0

I am running a program and I want to check whether a branch is taken when there is a conditional jump.

I heard that IntelPT can do that using pt_qry_cond_branch() function. However I could not see any example on how to use it. Does anyone have any idea about it?

For example, how would I use Intel PT to see what happened in this function:

foo:
    rdrand  eax
    cmp     eax, 1<<29
    ja    .taken
    nop
.taken:
    xor     eax, eax
    ret

I want to know how to use Intel-PT for this, rather than setting a breakpoint on the nop or some other way of instrumenting to find the data and compute the branch condition myself.

Peter Cordes
  • 328,167
  • 45
  • 605
  • 847
sarah123
  • 175
  • 1
  • 7

1 Answers1

1

It should be straight-forward to see in the instruction trace that you can record with IntelPT-support, e.g. through perf on Linux. You will either see the nop in the trace or not. I'm not sure what pt_qry_cond_branch() could contribute -- isn't it just part of the trace decoder library that will post-process a recorded trace?

Volker Stolz
  • 7,274
  • 1
  • 32
  • 50