How to attach DynamoRIO to a running program
601 views
Skip to first unread message
gx Lin
Sep 25, 2020, 4:12:40 AM9/25/20
to DynamoRIO Users
Hello,
I'm trying to attach DynamoRIO to a running program, could you please give me some help?
I implemented a tool to detect memory access based on DynamoRIO, and successfully run with the following command:
drrun -t my_tool -- program_name
But now, I have to apply this tool to a running program.I need to attach and detach my tools to the target program while it is running. I cannot modify the target program's source code. Is there any way to attach my tool to it?
I found 3 ways but they all have some problems:
1. run it with: drrun -attach program_pid,but I get: ERROR: attaching to running processes is not yet implemented
2. Internally-triggered attach through dr_app_start():but according to my understanding, this method needs to modify the source code of the target program
3. ptrace: I found some information related to ptrace. I am not sure if this function is complete now. If it has been implemented, could you please give me some guidance on how to use ptrace?
Is there any other way I missed?
Thanks for your help !
Best regards,
Bess Lin
Derek Bruening
Sep 25, 2020, 10:42:35 AM9/25/20
to dynamor...@googlegroups.com
Externally attaching to an unmodified program was never fully finished off (it was never part of the use case of the main developers); application-triggered attach is used quite a bit though, so the main internal infrastructure for attaching and detaching is already there. There is a PR that adds the few missing pieces at https://github.com/DynamoRIO/dynamorio/pull/3328 you could try; looks like the original author has not had time to finish it and it is just waiting for a new developer (you?) to finalize it and get it merged.
--
You received this message because you are subscribed to the Google Groups "DynamoRIO Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dynamorio-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dynamorio-users/792d2f58-cec3-4b09-8fe6-a0356b307573n%40googlegroups.com.
gx Lin
Sep 28, 2020, 3:08:51 AM9/28/20
to DynamoRIO Users
Thank you very much for your reply. I still have some questions. What does "application-triggered attach" exactly mean? Do I need to modify the source code of the target application? How can I control the time of attach and detach? Or I can only determine when to attach by modifying the application source code?
Thanks for your help !
Derek Bruening
Sep 28, 2020, 10:39:23 AM9/28/20
to dynamor...@googlegroups.com
Yes, modifying the source. See https://dynamorio.org/dynamorio_docs/API_BT.html#sec_startstop, https://dynamorio.org/dynamorio_docs/dr__app_8h.html#abcdedd068a4d264401c31767355ec218.
To view this discussion on the web visit https://groups.google.com/d/msgid/dynamorio-users/4488631c-5ae1-436e-a238-c708387b1c20n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages