Description
Defines RISC operators for the ConcreteSemantics domain.
These RISC operators depend on functionality introduced into the SValue class hierarchy at the ConcreteSemantics::SValue level. Therefore, the prototypical value supplied to the constructor or present in the supplied state object must have a dynamic type which is a ConcreteSemantics::SValue (or subclass).
Each RISC operator should return a newly allocated semantic value rather than trying to re-use an existing one. This will allow the caller to change the value stored there without affecting any of the input arguments. For example, a no-op that returns its argument should be implemented like this:
Definition at line 334 of file ConcreteSemantics2.h.
#include <ConcreteSemantics2.h>
Public Member Functions | |
| virtual BaseSemantics::RiscOperatorsPtr | create (const BaseSemantics::SValuePtr &protoval, const SmtSolverPtr &solver=SmtSolverPtr()) const ROSE_OVERRIDE |
| Virtual allocating constructor. More... | |
| virtual BaseSemantics::RiscOperatorsPtr | create (const BaseSemantics::StatePtr &state, const SmtSolverPtr &solver=SmtSolverPtr()) const ROSE_OVERRIDE |
| Virtual allocating constructor. More... | |
| virtual void | interrupt (int majr, int minr) ROSE_OVERRIDE |
| Invoked for instructions that cause an interrupt. More... | |
| virtual BaseSemantics::SValuePtr | and_ (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | or_ (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | xor_ (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | invert (const BaseSemantics::SValuePtr &a_) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | extract (const BaseSemantics::SValuePtr &a_, size_t begin_bit, size_t end_bit) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | concat (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | leastSignificantSetBit (const BaseSemantics::SValuePtr &a_) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | mostSignificantSetBit (const BaseSemantics::SValuePtr &a_) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | rotateLeft (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &sa_) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | rotateRight (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &sa_) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | shiftLeft (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &sa_) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | shiftRight (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &sa_) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | shiftRightArithmetic (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &sa_) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | equalToZero (const BaseSemantics::SValuePtr &a_) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | ite (const BaseSemantics::SValuePtr &sel_, const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | unsignedExtend (const BaseSemantics::SValuePtr &a_, size_t new_width) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | signExtend (const BaseSemantics::SValuePtr &a_, size_t new_width) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | add (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE |
| virtual BaseSemantics::SValuePtr | addWithCarries (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_, const BaseSemantics::SValuePtr &c_, BaseSemantics::SValuePtr &carry_out) ROSE_OVERRIDE |
| Used for printing RISC operators with formatting. More... | |
| virtual BaseSemantics::SValuePtr | negate (const BaseSemantics::SValuePtr &a_) ROSE_OVERRIDE |
| Two's complement. More... | |
| virtual BaseSemantics::SValuePtr | signedDivide (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE |
| Divides two signed values. More... | |
| virtual BaseSemantics::SValuePtr | signedModulo (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE |
| Calculates modulo with signed values. More... | |
| virtual BaseSemantics::SValuePtr | signedMultiply (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE |
| Multiplies two signed values. More... | |
| virtual BaseSemantics::SValuePtr | unsignedDivide (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE |
| Divides two unsigned values. More... | |
| virtual BaseSemantics::SValuePtr | unsignedModulo (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE |
| Calculates modulo with unsigned values. More... | |
| virtual BaseSemantics::SValuePtr | unsignedMultiply (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE |
| Multiply two unsigned values. More... | |
| virtual BaseSemantics::SValuePtr | fpFromInteger (const BaseSemantics::SValuePtr &intValue, SgAsmFloatType *) ROSE_OVERRIDE |
| Construct a floating-point value from an integer value. More... | |
| virtual BaseSemantics::SValuePtr | fpToInteger (const BaseSemantics::SValuePtr &fpValue, SgAsmFloatType *fpType, const BaseSemantics::SValuePtr &dflt) ROSE_OVERRIDE |
