events.c revision 9294d82f67e20f5f2b61f317ad04f5cb717c7d27 
1#include "config.h"
2
3#define	_GNU_SOURCE	1
4#include <stdlib.h>
5#include <sys/types.h>
6#include <sys/wait.h>
7#include <errno.h>
8#include <signal.h>
9#include <string.h>
10#include <sys/ptrace.h>
11#include <assert.h>
12#include <unistd.h>
13
14#include "common.h"
15#include "breakpoint.h"
16
17static Event event;
18
19/* A queue of events that we missed while enabling the
20 * breakpoint in one of tasks.  */
21static Event * delayed_events = NULL;
22static Event * end_delayed_events = NULL;
23
24static enum pcb_status
25first (Process * proc, void * data)
26{
27	return pcb_stop;
28}
29
30void
31enque_event(Event * event)
32{
33	debug(DEBUG_FUNCTION, "%d: queuing event %d for later",
34	      event->proc->pid, event->type);
35	Event * ne = malloc(sizeof(*ne));
36	if (ne == NULL) {
37		perror("event will be missed: malloc");
38		return;
39	}
40
41	*ne = *event;
42	ne->next = NULL;
43	if (end_delayed_events == NULL) {
44		assert(delayed_events == NULL);
45		end_delayed_events = delayed_events = ne;
46	}
47	else {
48		assert(delayed_events != NULL);
49		end_delayed_events = end_delayed_events->next = ne;
50	}
51}
52
53Event *
54each_qd_event(enum ecb_status (*pred)(Event *, void *), void * data)
55{
56	Event * prev = delayed_events;
57	Event * event;
58	for (event = prev; event != NULL; ) {
59		switch ((*pred)(event, data)) {
60		case ecb_cont:
61			prev = event;
62			event = event->next;
63			continue;
64
65		case ecb_deque:
66			debug(DEBUG_FUNCTION, "dequeuing event %d for %d",
67			      event->type,
68			      event->proc != NULL ? event->proc->pid : -1);
69			/*
70			printf("dequeuing event %d for %d\n", event->type,
71			       event->proc != NULL ? event->proc->pid : -1) ;
72			*/
73			if (end_delayed_events == event)
74				end_delayed_events = prev;
75			if (delayed_events == event)
76				delayed_events = event->next;
77			else
78				prev->next = event->next;
79			if (delayed_events == NULL)
80				end_delayed_events = NULL;
81			/* fall-through */
82
83		case ecb_yield:
84			return event;
85		}
86	}
87
88	return NULL;
89}
90
91static enum ecb_status
92event_process_not_reenabling(Event * event, void * data)
93{
94	if (event->proc == NULL
95	    || event->proc->leader == NULL
96	    || event->proc->leader->event_handler == NULL)
97		return ecb_deque;
98	else
99		return ecb_cont;
100}
101
102static Event *
103next_qd_event(void)
104{
105	return each_qd_event(&event_process_not_reenabling, NULL);
106}
107
108int linux_in_waitpid = 0;
109
110Event *
111next_event(void)
112{
113	pid_t pid;
114	int status;
115	int tmp;
116	int stop_signal;
117
118	debug(DEBUG_FUNCTION, "next_event()");
119	Event * ev;
120	if ((ev = next_qd_event()) != NULL) {
121		event = *ev;
122		free(ev);
123		return &event;
124	}
125
126	if (!each_process(NULL, &first, NULL)) {
127		debug(DEBUG_EVENT, "event: No more traced programs: exiting");
128		exit(0);
129	}
130
131	linux_in_waitpid = 1;
132	pid = waitpid(-1, &status, __WALL);
133	linux_in_waitpid = 0;
134
135	if (pid == -1) {
136		if (errno == ECHILD) {
137			debug(DEBUG_EVENT, "event: No more traced programs: exiting");
138			exit(0);
139		} else if (errno == EINTR) {
140			debug(DEBUG_EVENT, "event: none (wait received EINTR?)");
141			event.type = EVENT_NONE;
142			return &event;
143		}
144		perror("wait");
145		exit(1);
146	}
147	event.proc = pid2proc(pid);
148	if (!event.proc || event.proc->state == STATE_BEING_CREATED) {
149		/* Work around (presumably) a bug on some kernels,
150		 * where we are seeing a waitpid event even though the
151		 * process is still reported to be running.  Wait for
152		 * the tracing stop to propagate.  But don't get stuck
153		 * here forever.
154		 *
155		 * We need the process in T, because there's a lot of
156		 * ptracing going on all over the place, and these
157		 * calls fail when the process is not in T.
158		 *
159		 * N.B. This was observed on RHEL 5 Itanium, but I'm
160		 * turning this on globally, to save some poor soul
161		 * down the road (which could well be me a year from
162		 * now) the pain of figuring this out all over again.
163		 * Petr Machata 2011-11-22.  */
164		int i = 0;
165		for (; i < 100 && process_status(pid) != ps_tracing_stop; ++i) {
166			debug(2, "waiting for %d to stop", pid);
167			usleep(10000);
168		}
169		event.type = EVENT_NEW;
170		event.e_un.newpid = pid;
171		debug(DEBUG_EVENT, "event: NEW: pid=%d", pid);
172		return &event;
173	}
174	get_arch_dep(event.proc);
175	debug(3, "event from pid %u", pid);
176	if (event.proc->breakpoints_enabled == -1)
177		trace_set_options(event.proc, event.proc->pid);
178	Process *leader = event.proc->leader;
179	if (leader == event.proc) {
180		if (event.proc->breakpoints_enabled == -1) {
181			event.type = EVENT_NONE;
182			enable_all_breakpoints(event.proc);
183			continue_process(event.proc->pid);
184			debug(DEBUG_EVENT,
185			      "event: NONE: pid=%d (enabling breakpoints)",
186			      pid);
187			return &event;
188		} else if (!event.proc->libdl_hooked) {
189			/* debug struct may not have been written yet.. */
190			if (linkmap_init(event.proc, &main_lte) == 0) {
191				event.proc->libdl_hooked = 1;
192			}
193		}
194	}
195
196	/* The process should be stopped after the waitpid call.  But
197	 * when the whole thread group is terminated, we see
198	 * individual tasks spontaneously transitioning from 't' to
199	 * 'R' and 'Z'.  Calls to ptrace fail and /proc/pid/status may
200	 * not even be available anymore, so we can't check in
201	 * advance.  So we just drop the error checking around ptrace
202	 * calls.  We check for termination ex post when it fails,
203	 * suppress the event, and let the event loop collect the
204	 * termination in the next iteration.  */
205#define CHECK_PROCESS_TERMINATED					\
206	do {								\
207		int errno_save = errno;					\
208		switch (process_stopped(pid))				\
209		case 0:							\
210		case -1: {						\
211			debug(DEBUG_EVENT,				\
212			      "process not stopped, is it terminating?"); \
213			event.type = EVENT_NONE;			\
214			continue_process(event.proc->pid);		\
215			return &event;					\
216		}							\
217		errno = errno_save;					\
218	} while (0)
219
220	event.proc->instruction_pointer = (void *)(uintptr_t)-1;
221
222	/* Check for task termination now, before we have a need to
223	 * call CHECK_PROCESS_TERMINATED later.  That would suppress
224	 * the event that we are processing.  */
225	if (WIFSIGNALED(status)) {
226		event.type = EVENT_EXIT_SIGNAL;
227		event.e_un.signum = WTERMSIG(status);
228		debug(DEBUG_EVENT, "event: EXIT_SIGNAL: pid=%d, signum=%d", pid, event.e_un.signum);
229		return &event;
230	}
231	if (WIFEXITED(status)) {
232		event.type = EVENT_EXIT;
233		event.e_un.ret_val = WEXITSTATUS(status);
234		debug(DEBUG_EVENT, "event: EXIT: pid=%d, status=%d", pid, event.e_un.ret_val);
235		return &event;
236	}
237
238	event.proc->instruction_pointer = get_instruction_pointer(event.proc);
239	if (event.proc->instruction_pointer == (void *)(uintptr_t)-1) {
240		CHECK_PROCESS_TERMINATED;
241		if (errno != 0)
242			perror("get_instruction_pointer");
243	}
244
245	switch (syscall_p(event.proc, status, &tmp)) {
246		case 1:
247			event.type = EVENT_SYSCALL;
248			event.e_un.sysnum = tmp;
249			debug(DEBUG_EVENT, "event: SYSCALL: pid=%d, sysnum=%d", pid, tmp);
250			return &event;
251		case 2:
252			event.type = EVENT_SYSRET;
253			event.e_un.sysnum = tmp;
254			debug(DEBUG_EVENT, "event: SYSRET: pid=%d, sysnum=%d", pid, tmp);
255			return &event;
256		case 3:
257			event.type = EVENT_ARCH_SYSCALL;
258			event.e_un.sysnum = tmp;
259			debug(DEBUG_EVENT, "event: ARCH_SYSCALL: pid=%d, sysnum=%d", pid, tmp);
260			return &event;
261		case 4:
262			event.type = EVENT_ARCH_SYSRET;
263			event.e_un.sysnum = tmp;
264			debug(DEBUG_EVENT, "event: ARCH_SYSRET: pid=%d, sysnum=%d", pid, tmp);
265			return &event;
266		case -1:
267			CHECK_PROCESS_TERMINATED;
268			if (errno != 0)
269				perror("syscall_p");
270	}
271	if (WIFSTOPPED(status)) {
272		int what = status >> 16;
273		if (what == PTRACE_EVENT_VFORK
274		    || what == PTRACE_EVENT_FORK
275		    || what == PTRACE_EVENT_CLONE) {
276			unsigned long data;
277			event.type = what == PTRACE_EVENT_VFORK
278				? EVENT_VFORK : EVENT_CLONE;
279			ptrace(PTRACE_GETEVENTMSG, pid, NULL, &data);
280			event.e_un.newpid = data;
281			debug(DEBUG_EVENT, "event: CLONE: pid=%d, newpid=%d",
282			      pid, (int)data);
283			return &event;
284		}
285	}
286	if (WIFSTOPPED(status) && (status>>16 == PTRACE_EVENT_EXEC)) {
287		event.type = EVENT_EXEC;
288		debug(DEBUG_EVENT, "event: EXEC: pid=%d", pid);
289		return &event;
290	}
291	if (!WIFSTOPPED(status)) {
292		/* should never happen */
293		event.type = EVENT_NONE;
294		debug(DEBUG_EVENT, "event: NONE: pid=%d (wait error?)", pid);
295		return &event;
296	}
297
298	stop_signal = WSTOPSIG(status);
299
300	/* On some targets, breakpoints are signalled not using
301	   SIGTRAP, but also with SIGILL, SIGSEGV or SIGEMT.  SIGEMT
302	   is not defined on Linux, but check for the others.
303
304	   N.B. see comments in GDB's infrun.c for details.  I've
305	   actually seen this on an Itanium machine on RHEL 5, I don't
306	   remember the exact kernel version anymore.  ia64-sigill.s
307	   in the test suite tests this.  Petr Machata 2011-06-08.  */
308	void * break_address
309		= event.proc->instruction_pointer - DECR_PC_AFTER_BREAK;
310	if ((stop_signal == SIGSEGV || stop_signal == SIGILL)
311	    && leader != NULL
312	    && address2bpstruct(leader, break_address))
313			stop_signal = SIGTRAP;
314
315	if (stop_signal != (SIGTRAP | event.proc->tracesysgood)
316			&& stop_signal != SIGTRAP) {
317		event.type = EVENT_SIGNAL;
318		event.e_un.signum = stop_signal;
319		debug(DEBUG_EVENT, "event: SIGNAL: pid=%d, signum=%d", pid, stop_signal);
320		return &event;
321	}
322
323	/* last case [by exhaustion] */
324	event.type = EVENT_BREAKPOINT;
325
326	event.e_un.brk_addr = break_address;
327	debug(DEBUG_EVENT, "event: BREAKPOINT: pid=%d, addr=%p", pid, event.e_un.brk_addr);
328
329	return &event;
330}
331