1 //===-- ProcessElfCore.cpp ------------------------------------------------===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 9 #include <cstdlib> 10 11 #include <memory> 12 #include <mutex> 13 14 #include "lldb/Core/Module.h" 15 #include "lldb/Core/ModuleSpec.h" 16 #include "lldb/Core/PluginManager.h" 17 #include "lldb/Core/Section.h" 18 #include "lldb/Target/ABI.h" 19 #include "lldb/Target/DynamicLoader.h" 20 #include "lldb/Target/MemoryRegionInfo.h" 21 #include "lldb/Target/Target.h" 22 #include "lldb/Target/UnixSignals.h" 23 #include "lldb/Utility/DataBufferHeap.h" 24 #include "lldb/Utility/LLDBLog.h" 25 #include "lldb/Utility/Log.h" 26 #include "lldb/Utility/State.h" 27 28 #include "llvm/BinaryFormat/ELF.h" 29 #include "llvm/Support/Threading.h" 30 31 #include "Plugins/DynamicLoader/POSIX-DYLD/DynamicLoaderPOSIXDYLD.h" 32 #include "Plugins/ObjectFile/ELF/ObjectFileELF.h" 33 #include "Plugins/Process/elf-core/RegisterUtilities.h" 34 #include "ProcessElfCore.h" 35 #include "ThreadElfCore.h" 36 37 using namespace lldb_private; 38 namespace ELF = llvm::ELF; 39 40 LLDB_PLUGIN_DEFINE(ProcessElfCore) 41 42 llvm::StringRef ProcessElfCore::GetPluginDescriptionStatic() { 43 return "ELF core dump plug-in."; 44 } 45 46 void ProcessElfCore::Terminate() { 47 PluginManager::UnregisterPlugin(ProcessElfCore::CreateInstance); 48 } 49 50 lldb::ProcessSP ProcessElfCore::CreateInstance(lldb::TargetSP target_sp, 51 lldb::ListenerSP listener_sp, 52 const FileSpec *crash_file, 53 bool can_connect) { 54 lldb::ProcessSP process_sp; 55 if (crash_file && !can_connect) { 56 // Read enough data for an ELF32 header or ELF64 header Note: Here we care 57 // about e_type field only, so it is safe to ignore possible presence of 58 // the header extension. 59 const size_t header_size = sizeof(llvm::ELF::Elf64_Ehdr); 60 61 auto data_sp = FileSystem::Instance().CreateDataBuffer( 62 crash_file->GetPath(), header_size, 0); 63 if (data_sp && data_sp->GetByteSize() == header_size && 64 elf::ELFHeader::MagicBytesMatch(data_sp->GetBytes())) { 65 elf::ELFHeader elf_header; 66 DataExtractor data(data_sp, lldb::eByteOrderLittle, 4); 67 lldb::offset_t data_offset = 0; 68 if (elf_header.Parse(data, &data_offset)) { 69 // Check whether we're dealing with a raw FreeBSD "full memory dump" 70 // ELF vmcore that needs to be handled via FreeBSDKernel plugin instead. 71 if (elf_header.e_ident[7] == 0xFF && elf_header.e_version == 0) 72 return process_sp; 73 if (elf_header.e_type == llvm::ELF::ET_CORE) 74 process_sp = std::make_shared<ProcessElfCore>(target_sp, listener_sp, 75 *crash_file); 76 } 77 } 78 } 79 return process_sp; 80 } 81 82 bool ProcessElfCore::CanDebug(lldb::TargetSP target_sp, 83 bool plugin_specified_by_name) { 84 // For now we are just making sure the file exists for a given module 85 if (!m_core_module_sp && FileSystem::Instance().Exists(m_core_file)) { 86 ModuleSpec core_module_spec(m_core_file, target_sp->GetArchitecture()); 87 Status error(ModuleList::GetSharedModule(core_module_spec, m_core_module_sp, 88 nullptr, nullptr, nullptr)); 89 if (m_core_module_sp) { 90 ObjectFile *core_objfile = m_core_module_sp->GetObjectFile(); 91 if (core_objfile && core_objfile->GetType() == ObjectFile::eTypeCoreFile) 92 return true; 93 } 94 } 95 return false; 96 } 97 98 // ProcessElfCore constructor 99 ProcessElfCore::ProcessElfCore(lldb::TargetSP target_sp, 100 lldb::ListenerSP listener_sp, 101 const FileSpec &core_file) 102 : PostMortemProcess(target_sp, listener_sp, core_file) {} 103 104 // Destructor 105 ProcessElfCore::~ProcessElfCore() { 106 Clear(); 107 // We need to call finalize on the process before destroying ourselves to 108 // make sure all of the broadcaster cleanup goes as planned. If we destruct 109 // this class, then Process::~Process() might have problems trying to fully 110 // destroy the broadcaster. 111 Finalize(true /* destructing */); 112 } 113 114 lldb::addr_t ProcessElfCore::AddAddressRangeFromLoadSegment( 115 const elf::ELFProgramHeader &header) { 116 const lldb::addr_t addr = header.p_vaddr; 117 FileRange file_range(header.p_offset, header.p_filesz); 118 VMRangeToFileOffset::Entry range_entry(addr, header.p_memsz, file_range); 119 120 // Only add to m_core_aranges if the file size is non zero. Some core files 121 // have PT_LOAD segments for all address ranges, but set f_filesz to zero for 122 // the .text sections since they can be retrieved from the object files. 123 if (header.p_filesz > 0) { 124 VMRangeToFileOffset::Entry *last_entry = m_core_aranges.Back(); 125 if (last_entry && last_entry->GetRangeEnd() == range_entry.GetRangeBase() && 126 last_entry->data.GetRangeEnd() == range_entry.data.GetRangeBase() && 127 last_entry->GetByteSize() == last_entry->data.GetByteSize()) { 128 last_entry->SetRangeEnd(range_entry.GetRangeEnd()); 129 last_entry->data.SetRangeEnd(range_entry.data.GetRangeEnd()); 130 } else { 131 m_core_aranges.Append(range_entry); 132 } 133 } 134 // Keep a separate map of permissions that isn't coalesced so all ranges 135 // are maintained. 