├── .gitignore ├── LICENSE ├── Lexa.sln ├── Lexa ├── Lexa.cpp ├── Lexa.vcxproj ├── Lexa.vcxproj.filters ├── Lexa.vcxproj.user ├── capstone │ ├── arm.h │ ├── arm64.h │ ├── capstone.h │ ├── evm.h │ ├── m680x.h │ ├── m68k.h │ ├── mips.h │ ├── mos65xx.h │ ├── platform.h │ ├── ppc.h │ ├── sparc.h │ ├── systemz.h │ ├── tms320c64x.h │ ├── x86.h │ └── xcore.h ├── iat.h ├── keystone │ ├── arm.h │ ├── arm64.h │ ├── hexagon.h │ ├── keystone.h │ ├── mips.h │ ├── ppc.h │ ├── sparc.h │ ├── systemz.h │ └── x86.h ├── misc.h ├── pch.cpp ├── pch.h └── reloc.h ├── README.md ├── Screen Shot 2019-11-22 at 10.13.58 PM.png └── lexa.jpg /.gitignore: -------------------------------------------------------------------------------- 1 | # Prerequisites 2 | *.d 3 | 4 | # Compiled Object files 5 | *.slo 6 | *.lo 7 | *.o 8 | *.obj 9 | 10 | # Precompiled Headers 11 | *.gch 12 | *.pch 13 | 14 | # Compiled Dynamic libraries 15 | *.so 16 | *.dylib 17 | *.dll 18 | 19 | # Fortran module files 20 | *.mod 21 | *.smod 22 | 23 | # Compiled Static libraries 24 | *.lai 25 | *.la 26 | *.a 27 | *.lib 28 | 29 | # Executables 30 | *.exe 31 | *.out 32 | *.app 33 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2019 Sheng-Hao Ma 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /Lexa.sln: -------------------------------------------------------------------------------- 1 |  2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio 15 4 | VisualStudioVersion = 15.0.28307.902 5 | MinimumVisualStudioVersion = 10.0.40219.1 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Lexa", "Lexa\Lexa.vcxproj", "{2D4EBBB6-6F66-4B07-9060-F50F9CCFF523}" 7 | EndProject 8 | Global 9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 10 | Debug|x64 = Debug|x64 11 | Debug|x86 = Debug|x86 12 | Release|x64 = Release|x64 13 | Release|x86 = Release|x86 14 | EndGlobalSection 15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 16 | {2D4EBBB6-6F66-4B07-9060-F50F9CCFF523}.Debug|x64.ActiveCfg = Debug|x64 17 | {2D4EBBB6-6F66-4B07-9060-F50F9CCFF523}.Debug|x64.Build.0 = Debug|x64 18 | {2D4EBBB6-6F66-4B07-9060-F50F9CCFF523}.Debug|x86.ActiveCfg = Debug|Win32 19 | {2D4EBBB6-6F66-4B07-9060-F50F9CCFF523}.Debug|x86.Build.0 = Debug|Win32 20 | {2D4EBBB6-6F66-4B07-9060-F50F9CCFF523}.Release|x64.ActiveCfg = Release|x64 21 | {2D4EBBB6-6F66-4B07-9060-F50F9CCFF523}.Release|x64.Build.0 = Release|x64 22 | {2D4EBBB6-6F66-4B07-9060-F50F9CCFF523}.Release|x86.ActiveCfg = Release|Win32 23 | {2D4EBBB6-6F66-4B07-9060-F50F9CCFF523}.Release|x86.Build.0 = Release|Win32 24 | EndGlobalSection 25 | GlobalSection(SolutionProperties) = preSolution 26 | HideSolutionNode = FALSE 27 | EndGlobalSection 28 | GlobalSection(ExtensibilityGlobals) = postSolution 29 | SolutionGuid = {7097A754-C1CF-456D-8EBE-8CCFC4E18EDD} 30 | EndGlobalSection 31 | EndGlobal 32 | -------------------------------------------------------------------------------- /Lexa/Lexa.cpp: -------------------------------------------------------------------------------- 1 |  2 | #include "pch.h" 3 | #include 4 | #include 5 | #include 6 | #include "iat.h" 7 | #include "misc.h" 8 | #include "reloc.h" 9 | #include 10 | using namespace std; 11 | 12 | #ifdef _DEBUG 13 | #include "capstone/capstone.h" 14 | #include "keystone/keystone.h" 15 | #pragma comment(lib, "capstone/DEBUG/capstone_dll.lib") 16 | #pragma comment(lib, "keystone/DEBUG/keystone.lib") 17 | #else 18 | #include "capstone/capstone.h" 19 | #include "keystone/keystone.h" 20 | #pragma comment(lib, "capstone/RELEASE/capstone.lib") 21 | #pragma comment(lib, "keystone/RELEASE/keystone.lib") 22 | #endif 23 | 24 | #pragma warning(disable:4996) 25 | 26 | int asmblrOutputBytecode(char* assemblyStr, BYTE* &encode, size_t &size, size_t &count) { 27 | ks_engine *ks; 28 | ks_err err; 29 | err = ks_open(KS_ARCH_X86, KS_MODE_32, &ks); 30 | if (err != KS_ERR_OK) { 31 | printf("ERROR: failed on ks_open(), quit\n"); 32 | return -1; 33 | } 34 | 35 | if (ks_asm(ks, assemblyStr, 0, &encode, &size, &count) != KS_ERR_OK) { 36 | printf("ERROR: ks_asm() failed & count = %lu, error = %u\n", 37 | count, ks_errno(ks)); 38 | } 39 | 40 | //ks_free(encode); 41 | //ks_close(ks); 42 | } 43 | 44 | void patchIatImport(BYTE* dumpImg, map callViaThunkArr) { 45 | 46 | PIMAGE_SECTION_HEADER selectScnHdr = enumExecSecnHdr(dumpImg)[0]; // assert it's .text 47 | uint8_t* currPointToBytecode = dumpImg + selectScnHdr->VirtualAddress; 48 | size_t bytecodeSize = selectScnHdr->SizeOfRawData; 49 | 50 | csh handle; cs_insn *currInsn, *beginCurrInsn; size_t count; 51 | if (cs_open(CS_ARCH_X86, getNtHdr(dumpImg)->FileHeader.Machine & IMAGE_FILE_MACHINE_I386 ? CS_MODE_32 : CS_MODE_64, &handle) != CS_ERR_OK) return; 52 | count = cs_disasm(handle, currPointToBytecode, bytecodeSize, getNtHdr(dumpImg)->OptionalHeader.ImageBase + selectScnHdr->VirtualAddress, 0, &currInsn); 53 | beginCurrInsn = currInsn; 54 | 55 | for (size_t j = count; j-- > 0; currPointToBytecode += currInsn->size, currInsn++) { 56 | if (strstr(currInsn->op_str, "ptr")) { 57 | string str_currInsn = string(currInsn->mnemonic) + string(" ") + currInsn->op_str; 58 | std::cmatch match; 59 | 60 | if (regex_match(str_currInsn.c_str(), match, regex("(.+)\x20([^,]+),.dword.ptr.\\[0x(.