Re: How to trace a process with ptrace when it forks a new process ?

On Tue, 22 Jan 2008 16:57:55 -0800 John Reiser <jreiser@xxxxxxxxxxxx> wrote:
|> Basically, what I want to do is: to trace a process,
|> to trace its child too, if the process forks a child,
|> and so on.
| Examine the source code to the utility program /usr/bin/strace .
| See how strace handles its "-f" commandline option, which
| "follows" all descendents.

What is the knowledge basis on which the strace utility was developed?

When I recommend people to look at the source code of how something else
achieves a goal, I generally try to find something that does just that in
a simple way. In the case of strace, it is a very large and complex code
that does a whole lot of stuff. That doesn't mean the solution cannot be
found within it's source code. It just means it can be harder to find.
If all of the handling of something like that is in one place, that might
make it easy. But some things in some programs end up with the way to do
something scattered about in the whole infrastructure of the program, and
that can be nearly impossible to see, especially given the poor level of
commenting most open source has (comments more intended to remind the
programmer what a strange piece of code is doing, rather than explain to
the general reader what everything is doing). I have not specically
looked at the strace source, so it might be one of the few exceptions to
to the wide rule I have seen.

It would still be helpful for documents that explain how something is to
be used, rather than depend on the source code of something else. In the
above case, it is obvious that strace will have to ptrace the child when
the -f option is in effect. But a correct document will generally be the
better way, even if it is a book to buy. Where did the strace writers

| Phil Howard KA9WGN ( / Do not send to the address below |
| first name lower case at / spamtrap-2008-01-23-0739@xxxxxxxx |