Pin
Classes | Typedefs | Enumerations | Functions
Controlling and Initializing

Classes

struct  CALL_APPLICATION_FUNCTION_PARAM

Typedefs

typedef EXCEPT_HANDLING_RESULT(* LEVEL_PINCLIENT::INTERNAL_EXCEPTION_CALLBACK )(THREADID tid, EXCEPTION_INFO *pExceptInfo, PHYSICAL_CONTEXT *pPhysCtxt, VOID *v)
typedef VOID * LEVEL_PINCLIENT::PIN_CONFIGURATION_INFO
typedef VOID(* LEVEL_PINCLIENT::REMOVE_INSTRUMENTATION_CALLBACK )(VOID *v)
typedef VOID(* LEVEL_PINCLIENT::DETACH_CALLBACK )(VOID *v)
typedef VOID(* LEVEL_PINCLIENT::DETACH_PROBED_CALLBACK )(VOID *v)
typedef VOID(* LEVEL_PINCLIENT::ATTACH_PROBED_CALLBACK )(VOID *v)
typedef VOID(* LEVEL_PINCLIENT::ATTACH_CALLBACK )(VOID *v)
typedef VOID(* LEVEL_PINCLIENT::APPLICATION_START_CALLBACK )(VOID *v)
typedef VOID(* LEVEL_PINCLIENT::PREPARE_FOR_FINI_CALLBACK )(VOID *v)
typedef VOID(* LEVEL_PINCLIENT::FINI_CALLBACK )(INT32 code, VOID *v)
typedef size_t(* LEVEL_PINCLIENT::FETCH_CALLBACK )(void *buf, ADDRINT addr, size_t size, EXCEPTION_INFO *pExceptInfo, VOID *v)
typedef VOID(* LEVEL_PINCLIENT::OUT_OF_MEMORY_CALLBACK )(size_t size, VOID *v)
typedef ADDRINT(PIN_FAST_ANALYSIS_CALL * LEVEL_PINCLIENT::MEMORY_ADDR_TRANS_CALLBACK )(PIN_MEM_TRANS_INFO *memTransInfo, VOID *v)
typedef VOID(* LEVEL_PINCLIENT::FORK_CALLBACK )(THREADID threadid, const CONTEXT *ctxt, VOID *v)
typedef VOID(* LEVEL_PINCLIENT::THREAD_START_CALLBACK )(THREADID threadIndex, CONTEXT *ctxt, INT32 flags, VOID *v)
typedef VOID(* LEVEL_PINCLIENT::THREAD_ATTACH_PROBED_CALLBACK )(VOID *sigmask, VOID *v)
typedef VOID(* LEVEL_PINCLIENT::THREAD_DETACH_PROBED_CALLBACK )(VOID *v)
typedef VOID(* LEVEL_PINCLIENT::THREAD_ATTACH_CALLBACK )(THREADID threadIndex, CONTEXT *ctxt, VOID *v)
typedef VOID(* LEVEL_PINCLIENT::THREAD_DETACH_CALLBACK )(THREADID threadIndex, const CONTEXT *ctxt, VOID *v)
typedef VOID(* LEVEL_PINCLIENT::THREAD_FINI_CALLBACK )(THREADID threadIndex, const CONTEXT *ctxt, INT32 code, VOID *v)
typedef VOID(* LEVEL_PINCLIENT::CONTEXT_CHANGE_CALLBACK )(THREADID threadIndex, CONTEXT_CHANGE_REASON reason, const CONTEXT *from, CONTEXT *to, INT32 info, VOID *v)
typedef BOOL(* LEVEL_PINCLIENT::INTERCEPT_SIGNAL_CALLBACK )(THREADID tid, INT32 sig, CONTEXT *ctxt, BOOL hasHandler, const EXCEPTION_INFO *pExceptInfo, VOID *v)
typedef VOID(* LEVEL_PINCLIENT::PROBES_INSERTED_CALLBACK )(IMG img, VOID *v)

Enumerations

enum  LEVEL_PINCLIENT::SYMBOL_INFO_MODE {
  LEVEL_PINCLIENT::NO_SYMBOLS = 0,
  LEVEL_PINCLIENT::EXPORT_SYMBOLS = (1<<0),
  LEVEL_PINCLIENT::DEBUG_SYMBOLS = (1<<1),
  LEVEL_PINCLIENT::IFUNC_SYMBOLS = (1<<2),
  LEVEL_PINCLIENT::DEBUG_OR_EXPORT_SYMBOLS = (DEBUG_SYMBOLS | EXPORT_SYMBOLS)
}
enum  LEVEL_PINCLIENT::SMC_ENABLE_DISABLE_TYPE {
  SMC_ENABLE,
  SMC_DISABLE
}
enum  LEVEL_PINCLIENT::FPOINT {
  LEVEL_PINCLIENT::FPOINT_BEFORE,
  LEVEL_PINCLIENT::FPOINT_AFTER_IN_PARENT,
  LEVEL_PINCLIENT::FPOINT_AFTER_IN_CHILD
}
enum  LEVEL_PINCLIENT::ATTACH_STATUS {
  LEVEL_PINCLIENT::ATTACH_INITIATED,
  LEVEL_PINCLIENT::ATTACH_FAILED_DETACH
}
enum  CONTEXT_CHANGE_REASON {
  CONTEXT_CHANGE_REASON_FATALSIGNAL,
  CONTEXT_CHANGE_REASON_SIGNAL,
  CONTEXT_CHANGE_REASON_SIGRETURN,
  CONTEXT_CHANGE_REASON_APC,
  CONTEXT_CHANGE_REASON_EXCEPTION,
  CONTEXT_CHANGE_REASON_CALLBACK
}
enum  EXCEPT_HANDLING_RESULT {
  EHR_HANDLED,
  EHR_UNHANDLED,
  EHR_CONTINUE_SEARCH
}
enum  PIN_CALLBACK_TYPE {
  PIN_CALLBACK_TYPE_NONE = 0,
  PIN_CALLBACK_TYPE_SYSCALL = 1
}

