def gen_block_data_flow_graph(ir_arch, ircfg, ad, block_flow_cb):
for irblock in viewvalues(ircfg.blocks):
print(irblock)
dead_simp(ir_arch, ircfg)
irblock_0 = None
for irblock in viewvalues(ircfg.blocks):
loc_key = irblock.loc_key
offset = ircfg.loc_db.get_location_offset(loc_key)
if offset == ad:
irblock_0 = irblock
break
assert irblock_0 is not None
flow_graph = DiGraph()
flow_graph.node2str = node2str
irb_in_nodes = {}
irb_out_nodes = {}
for label in ircfg.blocks:
irb_in_nodes[label] = {}
irb_out_nodes[label] = {}
for label, irblock in viewitems(ircfg.blocks):
block_flow_cb(ir_arch, ircfg, flow_graph, irblock, irb_in_nodes[label],
irb_out_nodes[label])
for label in ircfg.blocks:
print(label)
print('IN', [str(x) for x in irb_in_nodes[label]])
print('OUT', [str(x) for x in irb_out_nodes[label]])
print('*' * 20, 'interblock', '*' * 20)
inter_block_flow(ir_arch, ircfg, flow_graph, irblock_0.loc_key,
irb_in_nodes, irb_out_nodes)
# from graph_qt import graph_qt
# graph_qt(flow_graph)
open('data.dot', 'w').write(flow_graph.dot())
def do_dead_simp_ircfg(self, ircfg, head):
"""
Apply:
- dead_simp
- remove_empty_assignblks
- merge_blocks
on the @ircfg until reaching fix point
Return True if the graph has been modified
@ircfg: IRCFG instance to simplify
@head: Location instance of the ircfg head
"""
modified = dead_simp(self.ir_arch, ircfg)
modified |= remove_empty_assignblks(ircfg)
modified |= merge_blocks(ircfg, set([head]))
return modified
def do_dead_simp_ircfg(self, ircfg, head):
"""
Apply:
- dead_simp
- remove_empty_assignblks
- merge_blocks
on the @ircfg until reaching fix point
Return True if the graph has been modified
@ircfg: IRCFG instance to simplify
@head: Location instance of the ircfg head
"""
modified = dead_simp(self.ir_arch, ircfg)
modified |= remove_empty_assignblks(ircfg)
modified |= merge_blocks(ircfg, set([head]))
return modified
mdis = mn.dis_engine(bin_stream)
disasm = mdis.dis_multiblock(offset)
ircfg = ira.new_ircfg_from_asmcfg(disasm)
entry_points = set([mdis.loc_db.get_offset_location(offset)])
# Create target IR object and add all basic blocks to it
ir = ir_a_x86_64(mdis.symbol_pool)
for bbl in disasm.blocks:
print(bbl.to_string(disasm.loc_db))
ira.add_asmblock_to_ircfg(bbl, ircfg)
init_infos = ira.arch.regs.regs_init
propagate_cst_expr(ira, ircfg, offset, init_infos)
ircfg.simplify(expr_simp)
modified = True
iteration = 0
while modified:
print("Applying simplification pass " + str(iteration))
modified = False
modified |= dead_simp(ira, ircfg)
modified |= remove_empty_assignblks(ircfg)
modified |= merge_blocks(ircfg, entry_points)
iteration += 1
for lbl, irblock in ircfg.blocks.items():
print(irblock.to_string(loc_db))
open("%s.propag.dot" % "bin/simplified.bin", 'w').write(ircfg.dot())
loc_db.set_location_offset(loc_db.get_name_location("main"), 0x0)
for block in asmcfg.blocks:
print(block)
print("symbols:")
print(loc_db)
patches = asmblock.asm_resolve_final(mn_x86, asmcfg, loc_db)
# Translate to IR
ir_arch = ir_a_x86_32(loc_db)
ircfg = ir_arch.new_ircfg_from_asmcfg(asmcfg)
# Display IR
for lbl, irblock in viewitems(ircfg.blocks):
print(irblock)
# Dead propagation
open('graph.dot', 'w').write(ircfg.dot())
print('*' * 80)
init_infos = ir_arch.arch.regs.regs_init
propagate_cst_expr(ir_arch, ircfg, 0, init_infos)
ircfg.simplify(expr_simp)
dead_simp(ir_arch, ircfg)
open('graph2.dot', 'w').write(ircfg.dot())
# Display new IR
print('new ir blocks')
for lbl, irblock in viewitems(ircfg.blocks):
print(irblock)
''')
loc_db.set_location_offset(loc_db.get_name_location("main"), 0x0)
for block in asmcfg.blocks:
print(block)
print("symbols:")
print(loc_db)
patches = asmblock.asm_resolve_final(mn_x86, asmcfg, loc_db)
# Translate to IR
ir_arch = ir_a_x86_32(loc_db)
ircfg = ir_arch.new_ircfg_from_asmcfg(asmcfg)
# Display IR
for lbl, irblock in viewitems(ircfg.blocks):
print(irblock)
# Dead propagation
open('graph.dot', 'w').write(ircfg.dot())
print('*' * 80)
dead_simp(ir_arch, ircfg)
open('graph2.dot', 'w').write(ircfg.dot())
# Display new IR
print('new ir blocks')
for lbl, irblock in viewitems(ircfg.blocks):
print(irblock)
help="Apply simplifications rules (liveness, graph simplification, ...)")
args = parser.parse_args()
machine = Machine("x86_32")
cont = Container.from_stream(open(args.filename, 'rb'))
mdis = machine.dis_engine(cont.bin_stream, loc_db=cont.loc_db)
ir_arch = machine.ira(mdis.loc_db)
addr = int(args.address, 0)
asmcfg = mdis.dis_multiblock(addr)
ircfg = ir_arch.new_ircfg_from_asmcfg(asmcfg)
entry_points = set([mdis.loc_db.get_offset_location(addr)])
init_infos = ir_arch.arch.regs.regs_init
cst_propag_link = propagate_cst_expr(ir_arch, ircfg, addr, init_infos)
if args.simplify:
ircfg.simplify(expr_simp)
modified = True
while modified:
modified = False
modified |= dead_simp(ir_arch, ircfg)
modified |= remove_empty_assignblks(ircfg)
modified |= merge_blocks(ircfg, entry_points)
open("%s.propag.dot" % args.filename, 'w').write(ircfg.dot())
"--simplify",
action="store_true",
help="Apply simplifications rules (liveness, graph simplification, ...)")
args = parser.parse_args()
machine = Machine("x86_32")
cont = Container.from_stream(open(args.filename, 'rb'))
mdis = machine.dis_engine(cont.bin_stream, loc_db=cont.loc_db)
ir_arch = machine.ira(mdis.loc_db)
addr = int(args.address, 0)
asmcfg = mdis.dis_multiblock(addr)
ircfg = ir_arch.new_ircfg_from_asmcfg(asmcfg)
entry_points = set([mdis.loc_db.get_offset_location(addr)])
init_infos = ir_arch.arch.regs.regs_init
cst_propag_link = propagate_cst_expr(ir_arch, ircfg, addr, init_infos)
if args.simplify:
ircfg.simplify(expr_simp)
modified = True
while modified:
modified = False
modified |= dead_simp(ir_arch, ircfg)
modified |= remove_empty_assignblks(ircfg)
modified |= merge_blocks(ircfg, entry_points)
open("%s.propag.dot" % args.filename, 'w').write(ircfg.dot())