ROSE  0.11.145.0
Classes | Public Types | Public Member Functions | Static Public Member Functions | Protected Member Functions | List of all members
Rose::BinaryAnalysis::Variables::VariableFinder Class Reference

Description

Analysis to find variable locations.

Definition at line 461 of file Variables.h.

#include <Rose/BinaryAnalysis/Variables.h>

Inheritance diagram for Rose::BinaryAnalysis::Variables::VariableFinder:
Inheritance graph
[legend]
Collaboration diagram for Rose::BinaryAnalysis::Variables::VariableFinder:
Collaboration graph
[legend]

Classes

struct  Settings
 Settings that control this analysis. More...
 

Public Types

using Ptr = VariableFinderPtr
 Shared ownership pointer for VariableFinder. More...
 

Public Member Functions

GlobalVariables findGlobalVariables (const Partitioner2::PartitionerConstPtr &)
 Find global variables. More...
 
bool isCached (const Partitioner2::FunctionPtr &)
 Test whether local variable information is cached. More...
 
StackFrame detectFrameAttributes (const Partitioner2::PartitionerConstPtr &, const Partitioner2::FunctionPtr &)
 Figure out attributes describing the stack frame for the specified function. More...
 
void initializeFrameBoundaries (const StackFrame &, const Partitioner2::PartitionerConstPtr &, const Partitioner2::FunctionPtr &, StackVariable::Boundaries &boundaries)
 Initilialize offsets for function prologue. More...
 
std::set< int64_t > findFrameOffsets (const StackFrame &, const Partitioner2::PartitionerConstPtr &, SgAsmInstruction *)
 Find stack variable addresses. More...
 
Partitioner2::FunctionPtr functionForInstruction (const Partitioner2::PartitionerConstPtr &, SgAsmInstruction *)
 Function that owns an instruction. More...
 
AddressToAddresses findGlobalVariableVas (const Partitioner2::PartitionerConstPtr &)
 Find global variable addresses. More...
 
std::set< rose_addr_t > findConstants (const SymbolicExpression::Ptr &)
 Find address constants in an expression. More...
 
std::set< rose_addr_t > findConstants (SgAsmInstruction *)
 Find constants syntactically in an instruction. More...
 
std::set< SymbolicExpression::PtrgetMemoryAddresses (const InstructionSemantics::BaseSemantics::MemoryCellStatePtr &)
 Find addresses in memory state. More...
 
std::set< rose_addr_t > findAddressConstants (const InstructionSemantics::BaseSemantics::MemoryCellStatePtr &)
 Find constants in memory. More...
 
void removeOutliers (const StackFrame &, const Partitioner2::PartitionerConstPtr &, const Partitioner2::FunctionPtr &, StackVariable::Boundaries &sortedBoundaries)
 Remove boundaries that are outside a stack frame. More...
 
const Settingssettings () const
 Settings for this analysis.
 
Settingssettings ()
 Settings for this analysis.
 
StackVariables findStackVariables (const Partitioner2::PartitionerConstPtr &, const Partitioner2::FunctionPtr &)
 Find local variables in a function. More...
 
StackVariables findStackVariables (const Partitioner2::PartitionerConstPtr &, SgAsmInstruction *)
 Find local variables in a function. More...
 
void evict (const Partitioner2::FunctionPtr &)
 Removed cached information. More...
 
void evict (const Partitioner2::PartitionerConstPtr &)
 Removed cached information. More...
 
- Public Member Functions inherited from Sawyer::SharedObject
 SharedObject ()
 Default constructor. More...
 
 SharedObject (const SharedObject &)
 Copy constructor. More...
 
virtual ~SharedObject ()
 Virtual destructor. More...
 
SharedObjectoperator= (const SharedObject &)
 Assignment. More...
 

