On 03/23/2014 08:52 PM, Jiten Pathy wrote:
Hello,
The problem at hand is to do some operation on the dynamic target at
basic block exit.
I tried to use the following to test dynamic target:

BPatch_dynamicTargetExpr dt;
appBin->insertSnippet(dt, *((*bb)->findExitPoint()), BPatch_callBefore);

Doesn't work:
[../dyninstAPI/src/ast.C:1868] ERROR: failure to generate operand

I'll take a look at this when I get a chance; dynamic target expressions IIRC were designed for call sites and may be missing something on branches. Are you inserting this at blocks terminated with indirect branches/calls, or at all blocks? It's also possible (probable, even) that a dynamicTargetExpr isn't implemented for the case where the targets are statically resolvable, so if you're trying to insert this snippet at all block exits, I'd expect it to fail for some of them.


With some snippets it does save and restore of all registers including
xmm registers(doesn't do liveness analysis?)

Full XMM saves should be gone in our upcoming 8.2 release, replaced with independent saves/restores; everything else should already be independently saved and restored in 8.1 (except obviously for flags). The caveats here are that we assume the ABI both for liveness within a function and registers that can be written by function calls in instrumentation; this can be overzealous.

If you can point me to a rewritten binary and the mutator that generated it, I can see if there are any obvious mutator tricks that will help you optimize.

So is there a way to insert raw bytes(opcodes?) at a point.
  I tried to use PatchAPI, but probably i am doing it wrong?
the following didn't work for me:

class MySnippet : public Snippet {
         public:
                 virtual bool generate(Point *pt, Buffer &buf) {
                         buf.copy((void*)"AAAAAAAAAAAAAAAAAAA", 20);
                         return true;
                 }
};

auto pmgr = convert(appImage);
Patcher patcher(pmgr);

auto pb = convert(*bb);
auto pt = pmgr->findPoint(Location::Instruction(pb, pb->last()),
Point::PreInsn);
if (pt != NULL) {
     MySnippet::Ptr snippet = MySnippet::create(new MySnippet);
     patcher.add(PushBackCommand::create(pt, snippet));
}

patcher.commit();
appBin->writeFile(outBinary);

I'll dig up some of the binary modification sample code we've got and send it your way off-list. The generate method you've got looks like it's doing the right thing but it looks like you're missing a fair bit of the machinery that translates from a patched address space to a working binary on disk. In general, if you want to optimize the instrumentation you insert but want it to be instrumentation semantically, you'll be better off working within the BPatch interface and optimizing the actual snippets, though. The real strength of the PatchAPI interface is in modifying the structure of the binary.

Any help would be appreciated.
_______________________________________________
Dyninst-api mailing list
Dyninst-api@cs.wisc.edu
https://lists.cs.wisc.edu/mailman/listinfo/dyninst-api



--
--bw

Bill Williams
Paradyn Project
b...@cs.wisc.edu
_______________________________________________
Dyninst-api mailing list
Dyninst-api@cs.wisc.edu
https://lists.cs.wisc.edu/mailman/listinfo/dyninst-api

Reply via email to