ROSE  0.9.9.109
Public Types | Public Member Functions | Static Public Member Functions | Protected Member Functions | Protected Attributes | List of all members
Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators Class Reference

Description

Defines RISC operators for the SymbolicSemantics domain.

These RISC operators depend on functionality introduced into the SValue class hierarchy at the SymbolicSemantics::SValue level. Therefore, the prototypical value supplied to the constructor or present in the supplied state object must have a dynamic type which is a SymbolicSemantics::SValue.

The RiscOperators object also controls whether use-def information is computed and stored in the SValues. The default is to not compute this information. The set_compute_usedef() method can be used to enable this feature.

Each RISC operator should return a newly allocated semantic value so that the caller can adjust definers for the result without affecting any of the inputs. For example, a no-op that returns its argument should be implemented like this:

return arg->copy(); //correct
return arg; //incorrect
}

Definition at line 777 of file SymbolicSemantics2.h.

#include <SymbolicSemantics2.h>

Inheritance diagram for Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators:
Inheritance graph
[legend]
Collaboration diagram for Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators:
Collaboration graph
[legend]

Public Types

typedef BaseSemantics::RiscOperators Super
 
- Public Types inherited from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators
typedef RiscOperatorsPtr Ptr
 Shared-ownership pointer for a RiscOperators object. More...
 

Public Member Functions

virtual BaseSemantics::RiscOperatorsPtr create (const BaseSemantics::SValuePtr &protoval, SMTSolver *solver=NULL) const ROSE_OVERRIDE
 Virtual allocating constructor. More...
 
virtual BaseSemantics::RiscOperatorsPtr create (const BaseSemantics::StatePtr &state, SMTSolver *solver=NULL) const ROSE_OVERRIDE
 Virtual allocating constructor. More...
 
virtual BaseSemantics::SValuePtr boolean_ (bool b) ROSE_OVERRIDE
 Returns a Boolean value. More...
 
virtual BaseSemantics::SValuePtr number_ (size_t nbits, uint64_t value) ROSE_OVERRIDE
 Returns a number of the specified bit width. More...
 
bool computingUseDef () const ROSE_DEPRECATED("use computingDefiners instead")
 
void computingUseDef (bool b) ROSE_DEPRECATED("use computingDefiners instead")
 
void set_compute_usedef (bool b=true) ROSE_DEPRECATED("use computingDefiners instead")
 
void clear_compute_usedef () ROSE_DEPRECATED("use computingDefiners instead")
 
bool get_compute_usedef () ROSE_DEPRECATED("use computingDefiners instead")
 
void set_compute_memwriters (bool b=true) ROSE_DEPRECATED("use computingMemoryWriters instead")
 
void clear_compute_memwriters () ROSE_DEPRECATED("use computingMemoryWriters instead")
 
bool get_compute_memwriters () const ROSE_DEPRECATED("use computingMemoryWriters instead")
 
bool getset_omit_cur_insn (bool b)
 
virtual void substitute (const SValuePtr &from, const SValuePtr &to)
 Substitute all occurrences of from with to in the current state. More...
 
virtual BaseSemantics::SValuePtr filterResult (const BaseSemantics::SValuePtr &)
 Filters results from RISC operators. More...
 
virtual void interrupt (int majr, int minr) ROSE_OVERRIDE
 Invoked for instructions that cause an interrupt. More...
 
virtual BaseSemantics::SValuePtr and_ (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE
 Computes bit-wise AND of two values. More...
 
virtual BaseSemantics::SValuePtr or_ (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE
 Computes bit-wise OR of two values. More...
 
virtual BaseSemantics::SValuePtr xor_ (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE
 Computes bit-wise XOR of two values. More...
 
virtual BaseSemantics::SValuePtr invert (const BaseSemantics::SValuePtr &a_) ROSE_OVERRIDE
 One's complement. More...
 
virtual BaseSemantics::SValuePtr extract (const BaseSemantics::SValuePtr &a_, size_t begin_bit, size_t end_bit) ROSE_OVERRIDE
 Extracts bits from a value. More...
 
virtual BaseSemantics::SValuePtr concat (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE
 Concatenates the bits of two values. More...
 
virtual BaseSemantics::SValuePtr leastSignificantSetBit (const BaseSemantics::SValuePtr &a_) ROSE_OVERRIDE
 Returns position of least significant set bit; zero when no bits are set. More...
 
virtual BaseSemantics::SValuePtr mostSignificantSetBit (const BaseSemantics::SValuePtr &a_) ROSE_OVERRIDE
 Returns position of most significant set bit; zero when no bits are set. More...
 
virtual BaseSemantics::SValuePtr rotateLeft (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &sa_) ROSE_OVERRIDE
 Rotate bits to the left. More...
 
virtual BaseSemantics::SValuePtr rotateRight (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &sa_) ROSE_OVERRIDE
 Rotate bits to the right. More...
 
virtual BaseSemantics::SValuePtr shiftLeft (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &sa_) ROSE_OVERRIDE
 Returns arg shifted left. More...
 
virtual BaseSemantics::SValuePtr shiftRight (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &sa_) ROSE_OVERRIDE
 Returns arg shifted right logically (no sign bit). More...
 
