The present invention generally relates to analysis of executable program code, and more particularly to finding entry points and endpoints of functions in support of program analysis.
Analysis of binary executable programs is performed to analyze program performance, verify correctness, and test correct runtime operation, for example. Some analyses are performed prior to runtime (static analysis), while other analyses are performed during runtime (dynamic analysis). For both static and dynamic analysis, however, the analysis may be performed at the function level.
The term, xe2x80x9cfunctionxe2x80x9d, refers to named sections of code that are callable in the source program and encompasses routines, procedures, methods and other similar constructs known to those skilled in the art. The functions in the source code are compiled into segments of executable code. For convenience, the segments of executable code that correspond to the functions in the source code are also referred to as xe2x80x9cfunctionsxe2x80x9d.
A function is a set of instructions beginning at an entry point and ending at an endpoint. The entry point is the address at which execution of the function begins as the target of a branch instruction. The endpoint is the instruction of the function from which control is returned to the point in the program at which the function was initiated. For functions having multiple entry points and/or multiple endpoints, the first entry point and the last endpoint define a function.
The function entry points and endpoints of a program have in the past been obtained from symbol tables that are associated with the executable program code and from debug information that is present with the file having the executable program code (an xe2x80x9cexecutablexe2x80x9d). The debug information includes, for example, types of data entities, names of data entities, and the relationship between source and binary code. A symbol table contains a mapping of symbolic names of functions to entry points of the functions. However, since the generation of debug information is selectable at the compilation stage, some executables do not have debug information. Similarly, the presence of symbol tables is often optional, since in most environments a symbol table is unnecessary to run an executable. Thus, effective analysis of an executable presently depends on whether there is sufficient debug information or a complete symbol table.
A system and method that address the aforementioned problems, as well as other related problems, are therefore desirable.
The present invention provides in various embodiments a method and apparatus for analysis of executable program code. The executable program includes segments of code that correspond to callable functions in the source code from which the executable code was generated. Compiler-generated checkpoint descriptors are included in the executable and include pairs of entry points and endpoints. Each pair of entry points and endpoints is associated with a callable function in the source code. The pairs of entry points and endpoints are read from the executable program code and used to generate analysis data for the associated functions. In other embodiments, pairs of entry points and endpoints are additionally assembled from dynamic load modules and symbol tables.
It will be appreciated that various other embodiments are set forth in the Detailed Description and claims which follow.