/src/elfutils/libdwfl/linux-proc-maps.c

Source (jump to first uncovered line)
/* Standard libdwfl callbacks for debugging a live Linux process.
   Copyright (C) 2005-2010, 2013, 2014, 2016 Red Hat, Inc.
   This file is part of elfutils.

   This file is free software; you can redistribute it and/or modify
   it under the terms of either

     * the GNU Lesser General Public License as published by the Free
       Software Foundation; either version 3 of the License, or (at
       your option) any later version

   or

     * the GNU General Public License as published by the Free
       Software Foundation; either version 2 of the License, or (at
       your option) any later version

   or both in parallel, as here.

   elfutils is distributed in the hope that it will be useful, but
   WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   General Public License for more details.

   You should have received copies of the GNU General Public License and
   the GNU Lesser General Public License along with this program.  If
   not, see <http://www.gnu.org/licenses/>.  */

#ifdef HAVE_CONFIG_H
# include <config.h>
#endif

#include "libdwflP.h"
#include <inttypes.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <errno.h>
#include <stdio.h>
#include <stdio_ext.h>
#include <stdbool.h>
#include <string.h>
#include <stdlib.h>
#include <fcntl.h>
#include <unistd.h>
#include <assert.h>
#include <endian.h>
#include "system.h"


#define PROCMAPSFMT "/proc/%d/maps"
#define PROCMEMFMT  "/proc/%d/mem"
#define PROCAUXVFMT "/proc/%d/auxv"
#define PROCEXEFMT  "/proc/%d/exe"


/* Return ELFCLASS64 or ELFCLASS32 for the main ELF executable.  Return
   ELFCLASSNONE for an error.  */

static unsigned char
get_pid_class (pid_t pid)
{
  char *fname;
  if (asprintf (&fname, PROCEXEFMT, pid) < 0)
    return ELFCLASSNONE;

  int fd = open (fname, O_RDONLY);
  free (fname);
  if (fd < 0)
    return ELFCLASSNONE;

  unsigned char buf[EI_CLASS + 1];
  ssize_t nread = pread_retry (fd, &buf, sizeof buf, 0);
  close (fd);
  if (nread != sizeof buf || buf[EI_MAG0] != ELFMAG0
      || buf[EI_MAG1] != ELFMAG1 || buf[EI_MAG2] != ELFMAG2
      || buf[EI_MAG3] != ELFMAG3
      || (buf[EI_CLASS] != ELFCLASS64 && buf[EI_CLASS] != ELFCLASS32))
    return ELFCLASSNONE;

  return buf[EI_CLASS];
}

/* Search /proc/PID/auxv for the AT_SYSINFO_EHDR tag.

   It would be easiest to call get_pid_class and parse everything according to
   the 32-bit or 64-bit class.  But this would bring the overhead of syscalls
   to open and read the "/proc/%d/exe" file.

   Therefore this function tries to parse the "/proc/%d/auxv" content both
   ways, as if it were the 32-bit format and also if it were the 64-bit format.
   Only if it gives some valid data in both cases get_pid_class gets called.
   In most cases only one of the format bit sizes gives valid data and the
   get_pid_class call overhead can be saved.  */

static int
grovel_auxv (pid_t pid, Dwfl *dwfl, GElf_Addr *sysinfo_ehdr)
{
  char *fname;
  if (asprintf (&fname, PROCAUXVFMT, pid) < 0)
    return ENOMEM;

  int fd = open (fname, O_RDONLY);
  free (fname);
  if (fd < 0)
    return errno == ENOENT ? 0 : errno;

