1
/*
2
 * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 *
23
 */
24

25
#include <stdio.h>
26
#include <stdlib.h>
27
#include <string.h>
28
#include <signal.h>
29
#include <errno.h>
30
#include <elf.h>
31
#include <ctype.h>
32
#include <sys/types.h>
33
#include <sys/wait.h>
34
#include <sys/ptrace.h>
35
#include <sys/uio.h>
36
#include "libproc_impl.h"
37

38
#if defined(x86_64) && !defined(amd64)
39
#define amd64 1
40
#endif
41

42
#ifndef __WALL
43
#define __WALL          0x40000000  // Copied from /usr/include/linux/wait.h
44
#endif
45

46
// This file has the libproc implementation specific to live process
47
// For core files, refer to ps_core.c
48

49
typedef enum {
50
  ATTACH_SUCCESS,
51
  ATTACH_FAIL,
52
  ATTACH_THREAD_DEAD
53
} attach_state_t;
54

55
static inline uintptr_t align(uintptr_t ptr, size_t size) {
56
  return (ptr & ~(size - 1));
57
}
58

59
// ---------------------------------------------
60
// ptrace functions
61
// ---------------------------------------------
62

63
// read "size" bytes of data from "addr" within the target process.
64
// unlike the standard ptrace() function, process_read_data() can handle
65
// unaligned address - alignment check, if required, should be done
66
// before calling process_read_data.
67

68
static bool process_read_data(struct ps_prochandle* ph, uintptr_t addr, char *buf, size_t size) {
69
  long rslt;
70
  size_t i, words;
71
  uintptr_t end_addr = addr + size;
72
  uintptr_t aligned_addr = align(addr, sizeof(long));
73

74
  if (aligned_addr != addr) {
75
    char *ptr = (char *)&rslt;
76
    errno = 0;
77
    rslt = ptrace(PTRACE_PEEKDATA, ph->pid, aligned_addr, 0);
78
    if (errno) {
79
      print_debug("ptrace(PTRACE_PEEKDATA, ..) failed for %d bytes @ %lx\n", size, addr);
80
      return false;
81
    }
82
    for (; aligned_addr != addr; aligned_addr++, ptr++);
83
    for (; ((intptr_t)aligned_addr % sizeof(long)) && aligned_addr < end_addr;
84
        aligned_addr++)
85
       *(buf++) = *(ptr++);
86
  }
87

88
  words = (end_addr - aligned_addr) / sizeof(long);
89

90
  // assert((intptr_t)aligned_addr % sizeof(long) == 0);
91
  for (i = 0; i < words; i++) {
92
    errno = 0;
93
    rslt = ptrace(PTRACE_PEEKDATA, ph->pid, aligned_addr, 0);
94
    if (errno) {
95
      print_debug("ptrace(PTRACE_PEEKDATA, ..) failed for %d bytes @ %lx\n", size, addr);
96
      return false;
97
    }
98
    *(long *)buf = rslt;
99
    buf += sizeof(long);
100
    aligned_addr += sizeof(long);
101
  }
102

103
  if (aligned_addr != end_addr) {
104
    char *ptr = (char *)&rslt;
105
    errno = 0;
106
    rslt = ptrace(PTRACE_PEEKDATA, ph->pid, aligned_addr, 0);
107
    if (errno) {
108
      print_debug("ptrace(PTRACE_PEEKDATA, ..) failed for %d bytes @ %lx\n", size, addr);
109
      return false;
110
    }
111
    for (; aligned_addr != end_addr; aligned_addr++)
112
       *(buf++) = *(ptr++);
113
  }
114
  return true;
115
}
116

117
// null implementation for write
118
static bool process_write_data(struct ps_prochandle* ph,
119
                             uintptr_t addr, const char *buf , size_t size) {
120
  return false;
121
}
122

123
// "user" should be a pointer to a user_regs_struct
124
static bool process_get_lwp_regs(struct ps_prochandle* ph, pid_t pid, struct user_regs_struct *user) {
125
  // we have already attached to all thread 'pid's, just use ptrace call
126
  // to get regset now. Note that we don't cache regset upfront for processes.
127
// Linux on x86 and sparc are different.  On x86 ptrace(PTRACE_GETREGS, ...)
128
// uses pointer from 4th argument and ignores 3rd argument.  On sparc it uses
129
// pointer from 3rd argument and ignores 4th argument
130
#if defined(sparc) || defined(sparcv9)
131
#define ptrace_getregs(request, pid, addr, data) ptrace(request, pid, addr, data)
132
#else
133
#define ptrace_getregs(request, pid, addr, data) ptrace(request, pid, data, addr)
134
#endif
135

