decompiler
1.0.0
|
A SLEIGH based implementation of the Emulate interface. More...
#include <emulate.hh>
Public Member Functions | |
EmulatePcodeCache (Translate *t, MemoryState *s, BreakTable *b) | |
Pcode cache emulator constructor. More... | |
bool | isInstructionStart (void) const |
Return true if we are at an instruction start. More... | |
int4 | numCurrentOps (void) const |
Return number of pcode ops in translation of current instruction. More... | |
int4 | getCurrentOpIndex (void) const |
Get the index of current pcode op within current instruction. More... | |
PcodeOpRaw * | getOpByIndex (int4 i) const |
Get pcode op in current instruction translation by index. More... | |
virtual void | setExecuteAddress (const Address &addr) |
Set current execution address. More... | |
virtual Address | getExecuteAddress (void) const |
Get current execution address. More... | |
void | executeInstruction (void) |
Execute (the rest of) a single machine instruction. More... | |
Public Member Functions inherited from EmulateMemory | |
EmulateMemory (MemoryState *mem) | |
Construct given a memory state. | |
MemoryState * | getMemoryState (void) const |
Get the emulator's memory state. More... | |
Public Member Functions inherited from Emulate | |
Emulate (void) | |
generic emulator constructor | |
void | setHalt (bool val) |
Set the halt state of the emulator. More... | |
bool | getHalt (void) const |
Get the halt state of the emulator. More... | |
void | executeCurrentOp (void) |
Do a single pcode op step. More... | |
Protected Member Functions | |
virtual void | fallthruOp (void) |
Execute fallthru semantics for the pcode cache. More... | |
virtual void | executeBranch (void) |
Execute branch (including relative branches) More... | |
virtual void | executeCallother (void) |
Execute breakpoint for this user-defined op. More... | |
Protected Member Functions inherited from EmulateMemory | |
virtual void | executeUnary (void) |
Execute a unary arithmetic/logical operation. | |
virtual void | executeBinary (void) |
Execute a binary arithmetic/logical operation. | |
virtual void | executeLoad (void) |
Standard behavior for a p-code LOAD. | |
virtual void | executeStore (void) |
Standard behavior for a p-code STORE. | |
virtual bool | executeCbranch (void) |
Check if the conditional of a CBRANCH is true. More... | |
virtual void | executeBranchind (void) |
Standard behavior for a BRANCHIND. | |
virtual void | executeCall (void) |
Standard behavior for a p-code CALL. | |
virtual void | executeCallind (void) |
Standard behavior for a CALLIND. | |
virtual void | executeMultiequal (void) |
Standard behavior for a MULTIEQUAL (phi-node) | |
virtual void | executeIndirect (void) |
Standard behavior for an INDIRECT op. | |
virtual void | executeSegmentOp (void) |
Behavior for a SEGMENTOP. | |
virtual void | executeCpoolRef (void) |
Standard behavior for a CPOOLREF (constant pool reference) op. | |
virtual void | executeNew (void) |
Standard behavior for (low-level) NEW op. | |
Private Member Functions | |
void | clearCache (void) |
Clear the p-code cache. More... | |
void | createInstruction (const Address &addr) |
Cache pcode for instruction at given address. More... | |
void | establishOp (void) |
Set-up currentOp and currentBehave. | |
Private Attributes | |
Translate * | trans |
The SLEIGH translator. | |
vector< PcodeOpRaw * > | opcache |
The cache of current p-code ops. | |
vector< VarnodeData * > | varcache |
The cache of current varnodes. | |
vector< OpBehavior * > | inst |
Map from OpCode to OpBehavior. | |
BreakTable * | breaktable |
The table of breakpoints. | |
Address | current_address |
Address of current instruction being executed. | |
bool | instruction_start |
true if next pcode op is start of instruction | |
int4 | current_op |
Index of current pcode op within machine instruction. | |
int4 | instruction_length |
Length of current instruction in bytes. | |
Additional Inherited Members | |
Protected Attributes inherited from EmulateMemory | |
MemoryState * | memstate |
The memory state of the emulator. | |
PcodeOpRaw * | currentOp |
Current op to execute. | |
Protected Attributes inherited from Emulate | |
bool | emu_halted |
Set to true if the emulator is halted. | |
OpBehavior * | currentBehave |
Behavior of the next op to execute. | |
A SLEIGH based implementation of the Emulate interface.
This implementation uses a Translate object to translate machine instructions into pcode and caches pcode ops for later use by the emulator. The pcode is cached as soon as the execution address is set, either explicitly, or via branches and fallthrus. There are additional methods for inspecting the pcode ops in the current instruction as a sequence.
EmulatePcodeCache::EmulatePcodeCache | ( | Translate * | t, |
MemoryState * | s, | ||
BreakTable * | b | ||
) |
Pcode cache emulator constructor.
t | is the SLEIGH translator |
s | is the MemoryState the emulator should manipulate |
b | is the table of breakpoints the emulator should invoke |
References breaktable, inst, OpBehavior::registerInstructions(), BreakTable::setEmulate(), and trans.
|
private |
Clear the p-code cache.
Free all the VarnodeData and PcodeOpRaw objects and clear the cache.
References opcache, and varcache.
Referenced by createInstruction().
|
private |
Cache pcode for instruction at given address.
This is a private routine which does the work of translating a machine instruction into pcode, putting it into the cache, and setting up the iterators
addr | is the address of the instruction to translate |
References clearCache(), current_op, inst, instruction_length, instruction_start, Translate::oneInstruction(), opcache, trans, and varcache.
Referenced by fallthruOp(), and setExecuteAddress().
|
protectedvirtual |
Execute branch (including relative branches)
Since the full instruction is cached, we can do relative branches properly.
Reimplemented from EmulateMemory.
References current_op, EmulateMemory::currentOp, fallthruOp(), VarnodeData::getAddr(), PcodeOpRaw::getInput(), Address::getOffset(), opcache, and setExecuteAddress().
|
protectedvirtual |
Execute breakpoint for this user-defined op.
Look for a breakpoint for the given user-defined op and invoke it. If it doesn't exist, or doesn't replace the action, throw an exception
Reimplemented from EmulateMemory.
References breaktable, EmulateMemory::currentOp, BreakTable::doPcodeOpBreak(), and fallthruOp().
void EmulatePcodeCache::executeInstruction | ( | void | ) |
Execute (the rest of) a single machine instruction.
This routine executes an entire machine instruction at once, as a conventional debugger step function would do. If execution is at the start of an instruction, the breakpoints are checked and invoked as needed for the current address. If this routine is invoked while execution is in the middle of a machine instruction, execution is continued until the current instruction completes.
References breaktable, current_address, BreakTable::doAddressBreak(), Emulate::executeCurrentOp(), and instruction_start.
|
protectedvirtual |
Execute fallthru semantics for the pcode cache.
Update the iterator into the current pcode cache, and if necessary, generate the pcode for the fallthru instruction and reset the iterator.
Implements Emulate.
References createInstruction(), current_address, current_op, establishOp(), instruction_length, instruction_start, and opcache.
Referenced by executeBranch(), and executeCallother().
|
inline |
Get the index of current pcode op within current instruction.
This routine can be used to determine where, within the sequence of ops in the translation of the entire machine instruction, the currently executing op is.
References current_op.
|
inlinevirtual |
Get current execution address.
Implements Emulate.
References current_address.
|
inline |
Get pcode op in current instruction translation by index.
This routine can be used to examine ops other than the currently executing op in the machine instruction's translation sequence.
i | is the desired op index |
References opcache.
|
inline |
Return true if we are at an instruction start.
Since the emulator can single step through individual pcode operations, the machine state may be halted in the middle of a single machine instruction, unlike conventional debuggers. This routine can be used to determine if execution is actually at the beginning of a machine instruction.
References instruction_start.
|
inline |
Return number of pcode ops in translation of current instruction.
A typical machine instruction translates into a sequence of pcode ops.
References opcache.
|
virtual |
Set current execution address.
Set the current execution address and cache the pcode translation of the machine instruction at that address
addr | is the address where execution should continue |
Implements Emulate.
References createInstruction(), current_address, and establishOp().
Referenced by executeBranch().