def getregs(self):
if HAS_PTRACE_GETREGS or HAS_PTRACE_GETREGSET:
return ptrace_getregs(self.pid)
# FIXME: Optimize getreg() when used with this function
words = []
nb_words = sizeof(ptrace_registers_t) // CPU_WORD_SIZE
for offset in range(nb_words):
word = ptrace_peekuser(self.pid, offset * CPU_WORD_SIZE)
bytes = word2bytes(word)
words.append(bytes)
bytes = ''.join(words)
return bytes2type(bytes, ptrace_registers_t)
def getregs(self):
if HAS_PTRACE_GETREGS:
return ptrace_getregs(self.pid)
else:
# FIXME: Optimize getreg() when used with this function
words = []
nb_words = sizeof(ptrace_registers_t) // CPU_WORD_SIZE
for offset in range(nb_words):
word = ptrace_peekuser(self.pid, offset * CPU_WORD_SIZE)
bytes = word2bytes(word)
words.append(bytes)
bytes = ''.join(words)
return bytes2type(bytes, ptrace_registers_t)
def trace(pid):
ptrace_attach(pid)
if wait_status() == -1:
return -1
print "-- start traceing %d ..." %pid
while True:
ptrace_syscall(pid)
if wait_status() == -1:
ptrace_detach(pid)
return -1
regs = ptrace_getregs(pid)
res = SYSCALL_NAMES.get(regs.orig_rax)
if res == "clone" or res == "fork" or res == "vfork" or res == "execve":
limit = resource.getrlimit(resource.RLIMIT_NPROC)
if regs.rax > 0 and regs.rax < limit[1]:
print "create new child: %s" %regs.rax
return 0
def getregs(self):
return ptrace_getregs(self.pid)
def getregs(self):
return ptrace_getregs(self.pid)