]> git.saurik.com Git - apple/xnu.git/blob - bsd/kern/kern_exit.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-3248.60.10.tar.gz
[apple/xnu.git] / bsd / kern / kern_exit.c
1 /*
2 * Copyright (c) 2000-2011, 2015 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /* Copyright (c) 1995, 1997 Apple Computer, Inc. All Rights Reserved */
29 /*
30 * Copyright (c) 1982, 1986, 1989, 1991, 1993
31 * The Regents of the University of California. All rights reserved.
32 * (c) UNIX System Laboratories, Inc.
33 * All or some portions of this file are derived from material licensed
34 * to the University of California by American Telephone and Telegraph
35 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
36 * the permission of UNIX System Laboratories, Inc.
37 *
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
40 * are met:
41 * 1. Redistributions of source code must retain the above copyright
42 * notice, this list of conditions and the following disclaimer.
43 * 2. Redistributions in binary form must reproduce the above copyright
44 * notice, this list of conditions and the following disclaimer in the
45 * documentation and/or other materials provided with the distribution.
46 * 3. All advertising materials mentioning features or use of this software
47 * must display the following acknowledgement:
48 * This product includes software developed by the University of
49 * California, Berkeley and its contributors.
50 * 4. Neither the name of the University nor the names of its contributors
51 * may be used to endorse or promote products derived from this software
52 * without specific prior written permission.
53 *
54 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
55 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
56 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
57 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
58 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
59 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
60 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
62 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
63 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
64 * SUCH DAMAGE.
65 *
66 * @(#)kern_exit.c 8.7 (Berkeley) 2/12/94
67 */
68 /*
69 * NOTICE: This file was modified by SPARTA, Inc. in 2005 to introduce
70 * support for mandatory and extensible security protections. This notice
71 * is included in support of clause 2.2 (b) of the Apple Public License,
72 * Version 2.0.
73 */
74
75 #include <machine/reg.h>
76 #include <machine/psl.h>
77
78 #include "compat_43.h"
79
80 #include <sys/param.h>
81 #include <sys/systm.h>
82 #include <sys/ioctl.h>
83 #include <sys/proc_internal.h>
84 #include <sys/proc.h>
85 #include <sys/kauth.h>
86 #include <sys/tty.h>
87 #include <sys/time.h>
88 #include <sys/resource.h>
89 #include <sys/kernel.h>
90 #include <sys/wait.h>
91 #include <sys/file_internal.h>
92 #include <sys/vnode_internal.h>
93 #include <sys/syslog.h>
94 #include <sys/malloc.h>
95 #include <sys/resourcevar.h>
96 #include <sys/ptrace.h>
97 #include <sys/proc_info.h>
98 #include <sys/_types/_timeval64.h>
99 #include <sys/user.h>
100 #include <sys/aio_kern.h>
101 #include <sys/sysproto.h>
102 #include <sys/signalvar.h>
103 #include <sys/kdebug.h>
104 #include <sys/filedesc.h> /* fdfree */
105 #if SYSV_SHM
106 #include <sys/shm_internal.h> /* shmexit */
107 #endif
108 #include <sys/acct.h> /* acct_process */
109 #if CONFIG_PERSONAS
110 #include <sys/persona.h>
111 #endif
112
113 #include <security/audit/audit.h>
114 #include <bsm/audit_kevents.h>
115
116 #include <mach/mach_types.h>
117
118 #include <kern/kern_types.h>
119 #include <kern/kalloc.h>
120 #include <kern/task.h>
121 #include <corpses/task_corpse.h>
122 #include <kern/thread.h>
123 #include <kern/thread_call.h>
124 #include <kern/sched_prim.h>
125 #include <kern/assert.h>
126 #include <sys/codesign.h>
127
128 #if VM_PRESSURE_EVENTS
129 #include <kern/vm_pressure.h>
130 #endif
131
132 #if CONFIG_MEMORYSTATUS
133 #include <sys/kern_memorystatus.h>
134 #endif
135
136 #if CONFIG_DTRACE
137 /* Do not include dtrace.h, it redefines kmem_[alloc/free] */
138 extern void (*dtrace_fasttrap_exit_ptr)(proc_t);
139 extern void (*dtrace_helpers_cleanup)(proc_t);
140 extern void dtrace_lazy_dofs_destroy(proc_t);
141
142 #include <sys/dtrace_ptss.h>
143 #endif
144
145 #if CONFIG_MACF
146 #include <security/mac.h>
147 #include <sys/syscall.h>
148 #endif
149
150 #include <mach/mach_types.h>
151 #include <mach/task.h>
152 #include <mach/thread_act.h>
153
154 #include <vm/vm_protos.h>
155
156 #include <sys/sdt.h>
157
158 extern boolean_t init_task_died;
159 void proc_prepareexit(proc_t p, int rv, boolean_t perf_notify);
160 void vfork_exit(proc_t p, int rv);
161 void vproc_exit(proc_t p);
162 __private_extern__ void munge_user64_rusage(struct rusage *a_rusage_p, struct user64_rusage *a_user_rusage_p);
163 __private_extern__ void munge_user32_rusage(struct rusage *a_rusage_p, struct user32_rusage *a_user_rusage_p);
164 static int reap_child_locked(proc_t parent, proc_t child, int deadparent, int reparentedtoinit, int locked, int droplock);
165 static void populate_corpse_crashinfo(proc_t p, void *crash_info_ptr, struct rusage_superset *rup, mach_exception_data_type_t code, mach_exception_data_type_t subcode);
166 extern int proc_pidpathinfo(proc_t p, uint64_t arg, user_addr_t buffer, uint32_t buffersize, int32_t *retval);
167
168 static __attribute__((noinline)) void launchd_crashed_panic(proc_t p, int rv);
169 extern void proc_piduniqidentifierinfo(proc_t p, struct proc_uniqidentifierinfo *p_uniqidinfo);
170
171
172 /*
173 * Things which should have prototypes in headers, but don't
174 */
175 void proc_exit(proc_t p);
176 int wait1continue(int result);
177 int waitidcontinue(int result);
178 kern_return_t sys_perf_notify(thread_t thread, int pid);
179 kern_return_t task_exception_notify(exception_type_t exception,
180 mach_exception_data_type_t code, mach_exception_data_type_t subcode);
181 void delay(int);
182 void gather_rusage_info(proc_t p, rusage_info_current *ru, int flavor);
183
184 /*
185 * NOTE: Source and target may *NOT* overlap!
186 * XXX Should share code with bsd/dev/ppc/unix_signal.c
187 */
188 void
189 siginfo_user_to_user32(user_siginfo_t *in, user32_siginfo_t *out)
190 {
191 out->si_signo = in->si_signo;
192 out->si_errno = in->si_errno;
193 out->si_code = in->si_code;
194 out->si_pid = in->si_pid;
195 out->si_uid = in->si_uid;
196 out->si_status = in->si_status;
197 out->si_addr = CAST_DOWN_EXPLICIT(user32_addr_t,in->si_addr);
198 /* following cast works for sival_int because of padding */
199 out->si_value.sival_ptr = CAST_DOWN_EXPLICIT(user32_addr_t,in->si_value.sival_ptr);
200 out->si_band = in->si_band; /* range reduction */
201 }
202
203 void
204 siginfo_user_to_user64(user_siginfo_t *in, user64_siginfo_t *out)
205 {
206 out->si_signo = in->si_signo;
207 out->si_errno = in->si_errno;
208 out->si_code = in->si_code;
209 out->si_pid = in->si_pid;
210 out->si_uid = in->si_uid;
211 out->si_status = in->si_status;
212 out->si_addr = in->si_addr;
213 /* following cast works for sival_int because of padding */
214 out->si_value.sival_ptr = in->si_value.sival_ptr;
215 out->si_band = in->si_band; /* range reduction */
216 }
217
218 static int
219 copyoutsiginfo(user_siginfo_t *native, boolean_t is64, user_addr_t uaddr)
220 {
221 if (is64) {
222 user64_siginfo_t sinfo64;
223
224 bzero(&sinfo64, sizeof (sinfo64));
225 siginfo_user_to_user64(native, &sinfo64);
226 return (copyout(&sinfo64, uaddr, sizeof (sinfo64)));
227 } else {
228 user32_siginfo_t sinfo32;
229
230 bzero(&sinfo32, sizeof (sinfo32));
231 siginfo_user_to_user32(native, &sinfo32);
232 return (copyout(&sinfo32, uaddr, sizeof (sinfo32)));
233 }
234 }
235
236 static void populate_corpse_crashinfo(proc_t p, void *crash_info_ptr, struct rusage_superset *rup, mach_exception_data_type_t code, mach_exception_data_type_t subcode)
237 {
238 mach_vm_address_t uaddr = 0;
239 mach_exception_data_type_t exc_codes[EXCEPTION_CODE_MAX];
240 exc_codes[0] = code;
241 exc_codes[1] = subcode;
242 cpu_type_t cputype;
243 struct proc_uniqidentifierinfo p_uniqidinfo;
244 struct proc_workqueueinfo pwqinfo;
245 int retval = 0;
246 uint64_t crashed_threadid = thread_tid(current_thread());
247 unsigned int pflags = 0;
248
249 #if CONFIG_MEMORYSTATUS
250 int memstat_dirty_flags = 0;
251 #endif
252
253 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_EXCEPTION_CODES, sizeof(exc_codes), &uaddr)) {
254 copyout(exc_codes, uaddr, sizeof(exc_codes));
255 }
256
257 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_PID, sizeof(p->p_pid), &uaddr)) {
258 copyout(&p->p_pid, uaddr, sizeof(p->p_pid));
259 }
260
261 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_PPID, sizeof(p->p_ppid), &uaddr)) {
262 copyout(&p->p_ppid, uaddr, sizeof(p->p_ppid));
263 }
264
265 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_CRASHED_THREADID, sizeof(uint64_t), &uaddr)) {
266 copyout(&crashed_threadid, uaddr, sizeof(uint64_t));
267 }
268
269 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_RUSAGE, sizeof(struct rusage), &uaddr)) {
270 copyout(&rup->ru, uaddr, sizeof(struct rusage));
271 }
272
273 if (KERN_SUCCESS ==
274 kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_BSDINFOWITHUNIQID, sizeof(struct proc_uniqidentifierinfo), &uaddr)) {
275 proc_piduniqidentifierinfo(p, &p_uniqidinfo);
276 copyout(&p_uniqidinfo, uaddr, sizeof(struct proc_uniqidentifierinfo));
277 }
278
279 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_RUSAGE_INFO, sizeof(rusage_info_current), &uaddr)) {
280 copyout(&rup->ri, uaddr, sizeof(rusage_info_current));
281 }
282
283 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_PROC_CSFLAGS, sizeof(p->p_csflags), &uaddr)) {
284 copyout(&p->p_csflags, uaddr, sizeof(p->p_csflags));
285 }
286
287 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_PROC_NAME, sizeof(p->p_comm), &uaddr)) {
288 copyout(&p->p_comm, uaddr, sizeof(p->p_comm));
289 }
290
291 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_PROC_STARTTIME, sizeof(p->p_start), &uaddr)) {
292 struct timeval64 t64;
293 t64.tv_sec = (int64_t)p->p_start.tv_sec;
294 t64.tv_usec = (int64_t)p->p_start.tv_usec;
295 copyout(&t64, uaddr, sizeof(t64));
296 }
297
298 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_USERSTACK, sizeof(p->user_stack), &uaddr)) {
299 copyout(&p->user_stack, uaddr, sizeof(p->user_stack));
300 }
301
302 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_ARGSLEN, sizeof(p->p_argslen), &uaddr)) {
303 copyout(&p->p_argslen, uaddr, sizeof(p->p_argslen));
304 }
305
306 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_PROC_ARGC, sizeof(p->p_argc), &uaddr)) {
307 copyout(&p->p_argc, uaddr, sizeof(p->p_argc));
308 }
309
310 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_PROC_PATH, MAXPATHLEN, &uaddr)) {
311 proc_pidpathinfo(p, 0, uaddr, MAXPATHLEN, &retval);
312 }
313
314 pflags = p->p_flag & (P_LP64 | P_SUGID);
315 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_PROC_FLAGS, sizeof(pflags), &uaddr)) {
316 copyout(&pflags, uaddr, sizeof(pflags));
317 }
318
319 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_UID, sizeof(p->p_uid), &uaddr)) {
320 copyout(&p->p_uid, uaddr, sizeof(p->p_uid));
321 }
322
323 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_GID, sizeof(p->p_gid), &uaddr)) {
324 copyout(&p->p_gid, uaddr, sizeof(p->p_gid));
325 }
326
327 cputype = cpu_type() & ~CPU_ARCH_MASK;
328 if (IS_64BIT_PROCESS(p))
329 cputype |= CPU_ARCH_ABI64;
330
331 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_CPUTYPE, sizeof(cpu_type_t), &uaddr)) {
332 copyout(&cputype, uaddr, sizeof(cpu_type_t));
333 }
334
335 bzero(&pwqinfo, sizeof(struct proc_workqueueinfo));
336 retval = fill_procworkqueue(p, &pwqinfo);
337 if (retval == 0) {
338 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_WORKQUEUEINFO, sizeof(struct proc_workqueueinfo), &uaddr)) {
339 copyout(&pwqinfo, uaddr, sizeof(struct proc_workqueueinfo));
340 }
341 }
342
343 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_RESPONSIBLE_PID, sizeof(p->p_responsible_pid), &uaddr)) {
344 copyout(&p->p_responsible_pid, uaddr, sizeof(p->p_responsible_pid));
345 }
346
347 #if CONFIG_MEMORYSTATUS
348 memstat_dirty_flags = memorystatus_dirty_get(p);
349 if (KERN_SUCCESS == kcdata_get_memory_addr(crash_info_ptr, TASK_CRASHINFO_DIRTY_FLAGS, sizeof(memstat_dirty_flags), &uaddr)) {
350 copyout(&memstat_dirty_flags, uaddr, sizeof(memstat_dirty_flags));
351 }
352 #endif
353
354 }
355
356 static __attribute__((noinline)) void
357 launchd_crashed_panic(proc_t p, int rv)
358 {
359 printf("pid 1 exited (signal %d, exit %d)\n",
360 WTERMSIG(rv), WEXITSTATUS(rv));
361
362 #if (DEVELOPMENT || DEBUG)
363 /*
364 * For debugging purposes, generate a core file of initproc before
365 * panicking. Leave at least 300 MB free on the root volume, and ignore
366 * the process's corefile ulimit. fsync() the file to ensure it lands on disk
367 * before the panic hits.
368 */
369
370 int err;
371 uint64_t coredump_start = mach_absolute_time();
372 uint64_t coredump_end;
373 clock_sec_t tv_sec;
374 clock_usec_t tv_usec;
375 uint32_t tv_msec;
376
377 err = coredump(p, 300, COREDUMP_IGNORE_ULIMIT | COREDUMP_FULLFSYNC);
378
379 coredump_end = mach_absolute_time();
380
381 absolutetime_to_microtime(coredump_end - coredump_start, &tv_sec, &tv_usec);
382
383 tv_msec = tv_usec / 1000;
384
385 if (err != 0) {
386 printf("Failed to generate initproc core file: error %d, took %d.%03d seconds\n",
387 err, (uint32_t)tv_sec, tv_msec);
388 } else {
389 printf("Generated initproc core file in %d.%03d seconds\n",
390 (uint32_t)tv_sec, tv_msec);
391 }
392 #endif
393
394 sync(p, (void *)NULL, (int *)NULL);
395
396 panic_plain("%s exited (signal %d, exit status %d %s)", (p->p_name[0] != '\0' ? p->p_name : "initproc"), WTERMSIG(rv),
397 WEXITSTATUS(rv), ((p->p_csflags & CS_KILLED) ? "CS_KILLED" : ""));
398 }
399
400 /*
401 * exit --
402 * Death of process.
403 */
404 void
405 exit(proc_t p, struct exit_args *uap, int *retval)
406 {
407 exit1(p, W_EXITCODE(uap->rval, 0), retval);
408
409 thread_exception_return();
410 /* NOTREACHED */
411 while (TRUE)
412 thread_block(THREAD_CONTINUE_NULL);
413 /* NOTREACHED */
414 }
415
416 /*
417 * Exit: deallocate address space and other resources, change proc state
418 * to zombie, and unlink proc from allproc and parent's lists. Save exit
419 * status and rusage for wait(). Check for child processes and orphan them.
420 */
421 int
422 exit1(proc_t p, int rv, int *retval)
423 {
424 return exit1_internal(p, rv, retval, TRUE, TRUE, 0);
425 }
426
427 int
428 exit1_internal(proc_t p, int rv, int *retval, boolean_t thread_can_terminate, boolean_t perf_notify,
429 int jetsam_flags)
430 {
431 thread_t self = current_thread();
432 struct task *task = p->task;
433 struct uthread *ut;
434 int error = 0;
435
436 /*
437 * If a thread in this task has already
438 * called exit(), then halt any others
439 * right here.
440 */
441
442 ut = get_bsdthread_info(self);
443 if (ut->uu_flag & UT_VFORK) {
444 if (!thread_can_terminate) {
445 return EINVAL;
446 }
447
448 vfork_exit(p, rv);
449 vfork_return(p , retval, p->p_pid);
450 unix_syscall_return(0);
451 /* NOT REACHED */
452 }
453
454 /*
455 * The parameter list of audit_syscall_exit() was augmented to
456 * take the Darwin syscall number as the first parameter,
457 * which is currently required by mac_audit_postselect().
458 */
459
460 /*
461 * The BSM token contains two components: an exit status as passed
462 * to exit(), and a return value to indicate what sort of exit it
463 * was. The exit status is WEXITSTATUS(rv), but it's not clear
464 * what the return value is.
465 */
466 AUDIT_ARG(exit, WEXITSTATUS(rv), 0);
467 AUDIT_SYSCALL_EXIT(SYS_exit, p, ut, 0); /* Exit is always successfull */
468
469 DTRACE_PROC1(exit, int, CLD_EXITED);
470
471 /* mark process is going to exit and pull out of DBG/disk throttle */
472 /* TODO: This should be done after becoming exit thread */
473 proc_set_task_policy(p->task, THREAD_NULL, TASK_POLICY_ATTRIBUTE,
474 TASK_POLICY_TERMINATED, TASK_POLICY_ENABLE);
475
476 proc_lock(p);
477 error = proc_transstart(p, 1, (((jetsam_flags & P_JETSAM_MASK) == P_JETSAM_VNODE) ? 1 : 0));
478 if (error == EDEADLK) {
479 /* Temp: If deadlock error, then it implies multithreaded exec is
480 * in progress. Instread of letting exit continue and
481 * corrupting the freed memory, let the exit thread
482 * return. This will save corruption in remote case.
483 */
484 proc_unlock(p);
485 if (current_proc() == p){
486 if (p->exit_thread == self)
487 printf("exit_thread failed to exit, leaving process %s[%d] in unkillable limbo\n",
488 p->p_comm, p->p_pid);
489 thread_exception_return();
490 } else {
491 /* external termination like jetsam */
492 return(error);
493 }
494 }
495
496 while (p->exit_thread != self) {
497 if (sig_try_locked(p) <= 0) {
498 proc_transend(p, 1);
499 if (get_threadtask(self) != task) {
500 proc_unlock(p);
501 return(0);
502 }
503 proc_unlock(p);
504
505 thread_terminate(self);
506 if (!thread_can_terminate) {
507 return 0;
508 }
509
510 thread_exception_return();
511 /* NOTREACHED */
512 }
513 sig_lock_to_exit(p);
514 }
515
516 if (p == initproc && current_proc() == p) {
517 init_task_died = TRUE;
518 }
519
520 p->p_lflag |= P_LEXIT;
521 p->p_xstat = rv;
522 p->p_lflag |= jetsam_flags;
523
524 proc_transend(p, 1);
525 proc_unlock(p);
526
527 proc_prepareexit(p, rv, perf_notify);
528
529 /* Last thread to terminate will call proc_exit() */
530 task_terminate_internal(task);
531
532 return(0);
533 }
534
535 void
536 proc_prepareexit(proc_t p, int rv, boolean_t perf_notify)
537 {
538 mach_exception_data_type_t code = 0, subcode = 0;
539
540 struct uthread *ut;
541 thread_t self = current_thread();
542 ut = get_bsdthread_info(self);
543 struct rusage_superset *rup;
544 int kr = 0;
545 int create_corpse = FALSE;
546
547 if (p == initproc) {
548 launchd_crashed_panic(p, rv);
549 /* NOTREACHED */
550 }
551
552 /* If a core should be generated, notify crash reporter */
553 if (hassigprop(WTERMSIG(rv), SA_CORE) || ((p->p_csflags & CS_KILLED) != 0)) {
554 /*
555 * Workaround for processes checking up on PT_DENY_ATTACH:
556 * should be backed out post-Leopard (details in 5431025).
557 */
558 if ((SIGSEGV == WTERMSIG(rv)) &&
559 (p->p_pptr->p_lflag & P_LNOATTACH)) {
560 goto skipcheck;
561 }
562
563 /*
564 * Crash Reporter looks for the signal value, original exception
565 * type, and low 20 bits of the original code in code[0]
566 * (8, 4, and 20 bits respectively). code[1] is unmodified.
567 */
568 code = ((WTERMSIG(rv) & 0xff) << 24) |
569 ((ut->uu_exception & 0x0f) << 20) |
570 ((int)ut->uu_code & 0xfffff);
571 subcode = ut->uu_subcode;
572
573 kr = task_exception_notify(EXC_CRASH, code, subcode);
574
575 /* Nobody handled EXC_CRASH?? remember to make corpse */
576 if (kr != 0) {
577 create_corpse = TRUE;
578 }
579 }
580
581 skipcheck:
582 /* Notify the perf server? */
583 if (perf_notify) {
584 (void)sys_perf_notify(self, p->p_pid);
585 }
586
587
588 /* stash the usage into corpse data if making_corpse == true */
589 if (create_corpse == TRUE) {
590 kr = task_mark_corpse(current_task());
591 if (kr != KERN_SUCCESS) {
592 if (kr == KERN_NO_SPACE) {
593 printf("Process[%d] has no vm space for corpse info.\n", p->p_pid);
594 } else if (kr == KERN_NOT_SUPPORTED) {
595 printf("Process[%d] was destined to be corpse. But corpse is disabled by config.\n", p->p_pid);
596 } else {
597 printf("Process[%d] crashed: %s. Too many corpses being created.\n", p->p_pid, p->p_comm);
598 }
599 create_corpse = FALSE;
600 } else {
601 /* XXX: <rdar://problem/20491659> Need to sync ATM buffer before crash */
602 kr = task_send_trace_memory(current_task(), p->p_pid, p->p_uniqueid);
603 }
604 }
605
606 /*
607 * Before this process becomes a zombie, stash resource usage
608 * stats in the proc for external observers to query
609 * via proc_pid_rusage().
