Hi Bill and Mike,
thanks a lot for these pointers! This is great example code.
I'll give it a try today. I'm not sure if I can use the method of splitting blocks. I presume this introduces additional branches. Their overhead would probably be as large as the overhead from the instructions that I try to eliminate. I will look at your code, experiment a bit, and see what happens.
Best, Jonas
Jonas,
I'm Mike Lam, the original author of CRAFT. If you're interested in
using Dyninst to replace certain instructions, I'd encourage you to
look over the buildReplacement function in fpinst.cpp:
http://sourceforge.net/p/crafthpc/code/ci/master/tree/src/fpinst.cpp
That function calls buildDefaultReplacementCode (which is different
depending on what kind of FPAnalysis gets passed in), to get a Dyninst
snippet object. However, you shouldn't need to worry about that if
you're replacing with a nop because I think you can just use a
BPatch_nullExpr.
The rest of the code splits the original basic block twice to remove
the given instruction, creates a new block for the snippet, and then
rearranges all necessary edges to insert the new block in the place of
the old instruction.
If you have questions I can attempt to answer them although I haven't
touched this code in a while. Also, the code hasn't been updated from
8.1.2 yet so there may be a couple of minor API changes that you'll
need to work around.
-- mike
On Wed, Jan 6, 2016 at 11:57 AM, Bill Williams <bill@xxxxxxxxxxx> wrote:
> On 01/06/2016 07:38 AM, Jonas Wagner wrote:
>
> Hello,
>
> Iâd like to dynamically modify a binary and change branches to NOPs and
> back. I wondered whether DynInst (in particular PatchAPI) would be a
> suitable tool for this. What do you think?
>
> Hereâs what Iâd like to do in more detail: I have a program that contains
> branches like the one below.
>
> ... some code ...
> 21d0: Âcmpb Â$0x0, branch_flag
>   Ââ jne  2221
> ... some more code ...
>
> These branches are usually not taken because the branch_flag is set to zero.
> Nevertheless, there is some cost for loading the flag and the non-taken
> branch. I would like to get rid of this cost as much as possible, by
> replacing that sequence of instructions with NOPs.
>
> In a later stage, Iâd also like to undo some of these replacements, or even
> change the conditional branch into an unconditional branch.
>
> PatchAPI is indeed a right tool for the job here out of the Dyninst toolkit,
> and the CRAFT tool is our best example of how to perform this type of
> instruction replacement (http://sourceforge.net/projects/crafthpc/)
>
> The general idea is that you split the block containing the instructions you
> want to replace into those instructions and the remainder, replace the block
> with just the undesirable instructions with your desired code, and stitch
> things back together.
>
> There are probably better ways to do this specific sort of manipulation,
> given that you can guarantee that you're either modifying whole instructions
> or opcode bytes one-for-one. It might be more efficient and natural to look
> at the ProcControl breakpoint mechanism and look at building something based
> on that infrastructure combined with ParseAPI's knowledge of instruction
> locations.
>
> Hope this is helpful, and let us know how it works out.
>
> --bw
>
> Would PatchAPI be suitable for these kind of tasks? Do you have any hints
> for how I could use it, or what would be a better alternative?
>
> Thanks a lot!
> Jonas
>
>
>
> _______________________________________________
> Dyninst-api mailing list
> Dyninst-api@xxxxxxxxxxx
> https://lists.cs.wisc.edu/mailman/listinfo/dyninst-api
>
>
|
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif){kind=logo}