Developer Documentation

This section provides technical documentation for developers contributing to Revizor.

Development Guidelines

• Guide to Contributing: Overview of the contribution process and resources
• General Guidelines: Development environment setup, testing procedures, contribution workflow
• Code Style: Formatting conventions for Python and C code, naming conventions
• Git Workflow: Branch management, commit message format, merge procedures

Architecture and Modules

• Code Structure: Organization of the source code directory and key modules
• Overview: High-level system architecture and component interaction
  • Orchestration: Main fuzzing loop and coordination between components
  • ISA Specification: Instruction set architecture definitions and JSON-based specification format
  • Test Case Code Generation: Program generation algorithm and relevant classes
  • Test Case Data Generation: Data generation algorithm and relevant classes
  • Hardware Tracing: Execution of test cases on the target HW and hardware trace collection
  • Contract Tracing: Leakage modeling and contract trace generation (high-level overview; implementation details in backend-specific pages)
  • Trace Analysis: Comparison of contract and hardware traces to detect violations
  • Minimization: Post-detection reduction of test cases to minimal reproducing examples
  • Logging: Logging infrastructure and debugging facilities

Contract Modeling Backends

Revizor supports two different backends for contract-based leakage modeling. They are documented in the following pages:

• Unicorn Backend: Backend based on the Unicorn CPU emulator
• DynamoRIO Backend: Backend based on the DynamoRIO dynamic binary instrumentation engine