+struct saved_file {
+ struct saved_file *next;
+ int fd;
+ void *contents;
+ off_t off, len;
+};
+
+static struct saved_file *save_file(struct saved_file *next, int fd)
+{
+ struct saved_file *s = malloc(sizeof(*s));
+
+ s->next = next;
+ s->fd = fd;
+ s->off = lseek(fd, 0, SEEK_CUR);
+ /* Special file? Erk... */
+ assert(s->off != -1);
+ s->len = lseek(fd, 0, SEEK_END);
+ lseek(fd, 0, SEEK_SET);
+ s->contents = malloc(s->len);
+ if (read(fd, s->contents, s->len) != s->len)
+ err(1, "Failed to save %zu bytes", (size_t)s->len);
+ lseek(fd, s->off, SEEK_SET);
+ return s;
+}
+
+/* We have little choice but to save and restore open files: mmap means we
+ * can really intercept changes in the child.
+ *
+ * We could do non-mmap'ed files on demand, however. */
+static struct saved_file *save_files(void)
+{
+ struct saved_file *files = NULL;
+ struct failtest_call *i;
+
+ /* Figure out the set of live fds. */
+ tlist_for_each_rev(&history, i, list) {
+ if (i->type == FAILTEST_OPEN) {
+ int fd = i->u.open.ret;
+ /* Only do successful, writable fds. */
+ if (fd < 0)
+ continue;
+
+ /* If it was closed, cleanup == NULL. */
+ if (!i->cleanup)
+ continue;
+
+ if ((i->u.open.flags & O_RDWR) == O_RDWR) {
+ files = save_file(files, fd);
+ } else if ((i->u.open.flags & O_WRONLY)
+ == O_WRONLY) {
+ /* FIXME: Handle O_WRONLY. Open with O_RDWR? */
+ abort();
+ }
+ }
+ }
+
+ return files;
+}
+
+static void restore_files(struct saved_file *s)
+{
+ while (s) {
+ struct saved_file *next = s->next;
+
+ lseek(s->fd, 0, SEEK_SET);
+ if (write(s->fd, s->contents, s->len) != s->len)
+ err(1, "Failed to restore %zu bytes", (size_t)s->len);
+ if (ftruncate(s->fd, s->len) != 0)
+ err(1, "Failed to trim file to length %zu",
+ (size_t)s->len);
+ free(s->contents);
+ lseek(s->fd, s->off, SEEK_SET);
+ free(s);
+ s = next;
+ }
+}
+
+static void free_files(struct saved_file *s)
+{
+ while (s) {
+ struct saved_file *next = s->next;
+ free(s->contents);
+ free(s);
+ s = next;
+ }
+}
+
+static void free_call(struct failtest_call *call)
+{
+ /* We don't do this in cleanup: needed even for failed opens. */
+ if (call->type == FAILTEST_OPEN)
+ free((char *)call->u.open.pathname);
+ free(call->backtrace);
+ tlist_del_from(&history, call, list);
+ free(call);
+}
+
+/* Free up memory, so valgrind doesn't report leaks. */
+static void free_everything(void)
+{
+ struct failtest_call *i;
+
+ while ((i = tlist_top(&history, struct failtest_call, list)) != NULL)
+ free_call(i);
+
+ failtable_clear(&failtable);
+}
+
+static NORETURN void failtest_cleanup(bool forced_cleanup, int status)
+{
+ struct failtest_call *i;
+
+ /* For children, we don't care if they "failed" the testing. */
+ if (control_fd != -1)
+ status = 0;
+
+ if (forced_cleanup) {
+ /* We didn't actually do final operation: remove it. */
+ i = tlist_tail(&history, struct failtest_call, list);
+ free_call(i);
+ }
+
+ /* Cleanup everything, in reverse order. */
+ tlist_for_each_rev(&history, i, list) {
+ if (!i->cleanup)
+ continue;
+ if (!forced_cleanup) {
+ printf("Leak at %s:%u: --failpath=%s\n",
+ i->file, i->line, failpath_string());
+ status = 1;
+ }
+ i->cleanup(&i->u);
+ }
+
+ free_everything();
+ if (status == 0)
+ tell_parent(SUCCESS);
+ else
+ tell_parent(FAILURE);
+ exit(status);
+}
+
+static bool following_path(void)
+{
+ if (!failpath)
+ return false;
+ /* + means continue after end, like normal. */
+ if (*failpath == '+') {
+ failpath = NULL;
+ return false;
+ }
+ return true;
+}
+
+static bool follow_path(struct failtest_call *call)
+{
+ if (*failpath == '\0') {
+ /* Continue, but don't inject errors. */
+ return call->fail = false;
+ }
+
+ if (tolower((unsigned char)*failpath) != info_to_arg[call->type])
+ errx(1, "Failpath expected '%s' got '%c'\n",
+ failpath, info_to_arg[call->type]);
+ call->fail = cisupper(*(failpath++));
+ return call->fail;
+}
+