Mirror
/
icsharpcode-ILSpy
mirror of https://github.com/icsharpcode/ILSpy.git
2
0
Fork 0
Code Issues Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7971 Commits
18 Branches
85 Tags
79 MiB
Tree: f0f95efa05
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f0f95efa05'
${ noResults }
icsharpcode-ILSpy/ICSharpCode.Decompiler/IL/ControlFlow/StateRangeAnalysis.cs

314 lines
12 KiB
Raw Normal View History

Add Visual Basic symbolic execution option which ignores overflow checks
2 years ago
WIP: yield return decompiler
9 years ago
Fix #2652: AwaitInFinallyTransform: ILAst must form a tree
3 years ago
WIP: yield return decompiler
9 years ago
Check the CancellationToken a bit more frequently.
8 years ago
WIP: yield return decompiler
9 years ago
#2128: Reformat the whole code base.
5 years ago
WIP: yield return decompiler
9 years ago
Fix #2652: AwaitInFinallyTransform: ILAst must form a tree
3 years ago
WIP: yield return decompiler
9 years ago
Check the CancellationToken a bit more frequently.
8 years ago
WIP: yield return decompiler
9 years ago
Fix #2652: AwaitInFinallyTransform: ILAst must form a tree
3 years ago
Add Visual Basic symbolic execution option which ignores overflow checks
2 years ago
WIP: yield return decompiler
9 years ago
Handle leave instructions in state-range analysis.
3 years ago
Fix #2652: AwaitInFinallyTransform: ILAst must form a tree
3 years ago
WIP: yield return decompiler
9 years ago
Fix #2652: AwaitInFinallyTransform: ILAst must form a tree
3 years ago
[async]: control flow reconstruction: fixes for legacy csc
8 years ago
Add Visual Basic symbolic execution option which ignores overflow checks
2 years ago
WIP: yield return decompiler
9 years ago
Add Visual Basic symbolic execution option which ignores overflow checks
2 years ago
#2128: Reformat the whole code base.
5 years ago
WIP: yield return decompiler
9 years ago
Handle leave instructions in state-range analysis.
3 years ago
WIP: yield return decompiler
9 years ago
Add Visual Basic symbolic execution option which ignores overflow checks
2 years ago
WIP: yield return decompiler
9 years ago
Initial support for yield-return decompilation in assemblies compiled with the mono compiler.
8 years ago
Clean up mono yield-return decompilation.
8 years ago
Initial support for yield-return decompilation in assemblies compiled with the mono compiler.
8 years ago
Add Visual Basic symbolic execution option which ignores overflow checks
2 years ago
Initial support for yield-return decompilation in assemblies compiled with the mono compiler.
8 years ago
#2128: Reformat the whole code base.
5 years ago
Initial support for yield-return decompilation in assemblies compiled with the mono compiler.
8 years ago
WIP: yield return decompiler
9 years ago
Check the CancellationToken a bit more frequently.
8 years ago
#2128: Reformat the whole code base.
5 years ago
WIP: yield return decompiler
9 years ago
#2128: Reformat the whole code base.
5 years ago
WIP: yield return decompiler
9 years ago
#2128: Reformat the whole code base.
5 years ago
WIP: yield return decompiler
9 years ago
#2128: Reformat the whole code base.
5 years ago
WIP: yield return decompiler
9 years ago
Initial support for yield-return decompilation in assemblies compiled with the mono compiler.
8 years ago
WIP: yield return decompiler
9 years ago
#2128: Reformat the whole code base.
5 years ago
WIP: yield return decompiler
9 years ago
#2128: Reformat the whole code base.
5 years ago
WIP: yield return decompiler
9 years ago
Support 'state + c1 < c2' in state-range-analysis.
8 years ago
More fixes for yield return decompilation.
8 years ago
WIP: yield return decompiler
9 years ago
Handle leave instructions in state-range analysis.
3 years ago
WIP: yield return decompiler
9 years ago
Initial support for yield-return decompilation in assemblies compiled with the mono compiler.
