Presentation is loading. Please wait.

Presentation is loading. Please wait.

Paradyn Project Paradyn / Dyninst Week Madison, Wisconsin April 12-14, 2010 Binary Rewriting with Dyninst Madhavi Krishnan and Dan McNulty.

Published byKellie Dean Modified over 9 years ago

Similar presentations

Presentation on theme: "Paradyn Project Paradyn / Dyninst Week Madison, Wisconsin April 12-14, 2010 Binary Rewriting with Dyninst Madhavi Krishnan and Dan McNulty."— Presentation transcript:

1 Paradyn Project Paradyn / Dyninst Week Madison, Wisconsin April 12-14, 2010 Binary Rewriting with Dyninst Madhavi Krishnan and Dan McNulty

2 Talk Outline Binary Rewriter Review Implementation Challenges New Features Rewriting Statically Linked Binaries Conclusion 2 Binary Rewriting with Dyninst

3 Binary Rewriting 3 Binary Rewriting with Dyninst libc Dyninst Binary Rewriter Dyninst Binary Rewriter a.out.rewritten libprofile Rewrite executables Rewrite libraries Add new libraries to binaries a.out libc.rewritten

4 Binary Rewriter Capabilities Instrument once, run many Support more systems (BlueGene, FreeBSD, …) Operate on unmodified binaries No debug information required No linker relocations required No symbols required Rewritten binary need not be compiled or linked 4 Binary Rewriting with Dyninst Dynamic instrumentation and binary rewriting use the same abstractions and interfaces

5 /* Setup */ BPatch_addressSpace *addr_space; if (use_bin_edit) addr_space = BPatch.openFile(“a.out”); else addr_space = BPatch.createProcess(“a.out”); /* Instrumentation */ addr_space->loadLibrary(“libInstrumentation.so”); addr_space->getImage()->findFunction(“func”, funcs); … addr_space->insertSnippet(callExpr, point); /* Finalize */ if (use_bin_edit) { app_bin->writeFile(a.rewritten.out); } else { app_proc->continueExecution(); } Binary Rewriter Example

6 6 Binary Rewriting with Dyninst

7 Challenges Complex Standards Executable and Linkable Format(ELF) System V Standard Linux Standard Base (LSB) Accessing information in the original binary file Redundant information Inconsistent! E.g., Section size stored in headers and dynamic section Writing a new binary file Updating sections with new information Not precisely defined by standards! E.g., Adding new symbol to hash section 7 Binary Rewriting with Dyninst

8 Challenges Implementation of the standards Libraries and tools OS Assigning meaning to undefined behavior Symbols with no name and no type Stringent requirements by libelf Section alignment Unexpected restrictions by the OS Program header must be on first page Loader assumes relocation sections are adjacent 8 Binary Rewriting with Dyninst

9 What is New in the Binary Rewriter? Linux/PowerPC32 port Handling run time events with the binary rewriter Support for rewriting static binaries 9 Binary Rewriting with Dyninst

10 Dealing with Position Independent Code (PIC) What is PIC? Why deal with PIC? PowerPC specific challenges Identifying PIC idiom Determining current PC Linux/PowerPC32 Port 10 Binary Rewriting with Dyninst 0x1000 0x2000 0x3000 Code Data Shared library Address space PC relative references

11 Initialize and finalize instrumentation Handling Run Time Events 11 Binary Rewriting with Dyninst Dyninst MutatorMutatee Process process load … Events OneTimeCode Callback

12 Initialize and finalize instrumentation Handling Run Time Events 12 Binary Rewriting with Dyninst Mutatee Binary process load … Events ? Snippet to handle the event init/fini section A general framework to handle run time events

13 libnew.solibnew.a Rewriting Static Binaries 13 Binary Rewriting with Dyninst Dynamic BinaryStatic Binary Headers Dynamic Linker Code libm.solibc.solibnew.so Shared Libraries ? Static Library Code Data Headers Code Data

14 Adding New Libraries to Static Binaries Link code and data from the new libraries into the binary Can we use use an existing linker? Dyninst must become a linker 14 Binary Rewriting with Dyninst Static Binary Headers Code Data libnew.a

15 Rewriting a Static Binary 15 Binary Rewriting with Dyninst Headers Code Data Let’s start with this simple picture of a binary

16 Code Data libdyninstRT.a Code Data libprofile.a Code Data libc.a Rewriting a Static Binary 16 Binary Rewriting with Dyninst First, load new libraries Headers Code Data

17 Rewriting a Static Binary 17 Binary Rewriting with Dyninst Second, generate instrumentation to reference new libraries References Headers Code Data Instrumentation Code Data libdyninstRT.a Code Data libprofile.a Code Data libc.a

18 Rewriting a Static Binary 18 Binary Rewriting with Dyninst Third, link code and data from the new libraries into the binary Headers Code Data Instrumentation libdyninstRT.a Code libprofile.a Code libc.a Code libdyninstRT.a Data libprofile.a Data libc.a Data Code Data libdyninstRT.a Code Data libprofile.a Code Data libc.a References

19 Rewriting a Static Binary 19 Binary Rewriting with Dyninst Finally, update the headers Old Headers Code Data Instrumentation libdyninstRT.a Code libprofile.a Code libc.a Code libdyninstRT.a Data libprofile.a Data libc.a Data New Headers

20 Challenges in Rewriting Static Binaries Dyninst must become a linker 20 Binary Rewriting with Dyninst Object File Static Library Linker Not Finalized Static Binary Finalized relinker Dyninst Binary Rewriter New Library

21 Challenges in Rewriting Static Binaries Relinking is harder than linking Thread Local Storage (TLS) Constructor and destructor tables Supporting TLS Need to link together multiple TLS sections TLS sections must be adjacent Move existing TLS section to the end and append new TLS sections Update program header 21 Binary Rewriting with Dyninst

22 Challenges in Rewriting Static Binaries Unexpected interactions within the tool chain 22 Binary Rewriting with Dyninst gccld Standard Format Unpublished conventions Dyninst Binary Rewriter New LibraryLinked Binary

23 /* Setup */ BPatch_addressSpace *addr_space; if (use_bin_edit) addr_space = BPatch.openFile(“a.out”); else addr_space = BPatch.createProcess(“a.out”); /* Instrumentation */ if( addr_space->isStaticExecutable() ) { addr_space->loadLibrary(“libprofile.a”); addr_space->loadLibrary(“libc.a”); } else { addr_space->loadLibrary(“libprofile.so”); } … /* Finalize */ if (use_bin_edit) { app_bin->writeFile(a.rewritten.out); } else { app_proc->continueExecution(); } Binary Rewriter Example

24 Binary Rewriter Status Rewriting dynamic binaries Linux/x86 Linux/x86_64 Linux/PowerPC32 Rewriting static binaries Linux/x86 Linux/x86_64 24 Binary Rewriting with Dyninst

25 Future Directions Rewriting dynamically linked binaries PowerPC64 Rewriting statically linked binaries PowerPC Family Ports to new platforms and object formats FreeBSD (ELF) Windows (PE, PDB) AIX (XCOFF) Update debug information (DWARF) in rewritten binaries 25 Binary Rewriting with Dyninst

26 Demo on Tuesday: Scalasca, TAU, Paraver Questions? 26 Binary Rewriting with Dyninst

Download ppt "Paradyn Project Paradyn / Dyninst Week Madison, Wisconsin April 12-14, 2010 Binary Rewriting with Dyninst Madhavi Krishnan and Dan McNulty."

Similar presentations

Hand-Held Devices and Embedded Systems Course Student: Tomás Sánchez López Student ID: 20042116.

Hand-Held Devices and Embedded Systems Course Student: Tomás Sánchez López Student ID:
Programs in Memory Bryce Boe 2012/08/29 CS32, Summer 2012 B.

Programs in Memory Bryce Boe 2012/08/29 CS32, Summer 2012 B.
lld The LLVM Linker Friday, April 13, 2012

lld The LLVM Linker Friday, April 13, 2012
Message Queue Dumping MPI Side Document. History MPIR and MQD were designed around 1995 MPIR: Process discovery Formally described in the MPIR document.

Message Queue Dumping MPI Side Document. History MPIR and MQD were designed around 1995 MPIR: Process discovery Formally described in the MPIR document.
Procedures Procedures are very important for writing reusable and maintainable code in assembly and high-level languages. How are they implemented? Application.

Procedures Procedures are very important for writing reusable and maintainable code in assembly and high-level languages. How are they implemented? Application.
Program Development Tools The GNU (GNU’s Not Unix) Toolchain The GNU toolchain has played a vital role in the development of the Linux kernel, BSD, and.

Program Development Tools The GNU (GNU’s Not Unix) Toolchain The GNU toolchain has played a vital role in the development of the Linux kernel, BSD, and.
Assembler/Linker/Loader Mooly Sagiv html://www.cs.tau.ac.il/~msagiv/courses/wcc11-12.html Chapter 4.3 J. Levine: Linkers & Loaders

Assembler/Linker/Loader Mooly Sagiv html:// Chapter 4.3 J. Levine: Linkers & Loaders
Linkage Editors Difference between a linkage editor and a linking loader: Linking loader performs all linking and relocation operations, including automatic.

Linkage Editors Difference between a linkage editor and a linking loader: Linking loader performs all linking and relocation operations, including automatic.
Linking & Loading CS-502 Operating Systems

Linking & Loading CS-502 Operating Systems
Lecture 10: Linking and loading. Lecture 10 / Page 2AE4B33OSS 2011 Contents Linker vs. loader Linking the executable Libraries Loading executable ELF.

Lecture 10: Linking and loading. Lecture 10 / Page 2AE4B33OSS 2011 Contents Linker vs. loader Linking the executable Libraries Loading executable ELF.
Mr. D. J. Patel, AITS, Rajkot 1 Operating Systems, by Dhananjay Dhamdhere1 Static and Dynamic Memory Allocation Memory allocation is an aspect of a more.

Mr. D. J. Patel, AITS, Rajkot 1 Operating Systems, by Dhananjay Dhamdhere1 Static and Dynamic Memory Allocation Memory allocation is an aspect of a more.
Linkers and Loaders 1 Linkers & Loaders – A Programmers Perspective.

Linkers and Loaders 1 Linkers & Loaders – A Programmers Perspective.
The Functions and Purposes of Translators Code Generation (Intermediate Code, Optimisation, Final Code), Linkers & Loaders.

The Functions and Purposes of Translators Code Generation (Intermediate Code, Optimisation, Final Code), Linkers & Loaders.
CS 31003: Compilers ANIRUDDHA GUPTA 11CS10004 G2 CLASS DATE : 24/07/2013.

CS 31003: Compilers ANIRUDDHA GUPTA 11CS10004 G2 CLASS DATE : 24/07/2013.
1 Starting a Program The 4 stages that take a C++ program (or any high-level programming language) and execute it in internal memory are: Compiler - C++

1 Starting a Program The 4 stages that take a C++ program (or any high-level programming language) and execute it in internal memory are: Compiler - C++
Loaders and Linkers Object Program contains the information:

Loaders and Linkers Object Program contains the information:
Mehmet Can Vuran, Instructor University of Nebraska-Lincoln Acknowledgement: Overheads adapted from those provided by the authors of the textbook.

Mehmet Can Vuran, Instructor University of Nebraska-Lincoln Acknowledgement: Overheads adapted from those provided by the authors of the textbook.
Paradyn Project Paradyn / Dyninst Week Madison, Wisconsin May 2-4, 2011 ProcControlAPI and StackwalkerAPI Integration into Dyninst Todd Frederick and Dan.

Paradyn Project Paradyn / Dyninst Week Madison, Wisconsin May 2-4, 2011 ProcControlAPI and StackwalkerAPI Integration into Dyninst Todd Frederick and Dan.
Paradyn Project Paradyn / Dyninst Week College Park, Maryland March 26-28, 2012 Paradyn Project Upcoming Features in Dyninst and its Components Bill Williams.

Paradyn Project Paradyn / Dyninst Week College Park, Maryland March 26-28, 2012 Paradyn Project Upcoming Features in Dyninst and its Components Bill Williams.
Assembler/Linker/Loader Mooly Sagiv html://www.cs.tau.ac.il/~msagiv/courses/wcc04.html Chapter 4.3.

Assembler/Linker/Loader Mooly Sagiv html:// Chapter 4.3.

Similar presentations

Ads by Google