ptrace() a stopped process?

ptrace() a stopped process?

[John Moser]

[-- Attachment #1: Type: text/plain, Size: 1037 bytes --]

I tried to ptrace() a stopped process and send it SIGCONT; but gdb seems
to die a horrible death of failed assertion at this.

Is it fundamentally possible in Linux 2.6.17 to ptrace() a stopped
process?  This is rather important if, say, the process in question
SIGSTOP'd itself as a knee-jerk to detected memory corruption and waited
for a debugger.  SIGSTOP will stop all threads in the thread group and
can't be blocked, trapped, or ignored, so it's perfect for this.

Drow pointed out to me that redhat does have a patch for this that never
went in:

http://www.redhat.com/archives/fedora-cvs-commits/2005-October/msg00448.html

I was thinking of using this for spawning a child to spawn gdb and
pausing the parent process when it catches a stack smash
(__stack_chk_fail()) or a heap corruption (glibc double-free() and
malloc() checks), but there are apparently other mechanisms.  Still, gdb
dies a horrible death when you try, and if it can get along fine it
should.

-- 
John Moser <john.r.moser@gmail.com>

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 827 bytes --]

Re: ptrace() a stopped process?

[Daniel Jacobowitz]

On Mon, Jul 17, 2006 at 03:19:58PM -0400, John Moser wrote:
> Drow pointed out to me that redhat does have a patch for this that never
> went in:
> 
> http://www.redhat.com/archives/fedora-cvs-commits/2005-October/msg00448.html

They are invited to submit it :-)  Jeff, are you out there?

-- 
Daniel Jacobowitz
CodeSourcery