1436882 - Parent process debugging broken by passing the wrong termination signal to clone()

Status: RESOLVED FIXED

(Core :: Security: Process Sandboxing, defect, P1)

Description

[Jed Davis [:jld] ⟨⏰|UTC-7⟩ ⟦he/him⟧]

GDB seems to not recognize that the clone() call used in bug 1401062 is creating a new process.  It attaches to the child task as if it were a thread, treats its execve() call as applying to the whole process, and generally becomes confused:

[New Thread 0x7fffcf4ff700 (LWP 17199)]
[New Thread 0x7fffe5825700 (LWP 17200)]
[New Thread 0x7fffe5825700 (LWP 17201)]
process 17146 is executing new program: /home/jld/src/obj.gecko-dev/obj-x86_64-pc-linux-gnu/dist/bin/firefox
[New LWP 17202]
[New LWP 17203]
[New LWP 17204]
[New LWP 17205]
[New LWP 17146]
[New LWP 17201]
Error while reading shared library symbols for /lib/x86_64-linux-gnu/libpthread.so.0:
Cannot find user-level thread for LWP 17200: generic error


Temporary workaround: set MOZ_ASSUME_USER_NS=0 in the environment.  (If not using Gecko Media Plugins and if the build is after bug 1430949 landed, lowering the security.sandbox.content.level pref from 4 to 3 should also work.)

Comment 1

[Jed Davis [:jld] ⟨⏰|UTC-7⟩ ⟦he/him⟧]

This turns out to be a silly mistake on my part: I forgot to include the termination signal in the clone() flags, so it's 0.  If that field isn't equal to SIGCHLD, and the cloning process is being ptraced, then the kernel reports PTRACE_EVENT_CLONE instead of PTRACE_EVENT_FORK, and that's why GDB thinks it's a thread rather than a child process.

(The original version of those patches did this correctly, but later I switched from using the clone syscall directly to a more complicated approach using the libc clone() function and forgot that part.)

Comment 2

[Jed Davis [:jld] ⟨⏰|UTC-7⟩ ⟦he/him⟧]

Attachment: Bug 1436882 - Fix termination signal when clone()ing child processes.

This fixes a mistake in bug 1401062: the termination signal was omitted,
so it's 0, and if it isn't exactly SIGCHLD, then a tracer/debugger will
receive PTRACE_EVENT_CLONE rather than PTRACE_EVENT_FORK.  This causes
GDB to see the child process as a thread instead of a separate process,
and it becomes very confused after the process calls execve().

Review commit: https://reviewboard.mozilla.org/r/218964/diff/#index_header
See other reviews: https://reviewboard.mozilla.org/r/218964/

Comment 3

[Gian-Carlo Pascutto [:gcp]]

Comment on attachment 8949598 [details]
Bug 1436882 - Fix termination signal when clone()ing child processes.

https://reviewboard.mozilla.org/r/218964/#review224732

Comment 4

[Pulsebot]

Pushed by jedavis@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/5ea26fba220d
Fix termination signal when clone()ing child processes. r=gcp

Comment 5

[Cristina Coroiu [:ccoroiu]]

https://hg.mozilla.org/mozilla-central/rev/5ea26fba220d

Comment 6

[Sebastian Hengst [:aryx] (needinfo me if it's about an intermittent or backout)]

https://hg.mozilla.org/mozilla-central/rev/5ea26fba220d