Refactor calling conventions to support correct representation of structures

Author: D0ntPanic

binaryninjaapi.h

@@ -41,6 +41,24 @@ Variable Variable::FromIdentifier(uint64_t id)
 }
 
 
+Variable Variable::Register(uint32_t reg)
+{
+	return Variable(RegisterVariableSourceType, reg);
+}
+
+
+Variable Variable::Flag(uint32_t flag)
+{
+	return Variable(FlagVariableSourceType, flag);
+}
+
+
+Variable Variable::StackOffset(int64_t offset)
+{
+	return Variable(StackVariableSourceType, offset);
+}
+
+
 RegisterValue::RegisterValue() : state(UndeterminedValue), value(0), offset(0), size(0) {}
 
 
@@ -63,6 +81,12 @@ bool RegisterValue::operator==(const RegisterValue& a) const
 	case StackFrameOffset:
 		 return (state == StackFrameOffset) && (a.value == value);
 
+	case ResultPointerValue:
+		return (state == ResultPointerValue) && (a.value == value);
+
+	case ParameterPointerValue:
+		return (state == ParameterPointerValue) && (a.value == value) && (a.offset == offset);
+
 	case UndeterminedValue:
 		return state == UndeterminedValue;
 
@@ -729,6 +753,30 @@ Confidence<Ref<Type>> Function::GetReturnType() const
 }
 
 
+ReturnValue Function::GetReturnValue() const
+{
+	BNReturnValue ret = BNGetFunctionReturnValue(m_object);
+	ReturnValue result = ReturnValue::FromAPIObject(&ret);
+	BNFreeReturnValue(&ret);
+	return result;
+}
+
+
+bool Function::IsReturnValueDefaultLocation() const
+{
+	return BNIsFunctionReturnValueDefaultLocation(m_object);
+}
+
+
+Confidence<ValueLocation> Function::GetReturnValueLocation() const
+{
+	auto location = BNGetFunctionReturnValueLocation(m_object);
+	Confidence<ValueLocation> result(ValueLocation::FromAPIObject(&location.location), location.confidence);
+	BNFreeValueLocation(&location.location);
+	return result;
+}
+
+
 Confidence<vector<uint32_t>> Function::GetReturnRegisters() const
 {
 	BNRegisterSetWithConfidence regs = BNGetFunctionReturnRegisters(m_object);
@@ -763,6 +811,19 @@ Confidence<vector<Variable>> Function::GetParameterVariables() const
 }
 
 
+Confidence<vector<ValueLocation>> Function::GetParameterLocations() const
+{
+	BNValueLocationListWithConfidence locations = BNGetFunctionParameterLocations(m_object);
+	vector<ValueLocation> locationList;
+	locationList.reserve(locations.count);
+	for (size_t i = 0; i < locations.count; i++)
+		locationList.push_back(ValueLocation::FromAPIObject(&locations.locations[i]));
+	Confidence<vector<ValueLocation>> result(locationList, locations.confidence);
+	BNFreeParameterLocations(&locations);
+	return result;
+}
+
+
 Confidence<bool> Function::HasVariableArguments() const
 {
 	BNBoolWithConfidence bc = BNFunctionHasVariableArguments(m_object);
@@ -817,16 +878,27 @@ void Function::SetAutoReturnType(const Confidence<Ref<Type>>& type)
 }
 
 
-void Function::SetAutoReturnRegisters(const Confidence<std::vector<uint32_t>>& returnRegs)
+void Function::SetAutoReturnValue(const ReturnValue& rv)
 {
-	BNRegisterSetWithConfidence regs;
-	regs.regs = new uint32_t[returnRegs.GetValue().size()];
-	regs.count = returnRegs.GetValue().size();
-	for (size_t i = 0; i < regs.count; i++)
-		regs.regs[i] = returnRegs.GetValue()[i];
-	regs.confidence = returnRegs.GetConfidence();
-	BNSetAutoFunctionReturnRegisters(m_object, &regs);
-	delete[] regs.regs;
+	BNReturnValue ret = rv.ToAPIObject();
+	BNSetAutoFunctionReturnValue(m_object, &ret);
+	ReturnValue::FreeAPIObject(&ret);
+}
+
+
+void Function::SetAutoIsReturnValueDefaultLocation(bool defaultLocation)
+{
+	BNSetAutoIsFunctionReturnValueDefaultLocation(m_object, defaultLocation);
+}
+
+
+void Function::SetAutoReturnValueLocation(const Confidence<ValueLocation>& location)
+{
+	BNValueLocationWithConfidence loc;
+	loc.location = location->ToAPIObject();
+	loc.confidence = location.GetConfidence();
+	BNSetAutoFunctionReturnValueLocation(m_object, &loc);
+	ValueLocation::FreeAPIObject(&loc.location);
 }
 
