Detach process on execve syscall

-b syscall option can be used to instruct strace to detach process when specified syscall is executed. However, currently only execve is supported. Check following program code (the code is from here):

# cat myecho.c
#include <stdio.h>
#include <stdlib.h>

int main(int argc, char *argv[])
{
    int j;

    for (j = 0; j < argc; j++)
       printf("argv[%d]: %s\n", j, argv[j]);

   exit(EXIT_SUCCESS);
}

# cat execve.c
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

int main(int argc, char *argv[])
{
    char *newargv[] = { NULL, "hello", "world", NULL };
    char *newenviron[] = { NULL };

    if (argc != 2) {
        fprintf(stderr, "Usage: %s <file-to-exec>\n", argv[0]);
        exit(EXIT_FAILURE);
    }

    newargv[0] = argv[1];

    execve(argv[1], newargv, newenviron);
    perror("execve");   /* execve() returns only on error */
    exit(EXIT_FAILURE);
}

Compile them:

# gcc myecho.c -o myecho
# gcc execve.c -o execve

Observer the output of using -b:

# strace -b execve ./execve myecho
execve("./execve", ["./execve", "myecho"], 0x7ffe49f7edf8 /* 21 vars */) = 0
......
munmap(0x7f648b836000, 98317)           = 0
execve("myecho", ["myecho", "hello", "world"], 0x7ffeb1908d28 /* 0 vars */strace: Process 8287 detached
 <detached ...>
argv[0]: myecho
argv[1]: hello
argv[2]: world

The log shows that strace detached the process once execve is executed. -b can be combined use with -f to ignore some insignificant child processes during debugging (please refer Trace child processes section).

Detach process on execve syscall

Detach process on execve syscall

results matching ""

No results matching ""