How to use PTRACE to get a consistent view of multiple threads?

Question

While I was working on this question, I\'ve come across a possible idea that uses ptrace, but I\'m unable to get a proper understanding of how ptrace

Answer 1

Does it stop all the process's threads?

Yes It traces the process, all threads of this process are stop. Imagine it it wasn't how could you see the dirfferent thread in your IDE.

from the manual:

The ptrace() system call provides a means by which one process (the "tracer") may observe and control the execution of another process (the "tracee")

Example code to attach:

printf("Attaching to process %d\n",Tpid);
if ((ptrace(PTRACE_ATTACH, Tpid, 0, 0)) != 0) {;
    printf("Attach result %d\n",res);
}

So yes you are atached to a thread and yes it stops all the threads of the process.

if ((res = ptrace(PTRACE_SINGLESTEP, Tpid, 0, signo)) < 0) {
perror("Ptrace singlestep error");
exit(1);
}
res = wait(&stat);

maybe see here : http://www.secretmango.com/jimb/Whitepapers/ptrace/ptrace.html