diff options
Diffstat (limited to 'example')
| -rw-r--r-- | example/disasm/full.py | 164 | ||||
| -rw-r--r-- | example/ida/graph_ir.py | 123 |
2 files changed, 55 insertions, 232 deletions
diff --git a/example/disasm/full.py b/example/disasm/full.py index 42d50216..19036882 100644 --- a/example/disasm/full.py +++ b/example/disasm/full.py @@ -6,17 +6,13 @@ from miasm2.analysis.binary import Container from miasm2.core.asmblock import log_asmblock, AsmCFG from miasm2.core.interval import interval from miasm2.analysis.machine import Machine -from miasm2.analysis.data_flow import dead_simp, DiGraphDefUse, \ - ReachingDefinitions, merge_blocks, remove_empty_assignblks, \ - PropagateExpr, replace_stack_vars, load_from_int, \ - del_unused_edges +from miasm2.analysis.data_flow import dead_simp, \ + DiGraphDefUse, ReachingDefinitions, \ + replace_stack_vars, load_from_int, del_unused_edges from miasm2.expression.simplifications import expr_simp from miasm2.analysis.ssa import SSADiGraph -from miasm2.analysis.outofssa import UnSSADiGraph -from miasm2.analysis.data_flow import DiGraphLivenessSSA from miasm2.ir.ir import AssignBlock, IRBlock - - +from miasm2.analysis.simplifier import IRCFGSimplifierCommon, IRCFGSimplifierSSA log = logging.getLogger("dis") console_handler = logging.StreamHandler() @@ -207,7 +203,6 @@ open('lines.dot', 'w').write('\n'.join([str(l) for l in all_lines])) log.info('total lines %s' % total_l) - if args.propagexpr: args.gen_ir = True @@ -240,6 +235,9 @@ if args.gen_ir: ir_arch.blocks = {} ir_arch_a.blocks = {} + + head = list(entry_points)[0] + for ad, asmcfg in all_funcs_blocks.items(): log.info("generating IR... %x" % ad) for block in asmcfg.blocks: @@ -257,8 +255,9 @@ if args.gen_ir: print block if args.simplify > 0: - log.info("dead simp...") - dead_simp(ir_arch_a, ircfg_a) + log.info("Simplify...") + ircfg_simplifier = IRCFGSimplifierCommon(ir_arch_a) + ircfg_simplifier.simplify(ircfg_a, head) log.info("ok...") if args.defuse: @@ -270,30 +269,14 @@ if args.gen_ir: out = ircfg_a.dot() open('graph_irflow.dot', 'w').write(out) - if args.simplify > 1: - - ircfg_a.simplify(expr_simp) - modified = True - while modified: - modified = False - modified |= dead_simp(ir_arch_a, ircfg_a) - modified |= remove_empty_assignblks(ircfg_a) - - open('graph_irflow_reduced.dot', 'w').write(ircfg_a.dot()) - if args.ssa and not args.propagexpr: if len(entry_points) != 1: raise RuntimeError("Your graph should have only one head") - head = list(entry_points)[0] ssa = SSADiGraph(ircfg_a) ssa.transform(head) - open("ssa.dot", "wb").write(ircfg_a.dot()) - - - if args.propagexpr: class IRAOutRegs(ira): def get_out_regs(self, block): @@ -324,8 +307,6 @@ if args.propagexpr: - ir_arch_a = IRAOutRegs(mdis.loc_db) - def is_addr_ro_variable(bs, addr, size): """ Return True if address at @addr is a read-only variable. @@ -341,118 +322,21 @@ if args.propagexpr: return False return True + ir_arch_a = IRAOutRegs(mdis.loc_db) - ir_arch_a.ssa_var = {} - index = 0 - modified = True - ssa_forbidden_regs = set([ - ir_arch_a.pc, - ir_arch_a.IRDst, - ir_arch_a.arch.regs.exception_flags - ]) - head = list(entry_points)[0] - heads = set([head]) - all_ssa_vars = {} + class CustomIRCFGSimplifierSSA(IRCFGSimplifierSSA): + def do_simplify(self, ssa, head): + modified = super(CustomIRCFGSimplifierSSA, self).do_simplify(ssa, head) + if args.loadint: + modified |= load_from_int(ssa.graph, bs, is_addr_ro_variable) + if args.stack2var: + modified |= replace_stack_vars(self.ir_arch, ssa) + return modified - propagate_expr = PropagateExpr() - ssa_variable_to_expr = {} - while modified: - ssa = SSADiGraph(ircfg_a) - ssa.immutable_ids.update(ssa_forbidden_regs) - ssa.ssa_variable_to_expr.update(all_ssa_vars) - ssa.transform(head) - all_ssa_vars.update(ssa.ssa_variable_to_expr) - - if args.verbose > 3: - open("ssa_%d.dot" % index, "wb").write(ircfg_a.dot()) - - ir_arch_a.ssa_var.update(ssa.ssa_variable_to_expr) - if args.verbose > 3: - open("ssa_orig.dot", "wb").write(ircfg_a.dot()) - - while modified: - log.debug('Loop %d', index) - index += 1 - modified = False - if args.verbose > 3: - open('tmp_before_%d.dot' % index, 'w').write(ircfg_a.dot()) - modified |= propagate_expr.propagate(ssa, head) - if args.verbose > 3: - open('tmp_adter_%d.dot' % index, 'w').write(ircfg_a.dot()) - modified |= ircfg_a.simplify(expr_simp) - if args.verbose > 3: - open('tmp_simp_%d.dot' % index, 'w').write(ircfg_a.dot()) - simp_modified = True - while simp_modified: - index += 1 - if args.verbose > 3: - open('tmp_before_%d.dot' % index, 'w').write(ircfg_a.dot()) - simp_modified = False - log.info("dead simp...") - simp_modified |= dead_simp(ir_arch_a, ircfg_a) - log.info("ok...") - - index += 1 - if args.verbose > 3: - open('tmp_after_%d.dot' % index, 'w').write(ircfg_a.dot()) - simp_modified |= remove_empty_assignblks(ircfg_a) - simp_modified |= del_unused_edges(ircfg_a, heads) - simp_modified |= merge_blocks(ircfg_a, heads) - - if args.loadint: - simp_modified |= load_from_int(ircfg_a, bs, is_addr_ro_variable) - modified |= simp_modified - index += 1 - if args.verbose > 3: - open('stack_%d.dot' % index, 'w').write(ircfg_a.dot()) - if args.stack2var: - modified |= replace_stack_vars(ir_arch_a, ssa) - - if args.verbose > 3: - open('final_pre.dot', 'w').write(ircfg_a.dot()) - - if args.verbose > 3: - open('final_merge.dot', 'w').write(ircfg_a.dot()) - ssa = SSADiGraph(ircfg_a) - ssa.immutable_ids.update(ssa_forbidden_regs) - ssa.ssa_variable_to_expr.update(all_ssa_vars) - ssa.transform(head) - print '*'*80, "Remove phi" - if args.verbose > 3: - open('final_ssa.dot', 'w').write(ircfg_a.dot()) - - cfg_liveness = DiGraphLivenessSSA(ircfg_a) - cfg_liveness.init_var_info(ir_arch_a) - cfg_liveness.compute_liveness() - - unssa = UnSSADiGraph(ssa, head, cfg_liveness) - - if args.verbose > 3: - open('final_no_phi.dot', 'w').write(ircfg_a.dot()) - - modified = True - while modified: - log.debug('Loop %d', index) - index += 1 - modified = False - modified |= ircfg_a.simplify(expr_simp) - if args.verbose > 3: - open('tmp_simp_%d.dot' % index, 'w').write(ircfg_a.dot()) - simp_modified = True - while simp_modified: - index += 1 - if args.verbose > 3: - open('tmp_before_%d.dot' % index, 'w').write(ircfg_a.dot()) - simp_modified = False - simp_modified |= dead_simp(ir_arch_a, ircfg_a) - index += 1 - if args.verbose > 3: - open('tmp_after_%d.dot' % index, 'w').write(ircfg_a.dot()) - simp_modified |= remove_empty_assignblks(ircfg_a) - simp_modified |= merge_blocks(ircfg_a, heads) - modified |= simp_modified - index += 1 - - open('final.dot', 'w').write(ircfg_a.dot()) + head = list(entry_points)[0] + ir_arch_a = IRAOutRegs(mdis.loc_db) + simplifier = CustomIRCFGSimplifierSSA(ir_arch_a) + ircfg = simplifier.simplify(ircfg_a, head) + open('final.dot', 'w').write(ircfg.dot()) diff --git a/example/ida/graph_ir.py b/example/ida/graph_ir.py index f9c61c2c..8026174d 100644 --- a/example/ida/graph_ir.py +++ b/example/ida/graph_ir.py @@ -10,16 +10,9 @@ from miasm2.core.asmblock import is_int from miasm2.core.bin_stream_ida import bin_stream_ida from miasm2.expression.simplifications import expr_simp from miasm2.ir.ir import IRBlock, AssignBlock - -from miasm2.analysis.ssa import SSADiGraph, UnSSADiGraph - -from miasm2.analysis.data_flow import dead_simp, \ - merge_blocks, remove_empty_assignblks, \ - PropagateExpr, load_from_int, \ - DiGraphLivenessSSA - - +from miasm2.analysis.data_flow import load_from_int from utils import guess_machine, expr2colorstr +from miasm2.analysis.simplifier import IRCFGSimplifierCommon, IRCFGSimplifierSSA @@ -251,15 +244,11 @@ def build_graph(start_addr, type_graph, simplify=False, dontmodstack=True, loadi title = "Miasm IR graph" + head = list(entry_points)[0] + if simplify: - dead_simp(ir_arch, ircfg) - ircfg.simplify(expr_simp) - modified = True - while modified: - modified = False - modified |= dead_simp(ir_arch, ircfg) - modified |= remove_empty_assignblks(ircfg) - modified |= merge_blocks(ircfg, entry_points) + ircfg_simplifier = IRCFGSimplifierCommon(ir_arch) + ircfg_simplifier.simplify(ircfg, head) title += " (simplified)" if type_graph == TYPE_GRAPH_IR: @@ -267,8 +256,6 @@ def build_graph(start_addr, type_graph, simplify=False, dontmodstack=True, loadi graph.Show() return - head = list(entry_points)[0] - class IRAOutRegs(ira): def get_out_regs(self, block): @@ -299,86 +286,38 @@ def build_graph(start_addr, type_graph, simplify=False, dontmodstack=True, loadi new_irblock = IRBlock(irblock.loc_key, assignblks) ircfg.blocks[loc] = new_irblock - ir_arch = IRAOutRegs(mdis.loc_db) - ir_arch.ssa_var = {} - modified = True - ssa_forbidden_regs = set([ - ir_arch.pc, - ir_arch.IRDst, - ir_arch.arch.regs.exception_flags - ]) - head = list(entry_points)[0] - heads = set([head]) - all_ssa_vars = {} - - propagate_expr = PropagateExpr() + class CustomIRCFGSimplifierSSA(IRCFGSimplifierSSA): + def do_simplify(self, ssa, head): + modified = super(CustomIRCFGSimplifierSSA, self).do_simplify(ssa, head) + if loadint: + modified |= load_from_int(ssa.graph, bs, is_addr_ro_variable) + return modified - ssa = SSADiGraph(ircfg) - ssa.immutable_ids.update(ssa_forbidden_regs) - ssa.ssa_variable_to_expr.update(all_ssa_vars) - ssa.transform(head) - all_ssa_vars.update(ssa.ssa_variable_to_expr) + def simplify(self, ircfg, head): + ssa = self.ircfg_to_ssa(ircfg, head) + ssa = self.do_simplify_loop(ssa, head) - ir_arch.ssa_var.update(ssa.ssa_variable_to_expr) + if type_graph == TYPE_GRAPH_IRSSA: + ret = ssa.graph + elif type_graph == TYPE_GRAPH_IRSSAUNSSA: + ircfg = self.ssa_to_unssa(ssa, head) + ircfg_simplifier = IRCFGSimplifierCommon(self.ir_arch) + ircfg_simplifier.simplify(ircfg, head) + ret = ircfg + else: + raise ValueError("Unknown option") + return ret - if simplify: - while modified: - ssa = SSADiGraph(ircfg) - ssa.immutable_ids.update(ssa_forbidden_regs) - ssa.ssa_variable_to_expr.update(all_ssa_vars) - ssa.transform(head) - all_ssa_vars.update(ssa.ssa_variable_to_expr) - - ir_arch.ssa_var.update(ssa.ssa_variable_to_expr) - - while modified: - modified = False - modified |= propagate_expr.propagate(ssa, head) - modified |= ircfg.simplify(expr_simp) - simp_modified = True - while simp_modified: - simp_modified = False - simp_modified |= dead_simp(ir_arch, ircfg) - simp_modified |= remove_empty_assignblks(ircfg) - simp_modified |= load_from_int(ircfg, bs, is_addr_ro_variable) - modified |= simp_modified - - - ssa = SSADiGraph(ircfg) - ssa.immutable_ids.update(ssa_forbidden_regs) - ssa.ssa_variable_to_expr.update(all_ssa_vars) - ssa.transform(head) - all_ssa_vars.update(ssa.ssa_variable_to_expr) - - if type_graph == TYPE_GRAPH_IRSSA: - graph = GraphMiasmIR(ssa.graph, title, None) - graph.Show() - return + head = list(entry_points)[0] + simplifier = CustomIRCFGSimplifierSSA(ir_arch) + ircfg = simplifier.simplify(ircfg, head) + open('final.dot', 'w').write(ircfg.dot()) - if type_graph == TYPE_GRAPH_IRSSAUNSSA: - - cfg_liveness = DiGraphLivenessSSA(ssa.graph) - cfg_liveness.init_var_info(ir_arch) - cfg_liveness.compute_liveness() - - UnSSADiGraph(ssa, head, cfg_liveness) - if simplify: - modified = True - while modified: - modified = False - modified |= ssa.graph.simplify(expr_simp) - simp_modified = True - while simp_modified: - simp_modified = False - simp_modified |= dead_simp(ir_arch, ssa.graph) - simp_modified |= remove_empty_assignblks(ssa.graph) - simp_modified |= merge_blocks(ssa.graph, heads) - modified |= simp_modified - graph = GraphMiasmIR(ssa.graph, title, None) - graph.Show() + graph = GraphMiasmIR(ircfg, title, None) + graph.Show() def function_graph_ir(): # Get settings |