Pin
Classes | Typedefs | Enumerations | Functions
Controlling and Initializing

Classes

struct  CALL_APPLICATION_FUNCTION_PARAM
 

Typedefs

typedef EXCEPT_HANDLING_RESULT(* INTERNAL_EXCEPTION_CALLBACK) (THREADID tid, EXCEPTION_INFO *pExceptInfo, PHYSICAL_CONTEXT *pPhysCtxt, VOID *v)
 
typedef VOID * PIN_CONFIGURATION_INFO
 
typedef VOID(* REMOVE_INSTRUMENTATION_CALLBACK) (VOID *v)
 
typedef VOID(* DETACH_CALLBACK) (VOID *v)
 
typedef VOID(* DETACH_PROBED_CALLBACK) (VOID *v)
 
typedef VOID(* ATTACH_PROBED_CALLBACK) (VOID *v)
 
typedef VOID(* ATTACH_CALLBACK) (VOID *v)
 
typedef VOID(* APPLICATION_START_CALLBACK) (VOID *v)
 
typedef VOID(* PREPARE_FOR_FINI_CALLBACK) (VOID *v)
 
typedef VOID(* FINI_CALLBACK) (INT32 code, VOID *v)
 
typedef size_t(* FETCH_CALLBACK) (void *buf, ADDRINT addr, size_t size, EXCEPTION_INFO *pExceptInfo, VOID *v)
 
typedef VOID(* OUT_OF_MEMORY_CALLBACK) (size_t size, VOID *v)
 
typedef ADDRINT(PIN_FAST_ANALYSIS_CALLMEMORY_ADDR_TRANS_CALLBACK) (PIN_MEM_TRANS_INFO *memTransInfo, VOID *v)
 
typedef VOID(* FORK_CALLBACK) (THREADID threadid, const CONTEXT *ctxt, VOID *v)
 
typedef VOID(* THREAD_START_CALLBACK) (THREADID threadIndex, CONTEXT *ctxt, INT32 flags, VOID *v)
 
typedef VOID(* THREAD_ATTACH_PROBED_CALLBACK) (VOID *sigmask, VOID *v)
 
typedef VOID(* THREAD_DETACH_PROBED_CALLBACK) (VOID *v)
 
typedef VOID(* THREAD_ATTACH_CALLBACK) (THREADID threadIndex, CONTEXT *ctxt, VOID *v)
 
typedef VOID(* THREAD_DETACH_CALLBACK) (THREADID threadIndex, const CONTEXT *ctxt, VOID *v)
 
typedef VOID(* THREAD_FINI_CALLBACK) (THREADID threadIndex, const CONTEXT *ctxt, INT32 code, VOID *v)
 
typedef VOID(* CONTEXT_CHANGE_CALLBACK) (THREADID threadIndex, CONTEXT_CHANGE_REASON reason, const CONTEXT *from, CONTEXT *to, INT32 info, VOID *v)
 
typedef BOOL(* INTERCEPT_SIGNAL_CALLBACK) (THREADID tid, INT32 sig, CONTEXT *ctxt, BOOL hasHandler, const EXCEPTION_INFO *pExceptInfo, VOID *v)
 
typedef VOID(* FORK_PROBE_MODE_CALLBACK) (UINT32 childPid, VOID *v)
 

Enumerations

enum  SYMBOL_INFO_MODE {
  NO_SYMBOLS = 0,
  EXPORT_SYMBOLS = (1 << 0),
  DEBUG_SYMBOLS = (1 << 1),
  IFUNC_SYMBOLS = (1 << 2),
  DEBUG_OR_EXPORT_SYMBOLS = (DEBUG_SYMBOLS | EXPORT_SYMBOLS)
}
 
enum  REPLAY_MODE {
  REPLAY_MODE_NONE = 0x00,
  REPLAY_MODE_IMAGEOPS = 0x01,
  REPLAY_MODE_ALL = REPLAY_MODE_IMAGEOPS
}
 
enum  SMC_ENABLE_DISABLE_TYPE {
  SMC_ENABLE,
  SMC_DISABLE
}
 
enum  FPOINT {
  FPOINT_BEFORE,
  FPOINT_AFTER_IN_PARENT,
  FPOINT_AFTER_IN_CHILD
}
 
enum  ATTACH_STATUS {
  ATTACH_INITIATED,
  ATTACH_FAILED_DETACH
}
 
enum  CONTEXT_CHANGE_REASON {
  CONTEXT_CHANGE_REASON_FATALSIGNAL,
  CONTEXT_CHANGE_REASON_SIGNAL,
  CONTEXT_CHANGE_REASON_SIGRETURN,
  CONTEXT_CHANGE_REASON_APC,
  CONTEXT_CHANGE_REASON_EXCEPTION,
  CONTEXT_CHANGE_REASON_CALLBACK
}
 
enum  EXCEPT_HANDLING_RESULT {
  EHR_HANDLED,
  EHR_UNHANDLED,
  EHR_CONTINUE_SEARCH
}
 
enum  PIN_CALLBACK_TYPE {
  PIN_CALLBACK_TYPE_NONE = 0,
  PIN_CALLBACK_TYPE_SYSCALL = 1
}
 

Functions

PIN_CALLBACK PIN_AddFollowChildProcessFunction (FOLLOW_CHILD_PROCESS_CALLBACK fun, VOID *val)
 
PIN_CALLBACK PIN_AddInternalExceptionHandler (INTERNAL_EXCEPTION_CALLBACK fun, VOID *val)
 
VOID PIN_TryStart (THREADID tid, INTERNAL_EXCEPTION_CALLBACK fun, VOID *val)
 
VOID PIN_TryEnd (THREADID tid)
 
BOOL PIN_IsProbeMode ()
 
BOOL PIN_IsAttaching ()
 
BOOL PIN_IsSafeForProbedInsertion (ADDRINT addr)
 
VOID PIN_InsertCallProbed (ADDRINT addr, AFUNPTR funptr,...)
 
VOID PIN_SetReplayMode (UINT32 flags)
 
VOID PIN_LockClient ()
 
VOID PIN_UnlockClient ()
 
VOID PIN_CallApplicationFunction (const CONTEXT *ctxt, THREADID tid, CALLINGSTD_TYPE cstype, AFUNPTR origFunPtr, CALL_APPLICATION_FUNCTION_PARAM *param,...)
 
PIN_CALLBACK PIN_AddFiniFunction (FINI_CALLBACK fun, VOID *val)
 
PIN_CALLBACK PIN_AddPrepareForFiniFunction (PREPARE_FOR_FINI_CALLBACK fun, VOID *val)
 
VOID PIN_AddFetchFunction (FETCH_CALLBACK fun, VOID *val)
 
size_t PIN_FetchCode (void *copyBuf, const VOID *address, size_t maxSize, EXCEPTION_INFO *pExceptInfo)
 
VOID PIN_AddOutOfMemoryFunction (OUT_OF_MEMORY_CALLBACK fun, VOID *val)
 
VOID PIN_AddMemoryAddressTransFunction (MEMORY_ADDR_TRANS_CALLBACK fun, VOID *val)
 
MEMORY_ADDR_TRANS_CALLBACK PIN_GetMemoryAddressTransFunction ()
 
PIN_CALLBACK PIN_AddDetachFunction (DETACH_CALLBACK fun, VOID *val)
 
PIN_CALLBACK PIN_AddDetachFunctionProbed (DETACH_PROBED_CALLBACK fun, VOID *val)
 
PIN_CALLBACK PIN_AddThreadStartFunction (THREAD_START_CALLBACK fun, VOID *val)
 
PIN_CALLBACK PIN_AddThreadAttachProbedFunction (THREAD_ATTACH_PROBED_CALLBACK fun, VOID *val)
 
PIN_CALLBACK PIN_AddThreadAttachFunction (THREAD_ATTACH_CALLBACK fun, VOID *val)
 
PIN_CALLBACK PIN_AddThreadDetachProbedFunction (THREAD_DETACH_PROBED_CALLBACK fun, VOID *val)
 
PIN_CALLBACK PIN_AddThreadDetachFunction (THREAD_DETACH_CALLBACK fun, VOID *val)
 
