|
ROSE
0.9.6a
|
|
ROSE
0.9.6a
|
Virtual base class for instruction disassemblers. More...
#include <Disassembler.h>
Classes | |
| class | Exception |
| Exception thrown by the disassemblers. More... | |
Public Types | |
| enum | SearchHeuristic { SEARCH_FOLLOWING = 0x0001, SEARCH_IMMEDIATE = 0x0002, SEARCH_WORDS = 0x0004, SEARCH_ALLBYTES = 0x0008, SEARCH_UNUSED = 0x0010, SEARCH_NONEXE = 0x0020, SEARCH_DEADEND = 0x0040, SEARCH_UNKNOWN = 0x0080, SEARCH_FUNCSYMS = 0x0100, SEARCH_DEFAULT = 0x0101 } |
| Heuristics used to find instructions to disassemble. More... | |
| typedef std::set< rose_addr_t > | AddressSet |
| An AddressSet contains virtual addresses (alternatively, relative virtual addresses) for such things as specifying which virtual addresses should be disassembled. More... | |
| typedef Map< rose_addr_t, SgAsmInstruction * > | InstructionMap |
| The InstructionMap is a mapping from (absolute) virtual address to disassembled instruction. More... | |
| typedef Map< rose_addr_t, Exception > | BadMap |
| The BadMap is a mapping from (absolute) virtual address to information about a failed disassembly attempt at that address. More... | |
Public Member Functions | |
| Disassembler () | |
| Disassembler (const Disassembler &other) | |
| virtual | ~Disassembler () |
| virtual bool | can_disassemble (SgAsmGenericHeader *) const =0 |
| Predicate determining the suitability of a disassembler for a specific file header. More... | |
| virtual Disassembler * | clone () const =0 |
| Creates a new copy of a disassembler. More... | |
| void | disassemble (SgAsmInterpretation *, AddressSet *successors=NULL, BadMap *bad=NULL) |
| This high-level method disassembles instructions belonging to part of a file described by an executable file header as indicated by the specified interpretation. More... | |
| void | set_registers (const RegisterDictionary *rdict) |
| Specifies the registers available on this architecture. More... | |
| const RegisterDictionary * | get_registers () const |
| Returns the dictionary used for looking up register names. More... | |
| void | set_partitioner (class Partitioner *p) |
| Specifies the instruction partitioner to use when partitioning instructions into functions. More... | |
| class Partitioner * | get_partitioner () const |
| Returns the partitioner object set by set_partitioner(). More... | |
| void | set_search (unsigned bits) |
| Specifies the heuristics used when searching for instructions. More... | |
| unsigned | get_search () const |
| Returns a bit mask of SearchHeuristic bits representing which heuristics would be used when searching for instructions. More... | |
| void | set_wordsize (size_t) |
| Specifies the word size for the SEARCH_WORDS heuristic. More... | |
| size_t | get_wordsize () const |
| Returns the word size used by the SEARCH_WORDS heuristic. More... | |
| void | set_alignment (size_t) |
| Specifies the alignment for the SEARCH_WORDS heuristic. More... | |
| size_t | get_alignment () const |
| Returns the alignment used by the SEARCH_WORDS heuristic. More... | |
| void | set_sex (ByteOrder::Endianness sex) |
| Specifies the byte order for the SEARCH_WORDS heuristic. More... | |
| ByteOrder::Endianness | get_sex () const |
| Returns the byte order used by the SEARCH_WORDS heuristic. More... | |
| void | set_debug (FILE *f) |
| Sends disassembler diagnostics to the specified output stream. More... | |
| FILE * | get_debug () const |
| Returns the file currently used for debugging; null implies no debugging. More... | |
| size_t | get_ndisassembled () const |
| Returns the number of instructions successfully disassembled. More... | |
| void | set_protection (unsigned bitvec) |
| Normally the disassembler will only read memory when the execute permission is turned on for the memory. More... | |
| unsigned | get_protection () const |
| Returns a bit vector describing which bits must be enabled in the MemoryMap in order for the disassembler to read from that memory. More... | |
| void | set_progress_reporting (FILE *, unsigned min_interval) |
| Set progress reporting properties. More... | |
| virtual SgAsmInstruction * | disassembleOne (const MemoryMap *map, rose_addr_t start_va, AddressSet *successors=NULL)=0 |
| This is the lowest level disassembly function and is implemented in the architecture-specific subclasses. More... | |
| SgAsmInstruction * | disassembleOne (const unsigned char *buf, rose_addr_t buf_va, size_t buf_size, rose_addr_t start_va, AddressSet *successors=NULL) |
| Similar in functionality to the disassembleOne method that takes a MemoryMap argument, except the content buffer is mapped 1:1 to virtual memory beginning at the specified address. More... | |
| InstructionMap | disassembleBlock (const MemoryMap *map, rose_addr_t start_va, AddressSet *successors=NULL, InstructionMap *cache=NULL) |
| Like the disassembleOne method except it disassembles a basic block's worth of instructions beginning at the specified virtual address. More... | |
| InstructionMap | disassembleBlock (const unsigned char *buf, rose_addr_t buf_va, size_t buf_size, rose_addr_t start_va, AddressSet *successors=NULL, InstructionMap *cache=NULL) |
| Similar in functionality to the disassembleBlock method that takes a MemoryMap argument, except the supplied buffer is mapped 1:1 to virtual memory beginning at the specified address. More... | |
| InstructionMap | disassembleBuffer (const MemoryMap *map, size_t start_va, AddressSet *successors=NULL, BadMap *bad=NULL) |
| Disassembles instructions from the content buffer beginning at the specified virtual address and including all instructions that are direct or indirect successors of the first instruction. More... | |
| InstructionMap | disassembleBuffer (const unsigned char *buf, rose_addr_t buf_va, size_t buf_size, rose_addr_t start_va, AddressSet *successors=NULL, BadMap *bad=NULL) |
| Similar in functionality to the disassembleBuffer methods that take a MemoryMap argument, except the supplied buffer is mapped 1:1 to virtual memory beginning at the specified address. More... | |
| InstructionMap | disassembleBuffer (const MemoryMap *map, AddressSet workset, AddressSet *successors=NULL, BadMap *bad=NULL) |
| Similar in functionality to the disassembleBuffer methods that take a single starting virtual address, except this one tries to disassemble from all the addresses specified in the workset. More... | |
| InstructionMap | disassembleSection (SgAsmGenericSection *section, rose_addr_t section_va, rose_addr_t start_offset, AddressSet *successors=NULL, BadMap *bad=NULL) |
| Disassembles instructions in the specified section by assuming that it's mapped to a particular starting address. More... | |
| InstructionMap | disassembleInterp (SgAsmInterpretation *interp, AddressSet *successors=NULL, BadMap *bad=NULL) |
| Disassembles instructions in a particular binary interpretation. More... | |
