static void 109each_line_starting(FILE *file, const char *prefix, 110 enum callback_status (*cb)(const char *line, 111 const char *prefix, 112 void *data), 113 void *data) 114{ 115 size_t len = strlen(prefix); 116 char * line; 117 while ((line = find_line_starting(file, prefix, len)) != NULL) { 118 enum callback_status st = (*cb)(line, prefix, data); 119 free(line); 120 if (st == CBS_STOP) 121 return; 122 } 123} 124 125static enum callback_status 126process_leader_cb(const char *line, const char *prefix, void *data) 127{ 128 pid_t * pidp = data; 129 *pidp = atoi(line + strlen(prefix)); 130 return CBS_STOP; 131} 132 133pid_t 134process_leader(pid_t pid) 135{ 136 pid_t tgid = 0; 137 FILE * file = open_status_file(pid); 138 if (file != NULL) { 139 each_line_starting(file, "Tgid:\t", &process_leader_cb, &tgid); 140 fclose(file); 141 } 142 143 return tgid; 144} 145 146static enum callback_status 147process_stopped_cb(const char *line, const char *prefix, void *data) 148{ 149 char c = line[strlen(prefix)]; 150 // t:tracing stop, T:job control stop 151 *(int *)data = (c == 't' || c == 'T'); 152 return CBS_STOP; 153} 154 155int 156process_stopped(pid_t pid) 157{ 158 int is_stopped = -1; 159 FILE * file = open_status_file(pid); 160 if (file != NULL) { 161 each_line_starting(file, "State:\t", &process_stopped_cb, 162 &is_stopped); 163 fclose(file); 164 } 165 return is_stopped; 166} 167 168static enum callback_status 169process_status_cb(const char *line, const char *prefix, void *data) 170{ 171 const char * status = line + strlen(prefix); 172 const char c = *status; 173 174#define RETURN(C) do { \ 175 *(enum process_status *)data = C; \ 176 return CBS_STOP; \ 177 } while (0) 178 179 switch (c) { 180 case 'Z': RETURN(PS_ZOMBIE); 181 case 't': RETURN(PS_TRACING_STOP); 182 case 'T': 183 /* This can be either "T (stopped)" or, for older 184 * kernels, "T (tracing stop)". */ 185 if (!strcmp(status, "T (stopped)\n")) 186 RETURN(PS_STOP); 187 else if (!strcmp(status, "T (tracing stop)\n")) 188 RETURN(PS_TRACING_STOP); 189 else { 190 fprintf(stderr, "Unknown process status: %s", 191 status); 192 RETURN(PS_STOP); /* Some sort of stop 193 * anyway. */ 194 } 195 case 'D': 196 case 'S': RETURN(PS_SLEEPING); 197 } 198 199 RETURN(PS_OTHER); 200#undef RETURN 201} 202 203enum process_status 204process_status(pid_t pid) 205{ 206 enum process_status ret = PS_INVALID; 207 FILE * file = open_status_file(pid); 208 if (file != NULL) { 209 each_line_starting(file, "State:\t", &process_status_cb, &ret); 210 fclose(file); 211 if (ret == PS_INVALID) 212 fprintf(stderr, "process_status %d: %s", pid, 213 strerror(errno)); 214 } else { 215 /* If the file is not present, the process presumably 216 * exited already. */ 217 ret = PS_ZOMBIE; 218 } 219 220 return ret; 221} 222 223static int 224all_digits(const char *str) 225{ 226 while (isdigit(*str)) 227 str++; 228 return !