ptrace and threads

From: Charles P. Wright
Date: Wed Feb 15 2006 - 14:12:04 EST


Hello,

Is there a proper, non-racy, way to hand a ptraced child off from one
tracing process to another tracing process?

Specifically, I want to architect my tracing application such that each
traced process is traced by a separate thread.

For non-threaded applications, I was adding CLONE_STOPPED to the
clone(2) flags of the child. This way, when the child process started
up, it would be stopped and a new tracing thread could PTRACE_ATTACH to
it before any system calls were executed. Unfortunately, this method
doesn't seem to work for threaded traced processes. The reason is that
the SIGSTOP may be delivered to the traced parent instead of the traced
child, because signal handlers are shared.

My next thought was to add CLONE_PTRACE to the flags. This way, the
tracing process gets signaled via wait before the child begins to
execute. The problem now is that I need to the have a separate
monitoring thread take control of the child. I tried using
ptrace(PTRACE_DETACH, ..., ..., SIGSTOP) in the original tracing process
to stop the process after the fork, followed by a ptrace(PTRACE_ATTACH)
in the new tracing process. Again, the STOP signal doesn't seem to be
reliably delivered (and the man page says you can't use SIGSTOP as an
argument to PTRACE_CONT and that PTRACE_DETACH's semantics match those
of PTRACE_CONT).

Thank you,
Charles

P.S. I am not subscribed to lkml, so please Cc: me on replies.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/