Debugging using ptrace

Ptrace is a system call provided in unix for one process to take control of another process to debug errors or bugs in the system

The process under control can be run step by step and its memory can be read and modified.

int sys_ptrace(long request, long pid, long addr, long data);

the function processes various request defined in the parameter request and pid indicates the process id of the process to be controlled.

Using the request PTRACE_TRACEME, a process can specify that its parent process controls iut via ptrace().


Popular Posts