CMD: add command to collect md5s from disassembly

Author: sipma

chb/arm/opcodes/ARMStoreRegister.py

@@ -85,6 +85,10 @@ def is_lhsvar_unknown(self) -> bool:
     def is_lhsvar_known(self) -> bool:
         return self.xdata.vars_r[1] is not None
 
+    @property
+    def is_xxrtc_known(self) -> bool:
+        return self.xdata.xprs_r[4] is not None
+
     @property
     def vrn(self) -> "XVariable":
         return self.var(1, "vrn")
@@ -105,25 +109,30 @@ def xrt(self) -> "XXpr":
     def xxrt(self) -> "XXpr":
         return self.xpr(3, "xxrt")
 
+    @property
+    def xxrtc(self) -> "XXpr":
+        return self.xpr(4, "xxrtc")
+
     @property
     def xaddr(self) -> "XXpr":
-        return self.xpr(4, "xaddr")
+        return self.xpr(5, "xaddr")
 
     @property
     def is_address_known(self) -> bool:
-        return self.xdata.xprs_r[4] is not None
+        return self.xdata.xprs_r[5] is not None
 
     @property
     def xaddr_updated(self) -> "XXpr":
-        return self.xpr(5, "xaddr_updated")
+        return self.xpr(6, "xaddr_updated")
 
     @property
     def annotation(self) -> str:
         wbu = self.writeback_update()
+        rhs = self.xxrtc if self.is_xxrtc_known else self.xxrt
         if self.is_ok or self.is_vmem_known:
-            assignment = str(self.vmem) + " := " + str(self.xxrt)
+            assignment = str(self.vmem) + " := " + str(rhs)
         elif self.is_vmem_unknown and self.is_address_known:
-            assignment = "*(" + str(self.xaddr) + ") := " + str(self.xxrt)
+            assignment = "*(" + str(self.xaddr) + ") := " + str(rhs)
         else:
             assignment = "Error value"
         return self.add_instruction_condition(assignment + wbu)

chb/arm/opcodes/ARMStoreRegisterHalfword.py

@@ -79,6 +79,10 @@ def xrt(self) -> "XXpr":
     def xxrt(self) -> "XXpr":
         return self.xpr(3, "xxrt")
 
+    @property
+    def is_xxrt_known(self) -> bool:
+        return self.xdata.xprs_r[3] is not None
+
     @property
     def xaddr(self) -> "XXpr":
         return self.xpr(4, "xaddr")
@@ -92,6 +96,8 @@ def annotation(self) -> str:
         wbu = self.writeback_update()
         if self.is_ok:
             assignment = str(self.vmem) + " := " + str(self.xxrt)
+        elif not self.is_xxrt_known:
+            assignment = "(*" + str(self.xaddr) + ") := Error value"
         elif self.is_vmem_unknown and self.is_address_known:
             assignment = "*(" + str(self.xaddr) + ") := " + str(self.xxrt)
         else:

chb/cmdline/AnalysisManager.py

@@ -6,7 +6,7 @@
 #
 # Copyright (c) 2016-2020 Kestrel Technology LLC
 # Copyright (c) 2020      Henny Sipma
-# Copyright (c) 2021-2023 Aarno Labs LLC
+# Copyright (c) 2021-2025 Aarno Labs LLC
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal

chb/cmdline/chkx

@@ -473,6 +473,12 @@ def parse() -> argparse.Namespace:
         "--analyze_all_named",
         help="include all functions named in userdata in the analysis",
         action="store_true")
+    analyzecmd.add_argument(
+        "--analyze_range_entry_points",
+        help=("include all functions whose address is in the given range and "
+              + "listed in the userdata function entry points"),
+        nargs="*",
+        default=[])
     analyzecmd.add_argument(
         "--gc_compact",
         type=int,
@@ -574,6 +580,11 @@ def parse() -> argparse.Namespace:
     ddatagvars.add_argument("xname", help="name of executable")
     ddatagvars.set_defaults(func=UCC.ddata_gvars)
 
