I am currently working on a graph based visualization tool for the output of an i386 emulator. The basic idea is to do some kind of intelligent malware analysis and behavior prediction.
I experimented a little bit and suddenly got the idea to do some kind of source code graphing of some of my programs. Unfortunately, I did not found a suitable solution ready to use on the Internet although I admit that I didn’t search thoroughly. I proudly present my simple C source code analyzer which produces output that is suitable for Graphviz.
It reads C sources from stdin and identifies functions and all function calls from within those functions. The output can be directly fed into e.g. ‘dot’ for generating nice graphs. You may manually refine the output before rendering.
I call the tool simply just canalyze and it can be downloaded here: http://www.abenteuerland.at/download/proggies/canalyze
At the beginning I defined an array which contains function names that are ignored. Those functions are mainly typical library and system calls. You may adapt this to your needs.
To use it, simply pipe all your C sources to it:
$ cat *.c | canalyze > callgraph.dot
Now open the file 'callgraph.dot' in your favorite editor and edit it up to your needs and then run dot:
$ dot -Tpng callgraph.dot -o callgraph.png
The picture above is an example which shows the current version of Smrender. The call graph source may be downloaded from here:
Have fun playing with it, the output is really nice!