1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 /* 26 * Copyright 2012 DEY Storage Systems, Inc. All rights reserved. 27 */ 28 29 #include <sys/types.h> 30 #include <sys/utsname.h> 31 #include <sys/sysmacros.h> 32 33 #include <alloca.h> 34 #include <rtld_db.h> 35 #include <libgen.h> 36 #include <limits.h> 37 #include <string.h> 38 #include <stdlib.h> 39 #include <unistd.h> 40 #include <errno.h> 41 #include <gelf.h> 42 #include <stddef.h> 43 44 #include "libproc.h" 45 #include "Pcontrol.h" 46 #include "P32ton.h" 47 #include "Putil.h" 48 49 /* 50 * Pcore.c - Code to initialize a ps_prochandle from a core dump. We 51 * allocate an additional structure to hold information from the core 52 * file, and attach this to the standard ps_prochandle in place of the 53 * ability to examine /proc/<pid>/ files. 54 */ 55 56 /* 57 * Basic i/o function for reading and writing from the process address space 58 * stored in the core file and associated shared libraries. We compute the 59 * appropriate fd and offsets, and let the provided prw function do the rest. 60 */ 61 static ssize_t 62 core_rw(struct ps_prochandle *P, void *buf, size_t n, uintptr_t addr, 63 ssize_t (*prw)(int, void *, size_t, off64_t)) 64 { 65 ssize_t resid = n; 66 67 while (resid != 0) { 68 map_info_t *mp = Paddr2mptr(P, addr); 69 70 uintptr_t mapoff; 71 ssize_t len; 72 off64_t off; 73 int fd; 74 75 if (mp == NULL) 76 break; /* No mapping for this address */ 77 78 if (mp->map_pmap.pr_mflags & MA_RESERVED1) { 79 if (mp->map_file == NULL || mp->map_file->file_fd < 0) 80 break; /* No file or file not open */ 81 82 fd = mp->map_file->file_fd; 83 } else 84 fd = P->asfd; 85 86 mapoff = addr - mp->map_pmap.pr_vaddr; 87 len = MIN(resid, mp->map_pmap.pr_size - mapoff); 88 off = mp->map_offset + mapoff; 89 90 if ((len = prw(fd, buf, len, off)) <= 0) 91 break; 92 93 resid -= len; 94 addr += len; 95 buf = (char *)buf + len; 96 } 97 98 /* 99 * Important: Be consistent with the behavior of i/o on the as file: 100 * writing to an invalid address yields EIO; reading from an invalid 101 * address falls through to returning success and zero bytes. 102 */ 103 if (resid == n && n != 0 && prw != pread64) { 104 errno = EIO; 105 return (-1); 106 } 107 108 return (n - resid); 109 } 110 111 static ssize_t 112 Pread_core(struct ps_prochandle *P, void *buf, size_t n, uintptr_t addr) 113 { 114 return (core_rw(P, buf, n, addr, pread64)); 115 } 116 117 static ssize_t 118 Pwrite_core(struct ps_prochandle *P, const void *buf, size_t n, uintptr_t addr) 119 { 120 return (core_rw(P, (void *)buf, n, addr, 121 (ssize_t (*)(int, void *, size_t, off64_t)) pwrite64)); 122 } 123 124 static const ps_rwops_t P_core_ops = { Pread_core, Pwrite_core }; 125 126 /* 127 * Return the lwp_info_t for the given lwpid. If no such lwpid has been 128 * encountered yet, allocate a new structure and return a pointer to it. 129 * Create a list of lwp_info_t structures sorted in decreasing lwp_id order. 130 */ 131 static lwp_info_t * 132 lwpid2info(struct ps_prochandle *P, lwpid_t id) 133 { 134 lwp_info_t *lwp = list_next(&P->core->core_lwp_head); 135 lwp_info_t *next; 136 uint_t i; 137 138 for (i = 0; i < P->core->core_nlwp; i++, lwp = list_next(lwp)) { 139 if (lwp->lwp_id == id) { 140 P->core->core_lwp = lwp; 141 return (lwp); 142 } 143 if (lwp->lwp_id < id) { 144 break; 145 } 146 } 147 148 next = lwp; 149 if ((lwp = calloc(1, sizeof (lwp_info_t))) == NULL) 150 return (NULL); 151 152 list_link(lwp, next); 153 lwp->lwp_id = id; 154 155 P->core->core_lwp = lwp; 156 P->core->core_nlwp++; 157 158 return (lwp); 159 } 160 161 /* 162 * The core file itself contains a series of NOTE segments containing saved 163 * structures from /proc at the time the process died. For each note we 164 * comprehend, we define a function to read it in from the core file, 165 * convert it to our native data model if necessary, and store it inside 166 * the ps_prochandle. Each function is invoked by Pfgrab_core() with the 167 * seek pointer on P->asfd positioned appropriately. We populate a table 168 * of pointers to these note functions below. 169 */ 170 171 static int 172 note_pstatus(struct ps_prochandle *P, size_t nbytes) 173 { 174 #ifdef _LP64 175 if (P->core->core_dmodel == PR_MODEL_ILP32) { 176 pstatus32_t ps32; 177 178 if (nbytes < sizeof (pstatus32_t) || 179 read(P->asfd, &ps32, sizeof (ps32)) != sizeof (ps32)) 180 goto err; 181 182 pstatus_32_to_n(&ps32, &P->status); 183 184 } else 185 #endif 186 if (nbytes < sizeof (pstatus_t) || 187 read(P->asfd, &P->status, sizeof (pstatus_t)) != sizeof (pstatus_t)) 188 goto err; 189 190 P->orig_status = P->status; 191 P->pid = P->status.pr_pid; 192 193 return (0); 194 195 err: 196 dprintf("Pgrab_core: failed to read NT_PSTATUS\n"); 197 return (-1); 198 } 199 200 static int 201 note_lwpstatus(struct ps_prochandle *P, size_t nbytes) 202 { 203 lwp_info_t *lwp; 204 lwpstatus_t lps; 205 206 #ifdef _LP64 207 if (P->core->core_dmodel == PR_MODEL_ILP32) { 208 lwpstatus32_t l32; 209 210 if (nbytes < sizeof (lwpstatus32_t) || 211 read(P->asfd, &l32, sizeof (l32)) != sizeof (l32)) 212 goto err; 213 214 lwpstatus_32_to_n(&l32, &lps); 215 } else 216 #endif 217 if (nbytes < sizeof (lwpstatus_t) || 218 read(P->asfd, &lps, sizeof (lps)) != sizeof (lps)) 219 goto err; 220 221 if ((lwp = lwpid2info(P, lps.pr_lwpid)) == NULL) { 222 dprintf("Pgrab_core: failed to add NT_LWPSTATUS\n"); 223 return (-1); 224 } 225 226 /* 227 * Erase a useless and confusing artifact of the kernel implementation: 228 * the lwps which did *not* create the core will show SIGKILL. We can 229 * be assured this is bogus because SIGKILL can't produce core files. 230 */ 231 if (lps.pr_cursig == SIGKILL) 232 lps.pr_cursig = 0; 233 234 (void) memcpy(&lwp->lwp_status, &lps, sizeof (lps)); 235 return (0); 236 237 err: 238 dprintf("Pgrab_core: failed to read NT_LWPSTATUS\n"); 239 return (-1); 240 } 241 242 static int 243 note_psinfo(struct ps_prochandle *P, size_t nbytes) 244 { 245 #ifdef _LP64 246 if (P->core->core_dmodel == PR_MODEL_ILP32) { 247 psinfo32_t ps32; 248 249 if (nbytes < sizeof (psinfo32_t) || 250 read(P->asfd, &ps32, sizeof (ps32)) != sizeof (ps32)) 251 goto err; 252 253 psinfo_32_to_n(&ps32, &P->psinfo); 254 } else 255 #endif 256 if (nbytes < sizeof (psinfo_t) || 257 read(P->asfd, &P->psinfo, sizeof (psinfo_t)) != sizeof (psinfo_t)) 258 goto err; 259 260 dprintf("pr_fname = <%s>\n", P->psinfo.pr_fname); 261 dprintf("pr_psargs = <%s>\n", P->psinfo.pr_psargs); 262 dprintf("pr_wstat = 0x%x\n", P->psinfo.pr_wstat); 263 264 return (0); 265 266 err: 267 dprintf("Pgrab_core: failed to read NT_PSINFO\n"); 268 return (-1); 269 } 270 271 static int 272 note_lwpsinfo(struct ps_prochandle *P, size_t nbytes) 273 { 274 lwp_info_t *lwp; 275 lwpsinfo_t lps; 276 277 #ifdef _LP64 278 if (P->core->core_dmodel == PR_MODEL_ILP32) { 279 lwpsinfo32_t l32; 280 281 if (nbytes < sizeof (lwpsinfo32_t) || 282 read(P->asfd, &l32, sizeof (l32)) != sizeof (l32)) 283 goto err; 284 285 lwpsinfo_32_to_n(&l32, &lps); 286 } else 287 #endif 288 if (nbytes < sizeof (lwpsinfo_t) || 289 read(P->asfd, &lps, sizeof (lps)) != sizeof (lps)) 290 goto err; 291 292 if ((lwp = lwpid2info(P, lps.pr_lwpid)) == NULL) { 293 dprintf("Pgrab_core: failed to add NT_LWPSINFO\n"); 294 return (-1); 295 } 296 297 (void) memcpy(&lwp->lwp_psinfo, &lps, sizeof (lps)); 298 return (0); 299 300 err: 301 dprintf("Pgrab_core: failed to read NT_LWPSINFO\n"); 302 return (-1); 303 } 304 305 static int 306 note_fdinfo(struct ps_prochandle *P, size_t nbytes) 307 { 308 prfdinfo_t prfd; 309 fd_info_t *fip; 310 311 if ((nbytes < sizeof (prfd)) || 312 (read(P->asfd, &prfd, sizeof (prfd)) != sizeof (prfd))) { 313 dprintf("Pgrab_core: failed to read NT_FDINFO\n"); 314 return (-1); 315 } 316 317 if ((fip = Pfd2info(P, prfd.pr_fd)) == NULL) { 318 dprintf("Pgrab_core: failed to add NT_FDINFO\n"); 319 return (-1); 320 } 321 (void) memcpy(&fip->fd_info, &prfd, sizeof (prfd)); 322 return (0); 323 } 324 325 