+    # -- ddata md5s --
+    ddatamd5s = ddataparsers.add_parser("md5s")
+    ddatamd5s.add_argument("xname", help="name of executable")
+    ddatamd5s.set_defaults(func=UCC.ddata_md5s)
+
     # ----------------------------------------------------------------- results --
     resultscmd = subparsers.add_parser('results')
     resultscmd.set_defaults(func=resultscommand)

chb/cmdline/commandutil.py

@@ -412,6 +412,7 @@ def analyzecmd(args: argparse.Namespace) -> NoReturn:
     fns_exclude: List[str] = args.fns_exclude  # function hex addresses
     fns_include: List[str] = args.fns_include  # function hex addresses
     analyze_all_named: bool = args.analyze_all_named
+    analyze_range_entry_points: List[str] = args.analyze_range_entry_points
     gc_compact: int = args.gc_compact
     construct_all_functions: bool = args.construct_all_functions
     show_function_timing: bool = args.show_function_timing
@@ -492,7 +493,21 @@ def analyzecmd(args: argparse.Namespace) -> NoReturn:
     if analyze_all_named:
         fnnamed_addrs = userhints.rev_function_names().values()
         fns_include = fns_include + list(fnnamed_addrs)
-        chklogger.logger.warning("Include %d functions", len(fns_include))
+        chklogger.logger.info("Include %d functions", len(fns_include))
+
+    if len(analyze_range_entry_points) == 2:
+        festart = int(analyze_range_entry_points[0], 16)
+        fefin = int(analyze_range_entry_points[1], 16)
+        fentrypoints = userhints.function_entry_points()
+        feincludes: List[str] = []
+        for fe in fentrypoints:
+            eint = int(fe, 16)
+            if eint >= festart and eint <= fefin:
+                feincludes.append(fe)
+        fns_include = fns_include + feincludes
+        chklogger.logger.info(
+            "Include %d entry point functions in range %s - %s",
+            len(feincludes), hex(festart), hex(fefin))
 
     am = AnalysisManager(
         path,
@@ -2448,3 +2463,36 @@ def ddata_gvars(args: argparse.Namespace) -> NoReturn:
     print("Coverage: " + str(coverage) + " (typed: " + str(count) + ")")
 
     exit(0)
+
+
+def ddata_md5s(args: argparse.Namespace) -> NoReturn:
+
+    # arguments
+    xname: str = str(args.xname)
+
+    try:
+        (path, xfile) = get_path_filename(xname)
+    except UF.CHBError as e:
+        print(str(e.wrap()))
+        exit(1)
+
+    xinfo = XI.XInfo()
+    xinfo.load(path, xfile)
+
+    app = get_app(path, xfile, xinfo)
+    md5s = app.function_md5s
+
+    result: Dict[str, int] = {}
+
+    for md5 in md5s.values():
+        result.setdefault(md5, 0)
+        result[md5] += 1
+
+    print("Number of functions: " + str(len(md5s)))
+    print("Distinct md5s      : " + str(len(result)))
+
+    for (md5, count) in result.items():
+        if count > 10:
+            print(md5 + ": " + str(count))
+
+    exit(0)

chb/userdata/UserHints.py

@@ -1457,6 +1457,14 @@ def rev_function_names(self) -> Dict[str, str]:
         else:
             return {}
 
+    def function_entry_points(self) -> List[str]:
+        if "function-entry-points" in self.astdata:
+            entry = cast(FunctionEntryPointsHints,
+                         self.astdata["function-entry-points"])
+            return entry.entrypoints
+        else:
+            return []
+
     def add_hints(self, hints: Dict[str, Any]) -> None:
         """Process a user provided dictionary with user hint dictionaries.
 
@@ -1527,6 +1535,11 @@ def add_hints(self, hints: Dict[str, Any]) -> None:
                 self.userdata[tag].update(fepoints)
             else:
                 self.userdata[tag] = FunctionEntryPointsHints(fepoints)
+            if tag in self.astdata:
+                self.astdata[tag].update(fepoints)
+            else:
+                self.astdata[tag] = FunctionEntryPointsHints(fepoints)
+
 
         if "function-annotations" in hints:
             tag = "function-annotations"