Skip to content

Commit

Permalink
Add LLIL/MLIL instructions to describe integer vs. floating point arg…
Browse files Browse the repository at this point in the history
…ument usage
  • Loading branch information
D0ntPanic committed Dec 6, 2023
1 parent 6e1a863 commit e9604c3
Show file tree
Hide file tree
Showing 13 changed files with 432 additions and 143 deletions.
34 changes: 20 additions & 14 deletions binaryninjaapi.h
Original file line number Diff line number Diff line change
Expand Up @@ -11258,6 +11258,10 @@ namespace BinaryNinja {
const SSARegister& stack, size_t newMemoryVer, size_t prevMemoryVer,
const ILSourceLocation& loc = ILSourceLocation());

ExprId SeparateParamListSSA(
const std::vector<ExprId>& params, const ILSourceLocation& loc = ILSourceLocation());
ExprId SharedParamSlotSSA(const std::vector<ExprId>& params, const ILSourceLocation& loc = ILSourceLocation());

/*! Returns an expression which jumps (branches) to the expression \c dest . \c ret is a special alias for
jump that makes the disassembler stop disassembling.

Expand Down Expand Up @@ -12025,31 +12029,33 @@ namespace BinaryNinja {
ExprId ReturnHint(ExprId dest, const ILSourceLocation& loc = ILSourceLocation());
ExprId Call(const std::vector<Variable>& output, ExprId dest, const std::vector<ExprId>& params,
const ILSourceLocation& loc = ILSourceLocation());
ExprId CallUntyped(const std::vector<Variable>& output, ExprId dest, const std::vector<Variable>& params,
ExprId stack, const ILSourceLocation& loc = ILSourceLocation());
ExprId CallUntyped(const std::vector<Variable>& output, ExprId dest, const std::vector<ExprId>& params,
ExprId stack, const ILSourceLocation& loc = ILSourceLocation());
ExprId Syscall(const std::vector<Variable>& output, const std::vector<ExprId>& params,
const ILSourceLocation& loc = ILSourceLocation());
ExprId SyscallUntyped(const std::vector<Variable>& output, const std::vector<Variable>& params, ExprId stack,
const ILSourceLocation& loc = ILSourceLocation());
ExprId SyscallUntyped(const std::vector<Variable>& output, const std::vector<ExprId>& params, ExprId stack,
const ILSourceLocation& loc = ILSourceLocation());
ExprId TailCall(const std::vector<Variable>& output, ExprId dest, const std::vector<ExprId>& params,
const ILSourceLocation& loc = ILSourceLocation());
ExprId TailCallUntyped(const std::vector<Variable>& output, ExprId dest, const std::vector<Variable>& params,
ExprId stack, const ILSourceLocation& loc = ILSourceLocation());
ExprId TailCallUntyped(const std::vector<Variable>& output, ExprId dest, const std::vector<ExprId>& params,
ExprId stack, const ILSourceLocation& loc = ILSourceLocation());
ExprId CallSSA(const std::vector<SSAVariable>& output, ExprId dest, const std::vector<ExprId>& params,
size_t newMemVersion, size_t prevMemVersion, const ILSourceLocation& loc = ILSourceLocation());
ExprId CallUntypedSSA(const std::vector<SSAVariable>& output, ExprId dest,
const std::vector<SSAVariable>& params, size_t newMemVersion, size_t prevMemVersion, ExprId stack,
const ILSourceLocation& loc = ILSourceLocation());
ExprId CallUntypedSSA(const std::vector<SSAVariable>& output, ExprId dest, const std::vector<ExprId>& params,
size_t newMemVersion, size_t prevMemVersion, ExprId stack,
const ILSourceLocation& loc = ILSourceLocation());
ExprId SyscallSSA(const std::vector<SSAVariable>& output, const std::vector<ExprId>& params,
size_t newMemVersion, size_t prevMemVersion, const ILSourceLocation& loc = ILSourceLocation());
ExprId SyscallUntypedSSA(const std::vector<SSAVariable>& output, const std::vector<SSAVariable>& params,
size_t newMemVersion, size_t prevMemVersion, ExprId stack,
const ILSourceLocation& loc = ILSourceLocation());
ExprId SyscallUntypedSSA(const std::vector<SSAVariable>& output, const std::vector<ExprId>& params,
size_t newMemVersion, size_t prevMemVersion, ExprId stack,
const ILSourceLocation& loc = ILSourceLocation());
ExprId TailCallSSA(const std::vector<SSAVariable>& output, ExprId dest, const std::vector<ExprId>& params,
size_t newMemVersion, size_t prevMemVersion, const ILSourceLocation& loc = ILSourceLocation());
ExprId TailCallUntypedSSA(const std::vector<SSAVariable>& output, ExprId dest,
const std::vector<SSAVariable>& params, size_t newMemVersion, size_t prevMemVersion, ExprId stack,
const ILSourceLocation& loc = ILSourceLocation());
const std::vector<ExprId>& params, size_t newMemVersion, size_t prevMemVersion, ExprId stack,
const ILSourceLocation& loc = ILSourceLocation());
ExprId SeparateParamList(const std::vector<ExprId>& params, const ILSourceLocation& loc = ILSourceLocation());
ExprId SharedParamSlot(const std::vector<ExprId>& params, const ILSourceLocation& loc = ILSourceLocation());
ExprId Return(const std::vector<ExprId>& sources, const ILSourceLocation& loc = ILSourceLocation());
ExprId NoReturn(const ILSourceLocation& loc = ILSourceLocation());
ExprId CompareEqual(size_t size, ExprId left, ExprId right, const ILSourceLocation& loc = ILSourceLocation());
Expand Down
29 changes: 18 additions & 11 deletions binaryninjacore.h
Original file line number Diff line number Diff line change
Expand Up @@ -37,14 +37,14 @@
// Current ABI version for linking to the core. This is incremented any time
// there are changes to the API that affect linking, including new functions,
// new types, or modifications to existing functions or types.
#define BN_CURRENT_CORE_ABI_VERSION 42
#define BN_CURRENT_CORE_ABI_VERSION 43

