1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 /* 26 * Copyright 2012 DEY Storage Systems, Inc. All rights reserved. 27 * Copyright (c) 2018, Joyent, Inc. All rights reserved. 28 * Copyright (c) 2013 by Delphix. All rights reserved. 29 * Copyright 2015 Gary Mills 30 * Copyright 2020 OmniOS Community Edition (OmniOSce) Association. 31 */ 32 33 #include <sys/types.h> 34 #include <sys/utsname.h> 35 #include <sys/sysmacros.h> 36 #include <sys/proc.h> 37 38 #include <alloca.h> 39 #include <rtld_db.h> 40 #include <libgen.h> 41 #include <limits.h> 42 #include <string.h> 43 #include <stdlib.h> 44 #include <unistd.h> 45 #include <errno.h> 46 #include <gelf.h> 47 #include <stddef.h> 48 #include <signal.h> 49 50 #include "libproc.h" 51 #include "Pcontrol.h" 52 #include "P32ton.h" 53 #include "Putil.h" 54 #include "proc_fd.h" 55 #ifdef __x86 56 #include "Pcore_linux.h" 57 #endif 58 59 /* 60 * Pcore.c - Code to initialize a ps_prochandle from a core dump. We 61 * allocate an additional structure to hold information from the core 62 * file, and attach this to the standard ps_prochandle in place of the 63 * ability to examine /proc/<pid>/ files. 64 */ 65 66 /* 67 * Basic i/o function for reading and writing from the process address space 68 * stored in the core file and associated shared libraries. We compute the 69 * appropriate fd and offsets, and let the provided prw function do the rest. 70 */ 71 static ssize_t 72 core_rw(struct ps_prochandle *P, void *buf, size_t n, uintptr_t addr, 73 ssize_t (*prw)(int, void *, size_t, off64_t)) 74 { 75 ssize_t resid = n; 76 77 while (resid != 0) { 78 map_info_t *mp = Paddr2mptr(P, addr); 79 80 uintptr_t mapoff; 81 ssize_t len; 82 off64_t off; 83 int fd; 84 85 if (mp == NULL) 86 break; /* No mapping for this address */ 87 88 if (mp->map_pmap.pr_mflags & MA_RESERVED1) { 89 if (mp->map_file == NULL || mp->map_file->file_fd < 0) 90 break; /* No file or file not open */ 91 92 fd = mp->map_file->file_fd; 93 } else 94 fd = P->asfd; 95 96 mapoff = addr - mp->map_pmap.pr_vaddr; 97 len = MIN(resid, mp->map_pmap.pr_size - mapoff); 98 off = mp->map_offset + mapoff; 99 100 if ((len = prw(fd, buf, len, off)) <= 0) 101 break; 102 103 resid -= len; 104 addr += len; 105 buf = (char *)buf + len; 106 } 107 108 /* 109 * Important: Be consistent with the behavior of i/o on the as file: 110 * writing to an invalid address yields EIO; reading from an invalid 111 * address falls through to returning success and zero bytes. 112 */ 113 if (resid == n && n != 0 && prw != pread64) { 114 errno = EIO; 115 return (-1); 116 } 117 118 return (n - resid); 119 } 120 121 /*ARGSUSED*/ 122 static ssize_t 123 Pread_core(struct ps_prochandle *P, void *buf, size_t n, uintptr_t addr, 124 void *data) 125 { 126 return (core_rw(P, buf, n, addr, pread64)); 127 } 128 129 /*ARGSUSED*/ 130 static ssize_t 131 Pwrite_core(struct ps_prochandle *P, const void *buf, size_t n, uintptr_t addr, 132 void *data) 133 { 134 return (core_rw(P, (void *)buf, n, addr, 135 (ssize_t (*)(int, void *, size_t, off64_t)) pwrite64)); 136 } 137 138 /*ARGSUSED*/ 139 static int 140 Pcred_core(struct ps_prochandle *P, prcred_t *pcrp, int ngroups, void *data) 141 { 142 core_info_t *core = data; 143 144 if (core->core_cred != NULL) { 145 /* 146 * Avoid returning more supplementary group data than the 147 * caller has allocated in their buffer. We expect them to 148 * check pr_ngroups afterward and potentially call us again. 149 */ 150 ngroups = MIN(ngroups, core->core_cred->pr_ngroups); 151 152 (void) memcpy(pcrp, core->core_cred, 153 sizeof (prcred_t) + (ngroups - 1) * sizeof (gid_t)); 154 155 return (0); 156 } 157 158 errno = ENODATA; 159 return (-1); 160 } 161 162 /*ARGSUSED*/ 163 static int 164 Psecflags_core(struct ps_prochandle *P, prsecflags_t **psf, void *data) 165 { 166 core_info_t *core = data; 167 168 if (core->core_secflags == NULL) { 169 errno = ENODATA; 170 return (-1); 171 } 172 173 if ((*psf = calloc(1, sizeof (prsecflags_t))) == NULL) 174 return (-1); 175 176 (void) memcpy(*psf, core->core_secflags, sizeof (prsecflags_t)); 177 178 return (0); 179 } 180 181 /*ARGSUSED*/ 182 static int 183 Ppriv_core(struct ps_prochandle *P, prpriv_t **pprv, void *data) 184 { 185 core_info_t *core = data; 186 187 if (core->core_priv == NULL) { 188 errno = ENODATA; 189 return (-1); 190 } 191 192 *pprv = malloc(core->core_priv_size); 193 if (*pprv == NULL) { 194 return (-1); 195 } 196 197 (void) memcpy(*pprv, core->core_priv, core->core_priv_size); 198 return (0); 199 } 200 201 /*ARGSUSED*/ 202 static const psinfo_t * 203 Ppsinfo_core(struct ps_prochandle *P, psinfo_t *psinfo, void *data) 204 { 205 return (&P->psinfo); 206 } 207 208 /*ARGSUSED*/ 209 static void 210 Pfini_core(struct ps_prochandle *P, void *data) 211 { 212 core_info_t *core = data; 213 214 if (core != NULL) { 215 extern void __priv_free_info(void *); 216 lwp_info_t *nlwp, *lwp = list_next(&core->core_lwp_head); 217 int i; 218 219 for (i = 0; i < core->core_nlwp; i++, lwp = nlwp) { 220 nlwp = list_next(lwp); 221 #ifdef __sparc 222 if (lwp->lwp_gwins != NULL) 223 free(lwp->lwp_gwins); 224 if (lwp->lwp_xregs != NULL) 225 free(lwp->lwp_xregs); 226 if (lwp->lwp_asrs != NULL) 227 free(lwp->lwp_asrs); 228 #endif 229 free(lwp); 230 } 231 232 if (core->core_platform != NULL) 233 free(core->core_platform); 234 if (core->core_uts != NULL) 235 free(core->core_uts); 236 if (core->core_cred != NULL) 237 free(core->core_cred); 238 if (core->core_priv != NULL) 239 free(core->core_priv); 240 if (core->core_privinfo != NULL) 241 __priv_free_info(core->core_privinfo); 242 if (core->core_ppii != NULL) 243 free(core->core_ppii); 244 if (core->core_zonename != NULL) 245 free(core->core_zonename); 246 if (core->core_secflags != NULL) 247 free(core->core_secflags); 248 #ifdef __x86 249 if (core->core_ldt != NULL) 250 free(core->core_ldt); 251 #endif 252 253 free(core); 254 } 255 } 256 257 /*ARGSUSED*/ 258 static char * 259 Pplatform_core(struct ps_prochandle *P, char *s, size_t n, void *data) 260 { 261 core_info_t *core = data; 262 263 if (core->core_platform == NULL) { 264 errno = ENODATA; 265 return (NULL); 266 } 267 (void) strncpy(s, core->core_platform, n - 1); 268 s[n - 1] = '\0'; 269 return (s); 270 } 271 272 /*ARGSUSED*/ 273 static int 274 Puname_core(struct ps_prochandle *P, struct utsname *u, void *data) 275 { 276 core_info_t *core = data; 277 278 if (core->core_uts == NULL) { 279 errno = ENODATA; 280 return (-1); 281 } 282 (void) memcpy(u, core->core_uts, sizeof (struct utsname)); 283 return (0); 284 } 285 286 /*ARGSUSED*/ 287 static char * 288 Pzonename_core(struct ps_prochandle *P, char *s, size_t n, void *data) 289 { 290 core_info_t *core = data; 291 292 if (core->core_zonename == NULL) { 293 errno = ENODATA; 294 return (NULL); 295 } 296 (void) strlcpy(s, core->core_zonename, n); 297 return (s); 298 } 299 300 #ifdef __x86 301 /*ARGSUSED*/ 302 static int 303 Pldt_core(struct ps_prochandle *P, struct ssd *pldt, int nldt, void *data) 304 { 305 core_info_t *core = data; 306 307 if (pldt == NULL || nldt == 0) 308 return (core->core_nldt); 309 310 if (core->core_ldt != NULL) { 311 nldt = MIN(nldt, core->core_nldt); 312 313 (void) memcpy(pldt, core->core_ldt, 314 nldt * sizeof (struct ssd)); 315 316 return (nldt); 317 } 318 319 errno = ENODATA; 320 return (-1); 321 } 322 #endif 323 324 static const ps_ops_t P_core_ops = { 325 .pop_pread = Pread_core, 326 .pop_pwrite = Pwrite_core, 327 .pop_cred = Pcred_core, 328 .pop_priv = Ppriv_core, 329 .pop_psinfo = Ppsinfo_core, 330 .pop_fini = Pfini_core, 331 .pop_platform = Pplatform_core, 332 .pop_uname = Puname_core, 333 .pop_zonename = Pzonename_core, 334 .pop_secflags = Psecflags_core, 335 #ifdef __x86 336 .pop_ldt = Pldt_core 337 #endif 338 }; 339 340 /* 341 * Return the lwp_info_t for the given lwpid. If no such lwpid has been 342 * encountered yet, allocate a new structure and return a pointer to it. 343 * Create a list of lwp_info_t structures sorted in decreasing lwp_id order. 344 */ 345 static lwp_info_t * 346 lwpid2info(struct ps_prochandle *P, lwpid_t id) 347 { 348 core_info_t *core = P->data; 349 lwp_info_t *lwp = list_next(&core->core_lwp_head); 350 lwp_info_t *next; 351 uint_t i; 352 353 for (i = 0; i < core->core_nlwp; i++, lwp = list_next(lwp)) { 354 if (lwp->lwp_id == id) { 355 core->core_lwp = lwp; 356 return (lwp); 357 } 358 if (lwp->lwp_id < id) { 359 break; 360 } 361 } 362 363 next = lwp; 364 if ((lwp = calloc(1, sizeof (lwp_info_t))) == NULL) 365 return (NULL); 366 367 list_link(lwp, next); 368 lwp->lwp_id = id; 369 370 core->core_lwp = lwp; 371 core->core_nlwp++; 372 373 return (lwp); 374 } 375 376 /* 377 * The core file itself contains a series of NOTE segments containing saved 378 * structures from /proc at the time the process died. For each note we 379 * comprehend, we define a function to read it in from the core file, 380 * convert it to our native data model if necessary, and store it inside 381 * the ps_prochandle. Each function is invoked by Pfgrab_core() with the 382 * seek pointer on P->asfd positioned appropriately. We populate a table 383 * of pointers to these note functions below. 384 */ 385 386 static int 387 note_pstatus(struct ps_prochandle *P, size_t nbytes) 388 { 389 #ifdef _LP64 390 core_info_t *core = P->data; 391 392 if (core->core_dmodel == PR_MODEL_ILP32) { 393 pstatus32_t ps32; 394 395 if (nbytes < sizeof (pstatus32_t) || 396 read(P->asfd, &ps32, sizeof (ps32)) != sizeof (ps32)) 397 goto err; 398 399 pstatus_32_to_n(&ps32, &P->status); 400 401 } else 402 #endif 403 if (nbytes < sizeof (pstatus_t) || 404 read(P->asfd, &P->status, sizeof (pstatus_t)) != sizeof (pstatus_t)) 405 goto err; 406 407 P->orig_status = P->status; 408 P->pid = P->status.pr_pid; 409 410 return (0); 411 412 err: 413 dprintf("Pgrab_core: failed to read NT_PSTATUS\n"); 414 return (-1); 415 } 416 417 static int 418 note_lwpstatus(struct ps_prochandle *P, size_t nbytes) 419 { 420 lwp_info_t *lwp; 421 lwpstatus_t lps; 422 423 #ifdef _LP64 424 core_info_t *core = P->data; 425 426 if (core->core_dmodel == PR_MODEL_ILP32) { 427 lwpstatus32_t l32; 428 429 if (nbytes < sizeof (lwpstatus32_t) || 430 read(P->asfd, &l32, sizeof (l32)) != sizeof (l32)) 431 goto err; 432 433 lwpstatus_32_to_n(&l32, &lps); 434 } else 435 #endif 436 if (nbytes < sizeof (lwpstatus_t) || 437 read(P->asfd, &lps, sizeof (lps)) != sizeof (lps)) 438 goto err; 439 440 if ((lwp = lwpid2info(P, lps.pr_lwpid)) == NULL) { 441 dprintf("Pgrab_core: failed to add NT_LWPSTATUS\n"); 442 return (-1); 443 } 444 445 /* 446 * Erase a useless and confusing artifact of the kernel implementation: 447 * the lwps which did *not* create the core will show SIGKILL. We can 448 * be assured this is bogus because SIGKILL can't produce core files. 