PIN_CALLBACK PIN_AddApplicationStartFunction (APPLICATION_START_CALLBACK fun, VOID *val)
 
PIN_CALLBACK PIN_AddThreadFiniFunction (THREAD_FINI_CALLBACK fun, VOID *val)
 
PIN_CALLBACK PIN_AddContextChangeFunction (CONTEXT_CHANGE_CALLBACK fun, VOID *val)
 
BOOL PIN_InterceptSignal (INT32 sig, INTERCEPT_SIGNAL_CALLBACK fun, VOID *val)
 
BOOL PIN_UnblockSignal (INT32 sig, BOOL enable)
 
VOID PIN_SetSmcSupport (SMC_ENABLE_DISABLE_TYPE enable_disable)
 
PIN_CALLBACK PIN_AddForkFunction (FPOINT point, FORK_CALLBACK fun, VOID *val)
 
VOID PIN_RemoveInstrumentation ()
 
VOID PIN_RemoveInstrumentationInRange (ADDRINT start, ADDRINT end)
 
VOID PIN_RemoveFiniFunctions ()
 
VOID PIN_Detach ()
 
ATTACH_STATUS PIN_Attach (ATTACH_CALLBACK fun, VOID *val)
 
VOID PIN_DetachProbed ()
 
ATTACH_STATUS PIN_AttachProbed (ATTACH_PROBED_CALLBACK fun, VOID *val)
 
PIN_CONFIGURATION_INFO PIN_CreateDefaultConfigurationInfo ()
 
VOID PIN_SetAllowedConcurrentCallbacks (PIN_CONFIGURATION_INFO options, PIN_CALLBACK_TYPE callbackType)
 
VOID PIN_StartProgram (PIN_CONFIGURATION_INFO options=PIN_CreateDefaultConfigurationInfo())
 
VOID PIN_StartProgramProbed ()
 
const std::string & PIN_Version ()
 
BOOL PIN_Init (INT32 argc, CHAR **argv)
 
CHAR * PIN_VmFullPath ()
 
const CHAR * PIN_ToolFullPath ()
 
size_t PIN_SafeCopy (VOID *dst, const VOID *src, size_t size)
 
size_t PIN_SafeCopyEx (VOID *dst, const VOID *src, size_t size, EXCEPTION_INFO *pExceptInfo)
 
BOOL PIN_IsActionPending (THREADID tid)
 
UINT32 PIN_GetInitialThreadCount ()
 
BOOL PIN_CheckReadAccess (VOID *addr)
 
BOOL PIN_CheckWriteAccess (VOID *addr)
 
ADDRINT PIN_GetAuxVectorValue (ADDRINT type, bool *found)
 
PIN_CALLBACK PIN_AddForkFunctionProbed (FPOINT point, FORK_PROBE_MODE_CALLBACK fun, VOID *val)
 

Detailed Description

Typedef Documentation

◆ APPLICATION_START_CALLBACK

typedef VOID(* APPLICATION_START_CALLBACK) (VOID *v)

Call back function when pin initialization is finished.

Parameters
[in]vThe tool's call-back value.

◆ ATTACH_CALLBACK

typedef VOID(* ATTACH_CALLBACK) (VOID *v)

Call back function when Pin attaches to application in JIT mode

Parameters
[in]vThe tool's call-back value.

◆ ATTACH_PROBED_CALLBACK

typedef VOID(* ATTACH_PROBED_CALLBACK) (VOID *v)

Call back function when Pin attaches to application in Probe mode

Parameters
[in]vThe tool's call-back value.

◆ CONTEXT_CHANGE_CALLBACK

typedef VOID(* CONTEXT_CHANGE_CALLBACK) (THREADID threadIndex, CONTEXT_CHANGE_REASON reason, const CONTEXT *from, CONTEXT *to, INT32 info, VOID *v)

Call-back function when application changes context.

Parameters
[in]threadIndexThe Pin thread ID of the thread that changes contexts.
[in]reasonCause of the context change.
[in]fromApplication's register state prior to the context change (NULL if reason is CONTEXT_CHANGE_REASON_CALLBACK).
[in]toApplication's register state after context change (NULL if reason is CONTEXT_CHANGE_REASON_FATALSIGNAL). The tool may change this and affect the new register state.
[in]infoAdditional information (depends on reason):
  • CONTEXT_CHANGE_REASON_FATALSIGNAL: The Unix signal number.
  • CONTEXT_CHANGE_REASON_SIGNAL: The Unix signal number.
  • CONTEXT_CHANGE_REASON_EXCEPTION: The Windows exception code.
[in]vThe tool's call-back value.

◆ DETACH_CALLBACK

typedef VOID(* DETACH_CALLBACK) (VOID *v)

Call back function when Pin detaches from application in JIT mode

Parameters
[in]vThe tool's call-back value.

◆ DETACH_PROBED_CALLBACK

typedef VOID(* DETACH_PROBED_CALLBACK) (VOID *v)

Call back function when Pin detaches from application in Probe mode

Parameters
[in]vThe tool's call-back value.

◆ FETCH_CALLBACK

typedef size_t(* FETCH_CALLBACK) (void *buf, ADDRINT addr, size_t size, EXCEPTION_INFO *pExceptInfo, VOID *v)

Call back function that Pin will use to fetch code bytes to be jitted.

Parameters
[out]bufA buffer which receives the fetched instruction bytes. This buffer is at least size bytes long.
[in]addrStarting address from which instruction bytes should be fetched.
[in]sizeThe number of bytes that should be fetched.
[out]pExceptInfoIf less than size bytes are fetched, pExceptInfo receives an exception that describes why more bytes could not be fetched. If Pin needs more bytes to decode the next instruction, this exception will be delivered to the application.
[in]vThe tool's call-back value.
Returns
The number of bytes sucessfully fetched into buf. This may be less than size (or even zero) if Pin attempts to fetch instructions from an invalid address.

◆ FINI_CALLBACK

typedef VOID(* FINI_CALLBACK) (INT32 code, VOID *v)

Call back function when application exits. It is called after all the per thread fini functions were called (registered via PIN_AddThreadFiniFunction). This function may be called on any application thread or internal thread spawned by the tool.

@Note It is prohibited to access the TLS in this callback.

Parameters
[in]codeO/S specific termination code for the application.
[in]vThe tool's call-back value.

◆ FORK_CALLBACK

typedef VOID(* FORK_CALLBACK) (THREADID threadid, const CONTEXT *ctxt, VOID *v)

Call-back function when the application forks.

Parameters
[in]threadIdThread index
[in]ctxtRegister state immediately before/after the fork.
[in]vThe tool's call-back value.

◆ FORK_PROBE_MODE_CALLBACK

typedef VOID(* FORK_PROBE_MODE_CALLBACK) (UINT32 childPid, VOID *v)

Unix-specific instrumentation in probe mode

Call-back function in probe mode for fork notification.

Parameters
[in]childPidProcess id of the child process, available after fork in parent
[in]vThe tool's call-back value.

◆ INTERCEPT_SIGNAL_CALLBACK

typedef BOOL(* INTERCEPT_SIGNAL_CALLBACK) (THREADID tid, INT32 sig, CONTEXT *ctxt, BOOL hasHandler, const EXCEPTION_INFO *pExceptInfo, VOID *v)

Call back function when the tool intercepts a signal with PIN_InterceptSignal().

Parameters
[in]tidThe Pin thread ID of the thread that handled the signal.
[in]sigThe signal number.
[in,out]ctxtThe application's register state when it was interrupted by the signal. The tool may change this context if desired. If so, the application continues at the modified context. Or, if the application's signal handler is invoked, the handler is passed the modified context for its return context.
[in]hasHandlerTRUE if the application has a handler registered for this signal.
[in]pExceptInfoIf the signal represents an exception, pExceptInfo points to a description of the exception. If the signal is not an exception, pExceptInfo is NULL.
[in]vThe tool's call-back value.
Returns
Returning TRUE tells Pin to pass the signal on to the application. Returning FALSE tells Pin to squash the signal and execution resumes at ctxt.

