Package com.pnfsoftware.jeb.core.units.code.asm.decompiler.ir

Class EUtil

java.lang.Object
com.pnfsoftware.jeb.core.units.code.asm.decompiler.ir.EUtil
public class EUtil extends Object
Utility methods to manipulate IR expressions.

  • Constructor Details

    • EUtil

      public EUtil()

  • Method Details

    • formatStatements

      public static String formatStatements(List<? extends IEStatement> irlist)

    • formatIR

      public static String formatIR(IERoutineContext ectx)
      Format an IR-CFG.
      Parameters:
      ectx - routine context
      Returns:
      the formatted CFG

    • formatIR

      public static String formatIR(IERoutineContext ectx, boolean displayOffsets, boolean displayDataChains, boolean displayTypes)
      Format an IR-CFG.
      Parameters:
      ectx - routine context
      displayOffsets -
      displayDataChains -
      displayTypes -
      Returns:
      the formatted CFG

    • dump

      public static void dump(CFG<IEStatement> cfg, String filename)
      Dump an IR-CFG to a Graphviz dot file in the user's temporary folder.
      Parameters:
      cfg - CFG
      filename - filename (the ".dot" extension will be appended if necessary)

    • dump

      public static void dump(CFG<IEStatement> cfg, String filename, String title)
      Dump an IR-CFG to a Graphviz dot file in the user's temporary folder.
      Parameters:
      cfg - CFG
      filename - filename (the ".dot" extension will be appended if necessary)
      title - optional title or header string

    • verify

      public static void verify(IERoutineContext ctx)
      Verify an IR-CFG. This method relies on the ECFGVerifier and throws on error.
      Parameters:
      ctx - IR context

    • verify

      public static void verify(CFG<IEStatement> cfg)
      Verify an IR-CFG. This method relies on the ECFGVerifier and throws on error.
      Parameters:
      cfg - IR graph

    • isPCAssign

      public static boolean isPCAssign(IEStatement stm)
      Determine if the provided statement is a PC-assign: PC = ...
      Parameters:
      stm - a statement
      Returns:

    • isSPAssign

      public static boolean isSPAssign(IEStatement stm)
      Determine if the provided statement is a SP-assign: SP = ... or SP[slice] = ....
      Parameters:
      stm - a statement
      Returns:

    • isSPAssignOrPCAssign

      public static boolean isSPAssignOrPCAssign(IEStatement stm)
      Determine if the provided statement is assigning the stack pointer or the program counter. Combines isSPAssign(IEStatement) isPCAssign(IEStatement) in a single efficient call.
      Parameters:
      stm - a statement
      Returns:

    • imm

      public static IEImm imm(long val, int bitsize)
      Create an immediate, limited to 64 bits.
      Parameters:
      val -
      bitsize -
      Returns:

    • imm

      public static IEImm imm(byte[] val, int bitsize)
      Create an arbitrary-long immediate.
      Parameters:
      val - big-endian bytes of the value
      bitsize -
      Returns:

    • imm

      public static IEImm imm(BigInteger val, int bitsize)
      Create an arbitrary-long immediate.
      Parameters:
      val - value
      bitsize -
      Returns:

    • imm

      public static IEImm imm(String val, int bitsize)
      Create an arbitrary-long immediate.
      Parameters:
      val - string representation of the integer immediate
      bitsize -
      Returns:

    • one

      public static IEImm one(int bitsize)
      Generates the value 1L with defined bitsize. Do not mistake #one(ERoutineContext, int) for #ones(ERoutineContext, int)
      Parameters:
      bitsize - Bitsize of the EImm

    • zero

      public static IEImm zero(int bitsize)
      Generates the value 0 with defined bitsize.
      Parameters:
      bitsize - Bitsize of the EImm

    • minusOne

      public static IEImm minusOne(int bitsize)
      Generates the value -1, ie an EImm filled with ones.
      Parameters:
      bitsize - Bitsize of the EImm

    • mask

      public static IEImm mask(int bitsize, int maskbits)
      Create a bit mask, eg mask(16, 4) will create the mask: b0000000000001111
      Parameters:
      bitsize -
      maskbits - must be less than or equal to `bitsize`
      Returns:

    • mask

      public static IEImm mask(int bitsize, int maskbegin, int maskend)
      Create a bit mask, eg mask(16, 1, 5) will create the mask: b0000000000011110
      Parameters:
      bitsize -
      maskbegin - start bit of the mask, inclusive
      maskend - end bit of the mask, exclusive
      Returns:

    • compose

      public static IEGeneric compose(IERoutineContext ctx, IEGeneric... elts)
      Create a composition if the provided list of elements contains at least two entries, else return the single element.
      Parameters:
      elts -
      Returns:

    • compose

      public static IEGeneric compose(IERoutineContext ctx, Collection<IEGeneric> elts)
      Create a composition if the provided list of elements contains at list two entries, else return the single element.
      Parameters:
      elts -
      Returns:

    • checkTrue

      public static IEGeneric checkTrue(IEGeneric e)

    • checkFalse

      public static IEGeneric checkFalse(IEGeneric e)

    • isOperation

      public static boolean isOperation(IEGeneric e, OperationType optype)
      Determine if the IEGeneric is an IEOperation. Use when e can be null, otherwise prefer native IEGeneric.isOperation(OperationType)
      Parameters:
      e - IR expression
      Returns:
      e != null && e.IsOperation(optype)

    • isOperation

      public static boolean isOperation(IEGeneric e, OperationType... optypes)
      Determine if the IEGeneric is an IEOperation. Use when e can be null, otherwise prefer native IEGeneric.isOperation(OperationType...)
      Parameters:
      e - IR expression
      Returns:
      e != null && e.IsOperation(optypes)

    • isLogicalOperation

      public static boolean isLogicalOperation(IEGeneric e)
      ""Boolean"" operation (and, or, not, eq/neq and all greater/lesser comparisons)
      Parameters:
      e - IR expression
      Returns:
      true if this is a logical operation

    • isComparableOperation

      public static boolean isComparableOperation(IEGeneric e)
      ""Boolean"" comparable operation (eq/neq and all greater/lesser comparisons)
      Parameters:
      e - IR expression
      Returns:
      true if this is a comparable operation

    • isComparableOperation

      public static boolean isComparableOperation(IEOperation e)

    • isComparableIntegerOperation

      public static boolean isComparableIntegerOperation(IEOperation e)

    • isComparableSignedOperation

      public static boolean isComparableSignedOperation(IEOperation e)

    • isComparableOperation

      public static boolean isComparableOperation(IEOperation e, boolean allowUnsigned, boolean allowFloat)

    • isStrictLogicalOperation

      public static boolean isStrictLogicalOperation(IEGeneric e)
      Logical operations that should have logical operands (and, or, not)

    • isStrictLogicalOperation

      public static boolean isStrictLogicalOperation(IEOperation e)

    • getOperation

      public static OperationType getOperation(IEGeneric e, OperationType... optypes)

    • getOperation

      public static OperationType getOperation(IEOperation e, OperationType... optypes)

    • isOperationSize

      public static boolean isOperationSize(IEGeneric e, int bitsize)

    • getReverseOperation

      public static OperationType getReverseOperation(OperationType optype)

    • getMirrorOperation

      public static OperationType getMirrorOperation(OperationType optype)

    • isVar

      public static boolean isVar(IEGeneric e, int id)

    • isVarOrVarSlice

      public static boolean isVarOrVarSlice(IEGeneric e)

    • getVarSlice

      public static IEVar getVarSlice(IEGeneric e)

    • getVarSliceId

      public static Integer getVarSliceId(IEGeneric e)

    • isZero

      public static boolean isZero(IEGeneric e)
      Verify that an IRE is a Zero representation (EImm(0) or ESlice(0, x, x))

    • isOne

      public static boolean isOne(IEGeneric e)
      Verify that an IRE is an immediate holding 1.

      IMPORTANT: i1:1 will fail the test since it is equal to -1. Consider using isBitOne(IEGeneric) or isMinusOne(IEGeneric) instead.

    • isMinusOne

      public static boolean isMinusOne(IEGeneric e)
      Verify that an IRE is an immediate holding the value -1.

    • isBitOne

      public static boolean isBitOne(IEGeneric e)
      Verify that an IRE is a single-bit immediate set to 1 (technically, -1).

    • isBitZero

      public static boolean isBitZero(IEGeneric e)
      Verify that an IRE is a single-bit immediate set to 0.

    • isImmSize

      public static boolean isImmSize(IEGeneric e, int bitsize)

    • isImmValue

      public static boolean isImmValue(IEGeneric e, long value)

    • isImmValue

      public static boolean isImmValue(IEGeneric e, BigInteger value)

    • isImmZero

      public static boolean isImmZero(IEGeneric e)

    • isImmNonZero

      public static boolean isImmNonZero(IEGeneric e)

    • isCondEAssign

      public static boolean isCondEAssign(IEStatement e)

    • isJump

      public static boolean isJump(IEGeneric e)

    • isUnconditionalJump

      public static boolean isUnconditionalJump(IEStatement e)

    • isConditionalJump

      public static boolean isConditionalJump(IEStatement e)

    • makeUncond

      public static void makeUncond(IEJumpWithOptionalCondition j)
      throws if failure

    • isAssignedIn

      public static boolean isAssignedIn(BasicBlock<IEStatement> bb, IEGeneric checkedDst)
      Check that an IRE is assigned in a basic block.

