2 * Copyright (c) 2015 John Baldwin <jhb@FreeBSD.org>
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 #include <sys/cdefs.h>
28 __FBSDID("$FreeBSD$");
30 #include <sys/types.h>
31 #include <sys/ptrace.h>
32 #include <sys/syscall.h>
33 #include <sys/sysctl.h>
45 * A variant of ATF_REQUIRE that is suitable for use in child
46 * processes. This only works if the parent process is tripped up by
47 * the early exit and fails some requirement itself.
49 #define CHILD_REQUIRE(exp) do { \
51 child_fail_require(__FILE__, __LINE__, \
56 child_fail_require(const char *file, int line, const char *str)
60 snprintf(buf, sizeof(buf), "%s:%d: %s\n", file, line, str);
61 write(2, buf, strlen(buf));
69 /* Attach the parent process as a tracer of this process. */
70 CHILD_REQUIRE(ptrace(PT_TRACE_ME, 0, NULL, 0) != -1);
77 attach_child(pid_t pid)
82 ATF_REQUIRE(ptrace(PT_ATTACH, pid, NULL, 0) == 0);
84 wpid = waitpid(pid, &status, 0);
85 ATF_REQUIRE(wpid == pid);
86 ATF_REQUIRE(WIFSTOPPED(status));
87 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP);
91 wait_for_zombie(pid_t pid)
95 * Wait for a process to exit. This is kind of gross, but
96 * there is not a better way.
105 mib[2] = KERN_PROC_PID;
108 if (sysctl(mib, nitems(mib), &kp, &len, NULL, 0) == -1) {
109 /* The KERN_PROC_PID sysctl fails for zombies. */
110 ATF_REQUIRE(errno == ESRCH);
118 * Verify that a parent debugger process "sees" the exit of a debugged
119 * process exactly once when attached via PT_TRACE_ME.
121 ATF_TC_WITHOUT_HEAD(ptrace__parent_wait_after_trace_me);
122 ATF_TC_BODY(ptrace__parent_wait_after_trace_me, tc)
127 ATF_REQUIRE((child = fork()) != -1);
135 /* Parent process. */
137 /* The first wait() should report the stop from SIGSTOP. */
138 wpid = waitpid(child, &status, 0);
139 ATF_REQUIRE(wpid == child);
140 ATF_REQUIRE(WIFSTOPPED(status));
141 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP);
143 /* Continue the child ignoring the SIGSTOP. */
144 ATF_REQUIRE(ptrace(PT_CONTINUE, child, (caddr_t)1, 0) != -1);
146 /* The second wait() should report the exit status. */
147 wpid = waitpid(child, &status, 0);
148 ATF_REQUIRE(wpid == child);
149 ATF_REQUIRE(WIFEXITED(status));
150 ATF_REQUIRE(WEXITSTATUS(status) == 1);
152 /* The child should no longer exist. */
153 wpid = waitpid(child, &status, 0);
154 ATF_REQUIRE(wpid == -1);
155 ATF_REQUIRE(errno == ECHILD);
159 * Verify that a parent debugger process "sees" the exit of a debugged
160 * process exactly once when attached via PT_ATTACH.
162 ATF_TC_WITHOUT_HEAD(ptrace__parent_wait_after_attach);
163 ATF_TC_BODY(ptrace__parent_wait_after_attach, tc)
166 int cpipe[2], status;
169 ATF_REQUIRE(pipe(cpipe) == 0);
170 ATF_REQUIRE((child = fork()) != -1);
175 /* Wait for the parent to attach. */
176 CHILD_REQUIRE(read(cpipe[1], &c, sizeof(c)) == 0);
182 /* Parent process. */
184 /* Attach to the child process. */
187 /* Continue the child ignoring the SIGSTOP. */
188 ATF_REQUIRE(ptrace(PT_CONTINUE, child, (caddr_t)1, 0) != -1);
190 /* Signal the child to exit. */
193 /* The second wait() should report the exit status. */
194 wpid = waitpid(child, &status, 0);
195 ATF_REQUIRE(wpid == child);
196 ATF_REQUIRE(WIFEXITED(status));
197 ATF_REQUIRE(WEXITSTATUS(status) == 1);
199 /* The child should no longer exist. */
200 wpid = waitpid(child, &status, 0);
201 ATF_REQUIRE(wpid == -1);
202 ATF_REQUIRE(errno == ECHILD);
206 * Verify that a parent process "sees" the exit of a debugged process only
207 * after the debugger has seen it.