  GElf_Addr sysinfo_ehdr64 = 0;
  GElf_Addr sysinfo_ehdr32 = 0;
  GElf_Addr segment_align64 = dwfl->segment_align;
  GElf_Addr segment_align32 = dwfl->segment_align;
  off_t offset = 0;
  ssize_t nread;
  union
  {
    Elf64_auxv_t a64[64];
    Elf32_auxv_t a32[128];
  } d;
  do
    {
      eu_static_assert (sizeof d.a64 == sizeof d.a32);
      nread = pread_retry (fd, d.a64, sizeof d.a64, offset);
      if (nread < 0)
  {
    int ret = errno;
    close (fd);
    return ret;
  }
      for (size_t a32i = 0; a32i < nread / sizeof d.a32[0]; a32i++)
  {
    const Elf32_auxv_t *a32 = d.a32 + a32i;
    switch (a32->a_type)
    {
      case AT_SYSINFO_EHDR:
        sysinfo_ehdr32 = a32->a_un.a_val;
        break;
      case AT_PAGESZ:
        segment_align32 = a32->a_un.a_val;
        break;
    }
  }
      for (size_t a64i = 0; a64i < nread / sizeof d.a64[0]; a64i++)
  {
    const Elf64_auxv_t *a64 = d.a64 + a64i;
    switch (a64->a_type)
    {
      case AT_SYSINFO_EHDR:
        sysinfo_ehdr64 = a64->a_un.a_val;
        break;
      case AT_PAGESZ:
        segment_align64 = a64->a_un.a_val;
        break;
    }
  }
      offset += nread;
    }
  while (nread == sizeof d.a64);

  close (fd);

  bool valid64 = sysinfo_ehdr64 != 0 || segment_align64 != dwfl->segment_align;
  bool valid32 = sysinfo_ehdr32 != 0 || segment_align32 != dwfl->segment_align;

  unsigned char pid_class = ELFCLASSNONE;
  if (valid64 && valid32)
    pid_class = get_pid_class (pid);

  if (pid_class == ELFCLASS64 || (valid64 && ! valid32))
    {
      *sysinfo_ehdr = sysinfo_ehdr64;
      dwfl->segment_align = segment_align64;
      return 0;
    }
  if (pid_class == ELFCLASS32 || (! valid64 && valid32))
    {
      *sysinfo_ehdr = sysinfo_ehdr32;
      dwfl->segment_align = segment_align32;
      return 0;
    }
  return ENOEXEC;
}

static inline bool
do_report (Dwfl *dwfl, char **plast_file, Dwarf_Addr low, Dwarf_Addr high)
{
  if (*plast_file != NULL)
    {
      Dwfl_Module *mod = INTUSE(dwfl_report_module) (dwfl, *plast_file,
                 low, high);
      free (*plast_file);
      *plast_file = NULL;
      if (unlikely (mod == NULL))
        return true;
    }
  return false;
}

#define report() do_report(dwfl, &last_file, low, high)

static int
proc_maps_report (Dwfl *dwfl, FILE *f, GElf_Addr sysinfo_ehdr, pid_t pid)
{
  unsigned int last_dmajor = -1, last_dminor = -1;
  uint64_t last_ino = -1;
  char *last_file = NULL;
  Dwarf_Addr low = 0, high = 0;

  char *line = NULL;
  size_t linesz;
  ssize_t len;
  while ((len = getline (&line, &linesz, f)) > 0)
    {
      if (line[len - 1] == '\n')
  line[len - 1] = '\0';

      Dwarf_Addr start, end, offset;
      unsigned int dmajor, dminor;
      uint64_t ino;
      int nread = -1;
      if (sscanf (line, "%" PRIx64 "-%" PRIx64 " %*s %" PRIx64
      " %x:%x %" PRIu64 " %n",
      &start, &end, &offset, &dmajor, &dminor, &ino, &nread) < 6
    || nread <= 0)
  {
    free (line);
    free (last_file);
    return ENOEXEC;
  }

      /* If this is the special mapping AT_SYSINFO_EHDR pointed us at,
   report the last one and then this special one.  */
      if (start == sysinfo_ehdr && start != 0)
  {
    if (report ())
      {
      bad_report:
        free (line);
        return -1;
      }

    low = start;
    high = end;
    if (asprintf (&last_file, "[vdso: %d]", (int) pid) < 0
        || report ())
      goto bad_report;
  }

      char *file = line + nread + strspn (line + nread, " \t");
      if (file[0] != '/' || (ino == 0 && dmajor == 0 && dminor == 0))
  /* This line doesn't indicate a file mapping.  */
  continue;

      if (last_file != NULL
    && ino == last_ino && dmajor == last_dmajor && dminor == last_dminor)
  {
    /* This is another portion of the same file's mapping.  */
    if (strcmp (last_file, file) != 0)
      {
        free (last_file);
        goto bad_report;
      }
    high = end;
  }
      else
  {
    /* This is a different file mapping.  Report the last one.  */
    if (report ())
      goto bad_report;
    low = start;
    high = end;
    last_file = strdup (file);
    last_ino = ino;
    last_dmajor = dmajor;
    last_dminor = dminor;
  }
    }
  free (line);

  int result = ferror_unlocked (f) ? errno : feof_unlocked (f) ? 0 : ENOEXEC;