◆ INTERNAL_EXCEPTION_CALLBACK

typedef EXCEPT_HANDLING_RESULT(* INTERNAL_EXCEPTION_CALLBACK) (THREADID tid, EXCEPTION_INFO *pExceptInfo, PHYSICAL_CONTEXT *pPhysCtxt, VOID *v)

Pin client interface and implementation for internal exception handling

Handler (call-back) function when pin/tool generates internal exception. This function can be registered via PIN_AddInternalExceptionHandler() or PIN_TryStart(). This function becomes active only after APPLICATION_START_CALLBACK notification is delivered. Any internal exception prior to this event can't be handled.

If the exception occurred while analysis routine is executed, it is legal to modify the execution control path using functions such as PIN_RaiseException() or PIN_ExecuteAt(). In this case, any per-thread INTERNAL_EXCEPTION_CALLBACK function registered via PIN_TryStart() will be unregistered automatically (similar semantics to PIN_TryEnd() for all registered notifications)

Note
It is unsupported to call PIN_CallApplicationFunction() in the scope of this callback
Parameters
[in]tidThe Pin thread ID of the thread that generated the exception.
[in,out]pExceptInfoPointer to the EXCEPTION_INFO structure that describes the exception. If the exception should be raised in the context of the application (using PIN_RaiseException()), The tool should update the exception info to match the OS logic (e.g. update exception address using PIN_SetExceptionAddress()).
[in,out]pPhysCtxtPhysical register state when the exception was generated. The tool can change pPhysCtxt (make sure that if PIN_TryStart() was called, matching PIN_TryEnd() will be called)
[in]vThe tool's call-back value.
Returns
an EXCEPT_HANDLING_RESULT value

◆ MEMORY_ADDR_TRANS_CALLBACK

typedef ADDRINT(PIN_FAST_ANALYSIS_CALL* MEMORY_ADDR_TRANS_CALLBACK) (PIN_MEM_TRANS_INFO *memTransInfo, VOID *v)

Call back function for pin/tool to modify memory address arguments in analysis routines. This feature allows users to register for a callback immediately prior to an analysis routine which gets one of the four IARG_MEMORY*_PTR as a parameter. The callback enables the user to manipulate the memory address pointed to by the aforementioned parameter. This function can be registered via PIN_AddMemoryAddressTransFunction(). This function is called from the jitted code, so calls to this function are not serialized.

Parameters
[in]memTransInfoMemory address data structure
[in]vThe tool's call-back value

◆ OUT_OF_MEMORY_CALLBACK

typedef VOID(* OUT_OF_MEMORY_CALLBACK) (size_t size, VOID *v)

Call back function when pin/tool is out of memory. This function can be registered via PIN_AddOutOfMemoryFunction().

Parameters
[in]sizeSize of the failed allocation
[in]vThe tool's call-back value

◆ PIN_CONFIGURATION_INFO

typedef VOID* PIN_CONFIGURATION_INFO

Global configuration for Pin. Currently, this configuration includes whether Pin should serialize calls to some callbacks (for backward compatibility) or if it should concurrently call the callbacks (better for multi-threaded performance).

See also: PIN_SetAllowedConcurrentCallbacks()

Note
A new instance of PIN_CONFIGURATION_INFO with default values should be created with PIN_CreateDefaultConfigurationInfo()

◆ PREPARE_FOR_FINI_CALLBACK

typedef VOID(* PREPARE_FOR_FINI_CALLBACK) (VOID *v)

Call back function invoked when Pin is about to detach from terminating process. The function that is registered by this callback may gracefully finish all the internal threads of the tool, e.g.

  • Force all the internal threads of the tool to finish using return from the main function of the thread or calling PIN_ExitThread.
  • Wait until all the internal threads are finished before it will continue to run. @Note: normal run of the internal threads after exit from all registered call back functions of this type is not guaranteed. @Note: If current thread is an internal thread, do not finish it in this callback!

This function is invoked in thread that initiated process termination. This function is registered via PIN_AddPrepareForFiniFunction().

Parameters
[in]vThe tool's call-back value

◆ REMOVE_INSTRUMENTATION_CALLBACK

typedef VOID(* REMOVE_INSTRUMENTATION_CALLBACK) (VOID *v)

Call back function when Pin removes all old instrumented code from its cache

Parameters
[in]vThe tool's call-back value.

◆ THREAD_ATTACH_CALLBACK

typedef VOID(* THREAD_ATTACH_CALLBACK) (THREADID threadIndex, CONTEXT *ctxt, VOID *v)

Call-back function when an attached thread starts to run under Pin in JIT mode.

Parameters
[in]threadIndexThe Pin thread ID of the terminating thread.
[in]ctxtRegister state of the thread.
[in]vThe tool's call-back value.

◆ THREAD_ATTACH_PROBED_CALLBACK

typedef VOID(* THREAD_ATTACH_PROBED_CALLBACK) (VOID *sigmask, VOID *v)

Call-back function when an attached thread starts to run under Pin in probe mode. The tool receives the signal mask at the attach point and can modify it. The changes to this value will be applied when the thread continues to run. Pin does not validate the new signal mask so tools must take extra care when modifying this value.

Parameters
[in,out]sigmaskThe thread's signal mask at the attach point. The tool may change this and affect the signal mask once the thread starts running again.
[in]vThe tool's call-back value.

◆ THREAD_DETACH_CALLBACK

typedef VOID(* THREAD_DETACH_CALLBACK) (THREADID threadIndex, const CONTEXT *ctxt, VOID *v)

Call-back function before an application thread is detached from Pin in JIT mode. The callback is received in the thread native context before Pin detach.

Parameters
[in]threadIndexThe Pin thread ID of the terminating thread.
[in]ctxtRegister state of the thread immediately before it detaches.
[in]vThe tool's call-back value.

◆ THREAD_DETACH_PROBED_CALLBACK

typedef VOID(* THREAD_DETACH_PROBED_CALLBACK) (VOID *v)

Call-back function before an application thread is being detached from Pin in probe mode. The callback is received in the thread native context before probes removal.

Parameters
[in]vThe tool's call-back value.

◆ THREAD_FINI_CALLBACK

typedef VOID(* THREAD_FINI_CALLBACK) (THREADID threadIndex, const CONTEXT *ctxt, INT32 code, VOID *v)

Call-back function when thread ends.

@Note This function may be called on a different thread than the given threadIndex.

Parameters
[in]threadIndexThe Pin thread ID of the terminating thread.
[in]ctxtRegister state of the thread immediately before it terminates.
[in]codeO/S specific termination code for the thread.
[in]vThe tool's call-back value.

◆ THREAD_START_CALLBACK

typedef VOID(* THREAD_START_CALLBACK) (THREADID threadIndex, CONTEXT *ctxt, INT32 flags, VOID *v)

Call-back function when thread begins.

Parameters
[in]threadIndexThe Pin thread ID of the new thread.
[in]ctxtInitial register state for the new thread. The tool may change this.
[in]flagsO/S specific flags for the new thread.
[in]vThe tool's call-back value.

Enumeration Type Documentation

◆ ATTACH_STATUS

Return values of PIN_Attach() and PIN_AttachProbed() which describe the status of the attach request.

Enumerator
ATTACH_INITIATED 

Attach request was delivered successfully to PIN.

ATTACH_FAILED_DETACH 

Attach request was not delivered to Pin since detach session hasn't completed yet.

◆ CONTEXT_CHANGE_REASON

Possible reasons for an application context change.

Enumerator
CONTEXT_CHANGE_REASON_FATALSIGNAL 

Receipt of fatal Unix signal.

CONTEXT_CHANGE_REASON_SIGNAL 

Receipt of handled Unix signal.

CONTEXT_CHANGE_REASON_SIGRETURN 

Return from Unix signal handler.

CONTEXT_CHANGE_REASON_APC 

Receipt of Windows APC.

CONTEXT_CHANGE_REASON_EXCEPTION 

Receipt of Windows exception.

CONTEXT_CHANGE_REASON_CALLBACK 

Receipt of Windows call-back.

◆ EXCEPT_HANDLING_RESULT

Possible return values of the INTERNAL_EXCEPTION_CALLBACK exception filter function

Enumerator
EHR_HANDLED 

Exception is handled. Continue execution with the internal physical context.

