堆栈步上使用Linux的ptrace [英] Stack Walk on linux using ptrace

查看:287
本文介绍了堆栈步上使用Linux的ptrace的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

以下是我的要求。

而过程的运行。


  1. 附加进程A从B带PTRACE_ATTACH。

  2. 启动循环

  3. 停止进程A

  4. 读寄存器

  5. 恢复处理

  6. 睡眠(1)

  7. 循环结束

  8. 分离A

我面临的问题,与启动,并从循环恢复进程A。我试图杀(PID,SIGSTOP),杀(PID,SIGCONT),PTRACE_CONT的组合。但没有工作。

i am facing issue with Start and Resume Process A from the loop. i tried combination of kill(pid,SIGSTOP), kill(pid,SIGCONT), PTRACE_CONT. but didnt work.

任何其他的解决办法吗?

any other solutions please?

在此先感谢。
桑迪普

Thanks in advance. Sandeep

推荐答案

继code是为我工作,似乎满足您的要求 -

Following code is working for me and seems to fulfill your requirements -

A.C 

#include<stdio.h>
int main()
{
   int i=0;
   printf("My PID is - %ld\n",getpid());
   while(i>=0)
   {
   }
   return 0;
}

B.c - 跟踪过程 

int main()
{
   int pid;
   int status;
   struct user_regs_struct regs;
   unsigned int eip;

   printf("Enter pid to trace : \n");
   scanf("%d",&pid);
   printf("PID to be traced - %ld\n",pid);

   ptrace(PTRACE_ATTACH,pid,0,0);
   if(errno)
   {
        perror("attach");
        return -1;
   }

   waitpid(pid,&status,WUNTRACED);

   printf("Process Stopped\n");
   while(1)
   {
      ptrace(PTRACE_GETREGS,pid,0,&regs);
      eip=ptrace(PTRACE_PEEKTEXT,pid,regs.eip,0);

      printf("EIP - 0x%08x, instruction executed - 0x%08x\n",regs.eip,eip);

      ptrace(PTRACE_CONT,pid,0,0);
      waitpid(pid,&status,WUNTRACED);
   }

   return 0;

}

信号传递 -

Signal passed -

杀-STOP 17779
  杀-STOP 17779

kill -STOP 17779 kill -STOP 17779

A的输出 - 

xxxxx!xxxxx:~/myPer/stack_overflow [135]$ ./A
My PID is - 17779

的B输出 -

Output of B - 

XXXXX!xxxxx:~/myPer/stack_overflow [121]$ ./B
Enter pid to trace :
17779
PID to be traced - 17779
Process Stopped
EIP - 0x080483e1, instruction executed - 0x00f87d83
EIP - 0x080483e5, instruction executed - 0x00b8fa79
EIP - 0x080483e5, instruction executed - 0x00b8fa79

我们看到使得b显示EIP值传送到客户端的每个信号。基本上信号没有得到传递到A而不是将b醒来并检查EIP,然后继续循环。您可以修改code,如果你想传递的信号。

We see that B displays EIP value for each signal delivered to client. Basically signal is not getting delivered to A instead B wakes up and examines EIP and then continues in the loop. You can modify the code to deliver the signal if you want.

这是我从你的问题的理解。如果我理解别的东西,请让我知道,我会相应地更新答案

This is what i understood from your question. If i understood something else please let me know and i'll update answer accordingly

这篇关于堆栈步上使用Linux的ptrace的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
服务器开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