*str; 229} 230 231int 232process_tasks(pid_t pid, pid_t **ret_tasks, size_t *ret_n) 233{ 234 PROC_PID_FILE(fn, "/proc/%d/task", pid); 235 DIR * d = opendir(fn); 236 if (d == NULL) 237 return -1; 238 239 pid_t *tasks = NULL; 240 size_t n = 0; 241 size_t alloc = 0; 242 243 while (1) { 244 struct dirent entry; 245 struct dirent *result; 246 if (readdir_r(d, &entry, &result) != 0) { 247 free(tasks); 248 return -1; 249 } 250 if (result == NULL) 251 break; 252 if (result->d_type == DT_DIR && all_digits(result->d_name)) { 253 pid_t npid = atoi(result->d_name); 254 if (n >= alloc) { 255 alloc = alloc > 0 ? (2 * alloc) : 8; 256 pid_t *ntasks = realloc(tasks, 257 sizeof(*tasks) * alloc); 258 if (ntasks == NULL) { 259 free(tasks); 260 return -1; 261 } 262 tasks = ntasks; 263 } 264 if (n >= alloc) 265 abort(); 266 tasks[n++] = npid; 267 } 268 } 269 270 closedir(d); 271 272 *ret_tasks = tasks; 273 *ret_n = n; 274 return 0; 275} 276 277/* On native 64-bit system, we need to be careful when handling cross 278 * tracing. This select appropriate pointer depending on host and 279 * target architectures. XXX Really we should abstract this into the 280 * ABI object, as theorized about somewhere on pmachata/revamp 281 * branch. */ 282static void * 283select_32_64(struct process *proc, void *p32, void *p64) 284{ 285 if (sizeof(long) == 4 || proc->mask_32bit) 286 return p32; 287 else 288 return p64; 289} 290 291static int 292fetch_dyn64(struct process *proc, arch_addr_t *addr, Elf64_Dyn *ret) 293{ 294 if (umovebytes(proc, *addr, ret, sizeof(*ret)) != sizeof(*ret)) 295 return -1; 296 *addr += sizeof(*ret); 297 return 0; 298} 299 300static int 301fetch_dyn32(struct process *proc, arch_addr_t *addr, Elf64_Dyn *ret) 302{ 303 Elf32_Dyn dyn; 304 if (umovebytes(proc, *addr, &dyn, sizeof(dyn)) != sizeof(dyn)) 305 return -1; 306 307 *addr += sizeof(dyn); 308 ret->d_tag = dyn.d_tag; 309 ret->d_un.d_val = dyn.d_un.d_val; 310 311 return 0; 312} 313 314static int (* 315dyn_fetcher(struct process *proc))(struct process *, 316 arch_addr_t *, Elf64_Dyn *) 317{ 318 return select_32_64(proc, fetch_dyn32, fetch_dyn64); 319} 320 321int 322proc_find_dynamic_entry_addr(struct process *proc, arch_addr_t src_addr, 323 int d_tag, arch_addr_t *ret) 324{ 325 debug(DEBUG_FUNCTION, "find_dynamic_entry()"); 326 327 if (ret == NULL || src_addr == 0 || d_tag < 0) 328 return -1; 329 330 int i = 0; 331 while (1) { 332 Elf64_Dyn entry; 333 if (dyn_fetcher(proc)(proc, &src_addr, &entry) < 0 334 || entry.d_tag == DT_NULL 335 || i++ > 100) { /* Arbitrary cut-off so that we 336 * don't loop forever if the 337 * binary is corrupted. */ 338 debug(2, "Couldn't find address for dtag!"); 339 return -1; 340 } 341 342 if (entry.d_tag == d_tag) { 343 /* XXX The double cast should be removed when 344 * arch_addr_t becomes integral type. */ 345 *ret = (arch_addr_t)(uintptr_t)entry.d_un.d_val; 346 debug(2, "found address: %p in dtag %d", *ret, d_tag); 347 return 0; 348 } 349 } 350} 351 352/* Our own type for representing 32-bit linkmap. We can't rely on the 353 * definition in link.h, because that's only accurate for our host 354 * architecture, not for target architecture (where the traced process 355 * runs). */ 356#define LT_LINK_MAP(BITS) \ 357 { \ 358 Elf##BITS##_Addr l_addr; \ 359 Elf##BITS##_Addr l_name; \ 360 Elf##BITS##_Addr l_ld; \ 361 Elf##BITS##_Addr