 
@@ -839,22 +911,21 @@ void Function::SetAutoCallingConvention(const Confidence<Ref<CallingConvention>>
 }
 
 
-void Function::SetAutoParameterVariables(const Confidence<vector<Variable>>& vars)
+void Function::SetAutoParameterLocations(const Confidence<std::vector<ValueLocation>>& locations)
 {
-	BNParameterVariablesWithConfidence varConf;
-	varConf.vars = new BNVariable[vars->size()];
-	varConf.count = vars->size();
+	BNValueLocationListWithConfidence varConf;
+	varConf.locations = new BNValueLocation[locations->size()];
+	varConf.count = locations->size();
 	size_t i = 0;
-	for (auto it = vars->begin(); it != vars->end(); ++it, ++i)
-	{
-		varConf.vars[i].type = it->type;
-		varConf.vars[i].index = it->index;
-		varConf.vars[i].storage = it->storage;
-	}
-	varConf.confidence = vars.GetConfidence();
+	for (auto it = locations->begin(); it != locations->end(); ++it, ++i)
+		varConf.locations[i] = it->ToAPIObject();
+	varConf.confidence = locations.GetConfidence();
 
-	BNSetAutoFunctionParameterVariables(m_object, &varConf);
-	delete[] varConf.vars;
+	BNSetAutoFunctionParameterLocations(m_object, &varConf);
+
+	for (i = 0; i < locations->size(); i++)
+		ValueLocation::FreeAPIObject(&varConf.locations[i]);
+	delete[] varConf.locations;
 }
 
 
@@ -946,16 +1017,27 @@ void Function::SetReturnType(const Confidence<Ref<Type>>& type)
 }
 
 
-void Function::SetReturnRegisters(const Confidence<std::vector<uint32_t>>& returnRegs)
+void Function::SetReturnValue(const ReturnValue& rv)
 {
-	BNRegisterSetWithConfidence regs;
-	regs.regs = new uint32_t[returnRegs.GetValue().size()];
-	regs.count = returnRegs.GetValue().size();
-	for (size_t i = 0; i < regs.count; i++)
-		regs.regs[i] = returnRegs.GetValue()[i];
-	regs.confidence = returnRegs.GetConfidence();
-	BNSetUserFunctionReturnRegisters(m_object, &regs);
-	delete[] regs.regs;
+	BNReturnValue ret = rv.ToAPIObject();
+	BNSetUserFunctionReturnValue(m_object, &ret);
+	ReturnValue::FreeAPIObject(&ret);
+}
+
+
+void Function::SetIsReturnValueDefaultLocation(bool defaultLocation)
+{
+	BNSetUserIsFunctionReturnValueDefaultLocation(m_object, defaultLocation);
+}
+
+
+void Function::SetReturnValueLocation(const Confidence<ValueLocation>& location)
+{
+	BNValueLocationWithConfidence loc;
+	loc.location = location->ToAPIObject();
+	loc.confidence = location.GetConfidence();
+	BNSetUserFunctionReturnValueLocation(m_object, &loc);
+	ValueLocation::FreeAPIObject(&loc.location);
 }
 
 
@@ -968,22 +1050,21 @@ void Function::SetCallingConvention(const Confidence<Ref<CallingConvention>>& co
 }
 
