public void Bwslc_x86_RegisterHack() { // In old x86 binaries we see this mechanism // for zero extending a register. arch = new Reko.Arch.X86.X86ArchitectureReal(sc, "x86-real-16", new Dictionary <string, object>()); var bl = binder.EnsureRegister(arch.GetRegister("bl")); var bh = binder.EnsureRegister(arch.GetRegister("bh")); var bx = binder.EnsureRegister(arch.GetRegister("bx")); var si = binder.EnsureRegister(arch.GetRegister("si")); var SCZO = binder.EnsureFlagGroup(arch.GetFlagGroup("SCZO")); var SZO = binder.EnsureFlagGroup(arch.GetFlagGroup("SZO")); var c = binder.EnsureFlagGroup(arch.GetFlagGroup("C")); var b = Given_Block(0x0100); Given_Instrs(b, m => { m.Assign(bl, m.Mem8(si)); }); Given_Instrs(b, m => { m.Assign(SCZO, m.Cond(m.ISub(bl, 2))); }); Given_Instrs(b, m => { m.Branch(new TestCondition(ConditionCode.UGT, SCZO), Address.Ptr16(0x120), InstrClass.ConditionalTransfer); }); var b2 = Given_Block(0x200); Given_Instrs(b2, m => { m.Assign(bh, m.Xor(bh, bh)); m.Assign(SCZO, new ConditionOf(bh)); }); Given_Instrs(b2, m => { m.Assign(bx, m.IAdd(bx, bx)); m.Assign(SCZO, new ConditionOf(bx)); }); Given_Instrs(b2, m => { m.Goto(m.Mem16(m.IAdd(bx, 0x8400))); }); graph.Nodes.Add(b); graph.Nodes.Add(b2); graph.AddEdge(b, b2); var bwslc = new BackwardSlicer(host, b, processorState); Assert.IsTrue(bwslc.Start(b2, 3, Target(b2))); // indirect jump Assert.IsTrue(bwslc.Step()); // assign flags Assert.IsTrue(bwslc.Step()); // add bx,bx Assert.IsTrue(bwslc.Step()); // assign flags Assert.IsTrue(bwslc.Step()); // xor high-byte of bx Assert.IsTrue(bwslc.Step()); // branch. Assert.IsFalse(bwslc.Step()); // cmp. Assert.AreEqual("Mem0[CONVERT(SLICE(bx, byte, 0), byte, word16) * 2<16> + 0x8400<16>:word16]", bwslc.JumpTableFormat.ToString()); Assert.AreEqual("1[0,2]", bwslc.JumpTableIndexInterval.ToString()); }
public void Setup() { m = new ProcedureBuilder(arch); binder = m.Frame; ax = binder.EnsureRegister(new RegisterStorage("ax", 0, 0, PrimitiveType.Word16)); bx = binder.EnsureRegister(new RegisterStorage("bx", 3, 0, PrimitiveType.Word16)); cx = binder.EnsureRegister(new RegisterStorage("cx", 1, 0, PrimitiveType.Word16)); dx = binder.EnsureRegister(new RegisterStorage("dx", 2, 0, PrimitiveType.Word16)); es = binder.EnsureRegister(new RegisterStorage("es", 14, 0, PrimitiveType.Word16)); SCZ = binder.EnsureFlagGroup(arch.GetFlagGroup("SCZ")); CF = binder.EnsureFlagGroup(arch.GetFlagGroup("C")); }
public void AddFlagGroupReturnValue(uint bitMask, IStorageBinder frame) { PrimitiveType dt = Bits.IsSingleBitSet(bitMask) ? PrimitiveType.Bool : PrimitiveType.Byte; var grf = arch.GetFlagGroup(bitMask); ret = frame.EnsureFlagGroup(grf.FlagRegister, bitMask, grf.Name, dt); }
public void AssignToFlag() { Identifier flag = null; RunBlockTest(m => { var flags = arch.GetFlagGroup(0x03).FlagRegister; flag = m.Frame.EnsureFlagGroup(flags, 0x3, "SZ", PrimitiveType.Byte); m.Assign(flag, 0x03); }); Assert.AreEqual(0x03, ctx.TrashedFlags); }
public void Bwslc_ClearingBits() { arch = new Reko.Arch.X86.X86ArchitectureReal(sc, "x86-real-16", new Dictionary <string, object>()); var eax = binder.EnsureRegister(arch.GetRegister("eax")); var edx = binder.EnsureRegister(arch.GetRegister("edx")); var dl = binder.EnsureRegister(arch.GetRegister("dl")); var C = binder.EnsureFlagGroup(arch.GetFlagGroup("C")); var SZO = binder.EnsureFlagGroup(arch.GetFlagGroup("SZO")); var SCZO = binder.EnsureFlagGroup(arch.GetFlagGroup("SCZO")); var b = Given_Block(0x001000000); Given_Instrs(b, m => { m.Assign(SCZO, m.Cond(m.ISub(eax, 3))); }); Given_Instrs(b, m => { m.Branch(m.Test(ConditionCode.UGT, C), Address.Ptr32(0x00100010), InstrClass.ConditionalTransfer); }); var b2 = Given_Block(0x001000008); Given_Instrs(b2, m => { m.Assign(edx, m.Xor(edx, edx)); m.Assign(SZO, m.Cond(edx)); m.Assign(C, Constant.False()); }); Given_Instrs(b2, m => { m.Assign(dl, m.Mem8(m.IAdd(eax, 0x00123500))); }); Given_Instrs(b2, m => { m.Goto(m.Mem32(m.IAdd(m.IMul(edx, 4), 0x00123400))); }); graph.Nodes.Add(b); graph.Nodes.Add(b2); graph.AddEdge(b, b2); graph.Nodes.Add(b); var bwslc = new BackwardSlicer(host, b2, processorState); Assert.IsTrue(bwslc.Start(b2, 3, Target(b2))); // indirect jump Assert.IsTrue(bwslc.Step()); // dl = ... Assert.IsTrue(bwslc.Step()); // edx = 0 Assert.IsTrue(bwslc.Step()); // branch ... Assert.IsTrue(bwslc.Step()); // SZCO = cond(eax - 3) Assert.IsTrue(bwslc.Step()); Assert.IsFalse(bwslc.Step()); Assert.AreEqual("Mem0[Mem0[eax + 0x123500<32>:byte] *32 4<32> + 0x123400<32>:word32]", bwslc.JumpTableFormat.ToString()); Assert.AreEqual("1[0,3]", bwslc.JumpTableIndexInterval.ToString()); }
public void Bwslc_SegmentedLoad() { arch = new Reko.Arch.X86.X86ArchitectureReal(sc, "x86-real-16", new Dictionary <string, object>()); var cx = binder.EnsureRegister(arch.GetRegister("cx")); var bx = binder.EnsureRegister(arch.GetRegister("bx")); var ds = binder.EnsureRegister(arch.GetRegister("ds")); var C = binder.EnsureFlagGroup(arch.GetFlagGroup("C")); var SZO = binder.EnsureFlagGroup(arch.GetFlagGroup("SZO")); var SCZO = binder.EnsureFlagGroup(arch.GetFlagGroup("SCZO")); var b = Given_Block(0x0C00, 0x0100); Given_Instrs(b, m => { m.Assign(SCZO, m.Cond(m.ISub(bx, 15))); }); Given_Instrs(b, m => { m.Branch(m.Test(ConditionCode.UGT, C), Address.SegPtr(0xC00, 0x200), InstrClass.ConditionalTransfer); }); var b2 = Given_Block(0x0C00, 0x0108); Given_Instrs(b2, m => { m.Assign(bx, m.IAdd(bx, bx)); m.Assign(SCZO, m.Cond(bx)); }); Given_Instrs(b2, m => { m.Goto(m.SegMem(PrimitiveType.Ptr32, ds, m.IAdd(bx, 34))); }); graph.Nodes.Add(b); graph.Nodes.Add(b2); graph.AddEdge(b, b2); graph.Nodes.Add(b); var bwslc = new BackwardSlicer(host, b2, processorState); Assert.IsTrue(bwslc.Start(b2, 0, Target(b2))); // indirect jump Assert.IsTrue(bwslc.Step()); Assert.IsTrue(bwslc.Step()); Assert.IsFalse(bwslc.Step()); Assert.AreEqual("Mem0[ds:bx * 2<16> + 0x22<16>:ptr32]", bwslc.JumpTableFormat.ToString()); Assert.AreEqual("1[0,F]", bwslc.JumpTableIndexInterval.ToString()); }
