ProcessElfCore.cpp source code [lldb/source/Plugins/Process/elf-core/ProcessElfCore.cpp]

1	//===-- ProcessElfCore.cpp ------------------------------------------------===//
2	//
3	// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4	// See https://llvm.org/LICENSE.txt for license information.
5	// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6	//
7	//===----------------------------------------------------------------------===//
8
9	#include <cstdlib>
10
11	#include <memory>
12	#include <mutex>
13
14	#include "lldb/Core/Module.h"
15	#include "lldb/Core/ModuleSpec.h"
16	#include "lldb/Core/PluginManager.h"
17	#include "lldb/Core/Section.h"
18	#include "lldb/Target/ABI.h"
19	#include "lldb/Target/DynamicLoader.h"
20	#include "lldb/Target/MemoryRegionInfo.h"
21	#include "lldb/Target/Target.h"
22	#include "lldb/Target/UnixSignals.h"
23	#include "lldb/Utility/DataBufferHeap.h"
24	#include "lldb/Utility/LLDBLog.h"
25	#include "lldb/Utility/Log.h"
26	#include "lldb/Utility/State.h"
27
28	#include "llvm/BinaryFormat/ELF.h"
29	#include "llvm/Support/Threading.h"
30
31	#include "Plugins/DynamicLoader/POSIX-DYLD/DynamicLoaderPOSIXDYLD.h"
32	#include "Plugins/ObjectFile/ELF/ObjectFileELF.h"
33	#include "Plugins/Process/elf-core/RegisterUtilities.h"
34	#include "ProcessElfCore.h"
35	#include "ThreadElfCore.h"
36
37	using namespace lldb_private;
38	namespace ELF = llvm::ELF;
39
40	LLDB_PLUGIN_DEFINE(ProcessElfCore)
41
42	llvm::StringRef ProcessElfCore::GetPluginDescriptionStatic() {
43	return "ELF core dump plug-in.";
44	}
45
46	void ProcessElfCore::Terminate() {
47	PluginManager::UnregisterPlugin(create_callback: ProcessElfCore::CreateInstance);
48	}
49
50	lldb::ProcessSP ProcessElfCore::CreateInstance(lldb::TargetSP target_sp,
51	lldb::ListenerSP listener_sp,
52	const FileSpec *crash_file,
53	bool can_connect) {
54	lldb::ProcessSP process_sp;
55	if (crash_file && !can_connect) {
56	// Read enough data for an ELF32 header or ELF64 header Note: Here we care
57	// about e_type field only, so it is safe to ignore possible presence of
58	// the header extension.
59	const size_t header_size = sizeof(llvm::ELF::Elf64_Ehdr);
60
61	auto data_sp = FileSystem::Instance().CreateDataBuffer(
62	path: crash_file->GetPath(), size: header_size, offset: `0`);
63	if (data_sp && data_sp ->GetByteSize() == header_size &&
64	elf::ELFHeader::MagicBytesMatch(magic: data_sp ->GetBytes())) {
65	elf::ELFHeader elf_header;
66	DataExtractor data(data_sp, lldb::eByteOrderLittle, `4`);
67	lldb::offset_t data_offset = `0`;
68	if (elf_header.Parse(data, offset: &data_offset)) {
69	// Check whether we're dealing with a raw FreeBSD "full memory dump"
70	// ELF vmcore that needs to be handled via FreeBSDKernel plugin instead.
71	if (elf_header.e_ident[`7`] == `0xFF` && elf_header.e_version == `0`)
72	return process_sp;
73	if (elf_header.e_type == llvm::ELF::ET_CORE)
74	process_sp = std::make_shared<ProcessElfCore>(args&: target_sp, args&: listener_sp,
75	args: *crash_file);
76	}
77	}
78	}
79	return process_sp;
80	}
81
82	bool ProcessElfCore::CanDebug(lldb::TargetSP target_sp,
83	bool plugin_specified_by_name) {
84	// For now we are just making sure the file exists for a given module
85	if (!m_core_module_sp && FileSystem::Instance().Exists(file_spec: m_core_file)) {
86	ModuleSpec core_module_spec(m_core_file, target_sp ->GetArchitecture());
87	Status error(ModuleList::GetSharedModule(module_spec: core_module_spec, module_sp&: m_core_module_sp,
88	module_search_paths_ptr: nullptr, old_modules: nullptr, did_create_ptr: nullptr));
89	if (m_core_module_sp) {
90	ObjectFile *core_objfile = m_core_module_sp ->GetObjectFile();
91	if (core_objfile && core_objfile->GetType() == ObjectFile::eTypeCoreFile)
92	return true;
93	}
94	}
95	return false;
96	}
97
98	// ProcessElfCore constructor
99	ProcessElfCore::ProcessElfCore(lldb::TargetSP target_sp,
100	lldb::ListenerSP listener_sp,
101	const FileSpec &core_file)
102	: PostMortemProcess (target_sp, listener_sp, core_file) {}
103
104	// Destructor
105	ProcessElfCore::~ProcessElfCore() {
106	Clear();
107	// We need to call finalize on the process before destroying ourselves to
108	// make sure all of the broadcaster cleanup goes as planned. If we destruct
109	// this class, then Process::~Process() might have problems trying to fully
110	// destroy the broadcaster.
111	Finalize(destructing: true / destructing /);
112	}
113
114	lldb::addr_t ProcessElfCore::AddAddressRangeFromLoadSegment(
115	const elf::ELFProgramHeader &header) {
116	const lldb::addr_t addr = header.p_vaddr;
117	FileRange file_range(header.p_offset, header.p_filesz);
118	VMRangeToFileOffset::Entry range_entry(addr, header.p_memsz, file_range);
119
120	// Only add to m_core_aranges if the file size is non zero. Some core files
121	// have PT_LOAD segments for all address ranges, but set f_filesz to zero for
122	// the .text sections since they can be retrieved from the object files.
