public void VpDbpDbp() { var m = new ProcedureBuilder(); var d1 = m.Reg32("d32", 0); var a1 = m.Reg32("a32", 1); var tmp = m.Frame.CreateTemporary(PrimitiveType.Word16); m.Assign(d1, m.Dpb(d1, m.LoadW(a1), 0)); m.Assign(d1, m.Dpb(d1, m.LoadW(m.IAdd(a1, 4)), 0)); Procedure proc = m.Procedure; var gr = proc.CreateBlockDominatorGraph(); var importResolver = MockRepository.GenerateStub <IImportResolver>(); importResolver.Replay(); var sst = new SsaTransform(new ProgramDataFlow(), proc, importResolver, gr); var ssa = sst.SsaState; var vp = new ValuePropagator(arch, ssa.Identifiers, proc); vp.Transform(); using (FileUnitTester fut = new FileUnitTester("Analysis/VpDpbDpb.txt")) { proc.Write(false, fut.TextWriter); fut.TextWriter.WriteLine(); fut.AssertFilesEqual(); } }
public void BwSwitch16() { var sp = m.Frame.EnsureRegister(Registers.sp); var cs = m.Frame.EnsureRegister(Registers.cs); var ds = m.Frame.EnsureRegister(Registers.ds); var bl = m.Frame.EnsureRegister(Registers.bl); var bh = m.Frame.EnsureRegister(Registers.bh); var bx = m.Frame.EnsureRegister(Registers.bx); var si = m.Frame.EnsureRegister(Registers.si); m.Assign(sp, m.ISub(sp, 2)); m.Store(sp, cs); m.Assign(ds, m.LoadW(sp)); m.Assign(sp, m.IAdd(sp, 2)); m.Assign(bl, m.LoadB(si)); m.Assign(SCZO, new ConditionOf(m.ISub(bl, 2))); m.BranchIf(new TestCondition(ConditionCode.UGT, SCZO), "grox"); m.Assign(bh, m.Xor(bh, bh)); m.Assign(SCZO, new ConditionOf(bh)); m.Assign(bx, m.IAdd(bx, bx)); m.Assign(SCZO, new ConditionOf(bx)); RunTest(new X86ArchitectureReal(), new RtlGoto(m.LoadW(m.IAdd(bx, 0x1234)), RtlClass.Transfer), "Scanning/BwSwitch16.txt"); }
public void VpDbpDbp() { var m = new ProcedureBuilder(); var d1 = m.Reg32("d32"); var a1 = m.Reg32("a32"); var tmp = m.Frame.CreateTemporary(PrimitiveType.Word16); m.Assign(d1, m.Dpb(d1, m.LoadW(a1), 0, 16)); m.Assign(d1, m.Dpb(d1, m.LoadW(m.IAdd(a1, 4)), 0, 16)); Procedure proc = m.Procedure; var gr = proc.CreateBlockDominatorGraph(); SsaTransform sst = new SsaTransform(new ProgramDataFlow(), proc, gr); SsaState ssa = sst.SsaState; ssa.DebugDump(true); var vp = new ValuePropagator(ssa.Identifiers, proc); vp.Transform(); using (FileUnitTester fut = new FileUnitTester("Analysis/VpDpbDpb.txt")) { proc.Write(false, fut.TextWriter); fut.TextWriter.WriteLine(); fut.AssertFilesEqual(); } }
public void Mem_Valid() { var id = m.Register(3); var e = m.LoadW(id); ctx.Expect(c => c.GetValue(Arg <Identifier> .Is.Same(id))).Return(id); ctx.Replay(); var subst = new Substitutor(ctx); var e2 = e.Accept(subst); Assert.AreEqual("Mem0[r3:word16]", e2.ToString()); }
public void Match_AddRegMem() { var addAxMem = m.Assign(ax, m.IAdd(ax, m.LoadW(m.IAdd(bx, 0x300)))); var adcDxMem = m.Assign( dx, m.IAdd( m.IAdd( dx, m.LoadDw(m.IAdd(bx, 0x302))), CF)); var instr = CreateLongInstruction(addAxMem, adcDxMem); Assert.AreEqual("dx_ax = dx_ax + Mem0[bx + 0x0300:ui32]", instr.ToString()); }
public void TrfConstNonConst() { // Constant in one branch, not constant in other. p.Add("main", m => { var ax = m.Frame.EnsureRegister(Registers.ax); var cl = m.Frame.EnsureRegister(Registers.cl); var cx = m.Frame.EnsureRegister(Registers.cx); m.BranchIf(m.Eq0(ax), "zero"); m.Assign(cl, 0); m.Return(); m.Label("zero"); m.Assign(cx, m.LoadW(ax)); m.Return(); }); var sExp = @"main ax cx al cl ah ch const ax:0x0000 cx:<invalid> main_entry:esp:fp "; RunTest(p, sExp); }
