4

I'm trying to obtain the values of the arguments to a function using intel pin. Single argument functions are simple enough using the example ManualExamples/malloctrace.cpp . However, when I try to get the argument values with multiple arguments I run into trouble.

Eg. Trying to capture the argument values of the following function:

void funcA(int a, int b, int c) {
    printf("Actual: %i %i %i\n", a,b,c);
}

With the following pin code

VOID funcHandler(CHAR* name, int a, int b, int c) {
   printf("Pin: %s %i %i %i\n", name, a, b, c);
}

VOID Image(IMG img, VOID *v) {
    RTN funcRtn = RTN_FindByName(img, "funcA");
    if (RTN_Valid(funcRtn)) {
        RTN_Open(funcRtn);
        RTN_InsertCall(funcRtn, IPOINT_BEFORE, (AFUNPTR)funcHandler, 
                      IARG_ADDRINT, "funcA", IARG_FUNCARG_ENTRYPOINT_VALUE, 
                      0, IARG_END);
        RTN_Close(funcRtn);
    }
}

I get the following output

Pin: funcA 0 -656937200 -10
Actual: 0 -10 0
Pin: funcA 1 -656937200 -9
Actual: 1 -9 20
Pin: funcA 2 -656937200 -8
Actual: 2 -8 40

I can see that I'm close, but something isn't aligned properly. I know about RTN_ReplaceProbed, but I need to use pin in jit mode as I need instruction level instrumentation.

apaderno
  • 28,547
  • 16
  • 75
  • 90
Mark
  • 3,177
  • 4
  • 26
  • 37

2 Answers2

9

I think it's actually a pretty easy one to fix, since you've basically got everything right to begin with.

The only problem is that when calling RTN_InsertCall, you only extract the first argument (which is why Pin and Actual are the same for the first argument but not the others). You simply need to give a few more arguments to RTN_InsertCall so that funcHandler gets all the arguments it needs.

So, instead of 

RTN_InsertCall(funcRtn, IPOINT_BEFORE, (AFUNPTR)funcHandler, 
    IARG_ADDRINT, "funcA", IARG_FUNCARG_ENTRYPOINT_VALUE, 
    0, IARG_END);

just do

RTN_InsertCall(funcRtn, IPOINT_BEFORE, (AFUNPTR)funcHandler, 
    IARG_ADDRINT, "funcA", IARG_FUNCARG_ENTRYPOINT_VALUE, 
    0, IARG_FUNCARG_ENTRYPOINT_VALUE, 1,
    IARG_FUNCARG_ENTRYPOINT_VALUE, 2, IARG_END);

All I did was add a couple more IARG_FUNCARG_ENTRYPOINT_VALUE with 1 and 2 to get the 1st and 2nd arguments, after you already got the 0th argument.

I'm currently not on the machine where I have Pin set up to test, but if it doesn't work let me know.

leebeckman
  • 136
  • 2
0

The example in Tests/callargs.cpp gives correct results. 

   VOID funcA(ADDRINT a, ADDRINT b, ADDRINT c) {
      printf("Pin: %i %i %i\n", (int)a, (int)b, (int)c);
   }


   RTN_InsertCall(startRtn, IPOINT_BEFORE, AFUNPTR(StartHandler), IARG_G_ARG0_CALLER, IARG_G_ARG1_CALLER, IARG_G_ARG2_CALLER, IARG_END);
Mark
  • 3,177
  • 4
  • 26
  • 37