sysdeps/linux-gnu/events.c

   1 /*
   2  * This file is part of ltrace.
   3  * Copyright (C) 2007,2011,2012 Petr Machata, Red Hat Inc.
   4  * Copyright (C) 1998,2001,2004,2007,2008,2009 Juan Cespedes
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU General Public License as
   8  * published by the Free Software Foundation; either version 2 of the
   9  * License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful, but
  12  * WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License
  17  * along with this program; if not, write to the Free Software
  18  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
  19  * 02110-1301 USA
  20  */
  21
  22 #include "config.h"
  23
  24 #define _GNU_SOURCE     1
  25 #include <sys/ptrace.h>
  26 #include <sys/types.h>
  27 #include <sys/wait.h>
  28 #include <assert.h>
  29 #include <errno.h>
  30 #include <signal.h>
  31 #include <stdio.h>
  32 #include <stdlib.h>
  33 #include <string.h>
  34 #include <unistd.h>
  35
  36 #include "backend.h"
  37 #include "breakpoint.h"
  38 #include "debug.h"
  39 #include "events.h"
  40 #include "proc.h"
  41 #include "linux-gnu/trace-defs.h"
  42
  43 static Event event;
  44
  45 /* A queue of events that we missed while enabling the
  46  * breakpoint in one of tasks.  */
  47 static Event * delayed_events = NULL;
  48 static Event * end_delayed_events = NULL;
  49
  50 static enum callback_status
  51 first (Process * proc, void * data)
  52 {
  53         return CBS_STOP;
  54 }
  55
  56 void
  57 enque_event(Event * event)
  58 {
  59         debug(DEBUG_FUNCTION, "%d: queuing event %d for later",
  60               event->proc->pid, event->type);
  61         Event * ne = malloc(sizeof(*ne));
  62         if (ne == NULL) {
  63                 fprintf(stderr, "event will be missed: %s\n", strerror(errno));
  64                 return;
  65         }
  66
  67         *ne = *event;
  68         ne->next = NULL;
  69         if (end_delayed_events == NULL) {
  70                 assert(delayed_events == NULL);
  71                 end_delayed_events = delayed_events = ne;
  72         }
  73         else {
  74                 assert(delayed_events != NULL);
  75                 end_delayed_events = end_delayed_events->next = ne;
  76         }
  77 }
  78
  79 Event *
  80 each_qd_event(enum ecb_status (*pred)(Event *, void *), void * data)
  81 {
  82         Event * prev = delayed_events;
  83         Event * event;
  84         for (event = prev; event != NULL; ) {
  85                 switch ((*pred)(event, data)) {
  86                 case ecb_cont:
  87                         prev = event;
  88                         event = event->next;
  89                         continue;
  90
  91                 case ecb_deque:
  92                         debug(DEBUG_FUNCTION, "dequeuing event %d for %d",
  93                               event->type,
  94                               event->proc != NULL ? event->proc->pid : -1);
  95                         /*
  96                         printf("dequeuing event %d for %d\n", event->type,
  97                                event->proc != NULL ? event->proc->pid : -1) ;
  98                         */
  99                         if (end_delayed_events == event)
 100                                 end_delayed_events = prev;
 101                         if (delayed_events == event)
 102                                 delayed_events = event->next;
 103                         else
 104                                 prev->next = event->next;
 105                         if (delayed_events == NULL)
 106                                 end_delayed_events = NULL;
 107                         /* fall-through */
 108
 109                 case ecb_yield:
 110                         return event;
 111                 }
 112         }
 113
 114         return NULL;
 115 }
 116
 117 static enum ecb_status
 118 event_process_not_reenabling(Event * event, void * data)
 119 {
 120         if (event->proc == NULL
 121             || event->proc->leader == NULL
 122             || event->proc->leader->event_handler == NULL)
 123                 return ecb_deque;
 124         else
 125                 return ecb_cont;
 126 }
 127
 128 static Event *
 129 next_qd_event(void)
 130 {
 131         return each_qd_event(&event_process_not_reenabling, NULL);
 132 }
 133
 134 int linux_in_waitpid = 0;
 135
 136 Event *
 137 next_event(void)
 138 {
 139         pid_t pid;
 140         int status;
 141         int tmp;
 142         int stop_signal;
 143
 144         debug(DEBUG_FUNCTION, "next_event()");
 145         Event * ev;
 146         if ((ev = next_qd_event()) != NULL) {
 147                 event = *ev;
 148                 free(ev);
 149                 return &event;
 150         }
 151
 152         if (!each_process(NULL, &first, NULL)) {
 153                 debug(DEBUG_EVENT, "event: No more traced programs: exiting");
 154                 exit(0);
 155         }
 156
 157         linux_in_waitpid = 1;
 158         pid = waitpid(-1, &status, __WALL);
 159         linux_in_waitpid = 0;
 160
 161         if (pid == -1) {
 162                 if (errno == ECHILD) {
 163                         debug(DEBUG_EVENT, "event: No more traced programs: exiting");
 164                         exit(0);
 165                 } else if (errno == EINTR) {
 166                         debug(DEBUG_EVENT, "event: none (wait received EINTR?)");
 167                         event.type = EVENT_NONE;
 168                         return &event;
 169                 }
 170                 perror("wait");
 171                 exit(1);
 172         }
 173         event.proc = pid2proc(pid);
 174         if (!event.proc || event.proc->state == STATE_BEING_CREATED) {
 175                 /* Work around (presumably) a bug on some kernels,
 176                  * where we are seeing a waitpid event even though the
 177                  * process is still reported to be running.  Wait for
 178                  * the tracing stop to propagate.  But don't get stuck
 179                  * here forever.
