1 #ifndef ROSE_Partitioner2_ModulesX86_H
2 #define ROSE_Partitioner2_ModulesX86_H
4 #include <Partitioner2/Modules.h>
8 namespace Partitioner2 {
11 namespace ModulesX86 {
29 virtual std::vector<Function::Ptr>
functions() const ROSE_OVERRIDE {
return std::vector<Function::Ptr>(1, function_); }
30 virtual bool match(
const Partitioner &partitioner, rose_addr_t anchor) ROSE_OVERRIDE;
44 virtual std::vector<Function::Ptr>
functions() const ROSE_OVERRIDE {
return std::vector<Function::Ptr>(1, function_); }
45 virtual bool match(
const Partitioner &partitioner, rose_addr_t anchor) ROSE_OVERRIDE;
54 virtual std::vector<Function::Ptr>
functions() const ROSE_OVERRIDE {
return std::vector<Function::Ptr>(1, function_); }
55 virtual bool match(
const Partitioner &partitioner, rose_addr_t anchor) ROSE_OVERRIDE;
64 virtual std::vector<Function::Ptr>
functions() const ROSE_OVERRIDE {
return std::vector<Function::Ptr>(1, function_); }
65 virtual bool match(
const Partitioner &partitioner, rose_addr_t anchor) ROSE_OVERRIDE;
74 std::vector<Function::Ptr> functions_;
77 virtual std::vector<Function::Ptr>
functions() const ROSE_OVERRIDE {
return functions_; }
87 virtual std::vector<Function::Ptr>
functions() const ROSE_OVERRIDE {
return std::vector<Function::Ptr>(1, function_); }
88 virtual bool match(
const Partitioner &partitioner, rose_addr_t anchor) ROSE_OVERRIDE;
100 virtual bool operator()(
bool chain,
const Args&) ROSE_OVERRIDE;
110 virtual bool operator()(
bool chain,
const Args&) ROSE_OVERRIDE;
125 size_t isLeaJmpThunk(const Partitioner&, const
std::vector<SgAsmInstruction*>&);
126 size_t isMovJmpThunk(const Partitioner&, const
std::vector<SgAsmInstruction*>&);
127 size_t isJmpImmThunk(const Partitioner&, const
std::vector<SgAsmInstruction*>&);
128 size_t isThunk(const Partitioner&, const
std::vector<SgAsmInstruction*>&);
143 bool matchJmpMem(const Partitioner&, SgAsmX86Instruction*);
146 bool matchMovBpSp(const Partitioner&, SgAsmX86Instruction*);
149 bool matchMovDiDi(const Partitioner&, SgAsmX86Instruction*);
152 bool matchPushBp(const Partitioner&, SgAsmX86Instruction*);
155 bool matchPushSi(const Partitioner&, SgAsmX86Instruction*);
158 size_t isThunk(const
std::vector<SgAsmInstruction*> &insns);
Match RET followed by PUSH with intervening no-op padding.
Basic block callback to detect "switch" statements.
virtual std::vector< Function::Ptr > functions() const ROSE_OVERRIDE
Returns the function(s) for the previous successful match.
static Ptr instance()
Allocating constructor.
virtual std::vector< Function::Ptr > functions() const ROSE_OVERRIDE
Returns the function(s) for the previous successful match.
Base class for adjusting basic blocks during discovery.
size_t isJmpImmThunk(const Partitioner &, const std::vector< SgAsmInstruction * > &)
Determines whether an instruction sequence begins with a thunk.
Base class for matching function prologues.
Base class for machine instructions.
Sawyer::Optional< rose_addr_t > findTableBase(SgAsmExpression *)
Try to match a base+offset expression.
bool matchMovDiDi(const Partitioner &, SgAsmX86Instruction *)
Matches "MOV EDI, EDI" or variant.
size_t isThunk(const Partitioner &, const std::vector< SgAsmInstruction * > &)
Determines whether an instruction sequence begins with a thunk.
virtual bool match(const Partitioner &partitioner, rose_addr_t anchor) ROSE_OVERRIDE
Attempt to match an instruction pattern.
virtual bool match(const Partitioner &partitioner, rose_addr_t anchor) ROSE_OVERRIDE
Attempt to match an instruction pattern.
bool matchPushBp(const Partitioner &, SgAsmX86Instruction *)
Matches "PUSH EBP" or variant.
