public void BwIndexInMemoryAddress()
{
// samples of switch statement emitted
// by the Microsoft VC compiler
var ebp = m.Frame.EnsureRegister(Registers.ebp);
var eax = m.Frame.EnsureRegister(Registers.eax);
var edx = m.Frame.EnsureRegister(Registers.edx);
// cmp [ebp-66],1D
m.Assign(SCZO, m.Cond(m.ISub(m.Mem32(m.ISub(ebp, 0xC4)), 0x1D)));
var block0 = m.CurrentBlock;
m.BranchIf(new TestCondition(ConditionCode.UGT, SCZO), "default");
// mov edx,[ebp-66]
// movzx eax,byte ptr [edx + 0x10000]
// jmp [eax + 0x12000]
m.Assign(edx, m.Mem32(m.ISub(ebp, 0xC4)));
m.Assign(eax, m.Convert(m.Mem8(m.IAdd(edx, 0x10000)), PrimitiveType.Byte, PrimitiveType.Word32));
var xfer = new RtlGoto(m.Mem32(m.IAdd(eax, 0x12000)), InstrClass.Transfer);
var block1 = m.CurrentBlock;
var bw = new Backwalker <Block, Instruction>(host, xfer, expSimp);
var ret = bw.BackwalkInstructions(Registers.eax, block1);
Assert.AreEqual("None", bw.Index.ToString());
Assert.AreEqual("Mem0[ebp - 0xC4<32>:word32]", bw.IndexExpression.ToString());
Assert.AreEqual(4, bw.JumpSize);
Assert.IsTrue(ret);
ret = bw.BackwalkInstructions(null, block0);
}
public void Rl_FlagGroup_keep_cond_alive()
{
var grf = f.EnsureFlagGroup(program.Architecture.GetFlagGroup(0x7));
var edx = f.EnsureRegister(Registers.edx);
rl.IdentifierLiveness.Grf = 0x7;
// grf is live, forcing the cond(edx) to be live as well
m.Assign(grf, m.Cond(edx)).Accept(rl);
Assert.AreEqual(" edx", Dump(rl.IdentifierLiveness));
}
public void ConditionOf_Valid()
{
var id = m.Register(3);
var e = m.Cond(id);
ctx.Setup(c => c.GetValue(id)).Returns(id);
var subst = new Substitutor(ctx.Object);
var e2 = e.Accept(subst);
Assert.AreEqual("cond(r3)", e2.ToString());
}
public void ConditionOf_Valid()
{
var id = m.Register(3);
var e = m.Cond(id);
ctx.Expect(c => c.GetValue(Arg <Identifier> .Is.Same(id))).Return(id);
ctx.Replay();
var subst = new Substitutor(ctx);
var e2 = e.Accept(subst);
Assert.AreEqual("cond(r3)", e2.ToString());
}
public void FindCond()
{
m.Assign(ax, m.IAdd(ax, cx));
m.Assign(SCZ, m.Cond(ax));
var block = m.CurrentBlock;
m.Return();
var cm = rw.FindConditionOf(block.Statements, 0, ax);
Assert.AreEqual("SCZ", cm.FlagGroup.ToString());
Assert.AreEqual(1, cm.StatementIndex);
}
public void VpLoop()
{
var b = new ProgramBuilder();
b.Add("main", m =>
{
var r = m.Reg32("r0", 0);
var zf = m.Flags("Z");
m.Label("l0000");
m.Store(r, 0);
m.Assign(r, m.ISub(r, 4));
m.Assign(zf, m.Cond(r));
m.BranchCc(ConditionCode.NE, "l0000");
m.Label("l0001");
m.Assign(r, 42);
m.Label("l0002");
m.Store(r, 12);
m.Assign(r, m.ISub(r, 4));
m.BranchIf(m.Eq0(r), "l0002");
m.Return();
});
RunFileTest(b.BuildProgram(), "Analysis/VpLoop.txt");
}
public void CceSetnz()
{
Identifier r = Reg32("r");
Identifier Z = FlagGroup("Z");
Identifier f = Reg32("f");
Statement stmZ = new Statement(0, m.Assign(Z, m.Cond(m.ISub(r, 0))), null);
ssaIds[Z].DefStatement = stmZ;
Statement stmF = new Statement(0, m.Assign(f, m.Test(ConditionCode.NE, Z)), null);
ssaIds[f].DefStatement = stmF;
ssaIds[Z].Uses.Add(stmF);
Given_ConditionCodeEliminator();
cce.Transform();
Assert.AreEqual("f = r != 0x00000000", stmF.Instruction.ToString());
}
public void TrashFlagProcedure()
{
p.Add("main", m =>
{
var eax = m.Frame.EnsureRegister(Registers.eax);
m.Assign(eax, m.IAdd(eax, 4));
m.Assign(m.Flags("SZCO"), m.Cond(eax));
m.Return();
});
var sExp =
@"main SCZO eax ax al ah
const eax:<invalid>
main_entry esp:fp
l1 esp:fp
main_exit eax:eax + 0x00000004 esp:fp";
RunTest(p, sExp);
}
public void BwReg_00121()
{
var d0 = m.Reg32("d0", 0);
var d3 = m.Reg32("d3", 3);
var a5 = m.Reg32("a5", 5);
var v38 = m.Temp(PrimitiveType.Word16, "v38");
var v39 = m.Temp(PrimitiveType.Byte, "v39");
var v40 = m.Temp(PrimitiveType.Word16, "v40");
var VZN = m.Flags("VZN");
var ZN = m.Flags("ZN");
var C = m.Flags("C");
var V = m.Flags("V");
var CVZN = m.Flags("CVZN");
var CVZNX = m.Flags("CVZNX");
m.Assign(d0, d3);
m.Assign(CVZN, m.Cond(d0));
m.Assign(v38, m.And(m.Cast(PrimitiveType.Word16, d0), 0xF0));
m.Assign(d0, m.Dpb(d0, v38, 0));
m.Assign(ZN, m.Cond(v38));
m.Assign(C, false);
m.Assign(V, false);
m.Assign(v39, m.Shl(m.Cast(PrimitiveType.Byte, d0), 2));
m.Assign(d0, m.Dpb(d0, v39, 0));
m.Assign(CVZNX, m.Cond(v39));
m.Assign(v40, m.ISub(m.Cast(PrimitiveType.Word16, d0), 44));
m.Assign(CVZN, m.Cond(v40));
m.BranchIf(m.Test(ConditionCode.GT, VZN), "lDefault");
m.Assign(a5, m.LoadDw(m.IAdd(Address.Ptr32(0x0000C046), d0)));
var xfer = new RtlCall(a5, 4, RtlClass.Transfer);
var bw = new Backwalker(host, xfer, expSimp);
Assert.IsTrue(bw.CanBackwalk());
Assert.AreEqual("a5", bw.Index.Name);
bw.BackWalk(m.Block);
Assert.AreEqual("v40", bw.IndexExpression.ToString());
}
public void BwIndexInMemoryAddress()
{
// samples of switch statement emitted
// by the Microsoft VC compiler
var ebp = m.Frame.EnsureRegister(Registers.ebp);
var eax = m.Frame.EnsureRegister(Registers.eax);
var edx = m.Frame.EnsureRegister(Registers.edx);
var dl = m.Frame.EnsureRegister(Registers.dl);
var SCZO = m.Frame.EnsureFlagGroup((uint)(FlagM.SF | FlagM.CF | FlagM.ZF | FlagM.OF), "SCZO", PrimitiveType.Byte);
// cmp [ebp-66],1D
m.Assign(SCZO, m.Cond(m.ISub(m.LoadDw(m.ISub(ebp, 0xC4)), 0x1D)));
var block0 = m.CurrentBlock;
m.BranchIf(new TestCondition(ConditionCode.UGT, SCZO), "default");
// mov edx,[ebp-66]
// movzx eax,byte ptr [edx + 0x10000]
// jmp [eax + 0x12000]
m.Assign(edx, m.LoadDw(m.ISub(ebp, 0xC4)));
m.Assign(eax, m.Cast(PrimitiveType.Word32, m.LoadB(m.IAdd(edx, 0x10000))));
var block1 = m.CurrentBlock;
var bw = new Backwalker(host, new RtlGoto(m.LoadDw(m.IAdd(eax, 0x12000)), RtlClass.Transfer), expSimp);
var ret = bw.BackwalkInstructions(Registers.eax, block1);
Assert.AreEqual("None", bw.Index.ToString());
Assert.AreEqual("Mem0[ebp - 0x000000C4:word32]", bw.IndexExpression.ToString());
Assert.AreEqual(4, bw.JumpSize);
Assert.IsTrue(ret);
ret = bw.BackwalkInstructions(null, block0);
}
public void Larw_FindCond()
{
Block block = null;
RunTest(m =>
{
m.Assign(ax, m.IAdd(ax, cx));
m.Assign(SCZ, m.Cond(ax));
block = m.CurrentBlock;
m.Return();
});
var ax_3 = GetId("ax_3");
var cm = rw.FindConditionOf(block.Statements, 0, ax_3);
Assert.AreEqual("SCZ_4", cm.FlagGroup.ToString());
Assert.AreEqual("SCZ_4 = cond(ax_3)", cm.Statement.ToString());
}
public void StrAnls_r00237()
{
//byte fn0800_0541(byte al, selector ds)
var ds = m.Temp(PrimitiveType.SegmentSelector, "ds");
var cx_10 = m.Temp(PrimitiveType.Word16, "cx_10");
var si_12 = m.Temp(PrimitiveType.Word16, "si_12");
var ah_13 = m.Temp(PrimitiveType.Byte, "al_13");
var al_43 = m.Temp(PrimitiveType.Byte, "al_43");
var Z_26 = m.Temp(PrimitiveType.Byte, "Z_26");
m.Assign(cx_10, 20000);
m.Label("l0800_0544");
m.Assign(si_12, 0x8E8A);
m.Assign(ah_13, 0x00);
m.Label("l0800_054A");
m.Assign(si_12, m.IAdd(si_12, 0x01));
m.BranchIf(m.Eq0(m.SegMem8(ds, si_12)), "l0800_0557");
m.Label("l0800_054F");
m.Assign(ah_13, 0x01);
m.Assign(Z_26, m.Cond(m.ISub(si_12, m.SegMem16(ds, m.Word16(0x8F0B)))));
m.BranchIf(m.Ne(si_12, m.SegMem16(ds, m.Word16(0x8F0B))), "l0800_055F");
m.Label("l0800_0557");
m.Assign(Z_26, m.Cond(m.ISub(si_12, 0x8F0A)));
m.BranchIf(m.Eq(si_12, 0x8F0A), "l0800_055F");
m.Label("l0800_055D");
m.Goto("l0800_054A");
m.Label("l0800_055F");
m.BranchIf(Z_26, "l0800_0578");
m.Label("l0800_0561");
m.SegStore(ds, m.Word16(0x8F0B), si_12);
m.Assign(al_43, m.SegMem8(ds, m.ISub(si_12, 0x8E31)));
m.BranchIf(m.Eq0(al_43), "l0800_0576");
m.Label("l0800_0571");
m.BranchIf(m.Ge(al_43, 0x00), "l0800_0575");
m.Label("l0800_0573");
m.Assign(al_43, 0x00);
m.Label("l0800_0575");
m.Return(al_43);
m.Label("l0800_0576");
m.Goto("l0800_0583");
m.Label("l0800_0578");
m.BranchIf(m.Ne0(ah_13), "l0800_0583");
m.Label("l0800_057D");
m.SegStore(ds, m.Word16(0x8F0B), m.Byte(0));
m.Label("l0800_0583");
m.Assign(cx_10, m.ISub(cx_10, 0x01));
m.BranchIf(m.Ne0(cx_10), "l0800_0544");
m.Label("l0800_0585");
m.Return(m.Byte(0x00));
var sExp =
#region Expected
@" cx_10 = 20000;
do
{
si_12 = 0x8E8A;
al_13 = 0x00;
do
{
si_12 = si_12 + 0x01;
if (Mem0[ds:si_12:byte] != 0x00)
{
al_13 = 0x01;
Z_26 = cond(si_12 - Mem0[ds:0x8F0B:word16]);
if (si_12 != Mem0[ds:0x8F0B:word16])
break;
}
Z_26 = cond(si_12 - 0x8F0A);
} while (si_12 != 0x8F0A);
if (!Z_26)
{
Mem0[ds:0x8F0B:word16] = si_12;
al_43 = Mem0[ds:si_12 - 0x8E31:byte];
if (al_43 != 0x00)
{
if (al_43 < 0x00)
al_43 = 0x00;
return al_43;
}
}
else if (al_13 == 0x00)
Mem0[ds:0x8F0B:byte] = 0x00;
cx_10 = cx_10 - 0x01;
} while (cx_10 != 0x00);
return 0x00;
";
#endregion
RunTest(sExp, m.Procedure);
}
