本文整理汇总了Golang中syscall.PtraceSetOptions函数的典型用法代码示例。如果您正苦于以下问题:Golang PtraceSetOptions函数的具体用法?Golang PtraceSetOptions怎么用?Golang PtraceSetOptions使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了PtraceSetOptions函数的14个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: addThread
// Attach to a newly created thread, and store that thread in our list of
// known threads.
func (dbp *Process) addThread(tid int, attach bool) (*Thread, error) {
if thread, ok := dbp.Threads[tid]; ok {
return thread, nil
}
var err error
if attach {
dbp.execPtraceFunc(func() { err = sys.PtraceAttach(tid) })
if err != nil && err != sys.EPERM {
// Do not return err if err == EPERM,
// we may already be tracing this thread due to
// PTRACE_O_TRACECLONE. We will surely blow up later
// if we truly don't have permissions.
return nil, fmt.Errorf("could not attach to new thread %d %s", tid, err)
}
pid, status, err := wait(tid, dbp.Pid, 0)
if err != nil {
return nil, err
}
if status.Exited() {
return nil, fmt.Errorf("thread already exited %d", pid)
}
}
dbp.execPtraceFunc(func() { err = syscall.PtraceSetOptions(tid, syscall.PTRACE_O_TRACECLONE) })
if err == syscall.ESRCH {
_, _, err = wait(tid, dbp.Pid, 0)
if err != nil {
return nil, fmt.Errorf("error while waiting after adding thread: %d %s", tid, err)
}
dbp.execPtraceFunc(func() { err = syscall.PtraceSetOptions(tid, syscall.PTRACE_O_TRACECLONE) })
if err != nil {
return nil, fmt.Errorf("could not set options for new traced thread %d %s", tid, err)
}
}
dbp.Threads[tid] = &Thread{
Id: tid,
dbp: dbp,
os: new(OSSpecificDetails),
}
if dbp.CurrentThread == nil {
dbp.CurrentThread = dbp.Threads[tid]
}
return dbp.Threads[tid], nil
}
示例2: read_ptrace_events
func read_ptrace_events(args []string) (*exec.Cmd, func() *syscall.PtraceRegs) {
cmd := exec.Command(args[0], args[1:]...)
cmd.SysProcAttr = &syscall.SysProcAttr{Ptrace: true}
cmd.Stdin = os.Stdin
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
err := cmd.Start()
if err != nil {
panic(err)
}
_, err = cmd.Process.Wait()
if err != nil {
panic(err)
}
child := cmd.Process.Pid
err = syscall.PtraceSetOptions(child, syscall.PTRACE_O_TRACESYSGOOD)
if err != nil {
panic(err)
}
var regs syscall.PtraceRegs
return cmd, func() *syscall.PtraceRegs {
err = syscall.PtraceSyscall(child, 0)
if err != nil {
panic(err)
}
state, err := cmd.Process.Wait()
if err != nil {
panic(err)
}
waitstatus, ok := state.Sys().(syscall.WaitStatus)
if !ok {
panic(err)
}
if waitstatus.Exited() {
// Process quit
return nil
}
if !waitstatus.Stopped() {
panic("Not handled: process isn't sigstopped!")
