ROSE  0.11.98.0
Partitioner2/DataFlow.h
1 #ifndef ROSE_BinaryAnalysis_Partitioner2_DataFlow_H
2 #define ROSE_BinaryAnalysis_Partitioner2_DataFlow_H
3 #include <featureTests.h>
4 #ifdef ROSE_ENABLE_BINARY_ANALYSIS
5 
6 #include <Rose/BinaryAnalysis/DataFlow.h>
7 #include <Rose/BinaryAnalysis/Partitioner2/BasicBlock.h>
8 #include <Rose/BinaryAnalysis/Partitioner2/ControlFlowGraph.h>
9 #include <Rose/BinaryAnalysis/Partitioner2/Function.h>
10 #include <Sawyer/Graph.h>
11 
12 namespace Rose {
13 namespace BinaryAnalysis {
14 namespace Partitioner2 {
15 
17 namespace DataFlow {
18 
20 // Control Flow Graph
22 
26 class DfCfgVertex {
27 public:
29  enum Type {
30  BBLOCK,
31  FAKED_CALL,
32  FUNCRET,
33  INDET,
34  };
35 
36 private:
37  Type type_;
38  BasicBlock::Ptr bblock_; // attached to BBLOCK vertices
39  Function::Ptr callee_; // function represented by FAKED_CALL
40  Function::Ptr parentFunction_; // function "owning" this vertex
41  size_t inliningId_; // invocation ID for inlining functions during inter-procedural
42 
43 public:
45  explicit DfCfgVertex(const BasicBlock::Ptr &bblock, const Function::Ptr &parentFunction, size_t inliningId)
46  : type_(BBLOCK), bblock_(bblock), parentFunction_(parentFunction), inliningId_(inliningId) {
47  ASSERT_not_null(bblock);
48  }
49 
51  explicit DfCfgVertex(const Function::Ptr &function, const Function::Ptr &parentFunction, size_t inliningId)
52  : type_(FAKED_CALL), callee_(function), parentFunction_(parentFunction), inliningId_(inliningId) {}
53 
55  explicit DfCfgVertex(Type type, const Function::Ptr &parentFunction, size_t inliningId)
56  : type_(type), parentFunction_(parentFunction), inliningId_(inliningId) {
57  ASSERT_require2(BBLOCK!=type && FAKED_CALL!=type, "use a different constructor");
58  }
59 
63  Type type() const { return type_; }
64 
69  const BasicBlock::Ptr& bblock() const { return bblock_; }
70 
72  const Function::Ptr& callee() const { return callee_; }
73 
79  Function::Ptr parentFunction() const { return parentFunction_; }
80 
86  size_t inliningId() const { return inliningId_; }
87 };
88 
110 typedef Sawyer::Container::Graph<DfCfgVertex> DfCfg;
111 
117 class InterproceduralPredicate {
118 public:
119  virtual ~InterproceduralPredicate() {}
120  virtual bool operator()(const ControlFlowGraph&, const ControlFlowGraph::ConstEdgeIterator&, size_t depth) = 0;
121 };
122 
124 class NotInterprocedural: public InterproceduralPredicate {
125 public:
126  bool operator()(const ControlFlowGraph&, const ControlFlowGraph::ConstEdgeIterator&, size_t depth) override {
127  return false;
128  }
129 };
130 extern NotInterprocedural NOT_INTERPROCEDURAL;
131 
133 std::vector<SgAsmInstruction*> vertexUnpacker(const DfCfgVertex&);
134 
141 DfCfg buildDfCfg(const Partitioner&, const ControlFlowGraph&, const ControlFlowGraph::ConstVertexIterator &startVertex,
142  InterproceduralPredicate &predicate = NOT_INTERPROCEDURAL);
143 
145 void dumpDfCfg(std::ostream&, const DfCfg&);
146 
152 Function::Ptr bestSummaryFunction(const FunctionSet &functions);
153 
159 template<class DfCfg>
160 typename Sawyer::Container::GraphTraits<DfCfg>::VertexIterator
161 findReturnVertex(DfCfg &dfCfg) {
162  using namespace Sawyer::Container;
163  typename GraphTraits<DfCfg>::VertexIterator retval = dfCfg.vertices().end();
164  for (typename GraphTraits<DfCfg>::VertexIterator vi = dfCfg.vertices().begin(); vi != dfCfg.vertices().end(); ++vi) {
165  if (vi->value().type() == DfCfgVertex::FUNCRET) {
166  ASSERT_require(retval == dfCfg.vertices().end());
167  retval = vi;
168  }
169  }
170  return retval;
171 }
172 
174 // Transfer function
175 //
176 // The transfer function is reponsible for taking a CFG vertex and an initial state and producing the next state, the final
177 // state for that vertex. Users can use whatever transfer function they want; this one is based on the DfCfg and an
178 // instruction semantics state.
