public void CompatibleFunctions()
{
FunctionType f1 = FunctionType.Action(new Identifier("", PrimitiveType.Int16, null));
FunctionType f2 = FunctionType.Action(new Identifier("", PrimitiveType.Int32, null));
Assert.IsTrue(un.AreCompatible(f1, f2));
}
public void Bwi_IndirectCallMatchedByPlatform()
{
var platform = new Mock <IPlatform>();
var reg0 = proc.Frame.EnsureRegister(new RegisterStorage("r0", 0, 0, PrimitiveType.Ptr32));
var reg1 = proc.Frame.EnsureRegister(new RegisterStorage("r1", 1, 0, PrimitiveType.Ptr32));
var sysSvc = new SystemService {
Name = "SysSvc",
Signature = FunctionType.Action(new[] { reg1 }),
Characteristics = new ProcedureCharacteristics()
};
platform.Setup(p => p.FindService(
It.IsAny <RtlInstruction>(),
It.IsAny <ProcessorState>()))
.Returns(sysSvc)
.Verifiable();
platform.Setup(p => p.PointerType).Returns(PrimitiveType.Ptr32);
platform.Setup(p => p.ResolveIndirectCall(It.IsAny <RtlCall>()))
.Returns((Address)null);
platform.Setup(p => p.CreateTrashedRegisters())
.Returns(new HashSet <RegisterStorage>());
program.Platform = platform.Object;
scanner.Setup(f => f.FindContainingBlock(Address.Ptr32(0x100000))).Returns(block);
scanner.Setup(f => f.FindContainingBlock(Address.Ptr32(0x100004))).Returns(block);
Given_SimpleTrace(trace);
trace.Add(m => m.Call(m.Mem32(m.IAdd(reg0, -32)), 4));
var wi = CreateWorkItem(Address.Ptr32(0x100000));
wi.Process();
Assert.AreEqual("SysSvc(r1)", block.Statements[0].ToString());
platform.Verify();
}
public void Bwi_IndirectCallMatchedByPlatform()
{
var platform = mr.StrictMock <IPlatform>();
var reg0 = proc.Frame.EnsureRegister(new RegisterStorage("r0", 0, 0, PrimitiveType.Ptr32));
var reg1 = proc.Frame.EnsureRegister(new RegisterStorage("r1", 1, 0, PrimitiveType.Ptr32));
var sysSvc = new SystemService {
Name = "SysSvc",
Signature = FunctionType.Action(new[] { reg1 }),
Characteristics = new ProcedureCharacteristics()
};
platform.Expect(p => p.FindService(null, null)).IgnoreArguments().Return(sysSvc);
platform.Stub(p => p.PointerType).Return(PrimitiveType.Ptr32);
platform.Stub(p => p.ResolveIndirectCall(null)).IgnoreArguments().Return(null);
platform.Stub(p => p.CreateTrashedRegisters())
.Return(new HashSet <RegisterStorage>());
program.Platform = platform;
scanner.Stub(f => f.FindContainingBlock(Address.Ptr32(0x100000))).Return(block);
scanner.Stub(f => f.FindContainingBlock(Address.Ptr32(0x100004))).Return(block);
scanner.Stub(s => s.GetTrace(null, null, null)).IgnoreArguments().Return(trace);
mr.ReplayAll();
trace.Add(m => m.Call(m.Mem32(m.IAdd(reg0, -32)), 4));
var wi = CreateWorkItem(Address.Ptr32(0x100000));
wi.Process();
Assert.AreEqual("SysSvc(r1)", block.Statements[0].ToString());
mr.VerifyAll();
}
public void Scanner_ScanData_ImageSymbols()
{
Given_Program(Address.Ptr32(0x00100000), new byte[] {
0x42, 0x42, 0x42, 0x42,
0x10, 0x00, 0x10, 0x00,
0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
0xC3, 0x00, 0x00, 0x00,
});
Given_Project();
var dt = new StructureType
{
Fields =
{
{ 0, PrimitiveType.Int32, "data" },
{ 4, new Pointer(FunctionType.Action(
new Identifier("arg", PrimitiveType.Int32, null)),
32) }
}
};
var sym = ImageSymbol.DataObject(arch, Address.Ptr32(0x00100000), "data_blob", dt);
