macaw-base
Safe HaskellNone
LanguageHaskell2010

Data.Macaw.Discovery.ParsedContents

Description

Macaw AST elements used after block classification

There are two stages of code discovery:

  1. Initial discovery with simple block terminators (unclassified block terminators like FetchAndExecute)
  2. Classified block terminators (e.g., branch, call, return, etc)

This module defines the AST elements for the latter case.

Synopsis

Documentation

data ParsedTermStmt arch ids Source #

This term statement is used to describe higher level expressions of how block ending with a a FetchAndExecute statement should be interpreted.

Constructors

ParsedCall !(RegState (ArchReg arch) (Value arch ids)) !(Maybe (ArchSegmentOff arch))

A call with the current register values and location to return to or Nothing if this is a tail call.

Note that the semantics of this instruction assume that the program has already stored the return address in the appropriate location (which depends on the ABI). For example on X86_64 this is the top of the stack while on ARM this is the link register.

PLTStub !(MapF (ArchReg arch) (Value arch ids)) !(ArchSegmentOff arch) !VersionedSymbol

PLTStub regs addr sym symVer denotes a terminal statement that has been identified as a PLT stub for jumping to the given symbol (with optional version information).

This is a special case of a tail call. It has been added separately because it occurs frequently in dynamically linked code, and we can use this to recognize PLT stubs.

The first argument maps registers that were changed to their value. Other registers have the initial value. This should typically be empty on X86_64 PLT stubs.

The second argument is the address in the .GOT that the target function is stored at. The PLT stub sets the PC to the address stored here.

The third and fourth arguments are used to resolve where the function should jump to.

ParsedJump !(RegState (ArchReg arch) (Value arch ids)) !(ArchSegmentOff arch)

A jump to an explicit address within a function.

ParsedBranch !(RegState (ArchReg arch) (Value arch ids)) !(Value arch ids BoolType) !(ArchSegmentOff arch) !(ArchSegmentOff arch)

ParsedBranch regs cond trueAddr falseAddr represents a conditional branch that jumps to trueAddr if cond is true and falseAddr otherwise.

The value assigned to the IP in regs should reflect this if-then-else structure.

ParsedLookupTable !(JumpTableLayout arch) !(RegState (ArchReg arch) (Value arch ids)) !(ArchAddrValue arch ids) !(Vector (ArchSegmentOff arch))

A lookup table that branches to one of a vector of addresses.

The registers store the registers, the value contains the index to jump to, and the possible addresses as a table. If the index (when interpreted as an unsigned number) is larger than the number of entries in the vector, then the result is undefined.

ParsedReturn !(RegState (ArchReg arch) (Value arch ids))

A return with the given registers.

ParsedArchTermStmt !(ArchTermStmt arch (Value arch ids)) !(RegState (ArchReg arch) (Value arch ids)) !(Maybe (ArchSegmentOff arch))

An architecture-specific statement with the registers prior to execution, and the given next control flow address.

ParsedTranslateError !Text

An error occured in translating the block

ClassifyFailure !(RegState (ArchReg arch) (Value arch ids)) [String]

The classifier failed to identity the block. Includes registers with list of reasons for each classifer to fail

Instances

Instances details
ArchConstraints arch => Show (ParsedTermStmt arch ids) Source # 
Instance details

Defined in Data.Macaw.Discovery.ParsedContents

Methods

showsPrec :: Int -> ParsedTermStmt arch ids -> ShowS #

show :: ParsedTermStmt arch ids -> String #

showList :: [ParsedTermStmt arch ids] -> ShowS #

parsedTermSucc :: ParsedTermStmt arch ids -> [ArchSegmentOff arch] Source #

Get all successor blocks for the given list of statements.

data ParsedBlock arch ids Source #

A contiguous region of instructions in memory.

Constructors

ParsedBlock 

Fields

Instances

Instances details
(ArchConstraints arch, Show (ArchBlockPrecond arch)) => Show (ParsedBlock arch ids) Source # 
Instance details

Defined in Data.Macaw.Discovery.ParsedContents

Methods

showsPrec :: Int -> ParsedBlock arch ids -> ShowS #

show :: ParsedBlock arch ids -> String #

showList :: [ParsedBlock arch ids] -> ShowS #

ArchConstraints arch => Pretty (ParsedBlock arch ids) Source # 
Instance details

Defined in Data.Macaw.Discovery.ParsedContents

Methods

pretty :: ParsedBlock arch ids -> Doc ann

prettyList :: [ParsedBlock arch ids] -> Doc ann

data ParsedContents arch ids Source #

Stores the main block features that may changes from parsing a block.

Constructors

ParsedContents 

Fields

data Extension (w :: Natural) Source #

Information about a value that is the signed or unsigned extension of another value.