| Construct an integer value from a floating-point value. More... | |
| virtual BaseSemantics::SValuePtr | fpAdd (const BaseSemantics::SValuePtr &a, const BaseSemantics::SValuePtr &b, SgAsmFloatType *) ROSE_OVERRIDE |
| Add two floating-point values. More... | |
| virtual BaseSemantics::SValuePtr | fpSubtract (const BaseSemantics::SValuePtr &a, const BaseSemantics::SValuePtr &b, SgAsmFloatType *) ROSE_OVERRIDE |
| Subtract one floating-point value from another. More... | |
| virtual BaseSemantics::SValuePtr | fpMultiply (const BaseSemantics::SValuePtr &a, const BaseSemantics::SValuePtr &b, SgAsmFloatType *) ROSE_OVERRIDE |
| Multiply two floating-point values. More... | |
| virtual BaseSemantics::SValuePtr | fpRoundTowardZero (const BaseSemantics::SValuePtr &a, SgAsmFloatType *) ROSE_OVERRIDE |
| Round toward zero. More... | |
| virtual BaseSemantics::SValuePtr | readMemory (RegisterDescriptor segreg, const BaseSemantics::SValuePtr &addr, const BaseSemantics::SValuePtr &dflt, const BaseSemantics::SValuePtr &cond) ROSE_OVERRIDE |
| Reads a value from memory. More... | |
| virtual BaseSemantics::SValuePtr | peekMemory (RegisterDescriptor segreg, const BaseSemantics::SValuePtr &addr, const BaseSemantics::SValuePtr &dflt) ROSE_OVERRIDE |
| Read memory without side effects. More... | |
| virtual void | writeMemory (RegisterDescriptor segreg, const BaseSemantics::SValuePtr &addr, const BaseSemantics::SValuePtr &data, const BaseSemantics::SValuePtr &cond) ROSE_OVERRIDE |
| Writes a value to memory. More... | |
 Public Member Functions inherited from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators | |
| virtual SValuePtr | protoval () const |
| Property: Prototypical semantic value. More... | |
| virtual SValuePtr | fpConvert (const SValuePtr &a, SgAsmFloatType *aType, SgAsmFloatType *retType) |
| Convert from one floating-point type to another. More... | |
| virtual SValuePtr | fpIsNan (const SValuePtr &fpValue, SgAsmFloatType *fpType) |
| Whether a floating-point value is a special not-a-number bit pattern. More... | |
| virtual SValuePtr | fpIsDenormalized (const SValuePtr &fpValue, SgAsmFloatType *fpType) |
| Whether a floating-point value is denormalized. More... | |
| virtual SValuePtr | fpIsZero (const SValuePtr &fpValue, SgAsmFloatType *fpType) |
| Whether a floating-point value is equal to zero. More... | |
| virtual SValuePtr | fpIsInfinity (const SValuePtr &fpValue, SgAsmFloatType *fpType) |
| Whether a floating-point value is infinity. More... | |
| virtual SValuePtr | fpSign (const SValuePtr &fpValue, SgAsmFloatType *fpType) |
| Sign of floating-point value. More... | |
| virtual SValuePtr | fpEffectiveExponent (const SValuePtr &fpValue, SgAsmFloatType *fpType) |
| Exponent of floating-point value. More... | |
| virtual SValuePtr | fpDivide (const SValuePtr &a, const SValuePtr &b, SgAsmFloatType *fpType) |
| Divide one floating-point value by another. More... | |
| virtual SValuePtr | fpSquareRoot (const SValuePtr &a, SgAsmFloatType *fpType) |
| Square root. More... | |
| virtual SValuePtr | reinterpret (const SValuePtr &a, SgAsmType *retType) |
| Reinterpret an expression as a different type. More... | |
| virtual SValuePtr | convert (const SValuePtr &a, SgAsmType *srcType, SgAsmType *dstType) |
| Convert value from one type to another. More... | |
| virtual void | writeRegister (RegisterDescriptor reg, const SValuePtr &a) |
| Writes a value to a register. More... | |
| virtual SmtSolverPtr | solver () const |
| Property: Satisfiability module theory (SMT) solver. More... | |
| virtual void | solver (const SmtSolverPtr &s) |
| Property: Satisfiability module theory (SMT) solver. More... | |
| const HotPatch & | hotPatch () const |
| Property: Post-instruction hot patches. More... | |
| HotPatch & | hotPatch () |
| Property: Post-instruction hot patches. More... | |
| void | hotPatch (const HotPatch &hp) |
| Property: Post-instruction hot patches. More... | |
| virtual StatePtr | currentState () const |
| Property: Current semantic state. More... | |
| virtual void | currentState (const StatePtr &s) |
| Property: Current semantic state. More... | |
| virtual StatePtr | initialState () const |
| Property: Optional lazily updated initial state. More... | |
| virtual void | initialState (const StatePtr &s) |
| Property: Optional lazily updated initial state. More... | |
| virtual const std::string & | name () const |
| Property: Name used for debugging. More... | |
| virtual void | name (const std::string &s) |
| Property: Name used for debugging. More... | |
| void | print (std::ostream &stream, const std::string prefix="") const |
| Print multi-line output for this object. | |
| virtual void | print (std::ostream &stream, Formatter &fmt) const |
| Print multi-line output for this object. | |
| virtual SValuePtr | readRegister (RegisterDescriptor reg) |
| Reads a value from a register. More... | |
| virtual SValuePtr | readRegister (RegisterDescriptor reg, const SValuePtr &dflt) |
| Reads a value from a register. More... | |
| virtual SValuePtr | peekRegister (RegisterDescriptor, const SValuePtr &dflt) |
| Obtain a register value without side effects. More... | |
| SValuePtr | peekRegister (RegisterDescriptor reg) |
| Obtain a register value without side effects. More... | |
Static Public Member Functions | |
| static RiscOperatorsPtr | instance (const RegisterDictionary *regdict, const SmtSolverPtr &solver=SmtSolverPtr()) |
| Instantiates a new RiscOperators object and configures it to use semantic values and states that are defaults for ConcreteSemantics. More... | |
| static RiscOperatorsPtr | instance (const BaseSemantics::SValuePtr &protoval, const SmtSolverPtr &solver=SmtSolverPtr()) |
| Instantiates a new RiscOperators object with specified prototypical values. More... | |
| static RiscOperatorsPtr | instance (const BaseSemantics::StatePtr &state, const SmtSolverPtr &solver=SmtSolverPtr()) |
| Instantiates a new RiscOperators object with specified state. More... | |
| static RiscOperatorsPtr | promote (const BaseSemantics::RiscOperatorsPtr &x) |
| Run-time promotion of a base RiscOperators pointer to concrete operators. More... | |
| Static Public Member Functions inherited from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators | |
| static RiscOperatorsPtr | promote (const RiscOperatorsPtr &x) |
Protected Member Functions | |
| RiscOperators (const BaseSemantics::SValuePtr &protoval, const SmtSolverPtr &solver) | |
| RiscOperators (const BaseSemantics::StatePtr &state, const SmtSolverPtr &solver) | |
| SValuePtr | svalue_number (size_t nbits, uint64_t value) |
| SValuePtr | svalue_number (const Sawyer::Container::BitVector &) |
| SValuePtr | svalue_boolean (bool b) |
| SValuePtr | svalue_zero (size_t nbits) |
| BaseSemantics::SValuePtr | readOrPeekMemory (RegisterDescriptor segreg, const BaseSemantics::SValuePtr &address, const BaseSemantics::SValuePtr &dflt, bool allowSideEffects) |
| double | exprToDouble (const BaseSemantics::SValuePtr &expr, SgAsmFloatType *) |
| BaseSemantics::SValuePtr | doubleToExpr (double d, SgAsmFloatType *) |
| Protected Member Functions inherited from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators | |
| RiscOperators (const SValuePtr &protoval, const SmtSolverPtr &solver=SmtSolverPtr()) | |
| RiscOperators (const StatePtr &state, const SmtSolverPtr &solver=SmtSolverPtr()) | |
Additional Inherited Members | |
| Public Types inherited from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators | |
| typedef RiscOperatorsPtr | Ptr |
| Shared-ownership pointer for a RiscOperators object. More... | |
Member Function Documentation
|
inlinestatic |
Instantiates a new RiscOperators object and configures it to use semantic values and states that are defaults for ConcreteSemantics.
Definition at line 355 of file ConcreteSemantics2.h.
References Rose::BinaryAnalysis::InstructionSemantics2::ConcreteSemantics::SValue::instance(), Rose::BinaryAnalysis::InstructionSemantics2::ConcreteSemantics::MemoryState::instance(), and Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RegisterStateGeneric::instance().
Referenced by create().
|
inlinestatic |
Instantiates a new RiscOperators object with specified prototypical values.
An SMT solver may be specified as the second argument because the base class expects one, but it is not used for ConcreteSemantics. See SmtSolver for details.
Definition at line 366 of file ConcreteSemantics2.h.
|
inlinestatic |
Instantiates a new RiscOperators object with specified state.
An SMT solver may be specified as the second argument because the base class expects one, but it is not used for concrete semantics. See solver for details.
Definition at line 372 of file ConcreteSemantics2.h.
|
inlinevirtual |
Virtual allocating constructor.
The protoval is a prototypical semantic value that is used as a factory to create additional values as necessary via its virtual constructors. The state upon which the RISC operations operate must be set by modifying the currentState property. An optional SMT solver may be specified (see solver).
Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
Reimplemented in Rose::BinaryAnalysis::InstructionSemantics2::NativeSemantics::RiscOperators.
Definition at line 379 of file ConcreteSemantics2.h.
References instance().
|
inlinevirtual |
Virtual allocating constructor.
The supplied state is that upon which the RISC operations operate and is also used to define the prototypical semantic value. Other states can be supplied by setting currentState. The prototypical semantic value is used as a factory to create additional values as necessary via its virtual constructors. An optional SMT solver may be specified (see solver).
Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
Definition at line 384 of file ConcreteSemantics2.h.
References instance().
|
inlinestatic |
Run-time promotion of a base RiscOperators pointer to concrete operators.
This is a checked conversion–it will fail if x does not point to a ConcreteSemantics::RiscOperators object.
Definition at line 394 of file ConcreteSemantics2.h.
|
virtual |
Invoked for instructions that cause an interrupt.
The major and minor numbers are architecture specific. For instance, an x86 INT instruction uses major number zero and the minor number is the interrupt number (e.g., 0x80 for Linux system calls), while an x86 SYSENTER instruction uses major number one. The minr operand for INT3 is -3 to distinguish it from the one-argument "INT 3" instruction which has slightly different semantics.
Reimplemented from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
|
virtual |
Used for printing RISC operators with formatting.
The usual way to use this is:
Since specifying a line prefix string for indentation purposes is such a common use case, the indentation can be given instead of a format, as in the following code that indents the prefixes each line of the expression with four spaces.
The carry_out value is 11100100.
The width of a and b must be equal; c must have a width of one bit; the return value and carry_out will be the same width as a and b. The carry_out value is allocated herein.
Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
|
virtual |
Two's complement.
The return value will have the same width as the operand.
Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
|
virtual |
Divides two signed values.
The width of the result will be the same as the width of the dividend.
Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
|
virtual |
Calculates modulo with signed values.
The width of the result will be the same as the width of operand b.
Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
|
virtual |
Multiplies two signed values.
The width of the result will be the sum of the widths of a and b.
Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
|
virtual |
Divides two unsigned values.
The width of the result is the same as the width of the dividend.
Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
|
virtual |
Calculates modulo with unsigned values.
The width of the result is the same as the width of operand b.
Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
|
virtual |
Multiply two unsigned values.
The width of the result is the sum of the widths of a and b.
Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
|
virtual |
Construct a floating-point value from an integer value.
Reimplemented from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
|
virtual |
Construct an integer value from a floating-point value.
The bits of fpValue are interpreted according to the fpType and converted to a signed integer value that fits in integerWidth bits. This is done by truncating the fractional part of the floating point number, thus rounding toward zero. If fpValue is not a number then dflt is returned.
Reimplemented from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
|
virtual |
Add two floating-point values.
Adds two floating-point values that have the same type and returns the sum in the same type.
Reimplemented from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
|
virtual |
Subtract one floating-point value from another.
Subtracts b from a and returns the difference. All three floating-point values have the same type. The default implementation is in terms of negate and add.
Reimplemented from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
|
virtual |
Multiply two floating-point values.
Multiplies two floating-point values and returns the product. All three values have the same type.
Reimplemented from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
|
virtual |
Round toward zero.
Truncate the fractional part of the floating point number.
Reimplemented from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
|
virtual |
Reads a value from memory.
The implementation (in subclasses) will typically delegate much of the work to the current state's readMemory method.
A MemoryState will implement storage for memory locations and might impose certain restrictions, such as "all memory values must be eight bits". However, the readMemory should not have these constraints so that it can be called from a variety of Dispatcher subclass (e.g., the DispatcherX86 class assumes that readMemory is capable of reading 32-bit values from little-endian memory). The designers of the MemoryState, State, and RiscOperators should collaborate to decide which layer (RiscOperators, State, or MemoryState) is reponsible for combining individual memory locations into larger values. A RiscOperators object is passed along the chain of delegations for this purpose. The RiscOperators might also contain other data that's important during the process, such as an SMT solver.
The segreg argument is an optional segment register. Most architectures have a flat virtual address space and will pass a default-constructed register descriptor whose is_valid() method returns false.
The cond argument is a Boolean value that indicates whether this is a true read operation. If cond can be proven to be false then the read is a no-op and returns an arbitrary value.
The dflt argument determines the size of the value to be read. This argument is also passed along to the lower layers so that they can, if they desire, use it to initialize memory that has never been read or written before.
Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
|
virtual |
Read memory without side effects.
This is a lower-level operation than readMemory in that it doesn't cause any side effects in the memory state. In all other respects, it's similar to readMemory.
Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
|
virtual |
Writes a value to memory.
The implementation (in subclasses) will typically delegate much of the work to the current state's writeMemory method.
The segreg argument is an optional segment register. Most architectures have a flat virtual address space and will pass a default-constructed register descriptor whose is_valid() method returns false.
The cond argument is a Boolean value that indicates whether this is a true write operation. If cond can be proved to be false then writeMemory is a no-op.
Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.
The documentation for this class was generated from the following file:
