NAME=got switch cases
FILE=bins/elf/fedora_32_bin_ls
CMDS=<<EOF
aap
aflc
EOF
EXPECT=<<EOF
459
EOF
RUN

NAME=.gnu_debugdata parsed
FILE=bins/elf/fedora_32_bin_ls
CMDS=<<EOF
aap
afl~x2realloc
afl~quotearg_alloc_mem
EOF
EXPECT=<<EOF
0x00016dc0    8 96   -> 83   sym.x2realloc
0x00015d10    3 233          sym.quotearg_alloc_mem
EOF
RUN

NAME=got switch cases
FILE=bins/elf/game_of_thrones
CMDS=<<EOF
s main
aa > /dev/null
pdsf~case
EOF
EXPECT=<<EOF
0x00401125 switch table (7 cases) at 0x4013e4
EOF
RUN

NAME=analysis.ijmp missing branch bug
FILE==
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
wx 564155415453504989ff8b1f8b7f0889de83e61fe851010000418b7f1089dec1ee1083e61fe84001000085db0f8915010000458b77184585f60f84080100004983c71c31db4c8d250a0100004c8d2d07dacd29418b470889c1c1e91880f9040f87d700000049630c8c4c01e1ffe1418b3fc1e8100fb6f0e8ee0000004983c70ce9b700000084c00f84ab000000418b570c4885d2756de99d00000041837f0c000f84920000004d8b2f418b7d00c1e8100fb6f0e8b2000000418b470c83f802722141bc01000000410fb6770a438b7ca500e894000000418b470c49ffc44139c472e585c04c8d256b0000004c8d2d68d9cd297444410fb64f0885c9743b89c248c1e202498b37418b7d00e86d0e0000eb27a8027514418b7d00418b770c498b17e8fefc0000418b4708418b7f0cc1e8100fb6f0e8320000004983c710ffc34439f30f850cffffff4883c4085b415c415d415e415f5dc3
af
afb
EOF
EXPECT=<<EOF
0x00000000 0x00000032 00:0000 50 j 0x00000147 f 0x00000032
0x00000032 0x0000003f 00:0000 13 j 0x00000147 f 0x0000003f
0x0000003f 0x00000053 00:0000 20 j 0x00000053
0x00000053 0x00000065 00:0000 18 j 0x0000013c f 0x00000065
0x00000065 0x0000006e 00:0000 9
0x0000013c 0x00000147 00:0000 11 j 0x00000053 f 0x00000147
0x00000147 0x00000156 00:0000 15
EOF
RUN

NAME=x86_64 getenv this maybe & jmp noret fix
FILE=bins/elf/ls.odd
CMDS=<<EOF
aaa
s 0x4901
afb~4901
echo
e asm.bytes=false
s main+98
pd 3
EOF
EXPECT=<<EOF
0x000048f4 0x00004901 00:0000 13 j 0x000045b1 f 0x00004901
0x00004901 0x0000491a 00:0000 25 j 0x000045ba f 0x0000491a

|           0x000039c2      mov   dword [data.0021f558], 2             ; [0x21f558:4]=1
|           0x000039cc      call  fcn.00015960
|           0x000039d1      mov   byte [data.00220618], 1              ; [0x220618:1]=0
EOF
RUN

NAME=x86_64 socket syscall
FILE=bins/elf/socket-syscall
CMDS=<<EOF
e asm.bytes=true
aa
aae
s main
pd 1 @ 0x00001140
aei
aeim
aecu 0x00001140
as
EOF
EXPECT=<<EOF
|           ;-- syscall.socket:
|           0x00001140      0f05           syscall
41 = socket (0x00000001, 0x00000002, 0x00000003)
EOF
RUN

NAME=x86_64 jmptbl -O0
FILE=bins/mach0/FMS.uu
CMDS=<<EOF
s sym._checkinput
af
afi*
EOF
EXPECT=<<EOF
"f sym._checkinput 288 @ 0x100000da0"
"af+ sym._checkinput f @ 0x100000da0"
afb+ 0x100000da0 0x100000da0 22 0x100000db6 0xffffffffffffffff
afb+ 0x100000da0 0x100000e99 5 0x100000e9e 0xffffffffffffffff
afb+ 0x100000da0 0x100000e9e 24 0x100000db6 0x100000eb6
afb+ 0x100000da0 0x100000db6 26 0x100000e99 0x100000dd0
afb+ 0x100000da0 0x100000eb6 4 0x100000eba 0xffffffffffffffff
afb+ 0x100000da0 0x100000dd0 20 0xffffffffffffffff 0xffffffffffffffff
afb+ 0x100000da0 0x100000e90 9 0x100000eba 0xffffffffffffffff
afb+ 0x100000da0 0x100000eba 6 0xffffffffffffffff 0xffffffffffffffff
afb+ 0x100000da0 0x100000e54 16 0x100000e82 0x100000e64
afb+ 0x100000da0 0x100000e82 9 0x100000eba 0xffffffffffffffff
afb+ 0x100000da0 0x100000e64 16 0x100000e82 0x100000e74
afb+ 0x100000da0 0x100000e74 14 0x100000e8b 0xffffffffffffffff
afb+ 0x100000da0 0x100000e8b 5 0x100000e99 0xffffffffffffffff
afb+ 0x100000da0 0x100000e2a 16 0x100000e46 0x100000e3a
afb+ 0x100000da0 0x100000e46 9 0x100000eba 0xffffffffffffffff
afb+ 0x100000da0 0x100000e3a 12 0x100000e4f 0xffffffffffffffff
afb+ 0x100000da0 0x100000e4f 5 0x100000e99 0xffffffffffffffff
afb+ 0x100000da0 0x100000e00 16 0x100000e1c 0x100000e10
afb+ 0x100000da0 0x100000e1c 9 0x100000eba 0xffffffffffffffff
afb+ 0x100000da0 0x100000e10 12 0x100000e25 0xffffffffffffffff
afb+ 0x100000da0 0x100000e25 5 0x100000e99 0xffffffffffffffff
afb+ 0x100000da0 0x100000de4 16 0x100000dfb 0x100000df4
afb+ 0x100000da0 0x100000dfb 5 0x100000e99 0xffffffffffffffff
afb+ 0x100000da0 0x100000df4 7 0x100000dfb 0xffffffffffffffff
afB 64 @ 0x100000da0
afc amd64 @ 0x100000da0
afvs -48 var_30h int64_t @ 0x100000da0
afvs -40 var_28h int64_t @ 0x100000da0
afvs -32 var_20h int64_t @ 0x100000da0
afvs -28 var_1ch int64_t @ 0x100000da0
afvs -24 var_18h int64_t @ 0x100000da0
afvs -9 var_9h int64_t @ 0x100000da0
afvr rdi arg1 int64_t @ 0x100000da0
axd 0x100000ec0 @ 0x100000dd0
axc 0x100000de4 @ 0x100000de2
axc 0x100000e00 @ 0x100000de2
axc 0x100000e2a @ 0x100000de2
axc 0x100000e54 @ 0x100000de2
axc 0x100000e90 @ 0x100000de2
axc 0x100000e99 @ 0x100000dfb
axc 0x100000e25 @ 0x100000e17
axc 0x100000eba @ 0x100000e20
axc 0x100000e99 @ 0x100000e25
axc 0x100000e4f @ 0x100000e41
axc 0x100000eba @ 0x100000e4a
axc 0x100000e99 @ 0x100000e4f
axc 0x100000e8b @ 0x100000e7d
axc 0x100000eba @ 0x100000e86
axc 0x100000e99 @ 0x100000e8b
axc 0x100000eba @ 0x100000e94
axc 0x100000e9e @ 0x100000e99
afS 8 @ 0x100000da0
EOF
RUN

NAME=x86_64 main() jmptbl in bins/elf/ls.odd
FILE=bins/elf/ls.odd
CMDS=<<EOF
e analysis.jmp.tbl=true
s main
aF
afb
EOF
EXPECT=<<EOF
0x00003960 0x00003a1f 00:0000 191 j 0x000047a7 f 0x00003a1f
0x00003a1f 0x00003a24 00:0000 5 j 0x00003a32 f 0x00003a24
0x00003a24 0x00003a2d 00:0000 9 j 0x0000431a f 0x00003a2d
0x00003a2d 0x00003a32 00:0000 5
0x00003a32 0x00003a48 00:0000 22 j 0x00003a48
0x00003a48 0x00003ad5 00:0000 141 j 0x00003b0b f 0x00003ad5
0x00003ad5 0x00003af8 00:0000 35 j 0x000047c2 f 0x00003af8
0x00003af8 0x00003b0b 00:0000 19 j 0x00003b0b
0x00003b0b 0x00003b2a 00:0000 31 j 0x00003b33 f 0x00003b2a
0x00003b2a 0x00003b33 00:0000 9 j 0x000047fd f 0x00003b33
0x00003b33 0x00003b51 00:0000 30 j 0x00003b62 f 0x00003b51
0x00003b51 0x00003b5b 00:0000 10 j 0x00003b62 f 0x00003b5b
0x00003b5b 0x00003b62 00:0000 7 j 0x00003b62
0x00003b62 0x00003b81 00:0000 31 j 0x00003ba7 f 0x00003b81
0x00003b81 0x00003b9b 00:0000 26 j 0x00004caf f 0x00003b9b
0x00003b9b 0x00003ba7 00:0000 12 j 0x00003ba7
0x00003ba7 0x00003bc8 00:0000 33 j 0x00003bc8
0x00003bc8 0x00003bf4 00:0000 44 j 0x0000437b f 0x00003bf4
0x00003bf4 0x00003c04 00:0000 16 j 0x00005159 f 0x00003c04
0x00003c04 0x00003c0e 00:0000 10 s 0x00003eae s 0x000050bf s 0x00005159 s 0x00003e92 s 0x00003e83 s 0x00003e32 s 0x00003e23 s 0x00003e17 s 0x00003e08 s 0x00003dfc s 0x00003ded s 0x00003db8 s 0x00003da9 s 0x00003d9b s 0x00003d8a s 0x00003d7e s 0x00003d6a s 0x00003d25 s 0x00003d11 s 0x00003cfd s 0x00003cf1 s 0x00003ce2 s 0x00003cd1 s 0x00003cc2 s 0x00003cb6 s 0x00003c76 s 0x00003c60 s 0x00003c31 s 0x00003c28 s 0x00003c21 s 0x00003c15 s 0x0000427c s 0x00003c0e s 0x00004266 s 0x00004257 s 0x0000424b s 0x0000423f s 0x00004233 s 0x0000421f s 0x000042ff s 0x000042eb s 0x0000429a s 0x0000428b s 0x0000430e s 0x000041de s 0x0000417f s 0x00004170 s 0x00004161 s 0x0000411e s 0x00004108 s 0x000040fc s 0x000040d1 s 0x00004065 s 0x00004022 s 0x00003fde s 0x00003fd2 s 0x00003fa3 s 0x00003f5b s 0x00003f18 s 0x00003f0c
0x00003c0e 0x00003c15 00:0000 7 j 0x00003c15
0x00003c15 0x00003c21 00:0000 12 j 0x00003bc8
0x00003c21 0x00003c28 00:0000 7 j 0x00003bc8
0x00003c28 0x00003c31 00:0000 9 j 0x00003bc8
0x00003c31 0x00003c60 00:0000 47 j 0x00003bc8
0x00003c60 0x00003c76 00:0000 22 j 0x00003bc8
0x00003c76 0x00003c97 00:0000 33 j 0x00004d9d f 0x00003c97
0x00003c97 0x00003cb6 00:0000 31 j 0x00003bc8
0x00003cb6 0x00003cc2 00:0000 12 j 0x00003bc8
0x00003cc2 0x00003cd1 00:0000 15 j 0x00003bc8
0x00003cd1 0x00003ce2 00:0000 17 j 0x00003bc8
0x00003ce2 0x00003cf1 00:0000 15 j 0x00003bc8
0x00003cf1 0x00003cfd 00:0000 12 j 0x00003bc8
0x00003cfd 0x00003d11 00:0000 20 j 0x00003bc8
0x00003d11 0x00003d25 00:0000 20 j 0x00003bc8
0x00003d25 0x00003d6a 00:0000 69 j 0x00003bc8
0x00003d6a 0x00003d7e 00:0000 20 j 0x00003bc8
0x00003d7e 0x00003d8a 00:0000 12 j 0x00003bc8
0x00003d8a 0x00003d9b 00:0000 17 j 0x00003bc8
0x00003d9b 0x00003da9 00:0000 14 j 0x00003bc8
0x00003da9 0x00003db8 00:0000 15 j 0x00003bc8
0x00003db8 0x00003ded 00:0000 53 j 0x00003bc8
0x00003ded 0x00003dfc 00:0000 15 j 0x00003bc8
0x00003dfc 0x00003e08 00:0000 12 j 0x00003bc8
0x00003e08 0x00003e17 00:0000 15 j 0x00003bc8
0x00003e17 0x00003e23 00:0000 12 j 0x00003bc8
0x00003e23 0x00003e32 00:0000 15 j 0x00003bc8
0x00003e32 0x00003e83 00:0000 81 j 0x00003bc8
0x00003e83 0x00003e92 00:0000 15 j 0x00003bc8
0x00003e92 0x00003e9f 00:0000 13 j 0x00003bc8 f 0x00003e9f
0x00003e9f 0x00003eae 00:0000 15 j 0x00003bc8
0x00003eae 0x00003ec7 00:0000 25 j 0x00003edc f 0x00003ec7
0x00003ec7 0x00003edc 00:0000 21 j 0x00003edc
0x00003edc 0x00003f0c 00:0000 48
0x00003f0c 0x00003f18 00:0000 12 j 0x00003bc8
0x00003f18 0x00003f5b 00:0000 67 j 0x00003bc8
0x00003f5b 0x00003fa3 00:0000 72 j 0x00003bc8
0x00003fa3 0x00003fd2 00:0000 47 j 0x00003bc8
0x00003fd2 0x00003fde 00:0000 12 j 0x00003bc8
0x00003fde 0x00004022 00:0000 68 j 0x00003bc8
0x00004022 0x00004065 00:0000 67 j 0x00003bc8
0x00004065 0x00004075 00:0000 16 j 0x00004364 f 0x00004075
0x00004075 0x000040af 00:0000 58 j 0x00004364 f 0x000040af
0x000040af 0x000040ba 00:0000 11 j 0x00004369 f 0x000040ba
0x000040ba 0x000040d1 00:0000 23 j 0x00004369
0x000040d1 0x000040fc 00:0000 43 j 0x00003bc8
0x000040fc 0x00004108 00:0000 12 j 0x00003bc8
0x00004108 0x0000411e 00:0000 22 j 0x00003bc8
0x0000411e 0x00004161 00:0000 67 j 0x00003bc8
0x00004161 0x00004170 00:0000 15 j 0x00003bc8
0x00004170 0x0000417f 00:0000 15 j 0x00003bc8
0x0000417f 0x0000418f 00:0000 16 j 0x0000434d f 0x0000418f
0x0000418f 0x000041c9 00:0000 58 j 0x0000434d f 0x000041c9
0x000041c9 0x000041d2 00:0000 9 j 0x0000433b f 0x000041d2
0x000041d2 0x000041de 00:0000 12 j 0x00003bc8
0x000041de 0x00004200 00:0000 34 j 0x00005289 f 0x00004200
0x00004200 0x0000421f 00:0000 31 j 0x00003bc8
0x0000421f 0x00004233 00:0000 20 j 0x00003bc8
0x00004233 0x0000423f 00:0000 12 j 0x00003bc8
0x0000423f 0x0000424b 00:0000 12 j 0x00003bc8
0x0000424b 0x00004257 00:0000 12 j 0x00003bc8
0x00004257 0x00004266 00:0000 15 j 0x00003bc8
0x00004266 0x0000427c 00:0000 22 j 0x00003bc8
0x0000427c 0x0000428b 00:0000 15 j 0x00003bc8
0x0000428b 0x0000429a 00:0000 15 j 0x00003bc8
0x0000429a 0x000042ae 00:0000 20 j 0x00003bc8 f 0x000042ae
0x000042ae 0x000042eb 00:0000 61 j 0x000042eb
0x000042eb 0x000042ff 00:0000 20 j 0x00003bc8
0x000042ff 0x0000430e 00:0000 15 j 0x00003bc8
0x0000430e 0x0000431a 00:0000 12 j 0x00003bc8
0x0000431a 0x0000432c 00:0000 18 j 0x00004dd1 f 0x0000432c
0x0000432c 0x0000433b 00:0000 15 j 0x00003a48
0x0000433b 0x0000434d 00:0000 18 j 0x000041d2 f 0x0000434d
0x0000434d 0x00004364 00:0000 23 j 0x00003bc8
0x00004364 0x00004369 00:0000 5 j 0x00004369
0x00004369 0x0000437b 00:0000 18 j 0x00003bc8
0x0000437b 0x00004389 00:0000 14 j 0x0000499b f 0x00004389
0x00004389 0x000043c6 00:0000 61 j 0x000047f6 f 0x000043c6
0x000043c6 0x000043cf 00:0000 9 j 0x000047f6 f 0x000043cf
0x000043cf 0x000043d9 00:0000 10 j 0x000043df f 0x000043d9
0x000043d9 0x000043df 00:0000 6 j 0x000043f7 f 0x000043df
0x000043df 0x000043f7 00:0000 24 j 0x000043f7
0x000043f7 0x0000441c 00:0000 37 j 0x00004dba f 0x0000441c
0x0000441c 0x00004427 00:0000 11 j 0x0000445f f 0x00004427
0x00004427 0x0000443e 00:0000 23 j 0x0000445f f 0x0000443e
0x0000443e 0x00004440 00:0000 2 j 0x00004440
0x00004440 0x0000445f 00:0000 31 j 0x00004440 f 0x0000445f
0x0000445f 0x00004488 00:0000 41 j 0x0000449c f 0x00004488
0x00004488 0x00004495 00:0000 13 j 0x00004940 f 0x00004495
0x00004495 0x0000449c 00:0000 7 j 0x0000449c
0x0000449c 0x000044b0 00:0000 20 j 0x000044bb f 0x000044b0
0x000044b0 0x000044bb 00:0000 11 j 0x00004df3 f 0x000044bb
0x000044bb 0x000044bf 00:0000 4 j 0x00004502 f 0x000044bf
0x000044bf 0x000044c8 00:0000 9 j 0x00004e27 f 0x000044c8
0x000044c8 0x000044d1 00:0000 9 j 0x000044dc
0x000044d8 0x000044dc 00:0000 4 j 0x000044dc
0x000044dc 0x000044f4 00:0000 24 j 0x00004d03 f 0x000044f4
0x000044f4 0x00004502 00:0000 14 j 0x000044d8 f 0x00004502
0x00004502 0x00004516 00:0000 20 j 0x00004b81 f 0x00004516
0x00004516 0x00004523 00:0000 13 j 0x0000496a f 0x00004523
0x00004523 0x0000452c 00:0000 9 j 0x0000457b f 0x0000452c
0x0000452c 0x0000455d 00:0000 49 j 0x00005306 f 0x0000455d
0x0000455d 0x0000457b 00:0000 30 j 0x0000457b
0x0000457b 0x000045a4 00:0000 41 j 0x000045b1 f 0x000045a4
0x000045a4 0x000045b1 00:0000 13 j 0x000048e7 f 0x000045b1
0x000045b1 0x000045ba 00:0000 9 j 0x000045ba
0x000045ba 0x000045d4 00:0000 26 j 0x00004a84 f 0x000045d4
0x000045d4 0x000045e1 00:0000 13 j 0x00004a08 f 0x000045e1
0x000045e1 0x00004623 00:0000 66 j 0x00004841 f 0x00004623
0x00004623 0x00004628 00:0000 5 j 0x00004628
0x00004628 0x00004644 00:0000 28 j 0x00004628 f 0x00004644
0x00004644 0x00004652 00:0000 14 j 0x00004ac3 f 0x00004652
0x00004652 0x0000465f 00:0000 13 j 0x0000469c f 0x0000465f
0x0000465f 0x00004664 00:0000 5 j 0x00004ce3
0x00004668 0x00004695 00:0000 45 j 0x00004695
0x00004695 0x0000469c 00:0000 7 j 0x0000469c
0x0000469c 0x000046a5 00:0000 9 j 0x00004736 f 0x000046a5
0x000046a5 0x000046bf 00:0000 26 j 0x00004668 f 0x000046bf
0x000046bf 0x000046c4 00:0000 5 j 0x00004668 f 0x000046c4
0x000046c4 0x000046df 00:0000 27 j 0x000052a4 f 0x000046df
0x000046df 0x00004710 00:0000 49 j 0x000052c3 f 0x00004710
0x00004710 0x00004736 00:0000 38 j 0x00004695
0x00004736 0x0000473f 00:0000 9 j 0x0000474c f 0x0000473f
0x0000473f 0x0000474c 00:0000 13 j 0x0000486c f 0x0000474c
0x0000474c 0x00004759 00:0000 13 j 0x00004b2a f 0x00004759
0x00004759 0x00004765 00:0000 12 j 0x0000477e f 0x00004765
0x00004765 0x00004776 00:0000 17 j 0x000052e2 f 0x00004776
0x00004776 0x0000477e 00:0000 8 j 0x0000477e
0x0000477e 0x00004798 00:0000 26 j 0x00005301 f 0x00004798
0x00004798 0x000047a7 00:0000 15
0x000047a7 0x000047c2 00:0000 27 j 0x00003a48
0x000047c2 0x000047f6 00:0000 52 j 0x00003b0b
0x000047f6 0x000047fd 00:0000 7 j 0x000043f7
0x000047fd 0x0000480d 00:0000 16 j 0x00003b33 f 0x0000480d
0x0000480d 0x00004841 00:0000 52 j 0x00003b33
0x00004841 0x0000484e 00:0000 13 j 0x00004952 f 0x0000484e
0x0000484e 0x0000486c 00:0000 30 j 0x00004644
0x0000486c 0x00004876 00:0000 10 j 0x00004888 f 0x00004876
0x00004876 0x00004888 00:0000 18 j 0x00005015 f 0x00004888
0x00004888 0x000048a0 00:0000 24 j 0x000048a0
0x000048a0 0x000048bd 00:0000 29 j 0x000048cf f 0x000048bd
0x000048bd 0x000048c0 00:0000 3 j 0x000048c0
0x000048c0 0x000048cf 00:0000 15 j 0x000048c0 f 0x000048cf
0x000048cf 0x000048dd 00:0000 14 j 0x0000474c f 0x000048dd
0x000048dd 0x000048e7 00:0000 10 j 0x0000474c
0x000048e7 0x000048f4 00:0000 13 j 0x000045b1 f 0x000048f4
0x000048f4 0x00004901 00:0000 13 j 0x000045b1 f 0x00004901
0x00004901 0x0000491a 00:0000 25 j 0x000045ba f 0x0000491a
0x0000491a 0x00004927 00:0000 13 j 0x000045ba f 0x00004927
0x00004927 0x00004934 00:0000 13 j 0x000045ba f 0x00004934
0x00004934 0x00004940 00:0000 12 j 0x000045ba
0x00004940 0x0000494d 00:0000 13 j 0x000044bf f 0x0000494d
0x0000494d 0x00004952 00:0000 5 j 0x00004495
0x00004952 0x0000496a 00:0000 24 j 0x00004644
0x0000496a 0x00004978 00:0000 14 j 0x00004990 f 0x00004978
0x00004978 0x00004981 00:0000 9 j 0x00004990 f 0x00004981
0x00004981 0x00004990 00:0000 15 j 0x00004990
0x00004990 0x0000499b 00:0000 11 j 0x00004523
0x0000499b 0x000049c9 00:0000 46 j 0x000051d7 f 0x000049c9
0x000049c9 0x000049e3 00:0000 26 j 0x000049e3
0x000049e3 0x000049ee 00:0000 11 j 0x00004389 f 0x000049ee
0x000049ee 0x00004a08 00:0000 26 j 0x00004389
0x00004a08 0x00004a13 00:0000 11 j 0x00004a48
0x00004a18 0x00004a1d 00:0000 5 j 0x00004a55 f 0x00004a1d
0x00004a1d 0x00004a25 00:0000 8 j 0x00004a55 f 0x00004a25
0x00004a25 0x00004a2d 00:0000 8 j 0x00004a55 f 0x00004a2d
0x00004a2d 0x00004a32 00:0000 5 j 0x00004a55 f 0x00004a32
0x00004a32 0x00004a48 00:0000 22 j 0x00004a6a f 0x00004a48
0x00004a48 0x00004a4d 00:0000 5 j 0x00004a18 f 0x00004a4d
0x00004a4d 0x00004a55 00:0000 8 j 0x00004a25 f 0x00004a55
0x00004a55 0x00004a6a 00:0000 21 j 0x00004a48 f 0x00004a6a
0x00004a6a 0x00004a78 00:0000 14 j 0x00004e1b f 0x00004a78
0x00004a78 0x00004a84 00:0000 12 j 0x000045e1
0x00004a84 0x00004ac3 00:0000 63 j 0x000045d4
0x00004ac3 0x00004ad5 00:0000 18 j 0x00004e0a f 0x00004ad5
0x00004ad5 0x00004ae3 00:0000 14 j 0x00004652 f 0x00004ae3
0x00004ae3 0x00004af6 00:0000 19 j 0x00004736 f 0x00004af6
0x00004af6 0x00004b0b 00:0000 21 j 0x0000522c f 0x00004b0b
0x00004b0b 0x00004b16 00:0000 11 j 0x00004b16
0x00004b16 0x00004b2a 00:0000 20 j 0x0000469c
0x00004b2a 0x00004b81 00:0000 87 j 0x00004759
0x00004b81 0x00004b97 00:0000 22 j 0x00004ba0 f 0x00004b97
0x00004b97 0x00004ba0 00:0000 9 j 0x00004e9a f 0x00004ba0
0x00004ba0 0x00004bb1 00:0000 17 j 0x00004bba f 0x00004bb1
0x00004bb1 0x00004bba 00:0000 9 j 0x00004c52 f 0x00004bba
0x00004bba 0x00004bd0 00:0000 22 j 0x00004c4b f 0x00004bd0
0x00004bd0 0x00004bda 00:0000 10 j 0x00004c4b f 0x00004bda
0x00004bda 0x00004bef 00:0000 21 j 0x00004c03
0x00004bef 0x00004c03 00:0000 20 j 0x00004c03
0x00004c03 0x00004c11 00:0000 14 j 0x00004c45 f 0x00004c11
0x00004c11 0x00004c29 00:0000 24 j 0x00004bef f 0x00004c29
0x00004c29 0x00004c3d 00:0000 20 j 0x00004bef f 0x00004c3d
0x00004c3d 0x00004c45 00:0000 8 j 0x00004c52
0x00004c45 0x00004c4b 00:0000 6 j 0x00004c4b
0x00004c4b 0x00004c52 00:0000 7 j 0x00004c52
0x00004c52 0x00004c5f 00:0000 13 j 0x00004516 f 0x00004c5f
0x00004c5f 0x00004c6d 00:0000 14 j 0x00004ca3 f 0x00004c6d
0x00004c6d 0x00004c7b 00:0000 14 j 0x00004c84 f 0x00004c7b
0x00004c7b 0x00004c84 00:0000 9 j 0x00004ca3 f 0x00004c84
0x00004c84 0x00004c96 00:0000 18 j 0x00004516 f 0x00004c96
0x00004c96 0x00004ca3 00:0000 13 j 0x00004516 f 0x00004ca3
0x00004ca3 0x00004caf 00:0000 12 j 0x00004516
0x00004caf 0x00004ce3 00:0000 52 j 0x00003ba7
0x00004ce3 0x00004cec 00:0000 9 j 0x00004736 f 0x00004cec
0x00004cec 0x00004cf7 00:0000 11 j 0x0000469c f 0x00004cf7
0x00004cf7 0x00004d03 00:0000 12 j 0x0000469c
0x00004d03 0x00004d0d 00:0000 10 j 0x00004e4b f 0x00004d0d
0x00004d0d 0x00004d31 00:0000 36 j 0x000050c6 f 0x00004d31
0x00004d31 0x00004d3b 00:0000 10 j 0x000051f1 f 0x00004d3b
0x00004d3b 0x00004d41 00:0000 6 j 0x00005038 f 0x00004d41
0x00004d41 0x00004d4b 00:0000 10 j 0x0000520b f 0x00004d4b
0x00004d4b 0x00004d51 00:0000 6 j 0x00004d93 f 0x00004d51
0x00004d51 0x00004d5f 00:0000 14 j 0x00004d93 f 0x00004d5f
0x00004d5f 0x00004d93 00:0000 52 j 0x00004d93
0x00004d93 0x00004d9d 00:0000 10 j 0x00004502
0x00004d9d 0x00004dba 00:0000 29 j 0x00003c97
0x00004dba 0x00004dd1 00:0000 23 j 0x0000441c
0x00004dd1 0x00004df3 00:0000 34 j 0x00003a48
0x00004df3 0x00004dfb 00:0000 8 j 0x000044bf f 0x00004dfb
0x00004dfb 0x00004e0a 00:0000 15 j 0x00004502
0x00004e0a 0x00004e1b 00:0000 17 j 0x00004ad5
0x00004e1b 0x00004e27 00:0000 12 j 0x00004a78
0x00004e27 0x00004e3f 00:0000 24 j 0x000044c8 f 0x00004e3f
0x00004e3f 0x00004e4b 00:0000 12 j 0x00004d0d
0x00004e4b 0x00004e68 00:0000 29 j 0x0000505b f 0x00004e68
0x00004e68 0x00004e82 00:0000 26 j 0x00005257 f 0x00004e82
0x00004e82 0x00004e87 00:0000 5 j 0x00004e87
0x00004e87 0x00004e9a 00:0000 19 j 0x00004d93
0x00004e9a 0x00004eca 00:0000 48 j 0x00004eca
0x00004eca 0x00004edb 00:0000 17 j 0x00005063 f 0x00004edb
0x00004edb 0x00004ee4 00:0000 9 j 0x0000523b f 0x00004ee4
0x00004ee4 0x00004eec 00:0000 8 j 0x00005249 f 0x00004eec
0x00004eec 0x00004f06 00:0000 26 j 0x000050b1 f 0x00004f06
0x00004f06 0x00004f2a 00:0000 36 j 0x000050b1 f 0x00004f2a
0x00004f2a 0x00004f38 00:0000 14 j 0x00004f38
0x00004f38 0x00004f48 00:0000 16 j 0x000051a1 f 0x00004f48
0x00004f48 0x00004f55 00:0000 13 j 0x00004f38 f 0x00004f55
0x00004f55 0x00004f8d 00:0000 56 j 0x00004f8d
0x00004f8d 0x00004fc3 00:0000 54 j 0x00004fcf
0x00004fc3 0x00004fcf 00:0000 12 j 0x00004fcf
0x00004fcf 0x00004fd4 00:0000 5 j 0x00004fc3 f 0x00004fd4
0x00004fd4 0x00004fdb 00:0000 7 j 0x00004fdb
0x00004fdb 0x00004fe9 00:0000 14 j 0x00004c52 f 0x00004fe9
0x00004fe9 0x00005009 00:0000 32 j 0x00004c52 f 0x00005009
0x00005009 0x00005015 00:0000 12 j 0x00004c52
0x00005015 0x00005023 00:0000 14 j 0x00004888 f 0x00005023
0x00005023 0x00005033 00:0000 16 j 0x00004888 f 0x00005033
0x00005033 0x00005038 00:0000 5 j 0x000048a0
0x00005038 0x00005041 00:0000 9 j 0x00004d93 f 0x00005041
0x00005041 0x0000505b 00:0000 26 j 0x00004d93
0x0000505b 0x00005063 00:0000 8 j 0x00004e87
0x00005063 0x000050b1 00:0000 78 j 0x00005163 f 0x000050b1
0x000050b1 0x000050bf 00:0000 14 j 0x00004f8d
0x000050bf 0x000050c6 00:0000 7 j 0x000050c6
0x000050c6 0x00005112 00:0000 76 j 0x00005112
0x00005112 0x00005134 00:0000 34 j 0x00005112 f 0x00005134
0x00005134 0x00005159 00:0000 37 j 0x00005159
0x00005159 0x00005163 00:0000 10 j 0x00005163
0x00005163 0x0000517a 00:0000 23 j 0x000050b1 f 0x0000517a
0x0000517a 0x0000519c 00:0000 34 j 0x00004eca f 0x0000519c
0x0000519c 0x000051a1 00:0000 5 j 0x000050b1
0x000051a1 0x000051d2 00:0000 49 j 0x00004eca f 0x000051d2
0x000051d2 0x000051d7 00:0000 5 j 0x00004f55
0x000051d7 0x000051ec 00:0000 21 j 0x000049c9 f 0x000051ec
0x000051ec 0x000051f1 00:0000 5 j 0x000049e3
0x000051f1 0x0000520b 00:0000 26 j 0x00004d93
0x0000520b 0x0000522c 00:0000 33 j 0x00004d93
0x0000522c 0x0000523b 00:0000 15 j 0x00004b16
0x0000523b 0x00005249 00:0000 14 j 0x00004eca
0x00005249 0x00005257 00:0000 14 j 0x00004fdb
0x00005257 0x00005289 00:0000 50 j 0x00005289
0x00005289 0x000052a4 00:0000 27 j 0x000052a4
0x000052a4 0x000052c3 00:0000 31
0x000052c3 0x000052e2 00:0000 31
0x000052e2 0x00005301 00:0000 31
0x00005301 0x00005306 00:0000 5
0x00005306 0x0000533a 00:0000 52
EOF
RUN

NAME=x86_64 main() jmptbl in bins/elf/analysis/ls-alxchk
FILE=bins/elf/analysis/ls-alxchk
CMDS=<<EOF
e asm.bytes=false
e analysis.jmp.tbl=true
s main
aF
pd 3 @ 0x3ec1
EOF
EXPECT=<<EOF
|           0x00003ec1      add   rax, rbx
|           ;-- switch
|           0x00003ec4      jmp   rax                                  ; switch table (275 cases) at 0x172d8
|           ; CODE XREF from main @ 0x3ec4
|           ;-- case 110:                                              ; from 0x3ec4
|           0x00003ec6      mov   byte [0x00021260], 1                 ; [0x21260:1]=0
EOF
RUN

NAME=aac pe trampoline fcn name 64bit
FILE=bins/pe/testx64.exe
CMDS=<<EOF
e asm.bytes=true
e analysis.autoname=false
aac
pd 1 @ 0x140001970
EOF
EXPECT=<<EOF
|           0x140001970      e8d1040000     call  sub.KERNEL32.dll_IsProcessorFeaturePresent ; BOOL IsProcessorFeaturePresent(DWORD ProcessorFeature)
EOF
RUN

NAME=block takeover
FILE=bins/elf/static-glibc-2.27
CMDS=<<EOF
e asm.comments=false
e asm.bytes=true
e asm.var=false
aac
pdr @ 0x00487350
s 0x0040f710
afvx
aei
aeim
ar rsi=0x1111111111111111
11ds
afvd
EOF
EXPECT=<<EOF
/ fcn.00487350();
| 0x00487350      8b8710030000   mov   eax, dword [rdi + 0x310]
| 0x00487356      48b900000000.  movabs rcx, 0x200000000
| 0x00487360      8d50ff         lea   edx, [rax - 1]
| 0x00487363      48b8ffffffff.  movabs rax, 0x3ffffffff
| 0x0048736d      899710030000   mov   dword [rdi + 0x310], edx
| 0x00487373      482387100300.  and   rax, qword [rdi + 0x310]
| 0x0048737a      4839c8         cmp   rax, rcx
| 0x0048737d      7411           je    0x487390
| ----------- true: 0x00487390  false: 0x0048737f
| 0x0048737f      f605d2542300.  test  byte [0x006bc858], 0x40
| 0x00487386      7525           jne   0x4873ad
| ----------- true: 0x004873ad  false: 0x00487388
| 0x00487388      f3c3           repz  ret

| 0x00487390      8b05ea4d2300   mov   eax, dword [0x006bc180]
| 0x00487396      85c0           test  eax, eax
| 0x00487398      7426           je    0x4873c0
| ----------- true: 0x004873c0  false: 0x0048739a
| 0x0048739a      f605b7542300.  test  byte [0x006bc858], 0x40
| 0x004873a1      c705d54d2300.  mov   dword [0x006bc180], 2
| 0x004873ab      74db           je    0x487388
| ----------- true: 0x00487388  false: 0x004873ad
| 0x004873ad      488b7708       mov   rsi, qword [rdi + 8]
| 0x004873b1      488d3dd03502.  lea   rdi, str.closing_file__s__direct_opencount__u
| 0x004873b8      31c0           xor   eax, eax
| 0x004873ba      e9b16cffff     jmp   fcn.0047e070
| ----------- true: 0x0047e070
| 0x004873c0      400fb6f6       movzx esi, sil
\ 0x004873c4      e937f1ffff     jmp   fcn.00486500
| ----------- true: 0x00486500
afvR
  var_118h  0x40f790,0x40f839
  var_108h  0x40f7c1
  var_110h  0x40f78c,0x40f835
  var_11ch  0x40f86e
  var_100h  0x40f7d4
  var_111h  0x40f7a6
afvW
  var_118h  0x40f728
  var_108h  0x40f735
  var_110h  0x40f79b,0x40f843
  var_11ch  0x40f866
  var_100h
  var_111h
var var_118h = 0x00177fc0 = (qword)0x1111111111111111
var var_108h = 0x00177fd0 = (qword)0x0000000000000000
var var_110h = 0x00177fc8 = (qword)0x0000000000000000
var var_11ch = 0x00177fbc = (qword)0x1111111100000000
var var_100h = 0x00177fd8 = (qword)0x0000000000000000
var var_111h = 0x00177fc7 = (qword)0x0000000000000011
EOF
RUN

NAME=aaa with avra
FILE=bins/elf/class_test
CMDS=<<EOF
aaa
avra
EOF
EXPECT=<<EOF
Type Info at 0x08048f4c:
  Type Info type: __vmi_class_type_info
  Belongs to class vtable: 0x08048edc
  Reference to RTTI's type class: 0x0804b140
  Reference to type's name: 0x08048f6c
  Type Name: Bat
  Name unique: true
  Flags: 0x0
  Count of base classes: 0x2
    Base class type descriptor address: 0x08048f74
    Base class flags: 0x2
    Base class type descriptor address: 0x08048fac
    Base class flags: 0x402

Type Info at 0x08048f4c:
  Type Info type: __vmi_class_type_info
  Belongs to class vtable: 0x08048ef0
  Reference to RTTI's type class: 0x0804b140
  Reference to type's name: 0x08048f6c
  Type Name: Bat
  Name unique: true
  Flags: 0x0
  Count of base classes: 0x2
    Base class type descriptor address: 0x08048f74
    Base class flags: 0x2
    Base class type descriptor address: 0x08048fac
    Base class flags: 0x402

Type Info at 0x08048f74:
  Type Info type: __class_type_info
  Belongs to class vtable: 0x08048f04
  Reference to RTTI's type class: 0x0804b048
  Reference to type's name: 0x08048f7c
  Type Name: Bird
  Name unique: true

Type Info at 0x08048f84:
  Type Info type: __si_class_type_info
  Belongs to class vtable: 0x08048f18
  Reference to RTTI's type class: 0x0804b114
  Reference to type's name: 0x08048f90
  Type Name: Dog
  Name unique: true
  Reference to parent's type info: 0x08048fac

Type Info at 0x08048f98:
  Type Info type: __si_class_type_info
  Belongs to class vtable: 0x08048f2c
  Reference to RTTI's type class: 0x0804b114
  Reference to type's name: 0x08048fa4
  Type Name: Cat
  Name unique: true
  Reference to parent's type info: 0x08048fac

Type Info at 0x08048fac:
  Type Info type: __class_type_info
  Belongs to class vtable: 0x08048f40
  Reference to RTTI's type class: 0x0804b048
  Reference to type's name: 0x08048fb4
  Type Name: Mammal
  Name unique: true

EOF
RUN

NAME=sym is not fcn
FILE=bins/mach0/mach0-i386
CMDS=<<EOF
aa > /dev/null
afl~sym.__mh_execute_header[0]
EOF
EXPECT=<<EOF
EOF
RUN


NAME=call-convention
FILE=bins/elf/analysis/x86-simple
CMDS=<<EOF
aa
s entry0
afc stdcall
afi~call-convention
EOF
EXPECT=<<EOF
call-convention: stdcall
EOF
RUN

NAME=function address
FILE=bins/mach0/mach0-i386
CMDS=<<EOF
e analysis.hasnext=0
aa
afo @ sym._foo
afo @ sym._bar
EOF
EXPECT=<<EOF
0x00001f50
0x00001f00
EOF
RUN

NAME=afr
FILE=bins/mach0/mach0-i386
CMDS=<<EOF
e analysis.hasnext=0
afr
afl
EOF
EXPECT=<<EOF
0x00001f00    4 73           sym._bar
0x00001f50    1 47           sym._foo
0x00001f80    1 41           main
EOF
RUN

NAME=aF
FILE=bins/mach0/mach0-i386
CMDS=<<EOF
e analysis.hasnext=0
aF
afl
EOF
EXPECT=<<EOF
0x00001f80    1 41           main
EOF
RUN

NAME=function prelude offsets
FILE=bins/mach0/mach0-i386
CMDS=<<EOF
s 0x1000
aap
afl~[0]
EOF
EXPECT=<<EOF
0x00001f00
0x00001f50
0x00001f80
EOF
RUN

NAME=function preludes symbol names
FILE=bins/mach0/mach0-i386
CMDS=<<EOF
s 0x1000
aap
afl
EOF
EXPECT=<<EOF
0x00001f00    4 73           sym._bar
0x00001f50    1 47           sym._foo
0x00001f80    1 41           main
EOF
RUN


NAME=af-*
FILE=bins/elf/analysis/main
CMDS=<<EOF
aa
af-*
afl
EOF
EXPECT=<<EOF
EOF
RUN

NAME=iS. and iSj. implementation
FILE=bins/elf/lab1B
CMDS=<<EOF
s 0x188
iS.
s 0x08058000
iS.
s 0x760
iS.j
EOF
EXPECT=<<EOF
paddr      size vaddr      vsize align perm name               type flags 
--------------------------------------------------------------------------
0x00000188 0x24 0x08048188 0x24  0x0   -r-- .note.gnu.build-id NOTE alloc
paddr size vaddr vsize align perm name type flags 
--------------------------------------------------
[{"name":".plt","size":240,"vsize":240,"perm":"-r-x","type":"PROGBITS","flags":["alloc","execute"],"paddr":1888,"vaddr":134514528}]
EOF
RUN

NAME=iE and iE. implementation
FILE=bins/elf/lab1B
CMDS=<<EOF
s 0x080489b9
iE.
s 0x080489a6
sd +5
is.j
EOF
EXPECT=<<EOF
nth paddr      vaddr      bind   type size lib name    
-------------------------------------------------------
22  0x000009b7 0x080489b7 GLOBAL FUNC 189      decrypt
[{"name":"prog_timeout","flagname":"sym.prog_timeout","realname":"prog_timeout","ordinal":35,"bind":"GLOBAL","size":17,"type":"FUNC","vaddr":134515110,"paddr":2470,"is_imported":false,"lib":""}]
EOF
RUN

NAME=address information
FILE=bins/mach0/mach0-i386
CMDS=<<EOF
s entry0
ai
s sym.__mh_execute_header
ai
EOF
EXPECT=<<EOF
exec
read
flag
exec
read
flag
EOF
RUN

NAME=af x86-64
FILE=malloc://16
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
wx 662e0f1f840000000000
ao 1~size[1]
EOF
EXPECT=<<EOF
10
EOF
RUN

NAME=analysis/fcn_name
FILE=bins/elf/analysis/main-g
CMDS=<<EOF
s 0x0040042c
af
pd 1~sym.call_gmon_start:0
EOF
EXPECT=<<EOF
/ sym.call_gmon_start();
EOF
RUN

NAME=analysis/fcn_subname
FILE=bins/elf/analysis/main-g
CMDS=<<EOF
s 0x0040042c
af
afi~name
pd 1~sym.call_gmon_start:0
EOF
EXPECT=<<EOF
name: sym.call_gmon_start
/ sym.call_gmon_start();
EOF
RUN

NAME=analysis/name
FILE=bins/mach0/ls-osx-x86_64
CMDS=<<EOF
af
afi~name
EOF
EXPECT=<<EOF
name: main
EOF
RUN

NAME=analysis hasnext on main
FILE=bins/elf/true32
CMDS=<<EOF
e analysis.hasnext=true
af @ main
afi @ main~size
EOF
EXPECT=<<EOF
size: 261
EOF
RUN

NAME=analysis without hasnext on main
FILE=bins/elf/true32
CMDS=<<EOF
e analysis.hasnext=false
af @ main
afi @ main~size
EOF
EXPECT=<<EOF
size: 261
EOF
RUN

NAME=ahe
FILE=malloc://512
CMDS=<<EOF
e asm.bits=64
e asm.arch=x86
e analysis.arch=x86
ao~?
ahe test
ao~esil
EOF
EXPECT=<<EOF
19
esilcost: 0
esil: test
EOF
RUN

NAME=ahe2
FILE=malloc://512
CMDS=<<EOF
ahe test
ao~^esil
EOF
EXPECT=<<EOF
esilcost: 0
esil: test
EOF
RUN

NAME=ahe 33,rax,=
FILE=malloc://512
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
wx 000000
ahe 33,rax,=
aes
ar rax
EOF
EXPECT=<<EOF
rax = 0x0000000000000021
EOF
RUN

NAME=delete memory format with Cf-
FILE=bins/dmg/src/Hello
CMDS=<<EOF
e asm.bytes=true
e asm.arch=x86
e asm.bits=64
pd 1
Cf 1 x
pd 1
Cf-
pd 1
EOF
EXPECT=<<EOF
            0x00000000      57             push  rdi
            0x00000000 pf x # size=1
0x00000000 = 0x6c726f57
            0x00000000      57             push  rdi
EOF
RUN

NAME=reflines offset 2 (ascii)
FILE=bins/elf/analysis/ls-alxchk
CMDS=<<EOF
e analysis.jmp.cref=true
e asm.sub.rel=false
e asm.bytes=false
e asm.hint.lea=false
e scr.utf8=false
e scr.color=false
s $S
aaa >/dev/null
s 0x000113bd
pd 28
EOF
EXPECT=<<EOF
|       ,=< 0x000113bd      je    0x1144e
|       |   0x000113c3      mov   esi, 0x2f                            ; '/' ; int c
|       |   0x000113c8      call  sym.imp.strrchr                      ; char *strrchr(const char *s, int c)
|       |   0x000113cd      test  rax, rax
|      ,==< 0x000113d0      je    0x11424
|      ||   0x000113d2      lea   rdx, [rax + 1]
|      ||   0x000113d6      mov   rcx, rdx
|      ||   0x000113d9      sub   rcx, rbx
|      ||   0x000113dc      cmp   rcx, 6
|     ,===< 0x000113e0      jle   0x11424
|     |||   0x000113e2      lea   rsi, [rax - 6]
|     |||   0x000113e6      mov   ecx, 7
|     |||   0x000113eb      lea   rdi, [rip + 0x7ebb]                  ; str..libs
|     |||                                                              ; 0x192ad ; "/.libs/"
|     |||   0x000113f2      repe  cmpsb byte [rsi], byte ptr [rdi]
|    ,====< 0x000113f4      jne   0x11424
|    ||||   0x000113f6      mov   ecx, 3
|    ||||   0x000113fb      mov   rsi, rdx
|    ||||   0x000113fe      mov   rbx, rdx
|    ||||   0x00011401      lea   rdi, [rip + 0x7ead]                  ; data.000192b5
|    ||||                                                              ; 0x192b5 ; "lt-"
|    ||||   0x00011408      repe  cmpsb byte [rsi], byte ptr [rdi]
|    ||||   0x0001140a      seta  sil
|    ||||   0x0001140e      setb  cl
|    ||||   0x00011411      cmp   sil, cl
|   ,=====< 0x00011414      jne   0x11424
|   |||||   0x00011416      lea   rbx, [rax + 4]
|   |||||   0x0001141a      mov   rax, qword [rip + 0xdeaf]            ; reloc.program_invocation_short_name
|   |||||                                                              ; [0x1f2d0:8]=0x21ba0 reloc.target.program_invocation_short_name
|   |||||   0x00011421      mov   qword [rax], rbx
|   |||||   ; CODE XREFS from fcn.00011390 @ 0x113d0, 0x113e0, 0x113f4, 0x11414
|   ````--> 0x00011424      mov   rax, qword [rip + 0xde3d]            ; data.0001f268
|       |                                                              ; [0x1f268:8]=0x21680
EOF
RUN

NAME=reflines offset 3 (ascii)
FILE=bins/elf/analysis/ls-alxchk
CMDS=<<EOF
e analysis.jmp.cref=true
e asm.sub.rel=false
e asm.bytes=false
e asm.hint.lea=false
e scr.utf8=false
e scr.color=false
s $S
aaa >/dev/null
s 0x00003ca6
pd 19
EOF
EXPECT=<<EOF
|           0x00003ca6      cmp   eax, 2
|       ,=< 0x00003ca9      je    0x45ec
|       |   0x00003caf      cmp   eax, 3
|      ,==< 0x00003cb2      je    0x3ce3
|      ||   0x00003cb4      sub   eax, 1
|     ,===< 0x00003cb7      je    0x3cbe
|     |||   ; CODE XREFS from main @ 0x58bc, 0x58d2
|     |||   ;-- default:                                               ; from 0x58d2
|     |||   0x00003cb9      call  sym.imp.abort                        ; void abort(void)
|     |||   ; CODE XREF from main @ 0x3cb7
|     `---> 0x00003cbe      mov   edi, 1                               ; int fd
|      ||   0x00003cc3      call  sym.imp.isatty                       ; int isatty(int fd)
|      ||   0x00003cc8      test  eax, eax
|     ,===< 0x00003cca      je    0x4c2e
|     |||   0x00003cd0      mov   dword [rip + 0x1d626], 2             ; data.00021300
|     |||                                                              ; [0x21300:4]=0
|     |||   0x00003cda      mov   byte [rip + 0x1d33f], 1              ; data.00021020
|     |||                                                              ; [0x21020:1]=0
|    ,====< 0x00003ce1      jmp   0x3cf9
|    ||||   ; CODE XREF from main @ 0x3cb2
|    ||`--> 0x00003ce3      mov   esi, 5                               ; int64_t arg2
|    || |   0x00003ce8      xor   edi, edi                             ; int64_t arg1
|    || |   0x00003cea      mov   dword [rip + 0x1d60c], 0             ; data.00021300
|    || |                                                              ; [0x21300:4]=0
|    || |   0x00003cf4      call  fcn.00012740
|    || |   ; CODE XREFS from main @ 0x3ce1, 0x4602, 0x4c38
|    `----> 0x00003cf9      lea   rdi, [rip + 0x14fb4]                 ; str.QUOTING_STYLE
|     | |                                                              ; 0x18cb4 ; "QUOTING_STYLE" ; const char *name
EOF
RUN

NAME=reflines offset 3 (ascii + wide)
FILE=bins/elf/analysis/ls-alxchk
CMDS=<<EOF
e analysis.jmp.cref=true
e asm.sub.rel=false
e asm.bytes=false
e asm.hint.lea=false
e scr.utf8=false
e scr.color=false
e asm.lines.wide=true
s $S
aaa >/dev/null
s 0x00003ca6
pd 19
EOF
EXPECT=<<EOF
|           0x00003ca6      cmp   eax, 2
|      ,==< 0x00003ca9      je    0x45ec
|      |    0x00003caf      cmp   eax, 3
|    ,====< 0x00003cb2      je    0x3ce3
|    | |    0x00003cb4      sub   eax, 1
|  ,======< 0x00003cb7      je    0x3cbe
|  | | |    ; CODE XREFS from main @ 0x58bc, 0x58d2
|  | | |    ;-- default:                                               ; from 0x58d2
|  | | |    0x00003cb9      call  sym.imp.abort                        ; void abort(void)
|  | | |    ; CODE XREF from main @ 0x3cb7
|  `------> 0x00003cbe      mov   edi, 1                               ; int fd
|    | |    0x00003cc3      call  sym.imp.isatty                       ; int isatty(int fd)
|    | |    0x00003cc8      test  eax, eax
|  ,======< 0x00003cca      je    0x4c2e
|  | | |    0x00003cd0      mov   dword [rip + 0x1d626], 2             ; data.00021300
|  | | |                                                               ; [0x21300:4]=0
|  | | |    0x00003cda      mov   byte [rip + 0x1d33f], 1              ; data.00021020
|  | | |                                                               ; [0x21020:1]=0
| ========< 0x00003ce1      jmp   0x3cf9
|  | | |    ; CODE XREF from main @ 0x3cb2
|  | `----> 0x00003ce3      mov   esi, 5                               ; int64_t arg2
|  |   |    0x00003ce8      xor   edi, edi                             ; int64_t arg1
|  |   |    0x00003cea      mov   dword [rip + 0x1d60c], 0             ; data.00021300
|  |   |                                                               ; [0x21300:4]=0
|  |   |    0x00003cf4      call  fcn.00012740
|  |   |    ; CODE XREFS from main @ 0x3ce1, 0x4602, 0x4c38
| --------> 0x00003cf9      lea   rdi, [rip + 0x14fb4]                 ; str.QUOTING_STYLE
|  |   |                                                               ; 0x18cb4 ; "QUOTING_STYLE" ; const char *name
EOF
RUN

NAME=reflines offset 4 (ascii + wide)
FILE=bins/elf/analysis/ls-alxchk
CMDS=<<EOF
e analysis.jmp.cref=true
e asm.sub.rel=false
e asm.bytes=false
e asm.hint.lea=false
e scr.utf8=false
e scr.color=false
e asm.lines.wide=true
aaa >/dev/null
s 0x00003ca6
pd 19
EOF
EXPECT=<<EOF
|           0x00003ca6      cmp   eax, 2
|      ,==< 0x00003ca9      je    0x45ec
|      |    0x00003caf      cmp   eax, 3
|    ,====< 0x00003cb2      je    0x3ce3
|    | |    0x00003cb4      sub   eax, 1
|  ,======< 0x00003cb7      je    0x3cbe
|  | | |    ; CODE XREFS from main @ 0x58bc, 0x58d2
|  | | |    ;-- default:                                               ; from 0x58d2
|  | | |    0x00003cb9      call  sym.imp.abort                        ; void abort(void)
|  | | |    ; CODE XREF from main @ 0x3cb7
|  `------> 0x00003cbe      mov   edi, 1                               ; int fd
|    | |    0x00003cc3      call  sym.imp.isatty                       ; int isatty(int fd)
|    | |    0x00003cc8      test  eax, eax
|  ,======< 0x00003cca      je    0x4c2e
|  | | |    0x00003cd0      mov   dword [rip + 0x1d626], 2             ; data.00021300
|  | | |                                                               ; [0x21300:4]=0
|  | | |    0x00003cda      mov   byte [rip + 0x1d33f], 1              ; data.00021020
|  | | |                                                               ; [0x21020:1]=0
| ========< 0x00003ce1      jmp   0x3cf9
|  | | |    ; CODE XREF from main @ 0x3cb2
|  | `----> 0x00003ce3      mov   esi, 5                               ; int64_t arg2
|  |   |    0x00003ce8      xor   edi, edi                             ; int64_t arg1
|  |   |    0x00003cea      mov   dword [rip + 0x1d60c], 0             ; data.00021300
|  |   |                                                               ; [0x21300:4]=0
|  |   |    0x00003cf4      call  fcn.00012740
|  |   |    ; CODE XREFS from main @ 0x3ce1, 0x4602, 0x4c38
| --------> 0x00003cf9      lea   rdi, [rip + 0x14fb4]                 ; str.QUOTING_STYLE
|  |   |                                                               ; 0x18cb4 ; "QUOTING_STYLE" ; const char *name
EOF
RUN

NAME=reflines in noreturn
FILE=bins/elf/analysis/ls-alxchk
CMDS=<<EOF
e asm.sub.rel=false
e asm.bytes=false
e asm.hint.lea=false
e scr.utf8=false
e scr.color=false
e asm.lines.wide=true
e asm.comments=0
aaa >/dev/null
s 0x00012740
pdf
EOF
EXPECT=<<EOF
/ fcn.00012740(int64_t arg1, int64_t arg2);
|           ; arg int64_t arg1 @ rdi
|           ; arg int64_t arg2 @ rsi
|           ; var int64_t var_10h @ stack - 0x10
|           0x00012740      push  rbp
|           0x00012741      mov   rbp, rsp
|           0x00012744      sub   rsp, 0x1030
|           0x0001274b      or    qword [rsp], 0
|           0x00012750      add   rsp, 0x1020
|           0x00012757      mov   rax, qword fs:[0x28]
|           0x00012760      mov   qword [var_10h], rax
|           0x00012764      xor   eax, eax
|           0x00012766      lea   rax, [rip + 0xf033]
|           0x0001276d      test  rdi, rdi
|           0x00012770      cmovne rax, rdi
|           0x00012774      mov   dword [rax], esi
|           0x00012776      mov   rax, qword [var_10h]
|           0x0001277a      xor   rax, qword fs:[0x28]
|      ,==< 0x00012783      jne   0x12787
|      |    0x00012785      leave
|      |    0x00012786      ret
\      `--> 0x00012787      call  sym.imp.__stack_chk_fail
EOF
RUN

NAME=⁝ and XREF cmt
FILE=bins/elf/strenc-ctrlchars
CMDS=<<EOF
e scr.utf8=true
e asm.bytes=false
s main
af
s sym.imp.puts
echo
pd 3
EOF
EXPECT=<<EOF

        ╎   ; CALL XREF from main @ 0x400406
┌ int sym.imp.puts(const char *s);
└       ╎   0x004003f0      jmp   qword [reloc.puts]                   ; [0x601018:8]=0x4003f6
        ╎   0x004003f6      push  0
        └─< 0x004003fb      jmp   sym..plt
EOF
RUN

NAME=stackptr
FILE=bins/mach0/mac-ls
CMDS=<<EOF
s 0x1000039b6
af
e asm.lines.bb=false
e asm.lines.fcn=false
e asm.stackptr=true
e asm.comments=false
pdr~0x100003b27
pdf~0x100003b27
pdr~0x100003b3d
pdr~0x100003b3e
pdr~0x100003b40
pdr~0x100003b42
pdr~0x100003b44
pdr~0x100003b46
EOF
EXPECT=<<EOF
0x100003b27  -104            add   rsi, 0xc
0x100003b27  -104            add   rsi, 0xc
0x100003b3d   -48 += 8       pop   rbx
0x100003b3e   -40 += 8       pop   r12
0x100003b40   -32 += 8       pop   r13
0x100003b42   -24 += 8       pop   r14
0x100003b44   -16 += 8       pop   r15
0x100003b46    -8 += 8       pop   rbp
EOF
RUN

NAME=auto string memory reference (iopa)
FILE=malloc://8096
CMDS=<<EOF
e asm.sub.rel=false
e asm.arch=x86
e asm.bits=64
e scr.color=false
e io.va=0
e asm.lines.bb=0
e asm.bytes=0
e asm.cmt.right=10
wx 488b3541100000
wv8 0x500 @ 0x1048
w Hello @ 0x500
pd 1
EOF
EXPECT=<<EOF
  ; [0x1048:8]=0x500 "Hello"
  0x00000000      mov rsi, qword [rip + 0x1041]
EOF
RUN

NAME=auto string memory reference (io.va)
FILE=malloc://8096
CMDS=<<EOF
e asm.sub.rel=false
e asm.arch=x86
e asm.bits=64
e scr.color=false
e io.va=1
e asm.lines.bb=0
e asm.bytes=0
e asm.cmt.right=10
wx 488b3541100000
wv8 0x500 @ 0x1048
w Hello @ 0x500
pd 1
EOF
EXPECT=<<EOF
  ; [0x1048:8]=0x500 "Hello"
  0x00000000      mov rsi, qword [rip + 0x1041]
EOF
RUN

NAME=Basic type Matching
FILE=bins/elf/analysis/x86-helloworld-gcc
CMDS=<<EOF
s sym.main
aa
aei
aeim
td int puts(char *s);
aft
s 0x08048409
pd 1~char *s?
EOF
EXPECT=<<EOF
1
EOF
RUN

NAME=Mixed reg/stack callee arguments type matching
FILE=bins/pe/testapp-msvc64.exe
CMDS=<<EOF
e asm.bytes=true
s 0x14000b54c
aei
aeim
af
aft
pdf
EOF
EXPECT=<<EOF
            ;-- rip:
/ fcn.14000b54c();
|           ; var DWORD dwCreationDisposition @ stack - 0x28
|           ; var DWORD dwFlagsAndAttributes @ stack - 0x20
|           ; var HANDLE hTemplateFile @ stack - 0x18
|           0x14000b54c      4883ec48       sub   rsp, 0x48
|           0x14000b550      488364243000   and   qword [hTemplateFile], 0 ; HANDLE hTemplateFile
|           0x14000b556      488d0da37300.  lea   rcx, str.CONOUT      ; 0x140012900 ; u"CONOUT$" ; LPCWSTR lpFileName
|           0x14000b55d      8364242800     and   dword [dwFlagsAndAttributes], 0 ; DWORD dwFlagsAndAttributes
|           0x14000b562      41b803000000   mov   r8d, 3               ; DWORD dwShareMode
|           0x14000b568      4533c9         xor   r9d, r9d             ; LPSECURITY_ATTRIBUTES lpSecurityAttributes
|           0x14000b56b      4489442420     mov   dword [dwCreationDisposition], r8d ; DWORD dwCreationDisposition
|           0x14000b570      ba00000040     mov   edx, 0x40000000      ; DWORD dwDesiredAccess
|           0x14000b575      ff158d1c0000   call  qword [sym.imp.KERNEL32.dll_CreateFileW] ; [sym.imp.KERNEL32.dll_CreateFileW:8]=0x1579e reloc.KERNEL32.dll_CreateFileW ; HANDLE CreateFileW(LPCWSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile)
|           0x14000b57b      4889057eb400.  mov   qword [0x140016a00], rax ; [0x140016a00:8]=-2
|           0x14000b582      4883c448       add   rsp, 0x48
\           0x14000b586      c3             ret
EOF
RUN

NAME=call not function
FILE=bins/pe/crackme0x00.exe
CMDS=<<EOF
aa
s sym._main
aei
aeim
td "int strcmp(char *s1, char *s2);"
tfc strcmp stdcall
aft
s 0x00401370
pd 1~char *s1?
s 0x00401368
pd 1~char *s2?
EOF
EXPECT=<<EOF
1
1
EOF
RUN

NAME=Settings global calling convention
FILE=bins/pe/msvcfindmain.exe
CMDS=<<EOF
e analysis.cc=pascal
aaa
afi @@F~?pascal
EOF
EXPECT=<<EOF
65
EOF
RUN

NAME=1: Wrong calling convention
FILE=bins/pe/crackme0x00.exe
CMDS=<<EOF
s entry0
af
td "int CRTStartup(int who_cares);"
tfc CRTStartup THE_CC_THAT_NEVER_EXISTED
aei
aeim
EOF
EXPECT=<<EOF
EOF
RUN

NAME=2: Wrong calling convention
FILE=bins/mach0/ls-osx-x86_64
CMDS=<<EOF
s entry0
aaa
Ct. @ 0x100001413
Ct. @ 0x10000145b
Ct. @ 0x100001460
EOF
EXPECT=<<EOF
int category
int fd
unsigned long request
EOF
RUN

NAME=Function definition (autorename)
FILE=bins/pe/hello-mingw32
CMDS=<<EOF
aaa
s 0x00401255
pd 1~?ExitProcess\(UINT
EOF
EXPECT=<<EOF
1
EOF
RUN

NAME=Function definition indirect calls
FILE=bins/pe/msvcfindmain.exe
CMDS=<<EOF
aaa
pd 1 @ 0x004012c0 ~?dword
EOF
EXPECT=<<EOF
1
EOF
RUN

NAME=Function definition
FILE=bins/elf/ioli/crackme0x00
CMDS=<<EOF
aaa
s 0x08048469
pd 1~?strcmp\(const
EOF
EXPECT=<<EOF
1
EOF
RUN

NAME=afvt
FILE=bins/mach0/arg
CMDS=<<EOF
s sym._call
af
afvl
EOF
EXPECT=<<EOF
var int64_t var_1ch @ stack - 0x1c
var int64_t var_18h @ stack - 0x18
var int64_t var_10h @ stack - 0x10
arg int64_t arg1 @ rdi
arg int64_t arg2 @ rsi
EOF
RUN

NAME=afvt
FILE=bins/mach0/macho
CMDS=<<EOF
s 0x100000b60
af
afvl~var_30h
afvt var_30h char
afvl~var_30h
EOF
EXPECT=<<EOF
var int64_t var_30h @ stack - 0x30
var char var_30h @ stack - 0x30
EOF
RUN

NAME=afvn
FILE=bins/mach0/macho
CMDS=<<EOF
s 0x100000b60
af
afvl~var_30h
afvn mylocal var_30h
afvl~mylocal
EOF
EXPECT=<<EOF
var int64_t var_30h @ stack - 0x30
var int64_t mylocal @ stack - 0x30
EOF
RUN

NAME=afvn + afvn
FILE=bins/mach0/macho
CMDS=<<EOF
s 0x100000b60
af
afvl~var_30h
afvn mylocal var_30h
afvn var_30h mylocal
afvl~var_30h
EOF
EXPECT=<<EOF
var int64_t var_30h @ stack - 0x30
var int64_t var_30h @ stack - 0x30
EOF
RUN

NAME=afvt + afvn
FILE=bins/mach0/macho
CMDS=<<EOF
s 0x100000b60
af
afvl~var_30h
afvn mylocal var_30h
afvt mylocal char
afvl~mylocal
EOF
EXPECT=<<EOF
var int64_t var_30h @ stack - 0x30
var char mylocal @ stack - 0x30
EOF
RUN

NAME=afvn + afvt
FILE=bins/mach0/macho
CMDS=<<EOF
s 0x100000b60
af
afvl~var_30h
afvt var_30h char
afvn mylocal var_30h
afvl~mylocal
EOF
EXPECT=<<EOF
var int64_t var_30h @ stack - 0x30
var char mylocal @ stack - 0x30
EOF
RUN

NAME=afvt + afvt
FILE=bins/mach0/macho
CMDS=<<EOF
s 0x100000b60
af
afvl~var_30h
afvt var_30h char
afvt var_30h int
afvl~var_30h
EOF
EXPECT=<<EOF
var int64_t var_30h @ stack - 0x30
var int var_30h @ stack - 0x30
EOF
RUN


NAME=afva for fastcall with no esp vars
FILE=bins/elf/analysis/fast
CMDS=<<EOF
e asm.bytes=true
aa
s sym.fastcaslled
afc fastcall
afc
afva
pdf
EOF
EXPECT=<<EOF
fastcall
            ; CALL XREF from main @ 0x80484c7
/ sym.fastcaslled(int32_t arg1, int32_t arg2, int32_t arg_4h, int32_t arg_8h);
|           ; arg int32_t arg1 @ ecx
|           ; arg int32_t arg2 @ edx
|           ; var int32_t var_24h @ stack - 0x24
|           ; var int32_t var_20h @ stack - 0x20
|           ; var int32_t var_14h @ stack - 0x14
|           ; var int32_t var_10h @ stack - 0x10
|           ; arg int32_t arg_4h @ stack + 0x4
|           ; arg int32_t arg_8h @ stack + 0x8
|           0x0804841b      55             push  ebp
|           0x0804841c      89e5           mov   ebp, esp
|           0x0804841e      83ec28         sub   esp, 0x28
|           0x08048421      894de4         mov   dword [var_20h], ecx  ; arg1
|           0x08048424      8955e0         mov   dword [var_24h], edx  ; arg2
|           0x08048427      8b55e4         mov   edx, dword [var_20h]
|           0x0804842a      8b45e0         mov   eax, dword [var_24h]
|           0x0804842d      01d0           add   eax, edx
|           0x0804842f      8945f4         mov   dword [var_10h], eax
|           0x08048432      8b45e0         mov   eax, dword [var_24h]
|           0x08048435      2b450c         sub   eax, dword [arg_8h]
|           0x08048438      8945f0         mov   dword [var_14h], eax
|           0x0804843b      ff7508         push  dword [arg_4h]
|           0x0804843e      ff75f0         push  dword [var_14h]
|           0x08048441      ff75f4         push  dword [var_10h]
|           0x08048444      6874850408     push  str.i__i__i           ; 0x8048574 ; "%i %i %i\n"
|           0x08048449      e8a2feffff     call  sym.imp.printf        ; int printf(const char *format)
|           0x0804844e      83c410         add   esp, 0x10
|           0x08048451      90             nop
|           0x08048452      c9             leave
\           0x08048453      c20800         ret   8
EOF
RUN

NAME=afva for cdecl/stdcall with no esp vars
FILE=bins/elf/analysis/fast
CMDS=<<EOF
e asm.calls=false
e asm.bytes=true
aa
s sym.nonfastcaslled
afc
afva
pdf
EOF
EXPECT=<<EOF
cdecl
            ; CALL XREF from main @ 0x80484db
/ sym.nonfastcaslled(int32_t arg_4h, int32_t arg_8h, int32_t arg_ch, int32_t arg_10h);
|           ; var int32_t var_14h @ stack - 0x14
|           ; var int32_t var_10h @ stack - 0x10
|           ; arg int32_t arg_4h @ stack + 0x4
|           ; arg int32_t arg_8h @ stack + 0x8
|           ; arg int32_t arg_ch @ stack + 0xc
|           ; arg int32_t arg_10h @ stack + 0x10
|           0x08048456      55             push  ebp
|           0x08048457      89e5           mov   ebp, esp
|           0x08048459      83ec18         sub   esp, 0x18
|           0x0804845c      8b5508         mov   edx, dword [arg_4h]
|           0x0804845f      8b450c         mov   eax, dword [arg_8h]
|           0x08048462      01d0           add   eax, edx
|           0x08048464      8945f4         mov   dword [var_10h], eax
|           0x08048467      8b450c         mov   eax, dword [arg_8h]
|           0x0804846a      2b4514         sub   eax, dword [arg_10h]
|           0x0804846d      8945f0         mov   dword [var_14h], eax
|           0x08048470      ff7510         push  dword [arg_ch]
|           0x08048473      ff75f0         push  dword [var_14h]
|           0x08048476      ff75f4         push  dword [var_10h]
|           0x08048479      6874850408     push  str.i__i__i           ; 0x8048574 ; "%i %i %i\n"
|           0x0804847e      e86dfeffff     call  sym.imp.printf
|           0x08048483      83c410         add   esp, 0x10
|           0x08048486      90             nop
|           0x08048487      c9             leave
\           0x08048488      c3             ret
EOF
RUN

NAME=analysis vars crash
FILE==
CMDS=<<EOF
e asm.bytes=true
af
afvr-*
afvr-*
EOF
EXPECT=<<EOF
EOF
RUN

NAME=analysis vars crash 2
FILE==
CMDS=<<EOF
e asm.bytes=true
e asm.bits=64
e asm.arch=x86
e analysis.arch=x86
e asm.calls=false
wx 554889e5534881ec3810000048830c24004881c42010000064488b042528000000488945e831c04885ff4889fb909090909090c3 @ 10
aa
afvn new_1 old_1
afvn my_local var_20h
pd 1
EOF
EXPECT=<<EOF
/ fcn.00000000(int64_t arg1);
|           ; arg int64_t arg1 @ rdi
|           ; var int64_t my_local @ stack - 0x20
|           0x00000000      0000           add   byte [rax], al
EOF
RUN

NAME=afvs & afvn
FILE=bins/efi/bootia32.efi
CMDS=<<EOF
af
afvn ImageHandle arg_4h
afvn SystemTable arg_8h
afvs~?ImageHandle
afvs~?SystemTable
EOF
EXPECT=<<EOF
1
1
EOF
RUN

NAME=afvs* & afvn
FILE=bins/efi/bootia32.efi
CMDS=<<EOF
af
afvn ImageHandle arg_4h
afvn SystemTable arg_8h
afvs*~?ImageHandle
afvs*~?SystemTable
EOF
EXPECT=<<EOF
1
1
EOF
RUN

NAME=afvs idx... & afvn
FILE=bins/efi/bootia32.efi
CMDS=<<EOF
td "typedef void * EFI_HANDLE;"
af
afvs -0x10 ImageHandle EFI_HANDLE @ 0x10002d8d
afvs*~ImageHandle
EOF
EXPECT=<<EOF
afvs -16 ImageHandle EFI_HANDLE @ 0x10002d8d
EOF
RUN

NAME=afvsj
FILE=bins/efi/bootia32.efi
CMDS=<<EOF
td "typedef void * EFI_HANDLE;"
af
afvs -0x10 ImageHandle EFI_HANDLE @ 0x10002d8d
afvsj~?ImageHandle
EOF
EXPECT=<<EOF
1
EOF
RUN

NAME=afvs- ArgName
FILE=bins/efi/bootia32.efi
CMDS=<<EOF
td "typedef void * EFI_HANDLE;"
af
afvs -0x10 ImageHandle blah @ 0x10002d8d
afvs- ImageHandle
afvs~?ImageHandle
EOF
EXPECT=<<EOF
0
EOF
RUN

NAME=afvr & afvn
FILE=bins/efi/bootia32.efi
CMDS=<<EOF
af
afvr esi myreg int @ 0x10002d8d
afvr~?myreg
afvn blah myreg
afvr~?blah
EOF
EXPECT=<<EOF
1
1
EOF
RUN

NAME=afvr idx & afvr*
FILE=bins/efi/bootia32.efi
CMDS=<<EOF
af
afvr esi myreg int @ 0x10002d8d
afvr*~?myreg
afvr*~?int
EOF
EXPECT=<<EOF
1
1
EOF
RUN

NAME=afvr- name
FILE=bins/efi/bootia32.efi
CMDS=<<EOF
af
afvr esi myreg int @ 0x10002d8d
afvr- myreg
afvr~?myreg
EOF
EXPECT=<<EOF
0
EOF
RUN

NAME=afvs-* afvr-*
FILE=bins/efi/bootia32.efi
CMDS=<<EOF
af
afvs-*
afvr-*
afvs~?
afvr~?
EOF
EXPECT=<<EOF
0
0
EOF
RUN

NAME=analysis vars count
FILE=bins/mach0/ls-osx-x86_64
CMDS=<<EOF
af
afvs~?
EOF
EXPECT=<<EOF
13
EOF
RUN

NAME=analysis vars retype
FILE=bins/mach0/ls-osx-x86_64
CMDS=<<EOF
af
afvt var_38h char
afvs~_38h
EOF
EXPECT=<<EOF
var char var_38h @ stack - 0x38
EOF
RUN

NAME=analysis vars rename
FILE=bins/mach0/ls-osx-x86_64
CMDS=<<EOF
af
afvn newname var_38h
afvs~newname
EOF
EXPECT=<<EOF
var int64_t newname @ stack - 0x38
EOF
RUN

NAME=vars display in debugger
FILE=bins/elf/analysis/fast
CMDS=<<EOF
aa
s 0x0804843b
afvd arg_8h
afvd var_14h
EOF
EXPECT=<<EOF
arg arg_8h = 0x0000000c = -1
var var_14h = 0xfffffffffffffff0 = -1
EOF
RUN

NAME=afvR and afvW test
FILE=bins/elf/crackme0x05
CMDS=<<EOF
aa
s main
echo
afvR
afvW
EOF
EXPECT=<<EOF

   var_7ch  0x8048577,0x804858a
   var_88h
   var_7ch
   var_88h  0x804857a
EOF
RUN

NAME=axt avr
FILE=bins/firmware/main.avr
CMDS=<<EOF
e asm.bytes=true
f str.hello 12 @ 0x276
Csb 12 @ str.hello
axd 0x260 @ str.hello
pd 1 @ 0x260
EOF
EXPECT=<<EOF
            ; DATA XREF from str.hello @ 
            0x00000260      80e0           ldi   r24, 0x00
EOF
RUN

NAME=axt capstone x86
FILE=bins/elf/analysis/main
CMDS=<<EOF
e asm.arch=x86
e analysis.arch=x86
e scr.color=false
e scr.wheel=false
aa
axt @ str.Hello_World
EOF
EXPECT=<<EOF
main 0x40050a [DATA] mov edi, str.Hello_World
EOF
RUN

NAME=axt capstone x86: IOLI0
FILE=bins/elf/ioli/crackme0x00
CMDS=<<EOF
e asm.arch=x86
e analysis.arch=x86
e scr.color=false
e scr.wheel=false
aa
axt @ str.Password:
EOF
EXPECT=<<EOF
main 0x804843c [DATA] mov dword [esp], str.Password:
EOF
RUN

NAME=axt capstone x86: IOLI7 aa
FILE=bins/elf/ioli/crackme0x07
CMDS=<<EOF
aaa
axt @ sym.imp.exit
EOF
EXPECT=<<EOF
fcn.08048524 0x804853d [CALL] call sym.imp.exit
fcn.08048542 0x80485ab [CALL] call sym.imp.exit
(nofunc) 0x804866f [CALL] call sym.imp.exit
EOF
RUN

NAME=axt capstone x86: IOLI7 aa 2
FILE=bins/elf/ioli/crackme0x07
CMDS=<<EOF
aaaa
axt @ sym.imp.exit
EOF
EXPECT=<<EOF
fcn.08048524 0x804853d [CALL] call sym.imp.exit
fcn.08048542 0x80485ab [CALL] call sym.imp.exit
(nofunc) 0x804866f [CALL] call sym.imp.exit
EOF
RUN

NAME=axt respect subrel
FILE=bins/pe/ibknoreloc64.exe
CMDS=<<EOF
aaa
e asm.sub.rel=false
axt @ sym.imp.msvcrt.dll_printf
e asm.sub.rel=true
axt @ sym.imp.msvcrt.dll_printf
EOF
EXPECT=<<EOF
entry0 0xffffffffffff100a [CALL] call qword [rip + 0xd8]
entry0 0xffffffffffff100a [CALL] call qword [sym.imp.msvcrt.dll_printf]
EOF
RUN

NAME=ax-
FILE==
CMDS=<<EOF
ax 10 @ 20
axlq
ax- 10 20
axlq
EOF
EXPECT=<<EOF
0x00000014 -> 0x0000000a  UNKNOWN
EOF
RUN

NAME=ax-
FILE==
CMDS=<<EOF
s 20
ax 10
axlq
ax- 10
axlq
EOF
EXPECT=<<EOF
0x00000014 -> 0x0000000a  UNKNOWN
EOF
RUN

NAME=ax-*
FILE==
CMDS=<<EOF
ax 10
axl
ax-*
axl
EOF
EXPECT=<<EOF
                                       ? 0x0 ->   UNKNOWN -> 0xa
EOF
RUN

NAME=axt unknown function
FILE=bins/pe/lab11.malware
CMDS=<<EOF
aaa
axt @ fcn.00401270
EOF
EXPECT=<<EOF
(nofunc) 0x401a1d [CALL] call fcn.00401270
EOF
RUN

NAME=axf string ref capstone x86
FILE=bins/elf/ioli/crackme0x03
CMDS=<<EOF
e asm.arch=x86
e analysis.arch=x86
e scr.color=false
e scr.wheel=false
aa
axt @ str.Sdvvzrug_RN
s str.Sdvvzrug_RN
axt
axf @ 0x804848a
s 0x804848a
axf
EOF
EXPECT=<<EOF
sym.test 0x804848a [DATA] mov dword [esp], str.Sdvvzrug_RN
sym.test 0x804848a [DATA] mov dword [esp], str.Sdvvzrug_RN
d 0x80485fe str.Sdvvzrug_RN
d 0x80485fe str.Sdvvzrug_RN
EOF
RUN

NAME=x86 ref issue
FILE==
CMDS=<<EOF
e asm.bits=64
e asm.arch=x86
wx c7052a44000050000000
ao~^ptr[1]
EOF
EXPECT=<<EOF
0x00004434
EOF
RUN

NAME=aoj pushf
FILE==
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
wx 669c
aoj~{}
EOF
EXPECT=<<EOF
[
  {
    "opcode": "pushf",
    "disasm": "pushf",
    "pseudo": "pushf ",
    "description": "push flags register onto the stack",
    "mnemonic": "pushf",
    "mask": "ffff",
    "esil": "8,rsp,-=,eflags,rsp,=[8]",
    "rzil": {
      "opcode": "seq",
      "x": {
        "opcode": "set",
        "dst": "final",
        "src": {
          "opcode": "-",
          "x": {
            "opcode": "var",
            "value": "rsp"
          },
          "y": {
            "opcode": "bitv",
            "bits": "0x8",
            "len": 64
          }
        }
      },
      "y": {
        "opcode": "seq",
        "x": {
          "opcode": "storew",
          "mem": 0,
          "key": {
            "opcode": "var",
            "value": "final"
          },
          "value": {
            "opcode": "cast",
            "value": {
              "opcode": "|",
              "x": {
                "opcode": "<<",
                "x": {
                  "opcode": "|",
                  "x": {
                    "opcode": "<<",
                    "x": {
                      "opcode": "|",
                      "x": {
                        "opcode": "<<",
                        "x": {
                          "opcode": "|",
                          "x": {
                            "opcode": "<<",
                            "x": {
                              "opcode": "|",
                              "x": {
                                "opcode": "<<",
                                "x": {
                                  "opcode": "|",
                                  "x": {
                                    "opcode": "<<",
                                    "x": {
                                      "opcode": "|",
                                      "x": {
                                        "opcode": "<<",
                                        "x": {
                                          "opcode": "|",
                                          "x": {
                                            "opcode": "<<",
                                            "x": {
                                              "opcode": "|",
                                              "x": {
                                                "opcode": "<<",
                                                "x": {
                                                  "opcode": "|",
                                                  "x": {
                                                    "opcode": "<<",
                                                    "x": {
                                                      "opcode": "|",
                                                      "x": {
                                                        "opcode": "<<",
                                                        "x": {
                                                          "opcode": "|",
                                                          "x": {
                                                            "opcode": "<<",
                                                            "x": {
                                                              "opcode": "ite",
                                                              "condition": {
                                                                "opcode": "bool",
                                                                "value": false
                                                              },
                                                              "x": {
                                                                "opcode": "bitv",
                                                                "bits": "0x1",
                                                                "len": 16
                                                              },
                                                              "y": {
                                                                "opcode": "bitv",
                                                                "bits": "0x0",
                                                                "len": 16
                                                              }
                                                            },
                                                            "y": {
                                                              "opcode": "bitv",
                                                              "bits": "0x1",
                                                              "len": 16
                                                            },
                                                            "fill_bit": {
                                                              "opcode": "bool",
                                                              "value": false
                                                            }
                                                          },
                                                          "y": {
                                                            "opcode": "ite",
                                                            "condition": {
                                                              "opcode": "var",
                                                              "value": "nt"
                                                            },
                                                            "x": {
                                                              "opcode": "bitv",
                                                              "bits": "0x1",
                                                              "len": 16
                                                            },
                                                            "y": {
                                                              "opcode": "bitv",
                                                              "bits": "0x0",
                                                              "len": 16
                                                            }
                                                          }
                                                        },
                                                        "y": {
                                                          "opcode": "bitv",
                                                          "bits": "0x2",
                                                          "len": 16
                                                        },
                                                        "fill_bit": {
                                                          "opcode": "bool",
                                                          "value": false
                                                        }
                                                      },
                                                      "y": {
                                                        "opcode": "bitv",
                                                        "bits": "0x3",
                                                        "len": 16
                                                      }
                                                    },
                                                    "y": {
                                                      "opcode": "bitv",
                                                      "bits": "0x1",
                                                      "len": 16
                                                    },
                                                    "fill_bit": {
                                                      "opcode": "bool",
                                                      "value": false
                                                    }
                                                  },
                                                  "y": {
                                                    "opcode": "ite",
                                                    "condition": {
                                                      "opcode": "var",
                                                      "value": "of"
                                                    },
                                                    "x": {
                                                      "opcode": "bitv",
                                                      "bits": "0x1",
                                                      "len": 16
                                                    },
                                                    "y": {
                                                      "opcode": "bitv",
                                                      "bits": "0x0",
                                                      "len": 16
                                                    }
                                                  }
                                                },
                                                "y": {
                                                  "opcode": "bitv",
                                                  "bits": "0x1",
                                                  "len": 16
                                                },
                                                "fill_bit": {
                                                  "opcode": "bool",
                                                  "value": false
                                                }
                                              },
                                              "y": {
                                                "opcode": "ite",
                                                "condition": {
                                                  "opcode": "var",
                                                  "value": "df"
                                                },
                                                "x": {
                                                  "opcode": "bitv",
                                                  "bits": "0x1",
                                                  "len": 16
                                                },
                                                "y": {
                                                  "opcode": "bitv",
                                                  "bits": "0x0",
                                                  "len": 16
                                                }
                                              }
                                            },
                                            "y": {
                                              "opcode": "bitv",
                                              "bits": "0x1",
                                              "len": 16
                                            },
                                            "fill_bit": {
                                              "opcode": "bool",
                                              "value": false
                                            }
                                          },
                                          "y": {
                                            "opcode": "ite",
                                            "condition": {
                                              "opcode": "var",
                                              "value": "if"
                                            },
                                            "x": {
                                              "opcode": "bitv",
                                              "bits": "0x1",
                                              "len": 16
                                            },
                                            "y": {
                                              "opcode": "bitv",
                                              "bits": "0x0",
                                              "len": 16
                                            }
                                          }
                                        },
                                        "y": {
                                          "opcode": "bitv",
                                          "bits": "0x1",
                                          "len": 16
                                        },
                                        "fill_bit": {
                                          "opcode": "bool",
                                          "value": false
                                        }
                                      },
                                      "y": {
                                        "opcode": "ite",
                                        "condition": {
                                          "opcode": "var",
                                          "value": "tf"
                                        },
                                        "x": {
                                          "opcode": "bitv",
                                          "bits": "0x1",
                                          "len": 16
                                        },
                                        "y": {
                                          "opcode": "bitv",
                                          "bits": "0x0",
                                          "len": 16
                                        }
                                      }
                                    },
                                    "y": {
                                      "opcode": "bitv",
                                      "bits": "0x1",
                                      "len": 16
                                    },
                                    "fill_bit": {
                                      "opcode": "bool",
                                      "value": false
                                    }
                                  },
                                  "y": {
                                    "opcode": "ite",
                                    "condition": {
                                      "opcode": "var",
                                      "value": "zf"
                                    },
                                    "x": {
                                      "opcode": "bitv",
                                      "bits": "0x1",
                                      "len": 16
                                    },
                                    "y": {
                                      "opcode": "bitv",
                                      "bits": "0x0",
                                      "len": 16
                                    }
                                  }
                                },
                                "y": {
                                  "opcode": "bitv",
                                  "bits": "0x1",
                                  "len": 16
                                },
                                "fill_bit": {
                                  "opcode": "bool",
                                  "value": false
                                }
                              },
                              "y": {
                                "opcode": "ite",
                                "condition": {
                                  "opcode": "var",
                                  "value": "zf"
                                },
                                "x": {
                                  "opcode": "bitv",
                                  "bits": "0x1",
                                  "len": 16
                                },
                                "y": {
                                  "opcode": "bitv",
                                  "bits": "0x0",
                                  "len": 16
                                }
                              }
                            },
                            "y": {
                              "opcode": "bitv",
                              "bits": "0x2",
                              "len": 16
                            },
                            "fill_bit": {
                              "opcode": "bool",
                              "value": false
                            }
                          },
                          "y": {
                            "opcode": "ite",
                            "condition": {
                              "opcode": "var",
                              "value": "af"
                            },
                            "x": {
                              "opcode": "bitv",
                              "bits": "0x1",
                              "len": 16
                            },
                            "y": {
                              "opcode": "bitv",
                              "bits": "0x0",
                              "len": 16
                            }
                          }
                        },
                        "y": {
                          "opcode": "bitv",
                          "bits": "0x2",
                          "len": 16
                        },
                        "fill_bit": {
                          "opcode": "bool",
                          "value": false
                        }
                      },
                      "y": {
                        "opcode": "ite",
                        "condition": {
                          "opcode": "var",
                          "value": "pf"
                        },
                        "x": {
                          "opcode": "bitv",
                          "bits": "0x1",
                          "len": 16
                        },
                        "y": {
                          "opcode": "bitv",
                          "bits": "0x0",
                          "len": 16
                        }
                      }
                    },
                    "y": {
                      "opcode": "bitv",
                      "bits": "0x1",
                      "len": 16
                    },
                    "fill_bit": {
                      "opcode": "bool",
                      "value": false
                    }
                  },
                  "y": {
                    "opcode": "bitv",
                    "bits": "0x1",
                    "len": 16
                  }
                },
                "y": {
                  "opcode": "bitv",
                  "bits": "0x1",
                  "len": 16
                },
                "fill_bit": {
                  "opcode": "bool",
                  "value": false
                }
              },
              "y": {
                "opcode": "ite",
                "condition": {
                  "opcode": "var",
                  "value": "cf"
                },
                "x": {
                  "opcode": "bitv",
                  "bits": "0x1",
                  "len": 16
                },
                "y": {
                  "opcode": "bitv",
                  "bits": "0x0",
                  "len": 16
                }
              }
            },
            "length": 16,
            "fill": {
              "opcode": "bool",
              "value": false
            }
          }
        },
        "y": {
          "opcode": "set",
          "dst": "rsp",
          "src": {
            "opcode": "var",
            "value": "final"
          }
        }
      }
    },
    "sign": false,
    "prefix": 0,
    "id": 612,
    "opex": {
      "operands": [
        {
          "size": 8,
          "rw": 1,
          "type": "reg",
          "value": "rflags"
        }
      ]
    },
    "addr": 0,
    "bytes": "669c",
    "size": 2,
    "type": "upush",
    "esilcost": 24,
    "scale": 0,
    "refptr": 0,
    "cycles": 2,
    "failcycles": 0,
    "delay": 0,
    "stack": "inc",
    "stackptr": 8,
    "family": "cpu"
  }
]
EOF
RUN

NAME=strings xref issue
FILE=bins/elf/redpill
CMDS=<<EOF
e analysis.strings=true
aa
aae
axt @ 0x00001d89
axt @ 0x00001da0
axt @ 0x00001db7
axt @ 0x00001dd1
axt @ 0x00001de8
axt @ 0x00001df4
axt @ 0x00001e09
EOF
EXPECT=<<EOF
main 0x1457 [STRING] lea eax, str.Take_the_Red_Pill
main 0x148e [STRING] lea eax, str.use:_._exploit1_PILL
main 0x14eb [STRING] lea eax, str.Red_Pill__0x50444552
main 0x1502 [STRING] lea eax, str.Your_Pill_0x_08x
main 0x1523 [STRING] lea eax, str.Red_Pill
main 0x1557 [STRING] lea eax, str.fwhibbit
main 0x161d [STRING] lea eax, str.Blue_Pill
EOF
RUN

NAME=reference to like mov [0x400000], 0x1234
FILE=bins/elf/analysis/reference.out
CMDS=<<EOF
aaa
axt@ 0x0804a01c
EOF
EXPECT=<<EOF
main 0x80483ee [DATA] mov dword [obj.a], 0x1337
EOF
RUN

NAME=delete references with ax-
FILE==
CMDS=<<EOF
ax 10 @ 20
axlq
ax- 10
axlq
ax 10 @ 20
ax 30 @ 40
axlq
ax-*
axlq
EOF
EXPECT=<<EOF
0x00000014 -> 0x0000000a  UNKNOWN
0x00000014 -> 0x0000000a  UNKNOWN
0x00000028 -> 0x0000001e  UNKNOWN
EOF
RUN

NAME=reference PIC binary
FILE=bins/elf/analysis/xrefpic
CMDS=<<EOF
e analysis.strings=true
aa
aae
axt @ 0x80484e0
EOF
EXPECT=<<EOF
main 0x8048432 [STRING] lea eax, str.Hello_PIC
EOF
RUN

NAME=strings xref issue without subrel
FILE=bins/elf/redpill
CMDS=<<EOF
e analysis.strings=true
e asm.sub.rel=false
aa
aae
axt @ 0x00001d89
axt @ 0x00001da0
axt @ 0x00001db7
axt @ 0x00001dd1
axt @ 0x00001de8
axt @ 0x00001df4
axt @ 0x00001e09
EOF
EXPECT=<<EOF
main 0x1457 [STRING] lea eax, [esi - 0x2277]
main 0x148e [STRING] lea eax, [esi - 0x2260]
main 0x14eb [STRING] lea eax, [esi - 0x2249]
main 0x1502 [STRING] lea eax, [esi - 0x222f]
main 0x1523 [STRING] lea eax, [esi - 0x2218]
main 0x1557 [STRING] lea eax, [esi - 0x220c]
main 0x161d [STRING] lea eax, [esi - 0x21f7]
EOF
RUN

NAME=reference PIC binary without subrel
FILE=bins/elf/analysis/xrefpic
CMDS=<<EOF
e analysis.strings=true
e asm.sub.rel=false
aa
aae
axt @ 0x80484e0
EOF
EXPECT=<<EOF
main 0x8048432 [STRING] lea eax, [ebx - 0x1b20]
EOF
RUN

NAME=refs on PIC binary disassembly
FILE=bins/elf/analysis/xrefpic
CMDS=<<EOF
e analysis.strings=true
e asm.bytes=true
aa
aae
pd 1 @ 0x08048432
EOF
EXPECT=<<EOF
|           0x08048432      8d83e0e4ffff   lea   eax, str.Hello_PIC    ; 0x80484e0 ; "Hello PIC!"
EOF
RUN

NAME=refs on PIC binary disassembly (color)
FILE=bins/elf/analysis/xrefpic
CMDS=<<EOF
e asm.bytes=false
e asm.comments=false
e scr.color=1
e analysis.strings=true
aa
aae
pd 1 @ 0x08048432
EOF
EXPECT=<<EOF
[36m|[0m           [32m0x08048432[0m      [37mlea[0m[37m   [0m[36meax[0m[37m, [33mstr.Hello_PIC[0m[0m[0m
EOF
RUN

NAME=axs
FILE==
CMDS=<<EOF
axs 0x10
axlq
EOF
EXPECT=<<EOF
0x00000000 -> 0x00000010  STRING
EOF
RUN

NAME=refs with aar
FILE=bins/elf/crackme
CMDS=<<EOF
e analysis.jmp.cref=true
e asm.bytes=true
e asm.lines.bb=false
e asm.lines.fcn=false
aar
pd 1 @ 0x400730
pd 1 @ 0x4007f0
pd 1 @ 0x400610
EOF
EXPECT=<<EOF
; DATA XREF from entry0 @ +0xf
;-- __libc_csu_fini:
0x00400730      f3c3           repz  ret
; CODE XREF from sym.__do_global_ctors_aux @ +0x2d
0x004007f0      4883eb08       sub   rbx, 8
; CALL XREF from section..fini @ +0x4
;-- __do_global_dtors_aux:
0x00400610      55             push  rbp
EOF
RUN

NAME=refs with afr
FILE=bins/elf/crackme
CMDS=<<EOF
e asm.bytes=true
e asm.lines.bb=false
e asm.lines.fcn=false
e analysis.jmp.cref=true
aa
afr
pd 1 @ 0x400730
pd 1 @ 0x4007f0
pd 1 @ 0x400610
EOF
EXPECT=<<EOF
  ; DATA XREF from entry0 @ 0x4005cf
sym.__libc_csu_fini();
0x00400730      f3c3           repz  ret
; CODE XREF from sym.__do_global_ctors_aux @ 0x4007fd
0x004007f0      4883eb08       sub   rbx, 8
  ; CALL XREF from sym._fini @ 0x40080c
sym.__do_global_dtors_aux();
0x00400610      55             push  rbp
EOF
RUN

NAME=cjmp data refs with aar
FILE=malloc://10000
CMDS=<<EOF
e asm.arch=8051
e asm.bytes=true
e asm.lines.bb=false
e asm.lines.fcn=false
wx 307401000022
aar
pd 1 @ _idata+0x2e
EOF
EXPECT=<<EOF
; DATA XREF from unk @ 
0x1000002e      00             nop
EOF
RUN

NAME=cjmp data refs with afr
FILE=malloc://10000
CMDS=<<EOF
e asm.arch=8051
e asm.lines.bb=false
e asm.bytes=true
e asm.lines.fcn=false
wx 307401000022
aa
afr
pd 1 @ _idata+0x2e
EOF
EXPECT=<<EOF
; DATA XREF from fcn.00000000 @ 
0x1000002e      00             nop
EOF
RUN

NAME=xrefs and overlapping basic blocks
FILE=bins/elf/analysis/ls-linux-x86_64-zlul
CMDS=<<EOF
aaa
axt @ main
EOF
EXPECT=<<EOF
entry0 0x40488d [DATA] mov rdi, main
EOF
RUN

NAME=unique function names
FILE=bins/elf/bash
CMDS=<<EOF
aaa
fl~strlen~390
EOF
EXPECT=<<EOF
EOF
RUN

NAME=no function split without overlapping blocks
FILE=bins/elf/libc.so.6
CMDS=<<EOF
aac
s 0x2254d
agf~invalid
echo end
EOF
EXPECT=<<EOF
end
EOF
RUN

NAME=noreturn of reloc-functions
FILE=bins/elf/ls
CMDS=<<EOF
aaa
afbr @ 0x80b0
EOF
EXPECT=<<EOF
0x000081cb
0x00008237
EOF
RUN

NAME=r_analysis_fcn_split_bb FITFCNSZ fix (#12008)
FILE==
CMDS=<<EOF
e asm.arch=x86
e asm.bytes=true
e asm.bits=64
e analysis.jmp.mid=false
wx b8210000c1ebfdbb2c0000000000
af
afi
echo
afb
echo
e asm.bb.middle=true
pdf
echo
e asm.bb.middle=false
pdf
EOF
EXPECT=<<EOF
offset: 0x00000000
name: fcn.00000000
size: 7
is-pure: true
realsz: 7
stackframe: 0
call-convention: amd64
cyclomatic-cost: 4
cyclomatic-complexity: 0
loops: 0
bits: 64
type: fcn
num-bbs: 2
edges: 2
end-bbs: 0
call-refs:
data-refs:
code-xrefs:
noreturn: false
in-degree: 0
out-degree: 0
data-xrefs:
locals: 0
args: 0

0x00000000 0x00000004 00:0000 4 j 0x00000004
0x00000004 0x00000007 00:0000 3 j 0x00000004

/ fcn.00000000();
|           0x00000000  ~   b8210000c1     mov   eax, 0xc1000021       ; '!'
|           ; CODE XREF from fcn.00000000 @ 0x5
\       .-> 0x00000004      c1ebfd         shr   ebx, 0xfd

/ fcn.00000000();
|           0x00000000      b8210000c1     mov   eax, 0xc1000021       ; '!'
\       `=< 0x00000005      ebfd           jmp   4
EOF
RUN

NAME=overlapping basic blocks and analysis.jmp.mid
FILE==
CMDS=<<EOF
e asm.arch=x86
e asm.bytes=true
e asm.bits=64
e analysis.nopskip=false
e asm.bb.middle=true
e analysis.jmp.mid=true
(show_fcn bin; wx ${bin}; af-*; af; afi; echo; afb; echo; pdr; echo; agf; echo; e asm.bb.middle=true; pdf; echo; e asm.bb.middle=false; pdf)
.(show_fcn b8210000c1ebfdbb2c000000cc)
echo
.(show_fcn b8210000c1ebfdbb2c000000ebf6)
echo
.(show_fcn b8210000c1ebfdbb2c000000ebf7)
echo
.(show_fcn 0f1f440000b8210000c1ebfdbb2c000000ebf0)
EOF
EXPECT=<<EOF
offset: 0x00000000
name: fcn.00000000
size: 13
is-pure: false
realsz: 16
stackframe: 0
call-convention: amd64
cyclomatic-cost: 6
cyclomatic-complexity: 1
loops: 0
bits: 64
type: fcn
num-bbs: 2
edges: 1
end-bbs: 1
call-refs: 0x00000004 J
data-refs: 0x0000002c
code-xrefs: 0x00000005 J
noreturn: false
in-degree: 1
out-degree: 0
data-xrefs:
locals: 0
args: 0

0x00000000 0x00000007 00:0000 7 j 0x00000004
0x00000004 0x0000000d 00:0000 9

/ fcn.00000000();
| 0x00000000      b8210000c1     mov   eax, 0xc1000021                 ; '!'
| 0x00000005      ebfd           jmp   4
| ----------- true: 0x00000004
| ; CODE XREF from fcn.00000000 @ 0x5
| 0x00000004      c1ebfd         shr   ebx, 0xfd
| 0x00000007      bb2c000000     mov   ebx, 0x2c                       ; ','
\ 0x0000000c      cc             int3


        .---------------------.
        |  0x0                |
        | fcn.00000000();     |
        | ; '!'               |
        | mov eax, 0xc1000021 |
        | jmp 4               |
        `---------------------'
            v
            |
    .-------'
    |
.-------------------------------------.
|  0x4                                |
| ; CODE XREF from fcn.00000000 @ 0x5 |
| shr ebx, 0xfd                       |
| ; ','                               |
| mov ebx, 0x2c                       |
| int3                                |
`-------------------------------------'

/ fcn.00000000();
|           0x00000000  ~   b8210000c1     mov   eax, 0xc1000021       ; '!'
|           ; CODE XREF from fcn.00000000 @ 0x5
|       .-> 0x00000004      c1ebfd         shr   ebx, 0xfd
|           0x00000007      bb2c000000     mov   ebx, 0x2c             ; ','
\           0x0000000c      cc             int3

/ fcn.00000000();
|           0x00000000      b8210000c1     mov   eax, 0xc1000021       ; '!'
|       `=< 0x00000005      ebfd           jmp   4
|           0x00000007      bb2c000000     mov   ebx, 0x2c             ; ','
\           0x0000000c      cc             int3

offset: 0x00000000
name: fcn.00000000
size: 14
is-pure: false
realsz: 17
stackframe: 0
call-convention: amd64
cyclomatic-cost: 7
cyclomatic-complexity: 0
loops: 0
bits: 64
type: fcn
num-bbs: 2
edges: 2
end-bbs: 0
call-refs: 0x00000004 J 0x00000004 J
data-refs: 0x0000002c
code-xrefs: 0x00000005 J 0x0000000c J
noreturn: false
in-degree: 2
out-degree: 0
data-xrefs:
locals: 0
args: 0

0x00000000 0x00000007 00:0000 7 j 0x00000004
0x00000004 0x0000000e 00:0000 10 j 0x00000004

/ fcn.00000000();
| 0x00000000      b8210000c1     mov   eax, 0xc1000021                 ; '!'
| 0x00000005      ebfd           jmp   4
| ----------- true: 0x00000004
| ; CODE XREFS from fcn.00000000 @ 0x5, 0xc
| 0x00000004      c1ebfd         shr   ebx, 0xfd
| 0x00000007      bb2c000000     mov   ebx, 0x2c                       ; ','
\ 0x0000000c      ebf6           jmp   4
| ----------- true: 0x00000004

            .---------------------.
            |  0x0                |
            | fcn.00000000();     |
            | ; '!'               |
            | mov eax, 0xc1000021 |
            | jmp 4               |
            `---------------------'
                v
                |
                '------.
                       |
                       |
                       |
       .---------------'
.--------.
|      | |
|.-------------------------------------------.
||  0x4                                      |
|| ; CODE XREFS from fcn.00000000 @ 0x5, 0xc |
|| shr ebx, 0xfd                             |
|| ; ','                                     |
|| mov ebx, 0x2c                             |
|| jmp 4                                     |
|`-------------------------------------------'
|    v
|    |
`----'

/ fcn.00000000();
|           0x00000000  ~   b8210000c1     mov   eax, 0xc1000021       ; '!'
|           ; CODE XREFS from fcn.00000000 @ 0x5, 0xc
|      ..-> 0x00000004      c1ebfd         shr   ebx, 0xfd
|       :   0x00000007      bb2c000000     mov   ebx, 0x2c             ; ','
\       `=< 0x0000000c      ebf6           jmp   4

/ fcn.00000000();
|           0x00000000      b8210000c1     mov   eax, 0xc1000021       ; '!'
|      `==< 0x00000005      ebfd           jmp   4
|       :   0x00000007      bb2c000000     mov   ebx, 0x2c             ; ','
\       `=< 0x0000000c      ebf6           jmp   4

offset: 0x00000000
name: fcn.00000000
size: 14
is-pure: false
realsz: 17
stackframe: 0
call-convention: amd64
cyclomatic-cost: 7
cyclomatic-complexity: 0
loops: 1
bits: 64
type: fcn
num-bbs: 3
edges: 3
end-bbs: 0
call-refs: 0x00000004 J 0x00000005 J
data-refs: 0x0000002c
code-xrefs: 0x00000005 J 0x0000000c J
noreturn: false
in-degree: 2
out-degree: 0
data-xrefs:
locals: 0
args: 0

0x00000000 0x00000005 00:0000 5 j 0x00000005
0x00000004 0x0000000e 00:0000 10 j 0x00000005
0x00000005 0x00000007 00:0000 2 j 0x00000004

/ fcn.00000000();
| 0x00000000      b8210000c1     mov   eax, 0xc1000021                 ; '!'
| ----------- true: 0x00000005
| ; CODE XREF from fcn.00000000 @ 0x5
| 0x00000004      c1ebfd         shr   ebx, 0xfd
| 0x00000007      bb2c000000     mov   ebx, 0x2c                       ; ','
\ 0x0000000c      ebf7           jmp   5
| ----------- true: 0x00000005
| ; CODE XREF from fcn.00000000 @ 0xc
| 0x00000005      ebfd           jmp   4
| ----------- true: 0x00000004

         .---------------------.
         |  0x0                |
         | fcn.00000000();     |
         | ; '!'               |
         | mov eax, 0xc1000021 |
         `---------------------'
             v
             |
       .-----'
.--------.
|      | |
|.-------------------------------------.
||  0x5                                |
|| ; CODE XREF from fcn.00000000 @ 0xc |
|| jmp 4                               |
|`-------------------------------------'
|    v
|    |
|    |
|.-------------------------------------.
||  0x4                                |
|| ; CODE XREF from fcn.00000000 @ 0x5 |
|| shr ebx, 0xfd                       |
|| ; ','                               |
|| mov ebx, 0x2c                       |
|| jmp 5                               |
|`-------------------------------------'
|    v
|    |
`----'

/ fcn.00000000();
|           0x00000000  ~   b8210000c1     mov   eax, 0xc1000021       ; '!'
|           ; CODE XREF from fcn.00000000 @ 0x5
|       .-> 0x00000004  ~   c1ebfd         shr   ebx, 0xfd
|       |   ; CODE XREF from fcn.00000000 @ 0xc
|      .`=< 0x00000005      ebfd           jmp   4
|      :    0x00000007      bb2c000000     mov   ebx, 0x2c             ; ','
\      `==< 0x0000000c      ebf7           jmp   5

/ fcn.00000000();
|           0x00000000      b8210000c1     mov   eax, 0xc1000021       ; '!'
|       |   ; CODE XREF from fcn.00000000 @ 0xc
|      .`=< 0x00000005      ebfd           jmp   4
|      :    0x00000007      bb2c000000     mov   ebx, 0x2c             ; ','
\      `==< 0x0000000c      ebf7           jmp   5

offset: 0x00000000
name: fcn.00000000
size: 19
is-pure: false
realsz: 24
stackframe: 0
call-convention: amd64
cyclomatic-cost: 9
cyclomatic-complexity: 0
loops: 1
bits: 64
type: fcn
num-bbs: 4
edges: 4
end-bbs: 0
call-refs: 0x00000009 J 0x00000003 J
data-refs: 0x0000002c
code-xrefs: 0x0000000a J 0x00000011 J
noreturn: false
in-degree: 2
out-degree: 0
data-xrefs:
locals: 0
args: 0

0x00000000 0x00000005 00:0000 5 j 0x00000005
0x00000003 0x00000005 00:0000 2 j 0x00000005
0x00000005 0x0000000c 00:0000 7 j 0x00000009
0x00000009 0x00000013 00:0000 10 j 0x00000003

/ fcn.00000000();
| 0x00000000      0f1f440000     nop   dword [rax + rax]
| ----------- true: 0x00000005
| ; CODE XREF from fcn.00000000 @ 0x11
| 0x00000003      0000           add   byte [rax], al
| ----------- true: 0x00000005
| 0x00000005      b8210000c1     mov   eax, 0xc1000021                 ; '!'
| 0x0000000a      ebfd           jmp   9
| ----------- true: 0x00000009
| ; CODE XREF from fcn.00000000 @ 0xa
| 0x00000009      c1ebfd         shr   ebx, 0xfd
| 0x0000000c      bb2c000000     mov   ebx, 0x2c                       ; ','
\ 0x00000011      ebf0           jmp   3
| ----------- true: 0x00000003

         .-----------------------.
         |  0x0                  |
         | fcn.00000000();       |
         | nop dword [rax + rax] |
         `-----------------------'
             v
             |
             '--.
.-----------------.
|               | |
|         .---------------------.
|         |  0x5                |
|         | ; '!'               |
|         | mov eax, 0xc1000021 |
|         | jmp 9               |
|         `---------------------'
|             v
|             |
|     .-------'
|     |
| .-------------------------------------.
| |  0x9                                |
| | ; CODE XREF from fcn.00000000 @ 0xa |
| | shr ebx, 0xfd                       |
| | ; ','                               |
| | mov ebx, 0x2c                       |
| | jmp 3                               |
| `-------------------------------------'
|     v
|     |
|    .'
|    |
|.--------------------------------------.
||  0x3                                 |
|| ; CODE XREF from fcn.00000000 @ 0x11 |
|| add byte [rax], al                   |
|`--------------------------------------'
|    v
|    |
`----'

/ fcn.00000000();
|           0x00000000  ~   0f1f440000     nop   dword [rax + rax]
|           ; CODE XREF from fcn.00000000 @ 0x11
|       .-> 0x00000003      0000           add   byte [rax], al
|       :   0x00000005  ~   b8210000c1     mov   eax, 0xc1000021       ; '!'
|       :   ; CODE XREF from fcn.00000000 @ 0xa
|      .--> 0x00000009      c1ebfd         shr   ebx, 0xfd
|       :   0x0000000c      bb2c000000     mov   ebx, 0x2c             ; ','
\       `=< 0x00000011      ebf0           jmp   3

/ fcn.00000000();
|           0x00000000      0f1f440000     nop   dword [rax + rax]
|       :   0x00000005      b8210000c1     mov   eax, 0xc1000021       ; '!'
|      `==< 0x0000000a      ebfd           jmp   9
|       :   0x0000000c      bb2c000000     mov   ebx, 0x2c             ; ','
\       `=< 0x00000011      ebf0           jmp   3
EOF
RUN

NAME=basic block overlaps function start
FILE==
CMDS=<<EOF
e asm.arch=x86
e asm.bytes=true
e asm.bits=64
wx b821c10010ebf9
s 3
af; afi; echo; afb; echo; pdr; echo; agf; echo; pdf
echo
e asm.bb.middle=false
pd 2 @ 0
echo
e asm.bb.middle=true
pd 3 @ 0
EOF
EXPECT=<<EOF
offset: 0x00000003
name: fcn.00000003
size: 7
is-pure: true
realsz: 9
stackframe: 0
call-convention: amd64
cyclomatic-cost: 4
cyclomatic-complexity: 0
loops: 1
bits: 64
type: fcn
num-bbs: 3
edges: 3
end-bbs: 0
call-refs: 0x00000000 J
data-refs:
code-xrefs: 0x00000005 J
noreturn: false
in-degree: 1
out-degree: 0
data-xrefs:
locals: 0
args: 0

0x00000000 0x00000005 00:0000 5 j 0x00000005
0x00000003 0x00000005 00:0000 2 j 0x00000005
0x00000005 0x00000007 00:0000 2 j 0x00000000

| ; CODE XREF from fcn.00000003 @ 0x5
| ;-- (0x00000003) fcn.00000003:
| 0x00000000  ~   b821c10010     mov   eax, 0x1000c121
| ----------- true: 0x00000005
/ fcn.00000003();
| 0x00000003      0010           add   byte [rax], dl
| ----------- true: 0x00000005
| 0x00000005      ebf9           jmp   0
| ----------- true: 0x00000000

.----.
|    |
|.-------------------------------------.   .--------------------.
||  0x0                                |   |  0x3               |
|| ; CODE XREF from fcn.00000003 @ 0x5 |   | fcn.00000003();    |
|| ;-- (0x00000003) fcn.00000003:      |   | add byte [rax], dl |
|| mov eax, 0x1000c121                 |   `--------------------'
|`-------------------------------------'       v
|    v                                         |
|    |                                         |
|    '---------------------------------.       |
|                                    .---------'
|                                    | |
|                              .-----------.
|                              |  0x5      |
|                              | jmp 0     |
|                              `-----------'
|                                  v
|                                  |
`----------------------------------'

/ fcn.00000003();
|           0x00000003      0010           add   byte [rax], dl
|           0x00000005      ebf9           jmp   0

|           ; CODE XREF from fcn.00000003 @ 0x5
|           ;-- (0x00000003) fcn.00000003:
|           0x00000000  ~   b821c10010     mov   eax, 0x1000c121
|           0x00000005      ebf9           jmp   0

|           ; CODE XREF from fcn.00000003 @ 0x5
|           0x00000000  ~   b821c10010     mov   eax, 0x1000c121
/ fcn.00000003();
|           0x00000003      0010           add   byte [rax], dl
|           0x00000005      ebf9           jmp   0
EOF
RUN

NAME=af-* removes function flags
FILE==
CMDS=<<EOF
e asm.arch=x86
e asm.bytes=true
e asm.bits=64
wx b821c10010ebf9
s 0
af; af-*
s 3
af
pdr
echo
agf
echo
afll
EOF
EXPECT=<<EOF
| ; CODE XREF from fcn.00000003 @ 0x5
| ;-- (0x00000003) fcn.00000003:
| 0x00000000  ~   b821c10010     mov   eax, 0x1000c121
| ----------- true: 0x00000005
/ fcn.00000003();
| 0x00000003      0010           add   byte [rax], dl
| ----------- true: 0x00000005
| 0x00000005      ebf9           jmp   0
| ----------- true: 0x00000000

.----.
|    |
|.-------------------------------------.   .--------------------.
||  0x0                                |   |  0x3               |
|| ; CODE XREF from fcn.00000003 @ 0x5 |   | fcn.00000003();    |
|| ;-- (0x00000003) fcn.00000003:      |   | add byte [rax], dl |
|| mov eax, 0x1000c121                 |   `--------------------'
|`-------------------------------------'       v
|    v                                         |
|    |                                         |
|    '---------------------------------.       |
|                                    .---------'
|                                    | |
|                              .-----------.
|                              |  0x5      |
|                              | jmp 0     |
|                              `-----------'
|                                  v
|                                  |
`----------------------------------'

addr       name         size xrefsTo xrefsFrom calls nbbs edges cc cost noreturn min bound  range max bound  locals args frame loops 
-------------------------------------------------------------------------------------------------------------------------------------
0x00000003 fcn.00000003 9    1       1         0     3    3     0  4    false    0x00000000 7     0x00000007 0      0    0     1
EOF
RUN

NAME=so -N and overlapping basic blocks
FILE==
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
e analysis.jmp.mid=true
e analysis.nopskip=false
wx 0f1f440000b8210000c1ebfdbb2c000000ebf0
af
s 0x4
so -1
s
s 0x4
so -2
s
EOF
EXPECT=<<EOF
0x3
0x0
EOF
RUN

NAME=a8 analyze bytes
FILE==
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
e asm.os=linux
a8 55|
EOF
EXPECT=<<EOF
address: 0x0
opcode: push rbp
esilcost: 24
disasm: push rbp
pseudo: push rbp
mnemonic: push
description: push word, doubleword or quadword onto the stack
mask: ff
prefix: 0
id: 609
bytes: 55
refptr: 0
size: 1
sign: false
type: rpush
cycles: 1
esil: rbp,8,rsp,-,=[8],8,rsp,-=
rzil: (seq (set final (- (var rsp) (bv 64 0x8))) (storew 0 (var final) (cast 64 false (var rbp))) (set rsp (var final)))
family: cpu
stackop: inc
stackptr: 8
EOF
RUN

NAME=af jmp after ret
FILE=malloc://512
CMDS=<<EOF
e analysis.hasnext=0
e asm.arch=x86
e asm.bits=64
wx b8010000004839ca7f26b8ffffffff4839ca7c1c498b4838498b5138b8010000004839ca7f0ab8ffffffff4839ca7d025dc34883c7684883c6685dc3
af
afl~?
EOF
EXPECT=<<EOF
1
EOF
RUN

NAME=af jmp after ret
FILE=malloc://512
CMDS=<<EOF
e analysis.hasnext=0
e asm.arch=x86
e asm.bits=64
wx b8010000004839ca7f26b8ffffffff4839ca7c1c498b4838498b5138b8010000004839ca7f0ab8ffffffff4839ca7d025dc34883c7684883c6685dc3
af
afl~?
afl~[2]
EOF
EXPECT=<<EOF
1
60
EOF
RUN

NAME=Windows Function EMU LoadStringA
FILE=bins/pe/standard.exe
CMDS=<<EOF
e asm.arch=x86
e asm.bits=32
e asm.os=windows
e asm.emu=true
e emu.write=true
e asm.bytes=0
e asm.cmt.col=20
e asm.lines.bb=false
aeim
s 0x00402aee
pd 10~?int LoadStringA
EOF
EXPECT=<<EOF
1
EOF
RUN

NAME=Linux fcnsign test
FILE=bins/elf/analysis/ls-linux64
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
e asm.os=linux
e asm.emu=true
e emu.write=true
e asm.bytes=0
e asm.cmt.col=20
e asm.lines.bb=false
e asm.lines.fcn=false
aa
aeim
s 0x00003cb8-0x30
pd 20~env
EOF
EXPECT=<<EOF
0x00003cb8      call  sym.imp.getenv ; rsp=0x177fe8 -> 0x464c457f ; rip=0x3430 -> 0x97fa25ff
                    ; char *getenv("COLUMNS")
EOF
RUN

NAME=sar on x86-64
FILE==
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
e analysis.hasnext=0
# testing mov eax, -4 sar
wx 48c7c0fcffffff 48d1f8 48d1f8 48d1f8 48d1f8 48d1f8 48d1f8
aes
ar rax
aes
ar rax
aes
ar rax
aes
ar rax
EOF
EXPECT=<<EOF
rax = 0xfffffffffffffffc
rax = 0xfffffffffffffffe
rax = 0xffffffffffffffff
rax = 0xffffffffffffffff
EOF
RUN

NAME=aes
FILE==
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
e analysis.hasnext=0
wx 48c7c0fcffffff 48d1f8 48d1f8 48d1f8
aes
ar rax
aes
ar rax
aes
ar rax
EOF
EXPECT=<<EOF
rax = 0xfffffffffffffffc
rax = 0xfffffffffffffffe
rax = 0xffffffffffffffff
EOF
RUN

NAME=x86-64 after unknown jmp
FILE=bins/elf/analysis/ls-linux64
CMDS=<<EOF
s 0x5c50
af
pif
EOF
EXPECT=<<EOF
lea rdi, loc._edata
lea rax, [0x0021d28f]
push rbp
sub rax, rdi
mov rbp, rsp
cmp rax, 0xe
jbe 0x5c80
mov rax, qword [reloc._ITM_deregisterTMCloneTable]
test rax, rax
je 0x5c80
pop rbp
jmp rax
nop word [rax + rax]
pop rbp
ret
EOF
RUN

NAME=t.analysis/x86/aap
FILE=bins/mach0/ls-osx-x86_64
CMDS=<<EOF
f- sym.func.*
aap
pi 2 @ fcn.1000010f8
EOF
EXPECT=<<EOF
push rbp
mov rbp, rsp
EOF
RUN

NAME=mac-ls switch count
FILE=bins/mach0/ls-osx-x86_64
CMDS=<<EOF
e analysis.jmp.tbl=true
af
fl~switch
EOF
EXPECT=<<EOF
0x100001527 1 switch.0x100001527
EOF
RUN

NAME=gcc_5.5.0_64 switch/case flags, meta, hints, etc.
FILE=bins/jmptbl/test_gcc_5.5.0_64.out
CMDS=<<EOF
aaa
fl~switch
fl~case.
C~Cd 4
ahl
axf @ 0x59d
afb @ 0x59d
EOF
EXPECT=<<EOF
0x0000059d 1 switch.0x0000059d
0x0000059f 1 case.0x59d.13
0x000005b2 1 case.0x59d.1
0x000005c0 1 case.0x59d.2
0x000005c0 1 case.0x59d.3
0x000005c0 1 case.0x59d.4
0x000005ce 1 case.0x59d.5
0x000005dc 1 case.0x59d.6
0x000005ea 1 case.0x59d.7
0x000005f8 1 case.0x59d.9
0x00000606 1 case.0x59d.11
0x00000614 1 case.0x59d.12
0x00000622 1 case.0x59d.0
0x00000622 1 case.0x59d.8
0x00000622 1 case.0x59d.10
0x00000622 1 case.default.0x59d
0x00000844 data Cd 4
0x00000848 data Cd 4
0x0000084c data Cd 4
0x00000850 data Cd 4
0x00000854 data Cd 4
0x00000858 data Cd 4
0x0000085c data Cd 4
0x00000860 data Cd 4
0x00000864 data Cd 4
0x00000868 data Cd 4
0x0000086c data Cd 4
0x00000870 data Cd 4
0x00000874 data Cd 4
0x00000878 data Cd 4
 0x00000844 => immbase=10
 0x00000848 => immbase=10
 0x0000084c => immbase=10
 0x00000850 => immbase=10
 0x00000854 => immbase=10
 0x00000858 => immbase=10
 0x0000085c => immbase=10
 0x00000860 => immbase=10
 0x00000864 => immbase=10
 0x00000868 => immbase=10
 0x0000086c => immbase=10
 0x00000870 => immbase=10
 0x00000874 => immbase=10
 0x00000878 => immbase=10
c 0x59f case.0x59d.13
c 0x5b2 case.0x59d.1
c 0x5c0 case.0x59d.2
c 0x5ce case.0x59d.5
c 0x5dc case.0x59d.6
c 0x5ea case.0x59d.7
c 0x5f8 case.0x59d.9
c 0x606 case.0x59d.11
c 0x614 case.0x59d.12
c 0x622 case.0x59d.0
0x00000580 0x0000058d 00:0000 13 j 0x00000622 f 0x0000058d
0x0000058d 0x0000059f 00:0000 18 s 0x00000622 s 0x000005b2 s 0x000005c0 s 0x000005ce s 0x000005dc s 0x000005ea s 0x000005f8 s 0x00000606 s 0x00000614 s 0x0000059f
0x0000059f 0x000005ab 00:0000 12 j 0x000005ab
0x000005ab 0x000005b2 00:0000 7
0x000005b2 0x000005c0 00:0000 14 j 0x000005ab
0x000005c0 0x000005ce 00:0000 14 j 0x000005ab
0x000005ce 0x000005dc 00:0000 14 j 0x000005ab
0x000005dc 0x000005ea 00:0000 14 j 0x000005ab
0x000005ea 0x000005f8 00:0000 14 j 0x000005ab
0x000005f8 0x00000606 00:0000 14 j 0x000005ab
0x00000606 0x00000614 00:0000 14 j 0x000005ab
0x00000614 0x00000622 00:0000 14 j 0x000005ab
0x00000622 0x00000633 00:0000 17 j 0x000005ab
EOF
RUN

NAME=gcc_7.2.0_64 switch/case flags
FILE=bins/jmptbl/test_gcc_7.2.0_64.out
CMDS=<<EOF
aaa
fl~switch
fl~case.
EOF
EXPECT=<<EOF
0x0000054d 1 switch.0x0000054d
0x0000054f 1 case.0x54d.13
0x00000562 1 case.0x54d.1
0x00000570 1 case.0x54d.2
0x00000570 1 case.0x54d.3
0x00000570 1 case.0x54d.4
0x0000057e 1 case.0x54d.5
0x0000058c 1 case.0x54d.6
0x0000059a 1 case.0x54d.7
0x000005a8 1 case.0x54d.9
0x000005b6 1 case.0x54d.11
0x000005c4 1 case.0x54d.12
0x000005d2 1 case.0x54d.0
0x000005d2 1 case.0x54d.8
0x000005d2 1 case.0x54d.10
0x000005d2 1 case.default.0x54d
EOF
RUN

NAME=gcc_9.2.0_64 switch/case flags
FILE=bins/elf/dectest64
CMDS=<<EOF
aaa
fl~switch
fl~case.
EOF
EXPECT=<<EOF
0x004011fd 1 switch.0x004011fd
0x0040138d 1 switch.0x0040138d
0x0040120a 1 case.0x4011fd.0
0x0040121b 1 case.0x4011fd.1
0x0040122c 1 case.0x4011fd.2
0x0040123d 1 case.0x4011fd.3
0x0040124e 1 case.0x4011fd.4
0x00401270 1 case.default.0x4011fd
0x00401398 1 case.0x40138d.0
0x004013a9 1 case.0x40138d.1
0x004013ba 1 case.0x40138d.2
0x004013cb 1 case.0x40138d.3
0x004013dc 1 case.0x40138d.4
0x004013fe 1 case.default.0x40138d
EOF
RUN

NAME=clang_3.8_64 switch/case flags
FILE=bins/jmptbl/test_clang_3.8_64.out
CMDS=<<EOF
aaa
fl~switch
fl~case.
EOF
EXPECT=<<EOF
0x004004d8 1 switch.0x004004d8
0x004004df 1 case.0x4004d8.2
0x004004df 1 case.0x4004d8.3
0x004004df 1 case.0x4004d8.4
0x004004e6 1 case.0x4004d8.1
0x004004ed 1 case.0x4004d8.5
0x004004f4 1 case.0x4004d8.6
0x004004fb 1 case.0x4004d8.7
0x00400502 1 case.0x4004d8.8
0x00400502 1 case.0x4004d8.10
0x00400502 1 case.default.0x4004d8
0x00400509 1 case.0x4004d8.9
0x00400510 1 case.0x4004d8.11
0x00400517 1 case.0x4004d8.12
0x0040051e 1 case.0x4004d8.13
EOF
RUN

NAME=clang_5.0_64 switch/case flags
FILE=bins/jmptbl/test_clang_5.0_64.out
CMDS=<<EOF
aaa
fl~switch
fl~case.
EOF
EXPECT=<<EOF
0x004004c8 1 switch.0x004004c8
0x004004cf 1 case.0x4004c8.2
0x004004cf 1 case.0x4004c8.3
0x004004cf 1 case.0x4004c8.4
0x004004d6 1 case.0x4004c8.1
0x004004dd 1 case.0x4004c8.5
0x004004e4 1 case.0x4004c8.6
0x004004eb 1 case.0x4004c8.7
0x004004f2 1 case.0x4004c8.8
0x004004f2 1 case.0x4004c8.10
0x004004f2 1 case.default.0x4004c8
0x004004f9 1 case.0x4004c8.9
0x00400500 1 case.0x4004c8.11
0x00400507 1 case.0x4004c8.12
0x0040050e 1 case.0x4004c8.13
EOF
RUN

NAME=msvc_1700_64 switch/case flags
FILE=bins/jmptbl/test_msvc_1700_64.exe
CMDS=<<EOF
aaa
fl~switch
fl~case.
EOF
EXPECT=<<EOF
0x140001023 1 switch.0x140001023
0x140004b01 1 switch.0x140004b01
0x140001025 1 case.0x140001023.1
0x140001038 1 case.0x140001023.2
0x140001038 1 case.0x140001023.3
0x140001038 1 case.0x140001023.4
0x14000104b 1 case.0x140001023.5
0x14000105e 1 case.0x140001023.6
0x140001071 1 case.0x140001023.7
0x140001084 1 case.0x140001023.9
0x140001097 1 case.0x140001023.11
0x1400010aa 1 case.0x140001023.12
0x1400010bd 1 case.0x140001023.13
0x1400010d0 1 case.0x140001023.8
0x1400010d0 1 case.0x140001023.10
0x1400010d0 1 case.default.0x140001023
0x140004a40 1 case.default.0x140004b01
0x140004b47 1 case.0x140004b01.0
0x140004b4b 1 case.0x140004b01.1
0x140004b56 1 case.0x140004b01.2
0x140004b62 1 case.0x140004b01.3
0x140004b77 1 case.0x140004b01.4
0x140004b80 1 case.0x140004b01.5
0x140004b92 1 case.0x140004b01.6
0x140004ba5 1 case.0x140004b01.7
0x140004bc1 1 case.0x140004b01.8
0x140004bcb 1 case.0x140004b01.9
0x140004bde 1 case.0x140004b01.10
0x140004bf2 1 case.0x140004b01.11
0x140004c0f 1 case.0x140004b01.12
0x140004c20 1 case.0x140004b01.13
0x140004c3a 1 case.0x140004b01.14
0x140004c55 1 case.0x140004b01.15
0x140004c79 1 case.0x140004b01.16
EOF
RUN

NAME=test_switch_indirect.exe switch/case flags
FILE=bins/jmptbl/test_switch_indirect.exe
CMDS=<<EOF
e asm.bytes=true
s main
af
e asm.lines=false
pdf~case
EOF
EXPECT=<<EOF
0x140001012      0f871a010000   ja    case.0x140001034.3
0x140001034      ffe1           jmp   rcx                              ; switch table (99 cases) at 0x140001148
;-- case 1:                                                            ; from 0x140001034
0x140001036      488d0dd31100.  lea   rcx, str.case_1                  ; 0x140002210 ; "case 1"
;-- case 2:                                                            ; from 0x140001034
0x14000104b      488d0dc61100.  lea   rcx, str.case_2                  ; 0x140002218 ; "case 2"
;-- case 11:                                                           ; from 0x140001034
0x140001060      488d0db91100.  lea   rcx, str.case_11                 ; 0x140002220 ; "case 11"
;-- case 13:                                                           ; from 0x140001034
0x140001075      488d0dac1100.  lea   rcx, str.case_13                 ; 0x140002228 ; "case 13"
;-- case 15...16:                                                      ; from 0x140001034
0x14000108a      488d0d9f1100.  lea   rcx, str.case_15_and_16          ; 0x140002230 ; "case 15 and 16"
;-- case 19:                                                           ; from 0x140001034
0x14000109f      488d0d9a1100.  lea   rcx, str.case_19                 ; 0x140002240 ; "case 19"
;-- case 50:                                                           ; from 0x140001034
0x1400010b4      488d0d8d1100.  lea   rcx, str.case_50                 ; 0x140002248 ; "case 50"
;-- case 30:                                                           ; from 0x140001034
0x1400010c9      488d0d801100.  lea   rcx, str.case_30                 ; 0x140002250 ; "case 30"
;-- case 20:                                                           ; from 0x140001034
0x1400010de      488d0d731100.  lea   rcx, str.case_20                 ; 0x140002258 ; "case 20"
;-- case 10:                                                           ; from 0x140001034
0x1400010f3      488d0d661100.  lea   rcx, str.case_10                 ; 0x140002260 ; "case 10"
;-- case 99:                                                           ; from 0x140001034
0x140001108      488d0d591100.  lea   rcx, str.case_99                 ; 0x140002268 ; "case 99"
;-- case 97:                                                           ; from 0x140001034
0x14000111d      488d0d4c1100.  lea   rcx, str.case_97                 ; 0x140002270 ; "case 97"
;-- case 3...9:                                                        ; from 0x140001034
;-- case 12:                                                           ; from 0x140001034
;-- case 14:                                                           ; from 0x140001034
;-- case 18:                                                           ; from 0x140001034
;-- case 22...29:                                                      ; from 0x140001034
;-- case 31:                                                           ; from 0x140001034
;-- case 32...49:                                                      ; from 0x140001034
;-- case 51:                                                           ; from 0x140001034
;-- case 52...96:                                                      ; from 0x140001034
;-- case 98:                                                           ; from 0x140001034
EOF
RUN

NAME=msvc_1900_64 switch/case flags
FILE=bins/jmptbl/test_msvc_1900_64.exe
CMDS=<<EOF
aaa
fl~switch
fl~case.
EOF
EXPECT=<<EOF
0x140001023 1 switch.0x140001023
0x140001f5b 1 switch.0x140001f5b
0x1400095b4 1 switch.0x1400095b4
0x140009670 1 switch.0x140009670
0x1400097b8 1 switch.0x1400097b8
0x14000c185 1 switch.0x14000c185
0x140001025 1 case.0x140001023.1
0x140001038 1 case.0x140001023.2
0x140001038 1 case.0x140001023.3
0x140001038 1 case.0x140001023.4
0x14000104b 1 case.0x140001023.5
0x14000105e 1 case.0x140001023.6
0x140001071 1 case.0x140001023.7
0x140001084 1 case.0x140001023.9
0x140001097 1 case.0x140001023.11
0x1400010aa 1 case.0x140001023.12
0x1400010bd 1 case.0x140001023.13
0x1400010d0 1 case.0x140001023.8
0x1400010d0 1 case.0x140001023.10
0x1400010d0 1 case.default.0x140001023
0x140001e3e 1 case.default.0x140001f5b
0x140001f60 1 case.0x140001f5b.15
0x140001f64 1 case.0x140001f5b.7
0x140001f67 1 case.0x140001f5b.3
0x140001f6b 1 case.0x140001f5b.1
0x140001f6e 1 case.0x140001f5b.0
0x140001f70 1 case.0x140001f5b.12
0x140001f74 1 case.0x140001f5b.4
0x140001f78 1 case.0x140001f5b.9
0x140001f80 1 case.0x140001f5b.13
0x140001f84 1 case.0x140001f5b.5
0x140001f90 1 case.0x140001f5b.14
0x140001f94 1 case.0x140001f5b.6
0x140001f97 1 case.0x140001f5b.2
0x140001f9c 1 case.0x140001f5b.8
0x140001fa0 1 case.0x140001f5b.11
0x140001fb0 1 case.0x140001f5b.10
0x140001fb8 1 case.0x140001f5b.16
0x1400095b6 1 case.0x1400095b4.1
0x1400095bd 1 case.0x1400095b4.2
0x1400095c4 1 case.0x1400095b4.3
0x1400095cb 1 case.0x1400095b4.4
0x1400095d2 1 case.0x1400095b4.5
0x1400095d9 1 case.0x1400095b4.6
0x1400095e0 1 case.0x1400095b4.7
0x1400095e7 1 case.0x1400095b4.8
0x1400095ee 1 case.0x1400095b4.9
0x1400095f5 1 case.0x1400095b4.10
0x1400095fc 1 case.0x1400095b4.11
0x140009603 1 case.0x1400095b4.12
0x14000960a 1 case.0x1400095b4.13
0x140009611 1 case.0x1400095b4.14
0x140009618 1 case.0x1400095b4.15
0x14000961d 1 case.default.0x1400095b4
0x140009672 1 case.0x140009670.0
0x140009681 1 case.0x140009670.1
0x140009690 1 case.0x140009670.2
0x14000969f 1 case.0x140009670.3
0x1400096ae 1 case.0x140009670.4
0x1400096ba 1 case.0x140009670.5
0x1400096c6 1 case.0x140009670.6
0x1400096d2 1 case.0x140009670.7
0x1400096de 1 case.0x140009670.8
0x1400096ea 1 case.0x140009670.9
0x1400096f6 1 case.0x140009670.10
0x140009702 1 case.0x140009670.11
0x14000970e 1 case.0x140009670.12
0x14000971a 1 case.0x140009670.13
0x140009726 1 case.0x140009670.14
0x140009732 1 case.0x140009670.15
0x140009735 1 case.default.0x140009670
0x1400097ba 1 case.0x1400097b8.0
0x1400097ba 1 case.0x140009670.16
0x1400097c1 1 case.0x1400097b8.1
0x1400097c1 1 case.0x140009670.17
0x1400097c8 1 case.0x1400097b8.2
0x1400097c8 1 case.0x140009670.18
0x1400097cf 1 case.0x1400097b8.3
0x1400097cf 1 case.0x140009670.19
0x1400097d6 1 case.0x1400097b8.4
0x1400097d6 1 case.0x140009670.20
0x1400097dd 1 case.0x1400097b8.5
0x1400097dd 1 case.0x140009670.21
0x1400097e4 1 case.0x1400097b8.6
0x1400097e4 1 case.0x140009670.22
0x1400097eb 1 case.0x1400097b8.7
0x1400097eb 1 case.0x140009670.23
0x1400097f2 1 case.0x1400097b8.8
0x1400097f2 1 case.0x140009670.24
0x1400097f9 1 case.0x1400097b8.9
0x1400097f9 1 case.0x140009670.25
0x140009800 1 case.0x1400097b8.10
0x140009800 1 case.0x140009670.26
0x140009807 1 case.0x1400097b8.11
0x140009807 1 case.0x140009670.27
0x14000980e 1 case.0x1400097b8.12
0x14000980e 1 case.0x140009670.28
0x140009815 1 case.0x1400097b8.13
0x140009815 1 case.0x140009670.29
0x14000981c 1 case.0x1400097b8.14
0x14000981c 1 case.0x140009670.30
0x140009823 1 case.0x1400097b8.15
0x140009823 1 case.0x140009670.31
0x140009826 1 case.default.0x1400097b8
0x14000c100 1 case.default.0x14000c185
0x14000c1d0 1 case.0x14000c185.0
0x14000c1d1 1 case.0x14000c185.2
0x14000c1d8 1 case.0x14000c185.8
0x14000c1df 1 case.0x14000c185.3
0x14000c1ef 1 case.0x14000c185.1
0x14000c1f5 1 case.0x14000c185.16
0x14000c200 1 case.0x14000c185.11
0x14000c21b 1 case.0x14000c185.4
0x14000c220 1 case.0x14000c185.5
0x14000c230 1 case.0x14000c185.6
0x14000c240 1 case.0x14000c185.7
0x14000c258 1 case.0x14000c185.13
0x14000c270 1 case.0x14000c185.9
0x14000c280 1 case.0x14000c185.10
0x14000c290 1 case.0x14000c185.12
0x14000c2a0 1 case.0x14000c185.14
0x14000c2c0 1 case.0x14000c185.15
EOF
RUN

NAME=Jump table attached to wrong basic block bug
FILE=bins/elf/static-glibc-2.27
CMDS=<<EOF
aF @ 0x00459990
abil @ 0x00459aa7~outputs
EOF
EXPECT=<<EOF
outputs: 11
EOF
RUN

NAME=./noncode
FILE=bins/mach0/ls-osx-x86_64
CMDS=<<EOF
e analysis.noncode=false
afr
afl~?str.
EOF
EXPECT=<<EOF
0
EOF
RUN

NAME=./noncode
FILE=bins/mach0/ls-osx-x86_64
CMDS=<<EOF
e analysis.noncode=false
e analysis.calls=true
af
afl~?str.
EOF
EXPECT=<<EOF
0
EOF
RUN

NAME=Microsoft x64 CC Args/Vars
FILE=bins/pe/testx64.exe
CMDS=<<EOF
e asm.bytes=true
e asm.comments=0
s 0x140001080
e analysis.cc=ms
af
pdf
EOF
EXPECT=<<EOF
/ fcn.140001080(int64_t arg1, int64_t arg2, int64_t arg3, int64_t arg4);
|           ; arg int64_t arg1 @ rcx
|           ; arg int64_t arg2 @ rdx
|           ; arg int64_t arg3 @ r8
|           ; arg int64_t arg4 @ r9
|           ; var int64_t var_28h @ stack - 0x28
|           ; var int64_t var_8h @ stack + 0x8
|           ; var int64_t var_10h @ stack + 0x10
|           ; var int64_t var_18h @ stack + 0x18
|           ; var int64_t var_20h @ stack + 0x20
|           0x140001080      48894c2408     mov   qword [var_8h], rcx
|           0x140001085      4889542410     mov   qword [var_10h], rdx
|           0x14000108a      4c89442418     mov   qword [var_18h], r8
|           0x14000108f      4c894c2420     mov   qword [var_20h], r9
|           0x140001094      53             push  rbx
|           0x140001095      56             push  rsi
|           0x140001096      57             push  rdi
|           0x140001097      4883ec30       sub   rsp, 0x30
|           0x14000109b      488bf9         mov   rdi, rcx
|           0x14000109e      488d742458     lea   rsi, [var_10h]
|           0x1400010a3      33c9           xor   ecx, ecx
|           0x1400010a5      ff15cd100000   call  qword [sym.imp.api_ms_win_crt_stdio_l1_1_0.dll___acrt_iob_func]
|           0x1400010ab      488bd8         mov   rbx, rax
|           0x1400010ae      e85dffffff     call  fcn.140001010
|           0x1400010b3      4533c9         xor   r9d, r9d
|           0x1400010b6      4889742420     mov   qword [var_28h], rsi
|           0x1400010bb      4c8bc7         mov   r8, rdi
|           0x1400010be      488bd3         mov   rdx, rbx
|           0x1400010c1      488b08         mov   rcx, qword [rax]
|           0x1400010c4      ff159e100000   call  qword [sym.imp.api_ms_win_crt_stdio_l1_1_0.dll___stdio_common_vfscanf]
|           0x1400010ca      4883c430       add   rsp, 0x30
|           0x1400010ce      5f             pop   rdi
|           0x1400010cf      5e             pop   rsi
|           0x1400010d0      5b             pop   rbx
\           0x1400010d1      c3             ret
EOF
RUN

NAME=x86_64 show registers in table
FILE==
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
ar=
EOF
EXPECT=<<EOF
    rax 0x0000000000000000    rbx 0x0000000000000000    rcx 0x0000000000000000    rdx 0x0000000000000000
    rsi 0x0000000000000000    rdi 0x0000000000000000     r8 0x0000000000000000     r9 0x0000000000000000
    r10 0x0000000000000000    r11 0x0000000000000000    r12 0x0000000000000000    r13 0x0000000000000000
    r14 0x0000000000000000    r15 0x0000000000000000    rip 0x0000000000000000    rbp 0x0000000000000000
 rflags 0x0000000000000000    rsp 0x0000000000000000
EOF
RUN

NAME=x86_64 retpoline jmptbl
FILE=bins/elf/retpoline
CMDS=<<EOF
s 0x780
af
pdr~- case[2]
EOF
EXPECT=<<EOF
3:
2:
1:
0:
4:
EOF
RUN

NAME=x86_64 retpoline disabled jmptbl
FILE=bins/elf/retpoline
CMDS=<<EOF
e analysis.jmp.retpoline=false
s 0x780
af
pdr~- case[2]
EOF
EXPECT=<<EOF
EOF
RUN

NAME=lea pseudo improvements (pseudo disabled)
FILE==
CMDS=<<EOF
e asm.bytes=true
e asm.arch=x86
e asm.bits=64
e asm.comments=false
e asm.pseudo=false
wx 544889e5b40266b83333b85555444448b8bebafecaefbeadde4889d8488d03488b4308488d4308488d041b488d441b0a488d430a488d44240c488d450b488d45f5488d442404488d4508488d45f8
aa
pd 19
EOF
EXPECT=<<EOF
/ fcn.00000000(int64_t arg_3h, int64_t arg_4h);
|           ; var int64_t var_13h @ stack - 0x13
|           ; var int64_t var_10h @ stack - 0x10
|           ; var int64_t var_4h @ stack - 0x4
|           ; arg int64_t arg_3h @ stack + 0x3
|           ; arg int64_t arg_4h @ stack + 0x4
|           0x00000000      54             push  rsp
|           0x00000001      4889e5         mov   rbp, rsp
|           0x00000004      b402           mov   ah, 2
|           0x00000006      66b83333       mov   ax, 0x3333
|           0x0000000a      b855554444     mov   eax, 0x44445555
|           0x0000000f      48b8bebafeca.  movabs rax, 0xdeadbeefcafebabe
|           0x00000019      4889d8         mov   rax, rbx
|           0x0000001c      488d03         lea   rax, [rbx]
|           0x0000001f      488b4308       mov   rax, qword [rbx + 8]
|           0x00000023      488d4308       lea   rax, [rbx + 8]
|           0x00000027      488d041b       lea   rax, [rbx + rbx]
|           0x0000002b      488d441b0a     lea   rax, [rbx + rbx + 0xa]
|           0x00000030      488d430a       lea   rax, [rbx + 0xa]
|           0x00000034      488d44240c     lea   rax, [arg_4h]
|           0x00000039      488d450b       lea   rax, [arg_3h]
|           0x0000003d      488d45f5       lea   rax, [var_13h]
|           0x00000041      488d442404     lea   rax, [var_4h]
|           0x00000046      488d4508       lea   rax, [var_4h + 0x4]
|           0x0000004a      488d45f8       lea   rax, [var_10h]
EOF
RUN

NAME=lea pseudo improvements (pseudo enabled)
FILE==
CMDS=<<EOF
e asm.arch=x86
e asm.bytes=true
e asm.bits=64
e asm.comments=false
e asm.pseudo=true
wx 544889e5b40266b83333b85555444448b8bebafecaefbeadde4889d8488d03488b4308488d4308488d041b488d441b0a488d430a488d44240c488d450b488d45f5488d442404488d4508488d45f8
aa
pd 19
EOF
EXPECT=<<EOF
/ fcn.00000000(int64_t arg_3h, int64_t arg_4h);
|           ; var int64_t var_13h @ stack - 0x13
|           ; var int64_t var_10h @ stack - 0x10
|           ; var int64_t var_4h @ stack - 0x4
|           ; arg int64_t arg_3h @ stack + 0x3
|           ; arg int64_t arg_4h @ stack + 0x4
|           0x00000000      54             push rsp
|           0x00000001      4889e5         rbp = rsp
|           0x00000004      b402           ah = 2
|           0x00000006      66b83333       ax = 0x3333
|           0x0000000a      b855554444     eax = 0x44445555
|           0x0000000f      48b8bebafeca.  rax = 0xdeadbeefcafebabe
|           0x00000019      4889d8         rax = rbx
|           0x0000001c      488d03         rax = rbx
|           0x0000001f      488b4308       rax = qword [rbx + 8]
|           0x00000023      488d4308       rax = rbx + 8
|           0x00000027      488d041b       rax = rbx + rbx
|           0x0000002b      488d441b0a     rax = rbx + rbx + 0xa
|           0x00000030      488d430a       rax = rbx + 0xa
|           0x00000034      488d44240c     rax = arg_4h
|           0x00000039      488d450b       rax = arg_3h
|           0x0000003d      488d45f5       rax = var_13h
|           0x00000041      488d442404     rax = var_4h
|           0x00000046      488d4508       rax = var_4h + 0x4
|           0x0000004a      488d45f8       rax = var_10h
EOF
RUN

NAME=xref graph
FILE=bins/pe/libzmq-v100-mt-4_0_4.dll
CMDS=<<EOF
aa
aac
axg @ 0x1004aa5e
axgj @ 0x1004aa5e~{}
EOF
EXPECT=<<EOF
- 0x1004aa5e fcn 0x1004aa5e fcn.1004aa5e
  - 0x1004ab07 fcn 0x1004aaff fcn.1004aaff
  - 0x1004aaff fcn 0x1004aaff fcn.1004aaff
    - 0x1004ab94 ???
    - 0x1004aba0 ???
    - 0x1004d380 ???
    - 0x1004d3cf ???
{
  "268741214": {
    "type": "fcn",
    "fcn_addr": 268741214,
    "name": "fcn.1004aa5e",
    "refs": [
      {
        "268741383": {
          "type": "fcn",
          "fcn_addr": 268741375,
          "name": "fcn.1004aaff",
          "refs": [
            {
              "268741375": {
                "type": "fcn",
                "fcn_addr": 268741375,
                "name": "fcn.1004aaff",
                "refs": [
                  {
                    "268741524": {
                      "type": "???",
                      "refs": [
                        
                      ]
                    }
                  },
                  {
                    "268741536": {
                      "type": "???",
                      "refs": [
                        
                      ]
                    }
                  },
                  {
                    "268751744": {
                      "type": "???",
                      "refs": [
                        
                      ]
                    }
                  },
                  {
                    "268751823": {
                      "type": "???",
                      "refs": [
                        
                      ]
                    }
                  }
                ]
              }
            }
          ]
        }
      }
    ]
  }
}
EOF
RUN

NAME=dwarf attribute kind check
FILE=bins/elf/dwarf_attr_check
CMDS=<<EOF
aaa
EOF
EXPECT=<<EOF
EOF
RUN

NAME=x86_64 int64_t variable overlapping removal
FILE=bins/elf/arch-x86_64-ls
CMDS=<<EOF
s 0x10270
af
afs
afvl
aaft
afs
afvl
EOF
EXPECT=<<EOF
void fcn.00010270(int64_t arg1, int64_t arg2, int64_t arg3, int64_t arg4, int64_t arg5);
var int64_t var_c8h @ stack - 0xc8
var int64_t var_c7h @ stack - 0xc7
var int64_t var_c0h @ stack - 0xc0
var int64_t var_b8h @ stack - 0xb8
var int64_t var_b0h @ stack - 0xb0
var int64_t var_a8h @ stack - 0xa8
var int64_t var_98h @ stack - 0x98
var int64_t var_94h @ stack - 0x94
var int64_t var_90h @ stack - 0x90
var int64_t var_88h @ stack - 0x88
var int64_t var_80h @ stack - 0x80
var int64_t var_7ch @ stack - 0x7c
var int64_t var_7ah @ stack - 0x7a
var int64_t var_78h @ stack - 0x78
var int64_t var_40h @ stack - 0x40
arg int64_t arg5 @ r8
arg int64_t arg4 @ rcx
arg int64_t arg1 @ rdi
arg int64_t arg3 @ rdx
arg int64_t arg2 @ rsi
void fcn.00010270(int64_t arg1, int64_t arg2, const char **s, int64_t arg4, int64_t arg5);
var const char *s2 @ stack - 0xc8
var void *s1 @ stack - 0xc0
var uint64_t var_b8h @ stack - 0xb8
var int64_t var_b0h @ stack - 0xb0
var int64_t var_a8h @ stack - 0xa8
var uint64_t var_98h @ stack - 0x98
var int64_t var_94h @ stack - 0x94
var int64_t var_90h @ stack - 0x90
var int64_t var_88h @ stack - 0x88
var const char **var_80h @ stack - 0x80
var int64_t var_78h @ stack - 0x78
var int64_t var_40h @ stack - 0x40
arg int64_t arg5 @ r8
arg int64_t arg4 @ rcx
arg int64_t arg1 @ rdi
arg const char **s @ rdx
arg int64_t arg2 @ rsi
EOF
RUN

NAME=double jump function
FILE==
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
wx 7421eb1a4889c3488d45d04889c7e8450000004889d84889c7e874feffffe82ffeffff4883c4485b5dc3
af
afbt
EOF
EXPECT=<<EOF
addr size jump fail 
--------------------
0x0  2    0x23 0x2
0x2  2    0x1e -1
0x1e 5    0x23 -1
0x23 7    -1   -1
EOF
RUN

NAME=analysis endsize 
FILE=bins/elf/libc.so.6
CMDS=<<EOF
s 0x000a3a20
af
afbt
EOF
EXPECT=<<EOF
addr    size jump    fail    
-----------------------------
0xa3a20 17   0xa3b4b 0xa3a31
0xa3a31 10   0xa3b9a 0xa3a3b
0xa3a3b 17   -1      -1
0xa3b4a 1    -1      -1
0xa3b4b 5    0xa3b62 0xa3b50
0xa3b50 5    0xa3b73 0xa3b55
0xa3b55 5    0xa3b80 0xa3b5a
0xa3b5a 2    0xa3b61 0xa3b5c
0xa3b5c 5    0xa3b61 -1
0xa3b61 1    -1      -1
0xa3b62 17   -1      -1
0xa3b73 13   -1      -1
0xa3b80 17   -1      -1
0xa3b9a 9    0xa3c13 0xa3ba3
0xa3ba3 6    0xa3bf0 0xa3ba9
0xa3ba9 71   -1      -1
0xa3bf0 35   -1      -1
0xa3c13 9    0xa3ca8 0xa3c1c
0xa3c1c 6    0xa3b4a 0xa3c22
0xa3c22 65   0xa3d2f 0xa3c63
0xa3c63 48   0xa3c63 0xa3c93
0xa3c93 21   -1      -1
0xa3ca8 63   0xa3d96 0xa3ce7
0xa3ce7 52   0xa3ce7 0xa3d1b
0xa3d1b 20   -1      -1
0xa3d2f 13   0xa3c63 0xa3d3c
0xa3d3c 66   0xa3d3c 0xa3d7e
0xa3d7e 24   -1      -1
0xa3d96 13   0xa3ce7 0xa3da3
0xa3da3 67   0xa3da3 0xa3de6
0xa3de6 23   -1      -1
EOF
RUN

NAME=X86_INSTR_POP wrong order
FILE==
CMDS=<<EOF
e io.va=true
e asm.arch=x86
e asm.bits=64
aei
aeim
ar rdi=0x178000
ar rsp=rdi-0x30
wa "push rbp ; mov rbp,rsp ;  lea rsp,[rdi+8] ; push rsp; pop rsp ; push 0x1337 ; pop qword ptr [rsp] ; pop qword ptr [rsp] ; pop qword ptr [rsp] ; pop qword ptr [rsp] ; mov rsp,rbp ; pop rbp ; ret"
13aes
pxQ 0x28 @ 0+rdi
EOF
EXPECT=<<EOF
0x00178000 0x0000000000001337 rax+4919
0x00178008 0x0000000000001337 rax+4919
0x00178010 0x0000000000001337 rax+4919
0x00178018 0x0000000000001337 rax+4919
0x00178020 0x0000000000001337 rax+4919
EOF
RUN

