package ghidra.app.plugin.prototype.analysis;

import ghidra.app.cmd.disassemble.DisassembleCommand;
import ghidra.app.plugin.core.analysis.AutoAnalysisManager;
import ghidra.app.plugin.core.bookmark.BookmarkEditCmd;
import ghidra.app.plugin.core.clear.ClearFlowAndRepairCmd;
import ghidra.app.services.AbstractAnalyzer;
import ghidra.app.services.AnalysisPriority;
import ghidra.app.services.AnalyzerType;
import ghidra.app.util.PseudoDisassembler;
import ghidra.app.util.PseudoDisassemblerContext;
import ghidra.app.util.PseudoFlowProcessor;
import ghidra.app.util.PseudoInstruction;
import ghidra.app.util.importer.MessageLog;
import ghidra.program.model.address.Address;
import ghidra.program.model.address.AddressIterator;
import ghidra.program.model.address.AddressRange;
import ghidra.program.model.address.AddressRangeIterator;
import ghidra.program.model.address.AddressSet;
import ghidra.program.model.address.AddressSetView;
import ghidra.program.model.lang.InsufficientBytesException;
import ghidra.program.model.lang.Processor;
import ghidra.program.model.lang.Register;
import ghidra.program.model.lang.UnknownContextException;
import ghidra.program.model.lang.UnknownInstructionException;
import ghidra.program.model.listing.Bookmark;
import ghidra.program.model.listing.BookmarkType;
import ghidra.program.model.listing.CodeUnit;
import ghidra.program.model.listing.ContextChangeException;
import ghidra.program.model.listing.Data;
import ghidra.program.model.listing.Function;
import ghidra.program.model.listing.Instruction;
import ghidra.program.model.listing.Listing;
import ghidra.program.model.listing.Program;
import ghidra.program.model.mem.MemoryBlock;
import ghidra.program.model.symbol.FlowType;
import ghidra.program.model.symbol.SourceType;
import ghidra.program.model.symbol.Symbol;
import ghidra.program.model.symbol.SymbolTable;
import ghidra.util.Msg;
import ghidra.util.task.TaskMonitor;
import java.math.BigInteger;
import java.util.Iterator;

/* loaded from: input_file:ghidra/app/plugin/prototype/analysis/ArmAggressiveInstructionFinderAnalyzer.class */
public class ArmAggressiveInstructionFinderAnalyzer extends AbstractAnalyzer {
    private static final String NAME = "ARM Aggressive Instruction Finder";
    private static final String DESCRIPTION = "Aggressively attempt to disassemble ARM/Thumb mixed code.";
    private Program curProgram;
    private Listing listing;
    private int numInstr;
    private boolean addsInfo;
    private Register tmodeReg;
    private AddressSet lastBody;
    private int lastBodyTheSameCount;
    private PseudoDisassembler pseudo;
    private AddressSet todoSet;

    public ArmAggressiveInstructionFinderAnalyzer() {
        super(NAME, DESCRIPTION, AnalyzerType.BYTE_ANALYZER);
        this.numInstr = 0;
        this.addsInfo = false;
        this.lastBody = null;
        this.lastBodyTheSameCount = 0;
        setPrototype();
        setPriority(AnalysisPriority.DATA_TYPE_PROPOGATION.after());
        setSupportsOneTimeAnalysis();
    }

    @Override // ghidra.app.services.AbstractAnalyzer, ghidra.app.services.Analyzer
    public boolean canAnalyze(Program program) {
        return program.getLanguage().getProcessor().equals(Processor.findOrPossiblyCreateProcessor("ARM"));
    }

    @Override // ghidra.app.services.Analyzer
    public boolean added(Program program, AddressSetView addressSetView, TaskMonitor taskMonitor, MessageLog messageLog) {
        this.curProgram = program;
        this.listing = program.getListing();
        this.todoSet = checkExecBlocks(program, addressSetView);
        this.tmodeReg = this.curProgram.getProgramContext().getRegister("TMode");
        this.lastBody = null;
        this.lastBodyTheSameCount = 0;
        this.pseudo = new PseudoDisassembler(program);
        taskMonitor.setMessage("ARM AIF " + String.valueOf(addressSetView.getMinAddress()));
        long numAddresses = program.getMemory().getExecuteSet().getNumAddresses();
        if (numAddresses == 0) {
            numAddresses = program.getMemory().getNumAddresses();
        }
        taskMonitor.setMaximum(numAddresses);
        SymbolTable symbolTable = this.curProgram.getSymbolTable();
        AddressIterator externalEntryPointIterator = symbolTable.getExternalEntryPointIterator();
        while (externalEntryPointIterator.hasNext()) {
            Address next = externalEntryPointIterator.next();
            if (taskMonitor.isCancelled()) {
                return true;
            }
            if (this.todoSet.contains(next)) {
                Symbol primarySymbol = symbolTable.getPrimarySymbol(next);
                this.todoSet.delete(next, next);
                if (primarySymbol.isExternalEntryPoint() && doValidStart(next, taskMonitor)) {
                    scheduleFollowOnAnalysis(this.curProgram, this.todoSet);
                    return true;
                }
            }
        }
        int i = 0;
        int i2 = 0;
        while (!this.todoSet.isEmpty()) {
            i2++;
            if (i2 % 256 == 1) {
                taskMonitor.setProgress(numAddresses - this.todoSet.getNumAddresses());
            }
            Address minAddress = this.todoSet.getMinAddress();
            if (minAddress.getOffset() % 2 != 0) {
                this.todoSet.delete(minAddress, minAddress);
            } else {
                if (i > 4) {
                    i = 0;
                    CodeUnit definedCodeUnitAfter = this.listing.getDefinedCodeUnitAfter(minAddress);
                    if (definedCodeUnitAfter == null) {
                        return true;
                    }
                    this.todoSet.delete(minAddress, definedCodeUnitAfter.getMaxAddress());
                    minAddress = definedCodeUnitAfter.getMaxAddress().next();
                }
                Data undefinedDataAt = this.listing.getUndefinedDataAt(minAddress);
                if (undefinedDataAt == null) {
                    i = 0;
                    this.todoSet.delete(minAddress, minAddress);
                    undefinedDataAt = this.listing.getFirstUndefinedData(this.todoSet, taskMonitor);
                }
                if (undefinedDataAt == null || this.todoSet.isEmpty()) {
                    return true;
                }
                Address minAddress2 = undefinedDataAt.getMinAddress();
                if (taskMonitor.isCancelled()) {
                    break;
                }
                boolean contains = this.todoSet.contains(minAddress2);
                this.todoSet.delete(minAddress, undefinedDataAt.getMaxAddress());
                if (!contains) {
                    continue;
                } else {
                    if (doValidStart(minAddress2, taskMonitor)) {
                        scheduleFollowOnAnalysis(program, this.todoSet);
                        return true;
                    }
                    i++;
                }
            }
        }
        Iterator<Bookmark> bookmarksIterator = this.curProgram.getBookmarkManager().getBookmarksIterator(BookmarkType.ERROR);
        while (bookmarksIterator.hasNext() && !taskMonitor.isCancelled()) {
            Address address = bookmarksIterator.next().getAddress();
            if (this.listing.getInstructionAt(address) == null && this.curProgram.getBookmarkManager().getBookmark(address, "Analysis", NAME) != null && address.subtract(this.listing.getInstructionBefore(address).getMaxAddress()) < 6) {
                new ClearFlowAndRepairCmd(address, true, false, true).applyTo(this.curProgram);
            }
        }
        return true;
    }

    private void scheduleFollowOnAnalysis(Program program, AddressSetView addressSetView) {
        if (addressSetView.isEmpty()) {
            return;
        }
        AutoAnalysisManager.getAnalysisManager(program).scheduleOneTimeAnalysis(this, addressSetView);
    }

    private boolean doValidStart(Address address, TaskMonitor taskMonitor) {
        BigInteger bigInteger = null;
        if (this.tmodeReg != null) {
            Instruction instructionBefore = this.listing.getInstructionBefore(address);
            if (instructionBefore != null) {
                bigInteger = this.curProgram.getProgramContext().getValue(this.tmodeReg, instructionBefore.getMinAddress(), false);
            }
            if (bigInteger == null) {
                bigInteger = this.curProgram.getProgramContext().getValue(this.tmodeReg, address, false);
            }
            if (bigInteger == null) {
                bigInteger = BigInteger.ZERO;
            }
        }
        boolean z = false;
        try {
            z = checkValidARMTMode(address, bigInteger);
        } catch (InsufficientBytesException | UnknownContextException | UnknownInstructionException e) {
        }
        if (!z && this.tmodeReg != null) {
            bigInteger = bigInteger.flipBit(0);
            try {
                z = checkValidARMTMode(address, bigInteger);
            } catch (InsufficientBytesException | UnknownContextException | UnknownInstructionException e2) {
            }
        }
        if (!z) {
            return false;
        }
        this.numInstr = 0;
        this.addsInfo = false;
        Symbol primarySymbol = this.curProgram.getSymbolTable().getPrimarySymbol(address);
        if (primarySymbol != null && primarySymbol.getSource() == SourceType.IMPORTED) {
            this.addsInfo = true;
        }
        PseudoDisassemblerContext pseudoDisassemblerContext = new PseudoDisassemblerContext(this.curProgram.getProgramContext());
        if (this.tmodeReg != null) {
            pseudoDisassemblerContext.setValue(this.tmodeReg, address, bigInteger);
        }
        AddressSet followSubFlows = this.pseudo.followSubFlows(address, pseudoDisassemblerContext, 1000, new PseudoFlowProcessor() { // from class: ghidra.app.plugin.prototype.analysis.ArmAggressiveInstructionFinderAnalyzer.1
            Object[] lastResults = null;
            Instruction lastInstr = null;
            int duplicateCount = 0;

            @Override // ghidra.app.util.PseudoFlowProcessor
            public boolean followFlows(PseudoInstruction pseudoInstruction) {
                return true;
            }

            @Override // ghidra.app.util.PseudoFlowProcessor
            public boolean process(PseudoInstruction pseudoInstruction) {
                Register register;
                if (pseudoInstruction == null) {
                    ArmAggressiveInstructionFinderAnalyzer.this.addsInfo = false;
                    return false;
                }
                if (this.lastInstr != null && this.lastInstr.equals(pseudoInstruction)) {
                    this.duplicateCount++;
                    if (this.duplicateCount > 4) {
                        ArmAggressiveInstructionFinderAnalyzer.this.addsInfo = false;
                        return false;
                    }
                }
                this.lastInstr = pseudoInstruction;
                ArmAggressiveInstructionFinderAnalyzer.this.numInstr++;
                FlowType flowType = pseudoInstruction.getFlowType();
                if (flowType.isTerminal()) {
                    return validTerminator(pseudoInstruction);
                }
                if (flowType.isComputed() && flowType.isJump()) {
                    return true;
                }
                Address[] flows = pseudoInstruction.getFlows();
                if (flows != null && flows.length > 0) {
                    if (!ArmAggressiveInstructionFinderAnalyzer.this.curProgram.getMemory().contains(flows[0])) {
                        ArmAggressiveInstructionFinderAnalyzer.this.addsInfo = false;
                        return false;
                    }
                    if (flowType.isJump() && ArmAggressiveInstructionFinderAnalyzer.this.curProgram.getFunctionManager().getFunctionAt(flows[0]) != null) {
                        ArmAggressiveInstructionFinderAnalyzer.this.addsInfo = true;
                        return false;
                    }
                    if (flowType.isCall()) {
                        Function functionAt = ArmAggressiveInstructionFinderAnalyzer.this.curProgram.getFunctionManager().getFunctionAt(flows[0]);
                        if (functionAt != null) {
                            ArmAggressiveInstructionFinderAnalyzer.this.addsInfo = true;
                            return !functionAt.hasNoReturn();
                        }
                        if (ArmAggressiveInstructionFinderAnalyzer.this.curProgram.getListing().getInstructionAt(flows[0]) == null) {
                            ArmAggressiveInstructionFinderAnalyzer.this.addsInfo = true;
                            return true;
                        }
                    }
                }
                if (flowType.isCall() && flowType.isComputed() && this.lastResults != null && pseudoInstruction.getNumOperands() == 1 && (register = pseudoInstruction.getRegister(0)) != null) {
                    for (int i = 0; i < this.lastResults.length; i++) {
                        if (register.equals(this.lastResults[i])) {
                            ArmAggressiveInstructionFinderAnalyzer.this.addsInfo = true;
                            return true;
                        }
                    }
                }
                this.lastResults = null;
                if (!pseudoInstruction.getMnemonicString().startsWith("ld")) {
                    return true;
                }
                this.lastResults = pseudoInstruction.getResultObjects();
                return true;
            }

            private boolean validTerminator(PseudoInstruction pseudoInstruction) {
                Object[] inputObjects;
                if (!pseudoInstruction.getMnemonicString().startsWith("ldm") || (inputObjects = pseudoInstruction.getInputObjects()) == null) {
                    return true;
                }
                for (int i = 0; i < inputObjects.length; i++) {
                    if ((inputObjects[i] instanceof Register) && (((Register) inputObjects[i]).getTypeFlags() & 2) == 0) {
                        return true;
                    }
                }
                return false;
            }
        });
        if (this.lastBody != null && this.lastBody.contains(followSubFlows)) {
            int i = this.lastBodyTheSameCount;
            this.lastBodyTheSameCount = i + 1;
            if (i > 5) {
                this.todoSet.delete(followSubFlows);
                this.lastBody = null;
                this.lastBodyTheSameCount = 0;
                if (this.numInstr <= 2 && this.addsInfo) {
                    if ((followSubFlows.getNumAddressRanges() > 1 && followSubFlows.getAddressRanges().next().getLength() <= 6) || this.listing.getDefinedData((AddressSetView) followSubFlows, true).hasNext()) {
                        return false;
                    }
                    Instruction instructionBefore2 = this.listing.getInstructionBefore(address);
                    if (instructionBefore2 != null && instructionBefore2.getMaxAddress().add(1L).equals(address)) {
                        FlowType flowType = instructionBefore2.getFlowType();
                        if (flowType.isComputed() && flowType.isJump() && this.curProgram.getReferenceManager().getReferenceCountTo(address) > 0) {
                            this.todoSet.delete(new AddressSet(followSubFlows.getMinAddress(), followSubFlows.getMaxAddress()));
                            return false;
                        }
                    }
                    AddressRangeIterator addressRanges = followSubFlows.getAddressRanges();
                    long j = 0;
                    Address address2 = null;
                    while (true) {
                        if (!addressRanges.hasNext()) {
                            break;
                        }
                        AddressRange next = addressRanges.next();
                        if (address2 != null) {
                            j += Math.abs(address2.subtract(next.getMinAddress()));
                        }
                        address2 = next.getMaxAddress();
                        if (next.getMinAddress().subtract(address) < 0) {
                            j = 7829367;
                            break;
                        }
                        if (next.getLength() <= 4) {
                            j = 7829367;
                            break;
                        }
                    }
                    if (j > 4096 || this.curProgram.getListing().getFunctions((AddressSetView) followSubFlows, true).hasNext()) {
                        return false;
                    }
                    taskMonitor.setMessage("ARM AIF : " + String.valueOf(address));
                    if (!z) {
                        return false;
                    }
                    try {
                        this.curProgram.getProgramContext().setValue(this.tmodeReg, address, address, bigInteger);
                        DisassembleCommand disassembleCommand = new DisassembleCommand(address, (AddressSetView) null, true);
                        int bookmarkCount = this.curProgram.getBookmarkManager().getBookmarkCount(BookmarkType.ERROR);
                        disassembleCommand.applyTo(this.curProgram);
                        if (bookmarkCount < this.curProgram.getBookmarkManager().getBookmarkCount(BookmarkType.ERROR)) {
                            new ClearFlowAndRepairCmd(address, true, false, false).applyTo(this.curProgram);
                            return false;
                        }
                        this.todoSet.delete(disassembleCommand.getDisassembledAddressSet());
                        new BookmarkEditCmd(address, "Analysis", "ARM Aggressive Intruction Finder", "Found code").applyTo(this.curProgram);
                        return true;
                    } catch (ContextChangeException e3) {
                        Msg.error(this, "Unexpected Exception: " + e3.getMessage(), e3);
                        return false;
                    }
                }
            }
        }
        this.lastBody = followSubFlows;
        return this.numInstr <= 2 ? false : false;
    }

    private boolean checkValidARMTMode(Address address, BigInteger bigInteger) throws InsufficientBytesException, UnknownInstructionException, UnknownContextException {
        PseudoDisassemblerContext pseudoDisassemblerContext = new PseudoDisassemblerContext(this.curProgram.getProgramContext());
        if (this.tmodeReg != null && bigInteger != null) {
            pseudoDisassemblerContext.setValue(this.tmodeReg, address, bigInteger);
        }
        pseudoDisassemblerContext.flowStart(address);
        PseudoInstruction disassemble = this.pseudo.disassemble(address, pseudoDisassemblerContext, false);
        PseudoDisassemblerContext pseudoDisassemblerContext2 = new PseudoDisassemblerContext(this.curProgram.getProgramContext());
        pseudoDisassemblerContext2.setValue(this.tmodeReg, address, bigInteger);
        if (disassemble == null || isFillerInstruction(disassemble)) {
            return false;
        }
        return this.pseudo.checkValidSubroutine(address, pseudoDisassemblerContext2, true, false);
    }

    private boolean isFillerInstruction(PseudoInstruction pseudoInstruction) {
        String mnemonicString = pseudoInstruction.getMnemonicString();
        if (mnemonicString.equals("nop")) {
            return true;
        }
        if ((!mnemonicString.equals("mov") && !mnemonicString.equals("movs")) || pseudoInstruction.getNumOperands() != 2) {
            return false;
        }
        Register register = pseudoInstruction.getRegister(0);
        return register != null && register.equals(pseudoInstruction.getRegister(1));
    }

    private AddressSet checkExecBlocks(Program program, AddressSetView addressSetView) {
        AddressSet addressSet = new AddressSet();
        MemoryBlock[] blocks = program.getMemory().getBlocks();
        for (int i = 0; i < blocks.length; i++) {
            if (blocks[i].isExecute()) {
                addressSet.addRange(blocks[i].getStart(), blocks[i].getEnd());
            }
        }
        return addressSet.isEmpty() ? new AddressSet(addressSetView) : addressSetView.isEmpty() ? addressSet : addressSetView.intersect(addressSet);
    }
}
