1
/*
2
 * Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 *
23
 */
24

25
#include <stdio.h>
26
#include <stdlib.h>
27
#include <string.h>
28
#include <signal.h>
29
#include <errno.h>
30
#include <elf.h>
31
#include <dirent.h>
32
#include <ctype.h>
33
#include <sys/types.h>
34
#include <sys/wait.h>
35
#include <sys/ptrace.h>
36
#include <sys/uio.h>
37
#include "libproc_impl.h"
38

39
#if defined(x86_64) && !defined(amd64)
40
#define amd64 1
41
#endif
42

43
#ifndef __WALL
44
#define __WALL          0x40000000  // Copied from /usr/include/linux/wait.h
45
#endif
46

47
// This file has the libproc implementation specific to live process
48
// For core files, refer to ps_core.c
49

50
typedef enum {
51
  ATTACH_SUCCESS,
52
  ATTACH_FAIL,
53
  ATTACH_THREAD_DEAD
54
} attach_state_t;
55

56
static inline uintptr_t align(uintptr_t ptr, size_t size) {
57
  return (ptr & ~(size - 1));
58
}
59

60
// ---------------------------------------------
61
// ptrace functions
62
// ---------------------------------------------
63

64
// read "size" bytes of data from "addr" within the target process.
65
// unlike the standard ptrace() function, process_read_data() can handle
66
// unaligned address - alignment check, if required, should be done
67
// before calling process_read_data.
68

69
static bool process_read_data(struct ps_prochandle* ph, uintptr_t addr, char *buf, size_t size) {
70
  long rslt;
71
  size_t i, words;
72
  uintptr_t end_addr = addr + size;
73
  uintptr_t aligned_addr = align(addr, sizeof(long));
74

75
  if (aligned_addr != addr) {
76
    char *ptr = (char *)&rslt;
77
    errno = 0;
78
    rslt = ptrace(PTRACE_PEEKDATA, ph->pid, aligned_addr, 0);
79
    if (errno) {
80
      print_debug("ptrace(PTRACE_PEEKDATA, ..) failed for %d bytes @ %lx\n", size, addr);
81
      return false;
82
    }
83
    for (; aligned_addr != addr; aligned_addr++, ptr++);
84
    for (; ((intptr_t)aligned_addr % sizeof(long)) && aligned_addr < end_addr;
85
        aligned_addr++)
86
       *(buf++) = *(ptr++);
87
  }
88

89
  words = (end_addr - aligned_addr) / sizeof(long);
90

91
  // assert((intptr_t)aligned_addr % sizeof(long) == 0);
92
  for (i = 0; i < words; i++) {
93
    errno = 0;
94
    rslt = ptrace(PTRACE_PEEKDATA, ph->pid, aligned_addr, 0);
95
    if (errno) {
96
      print_debug("ptrace(PTRACE_PEEKDATA, ..) failed for %d bytes @ %lx\n", size, addr);
97
      return false;
98
    }
99
    *(long *)buf = rslt;
100
    buf += sizeof(long);
101
    aligned_addr += sizeof(long);
102
  }
103

104
  if (aligned_addr != end_addr) {
105
    char *ptr = (char *)&rslt;
106
    errno = 0;
107
    rslt = ptrace(PTRACE_PEEKDATA, ph->pid, aligned_addr, 0);
108
    if (errno) {
109
      print_debug("ptrace(PTRACE_PEEKDATA, ..) failed for %d bytes @ %lx\n", size, addr);
110
      return false;
111
    }
112
    for (; aligned_addr != end_addr; aligned_addr++)
113
       *(buf++) = *(ptr++);
114
  }
115
  return true;
116
}
117

118
// null implementation for write
119
static bool process_write_data(struct ps_prochandle* ph,
120
                             uintptr_t addr, const char *buf , size_t size) {
121
  return false;
122
}
123

