1 /*- 2 * Copyright (c) 2015 John Baldwin <jhb@FreeBSD.org> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 */ 26 27 #include <sys/cdefs.h> 28 __FBSDID("$FreeBSD$"); 29 30 #include <sys/types.h> 31 #include <sys/ptrace.h> 32 #include <sys/syscall.h> 33 #include <sys/sysctl.h> 34 #include <sys/user.h> 35 #include <sys/wait.h> 36 #include <errno.h> 37 #include <pthread.h> 38 #include <signal.h> 39 #include <stdio.h> 40 #include <stdlib.h> 41 #include <unistd.h> 42 #include <atf-c.h> 43 44 /* 45 * A variant of ATF_REQUIRE that is suitable for use in child 46 * processes. This only works if the parent process is tripped up by 47 * the early exit and fails some requirement itself. 48 */ 49 #define CHILD_REQUIRE(exp) do { \ 50 if (!(exp)) \ 51 child_fail_require(__FILE__, __LINE__, \ 52 #exp " not met"); \ 53 } while (0) 54 55 static __dead2 void 56 child_fail_require(const char *file, int line, const char *str) 57 { 58 char buf[128]; 59 60 snprintf(buf, sizeof(buf), "%s:%d: %s\n", file, line, str); 61 write(2, buf, strlen(buf)); 62 _exit(32); 63 } 64 65 static void 66 trace_me(void) 67 { 68 69 /* Attach the parent process as a tracer of this process. */ 70 CHILD_REQUIRE(ptrace(PT_TRACE_ME, 0, NULL, 0) != -1); 71 72 /* Trigger a stop. */ 73 raise(SIGSTOP); 74 } 75 76 static void 77 attach_child(pid_t pid) 78 { 79 pid_t wpid; 80 int status; 81 82 ATF_REQUIRE(ptrace(PT_ATTACH, pid, NULL, 0) == 0); 83 84 wpid = waitpid(pid, &status, 0); 85 ATF_REQUIRE(wpid == pid); 86 ATF_REQUIRE(WIFSTOPPED(status)); 87 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP); 88 } 89 90 static void 91 wait_for_zombie(pid_t pid) 92 { 93 94 /* 95 * Wait for a process to exit. This is kind of gross, but 96 * there is not a better way. 97 */ 98 for (;;) { 99 struct kinfo_proc kp; 100 size_t len; 101 int mib[4]; 102 103 mib[0] = CTL_KERN; 104 mib[1] = KERN_PROC; 105 mib[2] = KERN_PROC_PID; 106 mib[3] = pid; 107 len = sizeof(kp); 108 if (sysctl(mib, nitems(mib), &kp, &len, NULL, 0) == -1) { 109 /* The KERN_PROC_PID sysctl fails for zombies. */ 110 ATF_REQUIRE(errno == ESRCH); 111 break; 112 } 113 usleep(5000); 114 } 115 } 116 117 /* 118 * Verify that a parent debugger process "sees" the exit of a debugged 119 * process exactly once when attached via PT_TRACE_ME. 120 */ 121 ATF_TC_WITHOUT_HEAD(ptrace__parent_wait_after_trace_me); 122 ATF_TC_BODY(ptrace__parent_wait_after_trace_me, tc) 123 { 124 pid_t child, wpid; 125 int status; 126 127 ATF_REQUIRE((child = fork()) != -1); 128 if (child == 0) { 129 /* Child process. */ 130 trace_me(); 131 132 _exit(1); 133 } 134 135 /* Parent process. */ 136 137 /* The first wait() should report the stop from SIGSTOP. */ 138 wpid = waitpid(child, &status, 0); 139 ATF_REQUIRE(wpid == child); 140 ATF_REQUIRE(WIFSTOPPED(status)); 141 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP); 142 143 /* Continue the child ignoring the SIGSTOP. */ 144 ATF_REQUIRE(ptrace(PT_CONTINUE, child, (caddr_t)1, 0) != -1); 145 146 /* The second wait() should report the exit status. */ 147 wpid = waitpid(child, &status, 0); 148 ATF_REQUIRE(wpid == child); 149 ATF_REQUIRE(WIFEXITED(status)); 150 ATF_REQUIRE(WEXITSTATUS(status) == 1); 151 152 /* The child should no longer exist. */ 153 wpid = waitpid(child, &status, 0); 154 ATF_REQUIRE(wpid == -1); 155 ATF_REQUIRE(errno == ECHILD); 156 } 157 158 /* 159 * Verify that a parent debugger process "sees" the exit of a debugged 160 * process exactly once when attached via PT_ATTACH. 161 */ 162 ATF_TC_WITHOUT_HEAD(ptrace__parent_wait_after_attach); 163 ATF_TC_BODY(ptrace__parent_wait_after_attach, tc) 164 { 165 pid_t child, wpid; 166 int cpipe[2], status; 167 char c; 168 169 ATF_REQUIRE(pipe(cpipe) == 0); 170 ATF_REQUIRE((child = fork()) != -1); 171 if (child == 0) { 172 /* Child process. */ 173 close(cpipe[0]); 174 175 /* Wait for the parent to attach. */ 176 CHILD_REQUIRE(read(cpipe[1], &c, sizeof(c)) == 0); 177 178 _exit(1); 179 } 180 close(cpipe[1]); 181 182 /* Parent process. */ 183 184 /* Attach to the child process. */ 185 attach_child(child); 186 187 /* Continue the child ignoring the SIGSTOP. */ 188 ATF_REQUIRE(ptrace(PT_CONTINUE, child, (caddr_t)1, 0) != -1); 189 190 /* Signal the child to exit. */ 191 close(cpipe[0]); 192 193 /* The second wait() should report the exit status. */ 194 wpid = waitpid(child, &status, 0); 195 ATF_REQUIRE(wpid == child); 196 ATF_REQUIRE(WIFEXITED(status)); 197 ATF_REQUIRE(WEXITSTATUS(status) == 1); 198 199 /* The child should no longer exist. */ 200 wpid = waitpid(child, &status, 0); 201 ATF_REQUIRE(wpid == -1); 202 ATF_REQUIRE(errno == ECHILD); 203 } 204 205 /* 206 * Verify that a parent process "sees" the exit of a debugged process only 207 * after the debugger has seen it. 208 */ 209 ATF_TC_WITHOUT_HEAD(ptrace__parent_sees_exit_after_child_debugger); 210 ATF_TC_BODY(ptrace__parent_sees_exit_after_child_debugger, tc) 211 { 212 pid_t child, debugger, wpid; 213 int cpipe[2], dpipe[2], status; 214 char c; 215 216 ATF_REQUIRE(pipe(cpipe) == 0); 217 ATF_REQUIRE((child = fork()) != -1); 218 219 if (child == 0) { 220 /* Child process. */ 221 close(cpipe[0]); 222 