A function prototype. More...
#include <fspec.hh>
Public Member Functions | |
| FuncProto (void) | |
| Constructor. | |
| ~FuncProto (void) | |
| Destructor. | |
| Architecture * | getArch (void) const |
| Get the Architecture owning this. | |
| void | copy (const FuncProto &op2) |
| Copy another function prototype. More... | |
| void | copyFlowEffects (const FuncProto &op2) |
| Copy properties that affect data-flow. | |
| void | getPieces (PrototypePieces &pieces) const |
| Get the raw pieces of the prototype. More... | |
| void | setPieces (const PrototypePieces &pieces) |
| Set this prototype based on raw pieces. More... | |
| void | setScope (Scope *s, const Address &startpoint) |
| Set a backing symbol Scope for this. More... | |
| void | setInternal (ProtoModel *m, Datatype *vt) |
| Set internal backing storage for this. More... | |
| void | setModel (ProtoModel *m) |
| Set the prototype model for this. More... | |
| bool | hasModel (void) const |
| Does this prototype have a model. | |
| bool | hasMatchingModel (const FuncProto *op2) const |
| Does this have a matching model. | |
| bool | hasMatchingModel (const ProtoModel *op2) const |
| Does this use the given model. | |
| const string & | getModelName (void) const |
| Get the prototype model name. | |
| int4 | getModelExtraPop (void) const |
| Get the extrapop of the prototype model. | |
| bool | isInputLocked (void) const |
| Are input data-types locked. | |
| bool | isOutputLocked (void) const |
| Is the output data-type locked. | |
| bool | isModelLocked (void) const |
| Is the prototype model for this locked. | |
| bool | isUnknownModel (void) const |
| Is prototype model officially "unknown". | |
| bool | hasCustomStorage (void) const |
| Is this a "custom" function prototype. | |
| void | setInputLock (bool val) |
| Toggle the data-type lock on input parameters. More... | |
| void | setOutputLock (bool val) |
| Toggle the data-type lock on the return value. More... | |
| void | setModelLock (bool val) |
| Toggle the lock on the prototype model for this. More... | |
| bool | isInline (void) const |
| Does this function get in-lined during decompilation. | |
| void | setInline (bool val) |
| Toggle the in-line setting for functions with this prototype. More... | |
| int4 | getInjectId (void) const |
| Get the injection id associated with this. More... | |
| int4 | getReturnBytesConsumed (void) const |
| Get an estimate of the number of bytes consumed by callers of this prototype. More... | |
| bool | setReturnBytesConsumed (int4 val) |
| Set the number of bytes consumed by callers of this. More... | |
| bool | isNoReturn (void) const |
| Does a function with this prototype never return. | |
| void | setNoReturn (bool val) |
| Toggle the no-return setting for functions with this prototype. More... | |
| bool | hasThisPointer (void) const |
| Is this a prototype for a class method, taking a this pointer. | |
| bool | isConstructor (void) const |
| Is this prototype for a class constructor method. | |
| void | setConstructor (bool val) |
| Toggle whether this prototype is a constructor method. More... | |
| bool | isDestructor (void) const |
| Is this prototype for a class destructor method. | |
| void | setDestructor (bool val) |
| Toggle whether this prototype is a destructor method. More... | |
| bool | hasInputErrors (void) const |
| Has this prototype been marked as having an incorrect input parameter descriptions. | |
| bool | hasOutputErrors (void) const |
| Has this prototype been marked as having an incorrect return value description. | |
| void | setInputErrors (bool val) |
| Toggle the input error setting for this prototype. More... | |
| void | setOutputErrors (bool val) |
| Toggle the output error setting for this prototype. More... | |
| int4 | getExtraPop (void) const |
| Get the general extrapop setting for this prototype. | |
| void | setExtraPop (int4 ep) |
| Set the general extrapop for this prototype. | |
| int4 | getInjectUponEntry (void) const |
| Get any upon-entry injection id (or -1) | |
| int4 | getInjectUponReturn (void) const |
| Get any upon-return injection id (or -1) | |
| void | resolveExtraPop (void) |
| Assuming this prototype is locked, calculate the extrapop. More... | |
| void | clearUnlockedInput (void) |
| Clear input parameters that have not been locked. | |
| void | clearUnlockedOutput (void) |
| Clear the return value if it has not been locked. | |
| void | clearInput (void) |
| Clear all input parameters regardless of lock. | |
| void | cancelInjectId (void) |
| Turn-off any in-lining for this function. | |
| void | resolveModel (ParamActive *active) |
| If this has a merged model, pick the most likely model (from the merged set) More... | |
| void | deriveInputMap (ParamActive *active) const |
| Given a list of input trials, derive the most likely inputs for this prototype. More... | |
| void | deriveOutputMap (ParamActive *active) const |
| Given a list of output trials, derive the most likely return value for this prototype. More... | |
| bool | checkInputJoin (const Address &hiaddr, int4 hisz, const Address &loaddr, int4 losz) const |
| Check if the given two input storage locations can represent a single logical parameter. More... | |
| bool | checkInputSplit (const Address &loc, int4 size, int4 splitpoint) const |
| Check if it makes sense to split a single storage location into two input parameters. More... | |
| void | updateInputTypes (Funcdata &data, const vector< Varnode * > &triallist, ParamActive *activeinput) |
| Update input parameters based on Varnode trials. More... | |
| void | updateInputNoTypes (Funcdata &data, const vector< Varnode * > &triallist, ParamActive *activeinput) |
| Update input parameters based on Varnode trials, but do not store the data-type. More... | |
| void | updateOutputTypes (const vector< Varnode * > &triallist) |
| Update the return value based on Varnode trials. More... | |
| void | updateOutputNoTypes (const vector< Varnode * > &triallist, TypeFactory *factory) |
| Update the return value based on Varnode trials, but don't store the data-type. More... | |
| void | updateAllTypes (const vector< string > &namelist, const vector< Datatype * > &typelist, bool dtdtdt) |
| Set this entire function prototype based on a list of names and data-types. More... | |
| ProtoParameter * | getParam (int4 i) const |
| Get the i-th input parameter. | |
| void | removeParam (int4 i) |
| Remove the i-th input parameter. | |
| int4 | numParams (void) const |
| Get the number of input parameters. | |
| ProtoParameter * | getOutput (void) const |
| Get the return value. | |
| Datatype * | getOutputType (void) const |
| Get the return value data-type. | |
| const RangeList & | getLocalRange (void) const |
| Get the range of potential local stack variables. | |
| const RangeList & | getParamRange (void) const |
| Get the range of potential stack parameters. | |
| bool | isStackGrowsNegative (void) const |
| Return true if the stack grows toward smaller addresses. | |
| bool | isDotdotdot (void) const |
| Return true if this takes a variable number of arguments. | |
| void | setDotdotdot (bool val) |
| Toggle whether this takes variable arguments. | |
| bool | isOverride (void) const |
| Return true if this is a call site override. | |
| void | setOverride (bool val) |
| Toggle whether this is a call site override. | |
| uint4 | hasEffect (const Address &addr, int4 size) const |
| Calculate the effect this has an a given storage location. More... | |
| vector< EffectRecord >::const_iterator | effectBegin (void) const |
| Get iterator to front of EffectRecord list. | |
| vector< EffectRecord >::const_iterator | effectEnd (void) const |
| Get iterator to end of EffectRecord list. | |
| int4 | numLikelyTrash (void) const |
| Get the number of likely-trash locations. More... | |
| const VarnodeData & | getLikelyTrash (int4 i) const |
| Get the i-th likely-trash location. More... | |
| int4 | characterizeAsInputParam (const Address &addr, int4 size) const |
| Decide whether a given storage location could be, or could hold, an input parameter. More... | |
| bool | possibleInputParam (const Address &addr, int4 size) const |
| Decide whether a given storage location could be an input parameter. More... | |
| bool | possibleOutputParam (const Address &addr, int4 size) const |
| Decide whether a given storage location could be a return value. More... | |
| int4 | getMaxInputDelay (void) const |
| Return the maximum heritage delay across all possible input parameters. More... | |
| int4 | getMaxOutputDelay (void) const |
| Return the maximum heritage delay across all possible return values. More... | |
| bool | unjustifiedInputParam (const Address &addr, int4 size, VarnodeData &res) const |
| Check if the given storage location looks like an unjustified input parameter. More... | |
| OpCode | assumedInputExtension (const Address &addr, int4 size, VarnodeData &res) const |
| Get the type of extension and containing input parameter for the given storage. More... | |
| OpCode | assumedOutputExtension (const Address &addr, int4 size, VarnodeData &res) const |
| Get the type of extension and containing return value location for the given storage. More... | |
| bool | getBiggestContainedInputParam (const Address &loc, int4 size, VarnodeData &res) const |
| Pass-back the biggest potential input parameter contained within the given range. More... | |
| bool | isCompatible (const FuncProto &op2) const |
| Decide if this can be safely restricted to match another prototype. More... | |
| AddrSpace * | getSpacebase (void) const |
| Get the stack address space. | |
| void | printRaw (const string &funcname, ostream &s) const |
| Print this prototype as a single line of text. More... | |