}
sig := waitstatus.StopSignal()
if sig&0x80 == 0 {
// Not something we're build to handle
// High bit should be set for syscalls because of PTRACE_O_SYSGOOD
return nil
}
err = syscall.PtraceGetRegs(child, ®s)
if err != nil {
panic(err)
}
return ®s
}
}
示例3: Run
func (t *tracerImpl) Run() (err error) {
if t.cmd.SysProcAttr == nil {
t.cmd.SysProcAttr = &syscall.SysProcAttr{Ptrace: true}
} else {
t.cmd.SysProcAttr.Ptrace = true
}
runtime.LockOSThread()
if err = t.cmd.Start(); err != nil {
return
}
var waitStatus syscall.WaitStatus
if _, err = syscall.Wait4(t.cmd.Process.Pid, &waitStatus, 0, nil); err != nil {
return
}
if waitStatus.Exited() {
return
}
// Set options to detect our syscalls
if err = syscall.PtraceSetOptions(t.cmd.Process.Pid, syscall.PTRACE_O_TRACESYSGOOD); err != nil {
return
}
var regsEntry, regsExit syscall.PtraceRegs
// Get first syscall
if err = syscall.PtraceGetRegs(t.cmd.Process.Pid, ®sEntry); err != nil {
return
}
var exited bool
for {
if exited, err = wait_for_syscall(t.cmd.Process.Pid); exited || err != nil {
return
}
// Get syscall info
if err = syscall.PtraceGetRegs(t.cmd.Process.Pid, ®sEntry); err != nil {
return
}
// Enter syscall
t.callback(regsEntry, false)
if exited, err = wait_for_syscall(t.cmd.Process.Pid); exited || err != nil {
return
}
// Get syscall returned value
if err = syscall.PtraceGetRegs(t.cmd.Process.Pid, ®sExit); err != nil {
return
}
t.callback(regsExit, true)
}
}
示例4: handleStopped
func (t *PTracer) handleStopped(pid int, status syscall.WaitStatus) {
signal := syscall.Signal(0)
target, err := t.thread(pid)
if err != nil {
log.Printf("thread failed: %v", err)
return
}
if !target.attached {
target.attached = true
err = syscall.PtraceSetOptions(pid, ptraceOptions)
if err != nil {
log.Printf("SetOptions failed, pid=%d, err=%v", pid, err)
return
}
} else if status.Stopped() && status.StopSignal() == syscall.SIGTRAP|ptraceTracesysgoodBit {
// pid entered Syscall-enter-stop or syscall-exit-stop
target.syscallStopped()
} else if status.Stopped() && status.StopSignal() == syscall.SIGTRAP {
// pid entered PTRACE_EVENT stop
switch status.TrapCause() {
case syscall.PTRACE_EVENT_CLONE:
err := target.handleClone(pid)
if err != nil {
log.Printf("clone failed: %v", err)
return
}
default:
log.Printf("Unknown PTRACE_EVENT %d for pid %d", status.TrapCause(), pid)
}
} else if status.Exited() || status.Signaled() {
// "tracer can safely assume pid will exit"
t.threadExited(target)
return
} else if status.Stopped() {
// tracee received a non-trace related signal
signal = status.StopSignal()
if signal == syscall.SIGSTOP && target.process.detaching {
t.detachThread(target)
return
}
} else {
// unknown stop - shouldn't happen!
log.Printf("Pid %d random stop with status %x", pid, status)
}
// Restart stopped caller in syscall trap mode.
// log.Printf("Restarting pid %d with signal %d", pid, int(signal))
err = syscall.PtraceSyscall(pid, int(signal))
if err != nil {
log.Printf("PtraceSyscall failed, pid=%d, err=%v", pid, err)
}
}
示例5: traceSyscalls
// traceSyscalls executes a command exec with the arguments args and calls
// the function callback for every syscall executed by the command's process.
func traceSyscalls(proc *os.Process, state func(pid int, regs *syscall.PtraceRegs)) {
// flags used with ptrace
const flags = syscall.PTRACE_O_TRACEVFORK |
syscall.PTRACE_O_TRACEFORK |
syscall.PTRACE_O_TRACECLONE |
syscall.PTRACE_O_TRACEEXEC |
syscall.PTRACE_O_TRACESYSGOOD
if err := syscall.PtraceSetOptions(proc.Pid, flags); err != nil {
log.Fatal("PtrageSetOptions", err)
}
if err := syscall.PtraceSyscall(proc.Pid, 0); err != nil {
log.Fatalf("PtraceCont: %v", err)
}
for {
signal := 0
pid, status, err := wait(-1)
if err != nil {
break
}
