1 #ifndef ROSE_BinaryAnalysis_Partitioner2_BasicTypes_H
2 #define ROSE_BinaryAnalysis_Partitioner2_BasicTypes_H
3 #include <featureTests.h>
4 #ifdef ROSE_ENABLE_BINARY_ANALYSIS
6 #include <boost/filesystem.hpp>
7 #include <boost/regex.hpp>
8 #include <boost/serialization/access.hpp>
9 #include <boost/serialization/nvp.hpp>
10 #include <boost/serialization/version.hpp>
11 #include <Sawyer/Graph.h>
12 #include <Sawyer/Map.h>
13 #include <Sawyer/Set.h>
21 #define ROSE_PARTITIONER_EXPENSIVE_CHECKS 0
24 namespace BinaryAnalysis {
25 namespace Partitioner2 {
38 namespace AllowParallelEdges {
132 friend class boost::serialization::access;
135 void serialize(S &s,
unsigned version) {
136 s & BOOST_SERIALIZATION_NVP(allowEmptyGlobalBlock);
137 s & BOOST_SERIALIZATION_NVP(allowFunctionWithNoBasicBlocks);
138 s & BOOST_SERIALIZATION_NVP(allowEmptyBasicBlocks);
139 s & BOOST_SERIALIZATION_NVP(copyAllInstructions);
260 std::string
linker =
"ld -o %o --unresolved-symbols=ignore-all --whole-archive %f";
282 friend class boost::serialization::access;
285 void serialize(S &s,
unsigned version) {
286 s & BOOST_SERIALIZATION_NVP(deExecuteZerosThreshold);
287 s & BOOST_SERIALIZATION_NVP(deExecuteZerosLeaveAtFront);
288 s & BOOST_SERIALIZATION_NVP(deExecuteZerosLeaveAtBack);
289 s & BOOST_SERIALIZATION_NVP(memoryDataAdjustment);
290 s & BOOST_SERIALIZATION_NVP(memoryIsExecutable);
292 s & BOOST_SERIALIZATION_NVP(envEraseNames);
293 s & BOOST_SERIALIZATION_NVP(envInsert);
296 std::vector<std::string> reStrings;
297 for (
const boost::regex &re: envErasePatterns)
298 reStrings.push_back(re.str());
299 s & BOOST_SERIALIZATION_NVP(reStrings);
300 if (envErasePatterns.empty()) {
301 for (
const std::string &reStr: reStrings)
302 envErasePatterns.push_back(boost::regex(reStr));
327 friend class boost::serialization::access;
330 void serialize(S &s,
unsigned version) {
332 s & BOOST_SERIALIZATION_NVP(doDisassemble);
333 s & BOOST_SERIALIZATION_NVP(isaName);
384 friend class boost::serialization::access;
387 void serialize(S &s,
const unsigned version) {
388 s & BOOST_SERIALIZATION_NVP(usingSemantics);
389 s & BOOST_SERIALIZATION_NVP(checkingCallBranch);
390 s & BOOST_SERIALIZATION_NVP(basicBlockSemanticsAutoDrop);
392 s & BOOST_SERIALIZATION_NVP(ignoringUnknownInsns);
655 friend class boost::serialization::access;
658 void serialize(S &s,
unsigned version) {
659 s & BOOST_SERIALIZATION_NVP(base);
660 s & BOOST_SERIALIZATION_NVP(functionStartingVas);
661 s & BOOST_SERIALIZATION_NVP(followingGhostEdges);
662 s & BOOST_SERIALIZATION_NVP(discontiguousBlocks);
663 s & BOOST_SERIALIZATION_NVP(maxBasicBlockSize);
665 s & BOOST_SERIALIZATION_NVP(ipRewrites);
666 s & BOOST_SERIALIZATION_NVP(findingFunctionPadding);
667 s & BOOST_SERIALIZATION_NVP(findingDeadCode);
668 s & BOOST_SERIALIZATION_NVP(peScramblerDispatcherVa);
670 s & BOOST_SERIALIZATION_NVP(findingIntraFunctionCode);
673 if (S::is_saving::value)
674 temp = findingIntraFunctionCode > 0;
675 s & boost::serialization::make_nvp(
"findingIntraFunctionCode", temp);
676 if (S::is_loading::value)
677 findingIntraFunctionCode = temp ? 10 : 0;
679 s & BOOST_SERIALIZATION_NVP(findingIntraFunctionData);
680 s & BOOST_SERIALIZATION_NVP(findingInterFunctionCalls);
682 s & BOOST_SERIALIZATION_NVP(findingFunctionCallFunctions);
684 s & BOOST_SERIALIZATION_NVP(findingEntryFunctions);
685 s & BOOST_SERIALIZATION_NVP(findingErrorFunctions);
686 s & BOOST_SERIALIZATION_NVP(findingImportFunctions);
687 s & BOOST_SERIALIZATION_NVP(findingExportFunctions);
688 s & BOOST_SERIALIZATION_NVP(findingSymbolFunctions);
690 s & BOOST_SERIALIZATION_NVP(interruptVector);
691 s & BOOST_SERIALIZATION_NVP(doingPostAnalysis);
692 s & BOOST_SERIALIZATION_NVP(doingPostFunctionMayReturn);
693 s & BOOST_SERIALIZATION_NVP(doingPostFunctionStackDelta);
694 s & BOOST_SERIALIZATION_NVP(doingPostCallingConvention);
695 s & BOOST_SERIALIZATION_NVP(doingPostFunctionNoop);
696 s & BOOST_SERIALIZATION_NVP(functionReturnAnalysis);
698 s & BOOST_SERIALIZATION_NVP(functionReturnAnalysisMaxSorts);
699 s & BOOST_SERIALIZATION_NVP(findingDataFunctionPointers);
700 s & BOOST_SERIALIZATION_NVP(findingCodeFunctionPointers);
701 s & BOOST_SERIALIZATION_NVP(findingThunks);
702 s & BOOST_SERIALIZATION_NVP(splittingThunks);
703 s & BOOST_SERIALIZATION_NVP(semanticMemoryParadigm);
705 s & BOOST_SERIALIZATION_NVP(namingConstants);
706 }
else if (S::is_loading()) {
708 s & boost::serialization::make_nvp(
"namingConstants", b);
716 s & BOOST_SERIALIZATION_NVP(namingStrings);
717 }
else if (S::is_loading()) {
719 s & boost::serialization::make_nvp(
"namingStrings", b);
726 s & BOOST_SERIALIZATION_NVP(demangleNames);
728 s & BOOST_SERIALIZATION_NVP(namingSyscalls);
733 if (S::is_saving::value)
734 temp = syscallHeader.string();
735 s & boost::serialization::make_nvp(
"syscallHeader", temp);
736 if (S::is_loading::value)
737 syscallHeader = temp;
763 friend class boost::serialization::access;
766 void serialize(S &s,
unsigned version) {
767 s & BOOST_SERIALIZATION_NVP(configurationNames);
768 s & BOOST_SERIALIZATION_NVP(exitOnError);
775 class AddressUsageMap;
bool findingInterFunctionCalls
Whether to search for function calls between exiting functions.
Edge is a function call transfer.
bool splittingThunks
Whether to split thunk instructions into mini functions.
bool memoryIsExecutable
Whether all of memory should be made executable.
std::set< Reference > ReferenceSet
Set of references.
bool linkStaticArchives
Whether to link library archives before parsing.
Settings for controling the engine behavior.
bool findingExportFunctions
Whether to make functions at export addresses.
Base class for matching function padding.
MemoryDataAdjustment
How the partitioner should globally treat memory.
bool findingDataFunctionPointers
Whether to search static data for function pointers.
Edge is a function return.
Assume a function returns if the may-return analysis cannot decide whether it may return...
Base class for CFG-adjustment callbacks.
Base class for adjusting basic blocks during discovery.
Allow parallel edges, so each edge has a unit count.
std::string isaName
Instruction set architecture name.
Base class for matching function prologues.
Reference to a function, basic block, instruction, or address.
bool doingPostFunctionStackDelta
Whether to run the function stack delta analysis.
EdgeType
Partitioner control flow edge types.
rose_addr_t peScramblerDispatcherVa
PE-Scrambler dispatcher address.
Settings that control the disassembler.
Engine for specimens containing machine instructions.
Base class for engines driving the partitioner.
Treat all memory as if it were initialized.
size_t deExecuteZerosLeaveAtBack
When to remove execute permission from zero bytes.
AddressInterval namingStrings
Addresses where strings might start.
bool copyAllInstructions
Whether to allow shared instructions in the AST.
AddressInterval namingConstants
Whether to give names to constants.
BasePartitionerSettings base
Base partitioner settings.
Special vertex destination for indeterminate edges.
static AstConstructionSettings permissive()
Default permissive settings.
Enum type for allowing parallel edges.
Settings that directly control a partitioner.
High precision, but slow.
bool doingPostFunctionNoop
Whether to run no-op function analysis.
Assume that all functions return without ever running the may-return analysis.
bool namingSyscalls
Whether to give names to system calls.
bool followingGhostEdges
Whether to follow ghost edges.
Main namespace for the ROSE library.
bool doingPostCallingConvention
Whether to run calling-convention analysis.
Settings for loading specimens.
std::vector< rose_addr_t > functionStartingVas
Starting addresses for disassembly.
bool linkObjectFiles
Whether to link object files before parsing.
VertexType
Partitioner control flow vertex types.
Settings that control building the AST.
static AstConstructionSettings strict()
Default strict settings.
Function call information.
bool discontiguousBlocks
Whether to allow discontiguous basic blocks.
bool allowEmptyGlobalBlock
Whether to allow an empty global block.
size_t functionReturnAnalysisMaxSorts
Maximum number of function may-return sorting operations.
FunctionReturnAnalysis functionReturnAnalysis
How to run the function may-return analysis.
bool demangleNames
Whether to demangle names.
std::vector< std::string > configurationNames
Configuration files names.
std::vector< rose_addr_t > ipRewrites
CFG edge rewrite pairs.
bool doingPostFunctionMayReturn
Whether to run the function may-return analysis.
bool ignoringUnknownInsns
Whether unknown instructions are ignored.
The special "undiscovered" vertex.
bool findingErrorFunctions
Whether to make error handling functions.
std::vector< std::string > envInsert
Environment variables to insert.
The value is an assumption without any proof.
Settings that control the engine partitioning.
Confidence
How sure are we of something.
bool doingPostAnalysis
Whether to perform any post-partitioning analysis steps.
size_t findingIntraFunctionCode
Whether to find intra-function code.
Do not make any global changes to the memory map.
bool findingThunks
Whether to match thunk patterns.
static Interval whole()
Construct an interval that covers the entire domain.
static Interval hull(T v1, T v2)
Construct an interval from two endpoints.
bool findingImportFunctions
Whether to make functions at import addresses.
A basic block or placeholder for a basic block.
SemanticMemoryParadigm
Organization of semantic memory.
Edge is a function return from the call site.
Normal control flow edge, nothing special.
MemoryDataAdjustment memoryDataAdjustment
How to globally adjust memory segment access bits for data areas.
FunctionReturnAnalysis
Controls whether the function may-return analysis runs.
size_t deExecuteZerosLeaveAtFront
When to remove execute permission from zero bytes.
The value was somehow proved.
bool findingEntryFunctions
Whether to make functions at program entry points.
bool findingDeadCode
Whether to find dead code.
std::vector< BasicBlockSuccessor > BasicBlockSuccessors
All successors in no particular order.
SemanticMemoryParadigm semanticMemoryParadigm
Type of container for semantic memory.
bool doDisassemble
Whether to disassemble instructions.
bool checkingCallBranch
Whether to look for function calls used as branches.
bool allowEmptyBasicBlocks
Whether to allow a basic block to be empty.
bool usingSemantics
Whether instruction semantics are used.
Treat all memory as if it were constant.
bool findingSymbolFunctions
Whether to make functions according to symbol tables.
bool exitOnError
Setting: Error handling.
std::vector< boost::regex > envErasePatterns
Patterns to erase from the environment.
bool basicBlockSemanticsAutoDrop
Whether to automatically drop semantics for attached basic blocks.
Assume a function cannot return if the may-return analysis cannot decide whether it may return...
size_t deExecuteZerosThreshold
When to remove execute permission from zero bytes.
std::vector< std::string > envEraseNames
Names to erase from the environment.
bool findingCodeFunctionPointers
Whether to search existing instructions for function pointers.
Special vertex destination for non-existing basic blocks.
bool findingIntraFunctionData
Whether to find intra-function data.
List of thunk predicates.
Assume that a function cannot return without ever running the may-return analysis.
Partitions instructions into basic blocks and functions.
bool allowFunctionWithNoBasicBlocks
Whether to allow functions with no basic blocks.
AddressInterval interruptVector
Property: Location of machine interrupt vector.
bool findingFunctionPadding
Whether to find function padding.
std::string linker
Linker command.
bool findingFunctionCallFunctions
Whether to turn function call targets into functions.
Engine for Java Virtual Machine (JVM) specimens.
Control flow graph vertex.
size_t maxBasicBlockSize
Maximum size for basic blocks.
boost::filesystem::path syscallHeader
Header file in which system calls are defined.
Holds configuration information.