> Can't PTRACE_SYSEMU be emulated by using PTRACE_SYSCALL, cancelling the > syscall at the syscall enter stop, then modifying the regs at the > syscall exit stop?
Yes, it can. The idea behind SYSEMU is to be able to save half the ptrace traps that would require, in theory making the ptracer a decent amount faster. That said, the x7 issue is orthogonal to SYSEMU, you'd have the same issues if you used PTRACE_SYSCALL. Keno
