Hi,
I am trying to understand how to use Dyninst with running processes. I
wish to attach to a running process, instrument it, detach from it,
let it run a bit and reattach to the same process.
I can attach, instrument and detach without any problem but trying to
reattach to the mutatee process seems to trigger a SIGKILL to the
mutatee program and print that error by the mutator:
--SERIOUS-- #0: Dyninst was unable to load the dyninst runtime library
into the application. This may be caused by statically linked
executables, or by having dyninst linked against a different version
of libelf than it was built with.
--FATAL-- #68: Dyninst was unable to attach to the specified process
--FATAL-- #68: BPatch.C[1038]: no process 18974 defined in procsByPid
Am i missing something? Is there anything to do while detaching to
specify that i may try to reattach.
Here is an example of mutatee, mutator and instrumentation triggering
this behavior on my system:
****Mutatee:
#include <stdio.h>
#include <unistd.h>
void foo() {
printf("I am foo()\n");
return;
}
void bar() {
printf("I am bar()\n");
return;
}
int main()
{
printf("pid: %d\n",getpid());
for (int i = 0; i < 300; ++i)
{
printf("%d :",i);
foo();
sleep(1);
}
return 0;
}
****Mutator:
#include <BPatch.h>
#include <BPatch_point.h>
#include <BPatch_function.h>
#include <vector>
#include <stdio.h>
#include <unistd.h>
#include <sys/wait.h>
#include <sys/types.h>
BPatchSnippetHandle* instrument(BPatch_process *proc, const char * libPath)
{
BPatch_object *ipa = proc->loadLibrary(libPath);
BPatch_image *image = proc->getImage();
std::vector<BPatch_function *> foo_fns, ipa_fns;
image->findFunction("foo", foo_fns);
image->findFunction("instr_test", ipa_fns);
std::vector<BPatch_snippet*> args;
BPatch_funcCallExpr call_ipa(*ipa_fns[0], args);
BPatchSnippetHandle* snippetHandle = proc->insertSnippet(call_ipa,
(foo_fns[0]->findPoint(BPatch_entry))[0]);
return snippetHandle;
}
int main (int argc, const char* argv[]) {
BPatch bpatch;
int mutateePid = fork();
if(mutateePid == 0)
{
char *args[2] = {NULL};
args[0] = "./mutatee";
execvp("./mutatee", args);
}
sleep(2);
BPatch_process *proc = bpatch.processAttach(NULL, mutateePid);
bpatch.setTrampRecursive(true);
bpatch.setSaveFPR(false);
BPatchSnippetHandle* snippetHandle1 = instrument(proc, argv[1]);
proc->continueExecution();
sleep(3);
proc->deleteSnippet(snippetHandle1);
proc->detach(true);
sleep(3);
proc = bpatch.processAttach(NULL, mutateePid);
BPatchSnippetHandle* snippetHandle2 = instrument(proc, argv[1]);
proc->continueExecution();
proc->deleteSnippet(snippetHandle2);
proc->detach(true);
return 0;
}
****instrumentation:
#include <stdio.h>
static int a = 0;
void instr_test(void)
{
printf("Hello from instr.: %d\n",a);
a++;
}
Thanks you,
Francis Deslauriers
|
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif){kind=logo}