I made the following simple example to read memory from a child process using ptrace.
I want to see the value at a specific address, 0x601050, every second during the execution of a small matrix multiplication program. I use PTRACE_PEEKDATA followed by PTRACE_CONT and sleep for 1 second, in an infinite loop, to do so.
However, the matrix multiplication program never proceeds--it should print to stdout in the first instruction, but it never seems to execute. I understood that ptrace(PTRACE_CONT,pid) would signal the child to resume execution and that sleep(1) would allow it to execute for a second (until the next ptrace call), but that is not the case.
#include <string.h>
#include <errno.h>
#include <inttypes.h>
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/ptrace.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <sys/user.h>
#include <sys/reg.h>
int read_mem(long *out, pid_t pid, long addr, size_t sz)
{
long tmp;
size_t copied = 0;
while(copied < sz)
{
tmp = ptrace(PTRACE_PEEKDATA, pid, addr+copied);
if(errno)
{
fprintf(stderr,"ptrace: error : %s\n",strerror(errno));
return copied;
}
memcpy(out,&tmp,sizeof(long));
copied += sizeof(long);
out++;
printf("ptrace: copied %d bytes\n",copied);
}
return copied;
}
int main()
{
pid_t child;
long result;
struct user_regs_struct regs;
int status;
long addr = 0x601050;
size_t sz = sizeof(double);
long *buf = (long*)malloc(sz);
child = fork();
if(child == 0)
{
ptrace(PTRACE_TRACEME);
execl("./matmul", "matmul", NULL);
}
else
{
ptrace(PTRACE_GETREGS, child, ®s);
printf("ptrace: regs.rip : 0x%lx\n", regs.rip);
while(1)
{
read_mem(buf, child, addr, sz);
printf("ptrace: read(0x%lx) : %f\n", addr, (double)(*buf));
ptrace(PTRACE_CONT, child);
sleep(1);
}
}
return 0;
}
You don't seem to set a PTRACE_O_TRACEEXEC option. Failing to do so results in SIGTRAP being sent to tracee upon a call to exec; if it is not prepared, the default action is a termination with a core dump.
Related
I'm trying to write a small program that generates a child process with fork() that will have to increase a variable shared with the parent, how do I share an unsigned int variable?
code:
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <signal.h>
#include <sys/types.h>
static unsigned int elapsed;
int count(){
while(1){
sleep(1);
elapsed++;
}
exit(EXIT_SUCCESS);
}
void hadler(int sig){
if( sig == SIGUSR1){
printf("elapsed: %u\n", elapsed);
}
}
int main(){
pid_t pid = getpid();
printf("This is my pid: %d\n", pid);
pid = fork();
if(pid == 0)
count();
while(1){
signal(SIGUSR1, hadler);
}
}
You can see there is a child than exec count() (increase a variable "elapsed" every second). The parent is waiting for SIGUSR1, when receive the signal he print the "elapsed".
Naively I tried to use a static global variable but it doesn't work for obvious reasons.
Hi i'm just trying to use posix_spawn on OSX , this should work find (as for *nix) anyway after posix_spawn syscall the process will receive SIGTRAP i really cannot uderstand why.
#include <spawn.h>
#include <stdio.h>
#include <stdlib.h>
int main()
{
while(1){
char *newargv[] = { "/usr/bin/id", 0 };
char *newenviron[] = {0};
posix_spawnattr_t * a;
posix_spawn_file_actions_t * fa;
fa = malloc(0x80);
a = malloc(336);
//printf("size: %d\n", sizeof(posix_spawnattr_t));
posix_spawnattr_init(a);
posix_spawnattr_setflags(a, 0x40);
posix_spawn_file_actions_init(fa);
pid_t pid;
int status = 0;
posix_spawn(&pid, "/usr/bin/id", fa, a, newargv, newenviron);
waitpid(pid, &status, 0);
printf("pid: %d\n", pid);
}
//printf("pid: %d\n", pid);
return 0;
}
It should run forever but the output from id will be printed just one time.
