How to trace a program execution with ptrace?

Question

I've been trying to use the system call "ptrace" (using the PTRACE_SINGLESTEP macro) to trace the execution of a simple application.

While recording the execution of the program I would like to skip the useless part of the reading to only follow from the 'main' of my application. Because whenever I launch my tracer I get around 100k execution steps.

Cordialy

Could you share your original program, which prints every executed address? I have no ptrace experience and I would be interested to examine such a simple example of its usage. — eschulte, Dec 14 '11 at 02:31

score 3 · Accepted Answer · answered May 25 '11 at 21:36

3

You may want to insert a breakpoint at main entry, wait for a SIGTRAP to arrive, restore the instruction under the breakpoint, and single-step from there.

answered May 25 '11 at 21:36

ninjalj

42,493
9
106
148

How to trace a program execution with ptrace?

1 Answers1

Linked