intel-pin

Force memory allocation always to the same virtual address [duplicate]

两盒软妹~` 提交于 2019-12-12 17:25:57
问题 This question already has answers here : disable the randomness in malloc (6 answers) Closed 5 years ago . I'm experimenting with Pin, an instrumentation tool, which I use to compute some statistics based on memory address of my variables. I want to re-run my program with the information gathered by my instrumentation tool, but for that it's crucial that virtual memory addresses remain the same through different runs. In general, I should let the OS handle memory allocation, but in this case

Insert an undefined instruction in X86 code to be detected by Intel PIN

巧了我就是萌 提交于 2019-12-12 04:18:46
问题 I'm using a PIN based simulator to test some new architectural modifications. I need to test a "new" instruction with two operands (a register and a memory location) using my simulator. Since it's tedious to use GCC Machine description to add only one instructions it seemed logical to use NOPs or Undefined Instructions. PIN would easily be able to detect a NOP instruction using INS_IsNop , but it would interfere with NOPs added naturally to the code, It also has either no operands or a single

Intel Pin:Invalid REG for IARG_REG_VALUE reg: xmm0

a 夏天 提交于 2019-12-11 19:12:55
问题 I'm making a program to trace the program, but I am having trouble with the error like the title. Is there anyone who can understand something? INS_InsertCall(ins, action, AFUNPTR(RegOpnd::at_call), IARG_PTR, data, IARG_PTR, this, IARG_REG_VALUE, reg_, IARG_END); I checked that IARG_REG_VALUE was not compatible with xmm registers. How can I get the information? 回答1: As the documentation says: this cannot be used to retrieve the value of registers whose size is larger than ADDRINT (e.g. x87

Using Intel's PIN tool to count the number of cache hits/misses in a program

*爱你&永不变心* 提交于 2019-12-11 03:16:06
问题 I've been trying to write a pintool to instrument cache hits and misses in a given program. I found that there are calls such as INS_IsMemoryRead/Write to determine if the instruction is a LD/ST. Is there a way to determine if the instruction had a cache hit or miss? If so, is it also possible to get the number of cycles spent fetching the data from the cache/memory? 回答1: It is not possible to do neither of these. The cache tool, "Memory", which comes with pin is a very simple functional

Object code relocation and Intel Pin interaction

混江龙づ霸主 提交于 2019-12-11 02:55:12
问题 I am working on a multiprocessor architectural simulator that uses Intel Pin to instrument C++ executable binaries and report interesting events (e.g., some function calls, thread create/finish, etc.). Basically, I build an instruction-decode cache of all instructions when their images are loaded and analyze instruction execution afterwards. So it is important for instruction addresses at image-load time to be the same as (or at least get updated synchronously with) instruction addresses at

stack allocation size using intel pin tool

 ̄綄美尐妖づ 提交于 2019-12-10 23:43:49
问题 I have following c code: #include <stdio.h> int foo() { int a = 4; int *p = &a; printf("%i\n", *p); int b[10]; b[1] = 3; } int main(void) { int a[10], b[20]; a[2] = 7; b[7] = 9; foo(); return 0; } I created following PIN tool: #include <fstream> #include <iostream> #include "pin.H" // Additional library calls go here /*********************/ // Output file object ofstream OutFile; //static uint64_t counter = 0; uint32_t lock = 0; uint32_t unlock = 1; std::string rtin = ""; // Make this lock if

How can i specify an area of code to instrument it by pintool?

谁说我不能喝 提交于 2019-12-10 11:26:35
问题 There are four levels of granularity in Pin: routine, instruction and image, trace. Can i specify an limits/area to start and stop inserting instrumentation code. may by like directive like ( # start instrumentation , # end instrumentation ) or some thing like that, An example: for( int i=0; i< x; i++) { #startInstrumentation for( ....;.....;.....) { // some code // function call, conditions , loops, .... } #endInstrumentation } Is there are any way to do this ? 回答1: You can use trace-based

Detecting mov dword ptr [rbp - …] instructions with a specific register in the addressing mode, using Intel PIN

断了今生、忘了曾经 提交于 2019-12-07 20:18:40
问题 I want to detect the instructions like mov dword ptr [rbp-0x28], 0x7 (so, all the instructions in mov dword ptr [rbp-0xxx], xxx format) using Intel PIN (mainly to get array writes information). In un-optimized code, this should get most stores to local variables. I can do: if (INS_Opcode(ins) == XED_ICLASS_MOV) instruction detection; to detect the mov instruction. But, along with that it also detects other instruction such as mov eax, 0x0 . I want to detect the instructions with dword ptr

Getting physical address in pin tool

南楼画角 提交于 2019-12-03 20:51:25
I'm using pin instrumentation tool to get memory traces. By my implementation result, I've found the traces indicate virtual address, not physical address. Is there any way to get physical address trace in Pin tool? Help! feradz The pin tool runs in user space and therefore it works with virtual addresses only. There is no way to get the physical addresses directly from the pin tool's API. An alternative approach to translate the virtual addresses to physical addresses would be to use the OS's page mapping API inside your pin tool. In Linux this might be possible by using /proc/<pid>/pagemap .

What instructions 'instCount' Pin tool counts?

不想你离开。 提交于 2019-12-02 13:28:44
问题 I run pintool 'instCount' on basic C program with empty body within the main function. int main() { } When I run the instCount on this program executable , it shows around 86000 instructions. Even the program is very small why so many instructions are genrated..??Any idea.?? Thank you 回答1: What's missing is that behind the scenes, a lot of work is done to get you up to the point where the main() function is executed. There is a lot of work that the runtime needs to perform in order to provide
订阅 intel-pin