124
// "user" should be a pointer to a user_regs_struct
125
static bool process_get_lwp_regs(struct ps_prochandle* ph, pid_t pid, struct user_regs_struct *user) {
126
  // we have already attached to all thread 'pid's, just use ptrace call
127
  // to get regset now. Note that we don't cache regset upfront for processes.
128
// Linux on x86 and sparc are different.  On x86 ptrace(PTRACE_GETREGS, ...)
129
// uses pointer from 4th argument and ignores 3rd argument.  On sparc it uses
130
// pointer from 3rd argument and ignores 4th argument
131
#define ptrace_getregs(request, pid, addr, data) ptrace(request, pid, data, addr)
132

133
#if defined(_LP64) && defined(PTRACE_GETREGS64)
134
#define PTRACE_GETREGS_REQ PTRACE_GETREGS64
135
#elif defined(PTRACE_GETREGS)
136
#define PTRACE_GETREGS_REQ PTRACE_GETREGS
137
#elif defined(PT_GETREGS)
138
#define PTRACE_GETREGS_REQ PT_GETREGS
139
#endif
140

141
#ifdef PTRACE_GETREGS_REQ
142
 if (ptrace_getregs(PTRACE_GETREGS_REQ, pid, user, NULL) < 0) {
143
   print_debug("ptrace(PTRACE_GETREGS, ...) failed for lwp(%d) errno(%d) \"%s\"\n", pid,
144
               errno, strerror(errno));
145
   return false;
146
 }
147
 return true;
148
#elif defined(PTRACE_GETREGSET)
149
 struct iovec iov;
150
 iov.iov_base = user;
151
 iov.iov_len = sizeof(*user);
152
 if (ptrace(PTRACE_GETREGSET, pid, NT_PRSTATUS, (void*) &iov) < 0) {
153
   print_debug("ptrace(PTRACE_GETREGSET, ...) failed for lwp %d\n", pid);
154
   return false;
155
 }
156
 return true;
157
#else
158
 print_debug("ptrace(PTRACE_GETREGS, ...) not supported\n");
159
 return false;
160
#endif
161

162
}
163

164
static bool ptrace_continue(pid_t pid, int signal) {
165
  // pass the signal to the process so we don't swallow it
166
  if (ptrace(PTRACE_CONT, pid, NULL, signal) < 0) {
167
    print_debug("ptrace(PTRACE_CONT, ..) failed for %d\n", pid);
168
    return false;
169
  }
170
  return true;
171
}
172

173
// waits until the ATTACH has stopped the process
174
// by signal SIGSTOP
175
static attach_state_t ptrace_waitpid(pid_t pid) {
176
  int ret;
177
  int status;
178
  errno = 0;
179
  while (true) {
180
    // Wait for debuggee to stop.
181
    ret = waitpid(pid, &status, 0);
182
    if (ret == -1 && errno == ECHILD) {
183
      // try cloned process.
184
      ret = waitpid(pid, &status, __WALL);
185
    }
186
    if (ret >= 0) {
187
      if (WIFSTOPPED(status)) {
188
        // Any signal will stop the thread, make sure it is SIGSTOP. Otherwise SIGSTOP
189
        // will still be pending and delivered when the process is DETACHED and the process
190
        // will go to sleep.
191
        if (WSTOPSIG(status) == SIGSTOP) {
192
          // Debuggee stopped by SIGSTOP.
193
          return ATTACH_SUCCESS;
194
        }
195
        if (!ptrace_continue(pid, WSTOPSIG(status))) {
196
          print_error("Failed to correctly attach to VM. VM might HANG! [PTRACE_CONT failed, stopped by %d]\n", WSTOPSIG(status));
197
          return ATTACH_FAIL;
198
        }
199
      } else {
200
        print_debug("waitpid(): Child process %d exited/terminated (status = 0x%x)\n", pid, status);
201
        return ATTACH_THREAD_DEAD;
202
      }
203
    } else {
204
      switch (errno) {
205
        case EINTR:
206
          continue;
207
          break;
208
        case ECHILD:
209
          print_debug("waitpid() failed. Child process pid (%d) does not exist \n", pid);
210
          return ATTACH_THREAD_DEAD;
211
        case EINVAL:
212
          print_error("waitpid() failed. Invalid options argument.\n");
213
          return ATTACH_FAIL;
214
        default:
215
          print_error("waitpid() failed. Unexpected error %d\n", errno);
216
          return ATTACH_FAIL;
217
      }
218
    } // else
219
  } // while
220
}
221