Static Public Member Functions

static Ptr instance (const Settings &settings=Settings())
 Allocating constructor. More...
 
static bool regionContainsInstructions (const Partitioner2::PartitionerConstPtr &, const AddressInterval &)
 True if memory region contains any decoded instructions. More...
 
static bool regionIsFullyMapped (const Partitioner2::PartitionerConstPtr &, const AddressInterval &)
 True if memory region is fully mapped. More...
 
static bool regionIsFullyReadWrite (const Partitioner2::PartitionerConstPtr &, const AddressInterval &)
 True if memory region is fully mapped with read and write access. More...
 

Protected Member Functions

 VariableFinder (const Settings &)
 

Member Typedef Documentation

Shared ownership pointer for VariableFinder.

Definition at line 473 of file Variables.h.

Member Function Documentation

static Ptr Rose::BinaryAnalysis::Variables::VariableFinder::instance ( const Settings settings = Settings())
static

Allocating constructor.

StackVariables Rose::BinaryAnalysis::Variables::VariableFinder::findStackVariables ( const Partitioner2::PartitionerConstPtr ,
const Partitioner2::FunctionPtr  
)

Find local variables in a function.

Analyzes the given function to find the local (stack) variables, caches and returns the list. If this information is already cached, then this method just returns the cached value.

The second argument can be either a function or an instruction. When it's an instruction, we arbitrarily choose one of the functions that owns the instruction. Usually each instruction is owned by only one function, but there are exceptions.

StackVariables Rose::BinaryAnalysis::Variables::VariableFinder::findStackVariables ( const Partitioner2::PartitionerConstPtr ,
SgAsmInstruction  
)

Find local variables in a function.

Analyzes the given function to find the local (stack) variables, caches and returns the list. If this information is already cached, then this method just returns the cached value.

The second argument can be either a function or an instruction. When it's an instruction, we arbitrarily choose one of the functions that owns the instruction. Usually each instruction is owned by only one function, but there are exceptions.

GlobalVariables Rose::BinaryAnalysis::Variables::VariableFinder::findGlobalVariables ( const Partitioner2::PartitionerConstPtr )

Find global variables.

Finds global variables by examining all functions represented by the given partitioner. Global variables can be found only if they're read or written by some code, and not through a pointer. For example, this method detects variable g1 but not g2 in the following compiled C code:

int g1, g2;
int foo() {
return g1;
}
int bar(int *ptr) {
return *ptr; // no static address even if ptr points to g2
}

If previous results are already cached then they're returned, otherwise new results are computed, cached, and returned.

void Rose::BinaryAnalysis::Variables::VariableFinder::evict ( const Partitioner2::FunctionPtr )

Removed cached information.

If a function is supplied as an argument, remove information cached by this analysis for that function. If a partitioner is specified then remove information from all functions.

void Rose::BinaryAnalysis::Variables::VariableFinder::evict ( const Partitioner2::PartitionerConstPtr )

Removed cached information.

If a function is supplied as an argument, remove information cached by this analysis for that function. If a partitioner is specified then remove information from all functions.

bool Rose::BinaryAnalysis::Variables::VariableFinder::isCached ( const Partitioner2::FunctionPtr )

Test whether local variable information is cached.

Returns true if findStackVariables has been run for the specified function and the results are currently cached in that function.

StackFrame Rose::BinaryAnalysis::Variables::VariableFinder::detectFrameAttributes ( const Partitioner2::PartitionerConstPtr ,
const Partitioner2::FunctionPtr  
)

Figure out attributes describing the stack frame for the specified function.

void Rose::BinaryAnalysis::Variables::VariableFinder::initializeFrameBoundaries ( const StackFrame ,
const Partitioner2::PartitionerConstPtr ,
const Partitioner2::FunctionPtr ,
StackVariable::Boundaries boundaries 
)

Initilialize offsets for function prologue.

At the start of a function, we sometimes know where certain things are on the stack and their sizes. For instance, for powerpc after the function prologue sets up the stack frame, we know that the stack frame header contain two 4-byte quantities: the pointer to the parent frame, and the LR save area for callees and therefore we can add the three offsets that delimit the boundaries of these two "variables".

std::set<int64_t> Rose::BinaryAnalysis::Variables::VariableFinder::findFrameOffsets ( const StackFrame ,
const Partitioner2::PartitionerConstPtr ,
SgAsmInstruction  
)

Find stack variable addresses.

Given an instruction, look for operand subexpressions that reference memory based from a stack frame pointer, such as x86 "mov eax, [ebp - 12]". Returns the set of offsets from the frame pointer.

Partitioner2::FunctionPtr Rose::BinaryAnalysis::Variables::VariableFinder::functionForInstruction ( const Partitioner2::PartitionerConstPtr ,
SgAsmInstruction  
)

Function that owns an instruction.

Given an instruction, return one of the owning functions chosen arbitrarily. This is the method used by the version of findStackVariables that takes an instruction argument.

AddressToAddresses Rose::BinaryAnalysis::Variables::VariableFinder::findGlobalVariableVas ( const Partitioner2::PartitionerConstPtr )

Find global variable addresses.

Returns a list of addresses that are possibly the beginning of global variables. We're only able to find global variables that are referenced by instructions that read or write to the variable. If the global variable is an array then one of two things happen:

  • If the array elements are only accessed with indices that are unknown statically, then the address of the beginning of the array is returned. This applies to C code like:
int get(int i) {
return array[i];
}
int sum(int n) {
int s = 0;
for (int i=0; i < n; ++i)
s += array[i];
return s;
}
  • If the array elements are accessed with constant indices, then it's impossible to distinguish between accessing an array with constant indexes and accessing a non-array variable. This applies to C code like:
int get() {
return array[3];
}
int sum() {
int s = 0;
for (int i=0; i < 4; ++i) // assume loop unrolling optimization
s += array[i];
return s;
}
std::set<rose_addr_t> Rose::BinaryAnalysis::Variables::VariableFinder::findConstants ( const SymbolicExpression::Ptr )

Find address constants in an expression.

Given a symbolic expression, return all the constants that appear in it that have a potential for being addresses.

std::set<rose_addr_t> Rose::BinaryAnalysis::Variables::VariableFinder::findConstants ( SgAsmInstruction )

Find constants syntactically in an instruction.

std::set<SymbolicExpression::Ptr> Rose::BinaryAnalysis::Variables::VariableFinder::getMemoryAddresses ( const InstructionSemantics::BaseSemantics::MemoryCellStatePtr )

Find addresses in memory state.

Given a cell-based symbolic memory state, return all the memory addresses that appear in it.

std::set<rose_addr_t> Rose::BinaryAnalysis::Variables::VariableFinder::findAddressConstants ( const InstructionSemantics::BaseSemantics::MemoryCellStatePtr )

Find constants in memory.

Given an cell-based symbolic memory state, return all constants that appear in the cell addresses.

void Rose::BinaryAnalysis::Variables::VariableFinder::removeOutliers ( const StackFrame ,
const Partitioner2::PartitionerConstPtr ,
const Partitioner2::FunctionPtr ,
StackVariable::Boundaries sortedBoundaries 
)

Remove boundaries that are outside a stack frame.

If the frame's lowest address is known, then boundaries that begin before the frame are removed. Except if there is no boundary at the beginning of the frame, then the greatest boundary before the frame is moved to the beginning of the frame instead of being removed entirely.

If the frame's upper address is known, then any boundary above that address is removed from the list.

static bool Rose::BinaryAnalysis::Variables::VariableFinder::regionContainsInstructions ( const Partitioner2::PartitionerConstPtr ,
const AddressInterval  
)
static

True if memory region contains any decoded instructions.

static bool Rose::BinaryAnalysis::Variables::VariableFinder::regionIsFullyMapped ( const Partitioner2::PartitionerConstPtr ,
const AddressInterval  
)
static

True if memory region is fully mapped.

static bool Rose::BinaryAnalysis::Variables::VariableFinder::regionIsFullyReadWrite ( const Partitioner2::PartitionerConstPtr ,
const AddressInterval  
)
static

True if memory region is fully mapped with read and write access.


The documentation for this class was generated from the following file: