public void Dfa2_Simple()
{
var pb = new ProgramBuilder(new FakeArchitecture());
pb.Add("test", m=>
{
var r1 = m.Reg32("r1");
var r2 = m.Reg32("r2");
m.Assign(r1, m.LoadDw(m.Word32(0x010000)));
m.Assign(r2, m.LoadDw(m.Word32(0x010004)));
m.Store(m.Word32(0x010008), m.IAdd(r1, r2));
m.Return();
});
var dfa = new DataFlowAnalysis(pb.BuildProgram(), new FakeDecompilerEventListener());
dfa.UntangleProcedures2();
var sExp = @"// test
// Return size: 0
void test()
test_entry:
// succ: l1
l1:
Mem6[0x00010008:word32] = Mem0[0x00010000:word32] + Mem0[0x00010004:word32]
return
// succ: test_exit
test_exit:
";
AssertProgram(sExp, pb);
}
protected override void RunTest(Program prog, TextWriter writer)
{
DataFlowAnalysis dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
dfa.UntangleProcedures();
foreach (Procedure proc in prog.Procedures.Values)
{
var larw = new LongAddRewriter(proc, prog.Architecture);
larw.Transform();
Aliases alias = new Aliases(proc, prog.Architecture, dfa.ProgramDataFlow);
alias.Transform();
var sst = new SsaTransform(dfa.ProgramDataFlow, proc, proc.CreateBlockDominatorGraph());
SsaState ssa = sst.SsaState;
proc.Dump(true, false);
var vp = new ValuePropagator(ssa.Identifiers, proc);
vp.Transform();
var cce = new ConditionCodeEliminator(ssa.Identifiers, prog.Platform);
cce.Transform();
DeadCode.Eliminate(proc, ssa);
ssa.Write(writer);
proc.Write(false, writer);
writer.WriteLine();
}
}
protected override void RunTest(Program prog, TextWriter writer)
{
var dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
dfa.UntangleProcedures();
foreach (Procedure proc in prog.Procedures.Values)
{
writer.WriteLine("= {0} ========================", proc.Name);
var gr = proc.CreateBlockDominatorGraph();
Aliases alias = new Aliases(proc, prog.Architecture);
alias.Transform();
SsaTransform sst = new SsaTransform(dfa.ProgramDataFlow, proc, gr);
SsaState ssa = sst.SsaState;
var cce = new ConditionCodeEliminator(ssa.Identifiers, prog.Platform);
cce.Transform();
ssa.Write(writer);
proc.Write(false, writer);
writer.WriteLine();
ValuePropagator vp = new ValuePropagator(ssa.Identifiers, proc);
vp.Transform();
ssa.Write(writer);
proc.Write(false, writer);
}
}
protected Program RewriteFile(string relativePath, Address addrBase)
{
var services = new ServiceContainer();
var config = new FakeDecompilerConfiguration();
services.AddService<IConfigurationService>(config);
ILoader ldr = new Loader(services);
var program = ldr.AssembleExecutable(
FileUnitTester.MapTestPath(relativePath),
new X86TextAssembler(new IntelArchitecture(ProcessorMode.Real)),
addrBase);
program.Platform = new DefaultPlatform(services, program.Architecture);
var ep = new EntryPoint(program.Image.BaseAddress, program.Architecture.CreateProcessorState());
var project = new Project { Programs = { program } };
var scan = new Scanner(
program,
new Dictionary<Address, ProcedureSignature>(),
new ImportResolver(project),
new FakeDecompilerEventListener());
scan.EnqueueEntryPoint(ep);
scan.ScanImage();
var dfa = new DataFlowAnalysis(program, new FakeDecompilerEventListener());
dfa.AnalyzeProgram();
return program;
}
protected override void RunTest(Program prog, TextWriter writer)
{
var eventListener = new FakeDecompilerEventListener();
var dfa = new DataFlowAnalysis(prog, eventListener);
var trf = new TrashedRegisterFinder(prog, prog.Procedures.Values, dfa.ProgramDataFlow, eventListener);
trf.Compute();
trf.RewriteBasicBlocks();
var rl = RegisterLiveness.Compute(prog, dfa.ProgramDataFlow, eventListener);
DumpProcedureFlows(prog, dfa, rl, writer);
}
protected override void RunTest(Program prog, TextWriter writer)
{
var dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
var eventListener = new FakeDecompilerEventListener();
var trf = new TrashedRegisterFinder(prog, prog.Procedures.Values, dfa.ProgramDataFlow, eventListener);
trf.Compute();
trf.RewriteBasicBlocks();
RegisterLiveness rl = RegisterLiveness.Compute(prog, dfa.ProgramDataFlow, eventListener);
foreach (Procedure proc in prog.Procedures.Values)
{
LongAddRewriter larw = new LongAddRewriter(proc, prog.Architecture);
larw.Transform();
proc.Write(false, writer);
writer.WriteLine();
}
}
private void PerformTest(FileUnitTester fut)
{
DataFlowAnalysis dfa = new DataFlowAnalysis(program, new FakeDecompilerEventListener());
dfa.UntangleProcedures();
foreach (Procedure proc in program.Procedures.Values)
{
Aliases alias = new Aliases(proc, program.Architecture);
alias.Transform();
SsaTransform sst = new SsaTransform(dfa.ProgramDataFlow, proc, proc.CreateBlockDominatorGraph());
SsaState ssa = sst.SsaState;
proc.Write(false, fut.TextWriter);
fut.TextWriter.WriteLine();
OutParameterTransformer opt = new OutParameterTransformer(proc, ssa.Identifiers);
opt.Transform();
DeadCode.Eliminate(proc, ssa);
proc.Write(false, fut.TextWriter);
fut.TextWriter.WriteLine("====================");
}
}
protected override void RunTest(Program prog, TextWriter writer)
{
DataFlowAnalysis dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
dfa.UntangleProcedures();
foreach (Procedure proc in prog.Procedures.Values)
{
Aliases alias = new Aliases(proc, prog.Architecture);
alias.Transform();
SsaTransform sst = new SsaTransform(dfa.ProgramDataFlow, proc, proc.CreateBlockDominatorGraph());
SsaState ssa = sst.SsaState;
GrfDefinitionFinder grfd = new GrfDefinitionFinder(ssa.Identifiers);
foreach (SsaIdentifier sid in ssa.Identifiers)
{
var id = sid.OriginalIdentifier as Identifier;
if (id == null || !(id.Storage is FlagGroupStorage) || sid.Uses.Count == 0)
continue;
writer.Write("{0}: ", sid.DefStatement.Instruction);
grfd.FindDefiningExpression(sid);
string fmt = grfd.IsNegated ? "!{0};" : "{0}";
writer.WriteLine(fmt, grfd.DefiningExpression);
}
}
}
protected void DumpProcedureFlows(Program prog, DataFlowAnalysis dfa, RegisterLiveness live, TextWriter w)
{
foreach (Procedure proc in prog.Procedures.Values)
{
w.WriteLine("// {0} /////////////////////", proc.Name);
ProcedureFlow flow = dfa.ProgramDataFlow[proc];
DataFlow.EmitRegisters(prog.Architecture, "\tLiveOut: ", flow.grfLiveOut, flow.LiveOut, w);
w.WriteLine();
DataFlow.EmitRegisters(prog.Architecture, "\tMayUseIn: ", flow.grfMayUse, flow.MayUse, w);
w.WriteLine();
DataFlow.EmitRegisters(prog.Architecture, "\tBypassIn: ", flow.grfMayUse, flow.ByPass, w);
w.WriteLine();
DataFlow.EmitRegisters(prog.Architecture, "\tTrashed: ", flow.grfTrashed, flow.TrashedRegisters, w);
w.WriteLine();
DataFlow.EmitRegisters(prog.Architecture, "\tPreserved:", flow.grfPreserved, flow.PreservedRegisters, w);
w.WriteLine();
w.WriteLine("// {0}", proc.Name);
proc.Signature.Emit(proc.Name, ProcedureSignature.EmitFlags.None, new TextFormatter(w));