610 *
611 * If the zombie allocation fails, just punt the stats.
612 */
613 MALLOC_ZONE(rup, struct rusage_superset *,
614 sizeof (*rup), M_ZOMBIE, M_WAITOK);
615 if (rup != NULL) {
616 gather_rusage_info(p, &rup->ri, RUSAGE_INFO_CURRENT);
617 rup->ri.ri_phys_footprint = 0;
618 rup->ri.ri_proc_exit_abstime = mach_absolute_time();
619
620 /*
621 * Make the rusage_info visible to external observers
622 * only after it has been completely filled in.
623 */
624 p->p_ru = rup;
625 }
626 if (create_corpse) {
627 populate_corpse_crashinfo(p, task_get_corpseinfo(current_task()), rup, code, subcode);
628 }
629 /*
630 * Remove proc from allproc queue and from pidhash chain.
631 * Need to do this before we do anything that can block.
632 * Not doing causes things like mount() find this on allproc
633 * in partially cleaned state.
634 */
635
636 proc_list_lock();
637
638 #if CONFIG_MEMORYSTATUS
639 memorystatus_remove(p, TRUE);
640 #endif
641
642 LIST_REMOVE(p, p_list);
643 LIST_INSERT_HEAD(&zombproc, p, p_list); /* Place onto zombproc. */
644 /* will not be visible via proc_find */
645 p->p_listflag |= P_LIST_EXITED;
646
647 proc_list_unlock();
648
649
650 #ifdef PGINPROF
651 vmsizmon();
652 #endif
653 /*
654 * If parent is waiting for us to exit or exec,
655 * P_LPPWAIT is set; we will wakeup the parent below.
656 */
657 proc_lock(p);
658 p->p_lflag &= ~(P_LTRACED | P_LPPWAIT);
659 p->p_sigignore = ~(sigcantmask);
660 ut->uu_siglist = 0;
661 proc_unlock(p);
662 }
663
664 void
665 proc_exit(proc_t p)
666 {
667 proc_t q;
668 proc_t pp;
669 struct task *task = p->task;
670 vnode_t tvp = NULLVP;
671 struct pgrp * pg;
672 struct session *sessp;
673 struct uthread * uth;
674 pid_t pid;
675 int exitval;
676 int knote_hint;
677
678 uth = current_uthread();
679
680 proc_lock(p);
681 proc_transstart(p, 1, 0);
682 if( !(p->p_lflag & P_LEXIT)) {
683 /*
684 * This can happen if a thread_terminate() occurs
685 * in a single-threaded process.
686 */
687 p->p_lflag |= P_LEXIT;
688 proc_transend(p, 1);
689 proc_unlock(p);
690 proc_prepareexit(p, 0, TRUE);
691 (void) task_terminate_internal(task);
692 proc_lock(p);
693 } else {
694 proc_transend(p, 1);
695 }
696
697 p->p_lflag |= P_LPEXIT;
698
699 /*
700 * Other kernel threads may be in the middle of signalling this process.
701 * Wait for those threads to wrap it up before making the process
702 * disappear on them.
703 */
704 if ((p->p_lflag & P_LINSIGNAL) || (p->p_sigwaitcnt > 0)) {
705 p->p_sigwaitcnt++;
706 while ((p->p_lflag & P_LINSIGNAL) || (p->p_sigwaitcnt > 1))
707 msleep(&p->p_sigmask, &p->p_mlock, PWAIT, "proc_sigdrain", NULL);
708 p->p_sigwaitcnt--;
709 }
710
711 proc_unlock(p);
712 pid = p->p_pid;
713 exitval = p->p_xstat;
714 KERNEL_DEBUG_CONSTANT_IST(KDEBUG_COMMON,
715 BSDDBG_CODE(DBG_BSD_PROC, BSD_PROC_EXIT) | DBG_FUNC_START,
716 pid, exitval, 0, 0, 0);
717
718 #if CONFIG_DTRACE
719 /*
720 * Free any outstanding lazy dof entries. It is imperative we
721 * always call dtrace_lazy_dofs_destroy, rather than null check
722 * and call if !NULL. If we NULL test, during lazy dof faulting
723 * we can race with the faulting code and proceed from here to
724 * beyond the helpers cleanup. The lazy dof faulting will then
725 * install new helpers which will never be cleaned up, and leak.
726 */
727 dtrace_lazy_dofs_destroy(p);
728
729 /*
730 * Clean up any DTrace helper actions or probes for the process.
731 */
732 if (p->p_dtrace_helpers != NULL) {
733 (*dtrace_helpers_cleanup)(p);
734 }
735
736 /*
737 * Clean up any DTrace probes associated with this process.
738 */
739 /*
740 * APPLE NOTE: We release ptss pages/entries in dtrace_fasttrap_exit_ptr(),
741 * call this after dtrace_helpers_cleanup()
742 */
743 proc_lock(p);
744 if (p->p_dtrace_probes && dtrace_fasttrap_exit_ptr) {
745 (*dtrace_fasttrap_exit_ptr)(p);
746 }
747 proc_unlock(p);
748 #endif
749
750 nspace_proc_exit(p);
751
752 #if VM_PRESSURE_EVENTS
753 vm_pressure_proc_cleanup(p);
754 #endif
755
756 /*
757 * need to cancel async IO requests that can be cancelled and wait for those
758 * already active. MAY BLOCK!
759 */
760
761 proc_refdrain(p);
762
763 /* if any pending cpu limits action, clear it */
764 task_clear_cpuusage(p->task, TRUE);
765
766 workqueue_mark_exiting(p);
767 workqueue_exit(p);
768 kqueue_dealloc(p->p_wqkqueue);
769 p->p_wqkqueue = NULL;
770
771 _aio_exit( p );
772
773 /*
774 * Close open files and release open-file table.
775 * This may block!
776 */
777 fdfree(p);
778
779 if (uth->uu_lowpri_window) {
780 /*
781 * task is marked as a low priority I/O type
782 * and the I/O we issued while in flushing files on close
783 * collided with normal I/O operations...
784 * no need to throttle this thread since its going away
785 * but we do need to update our bookeeping w/r to throttled threads
786 */
787 throttle_lowpri_io(0);
788 }
789
790 #if SYSV_SHM
791 /* Close ref SYSV Shared memory*/
792 if (p->vm_shm)
793 shmexit(p);
794 #endif
795 #if SYSV_SEM
796 /* Release SYSV semaphores */
797 semexit(p);
798 #endif
799
800 #if PSYNCH
801 pth_proc_hashdelete(p);
802 #endif /* PSYNCH */
803
804 sessp = proc_session(p);
805 if (SESS_LEADER(p, sessp)) {
806
807 if (sessp->s_ttyvp != NULLVP) {
808 struct vnode *ttyvp;
809 int ttyvid;
810 int cttyflag = 0;
811 struct vfs_context context;
812 struct tty *tp;
813
814 /*
815 * Controlling process.
816 * Signal foreground pgrp,
817 * drain controlling terminal
818 * and revoke access to controlling terminal.
819 */
820 session_lock(sessp);
821 tp = SESSION_TP(sessp);
822 if ((tp != TTY_NULL) && (tp->t_session == sessp)) {
823 session_unlock(sessp);
824
825 /*
826 * We're going to SIGHUP the foreground process
827 * group. It can't change from this point on
828 * until the revoke is complete.
829 * The process group changes under both the tty
830 * lock and proc_list_lock but we need only one
831 */
832 tty_lock(tp);
833 ttysetpgrphup(tp);
834 tty_unlock(tp);
835
836 tty_pgsignal(tp, SIGHUP, 1);
837
838 session_lock(sessp);
839 tp = SESSION_TP(sessp);
840 }
841 cttyflag = sessp->s_flags & S_CTTYREF;
842 sessp->s_flags &= ~S_CTTYREF;
843 ttyvp = sessp->s_ttyvp;
844 ttyvid = sessp->s_ttyvid;
845 sessp->s_ttyvp = NULLVP;
846 sessp->s_ttyvid = 0;
847 sessp->s_ttyp = TTY_NULL;
848 sessp->s_ttypgrpid = NO_PID;
849 session_unlock(sessp);
850
851 if ((ttyvp != NULLVP) && (vnode_getwithvid(ttyvp, ttyvid) == 0)) {
852 if (tp != TTY_NULL) {
853 tty_lock(tp);
854 (void) ttywait(tp);
855 tty_unlock(tp);
856 }
857 context.vc_thread = proc_thread(p); /* XXX */
858 context.vc_ucred = kauth_cred_proc_ref(p);
859 VNOP_REVOKE(ttyvp, REVOKEALL, &context);
860 if (cttyflag) {
861 /*
862 * Release the extra usecount taken in cttyopen.
863 * usecount should be released after VNOP_REVOKE is called.
864 * This usecount was taken to ensure that
865 * the VNOP_REVOKE results in a close to
866 * the tty since cttyclose is a no-op.
867 */
868 vnode_rele(ttyvp);
869 }
870 vnode_put(ttyvp);
871 kauth_cred_unref(&context.vc_ucred);
872 ttyvp = NULLVP;
873 }
874 if (tp) {
875 /*
876 * This is cleared even if not set. This is also done in
877 * spec_close to ensure that the flag is cleared.
878 */
879 tty_lock(tp);
880 ttyclrpgrphup(tp);
881 tty_unlock(tp);
882
883 ttyfree(tp);
884 }
885 }
886 session_lock(sessp);
887 sessp->s_leader = NULL;
888 session_unlock(sessp);
889 }
890 session_rele(sessp);
891
892 pg = proc_pgrp(p);
893 fixjobc(p, pg, 0);
894 pg_rele(pg);
895
896 p->p_rlimit[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY;
897 (void)acct_process(p);
898
899 proc_list_lock();
900
901 if ((p->p_listflag & P_LIST_EXITCOUNT) == P_LIST_EXITCOUNT) {
902 p->p_listflag &= ~P_LIST_EXITCOUNT;
903 proc_shutdown_exitcount--;
904 if (proc_shutdown_exitcount == 0)
905 wakeup(&proc_shutdown_exitcount);
906 }
907
908 /* wait till parentrefs are dropped and grant no more */
909 proc_childdrainstart(p);
910 while ((q = p->p_children.lh_first) != NULL) {
911 int reparentedtoinit = (q->p_listflag & P_LIST_DEADPARENT) ? 1 : 0;
912 if (q->p_stat == SZOMB) {
913 if (p != q->p_pptr)
914 panic("parent child linkage broken");
915 /* check for sysctl zomb lookup */
916 while ((q->p_listflag & P_LIST_WAITING) == P_LIST_WAITING) {
917 msleep(&q->p_stat, proc_list_mlock, PWAIT, "waitcoll", 0);
918 }
919 q->p_listflag |= P_LIST_WAITING;
920 /*
921 * This is a named reference and it is not granted
922 * if the reap is already in progress. So we get
923 * the reference here exclusively and their can be
924 * no waiters. So there is no need for a wakeup
925 * after we are done. Also the reap frees the structure
926 * and the proc struct cannot be used for wakeups as well.