      This method does not rely on data flow analysis; it simply searches for an assignment to the given IRE.

      Parameters:
      checkedDst -
      Returns:

    • getSubExpressions

      public static List<IEGeneric> getSubExpressions(IEGeneric e)
      Collect the sub-expressions of an IRE. Simply calls IEGeneric#getSubExpressions(List). Not recursive!
      Parameters:
      e -
      Returns:

    • countSubExpressions

      public static int countSubExpressions(IEGeneric e)
      Collect sub-expressions of the input expression and return the cardinal of that collection. Simply calls IEGeneric#getSubExpressions(List). Not recursive!
      Parameters:
      e -
      Returns:

    • sameBitsize

      public static int sameBitsize(IEGeneric... elts)
      If all the provided expressions have the same bitsize, return it. Null elements are considered invalid and will result in a failure (the method will return 0).
      Parameters:
      elts - a list of IRE
      Returns:
      the common bitsize of all provided elements; 0 if the elements do not have the same bitsize

    • sameBitsizeAllowNulls

      public static int sameBitsizeAllowNulls(IEGeneric... elts)
      If all the provided expressions have the same bitsize, return it. Null elements are ignored.
      Parameters:
      elts - a list of IRE
      Returns:
      the common bitsize of all provided elements; 0 if the elements do not have the same bitsize

    • countVariableUse

      public static int countVariableUse(IEGeneric e)

    • calculateComplexity

      public static int calculateComplexity(IEGeneric e)
      Calculate the trivial complexity metric for the provided IR expression. Every IR element has a weight of 1.
      Parameters:
      e -
      Returns:

    • countVariablePresence

      public static int countVariablePresence(IEGeneric e, IEVar target)
      Count the number of times an IEVar is present in an expression. (Defined vars are counted as well.)
      Parameters:
      e -
      target - IEVar to be counter
      Returns:

    • countExpressionPresence

      public static int countExpressionPresence(IEGeneric e, IEGeneric target)
      Recursively count (using deep equality) how many times the provided target is seen in the input expression.
      Parameters:
      e - expression to be examined
      target - target
      Returns:
      presence count

    • countExpressionsPresence

      public static void countExpressionsPresence(IEGeneric e, List<IEGeneric> targets, int[] acounts)
      Recursively count (using deep equality) how many times each of the provided targets is seen in the input expression.
      Parameters:
      e - expression to be examined
      targets - targets
      acounts - output counts, the array size must match target's, and counts must be initially set to 0

    • getUsedVarIds

      public static Set<Integer> getUsedVarIds(IEGeneric e)

    • collectVars

      public static Set<IEVar> collectVars(IEGeneric e)

    • collectVars

      public static void collectVars(IEGeneric e, Collection<IEVar> sink)
      Collect all EVars of an expression. If the expression is an EVar, it will be collected.
      Parameters:
      e - IR expression
      sink - a recipient for collected EVars. Note that a set may be used to collect unique EVars, or a list may be used to collect all encountered EVars

    • hasExplicitlyUsedVar

      public static boolean hasExplicitlyUsedVar(IEGeneric e, IEVar target)

    • isTrampoline

      public static boolean isTrampoline(BasicBlock<IEStatement> bb)

    • reversePredicate

      public static IEGeneric reversePredicate(IEGeneric predicate)

    • containsUndeterminedInvocations

      public static boolean containsUndeterminedInvocations(IEGeneric e)
      Indicates if the generic expression invokes any undetermined kind of call (meaning IECall, IEJumpFar or IEUntranslatedInstruction)
      Parameters:
      e - IEGeneric
      Returns:
      true if the expression contains undetermined invocation.

    • containsMemoryAccess

      public static boolean containsMemoryAccess(IEGeneric e)
      Indicates if the generic expression contains any memory access (meaning IEMem)
      Parameters:
      e - IEGeneric
      Returns:
      true if the expression contains memory access.

    • contains

      public static boolean contains(IEGeneric target, IEGeneric token)
      Indicates if the target expression contains any token expression
      Parameters:
      target - expression to search into
      token - token to search
      Returns:
      true if target contains token

    • buildStrictLogicalOperation

      public static IEOperation buildStrictLogicalOperation(IEOperation e)
      Check if the operands of logical OR, AND and NOT are ""booleans"", i.e. logical operations.

      In case they are not, a new operation with boolean operands is built (based on LOG_NEQ 0).

      Returns:
      transformed IRE

    • buildLogicalOperation

      public static IEOperation buildLogicalOperation(IEOperation e)
      Transform the operands of an operation into logical operands (LOG_NEQ with 0).

    • buildStrictLogicalECond

      public static IECond buildStrictLogicalECond(IECond e)
      Check if the ECond predicate is a ""boolean"", i.e. a logical operation.

      In case it is not, a new ECond with a boolean predicate is built (based on LOG_NEQ 0).

      Returns:
      transformed IRE

    • op

      public static IEOperation op(OperationType operator, IEGeneric a)

    • op

      public static IEOperation op(OperationType operator, IEGeneric a, IEGeneric b)

    • ltS

      public static IEOperation ltS(IEGeneric a, IEGeneric b)

    • leS

      public static IEOperation leS(IEGeneric a, IEGeneric b)

    • gtS

      public static IEOperation gtS(IEGeneric a, IEGeneric b)

    • geS

      public static IEOperation geS(IEGeneric a, IEGeneric b)

    • ltU

      public static IEOperation ltU(IEGeneric a, IEGeneric b)

    • leU

      public static IEOperation leU(IEGeneric a, IEGeneric b)

    • gtU

      public static IEOperation gtU(IEGeneric a, IEGeneric b)

    • geU

      public static IEOperation geU(IEGeneric a, IEGeneric b)

    • eq

      public static IEOperation eq(IEGeneric a, IEGeneric b)

    • ne

      public static IEOperation ne(IEGeneric a, IEGeneric b)

    • andL

      public static IEOperation andL(IEGeneric a, IEGeneric b)

    • orL

      public static IEOperation orL(IEGeneric a, IEGeneric b)

    • notL

      public static IEGeneric notL(IEGeneric a)

    • notL

      public static IEGeneric notL(IEGeneric a, boolean allowOpt)

    • identL

      public static IEGeneric identL(IEGeneric a)

    • andB

      public static IEOperation andB(IEGeneric a, IEGeneric b)

    • orB

      public static IEOperation orB(IEGeneric a, IEGeneric b)

    • xorB

      public static IEOperation xorB(IEGeneric a, IEGeneric b)

    • notB

      public static IEGeneric notB(IEGeneric a)

    • add

      public static IEOperation add(IEGeneric a, IEGeneric b)

    • add

      public static IEOperation add(IEGeneric a, IEGeneric b, IEGeneric c)

    • sub

      public static IEOperation sub(IEGeneric a, IEGeneric b)

    • mul

      public static IEOperation mul(IEGeneric a, IEGeneric b)

    • div

      public static IEOperation div(IEGeneric a, IEGeneric b, boolean signed)
      Alias for divS(IEGeneric, IEGeneric) / divU(IEGeneric, IEGeneric)

    • divS

      public static IEOperation divS(IEGeneric a, IEGeneric b)

    • divU

      public static IEOperation divU(IEGeneric a, IEGeneric b)

    • remS

      public static IEOperation remS(IEGeneric a, IEGeneric b)

    • remU

      public static IEOperation remU(IEGeneric a, IEGeneric b)

    • shl

      public static IEOperation shl(IEGeneric a, IEGeneric b)

    • shr

      public static IEOperation shr(IEGeneric a, IEGeneric b)

    • sar

      public static IEOperation sar(IEGeneric a, IEGeneric b)

    • pow

      public static IEOperation pow(IEGeneric a, IEGeneric b)

    • min

      public static IECond min(IERoutineContext ctx, IEGeneric a, IEGeneric b, boolean signed)
      Operation Math.min(int, int) applied to IEGeneric

    • max

      public static IECond max(IERoutineContext ctx, IEGeneric a, IEGeneric b, boolean signed)
      Operation Math.max(int, int) applied to IEGeneric

    • abs

      public static IECond abs(IERoutineContext ctx, IEGeneric a)
      Operation Math#abs(int, int) applied to IEGeneric

    • fmin

      public static IECond fmin(IERoutineContext ctx, IEGeneric a, IEGeneric b)
      Operation Math.min(float, float) applied to IEGeneric

    • fmax

      public static IECond fmax(IERoutineContext ctx, IEGeneric a, IEGeneric b)
      Operation Math.max(float, float) applied to IEGeneric

    • fabs

      public static IECond fabs(IERoutineContext ctx, IEGeneric a)
      Operation Math#abs(float, float) applied to IEGeneric

    • extend

      public static IEGeneric extend(IEGeneric a, int bitsize, boolean signExtend)
      Extend an IEGeneric. Return null if provided IEGeneric is null.

