xref: /freebsd/tests/sys/kern/ptrace_test.c (revision 79ac3c12a714bcd3f2354c52d948aed9575c46d6)
1 /*-
2  * Copyright (c) 2015 John Baldwin <jhb@FreeBSD.org>
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
17  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23  * SUCH DAMAGE.
24  */
25 
26 #include <sys/cdefs.h>
27 __FBSDID("$FreeBSD$");
28 
29 #include <sys/types.h>
30 #include <sys/cpuset.h>
31 #include <sys/event.h>
32 #include <sys/file.h>
33 #include <sys/time.h>
34 #include <sys/procctl.h>
35 #include <sys/procdesc.h>
36 #define	_WANT_MIPS_REGNUM
37 #include <sys/ptrace.h>
38 #include <sys/queue.h>
39 #include <sys/runq.h>
40 #include <sys/syscall.h>
41 #include <sys/sysctl.h>
42 #include <sys/user.h>
43 #include <sys/wait.h>
44 #include <errno.h>
45 #include <machine/cpufunc.h>
46 #include <pthread.h>
47 #include <sched.h>
48 #include <semaphore.h>
49 #include <signal.h>
50 #include <stdarg.h>
51 #include <stdio.h>
52 #include <stdlib.h>
53 #include <unistd.h>
54 #include <atf-c.h>
55 
56 /*
57  * Architectures with a user-visible breakpoint().
58  */
59 #if defined(__aarch64__) || defined(__amd64__) || defined(__arm__) ||	\
60     defined(__i386__) || defined(__mips__) || defined(__riscv) ||	\
61     defined(__sparc64__)
62 #define	HAVE_BREAKPOINT
63 #endif
64 
65 /*
66  * Adjust PC to skip over a breakpoint when stopped for a breakpoint trap.
67  */
68 #ifdef HAVE_BREAKPOINT
69 #if defined(__aarch64__)
70 #define	SKIP_BREAK(reg)	((reg)->elr += 4)
71 #elif defined(__amd64__) || defined(__i386__)
72 #define	SKIP_BREAK(reg)
73 #elif defined(__arm__)
74 #define	SKIP_BREAK(reg)	((reg)->r_pc += 4)
75 #elif defined(__mips__)
76 #define	SKIP_BREAK(reg)	((reg)->r_regs[PC] += 4)
77 #elif defined(__riscv)
78 #define	SKIP_BREAK(reg)	((reg)->sepc += 4)
79 #elif defined(__sparc64__)
80 #define	SKIP_BREAK(reg)	do {						\
81 	(reg)->r_tpc = (reg)->r_tnpc + 4;				\
82 	(reg)->r_tnpc += 8;						\
83 } while (0)
84 #endif
85 #endif
86 
87 /*
88  * A variant of ATF_REQUIRE that is suitable for use in child
89  * processes.  This only works if the parent process is tripped up by
90  * the early exit and fails some requirement itself.
91  */
92 #define	CHILD_REQUIRE(exp) do {				\
93 	if (!(exp))					\
94 		child_fail_require(__FILE__, __LINE__,	\
95 		    #exp " not met\n");			\
96 } while (0)
97 
98 #define	CHILD_REQUIRE_EQ(actual, expected) do {			\
99 	__typeof__(expected) _e = expected;			\
100 	__typeof__(actual) _a = actual;				\
101 	if (_e != _a)						\
102 		child_fail_require(__FILE__, __LINE__, #actual	\
103 		    " (%jd) == " #expected " (%jd) not met\n",	\
104 		    (intmax_t)_a, (intmax_t)_e);		\
105 } while (0)
106 
107 static __dead2 void
108 child_fail_require(const char *file, int line, const char *fmt, ...)
109 {
110 	va_list ap;
111 	char buf[1024];
112 
113 	/* Use write() not fprintf() to avoid possible duplicate output. */
114 	snprintf(buf, sizeof(buf), "%s:%d: ", file, line);
115 	write(STDERR_FILENO, buf, strlen(buf));
116 	va_start(ap, fmt);
117 	vsnprintf(buf, sizeof(buf), fmt, ap);
118 	write(STDERR_FILENO, buf, strlen(buf));
119 	va_end(ap);
120 
121 	_exit(32);
122 }
123 
124 #define	REQUIRE_EQ(actual, expected) do {				\
125 	__typeof__(expected) _e = expected;				\
126 	__typeof__(actual) _a = actual;					\
127 	ATF_REQUIRE_MSG(_e == _a, #actual " (%jd) == "			\
128 	    #expected " (%jd) not met", (intmax_t)_a, (intmax_t)_e);	\
129 } while (0)
130 
131 static void
132 trace_me(void)
133 {
134 
135 	/* Attach the parent process as a tracer of this process. */
136 	CHILD_REQUIRE(ptrace(PT_TRACE_ME, 0, NULL, 0) != -1);
137 
138 	/* Trigger a stop. */
139 	raise(SIGSTOP);
140 }
141 
142 static void
143 attach_child(pid_t pid)
144 {
145 	pid_t wpid;
146 	int status;
147 
148 	REQUIRE_EQ(ptrace(PT_ATTACH, pid, NULL, 0), 0);
149 
150 	wpid = waitpid(pid, &status, 0);
151 	REQUIRE_EQ(wpid, pid);
152 	ATF_REQUIRE(WIFSTOPPED(status));
153 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
154 }
155 
156 static void
157 wait_for_zombie(pid_t pid)
158 {
159 
160 	/*
161 	 * Wait for a process to exit.  This is kind of gross, but
162 	 * there is not a better way.
163 	 *
164 	 * Prior to r325719, the kern.proc.pid.<pid> sysctl failed
165 	 * with ESRCH.  After that change, a valid struct kinfo_proc
166 	 * is returned for zombies with ki_stat set to SZOMB.
167 	 */
168 	for (;;) {
169 		struct kinfo_proc kp;
170 		size_t len;
171 		int mib[4];
172 
173 		mib[0] = CTL_KERN;
174 		mib[1] = KERN_PROC;
175 		mib[2] = KERN_PROC_PID;
176 		mib[3] = pid;
177 		len = sizeof(kp);
178 		if (sysctl(mib, nitems(mib), &kp, &len, NULL, 0) == -1) {
179 			REQUIRE_EQ(errno, ESRCH);
180 			break;
181 		}
182 		if (kp.ki_stat == SZOMB)
183 			break;
184 		usleep(5000);
185 	}
186 }
187 
188 /*
189  * Verify that a parent debugger process "sees" the exit of a debugged
190  * process exactly once when attached via PT_TRACE_ME.
191  */
192 ATF_TC_WITHOUT_HEAD(ptrace__parent_wait_after_trace_me);
193 ATF_TC_BODY(ptrace__parent_wait_after_trace_me, tc)
194 {
195 	pid_t child, wpid;
196 	int status;
197 
198 	ATF_REQUIRE((child = fork()) != -1);
199 	if (child == 0) {
200 		/* Child process. */
201 		trace_me();
202 
203 		_exit(1);
204 	}
205 
206 	/* Parent process. */
207 
208 	/* The first wait() should report the stop from SIGSTOP. */
209 	wpid = waitpid(child, &status, 0);
210 	REQUIRE_EQ(wpid, child);
211 	ATF_REQUIRE(WIFSTOPPED(status));
212 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
213 
214 	/* Continue the child ignoring the SIGSTOP. */
215 	ATF_REQUIRE(ptrace(PT_CONTINUE, child, (caddr_t)1, 0) != -1);
216 
217 	/* The second wait() should report the exit status. */
218 	wpid = waitpid(child, &status, 0);
219 	REQUIRE_EQ(wpid, child);
220 	ATF_REQUIRE(WIFEXITED(status));
221 	REQUIRE_EQ(WEXITSTATUS(status), 1);
222 
223 	/* The child should no longer exist. */
224 	wpid = waitpid(child, &status, 0);
225 	REQUIRE_EQ(wpid, -1);
226 	REQUIRE_EQ(errno, ECHILD);
227 }
228 
229 /*
230  * Verify that a parent debugger process "sees" the exit of a debugged
231  * process exactly once when attached via PT_ATTACH.
232  */
233 ATF_TC_WITHOUT_HEAD(ptrace__parent_wait_after_attach);
234 ATF_TC_BODY(ptrace__parent_wait_after_attach, tc)
235 {
236 	pid_t child, wpid;
237 	int cpipe[2], status;
238 	char c;
239 
240 	REQUIRE_EQ(pipe(cpipe), 0);
241 	ATF_REQUIRE((child = fork()) != -1);
242 	if (child == 0) {
243 		/* Child process. */
244 		close(cpipe[0]);
245 
246 		/* Wait for the parent to attach. */
247 		CHILD_REQUIRE_EQ(0, read(cpipe[1], &c, sizeof(c)));
248 
249 		_exit(1);
250 	}
251 	close(cpipe[1]);
252 
253 	/* Parent process. */
254 
255 	/* Attach to the child process. */
256 	attach_child(child);
257 
258 	/* Continue the child ignoring the SIGSTOP. */
259 	ATF_REQUIRE(ptrace(PT_CONTINUE, child, (caddr_t)1, 0) != -1);
260 
261 	/* Signal the child to exit. */
262 	close(cpipe[0]);
263 
264 	/* The second wait() should report the exit status. */
265 	wpid = waitpid(child, &status, 0);
266 	REQUIRE_EQ(wpid, child);
267 	ATF_REQUIRE(WIFEXITED(status));
268 	REQUIRE_EQ(WEXITSTATUS(status), 1);
269 
270 	/* The child should no longer exist. */
271 	wpid = waitpid(child, &status, 0);
272 	REQUIRE_EQ(wpid, -1);
273 	REQUIRE_EQ(errno, ECHILD);
274 }
275 
276 /*
277  * Verify that a parent process "sees" the exit of a debugged process only
278  * after the debugger has seen it.
279  */
280 ATF_TC_WITHOUT_HEAD(ptrace__parent_sees_exit_after_child_debugger);
281 ATF_TC_BODY(ptrace__parent_sees_exit_after_child_debugger, tc)
282 {
283 	pid_t child, debugger, wpid;
284 	int cpipe[2], dpipe[2], status;
285 	char c;
286 
287 	REQUIRE_EQ(pipe(cpipe), 0);
288 	ATF_REQUIRE((child = fork()) != -1);
289 
290 	if (child == 0) {
291 		/* Child process. */
292 		close(cpipe[0]);
293 
294 		/* Wait for parent to be ready. */
295 		CHILD_REQUIRE_EQ(read(cpipe[1], &c, sizeof(c)),
296 		    (ssize_t)sizeof(c));
297 
298 		_exit(1);
299 	}
300 	close(cpipe[1]);
301 
302 	REQUIRE_EQ(pipe(dpipe), 0);
303 	ATF_REQUIRE((debugger = fork()) != -1);
304 
305 	if (debugger == 0) {
306 		/* Debugger process. */
307 		close(dpipe[0]);
308 
309 		CHILD_REQUIRE(ptrace(PT_ATTACH, child, NULL, 0) != -1);
310 
311 		wpid = waitpid(child, &status, 0);
312 		CHILD_REQUIRE_EQ(wpid, child);
313 		CHILD_REQUIRE(WIFSTOPPED(status));
314 		CHILD_REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
315 
316 		CHILD_REQUIRE(ptrace(PT_CONTINUE, child, (caddr_t)1, 0) != -1);
317 
318 		/* Signal parent that debugger is attached. */
319 		CHILD_REQUIRE_EQ(write(dpipe[1], &c, sizeof(c)),
320 		    (ssize_t)sizeof(c));
321 
322 		/* Wait for parent's failed wait. */
323 		CHILD_REQUIRE_EQ(read(dpipe[1], &c, sizeof(c)), 0);
324 
325 		wpid = waitpid(child, &status, 0);
326 		CHILD_REQUIRE_EQ(wpid, child);
327 		CHILD_REQUIRE(WIFEXITED(status));
328 		CHILD_REQUIRE_EQ(WEXITSTATUS(status), 1);
329 
330 		_exit(0);
331 	}
332 	close(dpipe[1]);
333 
334 	/* Parent process. */
335 
336 	/* Wait for the debugger to attach to the child. */
337 	REQUIRE_EQ(read(dpipe[0], &c, sizeof(c)), (ssize_t)sizeof(c));
338 
339 	/* Release the child. */
340 	REQUIRE_EQ(write(cpipe[0], &c, sizeof(c)), (ssize_t)sizeof(c));
341 	REQUIRE_EQ(read(cpipe[0], &c, sizeof(c)), 0);
342 	close(cpipe[0]);
343 
344 	wait_for_zombie(child);
345 
346 	/*
347 	 * This wait should return a pid of 0 to indicate no status to
348 	 * report.  The parent should see the child as non-exited
349 	 * until the debugger sees the exit.
350 	 */
351 	wpid = waitpid(child, &status, WNOHANG);
352 	REQUIRE_EQ(wpid, 0);
353 
354 	/* Signal the debugger to wait for the child. */
355 	close(dpipe[0]);
356 
357 	/* Wait for the debugger. */
358 	wpid = waitpid(debugger, &status, 0);
359 	REQUIRE_EQ(wpid, debugger);
360 	ATF_REQUIRE(WIFEXITED(status));
361 	REQUIRE_EQ(WEXITSTATUS(status), 0);
362 
363 	/* The child process should now be ready. */
364 	wpid = waitpid(child, &status, WNOHANG);
365 	REQUIRE_EQ(wpid, child);
366 	ATF_REQUIRE(WIFEXITED(status));
367 	REQUIRE_EQ(WEXITSTATUS(status), 1);
368 }
369 
370 /*
371  * Verify that a parent process "sees" the exit of a debugged process
372  * only after a non-direct-child debugger has seen it.  In particular,
373  * various wait() calls in the parent must avoid failing with ESRCH by
374  * checking the parent's orphan list for the debugee.
375  */
376 ATF_TC_WITHOUT_HEAD(ptrace__parent_sees_exit_after_unrelated_debugger);
377 ATF_TC_BODY(ptrace__parent_sees_exit_after_unrelated_debugger, tc)
378 {
379 	pid_t child, debugger, fpid, wpid;
380 	int cpipe[2], dpipe[2], status;
381 	char c;
382 
383 	REQUIRE_EQ(pipe(cpipe), 0);
384 	ATF_REQUIRE((child = fork()) != -1);
385 
386 	if (child == 0) {
387 		/* Child process. */
388 		close(cpipe[0]);
389 
390 		/* Wait for parent to be ready. */
391 		CHILD_REQUIRE_EQ(read(cpipe[1], &c, sizeof(c)),
392 		    (ssize_t)sizeof(c));
393 
394 		_exit(1);
395 	}
396 	close(cpipe[1]);
397 
398 	REQUIRE_EQ(pipe(dpipe), 0);
399 	ATF_REQUIRE((debugger = fork()) != -1);
400 
401 	if (debugger == 0) {
402 		/* Debugger parent. */
403 
404 		/*
405 		 * Fork again and drop the debugger parent so that the
406 		 * debugger is not a child of the main parent.
407 		 */
408 		CHILD_REQUIRE((fpid = fork()) != -1);
409 		if (fpid != 0)
410 			_exit(2);
411 
412 		/* Debugger process. */
413 		close(dpipe[0]);
414 
415 		CHILD_REQUIRE(ptrace(PT_ATTACH, child, NULL, 0) != -1);
416 
417 		wpid = waitpid(child, &status, 0);
418 		CHILD_REQUIRE_EQ(wpid, child);
419 		CHILD_REQUIRE(WIFSTOPPED(status));
420 		CHILD_REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
421 
422 		CHILD_REQUIRE(ptrace(PT_CONTINUE, child, (caddr_t)1, 0) != -1);
423 
424 		/* Signal parent that debugger is attached. */
425 		CHILD_REQUIRE_EQ(write(dpipe[1], &c, sizeof(c)),
426 		    (ssize_t)sizeof(c));
427 
428 		/* Wait for parent's failed wait. */
429 		CHILD_REQUIRE_EQ(read(dpipe[1], &c, sizeof(c)),
430 		    (ssize_t)sizeof(c));
431 
432 		wpid = waitpid(child, &status, 0);
433 		CHILD_REQUIRE_EQ(wpid, child);
434 		CHILD_REQUIRE(WIFEXITED(status));
435 		CHILD_REQUIRE_EQ(WEXITSTATUS(status), 1);
436 
437 		_exit(0);
438 	}
439 	close(dpipe[1]);
440 
441 	/* Parent process. */
442 
443 	/* Wait for the debugger parent process to exit. */
444 	wpid = waitpid(debugger, &status, 0);
445 	REQUIRE_EQ(wpid, debugger);
446 	ATF_REQUIRE(WIFEXITED(status));
447 	REQUIRE_EQ(WEXITSTATUS(status), 2);
448 
449 	/* A WNOHANG wait here should see the non-exited child. */
450 	wpid = waitpid(child, &status, WNOHANG);
451 	REQUIRE_EQ(wpid, 0);
452 
453 	/* Wait for the debugger to attach to the child. */
454 	REQUIRE_EQ(read(dpipe[0], &c, sizeof(c)), (ssize_t)sizeof(c));
455 
456 	/* Release the child. */
457 	REQUIRE_EQ(write(cpipe[0], &c, sizeof(c)), (ssize_t)sizeof(c));
458 	REQUIRE_EQ(read(cpipe[0], &c, sizeof(c)), 0);
459 	close(cpipe[0]);
460 
461 	wait_for_zombie(child);
462 
463 	/*
464 	 * This wait should return a pid of 0 to indicate no status to
465 	 * report.  The parent should see the child as non-exited
466 	 * until the debugger sees the exit.
467 	 */
468 	wpid = waitpid(child, &status, WNOHANG);
469 	REQUIRE_EQ(wpid, 0);
470 
471 	/* Signal the debugger to wait for the child. */
472 	REQUIRE_EQ(write(dpipe[0], &c, sizeof(c)), (ssize_t)sizeof(c));
473 
474 	/* Wait for the debugger. */
475 	REQUIRE_EQ(read(dpipe[0], &c, sizeof(c)), 0);
476 	close(dpipe[0]);
477 
478 	/* The child process should now be ready. */
479 	wpid = waitpid(child, &status, WNOHANG);
480 	REQUIRE_EQ(wpid, child);
481 	ATF_REQUIRE(WIFEXITED(status));
482 	REQUIRE_EQ(WEXITSTATUS(status), 1);
483 }
484 
485 /*
486  * Make sure that we can collect the exit status of an orphaned process.
487  */
488 ATF_TC_WITHOUT_HEAD(ptrace__parent_exits_before_child);
489 ATF_TC_BODY(ptrace__parent_exits_before_child, tc)
490 {
491 	ssize_t n;
492 	int cpipe1[2], cpipe2[2], gcpipe[2], status;
493 	pid_t child, gchild;
494 
495 	REQUIRE_EQ(pipe(cpipe1), 0);
496 	REQUIRE_EQ(pipe(cpipe2), 0);
497 	REQUIRE_EQ(pipe(gcpipe), 0);
498 
499 	REQUIRE_EQ(procctl(P_PID, getpid(), PROC_REAP_ACQUIRE, NULL), 0);
500 
501 	ATF_REQUIRE((child = fork()) != -1);
502 	if (child == 0) {
503 		CHILD_REQUIRE((gchild = fork()) != -1);
504 		if (gchild == 0) {
505 			status = 1;
506 			do {
507 				n = read(gcpipe[0], &status, sizeof(status));
508 			} while (n == -1 && errno == EINTR);
509 			_exit(status);
510 		}
511 
512 		CHILD_REQUIRE_EQ(write(cpipe1[1], &gchild, sizeof(gchild)),
513 		    (ssize_t)sizeof(gchild));
514 		CHILD_REQUIRE_EQ(read(cpipe2[0], &status, sizeof(status)),
515 		    (ssize_t)sizeof(status));
516 		_exit(status);
517 	}
518 
519 	REQUIRE_EQ(read(cpipe1[0], &gchild, sizeof(gchild)),
520 	    (ssize_t)sizeof(gchild));
521 
522 	REQUIRE_EQ(ptrace(PT_ATTACH, gchild, NULL, 0), 0);
523 
524 	status = 0;
525 	REQUIRE_EQ(write(cpipe2[1], &status, sizeof(status)),
526 	    (ssize_t)sizeof(status));
527 	REQUIRE_EQ(waitpid(child, &status, 0), child);
528 	ATF_REQUIRE(WIFEXITED(status));
529 	REQUIRE_EQ(WEXITSTATUS(status), 0);
530 
531 	status = 0;
532 	REQUIRE_EQ(write(gcpipe[1], &status, sizeof(status)),
533 	    (ssize_t)sizeof(status));
534 	REQUIRE_EQ(waitpid(gchild, &status, 0), gchild);
535 	ATF_REQUIRE(WIFSTOPPED(status));
536 	REQUIRE_EQ(ptrace(PT_DETACH, gchild, (caddr_t)1, 0), 0);
537 	REQUIRE_EQ(waitpid(gchild, &status, 0), gchild);
538 	ATF_REQUIRE(WIFEXITED(status));
539 	REQUIRE_EQ(WEXITSTATUS(status), 0);
540 
541 	REQUIRE_EQ(close(cpipe1[0]), 0);
542 	REQUIRE_EQ(close(cpipe1[1]), 0);
543 	REQUIRE_EQ(close(cpipe2[0]), 0);
544 	REQUIRE_EQ(close(cpipe2[1]), 0);
545 	REQUIRE_EQ(close(gcpipe[0]), 0);
546 	REQUIRE_EQ(close(gcpipe[1]), 0);
547 }
548 
549 /*
550  * The parent process should always act the same regardless of how the
551  * debugger is attached to it.
552  */
553 static __dead2 void
554 follow_fork_parent(bool use_vfork)
555 {
556 	pid_t fpid, wpid;
557 	int status;
558 
559 	if (use_vfork)
560 		CHILD_REQUIRE((fpid = vfork()) != -1);
561 	else
562 		CHILD_REQUIRE((fpid = fork()) != -1);
563 
564 	if (fpid == 0)
565 		/* Child */
566 		_exit(2);
567 
568 	wpid = waitpid(fpid, &status, 0);
569 	CHILD_REQUIRE_EQ(wpid, fpid);
570 	CHILD_REQUIRE(WIFEXITED(status));
571 	CHILD_REQUIRE_EQ(WEXITSTATUS(status), 2);
572 
573 	_exit(1);
574 }
575 
576 /*
577  * Helper routine for follow fork tests.  This waits for two stops
578  * that report both "sides" of a fork.  It returns the pid of the new
579  * child process.
580  */
581 static pid_t
582 handle_fork_events(pid_t parent, struct ptrace_lwpinfo *ppl)
583 {
584 	struct ptrace_lwpinfo pl;
585 	bool fork_reported[2];
586 	pid_t child, wpid;
587 	int i, status;
588 
589 	fork_reported[0] = false;
590 	fork_reported[1] = false;
591 	child = -1;
592 
593 	/*
594 	 * Each process should report a fork event.  The parent should
595 	 * report a PL_FLAG_FORKED event, and the child should report
596 	 * a PL_FLAG_CHILD event.
597 	 */
598 	for (i = 0; i < 2; i++) {
599 		wpid = wait(&status);
600 		ATF_REQUIRE(wpid > 0);
601 		ATF_REQUIRE(WIFSTOPPED(status));
602 
603 		ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl,
604 		    sizeof(pl)) != -1);
605 		ATF_REQUIRE((pl.pl_flags & (PL_FLAG_FORKED | PL_FLAG_CHILD)) !=
606 		    0);
607 		ATF_REQUIRE((pl.pl_flags & (PL_FLAG_FORKED | PL_FLAG_CHILD)) !=
608 		    (PL_FLAG_FORKED | PL_FLAG_CHILD));
609 		if (pl.pl_flags & PL_FLAG_CHILD) {
610 			ATF_REQUIRE(wpid != parent);
611 			REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
612 			ATF_REQUIRE(!fork_reported[1]);
613 			if (child == -1)
614 				child = wpid;
615 			else
616 				REQUIRE_EQ(child, wpid);
617 			if (ppl != NULL)
618 				ppl[1] = pl;
619 			fork_reported[1] = true;
620 		} else {
621 			REQUIRE_EQ(wpid, parent);
622 			REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
623 			ATF_REQUIRE(!fork_reported[0]);
624 			if (child == -1)
625 				child = pl.pl_child_pid;
626 			else
627 				REQUIRE_EQ(child, pl.pl_child_pid);
628 			if (ppl != NULL)
629 				ppl[0] = pl;
630 			fork_reported[0] = true;
631 		}
632 	}
633 
634 	return (child);
635 }
636 
637 /*
638  * Verify that a new child process is stopped after a followed fork and
639  * that the traced parent sees the exit of the child after the debugger
640  * when both processes remain attached to the debugger.
641  */
642 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_both_attached);
643 ATF_TC_BODY(ptrace__follow_fork_both_attached, tc)
644 {
645 	pid_t children[2], fpid, wpid;
646 	int status;
647 
648 	ATF_REQUIRE((fpid = fork()) != -1);
649 	if (fpid == 0) {
650 		trace_me();
651 		follow_fork_parent(false);
652 	}
653 
654 	/* Parent process. */
655 	children[0] = fpid;
656 
657 	/* The first wait() should report the stop from SIGSTOP. */
658 	wpid = waitpid(children[0], &status, 0);
659 	REQUIRE_EQ(wpid, children[0]);
660 	ATF_REQUIRE(WIFSTOPPED(status));
661 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
662 
663 	ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1);
664 
665 	/* Continue the child ignoring the SIGSTOP. */
666 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
667 
668 	children[1] = handle_fork_events(children[0], NULL);
669 	ATF_REQUIRE(children[1] > 0);
670 
671 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
672 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1);
673 
674 	/*
675 	 * The child can't exit until the grandchild reports status, so the
676 	 * grandchild should report its exit first to the debugger.
677 	 */
678 	wpid = wait(&status);
679 	REQUIRE_EQ(wpid, children[1]);
680 	ATF_REQUIRE(WIFEXITED(status));
681 	REQUIRE_EQ(WEXITSTATUS(status), 2);
682 
683 	wpid = wait(&status);
684 	REQUIRE_EQ(wpid, children[0]);
685 	ATF_REQUIRE(WIFEXITED(status));
686 	REQUIRE_EQ(WEXITSTATUS(status), 1);
687 
688 	wpid = wait(&status);
689 	REQUIRE_EQ(wpid, -1);
690 	REQUIRE_EQ(errno, ECHILD);
691 }
692 
693 /*
694  * Verify that a new child process is stopped after a followed fork
695  * and that the traced parent sees the exit of the child when the new
696  * child process is detached after it reports its fork.
697  */
698 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_child_detached);
699 ATF_TC_BODY(ptrace__follow_fork_child_detached, tc)
700 {
701 	pid_t children[2], fpid, wpid;
702 	int status;
703 
704 	ATF_REQUIRE((fpid = fork()) != -1);
705 	if (fpid == 0) {
706 		trace_me();
707 		follow_fork_parent(false);
708 	}
709 
710 	/* Parent process. */
711 	children[0] = fpid;
712 
713 	/* The first wait() should report the stop from SIGSTOP. */
714 	wpid = waitpid(children[0], &status, 0);
715 	REQUIRE_EQ(wpid, children[0]);
716 	ATF_REQUIRE(WIFSTOPPED(status));
717 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
718 
719 	ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1);
720 
721 	/* Continue the child ignoring the SIGSTOP. */
722 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
723 
724 	children[1] = handle_fork_events(children[0], NULL);
725 	ATF_REQUIRE(children[1] > 0);
726 
727 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
728 	ATF_REQUIRE(ptrace(PT_DETACH, children[1], (caddr_t)1, 0) != -1);
729 
730 	/*
731 	 * Should not see any status from the grandchild now, only the
732 	 * child.
733 	 */
734 	wpid = wait(&status);
735 	REQUIRE_EQ(wpid, children[0]);
736 	ATF_REQUIRE(WIFEXITED(status));
737 	REQUIRE_EQ(WEXITSTATUS(status), 1);
738 
739 	wpid = wait(&status);
740 	REQUIRE_EQ(wpid, -1);
741 	REQUIRE_EQ(errno, ECHILD);
742 }
743 
744 /*
745  * Verify that a new child process is stopped after a followed fork
746  * and that the traced parent sees the exit of the child when the
747  * traced parent is detached after the fork.
748  */
749 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_parent_detached);
750 ATF_TC_BODY(ptrace__follow_fork_parent_detached, tc)
751 {
752 	pid_t children[2], fpid, wpid;
753 	int status;
754 
755 	ATF_REQUIRE((fpid = fork()) != -1);
756 	if (fpid == 0) {
757 		trace_me();
758 		follow_fork_parent(false);
759 	}
760 
761 	/* Parent process. */
762 	children[0] = fpid;
763 
764 	/* The first wait() should report the stop from SIGSTOP. */
765 	wpid = waitpid(children[0], &status, 0);
766 	REQUIRE_EQ(wpid, children[0]);
767 	ATF_REQUIRE(WIFSTOPPED(status));
768 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
769 
770 	ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1);
771 
772 	/* Continue the child ignoring the SIGSTOP. */
773 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
774 
775 	children[1] = handle_fork_events(children[0], NULL);
776 	ATF_REQUIRE(children[1] > 0);
777 
778 	ATF_REQUIRE(ptrace(PT_DETACH, children[0], (caddr_t)1, 0) != -1);
779 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1);
780 
781 	/*
782 	 * The child can't exit until the grandchild reports status, so the
783 	 * grandchild should report its exit first to the debugger.
784 	 *
785 	 * Even though the child process is detached, it is still a
786 	 * child of the debugger, so it will still report it's exit
787 	 * after the grandchild.
788 	 */
789 	wpid = wait(&status);
790 	REQUIRE_EQ(wpid, children[1]);
791 	ATF_REQUIRE(WIFEXITED(status));
792 	REQUIRE_EQ(WEXITSTATUS(status), 2);
793 
794 	wpid = wait(&status);
795 	REQUIRE_EQ(wpid, children[0]);
796 	ATF_REQUIRE(WIFEXITED(status));
797 	REQUIRE_EQ(WEXITSTATUS(status), 1);
798 
799 	wpid = wait(&status);
800 	REQUIRE_EQ(wpid, -1);
801 	REQUIRE_EQ(errno, ECHILD);
802 }
803 
804 static void
805 attach_fork_parent(int cpipe[2])
806 {
807 	pid_t fpid;
808 
809 	close(cpipe[0]);
810 
811 	/* Double-fork to disassociate from the debugger. */
812 	CHILD_REQUIRE((fpid = fork()) != -1);
813 	if (fpid != 0)
814 		_exit(3);
815 
816 	/* Send the pid of the disassociated child to the debugger. */
817 	fpid = getpid();
818 	CHILD_REQUIRE_EQ(write(cpipe[1], &fpid, sizeof(fpid)),
819 	    (ssize_t)sizeof(fpid));
820 
821 	/* Wait for the debugger to attach. */
822 	CHILD_REQUIRE_EQ(read(cpipe[1], &fpid, sizeof(fpid)), 0);
823 }
824 
825 /*
826  * Verify that a new child process is stopped after a followed fork and
827  * that the traced parent sees the exit of the child after the debugger
828  * when both processes remain attached to the debugger.  In this test
829  * the parent that forks is not a direct child of the debugger.
830  */
831 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_both_attached_unrelated_debugger);
832 ATF_TC_BODY(ptrace__follow_fork_both_attached_unrelated_debugger, tc)
833 {
834 	pid_t children[2], fpid, wpid;
835 	int cpipe[2], status;
836 
837 	REQUIRE_EQ(pipe(cpipe), 0);
838 	ATF_REQUIRE((fpid = fork()) != -1);
839 	if (fpid == 0) {
840 		attach_fork_parent(cpipe);
841 		follow_fork_parent(false);
842 	}
843 
844 	/* Parent process. */
845 	close(cpipe[1]);
846 
847 	/* Wait for the direct child to exit. */
848 	wpid = waitpid(fpid, &status, 0);
849 	REQUIRE_EQ(wpid, fpid);
850 	ATF_REQUIRE(WIFEXITED(status));
851 	REQUIRE_EQ(WEXITSTATUS(status), 3);
852 
853 	/* Read the pid of the fork parent. */
854 	REQUIRE_EQ(read(cpipe[0], &children[0], sizeof(children[0])),
855 	    (ssize_t)sizeof(children[0]));
856 
857 	/* Attach to the fork parent. */
858 	attach_child(children[0]);
859 
860 	ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1);
861 
862 	/* Continue the fork parent ignoring the SIGSTOP. */
863 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
864 
865 	/* Signal the fork parent to continue. */
866 	close(cpipe[0]);
867 
868 	children[1] = handle_fork_events(children[0], NULL);
869 	ATF_REQUIRE(children[1] > 0);
870 
871 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
872 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1);
873 
874 	/*
875 	 * The fork parent can't exit until the child reports status,
876 	 * so the child should report its exit first to the debugger.
877 	 */
878 	wpid = wait(&status);
879 	REQUIRE_EQ(wpid, children[1]);
880 	ATF_REQUIRE(WIFEXITED(status));
881 	REQUIRE_EQ(WEXITSTATUS(status), 2);
882 
883 	wpid = wait(&status);
884 	REQUIRE_EQ(wpid, children[0]);
885 	ATF_REQUIRE(WIFEXITED(status));
886 	REQUIRE_EQ(WEXITSTATUS(status), 1);
887 
888 	wpid = wait(&status);
889 	REQUIRE_EQ(wpid, -1);
890 	REQUIRE_EQ(errno, ECHILD);
891 }
892 
893 /*
894  * Verify that a new child process is stopped after a followed fork
895  * and that the traced parent sees the exit of the child when the new
896  * child process is detached after it reports its fork.  In this test
897  * the parent that forks is not a direct child of the debugger.
898  */
899 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_child_detached_unrelated_debugger);
900 ATF_TC_BODY(ptrace__follow_fork_child_detached_unrelated_debugger, tc)
901 {
902 	pid_t children[2], fpid, wpid;
903 	int cpipe[2], status;
904 
905 	REQUIRE_EQ(pipe(cpipe), 0);
906 	ATF_REQUIRE((fpid = fork()) != -1);
907 	if (fpid == 0) {
908 		attach_fork_parent(cpipe);
909 		follow_fork_parent(false);
910 	}
911 
912 	/* Parent process. */
913 	close(cpipe[1]);
914 
915 	/* Wait for the direct child to exit. */
916 	wpid = waitpid(fpid, &status, 0);
917 	REQUIRE_EQ(wpid, fpid);
918 	ATF_REQUIRE(WIFEXITED(status));
919 	REQUIRE_EQ(WEXITSTATUS(status), 3);
920 
921 	/* Read the pid of the fork parent. */
922 	REQUIRE_EQ(read(cpipe[0], &children[0], sizeof(children[0])),
923 	    (ssize_t)sizeof(children[0]));
924 
925 	/* Attach to the fork parent. */
926 	attach_child(children[0]);
927 
928 	ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1);
929 
930 	/* Continue the fork parent ignoring the SIGSTOP. */
931 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
932 
933 	/* Signal the fork parent to continue. */
934 	close(cpipe[0]);
935 
936 	children[1] = handle_fork_events(children[0], NULL);
937 	ATF_REQUIRE(children[1] > 0);
938 
939 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
940 	ATF_REQUIRE(ptrace(PT_DETACH, children[1], (caddr_t)1, 0) != -1);
941 
942 	/*
943 	 * Should not see any status from the child now, only the fork
944 	 * parent.
945 	 */
946 	wpid = wait(&status);
947 	REQUIRE_EQ(wpid, children[0]);
948 	ATF_REQUIRE(WIFEXITED(status));
949 	REQUIRE_EQ(WEXITSTATUS(status), 1);
950 
951 	wpid = wait(&status);
952 	REQUIRE_EQ(wpid, -1);
953 	REQUIRE_EQ(errno, ECHILD);
954 }
955 
956 /*
957  * Verify that a new child process is stopped after a followed fork
958  * and that the traced parent sees the exit of the child when the
959  * traced parent is detached after the fork.  In this test the parent
960  * that forks is not a direct child of the debugger.
961  */
962 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_parent_detached_unrelated_debugger);
963 ATF_TC_BODY(ptrace__follow_fork_parent_detached_unrelated_debugger, tc)
964 {
965 	pid_t children[2], fpid, wpid;
966 	int cpipe[2], status;
967 
968 	REQUIRE_EQ(pipe(cpipe), 0);
969 	ATF_REQUIRE((fpid = fork()) != -1);
970 	if (fpid == 0) {
971 		attach_fork_parent(cpipe);
972 		follow_fork_parent(false);
973 	}
974 
975 	/* Parent process. */
976 	close(cpipe[1]);
977 
978 	/* Wait for the direct child to exit. */
979 	wpid = waitpid(fpid, &status, 0);
980 	REQUIRE_EQ(wpid, fpid);
981 	ATF_REQUIRE(WIFEXITED(status));
982 	REQUIRE_EQ(WEXITSTATUS(status), 3);
983 
984 	/* Read the pid of the fork parent. */
985 	REQUIRE_EQ(read(cpipe[0], &children[0], sizeof(children[0])),
986 	    (ssize_t)sizeof(children[0]));
987 
988 	/* Attach to the fork parent. */
989 	attach_child(children[0]);
990 
991 	ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1);
992 
993 	/* Continue the fork parent ignoring the SIGSTOP. */
994 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
995 
996 	/* Signal the fork parent to continue. */
997 	close(cpipe[0]);
998 
999 	children[1] = handle_fork_events(children[0], NULL);
1000 	ATF_REQUIRE(children[1] > 0);
1001 
1002 	ATF_REQUIRE(ptrace(PT_DETACH, children[0], (caddr_t)1, 0) != -1);
1003 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1);
1004 
1005 	/*
1006 	 * Should not see any status from the fork parent now, only
1007 	 * the child.
1008 	 */
1009 	wpid = wait(&status);
1010 	REQUIRE_EQ(wpid, children[1]);
1011 	ATF_REQUIRE(WIFEXITED(status));
1012 	REQUIRE_EQ(WEXITSTATUS(status), 2);
1013 
1014 	wpid = wait(&status);
1015 	REQUIRE_EQ(wpid, -1);
1016 	REQUIRE_EQ(errno, ECHILD);
1017 }
1018 
1019 /*
1020  * Verify that a child process does not see an unrelated debugger as its
1021  * parent but sees its original parent process.
1022  */
1023 ATF_TC_WITHOUT_HEAD(ptrace__getppid);
1024 ATF_TC_BODY(ptrace__getppid, tc)
1025 {
1026 	pid_t child, debugger, ppid, wpid;
1027 	int cpipe[2], dpipe[2], status;
1028 	char c;
1029 
1030 	REQUIRE_EQ(pipe(cpipe), 0);
1031 	ATF_REQUIRE((child = fork()) != -1);
1032 
1033 	if (child == 0) {
1034 		/* Child process. */
1035 		close(cpipe[0]);
1036 
1037 		/* Wait for parent to be ready. */
1038 		CHILD_REQUIRE_EQ(read(cpipe[1], &c, sizeof(c)),
1039 		    (ssize_t)sizeof(c));
1040 
1041 		/* Report the parent PID to the parent. */
1042 		ppid = getppid();
1043 		CHILD_REQUIRE_EQ(write(cpipe[1], &ppid, sizeof(ppid)),
1044 		    (ssize_t)sizeof(ppid));
1045 
1046 		_exit(1);
1047 	}
1048 	close(cpipe[1]);
1049 
1050 	REQUIRE_EQ(pipe(dpipe), 0);
1051 	ATF_REQUIRE((debugger = fork()) != -1);
1052 
1053 	if (debugger == 0) {
1054 		/* Debugger process. */
1055 		close(dpipe[0]);
1056 
1057 		CHILD_REQUIRE(ptrace(PT_ATTACH, child, NULL, 0) != -1);
1058 
1059 		wpid = waitpid(child, &status, 0);
1060 		CHILD_REQUIRE_EQ(wpid, child);
1061 		CHILD_REQUIRE(WIFSTOPPED(status));
1062 		CHILD_REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
1063 
1064 		CHILD_REQUIRE(ptrace(PT_CONTINUE, child, (caddr_t)1, 0) != -1);
1065 
1066 		/* Signal parent that debugger is attached. */
1067 		CHILD_REQUIRE_EQ(write(dpipe[1], &c, sizeof(c)),
1068 		    (ssize_t)sizeof(c));
1069 
1070 		/* Wait for traced child to exit. */
1071 		wpid = waitpid(child, &status, 0);
1072 		CHILD_REQUIRE_EQ(wpid, child);
1073 		CHILD_REQUIRE(WIFEXITED(status));
1074 		CHILD_REQUIRE_EQ(WEXITSTATUS(status), 1);
1075 
1076 		_exit(0);
1077 	}
1078 	close(dpipe[1]);
1079 
1080 	/* Parent process. */
1081 
1082 	/* Wait for the debugger to attach to the child. */
1083 	REQUIRE_EQ(read(dpipe[0], &c, sizeof(c)), (ssize_t)sizeof(c));
1084 
1085 	/* Release the child. */
1086 	REQUIRE_EQ(write(cpipe[0], &c, sizeof(c)), (ssize_t)sizeof(c));
1087 
1088 	/* Read the parent PID from the child. */
1089 	REQUIRE_EQ(read(cpipe[0], &ppid, sizeof(ppid)), (ssize_t)sizeof(ppid));
1090 	close(cpipe[0]);
1091 
1092 	REQUIRE_EQ(ppid, getpid());
1093 
1094 	/* Wait for the debugger. */
1095 	wpid = waitpid(debugger, &status, 0);
1096 	REQUIRE_EQ(wpid, debugger);
1097 	ATF_REQUIRE(WIFEXITED(status));
1098 	REQUIRE_EQ(WEXITSTATUS(status), 0);
1099 
1100 	/* The child process should now be ready. */
1101 	wpid = waitpid(child, &status, WNOHANG);
1102 	REQUIRE_EQ(wpid, child);
1103 	ATF_REQUIRE(WIFEXITED(status));
1104 	REQUIRE_EQ(WEXITSTATUS(status), 1);
1105 }
1106 
1107 /*
1108  * Verify that pl_syscall_code in struct ptrace_lwpinfo for a new
1109  * child process created via fork() reports the correct value.
1110  */
1111 ATF_TC_WITHOUT_HEAD(ptrace__new_child_pl_syscall_code_fork);
1112 ATF_TC_BODY(ptrace__new_child_pl_syscall_code_fork, tc)
1113 {
1114 	struct ptrace_lwpinfo pl[2];
1115 	pid_t children[2], fpid, wpid;
1116 	int status;
1117 
1118 	ATF_REQUIRE((fpid = fork()) != -1);
1119 	if (fpid == 0) {
1120 		trace_me();
1121 		follow_fork_parent(false);
1122 	}
1123 
1124 	/* Parent process. */
1125 	children[0] = fpid;
1126 
1127 	/* The first wait() should report the stop from SIGSTOP. */
1128 	wpid = waitpid(children[0], &status, 0);
1129 	REQUIRE_EQ(wpid, children[0]);
1130 	ATF_REQUIRE(WIFSTOPPED(status));
1131 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
1132 
1133 	ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1);
1134 
1135 	/* Continue the child ignoring the SIGSTOP. */
1136 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
1137 
1138 	/* Wait for both halves of the fork event to get reported. */
1139 	children[1] = handle_fork_events(children[0], pl);
1140 	ATF_REQUIRE(children[1] > 0);
1141 
1142 	ATF_REQUIRE((pl[0].pl_flags & PL_FLAG_SCX) != 0);
1143 	ATF_REQUIRE((pl[1].pl_flags & PL_FLAG_SCX) != 0);
1144 	REQUIRE_EQ(pl[0].pl_syscall_code, (unsigned)SYS_fork);
1145 	REQUIRE_EQ(pl[0].pl_syscall_code, pl[1].pl_syscall_code);
1146 	REQUIRE_EQ(pl[0].pl_syscall_narg, pl[1].pl_syscall_narg);
1147 
1148 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
1149 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1);
1150 
1151 	/*
1152 	 * The child can't exit until the grandchild reports status, so the
1153 	 * grandchild should report its exit first to the debugger.
1154 	 */
1155 	wpid = wait(&status);
1156 	REQUIRE_EQ(wpid, children[1]);
1157 	ATF_REQUIRE(WIFEXITED(status));
1158 	REQUIRE_EQ(WEXITSTATUS(status), 2);
1159 
1160 	wpid = wait(&status);
1161 	REQUIRE_EQ(wpid, children[0]);
1162 	ATF_REQUIRE(WIFEXITED(status));
1163 	REQUIRE_EQ(WEXITSTATUS(status), 1);
1164 
1165 	wpid = wait(&status);
1166 	REQUIRE_EQ(wpid, -1);
1167 	REQUIRE_EQ(errno, ECHILD);
1168 }
1169 
1170 /*
1171  * Verify that pl_syscall_code in struct ptrace_lwpinfo for a new
1172  * child process created via vfork() reports the correct value.
1173  */
1174 ATF_TC_WITHOUT_HEAD(ptrace__new_child_pl_syscall_code_vfork);
1175 ATF_TC_BODY(ptrace__new_child_pl_syscall_code_vfork, tc)
1176 {
1177 	struct ptrace_lwpinfo pl[2];
1178 	pid_t children[2], fpid, wpid;
1179 	int status;
1180 
1181 	ATF_REQUIRE((fpid = fork()) != -1);
1182 	if (fpid == 0) {
1183 		trace_me();
1184 		follow_fork_parent(true);
1185 	}
1186 
1187 	/* Parent process. */
1188 	children[0] = fpid;
1189 
1190 	/* The first wait() should report the stop from SIGSTOP. */
1191 	wpid = waitpid(children[0], &status, 0);
1192 	REQUIRE_EQ(wpid, children[0]);
1193 	ATF_REQUIRE(WIFSTOPPED(status));
1194 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
1195 
1196 	ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1);
1197 
1198 	/* Continue the child ignoring the SIGSTOP. */
1199 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
1200 
1201 	/* Wait for both halves of the fork event to get reported. */
1202 	children[1] = handle_fork_events(children[0], pl);
1203 	ATF_REQUIRE(children[1] > 0);
1204 
1205 	ATF_REQUIRE((pl[0].pl_flags & PL_FLAG_SCX) != 0);
1206 	ATF_REQUIRE((pl[1].pl_flags & PL_FLAG_SCX) != 0);
1207 	REQUIRE_EQ(pl[0].pl_syscall_code, (unsigned)SYS_vfork);
1208 	REQUIRE_EQ(pl[0].pl_syscall_code, pl[1].pl_syscall_code);
1209 	REQUIRE_EQ(pl[0].pl_syscall_narg, pl[1].pl_syscall_narg);
1210 
1211 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
1212 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1);
1213 
1214 	/*
1215 	 * The child can't exit until the grandchild reports status, so the
1216 	 * grandchild should report its exit first to the debugger.
1217 	 */
1218 	wpid = wait(&status);
1219 	REQUIRE_EQ(wpid, children[1]);
1220 	ATF_REQUIRE(WIFEXITED(status));
1221 	REQUIRE_EQ(WEXITSTATUS(status), 2);
1222 
1223 	wpid = wait(&status);
1224 	REQUIRE_EQ(wpid, children[0]);
1225 	ATF_REQUIRE(WIFEXITED(status));
1226 	REQUIRE_EQ(WEXITSTATUS(status), 1);
1227 
1228 	wpid = wait(&status);
1229 	REQUIRE_EQ(wpid, -1);
1230 	REQUIRE_EQ(errno, ECHILD);
1231 }
1232 
1233 static void *
1234 simple_thread(void *arg __unused)
1235 {
1236 
1237 	pthread_exit(NULL);
1238 }
1239 
1240 static __dead2 void
1241 simple_thread_main(void)
1242 {
1243 	pthread_t thread;
1244 
1245 	CHILD_REQUIRE_EQ(pthread_create(&thread, NULL, simple_thread, NULL), 0);
1246 	CHILD_REQUIRE_EQ(pthread_join(thread, NULL), 0);
1247 	exit(1);
1248 }
1249 
1250 /*
1251  * Verify that pl_syscall_code in struct ptrace_lwpinfo for a new
1252  * thread reports the correct value.
1253  */
1254 ATF_TC_WITHOUT_HEAD(ptrace__new_child_pl_syscall_code_thread);
1255 ATF_TC_BODY(ptrace__new_child_pl_syscall_code_thread, tc)
1256 {
1257 	struct ptrace_lwpinfo pl;
1258 	pid_t fpid, wpid;
1259 	lwpid_t mainlwp;
1260 	int status;
1261 
1262 	ATF_REQUIRE((fpid = fork()) != -1);
1263 	if (fpid == 0) {
1264 		trace_me();
1265 		simple_thread_main();
1266 	}
1267 
1268 	/* The first wait() should report the stop from SIGSTOP. */
1269 	wpid = waitpid(fpid, &status, 0);
1270 	REQUIRE_EQ(wpid, fpid);
1271 	ATF_REQUIRE(WIFSTOPPED(status));
1272 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
1273 
1274 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl,
1275 	    sizeof(pl)) != -1);
1276 	mainlwp = pl.pl_lwpid;
1277 
1278 	/*
1279 	 * Continue the child ignoring the SIGSTOP and tracing all
1280 	 * system call exits.
1281 	 */
1282 	ATF_REQUIRE(ptrace(PT_TO_SCX, fpid, (caddr_t)1, 0) != -1);
1283 
1284 	/*
1285 	 * Wait for the new thread to arrive.  pthread_create() might
1286 	 * invoke any number of system calls.  For now we just wait
1287 	 * for the new thread to arrive and make sure it reports a
1288 	 * valid system call code.  If ptrace grows thread event
1289 	 * reporting then this test can be made more precise.
1290 	 */
1291 	for (;;) {
1292 		wpid = waitpid(fpid, &status, 0);
1293 		REQUIRE_EQ(wpid, fpid);
1294 		ATF_REQUIRE(WIFSTOPPED(status));
1295 		REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
1296 
1297 		ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl,
1298 		    sizeof(pl)) != -1);
1299 		ATF_REQUIRE((pl.pl_flags & PL_FLAG_SCX) != 0);
1300 		ATF_REQUIRE(pl.pl_syscall_code != 0);
1301 		if (pl.pl_lwpid != mainlwp)
1302 			/* New thread seen. */
1303 			break;
1304 
1305 		REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1306 	}
1307 
1308 	/* Wait for the child to exit. */
1309 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1310 	for (;;) {
1311 		wpid = waitpid(fpid, &status, 0);
1312 		REQUIRE_EQ(wpid, fpid);
1313 		if (WIFEXITED(status))
1314 			break;
1315 
1316 		ATF_REQUIRE(WIFSTOPPED(status));
1317 		REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
1318 		REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1319 	}
1320 
1321 	REQUIRE_EQ(WEXITSTATUS(status), 1);
1322 
1323 	wpid = wait(&status);
1324 	REQUIRE_EQ(wpid, -1);
1325 	REQUIRE_EQ(errno, ECHILD);
1326 }
1327 
1328 /*
1329  * Verify that the expected LWP events are reported for a child thread.
1330  */
1331 ATF_TC_WITHOUT_HEAD(ptrace__lwp_events);
1332 ATF_TC_BODY(ptrace__lwp_events, tc)
1333 {
1334 	struct ptrace_lwpinfo pl;
1335 	pid_t fpid, wpid;
1336 	lwpid_t lwps[2];
1337 	int status;
1338 
1339 	ATF_REQUIRE((fpid = fork()) != -1);
1340 	if (fpid == 0) {
1341 		trace_me();
1342 		simple_thread_main();
1343 	}
1344 
1345 	/* The first wait() should report the stop from SIGSTOP. */
1346 	wpid = waitpid(fpid, &status, 0);
1347 	REQUIRE_EQ(wpid, fpid);
1348 	ATF_REQUIRE(WIFSTOPPED(status));
1349 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
1350 
1351 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl,
1352 	    sizeof(pl)) != -1);
1353 	lwps[0] = pl.pl_lwpid;
1354 
1355 	REQUIRE_EQ(ptrace(PT_LWP_EVENTS, wpid, NULL, 1), 0);
1356 
1357 	/* Continue the child ignoring the SIGSTOP. */
1358 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1359 
1360 	/* The first event should be for the child thread's birth. */
1361 	wpid = waitpid(fpid, &status, 0);
1362 	REQUIRE_EQ(wpid, fpid);
1363 	ATF_REQUIRE(WIFSTOPPED(status));
1364 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
1365 
1366 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
1367 	REQUIRE_EQ((pl.pl_flags & (PL_FLAG_BORN | PL_FLAG_SCX)),
1368 	    (PL_FLAG_BORN | PL_FLAG_SCX));
1369 	ATF_REQUIRE(pl.pl_lwpid != lwps[0]);
1370 	lwps[1] = pl.pl_lwpid;
1371 
1372 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1373 
1374 	/* The next event should be for the child thread's death. */
1375 	wpid = waitpid(fpid, &status, 0);
1376 	REQUIRE_EQ(wpid, fpid);
1377 	ATF_REQUIRE(WIFSTOPPED(status));
1378 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
1379 
1380 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
1381 	REQUIRE_EQ((pl.pl_flags & (PL_FLAG_EXITED | PL_FLAG_SCE)),
1382 	    (PL_FLAG_EXITED | PL_FLAG_SCE));
1383 	REQUIRE_EQ(pl.pl_lwpid, lwps[1]);
1384 
1385 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1386 
1387 	/* The last event should be for the child process's exit. */
1388 	wpid = waitpid(fpid, &status, 0);
1389 	ATF_REQUIRE(WIFEXITED(status));
1390 	REQUIRE_EQ(WEXITSTATUS(status), 1);
1391 
1392 	wpid = wait(&status);
1393 	REQUIRE_EQ(wpid, -1);
1394 	REQUIRE_EQ(errno, ECHILD);
1395 }
1396 
1397 static void *
1398 exec_thread(void *arg __unused)
1399 {
1400 
1401 	execl("/usr/bin/true", "true", NULL);
1402 	exit(127);
1403 }
1404 
1405 static __dead2 void
1406 exec_thread_main(void)
1407 {
1408 	pthread_t thread;
1409 
1410 	CHILD_REQUIRE_EQ(pthread_create(&thread, NULL, exec_thread, NULL), 0);
1411 	for (;;)
1412 		sleep(60);
1413 	exit(1);
1414 }
1415 
1416 /*
1417  * Verify that the expected LWP events are reported for a multithreaded
1418  * process that calls execve(2).
1419  */
1420 ATF_TC_WITHOUT_HEAD(ptrace__lwp_events_exec);
1421 ATF_TC_BODY(ptrace__lwp_events_exec, tc)
1422 {
1423 	struct ptrace_lwpinfo pl;
1424 	pid_t fpid, wpid;
1425 	lwpid_t lwps[2];
1426 	int status;
1427 
1428 	ATF_REQUIRE((fpid = fork()) != -1);
1429 	if (fpid == 0) {
1430 		trace_me();
1431 		exec_thread_main();
1432 	}
1433 
1434 	/* The first wait() should report the stop from SIGSTOP. */
1435 	wpid = waitpid(fpid, &status, 0);
1436 	REQUIRE_EQ(wpid, fpid);
1437 	ATF_REQUIRE(WIFSTOPPED(status));
1438 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
1439 
1440 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl,
1441 	    sizeof(pl)) != -1);
1442 	lwps[0] = pl.pl_lwpid;
1443 
1444 	REQUIRE_EQ(ptrace(PT_LWP_EVENTS, wpid, NULL, 1), 0);
1445 
1446 	/* Continue the child ignoring the SIGSTOP. */
1447 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1448 
1449 	/* The first event should be for the child thread's birth. */
1450 	wpid = waitpid(fpid, &status, 0);
1451 	REQUIRE_EQ(wpid, fpid);
1452 	ATF_REQUIRE(WIFSTOPPED(status));
1453 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
1454 
1455 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
1456 	REQUIRE_EQ((pl.pl_flags & (PL_FLAG_BORN | PL_FLAG_SCX)),
1457 	    (PL_FLAG_BORN | PL_FLAG_SCX));
1458 	ATF_REQUIRE(pl.pl_lwpid != lwps[0]);
1459 	lwps[1] = pl.pl_lwpid;
1460 
1461 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1462 
1463 	/*
1464 	 * The next event should be for the main thread's death due to
1465 	 * single threading from execve().
1466 	 */
1467 	wpid = waitpid(fpid, &status, 0);
1468 	REQUIRE_EQ(wpid, fpid);
1469 	ATF_REQUIRE(WIFSTOPPED(status));
1470 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
1471 
1472 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
1473 	REQUIRE_EQ((pl.pl_flags & (PL_FLAG_EXITED | PL_FLAG_SCE)),
1474 	    (PL_FLAG_EXITED));
1475 	REQUIRE_EQ(pl.pl_lwpid, lwps[0]);
1476 
1477 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1478 
1479 	/* The next event should be for the child process's exec. */
1480 	wpid = waitpid(fpid, &status, 0);
1481 	ATF_REQUIRE(WIFSTOPPED(status));
1482 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
1483 
1484 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
1485 	REQUIRE_EQ((pl.pl_flags & (PL_FLAG_EXEC | PL_FLAG_SCX)),
1486 	    (PL_FLAG_EXEC | PL_FLAG_SCX));
1487 	REQUIRE_EQ(pl.pl_lwpid, lwps[1]);
1488 
1489 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1490 
1491 	/* The last event should be for the child process's exit. */
1492 	wpid = waitpid(fpid, &status, 0);
1493 	ATF_REQUIRE(WIFEXITED(status));
1494 	REQUIRE_EQ(WEXITSTATUS(status), 0);
1495 
1496 	wpid = wait(&status);
1497 	REQUIRE_EQ(wpid, -1);
1498 	REQUIRE_EQ(errno, ECHILD);
1499 }
1500 
1501 static void
1502 handler(int sig __unused)
1503 {
1504 }
1505 
1506 static void
1507 signal_main(void)
1508 {
1509 
1510 	signal(SIGINFO, handler);
1511 	raise(SIGINFO);
1512 	exit(0);
1513 }
1514 
1515 /*
1516  * Verify that the expected ptrace event is reported for a signal.
1517  */
1518 ATF_TC_WITHOUT_HEAD(ptrace__siginfo);
1519 ATF_TC_BODY(ptrace__siginfo, tc)
1520 {
1521 	struct ptrace_lwpinfo pl;
1522 	pid_t fpid, wpid;
1523 	int status;
1524 
1525 	ATF_REQUIRE((fpid = fork()) != -1);
1526 	if (fpid == 0) {
1527 		trace_me();
1528 		signal_main();
1529 	}
1530 
1531 	/* The first wait() should report the stop from SIGSTOP. */
1532 	wpid = waitpid(fpid, &status, 0);
1533 	REQUIRE_EQ(wpid, fpid);
1534 	ATF_REQUIRE(WIFSTOPPED(status));
1535 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
1536 
1537 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1538 
1539 	/* The next event should be for the SIGINFO. */
1540 	wpid = waitpid(fpid, &status, 0);
1541 	ATF_REQUIRE(WIFSTOPPED(status));
1542 	REQUIRE_EQ(WSTOPSIG(status), SIGINFO);
1543 
1544 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
1545 	REQUIRE_EQ(pl.pl_event, PL_EVENT_SIGNAL);
1546 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SI);
1547 	REQUIRE_EQ(pl.pl_siginfo.si_code, SI_LWP);
1548 	REQUIRE_EQ(pl.pl_siginfo.si_pid, wpid);
1549 
1550 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1551 
1552 	/* The last event should be for the child process's exit. */
1553 	wpid = waitpid(fpid, &status, 0);
1554 	ATF_REQUIRE(WIFEXITED(status));
1555 	REQUIRE_EQ(WEXITSTATUS(status), 0);
1556 
1557 	wpid = wait(&status);
1558 	REQUIRE_EQ(wpid, -1);
1559 	REQUIRE_EQ(errno, ECHILD);
1560 }
1561 
1562 /*
1563  * Verify that the expected ptrace events are reported for PTRACE_EXEC.
1564  */
1565 ATF_TC_WITHOUT_HEAD(ptrace__ptrace_exec_disable);
1566 ATF_TC_BODY(ptrace__ptrace_exec_disable, tc)
1567 {
1568 	pid_t fpid, wpid;
1569 	int events, status;
1570 
1571 	ATF_REQUIRE((fpid = fork()) != -1);
1572 	if (fpid == 0) {
1573 		trace_me();
1574 		exec_thread(NULL);
1575 	}
1576 
1577 	/* The first wait() should report the stop from SIGSTOP. */
1578 	wpid = waitpid(fpid, &status, 0);
1579 	REQUIRE_EQ(wpid, fpid);
1580 	ATF_REQUIRE(WIFSTOPPED(status));
1581 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
1582 
1583 	events = 0;
1584 	ATF_REQUIRE(ptrace(PT_SET_EVENT_MASK, fpid, (caddr_t)&events,
1585 	    sizeof(events)) == 0);
1586 
1587 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1588 
1589 	/* Should get one event at exit. */
1590 	wpid = waitpid(fpid, &status, 0);
1591 	ATF_REQUIRE(WIFEXITED(status));
1592 	REQUIRE_EQ(WEXITSTATUS(status), 0);
1593 
1594 	wpid = wait(&status);
1595 	REQUIRE_EQ(wpid, -1);
1596 	REQUIRE_EQ(errno, ECHILD);
1597 }
1598 
1599 ATF_TC_WITHOUT_HEAD(ptrace__ptrace_exec_enable);
1600 ATF_TC_BODY(ptrace__ptrace_exec_enable, tc)
1601 {
1602 	struct ptrace_lwpinfo pl;
1603 	pid_t fpid, wpid;
1604 	int events, status;
1605 
1606 	ATF_REQUIRE((fpid = fork()) != -1);
1607 	if (fpid == 0) {
1608 		trace_me();
1609 		exec_thread(NULL);
1610 	}
1611 
1612 	/* The first wait() should report the stop from SIGSTOP. */
1613 	wpid = waitpid(fpid, &status, 0);
1614 	REQUIRE_EQ(wpid, fpid);
1615 	ATF_REQUIRE(WIFSTOPPED(status));
1616 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
1617 
1618 	events = PTRACE_EXEC;
1619 	ATF_REQUIRE(ptrace(PT_SET_EVENT_MASK, fpid, (caddr_t)&events,
1620 	    sizeof(events)) == 0);
1621 
1622 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1623 
1624 	/* The next event should be for the child process's exec. */
1625 	wpid = waitpid(fpid, &status, 0);
1626 	ATF_REQUIRE(WIFSTOPPED(status));
1627 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
1628 
1629 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
1630 	REQUIRE_EQ((pl.pl_flags & (PL_FLAG_EXEC | PL_FLAG_SCX)),
1631 	    (PL_FLAG_EXEC | PL_FLAG_SCX));
1632 
1633 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1634 
1635 	/* The last event should be for the child process's exit. */
1636 	wpid = waitpid(fpid, &status, 0);
1637 	ATF_REQUIRE(WIFEXITED(status));
1638 	REQUIRE_EQ(WEXITSTATUS(status), 0);
1639 
1640 	wpid = wait(&status);
1641 	REQUIRE_EQ(wpid, -1);
1642 	REQUIRE_EQ(errno, ECHILD);
1643 }
1644 
1645 ATF_TC_WITHOUT_HEAD(ptrace__event_mask);
1646 ATF_TC_BODY(ptrace__event_mask, tc)
1647 {
1648 	pid_t fpid, wpid;
1649 	int events, status;
1650 
1651 	ATF_REQUIRE((fpid = fork()) != -1);
1652 	if (fpid == 0) {
1653 		trace_me();
1654 		exit(0);
1655 	}
1656 
1657 	/* The first wait() should report the stop from SIGSTOP. */
1658 	wpid = waitpid(fpid, &status, 0);
1659 	REQUIRE_EQ(wpid, fpid);
1660 	ATF_REQUIRE(WIFSTOPPED(status));
1661 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
1662 
1663 	/* PT_FOLLOW_FORK should toggle the state of PTRACE_FORK. */
1664 	ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, fpid, NULL, 1) != -1);
1665 	ATF_REQUIRE(ptrace(PT_GET_EVENT_MASK, fpid, (caddr_t)&events,
1666 	    sizeof(events)) == 0);
1667 	ATF_REQUIRE(events & PTRACE_FORK);
1668 	ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, fpid, NULL, 0) != -1);
1669 	ATF_REQUIRE(ptrace(PT_GET_EVENT_MASK, fpid, (caddr_t)&events,
1670 	    sizeof(events)) == 0);
1671 	ATF_REQUIRE(!(events & PTRACE_FORK));
1672 
1673 	/* PT_LWP_EVENTS should toggle the state of PTRACE_LWP. */
1674 	ATF_REQUIRE(ptrace(PT_LWP_EVENTS, fpid, NULL, 1) != -1);
1675 	ATF_REQUIRE(ptrace(PT_GET_EVENT_MASK, fpid, (caddr_t)&events,
1676 	    sizeof(events)) == 0);
1677 	ATF_REQUIRE(events & PTRACE_LWP);
1678 	ATF_REQUIRE(ptrace(PT_LWP_EVENTS, fpid, NULL, 0) != -1);
1679 	ATF_REQUIRE(ptrace(PT_GET_EVENT_MASK, fpid, (caddr_t)&events,
1680 	    sizeof(events)) == 0);
1681 	ATF_REQUIRE(!(events & PTRACE_LWP));
1682 
1683 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1684 
1685 	/* Should get one event at exit. */
1686 	wpid = waitpid(fpid, &status, 0);
1687 	ATF_REQUIRE(WIFEXITED(status));
1688 	REQUIRE_EQ(WEXITSTATUS(status), 0);
1689 
1690 	wpid = wait(&status);
1691 	REQUIRE_EQ(wpid, -1);
1692 	REQUIRE_EQ(errno, ECHILD);
1693 }
1694 
1695 /*
1696  * Verify that the expected ptrace events are reported for PTRACE_VFORK.
1697  */
1698 ATF_TC_WITHOUT_HEAD(ptrace__ptrace_vfork);
1699 ATF_TC_BODY(ptrace__ptrace_vfork, tc)
1700 {
1701 	struct ptrace_lwpinfo pl;
1702 	pid_t fpid, wpid;
1703 	int events, status;
1704 
1705 	ATF_REQUIRE((fpid = fork()) != -1);
1706 	if (fpid == 0) {
1707 		trace_me();
1708 		follow_fork_parent(true);
1709 	}
1710 
1711 	/* The first wait() should report the stop from SIGSTOP. */
1712 	wpid = waitpid(fpid, &status, 0);
1713 	REQUIRE_EQ(wpid, fpid);
1714 	ATF_REQUIRE(WIFSTOPPED(status));
1715 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
1716 
1717 	ATF_REQUIRE(ptrace(PT_GET_EVENT_MASK, fpid, (caddr_t)&events,
1718 	    sizeof(events)) == 0);
1719 	events |= PTRACE_VFORK;
1720 	ATF_REQUIRE(ptrace(PT_SET_EVENT_MASK, fpid, (caddr_t)&events,
1721 	    sizeof(events)) == 0);
1722 
1723 	/* Continue the child ignoring the SIGSTOP. */
1724 	ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0) != -1);
1725 
1726 	/* The next event should report the end of the vfork. */
1727 	wpid = wait(&status);
1728 	REQUIRE_EQ(wpid, fpid);
1729 	ATF_REQUIRE(WIFSTOPPED(status));
1730 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
1731 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
1732 	ATF_REQUIRE((pl.pl_flags & PL_FLAG_VFORK_DONE) != 0);
1733 
1734 	ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0) != -1);
1735 
1736 	wpid = wait(&status);
1737 	REQUIRE_EQ(wpid, fpid);
1738 	ATF_REQUIRE(WIFEXITED(status));
1739 	REQUIRE_EQ(WEXITSTATUS(status), 1);
1740 
1741 	wpid = wait(&status);
1742 	REQUIRE_EQ(wpid, -1);
1743 	REQUIRE_EQ(errno, ECHILD);
1744 }
1745 
1746 ATF_TC_WITHOUT_HEAD(ptrace__ptrace_vfork_follow);
1747 ATF_TC_BODY(ptrace__ptrace_vfork_follow, tc)
1748 {
1749 	struct ptrace_lwpinfo pl[2];
1750 	pid_t children[2], fpid, wpid;
1751 	int events, status;
1752 
1753 	ATF_REQUIRE((fpid = fork()) != -1);
1754 	if (fpid == 0) {
1755 		trace_me();
1756 		follow_fork_parent(true);
1757 	}
1758 
1759 	/* Parent process. */
1760 	children[0] = fpid;
1761 
1762 	/* The first wait() should report the stop from SIGSTOP. */
1763 	wpid = waitpid(children[0], &status, 0);
1764 	REQUIRE_EQ(wpid, children[0]);
1765 	ATF_REQUIRE(WIFSTOPPED(status));
1766 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
1767 
1768 	ATF_REQUIRE(ptrace(PT_GET_EVENT_MASK, children[0], (caddr_t)&events,
1769 	    sizeof(events)) == 0);
1770 	events |= PTRACE_FORK | PTRACE_VFORK;
1771 	ATF_REQUIRE(ptrace(PT_SET_EVENT_MASK, children[0], (caddr_t)&events,
1772 	    sizeof(events)) == 0);
1773 
1774 	/* Continue the child ignoring the SIGSTOP. */
1775 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
1776 
1777 	/* Wait for both halves of the fork event to get reported. */
1778 	children[1] = handle_fork_events(children[0], pl);
1779 	ATF_REQUIRE(children[1] > 0);
1780 
1781 	ATF_REQUIRE((pl[0].pl_flags & PL_FLAG_VFORKED) != 0);
1782 
1783 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
1784 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1);
1785 
1786 	/*
1787 	 * The child can't exit until the grandchild reports status, so the
1788 	 * grandchild should report its exit first to the debugger.
1789 	 */
1790 	wpid = waitpid(children[1], &status, 0);
1791 	REQUIRE_EQ(wpid, children[1]);
1792 	ATF_REQUIRE(WIFEXITED(status));
1793 	REQUIRE_EQ(WEXITSTATUS(status), 2);
1794 
1795 	/*
1796 	 * The child should report it's vfork() completion before it
1797 	 * exits.
1798 	 */
1799 	wpid = wait(&status);
1800 	REQUIRE_EQ(wpid, children[0]);
1801 	ATF_REQUIRE(WIFSTOPPED(status));
1802 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
1803 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl[0], sizeof(pl[0])) !=
1804 	    -1);
1805 	ATF_REQUIRE((pl[0].pl_flags & PL_FLAG_VFORK_DONE) != 0);
1806 
1807 	ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
1808 
1809 	wpid = wait(&status);
1810 	REQUIRE_EQ(wpid, children[0]);
1811 	ATF_REQUIRE(WIFEXITED(status));
1812 	REQUIRE_EQ(WEXITSTATUS(status), 1);
1813 
1814 	wpid = wait(&status);
1815 	REQUIRE_EQ(wpid, -1);
1816 	REQUIRE_EQ(errno, ECHILD);
1817 }
1818 
1819 #ifdef HAVE_BREAKPOINT
1820 /*
1821  * Verify that no more events are reported after PT_KILL except for the
1822  * process exit when stopped due to a breakpoint trap.
1823  */
1824 ATF_TC_WITHOUT_HEAD(ptrace__PT_KILL_breakpoint);
1825 ATF_TC_BODY(ptrace__PT_KILL_breakpoint, tc)
1826 {
1827 	pid_t fpid, wpid;
1828 	int status;
1829 
1830 	ATF_REQUIRE((fpid = fork()) != -1);
1831 	if (fpid == 0) {
1832 		trace_me();
1833 		breakpoint();
1834 		exit(1);
1835 	}
1836 
1837 	/* The first wait() should report the stop from SIGSTOP. */
1838 	wpid = waitpid(fpid, &status, 0);
1839 	REQUIRE_EQ(wpid, fpid);
1840 	ATF_REQUIRE(WIFSTOPPED(status));
1841 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
1842 
1843 	/* Continue the child ignoring the SIGSTOP. */
1844 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1845 
1846 	/* The second wait() should report hitting the breakpoint. */
1847 	wpid = waitpid(fpid, &status, 0);
1848 	REQUIRE_EQ(wpid, fpid);
1849 	ATF_REQUIRE(WIFSTOPPED(status));
1850 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
1851 
1852 	/* Kill the child process. */
1853 	REQUIRE_EQ(ptrace(PT_KILL, fpid, 0, 0), 0);
1854 
1855 	/* The last wait() should report the SIGKILL. */
1856 	wpid = waitpid(fpid, &status, 0);
1857 	REQUIRE_EQ(wpid, fpid);
1858 	ATF_REQUIRE(WIFSIGNALED(status));
1859 	REQUIRE_EQ(WTERMSIG(status), SIGKILL);
1860 
1861 	wpid = wait(&status);
1862 	REQUIRE_EQ(wpid, -1);
1863 	REQUIRE_EQ(errno, ECHILD);
1864 }
1865 #endif /* HAVE_BREAKPOINT */
1866 
1867 /*
1868  * Verify that no more events are reported after PT_KILL except for the
1869  * process exit when stopped inside of a system call.
1870  */
1871 ATF_TC_WITHOUT_HEAD(ptrace__PT_KILL_system_call);
1872 ATF_TC_BODY(ptrace__PT_KILL_system_call, tc)
1873 {
1874 	struct ptrace_lwpinfo pl;
1875 	pid_t fpid, wpid;
1876 	int status;
1877 
1878 	ATF_REQUIRE((fpid = fork()) != -1);
1879 	if (fpid == 0) {
1880 		trace_me();
1881 		getpid();
1882 		exit(1);
1883 	}
1884 
1885 	/* The first wait() should report the stop from SIGSTOP. */
1886 	wpid = waitpid(fpid, &status, 0);
1887 	REQUIRE_EQ(wpid, fpid);
1888 	ATF_REQUIRE(WIFSTOPPED(status));
1889 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
1890 
1891 	/* Continue the child ignoring the SIGSTOP and tracing system calls. */
1892 	REQUIRE_EQ(ptrace(PT_SYSCALL, fpid, (caddr_t)1, 0), 0);
1893 
1894 	/* The second wait() should report a system call entry for getpid(). */
1895 	wpid = waitpid(fpid, &status, 0);
1896 	REQUIRE_EQ(wpid, fpid);
1897 	ATF_REQUIRE(WIFSTOPPED(status));
1898 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
1899 
1900 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
1901 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SCE);
1902 
1903 	/* Kill the child process. */
1904 	REQUIRE_EQ(ptrace(PT_KILL, fpid, 0, 0), 0);
1905 
1906 	/* The last wait() should report the SIGKILL. */
1907 	wpid = waitpid(fpid, &status, 0);
1908 	REQUIRE_EQ(wpid, fpid);
1909 	ATF_REQUIRE(WIFSIGNALED(status));
1910 	REQUIRE_EQ(WTERMSIG(status), SIGKILL);
1911 
1912 	wpid = wait(&status);
1913 	REQUIRE_EQ(wpid, -1);
1914 	REQUIRE_EQ(errno, ECHILD);
1915 }
1916 
1917 /*
1918  * Verify that no more events are reported after PT_KILL except for the
1919  * process exit when killing a multithreaded process.
1920  */
1921 ATF_TC_WITHOUT_HEAD(ptrace__PT_KILL_threads);
1922 ATF_TC_BODY(ptrace__PT_KILL_threads, tc)
1923 {
1924 	struct ptrace_lwpinfo pl;
1925 	pid_t fpid, wpid;
1926 	lwpid_t main_lwp;
1927 	int status;
1928 
1929 	ATF_REQUIRE((fpid = fork()) != -1);
1930 	if (fpid == 0) {
1931 		trace_me();
1932 		simple_thread_main();
1933 	}
1934 
1935 	/* The first wait() should report the stop from SIGSTOP. */
1936 	wpid = waitpid(fpid, &status, 0);
1937 	REQUIRE_EQ(wpid, fpid);
1938 	ATF_REQUIRE(WIFSTOPPED(status));
1939 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
1940 
1941 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl,
1942 	    sizeof(pl)) != -1);
1943 	main_lwp = pl.pl_lwpid;
1944 
1945 	REQUIRE_EQ(ptrace(PT_LWP_EVENTS, wpid, NULL, 1), 0);
1946 
1947 	/* Continue the child ignoring the SIGSTOP. */
1948 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
1949 
1950 	/* The first event should be for the child thread's birth. */
1951 	wpid = waitpid(fpid, &status, 0);
1952 	REQUIRE_EQ(wpid, fpid);
1953 	ATF_REQUIRE(WIFSTOPPED(status));
1954 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
1955 
1956 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
1957 	REQUIRE_EQ((pl.pl_flags & (PL_FLAG_BORN | PL_FLAG_SCX)),
1958 	    (PL_FLAG_BORN | PL_FLAG_SCX));
1959 	ATF_REQUIRE(pl.pl_lwpid != main_lwp);
1960 
1961 	/* Kill the child process. */
1962 	REQUIRE_EQ(ptrace(PT_KILL, fpid, 0, 0), 0);
1963 
1964 	/* The last wait() should report the SIGKILL. */
1965 	wpid = waitpid(fpid, &status, 0);
1966 	REQUIRE_EQ(wpid, fpid);
1967 	ATF_REQUIRE(WIFSIGNALED(status));
1968 	REQUIRE_EQ(WTERMSIG(status), SIGKILL);
1969 
1970 	wpid = wait(&status);
1971 	REQUIRE_EQ(wpid, -1);
1972 	REQUIRE_EQ(errno, ECHILD);
1973 }
1974 
1975 static void *
1976 mask_usr1_thread(void *arg)
1977 {
1978 	pthread_barrier_t *pbarrier;
1979 	sigset_t sigmask;
1980 
1981 	pbarrier = (pthread_barrier_t*)arg;
1982 
1983 	sigemptyset(&sigmask);
1984 	sigaddset(&sigmask, SIGUSR1);
1985 	CHILD_REQUIRE_EQ(pthread_sigmask(SIG_BLOCK, &sigmask, NULL), 0);
1986 
1987 	/* Sync up with other thread after sigmask updated. */
1988 	pthread_barrier_wait(pbarrier);
1989 
1990 	for (;;)
1991 		sleep(60);
1992 
1993 	return (NULL);
1994 }
1995 
1996 /*
1997  * Verify that the SIGKILL from PT_KILL takes priority over other signals
1998  * and prevents spurious stops due to those other signals.
1999  */
2000 ATF_TC(ptrace__PT_KILL_competing_signal);
2001 ATF_TC_HEAD(ptrace__PT_KILL_competing_signal, tc)
2002 {
2003 
2004 	atf_tc_set_md_var(tc, "require.user", "root");
2005 }
2006 ATF_TC_BODY(ptrace__PT_KILL_competing_signal, tc)
2007 {
2008 	pid_t fpid, wpid;
2009 	int status;
2010 	cpuset_t setmask;
2011 	pthread_t t;
2012 	pthread_barrier_t barrier;
2013 	struct sched_param sched_param;
2014 
2015 	ATF_REQUIRE((fpid = fork()) != -1);
2016 	if (fpid == 0) {
2017 		/* Bind to one CPU so only one thread at a time will run. */
2018 		CPU_ZERO(&setmask);
2019 		CPU_SET(0, &setmask);
2020 		cpusetid_t setid;
2021 		CHILD_REQUIRE_EQ(cpuset(&setid), 0);
2022 		CHILD_REQUIRE(cpuset_setaffinity(CPU_LEVEL_CPUSET,
2023 		    CPU_WHICH_CPUSET, setid, sizeof(setmask), &setmask) == 0);
2024 
2025 		CHILD_REQUIRE_EQ(pthread_barrier_init(&barrier, NULL, 2), 0);
2026 
2027 		CHILD_REQUIRE(pthread_create(&t, NULL, mask_usr1_thread,
2028 		    (void*)&barrier) == 0);
2029 
2030 		/*
2031 		 * Give the main thread higher priority. The test always
2032 		 * assumes that, if both threads are able to run, the main
2033 		 * thread runs first.
2034 		 */
2035 		sched_param.sched_priority =
2036 		    (sched_get_priority_max(SCHED_FIFO) +
2037 		    sched_get_priority_min(SCHED_FIFO)) / 2;
2038 		CHILD_REQUIRE(pthread_setschedparam(pthread_self(),
2039 		    SCHED_FIFO, &sched_param) == 0);
2040 		sched_param.sched_priority -= RQ_PPQ;
2041 		CHILD_REQUIRE(pthread_setschedparam(t, SCHED_FIFO,
2042 		    &sched_param) == 0);
2043 
2044 		sigset_t sigmask;
2045 		sigemptyset(&sigmask);
2046 		sigaddset(&sigmask, SIGUSR2);
2047 		CHILD_REQUIRE_EQ(pthread_sigmask(SIG_BLOCK, &sigmask, NULL), 0);
2048 
2049 		/* Sync up with other thread after sigmask updated. */
2050 		pthread_barrier_wait(&barrier);
2051 
2052 		trace_me();
2053 
2054 		for (;;)
2055 			sleep(60);
2056 
2057 		exit(1);
2058 	}
2059 
2060 	/* The first wait() should report the stop from SIGSTOP. */
2061 	wpid = waitpid(fpid, &status, 0);
2062 	REQUIRE_EQ(wpid, fpid);
2063 	ATF_REQUIRE(WIFSTOPPED(status));
2064 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
2065 
2066 	/* Continue the child ignoring the SIGSTOP. */
2067 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
2068 
2069 	/* Send a signal that only the second thread can handle. */
2070 	REQUIRE_EQ(kill(fpid, SIGUSR2), 0);
2071 
2072 	/* The second wait() should report the SIGUSR2. */
2073 	wpid = waitpid(fpid, &status, 0);
2074 	REQUIRE_EQ(wpid, fpid);
2075 	ATF_REQUIRE(WIFSTOPPED(status));
2076 	REQUIRE_EQ(WSTOPSIG(status), SIGUSR2);
2077 
2078 	/* Send a signal that only the first thread can handle. */
2079 	REQUIRE_EQ(kill(fpid, SIGUSR1), 0);
2080 
2081 	/* Replace the SIGUSR2 with a kill. */
2082 	REQUIRE_EQ(ptrace(PT_KILL, fpid, 0, 0), 0);
2083 
2084 	/* The last wait() should report the SIGKILL (not the SIGUSR signal). */
2085 	wpid = waitpid(fpid, &status, 0);
2086 	REQUIRE_EQ(wpid, fpid);
2087 	ATF_REQUIRE(WIFSIGNALED(status));
2088 	REQUIRE_EQ(WTERMSIG(status), SIGKILL);
2089 
2090 	wpid = wait(&status);
2091 	REQUIRE_EQ(wpid, -1);
2092 	REQUIRE_EQ(errno, ECHILD);
2093 }
2094 
2095 /*
2096  * Verify that the SIGKILL from PT_KILL takes priority over other stop events
2097  * and prevents spurious stops caused by those events.
2098  */
2099 ATF_TC(ptrace__PT_KILL_competing_stop);
2100 ATF_TC_HEAD(ptrace__PT_KILL_competing_stop, tc)
2101 {
2102 
2103 	atf_tc_set_md_var(tc, "require.user", "root");
2104 }
2105 ATF_TC_BODY(ptrace__PT_KILL_competing_stop, tc)
2106 {
2107 	pid_t fpid, wpid;
2108 	int status;
2109 	cpuset_t setmask;
2110 	pthread_t t;
2111 	pthread_barrier_t barrier;
2112 	lwpid_t main_lwp;
2113 	struct ptrace_lwpinfo pl;
2114 	struct sched_param sched_param;
2115 
2116 	ATF_REQUIRE((fpid = fork()) != -1);
2117 	if (fpid == 0) {
2118 		trace_me();
2119 
2120 		/* Bind to one CPU so only one thread at a time will run. */
2121 		CPU_ZERO(&setmask);
2122 		CPU_SET(0, &setmask);
2123 		cpusetid_t setid;
2124 		CHILD_REQUIRE_EQ(cpuset(&setid), 0);
2125 		CHILD_REQUIRE(cpuset_setaffinity(CPU_LEVEL_CPUSET,
2126 		    CPU_WHICH_CPUSET, setid, sizeof(setmask), &setmask) == 0);
2127 
2128 		CHILD_REQUIRE_EQ(pthread_barrier_init(&barrier, NULL, 2), 0);
2129 
2130 		CHILD_REQUIRE(pthread_create(&t, NULL, mask_usr1_thread,
2131 		    (void*)&barrier) == 0);
2132 
2133 		/*
2134 		 * Give the main thread higher priority. The test always
2135 		 * assumes that, if both threads are able to run, the main
2136 		 * thread runs first.
2137 		 */
2138 		sched_param.sched_priority =
2139 		    (sched_get_priority_max(SCHED_FIFO) +
2140 		    sched_get_priority_min(SCHED_FIFO)) / 2;
2141 		CHILD_REQUIRE(pthread_setschedparam(pthread_self(),
2142 		    SCHED_FIFO, &sched_param) == 0);
2143 		sched_param.sched_priority -= RQ_PPQ;
2144 		CHILD_REQUIRE(pthread_setschedparam(t, SCHED_FIFO,
2145 		    &sched_param) == 0);
2146 
2147 		sigset_t sigmask;
2148 		sigemptyset(&sigmask);
2149 		sigaddset(&sigmask, SIGUSR2);
2150 		CHILD_REQUIRE_EQ(pthread_sigmask(SIG_BLOCK, &sigmask, NULL), 0);
2151 
2152 		/* Sync up with other thread after sigmask updated. */
2153 		pthread_barrier_wait(&barrier);
2154 
2155 		/* Sync up with the test before doing the getpid(). */
2156 		raise(SIGSTOP);
2157 
2158 		getpid();
2159 		exit(1);
2160 	}
2161 
2162 	/* The first wait() should report the stop from SIGSTOP. */
2163 	wpid = waitpid(fpid, &status, 0);
2164 	REQUIRE_EQ(wpid, fpid);
2165 	ATF_REQUIRE(WIFSTOPPED(status));
2166 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
2167 
2168 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
2169 	main_lwp = pl.pl_lwpid;
2170 
2171 	/* Continue the child ignoring the SIGSTOP and tracing system calls. */
2172 	REQUIRE_EQ(ptrace(PT_SYSCALL, fpid, (caddr_t)1, 0), 0);
2173 
2174 	/*
2175 	 * Continue until child is done with setup, which is indicated with
2176 	 * SIGSTOP. Ignore system calls in the meantime.
2177 	 */
2178 	for (;;) {
2179 		wpid = waitpid(fpid, &status, 0);
2180 		REQUIRE_EQ(wpid, fpid);
2181 		ATF_REQUIRE(WIFSTOPPED(status));
2182 		if (WSTOPSIG(status) == SIGTRAP) {
2183 			ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl,
2184 			    sizeof(pl)) != -1);
2185 			ATF_REQUIRE(pl.pl_flags & (PL_FLAG_SCE | PL_FLAG_SCX));
2186 		} else {
2187 			REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
2188 			break;
2189 		}
2190 		REQUIRE_EQ(ptrace(PT_SYSCALL, fpid, (caddr_t)1, 0), 0);
2191 	}
2192 
2193 	/* Proceed, allowing main thread to hit syscall entry for getpid(). */
2194 	REQUIRE_EQ(ptrace(PT_SYSCALL, fpid, (caddr_t)1, 0), 0);
2195 
2196 	wpid = waitpid(fpid, &status, 0);
2197 	REQUIRE_EQ(wpid, fpid);
2198 	ATF_REQUIRE(WIFSTOPPED(status));
2199 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
2200 
2201 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl,
2202 	    sizeof(pl)) != -1);
2203 	REQUIRE_EQ(pl.pl_lwpid, main_lwp);
2204 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SCE);
2205 	/* Prevent the main thread from hitting its syscall exit for now. */
2206 	REQUIRE_EQ(ptrace(PT_SUSPEND, main_lwp, 0, 0), 0);
2207 
2208 	/*
2209 	 * Proceed, allowing second thread to hit syscall exit for
2210 	 * pthread_barrier_wait().
2211 	 */
2212 	REQUIRE_EQ(ptrace(PT_SYSCALL, fpid, (caddr_t)1, 0), 0);
2213 
2214 	wpid = waitpid(fpid, &status, 0);
2215 	REQUIRE_EQ(wpid, fpid);
2216 	ATF_REQUIRE(WIFSTOPPED(status));
2217 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
2218 
2219 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl,
2220 	    sizeof(pl)) != -1);
2221 	ATF_REQUIRE(pl.pl_lwpid != main_lwp);
2222 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SCX);
2223 
2224 	/* Send a signal that only the second thread can handle. */
2225 	REQUIRE_EQ(kill(fpid, SIGUSR2), 0);
2226 
2227 	REQUIRE_EQ(ptrace(PT_SYSCALL, fpid, (caddr_t)1, 0), 0);
2228 
2229 	/* The next wait() should report the SIGUSR2. */
2230 	wpid = waitpid(fpid, &status, 0);
2231 	REQUIRE_EQ(wpid, fpid);
2232 	ATF_REQUIRE(WIFSTOPPED(status));
2233 	REQUIRE_EQ(WSTOPSIG(status), SIGUSR2);
2234 
2235 	/* Allow the main thread to try to finish its system call. */
2236 	REQUIRE_EQ(ptrace(PT_RESUME, main_lwp, 0, 0), 0);
2237 
2238 	/*
2239 	 * At this point, the main thread is in the middle of a system call and
2240 	 * has been resumed. The second thread has taken a SIGUSR2 which will
2241 	 * be replaced with a SIGKILL below. The main thread will get to run
2242 	 * first. It should notice the kill request (even though the signal
2243 	 * replacement occurred in the other thread) and exit accordingly.  It
2244 	 * should not stop for the system call exit event.
2245 	 */
2246 
2247 	/* Replace the SIGUSR2 with a kill. */
2248 	REQUIRE_EQ(ptrace(PT_KILL, fpid, 0, 0), 0);
2249 
2250 	/* The last wait() should report the SIGKILL (not a syscall exit). */
2251 	wpid = waitpid(fpid, &status, 0);
2252 	REQUIRE_EQ(wpid, fpid);
2253 	ATF_REQUIRE(WIFSIGNALED(status));
2254 	REQUIRE_EQ(WTERMSIG(status), SIGKILL);
2255 
2256 	wpid = wait(&status);
2257 	REQUIRE_EQ(wpid, -1);
2258 	REQUIRE_EQ(errno, ECHILD);
2259 }
2260 
2261 static void
2262 sigusr1_handler(int sig)
2263 {
2264 
2265 	CHILD_REQUIRE_EQ(sig, SIGUSR1);
2266 	_exit(2);
2267 }
2268 
2269 /*
2270  * Verify that even if the signal queue is full for a child process,
2271  * a PT_KILL will kill the process.
