public X86State(X86State st) : base(st)
{
arch = st.arch;
FpuStackItems = st.FpuStackItems;
regs = (ulong[])st.regs.Clone();
valid = (bool []) st.valid.Clone();
}
public void OnBeforeCall_DecrementStackRegister()
{
var arch = new IntelArchitecture(ProcessorMode.Protected32);
var state = new X86State(arch);
var esp = CreateId(Registers.esp);
state.SetRegister(Registers.esp, Constant.Word32(-4));
state.OnProcedureEntered();
var site = state.OnBeforeCall(esp, 4);
Assert.AreEqual(4, site.SizeOfReturnAddressOnStack);
Assert.AreEqual("0xFFFFFFFC", state.GetValue(esp).ToString());
}
public void Setup()
{
prog = new Program();
prog.Image = new LoadedImage(Address.Ptr32(0x10000), new byte[4]);
var procAddress = Address.Ptr32(0x10000000);
instr = new IntelInstruction(Opcode.nop, PrimitiveType.Word32, PrimitiveType.Word32)
{
Address = procAddress,
};
proc = Procedure.Create(procAddress, arch.CreateFrame());
state = (X86State) arch.CreateProcessorState();
orw = new OperandRewriter32(arch, proc.Frame, new FakeRewriterHost(prog));
}
public void Simple()
{
var arch = new IntelArchitecture(ProcessorMode.Real);
X86State st = new X86State(arch);
st.SetRegister(Registers.cs, Constant.Word16(0xC00));
st.SetRegister(Registers.ax, Constant.Word16(0x1234));
Assert.IsTrue(!st.GetRegister(Registers.bx).IsValid);
Assert.IsTrue(st.GetRegister(Registers.ax).IsValid);
Assert.IsTrue(st.GetRegister(Registers.al).IsValid);
Assert.AreEqual(0x34, st.GetRegister(Registers.al).ToUInt32());
Assert.IsTrue(st.GetRegister(Registers.ah).IsValid);
Assert.AreEqual(0x12, st.GetRegister(Registers.ah).ToUInt32());
}
public void StackUnderflow_ReportError()
{
var arch = new IntelArchitecture(ProcessorMode.Protected32);
string reportedError = null;
var state = new X86State(arch)
{
ErrorListener = (err) => { reportedError = err; }
};
state.OnProcedureEntered();
state.SetRegister(Registers.esp, Constant.Word32(-4)); // Push only 4 bytes
var esp = CreateId(Registers.esp);
var site = state.OnBeforeCall(esp, 4);
state.OnAfterCall(esp, new ProcedureSignature
{
StackDelta = 16, // ...but pop 16 bytes
},
new Decompiler.Evaluation.ExpressionSimplifier(state)); //$TODO: hm. Move simplification out of state.
Assert.IsNotNull(reportedError);
}
public Expression Transform(IntelInstruction instr, MachineOperand op, PrimitiveType opWidth, X86State state)
{
var reg = op as RegisterOperand;
if (reg != null)
return AluRegister(reg);
var mem = op as MemoryOperand;
if (mem != null)
return CreateMemoryAccess(instr, mem, opWidth, state);
var imm = op as ImmediateOperand;
if (imm != null)
return CreateConstant(imm, opWidth);
var fpu = op as FpuOperand;
if (fpu != null)
return FpuRegister(fpu.StNumber, state);
var addr = op as AddressOperand;
if (addr != null)
return addr.Address;
throw new NotImplementedException(string.Format("Operand {0}", op));
}
public void Setup()
{
arch = new IntelArchitecture(ProcessorMode.Real);
var image = new LoadedImage(Address.Ptr32(0x10000), new byte[4]);
var prog = new Program(
image,
image.CreateImageMap(),
arch,
null);
var procAddress = Address.Ptr32(0x10000000);
instr = new IntelInstruction(Opcode.nop, PrimitiveType.Word16, PrimitiveType.Word16)
{
Address = procAddress,
};
proc = Procedure.Create(procAddress, arch.CreateFrame());
orw = new OperandRewriter16(arch, proc.Frame, new FakeRewriterHost(prog));
state = (X86State)arch.CreateProcessorState();
}
public Constant ReplaceCodeSegment(RegisterStorage reg, X86State state)
{
if (reg == Registers.cs && arch.WordWidth == PrimitiveType.Word16)
return state.GetRegister(reg);
else
return null;
}
/// <summary>
/// Changes the stack-relative address 'reg' into a frame-relative operand.
/// If the register number is larger than the stack depth, then
/// the register was passed on the stack when the function was called.
/// </summary>
/// <param name="reg"></param>
/// <returns></returns>
public Identifier FpuRegister(int reg, X86State state)
{
return frame.EnsureFpuStackVariable(reg - state.FpuStackItems, PrimitiveType.Real64);
}
/// <summary>
/// Memory accesses are translated into expressions.
/// </summary>
/// <param name="mem"></param>
/// <param name="state"></param>
/// <returns></returns>
public Expression EffectiveAddressExpression(IntelInstruction instr, MemoryOperand mem, X86State state)
{
Expression eIndex = null;
Expression eBase = null;
Expression expr = null;
PrimitiveType type = PrimitiveType.CreateWord(mem.Width.Size);
bool ripRelative = false;
if (mem.Base != RegisterStorage.None)
{
if (mem.Base == Registers.rip)
{
ripRelative = true;
}
else
{
eBase = AluRegister(mem.Base);
if (expr != null)
{
expr = new BinaryExpression(Operator.IAdd, eBase.DataType, eBase, expr);
}
else
{
expr = eBase;
}
}
}
if (mem.Offset.IsValid)
{
if (ripRelative)
{
expr = instr.Address + (instr.Length + mem.Offset.ToInt64());
}
else if (expr != null)
{
BinaryOperator op = Operator.IAdd;
long l = mem.Offset.ToInt64();
if (l < 0 && l > -0x800)
{
l = -l;
op = Operator.ISub;
}
DataType dt = (eBase != null) ? eBase.DataType : eIndex.DataType;
Constant cOffset = Constant.Create(dt, l);
expr = new BinaryExpression(op, dt, expr, cOffset);
}
else
{
expr = mem.Offset;
}
}
if (mem.Index != RegisterStorage.None)
{
eIndex = AluRegister(mem.Index);
if (mem.Scale != 0 && mem.Scale != 1)
{
eIndex = new BinaryExpression(
Operator.IMul, eIndex.DataType, eIndex, Constant.Create(mem.Width, mem.Scale));
}
expr = new BinaryExpression(Operator.IAdd, expr.DataType, expr, eIndex);
}
return expr;
}
public Expression CreateMemoryAccess(IntelInstruction instr, MemoryOperand memoryOperand, X86State state)
{
return CreateMemoryAccess(instr, memoryOperand, memoryOperand.Width, state);
}
public virtual Address MakeAddressFromSegOffset(X86State state, RegisterStorage seg, uint offset)
{
return state.AddressFromSegOffset(seg, offset);
}
public override Address MakeAddressFromSegOffset(X86State state, RegisterStorage seg, uint offset)
{
return Address.Ptr64(offset);
}
private X86Rewriter CreateRewriter32(byte [] bytes)
{
state = new X86State(arch32);
return new X86Rewriter(arch32, host, state, new LeImageReader(image, 0), new Frame(arch32.WordWidth));
}
public bool HasSameValues(X86State st2)
{
for (int i = 0; i < valid.Length; ++i)
{
if (valid[i] != st2.valid[i])
return false;
if (valid[i])
{
RegisterStorage reg = Registers.GetRegister(i);
ulong u1 = (ulong)(regs[reg.Number] & ((1UL << reg.DataType.BitSize) - 1UL));
ulong u2 = (ulong)(st2.regs[reg.Number] & ((1UL << reg.DataType.BitSize) - 1UL));
if (u1 != u2)
return false;
}
}
return true;
}
public void AreEqual()
{
var arch = new IntelArchitecture(ProcessorMode.Real);
X86State st1 = new X86State(arch);
X86State st2 = new X86State(arch);
Assert.IsTrue(st1.HasSameValues(st2));
}
public Expression CreateMemoryAccess(IntelInstruction instr, MemoryOperand mem, DataType dt, X86State state)
{
var exp = ImportedProcedureName(instr.Address, mem.Width, mem);
if (exp != null)
return new ProcedureConstant(arch.PointerType, exp);
Expression expr = EffectiveAddressExpression(instr, mem, state);
if (IsSegmentedAccessRequired ||
(mem.DefaultSegment != Registers.ds && mem.DefaultSegment != Registers.ss))
{
Expression seg = ReplaceCodeSegment(mem.DefaultSegment, state);
if (seg == null)
seg = AluRegister(mem.DefaultSegment);
return new SegmentedAccess(MemoryIdentifier.GlobalMemory, seg, expr, dt);
}
else
{
return new MemoryAccess(MemoryIdentifier.GlobalMemory, expr, dt);
}
}
private X86Rewriter CreateRewriter32(X86Assembler m)
{
state = new X86State(arch32);
return new X86Rewriter(arch32, host, state, m.GetImage().Image.CreateLeReader(0), new Frame(arch32.WordWidth));
}
