rocallahan
commented
4 years ago The rr trace format is not difficult to parse. I'm not aware of any tools that convert rr traces into other formats but I'm sure it could be done.
Open tiedaoxiaotubie opened 4 years ago
rocallahan
commented
4 years ago The rr trace format is not difficult to parse. I'm not aware of any tools that convert rr traces into other formats but I'm sure it could be done.
tiedaoxiaotubie
commented
4 years ago I am not very clear about the internal storage mechanism of rr in record. Is it an instruction-level record? For example, are the addresses, operands code, and corresponding register and memory values of each instruction recorded? Is there an available program interface to dump these records to disk?
khuey
commented
4 years ago No, rr traces contain a much more minimal set of data necessary to reproduce the execution of the program. Something like rr rerun can be used to singlestep the trace while dumping register values. Memory is a bit harder but perhaps something could be done there.
rocallahan
commented
4 years ago Reading https://arxiv.org/abs/1705.05937 might help.
Hi, many binary analysis platforms perform
taint analysisandsymbolic executionbase on execution trace. Usually we may use Pin or Valgrind to record binary's execution trace first, including instruction addresses, regs' values and memory change. It seems thatrralso finish these work. I wonder how can I export the trace in a tradition format (since trace inrrhas been compressed), and whether the trace recorded by rr can work with other analysis framework such asTrtion?