449 */ 450 if (lps.pr_cursig == SIGKILL) 451 lps.pr_cursig = 0; 452 453 (void) memcpy(&lwp->lwp_status, &lps, sizeof (lps)); 454 return (0); 455 456 err: 457 dprintf("Pgrab_core: failed to read NT_LWPSTATUS\n"); 458 return (-1); 459 } 460 461 #ifdef __x86 462 463 static void 464 lx_prpsinfo32_to_psinfo(lx_prpsinfo32_t *p32, psinfo_t *psinfo) 465 { 466 psinfo->pr_flag = p32->pr_flag; 467 psinfo->pr_pid = p32->pr_pid; 468 psinfo->pr_ppid = p32->pr_ppid; 469 psinfo->pr_uid = p32->pr_uid; 470 psinfo->pr_gid = p32->pr_gid; 471 psinfo->pr_sid = p32->pr_sid; 472 psinfo->pr_pgid = p32->pr_pgrp; 473 474 (void) memcpy(psinfo->pr_fname, p32->pr_fname, 475 sizeof (psinfo->pr_fname)); 476 (void) memcpy(psinfo->pr_psargs, p32->pr_psargs, 477 sizeof (psinfo->pr_psargs)); 478 } 479 480 static void 481 lx_prpsinfo64_to_psinfo(lx_prpsinfo64_t *p64, psinfo_t *psinfo) 482 { 483 psinfo->pr_flag = p64->pr_flag; 484 psinfo->pr_pid = p64->pr_pid; 485 psinfo->pr_ppid = p64->pr_ppid; 486 psinfo->pr_uid = p64->pr_uid; 487 psinfo->pr_gid = p64->pr_gid; 488 psinfo->pr_sid = p64->pr_sid; 489 psinfo->pr_pgid = p64->pr_pgrp; 490 psinfo->pr_pgid = p64->pr_pgrp; 491 492 (void) memcpy(psinfo->pr_fname, p64->pr_fname, 493 sizeof (psinfo->pr_fname)); 494 (void) memcpy(psinfo->pr_psargs, p64->pr_psargs, 495 sizeof (psinfo->pr_psargs)); 496 } 497 498 static int 499 note_linux_psinfo(struct ps_prochandle *P, size_t nbytes) 500 { 501 core_info_t *core = P->data; 502 lx_prpsinfo32_t p32; 503 lx_prpsinfo64_t p64; 504 505 if (core->core_dmodel == PR_MODEL_ILP32) { 506 if (nbytes < sizeof (p32) || 507 read(P->asfd, &p32, sizeof (p32)) != sizeof (p32)) 508 goto err; 509 510 lx_prpsinfo32_to_psinfo(&p32, &P->psinfo); 511 } else { 512 if (nbytes < sizeof (p64) || 513 read(P->asfd, &p64, sizeof (p64)) != sizeof (p64)) 514 goto err; 515 516 lx_prpsinfo64_to_psinfo(&p64, &P->psinfo); 517 } 518 519 520 P->status.pr_pid = P->psinfo.pr_pid; 521 P->status.pr_ppid = P->psinfo.pr_ppid; 522 P->status.pr_pgid = P->psinfo.pr_pgid; 523 P->status.pr_sid = P->psinfo.pr_sid; 524 525 P->psinfo.pr_nlwp = 0; 526 P->status.pr_nlwp = 0; 527 528 return (0); 529 err: 530 dprintf("Pgrab_core: failed to read NT_PSINFO\n"); 531 return (-1); 532 } 533 534 static void 535 lx_prstatus64_to_lwp(lx_prstatus64_t *prs64, lwp_info_t *lwp) 536 { 537 LTIME_TO_TIMESPEC(lwp->lwp_status.pr_utime, prs64->pr_utime); 538 LTIME_TO_TIMESPEC(lwp->lwp_status.pr_stime, prs64->pr_stime); 539 540 lwp->lwp_status.pr_reg[REG_R15] = prs64->pr_reg.lxr_r15; 541 lwp->lwp_status.pr_reg[REG_R14] = prs64->pr_reg.lxr_r14; 542 lwp->lwp_status.pr_reg[REG_R13] = prs64->pr_reg.lxr_r13; 543 lwp->lwp_status.pr_reg[REG_R12] = prs64->pr_reg.lxr_r12; 544 lwp->lwp_status.pr_reg[REG_R11] = prs64->pr_reg.lxr_r11; 545 lwp->lwp_status.pr_reg[REG_R10] = prs64->pr_reg.lxr_r10; 546 lwp->lwp_status.pr_reg[REG_R9] = prs64->pr_reg.lxr_r9; 547 lwp->lwp_status.pr_reg[REG_R8] = prs64->pr_reg.lxr_r8; 548 549 lwp->lwp_status.pr_reg[REG_RDI] = prs64->pr_reg.lxr_rdi; 550 lwp->lwp_status.pr_reg[REG_RSI] = prs64->pr_reg.lxr_rsi; 551 lwp->lwp_status.pr_reg[REG_RBP] = prs64->pr_reg.lxr_rbp; 552 lwp->lwp_status.pr_reg[REG_RBX] = prs64->pr_reg.lxr_rbx; 553 lwp->lwp_status.pr_reg[REG_RDX] = prs64->pr_reg.lxr_rdx; 554 lwp->lwp_status.pr_reg[REG_RCX] = prs64->pr_reg.lxr_rcx; 555 lwp->lwp_status.pr_reg[REG_RAX] = prs64->pr_reg.lxr_rax; 556 557 lwp->lwp_status.pr_reg[REG_RIP] = prs64->pr_reg.lxr_rip; 558 lwp->lwp_status.pr_reg[REG_CS] = prs64->pr_reg.lxr_cs; 559 lwp->lwp_status.pr_reg[REG_RSP] = prs64->pr_reg.lxr_rsp; 560 lwp->lwp_status.pr_reg[REG_FS] = prs64->pr_reg.lxr_fs; 561 lwp->lwp_status.pr_reg[REG_SS] = prs64->pr_reg.lxr_ss; 562 lwp->lwp_status.pr_reg[REG_GS] = prs64->pr_reg.lxr_gs; 563 lwp->lwp_status.pr_reg[REG_ES] = prs64->pr_reg.lxr_es; 564 lwp->lwp_status.pr_reg[REG_DS] = prs64->pr_reg.lxr_ds; 565 566 lwp->lwp_status.pr_reg[REG_GSBASE] = prs64->pr_reg.lxr_gs_base; 567 lwp->lwp_status.pr_reg[REG_FSBASE] = prs64->pr_reg.lxr_fs_base; 568 } 569 570 static void 571 lx_prstatus32_to_lwp(lx_prstatus32_t *prs32, lwp_info_t *lwp) 572 { 573 LTIME_TO_TIMESPEC(lwp->lwp_status.pr_utime, prs32->pr_utime); 574 LTIME_TO_TIMESPEC(lwp->lwp_status.pr_stime, prs32->pr_stime); 575 576 #ifdef __amd64 577 lwp->lwp_status.pr_reg[REG_GS] = prs32->pr_reg.lxr_gs; 578 lwp->lwp_status.pr_reg[REG_FS] = prs32->pr_reg.lxr_fs; 579 lwp->lwp_status.pr_reg[REG_DS] = prs32->pr_reg.lxr_ds; 580 lwp->lwp_status.pr_reg[REG_ES] = prs32->pr_reg.lxr_es; 581 lwp->lwp_status.pr_reg[REG_RDI] = prs32->pr_reg.lxr_di; 582 lwp->lwp_status.pr_reg[REG_RSI] = prs32->pr_reg.lxr_si; 583 lwp->lwp_status.pr_reg[REG_RBP] = prs32->pr_reg.lxr_bp; 584 lwp->lwp_status.pr_reg[REG_RBX] = prs32->pr_reg.lxr_bx; 585 lwp->lwp_status.pr_reg[REG_RDX] = prs32->pr_reg.lxr_dx; 586 lwp->lwp_status.pr_reg[REG_RCX] = prs32->pr_reg.lxr_cx; 587 lwp->lwp_status.pr_reg[REG_RAX] = prs32->pr_reg.lxr_ax; 588 lwp->lwp_status.pr_reg[REG_RIP] = prs32->pr_reg.lxr_ip; 589 lwp->lwp_status.pr_reg[REG_CS] = prs32->pr_reg.lxr_cs; 590 lwp->lwp_status.pr_reg[REG_RFL] = prs32->pr_reg.lxr_flags; 591 lwp->lwp_status.pr_reg[REG_RSP] = prs32->pr_reg.lxr_sp; 592 lwp->lwp_status.pr_reg[REG_SS] = prs32->pr_reg.lxr_ss; 593 #else /* __amd64 */ 594 lwp->lwp_status.pr_reg[EBX] = prs32->pr_reg.lxr_bx; 595 lwp->lwp_status.pr_reg[ECX] = prs32->pr_reg.lxr_cx; 596 lwp->lwp_status.pr_reg[EDX] = prs32->pr_reg.lxr_dx; 597 lwp->lwp_status.pr_reg[ESI] = prs32->pr_reg.lxr_si; 598 lwp->lwp_status.pr_reg[EDI] = prs32->pr_reg.lxr_di; 599 lwp->lwp_status.pr_reg[EBP] = prs32->pr_reg.lxr_bp; 600 lwp->lwp_status.pr_reg[EAX] = prs32->pr_reg.lxr_ax; 601 lwp->lwp_status.pr_reg[EIP] = prs32->pr_reg.lxr_ip; 602 lwp->lwp_status.pr_reg[UESP] = prs32->pr_reg.lxr_sp; 603 604 lwp->lwp_status.pr_reg[DS] = prs32->pr_reg.lxr_ds; 605 lwp->lwp_status.pr_reg[ES] = prs32->pr_reg.lxr_es; 606 lwp->lwp_status.pr_reg[FS] = prs32->pr_reg.lxr_fs; 607 lwp->lwp_status.pr_reg[GS] = prs32->pr_reg.lxr_gs; 608 lwp->lwp_status.pr_reg[CS] = prs32->pr_reg.lxr_cs; 609 lwp->lwp_status.pr_reg[SS] = prs32->pr_reg.lxr_ss; 610 611 lwp->lwp_status.pr_reg[EFL] = prs32->pr_reg.lxr_flags; 612 #endif /* !__amd64 */ 613 } 614 615 static int 616 note_linux_prstatus(struct ps_prochandle *P, size_t nbytes) 617 { 618 core_info_t *core = P->data; 619 620 lx_prstatus64_t prs64; 621 lx_prstatus32_t prs32; 622 lwp_info_t *lwp; 623 lwpid_t tid; 624 625 dprintf("looking for model %d, %ld/%ld\n", core->core_dmodel, 626 (ulong_t)nbytes, (ulong_t)sizeof (prs32)); 627 if (core->core_dmodel == PR_MODEL_ILP32) { 628 if (nbytes < sizeof (prs32) || 629 read(P->asfd, &prs32, sizeof (prs32)) != nbytes) 630 goto err; 631 tid = prs32.pr_pid; 632 } else { 633 if (nbytes < sizeof (prs64) || 634 read(P->asfd, &prs64, sizeof (prs64)) != nbytes) 635 goto err; 636 tid = prs64.pr_pid; 637 } 638 639 if ((lwp = lwpid2info(P, tid)) == NULL) { 640 dprintf("Pgrab_core: failed to add lwpid2info " 641 "linux_prstatus\n"); 642 return (-1); 643 } 644 645 P->psinfo.pr_nlwp++; 646 P->status.pr_nlwp++; 647 648 lwp->lwp_status.pr_lwpid = tid; 649 650 if (core->core_dmodel == PR_MODEL_ILP32) 651 lx_prstatus32_to_lwp(&prs32, lwp); 652 else 653 lx_prstatus64_to_lwp(&prs64, lwp); 654 655 return (0); 656 err: 657 dprintf("Pgrab_core: failed to read NT_PRSTATUS\n"); 658 return (-1); 659 } 660 661 #endif /* __x86 */ 662 663 static int 664 note_psinfo(struct ps_prochandle *P, size_t nbytes) 665 { 666 #ifdef _LP64 667 core_info_t *core = P->data; 668 669 if (core->core_dmodel == PR_MODEL_ILP32) { 670 psinfo32_t ps32; 671 672 if (nbytes < sizeof (psinfo32_t) || 673 read(P->asfd, &ps32, sizeof (ps32)) != sizeof (ps32)) 674 goto err; 675 676 psinfo_32_to_n(&ps32, &P->psinfo); 677 } else 678 #endif 679 if (nbytes < sizeof (psinfo_t) || 680 read(P->asfd, &P->psinfo, sizeof (psinfo_t)) != sizeof (psinfo_t)) 681 goto err; 682 683 dprintf("pr_fname = <%s>\n", P->psinfo.pr_fname); 684 dprintf("pr_psargs = <%s>\n", P->psinfo.pr_psargs); 685 dprintf("pr_wstat = 0x%x\n", P->psinfo.pr_wstat); 686 687 return (0); 688 689 err: 690 dprintf("Pgrab_core: failed to read NT_PSINFO\n"); 691 return (-1); 692 } 693 694 static int 695 note_lwpsinfo(struct ps_prochandle *P, size_t nbytes) 696 { 697 lwp_info_t *lwp; 698 lwpsinfo_t lps; 699 700 #ifdef _LP64 701 core_info_t *core = P->data; 702 703 if (core->core_dmodel == PR_MODEL_ILP32) { 704 lwpsinfo32_t l32; 705 706 if (nbytes < sizeof (lwpsinfo32_t) || 707 read(P->asfd, &l32, sizeof (l32)) != sizeof (l32)) 708 goto err; 709 710 lwpsinfo_32_to_n(&l32, &lps); 711 } else 712 #endif 713 if (nbytes < sizeof (lwpsinfo_t) || 714 read(P->asfd, &lps, sizeof (lps)) != sizeof (lps)) 715 goto err; 716 717 if ((lwp = lwpid2info(P, lps.pr_lwpid)) == NULL) { 718 dprintf("Pgrab_core: failed to add NT_LWPSINFO\n"); 719 return (-1); 720 } 721 722 (void) memcpy(&lwp->lwp_psinfo, &lps, sizeof (lps)); 723 return (0); 724 725 err: 726 dprintf("Pgrab_core: failed to read NT_LWPSINFO\n"); 727 return (-1); 728 } 729 730 static int 731 note_lwpname(struct ps_prochandle *P, size_t nbytes) 732 { 733 prlwpname_t name; 734 lwp_info_t *lwp; 735 736 if (nbytes != sizeof (name) || 737 read(P->asfd, &name, sizeof (name)) != sizeof (name)) 738 goto err; 739 740 if ((lwp = lwpid2info(P, name.pr_lwpid)) == NULL) 741 goto err; 742 743 if (strlcpy(lwp->lwp_name, name.pr_lwpname, 744 sizeof (lwp->lwp_name)) >= sizeof (lwp->lwp_name)) { 745 errno = ENAMETOOLONG; 746 goto err; 747 } 748 749 return (0); 750 751 err: 752 dprintf("Pgrab_core: failed to read NT_LWPNAME\n"); 753 return (-1); 754 } 755 756 static int 757 note_fdinfo(struct ps_prochandle *P, size_t nbytes) 758 { 759 prfdinfo_core_t prfd; 760 fd_info_t *fip; 761 762 if ((nbytes < sizeof (prfd)) || 763 (read(P->asfd, &prfd, sizeof (prfd)) != sizeof (prfd))) { 764 dprintf("Pgrab_core: failed to read NT_FDINFO\n"); 765 return (-1); 766 } 767 768 if ((fip = Pfd2info(P, prfd.pr_fd)) == NULL) { 769 dprintf("Pgrab_core: failed to add NT_FDINFO\n"); 770 return (-1); 771 } 772 if (fip->fd_info == NULL) { 773 if (proc_fdinfo_from_core(&prfd, &fip->fd_info) != 0) { 774 dprintf("Pgrab_core: failed to convert NT_FDINFO\n"); 775 return (-1); 776 } 777 } 778 779 return (0); 780 } 781 782 static int 783 note_platform(struct ps_prochandle *P, size_t nbytes) 784 { 785 core_info_t *core = P->data; 786 char *plat; 787 788 if (core->core_platform != NULL) 789 return (0); /* Already seen */ 790 791 if (nbytes != 0 && ((plat = malloc(nbytes + 1)) != NULL)) { 792 if (read(P->asfd, plat, nbytes) != nbytes) { 793 dprintf("Pgrab_core: failed to read NT_PLATFORM\n"); 794 free(plat); 795 return (-1); 796 } 797 plat[nbytes - 1] = '\0'; 798 core->core_platform = plat; 799 } 800 801 return (0); 802 } 803 804 static int 805 note_secflags(struct ps_prochandle *P, size_t nbytes) 806 { 807 core_info_t *core = P->data; 808 prsecflags_t *psf; 809 810 if (core->core_secflags != NULL) 811 return (0); /* Already seen */ 812 813 if (sizeof (*psf) != nbytes) { 814 dprintf("Pgrab_core: NT_SECFLAGS changed size." 815 " Need to handle a version change?