  /* Report the final one.  */
  bool lose = report ();

  return result != 0 ? result : lose ? -1 : 0;
}

int
dwfl_linux_proc_maps_report (Dwfl *dwfl, FILE *f)
{
  return proc_maps_report (dwfl, f, 0, 0);
}
INTDEF (dwfl_linux_proc_maps_report)

int
dwfl_linux_proc_report (Dwfl *dwfl, pid_t pid)
{
  if (dwfl == NULL)
    return -1;

  /* We'll notice the AT_SYSINFO_EHDR address specially when we hit it.  */
  GElf_Addr sysinfo_ehdr = 0;
  int result = grovel_auxv (pid, dwfl, &sysinfo_ehdr);
  if (result != 0)
    return result;

  char *fname;
  if (asprintf (&fname, PROCMAPSFMT, pid) < 0)
    return ENOMEM;

  FILE *f = fopen (fname, "r");
  free (fname);
  if (f == NULL)
    return errno;

  (void) __fsetlocking (f, FSETLOCKING_BYCALLER);

  result = proc_maps_report (dwfl, f, sysinfo_ehdr, pid);

  fclose (f);

  return result;
}
INTDEF (dwfl_linux_proc_report)

static ssize_t
read_proc_memory (void *arg, void *data, GElf_Addr address,
      size_t minread, size_t maxread)
{
  const int fd = *(const int *) arg;

  /* This code relies on the fact the Linux kernel accepts negative
     offsets when seeking /dev/$$/mem files, as a special case. In
     particular pread cannot be used here, because it will always
     return EINVAL when passed a negative offset.  */

  if (lseek (fd, (off_t) address, SEEK_SET) == -1)
    return -1;

  ssize_t nread = read (fd, data, maxread);

  if (nread > 0 && (size_t) nread < minread)
    nread = 0;
  return nread;
}

extern Elf *elf_from_remote_memory (GElf_Addr ehdr_vma,
            GElf_Xword pagesize,
            GElf_Addr *loadbasep,
            ssize_t (*read_memory) (void *arg,
                  void *data,
                  GElf_Addr address,
                  size_t minread,
                  size_t maxread),
            void *arg);


/* Dwfl_Callbacks.find_elf */

int
dwfl_linux_proc_find_elf (Dwfl_Module *mod __attribute__ ((unused)),
        void **userdata __attribute__ ((unused)),
        const char *module_name, Dwarf_Addr base,
        char **file_name, Elf **elfp)
{
  int pid = -1;
  if (module_name[0] == '/')
    {
      /* When this callback is used together with dwfl_linux_proc_report
   then we might see mappings of special character devices.  Make
   sure we only open and return regular files.  Special devices
   might hang on open or read.  (deleted) files are super special.
   The image might come from memory if we are attached.  */
      struct stat sb;
      if (stat (module_name, &sb) == -1 || (sb.st_mode & S_IFMT) != S_IFREG)
  {
    if (strcmp (strrchr (module_name, ' ') ?: "", " (deleted)") == 0)
      pid = INTUSE(dwfl_pid) (mod->dwfl);
    else
      return -1;
  }

      if (pid == -1)
  {
    int fd = open (module_name, O_RDONLY);
    if (fd >= 0)
      {
        *file_name = strdup (module_name);
        if (*file_name == NULL)
    {
      close (fd);
      return ENOMEM;
    }
      }
    return fd;
  }
    }

  if (pid != -1 || sscanf (module_name, "[vdso: %d]", &pid) == 1)
    {
      /* Special case for in-memory ELF image.  */

      bool detach = false;
      bool tid_was_stopped = false;
      struct __libdwfl_pid_arg *pid_arg = __libdwfl_get_pid_arg (mod->dwfl);
      if (pid_arg != NULL && ! pid_arg->assume_ptrace_stopped)
  {
    /* If any thread is already attached we are fine.  Read
       through that thread.  It doesn't have to be the main
       thread pid.  */
    pid_t tid = pid_arg->tid_attached;
    if (tid != 0)
      pid = tid;
    else
      detach = __libdwfl_ptrace_attach (pid, &tid_was_stopped);
  }

      char *fname;
      if (asprintf (&fname, PROCMEMFMT, pid) < 0)
  goto detach;

      int fd = open (fname, O_RDONLY);
      free (fname);
      if (fd < 0)
  goto detach;

