CHB: add function annotations

Author: sipma

CodeHawk/CHB/bchcmdline/bCHXBinaryAnalyzer.ml

@@ -847,8 +847,6 @@ let main () =
       let _ = pr_timing [STR "bdictionary loaded"] in
       let _ = load_bc_files () in
       let _ = pr_timing [STR "bc files loaded"] in
-      let _ = system_info#initialize in
-      let _ = pr_timing [STR "system info initialized"] in
       let _ = load_interface_dictionary () in
       let _ = pr_timing [STR "interface dictionary loaded"] in
       let _ = load_arm_dictionary () in
@@ -869,6 +867,8 @@ let main () =
       let _ =
         if (List.length system_info#ifiles > 0) then
           pr_timing [STR "c header files parsed"] in
+      let _ = system_info#initialize in
+      let _ = pr_timing [STR "system info initialized"] in
       let index = file_metrics#get_index in
       let logcmd = "analyze_" ^ (string_of_int index) in
       let analysisstart = Unix.gettimeofday () in

CodeHawk/CHB/bchlib/bCHBCTypeUtil.ml

@@ -6,7 +6,7 @@
 
    Copyright (c) 2005-2019 Kestrel Technology LLC
    Copyright (c) 2020      Henny B. Sipma
-   Copyright (c) 2021-2024 Aarno Labs LLC
+   Copyright (c) 2021-2025 Aarno Labs LLC
 
    Permission is hereby granted, free of charge, to any person obtaining a copy
    of this software and associated documentation files (the "Software"), to deal
@@ -148,6 +148,48 @@ let t_vararg_function (returntype:btype_t) (args:bfunarg_t list) =
 let t_function_anon (returntype:btype_t) =
   TFun (returntype, None, false, [])
 
+(* =========================================================== string -> type *)
+
+let convert_string_to_type (name: string): btype_t traceresult =
+  match name with
+  | "char" -> Ok (TInt (IChar, []))
+  | "signed char" -> Ok (TInt (ISChar, []))
+  | "unsigned char" -> Ok (TInt (IUChar, []))
+  | "wchar_t" -> Ok (TInt (IWChar, []))
+  | "bool" -> Ok (TInt (IBool, []))
+  | "int" -> Ok (TInt (IInt, []))
+  | "unsigned int" -> Ok (TInt (IUInt, []))
+  | "short" -> Ok (TInt (IShort, []))
+  | "unsigned short" -> Ok (TInt (IUShort, []))
+  | "long" -> Ok (TInt (ILong, []))
+  | "unsigned long" -> Ok (TInt (IULong, []))
+  | "long long" -> Ok (TInt (ILongLong, []))
+  | "unsigned long long" -> Ok (TInt (IULongLong, []))
+  | "int8_t" -> Ok (TInt (ISChar, []))
+  | "uint8_t" -> Ok (TInt (IUChar, []))
+  | "int16_t" -> Ok (TInt (IShort, []))
+  | "uint16_t" -> Ok (TInt (IUShort, []))
+  | "int32_t" -> Ok (TInt (IInt, []))
+  | "uint32_t" -> Ok (TInt (IUInt, []))
+  | "int64_t" -> Ok (TInt (ILongLong, []))
+  | "uint64_t" -> Ok (TInt (IULongLong, []))
+  | "int128_t" -> Ok (TInt (IInt128, []))
+  | "uint128_t" -> Ok (TInt (IUInt128, []))
+  | "float" -> Ok (TFloat (FFloat, FScalar, []))
+  | "double" -> Ok (TFloat (FDouble, FScalar, []))
+  | "long double" -> Ok (TFloat (FLongDouble, FScalar, []))
+  | "complex" -> Ok (TFloat (FComplexFloat, FScalar, []))
+  | "double complex" -> Ok (TFloat (FComplexDouble, FScalar, []))
+  | "long double complex" -> Ok (TFloat (FComplexLongDouble, FScalar, []))
+  | "void" -> Ok (TVoid [])
+  | _ ->
+     if bcfiles#has_typedef name then
+       Ok (bcfiles#get_typedef name)
+     else
+       Error [
+           __FILE__ ^ ":" ^ (string_of_int __LINE__) ^ ": "
+         ^ "unable to convert type name " ^ name]
+
 (* =============================================================== attributes *)
 
 let get_attributes (t: btype_t): b_attributes_t =
@@ -1109,6 +1151,17 @@ let get_struct_field_at_offset
          end
 
 
+let is_sub_struct (ckey1: int) (ckey2: int) =
+  let cinfo2 = get_compinfo_by_key ckey2 in
+  let field0 = get_struct_field_at_offset cinfo2 0 in
+  match field0 with
+  | Some (bfinfo, 0) ->
+     (match bfinfo.bftype with
+      | TComp (i, _) -> ckey1 = i
+      | _ -> false)
+  | _ -> false
+
+
 let rec get_compinfo_scalar_type_at_offset
           (cinfo: bcompinfo_t) (offset: int): btype_t option =
   let finfos = cinfo.bcfields in

CodeHawk/CHB/bchlib/bCHBCTypeUtil.mli

@@ -6,7 +6,7 @@
 
    Copyright (c) 2005-2019 Kestrel Technology LLC
    Copyright (c) 2020      Henny B. Sipma
-   Copyright (c) 2021-2024 Aarno Labs LLC
+   Copyright (c) 2021-2025 Aarno Labs LLC
 
    Permission is hereby granted, free of charge, to any person obtaining a copy
    of this software and associated documentation files (the "Software"), to deal
@@ -126,6 +126,17 @@ val t_vararg_function: btype_t -> bfunarg_t list -> btype_t
 val t_function_anon: btype_t -> btype_t        (* arguments not known *)
 
 
+(** {1 Types from strings} *)
+
+(** [convert_string_to_type name] attempts to convert [name] into a [btype_t].
+    Valid names include the standard names for the integer and float types,
+    as well as typedef names.
+
+    If [name] is not a standard type name or typedef name, an Error is returned.
+ *)
+val convert_string_to_type: string -> btype_t traceresult
+
+
 (** {1 Type predicates}*)
 
 val is_void: btype_t -> bool
@@ -256,6 +267,10 @@ val get_compinfo_scalar_type_at_offset: bcompinfo_t -> int -> btype_t option
 
 val get_compinfo_by_key: int -> bcompinfo_t
 
+(** [is_sub_struct ckey1 ckey2] returns [true] if the first field (at offset 0)
+    of the struct with key [ckey2] is a struct with key [ckey1].*)
+val is_sub_struct: int -> int -> bool
+
 
 (** {2 Fieldinfos}*)
 

CodeHawk/CHB/bchlib/bCHFloc.ml

@@ -639,13 +639,45 @@ object (self)
            (var: variable_t)
            (numoffset: numerical_t): variable_t traceresult =
     let inv = self#inv in
+    let mk_memvar memref_r memoffset_r =
+      TR.tbind
+        ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
+        (fun memref ->
+          if memref#is_global_reference then
+            TR.tbind
+              ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__)
+                    ^ ": memref:global")
+              (fun memoff ->
+                TR.tbind
+                  ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
+                  self#env#mk_global_variable
+                     (get_total_constant_offset memoff))
+              memoffset_r
+          else
+            TR.tmap
+              ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
+              (fun memoff ->
+                (self#env#mk_offset_memory_variable memref memoff))
+              memoffset_r)
+        memref_r in
+
     if inv#is_base_offset_constant var then
       let (base, offset) = inv#get_base_offset_constant var in
       let memoffset = numoffset#add offset in
-      TR.tmap
-        ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
-        (fun memref -> self#env#mk_memory_variable ~size memref memoffset)
-        (self#env#mk_base_sym_reference base)
+      let memref_r = self#env#mk_base_sym_reference base in
+      let memoff_r =
+        TR.tbind
+          ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
+          (fun basevar ->
+            let optbasetype = self#env#get_variable_type basevar in
+            let basetype =
+              match optbasetype with
+              | Some t when is_pointer t -> ptr_deref t
+              | _ -> t_unknown in
+            address_memory_offset basetype (num_constant_expr memoffset))
+          (self#env#get_variable base#getSeqNumber) in
+      mk_memvar memref_r memoff_r
+
     else
       let varx =
         if align > 1 then
@@ -670,27 +702,7 @@ object (self)
                   ^ ")"]
       | _ ->
          let (memref_r, memoffset_r) = self#decompose_memaddr address in
-         TR.tbind
-           ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
-           (fun memref ->
-             if memref#is_global_reference then
-               TR.tbind
-                 ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__)
-                       ^ ": memref:global")
-                 (fun memoff ->
-                   TR.tbind
-                     self#env#mk_global_variable
-                     (get_total_constant_offset memoff))
-                 memoffset_r
-             else
-               TR.tbind
-                 ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
-                 (fun memoff ->
-                   TR.tmap
-                     (self#env#mk_memory_variable memref)
-                     (get_total_constant_offset memoff))
-                 memoffset_r)
-           memref_r
+         mk_memvar memref_r memoffset_r
 
   method get_memory_variable_1
            ?(align=1)    (* alignment of var value *)
@@ -753,6 +765,7 @@ object (self)
                  (fun v -> v)
                  (default ())
                  (TR.tbind
+                    ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
                     self#env#mk_global_variable
                     (get_total_constant_offset memoffset))
              else
@@ -797,6 +810,7 @@ object (self)
             ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
             (fun memoff ->
               TR.tmap
+                ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
                 (self#env#mk_memory_variable memref)
                 (get_total_constant_offset memoff))
             memoff_r)
@@ -849,6 +863,7 @@ object (self)
             ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__) ^ ": memref:global")
             (fun memoff ->
               TR.tbind
+                ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
                 (self#env#mk_global_variable ~size)
                 (get_total_constant_offset memoff))
             memoff_r
@@ -857,6 +872,7 @@ object (self)
             ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
             (fun memoff ->
               TR.tmap
+                ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
                 (self#env#mk_memory_variable memref)
                 (get_total_constant_offset memoff))
             memoff_r)
@@ -893,6 +909,7 @@ object (self)
           (fun v -> v)
           (default ())
           (TR.tbind
+             ~msg:(__FILE__ ^ ":" ^ (string_of_int __LINE__))
              self#env#mk_global_variable
              (get_total_constant_offset memoffset))
       else
@@ -1254,7 +1271,10 @@ object (self)
     | [base] ->
        let offset = simplify_xpr (XOp (XMinus, [x; XVar base])) in
        let memref_r = self#env#mk_base_variable_reference base in
-       let memoff_r =
+       let vartype = self#f#env#get_variable_type base in
+       let vartype = match vartype with None -> t_unknown | Some t -> t in
+       let memoff_r = address_memory_offset vartype offset in
+       (*
          (match offset with
           | XConst (IntConst n) -> Ok (ConstantOffset (n, NoOffset))
           | XOp (XMult, [XConst (IntConst n); XVar v]) ->
@@ -1263,7 +1283,7 @@ object (self)
              Error [__FILE__ ^ ":" ^ (string_of_int __LINE__) ^ ": "
                     ^ "Offset from base "
                     ^ (x2s (XVar base))
-                    ^ " not recognized: " ^ (x2s offset)]) in
+                    ^ " not recognized: " ^ (x2s offset)]) in *)
        (memref_r, memoff_r)
 
     (* no known pointers, have to find a base *)
@@ -1681,7 +1701,31 @@ object (self)
        let reqN () = self#env#mk_num_temp in
        let reqC = self#env#request_num_constant in
        let (rhscmds, rhs_c) = xpr_to_numexpr reqN reqC rhs in
-       rhscmds @ [ASSIGN_NUM (lhs, rhs_c)]
+       let cmds = rhscmds @ [ASSIGN_NUM (lhs, rhs_c)] in
+       let fndata = self#f#get_function_data in
+       match fndata#get_regvar_intro self#ia with
+       | Some rvi when rvi.rvi_cast && Option.is_some rvi.rvi_vartype ->
+          TR.tfold
+            ~ok:(fun reg ->
+              let ty = Option.get rvi.rvi_vartype in
+              let tcvar =
+                self#f#env#mk_typecast_value self#cia rvi.rvi_name ty reg in
+              begin
+                log_result __FILE__ __LINE__
+                  ["Create typecast var for "
+                   ^ (register_to_string reg)
+                   ^ " at "
+                   ^ self#cia];
+                cmds @ [ASSIGN_NUM (lhs, NUM_VAR tcvar)]
+              end)
+            ~error:(fun e ->
+              begin
+                log_error_result __FILE__ __LINE__
+                  ("expected a register variable" :: e);
+                cmds
+              end)
+            (self#f#env#get_register lhs)
+       | _ -> cmds
 
    (* Note: recording of loads and stores is performed by the different
       architectures directly in FnXXXDictionary.*)