| void | search_following (AddressSet *worklist, const InstructionMap &bb, rose_addr_t bb_va, const MemoryMap *map, const InstructionMap &tried) |
| Adds the address following a basic block to the list of addresses that should be disassembled. More... | |
| void | search_immediate (AddressSet *worklist, const InstructionMap &bb, const MemoryMap *map, const InstructionMap &tried) |
| Adds values of immediate operands to the list of addresses that should be disassembled. More... | |
| void | search_words (AddressSet *worklist, const MemoryMap *map, const InstructionMap &tried) |
Adds all word-aligned values to work list, provided they specify a virtual address in the map. More... | |
| void | search_next_address (AddressSet *worklist, rose_addr_t start_va, const MemoryMap *map, const InstructionMap &insns, const InstructionMap &tried, bool avoid_overlaps) |
Finds the lowest virtual address, greater than or equal to start_va, which does not correspond to a previous disassembly attempt as evidenced by its presence in the supplied instructions or bad map. More... | |
| void | search_function_symbols (AddressSet *worklist, const MemoryMap *, SgAsmGenericHeader *) |
| Adds addresses that correspond to function symbols. More... | |
| void | update_progress (SgAsmInstruction *) |
| Updates progress information. More... | |
| void | progress (FILE *, const char *fmt,...) const __attribute__((format(printf |
| Conditionally prints a progress report. More... | |
| void virtual SgAsmInstruction * | make_unknown_instruction (const Exception &)=0 |
| Makes an unknown instruction from an exception. More... | |
| void | mark_referenced_instructions (SgAsmInterpretation *, const MemoryMap *, const InstructionMap &) |
| Marks parts of the file that correspond to instructions as having been referenced. More... | |
| AddressSet | get_block_successors (const InstructionMap &, bool *complete) |
| Calculates the successor addresses of a basic block and adds them to a successors set. More... | |
Static Public Member Functions | |
| static unsigned | parse_switches (const std::string &s, unsigned initial=SEARCH_DEFAULT) |
| Given a string (presumably from the ROSE command-line), parse it and return the bit vector describing which search heuristics should be employed by the disassembler. More... | |
| static void | register_subclass (Disassembler *) |
| Register a disassembler instance. More... | |
| static Disassembler * | lookup (SgAsmGenericHeader *) |
| Finds a suitable disassembler. More... | |
| static Disassembler * | lookup (SgAsmInterpretation *) |
| Finds a suitable disassembler. More... | |
| static void | disassembleInterpretation (SgAsmInterpretation *) |
| This class method is for backward compatibility with the disassembleInterpretation() function in the old Disassembler namespace. More... | |
Protected Attributes | |
| const RegisterDictionary * | p_registers |
| Description of registers available for this platform. More... | |
| class Partitioner * | p_partitioner |
| Used for placing instructions into blocks and functions. More... | |
| unsigned | p_search |
| Mask of SearchHeuristic bits specifying instruction searching. More... | |
| FILE * | p_debug |
| Set to non-null to get debugging info. More... | |
| size_t | p_wordsize |
| Word size used by SEARCH_WORDS. More... | |
| ByteOrder::Endianness | p_sex |
| Byte order for SEARCH_WORDS. More... | |
| size_t | p_alignment |
| Word alignment constraint for SEARCH_WORDS (0 and 1 imply byte). More... | |
| size_t | p_ndisassembled |
| Total number of instructions disassembled by disassembleBlock() More... | |
| unsigned | p_protection |
| Memory protection bits that must be set to disassemble. More... | |
Static Protected Attributes | |
| static std::vector < Disassembler * > | disassemblers |
| List of disassembler subclasses. More... | |
| static time_t | progress_interval = 10 |
| Minimum interval between progress reports. More... | |
| static time_t | progress_time = 0 |
| Time of last report, or zero if no report has been generated. More... | |
| static FILE * | progress_file = stderr |
| File to which reports are made. More... | |
| static RTS_mutex_t | class_mutex = RTS_MUTEX_INITIALIZER(RTS_LAYER_DISASSEMBLER_CLASS) |
| Mutex for class-wide thread safety. More... | |
Private Member Functions | |
| void | ctor () |
| Called only during construction. More... | |
Static Private Member Functions | |
| static void | initclass () |
| Initialize class (e.g., register built-in disassemblers). More... | |
| static SgAsmInstruction * | find_instruction_containing (const InstructionMap &insns, rose_addr_t va) |
| Finds the highest-address instruction that contains the byte at the specified virtual address. More... | |
Virtual base class for instruction disassemblers.
The Disassembler class is a virtual class providing all non-architecture-specific functionality for the recursive disassembly of instructions; architecture-specific components are in subclasses such as DisassemblerArm, DisassemblerPowerpc, and DisassemblerX86. In general, there is no need to explicitly instantiate or call functions in any of these subclasses.
All details of the instructions, and the operands and operator expression trees, etc. are stored in the binary AST as separate IR nodes. The SgAsmInstruction class and its architecture-specific subclasses represent individual instructions. The arguments for those instructions are represented by the SgAsmExpression class and subclasses thereof.
Disassembly normally happens automatically unless the -rose:read_executable_file_format_only switch is specified. Alternatively, this Disassembler class can be used to explicitly disassemble parts of a file. The Disassembler class handles all non-architecture-specific details of disassembly, such as where to search for instructions in the address space and how instructions are concatenated into basic blocks. The Disassembler has a pure virtual method, disassembleOne(), that is implemented by architecture-specific subclasses and whose purpose is to disassemble one instruction.
New architectures can be added to ROSE without modifying any ROSE source code. One does this by subclassing an existing disassembler, overriding any necessary virtual methods, and registering an instance of this subclass with Disassembler::register_subclass(). If the new subclass can handle multiple architectures then a disassembler is registered for each of those architectures.
When ROSE needs to disassemble something, it calls Disassembler::lookup(), which in turn calls the can_disassemble() method for all registered disassemblers. The first disassembler whose can_disassemble() returns true is used for the disassembly.
If an error occurs during the disassembly of a single instruction, the disassembler will throw an exception. When disassembling multiple instructions the exceptions are saved in a map, by virtual address, and the map is returned to the caller along with the instructions that were successfully disassembled.
The main interface to the disassembler is the disassembleBuffer() method. It searches for instructions based on the heuristics specified in the set_search() method, reading instruction bytes from a supplied buffer. A MemoryMap object is supplied in order to specify a mapping from virtual address space to offsets in the supplied buffer. The disassembleBuffer() method is used by methods that disassemble whole sections, whole interpretations, or whole files; in turn, it calls disassembleBlock() which disassembles sequential instructions until a control flow branch is encountered.
A MemoryMap object can be built that describes the entire virtual address space and how it relates to offsets in the executable file. This object, together with the entire contents of the file, can be passed to the disassembleBuffer() method in order to disassemble the entire executable in one call. However, if the executable contains multiple independent interpretations (like a PE file that contains a Windows executable and a DOS executable) then the best practice is to disassemble each interpretation individually. The disassemble() method is convenient for this. Disassemblers only disassemble memory that is marked with the protections returned by get_protections(); normally the execute bit must be set.
While the main purpose of the Disassembler class is to disassemble instructions, it also needs to be able to group those instructions into basic blocks (SgAsmBlock) and functions (SgAsmFunction). It uses an instance of the Partitioner class to do so. The user can supply a partitioner to the disassembler or have the disassembler create a default partitioner on the fly. The user is also free to call the partitioner directly on the InstructionMap object returned by most of the disassembler methods. As described in the Partitioner documentation, the output of a Disassembler can be provided as input to the Partitioner, or the Partitioner can be configured to call the Disassembler as needed.
For example, the following code disassembles every single possible address of all bytes that are part of an executable ELF Segment but which are not defined as any other known part of the file (not a table, ELF Section, header, etc.). By building a map and making a single disassembly call, we're able to handle instructions that span segments, where the bytes of the instruction are not contiguous in the file.
The following example shows how one can influence how ROSE disassembles instructions. Let's say you have a problem with the way ROSE is partitioning instructions into functions: it's applying the instruction pattern detector too aggressively when disassembling x86 programs, so you want to turn it off. Here's how you would do that. First, create a subclass of the Disassembler you want to influence.
Then the new disassemblers are registered with ROSE:
Additional examples are shown in the disassembleBuffer.C and disassemble.C sources in the tests/roseTests/binaryTests directory. They are examples of how a Disassembler object can be used to disassemble a buffer containing bare machine code when one doesn't have an associated executable file.
Definition at line 116 of file Disassembler.h.
| typedef std::set<rose_addr_t> Disassembler::AddressSet |
An AddressSet contains virtual addresses (alternatively, relative virtual addresses) for such things as specifying which virtual addresses should be disassembled.
Definition at line 213 of file Disassembler.h.
| typedef Map<rose_addr_t, SgAsmInstruction*> Disassembler::InstructionMap |
The InstructionMap is a mapping from (absolute) virtual address to disassembled instruction.
Definition at line 216 of file Disassembler.h.
| typedef Map<rose_addr_t, Exception> Disassembler::BadMap |
The BadMap is a mapping from (absolute) virtual address to information about a failed disassembly attempt at that address.
Definition at line 220 of file Disassembler.h.
Heuristics used to find instructions to disassemble.
The set of heuristics to try can be set by calling the set_search() method prior to disassembling. Unless noted otherwise, the bit flags affect the disassembleBuffer methods, which call the basic block and individual instruction disassembler methods, but which are called by the methods that disassemble sections, headers, and entire files.
| Enumerator | |
|---|---|
| SEARCH_FOLLOWING |
Disassemble at the address that follows each disassembled instruction, regardless of whether the following address is a successor. |
| SEARCH_IMMEDIATE |
Disassemble at the immediate operands of other instructions. This is a rudimentary form of constant propagation in order to better detect branch targets on RISC architectures where the target is first loaded into a register and then the branch is based on that register. |
| SEARCH_WORDS |
Like IMMEDIATE, but look at all word-aligned words in the disassembly regions. The word size, alignment, and byte order can be set explicitly; defaults are based on values contained in the executable file header supplied during construction. |
| SEARCH_ALLBYTES |
Disassemble starting at every possible address, even if that address is inside some other instruction. |
| SEARCH_UNUSED |
Disassemble starting at every address not already part of an instruction. The way this works is that the disassembly progresses as usual, and then this heuristic kicks in at the end in order to find addresses that haven't been disassembled. The search progresses from low to high addresses and is influenced by most of the other search heuristics as it progresses. For instance, if SEARCH_DEADEND is not set then disassembly at address V is considered a failure if the basic block at V leads to an invalid instruction. |
| SEARCH_NONEXE |
Disassemble in sections that are not mapped executable. This heuristic only applies to disassembly methods that choose which sections to disassemble (for instance, disassembleInterp()). The normal behavior is to disassemble sections that are known to contain code or are mapped with execute permission; specifying this heuristic also includes sections that are mapped but don't have execute permission. It is not possible to disassemble non-mapped sections automatically since they don't have virtual addresses, but it is possible to supply your own virtual address mapping to one of the lower-level disassembler methods in order to accomplish this. |
| SEARCH_DEADEND |
Include basic blocks that end with a bad instruction. This is used by the methods that disassemble basic blocks (namely, any disassembly method other than disassembleOne()). Normally, if disassembly of a basic block at virtual address V leads to a bad instruction, the entire basic block is discarded and address V is added to the bad address list (address V+1 is still available for the other heuristics). |
| SEARCH_UNKNOWN |
Rather than generating exceptions when an instruction cannot be disassembled, create a pseudo-instruction that occupies one byte. These will generally have opcodes like x86_unknown_instruction. |
| SEARCH_FUNCSYMS |
Disassemble beginning at every address that corresponds to the value of a function symbol. This heuristic only applies to disassembly methods called at the interpretation (SgAsmInterpretation) or header (SgAsmGenericHeader) level or above since that's where the symbols are grafted onto the abstract symbol tree. |
| SEARCH_DEFAULT |
Default set of heuristics to use. The default is to be moderately timid. |
Definition at line 155 of file Disassembler.h.
|
inline |
Definition at line 222 of file Disassembler.h.
References ctor().
|
inline |
Definition at line 228 of file Disassembler.h.
|
inlinevirtual |
Definition at line 234 of file Disassembler.h.
|
static |
Given a string (presumably from the ROSE command-line), parse it and return the bit vector describing which search heuristics should be employed by the disassembler.
The input string should be a comma-separated list (without white space) of search specifications. Each specification should be an optional qualifier character followed by either an integer or a word. The accepted words are the lower-case versions of the constants enumerated by SearchHeuristic, but without the leading "SEARCH_". The qualifier determines whether the bits specified by the integer or word are added to the return value ("+") or removed from the return value ("-"). The "=" qualifier acts like "+" but first zeros the return value. The default qualifier is "+" except when the word is "default", in which case the specifier is "=". An optional initial bit mask can be specified (defaults to SEARCH_DEFAULT).
