miasm
Reverse engineering framework
Functions
miasm.expression.simplifications_common Namespace Reference

Functions

def simp_cst_propagation (e_s, expr)
 
def simp_cond_op_int (_, expr)
 
def simp_cond_factor (e_s, expr)
 
def simp_slice (e_s, expr)
 
def simp_compose (e_s, expr)
 
def simp_cond (_, expr)
 
def simp_mem (_, expr)
 
def test_cc_eq_args (expr, *sons_op)
 
def simp_cc_conds (_, expr)
 
def simp_cond_flag (_, expr)
 
def simp_sub_cf_zero (_, expr)
 
def simp_cond_cc_flag (expr_simp, expr)
 
def simp_cmp_int (expr_simp, expr)
 
def simp_cmp_int_arg (_, expr)
 
def simp_cmp_bijective_op (expr_simp, expr)
 
def simp_subwc_cf (_, expr)
 
def simp_subwc_of (_, expr)
 
def simp_sign_subwc_cf (_, expr)
 
def simp_double_zeroext (_, expr)
 
def simp_double_signext (_, expr)
 
def simp_zeroext_eq_cst (_, expr)
 
def simp_cond_zeroext (_, expr)
 
def simp_ext_eq_ext (_, expr)
 
def simp_cond_eq_zero (_, expr)
 
def simp_sign_inf_zeroext (expr_s, expr)
 
def simp_zeroext_and_cst_eq_cst (expr_s, expr)
 
def test_one_bit_set (arg)
 
def simp_x_and_cst_eq_cst (_, expr)
 
def simp_cmp_int_int (_, expr)
 
def simp_ext_cst (_, expr)
 
def simp_ext_cond_int (e_s, expr)
 
def simp_slice_of_ext (_, expr)
 
def simp_slice_of_op_ext (expr_s, expr)
 
def simp_cond_logic_ext (expr_s, expr)
 
def simp_cond_sign_bit (_, expr)
 
def simp_cond_add (expr_s, expr)
 
def simp_cond_eq_1_0 (expr_s, expr)
 
def simp_cond_inf_eq_unsigned_zero (expr_s, expr)
 
def simp_test_signext_inf (expr_s, expr)
 
def simp_test_zeroext_inf (expr_s, expr)
 
def simp_add_multiple (_, expr)
 
def simp_compose_and_mask (_, expr)
 
def simp_bcdadd_cf (_, expr)
 
def simp_bcdadd (_, expr)
 

Function Documentation

◆ simp_add_multiple()

def miasm.expression.simplifications_common.simp_add_multiple (   _,
  expr 
) 
X + X => 2 * X
X + X * int1 => X * (1 + int1)
X * int1 + (- X) => X * (int1 - 1)
X + (X << int1) => X * (1 + 2 ** int1)
Correct even if addition overflow/underflow

◆ simp_bcdadd()

def miasm.expression.simplifications_common.simp_bcdadd (   _,
  expr 
) 
bcdadd(const, const) => decimal

◆ simp_bcdadd_cf()

def miasm.expression.simplifications_common.simp_bcdadd_cf (   _,
  expr 
) 
bcdadd(const, const) => decimal

◆ simp_cc_conds()

def miasm.expression.simplifications_common.simp_cc_conds (   _,
  expr 
) 
High level simplifications. Example:
CC_U<(FLAG_SUB_CF(A, B) => A <u B
Here is the call graph for this function:

◆ simp_cmp_bijective_op()

def miasm.expression.simplifications_common.simp_cmp_bijective_op (   expr_simp,
  expr 
) 
A + B == A => A == 0

X + A == X + B => A == B
X ^ A == X ^ B => A == B

TODO:
3 * A + B == A + C => 2 * A + B == C

◆ simp_cmp_int()

def miasm.expression.simplifications_common.simp_cmp_int (   expr_simp,
  expr 
) 
({X, 0} == int) => X == int[:]
X + int1 == int2 => X == int2-int1
X ^ int1 == int2 => X == int1^int2

◆ simp_cmp_int_arg()

def miasm.expression.simplifications_common.simp_cmp_int_arg (   _,
  expr 
) 
(0x10 <= R0) ? A:B
=>
(R0 < 0x10) ? B:A

◆ simp_cmp_int_int()

def miasm.expression.simplifications_common.simp_cmp_int_int (   _,
  expr 
) 
IntA <s IntB => int
IntA <u IntB => int
IntA <=s IntB => int
IntA <=u IntB => int
IntA == IntB => int

