PIN debugger
The PIN debugger is a remote debugger plugin used to record execution traces. It allows to record traces on Linux and Windows (x86 and x86_64) from any of the supported IDA platforms (Windows, Linux and MacOSX). Support for MacOSX targets is not yet available. Please see the section PIN support for MacOSX for more details on this subject.
To use the PIN debugger plugin the following steps must be carried out:
Download the appropriate version of PIN from http://www.pintool.org
- PIN Binary Path: Full path to the pin binary.
PIN Tool Path: Directory where the idadbg.so or .dll PIN tool resides.
Tracing options:
Instruction tracing: trace individual instructions
Basic block tracing: trace basic blocks
Function tracing: trace functions
Recording of register values: record register values or not. If this option is disabled, only EIP/RIP will be recorded.
PIN Tool options:
Autolaunch pin for "localhost": When this option is set and the host name specified in Debugger, Process Options is "localhost", the PIN tool will be executed by IDA. Otherwise IDA expects the PIN tool to be already running and listening. Please refer to Connecting a remote PIN tool instance from IDA for more details.
Debug mode: This flag allows one to see what's happening in the PIN tool side. It prints out some debugging information.
Extra-arguments: Additional command line arguments to be used when constructing the command line to launch PIN locally. The extra arguments can be added before the PIN tool specification (before '-t /path/to/pin/tool) or after the PIN tool (after '-t /path/to/pin/tool' but before '-- application'). Please consult the section "Command Line Switches" of the Intel PIN manual for more details. Optionally you can launch PIN yourself and connect to it from IDA. See Connecting a remote PIN tool instance from IDA for more details.
Last updated