    • safeExtend

      public static IEGeneric safeExtend(IEGeneric a, int bitsize, boolean signExtend)
      Safely extend an IEGeneric. Return null if provided IEGeneric is null. If bitsize is less that current IEGeneric, the IEGeneric relative part is returned.

    • isNotPredicate

      public static boolean isNotPredicate(IEGeneric p, IEGeneric p2)
      Indicate if p == !p2. Search for reversed operator as well as mirrored predicate. Do not consider NOT operations.
      Parameters:
      p - reference predicate
      p2 - predicate to test
      Returns:

    • isFirstBit

      public static boolean isFirstBit(IESlice s2)

    • isLastBit

      public static boolean isLastBit(IESlice s2)

    • isNBit

      public static boolean isNBit(IESlice s2, int n)

    • isNaN

      public static IEGeneric isNaN(IEGeneric op)
      As per IEEE 754-1985 floating-point standard, is NaN a number which exponent is filled with ones and a non-zero number in the mantissa

    • cmpFloat

      public static IEGeneric cmpFloat(OperationType op, IEGeneric op1, IEGeneric op2)

    • createResizeOperation

      public static IEOperation createResizeOperation(IEGeneric src, int dstSize, boolean signed)
      Create a resize operation operation: truncation, zero-extension, or sign-extension.
      Parameters:
      src - the source to be extended (dstSize > srcSize) or truncated (dstSize < srcSize)
      dstSize - the destination size; should be different than the source's
      signed - for extensions, else N/A
      Returns:
      the operation IRE

    • createConversionOperation

      public static IEOperation createConversionOperation(OperationType convOperator, IEGeneric src, int dstSize)
      Create a conversion operation: an integer truncation, integer extension (zero or signed), float truncation or extension, float-to-int and int-to-float conversion.
      Parameters:
      convOperator - one of for which OperationType.isConversion() returns true (eg, OperationType.CAST, OperationType.CAST_S, OperationType.FP2FP, OperationType.FP2INT, OperationType.INT2FP)
      src - operand to be extended, truncated, or converted
      dstSize - resulting bitsize
      Returns:
      the operation IRE

    • truncate

      public static IEGeneric truncate(IEGeneric src, int dstSize)
      Truncate operation IRE.
      Parameters:
      src -
      dstSize - must be less or equal than src's size
      Returns:

    • zeroExt

      public static IEGeneric zeroExt(IEGeneric src, int dstSize)
      Zero-extend operation IRE.
      Parameters:
      src -
      dstSize - must be greater or equal than src's size
      Returns:

    • signExt

      public static IEGeneric signExt(IEGeneric src, int dstSize)
      Sign-extend operation IRE.
      Parameters:
      src -
      dstSize - must be greater or equal than src's size
      Returns:

    • looksLikeSignExtension

      public static boolean looksLikeSignExtension(IECompose e)
      Determine if a composition looks like a sign-extension operation.
      Parameters:
      e -
      Returns:

    • getSignExtensionBase

      public static IEGeneric getSignExtensionBase(IEGeneric e)
      Check if an IR expression looks like a sign-extension operation, and if so, provide the base expression.
      Parameters:
      e -
      Returns:

    • getSignExtensionBase

      public static IEGeneric getSignExtensionBase(IECompose e)
      Check if the composition is a sign-extension of a base expression, and if so, provide the base expression.
      Parameters:
      e - expression to test that should be a signExtend
      Returns:
      the base expression

    • getSignExtensionBase

      public static IEGeneric getSignExtensionBase(IEGeneric base, IEGeneric extend)
      Check if the composition of both expressions make up a sign-extension, and if so, provide the base expression.

      if the input expression is as such: COMPOSE(base, MSB(base) ? -1: 0), then return: base

      Parameters:
      base - candidate base (i.e., base we expect to retrieve)
      extend - candidate sign-extension expression, extending base
      Returns:
      base on success, else null

    • isZeroExtend

      public static boolean isZeroExtend(IEGeneric e)

    • isZeroExtend

      public static boolean isZeroExtend(IECompose e)

    • buildCarryFlag

      public static IEGeneric buildCarryFlag(IEGeneric a, IEGeneric b, IEGeneric result, boolean addition, boolean nativeOp)
      Generate an IR expression computing the carry flag bit of an integer addition or subtraction operation.

      The carry flag is used to indicate wrap-around for unsigned operations.

