Consider the 32 bit code code.zip
Using the following code for dead code elimination:
sblock = ctx.simplify(block) ctx.disassembly(sblock, addr)
(rebase the code to 0x27b20)
before code elimination:
0x27b20: push ebp (1 bytes: 55)
0x27b21: mov ebp, esp (2 bytes: 8bec)
0x27b23: and esp, 0xfffffff0 (3 bytes: 83e4f0)
0x27b26: push esi (1 bytes: 56)
0x27b27: push edi (1 bytes: 57)
0x27b28: push ebx (1 bytes: 53)
0x27b29: sub esp, 0x144 (6 bytes: 81ec44010000)
0x27b2f: rol ecx, cl (2 bytes: d3c1)
0x27b31: xchg ecx, edx (2 bytes: 87d1)
0x27b33: neg dl (2 bytes: f6da)
0x27b35: inc cl (2 bytes: fec1)
0x27b37: shl eax, cl (2 bytes: d3e0)
0x27b39: dec dh (2 bytes: fece)
0x27b3b: xchg ecx, edx (2 bytes: 87d1)
0x27b3d: xchg edx, eax (1 bytes: 92)
0x27b3e: shr ch, 1 (2 bytes: d0ed)
0x27b40: mov al, cl (2 bytes: 8ac1)
0x27b42: xchg edx, ecx (2 bytes: 87ca)
0x27b44: movzx edx, dh (3 bytes: 0fb6d6)
0x27b47: inc eax (1 bytes: 40)
0x27b48: not eax (2 bytes: f7d0)
0x27b4a: adc dh, dl (2 bytes: 12f2)
0x27b4c: inc dh (2 bytes: fec6)
0x27b4e: xor ch, dh (2 bytes: 32ee)
0x27b50: inc cl (2 bytes: fec1)
0x27b52: inc edx (1 bytes: 42)
0x27b53: rcr dl, 6 (3 bytes: c0da06)
0x27b56: sub edx, edx (2 bytes: 2bd2)
0x27b58: shl ch, 3 (3 bytes: c0e503)
0x27b5b: lea ecx, [edx + edx] (3 bytes: 8d0c12)
0x27b5e: adc cl, byte ptr [esp + 0xc] (4 bytes: 124c240c)
0x27b62: adc cl, ch (2 bytes: 12cd)
0x27b64: sbb dl, ch (2 bytes: 1ad5)
0x27b66: rcr dh, 7 (3 bytes: c0de07)
0x27b69: movzx ecx, cl (3 bytes: 0fb6c9)
0x27b6c: inc ecx (1 bytes: 41)
0x27b6d: inc edx (1 bytes: 42)
0x27b6e: movzx eax, dh (3 bytes: 0fb6c6)
0x27b71: inc ch (2 bytes: fec5)
0x27b73: sbb eax, eax (2 bytes: 1bc0)
...
After code elimination:
0x27b20: push ebp
0x27b21: mov ebp, esp
0x27b23: and esp, 0xfffffff0
0x27b26: push esi
0x27b27: push edi
0x27b28: push ebx
0x27b29: sub esp, 0x144
0x27b2f: rol ecx, cl
0x27b31: xchg ecx, edx
0x27b33: neg dl
0x27b35: inc cl
0x27b37: shl eax, cl
0x27b39: dec dh
0x27b3b: xchg ecx, edx
0x27b3d: xchg edx, eax
0x27b3e: shr ch, 1
0x27b40: xchg edx, ecx
0x27b42: movzx edx, dh
0x27b45: adc dh, dl
0x27b47: inc dh
0x27b49: xor ch, dh
0x27b4b: inc cl
0x27b4d: inc edx
0x27b4e: rcr dl, 6
0x27b51: sub edx, edx
0x27b53: shl ch, 3
0x27b56: lea ecx, [edx + edx]
0x27b59: adc cl, byte ptr [esp + 0xc]
0x27b5d: adc cl, ch
0x27b5f: sbb dl, ch
0x27b61: rcr dh, 7
0x27b64: movzx ecx, cl
0x27b67: inc ecx
0x27b68: inc edx
0x27b69: movzx eax, dh
0x27b6c: inc ch
0x27b6e: sbb eax, eax
0x27b70: movzx eax, dl
Here, noticed that
0x27b51: sub edx, edx
so all the dl, edx related code before this should be eliminated as dead code.
And furthermore, since 0x27b56: lea ecx, [edx + edx]
ecx is 0, ecx, and cl related code before 0x27b56 should be eliminated as dead code as well
Consider the 32 bit code code.zip
Using the following code for dead code elimination:
sblock = ctx.simplify(block) ctx.disassembly(sblock, addr)(rebase the code to 0x27b20)
before code elimination:
After code elimination:
Here, noticed that
0x27b51: sub edx, edx
so all the dl, edx related code before this should be eliminated as dead code.
And furthermore, since 0x27b56: lea ecx, [edx + edx]
ecx is 0, ecx, and cl related code before 0x27b56 should be eliminated as dead code as well