123	if (header.p_filesz > `0`) {
124	VMRangeToFileOffset::Entry *last_entry = m_core_aranges.Back();
125	if (last_entry && last_entry->GetRangeEnd() == range_entry.GetRangeBase() &&
126	last_entry->data.GetRangeEnd() == range_entry.data.GetRangeBase() &&
127	last_entry->GetByteSize() == last_entry->data.GetByteSize()) {
128	last_entry->SetRangeEnd(range_entry.GetRangeEnd());
129	last_entry->data.SetRangeEnd(range_entry.data.GetRangeEnd());
130	} else {
131	m_core_aranges.Append(entry: range_entry);
132	}
133	}
134	// Keep a separate map of permissions that isn't coalesced so all ranges
135	// are maintained.
136	const uint32_t permissions =
137	((header.p_flags & llvm::ELF::PF_R) ? lldb::ePermissionsReadable : `0u`) \|
138	((header.p_flags & llvm::ELF::PF_W) ? lldb::ePermissionsWritable : `0u`) \|
139	((header.p_flags & llvm::ELF::PF_X) ? lldb::ePermissionsExecutable : `0u`);
140
141	m_core_range_infos.Append(
142	entry: VMRangeToPermissions::Entry (addr, header.p_memsz, permissions));
143
144	return addr;
145	}
146
147	lldb::addr_t ProcessElfCore::AddAddressRangeFromMemoryTagSegment(
148	const elf::ELFProgramHeader &header) {
149	// If lldb understood multiple kinds of tag segments we would record the type
150	// of the segment here also. As long as there is only 1 type lldb looks for,
151	// there is no need.
152	FileRange file_range(header.p_offset, header.p_filesz);
153	m_core_tag_ranges.Append(
154	entry: VMRangeToFileOffset::Entry (header.p_vaddr, header.p_memsz, file_range));
155
156	return header.p_vaddr;
157	}
158
159	// Process Control
160	Status ProcessElfCore::DoLoadCore() {
161	Status error;
162	if (!m_core_module_sp) {
163	error.SetErrorString("invalid core module");
164	return error;
165	}
166
167	ObjectFileELF core = (ObjectFileELF )(m_core_module_sp ->GetObjectFile());
168	if (core == nullptr) {
169	error.SetErrorString("invalid core object file");
170	return error;
171	}
172
173	llvm::ArrayRef<elf::ELFProgramHeader> segments = core->ProgramHeaders();
174	if (segments.size() == `0`) {
175	error.SetErrorString("core file has no segments");
176	return error;
177	}
178
179	SetCanJIT(false);
180
181	m_thread_data_valid = true;
182
183	bool ranges_are_sorted = true;
184	lldb::addr_t vm_addr = `0`;
185	lldb::addr_t tag_addr = `0`;
186	/// Walk through segments and Thread and Address Map information.
187	/// PT_NOTE - Contains Thread and Register information
188	/// PT_LOAD - Contains a contiguous range of Process Address Space
189	/// PT_AARCH64_MEMTAG_MTE - Contains AArch64 MTE memory tags for a range of
190	/// Process Address Space.
191	for (const elf::ELFProgramHeader &H : segments) {
192	DataExtractor data = core->GetSegmentData(H);
193
194	// Parse thread contexts and auxv structure
195	if (H.p_type == llvm::ELF::PT_NOTE) {
196	if (llvm::Error error = ParseThreadContextsFromNoteSegment(segment_header: H, segment_data: data))
197	return Status (std::move(error));
198	}
199	// PT_LOAD segments contains address map
200	if (H.p_type == llvm::ELF::PT_LOAD) {
201	lldb::addr_t last_addr = AddAddressRangeFromLoadSegment(header: H);
202	if (vm_addr > last_addr)
203	ranges_are_sorted = false;
204	vm_addr = last_addr;
205	} else if (H.p_type == llvm::ELF::PT_AARCH64_MEMTAG_MTE) {
206	lldb::addr_t last_addr = AddAddressRangeFromMemoryTagSegment(header: H);
207	if (tag_addr > last_addr)
208	ranges_are_sorted = false;
209	tag_addr = last_addr;
210	}
211	}
212
213	if (!ranges_are_sorted) {
214	m_core_aranges.Sort();
215	m_core_range_infos.Sort();
216	m_core_tag_ranges.Sort();
217	}
218
219	// Even if the architecture is set in the target, we need to override it to
220	// match the core file which is always single arch.
221	ArchSpec arch(m_core_module_sp ->GetArchitecture());
222
223	ArchSpec target_arch = GetTarget().GetArchitecture();
224	ArchSpec core_arch(m_core_module_sp ->GetArchitecture());
225	target_arch.MergeFrom(other: core_arch);
226	GetTarget().SetArchitecture(arch_spec: target_arch);
227
228	SetUnixSignals(UnixSignals::Create(arch: GetArchitecture()));
229
230	// Ensure we found at least one thread that was stopped on a signal.
231	bool siginfo_signal_found = false;
232	bool prstatus_signal_found = false;
233	// Check we found a signal in a SIGINFO note.
234	for (const auto &thread_data : m_thread_data) {
235	if (thread_data.signo != `0`)
236	siginfo_signal_found = true;
237	if (thread_data.prstatus_sig != `0`)
238	prstatus_signal_found = true;
239	}
240	if (!siginfo_signal_found) {
241	// If we don't have signal from SIGINFO use the signal from each threads
242	// PRSTATUS note.
243	if (prstatus_signal_found) {
244	for (auto &thread_data : m_thread_data)
245	thread_data.signo = thread_data.prstatus_sig;
246	} else if (m_thread_data.size() > `0`) {
247	// If all else fails force the first thread to be SIGSTOP
248	m_thread_data.begin()->signo =
249	GetUnixSignals()->GetSignalNumberFromName(name: "SIGSTOP");
250	}
251	}
252
253	// Core files are useless without the main executable. See if we can locate
254	// the main executable using data we found in the core file notes.
