0

I'm trying to write a program to do ptrace(PTRACE_ATTACH, pid, nullptr, nullptr) but it returns -1 and errno is 3 (No such process). The tracee are running and kicked off by me so I guess the tracer should have permission. What should I do then?

Also ptrace seems to be on per-thread basis. Is there easy way to get all the thread ids given a process id? Only way is to check /proc/{pid}/task/{tid}? How to catch thread creation?

Nemus
  • 3,879
  • 12
  • 38
  • 57
Xiao Wu
  • 45
  • 5

1 Answers1

0

You can catch thread creation using ptrace(PTRACE_SETOPTIONS, pid, nullptr, PTRACE_O_TRACECLONE). I'd suggest carefully reading man 2 ptrace.

PTRACE_ATTACH might fail for numerous reasons. Try running your process as root with sudo.

Mark Segal
  • 5,427
  • 4
  • 31
  • 69