Ghidra Decompiler Analysis Engine
|
A region where processor data is stored. More...
#include <space.hh>
Public Types | |
enum | { big_endian = 1, heritaged = 2, does_deadcode = 4, programspecific = 8, reverse_justification = 16, overlay = 32, overlaybase = 64, truncated = 128, hasphysical = 256, is_otherspace = 512, has_nearpointers = 0x400 } |
enum | { constant_space_index = 0, other_space_index = 1 } |
Public Member Functions | |
AddrSpace (AddrSpaceManager *m, const Translate *t, spacetype tp, const string &nm, uint4 size, uint4 ws, int4 ind, uint4 fl, int4 dl) | |
AddrSpace (AddrSpaceManager *m, const Translate *t, spacetype tp) | |
For use with restoreXml. More... | |
const string & | getName (void) const |
Get the name. More... | |
AddrSpaceManager * | getManager (void) const |
Get the space manager. More... | |
const Translate * | getTrans (void) const |
Get the processor translator. More... | |
spacetype | getType (void) const |
Get the type of space. More... | |
int4 | getDelay (void) const |
Get number of heritage passes being delayed. More... | |
int4 | getDeadcodeDelay (void) const |
Get number of passes before deadcode removal is allowed. More... | |
int4 | getIndex (void) const |
Get the integer identifier. More... | |
uint4 | getWordSize (void) const |
Get the addressable unit size. More... | |
uint4 | getAddrSize (void) const |
Get the size of the space. More... | |
uintb | getHighest (void) const |
Get the highest byte-scaled address. More... | |
uintb | getPointerLowerBound (void) const |
Get lower bound for assuming an offset is a pointer. More... | |
uintb | getPointerUpperBound (void) const |
Get upper bound for assuming an offset is a pointer. More... | |
int4 | getMinimumPtrSize (void) const |
Get the minimum pointer size for this space. More... | |
uintb | wrapOffset (uintb off) const |
Wrap -off- to the offset that fits into this space. More... | |
char | getShortcut (void) const |
Get the shortcut character. More... | |
bool | isHeritaged (void) const |
Return true if dataflow has been traced. More... | |
bool | doesDeadcode (void) const |
Return true if dead code analysis should be done on this space. More... | |
bool | hasPhysical (void) const |
Return true if data is physically stored in this. More... | |
bool | isBigEndian (void) const |
Return true if values in this space are big endian. More... | |
bool | isReverseJustified (void) const |
Return true if alignment justification does not match endianness. More... | |
bool | isOverlay (void) const |
Return true if this is an overlay space. | |
bool | isOverlayBase (void) const |
Return true if other spaces overlay this space. | |
bool | isOtherSpace (void) const |
Return true if this is the other address space. | |
bool | isTruncated (void) const |
Return true if this space is truncated from its original size. More... | |
bool | hasNearPointers (void) const |
Return true if near (truncated) pointers into this space are possible. | |
void | printOffset (ostream &s, uintb offset) const |
Write an address offset to a stream. More... | |
virtual int4 | numSpacebase (void) const |
Number of base registers associated with this space. More... | |
virtual const VarnodeData & | getSpacebase (int4 i) const |
Get a base register that creates this virtual space. More... | |
virtual const VarnodeData & | getSpacebaseFull (int4 i) const |
Return original spacebase register before truncation. More... | |
virtual bool | stackGrowsNegative (void) const |
Return true if a stack in this space grows negative. More... | |
virtual AddrSpace * | getContain (void) const |
Return this space's containing space (if any) More... | |
virtual void | saveXmlAttributes (ostream &s, uintb offset) const |
Save an address as XML. More... | |
virtual void | saveXmlAttributes (ostream &s, uintb offset, int4 size) const |
Save an address and size as XML. More... | |
virtual uintb | restoreXmlAttributes (const Element *el, uint4 &size) const |
Recover an offset and size. More... | |
virtual void | printRaw (ostream &s, uintb offset) const |
Write an address in this space to a stream. More... | |
virtual uintb | read (const string &s, int4 &size) const |
Read in an address (and possible size) from a string. More... | |
virtual void | saveXml (ostream &s) const |
Write the details of this space as XML. More... | |
virtual void | restoreXml (const Element *el) |
Recover the details of this space from XML. More... | |
Static Public Member Functions | |
static uintb | addressToByte (uintb val, uint4 ws) |
Scale from addressable units to byte units. More... | |
