gabi/gwatch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update README with new usage and remove list mode references

Browse Source
This commit is contained in:
Gabriel Ionita 2025-10-26 21:20:00 +01:00
parent abdb39abba
commit 56ad622018
Signed by: gabi
SSH Key Fingerprint: SHA256:mrbYmB/SGtDvT3etRoS6pDrMYWxR0/B5GSF6rR3qhhc
1 changed files with 34 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
README.md
View File

@ -4,9 +4,10 @@ A tool to monitor reads and writes to global integer variables in Linux binaries
## Features ## Features
- Lists all global integer variables in a binary with their addresses - Monitors specific global integer variables in a running program
- Attempts to set up hardware watchpoints via ptrace to monitor variable access - Attempts to set up hardware watchpoints via ptrace to detect variable access
- Supports PIE (Position Independent Executable) binaries - Supports PIE (Position Independent Executable) binaries
- Passes command-line arguments to the target program
- Uses DWARF debug information to locate variables - Uses DWARF debug information to locate variables
## Building ## Building
@ -18,17 +19,26 @@ cmake --build build
## Usage ## Usage
### List all global integer variables:
```bash ```bash
./build/gwatch --exec <binary> gwatch --var <symbol> --exec <path> [-- arg1 arg2 ... argN]
``` ```
### Watch a specific variable: **Arguments:**
```bash - `--var <symbol>`: Name of the global variable to watch (required)
./build/gwatch --exec <binary> --var <variable_name> - `--exec <path>`: Path to the executable to monitor (required)
``` - `-- arg1 arg2 ...`: Optional arguments to pass to the target program
**Note:** The binary must be compiled with debug symbols (`-g` flag). **Note:** The target binary must be compiled with debug symbols (`-g` flag).
**Examples:**
```bash
# Watch global_counter in test_access
./build/gwatch --var global_counter --exec ./test_access
# Watch with program arguments
./build/gwatch --var global_counter --exec ./test_with_args -- hello world 123
```
## Implementation Details ## Implementation Details
@ -69,19 +79,29 @@ But SIGTRAP signals are never generated when the watched variable is accessed.
## Testing ## Testing
Test binaries are provided: Test programs are provided:
- `test_binary`: Simple binary with global variables (no accesses) - `test_access.c`: Program that reads and writes to `global_counter`
- `test_access`: Program that reads and writes to `global_counter` - `test_with_args.c`: Program that accepts command-line arguments and modifies `global_counter`
Compile test programs with: Compile test programs with:
```bash ```bash
gcc -g -O0 -o test_access test_access.c gcc -g -O0 -o test_access test_access.c
gcc -g -O0 -o test_with_args test_with_args.c
``` ```
##Future Work Run tests:
```bash
# Basic test
./build/gwatch --var global_counter --exec ./test_access
# Test with arguments
./build/gwatch --var global_counter --exec ./test_with_args -- hello world 123
```
## Future Work
- Investigate alternative watchpoint implementations - Investigate alternative watchpoint implementations
- Add support for watchingnon-integer types - Add support for watching non-integer types
- Support multiple simultaneous watchpoints (using DR1-DR3) - Support multiple simultaneous watchpoints (using DR1-DR3)
- Add filtering options (read-only vs write-only vs read/write) - Add filtering options (read-only vs write-only vs read/write)
- Better error reporting and diagnostics - Better error reporting and diagnostics