136 const uint32_t permissions = 137 ((header.p_flags & llvm::ELF::PF_R) ? lldb::ePermissionsReadable : 0u) | 138 ((header.p_flags & llvm::ELF::PF_W) ? lldb::ePermissionsWritable : 0u) | 139 ((header.p_flags & llvm::ELF::PF_X) ? lldb::ePermissionsExecutable : 0u); 140 141 m_core_range_infos.Append( 142 VMRangeToPermissions::Entry(addr, header.p_memsz, permissions)); 143 144 return addr; 145 } 146 147 lldb::addr_t ProcessElfCore::AddAddressRangeFromMemoryTagSegment( 148 const elf::ELFProgramHeader &header) { 149 // If lldb understood multiple kinds of tag segments we would record the type 150 // of the segment here also. As long as there is only 1 type lldb looks for, 151 // there is no need. 152 FileRange file_range(header.p_offset, header.p_filesz); 153 m_core_tag_ranges.Append( 154 VMRangeToFileOffset::Entry(header.p_vaddr, header.p_memsz, file_range)); 155 156 return header.p_vaddr; 157 } 158 159 // Process Control 160 Status ProcessElfCore::DoLoadCore() { 161 Status error; 162 if (!m_core_module_sp) { 163 error = Status::FromErrorString("invalid core module"); 164 return error; 165 } 166 167 ObjectFileELF *core = (ObjectFileELF *)(m_core_module_sp->GetObjectFile()); 168 if (core == nullptr) { 169 error = Status::FromErrorString("invalid core object file"); 170 return error; 171 } 172 173 llvm::ArrayRef<elf::ELFProgramHeader> segments = core->ProgramHeaders(); 174 if (segments.size() == 0) { 175 error = Status::FromErrorString("core file has no segments"); 176 return error; 177 } 178 179 SetCanJIT(false); 180 181 m_thread_data_valid = true; 182 183 bool ranges_are_sorted = true; 184 lldb::addr_t vm_addr = 0; 185 lldb::addr_t tag_addr = 0; 186 /// Walk through segments and Thread and Address Map information. 187 /// PT_NOTE - Contains Thread and Register information 188 /// PT_LOAD - Contains a contiguous range of Process Address Space 189 /// PT_AARCH64_MEMTAG_MTE - Contains AArch64 MTE memory tags for a range of 190 /// Process Address Space. 191 for (const elf::ELFProgramHeader &H : segments) { 192 DataExtractor data = core->GetSegmentData(H); 193 194 // Parse thread contexts and auxv structure 195 if (H.p_type == llvm::ELF::PT_NOTE) { 196 if (llvm::Error error = ParseThreadContextsFromNoteSegment(H, data)) 197 return Status::FromError(std::move(error)); 198 } 199 // PT_LOAD segments contains address map 200 if (H.p_type == llvm::ELF::PT_LOAD) { 201 lldb::addr_t last_addr = AddAddressRangeFromLoadSegment(H); 202 if (vm_addr > last_addr) 203 ranges_are_sorted = false; 204 vm_addr = last_addr; 205 } else if (H.p_type == llvm::ELF::PT_AARCH64_MEMTAG_MTE) { 206 lldb::addr_t last_addr = AddAddressRangeFromMemoryTagSegment(H); 207 if (tag_addr > last_addr) 208 ranges_are_sorted = false; 209 tag_addr = last_addr; 210 } 211 } 212 213 if (!ranges_are_sorted) { 214 m_core_aranges.Sort(); 215 m_core_range_infos.Sort(); 216 m_core_tag_ranges.Sort(); 217 } 218 219 // Even if the architecture is set in the target, we need to override it to 220 // match the core file which is always single arch. 221 ArchSpec arch(m_core_module_sp->GetArchitecture()); 222 223 ArchSpec target_arch = GetTarget().GetArchitecture(); 224 ArchSpec core_arch(m_core_module_sp->GetArchitecture()); 225 target_arch.MergeFrom(core_arch); 226 GetTarget().SetArchitecture(target_arch); 227 228 SetUnixSignals(UnixSignals::Create(GetArchitecture())); 229 230 // Ensure we found at least one thread that was stopped on a signal. 231 bool siginfo_signal_found = false; 232 bool prstatus_signal_found = false; 233 // Check we found a signal in a SIGINFO note. 234 for (const auto &thread_data : m_thread_data) { 235 if (thread_data.siginfo.si_signo != 0) 236 siginfo_signal_found = true; 237 if (thread_data.prstatus_sig != 0) 238 prstatus_signal_found = true; 239 } 240 if (!siginfo_signal_found) { 241 // If we don't have signal from SIGINFO use the signal from each threads 242 // PRSTATUS note. 243 if (prstatus_signal_found) { 244 for (auto &thread_data : m_thread_data) 245 thread_data.siginfo.si_signo = thread_data.prstatus_sig; 246 } else if (m_thread_data.size() > 0) { 247 // If all else fails force the first thread to be SIGSTOP 248 m_thread_data.begin()->siginfo.si_signo = 249 GetUnixSignals()->GetSignalNumberFromName("SIGSTOP"); 250 } 251 } 252 253 // Try to find gnu build id before we load the executable. 254 UpdateBuildIdForNTFileEntries(); 255 256 // Core files are useless without the main executable. See if we can locate 257 // the main executable using data we found in the core file notes. 258 lldb::ModuleSP exe_module_sp = GetTarget().GetExecutableModule(); 259 if (!exe_module_sp) { 260 // The first entry in the NT_FILE might be our executable 261 if (!m_nt_file_entries.empty()) { 262 ModuleSpec exe_module_spec; 263 exe_module_spec.GetArchitecture() = arch; 264 exe_module_spec.GetUUID() = m_nt_file_entries[0].uuid; 265 exe_module_spec.GetFileSpec().SetFile(m_nt_file_entries[0].path, 266 FileSpec::Style::native); 267 if (exe_module_spec.GetFileSpec()) { 268 exe_module_sp = 269 GetTarget().GetOrCreateModule(exe_module_spec, true /* notify */); 270 if (exe_module_sp) 271 GetTarget().SetExecutableModule(exe_module_sp, eLoadDependentsNo); 272 } 273 } 274 } 275 return error; 276 } 277 278 void ProcessElfCore::UpdateBuildIdForNTFileEntries() { 279 Log *log = GetLog(LLDBLog::Process); 280 for (NT_FILE_Entry &entry : m_nt_file_entries) { 281 entry.uuid = FindBuidIdInCoreMemory(entry.start); 282 if (log && entry.uuid.IsValid()) 283 LLDB_LOGF(log, "%s found UUID @ %16.16" PRIx64 ": %s \"%s\"", 284 __FUNCTION__, entry.start, entry.uuid.GetAsString().c_str(), 285 entry.path.c_str()); 286 } 287 } 288 289 UUID ProcessElfCore::FindModuleUUID(const llvm::StringRef path) { 290 // Returns the gnu uuid from matched NT_FILE entry 291 for (NT_FILE_Entry &entry : m_nt_file_entries) 292 if (path == entry.path) 293 return entry.uuid; 294 return UUID(); 295 } 296 297 lldb_private::DynamicLoader *ProcessElfCore::GetDynamicLoader() { 298 if (m_dyld_up.get() == nullptr) 299 m_dyld_up.reset(DynamicLoader::FindPlugin( 300 this, DynamicLoaderPOSIXDYLD::GetPluginNameStatic())); 301 return m_dyld_up.get(); 302 } 303 304 bool ProcessElfCore::DoUpdateThreadList(ThreadList &old_thread_list, 305 ThreadList &new_thread_list) { 306 const uint32_t num_threads = GetNumThreadContexts(); 307 if (!m_thread_data_valid) 308 return false; 309 310 for (lldb::tid_t tid = 0; tid < num_threads; ++tid) { 311 const ThreadData &td = m_thread_data[tid]; 312 lldb::ThreadSP thread_sp(new ThreadElfCore(*this, td)); 313 new_thread_list.AddThread(thread_sp); 314 } 315 return new_thread_list.GetSize(false) > 0; 316 } 317 318 void ProcessElfCore::RefreshStateAfterStop() {} 319 320 Status ProcessElfCore::DoDestroy() { return Status(); } 321 322 // Process Queries 323 324 bool ProcessElfCore::IsAlive() { return true; } 325 326 // Process Memory 327 size_t ProcessElfCore::ReadMemory(lldb::addr_t addr, void *buf, size_t size, 328 Status &error) { 329 if (lldb::ABISP abi_sp = GetABI()) 330 addr = abi_sp->FixAnyAddress(addr); 331 332 // Don't allow the caching that lldb_private::Process::ReadMemory does since 333 // in core files we have it all cached our our core file anyway. 334 return DoReadMemory(addr, buf, size, error); 335 } 336 337 Status ProcessElfCore::DoGetMemoryRegionInfo(lldb::addr_t load_addr, 338 MemoryRegionInfo ®ion_info) { 339 region_info.Clear(); 340 const VMRangeToPermissions::Entry *permission_entry = 341 m_core_range_infos.FindEntryThatContainsOrFollows(load_addr); 342 if (permission_entry) { 343 if (permission_entry->Contains(load_addr)) { 344 region_info.GetRange().SetRangeBase(permission_entry->GetRangeBase()); 345 region_info.GetRange().SetRangeEnd(permission_entry->GetRangeEnd()); 346 const Flags permissions(permission_entry->data); 347 region_info.SetReadable(permissions.Test(lldb::ePermissionsReadable) 348 ? MemoryRegionInfo::eYes 349 : MemoryRegionInfo::eNo); 350 region_info.SetWritable(permissions.Test(lldb::ePermissionsWritable) 351 ? MemoryRegionInfo::eYes 352 : MemoryRegionInfo::eNo); 353 region_info.SetExecutable(permissions.Test(lldb::ePermissionsExecutable) 354 ? MemoryRegionInfo::eYes 355 : MemoryRegionInfo::eNo); 356 region_info.SetMapped(MemoryRegionInfo::eYes); 357 358 // A region is memory tagged if there is a memory tag segment that covers 359 // the exact same range. 360 region_info.SetMemoryTagged(MemoryRegionInfo::eNo); 361 const VMRangeToFileOffset::Entry *tag_entry = 362 m_core_tag_ranges.FindEntryStartsAt(permission_entry->GetRangeBase()); 363 if (tag_entry && 364 tag_entry->GetRangeEnd() == permission_entry->GetRangeEnd()) 365 region_info.SetMemoryTagged(MemoryRegionInfo::eYes); 366 } else if (load_addr < permission_entry->GetRangeBase()) { 367 region_info.GetRange().SetRangeBase(load_addr); 368 region_info.GetRange().SetRangeEnd(permission_entry->GetRangeBase()); 369 region_info.SetReadable(MemoryRegionInfo::eNo); 370 region_info.SetWritable(MemoryRegionInfo::eNo); 371 region_info.SetExecutable(MemoryRegionInfo::eNo); 372 region_info.SetMapped(MemoryRegionInfo::eNo); 373 region_info.SetMemoryTagged(MemoryRegionInfo::eNo); 374 } 375 return Status(); 376 } 377 378 region_info.GetRange().SetRangeBase(load_addr); 379 region_info.GetRange().SetRangeEnd(LLDB_INVALID_ADDRESS); 380 region_info.SetReadable(MemoryRegionInfo::eNo); 381 region_info.SetWritable(MemoryRegionInfo::eNo); 382 region_info.SetExecutable(MemoryRegionInfo::eNo); 383 region_info.SetMapped(MemoryRegionInfo::eNo); 384 region_info.SetMemoryTagged(MemoryRegionInfo::eNo); 385 return Status(); 386 } 387 388 size_t ProcessElfCore::DoReadMemory(lldb::addr_t addr, void *buf, size_t size, 389 Status &error) { 390 ObjectFile *core_objfile = m_core_module_sp->GetObjectFile(); 391 392 if (core_objfile == nullptr) 393 return 0; 394 395 // Get the address range 396 const VMRangeToFileOffset::Entry *address_range = 397 m_core_aranges.FindEntryThatContains(addr); 398 if (address_range == nullptr || address_range->GetRangeEnd() < addr) { 399 error = Status::FromErrorStringWithFormat( 400 "core file does not contain 0x%" PRIx64, addr); 401 return 0; 402 } 403 404 // Convert the address into core file offset 405 const lldb::addr_t offset = addr - address_range->GetRangeBase(); 406 const lldb::addr_t file_start = address_range->data.GetRangeBase(); 407 const lldb::addr_t file_end = address_range->data.GetRangeEnd(); 408 size_t bytes_to_read = size; // Number of bytes to read from the core file 409 size_t bytes_copied = 0; // Number of bytes actually read from the core file 410 lldb::addr_t bytes_left = 411 0; // Number of bytes available in the core file from the given address 412 413 // Don't proceed if core file doesn't contain the actual data for this 414 // address range. 