Pseudo Graceful Process Termination Through Code Injection

This is cute, but why not just do this with gdb? All-stop mode is on by default so it will stop all threads when you attach, and then you can simply invoke the exit_group() syscall.<p><pre><code> tty1$ .&#x2F;program tty2$ gdb attach $(ps aux | grep program | head -1 | awk &#x27;{ print $2 }&#x27;) Attaching to process 708267 [New LWP 708268] [New LWP 708269] [New LWP 708270] [New LWP 708271] [Thread debugging using libthread_db enabled] Using host libthread_db library &quot;&#x2F;lib&#x2F;x86_64-linux-gnu&#x2F;libthread_db.so.1&quot;. 0x00007f00b1633117 in ?? () from &#x2F;lib&#x2F;x86_64-linux-gnu&#x2F;libc.so.6 (gdb) p (long)syscall(231, 0) [Thread 0x7f00565e6640 (LWP 708271) exited] [Thread 0x7f005a5e8640 (LWP 708270) exited] [Thread 0x7f005ade9640 (LWP 708269) exited] [Thread 0x7f005d5ee640 (LWP 708268) exited] [Inferior 1 (process 708267) exited normally] The program being debugged exited while in a function called from GDB. Evaluation of the expression containing the function (syscall) will be abandoned. (gdb) quit tty1$ echo $? 0</code></pre>

&gt; However, what if the need arises to forcefully terminate a process, disguising it as a successful exit? ... Since the parent process would detect the non-zero exit code, there was a high likelihood of making things worse.<p>I&#x27;m still trying to imagine what situation that is. I still cannot think about any real case where this is something you need.<p>If there is, I guess this is a very rare case? As it was already commented, I guess just gdb then?<p>But the technical details on how they do it are interesting nevertheless.

<i>how can we build a tool to stop a process forcefully but make it look like a successful termination? As far as I know, Linux doesn’t provide an API to perform such a kill.</i><p>Interestingly, Windows does:<p><a href="https:&#x2F;&#x2F;learn.microsoft.com&#x2F;en-us&#x2F;windows&#x2F;win32&#x2F;api&#x2F;processthreadsapi&#x2F;nf-processthreadsapi-terminateprocess" rel="nofollow">https:&#x2F;&#x2F;learn.microsoft.com&#x2F;en-us&#x2F;windows&#x2F;win32&#x2F;api&#x2F;processt...</a>

Using gdb is probably easier.