Functions

VOID LEVEL_PINCLIENT::PIN_InitSymbols ()
BOOL LEVEL_PINCLIENT::PIN_InitSymbolsAlt (SYMBOL_INFO_MODE mode)
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddFollowChildProcessFunction (FOLLOW_CHILD_PROCESS_CALLBACK fun, VOID *val)
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddInternalExceptionHandler (INTERNAL_EXCEPTION_CALLBACK fun, VOID *val)
VOID LEVEL_PINCLIENT::PIN_TryStart (THREADID tid, INTERNAL_EXCEPTION_CALLBACK fun, VOID *val)
VOID LEVEL_PINCLIENT::PIN_TryEnd (THREADID tid)
BOOL LEVEL_PINCLIENT::PIN_IsProbeMode ()
BOOL LEVEL_PINCLIENT::PIN_IsAttaching ()
BOOL LEVEL_PINCLIENT::PIN_IsSafeForProbedInsertion (ADDRINT addr)
VOID LEVEL_PINCLIENT::PIN_InsertCallProbed (ADDRINT addr, AFUNPTR funptr,...)
VOID LEVEL_PINCLIENT::PIN_LockClient ()
VOID LEVEL_PINCLIENT::PIN_UnlockClient ()
VOID LEVEL_PINCLIENT::PIN_CallApplicationFunction (const CONTEXT *ctxt, THREADID tid, CALLINGSTD_TYPE cstype, AFUNPTR origFunPtr, CALL_APPLICATION_FUNCTION_PARAM *param,...)
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddFiniFunction (FINI_CALLBACK fun, VOID *val)
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddPrepareForFiniFunction (PREPARE_FOR_FINI_CALLBACK fun, VOID *val)
VOID LEVEL_PINCLIENT::PIN_AddFetchFunction (FETCH_CALLBACK fun, VOID *val)
size_t LEVEL_PINCLIENT::PIN_FetchCode (void *copyBuf, const VOID *address, size_t maxSize, EXCEPTION_INFO *pExceptInfo)
VOID LEVEL_PINCLIENT::PIN_AddOutOfMemoryFunction (OUT_OF_MEMORY_CALLBACK fun, VOID *val)
VOID LEVEL_PINCLIENT::PIN_AddMemoryAddressTransFunction (MEMORY_ADDR_TRANS_CALLBACK fun, VOID *val)
MEMORY_ADDR_TRANS_CALLBACK LEVEL_PINCLIENT::PIN_GetMemoryAddressTransFunction ()
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddDetachFunction (DETACH_CALLBACK fun, VOID *val)
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddDetachFunctionProbed (DETACH_PROBED_CALLBACK fun, VOID *val)
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddThreadStartFunction (THREAD_START_CALLBACK fun, VOID *val)
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddThreadAttachProbedFunction (THREAD_ATTACH_PROBED_CALLBACK fun, VOID *val)
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddThreadAttachFunction (THREAD_ATTACH_CALLBACK fun, VOID *val)
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddThreadDetachProbedFunction (THREAD_DETACH_PROBED_CALLBACK fun, VOID *val)
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddThreadDetachFunction (THREAD_DETACH_CALLBACK fun, VOID *val)
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddApplicationStartFunction (APPLICATION_START_CALLBACK fun, VOID *val)
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddThreadFiniFunction (THREAD_FINI_CALLBACK fun, VOID *val)
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddContextChangeFunction (CONTEXT_CHANGE_CALLBACK fun, VOID *val)
BOOL LEVEL_PINCLIENT::PIN_InterceptSignal (INT32 sig, INTERCEPT_SIGNAL_CALLBACK fun, VOID *val)
BOOL LEVEL_PINCLIENT::PIN_UnblockSignal (INT32 sig, BOOL enable)
VOID LEVEL_PINCLIENT::PIN_SetSmcSupport (SMC_ENABLE_DISABLE_TYPE enable_disable)
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddProbesInsertedFunction (PROBES_INSERTED_CALLBACK fun, VOID *val)
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddForkFunction (FPOINT point, FORK_CALLBACK fun, VOID *val)
VOID LEVEL_PINCLIENT::PIN_RemoveInstrumentation ()
VOID LEVEL_PINCLIENT::PIN_RemoveInstrumentationInRange (ADDRINT start, ADDRINT end)
VOID LEVEL_PINCLIENT::PIN_RemoveFiniFunctions ()
VOID LEVEL_PINCLIENT::PIN_Detach ()
ATTACH_STATUS LEVEL_PINCLIENT::PIN_Attach (ATTACH_CALLBACK fun, VOID *val)
VOID LEVEL_PINCLIENT::PIN_DetachProbed ()
ATTACH_STATUS LEVEL_PINCLIENT::PIN_AttachProbed (ATTACH_PROBED_CALLBACK fun, VOID *val)
PIN_CONFIGURATION_INFO LEVEL_PINCLIENT::PIN_CreateDefaultConfigurationInfo ()
VOID LEVEL_PINCLIENT::PIN_SetAllowedConcurrentCallbacks (PIN_CONFIGURATION_INFO options, PIN_CALLBACK_TYPE callbackType)
VOID LEVEL_PINCLIENT::PIN_StartProgram (PIN_CONFIGURATION_INFO options=PIN_CreateDefaultConfigurationInfo())
VOID LEVEL_PINCLIENT::PIN_StartProgramProbed ()
BOOL LEVEL_PINCLIENT::PIN_Init (INT32 argc, CHAR **argv)
CHAR * LEVEL_PINCLIENT::PIN_VmFullPath ()
const CHAR * LEVEL_PINCLIENT::PIN_ToolFullPath ()
size_t LEVEL_PINCLIENT::PIN_SafeCopy (VOID *dst, const VOID *src, size_t size)
size_t LEVEL_PINCLIENT::PIN_SafeCopyEx (VOID *dst, const VOID *src, size_t size, EXCEPTION_INFO *pExceptInfo)
BOOL LEVEL_PINCLIENT::PIN_IsActionPending (THREADID tid)
UINT32 LEVEL_PINCLIENT::PIN_GetInitialThreadCount ()
BOOL LEVEL_PINCLIENT::PIN_CheckReadAccess (VOID *addr)
BOOL LEVEL_PINCLIENT::PIN_CheckWriteAccess (VOID *addr)
ADDRINT LEVEL_PINCLIENT::PIN_GetAuxVectorValue (ADDRINT type, bool *found)

Detailed Description

This group of functions is used to initialize Pin, start the application, and a call backs for events like application exit.


Typedef Documentation

Call back function when pin initialization is finished.

Parameters:
[in]vThe tool's call-back value.
typedef VOID(* LEVEL_PINCLIENT::ATTACH_CALLBACK)(VOID *v)

Call back function when Pin attaches to application in JIT mode

Parameters:
[in]vThe tool's call-back value.
typedef VOID(* LEVEL_PINCLIENT::ATTACH_PROBED_CALLBACK)(VOID *v)

Call back function when Pin attaches to application in Probe mode

Parameters:
[in]vThe tool's call-back value.
typedef VOID(* LEVEL_PINCLIENT::CONTEXT_CHANGE_CALLBACK)(THREADID threadIndex, CONTEXT_CHANGE_REASON reason, const CONTEXT *from, CONTEXT *to, INT32 info, VOID *v)

Call-back function when application changes context.

Parameters:
[in]threadIndexThe Pin thread ID of the thread that changes contexts.
[in]reasonCause of the context change.
[in]fromApplication's register state prior to the context change (NULL if reason is CONTEXT_CHANGE_REASON_CALLBACK).
[in]toApplication's register state after context change (NULL if reason is CONTEXT_CHANGE_REASON_FATALSIGNAL). The tool may change this and affect the new register state.
[in]infoAdditional information (depends on reason):
  • CONTEXT_CHANGE_REASON_FATALSIGNAL: The Unix signal number.
  • CONTEXT_CHANGE_REASON_SIGNAL: The Unix signal number.
  • CONTEXT_CHANGE_REASON_EXCEPTION: The Windows exception code.
[in]vThe tool's call-back value.
typedef VOID(* LEVEL_PINCLIENT::DETACH_CALLBACK)(VOID *v)

Call back function when Pin detaches from application in JIT mode

Parameters:
[in]vThe tool's call-back value.
typedef VOID(* LEVEL_PINCLIENT::DETACH_PROBED_CALLBACK)(VOID *v)

Call back function when Pin detaches from application in Probe mode

Parameters:
[in]vThe tool's call-back value.
typedef size_t(* LEVEL_PINCLIENT::FETCH_CALLBACK)(void *buf, ADDRINT addr, size_t size, EXCEPTION_INFO *pExceptInfo, VOID *v)

Call back function that Pin will use to fetch code bytes to be jitted.

Parameters:
[out]bufA buffer which receives the fetched instruction bytes. This buffer is at least size bytes long.
[in]addrStarting address from which instruction bytes should be fetched.
[in]sizeThe number of bytes that should be fetched.
[out]pExceptInfoIf less than size bytes are fetched, pExceptInfo receives an exception that describes why more bytes could not be fetched. If Pin needs more bytes to decode the next instruction, this exception will be delivered to the application.
[in]vThe tool's call-back value.
Returns:
The number of bytes sucessfully fetched into buf. This may be less than size (or even zero) if Pin attempts to fetch instructions from an invalid address.
typedef VOID(* LEVEL_PINCLIENT::FINI_CALLBACK)(INT32 code, VOID *v)

Call back function when application exits. It is called after all the per thread fini functions were called (registered via PIN_AddThreadFiniFunction). This function may be called on any application thread or internal thread spawned by the tool.

It is prohibited to access the TLS in this callback.

Parameters:
[in]codeO/S specific termination code for the application.
[in]vThe tool's call-back value.
typedef VOID(* LEVEL_PINCLIENT::FORK_CALLBACK)(THREADID threadid, const CONTEXT *ctxt, VOID *v)

Call-back function when the application forks.