| uint4 | getComparableFlags (void) const |
| Get the comparable properties of this prototype. More... | |
| void | saveXml (ostream &s) const |
| Save this to an XML stream as a <prototype> tag. More... | |
| void | restoreXml (const Element *el, Architecture *glb) |
| Restore this from an XML stream. More... | |
Protected Member Functions | |
| void | paramShift (int4 paramshift) |
| Add parameters to the front of the input parameter list. More... | |
| bool | isParamshiftApplied (void) const |
| void | setParamshiftApplied (bool val) |
| Toggle whether a parameter shift has been applied. | |
Private Types | |
| enum | { dotdotdot = 1, voidinputlock = 2, modellock = 4, is_inline = 8, no_return = 16, paramshift_applied = 32, error_inputparam = 64, error_outputparam = 128, custom_storage = 256, unknown_model = 512, is_constructor = 0x400, is_destructor = 0x800, has_thisptr = 0x1000, is_override = 0x2000 } |
Private Member Functions | |
| void | updateThisPointer (void) |
| Make sure any "this" parameter is properly marked. More... | |
Private Attributes | |
| ProtoModel * | model |
| Model of for this prototype. | |
| ProtoStore * | store |
| Storage interface for parameters. | |
| int4 | extrapop |
| Extra bytes popped from stack. | |
| uint4 | flags |
| Boolean properties of the function prototype. | |
| vector< EffectRecord > | effectlist |
| Side-effects associated with non-parameter storage locations. | |
| vector< VarnodeData > | likelytrash |
| Locations that may contain trash values. | |
| int4 | injectid |
| (If non-negative) id of p-code snippet that should replace this function | |
| int4 | returnBytesConsumed |
| Number of bytes of return value that are consumed by callers (0 = all bytes) | |
Detailed Description
A function prototype.
A description of the parameters and return value for a specific function. Parameter descriptions include both source code features like name and data-type but also give the storage location. Storage follows a specific parameter passing convention (ProtoModel), although individual parameters may be customized. The prototype describes numerous properties related to calling the specific function:
- Side-effects on non-parameter storage locations (like save registers)
- P-code injection associated with the function (uponentry, uponreturn, callfixup)
- Additional bytes (extrapop) popped from the stack by the function
- Method flags (thiscall, is_constructor, is_destructor)
Member Enumeration Documentation
|
private |
| Enumerator | |
|---|---|
| dotdotdot |
Set if this prototype takes variable arguments (varargs) |
| voidinputlock |
Set if this prototype takes no inputs and is locked. |
| modellock |
Set if the PrototypeModel is locked for this prototype. |
| is_inline |
Should this be inlined (within calling function) by decompiler. |
| no_return |
Function does not return. |
| paramshift_applied |
paramshift parameters have been added and removed |
| error_inputparam |
Set if the input parameters are not properly represented. |
| error_outputparam |
Set if the return value(s) are not properly represented. |
| custom_storage |
Parameter storage is custom (not derived from ProtoModel) |
| unknown_model |
Set if the PrototypeModel isn't known. |
| is_constructor |
Function is an (object-oriented) constructor. |
| is_destructor |
Function is an (object-oriented) destructor. |
| has_thisptr |
Function is a method with a 'this' pointer as an argument. |
| is_override |
Set if this prototype is created to override a single call site. |
Member Function Documentation
|
inline |
Get the type of extension and containing input parameter for the given storage.
If the given storage is properly contained within a normal parameter and the model typically extends a small value into the full container, pass back the full container and the type of extension.
- Parameters
-
addr is the starting address of the given storage size is the number of bytes in the given storage res is the parameter storage to pass back
- Returns
- the extension operator (INT_ZEXT INT_SEXT) or INT_COPY if there is no extension. INT_PIECE indicates the extension is determined by the specific prototype.
References ProtoModel::assumedInputExtension().
Referenced by ActionPrototypeTypes::extendInput().
|
inline |
Get the type of extension and containing return value location for the given storage.
If the given storage is properly contained within a normal return value location and the model typically extends a small value into the full container, pass back the full container and the type of extension.
- Parameters
-
addr is the starting address of the given storage size is the number of bytes in the given storage res is the parameter storage to pass back
- Returns
- the extension operator (INT_ZEXT INT_SEXT) or INT_COPY if there is no extension. INT_PIECE indicates the extension is determined by the specific prototype.
References ProtoModel::assumedOutputExtension().
Referenced by FuncCallSpecs::commitNewOutputs(), and ActionFuncLink::funcLinkOutput().
| int4 FuncProto::characterizeAsInputParam | ( | const Address & | addr, |
| int4 | size | ||
| ) | const |
Decide whether a given storage location could be, or could hold, an input parameter.
If the input is locked, check if the location overlaps one of the current parameters. Otherwise, check if the location overlaps an entry in the prototype model. Return:
- 0 if the location neither contains or is contained by a parameter storage location
- 1 if the location is contained by a parameter storage location
- 2 if the location contains a parameter storage location
- Parameters
-
addr is the starting address of the given storage location size is the number of bytes in the storage
- Returns
- the characterization code
References Address::containedBy(), AddrSpace::flags, ProtoParameter::getAddress(), ProtoParameter::getSize(), ProtoParameter::isTypeLocked(), and Address::justifiedContain().
Referenced by Heritage::guardCalls().
|
inline |
Check if the given two input storage locations can represent a single logical parameter.
For this prototype, do the two (hi/lo) locations represent consecutive input parameter locations that can be replaced by a single logical parameter.
- Parameters
-
hiaddr is the address of the most significant part of the value hisz is the size of the most significant part in bytes loaddr is the address of the least significant part of the value losz is the size of the least significant part in bytes
- Returns
- true if the two pieces can be joined
References ProtoModel::checkInputJoin().
Referenced by FuncCallSpecs::checkInputJoin().
|
inline |
Check if it makes sense to split a single storage location into two input parameters.
A storage location and split point is provided, implying two new storage locations. Does this prototype allow these locations to be considered separate parameters.
- Parameters
-
loc is the starting address of provided storage location size is the size of the location in bytes splitpoint is the number of bytes to consider in the first (in address order) piece
- Returns
- true if the storage location can be split
References ProtoModel::checkInputSplit().
Referenced by ActionParamDouble::apply().
| void FuncProto::copy | ( | const FuncProto & | op2 | ) |
Copy another function prototype.
- Parameters
-
op2 is the other function prototype to copy into this
References ProtoStore::clone(), effectlist, extrapop, AddrSpace::flags, flags, injectid, likelytrash, model, and store.
Referenced by ActionDefaultParams::apply(), Override::applyPrototype(), FuncCallSpecs::clone(), FuncCallSpecs::forceSet(), and FuncCallSpecs::lateRestriction().
|
inline |
Given a list of input trials, derive the most likely inputs for this prototype.
Trials are sorted and marked as used or not.
- Parameters
-
active is the collection of Varnode input trials
References ProtoModel::deriveInputMap().
Referenced by ActionActiveParam::apply(), and ActionInputPrototype::apply().
|
inline |
Given a list of output trials, derive the most likely return value for this prototype.
One trial (at most) is marked used and moved to the front of the list
- Parameters
-
active is the collection of output trials
References ProtoModel::deriveOutputMap().
Referenced by ActionActiveReturn::apply(), and ActionReturnRecovery::apply().
| bool FuncProto::getBiggestContainedInputParam | ( | const Address & | loc, |
| int4 | size, | ||
| VarnodeData & | res | ||
| ) | const |
Pass-back the biggest potential input parameter contained within the given range.
Pass-back the biggest input parameter contained within the given range.
- Parameters
-
loc is the starting address of the given range size is the number of bytes in the range res will hold the parameter storage description being passed back
- Returns
- true if there is at least one parameter contained in the range
References Address::containedBy(), AddrSpace::flags, ProtoParameter::getAddress(), Address::getOffset(), ProtoParameter::getSize(), Address::getSpace(), ProtoParameter::isTypeLocked(), VarnodeData::offset, VarnodeData::size, and VarnodeData::space.
Referenced by Heritage::guardCallOverlappingInput().
|
inline |
Get the comparable properties of this prototype.
Get properties not including locking, error, and inlining flags.
- Returns
- the active set of flags for this prototype
|
inline |
Get the injection id associated with this.
A non-negative id indicates a call-fixup is used to in-line function's with this prototype.
- Returns
- the id value corresponding to the specific call-fixup or -1 if there is no call-fixup
Referenced by FlowInfo::injectPcode(), and FlowInfo::injectSubFunction().
| const VarnodeData & FuncProto::getLikelyTrash | ( | int4 | i | ) | const |
Get the i-th likely-trash location.
