[PATCH 0/2] ptrace: fix race between ptrace_resume() and wait_task_stopped()

From: Oleg Nesterov
Date: Tue Mar 24 2015 - 14:56:15 EST

Next message: Dmitry Torokhov: "Re: [PATCH v3 0/4] input: ft5x06: Fix userspace reported maximum value"
Previous message: Steven Rostedt: "[PATCH v2] event-parse: Zero should not be considered "not found" in eval_flag()"
Next in thread: Oleg Nesterov: "[PATCH 1/2] ptrace: fix race between ptrace_resume() and wait_task_stopped()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 03/24, Pavel Labath wrote:
>
> I have tested your patch and I can confirm that the error is gone when
> running a patched kernel.

Great! Thanks a lot for the detailed/clear report and testing.

So I am sending this fix + another patch. 2/2 is "while at it" change,
just because ptrace_detach() can resume the tracee with the new code
too, so it makes sense to add a comment and remove the outdated logic.

> I am still seeing one very rare failure where the SIGUSR does not
> appear to be reported. However, I will need to dig around this a bit
> more to make sure there is no error on our end.

Hmm, perhaps we have (yet) another bug... please let me know if/when
you have more details.

> Now I am thinking about how to work around these bugs, as our code
> will need to run on unpatched kernels as well. As for this
> ptrace/waitpid race, I think I will just refactor the code to make
> wait and ptrace calls on the same thread. This should sidestep the
> race, right?

Yes sure, this will hide the problem.

> Regarding your bug, I am not exactly sure what are the implications.
> Could you briefly describe the situations in which this behavior can
> occur? Am I correct in understanding that this is always a race
> between a SIGKILL and another non-lethal signal? And that the SIGKILL
> will be (eventually) reported?

No, SIGKILL can be never reported. But note that ptrace_stop() does

set_current_state(TASK_TRACED);

current->last_siginfo = info;
current->exit_code = exit_code;

and this is another case when wait_task_stopped() can consume/report this
exit_code even if the tracee won't actually stop because it is killed.

Usually this is not that bad, we can pretend that it was killed after stop.
Still this can confuse the debugger which sends SIGKILL to the stopped tracee.
We need more fatal_signal_pending() checks in ptrace_stop(). And in fact
in get_signal(), I think. The problem is that we need other cleanups here.
But fortunately this problem is minor.

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dmitry Torokhov: "Re: [PATCH v3 0/4] input: ft5x06: Fix userspace reported maximum value"
Previous message: Steven Rostedt: "[PATCH v2] event-parse: Zero should not be considered "not found" in eval_flag()"
Next in thread: Oleg Nesterov: "[PATCH 1/2] ptrace: fix race between ptrace_resume() and wait_task_stopped()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]