Date: Wed, 27 Aug 2014 00:55:22 +0300 From: Konstantin Belousov <kostikbel@gmail.com> To: John Baldwin <jhb@freebsd.org> Cc: Mateusz Guzik <mjguzik@gmail.com>, Mateusz Guzik <mjg@freebsd.org>, John-Mark Gurney <jmg@funkthat.com>, src-committers@freebsd.org, svn-src-head@freebsd.org, svn-src-all@freebsd.org Subject: Re: svn commit: r270444 - in head/sys: kern sys Message-ID: <20140826215522.GG2737@kib.kiev.ua> In-Reply-To: <201408261723.10854.jhb@freebsd.org> References: <201408240904.s7O949sI083660@svn.freebsd.org> <201408261509.26815.jhb@freebsd.org> <20140826193210.GL71691@funkthat.com> <201408261723.10854.jhb@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--zb2WCku5UPqpvxO1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Aug 26, 2014 at 05:23:10PM -0400, John Baldwin wrote: > On Tuesday, August 26, 2014 3:32:10 pm John-Mark Gurney wrote: > > John Baldwin wrote this message on Tue, Aug 26, 2014 at 15:09 -0400: > > > On Monday, August 25, 2014 6:30:34 pm John-Mark Gurney wrote: > > > > John Baldwin wrote this message on Mon, Aug 25, 2014 at 13:35 -0400: > > > > > On Monday, August 25, 2014 07:02:41 PM Mateusz Guzik wrote: > > > > > > On Mon, Aug 25, 2014 at 10:23:19AM -0400, John Baldwin wrote: > > > > > > > On Sunday, August 24, 2014 09:04:09 AM Mateusz Guzik wrote: > > > > > > > > Author: mjg > > > > > > > > Date: Sun Aug 24 09:04:09 2014 > > > > > > > > New Revision: 270444 > > > > > > > > URL: http://svnweb.freebsd.org/changeset/base/270444 > > > > > > > >=20 > > > > > > > > Log: > > > > > > > > Fix getppid for traced processes. > > > > > > > > =20 > > > > > > > > Traced processes always have the tracer set as the parent. > > > > > > > > Utilize proc_realparent to obtain the right process when = needed. > > > > > > >=20 > > > > > > > Are you sure this won't break things? I know of several appl= ications that > > > > > > > expect a debugger to be the parent when attached and change b= ehavior as a > > > > > > > result (e.g. inserting a breakpoint on an assertion failure r= ather than > > > > > > > generating a core). Shouldn't such applications use a breakpoint instruction like INT3 unconditionally then ? Detection of the attached debugger is inherently racy, the debugger might have detached after the test. This, and the fact that default action for the SIGTRAP is coredumping. > > > > > >=20 > > > > > > Well, this is what linux and solaris do. > > > > >=20 > > > > > Interesting. > > > > >=20 > > > > > > I don't feel strongly about this change. If you really want I'm= happy to > > > > > > revert. > > > > >=20 > > > > > In general I'd like to someday have the debugger-debuggee relatio= nship not=20 > > > > > override parent-child and this is a step in that direction. Howe= ver, this=20 > > > > > will break existing applications, so this needs to be clearly doc= umented in=20 > > > > > the release notes. In addition, we should probably advertise how= a process=20 > > > > > can correctly determine if it is being run under a debugger (righ= t now you can=20 > > > > > do 'getppid()' and use strcmp or strstr on the p_comm of that pid= so you can=20 > > > > > do different things for "gdb" vs "gcore", etc. so just checking P= _TRACED from=20 > > > > > kinfo_proc wouldn't be equivalent in functionality) > > > >=20 > > > > But what about when you attach gdb to a running process... That > > > > doesn't magicly make the now debugged process a child of gdb does i= t? > > >=20 > > > % cat hello.c > > > #include <stdio.h> > > >=20 > > > int > > > main() > > > { > > > printf("hello world\n"); > > > (void)getchar(); > > > return (0); > > > } > > > % cc -g hello.c -o hello > > > % ./hello=20 > > > hello world > > > load: 9.81 cmd: hello 42599 [ttyin] 1.67r 0.00u 0.00s 0% 1056k > > >=20 > > > < different window > > > >=20 > > > % ps -O ppid -p `pgrep hello` > > > PID PPID TT STAT TIME COMMAND > > > 42599 5340 16 I+ 0:00.00 ./hello > > > % gdb hello `pgrep hello` > > > GNU gdb 6.1.1 [FreeBSD] > > > ... > > > (gdb) <hit Ctrl-Z> > > > Suspended > > > % ps -O ppid -p `pgrep hello` > > > PID PPID TT STAT TIME COMMAND > > > 42599 45079 16 TX+ 0:00.00 ./hello > >=20 > > Wow, learn something new every day... > >=20 > > But doesn't that break apps that use getppid to signal their parent > > that forked them? >=20 > Until mjg@'s commit, yes. It's been that way in FreeBSD at least for > as long as I can remember. Certainly back to 4.x. The ps(1) trick continues to work after the commit, since kern_proc sysctl directly accesses p_pptr to fill ki_ppid. I simply forgot about it during the review. Anyway, checking the parent pid is definitely not the right way to see if the process is under ptrace debugging. What if the parent is the debugger ? The p_flag AKA ki_flag P_TRACED bit seems to be the correct indicator. --zb2WCku5UPqpvxO1 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJT/QJJAAoJEJDCuSvBvK1BEfkP/jjIzJjcDvk+DitCmqKWoe7i rp//4QfHcy6dFhrfvE/6hY50RC9OkDYPW1dN+8BMuiFv776ZvNpSRPS20d8tHF2Y dJlo+ljE+2YzS3u279fP7b0g1CtbR6gJSaxLrrnQmsAZ/xkGGZuKXT2mlzy7389g cy3Kyx8UhwgSiDujcIpFygB7OK2zmvioygt2eZY52n7p9IIUJ/PI8KBmm870Q+9g tJw3ziuP6YYd7k37zpkhYBVKdmzR+H7TKjLKjIr5+xbKE4BJEyhBcWSWFuoI8RjI MEdsZ0N4CbOHnVgEnCD4JJ7GTHWQi3Ug02yKKmeZd4u8eiUtIeeAftOhMI3HjFGp 316Q/M/qbzJo/NsaRx+CRKOKEXzxXEGsI28hCcPfBYcfj+jrrQ3DVlCkL2PJ6p6D yCG8KfeitmnR1bkz+34py//Ah2llENkPiGpItl9GeM/22KYc/kJXeHDJ0emTh+M+ MVZyyhjsDKsSrv9M9wgMZhvARyYg/o3htU+zv7iFbR/iFRwnnvoAb2Nq5RCctsBv Cr261JZjH29QbjvGT/jxoeuks3vgEpx0j6IuACPE5Gqdl7W3UiXiMSpTubMHDznG iH0B3B8yjX56W6uOuwfDRcjHnd9U+F2LW0gVIdOT+yKZwrXZZZ+soXF6UaEL1NuU kxNqjeIfMAWddg3ML7yY =0bVf -----END PGP SIGNATURE----- --zb2WCku5UPqpvxO1--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140826215522.GG2737>