415 if (file_start == file_end) 416 return 0; 417 418 // Figure out how many on-disk bytes remain in this segment starting at the 419 // given offset 420 if (file_end > file_start + offset) 421 bytes_left = file_end - (file_start + offset); 422 423 if (bytes_to_read > bytes_left) 424 bytes_to_read = bytes_left; 425 426 // If there is data available on the core file read it 427 if (bytes_to_read) 428 bytes_copied = 429 core_objfile->CopyData(offset + file_start, bytes_to_read, buf); 430 431 return bytes_copied; 432 } 433 434 llvm::Expected<std::vector<lldb::addr_t>> 435 ProcessElfCore::ReadMemoryTags(lldb::addr_t addr, size_t len) { 436 ObjectFile *core_objfile = m_core_module_sp->GetObjectFile(); 437 if (core_objfile == nullptr) 438 return llvm::createStringError(llvm::inconvertibleErrorCode(), 439 "No core object file."); 440 441 llvm::Expected<const MemoryTagManager *> tag_manager_or_err = 442 GetMemoryTagManager(); 443 if (!tag_manager_or_err) 444 return tag_manager_or_err.takeError(); 445 446 // LLDB only supports AArch64 MTE tag segments so we do not need to worry 447 // about the segment type here. If you got here then you must have a tag 448 // manager (meaning you are debugging AArch64) and all the segments in this 449 // list will have had type PT_AARCH64_MEMTAG_MTE. 450 const VMRangeToFileOffset::Entry *tag_entry = 451 m_core_tag_ranges.FindEntryThatContains(addr); 452 // If we don't have a tag segment or the range asked for extends outside the 453 // segment. 454 if (!tag_entry || (addr + len) >= tag_entry->GetRangeEnd()) 455 return llvm::createStringError(llvm::inconvertibleErrorCode(), 456 "No tag segment that covers this range."); 457 458 const MemoryTagManager *tag_manager = *tag_manager_or_err; 459 return tag_manager->UnpackTagsFromCoreFileSegment( 460 [core_objfile](lldb::offset_t offset, size_t length, void *dst) { 461 return core_objfile->CopyData(offset, length, dst); 462 }, 463 tag_entry->GetRangeBase(), tag_entry->data.GetRangeBase(), addr, len); 464 } 465 466 void ProcessElfCore::Clear() { 467 m_thread_list.Clear(); 468 469 SetUnixSignals(std::make_shared<UnixSignals>()); 470 } 471 472 void ProcessElfCore::Initialize() { 473 static llvm::once_flag g_once_flag; 474 475 llvm::call_once(g_once_flag, []() { 476 PluginManager::RegisterPlugin(GetPluginNameStatic(), 477 GetPluginDescriptionStatic(), CreateInstance); 478 }); 479 } 480 481 lldb::addr_t ProcessElfCore::GetImageInfoAddress() { 482 ObjectFile *obj_file = GetTarget().GetExecutableModule()->GetObjectFile(); 483 Address addr = obj_file->GetImageInfoAddress(&GetTarget()); 484 485 if (addr.IsValid()) 486 return addr.GetLoadAddress(&GetTarget()); 487 return LLDB_INVALID_ADDRESS; 488 } 489 490 // Parse a FreeBSD NT_PRSTATUS note - see FreeBSD sys/procfs.h for details. 491 static void ParseFreeBSDPrStatus(ThreadData &thread_data, 492 const DataExtractor &data, 493 bool lp64) { 494 lldb::offset_t offset = 0; 495 int pr_version = data.GetU32(&offset); 496 497 Log *log = GetLog(LLDBLog::Process); 498 if (log) { 499 if (pr_version > 1) 500 LLDB_LOGF(log, "FreeBSD PRSTATUS unexpected version %d", pr_version); 501 } 502 503 // Skip padding, pr_statussz, pr_gregsetsz, pr_fpregsetsz, pr_osreldate 504 if (lp64) 505 offset += 32; 506 else 507 offset += 16; 508 509 thread_data.siginfo.si_signo = data.GetU32(&offset); // pr_cursig 510 thread_data.tid = data.GetU32(&offset); // pr_pid 511 if (lp64) 512 offset += 4; 513 514 size_t len = data.GetByteSize() - offset; 515 thread_data.gpregset = DataExtractor(data, offset, len); 516 } 517 518 // Parse a FreeBSD NT_PRPSINFO note - see FreeBSD sys/procfs.h for details. 519 static void ParseFreeBSDPrPsInfo(ProcessElfCore &process, 520 const DataExtractor &data, 521 bool lp64) { 522 lldb::offset_t offset = 0; 523 int pr_version = data.GetU32(&offset); 524 525 Log *log = GetLog(LLDBLog::Process); 526 if (log) { 527 if (pr_version > 1) 528 LLDB_LOGF(log, "FreeBSD PRPSINFO unexpected version %d", pr_version); 529 } 530 531 // Skip pr_psinfosz, pr_fname, pr_psargs 532 offset += 108; 533 if (lp64) 534 offset += 4; 535 536 process.SetID(data.GetU32(&offset)); // pr_pid 537 } 538 539 static llvm::Error ParseNetBSDProcInfo(const DataExtractor &data, 540 uint32_t &cpi_nlwps, 541 uint32_t &cpi_signo, 542 uint32_t &cpi_siglwp, 543 uint32_t &cpi_pid) { 544 lldb::offset_t offset = 0; 545 546 uint32_t version = data.GetU32(&offset); 547 if (version != 1) 548 return llvm::make_error<llvm::StringError>( 549 "Error parsing NetBSD core(5) notes: Unsupported