\n"); 816 return (-1); 817 } 818 819 if (nbytes != 0 && ((psf = malloc(nbytes)) != NULL)) { 820 if (read(P->asfd, psf, nbytes) != nbytes) { 821 dprintf("Pgrab_core: failed to read NT_SECFLAGS\n"); 822 free(psf); 823 return (-1); 824 } 825 826 core->core_secflags = psf; 827 } 828 829 return (0); 830 } 831 832 static int 833 note_utsname(struct ps_prochandle *P, size_t nbytes) 834 { 835 core_info_t *core = P->data; 836 size_t ubytes = sizeof (struct utsname); 837 struct utsname *utsp; 838 839 if (core->core_uts != NULL || nbytes < ubytes) 840 return (0); /* Already seen or bad size */ 841 842 if ((utsp = malloc(ubytes)) == NULL) 843 return (-1); 844 845 if (read(P->asfd, utsp, ubytes) != ubytes) { 846 dprintf("Pgrab_core: failed to read NT_UTSNAME\n"); 847 free(utsp); 848 return (-1); 849 } 850 851 if (_libproc_debug) { 852 dprintf("uts.sysname = \"%s\"\n", utsp->sysname); 853 dprintf("uts.nodename = \"%s\"\n", utsp->nodename); 854 dprintf("uts.release = \"%s\"\n", utsp->release); 855 dprintf("uts.version = \"%s\"\n", utsp->version); 856 dprintf("uts.machine = \"%s\"\n", utsp->machine); 857 } 858 859 core->core_uts = utsp; 860 return (0); 861 } 862 863 static int 864 note_content(struct ps_prochandle *P, size_t nbytes) 865 { 866 core_info_t *core = P->data; 867 core_content_t content; 868 869 if (sizeof (core->core_content) != nbytes) 870 return (-1); 871 872 if (read(P->asfd, &content, sizeof (content)) != sizeof (content)) 873 return (-1); 874 875 core->core_content = content; 876 877 dprintf("core content = %llx\n", content); 878 879 return (0); 880 } 881 882 static int 883 note_cred(struct ps_prochandle *P, size_t nbytes) 884 { 885 core_info_t *core = P->data; 886 prcred_t *pcrp; 887 int ngroups; 888 const size_t min_size = sizeof (prcred_t) - sizeof (gid_t); 889 890 /* 891 * We allow for prcred_t notes that are actually smaller than a 892 * prcred_t since the last member isn't essential if there are 893 * no group memberships. This allows for more flexibility when it 894 * comes to slightly malformed -- but still valid -- notes. 895 */ 896 if (core->core_cred != NULL || nbytes < min_size) 897 return (0); /* Already seen or bad size */ 898 899 ngroups = (nbytes - min_size) / sizeof (gid_t); 900 nbytes = sizeof (prcred_t) + (ngroups - 1) * sizeof (gid_t); 901 902 if ((pcrp = malloc(nbytes)) == NULL) 903 return (-1); 904 905 if (read(P->asfd, pcrp, nbytes) != nbytes) { 906 dprintf("Pgrab_core: failed to read NT_PRCRED\n"); 907 free(pcrp); 908 return (-1); 909 } 910 911 if (pcrp->pr_ngroups > ngroups) { 912 dprintf("pr_ngroups = %d; resetting to %d based on note size\n", 913 pcrp->pr_ngroups, ngroups); 914 pcrp->pr_ngroups = ngroups; 915 } 916 917 core->core_cred = pcrp; 918 return (0); 919 } 920 921 #ifdef __x86 922 static int 923 note_ldt(struct ps_prochandle *P, size_t nbytes) 924 { 925 core_info_t *core = P->data; 926 struct ssd *pldt; 927 uint_t nldt; 928 929 if (core->core_ldt != NULL || nbytes < sizeof (struct ssd)) 930 return (0); /* Already seen or bad size */ 931 932 nldt = nbytes / sizeof (struct ssd); 933 nbytes = nldt * sizeof (struct ssd); 934 935 if ((pldt = malloc(nbytes)) == NULL) 936 return (-1); 937 938 if (read(P->asfd, pldt, nbytes) != nbytes) { 939 dprintf("Pgrab_core: failed to read NT_LDT\n"); 940 free(pldt); 941 return (-1); 942 } 943 944 core->core_ldt = pldt; 945 core->core_nldt = nldt; 946 return (0); 947 } 948 #endif /* __i386 */ 949 950 static int 951 note_priv(struct ps_prochandle *P, size_t nbytes) 952 { 953 core_info_t *core = P->data; 954 prpriv_t *pprvp; 955 956 if (core->core_priv != NULL || nbytes < sizeof (prpriv_t)) 957 return (0); /* Already seen or bad size */ 958 959 if ((pprvp = malloc(nbytes)) == NULL) 960 return (-1); 961 962 if (read(P->asfd, pprvp, nbytes) != nbytes) { 963 dprintf("Pgrab_core: failed to read NT_PRPRIV\n"); 964 free(pprvp); 965 return (-1); 966 } 967 968 core->core_priv = pprvp; 969 core->core_priv_size = nbytes; 970 return (0); 971 } 972 973 static int 974 note_priv_info(struct ps_prochandle *P, size_t nbytes) 975 { 976 core_info_t *core = P->data; 977 extern void *__priv_parse_info(); 978 priv_impl_info_t *ppii; 979 980 if (core->core_privinfo != NULL || 981 nbytes < sizeof (priv_impl_info_t)) 982 return (0); /* Already seen or bad size */ 983 984 if ((ppii = malloc(nbytes)) == NULL) 985 return (-1); 986 987 if (read(P->asfd, ppii, nbytes) != nbytes || 988 PRIV_IMPL_INFO_SIZE(ppii) != nbytes) { 989 dprintf("Pgrab_core: failed to read NT_PRPRIVINFO\n"); 990 free(ppii); 991 return (-1); 992 } 993 994 core->core_privinfo = __priv_parse_info(ppii); 995 core->core_ppii = ppii; 996 return (0); 997 } 998 999 static int 1000 note_zonename(struct ps_prochandle *P, size_t nbytes) 1001 { 1002 core_info_t *core = P->data; 1003 char *zonename; 1004 1005 if (core->core_zonename != NULL) 1006 return (0); /* Already seen */ 1007 1008 if (nbytes != 0) { 1009 if ((zonename = malloc(nbytes)) == NULL) 1010 return (-1); 1011 if (read(P->asfd, zonename, nbytes) != nbytes) { 1012 dprintf("Pgrab_core: failed to read NT_ZONENAME\n"); 1013 free(zonename); 1014 return (-1); 1015 } 1016 zonename[nbytes - 1] = '\0'; 1017 core->core_zonename = zonename; 1018 } 1019 1020 return (0); 1021 } 1022 1023 static int 1024 note_auxv(struct ps_prochandle *P, size_t nbytes) 1025 { 1026 size_t n, i; 1027 1028 #ifdef _LP64 1029 core_info_t *core = P->data; 1030 1031 if (core->core_dmodel == PR_MODEL_ILP32) { 1032 auxv32_t *a32; 1033 1034 n = nbytes / sizeof (auxv32_t); 1035 nbytes = n * sizeof (auxv32_t); 1036 a32 = alloca(nbytes); 1037 1038 if (read(P->asfd, a32, nbytes) != nbytes) { 1039 dprintf("Pgrab_core: failed to read NT_AUXV\n"); 1040 return (-1); 1041 } 1042 1043 if ((P->auxv = malloc(sizeof (auxv_t) * (n + 1))) == NULL) 1044 return (-1); 1045 1046 for (i = 0; i < n; i++) 1047 auxv_32_to_n(&a32[i], &P->auxv[i]); 1048 1049 } else { 1050 #endif 1051 n = nbytes / sizeof (auxv_t); 1052 nbytes = n * sizeof (auxv_t); 1053 1054 if ((P->auxv = malloc(nbytes + sizeof (auxv_t))) == NULL) 1055 return (-1); 1056 1057 if (read(P->asfd, P->auxv, nbytes) != nbytes) { 1058 free(P->auxv); 1059 P->auxv = NULL; 1060 return (-1); 1061 } 1062 #ifdef _LP64 1063 } 1064 #endif 1065 1066 if (_libproc_debug) { 1067 for (i = 0; i < n; i++) { 1068 dprintf("P->auxv[%lu] = ( %d, 0x%lx )\n", (ulong_t)i, 1069 P->auxv[i].a_type, P->auxv[i].a_un.a_val); 1070 } 1071 } 1072 1073 /* 1074 * Defensive coding for loops which depend upon the auxv array being 1075 * terminated by an AT_NULL element; in each case, we've allocated 1076 * P->auxv to have an additional element which we force to be AT_NULL. 1077 */ 1078 P->auxv[n].a_type = AT_NULL; 1079 P->auxv[n].a_un.a_val = 0L; 1080 P->nauxv = (int)n; 1081 1082 return (0); 1083 } 1084 1085 #ifdef __sparc 1086 static int 1087 note_xreg(struct ps_prochandle *P, size_t nbytes) 1088 { 1089 core_info_t *core = P->data; 1090 lwp_info_t *lwp = core->core_lwp; 1091 size_t xbytes = sizeof (prxregset_t); 1092 prxregset_t *xregs; 1093 1094 if (lwp == NULL || lwp->lwp_xregs != NULL || nbytes < xbytes) 1095 return (0); /* No lwp yet, already seen, or bad size */ 1096 1097 if ((xregs = malloc(xbytes)) == NULL) 1098 return (-1); 1099 1100 if (read(P->asfd, xregs, xbytes) != xbytes) { 1101 dprintf("Pgrab_core: failed to read NT_PRXREG\n"); 1102 free(xregs); 1103 return (-1); 1104 } 1105 1106 lwp->lwp_xregs = xregs; 1107 return (0); 1108 } 1109 1110 static int 1111 note_gwindows(struct ps_prochandle *P, size_t nbytes) 1112 { 1113 core_info_t *core = P->data; 1114 lwp_info_t *lwp = core->core_lwp; 1115 1116 if (lwp == NULL || lwp->lwp_gwins != NULL || nbytes == 0) 1117 return (0); /* No lwp yet or already seen or no data */ 1118 1119 if ((lwp->lwp_gwins = malloc(sizeof (gwindows_t))) == NULL) 1120 return (-1); 1121 1122 /* 1123 * Since the amount of gwindows data varies with how many windows were 1124 * actually saved, we just read up to the minimum of the note size 1125 * and the size of the gwindows_t type. It doesn't matter if the read 1126 * fails since we have to zero out gwindows first anyway. 