| com.pnfsoftware.jeb.core.units.code.asm.decompiler.ir.emulator.IEEmulatorHooks |
Evaluation (execution) hooks.
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| abstract Boolean |
evaluateAt(EEmulator emu, long addr, IInstruction hintNativeStm)
This hook is called before a native instruction is converted and evaluated.
| ||||||||||
| abstract Boolean |
evaluateExternal(EEmulator emu, String routineName, INativeMethodItem routine)
This higher-level hook is called when an external method (e.g.
| ||||||||||
| abstract Long |
evaluateSyscall(EEmulator emu, long addr, IInstruction nativeStm, INativeMethodItem syscallRoutine, List<Long> args)
This higher-level hook is called when a system call type instruction is about to be executed.
| ||||||||||
| abstract Boolean |
evaluateUntranslated(EEmulator emu, IEUntranslatedInstruction stm, IInstruction nativeStm)
This hook is called when an instruction conversion produced an
IEUntranslatedInstruction IR. | ||||||||||
This hook is called before a native instruction is converted and evaluated. The hook has a chance to examine and modify the emulator state (provide a custom evaluation) if it wants to. If a hook succeeded (returned: true), it is expected that the PC was updated to point to the next instruction to be executed,. The emulator will proceed at the then-current PC.
| emu | the emulator |
|---|---|
| addr | native address (current PC) |
| hintNativeStm | (optional) instruction parsed at the current PC |
This higher-level hook is called when an external method (e.g. a library method) is about to be executed. The PC when this method is called is on the routine entry-point. The hook has a chance to provide a custom evaluation if it wants to. If a hook succeeded (returned: true), it is expected that the PC (along with other execution environment attributes, such as the stack) was updated to the return address provided to the routine. The emulator will proceed at the then-current PC.
| emu | the emulator |
|---|---|
| routineName | mandatory routine name |
| routine | optional routine reference |
This higher-level hook is called when a system call type instruction is about to be executed. The hook has a chance to examine and modify the emulator state (provide a custom evaluation) if it wants to. If a hook succeeded (returned: non-null), the emulator will update the PC to point to the next instruction, i.e. the implementor does not need to update the PC itself.
| emu | the emulator |
|---|---|
| addr | native address (current PC) |
| nativeStm | the system call instruction |
| syscallRoutine | the system routine to be executed |
| args | the arguments to the system call |
This hook is called when an instruction conversion produced an
IEUntranslatedInstruction IR. The hook has a chance to provide a custom evaluation is
it can. Else, the emulator is very likely to fail and the emulation will stop. If a hook
succeeded (returned: true), it is expected that the PC was updated to point to the next
instruction to be executed,. The emulator will proceed at the then-current PC.
| emu | the emulator |
|---|---|
| stm | untranslated IR statement |
| nativeStm | source native instruction |