 
-void Function::SetParameterVariables(const Confidence<vector<Variable>>& vars)
+void Function::SetParameterLocations(const Confidence<std::vector<ValueLocation>>& locations)
 {
-	BNParameterVariablesWithConfidence varConf;
-	varConf.vars = new BNVariable[vars->size()];
-	varConf.count = vars->size();
+	BNValueLocationListWithConfidence varConf;
+	varConf.locations = new BNValueLocation[locations->size()];
+	varConf.count = locations->size();
 	size_t i = 0;
-	for (auto it = vars->begin(); it != vars->end(); ++it, ++i)
-	{
-		varConf.vars[i].type = it->type;
-		varConf.vars[i].index = it->index;
-		varConf.vars[i].storage = it->storage;
-	}
-	varConf.confidence = vars.GetConfidence();
+	for (auto it = locations->begin(); it != locations->end(); ++it, ++i)
+		varConf.locations[i] = it->ToAPIObject();
+	varConf.confidence = locations.GetConfidence();
+
+	BNSetUserFunctionParameterLocations(m_object, &varConf);
 
-	BNSetUserFunctionParameterVariables(m_object, &varConf);
-	delete[] varConf.vars;
+	for (i = 0; i < locations->size(); i++)
+		ValueLocation::FreeAPIObject(&varConf.locations[i]);
+	delete[] varConf.locations;
 }
 
 

binaryninjacore.h

@@ -147,12 +147,13 @@ vector<InstructionTextToken> RustTypePrinter::GetTypeTokensAfterNameInternal(
 			vector<InstructionTextToken> paramTokens = GetTypeTokensAfterName(params[i].type.GetValue(), platform,
 				params[i].type.GetCombinedConfidence(baseConfidence), type, escaping);
 
-			if (functionHeader)
+			auto var = params[i].location.GetVariableForParameter(i);
+			if (functionHeader && var.has_value())
 			{
 				for (auto& token : paramTokens)
 				{
 					token.context = LocalVariableTokenContext;
-					token.address = params[i].location.ToIdentifier();
+					token.address = var->ToIdentifier();
 				}
 			}
 
@@ -164,42 +165,46 @@ vector<InstructionTextToken> RustTypePrinter::GetTypeTokensAfterNameInternal(
 			else
 			{
 				nameToken = InstructionTextToken(ArgumentNameToken, NameList::EscapeTypeName(params[i].name, escaping), i);
-				if (functionHeader)
+				if (functionHeader && var.has_value())
 				{
 					nameToken.context = LocalVariableTokenContext;
-					nameToken.address = params[i].location.ToIdentifier();
+					nameToken.address = var->ToIdentifier();
 				}
 			}
 			tokens.push_back(nameToken);
 			tokens.emplace_back(TextToken, ": ");
 			tokens.insert(tokens.end(), paramTokens.begin(), paramTokens.end());
 
-			if (!params[i].defaultLocation && platform)
+			if (!params[i].defaultLocation && platform && var.has_value())
 			{
-				switch (params[i].location.type)
+				// TODO: Emit a syntax for parameters spanning multiple storage locations
+				switch (var->type)
 				{
 				case RegisterVariableSourceType:
 				{
-					string registerName = platform->GetArchitecture()->GetRegisterName((uint32_t)params[i].location.storage);
+					string registerName = platform->GetArchitecture()->GetRegisterName((uint32_t)var->storage);
 					tokens.emplace_back(TextToken, " @ ");
-					tokens.emplace_back(RegisterToken, NameList::EscapeTypeName(registerName, escaping), params[i].location.storage);
+					tokens.emplace_back(RegisterToken, NameList::EscapeTypeName(registerName, escaping), var->storage);
 					break;
 				}
 				case FlagVariableSourceType:
 				{
-					string flagName = platform->GetArchitecture()->GetFlagName((uint32_t)params[i].location.storage);
+					string flagName = platform->GetArchitecture()->GetFlagName((uint32_t)var->storage);
 					tokens.emplace_back(TextToken, " @ ");
-					tokens.emplace_back(AnnotationToken, NameList::EscapeTypeName(flagName, escaping), params[i].location.storage);
+					tokens.emplace_back(AnnotationToken, NameList::EscapeTypeName(flagName, escaping), var->storage);
 					break;
 				}
 				case StackVariableSourceType:
 				{
 					tokens.emplace_back(TextToken, " @ ");
 					char storageStr[32];
-					snprintf(storageStr, sizeof(storageStr), "%" PRIi64, params[i].location.storage);
-					tokens.emplace_back(IntegerToken, storageStr, params[i].location.storage);
+					snprintf(storageStr, sizeof(storageStr), "%" PRIi64, var->storage);
+					tokens.emplace_back(IntegerToken, storageStr, var->storage);
 					break;
 				}
+				case CompositeReturnValueSourceType:
+				case CompositeParameterSourceType:
+					break;
 				}
 			}
 		}

callingconvention.cpp

@@ -292,6 +292,7 @@ static constexpr std::array s_instructionOperandUsage = {
 	OperandUsage{MLIL_FREE_VAR_SLOT_SSA, {DestSSAVariableMediumLevelOperandUsage, PartialSSAVariableSourceMediumLevelOperandUsage}},
 	OperandUsage{MLIL_VAR_PHI, {DestSSAVariableMediumLevelOperandUsage, SourceSSAVariablesMediumLevelOperandUsages}},
 	OperandUsage{MLIL_MEM_PHI, {DestMemoryVersionMediumLevelOperandUsage, SourceMemoryVersionsMediumLevelOperandUsage}},
+	OperandUsage{MLIL_BLOCK_TO_EXPAND, {SourceExprsMediumLevelOperandUsage}},
 };
 
 VALIDATE_INSTRUCTION_ORDER(s_instructionOperandUsage);
@@ -1553,6 +1554,10 @@ void MediumLevelILInstruction::VisitExprs(bn::base::function_ref<bool(const Medi
 		for (auto i : GetParameterExprs())
 			i.VisitExprs(func);
 		break;
+	case MLIL_BLOCK_TO_EXPAND:
+		for (auto i : GetSourceExprs<MLIL_BLOCK_TO_EXPAND>())
+			i.VisitExprs(func);
+		break;
 	default:
 		break;
 	}
@@ -1892,6 +1897,10 @@ ExprId MediumLevelILInstruction::CopyTo(MediumLevelILFunction* dest,
 		return dest->Undefined(loc);
 	case MLIL_UNIMPL:
 		return dest->Unimplemented(loc);
+	case MLIL_BLOCK_TO_EXPAND:
+		for (auto i : GetSourceExprs<MLIL_BLOCK_TO_EXPAND>())
+			params.push_back(subExprHandler(i));
+		return dest->BlockToExpand(params, loc);
 	default:
 		throw MediumLevelILInstructionAccessException();
 	}
@@ -3125,6 +3134,12 @@ ExprId MediumLevelILFunction::FloatCompareUnordered(size_t size, ExprId a, ExprI
 }
 
 
+ExprId MediumLevelILFunction::BlockToExpand(const vector<ExprId>& sources, const ILSourceLocation& loc)
+{
+	return AddExprWithLocation(MLIL_BLOCK_TO_EXPAND, loc, 0, sources.size(), AddOperandList(sources));
+}
+
+
 fmt::format_context::iterator fmt::formatter<MediumLevelILInstruction>::format(const MediumLevelILInstruction& obj, format_context& ctx) const
 {
 	if (!obj.function)

function.cpp

@@ -1565,6 +1565,13 @@ namespace BinaryNinja
 		int64_t GetOffset() const { return GetRawOperandAsInteger(1); }
 	};
 
+	template <>
+	struct MediumLevelILInstructionAccessor<MLIL_BLOCK_TO_EXPAND> : public MediumLevelILInstructionBase
+	{
+		MediumLevelILInstructionList GetSourceExprs() const { return GetRawOperandAsExprList(0); }
+		void SetSourceExprs(const _STD_VECTOR<ExprId>& exprs) { UpdateRawOperandAsExprList(0, exprs); }
+	};
+
 	template <>
 	struct MediumLevelILInstructionAccessor<MLIL_NOP> : public MediumLevelILInstructionBase
 	{};