+)\\]"))) 61 | { 62 | DWORD callViaVA = -1; 63 | sscanf(string(match[3]).c_str(), "%x", &callViaVA); 64 | callViaVA -= getNtHdr(dumpImg)->OptionalHeader.ImageBase; 65 | map::iterator ret = callViaThunkArr.find(callViaVA); 66 | if (ret == callViaThunkArr.end()) continue; 67 | 68 | string impLibName = ret->second; 69 | 70 | char buf[64]; 71 | PIMAGE_THUNK_DATA callVia = (PIMAGE_THUNK_DATA)(dumpImg + callViaVA); 72 | PIMAGE_IMPORT_BY_NAME apiName = (PIMAGE_IMPORT_BY_NAME)(dumpImg + callVia->u1.ForwarderString); 73 | size_t wantedApiAddr = (size_t)GetProcAddress(LoadLibraryA(impLibName.c_str()), apiName->Name); 74 | 75 | BYTE*encode; size_t count; size_t size; 76 | string newInsn = string(string(match[1]) + " " + string(match[2]) + ", 0x" + string(match[3])); 77 | asmblrOutputBytecode((char *)newInsn.c_str(), encode, size, count); 78 | 79 | printf(" # patch %p - %s -> %s@%x\n", currPointToBytecode, str_currInsn.c_str(), apiName->Name, wantedApiAddr); 80 | memcpy(&encode[size - 4], &wantedApiAddr, 4); 81 | memcpy(currPointToBytecode, encode, size); 82 | memset(currPointToBytecode + size, '\x90', currInsn->size - size); 83 | } 84 | else if (regex_match(str_currInsn.c_str(), match, regex("(.+).dword.ptr.\\[0x(.+)\\]"))) 85 | { 86 | DWORD callViaVA = -1; 87 | sscanf(string(match[2]).c_str(), "%x", &callViaVA); 88 | callViaVA -= getNtHdr(dumpImg)->OptionalHeader.ImageBase; 89 | 90 | map::iterator ret = callViaThunkArr.find(callViaVA); 91 | if (ret == callViaThunkArr.end()) continue; 92 | 93 | string impLibName = ret->second; 94 | char buf[64]; 95 | PIMAGE_THUNK_DATA callVia = (PIMAGE_THUNK_DATA)(dumpImg + callViaVA); 96 | PIMAGE_IMPORT_BY_NAME apiName = (PIMAGE_IMPORT_BY_NAME)(dumpImg + callVia->u1.ForwarderString); 97 | size_t wantedApiAddr = (size_t)GetProcAddress(LoadLibraryA(impLibName.c_str()), apiName->Name); 98 | 99 | BYTE*encode; size_t count; size_t size; 100 | string newInsn = string(match[1]) + " 0x" + string(match[2]); 101 | 102 | asmblrOutputBytecode((char *)newInsn.c_str(), encode, size, count); 103 | printf(" # patch %p - %s -> %s@%x\n", currPointToBytecode, str_currInsn.c_str(), apiName->Name, wantedApiAddr); 104 | 105 | size_t jmpOrCall_Offset = (size_t)wantedApiAddr - (size_t)currPointToBytecode - size; 106 | memcpy(&encode[size - 4], &jmpOrCall_Offset, 4); 107 | memcpy(currPointToBytecode, encode, size); 108 | memset(currPointToBytecode + size, '\x90', currInsn->size - size); 109 | 110 | } 111 | } 112 | } 113 | } 114 | 115 | int main(int argc, char** argv) 116 | { 117 | puts 118 | ( 119 | "dP \n" 120 | "88 \n" 121 | "88 .d8888b. dP. .dP .d8888b. \n" 122 | "88 88ooood8 `8bd8' 88' `88 \n" 123 | "88 88. ... .d88b. 88. .88 \n" 124 | "88888888P `88888P' dP' `dP `88888P8 \n" 125 | "ooooooooooooooooooooooooooooooooooooo\n" 126 | "Simple Application Loader & Anti-Tampering\n" 127 | "Lexa [v1.1] by aaaddress1@chroot.org\n" 128 | " --- \n" 129 | ); 130 | bool enableAntiTable = false; int step = 1; 131 | if (argc == 1) { 132 | printf("usage: %s [PE File To Run] [optional: /AT or /AntiTamper]", strrchr(argv[0], '\\') ? strrchr(argv[0], '\\') + 1: argv[0]); 133 | return 1; 134 | } 135 | for (size_t i = 0; i < argc && !enableAntiTable; i++) 136 | enableAntiTable = !stricmp(argv[i], "/AT") || !stricmp(argv[i], "/AntiTamper"); 137 | 138 | printf("[+] Anti-Tampering: %s\n", enableAntiTable ? "[TRUE]": "[FALSE]"); 139 | 140 | // --- read target raw binary --- 141 | char* fileData; DWORD fileSize; 142 | readBinFile(argv[1], &fileData, fileSize); 143 | if (fileSize == 0) { 144 | printf("[!] PE file not found.\n"); 145 | return 1; 146 | } 147 | // --- dump as mapped image --- 148 | BYTE* dumpImg; size_t imgSize; 149 | printf("[%i]: File Mapping\n", step++); 150 | dumpMappedImgBin(fileData, dumpImg, &imgSize); 151 | 152 | // --- parse iat fields --- 153 | printf("[%i]: Fetch Imported Fields\n", step++); 154 | PIMAGE_NT_HEADERS ntHdr = getNtHdr(dumpImg); 155 | map callViaThunkArr = getIAT_callVia((size_t)dumpImg); 156 | for (map::iterator iterator = callViaThunkArr.begin(); iterator != callViaThunkArr.end(); iterator++) { 157 | IMAGE_THUNK_DATA* fieldThunk = (IMAGE_THUNK_DATA*)(dumpImg + iterator->first); 158 | PIMAGE_IMPORT_BY_NAME currApiName = (PIMAGE_IMPORT_BY_NAME)(dumpImg + fieldThunk->u1.ForwarderString); 159 | if (false == enableAntiTable) fieldThunk->u1.Function = (size_t)(GetProcAddress(LoadLibraryA(iterator->second.c_str()), currApiName->Name)); 160 | printf(" # +%4x -> %s : %s\n", iterator->first, iterator->second.c_str(), &currApiName->Name); 161 | } 162 | // --- do relocation --- 163 | printf("[%i]: Deal with Relocation\n", step++); 164 | applyReloc((size_t)dumpImg, ntHdr->OptionalHeader.ImageBase, ntHdr->OptionalHeader.SizeOfImage); 165 | 166 | // --- 167 | /*puts("[4]: Fetch Imported Fields"); 168 | deque relocFieldArr = getRelocFieldArr((size_t)dumpImg, ntHdr->OptionalHeader.SizeOfImage); 169 | for (deque::iterator iterator = relocFieldArr.begin(); iterator != relocFieldArr.end(); iterator++) 170 | printf("[+] reloc field -> %p\n", *iterator ); 171 | */ 172 | 173 | // --- 174 | 175 | ntHdr->OptionalHeader.ImageBase = (size_t)dumpImg; 176 | if (enableAntiTable) { 177 | printf("[%i]: Patching for Importing IAT Fields\n", step++); 178 | patchIatImport(dumpImg, callViaThunkArr); 179 | } 180 | // --- invoke entry --- 181 | printf("[%i]: invoke PE module: file mapping @ %p, entry = %p\n", step++, dumpImg, dumpImg + ntHdr->OptionalHeader.AddressOfEntryPoint); 182 | ((void(*)())(dumpImg + ntHdr->OptionalHeader.AddressOfEntryPoint))(); 183 | 184 | return 0; 185 | } -------------------------------------------------------------------------------- /Lexa/Lexa.vcxproj: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Debug 6 | Win32 7 | 8 | 9 | Release 10 | Win32 11 | 12 | 13 | Debug 14 | x64 15 | 16 | 17 | Release 18 | x64 19 | 20 | 21 | 22 | 15.0 23 | {2D4EBBB6-6F66-4B07-9060-F50F9CCFF523} 24 | Win32Proj 25 | Lexa 26 | 10.0 27 | 28 | 29 | 30 | Application 31 | true 32 | v142 33 | Unicode 34 | 35 | 36 | Application 37 | false 38 | v142 39 | true 40 | Unicode 41 | 42 | 43 | Application 44 | true 45 | v142 46 | Unicode 47 | 48 | 49 | Application 50 | false 51 | v142 52 | true 53 | Unicode 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | true 75 | 76 | 77 | true 78 | 79 | 80 | false 81 | 82 | 83 | false 84 | 85 | 86 | 87 | Use 88 | Level3 89 | Disabled 90 | true 91 | WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) 92 | true 93 | pch.h 94 | MultiThreadedDebug 95 | 96 | 97 | Console 98 | true 99 | 100 | 101 | 102 | 103 | Use 104 | Level3 105 | Disabled 106 | true 107 | _DEBUG;_CONSOLE;%(PreprocessorDefinitions) 108 | true 109 | pch.h 110 | 111 | 112 | Console 113 | true 114 | 115 | 116 | 117 | 118 | Use 119 | Level3 120 | MaxSpeed 121 | true 122 | true 123 | true 124 | WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) 125 | true 126 | pch.h 127 | MultiThreaded 128 | false 129 | 130 | 131 | Console 132 | true 133 | true 134 | true 135 | 136 | 137 | 138 | 139 | Use 140 | Level3 141 | MaxSpeed 142 | true 143 | true 144 | true 145 | NDEBUG;_CONSOLE;%(PreprocessorDefinitions) 146 | true 147 | pch.h 148 | 149 | 150 | Console 151 | true 152 | true 153 | true 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | Create 166 | Create 167 | Create 168 | Create 169 | 170 | 171 | 172 | 173 | 174 | -------------------------------------------------------------------------------- /Lexa/Lexa.vcxproj.filters: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;hm;inl;inc;ipp;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | 18 | 19 | 標頭檔 20 | 21 | 22 | 標頭檔 23 | 24 | 25 | 標頭檔 26 | 27 | 28 | 標頭檔 29 | 30 | 31 | 32 | 33 | 來源檔案 34 | 35 | 36 | 來源檔案 37 | 38 | 39 | -------------------------------------------------------------------------------- /Lexa/Lexa.vcxproj.user: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | -------------------------------------------------------------------------------- /Lexa/capstone/arm.h: -------------------------------------------------------------------------------- 1 | #ifndef CAPSTONE_ARM_H 2 | #define CAPSTONE_ARM_H 3 | 4 | /* Capstone Disassembly Engine */ 5 | /* By Nguyen Anh Quynh , 2013-2015 */ 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "platform.h" 12 | 13 | #ifdef _MSC_VER 14 | #pragma warning(disable:4201) 15 | #endif 16 | 17 | /// ARM shift type 18 | typedef enum arm_shifter { 19 | ARM_SFT_INVALID = 0, 20 | ARM_SFT_ASR, ///< shift with immediate const 21 | ARM_SFT_LSL, ///< shift with immediate const 22 | ARM_SFT_LSR, ///< shift with immediate const 23 | ARM_SFT_ROR, ///< shift with immediate const 24 | ARM_SFT_RRX, ///< shift with immediate const 25 | ARM_SFT_ASR_REG, ///< shift with register 26 | ARM_SFT_LSL_REG, ///< shift with register 27 | ARM_SFT_LSR_REG, ///< shift with register 28 | ARM_SFT_ROR_REG, ///< shift with register 29 | ARM_SFT_RRX_REG, ///< shift with register 30 | } arm_shifter; 31 | 32 | /// ARM condition code 33 | typedef enum arm_cc { 34 | ARM_CC_INVALID = 0, 35 | ARM_CC_EQ, ///< Equal Equal 36 | ARM_CC_NE, ///< Not equal Not equal, or unordered 37 | ARM_CC_HS, ///< Carry set >, ==, or unordered 38 | ARM_CC_LO, ///< Carry clear Less than 39 | ARM_CC_MI, ///< Minus, negative Less than 40 | ARM_CC_PL, ///< Plus, positive or zero >, ==, or unordered 41 | ARM_CC_VS, ///< Overflow Unordered 42 | ARM_CC_VC, ///< No overflow Not unordered 43 | ARM_CC_HI, ///< Unsigned higher Greater than, or unordered 44 | ARM_CC_LS, ///< Unsigned lower or same Less than or equal 45 | ARM_CC_GE, ///< Greater than or equal Greater than or equal 46 | ARM_CC_LT, ///< Less than Less than, or unordered 47 | ARM_CC_GT, ///< Greater than Greater than 48 | ARM_CC_LE, ///< Less than or equal <, ==, or unordered 49 | ARM_CC_AL ///< Always (unconditional) Always (unconditional) 50 | } arm_cc; 51 | 52 | typedef enum arm_sysreg { 53 | /// Special registers for MSR 54 | ARM_SYSREG_INVALID = 0, 55 | 56 | // SPSR* registers can be OR combined 57 | ARM_SYSREG_SPSR_C = 1, 58 | ARM_SYSREG_SPSR_X = 2, 59 | ARM_SYSREG_SPSR_S = 4, 60 | ARM_SYSREG_SPSR_F = 8, 61 | 62 | // CPSR* registers can be OR combined 63 | ARM_SYSREG_CPSR_C = 16, 64 | ARM_SYSREG_CPSR_X = 32, 65 | ARM_SYSREG_CPSR_S = 64, 66 | ARM_SYSREG_CPSR_F = 128, 67 | 68 | // independent registers 69 | ARM_SYSREG_APSR = 256, 70 | ARM_SYSREG_APSR_G, 71 | ARM_SYSREG_APSR_NZCVQ, 72 | ARM_SYSREG_APSR_NZCVQG, 73 | 74 | ARM_SYSREG_IAPSR, 75 | ARM_SYSREG_IAPSR_G, 76 | ARM_SYSREG_IAPSR_NZCVQG, 77 | ARM_SYSREG_IAPSR_NZCVQ, 78 | 79 | ARM_SYSREG_EAPSR, 80 | ARM_SYSREG_EAPSR_G, 81 | ARM_SYSREG_EAPSR_NZCVQG, 82 | ARM_SYSREG_EAPSR_NZCVQ, 83 | 84 | ARM_SYSREG_XPSR, 85 | ARM_SYSREG_XPSR_G, 86 | ARM_SYSREG_XPSR_NZCVQG, 87 | ARM_SYSREG_XPSR_NZCVQ, 88 | 89 | ARM_SYSREG_IPSR, 90 | ARM_SYSREG_EPSR, 91 | ARM_SYSREG_IEPSR, 92 | 93 | ARM_SYSREG_MSP, 94 | ARM_SYSREG_PSP, 95 | ARM_SYSREG_PRIMASK, 96 | ARM_SYSREG_BASEPRI, 97 | ARM_SYSREG_BASEPRI_MAX, 98 | ARM_SYSREG_FAULTMASK, 99 | ARM_SYSREG_CONTROL, 100 | 101 | // Banked Registers 102 | ARM_SYSREG_R8_USR, 103 | ARM_SYSREG_R9_USR, 104 | ARM_SYSREG_R10_USR, 105 | ARM_SYSREG_R11_USR, 106 | ARM_SYSREG_R12_USR, 107 | ARM_SYSREG_SP_USR, 108 | ARM_SYSREG_LR_USR, 109 | ARM_SYSREG_R8_FIQ, 110 | ARM_SYSREG_R9_FIQ, 111 | ARM_SYSREG_R10_FIQ, 112 | ARM_SYSREG_R11_FIQ, 113 | ARM_SYSREG_R12_FIQ, 114 | ARM_SYSREG_SP_FIQ, 115 | ARM_SYSREG_LR_FIQ, 116 | ARM_SYSREG_LR_IRQ, 117 | ARM_SYSREG_SP_IRQ, 118 | ARM_SYSREG_LR_SVC, 119 | ARM_SYSREG_SP_SVC, 120 | ARM_SYSREG_LR_ABT, 121 | ARM_SYSREG_SP_ABT, 122 | ARM_SYSREG_LR_UND, 123 | ARM_SYSREG_SP_UND, 124 | ARM_SYSREG_LR_MON, 125 | ARM_SYSREG_SP_MON, 126 | ARM_SYSREG_ELR_HYP, 127 | ARM_SYSREG_SP_HYP, 128 | 129 | ARM_SYSREG_SPSR_FIQ, 130 | ARM_SYSREG_SPSR_IRQ, 131 | ARM_SYSREG_SPSR_SVC, 132 | ARM_SYSREG_SPSR_ABT, 133 | ARM_SYSREG_SPSR_UND, 134 | ARM_SYSREG_SPSR_MON, 135 | ARM_SYSREG_SPSR_HYP, 136 | } arm_sysreg; 137 | 138 | /// The memory barrier constants map directly to the 4-bit encoding of 139 | /// the option field for Memory Barrier operations. 140 | typedef enum arm_mem_barrier { 141 | ARM_MB_INVALID = 0, 142 | ARM_MB_RESERVED_0, 143 | ARM_MB_OSHLD, 144 | ARM_MB_OSHST, 145 | ARM_MB_OSH, 146 | ARM_MB_RESERVED_4, 147 | ARM_MB_NSHLD, 148 | ARM_MB_NSHST, 149 | ARM_MB_NSH, 150 | ARM_MB_RESERVED_8, 151 | ARM_MB_ISHLD, 152 | ARM_MB_ISHST, 153 | ARM_MB_ISH, 154 | ARM_MB_RESERVED_12, 155 | ARM_MB_LD, 156 | ARM_MB_ST, 157 | ARM_MB_SY, 158 | } arm_mem_barrier; 159 | 160 | /// Operand type for instruction's operands 161 | typedef enum arm_op_type { 162 | ARM_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized). 163 | ARM_OP_REG, ///< = CS_OP_REG (Register operand). 164 | ARM_OP_IMM, ///< = CS_OP_IMM (Immediate operand). 165 | ARM_OP_MEM, ///< = CS_OP_MEM (Memory operand). 166 | ARM_OP_FP, ///< = CS_OP_FP (Floating-Point operand). 167 | ARM_OP_CIMM = 64, ///< C-Immediate (coprocessor registers) 168 | ARM_OP_PIMM, ///< P-Immediate (coprocessor registers) 169 | ARM_OP_SETEND, ///< operand for SETEND instruction 170 | ARM_OP_SYSREG, ///< MSR/MRS special register operand 171 | } arm_op_type; 172 | 173 | /// Operand type for SETEND instruction 174 | typedef enum arm_setend_type { 175 | ARM_SETEND_INVALID = 0, ///< Uninitialized. 176 | ARM_SETEND_BE, ///< BE operand. 177 | ARM_SETEND_LE, ///< LE operand 178 | } arm_setend_type; 179 | 180 | typedef enum arm_cpsmode_type { 181 | ARM_CPSMODE_INVALID = 0, 182 | ARM_CPSMODE_IE = 2, 183 | ARM_CPSMODE_ID = 3 184 | } arm_cpsmode_type; 185 | 186 | /// Operand type for SETEND instruction 187 | typedef enum arm_cpsflag_type { 188 | ARM_CPSFLAG_INVALID = 0, 189 | ARM_CPSFLAG_F = 1, 190 | ARM_CPSFLAG_I = 2, 191 | ARM_CPSFLAG_A = 4, 192 | ARM_CPSFLAG_NONE = 16, ///< no flag 193 | } arm_cpsflag_type; 194 | 195 | /// Data type for elements of vector instructions. 196 | typedef enum arm_vectordata_type { 197 | ARM_VECTORDATA_INVALID = 0, 198 | 199 | // Integer type 200 | ARM_VECTORDATA_I8, 201 | ARM_VECTORDATA_I16, 202 | ARM_VECTORDATA_I32, 203 | ARM_VECTORDATA_I64, 204 | 205 | // Signed integer type 206 | ARM_VECTORDATA_S8, 207 | ARM_VECTORDATA_S16, 208 | ARM_VECTORDATA_S32, 209 | ARM_VECTORDATA_S64, 210 | 211 | // Unsigned integer type 212 | ARM_VECTORDATA_U8, 213 | ARM_VECTORDATA_U16, 214 | ARM_VECTORDATA_U32, 215 | ARM_VECTORDATA_U64, 216 | 217 | // Data type for VMUL/VMULL 218 | ARM_VECTORDATA_P8, 219 | 220 | // Floating type 221 | ARM_VECTORDATA_F32, 222 | ARM_VECTORDATA_F64, 223 | 224 | // Convert float <-> float 225 | ARM_VECTORDATA_F16F64, // f16.f64 226 | ARM_VECTORDATA_F64F16, // f64.f16 227 | ARM_VECTORDATA_F32F16, // f32.f16 228 | ARM_VECTORDATA_F16F32, // f32.f16 229 | ARM_VECTORDATA_F64F32, // f64.f32 230 | ARM_VECTORDATA_F32F64, // f32.f64 231 | 232 | // Convert integer <-> float 233 | ARM_VECTORDATA_S32F32, // s32.f32 234 | ARM_VECTORDATA_U32F32, // u32.f32 235 | ARM_VECTORDATA_F32S32, // f32.s32 236 | ARM_VECTORDATA_F32U32, // f32.u32 237 | ARM_VECTORDATA_F64S16, // f64.s16 238 | ARM_VECTORDATA_F32S16, // f32.s16 239 | ARM_VECTORDATA_F64S32, // f64.s32 240 | ARM_VECTORDATA_S16F64, // s16.f64 241 | ARM_VECTORDATA_S16F32, // s16.f64 242 | ARM_VECTORDATA_S32F64, // s32.f64 243 | ARM_VECTORDATA_U16F64, // u16.f64 244 | ARM_VECTORDATA_U16F32, // u16.f32 245 | ARM_VECTORDATA_U32F64, // u32.f64 246 | ARM_VECTORDATA_F64U16, // f64.u16 247 | ARM_VECTORDATA_F32U16, // f32.u16 248 | ARM_VECTORDATA_F64U32, // f64.u32 249 | } arm_vectordata_type; 250 | 251 | /// ARM registers 252 | typedef enum arm_reg { 253 | ARM_REG_INVALID = 0, 254 | ARM_REG_APSR, 255 | ARM_REG_APSR_NZCV, 256 | ARM_REG_CPSR, 257 | ARM_REG_FPEXC, 258 | ARM_REG_FPINST, 259 | ARM_REG_FPSCR, 260 | ARM_REG_FPSCR_NZCV, 261 | ARM_REG_FPSID, 262 | ARM_REG_ITSTATE, 263 | ARM_REG_LR, 264 | ARM_REG_PC, 265 | ARM_REG_SP, 266 | ARM_REG_SPSR, 267 | ARM_REG_D0, 268 | ARM_REG_D1, 269 | ARM_REG_D2, 270 | ARM_REG_D3, 271 | ARM_REG_D4, 272 | ARM_REG_D5, 273 | ARM_REG_D6, 274 | ARM_REG_D7, 275 | ARM_REG_D8, 276 | ARM_REG_D9, 277 | ARM_REG_D10, 278 | ARM_REG_D11, 279 | ARM_REG_D12, 280 | ARM_REG_D13, 281 | ARM_REG_D14, 282 | ARM_REG_D15, 283 | ARM_REG_D16, 284 | ARM_REG_D17, 285 | ARM_REG_D18, 286 | ARM_REG_D19, 287 | ARM_REG_D20, 288 | ARM_REG_D21, 289 | ARM_REG_D22, 290 | ARM_REG_D23, 291 | ARM_REG_D24, 292 | ARM_REG_D25, 293 | ARM_REG_D26, 294 | ARM_REG_D27, 295 | ARM_REG_D28, 296 | ARM_REG_D29, 297 | ARM_REG_D30, 298 | ARM_REG_D31, 299 | ARM_REG_FPINST2, 300 | ARM_REG_MVFR0, 301 | ARM_REG_MVFR1, 302 | ARM_REG_MVFR2, 303 | ARM_REG_Q0, 304 | ARM_REG_Q1, 305 | ARM_REG_Q2, 306 | ARM_REG_Q3, 307 | ARM_REG_Q4, 308 | ARM_REG_Q5, 309 | ARM_REG_Q6, 310 | ARM_REG_Q7, 311 | ARM_REG_Q8, 312 | ARM_REG_Q9, 313 | ARM_REG_Q10, 314 | ARM_REG_Q11, 315 | ARM_REG_Q12, 316 | ARM_REG_Q13, 317 | ARM_REG_Q14, 318 | ARM_REG_Q15, 319 | ARM_REG_R0, 320 | ARM_REG_R1, 321 | ARM_REG_R2, 322 | ARM_REG_R3, 323 | ARM_REG_R4, 324 | ARM_REG_R5, 325 | ARM_REG_R6, 326 | ARM_REG_R7, 327 | ARM_REG_R8, 328 | ARM_REG_R9, 329 | ARM_REG_R10, 330 | ARM_REG_R11, 331 | ARM_REG_R12, 332 | ARM_REG_S0, 333 | ARM_REG_S1, 334 | ARM_REG_S2, 335 | ARM_REG_S3, 336 | ARM_REG_S4, 337 | ARM_REG_S5, 338 | ARM_REG_S6, 339 | ARM_REG_S7, 340 | ARM_REG_S8, 341 | ARM_REG_S9, 342 | ARM_REG_S10, 343 | ARM_REG_S11, 344 | ARM_REG_S12, 345 | ARM_REG_S13, 346 | ARM_REG_S14, 347 | ARM_REG_S15, 348 | ARM_REG_S16, 349 | ARM_REG_S17, 350 | ARM_REG_S18, 351 | ARM_REG_S19, 352 | ARM_REG_S20, 353 | ARM_REG_S21, 354 | ARM_REG_S22, 355 | ARM_REG_S23, 356 | ARM_REG_S24, 357 | ARM_REG_S25, 358 | ARM_REG_S26, 359 | ARM_REG_S27, 360 | ARM_REG_S28, 361 | ARM_REG_S29, 362 | ARM_REG_S30, 363 | ARM_REG_S31, 364 | 365 | ARM_REG_ENDING, // <-- mark the end of the list or registers 366 | 367 | // alias registers 368 | ARM_REG_R13 = ARM_REG_SP, 369 | ARM_REG_R14 = ARM_REG_LR, 370 | ARM_REG_R15 = ARM_REG_PC, 371 | 372 | ARM_REG_SB = ARM_REG_R9, 373 | ARM_REG_SL = ARM_REG_R10, 374 | ARM_REG_FP = ARM_REG_R11, 375 | ARM_REG_IP = ARM_REG_R12, 376 | } arm_reg; 377 | 378 | /// Instruction's operand referring to memory 379 | /// This is associated with ARM_OP_MEM operand type above 380 | typedef struct arm_op_mem { 381 | arm_reg base; ///< base register 382 | arm_reg index; ///< index register 383 | int scale; ///< scale for index register (can be 1, or -1) 384 | int disp; ///< displacement/offset value 385 | /// left-shift on index register, or 0 if irrelevant 386 | /// NOTE: this value can also be fetched via operand.shift.value 387 | int lshift; 388 | } arm_op_mem; 389 | 390 | /// Instruction operand 391 | typedef struct cs_arm_op { 392 | int vector_index; ///< Vector Index for some vector operands (or -1 if irrelevant) 393 | 394 | struct { 395 | arm_shifter type; 396 | unsigned int value; 397 | } shift; 398 | 399 | arm_op_type type; ///< operand type 400 | 401 | union { 402 | int reg; ///< register value for REG/SYSREG operand 403 | int32_t imm; ///< immediate value for C-IMM, P-IMM or IMM operand 404 | double fp; ///< floating point value for FP operand 405 | arm_op_mem mem; ///< base/index/scale/disp value for MEM operand 406 | arm_setend_type setend; ///< SETEND instruction's operand type 407 | }; 408 | 409 | /// in some instructions, an operand can be subtracted or added to 410 | /// the base register, 411 | /// if TRUE, this operand is subtracted. otherwise, it is added. 412 | bool subtracted; 413 | 414 | /// How is this operand accessed? (READ, WRITE or READ|WRITE) 415 | /// This field is combined of cs_ac_type. 416 | /// NOTE: this field is irrelevant if engine is compiled in DIET mode. 417 | uint8_t access; 418 | 419 | /// Neon lane index for NEON instructions (or -1 if irrelevant) 420 | int8_t neon_lane; 421 | } cs_arm_op; 422 | 423 | /// Instruction structure 424 | typedef struct cs_arm { 425 | bool usermode; ///< User-mode registers to be loaded (for LDM/STM instructions) 426 | int vector_size; ///< Scalar size for vector instructions 427 | arm_vectordata_type vector_data; ///< Data type for elements of vector instructions 428 | arm_cpsmode_type cps_mode; ///< CPS mode for CPS instruction 429 | arm_cpsflag_type cps_flag; ///< CPS mode for CPS instruction 430 | arm_cc cc; ///< conditional code for this insn 431 | bool update_flags; ///< does this insn update flags? 432 | bool writeback; ///< does this insn write-back? 433 | arm_mem_barrier mem_barrier; ///< Option for some memory barrier instructions 434 | 435 | /// Number of operands of this instruction, 436 | /// or 0 when instruction has no operand. 437 | uint8_t op_count; 438 | 439 | cs_arm_op operands[36]; ///< operands for this instruction. 440 | } cs_arm; 441 | 442 | /// ARM instruction 443 | typedef enum arm_insn { 444 | ARM_INS_INVALID = 0, 445 | 446 | ARM_INS_ADC, 447 | ARM_INS_ADD, 448 | ARM_INS_ADR, 449 | ARM_INS_AESD, 450 | ARM_INS_AESE, 451 | ARM_INS_AESIMC, 452 | ARM_INS_AESMC, 453 | ARM_INS_AND, 454 | ARM_INS_BFC, 455 | ARM_INS_BFI, 456 | ARM_INS_BIC, 457 | ARM_INS_BKPT, 458 | ARM_INS_BL, 459 | ARM_INS_BLX, 460 | ARM_INS_BX, 461 | ARM_INS_BXJ, 462 | ARM_INS_B, 463 | ARM_INS_CDP, 464 | ARM_INS_CDP2, 465 | ARM_INS_CLREX, 466 | ARM_INS_CLZ, 467 | ARM_INS_CMN, 468 | ARM_INS_CMP, 469 | ARM_INS_CPS, 470 | ARM_INS_CRC32B, 471 | ARM_INS_CRC32CB, 472 | ARM_INS_CRC32CH, 473 | ARM_INS_CRC32CW, 474 | ARM_INS_CRC32H, 475 | ARM_INS_CRC32W, 476 | ARM_INS_DBG, 477 | ARM_INS_DMB, 478 | ARM_INS_DSB, 479 | ARM_INS_EOR, 480 | ARM_INS_ERET, 481 | ARM_INS_VMOV, 482 | ARM_INS_FLDMDBX, 483 | ARM_INS_FLDMIAX, 484 | ARM_INS_VMRS, 485 | ARM_INS_FSTMDBX, 486 | ARM_INS_FSTMIAX, 487 | ARM_INS_HINT, 488 | ARM_INS_HLT, 489 | ARM_INS_HVC, 490 | ARM_INS_ISB, 491 | ARM_INS_LDA, 492 | ARM_INS_LDAB, 493 | ARM_INS_LDAEX, 494 | ARM_INS_LDAEXB, 495 | ARM_INS_LDAEXD, 496 | ARM_INS_LDAEXH, 497 | ARM_INS_LDAH, 498 | ARM_INS_LDC2L, 499 | ARM_INS_LDC2, 500 | ARM_INS_LDCL, 501 | ARM_INS_LDC, 502 | ARM_INS_LDMDA, 503 | ARM_INS_LDMDB, 504 | ARM_INS_LDM, 505 | ARM_INS_LDMIB, 506 | ARM_INS_LDRBT, 507 | ARM_INS_LDRB, 508 | ARM_INS_LDRD, 509 | ARM_INS_LDREX, 510 | ARM_INS_LDREXB, 511 | ARM_INS_LDREXD, 512 | ARM_INS_LDREXH, 513 | ARM_INS_LDRH, 514 | ARM_INS_LDRHT, 515 | ARM_INS_LDRSB, 516 | ARM_INS_LDRSBT, 517 | ARM_INS_LDRSH, 518 | ARM_INS_LDRSHT, 519 | ARM_INS_LDRT, 520 | ARM_INS_LDR, 521 | ARM_INS_MCR, 522 | ARM_INS_MCR2, 523 | ARM_INS_MCRR, 524 | ARM_INS_MCRR2, 525 | ARM_INS_MLA, 526 | ARM_INS_MLS, 527 | ARM_INS_MOV, 528 | ARM_INS_MOVT, 529 | ARM_INS_MOVW, 530 | ARM_INS_MRC, 531 | ARM_INS_MRC2, 532 | ARM_INS_MRRC, 533 | ARM_INS_MRRC2, 534 | ARM_INS_MRS, 535 | ARM_INS_MSR, 536 | ARM_INS_MUL, 537 | ARM_INS_MVN, 538 | ARM_INS_ORR, 539 | ARM_INS_PKHBT, 540 | ARM_INS_PKHTB, 541 | ARM_INS_PLDW, 542 | ARM_INS_PLD, 543 | ARM_INS_PLI, 544 | ARM_INS_QADD, 545 | ARM_INS_QADD16, 546 | ARM_INS_QADD8, 547 | ARM_INS_QASX, 548 | ARM_INS_QDADD, 549 | ARM_INS_QDSUB, 550 | ARM_INS_QSAX, 551 | ARM_INS_QSUB, 552 | ARM_INS_QSUB16, 553 | ARM_INS_QSUB8, 554 | ARM_INS_RBIT, 555 | ARM_INS_REV, 556 | ARM_INS_REV16, 557 | ARM_INS_REVSH, 558 | ARM_INS_RFEDA, 559 | ARM_INS_RFEDB, 560 | ARM_INS_RFEIA, 561 | ARM_INS_RFEIB, 562 | ARM_INS_RSB, 563 | ARM_INS_RSC, 564 | ARM_INS_SADD16, 565 | ARM_INS_SADD8, 566 | ARM_INS_SASX, 567 | ARM_INS_SBC, 568 | ARM_INS_SBFX, 569 | ARM_INS_SDIV, 570 | ARM_INS_SEL, 571 | ARM_INS_SETEND, 572 | ARM_INS_SHA1C, 573 | ARM_INS_SHA1H, 574 | ARM_INS_SHA1M, 575 | ARM_INS_SHA1P, 576 | ARM_INS_SHA1SU0, 577 | ARM_INS_SHA1SU1, 578 | ARM_INS_SHA256H, 579 | ARM_INS_SHA256H2, 580 | ARM_INS_SHA256SU0, 581 | ARM_INS_SHA256SU1, 582 | ARM_INS_SHADD16, 583 | ARM_INS_SHADD8, 584 | ARM_INS_SHASX, 585 | ARM_INS_SHSAX, 586 | ARM_INS_SHSUB16, 587 | ARM_INS_SHSUB8, 588 | ARM_INS_SMC, 589 | ARM_INS_SMLABB, 590 | ARM_INS_SMLABT, 591 | ARM_INS_SMLAD, 592 | ARM_INS_SMLADX, 593 | ARM_INS_SMLAL, 594 | ARM_INS_SMLALBB, 595 | ARM_INS_SMLALBT, 596 | ARM_INS_SMLALD, 597 | ARM_INS_SMLALDX, 598 | ARM_INS_SMLALTB, 599 | ARM_INS_SMLALTT, 600 | ARM_INS_SMLATB, 601 | ARM_INS_SMLATT, 602 | ARM_INS_SMLAWB, 603 | ARM_INS_SMLAWT, 604 | ARM_INS_SMLSD, 605 | ARM_INS_SMLSDX, 606 | ARM_INS_SMLSLD, 607 | ARM_INS_SMLSLDX, 608 | ARM_INS_SMMLA, 609 | ARM_INS_SMMLAR, 610 | ARM_INS_SMMLS, 611 | ARM_INS_SMMLSR, 612 | ARM_INS_SMMUL, 613 | ARM_INS_SMMULR, 614 | ARM_INS_SMUAD, 615 | ARM_INS_SMUADX, 616 | ARM_INS_SMULBB, 617 | ARM_INS_SMULBT, 618 | ARM_INS_SMULL, 619 | ARM_INS_SMULTB, 620 | ARM_INS_SMULTT, 621 | ARM_INS_SMULWB, 622 | ARM_INS_SMULWT, 623 | ARM_INS_SMUSD, 624 | ARM_INS_SMUSDX, 625 | ARM_INS_SRSDA, 626 | ARM_INS_SRSDB, 627 | ARM_INS_SRSIA, 628 | ARM_INS_SRSIB, 629 | ARM_INS_SSAT, 630 | ARM_INS_SSAT16, 631 | ARM_INS_SSAX, 632 | ARM_INS_SSUB16, 633 | ARM_INS_SSUB8, 634 | ARM_INS_STC2L, 635 | ARM_INS_STC2, 636 | ARM_INS_STCL, 637 | ARM_INS_STC, 638 | ARM_INS_STL, 639 | ARM_INS_STLB, 640 | ARM_INS_STLEX, 641 | ARM_INS_STLEXB, 642 | ARM_INS_STLEXD, 643 | ARM_INS_STLEXH, 644 | ARM_INS_STLH, 645 | ARM_INS_STMDA, 646 | ARM_INS_STMDB, 647 | ARM_INS_STM, 648 | ARM_INS_STMIB, 649 | ARM_INS_STRBT, 650 | ARM_INS_STRB, 651 | ARM_INS_STRD, 652 | ARM_INS_STREX, 653 | ARM_INS_STREXB, 654 | ARM_INS_STREXD, 655 | ARM_INS_STREXH, 656 | ARM_INS_STRH, 657 | ARM_INS_STRHT, 658 | ARM_INS_STRT, 659 | ARM_INS_STR, 660 | ARM_INS_SUB, 661 | ARM_INS_SVC, 662 | ARM_INS_SWP, 663 | ARM_INS_SWPB, 664 | ARM_INS_SXTAB, 665 | ARM_INS_SXTAB16, 666 | ARM_INS_SXTAH, 667 | ARM_INS_SXTB, 668 | ARM_INS_SXTB16, 669 | ARM_INS_SXTH, 670 | ARM_INS_TEQ, 671 | ARM_INS_TRAP, 672 | ARM_INS_TST, 673 | ARM_INS_UADD16, 674 | ARM_INS_UADD8, 675 | ARM_INS_UASX, 676 | ARM_INS_UBFX, 677 | ARM_INS_UDF, 678 | ARM_INS_UDIV, 679 | ARM_INS_UHADD16, 680 | ARM_INS_UHADD8, 681 | ARM_INS_UHASX, 682 | ARM_INS_UHSAX, 683 | ARM_INS_UHSUB16, 684 | ARM_INS_UHSUB8, 685 | ARM_INS_UMAAL, 686 | ARM_INS_UMLAL, 687 | ARM_INS_UMULL, 688 | ARM_INS_UQADD16, 689 | ARM_INS_UQADD8, 690 | ARM_INS_UQASX, 691 | ARM_INS_UQSAX, 692 | ARM_INS_UQSUB16, 693 | ARM_INS_UQSUB8, 694 | ARM_INS_USAD8, 695 | ARM_INS_USADA8, 696 | ARM_INS_USAT, 697 | ARM_INS_USAT16, 698 | ARM_INS_USAX, 699 | ARM_INS_USUB16, 700 | ARM_INS_USUB8, 701 | ARM_INS_UXTAB, 702 | ARM_INS_UXTAB16, 703 | ARM_INS_UXTAH, 704 | ARM_INS_UXTB, 705 | ARM_INS_UXTB16, 706 | ARM_INS_UXTH, 707 | ARM_INS_VABAL, 708 | ARM_INS_VABA, 709 | ARM_INS_VABDL, 710 | ARM_INS_VABD, 711 | ARM_INS_VABS, 712 | ARM_INS_VACGE, 713 | ARM_INS_VACGT, 714 | ARM_INS_VADD, 715 | ARM_INS_VADDHN, 716 | ARM_INS_VADDL, 717 | ARM_INS_VADDW, 718 | ARM_INS_VAND, 719 | ARM_INS_VBIC, 720 | ARM_INS_VBIF, 721 | ARM_INS_VBIT, 722 | ARM_INS_VBSL, 723 | ARM_INS_VCEQ, 724 | ARM_INS_VCGE, 725 | ARM_INS_VCGT, 726 | ARM_INS_VCLE, 727 | ARM_INS_VCLS, 728 | ARM_INS_VCLT, 729 | ARM_INS_VCLZ, 730 | ARM_INS_VCMP, 731 | ARM_INS_VCMPE, 732 | ARM_INS_VCNT, 733 | ARM_INS_VCVTA, 734 | ARM_INS_VCVTB, 735 | ARM_INS_VCVT, 736 | ARM_INS_VCVTM, 737 | ARM_INS_VCVTN, 738 | ARM_INS_VCVTP, 739 | ARM_INS_VCVTT, 740 | ARM_INS_VDIV, 741 | ARM_INS_VDUP, 742 | ARM_INS_VEOR, 743 | ARM_INS_VEXT, 744 | ARM_INS_VFMA, 745 | ARM_INS_VFMS, 746 | ARM_INS_VFNMA, 747 | ARM_INS_VFNMS, 748 | ARM_INS_VHADD, 749 | ARM_INS_VHSUB, 750 | ARM_INS_VLD1, 751 | ARM_INS_VLD2, 752 | ARM_INS_VLD3, 753 | ARM_INS_VLD4, 754 | ARM_INS_VLDMDB, 755 | ARM_INS_VLDMIA, 