1 #ifndef ROSE_Partitioner2_BasicTypes_H
2 #define ROSE_Partitioner2_BasicTypes_H
4 #include <boost/filesystem.hpp>
5 #include <boost/serialization/access.hpp>
6 #include <boost/serialization/nvp.hpp>
7 #include <boost/serialization/version.hpp>
14 #define ROSE_PARTITIONER_EXPENSIVE_CHECKS 0
18 namespace Partitioner2 {
31 namespace AllowParallelEdges {
125 friend class boost::serialization::access;
128 void serialize(S &s,
unsigned version) {
129 s & BOOST_SERIALIZATION_NVP(allowEmptyGlobalBlock);
130 s & BOOST_SERIALIZATION_NVP(allowFunctionWithNoBasicBlocks);
131 s & BOOST_SERIALIZATION_NVP(allowEmptyBasicBlocks);
132 s & BOOST_SERIALIZATION_NVP(copyAllInstructions);
138 : allowEmptyGlobalBlock(false), allowFunctionWithNoBasicBlocks(false), allowEmptyBasicBlocks(false),
139 copyAllInstructions(true) {}
228 : deExecuteZerosThreshold(0), deExecuteZerosLeaveAtFront(16), deExecuteZerosLeaveAtBack(1),
229 memoryDataAdjustment(
DATA_IS_INITIALIZED), memoryIsExecutable(false), linkObjectFiles(true),
230 linkStaticArchives(true), linker(
"ld -o %o --unresolved-symbols=ignore-all --whole-archive %f") {}
233 friend class boost::serialization::access;
236 void serialize(S &s,
unsigned version) {
237 s & BOOST_SERIALIZATION_NVP(deExecuteZerosThreshold);
238 s & BOOST_SERIALIZATION_NVP(deExecuteZerosLeaveAtFront);
239 s & BOOST_SERIALIZATION_NVP(deExecuteZerosLeaveAtBack);
240 s & BOOST_SERIALIZATION_NVP(memoryDataAdjustment);
241 s & BOOST_SERIALIZATION_NVP(memoryIsExecutable);
254 friend class boost::serialization::access;
257 void serialize(S &s,
unsigned version) {
258 s & BOOST_SERIALIZATION_NVP(isaName);
286 friend class boost::serialization::access;
289 void serialize(S &s,
const unsigned ) {
290 s & BOOST_SERIALIZATION_NVP(usingSemantics);
291 s & BOOST_SERIALIZATION_NVP(checkingCallBranch);
292 s & BOOST_SERIALIZATION_NVP(basicBlockSemanticsAutoDrop);
297 : usingSemantics(false), checkingCallBranch(false), basicBlockSemanticsAutoDrop(true) {}
356 friend class boost::serialization::access;
359 void serialize(S &s,
unsigned version) {
360 s & BOOST_SERIALIZATION_NVP(base);
361 s & BOOST_SERIALIZATION_NVP(startingVas);
362 s & BOOST_SERIALIZATION_NVP(followingGhostEdges);
363 s & BOOST_SERIALIZATION_NVP(discontiguousBlocks);
364 s & BOOST_SERIALIZATION_NVP(maxBasicBlockSize);
365 s & BOOST_SERIALIZATION_NVP(findingFunctionPadding);
366 s & BOOST_SERIALIZATION_NVP(findingDeadCode);
367 s & BOOST_SERIALIZATION_NVP(peScramblerDispatcherVa);
369 s & BOOST_SERIALIZATION_NVP(findingIntraFunctionCode);
372 if (S::is_saving::value)
373 temp = findingIntraFunctionCode > 0;
374 s & boost::serialization::make_nvp(
"findingIntraFunctionCode", temp);
375 if (S::is_loading::value)
376 findingIntraFunctionCode = temp ? 10 : 0;
378 s & BOOST_SERIALIZATION_NVP(findingIntraFunctionData);
379 s & BOOST_SERIALIZATION_NVP(findingInterFunctionCalls);
381 s & BOOST_SERIALIZATION_NVP(findingFunctionCallFunctions);
383 s & BOOST_SERIALIZATION_NVP(findingEntryFunctions);
384 s & BOOST_SERIALIZATION_NVP(findingErrorFunctions);
385 s & BOOST_SERIALIZATION_NVP(findingImportFunctions);
386 s & BOOST_SERIALIZATION_NVP(findingExportFunctions);
387 s & BOOST_SERIALIZATION_NVP(findingSymbolFunctions);
389 s & BOOST_SERIALIZATION_NVP(interruptVector);
390 s & BOOST_SERIALIZATION_NVP(doingPostAnalysis);
391 s & BOOST_SERIALIZATION_NVP(doingPostFunctionMayReturn);
392 s & BOOST_SERIALIZATION_NVP(doingPostFunctionStackDelta);
393 s & BOOST_SERIALIZATION_NVP(doingPostCallingConvention);
394 s & BOOST_SERIALIZATION_NVP(doingPostFunctionNoop);
395 s & BOOST_SERIALIZATION_NVP(functionReturnAnalysis);
397 s & BOOST_SERIALIZATION_NVP(functionReturnAnalysisMaxSorts);
398 s & BOOST_SERIALIZATION_NVP(findingDataFunctionPointers);
399 s & BOOST_SERIALIZATION_NVP(findingCodeFunctionPointers);
400 s & BOOST_SERIALIZATION_NVP(findingThunks);
401 s & BOOST_SERIALIZATION_NVP(splittingThunks);
402 s & BOOST_SERIALIZATION_NVP(semanticMemoryParadigm);
403 s & BOOST_SERIALIZATION_NVP(namingConstants);
404 s & BOOST_SERIALIZATION_NVP(namingStrings);
405 s & BOOST_SERIALIZATION_NVP(demangleNames);
407 s & BOOST_SERIALIZATION_NVP(namingSyscalls);
412 if (S::is_saving::value)
413 temp = syscallHeader.string();
414 s & boost::serialization::make_nvp(
"syscallHeader", temp);
415 if (S::is_loading::value)
416 syscallHeader = temp;
421 PartitionerSettings()
422 : followingGhostEdges(false), discontiguousBlocks(true), maxBasicBlockSize(0), findingFunctionPadding(true),
423 findingDeadCode(true), peScramblerDispatcherVa(0), findingIntraFunctionCode(10), findingIntraFunctionData(true),
424 findingInterFunctionCalls(true), findingFunctionCallFunctions(true), findingEntryFunctions(true),
425 findingErrorFunctions(true), findingImportFunctions(true), findingExportFunctions(true), findingSymbolFunctions(true),
426 doingPostAnalysis(true), doingPostFunctionMayReturn(true), doingPostFunctionStackDelta(true),
427 doingPostCallingConvention(false), doingPostFunctionNoop(false), functionReturnAnalysis(
MAYRETURN_DEFAULT_YES),
428 functionReturnAnalysisMaxSorts(50), findingDataFunctionPointers(false), findingCodeFunctionPointers(false),
429 findingThunks(true), splittingThunks(false), semanticMemoryParadigm(
LIST_BASED_MEMORY), namingConstants(true),
430 namingStrings(true), namingSyscalls(true), demangleNames(true) {}
444 : exitOnError(true) {}
447 friend class boost::serialization::access;
450 void serialize(S &s,
unsigned version) {
451 s & BOOST_SERIALIZATION_NVP(configurationNames);
452 s & BOOST_SERIALIZATION_NVP(exitOnError);
bool findingInterFunctionCalls
Look for function calls between functions.
Edge is a function call transfer.
bool splittingThunks
Split thunks into their own separate functions.
bool memoryIsExecutable
Determines whether all of memory should be made executable.
bool linkStaticArchives
Link static libraries before parsing.
Settings for controling the engine behavior.
std::vector< rose_addr_t > startingVas
Addresses at which to start recursive disassembly.
bool findingExportFunctions
Create functions at export addresses.
MemoryDataAdjustment
How the partitioner should globally treat memory.
bool findingDataFunctionPointers
Look for function pointers in static data.
Edge is a function return.
Assume a function returns if the may-return analysis cannot decide whether it may return...
Allow parallel edges, so each edge has a unit count.
std::string isaName
Name of the instruction set architecture.
bool doingPostFunctionStackDelta
Run function-stack-delta analysis if doingPostAnalysis is set?
EdgeType
Partitioner control flow edge types.
rose_addr_t peScramblerDispatcherVa
Run the PeDescrambler module if non-zero.
Settings that control the disassembler.
Treat all memory as if it were initialized.
size_t deExecuteZerosLeaveAtBack
Number of bytes at the end of each zero area to leave unaffected.
bool copyAllInstructions
Whether to allow shared instructions in the AST.
Special vertex destination for indeterminate edges.
static AstConstructionSettings permissive()
Default permissive settings.
Enum type for allowing parallel edges.
Settings that directly control a partitioner.
High precision, but slow.
bool doingPostFunctionNoop
Find and name functions that are effectively no-ops.
Assume that all functions return without ever running the may-return analysis.
bool namingSyscalls
Give names (comments) to system calls if possible.
bool followingGhostEdges
Should ghost edges be followed during disassembly? A ghost edge is a CFG edge that is apparent from t...
Main namespace for the ROSE library.
bool doingPostCallingConvention
Run calling-convention analysis if doingPostAnalysis is set?
Settings for loading specimens.
bool linkObjectFiles
Link object files before parsing.
VertexType
Partitioner control flow vertex types.
Settings that control building the AST.
static AstConstructionSettings strict()
Default strict settings.
bool discontiguousBlocks
Should basic blocks be allowed to be discontiguous.
bool allowEmptyGlobalBlock
Whether to allow an empty global block.
Reference-counting smart pointer.
bool namingStrings
Give labels to constants that are string literal addresses.
size_t functionReturnAnalysisMaxSorts
Number of times functions are sorted before using unsorted lists.
Sawyer::SharedPointer< Function > FunctionPtr
Shared-ownership pointer for function.
FunctionReturnAnalysis functionReturnAnalysis
How to run the function may-return analysis.
bool demangleNames
Run all names through a demangling step.
std::vector< std::string > configurationNames
List of configuration files and/or directories.
bool doingPostFunctionMayReturn
Run function-may-return analysis if doingPostAnalysis is set?
The special "undiscovered" vertex.
bool findingErrorFunctions
Create functions from error handling and exception information.
The value is an assumption without any proof.
Settings that control the engine partitioning.
Confidence
How sure are we of something.
bool doingPostAnalysis
Perform enabled post-partitioning analyses?
size_t findingIntraFunctionCode
Suck up unused addresses as intra-function code (number of passes).
Do not make any global changes to the memory map.
bool findingThunks
Look for common thunk patterns in undiscovered areas.
bool findingImportFunctions
Create functions at import addresses.
A basic block or placeholder for a basic block.
SemanticMemoryParadigm
Organization of semantic memory.
Edge is a function return from the call site.
Normal control flow edge, nothing special.
MemoryDataAdjustment memoryDataAdjustment
How to globally adjust memory segment access bits for data areas.
FunctionReturnAnalysis
Controls whether the function may-return analysis runs.
size_t deExecuteZerosLeaveAtFront
Number of bytes at the beginning of each zero area to leave unaffected.
The value was somehow proved.
bool findingEntryFunctions
Create functions at the program entry point(s).
bool findingDeadCode
Look for unreachable basic blocks?
SemanticMemoryParadigm semanticMemoryParadigm
Container used for semantic memory states.
bool checkingCallBranch
Check for situations where CALL is used as a branch.
bool allowEmptyBasicBlocks
Whether to allow a basic block to be empty.
bool usingSemantics
Whether instruction semantics are used.
Treat all memory as if it were constant.
bool findingSymbolFunctions
Create functions according to symbol tables.
bool exitOnError
If true, emit error message and exit non-zero, else throw.
bool basicBlockSemanticsAutoDrop
Conserve memory by dropping semantics for attached basic blocks.
Assume a function cannot return if the may-return analysis cannot decide whether it may return...
bool namingConstants
Give names to constants by calling Modules::nameConstants.
size_t deExecuteZerosThreshold
Size threshold for removing execute permission from zero data.
bool findingCodeFunctionPointers
Look for function pointers in instructions.
Special vertex destination for non-existing basic blocks.
bool findingIntraFunctionData
Suck up unused addresses as intra-function data.
List of thunk predicates.
Assume that a function cannot return without ever running the may-return analysis.
bool allowFunctionWithNoBasicBlocks
Whether to allow functions with no basic blocks.
AddressInterval interruptVector
Table of interrupt handling functions.
bool findingFunctionPadding
Look for padding before each function entry point?
std::string linker
Command to run to link object and archives.
bool findingFunctionCallFunctions
Create functions from function calls.
size_t maxBasicBlockSize
Maximum basic block size.
boost::filesystem::path syscallHeader
Name of header file containing system call numbers.
AstConstructionSettings()
Default constructor.