This is used for jump tables, and only supports widths that are in memory

Constructors

Extension 

Fields

Instances

Instances details
Show (Extension w) Source # 
Instance details

Defined in Data.Macaw.Discovery.ParsedContents

Methods

showsPrec :: Int -> Extension w -> ShowS #

show :: Extension w -> String #

showList :: [Extension w] -> ShowS #

data BlockExploreReason (w :: Nat) Source #

This describes why we are exploring a given block within a function.

Constructors

NextIP !(MemSegmentOff w)

Exploring because the given block jumps here.

FunctionEntryPoint

Identified as an entry point from initial information

SplitAt !(MemSegmentOff w) !(BlockExploreReason w)

Added because the address split this block after it had been disassembled. Also includes the reason we thought the block should be there before we split it.

Instances

Instances details
MemWidth w => Show (BlockExploreReason w) Source # 
Instance details

Defined in Data.Macaw.Discovery.ParsedContents

Methods

showsPrec :: Int -> BlockExploreReason w -> ShowS #

show :: BlockExploreReason w -> String #

showList :: [BlockExploreReason w] -> ShowS #

Eq (BlockExploreReason w) Source # 
Instance details

Defined in Data.Macaw.Discovery.ParsedContents

Methods

(==) :: BlockExploreReason w -> BlockExploreReason w -> Bool #

(/=) :: BlockExploreReason w -> BlockExploreReason w -> Bool #

MemWidth w => Pretty (BlockExploreReason w) Source # 
Instance details

Defined in Data.Macaw.Discovery.ParsedContents

Methods

pretty :: BlockExploreReason w -> Doc ann

prettyList :: [BlockExploreReason w] -> Doc ann

JumpTableLayout

data JumpTableLayout arch Source #

This describes the layout of a jump table. Beware: on some architectures, after reading from the jump table, the resulting addresses must be aligned. See the IPAlignment class.

Constructors

AbsoluteJumpTable !(BoundedMemArray arch (BVType (ArchAddrWidth arch)))

AbsoluteJumpTable r describes a jump table where the jump target is directly stored in the array read r.

RelativeJumpTable !(ArchSegmentOff arch) !(BoundedMemArray arch (BVType w)) !(Extension w)

RelativeJumpTable base read ext describes information about a jump table where all jump targets are relative to a fixed base address.

The value is computed as baseVal + readVal where

baseVal = fromMaybe 0 base, readVal is the value stored at the memory read described by read with the sign of ext.

Instances

Instances details
RegisterInfo (ArchReg arch) => Show (JumpTableLayout arch) Source # 
Instance details

Defined in Data.Macaw.Discovery.ParsedContents

Methods

showsPrec :: Int -> JumpTableLayout arch -> ShowS #

show :: JumpTableLayout arch -> String #

showList :: [JumpTableLayout arch] -> ShowS #

jtlBackingAddr :: JumpTableLayout arch -> ArchSegmentOff arch Source #

Return base address of table storing contents of jump table.

jtlBackingSize :: JumpTableLayout arch -> Word64 Source #

Returns the number of bytes in the layout

BoundedMemArray

data BoundedMemArray arch (tp :: Type) Source #

This describes a region of memory dereferenced in some array read.

These regions may be be sparse, given an index i, the the address given by arBase + arIx*arStride.

Constructors

BoundedMemArray 

Fields

  • arBase :: !(ArchSegmentOff arch)

    The base address for array accesses.

  • arStride :: !Word64

    Space between elements of the array.

    This will typically be the number of bytes denoted by arEltType, but may be larger for sparse arrays. matchBoundedMemArray will fail if stride is less than the number of bytes read.

  • arEltType :: !(MemRepr tp)

    Resolved type of elements in this array.

  • arSlices :: !(Vector [MemChunk (ArchAddrWidth arch)])

    The slices of memory in the array.

    The ith element in the vector corresponds to the first size bytes at address `base + stride * i`.

    The number of elements is the length of the array.

    N.B. With the size could be computed from the previous fields, but we check we can create it when creating the array read, so we store it to avoid recomputing it.

Instances

Instances details
RegisterInfo (ArchReg arch) => Show (BoundedMemArray arch tp) Source # 
Instance details

Defined in Data.Macaw.Discovery.ParsedContents

Methods

showsPrec :: Int -> BoundedMemArray arch tp -> ShowS #

show :: BoundedMemArray arch tp -> String #

showList :: [BoundedMemArray arch tp] -> ShowS #

arByteCount :: forall arch (tp :: Type). BoundedMemArray arch tp -> Word64 Source #

Return number of bytes used by this array.

isReadOnlyBoundedMemArray :: forall arch (tp :: Type). BoundedMemArray arch tp -> Bool Source #

Return true if the address stored is readable and not writable.

Pretty Printing

ppTermStmt :: ArchConstraints arch => ParsedTermStmt arch ids -> Doc ann Source #