1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 /* 26 * Copyright 2012 DEY Storage Systems, Inc. All rights reserved. 27 * Copyright (c) 2018, Joyent, Inc. All rights reserved. 28 * Copyright (c) 2013 by Delphix. All rights reserved. 29 * Copyright 2015 Gary Mills 30 * Copyright 2020 OmniOS Community Edition (OmniOSce) Association. 31 */ 32 33 #include <sys/types.h> 34 #include <sys/utsname.h> 35 #include <sys/sysmacros.h> 36 #include <sys/proc.h> 37 38 #include <alloca.h> 39 #include <rtld_db.h> 40 #include <libgen.h> 41 #include <limits.h> 42 #include <string.h> 43 #include <stdlib.h> 44 #include <unistd.h> 45 #include <errno.h> 46 #include <gelf.h> 47 #include <stddef.h> 48 #include <signal.h> 49 50 #include "libproc.h" 51 #include "Pcontrol.h" 52 #include "P32ton.h" 53 #include "Putil.h" 54 #include "proc_fd.h" 55 #ifdef __x86 56 #include "Pcore_linux.h" 57 #endif 58 59 /* 60 * Pcore.c - Code to initialize a ps_prochandle from a core dump. We 61 * allocate an additional structure to hold information from the core 62 * file, and attach this to the standard ps_prochandle in place of the 63 * ability to examine /proc/<pid>/ files. 64 */ 65 66 /* 67 * Basic i/o function for reading and writing from the process address space 68 * stored in the core file and associated shared libraries. We compute the 69 * appropriate fd and offsets, and let the provided prw function do the rest. 70 */ 71 static ssize_t 72 core_rw(struct ps_prochandle *P, void *buf, size_t n, uintptr_t addr, 73 ssize_t (*prw)(int, void *, size_t, off64_t)) 74 { 75 ssize_t resid = n; 76 77 while (resid != 0) { 78 map_info_t *mp = Paddr2mptr(P, addr); 79 80 uintptr_t mapoff; 81 ssize_t len; 82 off64_t off; 83 int fd; 84 85 if (mp == NULL) 86 break; /* No mapping for this address */ 87 88 if (mp->map_pmap.pr_mflags & MA_RESERVED1) { 89 if (mp->map_file == NULL || mp->map_file->file_fd < 0) 90 break; /* No file or file not open */ 91 92 fd = mp->map_file->file_fd; 93 } else 94 fd = P->asfd; 95 96 mapoff = addr - mp->map_pmap.pr_vaddr; 97 len = MIN(resid, mp->map_pmap.pr_size - mapoff); 98 off = mp->map_offset + mapoff; 99 100 if ((len = prw(fd, buf, len, off)) <= 0) 101 break; 102 103 resid -= len; 104 addr += len; 105 buf = (char *)buf + len; 106 } 107 108 /* 109 * Important: Be consistent with the behavior of i/o on the as file: 110 * writing to an invalid address yields EIO; reading from an invalid 111 * address falls through to returning success and zero bytes. 112 */ 113 if (resid == n && n != 0 && prw != pread64) { 114 errno = EIO; 115 return (-1); 116 } 117 118 return (n - resid); 119 } 120 121 /*ARGSUSED*/ 122 static ssize_t 123 Pread_core(struct ps_prochandle *P, void *buf, size_t n, uintptr_t addr, 124 void *data) 125 { 126 return (core_rw(P, buf, n, addr, pread64)); 127 } 128 129 /*ARGSUSED*/ 130 static ssize_t 131 Pwrite_core(struct ps_prochandle *P, const void *buf, size_t n, uintptr_t addr, 132 void *data) 133 { 134 return (core_rw(P, (void *)buf, n, addr, 135 (ssize_t (*)(int, void *, size_t, off64_t)) pwrite64)); 136 } 137 138 /*ARGSUSED*/ 139 static int 140 Pcred_core(struct ps_prochandle *P, prcred_t *pcrp, int ngroups, void *data) 141 { 142 core_info_t *core = data; 143 144 if (core->core_cred != NULL) { 145 /* 146 * Avoid returning more supplementary group data than the 147 * caller has allocated in their buffer. We expect them to 148 * check pr_ngroups afterward and potentially call us again. 149 */ 150 ngroups = MIN(ngroups, core->core_cred->pr_ngroups); 151 152 (void) memcpy(pcrp, core->core_cred, 153 sizeof (prcred_t) + (ngroups - 1) * sizeof (gid_t)); 154 155 return (0); 156 } 157 158 errno = ENODATA; 159 return (-1); 160 } 161 162 /*ARGSUSED*/ 163 static int 164 Psecflags_core(struct ps_prochandle *P, prsecflags_t **psf, void *data) 165 { 166 core_info_t *core = data; 167 168 if (core->core_secflags == NULL) { 169 errno = ENODATA; 170 return (-1); 171 } 172 173 if ((*psf = calloc(1, sizeof (prsecflags_t))) == NULL) 174 return (-1); 175 176 (void) memcpy(*psf, core->core_secflags, sizeof (prsecflags_t)); 177 178 return (0); 179 } 180 181 /*ARGSUSED*/ 182 static int 183 Ppriv_core(struct ps_prochandle *P, prpriv_t **pprv, void *data) 184 { 185 core_info_t *core = data; 186 187 if (core->core_priv == NULL) { 188 errno = ENODATA; 189 return (-1); 190 } 191 192 *pprv = malloc(core->core_priv_size); 193 if (*pprv == NULL) { 194 return (-1); 195 } 196 197 (void) memcpy(*pprv, core->core_priv, core->core_priv_size); 198 return (0); 199 } 200 201 /*ARGSUSED*/ 202 static const psinfo_t * 203 Ppsinfo_core(struct ps_prochandle *P, psinfo_t *psinfo, void *data) 204 { 205 return (&P->psinfo); 206 } 207 208 /*ARGSUSED*/ 209 static void 210 Pfini_core(struct ps_prochandle *P, void *data) 211 { 212 core_info_t *core = data; 213 214 if (core != NULL) { 215 extern void __priv_free_info(void *); 216 lwp_info_t *nlwp, *lwp = list_next(&core->core_lwp_head); 217 int i; 218 219 for (i = 0; i < core->core_nlwp; i++, lwp = nlwp) { 220 nlwp = list_next(lwp); 221 #ifdef __sparc 222 if (lwp->lwp_gwins != NULL) 223 free(lwp->lwp_gwins); 224 if (lwp->lwp_xregs != NULL) 225 free(lwp->lwp_xregs); 226 if (lwp->lwp_asrs != NULL) 227 free(lwp->lwp_asrs); 228 #endif 229 free(lwp); 230 } 231 232 if (core->core_platform != NULL) 233 free(core->core_platform); 234 if (core->core_uts != NULL) 235 free(core->core_uts); 236 if (core->core_cred != NULL) 237 free(core->core_cred); 238 if (core->core_priv != NULL) 239 free(core->core_priv); 240 if (core->core_privinfo != NULL) 241 __priv_free_info(core->core_privinfo); 242 if (core->core_ppii != NULL) 243 free(core->core_ppii); 244 if (core->core_zonename != NULL) 245 free(core->core_zonename); 246 if (core->core_secflags != NULL) 247 free(core->core_secflags); 248 if (core->core_upanic != NULL) 249 free(core->core_upanic); 250 #ifdef __x86 251 if (core->core_ldt != NULL) 252 free(core->core_ldt); 253 #endif 254 255 free(core); 256 } 257 } 258 259 /*ARGSUSED*/ 260 static char * 261 Pplatform_core(struct ps_prochandle *P, char *s, size_t n, void *data) 262 { 263 core_info_t *core = data; 264 265 if (core->core_platform == NULL) { 266 errno = ENODATA; 267 return (NULL); 268 } 269 (void) strncpy(s, core->core_platform, n - 1); 270 s[n - 1] = '\0'; 271 return (s); 272 } 273 274 /*ARGSUSED*/ 275 static int 276 Puname_core(struct ps_prochandle *P, struct utsname *u, void *data) 277 { 278 core_info_t *core = data; 279 280 if (core->core_uts == NULL) { 281 errno = ENODATA; 282 return (-1); 283 } 284 (void) memcpy(u, core->core_uts, sizeof (struct utsname)); 285 return (0); 286 } 287 288 /*ARGSUSED*/ 289 static char * 290 Pzonename_core(struct ps_prochandle *P, char *s, size_t n, void *data) 291 { 292 core_info_t *core = data; 293 294 if (core->core_zonename == NULL) { 295 errno = ENODATA; 296 return (NULL); 297 } 298 (void) strlcpy(s, core->core_zonename, n); 299 return (s); 300 } 301 302 #ifdef __x86 303 /*ARGSUSED*/ 304 static int 305 Pldt_core(struct ps_prochandle *P, struct ssd *pldt, int nldt, void *data) 306 { 307 core_info_t *core = data; 308 309 if (pldt == NULL || nldt == 0) 310 return (core->core_nldt); 311 312 if (core->core_ldt != NULL) { 313 nldt = MIN(nldt, core->core_nldt); 314 315 (void) memcpy(pldt, core->core_ldt, 316 nldt * sizeof (struct ssd)); 317 318 return (nldt); 319 } 320 321 errno = ENODATA; 322 return (-1); 323 } 324 #endif 325 326 static const ps_ops_t P_core_ops = { 327 .pop_pread = Pread_core, 328 .pop_pwrite = Pwrite_core, 329 .pop_cred = Pcred_core, 330 .pop_priv = Ppriv_core, 331 .pop_psinfo = Ppsinfo_core, 332 .pop_fini = Pfini_core, 333 .pop_platform = Pplatform_core, 334 .pop_uname = Puname_core, 335 .pop_zonename = Pzonename_core, 336 .pop_secflags = Psecflags_core, 337 #ifdef __x86 338 .pop_ldt = Pldt_core 339 #endif 340 }; 341 342 /* 343 * Return the lwp_info_t for the given lwpid. If no such lwpid has been 344 * encountered yet, allocate a new structure and return a pointer to it. 345 * Create a list of lwp_info_t structures sorted in decreasing lwp_id order. 346 */ 347 static lwp_info_t * 348 lwpid2info(struct ps_prochandle *P, lwpid_t id) 349 { 350 core_info_t *core = P->data; 351 lwp_info_t *lwp = list_next(&core->core_lwp_head); 352 lwp_info_t *next; 353 uint_t i; 354 355 for (i = 0; i < core->core_nlwp; i++, lwp = list_next(lwp)) { 356 if (lwp->lwp_id == id) { 357 core->core_lwp = lwp; 358 return (lwp); 359 } 360 if (lwp->lwp_id < id) { 361 break; 362 } 363 } 364 365 next = lwp; 366 if ((lwp = calloc(1, sizeof (lwp_info_t))) == NULL) 367 return (NULL); 368 369 list_link(lwp, next); 370 lwp->lwp_id = id; 371 372 core->core_lwp = lwp; 373 core->core_nlwp++; 374 375 return (lwp); 376 } 377 378 /* 379 * The core file itself contains a series of NOTE segments containing saved 380 * structures from /proc at the time the process died. For each note we 381 * comprehend, we define a function to read it in from the core file, 382 * convert it to our native data model if necessary, and store it inside 383 * the ps_prochandle. Each function is invoked by Pfgrab_core() with the 384 * seek pointer on P->asfd positioned appropriately. We populate a table 385 * of pointers to these note functions below. 386 */ 387 388 static int 389 note_pstatus(struct ps_prochandle *P, size_t nbytes) 390 { 391 #ifdef _LP64 392 core_info_t *core = P->data; 393 394 if (core->core_dmodel == PR_MODEL_ILP32) { 395 pstatus32_t ps32; 396 397 if (nbytes < sizeof (pstatus32_t) || 398 read(P->asfd, &ps32, sizeof (ps32)) != sizeof (ps32)) 399 goto err; 400 401 pstatus_32_to_n(&ps32, &P->status); 402 403 } else 404 #endif 405 if (nbytes < sizeof (pstatus_t) || 406 read(P->asfd, &P->status, sizeof (pstatus_t)) != sizeof (pstatus_t)) 407 goto err; 408 409 P->orig_status = P->status; 410 P->pid = P->status.pr_pid; 411 412 return (0); 413 414 err: 415 dprintf("Pgrab_core: failed to read NT_PSTATUS\n"); 416 return (-1); 417 } 418 419 static int 420 note_lwpstatus(struct ps_prochandle *P, size_t nbytes) 421 { 422 lwp_info_t *lwp; 423 lwpstatus_t lps; 424 425 #ifdef _LP64 426 core_info_t *core = P->data; 427 428 if (core->core_dmodel == PR_MODEL_ILP32) { 429 lwpstatus32_t l32; 430 431 if (nbytes < sizeof (lwpstatus32_t) || 432 read(P->asfd, &l32, sizeof (l32)) != sizeof (l32)) 433 goto err; 434 435 lwpstatus_32_to_n(&l32, &lps); 436 } else 437 #endif 438 if (nbytes < sizeof (lwpstatus_t) || 439 read(P->asfd, &lps, sizeof (lps)) != sizeof (lps)) 440 goto err; 441 442 if ((lwp = lwpid2info(P, lps.pr_lwpid)) == NULL) { 443 dprintf("Pgrab_core: failed to add NT_LWPSTATUS\n"); 444 return (-1); 445 } 446 447 /* 448 * Erase a useless and confusing artifact of the kernel implementation: 449 * the lwps which did *not* create the core will show SIGKILL. We can 450 * be assured this is bogus because SIGKILL can't produce core files. 