3

IARG_MEMORYREAD_EA 的类型在 PIN 中定义为 ADDRINT。我需要获取存储在 IARG_MEMORYREAD_EA 内存位置中的一段数据。据我了解,从特定地址位置获取数据的最正确方法是使用 PIN_SafeCopy 函数,其示例用法如下:

ADDRINT DoLoad(REG reg, ADDRINT * addr)
{
    *out << "Emulate loading from addr " << addr << " to " << REG_StringShort(reg) << endl;
    ADDRINT value;
    PIN_SafeCopy(&value, addr, sizeof(ADDRINT));
    return value;
}

当我尝试将 IARG_MEMORYREAD_EA 直接传递给这个函数时,编译器说类型不匹配,(ADDRINT * and ADDRINT). 显然他们没有,但我不确定我应该如何使用这个功能。

我当前的代码如下:

INS_InsertCall(ins, IPOINT_BEFORE, (AFUNPTR)ProcessMemIns,
 IARG_CONTEXT,
 IARG_INST_PTR,
 IARG_MEMORYREAD_EA,
 IARG_MEMORYREAD2_EA,
 IARG_MEMORYREAD_SIZE,
 IARG_MEMORYWRITE_EA,
 IARG_MEMORYWRITE_SIZE,
 IARG_BOOL, INS_IsBranchOrCall(ins),
 IARG_BRANCH_TAKEN,
 IARG_UINT32,  INS_Category(ins),
 IARG_UINT32, INS_RegR(ins, 0),
 IARG_UINT32, INS_RegR(ins, 1),
 IARG_UINT32, INS_RegR(ins, 2),
 IARG_UINT32, INS_RegR(ins, 3),
 IARG_UINT32, INS_RegW(ins, 0),
 IARG_UINT32, INS_RegW(ins, 1),
 IARG_UINT32, INS_RegW(ins, 2),
 IARG_UINT32, INS_RegW(ins, 3),
 IARG_END);

ProcessMemIns 是:

VOID ProcessMemIns(
    CONTEXT * context,
    ADDRINT ip,
    ADDRINT raddr, ADDRINT raddr2, UINT32 rlen,
    ADDRINT waddr, UINT32  wlen,
    BOOL    isbranch,
    BOOL    isbranchtaken,
    UINT32  category,
    UINT32  rr0,
    UINT32  rr1,
    UINT32  rr2,
    UINT32  rr3,
    UINT32  rw0,
    UINT32  rw1,
    UINT32  rw2,
    UINT32  rw3)
{ // for memory address and register index, '0' means invalid
  if (pthreadsim->first_instrs < pthreadsim->skip_first)
  {
    pthreadsim->first_instrs++;
    return;
  }
  else if (pthreadsim->first_instrs == pthreadsim->skip_first)
  {
    pthreadsim->first_instrs++;
    pthreadsim->initiate(context);
  }

  /* Log for addresses and data */
  uint64_t data1 = -1, data2 = -1, data3 = -1;
  if (raddr > 0) {
    PIN_SafeCopy(&data1, raddr , sizeof(uint64_t));
    cout << "1A:" << hex << raddr << ",D:" << hex << data1 << endl;
  } 
  if (raddr2 > 0) {
    PIN_SafeCopy(&data1, raddr2 , sizeof(uint64_t));
    cout << "2A:" << hex << raddr2 << ",D:" << hex << data2 << endl;
  } 
  if (waddr > 0) {
    PIN_SafeCopy(&data1, waddr , sizeof(uint64_t));
    cout << "3A:" << hex << waddr << ",D:" << hex << data3 << endl;
  } 

  pthreadsim->process_ins(
    context,
    ip,
    raddr, raddr2, rlen,
    waddr,         wlen,
    isbranch,
    isbranchtaken,
    category,
    rr0, rr1, rr2, rr3,
    rw0, rw1, rw2, rw3);
}

正如预期的那样,我从编译器收到以下错误消息。invalid conversion from ‘LEVEL_BASE::ADDRINT {aka long unsigned int}’ to ‘const VOID* {aka const void*}’ [-fpermissive]

是否有更合适的方法将 IARG_MEMORYREAD_EA 用于 PIN_SafeCopy() 或者我应该只定义一个指针并将其用于 PIN_SafeCopy()?

4

1 回答 1

3

英特尔 PIN 文档指出这IARG_MEMORYREAD_EA是一个ADDRINT,虽然我同意这个例子奇怪PIN_SafeCopy地使用了ADDRINT*......

OTOH,anADDRINT是一种表示地址的类型,在IARG_MEMORYREAD_EA我们知道这是内存读取的有效地址的情况下(因此,在绝大多数情况下,ADDRINT 是一个有效的指针)。

因为DoLoad()我会用ADDRINT*一个ADDRINT.

因为PIN_SafeCopy我会通过 C 风格的强制ADDRINT转换void*reinterpet_cast<>: 你已经知道它是一个指针但它的类型错误,这就是强制转换的原因。

于 2015-04-08T12:15:44.280 回答