Package vtrace :: Package platforms :: Module base :: Class TracerBase
[hide private]
[frames] | no frames]

Class TracerBase

source code


The basis for a tracer's internals. All platformFoo/archFoo functions are defaulted, and internal state is initialized. Additionally, a number of internal utilities are housed here.

Instance Methods [hide private]
 
__init__(self)
The routine to initialize a tracer's initial internal state.
source code
 
nextBpId(self) source code
 
_justAttached(self, pid) source code
 
getResolverForFile(self, filename) source code
 
steploop(self)
Continue stepi'ing in a loop until shouldRunAgain() returns false (like RunForever mode or something)
source code
 
doStepLoop(self) source code
 
_doRun(self) source code
 
wait(self)
Wait for the trace target to have something happen...
source code
 
_doWait(self) source code
 
_fireSignal(self, signo, siginfo=None) source code
 
_fireExit(self, ecode) source code
 
_fireExitThread(self, threadid, ecode) source code
 
_clearBreakpoints(self)
Cleanup all breakpoints (if the current bp is "fastbreak" this routine will not be called...
source code
 
_activBreakpoints(self)
Run through the breakpoints and setup the ones that are enabled.
source code
 
_syncRegs(self)
Sync the reg-cache into the target process
source code
 
_cacheRegs(self, threadid)
Make sure the reg-cache is populated
source code
 
_checkForBreakpoint(self)
Check to see if we've landed on a breakpoint, and if so deactivate and step us past it.
source code
 
shouldRunAgain(self)
A unified place for the test as to weather this trace should be told to run again after reaching some stopping condition.
source code
 
__repr__(self) source code
 
initMode(self, name, value, descr)
Initialize a mode, this should ONLY be called during setup routines for the trace! It determines the available mode setings.
source code
 
release(self)
Do cleanup when we're done.
source code
 
_cleanupResources(self) source code
 
_tellThreadExit(self) source code
 
__del__(self) source code
 
fireTracerThread(self) source code
 
fireNotifiers(self, event)
Fire the registered notifiers for the NOTIFY_* event.
source code
 
_fireStep(self) source code
 
_fireBreakpoint(self, bp) source code
 
checkPageWatchpoints(self)
Check if the given memory fault was part of a valid MapWatchpoint.
source code
 
checkWatchpoints(self) source code
 
checkBreakpoints(self)
This is mostly for systems (like linux) where you can't tell the difference between some SIGSTOP/SIGBREAK conditions and an actual breakpoint instruction.
source code
 
notify(self, event, trace)
We are frequently a notifier for ourselves, so we can do things like handle events on attach and on break in a unified fashion.
source code
 
delLibraryBase(self, baseaddr) source code
 
addLibraryBase(self, libname, address, always=False)
This should be used *at load time* to setup the library event metadata.
source code
 
normFileName(self, libname) source code
 
_findLibraryMaps(self, magic, always=False) source code
 
_loadBinaryNorm(self, normname) source code
 
_loadBinary(self, filename)
Check if a filename has yet to be parsed.
source code
 
_simpleCreateThreads(self)
Fire a thread event for each of the current threads.
source code
 
platformGetThreads(self)
Return a dictionary of <threadid>:<tinfo> pairs where tinfo is either the stack top, or the teb for win32
source code
 
platformSelectThread(self, thrid)
Platform implementers are encouraged to use the metadata field "ThreadId" as the identifier (int) for which thread has "focus".
source code
 
platformSuspendThread(self, thrid) source code
 
platformResumeThread(self, thrid) source code
 
platformInjectThread(self, pc, arg=0) source code
 
platformKill(self) source code
 
platformExec(self, cmdline)
Platform exec will execute the process specified in cmdline and return the PID
source code
 
platformInjectSo(self, filename) source code
 
platformGetFds(self)
Return what getFds() wants for this particular platform
source code
 
platformGetSignal(self)
Return the currently posted exception/signal....
source code
 
platformSetSignal(self, sig=None)
Set the current signal to deliver to the process on cont.
source code
 
platformGetMaps(self)
Return a list of the memory maps where each element has the following structure: (address, length, perms, file="") NOTE: By Default this list is available as Trace.maps because the default implementation attempts to populate them on every break/stop/etc...
source code
 
platformPs(self)
Actually return a list of tuples in the format (pid, name) for this platform
source code
 
archGetStackTrace(self) source code
 
archAddWatchpoint(self, address, size=4, perms="rw")
Add a watchpoint for the given address.
source code
 
archRemWatchpoint(self, address) source code
 
archCheckWatchpoints(self)
If the current register state indicates that a watchpoint was hit, return the address of the watchpoint and clear the event.
source code
 
archActivBreakpoint(self, addr)
Default implementation simply uses archGetBreakInstr() and writes it to memory ( and saves off the old bytes ).
source code
 
archClearBreakpoint(self, addr) source code
 
archGetRegCtx(self)
Return a new empty envi.registers.RegisterContext object for this trace.
source code
 
getStackTrace(self)
Return a list of the stack frames for this process (currently Intel/ebp based only).
source code
 
getExe(self)
Get the full path to the main executable for this *attached* Trace
source code
 