Thanks for your support!
Not sure what you are actually trying to do, because you have hard-coded constants and sizes in that may not be relevant on macOS.
The main problem is that your 0x40 flag means that /usr/bin/id is exec'ed - just once and replaces the current process so it doesn't go around the loop again!
Other problems should be visible from the version below:
#include <spawn.h>
#include <stdio.h>
#include <stdlib.h>
int main()
{
char *newargv[] = { "/usr/bin/id", 0 };
char *newenviron[] = {0};
posix_spawnattr_t a;
posix_spawnattr_init(&a);
// posix_spawnattr_setflags(&a, 0x40); exec & replace the current process !!!
pid_t pid;
int status = 0;
while(1){
posix_spawn(&pid, "/usr/bin/id", NULL, &a, newargv, newenviron);
waitpid(pid, &status, 0);
printf("pid: %d\n", pid);
}
return 0;
}
The difference between what you have:
posix_spawnattr_t * a;
a = malloc(336);
and what I have:
posix_spawnattr_t a;
is that firstly, mine is the correct size no matter how the structure is defined on any particular OS, whereas yours is a hard-coded number that may or may not be correct for any particular OS, and secondly, your method leaks 336 bytes of memory every time through the loop which, given that there is no delay or anything else in the loop, might mean more of a gushing tap/faucet than a minor leak ;-)
I wrote a really basic shell and for some reason, when I use fork() and then waitpid() the parent process won't wait for the child.
#include <stdio.h>
#include <unistd.h>
#include <string.h>
#include <stdlib.h>
#include <sys/syscall.h>
#include <linux/limits.h>
#include "LineParser.h"
#include <termios.h>
#define MAX_STR 2048
void execute(cmdLine *pCmdLine);
int main()
{
char isContinuing = 1;
char path[PATH_MAX];
char str[MAX_STR];
char something[MAX_STR+PATH_MAX];
cmdLine* cmd;
while(isContinuing)
{
getcwd(path, PATH_MAX);
printf("%s$ ", path);
fgets(str, MAX_STR, stdin);
if(!strncmp(str, "quit", strlen("quit")))
{
isContinuing = 0;
}
else
{
cmd = parseCmdLines(str);
if(cmd->arguments != '\0')
{
execute(cmd);
}
}
}
freeCmdLines(cmd);
return 0;
}
void execute(cmdLine *pCmdLine)
{
pid_t id = fork();
if(id == 0)
{
printf("I AM CHILD.\n");
if(!execvp(pCmdLine->arguments[0], pCmdLine->arguments))
{
perror("execvp failed.\n");
exit(1);
}
exit(0);
}
printf("I AM PARENT.\n");
printf("WAITING FOR CHILD.\n");
waitpid(id);
printf("DONE WAITING\n");
}
LineParser header file is mine and it is fully working.
Now, for some reason, only the first command is working as expected,
let's assume an input "echo hi", the output is:
I AM PARENT.
WAITING FOR CHILD.
I AM CHILD.
DONE WAITING.
as expected and then it prints "hi" and the path, waiting for a command again.
For some reason, when I enter the SAME input "echo hi" the second time, the output is:
I AM PARENT.
WAITING FOR CHILD.
DONE WAITING.
$PATH$ //(WITHOUT WAITING FOR INPUT !!!)
I AM CHILD.
hi
//and here waiting for input//
Why does this happen?
There are several problems with your code:
not clearing malloc'd memory on every iteration through the while loop
putting a exit() statement in unreachable code
incorrect parameter list for the waitpid() function
unclear delination between parent code and child code in execute function
unused variable something
failed to check return value from fgets function
missing #include for sys/types.h
missing #include for sys/wait.h
IMO: the question should have included the definition of struct cmdLine
So here is a compilable version of your code. The compiler found many problems with the original code.
#include <stdio.h>
#include <unistd.h>
#include <string.h>
#include <stdlib.h>
#include <sys/syscall.h>
#include <linux/limits.h>
//#include "LineParser.h"
#include <termios.h>
#include <sys/types.h>
#include <sys/wait.h> // prototype for waitpid()
//note: pid_t waitpid(pid_t pid, int *status, int options);
struct cmdLine
{
char ** arguments; // arguments[x] = ptr to an argument string
};
#define MAX_STR (2048)
#define MAX_PATH (256)
void execute(struct cmdLine *);
struct cmdLine * parseCmdLines( char * );
void freeCmdLines( struct cmdLine * );
int main()
{
char path[PATH_MAX];
char str[MAX_STR];
//char something[MAX_STR+PATH_MAX];
struct cmdLine* pCmd = NULL;
while(1)
{
getcwd(path, PATH_MAX);
printf("%s$ ", path);
if( NULL == fgets(str, MAX_STR, stdin) )
{
perror( "fgets failed" );
exit( EXIT_FAILURE );
}
// implied else
if(!strncmp(str, "quit", strlen("quit")))
{ // then strings equal
break; // exit while loop (and pgm)
}
// implied else input not equal 'quit'
pCmd = parseCmdLines(str);
if( (NULL != pCmd) && (NULL != pCmd->arguments) )
{ // then one or more arguments entered/parsed
execute(pCmd);
} // end if
freeCmdLines(pCmd); // free all strings memory, then free struct memory
pCmd = NULL; // cleanup
} // end while
return 0;
} // end function: main
void execute(struct cmdLine *pCmdLine)
{
int status = 0;
pid_t id = fork();
if(id == 0)
{ // then, child
printf("I AM CHILD.\n");
if(!execvp(pCmdLine->arguments[0], pCmdLine->arguments))
{ // if no error then never gets here
perror("execvp failed.\n");
} // end if
}
else
{ // else, parent
printf("I AM PARENT.\n");
printf("WAITING FOR CHILD.\n");
waitpid(id, &status, 0);
printf("DONE WAITING\n");
} // end if
} // end function: execute
You invoke undefined behavior by calling the waitpid() function with the wrong number of arguments. Anything could happen.
This simplified variant of your code works fine for me:
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/wait.h>
int main ()
{
int i;
for (i = 0; i < 3; i += 1)
{
pid_t id = fork();
if(id == 0)
{
char *argv[] = { "echo", "hi", NULL };
printf("I AM CHILD.\n");
execvp("echo", argv);
/* failed to exec */
perror("execvp failed.\n");
exit(1);
} else if (id < 0) {
perror("fork failed.\n");
exit(1);
}
printf("I AM PARENT.\n");
printf("WAITING FOR CHILD.\n");
waitpid(id, NULL, 0);
printf("DONE WAITING\n");
}
return 0;
}
Your call to waitpid(2) is wrong.
According to man 2 waitpid, it's:
pid_t waitpid(pid_t pid, int *status, int options);
You probably need to define an int and call it as:
waitpid(id, &status, 0);
or use the simpler version wait(2), which will work for any child:
wait(&status);
Your main problem is that you don’t let the compiler check your code. You should generally enable the compiler warnings and try to understand them.
$ gcc -Wall -Wextra -Werror -Os -c myshell.c
This is the minimum command line I use. When your code compiles with these settings, you have already eliminated a bunch of hard-to-find bugs in your code. Among these bugs is, as others already have mentioned, the call to waitpid.
Have a look at http://pubs.opengroup.org/onlinepubs/7908799/xsh/waitpid.html. The Open Group specification requires that you #include the two headers <sys/types.h> and <sys/wait.h> before using the waitpid function. Your program doesn’t do this.
I am looking for copying PID value from User space to Kernel space, here is my code snaps.
Kernel Module:
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/init.h>
#include <asm/siginfo.h>
#include <linux/rcupdate.h>
#include <linux/sched.h>
#include <linux/uaccess.h>
#include <linux/signal.h>
MODULE_LICENSE ("GPL");
struct siginfo sinfo;
pid_t pid;
struct task_struct *task;
int init_module()
{
memset(&sinfo, 0, sizeof(struct siginfo));
sinfo.si_signo = SIGIO;
sinfo.si_code = SI_USER;
pid = 5218; // Everytime a new PID
// task = find_task_by_vpid(pid); I am also working on new and old version of UBUNTU so thats why this is here
task = pid_task(find_vpid(pid), PIDTYPE_PID);
printk("%d .\n", task);
if(task == NULL) {
printk("Cannot find PID from user program\r\n");
return 0;
}
send_sig_info(SIGIO, &sinfo, task);
return 0;
}
void cleanup_module ()
{
printk(KERN_ALERT"\nGoodBye World\n\n");
}
Userspace Code:
#include <stdio.h>
#include <stdlib.h>
#include <signal.h>
#include <string.h>
void signal_handler(int signum)
{
if (signum == SIGIO) printf("SIGIO\r\n"); return;
}
int main()
{
int i = 1;
signal(SIGIO, signal_handler);
printf("My PID is %d.\n", getpid());
while (i);
return 0;
}
Now, here I am always running user space program to get PID and then I always have to edit the pid variable in Kernel module.
I found one way to access information from user space into Kernel space and vice-versa (i.e., using copy_from/to_user() )
But I am unable to understand either of them for getting a PID from user space, I have to make file in /dev directory and should apply all the required functions for just getting PID?
Is there any other way? if not, then can anyone please help me to do this? I am new in c programming and playing with kernel module directly so its hard for me.
Look into code you have given, it seems that you want to handle SIGIO signal
Here is my attempt to solve your problem,
signal_kernel.c file :
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/init.h>
#include <asm/siginfo.h>
#include <linux/rcupdate.h>
#include <linux/sched.h>
#include <linux/uaccess.h>
#include <linux/signal.h>
#include <linux/debugfs.h>
#include <linux/pid.h>
#define MAX 10
MODULE_LICENSE("GPL");
struct dentry *file;
static ssize_t write_conf_pid(struct file *file, const char *buf,
size_t count, loff_t *position)
{
char temp_str[MAX];
int ret;
int pid = 0;
struct siginfo sinfo;
struct task_struct *task;
/* NEVER TRUST USER INPUT */
if (count > MAX)
return -EINVAL;
if (copy_from_user(temp_str, buf, MAX) != 0)
return -EFAULT;
ret = sscanf(temp_str, "%d", &pid);
if (ret != 1) {
pr_info("Error in reading PID value from user");
return -EINVAL;
}
pr_info("User entered pid %d\n", pid);
memset(&sinfo, 0, sizeof(struct siginfo));
sinfo.si_signo = SIGIO;
sinfo.si_code = SI_USER;
task = pid_task(find_vpid(pid), PIDTYPE_PID);
if (task == NULL) {
pr_info("Cannot find PID from user program\r\n");
return -ENODEV;
}
ret = send_sig_info(SIGIO, &sinfo, task);
if (ret < 0)
pr_info("Error sending signal\n");
return count;
}
static const struct file_operations my_fops = {
.write = write_conf_pid,
};
int init_module()
{
/* Only root can write to this file */
file = debugfs_create_file("pidconf", 0200, NULL, NULL, &my_fops);
return 0;
}
void cleanup_module()
{
pr_info("\nGoodBye World\n\n");
}
signal_user.c file :
#include <stdio.h>
#include <stdlib.h>
#include <signal.h>
#include <string.h>
void signal_handler(int signum)
{
if (signum == SIGIO)
printf("SIGIO\r\n");
return;
}
int main()
{
int i = 1;
signal(SIGIO, signal_handler);
printf("My PID is %d.\n", getpid());
while (i);
return 0;
}
After compiling and running both user space and kernel space program, use debugfs interface to send PID value to Kernel space,
$ insmod signal_kernel.ko
$ ./signal_user
My PID is 17633.
... # Process will run in loop due to while(1)
From another terminal, provide PID to debugfs interface,
$ echo 17633 > /sys/kernel/debug/pidconf
There are various ways (sysfs, misc_char_device, char device etc.) to this task, but this will give you brief idea about using copy_from_user() and copy_to_user()
Please note that there is little error handling done in signal_user.c and signal_kernel.c.
