Comments on: Linux’s ptrace API sucks! http://blog.codef00.com/2008/01/29/linuxs-ptrace-api-sucks/ Just some thoughts from a computer geek Thu, 05 Jan 2012 18:32:24 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Blog » Blog Archive » EDM Ollydbg for Linux http://blog.codef00.com/2008/01/29/linuxs-ptrace-api-sucks/comment-page-1/#comment-7364 Blog » Blog Archive » EDM Ollydbg for Linux Sun, 30 Jan 2011 15:31:12 +0000 http://www.blog.codef00.com/2008/01/29/linuxs-ptrace-api-sucks/#comment-7364 [...] looks nice. only thing is the ptrace interface he’s (understandable) struggling [...] [...] looks nice. only thing is the ptrace interface he’s (understandable) struggling [...]

]]> By: Rodrigo (BSDaemon) http://blog.codef00.com/2008/01/29/linuxs-ptrace-api-sucks/comment-page-1/#comment-496 Rodrigo (BSDaemon) Sun, 29 Mar 2009 18:48:21 +0000 http://www.blog.codef00.com/2008/01/29/linuxs-ptrace-api-sucks/#comment-496 Hello, Nice article ;) Just a comment: System Tap is designed for kernel debugging (of course you can see what the program is doing, but it will give you an overview of the kernel-mode execution of it) whereas ptrace is for user-mode debugging... Ptrace completely sucks mainly because nobody really knows it inner functionality anymore. I mean, the developers are just keeping it working, but the low-level interfaces with the hardware are mainly unknow and everybody is afraid of new patches (even for supporting new architectures) because of that. Regards, Hello,

Nice article ;)

Just a comment: System Tap is designed for kernel debugging (of course you can see what the program is doing, but it will give you an overview of the kernel-mode execution of it) whereas ptrace is for user-mode debugging…

Ptrace completely sucks mainly because nobody really knows it inner functionality anymore. I mean, the developers are just keeping it working, but the low-level interfaces with the hardware are mainly unknow and everybody is afraid of new patches (even for supporting new architectures) because of that.

Regards,

]]> By: Marlow http://blog.codef00.com/2008/01/29/linuxs-ptrace-api-sucks/comment-page-1/#comment-495 Marlow Tue, 17 Mar 2009 21:07:56 +0000 http://www.blog.codef00.com/2008/01/29/linuxs-ptrace-api-sucks/#comment-495 PS. It doesn't use ptrace-it uses kprobes, which does not guarantee catching of exit calls. Kprobes allow you to catch any global system call, whereas ptrace seems geared mainly to signals. Also, if you are using a diskless system and trying to transfer stuff over the wire and need a binary form for speed, systemtap is useless. PS. It doesn’t use ptrace-it uses kprobes, which does not guarantee catching of exit calls. Kprobes allow you to catch any global system call, whereas ptrace seems geared mainly to signals.

Also, if you are using a diskless system and trying to transfer stuff over the wire and need a binary form for speed, systemtap is useless.

]]> By: Marlow http://blog.codef00.com/2008/01/29/linuxs-ptrace-api-sucks/comment-page-1/#comment-494 Marlow Tue, 17 Mar 2009 21:05:22 +0000 http://www.blog.codef00.com/2008/01/29/linuxs-ptrace-api-sucks/#comment-494 So what do you recommend in finding the ptrace documentation necessary for this? I'm having one hell of a time. FWIW, systemtap is nice and all, but you have to build a new module for each stupid set of options you want to use. Furthermore, you need to patch the kernel in order to use the markers version. There is hope on the horizon for people who don't need these abilities now-there is a new in-kernel package called cgroup, although it had definite problems the first time I tried to use it (and I need the 2.6.15 kernel). So what do you recommend in finding the ptrace documentation necessary for this? I’m having one hell of a time.

FWIW, systemtap is nice and all, but you have to build a new module for each stupid set of options you want to use. Furthermore, you need to patch the kernel in order to use the markers version.

There is hope on the horizon for people who don’t need these abilities now-there is a new in-kernel package called cgroup, although it had definite problems the first time I tried to use it (and I need the 2.6.15 kernel).

]]> By: Evan Teran http://blog.codef00.com/2008/01/29/linuxs-ptrace-api-sucks/comment-page-1/#comment-489 Evan Teran Sun, 07 Dec 2008 03:36:38 +0000 http://www.blog.codef00.com/2008/01/29/linuxs-ptrace-api-sucks/#comment-489 at first glance, systemtap looks pretty cool. Though I think it is trying to fill a different void than the ptrace API. I would imagine that systemtap is implemented using ptrace and provides a nicer abstraction (which is a good thing and ptrace is deeply annoying). Maybe I'll take a look at the source and see what techniques they use. Thanks. at first glance, systemtap looks pretty cool. Though I think it is trying to fill a different void than the ptrace API. I would imagine that systemtap is implemented using ptrace and provides a nicer abstraction (which is a good thing and ptrace is deeply annoying). Maybe I’ll take a look at the source and see what techniques they use.

Thanks.

]]> By: cyphunk http://blog.codef00.com/2008/01/29/linuxs-ptrace-api-sucks/comment-page-1/#comment-488 cyphunk Sun, 07 Dec 2008 00:30:08 +0000 http://www.blog.codef00.com/2008/01/29/linuxs-ptrace-api-sucks/#comment-488 aaaah, yes. I tried to erase from my memory all that you have thus documented here, for good reason. Tell me, other that utrace, whats your opinion on something like <a href="http://sourceware.org/systemtap/examples/" rel="nofollow">SystemTap</a>? aaaah, yes. I tried to erase from my memory all that you have thus documented here, for good reason. Tell me, other that utrace, whats your opinion on something like SystemTap?

]]> By: cyphunk http://blog.codef00.com/2008/01/29/linuxs-ptrace-api-sucks/comment-page-1/#comment-245 cyphunk Mon, 16 Jun 2008 16:39:48 +0000 http://www.blog.codef00.com/2008/01/29/linuxs-ptrace-api-sucks/#comment-245 thanks for the concise overview of complaints, and some junk im dealing with finding a workaround for now. i guess ill go dig in your code to find a solution ,) thanks for the concise overview of complaints, and some junk im dealing with finding a workaround for now. i guess ill go dig in your code to find a solution ,)

]]> By: freenity http://blog.codef00.com/2008/01/29/linuxs-ptrace-api-sucks/comment-page-1/#comment-127 freenity Wed, 05 Mar 2008 16:34:42 +0000 http://www.blog.codef00.com/2008/01/29/linuxs-ptrace-api-sucks/#comment-127 Oh man thanks for this great debugger :) I love ollybdg and that's exactly what linux needs a good debugger. Thanks again and keep with the project Good luck Oh man thanks for this great debugger :)
I love ollybdg and that’s exactly what linux needs a good debugger.
Thanks again and keep with the project
Good luck

]]>