i am currently looking for a fast way to realize an idea of mine for which i would need a number count for all functions called inside a binary executable, during runtime. As far as i know Intels PIN tool can count routine calls and the number of instructions inside those routines (See here: https://software.intel.com/sites/landingpage/pintool/docs/67254/Pin/html/index.html#ProcInstrCount). But what happens when the symbol table is not available? Can PIN cope with that?
I do not need names for the routines, their starting addresses would suffice. Are there any tools out there which i could use to have access to such information?
A little background: I want to cluster certain function calls during runtime. For example i want to cluster all periodic function calls inside a "update" cluster. Furthermore i want to be able to tell which functions are getting called as a result of an user action (e.g. button press) and then cluster those function again. In the end i want to have a rather clear image of which functions are getting executed when. Is this even possible?
Thanks for any advice
I was able to achieve my goal by using frida (http://www.frida.re). Very cool and powerful tool!