Reputation: 667
Conditions that make a tracee stopped, even though its parent didn't require it
I am trying to learn to use ptrace, I wrote a simple assembly stub that 1/ calls ptrace(0,0,0,0) (the syscall, not the libc function). Then displays hello world then spawns a shell. I run my code from a bash shell. Hello world is displayed, however my process is stopped before the execve(/bin/sh) (I get the bash notification of a background process) Is it because of ptrace ? Also when issuing the "fg" command to continue execution, nothing happens and I have to close the terminal since ctrl-c doesn't work... What exactly is happening ?
Upvotes: 0
Views: 220
Answers (1)
Reputation: 364180
From the execve man page:
If the current program is being ptraced, a SIGTRAP signal is sent to it after a successful execve().
Using ptrace(PTRACE_TRACEME) makes your process be a tracee of its parent, so that execve SIGTRAP behaviour applies to your process even if the parent doesn't PTRACE_ATTACH or make any other ptrace system calls. e.g. if it's a normal shell like bash rather than a debugger like GDB. (I assume PTRACE_TRACEME is 0.)
See also How does gdb start an assembly compiled program and step one line at a time? for a more detailed walk-through of how GDB uses ptrace(PTRACE_TRACEME) after fork but before execve, so the GDB process can trace the new process.
Upvotes: 1
Related Questions
- debugging with ptrace not always find the process successfully
- Linux effect of ptrace TRACEME call
- C ptrace breakpoints
- Detect whether tracee is in a signal handler when using ptrace
- What's the difference between PTRACE_O_TRACEEXEC and its absence?
- How can I debug a ptrace tracee?
- Child process not continuing execution when ptrace'ing
- Pre Ptrace how did linux gdb breakpoints work?
- PTrace Not Recognizing Child Process
- How to get a "backtrace" (like gdb) using only ptrace (linux, x86/x86_64)