Fix the ptrace(PTRACE_ATTACH, ...) protocol

peadar · peadar · commit bf817d1b2a14 · 2026-01-06T15:10:16.000Z
After we attach, the first signal we receive may not be our stop signal.
Check for the SIGSTOP, and if that's not what we received, then
redeliver, and continue until we get the actual stop.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -1,6 +1,6 @@
 cmake_minimum_required(VERSION 3.10)
 set(PSTACK_SOVERSION 2.16)
-set(PSTACK_VERSION 2.16)
+set(PSTACK_VERSION 2.16.1)
 project(pstack LANGUAGES C CXX VERSION "${PSTACK_VERSION}" )
 
 include (GNUInstallDirs)
@@ -9,6 +9,7 @@ add_subdirectory(tests)
 
 option(PYTHON3 "Compile with python 3 support" OFF)
 option(PYTHON2 "Compile with python 2 support" ON)
+option(PTRACE_TESTS "Run extra tests that require unrestricted access to ptrace" OFF)
 
 math(EXPR PLATFORM_BITS "${CMAKE_SIZEOF_VOID_P} * 8")
 set(PSTACK_BIN "pstack" CACHE STRING "Name of the 'pstack' binary")
@@ -175,7 +176,11 @@ add_test(NAME segv COMMAND env PSTACK_BIN=${PSTACK_BIN} ${CMAKE_SOURCE_DIR}/test
 add_test(NAME thread COMMAND env PSTACK_BIN=${PSTACK_BIN} ${CMAKE_CURRENT_SOURCE_DIR}/tests/thread-test.py)
 add_test(NAME jsondump COMMAND env PSTACK_BIN=${PSTACK_BIN} ${CMAKE_CURRENT_SOURCE_DIR}/tests/dump-test.py)
 add_test(NAME procself COMMAND tests/procself)
+
+# need to remove this test for environments with more restrictive ptrace
+if (PTRACE_TESTS)
 add_test(NAME suspend COMMAND tests/suspend)
+endif()
 if (PYTHON3 AND Python3_Development_FOUND)
    add_test(NAME pydict COMMAND env PSTACK_BIN=${PSTACK_BIN}${CMAKE_CURRENT_SOURCE_DIR}/tests/pydict_test.py)
 endif()
diff --git a/live.cc b/live.cc
@@ -180,12 +180,44 @@ LiveProcess::stop(lwpid_t tid) {
    }
    tcb.ptraceErr = 0;
 
-   int status = 0;
-   pid_t waitedpid = waitpid(tid, &status, tid == this->pid ? 0 : __WCLONE);
-   if (waitedpid == -1)
-      *context.debug << "failed to stop LWP " << tid << ": wait failed: " << strerror(errno) << "\n";
-   else if (context.verbose >= 1)
-      *context.debug << "suspend LWP " << tid << std::endl;
+   // If anything breaks from here on, we'll PT_DETACH, and send a SIGCONT in
+   // case there's any confusion
+
+   for (int count = 0; tcb.ptraceErr == 0; ++count) {
+      int status = 0;
+      pid_t waitedpid = waitpid(tid, &status, tid == this->pid ? 0 : __WCLONE);
+      if (waitedpid == -1) {
+         if (errno != EINTR) {
+            tcb.ptraceErr = errno;
+            *context.debug << "failed to stop LWP " << tid << ": wait failed: " << strerror(errno) << "\n";
+         } else {
+            *context.debug << "interrupted stopping LWP " << tid << ": retry\n";
+         }
+      } else if (!WIFSTOPPED(status)) {
+         tcb.ptraceErr = EINVAL;
+         *context.debug << "wait doesn't report LWP stopped? " << status << "\n";
+      } else if (WSTOPSIG(status) != SIGSTOP) {
+         *context.debug << "got signal " << WSTOPSIG(status)
+            << " while waiting for " << tid << " to stop - deliver and retry.";
+         siginfo_t si;
+         if (ptrace(PTRACE_GETSIGINFO, tid, nullptr, &si) != -1) {
+            *context.debug << " new siginfo: " << SigInfo{si};
+         }
+         *context.debug << "\n";
+
+         if (ptrace(PTRACE_CONT, tid, nullptr, WSTOPSIG(status)) == -1) {
+            tcb.ptraceErr = errno;
+            *context.debug << "...failed " << errno << "\n";
+         }
+      } else {
+         if (context.verbose >= 1)
+            *context.debug << "suspended LWP " << tid << " (attempt " << count+1 << ")" << std::endl;
+         return;
+      }
+   }
+   *context.debug << "sending SIGCONT to " << tid << " and detaching\n";
+   kill(tid, SIGCONT); // don't leave it hanging if we messed up.
+   ptrace(PT_DETACH, tid, caddr_t(1), 0);
 }
 
 // Parse [s]maps for this pid. We use "smaps" just for vmflags for now.
diff --git a/process.cc b/process.cc
@@ -1422,7 +1422,11 @@ std::ostream &operator << (std::ostream &os, const SigInfo &sip) {
 #else
       << "si_signo " << si.si_signo
 #endif
-      << ", si_code " << si.si_code;
+      << ", si_code " << si.si_code
+      << ", si_pid " << si.si_pid
+      << ", si_fd " << si.si_fd
+      << ", si_addr " << si.si_addr
+        ;
 
    auto codesforsig = codes.find( si.si_signo );
    if (codesforsig == codes.end()) {
@@ -1434,22 +1438,6 @@ std::ostream &operator << (std::ostream &os, const SigInfo &sip) {
       if (code != codesforsig->second.end())
             os << " - " << code->second;
    }
-
-   switch (si.si_signo) {
-      case SIGILL:
-      case SIGFPE:
-      case SIGBUS:
-      case SIGTRAP:
-#ifdef SIGEMT
-      case SIGEMT:
-#endif
-      case SIGSEGV: {
-         os << ", fault address " << std::hex << si.si_addr << std::dec;
-         break;
-      }
-
-
-   }
    return os;
 }}
 