// Minimum ABI version that is supported for loading of plugins. Plugins that
// are linked to an ABI version less than this will not be able to load and
// will require rebuilding. The minimum version is increased when there are
// incompatible changes that break binary compatibility, such as changes to
// existing types or functions.
#define BN_MINIMUM_CORE_ABI_VERSION 42
#define BN_MINIMUM_CORE_ABI_VERSION 43

#ifdef __GNUC__
#ifdef BINARYNINJACORE_LIBRARY
Expand Down Expand Up @@ -583,10 +583,13 @@ extern "C"
LLIL_CALL_SSA,
LLIL_SYSCALL_SSA,
LLIL_TAILCALL_SSA,
LLIL_CALL_PARAM, // Only valid within the LLIL_CALL_SSA, LLIL_SYSCALL_SSA, LLIL_INTRINSIC, LLIL_INTRINSIC_SSA
// instructions
LLIL_CALL_STACK_SSA, // Only valid within the LLIL_CALL_SSA or LLIL_SYSCALL_SSA instructions
LLIL_CALL_OUTPUT_SSA, // Only valid within the LLIL_CALL_SSA or LLIL_SYSCALL_SSA instructions
LLIL_CALL_PARAM, // Only valid within the LLIL_CALL_SSA, LLIL_SYSCALL_SSA, LLIL_INTRINSIC, LLIL_INTRINSIC_SSA,
// LLIL_TAILCALL, LLIL_TAILCALL_SSA instructions
LLIL_CALL_STACK_SSA, // Only valid within the LLIL_CALL_SSA or LLIL_SYSCALL_SSA instructions
LLIL_CALL_OUTPUT_SSA, // Only valid within the LLIL_CALL_SSA or LLIL_SYSCALL_SSA instructions
LLIL_SEPARATE_PARAM_LIST_SSA, // Only valid within the LLIL_CALL_PARAM instruction
LLIL_SHARED_PARAM_SLOT_SSA, // Only valid within the LLIL_CALL_PARAM or LLIL_SEPARATE_PARAM_LIST_SSA
// instructions
LLIL_LOAD_SSA,
LLIL_STORE_SSA,
LLIL_INTRINSIC_SSA,
Expand Down Expand Up @@ -1136,11 +1139,15 @@ extern "C"
MLIL_LOW_PART,
MLIL_JUMP,
MLIL_JUMP_TO,
MLIL_RET_HINT, // Intermediate stages, does not appear in final forms
MLIL_CALL, // Not valid in SSA form (see MLIL_CALL_SSA)
MLIL_CALL_UNTYPED, // Not valid in SSA form (see MLIL_CALL_UNTYPED_SSA)
MLIL_CALL_OUTPUT, // Only valid within MLIL_CALL, MLIL_SYSCALL, MLIL_TAILCALL family instructions
MLIL_CALL_PARAM, // Only valid within MLIL_CALL, MLIL_SYSCALL, MLIL_TAILCALL family instructions
MLIL_RET_HINT, // Intermediate stages, does not appear in final forms
MLIL_CALL, // Not valid in SSA form (see MLIL_CALL_SSA)
MLIL_CALL_UNTYPED, // Not valid in SSA form (see MLIL_CALL_UNTYPED_SSA)
MLIL_CALL_OUTPUT, // Only valid within MLIL_CALL, MLIL_SYSCALL, MLIL_TAILCALL family instructions
MLIL_CALL_PARAM, // Only valid within MLIL_CALL, MLIL_SYSCALL, MLIL_TAILCALL family instructions
MLIL_SEPARATE_PARAM_LIST, // Only valid within the MLIL_CALL_PARAM or MLIL_CALL_PARAM_SSA instructions inside
// untyped call variants
MLIL_SHARED_PARAM_SLOT, // Only valid within the MLIL_CALL_PARAM, MLIL_CALL_PARAM_SSA, or
// MLIL_SEPARATE_PARAM_LIST instructions inside untyped call variants
MLIL_RET,
MLIL_NORET,
MLIL_IF,
Expand Down
2 changes: 2 additions & 0 deletions examples/mlil_parser/src/mlil_parser.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,8 @@ static void PrintOperation(BNMediumLevelILOperation operation)
ENUM_PRINTER(MLIL_SYSCALL_UNTYPED)
ENUM_PRINTER(MLIL_TAILCALL)
ENUM_PRINTER(MLIL_TAILCALL_UNTYPED)
ENUM_PRINTER(MLIL_SEPARATE_PARAM_LIST)
ENUM_PRINTER(MLIL_SHARED_PARAM_SLOT)
ENUM_PRINTER(MLIL_BP)
ENUM_PRINTER(MLIL_TRAP)
ENUM_PRINTER(MLIL_UNDEF)
Expand Down
46 changes: 44 additions & 2 deletions lowlevelilinstruction.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -149,6 +149,8 @@ unordered_map<BNLowLevelILOperation, vector<LowLevelILOperandUsage>> LowLevelILI
{LLIL_TAILCALL_SSA, {OutputSSARegistersLowLevelOperandUsage, OutputMemoryVersionLowLevelOperandUsage,
DestExprLowLevelOperandUsage, StackSSARegisterLowLevelOperandUsage,
StackMemoryVersionLowLevelOperandUsage, ParameterExprsLowLevelOperandUsage}},
{LLIL_SEPARATE_PARAM_LIST_SSA, {ParameterExprsLowLevelOperandUsage}},
{LLIL_SHARED_PARAM_SLOT_SSA, {ParameterExprsLowLevelOperandUsage}},
{LLIL_REG_PHI, {DestSSARegisterLowLevelOperandUsage, SourceSSARegistersLowLevelOperandUsage}},
{LLIL_REG_STACK_PHI, {DestSSARegisterStackLowLevelOperandUsage, SourceSSARegisterStacksLowLevelOperandUsage}},
{LLIL_FLAG_PHI, {DestSSAFlagLowLevelOperandUsage, SourceSSAFlagsLowLevelOperandUsage}},
Expand Down Expand Up @@ -245,8 +247,16 @@ static unordered_map<BNLowLevelILOperation, unordered_map<LowLevelILOperandUsage
operand++;
break;
case ParameterExprsLowLevelOperandUsage:
// Represented as subexpression, so only takes one slot even though it is a list
operand++;
if (operand == 0)
{
// Represented as a counted list
operand += 2;
}
else
{
// Represented as subexpression, so only takes one slot even though it is a list
operand++;
}
break;
case OutputSSARegistersLowLevelOperandUsage:
// OutputMemoryVersionLowLevelOperandUsage follows at same operand
Expand Down Expand Up @@ -2010,6 +2020,14 @@ void LowLevelILInstruction::VisitExprs(const std::function<bool(const LowLevelIL
for (auto i : GetParameterExprs<LLIL_INTRINSIC_SSA>())
i.VisitExprs(func);
break;
case LLIL_SEPARATE_PARAM_LIST_SSA:
for (auto i : GetParameterExprs<LLIL_SEPARATE_PARAM_LIST_SSA>())
i.VisitExprs(func);
break;
case LLIL_SHARED_PARAM_SLOT_SSA:
for (auto i : GetParameterExprs<LLIL_SHARED_PARAM_SLOT_SSA>())
i.VisitExprs(func);
break;
default:
break;
}
Expand Down Expand Up @@ -2304,6 +2322,14 @@ ExprId LowLevelILInstruction::CopyTo(
params.push_back(subExprHandler(i));
return dest->IntrinsicSSA(
GetOutputSSARegisterOrFlagList<LLIL_INTRINSIC_SSA>(), GetIntrinsic<LLIL_INTRINSIC_SSA>(), params, *this);
case LLIL_SEPARATE_PARAM_LIST_SSA:
for (auto i : GetParameterExprs<LLIL_SEPARATE_PARAM_LIST_SSA>())
params.push_back(subExprHandler(i));
return dest->SeparateParamListSSA(params, *this);
case LLIL_SHARED_PARAM_SLOT_SSA:
for (auto i : GetParameterExprs<LLIL_SHARED_PARAM_SLOT_SSA>())
params.push_back(subExprHandler(i));
return dest->SharedParamSlotSSA(params, *this);
default:
throw LowLevelILInstructionAccessException();
}
Expand Down Expand Up @@ -2693,7 +2719,11 @@ LowLevelILInstructionList LowLevelILInstruction::GetParameterExprs() const
{
size_t operandIndex;
if (GetOperandIndexForUsage(ParameterExprsLowLevelOperandUsage, operandIndex))
{
if (operandIndex == 0)
return GetRawOperandAsExprList(0);
return GetRawOperandAsExpr(operandIndex).GetRawOperandAsExprList(0);
}
throw LowLevelILInstructionAccessException();
}

Expand Down Expand Up @@ -3315,6 +3345,18 @@ ExprId LowLevelILFunction::TailCallSSA(const vector<SSARegister>& output, ExprId
}


ExprId LowLevelILFunction::SeparateParamListSSA(const vector<ExprId>& params, const ILSourceLocation& loc)
{
return AddExprWithLocation(LLIL_SEPARATE_PARAM_LIST_SSA, loc, 0, 0, params.size(), AddOperandList(params));
}


ExprId LowLevelILFunction::SharedParamSlotSSA(const vector<ExprId>& params, const ILSourceLocation& loc)
{
return AddExprWithLocation(LLIL_SHARED_PARAM_SLOT_SSA, loc, 0, 0, params.size(), AddOperandList(params));
}


ExprId LowLevelILFunction::Return(size_t dest, const ILSourceLocation& loc)
{
return AddExprWithLocation(LLIL_RET, loc, 0, 0, dest);
Expand Down
11 changes: 11 additions & 0 deletions lowlevelilinstruction.h
Original file line number Diff line number Diff line change
Expand Up @@ -1702,6 +1702,17 @@ namespace BinaryNinja
}
};

template <>
struct LowLevelILInstructionAccessor<LLIL_SEPARATE_PARAM_LIST_SSA> : public LowLevelILInstructionBase
{
LowLevelILInstructionList GetParameterExprs() const { return GetRawOperandAsExprList(0); }
};
template <>
struct LowLevelILInstructionAccessor<LLIL_SHARED_PARAM_SLOT_SSA> : public LowLevelILInstructionBase
{
LowLevelILInstructionList GetParameterExprs() const { return GetRawOperandAsExprList(0); }
};

template <>
struct LowLevelILInstructionAccessor<LLIL_REG_PHI> : public LowLevelILInstructionBase
{
Expand Down
Loading

0 comments on commit e9604c3

Please sign in to comment.