08-22-2004, 09:45 PM
I'm currently doin a simple program on how to use PTRACE library.
I've succeeded in knowing the system calls called whenever a UNIX command is invoked (let say "ls -l" will call system call SYS_open).

But I'm having trouble in finding out the arguments (or parameter list) for each system call made.
I read in http://www.cs.rit.edu/~hpb/Man/_Man_SunOS_4.1.3_html/html2/ptrace.2.html that this IS possible...

... At this point the arguments to the system call may be inspected in the process user structure using the PTRACE_PEEKUSER request. The system call number is available in place of the 8th argument...

But I really had having hard time understanding the user structure.
Does anyone know how to use it to extract the system call argument list?
Note that I'm not on Sun or BSD machine, so I can't use any of the <kvm.h> functions.

Thanks :)

08-23-2004, 06:54 AM
You quote from a manual page which refers to SunOS.
Then you say you're not using SunOS.

In fact, it remains an assumption that you're using Linux, since you only state two machines you're not using.

1. Read the manual page for the machine you're actually running on.
2. State your machine and compiler when you post something massively implementation specific as this.
3. Post some actual code you tried, not some cut/paste of a manual page we're all perfectly capable of reading for ourselves.