symbols

This module select the symbols to be used in symbolic expressions and declares the predicates needed to infer new symbols.

inferred_symbol(EA:address, SymbolName:symbol, Scope:symbol, Visibility:symbol, Type:symbol, Pos:symbol_position)

A new symbol ‘SymbolName’ at address ‘EA’ should be created.

• Uses: best_func_symbol, binary_format, boundary_sym_expr, function_inference.function_entry, inferred_special_symbol, labeled_ea, symbol_score, tls_segment

• Used by: pointer_to_external_symbol, symbol_at_end

inferred_special_symbol(EA:address, SymbolName:symbol, Scope:symbol, Visibility:symbol, Type:symbol, Pos:symbol_position)

A special symbol ‘SymbolName’ at address ‘EA’ has been inferred. Special inferred symbols have higher priority than regular inferred symbols.

• Uses: address_in_data, base_address, binary_format, binary_type, bss_section, entry_point, function_symbol, got_reference_pointer, instruction, loaded_section, op_immediate, pc_relative_operand, relocation, start_function, symbol

• Used by: abi_intrinsic, inferred_symbol

• Recursive: data_object_conflict, labeled_data_candidate, boundary_sym_expr, symbolic_expr_symbol_minus_symbol, data_object, resolved_transfer, function_inference.function_entry, string_candidate, moved_data_label, labeled_ea, value_reg_address_before, code_pointer_in_data, moved_label_candidate, symbolic_operand_point, discarded_jump_table_entry, data_object_total_points, inferred_special_symbol, data_limit, next_data_limit, code_in_refined_block, data_access_limit, symbol_minus_symbol_from_relocation, +disconnected3, moved_displacement_candidate, best_func_symbol, main_function, data_object_point, data_limit_after_access, symbolic_data, string_candidate_refined, preferred_data_access, address_array, symbolic_expr, split_block, refined_block, moved_label, moved_pc_relative_candidate, +disconnected6, code_in_split_block, +disconnected2, after_address_in_data, address_array_aux, next_address_in_data, best_symexpr_symbol, data_object_candidate, symbolic_expr_attribute, +disconnected1, symbolic_operand_attribute, symbolic_operand, got_reference, block_needs_splitting_at, jump_table, label_conflict, symbol_minus_symbol, block_needs_merging, relative_jump_table_entry, base_relative_symbolic_operand, symbol_minus_symbol_candidate, discarded_data_object, symbol_score, inferred_main_function

best_symexpr_symbol(EA:address, SymbolName:symbol, Pos:symbol_position)

Best symbol at address ‘EA’ to be used for symbolic expressions. There can be two variants: If ‘Pos’ is “Beg”, the symbol points to the beginning of a block. If ‘Pos’ is “End”, the symbol points at the end of a block.

• Used by: cfi_directive

• Recursive: data_object_conflict, labeled_data_candidate, boundary_sym_expr, symbolic_expr_symbol_minus_symbol, data_object, resolved_transfer, function_inference.function_entry, string_candidate, moved_data_label, labeled_ea, value_reg_address_before, code_pointer_in_data, moved_label_candidate, symbolic_operand_point, discarded_jump_table_entry, data_object_total_points, inferred_special_symbol, data_limit, next_data_limit, code_in_refined_block, data_access_limit, symbol_minus_symbol_from_relocation, +disconnected3, moved_displacement_candidate, best_func_symbol, main_function, data_object_point, data_limit_after_access, symbolic_data, string_candidate_refined, preferred_data_access, address_array, symbolic_expr, split_block, refined_block, moved_label, moved_pc_relative_candidate, +disconnected6, code_in_split_block, +disconnected2, after_address_in_data, address_array_aux, next_address_in_data, best_symexpr_symbol, data_object_candidate, symbolic_expr_attribute, +disconnected1, symbolic_operand_attribute, symbolic_operand, got_reference, block_needs_splitting_at, jump_table, label_conflict, symbol_minus_symbol, block_needs_merging, relative_jump_table_entry, base_relative_symbolic_operand, symbol_minus_symbol_candidate, discarded_data_object, symbol_score, inferred_main_function

best_func_symbol(EA:address, SymbolName:symbol)

Best function symbol at address ‘EA’.

