def howmany_distinct_bin_bbs():
bin_ida_server = "http://114.212.81.134:12345"
with open( this_path+'/new_addr.txt', 'r') as f:
addrs = f.readlines()
executed_funcs = set()
for addr in addrs:
func_name = ida.get_func_name(int(addr,16))
if func_name in executed_funcs or func_name == '':
continue
# FIXME: we get filename from addr2line, it maynot be the true filename because of inlining
# - NOTE : exclusive_line_of_bin_bb() use this filname to choose inst
# - It is fair when cmpared with IR, but if we change the way to get filename here, IR part should be updated either.
status, ifile_name, ifunc_name, _ = mapping.addr2line(int(addr,16), db_config, bin_name=None)
# we allow insts in other functions here
if status==-1 or ifunc_name=='?':
continue
executed_funcs.add(func_name)
bin_cfg = bcfg.bin_CFG(ifile_name, func_name, int(addr,16), bin_ida_server)
bb_2_exclusive_lines = exclusive_line_of_bin_bb(ifile_name, func_name, bin_cfg.graph.nodes, db_config)
distinct_bb_count = len(bb_2_exclusive_lines)
bb_count = len(bin_cfg.graph.nodes)
if bb_count != 0:
print(addr.strip(), distinct_bb_count, '/', bb_count, distinct_bb_count/bb_count)
else:
print(addr.strip(), distinct_bb_count, '/', bb_count, map_obj.func_name)
def get_src_lines_of_bin_func(addr, real_file_name, db_config, bin_ida_server=None, bin_name=None):
insts = ida.get_func_insts(addr, bin_ida_server)
# print(insts)
lines = []
for inst in insts:
status, file_name, func_name, line_no = mapping.addr2line(int(inst,16), db_config, bin_name)
if status==-1 or func_name =='?':
print(inst, 'is not addr2line-able')
continue
# FIXIT: whether it is needed to consider these cross-file inline insts
if file_name == real_file_name:
lines.append(line_no)
# lines_unduplicated = list(set(lines)).sort(key=lines.index)
return lines
def line_of_bin_bb(file_name, func_name, block_insts, db_config):
# block_insts is the set of all BB's first addr in this function
line_bb_map = {}
for bb_inst in block_insts:
bb_insts = ida.get_bb_insts(int(bb_inst,16))
status, ifile_name, ifunc_name, line_no = mapping.addr2line(int(bb_inst,16),db_config)
# allow different ifunc_name here, their debug info cannbe a hint. cross-file inline insts are banned here
if status==-1 or ifile_name!=file_name:
continue
line_bb_map.setdefault(line_no,[]).append(bb_inst)
bb_2_exclusive_lines = {}
for line in line_bb_map:
if len(line_bb_map[line])==1:
distinct_bb = line_bb_map[line][0]
bb_2_exclusive_lines.setdefault(distinct_bb,[]).append(line)
return bb_2_exclusive_lines
def cmp_debuginfo_in_func():
# cmp IR and binary's source_line in some function
with open(this_path+'/new_addr.txt', 'r') as f:
addrs = f.readlines()
executed_funcs = set()
for addr in addrs:
func_name = ida.get_func_name(int(addr,16))
if func_name in executed_funcs or func_name == '':
continue
executed_funcs.add(func_name)
_, file_name, _, _ = mapping.addr2line(int(addr,16), db_config, bin_name=None)
map_obj = mapping.mapping(int(addr,16))
ir_func_lines = get_src_lines_of_IR_func(file_name,func_name,db_config)
