User:Nitzanms/Sandbox/Pin

Pin is a dynamic binary instrumentation framework for the IA32, Intel64 and IA64 instruction set architectures that enables the creation of dynamic program analysis tools. Some tools built with Pin are Intel Parallel Inspector, Intel Parallel Amplifier and Intel Parallel Advisor.

The tools created using Pin, called Pintools, can be used to perform program analysis on user space applications in Windows and Linux. Since Pin is a dynamic binary instrumentation tool, the instrumentation is performed at run time on the compiled binary files. It therefore does not require re-compilation of the source code and can support the instrumentation of programs that dynamically generate code.

Pin was originally created as a tool for computer architecture analysis, but its flexible API and an active community (called "Pinheads") have created a diverse set of tools for security, emulation and parallel program analysis.

Pin is developed and supported by Intel, and is supplied free of charge for non-commercial use together with a kit of reference tools.

Overview
Pin performs instrumentation by taking control of the program just after it loads into memory. It then just-in-time re-compiles small sections of binary code just before they are run. New instructions, which perform the analysis, are added to the re-compiled code. These new instructions come from the Pintool. A large array of optimization techniques are used to obtain the lowest possible running time and memory consumption overhead. As of June 2010, Pin's average base overhead is 30 per cent (without running a pintool).

Pin is a platform for the creation of analysis tools. A pin tool comprises instrumentation, analysis and callback routines. Instrumentation routines are called when code that has not yet been recompiled is about to be run, and enable the insertion of analysis routines. Analysis routines are called when the code they are associated with is run. Callback routines are called when specific conditions are met, or when a certain event has occurred. Pin provides an extensive API for instrumentation at many abstraction levels, from a single instruction to an entire binary module. It also supports callbacks for many events such as library loads, system calls, signals/exceptions and thread creation events.

Instrumentation Modes
Pin supports two modes of instrumentation called JIT mode and Probe mode. JIT mode supports all the features of Pin, while Probe mode supports a limited feature set but is much faster, adding almost no overhead to program running time. JIT mode uses a just-in-time compiler to recompile all program code and insert instrumentation, while Probe mode uses code trampolines for instrumentation.

Platform independence
Pin was designed with tool portability in mind, and despite JIT compiling from one ISA to the same ISA (and not using a single intermediate representation for all code), most of its APIs are architecture independent and Operating System independent. It was also designed to be portable itself, carefully isolating platform-specific code from generic code, allowing the fast adaptation of Pin to new platforms. Approximately half of the code is generic and the rest is either architecture or OS dependent.

Optimizations
Pin uses many techniques to optimize instrumentation and analysis code, using techniques such as inlining , liveness analysis and smart register spilling. Pin performs these optimizations automatically whenever possible, without requiring the user to insert any extra code to allow inlining. Naturally, some optimizations still require user hints, and some code structures are easier to inline than others. Direct linking of jitted code sections, a technique called trace linking, and register binding reconciliation, which minimizes register spilling and remapping, are also used.

Ease of Use
Pin’s API and implementation are focused on making pin tools easy to write. Pin takes full responsibility for assuring that the instrumentation code from the pin tool does not affect the application state. Also, the API enables the instrumentation code to request many pieces of information from Pin. For example, the instrumentation code in the pin tool can use the Pin API to get the memory address being accessed by an instruction, without having to examine the instruction in detail.

Tools
There are many Pintools that are used for varying tasks.
 * Components of Intel Parallel Studio make heavy use of pintools for memory debugging, performance analysis, multithreading correctness analysis and parallelization preparation.
 * |Intel Software Development Emulator is a pintool that enables the development of applications using instruction set extensions that are not currently implemented in hardware.
 * CMP$IM is a cache profiler built using pin.
 * PinPlay enables the capture and deterministic replay of the running of multithreaded programs under pin. Capturing the running of a program enables the developer to overcome the non-determinism inherent to multithreading.
 * Pin itself comes with many example tools that make use of its capabilities. These tools are licensed under a BSD-like license.