Rizin
unix-like reverse engineering framework and cli tools
theory_effect.c
Go to the documentation of this file.
1 // SPDX-FileCopyrightText: 2021 Florian Märkl <info@florianmaerkl.de>
2 // SPDX-FileCopyrightText: 2021 heersin <teablearcher@gmail.com>
3 // SPDX-License-Identifier: LGPL-3.0-only
4 
5 #include <rz_il/rz_il_opcodes.h>
6 #include <rz_il/rz_il_vm.h>
7 
8 static RzILEvent *il_event_new_write_from_var(RzILVM *vm, RzILVar *var, RzILVal *new_val) {
9  rz_return_val_if_fail(vm && var && new_val, NULL);
10  RzILVal *old_val = rz_il_vm_get_var_value(vm, RZ_IL_VAR_KIND_GLOBAL, var->name);
11  if (!old_val) {
12  return NULL;
13  }
14  return rz_il_event_var_write_new(var->name, old_val, new_val);
15 }
16 
17 static void rz_il_set(RzILVM *vm, const char *var_name, bool is_local, RZ_OWN RzILVal *val) {
18  if (is_local) {
19  rz_il_vm_set_local_var(vm, var_name, val);
20  } else {
21  RzILVar *var = rz_il_vm_get_var(vm, RZ_IL_VAR_KIND_GLOBAL, var_name);
22  RzILEvent *evt = il_event_new_write_from_var(vm, var, val);
23  rz_il_vm_event_add(vm, evt);
24  rz_il_vm_set_global_var(vm, var_name, val);
25  }
26 }
27 
28 bool rz_il_handler_empty(RzILVM *vm, RzILOpEffect *op) {
29  rz_return_val_if_fail(vm && op, false);
30  RZ_LOG_WARN("Encountered an empty instruction at %s", rz_bv_as_string(vm->pc))
31  return true;
32 }
33 
34 bool rz_il_handler_nop(RzILVM *vm, RzILOpEffect *op) {
35  rz_return_val_if_fail(vm && op, false);
36  return true;
37 }
38 
39 bool rz_il_handler_set(RzILVM *vm, RzILOpEffect *op) {
40  rz_return_val_if_fail(vm && op, false);
41  RzILOpArgsSet *set_op = &op->op.set;
42  RzILVal *val = rz_il_evaluate_val(vm, set_op->x);
43  if (!val) {
44  return false;
45  }
46  rz_il_set(vm, set_op->v, set_op->is_local, val);
47  return true;
48 }
49 
50 static void perform_jump(RzILVM *vm, RZ_OWN RzBitVector *dst) {
51  rz_il_vm_event_add(vm, rz_il_event_pc_write_new(vm->pc, dst));
52  rz_bv_free(vm->pc);
53  vm->pc = dst;
54 }
55 
56 bool rz_il_handler_jmp(RzILVM *vm, RzILOpEffect *op) {
57  rz_return_val_if_fail(vm && op, false);
58  RzBitVector *dst = rz_il_evaluate_bitv(vm, op->op.jmp.dst);
59  if (!dst) {
60  return false;
61  }
62  perform_jump(vm, dst);
63  return true;
64 }
65 
66 bool rz_il_handler_goto(RzILVM *vm, RzILOpEffect *op) {
67  rz_return_val_if_fail(vm && op, false);
68  RzILOpArgsGoto *op_goto = &op->op.goto_;
69  const char *lname = op_goto->lbl;
70  RzILEffectLabel *label = rz_il_vm_find_label_by_name(vm, lname);
71  if (!label) {
72  return false;
73  }
74  if (label->type == EFFECT_LABEL_SYSCALL || label->type == EFFECT_LABEL_HOOK) {
75  RzILVmHook internal_hook = (RzILVmHook)label->hook;
76  internal_hook(vm, op);
77  } else {
78  perform_jump(vm, rz_bv_dup(label->addr));
79  }
80  return true;
81 }
82 
83 bool rz_il_handler_seq(RzILVM *vm, RzILOpEffect *op) {
84  rz_return_val_if_fail(vm && op, false);
85  RzILOpArgsSeq *op_seq = &op->op.seq;
86  return rz_il_evaluate_effect(vm, op_seq->x) && rz_il_evaluate_effect(vm, op_seq->y);
87 }
88 
89 bool rz_il_handler_blk(RzILVM *vm, RzILOpEffect *op) {
