Description
Architecture-specific information for the Common Intermediate Language.
Common Intermediate Language (CIL), formerly called Microsoft Intermediate Language (MSIL) or Intermediate Language (IL), is the intermediate language binary instruction set defined within the Common Language Infrastructure (CLI) specification. CIL instructions are executed by a CLI-compatible runtime environment such as the Common Language Runtime. Languages which target the CLI compile to CIL. CIL is object-oriented, stack-based bytecode. Runtimes typically just-in-time compile CIL instructions into native code.
CIL was originally known as Microsoft Intermediate Language (MSIL) during the beta releases of the .NET languages. Due to standardization of C# and the CLI, the bytecode is now officially known as CIL. Windows Defender virus definitions continue to refer to binaries compiled with it as MSIL.
Definition at line 22 of file Architecture/Cil.h.
#include <Rose/BinaryAnalysis/Architecture/Cil.h>
Public Types | |
| using | Ptr = CilPtr |
 Public Types inherited from Rose::BinaryAnalysis::Architecture::Base | |
| using | Ptr = BasePtr |
| Reference counting pointer. | |
| using | ConstPtr = BaseConstPtr |
| Reference counting pointer to const object. | |
Public Member Functions | |
| RegisterDictionary::Ptr | registerDictionary () const override |
| Property: Register dictionary. | |
| bool | matchesHeader (SgAsmGenericHeader *) const override |
| Tests whether this architecture matches a file header. | |
| Sawyer::Container::Interval< size_t > | bytesPerInstruction () const override |
| Valid sizes for encoded machine instructions. | |
| Alignment | instructionAlignment () const override |
| Alignment for encoded machine instructions. | |
| std::string | instructionMnemonic (const SgAsmInstruction *) const override |
| Mnemonic for an instruction. | |
| std::string | instructionDescription (const SgAsmInstruction *) const override |
| Description for an instruction. | |
| bool | isUnknown (const SgAsmInstruction *) const override |
| Returns true if the instruction is the special "unknown" instruction. | |
| bool | terminatesBasicBlock (SgAsmInstruction *) const override |
| Determines whether the specified instruction normally terminates a basic block. | |
| bool | isFunctionCallFast (const std::vector< SgAsmInstruction * > &, rose_addr_t *target, rose_addr_t *ret) const override |
| Returns true if the specified basic block looks like a function call. | |
| bool | isFunctionReturnFast (const std::vector< SgAsmInstruction * > &) const override |
| Returns true if the specified basic block looks like a function return. | |
| Sawyer::Optional< rose_addr_t > | branchTarget (SgAsmInstruction *) const override |
| Obtains the virtual address for a branching instruction. | |
| AddressSet | getSuccessors (SgAsmInstruction *, bool &complete) const override |
| Control flow successors for a single instruction. | |
| Disassembler::BasePtr | newInstructionDecoder () const override |
| Construct and return a new instruction decoder. | |
| Unparser::BasePtr | newUnparser () const override |
| Construct and return a new instruction unparser. | |
| Public Member Functions inherited from Rose::BinaryAnalysis::Architecture::Base | |
| const std::string & | name () const |
| Property: Architecture definition name. | |
| ByteOrder::Endianness | byteOrder () const |
| Property: Byte order for memory. | |
| virtual RegisterDictionaryPtr | interruptDictionary () const |
| Property: Interrupt dictionary. | |
| virtual const CallingConvention::Dictionary & | callingConventions () const |
| Property: Calling convention definitions. | |
| virtual bool | matchesName (const std::string &) const |
| Tests whether this architecture matches a name. | |
| virtual InstructionSemantics::BaseSemantics::DispatcherPtr | newInstructionDispatcher (const InstructionSemantics::BaseSemantics::RiscOperatorsPtr &) const |
| Construct and return a new instruction dispatcher. | |
| bool | instructionsCanOverlap () const |
| Whether instructions can overlap in memory. | |
| virtual std::vector< Partitioner2::FunctionPrologueMatcherPtr > | functionPrologueMatchers (const Partitioner2::EnginePtr &) const |
| Instruction patterns matching function prologues. | |
| virtual std::vector< Partitioner2::BasicBlockCallbackPtr > | basicBlockCreationHooks (const Partitioner2::EnginePtr &) const |
| Architecture-specific basic block callbacks for partitioning. | |
| const Sawyer::Optional< size_t > & | registrationId () const |
| Property: Registration identification number. | |
| void | registrationId (const Sawyer::Optional< size_t > &) |
| Property: Registration identification number. | |
| size_t | bytesPerWord () const |
| Property: Word size. | |
| size_t | bitsPerWord () const |
| Property: Word size. | |
| virtual std::string | toString (const SgAsmInstruction *) const |
| Unparse an instruction to a string. | |
| virtual std::string | toStringNoAddr (const SgAsmInstruction *) const |
| Unparse an instruction to a string. | |
| virtual bool | isFunctionCallSlow (const std::vector< SgAsmInstruction * > &, rose_addr_t *target, rose_addr_t *ret) const |
| Returns true if the specified basic block looks like a function call. | |
| virtual bool | isFunctionReturnSlow (const std::vector< SgAsmInstruction * > &) const |
| Returns true if the specified basic block looks like a function return. | |
| AddressSet | getSuccessors (const std::vector< SgAsmInstruction * > &basicBlock, bool &complete) const |
| Control flow successors for a basic block. | |
| virtual AddressSet | getSuccessors (const std::vector< SgAsmInstruction * > &basicBlock, bool &complete, const MemoryMapPtr &initial_memory) const |
| Control flow successors for a basic block. | |
Static Public Member Functions | |
| static Ptr | instance () |
| Allocating constructor. | |
Additional Inherited Members | |
| Protected Member Functions inherited from Rose::BinaryAnalysis::Architecture::Base | |
| Base (const std::string &name, size_t bytesPerWord, ByteOrder::Endianness byteOrder) | |
| Ptr | ptr () |
| ConstPtr | constPtr () const |
| Protected Attributes inherited from Rose::BinaryAnalysis::Architecture::Base | |
| Sawyer::Cached< RegisterDictionaryPtr > | registerDictionary_ |
| Sawyer::Cached< RegisterDictionaryPtr > | interruptDictionary_ |
| Sawyer::Cached< CallingConvention::Dictionary > | callingConventions_ |
| Sawyer::Cached< Unparser::Base::Ptr > | insnToString_ |
| Sawyer::Cached< Unparser::Base::Ptr > | insnToStringNoAddr_ |
Member Typedef Documentation
◆ Ptr
| using Rose::BinaryAnalysis::Architecture::Cil::Ptr = CilPtr |
Definition at line 24 of file Architecture/Cil.h.
Member Function Documentation
◆ registerDictionary()
|
overridevirtual |
Property: Register dictionary.
The register dictionary defines a mapping between register names and register descriptors (RegisterDescriptor), and thus how the registers map into hardware.
Since dictionaries are generally not modified, it is permissible for this function to return the same dictionary every time it's called. The dictionary can be constructed on the first call.
Thread safety: Thread safe.
Implements Rose::BinaryAnalysis::Architecture::Base.
◆ matchesHeader()
|
overridevirtual |
Tests whether this architecture matches a file header.
Returns true if this architecture matches the specified file header, and false otherwise.
The default implementation always returns false.
Reimplemented from Rose::BinaryAnalysis::Architecture::Base.
◆ bytesPerInstruction()
|
overridevirtual |
Valid sizes for encoded machine instructions.
Returns the range of valid sizes for encoded machine instructions. For instance, an x86 instruction can be from one to 15 bytes in length, but a PowerPC PPC32 instruction is always exactly 4 bytes.
Implements Rose::BinaryAnalysis::Architecture::Base.
◆ instructionAlignment()
|
overridevirtual |
Alignment for encoded machine instructions.
Implements Rose::BinaryAnalysis::Architecture::Base.
◆ instructionMnemonic()
|
overridevirtual |
Mnemonic for an instruction.
Returns the mnemonic for a particular instruction.
Thread safety: Thread safe.
Implements Rose::BinaryAnalysis::Architecture::Base.
◆ instructionDescription()
|
overridevirtual |
Description for an instruction.
Returns the description for a particular instruction. The description must be a single line with no leading or trailing white space, no line termination characters, and no non-printable characters. Most subclasses will just return a string based on the instruction mnemonic, such as "push a value onto the stack" for a PUSH instruction. The instruction argument must not be a null pointer and must be valid for this architecture.
The default implementation returns an empty string.
Thread safety: Thread safe.
Reimplemented from Rose::BinaryAnalysis::Architecture::Base.
◆ isUnknown()
|
overridevirtual |
Returns true if the instruction is the special "unknown" instruction.
Each instruction architecture in ROSE defines an "unknown" instruction to be used when the disassembler is unable to create a real instruction. This can happen, for instance, if the bit pattern does not represent a valid instruction for the architecture. The instruction must not be a null pointer, and must be valid for this architecture.
Thread safety: Thread safe.
Implements Rose::BinaryAnalysis::Architecture::Base.
◆ terminatesBasicBlock()
|
overridevirtual |
Determines whether the specified instruction normally terminates a basic block.
The analysis generally only looks at the individual instruction and therefore is not very sophisticated. For instance, a conditional branch will always terminate a basic block by this method even if its condition is opaque. The instruction argument must not be a null pointer and must be valid for this architecture.
Thread safety: Thread safe.
Implements Rose::BinaryAnalysis::Architecture::Base.
◆ isFunctionCallFast()
|
overridevirtual |
Returns true if the specified basic block looks like a function call.
If the basic block looks like a function call then this method returns true. If (and only if) the target address is known (i.e., the address of the called function) then target is set to this address (otherwise target is unmodified). If the return address is known or can be guessed, then return_va is initialized to the return address, which is normally the fall-through address of the last instruction; otherwise the return_va is unmodified.
The "fast" and "slow" versions differ only in what kind of anlysis they do. The "fast" version typically looks only at instruction patterns while the slow version might incur more expense by looking at instruction semantics.
The base implementation of the fast method always returns false. The base implementation of the slow method just calls the fast method.
Thread safety: Thread safe.
Reimplemented from Rose::BinaryAnalysis::Architecture::Base.
◆ isFunctionReturnFast()
|
overridevirtual |
Returns true if the specified basic block looks like a function return.
The "fast" and "slow" versions differ only in what kind of anlysis they do. The "fast" version typically looks only at instruction patterns while the slow version might incur more expense by looking at instruction semantics.
The base implementaiton of the fast method always returns false. The base implementation of the slow method just calls the fast method.
Thread safety: Thread safe.
Reimplemented from Rose::BinaryAnalysis::Architecture::Base.
◆ branchTarget()
|
overridevirtual |
Obtains the virtual address for a branching instruction.
Returns the branch target address if the specified instruction is a branching instruction and the target is known; otherwise returns nothing.
The default implementation returns nothing.
Thread safety: Thread safe.
Reimplemented from Rose::BinaryAnalysis::Architecture::Base.
◆ getSuccessors()
|
overridevirtual |
Control flow successors for a single instruction.
The return value does not consider neighboring instructions, and therefore is quite naive. It returns only the information it can glean from this single instruction. If the returned set of virtual instructions is fully known then the complete argument will be set to true, otherwise false. The instruction must not be null, and must be valid for this architecture.
The default implementation always returns an empty set and clears complete.
Thread safety: Thread saafe.
Reimplemented from Rose::BinaryAnalysis::Architecture::Base.
◆ newInstructionDecoder()
|
overridevirtual |
Construct and return a new instruction decoder.
Returns a new decoder for this architecture if possible, otherwise a null pointer.
Thread safety: Thread safe.
Implements Rose::BinaryAnalysis::Architecture::Base.
◆ newUnparser()
|
overridevirtual |
Construct and return a new instruction unparser.
An unparser is responsible for generating pseudo assembly listings.
Thread safety: Thread safe.
Implements Rose::BinaryAnalysis::Architecture::Base.
The documentation for this class was generated from the following file:
