package bap-std

  1. Overview
  2. Docs
Legend:
Library
Module
Module type
Parameter
Class
Class type

Regular interface for BIL statements

type t = Bil.stmt
class state : object ... end

All visitors provide some information about the current position of the visitor

class 'a visitor : object ... end

Visitor. Visits AST providing lots of hooks.

class 'a finder : object ... end

A visitor with a shortcut. Finder is a specialization of a visitor, that uses return as its folding argument. At any time you can stop the traversing by calling return function of the provided argument (which is by itself is a record with one field - a function accepting argument of type 'a option).

class mapper : object ... end

AST transformation. mapper allows one to map AST, performing some limited amount of transformations on it. Mapper provides extra flexibility by mapping stmt to stmt list, thus allowing to remove statements from the output (by mapping to empty list) or to map one statement to several. This is particularly useful when you map if or while statements.

constant_folder is a class that implements the fold_consts

val fold : 'a visitor -> init:'a -> t -> 'a

fold ~init visitor stmt folds a stmt with a visitor. See Bil.fold and Exp.fold for more details.

val iter : unit visitor -> t -> unit

iter visitor stmt iters over a stmt with a visitor. See Bil.iter and Exp.iter for more details.

val map : mapper -> t list -> t list

map mapper bil applies mapper to the program bil

val find : 'a finder -> t -> 'a option

find finder stmt performs a lookup into the Bil statement. See Bil.find and Exp.find for more details.

val exists : unit finder -> t -> bool

exists finder stmt is true iff find finder stmt <> None. See Bil.exists and Exp.exists for more details.

val is_referenced : var -> t -> bool

is_referenced x stmt is true is x is used in the stmt in any place other then right hand side of the assignment. E.g., is_referenced x Bil.(x := var x) is true, but is_referenced x Bil.(x := var y) is false. see Bil.is_referenced for more details.

val normalize : ?normalize_exp:bool -> stmt list -> stmt list

normalize ?normalize_exp xs produces a normalized BIL program with the same^1 semantics but in the BIL normalized form (BNF). There are two normalized forms, both described below. The first form (BNF1) is more readable, the second form (BNF2) is more strict, but sometimes yields a code, that is hard for a human to comprehend. The BNF1 is the default, to request BNF2 pass normalize_exp:true.

Precondition: xs is well-typed.

The BIL First Normalized Form (BNF1) is a subset of the BIL language, where expressions have the following properties:

  • Memory load expressions can be only applied to a memory. This effectively disallows creation of temporary memory regions, and requires all store operations to be committed via the assignment operation. Also, this provides a guarantee, that store expressions will not occur in integer assignments, jmp destinations, and conditional expressions, leaving them valid only in an assignment statement where the rhs has type mem_t. This is effectively the same as make the Load constructor to have type (Load (var,exp,endian,size)).
  • No load or store expressions in the following positions: 1. the right-hand side of the let expression; 2. address or value subexpressions of the store expression; 3. storage or address subexpressions of the load expression;

The BIL Second Normalized Form (BNF2) is a subset of the BNF1 (in a sense that all BNF2 programs are also in BNF1). This form puts the following restrictions:

  • No let expressions - new variables can be created only with the Move instruction.
  • All memory operations have sizes equal to one byte. Thus the size and endianness can be ignored in analysis. During the normalization, the following rewrites are performed

           let x = <expr> in ... x ... => ... <expr> ...
           x[a,el]:n => x[a+n-1] @ ... @ x[a]
           x[a,be]:n => x[a] @ ... @ x[a+n-1]
           m[a,el]:n <- x => (...((m[a] <- x<0>)[a+1] <- x<1>)...)[a+n-1] <- x<n-1>
           m[a,be]:n <- x => (...((m[a] <- x<n-1>)[a+1] <- x<n>)...)[a+n-1] <- x<0>
           (x[a] <- b)[c] => m := x[a] <- b; m[c]

^1: The normalization procedure may duplicate expressions that might be considered non-generative. For example,

let x = m[a] in x + x

is rewritten to m[a] + m[a]. Given a concrete semantics of a memory (for example, if memory is mapped to a device register that changes every times it is read) this expression may have different value. It will also have different effect (such as two memory accesses, page faults etc).

However, in the formal semantics of BAP we do not consider effects, and treat all expressions as side-effect free, thus the above transformation, are preserving the semantics.

  • parameter normalize_exp

    (defaults to false) if set to true then the returned program will be in BNF2.

  • since 1.3
val simpl : ?ignore:Eff.t list -> t list -> t list

simpl ?ignore xs recursively applies Exp.simpl and also simplifies if and while expressions with statically known conditionals, e.g., if (true) xs ys is simplified to xs, while (false) xs is simplified to xs.

  • since 1.3
val fixpoint : (t -> t) -> t -> t

fixpoint f x applies transformation f until it reaches fixpoint. See Bil.fixpoint and Exp.fixpoint.

val free_vars : t -> Var.Set.t

free_vars stmt returns a set of all unbound variables, that occurs in stmt.

val eval : t list -> Bili.context as 'a -> 'a

eval prog eval BIL program under given context. Returns the context which contains all effects of computations.

include Regular.Std.Regular.S with type t := t
val __bin_read_t__ : (int -> t) Core_kernel.Bin_prot.Read.reader
val t_of_sexp : Ppx_sexp_conv_lib.Sexp.t -> t
val sexp_of_t : t -> Ppx_sexp_conv_lib.Sexp.t
include Regular.Std.Printable.S with type t := t
val to_string : t -> string

to_string x returns a human-readable representation of x

val str : unit -> t -> string

str () t is formatted output function that matches "%a" conversion format specifier in functions, that prints to string, e.g., sprintf, failwithf, errorf and, surprisingly all Lwt printing function, including Lwt_io.printf and logging (or any other function with type ('a,unit,string,...) formatN`. Example:

Or_error.errorf "type %a is not valid for %a"
  Type.str ty Exp.str exp
val pps : unit -> t -> string

synonym for str

val ppo : Core_kernel.Out_channel.t -> t -> unit

will print to a standard output_channel, useful for using in printf, fprintf, etc.

val pp_seq : Stdlib.Format.formatter -> t Core_kernel.Sequence.t -> unit

prints a sequence of values of type t

this will include pp function from Core that has type t printer, and can be used in Format.printf family of functions

include Core_kernel.Pretty_printer.S with type t := t
val pp : Base.Formatter.t -> t -> unit
include Core_kernel.Comparable.S_binable with type t := t
include Base.Comparable.S with type t := t
include Base.Comparisons.S with type t := t
include Base.Comparisons.Infix with type t := t
val (>=) : t -> t -> bool
val (<=) : t -> t -> bool
val (=) : t -> t -> bool
val (>) : t -> t -> bool
val (<) : t -> t -> bool
val (<>) : t -> t -> bool
val equal : t -> t -> bool
val compare : t -> t -> int

compare t1 t2 returns 0 if t1 is equal to t2, a negative integer if t1 is less than t2, and a positive integer if t1 is greater than t2.

val min : t -> t -> t
val max : t -> t -> t
val ascending : t -> t -> int

ascending is identical to compare. descending x y = ascending y x. These are intended to be mnemonic when used like List.sort ~compare:ascending and List.sort ~cmp:descending, since they cause the list to be sorted in ascending or descending order, respectively.

val descending : t -> t -> int
val between : t -> low:t -> high:t -> bool

between t ~low ~high means low <= t <= high

val clamp_exn : t -> min:t -> max:t -> t

clamp_exn t ~min ~max returns t', the closest value to t such that between t' ~low:min ~high:max is true.

Raises if not (min <= max).

val clamp : t -> min:t -> max:t -> t Base.Or_error.t
include Base.Comparator.S with type t := t
type comparator_witness
val validate_lbound : min:t Base.Maybe_bound.t -> t Base.Validate.check
val validate_ubound : max:t Base.Maybe_bound.t -> t Base.Validate.check
val validate_bound : min:t Base.Maybe_bound.t -> max:t Base.Maybe_bound.t -> t Base.Validate.check
include Core_kernel.Hashable.S_binable with type t := t
val hash_fold_t : Base.Hash.state -> t -> Base.Hash.state
val hash : t -> Base.Hash.hash_value
val hashable : t Base.Hashable.t
include Regular.Std.Data.S with type t := t
type info = string * [ `Ver of string ] * string option

name,Ver v,desc information attached to a particular reader or writer.

val version : string

Data representation version. After any change in data representation the version should be increased.

Serializers that are derived from a data representation must have the same version as a version of the data structure, from which it is derived. This kind of serializers can only read and write data of the same version.

Other serializers can actually read and write data independent on its representation version. A serializer, that can't store data of current version simply shouldn't be added to a set of serializers.

It is assumed, that if a reader and a writer has the same name and version, then whatever was written by the writer should be readable by the reader. The round-trip equality is not required, thus it is acceptable if some information is lost.

It is also possible, that a reader and a writer that has the same name are compatible. In that case it is recommended to use semantic versioning.

val size_in_bytes : ?ver:string -> ?fmt:string -> t -> int

size_in_bytes ?ver ?fmt datum returns the amount of bytes that is needed to represent datum in the given format and version

val of_bytes : ?ver:string -> ?fmt:string -> Regular.Std.bytes -> t

of_bytes ?ver ?fmt bytes deserializes a value from bytes.

val to_bytes : ?ver:string -> ?fmt:string -> t -> Regular.Std.bytes

to_bytes ?ver ?fmt datum serializes a datum to a sequence of bytes.

val blit_to_bytes : ?ver:string -> ?fmt:string -> Regular.Std.bytes -> t -> int -> unit

blit_to_bytes ?ver ?fmt buffer datum offset copies a serialized representation of datum into a buffer, starting from the offset.

val of_bigstring : ?ver:string -> ?fmt:string -> Core_kernel.bigstring -> t

of_bigstring ?ver ?fmt buf deserializes a datum from bigstring

val to_bigstring : ?ver:string -> ?fmt:string -> t -> Core_kernel.bigstring

of_bigstring ?ver ?fmt datum serializes a datum to a sequence of bytes represented as bigstring

val blit_to_bigstring : ?ver:string -> ?fmt:string -> Core_kernel.bigstring -> t -> int -> unit

blit_to_bigstring ?ver ?fmt buffer datum offset copies a serialized representation of datum into a buffer, starting from offset.

module Io : sig ... end

Input/Output functions for the given datum.

module Cache : sig ... end

Data cache.

val add_reader : ?desc:string -> ver:string -> string -> t Regular.Std.reader -> unit

add_reader ?desc ~ver name reader registers a new reader with a provided name, version ver and optional description desc

val add_writer : ?desc:string -> ver:string -> string -> t Regular.Std.writer -> unit

add_writer ?desc ~ver name writer registers a new writer with a provided name, version ver and optional description desc

val available_readers : unit -> info list

available_reader () lists available readers for the data type

val default_reader : unit -> info

default_reader returns information about default reader

val set_default_reader : ?ver:string -> string -> unit

set_default_reader ?ver name sets new default reader. If version is not specified then the latest available version is used. Raises an exception if a reader with a given name doesn't exist.

val with_reader : ?ver:string -> string -> (unit -> 'a) -> 'a

with_reader ?ver name operation temporary sets a default reader to a reader with a specified name and version. The default reader is restored after operation is finished.

val available_writers : unit -> info list

available_writer () lists available writers for the data type

val default_writer : unit -> info

default_writer returns information about the default writer

val set_default_writer : ?ver:string -> string -> unit

set_default_writer ?ver name sets new default writer. If version is not specified then the latest available version is used. Raises an exception if a writer with a given name doesn't exist.

val with_writer : ?ver:string -> string -> (unit -> 'a) -> 'a

with_writer ?ver name operation temporary sets a default writer to a writer with a specified name and version. The default writer is restored after operation is finished.

val default_printer : unit -> info option

default_writer optionally returns an information about default printer

val set_default_printer : ?ver:string -> string -> unit

set_default_printer ?ver name sets new default printer. If version is not specified then the latest available version is used. Raises an exception if a printer with a given name doesn't exist.

val with_printer : ?ver:string -> string -> (unit -> 'a) -> 'a

with_printer ?ver name operation temporary sets a default printer to a printer with a specified name and version. The default printer is restored after operation is finished.

Low level access to serializers

val find_reader : ?ver:string -> string -> t Regular.Std.reader option

find_reader ?ver name lookups a reader with a given name. If version is not specified, then a reader with maximum version is returned.

val find_writer : ?ver:string -> string -> t Regular.Std.writer option

find_writer ?ver name lookups a writer with a given name. If version is not specified, then a writer with maximum version is returned.

val pp_adt : t Regular.Std.printer
OCaml

Innovation. Community. Security.