extraneous ;?

A label in C is part of the statement, perhaps empty. Usually you can get away without ; since there is usually a statement following, e.g. return();. In this case, the label preceeds the closing brace for a block, so compiler would just barf at syntax error without an empty statement.

Indeed, somehow I missed that it immediately preceded the closing brace.

• In the first sentence, "to" should be removed.
• The second comma in the second sentence should be removed. Also, "decided" implies that the thread has control over this, but the recipient of SIGSTOP is determined by the tracer. "which was decided" seems more accurate to me, since the decision is made by a different thread.
• In the third sentence, "avoid overwriting another thread's assignment to p_xthread"
• In the fourth sentence, maybe "If another thread has already set p_xthread, the current thread will get a chance to report itself upon the next iteration."

Thank you.

Technically this doesn't need the FSTP stuff since the child process is always single-threaded so the race cannot occur. However, this doesn't hurt.

Should this be testing TDB_FSTP instead? Can there be a pending SIGSTOP in a thread's td_sigqueue that isn't due to ptrace? (I guess the real question is if you can have multiple SIGSTOP's pending, each for a different thread? If so, I wonder if you can "lose" a SIGSTOP that was queued to a thread due to !ptrace?)

The race can occur with single-threaded process as well, Mark provided the test program. The race there would be not among threads, but among signals for selection in issignal(). If there is numerically lower than SIGSTOP signal pending, it would selected before SIGSTOP, and reported first.

No, I do not think that TDP_FSTP check would be correct there.

First, SIGSTOP (and SIGKILL) are never queued as siginfo, they are exceptional signals only set in the sigqueue bitmask. See the very beginning of the sigqueue_add().

Second, kern_psignal() pass td == NULL to tdsendsignal(), so tdsendsignal() selects process sigqueue.

Third, note that I only remove SIGSTOP from the process sigqueue (bitmask).

If there is a non-consumed SIGSTOP due to PT_ATTACH, P2_PTRACE_FSTP flag must be set, and the removal only from the process sigqueue is (almost) correct. If any SIGSTOP was queued to a thread and not to the process, then this sigqueue_delete() would not affect it.

I said 'almost' above, because there is a situation with two simultaneous SIGSTOPs, one from PT_ATTACH, another from kill(2), which would collapsed in the single bit in sigqueue sq_kill mask. Then the removal prevents a stop. This is the only situation where I see an issue. I think it can be hand-waved around by saying that kill(SIGSTOP) raced and was queued before PT_ATTACH.

The only thing I'm somewhat confused on then is the statement:

"Third, note that I only remove SIGSTOP from the process sigqueue (bitmask)."

Yet, you are calling 'sigqueue_delete(&td3->td_sigqueue, SIGSTOP)' on each thread in this loop? Is the sigqueue_delete a nop? Or are you saying that the only possible per-thread SIGSTOP's are those from a ptracestop()?

Sure, it is me being stupid.