A container of commands that override the decompiler's default behavior for a single function. More...

#include <override.hh>

Public Types
enum	{ NONE = 0, BRANCH = 1, CALL = 2, CALL_RETURN = 3, RETURN = 4 }
	Enumeration of possible branch overrides. More...

Public Member Functions
	~Override (void)
	Destructor.

void	insertForceGoto (const Address &targetpc, const Address &destpc)
	Force a specific branch instruction to be an unstructured goto. More...

void	insertDeadcodeDelay (AddrSpace *spc, int4 delay)
	Override the number of passes that are executed before dead-code elimination starts. More...

bool	hasDeadcodeDelay (AddrSpace *spc) const
	Check if a delay override is already installed for an address space. More...

void	insertIndirectOverride (const Address &callpoint, const Address &directcall)
	Override an indirect call turning it into a direct call. More...

void	insertProtoOverride (const Address &callpoint, FuncProto *p)
	Override the assumed function prototype at a specific call site. More...

void	insertMultistageJump (const Address &addr)
	Flag an indirect jump for multistage analysis. More...

void	insertFlowOverride (const Address &addr, uint4 type)
	Mark a branch instruction with a different flow type. More...

void	applyPrototype (Funcdata &data, FuncCallSpecs &fspecs) const
	Look for and apply a function prototype override. More...

void	applyIndirect (Funcdata &data, FuncCallSpecs &fspecs) const
	Look for and apply destination overrides of indirect calls. More...

bool	queryMultistageJumptable (const Address &addr) const
	Check for a multistage marker for a specific indirect jump. More...

void	applyDeadCodeDelay (Funcdata &data) const
	Apply any dead-code delay overrides. More...

void	applyForceGoto (Funcdata &data) const
	Push all the force-goto overrides into the function. More...

bool	hasFlowOverride (void) const
	Are there any flow overrides.

uint4	getFlowOverride (const Address &addr) const
	Return the particular flow override at a given address. More...

void	printRaw (ostream &s, Architecture *glb) const
	Dump a description of the overrides to stream. More...

void	generateOverrideMessages (vector< string > &messagelist, Architecture *glb) const
	Create warning messages that describe current overrides. More...

void	encode (Encoder &encoder, Architecture *glb) const
	Encode the override commands to a stream. More...

void	decode (Decoder &decoder, Architecture *glb)
	Parse and <override> element containing override commands. More...

Static Public Member Functions
static string	typeToString (uint4 tp)
	Convert a flow override type to a string. More...

static uint4	stringToType (const string &nm)
	Convert a string to a flow override type. More...

Private Member Functions
void	clear (void)
	Clear the entire set of overrides.

Static Private Member Functions
static string	generateDeadcodeDelayMessage (int4 index, Architecture *glb)
	Generate warning message related to a dead code delay. More...

Private Attributes
map< Address, Address >	forcegoto
	Force goto on jump at targetpc to destpc.

vector< int4 >	deadcodedelay
	Delay count indexed by address space.

map< Address, Address >	indirectover
	Override indirect at call-point into direct to addr.

map< Address, FuncProto * >	protoover
	Override prototype at call-point.

vector< Address >	multistagejump
	Addresses of indirect jumps that need multistage recovery.

map< Address, uint4 >	flowoverride
	Override the CALL <-> BRANCH.

Detailed Description

A container of commands that override the decompiler's default behavior for a single function.

Information about a particular function that can be overridden includes:

sub-functions: How they are called and where they call to
jumptables: Mark indirect jumps that need multistage analysis
deadcode: Details about how dead code is eliminated
data-flow: Override the interpretation of specific branch instructions

Commands exist independently of the main data-flow, control-flow, and symbol structures and survive decompilation restart. A few analyses, mid transformation, insert a new command to fix a problem that was discovered too late and then force a restart via Funcdata::setRestartPending()

The class accept new commands via the insert* methods. The decompiler applies them by calling the apply* or get* methods.

Member Enumeration Documentation

◆ anonymous enum

anonymous enum

Enumeration of possible branch overrides.

Enumerator
NONE	No override.
BRANCH	Replace primary CALL or RETURN with suitable BRANCH operation.
CALL	Replace primary BRANCH or RETURN with suitable CALL operation.
CALL_RETURN	Replace primary BRANCH or RETURN with suitable CALL/RETURN operation.
RETURN	Replace primary BRANCH or CALL with a suitable RETURN operation.

Member Function Documentation

◆ applyDeadCodeDelay()

void ghidra::Override::applyDeadCodeDelay ( Funcdata & data ) const

Apply any dead-code delay overrides.

Look for delays of each address space and apply them to the Heritage object

Parameters

data	is the function

References deadcodedelay, ghidra::Funcdata::getArch(), ghidra::AddrSpaceManager::getSpace(), and ghidra::Funcdata::setDeadCodeDelay().

Referenced by ghidra::Funcdata::startProcessing(), and ~Override().

◆ applyForceGoto()

void ghidra::Override::applyForceGoto ( Funcdata & data ) const

Push all the force-goto overrides into the function.

Parameters

data	is the function

References forcegoto, and ghidra::Funcdata::forceGoto().

Referenced by ghidra::ActionForceGoto::apply(), and ~Override().

◆ applyIndirect()

void ghidra::Override::applyIndirect	(	Funcdata &	data,
		FuncCallSpecs &	fspecs
	)		const

Look for and apply destination overrides of indirect calls.

Given an indirect call, look for any overrides, then copy in the overriding target address of the direct call

Parameters

data	is (calling) function
fspecs	is a reference to the call specification

References ghidra::PcodeOp::getAddr(), ghidra::FuncCallSpecs::getOp(), indirectover, and ghidra::FuncCallSpecs::setAddress().

Referenced by ghidra::FlowInfo::setupCallindSpecs(), and ~Override().

◆ applyPrototype()

void ghidra::Override::applyPrototype	(	Funcdata &	data,
		FuncCallSpecs &	fspecs
	)		const

Look for and apply a function prototype override.

Given a call point, look for a prototype override and copy the call specification in

Parameters

data	is the (calling) function
fspecs	is a reference to the call specification

References ghidra::FuncProto::copy(), ghidra::PcodeOp::getAddr(), ghidra::FuncCallSpecs::getOp(), and protoover.

Referenced by ghidra::FlowInfo::setupCallindSpecs(), ghidra::FlowInfo::setupCallSpecs(), and ~Override().

◆ decode()

void ghidra::Override::decode	(	Decoder &	decoder,
		Architecture *	glb
	)

Parse and <override> element containing override commands.

Parameters

decoder	is the stream decoder
glb	is the Architecture

References ghidra::Decoder::closeElement(), ghidra::Address::decode(), ghidra::FuncProto::decode(), ghidra::Architecture::defaultfp, ghidra::TypeFactory::getTypeVoid(), insertDeadcodeDelay(), insertFlowOverride(), insertForceGoto(), insertIndirectOverride(), insertMultistageJump(), insertProtoOverride(), NONE, ghidra::Decoder::openElement(), ghidra::Decoder::readSignedInteger(), ghidra::Decoder::readSpace(), ghidra::Decoder::readString(), ghidra::FuncProto::setInternal(), stringToType(), and ghidra::Architecture::types.

Referenced by ghidra::Funcdata::decode(), and hasFlowOverride().

◆ encode()

void ghidra::Override::encode	(	Encoder &	encoder,
		Architecture *	glb
	)		const

Encode the override commands to a stream.

All the commands are written as children of a root <override> element.

Parameters

encoder	is the stream encoder
glb	is the Architecture

References ghidra::Encoder::closeElement(), deadcodedelay, flowoverride, forcegoto, ghidra::AddrSpaceManager::getSpace(), indirectover, multistagejump, ghidra::Encoder::openElement(), protoover, typeToString(), ghidra::Encoder::writeSignedInteger(), ghidra::Encoder::writeSpace(), and ghidra::Encoder::writeString().

Referenced by ghidra::Funcdata::encode(), and hasFlowOverride().

◆ generateDeadcodeDelayMessage()

string ghidra::Override::generateDeadcodeDelayMessage	(	int4	index,
		Architecture *	glb
	)

staticprivate

Generate warning message related to a dead code delay.

This is triggered by the insertDeadcodeDelay() command on a specific address space

Parameters

index	is the index of the address space
glb	is the Architecture object

Returns: the generated message

References ghidra::AddrSpace::getName(), and ghidra::AddrSpaceManager::getSpace().

Referenced by generateOverrideMessages().

◆ generateOverrideMessages()

void ghidra::Override::generateOverrideMessages	(	vector< string > &	messagelist,
		Architecture *	glb
	)		const

Create warning messages that describe current overrides.

Message are designed to be displayed in the function header comment

Parameters

messagelist	will hold the generated list of messages
glb	is the Architecture

References deadcodedelay, and generateDeadcodeDelayMessage().

Referenced by ghidra::ActionPrototypeWarnings::apply(), and hasFlowOverride().

◆ getFlowOverride()

uint4 ghidra::Override::getFlowOverride ( const Address & addr ) const

Return the particular flow override at a given address.

Parameters

addr	is the address of a branch instruction

Returns: the override type

References flowoverride, and NONE.

Referenced by hasFlowOverride(), and ghidra::FlowInfo::processInstruction().

◆ hasDeadcodeDelay()

bool ghidra::Override::hasDeadcodeDelay ( AddrSpace * spc ) const

Check if a delay override is already installed for an address space.

Parameters

spc	is the address space

Returns: true if an override has already been installed

References deadcodedelay, ghidra::AddrSpace::getDeadcodeDelay(), and ghidra::AddrSpace::getIndex().

Referenced by ~Override().

◆ insertDeadcodeDelay()

void ghidra::Override::insertDeadcodeDelay	(	AddrSpace *	spc,
		int4	delay
	)

Override the number of passes that are executed before dead-code elimination starts.

Every address space has an assigned delay (which may be zero) before a PcodeOp involving a Varnode in that address space can be eliminated. This command allows the delay for a specific address space to be increased so that new Varnode accesses can be discovered.

Parameters

spc	is the address space to modify
delay	is the size of the delay (in passes)

References deadcodedelay, and ghidra::AddrSpace::getIndex().

Referenced by decode(), and ~Override().

◆ insertFlowOverride()

void ghidra::Override::insertFlowOverride	(	const Address &	addr,
		uint4	type
	)

Mark a branch instruction with a different flow type.

Change the interpretation of a BRANCH, CALL, or RETURN

Parameters

addr	is the address of the branch instruction
type	is the type of flow that should be forced

References flowoverride.

Referenced by decode(), ghidra::Architecture::decodeFlowOverride(), and ~Override().

◆ insertForceGoto()

void ghidra::Override::insertForceGoto	(	const Address &	targetpc,
		const Address &	destpc
	)

Force a specific branch instruction to be an unstructured goto.

The command is specified as the address of the branch instruction and the destination address of the branch. The decompiler will automatically mark this as a unstructured, when trying to structure the control-flow

Parameters