A container of commands that override the decompiler's default behavior for a single function. More...

#include <override.hh>

Public Types
enum	{ NONE = 0, BRANCH = 1, CALL = 2, CALL_RETURN = 3, RETURN = 4 }
	Enumeration of possible branch overrides. More...

Public Member Functions
	~Override (void)
	Destructor.

void	insertForceGoto (const Address &targetpc, const Address &destpc)
	Force a specific branch instruction to be an unstructured goto. More...

void	insertDeadcodeDelay (AddrSpace *spc, int4 delay)
	Override the number of passes that are executed before dead-code elimination starts. More...

bool	hasDeadcodeDelay (AddrSpace *spc) const
	Check if a delay override is already installed for an address space. More...

void	insertIndirectOverride (const Address &callpoint, const Address &directcall)
	Override an indirect call turning it into a direct call. More...

void	insertProtoOverride (const Address &callpoint, FuncProto *p)
	Override the assumed function prototype at a specific call site. More...

void	insertMultistageJump (const Address &addr)
	Flag an indirect jump for multistage analysis. More...

void	insertFlowOverride (const Address &addr, uint4 type)
	Mark a branch instruction with a different flow type. More...

void	applyPrototype (Funcdata &data, FuncCallSpecs &fspecs) const
	Look for and apply a function prototype override. More...

void	applyIndirect (Funcdata &data, FuncCallSpecs &fspecs) const
	Look for and apply destination overrides of indirect calls. More...

bool	queryMultistageJumptable (const Address &addr) const
	Check for a multistage marker for a specific indirect jump. More...

void	applyDeadCodeDelay (Funcdata &data) const
	Apply any dead-code delay overrides. More...

void	applyForceGoto (Funcdata &data) const
	Push all the force-goto overrides into the function. More...

bool	hasFlowOverride (void) const
	Are there any flow overrides.

uint4	getFlowOverride (const Address &addr) const
	Return the particular flow override at a given address. More...

void	printRaw (ostream &s, Architecture *glb) const
	Dump a description of the overrides to stream. More...

void	generateOverrideMessages (vector< string > &messagelist, Architecture *glb) const
	Create warning messages that describe current overrides. More...

void	saveXml (ostream &s, Architecture *glb) const
	Write the override commands to an XML stream. More...

void	restoreXml (const Element el, Architecture glb)
	Read in override commands from XML. More...

Static Public Member Functions
static string	typeToString (uint4 tp)
	Convert a flow override type to a string. More...

static uint4	stringToType (const string &nm)
	Convert a string to a flow override type. More...

Private Member Functions
void	clear (void)
	Clear the entire set of overrides.

Static Private Member Functions
static string	generateDeadcodeDelayMessage (int4 index, Architecture *glb)
	Generate warning message related to a dead code delay. More...

Private Attributes
map< Address, Address >	forcegoto
	Force goto on jump at targetpc to destpc.

vector< int4 >	deadcodedelay
	Delay count indexed by address space.

map< Address, Address >	indirectover
	Override indirect at call-point into direct to addr.

map< Address, FuncProto * >	protoover
	Override prototype at call-point.

vector< Address >	multistagejump
	Addresses of indirect jumps that need multistage recovery.

map< Address, uint4 >	flowoverride
	Override the CALL <-> BRANCH.

Detailed Description

A container of commands that override the decompiler's default behavior for a single function.

Information about a particular function that can be overridden includes:

sub-functions: How they are called and where they call to
jumptables: Mark indirect jumps that need multistage analysis
deadcode: Details about how dead code is eliminated
data-flow: Override the interpretation of specific branch instructions

Commands exist independently of the main data-flow, control-flow, and symbol structures and survive decompilation restart. A few analyses, mid transformation, insert a new command to fix a problem that was discovered too late and then force a restart via Funcdata::setRestartPending()

The class accept new commands via the insert* methods. The decompiler applies them by calling the apply* or get* methods.

Member Enumeration Documentation

anonymous enum

Enumeration of possible branch overrides.

Enumerator
NONE	No override.
BRANCH	Replace primary CALL or RETURN with suitable BRANCH operation.
CALL	Replace primary BRANCH or RETURN with suitable CALL operation.
CALL_RETURN	Replace primary BRANCH or RETURN with suitable CALL/RETURN operation.
RETURN	Replace primary BRANCH or CALL with a suitable RETURN operation.

