Hello,
I'm trying to obtain process memory contents using ptrace( ) on FreeBSD 4.7. I know this is neither portable nor clean, yet I'd really like to get it to work... I read the manual help page and did a google search, but couldn't find anything helpful.
First, the code I'm using to read an integer:
#include <sys/types.h>
#include <sys/ptrace.h>
#include <sys/wait.h>
#include <unistd.h>
#include <signal.h>
#include <errno.h>
#include <stdio.h>
#define ERR( msg, pid ) do { \
fprintf( stderr, "%s: %s (errno = %d)\n", \
msg, strerror( errno ), errno ); \
waitpid( pid, NULL, 0 ); \
return 1; \
} while( 0 );
int main( ) {
pid_t child;
int i;
child = fork( );
if( child == -1 ) {
perror( "fork" );
return 1;
} else if( child == 0 ) {
execl( "./foobar", NULL );
perror( "execl" );
return 1;
}
printf( "Attaching to %d\n", child );
rc = ptrace( PT_ATTACH, child, ( void* )0, 0 );
if( rc == -1 ) {
ERR( "ptrace", child );
}
printf( "Stopping...\n" );
if( kill( child, SIGSTOP ) != 0 ) {
ERR( "kill", child );
}
printf( "Attempting to read...\n" );
rc = ptrace( PT_READ_I, child, ( void* )0, 0 );
if( rc == -1 ) {
ERR( "ptrace", child );
}
printf( "0x0: %d\n", rc );
return 0;
}
And the source for the exec'd ``foobar'':
#include <unistd.h>
int main( ) {
pause( );
return 0;
}
The output I get when I execute the program is this:
Attaching to 5994
Stopping...
Attempting to read...
ptrace: Device busy (errno = 16)
I have tried several variations using PT_READ_I and PT_READ_D (although my manual help page states these are identical on FreeBSD), using several addresses - I always get this error.
Can anyone see what I'm doing wrong here?
Thanks in advance.