virtual BaseSemantics::SValuePtr shiftRightArithmetic (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &sa_) ROSE_OVERRIDE
 Returns arg shifted right arithmetically (with sign bit). More...
 
virtual BaseSemantics::SValuePtr equalToZero (const BaseSemantics::SValuePtr &a_) ROSE_OVERRIDE
 Determines whether a value is equal to zero. More...
 
virtual BaseSemantics::SValuePtr ite (const BaseSemantics::SValuePtr &sel_, const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE
 If-then-else. More...
 
virtual BaseSemantics::SValuePtr unsignedExtend (const BaseSemantics::SValuePtr &a_, size_t new_width) ROSE_OVERRIDE
 Extend (or shrink) operand a so it is nbits wide by adding or removing high-order bits. More...
 
virtual BaseSemantics::SValuePtr signExtend (const BaseSemantics::SValuePtr &a_, size_t new_width) ROSE_OVERRIDE
 Sign extends a value. More...
 
virtual BaseSemantics::SValuePtr add (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE
 Adds two integers of equal size. More...
 
virtual BaseSemantics::SValuePtr addWithCarries (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_, const BaseSemantics::SValuePtr &c_, BaseSemantics::SValuePtr &carry_out) ROSE_OVERRIDE
 Add two values of equal size and a carry bit. More...
 
virtual BaseSemantics::SValuePtr negate (const BaseSemantics::SValuePtr &a_) ROSE_OVERRIDE
 Two's complement. More...
 
virtual BaseSemantics::SValuePtr signedDivide (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE
 Divides two signed values. More...
 
virtual BaseSemantics::SValuePtr signedModulo (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE
 Calculates modulo with signed values. More...
 
virtual BaseSemantics::SValuePtr signedMultiply (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE
 Multiplies two signed values. More...
 
virtual BaseSemantics::SValuePtr unsignedDivide (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE
 Divides two unsigned values. More...
 
virtual BaseSemantics::SValuePtr unsignedModulo (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE
 Calculates modulo with unsigned values. More...
 
virtual BaseSemantics::SValuePtr unsignedMultiply (const BaseSemantics::SValuePtr &a_, const BaseSemantics::SValuePtr &b_) ROSE_OVERRIDE
 Multiply two unsigned values. More...
 
virtual BaseSemantics::SValuePtr readRegister (RegisterDescriptor reg, const BaseSemantics::SValuePtr &dflt) ROSE_OVERRIDE
 Reads a value from a register. More...
 
virtual BaseSemantics::SValuePtr peekRegister (RegisterDescriptor reg, const BaseSemantics::SValuePtr &dflt) ROSE_OVERRIDE
 Obtain a register value without side effects. More...
 
virtual void writeRegister (RegisterDescriptor reg, const BaseSemantics::SValuePtr &a_) ROSE_OVERRIDE
 Writes a value to a register. More...
 
virtual BaseSemantics::SValuePtr readMemory (RegisterDescriptor segreg, const BaseSemantics::SValuePtr &addr, const BaseSemantics::SValuePtr &dflt, const BaseSemantics::SValuePtr &cond) ROSE_OVERRIDE
 Reads a value from memory. More...
 
virtual void writeMemory (RegisterDescriptor segreg, const BaseSemantics::SValuePtr &addr, const BaseSemantics::SValuePtr &data, const BaseSemantics::SValuePtr &cond) ROSE_OVERRIDE
 Writes a value to memory. More...
 
void computingDefiners (DefinersMode m)
 Property: Track which instructions define a semantic value. More...
 
DefinersMode computingDefiners () const
 Property: Track which instructions define a semantic value. More...
 
void computingMemoryWriters (WritersMode m)
 Property: Track which instructions write to each memory location. More...
 
WritersMode computingMemoryWriters () const
 Property: Track which instructions write to each memory location. More...
 
void computingRegisterWriters (WritersMode m)
 Property: Track latest writer to each register. More...
 
WritersMode computingRegisterWriters () const
 Property: Track latest writer to each register. More...
 
void trimThreshold (size_t n)
 Property: Maximum size of expressions. More...
 
size_t trimThreshold () const
 Property: Maximum size of expressions. More...
 
- Public Member Functions inherited from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators
virtual SValuePtr protoval () const
 Property: Prototypical semantic value. More...
 
virtual SValuePtr get_protoval () const ROSE_DEPRECATED("use protoval instead")
 
virtual void set_solver (SMTSolver *s) ROSE_DEPRECATED("use solver instead")
 
virtual SMTSolverget_solver () const ROSE_DEPRECATED("use solver instead")
 
virtual StatePtr get_state () const ROSE_DEPRECATED("use currentState instead")
 
virtual void set_state (const StatePtr &s) ROSE_DEPRECATED("use currentState instead")
 
virtual const std::string & get_name () const ROSE_DEPRECATED("use name instead")
 
virtual void set_name (const std::string &s) ROSE_DEPRECATED("use name instead")
 
virtual size_t get_ninsns () const ROSE_DEPRECATED("use nInsns instead")
 
virtual void set_ninsns (size_t n) ROSE_DEPRECATED("use nInsns instead")
 
virtual SgAsmInstructioncurrentInstruction () const
 Returns current instruction. More...
 
