URL https://opencores.org/ocsvn/ao486/ao486/trunk

Subversion Repositories ao486

[/] [ao486/] [trunk/] [ao486_tool/] [src/] [ao486/] [test/] [branch/] [TestJMP_real_v8086.java] - Blame information for rev 2

Details | Compare with Previous | View Log


/*
 * Copyright (c) 2014, Aleksander Osman
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 * * Redistributions of source code must retain the above copyright notice, this
 *   list of conditions and the following disclaimer.
 *
 * * Redistributions in binary form must reproduce the above copyright notice,
 *   this list of conditions and the following disclaimer in the documentation
 *   and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 
package ao486.test.branch;
 
import ao486.test.TestUnit;
import ao486.test.layers.EffectiveAddressLayerFactory;
import ao486.test.layers.FlagsLayer;
import ao486.test.layers.GeneralRegisterLayer;
import ao486.test.layers.HandleModeChangeLayer;
import ao486.test.layers.IOLayer;
import ao486.test.layers.InstructionLayer;
import ao486.test.layers.Layer;
import ao486.test.layers.MemoryLayer;
import ao486.test.layers.MemoryPatchLayer;
import ao486.test.layers.OtherLayer;
import ao486.test.layers.Pair;
import ao486.test.layers.SegmentLayer;
import ao486.test.layers.StackLayer;
import java.io.*;
import java.util.LinkedList;
import java.util.Random;
 
 
public class TestJMP_real_v8086 extends TestUnit implements Serializable {
    public static void main(String args[]) throws Exception {
        run_test(TestJMP_real_v8086.class);
    }
 
    //--------------------------------------------------------------------------
    @Override
    public int get_test_count() throws Exception {
        return 100;
    }
 
    @Override
    public void init() throws Exception {
 
        random = new Random(3 + index);
 
        String instruction;
        while(true) {
            layers.clear();
 
            LinkedList<Pair<Long, Long>> prohibited_list = new LinkedList<>();
 
            // if false: v8086 mode
            boolean is_real = random.nextBoolean();
 
            InstructionLayer instr  = new InstructionLayer(random, prohibited_list);
            layers.add(instr);
            StackLayer stack        = new StackLayer(random, prohibited_list);
            layers.add(stack);
            layers.add(new OtherLayer(is_real ? OtherLayer.Type.REAL : OtherLayer.Type.PROTECTED_OR_V8086, random));
            layers.add(new FlagsLayer(is_real ? FlagsLayer.Type.RANDOM : FlagsLayer.Type.V8086, random));
            layers.add(new GeneralRegisterLayer(random));
            layers.add(new SegmentLayer(random));
            layers.add(new MemoryLayer(random));
            layers.add(new IOLayer(random));
            layers.addFirst(new HandleModeChangeLayer(
                    getInput("cr0_pe"),
                    getInput("vmflag"),
                    getInput("cs_rpl"),
                    getInput("cs_p"),
                    getInput("cs_s"),
                    getInput("cs_type")
            ));
 
            /*
             * 0 - eip out of bounds
             *
             * 1 - all ok
             */
 
            int type = random.nextInt(2);
 
            // instruction size
            boolean cs_d_b = getInput("cs_d_b") == 1;
 
            boolean a32 = random.nextBoolean();
            boolean o32 = random.nextBoolean();
 
            // destination
            long cs         = random.nextInt(0xFFFF+1);
            long cs_limit   = (is_real == false)? 0xFFFF : getInput("cs_limit");
            long new_eip    = random.nextInt((int)cs_limit+1);
 
            if(o32 == false) new_eip &= 0xFFFF;
 
            if(type == 0 && o32 == false && cs_limit <= 0xFFFF) new_eip = 0xFFFF - 4 + random.nextInt(5);
            if(type == 0 && o32 == true)                        new_eip = cs_limit + random.nextInt(5);
 
            // dest instruction
            long dest = (cs << 4) + new_eip;
 
            boolean can_add = Layer.collides(prohibited_list, (int)dest, (int)(dest+1));
            if(can_add == false) continue;
 
            MemoryPatchLayer patch = new MemoryPatchLayer(random, prohibited_list, (int)dest, 0x0F,0x0F);
            layers.addFirst(patch);
 
            // add instruction
            byte extra_bytes[] = null;
 
            boolean is_Ep = random.nextBoolean();
 
            if(is_Ep) {
                byte modregrm_bytes[] = EffectiveAddressLayerFactory.prepare(
                        o32? (((cs & 0xFFFF) << 32) | (new_eip & 0xFFFFFFFF)) : (((cs & 0xFFFF) << 16) | (new_eip & 0xFFFF)),
                        5, EffectiveAddressLayerFactory.modregrm_reg_t.SET,
                        o32? 6 : 4, a32,
                        layers, random, this, true, false);
                extra_bytes = modregrm_bytes;
            }
            else {
                long immediate = o32? (((cs & 0xFFFF) << 32) | (new_eip & 0xFFFFFFFF)) : (((cs & 0xFFFF) << 16) | (new_eip & 0xFFFF));
 
                byte imm_bytes[] = new byte[o32? 6 : 4];
                for(int i=0; i<imm_bytes.length; i++) {
                    imm_bytes[i] = (byte)(immediate & 0xFF);
                    immediate >>= 8;
                }
                extra_bytes = imm_bytes;
            }
 
            instruction = prepare_instr(cs_d_b, a32, o32, extra_bytes, is_Ep);
            instr.add_instruction(instruction);
 
System.out.printf("a32: %b, o32: %b, cs_d_b: %b\n", a32,o32,cs_d_b);
System.out.printf("cs: %x\n", cs);
System.out.printf("cs_limit: %x\n", cs_limit);
System.out.printf("new_eip: %x\n", new_eip);
System.out.printf("o32: %b\n", o32);
System.out.printf("is_real: %b\n", is_real);
 
            // end condition
            break;
        }
 
        System.out.println("Instruction: [" + instruction + "]");
    }
 
    String prepare_instr(boolean cs_d_b, boolean a32, boolean o32, byte extra_bytes[], boolean is_Ep) throws Exception {
        int opcodes[] = {
            0xFF, 0xEA
        };
 
        String prefix = "";
        if(cs_d_b != o32) { prefix = "66" + prefix; }
        if(cs_d_b != a32) { prefix = "67" + prefix; }
 
        int opcode = opcodes[is_Ep? 0 : 1];
 
        byte instr[] = new byte[1 + extra_bytes.length];
        instr[0] = (byte)opcode;
        System.arraycopy(extra_bytes, 0, instr, 1, extra_bytes.length);
 
        return prefix + bytesToHex(instr);
    }
 
}

Line No.	Rev	Author	Line
1	2	alfik	`/*`
2			`* Copyright (c) 2014, Aleksander Osman`
3			`* All rights reserved.`
4			`*`
5			`* Redistribution and use in source and binary forms, with or without`
6			`* modification, are permitted provided that the following conditions are met:`
7			`*`
8			`* * Redistributions of source code must retain the above copyright notice, this`
9			`* list of conditions and the following disclaimer.`
10			`*`
11			`* * Redistributions in binary form must reproduce the above copyright notice,`
12			`* this list of conditions and the following disclaimer in the documentation`
13			`* and/or other materials provided with the distribution.`
14			`*`
15			`* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"`
16			`* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE`
17			`* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE`
18			`* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE`
19			`* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL`
20			`* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR`
21			`* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER`
22			`* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,`
23			`* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE`
24			`* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.`
25			`*/`
26
27			`package ao486.test.branch;`
28
29			`import ao486.test.TestUnit;`
30			`import ao486.test.layers.EffectiveAddressLayerFactory;`
31			`import ao486.test.layers.FlagsLayer;`
32			`import ao486.test.layers.GeneralRegisterLayer;`
33			`import ao486.test.layers.HandleModeChangeLayer;`
34			`import ao486.test.layers.IOLayer;`
35			`import ao486.test.layers.InstructionLayer;`
36			`import ao486.test.layers.Layer;`
37			`import ao486.test.layers.MemoryLayer;`
38			`import ao486.test.layers.MemoryPatchLayer;`
39			`import ao486.test.layers.OtherLayer;`
40			`import ao486.test.layers.Pair;`
41			`import ao486.test.layers.SegmentLayer;`
42			`import ao486.test.layers.StackLayer;`
43			`import java.io.*;`
44			`import java.util.LinkedList;`
45			`import java.util.Random;`
46
47
48			`public class TestJMP_real_v8086 extends TestUnit implements Serializable {`
49			`public static void main(String args[]) throws Exception {`
50			`run_test(TestJMP_real_v8086.class);`
51			`}`
52
53			`//--------------------------------------------------------------------------`
54			`@Override`
55			`public int get_test_count() throws Exception {`
56			`return 100;`
57			`}`
58
59			`@Override`
60			`public void init() throws Exception {`
61
62			`random = new Random(3 + index);`
63
64			`String instruction;`
65			`while(true) {`
66			`layers.clear();`
67
68			`LinkedList<Pair<Long, Long>> prohibited_list = new LinkedList<>();`
69
70			`// if false: v8086 mode`
71			`boolean is_real = random.nextBoolean();`
72
73			`InstructionLayer instr = new InstructionLayer(random, prohibited_list);`
74			`layers.add(instr);`
75			`StackLayer stack = new StackLayer(random, prohibited_list);`
76			`layers.add(stack);`
77			`layers.add(new OtherLayer(is_real ? OtherLayer.Type.REAL : OtherLayer.Type.PROTECTED_OR_V8086, random));`
78			`layers.add(new FlagsLayer(is_real ? FlagsLayer.Type.RANDOM : FlagsLayer.Type.V8086, random));`
79			`layers.add(new GeneralRegisterLayer(random));`
80			`layers.add(new SegmentLayer(random));`
81			`layers.add(new MemoryLayer(random));`
82			`layers.add(new IOLayer(random));`
83			`layers.addFirst(new HandleModeChangeLayer(`
84			`getInput("cr0_pe"),`
85			`getInput("vmflag"),`
86			`getInput("cs_rpl"),`
87			`getInput("cs_p"),`
88			`getInput("cs_s"),`
89			`getInput("cs_type")`
90			`));`
91
92			`/*`
93			`* 0 - eip out of bounds`
94			`*`
95			`* 1 - all ok`
96			`*/`
97
98			`int type = random.nextInt(2);`
99
100			`// instruction size`
101			`boolean cs_d_b = getInput("cs_d_b") == 1;`
102
103			`boolean a32 = random.nextBoolean();`
104			`boolean o32 = random.nextBoolean();`
105
106			`// destination`
107			`long cs = random.nextInt(0xFFFF+1);`
108			`long cs_limit = (is_real == false)? 0xFFFF : getInput("cs_limit");`
109			`long new_eip = random.nextInt((int)cs_limit+1);`
110
111			`if(o32 == false) new_eip &= 0xFFFF;`
112
113			`if(type == 0 && o32 == false && cs_limit <= 0xFFFF) new_eip = 0xFFFF - 4 + random.nextInt(5);`
114			`if(type == 0 && o32 == true) new_eip = cs_limit + random.nextInt(5);`
115
116			`// dest instruction`
117			`long dest = (cs << 4) + new_eip;`
118
119			`boolean can_add = Layer.collides(prohibited_list, (int)dest, (int)(dest+1));`
120			`if(can_add == false) continue;`
121
122			`MemoryPatchLayer patch = new MemoryPatchLayer(random, prohibited_list, (int)dest, 0x0F,0x0F);`
123			`layers.addFirst(patch);`
124
125			`// add instruction`
126			`byte extra_bytes[] = null;`
127
128			`boolean is_Ep = random.nextBoolean();`
129
130			`if(is_Ep) {`
131			`byte modregrm_bytes[] = EffectiveAddressLayerFactory.prepare(`
132			`o32? (((cs & 0xFFFF) << 32) \| (new_eip & 0xFFFFFFFF)) : (((cs & 0xFFFF) << 16) \| (new_eip & 0xFFFF)),`
133			`5, EffectiveAddressLayerFactory.modregrm_reg_t.SET,`
134			`o32? 6 : 4, a32,`
135			`layers, random, this, true, false);`
136			`extra_bytes = modregrm_bytes;`
137			`}`
138			`else {`
139			`long immediate = o32? (((cs & 0xFFFF) << 32) \| (new_eip & 0xFFFFFFFF)) : (((cs & 0xFFFF) << 16) \| (new_eip & 0xFFFF));`
140
141			`byte imm_bytes[] = new byte[o32? 6 : 4];`
142			`for(int i=0; i<imm_bytes.length; i++) {`
143			`imm_bytes[i] = (byte)(immediate & 0xFF);`
144			`immediate >>= 8;`
145			`}`
146			`extra_bytes = imm_bytes;`
147			`}`
148
149			`instruction = prepare_instr(cs_d_b, a32, o32, extra_bytes, is_Ep);`
150			`instr.add_instruction(instruction);`
151
152			`System.out.printf("a32: %b, o32: %b, cs_d_b: %b\n", a32,o32,cs_d_b);`
153			`System.out.printf("cs: %x\n", cs);`
154			`System.out.printf("cs_limit: %x\n", cs_limit);`
155			`System.out.printf("new_eip: %x\n", new_eip);`
156			`System.out.printf("o32: %b\n", o32);`
157			`System.out.printf("is_real: %b\n", is_real);`
158
159			`// end condition`
160			`break;`
161			`}`
162
163			`System.out.println("Instruction: [" + instruction + "]");`
164			`}`
165
166			`String prepare_instr(boolean cs_d_b, boolean a32, boolean o32, byte extra_bytes[], boolean is_Ep) throws Exception {`
167			`int opcodes[] = {`
168			`0xFF, 0xEA`
169			`};`
170
171			`String prefix = "";`
172			`if(cs_d_b != o32) { prefix = "66" + prefix; }`
173			`if(cs_d_b != a32) { prefix = "67" + prefix; }`
174
175			`int opcode = opcodes[is_Ep? 0 : 1];`
176
177			`byte instr[] = new byte[1 + extra_bytes.length];`
178			`instr[0] = (byte)opcode;`
179			`System.arraycopy(extra_bytes, 0, instr, 1, extra_bytes.length);`
180
181			`return prefix + bytesToHex(instr);`
182			`}`
183
184			`}`

Browse

Tools

Subversion Repositories ao486

[/] [ao486/] [trunk/] [ao486_tool/] [src/] [ao486/] [test/] [branch/] [TestJMP_real_v8086.java] - Blame information for rev 2