180 
182 class TransferFunction {
183  BaseSemantics::DispatcherPtr cpu_;
184  BaseSemantics::SValuePtr callRetAdjustment_;
185  const RegisterDescriptor STACK_POINTER_REG;
186  const RegisterDescriptor INSN_POINTER_REG;
187  CallingConvention::DefinitionPtr defaultCallingConvention_;
188 public:
192  explicit TransferFunction(const BaseSemantics::DispatcherPtr &cpu)
193  : cpu_(cpu), STACK_POINTER_REG(cpu->stackPointerRegister()), INSN_POINTER_REG(cpu->instructionPointerRegister()) {
194  size_t adjustment = STACK_POINTER_REG.nBits() / 8; // sizeof return address on top of stack
195  callRetAdjustment_ = cpu->number_(STACK_POINTER_REG.nBits(), adjustment);
196  }
197 
199  BaseSemantics::StatePtr initialState() const;
200 
204  BaseSemantics::DispatcherPtr cpu() const { return cpu_; }
205 
214  CallingConvention::DefinitionPtr defaultCallingConvention() const { return defaultCallingConvention_; }
215  void defaultCallingConvention(const CallingConvention::DefinitionPtr &x) { defaultCallingConvention_ = x; }
218  // Required by data-flow engine
219  std::string toString(const BaseSemantics::StatePtr &state);
220 
221  // Required by data-flow engine: compute new output state given a vertex and input state.
222  BaseSemantics::StatePtr operator()(const DfCfg&, size_t vertexId, const BaseSemantics::StatePtr &incomingState) const;
223 };
224 
229 typedef Rose::BinaryAnalysis::DataFlow::SemanticsMerge MergeFunction;
230 
232 typedef Rose::BinaryAnalysis::DataFlow::Engine<DfCfg, BaseSemantics::StatePtr, TransferFunction, MergeFunction> Engine;
233 
245 Variables::StackVariables findStackVariables(const FunctionPtr &function, const BaseSemantics::RiscOperatorsPtr &ops,
246  const BaseSemantics::SValuePtr &initialStackPointer);
247 
252 Variables::StackVariables findLocalVariables(const FunctionPtr &function, const BaseSemantics::RiscOperatorsPtr &ops,
253  const BaseSemantics::SValuePtr &initialStackPointer);
254 
260 Variables::StackVariables findFunctionArguments(const FunctionPtr &function, const BaseSemantics::RiscOperatorsPtr &ops,
261  const BaseSemantics::SValuePtr &initialStackPointer);
262 
267 std::vector<AbstractLocation> findGlobalVariables(const BaseSemantics::RiscOperatorsPtr &ops, size_t wordNBytes);
268 
269 
270 
271 } // namespace
272 } // namespace
273 } // namespace
274 } // namespace
275 
276 #endif
277 #endif
Rose::BinaryAnalysis::Partitioner2::DataFlow::Engine
Rose::BinaryAnalysis::DataFlow::Engine< DfCfg, BaseSemantics::StatePtr, TransferFunction, MergeFunction > Engine
Data-Flow engine.
Definition: Partitioner2/DataFlow.h:232
Rose::BinaryAnalysis::Partitioner2::DataFlow::MergeFunction
Rose::BinaryAnalysis::DataFlow::SemanticsMerge MergeFunction
Data-flow merge function.
Definition: Partitioner2/DataFlow.h:229
Rose::BinaryAnalysis::Partitioner2::DataFlow::findGlobalVariables
std::vector< AbstractLocation > findGlobalVariables(const BaseSemantics::RiscOperatorsPtr &ops, size_t wordNBytes)
Returns a list of global variables.