255	lldb::ModuleSP exe_module_sp = GetTarget().GetExecutableModule();
256	if (!exe_module_sp) {
257	// The first entry in the NT_FILE might be our executable
258	if (!m_nt_file_entries.empty()) {
259	ModuleSpec exe_module_spec;
260	exe_module_spec.GetArchitecture() = arch;
261	exe_module_spec.GetFileSpec().SetFile(path: m_nt_file_entries [`0`].path,
262	style: FileSpec::Style::native);
263	if (exe_module_spec.GetFileSpec()) {
264	exe_module_sp =
265	GetTarget().GetOrCreateModule(module_spec: exe_module_spec, notify: true / notify /);
266	if (exe_module_sp)
267	GetTarget().SetExecutableModule(module_sp&: exe_module_sp, load_dependent_files: eLoadDependentsNo);
268	}
269	}
270	}
271	return error;
272	}
273
274	lldb_private::DynamicLoader *ProcessElfCore::GetDynamicLoader() {
275	if (m_dyld_up.get() == nullptr)
276	m_dyld_up.reset(p: DynamicLoader::FindPlugin(
277	process: this, plugin_name: DynamicLoaderPOSIXDYLD::GetPluginNameStatic()));
278	return m_dyld_up.get();
279	}
280
281	bool ProcessElfCore::DoUpdateThreadList(ThreadList &old_thread_list,
282	ThreadList &new_thread_list) {
283	const uint32_t num_threads = GetNumThreadContexts();
284	if (!m_thread_data_valid)
285	return false;
286
287	for (lldb::tid_t tid = `0`; tid < num_threads; ++tid) {
288	const ThreadData &td = m_thread_data [tid];
289	lldb::ThreadSP thread_sp(new ThreadElfCore (*this, td));
290	new_thread_list.AddThread(thread_sp);
291	}
292	return new_thread_list.GetSize(can_update: false) > `0`;
293	}
294
295	void ProcessElfCore::RefreshStateAfterStop() {}
296
297	Status ProcessElfCore::DoDestroy() { return Status (); }
298
299	// Process Queries
300
301	bool ProcessElfCore::IsAlive() { return true; }
302
303	// Process Memory
304	size_t ProcessElfCore::ReadMemory(lldb::addr_t addr, void *buf, size_t size,
305	Status &error) {
306	if (lldb::ABISP abi_sp = GetABI())
307	addr = abi_sp ->FixAnyAddress(pc: addr);
308
309	// Don't allow the caching that lldb_private::Process::ReadMemory does since
310	// in core files we have it all cached our our core file anyway.
311	return DoReadMemory(addr, buf, size, error);
312	}
313
314	Status ProcessElfCore::DoGetMemoryRegionInfo(lldb::addr_t load_addr,
315	MemoryRegionInfo &region_info) {
316	region_info.Clear();
317	const VMRangeToPermissions::Entry *permission_entry =
318	m_core_range_infos.FindEntryThatContainsOrFollows(addr: load_addr);
319	if (permission_entry) {
320	if (permission_entry->Contains(r: load_addr)) {
321	region_info.GetRange().SetRangeBase(permission_entry->GetRangeBase());
322	region_info.GetRange().SetRangeEnd(permission_entry->GetRangeEnd());
323	const Flags permissions(permission_entry->data);
324	region_info.SetReadable(permissions.Test(bit: lldb::ePermissionsReadable)
325	? MemoryRegionInfo::eYes
326	: MemoryRegionInfo::eNo);
327	region_info.SetWritable(permissions.Test(bit: lldb::ePermissionsWritable)
328	? MemoryRegionInfo::eYes
329	: MemoryRegionInfo::eNo);
330	region_info.SetExecutable(permissions.Test(bit: lldb::ePermissionsExecutable)
331	? MemoryRegionInfo::eYes
332	: MemoryRegionInfo::eNo);
333	region_info.SetMapped(MemoryRegionInfo::eYes);
334
335	// A region is memory tagged if there is a memory tag segment that covers
336	// the exact same range.
337	region_info.SetMemoryTagged(MemoryRegionInfo::eNo);
338	const VMRangeToFileOffset::Entry *tag_entry =
339	m_core_tag_ranges.FindEntryStartsAt(addr: permission_entry->GetRangeBase());
340	if (tag_entry &&
341	tag_entry->GetRangeEnd() == permission_entry->GetRangeEnd())
342	region_info.SetMemoryTagged(MemoryRegionInfo::eYes);
343	} else if (load_addr < permission_entry->GetRangeBase()) {
344	region_info.GetRange().SetRangeBase(load_addr);
345	region_info.GetRange().SetRangeEnd(permission_entry->GetRangeBase());
346	region_info.SetReadable(MemoryRegionInfo::eNo);
347	region_info.SetWritable(MemoryRegionInfo::eNo);
348	region_info.SetExecutable(MemoryRegionInfo::eNo);
349	region_info.SetMapped(MemoryRegionInfo::eNo);
350	region_info.SetMemoryTagged(MemoryRegionInfo::eNo);
351	}
352	return Status ();
353	}
354
355	region_info.GetRange().SetRangeBase(load_addr);
356	region_info.GetRange().SetRangeEnd(LLDB_INVALID_ADDRESS);
357	region_info.SetReadable(MemoryRegionInfo::eNo);
358	region_info.SetWritable(MemoryRegionInfo::eNo);
359	region_info.SetExecutable(MemoryRegionInfo::eNo);
360	region_info.SetMapped(MemoryRegionInfo::eNo);
361	region_info.SetMemoryTagged(MemoryRegionInfo::eNo);
362	return Status ();
363	}
364
365	size_t ProcessElfCore::DoReadMemory(lldb::addr_t addr, void *buf, size_t size,
366	Status &error) {
367	ObjectFile *core_objfile = m_core_module_sp ->GetObjectFile();
368
369	if (core_objfile == nullptr)
370	return `0`;
371
372	// Get the address range
373	const VMRangeToFileOffset::Entry *address_range =
374	m_core_aranges.FindEntryThatContains(addr);
375	if (address_range == nullptr \|\| address_range->GetRangeEnd() < addr) {
376	error.SetErrorStringWithFormat("core file does not contain 0x%" PRIx64,
377	addr);
378	return `0`;
379	}
380
381	// Convert the address into core file offset
382	const lldb::addr_t offset = addr - address_range->GetRangeBase();
383	const lldb::addr_t file_start = address_range->data.GetRangeBase();
384	const lldb::addr_t file_end = address_range->data.GetRangeEnd();
385	size_t bytes_to_read = size; // Number of bytes to read from the core file
386	size_t bytes_copied = `0`; // Number of bytes actually read from the core file
387	lldb::addr_t bytes_left =
388	`0`; // Number of bytes available in the core file from the given address
389
390	// Don't proceed if core file doesn't contain the actual data for this
391	// address range.
392	if (file_start == file_end)
393	return `0`;
394
395	// Figure out how many on-disk bytes remain in this segment starting at the
396	// given offset
397	if (file_end > file_start + offset)
398	bytes_left = file_end - (file_start + offset);
399
400	if (bytes_to_read > bytes_left)
401	bytes_to_read = bytes_left;
402
403	// If there is data available on the core file read it
404	if (bytes_to_read)
405	bytes_copied =
406	core_objfile->CopyData(offset: offset + file_start, length: bytes_to_read, dst: buf);
407
408	return bytes_copied;
409	}
410
411	llvm::Expected<std::vector<lldb::addr_t>>
412	ProcessElfCore::ReadMemoryTags(lldb::addr_t addr, size_t len) {
413	ObjectFile *core_objfile = m_core_module_sp ->GetObjectFile();
414	if (core_objfile == nullptr)
415	return llvm::createStringError(EC: llvm::inconvertibleErrorCode(),
416	Msg: "No core object file.");
417
418	llvm::Expected<const MemoryTagManager *> tag_manager_or_err =
419	GetMemoryTagManager();
420	if (!tag_manager_or_err)
421	return tag_manager_or_err.takeError();
422
423	// LLDB only supports AArch64 MTE tag segments so we do not need to worry
424	// about the segment type here. If you got here then you must have a tag
425	// manager (meaning you are debugging AArch64) and all the segments in this
426	// list will have had type PT_AARCH64_MEMTAG_MTE.
427	const VMRangeToFileOffset::Entry *tag_entry =
428	m_core_tag_ranges.FindEntryThatContains(addr);
429	// If we don't have a tag segment or the range asked for extends outside the
430	// segment.
431	if (!tag_entry \|\| (addr + len) >= tag_entry->GetRangeEnd())
432	return llvm::createStringError(EC: llvm::inconvertibleErrorCode(),
433	Msg: "No tag segment that covers this range.");
434
435	const MemoryTagManager tag_manager = tag_manager_or_err;
436	return tag_manager->UnpackTagsFromCoreFileSegment(
437	reader: [core_objfile](lldb::offset_t offset, size_t length, void *dst) {
438	return core_objfile->CopyData(offset, length, dst);
439	},
440	tag_segment_virtual_address: tag_entry->GetRangeBase(), tag_segment_data_address: tag_entry->data.GetRangeBase(), addr, len);
441	}
442
443	void ProcessElfCore::Clear() {
444	m_thread_list.Clear();
445
446	SetUnixSignals(std::make_shared<UnixSignals>());
447	}
448
449	void ProcessElfCore::Initialize() {
450	static llvm::once_flag g_once_flag;
451
452	llvm::call_once(flag&: g_once_flag, F: []() {
453	PluginManager::RegisterPlugin(name: GetPluginNameStatic(),
454	description: GetPluginDescriptionStatic(), create_callback: CreateInstance);
455	});
456	}
457
458	lldb::addr_t ProcessElfCore::GetImageInfoAddress() {
459	ObjectFile *obj_file = GetTarget().GetExecutableModule()->GetObjectFile();
460	Address addr = obj_file->GetImageInfoAddress(target: &GetTarget());
461
462	if (addr.IsValid())
463	return addr.GetLoadAddress(target: &GetTarget());
464	return LLDB_INVALID_ADDRESS;
465	}
466
467	// Parse a FreeBSD NT_PRSTATUS note - see FreeBSD sys/procfs.h for details.
468	static void ParseFreeBSDPrStatus(ThreadData &thread_data,
469	const DataExtractor &data,
470	bool lp64) {
471	lldb::offset_t offset = `0`;
472	int pr_version = data.GetU32(offset_ptr: &offset);
473
474	Log *log = GetLog(mask: LLDBLog::Process);
475	if (log) {
476	if (pr_version > `1`)
477	LLDB_LOGF(log, "FreeBSD PRSTATUS unexpected version %d", pr_version);
478	}
479
480	// Skip padding, pr_statussz, pr_gregsetsz, pr_fpregsetsz, pr_osreldate
481	if (lp64)
482	offset += `32`;
483	else
484	offset += `16`;
485
486	thread_data.signo = data.GetU32(offset_ptr: &offset); // pr_cursig
487	thread_data.tid = data.GetU32(offset_ptr: &offset); // pr_pid
488	if (lp64)
489	offset += `4`;
490
491	size_t len = data.GetByteSize() - offset;
492	thread_data.gpregset = DataExtractor (data, offset, len);
493	}
494
495	// Parse a FreeBSD NT_PRPSINFO note - see FreeBSD sys/procfs.h for details.