756 | ARM_INS_VLDR, 757 | ARM_INS_VMAXNM, 758 | ARM_INS_VMAX, 759 | ARM_INS_VMINNM, 760 | ARM_INS_VMIN, 761 | ARM_INS_VMLA, 762 | ARM_INS_VMLAL, 763 | ARM_INS_VMLS, 764 | ARM_INS_VMLSL, 765 | ARM_INS_VMOVL, 766 | ARM_INS_VMOVN, 767 | ARM_INS_VMSR, 768 | ARM_INS_VMUL, 769 | ARM_INS_VMULL, 770 | ARM_INS_VMVN, 771 | ARM_INS_VNEG, 772 | ARM_INS_VNMLA, 773 | ARM_INS_VNMLS, 774 | ARM_INS_VNMUL, 775 | ARM_INS_VORN, 776 | ARM_INS_VORR, 777 | ARM_INS_VPADAL, 778 | ARM_INS_VPADDL, 779 | ARM_INS_VPADD, 780 | ARM_INS_VPMAX, 781 | ARM_INS_VPMIN, 782 | ARM_INS_VQABS, 783 | ARM_INS_VQADD, 784 | ARM_INS_VQDMLAL, 785 | ARM_INS_VQDMLSL, 786 | ARM_INS_VQDMULH, 787 | ARM_INS_VQDMULL, 788 | ARM_INS_VQMOVUN, 789 | ARM_INS_VQMOVN, 790 | ARM_INS_VQNEG, 791 | ARM_INS_VQRDMULH, 792 | ARM_INS_VQRSHL, 793 | ARM_INS_VQRSHRN, 794 | ARM_INS_VQRSHRUN, 795 | ARM_INS_VQSHL, 796 | ARM_INS_VQSHLU, 797 | ARM_INS_VQSHRN, 798 | ARM_INS_VQSHRUN, 799 | ARM_INS_VQSUB, 800 | ARM_INS_VRADDHN, 801 | ARM_INS_VRECPE, 802 | ARM_INS_VRECPS, 803 | ARM_INS_VREV16, 804 | ARM_INS_VREV32, 805 | ARM_INS_VREV64, 806 | ARM_INS_VRHADD, 807 | ARM_INS_VRINTA, 808 | ARM_INS_VRINTM, 809 | ARM_INS_VRINTN, 810 | ARM_INS_VRINTP, 811 | ARM_INS_VRINTR, 812 | ARM_INS_VRINTX, 813 | ARM_INS_VRINTZ, 814 | ARM_INS_VRSHL, 815 | ARM_INS_VRSHRN, 816 | ARM_INS_VRSHR, 817 | ARM_INS_VRSQRTE, 818 | ARM_INS_VRSQRTS, 819 | ARM_INS_VRSRA, 820 | ARM_INS_VRSUBHN, 821 | ARM_INS_VSELEQ, 822 | ARM_INS_VSELGE, 823 | ARM_INS_VSELGT, 824 | ARM_INS_VSELVS, 825 | ARM_INS_VSHLL, 826 | ARM_INS_VSHL, 827 | ARM_INS_VSHRN, 828 | ARM_INS_VSHR, 829 | ARM_INS_VSLI, 830 | ARM_INS_VSQRT, 831 | ARM_INS_VSRA, 832 | ARM_INS_VSRI, 833 | ARM_INS_VST1, 834 | ARM_INS_VST2, 835 | ARM_INS_VST3, 836 | ARM_INS_VST4, 837 | ARM_INS_VSTMDB, 838 | ARM_INS_VSTMIA, 839 | ARM_INS_VSTR, 840 | ARM_INS_VSUB, 841 | ARM_INS_VSUBHN, 842 | ARM_INS_VSUBL, 843 | ARM_INS_VSUBW, 844 | ARM_INS_VSWP, 845 | ARM_INS_VTBL, 846 | ARM_INS_VTBX, 847 | ARM_INS_VCVTR, 848 | ARM_INS_VTRN, 849 | ARM_INS_VTST, 850 | ARM_INS_VUZP, 851 | ARM_INS_VZIP, 852 | ARM_INS_ADDW, 853 | ARM_INS_ASR, 854 | ARM_INS_DCPS1, 855 | ARM_INS_DCPS2, 856 | ARM_INS_DCPS3, 857 | ARM_INS_IT, 858 | ARM_INS_LSL, 859 | ARM_INS_LSR, 860 | ARM_INS_ORN, 861 | ARM_INS_ROR, 862 | ARM_INS_RRX, 863 | ARM_INS_SUBW, 864 | ARM_INS_TBB, 865 | ARM_INS_TBH, 866 | ARM_INS_CBNZ, 867 | ARM_INS_CBZ, 868 | ARM_INS_POP, 869 | ARM_INS_PUSH, 870 | 871 | // special instructions 872 | ARM_INS_NOP, 873 | ARM_INS_YIELD, 874 | ARM_INS_WFE, 875 | ARM_INS_WFI, 876 | ARM_INS_SEV, 877 | ARM_INS_SEVL, 878 | ARM_INS_VPUSH, 879 | ARM_INS_VPOP, 880 | 881 | ARM_INS_ENDING, // <-- mark the end of the list of instructions 882 | } arm_insn; 883 | 884 | /// Group of ARM instructions 885 | typedef enum arm_insn_group { 886 | ARM_GRP_INVALID = 0, ///< = CS_GRP_INVALID 887 | 888 | // Generic groups 889 | // all jump instructions (conditional+direct+indirect jumps) 890 | ARM_GRP_JUMP, ///< = CS_GRP_JUMP 891 | ARM_GRP_CALL, ///< = CS_GRP_CALL 892 | ARM_GRP_INT = 4, ///< = CS_GRP_INT 893 | ARM_GRP_PRIVILEGE = 6, ///< = CS_GRP_PRIVILEGE 894 | ARM_GRP_BRANCH_RELATIVE, ///< = CS_GRP_BRANCH_RELATIVE 895 | 896 | // Architecture-specific groups 897 | ARM_GRP_CRYPTO = 128, 898 | ARM_GRP_DATABARRIER, 899 | ARM_GRP_DIVIDE, 900 | ARM_GRP_FPARMV8, 901 | ARM_GRP_MULTPRO, 902 | ARM_GRP_NEON, 903 | ARM_GRP_T2EXTRACTPACK, 904 | ARM_GRP_THUMB2DSP, 905 | ARM_GRP_TRUSTZONE, 906 | ARM_GRP_V4T, 907 | ARM_GRP_V5T, 908 | ARM_GRP_V5TE, 909 | ARM_GRP_V6, 910 | ARM_GRP_V6T2, 911 | ARM_GRP_V7, 912 | ARM_GRP_V8, 913 | ARM_GRP_VFP2, 914 | ARM_GRP_VFP3, 915 | ARM_GRP_VFP4, 916 | ARM_GRP_ARM, 917 | ARM_GRP_MCLASS, 918 | ARM_GRP_NOTMCLASS, 919 | ARM_GRP_THUMB, 920 | ARM_GRP_THUMB1ONLY, 921 | ARM_GRP_THUMB2, 922 | ARM_GRP_PREV8, 923 | ARM_GRP_FPVMLX, 924 | ARM_GRP_MULOPS, 925 | ARM_GRP_CRC, 926 | ARM_GRP_DPVFP, 927 | ARM_GRP_V6M, 928 | ARM_GRP_VIRTUALIZATION, 929 | 930 | ARM_GRP_ENDING, 931 | } arm_insn_group; 932 | 933 | #ifdef __cplusplus 934 | } 935 | #endif 936 | 937 | #endif 938 | -------------------------------------------------------------------------------- /Lexa/capstone/capstone.h: -------------------------------------------------------------------------------- 1 | #ifndef CAPSTONE_ENGINE_H 2 | #define CAPSTONE_ENGINE_H 3 | 4 | /* Capstone Disassembly Engine */ 5 | /* By Nguyen Anh Quynh , 2013-2016 */ 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include 12 | 13 | #if defined(CAPSTONE_HAS_OSXKERNEL) 14 | #include 15 | #else 16 | #include 17 | #include 18 | #endif 19 | 20 | #include "platform.h" 21 | 22 | #ifdef _MSC_VER 23 | #pragma warning(disable:4201) 24 | #pragma warning(disable:4100) 25 | #define CAPSTONE_API __cdecl 26 | #ifdef CAPSTONE_SHARED 27 | #define CAPSTONE_EXPORT __declspec(dllexport) 28 | #else // defined(CAPSTONE_STATIC) 29 | #define CAPSTONE_EXPORT 30 | #endif 31 | #else 32 | #define CAPSTONE_API 33 | #if defined(__GNUC__) && !defined(CAPSTONE_STATIC) 34 | #define CAPSTONE_EXPORT __attribute__((visibility("default"))) 35 | #else // defined(CAPSTONE_STATIC) 36 | #define CAPSTONE_EXPORT 37 | #endif 38 | #endif 39 | 40 | #ifdef __GNUC__ 41 | #define CAPSTONE_DEPRECATED __attribute__((deprecated)) 42 | #elif defined(_MSC_VER) 43 | #define CAPSTONE_DEPRECATED __declspec(deprecated) 44 | #else 45 | #pragma message("WARNING: You need to implement CAPSTONE_DEPRECATED for this compiler") 46 | #define CAPSTONE_DEPRECATED 47 | #endif 48 | 49 | // Capstone API version 50 | #define CS_API_MAJOR 5 51 | #define CS_API_MINOR 0 52 | 53 | // Version for bleeding edge code of the Github's "next" branch. 