virtual SgAsmInstructionget_insn () const ROSE_DEPRECATED("use currentInstruction instead")
 
virtual void startInstruction (SgAsmInstruction *insn)
 Called at the beginning of every instruction. More...
 
virtual void finishInstruction (SgAsmInstruction *insn)
 Called at the end of every instruction. More...
 
virtual SValuePtr undefined_ (size_t nbits)
 Returns a new undefined value. More...
 
virtual SValuePtr unspecified_ (size_t nbits)
 
virtual SValuePtr bottom_ (size_t nbits)
 Returns a data-flow bottom value. More...
 
virtual SValuePtr filterCallTarget (const SValuePtr &a)
 Invoked to filter call targets. More...
 
virtual SValuePtr filterReturnTarget (const SValuePtr &a)
 Invoked to filter return targets. More...
 
virtual SValuePtr filterIndirectJumpTarget (const SValuePtr &a)
 Invoked to filter indirect jumps. More...
 
virtual void hlt ()
 Invoked for the x86 HLT instruction. More...
 
virtual void cpuid ()
 Invoked for the x86 CPUID instruction. More...
 
virtual SValuePtr rdtsc ()
 Invoked for the x86 RDTSC instruction. More...
 
virtual SValuePtr subtract (const SValuePtr &minuend, const SValuePtr &subtrahend)
 Subtract one value from another. More...
 
virtual SValuePtr fpFromInteger (const SValuePtr &intValue, SgAsmFloatType *fpType)
 Construct a floating-point value from an integer value. More...
 
virtual SValuePtr fpToInteger (const SValuePtr &fpValue, SgAsmFloatType *fpType, const SValuePtr &dflt)
 Construct an integer value from a floating-point value. More...
 
virtual SValuePtr fpConvert (const SValuePtr &a, SgAsmFloatType *aType, SgAsmFloatType *retType)
 Convert from one floating-point type to another. More...
 
virtual SValuePtr fpIsNan (const SValuePtr &fpValue, SgAsmFloatType *fpType)
 Whether a floating-point value is a special not-a-number bit pattern. More...
 
virtual SValuePtr fpIsDenormalized (const SValuePtr &fpValue, SgAsmFloatType *fpType)
 Whether a floating-point value is denormalized. More...
 
virtual SValuePtr fpIsZero (const SValuePtr &fpValue, SgAsmFloatType *fpType)
 Whether a floating-point value is equal to zero. More...
 
virtual SValuePtr fpIsInfinity (const SValuePtr &fpValue, SgAsmFloatType *fpType)
 Whether a floating-point value is infinity. More...
 
virtual SValuePtr fpSign (const SValuePtr &fpValue, SgAsmFloatType *fpType)
 Sign of floating-point value. More...
 
virtual SValuePtr fpEffectiveExponent (const SValuePtr &fpValue, SgAsmFloatType *fpType)
 Exponent of floating-point value. More...
 
virtual SValuePtr fpAdd (const SValuePtr &a, const SValuePtr &b, SgAsmFloatType *fpType)
 Add two floating-point values. More...
 
virtual SValuePtr fpSubtract (const SValuePtr &a, const SValuePtr &b, SgAsmFloatType *fpType)
 Subtract one floating-point value from another. More...
 
virtual SValuePtr fpMultiply (const SValuePtr &a, const SValuePtr &b, SgAsmFloatType *fpType)
 Multiply two floating-point values. More...
 
virtual SValuePtr fpDivide (const SValuePtr &a, const SValuePtr &b, SgAsmFloatType *fpType)
 Divide one floating-point value by another. More...
 
virtual SValuePtr fpSquareRoot (const SValuePtr &a, SgAsmFloatType *fpType)
 Square root. More...
 
virtual SValuePtr fpRoundTowardZero (const SValuePtr &a, SgAsmFloatType *fpType)
 Round toward zero. More...
 
virtual SMTSolversolver () const
 Property: Satisfiability module theory (SMT) solver. More...
 
virtual void solver (SMTSolver *s)
 Property: Satisfiability module theory (SMT) solver. More...
 
virtual StatePtr currentState () const
 Property: Current semantic state. More...
 
virtual void currentState (const StatePtr &s)
 Property: Current semantic state. More...
 
virtual StatePtr initialState () const
 Property: Optional lazily updated initial state. More...
 
virtual void initialState (const StatePtr &s)
 Property: Optional lazily updated initial state. More...
 
virtual const std::string & name () const
 Property: Name used for debugging. More...
 
virtual void name (const std::string &s)
 Property: Name used for debugging. More...
 
void print (std::ostream &stream, const std::string prefix="") const
 Print multi-line output for this object.
 
virtual void print (std::ostream &stream, Formatter &fmt) const
 Print multi-line output for this object.
 
WithFormatter with_format (Formatter &fmt)
 Used for printing RISC operators with formatting. More...
 
WithFormatter operator+ (Formatter &fmt)
 Used for printing RISC operators with formatting. More...
 
virtual size_t nInsns () const
 Property: Number of instructions processed. More...
 
virtual void nInsns (size_t n)
 Property: Number of instructions processed. More...
 
SValuePtr equal (const SValuePtr &a, const SValuePtr &b) ROSE_DEPRECATED("use isEqual instead")
 Equality comparison. More...
 
virtual SValuePtr isEqual (const SValuePtr &a, const SValuePtr &b)
 Equality comparison. More...
 
virtual SValuePtr isNotEqual (const SValuePtr &a, const SValuePtr &b)
 Equality comparison. More...
 
virtual SValuePtr isUnsignedLessThan (const SValuePtr &a, const SValuePtr &b)
 Comparison for unsigned values. More...
 
virtual SValuePtr isUnsignedLessThanOrEqual (const SValuePtr &a, const SValuePtr &b)
 Comparison for unsigned values. More...
 
virtual SValuePtr isUnsignedGreaterThan (const SValuePtr &a, const SValuePtr &b)
 Comparison for unsigned values. More...
 
virtual SValuePtr isUnsignedGreaterThanOrEqual (const SValuePtr &a, const SValuePtr &b)
 Comparison for unsigned values. More...
 
virtual SValuePtr isSignedLessThan (const SValuePtr &a, const SValuePtr &b)
 Comparison for signed values. More...
 
virtual SValuePtr isSignedLessThanOrEqual (const SValuePtr &a, const SValuePtr &b)
 Comparison for signed values. More...
 
virtual SValuePtr isSignedGreaterThan (const SValuePtr &a, const SValuePtr &b)
 Comparison for signed values. More...
 
virtual SValuePtr isSignedGreaterThanOrEqual (const SValuePtr &a, const SValuePtr &b)
 Comparison for signed values. More...
 
virtual SValuePtr readRegister (RegisterDescriptor reg)
 Reads a value from a register. More...
 

Static Public Member Functions

static RiscOperatorsPtr instance (const RegisterDictionary *regdict, SMTSolver *solver=NULL)
 Instantiates a new RiscOperators object and configures it to use semantic values and states that are defaults for SymbolicSemantics. More...
 
static RiscOperatorsPtr instance (const BaseSemantics::SValuePtr &protoval, SMTSolver *solver=NULL)
 Instantiates a new RiscOperators object with specified prototypical values. More...
 
static RiscOperatorsPtr instance (const BaseSemantics::StatePtr &state, SMTSolver *solver=NULL)
 Instantiates a new RiscOperators object with specified state. More...
 
static RiscOperatorsPtr promote (const BaseSemantics::RiscOperatorsPtr &x)
 Run-time promotion of a base RiscOperators pointer to symbolic operators. More...
 
- Static Public Member Functions inherited from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators
static RiscOperatorsPtr promote (const RiscOperatorsPtr &x)
 

Protected Member Functions

 RiscOperators (const BaseSemantics::SValuePtr &protoval, SMTSolver *solver=NULL)
 
 RiscOperators (const BaseSemantics::StatePtr &state, SMTSolver *solver=NULL)
 
SValuePtr svalue_expr (const ExprPtr &expr, const InsnSet &defs=InsnSet())
 
SValuePtr svalue_undefined (size_t nbits)
 
SValuePtr svalue_bottom (size_t nbits)
 
SValuePtr svalue_unspecified (size_t nbits)
 
SValuePtr svalue_number (size_t nbits, uint64_t value)
 
SValuePtr svalue_boolean (bool b)
 
- Protected Member Functions inherited from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators
 RiscOperators (const SValuePtr &protoval, SMTSolver *solver=NULL)
 
 RiscOperators (const StatePtr &state, SMTSolver *solver=NULL)
 

Protected Attributes

bool omit_cur_insn
 
DefinersMode computingDefiners_
 
WritersMode computingMemoryWriters_
 
WritersMode computingRegisterWriters_
 
size_t trimThreshold_
 

Member Function Documentation

static RiscOperatorsPtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::instance ( const RegisterDictionary regdict,
SMTSolver solver = NULL 
)
inlinestatic
static RiscOperatorsPtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::instance ( const BaseSemantics::SValuePtr protoval,
SMTSolver solver = NULL 
)
inlinestatic

Instantiates a new RiscOperators object with specified prototypical values.

An SMT solver may be specified as the second argument for convenience. See solver for details.

Definition at line 841 of file SymbolicSemantics2.h.

References Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators::solver().

static RiscOperatorsPtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::instance ( const BaseSemantics::StatePtr state,
SMTSolver solver = NULL 
)
inlinestatic

Instantiates a new RiscOperators object with specified state.

An SMT solver may be specified as the second argument for convenience. See solver for details.

Definition at line 847 of file SymbolicSemantics2.h.

References Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators::solver().

virtual BaseSemantics::RiscOperatorsPtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::create ( const BaseSemantics::SValuePtr protoval,
SMTSolver solver = NULL 
) const
inlinevirtual

Virtual allocating constructor.

The protoval is a prototypical semantic value that is used as a factory to create additional values as necessary via its virtual constructors. The state upon which the RISC operations operate must be set by modifying the currentState property. An optional SMT solver may be specified (see solver).

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

Reimplemented in Rose::BinaryAnalysis::Partitioner2::Semantics::RiscOperators, and Rose::BinaryAnalysis::InstructionSemantics2::LlvmSemantics::RiscOperators.

Definition at line 854 of file SymbolicSemantics2.h.

References instance(), and Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators::solver().

virtual BaseSemantics::RiscOperatorsPtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::create ( const BaseSemantics::StatePtr state,
SMTSolver solver = NULL 
) const
inlinevirtual

Virtual allocating constructor.

The supplied state is that upon which the RISC operations operate and is also used to define the prototypical semantic value. Other states can be supplied by setting currentState. The prototypical semantic value is used as a factory to create additional values as necessary via its virtual constructors. An optional SMT solver may be specified (see solver).

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

Reimplemented in Rose::BinaryAnalysis::Partitioner2::Semantics::RiscOperators, and Rose::BinaryAnalysis::InstructionSemantics2::LlvmSemantics::RiscOperators.

Definition at line 859 of file SymbolicSemantics2.h.

References instance(), and Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators::solver().

static RiscOperatorsPtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::promote ( const BaseSemantics::RiscOperatorsPtr x)
inlinestatic

Run-time promotion of a base RiscOperators pointer to symbolic operators.

This is a checked conversion–it will fail if x does not point to a SymbolicSemantics::RiscOperators object.

Definition at line 869 of file SymbolicSemantics2.h.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::boolean_ ( bool  value)
inlinevirtual
virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::number_ ( size_t  nbits,
uint64_t  value 
)
inlinevirtual
void Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::computingDefiners ( DefinersMode  m)
inline

Property: Track which instructions define a semantic value.

Each semantic value (SValue) is capable of storing a set of instruction addresses. This property controls how operations that produce new semantic values adjust those definers-sets in the new value.

  • TRACK_NO_DEFINERS: Each new semantic value will have a default-constructed definers-set (probably empty). Using this setting makes the definers-set available for other uses.
  • TRACK_LATEST_DEFINER: The new values will have the default-constructed definers-set unioned with the address of the current instruction (if there is a current instruction).
  • TRACK_ALL_DEFINERS: The new values will have a default-constructed definers-set unioned with the address of the current instruciton (if there is one), and the addresses of the definers-sets of the operands. Certain operations are able to simplify these sets. For example, an exclusive-or whose two operands are equal will return a zero result whose only definer is the current instruction.

Definition at line 963 of file SymbolicSemantics2.h.

DefinersMode Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::computingDefiners ( ) const
inline

Property: Track which instructions define a semantic value.

Each semantic value (SValue) is capable of storing a set of instruction addresses. This property controls how operations that produce new semantic values adjust those definers-sets in the new value.

  • TRACK_NO_DEFINERS: Each new semantic value will have a default-constructed definers-set (probably empty). Using this setting makes the definers-set available for other uses.
  • TRACK_LATEST_DEFINER: The new values will have the default-constructed definers-set unioned with the address of the current instruction (if there is a current instruction).
  • TRACK_ALL_DEFINERS: The new values will have a default-constructed definers-set unioned with the address of the current instruciton (if there is one), and the addresses of the definers-sets of the operands. Certain operations are able to simplify these sets. For example, an exclusive-or whose two operands are equal will return a zero result whose only definer is the current instruction.

Definition at line 964 of file SymbolicSemantics2.h.

Referenced by boolean_(), and number_().

void Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::computingMemoryWriters ( WritersMode  m)
inline

Property: Track which instructions write to each memory location.

Each memory location stores a set of addresses that represent the instructions that wrote to that location. This property controls how each writeMemory operation updates that set.

  • TRACK_NO_WRITERS: Does not update the memory state's writers information. Using this setting will make that data structure available for other purposes. The data structure can store a set of addresses independently for each memory cell.
  • TRACK_LATEST_WRITER: Each write operation clobbers all previous write information for the affected memory address and stores the address of the current instruction (if there is one).
  • TRACK_ALL_WRITERS: Each write operation inserts the instruction address into the set of addresses stored for the affected memory cell without removing any addresses that are already associated with that cell. While this works well for analysis over a small region of code (like a single function), it might cause the writer sets to become very large when the same memory state is used over large regions (like a whole program).

Definition at line 985 of file SymbolicSemantics2.h.

WritersMode Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::computingMemoryWriters ( ) const
inline

Property: Track which instructions write to each memory location.

Each memory location stores a set of addresses that represent the instructions that wrote to that location. This property controls how each writeMemory operation updates that set.

  • TRACK_NO_WRITERS: Does not update the memory state's writers information. Using this setting will make that data structure available for other purposes. The data structure can store a set of addresses independently for each memory cell.
  • TRACK_LATEST_WRITER: Each write operation clobbers all previous write information for the affected memory address and stores the address of the current instruction (if there is one).
  • TRACK_ALL_WRITERS: Each write operation inserts the instruction address into the set of addresses stored for the affected memory cell without removing any addresses that are already associated with that cell. While this works well for analysis over a small region of code (like a single function), it might cause the writer sets to become very large when the same memory state is used over large regions (like a whole program).

Definition at line 986 of file SymbolicSemantics2.h.

void Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::computingRegisterWriters ( WritersMode  m)
inline

Property: Track latest writer to each register.

Controls whether each writeRegister operation updates the list of writers. The following values are allowed for this property:

  • TRACK_NO_WRITERS: Does not update the register state's writers information. Using this setting will make that data structure available for other purposes. The data structure can store a set of addresses independently for each bit of each register.
  • TRACK_LATEST_WRITER: Each write operation clobbers all previous write information for the affected register. This information is stored per bit so that if instruction 1 writes to EAX and then instruction 2 writes to AX then the high-order 16 bits of EAX will have {1} as the writer set while the low order bits will have {2} as its writer set.
  • TRACK_ALL_WRITERS: Each write operation inserts the instruction address into the set of addresses stored for the affected register (or register part) without removing any addresses that are already associated with that register. While this works well for analysis over a small region of code (like a single function), it might cause the writer sets to become very large when the same register state is used over large regions (like a whole program).

Definition at line 1021 of file SymbolicSemantics2.h.

WritersMode Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::computingRegisterWriters ( ) const
inline

Property: Track latest writer to each register.

Controls whether each writeRegister operation updates the list of writers. The following values are allowed for this property:

  • TRACK_NO_WRITERS: Does not update the register state's writers information. Using this setting will make that data structure available for other purposes. The data structure can store a set of addresses independently for each bit of each register.
  • TRACK_LATEST_WRITER: Each write operation clobbers all previous write information for the affected register. This information is stored per bit so that if instruction 1 writes to EAX and then instruction 2 writes to AX then the high-order 16 bits of EAX will have {1} as the writer set while the low order bits will have {2} as its writer set.
  • TRACK_ALL_WRITERS: Each write operation inserts the instruction address into the set of addresses stored for the affected register (or register part) without removing any addresses that are already associated with that register. While this works well for analysis over a small region of code (like a single function), it might cause the writer sets to become very large when the same register state is used over large regions (like a whole program).

Definition at line 1022 of file SymbolicSemantics2.h.

void Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::trimThreshold ( size_t  n)
inline

Property: Maximum size of expressions.

Symbolic expressions can get very large very quickly. This property controls how large a symbolic expression can grow before it's substituted with a new variable. The default, zero, means to never limit the size of expressions.

Definition at line 1034 of file SymbolicSemantics2.h.

size_t Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::trimThreshold ( ) const
inline

Property: Maximum size of expressions.

Symbolic expressions can get very large very quickly. This property controls how large a symbolic expression can grow before it's substituted with a new variable. The default, zero, means to never limit the size of expressions.

Definition at line 1035 of file SymbolicSemantics2.h.

virtual void Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::substitute ( const SValuePtr from,
const SValuePtr to 
)
virtual

Substitute all occurrences of from with to in the current state.

For instance, in functions that use a frame pointer set up with "push ebp; mov ebp, esp", it is convenient to see stack offsets in terms of the function's stack frame rather than in terms of the original esp value. This convenience comes from the fact that compilers tend to emit stack accessing code where the addresses are offsets from the function's stack frame.

For instance, after the "push ebp; mov ebp, esp" prologue, the machine state is:

registers:
esp = (add[32] esp_0[32] -4[32])
ebp = (add[32] esp_0[32] -4[32])
eip = 0x080480a3[32]
memory:
addr=(add[32] esp_0[32] -1[32]) value=(extract[8] 24[32] 32[32] ebp_0[32])
addr=(add[32] esp_0[32] -2[32]) value=(extract[8] 16[32] 24[32] ebp_0[32])
addr=(add[32] esp_0[32] -3[32]) value=(extract[8] 8[32] 16[32] ebp_0[32])
addr=(add[32] esp_0[32] -4[32]) value=(extract[8] 0[32] 8[32] ebp_0[32])

If we create a new variable called "stack_frame" where

stack_frame = esp_0 - 4

Solving for esp_0:

esp_0 = stack_frame + 4

Then replacing the lhs (esp_0) with the rhs (stack_frame + 4) in the machine state causes the expressions to be rewritten in terms of stack_frame instead of esp_0:

registers:
esp = stack_frame[32]
ebp = stack_frame[32]
eip = 0x080480a3[32]
memory:
addr=(add[32] stack_frame[32] 3[32]) value=(extract[8] 24[32] 32[32] ebp_0[32])
addr=(add[32] stack_frame[32] 2[32]) value=(extract[8] 16[32] 24[32] ebp_0[32])
addr=(add[32] stack_frame[32] 1[32]) value=(extract[8] 8[32] 16[32] ebp_0[32])
addr=stack_frame[32] value=(extract[8] 0[32] 8[32] ebp_0[32])

Here's the source code for that substitution:

SymbolicSemantics::SValuePtr original_esp = ...; //probably read from the initial state
BaseSemantics::SValuePtr stack_frame = operators->undefined_(32);
stack_frame->set_comment("stack_frame"); //just so output looks nice
operators->add(stack_frame, operators->number_(32, 4))
);
std::cerr <<"Prior to state:\n" <<*operators;
operators->substitute(original_esp, rhs);
std::cerr <<"Substituted state:\n" <<*operators;
virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::filterResult ( const BaseSemantics::SValuePtr )
virtual

Filters results from RISC operators.

Checks that the size of the specified expression doesn't exceed the trimThreshold. If not (or the threshold is zero), returns the argument, otherwise returns a new variable.

virtual void Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::interrupt ( int  majr,
int  minr 
)
virtual

Invoked for instructions that cause an interrupt.

The major and minor numbers are architecture specific. For instance, an x86 INT instruction uses major number zero and the minor number is the interrupt number (e.g., 0x80 for Linux system calls), while an x86 SYSENTER instruction uses major number one. The minr operand for INT3 is -3 to distinguish it from the one-argument "INT 3" instruction which has slightly different semantics.

Reimplemented from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::and_ ( const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr b 
)
virtual

Computes bit-wise AND of two values.

The operands must both have the same width; the result must be the same width as the operands.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::or_ ( const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr b 
)
virtual

Computes bit-wise OR of two values.

The operands a and b must have the same width; the return value width will be the same as a and b.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::xor_ ( const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr b 
)
virtual

Computes bit-wise XOR of two values.

The operands a and b must have the same width; the result will be the same width as a and b.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::invert ( const BaseSemantics::SValuePtr a)
virtual

One's complement.

The result will be the same size as the operand.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::extract ( const BaseSemantics::SValuePtr a,
size_t  begin_bit,
size_t  end_bit 
)
virtual

Extracts bits from a value.

The specified bits from begin_bit (inclusive) through end_bit (exclusive) are copied into the low-order bits of the return value (other bits in the return value are cleared). The least significant bit is number zero. The begin_bit and end_bit values must be valid for the width of a.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::concat ( const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr b 
)
virtual

Concatenates the bits of two values.

The bits of a and b are concatenated so that the result has b in the high-order bits and a in the low order bits. The width of the return value is the sum of the widths of a and b.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::leastSignificantSetBit ( const BaseSemantics::SValuePtr a)
virtual

Returns position of least significant set bit; zero when no bits are set.

The return value will have the same width as the operand, although this can be safely truncated to the log-base-2 + 1 width.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::mostSignificantSetBit ( const BaseSemantics::SValuePtr a)
virtual

Returns position of most significant set bit; zero when no bits are set.

The return value will have the same width as the operand, although this can be safely truncated to the log-base-2 + 1 width.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::rotateLeft ( const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr nbits 
)
virtual

Rotate bits to the left.

The return value will have the same width as operand a. The nbits is interpreted as unsigned. The behavior is modulo the width of a regardles of whether the implementation makes that a special case or handles it naturally.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::rotateRight ( const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr nbits 
)
virtual

Rotate bits to the right.

The return value will have the same width as operand a. The nbits is interpreted as unsigned. The behavior is modulo the width of a regardles of whether the implementation makes that a special case or handles it naturally.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::shiftLeft ( const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr nbits 
)
virtual

Returns arg shifted left.

The return value will have the same width as operand a. The nbits is interpreted as unsigned. New bits shifted into the value are zero. If nbits is equal to or larger than the width of a then the result is zero.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::shiftRight ( const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr nbits 
)
virtual

Returns arg shifted right logically (no sign bit).

The return value will have the same width as operand a. The nbits is interpreted as unsigned. New bits shifted into the value are zero. If nbits is equal to or larger than the width of a then the result is zero.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::shiftRightArithmetic ( const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr nbits 
)
virtual

Returns arg shifted right arithmetically (with sign bit).

The return value will have the same width as operand a. The nbits is interpreted as unsigned. New bits shifted into the value are the same as the most significant bit (the "sign bit"). If nbits is equal to or larger than the width of a then the result has all bits cleared or all bits set depending on whether the most significant bit was originally clear or set.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::equalToZero ( const BaseSemantics::SValuePtr a)
virtual

Determines whether a value is equal to zero.

Returns true, false, or undefined (in the semantic domain) depending on whether argument is zero.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::ite ( const BaseSemantics::SValuePtr cond,
const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr b 
)
virtual

If-then-else.

Returns operand a if cond is true, operand b if cond is false, or some other value if the condition is unknown. The condition must be one bit wide; the widths of a and b must be equal; the return value width will be the same as a and b.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::unsignedExtend ( const BaseSemantics::SValuePtr a,
size_t  new_width 
)
virtual

Extend (or shrink) operand a so it is nbits wide by adding or removing high-order bits.

Added bits are always zeros. The result will be the specified new_width.

Reimplemented from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::signExtend ( const BaseSemantics::SValuePtr a,
size_t  new_width 
)
virtual

Sign extends a value.

The result will the the specified new_width, which must be at least as large as the original width.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::add ( const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr b 
)
virtual

Adds two integers of equal size.

The width of a and b must be equal; the return value will have the same width as a and b.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::addWithCarries ( const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr b,
const BaseSemantics::SValuePtr c,
BaseSemantics::SValuePtr carry_out 
)
virtual

Add two values of equal size and a carry bit.

Carry information is returned via carry_out argument. The carry_out value is the tick marks that are written above the first addend when doing long arithmetic like a 2nd grader would do (of course, they'd probably be adding two base-10 numbers). For instance, when adding 00110110 and 11100100:

'''..'.. <-- carry tick marks: '=carry .=no carry
00110110
+ 11100100
----------
100011010

The carry_out value is 11100100.

The width of a and b must be equal; c must have a width of one bit; the return value and carry_out will be the same width as a and b. The carry_out value is allocated herein.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::negate ( const BaseSemantics::SValuePtr a)
virtual

Two's complement.

The return value will have the same width as the operand.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::signedDivide ( const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr b 
)
virtual

Divides two signed values.

The width of the result will be the same as the width of operand a.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::signedModulo ( const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr b 
)
virtual

Calculates modulo with signed values.

The width of the result will be the same as the width of operand b.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::signedMultiply ( const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr b 
)
virtual

Multiplies two signed values.

The width of the result will be the sum of the widths of a and b.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::unsignedDivide ( const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr b 
)
virtual

Divides two unsigned values.

The width of the result is the same as the width of operand a.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::unsignedModulo ( const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr b 
)
virtual

Calculates modulo with unsigned values.

The width of the result is the same as the width of operand b.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::unsignedMultiply ( const BaseSemantics::SValuePtr a,
const BaseSemantics::SValuePtr b 
)
virtual

Multiply two unsigned values.

The width of the result is the sum of the widths of a and b.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::readRegister ( RegisterDescriptor  reg,
const BaseSemantics::SValuePtr dflt 
)
virtual

Reads a value from a register.

The base implementation simply delegates to the current semantic State, which probably delegates to a register state, but subclasses are welcome to override this behavior at any level.

A register state will typically implement storage for hardware registers, but higher layers (the State, RiscOperators, Dispatcher, ...) should not be concerned about the size of the register they're trying to read. For example, a register state for a 32-bit x86 architecture will likely have a storage location for the 32-bit EAX register, but it should be possible to ask readRegister to return the value of AX (the low-order 16-bits). In order to accomplish this, some level of the readRegister delegations needs to invoke extract to obtain the low 16 bits. The RiscOperators object is passed along the delegation path for this purpose. The inverse concat operation will be needed at some level when we ask readRegister to return a value that comes from multiple storage locations in the register state (such as can happen if an x86 register state holds individual status flags and we ask for the 32-bit EFLAGS register).

If the register state can distinguish between a register that has never been accessed and a register that has only been read, then the dflt value is stored into the register the first time it's read. This ensures that reading the register a second time with no intervening write will return the same value as the first read. If a dflt is not provided then one is constructed by invoking undefined_.

There needs to be a certain level of cooperation between the RiscOperators, State, and register state classes to decide which layer should invoke the extract or concat (or whatever other RISC operations might be necessary).

Reimplemented from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::peekRegister ( RegisterDescriptor  ,
const BaseSemantics::SValuePtr dflt 
)
virtual

Obtain a register value without side effects.

This is a lower-level operation than readRegister in that it doesn't cause the register to be marked as having been read. It is typically used in situations where the register is being accessed for analysis purposes rather than as part of an instruction emulation.

Reimplemented from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual void Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::writeRegister ( RegisterDescriptor  reg,
const BaseSemantics::SValuePtr a 
)
virtual

Writes a value to a register.

The base implementation simply delegates to the current semantic State, which probably delegates to a register state, but subclasses are welcome to override this behavior at any level.

As with readRegister, writeRegister may need to perform various RISC operations in order to accomplish the task of writing a value to the specified register when the underlying register state doesn't actually store a value for that specific register. The RiscOperations object is passed along for that purpose. See readRegister for more details.

Reimplemented from Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

virtual BaseSemantics::SValuePtr Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::readMemory ( RegisterDescriptor  segreg,
const BaseSemantics::SValuePtr addr,
const BaseSemantics::SValuePtr dflt,
const BaseSemantics::SValuePtr cond 
)
virtual

Reads a value from memory.

The implementation (in subclasses) will typically delegate much of the work to the current state's readMemory method.

A MemoryState will implement storage for memory locations and might impose certain restrictions, such as "all memory values must be eight bits". However, the readMemory should not have these constraints so that it can be called from a variety of Dispatcher subclass (e.g., the DispatcherX86 class assumes that readMemory is capable of reading 32-bit values from little-endian memory). The designers of the MemoryState, State, and RiscOperators should collaborate to decide which layer (RiscOperators, State, or MemoryState) is reponsible for combining individual memory locations into larger values. A RiscOperators object is passed along the chain of delegations for this purpose. The RiscOperators might also contain other data that's import during the process, such as an SMT solver.

The segreg argument is an optional segment register. Most architectures have a flat virtual address space and will pass a default-constructed register descriptor whose is_valid() method returns false.

The cond argument is a Boolean value that indicates whether this is a true read operation. If cond can be proven to be false then the read is a no-op and returns an arbitrary value.

The dflt argument determines the size of the value to be read. This argument is also passed along to the lower layers so that they can, if they desire, use it to initialize memory that has never been read or written before.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

Reimplemented in Rose::BinaryAnalysis::InstructionSemantics2::LlvmSemantics::RiscOperators.

virtual void Rose::BinaryAnalysis::InstructionSemantics2::SymbolicSemantics::RiscOperators::writeMemory ( RegisterDescriptor  segreg,
const BaseSemantics::SValuePtr addr,
const BaseSemantics::SValuePtr data,
const BaseSemantics::SValuePtr cond 
)
virtual

Writes a value to memory.

The implementation (in subclasses) will typically delegate much of the work to the current state's writeMemory method.

The segreg argument is an optional segment register. Most architectures have a flat virtual address space and will pass a default-constructed register descriptor whose is_valid() method returns false.

The cond argument is a Boolean value that indicates whether this is a true write operation. If cond can be proved to be false then writeMemory is a no-op.

Implements Rose::BinaryAnalysis::InstructionSemantics2::BaseSemantics::RiscOperators.

Reimplemented in Rose::BinaryAnalysis::InstructionSemantics2::LlvmSemantics::RiscOperators.


The documentation for this class was generated from the following file: