系统调用被是被成硬件断点

[laolihhh]

eetah:/data/local/tmp # ./stackplz -n com.instagram.android --syscall fork --stack
[*] save maps to maps_19893.txt
panic: unknown syscall name:fork

goroutine 1 [running]:
stackplz/user/config.(*SyscallConfig).GetSyscallPointByName(...)
/home/runner/work/stackplz/stackplz/user/config/config_module.go:474
stackplz/user/config.(*SyscallConfig).Parse_Syscall(0x40003fe0c0, 0x4000166000)
/home/runner/work/stackplz/stackplz/user/config/config_module.go:676 +0x874
stackplz/cli/cmd.persistentPreRunEFunc(0x601ee8f9a0?, {0x601e6bf1d3?, 0x5?, 0x5?})
/home/runner/work/stackplz/stackplz/cli/cmd/root.go:283 +0xa8c
github.com/spf13/cobra.(*Command).execute(0x601ee8f9a0, {0x40000201f0, 0x5, 0x5})
/home/runner/go/pkg/mod/github.com/spf13/cobra@v1.6.0/command.go:891 +0x524
github.com/spf13/cobra.(*Command).ExecuteC(0x601ee8f9a0)
/home/runner/go/pkg/mod/github.com/spf13/cobra@v1.6.0/command.go:1040 +0x354
github.com/spf13/cobra.(*Command).Execute(...)
/home/runner/go/pkg/mod/github.com/spf13/cobra@v1.6.0/command.go:968
stackplz/cli/cmd.Execute()
/home/runner/work/stackplz/stackplz/cli/cmd/root.go:588 +0x40
stackplz/cli.Start(...)
/home/runner/work/stackplz/stackplz/cli/main.go:10
main.main()
/home/runner/work/stackplz/stackplz/main.go:10 +0x24

heetah:/data/local/tmp # ./stackplz -n com.instagram.android --syscall fork,clone,ptrace --stack
panic: cast [fork] watchpoint to SysCallArgs failed

goroutine 1 [running]:
stackplz/user/config.(*SyscallConfig).Parse_SysWhitelist(0x4000cebf80, {0x7fdfccbe0e?, 0x40001e2500?})
/home/runner/work/stackplz/stackplz/user/config/config_module.go:385 +0x44c
stackplz/cli/cmd.persistentPreRunEFunc(0x58a4156a20?, {0x58a395ac8c?, 0x5?, 0x5?})
/home/runner/work/stackplz/stackplz/cli/cmd/root.go:296 +0xc68
github.com/spf13/cobra.(*Command).execute(0x58a4156a20, {0x40000121f0, 0x5, 0x5})
/home/runner/go/pkg/mod/github.com/spf13/cobra@v1.6.0/command.go:891 +0x524
github.com/spf13/cobra.(*Command).ExecuteC(0x58a4156a20)
/home/runner/go/pkg/mod/github.com/spf13/cobra@v1.6.0/command.go:1040 +0x354
github.com/spf13/cobra.(*Command).Execute(...)
/home/runner/go/pkg/mod/github.com/spf13/cobra@v1.6.0/command.go:968
stackplz/cli/cmd.Execute()
/home/runner/work/stackplz/stackplz/cli/cmd/root.go:546 +0x40
stackplz/cli.Start(...)
/home/runner/work/stackplz/stackplz/cli/main.go:10
main.main()
/home/runner/work/stackplz/stackplz/main.go:10 +0x24
2|cheetah:/data/local/tmp # ./stackplz -n com.instagram.android --syscall fork --stack
panic: cast [fork] watchpoint to SysCallArgs failed

stackplz 这个工具在解析您输入的--syscall参数时，内部存在一个Bug。

从它的报错信息 panic: cast [fork] watchpoint to SysCallArgs failed 来看，它的代码把字符串 "fork" 错误地识别成了一个和硬件断点 (watchpoint) 相关的指令，然后在进行类型转换时失败了。这纯粹是工具本身的健壮性问题，不是您的命令有错，也不是您对系统调用的理解有错

[SeeFlowerX]

arm64下fork是不存在直接的系统调用号的

arm64的fork实现底层是封装的clone系统调用，所以你命令行中有clone即可，不应该额外写fork

https://chromium.googlesource.com/chromiumos/docs/+/master/constants/syscalls.md

参见 Cross-arch Numbers 章节，可以看到fork不存在 syscall number