ratrace_leaves_processes_in_a_stopped_state

Fri, 18 Sep 2015 17:38:49 EDT
mischief@[REDACTED]

once ratrace detaches from a process, it will leave the program in a Stopped state, not running. for it to continue you must manually start the process again. it should start the processes when it exits, or at least provide a flag to do so.

; tail -f /dev/kmesg & ; ratrace $apid 422695 tail Fstat 2071aa 3 0x407d30 115 422695 tail Fstat = 78 “” 1415510097499842905 1415510097499846326 422695 tail Pread 20719b 3 0x7ffffeffcea4 8192 -1 422695 tail Pread /“” 8192 -1 = 0 1415510097724829693 1415510097724830857 422695 tail Fstat 2071aa 3 0x407e10 115 422695 tail Fstat = 78 “” 1415510097938883115 1415510097938886785 422695 tail Sleep 202ee0 5000 <send del to ratrace here> echo start > /proc/422695/ctl; echo kill > /proc/422695/note ; ; ps | grep tail mischief 422695 0:00 0:00 72K Stopped tail ;