1 #ifndef ROSE_Partitioner2_BasicTypes_H
2 #define ROSE_Partitioner2_BasicTypes_H
4 #include <rosePublicConfig.h>
5 #ifdef ROSE_BUILD_BINARY_ANALYSIS_SUPPORT
7 #include <boost/filesystem.hpp>
8 #include <boost/foreach.hpp>
9 #include <boost/regex.hpp>
10 #include <boost/serialization/access.hpp>
11 #include <boost/serialization/nvp.hpp>
12 #include <boost/serialization/version.hpp>
19 #define ROSE_PARTITIONER_EXPENSIVE_CHECKS 0
23 namespace Partitioner2 {
36 namespace AllowParallelEdges {
130 friend class boost::serialization::access;
133 void serialize(S &s,
unsigned version) {
134 s & BOOST_SERIALIZATION_NVP(allowEmptyGlobalBlock);
135 s & BOOST_SERIALIZATION_NVP(allowFunctionWithNoBasicBlocks);
136 s & BOOST_SERIALIZATION_NVP(allowEmptyBasicBlocks);
137 s & BOOST_SERIALIZATION_NVP(copyAllInstructions);
143 : allowEmptyGlobalBlock(false), allowFunctionWithNoBasicBlocks(false), allowEmptyBasicBlocks(false),
144 copyAllInstructions(true) {}
242 : deExecuteZerosThreshold(0), deExecuteZerosLeaveAtFront(16), deExecuteZerosLeaveAtBack(1),
243 memoryDataAdjustment(
DATA_IS_INITIALIZED), memoryIsExecutable(false), linkObjectFiles(true),
244 linkStaticArchives(true), linker(
"ld -o %o --unresolved-symbols=ignore-all --whole-archive %f") {}
247 friend class boost::serialization::access;
250 void serialize(S &s,
unsigned version) {
251 s & BOOST_SERIALIZATION_NVP(deExecuteZerosThreshold);
252 s & BOOST_SERIALIZATION_NVP(deExecuteZerosLeaveAtFront);
253 s & BOOST_SERIALIZATION_NVP(deExecuteZerosLeaveAtBack);
254 s & BOOST_SERIALIZATION_NVP(memoryDataAdjustment);
255 s & BOOST_SERIALIZATION_NVP(memoryIsExecutable);
257 s & BOOST_SERIALIZATION_NVP(envEraseNames);
258 s & BOOST_SERIALIZATION_NVP(envInsert);
261 std::vector<std::string> reStrings;
262 BOOST_FOREACH (
const boost::regex &re, envErasePatterns)
263 reStrings.push_back(re.str());
264 s & BOOST_SERIALIZATION_NVP(reStrings);
265 if (envErasePatterns.empty()) {
266 BOOST_FOREACH (
const std::string &reStr, reStrings)
267 envErasePatterns.push_back(
boost::regex(reStr));
282 friend class boost::serialization::access;
285 void serialize(S &s,
unsigned version) {
286 s & BOOST_SERIALIZATION_NVP(isaName);
315 friend class boost::serialization::access;
318 void serialize(S &s,
const unsigned version) {
319 s & BOOST_SERIALIZATION_NVP(usingSemantics);
320 s & BOOST_SERIALIZATION_NVP(checkingCallBranch);
321 s & BOOST_SERIALIZATION_NVP(basicBlockSemanticsAutoDrop);
323 s & BOOST_SERIALIZATION_NVP(ignoringUnknownInsns);
328 : usingSemantics(false), checkingCallBranch(false), basicBlockSemanticsAutoDrop(true), ignoringUnknownInsns(false) {}
388 friend class boost::serialization::access;
391 void serialize(S &s,
unsigned version) {
392 s & BOOST_SERIALIZATION_NVP(base);
393 s & BOOST_SERIALIZATION_NVP(functionStartingVas);
394 s & BOOST_SERIALIZATION_NVP(followingGhostEdges);
395 s & BOOST_SERIALIZATION_NVP(discontiguousBlocks);
396 s & BOOST_SERIALIZATION_NVP(maxBasicBlockSize);
398 s & BOOST_SERIALIZATION_NVP(ipRewrites);
399 s & BOOST_SERIALIZATION_NVP(findingFunctionPadding);
400 s & BOOST_SERIALIZATION_NVP(findingDeadCode);
401 s & BOOST_SERIALIZATION_NVP(peScramblerDispatcherVa);
403 s & BOOST_SERIALIZATION_NVP(findingIntraFunctionCode);
406 if (S::is_saving::value)
407 temp = findingIntraFunctionCode > 0;
408 s & boost::serialization::make_nvp(
"findingIntraFunctionCode", temp);
409 if (S::is_loading::value)
410 findingIntraFunctionCode = temp ? 10 : 0;
412 s & BOOST_SERIALIZATION_NVP(findingIntraFunctionData);
413 s & BOOST_SERIALIZATION_NVP(findingInterFunctionCalls);
415 s & BOOST_SERIALIZATION_NVP(findingFunctionCallFunctions);
417 s & BOOST_SERIALIZATION_NVP(findingEntryFunctions);
418 s & BOOST_SERIALIZATION_NVP(findingErrorFunctions);
419 s & BOOST_SERIALIZATION_NVP(findingImportFunctions);
420 s & BOOST_SERIALIZATION_NVP(findingExportFunctions);
421 s & BOOST_SERIALIZATION_NVP(findingSymbolFunctions);
423 s & BOOST_SERIALIZATION_NVP(interruptVector);
424 s & BOOST_SERIALIZATION_NVP(doingPostAnalysis);
425 s & BOOST_SERIALIZATION_NVP(doingPostFunctionMayReturn);
426 s & BOOST_SERIALIZATION_NVP(doingPostFunctionStackDelta);
427 s & BOOST_SERIALIZATION_NVP(doingPostCallingConvention);
428 s & BOOST_SERIALIZATION_NVP(doingPostFunctionNoop);
429 s & BOOST_SERIALIZATION_NVP(functionReturnAnalysis);
431 s & BOOST_SERIALIZATION_NVP(functionReturnAnalysisMaxSorts);
432 s & BOOST_SERIALIZATION_NVP(findingDataFunctionPointers);
433 s & BOOST_SERIALIZATION_NVP(findingCodeFunctionPointers);
434 s & BOOST_SERIALIZATION_NVP(findingThunks);
435 s & BOOST_SERIALIZATION_NVP(splittingThunks);
436 s & BOOST_SERIALIZATION_NVP(semanticMemoryParadigm);
437 s & BOOST_SERIALIZATION_NVP(namingConstants);
438 s & BOOST_SERIALIZATION_NVP(namingStrings);
439 s & BOOST_SERIALIZATION_NVP(demangleNames);
441 s & BOOST_SERIALIZATION_NVP(namingSyscalls);
446 if (S::is_saving::value)
447 temp = syscallHeader.string();
448 s & boost::serialization::make_nvp(
"syscallHeader", temp);
449 if (S::is_loading::value)
450 syscallHeader = temp;
455 PartitionerSettings()
456 : followingGhostEdges(false), discontiguousBlocks(true), maxBasicBlockSize(0), findingFunctionPadding(true),
457 findingDeadCode(true), peScramblerDispatcherVa(0), findingIntraFunctionCode(10), findingIntraFunctionData(true),
458 findingInterFunctionCalls(true), findingFunctionCallFunctions(true), findingEntryFunctions(true),
459 findingErrorFunctions(true), findingImportFunctions(true), findingExportFunctions(true), findingSymbolFunctions(true),
460 doingPostAnalysis(true), doingPostFunctionMayReturn(true), doingPostFunctionStackDelta(true),
461 doingPostCallingConvention(false), doingPostFunctionNoop(false), functionReturnAnalysis(
MAYRETURN_DEFAULT_YES),
462 functionReturnAnalysisMaxSorts(50), findingDataFunctionPointers(false), findingCodeFunctionPointers(false),
463 findingThunks(true), splittingThunks(false), semanticMemoryParadigm(
LIST_BASED_MEMORY), namingConstants(true),
464 namingStrings(true), namingSyscalls(true), demangleNames(true) {}
478 : exitOnError(true) {}
481 friend class boost::serialization::access;
484 void serialize(S &s,
unsigned version) {
485 s & BOOST_SERIALIZATION_NVP(configurationNames);
486 s & BOOST_SERIALIZATION_NVP(exitOnError);
bool findingInterFunctionCalls
Look for function calls between functions.
Edge is a function call transfer.
bool splittingThunks
Split thunks into their own separate functions.
bool memoryIsExecutable
Determines whether all of memory should be made executable.
bool linkStaticArchives
Link static libraries before parsing.
Settings for controling the engine behavior.
bool findingExportFunctions
Create functions at export addresses.
MemoryDataAdjustment
How the partitioner should globally treat memory.
bool findingDataFunctionPointers
Look for function pointers in static data.
Edge is a function return.
Assume a function returns if the may-return analysis cannot decide whether it may return...
Allow parallel edges, so each edge has a unit count.
std::string isaName
Name of the instruction set architecture.
bool doingPostFunctionStackDelta
Run function-stack-delta analysis if doingPostAnalysis is set?
EdgeType
Partitioner control flow edge types.
rose_addr_t peScramblerDispatcherVa
Run the PeDescrambler module if non-zero.
Settings that control the disassembler.
Treat all memory as if it were initialized.
size_t deExecuteZerosLeaveAtBack
Number of bytes at the end of each zero area to leave unaffected.
bool copyAllInstructions
Whether to allow shared instructions in the AST.
Special vertex destination for indeterminate edges.
static AstConstructionSettings permissive()
Default permissive settings.
Enum type for allowing parallel edges.
Settings that directly control a partitioner.
High precision, but slow.
bool doingPostFunctionNoop
Find and name functions that are effectively no-ops.
Assume that all functions return without ever running the may-return analysis.
bool namingSyscalls
Give names (comments) to system calls if possible.
bool followingGhostEdges
Should ghost edges be followed during disassembly? A ghost edge is a CFG edge that is apparent from t...
Main namespace for the ROSE library.
bool doingPostCallingConvention
Run calling-convention analysis if doingPostAnalysis is set?
Settings for loading specimens.
std::vector< rose_addr_t > functionStartingVas
Addresses at which to start recursive disassembly.
bool linkObjectFiles
Link object files before parsing.
VertexType
Partitioner control flow vertex types.
Settings that control building the AST.
static AstConstructionSettings strict()
Default strict settings.
bool discontiguousBlocks
Should basic blocks be allowed to be discontiguous.
bool allowEmptyGlobalBlock
Whether to allow an empty global block.
bool namingStrings
Give labels to constants that are string literal addresses.
size_t functionReturnAnalysisMaxSorts
Number of times functions are sorted before using unsorted lists.
Sawyer::SharedPointer< Function > FunctionPtr
Shared-ownership pointer for function.
FunctionReturnAnalysis functionReturnAnalysis
How to run the function may-return analysis.
bool demangleNames
Run all names through a demangling step.
std::vector< std::string > configurationNames
List of configuration files and/or directories.
std::vector< rose_addr_t > ipRewrites
Pairs of addresses for rewriting CFG edges.
bool doingPostFunctionMayReturn
Run function-may-return analysis if doingPostAnalysis is set?
bool ignoringUnknownInsns
Whether to ignore unkonwn insns when extending basic blocks.
The special "undiscovered" vertex.
bool findingErrorFunctions
Create functions from error handling and exception information.
std::vector< std::string > envInsert
List of environment variable names and values to be inserted before launching a "run:" specimen...
The value is an assumption without any proof.
Settings that control the engine partitioning.
Confidence
How sure are we of something.
bool doingPostAnalysis
Perform enabled post-partitioning analyses?
size_t findingIntraFunctionCode
Suck up unused addresses as intra-function code (number of passes).
Do not make any global changes to the memory map.
bool findingThunks
Look for common thunk patterns in undiscovered areas.
bool findingImportFunctions
Create functions at import addresses.
A basic block or placeholder for a basic block.
SemanticMemoryParadigm
Organization of semantic memory.
Edge is a function return from the call site.
Normal control flow edge, nothing special.
MemoryDataAdjustment memoryDataAdjustment
How to globally adjust memory segment access bits for data areas.
FunctionReturnAnalysis
Controls whether the function may-return analysis runs.
size_t deExecuteZerosLeaveAtFront
Number of bytes at the beginning of each zero area to leave unaffected.
The value was somehow proved.
bool findingEntryFunctions
Create functions at the program entry point(s).
bool findingDeadCode
Look for unreachable basic blocks?
SemanticMemoryParadigm semanticMemoryParadigm
Container used for semantic memory states.
bool checkingCallBranch
Check for situations where CALL is used as a branch.
bool allowEmptyBasicBlocks
Whether to allow a basic block to be empty.
bool usingSemantics
Whether instruction semantics are used.
Treat all memory as if it were constant.
bool findingSymbolFunctions
Create functions according to symbol tables.
bool exitOnError
If true, emit error message and exit non-zero, else throw.
std::vector< boost::regex > envErasePatterns
List of regular expressions for removing environment variables before launching a "run:" specimen...
bool basicBlockSemanticsAutoDrop
Conserve memory by dropping semantics for attached basic blocks.
Assume a function cannot return if the may-return analysis cannot decide whether it may return...
bool namingConstants
Give names to constants by calling Modules::nameConstants.
size_t deExecuteZerosThreshold
Size threshold for removing execute permission from zero data.
std::vector< std::string > envEraseNames
List of environment variable names that should be removed before launching a "run:" specimen...
bool findingCodeFunctionPointers
Look for function pointers in instructions.
Special vertex destination for non-existing basic blocks.
bool findingIntraFunctionData
Suck up unused addresses as intra-function data.
List of thunk predicates.
Assume that a function cannot return without ever running the may-return analysis.
bool allowFunctionWithNoBasicBlocks
Whether to allow functions with no basic blocks.
AddressInterval interruptVector
Table of interrupt handling functions.
bool findingFunctionPadding
Look for padding before each function entry point?
std::string linker
Command to run to link object and archives.
bool findingFunctionCallFunctions
Create functions from function calls.
size_t maxBasicBlockSize
Maximum basic block size.
boost::filesystem::path syscallHeader
Name of header file containing system call numbers.
AstConstructionSettings()
Default constructor.
