SniP: An Efficient Stack Tracing Framework for Multi-threaded Programs


Usage of the execution stack at run-time captures the dynamic state of programs and can be used to derive useful insights into the program behaviour. The stack usage information can be used to identify and debug performance and security aspects of applications. Binary run-time instrumentation techniques are well known to capture the memory access traces during program execution. Tracing the program in entirety and filtering out stack specific accesses is a commonly used technique for stack related analysis. However, applying vanilla tracing techniques (using tools like Intel Pin) for multi-threaded programs has challenges such as identifying the stack areas to perform efficient run-time tracing.

In this paper, we introduce SniP, an open-source stack tracing framework for multi-threaded programs built around Intel’s binary instrumentation tool Pin. SniP provides a framework for efficient run-time tracing of stack areas used by multi-threaded applications by identifying the stack areas dynamically. The targeted tracing capability of SniP is demonstrated using a range of multi-threaded applications to show its efficacy in terms of trace size and time to trace. Compared to full program tracing using Pin, SniP achieves up to 75X reduction in terms of trace file size and up to 24X reduction in time to trace. SniP complements existing trace based stack usage analysis tools and we demonstrate that SniP can be easily integrated with the analysis framework through different use-cases.

2022 IEEE/ACM 19th International Conference on Mining Software Repositories (MSR-2022). [Core: A Ranked]
Saurabh Kumar
Saurabh Kumar
Postdoctoral Scholar

My research interests include cyber security, Android security, malware analysis and ceyber forensics.