public void VpUndoUnnecessarySlicingOfSegmentPointer()
{
var m = new ProcedureBuilder();
var es = m.Reg16("es", 1);
var bx = m.Reg16("bx", 3);
var es_bx = m.Frame.EnsureSequence(es.Storage, bx.Storage, PrimitiveType.Word32);
m.Assign(es_bx, m.SegMem(PrimitiveType.Word32, es, bx));
m.Assign(es, m.Slice(PrimitiveType.Word16, es_bx, 16));
m.Assign(bx, m.Cast(PrimitiveType.Word16, es_bx));
m.SStore(es, m.IAdd(bx, 4), m.Byte(3));
var ssa = RunTest(m);
var sExp =
#region Expected
@"es:es
def: def es
uses: es_bx_3 = Mem0[es:bx:word32]
bx:bx
def: def bx
uses: es_bx_3 = Mem0[es:bx:word32]
Mem0:Global memory
def: def Mem0
uses: es_bx_3 = Mem0[es:bx:word32]
es_bx_3: orig: es_bx
def: es_bx_3 = Mem0[es:bx:word32]
uses: es_4 = SLICE(es_bx_3, word16, 16)
bx_5 = (word16) es_bx_3
Mem6[es_bx_3 + 0x0004:byte] = 0x03
es_4: orig: es
def: es_4 = SLICE(es_bx_3, word16, 16)
bx_5: orig: bx
def: bx_5 = (word16) es_bx_3
Mem6: orig: Mem0
def: Mem6[es_bx_3 + 0x0004:byte] = 0x03
// ProcedureBuilder
// Return size: 0
void ProcedureBuilder()
ProcedureBuilder_entry:
def es
def bx
def Mem0
// succ: l1
l1:
es_bx_3 = Mem0[es:bx:word32]
es_4 = SLICE(es_bx_3, word16, 16)
bx_5 = (word16) es_bx_3
Mem6[es_bx_3 + 0x0004:byte] = 0x03
ProcedureBuilder_exit:
";
#endregion
AssertStringsEqual(sExp, ssa);
}
public void VpPhiLoops()
{
var m = new ProcedureBuilder();
var ssa = new SsaState(m.Procedure, null);
ssaIds = ssa.Identifiers;
var fp = Reg16("fp");
var a = Reg16("a");
var b = Reg16("b");
var c = Reg16("c");
var d = Reg16("d");
var x = Reg16("x");
var y = Reg16("y");
var z = Reg16("z");
m.Emit(m.Assign(y, m.IAdd(x, 4)));
m.Emit(m.Assign(z, m.ISub(x, 8)));
m.Emit(m.Assign(a, m.ISub(fp, 12)));
m.Emit(m.Assign(b, m.ISub(fp, 12)));
m.Emit(m.Assign(c, m.ISub(y, 4)));
m.Emit(m.Assign(d, m.IAdd(z, 8)));
var phiStm = m.Phi(x, a, b, c, d);
var stms = m.Procedure.EntryBlock.Succ[0].Statements;
stms.ForEach(stm =>
{
var ass = stm.Instruction as Assignment;
if (ass != null)
{
ssaIds[ass.Dst].DefStatement = stm;
}
var phiAss = stm.Instruction as PhiAssignment;
if (phiAss != null)
{
ssaIds[phiAss.Dst].DefStatement = stm;
}
});
var vp = new ValuePropagator(arch, ssa, listener);
vp.Transform();
Assert.AreEqual("x = fp - 0x000C", phiStm.Instruction.ToString());
}
public void TrcoArrayExpression()
{
var b = new Identifier("base", PrimitiveType.Word32, null);
var i = new Identifier("idx", PrimitiveType.Word32, null);
var s = Constant.Word32(4);
ProcedureBuilder m = new ProcedureBuilder();
// e ::= Mem[(b+0x1003000)+(i*s):word16]
Expression e = m.Mem(
PrimitiveType.Word16,
m.IAdd(m.IAdd(b, Constant.Word32(0x10030000)),
m.SMul(i, s)));
coll = CreateCollector();
e = e.Accept(en);
e.Accept(eqb);
e.Accept(coll);
Verify(null, "Typing/TrcoArrayExpression.txt");
}
private void indirect_call_two_arguments(ProcedureBuilder m)
{
var esp = m.Frame.EnsureIdentifier(m.Architecture.StackRegister);
var eax = m.Frame.EnsureIdentifier(this.eax.Storage);
var ecx = m.Frame.EnsureIdentifier(this.ecx.Storage);
m.Assign(esp, m.Frame.FramePointer);
m.Assign(eax, m.Mem32(m.IAdd(esp, 4))); // get argument to this fn.
m.Assign(ecx, m.Mem32(eax));
m.Assign(esp, m.ISub(esp, 4)); // push arg2
m.MStore(esp, m.Word32(0x000B));
m.Assign(esp, m.ISub(esp, 4)); // push arg1
m.MStore(esp, m.Word32(0x000A));
// We expect the following call to be resolved as
// (Mem0[ecx + 8:ptr32])(arg1, arg2)
var c = m.Call(m.Mem32(m.IAdd(ecx, 8)), 4);
c.CallSite.StackDepthOnEntry = 12;
m.Return();
}
public void Rl_AlAhUses2()
{
f.EnsureRegister(Registers.al);
Identifier ah = f.EnsureRegister(Registers.ah);
Identifier ax = f.EnsureRegister(Registers.ax);
m.MStore(m.Int32(0x01F3004), ax).Instruction.Accept(rl); // use al and ah
Assert.AreEqual(" ax", Dump(rl.IdentifierLiveness));
m.Assign(ah, m.IAdd(ah, 3)).Accept(rl);
Assert.AreEqual(" ah al", Dump(rl.IdentifierLiveness));
}
public void Tmer_PointerToSingleItem()
{
var ptr = new Identifier("ptr", PrimitiveType.Word32, null);
CreateTv(ptr, new Pointer(point, 4), new Pointer(point, 4));
var tmer = new TypedExpressionRewriter(program, null);
var access = CreateTv(m.LoadDw(m.IAdd(ptr, 0)));
Expression e = access.Accept(tmer);
Assert.AreEqual("ptr->dw0000", e.ToString());
}
public void VpAddress32Const()
{
var m = new ProcedureBuilder("VpAddress32Const");
var r1 = m.Reg32("r1", 1);
m.Assign(r1, Address.Ptr32(0x00123400));
m.Assign(r1, m.Mem(r1.DataType, m.IAdd(r1, 0x56)));
m.Return();
RunFileTest(m, "Analysis/VpAddress32Const.txt");
}
/// <summary>
/// Models a call to an indirect function pointed to by
/// ecx, with no arguments.
/// </summary>
private void indirect_call_no_arguments(ProcedureBuilder m)
{
var esp = m.Frame.EnsureIdentifier(m.Architecture.StackRegister);
var eax = m.Frame.EnsureIdentifier(this.eax.Storage);
var ecx = m.Frame.EnsureIdentifier(this.ecx.Storage);
m.Assign(esp, m.Frame.FramePointer);
m.Assign(eax, m.Mem32(m.IAdd(esp, 4)));
m.Assign(ecx, m.Mem32(eax));
m.Call(m.Mem32(ecx), 4);
m.Return();
}
public void VpLoadDpbSmallerCast()
{
var m = new ProcedureBuilder();
var a2 = m.Reg32("a2", 10);
var d3 = m.Reg32("d3", 3);
var tmp = m.Temp(PrimitiveType.Word16, "tmp");
m.Assign(tmp, m.Mem16(a2));
m.Assign(d3, m.Dpb(d3, tmp, 0));
m.MStore(m.IAdd(a2, 4), m.Cast(PrimitiveType.Byte, d3));
SsaState ssa = RunTest(m);
var sExp =
#region Expected
@"a2:a2
def: def a2
uses: tmp_3 = Mem0[a2:word16]
Mem6[a2 + 4<32>:byte] = (byte) tmp_3
Mem0:Mem
def: def Mem0
uses: tmp_3 = Mem0[a2:word16]
tmp_3: orig: tmp
def: tmp_3 = Mem0[a2:word16]
uses: d3_5 = SEQ(SLICE(d3, word16, 16), tmp_3)
Mem6[a2 + 4<32>:byte] = (byte) tmp_3
d3:d3
def: def d3
uses: d3_5 = SEQ(SLICE(d3, word16, 16), tmp_3)
d3_5: orig: d3
def: d3_5 = SEQ(SLICE(d3, word16, 16), tmp_3)
uses: Mem6[a2 + 4<32>:byte] = (byte) tmp_3
Mem6: orig: Mem0
def: Mem6[a2 + 4<32>:byte] = (byte) tmp_3
// ProcedureBuilder
// Return size: 0
define ProcedureBuilder
ProcedureBuilder_entry:
def a2
def Mem0
def d3
// succ: l1
l1:
tmp_3 = Mem0[a2:word16]
d3_5 = SEQ(SLICE(d3, word16, 16), tmp_3)
Mem6[a2 + 4<32>:byte] = (byte) tmp_3
ProcedureBuilder_exit:
";
#endregion
AssertStringsEqual(sExp, ssa);
}
public void CoaCallCallee()
{
var m = new ProcedureBuilder("foo");
var r2 = m.Register(2);