2272  */
2273 ATF_TC_WITHOUT_HEAD(ptrace__PT_KILL_with_signal_full_sigqueue);
2274 ATF_TC_BODY(ptrace__PT_KILL_with_signal_full_sigqueue, tc)
2275 {
2276 	pid_t fpid, wpid;
2277 	int status;
2278 	int max_pending_per_proc;
2279 	size_t len;
2280 	int i;
2281 
2282 	ATF_REQUIRE(signal(SIGUSR1, sigusr1_handler) != SIG_ERR);
2283 
2284 	ATF_REQUIRE((fpid = fork()) != -1);
2285 	if (fpid == 0) {
2286 		trace_me();
2287 		exit(1);
2288 	}
2289 
2290 	/* The first wait() should report the stop from SIGSTOP. */
2291 	wpid = waitpid(fpid, &status, 0);
2292 	REQUIRE_EQ(wpid, fpid);
2293 	ATF_REQUIRE(WIFSTOPPED(status));
2294 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
2295 
2296 	len = sizeof(max_pending_per_proc);
2297 	ATF_REQUIRE(sysctlbyname("kern.sigqueue.max_pending_per_proc",
2298 	    &max_pending_per_proc, &len, NULL, 0) == 0);
2299 
2300 	/* Fill the signal queue. */
2301 	for (i = 0; i < max_pending_per_proc; ++i)
2302 		REQUIRE_EQ(kill(fpid, SIGUSR1), 0);
2303 
2304 	/* Kill the child process. */
2305 	REQUIRE_EQ(ptrace(PT_KILL, fpid, 0, 0), 0);
2306 
2307 	/* The last wait() should report the SIGKILL. */
2308 	wpid = waitpid(fpid, &status, 0);
2309 	REQUIRE_EQ(wpid, fpid);
2310 	ATF_REQUIRE(WIFSIGNALED(status));
2311 	REQUIRE_EQ(WTERMSIG(status), SIGKILL);
2312 
2313 	wpid = wait(&status);
2314 	REQUIRE_EQ(wpid, -1);
2315 	REQUIRE_EQ(errno, ECHILD);
2316 }
2317 
2318 /*
2319  * Verify that when stopped at a system call entry, a signal can be
2320  * requested with PT_CONTINUE which will be delivered once the system
2321  * call is complete.
2322  */
2323 ATF_TC_WITHOUT_HEAD(ptrace__PT_CONTINUE_with_signal_system_call_entry);
2324 ATF_TC_BODY(ptrace__PT_CONTINUE_with_signal_system_call_entry, tc)
2325 {
2326 	struct ptrace_lwpinfo pl;
2327 	pid_t fpid, wpid;
2328 	int status;
2329 
2330 	ATF_REQUIRE(signal(SIGUSR1, sigusr1_handler) != SIG_ERR);
2331 
2332 	ATF_REQUIRE((fpid = fork()) != -1);
2333 	if (fpid == 0) {
2334 		trace_me();
2335 		getpid();
2336 		exit(1);
2337 	}
2338 
2339 	/* The first wait() should report the stop from SIGSTOP. */
2340 	wpid = waitpid(fpid, &status, 0);
2341 	REQUIRE_EQ(wpid, fpid);
2342 	ATF_REQUIRE(WIFSTOPPED(status));
2343 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
2344 
2345 	/* Continue the child ignoring the SIGSTOP and tracing system calls. */
2346 	REQUIRE_EQ(ptrace(PT_SYSCALL, fpid, (caddr_t)1, 0), 0);
2347 
2348 	/* The second wait() should report a system call entry for getpid(). */
2349 	wpid = waitpid(fpid, &status, 0);
2350 	REQUIRE_EQ(wpid, fpid);
2351 	ATF_REQUIRE(WIFSTOPPED(status));
2352 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
2353 
2354 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
2355 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SCE);
2356 
2357 	/* Continue the child process with a signal. */
2358 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, SIGUSR1), 0);
2359 
2360 	for (;;) {
2361 		/*
2362 		 * The last wait() should report exit 2, i.e., a normal _exit
2363 		 * from the signal handler. In the meantime, catch and proceed
2364 		 * past any syscall stops.
2365 		 */
2366 		wpid = waitpid(fpid, &status, 0);
2367 		REQUIRE_EQ(wpid, fpid);
2368 		if (WIFSTOPPED(status) && WSTOPSIG(status) == SIGTRAP) {
2369 			ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
2370 			ATF_REQUIRE(pl.pl_flags & (PL_FLAG_SCE | PL_FLAG_SCX));
2371 			REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
2372 		} else {
2373 			ATF_REQUIRE(WIFEXITED(status));
2374 			REQUIRE_EQ(WEXITSTATUS(status), 2);
2375 			break;
2376 		}
2377 	}
2378 
2379 	wpid = wait(&status);
2380 	REQUIRE_EQ(wpid, -1);
2381 	REQUIRE_EQ(errno, ECHILD);
2382 }
2383 
2384 static void
2385 sigusr1_counting_handler(int sig)
2386 {
2387 	static int counter = 0;
2388 
2389 	CHILD_REQUIRE_EQ(sig, SIGUSR1);
2390 	counter++;
2391 	if (counter == 2)
2392 		_exit(2);
2393 }
2394 
2395 /*
2396  * Verify that, when continuing from a stop at system call entry and exit,
2397  * a signal can be requested from both stops, and both will be delivered when
2398  * the system call is complete.
2399  */
2400 ATF_TC_WITHOUT_HEAD(ptrace__PT_CONTINUE_with_signal_system_call_entry_and_exit);
2401 ATF_TC_BODY(ptrace__PT_CONTINUE_with_signal_system_call_entry_and_exit, tc)
2402 {
2403 	struct ptrace_lwpinfo pl;
2404 	pid_t fpid, wpid;
2405 	int status;
2406 
2407 	ATF_REQUIRE(signal(SIGUSR1, sigusr1_counting_handler) != SIG_ERR);
2408 
2409 	ATF_REQUIRE((fpid = fork()) != -1);
2410 	if (fpid == 0) {
2411 		trace_me();
2412 		getpid();
2413 		exit(1);
2414 	}
2415 
2416 	/* The first wait() should report the stop from SIGSTOP. */
2417 	wpid = waitpid(fpid, &status, 0);
2418 	REQUIRE_EQ(wpid, fpid);
2419 	ATF_REQUIRE(WIFSTOPPED(status));
2420 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
2421 
2422 	/* Continue the child ignoring the SIGSTOP and tracing system calls. */
2423 	REQUIRE_EQ(ptrace(PT_SYSCALL, fpid, (caddr_t)1, 0), 0);
2424 
2425 	/* The second wait() should report a system call entry for getpid(). */
2426 	wpid = waitpid(fpid, &status, 0);
2427 	REQUIRE_EQ(wpid, fpid);
2428 	ATF_REQUIRE(WIFSTOPPED(status));
2429 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
2430 
2431 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
2432 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SCE);
2433 
2434 	/* Continue the child process with a signal. */
2435 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, SIGUSR1), 0);
2436 
2437 	/* The third wait() should report a system call exit for getpid(). */
2438 	wpid = waitpid(fpid, &status, 0);
2439 	REQUIRE_EQ(wpid, fpid);
2440 	ATF_REQUIRE(WIFSTOPPED(status));
2441 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
2442 
2443 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
2444 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SCX);
2445 
2446 	/* Continue the child process with a signal. */
2447 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, SIGUSR1), 0);
2448 
2449 	for (;;) {
2450 		/*
2451 		 * The last wait() should report exit 2, i.e., a normal _exit
2452 		 * from the signal handler. In the meantime, catch and proceed
2453 		 * past any syscall stops.
2454 		 */
2455 		wpid = waitpid(fpid, &status, 0);
2456 		REQUIRE_EQ(wpid, fpid);
2457 		if (WIFSTOPPED(status) && WSTOPSIG(status) == SIGTRAP) {
2458 			ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
2459 			ATF_REQUIRE(pl.pl_flags & (PL_FLAG_SCE | PL_FLAG_SCX));
2460 			REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
2461 		} else {
2462 			ATF_REQUIRE(WIFEXITED(status));
2463 			REQUIRE_EQ(WEXITSTATUS(status), 2);
2464 			break;
2465 		}
2466 	}
2467 
2468 	wpid = wait(&status);
2469 	REQUIRE_EQ(wpid, -1);
2470 	REQUIRE_EQ(errno, ECHILD);
2471 }
2472 
2473 /*
2474  * Verify that even if the signal queue is full for a child process,
2475  * a PT_CONTINUE with a signal will not result in loss of that signal.
2476  */
2477 ATF_TC_WITHOUT_HEAD(ptrace__PT_CONTINUE_with_signal_full_sigqueue);
2478 ATF_TC_BODY(ptrace__PT_CONTINUE_with_signal_full_sigqueue, tc)
2479 {
2480 	pid_t fpid, wpid;
2481 	int status;
2482 	int max_pending_per_proc;
2483 	size_t len;
2484 	int i;
2485 
2486 	ATF_REQUIRE(signal(SIGUSR2, handler) != SIG_ERR);
2487 	ATF_REQUIRE(signal(SIGUSR1, sigusr1_handler) != SIG_ERR);
2488 
2489 	ATF_REQUIRE((fpid = fork()) != -1);
2490 	if (fpid == 0) {
2491 		trace_me();
2492 		exit(1);
2493 	}
2494 
2495 	/* The first wait() should report the stop from SIGSTOP. */
2496 	wpid = waitpid(fpid, &status, 0);
2497 	REQUIRE_EQ(wpid, fpid);
2498 	ATF_REQUIRE(WIFSTOPPED(status));
2499 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
2500 
2501 	len = sizeof(max_pending_per_proc);
2502 	ATF_REQUIRE(sysctlbyname("kern.sigqueue.max_pending_per_proc",
2503 	    &max_pending_per_proc, &len, NULL, 0) == 0);
2504 
2505 	/* Fill the signal queue. */
2506 	for (i = 0; i < max_pending_per_proc; ++i)
2507 		REQUIRE_EQ(kill(fpid, SIGUSR2), 0);
2508 
2509 	/* Continue with signal. */
2510 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, SIGUSR1), 0);
2511 
2512 	for (;;) {
2513 		wpid = waitpid(fpid, &status, 0);
2514 		REQUIRE_EQ(wpid, fpid);
2515 		if (WIFSTOPPED(status)) {
2516 			REQUIRE_EQ(WSTOPSIG(status), SIGUSR2);
2517 			REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
2518 		} else {
2519 			/*
2520 			 * The last wait() should report normal _exit from the
2521 			 * SIGUSR1 handler.
2522 			 */
2523 			ATF_REQUIRE(WIFEXITED(status));
2524 			REQUIRE_EQ(WEXITSTATUS(status), 2);
2525 			break;
2526 		}
2527 	}
2528 
2529 	wpid = wait(&status);
2530 	REQUIRE_EQ(wpid, -1);
2531 	REQUIRE_EQ(errno, ECHILD);
2532 }
2533 
2534 static sem_t sigusr1_sem;
2535 static int got_usr1;
2536 
2537 static void
2538 sigusr1_sempost_handler(int sig __unused)
2539 {
2540 
2541 	got_usr1++;
2542 	CHILD_REQUIRE_EQ(sem_post(&sigusr1_sem), 0);
2543 }
2544 
2545 /*
2546  * Verify that even if the signal queue is full for a child process,
2547  * and the signal is masked, a PT_CONTINUE with a signal will not
2548  * result in loss of that signal.
2549  */
2550 ATF_TC_WITHOUT_HEAD(ptrace__PT_CONTINUE_with_signal_masked_full_sigqueue);
2551 ATF_TC_BODY(ptrace__PT_CONTINUE_with_signal_masked_full_sigqueue, tc)
2552 {
2553 	struct ptrace_lwpinfo pl;
2554 	pid_t fpid, wpid;
2555 	int status, err;
2556 	int max_pending_per_proc;
2557 	size_t len;
2558 	int i;
2559 	sigset_t sigmask;
2560 
2561 	ATF_REQUIRE(signal(SIGUSR2, handler) != SIG_ERR);
2562 	REQUIRE_EQ(sem_init(&sigusr1_sem, 0, 0), 0);
2563 	ATF_REQUIRE(signal(SIGUSR1, sigusr1_sempost_handler) != SIG_ERR);
2564 
2565 	got_usr1 = 0;
2566 	ATF_REQUIRE((fpid = fork()) != -1);
2567 	if (fpid == 0) {
2568 		CHILD_REQUIRE_EQ(sigemptyset(&sigmask), 0);
2569 		CHILD_REQUIRE_EQ(sigaddset(&sigmask, SIGUSR1), 0);
2570 		CHILD_REQUIRE_EQ(sigprocmask(SIG_BLOCK, &sigmask, NULL), 0);
2571 
2572 		trace_me();
2573 		CHILD_REQUIRE_EQ(got_usr1, 0);
2574 
2575 		/* Allow the pending SIGUSR1 in now. */
2576 		CHILD_REQUIRE_EQ(sigprocmask(SIG_UNBLOCK, &sigmask, NULL), 0);
2577 		/* Wait to receive the SIGUSR1. */
2578 		do {
2579 			err = sem_wait(&sigusr1_sem);
2580 			CHILD_REQUIRE(err == 0 || errno == EINTR);
2581 		} while (err != 0 && errno == EINTR);
2582 		CHILD_REQUIRE_EQ(got_usr1, 1);
2583 		exit(1);
2584 	}
2585 
2586 	/* The first wait() should report the stop from SIGSTOP. */
2587 	wpid = waitpid(fpid, &status, 0);
2588 	REQUIRE_EQ(wpid, fpid);
2589 	ATF_REQUIRE(WIFSTOPPED(status));
2590 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
2591 
2592 	len = sizeof(max_pending_per_proc);
2593 	ATF_REQUIRE(sysctlbyname("kern.sigqueue.max_pending_per_proc",
2594 	    &max_pending_per_proc, &len, NULL, 0) == 0);
2595 
2596 	/* Fill the signal queue. */
2597 	for (i = 0; i < max_pending_per_proc; ++i)
2598 		REQUIRE_EQ(kill(fpid, SIGUSR2), 0);
2599 
2600 	/* Continue with signal. */
2601 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, SIGUSR1), 0);
2602 
2603 	/* Collect and ignore all of the SIGUSR2. */
2604 	for (i = 0; i < max_pending_per_proc; ++i) {
2605 		wpid = waitpid(fpid, &status, 0);
2606 		REQUIRE_EQ(wpid, fpid);
2607 		ATF_REQUIRE(WIFSTOPPED(status));
2608 		REQUIRE_EQ(WSTOPSIG(status), SIGUSR2);
2609 		REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
2610 	}
2611 
2612 	/* Now our PT_CONTINUE'd SIGUSR1 should cause a stop after unmask. */
2613 	wpid = waitpid(fpid, &status, 0);
2614 	REQUIRE_EQ(wpid, fpid);
2615 	ATF_REQUIRE(WIFSTOPPED(status));
2616 	REQUIRE_EQ(WSTOPSIG(status), SIGUSR1);
2617 	ATF_REQUIRE(ptrace(PT_LWPINFO, fpid, (caddr_t)&pl, sizeof(pl)) != -1);
2618 	REQUIRE_EQ(pl.pl_siginfo.si_signo, SIGUSR1);
2619 
2620 	/* Continue the child, ignoring the SIGUSR1. */
2621 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
2622 
2623 	/* The last wait() should report exit after receiving SIGUSR1. */
2624 	wpid = waitpid(fpid, &status, 0);
2625 	REQUIRE_EQ(wpid, fpid);
2626 	ATF_REQUIRE(WIFEXITED(status));
2627 	REQUIRE_EQ(WEXITSTATUS(status), 1);
2628 
2629 	wpid = wait(&status);
2630 	REQUIRE_EQ(wpid, -1);
2631 	REQUIRE_EQ(errno, ECHILD);
2632 }
2633 
2634 /*
2635  * Verify that, after stopping due to a signal, that signal can be
2636  * replaced with another signal.
2637  */
2638 ATF_TC_WITHOUT_HEAD(ptrace__PT_CONTINUE_change_sig);
2639 ATF_TC_BODY(ptrace__PT_CONTINUE_change_sig, tc)
2640 {
2641 	struct ptrace_lwpinfo pl;
2642 	pid_t fpid, wpid;
2643 	int status;
2644 
2645 	ATF_REQUIRE((fpid = fork()) != -1);
2646 	if (fpid == 0) {
2647 		trace_me();
2648 		sleep(20);
2649 		exit(1);
2650 	}
2651 
2652 	/* The first wait() should report the stop from SIGSTOP. */
2653 	wpid = waitpid(fpid, &status, 0);
2654 	REQUIRE_EQ(wpid, fpid);
2655 	ATF_REQUIRE(WIFSTOPPED(status));
2656 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
2657 
2658 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
2659 
2660 	/* Send a signal without ptrace. */
2661 	REQUIRE_EQ(kill(fpid, SIGINT), 0);
2662 
2663 	/* The second wait() should report a SIGINT was received. */
2664 	wpid = waitpid(fpid, &status, 0);
2665 	REQUIRE_EQ(wpid, fpid);
2666 	ATF_REQUIRE(WIFSTOPPED(status));
2667 	REQUIRE_EQ(WSTOPSIG(status), SIGINT);
2668 
2669 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
2670 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SI);
2671 	REQUIRE_EQ(pl.pl_siginfo.si_signo, SIGINT);
2672 
2673 	/* Continue the child process with a different signal. */
2674 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, SIGTERM), 0);
2675 
2676 	/*
2677 	 * The last wait() should report having died due to the new
2678 	 * signal, SIGTERM.
2679 	 */
2680 	wpid = waitpid(fpid, &status, 0);
2681 	REQUIRE_EQ(wpid, fpid);
2682 	ATF_REQUIRE(WIFSIGNALED(status));
2683 	REQUIRE_EQ(WTERMSIG(status), SIGTERM);
2684 
2685 	wpid = wait(&status);
2686 	REQUIRE_EQ(wpid, -1);
2687 	REQUIRE_EQ(errno, ECHILD);
2688 }
2689 
2690 /*
2691  * Verify that a signal can be passed through to the child even when there
2692  * was no true signal originally. Such cases arise when a SIGTRAP is
2693  * invented for e.g, system call stops.
2694  */
2695 ATF_TC_WITHOUT_HEAD(ptrace__PT_CONTINUE_with_sigtrap_system_call_entry);
2696 ATF_TC_BODY(ptrace__PT_CONTINUE_with_sigtrap_system_call_entry, tc)
2697 {
2698 	struct ptrace_lwpinfo pl;
2699 	struct rlimit rl;
2700 	pid_t fpid, wpid;
2701 	int status;
2702 
2703 	ATF_REQUIRE((fpid = fork()) != -1);
2704 	if (fpid == 0) {
2705 		trace_me();
2706 		/* SIGTRAP expected to cause exit on syscall entry. */
2707 		rl.rlim_cur = rl.rlim_max = 0;
2708 		REQUIRE_EQ(setrlimit(RLIMIT_CORE, &rl), 0);
2709 		getpid();
2710 		exit(1);
2711 	}
2712 
2713 	/* The first wait() should report the stop from SIGSTOP. */
2714 	wpid = waitpid(fpid, &status, 0);
2715 	REQUIRE_EQ(wpid, fpid);
2716 	ATF_REQUIRE(WIFSTOPPED(status));
2717 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
2718 
2719 	/* Continue the child ignoring the SIGSTOP and tracing system calls. */
2720 	REQUIRE_EQ(ptrace(PT_SYSCALL, fpid, (caddr_t)1, 0), 0);
2721 
2722 	/* The second wait() should report a system call entry for getpid(). */
2723 	wpid = waitpid(fpid, &status, 0);
2724 	REQUIRE_EQ(wpid, fpid);
2725 	ATF_REQUIRE(WIFSTOPPED(status));
2726 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
2727 
2728 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
2729 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SCE);
2730 
2731 	/* Continue the child process with a SIGTRAP. */
2732 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, SIGTRAP), 0);
2733 
2734 	for (;;) {
2735 		/*
2736 		 * The last wait() should report exit due to SIGTRAP.  In the
2737 		 * meantime, catch and proceed past any syscall stops.
2738 		 */
2739 		wpid = waitpid(fpid, &status, 0);
2740 		REQUIRE_EQ(wpid, fpid);
2741 		if (WIFSTOPPED(status) && WSTOPSIG(status) == SIGTRAP) {
2742 			ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
2743 			ATF_REQUIRE(pl.pl_flags & (PL_FLAG_SCE | PL_FLAG_SCX));
2744 			REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
2745 		} else {
2746 			ATF_REQUIRE(WIFSIGNALED(status));
2747 			REQUIRE_EQ(WTERMSIG(status), SIGTRAP);
2748 			break;
2749 		}
2750 	}
2751 
2752 	wpid = wait(&status);
2753 	REQUIRE_EQ(wpid, -1);
2754 	REQUIRE_EQ(errno, ECHILD);
2755 }
2756 
2757 /*
2758  * A mixed bag PT_CONTINUE with signal test.
2759  */
2760 ATF_TC_WITHOUT_HEAD(ptrace__PT_CONTINUE_with_signal_mix);
2761 ATF_TC_BODY(ptrace__PT_CONTINUE_with_signal_mix, tc)
2762 {
2763 	struct ptrace_lwpinfo pl;
2764 	pid_t fpid, wpid;
2765 	int status;
2766 
2767 	ATF_REQUIRE(signal(SIGUSR1, sigusr1_counting_handler) != SIG_ERR);
2768 
2769 	ATF_REQUIRE((fpid = fork()) != -1);
2770 	if (fpid == 0) {
2771 		trace_me();
2772 		getpid();
2773 		exit(1);
2774 	}
2775 
2776 	/* The first wait() should report the stop from SIGSTOP. */
2777 	wpid = waitpid(fpid, &status, 0);
2778 	REQUIRE_EQ(wpid, fpid);
2779 	ATF_REQUIRE(WIFSTOPPED(status));
2780 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
2781 
2782 	/* Continue the child ignoring the SIGSTOP and tracing system calls. */
2783 	REQUIRE_EQ(ptrace(PT_SYSCALL, fpid, (caddr_t)1, 0), 0);
2784 
2785 	/* The second wait() should report a system call entry for getpid(). */
2786 	wpid = waitpid(fpid, &status, 0);
2787 	REQUIRE_EQ(wpid, fpid);
2788 	ATF_REQUIRE(WIFSTOPPED(status));
2789 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
2790 
2791 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
2792 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SCE);
2793 
2794 	/* Continue with the first SIGUSR1. */
2795 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, SIGUSR1), 0);
2796 
2797 	/* The next wait() should report a system call exit for getpid(). */
2798 	wpid = waitpid(fpid, &status, 0);
2799 	REQUIRE_EQ(wpid, fpid);
2800 	ATF_REQUIRE(WIFSTOPPED(status));
2801 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
2802 
2803 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
2804 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SCX);
2805 
2806 	/* Send an ABRT without ptrace. */
2807 	REQUIRE_EQ(kill(fpid, SIGABRT), 0);
2808 
2809 	/* Continue normally. */
2810 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
2811 
2812 	/* The next wait() should report the SIGABRT. */
2813 	wpid = waitpid(fpid, &status, 0);
2814 	REQUIRE_EQ(wpid, fpid);
2815 	ATF_REQUIRE(WIFSTOPPED(status));
2816 	REQUIRE_EQ(WSTOPSIG(status), SIGABRT);
2817 
2818 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
2819 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SI);
2820 	REQUIRE_EQ(pl.pl_siginfo.si_signo, SIGABRT);
2821 
2822 	/* Continue, replacing the SIGABRT with another SIGUSR1. */
2823 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, SIGUSR1), 0);
2824 
2825 	for (;;) {
2826 		/*
2827 		 * The last wait() should report exit 2, i.e., a normal _exit
2828 		 * from the signal handler. In the meantime, catch and proceed
2829 		 * past any syscall stops.
2830 		 */
2831 		wpid = waitpid(fpid, &status, 0);
2832 		REQUIRE_EQ(wpid, fpid);
2833 		if (WIFSTOPPED(status) && WSTOPSIG(status) == SIGTRAP) {
2834 			ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
2835 			ATF_REQUIRE(pl.pl_flags & (PL_FLAG_SCE | PL_FLAG_SCX));
2836 			REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
2837 		} else {
2838 			ATF_REQUIRE(WIFEXITED(status));
2839 			REQUIRE_EQ(WEXITSTATUS(status), 2);
2840 			break;
2841 		}
2842 	}
2843 
2844 	wpid = wait(&status);
2845 	REQUIRE_EQ(wpid, -1);
2846 	REQUIRE_EQ(errno, ECHILD);
2847 }
2848 
2849 /*
2850  * Verify a signal delivered by ptrace is noticed by kevent(2).
2851  */
2852 ATF_TC_WITHOUT_HEAD(ptrace__PT_CONTINUE_with_signal_kqueue);
2853 ATF_TC_BODY(ptrace__PT_CONTINUE_with_signal_kqueue, tc)
2854 {
2855 	pid_t fpid, wpid;
2856 	int status, kq, nevents;
2857 	struct kevent kev;
2858 
2859 	ATF_REQUIRE(signal(SIGUSR1, SIG_IGN) != SIG_ERR);
2860 
2861 	ATF_REQUIRE((fpid = fork()) != -1);
2862 	if (fpid == 0) {
2863 		CHILD_REQUIRE((kq = kqueue()) > 0);
2864 		EV_SET(&kev, SIGUSR1, EVFILT_SIGNAL, EV_ADD, 0, 0, 0);
2865 		CHILD_REQUIRE_EQ(kevent(kq, &kev, 1, NULL, 0, NULL), 0);
2866 
2867 		trace_me();
2868 
2869 		for (;;) {
2870 			nevents = kevent(kq, NULL, 0, &kev, 1, NULL);
2871 			if (nevents == -1 && errno == EINTR)
2872 				continue;
2873 			CHILD_REQUIRE(nevents > 0);
2874 			CHILD_REQUIRE_EQ(kev.filter, EVFILT_SIGNAL);
2875 			CHILD_REQUIRE_EQ(kev.ident, (uintptr_t)SIGUSR1);
2876 			break;
2877 		}
2878 
2879 		exit(1);
2880 	}
2881 
2882 	/* The first wait() should report the stop from SIGSTOP. */
2883 	wpid = waitpid(fpid, &status, 0);
2884 	REQUIRE_EQ(wpid, fpid);
2885 	ATF_REQUIRE(WIFSTOPPED(status));
2886 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
2887 
2888 	/* Continue with the SIGUSR1. */
2889 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, SIGUSR1), 0);
2890 
2891 	/*
2892 	 * The last wait() should report normal exit with code 1.
2893 	 */
2894 	wpid = waitpid(fpid, &status, 0);
2895 	REQUIRE_EQ(wpid, fpid);
2896 	ATF_REQUIRE(WIFEXITED(status));
2897 	REQUIRE_EQ(WEXITSTATUS(status), 1);
2898 
2899 	wpid = wait(&status);
2900 	REQUIRE_EQ(wpid, -1);
2901 	REQUIRE_EQ(errno, ECHILD);
2902 }
2903 
2904 static void *
2905 signal_thread(void *arg)
2906 {
2907 	int err;
2908 	sigset_t sigmask;
2909 
2910 	pthread_barrier_t *pbarrier = (pthread_barrier_t*)arg;
2911 
2912 	/* Wait for this thread to receive a SIGUSR1. */
2913 	do {
2914 		err = sem_wait(&sigusr1_sem);
2915 		CHILD_REQUIRE(err == 0 || errno == EINTR);
2916 	} while (err != 0 && errno == EINTR);
2917 
2918 	/* Free our companion thread from the barrier. */
2919 	pthread_barrier_wait(pbarrier);
2920 
2921 	/*
2922 	 * Swap ignore duties; the next SIGUSR1 should go to the
2923 	 * other thread.
2924 	 */
2925 	CHILD_REQUIRE_EQ(sigemptyset(&sigmask), 0);
2926 	CHILD_REQUIRE_EQ(sigaddset(&sigmask, SIGUSR1), 0);
2927 	CHILD_REQUIRE_EQ(pthread_sigmask(SIG_BLOCK, &sigmask, NULL), 0);
2928 
2929 	/* Sync up threads after swapping signal masks. */
2930 	pthread_barrier_wait(pbarrier);
2931 
2932 	/* Wait until our companion has received its SIGUSR1. */
2933 	pthread_barrier_wait(pbarrier);
2934 
2935 	return (NULL);
2936 }
2937 
2938 /*
2939  * Verify that a traced process with blocked signal received the
2940  * signal from kill() once unmasked.
2941  */
2942 ATF_TC_WITHOUT_HEAD(ptrace__killed_with_sigmask);
2943 ATF_TC_BODY(ptrace__killed_with_sigmask, tc)
2944 {
2945 	struct ptrace_lwpinfo pl;
2946 	pid_t fpid, wpid;
2947 	int status, err;
2948 	sigset_t sigmask;
2949 
2950 	REQUIRE_EQ(sem_init(&sigusr1_sem, 0, 0), 0);
2951 	ATF_REQUIRE(signal(SIGUSR1, sigusr1_sempost_handler) != SIG_ERR);
2952 	got_usr1 = 0;
2953 
2954 	ATF_REQUIRE((fpid = fork()) != -1);
2955 	if (fpid == 0) {
2956 		CHILD_REQUIRE_EQ(sigemptyset(&sigmask), 0);
2957 		CHILD_REQUIRE_EQ(sigaddset(&sigmask, SIGUSR1), 0);
2958 		CHILD_REQUIRE_EQ(sigprocmask(SIG_BLOCK, &sigmask, NULL), 0);
2959 
2960 		trace_me();
2961 		CHILD_REQUIRE_EQ(got_usr1, 0);
2962 
2963 		/* Allow the pending SIGUSR1 in now. */
2964 		CHILD_REQUIRE_EQ(sigprocmask(SIG_UNBLOCK, &sigmask, NULL), 0);
2965 		/* Wait to receive a SIGUSR1. */
2966 		do {
2967 			err = sem_wait(&sigusr1_sem);
2968 			CHILD_REQUIRE(err == 0 || errno == EINTR);
2969 		} while (err != 0 && errno == EINTR);
2970 		CHILD_REQUIRE_EQ(got_usr1, 1);
2971 		exit(1);
2972 	}
2973 
2974 	/* The first wait() should report the stop from SIGSTOP. */
2975 	wpid = waitpid(fpid, &status, 0);
2976 	REQUIRE_EQ(wpid, fpid);
2977 	ATF_REQUIRE(WIFSTOPPED(status));
2978 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
2979 	ATF_REQUIRE(ptrace(PT_LWPINFO, fpid, (caddr_t)&pl, sizeof(pl)) != -1);
2980 	REQUIRE_EQ(pl.pl_siginfo.si_signo, SIGSTOP);
2981 
2982 	/* Send blocked SIGUSR1 which should cause a stop. */
2983 	REQUIRE_EQ(kill(fpid, SIGUSR1), 0);
2984 
2985 	/* Continue the child ignoring the SIGSTOP. */
2986 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
2987 
2988 	/* The next wait() should report the kill(SIGUSR1) was received. */
2989 	wpid = waitpid(fpid, &status, 0);
2990 	REQUIRE_EQ(wpid, fpid);
2991 	ATF_REQUIRE(WIFSTOPPED(status));
2992 	REQUIRE_EQ(WSTOPSIG(status), SIGUSR1);
2993 	ATF_REQUIRE(ptrace(PT_LWPINFO, fpid, (caddr_t)&pl, sizeof(pl)) != -1);
2994 	REQUIRE_EQ(pl.pl_siginfo.si_signo, SIGUSR1);
2995 
2996 	/* Continue the child, allowing in the SIGUSR1. */
2997 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, SIGUSR1), 0);
2998 
2999 	/* The last wait() should report normal exit with code 1. */
3000 	wpid = waitpid(fpid, &status, 0);
3001 	REQUIRE_EQ(wpid, fpid);
3002 	ATF_REQUIRE(WIFEXITED(status));
3003 	REQUIRE_EQ(WEXITSTATUS(status), 1);
3004 
3005 	wpid = wait(&status);
3006 	REQUIRE_EQ(wpid, -1);
3007 	REQUIRE_EQ(errno, ECHILD);
3008 }
3009 
3010 /*
3011  * Verify that a traced process with blocked signal received the
3012  * signal from PT_CONTINUE once unmasked.
3013  */
3014 ATF_TC_WITHOUT_HEAD(ptrace__PT_CONTINUE_with_sigmask);
3015 ATF_TC_BODY(ptrace__PT_CONTINUE_with_sigmask, tc)
3016 {
3017 	struct ptrace_lwpinfo pl;
3018 	pid_t fpid, wpid;
3019 	int status, err;
3020 	sigset_t sigmask;
3021 
3022 	REQUIRE_EQ(sem_init(&sigusr1_sem, 0, 0), 0);
3023 	ATF_REQUIRE(signal(SIGUSR1, sigusr1_sempost_handler) != SIG_ERR);
3024 	got_usr1 = 0;
3025 
3026 	ATF_REQUIRE((fpid = fork()) != -1);
3027 	if (fpid == 0) {
3028 		CHILD_REQUIRE_EQ(sigemptyset(&sigmask), 0);
3029 		CHILD_REQUIRE_EQ(sigaddset(&sigmask, SIGUSR1), 0);
3030 		CHILD_REQUIRE_EQ(sigprocmask(SIG_BLOCK, &sigmask, NULL), 0);
3031 
3032 		trace_me();
3033 		CHILD_REQUIRE_EQ(got_usr1, 0);
3034 
3035 		/* Allow the pending SIGUSR1 in now. */
3036 		CHILD_REQUIRE_EQ(sigprocmask(SIG_UNBLOCK, &sigmask, NULL), 0);
3037 		/* Wait to receive a SIGUSR1. */
3038 		do {
3039 			err = sem_wait(&sigusr1_sem);
3040 			CHILD_REQUIRE(err == 0 || errno == EINTR);
3041 		} while (err != 0 && errno == EINTR);
3042 
3043 		CHILD_REQUIRE_EQ(got_usr1, 1);
3044 		exit(1);
3045 	}
3046 
3047 	/* The first wait() should report the stop from SIGSTOP. */
3048 	wpid = waitpid(fpid, &status, 0);
3049 	REQUIRE_EQ(wpid, fpid);
3050 	ATF_REQUIRE(WIFSTOPPED(status));
3051 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
3052 	ATF_REQUIRE(ptrace(PT_LWPINFO, fpid, (caddr_t)&pl, sizeof(pl)) != -1);
3053 	REQUIRE_EQ(pl.pl_siginfo.si_signo, SIGSTOP);
3054 
3055 	/* Continue the child replacing SIGSTOP with SIGUSR1. */
3056 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, SIGUSR1), 0);
3057 
3058 	/* The next wait() should report the SIGUSR1 was received. */
3059 	wpid = waitpid(fpid, &status, 0);
3060 	REQUIRE_EQ(wpid, fpid);
3061 	ATF_REQUIRE(WIFSTOPPED(status));
3062 	REQUIRE_EQ(WSTOPSIG(status), SIGUSR1);
3063 	ATF_REQUIRE(ptrace(PT_LWPINFO, fpid, (caddr_t)&pl, sizeof(pl)) != -1);
3064 	REQUIRE_EQ(pl.pl_siginfo.si_signo, SIGUSR1);
3065 
3066 	/* Continue the child, ignoring the SIGUSR1. */
3067 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3068 
3069 	/* The last wait() should report normal exit with code 1. */
3070 	wpid = waitpid(fpid, &status, 0);
3071 	REQUIRE_EQ(wpid, fpid);
3072 	ATF_REQUIRE(WIFEXITED(status));
3073 	REQUIRE_EQ(WEXITSTATUS(status), 1);
3074 
3075 	wpid = wait(&status);
3076 	REQUIRE_EQ(wpid, -1);
3077 	REQUIRE_EQ(errno, ECHILD);
3078 }
3079 
3080 /*
3081  * Verify that if ptrace stops due to a signal but continues with
3082  * a different signal that the new signal is routed to a thread
3083  * that can accept it, and that the thread is awakened by the signal
3084  * in a timely manner.
3085  */
3086 ATF_TC_WITHOUT_HEAD(ptrace__PT_CONTINUE_with_signal_thread_sigmask);
3087 ATF_TC_BODY(ptrace__PT_CONTINUE_with_signal_thread_sigmask, tc)
3088 {
3089 	pid_t fpid, wpid;
3090 	int status, err;
3091 	pthread_t t;
3092 	sigset_t sigmask;
3093 	pthread_barrier_t barrier;
3094 
3095 	REQUIRE_EQ(pthread_barrier_init(&barrier, NULL, 2), 0);
3096 	REQUIRE_EQ(sem_init(&sigusr1_sem, 0, 0), 0);
3097 	ATF_REQUIRE(signal(SIGUSR1, sigusr1_sempost_handler) != SIG_ERR);
3098 
3099 	ATF_REQUIRE((fpid = fork()) != -1);
3100 	if (fpid == 0) {
3101 		CHILD_REQUIRE_EQ(pthread_create(&t, NULL, signal_thread,
3102 		    (void *)&barrier), 0);
3103 
3104 		/* The other thread should receive the first SIGUSR1. */
3105 		CHILD_REQUIRE_EQ(sigemptyset(&sigmask), 0);
3106 		CHILD_REQUIRE_EQ(sigaddset(&sigmask, SIGUSR1), 0);
3107 		CHILD_REQUIRE_EQ(pthread_sigmask(SIG_BLOCK, &sigmask, NULL), 0);
3108 
3109 		trace_me();
3110 
3111 		/* Wait until other thread has received its SIGUSR1. */
3112 		pthread_barrier_wait(&barrier);
3113 
3114 		/*
3115 		 * Swap ignore duties; the next SIGUSR1 should go to this
3116 		 * thread.
3117 		 */
3118 		CHILD_REQUIRE_EQ(pthread_sigmask(SIG_UNBLOCK, &sigmask, NULL),
3119 		    0);
3120 
3121 		/* Sync up threads after swapping signal masks. */
3122 		pthread_barrier_wait(&barrier);
3123 
3124 		/*
3125 		 * Sync up with test code; we're ready for the next SIGUSR1
3126 		 * now.
3127 		 */
3128 		raise(SIGSTOP);
3129 
3130 		/* Wait for this thread to receive a SIGUSR1. */
3131 		do {
3132 			err = sem_wait(&sigusr1_sem);
3133 			CHILD_REQUIRE(err == 0 || errno == EINTR);
3134 		} while (err != 0 && errno == EINTR);
3135 
3136 		/* Free the other thread from the barrier. */
3137 		pthread_barrier_wait(&barrier);
3138 
3139 		CHILD_REQUIRE_EQ(pthread_join(t, NULL), 0);
3140 
3141 		exit(1);
3142 	}
3143 
3144 	/* The first wait() should report the stop from SIGSTOP. */
3145 	wpid = waitpid(fpid, &status, 0);
3146 	REQUIRE_EQ(wpid, fpid);
3147 	ATF_REQUIRE(WIFSTOPPED(status));
3148 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
3149 
3150 	/* Continue the child ignoring the SIGSTOP. */
3151 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3152 
3153 	/*
3154 	 * Send a signal without ptrace that either thread will accept (USR2,
3155 	 * in this case).
3156 	 */
3157 	REQUIRE_EQ(kill(fpid, SIGUSR2), 0);
3158 
3159 	/* The second wait() should report a SIGUSR2 was received. */
3160 	wpid = waitpid(fpid, &status, 0);
3161 	REQUIRE_EQ(wpid, fpid);
3162 	ATF_REQUIRE(WIFSTOPPED(status));
3163 	REQUIRE_EQ(WSTOPSIG(status), SIGUSR2);
3164 
3165 	/* Continue the child, changing the signal to USR1. */
3166 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, SIGUSR1), 0);
3167 
3168 	/* The next wait() should report the stop from SIGSTOP. */
3169 	wpid = waitpid(fpid, &status, 0);
3170 	REQUIRE_EQ(wpid, fpid);
3171 	ATF_REQUIRE(WIFSTOPPED(status));
3172 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
3173 
3174 	/* Continue the child ignoring the SIGSTOP. */
3175 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3176 
3177 	REQUIRE_EQ(kill(fpid, SIGUSR2), 0);
3178 
3179 	/* The next wait() should report a SIGUSR2 was received. */
3180 	wpid = waitpid(fpid, &status, 0);
3181 	REQUIRE_EQ(wpid, fpid);
3182 	ATF_REQUIRE(WIFSTOPPED(status));
3183 	REQUIRE_EQ(WSTOPSIG(status), SIGUSR2);
3184 
3185 	/* Continue the child, changing the signal to USR1. */
3186 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, SIGUSR1), 0);
3187 
3188 	/* The last wait() should report normal exit with code 1. */
3189 	wpid = waitpid(fpid, &status, 0);
3190 	REQUIRE_EQ(wpid, fpid);
3191 	ATF_REQUIRE(WIFEXITED(status));
3192 	REQUIRE_EQ(WEXITSTATUS(status), 1);
3193 
3194 	wpid = wait(&status);
3195 	REQUIRE_EQ(wpid, -1);
3196 	REQUIRE_EQ(errno, ECHILD);
3197 }
3198 
3199 static void *
3200 raise_sigstop_thread(void *arg __unused)
3201 {
3202 
3203 	raise(SIGSTOP);
3204 	return NULL;
3205 }
3206 
3207 static void *
3208 sleep_thread(void *arg __unused)
3209 {
3210 
3211 	sleep(60);
3212 	return NULL;
3213 }
3214 
3215 static void
3216 terminate_with_pending_sigstop(bool sigstop_from_main_thread)
3217 {
3218 	pid_t fpid, wpid;
3219 	int status, i;
3220 	cpuset_t setmask;
3221 	cpusetid_t setid;
3222 	pthread_t t;
3223 
3224 	/*
3225 	 * Become the reaper for this process tree. We need to be able to check
3226 	 * that both child and grandchild have died.
3227 	 */
3228 	REQUIRE_EQ(procctl(P_PID, getpid(), PROC_REAP_ACQUIRE, NULL), 0);
3229 
3230 	fpid = fork();
3231 	ATF_REQUIRE(fpid >= 0);
3232 	if (fpid == 0) {
3233 		fpid = fork();
3234 		CHILD_REQUIRE(fpid >= 0);
3235 		if (fpid == 0) {
3236 			trace_me();
3237 
3238 			/* Pin to CPU 0 to serialize thread execution. */
3239 			CPU_ZERO(&setmask);
3240 			CPU_SET(0, &setmask);
3241 			CHILD_REQUIRE_EQ(cpuset(&setid), 0);
3242 			CHILD_REQUIRE(cpuset_setaffinity(CPU_LEVEL_CPUSET,
3243 			    CPU_WHICH_CPUSET, setid,
3244 			    sizeof(setmask), &setmask) == 0);
3245 
3246 			if (sigstop_from_main_thread) {
3247 				/*
3248 				 * We expect the SIGKILL sent when our parent
3249 				 * dies to be delivered to the new thread.
3250 				 * Raise the SIGSTOP in this thread so the
3251 				 * threads compete.
3252 				 */
3253 				CHILD_REQUIRE(pthread_create(&t, NULL,
3254 				    sleep_thread, NULL) == 0);
3255 				raise(SIGSTOP);
3256 			} else {
3257 				/*
3258 				 * We expect the SIGKILL to be delivered to
3259 				 * this thread. After creating the new thread,
3260 				 * just get off the CPU so the other thread can
3261 				 * raise the SIGSTOP.
3262 				 */
3263 				CHILD_REQUIRE(pthread_create(&t, NULL,
3264 				    raise_sigstop_thread, NULL) == 0);
3265 				sleep(60);
3266 			}
3267 
3268 			exit(0);
3269 		}
3270 		/* First stop is trace_me() immediately after fork. */
3271 		wpid = waitpid(fpid, &status, 0);
3272 		CHILD_REQUIRE_EQ(wpid, fpid);
3273 		CHILD_REQUIRE(WIFSTOPPED(status));
3274 		CHILD_REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
3275 
3276 		CHILD_REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3277 
3278 		/* Second stop is from the raise(SIGSTOP). */
3279 		wpid = waitpid(fpid, &status, 0);
3280 		CHILD_REQUIRE_EQ(wpid, fpid);
3281 		CHILD_REQUIRE(WIFSTOPPED(status));
3282 		CHILD_REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
3283 
3284 		/*
3285 		 * Terminate tracing process without detaching. Our child
3286 		 * should be killed.
3287 		 */
3288 		exit(0);
3289 	}
3290 
3291 	/*
3292 	 * We should get a normal exit from our immediate child and a SIGKILL
3293 	 * exit from our grandchild. The latter case is the interesting one.
3294 	 * Our grandchild should not have stopped due to the SIGSTOP that was
3295 	 * left dangling when its parent died.
3296 	 */
3297 	for (i = 0; i < 2; ++i) {
3298 		wpid = wait(&status);
3299 		if (wpid == fpid) {
3300 			ATF_REQUIRE(WIFEXITED(status));
3301 			REQUIRE_EQ(WEXITSTATUS(status), 0);
3302 		} else {
3303 			ATF_REQUIRE(WIFSIGNALED(status));
3304 			REQUIRE_EQ(WTERMSIG(status), SIGKILL);
3305 		}
3306 	}
3307 }
3308 
3309 /*
3310  * These two tests ensure that if the tracing process exits without detaching
3311  * just after the child received a SIGSTOP, the child is cleanly killed and
3312  * doesn't go to sleep due to the SIGSTOP. The parent's death will send a
3313  * SIGKILL to the child. If the SIGKILL and the SIGSTOP are handled by
3314  * different threads, the SIGKILL must win.  There are two variants of this
3315  * test, designed to catch the case where the SIGKILL is delivered to the
3316  * younger thread (the first test) and the case where the SIGKILL is delivered
3317  * to the older thread (the second test). This behavior has changed in the
3318  * past, so make no assumption.
3319  */
3320 ATF_TC(ptrace__parent_terminate_with_pending_sigstop1);
3321 ATF_TC_HEAD(ptrace__parent_terminate_with_pending_sigstop1, tc)
3322 {
3323 
3324 	atf_tc_set_md_var(tc, "require.user", "root");
3325 }
3326 ATF_TC_BODY(ptrace__parent_terminate_with_pending_sigstop1, tc)
3327 {
3328 
3329 	terminate_with_pending_sigstop(true);
3330 }
3331 
3332 ATF_TC(ptrace__parent_terminate_with_pending_sigstop2);
3333 ATF_TC_HEAD(ptrace__parent_terminate_with_pending_sigstop2, tc)
3334 {
3335 
3336 	atf_tc_set_md_var(tc, "require.user", "root");
3337 }
3338 ATF_TC_BODY(ptrace__parent_terminate_with_pending_sigstop2, tc)
3339 {
3340 
3341 	terminate_with_pending_sigstop(false);
3342 }
3343 
3344 /*
3345  * Verify that after ptrace() discards a SIGKILL signal, the event mask
3346  * is not modified.
3347  */
3348 ATF_TC_WITHOUT_HEAD(ptrace__event_mask_sigkill_discard);
3349 ATF_TC_BODY(ptrace__event_mask_sigkill_discard, tc)
3350 {
3351 	struct ptrace_lwpinfo pl;
3352 	pid_t fpid, wpid;
3353 	int status, event_mask, new_event_mask;
3354 
3355 	ATF_REQUIRE((fpid = fork()) != -1);
3356 	if (fpid == 0) {
3357 		trace_me();
3358 		raise(SIGSTOP);
3359 		exit(0);
3360 	}
3361 
3362 	/* The first wait() should report the stop from trace_me(). */
3363 	wpid = waitpid(fpid, &status, 0);
3364 	REQUIRE_EQ(wpid, fpid);
3365 	ATF_REQUIRE(WIFSTOPPED(status));
3366 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
3367 
3368 	/* Set several unobtrusive event bits. */
3369 	event_mask = PTRACE_EXEC | PTRACE_FORK | PTRACE_LWP;
3370 	ATF_REQUIRE(ptrace(PT_SET_EVENT_MASK, wpid, (caddr_t)&event_mask,
3371 	    sizeof(event_mask)) == 0);
3372 
3373 	/* Send a SIGKILL without using ptrace. */
3374 	REQUIRE_EQ(kill(fpid, SIGKILL), 0);
3375 
3376 	/* Continue the child ignoring the SIGSTOP. */
3377 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3378 
3379 	/* The next stop should be due to the SIGKILL. */
3380 	wpid = waitpid(fpid, &status, 0);
3381 	REQUIRE_EQ(wpid, fpid);
3382 	ATF_REQUIRE(WIFSTOPPED(status));
3383 	REQUIRE_EQ(WSTOPSIG(status), SIGKILL);
3384 
3385 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
3386 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SI);
3387 	REQUIRE_EQ(pl.pl_siginfo.si_signo, SIGKILL);
3388 
3389 	/* Continue the child ignoring the SIGKILL. */
3390 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3391 
3392 	/* The next wait() should report the stop from SIGSTOP. */
3393 	wpid = waitpid(fpid, &status, 0);
3394 	REQUIRE_EQ(wpid, fpid);
3395 	ATF_REQUIRE(WIFSTOPPED(status));
3396 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
3397 
3398 	/* Check the current event mask. It should not have changed. */
3399 	new_event_mask = 0;
3400 	ATF_REQUIRE(ptrace(PT_GET_EVENT_MASK, wpid, (caddr_t)&new_event_mask,
3401 	    sizeof(new_event_mask)) == 0);
3402 	REQUIRE_EQ(event_mask, new_event_mask);
3403 
3404 	/* Continue the child to let it exit. */
3405 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3406 
3407 	/* The last event should be for the child process's exit. */
3408 	wpid = waitpid(fpid, &status, 0);
3409 	ATF_REQUIRE(WIFEXITED(status));
3410 	REQUIRE_EQ(WEXITSTATUS(status), 0);
3411 
3412 	wpid = wait(&status);
3413 	REQUIRE_EQ(wpid, -1);
3414 	REQUIRE_EQ(errno, ECHILD);
3415 }
3416 
3417 static void *
3418 flock_thread(void *arg)
3419 {
3420 	int fd;
3421 
3422 	fd = *(int *)arg;
3423 	(void)flock(fd, LOCK_EX);
3424 	(void)flock(fd, LOCK_UN);
3425 	return (NULL);
3426 }
3427 
3428 /*
3429  * Verify that PT_ATTACH will suspend threads sleeping in an SBDRY section.
3430  * We rely on the fact that the lockf implementation sets SBDRY before blocking
3431  * on a lock. This is a regression test for r318191.
3432  */
3433 ATF_TC_WITHOUT_HEAD(ptrace__PT_ATTACH_with_SBDRY_thread);
3434 ATF_TC_BODY(ptrace__PT_ATTACH_with_SBDRY_thread, tc)
3435 {
3436 	pthread_barrier_t barrier;
3437 	pthread_barrierattr_t battr;
3438 	char tmpfile[64];
3439 	pid_t child, wpid;
3440 	int error, fd, i, status;
3441 
3442 	REQUIRE_EQ(pthread_barrierattr_init(&battr), 0);
3443 	ATF_REQUIRE(pthread_barrierattr_setpshared(&battr,
3444 	    PTHREAD_PROCESS_SHARED) == 0);
3445 	REQUIRE_EQ(pthread_barrier_init(&barrier, &battr, 2), 0);
3446 
3447 	(void)snprintf(tmpfile, sizeof(tmpfile), "./ptrace.XXXXXX");
3448 	fd = mkstemp(tmpfile);
3449 	ATF_REQUIRE(fd >= 0);
3450 
3451 	ATF_REQUIRE((child = fork()) != -1);
3452 	if (child == 0) {
3453 		pthread_t t[2];
3454 		int cfd;
3455 
3456 		error = pthread_barrier_wait(&barrier);
3457 		if (error != 0 && error != PTHREAD_BARRIER_SERIAL_THREAD)
3458 			_exit(1);
3459 
3460 		cfd = open(tmpfile, O_RDONLY);
3461 		if (cfd < 0)
3462 			_exit(1);
3463 
3464 		/*
3465 		 * We want at least two threads blocked on the file lock since
3466 		 * the SIGSTOP from PT_ATTACH may kick one of them out of
3467 		 * sleep.
3468 		 */
3469 		if (pthread_create(&t[0], NULL, flock_thread, &cfd) != 0)
3470 			_exit(1);
3471 		if (pthread_create(&t[1], NULL, flock_thread, &cfd) != 0)
3472 			_exit(1);
3473 		if (pthread_join(t[0], NULL) != 0)
3474 			_exit(1);
3475 		if (pthread_join(t[1], NULL) != 0)
3476 			_exit(1);
3477 		_exit(0);
3478 	}
3479 
3480 	REQUIRE_EQ(flock(fd, LOCK_EX), 0);
3481 
3482 	error = pthread_barrier_wait(&barrier);
3483 	ATF_REQUIRE(error == 0 || error == PTHREAD_BARRIER_SERIAL_THREAD);
3484 
3485 	/*
3486 	 * Give the child some time to block. Is there a better way to do this?
3487 	 */
3488 	sleep(1);
3489 
3490 	/*
3491 	 * Attach and give the child 3 seconds to stop.
3492 	 */
3493 	REQUIRE_EQ(ptrace(PT_ATTACH, child, NULL, 0), 0);
3494 	for (i = 0; i < 3; i++) {
3495 		wpid = waitpid(child, &status, WNOHANG);
3496 		if (wpid == child && WIFSTOPPED(status) &&
3497 		    WSTOPSIG(status) == SIGSTOP)
3498 			break;
3499 		sleep(1);
3500 	}
3501 	ATF_REQUIRE_MSG(i < 3, "failed to stop child process after PT_ATTACH");
3502 
3503 	REQUIRE_EQ(ptrace(PT_DETACH, child, NULL, 0), 0);
3504 
3505 	REQUIRE_EQ(flock(fd, LOCK_UN), 0);
3506 	REQUIRE_EQ(unlink(tmpfile), 0);
3507 	REQUIRE_EQ(close(fd), 0);
3508 }
3509 
3510 static void
3511 sigusr1_step_handler(int sig)
3512 {
3513 
3514 	CHILD_REQUIRE_EQ(sig, SIGUSR1);
3515 	raise(SIGABRT);
3516 }
3517 
3518 /*
3519  * Verify that PT_STEP with a signal invokes the signal before
3520  * stepping the next instruction (and that the next instruction is
3521  * stepped correctly).
3522  */
3523 ATF_TC_WITHOUT_HEAD(ptrace__PT_STEP_with_signal);
3524 ATF_TC_BODY(ptrace__PT_STEP_with_signal, tc)
3525 {
3526 	struct ptrace_lwpinfo pl;
3527 	pid_t fpid, wpid;
3528 	int status;
3529 
3530 	ATF_REQUIRE((fpid = fork()) != -1);
3531 	if (fpid == 0) {
3532 		trace_me();
3533 		signal(SIGUSR1, sigusr1_step_handler);
3534 		raise(SIGABRT);
3535 		exit(1);
3536 	}
3537 
3538 	/* The first wait() should report the stop from SIGSTOP. */
3539 	wpid = waitpid(fpid, &status, 0);
3540 	REQUIRE_EQ(wpid, fpid);
3541 	ATF_REQUIRE(WIFSTOPPED(status));
3542 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
3543 
3544 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3545 
3546 	/* The next stop should report the SIGABRT in the child body. */
3547 	wpid = waitpid(fpid, &status, 0);
3548 	REQUIRE_EQ(wpid, fpid);
3549 	ATF_REQUIRE(WIFSTOPPED(status));
3550 	REQUIRE_EQ(WSTOPSIG(status), SIGABRT);
3551 
3552 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
3553 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SI);
3554 	REQUIRE_EQ(pl.pl_siginfo.si_signo, SIGABRT);
3555 
3556 	/* Step the child process inserting SIGUSR1. */
3557 	REQUIRE_EQ(ptrace(PT_STEP, fpid, (caddr_t)1, SIGUSR1), 0);
3558 
3559 	/* The next stop should report the SIGABRT in the signal handler. */
3560 	wpid = waitpid(fpid, &status, 0);
3561 	REQUIRE_EQ(wpid, fpid);
3562 	ATF_REQUIRE(WIFSTOPPED(status));
3563 	REQUIRE_EQ(WSTOPSIG(status), SIGABRT);
3564 
3565 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
3566 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SI);
3567 	REQUIRE_EQ(pl.pl_siginfo.si_signo, SIGABRT);
3568 
3569 	/* Continue the child process discarding the signal. */
3570 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3571 
3572 	/* The next stop should report a trace trap from PT_STEP. */
3573 	wpid = waitpid(fpid, &status, 0);
3574 	REQUIRE_EQ(wpid, fpid);
3575 	ATF_REQUIRE(WIFSTOPPED(status));
3576 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
3577 
3578 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
3579 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SI);
3580 	REQUIRE_EQ(pl.pl_siginfo.si_signo, SIGTRAP);
3581 	REQUIRE_EQ(pl.pl_siginfo.si_code, TRAP_TRACE);
3582 
3583 	/* Continue the child to let it exit. */
3584 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3585 
3586 	/* The last event should be for the child process's exit. */
3587 	wpid = waitpid(fpid, &status, 0);
3588 	ATF_REQUIRE(WIFEXITED(status));
3589 	REQUIRE_EQ(WEXITSTATUS(status), 1);
3590 
3591 	wpid = wait(&status);
3592 	REQUIRE_EQ(wpid, -1);
3593 	REQUIRE_EQ(errno, ECHILD);
3594 }
3595 
3596 #ifdef HAVE_BREAKPOINT
3597 /*
3598  * Verify that a SIGTRAP event with the TRAP_BRKPT code is reported
3599  * for a breakpoint trap.
3600  */
3601 ATF_TC_WITHOUT_HEAD(ptrace__breakpoint_siginfo);
3602 ATF_TC_BODY(ptrace__breakpoint_siginfo, tc)
3603 {
3604 	struct ptrace_lwpinfo pl;
3605 	pid_t fpid, wpid;
3606 	int status;
3607 
3608 	ATF_REQUIRE((fpid = fork()) != -1);
3609 	if (fpid == 0) {
3610 		trace_me();
3611 		breakpoint();
3612 		exit(1);
3613 	}
3614 
3615 	/* The first wait() should report the stop from SIGSTOP. */
3616 	wpid = waitpid(fpid, &status, 0);
3617 	REQUIRE_EQ(wpid, fpid);
3618 	ATF_REQUIRE(WIFSTOPPED(status));
3619 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
3620 
3621 	/* Continue the child ignoring the SIGSTOP. */
3622 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3623 
3624 	/* The second wait() should report hitting the breakpoint. */
3625 	wpid = waitpid(fpid, &status, 0);
3626 	REQUIRE_EQ(wpid, fpid);
3627 	ATF_REQUIRE(WIFSTOPPED(status));
3628 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
3629 
3630 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
3631 	ATF_REQUIRE((pl.pl_flags & PL_FLAG_SI) != 0);
3632 	REQUIRE_EQ(pl.pl_siginfo.si_signo, SIGTRAP);
3633 	REQUIRE_EQ(pl.pl_siginfo.si_code, TRAP_BRKPT);
3634 
3635 	/* Kill the child process. */
3636 	REQUIRE_EQ(ptrace(PT_KILL, fpid, 0, 0), 0);
3637 
3638 	/* The last wait() should report the SIGKILL. */
3639 	wpid = waitpid(fpid, &status, 0);
3640 	REQUIRE_EQ(wpid, fpid);
3641 	ATF_REQUIRE(WIFSIGNALED(status));
3642 	REQUIRE_EQ(WTERMSIG(status), SIGKILL);
3643 
3644 	wpid = wait(&status);
3645 	REQUIRE_EQ(wpid, -1);
3646 	REQUIRE_EQ(errno, ECHILD);
3647 }
3648 #endif /* HAVE_BREAKPOINT */
3649 
3650 /*
3651  * Verify that a SIGTRAP event with the TRAP_TRACE code is reported
3652  * for a single-step trap from PT_STEP.
3653  */
3654 ATF_TC_WITHOUT_HEAD(ptrace__step_siginfo);
3655 ATF_TC_BODY(ptrace__step_siginfo, tc)
3656 {
3657 	struct ptrace_lwpinfo pl;
3658 	pid_t fpid, wpid;
3659 	int status;
3660 
3661 	ATF_REQUIRE((fpid = fork()) != -1);
3662 	if (fpid == 0) {
3663 		trace_me();
3664 		exit(1);
3665 	}
3666 
3667 	/* The first wait() should report the stop from SIGSTOP. */
3668 	wpid = waitpid(fpid, &status, 0);
3669 	REQUIRE_EQ(wpid, fpid);
3670 	ATF_REQUIRE(WIFSTOPPED(status));
3671 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
3672 
3673 	/* Step the child ignoring the SIGSTOP. */
3674 	REQUIRE_EQ(ptrace(PT_STEP, fpid, (caddr_t)1, 0), 0);
3675 
3676 	/* The second wait() should report a single-step trap. */
3677 	wpid = waitpid(fpid, &status, 0);
3678 	REQUIRE_EQ(wpid, fpid);
3679 	ATF_REQUIRE(WIFSTOPPED(status));
3680 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
3681 
3682 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
3683 	ATF_REQUIRE((pl.pl_flags & PL_FLAG_SI) != 0);
3684 	REQUIRE_EQ(pl.pl_siginfo.si_signo, SIGTRAP);
3685 	REQUIRE_EQ(pl.pl_siginfo.si_code, TRAP_TRACE);
3686 
3687 	/* Continue the child process. */
3688 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3689 
3690 	/* The last event should be for the child process's exit. */
3691 	wpid = waitpid(fpid, &status, 0);
3692 	ATF_REQUIRE(WIFEXITED(status));
3693 	REQUIRE_EQ(WEXITSTATUS(status), 1);
3694 
3695 	wpid = wait(&status);
3696 	REQUIRE_EQ(wpid, -1);
3697 	REQUIRE_EQ(errno, ECHILD);
3698 }
3699 
3700 #if defined(HAVE_BREAKPOINT) && defined(SKIP_BREAK)
3701 static void *
3702 continue_thread(void *arg __unused)
3703 {
3704 	breakpoint();
3705 	return (NULL);
3706 }
3707 
3708 static __dead2 void
3709 continue_thread_main(void)
3710 {
3711 	pthread_t threads[2];
3712 
3713 	CHILD_REQUIRE(pthread_create(&threads[0], NULL, continue_thread,
3714 	    NULL) == 0);
3715 	CHILD_REQUIRE(pthread_create(&threads[1], NULL, continue_thread,
3716 	    NULL) == 0);
3717 	CHILD_REQUIRE_EQ(pthread_join(threads[0], NULL), 0);
3718 	CHILD_REQUIRE_EQ(pthread_join(threads[1], NULL), 0);
3719 	exit(1);
3720 }
3721 
3722 /*
3723  * Ensure that PT_CONTINUE clears the status of the thread that
3724  * triggered the stop even if a different thread's LWP was passed to
3725  * PT_CONTINUE.
3726  */
3727 ATF_TC_WITHOUT_HEAD(ptrace__PT_CONTINUE_different_thread);
3728 ATF_TC_BODY(ptrace__PT_CONTINUE_different_thread, tc)
3729 {
3730 	struct ptrace_lwpinfo pl;
3731 	pid_t fpid, wpid;
3732 	lwpid_t lwps[2];
3733 	bool hit_break[2];
3734 	struct reg reg;
3735 	int i, j, status;
3736 
3737 	ATF_REQUIRE((fpid = fork()) != -1);
3738 	if (fpid == 0) {
3739 		trace_me();
3740 		continue_thread_main();
3741 	}
3742 
3743 	/* The first wait() should report the stop from SIGSTOP. */
3744 	wpid = waitpid(fpid, &status, 0);
3745 	REQUIRE_EQ(wpid, fpid);
3746 	ATF_REQUIRE(WIFSTOPPED(status));
3747 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
3748 
3749 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl,
3750 	    sizeof(pl)) != -1);
3751 
3752 	REQUIRE_EQ(ptrace(PT_LWP_EVENTS, wpid, NULL, 1), 0);
3753 
3754 	/* Continue the child ignoring the SIGSTOP. */
3755 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3756 
3757 	/* One of the new threads should report it's birth. */
3758 	wpid = waitpid(fpid, &status, 0);
3759 	REQUIRE_EQ(wpid, fpid);
3760 	ATF_REQUIRE(WIFSTOPPED(status));
3761 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
3762 
3763 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
3764 	REQUIRE_EQ((pl.pl_flags & (PL_FLAG_BORN | PL_FLAG_SCX)),
3765 	    (PL_FLAG_BORN | PL_FLAG_SCX));
3766 	lwps[0] = pl.pl_lwpid;
3767 
3768 	/*
3769 	 * Suspend this thread to ensure both threads are alive before
3770 	 * hitting the breakpoint.
3771 	 */
3772 	ATF_REQUIRE(ptrace(PT_SUSPEND, lwps[0], NULL, 0) != -1);
3773 
3774 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3775 
3776 	/* Second thread should report it's birth. */
3777 	wpid = waitpid(fpid, &status, 0);
3778 	REQUIRE_EQ(wpid, fpid);
3779 	ATF_REQUIRE(WIFSTOPPED(status));
3780 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
3781 
3782 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
3783 	REQUIRE_EQ((pl.pl_flags & (PL_FLAG_BORN | PL_FLAG_SCX)),
3784 	    (PL_FLAG_BORN | PL_FLAG_SCX));
3785 	ATF_REQUIRE(pl.pl_lwpid != lwps[0]);
3786 	lwps[1] = pl.pl_lwpid;
3787 
3788 	/* Resume both threads waiting for breakpoint events. */
3789 	hit_break[0] = hit_break[1] = false;
3790 	ATF_REQUIRE(ptrace(PT_RESUME, lwps[0], NULL, 0) != -1);
3791 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3792 
3793 	/* One thread should report a breakpoint. */
3794 	wpid = waitpid(fpid, &status, 0);
3795 	REQUIRE_EQ(wpid, fpid);
3796 	ATF_REQUIRE(WIFSTOPPED(status));
3797 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
3798 
3799 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
3800 	ATF_REQUIRE((pl.pl_flags & PL_FLAG_SI) != 0);
3801 	REQUIRE_EQ(pl.pl_siginfo.si_signo, SIGTRAP);
3802 	REQUIRE_EQ(pl.pl_siginfo.si_code, TRAP_BRKPT);
3803 	if (pl.pl_lwpid == lwps[0])
3804 		i = 0;
3805 	else
3806 		i = 1;
3807 	hit_break[i] = true;
3808 	ATF_REQUIRE(ptrace(PT_GETREGS, pl.pl_lwpid, (caddr_t)&reg, 0) != -1);
3809 	SKIP_BREAK(&reg);
3810 	ATF_REQUIRE(ptrace(PT_SETREGS, pl.pl_lwpid, (caddr_t)&reg, 0) != -1);
3811 
3812 	/*
3813 	 * Resume both threads but pass the other thread's LWPID to
3814 	 * PT_CONTINUE.
3815 	 */
3816 	REQUIRE_EQ(ptrace(PT_CONTINUE, lwps[i ^ 1], (caddr_t)1, 0), 0);
3817 
3818 	/*
3819 	 * Will now get two thread exit events and one more breakpoint
3820 	 * event.
3821 	 */
3822 	for (j = 0; j < 3; j++) {
3823 		wpid = waitpid(fpid, &status, 0);
3824 		REQUIRE_EQ(wpid, fpid);
3825 		ATF_REQUIRE(WIFSTOPPED(status));
3826 		REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
3827 
3828 		ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl,
3829 		    sizeof(pl)) != -1);
3830 
3831 		if (pl.pl_lwpid == lwps[0])
3832 			i = 0;
3833 		else
3834 			i = 1;
3835 
3836 		ATF_REQUIRE_MSG(lwps[i] != 0, "event for exited thread");
3837 		if (pl.pl_flags & PL_FLAG_EXITED) {
3838 			ATF_REQUIRE_MSG(hit_break[i],
3839 			    "exited thread did not report breakpoint");
3840 			lwps[i] = 0;
3841 		} else {
3842 			ATF_REQUIRE((pl.pl_flags & PL_FLAG_SI) != 0);
3843 			REQUIRE_EQ(pl.pl_siginfo.si_signo, SIGTRAP);
3844 			REQUIRE_EQ(pl.pl_siginfo.si_code, TRAP_BRKPT);
3845 			ATF_REQUIRE_MSG(!hit_break[i],
3846 			    "double breakpoint event");
3847 			hit_break[i] = true;
3848 			ATF_REQUIRE(ptrace(PT_GETREGS, pl.pl_lwpid, (caddr_t)&reg,
3849 			    0) != -1);
3850 			SKIP_BREAK(&reg);
3851 			ATF_REQUIRE(ptrace(PT_SETREGS, pl.pl_lwpid, (caddr_t)&reg,
3852 			    0) != -1);
3853 		}
3854 
3855 		REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3856 	}
3857 
3858 	/* Both threads should have exited. */
3859 	REQUIRE_EQ(lwps[0], 0);
3860 	REQUIRE_EQ(lwps[1], 0);
3861 
3862 	/* The last event should be for the child process's exit. */
3863 	wpid = waitpid(fpid, &status, 0);
3864 	ATF_REQUIRE(WIFEXITED(status));
3865 	REQUIRE_EQ(WEXITSTATUS(status), 1);
3866 
3867 	wpid = wait(&status);
3868 	REQUIRE_EQ(wpid, -1);
3869 	REQUIRE_EQ(errno, ECHILD);
3870 }
3871 #endif
3872 
3873 /*
3874  * Verify that PT_LWPINFO doesn't return stale siginfo.
3875  */
3876 ATF_TC_WITHOUT_HEAD(ptrace__PT_LWPINFO_stale_siginfo);
3877 ATF_TC_BODY(ptrace__PT_LWPINFO_stale_siginfo, tc)
3878 {
3879 	struct ptrace_lwpinfo pl;
3880 	pid_t fpid, wpid;
3881 	int events, status;
3882 
3883 	ATF_REQUIRE((fpid = fork()) != -1);
3884 	if (fpid == 0) {
3885 		trace_me();
3886 		raise(SIGABRT);
3887 		exit(1);
3888 	}
3889 
3890 	/* The first wait() should report the stop from SIGSTOP. */
3891 	wpid = waitpid(fpid, &status, 0);
3892 	REQUIRE_EQ(wpid, fpid);
3893 	ATF_REQUIRE(WIFSTOPPED(status));
3894 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
3895 
3896 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3897 
3898 	/* The next stop should report the SIGABRT in the child body. */
3899 	wpid = waitpid(fpid, &status, 0);
3900 	REQUIRE_EQ(wpid, fpid);
3901 	ATF_REQUIRE(WIFSTOPPED(status));
3902 	REQUIRE_EQ(WSTOPSIG(status), SIGABRT);
3903 
3904 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
3905 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SI);
3906 	REQUIRE_EQ(pl.pl_siginfo.si_signo, SIGABRT);
3907 
3908 	/*
3909 	 * Continue the process ignoring the signal, but enabling
3910 	 * syscall traps.
3911 	 */
3912 	REQUIRE_EQ(ptrace(PT_SYSCALL, fpid, (caddr_t)1, 0), 0);
3913 
3914 	/*
3915 	 * The next stop should report a system call entry from
3916 	 * exit().  PL_FLAGS_SI should not be set.
3917 	 */
3918 	wpid = waitpid(fpid, &status, 0);
3919 	REQUIRE_EQ(wpid, fpid);
3920 	ATF_REQUIRE(WIFSTOPPED(status));
3921 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
3922 
3923 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
3924 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SCE);
3925 	REQUIRE_EQ((pl.pl_flags & PL_FLAG_SI), 0);
3926 
3927 	/* Disable syscall tracing and continue the child to let it exit. */
3928 	ATF_REQUIRE(ptrace(PT_GET_EVENT_MASK, fpid, (caddr_t)&events,
3929 	    sizeof(events)) == 0);
3930 	events &= ~PTRACE_SYSCALL;
3931 	ATF_REQUIRE(ptrace(PT_SET_EVENT_MASK, fpid, (caddr_t)&events,
3932 	    sizeof(events)) == 0);
3933 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3934 
3935 	/* The last event should be for the child process's exit. */
3936 	wpid = waitpid(fpid, &status, 0);
3937 	ATF_REQUIRE(WIFEXITED(status));
3938 	REQUIRE_EQ(WEXITSTATUS(status), 1);
3939 
3940 	wpid = wait(&status);
3941 	REQUIRE_EQ(wpid, -1);
3942 	REQUIRE_EQ(errno, ECHILD);
3943 }
3944 
3945 /*
3946  * A simple test of PT_GET_SC_ARGS and PT_GET_SC_RET.
3947  */
3948 ATF_TC_WITHOUT_HEAD(ptrace__syscall_args);
3949 ATF_TC_BODY(ptrace__syscall_args, tc)
3950 {
3951 	struct ptrace_lwpinfo pl;
3952 	struct ptrace_sc_ret psr;
3953 	pid_t fpid, wpid;
3954 	register_t args[2];
3955 	int events, status;
3956 
3957 	ATF_REQUIRE((fpid = fork()) != -1);
3958 	if (fpid == 0) {
3959 		trace_me();
3960 		kill(getpid(), 0);
3961 		/* Close a fd that should not exist. */
3962 		close(12345);
3963 		exit(1);
3964 	}
3965 
3966 	/* The first wait() should report the stop from SIGSTOP. */
3967 	wpid = waitpid(fpid, &status, 0);
3968 	REQUIRE_EQ(wpid, fpid);
3969 	ATF_REQUIRE(WIFSTOPPED(status));
3970 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
3971 
3972 	/*
3973 	 * Continue the process ignoring the signal, but enabling
3974 	 * syscall traps.
3975 	 */
3976 	REQUIRE_EQ(ptrace(PT_SYSCALL, fpid, (caddr_t)1, 0), 0);
3977 
3978 	/*
3979 	 * The next stop should be the syscall entry from getpid().
3980 	 */
3981 	wpid = waitpid(fpid, &status, 0);
3982 	REQUIRE_EQ(wpid, fpid);
3983 	ATF_REQUIRE(WIFSTOPPED(status));
3984 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
3985 
3986 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
3987 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SCE);
3988 	REQUIRE_EQ(pl.pl_syscall_code, (unsigned)SYS_getpid);
3989 
3990 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
3991 
3992 	/*
3993 	 * The next stop should be the syscall exit from getpid().
3994 	 */
3995 	wpid = waitpid(fpid, &status, 0);
3996 	REQUIRE_EQ(wpid, fpid);
3997 	ATF_REQUIRE(WIFSTOPPED(status));
3998 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
3999 
4000 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
4001 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SCX);
4002 	REQUIRE_EQ(pl.pl_syscall_code, (unsigned)SYS_getpid);
4003 
4004 	ATF_REQUIRE(ptrace(PT_GET_SC_RET, wpid, (caddr_t)&psr,
4005 	    sizeof(psr)) != -1);
4006 	REQUIRE_EQ(psr.sr_error, 0);
4007 	REQUIRE_EQ(psr.sr_retval[0], wpid);
4008 
4009 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
4010 
4011 	/*
4012 	 * The next stop should be the syscall entry from kill().
4013 	 */
4014 	wpid = waitpid(fpid, &status, 0);
4015 	REQUIRE_EQ(wpid, fpid);
4016 	ATF_REQUIRE(WIFSTOPPED(status));
4017 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
4018 
4019 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
4020 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SCE);
4021 	REQUIRE_EQ(pl.pl_syscall_code, (unsigned)SYS_kill);
4022 	REQUIRE_EQ(pl.pl_syscall_narg, 2u);
4023 
4024 	ATF_REQUIRE(ptrace(PT_GET_SC_ARGS, wpid, (caddr_t)args,
4025 	    sizeof(args)) != -1);
4026 	REQUIRE_EQ(args[0], wpid);
4027 	REQUIRE_EQ(args[1], 0);
4028 
4029 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
4030 
4031 	/*
4032 	 * The next stop should be the syscall exit from kill().
4033 	 */
4034 	wpid = waitpid(fpid, &status, 0);
4035 	REQUIRE_EQ(wpid, fpid);
4036 	ATF_REQUIRE(WIFSTOPPED(status));
4037 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
4038 
4039 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
4040 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SCX);
4041 	REQUIRE_EQ(pl.pl_syscall_code, (unsigned)SYS_kill);
4042 
4043 	ATF_REQUIRE(ptrace(PT_GET_SC_RET, wpid, (caddr_t)&psr,
4044 	    sizeof(psr)) != -1);
4045 	REQUIRE_EQ(psr.sr_error, 0);
4046 
4047 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
4048 
4049 	/*
4050 	 * The next stop should be the syscall entry from close().
4051 	 */
4052 	wpid = waitpid(fpid, &status, 0);
4053 	REQUIRE_EQ(wpid, fpid);
4054 	ATF_REQUIRE(WIFSTOPPED(status));
4055 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
4056 
4057 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
4058 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SCE);
4059 	REQUIRE_EQ(pl.pl_syscall_code, (unsigned)SYS_close);
4060 	REQUIRE_EQ(pl.pl_syscall_narg, 1u);
4061 
4062 	ATF_REQUIRE(ptrace(PT_GET_SC_ARGS, wpid, (caddr_t)args,
4063 	    sizeof(args)) != -1);
4064 	REQUIRE_EQ(args[0], 12345);
4065 
4066 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
4067 
4068 	/*
4069 	 * The next stop should be the syscall exit from close().
4070 	 */
4071 	wpid = waitpid(fpid, &status, 0);
4072 	REQUIRE_EQ(wpid, fpid);
4073 	ATF_REQUIRE(WIFSTOPPED(status));
4074 	REQUIRE_EQ(WSTOPSIG(status), SIGTRAP);
4075 
4076 	ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1);
4077 	ATF_REQUIRE(pl.pl_flags & PL_FLAG_SCX);
4078 	REQUIRE_EQ(pl.pl_syscall_code, (unsigned)SYS_close);
4079 
4080 	ATF_REQUIRE(ptrace(PT_GET_SC_RET, wpid, (caddr_t)&psr,
4081 	    sizeof(psr)) != -1);
4082 	REQUIRE_EQ(psr.sr_error, EBADF);
4083 
4084 	/* Disable syscall tracing and continue the child to let it exit. */
4085 	ATF_REQUIRE(ptrace(PT_GET_EVENT_MASK, fpid, (caddr_t)&events,
4086 	    sizeof(events)) == 0);
4087 	events &= ~PTRACE_SYSCALL;
4088 	ATF_REQUIRE(ptrace(PT_SET_EVENT_MASK, fpid, (caddr_t)&events,
4089 	    sizeof(events)) == 0);
4090 	REQUIRE_EQ(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0), 0);
4091 
4092 	/* The last event should be for the child process's exit. */
4093 	wpid = waitpid(fpid, &status, 0);
4094 	ATF_REQUIRE(WIFEXITED(status));
4095 	REQUIRE_EQ(WEXITSTATUS(status), 1);
4096 
4097 	wpid = wait(&status);
4098 	REQUIRE_EQ(wpid, -1);
4099 	REQUIRE_EQ(errno, ECHILD);
4100 }
4101 
4102 /*
4103  * Verify that when the process is traced that it isn't reparent
4104  * to the init process when we close all process descriptors.
4105  */
4106 ATF_TC(ptrace__proc_reparent);
4107 ATF_TC_HEAD(ptrace__proc_reparent, tc)
4108 {
4109 
4110 	atf_tc_set_md_var(tc, "timeout", "2");
4111 }
4112 ATF_TC_BODY(ptrace__proc_reparent, tc)
4113 {
4114 	pid_t traced, debuger, wpid;
4115 	int pd, status;
4116 
4117 	traced = pdfork(&pd, 0);
4118 	ATF_REQUIRE(traced >= 0);
4119 	if (traced == 0) {
4120 		raise(SIGSTOP);
4121 		exit(0);
4122 	}
4123 	ATF_REQUIRE(pd >= 0);
4124 
4125 	debuger = fork();
4126 	ATF_REQUIRE(debuger >= 0);
4127 	if (debuger == 0) {
4128 		/* The traced process is reparented to debuger. */
4129 		REQUIRE_EQ(ptrace(PT_ATTACH, traced, 0, 0), 0);
4130 		wpid = waitpid(traced, &status, 0);
4131 		REQUIRE_EQ(wpid, traced);
4132 		ATF_REQUIRE(WIFSTOPPED(status));
4133 		REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
4134 		REQUIRE_EQ(close(pd), 0);
4135 		REQUIRE_EQ(ptrace(PT_DETACH, traced, (caddr_t)1, 0), 0);
4136 
4137 		/* We closed pd so we should not have any child. */
4138 		wpid = wait(&status);
4139 		REQUIRE_EQ(wpid, -1);
4140 		REQUIRE_EQ(errno, ECHILD);
4141 
4142 		exit(0);
4143 	}
4144 
4145 	REQUIRE_EQ(close(pd), 0);
4146 	wpid = waitpid(debuger, &status, 0);
4147 	REQUIRE_EQ(wpid, debuger);
4148 	REQUIRE_EQ(WEXITSTATUS(status), 0);
4149 
4150 	/* Check if we still have any child. */
4151 	wpid = wait(&status);
4152 	REQUIRE_EQ(wpid, -1);
4153 	REQUIRE_EQ(errno, ECHILD);
4154 }
4155 
4156 /*
4157  * Ensure that traced processes created with pdfork(2) are visible to
4158  * waitid(P_ALL).
4159  */
4160 ATF_TC_WITHOUT_HEAD(ptrace__procdesc_wait_child);
4161 ATF_TC_BODY(ptrace__procdesc_wait_child, tc)
4162 {
4163 	pid_t child, wpid;
4164 	int pd, status;
4165 
4166 	child = pdfork(&pd, 0);
4167 	ATF_REQUIRE(child >= 0);
4168 
4169 	if (child == 0) {
4170 		trace_me();
4171 		(void)raise(SIGSTOP);
4172 		exit(0);
4173 	}
4174 
4175 	wpid = waitpid(child, &status, 0);
4176 	REQUIRE_EQ(wpid, child);
4177 	ATF_REQUIRE(WIFSTOPPED(status));
4178 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
4179 
4180 	ATF_REQUIRE(ptrace(PT_CONTINUE, child, (caddr_t)1, 0) != -1);
4181 
4182 	wpid = wait(&status);
4183 	REQUIRE_EQ(wpid, child);
4184 	ATF_REQUIRE(WIFSTOPPED(status));
4185 	REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
4186 
4187 	ATF_REQUIRE(ptrace(PT_CONTINUE, child, (caddr_t)1, 0) != -1);
4188 
4189 	/*
4190 	 * If process was created by pdfork, the return code have to
4191 	 * be collected through process descriptor.
4192 	 */
4193 	wpid = wait(&status);
4194 	REQUIRE_EQ(wpid, -1);
4195 	REQUIRE_EQ(errno, ECHILD);
4196 
4197 	ATF_REQUIRE(close(pd) != -1);
4198 }
4199 
4200 /*
4201  * Ensure that traced processes created with pdfork(2) are not visible
4202  * after returning to parent - waitid(P_ALL).
4203  */
4204 ATF_TC_WITHOUT_HEAD(ptrace__procdesc_reparent_wait_child);
4205 ATF_TC_BODY(ptrace__procdesc_reparent_wait_child, tc)
4206 {
4207 	pid_t traced, debuger, wpid;
4208 	int pd, status;
4209 
4210 	traced = pdfork(&pd, 0);
4211 	ATF_REQUIRE(traced >= 0);
4212 	if (traced == 0) {
4213 		raise(SIGSTOP);
4214 		exit(0);
4215 	}
4216 	ATF_REQUIRE(pd >= 0);
4217 
4218 	/* Wait until the child process has stopped before fork()ing again. */
4219 	REQUIRE_EQ(traced, waitpid(traced, &status, WSTOPPED));
4220 	debuger = fork();
4221 	ATF_REQUIRE(debuger >= 0);
4222 	if (debuger == 0) {
4223 		/* The traced process is reparented to debuger. */
4224 		REQUIRE_EQ(ptrace(PT_ATTACH, traced, 0, 0), 0);
4225 		wpid = waitpid(traced, &status, 0);
4226 		REQUIRE_EQ(wpid, traced);
4227 		ATF_REQUIRE(WIFSTOPPED(status));
4228 		REQUIRE_EQ(WSTOPSIG(status), SIGSTOP);
4229 
4230 		/* Allow process to die. */
4231 		REQUIRE_EQ(ptrace(PT_CONTINUE, traced, (caddr_t)1, 0), 0);
4232 		wpid = waitpid(traced, &status, 0);
4233 		REQUIRE_EQ(wpid, traced);
4234 		ATF_REQUIRE(WIFEXITED(status));
4235 		REQUIRE_EQ(WEXITSTATUS(status), 0);
4236 
4237 		/* Reparent back to the orginal process. */
4238 		REQUIRE_EQ(close(pd), 0);
4239 		exit(0);
4240 	}
4241 
4242 	wpid = waitpid(debuger, &status, 0);
4243 	REQUIRE_EQ(wpid, debuger);
4244 	REQUIRE_EQ(WEXITSTATUS(status), 0);
4245 
4246 	/*
4247 	 * We have a child but it has a process descriptori
4248 	 * so we should not be able to collect it process.
4249 	 */
4250 	wpid = wait(&status);
4251 	REQUIRE_EQ(wpid, -1);
4252 	REQUIRE_EQ(errno, ECHILD);
4253 
4254 	REQUIRE_EQ(close(pd), 0);
4255 }
4256 
4257 ATF_TP_ADD_TCS(tp)
4258 {
4259 
4260 	ATF_TP_ADD_TC(tp, ptrace__parent_wait_after_trace_me);
4261 	ATF_TP_ADD_TC(tp, ptrace__parent_wait_after_attach);
4262 	ATF_TP_ADD_TC(tp, ptrace__parent_sees_exit_after_child_debugger);
4263 	ATF_TP_ADD_TC(tp, ptrace__parent_sees_exit_after_unrelated_debugger);
4264 	ATF_TP_ADD_TC(tp, ptrace__parent_exits_before_child);
4265 	ATF_TP_ADD_TC(tp, ptrace__follow_fork_both_attached);
4266 	ATF_TP_ADD_TC(tp, ptrace__follow_fork_child_detached);
4267 	ATF_TP_ADD_TC(tp, ptrace__follow_fork_parent_detached);
4268 	ATF_TP_ADD_TC(tp, ptrace__follow_fork_both_attached_unrelated_debugger);
4269 	ATF_TP_ADD_TC(tp,
4270 	    ptrace__follow_fork_child_detached_unrelated_debugger);
4271 	ATF_TP_ADD_TC(tp,
4272 	    ptrace__follow_fork_parent_detached_unrelated_debugger);
4273 	ATF_TP_ADD_TC(tp, ptrace__getppid);
4274 	ATF_TP_ADD_TC(tp, ptrace__new_child_pl_syscall_code_fork);
4275 	ATF_TP_ADD_TC(tp, ptrace__new_child_pl_syscall_code_vfork);
4276 	ATF_TP_ADD_TC(tp, ptrace__new_child_pl_syscall_code_thread);
4277 	ATF_TP_ADD_TC(tp, ptrace__lwp_events);
4278 	ATF_TP_ADD_TC(tp, ptrace__lwp_events_exec);
4279 	ATF_TP_ADD_TC(tp, ptrace__siginfo);
4280 	ATF_TP_ADD_TC(tp, ptrace__ptrace_exec_disable);
4281 	ATF_TP_ADD_TC(tp, ptrace__ptrace_exec_enable);
4282 	ATF_TP_ADD_TC(tp, ptrace__event_mask);
4283 	ATF_TP_ADD_TC(tp, ptrace__ptrace_vfork);
4284 	ATF_TP_ADD_TC(tp, ptrace__ptrace_vfork_follow);
4285 #ifdef HAVE_BREAKPOINT
4286 	ATF_TP_ADD_TC(tp, ptrace__PT_KILL_breakpoint);
4287 #endif
4288 	ATF_TP_ADD_TC(tp, ptrace__PT_KILL_system_call);
4289 	ATF_TP_ADD_TC(tp, ptrace__PT_KILL_threads);
4290 	ATF_TP_ADD_TC(tp, ptrace__PT_KILL_competing_signal);
4291 	ATF_TP_ADD_TC(tp, ptrace__PT_KILL_competing_stop);
4292 	ATF_TP_ADD_TC(tp, ptrace__PT_KILL_with_signal_full_sigqueue);
4293 	ATF_TP_ADD_TC(tp, ptrace__PT_CONTINUE_with_signal_system_call_entry);
4294 	ATF_TP_ADD_TC(tp,
4295 	    ptrace__PT_CONTINUE_with_signal_system_call_entry_and_exit);
4296 	ATF_TP_ADD_TC(tp, ptrace__PT_CONTINUE_with_signal_full_sigqueue);
4297 	ATF_TP_ADD_TC(tp, ptrace__PT_CONTINUE_with_signal_masked_full_sigqueue);
4298 	ATF_TP_ADD_TC(tp, ptrace__PT_CONTINUE_change_sig);
4299 	ATF_TP_ADD_TC(tp, ptrace__PT_CONTINUE_with_sigtrap_system_call_entry);
4300 	ATF_TP_ADD_TC(tp, ptrace__PT_CONTINUE_with_signal_mix);
4301 	ATF_TP_ADD_TC(tp, ptrace__PT_CONTINUE_with_signal_kqueue);
4302 	ATF_TP_ADD_TC(tp, ptrace__killed_with_sigmask);
4303 	ATF_TP_ADD_TC(tp, ptrace__PT_CONTINUE_with_sigmask);
4304 	ATF_TP_ADD_TC(tp, ptrace__PT_CONTINUE_with_signal_thread_sigmask);
4305 	ATF_TP_ADD_TC(tp, ptrace__parent_terminate_with_pending_sigstop1);
4306 	ATF_TP_ADD_TC(tp, ptrace__parent_terminate_with_pending_sigstop2);
4307 	ATF_TP_ADD_TC(tp, ptrace__event_mask_sigkill_discard);
4308 	ATF_TP_ADD_TC(tp, ptrace__PT_ATTACH_with_SBDRY_thread);
4309 	ATF_TP_ADD_TC(tp, ptrace__PT_STEP_with_signal);
4310 #ifdef HAVE_BREAKPOINT
4311 	ATF_TP_ADD_TC(tp, ptrace__breakpoint_siginfo);
4312 #endif
4313 	ATF_TP_ADD_TC(tp, ptrace__step_siginfo);
4314 #if defined(HAVE_BREAKPOINT) && defined(SKIP_BREAK)
4315 	ATF_TP_ADD_TC(tp, ptrace__PT_CONTINUE_different_thread);
4316 #endif
4317 	ATF_TP_ADD_TC(tp, ptrace__PT_LWPINFO_stale_siginfo);
4318 	ATF_TP_ADD_TC(tp, ptrace__syscall_args);
4319 	ATF_TP_ADD_TC(tp, ptrace__proc_reparent);
4320 	ATF_TP_ADD_TC(tp, ptrace__procdesc_wait_child);
4321 	ATF_TP_ADD_TC(tp, ptrace__procdesc_reparent_wait_child);
4322 
4323 	return (atf_no_error());
4324 }
4325