sysdeps/linux-gnu/events.c

   1 /*
   2  * This file is part of ltrace.
   3  * Copyright (C) 2007,2011,2012 Petr Machata, Red Hat Inc.
   4  * Copyright (C) 1998,2001,2004,2007,2008,2009 Juan Cespedes
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU General Public License as
   8  * published by the Free Software Foundation; either version 2 of the
   9  * License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful, but
  12  * WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License
  17  * along with this program; if not, write to the Free Software
  18  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
  19  * 02110-1301 USA
  20  */
  21
  22 #include "config.h"
  23
  24 #define _GNU_SOURCE     1
  25 #include <sys/ptrace.h>
  26 #include <sys/types.h>
  27 #include <sys/wait.h>
  28 #include <assert.h>
  29 #include <errno.h>
  30 #include <signal.h>
  31 #include <stdio.h>
  32 #include <stdlib.h>
  33 #include <string.h>
  34 #include <unistd.h>
  35
  36 #include "backend.h"
  37 #include "breakpoint.h"
  38 #include "debug.h"
  39 #include "events.h"
  40 #include "proc.h"
  41 #include "linux-gnu/trace-defs.h"
  42
  43 static Event event;
  44
  45 /* A queue of events that we missed while enabling the
  46  * breakpoint in one of tasks.  */
  47 static Event * delayed_events = NULL;
  48 static Event * end_delayed_events = NULL;
  49
  50 static enum callback_status
  51 first(struct process *proc, void *data)
  52 {
  53         return CBS_STOP;
  54 }
  55
  56 void
  57 enque_event(Event * event)
  58 {
  59         debug(DEBUG_FUNCTION, "%d: queuing event %d for later",
  60               event->proc->pid, event->type);
  61         Event * ne = malloc(sizeof(*ne));
  62         if (ne == NULL) {
  63                 fprintf(stderr, "event will be missed: %s\n", strerror(errno));
  64                 return;
  65         }
  66
  67         *ne = *event;
  68         ne->next = NULL;
  69         if (end_delayed_events == NULL) {
  70                 assert(delayed_events == NULL);
  71                 end_delayed_events = delayed_events = ne;
  72         }
  73         else {
  74                 assert(delayed_events != NULL);
  75                 end_delayed_events = end_delayed_events->next = ne;
  76         }
  77 }
  78
  79 Event *
  80 each_qd_event(enum ecb_status (*pred)(Event *, void *), void * data)
  81 {
  82         Event * prev = delayed_events;
  83         Event * event;
  84         for (event = prev; event != NULL; ) {
  85                 switch ((*pred)(event, data)) {
  86                 case ECB_CONT:
  87                         prev = event;
  88                         event = event->next;
  89                         continue;
  90
  91                 case ECB_DEQUE:
  92                         debug(DEBUG_FUNCTION, "dequeuing event %d for %d",
  93                               event->type,
  94                               event->proc != NULL ? event->proc->pid : -1);
  95                         /*
  96                         printf("dequeuing event %d for %d\n", event->type,
  97                                event->proc != NULL ? event->proc->pid : -1) ;
  98                         */
  99                         if (end_delayed_events == event)
 100                                 end_delayed_events = prev;
 101                         if (delayed_events == event)
 102                                 delayed_events = event->next;
 103                         else
 104                                 prev->next = event->next;
 105                         if (delayed_events == NULL)
 106                                 end_delayed_events = NULL;
 107                         /* fall-through */
 108
 109                 case ECB_YIELD:
 110                         return event;
 111                 }
 112         }
 113
 114         return NULL;
 115 }
 116
 117 static enum ecb_status
 118 event_process_not_reenabling(Event * event, void * data)
 119 {
 120         if (event->proc == NULL
 121             || event->proc->leader == NULL
 122             || event->proc->leader->event_handler == NULL)
 123                 return ECB_DEQUE;
 124         else
 125                 return ECB_CONT;
 126 }
 127
 128 static Event *
 129 next_qd_event(void)
 130 {
 131         return each_qd_event(&event_process_not_reenabling, NULL);
 132 }
 133
 134 int linux_in_waitpid = 0;
 135
 136 Event *
 137 next_event(void)
 138 {
 139         pid_t pid;
 140         int status;
 141         int tmp;
 142         int stop_signal;
 143
 144         debug(DEBUG_FUNCTION, "next_event()");
 145         Event * ev;
 146         if ((ev = next_qd_event()) != NULL) {
 147                 event = *ev;
 148                 free(ev);
 149                 return &event;
 150         }
 151
 152         if (!each_process(NULL, &first, NULL)) {
 153                 debug(DEBUG_EVENT, "event: No more traced programs: exiting");
 154                 exit(0);
 155         }
 156
 157         linux_in_waitpid = 1;
 158         pid = waitpid(-1, &status, __WALL);
 159         linux_in_waitpid = 0;
 160
 161         if (pid == -1) {
 162                 if (errno == ECHILD) {
 163                         debug(DEBUG_EVENT, "event: No more traced programs: exiting");
 164                         exit(0);
 165                 } else if (errno == EINTR) {
 166                         debug(DEBUG_EVENT, "event: none (wait received EINTR?)");
 167                         event.type = EVENT_NONE;
 168                         return &event;
 169                 }
 170                 perror("wait");
 171                 exit(1);
 172         }
 173         event.proc = pid2proc(pid);
 174         if (!event.proc || event.proc->state == STATE_BEING_CREATED) {
 175                 /* Work around (presumably) a bug on some kernels,
 176                  * where we are seeing a waitpid event even though the
 177                  * process is still reported to be running.  Wait for
 178                  * the tracing stop to propagate.  But don't get stuck
 179                  * here forever.
 180                  *
 181                  * We need the process in T, because there's a lot of
 182                  * ptracing going on all over the place, and these
 183                  * calls fail when the process is not in T.
 184                  *
 185                  * N.B. This was observed on RHEL 5 Itanium, but I'm
 186                  * turning this on globally, to save some poor soul
 187                  * down the road (which could well be me a year from
 188                  * now) the pain of figuring this out all over again.
 189                  * Petr Machata 2011-11-22.  */
 190                 int i = 0;
 191                 for (; i < 100 && process_status(pid) != PS_TRACING_STOP; ++i) {
 192                         debug(2, "waiting for %d to stop", pid);
 193                         usleep(10000);
 194                 }
 195                 event.type = EVENT_NEW;
 196                 event.e_un.newpid = pid;
 197                 debug(DEBUG_EVENT, "event: NEW: pid=%d", pid);
 198                 return &event;
 199         }
 200
 201         get_arch_dep(event.proc);
 202         debug(3, "event from pid %u", pid);
 203         struct process *leader = event.proc->leader;
 204
 205         /* The process should be stopped after the waitpid call.  But
 206          * when the whole thread group is terminated, we see
 207          * individual tasks spontaneously transitioning from 't' to
 208          * 'R' and 'Z'.  Calls to ptrace fail and /proc/pid/status may
 209          * not even be available anymore, so we can't check in
 210          * advance.  So we just drop the error checking around ptrace
 211          * calls.  We check for termination ex post when it fails,
 212          * suppress the event, and let the event loop collect the
 213          * termination in the next iteration.  */
 214 #define CHECK_PROCESS_TERMINATED                                        \
 215         do {                                                            \
 216                 int errno_save = errno;                                 \
 217                 switch (process_stopped(pid))                           \
 218                 case 0:                                                 \
 219                 case -1: {                                              \
 220                         debug(DEBUG_EVENT,                              \
 221                               "process not stopped, is it terminating?"); \
 222                         event.type = EVENT_NONE;                        \
 223                         continue_process(event.proc->pid);              \
 224                         return &event;                                  \
 225                 }                                                       \
 226                 errno = errno_save;                                     \
 227         } while (0)
 228
 229         event.proc->instruction_pointer = (void *)(uintptr_t)-1;
 230
 231         /* Check for task termination now, before we have a need to
 232          * call CHECK_PROCESS_TERMINATED later.  That would suppress
 233          * the event that we are processing.  */
 234         if (WIFSIGNALED(status)) {
 235                 event.type = EVENT_EXIT_SIGNAL;
 236                 event.e_un.signum = WTERMSIG(status);
 237                 debug(DEBUG_EVENT, "event: EXIT_SIGNAL: pid=%d, signum=%d", pid, event.e_un.signum);
 238                 return &event;
 239         }
 240         if (WIFEXITED(status)) {
 241                 event.type = EVENT_EXIT;
 242                 event.e_un.ret_val = WEXITSTATUS(status);
 243                 debug(DEBUG_EVENT, "event: EXIT: pid=%d, status=%d", pid, event.e_un.ret_val);
 244                 return &event;
 245         }
 246
 247         event.proc->instruction_pointer = get_instruction_pointer(event.proc);
 248         if (event.proc->instruction_pointer == (void *)(uintptr_t)-1) {
 249                 CHECK_PROCESS_TERMINATED;
 250                 if (errno != 0)
 251                         perror("get_instruction_pointer");
 252         }
 253
 254         switch (syscall_p(event.proc, status, &tmp)) {
 255                 case 1:
 256                         event.type = EVENT_SYSCALL;
 257                         event.e_un.sysnum = tmp;
 258                         debug(DEBUG_EVENT, "event: SYSCALL: pid=%d, sysnum=%d", pid, tmp);
 259                         return &event;
 260                 case 2:
 261                         event.type = EVENT_SYSRET;
 262                         event.e_un.sysnum = tmp;
 263                         debug(DEBUG_EVENT, "event: SYSRET: pid=%d, sysnum=%d", pid, tmp);
 264                         return &event;
 265                 case 3:
 266                         event.type = EVENT_ARCH_SYSCALL;
 267                         event.e_un.sysnum = tmp;
 268                         debug(DEBUG_EVENT, "event: ARCH_SYSCALL: pid=%d, sysnum=%d", pid, tmp);
 269                         return &event;
 270                 case 4:
 271                         event.type = EVENT_ARCH_SYSRET;
 272                         event.e_un.sysnum = tmp;
 273                         debug(DEBUG_EVENT, "event: ARCH_SYSRET: pid=%d, sysnum=%d", pid, tmp);
 274                         return &event;
 275                 case -1:
 276                         CHECK_PROCESS_TERMINATED;
 277                         if (errno != 0)
 278                                 perror("syscall_p");
 279         }
 280         if (WIFSTOPPED(status)) {
 281                 int what = status >> 16;
 282                 if (what == PTRACE_EVENT_VFORK
 283                     || what == PTRACE_EVENT_FORK
 284                     || what == PTRACE_EVENT_CLONE) {
 285                         unsigned long data;
 286                         event.type = what == PTRACE_EVENT_VFORK
 287                                 ? EVENT_VFORK : EVENT_CLONE;
 288                         ptrace(PTRACE_GETEVENTMSG, pid, NULL, &data);
 289                         event.e_un.newpid = data;
 290                         debug(DEBUG_EVENT, "event: CLONE: pid=%d, newpid=%d",
 291                               pid, (int)data);
 292                         return &event;
 293                 }
 294         }
 295         if (WIFSTOPPED(status) && (status>>16 == PTRACE_EVENT_EXEC)) {
 296                 event.type = EVENT_EXEC;
 297                 debug(DEBUG_EVENT, "event: EXEC: pid=%d", pid);
 298                 return &event;
 299         }
 300         if (!WIFSTOPPED(status)) {
 301                 /* should never happen */
 302                 event.type = EVENT_NONE;
 303                 debug(DEBUG_EVENT, "event: NONE: pid=%d (wait error?)", pid);
 304                 return &event;
 305         }
 306
 307         stop_signal = WSTOPSIG(status);
 308
 309         /* On some targets, breakpoints are signalled not using
 310            SIGTRAP, but also with SIGILL, SIGSEGV or SIGEMT.  SIGEMT
 311            is not defined on Linux, but check for the others.
 312
 313            N.B. see comments in GDB's infrun.c for details.  I've
 314            actually seen this on an Itanium machine on RHEL 5, I don't
 315            remember the exact kernel version anymore.  ia64-sigill.s
 316            in the test suite tests this.  Petr Machata 2011-06-08.  */
 317         arch_addr_t break_address
 318                 = event.proc->instruction_pointer - DECR_PC_AFTER_BREAK;
 319         if ((stop_signal == SIGSEGV || stop_signal == SIGILL)
 320             && leader != NULL
 321             && address2bpstruct(leader, break_address))
 322                         stop_signal = SIGTRAP;
 323
 324         if (stop_signal != (SIGTRAP | event.proc->tracesysgood)
 325                         && stop_signal != SIGTRAP) {
 326                 event.type = EVENT_SIGNAL;
 327                 event.e_un.signum = stop_signal;
 328                 debug(DEBUG_EVENT, "event: SIGNAL: pid=%d, signum=%d", pid, stop_signal);
 329                 return &event;
 330         }
 331
 332         /* last case [by exhaustion] */
 333         event.type = EVENT_BREAKPOINT;
 334
 335         event.e_un.brk_addr = break_address;
 336         debug(DEBUG_EVENT, "event: BREAKPOINT: pid=%d, addr=%p", pid, event.e_un.brk_addr);
 337
 338         return &event;
 339 }
 340
 341 static enum ecb_status
 342 event_for_proc(struct Event *event, void *data)
 343 {
 344         if (event->proc == data)
 345                 return ECB_DEQUE;
 346         else
 347                 return ECB_CONT;
 348 }
 349
 350 void
 351 delete_events_for(struct process *proc)
 352 {
 353         struct Event *event;
 354         while ((event = each_qd_event(&event_for_proc, proc)) != NULL)
 355                 free(event);
 356 }