136
#if defined(_LP64) && defined(PTRACE_GETREGS64)
137
#define PTRACE_GETREGS_REQ PTRACE_GETREGS64
138
#elif defined(PTRACE_GETREGS)
139
#define PTRACE_GETREGS_REQ PTRACE_GETREGS
140
#elif defined(PT_GETREGS)
141
#define PTRACE_GETREGS_REQ PT_GETREGS
142
#endif
143

144
#ifdef PTRACE_GETREGS_REQ
145
 if (ptrace_getregs(PTRACE_GETREGS_REQ, pid, user, NULL) < 0) {
146
   print_debug("ptrace(PTRACE_GETREGS, ...) failed for lwp %d\n", pid);
147
   return false;
148
 }
149
 return true;
150
#elif defined(PTRACE_GETREGSET)
151
 struct iovec iov;
152
 iov.iov_base = user;
153
 iov.iov_len = sizeof(*user);
154
 if (ptrace(PTRACE_GETREGSET, pid, NT_PRSTATUS, (void*) &iov) < 0) {
155
   print_debug("ptrace(PTRACE_GETREGSET, ...) failed for lwp %d\n", pid);
156
   return false;
157
 }
158
 return true;
159
#else
160
 print_debug("ptrace(PTRACE_GETREGS, ...) not supported\n");
161
 return false;
162
#endif
163

164
}
165

166
static bool ptrace_continue(pid_t pid, int signal) {
167
  // pass the signal to the process so we don't swallow it
168
  if (ptrace(PTRACE_CONT, pid, NULL, signal) < 0) {
169
    print_debug("ptrace(PTRACE_CONT, ..) failed for %d\n", pid);
170
    return false;
171
  }
172
  return true;
173
}
174

175
// waits until the ATTACH has stopped the process
176
// by signal SIGSTOP
177
static attach_state_t ptrace_waitpid(pid_t pid) {
178
  int ret;
179
  int status;
180
  errno = 0;
181
  while (true) {
182
    // Wait for debuggee to stop.
183
    ret = waitpid(pid, &status, 0);
184
    if (ret == -1 && errno == ECHILD) {
185
      // try cloned process.
186
      ret = waitpid(pid, &status, __WALL);
187
    }
188
    if (ret >= 0) {
189
      if (WIFSTOPPED(status)) {
190
        // Any signal will stop the thread, make sure it is SIGSTOP. Otherwise SIGSTOP
191
        // will still be pending and delivered when the process is DETACHED and the process
192
        // will go to sleep.
193
        if (WSTOPSIG(status) == SIGSTOP) {
194
          // Debuggee stopped by SIGSTOP.
195
          return ATTACH_SUCCESS;
196
        }
197
        if (!ptrace_continue(pid, WSTOPSIG(status))) {
198
          print_error("Failed to correctly attach to VM. VM might HANG! [PTRACE_CONT failed, stopped by %d]\n", WSTOPSIG(status));
199
          return ATTACH_FAIL;
200
        }
201
      } else {
202
        print_debug("waitpid(): Child process %d exited/terminated (status = 0x%x)\n", pid, status);
203
        return ATTACH_THREAD_DEAD;
204
      }
205
    } else {
206
      switch (errno) {
207
        case EINTR:
208
          continue;
209
          break;
210
        case ECHILD:
211
          print_debug("waitpid() failed. Child process pid (%d) does not exist \n", pid);
212
          return ATTACH_THREAD_DEAD;
213
        case EINVAL:
214
          print_error("waitpid() failed. Invalid options argument.\n");
215
          return ATTACH_FAIL;
216
        default:
217
          print_error("waitpid() failed. Unexpected error %d\n",errno);
218
          return ATTACH_FAIL;
219
      }
220
    } // else
221
  } // while
222
}
223

224
// checks the state of the thread/process specified by "pid", by reading
225
// in the 'State:' value from the /proc/<pid>/status file. From the proc
226
// man page, "Current state of the process. One of "R (running)",
227
// "S (sleeping)", "D (disk sleep)", "T (stopped)", "T (tracing stop)",
228
// "Z (zombie)", or "X (dead)"." Assumes that the thread is dead if we
229
// don't find the status file or if the status is 'X' or 'Z'.
230
static bool process_doesnt_exist(pid_t pid) {
231
  char fname[32];
232
  char buf[30];
233
  FILE *fp = NULL;
234
  const char state_string[] = "State:";
235

236
  sprintf(fname, "/proc/%d/status", pid);
237
  fp = fopen(fname, "r");
238
  if (fp == NULL) {
239
    print_debug("can't open /proc/%d/status file\n", pid);
240
    // Assume the thread does not exist anymore.
241
    return true;
242
  }
243
  bool found_state = false;
244
  size_t state_len = strlen(state_string);
245
  while (fgets(buf, sizeof(buf), fp) != NULL) {
246
    char *state = NULL;
247
    if (strncmp (buf, state_string, state_len) == 0) {
248
      found_state = true;
249
      state = buf + state_len;
250
      // Skip the spaces
251
      while (isspace(*state)) {
252
        state++;
253
      }
254
      // A state value of 'X' indicates that the thread is dead. 'Z'
255
      // indicates that the thread is a zombie.
256
      if (*state == 'X' || *state == 'Z') {
257
        fclose (fp);
258
        return true;
259
      }
260
      break;
261
    }
262
  }
263
  // If the state value is not 'X' or 'Z', the thread exists.
264
  if (!found_state) {
265
    // We haven't found the line beginning with 'State:'.
266
    // Assuming the thread exists.
267
    print_error("Could not find the 'State:' string in the /proc/%d/status file\n", pid);
268
  }
269
  fclose (fp);
270
  return false;
271
}
272

273
// attach to a process/thread specified by "pid"
274
static attach_state_t ptrace_attach(pid_t pid, char* err_buf, size_t err_buf_len) {
275
  errno = 0;
276
  if (ptrace(PTRACE_ATTACH, pid, NULL, NULL) < 0) {
277
    if (errno == EPERM || errno == ESRCH) {
278
      // Check if the process/thread is exiting or is a zombie
279
      if (process_doesnt_exist(pid)) {
280
        print_debug("Thread with pid %d does not exist\n", pid);
281
        return ATTACH_THREAD_DEAD;
282
      }
283
    }
284
    char buf[200];
285
    char* msg = strerror_r(errno, buf, sizeof(buf));
286
    snprintf(err_buf, err_buf_len, "ptrace(PTRACE_ATTACH, ..) failed for %d: %s", pid, msg);
287
    print_error("%s\n", err_buf);
288
    return ATTACH_FAIL;
289
  } else {
290
    attach_state_t wait_ret = ptrace_waitpid(pid);
291
    if (wait_ret == ATTACH_THREAD_DEAD) {
292
      print_debug("Thread with pid %d does not exist\n", pid);
293
    }
294
    return wait_ret;
295
  }
296
}
297

298
// -------------------------------------------------------
299
// functions for obtaining library information
300
// -------------------------------------------------------
301

302
/*
303
 * splits a string _str_ into substrings with delimiter _delim_ by replacing old * delimiters with _new_delim_ (ideally, '\0'). the address of each substring
304
 * is stored in array _ptrs_ as the return value. the maximum capacity of _ptrs_ * array is specified by parameter _n_.
305
 * RETURN VALUE: total number of substrings (always <= _n_)
306
 * NOTE: string _str_ is modified if _delim_!=_new_delim_
307
 */
308
static int split_n_str(char * str, int n, char ** ptrs, char delim, char new_delim)
309
{
310
   int i;
311
   for(i = 0; i < n; i++) ptrs[i] = NULL;
312
   if (str == NULL || n < 1 ) return 0;
313

314
   i = 0;
315

316
   // skipping leading blanks
317
   while(*str&&*str==delim) str++;
318

319
   while(*str&&i<n){
320
     ptrs[i++] = str;
321
     while(*str&&*str!=delim) str++;
322
     while(*str&&*str==delim) *(str++) = new_delim;
323
   }
324

325
   return i;
326
}
327

328
/*
329
 * fgets without storing '\n' at the end of the string
330
 */
331
static char * fgets_no_cr(char * buf, int n, FILE *fp)
332
{
333
   char * rslt = fgets(buf, n, fp);
334
   if (rslt && buf && *buf){
335
       char *p = strchr(buf, '\0');
336
       if (*--p=='\n') *p='\0';
337
   }
338
   return rslt;
339
}
340

341
// callback for read_thread_info
342
static bool add_new_thread(struct ps_prochandle* ph, pthread_t pthread_id, lwpid_t lwp_id) {
343
  return add_thread_info(ph, pthread_id, lwp_id) != NULL;
344
}
345

346
static bool read_lib_info(struct ps_prochandle* ph) {
347
  char fname[32];
348
  char buf[PATH_MAX];
349
  FILE *fp = NULL;
350

351
  sprintf(fname, "/proc/%d/maps", ph->pid);
352
  fp = fopen(fname, "r");
353
  if (fp == NULL) {
354
    print_debug("can't open /proc/%d/maps file\n", ph->pid);
355
    return false;
356
  }
357

358
  while(fgets_no_cr(buf, PATH_MAX, fp)){
359
    char * word[7];
360
    int nwords = split_n_str(buf, 7, word, ' ', '\0');
361

362
    if (nwords < 6) {
363
      // not a shared library entry. ignore.
364
      continue;
365
    }
366

367
    // SA does not handle the lines with patterns:
368
    //   "[stack]", "[heap]", "[vdso]", "[vsyscall]", etc.
369
    if (word[5][0] == '[') {
370
        // not a shared library entry. ignore.
371
        continue;
372
    }
373