if status.Exited() || status.Signaled() {
continue
}
if status.Stopped() {
switch waitEvent(status) {
case EventFork, EventVFork, EventClone, EventExec:
if cpid, err := syscall.PtraceGetEventMsg(pid); err == nil {
log.Printf("process %d created new process %d", pid, cpid)
}
default:
if stopSignal := status.StopSignal(); stopSignal&0x7f != syscall.SIGTRAP {
signal = int(stopSignal)
}
var regs syscall.PtraceRegs
if syscall.PtraceGetRegs(pid, ®s) == nil {
state(pid, ®s)
}
}
}
syscall.PtraceSyscall(pid, signal)
}
}
示例6: main
func main() {
log.SetFlags(0)
log.SetPrefix("ministrace: ")
flag.Usage = usage
flag.Parse()
if flag.NArg() < 1 {
usage()
}
args := flag.Args()
exec, err := exec.LookPath(args[0])
if err == nil {
args[0] = exec
}
proc, err := os.StartProcess(args[0], args, &os.ProcAttr{
Files: []*os.File{os.Stdin, os.Stdout, os.Stderr},
Env: os.Environ(),
Sys: &syscall.SysProcAttr{
Ptrace: true,
Pdeathsig: syscall.SIGCHLD,
},
})
ck(err)
syscall.PtraceSetOptions(proc.Pid, syscall.PTRACE_O_TRACESYSGOOD)
for {
if waitSyscall(proc) {
break
}
var regs syscall.PtraceRegs
syscall.PtraceGetRegs(proc.Pid, ®s)
fmt.Printf("%s = ", xsys(regs.Orig_rax))
if waitSyscall(proc) {
break
}
syscall.PtraceGetRegs(proc.Pid, ®s)
fmt.Printf("%#x\n", regs.Rax)
}
}
示例7: Tracer
func Tracer() {
var train = false
var cmd string
var cmdArgs []string
var p *oz.Profile
var noprofile = flag.Bool("train", false, "Training mode")
var debug = flag.Bool("debug", false, "Debug")
var appendpolicy = flag.Bool("append", false, "Append to existing policy if exists")
var trainingoutput = flag.String("output", "", "Training policy output file")
flag.Parse()
var args = flag.Args()
if *noprofile == true {
train = true
// TODO: remove hardcoded path and read prefix from /etc/oz.conf
cmd = "/usr/bin/oz-seccomp"
cmdArgs = append([]string{"-mode=train"}, args...)
} else {
p = new(oz.Profile)
if err := json.NewDecoder(os.Stdin).Decode(&p); err != nil {
log.Error("unable to decode profile data: %v", err)
os.Exit(1)
}
if p.Seccomp.Mode == oz.PROFILE_SECCOMP_TRAIN {
train = true
}
*debug = p.Seccomp.Debug
cmd = args[0]
cmdArgs = args[1:]
}
var cpid = 0
done := false
log.Info("Tracer running command (%v) arguments (%v)\n", cmd, cmdArgs)
c := exec.Command(cmd)
c.SysProcAttr = &syscall.SysProcAttr{Ptrace: true}
c.Env = os.Environ()
c.Args = append(c.Args, cmdArgs...)
if *noprofile == false {
pi, err := c.StdinPipe()
if err != nil {
fmt.Errorf("error creating stdin pipe for tracer process: %v", err)
os.Exit(1)
}
jdata, err := json.Marshal(p)
if err != nil {
fmt.Errorf("Unable to marshal seccomp state: %+v", err)
os.Exit(1)
}
io.Copy(pi, bytes.NewBuffer(jdata))
pi.Close()
}
children := make(map[int]bool)
renderFunctions := getRenderingFunctions()
trainingset := make(map[int]bool)
trainingargs := make(map[int]map[int][]uint)
if err := c.Start(); err == nil {
cpid = c.Process.Pid
children[c.Process.Pid] = true
var s syscall.WaitStatus
pid, err := syscall.Wait4(-1, &s, syscall.WALL, nil)
children[pid] = true
if err != nil {
log.Error("Error (wait4) err:%v pid:%i", err, pid)
}
log.Info("Tracing child pid: %v\n", pid)
for done == false {
pflags := unix.PTRACE_O_TRACESECCOMP
pflags |= unix.PTRACE_O_TRACEFORK
pflags |= unix.PTRACE_O_TRACEVFORK
pflags |= unix.PTRACE_O_TRACECLONE
pflags |= C.PTRACE_O_EXITKILL
syscall.PtraceSetOptions(pid, pflags)
syscall.PtraceCont(pid, 0)
pid, err = syscall.Wait4(-1, &s, syscall.WALL, nil)
if err != nil {
log.Error("Error (wait4) err:%v pid:%i children:%v\n", err, pid, children)
done = true
continue
}
children[pid] = true
if s.Exited() == true {
delete(children, pid)
log.Info("Child pid %v finished.\n", pid)
if len(children) == 0 {
done = true
}
continue
//.........这里部分代码省略.........