      *elfp = elf_from_remote_memory (base, sysconf (_SC_PAGESIZE), NULL,
              &read_proc_memory, &fd);

      close (fd);

      *file_name = NULL;

    detach:
      if (detach)
  __libdwfl_ptrace_detach (pid, tid_was_stopped);
      return -1;
    }

  return -1;
}
INTDEF (dwfl_linux_proc_find_elf)

Coverage Report

Created: 2025-07-11 06:43

Line	Count	Source (jump to first uncovered line)
1		/* Standard libdwfl callbacks for debugging a live Linux process.
2		Copyright (C) 2005-2010, 2013, 2014, 2016 Red Hat, Inc.
3		This file is part of elfutils.
4
5		This file is free software; you can redistribute it and/or modify
6		it under the terms of either
7
8		* the GNU Lesser General Public License as published by the Free
9		Software Foundation; either version 3 of the License, or (at
10		your option) any later version
11
12		or
13
14		* the GNU General Public License as published by the Free
15		Software Foundation; either version 2 of the License, or (at
16		your option) any later version
17
18		or both in parallel, as here.
19
20		elfutils is distributed in the hope that it will be useful, but
21		WITHOUT ANY WARRANTY; without even the implied warranty of
22		MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
23		General Public License for more details.
24
25		You should have received copies of the GNU General Public License and
26		the GNU Lesser General Public License along with this program. If
27		not, see <http://www.gnu.org/licenses/>. */
28
29		#ifdef HAVE_CONFIG_H
30		# include <config.h>
31		#endif
32
33		#include "libdwflP.h"
34		#include <inttypes.h>
35		#include <sys/types.h>
36		#include <sys/stat.h>
37		#include <errno.h>
38		#include <stdio.h>
39		#include <stdio_ext.h>
40		#include <stdbool.h>
41		#include <string.h>
42		#include <stdlib.h>
43		#include <fcntl.h>
44		#include <unistd.h>
45		#include <assert.h>
46		#include <endian.h>
47		#include "system.h"
48
49
50		#define PROCMAPSFMT "/proc/%d/maps"
51		#define PROCMEMFMT "/proc/%d/mem"
52		#define PROCAUXVFMT "/proc/%d/auxv"
53		#define PROCEXEFMT "/proc/%d/exe"
54
55
56		/* Return ELFCLASS64 or ELFCLASS32 for the main ELF executable. Return
57		ELFCLASSNONE for an error. */
58
59		static unsigned char
60		get_pid_class (pid_t pid)
61	0	{
62	0	char *fname;
63	0	if (asprintf (&fname, PROCEXEFMT, pid) < 0)
64	0	return ELFCLASSNONE;
65
66	0	int fd = open (fname, O_RDONLY);
67	0	free (fname);
68	0	if (fd < 0)
69	0	return ELFCLASSNONE;
70
71	0	unsigned char buf[EI_CLASS + 1];
72	0	ssize_t nread = pread_retry (fd, &buf, sizeof buf, 0);
73	0	close (fd);
74	0	if (nread != sizeof buf \|\| buf[EI_MAG0] != ELFMAG0
75	0	\|\| buf[EI_MAG1] != ELFMAG1 \|\| buf[EI_MAG2] != ELFMAG2
76	0	\|\| buf[EI_MAG3] != ELFMAG3
77	0	\|\| (buf[EI_CLASS] != ELFCLASS64 && buf[EI_CLASS] != ELFCLASS32))
78	0	return ELFCLASSNONE;
79
80	0	return buf[EI_CLASS];
81	0	}
82
83		/* Search /proc/PID/auxv for the AT_SYSINFO_EHDR tag.
84
85		It would be easiest to call get_pid_class and parse everything according to
86		the 32-bit or 64-bit class. But this would bring the overhead of syscalls
87		to open and read the "/proc/%d/exe" file.
88
89		Therefore this function tries to parse the "/proc/%d/auxv" content both
