gabi/gwatch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update README with new usage and remove list mode references

Browse Source
This commit is contained in:
Gabriel Ionita 2025-10-26 21:20:00 +01:00
parent abdb39abba
commit 56ad622018
Signed by: gabi
SSH Key Fingerprint: SHA256:mrbYmB/SGtDvT3etRoS6pDrMYWxR0/B5GSF6rR3qhhc
1 changed files with 34 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
README.md
View File

@ -4,9 +4,10 @@ A tool to monitor reads and writes to global integer variables in Linux binaries
## Features
- Lists all global integer variables in a binary with their addresses
- Attempts to set up hardware watchpoints via ptrace to monitor variable access
- Monitors specific global integer variables in a running program
- Attempts to set up hardware watchpoints via ptrace to detect variable access
- Supports PIE (Position Independent Executable) binaries
- Passes command-line arguments to the target program
- Uses DWARF debug information to locate variables
## Building
@ -18,17 +19,26 @@ cmake --build build
## Usage
### List all global integer variables:
```bash
./build/gwatch --exec <binary>
gwatch --var <symbol> --exec <path> [-- arg1 arg2 ... argN]
```
### Watch a specific variable:
```bash
./build/gwatch --exec <binary> --var <variable_name>
```
**Arguments:**
- `--var <symbol>`: Name of the global variable to watch (required)
- `--exec <path>`: Path to the executable to monitor (required)
- `-- arg1 arg2 ...`: Optional arguments to pass to the target program
**Note:** The binary must be compiled with debug symbols (`-g` flag).
**Note:** The target binary must be compiled with debug symbols (`-g` flag).
**Examples:**
```bash
# Watch global_counter in test_access
./build/gwatch --var global_counter --exec ./test_access
# Watch with program arguments
./build/gwatch --var global_counter --exec ./test_with_args -- hello world 123
```
## Implementation Details
@ -69,13 +79,23 @@ But SIGTRAP signals are never generated when the watched variable is accessed.
## Testing
Test binaries are provided:
- `test_binary`: Simple binary with global variables (no accesses)
- `test_access`: Program that reads and writes to `global_counter`
Test programs are provided:
- `test_access.c`: Program that reads and writes to `global_counter`
- `test_with_args.c`: Program that accepts command-line arguments and modifies `global_counter`
Compile test programs with:
```bash
gcc -g -O0 -o test_access test_access.c
gcc -g -O0 -o test_with_args test_with_args.c
```
Run tests:
```bash
# Basic test
./build/gwatch --var global_counter --exec ./test_access
# Test with arguments
./build/gwatch --var global_counter --exec ./test_with_args -- hello world 123
```
## Future Work