Unscheduling, Unpredication, Unspeculation: Reverse Engineering Itanium Executables
نویسندگان
چکیده
EPIC (Explicitly Parallel Instruction Computing) architectures, exemplified by the Intel Itanium, support a number of advanced architectural features, such as explicit instruction-level parallelism, instruction predication, and speculative loads from memory. However, compiler optimizations to take advantage of such architectural features can profoundly restructure the program’s code, making it potentially difficult to reconstruct the original program logic from an optimized Itanium executable. This paper describes techniques to undo some of the effects of such optimizations and thereby improve the quality of reverse engineering such executables.
منابع مشابه
Unspeculation
Modern architectures, such as the Intel Itanium, support speculation, a hardware mechanism that allows the early execution of expensive operations—possibly even before it is known whether the results of the operation are needed. While such speculative execution can improve execution performance considerably, it requires a significant amount of complex support code to deal with and recover from ...
متن کاملOptimizing and Reverse Engineering Itanium Binaries
EPIC (Explicitly Parallel Instruction Computing) architectures, such as the Intel IA-64 (Itanium), address common bottlenecks in modern architectures by supporting novel features such as explicit instruction-level parallelism, predicated instructions, and control and data speculation. While these features promise to make code more efficient, the fact that these new architectural features are vi...
متن کاملDetecting Packed Executables Based on Raw Binary Data
Packing an executable originally referred to the compression of the file to reduce its size on disk. Nowadays, packing also introduces encryption and anti-debug techniques to protect executables from reverse engineering. This explains why packers are extensively used in creating new malware variants which are not detected by traditional signature-based anti-malware tools. Although universal unp...
متن کاملSoftware Reverse Engineering as a Sensemaking Task
Software reverse engineering involves analyzing computer program executables to understand their structure, functionality, and behavior. In this paper, common reverse engineering functions are decomposed to isolate the information-processing and sensemaking subtasks involved. This paper reviews the applicable literature on eliciting mental models of software reverse engineers. Based on the lite...
متن کاملIntraprocedural Static Slicing of Binary Executables
Program slicing is a technique for determining the set of statements of a program that potentially affect the value of a variable at some point in the program. Intra and interprocedural slicing of high-level languages has greatly been studied in the literature; both static and dynamic techniques have been used to aid in the debugging, maintenance, parallelization, program integration, and dataa...
متن کامل