Re: [PATCH] signal/ptrace: Fix the bug of ptrace attach and signal handling concurrency

From: Oleg Nesterov
Date: Mon May 02 2022 - 05:06:26 EST


Hi Shuzhi,

On 05/01, Shuzhi Zu wrote:
>
> Example 1:
> A B
> get_signal
> dequeue_signal (SIGCHLD)
> ptrace_attach ( A->ptrace |= PT_PTRACED)
>
> ptrace_signal
> ->ptrace_stop(TASK_TRACED)
> ptrace_attach ( Send SIGSTOP to A)
> ptrace_waitpid( return 0)
> ptrace_detach (A->ptrace=0, wakeup A)
> dequeue_signal(SIGSTOP)
> sig_kernel_stop(SIGSTOP)
> do_signal_stop (TASK_STOPPED)
>
> then:
> A (other threads of the process received signal)
> get_signal-> do_signal_stop(0))->TASK_STOPPED

Yes, there are a lot of known problems with send_sig_info(SIGSTOP) in
ptrace_attach(). This one of the reasons for PTRACE_SEIZE which doesn't
abuse SIGSTOP. Please use it instead of PTRACE_ATTACH, PTRACE_SEIZE has
more features.


As for your particular example, this is an application bug. Debugger (if
it uses PTRACE_ATTACH) should not detach until the tracee reports SIGSTOP
sent by PTRACE_ATTACH.

This can lead to other problems, say we can miss a "real" SIGSTOP from
another application, but again PTRACE_ATTACH is hopeless wrt SIGSTOP,
please consider PTRACE_SEIZE.

Oleg.