209 ATF_TC_WITHOUT_HEAD(ptrace__parent_sees_exit_after_child_debugger);
210 ATF_TC_BODY(ptrace__parent_sees_exit_after_child_debugger, tc)
212 pid_t child, debugger, wpid;
213 int cpipe[2], dpipe[2], status;
216 ATF_REQUIRE(pipe(cpipe) == 0);
217 ATF_REQUIRE((child = fork()) != -1);
223 /* Wait for parent to be ready. */
224 CHILD_REQUIRE(read(cpipe[1], &c, sizeof(c)) == sizeof(c));
230 ATF_REQUIRE(pipe(dpipe) == 0);
231 ATF_REQUIRE((debugger = fork()) != -1);
234 /* Debugger process. */
237 CHILD_REQUIRE(ptrace(PT_ATTACH, child, NULL, 0) != -1);
239 wpid = waitpid(child, &status, 0);
240 CHILD_REQUIRE(wpid == child);
241 CHILD_REQUIRE(WIFSTOPPED(status));
242 CHILD_REQUIRE(WSTOPSIG(status) == SIGSTOP);
244 CHILD_REQUIRE(ptrace(PT_CONTINUE, child, (caddr_t)1, 0) != -1);
246 /* Signal parent that debugger is attached. */
247 CHILD_REQUIRE(write(dpipe[1], &c, sizeof(c)) == sizeof(c));
249 /* Wait for parent's failed wait. */
250 CHILD_REQUIRE(read(dpipe[1], &c, sizeof(c)) == 0);
252 wpid = waitpid(child, &status, 0);
253 CHILD_REQUIRE(wpid == child);
254 CHILD_REQUIRE(WIFEXITED(status));
255 CHILD_REQUIRE(WEXITSTATUS(status) == 1);
261 /* Parent process. */
263 /* Wait for the debugger to attach to the child. */
264 ATF_REQUIRE(read(dpipe[0], &c, sizeof(c)) == sizeof(c));
266 /* Release the child. */
267 ATF_REQUIRE(write(cpipe[0], &c, sizeof(c)) == sizeof(c));
268 ATF_REQUIRE(read(cpipe[0], &c, sizeof(c)) == 0);
271 wait_for_zombie(child);
274 * This wait should return a pid of 0 to indicate no status to
275 * report. The parent should see the child as non-exited
276 * until the debugger sees the exit.
278 wpid = waitpid(child, &status, WNOHANG);
279 ATF_REQUIRE(wpid == 0);
281 /* Signal the debugger to wait for the child. */
284 /* Wait for the debugger. */
285 wpid = waitpid(debugger, &status, 0);
286 ATF_REQUIRE(wpid == debugger);
287 ATF_REQUIRE(WIFEXITED(status));
288 ATF_REQUIRE(WEXITSTATUS(status) == 0);
290 /* The child process should now be ready. */
291 wpid = waitpid(child, &status, WNOHANG);
292 ATF_REQUIRE(wpid == child);
293 ATF_REQUIRE(WIFEXITED(status));
294 ATF_REQUIRE(WEXITSTATUS(status) == 1);
298 * Verify that a parent process "sees" the exit of a debugged process
299 * only after a non-direct-child debugger has seen it. In particular,
300 * various wait() calls in the parent must avoid failing with ESRCH by
301 * checking the parent's orphan list for the debugee.
303 ATF_TC_WITHOUT_HEAD(ptrace__parent_sees_exit_after_unrelated_debugger);
304 ATF_TC_BODY(ptrace__parent_sees_exit_after_unrelated_debugger, tc)
306 pid_t child, debugger, fpid, wpid;
307 int cpipe[2], dpipe[2], status;
310 ATF_REQUIRE(pipe(cpipe) == 0);
311 ATF_REQUIRE((child = fork()) != -1);
317 /* Wait for parent to be ready. */
318 CHILD_REQUIRE(read(cpipe[1], &c, sizeof(c)) == sizeof(c));
324 ATF_REQUIRE(pipe(dpipe) == 0);
325 ATF_REQUIRE((debugger = fork()) != -1);
328 /* Debugger parent. */
331 * Fork again and drop the debugger parent so that the
332 * debugger is not a child of the main parent.
