0
static inline int set_hw_br(pid_t tracee, dr7_t *pdr7, void *addr, int dr_index)
{
    errno = 0;
    printf("LINE = %d <pid> %d, dr_index= %d\n",__LINE__, tracee, dr_index);
    if (ptrace(PTRACE_POKEUSER, tracee, offsetof(struct user, u_debugreg[dr_index]), addr))
    {
        printf("22  errno = %d\n", errno);
        return -1;
    }
    if (ptrace(PTRACE_POKEUSER, tracee, offsetof(struct user, u_debugreg[7]), *pdr7))
    {
        printf("33 errno = %d\n", errno);
        return -1;
    }
}


void tracer_actions(void *tracked_add, fn_ptr debug_handler)
//void tracer_actions()
{
    int status = 0;
    int signal_catch_cnt = 0;
    int exit_cnt = 0;
    int sig_cnt = 0;
    int stop_cnt = 0;
    int trap_stop_cnt = 0;
    int cnt = 0;
    int *pNum = tracked_add;
    int trap_cnt= 0;
    pid_t child_waited = -1;
    if(g_arg_params.debugee_tid)
    {
        if(-1L == ptrace(PTRACE_ATTACH, g_arg_params.debugee_tid, NULL))
        {
            printf("MKH_ATTACH-FAIL err =%s debugee<tid> %d debuger <tid>%d\n",
                    strerror(errno), g_arg_params.debugee_tid,
                    g_arg_params.debuger_tid);
            return ;

        }
        else
            printf("Ptrace attached passed...\n");
        /*
           if(ptrace(PTRACE_SETOPTIONS, g_arg_params.debugee_tid, NULL, ptraceOption))
           {
           printf("Error, ptrace(PTRACE_SETOPTIONS, failed with %d\n", errno);
           }
         */
        /* DRs modification through ptrace and ptarce detach the child */
        dr7_t dr7 = {0};
        dr7.l0 = 1;
        dr7.rw0 = DR7_BREAK_ON_WRITE;
        dr7.len0 = DR7_LEN_4;

        set_hw_br(g_arg_params.debugee_tid, &dr7, &g_var_x, 0);
        /* Continue the tracee thread */
        if (ptrace(PTRACE_CONT, g_arg_params.debugee_tid, NULL, NULL))
        {
            printf("44\n");
        }

    }
}

I am using this POC code to attach 100 numbers of threads that are created from a single process (some threads are creating new threads also). here I am observing that: PTRACE_ATTACH is successful. but when ever I am calling PTRACE_POKEUSER, I am getting error ESRCH (Process not found). Any idea, PTRCE_ATTACH is passed, but why PTRACE_POKEUSER is failed?

{EDIT} Made code minimal: No need to go the code, My qus is more theoritical

iDebD_gh
  • 364
  • 5
  • 18
  • TL;DR! Please make a [***Minimal***, Complete, and Verifiable example](http://stackoverflow.com/help/mcve). Or at least narrow down the code show to only the minimal relevant parts. – Some programmer dude Mar 26 '14 at 09:52
  • ESRCH can be returned if the target isn't stopped. PTRACE_ATTACH won't necessarily immediately stop the target thread. The man page suggests using waitpid() to wait for it to stop. – Mark Plotnick Mar 26 '14 at 20:22
  • I Added following line after Ptrace attach: `pid_t w = waitpid(pid, NULL, WUNTRACED); if(-1 == w) printf("MKH: waitpid failed....err=%d\n", errno);` But problem was still there, waitpid was failing with error code :10-child process not found, surprisingly I added `usleep(100)` afetr ptrace_attach and it worked. Note: My problem is more complex, I am trying to add a debugger in a large project, which craetes 100+ thread at start and I have to attach all threads. – iDebD_gh Mar 27 '14 at 11:23

0 Answers0