On Tue, 2014-02-25 at 23:03 +0100, Mark Wielaard wrote: > On Sat, 2014-02-22 at 22:08 +0100, Jan Kratochvil wrote: > > This patchset (/dev/PID/mem solution) works only on recent Linux kernels > > (tested kernel-3.13.3-201.fc20.x86_64) as older kernels (RHEL-6) required > > PTRACE_ATTACHed PID to read its /dev/PID/mem. This patch does not try to > > workaround older kernels by doing PTRACE_ATTACH. > > I had something somewhat working using ptrace attach and the > elf_from_remote_memory that we are already using for getting access to > the vdso. But I had trouble with the alignment requirements not always > working and there was the issue of how to pass through the pid of the > process from the report callback to the find_elf callback. I'll see if I > can make that work using your approach and then we can maybe use that as > fallback when direct access doesn't work on older kernels.
There was one obvious typo in elf_from_remote_memory that I just checked in. See attached. Still looking at the alignment issues I seem to have had in handle_segment. I got something somewhat working some time back, but I don't understand my own patches... (most are really just lots of extra debug output). Cheers, Mark
>From 48827ec6cb2169bad15baf7702f86c4bf2847beb Mon Sep 17 00:00:00 2001 From: Mark Wielaard <[email protected]> Date: Wed, 26 Feb 2014 17:17:07 +0100 Subject: [PATCH] libdwfl: elf-from-memory.c (elf_from_remote_memory): Check against p64 p_type. There was a type in the case of parsing ELFCLASS64 phdrs. Check against p64 p_type, not the p32 p_type which at a different location in the union. Signed-off-by: Mark Wielaard <[email protected]> --- libdwfl/ChangeLog | 5 +++++ libdwfl/elf-from-memory.c | 2 +- 2 files changed, 6 insertions(+), 1 deletions(-) diff --git a/libdwfl/ChangeLog b/libdwfl/ChangeLog index e55b03b..aacc0bf 100644 --- a/libdwfl/ChangeLog +++ b/libdwfl/ChangeLog @@ -1,3 +1,8 @@ +2014-02-26 Mark Wielaard <[email protected]> + + * elf-from-memory.c (elf_from_remote_memory): Check against p64 + p_type in case ELFCLASS64, not against p32 p_type. + 2014-01-17 Petr Machata <[email protected]> * relocate.c (relocate_section): Use gelf_fsize instead of relying diff --git a/libdwfl/elf-from-memory.c b/libdwfl/elf-from-memory.c index 528c35f..7d35df6 100644 --- a/libdwfl/elf-from-memory.c +++ b/libdwfl/elf-from-memory.c @@ -301,7 +301,7 @@ elf_from_remote_memory (GElf_Addr ehdr_vma, case ELFCLASS64: for (uint_fast16_t i = 0; i < phnum; ++i) - if (phdrs.p32[i].p_type == PT_LOAD) + if (phdrs.p64[i].p_type == PT_LOAD) if (handle_segment (phdrs.p64[i].p_vaddr, phdrs.p64[i].p_offset, phdrs.p64[i].p_filesz, phdrs.p64[i].p_align)) goto read_error; -- 1.7.1
