1 files changed, 15 insertions, 8 deletions

diff --git a/pkg/sentry/platform/ptrace/subprocess.go b/pkg/sentry/platform/ptrace/subprocess.go
index dca8e4c0e..15e84735e 100644
--- a/pkg/sentry/platform/ptrace/subprocess.go
+++ b/pkg/sentry/platform/ptrace/subprocess.go
@@ -123,7 +123,7 @@ type subprocess struct {
 	contexts map[*context]struct{}
 }
 
-// newSubprocess returns a useable subprocess.
+// newSubprocess returns a usable subprocess.
 //
 // This will either be a newly created subprocess, or one from the global pool.
 // The create function will be called in the latter case, which is guaranteed
@@ -155,6 +155,7 @@ func newSubprocess(create func() (*thread, error)) (*subprocess, error) {
 			errChan <- err
 			return
 		}
+		firstThread.grabInitRegs()
 
 		// Ready to handle requests.
 		errChan <- nil
@@ -179,6 +180,7 @@ func newSubprocess(create func() (*thread, error)) (*subprocess, error) {
 
 			// Detach the thread.
 			t.detach()
+			t.initRegs = firstThread.initRegs
 
 			// Return the thread.
 			r <- t
@@ -253,7 +255,7 @@ func (s *subprocess) newThread() *thread {
 	return t
 }
 
-// attach attachs to the thread.
+// attach attaches to the thread.
 func (t *thread) attach() {
 	if _, _, errno := syscall.RawSyscall(syscall.SYS_PTRACE, syscall.PTRACE_ATTACH, uintptr(t.tid), 0); errno != 0 {
 		panic(fmt.Sprintf("unable to attach: %v", errno))
@@ -269,7 +271,9 @@ func (t *thread) attach() {
 
 	// Initialize options.
 	t.init()
+}
 
+func (t *thread) grabInitRegs() {
 	// Grab registers.
 	//
 	// Note that we adjust the current register RIP value to be just before
@@ -281,9 +285,9 @@ func (t *thread) attach() {
 	t.initRegs.Rip -= initRegsRipAdjustment
 }
 
-// detach detachs from the thread.
+// detach detaches from the thread.
 //
-// Because the SIGSTOP is not supressed, the thread will enter group-stop.
+// Because the SIGSTOP is not suppressed, the thread will enter group-stop.
 func (t *thread) detach() {
 	if _, _, errno := syscall.RawSyscall6(syscall.SYS_PTRACE, syscall.PTRACE_DETACH, uintptr(t.tid), 0, uintptr(syscall.SIGSTOP), 0, 0); errno != 0 {
 		panic(fmt.Sprintf("can't detach new clone: %v", errno))
@@ -370,13 +374,16 @@ func (t *thread) destroy() {
 
 // init initializes trace options.
 func (t *thread) init() {
-	// Set our TRACESYSGOOD option to differeniate real SIGTRAP.
+	// Set the TRACESYSGOOD option to differentiate real SIGTRAP.
+	// set PTRACE_O_EXITKILL to ensure that the unexpected exit of the
+	// sentry will immediately kill the associated stubs.
+	const PTRACE_O_EXITKILL = 0x100000
 	_, _, errno := syscall.RawSyscall6(
 		syscall.SYS_PTRACE,
 		syscall.PTRACE_SETOPTIONS,
 		uintptr(t.tid),
 		0,
-		syscall.PTRACE_O_TRACESYSGOOD,
+		syscall.PTRACE_O_TRACESYSGOOD|syscall.PTRACE_O_TRACEEXIT|PTRACE_O_EXITKILL,
 		0, 0)
 	if errno != 0 {
 		panic(fmt.Sprintf("ptrace set options failed: %v", errno))
@@ -419,7 +426,7 @@ func (t *thread) syscall(regs *syscall.PtraceRegs) (uintptr, error) {
 	// between syscall-enter-stop and syscall-exit-stop; it happens *after*
 	// syscall-exit-stop.)" - ptrace(2), "Syscall-stops"
 	if sig := t.wait(stopped); sig != (syscallEvent | syscall.SIGTRAP) {
-		panic(fmt.Sprintf("wait failed: expected SIGTRAP, got %v [%d]", sig, sig))
+		t.dumpAndPanic(fmt.Sprintf("wait failed: expected SIGTRAP, got %v [%d]", sig, sig))
 	}
 
 	// Grab registers.
@@ -551,7 +558,7 @@ func (s *subprocess) switchToApp(c *context, ac arch.Context) bool {
 		if c.signalInfo.Code > 0 {
 			// The signal was generated by the kernel. We inspect
 			// the signal information, and may patch it in order to
-			// faciliate vsyscall emulation. See patchSignalInfo.
+			// facilitate vsyscall emulation. See patchSignalInfo.
 			patchSignalInfo(regs, &c.signalInfo)
 			return false
 		} else if c.signalInfo.Code <= 0 && c.signalInfo.Pid() == int32(os.Getpid()) {