451 */ 452 if (lps.pr_cursig == SIGKILL) 453 lps.pr_cursig = 0; 454 455 (void) memcpy(&lwp->lwp_status, &lps, sizeof (lps)); 456 return (0); 457 458 err: 459 dprintf("Pgrab_core: failed to read NT_LWPSTATUS\n"); 460 return (-1); 461 } 462 463 #ifdef __x86 464 465 static void 466 lx_prpsinfo32_to_psinfo(lx_prpsinfo32_t *p32, psinfo_t *psinfo) 467 { 468 psinfo->pr_flag = p32->pr_flag; 469 psinfo->pr_pid = p32->pr_pid; 470 psinfo->pr_ppid = p32->pr_ppid; 471 psinfo->pr_uid = p32->pr_uid; 472 psinfo->pr_gid = p32->pr_gid; 473 psinfo->pr_sid = p32->pr_sid; 474 psinfo->pr_pgid = p32->pr_pgrp; 475 476 (void) memcpy(psinfo->pr_fname, p32->pr_fname, 477 sizeof (psinfo->pr_fname)); 478 (void) memcpy(psinfo->pr_psargs, p32->pr_psargs, 479 sizeof (psinfo->pr_psargs)); 480 } 481 482 static void 483 lx_prpsinfo64_to_psinfo(lx_prpsinfo64_t *p64, psinfo_t *psinfo) 484 { 485 psinfo->pr_flag = p64->pr_flag; 486 psinfo->pr_pid = p64->pr_pid; 487 psinfo->pr_ppid = p64->pr_ppid; 488 psinfo->pr_uid = p64->pr_uid; 489 psinfo->pr_gid = p64->pr_gid; 490 psinfo->pr_sid = p64->pr_sid; 491 psinfo->pr_pgid = p64->pr_pgrp; 492 psinfo->pr_pgid = p64->pr_pgrp; 493 494 (void) memcpy(psinfo->pr_fname, p64->pr_fname, 495 sizeof (psinfo->pr_fname)); 496 (void) memcpy(psinfo->pr_psargs, p64->pr_psargs, 497 sizeof (psinfo->pr_psargs)); 498 } 499 500 static int 501 note_linux_psinfo(struct ps_prochandle *P, size_t nbytes) 502 { 503 core_info_t *core = P->data; 504 lx_prpsinfo32_t p32; 505 lx_prpsinfo64_t p64; 506 507 if (core->core_dmodel == PR_MODEL_ILP32) { 508 if (nbytes < sizeof (p32) || 509 read(P->asfd, &p32, sizeof (p32)) != sizeof (p32)) 510 goto err; 511 512 lx_prpsinfo32_to_psinfo(&p32, &P->psinfo); 513 } else { 514 if (nbytes < sizeof (p64) || 515 read(P->asfd, &p64, sizeof (p64)) != sizeof (p64)) 516 goto err; 517 518 lx_prpsinfo64_to_psinfo(&p64, &P->psinfo); 519 } 520 521 522 P->status.pr_pid = P->psinfo.pr_pid; 523 P->status.pr_ppid = P->psinfo.pr_ppid; 524 P->status.pr_pgid = P->psinfo.pr_pgid; 525 P->status.pr_sid = P->psinfo.pr_sid; 526 527 P->psinfo.pr_nlwp = 0; 528 P->status.pr_nlwp = 0; 529 530 return (0); 531 err: 532 dprintf("Pgrab_core: failed to read NT_PSINFO\n"); 533 return (-1); 534 } 535 536 static void 537 lx_prstatus64_to_lwp(lx_prstatus64_t *prs64, lwp_info_t *lwp) 538 { 539 LTIME_TO_TIMESPEC(lwp->lwp_status.pr_utime, prs64->pr_utime); 540 LTIME_TO_TIMESPEC(lwp->lwp_status.pr_stime, prs64->pr_stime); 541 542 lwp->lwp_status.pr_reg[REG_R15] = prs64->pr_reg.lxr_r15; 543 lwp->lwp_status.pr_reg[REG_R14] = prs64->pr_reg.lxr_r14; 544 lwp->lwp_status.pr_reg[REG_R13] = prs64->pr_reg.lxr_r13; 545 lwp->lwp_status.pr_reg[REG_R12] = prs64->pr_reg.lxr_r12; 546 lwp->lwp_status.pr_reg[REG_R11] = prs64->pr_reg.lxr_r11; 547 lwp->lwp_status.pr_reg[REG_R10] = prs64->pr_reg.lxr_r10; 548 lwp->lwp_status.pr_reg[REG_R9] = prs64->pr_reg.lxr_r9; 549 lwp->lwp_status.pr_reg[REG_R8] = prs64->pr_reg.lxr_r8; 550 551 lwp->lwp_status.pr_reg[REG_RDI] = prs64->pr_reg.lxr_rdi; 552 lwp->lwp_status.pr_reg[REG_RSI] = prs64->pr_reg.lxr_rsi; 553 lwp->lwp_status.pr_reg[REG_RBP] = prs64->pr_reg.lxr_rbp; 554 lwp->lwp_status.pr_reg[REG_RBX] = prs64->pr_reg.lxr_rbx; 555 lwp->lwp_status.pr_reg[REG_RDX] = prs64->pr_reg.lxr_rdx; 556 lwp->lwp_status.pr_reg[REG_RCX] = prs64->pr_reg.lxr_rcx; 557 lwp->lwp_status.pr_reg[REG_RAX] = prs64->pr_reg.lxr_rax; 558 559 lwp->lwp_status.pr_reg[REG_RIP] = prs64->pr_reg.lxr_rip; 560 lwp->lwp_status.pr_reg[REG_CS] = prs64->pr_reg.lxr_cs; 561 lwp->lwp_status.pr_reg[REG_RSP] = prs64->pr_reg.lxr_rsp; 562 lwp->lwp_status.pr_reg[REG_FS] = prs64->pr_reg.lxr_fs; 563 lwp->lwp_status.pr_reg[REG_SS] = prs64->pr_reg.lxr_ss; 564 lwp->lwp_status.pr_reg[REG_GS] = prs64->pr_reg.lxr_gs; 565 lwp->lwp_status.pr_reg[REG_ES] = prs64->pr_reg.lxr_es; 566 lwp->lwp_status.pr_reg[REG_DS] = prs64->pr_reg.lxr_ds; 567 568 lwp->lwp_status.pr_reg[REG_GSBASE] = prs64->pr_reg.lxr_gs_base; 569 lwp->lwp_status.pr_reg[REG_FSBASE] = prs64->pr_reg.lxr_fs_base; 570 } 571 572 static void 573 lx_prstatus32_to_lwp(lx_prstatus32_t *prs32, lwp_info_t *lwp) 574 { 575 LTIME_TO_TIMESPEC(lwp->lwp_status.pr_utime, prs32->pr_utime); 576 LTIME_TO_TIMESPEC(lwp->lwp_status.pr_stime, prs32->pr_stime); 577 578 #ifdef __amd64 579 lwp->lwp_status.pr_reg[REG_GS] = prs32->pr_reg.lxr_gs; 580 lwp->lwp_status.pr_reg[REG_FS] = prs32->pr_reg.lxr_fs; 581 lwp->lwp_status.pr_reg[REG_DS] = prs32->pr_reg.lxr_ds; 582 lwp->lwp_status.pr_reg[REG_ES] = prs32->pr_reg.lxr_es; 583 lwp->lwp_status.pr_reg[REG_RDI] = prs32->pr_reg.lxr_di; 584 lwp->lwp_status.pr_reg[REG_RSI] = prs32->pr_reg.lxr_si; 585 lwp->lwp_status.pr_reg[REG_RBP] = prs32->pr_reg.lxr_bp; 586 lwp->lwp_status.pr_reg[REG_RBX] = prs32->pr_reg.lxr_bx; 587 lwp->lwp_status.pr_reg[REG_RDX] = prs32->pr_reg.lxr_dx; 588 lwp->lwp_status.pr_reg[REG_RCX] = prs32->pr_reg.lxr_cx; 589 lwp->lwp_status.pr_reg[REG_RAX] = prs32->pr_reg.lxr_ax; 590 lwp->lwp_status.pr_reg[REG_RIP] = prs32->pr_reg.lxr_ip; 591 lwp->lwp_status.pr_reg[REG_CS] = prs32->pr_reg.lxr_cs; 592 lwp->lwp_status.pr_reg[REG_RFL] = prs32->pr_reg.lxr_flags; 593 lwp->lwp_status.pr_reg[REG_RSP] = prs32->pr_reg.lxr_sp; 594 lwp->lwp_status.pr_reg[REG_SS] = prs32->pr_reg.lxr_ss; 595 #else /* __amd64 */ 596 lwp->lwp_status.pr_reg[EBX] = prs32->pr_reg.lxr_bx; 597 lwp->lwp_status.pr_reg[ECX] = prs32->pr_reg.lxr_cx; 598 lwp->lwp_status.pr_reg[EDX] = prs32->pr_reg.lxr_dx; 599 lwp->lwp_status.pr_reg[ESI] = prs32->pr_reg.lxr_si; 600 lwp->lwp_status.pr_reg[EDI] = prs32->pr_reg.lxr_di; 601 lwp->lwp_status.pr_reg[EBP] = prs32->pr_reg.lxr_bp; 602 lwp->lwp_status.pr_reg[EAX] = prs32->pr_reg.lxr_ax; 603 lwp->lwp_status.pr_reg[EIP] = prs32->pr_reg.lxr_ip; 604 lwp->lwp_status.pr_reg[UESP] = prs32->pr_reg.lxr_sp; 605 606 lwp->lwp_status.pr_reg[DS] = prs32->pr_reg.lxr_ds; 607 lwp->lwp_status.pr_reg[ES] = prs32->pr_reg.lxr_es; 608 lwp->lwp_status.pr_reg[FS] = prs32->pr_reg.lxr_fs; 609 lwp->lwp_status.pr_reg[GS] = prs32->pr_reg.lxr_gs; 610 lwp->lwp_status.pr_reg[CS] = prs32->pr_reg.lxr_cs; 611 lwp->lwp_status.pr_reg[SS] = prs32->pr_reg.lxr_ss; 612 613 lwp->lwp_status.pr_reg[EFL] = prs32->pr_reg.lxr_flags; 614 #endif /* !__amd64 */ 615 } 616 617 static int 618 note_linux_prstatus(struct ps_prochandle *P, size_t nbytes) 619 { 620 core_info_t *core = P->data; 621 622 lx_prstatus64_t prs64; 623 lx_prstatus32_t prs32; 624 lwp_info_t *lwp; 625 lwpid_t tid; 626 627 dprintf("looking for model %d, %ld/%ld\n", core->core_dmodel, 628 (ulong_t)nbytes, (ulong_t)sizeof (prs32)); 629 if (core->core_dmodel == PR_MODEL_ILP32) { 630 if (nbytes < sizeof (prs32) || 631 read(P->asfd, &prs32, sizeof (prs32)) != nbytes) 632 goto err; 633 tid = prs32.pr_pid; 634 } else { 635 if (nbytes < sizeof (prs64) || 636 read(P->asfd, &prs64, sizeof (prs64)) != nbytes) 637 goto err; 638 tid = prs64.pr_pid; 639 } 640 641 if ((lwp = lwpid2info(P, tid)) == NULL) { 642 dprintf("Pgrab_core: failed to add lwpid2info " 643 "linux_prstatus\n"); 644 return (-1); 645 } 646 647 P->psinfo.pr_nlwp++; 648 P->status.pr_nlwp++; 649 650 lwp->lwp_status.pr_lwpid = tid; 651 652 if (core->core_dmodel == PR_MODEL_ILP32) 653 lx_prstatus32_to_lwp(&prs32, lwp); 654 else 655 lx_prstatus64_to_lwp(&prs64, lwp); 656 657 return (0); 658 err: 659 dprintf("Pgrab_core: failed to read NT_PRSTATUS\n"); 660 return (-1); 661 } 662 663 #endif /* __x86 */ 664 665 static int 666 note_psinfo(struct ps_prochandle *P, size_t nbytes) 667 { 668 #ifdef _LP64 669 core_info_t *core = P->data; 670 671 if (core->core_dmodel == PR_MODEL_ILP32) { 672 psinfo32_t ps32; 673 674 if (nbytes < sizeof (psinfo32_t) || 675 read(P->asfd, &ps32, sizeof (ps32)) != sizeof (ps32)) 676 goto err; 677 678 psinfo_32_to_n(&ps32, &P->psinfo); 679 } else 680 #endif 681 if (nbytes < sizeof (psinfo_t) || 682 read(P->asfd, &P->psinfo, sizeof (psinfo_t)) != sizeof (psinfo_t)) 683 goto err; 684 685 dprintf("pr_fname = <%s>\n", P->psinfo.pr_fname); 686 dprintf("pr_psargs = <%s>\n", P->psinfo.pr_psargs); 687 dprintf("pr_wstat = 0x%x\n", P->psinfo.pr_wstat); 688 689 return (0); 690 691 err: 692 dprintf("Pgrab_core: failed to read NT_PSINFO\n"); 693 return (-1); 694 } 695 696 static int 697 note_lwpsinfo(struct ps_prochandle *P, size_t nbytes) 698 { 699 lwp_info_t *lwp; 700 lwpsinfo_t lps; 701 702 #ifdef _LP64 703 core_info_t *core = P->data; 704 705 if (core->core_dmodel == PR_MODEL_ILP32) { 706 lwpsinfo32_t l32; 707 708 if (nbytes < sizeof (lwpsinfo32_t) || 709 read(P->asfd, &l32, sizeof (l32)) != sizeof (l32)) 710 goto err; 711 712 lwpsinfo_32_to_n(&l32, &lps); 713 } else 714 #endif 715 if (nbytes < sizeof (lwpsinfo_t) || 716 read(P->asfd, &lps, sizeof (lps)) != sizeof (lps)) 717 goto err; 718 719 if ((lwp = lwpid2info(P, lps.pr_lwpid)) == NULL) { 720 dprintf("Pgrab_core: failed to add NT_LWPSINFO\n"); 721 return (-1); 722 } 723 724 (void) memcpy(&lwp->lwp_psinfo, &lps, sizeof (lps)); 725 return (0); 726 727 err: 728 dprintf("Pgrab_core: failed to read NT_LWPSINFO\n"); 729 return (-1); 730 } 731 732 static int 733 note_lwpname(struct ps_prochandle *P, size_t nbytes) 734 { 735 prlwpname_t name; 736 lwp_info_t *lwp; 737 738 if (nbytes != sizeof (name) || 739 read(P->asfd, &name, sizeof (name)) != sizeof (name)) 740 goto err; 741 742 if ((lwp = lwpid2info(P, name.pr_lwpid)) == NULL) 743 goto err; 744 745 if (strlcpy(lwp->lwp_name, name.pr_lwpname, 746 sizeof (lwp->lwp_name)) >= sizeof (lwp->lwp_name)) { 747 errno = ENAMETOOLONG; 748 goto err; 749 } 750 751 return (0); 752 753 err: 754 dprintf("Pgrab_core: failed to read NT_LWPNAME\n"); 755 return (-1); 756 } 757 758 static int 759 note_fdinfo(struct ps_prochandle *P, size_t nbytes) 760 { 761 prfdinfo_core_t prfd; 762 fd_info_t *fip; 763 764 if ((nbytes < sizeof (prfd)) || 765 (read(P->asfd, &prfd, sizeof (prfd)) != sizeof (prfd))) { 766 dprintf("Pgrab_core: failed to read NT_FDINFO\n"); 767 return (-1); 768 } 769 770 if ((fip = Pfd2info(P, prfd.pr_fd)) == NULL) { 771 dprintf("Pgrab_core: failed to add NT_FDINFO\n"); 772 return (-1); 773 } 774 if (fip->fd_info == NULL) { 775 if (proc_fdinfo_from_core(&prfd, &fip->fd_info) != 0) { 776 dprintf("Pgrab_core: failed to convert NT_FDINFO\n"); 777 return (-1); 778 } 779 } 780 781 return (0); 782 } 783 784 static int 785 note_platform(struct ps_prochandle *P, size_t nbytes) 786 { 787 core_info_t *core = P->data; 788 char *plat; 789 790 if (core->core_platform != NULL) 791 return (0); /* Already seen */ 792 793 if (nbytes != 0 && ((plat = malloc(nbytes + 1)) != NULL)) { 794 if (read(P->asfd, plat, nbytes) != nbytes) { 795 dprintf("Pgrab_core: failed to read NT_PLATFORM\n"); 796 free(plat); 797 return (-1); 798 } 799 plat[nbytes - 1] = '\0'; 800 core->core_platform = plat; 801 } 802 803 return (0); 804 } 805 806 static int 807 note_secflags(struct ps_prochandle *P, size_t nbytes) 808 { 809 core_info_t *core = P->data; 810 prsecflags_t *psf; 811 812 if (core->core_secflags != NULL) 813 return (0); /* Already seen */ 814 815 if (sizeof (*psf) != nbytes) { 816 dprintf("Pgrab_core: NT_SECFLAGS changed size." 817 " Need to handle a version change?