public void BwInvertedCondition() { var ebx = m.Reg32("ebx", 3); var eax = m.Reg32("eax", 0); var CZ = m.Flags("CZ"); m.Assign(CZ, m.Cond(m.ISub(ebx, 0x30))); m.BranchIf(m.Test(ConditionCode.ULE, CZ), "do_switch"); m.Goto("default_case"); m.Label("do_switch"); m.Assign(eax, 0); var block = m.CurrentBlock; var xfer = new RtlGoto(m.Mem32(m.IAdd(Constant.Word32(0x00123400), m.IMul(ebx, 4))), RtlClass.Transfer); m.Label("default_case"); m.Return(); var bw = new Backwalker <Block, Instruction>(host, xfer, expSimp); Assert.IsTrue(bw.CanBackwalk()); var ops = bw.BackWalk(block); Assert.AreEqual(3, ops.Count); Assert.AreEqual("cmp 48", ops[0].ToString()); Assert.AreEqual("branch UGT", ops[1].ToString()); Assert.AreEqual("* 4", ops[2].ToString()); }
public void BwLoadDirect() { var r1 = m.Reg32("r1", 1); m.Assign(r1, m.Mem32(Constant.Word32(0x00123400))); var xfer = new RtlGoto(m.Mem32(m.IAdd(Constant.Word32(0x00113300), m.IMul(r1, 8))), InstrClass.Transfer); var bw = new Backwalker<Block, Instruction>(host, xfer, expSimp); Assert.IsTrue(bw.CanBackwalk()); var ops = bw.BackWalk(m.Block); Assert.IsNull(ops, "Should have reported missing guard."); }
private void RunTest(IntelArchitecture arch, RtlTransfer rtlTransfer, string outputFile) { using (var fut = new FileUnitTester(outputFile)) { m.Procedure.Write(false, fut.TextWriter); fut.TextWriter.Flush(); var ibw = new Backwalker <Block, Instruction>(host, rtlTransfer, expSimp); var bwoList = ibw.BackWalk(m.CurrentBlock); Assert.IsNotNull(bwoList); foreach (BackwalkOperation bwo in bwoList) { fut.TextWriter.WriteLine(bwo); } fut.TextWriter.WriteLine("Index register: {0}", ibw.Index); fut.AssertFilesEqual(); } }
public void BwUnresolveableIndirect() { var eax = m.Reg32("eax", 0); var esi = m.Reg32("esi", 6); var Z = m.Frame.EnsureFlagGroup(Registers.eflags, 1, "Z", PrimitiveType.Bool); var xfer = new RtlCall(eax, 4, InstrClass.Transfer); m.Assign(eax, m.Mem32(esi)); m.Assign(Z, m.Cond(m.And(eax, eax))); m.BranchIf(m.Test(ConditionCode.EQ, Z), "null_ptr"); m.Label("do_call"); var bw = new Backwalker <Block, Instruction>(host, xfer, expSimp); Assert.IsTrue(bw.CanBackwalk()); Assert.AreEqual("eax", bw.Index.Name); bw.BackWalk(m.Block); Assert.AreEqual("None", bw.Index.ToString()); }
public void BwUnresolveableIndirect() { var eax = m.Frame.CreateTemporary("eax", PrimitiveType.Word32); var esi = m.Frame.CreateTemporary("esi", PrimitiveType.Word32); var Z = m.Frame.EnsureFlagGroup(1, "Z", PrimitiveType.Bool); var xfer = new RtlCall(eax, 4, RtlClass.Transfer); m.Assign(eax, m.LoadDw(esi)); m.Assign(Z, m.Cond(m.And(eax, eax))); m.BranchIf(m.Test(ConditionCode.EQ, Z), "null_ptr"); m.Label("do_call"); var bw = new Backwalker(host, xfer, expSimp); Assert.IsTrue(bw.CanBackwalk()); Assert.AreEqual("eax", bw.Index.Name); bw.BackWalk(m.Block); Assert.AreEqual("None", bw.Index.Name); }
