Merge branch 'it-block-split' into 'main'

Fix a bug that could cause IT block to split

Closes #629

See merge request rewriting/ddisasm!1244

Author: jdorn-gt

CHANGELOG.md

@@ -1,5 +1,7 @@
 # 1.9.2 (Unreleased)
 
+* Fix bug that could cause conditionial code to be missing in IT-block instructions.
+
 # 1.9.1
 
 * Fix a hang due to incorrect jump-table boundaries inferred from irrelevant register correlations to the index register

src/datalog/arch/arm32_code_inference.dl

@@ -760,6 +760,17 @@ negative_block_heuristic(Block,"code",Size,0,"arm: possibly invalid thumb block"
     align_addr(BlockAligned,Block),
     code_in_block_candidate_refined(BlockAligned,_).
 
+/**
+Control flow must not jump into the middle of an IT block.
+*/
+negative_block_heuristic(Block,"code",Size,0,"arm: possibly jump to in the middle of IT block"):-
+    unresolved_block(Block,"code",Size),
+    arch.it_conditional(JmpTarget,IT_EA),
+    direct_jump(EA,JmpTarget),
+    code_in_block_candidate(EA,Block),
+    code_in_block_candidate_refined(JmpTarget,_),
+    code_in_block_candidate_refined(IT_EA,_).
+
 /**
 There can be false positives of literal pools.
 Give more points to the literal pool (data) and the ref block (code)

src/datalog/arch/arm32_code_inference_weights.dl

@@ -53,6 +53,7 @@ default_heuristic_weight("arm: plt call",SIMPLE_WEIGHT,1).
 default_heuristic_weight("arm: pointer to string adjacent to another strings in data",SIMPLE_WEIGHT,3).
 default_heuristic_weight("arm: pointer to string in data",SIMPLE_WEIGHT,2).
 default_heuristic_weight("arm: possibly invalid thumb block",SIMPLE_WEIGHT,-1).
+default_heuristic_weight("arm: possibly jump to in the middle of IT block",SIMPLE_WEIGHT,-30).
 default_heuristic_weight("arm: return followed by a function",SIMPLE_WEIGHT,2).
 default_heuristic_weight("litpool: litpool ref block: adr/ldm",SIMPLE_WEIGHT,4).
 default_heuristic_weight("litpool: litpool ref block: adr/ldm unresolved",SIMPLE_WEIGHT,2).