ATTENTION: Development of mttn
has moved! All active development can be found under sholva.
memory tracer, take N
mttn
is a small, very slow program tracer with a few specific goals:
- Not modifying the program's instruction stream.
- Faithfully recording most memory accesses.
- Generating traces that are suitable for SIEVE's Tiny86.
Strong anti-goals:
- Being fast.
Weak anti-goals:
- Supporting memory accesses that are either variable-sized or larger than 64 bits.
mttn uses Linux-specific ptrace
APIs and syscalls, so you'll need to run it on a relatively
recent Linux kernel. If you're on another platform, you can use the Dockerfile:
$ docker build . -t mttn
# we need seccomp=unconfined for ptrace, as well as (optionally) disabling ASLR
# similarly for CAP_SYS_PTRACE: we need it for attaching to processes
$ docker run --rm -it --cap-add=SYS_PTRACE --security-opt seccomp=unconfined -v $(pwd):/app/mttn mttn
$ # in docker
$ cd /app/mttn
Once you have the appropriate environment, just cargo build
:
$ cargo build
$ ./target/debug/mttn -h
mttn's tests require some system depedencies to build test binaries with:
nasm
, (GNU) ld
, and (GNU) make
.
Once you have those installed, running the tests should be as simple as:
$ cargo test
The views, opinions, and/or findings expressed are those of the author(s) and should not be interpreted as representing the official views or policies of the Department of Defense or the U.S. Government.
mttn is licensed under the GNU AGPLv3 License. A copy of the terms can be found in the LICENSE file.