Fix sensor's signal handling in ptrace monitor (#311)

When the ptrace monitor intercepts a signal, it should be returned to the origin process on the next loop iteration to continue the process' execution. Due to a wrong local variable scope, the actual signal code was lost (i.e., reset to 0) between two consequent loop iterations. This led to processes getting stuck in the container under the docker-slim control. Here is the small repro. Build the following container: ``` FROM openjdk:11 COPY <<EOF /opt/start.sh set -ex java -version EOF RUN chmod +x /opt/start.sh CMD ["/opt/start.sh"] ``` ...And try optimizing it using using the next command: ``` ./docker-slim --log-level trace build --http-probe-off --show-clogs <tag> ``` The `java -version` command would never exit before this commit.
slimtoolkit · Apr 11, 2022 · d3b7a36 · d3b7a36
1 parent 2fdb95e
commit d3b7a36
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 9 deletions.
diff --git a/.gitignore b/.gitignore
@@ -9,3 +9,4 @@
 dist_linux*.tar.gz
 dist_mac.zip
 .idea
+*.swp
diff --git a/pkg/monitor/ptrace/ptrace.go b/pkg/monitor/ptrace/ptrace.go
@@ -518,9 +518,8 @@ func (app *App) collect() {
 	mainExiting := false
 	waitFor := -1
 	doSyscall := true
+	callSig := 0
 	for {
-		var callSig int
-
 		select {
 		case <-app.StopCh:
 			log.Debug("ptrace.App.collect: stop (exiting)")
@@ -572,8 +571,8 @@ func (app *App) collect() {
 			return
 		}
 
+		callSig = 0 // reset
 		terminated := false
-		stopped := false
 		eventStop := false
 		handleCall := false
 		eventCode := 0
@@ -586,7 +585,6 @@ func (app *App) collect() {
 			terminated = true
 			statusCode = int(ws.Signal())
 		case ws.Stopped():
-			stopped = true
 			statusCode = int(ws.StopSignal())
 			if statusCode == int(syscall.SIGTRAP|traceSysGoodStatusBit) {
 				handleCall = true
@@ -754,10 +752,6 @@ func (app *App) collect() {
 			}
 		}
 
-		if stopped {
-			callSig = statusCode
-		}
-
 		doSyscall = true
 		callPid = wpid
 	}

diff --git a/scripts/src.build.quick.sh b/scripts/src.build.quick.sh
@@ -18,7 +18,7 @@ LD_FLAGS="-s -w -X github.com/docker-slim/docker-slim/pkg/version.appVersionTag=
 
 BINDIR="${BDIR}/bin"
 mkdir -p "$BINDIR"
-rm -f "${BINDIR}/"*
+rm -rf "${BINDIR}/"*
 
 CGO_ENABLED=0 go build -ldflags="${LD_FLAGS}" -mod=vendor -o "${BINDIR}/docker-slim" "${BDIR}/cmd/docker-slim/main.go"
 CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="${LD_FLAGS}" -mod=vendor -o "${BINDIR}/docker-slim-sensor" "${BDIR}/cmd/docker-slim-sensor/main.go"