var r3 = m.Register(3);
m.Assign(r3, m.Fn(r2));
m.Assign(r3, m.IAdd(r3, 4));
m.Call(r3, 4);
m.Return();
RunFileTest(m, "Analysis/CoaCallCallee.txt");
}
public void Exs_AddAddress32Constant()
{
Given_ExpressionSimplifier();
var expr = m.Mem32(m.IAdd(Address.Ptr32(0x00123400), 0x56));
Assert.AreEqual("Mem0[0x00123456<p32>:word32]", expr.Accept(simplifier).ToString());
}
/// <summary>
/// Builds a strongly connected component corresponding to:
/// a1 = 0
/// a2 = phi(a1, a3)
/// while (a2 != 10)
/// {
/// a3 = a2 + 4
/// }
/// </summary>
private List <SsaIdentifier> BuildScc()
{
var m = new ProcedureBuilder("test");
Identifier a = new Identifier("a", PrimitiveType.Word32, null);
m.Label("b1");
m.Assign(a, Constant.Word32(0));
m.Label("b2");
m.Assign(a, m.IAdd(a, 4));
m.BranchIf(m.Ne(a, 10), "b2");
m.Label("b3");
m.Return();
this.dom = m.Procedure.CreateBlockDominatorGraph();
var ssa = new SsaTransform(new ProgramDataFlow(), m.Procedure, dom);
/*
*
* proc = new Procedure("test", new Frame(PrimitiveType.Word32));
* Block b1 = proc.AddBlock("b1");
* Block b2 = proc.AddBlock("b2");
*
* Identifier a2 = new Identifier("a2", PrimitiveType.Word32, null);
* Identifier a3 = new Identifier("a3", PrimitiveType.Word32, null);
* PhiFunction phi = new PhiFunction(a1.DataType, new Expression [] { a1, a3 });
*
* Statement stm_a1 = new Statement(0, new Assignment(a1, Constant.Word32(0)), null);
* Statement stm_a2 = new Statement(0, new PhiAssignment(a2, new PhiFunction(a1.DataType, a1, a3 )), null);
* Statement stm_ex = new Statement(0, new Branch(new BinaryExpression(Operator.Ne, PrimitiveType.Bool, a2, Constant.Word32(10)), b2), null);
* Statement stm_a3 = new Statement(0, new Assignment(a3, new BinaryExpression(Operator.IAdd, a3.DataType, a2, Constant.Word32(4))), null);
* b1.Statements.Add(stm_a1);
*
* b2.Statements.Add(stm_a2);
* b2.Statements.Add(stm_a3);
*
* SsaIdentifier sid_a1 = new SsaIdentifier(a1, a1, stm_a1, ((Assignment)stm_a1.Instruction).Src, false);
* SsaIdentifier sid_a2 = new SsaIdentifier(a2, a2, stm_a2, ((PhiAssignment) stm_a2.Instruction).Src, false);
* SsaIdentifier sid_a3 = new SsaIdentifier(a3, a3, stm_a3, ((Assignment) stm_a3.Instruction).Src, false);
* sid_a1.Uses.Add(stm_a2);
* ssaIds = new SsaIdentifierCollection();
* ssaIds.Add(a1, sid_a1);
* ssaIds.Add(a2, sid_a2);
* ssaIds.Add(a3, sid_a3);
*/
ssaIds = ssa.SsaState.Identifiers;
List <SsaIdentifier> list = new List <SsaIdentifier> {
ssaIds.Where(i => i.Identifier.Name == "a_0").Single(),
ssaIds.Where(i => i.Identifier.Name == "a_1").Single(),
ssaIds.Where(i => i.Identifier.Name == "a_2").Single(),
};
return(list);
}
public void VpLoadDpbSmallerCast()
{
var m = new ProcedureBuilder();
var a2 = m.Reg32("a2", 10);
var d3 = m.Reg32("d3", 3);
var tmp = m.Temp(PrimitiveType.Word16, "tmp");
m.Assign(tmp, m.LoadW(a2));
m.Assign(d3, m.Dpb(d3, tmp, 0));
m.Store(m.IAdd(a2, 4), m.Cast(PrimitiveType.Byte, d3));
SsaState ssa = RunTest(m);
var sExp =
#region Expected
@"a2:a2
def: def a2
uses: tmp_2 = Mem0[a2:word16]
Mem5[a2 + 0x00000004:byte] = (byte) tmp_2
Mem0:Global memory
def: def Mem0
uses: tmp_2 = Mem0[a2:word16]
tmp_2: orig: tmp
def: tmp_2 = Mem0[a2:word16]
uses: d3_4 = DPB(d3, tmp_2, 0)
Mem5[a2 + 0x00000004:byte] = (byte) tmp_2
d3:d3
def: def d3
uses: d3_4 = DPB(d3, tmp_2, 0)
d3_4: orig: d3
def: d3_4 = DPB(d3, tmp_2, 0)
Mem5: orig: Mem0
def: Mem5[a2 + 0x00000004:byte] = (byte) tmp_2
// ProcedureBuilder
// Return size: 0
void ProcedureBuilder()
ProcedureBuilder_entry:
def a2
def Mem0
def d3
// succ: l1
l1:
tmp_2 = Mem0[a2:word16]
d3_4 = DPB(d3, tmp_2, 0)
Mem5[a2 + 0x00000004:byte] = (byte) tmp_2
ProcedureBuilder_exit:
";
#endregion
AssertStringsEqual(sExp, ssa);
}
public void SsaSwitchWithSharedBranches()
{
var m = new ProcedureBuilder("SsaSwitchWithSharedBranches");
var sp = m.Frame.EnsureRegister(m.Architecture.StackRegister);
var r1 = m.Reg32("r1", 1);
var r2 = m.Reg32("r2", 2);
var foo = new ExternalProcedure("foo", new FunctionType(
new Identifier("", VoidType.Instance, null),
new Identifier("arg1", PrimitiveType.Int32, new StackArgumentStorage(4, PrimitiveType.Int32))));
m.Assign(sp, m.Frame.FramePointer);
m.Assign(r1, m.Mem32(m.IAdd(sp, 4)));
m.BranchIf(m.Ugt(r1, m.Word32(0x5)), "m4_default");
m.Label("m1");
m.Switch(r1,
"m2", "m2", "m3", "m3", "m2", "m3");
m.Label("m2");
m.Assign(sp, m.ISub(sp, 4));
m.MStore(sp, m.Word32(0x42));
m.Call(foo, 4);
m.Assign(sp, m.IAdd(sp, 4));
// fall through
m.Label("m3");
m.Assign(sp, m.ISub(sp, 4));
m.MStore(sp, m.Word32(42));
m.Call(foo, 4);
m.Assign(sp, m.IAdd(sp, 4));
// fall through
m.Label("m4_default");
m.Assign(sp, m.ISub(sp, 4));
m.MStore(sp, m.Word32(0));
m.Call(foo, 4);
m.Assign(sp, m.IAdd(sp, 4));
m.Return();
RunUnitTest(m, "Analysis/SsaSwitchWithSharedBranches.txt");
}
public void TrcoSegmentedAccess()
{
ProcedureBuilder m = new ProcedureBuilder();
Identifier ds = m.Local16("ds");
Identifier bx = m.Local16("bx");
Expression e = m.SegMem(PrimitiveType.Word16, ds, m.IAdd(bx, 4));
coll = CreateCollector();
e = e.Accept(en);
e.Accept(eqb);
e.Accept(coll);
Verify(null, "Typing/TrcoSegmentedAccess.txt");
}
public void VpPhiLoops()
{
var fp = Reg16("fp");
var a = Reg16("a");
var b = Reg16("b");
var c = Reg16("c");
var d = Reg16("d");
var x = Reg16("x");
var y = Reg16("y");
var z = Reg16("z");
m.Assign(y, m.IAdd(x, 4));
m.Assign(z, m.ISub(x, 8));
m.Assign(a, m.ISub(fp, 12));
m.Assign(b, m.ISub(fp, 12));
m.Assign(c, m.ISub(y, 4));
m.Assign(d, m.IAdd(z, 8));
var phiStm = m.Phi(x, a, b, c, d);
RunValuePropagator(m);
Assert.AreEqual("x = fp - 0x000C", phiStm.Instruction.ToString());
}
public void PreservedValues()
{
arch = new IntelArchitecture(ProcessorMode.Real);
p.Add("main", m =>
{
var sp = m.Frame.EnsureRegister(Registers.sp);
var ss = m.Frame.EnsureRegister(Registers.ss);
var ax = m.Frame.EnsureRegister(Registers.ax);
m.Assign(sp, m.ISub(sp, 2));
m.SegStore(ss, sp, ax);
m.Assign(ax, 1);
m.Assign(ax, m.SegMemW(ss, sp));
m.Assign(sp, m.IAdd(sp, 2));
m.Return();
});
RunTest(p,
@"main
main_entry sp:fp
l1 sp:fp
main_exit ax:ax sp:fp");
}
public void BwReg_00121()
{
var d0 = m.Reg32("d0", 0);
var d3 = m.Reg32("d3", 3);
var a5 = m.Reg32("a5", 5);
var v38 = m.Temp(PrimitiveType.Word16, "v38");
var v39 = m.Temp(PrimitiveType.Byte, "v39");
var v40 = m.Temp(PrimitiveType.Word16, "v40");
var VZN = m.Flags("VZN");
var ZN = m.Flags("ZN");
var C = m.Flags("C");
var V = m.Flags("V");
var CVZN = m.Flags("CVZN");
var CVZNX = m.Flags("CVZNX");
m.Assign(d0, d3);
m.Assign(CVZN, m.Cond(d0));
m.Assign(v38, m.And(m.Slice(PrimitiveType.Word16, d0, 0), 0xF0));
m.Assign(d0, m.Dpb(d0, v38, 0));
m.Assign(ZN, m.Cond(v38));
m.Assign(C, false);
m.Assign(V, false);
m.Assign(v39, m.Shl(m.Slice(PrimitiveType.Byte, d0, 0), 2));
m.Assign(d0, m.Dpb(d0, v39, 0));
m.Assign(CVZNX, m.Cond(v39));
m.Assign(v40, m.ISub(m.Slice(PrimitiveType.Word16, d0, 0), 44));
m.Assign(CVZN, m.Cond(v40));
m.BranchIf(m.Test(ConditionCode.GT, VZN), "lDefault");
m.Assign(a5, m.Mem32(m.IAdd(Address.Ptr32(0x0000C046), d0)));
var xfer = new RtlCall(a5, 4, InstrClass.Transfer);
var bw = new Backwalker <Block, Instruction>(host, xfer, expSimp);
Assert.IsTrue(bw.CanBackwalk());
Assert.AreEqual("a5", bw.Index.Name);
bw.BackWalk(m.Block);
Assert.AreEqual("v40", bw.IndexExpression.ToString());
}
public void TrfPreservedValues()
{
arch = new X86ArchitectureReal("x86-real-16");
p.Program.Architecture = arch;
p.Add("main", m =>
{
var sp = m.Frame.EnsureRegister(Registers.sp);
var ss = m.Frame.EnsureRegister(Registers.ss);
var ax = m.Frame.EnsureRegister(Registers.ax);
m.Assign(sp, m.ISub(sp, 2));
m.SStore(ss, sp, ax);
m.Assign(ax, 1);
m.Assign(ax, m.SegMem16(ss, sp));
m.Assign(sp, m.IAdd(sp, 2));
m.Return();
});
RunTest(p,
@"main
main_entry sp:fp
l1 sp:fp
main_exit ax:ax sp:fp");
}
public void TrcoMemberPointer()
{
ProcedureBuilder m = new ProcedureBuilder();
Identifier ds = m.Local16("ds");
Identifier bx = m.Local16("bx");
MemberPointerSelector mps = m.MembPtrW(ds, m.IAdd(bx, 4));
Expression e = m.Mem(PrimitiveType.Byte, mps);
coll = CreateCollector();
e = e.Accept(en);
e.Accept(eqb);
e.Accept(coll);
Verify(null, "Typing/TrcoMemberPointer.txt");
}
public void TrcoMemberPointer()
{
ProcedureBuilder m = new ProcedureBuilder();
Identifier ds = m.Local16("ds");
Identifier bx = m.Local16("bx");
MemberPointerSelector mps = m.MembPtrW(ds, m.IAdd(bx, 4));
Expression e = m.Mem(PrimitiveType.Byte, mps);
coll = CreateCollector();
e = e.Accept(en);
e.Accept(eqb);
e.Accept(coll);
Assert.IsNotNull(mps.BasePointer.TypeVariable, "Base pointer should have type variable");
Verify(null, "Typing/TrcoMemberPointer.txt");
}
public void VpMulBy6()
{
var m = new ProcedureBuilder();
var r1 = m.Reg16("r1", 1);
var r2 = m.Reg16("r1", 2);
m.Assign(r2, r1); // r1
m.Assign(r1, m.Shl(r1, 1)); // r1 * 2
m.Assign(r1, m.IAdd(r1, r2)); // r1 * 3
m.Assign(r1, m.Shl(r1, 1)); // r1 * 6
var ssa = RunTest(m);
var sExp =
#region Expected
@"r1:r1
def: def r1
uses: r1_2 = r1
r1_3 = r1 << 1<8>
r1_4 = r1 * 3<16>
r1_5 = r1 * 6<16>
r1_2: orig: r1
def: r1_2 = r1
r1_3: orig: r1
def: r1_3 = r1 << 1<8>
r1_4: orig: r1
def: r1_4 = r1 * 3<16>
r1_5: orig: r1
def: r1_5 = r1 * 6<16>
// ProcedureBuilder
// Return size: 0
define ProcedureBuilder
ProcedureBuilder_entry:
def r1
// succ: l1
l1:
r1_2 = r1
r1_3 = r1 << 1<8>
r1_4 = r1 * 3<16>
r1_5 = r1 * 6<16>
ProcedureBuilder_exit:
";
#endregion
AssertStringsEqual(sExp, ssa);
}
public void DtbSegmentedAccess()
{
ProcedureBuilder m = new ProcedureBuilder();
Identifier ds = m.Local16("ds");
Identifier bx = m.Local16("bx");
Expression e = m.SegMem(bx.DataType, ds, m.IAdd(bx, 4));
var arch = new Reko.Arch.X86.X86ArchitectureReal();
Program prog = new Program
{
Architecture = arch,
Platform = new DefaultPlatform(null, arch),
};
TraitCollector trco = new TraitCollector(factory, store, dtb, prog);
e = e.Accept(aen);
e.Accept(eqb);
e.Accept(trco);
dtb.BuildEquivalenceClassDataTypes();
Verify("Typing/DtbSegmentedAccess.txt");
}
public void CreateNoincInitialValue()
{
ProcedureBuilder m = new ProcedureBuilder();
ssa = new SsaState(m.Procedure);
SsaId(new Identifier("id0", PrimitiveType.Word32, new TemporaryStorage("id0", 0, PrimitiveType.Word32)), null, null, false);
SsaId(new Identifier("id1", PrimitiveType.Word32, new TemporaryStorage("id1", 1, PrimitiveType.Word32)), null, null, false);
LinearInductionVariableFinder liv = new LinearInductionVariableFinder(ssa, null);
liv.Context.InitialValue = Constant.Word32(0);
Identifier id2 = m.Local32("id_2");
SsaId(id2, new Statement(0, null, null), null, false);
Assert.AreEqual(3, ssa.Identifiers.Count);
Identifier id3 = m.Local32("id_3");
Identifier id4 = m.Local32("id_4");
liv.Context.PhiStatement = m.Phi(id3, (id2, "block2"), (id4, "block4"));
liv.Context.PhiIdentifier = id3;
SsaId(id3, liv.Context.PhiStatement, ((PhiAssignment)liv.Context.PhiStatement.Instruction).Src, false);
Assert.AreEqual(4, ssa.Identifiers.Count);
Statement use = new Statement(0, null, null);
ssa.Identifiers[id3].Uses.Add(use);
liv.Context.DeltaValue = m.Word32(1);
m.Assign(id4, m.IAdd(id3, liv.Context.DeltaValue));
liv.Context.DeltaStatement = m.Block.Statements.Last;
ssa.Identifiers[id3].Uses.Add(liv.Context.DeltaStatement);
LinearInductionVariable iv = liv.CreateInductionVariable();
Assert.AreEqual("(0<32> 1<32> ?)", iv.ToString());
}
public void BwAdd()
{
var eax = m.Frame.EnsureRegister(Registers.eax);
var bw = new Backwalker <Block, Instruction>(
host,
new RtlGoto(m.Mem32(m.IAdd(eax, 0x10000)), InstrClass.Transfer),
expSimp);
Assert.IsTrue(bw.BackwalkInstruction(m.Assign(eax, m.IAdd(eax, eax))));
Assert.AreSame(Registers.eax, bw.Index);
Assert.AreEqual("* 2", bw.Operations[0].ToString());
Assert.AreEqual(2, bw.Stride);
}
public void VpIndirectCall()
{
var callee = CreateExternalProcedure(
"foo",
12,
RegArg(1, "r1"),
StackArg(4),
StackArg(8));
var pc = new ProcedureConstant(PrimitiveType.Ptr32, callee);
var m = new ProcedureBuilder();
var r1 = m.Reg32("r1", 1);
var sp = m.Frame.EnsureRegister(m.Architecture.StackRegister);
m.Assign(sp, m.Frame.FramePointer);
m.Assign(r1, pc);
m.Assign(sp, m.ISub(sp, 4));
m.MStore(sp, m.Word32(3));
m.Assign(sp, m.ISub(sp, 4));
m.MStore(sp, m.Mem16(m.Word32(0x1231230)));
m.Call(r1, 4);
m.Return();
arch.Setup(a => a.CreateStackAccess(
It.IsAny <IStorageBinder>(),
It.IsAny <int>(),
It.IsAny <DataType>()))
.Returns((IStorageBinder f, int off, DataType dt) =>
m.Mem(dt, m.IAdd(f.EnsureRegister((RegisterStorage)sp.Storage), off)));
arch.Setup(s => s.CreateFrameApplicationBuilder(
It.IsAny <IStorageBinder>(),
It.IsAny <CallSite>(),
It.IsAny <Expression>()))
.Returns((IStorageBinder binder, CallSite site, Expression c) =>
new FrameApplicationBuilder(arch.Object, binder, site, c, false));
var ssa = RunTest(m);
var sExp =
#region Expected
@"fp:fp
def: def fp
uses: r63_2 = fp
r63_4 = fp - 4<32>
Mem5[fp - 4<32>:word32] = 3<32>
r63_6 = fp - 8<32>
Mem7[fp - 8<32>:word16] = Mem5[0x1231230<32>:word16]
r1_8 = foo(Mem7[fp - 8<32>:word32], Mem7[fp - 4<32>:word32])
r1_8 = foo(Mem7[fp - 8<32>:word32], Mem7[fp - 4<32>:word32])
r63_2: orig: r63
def: r63_2 = fp
r1_3: orig: r1
def: r1_3 = foo
r63_4: orig: r63
def: r63_4 = fp - 4<32>
Mem5: orig: Mem0
def: Mem5[fp - 4<32>:word32] = 3<32>
uses: Mem7[fp - 8<32>:word16] = Mem5[0x1231230<32>:word16]
r63_6: orig: r63
def: r63_6 = fp - 8<32>
Mem7: orig: Mem0
def: Mem7[fp - 8<32>:word16] = Mem5[0x1231230<32>:word16]
uses: r1_8 = foo(Mem7[fp - 8<32>:word32], Mem7[fp - 4<32>:word32])
r1_8 = foo(Mem7[fp - 8<32>:word32], Mem7[fp - 4<32>:word32])
r1_8: orig: r1
def: r1_8 = foo(Mem7[fp - 8<32>:word32], Mem7[fp - 4<32>:word32])
// ProcedureBuilder
// Return size: 0
define ProcedureBuilder
ProcedureBuilder_entry:
def fp
// succ: l1
l1:
r63_2 = fp
r1_3 = foo
r63_4 = fp - 4<32>
Mem5[fp - 4<32>:word32] = 3<32>
r63_6 = fp - 8<32>
Mem7[fp - 8<32>:word16] = Mem5[0x1231230<32>:word16]
r1_8 = foo(Mem7[fp - 8<32>:word32], Mem7[fp - 4<32>:word32])
return
// succ: ProcedureBuilder_exit
ProcedureBuilder_exit:
";
#endregion
AssertStringsEqual(sExp, ssa);
}
public void VpUndoUnnecessarySlicingOfSegmentPointer()
{
var m = new ProcedureBuilder();
var es = m.Reg16("es", 1);
var bx = m.Reg16("bx", 3);
var es_bx = m.Frame.EnsureSequence(PrimitiveType.Word32, es.Storage, bx.Storage);
m.Assign(es_bx, m.SegMem(PrimitiveType.Word32, es, bx));
m.Assign(es, m.Slice(PrimitiveType.Word16, es_bx, 16));
m.Assign(bx, m.Slice(PrimitiveType.Word16, es_bx, 0));
m.SStore(es, m.IAdd(bx, 4), m.Byte(3));
var ssa = RunTest(m);
var sExp =
#region Expected
@"es:es
def: def es
uses: es_bx_4 = Mem0[es:bx:word32]
bx:bx
def: def bx
uses: es_bx_4 = Mem0[es:bx:word32]
Mem0:Mem
def: def Mem0
uses: es_bx_4 = Mem0[es:bx:word32]
es_bx_4: orig: es_bx
def: es_bx_4 = Mem0[es:bx:word32]
uses: es_5 = SLICE(es_bx_4, word16, 16) (alias)
bx_6 = SLICE(es_bx_4, word16, 0) (alias)
es_7 = SLICE(es_bx_4, word16, 16)
bx_8 = SLICE(es_bx_4, word16, 0)
Mem9[es_bx_4 + 4<16>:byte] = 3<8>
es_5: orig: es
def: es_5 = SLICE(es_bx_4, word16, 16) (alias)
bx_6: orig: bx
def: bx_6 = SLICE(es_bx_4, word16, 0) (alias)
es_7: orig: es
def: es_7 = SLICE(es_bx_4, word16, 16)
bx_8: orig: bx
def: bx_8 = SLICE(es_bx_4, word16, 0)
Mem9: orig: Mem0
def: Mem9[es_bx_4 + 4<16>:byte] = 3<8>
// ProcedureBuilder
// Return size: 0
define ProcedureBuilder
ProcedureBuilder_entry:
def es
def bx
def Mem0
// succ: l1
l1:
es_bx_4 = Mem0[es:bx:word32]
es_5 = SLICE(es_bx_4, word16, 16) (alias)
bx_6 = SLICE(es_bx_4, word16, 0) (alias)
es_7 = SLICE(es_bx_4, word16, 16)
bx_8 = SLICE(es_bx_4, word16, 0)
Mem9[es_bx_4 + 4<16>:byte] = 3<8>
ProcedureBuilder_exit:
";
#endregion
AssertStringsEqual(sExp, ssa);
}
public void UfuserMipsLittleEndianUnalignedWordLoad()
{
var r4 = m.Reg32("r4", 4);
var r8 = m.Reg32("r8", 8);
__lwl(r8, m.Mem32(m.IAdd(r4, 0x2B)));
__lwr(r8, m.Mem32(m.IAdd(r4, 0x28)));
var ssa = RunTest(m);
var sExp =
#region Expected
@"r8:r8
def: def r8
uses: r8_4 = r8
r4:r4
def: def r4
uses: r8_5 = Mem0[r4 + 0x28<32>:word32]
Mem0:Mem
def: def Mem0
uses: r8_5 = Mem0[r4 + 0x28<32>:word32]
r8_4: orig: r8
def: r8_4 = r8
r8_5: orig: r8
def: r8_5 = Mem0[r4 + 0x28<32>:word32]
// ProcedureBuilder
// Return size: 0
define ProcedureBuilder
ProcedureBuilder_entry:
def r8
def r4
def Mem0
// succ: l1
l1:
r8_5 = Mem0[r4 + 0x28<32>:word32]
ProcedureBuilder_exit:
";
#endregion
AssertStringsEqual(sExp, ssa);
}
public void VpIndirectCall()
{
var callee = CreateExternalProcedure("foo", RegArg(1, "r1"), StackArg(4), StackArg(8));
var pc = new ProcedureConstant(PrimitiveType.Ptr32, callee);
var m = new ProcedureBuilder();
var r1 = m.Reg32("r1", 1);
var sp = m.Frame.EnsureRegister(m.Architecture.StackRegister);
m.Assign(r1, pc);
m.Assign(sp, m.ISub(sp, 4));
m.MStore(sp, m.Word32(3));
m.Assign(sp, m.ISub(sp, 4));
m.MStore(sp, m.Mem16(m.Word32(0x1231230)));
m.Call(r1, 4);
m.Return();
arch.Stub(a => a.CreateStackAccess(null, 0, null))
.IgnoreArguments()
.Do(new Func <IStorageBinder, int, DataType, Expression>((f, off, dt) => m.Mem(dt, m.IAdd(sp, off))));
mr.ReplayAll();
var ssa = RunTest(m);
var sExp =
#region Expected
@"r1_0: orig: r1
def: r1_0 = foo
r63:r63
def: def r63
uses: r63_2 = r63 - 0x00000004
Mem3[r63 - 0x00000004:word32] = 0x00000003
r63_4 = r63 - 0x00000008
Mem5[r63 - 0x00000008:word16] = Mem3[0x01231230:word16]
r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32])
r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32])
r63_2: orig: r63
def: r63_2 = r63 - 0x00000004
Mem3: orig: Mem0
def: Mem3[r63 - 0x00000004:word32] = 0x00000003
uses: Mem5[r63 - 0x00000008:word16] = Mem3[0x01231230:word16]
r63_4: orig: r63
def: r63_4 = r63 - 0x00000008
Mem5: orig: Mem0
def: Mem5[r63 - 0x00000008:word16] = Mem3[0x01231230:word16]
r1_6: orig: r1
def: r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32])
r63_7: orig: r63
Mem8: orig: Mem0
uses: r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32])
Mem9: orig: Mem0
uses: r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32])
// ProcedureBuilder
// Return size: 0
void ProcedureBuilder()
ProcedureBuilder_entry:
def r63
// succ: l1
l1:
r1_0 = foo
r63_2 = r63 - 0x00000004
Mem3[r63 - 0x00000004:word32] = 0x00000003
r63_4 = r63 - 0x00000008
Mem5[r63 - 0x00000008:word16] = Mem3[0x01231230:word16]
r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32])
return
// succ: ProcedureBuilder_exit
ProcedureBuilder_exit:
";
#endregion
AssertStringsEqual(sExp, ssa);
}
public void FindCond()
{
m.Assign(ax, m.IAdd(ax, cx));
m.Assign(SCZ, m.Cond(ax));
var block = m.CurrentBlock;
m.Return();
var cm = rw.FindConditionOf(block.Statements, 0, ax);
Assert.AreEqual("SCZ", cm.FlagGroup.ToString());
Assert.AreEqual(1, cm.StatementIndex);
}
