jump_tables

This module defines common relations for jump tables.

jump_table_candidate(EA:address, DataEA:address, DataSize:unsigned, TargetEA:address)

A candidate entry in a jump table (may contain absolute or relative addresses)

Calculated prior to code inference.

Attributes:

EA: The address of the instruction from which the jump occurs.
DataEA: The address at which the actual data entry of the jump table resides.
DataSize: The size of the jump table entry
TargetEA: The target of the jump.

Recursive: data_block_candidate, reg_def_use.used, arm_jump_table_skip_first_entry, reg_def_use.last_def_in_block, code_in_block_candidate, block_limit, unresolved_interval_order, candidate_block_is_padding, may_fallthrough, must_fallthrough, split_load_operand, no_return_call, relative_jump_table_entry_candidate, initialized_data_segment, inferred_main_dispatch, reg_def_use.live_var_at_prior_used, resolved_reaches, got_relative_operand, arm_jump_table_data_block_limit, __agg_subclause7, jump_table_target, symbolic_expr_from_relocation, __agg_subclause3, jump_table_element_access, adjusts_stack_in_block, data_in_code_propagate, stack_def_use.live_var_at_prior_used, reg_def_use.live_var_used, jump_table_max, composite_data_access, split_load_for_symbolization, arm_jump_table_candidate, next_start, init_symbol_minus_symbol_candidate_arm, arm_jump_table_block_start, padding_block_limit, next_block_in_byte_interval, __agg_single2, block_candidate_dependency_edge, wis_has_prior, stack_def_use.live_var_used, stack_def_use.live_var_at_block_end, __agg_subclause2, reg_def_use.ambiguous_block_last_def, reg_def_use.live_var_def, litpool_boundaries, __agg_single6, reg_def_use.return_val_used, block_overlap, block, block_total_points, value_reg, adrp_used, tls_get_addr, indexed_pc_relative_load, block_heuristic, relative_address, stack_def_use.def_used, split_load_candidate, base_relative_operation, symbol_minus_symbol_litpool_access_pattern, arm_jump_table_block_instruction, litpool_ref, litpool_confidence, reg_def_use.ref_in_block, block_last_instruction, contains_plausible_instr_seq, flags_and_jump_pair, segment_target_range, compare_and_jump_indirect, split_load, call_tls_get_addr, relocation_adjustment, indefinite_litpool_ref, stack_def_use.live_var_def, split_load_total_points, padding_block_candidate, value_reg_edge, block_implies_block, contains_implausible_instr_seq, simple_data_access_pattern, plt_entry, reg_def_use.ambiguous_last_def_in_block, basic_target, unresolved_block_overlap, inferred_main_in_reg, common_tail, cmp_reg_to_reg, data_in_code, const_value_reg_used, reg_def_use.block_last_def, wis_schedule_iter, no_value_reg_limit, is_padding, code_in_block_candidate_refined, invalid, reg_def_use.used_in_block, indexed_pc_relative_load_relative, reg_has_got, data_block_limit, reg_def_use.flow_def, split_load_conflict, possible_target, block_points_proportional, block_instruction_next, transition_block_limit, impossible_block, code_in_block, straight_line_def_used, correlated_live_reg, start_function, compare_and_jump_immediate, first_block_in_byte_interval, data_access, block_points, data_segment, arch.extend_load, compare_and_jump_indirect_op_valid, unlikely_have_symbolic_immediate, block_candidate_boundaries, possible_target_from, last_value_reg_limit, stack_def_use.defined_in_block, relative_address_start, function_inference.function_entry_initial, wis_schedule, reg_def_use.def_used, arch.simple_data_load, after_end, compare_and_jump_register, hi_load_prop, cinf_ldr_add_pc, known_block, self_contained_segment, stack_base_reg_move, stack_def_use.used_in_block, instruction_memory_access_size, reg_def_use.live_var_at_block_end, jump_table_start, arm_jump_table_cmp_limit, jump_table_signed, value_reg_unsupported, __agg_single3, stack_def_use.ref_in_block, wis_prior, split_load_point, unresolved_block, likely_fallthrough, negative_block_heuristic, base_relative_jump, init_ldr_add_pc, no_return_block, stack_def_use.live_var_used_in_block, arm_jump_table_candidate_start, straight_line_last_def, invalid_jump_table_candidate, reg_def_use.return_block_end, plt_block, overlap_with_litpool, gp_relative_operand, no_return_call_refined, reg_reg_arithmetic_operation_defs, incomplete_block, value_reg_limit, arch.reg_relative_load, __agg_subclause6, no_return_call_propagated, discarded_split_load, def_used_for_address, inter_procedural_edge, cmp_defines, arm_jump_table_data_block, litpool_symbolic_operand, block_next, jump_table_candidate_refined, jump_table_candidate, reg_used_for, discarded_block, base_relative_operand, branch_to_calculated_pc_rel_addr, next_end, nop_in_padding_candidate, jump_table_prelude, relocation_adjustment_total, next_type, stack_def_use.block_last_def, reg_has_base_image, unresolved_interval, stack_def_use.last_def_in_block, candidate_block_is_not_padding, reg_def_use.defined_in_block, wis_memo, overlapping_instruction, tls_desc_call, block_boundaries

invalid_jump_table_candidate(DataEA:address, DataSize:unsigned)

A jump table data entry is overlapped by code

Uses: arch.instruction_at, instruction, max_instruction_size

Recursive: data_block_candidate, reg_def_use.used, arm_jump_table_skip_first_entry, reg_def_use.last_def_in_block, code_in_block_candidate, block_limit, unresolved_interval_order, candidate_block_is_padding, may_fallthrough, must_fallthrough, split_load_operand, no_return_call, relative_jump_table_entry_candidate, initialized_data_segment, inferred_main_dispatch, reg_def_use.live_var_at_prior_used, resolved_reaches, got_relative_operand, arm_jump_table_data_block_limit, __agg_subclause7, jump_table_target, symbolic_expr_from_relocation, __agg_subclause3, jump_table_element_access, adjusts_stack_in_block, data_in_code_propagate, stack_def_use.live_var_at_prior_used, reg_def_use.live_var_used, jump_table_max, composite_data_access, split_load_for_symbolization, arm_jump_table_candidate, next_start, init_symbol_minus_symbol_candidate_arm, arm_jump_table_block_start, padding_block_limit, next_block_in_byte_interval, __agg_single2, block_candidate_dependency_edge, wis_has_prior, stack_def_use.live_var_used, stack_def_use.live_var_at_block_end, __agg_subclause2, reg_def_use.ambiguous_block_last_def, reg_def_use.live_var_def, litpool_boundaries, __agg_single6, reg_def_use.return_val_used, block_overlap, block, block_total_points, value_reg, adrp_used, tls_get_addr, indexed_pc_relative_load, block_heuristic, relative_address, stack_def_use.def_used, split_load_candidate, base_relative_operation, symbol_minus_symbol_litpool_access_pattern, arm_jump_table_block_instruction, litpool_ref, litpool_confidence, reg_def_use.ref_in_block, block_last_instruction, contains_plausible_instr_seq, flags_and_jump_pair, segment_target_range, compare_and_jump_indirect, split_load, call_tls_get_addr, relocation_adjustment, indefinite_litpool_ref, stack_def_use.live_var_def, split_load_total_points, padding_block_candidate, value_reg_edge, block_implies_block, contains_implausible_instr_seq, simple_data_access_pattern, plt_entry, reg_def_use.ambiguous_last_def_in_block, basic_target, unresolved_block_overlap, inferred_main_in_reg, common_tail, cmp_reg_to_reg, data_in_code, const_value_reg_used, reg_def_use.block_last_def, wis_schedule_iter, no_value_reg_limit, is_padding, code_in_block_candidate_refined, invalid, reg_def_use.used_in_block, indexed_pc_relative_load_relative, reg_has_got, data_block_limit, reg_def_use.flow_def, split_load_conflict, possible_target, block_points_proportional, block_instruction_next, transition_block_limit, impossible_block, code_in_block, straight_line_def_used, correlated_live_reg, start_function, compare_and_jump_immediate, first_block_in_byte_interval, data_access, block_points, data_segment, arch.extend_load, compare_and_jump_indirect_op_valid, unlikely_have_symbolic_immediate, block_candidate_boundaries, possible_target_from, last_value_reg_limit, stack_def_use.defined_in_block, relative_address_start, function_inference.function_entry_initial, wis_schedule, reg_def_use.def_used, arch.simple_data_load, after_end, compare_and_jump_register, hi_load_prop, cinf_ldr_add_pc, known_block, self_contained_segment, stack_base_reg_move, stack_def_use.used_in_block, instruction_memory_access_size, reg_def_use.live_var_at_block_end, jump_table_start, arm_jump_table_cmp_limit, jump_table_signed, value_reg_unsupported, __agg_single3, stack_def_use.ref_in_block, wis_prior, split_load_point, unresolved_block, likely_fallthrough, negative_block_heuristic, base_relative_jump, init_ldr_add_pc, no_return_block, stack_def_use.live_var_used_in_block, arm_jump_table_candidate_start, straight_line_last_def, invalid_jump_table_candidate, reg_def_use.return_block_end, plt_block, overlap_with_litpool, gp_relative_operand, no_return_call_refined, reg_reg_arithmetic_operation_defs, incomplete_block, value_reg_limit, arch.reg_relative_load, __agg_subclause6, no_return_call_propagated, discarded_split_load, def_used_for_address, inter_procedural_edge, cmp_defines, arm_jump_table_data_block, litpool_symbolic_operand, block_next, jump_table_candidate_refined, jump_table_candidate, reg_used_for, discarded_block, base_relative_operand, branch_to_calculated_pc_rel_addr, next_end, nop_in_padding_candidate, jump_table_prelude, relocation_adjustment_total, next_type, stack_def_use.block_last_def, reg_has_base_image, unresolved_interval, stack_def_use.last_def_in_block, candidate_block_is_not_padding, reg_def_use.defined_in_block, wis_memo, overlapping_instruction, tls_desc_call, block_boundaries