222
// checks the state of the thread/process specified by "pid", by reading
223
// in the 'State:' value from the /proc/<pid>/status file. From the proc
224
// man page, "Current state of the process. One of "R (running)",
225
// "S (sleeping)", "D (disk sleep)", "T (stopped)", "T (tracing stop)",
226
// "Z (zombie)", or "X (dead)"." Assumes that the thread is dead if we
227
// don't find the status file or if the status is 'X' or 'Z'.
228
static bool process_doesnt_exist(pid_t pid) {
229
  char fname[32];
230
  char buf[30];
231
  FILE *fp = NULL;
232
  const char state_string[] = "State:";
233

234
  sprintf(fname, "/proc/%d/status", pid);
235
  fp = fopen(fname, "r");
236
  if (fp == NULL) {
237
    print_debug("can't open /proc/%d/status file\n", pid);
238
    // Assume the thread does not exist anymore.
239
    return true;
240
  }
241
  bool found_state = false;
242
  size_t state_len = strlen(state_string);
243
  while (fgets(buf, sizeof(buf), fp) != NULL) {
244
    char *state = NULL;
245
    if (strncmp (buf, state_string, state_len) == 0) {
246
      found_state = true;
247
      state = buf + state_len;
248
      // Skip the spaces
249
      while (isspace(*state)) {
250
        state++;
251
      }
252
      // A state value of 'X' indicates that the thread is dead. 'Z'
253
      // indicates that the thread is a zombie.
254
      if (*state == 'X' || *state == 'Z') {
255
        fclose (fp);
256
        return true;
257
      }
258
      break;
259
    }
260
  }
261
  // If the state value is not 'X' or 'Z', the thread exists.
262
  if (!found_state) {
263
    // We haven't found the line beginning with 'State:'.
264
    // Assuming the thread exists.
265
    print_error("Could not find the 'State:' string in the /proc/%d/status file\n", pid);
266
  }
267
  fclose (fp);
268
  return false;
269
}
270

271
// attach to a process/thread specified by "pid"
272
static attach_state_t ptrace_attach(pid_t pid, char* err_buf, size_t err_buf_len) {
273
  errno = 0;
274
  if (ptrace(PTRACE_ATTACH, pid, NULL, NULL) < 0) {
275
    if (errno == EPERM || errno == ESRCH) {
276
      // Check if the process/thread is exiting or is a zombie
277
      if (process_doesnt_exist(pid)) {
278
        print_debug("Thread with pid %d does not exist\n", pid);
279
        return ATTACH_THREAD_DEAD;
280
      }
281
    }
282

283
    // strerror_r() API function is not compatible in different implementations:
284
    // GNU-specific:  char *strerror_r(int errnum, char *buf, size_t buflen);
285
    // XSI-compliant: int   strerror_r(int errnum, char *buf, size_t buflen);
286
    char buf[200];
287
#if defined(__GLIBC__) && defined(_GNU_SOURCE)
288
    char* msg = strerror_r(errno, buf, sizeof(buf));
289
#else
290
    int rc = strerror_r(errno, buf, sizeof(buf));
291
    char* msg = (rc == 0) ? (char*)buf : "Unknown";
292
#endif
293
    snprintf(err_buf, err_buf_len, "ptrace(PTRACE_ATTACH, ..) failed for %d: %s", pid, msg);
294
    print_error("%s\n", err_buf);
295
    return ATTACH_FAIL;
296
  } else {
297
    attach_state_t wait_ret = ptrace_waitpid(pid);
298
    if (wait_ret == ATTACH_THREAD_DEAD) {
299
      print_debug("Thread with pid %d does not exist\n", pid);
300
    }
301
    return wait_ret;
302
  }
303
}
304

305
// -------------------------------------------------------
306
// functions for obtaining library information
307
// -------------------------------------------------------
308

309
/*
310
 * splits a string _str_ into substrings with delimiter _delim_ by replacing old * delimiters with _new_delim_ (ideally, '\0'). the address of each substring
311
 * is stored in array _ptrs_ as the return value. the maximum capacity of _ptrs_ * array is specified by parameter _n_.
312
 * RETURN VALUE: total number of substrings (always <= _n_)
313
 * NOTE: string _str_ is modified if _delim_!=_new_delim_
314
 */
315
static int split_n_str(char * str, int n, char ** ptrs, char delim, char new_delim)
316
{
317
   int i;
318
   for(i = 0; i < n; i++) ptrs[i] = NULL;
319
   if (str == NULL || n < 1 ) return 0;
320

321
   i = 0;
322

323
   // skipping leading blanks
324
   while(*str&&*str==delim) str++;
325

326
   while(*str&&i<n){
327
     ptrs[i++] = str;
328
     while(*str&&*str!=delim) str++;
329
     while(*str&&*str==delim) *(str++) = new_delim;
330
   }
331

332
   return i;
333
}
334

335
/*
336
 * fgets without storing '\n' at the end of the string
337
 */
338
static char * fgets_no_cr(char * buf, int n, FILE *fp)
339
{
340
   char * rslt = fgets(buf, n, fp);
341
   if (rslt && buf && *buf){
342
       char *p = strchr(buf, '\0');
343
       if (*--p=='\n') *p='\0';
344
   }
345
   return rslt;
346
}
347

348
static bool read_lib_info(struct ps_prochandle* ph) {
349
  char fname[32];
350
  char buf[PATH_MAX];
351
  FILE *fp = NULL;
352

353
  sprintf(fname, "/proc/%d/maps", ph->pid);
354
  fp = fopen(fname, "r");
355
  if (fp == NULL) {
356
    print_debug("can't open /proc/%d/maps file\n", ph->pid);
357
    return false;
358
  }
359

360
  while(fgets_no_cr(buf, PATH_MAX, fp)){
361
    char * word[7];
362
    int nwords = split_n_str(buf, 7, word, ' ', '\0');
363

364
    if (nwords < 6) {
365
      // not a shared library entry. ignore.
366
      continue;
367
    }
368

369
    // SA does not handle the lines with patterns:
370
    //   "[stack]", "[heap]", "[vdso]", "[vsyscall]", etc.
371
    if (word[5][0] == '[') {
372
        // not a shared library entry. ignore.
373
        continue;
374
    }
375

376
    if (nwords > 6) {
377
      // prelink altered mapfile when the program is running.
378
      // Entries like one below have to be skipped
379
      //  /lib64/libc-2.15.so (deleted)
380
      // SO name in entries like one below have to be stripped.
381
      //  /lib64/libpthread-2.15.so.#prelink#.EECVts
382
      char *s = strstr(word[5],".#prelink#");
383
      if (s == NULL) {
384
        // No prelink keyword. skip deleted library
385
        print_debug("skip shared object %s deleted by prelink\n", word[5]);
386
        continue;
387
      }
388

389
      // Fall through
390
      print_debug("rectifying shared object name %s changed by prelink\n", word[5]);
391
      *s = 0;
392
    }
393

394
    if (find_lib(ph, word[5]) == false) {
395
       intptr_t base;
396
       lib_info* lib;
397
#ifdef _LP64
398
       sscanf(word[0], "%lx", &base);
399
#else
400
       sscanf(word[0], "%x", &base);
401
#endif
402
       if ((lib = add_lib_info(ph, word[5], (uintptr_t)base)) == NULL)
403
          continue; // ignore, add_lib_info prints error
404

405
       // we don't need to keep the library open, symtab is already
406
       // built. Only for core dump we need to keep the fd open.
407
       close(lib->fd);
408
       lib->fd = -1;
409
    }
410
  }
411
  fclose(fp);
412
  return true;
413
}
414

415
// detach a given pid
416
static bool ptrace_detach(pid_t pid) {
417
  if (pid && ptrace(PTRACE_DETACH, pid, NULL, NULL) < 0) {
418
    print_debug("ptrace(PTRACE_DETACH, ..) failed for %d\n", pid);
419
    return false;
420
  } else {
421
    return true;
422
  }
423
}
424

425
// detach all pids of a ps_prochandle
426
static void detach_all_pids(struct ps_prochandle* ph) {
427
  thread_info* thr = ph->threads;
428
  while (thr) {
429
     ptrace_detach(thr->lwp_id);
430
     thr = thr->next;
431
  }
432
}
433

434
static void process_cleanup(struct ps_prochandle* ph) {
435
  detach_all_pids(ph);
436
}
437

438
static ps_prochandle_ops process_ops = {
439
  .release=  process_cleanup,
440
  .p_pread=  process_read_data,
441
  .p_pwrite= process_write_data,
442
  .get_lwp_regs= process_get_lwp_regs
443
};
444

445
// attach to the process. One and only one exposed stuff
446
JNIEXPORT struct ps_prochandle* JNICALL
447
Pgrab(pid_t pid, char* err_buf, size_t err_buf_len) {
448
  struct ps_prochandle* ph = NULL;
449
  thread_info* thr = NULL;
450
  attach_state_t attach_status = ATTACH_SUCCESS;
451

452
  if ( (ph = (struct ps_prochandle*) calloc(1, sizeof(struct ps_prochandle))) == NULL) {
453
    snprintf(err_buf, err_buf_len, "can't allocate memory for ps_prochandle");
454
    print_debug("%s\n", err_buf);
455
    return NULL;
456
  }
457

458
  if ((attach_status = ptrace_attach(pid, err_buf, err_buf_len)) != ATTACH_SUCCESS) {
459
    if (attach_status == ATTACH_THREAD_DEAD) {
460
       print_error("The process with pid %d does not exist.\n", pid);
461
    }
462
    free(ph);
463
    return NULL;
464
  }
465

466
  // initialize ps_prochandle
467
  ph->pid = pid;
468
  add_thread_info(ph, ph->pid);
469

470
  // initialize vtable
471
  ph->ops = &process_ops;
472

473
  // read library info and symbol tables, must do this before attaching threads,
474
  // as the symbols in the pthread library will be used to figure out
475
  // the list of threads within the same process.
476
  read_lib_info(ph);
477

478
  /*
479
   * Read thread info.
480
   * SA scans all tasks in /proc/<PID>/task to read all threads info.
481
   */
482
  char taskpath[PATH_MAX];
483
  DIR *dirp;
484
  struct dirent *entry;
485

486
  snprintf(taskpath, PATH_MAX, "/proc/%d/task", ph->pid);
487
  dirp = opendir(taskpath);
488
  int lwp_id;
489
  while ((entry = readdir(dirp)) != NULL) {
490
    if (*entry->d_name == '.') {
491
      continue;
492
    }
493
    lwp_id = atoi(entry->d_name);
494
    if (lwp_id == ph->pid) {
495
      continue;
496
    }
497
    if (!process_doesnt_exist(lwp_id)) {
498
      add_thread_info(ph, lwp_id);
499
    }
500
  }
501
  closedir(dirp);
502

503
  // attach to the threads
504
  thr = ph->threads;
505

506
  while (thr) {
507
    thread_info* current_thr = thr;
508
    thr = thr->next;
509
    // don't attach to the main thread again
510
    if (ph->pid != current_thr->lwp_id) {
511
      if ((attach_status = ptrace_attach(current_thr->lwp_id, err_buf, err_buf_len)) != ATTACH_SUCCESS) {
512
        if (attach_status == ATTACH_THREAD_DEAD) {
513
          // Remove this thread from the threads list
514
          delete_thread_info(ph, current_thr);
515
        }
516
        else {
517
          Prelease(ph);
518
          return NULL;
519
        } // ATTACH_THREAD_DEAD
520
      } // !ATTACH_SUCCESS
521
    }
522
  }
523
  return ph;
524
}
525

526