program.ImageSymbols.Add(sym.Address, sym);
var scanner = new Scanner(program, project.LoadedMetadata, dynamicLinker.Object, sc);
var sr = scanner.ScanDataItems();
Assert.AreEqual(1, sr.KnownProcedures.Count);
Assert.AreEqual("00100010", sr.KnownProcedures.First().ToString());
}
public void Cab_Sequence_MkSequence()
{
var m = new SsaProcedureBuilder(nameof(Cab_Sequence));
var r2_1 = m.Reg("r2_1", reg2);
var r3_2 = m.Reg("r3_2", reg3);
m.Assign(r2_1, 0x0001234);
m.Assign(r3_2, 0x5678ABCD);
var sigCallee = FunctionType.Action(
new Identifier("r2_r3", PrimitiveType.Word64,
new SequenceStorage(PrimitiveType.Word64, reg2, reg3)));
var callee = new ProcedureConstant(
PrimitiveType.Ptr32,
new ExternalProcedure("callee", sigCallee));
var stmCall = m.Call(callee, 0,
new Identifier[] { r3_2, r2_1 },
new Identifier[] { });
m.Return();
var cab = new CallApplicationBuilder(
m.Ssa,
stmCall,
(CallInstruction)stmCall.Instruction,
callee);
var instr = cab.CreateInstruction(sigCallee, null);
Assert.AreEqual("callee(SEQ(r2_1, r3_2))", instr.ToString());
m.Ssa.Validate(s => Assert.Fail(s));
}
public void Tlldr_procedure_with_address()
{
Given_ArchitectureStub();
var addr = Address.SegPtr(0x1234, 0x4567);
platform.Setup(p => p.TryParseAddress("0123:4567", out addr)).Returns(true);
Given_ProcedureSignature(FunctionType.Action());
var tlLdr = new TypeLibraryDeserializer(platform.Object, true, new TypeLibrary());
var slib = new SerializedLibrary
{
Procedures =
{
new Procedure_v1 {
Name = "foo",
Signature = new SerializedSignature
{
Convention = "__cdecl",
ReturnValue = new Argument_v1{
Type = new VoidType_v1()
},
},
Address = "0123:4567"
}
}
};
var lib = tlLdr.Load(slib);
var(name, sig) = lib.Procedures[addr];
Assert.AreEqual("foo", name);
Assert.AreEqual("(fn void ())", sig.ToString());
}
public void EqbProcedureSignature()
{
var sig = FunctionType.Action(
new Identifier("dwArg00", PrimitiveType.Word32, new StackArgumentStorage(0, PrimitiveType.Word32)));
eqb.EnsureSignatureTypeVariables(sig);
Assert.IsNotNull(sig.Parameters[0].TypeVariable);
}
public void Scanner_ScanData_NoDecompiledProcedureFromUserGlobal()
{
Given_Program(Address.Ptr32(0x12314), new byte[20]);
program.User.Procedures.Add(
Address.Ptr32(0x12314),
new Procedure_v1()
{
Decompile = false,
}
);
var sc = CreateDataScanner(program);
sc.EnqueueUserProcedure(
Address.Ptr32(0x12314),
FunctionType.Action(),
null);
sc.EnqueueUserProcedure(
Address.Ptr32(0x12324),
FunctionType.Action(),
null);
sc.ProcessQueue();
Assert.AreEqual(1, program.Procedures.Count);
Assert.AreEqual(0x12324, program.Procedures.Keys[0].Offset);
}
public void CrwExcessRegisterDefinition()
{
var ret = new RegisterStorage("ret", 1, 0, PrimitiveType.Word32);
var ssa = Given_Procedure("main", m =>
{
var a = m.Reg32("a");
m.Label("body");
m.Call("fn", 4, new Identifier[] { }, new Identifier[] { a });
m.Return();
});
Given_Procedure("fn", m => { });
Given_Signature("fn", FunctionType.Action());
When_RewriteCalls(ssa);
var sExp =
#region Expected
@"main_entry:
body:
fn()
a = <invalid>
return
main_exit:
";
#endregion
AssertProcedureCode(sExp, ssa);
}
public void Tlldr_void_fn()
{
Given_ArchitectureStub();
Given_ProcedureSignature(FunctionType.Action());