Definition at line 62 of file Disassembler.C.
References flags, SEARCH_ALLBYTES, SEARCH_DEADEND, SEARCH_DEFAULT, SEARCH_FOLLOWING, SEARCH_FUNCSYMS, SEARCH_IMMEDIATE, SEARCH_NONEXE, SEARCH_UNKNOWN, SEARCH_UNUSED, and SEARCH_WORDS.
|
static |
Register a disassembler instance.
More specific disassembler instances should be registered after more general disassemblers since the lookup() method will inspect disassemblers in reverse order of their registration.
Thread safety: Multiple threads can register disassemblers simultaneously. However, one seldom does this because the order that disassemblers are registered determines which disassembler is returned by the lookup() class methods.
Definition at line 148 of file Disassembler.C.
References class_mutex, disassemblers, initclass(), RTS_MUTEX, and RTS_MUTEX_END.
Referenced by initclass().
|
pure virtual |
Predicate determining the suitability of a disassembler for a specific file header.
If this disassembler is capable of disassembling machine code described by the specified file header, then this predicate returns true, otherwise it returns false.
Thread safety: The thread safety of this virtual method depends on the implementation in the subclass.
Implemented in DisassemblerX86, DisassemblerArm, DisassemblerPowerpc, and DisassemblerMips.
Referenced by lookup().
|
static |
Finds a suitable disassembler.
Looks through the list of registered disassembler instances (from most recently registered to earliest registered) and returns the first one whose can_disassemble() predicate returns true. Throws an exception if no suitable disassembler can be found.
Thread safety: Multiple threads can call this class method simultaneously even when other threads are registering additional disassemblers.
Definition at line 174 of file Disassembler.C.
References can_disassemble(), class_mutex, disassemblers, initclass(), RTS_MUTEX, and RTS_MUTEX_END.
Referenced by disassembleInterpretation(), Partitioner::disassembleInterpretation(), lookup(), and Partitioner::mark_ipd_configuration().
|
static |
Finds a suitable disassembler.
Looks through the list of registered disassembler instances (from most recently registered to earliest registered) and returns the first one whose can_disassemble() predicate returns true. This is done for each header contained in the interpretation and the disassembler for each header must match the other headers. An exception is thrown if no suitable disassembler can be found.
Thread safety: Multiple threads can call this class method simultaneously even when other threads are registering additional disassembles. However, no other thread can be changing attributes of the specified interpretation, particularly the list of file headers referenced by the interpretation.
Definition at line 159 of file Disassembler.C.
References SgAsmInterpretation::get_headers(), SgAsmGenericHeaderList::get_headers(), and lookup().
|
pure virtual |
Creates a new copy of a disassembler.
The new copy has all the same settings as the original.
Thread safety: The thread safety of this virtual method depends on the implementation in the subclass.
Implemented in DisassemblerX86, DisassemblerArm, DisassemblerPowerpc, and DisassemblerMips.
Referenced by disassembleInterpretation(), and Partitioner::disassembleInterpretation().
| void Disassembler::disassemble | ( | SgAsmInterpretation * | interp, |
| AddressSet * | successors = NULL, |
||
| BadMap * | bad = NULL |
||
| ) |
This high-level method disassembles instructions belonging to part of a file described by an executable file header as indicated by the specified interpretation.
The disassembleInterp() method is called for the main disassembly work, then a partitioner is invoked to create functions and basic blocks, then the nodes are linked into the AST.
The heuristics used to partition instructions into functions, and the aggressiveness of the disassembler in finding instructions can be controlled by setting properties of this Disassembler object. The MemoryMap describing how virtual memory to be disassembled is mapped into the binary files that ROSE is parsing is either taken from the map defined by the SgAsmInterpretation::p_map, or a new map is created by calling various Loaders and then saved into SgAsmInterpretation::p_map.
Addresses containing instructions that could not be disassembled are added to the optional bad map. Successor addresses where no disassembly was attempted are added to the optional successors set.
In essence, this method replaces the old disassembleInterpretation function in the old Disassembler name space, and will probably be the method most often called by other parts of ROSE. All of its functionality is based on the other lower-level methods of this class.
Thread safety: It is not safe for two or more threads to invoke this method on the same Disassembler object.
Definition at line 193 of file Disassembler.C.
References disassembleInterp(), get_debug(), SgAsmInterpretation::get_map(), p_debug, p_partitioner, Partitioner::partition(), Partitioner::set_debug(), SgAsmInterpretation::set_global_block(), and SgNode::set_parent().
Referenced by disassembleInterpretation().
|
static |
This class method is for backward compatibility with the disassembleInterpretation() function in the old Disassembler namespace.
It just creates a default Disassembler object, sets its search heuristics to the value specified in the SgFile node above the interpretation (presumably the value set with ROSE's "-rose:disassembler_search" switch), and invokes the disassemble() method.
See also, Partitioner::disassembleInterpretation() which does Partitioner-driven disassembly.
Thread safety: This class method is not thread safe.
Definition at line 209 of file Disassembler.C.
References clone(), disassemble(), isSgFile(), Partitioner::load_config(), lookup(), set_partitioner(), set_search(), and Partitioner::set_search().
|
inline |
Specifies the registers available on this architecture.
Rather than using hard-coded class, number, and position constants, the disassembler should perform a name lookup in this supplied register dictionary and use the values found therein. There's usually no need for the user to specify a value because either it will be obtained from an SgAsmInterpretation or the subclass will initialize it.
Thread safety: It is not safe to change the register dictionary while another thread is using this same Disassembler object.
Definition at line 329 of file Disassembler.h.
References p_registers.
Referenced by disassembleInterp(), DisassemblerArm::init(), and DisassemblerX86::init().
|
inline |
Returns the dictionary used for looking up register names.
Thread safety: This method is thread safe.
Definition at line 336 of file Disassembler.h.
References p_registers.
Referenced by DisassemblerX86::init(), DisassemblerX86::makeIP(), DisassemblerArm::makePsrFields(), DisassemblerArm::makeRegister(), and DisassemblerX86::makeRegister().
|
inline |
Specifies the instruction partitioner to use when partitioning instructions into functions.
If none is specified then a default partitioner will be constructed when necessary.
Thread safety: It is not safe to change the partitioner while another thread is using this same Disassembler object.
Definition at line 349 of file Disassembler.h.
References p_partitioner.
Referenced by disassembleInterpretation().
|
inline |
Returns the partitioner object set by set_partitioner().
Thread safety: This method is thread safe.
Definition at line 363 of file Disassembler.h.
References p_partitioner.
|
inline |
Specifies the heuristics used when searching for instructions.
The bits argument should be a bit mask of SearchHeuristic bits.
Thread safety: It is not safe to change the instruction search heuristics while another thread is using this same Disassembler object.
Definition at line 375 of file Disassembler.h.
References p_search.
Referenced by disassembleInterpretation(), and Partitioner::disassembleInterpretation().
|
inline |
Returns a bit mask of SearchHeuristic bits representing which heuristics would be used when searching for instructions.
Thread safety: This method is thread safe.
Definition at line 383 of file Disassembler.h.
References p_search.
Referenced by Partitioner::disassembleInterpretation().
| void Disassembler::set_wordsize | ( | size_t | n) |
Specifies the word size for the SEARCH_WORDS heuristic.
The default is based on the word size of the file header used when the disassembler is constructed.
Thread safety: It is not safe to change the instruction search word size while another thread is using this same Disassembler object.
Definition at line 241 of file Disassembler.C.
References p_wordsize.
Referenced by DisassemblerArm::init(), and DisassemblerX86::init().
|
inline |
Returns the word size used by the SEARCH_WORDS heuristic.
Thread safety: This method is thread safe.
Definition at line 397 of file Disassembler.h.
References p_wordsize.
Referenced by DisassemblerX86::can_disassemble(), and search_words().
| void Disassembler::set_alignment | ( | size_t | n) |
Specifies the alignment for the SEARCH_WORDS heuristic.
The value must be a natural, postive power of two. The default is determined by the subclass (e.g., x86 would probably set this to one since instructions are not aligned, while ARM would set this to four.
Thread safety: It is not safe to change the instruction search alignment while another thread is using this same Disassembler object.
Definition at line 250 of file Disassembler.C.
References p_alignment.
Referenced by DisassemblerArm::init(), and DisassemblerX86::init().
|
inline |
Returns the alignment used by the SEARCH_WORDS heuristic.
Thread safety: This method is thread safe.
Definition at line 412 of file Disassembler.h.
References p_alignment.
Referenced by search_words().
|
inline |
Specifies the byte order for the SEARCH_WORDS heuristic.
The default is based on the byte order of the file header used when the disassembler is constructed.
Thread safety: It is not safe to change the byte sex while another thread is using this same Disassembler object.
Definition at line 420 of file Disassembler.h.
References p_sex.
Referenced by DisassemblerArm::init(), and DisassemblerX86::init().
|
inline |
Returns the byte order used by the SEARCH_WORDS heuristic.
Thread safety: This method is thread safe.
Definition at line 427 of file Disassembler.h.
References p_sex.
Referenced by search_words().
|
inline |
Sends disassembler diagnostics to the specified output stream.
Null (the default) turns off debugging.
Thread safety: It is not safe to change the debugging stream while another thread is using this same Disassembler object.
Definition at line 435 of file Disassembler.h.
References p_debug.
|
inline |
Returns the file currently used for debugging; null implies no debugging.
Thread safety: This method is thread safe.
Definition at line 442 of file Disassembler.h.
References p_debug.
Referenced by disassemble(), and search_words().
|
inline |
Returns the number of instructions successfully disassembled.
The counter is updated by disassembleBlock(), which is generally called by all disassembly methods except for disassembleOne().
Thread safety: This method is thread safe.
Definition at line 450 of file Disassembler.h.
References p_ndisassembled.
|
inline |
Normally the disassembler will only read memory when the execute permission is turned on for the memory.
This can be changed to some other set of MemoryMap::Protection bits with this function. All bits that are set here must also be present for the memory being disassembled.
Thread safety: It is not safe to change the protection while another thread is using this same Disassembler object.
Definition at line 459 of file Disassembler.h.
References p_protection.
Referenced by disassembleInterp().
|
inline |
Returns a bit vector describing which bits must be enabled in the MemoryMap in order for the disassembler to read from that memory.
The default is that MemoryMap::MM_PROT_EXEC must be set.
Thread safety: This method is thread safe.
Definition at line 467 of file Disassembler.h.
References p_protection.
Referenced by disassembleInterp(), DisassemblerArm::disassembleOne(), and DisassemblerX86::disassembleOne().
| void Disassembler::set_progress_reporting | ( | FILE * | output, |
| unsigned | min_interval | ||
| ) |
Set progress reporting properties.
A progress report is produced not more than once every min_interval seconds (default is 10) by sending a single line of ouput to the specified file. Progress reporting can be disabled by supplying a null pointer for the file. Progress report properties are class variables. Changing their values will immediately affect all disassemblers in all threads.
Thread safety: This method is thread safe.
Definition at line 268 of file Disassembler.C.
References class_mutex, output(), progress_file, progress_interval, RTS_MUTEX, and RTS_MUTEX_END.
|
pure virtual |
This is the lowest level disassembly function and is implemented in the architecture-specific subclasses.
It disassembles one instruction at the specified virtual address. The map is a mapping from virtual addresses to buffer and enables instructions to span file segments that are mapped contiguously in virtual memory by the loader but which might not be contiguous in the file. The instruction's successor virtual addresses are added to the optional successor set (note that successors of an individual instruction can also be obtained via SgAsmInstruction::get_successors). If the instruction cannot be disassembled then an exception is thrown and the successors set is not modified.
Thread safety: The safety of this method depends on its implementation in the subclass. In any case, no other thread can be modifying the MemoryMap or successors set at the same time.
Implemented in DisassemblerX86, DisassemblerArm, DisassemblerPowerpc, and DisassemblerMips.
Referenced by disassembleBlock(), disassembleOne(), and Partitioner::mark_ipd_configuration().
| SgAsmInstruction * Disassembler::disassembleOne | ( | const unsigned char * | buf, |
| rose_addr_t | buf_va, | ||
| size_t | buf_size, | ||
| rose_addr_t | start_va, | ||
| AddressSet * | successors = NULL |
||
| ) |
Similar in functionality to the disassembleOne method that takes a MemoryMap argument, except the content buffer is mapped 1:1 to virtual memory beginning at the specified address.
Thread safety: The safety of this method depends on the implementation of the disassembleOne() defined in the subclass. If the subclass is thread safe then this method can be called in multiple threads as long as the supplied buffer and successors set are not being modified by another thread.
Definition at line 314 of file Disassembler.C.
References MemoryMap::ExternBuffer::create(), disassembleOne(), MemoryMap::insert(), MemoryMap::MM_PROT_RX, and segment.
| Disassembler::InstructionMap Disassembler::disassembleBlock | ( | const MemoryMap * | map, |
| rose_addr_t | start_va, | ||
| AddressSet * | successors = NULL, |
||
| InstructionMap * | cache = NULL |
||
| ) |
Like the disassembleOne method except it disassembles a basic block's worth of instructions beginning at the specified virtual address.
For the purposes of this function, a basic block is defined as starting from the specified instruction and continuing until we reach a branch instruction (e.g., "jmp", "je", "call", "ret", etc.), or an instruction with no known successors (e.g., "hlt", "int", etc), or the end of the buffer, or an instruction that cannot be disassembled. The map is a mapping from virtual addresses to offsets in the content buffer. The successors of the last instruction of the basic block are added to the optional successor set. An exception is thrown if the first instruction cannot be disassembled (or some other major error occurs), in which case the successors set is not modified.
If the SEARCH_DEADEND bit is set and an instruction cannot be disassembled then the address of that instruction is added to the successors and the basic block ends at the previous instruction. If the SEARCH_DEADEND bit is clear and an instruction cannot be disassembled then the entire basic block is discarded, an exception is thrown (the exception address is the instruction that could not be disassembled), and the successors list is not modified.
A cache of previously disassembled instructions can be provided. If one is provided, then the cache will be updated with any instructions disassembled during the call to disassembleBlock(). Addresses where disassembly was tried but failed will be added to the cache as null pointers. This is convenient when the SEARCH_DEADEND bit is clear in conjunction with the SEARCH_FOLLOWING (or similar) being set, since this combination causes the disassembler to try every address in a dead-end block. Providing a cache in this case can speed up the disassembler by an order of magnitude.
Thread safety: The safety of this method depends on the implementation of disassembleOne() in the subclass. In any case, no other thread should be concurrently modifying the memory map, successors, or cache.
Definition at line 326 of file Disassembler.C.
References Disassembler::Exception::bytes, SageInterface::deleteAST(), disassembleOne(), get_block_successors(), SgAsmInstruction::get_size(), Disassembler::Exception::ip, make_unknown_instruction(), p_debug, p_search, SEARCH_DEADEND, SEARCH_UNKNOWN, and SgAsmInstruction::terminates_basic_block().
Referenced by disassembleBlock(), and disassembleBuffer().
| Disassembler::InstructionMap Disassembler::disassembleBlock | ( | const unsigned char * | buf, |
| rose_addr_t | buf_va, | ||
| size_t | buf_size, | ||
| rose_addr_t | start_va, | ||
| AddressSet * | successors = NULL, |
||
| InstructionMap * | cache = NULL |
||
| ) |
Similar in functionality to the disassembleBlock method that takes a MemoryMap argument, except the supplied buffer is mapped 1:1 to virtual memory beginning at the specified address.
Thread safety: The safety of this method depends on the implementation of disassembleOne() in the subclass. In any case, no other thread should be concurrently modifying the buffer, successors, or cache.
Definition at line 421 of file Disassembler.C.
References MemoryMap::ExternBuffer::create(), disassembleBlock(), MemoryMap::insert(), MemoryMap::MM_PROT_RX, and segment.
| Disassembler::InstructionMap Disassembler::disassembleBuffer | ( | const MemoryMap * | map, |
| size_t | start_va, | ||
| AddressSet * | successors = NULL, |
||
| BadMap * | bad = NULL |
||
| ) |
Disassembles instructions from the content buffer beginning at the specified virtual address and including all instructions that are direct or indirect successors of the first instruction.
The map is a mapping from virtual addresses to offsets in the content buffer. Any successors of individual instructions that fall outside the buffer being disassembled will be added to the optional successors set. If an address cannot be disassembled then the address and exception will be added to the optional bad map; any address which is already in the bad map upon function entry will not be disassembled. Note that bad instructions have no successors. An exception is thrown if an error is detected before disassembly begins.
Thread safety: The safety of this method depends on the implementation of disassembleOne() in the subclass. In any case, no other thread should be concurrently modifying the memory map, successor list, or exception map.
Definition at line 433 of file Disassembler.C.
Referenced by disassembleBuffer(), disassembleInterp(), Partitioner::disassembleInterpretation(), and disassembleSection().
| Disassembler::InstructionMap Disassembler::disassembleBuffer | ( | const unsigned char * | buf, |
| rose_addr_t | buf_va, | ||
| size_t | buf_size, | ||
| rose_addr_t | start_va, | ||
| AddressSet * | successors = NULL, |
||
| BadMap * | bad = NULL |
||
| ) |
Similar in functionality to the disassembleBuffer methods that take a MemoryMap argument, except the supplied buffer is mapped 1:1 to virtual memory beginning at the specified address.
Thread safety: The safety of this method depends on the implementation of disassembleOne() in the subclass. In any case, no other thread should be concurrently modifying the buffer, successor list, or exception map.
Definition at line 720 of file Disassembler.C.
References MemoryMap::ExternBuffer::create(), disassembleBuffer(), MemoryMap::insert(), and MemoryMap::MM_PROT_RX.
| Disassembler::InstructionMap Disassembler::disassembleBuffer | ( | const MemoryMap * | map, |
| AddressSet | workset, | ||
| AddressSet * | successors = NULL, |
||
| BadMap * | bad = NULL |
||
| ) |
Similar in functionality to the disassembleBuffer methods that take a single starting virtual address, except this one tries to disassemble from all the addresses specified in the workset.
Thread safety: The safety of this method depends on the implementation of disassembleOne() in the subclass. In any case, no other thread should be concurrently modifying the memory map, successor list, or exception map.
Definition at line 442 of file Disassembler.C.
References SageInterface::deleteAST(), disassembleBlock(), MemoryMap::exists(), p_search, SEARCH_ALLBYTES, SEARCH_FOLLOWING, search_following(), SEARCH_IMMEDIATE, search_immediate(), search_next_address(), SEARCH_UNUSED, SEARCH_WORDS, and search_words().
| Disassembler::InstructionMap Disassembler::disassembleSection | ( | SgAsmGenericSection * | section, |
| rose_addr_t | section_va, | ||
| rose_addr_t | start_offset, | ||
| AddressSet * | successors = NULL, |
||
| BadMap * | bad = NULL |
||
| ) |
Disassembles instructions in the specified section by assuming that it's mapped to a particular starting address.
Disassembly will begin at the specified byte offset in the section. The section need not be mapped with execute permission; in fact, since a starting address is specified, it need not be mapped at all. All other aspects of this method are similar to the disassembleBuffer method.
Definition at line 732 of file Disassembler.C.
References MemoryMap::ExternBuffer::create(), disassembleBuffer(), SgAsmGenericFile::get_data(), SgAsmGenericSection::get_file(), SgAsmGenericSection::get_name(), SgAsmGenericSection::get_size(), SgAsmGenericString::get_string(), MemoryMap::insert(), and MemoryMap::MM_PROT_RX.
| Disassembler::InstructionMap Disassembler::disassembleInterp | ( | SgAsmInterpretation * | interp, |
| AddressSet * | successors = NULL, |
||
| BadMap * | bad = NULL |
||
| ) |
Disassembles instructions in a particular binary interpretation.
If the interpretation has a memory map (SgAsmInterpretation::get_map()) then that map will be used for disassembly. Otherwise a new map is created to describe all code-containing sections of the header, and that map is stored in the interpretation. The aggressiveness when searching for addresses to disassemble is controlled by the disassembler's set_search() method. If the interpretation has a register dictionary, then the disassembler's register dictionary will be set to the same value. All other aspects of this method are similar to the disassembleBuffer() method.
Thread safety: Not thread safe.
Definition at line 748 of file Disassembler.C.
References BinaryLoader::clone(), disassembleBuffer(), MemoryMap::dump(), SgAsmInterpretation::get_headers(), SgAsmGenericHeaderList::get_headers(), SgAsmInterpretation::get_map(), get_protection(), SgAsmInterpretation::get_registers(), BinaryLoader::load(), BinaryLoader::lookup(), mark_referenced_instructions(), MemoryMap::MM_PROT_EXEC, p_debug, p_search, SEARCH_FUNCSYMS, search_function_symbols(), SEARCH_NONEXE, BinaryLoader::set_perform_dynamic_linking(), BinaryLoader::set_perform_relocations(), BinaryLoader::set_perform_remap(), set_protection(), and set_registers().
Referenced by disassemble().
| void Disassembler::search_following | ( | AddressSet * | worklist, |
| const InstructionMap & | bb, | ||
| rose_addr_t | bb_va, | ||
| const MemoryMap * | map, | ||
| const InstructionMap & | tried | ||
| ) |
Adds the address following a basic block to the list of addresses that should be disassembled.
This search method is invoked automatically if the SEARCH_FOLLOWING bit is set (see set_search()). The tried argument lists all the addresses where we already tried to disassemble (including addresses where disassembly failed) and this method refuses to add the following address to the worklist if we've already tried that address.
Thread safety: Multiple threads can call this method using the same Disassembler object as long as they pass different worklist address sets and no other thread is modifying the other arguments.
Definition at line 522 of file Disassembler.C.
References MemoryMap::exists(), SgAsmStatement::get_address(), SgAsmInstruction::get_size(), and p_debug.
Referenced by disassembleBuffer().
| void Disassembler::search_immediate | ( | AddressSet * | worklist, |
| const InstructionMap & | bb, | ||
| const MemoryMap * | map, | ||
| const InstructionMap & | tried | ||
| ) |
Adds values of immediate operands to the list of addresses that should be disassembled.
Such operands are often used in a closely following instruction as a jump target. E.g., "move 0x400600, reg1; ...; jump reg1". This search method is invoked automatically if the SEARCH_IMMEDIATE bit is set (see set_search()). The tried argument lists all the addresses where we already tried to disassemble (including addresses where disassembly failed) and this method refuses to add the following address to the worklist if we've already tried that address.
Thread safety: Multiple threads can call this method using the same Disassembler object as long as they pass different worklist address sets and no other thread is modifying the other arguments.
Definition at line 546 of file Disassembler.C.
References MemoryMap::exists(), isSgAsmIntegerValueExpression(), and p_debug.
Referenced by disassembleBuffer().
| void Disassembler::search_words | ( | AddressSet * | worklist, |
| const MemoryMap * | map, | ||
| const InstructionMap & | tried | ||
| ) |
Adds all word-aligned values to work list, provided they specify a virtual address in the map.
The wordsize must be a power of two. This search method is invoked automatically if the SEARCH_WORDS bit is set (see set_search()). The tried argument lists all the addresses where we already tried to disassemble (including addresses where disassembly failed) and this method refuses to add the following address to the worklist if we've already tried that address.
Thread safety: Multiple threads can call this method using the same Disassembler object as long as they pass different worklist address sets and no other thread is modifying the other arguments.
Definition at line 570 of file Disassembler.C.
References ALIGN_UP, MemoryMap::exists(), Range< T >::first(), get_alignment(), get_debug(), get_sex(), get_wordsize(), Range< T >::last(), ByteOrder::ORDER_LSB, ByteOrder::ORDER_MSB, MemoryMap::read1(), segment, and MemoryMap::traverse().
Referenced by disassembleBuffer().
| void Disassembler::search_next_address | ( | AddressSet * | worklist, |
| rose_addr_t | start_va, | ||
| const MemoryMap * | map, | ||
| const InstructionMap & | insns, | ||
| const InstructionMap & | tried, | ||
| bool | avoid_overlaps | ||
| ) |
Finds the lowest virtual address, greater than or equal to start_va, which does not correspond to a previous disassembly attempt as evidenced by its presence in the supplied instructions or bad map.
If avoid_overlaps is set then do not return an address if an already disassembled instruction's raw bytes include that address. Only virtual addresses contained in the MemoryMap will be considered. The tried argument lists all the addresses where we already tried to disassemble (including addresses where disassembly failed) and this method refuses to add the following address to the worklist if we've already tried that address. The address is returned by adding it to the worklist; nothing is added if no qualifying address can be found. This method is invoked automatically if the SEARCH_ALLBYTES or SEARCH_UNUSED bits are set (see set_search()).
Thread safety: Multiple threads can call this method using the same Disassembler object as long as they pass different worklist address sets and no other thread is modifying the other arguments.
Definition at line 617 of file Disassembler.C.
References RangeMap< R, T >::end(), find_instruction_containing(), Range< T >::first(), SgAsmStatement::get_address(), MemoryMap::Segment::get_mapperms(), SgAsmInstruction::get_size(), Range< T >::last(), RangeMap< R, T >::lower_bound(), max, MemoryMap::MM_PROT_EXEC, p_debug, segment, and MemoryMap::segments().
Referenced by disassembleBuffer().
| void Disassembler::search_function_symbols | ( | AddressSet * | worklist, |
| const MemoryMap * | map, | ||
| SgAsmGenericHeader * | header | ||
| ) |
Adds addresses that correspond to function symbols.
This method is invoked automatically if the SEARCH_FUNCSYMS bits are set (see set_search()). It applies only to disassembly at the file header (SgAsmGenericHeader) level or above.
Thread safety: Multiple threads can call this method using the same Disassembler object as long as they pass different worklist addresses and no other thread is modifying the memory map or changing the AST under the specified file header node.
Definition at line 672 of file Disassembler.C.
References MemoryMap::exists(), SgAsmGenericSymbol::get_bound(), SgAsmGenericSection::get_contains_code(), SgAsmGenericSection::get_mapped_actual_va(), SgAsmGenericSymbol::get_name(), SgAsmGenericString::get_string(), SgAsmGenericSymbol::get_type(), SgAsmGenericSection::is_mapped(), isSgAsmGenericSymbol(), p_debug, preorder, and SgAsmGenericSymbol::SYM_FUNC.
Referenced by disassembleInterp(), and Partitioner::disassembleInterpretation().
| void Disassembler::update_progress | ( | SgAsmInstruction * | insn) |
Updates progress information.
This should be called each time the subclass' disassembleOne() is about to return a new instruction.
Thread safety: This method is thread safe. The optional supplied instruction is only used to obtain a virtual address.
Definition at line 303 of file Disassembler.C.
References SgAsmStatement::get_address(), p_debug, p_ndisassembled, and progress().
Referenced by DisassemblerArm::disassembleOne(), and DisassemblerX86::disassembleOne().
| void Disassembler::progress | ( | FILE * | debug, |
| const char * | fmt, | ||
| ... | |||
| ) | const |
Conditionally prints a progress report.
If progress reporting is enabled and the required amount of time has elapsed since the previous report, then the supplied report is emited. Also, if debugging is enabled the report is emitted to the debugging file regardless of the elapsed time. The arguments are the same as fprintf().
Thread safety: This method is thread safe.
Definition at line 278 of file Disassembler.C.
References class_mutex, progress_file, progress_interval, progress_time, RTS_MUTEX, RTS_MUTEX_END, and time.
Referenced by update_progress().
|
pure virtual |
Makes an unknown instruction from an exception.
Thread safety: The safety of this method depends on its implementation in the subclass.
Implemented in DisassemblerX86, DisassemblerArm, DisassemblerPowerpc, and DisassemblerMips.
Referenced by disassembleBlock().
| void Disassembler::mark_referenced_instructions | ( | SgAsmInterpretation * | interp, |
| const MemoryMap * | map, | ||
| const InstructionMap & | insns | ||
| ) |
Marks parts of the file that correspond to instructions as having been referenced.
Thread safety: This method is not thread safe.
Definition at line 825 of file Disassembler.C.
References RangeMap< R, T >::end(), RangeMap< R, T >::find(), SgAsmStatement::get_address(), SgAsmInterpretation::get_files(), SgAsmInstruction::get_size(), SgAsmGenericFile::get_tracking_references(), SgAsmGenericFile::read_content(), MemoryMap::segments(), and SgAsmGenericFile::set_tracking_references().
Referenced by disassembleInterp().
| Disassembler::AddressSet Disassembler::get_block_successors | ( | const InstructionMap & | insns, |
| bool * | complete | ||
| ) |
Calculates the successor addresses of a basic block and adds them to a successors set.
The successors is always non-null when called. If the function is able to determine the complete set of successors then it should set complete to true before returning.
Thread safety: Thread safe provided no other thread is modifying the specified instruction map.
Definition at line 890 of file Disassembler.C.
References SgAsmInstruction::is_function_call().
Referenced by disassembleBlock().
|
staticprivate |
Initialize class (e.g., register built-in disassemblers).
This class method is thread safe, using class_mutex.
Definition at line 134 of file Disassembler.C.
References class_mutex, register_subclass(), RTS_INIT_END, and RTS_INIT_RECURSIVE.
Referenced by lookup(), and register_subclass().
|
private |
Called only during construction.
Thread safe.
Definition at line 25 of file Disassembler.C.
References p_debug.
Referenced by Disassembler().
|
staticprivate |
Finds the highest-address instruction that contains the byte at the specified virtual address.
Returns null if no such instruction exists.
Thread safety: This class method is thread safe provided no other thread is modifying the instruction map nor the instructions to which the map points, particularly the instructions' virtual address and raw bytes.
Definition at line 700 of file Disassembler.C.
Referenced by search_next_address().
|
protected |
Description of registers available for this platform.
Definition at line 695 of file Disassembler.h.
Referenced by get_registers(), and set_registers().
|
protected |
Used for placing instructions into blocks and functions.
Definition at line 696 of file Disassembler.h.
Referenced by disassemble(), get_partitioner(), and set_partitioner().
|
protected |
Mask of SearchHeuristic bits specifying instruction searching.
Definition at line 697 of file Disassembler.h.
Referenced by disassembleBlock(), disassembleBuffer(), disassembleInterp(), get_search(), and set_search().
|
protected |
Set to non-null to get debugging info.
Definition at line 698 of file Disassembler.h.
Referenced by ctor(), disassemble(), disassembleBlock(), disassembleInterp(), get_debug(), search_following(), search_function_symbols(), search_immediate(), search_next_address(), set_debug(), and update_progress().
|
protected |
Word size used by SEARCH_WORDS.
Definition at line 699 of file Disassembler.h.
Referenced by get_wordsize(), and set_wordsize().
|
protected |
Byte order for SEARCH_WORDS.
Definition at line 700 of file Disassembler.h.
|
protected |
Word alignment constraint for SEARCH_WORDS (0 and 1 imply byte).
Definition at line 701 of file Disassembler.h.
Referenced by get_alignment(), and set_alignment().
|
staticprotected |
List of disassembler subclasses.
Definition at line 702 of file Disassembler.h.
Referenced by lookup(), and register_subclass().
|
protected |
Total number of instructions disassembled by disassembleBlock()
Definition at line 703 of file Disassembler.h.
Referenced by get_ndisassembled(), and update_progress().
|
protected |
Memory protection bits that must be set to disassemble.
Definition at line 704 of file Disassembler.h.
Referenced by get_protection(), and set_protection().
|
staticprotected |
Minimum interval between progress reports.
Definition at line 706 of file Disassembler.h.
Referenced by progress(), and set_progress_reporting().
|
staticprotected |
Time of last report, or zero if no report has been generated.
Definition at line 707 of file Disassembler.h.
Referenced by progress().
|
staticprotected |
File to which reports are made.
Null disables reporting.
Definition at line 708 of file Disassembler.h.
Referenced by progress(), and set_progress_reporting().
|
staticprotected |
Mutex for class-wide thread safety.
Definition at line 710 of file Disassembler.h.
Referenced by initclass(), lookup(), progress(), register_subclass(), and set_progress_reporting().
1.8.4 
