symbols

This module select the symbols to be used in symbolic expressions and declares the predicates needed to infer new symbols.

inferred_symbol(EA:address, SymbolName:symbol, Scope:symbol, Visibility:symbol, Type:symbol, Pos:symbol_position)

A new symbol ‘SymbolName’ at address ‘EA’ should be created.

• Uses: binary_format, tls_segment

• Used by: pointer_to_external_symbol, symbol_at_end

• Recursive: refined_block, data_limit_after_access, moved_pc_relative_candidate, symbolic_expr, symbolic_operand, symbolic_operand_point, data_object, +disconnected6, data_limit, after_address_in_data, discarded_jump_table_entry, moved_data_label, best_func_symbol, inferred_symbol_mips, relative_jump_table_entry, string_candidate_refined, discarded_data_object, +disconnected1, address_array_aux, next_data_limit, preferred_data_access, label_conflict, symbolic_operand_attribute, main_function, block_needs_splitting_at, symbolic_expr_attribute, data_access_limit, boundary_sym_expr, symbolic_expr_symbol_minus_symbol, labeled_data_candidate, string_candidate, data_object_conflict, moved_label_candidate, labeled_ea, data_object_point, jump_table, function_inference.function_entry, +disconnected4, inferred_special_symbol, value_reg_address_before, code_in_split_block, +disconnected2, resolved_transfer, moved_displacement_candidate, symbolic_data, code_pointer_in_data, best_symexpr_symbol, next_address_in_data, symbol_minus_symbol_candidate, symbol_score, inferred_symbol, data_object_candidate, block_needs_merging, symbol_minus_symbol_from_relocation, data_object_total_points, inferred_main_function, symbol_minus_symbol, code_in_refined_block, moved_label, got_reference, split_block, address_array

inferred_special_symbol(EA:address, SymbolName:symbol, Scope:symbol, Visibility:symbol, Type:symbol, Pos:symbol_position)

A special symbol ‘SymbolName’ at address ‘EA’ has been inferred. Special inferred symbols have higher priority than regular inferred symbols.

• Uses: address_in_data, base_address, binary_format, binary_type, bss_section, entry_point, function_symbol, got_reference_pointer, instruction, loaded_section, op_immediate, pc_relative_operand, relocation, start_function, symbol

• Used by: abi_intrinsic

• Recursive: refined_block, data_limit_after_access, moved_pc_relative_candidate, symbolic_expr, symbolic_operand, symbolic_operand_point, data_object, +disconnected6, data_limit, after_address_in_data, discarded_jump_table_entry, moved_data_label, best_func_symbol, inferred_symbol_mips, relative_jump_table_entry, string_candidate_refined, discarded_data_object, +disconnected1, address_array_aux, next_data_limit, preferred_data_access, label_conflict, symbolic_operand_attribute, main_function, block_needs_splitting_at, symbolic_expr_attribute, data_access_limit, boundary_sym_expr, symbolic_expr_symbol_minus_symbol, labeled_data_candidate, string_candidate, data_object_conflict, moved_label_candidate, labeled_ea, data_object_point, jump_table, function_inference.function_entry, +disconnected4, inferred_special_symbol, value_reg_address_before, code_in_split_block, +disconnected2, resolved_transfer, moved_displacement_candidate, symbolic_data, code_pointer_in_data, best_symexpr_symbol, next_address_in_data, symbol_minus_symbol_candidate, symbol_score, inferred_symbol, data_object_candidate, block_needs_merging, symbol_minus_symbol_from_relocation, data_object_total_points, inferred_main_function, symbol_minus_symbol, code_in_refined_block, moved_label, got_reference, split_block, address_array

best_symexpr_symbol(EA:address, SymbolName:symbol, Pos:symbol_position)

Best symbol at address ‘EA’ to be used for symbolic expressions. There can be two variants: If ‘Pos’ is “Beg”, the symbol points to the beginning of a block. If ‘Pos’ is “End”, the symbol points at the end of a block.

• Uses: symbol

• Used by: cfi_directive

• Recursive: refined_block, data_limit_after_access, moved_pc_relative_candidate, symbolic_expr, symbolic_operand, symbolic_operand_point, data_object, +disconnected6, data_limit, after_address_in_data, discarded_jump_table_entry, moved_data_label, best_func_symbol, inferred_symbol_mips, relative_jump_table_entry, string_candidate_refined, discarded_data_object, +disconnected1, address_array_aux, next_data_limit, preferred_data_access, label_conflict, symbolic_operand_attribute, main_function, block_needs_splitting_at, symbolic_expr_attribute, data_access_limit, boundary_sym_expr, symbolic_expr_symbol_minus_symbol, labeled_data_candidate, string_candidate, data_object_conflict, moved_label_candidate, labeled_ea, data_object_point, jump_table, function_inference.function_entry, +disconnected4, inferred_special_symbol, value_reg_address_before, code_in_split_block, +disconnected2, resolved_transfer, moved_displacement_candidate, symbolic_data, code_pointer_in_data, best_symexpr_symbol, next_address_in_data, symbol_minus_symbol_candidate, symbol_score, inferred_symbol, data_object_candidate, block_needs_merging, symbol_minus_symbol_from_relocation, data_object_total_points, inferred_main_function, symbol_minus_symbol, code_in_refined_block, moved_label, got_reference, split_block, address_array

best_func_symbol(EA:address, SymbolName:symbol)

Best function symbol at address ‘EA’.

• Uses: binary_format

• Used by: function_inference.function_entry_name

• Recursive: refined_block, data_limit_after_access, moved_pc_relative_candidate, symbolic_expr, symbolic_operand, symbolic_operand_point, data_object, +disconnected6, data_limit, after_address_in_data, discarded_jump_table_entry, moved_data_label, best_func_symbol, inferred_symbol_mips, relative_jump_table_entry, string_candidate_refined, discarded_data_object, +disconnected1, address_array_aux, next_data_limit, preferred_data_access, label_conflict, symbolic_operand_attribute, main_function, block_needs_splitting_at, symbolic_expr_attribute, data_access_limit, boundary_sym_expr, symbolic_expr_symbol_minus_symbol, labeled_data_candidate, string_candidate, data_object_conflict, moved_label_candidate, labeled_ea, data_object_point, jump_table, function_inference.function_entry, +disconnected4, inferred_special_symbol, value_reg_address_before, code_in_split_block, +disconnected2, resolved_transfer, moved_displacement_candidate, symbolic_data, code_pointer_in_data, best_symexpr_symbol, next_address_in_data, symbol_minus_symbol_candidate, symbol_score, inferred_symbol, data_object_candidate, block_needs_merging, symbol_minus_symbol_from_relocation, data_object_total_points, inferred_main_function, symbol_minus_symbol, code_in_refined_block, moved_label, got_reference, split_block, address_array

symbol_score(EA:address, SymbolName:symbol, Type:symbol, Pos:symbol_position, Score:unsigned)

This predicate is computed to decide which is the best symbol for symbolic expressions or the best function symbol at each address. Each symbol receives a score based on its properties.

• Uses: ambiguous_symbol, avoid_symbols, defined_symbol, relocation, symbol_at_section_end, symbol_scope_score, symbol_type_score, symbol_visibility_score

• Recursive: refined_block, data_limit_after_access, moved_pc_relative_candidate, symbolic_expr, symbolic_operand, symbolic_operand_point, data_object, +disconnected6, data_limit, after_address_in_data, discarded_jump_table_entry, moved_data_label, best_func_symbol, inferred_symbol_mips, relative_jump_table_entry, string_candidate_refined, discarded_data_object, +disconnected1, address_array_aux, next_data_limit, preferred_data_access, label_conflict, symbolic_operand_attribute, main_function, block_needs_splitting_at, symbolic_expr_attribute, data_access_limit, boundary_sym_expr, symbolic_expr_symbol_minus_symbol, labeled_data_candidate, string_candidate, data_object_conflict, moved_label_candidate, labeled_ea, data_object_point, jump_table, function_inference.function_entry, +disconnected4, inferred_special_symbol, value_reg_address_before, code_in_split_block, +disconnected2, resolved_transfer, moved_displacement_candidate, symbolic_data, code_pointer_in_data, best_symexpr_symbol, next_address_in_data, symbol_minus_symbol_candidate, symbol_score, inferred_symbol, data_object_candidate, block_needs_merging, symbol_minus_symbol_from_relocation, data_object_total_points, inferred_main_function, symbol_minus_symbol, code_in_refined_block, moved_label, got_reference, split_block, address_array

symbol_type_score(Type:symbol, Scope:unsigned)

Auxiliary predicate to define symbol_score. Prefer symbols with type different than NOTYPE.

• Uses: symbol

• Used by: symbol_score

symbol_scope_score(Scope:symbol, Score:unsigned)

Auxiliary predicate to define symbol_score

• Uses: symbol

• Used by: symbol_score

symbol_visibility_score(Visibility:symbol, Score:unsigned)

Auxiliary predicate to define symbol_score. Prefer symbols that are not HIDDEN.

• Uses: symbol

• Used by: ifunc_symbol_score, symbol_score

avoid_symbols(SymbolName:symbol)

This predicate records a set of symbols that should not be used in symbolic expressions. These symbols are skipped by the pprinter. TODO: maybe the pprinter could stop skipping these symbols and we could remove them from here.

• Uses: arm_sym, binary_format, data_sym, elf_avoid_symbols, thumb_sym

• Used by: symbol_score

elf_avoid_symbols(SymbolName:symbol)

This predicate records the set of symbols that should not be used in symbolic expressions for ELF binaries

• Used by: avoid_symbols

symbol_at_section_end(EA:address, SymbolName:symbol)

An existing symbol is pointing to the end of a section rather than the beginning of the next section.

• Uses: section, symbol

• Used by: symbol_score

symbol_at_end(EA:address, SymbolName:symbol)

The symbol at address ‘EA’ with name ‘SymbolName’ should point at the end of a block.

• Uses: inferred_symbol, section, symbol

symbol_before_section_beg(EA:address, SymbolName:symbol, NewEA:address)

The symbol at address ‘EA’ with name ‘SymbolName’ is pointing outside its own section and should be moved to ‘NewEA’.

• Uses: section, symbol