package ghidra.app.plugin.core.analysis;

import generic.concurrent.ConcurrentQ;
import generic.concurrent.ConcurrentQBuilder;
import generic.concurrent.GThreadPool;
import generic.concurrent.QCallback;
import generic.concurrent.QResult;
import ghidra.app.cmd.function.CreateFunctionCmd;
import ghidra.app.cmd.function.DecompilerSwitchAnalysisCmd;
import ghidra.app.decompiler.DecompileResults;
import ghidra.app.decompiler.parallel.DecompilerCallback;
import ghidra.app.decompiler.parallel.ParallelDecompiler;
import ghidra.app.services.AbstractAnalyzer;
import ghidra.app.services.AnalysisPriority;
import ghidra.app.services.AnalyzerType;
import ghidra.app.util.importer.MessageLog;
import ghidra.framework.options.Options;
import ghidra.program.model.address.Address;
import ghidra.program.model.address.AddressSet;
import ghidra.program.model.address.AddressSetView;
import ghidra.program.model.block.CodeBlock;
import ghidra.program.model.block.CodeBlockModel;
import ghidra.program.model.block.SimpleBlockModel;
import ghidra.program.model.data.DataType;
import ghidra.program.model.lang.InjectPayload;
import ghidra.program.model.lang.PcodeInjectLibrary;
import ghidra.program.model.listing.Function;
import ghidra.program.model.listing.Instruction;
import ghidra.program.model.listing.InstructionIterator;
import ghidra.program.model.listing.Program;
import ghidra.program.model.pcode.PcodeOp;
import ghidra.program.model.pcode.Varnode;
import ghidra.program.model.symbol.FlowType;
import ghidra.program.model.symbol.RefType;
import ghidra.program.model.symbol.Reference;
import ghidra.program.util.ContextEvaluator;
import ghidra.program.util.ContextEvaluatorAdapter;
import ghidra.program.util.SymbolicPropogator;
import ghidra.program.util.VarnodeContext;
import ghidra.util.Msg;
import ghidra.util.UndefinedFunction;
import ghidra.util.exception.CancelledException;
import ghidra.util.task.TaskMonitor;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.concurrent.atomic.AtomicInteger;

/* loaded from: input_file:ghidra/app/plugin/core/analysis/DecompilerSwitchAnalyzer.class */
public class DecompilerSwitchAnalyzer extends AbstractAnalyzer {
    private static final String NAME = "Decompiler Switch Analysis";
    private static final String DESCRIPTION = "Creates switch statements for dynamic instructions using Decompiler.";
    private static final String OPTION_NAME_DECOMPILER_TIMEOUT_SECS = "Analysis Decompiler Timeout (sec)";
    private static final String OPTION_DESCRIPTION_DECOMPILER_TIMEOUT_SECS = "Set timeout in seconds for analyzer decompiler calls.";
    public static final int OPTION_DEFAULT_DECOMPILER_TIMEOUT_SECS = 60;
    private int decompilerTimeoutSecondsOption;
    private HashMap<Long, InjectPayload> injectPayloadCache;
    private boolean hitNonReturningFunction;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:ghidra/app/plugin/core/analysis/DecompilerSwitchAnalyzer$FindFunctionCallback.class */
    public class FindFunctionCallback implements QCallback<Address, Function> {
        private Program program;

        FindFunctionCallback(Program program) {
            this.program = program;
        }

        @Override // generic.concurrent.QCallback
        public Function process(Address address, TaskMonitor taskMonitor) throws Exception {
            Instruction instructionAt;
            Function functionContaining;
            if (taskMonitor.isCancelled()) {
                return null;
            }
            taskMonitor.incrementProgress(1L);
            for (Reference reference : this.program.getReferenceManager().getReferencesFrom(address)) {
                if (reference.getReferenceType().isComputed()) {
                    return null;
                }
            }
            if (!handleSimpleBlock(address, taskMonitor) || (((instructionAt = this.program.getListing().getInstructionAt(address)) != null && DecompilerSwitchAnalyzer.this.isCallFixup(this.program, instructionAt, instructionAt.getFlowType())) || (functionContaining = this.program.getFunctionManager().getFunctionContaining(address)) == null)) {
                Function functionContaining2 = this.program.getFunctionManager().getFunctionContaining(address);
                if (functionContaining2 == null) {
                    functionContaining2 = UndefinedFunction.findFunctionUsingSimpleBlockModel(this.program, address, taskMonitor);
                }
                return functionContaining2;
            }
            CreateFunctionCmd.fixupFunctionBody(this.program, functionContaining, taskMonitor);
            if (functionContaining.hasNoReturn()) {
                return functionContaining;
            }
            return null;
        }

        private boolean handleSimpleBlock(Address address, TaskMonitor taskMonitor) throws CancelledException {
            return resolveComputableFlow(address, taskMonitor, new SimpleBlockModel(this.program));
        }

        private boolean resolveComputableFlow(Address address, TaskMonitor taskMonitor, CodeBlockModel codeBlockModel) throws CancelledException {
            CodeBlock firstCodeBlockContaining = codeBlockModel.getFirstCodeBlockContaining(address, taskMonitor);
            final AtomicInteger atomicInteger = new AtomicInteger(0);
            new SymbolicPropogator(this.program).flowConstants(firstCodeBlockContaining.getFirstStartAddress(), (AddressSetView) firstCodeBlockContaining, (ContextEvaluator) new ContextEvaluatorAdapter() { // from class: ghidra.app.plugin.core.analysis.DecompilerSwitchAnalyzer.FindFunctionCallback.1
                @Override // ghidra.program.util.ContextEvaluatorAdapter, ghidra.program.util.ContextEvaluator
                public boolean evaluateReference(VarnodeContext varnodeContext, Instruction instruction, int i, Address address2, int i2, DataType dataType, RefType refType) {
                    if (!refType.isComputed() || !refType.isFlow() || !FindFunctionCallback.this.program.getMemory().contains(address2)) {
                        return false;
                    }
                    atomicInteger.incrementAndGet();
                    return false;
                }
            }, false, taskMonitor);
            return atomicInteger.get() == 1;
        }
    }

    public DecompilerSwitchAnalyzer() {
        super(NAME, DESCRIPTION, AnalyzerType.INSTRUCTION_ANALYZER);
        this.decompilerTimeoutSecondsOption = 60;
        this.injectPayloadCache = new HashMap<>();
        this.hitNonReturningFunction = false;
        setPriority(AnalysisPriority.CODE_ANALYSIS);
        setDefaultEnablement(true);
        setSupportsOneTimeAnalysis();
    }

    @Override // ghidra.app.services.AbstractAnalyzer, ghidra.app.services.Analyzer
    public boolean canAnalyze(Program program) {
        return program.getLanguage().supportsPcode();
    }

    @Override // ghidra.app.services.AbstractAnalyzer, ghidra.app.services.Analyzer
    public boolean getDefaultEnablement(Program program) {
        return true;
    }

    @Override // ghidra.app.services.AbstractAnalyzer, ghidra.app.services.Analyzer
    public void registerOptions(Options options, Program program) {
        options.registerOption(OPTION_NAME_DECOMPILER_TIMEOUT_SECS, Integer.valueOf(this.decompilerTimeoutSecondsOption), null, OPTION_DESCRIPTION_DECOMPILER_TIMEOUT_SECS);
    }

    @Override // ghidra.app.services.AbstractAnalyzer, ghidra.app.services.Analyzer
    public void optionsChanged(Options options, Program program) {
        this.decompilerTimeoutSecondsOption = options.getInt(OPTION_NAME_DECOMPILER_TIMEOUT_SECS, this.decompilerTimeoutSecondsOption);
    }

    @Override // ghidra.app.services.Analyzer
    public boolean added(Program program, AddressSetView addressSetView, TaskMonitor taskMonitor, MessageLog messageLog) throws CancelledException {
        try {
            ArrayList<Address> findLocations = findLocations(program, addressSetView, taskMonitor);
            if (findLocations.isEmpty()) {
                return true;
            }
            ArrayList arrayList = new ArrayList();
            ArrayList arrayList2 = new ArrayList();
            findFunctions(program, findLocations, arrayList, arrayList2, taskMonitor);
            if (this.hitNonReturningFunction) {
                this.hitNonReturningFunction = false;
                restartRemainingLater(program, arrayList, arrayList2);
                return true;
            }
            taskMonitor.checkCancelled();
            runDecompilerAnalysis(program, arrayList, taskMonitor);
            taskMonitor.checkCancelled();
            runDecompilerAnalysis(program, arrayList2, taskMonitor);
            taskMonitor.checkCancelled();
            return true;
        } catch (CancelledException e) {
            throw e;
        } catch (InterruptedException e2) {
            if (taskMonitor.isCancelled()) {
                return true;
            }
            Msg.error(this, "Unexpectedly interrupted while analyzing", e2);
            return true;
        } catch (Exception e3) {
            Msg.error(this, "Unexpected exception", e3);
            return true;
        }
    }

    private void restartRemainingLater(Program program, Collection<Function> collection, Collection<Function> collection2) {
        AddressSet addressSet = new AddressSet();
        Iterator<Function> it = collection.iterator();
        while (it.hasNext()) {
            addressSet.add(it.next().getBody());
        }
        Iterator<Function> it2 = collection2.iterator();
        while (it2.hasNext()) {
            addressSet.add(it2.next().getBody());
        }
        AutoAnalysisManager.getAnalysisManager(program).scheduleOneTimeAnalysis(new DecompilerSwitchAnalyzer(), addressSet);
        Msg.info(this, "hit non-returning function, restarting decompiler switch analyzer later");
    }

    private void runDecompilerAnalysis(final Program program, Collection<Function> collection, final TaskMonitor taskMonitor) throws InterruptedException, Exception {
        DecompilerCallback<Void> decompilerCallback = new DecompilerCallback<Void>(this, program, new SwitchAnalysisDecompileConfigurer(program)) { // from class: ghidra.app.plugin.core.analysis.DecompilerSwitchAnalyzer.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // ghidra.app.decompiler.parallel.DecompilerCallback
            public Void process(DecompileResults decompileResults, TaskMonitor taskMonitor2) throws Exception {
                new DecompilerSwitchAnalysisCmd(decompileResults).applyTo(program, taskMonitor);
                return null;
            }
        };
        decompilerCallback.setTimeout(this.decompilerTimeoutSecondsOption);
        try {
            ParallelDecompiler.decompileFunctions(decompilerCallback, collection, taskMonitor);
            decompilerCallback.dispose();
        } catch (Throwable th) {
            decompilerCallback.dispose();
            throw th;
        }
    }

    private void findFunctions(Program program, ArrayList<Address> arrayList, Collection<Function> collection, Collection<Function> collection2, TaskMonitor taskMonitor) throws InterruptedException, Exception, CancelledException {
        GThreadPool sharedAnalsysThreadPool = AutoAnalysisManager.getSharedAnalsysThreadPool();
        ConcurrentQ build = new ConcurrentQBuilder().setCollectResults(true).setThreadPool(sharedAnalsysThreadPool).setMonitor(taskMonitor).build(new FindFunctionCallback(program));
        Iterator<Address> it = arrayList.iterator();
        while (it.hasNext()) {
            build.add((ConcurrentQ) it.next());
        }
        Iterator it2 = build.waitForResults().iterator();
        while (it2.hasNext()) {
            Function function = (Function) ((QResult) it2.next()).getResult();
            if (function != null) {
                if (function.isThunk()) {
                    if (function.hasNoReturn()) {
                        this.hitNonReturningFunction = true;
                    }
                } else if (function instanceof UndefinedFunction) {
                    collection2.add(function);
                } else {
                    collection.add(function);
                }
            }
        }
    }

    private ArrayList<Address> findLocations(Program program, AddressSetView addressSetView, TaskMonitor taskMonitor) throws CancelledException {
        taskMonitor.setMessage("Finding function locations...");
        long numAddresses = addressSetView.getNumAddresses();
        taskMonitor.initialize(numAddresses);
        Address maxAddress = addressSetView.getMaxAddress();
        ArrayList<Address> arrayList = new ArrayList<>();
        InstructionIterator instructions = program.getListing().getInstructions(addressSetView, true);
        while (instructions.hasNext()) {
            taskMonitor.checkCancelled();
            Instruction next = instructions.next();
            FlowType flowType = next.getFlowType();
            if ((flowType.isJump() && flowType.isComputed()) || isCallFixup(program, next, flowType)) {
                if (!hasUnrecoverableCallOther(program, next)) {
                    Address minAddress = next.getMinAddress();
                    arrayList.add(minAddress);
                    taskMonitor.setProgress(numAddresses - ((maxAddress.getOffset() - minAddress.getOffset()) + minAddress.getSize()));
                }
            }
        }
        return arrayList;
    }

    private boolean hasUnrecoverableCallOther(Program program, Instruction instruction) {
        Varnode output;
        Varnode output2;
        HashSet hashSet = new HashSet();
        for (PcodeOp pcodeOp : instruction.getPcode(true)) {
            if (pcodeOp.getOpcode() == 9) {
                if (!hasPcodeInject(program, pcodeOp) && (output2 = pcodeOp.getOutput()) != null) {
                    hashSet.add(output2);
                }
            } else if (!hashSet.isEmpty() && pcodeOp.getOpcode() == 6) {
                if (hashSet.contains(pcodeOp.getInput(0))) {
                    return true;
                }
            } else if (!hashSet.isEmpty()) {
                for (Varnode varnode : pcodeOp.getInputs()) {
                    if (hashSet.contains(varnode) && (output = pcodeOp.getOutput()) != null) {
                        hashSet.add(output);
                    }
                }
            }
        }
        return false;
    }

    private boolean hasPcodeInject(Program program, PcodeOp pcodeOp) {
        return findPcodeInjection(program, pcodeOp.getInput(0).getOffset()) != null;
    }

    private InjectPayload findPcodeInjection(Program program, long j) {
        InjectPayload injectPayload = this.injectPayloadCache.get(Long.valueOf(j));
        if (injectPayload != null) {
            return injectPayload;
        }
        if (this.injectPayloadCache.containsKey(Long.valueOf(j))) {
            return null;
        }
        PcodeInjectLibrary pcodeInjectLibrary = program.getCompilerSpec().getPcodeInjectLibrary();
        String userDefinedOpName = program.getLanguage().getUserDefinedOpName((int) j);
        InjectPayload payload = "segment".equals(userDefinedOpName) ? pcodeInjectLibrary.getPayload(4, "segment_pcode") : pcodeInjectLibrary.getPayload(2, userDefinedOpName);
        this.injectPayloadCache.put(Long.valueOf(j), payload);
        return payload;
    }

    private boolean isCallFixup(Program program, Instruction instruction, FlowType flowType) {
        Function functionAt;
        if (!flowType.isCall()) {
            return false;
        }
        for (Reference reference : instruction.getReferencesFrom()) {
            if (reference.getReferenceType().isCall() && (functionAt = program.getFunctionManager().getFunctionAt(reference.getToAddress())) != null && functionAt.getCallFixup() != null) {
                return true;
            }
        }
        return false;
    }
}