• Uses: binary_format

• Used by: function_inference.function_entry_name, inferred_symbol

• Recursive: data_object_conflict, labeled_data_candidate, boundary_sym_expr, symbolic_expr_symbol_minus_symbol, data_object, resolved_transfer, function_inference.function_entry, string_candidate, moved_data_label, labeled_ea, value_reg_address_before, code_pointer_in_data, moved_label_candidate, symbolic_operand_point, discarded_jump_table_entry, data_object_total_points, inferred_special_symbol, data_limit, next_data_limit, code_in_refined_block, data_access_limit, symbol_minus_symbol_from_relocation, +disconnected3, moved_displacement_candidate, best_func_symbol, main_function, data_object_point, data_limit_after_access, symbolic_data, string_candidate_refined, preferred_data_access, address_array, symbolic_expr, split_block, refined_block, moved_label, moved_pc_relative_candidate, +disconnected6, code_in_split_block, +disconnected2, after_address_in_data, address_array_aux, next_address_in_data, best_symexpr_symbol, data_object_candidate, symbolic_expr_attribute, +disconnected1, symbolic_operand_attribute, symbolic_operand, got_reference, block_needs_splitting_at, jump_table, label_conflict, symbol_minus_symbol, block_needs_merging, relative_jump_table_entry, base_relative_symbolic_operand, symbol_minus_symbol_candidate, discarded_data_object, symbol_score, inferred_main_function

symbol_score(EA:address, SymbolName:symbol, Type:symbol, Pos:symbol_position, Score:unsigned)

This predicate is computed to decide which is the best symbol for symbolic expressions or the best function symbol at each address. Each symbol receives a score based on its properties.

• Uses: ambiguous_symbol, avoid_symbols, defined_symbol, relocation, symbol_at_section_end, symbol_scope_score, symbol_type_score, symbol_visibility_score

• Used by: inferred_symbol

• Recursive: data_object_conflict, labeled_data_candidate, boundary_sym_expr, symbolic_expr_symbol_minus_symbol, data_object, resolved_transfer, function_inference.function_entry, string_candidate, moved_data_label, labeled_ea, value_reg_address_before, code_pointer_in_data, moved_label_candidate, symbolic_operand_point, discarded_jump_table_entry, data_object_total_points, inferred_special_symbol, data_limit, next_data_limit, code_in_refined_block, data_access_limit, symbol_minus_symbol_from_relocation, +disconnected3, moved_displacement_candidate, best_func_symbol, main_function, data_object_point, data_limit_after_access, symbolic_data, string_candidate_refined, preferred_data_access, address_array, symbolic_expr, split_block, refined_block, moved_label, moved_pc_relative_candidate, +disconnected6, code_in_split_block, +disconnected2, after_address_in_data, address_array_aux, next_address_in_data, best_symexpr_symbol, data_object_candidate, symbolic_expr_attribute, +disconnected1, symbolic_operand_attribute, symbolic_operand, got_reference, block_needs_splitting_at, jump_table, label_conflict, symbol_minus_symbol, block_needs_merging, relative_jump_table_entry, base_relative_symbolic_operand, symbol_minus_symbol_candidate, discarded_data_object, symbol_score, inferred_main_function

symbol_type_score(Type:symbol, Scope:unsigned)

Auxiliary predicate to define symbol_score. Prefer symbols with type different than NOTYPE.

• Uses: symbol

• Used by: symbol_score

symbol_scope_score(Scope:symbol, Score:unsigned)

Auxiliary predicate to define symbol_score

• Uses: symbol

• Used by: symbol_score

symbol_visibility_score(Visibility:symbol, Score:unsigned)

Auxiliary predicate to define symbol_score. Prefer symbols that are not HIDDEN.

• Uses: symbol

• Used by: ifunc_symbol_score, symbol_score

avoid_symbols(SymbolName:symbol)

This predicate records a set of symbols that should not be used in symbolic expressions. These symbols are skipped by the pprinter. TODO: maybe the pprinter could stop skipping these symbols and we could remove them from here.

• Uses: arm_sym, binary_format, data_sym, elf_avoid_symbols, thumb_sym

• Used by: symbol_score

elf_avoid_symbols(SymbolName:symbol)

This predicate records the set of symbols that should not be used in symbolic expressions for ELF binaries

• Used by: avoid_symbols

symbol_at_section_end(EA:address, SymbolName:symbol)

An existing symbol is pointing to the end of a section rather than the beginning of the next section.

• Uses: section, symbol

• Used by: symbol_score

symbol_at_end(EA:address, SymbolName:symbol)

The symbol at address ‘EA’ with name ‘SymbolName’ should point at the end of a block.

• Uses: inferred_symbol, section, symbol

symbol_before_section_beg(EA:address, SymbolName:symbol, NewEA:address)

The symbol at address ‘EA’ with name ‘SymbolName’ is pointing outside its own section and should be moved to ‘NewEA’.

• Uses: section, symbol