90		ways, as if it were the 32-bit format and also if it were the 64-bit format.
91		Only if it gives some valid data in both cases get_pid_class gets called.
92		In most cases only one of the format bit sizes gives valid data and the
93		get_pid_class call overhead can be saved. */
94
95		static int
96		grovel_auxv (pid_t pid, Dwfl dwfl, GElf_Addr sysinfo_ehdr)
97	0	{
98	0	char *fname;
99	0	if (asprintf (&fname, PROCAUXVFMT, pid) < 0)
100	0	return ENOMEM;
101
102	0	int fd = open (fname, O_RDONLY);
103	0	free (fname);
104	0	if (fd < 0)
105	0	return errno == ENOENT ? 0 : errno;
106
107	0	GElf_Addr sysinfo_ehdr64 = 0;
108	0	GElf_Addr sysinfo_ehdr32 = 0;
109	0	GElf_Addr segment_align64 = dwfl->segment_align;
110	0	GElf_Addr segment_align32 = dwfl->segment_align;
111	0	off_t offset = 0;
112	0	ssize_t nread;
113	0	union
114	0	{
115	0	Elf64_auxv_t a64[64];
116	0	Elf32_auxv_t a32[128];
117	0	} d;
118	0	do
119	0	{
120	0	eu_static_assert (sizeof d.a64 == sizeof d.a32);
121	0	nread = pread_retry (fd, d.a64, sizeof d.a64, offset);
122	0	if (nread < 0)
123	0	{
124	0	int ret = errno;
125	0	close (fd);
126	0	return ret;
127	0	}
128	0	for (size_t a32i = 0; a32i < nread / sizeof d.a32[0]; a32i++)
129	0	{
130	0	const Elf32_auxv_t *a32 = d.a32 + a32i;
131	0	switch (a32->a_type)
132	0	{
133	0	case AT_SYSINFO_EHDR:
134	0	sysinfo_ehdr32 = a32->a_un.a_val;
135	0	break;
136	0	case AT_PAGESZ:
137	0	segment_align32 = a32->a_un.a_val;
138	0	break;
139	0	}
140	0	}
141	0	for (size_t a64i = 0; a64i < nread / sizeof d.a64[0]; a64i++)
142	0	{
143	0	const Elf64_auxv_t *a64 = d.a64 + a64i;
144	0	switch (a64->a_type)
145	0	{
146	0	case AT_SYSINFO_EHDR:
147	0	sysinfo_ehdr64 = a64->a_un.a_val;
148	0	break;
149	0	case AT_PAGESZ:
150	0	segment_align64 = a64->a_un.a_val;
151	0	break;
152	0	}
153	0	}
154	0	offset += nread;
155	0	}
156	0	while (nread == sizeof d.a64);
157
158	0	close (fd);
159
160	0	bool valid64 = sysinfo_ehdr64 != 0 \|\| segment_align64 != dwfl->segment_align;
161	0	bool valid32 = sysinfo_ehdr32 != 0 \|\| segment_align32 != dwfl->segment_align;
162
163	0	unsigned char pid_class = ELFCLASSNONE;
164	0	if (valid64 && valid32)
165	0	pid_class = get_pid_class (pid);
166
167	0	if (pid_class == ELFCLASS64 \|\| (valid64 && ! valid32))
168	0	{
169	0	*sysinfo_ehdr = sysinfo_ehdr64;
170	0	dwfl->segment_align = segment_align64;
171	0	return 0;
172	0	}
173	0	if (pid_class == ELFCLASS32 \|\| (! valid64 && valid32))
174	0	{
175	0	*sysinfo_ehdr = sysinfo_ehdr32;
176	0	dwfl->segment_align = segment_align32;
177	0	return 0;
178	0	}
179	0	return ENOEXEC;
180	0	}
181
182		static inline bool
183		do_report (Dwfl dwfl, char *plast_file, Dwarf_Addr low, Dwarf_Addr high)
184	0	{
185	0	if (*plast_file != NULL)
186	0	{
187	0	Dwfl_Module mod = INTUSE(dwfl_report_module) (dwfl, plast_file,
188	0	low, high);
189	0	free (*plast_file);
190	0	*plast_file = NULL;
191	0	if (unlikely (mod == NULL))
192	0	return true;
193	0	}
194	0	return false;
195	0	}
196
197	0	#define report() do_report(dwfl, &last_file, low, high)
198
199		static int
200		proc_maps_report (Dwfl dwfl, FILE f, GElf_Addr sysinfo_ehdr, pid_t pid)
201	0	{
202	0	unsigned int last_dmajor = -1, last_dminor = -1;
