public void WriteProcedure_Max()
{
var m = new ProcedureBuilder("proc");
var r1 = m.Register("r1");
var r2 = m.Register("r2");
var r3 = m.Register("r3");
m.BranchIf(m.Gt(r1, r2), "greaterthan");
m.Assign(r3,r2);
m.Assign(r2, r1);
m.Assign(r1, r3);
m.Label("greaterthan");
m.Return(r1);
hcf.Write(m.Procedure);
var sExp = @"void proc()<br />
{<br />
proc_entry:<br />
<span class=""kw"">goto</span> l1<br />
greaterthan:<br />
<span class=""kw"">return</span> r1<br />
l1:<br />
<span class=""kw"">branch</span> r1 > r2 greaterthan<br />
l2:<br />
r3 = r2<br />
r2 = r1<br />
r1 = r3<br />
<span class=""kw"">goto</span> greaterthan<br />
proc_exit:<br />
}<br />
";
Debug.Write(sb.ToString());
Assert.AreEqual(sExp, sb.ToString());
}
public void Test1()
{
var m = new ProcedureBuilder();
var id = m.Local32("id");
var x = m.Local32("x");
var stm = m.Assign(x, m.IAdd(m.SMul(id, 4), id));
}
private void RunTest(string sExp, Action<ProcedureBuilder> builder)
{
var pb = new ProcedureBuilder(this.pb.Program.Architecture);
builder(pb);
var proc = pb.Procedure;
var dg = new DominatorGraph<Block>(proc.ControlGraph, proc.EntryBlock);
// Perform the initial transformation
var ssa = new SsaTransform(programFlow, proc, dg);
// Propagate values and simplify the results.
// We hope the the sequence
// esp = fp - 4
// mov [esp-4],eax
// will become
// esp_2 = fp - 4
// mov [fp - 8],eax
var vp = new ValuePropagator(ssa.SsaState.Identifiers, proc);
vp.Transform();
ssa.RenameFrameAccesses = true;
ssa.AddUseInstructions = true;
ssa.Transform();
var writer = new StringWriter();
proc.Write(false, writer);
var sActual = writer.ToString();
if (sActual != sExp)
Debug.Print(sActual);
Assert.AreEqual(sExp, sActual);
}
private void RunBlockTest(Action<ProcedureBuilder> testBuilder)
{
var builder = new ProcedureBuilder();
testBuilder(builder);
var proc = builder.Procedure;
CreateSymbolicEvaluator(proc.Frame);
proc.ControlGraph.Successors(proc.EntryBlock).First().Statements.ForEach(x => se.Evaluate(x.Instruction));
}
protected Program CompileTest(Action<ProcedureBuilder> m)
{
var mock = new ProcedureBuilder();
m(mock);
var pmock = new ProgramBuilder();
pmock.Add(mock);
return pmock.BuildProgram();
}
public void Fstsw_Setup()
{
arch = new IntelArchitecture(ProcessorMode.Protected32);
asm = new X86Assembler(arch, Address.Ptr32(0x10000), new List<EntryPoint>());
Procedure proc = new Procedure("test", arch.CreateFrame());
orw = new OperandRewriter32(arch, proc.Frame, null);
emitter = new ProcedureBuilder();
}
protected virtual void RunTest(ProcedureBuilder pm)
{
ProcedureStructureBuilder g = new ProcedureStructureBuilder(pm.Procedure);
g.BuildNodes();
g.DefineEdges();
proc = g.CreateProcedureStructure();
g.SetTimeStamps();
}
private void CompileTest(ProcedureBuilder mock)
{
proc = mock.Procedure;
StructureAnalysis sa = new StructureAnalysis(mock.Procedure);
sa.BuildProcedureStructure();
sa.FindStructures();
curProc = sa.ProcedureStructure;
}
public void DeadFnReturn()
{
ProcedureBuilder m = new ProcedureBuilder("foo");
Identifier unused = m.Local32("unused");
m.Assign(unused, m.Fn("foo", Constant.Word32(1)));
m.Return();
RunTest(m, "Analysis/DeadFnReturn.txt");
}
public void Setup()
{
m = new ProcedureBuilder();
i = m.Local32("i");
c = m.Int32(16);
off = m.Int32(42);
r = m.Local32("r");
aem = new ArrayExpressionMatcher(PrimitiveType.Pointer32);
}