1127 */ 1128 #ifdef _LP64 1129 if (core->core_dmodel == PR_MODEL_ILP32) { 1130 gwindows32_t g32; 1131 1132 (void) memset(&g32, 0, sizeof (g32)); 1133 (void) read(P->asfd, &g32, MIN(nbytes, sizeof (g32))); 1134 gwindows_32_to_n(&g32, lwp->lwp_gwins); 1135 1136 } else { 1137 #endif 1138 (void) memset(lwp->lwp_gwins, 0, sizeof (gwindows_t)); 1139 (void) read(P->asfd, lwp->lwp_gwins, 1140 MIN(nbytes, sizeof (gwindows_t))); 1141 #ifdef _LP64 1142 } 1143 #endif 1144 return (0); 1145 } 1146 1147 #ifdef __sparcv9 1148 static int 1149 note_asrs(struct ps_prochandle *P, size_t nbytes) 1150 { 1151 core_info_t *core = P->data; 1152 lwp_info_t *lwp = core->core_lwp; 1153 int64_t *asrs; 1154 1155 if (lwp == NULL || lwp->lwp_asrs != NULL || nbytes < sizeof (asrset_t)) 1156 return (0); /* No lwp yet, already seen, or bad size */ 1157 1158 if ((asrs = malloc(sizeof (asrset_t))) == NULL) 1159 return (-1); 1160 1161 if (read(P->asfd, asrs, sizeof (asrset_t)) != sizeof (asrset_t)) { 1162 dprintf("Pgrab_core: failed to read NT_ASRS\n"); 1163 free(asrs); 1164 return (-1); 1165 } 1166 1167 lwp->lwp_asrs = asrs; 1168 return (0); 1169 } 1170 #endif /* __sparcv9 */ 1171 #endif /* __sparc */ 1172 1173 static int 1174 note_spymaster(struct ps_prochandle *P, size_t nbytes) 1175 { 1176 #ifdef _LP64 1177 core_info_t *core = P->data; 1178 1179 if (core->core_dmodel == PR_MODEL_ILP32) { 1180 psinfo32_t ps32; 1181 1182 if (nbytes < sizeof (psinfo32_t) || 1183 read(P->asfd, &ps32, sizeof (ps32)) != sizeof (ps32)) 1184 goto err; 1185 1186 psinfo_32_to_n(&ps32, &P->spymaster); 1187 } else 1188 #endif 1189 if (nbytes < sizeof (psinfo_t) || read(P->asfd, 1190 &P->spymaster, sizeof (psinfo_t)) != sizeof (psinfo_t)) 1191 goto err; 1192 1193 dprintf("spymaster pr_fname = <%s>\n", P->psinfo.pr_fname); 1194 dprintf("spymaster pr_psargs = <%s>\n", P->psinfo.pr_psargs); 1195 dprintf("spymaster pr_wstat = 0x%x\n", P->psinfo.pr_wstat); 1196 1197 return (0); 1198 1199 err: 1200 dprintf("Pgrab_core: failed to read NT_SPYMASTER\n"); 1201 return (-1); 1202 } 1203 1204 /*ARGSUSED*/ 1205 static int 1206 note_notsup(struct ps_prochandle *P, size_t nbytes) 1207 { 1208 dprintf("skipping unsupported note type of size %ld bytes\n", 1209 (ulong_t)nbytes); 1210 return (0); 1211 } 1212 1213 /* 1214 * Populate a table of function pointers indexed by Note type with our 1215 * functions to process each type of core file note: 1216 */ 1217 static int (*nhdlrs[])(struct ps_prochandle *, size_t) = { 1218 note_notsup, /* 0 unassigned */ 1219 #ifdef __x86 1220 note_linux_prstatus, /* 1 NT_PRSTATUS (old) */ 1221 #else 1222 note_notsup, /* 1 NT_PRSTATUS (old) */ 1223 #endif 1224 note_notsup, /* 2 NT_PRFPREG (old) */ 1225 #ifdef __x86 1226 note_linux_psinfo, /* 3 NT_PRPSINFO (old) */ 1227 #else 1228 note_notsup, /* 3 NT_PRPSINFO (old) */ 1229 #endif 1230 #ifdef __sparc 1231 note_xreg, /* 4 NT_PRXREG */ 1232 #else 1233 note_notsup, /* 4 NT_PRXREG */ 1234 #endif 1235 note_platform, /* 5 NT_PLATFORM */ 1236 note_auxv, /* 6 NT_AUXV */ 1237 #ifdef __sparc 1238 note_gwindows, /* 7 NT_GWINDOWS */ 1239 #ifdef __sparcv9 1240 note_asrs, /* 8 NT_ASRS */ 1241 #else 1242 note_notsup, /* 8 NT_ASRS */ 1243 #endif 1244 #else 1245 note_notsup, /* 7 NT_GWINDOWS */ 1246 note_notsup, /* 8 NT_ASRS */ 1247 #endif 1248 #ifdef __x86 1249 note_ldt, /* 9 NT_LDT */ 1250 #else 1251 note_notsup, /* 9 NT_LDT */ 1252 #endif 1253 note_pstatus, /* 10 NT_PSTATUS */ 1254 note_notsup, /* 11 unassigned */ 1255 note_notsup, /* 12 unassigned */ 1256 note_psinfo, /* 13 NT_PSINFO */ 1257 note_cred, /* 14 NT_PRCRED */ 1258 note_utsname, /* 15 NT_UTSNAME */ 1259 note_lwpstatus, /* 16 NT_LWPSTATUS */ 1260 note_lwpsinfo, /* 17 NT_LWPSINFO */ 1261 note_priv, /* 18 NT_PRPRIV */ 1262 note_priv_info, /* 19 NT_PRPRIVINFO */ 1263 note_content, /* 20 NT_CONTENT */ 1264 note_zonename, /* 21 NT_ZONENAME */ 1265 note_fdinfo, /* 22 NT_FDINFO */ 1266 note_spymaster, /* 23 NT_SPYMASTER */ 1267 note_secflags, /* 24 NT_SECFLAGS */ 1268 note_lwpname, /* 25 NT_LWPNAME */ 1269 }; 1270 1271 static void 1272 core_report_mapping(struct ps_prochandle *P, GElf_Phdr *php) 1273 { 1274 prkillinfo_t killinfo; 1275 siginfo_t *si = &killinfo.prk_info; 1276 char signame[SIG2STR_MAX], sig[64], info[64]; 1277 void *addr = (void *)(uintptr_t)php->p_vaddr; 1278 1279 const char *errfmt = "core file data for mapping at %p not saved: %s\n"; 1280 const char *incfmt = "core file incomplete due to %s%s\n"; 1281 const char *msgfmt = "mappings at and above %p are missing\n"; 1282 1283 if (!(php->p_flags & PF_SUNW_KILLED)) { 1284 int err = 0; 1285 1286 (void) pread64(P->asfd, &err, 1287 sizeof (err), (off64_t)php->p_offset); 1288 1289 Perror_printf(P, errfmt, addr, strerror(err)); 1290 dprintf(errfmt, addr, strerror(err)); 1291 return; 1292 } 1293 1294 if (!(php->p_flags & PF_SUNW_SIGINFO)) 1295 return; 1296 1297 (void) memset(&killinfo, 0, sizeof (killinfo)); 1298 1299 (void) pread64(P->asfd, &killinfo, 1300 sizeof (killinfo), (off64_t)php->p_offset); 1301 1302 /* 1303 * While there is (or at least should be) only one segment that has 1304 * PF_SUNW_SIGINFO set, the signal information there is globally 1305 * useful (even if only to those debugging libproc consumers); we hang 1306 * the signal information gleaned here off of the ps_prochandle. 1307 */ 1308 P->map_missing = php->p_vaddr; 1309 P->killinfo = killinfo.prk_info; 1310 1311 if (sig2str(si->si_signo, signame) == -1) { 1312 (void) snprintf(sig, sizeof (sig), 1313 "<Unknown signal: 0x%x>, ", si->si_signo); 1314 } else { 1315 (void) snprintf(sig, sizeof (sig), "SIG%s, ", signame); 1316 } 1317 1318 if (si->si_code == SI_USER || si->si_code == SI_QUEUE) { 1319 (void) snprintf(info, sizeof (info), 1320 "pid=%d uid=%d zone=%d ctid=%d", 1321 si->si_pid, si->si_uid, si->si_zoneid, si->si_ctid); 1322 } else { 1323 (void) snprintf(info, sizeof (info), 1324 "code=%d", si->si_code); 1325 } 1326 1327 Perror_printf(P, incfmt, sig, info); 1328 Perror_printf(P, msgfmt, addr); 1329 1330 dprintf(incfmt, sig, info); 1331 dprintf(msgfmt, addr); 1332 } 1333 1334 /* 1335 * Add information on the address space mapping described by the given 1336 * PT_LOAD program header. We fill in more information on the mapping later. 1337 */ 1338 static int 1339 core_add_mapping(struct ps_prochandle *P, GElf_Phdr *php) 1340 { 1341 core_info_t *core = P->data; 1342 prmap_t pmap; 1343 1344 dprintf("mapping base %llx filesz %llx memsz %llx offset %llx\n", 1345 (u_longlong_t)php->p_vaddr, (u_longlong_t)php->p_filesz, 1346 (u_longlong_t)php->p_memsz, (u_longlong_t)php->p_offset); 1347 1348 pmap.pr_vaddr = (uintptr_t)php->p_vaddr; 1349 pmap.pr_size = php->p_memsz; 1350 1351 /* 1352 * If Pgcore() or elfcore() fail to write a mapping, they will set 1353 * PF_SUNW_FAILURE in the Phdr and try to stash away the errno for us. 1354 */ 1355 if (php->p_flags & PF_SUNW_FAILURE) { 1356 core_report_mapping(P, php); 1357 } else if (php->p_filesz != 0 && php->p_offset >= core->core_size) { 1358 Perror_printf(P, "core file may be corrupt -- data for mapping " 1359 "at %p is missing\n", (void *)(uintptr_t)php->p_vaddr); 1360 dprintf("core file may be corrupt -- data for mapping " 1361 "at %p is missing\n", (void *)(uintptr_t)php->p_vaddr); 1362 } 1363 1364 /* 1365 * The mapping name and offset will hopefully be filled in 1366 * by the librtld_db agent. Unfortunately, if it isn't a 1367 * shared library mapping, this information is gone forever. 1368 */ 1369 pmap.pr_mapname[0] = '\0'; 1370 pmap.pr_offset = 0; 1371 1372 pmap.pr_mflags = 0; 1373 if (php->p_flags & PF_R) 1374 pmap.pr_mflags |= MA_READ; 1375 if (php->p_flags & PF_W) 1376 pmap.pr_mflags |= MA_WRITE; 1377 if (php->p_flags & PF_X) 1378 pmap.pr_mflags |= MA_EXEC; 1379 1380 if (php->p_filesz == 0) 1381 pmap.pr_mflags |= MA_RESERVED1; 1382 1383 /* 1384 * At the time of adding this mapping, we just zero the pagesize. 1385 * Once we've processed more of the core file, we'll have the 1386 * pagesize from the auxv's AT_PAGESZ element and we can fill this in. 1387 */ 1388 pmap.pr_pagesize = 0; 1389 1390 /* 1391 * Unfortunately whether or not the mapping was a System V 1392 * shared memory segment is lost. We use -1 to mark it as not shm. 1393 */ 1394 pmap.pr_shmid = -1; 1395 1396 return (Padd_mapping(P, php->p_offset, NULL, &pmap)); 1397 } 1398 1399 /* 1400 * Given a virtual address, name the mapping at that address using the 1401 * specified name, and return the map_info_t pointer. 1402 */ 1403 static map_info_t * 1404 core_name_mapping(struct ps_prochandle *P, uintptr_t addr, const char *name) 1405 { 1406 map_info_t *mp = Paddr2mptr(P, addr); 1407 1408 if (mp != NULL) { 1409 (void) strncpy(mp->map_pmap.pr_mapname, name, PRMAPSZ); 1410 mp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 1411 } 1412 1413 return (mp); 1414 } 1415 1416 /* 1417 * libproc uses libelf for all of its symbol table manipulation. This function 1418 * takes a symbol table and string table from a core file and places them 1419 * in a memory backed elf file. 1420 */ 1421 static void 1422 fake_up_symtab(struct ps_prochandle *P, const elf_file_header_t *ehdr, 1423 GElf_Shdr *symtab, GElf_Shdr *strtab) 1424 { 1425 size_t size; 1426 off64_t off, base; 1427 map_info_t *mp; 1428 file_info_t *fp; 1429 Elf_Scn *scn; 1430 Elf_Data *data; 1431 1432 if (symtab->sh_addr == 0 || 1433 (mp = Paddr2mptr(P, symtab->sh_addr)) == NULL || 1434 (fp = mp->map_file) == NULL) { 1435 dprintf("fake_up_symtab: invalid section\n"); 1436 return; 1437 } 1438 1439 if (fp->file_symtab.sym_data_pri != NULL) { 1440 dprintf("Symbol table already loaded (sh_addr 0x%lx)\n", 1441 (long)symtab->sh_addr); 1442 return; 1443 } 1444 1445 if (P->status.pr_dmodel == PR_MODEL_ILP32) { 1446 struct { 1447 Elf32_Ehdr ehdr; 1448 Elf32_Shdr shdr[3]; 1449 char data[1]; 1450 } *b; 1451 1452 base = sizeof (b->ehdr) + sizeof (b->shdr); 1453 size = base + symtab->sh_size + strtab->sh_size; 1454 1455 if ((b = calloc(1, size)) == NULL) 1456 return; 1457 1458 (void) memcpy(b->ehdr.e_ident, ehdr->e_ident, 1459 sizeof (ehdr->e_ident)); 1460 b->ehdr.e_type = ehdr->e_type; 1461 b->ehdr.e_machine = ehdr->e_machine; 1462 b->ehdr.e_version = ehdr->e_version; 1463 b->ehdr.e_flags = ehdr->e_flags; 1464 b->ehdr.e_ehsize = sizeof (b->ehdr); 1465 b->ehdr.e_shoff = sizeof (b->ehdr); 1466 b->ehdr.e_shentsize = sizeof (b->shdr[0]); 1467 b->ehdr.e_shnum = 3; 1468 off = 0; 1469 1470 b->shdr[1].sh_size = symtab->sh_size; 1471 b->shdr[1].sh_type = SHT_SYMTAB; 1472 b->shdr[1].sh_offset = off + base; 1473 b->shdr[1].sh_entsize = sizeof (Elf32_Sym); 1474 b->shdr[1].sh_link = 2; 1475 b->shdr[1].sh_info = symtab->sh_info; 1476 b->shdr[1].sh_addralign = symtab->sh_addralign; 1477 1478 if (pread64(P->asfd, &b->data[off], b->shdr[1].sh_size, 1479 symtab->sh_offset) != b->shdr[1].sh_size) { 1480 dprintf("fake_up_symtab: pread of symtab[1] failed\n"); 1481 free(b); 1482 return; 1483 } 1484 1485 off += b->shdr[1].sh_size; 1486 1487 b->shdr[2].sh_flags = SHF_STRINGS; 1488 b->shdr[2].sh_size = strtab->sh_size; 1489 b->shdr[2].sh_type = SHT_STRTAB; 1490 b->shdr[2].sh_offset = off + base; 1491 b->shdr[2].sh_info = strtab->sh_info; 1492 b->shdr[2].sh_addralign = 1; 1493 1494 if (pread64(P->asfd, &b->data[off], b->shdr[2].sh_size, 1495 strtab->sh_offset) != b->shdr[2].sh_size) { 1496 dprintf("fake_up_symtab: pread of symtab[2] failed\n"); 1497 free(b); 1498 return; 1499 } 1500 1501 off += b->shdr[2].sh_size; 1502 1503 fp->file_symtab.sym_elf = elf_memory((char *)b, size); 1504 if (fp->file_symtab.sym_elf == NULL) { 1505 free(b); 1506 return; 1507 } 1508 1509 fp->file_symtab.sym_elfmem = b; 1510 #ifdef _LP64 1511 } else { 1512 struct { 1513 Elf64_Ehdr ehdr; 1514 Elf64_Shdr shdr[3]; 1515 char data[1]; 1516 } *b; 1517 1518 base = sizeof (b->ehdr) + sizeof (b->shdr); 1519 size = base + symtab->sh_size + strtab->sh_size; 1520 1521 if ((b = calloc(1, size)) == NULL) 1522 return; 1523 1524 (void) memcpy(b->ehdr.e_ident, ehdr->e_ident, 1525 sizeof (ehdr->e_ident)); 1526 b->ehdr.e_type = ehdr->e_type; 1527 b->ehdr.e_machine = ehdr->e_machine; 1528 b->ehdr.e_version = ehdr->e_version; 1529 b->ehdr.e_flags = ehdr->e_flags; 1530 b->ehdr.e_ehsize = sizeof (b->ehdr); 1531 b->ehdr.e_shoff = sizeof (b->ehdr); 1532 b->ehdr.e_shentsize = sizeof (b->shdr[0]); 1533 b->ehdr.e_shnum = 3; 1534 off = 0; 1535 1536 b->shdr[1].sh_size = symtab->sh_size; 1537 b->shdr[1].sh_type = SHT_SYMTAB; 1538 b->shdr[1].sh_offset = off + base; 1539 b->shdr[1].sh_entsize = sizeof (Elf64_Sym); 1540 b->shdr[1].sh_link = 2; 1541 b->shdr[1].sh_info = symtab->sh_info; 1542 b->shdr[1].sh_addralign = symtab->sh_addralign; 1543 1544 if (pread64(P->asfd, &b->data[off], b->shdr[1].sh_size, 1545 symtab->sh_offset) != b->shdr[1].sh_size) { 1546 free(b); 1547 return; 1548 } 1549 1550 off += b->shdr[1].sh_size; 1551 1552 b->shdr[2].sh_flags = SHF_STRINGS; 1553 b->shdr[2].sh_size = strtab->sh_size; 1554 b->shdr[2].sh_type = SHT_STRTAB; 1555 b->shdr[2].sh_offset = off + base; 1556 b->shdr[2].sh_info = strtab->sh_info; 1557 b->shdr[2].sh_addralign = 1; 1558 1559 if (pread64(P->asfd, &b->data[off], b->shdr[2].sh_size, 1560 strtab->sh_offset) != b->shdr[2].sh_size) { 1561 free(b); 1562 return; 1563 } 1564 1565 off += b->shdr[2].sh_size; 1566 1567 fp->file_symtab.sym_elf = elf_memory((char *)b, size); 1568 if (fp->file_symtab.sym_elf == NULL) { 1569 free(b); 1570 return; 1571 } 1572 1573 fp->file_symtab.sym_elfmem = b; 1574 #endif 1575 } 1576 1577 if ((scn = elf_getscn(fp->file_symtab.sym_elf, 1)) == NULL || 1578 (fp->file_symtab.sym_data_pri = elf_getdata(scn, NULL)) == NULL || 1579 (scn = elf_getscn(fp->file_symtab.sym_elf, 2)) == NULL || 1580 (data = elf_getdata(scn, NULL)) == NULL) { 1581 dprintf("fake_up_symtab: failed to get section data at %p\n", 1582 (void *)scn); 1583 goto err; 1584 } 1585 1586 fp->file_symtab.sym_strs = data->d_buf; 1587 fp->file_symtab.sym_strsz = data->d_size; 1588 fp->file_symtab.sym_symn = symtab->sh_size / symtab->sh_entsize; 1589 fp->file_symtab.sym_hdr_pri = *symtab; 1590 fp->file_symtab.sym_strhdr = *strtab; 1591 1592 optimize_symtab(&fp->file_symtab); 1593 1594 return; 1595 err: 1596 (void) elf_end(fp->file_symtab.sym_elf); 1597 free(fp->file_symtab.sym_elfmem); 1598 fp->file_symtab.sym_elf = NULL; 1599 fp->file_symtab.sym_elfmem = NULL; 1600 } 1601 1602 static void 1603 core_phdr_to_gelf(const Elf32_Phdr *src, GElf_Phdr *dst) 1604 { 1605 dst->p_type = src->p_type; 1606 dst->p_flags = src->p_flags; 1607 dst->p_offset = (Elf64_Off)src->p_offset; 1608 dst->p_vaddr = (Elf64_Addr)src->p_vaddr; 1609 dst->p_paddr = (Elf64_Addr)src->p_paddr; 1610 dst->p_filesz = (Elf64_Xword)src->p_filesz; 1611 dst->p_memsz = (Elf64_Xword)src->p_memsz; 1612 dst->p_align = (Elf64_Xword)src->p_align; 1613 } 1614 1615 static void 1616 core_shdr_to_gelf(const Elf32_Shdr *src, GElf_Shdr *dst) 1617 { 1618 dst->sh_name = src->sh_name; 1619 dst->sh_type = src->sh_type; 1620 dst->sh_flags = (Elf64_Xword)src->sh_flags; 1621 dst->sh_addr = (Elf64_Addr)src->sh_addr; 1622 dst->sh_offset = (Elf64_Off)src->sh_offset; 1623 dst->sh_size = (Elf64_Xword)src->sh_size; 1624 dst->sh_link = src->sh_link; 1625 dst->sh_info = src->sh_info; 1626 dst->sh_addralign = (Elf64_Xword)src->sh_addralign; 1627 dst->sh_entsize = (Elf64_Xword)src->sh_entsize; 1628 } 1629 1630 /* 1631 * Perform elf_begin on efp->e_fd and verify the ELF file's type and class. 1632 */ 1633 static int 1634 core_elf_fdopen(elf_file_t *efp, GElf_Half type, int *perr) 1635 { 1636 #ifdef _BIG_ENDIAN 1637 uchar_t order = ELFDATA2MSB; 1638 #else 1639 uchar_t order = ELFDATA2LSB; 1640 #endif 1641 Elf32_Ehdr e32; 1642 int is_noelf = -1; 1643 int isa_err = 0; 1644 1645 /* 1646 * Because 32-bit libelf cannot deal with large files, we need to read, 1647 * check, and convert the file header manually in case type == ET_CORE. 1648 */ 1649 if (pread64(efp->e_fd, &e32, sizeof (e32), 0) != sizeof (e32)) { 1650 if (perr != NULL) 1651 *perr = G_FORMAT; 1652 goto err; 1653 } 1654 if ((is_noelf = memcmp(&e32.e_ident[EI_MAG0], ELFMAG, SELFMAG)) != 0 || 1655 e32.e_type != type || (isa_err = (e32.e_ident[EI_DATA] != order)) || 1656 e32.e_version != EV_CURRENT) { 1657 if (perr != NULL) { 1658 if (is_noelf == 0 && isa_err) { 1659 *perr = G_ISAINVAL; 1660 } else { 1661 *perr = G_FORMAT; 1662 } 1663 } 1664 goto err; 1665 } 1666 1667 /* 1668 * If the file is 64-bit and we are 32-bit, fail with G_LP64. If the 1669 * file is 64-bit and we are 64-bit, re-read the header as a Elf64_Ehdr, 1670 * and convert it to a elf_file_header_t. Otherwise, the file is 1671 * 32-bit, so convert e32 to a elf_file_header_t. 1672 */ 1673 if (e32.e_ident[EI_CLASS] == ELFCLASS64) { 1674 #ifdef _LP64 1675 Elf64_Ehdr e64; 1676 1677 if (pread64(efp->e_fd, &e64, sizeof (e64), 0) != sizeof (e64)) { 1678 if (perr != NULL) 1679 *perr = G_FORMAT; 1680 goto err; 1681 } 1682 1683 (void) memcpy(efp->e_hdr.e_ident, e64.e_ident, EI_NIDENT); 1684 efp->e_hdr.e_type = e64.e_type; 1685 efp->e_hdr.e_machine = e64.e_machine; 1686 efp->e_hdr.e_version = e64.e_version; 1687 efp->e_hdr.e_entry = e64.e_entry; 1688 efp->e_hdr.e_phoff = e64.e_phoff; 1689 efp->e_hdr.e_shoff = e64.e_shoff; 1690 efp->e_hdr.e_flags = e64.e_flags; 1691 efp->e_hdr.e_ehsize = e64.e_ehsize; 1692 efp->e_hdr.e_phentsize = e64.e_phentsize; 1693 efp->e_hdr.e_phnum = (Elf64_Word)e64.e_phnum; 1694 efp->e_hdr.e_shentsize = e64.e_shentsize; 1695 efp->e_hdr.e_shnum = (Elf64_Word)e64.e_shnum; 1696 efp->e_hdr.e_shstrndx = (Elf64_Word)e64.e_shstrndx; 1697 #else /* _LP64 */ 1698 if (perr != NULL) 1699 *perr = G_LP64; 1700 goto err; 1701 #endif /* _LP64 */ 1702 } else { 1703 (void) memcpy(efp->e_hdr.e_ident, e32.e_ident, EI_NIDENT); 1704 efp->e_hdr.e_type = e32.e_type; 1705 efp->e_hdr.e_machine = e32.e_machine; 1706 efp->e_hdr.e_version = e32.e_version; 1707 efp->e_hdr.e_entry = (Elf64_Addr)e32.e_entry; 1708 efp->e_hdr.e_phoff = (Elf64_Off)e32.e_phoff; 1709 efp->e_hdr.e_shoff = (Elf64_Off)e32.e_shoff; 1710 efp->e_hdr.e_flags = e32.e_flags; 1711 efp->e_hdr.e_ehsize = e32.e_ehsize; 1712 efp->e_hdr.e_phentsize = e32.e_phentsize; 1713 efp->e_hdr.e_phnum = (Elf64_Word)e32.e_phnum; 1714 efp->e_hdr.e_shentsize = e32.e_shentsize; 1715 efp->e_hdr.e_shnum = (Elf64_Word)e32.e_shnum; 1716 efp->e_hdr.e_shstrndx = (Elf64_Word)e32.e_shstrndx; 1717 } 1718 1719 /* 1720 * If the number of section headers or program headers or the section 1721 * header string table index would overflow their respective fields 1722 * in the ELF header, they're stored in the section header at index 1723 * zero. To simplify use elsewhere, we look for those sentinel values 1724 * here. 1725 */ 1726 if ((efp->e_hdr.e_shnum == 0 && efp->e_hdr.e_shoff != 0) || 1727 efp->e_hdr.e_shstrndx == SHN_XINDEX || 1728 efp->e_hdr.e_phnum == PN_XNUM) { 1729 GElf_Shdr shdr; 1730 1731 dprintf("extended ELF header\n"); 1732 1733 if (efp->e_hdr.e_shoff == 0) { 1734 if (perr != NULL) 1735 *perr = G_FORMAT; 1736 goto err; 1737 } 1738 1739 if (efp->e_hdr.e_ident[EI_CLASS] == ELFCLASS32) { 1740 Elf32_Shdr shdr32; 1741 1742 if (pread64(efp->e_fd, &shdr32, sizeof (shdr32), 1743 efp->e_hdr.e_shoff) != sizeof (shdr32)) { 1744 if (perr != NULL) 1745 *perr = G_FORMAT; 1746 goto err; 1747 } 1748 1749 core_shdr_to_gelf(&shdr32, &shdr); 1750 } else { 1751 if (pread64(efp->e_fd, &shdr, sizeof (shdr), 1752 efp->e_hdr.e_shoff) != sizeof (shdr)) { 1753 if (perr != NULL) 1754 *perr = G_FORMAT; 1755 goto err; 1756 } 1757 } 1758 1759 if (efp->e_hdr.e_shnum == 0) { 1760 efp->e_hdr.e_shnum = shdr.sh_size; 1761 dprintf("section header count %lu\n", 1762 (ulong_t)shdr.sh_size); 1763 } 1764 1765 if (efp->e_hdr.e_shstrndx == SHN_XINDEX) { 1766 efp->e_hdr.e_shstrndx = shdr.sh_link; 1767 dprintf("section string index %u\n", shdr.sh_link); 1768 } 1769 1770 if (efp->e_hdr.e_phnum == PN_XNUM && shdr.sh_info != 0) { 1771 efp->e_hdr.e_phnum = shdr.sh_info; 1772 dprintf("program header count %u\n", shdr.sh_info); 1773 } 1774 1775 } else if (efp->e_hdr.e_phoff != 0) { 1776 GElf_Phdr phdr; 1777 uint64_t phnum; 1778 1779 /* 1780 * It's possible this core file came from a system that 1781 * accidentally truncated the e_phnum field without correctly 1782 * using the extended format in the section header at index 1783 * zero. We try to detect and correct that specific type of 1784 * corruption by using the knowledge that the core dump 1785 * routines usually place the data referenced by the first 1786 * program header immediately after the last header element. 1787 */ 1788 if (efp->e_hdr.e_ident[EI_CLASS] == ELFCLASS32) { 1789 Elf32_Phdr phdr32; 1790 1791 if (pread64(efp->e_fd, &phdr32, sizeof (phdr32), 1792 efp->e_hdr.e_phoff) != sizeof (phdr32)) { 1793 if (perr != NULL) 1794 *perr = G_FORMAT; 1795 goto err; 1796 } 1797 1798 core_phdr_to_gelf(&phdr32, &phdr); 1799 } else { 1800 if (pread64(efp->e_fd, &phdr, sizeof (phdr), 1801 efp->e_hdr.e_phoff) != sizeof (phdr)) { 1802 if (perr != NULL) 1803 *perr = G_FORMAT; 1804 goto err; 1805 } 1806 } 1807 1808 phnum = phdr.p_offset - efp->e_hdr.e_ehsize - 1809 (uint64_t)efp->e_hdr.e_shnum * efp->e_hdr.e_shentsize; 1810 phnum /= efp->e_hdr.e_phentsize; 1811 1812 if (phdr.p_offset != 0 && phnum != efp->e_hdr.e_phnum) { 1813 dprintf("suspicious program header count %u %u\n", 1814 (uint_t)phnum, efp->e_hdr.e_phnum); 1815 1816 /* 1817 * If the new program header count we computed doesn't 1818 * jive with count in the ELF header, we'll use the 1819 * data that's there and hope for the best. 1820 * 1821 * If it does, it's also possible that the section 1822 * header offset is incorrect; we'll check that and 1823 * possibly try to fix it. 1824 */ 1825 if (phnum <= INT_MAX && 1826 (uint16_t)phnum == efp->e_hdr.e_phnum) { 1827 1828 if (efp->e_hdr.e_shoff == efp->e_hdr.e_phoff + 1829 efp->e_hdr.e_phentsize * 1830 (uint_t)efp->e_hdr.e_phnum) { 1831 efp->e_hdr.e_shoff = 1832 efp->e_hdr.e_phoff + 1833 efp->e_hdr.e_phentsize * phnum; 1834 } 1835 1836 efp->e_hdr.e_phnum = (Elf64_Word)phnum; 1837 dprintf("using new program header count\n"); 1838 } else { 1839 dprintf("inconsistent program header count\n"); 1840 } 1841 } 1842 } 1843 1844 /* 1845 * The libelf implementation was never ported to be large-file aware. 1846 * This is typically not a problem for your average executable or 1847 * shared library, but a large 32-bit core file can exceed 2GB in size. 1848 * So if type is ET_CORE, we don't bother doing elf_begin; the code 1849 * in Pfgrab_core() below will do its own i/o and struct conversion. 