w.WriteLine();
foreach (Block block in proc.SortBlocksByName())
{
if (live != null)
{
var bFlow = dfa.ProgramDataFlow[block];
bFlow.WriteBefore(prog.Architecture, w);
block.Write(w);
bFlow.WriteAfter(prog.Architecture, w);
w.WriteLine();
}
else
{
block.Write(w);
}
}
}
}
private void Build(Program prog)
{
DataFlowAnalysis dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
dfa.UntangleProcedures();
foreach (Procedure proc in prog.Procedures.Values)
{
Aliases alias = new Aliases(proc, prog.Architecture);
alias.Transform();
var gr = proc.CreateBlockDominatorGraph();
SsaTransform sst = new SsaTransform(dfa.ProgramDataFlow, proc, gr);
SsaState ssa = sst.SsaState;
ConditionCodeEliminator cce = new ConditionCodeEliminator(ssa.Identifiers, prog.Platform);
cce.Transform();
DeadCode.Eliminate(proc, ssa);
var vp = new ValuePropagator(ssa.Identifiers, proc);
vp.Transform();
DeadCode.Eliminate(proc, ssa);
Coalescer coa = new Coalescer(proc, ssa);
coa.Transform();
DeadCode.Eliminate(proc, ssa);
LiveCopyInserter lci = new LiveCopyInserter(proc, ssa.Identifiers);
lci.Transform();
WebBuilder web = new WebBuilder(proc, ssa.Identifiers, new Dictionary<Identifier,LinearInductionVariable>());
web.Transform();
ssa.ConvertBack(false);
}
}
private Program RewriteProgram()
{
var project = new Project { Programs = { program } };
var scan = new Scanner(
program,
new Dictionary<Address, ProcedureSignature>(),
new ImportResolver(project),
new FakeDecompilerEventListener());
foreach (EntryPoint ep in program.EntryPoints)
{
scan.EnqueueEntryPoint(ep);
}
scan.ScanImage();
DecompilerEventListener eventListener = new FakeDecompilerEventListener();
DataFlowAnalysis da = new DataFlowAnalysis(program, eventListener);
da.AnalyzeProgram();
return program;
}
public void TrcoIntelIndexedAddressingMode()
{
ProgramBuilder m = new ProgramBuilder();
m.Add(new IntelIndexedAddressingMode());
Program prog = m.BuildProgram();
DataFlowAnalysis dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
dfa.AnalyzeProgram();
RunTest(prog, "Typing/TrcoIntelIndexedAddressingMode.txt");
}
protected void RunHexTest(string hexFile, string outputFile)
{
var svc = new ServiceContainer();
var cfg = new FakeDecompilerConfiguration();
svc.AddService<IConfigurationService>(cfg);
ILoader ldr = new Loader(svc);
var imgLoader = new DchexLoader(FileUnitTester.MapTestPath( hexFile), svc, null);
var img = imgLoader.Load(null);
var program = new Program(img.Image, img.Image.CreateImageMap(), img.Architecture, img.Platform);
var project = new Project { Programs = { program } };
var ep = new EntryPoint(program.Image.BaseAddress, program.Architecture.CreateProcessorState());
var scan = new Scanner(program, new Dictionary<Address, ProcedureSignature>(), new ImportResolver(project), new FakeDecompilerEventListener());
scan.EnqueueEntryPoint(ep);
scan.ScanImage();
var dfa = new DataFlowAnalysis(program, new FakeDecompilerEventListener());
dfa.AnalyzeProgram();
RunTest(program, outputFile);
}
public void Dfa2_FactorialReg()
{
pb = new ProgramBuilder();
pb.Add("fact", m =>
{
var sp = m.Register(m.Architecture.StackRegister);
var r1 = m.Register(1);
var r2 = m.Register(2);
var r3 = m.Register(3);
var cc = m.Flags(0xF, "cc");
m.Assign(sp, m.Frame.FramePointer);
m.Assign(r2, r1);
m.Assign(r1, 1);
m.Assign(cc, m.Cond(m.ISub(r2, r1)));
m.BranchIf(m.Test(ConditionCode.LE, cc), "done");
m.Assign(sp, m.ISub(sp, 4));
m.Store(sp, r2);
m.Assign(r1, m.ISub(r2, r1));
m.Call("fact", 0);
m.Assign(r2, m.LoadDw(sp));
m.Assign(sp, m.IAdd(sp, 4));
m.Assign(r1, m.IMul(r1, r2));
m.Label("done");
m.Return();
});
var dfa = new DataFlowAnalysis(pb.BuildProgram(), new FakeDecompilerEventListener());
dfa.UntangleProcedures2();
var sExp =
@"@@@";
AssertProgram(sExp, pb);
}
public void Dfa2_CallProc()
{
pb = new ProgramBuilder();
pb.Add("test", m =>
{
var sp = m.Register(m.Architecture.StackRegister);
var fooProc = GivenFunction("foo", m.Architecture.GetRegister(1), 4, 8);
m.Assign(sp, m.ISub(sp, 4));
m.Store(sp, 2);
m.Assign(sp, m.ISub(sp, 4));
m.Store(sp, 1);
m.Call(fooProc, 4);
m.Assign(sp, m.IAdd(sp, 8));
m.Return();
});
var dfa = new DataFlowAnalysis(pb.BuildProgram(), new FakeDecompilerEventListener());
dfa.UntangleProcedures2();
var sExp = @"// test
// Return size: 0
void test()
test_entry:
// succ: l1
l1:
Mem9[0x00010008:word32] = Mem0[fp + 0x00000004:word32] + Mem0[fp + 0x00000008:word32]
return
// succ: test_exit
test_exit:
";
AssertProgram(sExp, pb);
}
public void TrcoTreeFind()
{
ProgramBuilder m = new ProgramBuilder();
m.Add(new TreeFindMock());
Program prog = m.BuildProgram();
DataFlowAnalysis dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
dfa.AnalyzeProgram();
RunTest(prog, "Typing/TrcoTreeFind.txt");
}
protected override void RunTest(Program prog, TextWriter writer)
{
dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
dfa.UntangleProcedures();
foreach (Procedure proc in prog.Procedures.Values)
{
ProcedureFlow flow = dfa.ProgramDataFlow[proc];
proc.Signature.Emit(proc.Name, ProcedureSignature.EmitFlags.ArgumentKind, new TextFormatter(writer));
writer.WriteLine();
flow.Emit(prog.Architecture, writer);
proc.Write(true, writer);
writer.Flush();
}
}
protected void RunTest(ProgramBuilder mock, string outputFile)
{
Program prog = mock.BuildProgram();
DataFlowAnalysis dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
dfa.DumpProgram();
dfa.BuildExpressionTrees();
RunTest(prog, outputFile);
}
protected override void RunTest(Program prog, TextWriter fut)
{
DataFlowAnalysis dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
dfa.UntangleProcedures();
foreach (Procedure proc in prog.Procedures.Values)
{
Aliases alias = new Aliases(proc, prog.Architecture);
alias.Transform();
SsaTransform sst = new SsaTransform(dfa.ProgramDataFlow, proc, proc.CreateBlockDominatorGraph());
SsaState ssa = sst.SsaState;
ConditionCodeEliminator cce = new ConditionCodeEliminator(ssa.Identifiers, prog.Platform);
cce.Transform();
DeadCode.Eliminate(proc, ssa);
ValuePropagator vp = new ValuePropagator(ssa.Identifiers, proc);
vp.Transform();
DeadCode.Eliminate(proc, ssa);
Coalescer co = new Coalescer(proc, ssa);
co.Transform();
ssa.Write(fut);
proc.Write(false, fut);
fut.WriteLine();
}
}
protected override void RunTest(Program prog, TextWriter writer)
{
dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
dfa.AnalyzeProgram();
foreach (Procedure proc in prog.Procedures.Values)
{
ProcedureFlow flow = dfa.ProgramDataFlow[proc];
writer.Write("// ");
flow.Signature.Emit(proc.Name, ProcedureSignature.EmitFlags.ArgumentKind|ProcedureSignature.EmitFlags.LowLevelInfo, writer);
flow.Emit(prog.Architecture, writer);
proc.Write(false, writer);
writer.WriteLine();
}
}