496	static void ParseFreeBSDPrPsInfo(ProcessElfCore &process,
497	const DataExtractor &data,
498	bool lp64) {
499	lldb::offset_t offset = `0`;
500	int pr_version = data.GetU32(offset_ptr: &offset);
501
502	Log *log = GetLog(mask: LLDBLog::Process);
503	if (log) {
504	if (pr_version > `1`)
505	LLDB_LOGF(log, "FreeBSD PRPSINFO unexpected version %d", pr_version);
506	}
507
508	// Skip pr_psinfosz, pr_fname, pr_psargs
509	offset += `108`;
510	if (lp64)
511	offset += `4`;
512
513	process.SetID(data.GetU32(offset_ptr: &offset)); // pr_pid
514	}
515
516	static llvm::Error ParseNetBSDProcInfo(const DataExtractor &data,
517	uint32_t &cpi_nlwps,
518	uint32_t &cpi_signo,
519	uint32_t &cpi_siglwp,
520	uint32_t &cpi_pid) {
521	lldb::offset_t offset = `0`;
522
523	uint32_t version = data.GetU32(offset_ptr: &offset);
524	if (version != `1`)
525	return llvm::make_error<llvm::StringError>(
526	Args: "Error parsing NetBSD core(5) notes: Unsupported procinfo version",
527	Args: llvm::inconvertibleErrorCode());
528
529	uint32_t cpisize = data.GetU32(offset_ptr: &offset);
530	if (cpisize != NETBSD::NT_PROCINFO_SIZE)
531	return llvm::make_error<llvm::StringError>(
532	Args: "Error parsing NetBSD core(5) notes: Unsupported procinfo size",
533	Args: llvm::inconvertibleErrorCode());
534
535	cpi_signo = data.GetU32(offset_ptr: &offset); / killing signal /
536
537	offset += NETBSD::NT_PROCINFO_CPI_SIGCODE_SIZE;
538	offset += NETBSD::NT_PROCINFO_CPI_SIGPEND_SIZE;
539	offset += NETBSD::NT_PROCINFO_CPI_SIGMASK_SIZE;
540	offset += NETBSD::NT_PROCINFO_CPI_SIGIGNORE_SIZE;
541	offset += NETBSD::NT_PROCINFO_CPI_SIGCATCH_SIZE;
542	cpi_pid = data.GetU32(offset_ptr: &offset);
543	offset += NETBSD::NT_PROCINFO_CPI_PPID_SIZE;
544	offset += NETBSD::NT_PROCINFO_CPI_PGRP_SIZE;
545	offset += NETBSD::NT_PROCINFO_CPI_SID_SIZE;
546	offset += NETBSD::NT_PROCINFO_CPI_RUID_SIZE;
547	offset += NETBSD::NT_PROCINFO_CPI_EUID_SIZE;
548	offset += NETBSD::NT_PROCINFO_CPI_SVUID_SIZE;
549	offset += NETBSD::NT_PROCINFO_CPI_RGID_SIZE;
550	offset += NETBSD::NT_PROCINFO_CPI_EGID_SIZE;
551	offset += NETBSD::NT_PROCINFO_CPI_SVGID_SIZE;
552	cpi_nlwps = data.GetU32(offset_ptr: &offset); / number of LWPs /
553
554	offset += NETBSD::NT_PROCINFO_CPI_NAME_SIZE;
555	cpi_siglwp = data.GetU32(offset_ptr: &offset); / LWP target of killing signal /
556
557	return llvm::Error::success();
558	}
559
560	static void ParseOpenBSDProcInfo(ThreadData &thread_data,
561	const DataExtractor &data) {
562	lldb::offset_t offset = `0`;
563
564	int version = data.GetU32(offset_ptr: &offset);
565	if (version != `1`)
566	return;
567
568	offset += `4`;
569	thread_data.signo = data.GetU32(offset_ptr: &offset);
570	}
571
572	llvm::Expected<std::vector<CoreNote>>
573	ProcessElfCore::parseSegment(const DataExtractor &segment) {
574	lldb::offset_t offset = `0`;
575	std::vector<CoreNote> result;
576
577	while (offset < segment.GetByteSize()) {
578	ELFNote note = ELFNote ();
579	if (!note.Parse(data: segment, offset: &offset))
580	return llvm::make_error<llvm::StringError>(
581	Args: "Unable to parse note segment", Args: llvm::inconvertibleErrorCode());
582
583	size_t note_start = offset;
584	size_t note_size = llvm::alignTo(Value: note.n_descsz, Align: `4`);
585
586	result.push_back(x: {.info: note, .data: DataExtractor (segment, note_start, note_size)});
587	offset += note_size;
588	}
589
590	return std::move(result);
591	}
592
593	llvm::Error ProcessElfCore::parseFreeBSDNotes(llvm::ArrayRef<CoreNote> notes) {
594	ArchSpec arch = GetArchitecture();
595	bool lp64 = (arch.GetMachine() == llvm::Triple::aarch64 \|\|
596	arch.GetMachine() == llvm::Triple::mips64 \|\|
597	arch.GetMachine() == llvm::Triple::ppc64 \|\|
598	arch.GetMachine() == llvm::Triple::x86_64);
599	bool have_prstatus = false;
600	bool have_prpsinfo = false;
601	ThreadData thread_data;
602	for (const auto &note : notes) {
603	if (note.info.n_name != "FreeBSD")
604	continue;
605
606	if ((note.info.n_type == ELF::NT_PRSTATUS && have_prstatus) \|\|
607	(note.info.n_type == ELF::NT_PRPSINFO && have_prpsinfo)) {
608	assert(thread_data.gpregset.GetByteSize() > `0`);
609	// Add the new thread to thread list
610	m_thread_data.push_back(x: thread_data);
611	thread_data = ThreadData ();
612	have_prstatus = false;
613	have_prpsinfo = false;
614	}
615
616	switch (note.info.n_type) {
617	case ELF::NT_PRSTATUS:
618	have_prstatus = true;
619	ParseFreeBSDPrStatus(thread_data, data: note.data, lp64);
620	break;
621	case ELF::NT_PRPSINFO:
622	have_prpsinfo = true;
623	ParseFreeBSDPrPsInfo(process&: *this, data: note.data, lp64);
624	break;
625	case ELF::NT_FREEBSD_THRMISC: {
626	lldb::offset_t offset = `0`;
627	thread_data.name = note.data.GetCStr(offset_ptr: &offset, len: `20`);
628	break;
629	}
630	case ELF::NT_FREEBSD_PROCSTAT_AUXV:
631	// FIXME: FreeBSD sticks an int at the beginning of the note
632	m_auxv = DataExtractor (note.data, `4`, note.data.GetByteSize() - `4`);
633	break;
634	default:
635	thread_data.notes.push_back(x: note);
636	break;
637	}
638	}
639	if (!have_prstatus) {
640	return llvm::make_error<llvm::StringError>(
641	Args: "Could not find NT_PRSTATUS note in core file.",
642	Args: llvm::inconvertibleErrorCode());
643	}
644	m_thread_data.push_back(x: thread_data);
645	return llvm::Error::success();
646	}
647
648	/// NetBSD specific Thread context from PT_NOTE segment
649	///
650	/// NetBSD ELF core files use notes to provide information about
651	/// the process's state. The note name is "NetBSD-CORE" for
652	/// information that is global to the process, and "NetBSD-CORE@nn",
653	/// where "nn" is the lwpid of the LWP that the information belongs
654	/// to (such as register state).