◆ simp_compose()

def miasm.expression.simplifications_common.simp_compose (   e_s,
  expr 
)
Here is the call graph for this function:

◆ simp_compose_and_mask()

def miasm.expression.simplifications_common.simp_compose_and_mask (   _,
  expr 
) 
{X 0 8, Y 8 32} & 0xFF => zeroExt(X)
{X 0 8, Y 8 16, Z 16 32} & 0xFFFF => {X 0 8, Y 8 16, 0x0 16 32}
{X 0 8, 0x123456 8 32} & 0xFFFFFF => {X 0 8, 0x1234 8 24, 0x0 24 32}

◆ simp_cond()

def miasm.expression.simplifications_common.simp_cond (   _,
  expr 
) 
Common simplifications on ExprCond.
Eval exprcond src1/src2 with satifiable/unsatisfiable condition propagation

◆ simp_cond_add()

def miasm.expression.simplifications_common.simp_cond_add (   expr_s,
  expr 
) 
(a+b)?X:Y => (a == b)?Y:X
(a^b)?X:Y => (a == b)?Y:X

◆ simp_cond_cc_flag()

def miasm.expression.simplifications_common.simp_cond_cc_flag (   expr_simp,
  expr 
) 
ExprCond(CC_><(bit), X, Y) => ExprCond(bit, X, Y)
ExprCond(CC_U>=(bit), X, Y) => ExprCond(bit, Y, X)

◆ simp_cond_eq_1_0()

def miasm.expression.simplifications_common.simp_cond_eq_1_0 (   expr_s,
  expr 
) 
(a == b)?ExprInt(1, 1):ExprInt(0, 1) => a == b
(a <s b)?ExprInt(1, 1):ExprInt(0, 1) => a == b
...

◆ simp_cond_eq_zero()

def miasm.expression.simplifications_common.simp_cond_eq_zero (   _,
  expr 
) 
(X == 0)?(A:B) => X?(B:A)

◆ simp_cond_factor()

def miasm.expression.simplifications_common.simp_cond_factor (   e_s,
  expr 
)

◆ simp_cond_flag()

def miasm.expression.simplifications_common.simp_cond_flag (   _,
  expr 
) 
FLAG_EQ_CMP(X, Y)?A:B => (X == Y)?A:B

◆ simp_cond_inf_eq_unsigned_zero()

def miasm.expression.simplifications_common.simp_cond_inf_eq_unsigned_zero (   expr_s,
  expr 
) 
(a <=u 0) => a == 0

◆ simp_cond_logic_ext()

def miasm.expression.simplifications_common.simp_cond_logic_ext (   expr_s,
  expr 
) 
(X.zeroExt() + ... + Int) ? A:B => X + ... + int[:] ? A:B

◆ simp_cond_op_int()

def miasm.expression.simplifications_common.simp_cond_op_int (   _,
  expr 
)
Here is the call graph for this function:

◆ simp_cond_sign_bit()

def miasm.expression.simplifications_common.simp_cond_sign_bit (   _,
  expr 
) 
(a & .. & 0x80000000) ? A:B => (a & ...) <s 0 ? A:B

◆ simp_cond_zeroext()

def miasm.expression.simplifications_common.simp_cond_zeroext (   _,
  expr 
) 
X.zeroExt()?(A:B) => X ? A:B
X.signExt()?(A:B) => X ? A:B

◆ simp_cst_propagation()

def miasm.expression.simplifications_common.simp_cst_propagation (   e_s,
  expr 
) 
This passe includes:
 - Constant folding
 - Common logical identities
 - Common binary identities

◆ simp_double_signext()

def miasm.expression.simplifications_common.simp_double_signext (   _,
  expr 
) 
A.signExt(X).signExt(Y) => A.signExt(Y)

◆ simp_double_zeroext()

def miasm.expression.simplifications_common.simp_double_zeroext (   _,
  expr 
) 
A.zeroExt(X).zeroExt(Y) => A.zeroExt(Y)

◆ simp_ext_cond_int()

def miasm.expression.simplifications_common.simp_ext_cond_int (   e_s,
  expr 
) 
zeroExt(ExprCond(X, Int, Int)) => ExprCond(X, Int, Int)

◆ simp_ext_cst()

def miasm.expression.simplifications_common.simp_ext_cst (   _,
  expr 
) 
Int.zeroExt(X) => Int
Int.signExt(X) => Int

