|
From: Nicholas N. <nj...@cs...> - 2006-06-13 23:36:23
|
On Tue, 13 Jun 2006, Eric Li wrote: > Two things: > > 1. If I write a simple tool, and just get the IR that way from inside the > instrumentation functions, is there a way to get all BB's of the target > executable translated to IR? Not really. > As far as I can see, only the BB's on the > path of execution got translated. Yes. > 2. I'm passing BB's to LibVEX_Translate with the orig_addr argument set to > point to the first instruction in the BB but the translation that comes > out does not match the translation from just running valgrind --tool=none > --trace-flags=10000000 --trace-notbelow=0. And it's not a pre/post IR > optimization issue because I also compared against all the other > --trace-flags. I don't quite understand what you're saying, can you give a more detailed example, eg. with --trace-flags output? Are you comparing --tool=none against a tool you've written? But note that memory can be laid out differently for different Valgrind tools. > Any suggestions as to what could be the cause? Is there a > particular format the BB's have to be in for VEX, e.g. have some kinda > header? Not that I know of. N |