optimizes reconstructor, symtab, and brancher performance

lib/bap_disasm/bap_disasm_brancher.ml

@@ -32,9 +32,17 @@ let kind_of_branches t f =
   | `Fall,`Fall -> `Fall
   | _           -> `Cond
 
+let has_jumps =
+  Bil.exists
+    (object
+      inherit [unit] Stmt.finder
+      method! enter_jmp _ r = r.return (Some ())
+    end)
 
 let rec dests_of_bil bil : dests =
-  Bil.fold_consts bil |> List.concat_map ~f:dests_of_stmt
+  if has_jumps bil then
+    Bil.fold_consts bil |> List.concat_map ~f:dests_of_stmt
+  else []
 and dests_of_stmt = function
   | Bil.Jmp (Bil.Int addr) -> [Some addr,`Jump]
   | Bil.Jmp (_) -> [None, `Jump]

lib/bap_disasm/bap_disasm_reconstructor.ml

@@ -19,51 +19,47 @@ type reconstructor = t
 let create f = Reconstructor f
 let run (Reconstructor f) = f
 
-let find_calls name roots cfg =
-  let starts = Addr.Table.create () in
-  List.iter roots ~f:(fun addr ->
-      Hashtbl.set starts ~key:addr ~data:(name addr));
-  Cfg.nodes cfg |> Seq.iter ~f:(fun blk ->
-      let () =
-        if Seq.is_empty (Cfg.Node.inputs blk cfg) then
-          let addr = Block.addr blk in
-          Hashtbl.set starts ~key:addr ~data:(name addr) in
-      let term = Block.terminator blk in
-      if Insn.(is call) term then
-        Seq.iter (Cfg.Node.outputs blk cfg)
-          ~f:(fun e ->
-              if Cfg.Edge.label e <> `Fall then
-                let w = Block.addr (Cfg.Edge.dst e) in
-                Hashtbl.set starts ~key:w ~data:(name w)));
-  starts
+let roots_of_blk roots cfg blk =
+  let addr = Block.addr blk in
+  let term = Block.terminator blk in
+  let init =
+    if Set.mem roots addr || Seq.is_empty (Cfg.Node.inputs blk cfg)
+    then [blk]
+    else [] in
+  if Insn.(is call) term then
+    Seq.fold ~init (Cfg.Node.outputs blk cfg)
+      ~f:(fun rs e ->
+          if Cfg.Edge.label e <> `Fall then Cfg.Edge.dst e :: rs
+          else rs)
+  else init
+
+let find_calls cfg roots =
+  let roots = List.fold ~init:Addr.Set.empty ~f:Set.add roots in
+  Graphlib.depth_first_search (module Cfg)
+    cfg ~init:Block.Set.empty
+    ~enter_node:(fun _ blk all ->
+        roots_of_blk roots cfg blk |>
+        List.fold ~init:all ~f:Set.add)
 
 let reconstruct name roots cfg =
-  let roots = find_calls name roots cfg in
-  let init =
-    Cfg.nodes cfg |> Seq.fold ~init:Cfg.empty ~f:(fun cfg n ->
-        Cfg.Node.insert n cfg) in
-  let filtered =
-    Cfg.edges cfg |> Seq.fold ~init ~f:(fun cfg e ->
-        if Hashtbl.mem roots (Block.addr (Cfg.Edge.dst e)) then cfg
-        else Cfg.Edge.insert e cfg) in
-  let find_block addr =
-    Cfg.nodes cfg |> Seq.find ~f:(fun blk ->
-        Addr.equal addr (Block.addr blk)) in
-  Hashtbl.fold roots ~init:Symtab.empty
-    ~f:(fun ~key:entry ~data:name syms ->
-        match find_block entry with
-        | None -> syms
-        | Some entry ->
-          let cfg : cfg =
-            with_return (fun {return} ->
-                Graphlib.depth_first_search (module Cfg)
-                  filtered ~start:entry ~init:Cfg.empty
-                  ~enter_edge:(fun _ -> Cfg.Edge.insert)
-                  ~start_tree:(fun n t ->
-                      if Block.equal n entry
-                      then Cfg.Node.insert n t
-                      else return t)) in
-          Symtab.add_symbol syms (name,entry,cfg))
+  let roots = find_calls cfg roots in
+  let filtered = Set.fold roots ~init:cfg
+      ~f:(fun g root ->
+          let inputs = Cfg.Node.inputs root cfg in
+          Seq.fold inputs ~init:g ~f:(fun g e -> Cfg.Edge.remove e g)) in
+  Set.fold roots ~init:Symtab.empty
+    ~f:(fun syms entry ->
+        let name = name (Block.addr entry) in
+        let cfg : cfg =
+          with_return (fun {return} ->
+              Graphlib.depth_first_search (module Cfg)
+                filtered ~start:entry ~init:Cfg.empty
+                ~enter_edge:(fun _ -> Cfg.Edge.insert)
+                ~start_tree:(fun n t ->
+                    if Block.equal n entry
+                    then Cfg.Node.insert n t
+                    else return t)) in
+        Symtab.add_symbol syms (name,entry,cfg))
 
 let of_blocks syms =
   let reconstruct (cfg : cfg) =

lib/bap_disasm/bap_disasm_symtab.ml

@@ -17,7 +17,7 @@ type cfg = Cfg.t [@@deriving compare]
 
 type fn = string * block * cfg [@@deriving compare]
 
-let sexp_of_fn (name,block,cfg) =
+let sexp_of_fn (name,block,_cfg) =
   Sexp.List [sexp_of_string name; sexp_of_addr (Block.addr block)]
 
 module Fn = Opaque.Make(struct
@@ -38,7 +38,7 @@ let compare t1 t2 =
 
 type symtab = t [@@deriving compare, sexp_of]
 
-let span ((name,entry,cfg) as fn) =
+let span ((_name,_entry,cfg) as fn) =
   Cfg.nodes cfg |> Seq.fold ~init:Memmap.empty ~f:(fun map blk ->
       Memmap.add map (Block.memory blk) fn)
 
@@ -52,19 +52,27 @@ let merge m1 m2 =
   Memmap.to_sequence m2 |> Seq.fold ~init:m1 ~f:(fun m1 (mem,x) ->
       Memmap.add m1 mem x)
 
+let filter_mem mem name entry =
+  Memmap.filter mem ~f:(fun (n,e,_) ->
+      not(String.(name = n) || Block.(entry = e)))
+
 let remove t (name,entry,_) : t = {
   names = Map.remove t.names name;
   addrs = Map.remove t.addrs (Block.addr entry);
-  memory = Memmap.filter t.memory ~f:(fun (n,e,_) ->
-      not(String.(name = n) || Block.(entry = e)))
+  memory = filter_mem t.memory name entry;
 }
 
+let filter t ((name,entry,_ ) as fn) =
+  if Map.mem t.names name || Map.mem t.addrs (Block.addr entry) then
+    remove t fn
+  else t
+
 let add_symbol t (name,entry,cfg) : t =
   let data = name,entry,cfg in
-  let t = remove t data in
+  let t = filter t data in
   {
     addrs = Map.add t.addrs ~key:(Block.addr entry) ~data;
-    names = Map.add t.names ~key:name  ~data;
+    names = Map.add t.names ~key:name ~data;
     memory = merge t.memory (span data);
   }