events.c revision 02648a119092bb5b64918063521237f257283c72 
1#include "config.h"
2
3#define	_GNU_SOURCE	1
4#include <stdlib.h>
5#include <sys/types.h>
6#include <sys/wait.h>
7#include <errno.h>
8#include <signal.h>
9#include <string.h>
10#include <sys/ptrace.h>
11#include <assert.h>
12#include <unistd.h>
13
14#include "common.h"
15#include "breakpoint.h"
16
17static Event event;
18
19/* A queue of events that we missed while enabling the
20 * breakpoint in one of tasks.  */
21static Event * delayed_events = NULL;
22static Event * end_delayed_events = NULL;
23
24static enum pcb_status
25first (Process * proc, void * data)
26{
27	return pcb_stop;
28}
29
30void
31enque_event(Event * event)
32{
33	debug(DEBUG_FUNCTION, "%d: queuing event %d for later",
34	      event->proc->pid, event->type);
35	Event * ne = malloc(sizeof(*ne));
36	if (ne == NULL) {
37		perror("event will be missed: malloc");
38		return;
39	}
40
41	*ne = *event;
42	ne->next = NULL;
43	if (end_delayed_events == NULL) {
44		assert(delayed_events == NULL);
45		end_delayed_events = delayed_events = ne;
46	}
47	else {
48		assert(delayed_events != NULL);
49		end_delayed_events = end_delayed_events->next = ne;
50	}
51}
52
53Event *
54each_qd_event(enum ecb_status (*pred)(Event *, void *), void * data)
55{
56	Event * prev = delayed_events;
57	Event * event;
58	for (event = prev; event != NULL; ) {
59		switch ((*pred)(event, data)) {
60		case ecb_cont:
61			prev = event;
62			event = event->next;
63			continue;
64
65		case ecb_deque:
66			debug(DEBUG_FUNCTION, "dequeuing event %d for %d",
67			      event->type,
68			      event->proc != NULL ? event->proc->pid : -1);
69			/*
70			printf("dequeuing event %d for %d\n", event->type,
71			       event->proc != NULL ? event->proc->pid : -1) ;
72			*/
73			if (end_delayed_events == event)
74				end_delayed_events = prev;
75			if (delayed_events == event)
76				delayed_events = event->next;
77			else
78				prev->next = event->next;
79			if (delayed_events == NULL)
80				end_delayed_events = NULL;
81			/* fall-through */
82
83		case ecb_yield:
84			return event;
85		}
86	}
87
88	return NULL;
89}
90
91static enum ecb_status
92event_process_not_reenabling(Event * event, void * data)
93{
94	if (event->proc == NULL
95	    || event->proc->leader == NULL
96	    || event->proc->leader->event_handler == NULL)
97		return ecb_deque;
98	else
99		return ecb_cont;
100}
101
102static Event *
103next_qd_event(void)
104{
105	return each_qd_event(&event_process_not_reenabling, NULL);
106}
107
108int linux_in_waitpid = 0;
109
110Event *
111next_event(void)
112{
113	pid_t pid;
114	int status;
115	int tmp;
116	int stop_signal;
117
118	debug(DEBUG_FUNCTION, "next_event()");
119	Event * ev;
120	if ((ev = next_qd_event()) != NULL) {
121		event = *ev;
122		free(ev);
123		return &event;
124	}
125
126	if (!each_process(NULL, &first, NULL)) {
127		debug(DEBUG_EVENT, "event: No more traced programs: exiting");
128		exit(0);
129	}
130
131	linux_in_waitpid = 1;
132	pid = waitpid(-1, &status, __WALL);
133	linux_in_waitpid = 0;
134
135	if (pid == -1) {
136		if (errno == ECHILD) {
137			debug(DEBUG_EVENT, "event: No more traced programs: exiting");
138			exit(0);
139		} else if (errno == EINTR) {
140			debug(DEBUG_EVENT, "event: none (wait received EINTR?)");
141			event.type = EVENT_NONE;
142			return &event;
143		}
144		perror("wait");
145		exit(1);
146	}
147	event.proc = pid2proc(pid);
148	if (!event.proc || event.proc->state == STATE_BEING_CREATED) {
149		/* Work around (presumably) a bug on some kernels,
150		 * where we are seeing a waitpid event even though the
151		 * process is still reported to be running.  Wait for
152		 * the tracing stop to propagate.  But don't get stuck
153		 * here forever.
154		 *
155		 * We need the process in T, because there's a lot of
156		 * ptracing going on all over the place, and these
157		 * calls fail when the process is not in T.
158		 *
159		 * N.B. This was observed on RHEL 5 Itanium, but I'm
160		 * turning this on globally, to save some poor soul
161		 * down the road (which could well be me a year from
162		 * now) the pain of figuring this out all over again.
163		 * Petr Machata 2011-11-22.  */
164		int i = 0;
165		for (; i < 100 && process_status(pid) != ps_tracing_stop; ++i) {
166			debug(2, "waiting for %d to stop", pid);
167			usleep(10000);
168		}
169		event.type = EVENT_NEW;
170		event.e_un.newpid = pid;
171		debug(DEBUG_EVENT, "event: NEW: pid=%d", pid);
172		return &event;
173	}
174	get_arch_dep(event.proc);
175	debug(3, "event from pid %u", pid);
176	if (event.proc->breakpoints_enabled == -1)
177		trace_set_options(event.proc, event.proc->pid);
178	Process *leader = event.proc->leader;
179	if (leader == event.proc) {
180		if (!event.proc->libdl_hooked) {
181			/* debug struct may not have been written yet.. */
182			if (linkmap_init(event.proc, &main_lte) == 0) {
183				event.proc->libdl_hooked = 1;
184			}
185		}
186	}
187
188	/* The process should be stopped after the waitpid call.  But
189	 * when the whole thread group is terminated, we see
190	 * individual tasks spontaneously transitioning from 't' to
191	 * 'R' and 'Z'.  Calls to ptrace fail and /proc/pid/status may
192	 * not even be available anymore, so we can't check in
193	 * advance.  So we just drop the error checking around ptrace
194	 * calls.  We check for termination ex post when it fails,
195	 * suppress the event, and let the event loop collect the
196	 * termination in the next iteration.  */
197#define CHECK_PROCESS_TERMINATED					\
198	do {								\
199		int errno_save = errno;					\
200		switch (process_stopped(pid))				\
201		case 0:							\
202		case -1: {						\
203			debug(DEBUG_EVENT,				\
204			      "process not stopped, is it terminating?"); \
205			event.type = EVENT_NONE;			\
206			continue_process(event.proc->pid);		\
207			return &event;					\
208		}							\
209		errno = errno_save;					\
210	} while (0)
211
212	event.proc->instruction_pointer = (void *)(uintptr_t)-1;
213
214	/* Check for task termination now, before we have a need to
215	 * call CHECK_PROCESS_TERMINATED later.  That would suppress
216	 * the event that we are processing.  */
217	if (WIFSIGNALED(status)) {
218		event.type = EVENT_EXIT_SIGNAL;
219		event.e_un.signum = WTERMSIG(status);
220		debug(DEBUG_EVENT, "event: EXIT_SIGNAL: pid=%d, signum=%d", pid, event.e_un.signum);
221		return &event;
222	}
223	if (WIFEXITED(status)) {
224		event.type = EVENT_EXIT;
225		event.e_un.ret_val = WEXITSTATUS(status);
226		debug(DEBUG_EVENT, "event: EXIT: pid=%d, status=%d", pid, event.e_un.ret_val);
227		return &event;
228	}
229
230	event.proc->instruction_pointer = get_instruction_pointer(event.proc);
231	if (event.proc->instruction_pointer == (void *)(uintptr_t)-1) {
232		CHECK_PROCESS_TERMINATED;
233		if (errno != 0)
234			perror("get_instruction_pointer");
235	}
236
237	switch (syscall_p(event.proc, status, &tmp)) {
238		case 1:
239			event.type = EVENT_SYSCALL;
240			event.e_un.sysnum = tmp;
241			debug(DEBUG_EVENT, "event: SYSCALL: pid=%d, sysnum=%d", pid, tmp);
242			return &event;
243		case 2:
244			event.type = EVENT_SYSRET;
245			event.e_un.sysnum = tmp;
246			debug(DEBUG_EVENT, "event: SYSRET: pid=%d, sysnum=%d", pid, tmp);
247			return &event;
248		case 3:
249			event.type = EVENT_ARCH_SYSCALL;
250			event.e_un.sysnum = tmp;
251			debug(DEBUG_EVENT, "event: ARCH_SYSCALL: pid=%d, sysnum=%d", pid, tmp);
252			return &event;
253		case 4:
254			event.type = EVENT_ARCH_SYSRET;
255			event.e_un.sysnum = tmp;
256			debug(DEBUG_EVENT, "event: ARCH_SYSRET: pid=%d, sysnum=%d", pid, tmp);
257			return &event;
258		case -1:
259			CHECK_PROCESS_TERMINATED;
260			if (errno != 0)
261				perror("syscall_p");
262	}
263	if (WIFSTOPPED(status)) {
264		int what = status >> 16;
265		if (what == PTRACE_EVENT_VFORK
266		    || what == PTRACE_EVENT_FORK
267		    || what == PTRACE_EVENT_CLONE) {
268			unsigned long data;
269			event.type = what == PTRACE_EVENT_VFORK
270				? EVENT_VFORK : EVENT_CLONE;
271			ptrace(PTRACE_GETEVENTMSG, pid, NULL, &data);
272			event.e_un.newpid = data;
273			debug(DEBUG_EVENT, "event: CLONE: pid=%d, newpid=%d",
274			      pid, (int)data);
275			return &event;
276		}
277	}
278	if (WIFSTOPPED(status) && (status>>16 == PTRACE_EVENT_EXEC)) {
279		event.type = EVENT_EXEC;
280		debug(DEBUG_EVENT, "event: EXEC: pid=%d", pid);
281		return &event;
282	}
283	if (!WIFSTOPPED(status)) {
284		/* should never happen */
285		event.type = EVENT_NONE;
286		debug(DEBUG_EVENT, "event: NONE: pid=%d (wait error?)", pid);
287		return &event;
288	}
289
290	stop_signal = WSTOPSIG(status);
291
292	/* On some targets, breakpoints are signalled not using
293	   SIGTRAP, but also with SIGILL, SIGSEGV or SIGEMT.  SIGEMT
294	   is not defined on Linux, but check for the others.
295
296	   N.B. see comments in GDB's infrun.c for details.  I've
297	   actually seen this on an Itanium machine on RHEL 5, I don't
298	   remember the exact kernel version anymore.  ia64-sigill.s
299	   in the test suite tests this.  Petr Machata 2011-06-08.  */
300	void * break_address
301		= event.proc->instruction_pointer - DECR_PC_AFTER_BREAK;
302	if ((stop_signal == SIGSEGV || stop_signal == SIGILL)
303	    && leader != NULL
304	    && address2bpstruct(leader, break_address))
305			stop_signal = SIGTRAP;
306
307	if (stop_signal != (SIGTRAP | event.proc->tracesysgood)
308			&& stop_signal != SIGTRAP) {
309		event.type = EVENT_SIGNAL;
310		event.e_un.signum = stop_signal;
311		debug(DEBUG_EVENT, "event: SIGNAL: pid=%d, signum=%d", pid, stop_signal);
312		return &event;
313	}
314
315	/* last case [by exhaustion] */
316	event.type = EVENT_BREAKPOINT;
317
318	event.e_un.brk_addr = break_address;
319	debug(DEBUG_EVENT, "event: BREAKPOINT: pid=%d, addr=%p", pid, event.e_un.brk_addr);
320
321	return &event;
322}
323