public Identifier Deserialize(FlagGroup_v1 flag) { var flags = arch.GetFlagGroup(flag.Name); return(frame.EnsureFlagGroup(flags.FlagRegister, flags.FlagGroupBits, flags.Name, flags.DataType)); }
private Identifier Cc(string name) { var cc = arch.GetFlagGroup(name); return(binder.EnsureFlagGroup(cc)); }
public void Bwslc_RepMovsd() { // Original i386 code: // shr ecx,02 // and edx,03 // cmp ecx,08 // jc 00002000 // rep movsd // jmp dword ptr[007862E8 + edx * 4] arch = new Reko.Arch.X86.X86ArchitectureReal(sc, "x86-real-16", new Dictionary <string, object>()); var ecx = binder.EnsureRegister(arch.GetRegister("ecx")); var edx = binder.EnsureRegister(arch.GetRegister("edx")); var esi = binder.EnsureRegister(arch.GetRegister("esi")); var edi = binder.EnsureRegister(arch.GetRegister("edi")); var C = binder.EnsureFlagGroup(arch.GetFlagGroup("C")); var SZO = binder.EnsureFlagGroup(arch.GetFlagGroup("SZO")); var SCZO = binder.EnsureFlagGroup(arch.GetFlagGroup("SCZO")); var tmp = binder.CreateTemporary(ecx.DataType); var b = Given_Block(0x1000); Given_Instrs(b, m => { m.Assign(ecx, m.Shr(ecx, 2)); m.Assign(SCZO, m.Cond(ecx)); }); Given_Instrs(b, m => { m.Assign(edx, m.And(edx, 3)); m.Assign(SZO, m.Cond(edx)); m.Assign(C, Constant.False()); }); Given_Instrs(b, m => { m.Assign(SCZO, m.Cond(m.ISub(ecx, 8))); }); Given_Instrs(b, m => { m.Branch(m.Test(ConditionCode.ULT, C), Address.Ptr32(0x2000), InstrClass.ConditionalTransfer); }); var b2 = Given_Block(0x1008); Given_Instrs(b2, m => { m.BranchInMiddleOfInstruction(m.Eq0(ecx), Address.Ptr32(0x1010), InstrClass.ConditionalTransfer); m.Assign(tmp, m.Mem32(esi)); m.Assign(m.Mem32(edi), tmp); m.Assign(esi, m.IAdd(esi, 4)); m.Assign(edi, m.IAdd(edi, 4)); m.Assign(ecx, m.ISub(ecx, 1)); m.Goto(Address.Ptr32(0x1008)); }); var b3 = Given_Block(0x1010); Given_Instrs(b3, m => { m.Goto(m.Mem32(m.IAdd(m.IMul(edx, 4), 0x00123400))); }); graph.Nodes.Add(b); graph.Nodes.Add(b2); graph.Nodes.Add(b3); graph.AddEdge(b, b2); graph.AddEdge(b2, b3); graph.AddEdge(b2, b2); var bwslc = new BackwardSlicer(host, b3, processorState); Assert.IsTrue(bwslc.Start(b3, -1, Target(b3))); // indirect jump Assert.IsTrue(bwslc.Step()); Assert.IsTrue(bwslc.Step()); Assert.IsTrue(bwslc.Step()); Assert.IsTrue(bwslc.Step()); Assert.IsTrue(bwslc.Step()); Assert.IsTrue(bwslc.Step()); Assert.IsTrue(bwslc.Step()); Assert.IsTrue(bwslc.Step()); Assert.IsTrue(bwslc.Step()); Assert.IsTrue(bwslc.Step()); Assert.IsTrue(bwslc.Step()); Assert.False(bwslc.Step()); // edx &= 3 Assert.AreEqual("Mem0[(edx & 3<32>) * 4<32> + 0x123400<32>:word32]", bwslc.JumpTableFormat.ToString()); Assert.AreEqual("1[0,3]", bwslc.JumpTableIndexInterval.ToString()); }
public void AddFlagGroupReturnValue(KeyValuePair <RegisterStorage, uint> bits, IStorageBinder binder) { var grf = arch.GetFlagGroup(bits.Key, bits.Value); ret = binder.EnsureFlagGroup(grf); }