334 CHILD_REQUIRE((fpid = fork()) != -1);
338 /* Debugger process. */
341 CHILD_REQUIRE(ptrace(PT_ATTACH, child, NULL, 0) != -1);
343 wpid = waitpid(child, &status, 0);
344 CHILD_REQUIRE(wpid == child);
345 CHILD_REQUIRE(WIFSTOPPED(status));
346 CHILD_REQUIRE(WSTOPSIG(status) == SIGSTOP);
348 CHILD_REQUIRE(ptrace(PT_CONTINUE, child, (caddr_t)1, 0) != -1);
350 /* Signal parent that debugger is attached. */
351 CHILD_REQUIRE(write(dpipe[1], &c, sizeof(c)) == sizeof(c));
353 /* Wait for parent's failed wait. */
354 CHILD_REQUIRE(read(dpipe[1], &c, sizeof(c)) == sizeof(c));
356 wpid = waitpid(child, &status, 0);
357 CHILD_REQUIRE(wpid == child);
358 CHILD_REQUIRE(WIFEXITED(status));
359 CHILD_REQUIRE(WEXITSTATUS(status) == 1);
365 /* Parent process. */
367 /* Wait for the debugger parent process to exit. */
368 wpid = waitpid(debugger, &status, 0);
369 ATF_REQUIRE(wpid == debugger);
370 ATF_REQUIRE(WIFEXITED(status));
371 ATF_REQUIRE(WEXITSTATUS(status) == 2);
373 /* A WNOHANG wait here should see the non-exited child. */
374 wpid = waitpid(child, &status, WNOHANG);
375 ATF_REQUIRE(wpid == 0);
377 /* Wait for the debugger to attach to the child. */
378 ATF_REQUIRE(read(dpipe[0], &c, sizeof(c)) == sizeof(c));
380 /* Release the child. */
381 ATF_REQUIRE(write(cpipe[0], &c, sizeof(c)) == sizeof(c));
382 ATF_REQUIRE(read(cpipe[0], &c, sizeof(c)) == 0);
385 wait_for_zombie(child);
388 * This wait should return a pid of 0 to indicate no status to
389 * report. The parent should see the child as non-exited
390 * until the debugger sees the exit.
392 wpid = waitpid(child, &status, WNOHANG);
393 ATF_REQUIRE(wpid == 0);
395 /* Signal the debugger to wait for the child. */
396 ATF_REQUIRE(write(dpipe[0], &c, sizeof(c)) == sizeof(c));
398 /* Wait for the debugger. */
399 ATF_REQUIRE(read(dpipe[0], &c, sizeof(c)) == 0);
402 /* The child process should now be ready. */
403 wpid = waitpid(child, &status, WNOHANG);
404 ATF_REQUIRE(wpid == child);
405 ATF_REQUIRE(WIFEXITED(status));
406 ATF_REQUIRE(WEXITSTATUS(status) == 1);
410 * The parent process should always act the same regardless of how the
411 * debugger is attached to it.
414 follow_fork_parent(bool use_vfork)
420 CHILD_REQUIRE((fpid = vfork()) != -1);
422 CHILD_REQUIRE((fpid = fork()) != -1);
428 wpid = waitpid(fpid, &status, 0);
429 CHILD_REQUIRE(wpid == fpid);
430 CHILD_REQUIRE(WIFEXITED(status));
431 CHILD_REQUIRE(WEXITSTATUS(status) == 2);
437 * Helper routine for follow fork tests. This waits for two stops
438 * that report both "sides" of a fork. It returns the pid of the new
442 handle_fork_events(pid_t parent, struct ptrace_lwpinfo *ppl)
444 struct ptrace_lwpinfo pl;
445 bool fork_reported[2];
449 fork_reported[0] = false;
450 fork_reported[1] = false;
454 * Each process should report a fork event. The parent should
455 * report a PL_FLAG_FORKED event, and the child should report
456 * a PL_FLAG_CHILD event.
458 for (i = 0; i < 2; i++) {
459 wpid = wait(&status);
460 ATF_REQUIRE(wpid > 0);
461 ATF_REQUIRE(WIFSTOPPED(status));
463 ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl,
465 ATF_REQUIRE((pl.pl_flags & (PL_FLAG_FORKED | PL_FLAG_CHILD)) !=
467 ATF_REQUIRE((pl.pl_flags & (PL_FLAG_FORKED | PL_FLAG_CHILD)) !=
468 (PL_FLAG_FORKED | PL_FLAG_CHILD));
469 if (pl.pl_flags & PL_FLAG_CHILD) {
470 ATF_REQUIRE(wpid != parent);
471 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP);
472 ATF_REQUIRE(!fork_reported[1]);
476 ATF_REQUIRE(child == wpid);
479 fork_reported[1] = true;
481 ATF_REQUIRE(wpid == parent);
482 ATF_REQUIRE(WSTOPSIG(status) == SIGTRAP);
483 ATF_REQUIRE(!fork_reported[0]);
485 child = pl.pl_child_pid;
487 ATF_REQUIRE(child == pl.pl_child_pid);
490 fork_reported[0] = true;
498 * Verify that a new child process is stopped after a followed fork and
499 * that the traced parent sees the exit of the child after the debugger
500 * when both processes remain attached to the debugger.
502 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_both_attached);
503 ATF_TC_BODY(ptrace__follow_fork_both_attached, tc)
505 pid_t children[0], fpid, wpid;
508 ATF_REQUIRE((fpid = fork()) != -1);
511 follow_fork_parent(false);
514 /* Parent process. */
517 /* The first wait() should report the stop from SIGSTOP. */
518 wpid = waitpid(children[0], &status, 0);
519 ATF_REQUIRE(wpid == children[0]);
520 ATF_REQUIRE(WIFSTOPPED(status));
521 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP);
523 ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1);
525 /* Continue the child ignoring the SIGSTOP. */
526 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
528 children[1] = handle_fork_events(children[0], NULL);
529 ATF_REQUIRE(children[1] > 0);
531 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
532 ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1);
535 * The child can't exit until the grandchild reports status, so the
536 * grandchild should report its exit first to the debugger.
538 wpid = wait(&status);
539 ATF_REQUIRE(wpid == children[1]);
540 ATF_REQUIRE(WIFEXITED(status));
541 ATF_REQUIRE(WEXITSTATUS(status) == 2);
543 wpid = wait(&status);
544 ATF_REQUIRE(wpid == children[0]);
545 ATF_REQUIRE(WIFEXITED(status));
546 ATF_REQUIRE(WEXITSTATUS(status) == 1);
548 wpid = wait(&status);
549 ATF_REQUIRE(wpid == -1);
550 ATF_REQUIRE(errno == ECHILD);
554 * Verify that a new child process is stopped after a followed fork
555 * and that the traced parent sees the exit of the child when the new
556 * child process is detached after it reports its fork.
558 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_child_detached);
559 ATF_TC_BODY(ptrace__follow_fork_child_detached, tc)
561 pid_t children[0], fpid, wpid;
564 ATF_REQUIRE((fpid = fork()) != -1);
567 follow_fork_parent(false);
570 /* Parent process. */
573 /* The first wait() should report the stop from SIGSTOP. */
574 wpid = waitpid(children[0], &status, 0);
575 ATF_REQUIRE(wpid == children[0]);
576 ATF_REQUIRE(WIFSTOPPED(status));
577 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP);
579 ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1);
581 /* Continue the child ignoring the SIGSTOP. */
582 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
584 children[1] = handle_fork_events(children[0], NULL);
585 ATF_REQUIRE(children[1] > 0);
587 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
588 ATF_REQUIRE(ptrace(PT_DETACH, children[1], (caddr_t)1, 0) != -1);
591 * Should not see any status from the grandchild now, only the
594 wpid = wait(&status);
595 ATF_REQUIRE(wpid == children[0]);
596 ATF_REQUIRE(WIFEXITED(status));
597 ATF_REQUIRE(WEXITSTATUS(status) == 1);
599 wpid = wait(&status);
600 ATF_REQUIRE(wpid == -1);
601 ATF_REQUIRE(errno == ECHILD);
605 * Verify that a new child process is stopped after a followed fork
606 * and that the traced parent sees the exit of the child when the
607 * traced parent is detached after the fork.