示例8: ptraceSetOptions
func (t *thread) ptraceSetOptions(options int) os.Error {
err := syscall.PtraceSetOptions(t.tid, options)
return os.NewSyscallError("ptrace(SETOPTIONS)", err)
}
示例9: run
func run() {
// If the debugger itself is multi-threaded, ptrace calls must come from
// the same thread that originally attached to the remote thread.
runtime.LockOSThread()
f, err := os.Open(exeFilename)
if err != nil {
log.Printf(`%q not found. Did you run "go build ." in that directory?`, exeFilename)
log.Fatalf("Open: %v", err)
}
defer f.Close()
dwarfData, err := loadDwarfData(f)
if err != nil {
log.Fatalf("loadDwarfData: %v", err)
}
proc, err := os.StartProcess(exeFilename, []string{exeFilename}, &os.ProcAttr{
Files: []*os.File{
os.Stdin,
os.Stdout,
os.Stderr,
},
Sys: &syscall.SysProcAttr{
Ptrace: true,
Pdeathsig: syscall.SIGKILL,
},
})
if err != nil {
log.Fatalf("StartProcess: %v", err)
}
fmt.Printf("\tproc.Pid=%d\n", proc.Pid)
_, status, err := wait(proc.Pid)
if err != nil {
log.Fatalf("wait: %v", err)
}
if status != 0x00057f { // 0x05=SIGTRAP, 0x7f=stopped.
log.Fatalf("status: got %#x, want %#x", status, 0x57f)
}
err = syscall.PtraceSetOptions(proc.Pid, syscall.PTRACE_O_TRACECLONE|syscall.PTRACE_O_TRACEEXIT)
if err != nil {
log.Fatalf("PtraceSetOptions: %v", err)
}
addr, err := lookupSym(dwarfData, "fmt.Printf")
if err != nil {
log.Fatalf("lookupSym: %v", err)
}
fmt.Printf("\tfmt.Printf=%#x\n", addr)
var buf [1]byte
if err := peek(proc.Pid, addr, buf[:1]); err != nil {
log.Fatalf("peek: %v", err)
}
breakpoints := map[uint64]breakpoint{
addr: {pc: addr, origInstr: buf[0]},
}
buf[0] = breakpointInstr
if err := poke(proc.Pid, addr, buf[:1]); err != nil {
log.Fatalf("poke: %v", err)
}
err = syscall.PtraceCont(proc.Pid, 0)
if err != nil {
log.Fatalf("PtraceCont: %v", err)
}
for {
pid, status, err := wait(-1)
if err != nil {
log.Fatalf("wait: %v", err)
}
switch status {
case 0x00057f: // 0x05=SIGTRAP, 0x7f=stopped.
regs := syscall.PtraceRegs{}
if err := syscall.PtraceGetRegs(pid, ®s); err != nil {
log.Fatalf("PtraceGetRegs: %v", err)
}
regs.Rip -= breakpointInstrLen
if err := syscall.PtraceSetRegs(pid, ®s); err != nil {
log.Fatalf("PtraceSetRegs: %v", err)
}
bp, ok := breakpoints[regs.Rip]
if !ok {
log.Fatalf("no breakpoint for address %#x\n", regs.Rip)
}
buf[0] = bp.origInstr
if err := poke(pid, addr, buf[:1]); err != nil {
log.Fatalf("poke: %v", err)
}
fmt.Printf("\thit breakpoint at %#x, pid=%5d\n", regs.Rip, pid)
if err := syscall.PtraceSingleStep(pid); err != nil {
log.Fatalf("PtraceSingleStep: %v", err)
}
_, status, err := wait(pid)
if err != nil {
log.Fatalf("wait: %v", err)
}
//.........这里部分代码省略.........
