static void event_post_syscall(void *drcontext, int sysnum) { #ifdef SHOW_RESULTS dr_syscall_result_info_t info = { sizeof(info), }; dr_syscall_get_result_ex(drcontext, &info); if (!info.succeeded) { /* XXX: we could use the "drsyscall" Extension from the Dr. Memory * Framework (DRMF) to obtain the name of the system call (as well as * the number of arguments and the type of each). Please see the strace * sample and drstrace tool within DRMF for further information. */ dr_fprintf(STDERR, "<---- syscall %d failed (returned "PFX" == "SZFMT") ---->\n", sysnum, info.value, (ptr_int_t)info.value); } #endif if (sysnum == write_sysnum) { per_thread_t *data = (per_thread_t *) drmgr_get_cls_field(drcontext, tcls_idx); /* we repeat a write originally to stdout that we redirected to * stderr: on the repeat we use stdout */ if (data->repeat) { /* repeat syscall with stdout */ int i; #ifdef SHOW_RESULTS dr_fprintf(STDERR, "<---- repeating write ---->\n"); #endif dr_syscall_set_sysnum(drcontext, write_sysnum); dr_syscall_set_param(drcontext, 0, (reg_t) STDOUT); for (i = 1; i < SYS_MAX_ARGS; i++) dr_syscall_set_param(drcontext, i, data->param[i]); #ifdef WINDOWS if (dr_is_wow64()) { /* Set the xcx emulation parameter for wow64: since * we're executing the same system call again we can * use that same parameter. For new system calls we'd * need to determine the parameter from the ntdll * wrapper. */ dr_mcontext_t mc = {sizeof(mc),DR_MC_INTEGER/*only need xcx*/}; dr_get_mcontext(drcontext, &mc); mc.xcx = data->xcx; dr_set_mcontext(drcontext, &mc); } #endif dr_syscall_invoke_another(drcontext); } } }
static void event_post_syscall(void *drcontext, int sysnum) { #ifdef SHOW_RESULTS dr_fprintf(STDERR, " [%d] => "PFX" ("SZFMT")\n", sysnum, dr_syscall_get_result(drcontext), (ptr_int_t)dr_syscall_get_result(drcontext)); #endif if (sysnum == write_sysnum) { per_thread_t *data = (per_thread_t *) drmgr_get_cls_field(drcontext, tcls_idx); /* we repeat a write originally to stdout that we redirected to * stderr: on the repeat we use stdout */ if (data->repeat) { /* repeat syscall with stdout */ int i; #ifdef SHOW_RESULTS dr_fprintf(STDERR, " [%d] => repeating\n", sysnum); #endif dr_syscall_set_sysnum(drcontext, write_sysnum); dr_syscall_set_param(drcontext, 0, (reg_t) STDOUT); for (i = 1; i < SYS_MAX_ARGS; i++) dr_syscall_set_param(drcontext, i, data->param[i]); #ifdef WINDOWS if (dr_is_wow64()) { /* Set the xcx emulation parameter for wow64: since * we're executing the same system call again we can * use that same parameter. For new system calls we'd * need to determine the parameter from the ntdll * wrapper. */ dr_mcontext_t mc = {sizeof(mc),DR_MC_INTEGER/*only need xcx*/}; dr_get_mcontext(drcontext, &mc); mc.xcx = data->xcx; dr_set_mcontext(drcontext, &mc); } #endif dr_syscall_invoke_another(drcontext); } } }