655	///
656	/// NetBSD uses the following note identifiers:
657	///
658	/// ELF_NOTE_NETBSD_CORE_PROCINFO (value 1)
659	/// Note is a "netbsd_elfcore_procinfo" structure.
660	/// ELF_NOTE_NETBSD_CORE_AUXV (value 2; since NetBSD 8.0)
661	/// Note is an array of AuxInfo structures.
662	///
663	/// NetBSD also uses ptrace(2) request numbers (the ones that exist in
664	/// machine-dependent space) to identify register info notes. The
665	/// info in such notes is in the same format that ptrace(2) would
666	/// export that information.
667	///
668	/// For more information see /usr/include/sys/exec_elf.h
669	///
670	llvm::Error ProcessElfCore::parseNetBSDNotes(llvm::ArrayRef<CoreNote> notes) {
671	ThreadData thread_data;
672	bool had_nt_regs = false;
673
674	// To be extracted from struct netbsd_elfcore_procinfo
675	// Used to sanity check of the LWPs of the process
676	uint32_t nlwps = `0`;
677	uint32_t signo = `0`; // killing signal
678	uint32_t siglwp = `0`; // LWP target of killing signal
679	uint32_t pr_pid = `0`;
680
681	for (const auto &note : notes) {
682	llvm::StringRef name = note.info.n_name;
683
684	if (name == "NetBSD-CORE") {
685	if (note.info.n_type == NETBSD::NT_PROCINFO) {
686	llvm::Error error = ParseNetBSDProcInfo(data: note.data, cpi_nlwps&: nlwps, cpi_signo&: signo,
687	cpi_siglwp&: siglwp, cpi_pid&: pr_pid);
688	if (error)
689	return error;
690	SetID(pr_pid);
691	} else if (note.info.n_type == NETBSD::NT_AUXV) {
692	m_auxv = note.data;
693	}
694	} else if (name.consume_front(Prefix: "NetBSD-CORE@")) {
695	lldb::tid_t tid;
696	if (name.getAsInteger(Radix: `10`, Result&: tid))
697	return llvm::make_error<llvm::StringError>(
698	Args: "Error parsing NetBSD core(5) notes: Cannot convert LWP ID "
699	"to integer",
700	Args: llvm::inconvertibleErrorCode());
701
702	switch (GetArchitecture().GetMachine()) {
703	case llvm::Triple::aarch64: {
704	// Assume order PT_GETREGS, PT_GETFPREGS
705	if (note.info.n_type == NETBSD::AARCH64::NT_REGS) {
706	// If this is the next thread, push the previous one first.
707	if (had_nt_regs) {
708	m_thread_data.push_back(x: thread_data);
709	thread_data = ThreadData ();
710	had_nt_regs = false;
711	}
712
713	thread_data.gpregset = note.data;
714	thread_data.tid = tid;
715	if (thread_data.gpregset.GetByteSize() == `0`)
716	return llvm::make_error<llvm::StringError>(
717	Args: "Could not find general purpose registers note in core file.",
718	Args: llvm::inconvertibleErrorCode());
719	had_nt_regs = true;
720	} else if (note.info.n_type == NETBSD::AARCH64::NT_FPREGS) {
721	if (!had_nt_regs \|\| tid != thread_data.tid)
722	return llvm::make_error<llvm::StringError>(
723	Args: "Error parsing NetBSD core(5) notes: Unexpected order "
724	"of NOTEs PT_GETFPREG before PT_GETREG",
725	Args: llvm::inconvertibleErrorCode());
726	thread_data.notes.push_back(x: note);
727	}
728	} break;
729	case llvm::Triple::x86: {
730	// Assume order PT_GETREGS, PT_GETFPREGS
731	if (note.info.n_type == NETBSD::I386::NT_REGS) {
732	// If this is the next thread, push the previous one first.
733	if (had_nt_regs) {
734	m_thread_data.push_back(x: thread_data);
735	thread_data = ThreadData ();
736	had_nt_regs = false;
737	}
738
739	thread_data.gpregset = note.data;
740	thread_data.tid = tid;
741	if (thread_data.gpregset.GetByteSize() == `0`)
742	return llvm::make_error<llvm::StringError>(
743	Args: "Could not find general purpose registers note in core file.",
744	Args: llvm::inconvertibleErrorCode());
745	had_nt_regs = true;
746	} else if (note.info.n_type == NETBSD::I386::NT_FPREGS) {
747	if (!had_nt_regs \|\| tid != thread_data.tid)
748	return llvm::make_error<llvm::StringError>(
749	Args: "Error parsing NetBSD core(5) notes: Unexpected order "
750	"of NOTEs PT_GETFPREG before PT_GETREG",
751	Args: llvm::inconvertibleErrorCode());
752	thread_data.notes.push_back(x: note);
753	}
754	} break;
755	case llvm::Triple::x86_64: {
756	// Assume order PT_GETREGS, PT_GETFPREGS
757	if (note.info.n_type == NETBSD::AMD64::NT_REGS) {
758	// If this is the next thread, push the previous one first.