示例10: Tracer
func Tracer() {
p := new(oz.Profile)
if err := json.NewDecoder(os.Stdin).Decode(&p); err != nil {
log.Error("unable to decode profile data: %v", err)
os.Exit(1)
}
var proc_attr syscall.ProcAttr
var sys_attr syscall.SysProcAttr
sys_attr.Ptrace = true
done := false
proc_attr.Sys = &sys_attr
cmd := os.Args[1]
cmdArgs := os.Args[2:]
log.Info("Tracer running command (%v) arguments (%v)\n", cmd, cmdArgs)
c := exec.Command(cmd)
c.SysProcAttr = &syscall.SysProcAttr{Ptrace: true}
c.Env = os.Environ()
c.Args = append(c.Args, cmdArgs...)
pi, err := c.StdinPipe()
if err != nil {
fmt.Errorf("error creating stdin pipe for tracer process: %v", err)
os.Exit(1)
}
jdata, err := json.Marshal(p)
if err != nil {
fmt.Errorf("Unable to marshal seccomp state: %+v", err)
os.Exit(1)
}
io.Copy(pi, bytes.NewBuffer(jdata))
log.Info(string(jdata))
pi.Close()
children := make(map[int]bool)
if err := c.Start(); err == nil {
children[c.Process.Pid] = true
var s syscall.WaitStatus
pid, err := syscall.Wait4(-1, &s, syscall.WALL, nil)
children[pid] = true
if err != nil {
log.Error("Error (wait4): %v", err)
}
log.Info("Tracing child pid: %v\n", pid)
for done == false {
syscall.PtraceSetOptions(pid, unix.PTRACE_O_TRACESECCOMP|unix.PTRACE_O_TRACEFORK|unix.PTRACE_O_TRACEVFORK|unix.PTRACE_O_TRACECLONE|unix.PTRACE_O_TRACEEXIT)
syscall.PtraceCont(pid, 0)
pid, err = syscall.Wait4(-1, &s, syscall.WALL, nil)
if err != nil {
log.Error("Error (wait4): %v\n", err)
if len(children) == 0 {
done = true
}
continue
}
children[pid] = true
if s.Exited() == true {
delete(children, pid)
log.Info("Child pid %v finished.\n", pid)
if len(children) == 0 {
done = true
}
continue
}
if uint32(s)>>8 == (uint32(unix.SIGTRAP) | (unix.PTRACE_EVENT_SECCOMP << 8)) {
if err != nil {
log.Error("Error (ptrace): %v", err)
continue
}
var regs syscall.PtraceRegs
err = syscall.PtraceGetRegs(pid, ®s)
if err != nil {
log.Error("Error (ptrace): %v", err)
}
systemcall, err := syscallByNum(int(regs.Orig_rax))
if err != nil {
log.Error("Error: %v", err)
continue
}
var callrep string = fmt.Sprintf("%s(", systemcall.name)
var reg uint64 = 0
for arg := range systemcall.args {
if systemcall.args[arg] == 0 {
break
}
if arg > 0 {
callrep += fmt.Sprintf(",")
}
switch arg {
case 0:
reg = regs.Rdi
case 1:
//.........这里部分代码省略.........
示例11: Tracer
func Tracer() {
p := new(oz.Profile)
if err := json.NewDecoder(os.Stdin).Decode(&p); err != nil {
log.Error("unable to decode profile data: %v", err)
os.Exit(1)
}
var proc_attr syscall.ProcAttr
var sys_attr syscall.SysProcAttr
sys_attr.Ptrace = true
done := false
proc_attr.Sys = &sys_attr
cmd := os.Args[1]
cmdArgs := os.Args[2:]
log.Info("Tracer running command (%v) arguments (%v)\n", cmd, cmdArgs)
c := exec.Command(cmd)
c.SysProcAttr = &syscall.SysProcAttr{Ptrace: true}
c.Env = os.Environ()
c.Args = append(c.Args, cmdArgs...)
