Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

BUG REPORT (strace -p 1 messes up process tree) under 0.98.6

79 views
Skip to first unread message

Frank T Lofaro

unread,
Dec 16, 1992, 3:21:40 AM12/16/92
to
I don't know if this is still exists under 0.99, but I haven't had
the time to install it. I just wanted to make sure that if this bug
still exists in 0.99 that I could post about it so people know. (I will
be off the net for a month for vacation very soon). Anyway, strace -p 1
(to trace init), and then exiting strace results in the process tree
getting hosed. I get a lot of kernel messgaes about a processes parent
link pointing to self (both pid 0, and very high numbered (bogus) pids,
i.e. like 10 digits long, are mentioned). It keeps complaining until I
reboot. I could still run X, etc, but one time when I did, it got in an
infinite loop after I quit (everything hung, it was constantly scrolling
these warnings, and the hard disk light was on but flickering, as if the
system was execing continously). I had to cold reboot that time. Usually
all I get is those warnings, but things still work, but those warnings
seem to indicate to me something is really wrong, so I don't trust it
too much. Anyway, the only time I see it is after I detach PID 1 from
strace (I wonder what would happen if one could get strace to attach to
and detach from PID 0, I haven't tried since strace prevents it).


Joerg Pommnitz

unread,
Dec 17, 1992, 4:03:39 AM12/17/92
to
I have mentioned this bug to Linus when 0.98.6 was out. It's still
in 0.99, just tried it yesterday. Hope someone who is familiar with
the kernel can fix this.

Joerg

Linus Torvalds

unread,
Dec 17, 1992, 7:17:35 AM12/17/92
to

Yes, sorry about forgetting about this bug. The fix is very simple:
disallow tracing of init, even by root. Init is special in other ways
anyway (you cannot kill init with any outside signal including SIGKILL
etc), as it has to run so that zombies can be given to somebody. The fix
is easy:

in linux/kernel/ptrace.c, function sys_ptrace(), add these two lines to
just after checking against PTRACE_TRACEME:

----- pseudo-patch -----
/* set the ptrace bit in the proccess flags. */
return 0;
}
+ if (pid == 1)
+ return -EPERM;
if (!(child = get_task(pid)))
return -ESRCH;
if (request == PTRACE_ATTACH) {
----- pseudo-patch -----

That may not have been what people wanted, but it's consistent with how
the rest of the kernel handles the init task. So no, you won't be able
to trace init, but on the other hand you won't be able to mess with the
internal kernel process pointers either..

Linus

0 new messages