I've written a program which forks in a loop. The only thing children processes do is to increase a counter and exit, whereas a parent process waits for each of them.
My goal is to measure user and system time of parent process and all his children separately.
I've succeded with parent process using times() function and struct tms. Surprisingly, the same aproach to children processes isn't working. What is the mistake that I'm doing? How to measure those times?
I've also tried getrusage() and I/it failed.
My code:
#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
#include <sys/wait.h>
#include <sys/time.h>
#include <sys/resource.h>
#include <sys/times.h>
#include <time.h>
#ifndef COUNT
#define COUNT 100000
#endif
int counter;
int main(){
struct tms time1,time2;
times(&time1);
int count = COUNT;
pid_t pid;
while(count--){
if((pid=fork())<0){
printf("fork error\n");
} else if(pid==0){ /* child */
counter++;
_exit(0);
} else {
waitpid(pid,NULL,0); /*wait()*/
}
}
printf("COUNTER: %d\n",counter);
times(&time2);
long double clktck=sysconf(_SC_CLK_TCK);
double user=(time2.tms_utime-time1.tms_utime)/(double)clktck;
double system=(time2.tms_stime-time1.tms_stime)/(double)clktck;
double cuser=(time2.tms_cutime-time1.tms_cutime)/(double)clktck;
double csystem=(time2.tms_cstime-time1.tms_cstime)/(double)clktck;
printf("USER:%lf\nSYSTEM:%lf\n",user,system);
printf("CUSER:%lf\nCSYSTEM:%lf\n",cuser,csystem);
return 0;
}
I think the problem is that your children are executing too quickly; they don't take enough time to execute, so the sum of their time is plenty of zeros. To test this theory, I slightly changed your program:
#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
#include <stdlib.h>
#include <sys/wait.h>
#include <sys/time.h>
#include <sys/resource.h>
#include <sys/times.h>
#include <time.h>
#ifndef COUNT
#define COUNT 100
#endif
int counter;
int main(){
struct tms time1,time2;
times(&time1);
int count = COUNT;
pid_t pid;
while(count--){
if((pid=fork())<0){
printf("fork error\n");
} else if(pid==0){ /* child */
int i;
for (i=0; i<10000; i++) {
printf("in child %i\n", getpid());
}
exit(0);
} else {
waitpid(pid,NULL,0); /*wait()*/
}
}
printf("COUNTER: %d\n",counter);
times(&time2);
printf("%lu %lu %lu %lu\n", time2.tms_utime, time2.tms_stime, time2.tms_cutime, time2.tms_cstime);
long double clktck=sysconf(_SC_CLK_TCK);
double user=(time2.tms_utime-time1.tms_utime)/(double)clktck;
double system=(time2.tms_stime-time1.tms_stime)/(double)clktck;
double cuser=(time2.tms_cutime-time1.tms_cutime)/(double)clktck;
double csystem=(time2.tms_cstime-time1.tms_cstime)/(double)clktck;
printf("USER:%lf\nSYSTEM:%lf\n",user,system);
printf("CUSER:%lf\nCSYSTEM:%lf\n",cuser,csystem);
return 0;
}
You'll see that I drastically cut down on the number of children, and made the children do some real work; 10_000 printf(... getpid()) operations. Now the times amount to something:
$ time ./times
...
in child 16181
COUNTER: 0
1 0 24 95
USER:0.010000
SYSTEM:0.000000
CUSER:0.240000
CSYSTEM:0.950000
real 0m2.234s
user 0m0.250s
sys 0m0.950s
I'm afraid your children just didn't have enough work to do to amount to anything. (Odd, sounds like parenting advice.)
Each child is given their own address space. The code will not work because it will increment it's own local copy of counter and quit, leaving the version in the parent process/all other children untouched.
Also, you are very likely to get some errors with that many children.
Sorry I could only help with half the program :(.