223 /* Wait for parent to be ready. */ 224 CHILD_REQUIRE(read(cpipe[1], &c, sizeof(c)) == sizeof(c)); 225 226 _exit(1); 227 } 228 close(cpipe[1]); 229 230 ATF_REQUIRE(pipe(dpipe) == 0); 231 ATF_REQUIRE((debugger = fork()) != -1); 232 233 if (debugger == 0) { 234 /* Debugger process. */ 235 close(dpipe[0]); 236 237 CHILD_REQUIRE(ptrace(PT_ATTACH, child, NULL, 0) != -1); 238 239 wpid = waitpid(child, &status, 0); 240 CHILD_REQUIRE(wpid == child); 241 CHILD_REQUIRE(WIFSTOPPED(status)); 242 CHILD_REQUIRE(WSTOPSIG(status) == SIGSTOP); 243 244 CHILD_REQUIRE(ptrace(PT_CONTINUE, child, (caddr_t)1, 0) != -1); 245 246 /* Signal parent that debugger is attached. */ 247 CHILD_REQUIRE(write(dpipe[1], &c, sizeof(c)) == sizeof(c)); 248 249 /* Wait for parent's failed wait. */ 250 CHILD_REQUIRE(read(dpipe[1], &c, sizeof(c)) == 0); 251 252 wpid = waitpid(child, &status, 0); 253 CHILD_REQUIRE(wpid == child); 254 CHILD_REQUIRE(WIFEXITED(status)); 255 CHILD_REQUIRE(WEXITSTATUS(status) == 1); 256 257 _exit(0); 258 } 259 close(dpipe[1]); 260 261 /* Parent process. */ 262 263 /* Wait for the debugger to attach to the child. */ 264 ATF_REQUIRE(read(dpipe[0], &c, sizeof(c)) == sizeof(c)); 265 266 /* Release the child. */ 267 ATF_REQUIRE(write(cpipe[0], &c, sizeof(c)) == sizeof(c)); 268 ATF_REQUIRE(read(cpipe[0], &c, sizeof(c)) == 0); 269 close(cpipe[0]); 270 271 wait_for_zombie(child); 272 273 /* 274 * This wait should return a pid of 0 to indicate no status to 275 * report. The parent should see the child as non-exited 276 * until the debugger sees the exit. 277 */ 278 wpid = waitpid(child, &status, WNOHANG); 279 ATF_REQUIRE(wpid == 0); 280 281 /* Signal the debugger to wait for the child. */ 282 close(dpipe[0]); 283 284 /* Wait for the debugger. */ 285 wpid = waitpid(debugger, &status, 0); 286 ATF_REQUIRE(wpid == debugger); 287 ATF_REQUIRE(WIFEXITED(status)); 288 ATF_REQUIRE(WEXITSTATUS(status) == 0); 289 290 /* The child process should now be ready. */ 291 wpid = waitpid(child, &status, WNOHANG); 292 ATF_REQUIRE(wpid == child); 293 ATF_REQUIRE(WIFEXITED(status)); 294 ATF_REQUIRE(WEXITSTATUS(status) == 1); 295 } 296 297 /* 298 * Verify that a parent process "sees" the exit of a debugged process 299 * only after a non-direct-child debugger has seen it. In particular, 300 * various wait() calls in the parent must avoid failing with ESRCH by 301 * checking the parent's orphan list for the debugee. 302 */ 303 ATF_TC_WITHOUT_HEAD(ptrace__parent_sees_exit_after_unrelated_debugger); 304 ATF_TC_BODY(ptrace__parent_sees_exit_after_unrelated_debugger, tc) 305 { 306 pid_t child, debugger, fpid, wpid; 307 int cpipe[2], dpipe[2], status; 308 char c; 309 310 ATF_REQUIRE(pipe(cpipe) == 0); 311 ATF_REQUIRE((child = fork()) != -1); 312 313 if (child == 0) { 314 /* Child process. */ 315 close(cpipe[0]); 316 317 /* Wait for parent to be ready. */ 318 CHILD_REQUIRE(read(cpipe[1], &c, sizeof(c)) == sizeof(c)); 319 320 _exit(1); 321 } 322 close(cpipe[1]); 323 324 ATF_REQUIRE(pipe(dpipe) == 0); 325 ATF_REQUIRE((debugger = fork()) != -1); 326 327 if (debugger == 0) { 328 /* Debugger parent. */ 329 330 /* 331 * Fork again and drop the debugger parent so that the 332 * debugger is not a child of the main parent. 333 */ 334 CHILD_REQUIRE((fpid = fork()) != -1); 335 if (fpid != 0) 336 _exit(2); 337 338 /* Debugger process. */ 339 close(dpipe[0]); 340 341 CHILD_REQUIRE(ptrace(PT_ATTACH, child, NULL, 0) != -1); 342 343 wpid = waitpid(child, &status, 0); 344 CHILD_REQUIRE(wpid == child); 345 CHILD_REQUIRE(WIFSTOPPED(status)); 346 CHILD_REQUIRE(WSTOPSIG(status) == SIGSTOP); 347 348 CHILD_REQUIRE(ptrace(PT_CONTINUE, child, (caddr_t)1, 0) != -1); 349 350 /* Signal parent that debugger is attached. */ 351 CHILD_REQUIRE(write(dpipe[1], &c, sizeof(c)) == sizeof(c)); 352 353 /* Wait for parent's failed wait. */ 354 CHILD_REQUIRE(read(dpipe[1], &c, sizeof(c)) == sizeof(c)); 355 356 wpid = waitpid(child, &status, 0); 357 CHILD_REQUIRE(wpid == child); 358 CHILD_REQUIRE(WIFEXITED(status)); 359 CHILD_REQUIRE(WEXITSTATUS(status) == 1); 360 361 _exit(0); 362 } 363 close(dpipe[1]); 364 365 /* Parent process. */ 366 367 /* Wait for the debugger parent process to exit. */ 368 wpid = waitpid(debugger, &status, 0); 369 ATF_REQUIRE(wpid == debugger); 370 ATF_REQUIRE(WIFEXITED(status)); 371 ATF_REQUIRE(WEXITSTATUS(status) == 2); 372 373 /* A WNOHANG wait here should see the non-exited child. */ 374 wpid = waitpid(child, &status, WNOHANG); 375 ATF_REQUIRE(wpid == 0); 376 377 /* Wait for the debugger to attach to the child. */ 378 ATF_REQUIRE(read(dpipe[0], &c, sizeof(c)) == sizeof(c)); 379 380 /* Release the child. */ 381 ATF_REQUIRE(write(cpipe[0], &c, sizeof(c)) == sizeof(c)); 382 ATF_REQUIRE(read(cpipe[0], &c, sizeof(c)) == 0); 383 close(cpipe[0]); 384 385 wait_for_zombie(child); 386 387 /* 388 * This wait should return a pid of 0 to indicate no status to 389 * report. The parent should see the child as non-exited 390 * until the debugger sees the exit. 391 */ 392 wpid = waitpid(child, &status, WNOHANG); 393 ATF_REQUIRE(wpid == 0); 394 395 /* Signal the debugger to wait for the child. */ 396 ATF_REQUIRE(write(dpipe[0], &c, sizeof(c)) == sizeof(c)); 397 398 /* Wait for the debugger. */ 399 ATF_REQUIRE(read(dpipe[0], &c, sizeof(c)) == 0); 400 close(dpipe[0]); 401 402 /* The child process should now be ready. */ 403 wpid = waitpid(child, &status, WNOHANG); 404 ATF_REQUIRE(wpid == child); 405 ATF_REQUIRE(WIFEXITED(status)); 406 ATF_REQUIRE(WEXITSTATUS(status) == 1); 407 } 408 409 /* 410 * The parent process should always act the same regardless of how the 411 * debugger is attached to it. 412 */ 413 static __dead2 void 414 follow_fork_parent(bool use_vfork) 415 { 416 pid_t fpid, wpid; 417 int status; 418 419 if (use_vfork) 420 CHILD_REQUIRE((fpid = vfork()) != -1); 421 else 422 CHILD_REQUIRE((fpid = fork()) != -1); 423 424 if (fpid == 0) 425 /* Child */ 426 _exit(2); 427 428 wpid = waitpid(fpid, &status, 0); 429 CHILD_REQUIRE(wpid == fpid); 430 CHILD_REQUIRE(WIFEXITED(status)); 431 CHILD_REQUIRE(WEXITSTATUS(status) == 2); 432 433 _exit(1); 434 } 435 436 /* 437 * Helper routine for follow fork tests. This waits for two stops 438 * that report both "sides" of a fork. It returns the pid of the new 439 * child process. 440 */ 441 static pid_t 442 handle_fork_events(pid_t parent, struct ptrace_lwpinfo *ppl) 443 { 444 struct ptrace_lwpinfo pl; 445 bool fork_reported[2]; 446 pid_t child, wpid; 447 int i, status; 448 449 fork_reported[0] = false; 450 fork_reported[1] = false; 451 child = -1; 452 453 /* 454 * Each process should report a fork event. The parent should 455 * report a PL_FLAG_FORKED event, and the child should report 456 * a PL_FLAG_CHILD event. 457 */ 458 for (i = 0; i < 2; i++) { 459 wpid = wait(&status); 460 ATF_REQUIRE(wpid > 0); 461 ATF_REQUIRE(WIFSTOPPED(status)); 462 463 ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, 464 sizeof(pl)) != -1); 465 ATF_REQUIRE((pl.pl_flags & (PL_FLAG_FORKED | PL_FLAG_CHILD)) != 466 0); 467 ATF_REQUIRE((pl.pl_flags & (PL_FLAG_FORKED | PL_FLAG_CHILD)) != 468 (PL_FLAG_FORKED | PL_FLAG_CHILD)); 469 if (pl.pl_flags & PL_FLAG_CHILD) { 470 ATF_REQUIRE(wpid != parent); 471 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP); 472 ATF_REQUIRE(!fork_reported[1]); 473 if (child == -1) 474 child = wpid; 475 else 476 ATF_REQUIRE(child == wpid); 477 if (ppl != NULL) 478 ppl[1] = pl; 479 fork_reported[1] = true; 480 } else { 481 ATF_REQUIRE(wpid == parent); 482 ATF_REQUIRE(WSTOPSIG(status) == SIGTRAP); 483 ATF_REQUIRE(!fork_reported[0]); 484 if (child == -1) 485 child = pl.pl_child_pid; 486 else 487 ATF_REQUIRE(child == pl.pl_child_pid); 488 if (ppl != NULL) 489 ppl[0] = pl; 490 fork_reported[0] = true; 491 } 492 } 493 494 return (child); 495 } 496 497 /* 498 * Verify that a new child process is stopped after a followed fork and 499 * that the traced parent sees the exit of the child after the debugger 500 * when both processes remain attached to the debugger. 501 */ 502 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_both_attached); 503 ATF_TC_BODY(ptrace__follow_fork_both_attached, tc) 504 { 505 pid_t children[2], fpid, wpid; 506 int status; 507 508 ATF_REQUIRE((fpid = fork()) != -1); 509 if (fpid == 0) { 510 trace_me(); 511 follow_fork_parent(false); 512 } 513 514 /* Parent process. */ 515 children[0] = fpid; 516 517 /* The first wait() should report the stop from SIGSTOP. */ 518 wpid = waitpid(children[0], &status, 0); 519 ATF_REQUIRE(wpid == children[0]); 520 ATF_REQUIRE(WIFSTOPPED(status)); 521 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP); 522 523 ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1); 524 525 /* Continue the child ignoring the SIGSTOP. */ 526 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1); 527 528 children[1] = handle_fork_events(children[0], NULL); 529 ATF_REQUIRE(children[1] > 0); 530 531 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1); 532 ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1); 533 534 /* 535 * The child can't exit until the grandchild reports status, so the 536 * grandchild should report its exit first to the debugger. 537 */ 538 wpid = wait(&status); 539 ATF_REQUIRE(wpid == children[1]); 540 ATF_REQUIRE(WIFEXITED(status)); 541 ATF_REQUIRE(WEXITSTATUS(status) == 2); 542 543 wpid = wait(&status); 544 ATF_REQUIRE(wpid == children[0]); 545 ATF_REQUIRE(WIFEXITED(status)); 546 ATF_REQUIRE(WEXITSTATUS(status) == 1); 547 548 wpid = wait(&status); 549 ATF_REQUIRE(wpid == -1); 550 ATF_REQUIRE(errno == ECHILD); 551 } 552 553 /* 554 * Verify that a new child process is stopped after a followed fork 555 * and that the traced parent sees the exit of the child when the new 556 * child process is detached after it reports its fork. 557 */ 558 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_child_detached); 559 ATF_TC_BODY(ptrace__follow_fork_child_detached, tc) 560 { 561 pid_t children[2], fpid, wpid; 562 int status; 563 564 ATF_REQUIRE((fpid = fork()) != -1); 565 if (fpid == 0) { 566 trace_me(); 567 follow_fork_parent(false); 568 } 569 570 /* Parent process. */ 571 children[0] = fpid; 572 573 /* The first wait() should report the stop from SIGSTOP. */ 574 wpid = waitpid(children[0], &status, 0); 575 ATF_REQUIRE(wpid == children[0]); 576 ATF_REQUIRE(WIFSTOPPED(status)); 577 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP); 578 579 ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1); 580 581 /* Continue the child ignoring the SIGSTOP. */ 582 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1); 583 584 children[1] = handle_fork_events(children[0], NULL); 585 ATF_REQUIRE(children[1] > 0); 586 587 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1); 588 ATF_REQUIRE(ptrace(PT_DETACH, children[1], (caddr_t)1, 0) != -1); 589 590 /* 591 * Should not see any status from the grandchild now, only the 592 * child. 593 */ 594 wpid = wait(&status); 595 ATF_REQUIRE(wpid == children[0]); 596 ATF_REQUIRE(WIFEXITED(status)); 597 ATF_REQUIRE(WEXITSTATUS(status) == 1); 598 599 wpid = wait(&status); 600 ATF_REQUIRE(wpid == -1); 601 ATF_REQUIRE(errno == ECHILD); 602 } 603 604 /* 605 * Verify that a new child process is stopped after a followed fork 606 * and that the traced parent sees the exit of the child when the 607 * traced parent is detached after the fork. 608 */ 609 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_parent_detached); 610 ATF_TC_BODY(ptrace__follow_fork_parent_detached, tc) 611 { 612 pid_t children[2], fpid, wpid; 613 int status; 614 615 ATF_REQUIRE((fpid = fork()) != -1); 616 if (fpid == 0) { 617 trace_me(); 618 follow_fork_parent(false); 619 } 620 621 /* Parent process. */ 622 children[0] = fpid; 623 624 /* The first wait() should report the stop from SIGSTOP. */ 625 wpid = waitpid(children[0], &status, 0); 626 ATF_REQUIRE(wpid == children[0]); 627 ATF_REQUIRE(WIFSTOPPED(status)); 628 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP); 629 630 ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1); 631 632 /* Continue the child ignoring the SIGSTOP. */ 633 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1); 634 635 children[1] = handle_fork_events(children[0], NULL); 636 ATF_REQUIRE(children[1] > 0); 637 638 ATF_REQUIRE(ptrace(PT_DETACH, children[0], (caddr_t)1, 0) != -1); 639 ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1); 640 641 /* 642 * The child can't exit until the grandchild reports status, so the 643 * grandchild should report its exit first to the debugger. 644 * 645 * Even though the child process is detached, it is still a 646 * child of the debugger, so it will still report it's exit 647 * after the grandchild. 648 */ 649 wpid = wait(&status); 650 ATF_REQUIRE(wpid == children[1]); 651 ATF_REQUIRE(WIFEXITED(status)); 652 ATF_REQUIRE(WEXITSTATUS(status) == 2); 653 654 wpid = wait(&status); 655 ATF_REQUIRE(wpid == children[0]); 656 ATF_REQUIRE(WIFEXITED(status)); 657 ATF_REQUIRE(WEXITSTATUS(status) == 1); 658 659 wpid = wait(&status); 660 ATF_REQUIRE(wpid == -1); 661 ATF_REQUIRE(errno == ECHILD); 662 } 663 664 static void 665 attach_fork_parent(int cpipe[2]) 666 { 667 pid_t fpid; 668 669 close(cpipe[0]); 670 671 /* Double-fork to disassociate from the debugger. */ 672 CHILD_REQUIRE((fpid = fork()) != -1); 673 if (fpid != 0) 674 _exit(3); 675 676 /* Send the pid of the disassociated child to the debugger. */ 677 fpid = getpid(); 678 CHILD_REQUIRE(write(cpipe[1], &fpid, sizeof(fpid)) == sizeof(fpid)); 679 680 /* Wait for the debugger to attach. */ 681 CHILD_REQUIRE(read(cpipe[1], &fpid, sizeof(fpid)) == 0); 682 } 683 684 /* 685 * Verify that a new child process is stopped after a followed fork and 686 * that the traced parent sees the exit of the child after the debugger 687 * when both processes remain attached to the debugger. In this test 688 * the parent that forks is not a direct child of the debugger. 689 */ 690 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_both_attached_unrelated_debugger); 691 ATF_TC_BODY(ptrace__follow_fork_both_attached_unrelated_debugger, tc) 692 { 693 pid_t children[2], fpid, wpid; 694 int cpipe[2], status; 695 696 ATF_REQUIRE(pipe(cpipe) == 0); 697 ATF_REQUIRE((fpid = fork()) != -1); 698 if (fpid == 0) { 699 attach_fork_parent(cpipe); 700 follow_fork_parent(false); 701 } 702 703 /* Parent process. */ 704 close(cpipe[1]); 705 706 /* Wait for the direct child to exit. */ 707 wpid = waitpid(fpid, &status, 0); 708 ATF_REQUIRE(wpid == fpid); 709 ATF_REQUIRE(WIFEXITED(status)); 710 ATF_REQUIRE(WEXITSTATUS(status) == 3); 711 712 /* Read the pid of the fork parent. */ 713 ATF_REQUIRE(read(cpipe[0], &children[0], sizeof(children[0])) == 714 sizeof(children[0])); 715 716 /* Attach to the fork parent. */ 717 attach_child(children[0]); 718 719 ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1); 720 721 /* Continue the fork parent ignoring the SIGSTOP. */ 722 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1); 723 724 /* Signal the fork parent to continue. */ 725 close(cpipe[0]); 726 727 children[1] = handle_fork_events(children[0], NULL); 728 ATF_REQUIRE(children[1] > 0); 729 730 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1); 731 ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1); 732 733 /* 734 * The fork parent can't exit until the child reports status, 735 * so the child should report its exit first to the debugger. 