l_next; \ 362 Elf##BITS##_Addr l_prev; \ 363 } 364struct lt_link_map_32 LT_LINK_MAP(32); 365struct lt_link_map_64 LT_LINK_MAP(64); 366 367static int 368fetch_lm64(struct process *proc, arch_addr_t addr, 369 struct lt_link_map_64 *ret) 370{ 371 if (umovebytes(proc, addr, ret, sizeof(*ret)) != sizeof(*ret)) 372 return -1; 373 return 0; 374} 375 376static int 377fetch_lm32(struct process *proc, arch_addr_t addr, 378 struct lt_link_map_64 *ret) 379{ 380 struct lt_link_map_32 lm; 381 if (umovebytes(proc, addr, &lm, sizeof(lm)) != sizeof(lm)) 382 return -1; 383 384 ret->l_addr = lm.l_addr; 385 ret->l_name = lm.l_name; 386 ret->l_ld = lm.l_ld; 387 ret->l_next = lm.l_next; 388 ret->l_prev = lm.l_prev; 389 390 return 0; 391} 392 393static int (* 394lm_fetcher(struct process *proc))(struct process *, 395 arch_addr_t, struct lt_link_map_64 *) 396{ 397 return select_32_64(proc, fetch_lm32, fetch_lm64); 398} 399 400/* The same as above holds for struct r_debug. */ 401#define LT_R_DEBUG(BITS) \ 402 { \ 403 int r_version; \ 404 Elf##BITS##_Addr r_map; \ 405 Elf##BITS##_Addr r_brk; \ 406 int r_state; \ 407 Elf##BITS##_Addr r_ldbase; \ 408 } 409 410struct lt_r_debug_32 LT_R_DEBUG(32); 411struct lt_r_debug_64 LT_R_DEBUG(64); 412 413static int 414fetch_rd64(struct process *proc, arch_addr_t addr, 415 struct lt_r_debug_64 *ret) 416{ 417 if (umovebytes(proc, addr, ret, sizeof(*ret)) != sizeof(*ret)) 418 return -1; 419 return 0; 420} 421 422static int 423fetch_rd32(struct process *proc, arch_addr_t addr, 424 struct lt_r_debug_64 *ret) 425{ 426 struct lt_r_debug_32 rd; 427 if (umovebytes(proc, addr, &rd, sizeof(rd)) != sizeof(rd)) 428 return -1; 429 430 ret->r_version = rd.r_version; 431 ret->r_map = rd.r_map; 432 ret->r_brk = rd.r_brk; 433 ret->r_state = rd.r_state; 434 ret->r_ldbase = rd.r_ldbase; 435 436 return 0; 437} 438 439static int (* 440rdebug_fetcher(struct process *proc))(struct process *, 441 arch_addr_t, struct lt_r_debug_64 *) 442{ 443 return select_32_64(proc, fetch_rd32, fetch_rd64); 444} 445 446static int 447fetch_auxv64_entry(int fd, Elf64_auxv_t *ret) 448{ 449 /* Reaching EOF is as much problem as not reading whole 450 * entry. */ 451 return read(fd, ret, sizeof(*ret)) == sizeof(*ret) ? 0 : -1; 452} 453 454static int 455fetch_auxv32_entry(int fd, Elf64_auxv_t *ret) 456{ 457 Elf32_auxv_t auxv; 458 if (read(fd, &auxv, sizeof(auxv)) != sizeof(auxv)) 459 return -1; 460 461 ret->a_type = auxv.a_type; 462 ret->a_un.a_val = auxv.a_un.a_val; 463 return 0; 464} 465 466static int (* 467auxv_fetcher(struct process *proc))(int, Elf64_auxv_t *) 468{ 469 return select_32_64(proc, fetch_auxv32_entry, fetch_auxv64_entry); 470} 471 472static void 473crawl_linkmap(struct process *proc, struct lt_r_debug_64 *dbg) 474{ 475 debug (DEBUG_FUNCTION, "crawl_linkmap()"); 476 477 if (!dbg || !dbg->r_map) { 478 debug(2, "Debug structure or it's linkmap are NULL!"); 479 return; 480 } 481 482 /* XXX The double cast should be removed when 483 * arch_addr_t becomes integral type. */ 484 arch_addr_t addr = (arch_addr_t)(uintptr_t)dbg->r_map; 485 486 while (addr != 0) { 487 struct lt_link_map_64 rlm = {}; 488 if (lm_fetcher(proc)(proc, addr, &rlm) < 0) { 489 debug(2, "Unable to read link map"); 490 return; 491 } 492 493 arch_addr_t key = addr; 494 /* XXX The double cast should be removed when 495 * arch_addr_t becomes integral type. */ 496 addr = (arch_addr_t)(uintptr_t)rlm.l_next; 497 if (rlm.l_name == 0) { 498 debug(2, "Name of mapped library is NULL"); 499 return; 500 } 501 502 char lib_name[BUFSIZ]; 503 /* XXX The double cast should be removed when 504 * arch_addr_t becomes integral type. */ 505 umovebytes(proc, (arch_addr_t)(uintptr_t)rlm.l_name, 506 lib_name, sizeof(lib_name)); 507 508 /* Library name can be an empty string, in which case 509 * the entry represents either the main binary, or a 510 * VDSO. Unfortunately we can't rely on that, as in 511 * recent glibc, that entry is initialized to VDSO 512 * SONAME. 513 * 514 * It's not clear how to detect VDSO in this case. We 515 * can't assume that l_name of real DSOs will be 516 * either absolute or relative (for LD_LIBRARY_PATH=: 517 * it will be neither). We can't compare l_addr with 518 * AT_SYSINFO_EHDR either, as l_addr is bias (which 519 * also means it's not unique, and therefore useless 520 * for this). We could load VDSO from process image 521 * and at least compare actual SONAMEs. For now, this 522 * kludge is about the best that we can do. */ 523 if (*lib_name == 0 524 || strcmp(lib_name, "linux-vdso.so.1") == 0 525 || strcmp(lib_name, "linux-gate.so.1") == 0 526 || strcmp(lib_name, "linux-vdso32.so.1") == 0 527 || strcmp(lib_name, "linux-vdso64.so.1") == 0) 528 continue; 529 530 /* Do we have that library already? */ 531 if (proc_each_library(proc, NULL, library_with_key_cb, &key)) 532 continue; 533 534 struct library *lib = malloc(sizeof(*lib)); 535 if (lib == NULL) { 536 fail: 537 if (lib != NULL) 538 library_destroy(lib); 539 fprintf(stderr, "Couldn't load ELF object %s: %s\n", 540 lib_name, strerror(errno)); 541 continue; 542 } 543 library_init(lib, LT_LIBTYPE_DSO); 544 545 if (ltelf_read_library(lib, proc, lib_name, rlm.l_addr) < 0) 546 goto fail; 547 548 lib->key = key; 549 proc_add_library(proc, lib); 550 } 551 return; 552} 553 554static int 555load_debug_struct(struct process *proc, struct lt_r_debug_64 *ret) 556{ 557 debug(DEBUG_FUNCTION, "load_debug_struct"); 558 559 if (rdebug_fetcher(proc)(proc, proc->os.debug_addr, ret) < 0) { 560 debug(2, "This process does not have a debug structure!"); 561 return -1; 562 } 563 564 return 0; 565} 566 567static void 568rdebug_bp_on_hit(struct breakpoint *bp, struct process *proc) 569{ 570 debug(DEBUG_FUNCTION, "arch_check_dbg"); 571 572 struct lt_r_debug_64 rdbg; 573 if (load_debug_struct(proc, &rdbg) < 0) { 574 debug(2, "Unable to load debug structure!"); 575 return; 576 } 577 578 if (rdbg.r_state == RT_CONSISTENT) { 579 debug(2, "Linkmap is now consistent"); 580 switch (proc->os.debug_state) { 581 case RT_ADD: 582 debug(2, "Adding DSO to linkmap"); 583 crawl_linkmap(proc, &rdbg); 584 break; 585 case RT_DELETE: 586 debug(2, "Removing DSO from linkmap"); 587 // XXX unload that library 588 break; 589 default: 590 debug(2, "Unexpected debug