Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

ptrace and threads

Tags:

linux

multithreading

linux-kernel

system-calls

ptrace

I'm working on an linux application incorporating ptrace to observe the threads of another process. When the application I observe forks a child process this already works quite well. By calling waitpid in my application I can obtain the following signals in the observing application:

  • SIGSTOP form the child process
  • SIGTRAP from the parent

To keep track of all the children I setup ptrace with PTRACE_O_TRACEFORK, PTRACE_O_TRACEVFORK, PTRACE_O_TRACECLONE and PTRACE_O_TRACEEXIT.

While everything is working quite fine with child processes, I cannot observe the threads of the application. I get the SIGTRAP from the process creating the thread but I don't get any signals from the thread.

Is there anything special with threads and ptrace? How does strace keep track of threads (I could not find any special routines dedicated to threads in the code of strace)?

This is how I use ptrace in my application:

  • First I attach to a process: ptrace(PTRACE_ATTACH, pid, NULL, NULL);
  • Then, I call waitpid(): trace_pid = waitpid(-1, &status, 0);
  • Set ptrace options: ptrace(PTRACE_SETOPTIONS, pid, NULL, PTRACE_O_TRACEFORK | PTRACE_O_TRACEVFORK | PTRACE_O_TRACECLONE | PTRACE_O_TRACEEXIT);

After attaching to pid I'm calling waitpid() in a loop and call ptrace(PTRACE_SETOPTIONS... for every new task reported by ptrace. Of course, I continue the tasks with SIGCONT after event handling.

like image 252
mupro Avatar asked Sep 02 '11 23:09

mupro

People also ask

What does ptrace do?

The ptrace() system call provides a means by which one process (the "tracer") may observe and control the execution of another process (the "tracee"), and examine and change the tracee's memory and registers. It is primarily used to implement breakpoint debugging and system call tracing.

What are problems with ptrace?

Finally, ptrace() is hard to implement correctly and consistently. As a result, there has been a long history of obnoxious bugs associated with it, and user-space code which uses ptrace() tends to become encrusted with non-portable workarounds.

Can a process ptrace itself?

Because processes cannot ptrace themselves, we're forced to use spawn a child process which does that work.

How is ptrace implemented?

ptrace provides a mechanism by which a parent process may observe and control the execution of another process. It can examine and change its core image and registers and is used primarily to implement breakpoint debugging and system call tracing.

1 Answers

Finally, I've found the solution myself: I got the signals from all the threads by calling

waitpid(-1, &status, __WALL)

instead of

waitpid(-1, &status, 0)
like image 92
mupro Avatar answered Oct 08 '22 13:10

mupro
Sign in to Comment

Related questions

Under Linux, can recv ever return 0 on UDP?
How to write full-screen Linux console app/script?
Bluetooth pairing in C blueZ on Linux
How to run HelloWeb from asp.net vnext on a Mac?
Why is the subprocess.Popen argument length limit smaller than what the OS reports?
Xlib How Does This (Removing Window Decoration) Work?
Introduction to use of GCC / make for Visual Studio users
Best way to do a timer in UNIX
What is the acpi_pm linux clocksource used for, what hardware implements it?
binutils/bfd.h wants config.h now?
Shell function to tail a log file for a specific string for a specific time
Linux Interrupt vs. Polling
sed - insert line after X lines after match
Hadoop Mapper is failing because of "Container killed by the ApplicationMaster"
.net-core: Equivalent of ILDASM / ILASM
Shmem vs tmpfs vs mmap [closed]
Duplicate file descriptor with its own file offset
Running 32 bit assembly code on a 64 bit Linux & 64 bit Processor : Explain the anomaly
What is EGL And How Can I Use It
Using Hardware Performance Counters in Linux

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!