public void BwZeroExtend() { var rax = m.Reg64("rax", 0); var eax = m.Reg32("eax", 0); var al = m.Reg8("al", 0); var ecx = m.Reg32("ecx", 1); var CZ = m.Flags("CZ"); m.Assign(eax, m.Mem8(rax)); m.Assign(CZ, m.Cond(m.ISub(al, 0x78))); m.BranchIf(m.Test(ConditionCode.UGT, CZ), "ldefault"); m.Assign(ecx, m.Cast(PrimitiveType.Word32, al)); var xfer = new RtlGoto(m.Mem32(m.IAdd(Constant.Word32(0x00411F40), m.IMul(ecx, 8))), InstrClass.Transfer); var bw = new Backwalker<Block, Instruction>(host, xfer, expSimp); Assert.IsTrue(bw.CanBackwalk()); var ops = bw.BackWalk(m.Block); Assert.AreEqual(3, ops.Count); Assert.AreEqual("cmp 120", ops[0].ToString()); Assert.AreEqual("branch UGT", ops[1].ToString()); Assert.AreEqual("* 8", ops[2].ToString()); }
public void BwSignExtension() { var CVZNX = m.Flags("CVZNS"); var CVZN = m.Flags("CVZN"); var VZN = m.Flags("VZN"); var d1 = m.Reg32("d1", 1); var v80 = m.Temp(PrimitiveType.Word32, "v80"); var v82 = m.Temp(PrimitiveType.Word16, "v82"); m.Assign(v80, m.ISub(d1, 0x28)); m.Assign(CVZN, m.Cond(v80)); m.BranchIf(m.Test(ConditionCode.GT, VZN), "default_label"); m.Assign(d1, m.IAdd(d1, d1)); m.Assign(CVZNX, m.Cond(d1)); m.Assign(v82, m.Mem16(m.IAdd(m.Word32(0x001066A4), d1))); m.Assign(d1, m.Dpb(d1, v82, 0)); m.Assign(CVZN, m.Cond(v82)); var block = m.CurrentBlock; var xfer = new RtlGoto( m.IAdd( m.Word32(0x001066A2), m.Cast(PrimitiveType.Int32, m.Cast(PrimitiveType.Int16, d1))), RtlClass.Transfer); m.Label("default_case"); m.Return(); var bw = new Backwalker <Block, Instruction>(host, xfer, expSimp); Assert.IsTrue(bw.CanBackwalk()); var ops = bw.BackWalk(block); Assert.AreEqual(3, ops.Count); Assert.AreEqual("cmp 48", ops[0].ToString()); Assert.AreEqual("branch UGT", ops[1].ToString()); Assert.AreEqual("* 4", ops[2].ToString()); }
public void BwReg_00121() { var d0 = m.Reg32("d0", 0); var d3 = m.Reg32("d3", 3); var a5 = m.Reg32("a5", 5); var v38 = m.Temp(PrimitiveType.Word16, "v38"); var v39 = m.Temp(PrimitiveType.Byte, "v39"); var v40 = m.Temp(PrimitiveType.Word16, "v40"); var VZN = m.Flags("VZN"); var ZN = m.Flags("ZN"); var C = m.Flags("C"); var V = m.Flags("V"); var CVZN = m.Flags("CVZN"); var CVZNX = m.Flags("CVZNX"); m.Assign(d0, d3); m.Assign(CVZN, m.Cond(d0)); m.Assign(v38, m.And(m.Cast(PrimitiveType.Word16, d0), 0xF0)); m.Assign(d0, m.Dpb(d0, v38, 0)); m.Assign(ZN, m.Cond(v38)); m.Assign(C, false); m.Assign(V, false); m.Assign(v39, m.Shl(m.Cast(PrimitiveType.Byte, d0), 2)); m.Assign(d0, m.Dpb(d0, v39, 0)); m.Assign(CVZNX, m.Cond(v39)); m.Assign(v40, m.ISub(m.Cast(PrimitiveType.Word16, d0), 44)); m.Assign(CVZN, m.Cond(v40)); m.BranchIf(m.Test(ConditionCode.GT, VZN), "lDefault"); m.Assign(a5, m.Mem32(m.IAdd(Address.Ptr32(0x0000C046), d0))); var xfer = new RtlCall(a5, 4, RtlClass.Transfer); var bw = new Backwalker <Block, Instruction>(host, xfer, expSimp); Assert.IsTrue(bw.CanBackwalk()); Assert.AreEqual("a5", bw.Index.Name); bw.BackWalk(m.Block); Assert.AreEqual("v40", bw.IndexExpression.ToString()); }