var tlLdr = new TypeLibraryDeserializer(platform.Object, true, new TypeLibrary());
var slib = new SerializedLibrary
{
Procedures =
{
new Procedure_v1 {
Name = "foo",
Signature = new SerializedSignature
{
Convention = "__cdecl",
ReturnValue = new Argument_v1{
Type = new VoidType_v1()
},
}
}
}
};
var lib = tlLdr.Load(slib);
Assert.AreEqual(
"void foo()",
lib.Lookup("foo").ToString("foo"));
}
public Win_x86_64_Platform(IServiceProvider sp, IProcessorArchitecture arch)
: base(sp, arch, "win64")
{
int3svc = new SystemService
{
SyscallInfo = new SyscallInfo
{
Vector = 3,
RegisterValues = new RegValue[0],
},
Name = "int3",
Signature = FunctionType.Action(new Identifier[0]),
Characteristics = new ProcedureCharacteristics(),
};
int29svc = new SystemService
{
SyscallInfo = new SyscallInfo
{
Vector = 0x29,
RegisterValues = new RegValue[0]
},
Name = "__fastfail",
Signature = FunctionType.Action(
new Identifier("ecx", PrimitiveType.Word32, Registers.ecx)),
Characteristics = new ProcedureCharacteristics
{
Terminates = true
}
};
}
public void FrBindStackParameters()
{
var f = new Frame(PrimitiveType.Word16);
f.ReturnAddressSize = 4; // far call.
int stack = 2;
Identifier loc02 = f.EnsureStackLocal(-stack, PrimitiveType.Word16, "wLoc02");
stack += loc02.DataType.Size;
f.EnsureStackLocal(-stack, PrimitiveType.Word16, "wLoc04");
FunctionType sig = FunctionType.Action(
new Identifier("arg0", PrimitiveType.Word16, new StackArgumentStorage(4, PrimitiveType.Word16)),
new Identifier("arg1", PrimitiveType.Word16, new StackArgumentStorage(6, PrimitiveType.Word16)));
var cs = new CallSite(f.ReturnAddressSize + 2 * 4, 0);
var fn = new ProcedureConstant(PrimitiveType.Ptr32, new IntrinsicProcedure("foo", false, sig));
var ab = arch.CreateFrameApplicationBuilder(f, cs, fn);
Instruction instr = ab.CreateInstruction(sig, null);
using (FileUnitTester fut = new FileUnitTester("Core/FrBindStackParameters.txt"))
{
f.Write(fut.TextWriter);
fut.TextWriter.WriteLine(instr.ToString());
fut.AssertFilesEqual();
}
}
public void TrfTerminates()
{
Expect("main", "Preserved: r63", "Trashed: ", "");
builder.Add("main", m =>
{
var sp = m.Frame.EnsureRegister(m.Architecture.StackRegister);
var r1 = m.Reg32("r1", 1);
var r2 = m.Reg32("r2", 2);
var fn = new ExternalProcedure(
"exit",
FunctionType.Action(r1),
new ProcedureCharacteristics {
Terminates = true
});
m.Assign(sp, m.Frame.FramePointer);
m.BranchIf(m.Ne0(r2), "m2notzero");
m.Label("m1fail");
m.Assign(r1, 1);
m.SideEffect(m.Fn(fn, r1));
m.Label("m2notzero");
m.Return();
});
RunTest();
}
public void Scanner_NoDecompiledProcedureFromUserGlobal()
{
Given_Program(Address.Ptr32(0x12314), new byte[20]);
fakeArch.Test_IgnoreAllUnkownTraces();
program.User.Procedures.Add(
Address.Ptr32(0x12314),
new Procedure_v1()
{
Decompile = false,
}
);
var sc = CreateScanner(program);
sc.EnqueueUserProcedure(
arch,
Address.Ptr32(0x12314),
FunctionType.Action(),
null);
sc.EnqueueUserProcedure(
arch,
Address.Ptr32(0x12324),
FunctionType.Action(),
null);
sc.ScanImage();
Assert.AreEqual(1, program.Procedures.Count);
Assert.AreEqual(0x12324, program.Procedures.Keys[0].Offset);
}
public void GdwTypeReference()
{
Given_Memory(0x1000)
.WriteLeInt32(1)
.WriteLeInt32(2)
.WriteLeUInt32(0x2000);
Given_Globals(
