Class JitDataFlowState
- All Implemented Interfaces:
PcodeExecutorState<JitVal>,PcodeExecutorStatePiece<JitVal,JitVal>
PcodeExecutorState for per-block data flow interpretation
In p-code interpretation, this interface's purpose is to store the current value of varnodes in
the emulation/interpretation state. Here we implement it using T:=JitVal, and
track the latest variable definition of vanodes in the data flow interpretation. The adaptation
is fairly straightforward, except when varnode accesses do not match their latest definitions
exactly, e.g., an access of EAX when the latest definition is for RAX. Thus, this
state object may synthesize subpiece and catenate ops to model the "off-cut" use of one or more such definitions. Additionally, in
preparation for inter-block data flow analysis, when no definition is present for a varnode (or
part of a varnode) access, this state will synthesize phi ops. See
setVar and
getVar for details.
This state only serves to analyze data flow through register and unique variables. Because we
know these are only accessible to the thread, we stand to save much execution time by bypassing
the JitBytesPcodeExecutorState at run time. We can accomplish this by mapping these
variables to suitable JVM local variables. Thus, we have one map of entries for register space
and another for unique space. Accesses to other spaces do not mutate or read from either of those
maps, but this class may generate a suitable JitVal for the use-def graph.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionclassA minimal data flow machine state that can be captured by aJitCallOtherOpIf.Nested classes/interfaces inherited from interface ghidra.pcode.exec.PcodeExecutorStatePiece
PcodeExecutorStatePiece.Reason -
Method Summary
Modifier and TypeMethodDescriptionCapture the current state of intra-block analysis.voidclear()Erase the entire state or piecefork()Create a deep copy of this stateGet the arithmetic used to manipulate values of the type stored by this stategetConcreteBuffer(Address address, PcodeArithmetic.Purpose purpose) Bind a buffer of concrete bytes at the given start addressgetDefinitions(Register register) Get an ordered list of all values involved in the latest definition of the given varnode.getDefinitions(Varnode varnode) Get an ordered list of all values involved in the latest definition of the given varnode.Get the language defining the address spaces of this state pieceGet all register values known to this stategetVar(AddressSpace space, JitVal offset, int size, boolean quantize, PcodeExecutorStatePiece.Reason reason) Get the value of a variableGet a complete catalog of all varnodes read, including overlapping, subregs, etc.Get a complete catalog of all varnodes written, including overlapping, subregs, etc.voidsetVar(AddressSpace space, JitVal offset, int size, boolean quantize, JitVal val) Set the value of a variableMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface ghidra.pcode.exec.PcodeExecutorState
getAddressArithmetic, pairedMethods inherited from interface ghidra.pcode.exec.PcodeExecutorStatePiece
checkRange, getVar, getVar, getVar, getVar, quantizeOffset, setVar, setVar, setVar, setVar
-
Method Details
-
getLanguage
Description copied from interface:PcodeExecutorStatePieceGet the language defining the address spaces of this state piece- Specified by:
getLanguagein interfacePcodeExecutorStatePiece<JitVal,JitVal> - Returns:
- the language
-
getArithmetic
Description copied from interface:PcodeExecutorStatePieceGet the arithmetic used to manipulate values of the type stored by this state- Specified by:
getArithmeticin interfacePcodeExecutorStatePiece<JitVal,JitVal> - Returns:
- the arithmetic
-
setVar
Set the value of a variableThis and
getVar(AddressSpace, JitVal, int, boolean, Reason)are where we connect the interpretation to the maps of definitions we keep in this state. We examine the varnode's type first. We can't write to a constant, and that shouldn't be allowed anyway, so we warn if we observe that. We'll ignore any indirect writes, because those are denoted bystoreops. We also don't do much here with direct writes. The writes to such variables are handled byJitMemoryOutVar. Such output variables are actually passed in asvalhere, but need only be stored in a map if they are register or unique variables.- Specified by:
setVarin interfacePcodeExecutorStatePiece<JitVal,JitVal> - Parameters:
space- the address spaceoffset- the offset within the spacesize- the size of the variablequantize- true to quantize to the language's "addressable unit"val- the value
-
getDefinitions
Get an ordered list of all values involved in the latest definition of the given varnode.- Parameters:
varnode- the varnode whose definitions to retrieve- Returns:
- the list of values
- See Also:
-
getDefinitions
Get an ordered list of all values involved in the latest definition of the given varnode.- Parameters:
register- the register whose definitions to retrieve- Returns:
- the list of values
- See Also:
-
getVar
public JitVal getVar(AddressSpace space, JitVal offset, int size, boolean quantize, PcodeExecutorStatePiece.Reason reason) Get the value of a variableThis and
setVar(AddressSpace, JitVal, int, boolean, JitVal)are where we connect the interpretation to the maps of definitions we keep in this state. We examine the varnode's type first. If it's a constant or memory variable, it just returns the appropriateJitConstVal,JitDirectMemoryVar, orJitIndirectMemoryVar. If it's a register or unique, then we retrieve the latest definition(s) as inJitDataFlowState.MiniDFState.getDefinitions(AddressSpace, long, int). In the simple case of an exact definition, we return it. Otherwise, this synthesizes the appropriate op(s), enters them into the use-def graph, and returns the final output.- Specified by:
getVarin interfacePcodeExecutorStatePiece<JitVal,JitVal> - Parameters:
space- the address spaceoffset- the offset within the spacesize- the size of the variablequantize- true to quantize to the language's "addressable unit"reason- the reason for reading the variable- Returns:
- the value
-
getRegisterValues
Description copied from interface:PcodeExecutorStatePieceGet all register values known to this stateWhen the state acts as a cache, it should only return those cached.
- Specified by:
getRegisterValuesin interfacePcodeExecutorStatePiece<JitVal,JitVal> - Returns:
- a map of registers and their values
-
getConcreteBuffer
Description copied from interface:PcodeExecutorStatePieceBind a buffer of concrete bytes at the given start address- Specified by:
getConcreteBufferin interfacePcodeExecutorStatePiece<JitVal,JitVal> - Parameters:
address- the start addresspurpose- the reason why the emulator needs a concrete value- Returns:
- a buffer
-
clear
public void clear()Description copied from interface:PcodeExecutorStatePieceErase the entire state or pieceThis is generally only useful when the state is itself a cache to another object. This will ensure the state is reading from that object rather than a stale cache. If this is not a cache, this could in fact clear the whole state, and the machine using it will be left in the dark.
- Specified by:
clearin interfacePcodeExecutorStatePiece<JitVal,JitVal>
-
fork
Description copied from interface:PcodeExecutorStatePieceCreate a deep copy of this state- Specified by:
forkin interfacePcodeExecutorState<JitVal>- Specified by:
forkin interfacePcodeExecutorStatePiece<JitVal,JitVal> - Returns:
- the copy
-
getVarnodesRead
Get a complete catalog of all varnodes read, including overlapping, subregs, etc.- Returns:
- the set of varnodes
-
getVarnodesWritten
Get a complete catalog of all varnodes written, including overlapping, subregs, etc.- Returns:
- the set of varnodes
-
captureState
Capture the current state of intra-block analysis.This may be required for follow-up op-use analysis by a
JitCallOtherOpIfinvoked using the standard strategy. All live varnodes at the time of the call must be considered used.- Returns:
- the captured state
-