8 years ago
[async]: control flow reconstruction: fixes for legacy csc
8 years ago
Initial support for yield-return decompilation in assemblies compiled with the mono compiler.
8 years ago
[async]: control flow reconstruction: fixes for legacy csc
8 years ago
Initial support for yield-return decompilation in assemblies compiled with the mono compiler.
8 years ago
WIP: yield return decompiler
9 years ago
#2128: Reformat the whole code base.
5 years ago
WIP: yield return decompiler
9 years ago
#2128: Reformat the whole code base.
5 years ago
WIP: yield return decompiler
9 years ago
Fix #2652: AwaitInFinallyTransform: ILAst must form a tree
3 years ago
WIP: yield return decompiler
9 years ago
Initial support for yield-return decompilation in assemblies compiled with the mono compiler.
8 years ago
#2128: Reformat the whole code base.
5 years ago
Initial support for yield-return decompilation in assemblies compiled with the mono compiler.
8 years ago
#2128: Reformat the whole code base.
5 years ago
Initial support for yield-return decompilation in assemblies compiled with the mono compiler.
8 years ago
#2128: Reformat the whole code base.
5 years ago
Fix StateRangeAnalysis to handle changes in yield return codegen in Roslyn 4.13.
5 months ago
WIP: yield return decompiler
9 years ago
#2128: Reformat the whole code base.
5 years ago
WIP: yield return decompiler
9 years ago
Handle leave instructions in state-range analysis.
3 years ago
Initial support for yield-return decompilation in assemblies compiled with the mono compiler.
8 years ago
WIP: yield return decompiler
9 years ago
Initial support for yield-return decompilation in assemblies compiled with the mono compiler.
8 years ago
[async]: control flow reconstruction
8 years ago
Initial support for yield-return decompilation in assemblies compiled with the mono compiler.
8 years ago
#2128: Reformat the whole code base.
5 years ago
Initial support for yield-return decompilation in assemblies compiled with the mono compiler.
8 years ago
#2128: Reformat the whole code base.
5 years ago
Initial support for yield-return decompilation in assemblies compiled with the mono compiler.
8 years ago
[async]: control flow reconstruction
8 years ago
Fix NRT warning in GetBlockStateSetMappingForLeave.
3 years ago
Handle leave instructions in state-range analysis.
3 years ago
Fix NRT warning in GetBlockStateSetMappingForLeave.
3 years ago
Handle leave instructions in state-range analysis.
3 years ago
WIP: yield return decompiler
9 years ago
  1. // Copyright (c) 2012 AlphaSierraPapa for the SharpDevelop Team
  2. //
  3. // Permission is hereby granted, free of charge, to any person obtaining a copy of this
  4. // software and associated documentation files (the "Software"), to deal in the Software
  5. // without restriction, including without limitation the rights to use, copy, modify, merge,
  6. // publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons
  7. // to whom the Software is furnished to do so, subject to the following conditions:
  8. //
  9. // The above copyright notice and this permission notice shall be included in all copies or
  10. // substantial portions of the Software.
  11. //
  12. // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
  13. // INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14. // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE
  15. // FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
  16. // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
  17. // DEALINGS IN THE SOFTWARE.
  19. #nullable enable
  21. using System;
  22. using System.Collections.Generic;
  23. using System.Diagnostics;
  24. using System.Linq;
  25. using System.Threading;
  27. using ICSharpCode.Decompiler.TypeSystem;
  28. using ICSharpCode.Decompiler.Util;
  30. namespace ICSharpCode.Decompiler.IL.ControlFlow
  31. {
  32. enum StateRangeAnalysisMode
  33. {
  34. IteratorMoveNext,
  35. IteratorDispose,
  36. AsyncMoveNext,
  37. AwaitInFinally
  38. }
  40. /// <summary>
  41. /// Symbolically executes code to determine which blocks are reachable for which values
  42. /// of the 'state' field.
  43. /// </summary>
  44. /// <remarks>
  45. /// Assumption: there are no loops/backward jumps
  46. /// We 'run' the code, with "state" being a symbolic variable
  47. /// so it can form expressions like "state + x" (when there's a sub instruction)
  48. ///
  49. /// For each block, we maintain the set of values for state for which the block is reachable.
  50. /// This is (int.MinValue, int.MaxValue) for the first instruction.
  51. /// These ranges are propagated depending on the conditional jumps performed by the code.
  52. /// </remarks>
  53. class StateRangeAnalysis
  54. {
  55. public CancellationToken CancellationToken;
  56. readonly StateRangeAnalysisMode mode;
  57. readonly IField? stateField;
  58. readonly bool legacyVisualBasic;
  59. readonly SymbolicEvaluationContext evalContext;
  61. readonly Dictionary<Block, LongSet> ranges = new Dictionary<Block, LongSet>();
  62. readonly Dictionary<BlockContainer, LongSet>? rangesForLeave; // used only for AwaitInFinally
  63. readonly internal Dictionary<IMethod, LongSet>? finallyMethodToStateRange; // used only for IteratorDispose
  65. internal ILVariable? doFinallyBodies;
  66. internal ILVariable? skipFinallyBodies;
  68. public StateRangeAnalysis(StateRangeAnalysisMode mode, IField? stateField, ILVariable? cachedStateVar = null, bool legacyVisualBasic = false)
  69. {
  70. this.mode = mode;
  71. this.stateField = stateField;
  72. this.legacyVisualBasic = legacyVisualBasic;
  73. if (mode == StateRangeAnalysisMode.IteratorDispose)
  74. {
  75. finallyMethodToStateRange = new Dictionary<IMethod, LongSet>();
  76. }
  77. if (mode == StateRangeAnalysisMode.AwaitInFinally)
  78. {
  79. rangesForLeave = new Dictionary<BlockContainer, LongSet>();
  80. }
  82. evalContext = new SymbolicEvaluationContext(stateField, legacyVisualBasic);
  83. if (cachedStateVar != null)
  84. evalContext.AddStateVariable(cachedStateVar);
  85. }
  87. public IEnumerable<ILVariable> CachedStateVars { get => evalContext.StateVariables; }
  89. /// <summary>
  90. /// Creates a new StateRangeAnalysis with the same settings, including any cached state vars
  91. /// discovered by this analysis.
  92. /// However, the new analysis has a fresh set of result ranges.
  93. /// </summary>
  94. internal StateRangeAnalysis CreateNestedAnalysis()
  95. {
  96. var sra = new StateRangeAnalysis(mode, stateField, legacyVisualBasic: legacyVisualBasic);
  97. sra.doFinallyBodies = this.doFinallyBodies;
  98. sra.skipFinallyBodies = this.skipFinallyBodies;
  99. foreach (var v in this.evalContext.StateVariables)
  100. {
  101. sra.evalContext.AddStateVariable(v);
  102. }
  103. return sra;
  104. }
  106. /// <summary>
  107. /// Assign state ranges for all blocks within 'inst'.
  108. /// </summary>
  109. /// <returns>
  110. /// The set of states for which the exit point of the instruction is reached.
  111. /// This must be a subset of the input set.
  112. ///
  113. /// Returns an empty set for unsupported instructions.
  114. /// </returns>
  115. public LongSet AssignStateRanges(ILInstruction inst, LongSet stateRange)
  116. {
  117. CancellationToken.ThrowIfCancellationRequested();
  118. switch (inst)
  119. {
  120. case BlockContainer blockContainer:
  121. AddStateRange(blockContainer.EntryPoint, stateRange);
  122. foreach (var block in blockContainer.Blocks)
  123. {
  124. // We assume that there are no jumps to blocks already processed.
  125. // TODO: is SortBlocks() guaranteeing this, even if the user code has loops?
