|
 |
668e95 |
commit 1b93f4032a246e0aa43c2f424921e0aace57b994
|
|
|
668e95 |
Author: Eugene Syromyatnikov <evgsyr@gmail.com>
|
|
|
668e95 |
Date: Fri Aug 4 11:33:04 2017 +0200
|
|
|
668e95 |
|
|
|
668e95 |
Improve handling of unexpected tracees
|
|
|
668e95 |
|
|
|
668e95 |
When receiving a ptrace stop of an unexpected child, handle it
|
|
|
668e95 |
in the most transparent way possible:
|
|
|
668e95 |
- detach it instead of PTRACE_CONT'ing;
|
|
|
668e95 |
- send it the signal with which it has been stopped.
|
|
|
668e95 |
This should hopefully help to deal with processes that have been created
|
|
|
668e95 |
with misused CLONE_PTRACE flag set.
|
|
|
668e95 |
|
|
|
668e95 |
* strace.c (maybe_allocate_tcb) <WIFSTOPPED(status) && !followfork>:
|
|
|
668e95 |
Calculate the signal similarly to the way next_event does,
|
|
|
668e95 |
forward it to the unexpected tracee, and detach the tracee.
|
|
|
668e95 |
|
|
|
668e95 |
commit 7a35b711df127664e7430b2644ae92c75f3d5f67
|
|
|
668e95 |
Author: Dmitry V. Levin <ldv@altlinux.org>
|
|
|
668e95 |
Date: Sun Aug 6 13:27:07 2017 +0000
|
|
|
668e95 |
|
|
|
668e95 |
Fix handling of unexpected tracees when PTRACE_SEIZE is not in use
|
|
|
668e95 |
|
|
|
668e95 |
* strace.c (maybe_allocate_tcb) <WIFSTOPPED(status) && !followfork>:
|
|
|
668e95 |
The expected ptrace stop signal in case of !use seize is not
|
|
|
668e95 |
syscall_trap_sig but SIGSTOP. An idea of using PTRACE_GETSIGINFO to
|
|
|
668e95 |
distinguish signal stops that should be re-injected from other kinds
|
|
|
668e95 |
of stops didn't work out due to kernel implementation peculiarities
|
|
|
668e95 |
of initial ptrace-stop.
|
|
|
668e95 |
|
|
|
668e95 |
commit 330f4633d5103938982602b6f21f761570e3482c
|
|
|
668e95 |
Author: Dmitry V. Levin <ldv@altlinux.org>
|
|
|
668e95 |
Date: Sun Aug 6 15:10:56 2017 +0000
|
|
|
668e95 |
|
|
|
668e95 |
Simplify handling of unexpected tracees
|
|
|
668e95 |
|
|
|
668e95 |
* strace.c (maybe_allocate_tcb) <WIFSTOPPED(status) && !followfork>:
|
|
|
668e95 |
Remove the dance around possible re-injection of WSTOPSIG(status)
|
|
|
668e95 |
as the only observable stop here is the initial ptrace-stop.
|
|
|
668e95 |
|
|
|
668e95 |
diff -rup a/strace.c b/strace.c
|
|
|
668e95 |
--- a/strace.c 2017-08-08 17:43:25.000000000 -0400
|
|
|
668e95 |
+++ b/strace.c 2017-08-08 17:46:27.859901126 -0400
|
|
|
668e95 |
@@ -2076,11 +2076,15 @@ maybe_allocate_tcb(const int pid, int st
|
|
|
668e95 |
error_msg("Process %d attached", pid);
|
|
|
668e95 |
return tcp;
|
|
|
668e95 |
} else {
|
|
|
668e95 |
- /* This can happen if a clone call used
|
|
|
668e95 |
- * CLONE_PTRACE itself.
|
|
|
668e95 |
+ /*
|
|
|
668e95 |
+ * This can happen if a clone call misused CLONE_PTRACE itself.
|
|
|
668e95 |
+ *
|
|
|
668e95 |
+ * There used to be a dance around possible re-injection of
|
|
|
668e95 |
+ * WSTOPSIG(status), but it was later removed as the only
|
|
|
668e95 |
+ * observable stop here is the initial ptrace-stop.
|
|
|
668e95 |
*/
|
|
|
668e95 |
- ptrace(PTRACE_CONT, pid, NULL, 0);
|
|
|
668e95 |
- error_msg("Stop of unknown pid %u seen, PTRACE_CONTed it", pid);
|
|
|
668e95 |
+ ptrace(PTRACE_DETACH, pid, NULL, 0L);
|
|
|
668e95 |
+ error_msg("Detached unknown pid %d", pid);
|
|
|
668e95 |
return NULL;
|
|
|
668e95 |
}
|
|
|
668e95 |
}
|