EHR_UNHANDLED 

Exception is not handled. Execute default system procedure for unhandled exceptions (Windows) or abort the process (Unix)

EHR_CONTINUE_SEARCH 

Execute next (upper level) exception filter function, if any. For the uppermost filter, this is the same as EHR_UNHANDLED semantics

◆ FPOINT

enum FPOINT

time of callback notification

Enumerator
FPOINT_BEFORE 

Call-back in parent, just before fork.

FPOINT_AFTER_IN_PARENT 

Call-back in parent, immediately after fork.

FPOINT_AFTER_IN_CHILD 

Call-back in child, immediately after fork.

◆ PIN_CALLBACK_TYPE

Types of Pin callbacks. These type could be used with the function PIN_SetAllowedConcurrentCallbacks()

Enumerator
PIN_CALLBACK_TYPE_NONE 

None of the callback types.

PIN_CALLBACK_TYPE_SYSCALL 

Syscall entry/exit callback.

◆ REPLAY_MODE

Flags passed to PIN_SetReplayMode.

Enumerator
REPLAY_MODE_IMAGEOPS 

Replayer will handle image ops.

◆ SMC_ENABLE_DISABLE_TYPE

Enum for controlling Pin's SMC detection

◆ SYMBOL_INFO_MODE

List of supported modes of symbolic information delivery. Used in PIN_InitSymbolsAlt().

Enumerator
NO_SYMBOLS 

No symbols required.

EXPORT_SYMBOLS 

Only symbols taken from export table are provided (Windows only)

DEBUG_SYMBOLS 

Debug symbols (Windows only, currently implemented as DEBUG_OR_EXPORT_SYMBOLS)

IFUNC_SYMBOLS 

IFUNC symbols (Linux only)

DEBUG_OR_EXPORT_SYMBOLS 

First debug symbols if available, otherwise export symbols (Windows only)

Function Documentation

◆ PIN_AddApplicationStartFunction()

PIN_CALLBACK PIN_AddApplicationStartFunction ( APPLICATION_START_CALLBACK  fun,
VOID *  val 
)

Register a notification function that is called after pin initialization is finished. This notification function is available when pin launches the application and when pin attaches to a running process.

On Unix (Linux & macOS*): This notification function is called on the application's main thread (both launch & attach mode). This notification is called right before Pin resume the application.

On Windows: When pin launches the application, this notification function is called on the application's main thread. When pin attaches to a running process, this notification function is called on a dedicated thread which is not part of the application's threads.
When it is called, all the application's threads are paused by Pin and are about to be released.
No new threads can be created by the application at this time.

When Pin starts running a program, it calls into the tool several times in the following order:

  1. Calls the tool's main() function.
  2. If the tool set up a notification with IMG_AddInstrumentFunction(), Pin calls this call-back for each image that is already loaded in the application's address space at the point when Pin attaches to it.
  3. Calls any notification call-backs set up with PIN_AddApplicationStartFunction().
    Parameters
    [in]funFunction to be called at application start.
    [in]valValue to pass to the function.
    Returns
    PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
    Note
    The pin client lock is obtained during the call of this API.
    Availability:
    Mode: JIT & Probe
    O/S: Windows, Linux, macOS*
    CPU: IA-32, Intel(R) 64

◆ PIN_AddContextChangeFunction()

PIN_CALLBACK PIN_AddContextChangeFunction ( CONTEXT_CHANGE_CALLBACK  fun,
VOID *  val 
)

Register a notification function that is called immediately before the application changes context due to receipt of an asynchronous event such as Unix signal or Windows APC.

Parameters
[in]funCall-back function to execute immediately before the application changes context.
[in]valValue to pass to the function.
Returns
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows
CPU: All

◆ PIN_AddDetachFunction()

PIN_CALLBACK PIN_AddDetachFunction ( DETACH_CALLBACK  fun,
VOID *  val 
)

Call func immediately before Pin relinquishes control of the application through PIN_Detach().

At this stage no more instrumentation/analysis callbacks will be called

This function is called one time for the process. It may be called by any thread. Pin memory is not freed at this moment.

Parameters
funCall back function to execute before detaching
valValue to be passed to fun when it is called
Returns
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, macOS*
CPU: All

◆ PIN_AddDetachFunctionProbed()

PIN_CALLBACK PIN_AddDetachFunctionProbed ( DETACH_PROBED_CALLBACK  fun,
VOID *  val 
)

Register a notification function that is called immediately after Pin relinquishes control of the application through PIN_DetachProbed(). There can be more than one Detach callback function.
When this callback function is called, it is guaranteed that Pin removed all probes from the application code and that no other callback function will be called afterwards (except from additional Detach callback functions).

Parameters
funCall back function to execute before detaching
valValue to be passed to fun when it is called
Returns
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: Probe
O/S: Windows, Linux
CPU: All

◆ PIN_AddFetchFunction()

VOID PIN_AddFetchFunction ( FETCH_CALLBACK  fun,
VOID *  val 
)

Called to register a function That will become the function that Pin calls to fetch application instructions. Pin sometimes attempt to fetch instructions from an invalid address, and the call-back needs to handle this correctly. If multiple functions are registered using this API, only the last one registered is used

Pin cannot automatically detect self-modifying code (SMC) when a tool uses this API. Therefore, such tools take over responsibility for detecting SMC and must explicitly regenerate all traces within a modified code range if such was detected using PIN_RemoveInstrumentationInRange.

Parameters
[in]funThe tool's call-back function.
[in]valThe tool's call-back value.
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_AddFiniFunction()

PIN_CALLBACK PIN_AddFiniFunction ( FINI_CALLBACK  fun,
VOID *  val 
)

Call func immediately before the application exits. The function is not an instrumentation function–it cannot insert instrumentation. There can be more than one Fini function.

Parameters
funCall back function is passed exit code and val
valValue to be passed to fun when it is called
Returns
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_AddFollowChildProcessFunction()

PIN_CALLBACK PIN_AddFollowChildProcessFunction ( FOLLOW_CHILD_PROCESS_CALLBACK  fun,
VOID *  val 
)

Register a notification function that is called before a child/exec-ed process is starting to execute

NOTE: Only one callback can be registered

Parameters
[in]funCall-back function
[in]valValue to pass to the function
Returns
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT & Probe
O/S: Windows, Linux, macOS*
CPU: All

◆ PIN_AddForkFunction()

PIN_CALLBACK PIN_AddForkFunction ( FPOINT  point,
FORK_CALLBACK  fun,
VOID *  val 
)

Register a notification handler that is called when the application forks a new process.

Parameters
[in]whereTells when to make the call-back and tells whether the parent or child makes the call-back.
[in]funCall-back function to execute.
[in]vValue passed as final parameter to call-back.
Returns
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties

If the fork function fails, the FPOINT_AFTER_IN_PARENT function, if it exists, is still called.

Note
The pin client is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, macOS*
CPU: All

◆ PIN_AddForkFunctionProbed()

PIN_CALLBACK PIN_AddForkFunctionProbed ( FPOINT  point,
FORK_PROBE_MODE_CALLBACK  fun,
VOID *  val 
)

Register a notification handler that is called when the application forks a new process. If vfork() is called in application, Pin replaces it with fork(). This replacement is needed to keep Pin/Tool state consistent and prevent memory overlap in callbacks following the fork/vfork. The function can only be used on Linux, and macOS*.

Parameters
[in]whereTells when to make the call-back and tells whether the parent or child makes the call-back.
[in]funCall-back function to execute.
[in]vValue passed as final parameter to call-back.
Returns
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties

If the fork function fails, the FPOINT_AFTER_IN_PARENT function, if it exists, is still called.

Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: Probe
O/S: Linux, and macOS*
CPU: All

◆ PIN_AddInternalExceptionHandler()

PIN_CALLBACK PIN_AddInternalExceptionHandler ( INTERNAL_EXCEPTION_CALLBACK  fun,
VOID *  val 
)

Register a global (not per-thread) notification handler function that is called upon receipt of any unhandled internal exception in Pin or the tool. This handler does not catch exceptions that are generated by the application, nor does it catch exceptions that are handled by PIN_TryStart() / PIN_TryEnd(). The handler is active for all the application's threads, it should be called in tool's main() before PIN_StartProgram(). If it is called after PIN_StartProgram() is called, it will be ignored. The user can register up to MAX_IEH_CALLBACKS global notification functions.

Note
This function should be used for permanent global call-back registration (as opposed to PIN_TryStart() / PIN_TryEnd() pair which should be used for function scope registration).
Parameters
[in]funHandler function to execute upon receipt of internal exception in pin/tool.
[in]valValue to pass to the function.
Returns
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Windows
CPU: All

◆ PIN_AddMemoryAddressTransFunction()

VOID PIN_AddMemoryAddressTransFunction ( MEMORY_ADDR_TRANS_CALLBACK  fun,
VOID *  val 
)

Register a callback for modifying memory address arguments that are passed to analysis routines. See MEMORY_ADDR_TRANS_CALLBACK for usage details.
Only one such callback may be registered.

Parameters
funCall back function is passed the thread id, address, size, read\write
valValue to be passed to fun when it is called
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_AddOutOfMemoryFunction()

VOID PIN_AddOutOfMemoryFunction ( OUT_OF_MEMORY_CALLBACK  fun,
VOID *  val 
)

Register a notification function that is called when pin/tool is out of memory.
Try to reduce memory consumption when this notification function is called.
Any implicit or explicit usage of malloc()/realloc() etc. in this notification function might cause an infinite recursion.
The call to the notification function is NOT serialized by pin. The user can't assume anything about the locks state while the notification is delivered (as out of memory condition can occur anywhere). Avoid dead-locks by careful design of the notification function.
A tool can register only one notification function.
A new notification function registration overwrites any previous registration.
To disable the notification function, pass a NULL function pointer.

Parameters
funCall back function is passed the size of the failing allocation
valValue to be passed to fun when it is called
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT & PROBE
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_AddPrepareForFiniFunction()

PIN_CALLBACK PIN_AddPrepareForFiniFunction ( PREPARE_FOR_FINI_CALLBACK  fun,
VOID *  val 
)

Register a function to be called when the application is about to exit. The registered function will be executed in a thread that initiated the exit and currently does not hold any thread synchronization lock in Pin. It means that this callback function can be executed concurrently with other Pin callbacks and APIs.
All callbacks registered by this function will be executed before any callback registered by the PIN_AddFiniFunction() function.

Parameters
funCallback function to be registered
valValue to be passed to fun when it is called
Returns
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note
Function registered by this API after application exit is started, may not be executed.
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_AddThreadAttachFunction()

PIN_CALLBACK PIN_AddThreadAttachFunction ( THREAD_ATTACH_CALLBACK  fun,
VOID *  val 
)

This API is useful when Pin is run in JIT mode and attaches to a running process. Tools may use this API to register a notification that is called by each application thread.

After Pin attaches to the process, Pin first notifies the tool of any images that are loaded (see IMG_AddInstrumentFunction()) and then notifies the tool that initialization is complete (see PIN_AddApplicationStartFunction()). After that, each thread in the application calls the notification set up by PIN_AddThreadAttachFunction(). After each thread returns from this notification, it resumes execution in the application code.

Note, this notification happens only for threads that exist in the process at the time that Pin attaches.

It does not happen for the following threads:

  1. Threads that are created in the process after Pin is already attached.
  2. Internal threads spawned by Pin tool when Pin re-attaches to the application.
Parameters
[in]funCall-back function to execute for the attached thread.
[in]valValue to pass to the function.
Returns
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux & macOS*
CPU: All

◆ PIN_AddThreadAttachProbedFunction()

PIN_CALLBACK PIN_AddThreadAttachProbedFunction ( THREAD_ATTACH_PROBED_CALLBACK  fun,
VOID *  val 
)

This API is useful when Pin is run in probe mode and attaches to a running process. Tools may use this API to register a notification that is called by each application thread.

After Pin attaches to the process, Pin first notifies the tool of any images that are loaded (see IMG_AddInstrumentFunction()) and then notifies the tool that initialization is complete (see PIN_AddApplicationStartFunction()). After that, each thread in the application calls the notification set up by PIN_AddThreadAttachProbedFunction(). After each thread returns from this notification, it resumes execution in the application code.

Note, this notification happens only for threads that exist in the process at the time that Pin attaches. It does not happen for threads that are created in the process after Pin is already attached.

Parameters
[in]funCall-back function to execute for the attached thread.
[in]valValue to pass to the function.
Returns
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: Probe
O/S: Linux & macOS*
CPU: All

◆ PIN_AddThreadDetachFunction()

PIN_CALLBACK PIN_AddThreadDetachFunction ( THREAD_DETACH_CALLBACK  fun,
VOID *  val 
)

This API is useful when Pin runs in JIT mode and detaches from a running process. Tools may use this API to register a notification that is called by each application thread before Pin detaches from the thread. This notification is given in the thread native context.

Note, this notification happens only for application threads that exist in the process at the time that Pin detaches. It does not happen for the following threads:

  1. Threads that are created in the process after Pin is already detached.
  2. Internal threads spawned by Pin tool.
Parameters
[in]funCall-back function to execute by the detaching thread.
[in]valValue to pass to the function.
Returns
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux
CPU: All

◆ PIN_AddThreadDetachProbedFunction()

PIN_CALLBACK PIN_AddThreadDetachProbedFunction ( THREAD_DETACH_PROBED_CALLBACK  fun,
VOID *  val 
)

This API is useful when Pin runs in probe mode and detaches from a running process. Tools may use this API to register a notification that is called by each application thread before any probes removal. This notification is given in the thread native context.

Note, this notification happens only for threads that exist in the process at the time that Pin detaches. It does not happen for threads that are created in the process after Pin is already detached.

Parameters
[in]funCall-back function to execute by the detaching thread.
[in]valValue to pass to the function.
Returns
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: Probe
O/S: Linux & macOS*
CPU: All

◆ PIN_AddThreadFiniFunction()

PIN_CALLBACK PIN_AddThreadFiniFunction ( THREAD_FINI_CALLBACK  fun,
VOID *  val 
)

Register a notification function that is called when an application thread terminates. The call-back happens even for the application's root (initial) thread.

The notification call-back will often happen on the physical thread that is exiting, but under some circumstances it will be called on a different physical thread.

Parameters
[in]funCall-back function to execute for the terminating thread.
[in]valValue to pass to the function.
Returns
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_AddThreadStartFunction()

PIN_CALLBACK PIN_AddThreadStartFunction ( THREAD_START_CALLBACK  fun,
VOID *  val 
)

Register a notification function that is called when a thread starts executing in the application. The call-back happens even for the application's root (initial) thread.

Parameters
[in]funCall-back function to execute for the new thread.
[in]valValue to pass to the function.
Returns
PIN_CALLBACK A handle to a callback that can be used to further modify this callback's properties
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_Attach()

ATTACH_STATUS PIN_Attach ( ATTACH_CALLBACK  fun,
VOID *  val 
)

Initiate Pin attach request in JIT mode. If Pin was not detached (using PIN_DetachProbed()) this function will be ignored.
The given notification function will be called immediately after Pin regains control of the application. It is expected that in the scope of this callback, the tool will register callbacks (e.g. IMG_AddInstrumentFunction()) and will reconfigure itself (if needed). In order to change tool's KNOB value, use KNOB: Commandline Option Handling

Note
Pin's state can't be reconfigured in the scope of the callback function (don't use PIN_Init(), PIN_InitSymbols(), PIN_StartProgramProbed() etc.)
Parameters
funCall back function to execute when starting to attach
valValue to be passed to fun when it is called
Returns
status of attach request (ATTACH_STATUS)
Note
The vm and pin client locks are obtained during the call of this API.
Availability:
Mode: JIT
O/S: Windows, Linux
CPU: IA32, Intel64

◆ PIN_AttachProbed()

ATTACH_STATUS PIN_AttachProbed ( ATTACH_PROBED_CALLBACK  fun,
VOID *  val 
)

Initiate Pin attach request in probe mode. If Pin was not detached (using PIN_DetachProbed()) this function will be ignored.
The given notification function will be called immediately after Pin regain control of the application. It is expected that in the scope of this callback, the tool will register callbacks (e.g. IMG_AddInstrumentFunction()) and will reconfigure itself (if needed). In order to change tool's KNOB value, use KNOB: Commandline Option Handling

Note
Pin's state can't be reconfigured in the scope of the callback function (don't use PIN_Init(), PIN_InitSymbols(), PIN_StartProgramProbed() etc.)
Parameters
funCall back function to execute when starting to attach
valValue to be passed to fun when it is called
Returns
status of attach request (ATTACH_STATUS)
Note
The vm and pin client locks are obtained during the call of this API.
Availability:
Mode: Probe
O/S: Windows, Linux
CPU: IA32, Intel64

◆ PIN_CallApplicationFunction()

VOID PIN_CallApplicationFunction ( const CONTEXT ctxt,
THREADID  tid,
CALLINGSTD_TYPE  cstype,
AFUNPTR  origFunPtr,
CALL_APPLICATION_FUNCTION_PARAM param,
  ... 
)

This API allows a tool to call a function inside the application. The function is executed under control of Pin's JIT compiler, and the application code is instrumented normally. Tools should not make direct calls to application functions when Pin is in JIT mode.

