Is there a way in which we can notify the tracer (parent process) when the tracee (child process) executes a branch instruction?
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
As we know, the ptrace system call is one of the most powerful system calls in unix-like systems. All debugging software use ptrace for monitoring and manipulating another process, i.e. tracee. Using ptrace, we can track read/write system call in the tracee process. I ask, can we use ptrace in order to monitor the tracee and notify the tracer only when the tracee executes a branch instruction? Is this possible? if not, can we notify the tracer when a specific instruction at a specific address is executed?
PTRACE_SINGLESTEP is not appropriate to be used in my case because it leads to performance degradation.
Thanks for any help.
kernel signals debugging syscalls ptrace
asked Mar 6 at 8:02
husin alhaj ahmade
458
add a comment |Â
up vote
1
down vote
favorite
As we know, the ptrace system call is one of the most powerful system calls in unix-like systems. All debugging software use ptrace for monitoring and manipulating another process, i.e. tracee. Using ptrace, we can track read/write system call in the tracee process. I ask, can we use ptrace in order to monitor the tracee and notify the tracer only when the tracee executes a branch instruction? Is this possible? if not, can we notify the tracer when a specific instruction at a specific address is executed?
PTRACE_SINGLESTEP is not appropriate to be used in my case because it leads to performance degradation.
Thanks for any help.
kernel signals debugging syscalls ptrace
asked Mar 6 at 8:02
husin alhaj ahmade
458
add a comment |Â
up vote
1
down vote
favorite
up vote
1
down vote
favorite
As we know, the ptrace system call is one of the most powerful system calls in unix-like systems. All debugging software use ptrace for monitoring and manipulating another process, i.e. tracee. Using ptrace, we can track read/write system call in the tracee process. I ask, can we use ptrace in order to monitor the tracee and notify the tracer only when the tracee executes a branch instruction? Is this possible? if not, can we notify the tracer when a specific instruction at a specific address is executed?
PTRACE_SINGLESTEP is not appropriate to be used in my case because it leads to performance degradation.
Thanks for any help.
kernel signals debugging syscalls ptrace
asked Mar 6 at 8:02
husin alhaj ahmade
458
As we know, the ptrace system call is one of the most powerful system calls in unix-like systems. All debugging software use ptrace for monitoring and manipulating another process, i.e. tracee. Using ptrace, we can track read/write system call in the tracee process. I ask, can we use ptrace in order to monitor the tracee and notify the tracer only when the tracee executes a branch instruction? Is this possible? if not, can we notify the tracer when a specific instruction at a specific address is executed?
PTRACE_SINGLESTEP is not appropriate to be used in my case because it leads to performance degradation.
Thanks for any help.
kernel signals debugging syscalls ptrace
asked Mar 6 at 8:02
husin alhaj ahmade
458
asked Mar 6 at 8:02
husin alhaj ahmade
458
asked Mar 6 at 8:02
husin alhaj ahmade
458
asked Mar 6 at 8:02
husin alhaj ahmade
458
458
add a comment |Â
add a comment |Â
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f428435%2fis-there-a-way-in-which-we-can-notify-the-tracer-parent-process-when-the-trace%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