927 * It is safe to use q here as this is system reap
928 */
929 (void)reap_child_locked(p, q, 1, reparentedtoinit, 1, 0);
930 } else {
931 /*
932 * Traced processes are killed
933 * since their existence means someone is messing up.
934 */
935 if (q->p_lflag & P_LTRACED) {
936 struct proc *opp;
937
938 /*
939 * Take a reference on the child process to
940 * ensure it doesn't exit and disappear between
941 * the time we drop the list_lock and attempt
942 * to acquire its proc_lock.
943 */
944 if (proc_ref_locked(q) != q)
945 continue;
946
947 proc_list_unlock();
948
949 opp = proc_find(q->p_oppid);
950 if (opp != PROC_NULL) {
951 proc_list_lock();
952 q->p_oppid = 0;
953 proc_list_unlock();
954 proc_reparentlocked(q, opp, 0, 0);
955 proc_rele(opp);
956 } else {
957 /* original parent exited while traced */
958 proc_list_lock();
959 q->p_listflag |= P_LIST_DEADPARENT;
960 q->p_oppid = 0;
961 proc_list_unlock();
962 proc_reparentlocked(q, initproc, 0, 0);
963 }
964
965 proc_lock(q);
966 q->p_lflag &= ~P_LTRACED;
967
968 if (q->sigwait_thread) {
969 thread_t thread = q->sigwait_thread;
970
971 proc_unlock(q);
972 /*
973 * The sigwait_thread could be stopped at a
974 * breakpoint. Wake it up to kill.
975 * Need to do this as it could be a thread which is not
976 * the first thread in the task. So any attempts to kill
977 * the process would result into a deadlock on q->sigwait.
978 */
979 thread_resume(thread);
980 clear_wait(thread, THREAD_INTERRUPTED);
981 threadsignal(thread, SIGKILL, 0);
982 } else {
983 proc_unlock(q);
984 }
985
986 psignal(q, SIGKILL);
987 proc_list_lock();
988 proc_rele_locked(q);
989 } else {
990 q->p_listflag |= P_LIST_DEADPARENT;
991 proc_reparentlocked(q, initproc, 0, 1);
992 }
993 }
994 }
995
996 proc_childdrainend(p);
997 proc_list_unlock();
998
999 /*
1000 * Release reference to text vnode
1001 */
1002 tvp = p->p_textvp;
1003 p->p_textvp = NULL;
1004 if (tvp != NULLVP) {
1005 vnode_rele(tvp);
1006 }
1007
1008 /*
1009 * Save exit status and final rusage info, adding in child rusage
1010 * info and self times. If we were unable to allocate a zombie
1011 * structure, this information is lost.
1012 */
1013 if (p->p_ru != NULL) {
1014 calcru(p, &p->p_stats->p_ru.ru_utime, &p->p_stats->p_ru.ru_stime, NULL);
1015 p->p_ru->ru = p->p_stats->p_ru;
1016
1017 ruadd(&(p->p_ru->ru), &p->p_stats->p_cru);
1018 }
1019
1020 /*
1021 * Free up profiling buffers.
1022 */
1023 {
1024 struct uprof *p0 = &p->p_stats->p_prof, *p1, *pn;
1025
1026 p1 = p0->pr_next;
1027 p0->pr_next = NULL;
1028 p0->pr_scale = 0;
1029
1030 for (; p1 != NULL; p1 = pn) {
1031 pn = p1->pr_next;
1032 kfree(p1, sizeof *p1);
1033 }
1034 }
1035
1036 proc_spinlock(p);
1037 if (thread_call_cancel(p->p_rcall))
1038 p->p_ractive--;
1039
1040 while (p->p_ractive > 0) {
1041 proc_spinunlock(p);
1042
1043 delay(1);
1044
1045 proc_spinlock(p);
1046 }
1047 proc_spinunlock(p);
1048
1049 thread_call_free(p->p_rcall);
1050 p->p_rcall = NULL;
1051
1052 /*
1053 * Other substructures are freed from wait().
1054 */
1055 FREE_ZONE(p->p_stats, sizeof *p->p_stats, M_PSTATS);
1056 p->p_stats = NULL;
1057
1058 FREE_ZONE(p->p_sigacts, sizeof *p->p_sigacts, M_SIGACTS);
1059 p->p_sigacts = NULL;
1060
1061 proc_limitdrop(p, 1);
1062 p->p_limit = NULL;
1063
1064 vm_purgeable_disown(p->task);
1065
1066 /*
1067 * Finish up by terminating the task
1068 * and halt this thread (only if a
1069 * member of the task exiting).
1070 */
1071 p->task = TASK_NULL;
1072 set_bsdtask_info(task, NULL);
1073
1074 knote_hint = NOTE_EXIT | (p->p_xstat & 0xffff);
1075 proc_knote(p, knote_hint);
1076
1077 /* mark the thread as the one that is doing proc_exit
1078 * no need to hold proc lock in uthread_free
1079 */
1080 uth->uu_flag |= UT_PROCEXIT;
1081 /*
1082 * Notify parent that we're gone.
1083 */
1084 pp = proc_parent(p);
1085 if (pp->p_flag & P_NOCLDWAIT) {
1086
1087 if (p->p_ru != NULL) {
1088 proc_lock(pp);
1089 #if 3839178
1090 /*
1091 * If the parent is ignoring SIGCHLD, then POSIX requires
1092 * us to not add the resource usage to the parent process -
1093 * we are only going to hand it off to init to get reaped.
1094 * We should contest the standard in this case on the basis
1095 * of RLIMIT_CPU.
1096 */
1097 #else /* !3839178 */
1098 /*
1099 * Add child resource usage to parent before giving
1100 * zombie to init. If we were unable to allocate a
1101 * zombie structure, this information is lost.
1102 */
1103 ruadd(&pp->p_stats->p_cru, &p->p_ru->ru);
1104 #endif /* !3839178 */
1105 update_rusage_info_child(&pp->p_stats->ri_child, &p->p_ru->ri);
1106 proc_unlock(pp);
1107 }
1108
1109 /* kernel can reap this one, no need to move it to launchd */
1110 proc_list_lock();
1111 p->p_listflag |= P_LIST_DEADPARENT;
1112 proc_list_unlock();
1113 }
1114 if ((p->p_listflag & P_LIST_DEADPARENT) == 0 || p->p_oppid) {
1115 if (pp != initproc) {
1116 proc_lock(pp);
1117 pp->si_pid = p->p_pid;
1118 pp->si_status = p->p_xstat;
1119 pp->si_code = CLD_EXITED;
1120 /*
1121 * p_ucred usage is safe as it is an exiting process
1122 * and reference is dropped in reap
1123 */
1124 pp->si_uid = kauth_cred_getruid(p->p_ucred);
1125 proc_unlock(pp);
1126 }
1127 /* mark as a zombie */
1128 /* No need to take proc lock as all refs are drained and
1129 * no one except parent (reaping ) can look at this.
1130 * The write is to an int and is coherent. Also parent is
1131 * keyed off of list lock for reaping
1132 */
1133 KERNEL_DEBUG_CONSTANT_IST(KDEBUG_COMMON,
1134 BSDDBG_CODE(DBG_BSD_PROC, BSD_PROC_EXIT) | DBG_FUNC_END,
1135 pid, exitval, 0, 0, 0);
1136 p->p_stat = SZOMB;
1137 /*
1138 * The current process can be reaped so, no one
1139 * can depend on this
1140 */
1141
1142 psignal(pp, SIGCHLD);
1143
1144 /* and now wakeup the parent */
1145 proc_list_lock();
1146 wakeup((caddr_t)pp);
1147 proc_list_unlock();
1148 } else {
1149 /* should be fine as parent proc would be initproc */
1150 /* mark as a zombie */
1151 /* No need to take proc lock as all refs are drained and
1152 * no one except parent (reaping ) can look at this.
1153 * The write is to an int and is coherent. Also parent is
1154 * keyed off of list lock for reaping
1155 */
1156 proc_list_lock();
1157 KERNEL_DEBUG_CONSTANT_IST(KDEBUG_COMMON,
1158 BSDDBG_CODE(DBG_BSD_PROC, BSD_PROC_EXIT) | DBG_FUNC_END,
1159 pid, exitval, 0, 0, 0);
1160 /* check for sysctl zomb lookup */
1161 while ((p->p_listflag & P_LIST_WAITING) == P_LIST_WAITING) {
1162 msleep(&p->p_stat, proc_list_mlock, PWAIT, "waitcoll", 0);
1163 }
1164 /* safe to use p as this is a system reap */
1165 p->p_stat = SZOMB;
1166 p->p_listflag |= P_LIST_WAITING;
1167
1168 /*
1169 * This is a named reference and it is not granted
1170 * if the reap is already in progress. So we get
1171 * the reference here exclusively and their can be
1172 * no waiters. So there is no need for a wakeup
1173 * after we are done. AlsO the reap frees the structure
1174 * and the proc struct cannot be used for wakeups as well.
1175 * It is safe to use p here as this is system reap
1176 */
1177 (void)reap_child_locked(pp, p, 1, 0, 1, 1);
1178 /* list lock dropped by reap_child_locked */
1179 }
1180 if (uth->uu_lowpri_window) {
1181 /*
1182 * task is marked as a low priority I/O type and we've
1183 * somehow picked up another throttle during exit processing...
1184 * no need to throttle this thread since its going away
1185 * but we do need to update our bookeeping w/r to throttled threads
1186 */
1187 throttle_lowpri_io(0);
1188 }
1189
1190 proc_rele(pp);
1191
1192 }
1193
1194
1195 /*
1196 * reap_child_locked
1197 *
1198 * Description: Given a process from which all status information needed
1199 * has already been extracted, if the process is a ptrace
1200 * attach process, detach it and give it back to its real
1201 * parent, else recover all resources remaining associated
1202 * with it.
1203 *
1204 * Parameters: proc_t parent Parent of process being reaped
1205 * proc_t child Process to reap
1206 *
1207 * Returns: 0 Process was not reaped because it
1208 * came from an attach
1209 * 1 Process was reaped
1210 */
1211 static int
1212 reap_child_locked(proc_t parent, proc_t child, int deadparent, int reparentedtoinit, int locked, int droplock)
1213 {
1214 proc_t trace_parent = PROC_NULL; /* Traced parent process, if tracing */
1215
1216 if (locked == 1)
1217 proc_list_unlock();
1218
1219 /*
1220 * If we got the child via a ptrace 'attach',
1221 * we need to give it back to the old parent.
1222 *
1223 * Exception: someone who has been reparented to launchd before being
1224 * ptraced can simply be reaped, refer to radar 5677288
1225 * p_oppid -> ptraced
1226 * trace_parent == initproc -> away from launchd
1227 * reparentedtoinit -> came to launchd by reparenting
1228 */
1229 if (child->p_oppid) {
1230 int knote_hint;
1231 pid_t oppid;
1232
1233 proc_lock(child);
1234 oppid = child->p_oppid;
1235 child->p_oppid = 0;
1236 knote_hint = NOTE_EXIT | (child->p_xstat & 0xffff);
1237 proc_unlock(child);
1238
1239 if ((trace_parent = proc_find(oppid))
1240 && !((trace_parent == initproc) && reparentedtoinit)) {
1241
1242 if (trace_parent != initproc) {
1243 /*
1244 * proc internal fileds and p_ucred usage safe
1245 * here as child is dead and is not reaped or
1246 * reparented yet
1247 */
1248 proc_lock(trace_parent);
1249 trace_parent->si_pid = child->p_pid;
1250 trace_parent->si_status = child->p_xstat;
1251 trace_parent->si_code = CLD_CONTINUED;
1252 trace_parent->si_uid = kauth_cred_getruid(child->p_ucred);
1253 proc_unlock(trace_parent);
1254 }
1255 proc_reparentlocked(child, trace_parent, 1, 0);
1256
1257 /* resend knote to original parent (and others) after reparenting */
1258 proc_knote(child, knote_hint);
1259
1260 psignal(trace_parent, SIGCHLD);
1261 proc_list_lock();
1262 wakeup((caddr_t)trace_parent);
1263 child->p_listflag &= ~P_LIST_WAITING;
1264 wakeup(&child->p_stat);
1265 proc_list_unlock();
1266 proc_rele(trace_parent);
1267 if ((locked == 1) && (droplock == 0))
1268 proc_list_lock();
1269 return (0);
1270 }
1271
1272 /*
1273 * If we can't reparent (e.g. the original parent exited while child was being debugged, or
1274 * original parent is the same as the debugger currently exiting), we still need to satisfy
1275 * the knote lifecycle for other observers on the system. While the debugger was attached,
1276 * the NOTE_EXIT would not have been broadcast during initial child termination.
1277 */
1278 proc_knote(child, knote_hint);
1279
1280 if (trace_parent != PROC_NULL) {
1281 proc_rele(trace_parent);
1282 }
1283 }
1284
1285 #pragma clang diagnostic push
1286 #pragma clang diagnostic ignored "-Wdeprecated-declarations"
1287 proc_knote(child, NOTE_REAP);
1288 #pragma clang diagnostic pop
1289
1290 proc_knote_drain(child);
1291
1292 child->p_xstat = 0;
1293 if (child->p_ru) {
1294 proc_lock(parent);
1295 #if 3839178
1296 /*
1297 * If the parent is ignoring SIGCHLD, then POSIX requires
1298 * us to not add the resource usage to the parent process -
1299 * we are only going to hand it off to init to get reaped.
1300 * We should contest the standard in this case on the basis
1301 * of RLIMIT_CPU.
1302 */
1303 if (!(parent->p_flag & P_NOCLDWAIT))
1304 #endif /* 3839178 */
1305 ruadd(&parent->p_stats->p_cru, &child->p_ru->ru);
1306 update_rusage_info_child(&parent->p_stats->ri_child, &child->p_ru->ri);
1307 proc_unlock(parent);
1308 FREE_ZONE(child->p_ru, sizeof *child->p_ru, M_ZOMBIE);
1309 child->p_ru = NULL;
1310 } else {
1311 printf("Warning : lost p_ru for %s\n", child->p_comm);
1312 }
1313
1314 AUDIT_SESSION_PROCEXIT(child);
1315
1316 /*
1317 * Decrement the count of procs running with this uid.
1318 * p_ucred usage is safe here as it is an exited process.
1319 * and refernce is dropped after these calls down below
1320 * (locking protection is provided by list lock held in chgproccnt)
1321 */
1322 #if CONFIG_PERSONAS
1323 /*
1324 * persona_proc_drop calls chgproccnt(-1) on the persona uid,
1325 * and (+1) on the child->p_ucred uid
1326 */
1327 persona_proc_drop(child);
1328 #endif
1329 (void)chgproccnt(kauth_cred_getruid(child->p_ucred), -1);
1330
1331 /*
1332 * Free up credentials.
1333 */
1334 if (IS_VALID_CRED(child->p_ucred)) {
1335 kauth_cred_unref(&child->p_ucred);
1336 }
1337
1338 /* XXXX Note NOT SAFE TO USE p_ucred from this point onwards */
1339
1340 /*
1341 * Finally finished with old proc entry.
1342 * Unlink it from its process group and free it.
1343 */
1344 leavepgrp(child);
1345
1346 proc_list_lock();
1347 LIST_REMOVE(child, p_list); /* off zombproc */
1348 parent->p_childrencnt--;
1349 LIST_REMOVE(child, p_sibling);
1350 /* If there are no more children wakeup parent */
1351 if ((deadparent != 0) && (LIST_EMPTY(&parent->p_children)))
1352 wakeup((caddr_t)parent); /* with list lock held */
1353 child->p_listflag &= ~P_LIST_WAITING;
1354 wakeup(&child->p_stat);
1355
1356 /* Take it out of process hash */
1357 LIST_REMOVE(child, p_hash);
1358 child->p_listflag &= ~P_LIST_INHASH;
1359 proc_checkdeadrefs(child);
1360 nprocs--;
1361
1362 if (deadparent) {
1363 /*
1364 * If a child zombie is being reaped because its parent
1365 * is exiting, make sure we update the list flag
1366 */
1367 child->p_listflag |= P_LIST_DEADPARENT;
1368 }
1369
1370 proc_list_unlock();
1371
1372 #if CONFIG_FINE_LOCK_GROUPS
1373 lck_mtx_destroy(&child->p_mlock, proc_mlock_grp);
1374 lck_mtx_destroy(&child->p_fdmlock, proc_fdmlock_grp);
1375 lck_mtx_destroy(&child->p_ucred_mlock, proc_ucred_mlock_grp);
1376 #if CONFIG_DTRACE
1377 lck_mtx_destroy(&child->p_dtrace_sprlock, proc_lck_grp);
1378 #endif
1379 lck_spin_destroy(&child->p_slock, proc_slock_grp);
1380 #else /* CONFIG_FINE_LOCK_GROUPS */
1381 lck_mtx_destroy(&child->p_mlock, proc_lck_grp);
1382 lck_mtx_destroy(&child->p_fdmlock, proc_lck_grp);
1383 lck_mtx_destroy(&child->p_ucred_mlock, proc_lck_grp);
1384 #if CONFIG_DTRACE
1385 lck_mtx_destroy(&child->p_dtrace_sprlock, proc_lck_grp);
1386 #endif
1387 lck_spin_destroy(&child->p_slock, proc_lck_grp);
1388 #endif /* CONFIG_FINE_LOCK_GROUPS */
1389 workqueue_destroy_lock(child);
1390
1391 FREE_ZONE(child, sizeof *child, M_PROC);
1392 if ((locked == 1) && (droplock == 0))
1393 proc_list_lock();
1394
1395 return (1);
1396 }
1397
1398
1399 int
1400 wait1continue(int result)
1401 {
1402 proc_t p;
1403 thread_t thread;
1404 uthread_t uth;
1405 struct _wait4_data *wait4_data;
1406 struct wait4_nocancel_args *uap;
1407 int *retval;
1408
1409 if (result)
1410 return(result);
1411
1412 p = current_proc();
1413 thread = current_thread();
1414 uth = (struct uthread *)get_bsdthread_info(thread);
1415
1416 wait4_data = &uth->uu_kevent.uu_wait4_data;
1417 uap = wait4_data->args;
1418 retval = wait4_data->retval;
1419 return(wait4_nocancel(p, uap, retval));
1420 }
1421
1422 int
1423 wait4(proc_t q, struct wait4_args *uap, int32_t *retval)
1424 {
1425 __pthread_testcancel(1);
1426 return(wait4_nocancel(q, (struct wait4_nocancel_args *)uap, retval));
1427 }
1428
1429 int
1430 wait4_nocancel(proc_t q, struct wait4_nocancel_args *uap, int32_t *retval)
1431 {
1432 int nfound;
1433 int sibling_count;
1434 proc_t p;
1435 int status, error;
1436 uthread_t uth;
1437 struct _wait4_data *wait4_data;
1438
1439 AUDIT_ARG(pid, uap->pid);
1440
1441 if (uap->pid == 0)
1442 uap->pid = -q->p_pgrpid;
1443
1444 loop:
1445 proc_list_lock();
1446 loop1:
1447 nfound = 0;
1448 sibling_count = 0;
1449
1450 for (p = q->p_children.lh_first; p != 0; p = p->p_sibling.le_next) {
1451 if ( p->p_sibling.le_next != 0 )
1452 sibling_count++;
1453 if (uap->pid != WAIT_ANY &&
1454 p->p_pid != uap->pid &&
1455 p->p_pgrpid != -(uap->pid))
1456 continue;
1457
1458 nfound++;
1459
1460 /* XXX This is racy because we don't get the lock!!!! */
1461
1462 if (p->p_listflag & P_LIST_WAITING) {
1463 (void)msleep(&p->p_stat, proc_list_mlock, PWAIT, "waitcoll", 0);
1464 goto loop1;
1465 }
1466 p->p_listflag |= P_LIST_WAITING; /* only allow single thread to wait() */
1467
1468
1469 if (p->p_stat == SZOMB) {
1470 int reparentedtoinit = (p->p_listflag & P_LIST_DEADPARENT) ? 1 : 0;
1471
1472 proc_list_unlock();
1473 #if CONFIG_MACF
1474 if ((error = mac_proc_check_wait(q, p)) != 0)
1475 goto out;
1476 #endif
1477 retval[0] = p->p_pid;
1478 if (uap->status) {
1479 /* Legacy apps expect only 8 bits of status */
1480 status = 0xffff & p->p_xstat; /* convert to int */
1481 error = copyout((caddr_t)&status,
1482 uap->status,
1483 sizeof(status));
1484 if (error)
1485 goto out;
1486 }
1487 if (uap->rusage) {
1488 if (p->p_ru == NULL) {
1489 error = ENOMEM;
1490 } else {
1491 if (IS_64BIT_PROCESS(q)) {
1492 struct user64_rusage my_rusage;
1493 munge_user64_rusage(&p->p_ru->ru, &my_rusage);
1494 error = copyout((caddr_t)&my_rusage,
1495 uap->rusage,
1496 sizeof (my_rusage));
1497 }
1498 else {
1499 struct user32_rusage my_rusage;
1500 munge_user32_rusage(&p->p_ru->ru, &my_rusage);
1501 error = copyout((caddr_t)&my_rusage,
1502 uap->rusage,
1503 sizeof (my_rusage));
1504 }
1505 }
1506 /* information unavailable? */
1507 if (error)
1508 goto out;
1509 }
1510
1511 /* Conformance change for 6577252.
1512 * When SIGCHLD is blocked and wait() returns because the status
1513 * of a child process is available and there are no other
1514 * children processes, then any pending SIGCHLD signal is cleared.
1515 */
1516 if ( sibling_count == 0 ) {
1517 int mask = sigmask(SIGCHLD);
1518 uth = current_uthread();
1519
1520 if ( (uth->uu_sigmask & mask) != 0 ) {
1521 /* we are blocking SIGCHLD signals. clear any pending SIGCHLD.
1522 * This locking looks funny but it is protecting access to the
1523 * thread via p_uthlist.