Rose::BinaryAnalysis::Partitioner2::DataFlow::NotInterprocedural
Predicate that always returns false, preventing interprocedural analysis.
Definition: Partitioner2/DataFlow.h:124
Rose::BinaryAnalysis::Partitioner2::DataFlow::TransferFunction::cpu
BaseSemantics::DispatcherPtr cpu() const
Property: Virtual CPU.
Definition: Partitioner2/DataFlow.h:204
Sawyer::Container::Graph
Graph containing user-defined vertices and edges.
Definition: Graph.h:625
Rose::BinaryAnalysis::RegisterDescriptor::nBits
size_t nBits() const
Property: Size in bits.
Definition: RegisterDescriptor.h:140
Rose::BinaryAnalysis::Partitioner2::DataFlow::bestSummaryFunction
Function::Ptr bestSummaryFunction(const FunctionSet &functions)
Choose best function for data-flow summary vertex.
Rose::BinaryAnalysis::Partitioner2::DataFlow::DfCfgVertex::bblock
const BasicBlock::Ptr & bblock() const
Basic block.
Definition: Partitioner2/DataFlow.h:69
Rose::BinaryAnalysis::Partitioner2::DataFlow::findReturnVertex
Sawyer::Container::GraphTraits< DfCfg >::VertexIterator findReturnVertex(DfCfg &dfCfg)
Find the return vertex.
Definition: Partitioner2/DataFlow.h:161
Rose::BinaryAnalysis::DataFlow::SemanticsMerge
Basic merge operation for instruction semantics.
Definition: DataFlow.h:215
Rose::BinaryAnalysis::Partitioner2::DataFlow::DfCfgVertex::DfCfgVertex
DfCfgVertex(Type type, const Function::Ptr &parentFunction, size_t inliningId)
Construct a vertex of specified type that takes no auxiliary data.
Definition: Partitioner2/DataFlow.h:55
Rose::BinaryAnalysis::Partitioner2::DataFlow::TransferFunction::defaultCallingConvention
void defaultCallingConvention(const CallingConvention::DefinitionPtr &x)
Property: Default calling convention.
Definition: Partitioner2/DataFlow.h:215
Rose::BinaryAnalysis::InstructionSemantics::BaseSemantics::RiscOperatorsPtr
boost::shared_ptr< RiscOperators > RiscOperatorsPtr
Shared-ownership pointer to a RISC operators object.
Definition: InstructionSemantics/BaseSemantics/Types.h:61
Rose::BinaryAnalysis::Partitioner2::DataFlow::findStackVariables
Variables::StackVariables findStackVariables(const FunctionPtr &function, const BaseSemantics::RiscOperatorsPtr &ops, const BaseSemantics::SValuePtr &initialStackPointer)
Returns the list of all known stack variables.
Rose::BinaryAnalysis::Partitioner2::DataFlow::DfCfgVertex::DfCfgVertex
DfCfgVertex(const Function::Ptr &function, const Function::Ptr &parentFunction, size_t inliningId)
Construct a faked call vertex.
Definition: Partitioner2/DataFlow.h:51
Rose::BinaryAnalysis::Partitioner2::DataFlow::DfCfgVertex::parentFunction
Function::Ptr parentFunction() const
Function owning this vertex.
Definition: Partitioner2/DataFlow.h:79
Sawyer::Container::Graph::vertices
boost::iterator_range< VertexIterator > vertices()
Iterators for all vertices.
Definition: Graph.h:1460
Rose
Main namespace for the ROSE library.
Definition: BinaryTutorial.dox:3
Rose::BinaryAnalysis::Partitioner2::DataFlow::findFunctionArguments
Variables::StackVariables findFunctionArguments(const FunctionPtr &function, const BaseSemantics::RiscOperatorsPtr &ops, const BaseSemantics::SValuePtr &initialStackPointer)
Returns the list of all known function arguments.
Rose::BinaryAnalysis::InstructionSemantics::BaseSemantics::StatePtr
boost::shared_ptr< State > StatePtr
Shared-ownership pointer to a semantic state.
Definition: InstructionSemantics/BaseSemantics/Types.h:58
Rose::BinaryAnalysis::Partitioner2::DataFlow::TransferFunction::TransferFunction
TransferFunction(const BaseSemantics::DispatcherPtr &cpu)
Construct from a CPU.
Definition: Partitioner2/DataFlow.h:192
Rose::BinaryAnalysis::InstructionSemantics::BaseSemantics::DispatcherPtr
boost::shared_ptr< Dispatcher > DispatcherPtr
Shared-ownership pointer to a semantics instruction dispatcher.
Definition: InstructionSemantics/BaseSemantics/Types.h:64
Rose::BinaryAnalysis::Partitioner2::DataFlow::buildDfCfg
DfCfg buildDfCfg(const Partitioner &, const ControlFlowGraph &, const ControlFlowGraph::ConstVertexIterator &startVertex, InterproceduralPredicate &predicate=NOT_INTERPROCEDURAL)
build a cfg useful for data-flow analysis.
Sawyer::Container
Container classes that store user-defined values.
Definition: AddressMap.h:35
Rose::BinaryAnalysis::Partitioner2::DataFlow::TransferFunction::initialState
BaseSemantics::StatePtr initialState() const
Construct an initial state.
Rose::BinaryAnalysis::RegisterDescriptor
Describes (part of) a physical CPU register.
Definition: RegisterDescriptor.h:27
Rose::BinaryAnalysis::Partitioner2::DataFlow::InterproceduralPredicate
Predicate that decides when to use inter-procedural data-flow.
Definition: Partitioner2/DataFlow.h:117
Rose::BinaryAnalysis::Partitioner2::DataFlow::DfCfgVertex::inliningId
size_t inliningId() const
Inlining invocation number.
Definition: Partitioner2/DataFlow.h:86
Rose::BinaryAnalysis::Partitioner2::DataFlow::vertexUnpacker
std::vector< SgAsmInstruction * > vertexUnpacker(const DfCfgVertex &)
Unpacks a vertex into a list of instructions.
BinaryAnalysis
Binary analysis.
Definition: BinaryAnalysis.h:76
Rose::BinaryAnalysis::Partitioner2::DataFlow::DfCfgVertex::DfCfgVertex
DfCfgVertex(const BasicBlock::Ptr &bblock, const Function::Ptr &parentFunction, size_t inliningId)
Construct a basic block vertex.
Definition: Partitioner2/DataFlow.h:45
Sawyer::Container::GraphTraits::VertexIterator
G::VertexIterator VertexIterator
Const or non-const vertex iterator.
Definition: Graph.h:295
Rose::BinaryAnalysis::Partitioner2::DataFlow::dumpDfCfg
void dumpDfCfg(std::ostream &, const DfCfg &)
Emit a data-flow CFG as a GraphViz file.
Rose::BinaryAnalysis::Partitioner2::DataFlow::DfCfgVertex::INDET
Indeterminate basic block where no information is available.
Definition: Partitioner2/DataFlow.h:33
Rose::BinaryAnalysis::Partitioner2::Partitioner
Partitions instructions into basic blocks and functions.
Definition: Partitioner.h:294
Rose::BinaryAnalysis::Partitioner2::DataFlow::findLocalVariables
Variables::StackVariables findLocalVariables(const FunctionPtr &function, const BaseSemantics::RiscOperatorsPtr &ops, const BaseSemantics::SValuePtr &initialStackPointer)
Returns the list of all known local variables.
Rose::BinaryAnalysis::Partitioner2::DataFlow::DfCfg
Sawyer::Container::Graph< DfCfgVertex > DfCfg
Control flow graph used by data-flow analysis.
Definition: Partitioner2/DataFlow.h:110
Rose::BinaryAnalysis::Partitioner2::DataFlow::DfCfgVertex::callee
const Function::Ptr & callee() const
Function represented by faked call.
Definition: Partitioner2/DataFlow.h:72
Rose::BinaryAnalysis::Partitioner2::DataFlow::TransferFunction::defaultCallingConvention
CallingConvention::DefinitionPtr defaultCallingConvention() const
Property: Default calling convention.
Definition: Partitioner2/DataFlow.h:214
Generated on Mon Sep 12 2022 05:59:38 for ROSE by   doxygen 1.8.10