bool TraceManager::IsNormal(RTN myrtn)
{
BBL my_bbl=RTN_BblTail(myrtn);
if(BBL_Valid(my_bbl))
{
INS my_ins=BBL_InsTail(my_bbl);
while(INS_Valid(my_ins))
{
if(INS_IsRet(my_ins))
{
//cerr<<"Normal Routine::"<<RTN_Name(myrtn)<<endl;
return true;
}
my_ins=INS_Prev(my_ins);
}
/*if(INS_IsBranch(my_ins)|| INS_IsNop(my_ins))
{
cerr<<"!!!Abnormal Routine::"<<RTN_Name(myrtn)<<endl;
return false;
}
my_bbl=BBL_Prev(my_bbl); */
}
//cerr<<"!!!!Abnormal Routine::"<<RTN_Name(myrtn)<<endl;
return false;
}
VOID Instruction(INS ins, VOID *v)
{
//if (RTN_Valid(INS_Rtn(ins)) && RTN_Name(INS_Rtn(ins)) == "__SEH_epilog4") {
// cerr << "image " << IMG_Name(SEC_Img(RTN_Sec(INS_Rtn(ins)))) << endl;
//}
if ( leaflag && INS_IsLea(ins) ) {
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(LeaAdd),
IARG_THREAD_ID,
IARG_REG_VALUE, REG_STACK_PTR,
IARG_INST_PTR,
IARG_REG_VALUE, REG_GBP,
IARG_END);
}
if ( INS_IsBranch(ins) && !(INS_IsCall(ins)) && !(INS_IsRet(ins)) ) {
INS_InsertCall(ins, IPOINT_TAKEN_BRANCH, AFUNPTR(Branch),
IARG_THREAD_ID,
IARG_REG_VALUE, REG_STACK_PTR,
IARG_BRANCH_TARGET_ADDR,
IARG_INST_PTR,
IARG_END);
}
else if (INS_IsRet(ins)) {
INS prev = INS_Prev(ins);
//cout<< "CALL TO RET" << endl;
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(Ret),
IARG_THREAD_ID,
IARG_REG_VALUE, REG_STACK_PTR,
IARG_BRANCH_TARGET_ADDR,
IARG_INST_PTR,
IARG_UINT32, (INS_Valid(prev) && INS_Opcode(prev) == XED_CATEGORY_PUSH),
IARG_END);
}
else if (INS_IsCall(ins)) {
//cout << "CALL TO CALL" << endl;
INS_InsertCall(ins, IPOINT_TAKEN_BRANCH, AFUNPTR(Call),
IARG_THREAD_ID,
IARG_REG_VALUE, REG_STACK_PTR,
IARG_BRANCH_TARGET_ADDR,
IARG_INST_PTR,
IARG_END);
}
else if (INS_IsMemoryWrite(ins)) {
//cout<< "CALL TO MEWRITE" << endl;
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(MemWrite),
IARG_THREAD_ID,
IARG_MEMORYWRITE_EA,
IARG_END);
}
}
VOID Rtn(RTN rtn, VOID * v)
{
RTN_Open(rtn);
UINT32 insNum2 = 0;
RTN_Close(rtn);// The rtn is intentionally closed and then it is opened again.
// This is done in order to check the correctness of both
// "RTN_NumIns" and "RTN_InsTail" independently.