public void VpLoadDpbSmallerCast() { var m = new ProcedureBuilder(); var a2 = m.Reg32("a2", 10); var d3 = m.Reg32("d3", 3); var tmp = m.Temp(PrimitiveType.Word16, "tmp"); m.Assign(tmp, m.LoadW(a2)); m.Assign(d3, m.Dpb(d3, tmp, 0)); m.Store(m.IAdd(a2, 4), m.Cast(PrimitiveType.Byte, d3)); SsaState ssa = RunTest(m); var sExp = #region Expected @"a2:a2 def: def a2 uses: tmp_2 = Mem0[a2:word16] Mem5[a2 + 0x00000004:byte] = (byte) tmp_2 Mem0:Global memory def: def Mem0 uses: tmp_2 = Mem0[a2:word16] tmp_2: orig: tmp def: tmp_2 = Mem0[a2:word16] uses: d3_4 = DPB(d3, tmp_2, 0) Mem5[a2 + 0x00000004:byte] = (byte) tmp_2 d3:d3 def: def d3 uses: d3_4 = DPB(d3, tmp_2, 0) d3_4: orig: d3 def: d3_4 = DPB(d3, tmp_2, 0) Mem5: orig: Mem0 def: Mem5[a2 + 0x00000004:byte] = (byte) tmp_2 // ProcedureBuilder // Return size: 0 void ProcedureBuilder() ProcedureBuilder_entry: def a2 def Mem0 def d3 // succ: l1 l1: tmp_2 = Mem0[a2:word16] d3_4 = DPB(d3, tmp_2, 0) Mem5[a2 + 0x00000004:byte] = (byte) tmp_2 ProcedureBuilder_exit: "; #endregion AssertStringsEqual(sExp, ssa); }
public void Pdg_InfiniteLoop() { ProcedureBuilder m = new ProcedureBuilder(); m.Label("Infinity"); m.BranchIf(m.Eq(m.LoadW(m.Word16(0x1234)), 0), "hop"); m.SideEffect(m.Fn("foo")); m.Label("hop"); m.BranchIf(m.Eq(m.LoadW(m.Word16(0x5123)), 1), "Infinity"); m.SideEffect(m.Fn("bar")); m.Jump("Infinity"); m.Return(); FindPostDominators(m); string sExp = "hop (4): idom ProcedureBuilder_exit (6)" + nl + "Infinity (2): idom hop (4)" + nl + "l1 (3): idom hop (4)" + nl + "l2 (5): idom ProcedureBuilder_exit (6)" + nl + "ProcedureBuilder_entry (1): idom Infinity (2)" + nl + "ProcedureBuilder_exit (6): idom " + nl; Assert.AreEqual(sExp, sw.ToString()); }
public void VpIndirectCall() { var callee = CreateExternalProcedure("foo", RegArg(1, "r1"), StackArg(4), StackArg(8)); var pc = new ProcedureConstant(PrimitiveType.Pointer32, callee); var m = new ProcedureBuilder(); var r1 = m.Reg32("r1", 1); var sp = m.Frame.EnsureRegister(m.Architecture.StackRegister); m.Assign(r1, pc); m.Assign(sp, m.ISub(sp, 4)); m.Store(sp, m.Word32(3)); m.Assign(sp, m.ISub(sp, 4)); m.Store(sp, m.LoadW(m.Word32(0x1231230))); m.Call(r1, 4); m.Return(); arch.Stub(a => a.CreateStackAccess(null, 0, null)) .IgnoreArguments() .Do(new Func <IStorageBinder, int, DataType, Expression>((f, off, dt) => m.Load(dt, m.IAdd(sp, off)))); mr.ReplayAll(); var ssa = RunTest(m); var sExp = #region Expected @"r1_0: orig: r1 def: r1_0 = foo r63:r63 def: def r63 uses: r63_2 = r63 - 0x00000004 Mem3[r63 - 0x00000004:word32] = 0x00000003 r63_4 = r63 - 0x00000008 Mem5[r63 - 0x00000008:word16] = Mem3[0x01231230:word16] r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32]) r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32]) r63_2: orig: r63 def: r63_2 = r63 - 0x00000004 Mem3: orig: Mem0 def: Mem3[r63 - 0x00000004:word32] = 0x00000003 uses: Mem5[r63 - 0x00000008:word16] = Mem3[0x01231230:word16] r63_4: orig: r63 def: r63_4 = r63 - 0x00000008 Mem5: orig: Mem0 def: Mem5[r63 - 0x00000008:word16] = Mem3[0x01231230:word16] r1_6: orig: r1 def: r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32]) r63_7: orig: r63 Mem8: orig: Mem0 uses: r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32]) Mem9: orig: Mem0 uses: r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32]) // ProcedureBuilder // Return size: 0 void ProcedureBuilder() ProcedureBuilder_entry: def r63 // succ: l1 l1: r1_0 = foo r63_2 = r63 - 0x00000004 Mem3[r63 - 0x00000004:word32] = 0x00000003 r63_4 = r63 - 0x00000008 Mem5[r63 - 0x00000008:word16] = Mem3[0x01231230:word16] r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32]) return // succ: ProcedureBuilder_exit ProcedureBuilder_exit: "; #endregion AssertStringsEqual(sExp, ssa); }