jump_table_candidate_refined(EA:address, DataEA:address, TargetEA:address)

Subset of jump_table_candidate that appears to be valid after code inference.

Attributes:

EA: The address of the instruction from which the jump occurs.
DataEA: The address at which the actual data entry of the jump table resides.
TargetEA: The target of the jump.

Used by: block_needs_splitting_at, resolved_transfer

Recursive: data_block_candidate, reg_def_use.used, arm_jump_table_skip_first_entry, reg_def_use.last_def_in_block, code_in_block_candidate, block_limit, unresolved_interval_order, candidate_block_is_padding, may_fallthrough, must_fallthrough, split_load_operand, no_return_call, relative_jump_table_entry_candidate, initialized_data_segment, inferred_main_dispatch, reg_def_use.live_var_at_prior_used, resolved_reaches, got_relative_operand, arm_jump_table_data_block_limit, __agg_subclause7, jump_table_target, symbolic_expr_from_relocation, __agg_subclause3, jump_table_element_access, adjusts_stack_in_block, data_in_code_propagate, stack_def_use.live_var_at_prior_used, reg_def_use.live_var_used, jump_table_max, composite_data_access, split_load_for_symbolization, arm_jump_table_candidate, next_start, init_symbol_minus_symbol_candidate_arm, arm_jump_table_block_start, padding_block_limit, next_block_in_byte_interval, __agg_single2, block_candidate_dependency_edge, wis_has_prior, stack_def_use.live_var_used, stack_def_use.live_var_at_block_end, __agg_subclause2, reg_def_use.ambiguous_block_last_def, reg_def_use.live_var_def, litpool_boundaries, __agg_single6, reg_def_use.return_val_used, block_overlap, block, block_total_points, value_reg, adrp_used, tls_get_addr, indexed_pc_relative_load, block_heuristic, relative_address, stack_def_use.def_used, split_load_candidate, base_relative_operation, symbol_minus_symbol_litpool_access_pattern, arm_jump_table_block_instruction, litpool_ref, litpool_confidence, reg_def_use.ref_in_block, block_last_instruction, contains_plausible_instr_seq, flags_and_jump_pair, segment_target_range, compare_and_jump_indirect, split_load, call_tls_get_addr, relocation_adjustment, indefinite_litpool_ref, stack_def_use.live_var_def, split_load_total_points, padding_block_candidate, value_reg_edge, block_implies_block, contains_implausible_instr_seq, simple_data_access_pattern, plt_entry, reg_def_use.ambiguous_last_def_in_block, basic_target, unresolved_block_overlap, inferred_main_in_reg, common_tail, cmp_reg_to_reg, data_in_code, const_value_reg_used, reg_def_use.block_last_def, wis_schedule_iter, no_value_reg_limit, is_padding, code_in_block_candidate_refined, invalid, reg_def_use.used_in_block, indexed_pc_relative_load_relative, reg_has_got, data_block_limit, reg_def_use.flow_def, split_load_conflict, possible_target, block_points_proportional, block_instruction_next, transition_block_limit, impossible_block, code_in_block, straight_line_def_used, correlated_live_reg, start_function, compare_and_jump_immediate, first_block_in_byte_interval, data_access, block_points, data_segment, arch.extend_load, compare_and_jump_indirect_op_valid, unlikely_have_symbolic_immediate, block_candidate_boundaries, possible_target_from, last_value_reg_limit, stack_def_use.defined_in_block, relative_address_start, function_inference.function_entry_initial, wis_schedule, reg_def_use.def_used, arch.simple_data_load, after_end, compare_and_jump_register, hi_load_prop, cinf_ldr_add_pc, known_block, self_contained_segment, stack_base_reg_move, stack_def_use.used_in_block, instruction_memory_access_size, reg_def_use.live_var_at_block_end, jump_table_start, arm_jump_table_cmp_limit, jump_table_signed, value_reg_unsupported, __agg_single3, stack_def_use.ref_in_block, wis_prior, split_load_point, unresolved_block, likely_fallthrough, negative_block_heuristic, base_relative_jump, init_ldr_add_pc, no_return_block, stack_def_use.live_var_used_in_block, arm_jump_table_candidate_start, straight_line_last_def, invalid_jump_table_candidate, reg_def_use.return_block_end, plt_block, overlap_with_litpool, gp_relative_operand, no_return_call_refined, reg_reg_arithmetic_operation_defs, incomplete_block, value_reg_limit, arch.reg_relative_load, __agg_subclause6, no_return_call_propagated, discarded_split_load, def_used_for_address, inter_procedural_edge, cmp_defines, arm_jump_table_data_block, litpool_symbolic_operand, block_next, jump_table_candidate_refined, jump_table_candidate, reg_used_for, discarded_block, base_relative_operand, branch_to_calculated_pc_rel_addr, next_end, nop_in_padding_candidate, jump_table_prelude, relocation_adjustment_total, next_type, stack_def_use.block_last_def, reg_has_base_image, unresolved_interval, stack_def_use.last_def_in_block, candidate_block_is_not_padding, reg_def_use.defined_in_block, wis_memo, overlapping_instruction, tls_desc_call, block_boundaries

jump_table_target(EA:address, Dest:address)

CFG edges formed by jump tables using the best available information during value analysis.

Attributes:

