def __init__(self, ir_arch, expr_simp=expr_simp):
super(IRCFGSimplifierSSA, self).__init__(ir_arch, expr_simp)
self.ir_arch.ssa_var = {}
self.all_ssa_vars = {}
self.ssa_forbidden_regs = self.get_forbidden_regs()
self.propag_expressions = PropagateExpressions()
self.del_dummy_phi = DelDummyPhi()
self.deadremoval = DeadRemoval(self.ir_arch, self.all_ssa_vars)
def __init__(self, ir_arch, expr_simp=expr_simp):
super(IRCFGSimplifierSSA, self).__init__(ir_arch, expr_simp)
self.ir_arch.ssa_var = {}
self.all_ssa_vars = {}
self.ssa_forbidden_regs = self.get_forbidden_regs()
self.propag_int = PropagateExprIntThroughExprId()
self.propag_expr = PropagateThroughExprId()
self.propag_mem = PropagateThroughExprMem()
self.deadremoval = DeadRemoval(self.ir_arch, self.all_ssa_vars)
''')
loc_db.set_location_offset(loc_db.get_name_location("main"), 0x0)
for block in asmcfg.blocks:
print(block)
print("symbols:")
print(loc_db)
patches = asmblock.asm_resolve_final(mn_x86, asmcfg, loc_db)
# Translate to IR
ir_arch = ir_a_x86_32(loc_db)
ircfg = ir_arch.new_ircfg_from_asmcfg(asmcfg)
deadrm = DeadRemoval(ir_arch)
# Display IR
for lbl, irblock in viewitems(ircfg.blocks):
print(irblock)
# Dead propagation
open('graph.dot', 'w').write(ircfg.dot())
print('*' * 80)
deadrm(ircfg)
open('graph2.dot', 'w').write(ircfg.dot())
# Display new IR
print('new ir blocks')
for lbl, irblock in viewitems(ircfg.blocks):
class IRATest(ira):
"""Fake IRA class for tests"""
def __init__(self, loc_db):
arch = Arch()
super(IRATest, self).__init__(arch, 32, loc_db)
self.IRDst = IRDst
self.ret_reg = r
def get_out_regs(self, _):
return set([self.ret_reg, self.sp])
IRA = IRATest(loc_db)
deadrm = DeadRemoval(IRA)
# graph 1 : Simple graph with dead and alive variables
G1_IRA = IRA.new_ircfg()
G1_IRB0 = gen_irblock(LBL0, [[ExprAssign(a, CST1)], [ExprAssign(b, CST2)]])
G1_IRB1 = gen_irblock(LBL1, [[ExprAssign(a, b)]])
G1_IRB2 = gen_irblock(LBL2, [[ExprAssign(r, a)]])
for irb in [G1_IRB0, G1_IRB1, G1_IRB2]:
G1_IRA.add_irblock(irb)
G1_IRA.add_uniq_edge(G1_IRB0.loc_key, G1_IRB1.loc_key)
G1_IRA.add_uniq_edge(G1_IRB1.loc_key, G1_IRB2.loc_key)
parser.add_argument(
'-s',
"--simplify",
action="store_true",
help="Apply simplifications rules (liveness, graph simplification, ...)")
args = parser.parse_args()
machine = Machine("x86_32")
loc_db = LocationDB()
cont = Container.from_stream(open(args.filename, 'rb'), loc_db)
mdis = machine.dis_engine(cont.bin_stream, loc_db=loc_db)
lifter = machine.lifter_model_call(mdis.loc_db)
addr = int(args.address, 0)
deadrm = DeadRemoval(lifter)
asmcfg = mdis.dis_multiblock(addr)
ircfg = lifter.new_ircfg_from_asmcfg(asmcfg)
entry_points = set([mdis.loc_db.get_offset_location(addr)])
init_infos = lifter.arch.regs.regs_init
cst_propag_link = propagate_cst_expr(lifter, ircfg, addr, init_infos)
if args.simplify:
ircfg.simplify(expr_simp)
modified = True
while modified:
modified = False
modified |= deadrm(ircfg)
modified |= remove_empty_assignblks(ircfg)
def __init__(self, ir_arch, expr_simp=expr_simp):
self.expr_simp = expr_simp
super(IRCFGSimplifierCommon, self).__init__(ir_arch)
self.deadremoval = DeadRemoval(self.ir_arch)
ad = int(args.addr, 16)
loc_db = LocationDB()
print('disasm...')
cont = Container.from_stream(open(args.filename, 'rb'), loc_db)
machine = Machine("x86_32")
mdis = machine.dis_engine(cont.bin_stream, loc_db=loc_db)
mdis.follow_call = True
asmcfg = mdis.dis_multiblock(ad)
print('ok')
print('generating dataflow graph for:')
ir_arch_analysis = machine.ira(loc_db)
ircfg = ir_arch_analysis.new_ircfg_from_asmcfg(asmcfg)
deadrm = DeadRemoval(ir_arch_analysis)
for irblock in viewvalues(ircfg.blocks):
print(irblock)
if args.symb:
block_flow_cb = intra_block_flow_symb
else:
block_flow_cb = intra_block_flow_raw
gen_block_data_flow_graph(ir_arch_analysis, ircfg, ad, block_flow_cb)
print('*' * 40)
print("""
View with:
dotty dataflow.dot
class LifterTest(LifterModelCall):
"""Fake Lifter class for tests"""
def __init__(self, loc_db):
arch = Arch()
super(LifterTest, self).__init__(arch, 32, loc_db)
self.IRDst = IRDst
self.ret_reg = r
def get_out_regs(self, _):
return set([self.ret_reg, self.sp])
Lifter = LifterTest(loc_db)
deadrm = DeadRemoval(Lifter)
# graph 1 : Simple graph with dead and alive variables
G1_cfg = Lifter.new_ircfg()
G1_IRB0 = gen_irblock(LBL0, [[ExprAssign(a, CST1)], [ExprAssign(b, CST2)]])
G1_IRB1 = gen_irblock(LBL1, [[ExprAssign(a, b)]])
G1_IRB2 = gen_irblock(LBL2, [[ExprAssign(r, a)]])
for irb in [G1_IRB0, G1_IRB1, G1_IRB2]:
G1_cfg.add_irblock(irb)
G1_cfg.add_uniq_edge(G1_IRB0.loc_key, G1_IRB1.loc_key)
G1_cfg.add_uniq_edge(G1_IRB1.loc_key, G1_IRB2.loc_key)
def __init__(self, lifter, expr_simp=expr_simp):
self.expr_simp = expr_simp
super(IRCFGSimplifierCommon, self).__init__(lifter)
self.deadremoval = DeadRemoval(self.lifter)