4. Debugging Griffin Trace - TJAndHisStudents/Griffin-Trace GitHub Wiki

Debugging the Griffin Trace

This section is optional. Griffin Trace produces debug information that is accessible by reading the dmesg output, but this information is not necessary for parsing the trace information. Example debug output is provided below.

Debugging the Shadow Stack Test

System Call Trigger - `dmesg` output

[329848.107256] pt: offline: attack-return.out registered
[329848.117452] pt: tracing system calls, width of 1
[329848.138097] pt:   System call captured. Will print to log.
[329848.143911] pt: Adding buffer for #4, size (40)
[329848.148668] pt: Adding buffer for #5, size (944)
[329848.155557] pt:   Dumping trace from syscall trigger. Called on 4, dumped on 0, width is 1.
[329848.164002] pt: Current buffer is #0, size (40)
[329848.168893] pt: Printing buffer #4 to 0, size (40)
[329848.173929] pt: Printing buffer #5 to 0, size (944)
[329848.178999] pt: Adding buffer for #0, size (40)
[329848.183685] pt: Adding buffer for #1, size (4208)
[329848.224407] pt: offline:  registered

Shadow Stack Trigger - `dmesg` output

[329851.224733] pt: offline: attack-return.out registered
[329851.230333] pt: tracing shadow stack CFI violations, width of 2
[329851.256252] pt: Adding buffer for #2, size (40)
[329851.260925] pt: Adding buffer for #3, size (944)
[329851.270639] pt: Adding buffer for #4, size (40)
[329851.275372] pt: Adding buffer for #5, size (4224)
[329851.283123] pt: [pid:6286] failed: unmatched return: 400546
[329851.288866] pt:   Dumping trace from CFI shadow stack trigger.
[329851.294722] pt: Current buffer is #0, size (40)
[329851.299607] pt: Printing buffer #4 to 0, size (40)
[329851.303994] pt: offline:  registered

Debugging the Forward Edge Test

System Call Trigger - `dmesg` output

[329899.006887] pt: offline: attack-call.out registered
[329899.012561] pt: tracing system calls, width of 1
[329899.029466] pt:   System call captured. Will print to log.
[329899.035223] pt: Adding buffer for #4, size (40)
[329899.039929] pt: Adding buffer for #5, size (784)
[329899.047254] pt:   Dumping trace from syscall trigger. Called on 4, dumped on 0, width is 1.
[329899.055721] pt: Current buffer is #0, size (40)
[329899.060635] pt: Printing buffer #4 to 0, size (40)
[329899.065626] pt: Printing buffer #5 to 0, size (784)
[329899.070822] pt:   System call captured. Will print to log.
[329899.076504] pt: Adding buffer for #0, size (40)
[329899.081194] pt: Adding buffer for #1, size (656)
[329899.086849] pt: Adding buffer for #2, size (40)
[329899.091552] pt: Adding buffer for #3, size (7840)
[329899.100194] pt: forward-edge violation: 0 -> 65535 (40051b)
[329899.119556] pt: offline:  registered

Forward Edge Trigger - `dmesg` output

[329905.205371] pt: offline: attack-call.out registered
[329905.211037] pt: tracing fwd edge CFI violations, width of 2
[329905.229170] pt: Adding buffer for #4, size (40)
[329905.233903] pt: Adding buffer for #5, size (768)
[329905.256234] pt: Adding buffer for #0, size (40)
[329905.260874] pt: Adding buffer for #1, size (624)
[329905.266735] pt: Adding buffer for #2, size (40)
[329905.271436] pt: Adding buffer for #3, size (7840)
[329905.280198] pt: forward-edge violation: 0 -> 65535 (40051b)
[329905.286563] pt:   Dumping trace from CFI forward edge trigger.
[329905.292429] pt: Current buffer is #4, size (40)
[329905.297376] pt: Printing buffer #2 to 4, size (40)
[329905.302347] pt: Printing buffer #3 to 4, size (7840)
[329905.305092] pt: offline:  registered

4. Debugging Griffin Trace - TJAndHisStudents/Griffin-Trace GitHub Wiki

Debugging the Griffin Trace

Debugging the Shadow Stack Test

System Call Trigger - dmesg output

Shadow Stack Trigger - dmesg output

Debugging the Forward Edge Test

System Call Trigger - dmesg output

Forward Edge Trigger - dmesg output

System Call Trigger - `dmesg` output

Shadow Stack Trigger - `dmesg` output

System Call Trigger - `dmesg` output

Forward Edge Trigger - `dmesg` output