public void Bwslc_x86_RegisterHack()
{
// In old x86 binaries we see this mechanism
// for zero extending a register.
arch = new Reko.Arch.X86.X86ArchitectureReal(sc, "x86-real-16", new Dictionary <string, object>());
var bl = binder.EnsureRegister(arch.GetRegister("bl"));
var bh = binder.EnsureRegister(arch.GetRegister("bh"));
var bx = binder.EnsureRegister(arch.GetRegister("bx"));
var si = binder.EnsureRegister(arch.GetRegister("si"));
var SCZO = binder.EnsureFlagGroup(arch.GetFlagGroup("SCZO"));
var SZO = binder.EnsureFlagGroup(arch.GetFlagGroup("SZO"));
var c = binder.EnsureFlagGroup(arch.GetFlagGroup("C"));
var b = Given_Block(0x0100);
Given_Instrs(b, m =>
{
m.Assign(bl, m.Mem8(si));
});
Given_Instrs(b, m =>
{
m.Assign(SCZO, m.Cond(m.ISub(bl, 2)));
});
Given_Instrs(b, m => {
m.Branch(new TestCondition(ConditionCode.UGT, SCZO), Address.Ptr16(0x120), InstrClass.ConditionalTransfer);
});
var b2 = Given_Block(0x200);
Given_Instrs(b2, m =>
{
m.Assign(bh, m.Xor(bh, bh));
m.Assign(SCZO, new ConditionOf(bh));
});
Given_Instrs(b2, m =>
{
m.Assign(bx, m.IAdd(bx, bx));
m.Assign(SCZO, new ConditionOf(bx));
});
Given_Instrs(b2, m => {
m.Goto(m.Mem16(m.IAdd(bx, 0x8400)));
});
graph.Nodes.Add(b);
graph.Nodes.Add(b2);
graph.AddEdge(b, b2);
var bwslc = new BackwardSlicer(host, b, processorState);
Assert.IsTrue(bwslc.Start(b2, 3, Target(b2))); // indirect jump
Assert.IsTrue(bwslc.Step()); // assign flags
Assert.IsTrue(bwslc.Step()); // add bx,bx
Assert.IsTrue(bwslc.Step()); // assign flags
Assert.IsTrue(bwslc.Step()); // xor high-byte of bx
Assert.IsTrue(bwslc.Step()); // branch.
Assert.IsFalse(bwslc.Step()); // cmp.
Assert.AreEqual("Mem0[CONVERT(SLICE(bx, byte, 0), byte, word16) * 2<16> + 0x8400<16>:word16]", bwslc.JumpTableFormat.ToString());
Assert.AreEqual("1[0,2]", bwslc.JumpTableIndexInterval.ToString());
}
public void Setup()
{
m = new ProcedureBuilder(arch);
binder = m.Frame;
ax = binder.EnsureRegister(new RegisterStorage("ax", 0, 0, PrimitiveType.Word16));
bx = binder.EnsureRegister(new RegisterStorage("bx", 3, 0, PrimitiveType.Word16));
cx = binder.EnsureRegister(new RegisterStorage("cx", 1, 0, PrimitiveType.Word16));
dx = binder.EnsureRegister(new RegisterStorage("dx", 2, 0, PrimitiveType.Word16));
es = binder.EnsureRegister(new RegisterStorage("es", 14, 0, PrimitiveType.Word16));
SCZ = binder.EnsureFlagGroup(arch.GetFlagGroup("SCZ"));
CF = binder.EnsureFlagGroup(arch.GetFlagGroup("C"));
}
public void AddFlagGroupReturnValue(uint bitMask, IStorageBinder frame)
{
PrimitiveType dt = Bits.IsSingleBitSet(bitMask) ? PrimitiveType.Bool : PrimitiveType.Byte;
var grf = arch.GetFlagGroup(bitMask);
ret = frame.EnsureFlagGroup(grf.FlagRegister, bitMask, grf.Name, dt);
}
public void AssignToFlag()
{
Identifier flag = null;
RunBlockTest(m =>
{
var flags = arch.GetFlagGroup(0x03).FlagRegister;
flag = m.Frame.EnsureFlagGroup(flags, 0x3, "SZ", PrimitiveType.Byte);
m.Assign(flag, 0x03);
});
Assert.AreEqual(0x03, ctx.TrashedFlags);
}
public void Bwslc_ClearingBits()
{
arch = new Reko.Arch.X86.X86ArchitectureReal(sc, "x86-real-16", new Dictionary <string, object>());
var eax = binder.EnsureRegister(arch.GetRegister("eax"));
var edx = binder.EnsureRegister(arch.GetRegister("edx"));
var dl = binder.EnsureRegister(arch.GetRegister("dl"));
var C = binder.EnsureFlagGroup(arch.GetFlagGroup("C"));
var SZO = binder.EnsureFlagGroup(arch.GetFlagGroup("SZO"));
var SCZO = binder.EnsureFlagGroup(arch.GetFlagGroup("SCZO"));
var b = Given_Block(0x001000000);
Given_Instrs(b, m => { m.Assign(SCZO, m.Cond(m.ISub(eax, 3))); });
Given_Instrs(b, m => { m.Branch(m.Test(ConditionCode.UGT, C), Address.Ptr32(0x00100010), InstrClass.ConditionalTransfer); });
var b2 = Given_Block(0x001000008);
Given_Instrs(b2, m => { m.Assign(edx, m.Xor(edx, edx)); m.Assign(SZO, m.Cond(edx)); m.Assign(C, Constant.False()); });
Given_Instrs(b2, m => { m.Assign(dl, m.Mem8(m.IAdd(eax, 0x00123500))); });
Given_Instrs(b2, m => { m.Goto(m.Mem32(m.IAdd(m.IMul(edx, 4), 0x00123400))); });
graph.Nodes.Add(b);
graph.Nodes.Add(b2);
graph.AddEdge(b, b2);
graph.Nodes.Add(b);
var bwslc = new BackwardSlicer(host, b2, processorState);
Assert.IsTrue(bwslc.Start(b2, 3, Target(b2))); // indirect jump
Assert.IsTrue(bwslc.Step()); // dl = ...
Assert.IsTrue(bwslc.Step()); // edx = 0
Assert.IsTrue(bwslc.Step()); // branch ...
Assert.IsTrue(bwslc.Step()); // SZCO = cond(eax - 3)
Assert.IsTrue(bwslc.Step());
Assert.IsFalse(bwslc.Step());
Assert.AreEqual("Mem0[Mem0[eax + 0x123500<32>:byte] *32 4<32> + 0x123400<32>:word32]", bwslc.JumpTableFormat.ToString());
Assert.AreEqual("1[0,3]", bwslc.JumpTableIndexInterval.ToString());
}
public void Bwslc_SegmentedLoad()
{
arch = new Reko.Arch.X86.X86ArchitectureReal(sc, "x86-real-16", new Dictionary <string, object>());
var cx = binder.EnsureRegister(arch.GetRegister("cx"));
var bx = binder.EnsureRegister(arch.GetRegister("bx"));
var ds = binder.EnsureRegister(arch.GetRegister("ds"));
var C = binder.EnsureFlagGroup(arch.GetFlagGroup("C"));
var SZO = binder.EnsureFlagGroup(arch.GetFlagGroup("SZO"));
var SCZO = binder.EnsureFlagGroup(arch.GetFlagGroup("SCZO"));
var b = Given_Block(0x0C00, 0x0100);
Given_Instrs(b, m => { m.Assign(SCZO, m.Cond(m.ISub(bx, 15))); });
Given_Instrs(b, m => { m.Branch(m.Test(ConditionCode.UGT, C), Address.SegPtr(0xC00, 0x200), InstrClass.ConditionalTransfer); });
var b2 = Given_Block(0x0C00, 0x0108);
Given_Instrs(b2, m => { m.Assign(bx, m.IAdd(bx, bx)); m.Assign(SCZO, m.Cond(bx)); });
Given_Instrs(b2, m => { m.Goto(m.SegMem(PrimitiveType.Ptr32, ds, m.IAdd(bx, 34))); });
graph.Nodes.Add(b);
graph.Nodes.Add(b2);
graph.AddEdge(b, b2);
graph.Nodes.Add(b);
var bwslc = new BackwardSlicer(host, b2, processorState);
Assert.IsTrue(bwslc.Start(b2, 0, Target(b2))); // indirect jump
Assert.IsTrue(bwslc.Step());
Assert.IsTrue(bwslc.Step());
Assert.IsFalse(bwslc.Step());
Assert.AreEqual("Mem0[ds:bx * 2<16> + 0x22<16>:ptr32]", bwslc.JumpTableFormat.ToString());