1850 */ 1851 1852 if (type == ET_CORE) { 1853 efp->e_elf = NULL; 1854 return (0); 1855 } 1856 1857 if ((efp->e_elf = elf_begin(efp->e_fd, ELF_C_READ, NULL)) == NULL) { 1858 if (perr != NULL) 1859 *perr = G_ELF; 1860 goto err; 1861 } 1862 1863 return (0); 1864 1865 err: 1866 efp->e_elf = NULL; 1867 return (-1); 1868 } 1869 1870 /* 1871 * Open the specified file and then do a core_elf_fdopen on it. 1872 */ 1873 static int 1874 core_elf_open(elf_file_t *efp, const char *path, GElf_Half type, int *perr) 1875 { 1876 (void) memset(efp, 0, sizeof (elf_file_t)); 1877 1878 if ((efp->e_fd = open64(path, O_RDONLY)) >= 0) { 1879 if (core_elf_fdopen(efp, type, perr) == 0) 1880 return (0); 1881 1882 (void) close(efp->e_fd); 1883 efp->e_fd = -1; 1884 } 1885 1886 return (-1); 1887 } 1888 1889 /* 1890 * Close the ELF handle and file descriptor. 1891 */ 1892 static void 1893 core_elf_close(elf_file_t *efp) 1894 { 1895 if (efp->e_elf != NULL) { 1896 (void) elf_end(efp->e_elf); 1897 efp->e_elf = NULL; 1898 } 1899 1900 if (efp->e_fd != -1) { 1901 (void) close(efp->e_fd); 1902 efp->e_fd = -1; 1903 } 1904 } 1905 1906 /* 1907 * Given an ELF file for a statically linked executable, locate the likely 1908 * primary text section and fill in rl_base with its virtual address. 1909 */ 1910 static map_info_t * 1911 core_find_text(struct ps_prochandle *P, Elf *elf, rd_loadobj_t *rlp) 1912 { 1913 GElf_Phdr phdr; 1914 uint_t i; 1915 size_t nphdrs; 1916 1917 if (elf_getphdrnum(elf, &nphdrs) == -1) 1918 return (NULL); 1919 1920 for (i = 0; i < nphdrs; i++) { 1921 if (gelf_getphdr(elf, i, &phdr) != NULL && 1922 phdr.p_type == PT_LOAD && (phdr.p_flags & PF_X)) { 1923 rlp->rl_base = phdr.p_vaddr; 1924 return (Paddr2mptr(P, rlp->rl_base)); 1925 } 1926 } 1927 1928 return (NULL); 1929 } 1930 1931 /* 1932 * Given an ELF file and the librtld_db structure corresponding to its primary 1933 * text mapping, deduce where its data segment was loaded and fill in 1934 * rl_data_base and prmap_t.pr_offset accordingly. 1935 */ 1936 static map_info_t * 1937 core_find_data(struct ps_prochandle *P, Elf *elf, rd_loadobj_t *rlp) 1938 { 1939 GElf_Ehdr ehdr; 1940 GElf_Phdr phdr; 1941 map_info_t *mp; 1942 uint_t i, pagemask; 1943 size_t nphdrs; 1944 1945 rlp->rl_data_base = (uintptr_t)NULL; 1946 1947 /* 1948 * Find the first loadable, writeable Phdr and compute rl_data_base 1949 * as the virtual address at which is was loaded. 1950 */ 1951 if (gelf_getehdr(elf, &ehdr) == NULL || 1952 elf_getphdrnum(elf, &nphdrs) == -1) 1953 return (NULL); 1954 1955 for (i = 0; i < nphdrs; i++) { 1956 if (gelf_getphdr(elf, i, &phdr) != NULL && 1957 phdr.p_type == PT_LOAD && (phdr.p_flags & PF_W)) { 1958 rlp->rl_data_base = phdr.p_vaddr; 1959 if (ehdr.e_type == ET_DYN) 1960 rlp->rl_data_base += rlp->rl_base; 1961 break; 1962 } 1963 } 1964 1965 /* 1966 * If we didn't find an appropriate phdr or if the address we 1967 * computed has no mapping, return NULL. 1968 */ 1969 if (rlp->rl_data_base == (uintptr_t)NULL || 1970 (mp = Paddr2mptr(P, rlp->rl_data_base)) == NULL) 1971 return (NULL); 1972 1973 /* 1974 * It wouldn't be procfs-related code if we didn't make use of 1975 * unclean knowledge of segvn, even in userland ... the prmap_t's 1976 * pr_offset field will be the segvn offset from mmap(2)ing the 1977 * data section, which will be the file offset & PAGEMASK. 1978 */ 1979 pagemask = ~(mp->map_pmap.pr_pagesize - 1); 1980 mp->map_pmap.pr_offset = phdr.p_offset & pagemask; 1981 1982 return (mp); 1983 } 1984 1985 /* 1986 * Librtld_db agent callback for iterating over load object mappings. 1987 * For each load object, we allocate a new file_info_t, perform naming, 1988 * and attempt to construct a symbol table for the load object. 1989 */ 1990 static int 1991 core_iter_mapping(const rd_loadobj_t *rlp, struct ps_prochandle *P) 1992 { 1993 core_info_t *core = P->data; 1994 char lname[PATH_MAX], buf[PATH_MAX]; 1995 file_info_t *fp; 1996 map_info_t *mp; 1997 1998 if (Pread_string(P, lname, PATH_MAX, (off_t)rlp->rl_nameaddr) <= 0) { 1999 dprintf("failed to read name %p\n", (void *)rlp->rl_nameaddr); 2000 return (1); /* Keep going; forget this if we can't get a name */ 2001 } 2002 2003 dprintf("rd_loadobj name = \"%s\" rl_base = %p\n", 2004 lname, (void *)rlp->rl_base); 2005 2006 if ((mp = Paddr2mptr(P, rlp->rl_base)) == NULL) { 2007 dprintf("no mapping for %p\n", (void *)rlp->rl_base); 2008 return (1); /* No mapping; advance to next mapping */ 2009 } 2010 2011 /* 2012 * Create a new file_info_t for this mapping, and therefore for 2013 * this load object. 2014 * 2015 * If there's an ELF header at the beginning of this mapping, 2016 * file_info_new() will try to use its section headers to 2017 * identify any other mappings that belong to this load object. 2018 */ 2019 if ((fp = mp->map_file) == NULL && 2020 (fp = file_info_new(P, mp)) == NULL) { 2021 core->core_errno = errno; 2022 dprintf("failed to malloc mapping data\n"); 2023 return (0); /* Abort */ 2024 } 2025 fp->file_map = mp; 2026 2027 /* Create a local copy of the load object representation */ 2028 if ((fp->file_lo = calloc(1, sizeof (rd_loadobj_t))) == NULL) { 2029 core->core_errno = errno; 2030 dprintf("failed to malloc mapping data\n"); 2031 return (0); /* Abort */ 2032 } 2033 *fp->file_lo = *rlp; 2034 2035 if (lname[0] != '\0') { 2036 /* 2037 * Naming dance part 1: if we got a name from librtld_db, then 2038 * copy this name to the prmap_t if it is unnamed. If the 2039 * file_info_t is unnamed, name it after the lname. 2040 */ 2041 if (mp->map_pmap.pr_mapname[0] == '\0') { 2042 (void) strncpy(mp->map_pmap.pr_mapname, lname, PRMAPSZ); 2043 mp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 2044 } 2045 2046 if (fp->file_lname == NULL) 2047 fp->file_lname = strdup(lname); 2048 2049 } else if (fp->file_lname == NULL && 2050 mp->map_pmap.pr_mapname[0] != '\0') { 2051 /* 2052 * Naming dance part 2: if the mapping is named and the 2053 * file_info_t is not, name the file after the mapping. 2054 */ 2055 fp->file_lname = strdup(mp->map_pmap.pr_mapname); 2056 } 2057 2058 if ((fp->file_rname == NULL) && 2059 (Pfindmap(P, mp, buf, sizeof (buf)) != NULL)) 2060 fp->file_rname = strdup(buf); 2061 2062 if (fp->file_lname != NULL) 2063 fp->file_lbase = basename(fp->file_lname); 2064 if (fp->file_rname != NULL) 2065 fp->file_rbase = basename(fp->file_rname); 2066 2067 /* Associate the file and the mapping. */ 2068 (void) strncpy(fp->file_pname, mp->map_pmap.pr_mapname, PRMAPSZ); 2069 fp->file_pname[PRMAPSZ - 1] = '\0'; 2070 2071 /* 2072 * If no section headers were available then we'll have to 2073 * identify this load object's other mappings with what we've 2074 * got: the start and end of the object's corresponding 2075 * address space. 2076 */ 2077 if (fp->file_saddrs == NULL) { 2078 for (mp = fp->file_map + 1; mp < P->mappings + P->map_count && 2079 mp->map_pmap.pr_vaddr < rlp->rl_bend; mp++) { 2080 2081 if (mp->map_file == NULL) { 2082 dprintf("core_iter_mapping %s: associating " 2083 "segment at %p\n", 2084 fp->file_pname, 2085 (void *)mp->map_pmap.pr_vaddr); 2086 mp->map_file = fp; 2087 fp->file_ref++; 2088 } else { 2089 dprintf("core_iter_mapping %s: segment at " 2090 "%p already associated with %s\n", 2091 fp->file_pname, 2092 (void *)mp->map_pmap.pr_vaddr, 2093 (mp == fp->file_map ? "this file" : 2094 mp->map_file->file_pname)); 2095 } 2096 } 2097 } 2098 2099 /* Ensure that all this file's mappings are named. */ 2100 for (mp = fp->file_map; mp < P->mappings + P->map_count && 2101 mp->map_file == fp; mp++) { 2102 if (mp->map_pmap.pr_mapname[0] == '\0' && 2103 !(mp->map_pmap.pr_mflags & MA_BREAK)) { 2104 (void) strncpy(mp->map_pmap.pr_mapname, fp->file_pname, 2105 PRMAPSZ); 2106 mp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 2107 } 2108 } 2109 2110 /* Attempt to build a symbol table for this file. */ 2111 Pbuild_file_symtab(P, fp); 2112 if (fp->file_elf == NULL) 2113 dprintf("core_iter_mapping: no symtab for %s\n", 2114 fp->file_pname); 2115 2116 /* Locate the start of a data segment associated with this file. */ 2117 if ((mp = core_find_data(P, fp->file_elf, fp->file_lo)) != NULL) { 2118 dprintf("found data for %s at %p (pr_offset 0x%llx)\n", 2119 fp->file_pname, (void *)fp->file_lo->rl_data_base, 2120 mp->map_pmap.pr_offset); 2121 } else { 2122 dprintf("core_iter_mapping: no data found for %s\n", 2123 fp->file_pname); 2124 } 2125 2126 return (1); /* Advance to next mapping */ 2127 } 2128 2129 /* 2130 * Callback function for Pfindexec(). In order to confirm a given pathname, 2131 * we verify that we can open it as an ELF file of type ET_EXEC or ET_DYN. 2132 */ 2133 static int 2134 core_exec_open(const char *path, void *efp) 2135 { 2136 if (core_elf_open(efp, path, ET_EXEC, NULL) == 0) 2137 return (1); 2138 if (core_elf_open(efp, path, ET_DYN, NULL) == 0) 2139 return (1); 2140 return (0); 2141 } 2142 2143 /* 2144 * Attempt to load any section headers found in the core file. If present, 2145 * this will refer to non-loadable data added to the core file by the kernel 2146 * based on coreadm(1M) settings, including CTF data and the symbol table. 2147 */ 2148 static void 2149 core_load_shdrs(struct ps_prochandle *P, elf_file_t *efp) 2150 { 2151 GElf_Shdr *shp, *shdrs = NULL; 2152 char *shstrtab = NULL; 2153 ulong_t shstrtabsz; 2154 const char *name; 2155 map_info_t *mp; 2156 2157 size_t nbytes; 2158 void *buf; 2159 int i; 2160 2161 if (efp->e_hdr.e_shstrndx >= efp->e_hdr.e_shnum) { 2162 dprintf("corrupt shstrndx (%u) exceeds shnum (%u)\n", 2163 efp->e_hdr.e_shstrndx, efp->e_hdr.e_shnum); 2164 return; 2165 } 2166 2167 /* 2168 * Read the section header table from the core file and then iterate 2169 * over the section headers, converting each to a GElf_Shdr. 2170 */ 2171 if ((shdrs = malloc(efp->e_hdr.e_shnum * sizeof (GElf_Shdr))) == NULL) { 2172 dprintf("failed to malloc %u section headers: %s\n", 2173 (uint_t)efp->e_hdr.e_shnum, strerror(errno)); 2174 return; 2175 } 2176 2177 nbytes = efp->e_hdr.e_shnum * efp->e_hdr.e_shentsize; 2178 if ((buf = malloc(nbytes)) == NULL) { 2179 dprintf("failed to malloc %d bytes: %s\n", (int)nbytes, 2180 strerror(errno)); 2181 free(shdrs); 2182 goto out; 2183 } 2184 2185 if (pread64(efp->e_fd, buf, nbytes, efp->e_hdr.e_shoff) != nbytes) { 2186 dprintf("failed to read section headers at off %lld: %s\n", 2187 (longlong_t)efp->e_hdr.e_shoff, strerror(errno)); 2188 free(buf); 2189 goto out; 2190 } 2191 2192 for (i = 0; i < efp->e_hdr.e_shnum; i++) { 2193 void *p = (uchar_t *)buf + efp->e_hdr.e_shentsize * i; 2194 2195 if (efp->e_hdr.e_ident[EI_CLASS] == ELFCLASS32) 2196 core_shdr_to_gelf(p, &shdrs[i]); 2197 else 2198 (void) memcpy(&shdrs[i], p, sizeof (GElf_Shdr)); 2199 } 2200 2201 free(buf); 2202 buf = NULL; 2203 2204 /* 2205 * Read the .shstrtab section from the core file, terminating it with 2206 * an extra \0 so that a corrupt section will not cause us to die. 2207 */ 2208 shp = &shdrs[efp->e_hdr.e_shstrndx]; 2209 shstrtabsz = shp->sh_size; 2210 2211 if ((shstrtab = malloc(shstrtabsz + 1)) == NULL) { 2212 dprintf("failed to allocate %lu bytes for shstrtab\n", 2213 (ulong_t)shstrtabsz); 2214 goto out; 2215 } 2216 2217 if (pread64(efp->e_fd, shstrtab, shstrtabsz, 2218 shp->sh_offset) != shstrtabsz) { 2219 dprintf("failed to read %lu bytes of shstrs at off %lld: %s\n", 2220 shstrtabsz, (longlong_t)shp->sh_offset, strerror(errno)); 2221 goto out; 2222 } 2223 2224 shstrtab[shstrtabsz] = '\0'; 2225 2226 /* 2227 * Now iterate over each section in the section header table, locating 2228 * sections of interest and initializing more of the ps_prochandle. 