events.c revision ffe4cd25089680daf1bd1ec0114d177ec3e0cf95 
1#include "config.h"
2
3#define	_GNU_SOURCE	1
4#include <stdlib.h>
5#include <sys/types.h>
6#include <sys/wait.h>
7#include <errno.h>
8#include <signal.h>
9#include <string.h>
10#include <sys/ptrace.h>
11#include <assert.h>
12#include <unistd.h>
13
14#include "common.h"
15
16static Event event;
17
18/* A queue of events that we missed while enabling the
19 * breakpoint in one of tasks.  */
20static Event * delayed_events = NULL;
21static Event * end_delayed_events = NULL;
22
23static enum pcb_status
24first (Process * proc, void * data)
25{
26	return pcb_stop;
27}
28
29void
30enque_event(Event * event)
31{
32	debug(DEBUG_FUNCTION, "%d: queuing event %d for later",
33	      event->proc->pid, event->type);
34	Event * ne = malloc(sizeof(*ne));
35	if (ne == NULL) {
36		perror("event will be missed: malloc");
37		return;
38	}
39
40	*ne = *event;
41	ne->next = NULL;
42	if (end_delayed_events == NULL) {
43		assert(delayed_events == NULL);
44		end_delayed_events = delayed_events = ne;
45	}
46	else {
47		assert(delayed_events != NULL);
48		end_delayed_events = end_delayed_events->next = ne;
49	}
50}
51
52Event *
53each_qd_event(enum ecb_status (*pred)(Event *, void *), void * data)
54{
55	Event * prev = delayed_events;
56	Event * event;
57	for (event = prev; event != NULL; ) {
58		switch ((*pred)(event, data)) {
59		case ecb_cont:
60			prev = event;
61			event = event->next;
62			continue;
63
64		case ecb_deque:
65			debug(DEBUG_FUNCTION, "dequeuing event %d for %d",
66			      event->type,
67			      event->proc != NULL ? event->proc->pid : -1);
68			/*
69			printf("dequeuing event %d for %d\n", event->type,
70			       event->proc != NULL ? event->proc->pid : -1) ;
71			*/
72			if (end_delayed_events == event)
73				end_delayed_events = prev;
74			if (delayed_events == event)
75				delayed_events = event->next;
76			else
77				prev->next = event->next;
78			if (delayed_events == NULL)
79				end_delayed_events = NULL;
80			/* fall-through */
81
82		case ecb_yield:
83			return event;
84		}
85	}
86
87	return NULL;
88}
89
90static enum ecb_status
91event_process_not_reenabling(Event * event, void * data)
92{
93	if (event->proc == NULL
94	    || event->proc->leader == NULL
95	    || event->proc->leader->event_handler == NULL)
96		return ecb_deque;
97	else
98		return ecb_cont;
99}
100
101static Event *
102next_qd_event(void)
103{
104	return each_qd_event(&event_process_not_reenabling, NULL);
105}
106
107int linux_in_waitpid = 0;
108
109Event *
110next_event(void)
111{
112	pid_t pid;
113	int status;
114	int tmp;
115	int stop_signal;
116
117	debug(DEBUG_FUNCTION, "next_event()");
118	Event * ev;
119	if ((ev = next_qd_event()) != NULL) {
120		event = *ev;
121		free(ev);
122		return &event;
123	}
124
125	if (!each_process(NULL, &first, NULL)) {
126		debug(DEBUG_EVENT, "event: No more traced programs: exiting");
127		exit(0);
128	}
129
130	linux_in_waitpid = 1;
131	pid = waitpid(-1, &status, __WALL);
132	linux_in_waitpid = 0;
133
134	if (pid == -1) {
135		if (errno == ECHILD) {
136			debug(DEBUG_EVENT, "event: No more traced programs: exiting");
137			exit(0);
138		} else if (errno == EINTR) {
139			debug(DEBUG_EVENT, "event: none (wait received EINTR?)");
140			event.type = EVENT_NONE;
141			return &event;
142		}
143		perror("wait");
144		exit(1);
145	}
146	event.proc = pid2proc(pid);
147	if (!event.proc || event.proc->state == STATE_BEING_CREATED) {
148		/* Work around (presumably) a bug on some kernels,
149		 * where we are seeing a waitpid event even though the
150		 * process is still reported to be running.  Wait for
151		 * the tracing stop to propagate.  But don't get stuck
152		 * here forever.
153		 *
154		 * We need the process in T, because there's a lot of
155		 * ptracing going on all over the place, and these
156		 * calls fail when the process is not in T.
157		 *
158		 * N.B. This was observed on RHEL 5 Itanium, but I'm
159		 * turning this on globally, to save some poor soul
160		 * down the road (which could well be me a year from
161		 * now) the pain of figuring this out all over again.
162		 * Petr Machata 2011-11-22.  */
163		int i = 0;
164		for (; i < 100 && process_status(pid) != ps_tracing_stop; ++i) {
165			debug(2, "waiting for %d to stop", pid);
166			usleep(10000);
167		}
168		event.type = EVENT_NEW;
169		event.e_un.newpid = pid;
170		debug(DEBUG_EVENT, "event: NEW: pid=%d", pid);
171		return &event;
172	}
173	get_arch_dep(event.proc);
174	debug(3, "event from pid %u", pid);
175	if (event.proc->breakpoints_enabled == -1)
176		trace_set_options(event.proc, event.proc->pid);
177	Process *leader = event.proc->leader;
178	if (leader == event.proc) {
179		if (event.proc->breakpoints_enabled == -1) {
180			event.type = EVENT_NONE;
181			enable_all_breakpoints(event.proc);
182			continue_process(event.proc->pid);
183			debug(DEBUG_EVENT,
184			      "event: NONE: pid=%d (enabling breakpoints)",
185			      pid);
186			return &event;
187		} else if (!event.proc->libdl_hooked) {
188			/* debug struct may not have been written yet.. */
189			if (linkmap_init(event.proc, &main_lte) == 0) {
190				event.proc->libdl_hooked = 1;
191			}
192		}
193	}
194
195	/* The process should be stopped after the waitpid call.  But
196	 * when the whole thread group is terminated, we see
197	 * individual tasks spontaneously transitioning from 't' to
198	 * 'R' and 'Z'.  Calls to ptrace fail and /proc/pid/status may
199	 * not even be available anymore, so we can't check in
200	 * advance.  So we just drop the error checking around ptrace
201	 * calls.  We check for termination ex post when it fails,
202	 * suppress the event, and let the event loop collect the
203	 * termination in the next iteration.  */
204#define CHECK_PROCESS_TERMINATED					\
205	do {								\
206		int errno_save = errno;					\
207		switch (process_stopped(pid))				\
208		case 0:							\
209		case -1: {						\
210			debug(DEBUG_EVENT,				\
211			      "process not stopped, is it terminating?"); \
212			event.type = EVENT_NONE;			\
213			continue_process(event.proc->pid);		\
214			return &event;					\
215		}							\
216		errno = errno_save;					\
217	} while (0)
218
219	event.proc->instruction_pointer = (void *)(uintptr_t)-1;
220
221	/* Check for task termination now, before we have a need to
222	 * call CHECK_PROCESS_TERMINATED later.  That would suppress
223	 * the event that we are processing.  */
224	if (WIFSIGNALED(status)) {
225		event.type = EVENT_EXIT_SIGNAL;
226		event.e_un.signum = WTERMSIG(status);
227		debug(DEBUG_EVENT, "event: EXIT_SIGNAL: pid=%d, signum=%d", pid, event.e_un.signum);
228		return &event;
229	}
230	if (WIFEXITED(status)) {
231		event.type = EVENT_EXIT;
232		event.e_un.ret_val = WEXITSTATUS(status);
233		debug(DEBUG_EVENT, "event: EXIT: pid=%d, status=%d", pid, event.e_un.ret_val);
234		return &event;
235	}
236