736 */ 737 wpid = wait(&status); 738 ATF_REQUIRE(wpid == children[1]); 739 ATF_REQUIRE(WIFEXITED(status)); 740 ATF_REQUIRE(WEXITSTATUS(status) == 2); 741 742 wpid = wait(&status); 743 ATF_REQUIRE(wpid == children[0]); 744 ATF_REQUIRE(WIFEXITED(status)); 745 ATF_REQUIRE(WEXITSTATUS(status) == 1); 746 747 wpid = wait(&status); 748 ATF_REQUIRE(wpid == -1); 749 ATF_REQUIRE(errno == ECHILD); 750 } 751 752 /* 753 * Verify that a new child process is stopped after a followed fork 754 * and that the traced parent sees the exit of the child when the new 755 * child process is detached after it reports its fork. In this test 756 * the parent that forks is not a direct child of the debugger. 757 */ 758 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_child_detached_unrelated_debugger); 759 ATF_TC_BODY(ptrace__follow_fork_child_detached_unrelated_debugger, tc) 760 { 761 pid_t children[2], fpid, wpid; 762 int cpipe[2], status; 763 764 ATF_REQUIRE(pipe(cpipe) == 0); 765 ATF_REQUIRE((fpid = fork()) != -1); 766 if (fpid == 0) { 767 attach_fork_parent(cpipe); 768 follow_fork_parent(false); 769 } 770 771 /* Parent process. */ 772 close(cpipe[1]); 773 774 /* Wait for the direct child to exit. */ 775 wpid = waitpid(fpid, &status, 0); 776 ATF_REQUIRE(wpid == fpid); 777 ATF_REQUIRE(WIFEXITED(status)); 778 ATF_REQUIRE(WEXITSTATUS(status) == 3); 779 780 /* Read the pid of the fork parent. */ 781 ATF_REQUIRE(read(cpipe[0], &children[0], sizeof(children[0])) == 782 sizeof(children[0])); 783 784 /* Attach to the fork parent. */ 785 attach_child(children[0]); 786 787 ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1); 788 789 /* Continue the fork parent ignoring the SIGSTOP. */ 790 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1); 791 792 /* Signal the fork parent to continue. */ 793 close(cpipe[0]); 794 795 children[1] = handle_fork_events(children[0], NULL); 796 ATF_REQUIRE(children[1] > 0); 797 798 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1); 799 ATF_REQUIRE(ptrace(PT_DETACH, children[1], (caddr_t)1, 0) != -1); 800 801 /* 802 * Should not see any status from the child now, only the fork 803 * parent. 804 */ 805 wpid = wait(&status); 806 ATF_REQUIRE(wpid == children[0]); 807 ATF_REQUIRE(WIFEXITED(status)); 808 ATF_REQUIRE(WEXITSTATUS(status) == 1); 809 810 wpid = wait(&status); 811 ATF_REQUIRE(wpid == -1); 812 ATF_REQUIRE(errno == ECHILD); 813 } 814 815 /* 816 * Verify that a new child process is stopped after a followed fork 817 * and that the traced parent sees the exit of the child when the 818 * traced parent is detached after the fork. In this test the parent 819 * that forks is not a direct child of the debugger. 820 */ 821 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_parent_detached_unrelated_debugger); 822 ATF_TC_BODY(ptrace__follow_fork_parent_detached_unrelated_debugger, tc) 823 { 824 pid_t children[2], fpid, wpid; 825 int cpipe[2], status; 826 827 ATF_REQUIRE(pipe(cpipe) == 0); 828 ATF_REQUIRE((fpid = fork()) != -1); 829 if (fpid == 0) { 830 attach_fork_parent(cpipe); 831 follow_fork_parent(false); 832 } 833 834 /* Parent process. */ 835 close(cpipe[1]); 836 837 /* Wait for the direct child to exit. */ 838 wpid = waitpid(fpid, &status, 0); 839 ATF_REQUIRE(wpid == fpid); 840 ATF_REQUIRE(WIFEXITED(status)); 841 ATF_REQUIRE(WEXITSTATUS(status) == 3); 842 843 /* Read the pid of the fork parent. */ 844 ATF_REQUIRE(read(cpipe[0], &children[0], sizeof(children[0])) == 845 sizeof(children[0])); 846 847 /* Attach to the fork parent. */ 848 attach_child(children[0]); 849 850 ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1); 851 852 /* Continue the fork parent ignoring the SIGSTOP. */ 853 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1); 854 855 /* Signal the fork parent to continue. */ 856 close(cpipe[0]); 857 858 children[1] = handle_fork_events(children[0], NULL); 859 ATF_REQUIRE(children[1] > 0); 860 861 ATF_REQUIRE(ptrace(PT_DETACH, children[0], (caddr_t)1, 0) != -1); 862 ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1); 863 864 /* 865 * Should not see any status from the fork parent now, only 866 * the child. 867 */ 868 wpid = wait(&status); 869 ATF_REQUIRE(wpid == children[1]); 870 ATF_REQUIRE(WIFEXITED(status)); 871 ATF_REQUIRE(WEXITSTATUS(status) == 2); 872 873 wpid = wait(&status); 874 ATF_REQUIRE(wpid == -1); 875 ATF_REQUIRE(errno == ECHILD); 876 } 877 878 /* 879 * Verify that a child process does not see an unrelated debugger as its 880 * parent but sees its original parent process. 