PIN_CallApplicationFunction() can be called from a replacement routine or an analysis routine, but not from a call-back. Note that this API can result in recursive execution in the tool since the called application function is also instrumented.

One usage model for this API is to "wrap" an application function, executing analysis code before the function is called and after it returns. To do this, use RTN_ReplaceSignature() to replace the application function, use IARG_ORIG_FUNCPTR to pass the original function pointer to the replacement routine, and use IARG_CONST_CONTEXT to pass the register state. You can then call back on the original function from your replacement routine with PIN_CallApplicationFunction(). Note, however, that the overhead of PIN_CallApplicationFunction() can be high, so it is more efficient to use *_InsertCall() instead if possible.

Parameters
[in]ctxtThe application register state to use when calling the function. Pin changes the register state in order to pass arguments to the function, but the ctxt parameter isn't changed.
[in]tidThe Pin id of the current thread (see IARG_THREAD_ID).
[in]cstypeThe calling standard used for calling this function (CALLINGSTD_DEFAULT recommended).
[in]origFunPtrThe entry point of the application function.
[in]paramAdditional parameters to define the exact behavior of this function invocation (or NULL for using the defaults). See CALL_APPLICATION_FUNCTION_PARAM .
[in]...List of function argument type and size.

See PIN_PARG for the recommended method of passing function arguments. PIN_PARG_END() must end the argument list, even if the function has no arguments. If the application function has a return value, it must appear first in the argument list.

Note
The vm lock is obtained during the call of this API.
Availability:
Mode: JIT only
O/S: Linux and Windows
CPU: IA-32 and Intel(R) 64 architectures

◆ PIN_CheckReadAccess()

BOOL PIN_CheckReadAccess ( VOID *  addr)

Given an address, this API checks whether the memory page which contains this address has a read access protection.

Parameters
[in]addrmemory address
Returns
True if the memory page which contains the given address has a read access protection, false otherwise.
Note
PIN_CheckReadAccess() should not be called before the application has been started. For instance, it cannot be called in an Image load callback. Unexpected results will occur.
Availability:
Mode: JIT
O/S: Linux, Windows & macOS*
CPU: IA-32 and Intel(R) 64 architectures

◆ PIN_CheckWriteAccess()

BOOL PIN_CheckWriteAccess ( VOID *  addr)

Given an address, this API checks whether the memory page which contains this address has a write access protection.

Parameters
[in]addrmemory address
Returns
True if the memory page which contains the given address has a write access protection, false otherwise.
Note
PIN_CheckWriteAccess() should not be called before the application has been started. For instance, it cannot be called in an Image load callback. Unexpected results will occur.
PIN_CheckWriteAccess assume that if a memory page has a write access protection it also has a read
Availability:
Mode: JIT
O/S: Linux, Windows & macOS*
CPU: IA-32 and Intel(R) 64 architectures

◆ PIN_CreateDefaultConfigurationInfo()

PIN_CONFIGURATION_INFO PIN_CreateDefaultConfigurationInfo ( )

Creates an instance of PIN_CONFIGURATION_INFO with default values. This instance can be passed to PIN_StartProgram() in order to take effect on Pin.

The default values are:

  • Callback types which are allowed to run concurrently - None (PIN_CALLBACK_TYPE_NONE)
Availability:
Mode: JIT
O/S: Linux, Windows & macOS*
CPU: IA-32 and Intel(R) 64 architectures

◆ PIN_Detach()

VOID PIN_Detach ( )

Pin relinquishes control of the application and the original un-instrumented code is executed.

On Linux, the function may be invoked from analysis, instrumentation or callback routines. It may be executed by any thread, including threads spawned by the Pintool which are invisible to the Pin VM.

On Windows and macOS*, the function must be invoked from an analysis routine. Invoking the function from instrumentation routines could cause Pin to misbehave. See Tests/detach.C for an example of its use.

The request for detach is considered by Pin as asynchronous. This means that Pin will perform the detach procedure at a point which it considers convenient to do so. From the user's perspective, instrumentation, analysis or callback routines might still be executed after calling PIN_Detach(). In practice, PIN_Detach() simply registers the request to the Pin VM and exits immediately i.e. the function does not wait for detach to complete.

Once Pin starts the detach procedure, it can't be blocked, and will not run forever. It is not possible to detach one thread. All threads will run natively after PIN_Detach(). During detach, Pin doesn't free memory used for Pin objects. This memory will be used during re-attach.

During the detach procedure Pin runs an auxiliary process, which communicates with the running application process via debug interface. The auxiliary process is temporary and will exit immediately when the detach procedure is completed. For the user, this means that a debugger cannot be attached to the application process during detach.

Use PIN_AddDetachFunction() to receive a notification just prior to detach. The callback will be received after all the threads are stopped inside the VM and no more instrumentation functions, analysis routines or callbacks will be called.
Note: at this point, the auxiliary process mentioned above is still attached to the application process.

Note
The vm and client locks are obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows, & macOS*
CPU: All

◆ PIN_DetachProbed()

VOID PIN_DetachProbed ( )

Initiate Pin detach request in probe mode. In the scope of this operation, Pin removes all probes set by Pin & tool, The user can get a notification when the detach operation has been completed (via callback registration using PIN_AddDetachFunctionProbed()). On Linux, the user can get additional per-thread callbacks just prior to probes removal. (via callback registration using PIN_AddThreadDetachProbedFunction()).These callbacks will be given for each thread in its native context. If Pin has already detached (using PIN_DetachProbed()), or if Pin has not fully started yet (the notification function registered by PIN_AddApplicationStartFunction() was not yet delivered to the tool), this function will be ignored.

Note
Even though Pin removes all probes, replacement functions can still be active (for example, if the replacement function is still located on the call stack of one of the threads). It is the tool responsibility to handle these scenarios.
The vm and pin client locks are obtained during the call of this API.
Availability:
Mode: Probe
O/S: Linux, Windows, & macOS*
CPU: IA32, Intel64

◆ PIN_FetchCode()

size_t PIN_FetchCode ( void *  copyBuf,
const VOID *  address,
size_t  maxSize,
EXCEPTION_INFO pExceptInfo 
)

A function to fetch the code raw bytes.

This function should be used when the tool needs the raw bytes of instructions and the tool is using a code fetcher function that translates the original code address to an actual code address.

Parameters
[out]copyBufdestination buffer
[in]addressaddress to copy from
[in]maxSizenumber of bytes to copy
[out]pExceptInfopointer to the structure that receives the exception information
Availability:
Mode: JIT
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_GetAuxVectorValue()

ADDRINT PIN_GetAuxVectorValue ( ADDRINT  type,
bool *  found 
)

Given an aux vector entry type, returns the entry's value.

Parameters
[in]typeThe type of the desired auxv entry.
[out]foundTrue if the entry was found, false otherwise.
Returns
The value of the aux vector entry, undefined if .
Availability:
Mode: JIT/Probe
O/S: Linux CPU: IA-32 and Intel(R) 64 architectures

◆ PIN_GetInitialThreadCount()

UINT32 PIN_GetInitialThreadCount ( )

This function is useful when the tool that use attach is doing some initial work that needs the number of threads at the time of the attach.

Returns
Number of threads at the time of the attach, in all other cases it will return one. It is not implemented for Windows with attach.
Availability:
Mode: JIT/Probe
O/S: Linux
CPU: IA-32 and Intel(R) 64 architectures

◆ PIN_GetMemoryAddressTransFunction()

MEMORY_ADDR_TRANS_CALLBACK PIN_GetMemoryAddressTransFunction ( )

Get the Registered notification function that is called when tool needs to modify memory address in PIN.

Parameters
funCall back function has no parameters
valValue to be passed to fun when it is called
Availability:
Mode: JIT & PROBE
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_Init()

BOOL PIN_Init ( INT32  argc,
CHAR **  argv 
)

Initialize Pin system. Must be called before PIN_StartProgram

Parameters
argcargc value passed to main
argvargv value passed to main, encoded in UTF8 (a superset of ASCII)
Returns
true if an error was detected parsing the command line
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT & Probe
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_InsertCallProbed()

VOID PIN_InsertCallProbed ( ADDRINT  addr,
AFUNPTR  funptr,
  ... 
)

Insert a call to an analysis routine relative to a location. In this location we expect to find a safe instruction, i.e. an instruction which is large enough to be replaced entirely with a jump instruction (i.e. 5/7 bytes long), it is not a control flow instruction, and it doesn't have memory operand.

Parameters
addressthe application address to instrument
funptrthe analysis function
...IARG_TYPE. The list must end with IARG_END.

PIN_StartProgramProbed() must be used when using this API.

Some restrictions apply when using IARG_CONTEXT. See Instrumentation arguments for more information. IARG_THREAD_ID is not supported.

Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: Probe
O/S: All
CPU: IA-32 and Intel(R) 64 architectures

◆ PIN_InterceptSignal()

BOOL PIN_InterceptSignal ( INT32  sig,
INTERCEPT_SIGNAL_CALLBACK  fun,
VOID *  val 
)

Establish an interceptor function for signals delivered to the application. Tools should never call sigaction() directly to handle signals. The interceptor function is called whenever the application receives the requested signal, regardless of whether the application has a handler for that signal. The tool's handler can then decide whether the signal should be forwarded to the application.

There are two intended usage models for this API, which are both advanced features. If your tool merely needs to be notified of signals that are sent to the application, use PIN_AddContextChangeFunction() instead.

In one usage model, a tool can take over ownership of a signal in order to use the signal as an asynchronous communication mechanism to the outside world. For example, if a tool intercepts SIGUSR1, a user of the tool could send this signal and tell the tool to do something. In this usage model, the tool may want to call PIN_UnblockSignal() so that it will receive the signal even if the application attempts to block it.

In the second usage model, the tool may need to "squash" certain signals that the application generates. For example, a tool that forces speculative execution in the application may want to intercept and squash exceptions generated in the speculative code.

A tool can set only one "intercept" handler for a particular signal, so a new handler overwrites any previous handler for the same signal. To disable a handler, pass a NULL function pointer.

Parameters
[in]sigThe signal number to intercept, which may not be SIGKILL or SIGSTOP.
[in]funThe tool's intercept function, or NULL.
[in]valValue to pass to the intercept function.
Returns
TRUE on success (always FALSE on Windows).
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux
CPU: All

◆ PIN_IsActionPending()

BOOL PIN_IsActionPending ( THREADID  tid)

This function is useful when an analysis routine might block for an indefinite period of time. In such cases, the analysis code can periodically call PIN_IsActionPending() to see if the thread has some pending action that needs to be handled in the Pin VM. If so, the analysis routine should return back to the VM, either by returning or by calling PIN_ExecuteAt().

Parameters
[in]tidThe ID of the calling thread.
Returns
TRUE if the thread has a pending action in the Pin VM.
Availability:
Mode: JIT
O/S: Linux
CPU: IA-32 and Intel(R) 64 architectures

◆ PIN_IsAttaching()

BOOL PIN_IsAttaching ( )
Returns
TRUE if Pin is being attached to a running application process

◆ PIN_IsProbeMode()

BOOL PIN_IsProbeMode ( )
Returns
Return TRUE if -probe on command line or if Tool started application calling .\n
Note
Tool can run in Probe mode without specifying -probe on the command line. This switch is provided as a convenience. In that case, PIN_IsProbeMode() will return FALSE before PIN_StartProgramProbed() was called (Since the default running mode is JIT).
Availability:
Mode: JIT & Probe
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_IsSafeForProbedInsertion()

BOOL PIN_IsSafeForProbedInsertion ( ADDRINT  addr)

Check if the given location is safe for probe insertion. This means that the location contains an instruction which is large enough to be replaced entirely with a jump instruction (i.e. 5/7 bytes long), it is not a control flow instruction, and it doesn't have memory operand.

Parameters
addressthe application address to instrument
Returns
TRUE/FALSE if the location is safe

PIN_StartProgramProbed() must be used when using this API.

Availability:
Mode: Probe
O/S: All
CPU: IA-32 and Intel(R) 64 architectures

◆ PIN_LockClient()

VOID PIN_LockClient ( )

Some Pin API functions may only be called when the thread is holding this lock. See also PIN_UnlockClient. The client lock is recursive, so can be claimed again by a thread if it already holds it. PIN_LockClient and PIN_UnlockClient calls must be matched, since the lock implementation maintains a depth count.
This function can be used in any thread, including internal threads spawned by the tool.

Availability:
Mode: JIT & Probe
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_RemoveFiniFunctions()

VOID PIN_RemoveFiniFunctions ( )

Invalidates all the Fini callback functions registered via PIN_AddFiniFunction; Fini callbacks will no longer be called before the application exits.

Must be called prior to invoking PIN_Detach if the tool has previously registered Fini callbacks and libc.so is not yet loaded into memory yet for a dynamically linked binary.

Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_RemoveInstrumentation()

VOID PIN_RemoveInstrumentation ( )

All instrumentation is removed. When application code is executed the instrumentation routines will be called to reinstrument all code. Similarly, any ahead-of-time instrumentation will be reapplied if the relevant code is re-executed.

Note
The vm lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_RemoveInstrumentationInRange()

VOID PIN_RemoveInstrumentationInRange ( ADDRINT  start,
ADDRINT  end 
)

Removes all instrumentation from the given range [start,end]. If the application reaches this range again, the code will be reinstrumented. Can be called from an analysis function or a callback. Note: Some code beyond the start and end margins may be reinstrumented as well.

Parameters
startThe starting address of the range
endThe ending address (inclusive) of the range
Note
The vm lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_SafeCopy()

size_t PIN_SafeCopy ( VOID *  dst,
const VOID *  src,
size_t  size 
)

Copy the specified number of bytes from a source memory region to a destination memory region. The function guarantees safe return to the caller even if the source or destination regions are inaccessible (entirely or partially).

Tools should use this function to ensure safe access to the original content of the application's memory. For example, on Windows, Pin replaces certain TEB fields when running analysis routines in the tool. If the tool accesses these fields directly, it would see the values assigned by Pin rather than the original ones. On the contrary, PIN_SafeCopy() always reads and modifies the original application's values of these fields.

This function can be used in any thread, including any internal thread spawned by the tool.

Parameters
[out]dstdestination region
[in]srcregion to copy from
[in]sizenumber of bytes to copy
Returns
Number of bytes successfully copied from the source to the destination region.
Note
PIN_SafeCopy() should not be called before the application has been started. For instance, it cannot be called in an Image load callback. Unexpected results will occur.
Availability:
Mode: JIT
O/S: Linux, Windows
CPU: All

◆ PIN_SafeCopyEx()

size_t PIN_SafeCopyEx ( VOID *  dst,
const VOID *  src,
size_t  size,
EXCEPTION_INFO pExceptInfo 
)

Copy the specified number of bytes from a source memory region to a destination memory region. The function guarantees safe return to the caller even if the source or destination regions are inaccessible (entirely or partially).

In addition to the PIN_SafeCopy functionality, this function allows the tool to obtain detailed exception information in case of failure.

This function can be used in any thread, including any internal thread spawned by the tool.

