Bug 217001

Summary: Undocumented behavior of ptrace(2) when a seized process gets SIGCONT
Product: Documentation Reporter: Shuhei Takahashi (takahashi.shuhei)
Component: man-pagesAssignee: documentation_man-pages (documentation_man-pages)
Status: NEEDINFO ---    
Severity: normal    
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: Subsystem:
Regression: No Bisected commit-id:

Description Shuhei Takahashi 2023-02-04 08:15:43 UTC 
When we use ptrace(PTRACE_SEIZE) to attach to a process, sending SIGCONT to the tracee causes the tracer to get notified with PTRACE_EVENT_STOP with SIGTRAP, but this behavior is not documented in the ptrace(2) man page.

The man page says:

> PTRACE_EVENT_STOP
> Stop induced by PTRACE_INTERRUPT command, or group-stop,
> or initial ptrace-stop when a new child is attached (only
> if attached using PTRACE_SEIZE).

Here's code to reproduce the behavior (in Rust):

https://github.com/nix-rust/nix/pull/1996/files#diff-65efa0db9bf3f9cbccfee8c987cb6c98ecf77576e0b46a87cab7ec4cfcbff172R324

I saw this behavior is explained in the following stackoverflow entry.
https://stackoverflow.com/a/49468347
Comment 1 Alejandro Colomar 2023-05-19 12:12:43 UTC 
Would you please send a patch according to the ./CONTRIBUTING file in the
repo?