maxbla
commented
6 months ago How does this interact with ptrace debugging? Specifically can you still use e.g. gdb with a program run with tardis (since it will now be ptracing itself)?
Open bigb4ng opened 6 months ago
maxbla
commented
6 months ago How does this interact with ptrace debugging? Specifically can you still use e.g. gdb with a program run with tardis (since it will now be ptracing itself)?
bigb4ng
commented
6 months ago @maxbla Hey! I haven't changed tracer-tracee relationship. Tardis is not ptracing it's main thread, just sets up child thread as a tracee (and parent as tracer) before calling execve. This was just a stylistic choice that simplified code a little.
As before, you can debug tardis, but not a program run with it.
Closes #6.
In order to disable vDSOI replace the
AT_SYSINFO_EHDRtag in traceeauxvwithAT_IGNOREas suggested by this gist.To do that I first assume the rsp will point to argc after execve call. Then I find
auxvatrsp + argc + argc*wordsize (argv[]) + envp (skip until first NULL). A simple iteration should yieldAT_SYSINFO_EHDR😎Some related and unrelated changes:
ptracemagic to separateptrace.c.