Re: ptrace.2: PTRACE_KILL needs a stopped process too

From: Mike Frysinger
Date: Wed May 09 2012 - 15:09:05 EST

On Sunday 22 April 2012 16:04:59 Oleg Nesterov wrote:
> On 04/23, Michael Kerrisk (man-pages) wrote:
> > [widening CC]
> add more CC's
> > The man page says "For requests other than PTRACE_KILL,
> Argh, PTRACE_KILL again.
> You know, I simply do not know what it was supposed to do. I can only
> see what the code actually does.
> > the child process
> > must be stopped."
> Yes and no.
> Yes, ptrace(PTRACE_KILL) "succeeds" even if the tracee is not stopped.
> No, it has no effect if the tracee is not stopped.
> All I can say is: PTRACE_KILL should never exist. If you want to kill
> the tracee, you can do kill(SIGKILL).
> Roughly, ptrace(PTRACE_KILL) is equal to ptrace(PTRACE_CONT, SIGKILL)
> except it always returns 0.
> > If the man page is describing actual intended kernel behavior, then it's
> > a fairly long-standing kernel bug.
> Perhaps. May be it should simply do kill(SIGKILL), but then it is not
> clear why do we have PTRACE_KILL. And once again, I was never able to
> understand the supposed behaviour.
> Personally, I think we should fix the documentation. And imho the only
> possible fix is to add this note: do not ever use PTRACE_KILL.

probably not that big of a deal, but the reason i like using
ptrace(PTRACE_KILL) over a raw kill() is that you are less likely to kill the
wrong process by accident. maybe not that big of a deal in practice though.

Attachment: signature.asc
Description: This is a digitally signed message part.