759	if (had_nt_regs) {
760	m_thread_data.push_back(x: thread_data);
761	thread_data = ThreadData ();
762	had_nt_regs = false;
763	}
764
765	thread_data.gpregset = note.data;
766	thread_data.tid = tid;
767	if (thread_data.gpregset.GetByteSize() == `0`)
768	return llvm::make_error<llvm::StringError>(
769	Args: "Could not find general purpose registers note in core file.",
770	Args: llvm::inconvertibleErrorCode());
771	had_nt_regs = true;
772	} else if (note.info.n_type == NETBSD::AMD64::NT_FPREGS) {
773	if (!had_nt_regs \|\| tid != thread_data.tid)
774	return llvm::make_error<llvm::StringError>(
775	Args: "Error parsing NetBSD core(5) notes: Unexpected order "
776	"of NOTEs PT_GETFPREG before PT_GETREG",
777	Args: llvm::inconvertibleErrorCode());
778	thread_data.notes.push_back(x: note);
779	}
780	} break;
781	default:
782	break;
783	}
784	}
785	}
786
787	// Push the last thread.
788	if (had_nt_regs)
789	m_thread_data.push_back(x: thread_data);
790
791	if (m_thread_data.empty())
792	return llvm::make_error<llvm::StringError>(
793	Args: "Error parsing NetBSD core(5) notes: No threads information "
794	"specified in notes",
795	Args: llvm::inconvertibleErrorCode());
796
797	if (m_thread_data.size() != nlwps)
798	return llvm::make_error<llvm::StringError>(
799	Args: "Error parsing NetBSD core(5) notes: Mismatch between the number "
800	"of LWPs in netbsd_elfcore_procinfo and the number of LWPs specified "
801	"by MD notes",
802	Args: llvm::inconvertibleErrorCode());
803
804	// Signal targeted at the whole process.
805	if (siglwp == `0`) {
806	for (auto &data : m_thread_data)
807	data.signo = signo;
808	}
809	// Signal destined for a particular LWP.
810	else {
811	bool passed = false;
812
813	for (auto &data : m_thread_data) {
814	if (data.tid == siglwp) {
815	data.signo = signo;
816	passed = true;
817	break;
818	}
819	}
820
821	if (!passed)
822	return llvm::make_error<llvm::StringError>(
823	Args: "Error parsing NetBSD core(5) notes: Signal passed to unknown LWP",
824	Args: llvm::inconvertibleErrorCode());
825	}
826
827	return llvm::Error::success();
828	}
829
830	llvm::Error ProcessElfCore::parseOpenBSDNotes(llvm::ArrayRef<CoreNote> notes) {
831	ThreadData thread_data = {};
832	for (const auto &note : notes) {
833	// OpenBSD per-thread information is stored in notes named "OpenBSD@nnn" so
834	// match on the initial part of the string.
835	if (!llvm::StringRef (note.info.n_name).starts_with(Prefix: "OpenBSD"))
836	continue;
837
838	switch (note.info.n_type) {
839	case OPENBSD::NT_PROCINFO:
840	ParseOpenBSDProcInfo(thread_data, data: note.data);
841	break;
842	case OPENBSD::NT_AUXV:
843	m_auxv = note.data;
844	break;
845	case OPENBSD::NT_REGS:
846	thread_data.gpregset = note.data;
847	break;
848	default:
849	thread_data.notes.push_back(x: note);
850	break;
851	}
852	}
853	if (thread_data.gpregset.GetByteSize() == `0`) {
854	return llvm::make_error<llvm::StringError>(
855	Args: "Could not find general purpose registers note in core file.",
856	Args: llvm::inconvertibleErrorCode());
857	}
858	m_thread_data.push_back(x: thread_data);
859	return llvm::Error::success();
860	}
861
862	/// A description of a linux process usually contains the following NOTE
863	/// entries:
864	/// - NT_PRPSINFO - General process information like pid, uid, name, ...
865	/// - NT_SIGINFO - Information about the signal that terminated the process
866	/// - NT_AUXV - Process auxiliary vector
867	/// - NT_FILE - Files mapped into memory
868	///
869	/// Additionally, for each thread in the process the core file will contain at
870	/// least the NT_PRSTATUS note, containing the thread id and general purpose
871	/// registers. It may include additional notes for other register sets (floating
872	/// point and vector registers, ...). The tricky part here is that some of these
873	/// notes have "CORE" in their owner fields, while other set it to "LINUX".
