public void Dfa2_Simple()
{
var pb = new ProgramBuilder(new FakeArchitecture());
pb.Add("test", m=>
{
var r1 = m.Reg32("r1", 1);
var r2 = m.Reg32("r2", 2);
m.Assign(r1, m.LoadDw(m.Word32(0x010000)));
m.Assign(r2, m.LoadDw(m.Word32(0x010004)));
m.Store(m.Word32(0x010008), m.IAdd(r1, r2));
m.Return();
});
var dfa = new DataFlowAnalysis(pb.BuildProgram(), new FakeDecompilerEventListener());
dfa.AnalyzeProgram2();
var sExp = @"// test
// Return size: 0
void test()
test_entry:
// succ: l1
l1:
Mem3[0x00010008:word32] = Mem0[0x00010000:word32] + Mem0[0x00010004:word32]
return
// succ: test_exit
test_exit:
";
AssertProgram(sExp, pb.Program);
}
public void Dfa2_CallProc()
{
pb = new ProgramBuilder();
pb.Add("test", m =>
{
var sp = m.Register(m.Architecture.StackRegister);
var fooProc = GivenFunction("foo", m.Architecture.GetRegister(1), 4, 8);
m.Assign(sp, m.ISub(sp, 4));
m.Store(sp, 2);
m.Assign(sp, m.ISub(sp, 4));
m.Store(sp, 1);
m.Call(fooProc, 4);
m.Assign(sp, m.IAdd(sp, 8));
m.Return();
});
var dfa = new DataFlowAnalysis(pb.BuildProgram(), new FakeDecompilerEventListener());
dfa.UntangleProcedures2();
var sExp = @"// test
// Return size: 0
void test()
test_entry:
// succ: l1
l1:
Mem9[0x00010008:word32] = Mem0[fp + 0x00000004:word32] + Mem0[fp + 0x00000008:word32]
return
// succ: test_exit
test_exit:
";
AssertProgram(sExp, pb);
}
protected override void RunTest(Program prog, TextWriter writer)
{
DataFlowAnalysis dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
dfa.UntangleProcedures();
foreach (Procedure proc in prog.Procedures.Values)
{
var larw = new LongAddRewriter(proc, prog.Architecture);
larw.Transform();
Aliases alias = new Aliases(proc, prog.Architecture, dfa.ProgramDataFlow);
alias.Transform();
var sst = new SsaTransform(dfa.ProgramDataFlow, proc, proc.CreateBlockDominatorGraph());
SsaState ssa = sst.SsaState;
proc.Dump(true);
var vp = new ValuePropagator(ssa.Identifiers, proc);
vp.Transform();
var cce = new ConditionCodeEliminator(ssa.Identifiers, prog.Platform);
cce.Transform();
DeadCode.Eliminate(proc, ssa);
ssa.Write(writer);
proc.Write(false, writer);
writer.WriteLine();
}
}
protected override void RunTest(Program prog, TextWriter writer)
{
var dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
dfa.UntangleProcedures();
foreach (Procedure proc in prog.Procedures.Values)
{
writer.WriteLine("= {0} ========================", proc.Name);
var gr = proc.CreateBlockDominatorGraph();
Aliases alias = new Aliases(proc, prog.Architecture);
alias.Transform();
SsaTransform sst = new SsaTransform(dfa.ProgramDataFlow, proc, gr);
SsaState ssa = sst.SsaState;
var cce = new ConditionCodeEliminator(ssa.Identifiers, prog.Platform);
cce.Transform();
ssa.Write(writer);
proc.Write(false, writer);
writer.WriteLine();
ValuePropagator vp = new ValuePropagator(ssa.Identifiers, proc);
vp.Transform();
ssa.Write(writer);
proc.Write(false, writer);
}
}
private void PerformTest(FileUnitTester fut)
{
DataFlowAnalysis dfa = new DataFlowAnalysis(program, null, new FakeDecompilerEventListener());
dfa.UntangleProcedures();
foreach (Procedure proc in program.Procedures.Values)
{
Aliases alias = new Aliases(proc, program.Architecture);
alias.Transform();
SsaTransform sst = new SsaTransform(
dfa.ProgramDataFlow,
proc,
null,
proc.CreateBlockDominatorGraph(),
program.Platform.CreateImplicitArgumentRegisters());
SsaState ssa = sst.SsaState;
proc.Write(false, fut.TextWriter);
fut.TextWriter.WriteLine();
OutParameterTransformer opt = new OutParameterTransformer(proc, ssa.Identifiers);
opt.Transform();
DeadCode.Eliminate(proc, ssa);
proc.Write(false, fut.TextWriter);
fut.TextWriter.WriteLine("====================");
}
}
protected Program RewriteFile(string relativePath, Address addrBase)
{
sc = new ServiceContainer();
var config = new FakeDecompilerConfiguration();
var eventListener = new FakeDecompilerEventListener();
sc.AddService<IConfigurationService>(config);
sc.AddService<DecompilerHost>(new FakeDecompilerHost());
sc.AddService<DecompilerEventListener>(eventListener);
sc.AddService<IFileSystemService>(new FileSystemServiceImpl());
ILoader ldr = new Loader(sc);
var program = ldr.AssembleExecutable(
FileUnitTester.MapTestPath(relativePath),
new X86TextAssembler(sc, new X86ArchitectureReal()),
addrBase);
program.Platform = new DefaultPlatform(sc, program.Architecture);
var ep = new ImageSymbol(program.SegmentMap.BaseAddress);
var project = new Project { Programs = { program } };
var scan = new Scanner(
program,
new ImportResolver(project, program, eventListener),
sc);
scan.EnqueueImageSymbol(ep, true);
scan.ScanImage();
var importResolver = new ImportResolver(project, program, eventListener);
var dfa = new DataFlowAnalysis(program, importResolver, eventListener);
dfa.AnalyzeProgram();
return program;
}
protected override void RunTest(Program program, TextWriter writer)
{
var importResolver = MockRepository.GenerateStub<IImportResolver>();
importResolver.Replay();
var dfa = new DataFlowAnalysis(program, importResolver, new FakeDecompilerEventListener());
dfa.UntangleProcedures();
foreach (Procedure proc in program.Procedures.Values)
{
Aliases alias = new Aliases(proc, program.Architecture);
alias.Transform();
SsaTransform sst = new SsaTransform(
dfa.ProgramDataFlow,
proc,
importResolver,
proc.CreateBlockDominatorGraph(),
new HashSet<RegisterStorage>());
SsaState ssa = sst.SsaState;
GrfDefinitionFinder grfd = new GrfDefinitionFinder(ssa.Identifiers);
foreach (SsaIdentifier sid in ssa.Identifiers)
{
var id = sid.OriginalIdentifier as Identifier;
if (id == null || !(id.Storage is FlagGroupStorage) || sid.Uses.Count == 0)
continue;
writer.Write("{0}: ", sid.DefStatement.Instruction);
grfd.FindDefiningExpression(sid);
string fmt = grfd.IsNegated ? "!{0};" : "{0}";
writer.WriteLine(fmt, grfd.DefiningExpression);
}
}
}
protected Program RewriteFile(string relativePath, Address addrBase)
{
var sc = new ServiceContainer();
var config = new FakeDecompilerConfiguration();
sc.AddService<IConfigurationService>(config);
sc.AddService<DecompilerHost>(new FakeDecompilerHost());
sc.AddService<DecompilerEventListener>(new FakeDecompilerEventListener());
sc.AddService<IFileSystemService>(new FileSystemServiceImpl());
ILoader ldr = new Loader(sc);
var program = ldr.AssembleExecutable(
FileUnitTester.MapTestPath(relativePath),
new X86TextAssembler(sc, new IntelArchitecture(ProcessorMode.Real)),
addrBase);
program.Platform = new DefaultPlatform(sc, program.Architecture);
var ep = new EntryPoint(program.Image.BaseAddress, program.Architecture.CreateProcessorState());