bin_func_lines = get_src_lines_of_bin_func(int(addr,16), file_name, db_config)
ir_func_lineset = set(ir_func_lines)
bin_func_lineset = set(bin_func_lines)
print(len(ir_func_lineset), len(bin_func_lineset), len(ir_func_lineset & bin_func_lineset))
def howmany_distinct_IRbbs():
with open( this_path+'/new_addr.txt', 'r') as f:
addrs = f.readlines()
executed_funcs = set()
for addr in addrs:
# map_obj = mapping.mapping(int(addr,16))
func_name = ida.get_func_name(int(addr,16))
if func_name in executed_funcs or func_name == '':
continue
executed_funcs.add(func_name)
_, file_name, _, _ = mapping.addr2line(int(addr,16), db_config, bin_name=None)
IR_cfg = icfg.IR_CFG(file_name, func_name, db_config)
bb_2_exclusive_lines = exclusive_line_of_ir_bb(file_name, func_name, db_config)
distinct_bb_count = len(bb_2_exclusive_lines)
bb_count = len(IR_cfg.graph.nodes)
if bb_count != 0:
print(addr.strip(), distinct_bb_count, '/', bb_count, distinct_bb_count/bb_count)
else:
print(addr.strip(), distinct_bb_count, '/', bb_count, map_obj.func_name)
def test(addr):
testmap = easymap(addr)
testmap.nor_bin()
# for node in testmap.IR_graphwithfea.nodes:
# print (node,testmap.IR_graphwithfea.nodes[node]['fea'])
# print ('\n')
# for node in testmap.bin_graphwithfea.nodes:
# print (node,testmap.bin_graphwithfea.nodes[node]['fea'])
# print(testmap.IR_cfg.graph.edges)
_, file_name, _, _ = mapbb.addr2line(addr, db_config, bin_name=None)
filename = file_name
funcname = testmap.func_name
# for node in testmap.IR_graphwithfea.nodes:
# print (node,testmap.IR_graphwithfea.nodes[node]['fea'])
# add_IR_fea()
#imm fea in bin is hex,let's change it to dec
IR_edgewith_fea = {}
bin_edgewith_fea = {}
def add_fea_to_edge():
for node in testmap.IR_graphwithfea.edges:
edgefea = []
IR_edgewith_fea[node] = []
edgefea.append(testmap.IR_graphwithfea.nodes[node[0]]['fea'])
edgefea.append(testmap.IR_graphwithfea.nodes[node[1]]['fea'])
IR_edgewith_fea[node] = edgefea
for node in testmap.bin_graphwithfea.edges:
edgefea = []
bin_edgewith_fea[node] = []
edgefea.append(testmap.bin_graphwithfea.nodes[node[0]]['fea'])
edgefea.append(testmap.bin_graphwithfea.nodes[node[1]]['fea'])
bin_edgewith_fea[node] = edgefea
add_fea_to_edge()
# print (IR_edgewith_fea)
# print (bin_edgewith_fea)
# add_IR_fea()
# print(testmap.IR_cfg.node_features_map)
mapped_edge = []
maooed_edge1 = []
cormap = []
correctmap = []
mapped_IRnode = {}
mapped_binnode = {}
def cmp_edgewithfea():
for key1, value1 in IR_edgewith_fea.items():
for key2, value2 in bin_edgewith_fea.items():
#now we consider the situation when from and to bb all have fea
if (value1[0] and value2[0]) and (value1[1] and value2[1]):
if map_two_BB(value1[0], value2[0]) and map_two_BB(
value1[1], value2[1]):
mapped_edge.append([key1, key2])
# consider when from bb have fea but to not
# elif value1[0] and value2[0]:
# if map_two_BB(value1[0],value2[0]):
# mapped_edge.append([key1,key2])
# elif value1[1] and value2[1]:
# if map_two_BB(value1[1],value2[1]):
# mapped_edge.append([key1,key2])
#check if the IRedge map multiple binedges
dict1 = {}
for node in mapped_edge:
dict1.setdefault(node[1], []).append(node[0])
#[IRedge,binedge]
for key, value in dict1.items():
if len(dict1[key]) == 1:
cormap.append([dict1[key][0], key])
#[binedge,IRedge]
continue
flag1 = 0
flag2 = 0
flag3 = 0
flag4 = 0
for edge in value:
IRnodefea0 = testmap.IR_graphwithfea.nodes[edge[0]]['fea']
IRnodefea1 = testmap.IR_graphwithfea.nodes[edge[1]]['fea']
binnodefea0 = testmap.bin_graphwithfea.nodes[key[0]]['fea']
binnodefea1 = testmap.bin_graphwithfea.nodes[key[1]]['fea']
if len(map_two_BB(binnodefea0,IRnodefea0)) == len(IRnodefea0) == len(binnodefea0) and\
len(map_two_BB(binnodefea1,IRnodefea1)) == len(IRnodefea1) == len(binnodefea1):
if not [edge, key] in cormap:
cormap.append([edge, key])
flag1 = 1
continue
if map_with_dbgif(filename, funcname, edge[0], int(key[0], 16),
db_config) and map_with_dbgif(
filename, funcname, edge[1],
int(key[1], 16), db_config):
if [edge, key] in cormap:
continue
if flag1 == 0:
cormap.append([edge, key])
flag2 = 1
continue
if fea_in_list('call', map_two_BB(
binnodefea0, IRnodefea0)) and fea_in_list(
'call', map_two_BB(binnodefea1, IRnodefea1)):
if [edge, key] in cormap:
continue
if not flag1 == flag2 == 0:
continue
cormap.append([edge, key])
flag3 = 1
continue
if fea_in_list('call', map_two_BB(
binnodefea0, IRnodefea0)) or fea_in_list(
'call', map_two_BB(binnodefea1, IRnodefea1)):
if [edge, key] in cormap:
continue
if not flag1 == flag2 == flag3 == 0:
continue
cormap.append([edge, key])
flag4 = 1
continue
if fea_in_list('cmov', map_two_BB(
binnodefea0, IRnodefea0)) or fea_in_list(
'cmov', map_two_BB(binnodefea1, IRnodefea1)):
if [edge, key] in cormap:
continue
if not flag1 == flag2 == flag3 == flag4 == 0:
continue
cormap.append([edge, key])
dict11 = {}
corrmap = []
for node in cormap:
dict11.setdefault(node[1], []).append(node[0])
for key, value in dict11.items():
if len(dict11[key]) == 1:
corrmap.append([dict11[key][0], key])
# print (corrmap)
#check if binedge map multiple IRedges in cormap
dict2 = {}
corremap = []
for node in corrmap:
dict2.setdefault(node[0], []).append(node[1])
for key, value in dict2.items():
if len(dict2[key]) == 1:
corremap.append([key, dict2[key][0]])
continue
flag1 = 0
flag2 = 0
flag3 = 0
flag4 = 0
for edge in value:
IRnodefea0 = testmap.IR_graphwithfea.nodes[key[0]]['fea']
IRnodefea1 = testmap.IR_graphwithfea.nodes[key[1]]['fea']
binnodefea0 = testmap.bin_graphwithfea.nodes[edge[0]]['fea']
binnodefea1 = testmap.bin_graphwithfea.nodes[edge[1]]['fea']
if len(map_two_BB(binnodefea0,IRnodefea0)) == len(IRnodefea0) == len(binnodefea0) and\
len(map_two_BB(binnodefea1,IRnodefea1)) == len(IRnodefea1) == len(binnodefea1):
if not [key, edge] in corremap:
corremap.append([key, edge])
flag1 = 1
continue
if map_with_dbgif(filename, funcname, key[0], int(edge[0], 16),
db_config) and map_with_dbgif(
filename, funcname, key[1],
int(edge[1], 16), db_config):
if [key, edge] in corremap:
continue
if flag1 == 0:
corremap.append([key, edge])
continue
if fea_in_list('call', map_two_BB(
binnodefea0, IRnodefea0)) and fea_in_list(
'call', map_two_BB(binnodefea1, IRnodefea1)):
if [key, edge] in corremap:
continue
if not flag1 == flag2 == 0:
continue
corremap.append([key, edge])
flag3 = 1
continue
if fea_in_list('call', map_two_BB(
binnodefea0, IRnodefea0)) or fea_in_list(
'call', map_two_BB(binnodefea1, IRnodefea1)):
if [key, edge] in corremap:
continue
if not flag1 == flag2 == flag3 == 0:
continue
corremap.append([key, edge])
flag4 = 1
continue
if fea_in_list('cmov', map_two_BB(
binnodefea0, IRnodefea0)) or fea_in_list(
'cmov', map_two_BB(binnodefea1, IRnodefea1)):
if [key, edge] in corremap:
continue
if not flag1 == flag2 == flag3 == flag4 == 0:
continue
corremap.append([key, edge])
continue
dict22 = {}
for node in corremap:
dict22.setdefault(node[0], []).append(node[1])
for key, value in dict22.items():
if len(dict22[key]) == 1:
correctmap.append([key, dict22[key][0]])
# print(corremap)
# print(correctmap)
for node in correctmap:
if not node[1][0] in mapped_IRnode.setdefault(node[0][0], []):
mapped_IRnode[node[0][0]].append(node[1][0])
if not node[1][1] in mapped_IRnode.setdefault(node[0][1], []):
mapped_IRnode[node[0][1]].append(node[1][1])
if not node[0][0] in mapped_binnode.setdefault(node[1][0], []):
mapped_binnode[node[1][0]].append(node[0][0])
if not node[0][1] in mapped_binnode.setdefault(node[1][1], []):
mapped_binnode[node[1][1]].append(node[0][1])
#the first bb and the ret bb is mapped
intlabel = []
intaddr = []
binret = 0
# print(111)
# print(testmap.IR_graphwithfea.nodes.keys())
for node in testmap.IR_graphwithfea.nodes.keys():
# print(1)
# print(node)
intlabel.append(int(node))
# print(testmap.bin_graphwithfea.nodes.keys())
for node in testmap.bin_graphwithfea.nodes.keys():
intaddr.append(int(node, 16))
if 'retn' in testmap.bin_graphwithfea.nodes[node]['fea']:
binret = node
IRret = str(max(intlabel))
IRstart = str(min(intlabel))
binstart = str(hex(min(intaddr)))
if binret != 0:
mapped_IRnode.setdefault(IRret, []).append(binret)
if not binstart in mapped_IRnode.setdefault(IRstart, []):
mapped_IRnode[IRstart].append(binstart)
mapped_binnode.setdefault(binstart, []).append(IRstart)
mapped_binnode.setdefault(binret, []).append(IRret)
# test code
# for node in mapped_IRnode.items():
# print(node)
# print(max(intlabel),min(intlabel))
# print(max(intaddr),min(intaddr))
# if not testmap.IR_graphwithfea.succ[node]:
# IRret.append(node)
# binret = []
# for node1 in testmap.bin_graphwithfea.nodes.keys():
# if not testmap.bin_graphwithfea.succ[node1]:
# binret.append(node1)
# #in case tailcall BB is mixed
# if len(binret) == 1:
# mapped_IRnode.setdefault(node,[]).append(binret[0])
# mapped_binnode.setdefault(node1,[]).append(binret[0])
# if not testmap.IR_graphwithfea.pred[node]:
# binstart = []
# for node2 in testmap.bin_graphwithfea.nodes.keys():
# if not testmap.bin_graphwithfea.pred[node2]:
# binstart.append(node2)
# if len(binstart) == 1:
# mapped_IRnode.setdefault(node,[]).append(binstart[0])
# mapped_binnode.setdefault(binstart[0],[]).append(node)
# print (node[0][0])
# print ('\n')
# for node in testmap.IR_graphwithfea.nodes:
# print(node,testmap.IR_graphwithfea.nodes[node]['fea'])
# for node in mapped_IRnode.items():
# print (node)
# print ('\n')
# len1 = 30 - len(testmap.func_name)
# noom = ' '
# for i in range(0,len1):
# noom = noom + ' '
# print (testmap.func_name,end = noom)
# print (len(mapped_IRnode.keys()),len(testmap.IR_graphwithfea.nodes),len(mapped_IRnode.keys())/len(testmap.IR_graphwithfea.nodes))
# print(noom,len(mapped_binnode.keys()),len(testmap.bin_graphwithfea.nodes),len(mapped_binnode.keys())/len(testmap.bin_graphwithfea.nodes))
# for node in correctmap:
# print (node)
# print (IR_edgewith_fea[node[0]])
# print (bin_edgewith_fea[node[1]])
# print('\n')
# print ('uncertainmap')
# edgedict = {}
# for node in mapped_edge:
# edgedict.setdefault(node[0],[]).append(1)
# if not node in correctmap:
# print (node)
# print (IR_edgewith_fea[node[0]])
# print (bin_edgewith_fea[node[1]])
# print('\n')
# print(len(edgedict.keys()))
cmp_edgewithfea()
IRmaplist = []
binmaplist = []
for node in testmap.IR_graphwithfea.nodes.keys():
testmap.IR_graphwithfea.nodes[node]['mapped'] = 0
#if used == 1,the pred and succ of the node are all mapped
testmap.IR_graphwithfea.nodes[node]['used'] = 0
for key, value in mapped_IRnode.items():
testmap.IR_graphwithfea.nodes[key]['mapped'] = 1
testmap.IR_graphwithfea.nodes[key]['color'] = 'green'
for addr in value:
testmap.bin_graphwithfea.nodes[addr]['mapped'] = 1
testmap.bin_graphwithfea.nodes[addr]['color'] = 'green'
def map_after_edge():
list1 = list(mapped_IRnode.keys())
count1 = 0
count2 = 0
count3 = 0
for node in list1:
# print(node)
dict = {}
dict1 = {}
dict2 = {}
flag1 = 0
flag2 = 0
# list2 = mapped_IRnode[node]
# if node == '341':
# print(1,mapped_IRnode['341'])
# print(1)
# print(mapped_IRnode['142'])
count111 = 0
for binnode in mapped_IRnode[node]:
for succsnode in testmap.bin_graphwithfea.successors(binnode):
if not succsnode in mapped_binnode.keys():
if map_two_BB(testmap.IR_graphwithfea.nodes[node]['fea'],testmap.bin_graphwithfea.nodes[succsnode]['fea'])\
and len(map_two_BB(testmap.IR_graphwithfea.nodes[node]['fea'],testmap.bin_graphwithfea.nodes[succsnode]['fea'])) ==\
len(testmap.bin_graphwithfea.nodes[succsnode]['fea']) \
and len([fea for fea in testmap.IR_graphwithfea.nodes[node]['fea'] if fea in map_two_BB(testmap.IR_graphwithfea.nodes[node]['fea'],testmap.bin_graphwithfea.nodes[succsnode]['fea'])])\
> len([fea for fea in testmap.bin_graphwithfea.nodes[binnode]['fea'] if fea in map_two_BB(testmap.IR_graphwithfea.nodes[node]['fea'],testmap.bin_graphwithfea.nodes[succsnode]['fea'])]):
if len(testmap.bin_graphwithfea.nodes[succsnode]['fea']) == 1 and map_two_BB(testmap.IR_graphwithfea.nodes[node]['fea'],\
testmap.bin_graphwithfea.nodes[succsnode]['fea']) == ['cmp 2 reg']:
count111 += 1
# print('count111',node)
if count111 < len(testmap.IR_graphwithfea.
nodes[node]['fea']):
# print(succsnode)
mapped_IRnode[node].append(succsnode)
mapped_binnode.setdefault(succsnode,
[]).append(node)
else:
break
else:
mapped_IRnode[node].append(succsnode)
mapped_binnode.setdefault(succsnode,
[]).append(node)
# if node == '627':
# print ('627',count111,mapped_IRnode[node])
# if node == '341':
# print(2,mapped_IRnode['341'])
# print(list2)
# if node == '639':
# print(node,node1,dict.setdefault('647',[]),mapped_IRnode[node])
unmappednode1 = 0
totalnode1 = 0
for node1 in testmap.IR_graphwithfea.successors(node):
totalnode1 += 1
if not node1 in mapped_IRnode.keys():
unmappednode1 = unmappednode1 + 1
for node1 in testmap.IR_graphwithfea.successors(node):
# if testmap.IR_graphwithfea.nodes[node]['used'] == 1:
# break
# if not node1 in mapped_IRnode.keys():
# if node == '198':
# print(node1)
# count3 = count3 + 1
unmappednode2 = 0
totalnode2 = 0
for binmapped in mapped_IRnode[node]:
totalnode2 += 1
for node2 in testmap.bin_graphwithfea.successors(
binmapped):
if not node2 in mapped_binnode.keys():
unmappednode2 = unmappednode2 + 1
for binmapped in mapped_IRnode[node]:
# if node == '341':
# print('111111')
# print(mapped_IRnode[node])
# print(binmapped,testmap.bin_graphwithfea.nodes[binmapped]['fea'])
# print('\n')
if totalnode2 == 1:
# if node1(succs of irnode) map binnode(binnode which maps irnode)
if map_two_BB(testmap.IR_graphwithfea.nodes[node1]['fea'],testmap.bin_graphwithfea.nodes[binmapped]['fea'])\
and len(map_two_BB(testmap.IR_graphwithfea.nodes[node1]['fea'],testmap.bin_graphwithfea.nodes[binmapped]['fea'])) ==\
len(testmap.IR_graphwithfea.nodes[node1]['fea']) and len(testmap.bin_graphwithfea.nodes[binmapped]['fea']) > \
len(testmap.IR_graphwithfea.nodes[node1]['fea']):
if not node1 in mapped_IRnode.keys():
dict.setdefault(node1, []).append(binmapped)
# if node1 == '647':
# print(binmapped)
for node2 in testmap.bin_graphwithfea.successors(
binmapped):
if not node2 in mapped_binnode.keys():
# print('succs',node,node1,node2)
# if node == '341':
# print(node,node1,binmapped,node2,testmap.bin_graphwithfea.nodes[node2]['fea'])
# print('\\')
# if map_two_BB(testmap.IR_graphwithfea.nodes[node]['fea'],testmap.bin_graphwithfea.nodes[node2]['fea'])\
# and len(map_two_BB(testmap.IR_graphwithfea.nodes[node]['fea'],testmap.bin_graphwithfea.nodes[node2]['fea'])) ==\
# len(testmap.bin_graphwithfea.nodes[node2]['fea']):
# if not node2 in dict.setdefault(node,[]):
# dict.setdefault(node,[]).append(node2)
if map_two_BB(
testmap.IR_graphwithfea.nodes[node1]
['fea'], testmap.bin_graphwithfea.nodes[node2]
['fea']):
if not node1 in mapped_IRnode.keys():
dict.setdefault(node1, []).append(node2)
flag1 = 1
continue
if len(testmap.IR_graphwithfea.nodes[node1]
['fea']) == len(testmap.bin_graphwithfea.
nodes[node2]['fea']) == 0:
if not node1 in mapped_IRnode.keys():
dict1.setdefault(node1, []).append(node2)
continue
if node1 not in mapped_IRnode.keys() and unmappednode2 == unmappednode1 == 1 and \
len(testmap.IR_graphwithfea.nodes[node1]['fea']) <= 2 and len(testmap.bin_graphwithfea.nodes[node2]['fea']) <= 2 and \
totalnode1 >= 2 and totalnode2 >=2:
print('new rule', node, node1, node2)
dict1.setdefault(node1, []).append(node2)
# if node == '639':
# print(node,node1,dict.setdefault(node1,[]),mapped_IRnode[node])
# print(dict)
if len(dict.setdefault(node1, [])) + len(
dict.setdefault(node, [])) > 0:
if len(dict.setdefault(node1, [])) == 1:
mapped_IRnode.setdefault(node1,
[]).append(dict[node1][0])
list1.append(node1)
mapped_binnode.setdefault(dict[node1][0],
[]).append(node1)
# if node == '341':
# print(node1,dict[node1])
# print(node,'successors')
# print(map_two_BB(testmap.IR_graphwithfea.nodes[node1]['fea'],testmap.bin_graphwithfea.nodes[dict[node1][0]]['fea']))
# print(node1,dict[node1][0])
if len(dict.setdefault(node1, [])) > 1:
f = 0
default = dict.setdefault(node1, [])[0]
for n in dict[node1]:
if n != default:
f = 1
if f == 0:
mapped_IRnode.setdefault(node1,
[]).append(dict[node1][0])
list1.append(node1)
mapped_binnode.setdefault(dict[node1][0],
[]).append(node1)
if len(dict.setdefault(node, [])) >= 1:
for nodebin in dict.setdefault(node, []):
if not nodebin in mapped_IRnode.setdefault(
node, []):
mapped_IRnode.setdefault(node,
[]).append(nodebin)
mapped_binnode.setdefault(nodebin,
[]).append(node)
# if node == '341':
# print(node,nodebin)
# print(node,'successors')
# print(map_two_BB(testmap.IR_graphwithfea.nodes[node]['fea'],testmap.bin_graphwithfea.nodes[dict[node][len(dict[node])-1]]['fea']))
# print(node,dict[node])
if len(dict1.setdefault(node1, [])) == 1:
mapped_IRnode.setdefault(node1, []).append(dict1[node1][0])
list1.append(node1)
mapped_binnode.setdefault(dict1[node1][0],
[]).append(node1)
for node3 in testmap.IR_graphwithfea.predecessors(node):
flag = 0
# if testmap.IR_graphwithfea.nodes[node]['used'] == 1:
# break
# if not node3 in mapped_IRnode.keys():
for binmapped in mapped_IRnode[node]:
if map_two_BB(testmap.IR_graphwithfea.nodes[node3]['fea'],testmap.bin_graphwithfea.nodes[binmapped]['fea'])\
and len(map_two_BB(testmap.IR_graphwithfea.nodes[node3]['fea'],testmap.bin_graphwithfea.nodes[binmapped]['fea'])) ==\
len(testmap.IR_graphwithfea.nodes[node3]['fea']):
if not node3 in mapped_IRnode.keys():
dict.setdefault(node3, []).append(binmapped)
for node4 in testmap.bin_graphwithfea.predecessors(
binmapped):
unmappednode4 = 0
if not node4 in mapped_binnode.keys():
# print('pred',node,node4)
# 8.24 if fea in binnodepred,in irnode,not in binnode
if map_two_BB(testmap.IR_graphwithfea.nodes[node]['fea'],testmap.bin_graphwithfea.nodes[node4]['fea'])\
and len([fea for fea in testmap.IR_graphwithfea.nodes[node]['fea'] if fea in map_two_BB(testmap.IR_graphwithfea.nodes[node]['fea'],testmap.bin_graphwithfea.nodes[node4]['fea'])])\
> len([fea for fea in testmap.bin_graphwithfea.nodes[node4]['fea'] if fea in map_two_BB(testmap.IR_graphwithfea.nodes[node]['fea'],testmap.bin_graphwithfea.nodes[node4]['fea'])]) \
and len(map_two_BB(testmap.IR_graphwithfea.nodes[node]['fea'],testmap.bin_graphwithfea.nodes[node4]['fea'])) ==\
len(testmap.bin_graphwithfea.nodes[node4]['fea']):
if not node4 in dict.setdefault(node, []):
dict.setdefault(node, []).append(node4)
# print(node,binmapped,node4)
# print(testmap.bin_graphwithfea.nodes[binmapped]['fea'])
# print(map_two_BB(testmap.IR_graphwithfea.nodes[node]['fea'],testmap.bin_graphwithfea.nodes[node4]['fea']))
if map_two_BB(
testmap.IR_graphwithfea.nodes[node3]
['fea'], testmap.bin_graphwithfea.nodes[node4]
['fea']):
if not node3 in mapped_IRnode.keys():
if len(testmap.IR_graphwithfea.pred[node]) <= 10 or \
len(map_two_BB(testmap.IR_graphwithfea.nodes[node3]['fea'],testmap.bin_graphwithfea.nodes[node4]['fea']))>=2 \
or [fea for fea in map_two_BB(testmap.IR_graphwithfea.nodes[node3]['fea'],testmap.bin_graphwithfea.nodes[node4]['fea']) \
if '0' in fea ] == []:
dict.setdefault(node3,
[]).append(node4)
if len(testmap.IR_graphwithfea.nodes[node3]
['fea']) == len(testmap.bin_graphwithfea.
nodes[node4]['fea']) == 0:
if not node3 in mapped_IRnode.keys():
dict2.setdefault(node3, []).append(node4)
if len(dict.setdefault(node3, [])) + len(
dict.setdefault(node, [])) > 0:
if len(dict.setdefault(node3, [])) == 1:
mapped_IRnode.setdefault(node3,
[]).append(dict[node3][0])
list1.append(node3)
mapped_binnode.setdefault(dict[node3][0],
[]).append(node3)
if len(dict.setdefault(node, [])) >= 1:
for binnode in dict.setdefault(node, []):
if not binnode in mapped_IRnode.setdefault(
node, []):
mapped_IRnode.setdefault(node,
[]).append(binnode)
mapped_binnode.setdefault(binnode,
[]).append(node)
if len(dict2.setdefault(node3, [])) == 1:
mapped_IRnode.setdefault(node3, []).append(dict2[node3][0])
list1.append(node3)
mapped_binnode.setdefault(dict2[node3][0],
[]).append(node3)
# test code
# print('mapafteredge')
# for node in mapped_IRnode.items():
# print(node)
# print(node,dict)
# print(count3,count1,count2)
map_after_edge()
len1 = 30 - len(testmap.func_name)
noom = ' '
for i in range(0, len1):
noom = noom + ' '
print(testmap.func_name, end=noom)
print(len(mapped_IRnode.keys()), len(testmap.IR_graphwithfea.nodes),
len(mapped_IRnode.keys()) / len(testmap.IR_graphwithfea.nodes))
print(' ', end='')
print(len(mapped_binnode.keys()), len(testmap.bin_graphwithfea.nodes),
len(mapped_binnode.keys()) / len(testmap.bin_graphwithfea.nodes))
# print(testmap.bin_graphwithfea.nodes)
# for node in mapped_IRnode.items():
# print (node)
# print ('\n')
# for node in mapped_binnode.items():
# print (node)
# print ('\n')
# for node in testmap.bin_graphwithfea.nodes.keys():
# print(testmap.IR_graphwithfea.succ['302'])
# if not testmap.IR_graphwithfea.succ['302']:
# print(1)
for key, value in mapped_IRnode.items():
testmap.IR_graphwithfea.nodes[key]['mapped'] = 1
testmap.IR_graphwithfea.nodes[key]['color'] = 'green'
for addr in value:
testmap.bin_graphwithfea.nodes[addr]['mapped'] = 1
testmap.bin_graphwithfea.nodes[addr]['color'] = 'green'
draw_IR_bin(testmap)
# print(mapped_binnode.keys())
return (len(mapped_IRnode.keys()) / len(testmap.IR_graphwithfea.nodes),
len(mapped_binnode.keys()) / len(testmap.bin_graphwithfea.nodes),
mapped_IRnode, testmap.func_name)
# block_insts is the set of all BB's first addr in this function
line_bb_map = {}
for bb_inst in block_insts:
bb_insts = ida.get_bb_insts(int(bb_inst,16))
status, ifile_name, ifunc_name, line_no = mapping.addr2line(int(bb_inst,16),db_config)
# allow different ifunc_name here, their debug info cannbe a hint. cross-file inline insts are banned here
if status==-1 or ifile_name!=file_name:
continue
line_bb_map.setdefault(line_no,[]).append(bb_inst)
bb_2_exclusive_lines = {}
for line in line_bb_map:
if len(line_bb_map[line])==1:
distinct_bb = line_bb_map[line][0]
bb_2_exclusive_lines.setdefault(distinct_bb,[]).append(line)
return bb_2_exclusive_lines
if __name__ == "__main__":
addr = 0xffffffff811cc210
_, file_name, _, _ = mapping.addr2line(addr, db_config, bin_name=None)
func_name = ida.get_func_name(addr)
print(exclusive_line_of_ir_bb(file_name, func_name, db_config))
print(get_src_lines_of_IR_bb1(file_name,func_name,'140',db_config))
# cmp_debuginfo_in_func()
print(get_src_lines_of_bin_bb(addr,file_name,db_config))
# howmany_distinct_IsRbbs()
# howmany_distinct_bin_bbs()
# cmp_distinct_bbs()
# cmp_debuginfo_in_func()