Parameters:
[in]threadIdThread index
[in]ctxtRegister state immediately before/after the fork.
[in]vThe tool's call-back value.
typedef BOOL(* LEVEL_PINCLIENT::INTERCEPT_SIGNAL_CALLBACK)(THREADID tid, INT32 sig, CONTEXT *ctxt, BOOL hasHandler, const EXCEPTION_INFO *pExceptInfo, VOID *v)

Call back function when the tool intercepts a signal with PIN_InterceptSignal().

Parameters:
[in]tidThe Pin thread ID of the thread that handled the signal.
[in]sigThe signal number.
[in,out]ctxtThe application's register state when it was interrupted by the signal. The tool may change this context if desired. If so, the application continues at the modified context. Or, if the application's signal handler is invoked, the handler is passed the modified context for its return context.
[in]hasHandlerTRUE if the application has a handler registered for this signal.
[in]pExceptInfoIf the signal represents an exception, pExceptInfo points to a description of the exception. If the signal is not an exception, pExceptInfo is NULL.
[in]vThe tool's call-back value.
Returns:
Returning TRUE tells Pin to pass the signal on to the application. Returning FALSE tells Pin to squash the signal and execution resumes at ctxt.

Handler (call-back) function when pin/tool generates internal exception. This function can be registered via PIN_AddInternalExceptionHandler() or PIN_TryStart(). This function becomes active only after APPLICATION_START_CALLBACK notification is delivered. Any internal exception prior to this event can't be handled.

If the exception occurred while analysis routine is executed, it is legal to modify the execution control path using functions such as PIN_RaiseException() or PIN_ExecuteAt(). In this case, any per-thread INTERNAL_EXCEPTION_CALLBACK function registered via PIN_TryStart() will be unregistered automatically (similar semantics to PIN_TryEnd() for all registered notifications)

Note:
It is unsupported to call PIN_CallApplicationFunction() in the scope of this callback
Parameters:
[in]tidThe Pin thread ID of the thread that generated the exception.
[in,out]pExceptInfoPointer to the EXCEPTION_INFO structure that describes the exception. If the exception should be raised in the context of the application (using PIN_RaiseException()), The tool should update the exception info to match the OS logic (e.g. update exception address using PIN_SetExceptionAddress()).
[in,out]pPhysCtxtPhysical register state when the exception was generated. The tool can change pPhysCtxt (make sure that if PIN_TryStart() was called, matching PIN_TryEnd() will be called)
[in]vThe tool's call-back value.
Returns:
an EXCEPT_HANDLING_RESULT value
typedef ADDRINT(PIN_FAST_ANALYSIS_CALL * LEVEL_PINCLIENT::MEMORY_ADDR_TRANS_CALLBACK)(PIN_MEM_TRANS_INFO *memTransInfo, VOID *v)

Call back function for pin/tool to modify memory address arguments in analysis routines. This feature allows users to register for a callback immediately prior to an analysis routine which gets one of the four IARG_MEMORY*_PTR as a parameter. The callback enables the user to manipulate the memory address pointed to by the aforementioned parameter. This function can be registered via PIN_AddMemoryAddressTransFunction(). This function is called from the jitted code, so calls to this function are not serialized.

Parameters:
[in]memTransInfoMemory address data structure
[in]vThe tool's call-back value
typedef VOID(* LEVEL_PINCLIENT::OUT_OF_MEMORY_CALLBACK)(size_t size, VOID *v)

Call back function when pin/tool is out of memory. This function can be registered via PIN_AddOutOfMemoryFunction().

Parameters:
[in]sizeSize of the failed allocation
[in]vThe tool's call-back value

Global configuration for Pin. Currently, this configuration includes whether Pin should serialize calls to some callbacks (for backward compatibility) or if it should concurrently call the callbacks (better for multi-threaded performance).

See also: PIN_SetAllowedConcurrentCallbacks()

Note:
A new instance of PIN_CONFIGURATION_INFO with default values should be created with PIN_CreateDefaultConfigurationInfo()

Call back function invoked when Pin is about to detach from terminating process. The function that is registered by this callback may gracefully finish all the internal threads of the tool, e.g.

  • Force all the internal threads of the tool to finish using return from the main function of the thread or calling PIN_ExitThread.
  • Wait until all the internal threads are finished before it will continue to run. : normal run of the internal threads after exit from all registered call back functions of this type is not guaranteed. : If current thread is an internal thread, do not finish it in this callback!

This function is invoked in thread that initiated process termination. This function is registered via PIN_AddPrepareForFiniFunction().

Parameters:
[in]vThe tool's call-back value
typedef VOID(* LEVEL_PINCLIENT::PROBES_INSERTED_CALLBACK)(IMG img, VOID *v)

Callback function when probe insertion is complete.

Parameters:
[in]imgImage.
[in]vThe tool's call-back value.

Call back function when Pin removes all old instrumented code from its cache

Parameters:
[in]vThe tool's call-back value.
typedef VOID(* LEVEL_PINCLIENT::THREAD_ATTACH_CALLBACK)(THREADID threadIndex, CONTEXT *ctxt, VOID *v)

Call-back function when an attached thread starts to run under Pin in JIT mode.

Parameters:
[in]threadIndexThe Pin thread ID of the terminating thread.
[in]ctxtRegister state of the thread.
[in]vThe tool's call-back value.
typedef VOID(* LEVEL_PINCLIENT::THREAD_ATTACH_PROBED_CALLBACK)(VOID *sigmask, VOID *v)

Call-back function when an attached thread starts to run under Pin in probe mode. The tool receives the signal mask at the attach point and can modify it. The changes to this value will be applied when the thread continues to run. Pin does not validate the new signal mask so tools must take extra care when modifying this value.

Parameters:
[in,out]sigmaskThe thread's signal mask at the attach point. The tool may change this and affect the signal mask once the thread starts running again.
[in]vThe tool's call-back value.
typedef VOID(* LEVEL_PINCLIENT::THREAD_DETACH_CALLBACK)(THREADID threadIndex, const CONTEXT *ctxt, VOID *v)

Call-back function before an application thread is detached from Pin in JIT mode. The callback is received in the thread native context before Pin detach.

Parameters:
[in]threadIndexThe Pin thread ID of the terminating thread.
[in]ctxtRegister state of the thread immediately before it detaches.
[in]vThe tool's call-back value.

Call-back function before an application thread is being detached from Pin in probe mode. The callback is received in the thread native context before probes removal.

Parameters:
[in]vThe tool's call-back value.
typedef VOID(* LEVEL_PINCLIENT::THREAD_FINI_CALLBACK)(THREADID threadIndex, const CONTEXT *ctxt, INT32 code, VOID *v)

Call-back function when thread ends.

This function may be called on a different thread than the given threadIndex.

Parameters:
[in]threadIndexThe Pin thread ID of the terminating thread.
[in]ctxtRegister state of the thread immediately before it terminates.
[in]codeO/S specific termination code for the thread.
[in]vThe tool's call-back value.
typedef VOID(* LEVEL_PINCLIENT::THREAD_START_CALLBACK)(THREADID threadIndex, CONTEXT *ctxt, INT32 flags, VOID *v)

Call-back function when thread begins.

Parameters:
[in]threadIndexThe Pin thread ID of the new thread.
[in]ctxtInitial register state for the new thread. The tool may change this.
[in]flagsO/S specific flags for the new thread.
[in]vThe tool's call-back value.

Enumeration Type Documentation

Return values of PIN_Attach() and PIN_AttachProbed() which describe the status of the attach request.

Enumerator:
ATTACH_INITIATED 

Attach request was delivered successfully to PIN.

ATTACH_FAILED_DETACH 

Attach request was not delivered to Pin since detach session hasn't completed yet.

Possible reasons for an application context change.

Enumerator:
CONTEXT_CHANGE_REASON_FATALSIGNAL 

Receipt of fatal Unix signal.

CONTEXT_CHANGE_REASON_SIGNAL 

Receipt of handled Unix signal.

CONTEXT_CHANGE_REASON_SIGRETURN 

Return from Unix signal handler.

CONTEXT_CHANGE_REASON_APC 

Receipt of Windows APC.

CONTEXT_CHANGE_REASON_EXCEPTION 

Receipt of Windows exception.

CONTEXT_CHANGE_REASON_CALLBACK 

Receipt of Windows call-back.

Possible return values of the INTERNAL_EXCEPTION_CALLBACK exception filter function

Enumerator:
EHR_HANDLED 

Exception is handled. Continue execution with the internal physical context.

EHR_UNHANDLED 

Exception is not handled. Execute default system procedure for unhandled exceptions (Windows) or abort the process (Unix)

EHR_CONTINUE_SEARCH 

Execute next (upper level) exception filter function, if any. For the uppermost filter, this is the same as EHR_UNHANDLED semantics

time of callback notification

Enumerator:
FPOINT_BEFORE 

Call-back in parent, just before fork.

FPOINT_AFTER_IN_PARENT 

Call-back in parent, immediately after fork.

FPOINT_AFTER_IN_CHILD 

Call-back in child, immediately after fork.

Types of Pin callbacks. These type could be used with the function PIN_SetAllowedConcurrentCallbacks()

Enumerator:
PIN_CALLBACK_TYPE_NONE 

None of the callback types.

PIN_CALLBACK_TYPE_SYSCALL 

Syscall entry/exit callback.

Enum for controlling Pin's SMC detection

List of supported modes of symbolic information delivery. Used in PIN_InitSymbolsAlt().

Enumerator:
NO_SYMBOLS 

No symbols required.

EXPORT_SYMBOLS 

Only symbols taken from export table are provided (Windows only)

DEBUG_SYMBOLS 

Debug symbols (Windows only, currently implemented as DEBUG_OR_EXPORT_SYMBOLS)

IFUNC_SYMBOLS 

IFUNC symbols (Linux only)

DEBUG_OR_EXPORT_SYMBOLS 

First debug symbols if available, otherwise export symbols (Windows only)


Function Documentation

PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddApplicationStartFunction ( APPLICATION_START_CALLBACK  fun,
VOID *  val 
)

Register a notification function that is called after pin initialization is finished. This notification function is available when pin launches the application and when pin attaches to a running process.

When pin launches the application, this notification function is called on the application's main thread.

When pin attaches to a running process, this notification function is called on a dedicated thread which is not part of the application's threads.
When it is called, all the application's threads are paused by Pin and are about to be released.
No new threads can be created by the application at this time.

When Pin starts running a program, it calls into the tool several times in the following order:
1. Calls the tool's main() function.
2. If the tool set up a notification with IMG_AddInstrumentFunction(), Pin calls this call-back for each image that is already loaded in the application's address space at the point when Pin attaches to it.
3. Calls any notification call-backs set up with PIN_AddApplicationStartFunction().

Parameters:
[in]funFunction to be called at application start.
[in]valValue to pass to the function.
Returns:
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT & Probe
O/S: Windows, Linux
CPU: IA-32, Intel(R) 64
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddContextChangeFunction ( CONTEXT_CHANGE_CALLBACK  fun,
VOID *  val 
)

Register a notification function that is called immediately before the application changes context due to receipt of an asynchronous event such as Unix signal or Windows APC.

Parameters:
[in]funCall-back function to execute immediately before the application changes context.
[in]valValue to pass to the function.
Returns:
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows
CPU: All
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddDetachFunction ( DETACH_CALLBACK  fun,
VOID *  val 
)

Call func immediately before Pin relinquishes control of the application through PIN_Detach().

At this stage no more instrumentation/analysis callbacks will be called

This function is called one time for the process. It may be called by any thread. Pin memory is not freed at this moment.

Parameters:
funCall back function to execute before detaching
valValue to be passed to fun when it is called
Returns:
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, OS X*
CPU: All
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddDetachFunctionProbed ( DETACH_PROBED_CALLBACK  fun,
VOID *  val 
)

Register a notification function that is called immediately after Pin relinquishes control of the application through PIN_DetachProbed(). There can be more than one Detach callback function.
When this callback function is called, it is guaranteed that Pin removed all probes from the application code and that no other callback function will be called afterwards (except from additional Detach callback functions).

Parameters:
funCall back function to execute before detaching
valValue to be passed to fun when it is called
Returns:
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: Probe
O/S: Windows, Linux
CPU: All
VOID LEVEL_PINCLIENT::PIN_AddFetchFunction ( FETCH_CALLBACK  fun,
VOID *  val 
)

Called to register a function That will become the function that Pin calls to fetch application instructions. Pin sometimes attempt to fetch instructions from an invalid address, and the call-back needs to handle this correctly. If multiple functions are registered using this API, only the last one registered is used

Pin cannot automatically detect self-modifying code (SMC) when a tool uses this API. Therefore, such tools take over responsibility for detecting SMC and must explicitly regenerate all traces within a modified code range if such was detected using PIN_RemoveInstrumentationInRange.

Parameters:
[in]funThe tool's call-back function.
[in]valThe tool's call-back value.
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & OS X*
CPU: All
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddFiniFunction ( FINI_CALLBACK  fun,
VOID *  val 
)

Call func immediately before the application exits. The function is not an instrumentation function--it cannot insert instrumentation. There can be more than one Fini function.

Parameters:
funCall back function is passed exit code and val
valValue to be passed to fun when it is called
Returns:
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & OS X*
CPU: All
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddFollowChildProcessFunction ( FOLLOW_CHILD_PROCESS_CALLBACK  fun,
VOID *  val 
)

Register a notification function that is called before a child/exec-ed process is starting to execute

NOTE: Only one callback can be registered

Parameters:
[in]funCall-back function
[in]valValue to pass to the function
Returns:
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT & Probe
O/S: Windows, Linux, MacOS
CPU: All
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddForkFunction ( FPOINT  point,
FORK_CALLBACK  fun,
VOID *  val 
)

Register a notification handler that is called when the application forks a new process. The function can only be used on Linux.

Parameters:
[in]whereTells when to make the call-back and tells whether the parent or child makes the call-back.
[in]funCall-back function to execute.
[in]vValue passed as final parameter to call-back.
Returns:
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties

If the fork function fails, the FPOINT_AFTER_IN_PARENT function, if it exists, is still called.

Note:
The pin client is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, OS X*
CPU: All
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddInternalExceptionHandler ( INTERNAL_EXCEPTION_CALLBACK  fun,
VOID *  val 
)

Register a global (not per-thread) notification handler function that is called upon receipt of any unhandled internal exception in Pin or the tool. This handler does not catch exceptions that are generated by the application, nor does it catch exceptions that are handled by PIN_TryStart() / PIN_TryEnd(). The handler is active for all the application's threads, it should be called in tool's main() before PIN_StartProgram(). If it is called after PIN_StartProgram() is called, it will be ignored. The user can register up to MAX_IEH_CALLBACKS global notification functions.

Note:
This function should be used for permanent global call-back registration (as opposed to PIN_TryStart() / PIN_TryEnd() pair which should be used for function scope registration).
Parameters:
[in]funHandler function to execute upon receipt of internal exception in pin/tool.
[in]valValue to pass to the function.
Returns:
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Windows
CPU: All
VOID LEVEL_PINCLIENT::PIN_AddMemoryAddressTransFunction ( MEMORY_ADDR_TRANS_CALLBACK  fun,
VOID *  val 
)

Register a callback for modifying memory address arguments that are passed to analysis routines. See MEMORY_ADDR_TRANS_CALLBACK for usage details.

Only one such callback may be registered.

Parameters:
funCall back function is passed the thread id, address, size, read
valValue to be passed to fun when it is called
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & OS X*
CPU: All
VOID LEVEL_PINCLIENT::PIN_AddOutOfMemoryFunction ( OUT_OF_MEMORY_CALLBACK  fun,
VOID *  val 
)

Register a notification function that is called when pin/tool is out of memory.
Try to reduce memory consumption when this notification function is called.
Any implicit or explicit usage of malloc()/realloc() etc. in this notification function might cause an infinite recursion.
The call to the notification function is NOT serialized by pin. The user can't assume anything about the locks state while the notification is delivered (as out of memory condition can occur anywhere). Avoid dead-locks by careful design of the notification function.