1524 */
1525 proc_lock(q);
1526 uth->uu_siglist &= ~mask; /* clear pending signal */
1527 proc_unlock(q);
1528 }
1529 }
1530
1531 /* Clean up */
1532 (void)reap_child_locked(q, p, 0, reparentedtoinit, 0, 0);
1533
1534 return (0);
1535 }
1536 if (p->p_stat == SSTOP && (p->p_lflag & P_LWAITED) == 0 &&
1537 (p->p_lflag & P_LTRACED || uap->options & WUNTRACED)) {
1538 proc_list_unlock();
1539 #if CONFIG_MACF
1540 if ((error = mac_proc_check_wait(q, p)) != 0)
1541 goto out;
1542 #endif
1543 proc_lock(p);
1544 p->p_lflag |= P_LWAITED;
1545 proc_unlock(p);
1546 retval[0] = p->p_pid;
1547 if (uap->status) {
1548 status = W_STOPCODE(p->p_xstat);
1549 error = copyout((caddr_t)&status,
1550 uap->status,
1551 sizeof(status));
1552 } else
1553 error = 0;
1554 goto out;
1555 }
1556 /*
1557 * If we are waiting for continued processses, and this
1558 * process was continued
1559 */
1560 if ((uap->options & WCONTINUED) &&
1561 (p->p_flag & P_CONTINUED)) {
1562 proc_list_unlock();
1563 #if CONFIG_MACF
1564 if ((error = mac_proc_check_wait(q, p)) != 0)
1565 goto out;
1566 #endif
1567
1568 /* Prevent other process for waiting for this event */
1569 OSBitAndAtomic(~((uint32_t)P_CONTINUED), &p->p_flag);
1570 retval[0] = p->p_pid;
1571 if (uap->status) {
1572 status = W_STOPCODE(SIGCONT);
1573 error = copyout((caddr_t)&status,
1574 uap->status,
1575 sizeof(status));
1576 } else
1577 error = 0;
1578 goto out;
1579 }
1580 p->p_listflag &= ~P_LIST_WAITING;
1581 wakeup(&p->p_stat);
1582 }
1583 /* list lock is held when we get here any which way */
1584 if (nfound == 0) {
1585 proc_list_unlock();
1586 return (ECHILD);
1587 }
1588
1589 if (uap->options & WNOHANG) {
1590 retval[0] = 0;
1591 proc_list_unlock();
1592 return (0);
1593 }
1594
1595 /* Save arguments for continuation. Backing storage is in uthread->uu_arg, and will not be deallocated */
1596 uth = current_uthread();
1597 wait4_data = &uth->uu_kevent.uu_wait4_data;
1598 wait4_data->args = uap;
1599 wait4_data->retval = retval;
1600
1601 if ((error = msleep0((caddr_t)q, proc_list_mlock, PWAIT | PCATCH | PDROP, "wait", 0, wait1continue)))
1602 return (error);
1603
1604 goto loop;
1605 out:
1606 proc_list_lock();
1607 p->p_listflag &= ~P_LIST_WAITING;
1608 wakeup(&p->p_stat);
1609 proc_list_unlock();
1610 return (error);
1611 }
1612
1613 #if DEBUG
1614 #define ASSERT_LCK_MTX_OWNED(lock) \
1615 lck_mtx_assert(lock, LCK_MTX_ASSERT_OWNED)
1616 #else
1617 #define ASSERT_LCK_MTX_OWNED(lock) /* nothing */
1618 #endif
1619
1620 int
1621 waitidcontinue(int result)
1622 {
1623 proc_t p;
1624 thread_t thread;
1625 uthread_t uth;
1626 struct _waitid_data *waitid_data;
1627 struct waitid_nocancel_args *uap;
1628 int *retval;
1629
1630 if (result)
1631 return (result);
1632
1633 p = current_proc();
1634 thread = current_thread();
1635 uth = (struct uthread *)get_bsdthread_info(thread);
1636
1637 waitid_data = &uth->uu_kevent.uu_waitid_data;
1638 uap = waitid_data->args;
1639 retval = waitid_data->retval;
1640 return(waitid_nocancel(p, uap, retval));
1641 }
1642
1643 /*
1644 * Description: Suspend the calling thread until one child of the process
1645 * containing the calling thread changes state.
1646 *
1647 * Parameters: uap->idtype one of P_PID, P_PGID, P_ALL
1648 * uap->id pid_t or gid_t or ignored
1649 * uap->infop Address of siginfo_t struct in
1650 * user space into which to return status
1651 * uap->options flag values
1652 *
1653 * Returns: 0 Success
1654 * !0 Error returning status to user space
1655 */
1656 int
1657 waitid(proc_t q, struct waitid_args *uap, int32_t *retval)
1658 {
1659 __pthread_testcancel(1);
1660 return (waitid_nocancel(q, (struct waitid_nocancel_args *)uap, retval));
1661 }
1662
1663 int
1664 waitid_nocancel(proc_t q, struct waitid_nocancel_args *uap,
1665 __unused int32_t *retval)
1666 {
1667 user_siginfo_t siginfo; /* siginfo data to return to caller */
1668 boolean_t caller64 = IS_64BIT_PROCESS(q);
1669 int nfound;
1670 proc_t p;
1671 int error;
1672 uthread_t uth;
1673 struct _waitid_data *waitid_data;
1674
1675 if (uap->options == 0 ||
1676 (uap->options & ~(WNOHANG|WNOWAIT|WCONTINUED|WSTOPPED|WEXITED)))
1677 return (EINVAL); /* bits set that aren't recognized */
1678
1679 switch (uap->idtype) {
1680 case P_PID: /* child with process ID equal to... */
1681 case P_PGID: /* child with process group ID equal to... */
1682 if (((int)uap->id) < 0)
1683 return (EINVAL);
1684 break;
1685 case P_ALL: /* any child */
1686 break;
1687 }
1688
1689 loop:
1690 proc_list_lock();
1691 loop1:
1692 nfound = 0;
1693 for (p = q->p_children.lh_first; p != 0; p = p->p_sibling.le_next) {
1694
1695 switch (uap->idtype) {
1696 case P_PID: /* child with process ID equal to... */
1697 if (p->p_pid != (pid_t)uap->id)
1698 continue;
1699 break;
1700 case P_PGID: /* child with process group ID equal to... */
1701 if (p->p_pgrpid != (pid_t)uap->id)
1702 continue;
1703 break;
1704 case P_ALL: /* any child */
1705 break;
1706 }
1707
1708 /* XXX This is racy because we don't get the lock!!!! */
1709
1710 /*
1711 * Wait collision; go to sleep and restart; used to maintain
1712 * the single return for waited process guarantee.
1713 */
1714 if (p->p_listflag & P_LIST_WAITING) {
1715 (void) msleep(&p->p_stat, proc_list_mlock,
1716 PWAIT, "waitidcoll", 0);
1717 goto loop1;
1718 }
1719 p->p_listflag |= P_LIST_WAITING; /* mark busy */
1720
1721 nfound++;
1722
1723 bzero(&siginfo, sizeof (siginfo));
1724
1725 switch (p->p_stat) {
1726 case SZOMB: /* Exited */
1727 if (!(uap->options & WEXITED))
1728 break;
1729 proc_list_unlock();
1730 #if CONFIG_MACF
1731 if ((error = mac_proc_check_wait(q, p)) != 0)
1732 goto out;
1733 #endif
1734 siginfo.si_signo = SIGCHLD;
1735 siginfo.si_pid = p->p_pid;
1736 siginfo.si_status = WEXITSTATUS(p->p_xstat);
1737 if (WIFSIGNALED(p->p_xstat)) {
1738 siginfo.si_code = WCOREDUMP(p->p_xstat) ?
1739 CLD_DUMPED : CLD_KILLED;
1740 } else
1741 siginfo.si_code = CLD_EXITED;
1742
1743 if ((error = copyoutsiginfo(&siginfo,
1744 caller64, uap->infop)) != 0)
1745 goto out;
1746
1747 /* Prevent other process for waiting for this event? */
1748 if (!(uap->options & WNOWAIT)) {
1749 (void) reap_child_locked(q, p, 0, 0, 0, 0);
1750 return (0);
1751 }
1752 goto out;
1753
1754 case SSTOP: /* Stopped */
1755 /*
1756 * If we are not interested in stopped processes, then
1757 * ignore this one.
1758 */
1759 if (!(uap->options & WSTOPPED))
1760 break;
1761
1762 /*
1763 * If someone has already waited it, we lost a race
1764 * to be the one to return status.
1765 */
1766 if ((p->p_lflag & P_LWAITED) != 0)
1767 break;
1768 proc_list_unlock();
1769 #if CONFIG_MACF
1770 if ((error = mac_proc_check_wait(q, p)) != 0)
1771 goto out;
1772 #endif
1773 siginfo.si_signo = SIGCHLD;
1774 siginfo.si_pid = p->p_pid;
1775 siginfo.si_status = p->p_xstat; /* signal number */
1776 siginfo.si_code = CLD_STOPPED;
1777
1778 if ((error = copyoutsiginfo(&siginfo,
1779 caller64, uap->infop)) != 0)
1780 goto out;
1781
1782 /* Prevent other process for waiting for this event? */
1783 if (!(uap->options & WNOWAIT)) {
1784 proc_lock(p);
1785 p->p_lflag |= P_LWAITED;
1786 proc_unlock(p);
1787 }
1788 goto out;
1789
1790 default: /* All other states => Continued */
1791 if (!(uap->options & WCONTINUED))
1792 break;
1793
1794 /*
1795 * If the flag isn't set, then this process has not
1796 * been stopped and continued, or the status has
1797 * already been reaped by another caller of waitid().
1798 */
1799 if ((p->p_flag & P_CONTINUED) == 0)
1800 break;
1801 proc_list_unlock();
1802 #if CONFIG_MACF
1803 if ((error = mac_proc_check_wait(q, p)) != 0)
1804 goto out;
1805 #endif
1806 siginfo.si_signo = SIGCHLD;
1807 siginfo.si_code = CLD_CONTINUED;
1808 proc_lock(p);
1809 siginfo.si_pid = p->p_contproc;
1810 siginfo.si_status = p->p_xstat;
1811 proc_unlock(p);
1812
1813 if ((error = copyoutsiginfo(&siginfo,
1814 caller64, uap->infop)) != 0)
1815 goto out;
1816
1817 /* Prevent other process for waiting for this event? */
1818 if (!(uap->options & WNOWAIT)) {
1819 OSBitAndAtomic(~((uint32_t)P_CONTINUED),
1820 &p->p_flag);
1821 }
1822 goto out;
1823 }
1824 ASSERT_LCK_MTX_OWNED(proc_list_mlock);
1825
1826 /* Not a process we are interested in; go on to next child */
1827
1828 p->p_listflag &= ~P_LIST_WAITING;
1829 wakeup(&p->p_stat);
1830 }
1831 ASSERT_LCK_MTX_OWNED(proc_list_mlock);
1832
1833 /* No child processes that could possibly satisfy the request? */
1834
1835 if (nfound == 0) {
1836 proc_list_unlock();
1837 return (ECHILD);
1838 }
1839
1840 if (uap->options & WNOHANG) {
1841 proc_list_unlock();
1842 #if CONFIG_MACF
1843 if ((error = mac_proc_check_wait(q, p)) != 0)
1844 return (error);
1845 #endif
1846 /*
1847 * The state of the siginfo structure in this case
1848 * is undefined. Some implementations bzero it, some
1849 * (like here) leave it untouched for efficiency.
1850 *
1851 * Thus the most portable check for "no matching pid with
1852 * WNOHANG" is to store a zero into si_pid before
1853 * invocation, then check for a non-zero value afterwards.
