Adam Morrison wrote:
First of all, thanks, I got it working. I still don't understand why
it's working.
You are leaving out the last two arguments of ptrace() in the parent,
The man page says I'm allowed to do so in case the other arguments are
not used.
so
they take garbage values, causing an unknown signal to be sent to the
child. Try it with
ptrace(PTRACE_SYSCALL, ret, 0, 0);
Yes, that worked. What I don't understand, however, is why it worked.
While the man page for PTRACE_SYSCALL mentions that "addr" is ignored
(implying that "data" isn't), it does not actually tell me what the
content of data is.
When I tried writing "5" into data (i.e. - SIGTRAP) the next "wait"
returns with "Process exited with signal 5". It seems to be that when
the data field is non-empty, the signal number I write there is actually
delivered to the debugged process, but that is not documented in the
manual, as far as I could see.
Also of interest is that when I added the "printf" after the TRACEME,
that printf gets executed (output goes to the console) before the first
wait at the parent. In other words, the program is not being traced
immediately.
That's because ptrace(PTRACE_TRACEME) does not stop the process. If you
want it stopped immediately after the ptrace() call, you need to do it
yourself; e.g. send yourself a STOP signal.
Is it being traced in any other reliable point? I now understand that
the point it stops is when the first signal is being received, but I'm
not sure whether "exec" guarantees that such a signal actually happens,
or whether I should really send one myself.
In any case, thanks again. You allowed me to pass the initial hurdle.
Shachar
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
