PTRACE(II) 1/25/75 PTRACE(II) NAME ptrace - process trace SYNOPSIS (ptrace = 26.; not in assembler) (data in r0) sys ptrace; pid; addr; request (value in r0) ptrace(request, pid, addr, data); DESCRIPTION Ptrace provides a means by which a parent process may control the execution of a child process, and examine and change its core image. Its primary use is for the implementation of breakpoint debugging, but it should be adaptable for simulation of non-UNIX environments. There are four arguments whose interpretation depends on a request argument. Generally, pid is the process ID of the traced process, which must be a child (no more distant descendant) of the tracing process. A process being traced behaves normally until it encounters some signal whether internally generated like ``illegal instruction'' or externally generated like ``interrupt.'' See signal (II) for the list. Then the traced process enters a stopped state and its parent is notified via wait (II). When the child is in the stopped state, its core image can be examined and modified using ptrace. If desired, another ptrace request can then cause the child either to terminate or to continue, possibly ignoring the signal. The value of the request argument determines the precise action of the call: 0 This request is the only one used by the child process; it declares that the process is to be traced by its parent. All the other arguments are ignored. Peculiar results will ensue if the parent does not expect to trace the child. 1,2 The word in the child process's address space at addr is returned (in r0). Request 1 indicates the data space (normally used); 2 indicates the instruction space (when I and D space are separated). addr must be even. The child must be stopped. The input data is ignored. 3 The word of the system's per-process data area corresponding to addr is returned. Addr must be even and less than 512. This space contains the registers and other information about the process; its layout corresponds to the user structure in the system. 4,5 The given data is written at the word in the process's address space corresponding to addr, which must be even. No useful value is returned. Request 4 specifies data space (normally used), 5 specifies instruction space. Attempts to write in pure procedure result in termination of the child, instead of going through or causing an error for the parent. 6 The process's system data is written, as it is read with request 3. Only a few locations can be written in this way: the general registers, the floating point status and registers, and certain bits of the processor status word. 7 The data argument is taken as a signal number and the child's execution continues as if it had incurred that signal. Normally the signal number will be either 0 to indicate that the signal which caused the stop should be ignored, or that value fetched out of the process's image indicating which signal caused the stop. 8 The traced process terminates. As indicated, these calls (except for request 0) can be used only when the subject process has stopped. The wait call is used to determine when a process stops; in such a case the ``termination'' status returned by wait has the value 0177 to indicate stoppage rather than genuine termination. To forestall possible fraud, ptrace inhibits the set-user-id facility on subsequent exec (II) calls. SEE ALSO wait (II), signal (II), cdb (I) DIAGNOSTICS From assembler, the c-bit (error bit) is set on errors; from C, -1 is returned and errno has the error code. BUGS The request 0 call should be able to specify signals which are to be treated normally and not cause a stop. In this way, for example, programs with simulated floating point (which use ``illegal instruction'' signals at a very high rate) could be efficiently debugged. Also, it should be possible to stop a process on occurrence of a system call; in this way a completely controlled environment could be provided.