203	0	uint64_t last_ino = -1;
204	0	char *last_file = NULL;
205	0	Dwarf_Addr low = 0, high = 0;
206
207	0	char *line = NULL;
208	0	size_t linesz;
209	0	ssize_t len;
210	0	while ((len = getline (&line, &linesz, f)) > 0)
211	0	{
212	0	if (line[len - 1] == '\n')
213	0	line[len - 1] = '\0';
214
215	0	Dwarf_Addr start, end, offset;
216	0	unsigned int dmajor, dminor;
217	0	uint64_t ino;
218	0	int nread = -1;
219	0	if (sscanf (line, "%" PRIx64 "-%" PRIx64 " %*s %" PRIx64
220	0	" %x:%x %" PRIu64 " %n",
221	0	&start, &end, &offset, &dmajor, &dminor, &ino, &nread) < 6
222	0	\|\| nread <= 0)
223	0	{
224	0	free (line);
225	0	free (last_file);
226	0	return ENOEXEC;
227	0	}
228
229		/* If this is the special mapping AT_SYSINFO_EHDR pointed us at,
230		report the last one and then this special one. */
231	0	if (start == sysinfo_ehdr && start != 0)
232	0	{
233	0	if (report ())
234	0	{
235	0	bad_report:
236	0	free (line);
237	0	return -1;
238	0	}
239
240	0	low = start;
241	0	high = end;
242	0	if (asprintf (&last_file, "[vdso: %d]", (int) pid) < 0
243	0	\|\| report ())
244	0	goto bad_report;
245	0	}
246
247	0	char *file = line + nread + strspn (line + nread, " \t");
248	0	if (file[0] != '/' \|\| (ino == 0 && dmajor == 0 && dminor == 0))
249		/* This line doesn't indicate a file mapping. */
250	0	continue;
251
252	0	if (last_file != NULL
253	0	&& ino == last_ino && dmajor == last_dmajor && dminor == last_dminor)
254	0	{
255		/* This is another portion of the same file's mapping. */
256	0	if (strcmp (last_file, file) != 0)
257	0	{
258	0	free (last_file);
259	0	goto bad_report;
260	0	}
261	0	high = end;
262	0	}
263	0	else
264	0	{
265		/* This is a different file mapping. Report the last one. */
266	0	if (report ())
267	0	goto bad_report;
268	0	low = start;
269	0	high = end;
270	0	last_file = strdup (file);
271	0	last_ino = ino;
272	0	last_dmajor = dmajor;
273	0	last_dminor = dminor;
274	0	}
275	0	}
276	0	free (line);
277
278	0	int result = ferror_unlocked (f) ? errno : feof_unlocked (f) ? 0 : ENOEXEC;
279
280		/* Report the final one. */
281	0	bool lose = report ();
282
283	0	return result != 0 ? result : lose ? -1 : 0;
284	0	}
285
286		int
287		dwfl_linux_proc_maps_report (Dwfl dwfl, FILE f)
288	0	{
289	0	return proc_maps_report (dwfl, f, 0, 0);
290	0	}
291		INTDEF (dwfl_linux_proc_maps_report)
292
293		int
294		dwfl_linux_proc_report (Dwfl *dwfl, pid_t pid)
295	0	{
296	0	if (dwfl == NULL)
297	0	return -1;
298
299		/* We'll notice the AT_SYSINFO_EHDR address specially when we hit it. */
300	0	GElf_Addr sysinfo_ehdr = 0;
301	0	int result = grovel_auxv (pid, dwfl, &sysinfo_ehdr);
302	0	if (result != 0)
303	0	return result;
304
305	0	char *fname;
306	0	if (asprintf (&fname, PROCMAPSFMT, pid) < 0)
307	0	return ENOMEM;
308
309	0	FILE *f = fopen (fname, "r");
310	0	free (fname);
311	0	if (f == NULL)
312	0	return errno;
313
314	0	(void) __fsetlocking (f, FSETLOCKING_BYCALLER);
315
316	0	result = proc_maps_report (dwfl, f, sysinfo_ehdr, pid);
317
318	0	fclose (f);
319
320	0	return result;
321	0	}
322		INTDEF (dwfl_linux_proc_report)
323
324		static ssize_t
325		read_proc_memory (void arg, void data, GElf_Addr address,