Parameters
[out]dstdestination region
[in]srcregion to copy from
[in]sizenumber of bytes to copy
[out]pExceptInfopointer to the structure that receives the exception information in case of failure.
Returns
Number of bytes successfully copied from the source to the destination region. If the function fails to copy all bytes, it provides detailed description of the failure in the <pExceptInfo> structure.
Note
The exception address in the returned exception information always has zero value. If the tool wants to raise this exception on behalf of the application, it should use PIN_SetExceptionAddress function to set an appropriate exception address before passing the exception information to the PIN_RaiseException function.
PIN_SafeCopyEx() should not be called before the application has been started. For instance, it cannot be called in an Image load callback. Unexpected results will occur.
Availability:
Mode: JIT
O/S: Linux, Windows
CPU: All

◆ PIN_SetAllowedConcurrentCallbacks()

VOID PIN_SetAllowedConcurrentCallbacks ( PIN_CONFIGURATION_INFO  options,
PIN_CALLBACK_TYPE  callbackType 
)

Enables/disables concurrent delivery of certain callbacks in a specific PIN_CONFIGURATION_INFO instance.

Parameters
optionsThe PIN_CONFIGURATION_INFO instance to modify.
callbackTypeSpecifies which Pin callbacks are allowed to be delivered concurrently:

In the case where a callback should be delivered to several threads at a given moment, delivering a callback concurrently means that each thread is free to deliver its the respective callbacks without waiting for the other threads. This means that Pin doesn't acquire any exclusive internal lock in order to deliver a concurrent callback

In constrast, delivering a callback in a serialized way means that, in a given moment, only one threads is allowed to deliver any type of callback. Serializing the callback might hurt the performance of your Pin tool, but it will protect the tool against possibly race conditions in your tool. When a callback is considered "serialized", Pin will acquire an exclusive internal lock before delivering the callback to the tool.
Note
In order for this option to take effect the PIN_CONFIGURATION_INFO must be passed to PIN_StartProgram().
Currently, other types of callbacks (which don't have a respective enum entry in PIN_CALLBACK_TYPE) are serialized by Pin with no option to change that.
Availability:
Mode: JIT
O/S: Linux
CPU: IA-32 and Intel(R) 64 architectures

◆ PIN_SetReplayMode()

VOID PIN_SetReplayMode ( UINT32  flags)

Tell Pin to execute different sets of operations in replay mode.

The only flag currently supported is REPLAY_MODE_IMAGEOPS which disables Pin's normal detection of image load and unload events, which are expected to be replayed through the IMG_ReplayImageLoad and IMG_ReplayImageUnload calls. It also avoids Pin loading information about the initial image given on the command line.

Other flags may be added as required in the future.

Must be called before PIN_StartProgram

Parameters
flagsA mask created from the PIN_REPLAY_MODE_FLAGS enum describing the operations the replayer will take control of.
Availability:
Mode: JIT
O/S: Linux (others later)
CPU: All

◆ PIN_SetSmcSupport()

VOID PIN_SetSmcSupport ( SMC_ENABLE_DISABLE_TYPE  enable_disable)

Enable/Disable Pin's support of self modifying code When enabled, Pin will detect self modification of code and will deliver a callback, if one is registered, when such an event happens. When disabled and if SMC occurs, the SMC will not be detected and the original code will continue to execute. This function takes precedence over the specification of smc_support in the invocation line. This function must be called before PIN_StartProgram.

Parameters
[in]enableSMC_ENABLE, or SMC_DISABLE

SMC support is enabled by default

Availability:
Mode: JIT
O/S: Windows, Linux & macOS*
CPU: All

◆ PIN_StartProgram()

VOID PIN_StartProgram ( PIN_CONFIGURATION_INFO  options = PIN_CreateDefaultConfigurationInfo())

Starts executing the application, when Pin is in JIT mode, which is the default. Note that PIN_Init() must be called before PIN_StartProgram().

Parameters
optionsPin global configuration to use in this run of Pin. These configuration options are set only once (during the call of PIN_StartProgram()), and they are affecting the entire execution of Pin.
Note
The PIN_StartProgram() function never returns. It also unwinds the tool's stack, so any local (stack based) variables are lost.
The vm and pin client locks are obtained during the call of this API.

See also: PIN_CreateDefaultConfigurationInfo().

Availability:
Mode: JIT
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_StartProgramProbed()

VOID PIN_StartProgramProbed ( )

Starts executing the application, when Pin is in Probe mode. Note that PIN_Init() must be called before PIN_StartProgramProbed().

The PIN_StartProgramProbed() function never returns. It also unwinds the tool's stack, so any local (stack based) variables are lost.

Note
The vm and pin client locks are obtained during the call of this API.
Availability:
Mode: Probe
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_ToolFullPath()

const CHAR* PIN_ToolFullPath ( )

Returns full path of main Pin tool binary image, encoded in UTF8 (superset of ASCII).

Availability:
Mode: JIT & Probe
O/S: Windows, Linux
CPU: All

◆ PIN_TryEnd()

VOID PIN_TryEnd ( THREADID  tid)

Unregister the last registered notification function (registered via PIN_TryStart()) from the context of the calling thread. This function should be called in the same function scope as the previously registered .\n This function can be used in any thread, including any internal thread spawned by the tool.

Parameters
[in]tidId of the calling thread.
Availability:
Mode: JIT
O/S: Windows, Linux
CPU: IA-32 and Intel(R) 64 architectures

◆ PIN_TryStart()

VOID PIN_TryStart ( THREADID  tid,
INTERNAL_EXCEPTION_CALLBACK  fun,
VOID *  val 
)

Register a per-thread notification handler function that is called upon receipt of an internal exception in pin or the tool in the context of the calling thread. Use PIN_TryEnd() in order to remove the registered handler from the context of the calling thread (do it in the same function scope). The user can register up to MAX_IEH_CALLBACKS per-thread notification functions.
This function can be used in any thread, including any internal thread spawned by the tool.

Note
It is unsupported to call PIN_CallApplicationFunction() in the scope of PIN_TryStart() / PIN_TryEnd() pair.
Parameters
[in]tidId of the calling thread.
[in]funHandler function to execute upon receipt of internal exception in pin/tool.
[in]valValue to pass to the handler function.
Availability:
Mode: JIT
O/S: Windows, Linux
CPU: IA-32 and Intel(R) 64 architectures

◆ PIN_UnblockSignal()

BOOL PIN_UnblockSignal ( INT32  sig,
BOOL  enable 
)

This API is normally used in conjunction with PIN_InterceptSignal() to prevent the application from blocking a signal that the tool intercepts. This is useful if the tool wants to ensure that the application will not prevent the tool from receiving the intercepted signal.

When this API is called before PIN_StartProgram(), it affects all threads in the application. However, if it is called after PIN_StartProgram(), it only affects the calling thread. If the application spawns a thread, the child thread inherits the signal blocking state from its parent.

Tools should take care when using this API because it can adversely affect the application if it also uses the signal sig.

Parameters
[in]sigThe signal number, which may not be SIGKILL or SIGSTOP.
[in]enableIf TRUE, the application is prevented from blocking sig. If FALSE, the application may block or unblock sig at will.
Returns
TRUE on success (always FALSE on Windows).
Note
The pin client lock is obtained during the call of this API.
Availability:
Mode: JIT
O/S: Linux
CPU: All

◆ PIN_UnlockClient()

VOID PIN_UnlockClient ( )

Some Pin API functions may be called only when the thread is holding this lock. See also PIN_LockClient.
This function can be used in any thread, including any internal thread spawned by the tool.

Availability:
Mode: JIT & Probe
O/S: Linux, Windows & macOS*
CPU: All

◆ PIN_Version()

const std::string& PIN_Version ( )

Returns a fully descriptive Pin version string, including the Intel copyright notice. The returned version is the Pin version that the tool was linked with.

◆ PIN_VmFullPath()

CHAR* PIN_VmFullPath ( )

Returns full path of Pin binary invoked, encoded in UTF8 (superset of ASCII), this is supported for Linux (only for locales encoded in UTF8).

Availability:
Mode: JIT
O/S: Linux & macOS*
CPU: All