      Parameters:
      a - operand a
      b - operand b
      result - result c (may have an additional carry flag added before)
      addition - true if the carry is to be computed for "a + b", false for "a - b"
      nativeOp - indicate it OperationType.CARRY / OperationType.LT_U can be used over complex xor expression
      Returns:
      a one-bit overflow flag IR expression

    • buildOverflowFlag

      public static IEGeneric buildOverflowFlag(IEGeneric a, IEGeneric b, IEGeneric result, boolean addition)
      Generate an IR expression computing the overflow flag bit of an integer addition or subtraction operation.

      The Overflow flag is used to indicate wrap-around for signed operations.

      Note: The generated IR is equivalent to: MSB((a ^ c) & ~(a ^ b)) for an addition, or MSB((a ^ c) & (a ^ b)) for a subtraction.

      Parameters:
      a - operand a
      b - operand b
      result - result c, comprising an optional carry flag added beforehand
      addition - true if the overflow is to be computed for "a + b", false for "a - b"
      Returns:
      a one-bit overflow flag IR expression

    • isLongImmediate

      public static boolean isLongImmediate(IEGeneric e)
      Determine if the expression is an EImm that can be read as a long primitive.
      Parameters:
      e - expression
      Returns:

    • isLongImmediate

      public static boolean isLongImmediate(IEGeneric e, boolean unsigned)
      Determine if the expression is an EImm that can be read as a long primitive.
      Parameters:
      e - expression
      unsigned -
      Returns:

    • isLikeLongImmediate

      public static boolean isLikeLongImmediate(IEGeneric e)
      Determine if the expression is equivalent to an EImm that can be read as a long primitive.
      Parameters:
      e - expression
      Returns:

    • isLikeLongImmediate

      public static boolean isLikeLongImmediate(IEGeneric e, boolean unsigned)
      Determine if the expression is equivalent to an EImm that can be read as a long primitive.
      Parameters:
      e - expression
      unsigned -
      Returns:

    • isImmediate

      public static boolean isImmediate(IEGeneric e)
      Determine if the IEGeneric is an IEImm. Use when e can be null, otherwise prefer native IEGeneric.isImm()
      Parameters:
      e - IR expression
      Returns:
      e != null && e.IsImm()

    • isLikeImmediate

      public static boolean isLikeImmediate(IEGeneric a)
      Determine if the IRE is an EImm or a slice or composition of immediates.
      Parameters:
      a -
      Returns:

    • getParents

      public static List<IEGeneric> getParents(IEGeneric expression, IEGeneric value)
      Retrieve all the parents of a value. The search is done by reference.
      Parameters:
      expression - expression to search into.
      value - value to be searched.
      Returns:
      the list of direct parents.

    • evalAsSaturatedPositiveInt

      public static int evalAsSaturatedPositiveInt(IEImm imm)
      Evaluate and convert a positive immediate to a 32-bit int. If the immediate is greater than Long.MAX_VALUE, the method will throw. It the evaluated value is greater than Integer.MAX_VALUE, Integer#MAX_VALUE will be returned.
      Parameters:
      imm - immediate to be evaluated
      Returns:
      a 32-bit positive or zero int
      See Also:

    • evalAsPositiveInt

      public static int evalAsPositiveInt(IEImm imm)
      Evaluate an immediate to a 32-bit positive int. Apply Integer positive mask is greater than Integer.MAX_VALUE.
      Parameters:
      imm -
      Returns:

    • evaluate_preVerified

      public static IEImm evaluate_preVerified(IEGeneric e, EState state)

    • evaluate_preVerified

      public static IEImm evaluate_preVerified(IEGeneric e)

    • evaluateUnsignedLong_preVerified

      public static long evaluateUnsignedLong_preVerified(IEGeneric e, EState state)

    • evaluateUnsignedLong_preVerified

      public static long evaluateUnsignedLong_preVerified(IEGeneric e)

    • evaluateAddress_preVerified

      public static long evaluateAddress_preVerified(IEGeneric e, EState state)

    • evaluateAddress_preVerified

      public static long evaluateAddress_preVerified(IEGeneric e)

    • replaceSubExpressionRecursive

      public static IEGeneric replaceSubExpressionRecursive(IEGeneric stm, IEGeneric src, IEGeneric dst)

    • replaceSubExpressionRecursive

      public static IEGeneric replaceSubExpressionRecursive(IEGeneric stm, IEGeneric src, IEGeneric dst, EVisitResults results)

    • resolveExpressionsBackward

      public static boolean resolveExpressionsBackward(Object name, IEConverter<?> conv, List<IEStatement> r, IEGeneric... targets)
      Apply a list of IEStatements to user targets, resolving expression starting from last IEStatement to first. If any error occur (something can not be translated for example), this method returns false. As an example: 
       r = {R0 = 7; R0 = R0 + 4; R1 = 8}
 targets = [R0, R1]
 
 i = 2 => targets = [R0, 8]
 i = 1 => targets = [R0+4, 8]
 i = 0 => targets = [11, 8]
 return true
      Parameters:
      name -
      conv -
      r -
      targets -
      Returns:

    • isExpressionModified

      public static boolean isExpressionModified(IEStatement insn, IEGeneric target, boolean defuse)

    • isMatchDuaryOperation

      public static boolean isMatchDuaryOperation(IEGeneric e, OperationType wantedOperationType, IEGeneric wantedOperand1, IEGeneric wantedOperand2)

    • getAssigningToMemory

      public static IEMem getAssigningToMemory(IEStatement stm)
      Determine if the statement is an IEAssign to an IEMem. If so, return the memory target. 
       DST = mXX[???]
      Parameters:
      stm -
      Returns:
      a memory IRE or null

    • getAssigningFromMemory

      public static IEMem getAssigningFromMemory(IEStatement stm)
      Determine if the statement is an IEAssign from an IEMem. If so, return the memory source.
      Parameters:
      stm -
      Returns:
      a memory IRE or null

    • hasLinearControlFlow

      public static boolean hasLinearControlFlow(IERoutineContext ctx)
      Checks if an IR routine contains only basic blocks with one parent and one child (no merge or disjunction of control-flow).
      Returns:

    • getVars

      public static List<IEVar> getVars(IERoutineContext ctx, Collection<Integer> varids)

    • formatVars

      public static String formatVars(IERoutineContext ctx, Collection<Integer> varids)

    • formatVars

      public static String formatVars(IERoutineContext ctx, int... varids)

    • isVariableAssigned

      public static boolean isVariableAssigned(IEStatement stm, IEVar var)
      Parameters:
      stm -
      var -
      Returns:

    • hasTypeInfo

      public static boolean hasTypeInfo(IEGeneric e)
      Determine if the provided IR expression embeds some type information. Note that the sub-expressions are not examined.
      Parameters:
      e -
      Returns:

    • hasNoTypeInfo

      public static boolean hasNoTypeInfo(IEGeneric e)
      Determine if the provided IR expression embeds no amount at all of type information.
      Parameters:
      e -
      Returns:

    • hasSameType

      public static boolean hasSameType(IEGeneric e1, IEGeneric e2)
      Parameters:
      e1 -
      e2 -
      Returns:

    • isSameType

      public static boolean isSameType(IWildcardType a, IWildcardType b)
      Parameters:
      a -
      b -
      Returns:

    • getBestType

      public static IWildcardType getBestType(IWildcardType a, IWildcardType b)
      Parameters:
      a -
      b -
      Returns:

    • requiresExplicitCast

      public static boolean requiresExplicitCast(IWildcardType a, IWildcardType b)
      Determine if type `b` can be implicitly converted to type `a`, without a cast.
      Parameters:
      a -
      b -
      Returns:

    • getWildcardTypes

      public static List<IWildcardType> getWildcardTypes(IWildcardTypeManager etypeman, Collection<IEGeneric> elts)

    • gatherArgumentTypes

      public static List<IWildcardType> gatherArgumentTypes(IWildcardPrototype prototype, Collection<IWildcardType> varArgTypes)
      Retrieve the list of input types, by examining the provided prototype and optional list of additional arguments.
      Parameters:
      prototype -
      varArgTypes - optional; the prototype MUST be marked VarArg for this to not be disregarded
      Returns:

    • determineArgumentStackSlotCount

      public static int determineArgumentStackSlotCount(IWildcardPrototype prototype, Collection<IWildcardType> varArgTypes)
      Determine the number of stacks slots used by invoking a method having the provided prototype and an optional list of additional arguments.
      Parameters:
      prototype -
      varArgTypes - optional; the prototype MUST be marked VarArg for this to not be disregarded
      Returns:

    • determineReturnValuesStackSlotCount

      public static int determineReturnValuesStackSlotCount(IWildcardPrototype prototype, int inputStackSlotCount)
      Determine the number of stack slots filled out when a routine with the provided prototype returns.
      Parameters:
      prototype -
      inputStackSlotCount - the number of stack slots used for input (arguments); depending on the calling convention specified in the prototype, this value may be needed in order to calculate the count correctly
      Returns:

    • getAssignmentSource

      public static IEGeneric getAssignmentSource(IEStatement stm)
      Retrieve the source of an IEAssign (or null if is not an assignment).
      Parameters:
      stm -
      Returns:

    • getAssignmentDestination

      public static IEGeneric getAssignmentDestination(IEStatement stm)
      Retrieve the destination of an IEAssign (or null if is not an assignment).
      Parameters:
      stm -
      Returns:

    • hasNoSideEffect

      public static boolean hasNoSideEffect(IEGeneric e)
      Determine if an IR expression is side-effect free.

      This method is taking a liberal approach to side-effects: Side effects include invocations to other routines determined to be non side-effect-free, voluntarily throwing an exception, or performing a memory-access that will trigger an exception.

      The opposite of hasSideEffect(IEGeneric).

      Parameters:
      e -
      Returns:

    • hasSideEffect

      public static boolean hasSideEffect(IEGeneric e)
      The opposite of hasNoSideEffect(IEGeneric).
      Parameters:
      e -
      Returns:

    • checkCallReturnAddress

      public static Boolean checkCallReturnAddress(IERoutineContext ctx, CFG<IEStatement> cfg, BasicBlock<IEStatement> b, int insnIndex)
      Parameters:
      ctx -
      cfg -
      b -
      insnIndex -
      Returns:
      null if the return address is not set; true if it is an immediate value matching the call expected return address (i.e., following the call instruction itself); false otherwise

    • expandStatementSize

      public static CFG<IEStatement> expandStatementSize(IERoutineContext ectx, IEStatement stm0, int minSize)
      Expand the size of a statement.

      CAREFUL! This method can modify the structure of the CFG (block order, block count, etc.).

      Parameters:
      ectx -
      stm0 -
      minSize -
      Returns:
      the resulting CFG (it may be the original CFG)

    • expandStatementSizes

      public static CFG<IEStatement> expandStatementSizes(IERoutineContext ectx, Collection<IEStatement> stmcoll, int minSize)
      Expand the sizes of a collection of statements.

      CAREFUL! This method can modify the structure of the CFG (block order, block count, etc.).

      Parameters:
      ectx -
      stmcoll -
      minSize -
      Returns:
      the resulting CFG (it may be the original CFG)

    • adjustBranchToIRInstruction

      public static int adjustBranchToIRInstruction(IEStatement stm, int currentTargetIROffset, int newTargetIROffset)

    • expandCalls

      public static boolean expandCalls(IERoutineContext ctx, boolean alsoExpandPCAssign)
      Call/PC-assign expansion: augment the size to at least 2, to accommodate splitting:
      - if an EReturn is to be inserted (tail-calls) in lieu of a ECall
      - if a raw PC-assign cannot be converted to a single EJumpFar
      Parameters:
      ctx - routine context
      alsoExpandPCAssign - if true, PC-assigns will also be expanded; else, only ECalls are expanded
      Returns:
      success indicator

    • setLowerLevelAddress

      public static void setLowerLevelAddress(long addr, List<IEStatement> list)

    • setLowerLevelAddress

      public static void setLowerLevelAddress(long addr, List<IEStatement> list, int fromIndex, int toIndex)

    • setLowerLevelAddressIfNone

      public static void setLowerLevelAddressIfNone(long addr, List<IEStatement> list)

    • setLowerLevelAddressIfNone

      public static void setLowerLevelAddressIfNone(long addr, List<IEStatement> list, int fromIndex, int toIndex)

    • isLegalSignedImmediate

      public static boolean isLegalSignedImmediate(IEImm v, int checkedBitsize)
      Verify that the provided immediate is a legal signed value if it were to be treated as a signed integer of `checkedBitsize`.

      Examples: 

       the 64-bit value 0x00000000_07FFFFFFF is legal if treated as a 32-bit signed immediate
 the 64-bit value 0xFFFFFFFF_FFFFE0000 is legal if treated as a 32-bit signed immediate
 the 64-bit value 0x00000000_87FFFFFFF is ILLEGAL if treated as a 32-bit signed immediate
 the 64-bit value 0x00100000_000000012 is ILLEGAL if treated as a 32-bit signed immediate
 the 64-bit value 0xFFFF00FF_FFFFE0000 is ILLEGAL if treated as a 32-bit signed immediate
      Parameters:
      v -
      checkedBitsize -
      Returns:

    • isLegalUnsignedImmediate

      public static boolean isLegalUnsignedImmediate(IEImm v, int checkedBitsize)
      Verify that the provided immediate is a legal unsigned value if it were to be treated as an unsigned integer of `checkedBitsize`.
      Parameters:
      v -
      checkedBitsize -
      Returns: