HP-UX Reference (11i v1 05/09) - 2 System Calls (vol 5)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals

271

272

273

274

275

276

277

278

279

280

ptrace(2) ptrace(2)

typedef struct ptrace_state{

events_t pe_report_event;

int pe_path_len;

pid_t pe_other_pid;

} ptrace_state_t;

The event that the traced process responded to and stopped is logged in the

pe_report_event member. One of

PTRACE_EXEC , PTRACE_EXIT , PTRACE_FORK ,

PTRACE_SIGNAL ,orPTRACE_VFORK is logged here. See the deﬁnition of events_t

for more details.

If the event that the traced process responded to was

PTRACE_EXEC , then the

pe_path_len member provides the length of the path name string (which is the path

name of the executable ﬁle) not including the null terminating character.

If the event that the traced process responded to was

PTRACE_FORK or

PTRACE_VFORK , then the pe_other_pid member provides the parent’s pid when

accessed from the child’s context, and the child’s pid when accessed from the parent’s

context.

The request fails if the number of bytes requested is less than zero or greater than the

size of the ptrace_event structure and its

errno is set to [EIO].

PT_GET_PROCESS_PATHNAME

If the event that the traced process responded to and stopped was PTRACE_EXEC ,

then this request is used by the calling process to access the path name of the execut-

able ﬁle provided as a path or ﬁle argument to exec*(). The request reads data

bytes of data of the path name string from the traced process’s context into the data

buffer in user space pointed to by addr . The addr2 argument is ignored. In the typi-

cal case, data is equal to the value of the pe_path_len member of the ptrace_state

structure returned via the

PT_GET_PROCESS_STATE

request.

If the number of bytes requested is greater than zero but less than the length of the

path name string, then the number of bytes requested is returned. If the number of

bytes requested is greater than the length of the path name string, then the full path

name string (including the null terminating character) is returned.

The request fails if the number of bytes requested is less than zero, and its

errno

set to [EIO].

EXAMPLES

The following example illustrates the use of some of the

ptrace() requests by a tracing process.

#include <stdio.h>

#include <signal.h>

#include <sys/wait.h>

#include <sys/ptrace.h>

#define BUFSIZ 1024

#define MAXPATH 1024

pid_t npid, cpid, pid;

int status, errors=0, pathlength;

ptrace_event_t *event_addr;

ptrace_state_t *state_addr;

char *buf_addr;

size_t event_len, state_len;

int filed[2];

child()

{

int n, bar;

close(filed[1]);

/* Wait for parent to write to pipe */

while ((n = read(filed[0], &bar, BUFSIZ)) == 0);

/* Now the child can exec. */

if (execlp("ls", "ls", (char *)0) < 0) /* error during exec */

Section 2−−258 Hewlett-Packard Company − 5 − HP-UX 11i Version 1: September 2005