/* Instrumentation of each instruction
* that uses a memory operand
*/
VOID Instruction(INS ins, VOID *v) {
trace_enter();
if (!INS_IsStackRead(ins)) {
for (UINT32 memopIdx = 0; memopIdx < INS_MemoryOperandCount(ins); memopIdx++) {
if (INS_MemoryOperandIsWritten(ins, memopIdx)) {
INS_InsertCall(ins,
IPOINT_BEFORE,
(AFUNPTR) update_stack_heap_region,
IARG_CONST_CONTEXT,
IARG_MEMORYOP_EA, memopIdx,
IARG_END);
UINT32 opIdx = INS_MemoryOperandIndexToOperandIndex(ins, memopIdx);
REG base_reg = INS_OperandMemoryBaseReg(ins, opIdx);
if (base_reg != REG_INVALID()) {
INS_InsertCall(ins,
IPOINT_BEFORE,
(AFUNPTR) check_parameter_out,
IARG_REG_VALUE, base_reg,
IARG_END);
}
}
}
}
if (INS_IsCall(ins)) {
if (INS_IsDirectCall(ins)) {
ADDRINT addr = INS_DirectBranchOrCallTargetAddress(ins);
FID fid = fn_lookup_by_address(addr);
INS_InsertCall(ins,
IPOINT_BEFORE,
(AFUNPTR) fn_call,
IARG_CONST_CONTEXT,
IARG_UINT32, fid,
IARG_END);
}
else {
INS_InsertCall(ins,
IPOINT_BEFORE,
(AFUNPTR) fn_indirect_call,
IARG_CONST_CONTEXT,
IARG_BRANCH_TARGET_ADDR,
IARG_END);
}
}
if (INS_IsRet(ins)) {
INS_InsertCall(ins,
IPOINT_BEFORE,
(AFUNPTR) fn_ret,
IARG_CONST_CONTEXT,
IARG_END);
}
trace_leave();
}
VOID Instruction(INS ins, VOID *v) {
if (!init)
Commence();
if (INS_IsCall(ins)) {
if (INS_IsDirectCall(ins)) {
ADDRINT addr = INS_DirectBranchOrCallTargetAddress(ins);
FID fid = fn_lookup_by_address(addr);
INS_InsertCall(ins,
IPOINT_BEFORE,
(AFUNPTR) fn_call,
IARG_CONST_CONTEXT,
IARG_UINT32, fid,
IARG_BOOL, false,
IARG_END);
}
else {
INS_InsertCall(ins,
IPOINT_BEFORE,
(AFUNPTR) fn_icall,
IARG_CONST_CONTEXT,
IARG_BRANCH_TARGET_ADDR,
IARG_BOOL, false,
IARG_END);
}
}
if (INS_IsIndirectBranchOrCall(ins)) {
if (!INS_IsCall(ins)) {
INS_InsertCall(ins,
IPOINT_BEFORE,
(AFUNPTR) fn_icall,
IARG_CONST_CONTEXT,
IARG_BRANCH_TARGET_ADDR,
IARG_BOOL, true,
IARG_END);
}
}
if (INS_IsRet(ins)) {
INS_InsertCall(ins,
IPOINT_BEFORE,
(AFUNPTR) fn_ret,
IARG_CONST_CONTEXT,
IARG_END);
}
return;
}
VOID fn_indirect_call(CONTEXT* ctxt, ADDRINT target) {
trace_enter();
// Indirect call, we have to look up the function each time
// The functions `fn_lookup` & `fn_register` needs PIN's Lock.
// Locking is not implicit in inserted call, as opposed
// to callback added with *_AddInstrumentFunction().
PIN_LockClient();
FID fid = fn_lookup_by_address(target);
PIN_UnlockClient();
fn_call(ctxt, fid);
trace_leave();
}