◆ simp_ext_eq_ext()

def miasm.expression.simplifications_common.simp_ext_eq_ext (   _,
  expr 
) 
A.zeroExt(X) == B.zeroExt(X) => A == B
A.signExt(X) == B.signExt(X) => A == B

◆ simp_mem()

def miasm.expression.simplifications_common.simp_mem (   _,
  expr 
) 
Common simplifications on ExprMem:
@32[x?a:b] => x?@32[a]:@32[b]

◆ simp_sign_inf_zeroext()

def miasm.expression.simplifications_common.simp_sign_inf_zeroext (   expr_s,
  expr 
) 
/!\ Ensure before: X.zeroExt(X.size) => X

X.zeroExt() <s 0 => 0
X.zeroExt() <=s 0 => X == 0

X.zeroExt() <s cst => X.zeroExt() <u cst (cst positive)
X.zeroExt() <=s cst => X.zeroExt() <=u cst (cst positive)

X.zeroExt() <s cst => 0 (cst negative)
X.zeroExt() <=s cst => 0 (cst negative)

◆ simp_sign_subwc_cf()

def miasm.expression.simplifications_common.simp_sign_subwc_cf (   _,
  expr 
) 
SIGN_SUBWC(A, B, SUB_CF(C, D)) => SIGN_SUB({A, C}, {B, D})

◆ simp_slice()

def miasm.expression.simplifications_common.simp_slice (   e_s,
  expr 
)

◆ simp_slice_of_ext()

def miasm.expression.simplifications_common.simp_slice_of_ext (   _,
  expr 
) 
C.zeroExt(X)[A:B] => 0 if A >= size(C)
C.zeroExt(X)[A:B] => C[A:B] if B <= size(C)
A.zeroExt(X)[0:Y] => A.zeroExt(Y)

◆ simp_slice_of_op_ext()

def miasm.expression.simplifications_common.simp_slice_of_op_ext (   expr_s,
  expr 
) 
(X.zeroExt() + {Z, } + ... + Int)[0:8] => X + ... + int[:]
(X.zeroExt() | ... | Int)[0:8] => X | ... | int[:]
...

◆ simp_sub_cf_zero()

def miasm.expression.simplifications_common.simp_sub_cf_zero (   _,
  expr 
) 
FLAG_SUB_CF(0, X) => (X)?1:0

◆ simp_subwc_cf()

def miasm.expression.simplifications_common.simp_subwc_cf (   _,
  expr 
) 
SUBWC_CF(A, B, SUB_CF(C, D)) => SUB_CF({A, C}, {B, D})

◆ simp_subwc_of()

def miasm.expression.simplifications_common.simp_subwc_of (   _,
  expr 
) 
SUBWC_OF(A, B, SUB_CF(C, D)) => SUB_OF({A, C}, {B, D})

◆ simp_test_signext_inf()

def miasm.expression.simplifications_common.simp_test_signext_inf (   expr_s,
  expr 
) 
A.signExt() <s int => A <s int[:]

◆ simp_test_zeroext_inf()

def miasm.expression.simplifications_common.simp_test_zeroext_inf (   expr_s,
  expr 
) 
A.zeroExt() <u int => A <u int[:]

◆ simp_x_and_cst_eq_cst()

def miasm.expression.simplifications_common.simp_x_and_cst_eq_cst (   _,
  expr 
) 
(x & ... & onebitmask == onebitmask) ? A:B => (x & ... & onebitmask) ? A:B
Here is the call graph for this function:

◆ simp_zeroext_and_cst_eq_cst()

def miasm.expression.simplifications_common.simp_zeroext_and_cst_eq_cst (   expr_s,
  expr 
) 
A.zeroExt(X) & ... & int == int => A & ... & int[:A.size] == int[:A.size]

◆ simp_zeroext_eq_cst()

def miasm.expression.simplifications_common.simp_zeroext_eq_cst (   _,
  expr 
) 
A.zeroExt(X) == int => A == int[:A.size]

◆ test_cc_eq_args()

def miasm.expression.simplifications_common.test_cc_eq_args (   expr,
sons_op 
) 
Return True if expression's arguments match the list in sons_op, and their
sub arguments are identical. Ex:
CC_S<=(
          FLAG_SIGN_SUB(A, B),
          FLAG_SUB_OF(A, B),
          FLAG_EQ_CMP(A, B)
)
Here is the caller graph for this function:

◆ test_one_bit_set()

def miasm.expression.simplifications_common.test_one_bit_set (   arg) 
Return True if arg has form 1 << X
Here is the caller graph for this function: