|
From: Josef W. <Jos...@gm...> - 2006-06-06 13:59:38
|
On Monday 05 June 2006 20:56, Eric Li wrote:
> Is there a module that parses binaries to BB's that I can use?
I once did a Valgrind tool (for 2.x) to get static infos about binaries.
The first time an ELF object was touched, I iterated over the code segment
space [start;end[ like this, ignoring code without debug info:
...
addr = start;
while(addr < end) {
/* search for address with line debug info */
while(addr < end) {
if (VG_(get_filename_linenum)(addr, filename, FILENAME_LEN, &line))
break;
addr++;
}
if (addr == end) break;
/* this always should be inside of a function */
if (!VG_(get_fnname)(addr, fn_name, FN_NAME_LEN)) { addr++; continue; }
/* decode a basic block */
bb_addr = addr;
cb = VG_(alloc_UCodeBlock)();
cb->orig_eip = addr;
size = VG_(disBB)(cb, addr);
if (size <=0) {
/* skip on error: not decodable? */
VG_(free_UCodeBlock)(cb);
continue;
}
...
I am not sure if VEX has an API similar to VG_(alloc_UCodeBlock)() and
VG_(disBB)(cb, addr) of VG 2.x.
Note that the above was still a hack, as the UCode block structure returned
by VG_(disBB) was officially not visible to tools, so I copied the definition
into the tool.
Above code would be useful for a code coverage tool: callgrind/cachegrind
optionally could include information about code which never was executed.
A postprocessing tool could say: "In this library, only 80% of code which
has debug info was touched."
This currently is impossible.
Josef
|