From: Oleg Nesterov <oleg@redhat.com>
To: Dmitry Vyukov <dvyukov@google.com>
Cc: LKML <linux-kernel@vger.kernel.org>,
roland@hack.frob.com, syzkaller@googlegroups.com,
Kostya Serebryany <kcc@google.com>,
Alexander Potapenko <glider@google.com>,
Robert Swiecki <swiecki@google.com>,
Kees Cook <keescook@google.com>, Julien Tinnes <jln@google.com>,
Eric Dumazet <edumazet@google.com>
Subject: Re: Unkillable processes due to PTRACE_TRACEME
Date: Mon, 19 Oct 2015 21:49:11 +0200 [thread overview]
Message-ID: <20151019194911.GA20063@redhat.com> (raw)
In-Reply-To: <CACT4Y+Zu9uvt5z_LRAQaPTo+nwfodwBbjkeTRHoxGKRCPqpx5Q@mail.gmail.com>
On 10/19, Dmitry Vyukov wrote:
>
> The following program hangs in some interesting state and is not
> killable (started by a normal user, not root):
Thanks.
> #include <pthread.h>
> #include <unistd.h>
> #include <sys/ptrace.h>
> #include <stdio.h>
> #include <signal.h>
>
> void *thr(void *arg) {
> ptrace(PTRACE_TRACEME, 0, 0, 0);
> sleep(3);
> kill(getpid(), SIGCHLD);
> return 0;
> }
>
> int main() {
> if (fork() == 0) {
> sleep(1);
> pthread_t th;
> pthread_create(&th, 0, thr, 0);
> sleep(1);
> }
> return 0;
> }
>
>
> The child process attaches as tracee to init process
Yes, although in a racy manner, the parent can exit after
PTRACE_TRACEME in this case the kernel will untrace the task
before reparenting. Not that this matters.
> and then hangs in
> a state that I don't understand. When I did a similar thing but
> attached it to a normal parent process (shell), I still was able to
> get rid of it by killing parent (shell).
See above.
So I bet the problem is that your /sbin/init doesn't use __WALL,
so wait() doesn't reap the traced zombie sub-thread, and thus it
can't release the non-empty thread group.
Could you please verify? Just do "strace -p1" and send SIGCHLD to
init.
perhaps eligible_child() should assume WALL if ptrace && ZOMBIE...
Oleg.
next prev parent reply other threads:[~2015-10-19 19:52 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-19 17:53 Unkillable processes due to PTRACE_TRACEME Dmitry Vyukov
2015-10-19 19:49 ` Oleg Nesterov [this message]
2015-10-19 20:17 ` Dmitry Vyukov
2015-10-20 8:34 ` Dmitry Vyukov
2015-10-20 8:39 ` Dmitry Vyukov
2015-10-20 10:55 ` Oleg Nesterov
2015-12-03 20:56 ` Pavel Machek
2015-12-04 19:02 ` Oleg Nesterov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151019194911.GA20063@redhat.com \
--to=oleg@redhat.com \
--cc=dvyukov@google.com \
--cc=edumazet@google.com \
--cc=glider@google.com \
--cc=jln@google.com \
--cc=kcc@google.com \
--cc=keescook@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=roland@hack.frob.com \
--cc=swiecki@google.com \
--cc=syzkaller@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.