Get map file before and after instrumentation about dyninst HOT 9 OPEN

There's not a single API for that, but you could generate a CSV file of the instructions in each binary and then compare the outputs.

#include <iostream>
#include <iomanip>
#include "CodeObject.h"
#include "InstructionDecoder.h"

namespace dp = Dyninst::ParseAPI;
namespace di = Dyninst::InstructionAPI;

int main(int argc, char** argv) {
  if(argc != 2) {
    std::cerr << "Usage: " << argv[0] << " <file>\n";
    return -1;
  }
  
  auto* sts = new dp::SymtabCodeSource(argv[1]);
  auto* co = new dp::CodeObject(sts);
  
  for(auto* f : co->funcs()) {
    di::InstructionDecoder decoder(
      f->isrc()->getPtrToInstruction(f->addr()),
      di::InstructionDecoder::maxInstructionLength,
      f->region()->getArch()
    );
    auto insn = decoder.decode();
    auto prev_size = 0UL;
    while(insn.isValid()) {
      auto const loc = f->addr() + prev_size;
      std::cout << std::hex << "0x" << loc << "," << insn.format() << '\n';
      prev_size = insn.size();
      insn = decoder.decode(); 
    }
  }    
}

from dyninst.

Is there any way that I could insert an instruction right behind any address instead of jumping to .dyninst section? If so, it would be much easier for me to generate such a map file.

from dyninst.

That's not possible when doing dynamic instrumentation. It might be doable for static instrumentation. Which toolkit you are using to insert the ptwrite (BPatch, ParseAPI, etc.)?

from dyninst.

BPatch bpatch;

struct instruction_t {
    unsigned long address;
    std::vector<unsigned char> bytes;
};

std::vector<instruction_t> tracked_instructions;

class InstructionSnippet : public Dyninst::PatchAPI::Snippet {

public:
    InstructionSnippet() {}
    InstructionSnippet(std::vector<unsigned char> bytes) {instruction_bytes = bytes;}

    bool generate(Dyninst::PatchAPI::Point* pt, Dyninst::Buffer& buf) override {
        buf.copy(instruction_bytes.data(), instruction_bytes.size());
        return true;
    }

    private:
        std::vector<unsigned char> instruction_bytes;
};

BPatch_point* FindPoint(BPatch_image* image, Dyninst::Address address) {

    std::vector<BPatch_point*> points;
    image->findPoints(address, points);
    if (points.size() == 0) {
        std::cerr << "No address found: 1.address is inside of a instruction   2.address out of bound" << std::endl;
        exit(1);

    }
    else if (points.size() > 1) {
        std::cerr << "More than one address found" << std::endl;
        exit(1);
    }
    return points[0];
}

int main(int argc, char** argv) {

    // Open the input binary
    BPatch_binaryEdit* app = bpatch.openBinary(argv[1]);

    if (!app) {
        std::cerr << "Failed to open binary" << std::endl;
        return -1;
    }

    BPatch_image* image = app->getImage();


    for (auto instruction : tracked_instructions) {
        BPatch_point* point = FindPoint(image, instruction.address);
        Snippet::Ptr codeBufferSnippet = InstructionSnippet::create(new InstructionSnippet(instruction.bytes));
        Point* patch_point = Dyninst::PatchAPI::convert(point, BPatch_callAfter);
        patch_point->pushBack(codeBufferSnippet);
    }

    // Write the instrumented binary to disk
    app->writeFile(argv[2]);

    return 0;
}

Currently I use the code above to staticly rewrite a file, the tracked_instructions stores the instruction address I want to insert after it and the bytes of an instruction needed to be inserted. However, I do not want to introduce the .dyninstInst section since it makes harder for me to generate a map file. Is there any way for me to use any toolkit to achieve my goal?

from dyninst.

However, I do not want to introduce the .dyninstInst section since it makes harder for me to generate a map file.

There is no way to avoid this. If you instrument an already-instrumented binary, the Dyninst runtime library will fail. Adding a section is how a binary is "tagged" that it's been instrumented by Dyninst.

Is there any way for me to use any toolkit to achieve my goal?

I'm not sure. Let me take a look, and I will get back to you.

from dyninst.

Plus, I found that this demo can insert a ptwrite right behind the function entry. However, when I changed the Point::FuncEntry to an arbitrary address, things got failed. By the way, I wonder if I insert 200 ptwrite into the binary, is there necessary 200 more ptwrite in the rewrite file, or Dyninst may 'use' some ptwrite twice? At last, can I just simply assume that If I insert ptwrite in address order, in the rewritten file, ptwrite will also appear in address order. This will be very helpful for me in generating a map file.

from dyninst.

I'm not too sure what you mean by things god failed.
If you want to insert at a specific instruction, try PreInsn or PostInsn.

Here is an example trying to insert nop before a specific instruction.
https://github.com/dyninst/examples/blob/amdgpu_insert_snippet/insertSnippet/noop_snippet.cpp

Focus on the line 66-67 for the patchMgr->findPoints call.

from dyninst.

Hello,

I apologize if my previous explanations were not clear. My primary concern is the ability to insert a specific instruction at a designated address and to generate a map file that indicates the locations of the instructions before and after insertion.

Currently, I am able to insert an instruction(the code is attached in the previous comment), but I am struggling to find an effective way to generate this map file. To elaborate, I have an input file containing addresses of instructions and the bytecode of instructions that need to be inserted after these addresses. My goal is to complete the insertion and generate a map file that looks something like 0x40116e -> 0x521163: f3 0f ae e3. This file would serve to indicate and track the status of my insertions.

I would appreciate any guidance or suggestions on how to achieve this functionality.

Thank you for your assistance.

from dyninst.

You can run your program with DYNINST_DEBUG_RELOC=1,
which should generate some sort of trace of how blocks are being reallocated.
Then either you can parse the output file, or you add a new argument to the API to pass in a map that records/updates these information.

from dyninst.