 180                  *
 181                  * We need the process in T, because there's a lot of
 182                  * ptracing going on all over the place, and these
 183                  * calls fail when the process is not in T.
 184                  *
 185                  * N.B. This was observed on RHEL 5 Itanium, but I'm
 186                  * turning this on globally, to save some poor soul
 187                  * down the road (which could well be me a year from
 188                  * now) the pain of figuring this out all over again.
 189                  * Petr Machata 2011-11-22.  */
 190                 int i = 0;
 191                 for (; i < 100 && process_status(pid) != ps_tracing_stop; ++i) {
 192                         debug(2, "waiting for %d to stop", pid);
 193                         usleep(10000);
 194                 }
 195                 event.type = EVENT_NEW;
 196                 event.e_un.newpid = pid;
 197                 debug(DEBUG_EVENT, "event: NEW: pid=%d", pid);
 198                 return &event;
 199         }
 200         get_arch_dep(event.proc);
 201         debug(3, "event from pid %u", pid);
 202         Process *leader = event.proc->leader;
 203
 204         /* The process should be stopped after the waitpid call.  But
 205          * when the whole thread group is terminated, we see
 206          * individual tasks spontaneously transitioning from 't' to
 207          * 'R' and 'Z'.  Calls to ptrace fail and /proc/pid/status may
 208          * not even be available anymore, so we can't check in
 209          * advance.  So we just drop the error checking around ptrace
 210          * calls.  We check for termination ex post when it fails,
 211          * suppress the event, and let the event loop collect the
 212          * termination in the next iteration.  */
 213 #define CHECK_PROCESS_TERMINATED                                        \
 214         do {                                                            \
 215                 int errno_save = errno;                                 \
 216                 switch (process_stopped(pid))                           \
 217                 case 0:                                                 \
 218                 case -1: {                                              \
 219                         debug(DEBUG_EVENT,                              \
 220                               "process not stopped, is it terminating?"); \
 221                         event.type = EVENT_NONE;                        \
 222                         continue_process(event.proc->pid);              \
 223                         return &event;                                  \
 224                 }                                                       \
 225                 errno = errno_save;                                     \
 226         } while (0)
 227
 228         event.proc->instruction_pointer = (void *)(uintptr_t)-1;
 229
 230         /* Check for task termination now, before we have a need to
 231          * call CHECK_PROCESS_TERMINATED later.  That would suppress
 232          * the event that we are processing.  */
 233         if (WIFSIGNALED(status)) {
 234                 event.type = EVENT_EXIT_SIGNAL;
 235                 event.e_un.signum = WTERMSIG(status);
 236                 debug(DEBUG_EVENT, "event: EXIT_SIGNAL: pid=%d, signum=%d", pid, event.e_un.signum);
 237                 return &event;
 238         }
 239         if (WIFEXITED(status)) {
 240                 event.type = EVENT_EXIT;
 241                 event.e_un.ret_val = WEXITSTATUS(status);
 242                 debug(DEBUG_EVENT, "event: EXIT: pid=%d, status=%d", pid, event.e_un.ret_val);
 243                 return &event;
 244         }
 245
 246         event.proc->instruction_pointer = get_instruction_pointer(event.proc);
 247         if (event.proc->instruction_pointer == (void *)(uintptr_t)-1) {
 248                 CHECK_PROCESS_TERMINATED;
 249                 if (errno != 0)
 250                         perror("get_instruction_pointer");
 251         }
 252
 253         switch (syscall_p(event.proc, status, &tmp)) {
 254                 case 1:
 255                         event.type = EVENT_SYSCALL;
 256                         event.e_un.sysnum = tmp;
 257                         debug(DEBUG_EVENT, "event: SYSCALL: pid=%d, sysnum=%d", pid, tmp);
 258                         return &event;
 259                 case 2:
 260                         event.type = EVENT_SYSRET;
 261                         event.e_un.sysnum = tmp;
 262                         debug(DEBUG_EVENT, "event: SYSRET: pid=%d, sysnum=%d", pid, tmp);
 263                         return &event;
 264                 case 3:
 265                         event.type = EVENT_ARCH_SYSCALL;
 266                         event.e_un.sysnum = tmp;
 267                         debug(DEBUG_EVENT, "event: ARCH_SYSCALL: pid=%d, sysnum=%d", pid, tmp);
 268                         return &event;
 269                 case 4:
 270                         event.type = EVENT_ARCH_SYSRET;
 271                         event.e_un.sysnum = tmp;
 272                         debug(DEBUG_EVENT, "event: ARCH_SYSRET: pid=%d, sysnum=%d", pid, tmp);
 273                         return &event;
 274                 case -1:
 275                         CHECK_PROCESS_TERMINATED;
 276                         if (errno != 0)
 277                                 perror("syscall_p");
 278         }
 279         if (WIFSTOPPED(status)) {
 280                 int what = status >> 16;
 281                 if (what == PTRACE_EVENT_VFORK
 282                     || what == PTRACE_EVENT_FORK
 283                     || what == PTRACE_EVENT_CLONE) {
 284                         unsigned long data;
 285                         event.type = what == PTRACE_EVENT_VFORK
 286                                 ? EVENT_VFORK : EVENT_CLONE;
 287                         ptrace(PTRACE_GETEVENTMSG, pid, NULL, &data);
 288                         event.e_un.newpid = data;
 289                         debug(DEBUG_EVENT, "event: CLONE: pid=%d, newpid=%d",
 290                               pid, (int)data);
 291                         return &event;
 292                 }
 293         }
 294         if (WIFSTOPPED(status) && (status>>16 == PTRACE_EVENT_EXEC)) {
 295                 event.type = EVENT_EXEC;
 296                 debug(DEBUG_EVENT, "event: EXEC: pid=%d", pid);
 297                 return &event;
 298         }
 299         if (!WIFSTOPPED(status)) {
 300                 /* should never happen */
 301                 event.type = EVENT_NONE;
 302                 debug(DEBUG_EVENT, "event: NONE: pid=%d (wait error?)", pid);
 303                 return &event;
 304         }
 305
 306         stop_signal = WSTOPSIG(status);
 307
 308         /* On some targets, breakpoints are signalled not using
 309            SIGTRAP, but also with SIGILL, SIGSEGV or SIGEMT.  SIGEMT
 310            is not defined on Linux, but check for the others.
 311
 312            N.B. see comments in GDB's infrun.c for details.  I've
 313            actually seen this on an Itanium machine on RHEL 5, I don't
 314            remember the exact kernel version anymore.  ia64-sigill.s
 315            in the test suite tests this.  Petr Machata 2011-06-08.  */
 316         void * break_address
 317                 = event.proc->instruction_pointer - DECR_PC_AFTER_BREAK;
 318         if ((stop_signal == SIGSEGV || stop_signal == SIGILL)
 319             && leader != NULL
 320             && address2bpstruct(leader, break_address))
 321                         stop_signal = SIGTRAP;
 322
 323         if (stop_signal != (SIGTRAP | event.proc->tracesysgood)
 324                         && stop_signal != SIGTRAP) {
 325                 event.type = EVENT_SIGNAL;
 326                 event.e_un.signum = stop_signal;
 327                 debug(DEBUG_EVENT, "event: SIGNAL: pid=%d, signum=%d", pid, stop_signal);
 328                 return &event;
 329         }
 330
 331         /* last case [by exhaustion] */
 332         event.type = EVENT_BREAKPOINT;
 333
 334         event.e_un.brk_addr = break_address;
 335         debug(DEBUG_EVENT, "event: BREAKPOINT: pid=%d, addr=%p", pid, event.e_un.brk_addr);
 336
 337         return &event;
 338 }
 339
 340 static enum ecb_status
 341 event_for_proc(struct Event *event, void *data)
 342 {
 343         if (event->proc == data)
 344                 return ecb_deque;
 345         else
 346                 return ecb_cont;
 347 }
 348
 349 void
 350 delete_events_for(struct Process *proc)
 351 {
 352         struct Event *event;
 353         while ((event = each_qd_event(&event_for_proc, proc)) != NULL)
 354                 free(event);
 355 }