609 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_parent_detached);
610 ATF_TC_BODY(ptrace__follow_fork_parent_detached, tc)
612 pid_t children[0], fpid, wpid;
615 ATF_REQUIRE((fpid = fork()) != -1);
618 follow_fork_parent(false);
621 /* Parent process. */
624 /* The first wait() should report the stop from SIGSTOP. */
625 wpid = waitpid(children[0], &status, 0);
626 ATF_REQUIRE(wpid == children[0]);
627 ATF_REQUIRE(WIFSTOPPED(status));
628 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP);
630 ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1);
632 /* Continue the child ignoring the SIGSTOP. */
633 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
635 children[1] = handle_fork_events(children[0], NULL);
636 ATF_REQUIRE(children[1] > 0);
638 ATF_REQUIRE(ptrace(PT_DETACH, children[0], (caddr_t)1, 0) != -1);
639 ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1);
642 * The child can't exit until the grandchild reports status, so the
643 * grandchild should report its exit first to the debugger.
645 * Even though the child process is detached, it is still a
646 * child of the debugger, so it will still report it's exit
647 * after the grandchild.
649 wpid = wait(&status);
650 ATF_REQUIRE(wpid == children[1]);
651 ATF_REQUIRE(WIFEXITED(status));
652 ATF_REQUIRE(WEXITSTATUS(status) == 2);
654 wpid = wait(&status);
655 ATF_REQUIRE(wpid == children[0]);
656 ATF_REQUIRE(WIFEXITED(status));
657 ATF_REQUIRE(WEXITSTATUS(status) == 1);
659 wpid = wait(&status);
660 ATF_REQUIRE(wpid == -1);
661 ATF_REQUIRE(errno == ECHILD);
665 attach_fork_parent(int cpipe[2])
671 /* Double-fork to disassociate from the debugger. */
672 CHILD_REQUIRE((fpid = fork()) != -1);
676 /* Send the pid of the disassociated child to the debugger. */
678 CHILD_REQUIRE(write(cpipe[1], &fpid, sizeof(fpid)) == sizeof(fpid));
680 /* Wait for the debugger to attach. */
681 CHILD_REQUIRE(read(cpipe[1], &fpid, sizeof(fpid)) == 0);
685 * Verify that a new child process is stopped after a followed fork and
686 * that the traced parent sees the exit of the child after the debugger
687 * when both processes remain attached to the debugger. In this test
688 * the parent that forks is not a direct child of the debugger.
690 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_both_attached_unrelated_debugger);
691 ATF_TC_BODY(ptrace__follow_fork_both_attached_unrelated_debugger, tc)
693 pid_t children[0], fpid, wpid;
694 int cpipe[2], status;
696 ATF_REQUIRE(pipe(cpipe) == 0);
697 ATF_REQUIRE((fpid = fork()) != -1);
699 attach_fork_parent(cpipe);
700 follow_fork_parent(false);
703 /* Parent process. */
706 /* Wait for the direct child to exit. */
707 wpid = waitpid(fpid, &status, 0);
708 ATF_REQUIRE(wpid == fpid);
709 ATF_REQUIRE(WIFEXITED(status));
710 ATF_REQUIRE(WEXITSTATUS(status) == 3);
712 /* Read the pid of the fork parent. */
713 ATF_REQUIRE(read(cpipe[0], &children[0], sizeof(children[0])) ==
714 sizeof(children[0]));
716 /* Attach to the fork parent. */
717 attach_child(children[0]);
719 ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1);
721 /* Continue the fork parent ignoring the SIGSTOP. */
722 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
724 /* Signal the fork parent to continue. */
727 children[1] = handle_fork_events(children[0], NULL);
728 ATF_REQUIRE(children[1] > 0);
730 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
731 ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1);
734 * The fork parent can't exit until the child reports status,
735 * so the child should report its exit first to the debugger.
737 wpid = wait(&status);
738 ATF_REQUIRE(wpid == children[1]);
739 ATF_REQUIRE(WIFEXITED(status));
740 ATF_REQUIRE(WEXITSTATUS(status) == 2);
742 wpid = wait(&status);
743 ATF_REQUIRE(wpid == children[0]);
744 ATF_REQUIRE(WIFEXITED(status));
745 ATF_REQUIRE(WEXITSTATUS(status) == 1);
747 wpid = wait(&status);
748 ATF_REQUIRE(wpid == -1);
749 ATF_REQUIRE(errno == ECHILD);
753 * Verify that a new child process is stopped after a followed fork
754 * and that the traced parent sees the exit of the child when the new
755 * child process is detached after it reports its fork. In this test
756 * the parent that forks is not a direct child of the debugger.