874	llvm::Error ProcessElfCore::parseLinuxNotes(llvm::ArrayRef<CoreNote> notes) {
875	const ArchSpec &arch = GetArchitecture();
876	bool have_prstatus = false;
877	bool have_prpsinfo = false;
878	ThreadData thread_data;
879	for (const auto &note : notes) {
880	if (note.info.n_name != "CORE" && note.info.n_name != "LINUX")
881	continue;
882
883	if ((note.info.n_type == ELF::NT_PRSTATUS && have_prstatus) \|\|
884	(note.info.n_type == ELF::NT_PRPSINFO && have_prpsinfo)) {
885	assert(thread_data.gpregset.GetByteSize() > `0`);
886	// Add the new thread to thread list
887	m_thread_data.push_back(x: thread_data);
888	thread_data = ThreadData ();
889	have_prstatus = false;
890	have_prpsinfo = false;
891	}
892
893	switch (note.info.n_type) {
894	case ELF::NT_PRSTATUS: {
895	have_prstatus = true;
896	ELFLinuxPrStatus prstatus;
897	Status status = prstatus.Parse(data: note.data, arch);
898	if (status.Fail())
899	return status.ToError();
900	thread_data.prstatus_sig = prstatus.pr_cursig;
901	thread_data.tid = prstatus.pr_pid;
902	uint32_t header_size = ELFLinuxPrStatus::GetSize(arch);
903	size_t len = note.data.GetByteSize() - header_size;
904	thread_data.gpregset = DataExtractor (note.data, header_size, len);
905	break;
906	}
907	case ELF::NT_PRPSINFO: {
908	have_prpsinfo = true;
909	ELFLinuxPrPsInfo prpsinfo;
910	Status status = prpsinfo.Parse(data: note.data, arch);
911	if (status.Fail())
912	return status.ToError();
913	thread_data.name.assign (s: prpsinfo.pr_fname, n: strnlen (string: prpsinfo.pr_fname, maxlen: sizeof (prpsinfo.pr_fname)));
914	SetID(prpsinfo.pr_pid);
915	break;
916	}
917	case ELF::NT_SIGINFO: {
918	ELFLinuxSigInfo siginfo;
919	Status status = siginfo.Parse(data: note.data, arch);
920	if (status.Fail())
921	return status.ToError();
922	thread_data.signo = siginfo.si_signo;
923	thread_data.code = siginfo.si_code;
924	break;
925	}
926	case ELF::NT_FILE: {
927	m_nt_file_entries.clear();
928	lldb::offset_t offset = `0`;
929	const uint64_t count = note.data.GetAddress(offset_ptr: &offset);
930	note.data.GetAddress(offset_ptr: &offset); // Skip page size
931	for (uint64_t i = `0`; i < count; ++i) {
932	NT_FILE_Entry entry;
933	entry.start = note.data.GetAddress(offset_ptr: &offset);
934	entry.end = note.data.GetAddress(offset_ptr: &offset);
935	entry.file_ofs = note.data.GetAddress(offset_ptr: &offset);
936	m_nt_file_entries.push_back(x: entry);
937	}
938	for (uint64_t i = `0`; i < count; ++i) {
939	const char *path = note.data.GetCStr(offset_ptr: &offset);
940	if (path && path[`0`])
941	m_nt_file_entries [i].path.assign(s: path);
942	}
943	break;
944	}
945	case ELF::NT_AUXV:
946	m_auxv = note.data;
947	break;
948	default:
949	thread_data.notes.push_back(x: note);
950	break;
951	}
952	}
953	// Add last entry in the note section
954	if (have_prstatus)
955	m_thread_data.push_back(x: thread_data);
956	return llvm::Error::success();
957	}
958
959	/// Parse Thread context from PT_NOTE segment and store it in the thread list
960	/// A note segment consists of one or more NOTE entries, but their types and
961	/// meaning differ depending on the OS.
962	llvm::Error ProcessElfCore::ParseThreadContextsFromNoteSegment(
963	const elf::ELFProgramHeader &segment_header,
964	const DataExtractor &segment_data) {
965	assert(segment_header.p_type == llvm::ELF::PT_NOTE);
966
967	auto notes_or_error = parseSegment(segment: segment_data);
968	if(!notes_or_error)
969	return notes_or_error.takeError();
970	switch (GetArchitecture().GetTriple().getOS()) {
971	case llvm::Triple::FreeBSD:
972	return parseFreeBSDNotes(notes: *notes_or_error);
973	case llvm::Triple::Linux:
974	return parseLinuxNotes(notes: *notes_or_error);
975	case llvm::Triple::NetBSD:
976	return parseNetBSDNotes(notes: *notes_or_error);
977	case llvm::Triple::OpenBSD:
978	return parseOpenBSDNotes(notes: *notes_or_error);
979	default:
980	return llvm::make_error<llvm::StringError>(
981	Args: "Don't know how to parse core file. Unsupported OS.",
982	Args: llvm::inconvertibleErrorCode());
983	}
984	}
985
986	uint32_t ProcessElfCore::GetNumThreadContexts() {
987	if (!m_thread_data_valid)
988	DoLoadCore();
989	return m_thread_data.size();
990	}
991
992	ArchSpec ProcessElfCore::GetArchitecture() {
993	ArchSpec arch = m_core_module_sp ->GetObjectFile()->GetArchitecture();
994
995	ArchSpec target_arch = GetTarget().GetArchitecture();
996	arch.MergeFrom(other: target_arch);
997
998	// On MIPS there is no way to differentiate betwenn 32bit and 64bit core
999	// files and this information can't be merged in from the target arch so we
1000	// fail back to unconditionally returning the target arch in this config.
1001	if (target_arch.IsMIPS()) {
1002	return target_arch;
1003	}
1004
1005	return arch;
1006	}
1007
1008	DataExtractor ProcessElfCore::GetAuxvData() {
1009	const uint8_t *start = m_auxv.GetDataStart();
1010	size_t len = m_auxv.GetByteSize();
1011	lldb::DataBufferSP buffer(new lldb_private::DataBufferHeap (start, len));
1012	return DataExtractor (buffer, GetByteOrder(), GetAddressByteSize());
1013	}
1014
1015	bool ProcessElfCore::GetProcessInfo(ProcessInstanceInfo &info) {
1016	info.Clear();
1017	info.SetProcessID(GetID());
1018	info.SetArchitecture(GetArchitecture());
1019	lldb::ModuleSP module_sp = GetTarget().GetExecutableModule();
1020	if (module_sp) {
1021	const bool add_exe_file_as_first_arg = false;
1022	info.SetExecutableFile(exe_file: GetTarget().GetExecutableModule()->GetFileSpec(),
1023	add_exe_file_as_first_arg);
1024	}
1025	return true;
1026	}
1027

source code of lldb/source/Plugins/Process/elf-core/ProcessElfCore.cpp