zelos.processes module¶
-
class
zelos.processes.
Process
(processes: str, hook_manager: zelos.hooks.HookManager, pid: int, name: str, emu: zelos.emulator.base.IEmuHelper, parent_pid: int, main_module: str = None, orig_file_name: str = '', cmdline_args: List = None, environment_variables: List = None, virtual_filename: str = None, virtual_path: str = None, last_instruction: str = None, last_instruction_size: int = 0, disableNX: bool = False)¶ Bases:
object
-
property
is_active
¶ Returns true if this process can be scheduled.
-
property
scheduler
¶
-
property
current_thread
¶
-
new_thread
(start_addr: int, name: str = None, priority: int = 0, stack_setup: Callable = None, module_path: str = '????', benign_code: bool = False) → zelos.threads.Thread¶ Creates a new thread for the current process.
- Parameters
start_addr – The starting address of the new thread
name – Name of the new thread
priority – Scheduling priority of the new thread
stack_setup – Callback that populates stack of the new thread
module_path – Name of module of new thread
benign_code – Logging parameter
- Returns
Thread object
-
get_thread
(tid: int) → zelos.threads.Thread¶ Gets the thread in this process with the specified tid.
- Parameters
tid – Thread id
- Returns
Thread object
-
get_child_processes
() → List¶ Get a list of all child processes created by this process.
- Returns
List of Process Objects
-
priority
() → int¶ Returns the scheduling priority of this process. The scheduling priority of a Process is that of its highest priority Thread.
- Returns
Number denoting priority
-
blocks_executed
() → int¶ Calculates # of unique blocks executed across all threads of this process.
- Returns
Number of blocks executed
-
property
-
class
zelos.processes.
Processes
(hook_manager: zelos.hooks.HookManager, interrupt_handler: zelos.hooks.InterruptHooks, main_module_name: str, thread_stack_size: int, disableNX: bool = False)¶ Bases:
object
Exposes the processes that are on the virtual machine.
-
set_architecture
(state: zelos.state.State) → None¶
-
property
current_thread
¶
-
property
thread_manager
¶
-
gen_tid
() → int¶ Generates a tid that is guaranteed not to have been used before.
-
new_process
(name: str = None, parent_pid: int = None, main_module=None, cmdline_args: List = []) → int¶ Creates a new process.
- Parameters
name – Name of the new thread.
parent_pid – ID of the parent process.
main_module – Module that is used to start the new process.
cmdline_args – Arguments to pass to the new process.
- Returns
ID of the newly created process.
-
kill_process
(pid: int) → None¶ Stops a running process and all its threads.
- Parameters
pid – ID of process to kill
-
new_thread_for_current_process
(start_addr: int, name: str = None, priority: int = 0, stack_setup: Callable = None, module_path: str = '????', benign_code: bool = False) → zelos.threads.Thread¶ Creates a new thread for the currently running process.
- Parameters
start_addr – The starting address of the new thread
name – Name of the new thread
priority – Scheduling priority of the new thread
stack_setup – Callback that populates stack of the new thread
module_path – Name of module of new thread
benign_code – Logging parameter
- Returns
Thread object
-
num_active_processes
() → int¶
-
get_process
(pid: int) → zelos.processes.Process¶
-
get_thread
(tid: int) → zelos.threads.Thread¶ Gets the thread for the given tid.
- Parameters
tid – ID of thread.
-
get_all_threads
() → List[zelos.threads.Thread]¶ Returns a list of threads across all processes
-
load_next_process
() → None¶ Loads the next process. Will skip processes that are not active.
-
schedule_next
() → None¶ Swaps processes and threads in order to ensure that all eventually get executed.
-
swap_with_next_thread
() → None¶ Tries to swap with the next thread in the current process. If that is not possible, attempts to swap processes.
-
load_process
(pid) → None¶ This attempts to load the designated process. This is a no-op if the process to be loaded is the same as the current process.
- Parameters
pid – ID of Process to load.
-
serialize_process
(p)¶
-
deserialize_process
(data)¶
-