CaptureAddress pulls a socket address from the process as a byte slice.

GetAddress reads an sockaddr struct from the given address and converts it to the FullAddress format.

PrintTraces prints every trace event to w.

ReadString reads a null-terminated string from the process at Addr and any errors.

ReadStringVector takes an address, max string size, and max number of string to read, and returns a string slice or error.

RecordTraces sends each event on c.

Strace traces and prints process events for `c` and its children to `out`.

Trace traces `c` and any children c clones.

CloneFlags are clone(2) flags.

DefaultLogMaximumSize is the default LogMaximumSize.

ExecMaxElemSize is the maximum length of a single argv or envv entry.

ExecMaxTotalSize is the maximum length of all argv and envv entries.

ExecveStringVector is a NULL-terminated array of strings.

Exit means the process has exited with an exit code.

FutexOp is the futex(2) operation.

Hex is just a hexadecimal number.

IOVec is a generic pointer to a struct iovec.

ItimerSpec is a pointer to a struct itimerspec.

ItimerType is an itimer type (ITIMER_REAL, etc).

ItimerVal is a pointer to a struct itimerval.

Mode is a mode_t.

NewChild means the process created a new child thread or child process via fork, clone, or vfork.

Oct is just an octal number.

OpenFlags are open(2) flags.

Path is a pointer to a char* path.

PipeFDs is an array of two FDs, formatted after syscall execution.

PostItimerSpec is a pointer to a struct itimerspec, formatted after syscall execution.

PostItimerVal is a pointer to a struct itimerval, formatted after syscall execution.

PostPath is a pointer to a char* path, formatted after syscall execution.

PostSockAddr is a pointer to a struct sockaddr, formatted after syscall execution.

PostTimespec is a pointer to a struct timespec, formatted after syscall execution.

PtraceRequest is the ptrace(2) request.

ReadBuffer is a buffer for a read-style call.

ReadIOVec is a pointer to a struct iovec for a writev-style call.

RecvMsgHdr is a pointer to a struct msghdr for a recvmsg-style call.

Rusage is a struct rusage, formatted after syscall execution.

SendMsgHdr is a pointer to a struct msghdr for a sendmsg-style call.

SignalExit means the process has been terminated by a signal.

SignalStop means the process was stopped by a signal.

SockAddr is a pointer to a struct sockaddr.

SockFamily is a socket protocol family value.

SockFlags are socket flags.

SockLen is a pointer to a socklen_t, formatted before and after syscall execution.

SockProtocol is a socket protocol value.

SockType is a socket type and flags value.

Stat is a pointer to a struct stat, formatted after syscall execution.

SyscallEnter is the event for a process calling a syscall.

SyscallExit is the event for the kernel returning a syscall.

Timespec is a pointer to a struct timespec.

Timeval is a pointer to a struct timeval, formatted before and after syscall execution.

Uname is a pointer to a struct uname, formatted after syscall execution.

Unknown is for events we do not know how to interpret.

Utimbuf is a pointer to a struct utimbuf.

UTimeTimespec is a pointer to a struct timespec.

WriteBuffer is a buffer for a write-style call.

WriteIOVec is a pointer to a struct iovec for a writev-style call.

EventMaximumSize determines the maximum size for data blobs (read, write, etc.) sent over the event channel.

LogMaximumSize determines the maximum display size for data blobs (read, write, etc.).

ExitEvent is emitted when the process exits regularly using exit_group(2).

NewChildEvent is emitted when a clone/fork/vfork syscall is done.

SignalEvent is a signal that was delivered to the process.

SyscallArgument is an argument supplied to a syscall implementation.

SyscallEvent is populated for both SyscallEnter and SyscallExit event types.

SyscallInfo captures the name and printing format of a syscall.

TraceError is returned when something failed on a specific process.

TraceRecord has information about a process event.

Task is a Linux process.

Addr is an address for use in strace I/O.

Address is a byte slice cast as a string that represents the address of a network node.

EventCallback is a function called on each event while the subject process is stopped.

EventType describes a process event.

FormatSpecifier values describe how an individual syscall argument should be formatted.

SyscallArguments represents the set of arguments passed to a syscall.

SyscallMap maps syscalls into names and printing formats.