var project = new Project { Programs = { program } };
var scan = new Scanner(
program,
new Dictionary<Address, ProcedureSignature>(),
new ImportResolver(project),
sc);
scan.EnqueueEntryPoint(ep);
scan.ScanImage();
var dfa = new DataFlowAnalysis(program, new FakeDecompilerEventListener());
dfa.AnalyzeProgram();
return program;
}
protected override void RunTest(Program prog, TextWriter writer)
{
var eventListener = new FakeDecompilerEventListener();
var dfa = new DataFlowAnalysis(prog, eventListener);
var trf = new TrashedRegisterFinder(prog, prog.Procedures.Values, dfa.ProgramDataFlow, eventListener);
trf.Compute();
trf.RewriteBasicBlocks();
var rl = RegisterLiveness.Compute(prog, dfa.ProgramDataFlow, eventListener);
DumpProcedureFlows(prog, dfa, rl, writer);
}
protected override void RunTest(Program prog, TextWriter writer)
{
var dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
var eventListener = new FakeDecompilerEventListener();
var trf = new TrashedRegisterFinder(prog, prog.Procedures.Values, dfa.ProgramDataFlow, eventListener);
trf.Compute();
trf.RewriteBasicBlocks();
RegisterLiveness rl = RegisterLiveness.Compute(prog, dfa.ProgramDataFlow, eventListener);
foreach (Procedure proc in prog.Procedures.Values)
{
LongAddRewriter larw = new LongAddRewriter(proc, prog.Architecture);
larw.Transform();
proc.Write(false, writer);
writer.WriteLine();
}
}
private void Build(Program prog)
{
var eventListener = new FakeDecompilerEventListener();
DataFlowAnalysis dfa = new DataFlowAnalysis(prog, null, eventListener);
dfa.UntangleProcedures();
foreach (Procedure proc in prog.Procedures.Values)
{
Aliases alias = new Aliases(proc, prog.Architecture);
alias.Transform();
var gr = proc.CreateBlockDominatorGraph();
SsaTransform sst = new SsaTransform(dfa.ProgramDataFlow, proc, null, gr, new HashSet<RegisterStorage>());
SsaState ssa = sst.SsaState;
ConditionCodeEliminator cce = new ConditionCodeEliminator(ssa, prog.Platform);
cce.Transform();
DeadCode.Eliminate(proc, ssa);
var vp = new ValuePropagator(prog.Architecture, ssa);
vp.Transform();
DeadCode.Eliminate(proc, ssa);
Coalescer coa = new Coalescer(proc, ssa);
coa.Transform();
DeadCode.Eliminate(proc, ssa);
LiveCopyInserter lci = new LiveCopyInserter(proc, ssa.Identifiers);
lci.Transform();
WebBuilder web = new WebBuilder(proc, ssa.Identifiers, new Dictionary<Identifier,LinearInductionVariable>());
web.Transform();
ssa.ConvertBack(false);
}
}
protected override void RunTest(Program program, TextWriter writer)
{
DataFlowAnalysis dfa = new DataFlowAnalysis(program, null, new FakeDecompilerEventListener());
dfa.UntangleProcedures();
foreach (Procedure proc in program.Procedures.Values)
{
Aliases alias = new Aliases(proc, program.Architecture);
alias.Transform();
SsaTransform sst = new SsaTransform(
dfa.ProgramDataFlow,
proc,
null,
proc.CreateBlockDominatorGraph(),
program.Platform.CreateImplicitArgumentRegisters());
SsaState ssa = sst.SsaState;
ConditionCodeEliminator cce = new ConditionCodeEliminator(ssa, program.Platform);
cce.Transform();
DeadCode.Eliminate(proc, ssa);
ssa.Write(writer);
proc.Write(false, writer);
}
}
protected void DumpProcedureFlows(Program prog, DataFlowAnalysis dfa, RegisterLiveness live, TextWriter w)
{
foreach (Procedure proc in prog.Procedures.Values)
{
w.WriteLine("// {0} /////////////////////", proc.Name);
ProcedureFlow flow = dfa.ProgramDataFlow[proc];
DataFlow.EmitRegisters(prog.Architecture, "\tLiveOut: ", flow.grfLiveOut, flow.LiveOut, w);
w.WriteLine();
DataFlow.EmitRegisters(prog.Architecture, "\tMayUseIn: ", flow.grfMayUse, flow.MayUse, w);
w.WriteLine();
DataFlow.EmitRegisters(prog.Architecture, "\tBypassIn: ", flow.grfMayUse, flow.ByPass, w);
w.WriteLine();
DataFlow.EmitRegisters(prog.Architecture, "\tTrashed: ", flow.grfTrashed, flow.TrashedRegisters, w);
w.WriteLine();
DataFlow.EmitRegisters(prog.Architecture, "\tPreserved:", flow.grfPreserved, flow.PreservedRegisters, w);
w.WriteLine();
w.WriteLine("// {0}", proc.Name);
proc.Signature.Emit(proc.Name, ProcedureSignature.EmitFlags.None, new TextFormatter(w));
w.WriteLine();
foreach (Block block in proc.SortBlocksByName())
{
if (live != null)
{
var bFlow = dfa.ProgramDataFlow[block];
bFlow.WriteBefore(prog.Architecture, w);
block.Write(w);
bFlow.WriteAfter(prog.Architecture, w);
w.WriteLine();
}
else
{
block.Write(w);
}
}
}
}
public void Transform()
{
CollectLiveOutStorages();
DumpLiveOut();
bool change;
do
{
if (eventListener.IsCanceled())
{
return;
}
change = false;
this.wl.AddRange(ssaStates);
while (wl.GetWorkItem(out SsaState ssa))
{
if (this.eventListener.IsCanceled())
{
return;
}
var vp = new ValuePropagator(program.SegmentMap, ssa, program.CallGraph, dynamicLinker, eventListener);
vp.Transform();
change |= RemoveUnusedDefinedValues(ssa, wl);
DataFlowAnalysis.DumpWatchedProcedure("After RemoveUnusedDefinedValues", ssa.Procedure);
change |= RemoveLiveInStorages(ssa.Procedure, dataFlow[ssa.Procedure], wl);
DataFlowAnalysis.DumpWatchedProcedure("After RemoveLiveInStorages", ssa.Procedure);
}
} while (change);
foreach (var proc in procToSsa.Keys)
{
var liveOut = CollectLiveOutStorages(proc);
var flow = this.dataFlow[proc];
flow.BitsLiveOut = SummarizeStorageBitranges(flow.BitsLiveOut.Concat(liveOut));
flow.grfLiveOut = SummarizeFlagGroups(liveOut);
}
}
protected void RunHexTest(string hexFile, string outputFile)
{
var svc = new ServiceContainer();
var cfg = new FakeDecompilerConfiguration();
svc.AddService<IConfigurationService>(cfg);
svc.AddService<DecompilerEventListener>(new FakeDecompilerEventListener());
svc.AddService<DecompilerHost>(new FakeDecompilerHost());
ILoader ldr = new Loader(svc);
var imgLoader = new DchexLoader(FileUnitTester.MapTestPath( hexFile), svc, null);
var img = imgLoader.Load(null);
var program = new Program(img.Image, img.Image.CreateImageMap(), img.Architecture, img.Platform);
var project = new Project { Programs = { program } };
var ep = new EntryPoint(program.Image.BaseAddress, program.Architecture.CreateProcessorState());
var scan = new Scanner(program, new Dictionary<Address, ProcedureSignature>(), new ImportResolver(project), svc);
scan.EnqueueEntryPoint(ep);
scan.ScanImage();
var dfa = new DataFlowAnalysis(program, new FakeDecompilerEventListener());
dfa.AnalyzeProgram();
RunTest(program, outputFile);
}
protected void RunHexTest(string hexFile, string outputFile)
{
var svc = new ServiceContainer();
var cfg = new FakeDecompilerConfiguration();
var eventListener = new FakeDecompilerEventListener();
svc.AddService<IConfigurationService>(cfg);
svc.AddService<DecompilerEventListener>(eventListener);