881 */ 882 ATF_TC_WITHOUT_HEAD(ptrace__getppid); 883 ATF_TC_BODY(ptrace__getppid, tc) 884 { 885 pid_t child, debugger, ppid, wpid; 886 int cpipe[2], dpipe[2], status; 887 char c; 888 889 ATF_REQUIRE(pipe(cpipe) == 0); 890 ATF_REQUIRE((child = fork()) != -1); 891 892 if (child == 0) { 893 /* Child process. */ 894 close(cpipe[0]); 895 896 /* Wait for parent to be ready. */ 897 CHILD_REQUIRE(read(cpipe[1], &c, sizeof(c)) == sizeof(c)); 898 899 /* Report the parent PID to the parent. */ 900 ppid = getppid(); 901 CHILD_REQUIRE(write(cpipe[1], &ppid, sizeof(ppid)) == 902 sizeof(ppid)); 903 904 _exit(1); 905 } 906 close(cpipe[1]); 907 908 ATF_REQUIRE(pipe(dpipe) == 0); 909 ATF_REQUIRE((debugger = fork()) != -1); 910 911 if (debugger == 0) { 912 /* Debugger process. */ 913 close(dpipe[0]); 914 915 CHILD_REQUIRE(ptrace(PT_ATTACH, child, NULL, 0) != -1); 916 917 wpid = waitpid(child, &status, 0); 918 CHILD_REQUIRE(wpid == child); 919 CHILD_REQUIRE(WIFSTOPPED(status)); 920 CHILD_REQUIRE(WSTOPSIG(status) == SIGSTOP); 921 922 CHILD_REQUIRE(ptrace(PT_CONTINUE, child, (caddr_t)1, 0) != -1); 923 924 /* Signal parent that debugger is attached. */ 925 CHILD_REQUIRE(write(dpipe[1], &c, sizeof(c)) == sizeof(c)); 926 927 /* Wait for traced child to exit. */ 928 wpid = waitpid(child, &status, 0); 929 CHILD_REQUIRE(wpid == child); 930 CHILD_REQUIRE(WIFEXITED(status)); 931 CHILD_REQUIRE(WEXITSTATUS(status) == 1); 932 933 _exit(0); 934 } 935 close(dpipe[1]); 936 937 /* Parent process. */ 938 939 /* Wait for the debugger to attach to the child. */ 940 ATF_REQUIRE(read(dpipe[0], &c, sizeof(c)) == sizeof(c)); 941 942 /* Release the child. */ 943 ATF_REQUIRE(write(cpipe[0], &c, sizeof(c)) == sizeof(c)); 944 945 /* Read the parent PID from the child. */ 946 ATF_REQUIRE(read(cpipe[0], &ppid, sizeof(ppid)) == sizeof(ppid)); 947 close(cpipe[0]); 948 949 ATF_REQUIRE(ppid == getpid()); 950 951 /* Wait for the debugger. */ 952 wpid = waitpid(debugger, &status, 0); 953 ATF_REQUIRE(wpid == debugger); 954 ATF_REQUIRE(WIFEXITED(status)); 955 ATF_REQUIRE(WEXITSTATUS(status) == 0); 956 957 /* The child process should now be ready. */ 958 wpid = waitpid(child, &status, WNOHANG); 959 ATF_REQUIRE(wpid == child); 960 ATF_REQUIRE(WIFEXITED(status)); 961 ATF_REQUIRE(WEXITSTATUS(status) == 1); 962 } 963 964 /* 965 * Verify that pl_syscall_code in struct ptrace_lwpinfo for a new 966 * child process created via fork() reports the correct value. 967 */ 968 ATF_TC_WITHOUT_HEAD(ptrace__new_child_pl_syscall_code_fork); 969 ATF_TC_BODY(ptrace__new_child_pl_syscall_code_fork, tc) 970 { 971 struct ptrace_lwpinfo pl[2]; 972 pid_t children[2], fpid, wpid; 973 int status; 974 975 ATF_REQUIRE((fpid = fork()) != -1); 976 if (fpid == 0) { 977 trace_me(); 978 follow_fork_parent(false); 979 } 980 981 /* Parent process. */ 982 children[0] = fpid; 983 984 /* The first wait() should report the stop from SIGSTOP. */ 985 wpid = waitpid(children[0], &status, 0); 986 ATF_REQUIRE(wpid == children[0]); 987 ATF_REQUIRE(WIFSTOPPED(status)); 988 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP); 989 990 ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1); 991 992 /* Continue the child ignoring the SIGSTOP. */ 993 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1); 994 995 /* Wait for both halves of the fork event to get reported. */ 996 children[1] = handle_fork_events(children[0], pl); 997 ATF_REQUIRE(children[1] > 0); 998 999 ATF_REQUIRE((pl[0].pl_flags & PL_FLAG_SCX) != 0); 1000 ATF_REQUIRE((pl[1].pl_flags & PL_FLAG_SCX) != 0); 1001 ATF_REQUIRE(pl[0].pl_syscall_code == SYS_fork); 1002 ATF_REQUIRE(pl[0].pl_syscall_code == pl[1].pl_syscall_code); 1003 ATF_REQUIRE(pl[0].pl_syscall_narg == pl[1].pl_syscall_narg); 1004 1005 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1); 1006 ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1); 1007 1008 /* 1009 * The child can't exit until the grandchild reports status, so the 1010 * grandchild should report its exit first to the debugger. 1011 */ 1012 wpid = wait(&status); 1013 ATF_REQUIRE(wpid == children[1]); 1014 ATF_REQUIRE(WIFEXITED(status)); 1015 ATF_REQUIRE(WEXITSTATUS(status) == 2); 1016 1017 wpid = wait(&status); 1018 ATF_REQUIRE(wpid == children[0]); 1019 ATF_REQUIRE(WIFEXITED(status)); 1020 ATF_REQUIRE(WEXITSTATUS(status) == 1); 1021 1022 wpid = wait(&status); 1023 ATF_REQUIRE(wpid == -1); 1024 ATF_REQUIRE(errno == ECHILD); 1025 } 1026 1027 /* 1028 * Verify that pl_syscall_code in struct ptrace_lwpinfo for a new 1029 * child process created via vfork() reports the correct value. 1030 */ 1031 ATF_TC_WITHOUT_HEAD(ptrace__new_child_pl_syscall_code_vfork); 1032 ATF_TC_BODY(ptrace__new_child_pl_syscall_code_vfork, tc) 1033 { 1034 struct ptrace_lwpinfo pl[2]; 1035 pid_t children[2], fpid, wpid; 1036 int status; 1037 1038 ATF_REQUIRE((fpid = fork()) != -1); 1039 if (fpid == 0) { 1040 trace_me(); 1041 follow_fork_parent(true); 1042 } 1043 1044 /* Parent process. */ 1045 children[0] = fpid; 1046 1047 /* The first wait() should report the stop from SIGSTOP. */ 1048 wpid = waitpid(children[0], &status, 0); 1049 ATF_REQUIRE(wpid == children[0]); 1050 ATF_REQUIRE(WIFSTOPPED(status)); 1051 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP); 1052 1053 ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1); 1054 1055 /* Continue the child ignoring the SIGSTOP. */ 1056 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1); 1057 1058 /* Wait for both halves of the fork event to get reported. */ 1059 children[1] = handle_fork_events(children[0], pl); 1060 ATF_REQUIRE(children[1] > 0); 1061 1062 ATF_REQUIRE((pl[0].pl_flags & PL_FLAG_SCX) != 0); 1063 ATF_REQUIRE((pl[1].pl_flags & PL_FLAG_SCX) != 0); 1064 ATF_REQUIRE(pl[0].pl_syscall_code == SYS_vfork); 1065 ATF_REQUIRE(pl[0].pl_syscall_code == pl[1].pl_syscall_code); 1066 ATF_REQUIRE(pl[0].pl_syscall_narg == pl[1].pl_syscall_narg); 1067 1068 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1); 1069 ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1); 1070 1071 /* 1072 * The child can't exit until the grandchild reports status, so the 1073 * grandchild should report its exit first to the debugger. 1074 */ 1075 wpid = wait(&status); 1076 ATF_REQUIRE(wpid == children[1]); 1077 ATF_REQUIRE(WIFEXITED(status)); 1078 ATF_REQUIRE(WEXITSTATUS(status) == 2); 1079 1080 wpid = wait(&status); 1081 ATF_REQUIRE(wpid == children[0]); 1082 ATF_REQUIRE(WIFEXITED(status)); 1083 ATF_REQUIRE(WEXITSTATUS(status) == 1); 1084 1085 wpid = wait(&status); 1086 ATF_REQUIRE(wpid == -1); 1087 ATF_REQUIRE(errno == ECHILD); 1088 } 1089 1090 static void * 1091 simple_thread(void *arg __unused) 1092 { 1093 1094 pthread_exit(NULL); 1095 } 1096 1097 static __dead2 void 1098 simple_thread_main(void) 1099 { 1100 pthread_t thread; 1101 1102 CHILD_REQUIRE(pthread_create(&thread, NULL, simple_thread, NULL) == 0); 1103 CHILD_REQUIRE(pthread_join(thread, NULL) == 0); 1104 exit(1); 1105 } 1106 1107 /* 1108 * Verify that pl_syscall_code in struct ptrace_lwpinfo for a new 1109 * thread reports the correct value. 1110 */ 1111 ATF_TC_WITHOUT_HEAD(ptrace__new_child_pl_syscall_code_thread); 1112 ATF_TC_BODY(ptrace__new_child_pl_syscall_code_thread, tc) 1113 { 1114 struct ptrace_lwpinfo pl; 1115 pid_t fpid, wpid; 1116 lwpid_t mainlwp; 1117 int status; 1118 1119 ATF_REQUIRE((fpid = fork()) != -1); 1120 if (fpid == 0) { 1121 trace_me(); 1122 simple_thread_main(); 1123 } 1124 1125 /* The first wait() should report the stop from SIGSTOP. */ 1126 wpid = waitpid(fpid, &status, 0); 1127 ATF_REQUIRE(wpid == fpid); 1128 ATF_REQUIRE(WIFSTOPPED(status)); 1129 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP); 1130 1131 ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, 1132 sizeof(pl)) != -1); 1133 mainlwp = pl.pl_lwpid; 1134 1135 /* 1136 * Continue the child ignoring the SIGSTOP and tracing all 1137 * system call exits. 1138 */ 1139 ATF_REQUIRE(ptrace(PT_TO_SCX, fpid, (caddr_t)1, 0) != -1); 1140 1141 /* 1142 * Wait for the new thread to arrive. pthread_create() might 1143 * invoke any number of system calls. For now we just wait 1144 * for the new thread to arrive and make sure it reports a 1145 * valid system call code. If ptrace grows thread event 1146 * reporting then this test can be made more precise. 1147 */ 1148 for (;;) { 1149 wpid = waitpid(fpid, &status, 0); 1150 ATF_REQUIRE(wpid == fpid); 1151 ATF_REQUIRE(WIFSTOPPED(status)); 1152 ATF_REQUIRE(WSTOPSIG(status) == SIGTRAP); 1153 1154 ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, 1155 sizeof(pl)) != -1); 1156 ATF_REQUIRE((pl.pl_flags & PL_FLAG_SCX) != 0); 1157 ATF_REQUIRE(pl.pl_syscall_code != 0); 1158 if (pl.pl_lwpid != mainlwp) 1159 /* New thread seen. */ 1160 break; 1161 1162 ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0) == 0); 1163 } 1164 1165 /* Wait for the child to exit. */ 1166 ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0) == 0); 1167 for (;;) { 1168 wpid = waitpid(fpid, &status, 0); 1169 ATF_REQUIRE(wpid == fpid); 1170 if (WIFEXITED(status)) 1171 break; 1172 1173 ATF_REQUIRE(WIFSTOPPED(status)); 1174 ATF_REQUIRE(WSTOPSIG(status) == SIGTRAP); 1175 ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0) == 0); 1176 } 1177 1178 ATF_REQUIRE(WEXITSTATUS(status) == 1); 1179 1180 wpid = wait(&status); 1181 ATF_REQUIRE(wpid == -1); 1182 ATF_REQUIRE(errno == ECHILD); 1183 } 1184 1185 /* 1186 * Verify that the expected LWP events are reported for a child thread. 1187 */ 1188 ATF_TC_WITHOUT_HEAD(ptrace__lwp_events); 1189 ATF_TC_BODY(ptrace__lwp_events, tc) 1190 { 1191 struct ptrace_lwpinfo pl; 1192 pid_t fpid, wpid; 1193 lwpid_t lwps[2]; 1194 int status; 1195 1196 ATF_REQUIRE((fpid = fork()) != -1); 1197 if (fpid == 0) { 1198 trace_me(); 1199 simple_thread_main(); 1200 } 1201 1202 /* The first wait() should report the stop from SIGSTOP. */ 1203 wpid = waitpid(fpid, &status, 0); 1204 ATF_REQUIRE(wpid == fpid); 1205 ATF_REQUIRE(WIFSTOPPED(status)); 1206 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP); 1207 1208 ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, 1209 sizeof(pl)) != -1); 1210 lwps[0] = pl.pl_lwpid; 1211 1212 ATF_REQUIRE(ptrace(PT_LWP_EVENTS, wpid, NULL, 1) == 0); 1213 1214 /* Continue the child ignoring the SIGSTOP. */ 1215 ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0) == 0); 1216 1217 /* The first event should be for the child thread's birth. */ 1218 wpid = waitpid(fpid, &status, 0); 1219 ATF_REQUIRE(wpid == fpid); 1220 ATF_REQUIRE(WIFSTOPPED(status)); 1221 ATF_REQUIRE(WSTOPSIG(status) == SIGTRAP); 1222 1223 ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1); 1224 ATF_REQUIRE((pl.pl_flags & (PL_FLAG_BORN | PL_FLAG_SCX)) == 1225 (PL_FLAG_BORN | PL_FLAG_SCX)); 1226 ATF_REQUIRE(pl.pl_lwpid != lwps[0]); 1227 lwps[1] = pl.pl_lwpid; 1228 1229 ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0) == 0); 1230 1231 /* The next event should be for the child thread's death. */ 1232 wpid = waitpid(fpid, &status, 0); 1233 ATF_REQUIRE(wpid == fpid); 1234 ATF_REQUIRE(WIFSTOPPED(status)); 1235 ATF_REQUIRE(WSTOPSIG(status) == SIGTRAP); 1236 1237 ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1); 1238 ATF_REQUIRE((pl.pl_flags & (PL_FLAG_EXITED | PL_FLAG_SCE)) == 1239 (PL_FLAG_EXITED | PL_FLAG_SCE)); 1240 ATF_REQUIRE(pl.pl_lwpid == lwps[1]); 1241 1242 ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0) == 0); 1243 1244 /* The last event should be for the child process's exit. */ 1245 wpid = waitpid(fpid, &status, 0); 1246 ATF_REQUIRE(WIFEXITED(status)); 1247 ATF_REQUIRE(WEXITSTATUS(status) == 1); 1248 1249 wpid = wait(&status); 1250 ATF_REQUIRE(wpid == -1); 1251 ATF_REQUIRE(errno == ECHILD); 1252 } 1253 1254 static void * 1255 exec_thread(void *arg __unused) 1256 { 1257 1258 execl("/usr/bin/true", "true", NULL); 1259 exit(127); 1260 } 1261 1262 static __dead2 void 1263 exec_thread_main(void) 1264 { 1265 pthread_t thread; 1266 1267 CHILD_REQUIRE(pthread_create(&thread, NULL, exec_thread, NULL) == 0); 1268 for (;;) 1269 sleep(60); 1270 exit(1); 1271 } 1272 1273 /* 1274 * Verify that the expected LWP events are reported for a multithreaded 1275 * process that calls execve(2). 1276 */ 1277 ATF_TC_WITHOUT_HEAD(ptrace__lwp_events_exec); 1278 ATF_TC_BODY(ptrace__lwp_events_exec, tc) 1279 { 1280 struct ptrace_lwpinfo pl; 1281 pid_t fpid, wpid; 1282 lwpid_t lwps[2]; 1283 int status; 1284 1285 ATF_REQUIRE((fpid = fork()) != -1); 1286 if (fpid == 0) { 1287 trace_me(); 1288 exec_thread_main(); 1289 } 1290 1291 /* The first wait() should report the stop from SIGSTOP. */ 1292 wpid = waitpid(fpid, &status, 0); 1293 ATF_REQUIRE(wpid == fpid); 1294 ATF_REQUIRE(WIFSTOPPED(status)); 1295 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP); 1296 1297 ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, 1298 sizeof(pl)) != -1); 1299 lwps[0] = pl.pl_lwpid; 1300 1301 ATF_REQUIRE(ptrace(PT_LWP_EVENTS, wpid, NULL, 1) == 0); 1302 1303 /* Continue the child ignoring the SIGSTOP. */ 1304 ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0) == 0); 1305 1306 /* The first event should be for the child thread's birth. */ 1307 wpid = waitpid(fpid, &status, 0); 1308 ATF_REQUIRE(wpid == fpid); 1309 ATF_REQUIRE(WIFSTOPPED(status)); 1310 ATF_REQUIRE(WSTOPSIG(status) == SIGTRAP); 1311 1312 ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1); 1313 ATF_REQUIRE((pl.pl_flags & (PL_FLAG_BORN | PL_FLAG_SCX)) == 1314 (PL_FLAG_BORN | PL_FLAG_SCX)); 1315 ATF_REQUIRE(pl.pl_lwpid != lwps[0]); 1316 lwps[1] = pl.pl_lwpid; 1317 1318 ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0) == 0); 1319 1320 /* 1321 * The next event should be for the main thread's death due to 1322 * single threading from execve(). 1323 */ 1324 wpid = waitpid(fpid, &status, 0); 1325 ATF_REQUIRE(wpid == fpid); 1326 ATF_REQUIRE(WIFSTOPPED(status)); 1327 ATF_REQUIRE(WSTOPSIG(status) == SIGTRAP); 1328 1329 ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1); 1330 ATF_REQUIRE((pl.pl_flags & (PL_FLAG_EXITED | PL_FLAG_SCE)) == 1331 (PL_FLAG_EXITED)); 1332 ATF_REQUIRE(pl.pl_lwpid == lwps[0]); 1333 1334 ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0) == 0); 1335 1336 /* The next event should be for the child process's exec. */ 1337 wpid = waitpid(fpid, &status, 0); 1338 ATF_REQUIRE(WIFSTOPPED(status)); 1339 ATF_REQUIRE(WSTOPSIG(status) == SIGTRAP); 1340 1341 ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl, sizeof(pl)) != -1); 1342 ATF_REQUIRE((pl.pl_flags & (PL_FLAG_EXEC | PL_FLAG_SCX)) == 1343 (PL_FLAG_EXEC | PL_FLAG_SCX)); 1344 ATF_REQUIRE(pl.pl_lwpid == lwps[1]); 1345 1346 ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0) == 0); 1347 1348 /* The last event should be for the child process's exit. */ 1349 wpid = waitpid(fpid, &status, 0); 1350 ATF_REQUIRE(WIFEXITED(status)); 1351 ATF_REQUIRE(WEXITSTATUS(status) == 0); 1352 1353 wpid = wait(&status); 1354 ATF_REQUIRE(wpid == -1); 1355 ATF_REQUIRE(errno == ECHILD); 1356 } 1357 1358 ATF_TP_ADD_TCS(tp) 1359 { 1360 1361 ATF_TP_ADD_TC(tp, ptrace__parent_wait_after_trace_me); 1362 ATF_TP_ADD_TC(tp, ptrace__parent_wait_after_attach); 1363 ATF_TP_ADD_TC(tp, ptrace__parent_sees_exit_after_child_debugger); 1364 ATF_TP_ADD_TC(tp, ptrace__parent_sees_exit_after_unrelated_debugger); 1365 ATF_TP_ADD_TC(tp, ptrace__follow_fork_both_attached); 1366 ATF_TP_ADD_TC(tp, ptrace__follow_fork_child_detached); 1367 ATF_TP_ADD_TC(tp, ptrace__follow_fork_parent_detached); 1368 ATF_TP_ADD_TC(tp, ptrace__follow_fork_both_attached_unrelated_debugger); 1369 ATF_TP_ADD_TC(tp, 1370 ptrace__follow_fork_child_detached_unrelated_debugger); 1371 ATF_TP_ADD_TC(tp, 1372 ptrace__follow_fork_parent_detached_unrelated_debugger); 1373 ATF_TP_ADD_TC(tp, ptrace__getppid); 1374 ATF_TP_ADD_TC(tp, ptrace__new_child_pl_syscall_code_fork); 1375 ATF_TP_ADD_TC(tp, ptrace__new_child_pl_syscall_code_vfork); 1376 ATF_TP_ADD_TC(tp, ptrace__new_child_pl_syscall_code_thread); 1377 ATF_TP_ADD_TC(tp, ptrace__lwp_events); 1378 ATF_TP_ADD_TC(tp, ptrace__lwp_events_exec); 1379 1380 return (atf_no_error()); 1381 } 1382