326		size_t minread, size_t maxread)
327	0	{
328	0	const int fd = (const int ) arg;
329
330		/* This code relies on the fact the Linux kernel accepts negative
331		offsets when seeking /dev/$$/mem files, as a special case. In
332		particular pread cannot be used here, because it will always
333		return EINVAL when passed a negative offset. */
334
335	0	if (lseek (fd, (off_t) address, SEEK_SET) == -1)
336	0	return -1;
337
338	0	ssize_t nread = read (fd, data, maxread);
339
340	0	if (nread > 0 && (size_t) nread < minread)
341	0	nread = 0;
342	0	return nread;
343	0	}
344
345		extern Elf *elf_from_remote_memory (GElf_Addr ehdr_vma,
346		GElf_Xword pagesize,
347		GElf_Addr *loadbasep,
348		ssize_t (read_memory) (void arg,
349		void *data,
350		GElf_Addr address,
351		size_t minread,
352		size_t maxread),
353		void *arg);
354
355
356		/* Dwfl_Callbacks.find_elf */
357
358		int
359		dwfl_linux_proc_find_elf (Dwfl_Module *mod __attribute__ ((unused)),
360		void **userdata __attribute__ ((unused)),
361		const char *module_name, Dwarf_Addr base,
362		char file_name, Elf elfp)
363	0	{
364	0	int pid = -1;
365	0	if (module_name[0] == '/')
366	0	{
367		/* When this callback is used together with dwfl_linux_proc_report
368		then we might see mappings of special character devices. Make
369		sure we only open and return regular files. Special devices
370		might hang on open or read. (deleted) files are super special.
371		The image might come from memory if we are attached. */
372	0	struct stat sb;
373	0	if (stat (module_name, &sb) == -1 \|\| (sb.st_mode & S_IFMT) != S_IFREG)
374	0	{
375	0	if (strcmp (strrchr (module_name, ' ') ?: "", " (deleted)") == 0)
376	0	pid = INTUSE(dwfl_pid) (mod->dwfl);
377	0	else
378	0	return -1;
379	0	}
380
381	0	if (pid == -1)
382	0	{
383	0	int fd = open (module_name, O_RDONLY);
384	0	if (fd >= 0)
385	0	{
386	0	*file_name = strdup (module_name);
387	0	if (*file_name == NULL)
388	0	{
389	0	close (fd);
390	0	return ENOMEM;
391	0	}
392	0	}
393	0	return fd;
394	0	}
395	0	}
396
397	0	if (pid != -1 \|\| sscanf (module_name, "[vdso: %d]", &pid) == 1)
398	0	{
399		/* Special case for in-memory ELF image. */
400
401	0	bool detach = false;
402	0	bool tid_was_stopped = false;
403	0	struct __libdwfl_pid_arg *pid_arg = __libdwfl_get_pid_arg (mod->dwfl);
404	0	if (pid_arg != NULL && ! pid_arg->assume_ptrace_stopped)
405	0	{
406		/* If any thread is already attached we are fine. Read
407		through that thread. It doesn't have to be the main
408		thread pid. */
409	0	pid_t tid = pid_arg->tid_attached;
410	0	if (tid != 0)
411	0	pid = tid;
412	0	else
413	0	detach = __libdwfl_ptrace_attach (pid, &tid_was_stopped);
414	0	}
415
416	0	char *fname;
417	0	if (asprintf (&fname, PROCMEMFMT, pid) < 0)
418	0	goto detach;
419
420	0	int fd = open (fname, O_RDONLY);
421	0	free (fname);
422	0	if (fd < 0)
423	0	goto detach;
424
425	0	*elfp = elf_from_remote_memory (base, sysconf (_SC_PAGESIZE), NULL,
426	0	&read_proc_memory, &fd);
427
428	0	close (fd);
429
430	0	*file_name = NULL;
431
432	0	detach:
433	0	if (detach)
434	0	__libdwfl_ptrace_detach (pid, tid_was_stopped);
435	0	return -1;
436	0	}
437
438	0	return -1;
439	0	}
440		INTDEF (dwfl_linux_proc_find_elf)