META - Fix analysis

[ret2libc]

• fix Graph view doesn't handle unaligned opcodes #10420
• remove maximum basic block size
• remove maximum function depth
• remove maximum function size
• re-implement recursive disassembly with a stack, making it iterative. We should implement a working recursive disassembly (afr doesn't work and other analysis seems to do hackish things)
• remove concept of realsize and size, there is only one size, and it's the sum of the sizes of the basic blocks the function is composed of
• fix wrong assumption spread almost everywhere that an address is part of a function only if it's between the starting address and the "ending address"(start + size). This is not true because a function can be split in non contiguous places. Update: Done in many places, but it has to be checked and improved again
• propagate no-return status when all paths of a function calls known no-return functions
• add code and data refs while doing analysis
• functions can have shared basic blocks or they can jump or goto the basic block of another function
• define data in portions of the executable segment where nothing was found or mark it as code only if it doesn't overlap with known functions. This way visual disassembly will not have problems "skipping" data between basic blocks and such. (review adf and adfg, they do not always work well)

---

Function API proposal:

• r_anal_fcn_size for the size of the function, that is sum(bbs)
• r_anal_fcn_firstaddr for the minimum address in a function
• r_anal_fcn_lastaddr for the maximum address in a function
• r_anal_fcn_addr for the entry address of a function
• r_anal_fcn_range for max-min, that is r_anal_fcn_lastaddr - r_anal_fcn_firstaddr

[XVilka]

Related https://github.com/radare/radare2/issues/649

[ret2libc]

Yes, even if this is more about correctness of the analysis than about performance or user-friendliness.

[rlaemmert]

How about handling vtables to get hints in c++ code?

[ret2libc]

This bug tries to keep together issues related to code analysis. Vtables are just an array of function pointers and for an initial refactoring of the code related to Analysis, I think they are not uber necessary. It can be handled in a separate issue though :)

[Maijin]

@rlaemmert you can now print vtables using av

[radare]

this is a long-story , not everything is gonna be fixed for the next release. please choose the ones you think they can be done or the ones you can do in 1 month and create specific issues for them

[radare]

I miss the symsize here, but agree about that api

[XVilka]

For OS X vtables parsing https://github.com/cocoahuke/maclook4ref

[Maijin]

@XVilka better open a separated issue for this.

[XVilka]

@ret2libc can you please update the issue to the current situation?

[ret2libc]

This is very hard for me (as for everybody else i think) to do. I'd need to review all the analysis code base. Maybe we have done 1 or 2 of these checks.

[radare]

I dont think we can focus on analysis yet, so moving to 3.4

Also, this is the most important analysis bug right now: #10420

[XVilka]

Please update the issue, maybe split.

[ret2libc]

Let's close this. It is very old and it's better to split stuff anyway.