374
    if (nwords > 6) {
375
      // prelink altered mapfile when the program is running.
376
      // Entries like one below have to be skipped
377
      //  /lib64/libc-2.15.so (deleted)
378
      // SO name in entries like one below have to be stripped.
379
      //  /lib64/libpthread-2.15.so.#prelink#.EECVts
380
      char *s = strstr(word[5],".#prelink#");
381
      if (s == NULL) {
382
        // No prelink keyword. skip deleted library
383
        print_debug("skip shared object %s deleted by prelink\n", word[5]);
384
        continue;
385
      }
386

387
      // Fall through
388
      print_debug("rectifying shared object name %s changed by prelink\n", word[5]);
389
      *s = 0;
390
    }
391

392
    if (find_lib(ph, word[5]) == false) {
393
       intptr_t base;
394
       lib_info* lib;
395
#ifdef _LP64
396
       sscanf(word[0], "%lx", &base);
397
#else
398
       sscanf(word[0], "%x", &base);
399
#endif
400
       if ((lib = add_lib_info(ph, word[5], (uintptr_t)base)) == NULL)
401
          continue; // ignore, add_lib_info prints error
402

403
       // we don't need to keep the library open, symtab is already
404
       // built. Only for core dump we need to keep the fd open.
405
       close(lib->fd);
406
       lib->fd = -1;
407
    }
408
  }
409
  fclose(fp);
410
  return true;
411
}
412

413
// detach a given pid
414
static bool ptrace_detach(pid_t pid) {
415
  if (pid && ptrace(PTRACE_DETACH, pid, NULL, NULL) < 0) {
416
    print_debug("ptrace(PTRACE_DETACH, ..) failed for %d\n", pid);
417
    return false;
418
  } else {
419
    return true;
420
  }
421
}
422

423
// detach all pids of a ps_prochandle
424
static void detach_all_pids(struct ps_prochandle* ph) {
425
  thread_info* thr = ph->threads;
426
  while (thr) {
427
     ptrace_detach(thr->lwp_id);
428
     thr = thr->next;
429
  }
430
}
431

432
static void process_cleanup(struct ps_prochandle* ph) {
433
  detach_all_pids(ph);
434
}
435

436
static ps_prochandle_ops process_ops = {
437
  .release=  process_cleanup,
438
  .p_pread=  process_read_data,
439
  .p_pwrite= process_write_data,
440
  .get_lwp_regs= process_get_lwp_regs
441
};
442

443
// attach to the process. One and only one exposed stuff
444
struct ps_prochandle* Pgrab(pid_t pid, char* err_buf, size_t err_buf_len) {
445
  struct ps_prochandle* ph = NULL;
446
  thread_info* thr = NULL;
447
  attach_state_t attach_status = ATTACH_SUCCESS;
448

449
  if ( (ph = (struct ps_prochandle*) calloc(1, sizeof(struct ps_prochandle))) == NULL) {
450
    snprintf(err_buf, err_buf_len, "can't allocate memory for ps_prochandle");
451
    print_debug("%s\n", err_buf);
452
    return NULL;
453
  }
454

455
  if ((attach_status = ptrace_attach(pid, err_buf, err_buf_len)) != ATTACH_SUCCESS) {
456
    if (attach_status == ATTACH_THREAD_DEAD) {
457
       print_error("The process with pid %d does not exist.\n", pid);
458
    }
459
    free(ph);
460
    return NULL;
461
  }
462

463
  // initialize ps_prochandle
464
  ph->pid = pid;
465

466
  // initialize vtable
467
  ph->ops = &process_ops;
468

469
  // read library info and symbol tables, must do this before attaching threads,
470
  // as the symbols in the pthread library will be used to figure out
471
  // the list of threads within the same process.
472
  read_lib_info(ph);
473

474
  // read thread info
475
  read_thread_info(ph, add_new_thread);
476

477
  // attach to the threads
478
  thr = ph->threads;
479

480
  while (thr) {
481
    thread_info* current_thr = thr;
482
    thr = thr->next;
483
    // don't attach to the main thread again
484
    if (ph->pid != current_thr->lwp_id) {
485
      if ((attach_status = ptrace_attach(current_thr->lwp_id, err_buf, err_buf_len)) != ATTACH_SUCCESS) {
486
        if (attach_status == ATTACH_THREAD_DEAD) {
487
          // Remove this thread from the threads list
488
          delete_thread_info(ph, current_thr);
489
        }
490
        else {
491
          Prelease(ph);
492
          return NULL;
493
        } // ATTACH_THREAD_DEAD
494
      } // !ATTACH_SUCCESS
495
    }
496
  }
497
  return ph;
498
}
499

500