[DynInst_API:] Unable to instrument chromium

[Adrian M Negreanu <groleo@xxxxxxxxx>]

Hi,

i'm trying to instrument the chromium binary and have a message printed

before GLES2GetError called.

I've used the example code from the DyninstAPI.pdf (attached) to which I added
 bpatch.setTrampRecursive(true) and bpatch.setSaveFPR(false)

The way I'm running it is :
 DYNINSTAPI_RT_LIB=/usr/local/lib/libdyninstAPI_RT.so ./a.out path/to/chrome chrome

I've compiled chromium so it contains debugging symbols and has around 1.3 GB.

With instrumenation, the first log message from chrome shows up after 14 minutes,

and that's it. It doesn't continue

Any tweaks I'm missing to make things faster ?

thanks

#include "BPatch.h"
#include "BPatch_addressSpace.h"
#include "BPatch_process.h"
#include "BPatch_binaryEdit.h"
#include "BPatch_function.h"
#include "BPatch_point.h"
#include "BPatch_flowGraph.h"
#include <string>
// Example 1: create_process an instance of class BPatch
BPatch bpatch;
// Example 2: attaching, creating, or opening a file for rewrite
typedef enum {
	create_process,
	attach_process,
	open_binary }
 accessType_t;

BPatch_addressSpace *startInstrumenting(accessType_t accessType,
		const char *name,
		int pid, // For attach_process
		const char *argv[])
{ // For create_process
	BPatch_addressSpace *handle = NULL;
	switch (accessType) {
		case create_process:
			handle = bpatch.processCreate(name, argv);
			break;
		case attach_process:
			handle = bpatch.processAttach(name, pid);
			break;
		case open_binary:
			handle = bpatch.openBinary(name);
			break;
	}
	bpatch.setTrampRecursive(true);
	bpatch.setSaveFPR(false);
	return handle;
}
// Example 2: find the entry point for "InterestingProcedure"
std::vector<BPatch_point *> *findEntryPoint(BPatch_addressSpace *app) {
	std::vector<BPatch_function *> functions;
	std::vector<BPatch_point *> *points;
	BPatch_image *appImage = app->getImage();
	appImage->findFunction("GLES2GetError", functions);
	points = functions[0]->findPoint(BPatch_entry);
	return points;
}
// Example 3: create_process and insert an increment snippet
void createAndInsertSnippet(BPatch_addressSpace *app, std::vector<BPatch_point *> *points) {
	BPatch_image *appImage = app->getImage();

	// create_process a snippet that calls printf with each effective address
	vector< BPatch_snippet * > printfArgs;
	BPatch_constExpr arg0 ( "before GLES2GetError\n" );
	printfArgs.push_back( & arg0 );
	BPatch_paramExpr arg1 (0);
	printfArgs.push_back( & arg1 ); 
	std::vector<BPatch_function *> printfFuncs;
	appImage->findFunction("printf", printfFuncs);
	BPatch_funcCallExpr callPrintf( *(printfFuncs[0]), printfArgs );
	app->insertSnippet(callPrintf, *points);
}
// Example 4: finish things up (continue or write out)
void finishInstrumenting(BPatch_addressSpace *app, const char *newName) {
	BPatch_process *appProc = dynamic_cast<BPatch_process *>(app);
	BPatch_binaryEdit *appBin = dynamic_cast<BPatch_binaryEdit *>(app);
	if (appProc) {
		appProc->continueExecution();
		while (!appProc->isTerminated()) {
			bpatch.waitForStatusChange();
		}
	}
	if (appBin) {
		appBin->writeFile(newName);
	}
}
int main(int argc, const char* argv[]) {
	if ( argc < 3 ) {
		fprintf(stderr, "usage: wrap  path-to-exec  processname\n");
		exit(EXIT_FAILURE);
	}
	const char *progName = argv[1];
	int progPID = 42; // = ...
	const char *progArgv[] = {argv[2], "--no-sandbox", NULL}; // = ...
	// Example 1: create_process/attach_process/open_binary a binary
	BPatch_addressSpace *app = startInstrumenting(
			create_process, // or attach_process or open_binary
			progName,
			progPID,
			progArgv);
	// Example 2: get entry point
	std::vector<BPatch_point *> *entryPoint = findEntryPoint(app);
	// Example 3: create_process and insert increment snippet
	createAndInsertSnippet(app, entryPoint);
	// Example 4: finish up instrumenting
	finishInstrumenting(app, progName);
	return 0;
}