90  rz_return_val_if_fail(vm && op, false);
91 
92  RzILOpArgsBlk *op_blk = &op->op.blk;
93  if (op_blk->label) {
94  rz_il_vm_create_label(vm, op_blk->label, vm->pc); // create the label if `blk` is labelled
95  }
96 
97  return rz_il_evaluate_effect(vm, op_blk->data_eff) && rz_il_evaluate_effect(vm, op_blk->ctrl_eff);
98 }
99 
100 bool rz_il_handler_repeat(RzILVM *vm, RzILOpEffect *op) {
101  rz_return_val_if_fail(vm && op, NULL);
102 
103  RzILOpArgsRepeat *op_repeat = &op->op.repeat;
104  bool res = true;
105  RzILBool *condition;
106  while ((condition = rz_il_evaluate_bool(vm, op_repeat->condition))) {
107  if (!condition->b) {
108  break;
109  }
110  res = res && rz_il_evaluate_effect(vm, op_repeat->data_eff);
111  rz_il_bool_free(condition);
112  }
113  rz_il_bool_free(condition);
114 
115  return res;
116 }
117 
118 bool rz_il_handler_branch(RzILVM *vm, RzILOpEffect *op) {
119  rz_return_val_if_fail(vm && op, false);
120 
121  RzILOpArgsBranch *op_branch = &op->op.branch;
122 
123  RzILBool *condition = rz_il_evaluate_bool(vm, op_branch->condition);
124  if (!condition) {
125  return false;
126  }
127  bool ret;
128  if (condition->b) {
129  ret = rz_il_evaluate_effect(vm, op_branch->true_eff);
130  } else {
131  ret = rz_il_evaluate_effect(vm, op_branch->false_eff);
132  }
133  rz_il_bool_free(condition);
134 
135  return ret;
136 }
val
ut16 val
Definition: armass64_const.h:6
rz_il_bool_free
RZ_API void rz_il_bool_free(RzILBool *bool_var)
Definition: bool.c:74
NULL
#define NULL
Definition: cris-opc.c:27
rz_il_event_pc_write_new
RZ_API RZ_OWN RzILEvent * rz_il_event_pc_write_new(RZ_NONNULL const RzBitVector *old_pc, RZ_NONNULL const RzBitVector *new_pc)
Definition: il_events.c:76
rz_il_event_var_write_new
RZ_API RZ_OWN RzILEvent * rz_il_event_var_write_new(RZ_NONNULL const char *name, RZ_NULLABLE const RzILVal *old_v, RZ_NONNULL const RzILVal *new_v)
Definition: il_events.c:177
rz_il_vm_create_label
RZ_API RZ_BORROW RzILEffectLabel * rz_il_vm_create_label(RZ_NONNULL RzILVM *vm, RZ_NONNULL const char *name, RZ_NONNULL RZ_BORROW RzBitVector *addr)
Definition: il_vm.c:308
rz_il_vm_set_local_var
RZ_API void rz_il_vm_set_local_var(RZ_NONNULL RzILVM *vm, RZ_NONNULL const char *name, RZ_OWN RzILVal *val)
Definition: il_vm.c:202
rz_il_vm_set_global_var
RZ_API void rz_il_vm_set_global_var(RZ_NONNULL RzILVM *vm, RZ_NONNULL const char *name, RZ_OWN RzILVal *val)
Definition: il_vm.c:193
rz_il_vm_find_label_by_name
RZ_API RZ_BORROW RzILEffectLabel * rz_il_vm_find_label_by_name(RZ_NONNULL RzILVM *vm, RZ_NONNULL const char *lbl_name)
Definition: il_vm.c:291
rz_il_vm_get_var_value
RZ_API RZ_BORROW RzILVal * rz_il_vm_get_var_value(RZ_NONNULL RzILVM *vm, RzILVarKind kind, const char *name)
Definition: il_vm.c:264
rz_il_vm_get_var
RZ_API RZ_BORROW RzILVar * rz_il_vm_get_var(RZ_NONNULL RzILVM *vm, RzILVarKind kind, const char *name)
Definition: il_vm.c:251
rz_il_evaluate_effect
RZ_API bool rz_il_evaluate_effect(RZ_NONNULL RzILVM *vm, RZ_NONNULL RzILOpEffect *op)
Definition: il_vm_eval.c:341
rz_il_evaluate_bitv
RZ_API RZ_NULLABLE RZ_OWN RzBitVector * rz_il_evaluate_bitv(RZ_NONNULL RzILVM *vm, RZ_NONNULL RzILOpBitVector *op)
Definition: il_vm_eval.c:269
rz_il_vm_event_add
RZ_API void rz_il_vm_event_add(RzILVM *vm, RzILEvent *evt)
Definition: il_vm_eval.c:201
rz_il_evaluate_bool
RZ_API RZ_NULLABLE RZ_OWN RzILBool * rz_il_evaluate_bool(RZ_NONNULL RzILVM *vm, RZ_NONNULL RzILOpBool *op)
Definition: il_vm_eval.c:289
rz_il_evaluate_val
RZ_API RZ_NULLABLE RZ_OWN RzILVal * rz_il_evaluate_val(RZ_NONNULL RzILVM *vm, RZ_NONNULL RzILOpPure *op)
Definition: il_vm_eval.c:309
EFFECT_LABEL_HOOK
@ EFFECT_LABEL_HOOK
Definition: label.h:20
EFFECT_LABEL_SYSCALL
@ EFFECT_LABEL_SYSCALL
Definition: label.h:19
dst
char * dst
Definition: lz4.h:724
rz_return_val_if_fail
#define rz_return_val_if_fail(expr, val)
Definition: rz_assert.h:108
rz_bv_dup
RZ_API RZ_OWN RzBitVector * rz_bv_dup(const RZ_NONNULL RzBitVector *bv)
Definition: bitvector.c:167
rz_bv_free
RZ_API void rz_bv_free(RZ_NULLABLE RzBitVector *bv)
Definition: bitvector.c:85
rz_bv_as_string
RZ_API RZ_OWN char * rz_bv_as_string(RZ_NONNULL RzBitVector *bv)
Definition: bitvector.c:98
rz_il_opcodes.h
signatures of core theory opcodes
rz_il_vm.h
RzILVmHook
void(* RzILVmHook)(RzILVM *vm, RzILOpEffect *op)
Definition: rz_il_vm.h:32
RZ_LOG_WARN
#define RZ_LOG_WARN(fmtstr,...)
Definition: rz_log.h:56
RZ_OWN
#define RZ_OWN
Definition: rz_types.h:62
bitvector_t
structure for bitvector
Definition: rz_bitvector.h:19
label
Definition: dis.h:35
rz_il_bool_t
Definition: bool.h:14
rz_il_bool_t::b
bool b
Definition: bool.h:15
rz_il_effect_label_t
Definition: label.h:24
rz_il_op_args_branch_t
op structure for branch (bool -> 'a eff -> 'a eff -> 'a eff)
Definition: rz_il_opcodes.h:238
rz_il_op_args_branch_t::true_eff
RZ_NONNULL RzILOpEffect * true_eff
effect for when condition evaluates to true
Definition: rz_il_opcodes.h:240
rz_il_op_args_branch_t::condition
RzILOpBool * condition
Definition: rz_il_opcodes.h:239
rz_il_op_args_branch_t::false_eff
RZ_NONNULL RzILOpEffect * false_eff
effect for when condition evaluates to false
Definition: rz_il_opcodes.h:241
rz_il_op_args_goto_t
op structure for goto (label -> ctrl eff)
Definition: rz_il_opcodes.h:198
rz_il_op_args_goto_t::lbl
const char * lbl
name of the label, const one
Definition: rz_il_opcodes.h:199
rz_il_op_args_seq_t
op structure for Seq ('a eff -> 'a eff -> 'a eff)
Definition: rz_il_opcodes.h:207
rz_il_op_args_seq_t::y
RzILOpEffect * y
perform this second
Definition: rz_il_opcodes.h:209
rz_il_op_args_seq_t::x
RzILOpEffect * x
perform this first
Definition: rz_il_opcodes.h:208
rz_il_op_args_set_t
op structure for set ('a var -> 'a pure -> data eff)
Definition: rz_il_opcodes.h:167
rz_il_op_args_set_t::is_local
bool is_local
whether a global variable should be set or a local optionally created and set
Definition: rz_il_opcodes.h:169
rz_il_op_args_set_t::v
const char * v
name of variable, const one
Definition: rz_il_opcodes.h:168
rz_il_op_args_set_t::x
RzILOpPure * x
value to set the variable to
Definition: rz_il_opcodes.h:170
rz_il_op_effect_t
Definition: rz_il_opcodes.h:511
rz_il_val_t
Definition: value.h:24
rz_il_var_t
Definition of a variable inside the vm.
Definition: variable.h:19
rz_il_var_t::name
char * name
Definition: variable.h:20
rz_il_vm_event_t
Definition: rz_il_events.h:55
rz_il_vm_t
Low-level VM to execute raw IL code.
Definition: rz_il_vm.h:37
rz_il_vm_t::pc
RzBitVector * pc
Program Counter of VM.
Definition: rz_il_vm.h:46
rzil_op_blk_t
op structure for blk (label -> data eff -> ctrl eff -> unit eff)
Definition: rz_il_opcodes.h:217
rzil_op_blk_t::data_eff
RzILOpEffect * data_eff
index of data_eff
Definition: rz_il_opcodes.h:219
rzil_op_blk_t::label
const char * label
name of the label, const one
Definition: rz_il_opcodes.h:218
rzil_op_blk_t::ctrl_eff
RzILOpEffect * ctrl_eff
index of ctrl_eff
Definition: rz_il_opcodes.h:220
rzil_op_repeat_t
op structure for repeat (bool -> data eff -> data eff)
Definition: rz_il_opcodes.h:228
rzil_op_repeat_t::condition
RzILOpBool * condition
index of BOOL condition
Definition: rz_il_opcodes.h:229
rzil_op_repeat_t::data_eff
RzILOpEffect * data_eff
index of data effect
Definition: rz_il_opcodes.h:230
rz_il_handler_branch
bool rz_il_handler_branch(RzILVM *vm, RzILOpEffect *op)
Definition: theory_effect.c:118
rz_il_handler_nop
bool rz_il_handler_nop(RzILVM *vm, RzILOpEffect *op)
Definition: theory_effect.c:34
rz_il_handler_jmp
bool rz_il_handler_jmp(RzILVM *vm, RzILOpEffect *op)
Definition: theory_effect.c:56
il_event_new_write_from_var
static RzILEvent * il_event_new_write_from_var(RzILVM *vm, RzILVar *var, RzILVal *new_val)
Definition: theory_effect.c:8
perform_jump
static void perform_jump(RzILVM *vm, RZ_OWN RzBitVector *dst)
Definition: theory_effect.c:50
rz_il_handler_set
bool rz_il_handler_set(RzILVM *vm, RzILOpEffect *op)
Definition: theory_effect.c:39
rz_il_handler_goto
bool rz_il_handler_goto(RzILVM *vm, RzILOpEffect *op)
Definition: theory_effect.c:66
rz_il_handler_empty
bool rz_il_handler_empty(RzILVM *vm, RzILOpEffect *op)
Definition: theory_effect.c:28
rz_il_handler_seq
bool rz_il_handler_seq(RzILVM *vm, RzILOpEffect *op)
Definition: theory_effect.c:83
rz_il_set
static void rz_il_set(RzILVM *vm, const char *var_name, bool is_local, RZ_OWN RzILVal *val)
Definition: theory_effect.c:17
rz_il_handler_repeat
bool rz_il_handler_repeat(RzILVM *vm, RzILOpEffect *op)
Definition: theory_effect.c:100
rz_il_handler_blk
bool rz_il_handler_blk(RzILVM *vm, RzILOpEffect *op)
Definition: theory_effect.c:89
op
Definition: dis.c:32
RZ_IL_VAR_KIND_GLOBAL
@ RZ_IL_VAR_KIND_GLOBAL
global var, usually bound to a physical representation like a register.
Definition: variable.h:47