2229 */ 2230 for (i = 0; i < efp->e_hdr.e_shnum; i++) { 2231 shp = &shdrs[i]; 2232 name = shstrtab + shp->sh_name; 2233 2234 if (shp->sh_name >= shstrtabsz) { 2235 dprintf("skipping section [%d]: corrupt sh_name\n", i); 2236 continue; 2237 } 2238 2239 if (shp->sh_link >= efp->e_hdr.e_shnum) { 2240 dprintf("skipping section [%d]: corrupt sh_link\n", i); 2241 continue; 2242 } 2243 2244 dprintf("found section header %s (sh_addr 0x%llx)\n", 2245 name, (u_longlong_t)shp->sh_addr); 2246 2247 if (strcmp(name, ".SUNW_ctf") == 0) { 2248 if ((mp = Paddr2mptr(P, shp->sh_addr)) == NULL) { 2249 dprintf("no map at addr 0x%llx for %s [%d]\n", 2250 (u_longlong_t)shp->sh_addr, name, i); 2251 continue; 2252 } 2253 2254 if (mp->map_file == NULL || 2255 mp->map_file->file_ctf_buf != NULL) { 2256 dprintf("no mapping file or duplicate buffer " 2257 "for %s [%d]\n", name, i); 2258 continue; 2259 } 2260 2261 if ((buf = malloc(shp->sh_size)) == NULL || 2262 pread64(efp->e_fd, buf, shp->sh_size, 2263 shp->sh_offset) != shp->sh_size) { 2264 dprintf("skipping section %s [%d]: %s\n", 2265 name, i, strerror(errno)); 2266 free(buf); 2267 continue; 2268 } 2269 2270 mp->map_file->file_ctf_size = shp->sh_size; 2271 mp->map_file->file_ctf_buf = buf; 2272 2273 if (shdrs[shp->sh_link].sh_type == SHT_DYNSYM) 2274 mp->map_file->file_ctf_dyn = 1; 2275 2276 } else if (strcmp(name, ".symtab") == 0) { 2277 fake_up_symtab(P, &efp->e_hdr, 2278 shp, &shdrs[shp->sh_link]); 2279 } 2280 } 2281 out: 2282 free(shstrtab); 2283 free(shdrs); 2284 } 2285 2286 /* 2287 * Main engine for core file initialization: given an fd for the core file 2288 * and an optional pathname, construct the ps_prochandle. The aout_path can 2289 * either be a suggested executable pathname, or a suggested directory to 2290 * use as a possible current working directory. 2291 */ 2292 struct ps_prochandle * 2293 Pfgrab_core(int core_fd, const char *aout_path, int *perr) 2294 { 2295 struct ps_prochandle *P; 2296 core_info_t *core_info; 2297 map_info_t *stk_mp, *brk_mp; 2298 const char *execname; 2299 char *interp; 2300 int i, notes, pagesize; 2301 uintptr_t addr, base_addr; 2302 struct stat64 stbuf; 2303 void *phbuf, *php; 2304 size_t nbytes; 2305 #ifdef __x86 2306 boolean_t from_linux = B_FALSE; 2307 #endif 2308 2309 elf_file_t aout; 2310 elf_file_t core; 2311 2312 Elf_Scn *scn, *intp_scn = NULL; 2313 Elf_Data *dp; 2314 2315 GElf_Phdr phdr, note_phdr; 2316 GElf_Shdr shdr; 2317 GElf_Xword nleft; 2318 2319 if (elf_version(EV_CURRENT) == EV_NONE) { 2320 dprintf("libproc ELF version is more recent than libelf\n"); 2321 *perr = G_ELF; 2322 return (NULL); 2323 } 2324 2325 aout.e_elf = NULL; 2326 aout.e_fd = -1; 2327 2328 core.e_elf = NULL; 2329 core.e_fd = core_fd; 2330 2331 /* 2332 * Allocate and initialize a ps_prochandle structure for the core. 2333 * There are several key pieces of initialization here: 2334 * 2335 * 1. The PS_DEAD state flag marks this prochandle as a core file. 2336 * PS_DEAD also thus prevents all operations which require state 2337 * to be PS_STOP from operating on this handle. 2338 * 2339 * 2. We keep the core file fd in P->asfd since the core file contains 2340 * the remnants of the process address space. 2341 * 2342 * 3. We set the P->info_valid bit because all information about the 2343 * core is determined by the end of this function; there is no need 2344 * for proc_update_maps() to reload mappings at any later point. 2345 * 2346 * 4. The read/write ops vector uses our core_rw() function defined 2347 * above to handle i/o requests. 2348 */ 2349 if ((P = malloc(sizeof (struct ps_prochandle))) == NULL) { 2350 *perr = G_STRANGE; 2351 return (NULL); 2352 } 2353 2354 (void) memset(P, 0, sizeof (struct ps_prochandle)); 2355 (void) mutex_init(&P->proc_lock, USYNC_THREAD, NULL); 2356 P->state = PS_DEAD; 2357 P->pid = (pid_t)-1; 2358 P->asfd = core.e_fd; 2359 P->ctlfd = -1; 2360 P->statfd = -1; 2361 P->agentctlfd = -1; 2362 P->agentstatfd = -1; 2363 P->zoneroot = NULL; 2364 P->info_valid = 1; 2365 Pinit_ops(&P->ops, &P_core_ops); 2366 2367 Pinitsym(P); 2368 2369 /* 2370 * Fstat and open the core file and make sure it is a valid ELF core. 2371 */ 2372 if (fstat64(P->asfd, &stbuf) == -1) { 2373 *perr = G_STRANGE; 2374 goto err; 2375 } 2376 2377 if (core_elf_fdopen(&core, ET_CORE, perr) == -1) 2378 goto err; 2379 2380 /* 2381 * Allocate and initialize a core_info_t to hang off the ps_prochandle 2382 * structure. We keep all core-specific information in this structure. 2383 */ 2384 if ((core_info = calloc(1, sizeof (core_info_t))) == NULL) { 2385 *perr = G_STRANGE; 2386 goto err; 2387 } 2388 2389 P->data = core_info; 2390 list_link(&core_info->core_lwp_head, NULL); 2391 core_info->core_size = stbuf.st_size; 2392 /* 2393 * In the days before adjustable core file content, this was the 2394 * default core file content. For new core files, this value will 2395 * be overwritten by the NT_CONTENT note section. 2396 */ 2397 core_info->core_content = CC_CONTENT_STACK | CC_CONTENT_HEAP | 2398 CC_CONTENT_DATA | CC_CONTENT_RODATA | CC_CONTENT_ANON | 2399 CC_CONTENT_SHANON; 2400 2401 switch (core.e_hdr.e_ident[EI_CLASS]) { 2402 case ELFCLASS32: 2403 core_info->core_dmodel = PR_MODEL_ILP32; 2404 break; 2405 case ELFCLASS64: 2406 core_info->core_dmodel = PR_MODEL_LP64; 2407 break; 2408 default: 2409 *perr = G_FORMAT; 2410 goto err; 2411 } 2412 core_info->core_osabi = core.e_hdr.e_ident[EI_OSABI]; 2413 2414 /* 2415 * Because the core file may be a large file, we can't use libelf to 2416 * read the Phdrs. We use e_phnum and e_phentsize to simplify things. 2417 */ 2418 nbytes = core.e_hdr.e_phnum * core.e_hdr.e_phentsize; 2419 2420 if ((phbuf = malloc(nbytes)) == NULL) { 2421 *perr = G_STRANGE; 2422 goto err; 2423 } 2424 2425 if (pread64(core_fd, phbuf, nbytes, core.e_hdr.e_phoff) != nbytes) { 2426 *perr = G_STRANGE; 2427 free(phbuf); 2428 goto err; 2429 } 2430 2431 /* 2432 * Iterate through the program headers in the core file. 2433 * We're interested in two types of Phdrs: PT_NOTE (which 2434 * contains a set of saved /proc structures), and PT_LOAD (which 2435 * represents a memory mapping from the process's address space). 2436 * In the case of PT_NOTE, we're interested in the last PT_NOTE 2437 * in the core file; currently the first PT_NOTE (if present) 2438 * contains /proc structs in the pre-2.6 unstructured /proc format. 2439 */ 2440 for (php = phbuf, notes = 0, i = 0; i < core.e_hdr.e_phnum; i++) { 2441 if (core.e_hdr.e_ident[EI_CLASS] == ELFCLASS64) 2442 (void) memcpy(&phdr, php, sizeof (GElf_Phdr)); 2443 else 2444 core_phdr_to_gelf(php, &phdr); 2445 2446 switch (phdr.p_type) { 2447 case PT_NOTE: 2448 note_phdr = phdr; 2449 notes++; 2450 break; 2451 2452 case PT_LOAD: 2453 if (core_add_mapping(P, &phdr) == -1) { 2454 *perr = G_STRANGE; 2455 free(phbuf); 2456 goto err; 2457 } 2458 break; 2459 default: 2460 dprintf("Pgrab_core: unknown phdr %d\n", phdr.p_type); 2461 break; 2462 } 2463 2464 php = (char *)php + core.e_hdr.e_phentsize; 2465 } 2466 2467 free(phbuf); 2468 2469 Psort_mappings(P); 2470 2471 /* 2472 * If we couldn't find anything of type PT_NOTE, or only one PT_NOTE 2473 * was present, abort. The core file is either corrupt or too old. 2474 */ 2475 if (notes == 0 || (notes == 1 && core_info->core_osabi == 2476 ELFOSABI_SOLARIS)) { 2477 *perr = G_NOTE; 2478 goto err; 2479 } 2480 2481 /* 2482 * Advance the seek pointer to the start of the PT_NOTE data 2483 */ 2484 if (lseek64(P->asfd, note_phdr.p_offset, SEEK_SET) == (off64_t)-1) { 2485 dprintf("Pgrab_core: failed to lseek to PT_NOTE data\n"); 2486 *perr = G_STRANGE; 2487 goto err; 2488 } 2489 2490 /* 2491 * Now process the PT_NOTE structures. Each one is preceded by 2492 * an Elf{32/64}_Nhdr structure describing its type and size. 2493 * 2494 * +--------+ 2495 * | header | 2496 * +--------+ 2497 * | name | 2498 * | ... | 2499 * +--------+ 2500 * | desc | 2501 * | ... | 2502 * +--------+ 2503 */ 2504 for (nleft = note_phdr.p_filesz; nleft > 0; ) { 2505 Elf64_Nhdr nhdr; 2506 off64_t off, namesz, descsz; 2507 2508 /* 2509 * Although <sys/elf.h> defines both Elf32_Nhdr and Elf64_Nhdr 2510 * as different types, they are both of the same content and 2511 * size, so we don't need to worry about 32/64 conversion here. 2512 */ 2513 if (read(P->asfd, &nhdr, sizeof (nhdr)) != sizeof (nhdr)) { 2514 dprintf("Pgrab_core: failed to read ELF note header\n"); 2515 *perr = G_NOTE; 2516 goto err; 2517 } 2518 2519 /* 2520 * According to the System V ABI, the amount of padding 2521 * following the name field should align the description 2522 * field on a 4 byte boundary for 32-bit binaries or on an 8 2523 * byte boundary for 64-bit binaries. However, this change 2524 * was not made correctly during the 64-bit port so all 2525 * descriptions can assume only 4-byte alignment. We ignore 2526 * the name field and the padding to 4-byte alignment. 2527 */ 2528 namesz = P2ROUNDUP((off64_t)nhdr.n_namesz, (off64_t)4); 2529 2530 if (lseek64(P->asfd, namesz, SEEK_CUR) == (off64_t)-1) { 2531 dprintf("failed to seek past name and padding\n"); 2532 *perr = G_STRANGE; 2533 goto err; 2534 } 2535 2536 dprintf("Note hdr n_type=%u n_namesz=%u n_descsz=%u\n", 2537 nhdr.n_type, nhdr.n_namesz, nhdr.n_descsz); 2538 2539 off = lseek64(P->asfd, (off64_t)0L, SEEK_CUR); 2540 2541 /* 2542 * Invoke the note handler function from our table 2543 */ 2544 if (nhdr.n_type < sizeof (nhdlrs) / sizeof (nhdlrs[0])) { 2545 if (nhdlrs[nhdr.n_type](P, nhdr.n_descsz) < 0) { 2546 dprintf("handler for type %d returned < 0", 2547 nhdr.n_type); 2548 *perr = G_NOTE; 2549 goto err; 2550 } 2551 /* 2552 * The presence of either of these notes indicates that 2553 * the dump was generated on Linux. 2554 */ 2555 #ifdef __x86 2556 if (nhdr.n_type == NT_PRSTATUS || 2557 nhdr.n_type == NT_PRPSINFO) 2558 from_linux = B_TRUE; 2559 #endif 2560 } else { 2561 (void) note_notsup(P, nhdr.n_descsz); 2562 } 2563 2564 /* 2565 * Seek past the current note data to the next Elf_Nhdr 2566 */ 2567 descsz = P2ROUNDUP((off64_t)nhdr.n_descsz, (off64_t)4); 2568 if (lseek64(P->asfd, off + descsz, SEEK_SET) == (off64_t)-1) { 2569 dprintf("Pgrab_core: failed to seek to next nhdr\n"); 2570 *perr = G_STRANGE; 2571 goto err; 2572 } 2573 2574 /* 2575 * Subtract the size of the header and its data from what 2576 * we have left to process. 2577 */ 2578 nleft -= sizeof (nhdr) + namesz + descsz; 2579 } 2580 2581 #ifdef __x86 2582 if (from_linux) { 2583 size_t tcount, pid; 2584 lwp_info_t *lwp; 2585 2586 P->status.pr_dmodel = core_info->core_dmodel; 2587 2588 lwp = list_next(&core_info->core_lwp_head); 2589 2590 pid = P->status.pr_pid; 2591 2592 for (tcount = 0; tcount < core_info->core_nlwp; 2593 tcount++, lwp = list_next(lwp)) { 2594 dprintf("Linux thread with id %d\n", lwp->lwp_id); 2595 2596 /* 2597 * In the case we don't have a valid psinfo (i.e. pid is 2598 * 0, probably because of gdb creating the core) assume 2599 * lowest pid count is the first thread (what if the 2600 * next thread wraps the pid around?) 2601 */ 2602 if (P->status.pr_pid == 0 && 2603 ((pid == 0 && lwp->lwp_id > 0) || 2604 (lwp->lwp_id < pid))) { 2605 pid = lwp->lwp_id; 2606 } 2607 } 2608 2609 if (P->status.pr_pid != pid) { 2610 dprintf("No valid pid, setting to %ld\n", (ulong_t)pid); 2611 P->status.pr_pid = pid; 2612 P->psinfo.pr_pid = pid; 2613 } 2614 2615 /* 2616 * Consumers like mdb expect the first thread to actually have 2617 * an id of 1, on linux that is actually the pid. Find the the 2618 * thread with our process id, and set the id to 1 2619 */ 2620 if ((lwp = lwpid2info(P, pid)) == NULL) { 2621 dprintf("Couldn't find first thread\n"); 2622 *perr = G_STRANGE; 2623 goto err; 2624 } 2625 2626 dprintf("setting representative thread: %d\n", lwp->lwp_id); 2627 2628 lwp->lwp_id = 1; 2629 lwp->lwp_status.pr_lwpid = 1; 2630 2631 /* set representative thread */ 2632 (void) memcpy(&P->status.pr_lwp, &lwp->lwp_status, 2633 sizeof (P->status.pr_lwp)); 2634 } 2635 #endif /* __x86 */ 2636 2637 if (nleft != 0) { 2638 dprintf("Pgrab_core: note section malformed\n"); 2639 *perr = G_STRANGE; 2640 goto err; 2641 } 2642 2643 if ((pagesize = Pgetauxval(P, AT_PAGESZ)) == -1) { 2644 pagesize = getpagesize(); 2645 dprintf("AT_PAGESZ missing; defaulting to %d\n", pagesize); 2646 } 2647 2648 /* 2649 * Locate and label the mappings corresponding to the end of the 2650 * heap (MA_BREAK) and the base of the stack (MA_STACK). 2651 */ 2652 if ((P->status.pr_brkbase != 0 || P->status.pr_brksize != 0) && 2653 (brk_mp = Paddr2mptr(P, P->status.pr_brkbase + 2654 P->status.pr_brksize - 1)) != NULL) 2655 brk_mp->map_pmap.pr_mflags |= MA_BREAK; 2656 else 2657 brk_mp = NULL; 2658 2659 if ((stk_mp = Paddr2mptr(P, P->status.pr_stkbase)) != NULL) 2660 stk_mp->map_pmap.pr_mflags |= MA_STACK; 2661 2662 /* 2663 * At this point, we have enough information to look for the 2664 * executable and open it: we have access to the auxv, a psinfo_t, 2665 * and the ability to read from mappings provided by the core file. 2666 */ 2667 (void) Pfindexec(P, aout_path, core_exec_open, &aout); 2668 dprintf("P->execname = \"%s\"\n", P->execname ? P->execname : "NULL"); 2669 execname = P->execname ? P->execname : "a.out"; 2670 2671 /* 2672 * Iterate through the sections, looking for the .dynamic and .interp 2673 * sections. If we encounter them, remember their section pointers. 2674 */ 2675 for (scn = NULL; (scn = elf_nextscn(aout.e_elf, scn)) != NULL; ) { 2676 char *sname; 2677 2678 if ((gelf_getshdr(scn, &shdr) == NULL) || 2679 (sname = elf_strptr(aout.e_elf, aout.e_hdr.e_shstrndx, 2680 (size_t)shdr.sh_name)) == NULL) 2681 continue; 2682 2683 if (strcmp(sname, ".interp") == 0) 2684 intp_scn = scn; 2685 } 2686 2687 /* 2688 * Get the AT_BASE auxv element. If this is missing (-1), then 2689 * we assume this is a statically-linked executable. 2690 */ 2691 base_addr = Pgetauxval(P, AT_BASE); 2692 2693 /* 2694 * In order to get librtld_db initialized, we'll need to identify 2695 * and name the mapping corresponding to the run-time linker. The 2696 * AT_BASE auxv element tells us the address where it was mapped, 2697 * and the .interp section of the executable tells us its path. 2698 * If for some reason that doesn't pan out, just use ld.so.1. 2699 */ 2700 if (intp_scn != NULL && (dp = elf_getdata(intp_scn, NULL)) != NULL && 2701 dp->d_size != 0) { 2702 dprintf(".interp = <%s>\n", (char *)dp->d_buf); 2703 interp = dp->d_buf; 2704 2705 } else if (base_addr != (uintptr_t)-1L) { 2706 if (core_info->core_dmodel == PR_MODEL_LP64) 2707 interp = "/usr/lib/64/ld.so.1"; 2708 else 2709 interp = "/usr/lib/ld.so.1"; 2710 2711 dprintf(".interp section is missing or could not be read; " 2712 "defaulting to %s\n", interp); 2713 } else 2714 dprintf("detected statically linked executable\n"); 2715 2716 /* 2717 * If we have an AT_BASE element, name the mapping at that address 2718 * using the interpreter pathname. Name the corresponding data 2719 * mapping after the interpreter as well. 2720 */ 2721 if (base_addr != (uintptr_t)-1L) { 2722 elf_file_t intf; 2723 2724 P->map_ldso = core_name_mapping(P, base_addr, interp); 2725 2726 if (core_elf_open(&intf, interp, ET_DYN, NULL) == 0) { 2727 rd_loadobj_t rl; 2728 map_info_t *dmp; 2729 2730 rl.rl_base = base_addr; 2731 dmp = core_find_data(P, intf.e_elf, &rl); 2732 2733 if (dmp != NULL) { 2734 dprintf("renamed data at %p to %s\n", 2735 (void *)rl.rl_data_base, interp); 2736 (void) strncpy(dmp->map_pmap.pr_mapname, 2737 interp, PRMAPSZ); 2738 dmp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 2739 } 2740 } 2741 2742 core_elf_close(&intf); 2743 } 2744 2745 /* 2746 * If we have an AT_ENTRY element, name the mapping at that address 2747 * using the special name "a.out" just like /proc does. 2748 */ 2749 if ((addr = Pgetauxval(P, AT_ENTRY)) != (uintptr_t)-1L) 2750 P->map_exec = core_name_mapping(P, addr, "a.out"); 2751 2752 /* 2753 * If we're a statically linked executable (or we're on x86 and looking 2754 * at a Linux core dump), then just locate the executable's text and 2755 * data and name them after the executable. 2756 */ 2757 #ifndef __x86 2758 if (base_addr == (uintptr_t)-1L) { 2759 #else 2760 if (base_addr == (uintptr_t)-1L || from_linux) { 2761 #endif 2762 dprintf("looking for text and data: %s\n", execname); 2763 map_info_t *tmp, *dmp; 2764 file_info_t *fp; 2765 rd_loadobj_t rl; 2766 2767 if ((tmp = core_find_text(P, aout.e_elf, &rl)) != NULL && 2768 (dmp = core_find_data(P, aout.e_elf, &rl)) != NULL) { 2769 (void) strncpy(tmp->map_pmap.pr_mapname, 2770 execname, PRMAPSZ); 2771 tmp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 2772 (void) strncpy(dmp->map_pmap.pr_mapname, 2773 execname, PRMAPSZ); 2774 dmp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 2775 } 2776 2777 if ((P->map_exec = tmp) != NULL && 2778 (fp = malloc(sizeof (file_info_t))) != NULL) { 2779 2780 (void) memset(fp, 0, sizeof (file_info_t)); 2781 2782 list_link(fp, &P->file_head); 2783 tmp->map_file = fp; 2784 P->num_files++; 2785 2786 fp->file_ref = 1; 2787 fp->file_fd = -1; 2788 fp->file_dbgfile = -1; 2789 2790 fp->file_lo = malloc(sizeof (rd_loadobj_t)); 2791 fp->file_lname = strdup(execname); 2792 2793 if (fp->file_lo) 2794 *fp->file_lo = rl; 2795 if (fp->file_lname) 2796 fp->file_lbase = basename(fp->file_lname); 2797 if (fp->file_rname) 2798 fp->file_rbase = basename(fp->file_rname); 2799 2800 (void) strcpy(fp->file_pname, 2801 P->mappings[0].map_pmap.pr_mapname); 2802 fp->file_map = tmp; 2803 2804 Pbuild_file_symtab(P, fp); 2805 2806 if (dmp != NULL) { 2807 dmp->map_file = fp; 2808 fp->file_ref++; 2809 } 2810 } 2811 } 2812 2813 core_elf_close(&aout); 2814 2815 /* 2816 * We now have enough information to initialize librtld_db. 2817 * After it warms up, we can iterate through the load object chain 2818 * in the core, which will allow us to construct the file info 2819 * we need to provide symbol information for the other shared 2820 * libraries, and also to fill in the missing mapping names. 2821 */ 2822 rd_log(_libproc_debug); 2823 2824 if ((P->rap = rd_new(P)) != NULL) { 2825 (void) rd_loadobj_iter(P->rap, (rl_iter_f *) 2826 core_iter_mapping, P); 2827 2828 if (core_info->core_errno != 0) { 2829 errno = core_info->core_errno; 2830 *perr = G_STRANGE; 2831 goto err; 2832 } 2833 } else 2834 dprintf("failed to initialize rtld_db agent\n"); 2835 2836 /* 2837 * If there are sections, load them and process the data from any 2838 * sections that we can use to annotate the file_info_t's. 2839 */ 2840 core_load_shdrs(P, &core); 2841 2842 /* 2843 * If we previously located a stack or break mapping, and they are 2844 * still anonymous, we now assume that they were MAP_ANON mappings. 2845 * If brk_mp turns out to now have a name, then the heap is still 2846 * sitting at the end of the executable's data+bss mapping: remove 2847 * the previous MA_BREAK setting to be consistent with /proc. 2848 */ 2849 if (stk_mp != NULL && stk_mp->map_pmap.pr_mapname[0] == '\0') 2850 stk_mp->map_pmap.pr_mflags |= MA_ANON; 2851 if (brk_mp != NULL && brk_mp->map_pmap.pr_mapname[0] == '\0') 2852 brk_mp->map_pmap.pr_mflags |= MA_ANON; 2853 else if (brk_mp != NULL) 2854 brk_mp->map_pmap.pr_mflags &= ~MA_BREAK; 2855 2856 *perr = 0; 2857 return (P); 2858 2859 err: 2860 Pfree(P); 2861 core_elf_close(&aout); 2862 return (NULL); 2863 } 2864 2865 /* 2866 * Grab a core file using a pathname. We just open it and call Pfgrab_core(). 2867 */ 2868 struct ps_prochandle * 2869 Pgrab_core(const char *core, const char *aout, int gflag, int *perr) 2870 { 2871 int fd, oflag = (gflag & PGRAB_RDONLY) ? O_RDONLY : O_RDWR; 2872 2873 if ((fd = open64(core, oflag)) >= 0) 2874 return (Pfgrab_core(fd, aout, perr)); 2875 2876 if (errno != ENOENT) 2877 *perr = G_STRANGE; 2878 else 2879 *perr = G_NOCORE; 2880 2881 return (NULL); 2882 } 2883