| Traceline is a Windows utility to intercept, time, and log system calls. This |
| is achieved by injecting code into a target process, along with dynamically |
| generated assembly hook stubs. One of the major goals was to skew performance |
| timings as little as possible. This lead to a design in which the log buffer |
| (which is called the playground) is kept within the process, and the logger |
| routines use atomic instructions to log their events to this buffer. At the |
| end of the processes lifetime, this buffer is pulled out of the process and |
| used to generated JSON output. In addition to hooking system call activity, |
| other hooks of interest have been written, including heap allocation functions. |
| Symbols are supported with a command line flag. This works by capturing the |
| process shutdown, and doing an intrusive symbol attach with dbghelp.dll |
| |
| NOTES: |
| - You should copy dbghelp.dll from a windbg installation into this directory. |
| The version shipped with Windows is old, and symbol support won't work. |
| - You will need a bit of cygwin if you want to use the Makefile. Otherwise |
| it is pretty clear how to build the files manually. |
| - The output JSON data will be printed out stdout. It is likely that you |
| will want to pipe the output of this program into a file. |
| |
| Dean McNamee <deanm@chromium.org> |