Assert.AreEqual("1[0,F]", bwslc.JumpTableIndexInterval.ToString());
}
public Identifier Deserialize(FlagGroup_v1 flag)
{
var flags = arch.GetFlagGroup(flag.Name);
return(frame.EnsureFlagGroup(flags.FlagRegister, flags.FlagGroupBits, flags.Name, flags.DataType));
}
private Identifier Cc(string name)
{
var cc = arch.GetFlagGroup(name);
return(binder.EnsureFlagGroup(cc));
}
public void Bwslc_RepMovsd()
{
// Original i386 code:
// shr ecx,02
// and edx,03
// cmp ecx,08
// jc 00002000
// rep movsd
// jmp dword ptr[007862E8 + edx * 4]
arch = new Reko.Arch.X86.X86ArchitectureReal(sc, "x86-real-16", new Dictionary <string, object>());
var ecx = binder.EnsureRegister(arch.GetRegister("ecx"));
var edx = binder.EnsureRegister(arch.GetRegister("edx"));
var esi = binder.EnsureRegister(arch.GetRegister("esi"));
var edi = binder.EnsureRegister(arch.GetRegister("edi"));
var C = binder.EnsureFlagGroup(arch.GetFlagGroup("C"));
var SZO = binder.EnsureFlagGroup(arch.GetFlagGroup("SZO"));
var SCZO = binder.EnsureFlagGroup(arch.GetFlagGroup("SCZO"));
var tmp = binder.CreateTemporary(ecx.DataType);
var b = Given_Block(0x1000);
Given_Instrs(b, m => { m.Assign(ecx, m.Shr(ecx, 2)); m.Assign(SCZO, m.Cond(ecx)); });
Given_Instrs(b, m => { m.Assign(edx, m.And(edx, 3)); m.Assign(SZO, m.Cond(edx)); m.Assign(C, Constant.False()); });
Given_Instrs(b, m => { m.Assign(SCZO, m.Cond(m.ISub(ecx, 8))); });
Given_Instrs(b, m => { m.Branch(m.Test(ConditionCode.ULT, C), Address.Ptr32(0x2000), InstrClass.ConditionalTransfer); });
var b2 = Given_Block(0x1008);
Given_Instrs(b2, m => {
m.BranchInMiddleOfInstruction(m.Eq0(ecx), Address.Ptr32(0x1010), InstrClass.ConditionalTransfer);
m.Assign(tmp, m.Mem32(esi));
m.Assign(m.Mem32(edi), tmp);
m.Assign(esi, m.IAdd(esi, 4));
m.Assign(edi, m.IAdd(edi, 4));
m.Assign(ecx, m.ISub(ecx, 1));
m.Goto(Address.Ptr32(0x1008));
});
var b3 = Given_Block(0x1010);
Given_Instrs(b3, m => {
m.Goto(m.Mem32(m.IAdd(m.IMul(edx, 4), 0x00123400)));
});
graph.Nodes.Add(b);
graph.Nodes.Add(b2);
graph.Nodes.Add(b3);
graph.AddEdge(b, b2);
graph.AddEdge(b2, b3);
graph.AddEdge(b2, b2);
var bwslc = new BackwardSlicer(host, b3, processorState);
Assert.IsTrue(bwslc.Start(b3, -1, Target(b3))); // indirect jump
Assert.IsTrue(bwslc.Step());
Assert.IsTrue(bwslc.Step());
Assert.IsTrue(bwslc.Step());
Assert.IsTrue(bwslc.Step());
Assert.IsTrue(bwslc.Step());
Assert.IsTrue(bwslc.Step());
Assert.IsTrue(bwslc.Step());
Assert.IsTrue(bwslc.Step());
Assert.IsTrue(bwslc.Step());
Assert.IsTrue(bwslc.Step());
Assert.IsTrue(bwslc.Step());
Assert.False(bwslc.Step()); // edx &= 3
Assert.AreEqual("Mem0[(edx & 3<32>) * 4<32> + 0x123400<32>:word32]", bwslc.JumpTableFormat.ToString());
Assert.AreEqual("1[0,3]", bwslc.JumpTableIndexInterval.ToString());
}
public void AddFlagGroupReturnValue(KeyValuePair <RegisterStorage, uint> bits, IStorageBinder binder)
{
var grf = arch.GetFlagGroup(bits.Key, bits.Value);
ret = binder.EnsureFlagGroup(grf);
}