A tool can register only one notification function.
A new notification function registration overwrites any previous registration.
To disable the notification function, pass a NULL function pointer.

Parameters:
funCall back function is passed the size of the failing allocation
valValue to be passed to fun when it is called
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT & PROBE
O/S: Linux, Windows & OS X*
CPU: All
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddPrepareForFiniFunction ( PREPARE_FOR_FINI_CALLBACK  fun,
VOID *  val 
)

Register a function to be called when the application is about to exit. The registered function will be executed in a thread that initiated the exit and currently does not hold any thread synchronization lock in Pin. It means that this callback function can be executed concurrently with other Pin callbacks and APIs.
All callbacks registered by this function will be executed before any callback registered by the PIN_AddFiniFunction() function.

Parameters:
funCallback function to be registered
valValue to be passed to fun when it is called
Returns:
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note:
Function registered by this API after application exit is started, may not be executed.
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & OS X*
CPU: All
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddProbesInsertedFunction ( PROBES_INSERTED_CALLBACK  fun,
VOID *  val 
)

Register a notification function that is called when Pin has inserted all probes.

Parameters:
[in]imgImage.
[in]funCallback function to execute when probe insertion is complete.
[in]valValue to pass to the function.
Returns:
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note:
The pin client is obtained during the call of this API.
Availability:
Mode: Probe
O/S: Linux, Windows
CPU: All
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddThreadAttachFunction ( THREAD_ATTACH_CALLBACK  fun,
VOID *  val 
)

This API is useful when Pin is run in JIT mode and attaches to a running process. Tools may use this API to register a notification that is called by each application thread.

After Pin attaches to the process, Pin first notifies the tool of any images that are loaded (see IMG_AddInstrumentFunction()) and then notifies the tool that initialization is complete (see PIN_AddApplicationStartFunction()). After that, each thread in the application calls the notification set up by PIN_AddThreadAttachFunction(). After each thread returns from this notification, it resumes execution in the application code.

Note, this notification happens only for threads that exist in the process at the time that Pin attaches.

It does not happen for the following threads: 1. Threads that are created in the process after Pin is already attached. 2. Internal threads spawned by Pin tool when Pin re-attaches to the application.

Parameters:
[in]funCall-back function to execute for the attached thread.
[in]valValue to pass to the function.
Returns:
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux & OS X*
CPU: All
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddThreadAttachProbedFunction ( THREAD_ATTACH_PROBED_CALLBACK  fun,
VOID *  val 
)

This API is useful when Pin is run in probe mode and attaches to a running process. Tools may use this API to register a notification that is called by each application thread.

After Pin attaches to the process, Pin first notifies the tool of any images that are loaded (see IMG_AddInstrumentFunction()) and then notifies the tool that initialization is complete (see PIN_AddApplicationStartFunction()). After that, each thread in the application calls the notification set up by PIN_AddThreadAttachProbedFunction(). After each thread returns from this notification, it resumes execution in the application code.

Note, this notification happens only for threads that exist in the process at the time that Pin attaches. It does not happen for threads that are created in the process after Pin is already attached.

Parameters:
[in]funCall-back function to execute for the attached thread.
[in]valValue to pass to the function.
Returns:
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: Probe
O/S: Linux & OS X*
CPU: All
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddThreadDetachFunction ( THREAD_DETACH_CALLBACK  fun,
VOID *  val 
)

This API is useful when Pin runs in JIT mode and detaches from a running process. Tools may use this API to register a notification that is called by each application thread before Pin detaches from the thread. This notification is given in the thread native context.

Note, this notification happens only for application threads that exist in the process at the time that Pin detaches. It does not happen for the following threads: 1. Threads that are created in the process after Pin is already detached. 2. Internal threads spawned by Pin tool.

Parameters:
[in]funCall-back function to execute by the detaching thread.
[in]valValue to pass to the function.
Returns:
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux
CPU: All
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddThreadDetachProbedFunction ( THREAD_DETACH_PROBED_CALLBACK  fun,
VOID *  val 
)

This API is useful when Pin runs in probe mode and detaches from a running process. Tools may use this API to register a notification that is called by each application thread before any probes removal. This notification is given in the thread native context.

Note, this notification happens only for threads that exist in the process at the time that Pin detaches. It does not happen for threads that are created in the process after Pin is already detached.

Parameters:
[in]funCall-back function to execute by the detaching thread.
[in]valValue to pass to the function.
Returns:
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: Probe
O/S: Linux & OS X*
CPU: All
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddThreadFiniFunction ( THREAD_FINI_CALLBACK  fun,
VOID *  val 
)

Register a notification function that is called when an application thread terminates. The call-back happens even for the application's root (initial) thread.

The notification call-back will often happen on the physical thread that is exiting, but under some circumstances it will be called on a different physical thread.

Parameters:
[in]funCall-back function to execute for the terminating thread.
[in]valValue to pass to the function.
Returns:
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & OS X*
CPU: All
PIN_CALLBACK LEVEL_PINCLIENT::PIN_AddThreadStartFunction ( THREAD_START_CALLBACK  fun,
VOID *  val 
)

Register a notification function that is called when a thread starts executing in the application. The call-back happens even for the application's root (initial) thread.

Parameters:
[in]funCall-back function to execute for the new thread.
[in]valValue to pass to the function.
Returns:
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & OS X*
CPU: All
ATTACH_STATUS LEVEL_PINCLIENT::PIN_Attach ( ATTACH_CALLBACK  fun,
VOID *  val 
)

Initiate Pin attach request in JIT mode. If Pin was not detached (using PIN_DetachProbed()) this function will be ignored.
The given notification function will be called immediately after Pin regains control of the application. It is expected that in the scope of this callback, the tool will register callbacks (e.g. IMG_AddInstrumentFunction()) and will reconfigure itself (if needed). In order to change tool's KNOB value, use KNOB: Basics

Note:
Pin's state can't be reconfigured in the scope of the callback function (don't use PIN_Init(), PIN_InitSymbols(), PIN_StartProgramProbed() etc.)
Parameters:
funCall back function to execute when starting to attach
valValue to be passed to fun when it is called
Returns:
status of attach request (ATTACH_STATUS)
Note:
The vm and pin client locks are obtained during the call of this API.
Availability:
Mode: JIT
O/S: Windows, Linux
CPU: IA32, Intel64
ATTACH_STATUS LEVEL_PINCLIENT::PIN_AttachProbed ( ATTACH_PROBED_CALLBACK  fun,
VOID *  val 
)

Initiate Pin attach request in probe mode. If Pin was not detached (using PIN_DetachProbed()) this function will be ignored.
The given notification function will be called immediately after Pin regain control of the application. It is expected that in the scope of this callback, the tool will register callbacks (e.g. IMG_AddInstrumentFunction()) and will reconfigure itself (if needed). In order to change tool's KNOB value, use KNOB: Basics

Note:
Pin's state can't be reconfigured in the scope of the callback function (don't use PIN_Init(), PIN_InitSymbols(), PIN_StartProgramProbed() etc.)
Parameters:
funCall back function to execute when starting to attach
valValue to be passed to fun when it is called
Returns:
status of attach request (ATTACH_STATUS)
Note:
The vm and pin client locks are obtained during the call of this API.
Availability:
Mode: Probe
O/S: Windows, Linux
CPU: IA32, Intel64
VOID LEVEL_PINCLIENT::PIN_CallApplicationFunction ( const CONTEXT ctxt,
THREADID  tid,
CALLINGSTD_TYPE  cstype,
AFUNPTR  origFunPtr,
CALL_APPLICATION_FUNCTION_PARAM param,
  ... 
)

This API allows a tool to call a function inside the application. The function is executed under control of Pin's JIT compiler, and the application code is instrumented normally. Tools should not make direct calls to application functions when Pin is in JIT mode.

PIN_CallApplicationFunction() can be called from a replacement routine or an analysis routine, but not from a call-back. Note that this API can result in recursive execution in the tool since the called application function is also instrumented.

One usage model for this API is to "wrap" an application function, executing analysis code before the function is called and after it returns. To do this, use RTN_ReplaceSignature() to replace the application function, use IARG_ORIG_FUNCPTR to pass the original function pointer to the replacement routine, and use IARG_CONST_CONTEXT to pass the register state. You can then call back on the original function from your replacement routine with PIN_CallApplicationFunction(). Note, however, that the overhead of PIN_CallApplicationFunction() can be high, so it is more efficient to use *_InsertCall() instead if possible.

Parameters:
[in]ctxtThe application register state to use when calling the function. Pin changes the register state in order to pass arguments to the function, but the ctxt parameter isn't changed.
[in]tidThe Pin id of the current thread (see IARG_THREAD_ID).
[in]cstypeThe calling standard used for calling this function (CALLINGSTD_DEFAULT recommended).
[in]origFunPtrThe entry point of the application function.
[in]paramAdditional parameters to define the exact behavior of this function invocation (or NULL for using the defaults). See CALL_APPLICATION_FUNCTION_PARAM .
[in]...List of function argument type and size.

See PIN_PARG for the recommended method of passing function arguments. PIN_PARG_END() must end the argument list, even if the function has no arguments. If the application function has a return value, it must appear first in the argument list.

Note:
The vm lock is obtained during the call of this API.
Availability:
Mode: JIT only
O/S: Linux and Windows
CPU: IA-32 and Intel(R) 64 architectures
BOOL LEVEL_PINCLIENT::PIN_CheckReadAccess ( VOID *  addr)

Given an address, this API checks whether the memory page which contains this address has a read access protection.

Parameters:
[in]addrmemory address
Returns:
True if the memory page which contains the given address has a read access protection, false otherwise.
Note:
PIN_CheckReadAccess() should not be called before the application has been started. For instance, it cannot be called in an Image load callback. Unexpected results will occur.
Availability:
Mode: JIT
O/S: Linux, Windows & OS X*
CPU: IA-32 and Intel(R) 64 architectures
BOOL LEVEL_PINCLIENT::PIN_CheckWriteAccess ( VOID *  addr)

Given an address, this API checks whether the memory page which contains this address has a write access protection.

Parameters:
[in]addrmemory address
Returns:
True if the memory page which contains the given address has a write access protection, false otherwise.
Note:
PIN_CheckWriteAccess() should not be called before the application has been started. For instance, it cannot be called in an Image load callback. Unexpected results will occur.
PIN_CheckWriteAccess assume that if a memory page has a write access protection it also has a read
Availability:
Mode: JIT
O/S: Linux, Windows & OS X*
CPU: IA-32 and Intel(R) 64 architectures
PIN_CONFIGURATION_INFO LEVEL_PINCLIENT::PIN_CreateDefaultConfigurationInfo ( )

Creates an instance of PIN_CONFIGURATION_INFO with default values. This instance can be passed to PIN_StartProgram() in order to take effect on Pin.

The default values are:

  • Callback types which are allowed to run concurrently - None (PIN_CALLBACK_TYPE_NONE)
Availability:
Mode: JIT
O/S: Linux, Windows & OS X*
CPU: IA-32 and Intel(R) 64 architectures
VOID LEVEL_PINCLIENT::PIN_Detach ( )

Pin relinquishes control of the application and the original un-instrumented code is executed.

On Linux, the function may be invoked from analysis, instrumentation or callback routines. It may be executed by any thread, including threads spawned by the Pintool which are invisible to the Pin VM.

On Windows and OS X*, the function must be invoked from an analysis routine. Invoking the function from instrumentation routines could cause Pin to misbehave. See Tests/detach.C for an example of its use.

The request for detach is considered by Pin as asynchronous. This means that Pin will perform the detach procedure at a point which it considers convenient to do so. From the user's perspective, instrumentation, analysis or callback routines might still be executed after calling PIN_Detach(). In practice, PIN_Detach() simply registers the request to the Pin VM and exits immediately i.e. the function does not wait for detach to complete.

Once Pin starts the detach procedure, it can't be blocked, and will not run forever. It is not possible to detach one thread. All threads will run natively after PIN_Detach(). During detach, Pin doesn't free memory used for Pin objects. This memory will be used during re-attach.

During the detach procedure Pin runs an auxiliary process, which communicates with the running application process via debug interface. The auxiliary process is temporary and will exit immediately when the detach procedure is completed. For the user, this means that a debugger cannot be attached to the application process during detach.

Use PIN_AddDetachFunction() to receive a notification just prior to detach. The callback will be received after all the threads are stopped inside the VM and no more instrumentation functions, analysis routines or callbacks will be called.
Note: at this point, the auxiliary process mentioned above is still attached to the application process.

Note:
The vm and client locks are obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows, & OS X*
CPU: All
VOID LEVEL_PINCLIENT::PIN_DetachProbed ( )

Initiate Pin detach request in probe mode. In the scope of this operation, Pin removes all probes set by Pin & tool, The user can get a notification when the detach operation has been completed (via callback registration using PIN_AddDetachFunctionProbed()). On Linux, the user can get additional per-thread callbacks just prior to probes removal. (via callback registration using PIN_AddThreadDetachProbedFunction()).These callbacks will be given for each thread in its native context. If Pin has already detached (using PIN_DetachProbed()), or if Pin has not fully started yet (the notification function registered by PIN_AddApplicationStartFunction() was not yet delivered to the tool), this function will be ignored.

Note:
Even though Pin removes all probes, replacement functions can still be active (for example, if the replacement function is still located on the call stack of one of the threads). It is the tool responsibility to handle these scenarios.
The vm and pin client locks are obtained during the call of this API.
Availability:
Mode: Probe
O/S: Linux, Windows, & OS X*
CPU: IA32, Intel64
size_t LEVEL_PINCLIENT::PIN_FetchCode ( void *  copyBuf,
const VOID *  address,
size_t  maxSize,
EXCEPTION_INFO pExceptInfo 
)

A function to fetch the code raw bytes.

This function should be used when the tool needs the raw bytes of instructions and the tool is using a code fetcher function that translates the original code address to an actual code address.

Parameters:
[out]copyBufdestination buffer
[in]addressaddress to copy from
[in]maxSizenumber of bytes to copy
[out]pExceptInfopointer to the structure that receives the exception information
Availability:
Mode: JIT
O/S: Linux, Windows & OS X*
CPU: All
ADDRINT LEVEL_PINCLIENT::PIN_GetAuxVectorValue ( ADDRINT  type,
bool *  found 
)

Given an aux vector entry type, returns the entry's value.

Parameters:
[in]typeThe type of the desired auxv entry.
[out]foundTrue if the entry was found, false otherwise.
Returns:
The value of the aux vector entry, undefined if .
Availability:
Mode: JIT/Probe
O/S: Linux CPU: IA-32 and Intel(R) 64 architectures
UINT32 LEVEL_PINCLIENT::PIN_GetInitialThreadCount ( )

This function is useful when the tool that use attach is doing some initial work that needs the number of threads at the time of the attach.

Returns:
Number of threads at the time of the attach, in all other cases it will return one. It is not implemented for Windows with attach.
Availability:
Mode: JIT/Probe
O/S: Linux
CPU: IA-32 and Intel(R) 64 architectures
MEMORY_ADDR_TRANS_CALLBACK LEVEL_PINCLIENT::PIN_GetMemoryAddressTransFunction ( )

Get the Registered notification function that is called when tool needs to modify memory address in PIN.

