From: Roland McGrath <roland@redhat.com>
To: Andrew Morton <akpm@osdl.org>, Linus Torvalds <torvalds@osdl.org>
Cc: linux-kernel@vger.kernel.org
Subject: [PATCH] wait4 PTRACE_ATTACH race fix
Message-Id: <20051011050526.7F047180989@magilla.sf.frob.com>
Date: Mon, 10 Oct 2005 22:05:26 -0700 (PDT)
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1465
Lines: 35

Back about a year ago when I last fiddled heavily with the do_wait code, I
was thinking too hard about the wrong thing and I now think I introduced a
bug whose inverse thought I was fixing.  Apparently noone was looking too
hard over much shoulder, so as to cite my bogus reasoning at the time.  In
the race condition when PTRACE_ATTACH is about to steal a child and then
the child hits a tracing event (what my_ptrace_child checks for), the real
parent does need to set its flag noting it has some eligible live children.
Otherwise a spurious ECHILD error is possible, since the child in question
is not yet on the ptrace_children list.

Signed-off-by: Roland McGrath <roland@redhat.com>

--- linux-2.6/kernel/exit.c
+++ linux-2.6/kernel/exit.c
@@ -1370,6 +1370,15 @@ repeat:
 
 			switch (p->state) {
 			case TASK_TRACED:
+				/*
+				 * When we hit the race with PTRACE_ATTACH,
+				 * we will not report this child.  But the
+				 * race means it has not yet been moved to
+				 * our ptrace_children list, so we need to
+				 * set the flag here to avoid a spurious ECHILD
+				 * when the race happens with the only child.
+				 */
+				flag = 1;
 				if (!my_ptrace_child(p))
 					continue;
 				/*FALLTHROUGH*/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/