svc.AddService<DecompilerHost>(new FakeDecompilerHost());
ILoader ldr = new Loader(svc);
var imgLoader = new DchexLoader(FileUnitTester.MapTestPath( hexFile), svc, null);
var program = imgLoader.Load(null);
var project = new Project { Programs = { program } };
var ep = new ImageSymbol(program.ImageMap.BaseAddress);
var importResolver = new ImportResolver(project, program, eventListener);
var scan = new Scanner(program, importResolver, svc);
scan.EnqueueImageSymbol(ep, true);
scan.ScanImage();
var dfa = new DataFlowAnalysis(program, null, eventListener);
dfa.AnalyzeProgram();
RunTest(program, outputFile);
}
protected void RunTest(ProgramBuilder mock, string outputFile)
{
Program program = mock.BuildProgram();
var importResolver = MockRepository.GenerateStub<IImportResolver>();
DataFlowAnalysis dfa = new DataFlowAnalysis(program, importResolver, new FakeDecompilerEventListener());
dfa.DumpProgram();
dfa.BuildExpressionTrees();
RunTest(program, outputFile);
}
public void Dfa2_FactorialReg()
{
pb = new ProgramBuilder();
pb.Add("fact", m =>
{
var sp = m.Register(m.Architecture.StackRegister);
var r1 = m.Register(1);
var r2 = m.Register(2);
var r3 = m.Register(3);
var cc = m.Flags(0xF, "cc");
m.Assign(sp, m.Frame.FramePointer);
m.Assign(r2, r1);
m.Assign(r1, 1);
m.Assign(cc, m.Cond(m.ISub(r2, r1)));
m.BranchIf(m.Test(ConditionCode.LE, cc), "done");
m.Assign(sp, m.ISub(sp, 4));
m.Store(sp, r2);
m.Assign(r1, m.ISub(r2, r1));
m.Call("fact", 0);
m.Assign(r2, m.LoadDw(sp));
m.Assign(sp, m.IAdd(sp, 4));
m.Assign(r1, m.IMul(r1, r2));
m.Label("done");
m.Return();
});
var dfa = new DataFlowAnalysis(pb.BuildProgram(), new FakeDecompilerEventListener());
dfa.UntangleProcedures2();
var sExp =
@"@@@";
AssertProgram(sExp, pb);
}
private Program RewriteProgram()
{
var eventListener = new FakeDecompilerEventListener();
var importResolver = MockRepository.GenerateStub<IImportResolver>();
importResolver.Replay();
var scan = new Scanner(
program,
importResolver,
sc);
foreach (ImageSymbol ep in program.EntryPoints.Values)
{
scan.EnqueueImageSymbol(ep, true);
}
scan.ScanImage();
var dfa = new DataFlowAnalysis(program, importResolver, eventListener);
dfa.AnalyzeProgram();
return program;
}
protected override void RunTest(Program program, TextWriter writer)
{
var importResolver = MockRepository.GenerateStub<IImportResolver>();
DataFlowAnalysis dfa = new DataFlowAnalysis(program, importResolver, new FakeDecompilerEventListener());
dfa.UntangleProcedures();
foreach (Procedure proc in program.Procedures.Values)
{
var larw = new LongAddRewriter(proc, program.Architecture);
larw.Transform();
Aliases alias = new Aliases(proc, program.Architecture, dfa.ProgramDataFlow);
alias.Transform();
var sst = new SsaTransform(dfa.ProgramDataFlow, proc, importResolver, proc.CreateBlockDominatorGraph(), new HashSet<RegisterStorage>());
SsaState ssa = sst.SsaState;
var cce = new ConditionCodeEliminator(ssa, program.Platform);
cce.Transform();
var vp = new ValuePropagator(program.Architecture, ssa);
vp.Transform();
DeadCode.Eliminate(proc, ssa);
ssa.Write(writer);
proc.Write(false, writer);
writer.WriteLine();
}
}
public void TrcoTreeFind()
{
ProgramBuilder m = new ProgramBuilder();
m.Add(new TreeFindMock());
Program prog = m.BuildProgram();
DataFlowAnalysis dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
dfa.AnalyzeProgram();
RunTest(prog, "Typing/TrcoTreeFind.txt");
}
public void TrcoIntelIndexedAddressingMode()
{
ProgramBuilder m = new ProgramBuilder();
m.Add(new IntelIndexedAddressingMode());
Program prog = m.BuildProgram();
DataFlowAnalysis dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
dfa.AnalyzeProgram();
RunTest(prog, "Typing/TrcoIntelIndexedAddressingMode.txt");
}
public void Dfa2_StackArgs()
{
var pb = new ProgramBuilder(new FakeArchitecture());
pb.Add("test", m =>
{
var sp = m.Register(m.Architecture.StackRegister);
var r1 = m.Reg32("r1");
var r2 = m.Reg32("r2");
m.Assign(sp, m.Frame.FramePointer);
m.Assign(r1, m.LoadDw(m.IAdd(sp, 4)));
m.Assign(r2, m.LoadDw(m.IAdd(sp, 8)));
m.Assign(r1, m.IAdd(r1, r2));
m.Store(m.Word32(0x010008), r1);
m.Return();
});
var dfa = new DataFlowAnalysis(pb.BuildProgram(), new FakeDecompilerEventListener());
dfa.UntangleProcedures2();
var sExp = @"// test
// Return size: 0
void test()
test_entry:
// succ: l1
l1:
Mem9[0x00010008:word32] = Mem0[fp + 0x00000004:word32] + Mem0[fp + 0x00000008:word32]
return
// succ: test_exit
test_exit:
";
AssertProgram(sExp, pb);
}
protected override void RunTest(Program prog, TextWriter fut)
{
DataFlowAnalysis dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
dfa.UntangleProcedures();
foreach (Procedure proc in prog.Procedures.Values)
{
Aliases alias = new Aliases(proc, prog.Architecture);
alias.Transform();
SsaTransform sst = new SsaTransform(dfa.ProgramDataFlow, proc, proc.CreateBlockDominatorGraph());
SsaState ssa = sst.SsaState;
ConditionCodeEliminator cce = new ConditionCodeEliminator(ssa.Identifiers, prog.Platform);
cce.Transform();
DeadCode.Eliminate(proc, ssa);
ValuePropagator vp = new ValuePropagator(ssa.Identifiers, proc);
vp.Transform();
DeadCode.Eliminate(proc, ssa);
Coalescer co = new Coalescer(proc, ssa);
co.Transform();
ssa.Write(fut);
proc.Write(false, fut);
fut.WriteLine();
}
}
public void Dfa2_FactorialReg()
{
var program = Factorial.BuildSample();
var dfa = new DataFlowAnalysis(program, new FakeDecompilerEventListener());
dfa.AnalyzeProgram2();
var sExp =
@"@@@";
AssertProgram(sExp, program);
}
protected override void RunTest(Program program, TextWriter fut)
{
InitProgram(program);
IImportResolver importResolver = null;
var eventListener = new FakeDecompilerEventListener();
DataFlowAnalysis dfa = new DataFlowAnalysis(
program,
importResolver,
eventListener);
dfa.UntangleProcedures();
foreach (Procedure proc in program.Procedures.Values)
{
SsaTransform sst = new SsaTransform(
dfa.ProgramDataFlow,
proc,
importResolver,
proc.CreateBlockDominatorGraph(),
new HashSet<RegisterStorage>());
SsaState ssa = sst.SsaState;
var icrw = new IndirectCallRewriter(
program,
ssa,
eventListener);
icrw.Rewrite();
ssa.Write(fut);
proc.Write(false, fut);
fut.WriteLine();
}
}
protected void RunTest(ProgramBuilder mock, string outputFile)
{
Program prog = mock.BuildProgram();
DataFlowAnalysis dfa = new DataFlowAnalysis(prog, new FakeDecompilerEventListener());
dfa.DumpProgram();
dfa.BuildExpressionTrees();
RunTest(prog, outputFile);
}
public void Dfa2_UserDefinedStackArgs()
{
var arch = new X86ArchitectureFlat32();
var pb = new ProgramBuilder(arch);
var test = pb.Add(
new Procedure_v1
{
CSignature = "void test(int a, int b)"
},
m => {
var sp = m.Register(m.Architecture.StackRegister);
var r1 = m.Reg32("r1", 1);
var r2 = m.Reg32("r2", 2);
var fp = m.Frame.FramePointer;
m.Assign(r1, m.LoadDw(m.IAdd(fp, 4)));
m.Assign(r2, m.LoadDw(m.IAdd(fp, 8)));
m.Assign(r1, m.IAdd(r1, r2));
m.Store(m.Word32(0x010008), r1);
m.Return();
});
var program = pb.BuildProgram();
var platform = new FakePlatform(null, arch);
platform.Test_CreateProcedureSerializer = (t, d) =>
{
var typeLoader = new TypeLibraryDeserializer(platform, false, new TypeLibrary());
return new X86ProcedureSerializer((IntelArchitecture)program.Architecture, typeLoader, "");
};
program.Platform = platform;
var dfa = new DataFlowAnalysis(program, new FakeDecompilerEventListener());
dfa.AnalyzeProgram2();
var sExp = @"// test
// Return size: 4
void test(int32 a, int32 b)
test_entry:
// succ: l1
l1:
word32 r1_4 = a + b
Mem5[0x00010008:word32] = r1_4
return
// succ: test_exit
test_exit:
";
AssertProgram(sExp, pb.Program);
}
///<summary>
/// Determines the signature of the procedures,
/// the locations and types of all the values in the program.
///</summary>
public virtual void AnalyzeDataFlow()
{
foreach (var program in project.Programs)
{
eventListener.ShowStatus("Performing interprocedural analysis.");
var dfa = new DataFlowAnalysis(program, eventListener);
dfa.UntangleProcedures();
dfa.BuildExpressionTrees();
host.WriteIntermediateCode(program, writer => { EmitProgram(program, dfa, writer); });
}
eventListener.ShowStatus("Interprocedural analysis complete.");
}
public void Dfa2_StackArgs()
{
var pb = new ProgramBuilder(new FakeArchitecture());
pb.Add("test", m =>
{
var sp = m.Register(m.Architecture.StackRegister);
var r1 = m.Reg32("r1", 1);
var r2 = m.Reg32("r2", 2);
m.Assign(sp, m.Frame.FramePointer);
m.Assign(r1, m.LoadDw(m.IAdd(sp, 4)));
m.Assign(r2, m.LoadDw(m.IAdd(sp, 8)));
m.Assign(r1, m.IAdd(r1, r2));
m.Store(m.Word32(0x010008), r1);
m.Return();
});
var dfa = new DataFlowAnalysis(pb.BuildProgram(), new FakeDecompilerEventListener());
dfa.AnalyzeProgram2();
var sExp = @"// test
// Return size: 0
void test()
test_entry:
// succ: l1
l1:
Mem6[0x00010008:word32] = dwArg04 + dwArg08
word32 r63_1 = fp
word32 r2_4 = dwArg08
return
// succ: test_exit
test_exit:
";
AssertProgram(sExp, pb.Program);
}
private void EmitProgram(Program program, DataFlowAnalysis dfa, TextWriter output)
{
if (output == null)
return;
foreach (Procedure proc in program.Procedures.Values)
{
if (dfa != null)
{
ProcedureFlow flow = dfa.ProgramDataFlow[proc];
TextFormatter f = new TextFormatter(output);
if (flow.Signature != null)
flow.Signature.Emit(proc.Name, ProcedureSignature.EmitFlags.LowLevelInfo, f);
else if (proc.Signature != null)
proc.Signature.Emit(proc.Name, ProcedureSignature.EmitFlags.LowLevelInfo, f);
else
output.Write("Warning: no signature found for {0}", proc.Name);
output.WriteLine();
flow.Emit(program.Architecture, output);
foreach (Block block in new DfsIterator<Block>(proc.ControlGraph).PostOrder().Reverse())
{
if (block == null)
continue;
block.Write(output); output.Flush();
BlockFlow bf = dfa.ProgramDataFlow[block];
if (bf != null)
{
bf.Emit(program.Architecture, output);
output.WriteLine();
}
}
}
else
{
proc.Write(false, output);
}
output.WriteLine();
output.WriteLine();
}
output.Flush();
}