pi, err := c.StdinPipe()
if err != nil {
fmt.Errorf("error creating stdin pipe for tracer process: %v", err)
os.Exit(1)
}
jdata, err := json.Marshal(p)
if err != nil {
fmt.Errorf("Unable to marshal seccomp state: %+v", err)
os.Exit(1)
}
io.Copy(pi, bytes.NewBuffer(jdata))
log.Info(string(jdata))
pi.Close()
children := make(map[int]bool)
renderFunctions := getRenderingFunctions()
if err := c.Start(); err == nil {
children[c.Process.Pid] = true
var s syscall.WaitStatus
pid, err := syscall.Wait4(-1, &s, syscall.WALL, nil)
children[pid] = true
if err != nil {
log.Error("Error (wait4) here first: %v %i", err, pid)
}
log.Info("Tracing child pid: %v\n", pid)
for done == false {
syscall.PtraceSetOptions(pid, unix.PTRACE_O_TRACESECCOMP|unix.PTRACE_O_TRACEFORK|unix.PTRACE_O_TRACEVFORK|unix.PTRACE_O_TRACECLONE)
syscall.PtraceCont(pid, 0)
pid, err = syscall.Wait4(-1, &s, syscall.WALL, nil)
if err != nil {
log.Error("Error (wait4) here: %v %i %v\n", err, pid, children)
if len(children) == 0 {
done = true
}
continue
}
children[pid] = true
if s.Exited() == true {
delete(children, pid)
log.Info("Child pid %v finished.\n", pid)
if len(children) == 0 {
done = true
}
continue
}
if s.Signaled() == true {
log.Error("Other pid signalled %v %v", pid, s)
delete(children, pid)
continue
}
switch uint32(s) >> 8 {
case uint32(unix.SIGTRAP) | (unix.PTRACE_EVENT_SECCOMP << 8):
if err != nil {
log.Error("Error (ptrace): %v", err)
continue
}
var regs syscall.PtraceRegs
err = syscall.PtraceGetRegs(pid, ®s)
if err != nil {
log.Error("Error (ptrace): %v", err)
}
systemcall, err := syscallByNum(getSyscallNumber(regs))
if err != nil {
log.Error("Error: %v", err)
continue
}
/* Render the system call invocation */
r := getSyscallRegisterArgs(regs)
call := ""
if f, ok := renderFunctions[getSyscallNumber(regs)]; ok {
//.........这里部分代码省略.........
示例12: SetOptions
func (t *Tracer) SetOptions(options int) error {
return syscall.PtraceSetOptions(t.Process.Pid, options)
}
示例13: ptraceSetOptions
func (s *Server) ptraceSetOptions(pid int, options int) (err error) {
s.fc <- func() error {
return syscall.PtraceSetOptions(pid, options)
}
return <-s.ec
}
示例14: main
func main() {
var wstat syscall.WaitStatus
var complete func(syscall.PtraceRegs) = nil
var die = false
regs := syscall.PtraceRegs{}
isSyscall := func(wstat syscall.WaitStatus) bool {
return (((uint32(wstat) & 0xff00) >> 8) & 0x80) != 0
}
sc := initSyscalls()
c := make(chan os.Signal, 1)
signal.Notify(c, os.Kill, os.Interrupt)
go check(c, &die)
if pid == -1 {
log.Fatal("No pid set")
}
err := syscall.PtraceAttach(pid)
if err != nil {
log.Print("attach")
log.Print(err)
goto fail
}
_, err = syscall.Wait4(pid, &wstat, 0, nil)
if err != nil {
log.Printf("wait %d err %s\n", pid, err)
goto fail
}
err = syscall.PtraceSetOptions(pid, syscall.PTRACE_O_TRACESYSGOOD)
if err != nil {
log.Print("ptrace set options")
log.Print(err)
goto fail
}
for !die {
err = syscall.PtraceSyscall(pid, 0)
if err != nil {
log.Print("syscall")
log.Print(err)
goto fail
}
_, err = syscall.Wait4(pid, &wstat, 0, nil)
if err != nil {
log.Printf("wait %d err %s\n", pid, err)
goto fail
}
// ENTER
if wstat.Stopped() {
if isSyscall(wstat) {
err = syscall.PtraceGetRegs(pid, ®s)
if err != nil {
log.Print("regs")
log.Print(err)
goto fail
}
complete = sc.Call(regs)
}
}
err = syscall.PtraceSyscall(pid, 0)
if err != nil {
log.Print("syscall 2")
log.Print(err)
goto fail
}
_, err = syscall.Wait4(pid, &wstat, 0, nil)
if err != nil {
log.Printf("wait %d err %s\n", pid, err)
goto fail
}
os.Stdout.Sync()
if wstat.Stopped() {
if isSyscall(wstat) {
err = syscall.PtraceGetRegs(pid, ®s)
if err != nil {
log.Print("regs")
log.Print(err)
goto fail
}
//log.Printf("NUM: %d ::%#v", syscallNum, regs)
if complete != nil {
complete(regs)
complete = nil
}
}
}
}
fail:
syscall.Kill(pid, 18)
err = syscall.PtraceDetach(pid)
if err != nil {
log.Print("detach")
//.........这里部分代码省略.........