237	event.proc->instruction_pointer = get_instruction_pointer(event.proc);
238	if (event.proc->instruction_pointer == (void *)(uintptr_t)-1) {
239		CHECK_PROCESS_TERMINATED;
240		if (errno != 0)
241			perror("get_instruction_pointer");
242	}
243
244	switch (syscall_p(event.proc, status, &tmp)) {
245		case 1:
246			event.type = EVENT_SYSCALL;
247			event.e_un.sysnum = tmp;
248			debug(DEBUG_EVENT, "event: SYSCALL: pid=%d, sysnum=%d", pid, tmp);
249			return &event;
250		case 2:
251			event.type = EVENT_SYSRET;
252			event.e_un.sysnum = tmp;
253			debug(DEBUG_EVENT, "event: SYSRET: pid=%d, sysnum=%d", pid, tmp);
254			return &event;
255		case 3:
256			event.type = EVENT_ARCH_SYSCALL;
257			event.e_un.sysnum = tmp;
258			debug(DEBUG_EVENT, "event: ARCH_SYSCALL: pid=%d, sysnum=%d", pid, tmp);
259			return &event;
260		case 4:
261			event.type = EVENT_ARCH_SYSRET;
262			event.e_un.sysnum = tmp;
263			debug(DEBUG_EVENT, "event: ARCH_SYSRET: pid=%d, sysnum=%d", pid, tmp);
264			return &event;
265		case -1:
266			CHECK_PROCESS_TERMINATED;
267			if (errno != 0)
268				perror("syscall_p");
269	}
270	if (WIFSTOPPED(status)) {
271		int what = status >> 16;
272		if (what == PTRACE_EVENT_VFORK
273		    || what == PTRACE_EVENT_FORK
274		    || what == PTRACE_EVENT_CLONE) {
275			unsigned long data;
276			event.type = what == PTRACE_EVENT_VFORK
277				? EVENT_VFORK : EVENT_CLONE;
278			ptrace(PTRACE_GETEVENTMSG, pid, NULL, &data);
279			event.e_un.newpid = data;
280			debug(DEBUG_EVENT, "event: CLONE: pid=%d, newpid=%d",
281			      pid, (int)data);
282			return &event;
283		}
284	}
285	if (WIFSTOPPED(status) && (status>>16 == PTRACE_EVENT_EXEC)) {
286		event.type = EVENT_EXEC;
287		debug(DEBUG_EVENT, "event: EXEC: pid=%d", pid);
288		return &event;
289	}
290	if (!WIFSTOPPED(status)) {
291		/* should never happen */
292		event.type = EVENT_NONE;
293		debug(DEBUG_EVENT, "event: NONE: pid=%d (wait error?)", pid);
294		return &event;
295	}
296
297	stop_signal = WSTOPSIG(status);
298
299	/* On some targets, breakpoints are signalled not using
300	   SIGTRAP, but also with SIGILL, SIGSEGV or SIGEMT.  SIGEMT
301	   is not defined on Linux, but check for the others.
302
303	   N.B. see comments in GDB's infrun.c for details.  I've
304	   actually seen this on an Itanium machine on RHEL 5, I don't
305	   remember the exact kernel version anymore.  ia64-sigill.s
306	   in the test suite tests this.  Petr Machata 2011-06-08.  */
307	void * break_address
308		= event.proc->instruction_pointer - DECR_PC_AFTER_BREAK;
309	if ((stop_signal == SIGSEGV || stop_signal == SIGILL)
310	    && leader != NULL
311	    && address2bpstruct(leader, break_address))
312			stop_signal = SIGTRAP;
313
314	if (stop_signal != (SIGTRAP | event.proc->tracesysgood)
315			&& stop_signal != SIGTRAP) {
316		event.type = EVENT_SIGNAL;
317		event.e_un.signum = stop_signal;
318		debug(DEBUG_EVENT, "event: SIGNAL: pid=%d, signum=%d", pid, stop_signal);
319		return &event;
320	}
321
322	/* last case [by exhaustion] */
323	event.type = EVENT_BREAKPOINT;
324
325	event.e_un.brk_addr = break_address;
326	debug(DEBUG_EVENT, "event: BREAKPOINT: pid=%d, addr=%p", pid, event.e_un.brk_addr);
327
328	return &event;
329}
330