public void BwLoadDirect()
{
var r1 = m.Reg32("r1", 1);
m.Assign(r1, m.Mem32(Constant.Word32(0x00123400)));
var xfer = new RtlGoto(m.Mem32(m.IAdd(Constant.Word32(0x00113300), m.IMul(r1, 8))), InstrClass.Transfer);
var bw = new Backwalker <Block, Instruction>(host, xfer, expSimp);
Assert.IsTrue(bw.CanBackwalk());
var ops = bw.BackWalk(m.Block);
Assert.IsNull(ops, "Should have reported missing guard.");
}
public void StrAnls_NestedWhile()
{
var r1 = m.Reg32("r1", 1);
var r2 = m.Reg32("r2", 2);
m.Label("head1");
m.BranchIf(m.Ge(r1, 4), "done1");
m.Label("body1");
m.Declare(r2, m.Word32(0));
m.Label("head2");
m.BranchIf(m.Ge(r2, 4), "done2");
m.Label("body2");
m.Store(m.IAdd(
m.Word32(0x1232100),
m.IAdd(
m.IMul(r1, 4),
r2)),
m.Byte(0));
m.Assign(r2, m.IAdd(r2, 1));
m.Goto("head2");
m.Label("done2");
m.Assign(r1, m.IAdd(r1, 1));
m.Goto("head1");
m.Label("done1");
m.Return();
var sExp =
#region Expected
@" while (r1 < 0x04)
{
word32 r2 = 0x00;
while (r2 < 0x04)
{
Mem0[0x01232100 + (r1 * 0x04 + r2):byte] = 0x00;
r2 = r2 + 0x01;
}
r1 = r1 + 0x01;
}
return;
";
#endregion
RunTest(sExp, m.Procedure);
}
public void EnSegAccessArray()
{
Identifier bx = m.Local16("bx");
Identifier ds = m.Local(PrimitiveType.SegmentSelector, "ds");
Expression e = m.SegMem(PrimitiveType.Int32, ds, m.IAdd(m.IMul(bx, 2), 0x42));
Assert.AreEqual("Mem0[ds:bx * 0x0002 + 0x0042:int32]", e.ToString());
e = e.Accept(aen);
Assert.AreEqual("SEQ(ds, 0x0042)[bx * 0x0002]", e.ToString());
}
public void TrcoMultiplication()
{
var program = CreateProgram();
var m = new ProcedureBuilder();
var id = m.Local32("id");
var e = m.IMul(id, id);
coll = CreateCollector(program);
e = e.Accept(en);
e.Accept(eqb);
e.Accept(coll);
Verify(null, "Typing/TrcoMultiplication.txt");
}
public void BwSwitch32()
{
// samples of switch statement emitted
// by the Microsoft VC compiler
var esp = m.Frame.EnsureRegister(Registers.esp);
var eax = m.Frame.EnsureRegister(Registers.eax);
var edx = m.Frame.EnsureRegister(Registers.edx);
var dl = m.Frame.EnsureRegister(Registers.dl);
var SCZO = m.Frame.EnsureFlagGroup(Registers.eflags, (uint)(FlagM.SF | FlagM.CF | FlagM.ZF | FlagM.OF), "SCZO", PrimitiveType.Byte);
//m.Proc("foo");
//m.Mov(m.eax, m.MemDw(Registers.esp, 4));
//m.Cmp(m.eax, 3);
//m.Ja("default");
var block0 = m.CurrentBlock;
m.Assign(eax, m.Mem32(m.IAdd(esp, 4)));
m.Assign(SCZO, new ConditionOf(m.ISub(eax, 3)));
m.BranchIf(new TestCondition(ConditionCode.UGT, SCZO), "default");
//m.Xor(m.edx, m.edx);
//m.Mov(m.dl, m.MemB(Registers.eax, "bytes"));
//m.Jmp(m.MemDw(Registers.edx, 4, "jumps"));
var block1 = m.CurrentBlock;
m.Assign(edx, m.Xor(edx, edx));
m.Assign(SCZO, new ConditionOf(edx));
m.Assign(dl, m.Mem8(m.IAdd(eax, 0x10000)));
//m.Label("bytes");
//m.Db(01, 0, 01, 02);
//m.Label("jumps");
//m.Dd("jump0", "jump1", "jump2");
//m.Label("jump0");
//m.Assign(eax, 0);
//m.Jump("done");
//m.Label("jump1");
//m.Assign(eax, 1);
//m.Jump("done");
//m.Label("jump2");
//m.Assign(eax, 2);
//m.Jump("done");
//m.Label("default");
//m.Assign(eax, 01);
//m.Label("done");
//m.Store(new Constant(0x012310), eax);
//m.Return();
//m.Label("dummy");
//m.Dd(0);
RunTest(new X86ArchitectureFlat32(sc, "x86-protected-32", new Dictionary <string, object>()),
new RtlGoto(m.Mem32(m.IAdd(m.IMul(edx, 4), 0x10010)), InstrClass.Transfer),
"Scanning/BwSwitch32.txt");
}
public void DtbArrayAccess2()
{
ProcedureBuilder m = new ProcedureBuilder();
Identifier ds = m.Local(PrimitiveType.SegmentSelector, "ds");
Identifier bx = m.Local16("bx");
Expression e = m.Array(PrimitiveType.Word32, m.Seq(ds, m.Word16(0x300)), m.IMul(bx, 8));
e.Accept(eqb);
TraitCollector coll = new TraitCollector(factory, store, dtb, program);
e.Accept(coll);
Verify("Typing/DtbArrayAccess2.txt");
}
public void TrcoArrayAccess()
{
ProcedureBuilder m = new ProcedureBuilder();
Identifier ds = m.Local(PrimitiveType.SegmentSelector, "ds");
Identifier bx = m.Local16("bx");
Expression e = m.Array(PrimitiveType.Word32, m.Seq(ds, m.Word16(0x300)), m.IMul(bx, 8));
coll = CreateCollector();
e.Accept(eqb);
e.Accept(coll);
StringWriter sb = new StringWriter();
handler.Traits.Write(sb);
string sExp =
"T_1 (in ds : selector)" + nl +
"\ttrait_primitive(selector)" + nl +
"\ttrait_mem_array(300, 8, 0, T_7)" + nl +
"T_2 (in 0x0300 : word16)" + nl +
" trait_primitive(word16)"+ nl +
"T_3 (in SEQ(ds, 0x0300) : ptr32)" + nl +
" trait_primitive(ptr32)"+ nl +
"T_4 (in bx : word16)" + nl +
" trait_primitive(word16)"+ nl +
" trait_primitive(ui16)"+ nl +
"T_5 (in 0x0008 : word16)" + nl +
" trait_primitive(word16)"+ nl +
" trait_primitive(ui16)"+ nl +
"T_6 (in bx * 0x0008 : word16)" + nl +
" trait_primitive(ui16)"+ nl +
"T_7 (in SEQ(ds, 0x0300)[bx * 0x0008] : word32)" + nl +
" trait_primitive(word32)"+ nl;
Assert.AreEqual(sExp, sb.ToString());
}
public void Exs_MulMul()
{
Given_ExpressionSimplifier();
var(expr, _) = m.IMul(m.IMul(foo, 2), 2).Accept(simplifier);
Assert.AreEqual("foo_1 * 4<32>", expr.ToString());
}