EA: address where the jump occurs
Dest: a potential destintation address

Recursive: data_block_candidate, reg_def_use.used, arm_jump_table_skip_first_entry, reg_def_use.last_def_in_block, code_in_block_candidate, block_limit, unresolved_interval_order, candidate_block_is_padding, may_fallthrough, must_fallthrough, split_load_operand, no_return_call, relative_jump_table_entry_candidate, initialized_data_segment, inferred_main_dispatch, reg_def_use.live_var_at_prior_used, resolved_reaches, got_relative_operand, arm_jump_table_data_block_limit, __agg_subclause7, jump_table_target, symbolic_expr_from_relocation, __agg_subclause3, jump_table_element_access, adjusts_stack_in_block, data_in_code_propagate, stack_def_use.live_var_at_prior_used, reg_def_use.live_var_used, jump_table_max, composite_data_access, split_load_for_symbolization, arm_jump_table_candidate, next_start, init_symbol_minus_symbol_candidate_arm, arm_jump_table_block_start, padding_block_limit, next_block_in_byte_interval, __agg_single2, block_candidate_dependency_edge, wis_has_prior, stack_def_use.live_var_used, stack_def_use.live_var_at_block_end, __agg_subclause2, reg_def_use.ambiguous_block_last_def, reg_def_use.live_var_def, litpool_boundaries, __agg_single6, reg_def_use.return_val_used, block_overlap, block, block_total_points, value_reg, adrp_used, tls_get_addr, indexed_pc_relative_load, block_heuristic, relative_address, stack_def_use.def_used, split_load_candidate, base_relative_operation, symbol_minus_symbol_litpool_access_pattern, arm_jump_table_block_instruction, litpool_ref, litpool_confidence, reg_def_use.ref_in_block, block_last_instruction, contains_plausible_instr_seq, flags_and_jump_pair, segment_target_range, compare_and_jump_indirect, split_load, call_tls_get_addr, relocation_adjustment, indefinite_litpool_ref, stack_def_use.live_var_def, split_load_total_points, padding_block_candidate, value_reg_edge, block_implies_block, contains_implausible_instr_seq, simple_data_access_pattern, plt_entry, reg_def_use.ambiguous_last_def_in_block, basic_target, unresolved_block_overlap, inferred_main_in_reg, common_tail, cmp_reg_to_reg, data_in_code, const_value_reg_used, reg_def_use.block_last_def, wis_schedule_iter, no_value_reg_limit, is_padding, code_in_block_candidate_refined, invalid, reg_def_use.used_in_block, indexed_pc_relative_load_relative, reg_has_got, data_block_limit, reg_def_use.flow_def, split_load_conflict, possible_target, block_points_proportional, block_instruction_next, transition_block_limit, impossible_block, code_in_block, straight_line_def_used, correlated_live_reg, start_function, compare_and_jump_immediate, first_block_in_byte_interval, data_access, block_points, data_segment, arch.extend_load, compare_and_jump_indirect_op_valid, unlikely_have_symbolic_immediate, block_candidate_boundaries, possible_target_from, last_value_reg_limit, stack_def_use.defined_in_block, relative_address_start, function_inference.function_entry_initial, wis_schedule, reg_def_use.def_used, arch.simple_data_load, after_end, compare_and_jump_register, hi_load_prop, cinf_ldr_add_pc, known_block, self_contained_segment, stack_base_reg_move, stack_def_use.used_in_block, instruction_memory_access_size, reg_def_use.live_var_at_block_end, jump_table_start, arm_jump_table_cmp_limit, jump_table_signed, value_reg_unsupported, __agg_single3, stack_def_use.ref_in_block, wis_prior, split_load_point, unresolved_block, likely_fallthrough, negative_block_heuristic, base_relative_jump, init_ldr_add_pc, no_return_block, stack_def_use.live_var_used_in_block, arm_jump_table_candidate_start, straight_line_last_def, invalid_jump_table_candidate, reg_def_use.return_block_end, plt_block, overlap_with_litpool, gp_relative_operand, no_return_call_refined, reg_reg_arithmetic_operation_defs, incomplete_block, value_reg_limit, arch.reg_relative_load, __agg_subclause6, no_return_call_propagated, discarded_split_load, def_used_for_address, inter_procedural_edge, cmp_defines, arm_jump_table_data_block, litpool_symbolic_operand, block_next, jump_table_candidate_refined, jump_table_candidate, reg_used_for, discarded_block, base_relative_operand, branch_to_calculated_pc_rel_addr, next_end, nop_in_padding_candidate, jump_table_prelude, relocation_adjustment_total, next_type, stack_def_use.block_last_def, reg_has_base_image, unresolved_interval, stack_def_use.last_def_in_block, candidate_block_is_not_padding, reg_def_use.defined_in_block, wis_memo, overlapping_instruction, tls_desc_call, block_boundaries