modify syscall nr on-the-fly

Yuriy Tsibizov yuriy.tsibizov at
Sat Aug 18 03:26:39 PDT 2007

I'm trying to get user-mode Linux to run under FreeBSD Linux emulation (on

User-mode Linux in it's start-up tests tries to modify syscall number (to be
called by kernel) on-the-fly
It forks a child thread that stops
(using SIGSTOP), calls getpid() (that will be intercepted by parent thread
and return some value based on getpid() results. Main thread waits for
SIGSTOP in child process and
enables PTRACE_SYSCALL (I have some code that implements it. It makes some
incompatible changes
to PT_SYSCALL that will break FreeBSD applications, but works for Linux
apps). When main thread
catches SIGTRAP (generated by ptrace) it tries to modify EAX of child thread
and PTRACE_POKEUSR) to replace getpid syscall with getppid.

is it possible to get updated EAX (and other registers as well)  in
syscall(...) after ptracestop(...) in PTRACESTOP_SC(...) returns?

Hope for your help,


More information about the freebsd-hackers mailing list