A light-weight emulator to calculate switch targets from switch variables. More...
#include <jumptable.hh>
Public Member Functions | |
| EmulateFunction (Funcdata *f) | |
| Constructor. More... | |
| void | setLoadCollect (bool val) |
| Set whether we collect LOAD information. | |
| virtual void | setExecuteAddress (const Address &addr) |
| Set the address of the next instruction to emulate. | |
| virtual uintb | getVarnodeValue (Varnode *vn) const |
| Given a specific Varnode, retrieve the current value for it from the machine state. More... | |
| virtual void | setVarnodeValue (Varnode *vn, uintb val) |
| Given a specific Varnode, set the given value for it in the current machine state. More... | |
| uintb | emulatePath (uintb val, const PathMeld &pathMeld, PcodeOp *startop, Varnode *startvn) |
| Execute from a given starting point and value to the common end-point of the path set. More... | |
| void | collectLoadPoints (vector< LoadTable > &res) const |
| Recover any LOAD table descriptions. More... | |
 Public Member Functions inherited from EmulatePcodeOp | |
| EmulatePcodeOp (Architecture *g) | |
| Constructor. More... | |
| void | setCurrentOp (PcodeOp *op) |
| Establish the current PcodeOp being emulated. More... | |
| virtual Address | getExecuteAddress (void) const |
| Get the address of the current instruction being executed. | |
| Public Member Functions inherited from Emulate | |
| Emulate (void) | |
| generic emulator constructor | |
| void | setHalt (bool val) |
| Set the halt state of the emulator. More... | |
| bool | getHalt (void) const |
| Get the halt state of the emulator. More... | |
| void | executeCurrentOp (void) |
| Do a single pcode op step. More... | |
Private Member Functions | |
| virtual void | executeLoad (void) |
| Standard behavior for a p-code LOAD. | |
| virtual void | executeBranch (void) |
| Standard behavior for a BRANCH. More... | |
| virtual void | executeBranchind (void) |
| Standard behavior for a BRANCHIND. | |
| virtual void | executeCall (void) |
| Standard behavior for a p-code CALL. | |
| virtual void | executeCallind (void) |
| Standard behavior for a CALLIND. | |
| virtual void | executeCallother (void) |
| Standard behavior for a user-defined p-code op. | |
| virtual void | fallthruOp (void) |
| Standard p-code fall-thru semantics. | |
Private Attributes | |
| Funcdata * | fd |
| The function being emulated. | |
| map< Varnode *, uintb > | varnodeMap |
| Light-weight memory state based on Varnodes. | |
| bool | collectloads |
| Set to true if the emulator collects individual LOAD addresses. | |
| vector< LoadTable > | loadpoints |
| The set of collected LOAD records. | |
Additional Inherited Members | |
| Protected Member Functions inherited from EmulatePcodeOp | |
| virtual uintb | getLoadImageValue (AddrSpace *spc, uintb offset, int4 sz) const |
| Pull a value from the load-image given a specific address. More... | |
| virtual void | executeUnary (void) |
| Execute a unary arithmetic/logical operation. | |
| virtual void | executeBinary (void) |
| Execute a binary arithmetic/logical operation. | |
| virtual void | executeStore (void) |
| Standard behavior for a p-code STORE. | |
| virtual bool | executeCbranch (void) |
| Check if the conditional of a CBRANCH is true. More... | |
| virtual void | executeMultiequal (void) |
| Standard behavior for a MULTIEQUAL (phi-node) | |
| virtual void | executeIndirect (void) |
| Standard behavior for an INDIRECT op. | |
| virtual void | executeSegmentOp (void) |
| Behavior for a SEGMENTOP. | |
| virtual void | executeCpoolRef (void) |
| Standard behavior for a CPOOLREF (constant pool reference) op. | |
| virtual void | executeNew (void) |
| Standard behavior for (low-level) NEW op. | |
| Protected Attributes inherited from EmulatePcodeOp | |
| Architecture * | glb |
| The underlying Architecture for the program being emulated. | |
| PcodeOp * | currentOp |
| Current PcodeOp being executed. | |
| PcodeOp * | lastOp |
| Last PcodeOp that was executed. | |
| Protected Attributes inherited from Emulate | |
| bool | emu_halted |
| Set to true if the emulator is halted. | |
| OpBehavior * | currentBehave |
| Behavior of the next op to execute. | |
Detailed Description
A light-weight emulator to calculate switch targets from switch variables.
We assume we only have to store memory state for individual Varnodes and that dynamic LOADs are resolved from the LoadImage. BRANCH and CBRANCH emulation will fail, there can only be one execution path, although there can be multiple data-flow paths.
Constructor & Destructor Documentation
| EmulateFunction::EmulateFunction | ( | Funcdata * | f | ) |
Member Function Documentation
| void EmulateFunction::collectLoadPoints | ( | vector< LoadTable > & | res | ) | const |
Recover any LOAD table descriptions.
Pass back any LOAD records collected during emulation. The individual records are sorted and collapsed into concise table descriptions.
- Parameters
-
res will hold any resulting table descriptions
References LoadTable::collapseTable(), and loadpoints.
Referenced by JumpBasic::buildAddresses().
| uintb EmulateFunction::emulatePath | ( | uintb | val, |
| const PathMeld & | pathMeld, | ||
| PcodeOp * | startop, | ||
| Varnode * | startvn | ||
| ) |
Execute from a given starting point and value to the common end-point of the path set.
Flow the given value through all paths in the path container to produce the single output value.
- Parameters
-
val is the starting value pathMeld is the set of paths to execute startop is the starting PcodeOp within the path set startvn is the Varnode holding the starting value
- Returns
- the calculated value at the common end-point
References PcodeOp::code(), CPUI_MULTIEQUAL, Emulate::executeCurrentOp(), PcodeOp::getAddr(), PcodeOp::getIn(), PathMeld::getOp(), PcodeOp::getOut(), getVarnodeValue(), Varnode::isConstant(), PcodeOp::numInput(), PathMeld::numOps(), EmulatePcodeOp::setCurrentOp(), and setVarnodeValue().
Referenced by JumpBasic::buildAddresses(), and JumpBasicOverride::trialNorm().
|
privatevirtual |
Standard behavior for a BRANCH.
This routine performs a standard p-code BRANCH operation on the memory state. This same routine is used for CBRANCH operations if the condition has evaluated to true.
Implements Emulate.
|
virtual |
Given a specific Varnode, retrieve the current value for it from the machine state.
This is the placeholder internal operation for obtaining a Varnode value during emulation. The value is loaded using the Varnode as the address and storage size.
- Parameters
-
vn is the specific Varnode
- Returns
- the corresponding value from the machine state
Implements EmulatePcodeOp.
References EmulatePcodeOp::getLoadImageValue(), Varnode::getOffset(), Varnode::getSize(), Varnode::getSpace(), Varnode::isConstant(), and varnodeMap.
Referenced by emulatePath().
|
virtual |
Given a specific Varnode, set the given value for it in the current machine state.
This is the placeholder internal operation for setting a Varnode value during emulation. The value is stored using the Varnode as the address and storage size.
- Parameters
-
vn is the specific Varnode val is the constant value to store
Implements EmulatePcodeOp.
References varnodeMap.
Referenced by emulatePath().
The documentation for this class was generated from the following files:
- jumptable.hh
- jumptable.cc
