1 Static binary instrumentation toolkit for Linux on x86. It inserts branch instruction at each instrumentation point that transfers control to the instrumentation code. 2 3 tools: function counter, block counter, cache simulation tool. PEBIL is for ELF on the Linux, x86. PEBIL needs debug information. 4 Fixed-length instrumentation is much simpler than variable-length instructions instrumentation because you may not have enough space for jump instruction. Solution is intermediate branches (on x86 even smallest branch instruction requires 2 bytes), or int3 interrupt instruction, or code rewrite.

8 Earlier implementations: ATOM (only for Alpha platform), EEL (has platform-independent interface to rewrite binaries). They say, Dyninst is also static instrumentator and it is more powerful than PEBIL.

Sergey Vartanov, 2007–2020