Given_Field(0x1000, new TypeReference("refTest", new StructureType("_test", 0)
{
Fields =
{
{ 0, PrimitiveType.Int32 },
{ 4, PrimitiveType.Int32 },
{ 8, new Pointer(FunctionType.Action(new Identifier[0]), 32)}
}
})));
Given_ProcedureAtAddress(0x2000, "funcTest");
RunTest(
@"refTest g_t1000 =
{
1,
2,
funcTest,
};
");
}
public void Scanner_ScanData_NoDecompiledProcedureFromUserGlobal()
{
Given_Program(Address.Ptr32(0x12314), new byte[20]);
var address = Address.Ptr32(0x12314);
program.User.Procedures.Add(
address,
new UserProcedure(address, NamingPolicy.Instance.ProcedureName(address))
{
Decompile = false,
}
);
var sc = CreateDataScanner(program);
sc.EnqueueUserProcedure(
program.Architecture,
Address.Ptr32(0x12314),
FunctionType.Action(),
null);
sc.EnqueueUserProcedure(
program.Architecture,
Address.Ptr32(0x12324),
FunctionType.Action(),
null);
sc.ProcessQueue();
Assert.AreEqual(1, program.Procedures.Count);
Assert.AreEqual(0x12324, program.Procedures.Keys[0].Offset);
}
public void Scanner_ScanData_ImageSymbols()
{
Given_Program(Address.Ptr32(0x00100000), new byte[] {
0x42, 0x42, 0x42, 0x42,
0x10, 0x00, 0x10, 0x00,
0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
0xC3, 0x00, 0x00, 0x00,
});
Given_Project();
var dt = new StructureType
{
Fields =
{
{ 0, PrimitiveType.Int32, "data" },
{ 4, new Pointer(FunctionType.Action(
new Identifier("arg", PrimitiveType.Int32, null)),
4) }
}
};
var sym = new ImageSymbol(Address.Ptr32(0x00100000), "data_blob", dt)
{
Type = SymbolType.Data
};
program.ImageSymbols.Add(sym.Address, sym);
var scanner = new Scanner(program, importResolver, sc);
var sr = scanner.ScanDataItems();
Assert.AreEqual(1, sr.KnownProcedures.Count);
Assert.AreEqual("00100010", sr.KnownProcedures.First().ToString());
}
public void ExdApplication()
{
var sig = FunctionType.Action(new[] { Id("r", PrimitiveType.Real32) });
var ep = new ExternalProcedure("test", sig);
RunTest(
Test(m.Fn(ep, m.Load(PrimitiveType.Word32, m.Word32(0x0300400))), VoidType.Instance));
}
public void ExdApplication()
{
var sig = FunctionType.Action(Id("r", PrimitiveType.Real32));
var ep = new ExternalProcedure("test", sig);
RunTest(
"Typing/ExdApplication.txt",
Test(m.Fn(ep, m.Mem(PrimitiveType.Word32, m.Word32(0x0300400))), VoidType.Instance));
}
public void TyfoManyArgs()
{
FunctionType fn = FunctionType.Action(
new Identifier("", PrimitiveType.Ptr32, null),
new Identifier("", PrimitiveType.Int64, null));
tyreffo.WriteDeclaration(fn, "fn");
Assert.AreEqual("void fn(ptr32, int64)", sw.ToString());
}
public void TyfoPfn()
{
FunctionType fn = FunctionType.Action(
new Identifier[] { new Identifier("", PrimitiveType.Word32, null) });
Pointer pfn = new Pointer(fn, 32);
tyreffo.WriteDeclaration(pfn, "pfn");
Assert.AreEqual("void (* pfn)(word32)",
sw.ToString());
}
private ExternalProcedure Given_Procedure(string name, params DataType [] argTypes)
{
var sig = FunctionType.Action(
argTypes.Select((argType, i) => new Identifier(
"arg" + i,
argType,
new StackArgumentStorage(i * 4, argType)))
.ToArray());
return(new ExternalProcedure(name, sig));
}
public void Tyreffmt_ptr_function()
{
var sw = new StringWriter();
var trf = new TypeReferenceFormatter(new TextFormatter(sw));
trf.WriteDeclaration(
new Pointer(
FunctionType.Action(new [] { Arg("arg0", 0) }),
32),
"pfn");
Assert.AreEqual("void (* pfn)(word32 arg0)", sw.ToString());
}
public void PsigValidArguments()
{
Identifier arg = new Identifier(Registers.eax.Name, Registers.eax.DataType, Registers.eax);
FunctionType sig = FunctionType.Action(new Identifier[] { arg });
Assert.IsTrue(sig.ParametersValid);
sig = new FunctionType(arg, new Identifier[0]);
Assert.IsTrue(sig.ParametersValid);
sig = new FunctionType();
Assert.IsFalse(sig.ParametersValid);
}
public void AppBld_NoVariadic_Characteristics()
{
var caller = new Procedure(arch, "caller", Address.Ptr32(0x00123400), new Frame(PrimitiveType.Ptr32));
var callee = new Procedure(arch, "callee", Address.Ptr32(0x00123500), new Frame(PrimitiveType.Ptr32));
var ab = arch.CreateFrameApplicationBuilder(
caller.Frame,
new CallSite(4, 0),
new ProcedureConstant(PrimitiveType.Ptr32, callee));
var unk = new UnknownType();
var sig = FunctionType.Action(new Identifier("...", unk, new StackArgumentStorage(0, unk)));
var instr = ab.CreateInstruction(sig, null);
Assert.AreEqual("callee(0x00000000)", instr.ToString());//$BUG: obviously wrong
}
public void X86fab_FpuArg()
{
var site = new CallSite(0, 1);
CreateApplicationBuilder(site);
var sigCallee = FunctionType.Action(
new Identifier(
"arg",
PrimitiveType.Real64,
new FpuStackStorage(0, PrimitiveType.Real64)));
var instr = fab.CreateInstruction(sigCallee, new ProcedureCharacteristics());
Assert.AreEqual("eax(ST[Top:real64])", instr.ToString());
}
public void Tyreffmt_ptr_function_with_eq_class()
{
var sw = new StringWriter();
var trf = new TypeReferenceFormatter(new TextFormatter(sw));
trf.WriteDeclaration(
new Pointer(
new EquivalenceClass(
new TypeVariable(3),
FunctionType.Action(new[] { Arg("arg0", 0) })),
4),
"pfn");
Assert.AreEqual("void (* pfn)(word32 arg0)", sw.ToString());
}
public void Setup()
{
this.platform = new Mock <IPlatform>();
this.arch = new FakeArchitecture(new ServiceContainer());
this.builder = new ProgramBuilder(arch);
this.dynamicLinker = new Mock <IDynamicLinker>();
this.sbExpected = new StringBuilder();
this.fnExit = new ExternalProcedure(
"exit",
FunctionType.Action(new Identifier("code", PrimitiveType.Int32, new StackArgumentStorage(4, PrimitiveType.Int32))),
new ProcedureCharacteristics
{
Terminates = true,
});
}
public void ExdIndirectCall()
{
var p = Id("p", PrimitiveType.Word32);
var sig = FunctionType.Action(new[] { Id("r", PrimitiveType.Real32) });
store.EnsureExpressionTypeVariable(factory, p);
p.TypeVariable.OriginalDataType = PointerTo(sig);
p.TypeVariable.DataType = PointerTo(sig);
RunTest(
Test(
m.Fn(
p,
VoidType.Instance,
m.Mem(PrimitiveType.Word32, m.Word32(0x0300400))),
VoidType.Instance));
}
public void Scanner_Metadata_procedure()
{
Given_Program(Address.Ptr32(0x00100000), new byte[100]);
Given_Project();
var address = Address.Ptr32(0x00100010);
project.LoadedMetadata.Procedures.Add(address, ("foo", FunctionType.Action()));
var scanner = new Scanner(
this.program,
project.LoadedMetadata,
new DynamicLinker(project, program, eventListener),
this.sc);
scanner.ScanImage();
Assert.AreEqual(1, program.Procedures.Count);
Assert.AreEqual("(fn void ())", program.Procedures.Values.First().Signature.ToString());
}