- Parameters
-
i is the index of the storage location
- Returns
- the storage location which may hold a trash value
Referenced by ActionLikelyTrash::apply().
|
inline |
Return the maximum heritage delay across all possible input parameters.
Depending on the address space, data-flow for a parameter may not be available until extra transform passes have completed. This method returns the number of passes that must occur before we can guarantee that all parameters have data-flow info.
- Returns
- the maximum number of passes across all input parameters in this prototype
References ProtoModel::getMaxInputDelay().
Referenced by FuncCallSpecs::initActiveInput().
|
inline |
Return the maximum heritage delay across all possible return values.
Depending on the address space, data-flow for a parameter may not be available until extra transform passes have completed. This method returns the number of passes that must occur before we can guarantee that any return value has data-flow info.
- Returns
- the maximum number of passes across all output parameters in this prototype
References ProtoModel::getMaxOutputDelay().
Referenced by Funcdata::initActiveOutput().
| void FuncProto::getPieces | ( | PrototypePieces & | pieces | ) | const |
Get the raw pieces of the prototype.
Copy out the raw pieces of this prototype as stand-alone objects, includings model, names, and data-types
- Parameters
-
pieces will hold the raw pieces
References PrototypePieces::dotdotdot, ProtoParameter::getName(), ProtoParameter::getType(), PrototypePieces::innames, PrototypePieces::intypes, PrototypePieces::model, and PrototypePieces::outtype.
|
inline |
Get an estimate of the number of bytes consumed by callers of this prototype.
A value of 0 means all possible bytes of the storage location are consumed.
- Returns
- the number of bytes or 0
Referenced by ActionDeadCode::gatherConsumedReturn().
| uint4 FuncProto::hasEffect | ( | const Address & | addr, |
| int4 | size | ||
| ) | const |
Calculate the effect this has an a given storage location.
For a storage location that is active before and after a call to a function with this prototype, we determine the type of side-effect the function will have on the storage.
- Parameters
-
addr is the starting address of the storage location size is the number of bytes in the storage
- Returns
- the type of side-effect: EffectRecord::unaffected, EffectRecord::killedbycall, etc.
References ProtoModel::lookupEffect().
Referenced by FuncCallSpecs::hasEffectTranslate(), and Funcdata::setInputVarnode().
| bool FuncProto::isCompatible | ( | const FuncProto & | op2 | ) | const |
Decide if this can be safely restricted to match another prototype.
Do this and another given function prototype share enough of their model, that if we restrict this to the other prototype, we know we won't miss data-flow.
- Parameters
-
op2 is the other restricting prototype
- Returns
- true if the two prototypes are compatible enough to restrict
References effectlist, extrapop, ProtoModel::extrapop_unknown, AddrSpace::flags, flags, ProtoStore::getOutput(), injectid, isDotdotdot(), isOutputLocked(), likelytrash, model, and store.
Referenced by FuncCallSpecs::lateRestriction().
|
inlineprotected |
Has a parameter shift been applied
Referenced by FuncCallSpecs::paramshiftModifyStop().
| int4 FuncProto::numLikelyTrash | ( | void | ) | const |
Get the number of likely-trash locations.
- Returns
- the number of individual storage locations
Referenced by ActionLikelyTrash::apply().
|
protected |
Add parameters to the front of the input parameter list.
Prepend the indicated number of input parameters to this. The new parameters have a data-type of xunknown4. If they were originally locked, the existing parameters are preserved.
- Parameters
-
paramshift is the number of parameters to add (must be >0)
References AddrSpace::flags, TypeFactory::getArch(), TypeFactory::getBase(), ProtoParameter::getName(), ProtoParameter::getType(), TypeFactory::getTypeVoid(), ParameterPieces::hiddenretparm, ProtoStoreInternal::setOutput(), TYPE_UNKNOWN, and Architecture::types.
Referenced by FuncCallSpecs::paramshiftModifyStart().
| bool FuncProto::possibleInputParam | ( | const Address & | addr, |
| int4 | size | ||
| ) | const |
Decide whether a given storage location could be an input parameter.
If the input is locked, check if the location matches one of the current parameters. Otherwise, check if the location could be a parameter based on the prototype model.
- Parameters
-
addr is the starting address of the given storage location size is the number of bytes in the storage
- Returns
- false if the location is definitely not an input parameter
References AddrSpace::flags, ProtoParameter::getAddress(), ProtoParameter::getSize(), ProtoParameter::isTypeLocked(), and Address::justifiedContain().
Referenced by ActionDirectWrite::apply(), and ActionInputPrototype::apply().
| bool FuncProto::possibleOutputParam | ( | const Address & | addr, |
| int4 | size | ||
| ) | const |
Decide whether a given storage location could be a return value.
If the output is locked, check if the location matches the current return value. Otherwise, check if the location could be a return value based on the prototype model.
- Parameters
-
addr is the starting address of the given storage location size is the number of bytes in the storage
- Returns
- false if the location is definitely not the return value
References ProtoParameter::getAddress(), Datatype::getMetatype(), ProtoParameter::getSize(), ProtoParameter::getType(), Address::justifiedContain(), and TYPE_VOID.
Referenced by Heritage::guardCalls().
| void FuncProto::printRaw | ( | const string & | funcname, |
| ostream & | s | ||
| ) | const |
Print this prototype as a single line of text.
- Parameters
-
funcname is an identifier of the function using this prototype s is the output stream
| void FuncProto::resolveExtraPop | ( | void | ) |
Assuming this prototype is locked, calculate the extrapop.
If extrapop is unknown and this prototype is locked, try to directly calculate what the extrapop should be. This is really only designed to work with 32-bit x86 binaries.
References ProtoParameter::getAddress(), Address::getOffset(), ProtoParameter::getSize(), and IPTR_SPACEBASE.
| void FuncProto::resolveModel | ( | ParamActive * | active | ) |
If this has a merged model, pick the most likely model (from the merged set)
The given parameter trials are used to pick from among the merged ProtoModels and this prototype is changed (specialized) to the pick
- Parameters
-
active is the set of parameter trials to evaluate with
References ProtoModelMerged::selectModel().
Referenced by ActionActiveParam::apply(), and ActionInputPrototype::apply().
| void FuncProto::restoreXml | ( | const Element * | el, |
| Architecture * | glb | ||
| ) |
Restore this from an XML stream.
The backing store for the parameters must already be established using either setStore() or setInternal().
- Parameters
-
el is the <prototype> XML element glb is the Architecture owning the prototype
References ParameterPieces::addr, InjectPayload::CALLFIXUP_TYPE, Architecture::defaultfp, ProtoModel::extrapop_unknown, AddrSpace::flags, ParameterPieces::flags, ProtoParameter::getAddress(), Element::getAttributeName(), Element::getAttributeValue(), Element::getChildren(), Datatype::getMetatype(), Architecture::getModel(), Element::getName(), Element::getNumAttributes(), PcodeInjectLibrary::getPayloadId(), ProtoParameter::getType(), Address::isInvalid(), EffectRecord::killedbycall, Architecture::pcodeinjectlib, Address::restoreXml(), TypeFactory::restoreXmlType(), EffectRecord::return_address, ParameterPieces::type, TYPE_VOID, Architecture::types, EffectRecord::unaffected, and xml_readbool().
Referenced by Override::restoreXml(), and Funcdata::restoreXml().
| void FuncProto::saveXml | ( | ostream & | s | ) | const |
Save this to an XML stream as a <prototype> tag.
Save everything under the control of this prototype, which may not include input parameters, as these are typically controlled by the function's symbol table scope.
- Parameters
-
s is the output stream
References a_v(), a_v_b(), a_v_i(), ProtoModel::extrapop_unknown, AddrSpace::flags, ProtoParameter::getAddress(), PcodeInjectLibrary::getCallFixupName(), ProtoParameter::getSize(), ProtoParameter::getType(), ProtoParameter::isTypeLocked(), EffectRecord::killedbycall, VarnodeData::offset, Architecture::pcodeinjectlib, EffectRecord::return_address, Address::saveXml(), Datatype::saveXml(), AddrSpace::saveXmlAttributes(), VarnodeData::size, VarnodeData::space, and EffectRecord::unaffected.
Referenced by Funcdata::saveXml().
|
inline |
Toggle whether this prototype is a constructor method.
- Parameters
-
val is true if this is a constructor, false otherwise
|
inline |
Toggle whether this prototype is a destructor method.
- Parameters
-
val is true if this is a destructor
|
inline |
Toggle the in-line setting for functions with this prototype.
In-lining can be based on a call-fixup, or the full body of the function can be in-lined.
- Parameters
-
val is true if in-lining should be performed.
Referenced by OptionInline::apply().
|
inline |
Toggle the input error setting for this prototype.
- Parameters
-
val is true if input parameters should be marked as in error
Referenced by FuncCallSpecs::forceSet().
| void FuncProto::setInputLock | ( | bool | val | ) |
Toggle the data-type lock on input parameters.
The lock on the data-type of input parameters is set as specified. A true value indicates that future analysis will not change the number of input parameters or their data-type. Zero parameters or void can be locked.
- Parameters
-
val is true to indicate a lock, false for unlocked
References AddrSpace::flags, and ProtoParameter::setTypeLock().
Referenced by FuncCallSpecs::forceSet().
| void FuncProto::setInternal | ( | ProtoModel * | m, |
| Datatype * | vt | ||
| ) |
Set internal backing storage for this.
A prototype model is set, and any parameters added to this during analysis will be backed internally.
- Parameters
-
m is the prototype model to set vt is the default void data-type to use if the return-value remains unassigned
Referenced by ActionDefaultParams::apply(), and Override::restoreXml().
| void FuncProto::setModel | ( | ProtoModel * | m | ) |
Set the prototype model for this.
Establish a specific prototype model for this function prototype. Some basic properties are inherited from the model, otherwise parameters are unchanged.
- Parameters
-
m is the new prototype model to set
References ProtoModel::extrapop_unknown, AddrSpace::flags, ProtoModel::getExtraPop(), ProtoModel::hasThisPointer(), and ProtoModel::isConstructor().
Referenced by ActionPrototypeTypes::apply(), and ActionDefaultParams::apply().
|
inline |
Toggle the lock on the prototype model for this.
The prototype model can be locked while still leaving parameters unlocked. Parameter recovery will follow the rules of the locked model.
- Parameters
-
val is true to indicate a lock, false for unlocked
|
inline |
Toggle the no-return setting for functions with this prototype.
- Parameters
-
val is true to treat the function as never returning
Referenced by OptionNoReturn::apply().
|
inline |
Toggle the output error setting for this prototype.
- Parameters
-
val is true if return value should be marked as in error
Referenced by FuncCallSpecs::forceSet().
| void FuncProto::setOutputLock | ( | bool | val | ) |
Toggle the data-type lock on the return value.
The lock of the data-type of the return value is set as specified. A true value indicates that future analysis will not change the presence of or the data-type of the return value. A void return value can be locked.
- Parameters
-
val is true to indicate a lock, false for unlocked
References AddrSpace::flags.
| void FuncProto::setPieces | ( | const PrototypePieces & | pieces | ) |
Set this prototype based on raw pieces.
The full function prototype is (re)set from a model, names, and data-types The new input and output parameters are both assumed to be locked.
- Parameters
-
pieces is the raw collection of names and data-types
References PrototypePieces::dotdotdot, PrototypePieces::innames, PrototypePieces::intypes, PrototypePieces::model, and PrototypePieces::outtype.
Referenced by Architecture::setPrototype().
| bool FuncProto::setReturnBytesConsumed | ( | int4 | val | ) |
Set the number of bytes consumed by callers of this.
This value can be used as a hint as to how much of the return value is important and is used to inform the dead code consume algorithm.
- Parameters
-
val is the estimated number of bytes or 0
- Returns
- true if the value was changed
Referenced by RulePiecePathology::tracePathologyForward().
Set a backing symbol Scope for this.
Input parameters are set based on an existing function Scope and if there is no prototype model the default model is set. Parameters that are added to this during analysis will automatically be reflected in the symbol table. This should only be called during initialization of this prototype.
- Parameters
-
s is the Scope to set startpoint is a usepoint to associate with the parameters
References Architecture::defaultfp, and Scope::getArch().
Referenced by Funcdata::Funcdata(), and Funcdata::restoreXml().
| bool FuncProto::unjustifiedInputParam | ( | const Address & | addr, |
| int4 | size, | ||
| VarnodeData & | res | ||
| ) | const |
Check if the given storage location looks like an unjustified input parameter.
The storage for a value may be contained in a normal parameter location but be unjustified within that container, i.e. the least significant bytes are not being used. If this is the case, pass back the full parameter location and return true. If the input is locked, checking is againt the set parameters, otherwise the check is against the prototype model.
- Parameters
-
addr is the starting address of the given storage size is the number of bytes in the given storage res is the full parameter storage to pass back
- Returns
- true if the given storage is unjustified within its parameter container
References AddrSpace::flags, ProtoParameter::getAddress(), Address::getOffset(), ProtoParameter::getSize(), Address::getSpace(), ProtoParameter::isTypeLocked(), Address::justifiedContain(), VarnodeData::offset, VarnodeData::size, and VarnodeData::space.
| void FuncProto::updateAllTypes | ( | const vector< string > & | namelist, |
| const vector< Datatype * > & | typelist, | ||
| bool | dtdtdt | ||
| ) |
Set this entire function prototype based on a list of names and data-types.
