def syscall(self, signum=0):
message = "Break process %s at next syscall" % self.pid
if signum:
message += ": continue with %s" % signalName(signum)
info(message)
ptrace_syscall(self.pid, signum)
self.is_stopped = False
def syscall(self, signum=0):
message = "Break process %s at next syscall" % self.pid
if signum:
message += ": continue with %s" % signalName(signum)
info(message)
ptrace_syscall(self.pid, signum)
self.is_stopped = False
def trace(pid):
ptrace_attach(pid)
if wait_status() == -1:
return -1
print "-- start traceing %d ..." %pid
while True:
ptrace_syscall(pid)
if wait_status() == -1:
ptrace_detach(pid)
return -1
regs = ptrace_getregs(pid)
res = SYSCALL_NAMES.get(regs.orig_rax)
if res == "clone" or res == "fork" or res == "vfork" or res == "execve":
limit = resource.getrlimit(resource.RLIMIT_NPROC)
if regs.rax > 0 and regs.rax < limit[1]:
print "create new child: %s" %regs.rax
return 0
def syscall(self, signum=0):
signum = self.filterSignal(signum)
ptrace_syscall(self.pid, signum)
self.is_stopped = False
def syscall(self, signum=0):
signum = self.filterSignal(signum)
ptrace_syscall(self.pid, signum)
self.is_stopped = False
