What did i do? I ran qemu-x86_64 -singlestep -d nochain,cpu ./dummy to dump all the registers of a dummy program after each instruction and used grep to save all the RIP values into a text file (qemu_rip_dump.txt). I then singlestepped the dummy program with ptrace and dumped the RIP values after each instruction into another textfile (ptrace_rip_dump.txt). I then compared
Tag: ptrace
How to detach from process, so that it can be traced by another process?
Program steps: Create child process by fork and call execv inside it Ptrace attach to child process Do something with ptrace Detach from child execute gdb -p child_pid But when gdb starts, it writes that child process is already tracked. How to detach from traced process, so that it can be traced by another process? Code that do things above
Ptrace prevents signal from interrupting pselect() in traced process
I’m trying to monitor syscalls for a binary using ptrace. The binary sleeps in pselect() and without ptrace, a SIGQUIT makes it return from pselect. The mask of blocked signals passed to pselect includes SIGQUIT. When executed with ptrace, it exits from sys_pselect6 but not all the way out of glibc’s pselect. What am I doing that prevents sys_pselect6 from