758 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_child_detached_unrelated_debugger);
759 ATF_TC_BODY(ptrace__follow_fork_child_detached_unrelated_debugger, tc)
761 pid_t children[0], fpid, wpid;
762 int cpipe[2], status;
764 ATF_REQUIRE(pipe(cpipe) == 0);
765 ATF_REQUIRE((fpid = fork()) != -1);
767 attach_fork_parent(cpipe);
768 follow_fork_parent(false);
771 /* Parent process. */
774 /* Wait for the direct child to exit. */
775 wpid = waitpid(fpid, &status, 0);
776 ATF_REQUIRE(wpid == fpid);
777 ATF_REQUIRE(WIFEXITED(status));
778 ATF_REQUIRE(WEXITSTATUS(status) == 3);
780 /* Read the pid of the fork parent. */
781 ATF_REQUIRE(read(cpipe[0], &children[0], sizeof(children[0])) ==
782 sizeof(children[0]));
784 /* Attach to the fork parent. */
785 attach_child(children[0]);
787 ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1);
789 /* Continue the fork parent ignoring the SIGSTOP. */
790 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
792 /* Signal the fork parent to continue. */
795 children[1] = handle_fork_events(children[0], NULL);
796 ATF_REQUIRE(children[1] > 0);
798 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
799 ATF_REQUIRE(ptrace(PT_DETACH, children[1], (caddr_t)1, 0) != -1);
802 * Should not see any status from the child now, only the fork
805 wpid = wait(&status);
806 ATF_REQUIRE(wpid == children[0]);
807 ATF_REQUIRE(WIFEXITED(status));
808 ATF_REQUIRE(WEXITSTATUS(status) == 1);
810 wpid = wait(&status);
811 ATF_REQUIRE(wpid == -1);
812 ATF_REQUIRE(errno == ECHILD);
816 * Verify that a new child process is stopped after a followed fork
817 * and that the traced parent sees the exit of the child when the
818 * traced parent is detached after the fork. In this test the parent
819 * that forks is not a direct child of the debugger.
821 ATF_TC_WITHOUT_HEAD(ptrace__follow_fork_parent_detached_unrelated_debugger);
822 ATF_TC_BODY(ptrace__follow_fork_parent_detached_unrelated_debugger, tc)
824 pid_t children[0], fpid, wpid;
825 int cpipe[2], status;
827 ATF_REQUIRE(pipe(cpipe) == 0);
828 ATF_REQUIRE((fpid = fork()) != -1);
830 attach_fork_parent(cpipe);
831 follow_fork_parent(false);
834 /* Parent process. */
837 /* Wait for the direct child to exit. */
838 wpid = waitpid(fpid, &status, 0);
839 ATF_REQUIRE(wpid == fpid);
840 ATF_REQUIRE(WIFEXITED(status));
841 ATF_REQUIRE(WEXITSTATUS(status) == 3);
843 /* Read the pid of the fork parent. */
844 ATF_REQUIRE(read(cpipe[0], &children[0], sizeof(children[0])) ==
845 sizeof(children[0]));
847 /* Attach to the fork parent. */
848 attach_child(children[0]);
850 ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1);
852 /* Continue the fork parent ignoring the SIGSTOP. */
853 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
855 /* Signal the fork parent to continue. */
858 children[1] = handle_fork_events(children[0], NULL);
859 ATF_REQUIRE(children[1] > 0);
861 ATF_REQUIRE(ptrace(PT_DETACH, children[0], (caddr_t)1, 0) != -1);
862 ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1);
865 * Should not see any status from the fork parent now, only
868 wpid = wait(&status);
869 ATF_REQUIRE(wpid == children[1]);
870 ATF_REQUIRE(WIFEXITED(status));
871 ATF_REQUIRE(WEXITSTATUS(status) == 2);
873 wpid = wait(&status);
874 ATF_REQUIRE(wpid == -1);
875 ATF_REQUIRE(errno == ECHILD);
879 * Verify that pl_syscall_code in struct ptrace_lwpinfo for a new
880 * child process created via fork() reports the correct value.
882 ATF_TC_WITHOUT_HEAD(ptrace__new_child_pl_syscall_code_fork);
883 ATF_TC_BODY(ptrace__new_child_pl_syscall_code_fork, tc)
885 struct ptrace_lwpinfo pl[2];
886 pid_t children[2], fpid, wpid;
889 ATF_REQUIRE((fpid = fork()) != -1);
892 follow_fork_parent(false);
895 /* Parent process. */
898 /* The first wait() should report the stop from SIGSTOP. */
899 wpid = waitpid(children[0], &status, 0);
900 ATF_REQUIRE(wpid == children[0]);
901 ATF_REQUIRE(WIFSTOPPED(status));
902 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP);
904 ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1);
906 /* Continue the child ignoring the SIGSTOP. */
907 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
909 /* Wait for both halves of the fork event to get reported. */
910 children[1] = handle_fork_events(children[0], pl);
911 ATF_REQUIRE(children[1] > 0);
913 ATF_REQUIRE((pl[0].pl_flags & PL_FLAG_SCX) != 0);
914 ATF_REQUIRE((pl[1].pl_flags & PL_FLAG_SCX) != 0);
915 ATF_REQUIRE(pl[0].pl_syscall_code == SYS_fork);
916 ATF_REQUIRE(pl[0].pl_syscall_code == pl[1].pl_syscall_code);
917 ATF_REQUIRE(pl[0].pl_syscall_narg == pl[1].pl_syscall_narg);
919 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
920 ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1);
923 * The child can't exit until the grandchild reports status, so the
924 * grandchild should report its exit first to the debugger.
926 wpid = wait(&status);
927 ATF_REQUIRE(wpid == children[1]);
928 ATF_REQUIRE(WIFEXITED(status));
929 ATF_REQUIRE(WEXITSTATUS(status) == 2);
931 wpid = wait(&status);
932 ATF_REQUIRE(wpid == children[0]);
933 ATF_REQUIRE(WIFEXITED(status));
934 ATF_REQUIRE(WEXITSTATUS(status) == 1);
936 wpid = wait(&status);
937 ATF_REQUIRE(wpid == -1);
938 ATF_REQUIRE(errno == ECHILD);
942 * Verify that pl_syscall_code in struct ptrace_lwpinfo for a new
943 * child process created via vfork() reports the correct value.
945 ATF_TC_WITHOUT_HEAD(ptrace__new_child_pl_syscall_code_vfork);
946 ATF_TC_BODY(ptrace__new_child_pl_syscall_code_vfork, tc)
948 struct ptrace_lwpinfo pl[2];
949 pid_t children[2], fpid, wpid;
952 ATF_REQUIRE((fpid = fork()) != -1);
955 follow_fork_parent(true);
958 /* Parent process. */
961 /* The first wait() should report the stop from SIGSTOP. */
962 wpid = waitpid(children[0], &status, 0);
963 ATF_REQUIRE(wpid == children[0]);
964 ATF_REQUIRE(WIFSTOPPED(status));
965 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP);
967 ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, children[0], NULL, 1) != -1);
969 /* Continue the child ignoring the SIGSTOP. */
970 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
972 /* Wait for both halves of the fork event to get reported. */
973 children[1] = handle_fork_events(children[0], pl);
974 ATF_REQUIRE(children[1] > 0);
976 ATF_REQUIRE((pl[0].pl_flags & PL_FLAG_SCX) != 0);
977 ATF_REQUIRE((pl[1].pl_flags & PL_FLAG_SCX) != 0);
978 ATF_REQUIRE(pl[0].pl_syscall_code == SYS_vfork);
979 ATF_REQUIRE(pl[0].pl_syscall_code == pl[1].pl_syscall_code);
980 ATF_REQUIRE(pl[0].pl_syscall_narg == pl[1].pl_syscall_narg);
982 ATF_REQUIRE(ptrace(PT_CONTINUE, children[0], (caddr_t)1, 0) != -1);
983 ATF_REQUIRE(ptrace(PT_CONTINUE, children[1], (caddr_t)1, 0) != -1);
986 * The child can't exit until the grandchild reports status, so the
987 * grandchild should report its exit first to the debugger.
989 wpid = wait(&status);
990 ATF_REQUIRE(wpid == children[1]);
991 ATF_REQUIRE(WIFEXITED(status));
992 ATF_REQUIRE(WEXITSTATUS(status) == 2);
994 wpid = wait(&status);
995 ATF_REQUIRE(wpid == children[0]);
996 ATF_REQUIRE(WIFEXITED(status));
997 ATF_REQUIRE(WEXITSTATUS(status) == 1);
999 wpid = wait(&status);
1000 ATF_REQUIRE(wpid == -1);
1001 ATF_REQUIRE(errno == ECHILD);
1005 simple_thread(void *arg __unused)
1012 * Verify that pl_syscall_code in struct ptrace_lwpinfo for a new
1013 * thread reports the correct value.
