How to determine whether two instructions access the same variable in binary

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

How to determine whether two instructions access the same variable in binary

David Blaikie via cfe-dev

Hello,

 

I'm trying to trace the variable access sequence from a binary.

 

I tried to list all possible way compilers assign variables to registers, and found

it's so challenging. There're so many optimization techniques in compiler writing

such as SSA, and compilers are so free to handle variables between registers.

 

Then I rethink the goal and realize that the key is to determine whether two

instructions access the same variable (or say object). It sounds like an alias analysis

technique in binary is needed. I got that alias analysis aiming at source code is an

active research field but found almost nothing for binary analysis.

 

Are there any materials about alias analysis in binary? Or any other hint for tracing

variable access sequence in binary?

 

 

 


_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: How to determine whether two instructions access the same variable in binary

David Blaikie via cfe-dev
Hi, might taint analysis is what you are looking for.

Unfortunately I haven't tried any dynamic taint analysis framework yet so I can not help you with that.

TBH I'm more interested in *static* taint analysis. Especially improving the Clang Static Analyzer on that regard.

Here is talk about dynamic taint analysis:
But there must be several other resources.

PS: if you find something interesting, let me know.

Regards, Balazs.

On Wed, Nov 18, 2020, 18:41 x visitor via cfe-dev <[hidden email]> wrote:

Hello,

 

I'm trying to trace the variable access sequence from a binary.

 

I tried to list all possible way compilers assign variables to registers, and found

it's so challenging. There're so many optimization techniques in compiler writing

such as SSA, and compilers are so free to handle variables between registers.

 

Then I rethink the goal and realize that the key is to determine whether two

instructions access the same variable (or say object). It sounds like an alias analysis

technique in binary is needed. I got that alias analysis aiming at source code is an

active research field but found almost nothing for binary analysis.

 

Are there any materials about alias analysis in binary? Or any other hint for tracing

variable access sequence in binary?

 

 

 

_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev

_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev