-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy path0848-Reduce-far-pointers-to-near-in-segmented-code.patch
193 lines (180 loc) · 8.21 KB
/
0848-Reduce-far-pointers-to-near-in-segmented-code.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Gregory Morse <[email protected]>
Date: Sat, 27 Jul 2019 18:03:21 +0200
Subject: [PATCH] 0848: Reduce far pointers to near in segmented code
Proposal to convert far pointers to near pointers which are bound as far pointers in type parameters to functions for example which is otherwise not detected or properly translated.
The casting time is a too late and not ideal time for this code. Possibly at function binding time would be better to detect it. However it is tested and working and reasonably generic using the default segment e.g. global RAM for its basis, checking the segment op, checking matching sizes, and finally that a near pointer already is present which can cause discarding of the segment and this awkward CONCAT structure that gets emitted in code.
CALLOTHER or even SEGMENTOP is better but needs to be processed earlier or CONCAT just becomes SEGMENT in the code. Otherwise this direct simplification (which ruleaction segment reducer should deal with) also works. First proposal only.
Sequences like this are now fixed:
PUSH SS
PUSH AX
Fixes other half of #817
This fixes a great deal of cases and is one of the greatest output quality improvements in segmented code to date. This is the rigorous and serious attempt at a generalized fix which appears to now work correctly and is versatile.
Update coreaction.cc
Update coreaction.cc
Update coreaction.cc
Update coreaction.cc
Update funcdata.hh
Update funcdata_varnode.cc
Update funcdata_varnode.cc
Update funcdata.hh
Update coreaction.cc
Update funcdata_varnode.cc
Update coreaction.cc
Update funcdata.hh
Update funcdata_varnode.cc
Update coreaction.cc
Update coreaction.cc
Update coreaction.cc
Update coreaction.cc
Update funcdata.hh
Update funcdata.cc
Update coreaction.cc
Update funcdata.hh
Update funcdata.cc
Update coreaction.cc
Update funcdata.hh
Update funcdata.cc
Update coreaction.cc
Update coreaction.cc
Update coreaction.cc
---
.../src/decompile/cpp/coreaction.cc | 22 ++++++-
.../Decompiler/src/decompile/cpp/funcdata.cc | 66 +++++++++++++++++++
.../Decompiler/src/decompile/cpp/funcdata.hh | 1 +
3 files changed, 88 insertions(+), 1 deletion(-)
diff --git a/Ghidra/Features/Decompiler/src/decompile/cpp/coreaction.cc b/Ghidra/Features/Decompiler/src/decompile/cpp/coreaction.cc
index c7c2e45f7a..3404a2bb5a 100644
--- a/Ghidra/Features/Decompiler/src/decompile/cpp/coreaction.cc
+++ b/Ghidra/Features/Decompiler/src/decompile/cpp/coreaction.cc
@@ -1504,8 +1504,10 @@ void ActionFuncLink::funcLinkInput(FuncCallSpecs *fc,Funcdata &data)
spacebase = (AddrSpace *)0; // With a locked stack parameter, we don't need a stackplaceholder
}
}
- else
+ else {
data.opInsertInput(op,data.newVarnode(param->getSize(),param->getAddress()),op->numInput());
+ }
+ data.segmentizeFarPtr(param->getType(), param->isTypeLocked(), op->getIn(op->numInput() - 1), false);
}
}
if (spacebase != (AddrSpace *)0) // If we need it, create the stackplaceholder
@@ -1549,6 +1551,7 @@ void ActionFuncLink::funcLinkOutput(FuncCallSpecs *fc,Funcdata &data)
return;
}
data.newVarnodeOut(sz,addr,callop);
+ data.segmentizeFarPtr(outparam->getType(), outparam->isTypeLocked(), callop->getOut(), false);
VarnodeData vdata;
OpCode res = fc->assumedOutputExtension(addr,sz,vdata);
if (res == CPUI_PIECE) { // Pick an extension based on type
@@ -5242,6 +5245,23 @@ int4 ActionInferTypes::apply(Funcdata &data)
}
return 0;
}
+ if (localcount == 0) {
+ Datatype* ct;
+ Varnode* vn;
+ VarnodeLocSet::const_iterator iter;
+
+ for (iter = data.beginLoc(); iter != data.endLoc(); ++iter) {
+ vn = *iter;
+ if (vn->isAnnotation()) continue;
+ if ((!vn->isWritten()) && (vn->hasNoDescend())) continue;
+ bool needsBlock = false;
+ ct = vn->getLocalType(needsBlock);
+ bool bBegin = false;
+ if (iter == data.beginLoc()) bBegin = true; else iter--;
+ data.segmentizeFarPtr(ct, vn->isTypeLock(), vn, true);
+ if (bBegin) iter = data.beginLoc(); else iter++;
+ }
+ }
data.getScopeLocal()->applyTypeRecommendations();
buildLocaltypes(data); // Set up initial types (based on local info)
for(iter=data.beginLoc();iter!=data.endLoc();++iter) {
diff --git a/Ghidra/Features/Decompiler/src/decompile/cpp/funcdata.cc b/Ghidra/Features/Decompiler/src/decompile/cpp/funcdata.cc
index 21abe0dd85..e318eda7c3 100644
--- a/Ghidra/Features/Decompiler/src/decompile/cpp/funcdata.cc
+++ b/Ghidra/Features/Decompiler/src/decompile/cpp/funcdata.cc
@@ -459,6 +459,72 @@ void Funcdata::spacebaseConstant(PcodeOp *op,int4 slot,SymbolEntry *entry,const
opSetInput(op,outvn,slot);
}
+void Funcdata::segmentizeFarPtr(Datatype* ct, bool locked, Varnode* vn, bool segmentize)
+{
+ SegmentOp* segdef = (SegmentOp*)0;
+ if ((ct->getMetatype() == TYPE_PTR ||
+ ct->getMetatype() == TYPE_CODE) && locked) {
+ Architecture* glb = getArch();
+ AddrSpace* rspc = glb->getDefaultDataSpace();
+ bool arenearpointers = rspc->hasNearPointers();
+ if (arenearpointers && rspc->getAddrSize() == vn->getSize())
+ if (rspc != (AddrSpace *)0)
+ segdef = glb->userops.getSegmentOp(rspc->getIndex());
+ }
+ //need to go through every single time this varnode is written to
+ if (segdef != (SegmentOp*)0 && vn->getDef() != (PcodeOp*)0 && !vn->isPtrCheck() &&
+ vn->getDef()->code() != CPUI_SEGMENTOP && vn->getDef()->code() != CPUI_CALLOTHER) {
+ PcodeOp* segroot = vn->getDef();
+ Varnode* outvn = newUnique(vn->getSize());
+ opSetOutput(segroot, outvn);
+ PcodeOp* piece1 = newOp(2, segroot->getAddr());
+ opSetOpcode(piece1, CPUI_SUBPIECE);
+ Varnode* vn1 = newUniqueOut(segdef->getBaseSize(), piece1);
+ opSetInput(piece1, outvn, 0);
+ opSetInput(piece1, newConstant(outvn->getSize(), segdef->getInnerSize()), 1);
+ opInsertAfter(piece1, segroot);
+ PcodeOp* piece2 = newOp(2, segroot->getAddr());
+ opSetOpcode(piece2, CPUI_SUBPIECE);
+ Varnode* vn2 = newUniqueOut(segdef->getInnerSize(), piece2);
+ opSetInput(piece2, outvn, 0);
+ opSetInput(piece2, newConstant(outvn->getSize(), 0), 1);
+ opInsertAfter(piece2, piece1);
+ PcodeOp* newop = newOp(3, segroot->getAddr());
+ opSetOutput(newop, vn);
+ opSetOpcode(newop, CPUI_CALLOTHER);
+ //endianness could matter here - e.g. CALLF addr16 on x86 uses segment(*:2 (ptr+2),*:2 ptr)
+ opSetInput(newop, newConstant(4, segdef->getIndex()), 0);
+ opSetInput(newop, vn1, 1); //need to check size of segment
+ opSetInput(newop, vn2, 2); //need to check size of offset
+ opInsertAfter(newop, piece2);
+ vn->setPtrCheck();
+ outvn->setPtrCheck();
+
+ if (segmentize) {//FuncLinkInput/FuncLinkOutput come before segmentize, the rest require at least Spacebase for type locks
+ segroot = vn->getDef();
+ vector<Varnode*> bindlist;
+ bindlist.push_back((Varnode*)0);
+ bindlist.push_back((Varnode*)0);
+ if (!segdef->unify(*this, segroot, bindlist)) {
+ ostringstream err;
+ err << "Segment op in wrong form at ";
+ segroot->getAddr().printRaw(err);
+ throw LowlevelError(err.str());
+ }
+
+ if (segdef->getNumVariableTerms() == 1)
+ bindlist[1] = newConstant(4, 0);
+ // Redefine the op as a segmentop
+ opSetOpcode(segroot, CPUI_SEGMENTOP);
+ opSetInput(segroot, newVarnodeSpace(segdef->getSpace()), 0);
+ opSetInput(segroot, bindlist[1], 1);
+ opSetInput(segroot, bindlist[0], 2);
+ for (int4 j = segroot->numInput() - 1; j > 2; --j) // Remove anything else
+ opRemoveInput(segroot, j);
+ }
+ }
+}
+
void Funcdata::clearCallSpecs(void)
{
diff --git a/Ghidra/Features/Decompiler/src/decompile/cpp/funcdata.hh b/Ghidra/Features/Decompiler/src/decompile/cpp/funcdata.hh
index 23aafec62a..5ce115986e 100644
--- a/Ghidra/Features/Decompiler/src/decompile/cpp/funcdata.hh
+++ b/Ghidra/Features/Decompiler/src/decompile/cpp/funcdata.hh
@@ -227,6 +227,7 @@ public:
Varnode *constructSpacebaseInput(AddrSpace *id);
Varnode *constructConstSpacebase(AddrSpace *id);
void spacebaseConstant(PcodeOp *op,int4 slot,SymbolEntry *entry,const Address &rampoint,uintb origval,int4 origsize);
+ void segmentizeFarPtr(Datatype* ct, bool locked, Varnode* vn, bool segmentize);
int4 getHeritagePass(void) const { return heritage.getPass(); } ///< Get overall count of heritage passes
--
2.45.1