static int 326 note_platform(struct ps_prochandle *P, size_t nbytes) 327 { 328 char *plat; 329 330 if (P->core->core_platform != NULL) 331 return (0); /* Already seen */ 332 333 if (nbytes != 0 && ((plat = malloc(nbytes + 1)) != NULL)) { 334 if (read(P->asfd, plat, nbytes) != nbytes) { 335 dprintf("Pgrab_core: failed to read NT_PLATFORM\n"); 336 free(plat); 337 return (-1); 338 } 339 plat[nbytes - 1] = '\0'; 340 P->core->core_platform = plat; 341 } 342 343 return (0); 344 } 345 346 static int 347 note_utsname(struct ps_prochandle *P, size_t nbytes) 348 { 349 size_t ubytes = sizeof (struct utsname); 350 struct utsname *utsp; 351 352 if (P->core->core_uts != NULL || nbytes < ubytes) 353 return (0); /* Already seen or bad size */ 354 355 if ((utsp = malloc(ubytes)) == NULL) 356 return (-1); 357 358 if (read(P->asfd, utsp, ubytes) != ubytes) { 359 dprintf("Pgrab_core: failed to read NT_UTSNAME\n"); 360 free(utsp); 361 return (-1); 362 } 363 364 if (_libproc_debug) { 365 dprintf("uts.sysname = \"%s\"\n", utsp->sysname); 366 dprintf("uts.nodename = \"%s\"\n", utsp->nodename); 367 dprintf("uts.release = \"%s\"\n", utsp->release); 368 dprintf("uts.version = \"%s\"\n", utsp->version); 369 dprintf("uts.machine = \"%s\"\n", utsp->machine); 370 } 371 372 P->core->core_uts = utsp; 373 return (0); 374 } 375 376 static int 377 note_content(struct ps_prochandle *P, size_t nbytes) 378 { 379 core_content_t content; 380 381 if (sizeof (P->core->core_content) != nbytes) 382 return (-1); 383 384 if (read(P->asfd, &content, sizeof (content)) != sizeof (content)) 385 return (-1); 386 387 P->core->core_content = content; 388 389 dprintf("core content = %llx\n", content); 390 391 return (0); 392 } 393 394 static int 395 note_cred(struct ps_prochandle *P, size_t nbytes) 396 { 397 prcred_t *pcrp; 398 int ngroups; 399 const size_t min_size = sizeof (prcred_t) - sizeof (gid_t); 400 401 /* 402 * We allow for prcred_t notes that are actually smaller than a 403 * prcred_t since the last member isn't essential if there are 404 * no group memberships. This allows for more flexibility when it 405 * comes to slightly malformed -- but still valid -- notes. 406 */ 407 if (P->core->core_cred != NULL || nbytes < min_size) 408 return (0); /* Already seen or bad size */ 409 410 ngroups = (nbytes - min_size) / sizeof (gid_t); 411 nbytes = sizeof (prcred_t) + (ngroups - 1) * sizeof (gid_t); 412 413 if ((pcrp = malloc(nbytes)) == NULL) 414 return (-1); 415 416 if (read(P->asfd, pcrp, nbytes) != nbytes) { 417 dprintf("Pgrab_core: failed to read NT_PRCRED\n"); 418 free(pcrp); 419 return (-1); 420 } 421 422 if (pcrp->pr_ngroups > ngroups) { 423 dprintf("pr_ngroups = %d; resetting to %d based on note size\n", 424 pcrp->pr_ngroups, ngroups); 425 pcrp->pr_ngroups = ngroups; 426 } 427 428 P->core->core_cred = pcrp; 429 return (0); 430 } 431 432 #if defined(__i386) || defined(__amd64) 433 static int 434 note_ldt(struct ps_prochandle *P, size_t nbytes) 435 { 436 struct ssd *pldt; 437 uint_t nldt; 438 439 if (P->core->core_ldt != NULL || nbytes < sizeof (struct ssd)) 440 return (0); /* Already seen or bad size */ 441 442 nldt = nbytes / sizeof (struct ssd); 443 nbytes = nldt * sizeof (struct ssd); 444 445 if ((pldt = malloc(nbytes)) == NULL) 446 return (-1); 447 448 if (read(P->asfd, pldt, nbytes) != nbytes) { 449 dprintf("Pgrab_core: failed to read NT_LDT\n"); 450 free(pldt); 451 return (-1); 452 } 453 454 P->core->core_ldt = pldt; 455 P->core->core_nldt = nldt; 456 return (0); 457 } 458 #endif /* __i386 */ 459 460 static int 461 note_priv(struct ps_prochandle *P, size_t nbytes) 462 { 463 prpriv_t *pprvp; 464 465 if (P->core->core_priv != NULL || nbytes < sizeof (prpriv_t)) 466 return (0); /* Already seen or bad size */ 467 468 if ((pprvp = malloc(nbytes)) == NULL) 469 return (-1); 470 471 if (read(P->asfd, pprvp, nbytes) != nbytes) { 472 dprintf("Pgrab_core: failed to read NT_PRPRIV\n"); 473 free(pprvp); 474 return (-1); 475 } 476 477 P->core->core_priv = pprvp; 478 P->core->core_priv_size = nbytes; 479 return (0); 480 } 481 482 static int 483 note_priv_info(struct ps_prochandle *P, size_t nbytes) 484 { 485 extern void *__priv_parse_info(); 486 priv_impl_info_t *ppii; 487 488 if (P->core->core_privinfo != NULL || 489 nbytes < sizeof (priv_impl_info_t)) 490 return (0); /* Already seen or bad size */ 491 492 if ((ppii = malloc(nbytes)) == NULL) 493 return (-1); 494 495 if (read(P->asfd, ppii, nbytes) != nbytes || 496 PRIV_IMPL_INFO_SIZE(ppii) != nbytes) { 497 dprintf("Pgrab_core: failed to read NT_PRPRIVINFO\n"); 498 free(ppii); 499 return (-1); 500 } 501 502 P->core->core_privinfo = __priv_parse_info(ppii); 503 P->core->core_ppii = ppii; 504 return (0); 505 } 506 507 static int 508 note_zonename(struct ps_prochandle *P, size_t nbytes) 509 { 510 char *zonename; 511 512 if (P->core->core_zonename != NULL) 513 return (0); /* Already seen */ 514 515 if (nbytes != 0) { 516 if ((zonename = malloc(nbytes)) == NULL) 517 return (-1); 518 if (read(P->asfd, zonename, nbytes) != nbytes) { 519 dprintf("Pgrab_core: failed to read NT_ZONENAME\n"); 520 free(zonename); 521 return (-1); 522 } 523 zonename[nbytes - 1] = '\0'; 524 P->core->core_zonename = zonename; 525 } 526 527 return (0); 528 } 529 530 static int 531 note_auxv(struct ps_prochandle *P, size_t nbytes) 532 { 533 size_t n, i; 534 535 #ifdef _LP64 536 if (P->core->core_dmodel == PR_MODEL_ILP32) { 537 auxv32_t *a32; 538 539 n = nbytes / sizeof (auxv32_t); 540 nbytes = n * sizeof (auxv32_t); 541 a32 = alloca(nbytes); 542 543 if (read(P->asfd, a32, nbytes) != nbytes) { 544 dprintf("Pgrab_core: failed to read NT_AUXV\n"); 545 return (-1); 546 } 547 548 if ((P->auxv = malloc(sizeof (auxv_t) * (n + 1))) == NULL) 549 return (-1); 550 551 for (i = 0; i < n; i++) 552 auxv_32_to_n(&a32[i], &P->auxv[i]); 553 554 } else { 555 #endif 556 n = nbytes / sizeof (auxv_t); 557 nbytes = n * sizeof (auxv_t); 558 559 if ((P->auxv = malloc(nbytes + sizeof (auxv_t))) == NULL) 560 return (-1); 561 562 if (read(P->asfd, P->auxv, nbytes) != nbytes) { 563 free(P->auxv); 564 P->auxv = NULL; 565 return (-1); 566 } 567 #ifdef _LP64 568 } 569 #endif 570 571 if (_libproc_debug) { 572 for (i = 0; i < n; i++) { 573 dprintf("P->auxv[%lu] = ( %d, 0x%lx )\n", (ulong_t)i, 574 P->auxv[i].a_type, P->auxv[i].a_un.a_val); 575 } 576 } 577 578 /* 579 * Defensive coding for loops which depend upon the auxv array being 580 * terminated by an AT_NULL element; in each case, we've allocated 581 * P->auxv to have an additional element which we force to be AT_NULL. 582 */ 583 P->auxv[n].a_type = AT_NULL; 584 P->auxv[n].a_un.a_val = 0L; 585 P->nauxv = (int)n; 586 587 return (0); 588 } 589 590 #ifdef __sparc 591 static int 592 note_xreg(struct ps_prochandle *P, size_t nbytes) 593 { 594 lwp_info_t *lwp = P->core->core_lwp; 595 size_t xbytes = sizeof (prxregset_t); 596 prxregset_t *xregs; 597 598 if (lwp == NULL || lwp->lwp_xregs != NULL || nbytes < xbytes) 599 return (0); /* No lwp yet, already seen, or bad size */ 600 601 if ((xregs = malloc(xbytes)) == NULL) 602 return (-1); 603 604 if (read(P->asfd, xregs, xbytes) != xbytes) { 605 dprintf("Pgrab_core: failed to read NT_PRXREG\n"); 606 free(xregs); 607 return (-1); 608 } 609 610 lwp->lwp_xregs = xregs; 611 return (0); 612 } 613 614 static int 615 note_gwindows(struct ps_prochandle *P, size_t nbytes) 616 { 617 lwp_info_t *lwp = P->core->core_lwp; 618 619 if (lwp == NULL || lwp->lwp_gwins != NULL || nbytes == 0) 620 return (0); /* No lwp yet or already seen or no data */ 621 622 if ((lwp->lwp_gwins = malloc(sizeof (gwindows_t))) == NULL) 623 return (-1); 624 625 /* 626 * Since the amount of gwindows data varies with how many windows were 627 * actually saved, we just read up to the minimum of the note size 628 * and the size of the gwindows_t type. It doesn't matter if the read 629 * fails since we have to zero out gwindows first anyway. 630 */ 631 #ifdef _LP64 632 if (P->core->core_dmodel == PR_MODEL_ILP32) { 633 gwindows32_t g32; 634 635 (void) memset(&g32, 0, sizeof (g32)); 636 (void) read(P->asfd, &g32, MIN(nbytes, sizeof (g32))); 637 gwindows_32_to_n(&g32, lwp->lwp_gwins); 638 639 } else { 640 #endif 641 (void) memset(lwp->lwp_gwins, 0, sizeof (gwindows_t)); 642 (void) read(P->asfd, lwp->lwp_gwins, 643 MIN(nbytes, sizeof (gwindows_t))); 644 #ifdef _LP64 645 } 646 #endif 647 return (0); 648 } 649 650 #ifdef __sparcv9 651 static int 652 note_asrs(struct ps_prochandle *P, size_t nbytes) 653 { 654 lwp_info_t *lwp = P->core->core_lwp; 655 int64_t *asrs; 656 657 if (lwp == NULL || lwp->lwp_asrs != NULL || nbytes < sizeof (asrset_t)) 658 return (0); /* No lwp yet, already seen, or bad size */ 659 660 if ((asrs = malloc(sizeof (asrset_t))) == NULL) 661 return (-1); 662 663 if (read(P->asfd, asrs, sizeof (asrset_t)) != sizeof (asrset_t)) { 664 dprintf("Pgrab_core: failed to read NT_ASRS\n"); 665 free(asrs); 666 return (-1); 667 } 668 669 lwp->lwp_asrs = asrs; 670 return (0); 671 } 672 #endif /* __sparcv9 */ 673 #endif /* __sparc */ 674 675 /*ARGSUSED*/ 676 static int 677 note_notsup(struct ps_prochandle *P, size_t nbytes) 678 { 679 dprintf("skipping unsupported note type\n"); 680 return (0); 681 } 682 683 /* 684 * Populate a table of function pointers indexed by Note type with our 685 * functions to process each type of core file note: 686 */ 687 static int (*nhdlrs[])(struct ps_prochandle *, size_t) = { 688 note_notsup, /* 0 unassigned */ 689 note_notsup, /* 1 NT_PRSTATUS (old) */ 690 note_notsup, /* 2 NT_PRFPREG (old) */ 691 note_notsup, /* 3 NT_PRPSINFO (old) */ 692 #ifdef __sparc 693 note_xreg, /* 4 NT_PRXREG */ 694 #else 695 note_notsup, /* 4 NT_PRXREG */ 696 #endif 697 note_platform, /* 5 NT_PLATFORM */ 698 note_auxv, /* 6 NT_AUXV */ 699 #ifdef __sparc 700 note_gwindows, /* 7 NT_GWINDOWS */ 701 #ifdef __sparcv9 702 note_asrs, /* 8 NT_ASRS */ 703 #else 704 note_notsup, /* 8 NT_ASRS */ 705 #endif 706 #else 707 note_notsup, /* 7 NT_GWINDOWS */ 708 note_notsup, /* 8 NT_ASRS */ 709 #endif 710 #if defined(__i386) || defined(__amd64) 711 note_ldt, /* 9 NT_LDT */ 712 #else 713 note_notsup, /* 9 NT_LDT */ 714 #endif 715 note_pstatus, /* 10 NT_PSTATUS */ 716 note_notsup, /* 11 unassigned */ 717 note_notsup, /* 12 unassigned */ 718 note_psinfo, /* 13 NT_PSINFO */ 719 note_cred, /* 14 NT_PRCRED */ 720 note_utsname, /* 15 NT_UTSNAME */ 721 note_lwpstatus, /* 16 NT_LWPSTATUS */ 722 note_lwpsinfo, /* 17 NT_LWPSINFO */ 723 note_priv, /* 18 NT_PRPRIV */ 724 note_priv_info, /* 19 NT_PRPRIVINFO */ 725 note_content, /* 20 NT_CONTENT */ 726 note_zonename, /* 21 NT_ZONENAME */ 727 note_fdinfo, /* 22 NT_FDINFO */ 728 }; 729 730 /* 731 * Add information on the address space mapping described by the given 732 * PT_LOAD program header. We fill in more information on the mapping later. 733 */ 734 static int 735 core_add_mapping(struct ps_prochandle *P, GElf_Phdr *php) 736 { 737 int err = 0; 738 prmap_t pmap; 739 740 dprintf("mapping base %llx filesz %llu memsz %llu offset %llu\n", 741 (u_longlong_t)php->p_vaddr, (u_longlong_t)php->p_filesz, 742 (u_longlong_t)php->p_memsz, (u_longlong_t)php->p_offset); 743 744 pmap.pr_vaddr = (uintptr_t)php->p_vaddr; 745 pmap.pr_size = php->p_memsz; 746 747 /* 748 * If Pgcore() or elfcore() fail to write a mapping, they will set 749 * PF_SUNW_FAILURE in the Phdr and try to stash away the errno for us. 750 */ 751 if (php->p_flags & PF_SUNW_FAILURE) { 752 (void) pread64(P->asfd, &err, 753 sizeof (err), (off64_t)php->p_offset); 754 755 Perror_printf(P, "core file data for mapping at %p not saved: " 756 "%s\n", (void *)(uintptr_t)php->p_vaddr, strerror(err)); 757 dprintf("core file data for mapping at %p not saved: %s\n", 758 (void *)(uintptr_t)php->p_vaddr, strerror(err)); 759 760 } else if (php->p_filesz != 0 && php->p_offset >= P->core->core_size) { 761 Perror_printf(P, "core file may be corrupt -- data for mapping " 762 "at %p is missing\n", (void *)(uintptr_t)php->p_vaddr); 763 dprintf("core file may be corrupt -- data for mapping " 764 "at %p is missing\n", (void *)(uintptr_t)php->p_vaddr); 765 } 766 767 /* 768 * The mapping name and offset will hopefully be filled in 769 * by the librtld_db agent. Unfortunately, if it isn't a 770 * shared library mapping, this information is gone forever. 771 */ 772 pmap.pr_mapname[0] = '\0'; 773 pmap.pr_offset = 0; 774 775 pmap.pr_mflags = 0; 776 if (php->p_flags & PF_R) 777 pmap.pr_mflags |= MA_READ; 778 if (php->p_flags & PF_W) 779 pmap.pr_mflags |= MA_WRITE; 780 if (php->p_flags & PF_X) 781 pmap.pr_mflags |= MA_EXEC; 782 783 if (php->p_filesz == 0) 784 pmap.pr_mflags |= MA_RESERVED1; 785 786 /* 787 * At the time of adding this mapping, we just zero the pagesize. 788 * Once we've processed more of the core file, we'll have the 789 * pagesize from the auxv's AT_PAGESZ element and we can fill this in. 790 */ 791 pmap.pr_pagesize = 0; 792 793 /* 794 * Unfortunately whether or not the mapping was a System V 795 * shared memory segment is lost. We use -1 to mark it as not shm. 796 */ 797 pmap.pr_shmid = -1; 798 799 return (Padd_mapping(P, php->p_offset, NULL, &pmap)); 800 } 801 802 /* 803 * Given a virtual address, name the mapping at that address using the 804 * specified name, and return the map_info_t pointer. 805 */ 806 static map_info_t * 807 core_name_mapping(struct ps_prochandle *P, uintptr_t addr, const char *name) 808 { 809 map_info_t *mp = Paddr2mptr(P, addr); 810 811 if (mp != NULL) { 812 (void) strncpy(mp->map_pmap.pr_mapname, name, PRMAPSZ); 813 mp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 814 } 815 816 return (mp); 817 } 818 819 /* 820 * libproc uses libelf for all of its symbol table manipulation. This function 821 * takes a symbol table and string table from a core file and places them 822 * in a memory backed elf file. 823 */ 824 static void 825 fake_up_symtab(struct ps_prochandle *P, const elf_file_header_t *ehdr, 826 GElf_Shdr *symtab, GElf_Shdr *strtab) 827 { 828 size_t size; 829 off64_t off, base; 830 map_info_t *mp; 831 file_info_t *fp; 832 Elf_Scn *scn; 833 Elf_Data *data; 834 835 if (symtab->sh_addr == 0 || 836 (mp = Paddr2mptr(P, symtab->sh_addr)) == NULL || 837 (fp = mp->map_file) == NULL) { 838 dprintf("fake_up_symtab: invalid section\n"); 839 return; 840 } 841 842 if (fp->file_symtab.sym_data_pri != NULL) { 843 dprintf("Symbol table already loaded (sh_addr 0x%lx)\n", 844 (long)symtab->sh_addr); 845 return; 846 } 847 848 if (P->status.pr_dmodel == PR_MODEL_ILP32) { 849 struct { 850 Elf32_Ehdr ehdr; 851 Elf32_Shdr shdr[3]; 852 char data[1]; 853 } *b; 854 855 base = sizeof (b->ehdr) + sizeof (b->shdr); 856 size = base + symtab->sh_size + strtab->sh_size; 857 858 if ((b = calloc(1, size)) == NULL) 859 return; 860 861 (void) memcpy(b->ehdr.e_ident, ehdr->e_ident, 862 sizeof (ehdr->e_ident)); 863 b->ehdr.e_type = ehdr->e_type; 864 b->ehdr.e_machine = ehdr->e_machine; 865 b->ehdr.e_version = ehdr->e_version; 866 b->ehdr.e_flags = ehdr->e_flags; 867 b->ehdr.e_ehsize = sizeof (b->ehdr); 868 b->ehdr.e_shoff = sizeof (b->ehdr); 869 b->ehdr.e_shentsize = sizeof (b->shdr[0]); 870 b->ehdr.e_shnum = 3; 871 off = 0; 872 873 b->shdr[1].sh_size = symtab->sh_size; 874 b->shdr[1].sh_type = SHT_SYMTAB; 875 b->shdr[1].sh_offset = off + base; 876 b->shdr[1].sh_entsize = sizeof (Elf32_Sym); 877 b->shdr[1].sh_link = 2; 878 b->shdr[1].sh_info = symtab->sh_info; 879 b->shdr[1].sh_addralign = symtab->sh_addralign; 880 881 if (pread64(P->asfd, &b->data[off], b->shdr[1].sh_size, 882 symtab->sh_offset) != b->shdr[1].sh_size) { 883 dprintf("fake_up_symtab: pread of symtab[1] failed\n"); 884 free(b); 885 return; 886 } 887 888 off += b->shdr[1].sh_size; 889 890 b->shdr[2].sh_flags = SHF_STRINGS; 891 b->shdr[2].sh_size = strtab->sh_size; 892 b->shdr[2].sh_type = SHT_STRTAB; 893 b->shdr[2].sh_offset = off + base; 894 b->shdr[2].sh_info = strtab->sh_info; 895 b->shdr[2].sh_addralign = 1; 896 897 if (pread64(P->asfd, &b->data[off], b->shdr[2].sh_size, 898 strtab->sh_offset) != b->shdr[2].sh_size) { 899 dprintf("fake_up_symtab: pread of symtab[2] failed\n"); 900 free(b); 901 return; 902 } 903 904 off += b->shdr[2].sh_size; 905 906 fp->file_symtab.sym_elf = elf_memory((char *)b, size); 907 if (fp->file_symtab.sym_elf == NULL) { 908 free(b); 909 return; 910 } 911 912 fp->file_symtab.sym_elfmem = b; 913 #ifdef _LP64 914 } else { 915 struct { 916 Elf64_Ehdr ehdr; 917 Elf64_Shdr shdr[3]; 918 char data[1]; 919 } *b; 920 921 base = sizeof (b->ehdr) + sizeof (b->shdr); 922 size = base + symtab->sh_size + strtab->sh_size; 923 924 if ((b = calloc(1, size)) == NULL) 925 return; 926 927 (void) memcpy(b->ehdr.e_ident, ehdr->e_ident, 928 sizeof (ehdr->e_ident)); 929 b->ehdr.e_type = ehdr->e_type; 930 b->ehdr.e_machine = ehdr->e_machine; 931 b->ehdr.e_version = ehdr->e_version; 932 b->ehdr.e_flags = ehdr->e_flags; 933 b->ehdr.e_ehsize = sizeof (b->ehdr); 934 b->ehdr.e_shoff = sizeof (b->ehdr); 935 b->ehdr.e_shentsize = sizeof (b->shdr[0]); 936 b->ehdr.e_shnum = 3; 937 off = 0; 938 939 b->shdr[1].sh_size = symtab->sh_size; 940 b->shdr[1].sh_type = SHT_SYMTAB; 941 b->shdr[1].sh_offset = off + base; 942 b->shdr[1].sh_entsize = sizeof (Elf64_Sym); 943 b->shdr[1].sh_link = 2; 944 b->shdr[1].sh_info = symtab->sh_info; 945 b->shdr[1].sh_addralign = symtab->sh_addralign; 946 947 if (pread64(P->asfd, &b->data[off], b->shdr[1].sh_size, 948 symtab->sh_offset) != b->shdr[1].sh_size) { 949 free(b); 950 return; 951 } 952 953 off += b->shdr[1].sh_size; 954 955 b->shdr[2].sh_flags = SHF_STRINGS; 956 b->shdr[2].sh_size = strtab->sh_size; 957 b->shdr[2].sh_type = SHT_STRTAB; 958 b->shdr[2].sh_offset = off + base; 959 b->shdr[2].sh_info = strtab->sh_info; 960 b->shdr[2].sh_addralign = 1; 961 962 if (pread64(P->asfd, &b->data[off], b->shdr[2].sh_size, 963 strtab->sh_offset) != b->shdr[2].sh_size) { 964 free(b); 965 return; 966 } 967 968 off += b->shdr[2].sh_size; 969 970 fp->file_symtab.sym_elf = elf_memory((char *)b, size); 971 if (fp->file_symtab.sym_elf == NULL) { 972 free(b); 973 return; 974 } 975 976 fp->file_symtab.sym_elfmem = b; 977 #endif 978 } 979 980 if ((scn = elf_getscn(fp->file_symtab.sym_elf, 1)) == NULL || 981 (fp->file_symtab.sym_data_pri = elf_getdata(scn, NULL)) == NULL || 982 (scn = elf_getscn(fp->file_symtab.sym_elf, 2)) == NULL || 983 (data = elf_getdata(scn, NULL)) == NULL) { 984 dprintf("fake_up_symtab: failed to get section data at %p\n", 985 (void *)scn); 986 goto err; 987 } 988 989 fp->file_symtab.sym_strs = data->d_buf; 990 fp->file_symtab.sym_strsz = data->d_size; 991 fp->file_symtab.sym_symn = symtab->sh_size / symtab->sh_entsize; 992 fp->file_symtab.sym_hdr_pri = *symtab; 993 fp->file_symtab.sym_strhdr = *strtab; 994 995 optimize_symtab(&fp->file_symtab); 996 997 return; 998 err: 999 (void) elf_end(fp->file_symtab.sym_elf); 1000 free(fp->file_symtab.sym_elfmem); 1001 fp->file_symtab.sym_elf = NULL; 1002 fp->file_symtab.sym_elfmem = NULL; 1003 } 1004 1005 static void 1006 core_phdr_to_gelf(const Elf32_Phdr *src, GElf_Phdr *dst) 1007 { 1008 dst->p_type = src->p_type; 1009 dst->p_flags = src->p_flags; 1010 dst->p_offset = (Elf64_Off)src->p_offset; 1011 dst->p_vaddr = (Elf64_Addr)src->p_vaddr; 1012 dst->p_paddr = (Elf64_Addr)src->p_paddr; 1013 dst->p_filesz = (Elf64_Xword)src->p_filesz; 1014 dst->p_memsz = (Elf64_Xword)src->p_memsz; 1015 dst->p_align = (Elf64_Xword)src->p_align; 1016 } 1017 1018 static void 1019 core_shdr_to_gelf(const Elf32_Shdr *src, GElf_Shdr *dst) 1020 { 1021 dst->sh_name = src->sh_name; 1022 dst->sh_type = src->sh_type; 1023 dst->sh_flags = (Elf64_Xword)src->sh_flags; 1024 dst->sh_addr = (Elf64_Addr)src->sh_addr; 1025 dst->sh_offset = (Elf64_Off)src->sh_offset; 1026 dst->sh_size = (Elf64_Xword)src->sh_size; 1027 dst->sh_link = src->sh_link; 1028 dst->sh_info = src->sh_info; 1029 dst->sh_addralign = (Elf64_Xword)src->sh_addralign; 1030 dst->sh_entsize = (Elf64_Xword)src->sh_entsize; 1031 } 1032 1033 /* 1034 * Perform elf_begin on efp->e_fd and verify the ELF file's type and class. 1035 */ 1036 static int 1037 core_elf_fdopen(elf_file_t *efp, GElf_Half type, int *perr) 1038 { 1039 #ifdef _BIG_ENDIAN 1040 uchar_t order = ELFDATA2MSB; 1041 #else 1042 uchar_t order = ELFDATA2LSB; 1043 #endif 1044 Elf32_Ehdr e32; 1045 int is_noelf = -1; 1046 int isa_err = 0; 1047 1048 /* 1049 * Because 32-bit libelf cannot deal with large files, we need to read, 1050 * check, and convert the file header manually in case type == ET_CORE. 1051 */ 1052 if (pread64(efp->e_fd, &e32, sizeof (e32), 0) != sizeof (e32)) { 1053 if (perr != NULL) 1054 *perr = G_FORMAT; 1055 goto err; 1056 } 1057 if ((is_noelf = memcmp(&e32.e_ident[EI_MAG0], ELFMAG, SELFMAG)) != 0 || 1058 e32.e_type != type || (isa_err = (e32.e_ident[EI_DATA] != order)) || 1059 e32.e_version != EV_CURRENT) { 1060 if (perr != NULL) { 1061 if (is_noelf == 0 && isa_err) { 1062 *perr = G_ISAINVAL; 1063 } else { 1064 *perr = G_FORMAT; 1065 } 1066 } 1067 goto err; 1068 } 1069 1070 /* 1071 * If the file is 64-bit and we are 32-bit, fail with G_LP64. If the 1072 * file is 64-bit and we are 64-bit, re-read the header as a Elf64_Ehdr, 1073 * and convert it to a elf_file_header_t. Otherwise, the file is 1074 * 32-bit, so convert e32 to a elf_file_header_t. 1075 */ 1076 if (e32.e_ident[EI_CLASS] == ELFCLASS64) { 1077 #ifdef _LP64 1078 Elf64_Ehdr e64; 1079 1080 if (pread64(efp->e_fd, &e64, sizeof (e64), 0) != sizeof (e64)) { 1081 if (perr != NULL) 1082 *perr = G_FORMAT; 1083 goto err; 1084 } 1085 1086 (void) memcpy(efp->e_hdr.e_ident, e64.e_ident, EI_NIDENT); 1087 efp->e_hdr.e_type = e64.e_type; 1088 efp->e_hdr.e_machine = e64.e_machine; 1089 efp->e_hdr.e_version = e64.e_version; 1090 efp->e_hdr.e_entry = e64.e_entry; 1091 efp->e_hdr.e_phoff = e64.e_phoff; 1092 efp->e_hdr.e_shoff = e64.e_shoff; 1093 efp->e_hdr.e_flags = e64.e_flags; 1094 efp->e_hdr.e_ehsize = e64.e_ehsize; 1095 efp->e_hdr.e_phentsize = e64.e_phentsize; 1096 efp->e_hdr.e_phnum = (Elf64_Word)e64.e_phnum; 1097 efp->e_hdr.e_shentsize = e64.e_shentsize; 1098 efp->e_hdr.e_shnum = (Elf64_Word)e64.e_shnum; 1099 efp->e_hdr.e_shstrndx = (Elf64_Word)e64.e_shstrndx; 1100 #else /* _LP64 */ 1101 if (perr != NULL) 1102 *perr = G_LP64; 1103 goto err; 1104 #endif /* _LP64 */ 1105 } else { 1106 (void) memcpy(efp->e_hdr.e_ident, e32.e_ident, EI_NIDENT); 1107 efp->e_hdr.e_type = e32.e_type; 1108 efp->e_hdr.e_machine = e32.e_machine; 1109 efp->e_hdr.e_version = e32.e_version; 1110 efp->e_hdr.e_entry = (Elf64_Addr)e32.e_entry; 1111 efp->e_hdr.e_phoff = (Elf64_Off)e32.e_phoff; 1112 efp->e_hdr.e_shoff = (Elf64_Off)e32.e_shoff; 1113 efp->e_hdr.e_flags = e32.e_flags; 1114 efp->e_hdr.e_ehsize = e32.e_ehsize; 1115 efp->e_hdr.e_phentsize = e32.e_phentsize; 1116 efp->e_hdr.e_phnum = (Elf64_Word)e32.e_phnum; 1117 efp->e_hdr.e_shentsize = e32.e_shentsize; 1118 efp->e_hdr.e_shnum = (Elf64_Word)e32.e_shnum; 1119 efp->e_hdr.e_shstrndx = (Elf64_Word)e32.e_shstrndx; 1120 } 1121 1122 /* 1123 * If the number of section headers or program headers or the section 1124 * header string table index would overflow their respective fields 1125 * in the ELF header, they're stored in the section header at index 1126 * zero. To simplify use elsewhere, we look for those sentinel values 1127 * here. 1128 */ 1129 if ((efp->e_hdr.e_shnum == 0 && efp->e_hdr.e_shoff != 0) || 1130 efp->e_hdr.e_shstrndx == SHN_XINDEX || 1131 efp->e_hdr.e_phnum == PN_XNUM) { 1132 GElf_Shdr shdr; 1133 1134 dprintf("extended ELF header\n"); 1135 1136 if (efp->e_hdr.e_shoff == 0) { 1137 if (perr != NULL) 1138 *perr = G_FORMAT; 1139 goto err; 1140 } 1141 1142 if (efp->e_hdr.e_ident[EI_CLASS] == ELFCLASS32) { 1143 Elf32_Shdr shdr32; 1144 1145 if (pread64(efp->e_fd, &shdr32, sizeof (shdr32), 1146 efp->e_hdr.e_shoff) != sizeof (shdr32)) { 1147 if (perr != NULL) 1148 *perr = G_FORMAT; 1149 goto err; 1150 } 1151 1152 core_shdr_to_gelf(&shdr32, &shdr); 1153 } else { 1154 if (pread64(efp->e_fd, &shdr, sizeof (shdr), 1155 efp->e_hdr.e_shoff) != sizeof (shdr)) { 1156 if (perr != NULL) 1157 *perr = G_FORMAT; 1158 goto err; 1159 } 1160 } 1161 1162 if (efp->e_hdr.e_shnum == 0) { 1163 efp->e_hdr.e_shnum = shdr.sh_size; 1164 dprintf("section header count %lu\n", 1165 (ulong_t)shdr.sh_size); 1166 } 1167 1168 if (efp->e_hdr.e_shstrndx == SHN_XINDEX) { 1169 efp->e_hdr.e_shstrndx = shdr.sh_link; 1170 dprintf("section string index %u\n", shdr.sh_link); 1171 } 1172 1173 if (efp->e_hdr.e_phnum == PN_XNUM && shdr.sh_info != 0) { 1174 efp->e_hdr.e_phnum = shdr.sh_info; 1175 dprintf("program header count %u\n", shdr.sh_info); 1176 } 1177 1178 } else if (efp->e_hdr.e_phoff != 0) { 1179 GElf_Phdr phdr; 1180 uint64_t phnum; 1181 1182 /* 1183 * It's possible this core file came from a system that 1184 * accidentally truncated the e_phnum field without correctly 1185 * using the extended format in the section header at index 1186 * zero. We try to detect and correct that specific type of 1187 * corruption by using the knowledge that the core dump 1188 * routines usually place the data referenced by the first 1189 * program header immediately after the last header element. 1190 */ 1191 if (efp->e_hdr.e_ident[EI_CLASS] == ELFCLASS32) { 1192 Elf32_Phdr phdr32; 1193 1194 if (pread64(efp->e_fd, &phdr32, sizeof (phdr32), 1195 efp->e_hdr.e_phoff) != sizeof (phdr32)) { 1196 if (perr != NULL) 1197 *perr = G_FORMAT; 1198 goto err; 1199 } 1200 1201 core_phdr_to_gelf(&phdr32, &phdr); 1202 } else { 1203 if (pread64(efp->e_fd, &phdr, sizeof (phdr), 1204 efp->e_hdr.e_phoff) != sizeof (phdr)) { 1205 if (perr != NULL) 1206 *perr = G_FORMAT; 1207 goto err; 1208 } 1209 } 1210 1211 phnum = phdr.p_offset - efp->e_hdr.e_ehsize - 1212 (uint64_t)efp->e_hdr.e_shnum * efp->e_hdr.e_shentsize; 1213 phnum /= efp->e_hdr.e_phentsize; 1214 1215 if (phdr.p_offset != 0 && phnum != efp->e_hdr.e_phnum) { 1216 dprintf("suspicious program header count %u %u\n", 1217 (uint_t)phnum, efp->e_hdr.e_phnum); 1218 1219 /* 1220 * If the new program header count we computed doesn't 1221 * jive with count in the ELF header, we'll use the 1222 * data that's there and hope for the best. 1223 * 1224 * If it does, it's also possible that the section 1225 * header offset is incorrect; we'll check that and 1226 * possibly try to fix it. 1227 */ 1228 if (phnum <= INT_MAX && 1229 (uint16_t)phnum == efp->e_hdr.e_phnum) { 1230 1231 if (efp->e_hdr.e_shoff == efp->e_hdr.e_phoff + 1232 efp->e_hdr.e_phentsize * 1233 (uint_t)efp->e_hdr.e_phnum) { 1234 efp->e_hdr.e_shoff = 1235 efp->e_hdr.e_phoff + 1236 efp->e_hdr.e_phentsize * phnum; 1237 } 1238 1239 efp->e_hdr.e_phnum = (Elf64_Word)phnum; 1240 dprintf("using new program header count\n"); 1241 } else { 1242 dprintf("inconsistent program header count\n"); 1243 } 1244 } 1245 } 1246 1247 /* 1248 * The libelf implementation was never ported to be large-file aware. 1249 * This is typically not a problem for your average executable or 1250 * shared library, but a large 32-bit core file can exceed 2GB in size. 1251 * So if type is ET_CORE, we don't bother doing elf_begin; the code 1252 * in Pfgrab_core() below will do its own i/o and struct conversion. 1253 */ 1254 1255 if (type == ET_CORE) { 1256 efp->e_elf = NULL; 1257 return (0); 1258 } 1259 1260 if ((efp->e_elf = elf_begin(efp->e_fd, ELF_C_READ, NULL)) == NULL) { 1261 if (perr != NULL) 1262 *perr = G_ELF; 1263 goto err; 1264 } 1265 1266 return (0); 1267 1268 err: 1269 efp->e_elf = NULL; 1270 return (-1); 1271 } 1272 1273 /* 1274 * Open the specified file and then do a core_elf_fdopen on it. 1275 */ 1276 static int 1277 core_elf_open(elf_file_t *efp, const char *path, GElf_Half type, int *perr) 1278 { 1279 (void) memset(efp, 0, sizeof (elf_file_t)); 1280 1281 if ((efp->e_fd = open64(path, O_RDONLY)) >= 0) { 1282 if (core_elf_fdopen(efp, type, perr) == 0) 1283 return (0); 1284 1285 (void) close(efp->e_fd); 1286 efp->e_fd = -1; 1287 } 1288 1289 return (-1); 1290 } 1291 1292 /* 1293 * Close the ELF handle and file descriptor. 1294 */ 1295 static void 1296 core_elf_close(elf_file_t *efp) 1297 { 1298 if (efp->e_elf != NULL) { 1299 (void) elf_end(efp->e_elf); 1300 efp->e_elf = NULL; 1301 } 1302 1303 if (efp->e_fd != -1) { 1304 (void) close(efp->e_fd); 1305 efp->e_fd = -1; 1306 } 1307 } 1308 1309 /* 1310 * Given an ELF file for a statically linked executable, locate the likely 1311 * primary text section and fill in rl_base with its virtual address. 1312 */ 1313 static map_info_t * 1314 core_find_text(struct ps_prochandle *P, Elf *elf, rd_loadobj_t *rlp) 1315 { 1316 GElf_Phdr phdr; 1317 uint_t i; 1318 size_t nphdrs; 1319 1320 if (elf_getphdrnum(elf, &nphdrs) == -1) 1321 return (NULL); 1322 1323 for (i = 0; i < nphdrs; i++) { 1324 if (gelf_getphdr(elf, i, &phdr) != NULL && 1325 phdr.p_type == PT_LOAD && (phdr.p_flags & PF_X)) { 1326 rlp->rl_base = phdr.p_vaddr; 1327 return (Paddr2mptr(P, rlp->rl_base)); 1328 } 1329 } 1330 1331 return (NULL); 1332 } 1333 1334 /* 1335 * Given an ELF file and the librtld_db structure corresponding to its primary 1336 * text mapping, deduce where its data segment was loaded and fill in 1337 * rl_data_base and prmap_t.pr_offset accordingly. 1338 */ 1339 static map_info_t * 1340 core_find_data(struct ps_prochandle *P, Elf *elf, rd_loadobj_t *rlp) 1341 { 1342 GElf_Ehdr ehdr; 1343 GElf_Phdr phdr; 1344 map_info_t *mp; 1345 uint_t i, pagemask; 1346 size_t nphdrs; 1347 1348 rlp->rl_data_base = NULL; 1349 1350 /* 1351 * Find the first loadable, writeable Phdr and compute rl_data_base 1352 * as the virtual address at which is was loaded. 1353 */ 1354 if (gelf_getehdr(elf, &ehdr) == NULL || 1355 elf_getphdrnum(elf, &nphdrs) == -1) 1356 return (NULL); 1357 1358 for (i = 0; i < nphdrs; i++) { 1359 if (gelf_getphdr(elf, i, &phdr) != NULL && 1360 phdr.p_type == PT_LOAD && (phdr.p_flags & PF_W)) { 1361 rlp->rl_data_base = phdr.p_vaddr; 1362 if (ehdr.e_type == ET_DYN) 1363 rlp->rl_data_base += rlp->rl_base; 1364 break; 1365 } 1366 } 1367 1368 /* 1369 * If we didn't find an appropriate phdr or if the address we 1370 * computed has no mapping, return NULL. 1371 */ 1372 if (rlp->rl_data_base == NULL || 1373 (mp = Paddr2mptr(P, rlp->rl_data_base)) == NULL) 1374 return (NULL); 1375 1376 /* 1377 * It wouldn't be procfs-related code if we didn't make use of 1378 * unclean knowledge of segvn, even in userland ... the prmap_t's 1379 * pr_offset field will be the segvn offset from mmap(2)ing the 1380 * data section, which will be the file offset & PAGEMASK. 1381 */ 1382 pagemask = ~(mp->map_pmap.pr_pagesize - 1); 1383 mp->map_pmap.pr_offset = phdr.p_offset & pagemask; 1384 1385 return (mp); 1386 } 1387 1388 /* 1389 * Librtld_db agent callback for iterating over load object mappings. 1390 * For each load object, we allocate a new file_info_t, perform naming, 1391 * and attempt to construct a symbol table for the load object. 1392 */ 1393 static int 1394 core_iter_mapping(const rd_loadobj_t *rlp, struct ps_prochandle *P) 1395 { 1396 char lname[PATH_MAX], buf[PATH_MAX]; 1397 file_info_t *fp; 1398 map_info_t *mp; 1399 1400 if (Pread_string(P, lname, PATH_MAX, (off_t)rlp->rl_nameaddr) <= 0) { 1401 dprintf("failed to read name %p\n", (void *)rlp->rl_nameaddr); 1402 return (1); /* Keep going; forget this if we can't get a name */ 1403 } 1404 1405 dprintf("rd_loadobj name = \"%s\" rl_base = %p\n", 1406 lname, (void *)rlp->rl_base); 1407 1408 if ((mp = Paddr2mptr(P, rlp->rl_base)) == NULL) { 1409 dprintf("no mapping for %p\n", (void *)rlp->rl_base); 1410 return (1); /* No mapping; advance to next mapping */ 1411 } 1412 1413 /* 1414 * Create a new file_info_t for this mapping, and therefore for 1415 * this load object. 1416 * 1417 * If there's an ELF header at the beginning of this mapping, 1418 * file_info_new() will try to use its section headers to 1419 * identify any other mappings that belong to this load object. 1420 */ 1421 if ((fp = mp->map_file) == NULL && 1422 (fp = file_info_new(P, mp)) == NULL) { 1423 P->core->core_errno = errno; 1424 dprintf("failed to malloc mapping data\n"); 1425 return (0); /* Abort */ 1426 } 1427 fp->file_map = mp; 1428 1429 /* Create a local copy of the load object representation */ 1430 if ((fp->file_lo = calloc(1, sizeof (rd_loadobj_t))) == NULL) { 1431 P->core->core_errno = errno; 1432 dprintf("failed to malloc mapping data\n"); 1433 return (0); /* Abort */ 1434 } 1435 *fp->file_lo = *rlp; 1436 1437 if (lname[0] != '\0') { 1438 /* 1439 * Naming dance part 1: if we got a name from librtld_db, then 1440 * copy this name to the prmap_t if it is unnamed. If the 1441 * file_info_t is unnamed, name it after the lname. 1442 */ 1443 if (mp->map_pmap.pr_mapname[0] == '\0') { 1444 (void) strncpy(mp->map_pmap.pr_mapname, lname, PRMAPSZ); 1445 mp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 1446 } 1447 1448 if (fp->file_lname == NULL) 1449 fp->file_lname = strdup(lname); 1450 1451 } else if (fp->file_lname == NULL && 1452 mp->map_pmap.pr_mapname[0] != '\0') { 1453 /* 1454 * Naming dance part 2: if the mapping is named and the 1455 * file_info_t is not, name the file after the mapping. 1456 */ 1457 fp->file_lname = strdup(mp->map_pmap.pr_mapname); 1458 } 1459 1460 if ((fp->file_rname == NULL) && 1461 (Pfindmap(P, mp, buf, sizeof (buf)) != NULL)) 1462 fp->file_rname = strdup(buf); 1463 1464 if (fp->file_lname != NULL) 1465 fp->file_lbase = basename(fp->file_lname); 1466 if (fp->file_rname != NULL) 1467 fp->file_rbase = basename(fp->file_rname); 1468 1469 /* Associate the file and the mapping. */ 1470 (void) strncpy(fp->file_pname, mp->map_pmap.pr_mapname, PRMAPSZ); 1471 fp->file_pname[PRMAPSZ - 1] = '\0'; 1472 1473 /* 1474 * If no section headers were available then we'll have to 1475 * identify this load object's other mappings with what we've 1476 * got: the start and end of the object's corresponding 1477 * address space. 1478 */ 1479 if (fp->file_saddrs == NULL) { 1480 for (mp = fp->file_map + 1; mp < P->mappings + P->map_count && 1481 mp->map_pmap.pr_vaddr < rlp->rl_bend; mp++) { 1482 1483 if (mp->map_file == NULL) { 1484 dprintf("core_iter_mapping %s: associating " 1485 "segment at %p\n", 1486 fp->file_pname, 1487 (void *)mp->map_pmap.pr_vaddr); 1488 mp->map_file = fp; 1489 fp->file_ref++; 1490 } else { 1491 dprintf("core_iter_mapping %s: segment at " 1492 "%p already associated with %s\n", 1493 fp->file_pname, 1494 (void *)mp->map_pmap.pr_vaddr, 1495 (mp == fp->file_map ? "this file" : 1496 mp->map_file->file_pname)); 1497 } 1498 } 1499 } 1500 1501 /* Ensure that all this file's mappings are named. */ 1502 for (mp = fp->file_map; mp < P->mappings + P->map_count && 1503 mp->map_file == fp; mp++) { 1504 if (mp->map_pmap.pr_mapname[0] == '\0' && 1505 !(mp->map_pmap.pr_mflags & MA_BREAK)) { 1506 (void) strncpy(mp->map_pmap.pr_mapname, fp->file_pname, 1507 PRMAPSZ); 1508 mp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 1509 } 1510 } 1511 1512 /* Attempt to build a symbol table for this file. */ 1513 Pbuild_file_symtab(P, fp); 1514 if (fp->file_elf == NULL) 1515 dprintf("core_iter_mapping: no symtab for %s\n", 1516 fp->file_pname); 1517 1518 /* Locate the start of a data segment associated with this file. */ 1519 if ((mp = core_find_data(P, fp->file_elf, fp->file_lo)) != NULL) { 1520 dprintf("found data for %s at %p (pr_offset 0x%llx)\n", 1521 fp->file_pname, (void *)fp->file_lo->rl_data_base, 1522 mp->map_pmap.pr_offset); 1523 } else { 1524 dprintf("core_iter_mapping: no data found for %s\n", 1525 fp->file_pname); 1526 } 1527 1528 return (1); /* Advance to next mapping */ 1529 } 1530 1531 /* 1532 * Callback function for Pfindexec(). In order to confirm a given pathname, 1533 * we verify that we can open it as an ELF file of type ET_EXEC or ET_DYN. 1534 */ 1535 static int 1536 core_exec_open(const char *path, void *efp) 1537 { 1538 if (core_elf_open(efp, path, ET_EXEC, NULL) == 0) 1539 return (1); 1540 if (core_elf_open(efp, path, ET_DYN, NULL) == 0) 1541 return (1); 1542 return (0); 1543 } 1544 1545 /* 1546 * Attempt to load any section headers found in the core file. If present, 1547 * this will refer to non-loadable data added to the core file by the kernel 1548 * based on coreadm(1M) settings, including CTF data and the symbol table. 1549 */ 1550 static void 1551 core_load_shdrs(struct ps_prochandle *P, elf_file_t *efp) 1552 { 1553 GElf_Shdr *shp, *shdrs = NULL; 1554 char *shstrtab = NULL; 1555 ulong_t shstrtabsz; 1556 const char *name; 1557 map_info_t *mp; 1558 1559 size_t nbytes; 1560 void *buf; 1561 int i; 1562 1563 if (efp->e_hdr.e_shstrndx >= efp->e_hdr.e_shnum) { 1564 dprintf("corrupt shstrndx (%u) exceeds shnum (%u)\n", 1565 efp->e_hdr.e_shstrndx, efp->e_hdr.e_shnum); 1566 return; 1567 } 1568 1569 /* 1570 * Read the section header table from the core file and then iterate 1571 * over the section headers, converting each to a GElf_Shdr. 1572 */ 1573 if ((shdrs = malloc(efp->e_hdr.e_shnum * sizeof (GElf_Shdr))) == NULL) { 1574 dprintf("failed to malloc %u section headers: %s\n", 1575 (uint_t)efp->e_hdr.e_shnum, strerror(errno)); 1576 return; 1577 } 1578 1579 nbytes = efp->e_hdr.e_shnum * efp->e_hdr.e_shentsize; 1580 if ((buf = malloc(nbytes)) == NULL) { 1581 dprintf("failed to malloc %d bytes: %s\n", (int)nbytes, 1582 strerror(errno)); 1583 free(shdrs); 1584 goto out; 1585 } 1586 1587 if (pread64(efp->e_fd, buf, nbytes, efp->e_hdr.e_shoff) != nbytes) { 1588 dprintf("failed to read section headers at off %lld: %s\n", 1589 (longlong_t)efp->e_hdr.e_shoff, strerror(errno)); 1590 free(buf); 1591 goto out; 1592 } 1593 1594 for (i = 0; i < efp->e_hdr.e_shnum; i++) { 1595 void *p = (uchar_t *)buf + efp->e_hdr.e_shentsize * i; 1596 1597 if (efp->e_hdr.e_ident[EI_CLASS] == ELFCLASS32) 1598 core_shdr_to_gelf(p, &shdrs[i]); 1599 else 1600 (void) memcpy(&shdrs[i], p, sizeof (GElf_Shdr)); 1601 } 1602 1603 free(buf); 1604 buf = NULL; 1605 1606 /* 1607 * Read the .shstrtab section from the core file, terminating it with 1608 * an extra \0 so that a corrupt section will not cause us to die. 1609 */ 1610 shp = &shdrs[efp->e_hdr.e_shstrndx]; 1611 shstrtabsz = shp->sh_size; 1612 1613 if ((shstrtab = malloc(shstrtabsz + 1)) == NULL) { 1614 dprintf("failed to allocate %lu bytes for shstrtab\n", 1615 (ulong_t)shstrtabsz); 1616 goto out; 1617 } 1618 1619 if (pread64(efp->e_fd, shstrtab, shstrtabsz, 1620 shp->sh_offset) != shstrtabsz) { 1621 dprintf("failed to read %lu bytes of shstrs at off %lld: %s\n", 1622 shstrtabsz, (longlong_t)shp->sh_offset, strerror(errno)); 1623 goto out; 1624 } 1625 1626 shstrtab[shstrtabsz] = '\0'; 1627 1628 /* 1629 * Now iterate over each section in the section header table, locating 1630 * sections of interest and initializing more of the ps_prochandle. 1631 */ 1632 for (i = 0; i < efp->e_hdr.e_shnum; i++) { 1633 shp = &shdrs[i]; 1634 name = shstrtab + shp->sh_name; 1635 1636 if (shp->sh_name >= shstrtabsz) { 1637 dprintf("skipping section [%d]: corrupt sh_name\n", i); 1638 continue; 1639 } 1640 1641 if (shp->sh_link >= efp->e_hdr.e_shnum) { 1642 dprintf("skipping section [%d]: corrupt sh_link\n", i); 1643 continue; 1644 } 1645 1646 dprintf("found section header %s (sh_addr 0x%llx)\n", 1647 name, (u_longlong_t)shp->sh_addr); 1648 1649 if (strcmp(name, ".SUNW_ctf") == 0) { 1650 if ((mp = Paddr2mptr(P, shp->sh_addr)) == NULL) { 1651 dprintf("no map at addr 0x%llx for %s [%d]\n", 1652 (u_longlong_t)shp->sh_addr, name, i); 1653 continue; 1654 } 1655 1656 if (mp->map_file == NULL || 1657 mp->map_file->file_ctf_buf != NULL) { 1658 dprintf("no mapping file or duplicate buffer " 1659 "for %s [%d]\n", name, i); 1660 continue; 1661 } 1662 1663 if ((buf = malloc(shp->sh_size)) == NULL || 1664 pread64(efp->e_fd, buf, shp->sh_size, 1665 shp->sh_offset) != shp->sh_size) { 1666 dprintf("skipping section %s [%d]: %s\n", 1667 name, i, strerror(errno)); 1668 free(buf); 1669 continue; 1670 } 1671 1672 mp->map_file->file_ctf_size = shp->sh_size; 1673 mp->map_file->file_ctf_buf = buf; 1674 1675 if (shdrs[shp->sh_link].sh_type == SHT_DYNSYM) 1676 mp->map_file->file_ctf_dyn = 1; 1677 1678 } else if (strcmp(name, ".symtab") == 0) { 1679 fake_up_symtab(P, &efp->e_hdr, 1680 shp, &shdrs[shp->sh_link]); 1681 } 1682 } 1683 out: 1684 free(shstrtab); 1685 free(shdrs); 1686 } 1687 1688 /* 1689 * Main engine for core file initialization: given an fd for the core file 1690 * and an optional pathname, construct the ps_prochandle. The aout_path can 1691 * either be a suggested executable pathname, or a suggested directory to 1692 * use as a possible current working directory. 1693 */ 1694 struct ps_prochandle * 1695 Pfgrab_core(int core_fd, const char *aout_path, int *perr) 1696 { 1697 struct ps_prochandle *P; 1698 map_info_t *stk_mp, *brk_mp; 1699 const char *execname; 1700 char *interp; 1701 int i, notes, pagesize; 1702 uintptr_t addr, base_addr; 1703 struct stat64 stbuf; 1704 void *phbuf, *php; 1705 size_t nbytes; 1706 1707 elf_file_t aout; 1708 elf_file_t core; 1709 1710 Elf_Scn *scn, *intp_scn = NULL; 1711 Elf_Data *dp; 1712 1713 GElf_Phdr phdr, note_phdr; 1714 GElf_Shdr shdr; 1715 GElf_Xword nleft; 1716 1717 if (elf_version(EV_CURRENT) == EV_NONE) { 1718 dprintf("libproc ELF version is more recent than libelf\n"); 1719 *perr = G_ELF; 1720 return (NULL); 1721 } 1722 1723 aout.e_elf = NULL; 1724 aout.e_fd = -1; 1725 1726 core.e_elf = NULL; 1727 core.e_fd = core_fd; 1728 1729 /* 1730 * Allocate and initialize a ps_prochandle structure for the core. 1731 * There are several key pieces of initialization here: 1732 * 1733 * 1. The PS_DEAD state flag marks this prochandle as a core file. 1734 * PS_DEAD also thus prevents all operations which require state 1735 * to be PS_STOP from operating on this handle. 1736 * 1737 * 2. We keep the core file fd in P->asfd since the core file contains 1738 * the remnants of the process address space. 1739 * 1740 * 3. We set the P->info_valid bit because all information about the 1741 * core is determined by the end of this function; there is no need 1742 * for proc_update_maps() to reload mappings at any later point. 1743 * 1744 * 4. The read/write ops vector uses our core_rw() function defined 1745 * above to handle i/o requests. 1746 */ 1747 if ((P = malloc(sizeof (struct ps_prochandle))) == NULL) { 1748 *perr = G_STRANGE; 1749 return (NULL); 1750 } 1751 1752 (void) memset(P, 0, sizeof (struct ps_prochandle)); 1753 (void) mutex_init(&P->proc_lock, USYNC_THREAD, NULL); 1754 P->state = PS_DEAD; 1755 P->pid = (pid_t)-1; 1756 P->asfd = core.e_fd; 1757 P->ctlfd = -1; 1758 P->statfd = -1; 1759 P->agentctlfd = -1; 1760 P->agentstatfd = -1; 1761 P->zoneroot = NULL; 1762 P->info_valid = 1; 1763 P->ops = &P_core_ops; 1764 1765 Pinitsym(P); 1766 1767 /* 1768 * Fstat and open the core file and make sure it is a valid ELF core. 1769 */ 1770 if (fstat64(P->asfd, &stbuf) == -1) { 1771 *perr = G_STRANGE; 1772 goto err; 1773 } 1774 1775 if (core_elf_fdopen(&core, ET_CORE, perr) == -1) 1776 goto err; 1777 1778 /* 1779 * Allocate and initialize a core_info_t to hang off the ps_prochandle 1780 * structure. We keep all core-specific information in this structure. 1781 */ 1782 if ((P->core = calloc(1, sizeof (core_info_t))) == NULL) { 1783 *perr = G_STRANGE; 1784 goto err; 1785 } 1786 1787 list_link(&P->core->core_lwp_head, NULL); 1788 P->core->core_size = stbuf.st_size; 1789 /* 1790 * In the days before adjustable core file content, this was the 1791 * default core file content. For new core files, this value will 1792 * be overwritten by the NT_CONTENT note section. 1793 */ 1794 P->core->core_content = CC_CONTENT_STACK | CC_CONTENT_HEAP | 1795 CC_CONTENT_DATA | CC_CONTENT_RODATA | CC_CONTENT_ANON | 1796 CC_CONTENT_SHANON; 1797 1798 switch (core.e_hdr.e_ident[EI_CLASS]) { 1799 case ELFCLASS32: 1800 P->core->core_dmodel = PR_MODEL_ILP32; 1801 break; 1802 case ELFCLASS64: 1803 P->core->core_dmodel = PR_MODEL_LP64; 1804 break; 1805 default: 1806 *perr = G_FORMAT; 1807 goto err; 1808 } 1809 1810 /* 1811 * Because the core file may be a large file, we can't use libelf to 1812 * read the Phdrs. We use e_phnum and e_phentsize to simplify things. 1813 */ 1814 nbytes = core.e_hdr.e_phnum * core.e_hdr.e_phentsize; 1815 1816 if ((phbuf = malloc(nbytes)) == NULL) { 1817 *perr = G_STRANGE; 1818 goto err; 1819 } 1820 1821 if (pread64(core_fd, phbuf, nbytes, core.e_hdr.e_phoff) != nbytes) { 1822 *perr = G_STRANGE; 1823 free(phbuf); 1824 goto err; 1825 } 1826 1827 /* 1828 * Iterate through the program headers in the core file. 1829 * We're interested in two types of Phdrs: PT_NOTE (which 1830 * contains a set of saved /proc structures), and PT_LOAD (which 1831 * represents a memory mapping from the process's address space). 1832 * In the case of PT_NOTE, we're interested in the last PT_NOTE 1833 * in the core file; currently the first PT_NOTE (if present) 1834 * contains /proc structs in the pre-2.6 unstructured /proc format. 1835 */ 1836 for (php = phbuf, notes = 0, i = 0; i < core.e_hdr.e_phnum; i++) { 1837 if (core.e_hdr.e_ident[EI_CLASS] == ELFCLASS64) 1838 (void) memcpy(&phdr, php, sizeof (GElf_Phdr)); 1839 else 1840 core_phdr_to_gelf(php, &phdr); 1841 1842 switch (phdr.p_type) { 1843 case PT_NOTE: 1844 note_phdr = phdr; 1845 notes++; 1846 break; 1847 1848 case PT_LOAD: 1849 if (core_add_mapping(P, &phdr) == -1) { 1850 *perr = G_STRANGE; 1851 free(phbuf); 1852 goto err; 1853 } 1854 break; 1855 } 1856 1857 php = (char *)php + core.e_hdr.e_phentsize; 1858 } 1859 1860 free(phbuf); 1861 1862 Psort_mappings(P); 1863 1864 /* 1865 * If we couldn't find anything of type PT_NOTE, or only one PT_NOTE 1866 * was present, abort. The core file is either corrupt or too old. 1867 */ 1868 if (notes == 0 || notes == 1) { 1869 *perr = G_NOTE; 1870 goto err; 1871 } 1872 1873 /* 1874 * Advance the seek pointer to the start of the PT_NOTE data 1875 */ 1876 if (lseek64(P->asfd, note_phdr.p_offset, SEEK_SET) == (off64_t)-1) { 1877 dprintf("Pgrab_core: failed to lseek to PT_NOTE data\n"); 1878 *perr = G_STRANGE; 1879 goto err; 1880 } 1881 1882 /* 1883 * Now process the PT_NOTE structures. Each one is preceded by 1884 * an Elf{32/64}_Nhdr structure describing its type and size. 1885 * 1886 * +--------+ 1887 * | header | 1888 * +--------+ 1889 * | name | 1890 * | ... | 1891 * +--------+ 1892 * | desc | 1893 * | ... | 1894 * +--------+ 1895 */ 1896 for (nleft = note_phdr.p_filesz; nleft > 0; ) { 1897 Elf64_Nhdr nhdr; 1898 off64_t off, namesz; 1899 1900 /* 1901 * Although <sys/elf.h> defines both Elf32_Nhdr and Elf64_Nhdr 1902 * as different types, they are both of the same content and 1903 * size, so we don't need to worry about 32/64 conversion here. 1904 */ 1905 if (read(P->asfd, &nhdr, sizeof (nhdr)) != sizeof (nhdr)) { 1906 dprintf("Pgrab_core: failed to read ELF note header\n"); 1907 *perr = G_NOTE; 1908 goto err; 1909 } 1910 1911 /* 1912 * According to the System V ABI, the amount of padding 1913 * following the name field should align the description 1914 * field on a 4 byte boundary for 32-bit binaries or on an 8 1915 * byte boundary for 64-bit binaries. However, this change 1916 * was not made correctly during the 64-bit port so all 1917 * descriptions can assume only 4-byte alignment. We ignore 1918 * the name field and the padding to 4-byte alignment. 1919 */ 1920 namesz = P2ROUNDUP((off64_t)nhdr.n_namesz, (off64_t)4); 1921 if (lseek64(P->asfd, namesz, SEEK_CUR) == (off64_t)-1) { 1922 dprintf("failed to seek past name and padding\n"); 1923 *perr = G_STRANGE; 1924 goto err; 1925 } 1926 1927 dprintf("Note hdr n_type=%u n_namesz=%u n_descsz=%u\n", 1928 nhdr.n_type, nhdr.n_namesz, nhdr.n_descsz); 1929 1930 off = lseek64(P->asfd, (off64_t)0L, SEEK_CUR); 1931 1932 /* 1933 * Invoke the note handler function from our table 1934 */ 1935 if (nhdr.n_type < sizeof (nhdlrs) / sizeof (nhdlrs[0])) { 1936 if (nhdlrs[nhdr.n_type](P, nhdr.n_descsz) < 0) { 1937 *perr = G_NOTE; 1938 goto err; 1939 } 1940 } else 1941 (void) note_notsup(P, nhdr.n_descsz); 1942 1943 /* 1944 * Seek past the current note data to the next Elf_Nhdr 1945 */ 1946 if (lseek64(P->asfd, off + nhdr.n_descsz, 1947 SEEK_SET) == (off64_t)-1) { 1948 dprintf("Pgrab_core: failed to seek to next nhdr\n"); 1949 *perr = G_STRANGE; 1950 goto err; 1951 } 1952 1953 /* 1954 * Subtract the size of the header and its data from what 1955 * we have left to process. 1956 */ 1957 nleft -= sizeof (nhdr) + namesz + nhdr.n_descsz; 1958 } 1959 1960 if (nleft != 0) { 1961 dprintf("Pgrab_core: note section malformed\n"); 1962 *perr = G_STRANGE; 1963 goto err; 1964 } 1965 1966 if ((pagesize = Pgetauxval(P, AT_PAGESZ)) == -1) { 1967 pagesize = getpagesize(); 1968 dprintf("AT_PAGESZ missing; defaulting to %d\n", pagesize); 1969 } 1970 1971 /* 1972 * Locate and label the mappings corresponding to the end of the 1973 * heap (MA_BREAK) and the base of the stack (MA_STACK). 1974 */ 1975 if ((P->status.pr_brkbase != 0 || P->status.pr_brksize != 0) && 1976 (brk_mp = Paddr2mptr(P, P->status.pr_brkbase + 1977 P->status.pr_brksize - 1)) != NULL) 1978 brk_mp->map_pmap.pr_mflags |= MA_BREAK; 1979 else 1980 brk_mp = NULL; 1981 1982 if ((stk_mp = Paddr2mptr(P, P->status.pr_stkbase)) != NULL) 1983 stk_mp->map_pmap.pr_mflags |= MA_STACK; 1984 1985 /* 1986 * At this point, we have enough information to look for the 1987 * executable and open it: we have access to the auxv, a psinfo_t, 1988 * and the ability to read from mappings provided by the core file. 1989 */ 1990 (void) Pfindexec(P, aout_path, core_exec_open, &aout); 1991 dprintf("P->execname = \"%s\"\n", P->execname ? P->execname : "NULL"); 1992 execname = P->execname ? P->execname : "a.out"; 1993 1994 /* 1995 * Iterate through the sections, looking for the .dynamic and .interp 1996 * sections. If we encounter them, remember their section pointers. 1997 */ 1998 for (scn = NULL; (scn = elf_nextscn(aout.e_elf, scn)) != NULL; ) { 1999 char *sname; 2000 2001 if ((gelf_getshdr(scn, &shdr) == NULL) || 2002 (sname = elf_strptr(aout.e_elf, aout.e_hdr.e_shstrndx, 2003 (size_t)shdr.sh_name)) == NULL) 2004 continue; 2005 2006 if (strcmp(sname, ".interp") == 0) 2007 intp_scn = scn; 2008 } 2009 2010 /* 2011 * Get the AT_BASE auxv element. If this is missing (-1), then 2012 * we assume this is a statically-linked executable. 2013 */ 2014 base_addr = Pgetauxval(P, AT_BASE); 2015 2016 /* 2017 * In order to get librtld_db initialized, we'll need to identify 2018 * and name the mapping corresponding to the run-time linker. The 2019 * AT_BASE auxv element tells us the address where it was mapped, 2020 * and the .interp section of the executable tells us its path. 2021 * If for some reason that doesn't pan out, just use ld.so.1. 2022 */ 2023 if (intp_scn != NULL && (dp = elf_getdata(intp_scn, NULL)) != NULL && 2024 dp->d_size != 0) { 2025 dprintf(".interp = <%s>\n", (char *)dp->d_buf); 2026 interp = dp->d_buf; 2027 2028 } else if (base_addr != (uintptr_t)-1L) { 2029 if (P->core->core_dmodel == PR_MODEL_LP64) 2030 interp = "/usr/lib/64/ld.so.1"; 2031 else 2032 interp = "/usr/lib/ld.so.1"; 2033 2034 dprintf(".interp section is missing or could not be read; " 2035 "defaulting to %s\n", interp); 2036 } else 2037 dprintf("detected statically linked executable\n"); 2038 2039 /* 2040 * If we have an AT_BASE element, name the mapping at that address 2041 * using the interpreter pathname. Name the corresponding data 2042 * mapping after the interpreter as well. 2043 */ 2044 if (base_addr != (uintptr_t)-1L) { 2045 elf_file_t intf; 2046 2047 P->map_ldso = core_name_mapping(P, base_addr, interp); 2048 2049 if (core_elf_open(&intf, interp, ET_DYN, NULL) == 0) { 2050 rd_loadobj_t rl; 2051 map_info_t *dmp; 2052 2053 rl.rl_base = base_addr; 2054 dmp = core_find_data(P, intf.e_elf, &rl); 2055 2056 if (dmp != NULL) { 2057 dprintf("renamed data at %p to %s\n", 2058 (void *)rl.rl_data_base, interp); 2059 (void) strncpy(dmp->map_pmap.pr_mapname, 2060 interp, PRMAPSZ); 2061 dmp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 2062 } 2063 } 2064 2065 core_elf_close(&intf); 2066 } 2067 2068 /* 2069 * If we have an AT_ENTRY element, name the mapping at that address 2070 * using the special name "a.out" just like /proc does. 2071 */ 2072 if ((addr = Pgetauxval(P, AT_ENTRY)) != (uintptr_t)-1L) 2073 P->map_exec = core_name_mapping(P, addr, "a.out"); 2074 2075 /* 2076 * If we're a statically linked executable, then just locate the 2077 * executable's text and data and name them after the executable. 2078 */ 2079 if (base_addr == (uintptr_t)-1L) { 2080 map_info_t *tmp, *dmp; 2081 file_info_t *fp; 2082 rd_loadobj_t rl; 2083 2084 if ((tmp = core_find_text(P, aout.e_elf, &rl)) != NULL && 2085 (dmp = core_find_data(P, aout.e_elf, &rl)) != NULL) { 2086 (void) strncpy(tmp->map_pmap.pr_mapname, 2087 execname, PRMAPSZ); 2088 tmp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 2089 (void) strncpy(dmp->map_pmap.pr_mapname, 2090 execname, PRMAPSZ); 2091 dmp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 2092 } 2093 2094 if ((P->map_exec = tmp) != NULL && 2095 (fp = malloc(sizeof (file_info_t))) != NULL) { 2096 2097 (void) memset(fp, 0, sizeof (file_info_t)); 2098 2099 list_link(fp, &P->file_head); 2100 tmp->map_file = fp; 2101 P->num_files++; 2102 2103 fp->file_ref = 1; 2104 fp->file_fd = -1; 2105 2106 fp->file_lo = malloc(sizeof (rd_loadobj_t)); 2107 fp->file_lname = strdup(execname); 2108 2109 if (fp->file_lo) 2110 *fp->file_lo = rl; 2111 if (fp->file_lname) 2112 fp->file_lbase = basename(fp->file_lname); 2113 if (fp->file_rname) 2114 fp->file_rbase = basename(fp->file_rname); 2115 2116 (void) strcpy(fp->file_pname, 2117 P->mappings[0].map_pmap.pr_mapname); 2118 fp->file_map = tmp; 2119 2120 Pbuild_file_symtab(P, fp); 2121 2122 if (dmp != NULL) { 2123 dmp->map_file = fp; 2124 fp->file_ref++; 2125 } 2126 } 2127 } 2128 2129 core_elf_close(&aout); 2130 2131 /* 2132 * We now have enough information to initialize librtld_db. 2133 * After it warms up, we can iterate through the load object chain 2134 * in the core, which will allow us to construct the file info 2135 * we need to provide symbol information for the other shared 2136 * libraries, and also to fill in the missing mapping names. 2137 */ 2138 rd_log(_libproc_debug); 2139 2140 if ((P->rap = rd_new(P)) != NULL) { 2141 (void) rd_loadobj_iter(P->rap, (rl_iter_f *) 2142 core_iter_mapping, P); 2143 2144 if (P->core->core_errno != 0) { 2145 errno = P->core->core_errno; 2146 *perr = G_STRANGE; 2147 goto err; 2148 } 2149 } else 2150 dprintf("failed to initialize rtld_db agent\n"); 2151 2152 /* 2153 * If there are sections, load them and process the data from any 2154 * sections that we can use to annotate the file_info_t's. 2155 */ 2156 core_load_shdrs(P, &core); 2157 2158 /* 2159 * If we previously located a stack or break mapping, and they are 2160 * still anonymous, we now assume that they were MAP_ANON mappings. 2161 * If brk_mp turns out to now have a name, then the heap is still 2162 * sitting at the end of the executable's data+bss mapping: remove 2163 * the previous MA_BREAK setting to be consistent with /proc. 2164 */ 2165 if (stk_mp != NULL && stk_mp->map_pmap.pr_mapname[0] == '\0') 2166 stk_mp->map_pmap.pr_mflags |= MA_ANON; 2167 if (brk_mp != NULL && brk_mp->map_pmap.pr_mapname[0] == '\0') 2168 brk_mp->map_pmap.pr_mflags |= MA_ANON; 2169 else if (brk_mp != NULL) 2170 brk_mp->map_pmap.pr_mflags &= ~MA_BREAK; 2171 2172 *perr = 0; 2173 return (P); 2174 2175 err: 2176 Pfree(P); 2177 core_elf_close(&aout); 2178 return (NULL); 2179 } 2180 2181 /* 2182 * Grab a core file using a pathname. We just open it and call Pfgrab_core(). 2183 */ 2184 struct ps_prochandle * 2185 Pgrab_core(const char *core, const char *aout, int gflag, int *perr) 2186 { 2187 int fd, oflag = (gflag & PGRAB_RDONLY) ? O_RDONLY : O_RDWR; 2188 2189 if ((fd = open64(core, oflag)) >= 0) 2190 return (Pfgrab_core(fd, aout, perr)); 2191 2192 if (errno != ENOENT) 2193 *perr = G_STRANGE; 2194 else 2195 *perr = G_NOCORE; 2196 2197 return (NULL); 2198 } 2199