ptrace is a Python binding of ptrace library.

The binding works on:

 * Linux version 2.6.20 on i386, x86_64, PPC (may works on Linux 2.4.x and 2.6.x)
 * Linux version 2.4 on PPC
 * FreeBSD version 7.0RC1 on i386 (may works on FreeBSD 5.x/6.x)
 * OpenBSD version 4.2 on i386

Features:

 * High level Python object API : !PtraceDebugger and !PtraceProcess
 * Able to control multiple processes: catch fork events on Linux
 * Read/write bytes to arbitrary address: take care of memory alignment and split bytes to cpu word
 * Execution step by step using ptrace_singlestep() or hardware interruption 3
 * Can use distorm (http://www.ragestorm.net/distorm/) disassembler
 * Dump registers, memory mappings, stack, etc.
 * Syscall tracer and parser (strace command)

Website: http://fusil.hachoir.org/trac/wiki/Ptrace


Installation
============

Read INSTALL documentation file.


Changelog
=========

Version 0.3.2 (2008-07-25)
--------------------------

 * Rewrite ip_int2str() using inet_ntoa() to avoid IPy dependency
 * Add kill() and unlink() syscall prototypes
 * Fix sign conversion error in ptrace() to fix error detection
 * Catch OSError in ptrace.disasm (unable to find libdistorm64.so)
 * PtraceDebugger.addProcess(): detach the process on exception
 * Breakpoint: don't store bytes if the process is not running anymore
 * writeError() now re-raise KeyboardInterrupt
 * PtraceProcess: don't detach or terminate process if it is was running
 * PtraceProcess: never send SIGTRAP signal to a process!

Version 0.3.1 (2008-07-08)
--------------------------

Minor update:

 * ptrace.ctypes_errno: use ctypes_support.get_errno() when it's available
 * Create RUNNING_PYPY constant is ptrace.os_tools
 * Remove ptrace dependency from ptrace.pydistorm to be able to use
   it outside ptrace

Version 0.3 (2008-03-26)
------------------------

 * Support OpenBSD i386
 * Use ptrace_io() on FreeBSD for faster readBytes()/writeBytes() methods
 * Use ptrace_peekuser() to read registers on OS without ptrace_getregs()
   (eg. Linux 2.4 on PPC)
 * Breakpoint works on PPC CPU (use TRAP instruction)
 * Delete process and raise ProcessExit on abnormal process death
   (eg. detected by waitpid(pid))
 * Write new Python binding to distorm64 library
 * gdb.py: create "backtrace" command
 * gdb.py: support operators in expressions (eg. $eip+4)


Version 0.2 (2008-02-14)
------------------------

 * Able to trace multiple processes
 * Many new gdb.py commands: hexdump, signal, print, etc.
 * Support i386 (Linux, FreeBSD), x86_64 (Linux) and PPC (Linux)
 * Guess reason why a signal is sent: invalid memory read, stack
   overflow, division by zero, etc.
 * Create simple C program to test strace.py and gdb.py
 * Move files to three main modules: ptrace.binding, ptrace.syscall
   and ptrace.debugger

Version 0.1 (2008-02-08)
------------------------

 * First public release

