Getting VEX-IR of a function
Closed this issue · 1 comments
I generated CFGs of two representations of the same function (asm and VEX-IR) . So each BB contains the VEX statements and expressions.
I would like to get the whole function at VEX-IR representation. I tried to change the "format" in the following command:
plot_cfg(cfg, output_path, format="plain", asminst=asminst, vexinst=vexinst, func_addr={addr:True}, debug_info=False, remove_imports=True, remove_path_terminator=True)
But still I cannot get the text version of the VEX representation. I am wondering is that possible? Could you please help?
Thank you!
Hi! Sorry for my late answer! Probably you have solved it since.
If you want to have the VEX representation as a text, you probably don't need angr-utils at all.
Check how it is generated by the tool (its a bit complex, but you can reduce it to a few lines):
Basically what you need to do is to iterate through your CFGNodes, get the vex representation, iterate over the statements, and add the jump at the end.
Something like this:
for node in cfg.nodes():
print("node:%x" % node.addr)
vex = self.project.factory.block(addr=node.addr, size=node.size).vex
for j, s in enumerate(vex.statements):
print("%d:%s" % (j,s))
print( 'PUT(%s) = %s; %s' % (vex.arch.translate_register_name(vex.offsIP), vex.next, vex.jumpkind))