\n"); 818 return (-1); 819 } 820 821 if (nbytes != 0 && ((psf = malloc(nbytes)) != NULL)) { 822 if (read(P->asfd, psf, nbytes) != nbytes) { 823 dprintf("Pgrab_core: failed to read NT_SECFLAGS\n"); 824 free(psf); 825 return (-1); 826 } 827 828 core->core_secflags = psf; 829 } 830 831 return (0); 832 } 833 834 static int 835 note_utsname(struct ps_prochandle *P, size_t nbytes) 836 { 837 core_info_t *core = P->data; 838 size_t ubytes = sizeof (struct utsname); 839 struct utsname *utsp; 840 841 if (core->core_uts != NULL || nbytes < ubytes) 842 return (0); /* Already seen or bad size */ 843 844 if ((utsp = malloc(ubytes)) == NULL) 845 return (-1); 846 847 if (read(P->asfd, utsp, ubytes) != ubytes) { 848 dprintf("Pgrab_core: failed to read NT_UTSNAME\n"); 849 free(utsp); 850 return (-1); 851 } 852 853 if (_libproc_debug) { 854 dprintf("uts.sysname = \"%s\"\n", utsp->sysname); 855 dprintf("uts.nodename = \"%s\"\n", utsp->nodename); 856 dprintf("uts.release = \"%s\"\n", utsp->release); 857 dprintf("uts.version = \"%s\"\n", utsp->version); 858 dprintf("uts.machine = \"%s\"\n", utsp->machine); 859 } 860 861 core->core_uts = utsp; 862 return (0); 863 } 864 865 static int 866 note_content(struct ps_prochandle *P, size_t nbytes) 867 { 868 core_info_t *core = P->data; 869 core_content_t content; 870 871 if (sizeof (core->core_content) != nbytes) 872 return (-1); 873 874 if (read(P->asfd, &content, sizeof (content)) != sizeof (content)) 875 return (-1); 876 877 core->core_content = content; 878 879 dprintf("core content = %llx\n", content); 880 881 return (0); 882 } 883 884 static int 885 note_cred(struct ps_prochandle *P, size_t nbytes) 886 { 887 core_info_t *core = P->data; 888 prcred_t *pcrp; 889 int ngroups; 890 const size_t min_size = sizeof (prcred_t) - sizeof (gid_t); 891 892 /* 893 * We allow for prcred_t notes that are actually smaller than a 894 * prcred_t since the last member isn't essential if there are 895 * no group memberships. This allows for more flexibility when it 896 * comes to slightly malformed -- but still valid -- notes. 897 */ 898 if (core->core_cred != NULL || nbytes < min_size) 899 return (0); /* Already seen or bad size */ 900 901 ngroups = (nbytes - min_size) / sizeof (gid_t); 902 nbytes = sizeof (prcred_t) + (ngroups - 1) * sizeof (gid_t); 903 904 if ((pcrp = malloc(nbytes)) == NULL) 905 return (-1); 906 907 if (read(P->asfd, pcrp, nbytes) != nbytes) { 908 dprintf("Pgrab_core: failed to read NT_PRCRED\n"); 909 free(pcrp); 910 return (-1); 911 } 912 913 if (pcrp->pr_ngroups > ngroups) { 914 dprintf("pr_ngroups = %d; resetting to %d based on note size\n", 915 pcrp->pr_ngroups, ngroups); 916 pcrp->pr_ngroups = ngroups; 917 } 918 919 core->core_cred = pcrp; 920 return (0); 921 } 922 923 #ifdef __x86 924 static int 925 note_ldt(struct ps_prochandle *P, size_t nbytes) 926 { 927 core_info_t *core = P->data; 928 struct ssd *pldt; 929 uint_t nldt; 930 931 if (core->core_ldt != NULL || nbytes < sizeof (struct ssd)) 932 return (0); /* Already seen or bad size */ 933 934 nldt = nbytes / sizeof (struct ssd); 935 nbytes = nldt * sizeof (struct ssd); 936 937 if ((pldt = malloc(nbytes)) == NULL) 938 return (-1); 939 940 if (read(P->asfd, pldt, nbytes) != nbytes) { 941 dprintf("Pgrab_core: failed to read NT_LDT\n"); 942 free(pldt); 943 return (-1); 944 } 945 946 core->core_ldt = pldt; 947 core->core_nldt = nldt; 948 return (0); 949 } 950 #endif /* __i386 */ 951 952 static int 953 note_priv(struct ps_prochandle *P, size_t nbytes) 954 { 955 core_info_t *core = P->data; 956 prpriv_t *pprvp; 957 958 if (core->core_priv != NULL || nbytes < sizeof (prpriv_t)) 959 return (0); /* Already seen or bad size */ 960 961 if ((pprvp = malloc(nbytes)) == NULL) 962 return (-1); 963 964 if (read(P->asfd, pprvp, nbytes) != nbytes) { 965 dprintf("Pgrab_core: failed to read NT_PRPRIV\n"); 966 free(pprvp); 967 return (-1); 968 } 969 970 core->core_priv = pprvp; 971 core->core_priv_size = nbytes; 972 return (0); 973 } 974 975 static int 976 note_priv_info(struct ps_prochandle *P, size_t nbytes) 977 { 978 core_info_t *core = P->data; 979 extern void *__priv_parse_info(); 980 priv_impl_info_t *ppii; 981 982 if (core->core_privinfo != NULL || 983 nbytes < sizeof (priv_impl_info_t)) 984 return (0); /* Already seen or bad size */ 985 986 if ((ppii = malloc(nbytes)) == NULL) 987 return (-1); 988 989 if (read(P->asfd, ppii, nbytes) != nbytes || 990 PRIV_IMPL_INFO_SIZE(ppii) != nbytes) { 991 dprintf("Pgrab_core: failed to read NT_PRPRIVINFO\n"); 992 free(ppii); 993 return (-1); 994 } 995 996 core->core_privinfo = __priv_parse_info(ppii); 997 core->core_ppii = ppii; 998 return (0); 999 } 1000 1001 static int 1002 note_zonename(struct ps_prochandle *P, size_t nbytes) 1003 { 1004 core_info_t *core = P->data; 1005 char *zonename; 1006 1007 if (core->core_zonename != NULL) 1008 return (0); /* Already seen */ 1009 1010 if (nbytes != 0) { 1011 if ((zonename = malloc(nbytes)) == NULL) 1012 return (-1); 1013 if (read(P->asfd, zonename, nbytes) != nbytes) { 1014 dprintf("Pgrab_core: failed to read NT_ZONENAME\n"); 1015 free(zonename); 1016 return (-1); 1017 } 1018 zonename[nbytes - 1] = '\0'; 1019 core->core_zonename = zonename; 1020 } 1021 1022 return (0); 1023 } 1024 1025 static int 1026 note_auxv(struct ps_prochandle *P, size_t nbytes) 1027 { 1028 size_t n, i; 1029 1030 #ifdef _LP64 1031 core_info_t *core = P->data; 1032 1033 if (core->core_dmodel == PR_MODEL_ILP32) { 1034 auxv32_t *a32; 1035 1036 n = nbytes / sizeof (auxv32_t); 1037 nbytes = n * sizeof (auxv32_t); 1038 a32 = alloca(nbytes); 1039 1040 if (read(P->asfd, a32, nbytes) != nbytes) { 1041 dprintf("Pgrab_core: failed to read NT_AUXV\n"); 1042 return (-1); 1043 } 1044 1045 if ((P->auxv = malloc(sizeof (auxv_t) * (n + 1))) == NULL) 1046 return (-1); 1047 1048 for (i = 0; i < n; i++) 1049 auxv_32_to_n(&a32[i], &P->auxv[i]); 1050 1051 } else { 1052 #endif 1053 n = nbytes / sizeof (auxv_t); 1054 nbytes = n * sizeof (auxv_t); 1055 1056 if ((P->auxv = malloc(nbytes + sizeof (auxv_t))) == NULL) 1057 return (-1); 1058 1059 if (read(P->asfd, P->auxv, nbytes) != nbytes) { 1060 free(P->auxv); 1061 P->auxv = NULL; 1062 return (-1); 1063 } 1064 #ifdef _LP64 1065 } 1066 #endif 1067 1068 if (_libproc_debug) { 1069 for (i = 0; i < n; i++) { 1070 dprintf("P->auxv[%lu] = ( %d, 0x%lx )\n", (ulong_t)i, 1071 P->auxv[i].a_type, P->auxv[i].a_un.a_val); 1072 } 1073 } 1074 1075 /* 1076 * Defensive coding for loops which depend upon the auxv array being 1077 * terminated by an AT_NULL element; in each case, we've allocated 1078 * P->auxv to have an additional element which we force to be AT_NULL. 1079 */ 1080 P->auxv[n].a_type = AT_NULL; 1081 P->auxv[n].a_un.a_val = 0L; 1082 P->nauxv = (int)n; 1083 1084 return (0); 1085 } 1086 1087 #ifdef __sparc 1088 static int 1089 note_xreg(struct ps_prochandle *P, size_t nbytes) 1090 { 1091 core_info_t *core = P->data; 1092 lwp_info_t *lwp = core->core_lwp; 1093 size_t xbytes = sizeof (prxregset_t); 1094 prxregset_t *xregs; 1095 1096 if (lwp == NULL || lwp->lwp_xregs != NULL || nbytes < xbytes) 1097 return (0); /* No lwp yet, already seen, or bad size */ 1098 1099 if ((xregs = malloc(xbytes)) == NULL) 1100 return (-1); 1101 1102 if (read(P->asfd, xregs, xbytes) != xbytes) { 1103 dprintf("Pgrab_core: failed to read NT_PRXREG\n"); 1104 free(xregs); 1105 return (-1); 1106 } 1107 1108 lwp->lwp_xregs = xregs; 1109 return (0); 1110 } 1111 1112 static int 1113 note_gwindows(struct ps_prochandle *P, size_t nbytes) 1114 { 1115 core_info_t *core = P->data; 1116 lwp_info_t *lwp = core->core_lwp; 1117 1118 if (lwp == NULL || lwp->lwp_gwins != NULL || nbytes == 0) 1119 return (0); /* No lwp yet or already seen or no data */ 1120 1121 if ((lwp->lwp_gwins = malloc(sizeof (gwindows_t))) == NULL) 1122 return (-1); 1123 1124 /* 1125 * Since the amount of gwindows data varies with how many windows were 1126 * actually saved, we just read up to the minimum of the note size 1127 * and the size of the gwindows_t type. It doesn't matter if the read 1128 * fails since we have to zero out gwindows first anyway. 1129 */ 1130 #ifdef _LP64 1131 if (core->core_dmodel == PR_MODEL_ILP32) { 1132 gwindows32_t g32; 1133 1134 (void) memset(&g32, 0, sizeof (g32)); 1135 (void) read(P->asfd, &g32, MIN(nbytes, sizeof (g32))); 1136 gwindows_32_to_n(&g32, lwp->lwp_gwins); 1137 1138 } else { 1139 #endif 1140 (void) memset(lwp->lwp_gwins, 0, sizeof (gwindows_t)); 1141 (void) read(P->asfd, lwp->lwp_gwins, 1142 MIN(nbytes, sizeof (gwindows_t))); 1143 #ifdef _LP64 1144 } 1145 #endif 1146 return (0); 1147 } 1148 1149 #ifdef __sparcv9 1150 static int 1151 note_asrs(struct ps_prochandle *P, size_t nbytes) 1152 { 1153 core_info_t *core = P->data; 1154 lwp_info_t *lwp = core->core_lwp; 1155 int64_t *asrs; 1156 1157 if (lwp == NULL || lwp->lwp_asrs != NULL || nbytes < sizeof (asrset_t)) 1158 return (0); /* No lwp yet, already seen, or bad size */ 1159 1160 if ((asrs = malloc(sizeof (asrset_t))) == NULL) 1161 return (-1); 1162 1163 if (read(P->asfd, asrs, sizeof (asrset_t)) != sizeof (asrset_t)) { 1164 dprintf("Pgrab_core: failed to read NT_ASRS\n"); 1165 free(asrs); 1166 return (-1); 1167 } 1168 1169 lwp->lwp_asrs = asrs; 1170 return (0); 1171 } 1172 #endif /* __sparcv9 */ 1173 #endif /* __sparc */ 1174 1175 static int 1176 note_spymaster(struct ps_prochandle *P, size_t nbytes) 1177 { 1178 #ifdef _LP64 1179 core_info_t *core = P->data; 1180 1181 if (core->core_dmodel == PR_MODEL_ILP32) { 1182 psinfo32_t ps32; 1183 1184 if (nbytes < sizeof (psinfo32_t) || 1185 read(P->asfd, &ps32, sizeof (ps32)) != sizeof (ps32)) 1186 goto err; 1187 1188 psinfo_32_to_n(&ps32, &P->spymaster); 1189 } else 1190 #endif 1191 if (nbytes < sizeof (psinfo_t) || read(P->asfd, 1192 &P->spymaster, sizeof (psinfo_t)) != sizeof (psinfo_t)) 1193 goto err; 1194 1195 dprintf("spymaster pr_fname = <%s>\n", P->psinfo.pr_fname); 1196 dprintf("spymaster pr_psargs = <%s>\n", P->psinfo.pr_psargs); 1197 dprintf("spymaster pr_wstat = 0x%x\n", P->psinfo.pr_wstat); 1198 1199 return (0); 1200 1201 err: 1202 dprintf("Pgrab_core: failed to read NT_SPYMASTER\n"); 1203 return (-1); 1204 } 1205 1206 static int 1207 note_upanic(struct ps_prochandle *P, size_t nbytes) 1208 { 1209 core_info_t *core = P->data; 1210 prupanic_t *pru; 1211 1212 if (core->core_upanic != NULL) 1213 return (0); 1214 1215 if (sizeof (*pru) != nbytes) { 1216 dprintf("Pgrab_core: NT_UPANIC changed size." 1217 " Need to handle a version change?\n"); 1218 return (-1); 1219 } 1220 1221 if (nbytes != 0 && ((pru = malloc(nbytes)) != NULL)) { 1222 if (read(P->asfd, pru, nbytes) != nbytes) { 1223 dprintf("Pgrab_core: failed to read NT_UPANIC\n"); 1224 free(pru); 1225 return (-1); 1226 } 1227 1228 core->core_upanic = pru; 1229 } 1230 1231 return (0); 1232 } 1233 1234 /*ARGSUSED*/ 1235 static int 1236 note_notsup(struct ps_prochandle *P, size_t nbytes) 1237 { 1238 dprintf("skipping unsupported note type of size %ld bytes\n", 1239 (ulong_t)nbytes); 1240 return (0); 1241 } 1242 1243 /* 1244 * Populate a table of function pointers indexed by Note type with our 1245 * functions to process each type of core file note: 1246 */ 1247 static int (*nhdlrs[])(struct ps_prochandle *, size_t) = { 1248 note_notsup, /* 0 unassigned */ 1249 #ifdef __x86 1250 note_linux_prstatus, /* 1 NT_PRSTATUS (old) */ 1251 #else 1252 note_notsup, /* 1 NT_PRSTATUS (old) */ 1253 #endif 1254 note_notsup, /* 2 NT_PRFPREG (old) */ 1255 #ifdef __x86 1256 note_linux_psinfo, /* 3 NT_PRPSINFO (old) */ 1257 #else 1258 note_notsup, /* 3 NT_PRPSINFO (old) */ 1259 #endif 1260 #ifdef __sparc 1261 note_xreg, /* 4 NT_PRXREG */ 1262 #else 1263 note_notsup, /* 4 NT_PRXREG */ 1264 #endif 1265 note_platform, /* 5 NT_PLATFORM */ 1266 note_auxv, /* 6 NT_AUXV */ 1267 #ifdef __sparc 1268 note_gwindows, /* 7 NT_GWINDOWS */ 1269 #ifdef __sparcv9 1270 note_asrs, /* 8 NT_ASRS */ 1271 #else 1272 note_notsup, /* 8 NT_ASRS */ 1273 #endif 1274 #else 1275 note_notsup, /* 7 NT_GWINDOWS */ 1276 note_notsup, /* 8 NT_ASRS */ 1277 #endif 1278 #ifdef __x86 1279 note_ldt, /* 9 NT_LDT */ 1280 #else 1281 note_notsup, /* 9 NT_LDT */ 1282 #endif 1283 note_pstatus, /* 10 NT_PSTATUS */ 1284 note_notsup, /* 11 unassigned */ 1285 note_notsup, /* 12 unassigned */ 1286 note_psinfo, /* 13 NT_PSINFO */ 1287 note_cred, /* 14 NT_PRCRED */ 1288 note_utsname, /* 15 NT_UTSNAME */ 1289 note_lwpstatus, /* 16 NT_LWPSTATUS */ 1290 note_lwpsinfo, /* 17 NT_LWPSINFO */ 1291 note_priv, /* 18 NT_PRPRIV */ 1292 note_priv_info, /* 19 NT_PRPRIVINFO */ 1293 note_content, /* 20 NT_CONTENT */ 1294 note_zonename, /* 21 NT_ZONENAME */ 1295 note_fdinfo, /* 22 NT_FDINFO */ 1296 note_spymaster, /* 23 NT_SPYMASTER */ 1297 note_secflags, /* 24 NT_SECFLAGS */ 1298 note_lwpname, /* 25 NT_LWPNAME */ 1299 note_upanic /* 26 NT_UPANIC */ 1300 }; 1301 1302 static void 1303 core_report_mapping(struct ps_prochandle *P, GElf_Phdr *php) 1304 { 1305 prkillinfo_t killinfo; 1306 siginfo_t *si = &killinfo.prk_info; 1307 char signame[SIG2STR_MAX], sig[64], info[64]; 1308 void *addr = (void *)(uintptr_t)php->p_vaddr; 1309 1310 const char *errfmt = "core file data for mapping at %p not saved: %s\n"; 1311 const char *incfmt = "core file incomplete due to %s%s\n"; 1312 const char *msgfmt = "mappings at and above %p are missing\n"; 1313 1314 if (!(php->p_flags & PF_SUNW_KILLED)) { 1315 int err = 0; 1316 1317 (void) pread64(P->asfd, &err, 1318 sizeof (err), (off64_t)php->p_offset); 1319 1320 Perror_printf(P, errfmt, addr, strerror(err)); 1321 dprintf(errfmt, addr, strerror(err)); 1322 return; 1323 } 1324 1325 if (!(php->p_flags & PF_SUNW_SIGINFO)) 1326 return; 1327 1328 (void) memset(&killinfo, 0, sizeof (killinfo)); 1329 1330 (void) pread64(P->asfd, &killinfo, 1331 sizeof (killinfo), (off64_t)php->p_offset); 1332 1333 /* 1334 * While there is (or at least should be) only one segment that has 1335 * PF_SUNW_SIGINFO set, the signal information there is globally 1336 * useful (even if only to those debugging libproc consumers); we hang 1337 * the signal information gleaned here off of the ps_prochandle. 1338 */ 1339 P->map_missing = php->p_vaddr; 1340 P->killinfo = killinfo.prk_info; 1341 1342 if (sig2str(si->si_signo, signame) == -1) { 1343 (void) snprintf(sig, sizeof (sig), 1344 "<Unknown signal: 0x%x>, ", si->si_signo); 1345 } else { 1346 (void) snprintf(sig, sizeof (sig), "SIG%s, ", signame); 1347 } 1348 1349 if (si->si_code == SI_USER || si->si_code == SI_QUEUE) { 1350 (void) snprintf(info, sizeof (info), 1351 "pid=%d uid=%d zone=%d ctid=%d", 1352 si->si_pid, si->si_uid, si->si_zoneid, si->si_ctid); 1353 } else { 1354 (void) snprintf(info, sizeof (info), 1355 "code=%d", si->si_code); 1356 } 1357 1358 Perror_printf(P, incfmt, sig, info); 1359 Perror_printf(P, msgfmt, addr); 1360 1361 dprintf(incfmt, sig, info); 1362 dprintf(msgfmt, addr); 1363 } 1364 1365 /* 1366 * Add information on the address space mapping described by the given 1367 * PT_LOAD program header. We fill in more information on the mapping later. 1368 */ 1369 static int 1370 core_add_mapping(struct ps_prochandle *P, GElf_Phdr *php) 1371 { 1372 core_info_t *core = P->data; 1373 prmap_t pmap; 1374 1375 dprintf("mapping base %llx filesz %llx memsz %llx offset %llx\n", 1376 (u_longlong_t)php->p_vaddr, (u_longlong_t)php->p_filesz, 1377 (u_longlong_t)php->p_memsz, (u_longlong_t)php->p_offset); 1378 1379 pmap.pr_vaddr = (uintptr_t)php->p_vaddr; 1380 pmap.pr_size = php->p_memsz; 1381 1382 /* 1383 * If Pgcore() or elfcore() fail to write a mapping, they will set 1384 * PF_SUNW_FAILURE in the Phdr and try to stash away the errno for us. 1385 */ 1386 if (php->p_flags & PF_SUNW_FAILURE) { 1387 core_report_mapping(P, php); 1388 } else if (php->p_filesz != 0 && php->p_offset >= core->core_size) { 1389 Perror_printf(P, "core file may be corrupt -- data for mapping " 1390 "at %p is missing\n", (void *)(uintptr_t)php->p_vaddr); 1391 dprintf("core file may be corrupt -- data for mapping " 1392 "at %p is missing\n", (void *)(uintptr_t)php->p_vaddr); 1393 } 1394 1395 /* 1396 * The mapping name and offset will hopefully be filled in 1397 * by the librtld_db agent. Unfortunately, if it isn't a 1398 * shared library mapping, this information is gone forever. 1399 */ 1400 pmap.pr_mapname[0] = '\0'; 1401 pmap.pr_offset = 0; 1402 1403 pmap.pr_mflags = 0; 1404 if (php->p_flags & PF_R) 1405 pmap.pr_mflags |= MA_READ; 1406 if (php->p_flags & PF_W) 1407 pmap.pr_mflags |= MA_WRITE; 1408 if (php->p_flags & PF_X) 1409 pmap.pr_mflags |= MA_EXEC; 1410 1411 if (php->p_filesz == 0) 1412 pmap.pr_mflags |= MA_RESERVED1; 1413 1414 /* 1415 * At the time of adding this mapping, we just zero the pagesize. 1416 * Once we've processed more of the core file, we'll have the 1417 * pagesize from the auxv's AT_PAGESZ element and we can fill this in. 1418 */ 1419 pmap.pr_pagesize = 0; 1420 1421 /* 1422 * Unfortunately whether or not the mapping was a System V 1423 * shared memory segment is lost. We use -1 to mark it as not shm. 1424 */ 1425 pmap.pr_shmid = -1; 1426 1427 return (Padd_mapping(P, php->p_offset, NULL, &pmap)); 1428 } 1429 1430 /* 1431 * Given a virtual address, name the mapping at that address using the 1432 * specified name, and return the map_info_t pointer. 1433 */ 1434 static map_info_t * 1435 core_name_mapping(struct ps_prochandle *P, uintptr_t addr, const char *name) 1436 { 1437 map_info_t *mp = Paddr2mptr(P, addr); 1438 1439 if (mp != NULL) { 1440 (void) strncpy(mp->map_pmap.pr_mapname, name, PRMAPSZ); 1441 mp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 1442 } 1443 1444 return (mp); 1445 } 1446 1447 /* 1448 * libproc uses libelf for all of its symbol table manipulation. This function 1449 * takes a symbol table and string table from a core file and places them 1450 * in a memory backed elf file. 1451 */ 1452 static void 1453 fake_up_symtab(struct ps_prochandle *P, const elf_file_header_t *ehdr, 1454 GElf_Shdr *symtab, GElf_Shdr *strtab) 1455 { 1456 size_t size; 1457 off64_t off, base; 1458 map_info_t *mp; 1459 file_info_t *fp; 1460 Elf_Scn *scn; 1461 Elf_Data *data; 1462 1463 if (symtab->sh_addr == 0 || 1464 (mp = Paddr2mptr(P, symtab->sh_addr)) == NULL || 1465 (fp = mp->map_file) == NULL) { 1466 dprintf("fake_up_symtab: invalid section\n"); 1467 return; 1468 } 1469 1470 if (fp->file_symtab.sym_data_pri != NULL) { 1471 dprintf("Symbol table already loaded (sh_addr 0x%lx)\n", 1472 (long)symtab->sh_addr); 1473 return; 1474 } 1475 1476 if (P->status.pr_dmodel == PR_MODEL_ILP32) { 1477 struct { 1478 Elf32_Ehdr ehdr; 1479 Elf32_Shdr shdr[3]; 1480 char data[1]; 1481 } *b; 1482 1483 base = sizeof (b->ehdr) + sizeof (b->shdr); 1484 size = base + symtab->sh_size + strtab->sh_size; 1485 1486 if ((b = calloc(1, size)) == NULL) 1487 return; 1488 1489 (void) memcpy(b->ehdr.e_ident, ehdr->e_ident, 1490 sizeof (ehdr->e_ident)); 1491 b->ehdr.e_type = ehdr->e_type; 1492 b->ehdr.e_machine = ehdr->e_machine; 1493 b->ehdr.e_version = ehdr->e_version; 1494 b->ehdr.e_flags = ehdr->e_flags; 1495 b->ehdr.e_ehsize = sizeof (b->ehdr); 1496 b->ehdr.e_shoff = sizeof (b->ehdr); 1497 b->ehdr.e_shentsize = sizeof (b->shdr[0]); 1498 b->ehdr.e_shnum = 3; 1499 off = 0; 1500 1501 b->shdr[1].sh_size = symtab->sh_size; 1502 b->shdr[1].sh_type = SHT_SYMTAB; 1503 b->shdr[1].sh_offset = off + base; 1504 b->shdr[1].sh_entsize = sizeof (Elf32_Sym); 1505 b->shdr[1].sh_link = 2; 1506 b->shdr[1].sh_info = symtab->sh_info; 1507 b->shdr[1].sh_addralign = symtab->sh_addralign; 1508 1509 if (pread64(P->asfd, &b->data[off], b->shdr[1].sh_size, 1510 symtab->sh_offset) != b->shdr[1].sh_size) { 1511 dprintf("fake_up_symtab: pread of symtab[1] failed\n"); 1512 free(b); 1513 return; 1514 } 1515 1516 off += b->shdr[1].sh_size; 1517 1518 b->shdr[2].sh_flags = SHF_STRINGS; 1519 b->shdr[2].sh_size = strtab->sh_size; 1520 b->shdr[2].sh_type = SHT_STRTAB; 1521 b->shdr[2].sh_offset = off + base; 1522 b->shdr[2].sh_info = strtab->sh_info; 1523 b->shdr[2].sh_addralign = 1; 1524 1525 if (pread64(P->asfd, &b->data[off], b->shdr[2].sh_size, 1526 strtab->sh_offset) != b->shdr[2].sh_size) { 1527 dprintf("fake_up_symtab: pread of symtab[2] failed\n"); 1528 free(b); 1529 return; 1530 } 1531 1532 off += b->shdr[2].sh_size; 1533 1534 fp->file_symtab.sym_elf = elf_memory((char *)b, size); 1535 if (fp->file_symtab.sym_elf == NULL) { 1536 free(b); 1537 return; 1538 } 1539 1540 fp->file_symtab.sym_elfmem = b; 1541 #ifdef _LP64 1542 } else { 1543 struct { 1544 Elf64_Ehdr ehdr; 1545 Elf64_Shdr shdr[3]; 1546 char data[1]; 1547 } *b; 1548 1549 base = sizeof (b->ehdr) + sizeof (b->shdr); 1550 size = base + symtab->sh_size + strtab->sh_size; 1551 1552 if ((b = calloc(1, size)) == NULL) 1553 return; 1554 1555 (void) memcpy(b->ehdr.e_ident, ehdr->e_ident, 1556 sizeof (ehdr->e_ident)); 1557 b->ehdr.e_type = ehdr->e_type; 1558 b->ehdr.e_machine = ehdr->e_machine; 1559 b->ehdr.e_version = ehdr->e_version; 1560 b->ehdr.e_flags = ehdr->e_flags; 1561 b->ehdr.e_ehsize = sizeof (b->ehdr); 1562 b->ehdr.e_shoff = sizeof (b->ehdr); 1563 b->ehdr.e_shentsize = sizeof (b->shdr[0]); 1564 b->ehdr.e_shnum = 3; 1565 off = 0; 1566 1567 b->shdr[1].sh_size = symtab->sh_size; 1568 b->shdr[1].sh_type = SHT_SYMTAB; 1569 b->shdr[1].sh_offset = off + base; 1570 b->shdr[1].sh_entsize = sizeof (Elf64_Sym); 1571 b->shdr[1].sh_link = 2; 1572 b->shdr[1].sh_info = symtab->sh_info; 1573 b->shdr[1].sh_addralign = symtab->sh_addralign; 1574 1575 if (pread64(P->asfd, &b->data[off], b->shdr[1].sh_size, 1576 symtab->sh_offset) != b->shdr[1].sh_size) { 1577 free(b); 1578 return; 1579 } 1580 1581 off += b->shdr[1].sh_size; 1582 1583 b->shdr[2].sh_flags = SHF_STRINGS; 1584 b->shdr[2].sh_size = strtab->sh_size; 1585 b->shdr[2].sh_type = SHT_STRTAB; 1586 b->shdr[2].sh_offset = off + base; 1587 b->shdr[2].sh_info = strtab->sh_info; 1588 b->shdr[2].sh_addralign = 1; 1589 1590 if (pread64(P->asfd, &b->data[off], b->shdr[2].sh_size, 1591 strtab->sh_offset) != b->shdr[2].sh_size) { 1592 free(b); 1593 return; 1594 } 1595 1596 off += b->shdr[2].sh_size; 1597 1598 fp->file_symtab.sym_elf = elf_memory((char *)b, size); 1599 if (fp->file_symtab.sym_elf == NULL) { 1600 free(b); 1601 return; 1602 } 1603 1604 fp->file_symtab.sym_elfmem = b; 1605 #endif 1606 } 1607 1608 if ((scn = elf_getscn(fp->file_symtab.sym_elf, 1)) == NULL || 1609 (fp->file_symtab.sym_data_pri = elf_getdata(scn, NULL)) == NULL || 1610 (scn = elf_getscn(fp->file_symtab.sym_elf, 2)) == NULL || 1611 (data = elf_getdata(scn, NULL)) == NULL) { 1612 dprintf("fake_up_symtab: failed to get section data at %p\n", 1613 (void *)scn); 1614 goto err; 1615 } 1616 1617 fp->file_symtab.sym_strs = data->d_buf; 1618 fp->file_symtab.sym_strsz = data->d_size; 1619 fp->file_symtab.sym_symn = symtab->sh_size / symtab->sh_entsize; 1620 fp->file_symtab.sym_hdr_pri = *symtab; 1621 fp->file_symtab.sym_strhdr = *strtab; 1622 1623 optimize_symtab(&fp->file_symtab); 1624 1625 return; 1626 err: 1627 (void) elf_end(fp->file_symtab.sym_elf); 1628 free(fp->file_symtab.sym_elfmem); 1629 fp->file_symtab.sym_elf = NULL; 1630 fp->file_symtab.sym_elfmem = NULL; 1631 } 1632 1633 static void 1634 core_phdr_to_gelf(const Elf32_Phdr *src, GElf_Phdr *dst) 1635 { 1636 dst->p_type = src->p_type; 1637 dst->p_flags = src->p_flags; 1638 dst->p_offset = (Elf64_Off)src->p_offset; 1639 dst->p_vaddr = (Elf64_Addr)src->p_vaddr; 1640 dst->p_paddr = (Elf64_Addr)src->p_paddr; 1641 dst->p_filesz = (Elf64_Xword)src->p_filesz; 1642 dst->p_memsz = (Elf64_Xword)src->p_memsz; 1643 dst->p_align = (Elf64_Xword)src->p_align; 1644 } 1645 1646 static void 1647 core_shdr_to_gelf(const Elf32_Shdr *src, GElf_Shdr *dst) 1648 { 1649 dst->sh_name = src->sh_name; 1650 dst->sh_type = src->sh_type; 1651 dst->sh_flags = (Elf64_Xword)src->sh_flags; 1652 dst->sh_addr = (Elf64_Addr)src->sh_addr; 1653 dst->sh_offset = (Elf64_Off)src->sh_offset; 1654 dst->sh_size = (Elf64_Xword)src->sh_size; 1655 dst->sh_link = src->sh_link; 1656 dst->sh_info = src->sh_info; 1657 dst->sh_addralign = (Elf64_Xword)src->sh_addralign; 1658 dst->sh_entsize = (Elf64_Xword)src->sh_entsize; 1659 } 1660 1661 /* 1662 * Perform elf_begin on efp->e_fd and verify the ELF file's type and class. 1663 */ 1664 static int 1665 core_elf_fdopen(elf_file_t *efp, GElf_Half type, int *perr) 1666 { 1667 #ifdef _BIG_ENDIAN 1668 uchar_t order = ELFDATA2MSB; 1669 #else 1670 uchar_t order = ELFDATA2LSB; 1671 #endif 1672 Elf32_Ehdr e32; 1673 int is_noelf = -1; 1674 int isa_err = 0; 1675 1676 /* 1677 * Because 32-bit libelf cannot deal with large files, we need to read, 1678 * check, and convert the file header manually in case type == ET_CORE. 1679 */ 1680 if (pread64(efp->e_fd, &e32, sizeof (e32), 0) != sizeof (e32)) { 1681 if (perr != NULL) 1682 *perr = G_FORMAT; 1683 goto err; 1684 } 1685 if ((is_noelf = memcmp(&e32.e_ident[EI_MAG0], ELFMAG, SELFMAG)) != 0 || 1686 e32.e_type != type || (isa_err = (e32.e_ident[EI_DATA] != order)) || 1687 e32.e_version != EV_CURRENT) { 1688 if (perr != NULL) { 1689 if (is_noelf == 0 && isa_err) { 1690 *perr = G_ISAINVAL; 1691 } else { 1692 *perr = G_FORMAT; 1693 } 1694 } 1695 goto err; 1696 } 1697 1698 /* 1699 * If the file is 64-bit and we are 32-bit, fail with G_LP64. If the 1700 * file is 64-bit and we are 64-bit, re-read the header as a Elf64_Ehdr, 1701 * and convert it to a elf_file_header_t. Otherwise, the file is 1702 * 32-bit, so convert e32 to a elf_file_header_t. 1703 */ 1704 if (e32.e_ident[EI_CLASS] == ELFCLASS64) { 1705 #ifdef _LP64 1706 Elf64_Ehdr e64; 1707 1708 if (pread64(efp->e_fd, &e64, sizeof (e64), 0) != sizeof (e64)) { 1709 if (perr != NULL) 1710 *perr = G_FORMAT; 1711 goto err; 1712 } 1713 1714 (void) memcpy(efp->e_hdr.e_ident, e64.e_ident, EI_NIDENT); 1715 efp->e_hdr.e_type = e64.e_type; 1716 efp->e_hdr.e_machine = e64.e_machine; 1717 efp->e_hdr.e_version = e64.e_version; 1718 efp->e_hdr.e_entry = e64.e_entry; 1719 efp->e_hdr.e_phoff = e64.e_phoff; 1720 efp->e_hdr.e_shoff = e64.e_shoff; 1721 efp->e_hdr.e_flags = e64.e_flags; 1722 efp->e_hdr.e_ehsize = e64.e_ehsize; 1723 efp->e_hdr.e_phentsize = e64.e_phentsize; 1724 efp->e_hdr.e_phnum = (Elf64_Word)e64.e_phnum; 1725 efp->e_hdr.e_shentsize = e64.e_shentsize; 1726 efp->e_hdr.e_shnum = (Elf64_Word)e64.e_shnum; 1727 efp->e_hdr.e_shstrndx = (Elf64_Word)e64.e_shstrndx; 1728 #else /* _LP64 */ 1729 if (perr != NULL) 1730 *perr = G_LP64; 1731 goto err; 1732 #endif /* _LP64 */ 1733 } else { 1734 (void) memcpy(efp->e_hdr.e_ident, e32.e_ident, EI_NIDENT); 1735 efp->e_hdr.e_type = e32.e_type; 1736 efp->e_hdr.e_machine = e32.e_machine; 1737 efp->e_hdr.e_version = e32.e_version; 1738 efp->e_hdr.e_entry = (Elf64_Addr)e32.e_entry; 1739 efp->e_hdr.e_phoff = (Elf64_Off)e32.e_phoff; 1740 efp->e_hdr.e_shoff = (Elf64_Off)e32.e_shoff; 1741 efp->e_hdr.e_flags = e32.e_flags; 1742 efp->e_hdr.e_ehsize = e32.e_ehsize; 1743 efp->e_hdr.e_phentsize = e32.e_phentsize; 1744 efp->e_hdr.e_phnum = (Elf64_Word)e32.e_phnum; 1745 efp->e_hdr.e_shentsize = e32.e_shentsize; 1746 efp->e_hdr.e_shnum = (Elf64_Word)e32.e_shnum; 1747 efp->e_hdr.e_shstrndx = (Elf64_Word)e32.e_shstrndx; 1748 } 1749 1750 /* 1751 * If the number of section headers or program headers or the section 1752 * header string table index would overflow their respective fields 1753 * in the ELF header, they're stored in the section header at index 1754 * zero. To simplify use elsewhere, we look for those sentinel values 1755 * here. 1756 */ 1757 if ((efp->e_hdr.e_shnum == 0 && efp->e_hdr.e_shoff != 0) || 1758 efp->e_hdr.e_shstrndx == SHN_XINDEX || 1759 efp->e_hdr.e_phnum == PN_XNUM) { 1760 GElf_Shdr shdr; 1761 1762 dprintf("extended ELF header\n"); 1763 1764 if (efp->e_hdr.e_shoff == 0) { 1765 if (perr != NULL) 1766 *perr = G_FORMAT; 1767 goto err; 1768 } 1769 1770 if (efp->e_hdr.e_ident[EI_CLASS] == ELFCLASS32) { 1771 Elf32_Shdr shdr32; 1772 1773 if (pread64(efp->e_fd, &shdr32, sizeof (shdr32), 1774 efp->e_hdr.e_shoff) != sizeof (shdr32)) { 1775 if (perr != NULL) 1776 *perr = G_FORMAT; 1777 goto err; 1778 } 1779 1780 core_shdr_to_gelf(&shdr32, &shdr); 1781 } else { 1782 if (pread64(efp->e_fd, &shdr, sizeof (shdr), 1783 efp->e_hdr.e_shoff) != sizeof (shdr)) { 1784 if (perr != NULL) 1785 *perr = G_FORMAT; 1786 goto err; 1787 } 1788 } 1789 1790 if (efp->e_hdr.e_shnum == 0) { 1791 efp->e_hdr.e_shnum = shdr.sh_size; 1792 dprintf("section header count %lu\n", 1793 (ulong_t)shdr.sh_size); 1794 } 1795 1796 if (efp->e_hdr.e_shstrndx == SHN_XINDEX) { 1797 efp->e_hdr.e_shstrndx = shdr.sh_link; 1798 dprintf("section string index %u\n", shdr.sh_link); 1799 } 1800 1801 if (efp->e_hdr.e_phnum == PN_XNUM && shdr.sh_info != 0) { 1802 efp->e_hdr.e_phnum = shdr.sh_info; 1803 dprintf("program header count %u\n", shdr.sh_info); 1804 } 1805 1806 } else if (efp->e_hdr.e_phoff != 0) { 1807 GElf_Phdr phdr; 1808 uint64_t phnum; 1809 1810 /* 1811 * It's possible this core file came from a system that 1812 * accidentally truncated the e_phnum field without correctly 1813 * using the extended format in the section header at index 1814 * zero. We try to detect and correct that specific type of 1815 * corruption by using the knowledge that the core dump 1816 * routines usually place the data referenced by the first 1817 * program header immediately after the last header element. 1818 */ 1819 if (efp->e_hdr.e_ident[EI_CLASS] == ELFCLASS32) { 1820 Elf32_Phdr phdr32; 1821 1822 if (pread64(efp->e_fd, &phdr32, sizeof (phdr32), 1823 efp->e_hdr.e_phoff) != sizeof (phdr32)) { 1824 if (perr != NULL) 1825 *perr = G_FORMAT; 1826 goto err; 1827 } 1828 1829 core_phdr_to_gelf(&phdr32, &phdr); 1830 } else { 1831 if (pread64(efp->e_fd, &phdr, sizeof (phdr), 1832 efp->e_hdr.e_phoff) != sizeof (phdr)) { 1833 if (perr != NULL) 1834 *perr = G_FORMAT; 1835 goto err; 1836 } 1837 } 1838 1839 phnum = phdr.p_offset - efp->e_hdr.e_ehsize - 1840 (uint64_t)efp->e_hdr.e_shnum * efp->e_hdr.e_shentsize; 1841 phnum /= efp->e_hdr.e_phentsize; 1842 1843 if (phdr.p_offset != 0 && phnum != efp->e_hdr.e_phnum) { 1844 dprintf("suspicious program header count %u %u\n", 1845 (uint_t)phnum, efp->e_hdr.e_phnum); 1846 1847 /* 1848 * If the new program header count we computed doesn't 1849 * jive with count in the ELF header, we'll use the 1850 * data that's there and hope for the best. 1851 * 1852 * If it does, it's also possible that the section 1853 * header offset is incorrect; we'll check that and 1854 * possibly try to fix it. 1855 */ 1856 if (phnum <= INT_MAX && 1857 (uint16_t)phnum == efp->e_hdr.e_phnum) { 1858 1859 if (efp->e_hdr.e_shoff == efp->e_hdr.e_phoff + 1860 efp->e_hdr.e_phentsize * 1861 (uint_t)efp->e_hdr.e_phnum) { 1862 efp->e_hdr.e_shoff = 1863 efp->e_hdr.e_phoff + 1864 efp->e_hdr.e_phentsize * phnum; 1865 } 1866 1867 efp->e_hdr.e_phnum = (Elf64_Word)phnum; 1868 dprintf("using new program header count\n"); 1869 } else { 1870 dprintf("inconsistent program header count\n"); 1871 } 1872 } 1873 } 1874 1875 /* 1876 * The libelf implementation was never ported to be large-file aware. 1877 * This is typically not a problem for your average executable or 1878 * shared library, but a large 32-bit core file can exceed 2GB in size. 1879 * So if type is ET_CORE, we don't bother doing elf_begin; the code 1880 * in Pfgrab_core() below will do its own i/o and struct conversion. 