Skip to content
Branch: master
Go to file
Code

Latest commit

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

README.md

ProcessTap is a dynamic tracing framework for analyzing closed source-applications. ProcessTap is inspired by DTrace and SystemTap, but it is specific for analyzing closed-source user-space applications. ProcessTap leverages dynamic binary instrumentation to intercept the events of interest (e.g., function calls, system call, memory accesses, and conditional control transfers). Although the current implementation relies on PinTool, alternative back-ends for instrumentation (e.g., Valgrind, Qemu, or DynamoRIO) can be used. The language used in ProcessTap for writing scripts to instrument applications is Python.

ProcessTap currently runs on:

  • Debian (sid) x86
  • Ubuntu (Lucid) x86 and x86_64
  • Ubuntu (Karmic) x86

ProcessTap is currently under heavy development; the interface might change a little bit in the future.

$ cat malloctrace.ptap
#!/usr/bin/env processtap
# -*- python -*-

include("stdlib.h")

@function_entry(function_name == "malloc")
def malloc_entry(ctx):
    print ">>> %s called from %.8x with argument %u" % (ctx.function_name, ctx.caller, ctx.args[0])

$ ./malloctrace.ptap -- /bin/ls
[*] Executable file: /bin/ls
[*] PTAP file: malloctrace.ptap
[*] Loaded 299 system calls
[*] Parsing 'stdlib.h' (123 functions)
[*] Loaded probes:
    [*] function.entry
        [+] (function.name == @malloc) malloc_entry
[*] Parsing '/bin/ls' [0000000000400238-000000000061c280]
[*] Parsing '/lib/ld-2.11.1.so' [00007f012f042000-00007f012f264128]
[*] Parsing '/lib/librt-2.11.1.so' [00007f012dd63000-00007f012df6abd0]
[*] Parsing '/lib/libselinux.so.1' [00007f012dd00000-00007f012df1d608]
[*] Parsing '/lib/libacl.so.1.1.0' [00007f012dc24000-00007f012de2b1d0]
[*] Parsing '/lib/libc-2.11.1.so' [00007f012da86000-00007f012de07828]
[*] Parsing '/lib/libpthread-2.11.1.so' [00007f012d0ae000-00007f012d2ca380]
[*] Parsing '/lib/libdl-2.11.1.so' [00007f012cf7f000-00007f012d182100]
[*] Parsing '/lib/libattr.so.1.1.0' [00007f012cf70000-00007f012d1740d0]
>>> malloc called from 0x4100c4 with argument 30
...

About

Automatically exported from code.google.com/p/processtap

Resources

Releases

No releases published
You can’t perform that action at this time.