#!/bin/bash
set -u
OUT="/home/fabi/RE Project Sylpheed/xenia-rs/audit-runs/audit-037-record-populator/canary-probes"
BIN="/home/fabi/RE Project Sylpheed/xenia-canary/build/bin/Linux/Debug/xenia_canary"
ISO="/home/fabi/RE Project Sylpheed/xenia-rs/sylpheed.iso"
mkdir -p "$OUT"
cd "$OUT"
# Writer PCs from mem-watch:
#   0x8245d290 = sub_8245D230 zero-fill loop body
#   0x8245d300 = sub_8245D230 element-copy stage
#   0x8244fc98 = sub_8244FC90 prologue (struct-init)
#   0x82450ec0 = sub_82450B68 (clears +0x24)
#   0x825f1094 = memcpy byte-tail prologue
# Also probe the entry of each containing function for clearer attribution
for PC in 0x8245d290 0x8245d300 0x8244fc98 0x82450ec0 0x825f1094 \
          0x8245d230 0x8244fc90 0x82450b68 0x825f1000 \
          0x824503a0 0x82459d18; do
  echo "=== probing $PC ==="
  "$BIN" "$ISO" --log_level=3 --disable_instruction_infocache=true --log_lr_on_pc=$PC > "canary-${PC}.log" 2>&1 &
  PID=$!
  sleep 30
  kill -KILL $PID 2>/dev/null || true
  pkill -KILL -f "xenia_canary.*log_lr_on_pc=$PC" 2>/dev/null || true
  wait $PID 2>/dev/null || true
  sleep 1
  COUNT=$(grep -c 'TRACE-PC-LR' "canary-${PC}.log" 2>/dev/null || echo 0)
  echo "$PC fires=$COUNT"
done
echo "ALL DONE"