本文整理匯總了C++中BBL_InsHead函數的典型用法代碼示例。如果您正苦於以下問題:C++ BBL_InsHead函數的具體用法?C++ BBL_InsHead怎麽用?C++ BBL_InsHead使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了BBL_InsHead函數的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的C++代碼示例。
示例1: Trace
static VOID Trace(TRACE trace, VOID *v)
{
RTN rtn = TRACE_Rtn(trace);
ADDRINT version = TRACE_Version(trace);
// If we are not in watch_rtn, switch back to base version
if (!RTN_Valid(rtn) || RTN_Name(rtn) != watch_rtn)
{
if (version != VERSION_BASE)
BBL_SetTargetVersion(TRACE_BblHead(trace), VERSION_BASE);
return;
}
if (TRACE_Address(trace) == RTN_Address(rtn)) {
INS ins = BBL_InsHead(TRACE_BblHead(trace));
if (version == VERSION_BASE)
{
// version_reg is used to select the version, use the first
// argument of watch_rtn to set it
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(select_version),
IARG_FUNCARG_ENTRYPOINT_VALUE, 0,
IARG_RETURN_REGS, version_reg,
IARG_END);
// IF we are in the base version, decide if we should go to the
// other versions
// Note that the version instrumentation will occur before any
// following instrumentation done on this ins
INS_InsertVersionCase(ins, version_reg, 10, VERSION_1, IARG_END);
INS_InsertVersionCase(ins, version_reg, 20, VERSION_2, IARG_END);
printf ("Instrumentation at %p\n", reinterpret_cast<void *>(INS_Address(ins)));
}
}
INS ins = BBL_InsHead(TRACE_BblHead(trace));
for (BBL bbl = TRACE_BblHead(trace); BBL_Valid(bbl); bbl = BBL_Next(bbl))
{
// Instrumentation depends on version
// These instrumentations occur after the preceeding version instrumentation
// (i.e. the instrumentation inserted by the above INS_InsertVersionCase calls
switch(version) {
case VERSION_BASE:
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(Emit),
IARG_PTR, "version base", IARG_END);
break;
case VERSION_1:
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(Emit),
IARG_PTR, "version 1", IARG_END);
break;
case VERSION_2:
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(Emit),
IARG_PTR, "version 2", IARG_END);
break;
default:
assert(0);
break;
}
}
}
示例2: Trace
VOID Trace(TRACE trace, VOID *v)
{
static BOOL programStart = TRUE;
if (programStart)
{
programStart = FALSE;
next_pc = (void*)INS_Address(BBL_InsHead(TRACE_BblHead(trace)));
}
for (BBL bbl = TRACE_BblHead(trace); BBL_Valid(bbl); bbl = BBL_Next(bbl))
{
// check BBL entry PC
INS_InsertCall(
BBL_InsHead(bbl), IPOINT_BEFORE, (AFUNPTR)CheckPc,
IARG_INST_PTR,
IARG_END);
INS tail = BBL_InsTail(bbl);
if (INS_IsBranchOrCall(tail))
{
// record taken branch targets
INS_InsertCall(
tail, IPOINT_BEFORE, AFUNPTR(RecordPc),
IARG_INST_PTR,
IARG_BRANCH_TARGET_ADDR,
IARG_BRANCH_TAKEN,
IARG_END);
}
if (INS_HasFallThrough(tail))
{
// record fall-through
INS_InsertCall(
tail, IPOINT_AFTER, (AFUNPTR)RecordPc,
IARG_INST_PTR,
IARG_FALLTHROUGH_ADDR,
IARG_BOOL,
TRUE,
IARG_END);
}
#if defined(TARGET_IA32) || defined(TARGET_IA32E)
if (INS_IsSysenter(tail) ||
INS_HasRealRep(tail))
{ // sysenter on x86 has some funny control flow that we can't correctly verify for now
// Genuinely REP prefixed instructions are also odd, they appear to stutter.
INS_InsertCall(tail, IPOINT_BEFORE, (AFUNPTR)Skip, IARG_END);
}
#endif
}
}
示例3: Trace
VOID Trace (TRACE trace, VOID *v)
{
for (BBL bbl = TRACE_BblHead(trace); BBL_Valid(bbl); bbl = BBL_Next(bbl))
{
for (INS ins = BBL_InsHead(bbl); INS_Valid(ins); ins = INS_Next(ins))
{
xed_iclass_enum_t iclass1 = static_cast<xed_iclass_enum_t>(INS_Opcode(ins));
if (iclass1 == XED_ICLASS_FLD1 && INS_Valid(INS_Next(ins)))
{
xed_iclass_enum_t iclass2 = static_cast<xed_iclass_enum_t>(INS_Opcode(INS_Next(ins)));
if (iclass2 == XED_ICLASS_FLD1 && INS_Valid(INS_Next(INS_Next(ins))))
{
xed_iclass_enum_t iclass3 = static_cast<xed_iclass_enum_t>(INS_Opcode(INS_Next(INS_Next(ins))));
if (iclass3 == XED_ICLASS_FLD1)
{
printf ("tool: found fld1 sequence at %p\n", (void *)INS_Address(INS_Next(INS_Next(ins))));
fflush (stdout);
// Insert an analysis call that will cause the xmm scratch registers to be spilled
INS_InsertCall(INS_Next(INS_Next(ins)), IPOINT_AFTER, (AFUNPTR)SetXmmScratchesFun, IARG_END);
return;
}
}
}
}
}
}
示例4: Trace
VOID Trace (TRACE trace, VOID *v)
{
for (BBL bbl = TRACE_BblHead(trace); BBL_Valid(bbl); bbl = BBL_Next(bbl))
{
for (INS ins = BBL_InsHead(bbl); INS_Valid(ins); ins = INS_Next(ins))
{
xed_iclass_enum_t iclass1 = static_cast<xed_iclass_enum_t>(INS_Opcode(ins));
if (iclass1 == XED_ICLASS_FLD1 && INS_Valid(INS_Next(ins)))
{
xed_iclass_enum_t iclass2 = static_cast<xed_iclass_enum_t>(INS_Opcode(INS_Next(ins)));
if (iclass2 == XED_ICLASS_FLD1 && INS_Valid(INS_Next(INS_Next(ins))))
{
xed_iclass_enum_t iclass3 = static_cast<xed_iclass_enum_t>(INS_Opcode(INS_Next(INS_Next(ins))));
if (iclass3 == XED_ICLASS_FLD1)
{
printf ("found fld1 sequence at %x\n", INS_Address(INS_Next(INS_Next(ins))));
{
INS_InsertCall(INS_Next(INS_Next(ins)), IPOINT_AFTER, AFUNPTR(CallToFldzToTop3), IARG_END);
printf ("Inserted call1 to FldzToTop3 after instruction at %x\n", INS_Address(INS_Next(INS_Next(ins))));
}
}
}
}
}
}
}
示例5: RecordRegisters
INT32 RecordRegisters(BBL bbl,
UINT16 * stats,
UINT32 max_stats)
{
UINT32 count = 0;
for (INS ins = BBL_InsHead(bbl); INS_Valid(ins); ins = INS_Next(ins))
{
if (count >= max_stats)
{
cerr << "Too many stats in this block" << endl;
exit(1);
}
bool rmem = INS_IsMemoryRead(ins) || INS_HasMemoryRead2(ins);
bool wmem = INS_IsMemoryWrite(ins);
bool rw_mem = rmem & wmem;
if (rw_mem)
stats[count++] = PATTERN_MEM_RW;
else if (rmem)
stats[count++] = PATTERN_MEM_R;
else if (wmem)
stats[count++] = PATTERN_MEM_W;
else if (INS_SegmentRegPrefix(ins) != REG_INVALID())
stats[count++] = PATTERN_NO_MEM_LIES;
else
stats[count++] = PATTERN_NO_MEM;
}
stats[count++] = 0;
return count;
}
示例6: TRACE_Address
VOID PolymorphicCodeHandlerModule::inspectTrace(TRACE trace){
// set the range of address in which the current trace resides
this->trace_head = TRACE_Address(trace);
this->trace_tail = trace_head + TRACE_Size(trace);
for (BBL bbl = TRACE_BblHead(trace); BBL_Valid(bbl); bbl = BBL_Next(bbl))
{
for (INS ins = BBL_InsHead(bbl); INS_Valid(ins); ins = INS_Next(ins))
{
// for ech instruction we have to check if it has been overwritten by a previous instruction of the current trace (polimiorfic code detection)
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(checkIfWrittenAddress),
IARG_INST_PTR,
IARG_CONTEXT,
IARG_UINT32, INS_Size(ins),
IARG_PTR, this,
IARG_END);
for (UINT32 op = 0; op<INS_MemoryOperandCount(ins); op++) {
if(INS_MemoryOperandIsWritten(ins,op)){
// for each write operation we have to check if the traget address is inside the current trace (attempt to write polimorfic code)
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(polimorficCodeHandler),
IARG_INST_PTR,
IARG_MEMORYOP_EA, op,
IARG_PTR, this,
IARG_END);
}
}
}
}
}
示例7: Trace
VOID Trace (TRACE trace, VOID *v)
{
for (BBL bbl = TRACE_BblHead(trace); BBL_Valid(bbl); bbl = BBL_Next(bbl))
{
for (INS ins = BBL_InsHead(bbl); INS_Valid(ins); ins = INS_Next(ins))
{
xed_iclass_enum_t iclass1 = static_cast<xed_iclass_enum_t>(INS_Opcode(ins));
if (iclass1 == XED_ICLASS_FLD1 && INS_Valid(INS_Next(ins)))
{
xed_iclass_enum_t iclass2 = static_cast<xed_iclass_enum_t>(INS_Opcode(INS_Next(ins)));
if (iclass2 == XED_ICLASS_FLD1 && INS_Valid(INS_Next(INS_Next(ins))))
{
xed_iclass_enum_t iclass3 = static_cast<xed_iclass_enum_t>(INS_Opcode(INS_Next(INS_Next(ins))));
if (iclass3 == XED_ICLASS_FLD1)
{
printf ("found fld1 sequence at %lx\n", (unsigned long)(INS_Address(INS_Next(INS_Next(ins)))));
if (testNum == 0)
{
INS_InsertCall(INS_Next(INS_Next(ins)), IPOINT_AFTER, AFUNPTR(CallToUnMaskZeroDivideInMxcsr), IARG_END);
printf ("Inserted call1 to UnMaskZeroDivideInMxcsr after instruction at %lx\n",
(unsigned long)(INS_Address(INS_Next(INS_Next(ins)))));
testNum++;
}
return;
}
}
}
}
}
}
示例8: Trace
VOID Trace(TRACE trace, VOID *v)
{
for (BBL bbl = TRACE_BblHead(trace); BBL_Valid(bbl); bbl = BBL_Next(bbl))
{
INS_InsertCall(BBL_InsHead(bbl), IPOINT_BEFORE, (AFUNPTR)docount, IARG_UINT32, BBL_NumIns(bbl), IARG_END);
}
}
示例9: Trace
VOID Trace(TRACE trace, VOID *v)
{
for (BBL bbl = TRACE_BblHead(trace); BBL_Valid(bbl); bbl = BBL_Next(bbl))
{
DBG_PRINT(printf("Inst: Sequence address %p\n",(CHAR*)(INS_Address(BBL_InsHead(bbl)))));
for (INS ins = BBL_InsHead(bbl); INS_Valid(ins); ins = INS_Next(ins))
{
DBG_PRINT(printf("Inst: %p\n",(CHAR*)(INS_Address(ins))));
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(docount_ins), IARG_INST_PTR, IARG_END);
}
INT32 icount = BBL_NumIns(bbl);
DBG_PRINT(printf("Inst: -> control flow change (bbl size %d)\n", icount));
INS_InsertCall(BBL_InsTail(bbl), IPOINT_BEFORE, AFUNPTR(docount_bbl_ins), IARG_INST_PTR, IARG_UINT32, icount, IARG_END);
}
}
示例10: Trace
VOID Trace(TRACE trace, VOID *v)
{
BOOL rewrite = false;
for (BBL bbl = TRACE_BblHead(trace); BBL_Valid(bbl); bbl = BBL_Next(bbl))
{
for (INS ins = BBL_InsHead(bbl); INS_Valid(ins); ins = INS_Next(ins))
{
// If we see an instruction that needs rewriting, then rewrite all
if (SwizzleRefs.find(INS_Address(ins)) != SwizzleRefs.end())
rewrite = true;
if (rewrite)
{
// If we suspect this instruction needs to be swizzled, generate safe, but slow code
RewriteIns(ins);
}
else
{
// Generate code to check if swizzling is needed, but not do it
CheckIns(ins, TRACE_Address(trace));
}
}
}
}
示例11: Trace
// Pin calls this function every time a new basic block is encountered
// It inserts a call to docount
VOID Trace(TRACE trace, VOID *v)
{
// Visit every basic block in the trace
for (BBL bbl = TRACE_BblHead(trace); BBL_Valid(bbl); bbl = BBL_Next(bbl))
{
for (INS ins = BBL_InsHead(bbl); INS_Valid(ins); ins = INS_Next(ins))
{
if (INS_IsMemoryRead(ins))
{
INS_InsertIfCall(ins, IPOINT_BEFORE, (AFUNPTR)ReadAlways, IARG_MEMORYREAD_EA, IARG_END);
INS_InsertThenCall(ins, IPOINT_BEFORE, (AFUNPTR)ReadRare, IARG_MEMORYREAD_EA, IARG_END);
}
}
// Always()->Rare() are partially inlined
BBL_InsertIfCall(bbl, IPOINT_BEFORE, (AFUNPTR)Always, IARG_END);
BBL_InsertThenCall(bbl, IPOINT_BEFORE, (AFUNPTR)Rare, IARG_END);
// Always()->Rare() are partially inlined
BBL_InsertIfCall(bbl, IPOINT_BEFORE, (AFUNPTR)AlwaysNoinline, IARG_END);
BBL_InsertThenCall(bbl, IPOINT_BEFORE, (AFUNPTR)RareNoinline, IARG_END);
// Noinline() is not inlined
BBL_InsertCall(bbl, IPOINT_BEFORE, (AFUNPTR)Noinline, IARG_END);
}
}
示例12: Trace
// Pin calls this function every time a new instruction is encountered
void Trace(TRACE trace , void *v)
{
for(BBL bbl= TRACE_BblHead(trace); BBL_Valid(bbl); bbl = BBL_Next(bbl)){
for( INS ins = BBL_InsHead(bbl); INS_Valid(ins) ; ins =INS_Next(ins)){
oepf.IsCurrentInOEP(ins);
}
}
}
示例13: trace_inspect
/*
* trace inspection (instrumentation function)
*
* traverse the basic blocks (BBLs) on the trace and
* inspect every instruction for instrumenting it
* accordingly
*
* @trace: instructions trace; given by PIN
* @v: callback value
*/
static void
trace_inspect(TRACE trace, VOID *v)
{
/* iterators */
BBL bbl;
INS ins;
xed_iclass_enum_t ins_indx;
//printf("dealing trace!\n");
/* traverse all the BBLs in the trace */
for (bbl = TRACE_BblHead(trace); BBL_Valid(bbl); bbl = BBL_Next(bbl)) {
/* traverse all the instructions in the BBL */
ins = BBL_InsHead(bbl);
for (ins = BBL_InsHead(bbl);
INS_Valid(ins);
ins = INS_Next(ins)) {
/*
* use XED to decode the instruction and
* extract its opcode
*/
ins_indx = (xed_iclass_enum_t)INS_Opcode(ins);
/*
* invoke the pre-ins instrumentation callback
*/
if (ins_desc[ins_indx].pre != NULL)
ins_desc[ins_indx].pre(ins);
/*
* analyze the instruction (default handler)
*/
if (ins_desc[ins_indx].dflact == INSDFL_ENABLE){
ins_inspect(ins);
//printf("dealing ins_inspect!\n");
}
/*
* invoke the post-ins instrumentation callback
*/
if (ins_desc[ins_indx].post != NULL)
ins_desc[ins_indx].post(ins);
}
}
}
示例14: Trace
VOID Trace(TRACE trace, VOID *v)
{
const INS beginIns = BBL_InsHead(TRACE_BblHead(trace));
const INS endIns = BBL_InsTail(TRACE_BblTail(trace));
const ADDRINT beginAddr = INS_Address(beginIns);
const ADDRINT endAddr = INS_Address(endIns) + INS_Size(endIns) - 1;
sandbox.CheckAddressRange(reinterpret_cast<const char *>(beginAddr), reinterpret_cast<const char *>(endAddr));
}
示例15: BBLContainMemOp
bool BBLContainMemOp(BBL bbl) {
for (INS ins = BBL_InsHead(bbl); INS_Valid(ins); ins = INS_Next(ins)) {
if (INS_IsStackRead(ins) || INS_IsStackWrite(ins))
continue;
if (INS_IsMemoryRead(ins) || INS_IsMemoryWrite(ins))
return true;
}
return false;
}