Zhihui Zhang [EMAIL PROTECTED] writes:
The following small program demonstrates that a parent process can write
into the data space of its child by ptrace(). If the parent waits for the
child to exit, there is no problem. However, if the parent does not do so,
the child will get a SIGTRAP
I have tested four cases:
- PT_CONTINUE + waitpid() works fine, the trace program prints out values.
- PT_CONTINUE alone does not work but no core-dump caused by SIGTRAP
- PT_DETACH + waitpid() does not work and core-dump
- PT_DETACH alone does not work and core-dump.
Who is sending the SIGRAP
Zhihui Zhang [EMAIL PROTECTED] writes:
- PT_CONTINUE + waitpid() works fine, the trace program prints out values.
This is expected behaviour.
- PT_CONTINUE alone does not work but no core-dump caused by SIGTRAP
- PT_DETACH + waitpid() does not work and core-dump
- PT_DETACH alone does not
On 9 Feb 2002, Dag-Erling Smorgrav wrote:
Zhihui Zhang [EMAIL PROTECTED] writes:
- PT_CONTINUE + waitpid() works fine, the trace program prints out values.
This is expected behaviour.
- PT_CONTINUE alone does not work but no core-dump caused by SIGTRAP
- PT_DETACH + waitpid() does
Zhihui Zhang [EMAIL PROTECTED] writes:
On 9 Feb 2002, Dag-Erling Smorgrav wrote:
execve(2) in kern_exec.c posts SIGTRAP if the process has debugging
turned on (which it does as a result of PT_TRACE_ME).
This is one time thing. It will be catched by the first wait()
call in the parent
Yes. Subsequent SIGTRAPs normally indicate that syscall tracing is
enabled (see /sys/i386/i386/trap.c) but I don't think that's the case
here. I'll try to figure out what's happening when I find time.
DES
Is it possible that this is related to gnu/33262, wherein sendsig()
doesn't clear
This is a mystery to me. I have gone through some kernel code without
luck.
The following small program demonstrates that a parent process can write
into the data space of its child by ptrace(). If the parent waits for the
child to exit, there is no problem. However, if the parent does not do
7 matches
Mail list logo