Prototype information is provided as separate lists of names and data-types, where the first entry corresponds to the output parameter (return value) and the remaining entries correspond to input parameters. Storage locations and hidden return parameters are calculated, creating a complete function protototype. Existing locks are overridden.
- Parameters
-
namelist is the list of parameter names typelist is the list of data-types dtdtdt is true if the new prototype accepts variable argument lists
References AddrSpace::flags, and ParameterPieces::hiddenretparm.
| void FuncProto::updateInputNoTypes | ( | Funcdata & | data, |
| const vector< Varnode * > & | triallist, | ||
| ParamActive * | activeinput | ||
| ) |
Update input parameters based on Varnode trials, but do not store the data-type.
This is accomplished in the same way as if there were data-types but instead of pulling a data-type from the Varnode, only the size is used. Undefined data-types are pulled from the given TypeFactory
- Parameters
-
data is the function containing the trial Varnodes triallist is the list of Varnodes activeinput is the trial container
References ParameterPieces::addr, Funcdata::findDisjointCover(), ParameterPieces::flags, Funcdata::getArch(), TypeFactory::getBase(), ParamActive::getNumTrials(), Varnode::getSize(), ParamActive::getTrial(), Varnode::isMark(), Varnode::isPersist(), Varnode::setMark(), ParameterPieces::type, TYPE_UNKNOWN, and Architecture::types.
Referenced by ActionInputPrototype::apply().
| void FuncProto::updateInputTypes | ( | Funcdata & | data, |
| const vector< Varnode * > & | triallist, | ||
| ParamActive * | activeinput | ||
| ) |
Update input parameters based on Varnode trials.
If the input parameters are locked, don't do anything. Otherwise, given a list of Varnodes and their associated trial information, create an input parameter for each trial in order, grabbing data-type information from the Varnode. Any old input parameters are cleared.
- Parameters
-
data is the function containing the trial Varnodes triallist is the list of Varnodes activeinput is the trial container
References ParameterPieces::addr, Funcdata::findDisjointCover(), ParameterPieces::flags, Funcdata::getArch(), TypeFactory::getBase(), Varnode::getHigh(), ParamActive::getNumTrials(), Varnode::getSize(), ParamActive::getTrial(), HighVariable::getType(), Varnode::isMark(), Varnode::isPersist(), Varnode::setMark(), ParameterPieces::type, TYPE_UNKNOWN, and Architecture::types.
Referenced by ActionInputPrototype::apply().
| void FuncProto::updateOutputNoTypes | ( | const vector< Varnode * > & | triallist, |
| TypeFactory * | factory | ||
| ) |
Update the return value based on Varnode trials, but don't store the data-type.
If the output parameter is locked, don't do anything. Otherwise, given a list of (at most 1) Varnode, create a return value, grabbing size information from the Varnode. An undefined data-type is created from the given TypeFactory. Any old return value is removed.
- Parameters
-
triallist is the list of Varnodes factory is the given TypeFactory
References ParameterPieces::addr, ParameterPieces::flags, TypeFactory::getBase(), ParameterPieces::type, and TYPE_UNKNOWN.
Referenced by ActionOutputPrototype::apply().
| void FuncProto::updateOutputTypes | ( | const vector< Varnode * > & | triallist | ) |
Update the return value based on Varnode trials.
If the output parameter is locked, don't do anything. Otherwise, given a list of (at most 1) Varnode, create a return value, grabbing data-type information from the Varnode. Any old return value is removed.
- Parameters
-
triallist is the list of Varnodes
References ParameterPieces::addr, ParameterPieces::flags, ProtoParameter::getAddress(), ProtoParameter::getSize(), AddrSpace::getType(), ProtoParameter::isSizeTypeLocked(), ProtoParameter::isTypeLocked(), ProtoParameter::overrideSizeLockType(), and ParameterPieces::type.
Referenced by ActionOutputPrototype::apply().
|
private |
Make sure any "this" parameter is properly marked.
This is called after a new prototype is established (via restoreXml or updateAllTypes) It makes sure that if the ProtoModel calls for a "this" parameter, then the appropriate parameter is explicitly marked as the "this".
References ProtoParameter::isHiddenReturn(), and ProtoParameter::setThisPointer().
The documentation for this class was generated from the following files:
- fspec.hh
- fspec.cc