1881 */ 1882 1883 if (type == ET_CORE) { 1884 efp->e_elf = NULL; 1885 return (0); 1886 } 1887 1888 if ((efp->e_elf = elf_begin(efp->e_fd, ELF_C_READ, NULL)) == NULL) { 1889 if (perr != NULL) 1890 *perr = G_ELF; 1891 goto err; 1892 } 1893 1894 return (0); 1895 1896 err: 1897 efp->e_elf = NULL; 1898 return (-1); 1899 } 1900 1901 /* 1902 * Open the specified file and then do a core_elf_fdopen on it. 1903 */ 1904 static int 1905 core_elf_open(elf_file_t *efp, const char *path, GElf_Half type, int *perr) 1906 { 1907 (void) memset(efp, 0, sizeof (elf_file_t)); 1908 1909 if ((efp->e_fd = open64(path, O_RDONLY)) >= 0) { 1910 if (core_elf_fdopen(efp, type, perr) == 0) 1911 return (0); 1912 1913 (void) close(efp->e_fd); 1914 efp->e_fd = -1; 1915 } 1916 1917 return (-1); 1918 } 1919 1920 /* 1921 * Close the ELF handle and file descriptor. 1922 */ 1923 static void 1924 core_elf_close(elf_file_t *efp) 1925 { 1926 if (efp->e_elf != NULL) { 1927 (void) elf_end(efp->e_elf); 1928 efp->e_elf = NULL; 1929 } 1930 1931 if (efp->e_fd != -1) { 1932 (void) close(efp->e_fd); 1933 efp->e_fd = -1; 1934 } 1935 } 1936 1937 /* 1938 * Given an ELF file for a statically linked executable, locate the likely 1939 * primary text section and fill in rl_base with its virtual address. 1940 */ 1941 static map_info_t * 1942 core_find_text(struct ps_prochandle *P, Elf *elf, rd_loadobj_t *rlp) 1943 { 1944 GElf_Phdr phdr; 1945 uint_t i; 1946 size_t nphdrs; 1947 1948 if (elf_getphdrnum(elf, &nphdrs) == -1) 1949 return (NULL); 1950 1951 for (i = 0; i < nphdrs; i++) { 1952 if (gelf_getphdr(elf, i, &phdr) != NULL && 1953 phdr.p_type == PT_LOAD && (phdr.p_flags & PF_X)) { 1954 rlp->rl_base = phdr.p_vaddr; 1955 return (Paddr2mptr(P, rlp->rl_base)); 1956 } 1957 } 1958 1959 return (NULL); 1960 } 1961 1962 /* 1963 * Given an ELF file and the librtld_db structure corresponding to its primary 1964 * text mapping, deduce where its data segment was loaded and fill in 1965 * rl_data_base and prmap_t.pr_offset accordingly. 1966 */ 1967 static map_info_t * 1968 core_find_data(struct ps_prochandle *P, Elf *elf, rd_loadobj_t *rlp) 1969 { 1970 GElf_Ehdr ehdr; 1971 GElf_Phdr phdr; 1972 map_info_t *mp; 1973 uint_t i, pagemask; 1974 size_t nphdrs; 1975 1976 rlp->rl_data_base = (uintptr_t)NULL; 1977 1978 /* 1979 * Find the first loadable, writeable Phdr and compute rl_data_base 1980 * as the virtual address at which is was loaded. 1981 */ 1982 if (gelf_getehdr(elf, &ehdr) == NULL || 1983 elf_getphdrnum(elf, &nphdrs) == -1) 1984 return (NULL); 1985 1986 for (i = 0; i < nphdrs; i++) { 1987 if (gelf_getphdr(elf, i, &phdr) != NULL && 1988 phdr.p_type == PT_LOAD && (phdr.p_flags & PF_W)) { 1989 rlp->rl_data_base = phdr.p_vaddr; 1990 if (ehdr.e_type == ET_DYN) 1991 rlp->rl_data_base += rlp->rl_base; 1992 break; 1993 } 1994 } 1995 1996 /* 1997 * If we didn't find an appropriate phdr or if the address we 1998 * computed has no mapping, return NULL. 1999 */ 2000 if (rlp->rl_data_base == (uintptr_t)NULL || 2001 (mp = Paddr2mptr(P, rlp->rl_data_base)) == NULL) 2002 return (NULL); 2003 2004 /* 2005 * It wouldn't be procfs-related code if we didn't make use of 2006 * unclean knowledge of segvn, even in userland ... the prmap_t's 2007 * pr_offset field will be the segvn offset from mmap(2)ing the 2008 * data section, which will be the file offset & PAGEMASK. 2009 */ 2010 pagemask = ~(mp->map_pmap.pr_pagesize - 1); 2011 mp->map_pmap.pr_offset = phdr.p_offset & pagemask; 2012 2013 return (mp); 2014 } 2015 2016 /* 2017 * Librtld_db agent callback for iterating over load object mappings. 2018 * For each load object, we allocate a new file_info_t, perform naming, 2019 * and attempt to construct a symbol table for the load object. 2020 */ 2021 static int 2022 core_iter_mapping(const rd_loadobj_t *rlp, struct ps_prochandle *P) 2023 { 2024 core_info_t *core = P->data; 2025 char lname[PATH_MAX], buf[PATH_MAX]; 2026 file_info_t *fp; 2027 map_info_t *mp; 2028 2029 if (Pread_string(P, lname, PATH_MAX, (off_t)rlp->rl_nameaddr) <= 0) { 2030 dprintf("failed to read name %p\n", (void *)rlp->rl_nameaddr); 2031 return (1); /* Keep going; forget this if we can't get a name */ 2032 } 2033 2034 dprintf("rd_loadobj name = \"%s\" rl_base = %p\n", 2035 lname, (void *)rlp->rl_base); 2036 2037 if ((mp = Paddr2mptr(P, rlp->rl_base)) == NULL) { 2038 dprintf("no mapping for %p\n", (void *)rlp->rl_base); 2039 return (1); /* No mapping; advance to next mapping */ 2040 } 2041 2042 /* 2043 * Create a new file_info_t for this mapping, and therefore for 2044 * this load object. 2045 * 2046 * If there's an ELF header at the beginning of this mapping, 2047 * file_info_new() will try to use its section headers to 2048 * identify any other mappings that belong to this load object. 2049 */ 2050 if ((fp = mp->map_file) == NULL && 2051 (fp = file_info_new(P, mp)) == NULL) { 2052 core->core_errno = errno; 2053 dprintf("failed to malloc mapping data\n"); 2054 return (0); /* Abort */ 2055 } 2056 fp->file_map = mp; 2057 2058 /* Create a local copy of the load object representation */ 2059 if ((fp->file_lo = calloc(1, sizeof (rd_loadobj_t))) == NULL) { 2060 core->core_errno = errno; 2061 dprintf("failed to malloc mapping data\n"); 2062 return (0); /* Abort */ 2063 } 2064 *fp->file_lo = *rlp; 2065 2066 if (lname[0] != '\0') { 2067 /* 2068 * Naming dance part 1: if we got a name from librtld_db, then 2069 * copy this name to the prmap_t if it is unnamed. If the 2070 * file_info_t is unnamed, name it after the lname. 2071 */ 2072 if (mp->map_pmap.pr_mapname[0] == '\0') { 2073 (void) strncpy(mp->map_pmap.pr_mapname, lname, PRMAPSZ); 2074 mp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 2075 } 2076 2077 if (fp->file_lname == NULL) 2078 fp->file_lname = strdup(lname); 2079 2080 } else if (fp->file_lname == NULL && 2081 mp->map_pmap.pr_mapname[0] != '\0') { 2082 /* 2083 * Naming dance part 2: if the mapping is named and the 2084 * file_info_t is not, name the file after the mapping. 2085 */ 2086 fp->file_lname = strdup(mp->map_pmap.pr_mapname); 2087 } 2088 2089 if ((fp->file_rname == NULL) && 2090 (Pfindmap(P, mp, buf, sizeof (buf)) != NULL)) 2091 fp->file_rname = strdup(buf); 2092 2093 if (fp->file_lname != NULL) 2094 fp->file_lbase = basename(fp->file_lname); 2095 if (fp->file_rname != NULL) 2096 fp->file_rbase = basename(fp->file_rname); 2097 2098 /* Associate the file and the mapping. */ 2099 (void) strncpy(fp->file_pname, mp->map_pmap.pr_mapname, PRMAPSZ); 2100 fp->file_pname[PRMAPSZ - 1] = '\0'; 2101 2102 /* 2103 * If no section headers were available then we'll have to 2104 * identify this load object's other mappings with what we've 2105 * got: the start and end of the object's corresponding 2106 * address space. 2107 */ 2108 if (fp->file_saddrs == NULL) { 2109 for (mp = fp->file_map + 1; mp < P->mappings + P->map_count && 2110 mp->map_pmap.pr_vaddr < rlp->rl_bend; mp++) { 2111 2112 if (mp->map_file == NULL) { 2113 dprintf("core_iter_mapping %s: associating " 2114 "segment at %p\n", 2115 fp->file_pname, 2116 (void *)mp->map_pmap.pr_vaddr); 2117 mp->map_file = fp; 2118 fp->file_ref++; 2119 } else { 2120 dprintf("core_iter_mapping %s: segment at " 2121 "%p already associated with %s\n", 2122 fp->file_pname, 2123 (void *)mp->map_pmap.pr_vaddr, 2124 (mp == fp->file_map ? "this file" : 2125 mp->map_file->file_pname)); 2126 } 2127 } 2128 } 2129 2130 /* Ensure that all this file's mappings are named. */ 2131 for (mp = fp->file_map; mp < P->mappings + P->map_count && 2132 mp->map_file == fp; mp++) { 2133 if (mp->map_pmap.pr_mapname[0] == '\0' && 2134 !(mp->map_pmap.pr_mflags & MA_BREAK)) { 2135 (void) strncpy(mp->map_pmap.pr_mapname, fp->file_pname, 2136 PRMAPSZ); 2137 mp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 2138 } 2139 } 2140 2141 /* Attempt to build a symbol table for this file. */ 2142 Pbuild_file_symtab(P, fp); 2143 if (fp->file_elf == NULL) 2144 dprintf("core_iter_mapping: no symtab for %s\n", 2145 fp->file_pname); 2146 2147 /* Locate the start of a data segment associated with this file. */ 2148 if ((mp = core_find_data(P, fp->file_elf, fp->file_lo)) != NULL) { 2149 dprintf("found data for %s at %p (pr_offset 0x%llx)\n", 2150 fp->file_pname, (void *)fp->file_lo->rl_data_base, 2151 mp->map_pmap.pr_offset); 2152 } else { 2153 dprintf("core_iter_mapping: no data found for %s\n", 2154 fp->file_pname); 2155 } 2156 2157 return (1); /* Advance to next mapping */ 2158 } 2159 2160 /* 2161 * Callback function for Pfindexec(). In order to confirm a given pathname, 2162 * we verify that we can open it as an ELF file of type ET_EXEC or ET_DYN. 2163 */ 2164 static int 2165 core_exec_open(const char *path, void *efp) 2166 { 2167 if (core_elf_open(efp, path, ET_EXEC, NULL) == 0) 2168 return (1); 2169 if (core_elf_open(efp, path, ET_DYN, NULL) == 0) 2170 return (1); 2171 return (0); 2172 } 2173 2174 /* 2175 * Attempt to load any section headers found in the core file. If present, 2176 * this will refer to non-loadable data added to the core file by the kernel 2177 * based on coreadm(1M) settings, including CTF data and the symbol table. 2178 */ 2179 static void 2180 core_load_shdrs(struct ps_prochandle *P, elf_file_t *efp) 2181 { 2182 GElf_Shdr *shp, *shdrs = NULL; 2183 char *shstrtab = NULL; 2184 ulong_t shstrtabsz; 2185 const char *name; 2186 map_info_t *mp; 2187 2188 size_t nbytes; 2189 void *buf; 2190 int i; 2191 2192 if (efp->e_hdr.e_shstrndx >= efp->e_hdr.e_shnum) { 2193 dprintf("corrupt shstrndx (%u) exceeds shnum (%u)\n", 2194 efp->e_hdr.e_shstrndx, efp->e_hdr.e_shnum); 2195 return; 2196 } 2197 2198 /* 2199 * Read the section header table from the core file and then iterate 2200 * over the section headers, converting each to a GElf_Shdr. 2201 */ 2202 if ((shdrs = malloc(efp->e_hdr.e_shnum * sizeof (GElf_Shdr))) == NULL) { 2203 dprintf("failed to malloc %u section headers: %s\n", 2204 (uint_t)efp->e_hdr.e_shnum, strerror(errno)); 2205 return; 2206 } 2207 2208 nbytes = efp->e_hdr.e_shnum * efp->e_hdr.e_shentsize; 2209 if ((buf = malloc(nbytes)) == NULL) { 2210 dprintf("failed to malloc %d bytes: %s\n", (int)nbytes, 2211 strerror(errno)); 2212 free(shdrs); 2213 goto out; 2214 } 2215 2216 if (pread64(efp->e_fd, buf, nbytes, efp->e_hdr.e_shoff) != nbytes) { 2217 dprintf("failed to read section headers at off %lld: %s\n", 2218 (longlong_t)efp->e_hdr.e_shoff, strerror(errno)); 2219 free(buf); 2220 goto out; 2221 } 2222 2223 for (i = 0; i < efp->e_hdr.e_shnum; i++) { 2224 void *p = (uchar_t *)buf + efp->e_hdr.e_shentsize * i; 2225 2226 if (efp->e_hdr.e_ident[EI_CLASS] == ELFCLASS32) 2227 core_shdr_to_gelf(p, &shdrs[i]); 2228 else 2229 (void) memcpy(&shdrs[i], p, sizeof (GElf_Shdr)); 2230 } 2231 2232 free(buf); 2233 buf = NULL; 2234 2235 /* 2236 * Read the .shstrtab section from the core file, terminating it with 2237 * an extra \0 so that a corrupt section will not cause us to die. 2238 */ 2239 shp = &shdrs[efp->e_hdr.e_shstrndx]; 2240 shstrtabsz = shp->sh_size; 2241 2242 if ((shstrtab = malloc(shstrtabsz + 1)) == NULL) { 2243 dprintf("failed to allocate %lu bytes for shstrtab\n", 2244 (ulong_t)shstrtabsz); 2245 goto out; 2246 } 2247 2248 if (pread64(efp->e_fd, shstrtab, shstrtabsz, 2249 shp->sh_offset) != shstrtabsz) { 2250 dprintf("failed to read %lu bytes of shstrs at off %lld: %s\n", 2251 shstrtabsz, (longlong_t)shp->sh_offset, strerror(errno)); 2252 goto out; 2253 } 2254 2255 shstrtab[shstrtabsz] = '\0'; 2256 2257 /* 2258 * Now iterate over each section in the section header table, locating 2259 * sections of interest and initializing more of the ps_prochandle. 2260 */ 2261 for (i = 0; i < efp->e_hdr.e_shnum; i++) { 2262 shp = &shdrs[i]; 2263 name = shstrtab + shp->sh_name; 2264 2265 if (shp->sh_name >= shstrtabsz) { 2266 dprintf("skipping section [%d]: corrupt sh_name\n", i); 2267 continue; 2268 } 2269 2270 if (shp->sh_link >= efp->e_hdr.e_shnum) { 2271 dprintf("skipping section [%d]: corrupt sh_link\n", i); 2272 continue; 2273 } 2274 2275 dprintf("found section header %s (sh_addr 0x%llx)\n", 2276 name, (u_longlong_t)shp->sh_addr); 2277 2278 if (strcmp(name, ".SUNW_ctf") == 0) { 2279 if ((mp = Paddr2mptr(P, shp->sh_addr)) == NULL) { 2280 dprintf("no map at addr 0x%llx for %s [%d]\n", 2281 (u_longlong_t)shp->sh_addr, name, i); 2282 continue; 2283 } 2284 2285 if (mp->map_file == NULL || 2286 mp->map_file->file_ctf_buf != NULL) { 2287 dprintf("no mapping file or duplicate buffer " 2288 "for %s [%d]\n", name, i); 2289 continue; 2290 } 2291 2292 if ((buf = malloc(shp->sh_size)) == NULL || 2293 pread64(efp->e_fd, buf, shp->sh_size, 2294 shp->sh_offset) != shp->sh_size) { 2295 dprintf("skipping section %s [%d]: %s\n", 2296 name, i, strerror(errno)); 2297 free(buf); 2298 continue; 2299 } 2300 2301 mp->map_file->file_ctf_size = shp->sh_size; 2302 mp->map_file->file_ctf_buf = buf; 2303 2304 if (shdrs[shp->sh_link].sh_type == SHT_DYNSYM) 2305 mp->map_file->file_ctf_dyn = 1; 2306 2307 } else if (strcmp(name, ".symtab") == 0) { 2308 fake_up_symtab(P, &efp->e_hdr, 2309 shp, &shdrs[shp->sh_link]); 2310 } 2311 } 2312 out: 2313 free(shstrtab); 2314 free(shdrs); 2315 } 2316 2317 /* 2318 * Main engine for core file initialization: given an fd for the core file 2319 * and an optional pathname, construct the ps_prochandle. The aout_path can 2320 * either be a suggested executable pathname, or a suggested directory to 2321 * use as a possible current working directory. 2322 */ 2323 struct ps_prochandle * 2324 Pfgrab_core(int core_fd, const char *aout_path, int *perr) 2325 { 2326 struct ps_prochandle *P; 2327 core_info_t *core_info; 2328 map_info_t *stk_mp, *brk_mp; 2329 const char *execname; 2330 char *interp; 2331 int i, notes, pagesize; 2332 uintptr_t addr, base_addr; 2333 struct stat64 stbuf; 2334 void *phbuf, *php; 2335 size_t nbytes; 2336 #ifdef __x86 2337 boolean_t from_linux = B_FALSE; 2338 #endif 2339 2340 elf_file_t aout; 2341 elf_file_t core; 2342 2343 Elf_Scn *scn, *intp_scn = NULL; 2344 Elf_Data *dp; 2345 2346 GElf_Phdr phdr, note_phdr; 2347 GElf_Shdr shdr; 2348 GElf_Xword nleft; 2349 2350 if (elf_version(EV_CURRENT) == EV_NONE) { 2351 dprintf("libproc ELF version is more recent than libelf\n"); 2352 *perr = G_ELF; 2353 return (NULL); 2354 } 2355 2356 aout.e_elf = NULL; 2357 aout.e_fd = -1; 2358 2359 core.e_elf = NULL; 2360 core.e_fd = core_fd; 2361 2362 /* 2363 * Allocate and initialize a ps_prochandle structure for the core. 2364 * There are several key pieces of initialization here: 2365 * 2366 * 1. The PS_DEAD state flag marks this prochandle as a core file. 2367 * PS_DEAD also thus prevents all operations which require state 2368 * to be PS_STOP from operating on this handle. 2369 * 2370 * 2. We keep the core file fd in P->asfd since the core file contains 2371 * the remnants of the process address space. 2372 * 2373 * 3. We set the P->info_valid bit because all information about the 2374 * core is determined by the end of this function; there is no need 2375 * for proc_update_maps() to reload mappings at any later point. 2376 * 2377 * 4. The read/write ops vector uses our core_rw() function defined 2378 * above to handle i/o requests. 2379 */ 2380 if ((P = malloc(sizeof (struct ps_prochandle))) == NULL) { 2381 *perr = G_STRANGE; 2382 return (NULL); 2383 } 2384 2385 (void) memset(P, 0, sizeof (struct ps_prochandle)); 2386 (void) mutex_init(&P->proc_lock, USYNC_THREAD, NULL); 2387 P->state = PS_DEAD; 2388 P->pid = (pid_t)-1; 2389 P->asfd = core.e_fd; 2390 P->ctlfd = -1; 2391 P->statfd = -1; 2392 P->agentctlfd = -1; 2393 P->agentstatfd = -1; 2394 P->zoneroot = NULL; 2395 P->info_valid = 1; 2396 Pinit_ops(&P->ops, &P_core_ops); 2397 2398 Pinitsym(P); 2399 2400 /* 2401 * Fstat and open the core file and make sure it is a valid ELF core. 2402 */ 2403 if (fstat64(P->asfd, &stbuf) == -1) { 2404 *perr = G_STRANGE; 2405 goto err; 2406 } 2407 2408 if (core_elf_fdopen(&core, ET_CORE, perr) == -1) 2409 goto err; 2410 2411 /* 2412 * Allocate and initialize a core_info_t to hang off the ps_prochandle 2413 * structure. We keep all core-specific information in this structure. 2414 */ 2415 if ((core_info = calloc(1, sizeof (core_info_t))) == NULL) { 2416 *perr = G_STRANGE; 2417 goto err; 2418 } 2419 2420 P->data = core_info; 2421 list_link(&core_info->core_lwp_head, NULL); 2422 core_info->core_size = stbuf.st_size; 2423 /* 2424 * In the days before adjustable core file content, this was the 2425 * default core file content. For new core files, this value will 2426 * be overwritten by the NT_CONTENT note section. 2427 */ 2428 core_info->core_content = CC_CONTENT_STACK | CC_CONTENT_HEAP | 2429 CC_CONTENT_DATA | CC_CONTENT_RODATA | CC_CONTENT_ANON | 2430 CC_CONTENT_SHANON; 2431 2432 switch (core.e_hdr.e_ident[EI_CLASS]) { 2433 case ELFCLASS32: 2434 core_info->core_dmodel = PR_MODEL_ILP32; 2435 break; 2436 case ELFCLASS64: 2437 core_info->core_dmodel = PR_MODEL_LP64; 2438 break; 2439 default: 2440 *perr = G_FORMAT; 2441 goto err; 2442 } 2443 core_info->core_osabi = core.e_hdr.e_ident[EI_OSABI]; 2444 2445 /* 2446 * Because the core file may be a large file, we can't use libelf to 2447 * read the Phdrs. We use e_phnum and e_phentsize to simplify things. 2448 */ 2449 nbytes = core.e_hdr.e_phnum * core.e_hdr.e_phentsize; 2450 2451 if ((phbuf = malloc(nbytes)) == NULL) { 2452 *perr = G_STRANGE; 2453 goto err; 2454 } 2455 2456 if (pread64(core_fd, phbuf, nbytes, core.e_hdr.e_phoff) != nbytes) { 2457 *perr = G_STRANGE; 2458 free(phbuf); 2459 goto err; 2460 } 2461 2462 /* 2463 * Iterate through the program headers in the core file. 2464 * We're interested in two types of Phdrs: PT_NOTE (which 2465 * contains a set of saved /proc structures), and PT_LOAD (which 2466 * represents a memory mapping from the process's address space). 2467 * In the case of PT_NOTE, we're interested in the last PT_NOTE 2468 * in the core file; currently the first PT_NOTE (if present) 2469 * contains /proc structs in the pre-2.6 unstructured /proc format. 2470 */ 2471 for (php = phbuf, notes = 0, i = 0; i < core.e_hdr.e_phnum; i++) { 2472 if (core.e_hdr.e_ident[EI_CLASS] == ELFCLASS64) 2473 (void) memcpy(&phdr, php, sizeof (GElf_Phdr)); 2474 else 2475 core_phdr_to_gelf(php, &phdr); 2476 2477 switch (phdr.p_type) { 2478 case PT_NOTE: 2479 note_phdr = phdr; 2480 notes++; 2481 break; 2482 2483 case PT_LOAD: 2484 if (core_add_mapping(P, &phdr) == -1) { 2485 *perr = G_STRANGE; 2486 free(phbuf); 2487 goto err; 2488 } 2489 break; 2490 default: 2491 dprintf("Pgrab_core: unknown phdr %d\n", phdr.p_type); 2492 break; 2493 } 2494 2495 php = (char *)php + core.e_hdr.e_phentsize; 2496 } 2497 2498 free(phbuf); 2499 2500 Psort_mappings(P); 2501 2502 /* 2503 * If we couldn't find anything of type PT_NOTE, or only one PT_NOTE 2504 * was present, abort. The core file is either corrupt or too old. 2505 */ 2506 if (notes == 0 || (notes == 1 && core_info->core_osabi == 2507 ELFOSABI_SOLARIS)) { 2508 *perr = G_NOTE; 2509 goto err; 2510 } 2511 2512 /* 2513 * Advance the seek pointer to the start of the PT_NOTE data 2514 */ 2515 if (lseek64(P->asfd, note_phdr.p_offset, SEEK_SET) == (off64_t)-1) { 2516 dprintf("Pgrab_core: failed to lseek to PT_NOTE data\n"); 2517 *perr = G_STRANGE; 2518 goto err; 2519 } 2520 2521 /* 2522 * Now process the PT_NOTE structures. Each one is preceded by 2523 * an Elf{32/64}_Nhdr structure describing its type and size. 2524 * 2525 * +--------+ 2526 * | header | 2527 * +--------+ 2528 * | name | 2529 * | ... | 2530 * +--------+ 2531 * | desc | 2532 * | ... | 2533 * +--------+ 2534 */ 2535 for (nleft = note_phdr.p_filesz; nleft > 0; ) { 2536 Elf64_Nhdr nhdr; 2537 off64_t off, namesz, descsz; 2538 2539 /* 2540 * Although <sys/elf.h> defines both Elf32_Nhdr and Elf64_Nhdr 2541 * as different types, they are both of the same content and 2542 * size, so we don't need to worry about 32/64 conversion here. 2543 */ 2544 if (read(P->asfd, &nhdr, sizeof (nhdr)) != sizeof (nhdr)) { 2545 dprintf("Pgrab_core: failed to read ELF note header\n"); 2546 *perr = G_NOTE; 2547 goto err; 2548 } 2549 2550 /* 2551 * According to the System V ABI, the amount of padding 2552 * following the name field should align the description 2553 * field on a 4 byte boundary for 32-bit binaries or on an 8 2554 * byte boundary for 64-bit binaries. However, this change 2555 * was not made correctly during the 64-bit port so all 2556 * descriptions can assume only 4-byte alignment. We ignore 2557 * the name field and the padding to 4-byte alignment. 2558 */ 2559 namesz = P2ROUNDUP((off64_t)nhdr.n_namesz, (off64_t)4); 2560 2561 if (lseek64(P->asfd, namesz, SEEK_CUR) == (off64_t)-1) { 2562 dprintf("failed to seek past name and padding\n"); 2563 *perr = G_STRANGE; 2564 goto err; 2565 } 2566 2567 dprintf("Note hdr n_type=%u n_namesz=%u n_descsz=%u\n", 2568 nhdr.n_type, nhdr.n_namesz, nhdr.n_descsz); 2569 2570 off = lseek64(P->asfd, (off64_t)0L, SEEK_CUR); 2571 2572 /* 2573 * Invoke the note handler function from our table 2574 */ 2575 if (nhdr.n_type < sizeof (nhdlrs) / sizeof (nhdlrs[0])) { 2576 if (nhdlrs[nhdr.n_type](P, nhdr.n_descsz) < 0) { 2577 dprintf("handler for type %d returned < 0", 2578 nhdr.n_type); 2579 *perr = G_NOTE; 2580 goto err; 2581 } 2582 /* 2583 * The presence of either of these notes indicates that 2584 * the dump was generated on Linux. 