Member Function Documentation

void Override::applyDeadCodeDelay ( Funcdata & data ) const

Apply any dead-code delay overrides.

Look for delays of each address space and apply them to the Heritage object

Parameters

data	is the function

References deadcodedelay, Funcdata::getArch(), AddrSpaceManager::getSpace(), and Funcdata::setDeadCodeDelay().

Referenced by Funcdata::startProcessing(), and ~Override().

void Override::applyForceGoto ( Funcdata & data ) const

Push all the force-goto overrides into the function.

Parameters

data	is the function

References forcegoto, and Funcdata::forceGoto().

Referenced by ActionForceGoto::apply(), and ~Override().

void Override::applyIndirect	(	Funcdata &	data,
		FuncCallSpecs &	fspecs
	)		const

Look for and apply destination overrides of indirect calls.

Given an indirect call, look for any overrides, then copy in the overriding target address of the direct call

Parameters

data	is (calling) function
fspecs	is a reference to the call specification

References PcodeOp::getAddr(), FuncCallSpecs::getOp(), indirectover, and FuncCallSpecs::setAddress().

Referenced by FlowInfo::setupCallindSpecs(), and ~Override().

void Override::applyPrototype	(	Funcdata &	data,
		FuncCallSpecs &	fspecs
	)		const

Look for and apply a function prototype override.

Given a call point, look for a prototype override and copy the call specification in

Parameters

data	is the (calling) function
fspecs	is a reference to the call specification

References FuncProto::copy(), PcodeOp::getAddr(), FuncCallSpecs::getOp(), and protoover.

Referenced by FlowInfo::setupCallindSpecs(), FlowInfo::setupCallSpecs(), and ~Override().

string Override::generateDeadcodeDelayMessage	(	int4	index,
		Architecture *	glb
	)

staticprivate

Generate warning message related to a dead code delay.

This is triggered by the insertDeadcodeDelay() command on a specific address space

Parameters

index	is the index of the address space
glb	is the Architecture object

Returns: the generated message

References AddrSpace::getName(), and AddrSpaceManager::getSpace().

Referenced by generateOverrideMessages().

void Override::generateOverrideMessages	(	vector< string > &	messagelist,
		Architecture *	glb
	)		const

Create warning messages that describe current overrides.

Message are designed to be displayed in the function header comment

Parameters

messagelist	will hold the generated list of messages
glb	is the Architecture

References deadcodedelay, and generateDeadcodeDelayMessage().

Referenced by ActionPrototypeWarnings::apply(), and hasFlowOverride().

uint4 Override::getFlowOverride ( const Address & addr ) const

Return the particular flow override at a given address.

Parameters

addr	is the address of a branch instruction

Returns: the override type

References flowoverride, and NONE.

Referenced by hasFlowOverride(), and FlowInfo::processInstruction().

bool Override::hasDeadcodeDelay ( AddrSpace * spc ) const

Check if a delay override is already installed for an address space.

Parameters

spc	is the address space

Returns: true if an override has already been installed

References deadcodedelay, AddrSpace::getDeadcodeDelay(), and AddrSpace::getIndex().

Referenced by ~Override().

void Override::insertDeadcodeDelay	(	AddrSpace *	spc,
		int4	delay
	)

Override the number of passes that are executed before dead-code elimination starts.

Every address space has an assigned delay (which may be zero) before a PcodeOp involving a Varnode in that address space can be eliminated. This command allows the delay for a specific address space to be increased so that new Varnode accesses can be discovered.

Parameters

spc	is the address space to modify
delay	is the size of the delay (in passes)

References deadcodedelay, and AddrSpace::getIndex().

Referenced by restoreXml(), and ~Override().

void Override::insertFlowOverride	(	const Address &	addr,
		uint4	type
	)

Mark a branch instruction with a different flow type.

Change the interpretation of a BRANCH, CALL, or RETURN

Parameters

addr	is the address of the branch instruction
type	is the type of flow that should be forced

References flowoverride.

Referenced by Architecture::restoreFlowOverride(), restoreXml(), and ~Override().

void Override::insertForceGoto	(	const Address &	targetpc,
		const Address &	destpc
	)

Force a specific branch instruction to be an unstructured goto.

The command is specified as the address of the branch instruction and the destination address of the branch. The decompiler will automatically mark this as a unstructured, when trying to structure the control-flow

Parameters

targetpc	is the address of the branch instruction
destpc	is the destination address of the branch

References forcegoto.

Referenced by restoreXml(), and ~Override().

void Override::insertIndirectOverride	(	const Address &	callpoint,
		const Address &	directcall
	)

Override an indirect call turning it into a direct call.

The command consists of the address of the indirect call instruction and the target address of the direct address

Parameters

callpoint	is the address of the indirect call
directcall	is the target address of the direct call

References indirectover.

Referenced by FuncCallSpecs::deindirect(), restoreXml(), and ~Override().

void Override::insertMultistageJump ( const Address & addr )

Flag an indirect jump for multistage analysis.

Parameters

addr	is the address of the indirect jump

References multistagejump.

Referenced by ActionSwitchNorm::apply(), restoreXml(), and ~Override().

void Override::insertProtoOverride	(	const Address &	callpoint,
		FuncProto *	p
	)

Override the assumed function prototype at a specific call site.

The exact input and output storage locations are overridden for a specific call instruction (direct or indirect).

Parameters

callpoint	is the address of the call instruction
p	is the overriding function prototype

References protoover, and FuncProto::setOverride().

Referenced by FuncCallSpecs::forceSet(), restoreXml(), and ~Override().

void Override::printRaw	(	ostream &	s,
		Architecture *	glb
	)		const

Dump a description of the overrides to stream.

Give a description of each override, one per line, that is suitable for debug

Parameters

s	is the output stream
glb	is the Architecture

References deadcodedelay, forcegoto, AddrSpace::getName(), AddrSpaceManager::getSpace(), and protoover.

Referenced by hasFlowOverride().

bool Override::queryMultistageJumptable ( const Address & addr ) const

Check for a multistage marker for a specific indirect jump.

Given the address of an indirect jump, look for the multistate command

Parameters

addr	is the address of the indirect jump

References multistagejump.

Referenced by JumpTable::checkForMultistage(), and ~Override().

void Override::restoreXml	(	const Element *	el,
		Architecture *	glb
	)

Read in override commands from XML.

Parameters

el	is the root <override> element
glb	is the Architecture

References Architecture::defaultfp, Element::getAttributeValue(), Element::getChildren(), Element::getName(), AddrSpaceManager::getSpaceByName(), TypeFactory::getTypeVoid(), insertDeadcodeDelay(), insertFlowOverride(), insertForceGoto(), insertIndirectOverride(), insertMultistageJump(), insertProtoOverride(), Address::isInvalid(), NONE, Address::restoreXml(), FuncProto::restoreXml(), FuncProto::setInternal(), stringToType(), and Architecture::types.

Referenced by hasFlowOverride(), and Funcdata::restoreXml().

void Override::saveXml	(	ostream &	s,
		Architecture *	glb
	)		const

Write the override commands to an XML stream.

All the commands are written as sub-tags of a root <override> tag.

Parameters

s	is the output stream
glb	is the Architecture

References a_v(), a_v_i(), deadcodedelay, flowoverride, forcegoto, AddrSpace::getName(), AddrSpaceManager::getSpace(), indirectover, multistagejump, protoover, and typeToString().

Referenced by hasFlowOverride(), and Funcdata::saveXml().

uint4 Override::stringToType ( const string & nm )

static

Convert a string to a flow override type.

Parameters

nm	is the override name

Returns: the override enumeration type

References BRANCH, CALL, CALL_RETURN, NONE, and RETURN.

Referenced by hasFlowOverride(), Architecture::restoreFlowOverride(), and restoreXml().

string Override::typeToString ( uint4 tp )

static

Convert a flow override type to a string.

Parameters

tp	is the override type

Returns: the corresponding name string

References BRANCH, CALL, CALL_RETURN, and RETURN.

Referenced by hasFlowOverride(), and saveXml().

The documentation for this class was generated from the following files:

override.hh
override.cc

Public Types

Public Member Functions

Static Public Member Functions

Private Member Functions

Static Private Member Functions

Private Attributes

Detailed Description

Member Enumeration Documentation

Member Function Documentation