Alexander Nasonov wrote: > Christos Zoulas wrote: > > Should not be that hard, but what is that tool reading from PEEKUSER? > > Registers? > > In both cases it reads from user_regs_struct, if I understand everything > correctly. But it's the first step, the tool would definitely try other > things if PEEKUSER didn't fail. In fact, I'm not sure that thing would > work at all because it's a dynamic instrumentation tool called Pin. It > updates code on the fly.
OK, I implemented reading orig_ax by PEEKUSER. It fixed ptrace failure but it added two problems: 1. I had to disable compat_linux32 to fix compilation. I need to make linux_sys_ptrace_arch multiarch-aware. 2. PEEKUSER didn't change anything. The tool still detaches its child and exits. I can't debug to see what's going on, gdb receives SIGUSR1 from the tool. I suspect PEEKUSER returns unexpected value. Alex