2585 */ 2586 #ifdef __x86 2587 if (nhdr.n_type == NT_PRSTATUS || 2588 nhdr.n_type == NT_PRPSINFO) 2589 from_linux = B_TRUE; 2590 #endif 2591 } else { 2592 (void) note_notsup(P, nhdr.n_descsz); 2593 } 2594 2595 /* 2596 * Seek past the current note data to the next Elf_Nhdr 2597 */ 2598 descsz = P2ROUNDUP((off64_t)nhdr.n_descsz, (off64_t)4); 2599 if (lseek64(P->asfd, off + descsz, SEEK_SET) == (off64_t)-1) { 2600 dprintf("Pgrab_core: failed to seek to next nhdr\n"); 2601 *perr = G_STRANGE; 2602 goto err; 2603 } 2604 2605 /* 2606 * Subtract the size of the header and its data from what 2607 * we have left to process. 2608 */ 2609 nleft -= sizeof (nhdr) + namesz + descsz; 2610 } 2611 2612 #ifdef __x86 2613 if (from_linux) { 2614 size_t tcount, pid; 2615 lwp_info_t *lwp; 2616 2617 P->status.pr_dmodel = core_info->core_dmodel; 2618 2619 lwp = list_next(&core_info->core_lwp_head); 2620 2621 pid = P->status.pr_pid; 2622 2623 for (tcount = 0; tcount < core_info->core_nlwp; 2624 tcount++, lwp = list_next(lwp)) { 2625 dprintf("Linux thread with id %d\n", lwp->lwp_id); 2626 2627 /* 2628 * In the case we don't have a valid psinfo (i.e. pid is 2629 * 0, probably because of gdb creating the core) assume 2630 * lowest pid count is the first thread (what if the 2631 * next thread wraps the pid around?) 2632 */ 2633 if (P->status.pr_pid == 0 && 2634 ((pid == 0 && lwp->lwp_id > 0) || 2635 (lwp->lwp_id < pid))) { 2636 pid = lwp->lwp_id; 2637 } 2638 } 2639 2640 if (P->status.pr_pid != pid) { 2641 dprintf("No valid pid, setting to %ld\n", (ulong_t)pid); 2642 P->status.pr_pid = pid; 2643 P->psinfo.pr_pid = pid; 2644 } 2645 2646 /* 2647 * Consumers like mdb expect the first thread to actually have 2648 * an id of 1, on linux that is actually the pid. Find the the 2649 * thread with our process id, and set the id to 1 2650 */ 2651 if ((lwp = lwpid2info(P, pid)) == NULL) { 2652 dprintf("Couldn't find first thread\n"); 2653 *perr = G_STRANGE; 2654 goto err; 2655 } 2656 2657 dprintf("setting representative thread: %d\n", lwp->lwp_id); 2658 2659 lwp->lwp_id = 1; 2660 lwp->lwp_status.pr_lwpid = 1; 2661 2662 /* set representative thread */ 2663 (void) memcpy(&P->status.pr_lwp, &lwp->lwp_status, 2664 sizeof (P->status.pr_lwp)); 2665 } 2666 #endif /* __x86 */ 2667 2668 if (nleft != 0) { 2669 dprintf("Pgrab_core: note section malformed\n"); 2670 *perr = G_STRANGE; 2671 goto err; 2672 } 2673 2674 if ((pagesize = Pgetauxval(P, AT_PAGESZ)) == -1) { 2675 pagesize = getpagesize(); 2676 dprintf("AT_PAGESZ missing; defaulting to %d\n", pagesize); 2677 } 2678 2679 /* 2680 * Locate and label the mappings corresponding to the end of the 2681 * heap (MA_BREAK) and the base of the stack (MA_STACK). 2682 */ 2683 if ((P->status.pr_brkbase != 0 || P->status.pr_brksize != 0) && 2684 (brk_mp = Paddr2mptr(P, P->status.pr_brkbase + 2685 P->status.pr_brksize - 1)) != NULL) 2686 brk_mp->map_pmap.pr_mflags |= MA_BREAK; 2687 else 2688 brk_mp = NULL; 2689 2690 if ((stk_mp = Paddr2mptr(P, P->status.pr_stkbase)) != NULL) 2691 stk_mp->map_pmap.pr_mflags |= MA_STACK; 2692 2693 /* 2694 * At this point, we have enough information to look for the 2695 * executable and open it: we have access to the auxv, a psinfo_t, 2696 * and the ability to read from mappings provided by the core file. 2697 */ 2698 (void) Pfindexec(P, aout_path, core_exec_open, &aout); 2699 dprintf("P->execname = \"%s\"\n", P->execname ? P->execname : "NULL"); 2700 execname = P->execname ? P->execname : "a.out"; 2701 2702 /* 2703 * Iterate through the sections, looking for the .dynamic and .interp 2704 * sections. If we encounter them, remember their section pointers. 2705 */ 2706 for (scn = NULL; (scn = elf_nextscn(aout.e_elf, scn)) != NULL; ) { 2707 char *sname; 2708 2709 if ((gelf_getshdr(scn, &shdr) == NULL) || 2710 (sname = elf_strptr(aout.e_elf, aout.e_hdr.e_shstrndx, 2711 (size_t)shdr.sh_name)) == NULL) 2712 continue; 2713 2714 if (strcmp(sname, ".interp") == 0) 2715 intp_scn = scn; 2716 } 2717 2718 /* 2719 * Get the AT_BASE auxv element. If this is missing (-1), then 2720 * we assume this is a statically-linked executable. 2721 */ 2722 base_addr = Pgetauxval(P, AT_BASE); 2723 2724 /* 2725 * In order to get librtld_db initialized, we'll need to identify 2726 * and name the mapping corresponding to the run-time linker. The 2727 * AT_BASE auxv element tells us the address where it was mapped, 2728 * and the .interp section of the executable tells us its path. 2729 * If for some reason that doesn't pan out, just use ld.so.1. 2730 */ 2731 if (intp_scn != NULL && (dp = elf_getdata(intp_scn, NULL)) != NULL && 2732 dp->d_size != 0) { 2733 dprintf(".interp = <%s>\n", (char *)dp->d_buf); 2734 interp = dp->d_buf; 2735 2736 } else if (base_addr != (uintptr_t)-1L) { 2737 if (core_info->core_dmodel == PR_MODEL_LP64) 2738 interp = "/usr/lib/64/ld.so.1"; 2739 else 2740 interp = "/usr/lib/ld.so.1"; 2741 2742 dprintf(".interp section is missing or could not be read; " 2743 "defaulting to %s\n", interp); 2744 } else 2745 dprintf("detected statically linked executable\n"); 2746 2747 /* 2748 * If we have an AT_BASE element, name the mapping at that address 2749 * using the interpreter pathname. Name the corresponding data 2750 * mapping after the interpreter as well. 2751 */ 2752 if (base_addr != (uintptr_t)-1L) { 2753 elf_file_t intf; 2754 2755 P->map_ldso = core_name_mapping(P, base_addr, interp); 2756 2757 if (core_elf_open(&intf, interp, ET_DYN, NULL) == 0) { 2758 rd_loadobj_t rl; 2759 map_info_t *dmp; 2760 2761 rl.rl_base = base_addr; 2762 dmp = core_find_data(P, intf.e_elf, &rl); 2763 2764 if (dmp != NULL) { 2765 dprintf("renamed data at %p to %s\n", 2766 (void *)rl.rl_data_base, interp); 2767 (void) strncpy(dmp->map_pmap.pr_mapname, 2768 interp, PRMAPSZ); 2769 dmp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 2770 } 2771 } 2772 2773 core_elf_close(&intf); 2774 } 2775 2776 /* 2777 * If we have an AT_ENTRY element, name the mapping at that address 2778 * using the special name "a.out" just like /proc does. 2779 */ 2780 if ((addr = Pgetauxval(P, AT_ENTRY)) != (uintptr_t)-1L) 2781 P->map_exec = core_name_mapping(P, addr, "a.out"); 2782 2783 /* 2784 * If we're a statically linked executable (or we're on x86 and looking 2785 * at a Linux core dump), then just locate the executable's text and 2786 * data and name them after the executable. 2787 */ 2788 #ifndef __x86 2789 if (base_addr == (uintptr_t)-1L) { 2790 #else 2791 if (base_addr == (uintptr_t)-1L || from_linux) { 2792 #endif 2793 dprintf("looking for text and data: %s\n", execname); 2794 map_info_t *tmp, *dmp; 2795 file_info_t *fp; 2796 rd_loadobj_t rl; 2797 2798 if ((tmp = core_find_text(P, aout.e_elf, &rl)) != NULL && 2799 (dmp = core_find_data(P, aout.e_elf, &rl)) != NULL) { 2800 (void) strncpy(tmp->map_pmap.pr_mapname, 2801 execname, PRMAPSZ); 2802 tmp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 2803 (void) strncpy(dmp->map_pmap.pr_mapname, 2804 execname, PRMAPSZ); 2805 dmp->map_pmap.pr_mapname[PRMAPSZ - 1] = '\0'; 2806 } 2807 2808 if ((P->map_exec = tmp) != NULL && 2809 (fp = malloc(sizeof (file_info_t))) != NULL) { 2810 2811 (void) memset(fp, 0, sizeof (file_info_t)); 2812 2813 list_link(fp, &P->file_head); 2814 tmp->map_file = fp; 2815 P->num_files++; 2816 2817 fp->file_ref = 1; 2818 fp->file_fd = -1; 2819 fp->file_dbgfile = -1; 2820 2821 fp->file_lo = malloc(sizeof (rd_loadobj_t)); 2822 fp->file_lname = strdup(execname); 2823 2824 if (fp->file_lo) 2825 *fp->file_lo = rl; 2826 if (fp->file_lname) 2827 fp->file_lbase = basename(fp->file_lname); 2828 if (fp->file_rname) 2829 fp->file_rbase = basename(fp->file_rname); 2830 2831 (void) strcpy(fp->file_pname, 2832 P->mappings[0].map_pmap.pr_mapname); 2833 fp->file_map = tmp; 2834 2835 Pbuild_file_symtab(P, fp); 2836 2837 if (dmp != NULL) { 2838 dmp->map_file = fp; 2839 fp->file_ref++; 2840 } 2841 } 2842 } 2843 2844 core_elf_close(&aout); 2845 2846 /* 2847 * We now have enough information to initialize librtld_db. 2848 * After it warms up, we can iterate through the load object chain 2849 * in the core, which will allow us to construct the file info 2850 * we need to provide symbol information for the other shared 2851 * libraries, and also to fill in the missing mapping names. 2852 */ 2853 rd_log(_libproc_debug); 2854 2855 if ((P->rap = rd_new(P)) != NULL) { 2856 (void) rd_loadobj_iter(P->rap, (rl_iter_f *) 2857 core_iter_mapping, P); 2858 2859 if (core_info->core_errno != 0) { 2860 errno = core_info->core_errno; 2861 *perr = G_STRANGE; 2862 goto err; 2863 } 2864 } else 2865 dprintf("failed to initialize rtld_db agent\n"); 2866 2867 /* 2868 * If there are sections, load them and process the data from any 2869 * sections that we can use to annotate the file_info_t's. 2870 */ 2871 core_load_shdrs(P, &core); 2872 2873 /* 2874 * If we previously located a stack or break mapping, and they are 2875 * still anonymous, we now assume that they were MAP_ANON mappings. 2876 * If brk_mp turns out to now have a name, then the heap is still 2877 * sitting at the end of the executable's data+bss mapping: remove 2878 * the previous MA_BREAK setting to be consistent with /proc. 2879 */ 2880 if (stk_mp != NULL && stk_mp->map_pmap.pr_mapname[0] == '\0') 2881 stk_mp->map_pmap.pr_mflags |= MA_ANON; 2882 if (brk_mp != NULL && brk_mp->map_pmap.pr_mapname[0] == '\0') 2883 brk_mp->map_pmap.pr_mflags |= MA_ANON; 2884 else if (brk_mp != NULL) 2885 brk_mp->map_pmap.pr_mflags &= ~MA_BREAK; 2886 2887 *perr = 0; 2888 return (P); 2889 2890 err: 2891 Pfree(P); 2892 core_elf_close(&aout); 2893 return (NULL); 2894 } 2895 2896 /* 2897 * Grab a core file using a pathname. We just open it and call Pfgrab_core(). 2898 */ 2899 struct ps_prochandle * 2900 Pgrab_core(const char *core, const char *aout, int gflag, int *perr) 2901 { 2902 int fd, oflag = (gflag & PGRAB_RDONLY) ? O_RDONLY : O_RDWR; 2903 2904 if ((fd = open64(core, oflag)) >= 0) 2905 return (Pfgrab_core(fd, aout, perr)); 2906 2907 if (errno != ENOENT) 2908 *perr = G_STRANGE; 2909 else 2910 *perr = G_NOCORE; 2911 2912 return (NULL); 2913 } 2914 2915 int 2916 Pupanic(struct ps_prochandle *P, prupanic_t **pru) 2917 { 2918 core_info_t *core; 2919 2920 if (P->state != PS_DEAD) { 2921 errno = ENODATA; 2922 return (-1); 2923 } 2924 2925 core = P->data; 2926 if (core->core_upanic == NULL) { 2927 errno = ENOENT; 2928 return (-1); 2929 } 2930 2931 if (core->core_upanic->pru_version != PRUPANIC_VERSION_1) { 2932 errno = EINVAL; 2933 return (-1); 2934 } 2935 2936 if ((*pru = calloc(1, sizeof (prupanic_t))) == NULL) 2937 return (-1); 2938 (void) memcpy(*pru, core->core_upanic, sizeof (prupanic_t)); 2939 2940 return (0); 2941 } 2942 2943 void 2944 Pupanic_free(prupanic_t *pru) 2945 { 2946 free(pru); 2947 } 2948