UINT32 insNum1 = RTN_NumIns(rtn);
RTN_Open(rtn);
for (INS ins = RTN_InsTail(rtn); INS_Valid(ins); ins = INS_Prev(ins)) {
insNum2++;
}
TEST(insNum1 == insNum2, "RTN_NumIns failed");
RTN_Close(rtn);
}
VOID Instruction(INS ins, VOID *v)
{
ADDRINT nextIns;
if (INS_IsRet(ins)) {
INS prev = INS_Prev(ins);
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(Ret),
IARG_THREAD_ID,
IARG_REG_VALUE, REG_STACK_PTR,
IARG_BRANCH_TARGET_ADDR,
IARG_INST_PTR,
IARG_UINT32, (INS_Valid(prev) && INS_Opcode(prev) == XED_CATEGORY_PUSH),
IARG_END);
}
else if (INS_IsCall(ins)) {
nextIns = INS_NextAddress(ins);
INS_InsertCall(ins, IPOINT_TAKEN_BRANCH, AFUNPTR(Call),
IARG_THREAD_ID,
IARG_REG_VALUE, REG_STACK_PTR,
IARG_BRANCH_TARGET_ADDR,
IARG_INST_PTR,
IARG_ADDRINT, nextIns,
IARG_END);
}
else if (INS_IsMemoryWrite(ins)) {
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(MemWrite),
IARG_THREAD_ID,
IARG_MEMORYWRITE_EA,
IARG_INST_PTR,
IARG_END);
}
}
VOID Trace(TRACE trace, VOID *v)
{
//DumpTrace("Before", trace);
BOOL live[REGCOUNT];
for (INT32 i = 0; i < REGCOUNT; i++)
{
live[i] = false;
}
for (BBL bbl = TRACE_BblTail(trace); BBL_Valid(bbl); bbl = BBL_Prev(bbl))
{
for (INS ins = BBL_InsTail(bbl); INS_Valid(ins); ins = INS_Prev(ins))
{
WriteShadows(ins, live);
RewriteBases(ins, live);
}
}
WriteLiveShadows(trace, live);
//DumpTrace("After", trace);
}
VOID Instruction(INS ins, VOID *v)
{
PIN_LockClient();
IMG img = IMG_FindByAddress(INS_Address(ins));
PIN_UnlockClient();
if (IMG_Valid(img) && IMG_IsMainExecutable(img)){
if (INS_IsCall(ins)){
INS_InsertCall(
ins, IPOINT_BEFORE, (AFUNPTR)PrologueAnalysis,
IARG_ADDRINT, INS_Address(ins),
IARG_ADDRINT, INS_NextAddress(ins),
IARG_PTR, new string(INS_Disassemble(ins)),
IARG_END);
}
else if (INS_IsRet(ins)){
INS_InsertCall(
ins, IPOINT_BEFORE, (AFUNPTR)EpilogueAnalysis,
IARG_ADDRINT, INS_Address(ins),
IARG_ADDRINT, INS_NextAddress(ins),
IARG_PTR, new string(INS_Disassemble(ins)),
IARG_END);
}
else if (INS_OperandCount(ins) > 1 && INS_MemoryOperandIsWritten(ins, 0)){
INS_InsertCall(
ins, IPOINT_BEFORE, (AFUNPTR)WriteMem,
IARG_ADDRINT, INS_Address(ins),
IARG_PTR, new string(INS_Disassemble(ins)),
IARG_UINT32, INS_OperandCount(ins),
IARG_UINT32, INS_OperandReg(ins, 1),
IARG_MEMORYOP_EA, 0,
IARG_END);
}
/* Value Set Analysis */
if (INS_Opcode(ins) == XED_ICLASS_MOV &&
INS_RegR(ins, 0) == REG_RBP &&
INS_RegR(ins, 1) == REG_INVALID() &&
INS_IsMemoryWrite(ins)){
INS_InsertCall(
ins, IPOINT_BEFORE, (AFUNPTR)ValueSetAnalysis,
IARG_ADDRINT, INS_Address(ins),
IARG_PTR, new string(INS_Disassemble(ins)),
IARG_REG_VALUE, REG_RSP,
IARG_REG_VALUE, REG_RBP,
IARG_MEMORYOP_EA, 0,
IARG_END);
}
/* Analyzes stack overflow */
if (INS_MemoryOperandIsWritten(ins, 0)){
INS_InsertCall(
ins, IPOINT_BEFORE, (AFUNPTR)WriteMemAnalysis,
IARG_ADDRINT, INS_Address(ins),
IARG_PTR, new string(INS_Disassemble(ins)),
IARG_MEMORYOP_EA, 0,
IARG_END);
}
/* Timer Handler - And instruction counter */
INS_InsertCall(ins, IPOINT_BEFORE, (AFUNPTR)timerHandler,
IARG_ADDRINT, INS_Address(INS_Prev(ins)),
IARG_ADDRINT, INS_Address(ins),
IARG_ADDRINT, INS_Address(INS_Next(ins)),
IARG_PTR, new string(INS_Disassemble(ins)),
IARG_END);
}
}