procinfo version", 550 llvm::inconvertibleErrorCode()); 551 552 uint32_t cpisize = data.GetU32(&offset); 553 if (cpisize != NETBSD::NT_PROCINFO_SIZE) 554 return llvm::make_error<llvm::StringError>( 555 "Error parsing NetBSD core(5) notes: Unsupported procinfo size", 556 llvm::inconvertibleErrorCode()); 557 558 cpi_signo = data.GetU32(&offset); /* killing signal */ 559 560 offset += NETBSD::NT_PROCINFO_CPI_SIGCODE_SIZE; 561 offset += NETBSD::NT_PROCINFO_CPI_SIGPEND_SIZE; 562 offset += NETBSD::NT_PROCINFO_CPI_SIGMASK_SIZE; 563 offset += NETBSD::NT_PROCINFO_CPI_SIGIGNORE_SIZE; 564 offset += NETBSD::NT_PROCINFO_CPI_SIGCATCH_SIZE; 565 cpi_pid = data.GetU32(&offset); 566 offset += NETBSD::NT_PROCINFO_CPI_PPID_SIZE; 567 offset += NETBSD::NT_PROCINFO_CPI_PGRP_SIZE; 568 offset += NETBSD::NT_PROCINFO_CPI_SID_SIZE; 569 offset += NETBSD::NT_PROCINFO_CPI_RUID_SIZE; 570 offset += NETBSD::NT_PROCINFO_CPI_EUID_SIZE; 571 offset += NETBSD::NT_PROCINFO_CPI_SVUID_SIZE; 572 offset += NETBSD::NT_PROCINFO_CPI_RGID_SIZE; 573 offset += NETBSD::NT_PROCINFO_CPI_EGID_SIZE; 574 offset += NETBSD::NT_PROCINFO_CPI_SVGID_SIZE; 575 cpi_nlwps = data.GetU32(&offset); /* number of LWPs */ 576 577 offset += NETBSD::NT_PROCINFO_CPI_NAME_SIZE; 578 cpi_siglwp = data.GetU32(&offset); /* LWP target of killing signal */ 579 580 return llvm::Error::success(); 581 } 582 583 static void ParseOpenBSDProcInfo(ThreadData &thread_data, 584 const DataExtractor &data) { 585 lldb::offset_t offset = 0; 586 587 int version = data.GetU32(&offset); 588 if (version != 1) 589 return; 590 591 offset += 4; 592 thread_data.siginfo.si_signo = data.GetU32(&offset); 593 } 594 595 llvm::Expected<std::vector<CoreNote>> 596 ProcessElfCore::parseSegment(const DataExtractor &segment) { 597 lldb::offset_t offset = 0; 598 std::vector<CoreNote> result; 599 600 while (offset < segment.GetByteSize()) { 601 ELFNote note = ELFNote(); 602 if (!note.Parse(segment, &offset)) 603 return llvm::make_error<llvm::StringError>( 604 "Unable to parse note segment", llvm::inconvertibleErrorCode()); 605 606 size_t note_start = offset; 607 size_t note_size = llvm::alignTo(note.n_descsz, 4); 608 609 result.push_back({note, DataExtractor(segment, note_start, note_size)}); 610 offset += note_size; 611 } 612 613 return std::move(result); 614 } 615 616 llvm::Error ProcessElfCore::parseFreeBSDNotes(llvm::ArrayRef<CoreNote> notes) { 617 ArchSpec arch = GetArchitecture(); 618 bool lp64 = (arch.GetMachine() == llvm::Triple::aarch64 || 619 arch.GetMachine() == llvm::Triple::mips64 || 620 arch.GetMachine() == llvm::Triple::ppc64 || 621 arch.GetMachine() == llvm::Triple::x86_64); 622 bool have_prstatus = false; 623 bool have_prpsinfo = false; 624 ThreadData thread_data; 625 for (const auto ¬e : notes) { 626 if (note.info.n_name != "FreeBSD") 627 continue; 628 629 if ((note.info.n_type == ELF::NT_PRSTATUS && have_prstatus) || 630 (note.info.n_type == ELF::NT_PRPSINFO && have_prpsinfo)) { 631 assert(thread_data.gpregset.GetByteSize() > 0); 632 // Add the new thread to thread list 633 m_thread_data.push_back(thread_data); 634 thread_data = ThreadData(); 635 have_prstatus = false; 636 have_prpsinfo = false; 637 } 638 639 switch (note.info.n_type) { 640 case ELF::NT_PRSTATUS: 641 have_prstatus = true; 642 ParseFreeBSDPrStatus(thread_data, note.data, lp64); 643 break; 644 case ELF::NT_PRPSINFO: 645 have_prpsinfo = true; 646 ParseFreeBSDPrPsInfo(*this, note.data, lp64); 647 break; 648 case ELF::NT_FREEBSD_THRMISC: { 649 lldb::offset_t offset = 0; 650 thread_data.name = note.data.GetCStr(&offset, 20); 651 break; 652 } 653 case ELF::NT_FREEBSD_PROCSTAT_AUXV: 654 // FIXME: FreeBSD sticks an int at the beginning of the note 655 m_auxv = DataExtractor(note.data, 4, note.data.GetByteSize() - 4); 656 break; 657 default: 658 thread_data.notes.push_back(note); 659 break; 660 } 661 } 662 if (!have_prstatus) { 663 return llvm::make_error<llvm::StringError>( 664 "Could not find NT_PRSTATUS note in core file.", 665 llvm::inconvertibleErrorCode()); 666 } 667 m_thread_data.push_back(thread_data); 668 return llvm::Error::success(); 669 } 670 671 /// NetBSD specific Thread context from PT_NOTE segment 672 /// 673 /// NetBSD ELF core files use notes to provide information about 674 /// the process's state. The note name is "NetBSD-CORE" for 675 /// information that is global to the process, and "NetBSD-CORE@nn", 676 /// where "nn" is the lwpid of the LWP that the information belongs 677 /// to (such as register state). 678 /// 679 /// NetBSD uses the following note identifiers: 680 /// 681 /// ELF_NOTE_NETBSD_CORE_PROCINFO (value 1) 682 /// Note is a "netbsd_elfcore_procinfo" structure. 683 /// ELF_NOTE_NETBSD_CORE_AUXV (value 2; since NetBSD 8.0) 684 /// Note is an array of AuxInfo structures. 685 /// 686 /// NetBSD also uses ptrace(2) request numbers (the ones that exist in 687 /// machine-dependent space) to identify register info notes. The 688 /// info in such notes is in the same format that ptrace(2) would 689 /// export that information. 690 /// 691 /// For more information see /usr/include/sys/exec_elf.h 692 /// 693 llvm::Error ProcessElfCore::parseNetBSDNotes(llvm::ArrayRef<CoreNote> notes) { 694 ThreadData thread_data; 695 bool had_nt_regs = false; 696 697 // To be extracted from struct netbsd_elfcore_procinfo 698 // Used to sanity check of the LWPs of the process 699 uint32_t nlwps = 0; 700 uint32_t signo = 0; // killing signal 701 uint32_t siglwp = 0; // LWP target of killing signal 702 uint32_t pr_pid = 0; 703 704 for (const auto ¬e : notes) { 705 llvm::StringRef name = note.info.n_name; 706 707 if (name == "NetBSD-CORE") { 708 if (note.info.n_type == NETBSD::NT_PROCINFO) { 709 llvm::Error error = ParseNetBSDProcInfo(note.data, nlwps, signo, 710 siglwp, pr_pid); 711 if (error) 712 return error; 713 SetID(pr_pid); 714 } else if (note.info.n_type == NETBSD::NT_AUXV) { 715 m_auxv = note.data; 716 } 717 } else if (name.consume_front("NetBSD-CORE@")) { 718 lldb::tid_t tid; 719 if (name.getAsInteger(10, tid)) 720 return llvm::make_error<llvm::StringError>( 721 "Error parsing NetBSD core(5) notes: Cannot convert LWP ID " 722 "to integer", 723 llvm::inconvertibleErrorCode()); 724 725 switch (GetArchitecture().GetMachine()) { 726 case llvm::Triple::aarch64: { 727 // Assume order PT_GETREGS, PT_GETFPREGS 728 if (note.info.n_type == NETBSD::AARCH64::NT_REGS) { 729 // If this is the next thread, push the previous one first. 730 if (had_nt_regs) { 731 m_thread_data.push_back(thread_data); 732 thread_data = ThreadData(); 733 had_nt_regs = false; 734 } 735 736 thread_data.gpregset = note.data; 737 thread_data.tid = tid; 738 if (thread_data.gpregset.GetByteSize() == 0) 739 return llvm::make_error<llvm::StringError>( 740 "Could not find general purpose registers note in core file.", 741 llvm::inconvertibleErrorCode()); 742 had_nt_regs = true; 743 } else if (note.info.n_type == NETBSD::AARCH64::NT_FPREGS) { 744 if (!had_nt_regs || tid != thread_data.tid) 745 return llvm::make_error<llvm::StringError>( 746 "Error parsing NetBSD core(5) notes: Unexpected order " 747 "of NOTEs PT_GETFPREG before PT_GETREG", 748 llvm::inconvertibleErrorCode()); 749 thread_data.notes.push_back(note); 750 } 751 } break; 752 case llvm::Triple::x86: { 753 // Assume order PT_GETREGS, PT_GETFPREGS 754 if (note.info.n_type == NETBSD::I386::NT_REGS) { 755 // If this is the next thread, push the previous one first. 756 if (had_nt_regs) { 757 m_thread_data.push_back(thread_data); 758 thread_data = ThreadData(); 759 had_nt_regs = false; 760 } 761 762 thread_data.gpregset = note.data; 763 thread_data.tid = tid; 764 if (thread_data.gpregset.GetByteSize() == 0) 765 return llvm::make_error<llvm::StringError>( 766 "Could not find general purpose registers note in core file.", 767 llvm::inconvertibleErrorCode()); 768 had_nt_regs = true; 769 } else if (note.info.n_type == NETBSD::I386::NT_FPREGS) { 770 if (!had_nt_regs || tid != thread_data.tid) 771 return llvm::make_error<llvm::StringError>( 772 "Error parsing NetBSD core(5) notes: Unexpected order " 773 "of NOTEs PT_GETFPREG before PT_GETREG", 774 llvm::inconvertibleErrorCode()); 775 thread_data.notes.push_back(note); 776 } 777 } break; 778 case llvm::Triple::x86_64: { 779 // Assume order PT_GETREGS, PT_GETFPREGS 780 if (note.info.n_type == NETBSD::AMD64::NT_REGS) { 781 // If this is the next thread, push the previous one first. 782 if (had_nt_regs) { 783 m_thread_data.push_back(thread_data); 784 thread_data = ThreadData(); 785 had_nt_regs = false; 786 } 787 788 thread_data.gpregset = note.data; 789 thread_data.tid = tid; 790 if (thread_data.gpregset.GetByteSize() == 0) 791 return llvm::make_error<llvm::StringError>( 792 "Could not find general purpose registers note in core file.", 793 llvm::inconvertibleErrorCode()); 794 had_nt_regs = true; 795 } else if (note.info.n_type == NETBSD::AMD64::NT_FPREGS) { 796 if (!had_nt_regs || tid != thread_data.tid) 797 return llvm::make_error<llvm::StringError>( 798 "Error parsing NetBSD core(5) notes: Unexpected order " 799 "of NOTEs PT_GETFPREG before PT_GETREG", 800 llvm::inconvertibleErrorCode()); 801 thread_data.notes.push_back(note); 802 } 803 } break; 804 default: 805 break; 806 } 807 } 808 } 809 810 // Push the last thread. 811 if (had_nt_regs) 812 m_thread_data.push_back(thread_data); 813 814 if (m_thread_data.empty()) 815 return llvm::make_error<llvm::StringError>( 816 "Error parsing NetBSD core(5) notes: No threads information " 817 "specified in notes", 818 llvm::inconvertibleErrorCode()); 819 820 if (m_thread_data.size() != nlwps) 821 return llvm::make_error<llvm::StringError>( 822 "Error parsing NetBSD core(5) notes: Mismatch between the number " 823 "of LWPs in netbsd_elfcore_procinfo and the number of LWPs specified " 824 "by MD notes", 825 llvm::inconvertibleErrorCode()); 826 827 // Signal targeted at the whole process. 828 if (siglwp == 0) { 829 for (auto &data : m_thread_data) 830 data.siginfo.si_signo = signo; 831 } 832 // Signal destined for a particular LWP. 833 else { 834 bool passed = false; 835 836 for (auto &data : m_thread_data) { 837 if (data.tid == siglwp) { 838 data.siginfo.si_signo = signo; 839 passed = true; 840 break; 841 } 842 } 843 844 if (!passed) 845 return llvm::make_error<llvm::StringError>( 846 "Error parsing NetBSD core(5) notes: Signal passed to unknown LWP", 847 llvm::inconvertibleErrorCode()); 848 } 849 850 return llvm::Error::success(); 851 } 852 853 llvm::Error ProcessElfCore::parseOpenBSDNotes(llvm::ArrayRef<CoreNote> notes) { 854 ThreadData thread_data = {}; 855 for (const auto ¬e : notes) { 856 // OpenBSD per-thread information is stored in notes named "OpenBSD@nnn" so 857 // match on the initial part of the string. 858 if (!llvm::StringRef(note.info.n_name).starts_with("OpenBSD")) 859 continue; 860 861 switch (note.info.n_type) { 862 case OPENBSD::NT_PROCINFO: 863 ParseOpenBSDProcInfo(thread_data, note.data); 864 break; 865 case OPENBSD::NT_AUXV: 866 m_auxv = note.data; 867 break; 868 case OPENBSD::NT_REGS: 869 thread_data.gpregset = note.data; 870 break; 871 default: 872 thread_data.notes.push_back(note); 873 break; 874 } 875 } 876 if (thread_data.gpregset.GetByteSize() == 0) { 877 return llvm::make_error<llvm::StringError>( 878 "Could not find general purpose registers note in core file.", 879 llvm::inconvertibleErrorCode()); 880 } 881 m_thread_data.push_back(thread_data); 882 return llvm::Error::success(); 883 } 884 885 /// A description of a linux process usually contains the following NOTE 886 /// entries: 887 /// - NT_PRPSINFO - General process information like pid, uid, name, ... 888 /// - NT_SIGINFO - Information about the signal that terminated the process 889 /// - NT_AUXV - Process auxiliary vector 890 /// - NT_FILE - Files mapped into memory 891 /// 892 /// Additionally, for each thread in the process the core file will contain at 893 /// least the NT_PRSTATUS note, containing the thread id and general purpose 894 /// registers. It may include additional notes for other register sets (floating 895 /// point and vector registers, ...). The tricky part here is that some of these 896 /// notes have "CORE" in their owner fields, while other set it to "LINUX". 897 llvm::Error ProcessElfCore::parseLinuxNotes(llvm::ArrayRef<CoreNote> notes) { 898 const ArchSpec &arch = GetArchitecture(); 899 bool have_prstatus = false; 900 bool have_prpsinfo = false; 901 ThreadData thread_data; 902 for (const auto ¬e : notes) { 903 if (note.info.n_name != "CORE" && note.info.n_name != "LINUX") 904 continue; 905 906 if ((note.info.n_type == ELF::NT_PRSTATUS && have_prstatus) || 907 (note.info.n_type == ELF::NT_PRPSINFO && have_prpsinfo)) { 908 assert(thread_data.gpregset.GetByteSize() > 0); 909 // Add the new thread to thread list 910 m_thread_data.push_back(thread_data); 911 thread_data = ThreadData(); 912 have_prstatus = false; 913 have_prpsinfo = false; 914 } 915 916 switch (note.info.n_type) { 917 case ELF::NT_PRSTATUS: { 918 have_prstatus = true; 919 ELFLinuxPrStatus prstatus; 920 Status status = prstatus.Parse(note.data, arch); 921 if (status.Fail()) 922 return status.ToError(); 923 thread_data.prstatus_sig = prstatus.pr_cursig; 924 thread_data.tid = prstatus.pr_pid; 925 uint32_t header_size = ELFLinuxPrStatus::GetSize(arch); 926 size_t len = note.data.GetByteSize() - header_size; 927 thread_data.gpregset = DataExtractor(note.data, header_size, len); 928 break; 929 } 930 case ELF::NT_PRPSINFO: { 931 have_prpsinfo = true; 932 ELFLinuxPrPsInfo prpsinfo; 933 Status status = prpsinfo.Parse(note.data, arch); 934 if (status.Fail()) 935 return status.ToError(); 936 thread_data.name.assign (prpsinfo.pr_fname, strnlen (prpsinfo.pr_fname, sizeof (prpsinfo.pr_fname))); 937 SetID(prpsinfo.pr_pid); 938 break; 939 } 940 case ELF::NT_SIGINFO: { 941 const lldb_private::UnixSignals &unix_signals = *GetUnixSignals(); 942 ELFLinuxSigInfo siginfo; 943 Status status = siginfo.Parse(note.data, arch, unix_signals); 944 if (status.Fail()) 945 return status.ToError(); 946 thread_data.siginfo = siginfo; 947 break; 948 } 949 case ELF::NT_FILE: { 950 m_nt_file_entries.clear(); 951 lldb::offset_t offset = 0; 952 const uint64_t count = note.data.GetAddress(&offset); 953 note.data.GetAddress(&offset); // Skip page size 954 for (uint64_t i = 0; i < count; ++i) { 955 NT_FILE_Entry entry; 956 entry.start = note.data.GetAddress(&offset); 957 entry.end = note.data.GetAddress(&offset); 958 entry.file_ofs = note.data.GetAddress(&offset); 959 m_nt_file_entries.push_back(entry); 960 } 961 for (uint64_t i = 0; i < count; ++i) { 962 const char *path = note.data.GetCStr(&offset); 963 if (path && path[0]) 964 m_nt_file_entries[i].path.assign(path); 965 } 966 break; 967 } 968 case ELF::NT_AUXV: 969 m_auxv = note.data; 970 break; 971 default: 972 thread_data.notes.push_back(note); 973 break; 974 } 975 } 976 // Add last entry in the note section 977 if (have_prstatus) 978 m_thread_data.push_back(thread_data); 979 return llvm::Error::success(); 980 } 981 982 /// Parse Thread context from PT_NOTE segment and store it in the thread list 983 /// A note segment consists of one or more NOTE entries, but their types and 984 /// meaning differ depending on the OS. 985 llvm::Error ProcessElfCore::ParseThreadContextsFromNoteSegment( 986 const elf::ELFProgramHeader &segment_header, 987 const DataExtractor &segment_data) { 988 assert(segment_header.p_type == llvm::ELF::PT_NOTE); 989 990 auto notes_or_error = parseSegment(segment_data); 991 if(!notes_or_error) 992 return notes_or_error.takeError(); 993 switch (GetArchitecture().GetTriple().getOS()) { 994 case llvm::Triple::FreeBSD: 995 return parseFreeBSDNotes(*notes_or_error); 996 case llvm::Triple::Linux: 997 return parseLinuxNotes(*notes_or_error); 998 case llvm::Triple::NetBSD: 999 return parseNetBSDNotes(*notes_or_error); 1000 case llvm::Triple::OpenBSD: 1001 return parseOpenBSDNotes(*notes_or_error); 1002 default: 1003 return llvm::make_error<llvm::StringError>( 1004 "Don't know how to parse core file. Unsupported OS.", 1005 llvm::inconvertibleErrorCode()); 1006 } 1007 } 1008 1009 UUID ProcessElfCore::FindBuidIdInCoreMemory(lldb::addr_t address) { 1010 UUID invalid_uuid; 1011 const uint32_t addr_size = GetAddressByteSize(); 1012 const size_t elf_header_size = addr_size == 4 ? sizeof(llvm::ELF::Elf32_Ehdr) 1013 : sizeof(llvm::ELF::Elf64_Ehdr); 1014 1015 std::vector<uint8_t> elf_header_bytes; 1016 elf_header_bytes.resize(elf_header_size); 1017 Status error; 1018 size_t byte_read = 1019 ReadMemory(address, elf_header_bytes.data(), elf_header_size, error); 1020 if (byte_read != elf_header_size || 1021 !elf::ELFHeader::MagicBytesMatch(elf_header_bytes.data())) 1022 return invalid_uuid; 1023 DataExtractor elf_header_data(elf_header_bytes.data(), elf_header_size, 1024 GetByteOrder(), addr_size); 1025 lldb::offset_t offset = 0; 1026 1027 elf::ELFHeader elf_header; 1028 elf_header.Parse(elf_header_data, &offset); 1029 1030 const lldb::addr_t ph_addr = address + elf_header.e_phoff; 1031 1032 std::vector<uint8_t> ph_bytes; 1033 ph_bytes.resize(elf_header.e_phentsize); 1034 lldb::addr_t base_addr = 0; 1035 bool found_first_load_segment = false; 1036 for (unsigned int i = 0; i < elf_header.e_phnum; ++i) { 1037 byte_read = ReadMemory(ph_addr + i * elf_header.e_phentsize, 1038 ph_bytes.data(), elf_header.e_phentsize, error); 1039 if (byte_read != elf_header.e_phentsize) 1040 break; 1041 DataExtractor program_header_data(ph_bytes.data(), elf_header.e_phentsize, 1042 GetByteOrder(), addr_size); 1043 offset = 0; 1044 elf::ELFProgramHeader program_header; 1045 program_header.Parse(program_header_data, &offset); 1046 if (program_header.p_type == llvm::ELF::PT_LOAD && 1047 !found_first_load_segment) { 1048 base_addr = program_header.p_vaddr; 1049 found_first_load_segment = true; 1050 } 1051 if (program_header.p_type != llvm::ELF::PT_NOTE) 1052 continue; 1053 1054 std::vector<uint8_t> note_bytes; 1055 note_bytes.resize(program_header.p_memsz); 1056 1057 // We need to slide the address of the p_vaddr as these values don't get 1058 // relocated in memory. 1059 const lldb::addr_t vaddr = program_header.p_vaddr + address - base_addr; 1060 byte_read = 1061 ReadMemory(vaddr, note_bytes.data(), program_header.p_memsz, error); 1062 if (byte_read != program_header.p_memsz) 1063 continue; 1064 DataExtractor segment_data(note_bytes.data(), note_bytes.size(), 1065 GetByteOrder(), addr_size); 1066 auto notes_or_error = parseSegment(segment_data); 1067 if (!notes_or_error) { 1068 llvm::consumeError(notes_or_error.takeError()); 1069 return invalid_uuid; 1070 } 1071 for (const CoreNote ¬e : *notes_or_error) { 1072 if (note.info.n_namesz == 4 && 1073 note.info.n_type == llvm::ELF::NT_GNU_BUILD_ID && 1074 "GNU" == note.info.n_name && 1075 note.data.ValidOffsetForDataOfSize(0, note.info.n_descsz)) 1076 return UUID(note.data.GetData().take_front(note.info.n_descsz)); 1077 } 1078 } 1079 return invalid_uuid; 1080 } 1081 1082 uint32_t ProcessElfCore::GetNumThreadContexts() { 1083 if (!m_thread_data_valid) 1084 DoLoadCore(); 1085 return m_thread_data.size(); 1086 } 1087 1088 ArchSpec ProcessElfCore::GetArchitecture() { 1089 ArchSpec arch = m_core_module_sp->GetObjectFile()->GetArchitecture(); 1090 1091 ArchSpec target_arch = GetTarget().GetArchitecture(); 1092 arch.MergeFrom(target_arch); 1093 1094 // On MIPS there is no way to differentiate betwenn 32bit and 64bit core 1095 // files and this information can't be merged in from the target arch so we 1096 // fail back to unconditionally returning the target arch in this config. 1097 if (target_arch.IsMIPS()) { 1098 return target_arch; 1099 } 1100 1101 return arch; 1102 } 1103 1104 DataExtractor ProcessElfCore::GetAuxvData() { 1105 assert(m_auxv.GetByteSize() == 0 || 1106 (m_auxv.GetByteOrder() == GetByteOrder() && 1107 m_auxv.GetAddressByteSize() == GetAddressByteSize())); 1108 return DataExtractor(m_auxv); 1109 } 1110 1111 bool ProcessElfCore::GetProcessInfo(ProcessInstanceInfo &info) { 1112 info.Clear(); 1113 info.SetProcessID(GetID()); 1114 info.SetArchitecture(GetArchitecture()); 1115 lldb::ModuleSP module_sp = GetTarget().GetExecutableModule(); 1116 if (module_sp) { 1117 const bool add_exe_file_as_first_arg = false; 1118 info.SetExecutableFile(GetTarget().GetExecutableModule()->GetFileSpec(), 1119 add_exe_file_as_first_arg); 1120 } 1121 return true; 1122 } 1123