public void PprMemberPointers() { ProgramBuilder mock = new ProgramBuilder(); ProcedureBuilder m = new ProcedureBuilder(); Identifier ds = m.Local(PrimitiveType.SegmentSelector, "ds"); m.SegStore(ds, m.Word32(7000), m.SegMemW(ds, m.SegMemW(ds, m.Word32(0x5321)))); mock.Add(m); RunTest(mock.BuildProgram(), "Typing/PprMemberPointers.txt"); }
public void PprMemberVars() { ProgramBuilder mock = new ProgramBuilder(); ProcedureBuilder p = new ProcedureBuilder(); Identifier cs = p.Frame.EnsureRegister(Registers.cs); p.Store(p.SegMemW(cs, p.Word32(0x0001)), Constant.Create(PrimitiveType.SegmentSelector, 0x0800)); mock.Add(p); RunTest(mock.BuildProgram(), "Typing/PprMemberVars.txt"); }
public void BlockDoesntTerminate() { var m = new ProcedureBuilder(); m.Store(m.Word32(0x1231), m.Byte(0)); var b = m.Block; m.Return(); var a = new TerminationAnalysis(flow); program = new Program { Architecture = new FakeArchitecture() }; flow[b] = CreateBlockFlow(b, m.Frame); a.Analyze(b); Assert.IsFalse(flow[b].TerminatesProcess); }
public void VpCastCast() { var m = new ProcedureBuilder(); m.Store( m.Word32(0x1234000), m.Cast( PrimitiveType.Real32, m.Cast( PrimitiveType.Real64, m.Load(PrimitiveType.Real32, m.Word32(0x123400))))); m.Return(); mr.ReplayAll(); RunFileTest(m, "Analysis/VpCastCast.txt"); }
public void VpIndirectCall() { var callee = CreateExternalProcedure("foo", RegArg(1, "r1"), StackArg(4), StackArg(8)); var pc = new ProcedureConstant(PrimitiveType.Pointer32, callee); var m = new ProcedureBuilder(); var r1 = m.Reg32("r1", 1); var sp = m.Frame.EnsureRegister(m.Architecture.StackRegister); m.Assign(r1, pc); m.Assign(sp, m.ISub(sp, 4)); m.Store(sp, 3); m.Assign(sp, m.ISub(sp, 4)); m.Store(sp, m.LoadW(m.Word32(0x1231230))); m.Call(r1, 4); m.Return(); arch.Stub(a => a.CreateStackAccess(null, 0, null)) .IgnoreArguments() .Do(new Func<Frame, int, DataType, Expression>((f, off, dt) => m.Load(dt, m.IAdd(sp, off)))); mr.ReplayAll(); var ssa = RunTest(m); var sExp = #region Expected @"r1_0: orig: r1 def: r1_0 = foo r63:r63 def: def r63 uses: r63_2 = r63 - 0x00000004 Mem3[r63 - 0x00000004:word32] = 0x00000003 r63_4 = r63 - 0x00000008 Mem5[r63 - 0x00000008:word16] = Mem3[0x01231230:word16] r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32]) r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32]) r63_2: orig: r63 def: r63_2 = r63 - 0x00000004 Mem3: orig: Mem0 def: Mem3[r63 - 0x00000004:word32] = 0x00000003 uses: Mem5[r63 - 0x00000008:word16] = Mem3[0x01231230:word16] r63_4: orig: r63 def: r63_4 = r63 - 0x00000008 Mem5: orig: Mem0 def: Mem5[r63 - 0x00000008:word16] = Mem3[0x01231230:word16] r1_6: orig: r1 def: r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32]) r63_7: orig: r63 Mem8: orig: Mem0 uses: r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32]) Mem9: orig: Mem0 uses: r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32]) // ProcedureBuilder // Return size: 0 void ProcedureBuilder() ProcedureBuilder_entry: def r63 // succ: l1 l1: r1_0 = foo r63_2 = r63 - 0x00000004 Mem3[r63 - 0x00000004:word32] = 0x00000003 r63_4 = r63 - 0x00000008 Mem5[r63 - 0x00000008:word16] = Mem3[0x01231230:word16] r1_6 = foo(Mem8[r63 - 0x00000008:word32], Mem9[r63 - 0x00000004:word32]) return // succ: ProcedureBuilder_exit ProcedureBuilder_exit: "; #endregion AssertStringsEqual(sExp, ssa); }
public void Usb_ParseFunctionDeclaration_WithRegisterArgs() { var arch = new FakeArchitecture(); var m = new ProcedureBuilder(arch, "test"); var r1 = m.Reg32("r1", 1); var r2 = m.Reg32("r2", 2); m.Store(m.Word32(0x123400), m.Cast(PrimitiveType.Byte, r1)); m.Store(m.Word32(0x123404), m.Cast(PrimitiveType.Real32, r2)); m.Return(); var usb = new UserSignatureBuilder(program); usb.ApplySignatureToProcedure( Address.Create(PrimitiveType.Pointer32, 0x1000), new ProcedureSignature( null, new Identifier("r2", PrimitiveType.Char, r1.Storage), // perverse but legal. new Identifier("r1", PrimitiveType.Real32, r2.Storage)), m.Procedure); var sExp = @"// test // Return size: 0 void test(char r2, real32 r1) test_entry: // succ: l1 l1: r1 = r2 r2 = r1 Mem0[0x00123400:byte] = (byte) r1 Mem0[0x00123404:real32] = (real32) r2 return // succ: test_exit test_exit: "; var sb = new StringWriter(); m.Procedure.Write(false, sb); Assert.AreEqual(sExp, sb.ToString()); }
public void TrcoCallFunctionWithArraySize() { var m = new ProcedureBuilder(); var sig = new ProcedureSignature(null, m.Frame.EnsureStackArgument(0, PrimitiveType.Word32)); var ex = new ExternalProcedure("malloc", sig, new ProcedureCharacteristics { Allocator = true, ArraySize = new ArraySizeCharacteristic { Argument = "r", Factors = new ArraySizeFactor[] { new ArraySizeFactor { Constant = "1" } } } }); Identifier eax = m.Local32("eax"); var call = m.Assign(eax, m.Fn(new ProcedureConstant(PrimitiveType.Word32, ex), m.Word32(3))); coll = CreateCollector(); call.Accept(eqb); call.Accept(coll); StringWriter sw = new StringWriter(); handler.Traits.Write(sw); string sExp = "T_1 (in malloc : word32)" + nl + "\ttrait_func(T_4 -> T_5)" + nl + "T_3 (in dwArg00 : word32)" + nl + "\ttrait_primitive(word32)" + nl + "T_4 (in 0x00000003 : word32)" + nl + "\ttrait_primitive(word32)" + nl + "\ttrait_equal(T_3)" + nl + "T_5 (in malloc(0x00000003) : word32)" + nl + "\ttrait_primitive(word32)"; Console.WriteLine(sw.ToString()); Assert.AreEqual(sExp, sw.ToString()); }
public void DfaUnsignedDiv() { var m = new ProcedureBuilder(); var r1 = m.Register(1); var r2 = m.Register(2); var r2_r1 = m.Frame.EnsureSequence(r2.Storage, r1.Storage, PrimitiveType.Word64); var tmp = m.Frame.CreateTemporary(r2_r1.DataType); m.Assign(r1, m.LoadDw(m.Word32(0x123400))); m.Assign(r2_r1, m.Seq(m.Word32(0), r1)); m.Assign(tmp, r2_r1); m.Assign(r1, m.UDiv(tmp, m.Word32(42))); m.Store(m.Word32(0x123404), r1); m.Return(); RunFileTest(m, "Analysis/DfaUnsignedDiv.txt"); }
public static void MemStore(ProcedureBuilder m) { m.Store(m.Word32(0x3120), 0); m.Store(m.Word32(0x3120), m.IAdd(m.LoadDw(m.Word32(0x3120)), 1)); m.Return(); }