Hi,
i'm trying to instrument the chromium binary and have a message printed
before GLES2GetError called.
I've used the example code from the DyninstAPI.pdf (attached) to which I
added
bpatch.setTrampRecursive(true) and bpatch.setSaveFPR(false)
The way I'm running it is :
DYNINSTAPI_RT_LIB=/usr/local/lib/libdyninstAPI_RT.so ./a.out
path/to/chrome chrome
I've compiled chromium so it contains debugging symbols and has around 1.3
GB.
With instrumenation, the first log message from chrome shows up after 14
minutes,
and that's it. It doesn't continue
Any tweaks I'm missing to make things faster ?
thanks
#include "BPatch.h"
#include "BPatch_addressSpace.h"
#include "BPatch_process.h"
#include "BPatch_binaryEdit.h"
#include "BPatch_function.h"
#include "BPatch_point.h"
#include "BPatch_flowGraph.h"
#include <string>
// Example 1: create_process an instance of class BPatch
BPatch bpatch;
// Example 2: attaching, creating, or opening a file for rewrite
typedef enum {
create_process,
attach_process,
open_binary }
accessType_t;
BPatch_addressSpace *startInstrumenting(accessType_t accessType,
const char *name,
int pid, // For attach_process
const char *argv[])
{ // For create_process
BPatch_addressSpace *handle = NULL;
switch (accessType) {
case create_process:
handle = bpatch.processCreate(name, argv);
break;
case attach_process:
handle = bpatch.processAttach(name, pid);
break;
case open_binary:
handle = bpatch.openBinary(name);
break;
}
bpatch.setTrampRecursive(true);
bpatch.setSaveFPR(false);
return handle;
}
// Example 2: find the entry point for "InterestingProcedure"
std::vector<BPatch_point *> *findEntryPoint(BPatch_addressSpace *app) {
std::vector<BPatch_function *> functions;
std::vector<BPatch_point *> *points;
BPatch_image *appImage = app->getImage();
appImage->findFunction("GLES2GetError", functions);
points = functions[0]->findPoint(BPatch_entry);
return points;
}
// Example 3: create_process and insert an increment snippet
void createAndInsertSnippet(BPatch_addressSpace *app, std::vector<BPatch_point *> *points) {
BPatch_image *appImage = app->getImage();
// create_process a snippet that calls printf with each effective address
vector< BPatch_snippet * > printfArgs;
BPatch_constExpr arg0 ( "before GLES2GetError\n" );
printfArgs.push_back( & arg0 );
BPatch_paramExpr arg1 (0);
printfArgs.push_back( & arg1 );
std::vector<BPatch_function *> printfFuncs;
appImage->findFunction("printf", printfFuncs);
BPatch_funcCallExpr callPrintf( *(printfFuncs[0]), printfArgs );
app->insertSnippet(callPrintf, *points);
}
// Example 4: finish things up (continue or write out)
void finishInstrumenting(BPatch_addressSpace *app, const char *newName) {
BPatch_process *appProc = dynamic_cast<BPatch_process *>(app);
BPatch_binaryEdit *appBin = dynamic_cast<BPatch_binaryEdit *>(app);
if (appProc) {
appProc->continueExecution();
while (!appProc->isTerminated()) {
bpatch.waitForStatusChange();
}
}
if (appBin) {
appBin->writeFile(newName);
}
}
int main(int argc, const char* argv[]) {
if ( argc < 3 ) {
fprintf(stderr, "usage: wrap path-to-exec processname\n");
exit(EXIT_FAILURE);
}
const char *progName = argv[1];
int progPID = 42; // = ...
const char *progArgv[] = {argv[2], "--no-sandbox", NULL}; // = ...
// Example 1: create_process/attach_process/open_binary a binary
BPatch_addressSpace *app = startInstrumenting(
create_process, // or attach_process or open_binary
progName,
progPID,
progArgv);
// Example 2: get entry point
std::vector<BPatch_point *> *entryPoint = findEntryPoint(app);
// Example 3: create_process and insert increment snippet
createAndInsertSnippet(app, entryPoint);
// Example 4: finish up instrumenting
finishInstrumenting(app, progName);
return 0;
}
_______________________________________________
Dyninst-api mailing list
[email protected]
https://lists.cs.wisc.edu/mailman/listinfo/dyninst-api
