0

I have a library that I inject into running processes using ptrace. I used this library many times in different processes without problems.

Now I want to inject into a running process that is executing a select syscall (waiting for a set of fd). After debugging I noticed that if I inject the library before the process arrives to the select, it works as expected. However if the process arrives to the select, it is impossible to inject the library.

My code injects the library and sends a SIGTRAP to ptrace in order to know if it was loaded. In all cases it works, but when process is in select I receive a SIGSEGV.

According to SIGSEV, it should be a problem accessing a wrong part of the memory, but I really doubt this is the problem as it only fails when process sleeps in select.

Is there any known issue with ptrace when process is in select?

Another interesting fact is, after receiving the SIGNALSEGV, I resume the process with the initial state when it got attached and it continues sleeping in select without any problem. I spent several days debugging the SIGSEGV and looking how select works but I can not find the solution. Any ideas or help will be appreciated.

linx_94_
  • 1
  • It might be helpful to anyone trying to answer to have the library and some example command lines, so they can reproduce the problem. – domen Aug 25 '20 at 07:55
  • Well, myself and many others have used strace (also with select) for years if not decades. I'd assume there's a problem with something that's different in your case (your injection code, the libraries etc). You leave anyone answering with vague code descriptions and which don't really help unless you've already figured out that the problem really is some `select`+`ptrace` interaction. Is there a https://stackoverflow.com/help/minimal-reproducible-example ? – domen Aug 25 '20 at 14:07
  • https://man7.org/linux/man-pages/man2/ptrace.2.html After undefined hours I concluded is this bug: What is not visible here is that the process was blocked in epoll_wait(2) before strace(1) has attached to it. Attaching caused epoll_wait(2) to return to user space with the error EINTR. In this particular case, the program reacted to EINTR by checking the current time, and then executing epoll_wait(2) again. I does not mention select, but I am sure it must be this.Code works with other processes and I have reviewed all the code a hundred times.Any idea? – linx_94_ Aug 25 '20 at 22:03

0 Answers0