Minor tweaks to the SDB to get parsing of real games a bit further.
Unfortunately it looks like issue #10 will have to be addressed before anything can progress :(
This commit is contained in:
parent
7f846afdfc
commit
837a414249
|
@ -164,7 +164,7 @@ public:
|
||||||
void DumpFunctionBlocks(FunctionSymbol* fn);
|
void DumpFunctionBlocks(FunctionSymbol* fn);
|
||||||
|
|
||||||
protected:
|
protected:
|
||||||
typedef std::map<uint32_t, Symbol*> SymbolMap;
|
typedef std::tr1::unordered_map<uint32_t, Symbol*> SymbolMap;
|
||||||
typedef std::list<FunctionSymbol*> FunctionList;
|
typedef std::list<FunctionSymbol*> FunctionList;
|
||||||
|
|
||||||
int AnalyzeFunction(FunctionSymbol* fn);
|
int AnalyzeFunction(FunctionSymbol* fn);
|
||||||
|
|
|
@ -154,30 +154,33 @@ int SymbolDatabase::Analyze() {
|
||||||
FlushQueue();
|
FlushQueue();
|
||||||
|
|
||||||
// Do a pass over the functions to fill holes. A few times. Just to be safe.
|
// Do a pass over the functions to fill holes. A few times. Just to be safe.
|
||||||
while (true) {
|
for (size_t n = 0; n < 4; n++) {
|
||||||
if (!FillHoles()) {
|
if (!FillHoles()) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
FlushQueue();
|
FlushQueue();
|
||||||
}
|
}
|
||||||
|
|
||||||
// Run over all symbols and see if any slipped through, somehow.
|
|
||||||
for (SymbolMap::iterator it = symbols_.begin(); it != symbols_.end(); ++it) {
|
|
||||||
if (it->second->symbol_type == Symbol::Function) {
|
|
||||||
FunctionSymbol* fn = static_cast<FunctionSymbol*>(it->second);
|
|
||||||
if (fn->type == FunctionSymbol::Unknown) {
|
|
||||||
printf("UNKNOWN FN %.8X\n", fn->start_address);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Run a pass over all functions and link up their extended data.
|
// Run a pass over all functions and link up their extended data.
|
||||||
// This can only be performed after we have all functions and basic blocks.
|
// This can only be performed after we have all functions and basic blocks.
|
||||||
for (SymbolMap::iterator it = symbols_.begin(); it != symbols_.end(); ++it) {
|
bool needs_another_pass = false;
|
||||||
if (it->second->symbol_type == Symbol::Function) {
|
do {
|
||||||
CompleteFunctionGraph(static_cast<FunctionSymbol*>(it->second));
|
for (SymbolMap::iterator it = symbols_.begin(); it != symbols_.end();
|
||||||
|
++it) {
|
||||||
|
if (it->second->symbol_type == Symbol::Function) {
|
||||||
|
if (fn->type == FunctionSymbol::Unknown) {
|
||||||
|
XELOGE(XT("UNKNOWN FN %.8X"), fn->start_address);
|
||||||
|
}
|
||||||
|
if (CompleteFunctionGraph(static_cast<FunctionSymbol*>(it->second))) {
|
||||||
|
needs_another_pass = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
if (needs_another_pass) {
|
||||||
|
FlushQueue();
|
||||||
|
}
|
||||||
|
} while (needs_another_pass);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -346,6 +349,10 @@ int SymbolDatabase::AnalyzeFunction(FunctionSymbol* fn) {
|
||||||
if (fn->type == FunctionSymbol::Kernel) {
|
if (fn->type == FunctionSymbol::Kernel) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
// Ignore bad inserts?
|
||||||
|
if (fn->start_address == fn->end_address) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
// This is a simple basic block analyizer. It walks the start address to the
|
// This is a simple basic block analyizer. It walks the start address to the
|
||||||
// end address looking for branches. Each span of instructions between
|
// end address looking for branches. Each span of instructions between
|
||||||
|
@ -368,12 +375,25 @@ int SymbolDatabase::AnalyzeFunction(FunctionSymbol* fn) {
|
||||||
|
|
||||||
uint8_t* p = xe_memory_addr(memory_, 0);
|
uint8_t* p = xe_memory_addr(memory_, 0);
|
||||||
|
|
||||||
if (*((uint32_t*)(p + fn->start_address)) == 0) {
|
if (XEGETUINT32LE(p + fn->start_address) == 0) {
|
||||||
// Function starts with 0x00000000 - we want to skip this and split.
|
// Function starts with 0x00000000 - we want to skip this and split.
|
||||||
XELOGSDB(XT("function starts with 0: %.8X"), fn->start_address);
|
|
||||||
symbols_.erase(fn->start_address);
|
symbols_.erase(fn->start_address);
|
||||||
if (!GetFunction(fn->start_address + 4)) {
|
// Scan ahead until the first non-zero or the end of the valid range.
|
||||||
fn->start_address += 4;
|
size_t next_addr = fn->start_address + 4;
|
||||||
|
while (true) {
|
||||||
|
if (!IsValueInTextRange(next_addr)) {
|
||||||
|
// Ran out of the range. Abort.
|
||||||
|
delete fn;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
if (XEGETUINT32LE(p + next_addr)) {
|
||||||
|
// Not a zero, maybe valid!
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
next_addr += 4;
|
||||||
|
}
|
||||||
|
if (!GetFunction(next_addr + 4)) {
|
||||||
|
fn->start_address = next_addr;
|
||||||
symbols_.insert(SymbolMap::value_type(fn->start_address, fn));
|
symbols_.insert(SymbolMap::value_type(fn->start_address, fn));
|
||||||
scan_queue_.push_back(fn);
|
scan_queue_.push_back(fn);
|
||||||
} else {
|
} else {
|
||||||
|
@ -412,12 +432,6 @@ int SymbolDatabase::AnalyzeFunction(FunctionSymbol* fn) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!i.type) {
|
|
||||||
// Invalid instruction.
|
|
||||||
XELOGSDB(XT("Invalid instruction at %.8X: %.8X"), addr, i.code);
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Create a new basic block, if needed.
|
// Create a new basic block, if needed.
|
||||||
if (!block) {
|
if (!block) {
|
||||||
block = new FunctionBlock();
|
block = new FunctionBlock();
|
||||||
|
@ -429,7 +443,12 @@ int SymbolDatabase::AnalyzeFunction(FunctionSymbol* fn) {
|
||||||
|
|
||||||
bool ends_block = false;
|
bool ends_block = false;
|
||||||
bool ends_fn = false;
|
bool ends_fn = false;
|
||||||
if (i.code == 0x4E800020) {
|
if (!i.type) {
|
||||||
|
// Invalid instruction.
|
||||||
|
// We can just ignore it because there's (very little)/no chance it'll
|
||||||
|
// affect flow control.
|
||||||
|
XELOGSDB(XT("Invalid instruction at %.8X: %.8X"), addr, i.code);
|
||||||
|
} else if (i.code == 0x4E800020) {
|
||||||
// blr -- unconditional branch to LR.
|
// blr -- unconditional branch to LR.
|
||||||
// This is generally a return.
|
// This is generally a return.
|
||||||
block->outgoing_type = FunctionBlock::kTargetLR;
|
block->outgoing_type = FunctionBlock::kTargetLR;
|
||||||
|
@ -583,6 +602,10 @@ int SymbolDatabase::CompleteFunctionGraph(FunctionSymbol* fn) {
|
||||||
// Find variable accesses.
|
// Find variable accesses.
|
||||||
// TODO(benvanik): data analysis to find variable accesses.
|
// TODO(benvanik): data analysis to find variable accesses.
|
||||||
|
|
||||||
|
// A list of function targets that were undefined.
|
||||||
|
// This will run another analysis pass and it'd be best to avoid this.
|
||||||
|
std::vector<uint32_t> new_fns;
|
||||||
|
|
||||||
// For each basic block:
|
// For each basic block:
|
||||||
// - find outgoing target block or function
|
// - find outgoing target block or function
|
||||||
for (std::map<uint32_t, FunctionBlock*>::iterator it = fn->blocks.begin();
|
for (std::map<uint32_t, FunctionBlock*>::iterator it = fn->blocks.begin();
|
||||||
|
@ -609,12 +632,24 @@ int SymbolDatabase::CompleteFunctionGraph(FunctionSymbol* fn) {
|
||||||
block->outgoing_type = FunctionBlock::kTargetFunction;
|
block->outgoing_type = FunctionBlock::kTargetFunction;
|
||||||
block->outgoing_function = GetFunction(block->outgoing_address);
|
block->outgoing_function = GetFunction(block->outgoing_address);
|
||||||
if (!block->outgoing_function) {
|
if (!block->outgoing_function) {
|
||||||
XELOGE(XT("call target not found: %.8X"), block->outgoing_address);
|
XELOGE(XT("call target not found: %.8X -> %.8X"),
|
||||||
XEASSERTALWAYS();
|
block->end_address, block->outgoing_address);
|
||||||
|
new_fns.push_back(block->outgoing_address);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (new_fns.size()) {
|
||||||
|
XELOGW(XT("Repeat analysis required to find %d new functions"),
|
||||||
|
(uint32_t)new_fns.size());
|
||||||
|
for (std::vector<uint32_t>::iterator it = new_fns.begin();
|
||||||
|
it != new_fns.end(); ++it) {
|
||||||
|
GetOrInsertFunction(*it);
|
||||||
|
}
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue