Ivannikov Institute for System Programming of the RAS


Static ARM binary code instrumentation

Static instrumentation tool allows to modify ARM ELF executables and shared libraries to change or extend functionality.

The instrumentation tool modifies target files according to user specifications using an approach similar to aspect-oriented programming. User specifications include the following:

  • A set of instrumentation points in the target file;
  • Instrumentation code declared as C/Assembler source code which may additionally have external library dependencies;
  • External libraries used by the instrumentation code.

Target files are modified to include additional code in specified instrumentation code preserving ARM ELF format correctness.

Inserted instrumentation code is executed as a part of target executable or library providing the means to access internal data:

  • CPU register state, process stack and heap;
  • Parameters of original instructions located in instrumentation points;
  • Process thread states and data.

In a more general approach instrumentation code may automatically generate a necessary execution trace including internal and derived data.

Tools related to this project include PEBIL and Dyninst which provide support for static binary instrumentation for x86/x86_64 platforms (and thus cannot be used for ARM executables and libraries). A functionally close group of dynamic binary instrumentation tools (Valgrind, DynamoRIO, Dyninst и Pin) provides similar possibilities and supports ARM architecture; however, dynamic instrumentation approach leads to a more noticeable performance and resource overhead.

The following research tasks were carried out using the instrumentation tool within the scope of the project:

  • Performance analysis for a set of Android GUI system libraries;
  • In-depth analysis for Android RPC library Binder.

Current work on the project focuses on the feasibility of using the developed tool to implement common dynamic analysis techniques (such as automatic defect detection).

Developer/Participant

System Programming

Back to the list of technologies of ISP RAS