1015 ATF_TC_WITHOUT_HEAD(ptrace__new_child_pl_syscall_code_thread);
1016 ATF_TC_BODY(ptrace__new_child_pl_syscall_code_thread, tc)
1018 struct ptrace_lwpinfo pl;
1023 ATF_REQUIRE((fpid = fork()) != -1);
1029 CHILD_REQUIRE(pthread_create(&thread, NULL, simple_thread,
1031 CHILD_REQUIRE(pthread_join(thread, NULL) == 0);
1035 /* The first wait() should report the stop from SIGSTOP. */
1036 wpid = waitpid(fpid, &status, 0);
1037 ATF_REQUIRE(wpid == fpid);
1038 ATF_REQUIRE(WIFSTOPPED(status));
1039 ATF_REQUIRE(WSTOPSIG(status) == SIGSTOP);
1041 ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl,
1043 mainlwp = pl.pl_lwpid;
1046 * Continue the child ignoring the SIGSTOP and tracing all
1047 * system call exits.
1049 ATF_REQUIRE(ptrace(PT_TO_SCX, fpid, (caddr_t)1, 0) != -1);
1052 * Wait for the new thread to arrive. pthread_create() might
1053 * invoke any number of system calls. For now we just wait
1054 * for the new thread to arrive and make sure it reports a
1055 * valid system call code. If ptrace grows thread event
1056 * reporting then this test can be made more precise.
1059 wpid = waitpid(fpid, &status, 0);
1060 ATF_REQUIRE(wpid == fpid);
1061 ATF_REQUIRE(WIFSTOPPED(status));
1062 ATF_REQUIRE(WSTOPSIG(status) == SIGTRAP);
1064 ATF_REQUIRE(ptrace(PT_LWPINFO, wpid, (caddr_t)&pl,
1066 ATF_REQUIRE((pl.pl_flags & PL_FLAG_SCX) != 0);
1067 ATF_REQUIRE(pl.pl_syscall_code != 0);
1068 if (pl.pl_lwpid != mainlwp)
1069 /* New thread seen. */
1072 ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0) == 0);
1075 /* Wait for the child to exit. */
1076 ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0) == 0);
1078 wpid = waitpid(fpid, &status, 0);
1079 ATF_REQUIRE(wpid == fpid);
1080 if (WIFEXITED(status))
1083 ATF_REQUIRE(WIFSTOPPED(status));
1084 ATF_REQUIRE(WSTOPSIG(status) == SIGTRAP);
1085 ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0) == 0);
1088 ATF_REQUIRE(WEXITSTATUS(status) == 1);
1090 wpid = wait(&status);
1091 ATF_REQUIRE(wpid == -1);
1092 ATF_REQUIRE(errno == ECHILD);
1098 ATF_TP_ADD_TC(tp, ptrace__parent_wait_after_trace_me);
1099 ATF_TP_ADD_TC(tp, ptrace__parent_wait_after_attach);
1100 ATF_TP_ADD_TC(tp, ptrace__parent_sees_exit_after_child_debugger);
1101 ATF_TP_ADD_TC(tp, ptrace__parent_sees_exit_after_unrelated_debugger);
1102 ATF_TP_ADD_TC(tp, ptrace__follow_fork_both_attached);
1103 ATF_TP_ADD_TC(tp, ptrace__follow_fork_child_detached);
1104 ATF_TP_ADD_TC(tp, ptrace__follow_fork_parent_detached);
1105 ATF_TP_ADD_TC(tp, ptrace__follow_fork_both_attached_unrelated_debugger);
1107 ptrace__follow_fork_child_detached_unrelated_debugger);
1109 ptrace__follow_fork_parent_detached_unrelated_debugger);
1110 ATF_TP_ADD_TC(tp, ptrace__new_child_pl_syscall_code_fork);
1111 ATF_TP_ADD_TC(tp, ptrace__new_child_pl_syscall_code_vfork);
1112 ATF_TP_ADD_TC(tp, ptrace__new_child_pl_syscall_code_thread);
1114 return (atf_no_error());