Re: Tracing in the presence of forks.

From: Michael Elizabeth Chastain (mec@shout.net)
Date: Thu Aug 31 2000 - 23:23:27 EDT

Next message: Erik McKee: "Re: SCO: "thread creation is about a thousand times faster than on"

Previous message: David Weis: "Re: processes hung"
Maybe in reply to: Tim Muir: "Tracing in the presence of forks."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Is there any mechanism to automatically stop a process created
> by a traced parent preventing this race condition from occurring ?

Yeah, use ptrace to stop on every child system call. When the child
calls fork(), then change its memory at the return instruction to
"jmp ." instruction. Then the grandchild will be born into slavery
and you can attach to it before it runs away.

Works for me.

You could do the same thing without stopping on every system call by
assuming that "fork" is the only function that actually calls the kernel
to fork, and setting breakpoints in there and then doing the "jmp ."
trick. That doesn't protect against children that are actively seeking
to evade control but it ought to work on all well behaved citizens.

Gosh, I feel like Big Brother now.

Michael
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/

Next message: Erik McKee: "Re: SCO: "thread creation is about a thousand times faster than on"
Previous message: David Weis: "Re: processes hung"
Maybe in reply to: Tim Muir: "Tracing in the presence of forks."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Thu Aug 31 2000 - 23:29:06 EDT