static uintb | byteToAddress (uintb val, uint4 ws) |
Scale from byte units to addressable units. More... | |
static int4 | addressToByteInt (int4 val, uint4 ws) |
Scale int4 from addressable units to byte units. More... | |
static int4 | byteToAddressInt (int4 val, uint4 ws) |
Scale int4 from byte units to addressable units. More... | |
static bool | compareByIndex (const AddrSpace *a, const AddrSpace *b) |
Compare two spaces by their index. More... | |
Protected Member Functions | |
void | calcScaleMask (void) |
Calculate scale and mask. More... | |
void | setFlags (uint4 fl) |
Set a cached attribute. More... | |
void | clearFlags (uint4 fl) |
Clear a cached attribute. More... | |
void | saveBasicAttributes (ostream &s) const |
Write the XML attributes of this space. More... | |
void | truncateSpace (uint4 newsize) |
Protected Attributes | |
string | name |
Name of this space. | |
uint4 | addressSize |
Size of an address into this space in bytes. | |
uint4 | wordsize |
Size of unit being addressed (1=byte) | |
int4 | minimumPointerSize |
Smallest size of a pointer into this space (in bytes) | |
int4 | index |
An integer identifier for the space. | |
int4 | delay |
Delay in heritaging this space. | |
int4 | deadcodedelay |
Delay before deadcode removal is allowed on this space. | |
Friends | |
class | AddrSpaceManager |
A region where processor data is stored.
An AddrSpace (Address Space) is an arbitrary sequence of bytes where a processor can store data. As is usual with most processors' concept of RAM, an integer offset paired with an AddrSpace forms the address (See Address) of a byte. The size of an AddrSpace indicates the number of bytes that can be separately addressed and is usually described by the number of bytes needed to encode the biggest offset. I.e. a 4-byte address space means that there are offsets ranging from 0x00000000 to 0xffffffff within the space for a total of 2^32 addressable bytes within the space. There can be multiple address spaces, and it is typical to have spaces
The processor specification can set up any address spaces it needs in an arbitrary manner, but all data manipulated by the processor, which the specification hopes to model, must be contained in some address space, including RAM, ROM, general registers, special registers, i/o ports, etc.
The analysis engine also uses additional address spaces to model special concepts. These include
anonymous enum |
Enumerator | |
---|---|
big_endian | Space is big endian if set, little endian otherwise. |
heritaged | This space is heritaged. |
does_deadcode | Dead-code analysis is done on this space. |
programspecific | Space is specific to a particular loadimage. |
reverse_justification | Justification within aligned word is opposite of endianness. |
overlay | This space is an overlay of another space. |
overlaybase | This is the base space for overlay space(s) |
truncated | Space is truncated from its original size, expect pointers larger than this size. |
hasphysical | Has physical memory associated with it. |
is_otherspace | Quick check for the OtherSpace derived class. |
has_nearpointers | Does there exist near pointers into this space. |
anonymous enum |
AddrSpace::AddrSpace | ( | AddrSpaceManager * | m, |
const Translate * | t, | ||
spacetype | tp, | ||
const string & | nm, | ||
uint4 | size, | ||
uint4 | ws, | ||
int4 | ind, | ||
uint4 | fl, | ||
int4 | dl | ||
) |
Initialize an address space with its basic attributes
m | is the space manager associated with the new space |
t | is the processor translator associated with the new space |
tp | is the type of the new space (PROCESSOR, CONSTANT, INTERNAL,...) |
nm | is the name of the new space |
size | is the (offset encoding) size of the new space |
ws | is the number of bytes in an addressable unit |
ind | is the integer identifier for the new space |
fl | can be 0 or AddrSpace::hasphysical |
dl | is the number of rounds to delay heritage for the new space |
AddrSpace::AddrSpace | ( | AddrSpaceManager * | m, |
const Translate * | t, | ||
spacetype | tp | ||
) |
For use with restoreXml.
This is a partial constructor, for initializing a space via XML
m | the associated address space manager |
t | is the processor translator |
tp | the basic type of the space |
|
inlinestatic |
Scale from addressable units to byte units.
Given an offset into an address space based on the addressable unit size (wordsize), convert it into a byte relative offset
val | is the offset to convert |
ws | is the number of bytes in the addressable word |
|
inlinestatic |
Scale int4 from addressable units to byte units.
Given an int4 offset into an address space based on the addressable unit size (wordsize), convert it into a byte relative offset
val | is the offset to convert |
ws | is the number of bytes in the addressable word |
|
inlinestatic |
Scale from byte units to addressable units.
Given an offset in an address space based on bytes, convert it into an offset relative to the addressable unit of the space (wordsize)
val | is the offset to convert |
ws | is the number of bytes in the addressable word |
|
inlinestatic |
Scale int4 from byte units to addressable units.
Given an int4 offset in an address space based on bytes, convert it into an offset relative to the addressable unit of the space (wordsize)
val | is the offset to convert |
ws | is the number of bytes in the addressable word |
|
protected |
Calculate scale and mask.
Calculate highest based on addressSize, and wordsize. This also calculates the default pointerLowerBound
|
inlineprotected |
Clear a cached attribute.
An internal method for derived classes to clear space attibutes
fl | is the set of attributes to clear |
Compare two spaces by their index.
For sorting a sequence of address spaces.
a | is the first space |
b | is the second space |
|
inline |
Return true if dead code analysis should be done on this space.
Most memory locations should have dead-code analysis performed, and this routine will return true. For certain special spaces like the constant space, dead-code analysis doesn't make sense, and this routine returns false.
|
inline |
Get the size of the space.
Return the number of bytes needed to represent an offset into this space. A space with 2^32 bytes has an address size of 4, for instance.
|
inlinevirtual |
Return this space's containing space (if any)
If this space is virtual, then this routine returns the containing address space, otherwise it returns NULL.
|
inline |
Get number of passes before deadcode removal is allowed.
The point at which deadcode removal is performed on varnodes within a space can be set to skip some number of heritage passes, in case not all the varnodes are created within a single pass. This method gives the number of rounds that should be skipped before deadcode elimination begins
|
inline |
Get number of heritage passes being delayed.
If the heritage algorithms need to trace dataflow within this space, the algorithms can delay tracing this space in order to let indirect references into the space resolve themselves. This method indicates the number of rounds of dataflow analysis that should be skipped for this space to let this resolution happen
|
inline |
Get the highest byte-scaled address.
Get the highest (byte) offset possible for this space
|
inline |
Get the integer identifier.
Each address space has an associated index that can be used as an integer encoding of the space.
|
inline |
Get the space manager.
Every address space is associated with a manager of (all possible) spaces. This method recovers the address space manager object.
|
inline |
Get the minimum pointer size for this space.
A value of 0 means the size must match exactly. If the space is truncated, or if there exists near pointers, this value may be non-zero.
|
inline |
Get the name.
Every address space has a (unique) name, which is referred to especially in configuration files via XML.
|
inline |
Get lower bound for assuming an offset is a pointer.
Constant offsets are tested against this lower bound as a quick filter before attempting to lookup symbols.
|
inline |
Get upper bound for assuming an offset is a pointer.
Constant offsets are tested against this upper bound as a quick filter before attempting to lookup symbols.
|
inline |
Get the shortcut character.
Return a unique short cut character that is associated with this space. The shortcut character can be used by the read method to quickly specify the space of an address.
|
inlinevirtual |
Get a base register that creates this virtual space.
For virtual spaces, like the stack space, this routine returns the location information for a base register of the space. This routine will throw an exception if the register does not exist
i | is the index of the base register starting at |
Reimplemented in SpacebaseSpace.
|
inlinevirtual |
Return original spacebase register before truncation.
If a stack pointer is truncated to fit the stack space, we may need to know the extent of the original register
i | is the index of the base register |
Reimplemented in SpacebaseSpace.
|
inline |
Get the processor translator.
Every address space is associated with a processor which may have additional objects like registers etc. associated with it. This method returns a pointer to that processor translator
|
inline |
Get the type of space.
Return the defining type for this address space.
|
inline |
Get the addressable unit size.
This method indicates the number of bytes contained in an addressable unit of this space. This is almost always 1, but can be any other small integer.
|
inline |
Return true if data is physically stored in this.
This routine returns true, if, like most spaces, the space has actual read/writeable bytes associated with it. Some spaces, like the constant space, do not.
|
inline |
Return true if values in this space are big endian.
If integer values stored in this space are encoded in this space using the big endian format, then return true.
|
inline |
Return true if dataflow has been traced.
During analysis, memory locations in most spaces need to have their data-flow traced. This method returns true for these spaces. For some of the special spaces, like the constant space, tracing data flow makes no sense, and this routine will return false.
|
inline |
Return true if alignment justification does not match endianness.
Certain architectures or compilers specify an alignment for accessing words within the space The space required for a variable must be rounded up to the alignment. For variables smaller than the alignment, there is the issue of how the variable is "justified" within the aligned word. Usually the justification depends on the endianness of the space, for certain weird cases the justification may be the opposite of the endianness.
|
inline |
Return true if this space is truncated from its original size.
If this method returns true, the logical form of this space is truncated from its actual size Pointers may refer to this original size put the most significant bytes are ignored
|
inlinevirtual |
Number of base registers associated with this space.
Some spaces are "virtual", like the stack spaces, where addresses are really relative to a base pointer stored in a register, like the stackpointer. This routine will return non-zero if this space is virtual and there is 1 (or more) associated pointer registers
Reimplemented in SpacebaseSpace.
void AddrSpace::printOffset | ( | ostream & | s, |
uintb | offset | ||
) | const |
Write an address offset to a stream.
Print the offset as hexidecimal digits.
s | is the stream to write to |
offset | is the offset to be printed |
|
virtual |
Write an address in this space to a stream.
This is a printing method for the debugging routines. It prints taking into account the wordsize, adding a "+n" if the offset is not on-cut with wordsize. It also returns the expected/typical size of values from this space.
s | is the stream being written |
offset | is the offset to be printed |
Reimplemented in FspecSpace, JoinSpace, OtherSpace, ConstantSpace, and IopSpace.
|
virtual |
Read in an address (and possible size) from a string.
For the console mode, an address space can tailor how it converts user strings into offsets within the space. The base routine can read and convert register names as well as absolute hex addresses. A size can be indicated by appending a ':' and integer, .i.e. 0x1000:2. Offsets within a register can be indicated by appending a '+' and integer, i.e. eax+2
s | is the string to be parsed |
size | is a reference to the size being returned |
Reimplemented in JoinSpace.
|
virtual |
Recover the details of this space from XML.
Walk a parsed XML tag and recover all the properties defining this space. The processor translator, trans, and the type must already be filled in.
el | is the parsed XML tag |
Reimplemented in FspecSpace, OverlaySpace, JoinSpace, SpacebaseSpace, ConstantSpace, and IopSpace.
|
virtual |
Recover an offset and size.
For an XML tag describing an address in this space, this routine recovers the offset and possibly the size described by the tag
el | is the XML address tag |
size | is a reference where the recovered size should be stored |
Reimplemented in JoinSpace.
|
protected |
Write the XML attributes of this space.
Save the name, index, bigendian, delay, size, wordsize, and physical attributes which are common with all address spaces derived from AddrSpace
s | the stream where the attributes are written |
|
virtual |
Write the details of this space as XML.
Write a tag fully describing the details of this space suitable for later recovery via restoreXml.
s | is the stream being written |
Reimplemented in FspecSpace, OverlaySpace, JoinSpace, UniqueSpace, OtherSpace, SpacebaseSpace, ConstantSpace, and IopSpace.
|
virtual |
Save an address as XML.
Write the main XML attributes for an address within this space The caller provides only the offset, and this routine fills in other details pertaining to this particular space.
s | is the stream to write to |
offset | is the offset of the address |
Reimplemented in FspecSpace, JoinSpace, and IopSpace.
|
virtual |
Save an address and size as XML.
Write the main XML attributes of an address with this space and a size. The caller provides the offset and size, and other details about this particular space are filled in.
s | is the stream to write to |
offset | is the offset of the address |
size | is the size of the memory location |
Reimplemented in FspecSpace, JoinSpace, and IopSpace.
|
inlineprotected |
Set a cached attribute.
An internal method for derived classes to set space attributes
fl | is the set of attributes to be set |
|
inlinevirtual |
Return true if a stack in this space grows negative.
For stack (or other spacebase) spaces, this routine returns true if the space can viewed as a stack and a push operation causes the spacebase pointer to be decreased (grow negative)
Reimplemented in SpacebaseSpace.
|
protected |
The logical form of the space is truncated from its actual size Pointers may refer to this original size put the most significant bytes are ignored
newsize | is the size (in bytes) of the truncated (logical) space |
|
inline |
Wrap -off- to the offset that fits into this space.
Calculate off modulo the size of this address space in order to construct the offset "equivalent" to off that fits properly into this space
off | is the offset requested |