BagPipeOuO
5f2b64a9b9
|
5 months ago | |
|---|---|---|
| .. | ||
| obj-intel64 | 5 months ago | |
| scripts | 5 months ago | |
| README.md | 5 months ago | |
| aurora_tracer.cpp | 5 months ago | |
| makefile | 5 months ago | |
| makefile.rules | 5 months ago | |
README.md
Tracing
We use a pintool to trace all crashing and non-crashing inputs.
Setup
-
Install Intel Pin in version 3.15 (note, the original pintool was designed for 3.7 - which is no longer available for download, such that we have updated the pintool to version 3.15).
-
Set PIN_ROOT to point to the correct location, e.g.,
export PIN_ROOT=/home/user/builds/pin-3.7-97619-g0d0c92f4f-gcc-linux/. -
Run
make aurora_tracer.testormake obj-intel64/aurora_tracer.soto build the pintool.
Usage
In scripts, you can find an example script run_tracer.sh on how to run the tracer. In general, tracing will generate an output containing the trace as JSON and a logfile. Note that Pin struggles with long paths for both output file and logfile.
The second script, pprint.py, allows to pretty-print the trace file.
tracing.py requires at least Python 3.6 and allows to trace multiple files (and zips them for space reasons - root cause analysis tooling can deal with zipped traces automatically) and expects PIN_ROOT to be set. It requires 3 arguments: the path to the (non-AFL instrumented) trace binary, an input folder where crashes and non_crashescan be found as well as an output folder where to drop the `traces. A tracing.log logfile is created.
The fourth script, addr_ranges.py extracts heap and stack address ranges from logfiles generated by tracing.py.