1854 */
1855 return (0);
1856 }
1857
1858 /* Save arguments for continuation. Backing storage is in uthread->uu_arg, and will not be deallocated */
1859 uth = current_uthread();
1860 waitid_data = &uth->uu_kevent.uu_waitid_data;
1861 waitid_data->args = uap;
1862 waitid_data->retval = retval;
1863
1864 if ((error = msleep0(q, proc_list_mlock,
1865 PWAIT | PCATCH | PDROP, "waitid", 0, waitidcontinue)) != 0)
1866 return (error);
1867
1868 goto loop;
1869 out:
1870 proc_list_lock();
1871 p->p_listflag &= ~P_LIST_WAITING;
1872 wakeup(&p->p_stat);
1873 proc_list_unlock();
1874 return (error);
1875 }
1876
1877 /*
1878 * make process 'parent' the new parent of process 'child'.
1879 */
1880 void
1881 proc_reparentlocked(proc_t child, proc_t parent, int cansignal, int locked)
1882 {
1883 proc_t oldparent = PROC_NULL;
1884
1885 if (child->p_pptr == parent)
1886 return;
1887
1888 if (locked == 0)
1889 proc_list_lock();
1890
1891 oldparent = child->p_pptr;
1892 #if __PROC_INTERNAL_DEBUG
1893 if (oldparent == PROC_NULL)
1894 panic("proc_reparent: process %p does not have a parent\n", child);
1895 #endif
1896
1897 LIST_REMOVE(child, p_sibling);
1898 #if __PROC_INTERNAL_DEBUG
1899 if (oldparent->p_childrencnt == 0)
1900 panic("process children count already 0\n");
1901 #endif
1902 oldparent->p_childrencnt--;
1903 #if __PROC_INTERNAL_DEBUG1
1904 if (oldparent->p_childrencnt < 0)
1905 panic("process children count -ve\n");
1906 #endif
1907 LIST_INSERT_HEAD(&parent->p_children, child, p_sibling);
1908 parent->p_childrencnt++;
1909 child->p_pptr = parent;
1910 child->p_ppid = parent->p_pid;
1911
1912 proc_list_unlock();
1913
1914 if ((cansignal != 0) && (initproc == parent) && (child->p_stat == SZOMB))
1915 psignal(initproc, SIGCHLD);
1916 if (locked == 1)
1917 proc_list_lock();
1918 }
1919
1920 /*
1921 * Exit: deallocate address space and other resources, change proc state
1922 * to zombie, and unlink proc from allproc and parent's lists. Save exit
1923 * status and rusage for wait(). Check for child processes and orphan them.
1924 */
1925
1926 void
1927 vfork_exit(proc_t p, int rv)
1928 {
1929 vfork_exit_internal(p, rv, 0);
1930 }
1931
1932 void
1933 vfork_exit_internal(proc_t p, int rv, int forceexit)
1934 {
1935 thread_t self = current_thread();
1936 #ifdef FIXME
1937 struct task *task = p->task;
1938 #endif
1939 struct uthread *ut;
1940
1941 /*
1942 * If a thread in this task has already
1943 * called exit(), then halt any others
1944 * right here.
1945 */
1946
1947 ut = get_bsdthread_info(self);
1948
1949
1950 proc_lock(p);
1951 if ((p->p_lflag & P_LPEXIT) == P_LPEXIT) {
1952 /*
1953 * This happens when a parent exits/killed and vfork is in progress
1954 * other threads. But shutdown code for ex has already called exit1()
1955 */
1956 proc_unlock(p);
1957 return;
1958 }
1959 p->p_lflag |= (P_LEXIT | P_LPEXIT);
1960 proc_unlock(p);
1961
1962 if (forceexit == 0) {
1963 /*
1964 * parent of a vfork child has already called exit() and the
1965 * thread that has vfork in proress terminates. So there is no
1966 * separate address space here and it has already been marked for
1967 * termination. This was never covered before and could cause problems
1968 * if we block here for outside code.
1969 */
1970 /* Notify the perf server */
1971 (void)sys_perf_notify(self, p->p_pid);
1972 }
1973
1974 /*
1975 * Remove proc from allproc queue and from pidhash chain.
1976 * Need to do this before we do anything that can block.
1977 * Not doing causes things like mount() find this on allproc
1978 * in partially cleaned state.
1979 */
1980
1981 proc_list_lock();
1982
1983 #if CONFIG_MEMORYSTATUS
1984 memorystatus_remove(p, TRUE);
1985 #endif
1986
1987 LIST_REMOVE(p, p_list);
1988 LIST_INSERT_HEAD(&zombproc, p, p_list); /* Place onto zombproc. */
1989 /* will not be visible via proc_find */
1990 p->p_listflag |= P_LIST_EXITED;
1991
1992 proc_list_unlock();
1993
1994 proc_lock(p);
1995 p->p_xstat = rv;
1996 p->p_lflag &= ~(P_LTRACED | P_LPPWAIT);
1997 p->p_sigignore = ~0;
1998 proc_unlock(p);
1999
2000 proc_spinlock(p);
2001 if (thread_call_cancel(p->p_rcall))
2002 p->p_ractive--;
2003
2004 while (p->p_ractive > 0) {
2005 proc_spinunlock(p);
2006
2007 delay(1);
2008
2009 proc_spinlock(p);
2010 }
2011 proc_spinunlock(p);
2012
2013 thread_call_free(p->p_rcall);
2014 p->p_rcall = NULL;
2015
2016 ut->uu_siglist = 0;
2017
2018 vproc_exit(p);
2019 }
2020
2021 void
2022 vproc_exit(proc_t p)
2023 {
2024 proc_t q;
2025 proc_t pp;
2026
2027 vnode_t tvp;
2028 #ifdef FIXME
2029 struct task *task = p->task;
2030 #endif
2031 struct pgrp * pg;
2032 struct session *sessp;
2033 struct rusage_superset *rup;
2034
2035 /* XXX Zombie allocation may fail, in which case stats get lost */
2036 MALLOC_ZONE(rup, struct rusage_superset *,
2037 sizeof (*rup), M_ZOMBIE, M_WAITOK);
2038
2039 proc_refdrain(p);
2040
2041 /*
2042 * Close open files and release open-file table.
2043 * This may block!
2044 */
2045 fdfree(p);
2046
2047 sessp = proc_session(p);
2048 if (SESS_LEADER(p, sessp)) {
2049
2050 if (sessp->s_ttyvp != NULLVP) {
2051 struct vnode *ttyvp;
2052 int ttyvid;
2053 int cttyflag = 0;
2054 struct vfs_context context;
2055 struct tty *tp;
2056
2057 /*
2058 * Controlling process.
2059 * Signal foreground pgrp,
2060 * drain controlling terminal
2061 * and revoke access to controlling terminal.
2062 */
2063 session_lock(sessp);
2064 tp = SESSION_TP(sessp);
2065 if ((tp != TTY_NULL) && (tp->t_session == sessp)) {
2066 session_unlock(sessp);
2067
2068 /*
2069 * We're going to SIGHUP the foreground process
2070 * group. It can't change from this point on
2071 * until the revoke is complete.
2072 * The process group changes under both the tty
2073 * lock and proc_list_lock but we need only one
2074 */
2075 tty_lock(tp);
2076 ttysetpgrphup(tp);
2077 tty_unlock(tp);
2078
2079 tty_pgsignal(tp, SIGHUP, 1);
2080
2081 session_lock(sessp);
2082 tp = SESSION_TP(sessp);
2083 }
2084 cttyflag = sessp->s_flags & S_CTTYREF;
2085 sessp->s_flags &= ~S_CTTYREF;
2086 ttyvp = sessp->s_ttyvp;
2087 ttyvid = sessp->s_ttyvid;
2088 sessp->s_ttyvp = NULL;
2089 sessp->s_ttyvid = 0;
2090 sessp->s_ttyp = TTY_NULL;
2091 sessp->s_ttypgrpid = NO_PID;
2092 session_unlock(sessp);
2093
2094 if ((ttyvp != NULLVP) && (vnode_getwithvid(ttyvp, ttyvid) == 0)) {
2095 if (tp != TTY_NULL) {
2096 tty_lock(tp);
2097 (void) ttywait(tp);
2098 tty_unlock(tp);
2099 }
2100 context.vc_thread = proc_thread(p); /* XXX */
2101 context.vc_ucred = kauth_cred_proc_ref(p);
2102 VNOP_REVOKE(ttyvp, REVOKEALL, &context);
2103 if (cttyflag) {
2104 /*
2105 * Release the extra usecount taken in cttyopen.
2106 * usecount should be released after VNOP_REVOKE is called.
2107 * This usecount was taken to ensure that
2108 * the VNOP_REVOKE results in a close to
2109 * the tty since cttyclose is a no-op.
2110 */
2111 vnode_rele(ttyvp);
2112 }
2113 vnode_put(ttyvp);
2114 kauth_cred_unref(&context.vc_ucred);
2115 ttyvp = NULLVP;
2116 }
2117 if (tp) {
2118 /*
2119 * This is cleared even if not set. This is also done in
2120 * spec_close to ensure that the flag is cleared.
2121 */
2122 tty_lock(tp);
2123 ttyclrpgrphup(tp);
2124 tty_unlock(tp);
2125
2126 ttyfree(tp);
2127 }
2128 }
2129 session_lock(sessp);
2130 sessp->s_leader = NULL;
2131 session_unlock(sessp);
2132 }
2133 session_rele(sessp);
2134
2135 pg = proc_pgrp(p);
2136 fixjobc(p, pg, 0);
2137 pg_rele(pg);
2138
2139 p->p_rlimit[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY;
2140
2141 proc_list_lock();
2142 proc_childdrainstart(p);
2143 while ((q = p->p_children.lh_first) != NULL) {
2144 if (q->p_stat == SZOMB) {
2145 if (p != q->p_pptr)
2146 panic("parent child linkage broken");
2147 /* check for lookups by zomb sysctl */
2148 while ((q->p_listflag & P_LIST_WAITING) == P_LIST_WAITING) {
2149 msleep(&q->p_stat, proc_list_mlock, PWAIT, "waitcoll", 0);
2150 }
2151 q->p_listflag |= P_LIST_WAITING;
2152 /*
2153 * This is a named reference and it is not granted
2154 * if the reap is already in progress. So we get
2155 * the reference here exclusively and their can be
2156 * no waiters. So there is no need for a wakeup
2157 * after we are done. AlsO the reap frees the structure
2158 * and the proc struct cannot be used for wakeups as well.
2159 * It is safe to use q here as this is system reap
2160 */
2161 (void)reap_child_locked(p, q, 1, 0, 1, 0);
2162 } else {
2163 /*
2164 * Traced processes are killed
2165 * since their existence means someone is messing up.
2166 */
2167 if (q->p_lflag & P_LTRACED) {
2168 struct proc *opp;
2169
2170 proc_list_unlock();
2171
2172 opp = proc_find(q->p_oppid);
2173 if (opp != PROC_NULL) {
2174 proc_list_lock();
2175 q->p_oppid = 0;
2176 proc_list_unlock();
2177 proc_reparentlocked(q, opp, 0, 0);
2178 proc_rele(opp);
2179 } else {
2180 /* original parent exited while traced */
2181 proc_list_lock();
2182 q->p_listflag |= P_LIST_DEADPARENT;
2183 q->p_oppid = 0;
2184 proc_list_unlock();
2185 proc_reparentlocked(q, initproc, 0, 0);
2186 }
2187
2188 proc_lock(q);
2189 q->p_lflag &= ~P_LTRACED;
2190
2191 if (q->sigwait_thread) {
2192 thread_t thread = q->sigwait_thread;
2193
2194 proc_unlock(q);
2195 /*
2196 * The sigwait_thread could be stopped at a
2197 * breakpoint. Wake it up to kill.
2198 * Need to do this as it could be a thread which is not
2199 * the first thread in the task. So any attempts to kill
2200 * the process would result into a deadlock on q->sigwait.
2201 */
2202 thread_resume(thread);
2203 clear_wait(thread, THREAD_INTERRUPTED);
2204 threadsignal(thread, SIGKILL, 0);
2205 } else {
2206 proc_unlock(q);
2207 }
2208
2209 psignal(q, SIGKILL);
2210 proc_list_lock();
2211 } else {
2212 q->p_listflag |= P_LIST_DEADPARENT;
2213 proc_reparentlocked(q, initproc, 0, 1);
2214 }
2215 }
2216 }
2217
2218 proc_childdrainend(p);
2219 proc_list_unlock();
2220
2221 /*
2222 * Release reference to text vnode
2223 */
2224 tvp = p->p_textvp;
2225 p->p_textvp = NULL;
2226 if (tvp != NULLVP) {
2227 vnode_rele(tvp);
2228 }
2229
2230 /*
2231 * Save exit status and final rusage info, adding in child rusage
2232 * info and self times. If we were unable to allocate a zombie
2233 * structure, this information is lost.
2234 */
2235 if (rup != NULL) {
2236 rup->ru = p->p_stats->p_ru;
2237 timerclear(&rup->ru.ru_utime);
2238 timerclear(&rup->ru.ru_stime);
2239
2240 #ifdef FIXME
2241 if (task) {
2242 mach_task_basic_info_data_t tinfo;
2243 task_thread_times_info_data_t ttimesinfo;
2244 int task_info_stuff, task_ttimes_stuff;
2245 struct timeval ut,st;
2246
2247 task_info_stuff = MACH_TASK_BASIC_INFO_COUNT;
2248 task_info(task, MACH_TASK_BASIC_INFO,
2249 &tinfo, &task_info_stuff);
2250 p->p_ru->ru.ru_utime.tv_sec = tinfo.user_time.seconds;
2251 p->p_ru->ru.ru_utime.tv_usec = tinfo.user_time.microseconds;
2252 p->p_ru->ru.ru_stime.tv_sec = tinfo.system_time.seconds;
2253 p->p_ru->ru.ru_stime.tv_usec = tinfo.system_time.microseconds;
2254
2255 task_ttimes_stuff = TASK_THREAD_TIMES_INFO_COUNT;
2256 task_info(task, TASK_THREAD_TIMES_INFO,
2257 &ttimesinfo, &task_ttimes_stuff);
2258
2259 ut.tv_sec = ttimesinfo.user_time.seconds;
2260 ut.tv_usec = ttimesinfo.user_time.microseconds;
2261 st.tv_sec = ttimesinfo.system_time.seconds;
2262 st.tv_usec = ttimesinfo.system_time.microseconds;
2263 timeradd(&ut,&p->p_ru->ru.ru_utime,&p->p_ru->ru.ru_utime);
2264 timeradd(&st,&p->p_ru->ru.ru_stime,&p->p_ru->ru.ru_stime);
2265 }
2266 #endif /* FIXME */
2267
2268 ruadd(&rup->ru, &p->p_stats->p_cru);
2269
2270 gather_rusage_info(p, &rup->ri, RUSAGE_INFO_CURRENT);
2271 rup->ri.ri_phys_footprint = 0;
2272 rup->ri.ri_proc_exit_abstime = mach_absolute_time();
2273
2274 /*
2275 * Now that we have filled in the rusage info, make it
2276 * visible to an external observer via proc_pid_rusage().
2277 */
2278 p->p_ru = rup;
2279 }
2280
2281 /*
2282 * Free up profiling buffers.
2283 */
2284 {
2285 struct uprof *p0 = &p->p_stats->p_prof, *p1, *pn;
2286
2287 p1 = p0->pr_next;
2288 p0->pr_next = NULL;
2289 p0->pr_scale = 0;
2290
2291 for (; p1 != NULL; p1 = pn) {
2292 pn = p1->pr_next;
2293 kfree(p1, sizeof *p1);
2294 }
2295 }
2296
2297 #if PSYNCH
2298 pth_proc_hashdelete(p);
2299 #endif /* PSYNCH */
2300
2301 /*
2302 * Other substructures are freed from wait().
2303 */
2304 FREE_ZONE(p->p_stats, sizeof *p->p_stats, M_PSTATS);
2305 p->p_stats = NULL;
2306
2307 FREE_ZONE(p->p_sigacts, sizeof *p->p_sigacts, M_SIGACTS);
2308 p->p_sigacts = NULL;
2309
2310 proc_limitdrop(p, 1);
2311 p->p_limit = NULL;
2312
2313 /*
2314 * Finish up by terminating the task
2315 * and halt this thread (only if a
2316 * member of the task exiting).
2317 */
2318 p->task = TASK_NULL;
2319
2320 /*
2321 * Notify parent that we're gone.
2322 */
2323 pp = proc_parent(p);
2324 if ((p->p_listflag & P_LIST_DEADPARENT) == 0) {
2325 if (pp != initproc) {
2326 proc_lock(pp);
2327 pp->si_pid = p->p_pid;
2328 pp->si_status = p->p_xstat;
2329 pp->si_code = CLD_EXITED;
2330 /*
2331 * p_ucred usage is safe as it is an exiting process
2332 * and reference is dropped in reap
2333 */
2334 pp->si_uid = kauth_cred_getruid(p->p_ucred);
2335 proc_unlock(pp);
2336 }
2337 /* mark as a zombie */
2338 /* mark as a zombie */
2339 /* No need to take proc lock as all refs are drained and
2340 * no one except parent (reaping ) can look at this.
2341 * The write is to an int and is coherent. Also parent is
2342 * keyed off of list lock for reaping
2343 */
2344 p->p_stat = SZOMB;
2345
2346 psignal(pp, SIGCHLD);
2347
2348 /* and now wakeup the parent */
2349 proc_list_lock();
2350 wakeup((caddr_t)pp);
2351 proc_list_unlock();
2352 } else {
2353 proc_list_lock();
2354 /* check for lookups by zomb sysctl */
2355 while ((p->p_listflag & P_LIST_WAITING) == P_LIST_WAITING) {
2356 msleep(&p->p_stat, proc_list_mlock, PWAIT, "waitcoll", 0);
2357 }
2358 p->p_stat = SZOMB;
2359 p->p_listflag |= P_LIST_WAITING;
2360
2361 /*
2362 * This is a named reference and it is not granted
2363 * if the reap is already in progress. So we get
2364 * the reference here exclusively and their can be
2365 * no waiters. So there is no need for a wakeup
2366 * after we are done. AlsO the reap frees the structure
2367 * and the proc struct cannot be used for wakeups as well.
2368 * It is safe to use p here as this is system reap
2369 */
2370 (void)reap_child_locked(pp, p, 0, 0, 1, 1);
2371 /* list lock dropped by reap_child_locked */
2372 }
2373 proc_rele(pp);
2374 }
2375
2376
2377 /*
2378 * munge_rusage
2379 * LP64 support - long is 64 bits if we are dealing with a 64 bit user
2380 * process. We munge the kernel version of rusage into the
2381 * 64 bit version.
2382 */
2383 __private_extern__ void
2384 munge_user64_rusage(struct rusage *a_rusage_p, struct user64_rusage *a_user_rusage_p)
2385 {
2386 /* timeval changes size, so utime and stime need special handling */
2387 a_user_rusage_p->ru_utime.tv_sec = a_rusage_p->ru_utime.tv_sec;
2388 a_user_rusage_p->ru_utime.tv_usec = a_rusage_p->ru_utime.tv_usec;
2389 a_user_rusage_p->ru_stime.tv_sec = a_rusage_p->ru_stime.tv_sec;
2390 a_user_rusage_p->ru_stime.tv_usec = a_rusage_p->ru_stime.tv_usec;
2391 /*
2392 * everything else can be a direct assign, since there is no loss
2393 * of precision implied boing 32->64.
2394 */
2395 a_user_rusage_p->ru_maxrss = a_rusage_p->ru_maxrss;
2396 a_user_rusage_p->ru_ixrss = a_rusage_p->ru_ixrss;
2397 a_user_rusage_p->ru_idrss = a_rusage_p->ru_idrss;
2398 a_user_rusage_p->ru_isrss = a_rusage_p->ru_isrss;
2399 a_user_rusage_p->ru_minflt = a_rusage_p->ru_minflt;
2400 a_user_rusage_p->ru_majflt = a_rusage_p->ru_majflt;
2401 a_user_rusage_p->ru_nswap = a_rusage_p->ru_nswap;
2402 a_user_rusage_p->ru_inblock = a_rusage_p->ru_inblock;
2403 a_user_rusage_p->ru_oublock = a_rusage_p->ru_oublock;
2404 a_user_rusage_p->ru_msgsnd = a_rusage_p->ru_msgsnd;
2405 a_user_rusage_p->ru_msgrcv = a_rusage_p->ru_msgrcv;
2406 a_user_rusage_p->ru_nsignals = a_rusage_p->ru_nsignals;
2407 a_user_rusage_p->ru_nvcsw = a_rusage_p->ru_nvcsw;
2408 a_user_rusage_p->ru_nivcsw = a_rusage_p->ru_nivcsw;
2409 }
2410
2411 /* For a 64-bit kernel and 32-bit userspace, munging may be needed */
2412 __private_extern__ void
2413 munge_user32_rusage(struct rusage *a_rusage_p, struct user32_rusage *a_user_rusage_p)
2414 {
2415 /* timeval changes size, so utime and stime need special handling */
2416 a_user_rusage_p->ru_utime.tv_sec = a_rusage_p->ru_utime.tv_sec;
2417 a_user_rusage_p->ru_utime.tv_usec = a_rusage_p->ru_utime.tv_usec;
2418 a_user_rusage_p->ru_stime.tv_sec = a_rusage_p->ru_stime.tv_sec;
2419 a_user_rusage_p->ru_stime.tv_usec = a_rusage_p->ru_stime.tv_usec;
2420 /*
2421 * everything else can be a direct assign. We currently ignore
2422 * the loss of precision
2423 */
2424 a_user_rusage_p->ru_maxrss = a_rusage_p->ru_maxrss;
2425 a_user_rusage_p->ru_ixrss = a_rusage_p->ru_ixrss;
2426 a_user_rusage_p->ru_idrss = a_rusage_p->ru_idrss;
2427 a_user_rusage_p->ru_isrss = a_rusage_p->ru_isrss;
2428 a_user_rusage_p->ru_minflt = a_rusage_p->ru_minflt;
2429 a_user_rusage_p->ru_majflt = a_rusage_p->ru_majflt;
2430 a_user_rusage_p->ru_nswap = a_rusage_p->ru_nswap;
2431 a_user_rusage_p->ru_inblock = a_rusage_p->ru_inblock;
2432 a_user_rusage_p->ru_oublock = a_rusage_p->ru_oublock;
2433 a_user_rusage_p->ru_msgsnd = a_rusage_p->ru_msgsnd;
2434 a_user_rusage_p->ru_msgrcv = a_rusage_p->ru_msgrcv;
2435 a_user_rusage_p->ru_nsignals = a_rusage_p->ru_nsignals;
2436 a_user_rusage_p->ru_nvcsw = a_rusage_p->ru_nvcsw;
2437 a_user_rusage_p->ru_nivcsw = a_rusage_p->ru_nivcsw;
2438 }
mirror of XNU