state!"); 591 } 592 } 593 594 proc->os.debug_state = rdbg.r_state; 595} 596 597#ifndef ARCH_HAVE_FIND_DL_DEBUG 598int 599arch_find_dl_debug(struct process *proc, arch_addr_t dyn_addr, 600 arch_addr_t *ret) 601{ 602 return proc_find_dynamic_entry_addr(proc, dyn_addr, DT_DEBUG, ret); 603} 604#endif 605 606int 607linkmap_init(struct process *proc, arch_addr_t dyn_addr) 608{ 609 debug(DEBUG_FUNCTION, "linkmap_init(%d, dyn_addr=%p)", proc->pid, dyn_addr); 610 611 if (arch_find_dl_debug(proc, dyn_addr, &proc->os.debug_addr) == -1) { 612 debug(2, "Couldn't find debug structure!"); 613 return -1; 614 } 615 616 int status; 617 struct lt_r_debug_64 rdbg; 618 if ((status = load_debug_struct(proc, &rdbg)) < 0) { 619 debug(2, "No debug structure or no memory to allocate one!"); 620 return status; 621 } 622 623 /* XXX The double cast should be removed when 624 * arch_addr_t becomes integral type. */ 625 arch_addr_t addr = (arch_addr_t)(uintptr_t)rdbg.r_brk; 626 if (arch_translate_address_dyn(proc, addr, &addr) < 0) 627 return -1; 628 629 struct breakpoint *rdebug_bp = insert_breakpoint(proc, addr, NULL); 630 static struct bp_callbacks rdebug_callbacks = { 631 .on_hit = rdebug_bp_on_hit, 632 }; 633 rdebug_bp->cbs = &rdebug_callbacks; 634 635 crawl_linkmap(proc, &rdbg); 636 637 return 0; 638} 639 640int 641task_kill (pid_t pid, int sig) 642{ 643 // Taken from GDB 644 int ret; 645 646 errno = 0; 647 ret = syscall (__NR_tkill, pid, sig); 648 return ret; 649} 650 651void 652process_removed(struct process *proc) 653{ 654 delete_events_for(proc); 655} 656 657int 658process_get_entry(struct process *proc, 659 arch_addr_t *entryp, 660 arch_addr_t *interp_biasp) 661{ 662 PROC_PID_FILE(fn, "/proc/%d/auxv", proc->pid); 663 int fd = open(fn, O_RDONLY); 664 int ret = 0; 665 if (fd == -1) { 666 fail: 667 fprintf(stderr, "couldn't read %s: %s", fn, strerror(errno)); 668 ret = -1; 669 done: 670 if (fd != -1) 671 close(fd); 672 return ret; 673 } 674 675 arch_addr_t at_entry = 0; 676 arch_addr_t at_bias = 0; 677 while (1) { 678 Elf64_auxv_t entry = {}; 679 if (auxv_fetcher(proc)(fd, &entry) < 0) 680 goto fail; 681 682 switch (entry.a_type) { 683 case AT_BASE: 684 /* XXX The double cast should be removed when 685 * arch_addr_t becomes integral type. */ 686 at_bias = (arch_addr_t)(uintptr_t)entry.a_un.a_val; 687 continue; 688 689 case AT_ENTRY: 690 /* XXX The double cast should be removed when 691 * arch_addr_t becomes integral type. */ 692 at_entry = (arch_addr_t)(uintptr_t)entry.a_un.a_val; 693 default: 694 continue; 695 696 case AT_NULL: 697 break; 698 } 699 break; 700 } 701 702 if (entryp != NULL) 703 *entryp = at_entry; 704 if (interp_biasp != NULL) 705 *interp_biasp = at_bias; 706 goto done; 707} 708 709int 710os_process_init(struct process *proc) 711{ 712 proc->os.debug_addr = 0; 713 proc->os.debug_state = 0; 714 return 0; 715} 716 717void 718os_process_destroy(struct process *proc) 719{ 720} 721 722int 723os_process_clone(struct process *retp, struct process *proc) 724{ 725 retp->os = proc->os; 726 return 0; 727} 728 729int 730os_process_exec(struct process *proc) 731{ 732 return 0; 733} 734