Download presentation
Presentation is loading. Please wait.
1
AMD64/EM64T – Dyninst & ParadynMarch 17, 2005 The AMD64/EM64T Port of Dyninst and Paradyn Greg Quinn gquinn@cs.wisc.edu Ray Chen rchen@cs.umd.edu
2
AMD64/EM64T – Dyninst & Paradyn -2- Goals 64-bit Dyninst library and Paradyn daemon that handle both 32-bit and 64-bit mutatees Leverage as much existing functionality as possible
3
AMD64/EM64T – Dyninst & Paradyn -3- Talk Outline 32-Bit Compatibility 64-Bit Mode –Architectural Overview –Issues for Dyninst Current status and timeline for the port
4
AMD64/EM64T – Dyninst & ParadynMarch 17, 2005 32-Bit Compatibility
5
AMD64/EM64T – Dyninst & Paradyn -5- Problematic Porting Conceptually simple –ISA extension –Hardware compatibility –Pre-existing code base –Nightly regression tests
6
AMD64/EM64T – Dyninst & Paradyn -6- System Structures What’s wrong with this code? struct link_map { /* Base address shared object is loaded at.*/ ElfW(Addr) l_addr; /* Absolute file name object was found in.*/ char *l_name; /* Dynamic section of the shared object.*/ ElfW(Dyn) *l_ld; /* Chain of loaded objects. */ struct link_map *l_next, *l_prev; };
7
AMD64/EM64T – Dyninst & Paradyn -7- System Structures Compile-time decisions unacceptable Structure size depends on target platform –X86: sizeof( ElfW(Addr) ) == 4 –X86_64: sizeof( ElfW(Addr) ) == 8 Similar problem with pointer data types #define ElfW(type) \ Elf ## __ELF_NATIVE_CLASS ## type
8
AMD64/EM64T – Dyninst & Paradyn -8- System Structures No backwards compatible structure –Must create and maintain our own Multiple structures affected –link_map, r_debug, libelf routines struct link_map_dyn32 { Elf32_Addr l_addr; uint32_t l_name; uint32_t l_ld; uint32_t l_next, l_prev; };
9
AMD64/EM64T – Dyninst & Paradyn -9- System Structures Class based solution –Hierarchy with 32-bit and 64-bit siblings –Virtual functions instead of control structures Multiple benefits –No code duplication –Less source clutter –Minor function call overhead
10
AMD64/EM64T – Dyninst & Paradyn -10- What Works? Operation on 32-bit binaries at 95% –Passes most nightly regression tests Tests 1-12, attach, relocate –Save the World not fully tested Existing x86 shared library issue
11
AMD64/EM64T – Dyninst & ParadynMarch 17, 2005 64-Bit Mode Architectural Overview
12
AMD64/EM64T – Dyninst & Paradyn -12- Registers 32-bit Mode: –Eight 32-bit registers EAX EBX ECX EDX EBP ESP EDI ESI
13
AMD64/EM64T – Dyninst & Paradyn -13- Registers 32-bit Mode: –Eight 32-bit registers 64-bit Mode: –Registers extended to 64 bits RAX RBX RCX RDX RBP RSP RDI RSI
14
AMD64/EM64T – Dyninst & Paradyn -14- Registers 32-bit Mode: –Eight 32-bit registers 64-bit Mode: –Registers extended to 64 bits –Eight additional registers RAX RBX RCX RDX RBP RSP RDI RSI R8 R9 R10 R11 R12 R13 R14 R15
15
AMD64/EM64T – Dyninst & Paradyn -15- Registers Encoded using REX prefix: WRXB0100 Determines Width of Operation (32/64) Serve as High Order Bits for Register Numbers
16
AMD64/EM64T – Dyninst & Paradyn -16- Immediate Values Variable-length instructions allow for register-sized immediates (8 bytes) –MOV RAX, 0x1234567890abcdef This is the only way to specify an 8-byte value in an instruction Most importantly for Dyninst: –there is no JMP w/ 8-byte displacement
17
AMD64/EM64T – Dyninst & ParadynMarch 17, 2005 Handling 64-Bit Mutatees
18
AMD64/EM64T – Dyninst & Paradyn -18- Instruction Parsing x86 instruction parser collects basic block information and searches for instrumentation points We can use the same parsing algorithm for 64-bit mutatees –Architectural changes are abstracted away by instruction decoding –Bonus: support for stripped binaries
19
AMD64/EM64T – Dyninst & Paradyn -19- Executing Instrumentation Dyninst maintains a heap of non-contiguous memory areas in the mutatee Instrumentation points jump to code in nearby heap region Code for this already exists (AIX, Solaris) executable library code Mutatee Address Space
20
AMD64/EM64T – Dyninst & Paradyn -20- Executing Instrumentation Dyninst maintains a heap of non-contiguous memory areas in the mutatee Instrumentation points jump to code in nearby heap region Code for this already exists (AIX, Solaris) executable dyninst heap region library code Mutatee Address Space
21
AMD64/EM64T – Dyninst & Paradyn -21- Executing Instrumentation Dyninst maintains a heap of non-contiguous memory areas in the mutatee Instrumentation points jump to code in nearby heap region Code for this already exists (AIX, Solaris) executable dyninst heap region library code Mutatee Address Space >> 4GB spacing
22
AMD64/EM64T – Dyninst & Paradyn -22- Executing Instrumentation Dyninst maintains a heap of non-contiguous memory areas in the mutatee Instrumentation points jump to code in nearby heap region Code for this already exists (AIX, Solaris) executable dyninst heap region library code dyninst heap region Mutatee Address Space >> 4GB spacing
23
AMD64/EM64T – Dyninst & Paradyn -23- Code Generation Improved architecture allows for more efficient code generation –Stack no longer used for passing arguments –More registers means stack no longer needed for temporary values
24
AMD64/EM64T – Dyninst & Paradyn -24- Good Things™ We have been able to leverage x86 port extensively (code reuse) Some 32-bit headaches go away –Non-standard optimizations in mutatee code (_dl_open example) More registers allow for more efficient instrumentation code
25
AMD64/EM64T – Dyninst & Paradyn -25- Status/Timeline Now working: –32-bit support –Instruction decoding, parsing Left to do: –Code generation –Memory allocation –Counter, timers, and sampling code for Paradyn Beta release: 2Q05 –Available for partners and friends Production release: 3Q05
26
AMD64/EM64T – Dyninst & Paradyn -26- Questions?
Similar presentations