public Procedure Add(string procName, Action<ProcedureBuilder> testCodeBuilder)
{
var mock = new ProcedureBuilder(Program.Architecture, procName, null);
mock.ProgramMock = this;
mock.LinearAddress = (uint)((procCount + 1) * 0x1000);
testCodeBuilder(mock);
Add(mock.Procedure);
unresolvedProcedures.AddRange(mock.UnresolvedProcedures);
return mock.Procedure;
}
public void Setup()
{
arch = new IntelArchitecture(ProcessorMode.Protected32);
m = new ProcedureBuilder();
state = arch.CreateProcessorState();
expSimp = new ExpressionSimplifier(
new IntelArchitecture(ProcessorMode.Protected32).CreateProcessorState());
SCZO = m.Frame.EnsureFlagGroup((uint)(FlagM.SF | FlagM.CF | FlagM.ZF | FlagM.OF), "SCZO", PrimitiveType.Byte);
host = new BackwalkerHost();
}
public void Setup()
{
arch = new IntelArchitecture(ProcessorMode.Protected32);
m = new ProcedureBuilder(arch);
prog = new Program();
prog.Architecture = arch;
exit = new Procedure("exit", new Frame(PrimitiveType.Word32));
flow = new ProgramDataFlow();
p = new ProgramBuilder();
}
private Procedure RunTest(string sExp, string fnName, Action<ProcedureBuilder> builder)
{
var pb = new ProcedureBuilder(fnName);
return RunTest(sExp, pb.Architecture, () =>
{
builder(pb);
progBuilder.Add(pb);
return pb.Procedure;
});
}
public void SetUp()
{
m = new ProcedureBuilder();
id = m.Local32("id");
x = m.Local32("x");
ssaIds = new SsaIdentifierCollection();
foreach (Identifier i in m.Procedure.Frame.Identifiers)
{
ssaIds.Add(i, null, null, false);
}
}
public void BlockTerminates()
{
var m = new ProcedureBuilder();
m.Call(exit, 4);
var b = m.CurrentBlock;
m.Return();
var a = new TerminationAnalysis(flow);
flow[b] = CreateBlockFlow(b, m.Frame);
a.Analyze(b);
Assert.IsTrue(flow[b].TerminatesProcess);
}
private void RunTest(Action<ProcedureBuilder> m)
{
var builder = new ProcedureBuilder();
m(builder);
var ibdr = new IntraBlockDeadRegisters();
var block = builder.Procedure.EntryBlock.Succ[0];
ibdr.Apply(block);
var sw = new StringWriter();
block.WriteStatements(sw);
sw.Flush();
testResult = sw.ToString();
}
/// <summary>
/// Builds a strongly connected component corresponding to:
/// a1 = 0
/// a2 = phi(a1, a3)
/// while (a2 != 10)
/// {
/// a3 = a2 + 4
/// }
/// </summary>
private List<SsaIdentifier> BuildScc()
{
var m = new ProcedureBuilder("test");
Identifier a = new Identifier("a", PrimitiveType.Word32, null);
m.Label("b1");
m.Assign(a, Constant.Word32(0));
m.Label("b2");
m.Assign(a, m.IAdd(a, 4));
m.BranchIf(m.Ne(a, 10), "b2");
m.Label("b3");
m.Return();
this.dom = m.Procedure.CreateBlockDominatorGraph();
var ssa = new SsaTransform(new ProgramDataFlow(), m.Procedure, dom);
/*
proc = new Procedure("test", new Frame(PrimitiveType.Word32));
Block b1 = proc.AddBlock("b1");
Block b2 = proc.AddBlock("b2");
Identifier a2 = new Identifier("a2", PrimitiveType.Word32, null);
Identifier a3 = new Identifier("a3", PrimitiveType.Word32, null);
PhiFunction phi = new PhiFunction(a1.DataType, new Expression [] { a1, a3 });
Statement stm_a1 = new Statement(0, new Assignment(a1, Constant.Word32(0)), null);
Statement stm_a2 = new Statement(0, new PhiAssignment(a2, new PhiFunction(a1.DataType, a1, a3 )), null);
Statement stm_ex = new Statement(0, new Branch(new BinaryExpression(Operator.Ne, PrimitiveType.Bool, a2, Constant.Word32(10)), b2), null);
Statement stm_a3 = new Statement(0, new Assignment(a3, new BinaryExpression(Operator.IAdd, a3.DataType, a2, Constant.Word32(4))), null);
b1.Statements.Add(stm_a1);
b2.Statements.Add(stm_a2);
b2.Statements.Add(stm_a3);
SsaIdentifier sid_a1 = new SsaIdentifier(a1, a1, stm_a1, ((Assignment)stm_a1.Instruction).Src, false);
SsaIdentifier sid_a2 = new SsaIdentifier(a2, a2, stm_a2, ((PhiAssignment) stm_a2.Instruction).Src, false);
SsaIdentifier sid_a3 = new SsaIdentifier(a3, a3, stm_a3, ((Assignment) stm_a3.Instruction).Src, false);
sid_a1.Uses.Add(stm_a2);
ssaIds = new SsaIdentifierCollection();
ssaIds.Add(a1, sid_a1);
ssaIds.Add(a2, sid_a2);
ssaIds.Add(a3, sid_a3);
*/
ssaIds = ssa.SsaState.Identifiers;
List<SsaIdentifier> list = new List<SsaIdentifier> {
ssaIds.Where(i => i.Identifier.Name == "a_0").Single(),
ssaIds.Where(i => i.Identifier.Name == "a_1").Single(),
ssaIds.Where(i => i.Identifier.Name == "a_2").Single(),
};
return list;
}
public void Setup()
{
prog = new Program();
prog.Architecture = new IntelArchitecture(ProcessorMode.Protected32);
prog.Platform = new DefaultPlatform(null, prog.Architecture);
m = new ProcedureBuilder();
proc = m.Procedure;
f = proc.Frame;
mpprocflow = new ProgramDataFlow();
terminates = new HashSet<Procedure>();
rl = new RegisterLiveness(prog, mpprocflow, null);
rl.Procedure = proc;
rl.IdentifierLiveness.BitSet = prog.Architecture.CreateRegisterBitset();
}
public void Setup()
{
m = new ProcedureBuilder(arch);
frame = m.Frame;
ax = frame.EnsureRegister(new RegisterStorage("ax", 0, PrimitiveType.Word16));
bx = frame.EnsureRegister(new RegisterStorage("bx", 3, PrimitiveType.Word16));
cx = frame.EnsureRegister(new RegisterStorage("cx", 1, PrimitiveType.Word16));
dx = frame.EnsureRegister(new RegisterStorage("dx", 2, PrimitiveType.Word16));
SCZ = frame.EnsureFlagGroup(7, "SCZ", PrimitiveType.Byte);
CF = frame.EnsureFlagGroup(arch.CarryFlagMask, "C", PrimitiveType.Bool);
rw = new LongAddRewriter(m.Procedure, arch);
Procedure proc = new Procedure("test", frame);
block = new Block(proc, "bloke");
}
public void FindNoLoopInInterval()
{
ProcedureBuilder m = new ProcedureBuilder();
m.Return();
StructureNode node = new StructureNode(m.Procedure.ControlGraph.Blocks[1], 3);
node.Order = 0;
Interval interval = new Interval(1, node);
var nodesInInterval = interval.FindIntervalNodes(0);
SccLoopFinder finder = new SccLoopFinder(interval, nodesInInterval);
var loopNodes = finder.FindLoop();
Assert.AreEqual(0, loopNodes.Count);
}
public void BlockDoesntTerminate()
{
var m = new ProcedureBuilder();
m.Store(m.Word32(0x1231), m.Byte(0));
var b = m.Block;
m.Return();
var a = new TerminationAnalysis(flow);
prog = new Program
{
Architecture = new FakeArchitecture()
};
flow[b] = CreateBlockFlow(b, m.Frame);
a.Analyze(b);
Assert.IsFalse(flow[b].TerminatesProcess);
}
public void OutpReplaceSimple()
{
var m = new ProcedureBuilder();
var block = m.Label("block");
var foo = new Identifier("foo", PrimitiveType.Word32, null);
var pfoo = new Identifier("pfoo", PrimitiveType.Pointer32, null);
m.Assign(foo, 3);
var sid = new SsaIdentifier(foo, foo, m.Block.Statements.Last, null, false);
var ssaIds = new SsaIdentifierCollection { { foo, sid } };
var opt = new OutParameterTransformer(null, ssaIds);
opt.ReplaceDefinitionsWithOutParameter(foo, pfoo);
Assert.AreEqual("*pfoo = 0x00000003", m.Block.Statements[0].ToString());
}
private Procedure BuildSimpleLoop()
{
ProcedureBuilder m = new ProcedureBuilder();
Identifier p = m.Local32("p");
m.Assign(p, 0);
m.Label("loop");
m.BranchIf(m.Eq(p, 0x4000), "done");
m.Store(m.IAdd(p, 0x3000), m.Int32(0));
m.Assign(p, m.IAdd(p, 4));
m.Jump("loop");
m.Label("done");
m.Return();
return m.Procedure;
}
public void BlockCloner_CloneBlock()
{
var m = new ProcedureBuilder(arch, "fn1000");
var r1 = m.Register("r1");
var r2 = m.Register("r2");
var ass = m.Assign(r1, r2);
m.Return();
var block = m.Procedure.ControlGraph.Blocks[2];
m = new ProcedureBuilder(arch, "procCalling");
var blockCloner = new BlockCloner(block, m.Procedure, callgraph);
var blockNew = blockCloner.Execute();
var assNew = (Assignment) blockNew.Statements[0].Instruction;
Assert.AreNotSame(ass.Dst, assNew.Dst);
Assert.AreNotSame(ass.Src, assNew.Src);
}
private void RunTest(ProcedureBuilder mock, string outFilename)
{
Procedure proc = mock.Procedure;
using (FileUnitTester fut = new FileUnitTester(outFilename))
{
ControlFlowGraphCleaner cfgc = new ControlFlowGraphCleaner(proc);
cfgc.Transform();
proc.Write(false, fut.TextWriter);
fut.TextWriter.WriteLine();
StructureAnalysis sa = new StructureAnalysis(proc);
sa.Structure();
CodeFormatter fmt = new CodeFormatter(new TextFormatter(fut.TextWriter));
fmt.Write(proc);
fut.TextWriter.WriteLine("===========================");
fut.AssertFilesEqual();
}
}
public void DtbSequenceWithSegment()
{
ProcedureBuilder m = new ProcedureBuilder();
Identifier ds = m.Local16("ds");
ds.DataType = PrimitiveType.SegmentSelector;
m.SegStore(ds, m.Word16(0x0100), m.Seq(ds, m.Word16(0x1234)));
ProgramBuilder prog = new ProgramBuilder();
prog.Add(m);
RunTest(prog.BuildProgram(), "Typing/DtbSequenceWithSegment.txt");
}
public void DtbSignedCompare()
{
ProcedureBuilder m = new ProcedureBuilder();
Identifier p = m.Local32("p");
Identifier ds = m.Local16("ds");
ds.DataType = PrimitiveType.SegmentSelector;
Identifier ds2 = m.Local16("ds2");
ds.DataType = PrimitiveType.SegmentSelector;
m.Assign(ds2, ds);
m.Store(
m.SegMem(PrimitiveType.Bool, ds, m.Word16(0x5400)),
m.Lt(m.SegMemW(ds, m.Word16(0x5404)), m.Word16(20)));
m.Store(m.SegMemW(ds2, m.Word16(0x5404)), m.Word16(0));
ProgramBuilder prog = new ProgramBuilder();
prog.Add(m);
RunTest(prog.BuildProgram(), "Typing/DtbSignedCompare.txt");
}
public void DtbSegmentedDirectAddress()
{
ProcedureBuilder m = new ProcedureBuilder();
var arch = new Decompiler.Arch.X86.IntelArchitecture(Decompiler.Arch.X86.ProcessorMode.Real);
var prog = new Program
{
Architecture = arch,
Platform = new DefaultPlatform(null, arch)
};
store.EnsureExpressionTypeVariable(factory, prog.Globals);
Identifier ds = m.Local16("ds");
Expression e = m.SegMem(PrimitiveType.Byte, ds, m.Int16(0x0200));
TraitCollector coll = new TraitCollector(factory, store, dtb, prog);
e = e.Accept(aen);
e.Accept(eqb);
e.Accept(coll);
dtb.BuildEquivalenceClassDataTypes();
Verify("Typing/DtbSegmentedDirectAddress.txt");
}
public void DtbSegmentedAccess()
{
ProcedureBuilder m = new ProcedureBuilder();
Identifier ds = m.Local16("ds");
Identifier bx = m.Local16("bx");
Expression e = m.SegMem(bx.DataType, ds, m.IAdd(bx, 4));
var arch = new Decompiler.Arch.X86.IntelArchitecture(Decompiler.Arch.X86.ProcessorMode.Real);
Program prog = new Program
{
Architecture = arch,
Platform = new DefaultPlatform(null, arch),
};
TraitCollector trco = new TraitCollector(factory, store, dtb, prog);
e = e.Accept(aen);
e.Accept(eqb);
e.Accept(trco);
dtb.BuildEquivalenceClassDataTypes();
Verify("Typing/DtbSegmentedAccess.txt");
}
