Why is instrumentation before rep string emulation executed multiple times consecutively?

[Mingsheng Xu]

Hi all,

I am trying to understand the rep string expansion and its impact on instrumentation. In my client,

1. At the app2app stage, I called `drutil_expand_rep_string`.

2. At the app analysis stage, I inserted a clean call at `instrlist_first(bb)` that counts how many times this basic block is executed.

After the rep string expansion, the first instruction of the rep string basic block is the emulation start instruction. Since it is before the explicit rep string loop, I assume that the instrumentation inserted here would only be executed once regardless of the following rep string loop. However, in my experiments, it indeed was executed multiple times consecutively.

What am I getting wrong here? Thank you so much!

[Derek Bruening]

The rep string expansion involves isolating the rep string instruction to its own block.  That block then becomes the loop; each rep string iteration is one execution of that entire block.  So to insert once-executed pre-loop instrumentation, it needs to go into the previous block.  Today that would have be determined by a high-priority app2app phase "spying" the rep string coming before drutil removes it from that previous block. https://github.com/DynamoRIO/dynamorio/issues/6656 is a feature request for drutil to add a special label a client could look for to know where to insert.  If you're interested in implementing that feature we would welcome the contribution!

--
You received this message because you are subscribed to the Google Groups "DynamoRIO Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dynamorio-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dynamorio-users/61068c25-d88e-45cd-98c8-96492966848dn%40googlegroups.com.

[Mingsheng Xu]

Thank you so much! The issue request description is helpful as well. I'll have a try!