I am working on a multiprocessor architectural simulator that uses an Intel Pin to create C ++ executable binaries and reports interesting events (e.g., some function calls, thread creation / termination, etc.). Basically, I create a cache of instruction-decoding of all instructions when their images are loaded and analyze the execution of commands afterwards. Therefore, it is important that the addresses of the instructions at the time of loading the image are the same (or at least synchronously updated) with the addresses of the instructions at runtime.
The Intel Pin API (e.g. IMG_AddInstrumentFunction) allows me to get information about uploaded images (executable files and shared libraries), such as entry points, low / high address, etc.
However, I noticed that the tool program executes instructions at addresses that do not belong to any of the downloaded images. When checking, I suspect that the dynamic bootloader (image / lib64 / ld-linux-x86-64.so.2 on 64-bit Centos 6.3 ) translates the main executable into memory by calling the _dl_relocate_object procedure.
I understand the need for relocated code and all of this. I just need pointers to good documentation (or just a short description / tip) on how / when these movements can occur (at boot time and runtime) so that I can take them into account in my architectural simulator. In other words, a mechanism was used to achieve this. (library functions that I need for the tool, conditions, or possibly randomization, if there are any, g ++ compilers that can be used to suppress movement, etc.). PS: I am only configured for x86 / x86_64 architecture.
source share