Main namespace for the ROSE library.
Basic block callback to detect function returns.
virtual std::vector< Function::Ptr > functions() const ROSE_OVERRIDE
Returns the function(s) for the previous successful match.
bool matchLeaCxMemBpConst(const Partitioner &, SgAsmX86Instruction *)
Matches "LEA ECX, [EBP + constant]" or variant.
Name space for the entire library.
virtual bool match(const Partitioner &partitioner, rose_addr_t anchor) ROSE_OVERRIDE
Attempt to match an instruction pattern.
virtual bool operator()(bool chain, const Args &) ROSE_OVERRIDE
Callback method.
Matches an x86 MOV EDI,EDI; PUSH ESI function prologe.
static Ptr instance()
Allocating constructor.
Sawyer::Optional< rose_addr_t > matchJmpConst(const Partitioner &, SgAsmX86Instruction *)
Matches "JMP constant".
static Ptr instance()
Allocating constructor.
static Ptr instance()
Allocating constructor.
std::vector< rose_addr_t > scanCodeAddressTable(const Partitioner &, AddressInterval &tableLimits, const AddressInterval &targetLimits, size_t tableEntrySize)
Reads a table of code addresses.
Matches an x86 function prologue.
bool matchPushSi(const Partitioner &, SgAsmX86Instruction *)
Matches "PUSH SI" or variant.
size_t isJmpMemThunk(const Partitioner &, const std::vector< SgAsmInstruction * > &)
Determines whether an instruction sequence begins with a thunk.
Represents one Intel x86 machine instruction.
virtual bool match(const Partitioner &, rose_addr_t anchor) ROSE_OVERRIDE
Attempt to match an instruction pattern.
static Ptr instance()
Allocating constructor.
Base class for expressions.
size_t isMovJmpThunk(const Partitioner &, const std::vector< SgAsmInstruction * > &)
Determines whether an instruction sequence begins with a thunk.
bool matchMovBpSp(const Partitioner &, SgAsmX86Instruction *)
Matches "MOV EBP, ESP" or variant.
virtual std::vector< Function::Ptr > functions() const ROSE_OVERRIDE
Returns the function(s) for the previous successful match.
virtual bool match(const Partitioner &partitioner, rose_addr_t anchor) ROSE_OVERRIDE
Attempt to match an instruction pattern.
bool matchEnterAnyZero(const Partitioner &, SgAsmX86Instruction *)
Matches "ENTER x, 0".
Sawyer::SharedPointer< FunctionPrologueMatcher > Ptr
Shared-ownership pointer to a FunctionPrologueMatcher.
virtual bool match(const Partitioner &partitioner, rose_addr_t anchor) ROSE_OVERRIDE
Attempt to match an instruction pattern.
virtual std::vector< Function::Ptr > functions() const ROSE_OVERRIDE
Returns the function(s) for the previous successful match.
Sawyer::SharedPointer< BasicBlockCallback > Ptr
Shared-ownership pointer to a BasicBlockCallback.
static Ptr instance()
Allocating constructor.
void splitThunkFunctions(Partitioner &)
Split thunks off from start of functions.
size_t isLeaJmpThunk(const Partitioner &, const std::vector< SgAsmInstruction * > &)
Determines whether an instruction sequence begins with a thunk.
static Ptr instance()
Allocating constructor.
Partitions instructions into basic blocks and functions.
virtual std::vector< Function::Ptr > functions() const ROSE_OVERRIDE
Returns the function(s) for the previous successful match.
bool matchJmpMem(const Partitioner &, SgAsmX86Instruction *)
Matches "JMP [address]" or variant.
Matches an x86 "ENTER xxx, 0" prologue.
Matches an x86 function prologue with hot patch.
