pgoodman
commented
9 years ago Another point in favor of this approach is that right now I say that one cannot use VRs across blocks, but the restrictions are actually tighter than this. Because CFIs are currently instructions in a block, it means that one can use the same VR in a block, but before/after a CFI, and then things will go horribly wrong.
Another point in favour of this is better and simpler fragment list building. Right now a number of redundant fragments are generated because of the separated nature of CFIs and their corresponding explicit fall-through CFIs. I expect similar reductions in complexity in other early stages of assembly.
First, this would dramatically simplify block successors, because every block would have at most two successors, and iterating through successors therefore wouldn't require a traversal of the instructions of the block.
Second, this would align nicely with my eventual disire to integrate an algebra of CFG transformations into Granary, as described in Structured Binary Editing with a CFG Transformation Algebra.
Third, this would not reduce the expressiveness. In practice, it's unusual to want to do something between a conditional jump and its fall-through, but this is trivially done by injecting intermediate
CompensationBlocks into theTrace.Finally, this retains a much stronger notion and association of return addresses and blocks, as it means that, because one cannot put an instruction in the same block of a call, but after a call, that the return address can be associated with something distinct and meaningful. This last one is really a deep internal detail that no one but me cares about.