  126. if (ranges.TryGetValue(block, out stateRange))
  127. {
  128. AssignStateRanges(block, stateRange);
  129. }
  130. }
  131. // Since we don't track 'leave' edges, we can only conservatively
  132. // return LongSet.Empty.
  133. return LongSet.Empty;
  134. case Block block:
  135. foreach (var instInBlock in block.Instructions)
  136. {
  137. if (stateRange.IsEmpty)
  138. break;
  139. var oldStateRange = stateRange;
  140. stateRange = AssignStateRanges(instInBlock, stateRange);
  141. // End-point can only be reachable in a subset of the states where the start-point is reachable.
  142. Debug.Assert(stateRange.IsSubsetOf(oldStateRange));
  143. // If the end-point is unreachable, it must be reachable in no states.
  144. Debug.Assert(stateRange.IsEmpty || !instInBlock.HasFlag(InstructionFlags.EndPointUnreachable));
  145. }
  146. return stateRange;
  147. case TryFinally tryFinally when mode == StateRangeAnalysisMode.IteratorDispose:
  148. var afterTry = AssignStateRanges(tryFinally.TryBlock, stateRange);
  149. // really finally should start with 'stateRange.UnionWith(afterTry)', but that's
  150. // equal to 'stateRange'.
  151. Debug.Assert(afterTry.IsSubsetOf(stateRange));
  152. var afterFinally = AssignStateRanges(tryFinally.FinallyBlock, stateRange);
  153. return afterTry.IntersectWith(afterFinally);
  154. case SwitchInstruction switchInst:
  155. SymbolicValue val = evalContext.Eval(switchInst.Value);
  156. if (val.Type != SymbolicValueType.State)
  157. goto default;
  158. List<LongInterval> exitIntervals = new List<LongInterval>();
  159. foreach (var section in switchInst.Sections)
  160. {
  161. // switch (state + Constant)
  162. // matches 'case VALUE:'
  163. // iff (state + Constant == value)
  164. // iff (state == value - Constant)
  165. var effectiveLabels = section.Labels.AddOffset(unchecked(-val.Constant));
  166. var result = AssignStateRanges(section.Body, stateRange.IntersectWith(effectiveLabels));
  167. exitIntervals.AddRange(result.Intervals);
  168. }
  169. // exitIntervals = union of exits of all sections
  170. return new LongSet(exitIntervals);
  171. case IfInstruction ifInst:
  172. val = evalContext.Eval(ifInst.Condition).AsBool();
  173. if (val.Type != SymbolicValueType.StateInSet)
  174. {
  175. goto default;
  176. }
  177. LongSet trueRanges = val.ValueSet;
  178. var afterTrue = AssignStateRanges(ifInst.TrueInst, stateRange.IntersectWith(trueRanges));
  179. var afterFalse = AssignStateRanges(ifInst.FalseInst, stateRange.ExceptWith(trueRanges));
  180. return afterTrue.UnionWith(afterFalse);
  181. case Branch br:
  182. AddStateRange(br.TargetBlock, stateRange);
  183. return LongSet.Empty;
  184. case Leave leave when mode == StateRangeAnalysisMode.AwaitInFinally:
  185. AddStateRangeForLeave(leave.TargetContainer, stateRange);
  186. return LongSet.Empty;
  187. case Nop nop:
  188. return stateRange;
  189. case StLoc stloc when stloc.Variable == doFinallyBodies || stloc.Variable == skipFinallyBodies:
  190. // pre-roslyn async/await uses a generated 'bool doFinallyBodies';
  191. // do not treat this as user code.
  192. // Mono also does this for yield-return.
  193. return stateRange;
  194. case StLoc stloc:
  195. val = evalContext.Eval(stloc.Value);
  196. if (val.Type == SymbolicValueType.State && val.Constant == 0)
  197. {
  198. evalContext.AddStateVariable(stloc.Variable);
  199. return stateRange;
  200. }
  201. else
  202. {
  203. goto default; // user code
  204. }
  205. case Call call when mode == StateRangeAnalysisMode.IteratorDispose:
  206. // Call to finally method.
  207. // Usually these are in finally blocks, but sometimes (e.g. foreach over array),
  208. // the C# compiler puts the call to a finally method outside the try-finally block.
  209. finallyMethodToStateRange!.Add((IMethod)call.Method.MemberDefinition, stateRange);
  210. return LongSet.Empty; // return Empty since we executed user code (the finally method)
  211. case StObj stobj when mode == StateRangeAnalysisMode.IteratorMoveNext:
  212. {
  213. if (stobj.MatchStFld(out var target, out var field, out var value)
  214. && target.MatchLdThis() && field.MemberDefinition == stateField && value.MatchLdcI4(-1))
  215. {
  216. // Mono resets the state field during MoveNext();
  217. // don't consider this user code.
  218. return stateRange;
  219. }
  220. else
  221. {
  222. goto default;
  223. }
  224. }
  225. case StObj stobj when mode == StateRangeAnalysisMode.IteratorDispose:
  226. {
  227. if (stobj.MatchStFld(out var target, out var field, out var value) && target.MatchLdThis())
  228. {
  229. if (field.MemberDefinition == stateField && value.MatchLdcI4(-2))
  230. {
  231. // Roslyn 4.13 sets the state field in Dispose() to mark the iterator as disposed,
  232. // don't consider this user code.
  233. return stateRange;
  234. }
  235. else if (value.MatchDefaultOrNullOrZero())
  236. {
  237. // Roslyn 4.13 clears any local hoisted local variables in Dispose(),
  238. // don't consider this user code.
  239. return stateRange;
  240. }
  241. else
  242. {
  243. goto default;
  244. }
  245. }
  246. else
  247. {
  248. goto default;
  249. }
  250. }
  251. default:
  252. // User code - abort analysis
  253. if (mode == StateRangeAnalysisMode.IteratorDispose && !(inst is Leave l && l.IsLeavingFunction))
  254. {
  255. throw new SymbolicAnalysisFailedException("Unexpected instruction in Iterator.Dispose()");
  256. }
  257. return LongSet.Empty;
  258. }
  259. }
  261. private void AddStateRange(Block block, LongSet stateRange)
  262. {
  263. if (ranges.TryGetValue(block, out var existingRange))
  264. ranges[block] = stateRange.UnionWith(existingRange);
  265. else
  266. ranges.Add(block, stateRange);
  267. }
  269. private void AddStateRangeForLeave(BlockContainer target, LongSet stateRange)
  270. {
  271. if (rangesForLeave!.TryGetValue(target, out var existingRange))
  272. rangesForLeave[target] = stateRange.UnionWith(existingRange);
  273. else
  274. rangesForLeave.Add(target, stateRange);
  275. }
  278. /// <summary>
  279. /// Gets a mapping from states to blocks.
  280. ///
  281. /// Within the given container (which should be the container that was analyzed),
  282. /// the mapping prefers the last block.
  283. /// Blocks outside of the given container are preferred over blocks within the container.
  284. /// </summary>
  285. public LongDict<Block> GetBlockStateSetMapping(BlockContainer container)
  286. {
  287. return LongDict.Create(GetMapping());
  289. IEnumerable<(LongSet, Block)> GetMapping()
  290. {
  291. // First, consider container exits:
  292. foreach (var (block, states) in ranges)
  293. {
  294. if (block.Parent != container)
  295. yield return (states, block);
  296. }
  297. // Then blocks within the container:
  298. foreach (var block in container.Blocks.Reverse())
  299. {
  300. if (ranges.TryGetValue(block, out var states))
  301. {
  302. yield return (states, block);
  303. }
  304. }
  305. }
  306. }
  308. public LongDict<BlockContainer> GetBlockStateSetMappingForLeave()
  309. {
  310. Debug.Assert(mode == StateRangeAnalysisMode.AwaitInFinally);
  311. return LongDict.Create(rangesForLeave!.Select(kv => (kv.Value, kv.Key)));
  312. }
  313. }
  314. }