以下是一个小示例跟踪程序的代码:
int main (int argc, const char * argv[])
{
cout<<getpid()<<endl;
int* array = new int[100];
memset(array, 0, 100*sizeof(int));
for(int i=0;i<10;++i){
array[i]=i;
printf("array address[%d]:%x\n",i,array+i);
}
int index;
while(cin>>index){
if(index<0||index>100)continue;
array[index] = array[index]*10;
}
return 0;
}
将程序另存为 dummy.c。编译并运行它:./dummy
在输出中,我得到数组 [1] 的地址:0x100046,其值为 1。
然后,使用以下代码附加到虚拟对象:
unsigned long addr = 0x100046
if(ptrace(PT_ATTACH, child,NULL, NULL)==-1)
printf("Attach Failed!");
wait(NULL);
long data = ptrace(PT_READ_D, child, (void*)addr, 0); // after reading data always is -1, it should be 1 according dummy application