Parameters:
funCall back function has no parameters
valValue to be passed to fun when it is called
Availability:
Mode: JIT & PROBE
O/S: Linux, Windows & OS X*
CPU: All
BOOL LEVEL_PINCLIENT::PIN_Init ( INT32  argc,
CHAR **  argv 
)

Initialize Pin system. Must be called before PIN_StartProgram

Parameters:
argcargc value passed to main
argvargv value passed to main, encoded in UTF8 (a superset of ASCII)
Returns:
true if an error was detected parsing the command line
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT & Probe
O/S: Linux, Windows & OS X*
CPU: All
VOID LEVEL_PINCLIENT::PIN_InitSymbols ( )

Initialize symbol table code. Pin does not read symbols unless this is called. Must be called before PIN_StartProgram

Availability:
Mode: JIT & Probe
O/S: Linux, Windows & MacOS
CPU: All
BOOL LEVEL_PINCLIENT::PIN_InitSymbolsAlt ( SYMBOL_INFO_MODE  mode)

Initialize symbol table code with an explicitly specified mode of symbol support.
Pin does not read symbols unless this is called.
Must be called before PIN_StartProgram.
Alternative to PIN_InitSymbols() on Windows & Linux.
On MacOS it is implemented as PIN_InitSymbols()

Parameters:
[in]modeExplicit mode of symbol support. Valid values:
EXPORT_SYMBOLS Only symbols taken from export table are provided. Line information is not available (Windows only).
DEBUG_SYMBOLS Currently treated the same as DEBUG_OR_EXPORT_SYMBOLS (Windows only).
IFUNC_SYMBOLS IFUNC symbols (Linux only).
DEBUG_OR_EXPORT_SYMBOLS First debug symbols if available, otherwise export symbols. This mode is set by PIN_InitSymbols() (Windows only)
This parameter is ignored on operating systems other than Windows & Linux.
Returns:
TRUE if the operation succeeded
Availability:
Mode: JIT & Probe
O/S: Windows, Linux & MacOS
CPU: All
VOID LEVEL_PINCLIENT::PIN_InsertCallProbed ( ADDRINT  addr,
AFUNPTR  funptr,
  ... 
)

Insert a call to an analysis routine relative to a location. In this location we expect to find a safe instruction, i.e. an instruction which is large enough to be replaced entirely with a jump instruction (i.e. 5/7 bytes long), it is not a control flow instruction, and it doesn't have memory operand.

Parameters:
addressthe application address to instrument
funptrthe analysis function
...IARG_TYPE. The list must end with IARG_END.

PIN_StartProgramProbed() must be used when using this API.

Some restrictions apply when using IARG_CONTEXT. See Instrumentation arguments for more information. IARG_THREAD_ID is not supported.

Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: Probe
O/S: All
CPU: IA-32 and Intel(R) 64 architectures
BOOL LEVEL_PINCLIENT::PIN_InterceptSignal ( INT32  sig,
INTERCEPT_SIGNAL_CALLBACK  fun,
VOID *  val 
)

Establish an interceptor function for signals delivered to the application. Tools should never call sigaction() directly to handle signals. The interceptor function is called whenever the application receives the requested signal, regardless of whether the application has a handler for that signal. The tool's handler can then decide whether the signal should be forwarded to the application.

There are two intended usage models for this API, which are both advanced features. If your tool merely needs to be notified of signals that are sent to the application, use PIN_AddContextChangeFunction() instead.

In one usage model, a tool can take over ownership of a signal in order to use the signal as an asynchronous communication mechanism to the outside world. For example, if a tool intercepts SIGUSR1, a user of the tool could send this signal and tell the tool to do something. In this usage model, the tool may want to call PIN_UnblockSignal() so that it will receive the signal even if the application attempts to block it.

In the second usage model, the tool may need to "squash" certain signals that the application generates. For example, a tool that forces speculative execution in the application may want to intercept and squash exceptions generated in the speculative code.

A tool can set only one "intercept" handler for a particular signal, so a new handler overwrites any previous handler for the same signal. To disable a handler, pass a NULL function pointer.

Parameters:
[in]sigThe signal number to intercept, which may not be SIGKILL or SIGSTOP.
[in]funThe tool's intercept function, or NULL.
[in]valValue to pass to the intercept function.
Returns:
TRUE on success (always FALSE on Windows).
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux
CPU: All
BOOL LEVEL_PINCLIENT::PIN_IsActionPending ( THREADID  tid)

This function is useful when an analysis routine might block for an indefinite period of time. In such cases, the analysis code can periodically call PIN_IsActionPending() to see if the thread has some pending action that needs to be handled in the Pin VM. If so, the analysis routine should return back to the VM, either by returning or by calling PIN_ExecuteAt().

Parameters:
[in]tidThe ID of the calling thread.
Returns:
TRUE if the thread has a pending action in the Pin VM.
Availability:
Mode: JIT
O/S: Linux
CPU: IA-32 and Intel(R) 64 architectures
BOOL LEVEL_PINCLIENT::PIN_IsAttaching ( )
Returns:
TRUE if Pin is being attached to a running application process
BOOL LEVEL_PINCLIENT::PIN_IsProbeMode ( )
Returns:
Return TRUE if -probe on command line or if Tool started application calling PIN_StartProgramProbed().
Note:
Tool can run in Probe mode without specifying -probe on the command line. This switch is provided as a convenience. In that case, PIN_IsProbeMode() will return FALSE before PIN_StartProgramProbed() was called (Since the default running mode is JIT).
Availability:
Mode: JIT & Probe
O/S: Linux, Windows & MacOS
CPU: All
BOOL LEVEL_PINCLIENT::PIN_IsSafeForProbedInsertion ( ADDRINT  addr)

Check if the given location is safe for probe insertion. This means that the location contains an instruction which is large enough to be replaced entirely with a jump instruction (i.e. 5/7 bytes long), it is not a control flow instruction, and it doesn't have memory operand.

Parameters:
addressthe application address to instrument
Returns:
TRUE/FALSE if the location is safe

PIN_StartProgramProbed() must be used when using this API.

Availability:
Mode: Probe
O/S: All
CPU: IA-32 and Intel(R) 64 architectures
VOID LEVEL_PINCLIENT::PIN_LockClient ( )

Some Pin API functions may only be called when the thread is holding this lock. See also PIN_UnlockClient. The client lock is recursive, so can be claimed again by a thread if it already holds it. PIN_LockClient and PIN_UnlockClient calls must be matched, since the lock implementation maintains a depth count.
This function can be used in any thread, including internal threads spawned by the tool.

Availability:
Mode: JIT & Probe
O/S: Linux, Windows & OS X*
CPU: All
VOID LEVEL_PINCLIENT::PIN_RemoveFiniFunctions ( )

Invalidates all the Fini callback functions registered via PIN_AddFiniFunction; Fini callbacks will no longer be called before the application exits.

Must be called prior to invoking PIN_Detach if the tool has previously registered Fini callbacks and libc.so is not yet loaded into memory yet for a dynamically linked binary.

Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & OS X*
CPU: All
VOID LEVEL_PINCLIENT::PIN_RemoveInstrumentation ( )

All instrumentation is removed. When application code is executed the instrumentation routines will be called to reinstrument all code. Similarly, any ahead-of-time instrumentation will be reapplied if the relevant code is re-executed.

Note:
The vm lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & OS X*
CPU: All
VOID LEVEL_PINCLIENT::PIN_RemoveInstrumentationInRange ( ADDRINT  start,
ADDRINT  end 
)

Removes all instrumentation from the given range [start,end]. If the application reaches this range again, the code will be reinstrumented. Can be called from an analysis function or a callback. Note: Some code beyond the start and end margins may be reinstrumented as well.

Parameters:
startThe starting address of the range
endThe ending address (inclusive) of the range
Note:
The vm lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & MacOS
CPU: All
size_t LEVEL_PINCLIENT::PIN_SafeCopy ( VOID *  dst,
const VOID *  src,
size_t  size 
)

Copy the specified number of bytes from a source memory region to a destination memory region. The function guarantees safe return to the caller even if the source or destination regions are inaccessible (entirely or partially).

Tools should use this function to ensure safe access to the original content of the application's memory. For example, on Windows, Pin replaces certain TEB fields when running analysis routines in the tool. If the tool accesses these fields directly, it would see the values assigned by Pin rather than the original ones. On the contrary, PIN_SafeCopy() always reads and modifies the original application's values of these fields.

This function can be used in any thread, including any internal thread spawned by the tool.

Parameters:
[out]dstdestination region
[in]srcregion to copy from
[in]sizenumber of bytes to copy
Returns:
Number of bytes successfully copied from the source to the destination region.
Note:
PIN_SafeCopy() should not be called before the application has been started. For instance, it cannot be called in an Image load callback. Unexpected results will occur.
Availability:
Mode: JIT
O/S: Linux, Windows
CPU: All
size_t LEVEL_PINCLIENT::PIN_SafeCopyEx ( VOID *  dst,
const VOID *  src,
size_t  size,
EXCEPTION_INFO pExceptInfo 
)

Copy the specified number of bytes from a source memory region to a destination memory region. The function guarantees safe return to the caller even if the source or destination regions are inaccessible (entirely or partially).

In addition to the PIN_SafeCopy functionality, this function allows the tool to obtain detailed exception information in case of failure.

This function can be used in any thread, including any internal thread spawned by the tool.

Parameters:
[out]dstdestination region
[in]srcregion to copy from
[in]sizenumber of bytes to copy
[out]pExceptInfopointer to the structure that receives the exception information in case of failure.
Returns:
Number of bytes successfully copied from the source to the destination region. If the function fails to copy all bytes, it provides detailed description of the failure in the <pExceptInfo> structure.
Note:
The exception address in the returned exception information always has zero value. If the tool wants to raise this exception on behalf of the application, it should use PIN_SetExceptionAddress function to set an appropriate exception address before passing the exception information to the PIN_RaiseException function.
PIN_SafeCopyEx() should not be called before the application has been started. For instance, it cannot be called in an Image load callback. Unexpected results will occur.
Availability:
Mode: JIT
O/S: Linux, Windows
CPU: All
VOID LEVEL_PINCLIENT::PIN_SetAllowedConcurrentCallbacks ( PIN_CONFIGURATION_INFO  options,
PIN_CALLBACK_TYPE  callbackType 
)

Enables/disables concurrent delivery of certain callbacks in a specific PIN_CONFIGURATION_INFO instance.

Parameters:
optionsThe PIN_CONFIGURATION_INFO instance to modify.
callbackTypeSpecifies which Pin callbacks are allowed to be delivered concurrently:

In the case where a callback should be delivered to several threads at a given moment, delivering a callback concurrently means that each thread is free to deliver its the respective callbacks without waiting for the other threads. This means that Pin doesn't acquire any exclusive internal lock in order to deliver a concurrent callback

In constrast, delivering a callback in a serialized way means that, in a given moment, only one threads is allowed to deliver any type of callback. Serializing the callback might hurt the performance of your Pin tool, but it will protect the tool against possibly race conditions in your tool. When a callback is considered "serialized", Pin will acquire an exclusive internal lock before delivering the callback to the tool.
Note:
In order for this option to take effect the PIN_CONFIGURATION_INFO must be passed to PIN_StartProgram().
Currently, other types of callbacks (which don't have a respective enum entry in PIN_CALLBACK_TYPE) are serialized by Pin with no option to change that.
Availability:
Mode: JIT
O/S: Linux
CPU: IA-32 and Intel(R) 64 architectures
VOID LEVEL_PINCLIENT::PIN_SetSmcSupport ( SMC_ENABLE_DISABLE_TYPE  enable_disable)

Enable/Disable Pin's support of self modifying code When enabled, Pin will detect self modification of code and will deliver a callback, if one is registered, when such an event happens. When disabled and if SMC occurs, the SMC will not be detected and the original code will continue to execute. This function takes precedence over the specification of smc_support in the invocation line. This function must be called before PIN_StartProgram.

Parameters:
[in]enableSMC_ENABLE, or SMC_DISABLE

SMC support is enabled by default

Availability:
Mode: JIT
O/S: Windows,Linux,OS X,Adroid
CPU: All
VOID LEVEL_PINCLIENT::PIN_StartProgram ( PIN_CONFIGURATION_INFO  options = PIN_CreateDefaultConfigurationInfo())

Starts executing the application, when Pin is in JIT mode, which is the default. Note that PIN_Init() must be called before PIN_StartProgram().

Parameters:
optionsPin global configuration to use in this run of Pin. These configuration options are set only once (during the call of PIN_StartProgram()), and they are affecting the entire execution of Pin.
Note:
The PIN_StartProgram() function never returns. It also unwinds the tool's stack, so any local (stack based) variables are lost.
The vm and pin client locks are obtained during the call of this API.

See also: PIN_CreateDefaultConfigurationInfo().

Availability:
Mode: JIT
O/S: Linux, Windows & OS X*
CPU: All
VOID LEVEL_PINCLIENT::PIN_StartProgramProbed ( )

Starts executing the application, when Pin is in Probe mode. Note that PIN_Init() must be called before PIN_StartProgramProbed().

The PIN_StartProgramProbed() function never returns. It also unwinds the tool's stack, so any local (stack based) variables are lost.

Note:
The vm and pin client locks are obtained during the call of this API.
Availability:
Mode: Probe
O/S: Linux, Windows & OS X*
CPU: All
const CHAR* LEVEL_PINCLIENT::PIN_ToolFullPath ( )

Returns full path of main Pin tool binary image, encoded in UTF8 (superset of ASCII).

Availability:
Mode: JIT & Probe
O/S: Windows, Linux
CPU: All
VOID LEVEL_PINCLIENT::PIN_TryEnd ( THREADID  tid)

Unregister the last registered notification function (registered via PIN_TryStart()) from the context of the calling thread. This function should be called in the same function scope as the previously registered PIN_TryStart().
This function can be used in any thread, including any internal thread spawned by the tool.

Parameters:
[in]tidId of the calling thread.
Availability:
Mode: JIT
O/S: Windows, Linux
CPU: IA-32 and Intel(R) 64 architectures
VOID LEVEL_PINCLIENT::PIN_TryStart ( THREADID  tid,
INTERNAL_EXCEPTION_CALLBACK  fun,
VOID *  val 
)

Register a per-thread notification handler function that is called upon receipt of an internal exception in pin or the tool in the context of the calling thread. Use PIN_TryEnd() in order to remove the registered handler from the context of the calling thread (do it in the same function scope). The user can register up to MAX_IEH_CALLBACKS per-thread notification functions.
This function can be used in any thread, including any internal thread spawned by the tool.

Note:
It is unsupported to call PIN_CallApplicationFunction() in the scope of PIN_TryStart() / PIN_TryEnd() pair.
Parameters:
[in]tidId of the calling thread.
[in]funHandler function to execute upon receipt of internal exception in pin/tool.
[in]valValue to pass to the handler function.
Availability:
Mode: JIT
O/S: Windows, Linux
CPU: IA-32 and Intel(R) 64 architectures
BOOL LEVEL_PINCLIENT::PIN_UnblockSignal ( INT32  sig,
BOOL  enable 
)

This API is normally used in conjunction with PIN_InterceptSignal() to prevent the application from blocking a signal that the tool intercepts. This is useful if the tool wants to ensure that the application will not prevent the tool from receiving the intercepted signal.

When this API is called before PIN_StartProgram(), it affects all threads in the application. However, if it is called after PIN_StartProgram(), it only affects the calling thread. If the application spawns a thread, the child thread inherits the signal blocking state from its parent.

Tools should take care when using this API because it can adversely affect the application if it also uses the signal sig.

Parameters:
[in]sigThe signal number, which may not be SIGKILL or SIGSTOP.
[in]enableIf TRUE, the application is prevented from blocking sig. If FALSE, the application may block or unblock sig at will.
Returns:
TRUE on success (always FALSE on Windows).
Note:
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux
CPU: All
VOID LEVEL_PINCLIENT::PIN_UnlockClient ( )

Some Pin API functions may be called only when the thread is holding this lock. See also PIN_LockClient.
This function can be used in any thread, including any internal thread spawned by the tool.

Availability:
Mode: JIT & Probe
O/S: Linux, Windows & OS X*
CPU: All
CHAR* LEVEL_PINCLIENT::PIN_VmFullPath ( )

Returns full path of Pin binary invoked, encoded in UTF8 (superset of ASCII), this is supported for Linux (only for locales encoded in UTF8).

Availability:
Mode: JIT
O/S: Linux & OS X*
CPU: All
 All Classes Namespaces Functions Variables Typedefs Enumerations Enumerator