Add WaitStatus::PtraceSyscall for use with PTRACE_O_TRACESYSGOOD

The recommended way to trace syscalls with ptrace is to set the
PTRACE_O_TRACESYSGOOD option, to distinguish syscall stops from
receiving an actual SIGTRAP. In C, this would cause WSTOPSIG to return
SIGTRAP | 0x80, but nix wants to parse that as an actual signal.

Add another wait status type for syscall stops (in the language of the
ptrace(2) manpage, "PTRACE_EVENT stops" and "Syscall-stops" are
different things), and mask out bit 0x80 from signals before trying to
parse it.

Closes nix-rust#550

Author: geofft

CHANGELOG.md

@@ -21,6 +21,9 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 - Added `nix::ptrace::{ptrace_get_data, ptrace_getsiginfo, ptrace_setsiginfo
   and nix::Error::UnsupportedOperation}`
   ([#614](https://github.com/nix-rust/nix/pull/614))
+- Added a `PtraceSyscall` variant to `nix::sys::wait::WaitStatus`
+  to support `PTRACE_O_TRACESYSGOOD` events on Linux
+  ([#566](https://github.com/nix-rust/nix/pull/566)).
 
 ### Changed
 - Marked `sys::mman::{ mmap, munmap, madvise, munlock, msync }` as unsafe.

src/sys/wait.rs

@@ -46,6 +46,8 @@ pub enum WaitStatus {
     Stopped(pid_t, Signal),
     #[cfg(any(target_os = "linux", target_os = "android"))]
     PtraceEvent(pid_t, Signal, c_int),
+    #[cfg(any(target_os = "linux", target_os = "android"))]
+    PtraceSyscall(pid_t),
     Continued(pid_t),
     StillAlive
 }
@@ -55,6 +57,7 @@ pub enum WaitStatus {
 mod status {
     use sys::signal::Signal;
     use libc::c_int;
+    use libc::SIGTRAP;
 
     pub fn exited(status: i32) -> bool {
         (status & 0x7F) == 0
@@ -81,7 +84,17 @@ mod status {
     }
 
     pub fn stop_signal(status: i32) -> Signal {
-        Signal::from_c_int((status & 0xFF00) >> 8).unwrap()
+        // Keep only 7 bits of the signal: the high bit
+        // is used to indicate syscall stops, below.
+        Signal::from_c_int((status & 0x7F00) >> 8).unwrap()
+    }
+
+    pub fn syscall_stop(status: i32) -> bool {
+        // From ptrace(2), setting PTRACE_O_TRACESYSGOOD has the effect
+        // of delivering SIGTRAP | 0x80 as the signal number for syscall
+        // stops. This allows easily distinguishing syscall stops from
+        // genuine SIGTRAP signals.
+        ((status & 0xFF00) >> 8) == SIGTRAP | 0x80
     }
 
     pub fn stop_additional(status: i32) -> c_int {
@@ -195,7 +208,9 @@ fn decode(pid : pid_t, status: i32) -> WaitStatus {
             if #[cfg(any(target_os = "linux", target_os = "android"))] {
                 fn decode_stopped(pid: pid_t, status: i32) -> WaitStatus {
                     let status_additional = status::stop_additional(status);
-                    if status_additional == 0 {
+                    if status::syscall_stop(status) {
+                        WaitStatus::PtraceSyscall(pid)
+                    } else if status_additional == 0 {
                         WaitStatus::Stopped(pid, status::stop_signal(status))
                     } else {
                         WaitStatus::PtraceEvent(pid, status::stop_signal(status), status::stop_additional(status))

test/sys/test_wait.rs

@@ -28,3 +28,51 @@ fn test_wait_exit() {
       Err(_) => panic!("Error: Fork Failed")
     }
 }
+
+#[cfg(any(target_os = "linux", target_os = "android"))]
+mod ptrace {
+    use nix::Result;
+    use nix::sys::ptrace::*;
+    use nix::sys::ptrace::ptrace::*;
+    use nix::sys::signal::*;
+    use nix::sys::wait::*;
+    use nix::unistd::*;
+    use nix::unistd::ForkResult::*;
+    use libc::{exit, pid_t};
+    use std::ptr;
+
+    fn ptrace_child() -> Result<()> {
+        try!(ptrace(PTRACE_TRACEME, 0, ptr::null_mut(), ptr::null_mut()));
+	// As recommended by ptrace(2), raise SIGTRAP to pause the child
+	// until the parent is ready to continue
+        try!(raise(SIGTRAP));
+        unsafe {exit(0)}
+    }
+
+    fn ptrace_parent(child: pid_t) -> Result<()> {
+        // Wait for the raised SIGTRAP
+        assert_eq!(waitpid(child, None), Ok(WaitStatus::Stopped(child, SIGTRAP)));
+        // We want to test a syscall stop and a PTRACE_EVENT stop
+        try!(ptrace_setoptions(child, PTRACE_O_TRACESYSGOOD | PTRACE_O_TRACEEXIT));
+
+        // First, stop on the next system call, which will be exit()
+        try!(ptrace(PTRACE_SYSCALL, child, ptr::null_mut(), ptr::null_mut()));
+        assert_eq!(waitpid(child, None), Ok(WaitStatus::PtraceSyscall(child)));
+        // Then get the ptrace event for the process exiting
+        try!(ptrace(PTRACE_CONT, child, ptr::null_mut(), ptr::null_mut()));
+        assert_eq!(waitpid(child, None), Ok(WaitStatus::PtraceEvent(child, SIGTRAP, PTRACE_EVENT_EXIT)));
+        // Finally get the normal wait() result, now that the process has exited
+        try!(ptrace(PTRACE_CONT, child, ptr::null_mut(), ptr::null_mut()));
+        assert_eq!(waitpid(child, None), Ok(WaitStatus::Exited(child, 0)));
+        Ok(())
+    }
+
+    #[test]
+    fn test_wait_ptrace() {
+        match fork() {
+            Ok(Child) => ptrace_child().unwrap(),
+            Ok(Parent { child }) => ptrace_parent(child).unwrap(),
+            Err(_) => panic!("Error: Fork Failed")
+        }
+    }
+}