platformAttach(self, pid)
Actually carry out attaching to a target process.
source code
 
platformContinue(self) source code
 
platformDetach(self)
Actually perform the detach for this type
source code
 
platformStepi(self)
PlatformStepi should be ATOMIC, meaning it gets called, and by the time it returns, you're one step further.
source code
 
platformCall(self, address, args, convention=None)
Platform call takes an address, and an array of args (string types will be mapped and located for you)
source code
 
platformGetRegCtx(self, threadid) source code
 
platformSetRegCtx(self, threadid, ctx) source code
 
platformProtectMemory(self, va, size, perms) source code
 
platformAllocateMemory(self, size, perms=e_mem.MM_RWX, suggestaddr=0) source code
 
platformReadMemory(self, address, size) source code
 
platformWriteMemory(self, address, bytes) source code
 
platformGetMemFault(self)
Return the addr of the current memory fault or None
source code
 
platformWait(self)
Wait for something interesting to occur and return a *platform specific* representation of what happened.
source code
 
platformProcessEvent(self, event)
This method processes the event data provided by platformWait()
source code
 
platformOpenFile(self, filename) source code
 
platformParseBinary(self, filename, baseaddr, normname)
Platforms must parse the given binary file and load any symbols into the internal SymbolResolver using self.addSymbol()
source code
 
platformRelease(self)
Called back on release.
source code
Method Details [hide private]

__init__(self)
(Constructor)

source code 

The routine to initialize a tracer's initial internal state. This is used by the initial creation routines, AND on attaches/executes to re-fresh the state of the tracer. WARNING: This will erase all metadata/symbols (modes/notifiers are kept)

wait(self)

source code 

Wait for the trace target to have something happen... If the trace is in NonBlocking mode, this will fire a thread to wait for you and return control immediately.

_activBreakpoints(self)

source code 

Run through the breakpoints and setup the ones that are enabled.

NOTE: This should *not* get called when continuing from a fastbreak...

_checkForBreakpoint(self)

source code 

Check to see if we've landed on a breakpoint, and if so deactivate and step us past it.

WARNING: Unfortunatly, cause this is used immidiatly before a call to run/wait, we must block briefly even for the GUI

release(self)

source code 

Do cleanup when we're done. This is mostly necissary because of the thread proxy holding a reference to this tracer... We need to let him die off and try to get garbage collected.

checkBreakpoints(self)

source code 

This is mostly for systems (like linux) where you can't tell the difference between some SIGSTOP/SIGBREAK conditions and an actual breakpoint instruction.

This method will return true if either the breakpoint subsystem or the sendBreak (via ShouldBreak meta) is true (and it will have handled firing events for the bp)

addLibraryBase(self, libname, address, always=False)

source code 

This should be used *at load time* to setup the library event metadata.

This *must* be called from a context where it's safe to fire notifiers, because it will fire a notifier to alert about a LOAD_LIBRARY. (This means *not* from inside another notifer)

_loadBinary(self, filename)

source code 

Check if a filename has yet to be parsed. If it has NOT been parsed, parse it and return True, otherwise, return False

_simpleCreateThreads(self)

source code 

Fire a thread event for each of the current threads. (for use by tracers which don't get help from the OS)

platformSelectThread(self, thrid)

source code 

Platform implementers are encouraged to use the metadata field "ThreadId" as the identifier (int) for which thread has "focus". Additionally, the field "StoppedThreadId" should be used in instances (like win32) where you must specify the ORIGINALLY STOPPED thread-id in the continue.

platformSetSignal(self, sig=None)

source code 

Set the current signal to deliver to the process on cont. (Use None for no signal delivery.

archAddWatchpoint(self, address, size=4, perms="rw")

source code 

Add a watchpoint for the given address. Raise if the platform doesn't support, or too many are active...

archCheckWatchpoints(self)

source code 

If the current register state indicates that a watchpoint was hit, return the address of the watchpoint and clear the event. Otherwise return None

getStackTrace(self)

source code 

Return a list of the stack frames for this process (currently Intel/ebp based only). Each element of the "frames list" consists of another list which is (eip,ebp)

platformAttach(self, pid)

source code 

Actually carry out attaching to a target process. Like platformStepi this is expected to be ATOMIC and not return until a complete attach.

platformStepi(self)

source code 

PlatformStepi should be ATOMIC, meaning it gets called, and by the time it returns, you're one step further. This is completely regardless of blocking/nonblocking/whatever.

platformCall(self, address, args, convention=None)

source code 

Platform call takes an address, and an array of args (string types will be mapped and located for you)

platformCall is expected to return a dicionary of the current register values at the point where the call has returned...

platformWait(self)

source code 

Wait for something interesting to occur and return a *platform specific* representation of what happened.

This will then be passed to the platformProcessEvent() method which will be responsible for doing things like firing notifiers. Because the platformWait() method needs to be commonly @threadwrap and you can't fire notifiers from within a threadwrapped function...

platformProcessEvent(self, event)

source code 

This method processes the event data provided by platformWait()

This method is responsible for firing ALL notifiers *except*:

vtrace.NOTIFY_CONTINUE - This is handled by the run api (and isn't the result of an event)