54 | // Use this if you want the absolutely latest development code. 55 | // This version number will be bumped up whenever we have a new major change. 56 | #define CS_NEXT_VERSION 5 57 | 58 | // Capstone package version 59 | #define CS_VERSION_MAJOR CS_API_MAJOR 60 | #define CS_VERSION_MINOR CS_API_MINOR 61 | #define CS_VERSION_EXTRA 0 62 | 63 | /// Macro to create combined version which can be compared to 64 | /// result of cs_version() API. 65 | #define CS_MAKE_VERSION(major, minor) ((major << 8) + minor) 66 | 67 | /// Maximum size of an instruction mnemonic string. 68 | #define CS_MNEMONIC_SIZE 32 69 | 70 | // Handle using with all API 71 | typedef size_t csh; 72 | 73 | /// Architecture type 74 | typedef enum cs_arch { 75 | CS_ARCH_ARM = 0, ///< ARM architecture (including Thumb, Thumb-2) 76 | CS_ARCH_ARM64, ///< ARM-64, also called AArch64 77 | CS_ARCH_MIPS, ///< Mips architecture 78 | CS_ARCH_X86, ///< X86 architecture (including x86 & x86-64) 79 | CS_ARCH_PPC, ///< PowerPC architecture 80 | CS_ARCH_SPARC, ///< Sparc architecture 81 | CS_ARCH_SYSZ, ///< SystemZ architecture 82 | CS_ARCH_XCORE, ///< XCore architecture 83 | CS_ARCH_M68K, ///< 68K architecture 84 | CS_ARCH_TMS320C64X, ///< TMS320C64x architecture 85 | CS_ARCH_M680X, ///< 680X architecture 86 | CS_ARCH_EVM, ///< Ethereum architecture 87 | CS_ARCH_MOS65XX, ///< MOS65XX architecture (including MOS6502) 88 | CS_ARCH_MAX, 89 | CS_ARCH_ALL = 0xFFFF, // All architectures - for cs_support() 90 | } cs_arch; 91 | 92 | // Support value to verify diet mode of the engine. 93 | // If cs_support(CS_SUPPORT_DIET) return True, the engine was compiled 94 | // in diet mode. 95 | #define CS_SUPPORT_DIET (CS_ARCH_ALL + 1) 96 | 97 | // Support value to verify X86 reduce mode of the engine. 98 | // If cs_support(CS_SUPPORT_X86_REDUCE) return True, the engine was compiled 99 | // in X86 reduce mode. 100 | #define CS_SUPPORT_X86_REDUCE (CS_ARCH_ALL + 2) 101 | 102 | /// Mode type 103 | typedef enum cs_mode { 104 | CS_MODE_LITTLE_ENDIAN = 0, ///< little-endian mode (default mode) 105 | CS_MODE_ARM = 0, ///< 32-bit ARM 106 | CS_MODE_16 = 1 << 1, ///< 16-bit mode (X86) 107 | CS_MODE_32 = 1 << 2, ///< 32-bit mode (X86) 108 | CS_MODE_64 = 1 << 3, ///< 64-bit mode (X86, PPC) 109 | CS_MODE_THUMB = 1 << 4, ///< ARM's Thumb mode, including Thumb-2 110 | CS_MODE_MCLASS = 1 << 5, ///< ARM's Cortex-M series 111 | CS_MODE_V8 = 1 << 6, ///< ARMv8 A32 encodings for ARM 112 | CS_MODE_MICRO = 1 << 4, ///< MicroMips mode (MIPS) 113 | CS_MODE_MIPS3 = 1 << 5, ///< Mips III ISA 114 | CS_MODE_MIPS32R6 = 1 << 6, ///< Mips32r6 ISA 115 | CS_MODE_MIPS2 = 1 << 7, ///< Mips II ISA 116 | CS_MODE_V9 = 1 << 4, ///< SparcV9 mode (Sparc) 117 | CS_MODE_QPX = 1 << 4, ///< Quad Processing eXtensions mode (PPC) 118 | CS_MODE_M68K_000 = 1 << 1, ///< M68K 68000 mode 119 | CS_MODE_M68K_010 = 1 << 2, ///< M68K 68010 mode 120 | CS_MODE_M68K_020 = 1 << 3, ///< M68K 68020 mode 121 | CS_MODE_M68K_030 = 1 << 4, ///< M68K 68030 mode 122 | CS_MODE_M68K_040 = 1 << 5, ///< M68K 68040 mode 123 | CS_MODE_M68K_060 = 1 << 6, ///< M68K 68060 mode 124 | CS_MODE_BIG_ENDIAN = 1 << 31, ///< big-endian mode 125 | CS_MODE_MIPS32 = CS_MODE_32, ///< Mips32 ISA (Mips) 126 | CS_MODE_MIPS64 = CS_MODE_64, ///< Mips64 ISA (Mips) 127 | CS_MODE_M680X_6301 = 1 << 1, ///< M680X Hitachi 6301,6303 mode 128 | CS_MODE_M680X_6309 = 1 << 2, ///< M680X Hitachi 6309 mode 129 | CS_MODE_M680X_6800 = 1 << 3, ///< M680X Motorola 6800,6802 mode 130 | CS_MODE_M680X_6801 = 1 << 4, ///< M680X Motorola 6801,6803 mode 131 | CS_MODE_M680X_6805 = 1 << 5, ///< M680X Motorola/Freescale 6805 mode 132 | CS_MODE_M680X_6808 = 1 << 6, ///< M680X Motorola/Freescale/NXP 68HC08 mode 133 | CS_MODE_M680X_6809 = 1 << 7, ///< M680X Motorola 6809 mode 134 | CS_MODE_M680X_6811 = 1 << 8, ///< M680X Motorola/Freescale/NXP 68HC11 mode 135 | CS_MODE_M680X_CPU12 = 1 << 9, ///< M680X Motorola/Freescale/NXP CPU12 136 | ///< used on M68HC12/HCS12 137 | CS_MODE_M680X_HCS08 = 1 << 10, ///< M680X Freescale/NXP HCS08 mode 138 | } cs_mode; 139 | 140 | typedef void* (CAPSTONE_API *cs_malloc_t)(size_t size); 141 | typedef void* (CAPSTONE_API *cs_calloc_t)(size_t nmemb, size_t size); 142 | typedef void* (CAPSTONE_API *cs_realloc_t)(void *ptr, size_t size); 143 | typedef void (CAPSTONE_API *cs_free_t)(void *ptr); 144 | typedef int (CAPSTONE_API *cs_vsnprintf_t)(char *str, size_t size, const char *format, va_list ap); 145 | 146 | 147 | /// User-defined dynamic memory related functions: malloc/calloc/realloc/free/vsnprintf() 148 | /// By default, Capstone uses system's malloc(), calloc(), realloc(), free() & vsnprintf(). 149 | typedef struct cs_opt_mem { 150 | cs_malloc_t malloc; 151 | cs_calloc_t calloc; 152 | cs_realloc_t realloc; 153 | cs_free_t free; 154 | cs_vsnprintf_t vsnprintf; 155 | } cs_opt_mem; 156 | 157 | /// Customize mnemonic for instructions with alternative name. 158 | /// To reset existing customized instruction to its default mnemonic, 159 | /// call cs_option(CS_OPT_MNEMONIC) again with the same @id and NULL value 160 | /// for @mnemonic. 161 | typedef struct cs_opt_mnem { 162 | /// ID of instruction to be customized. 163 | unsigned int id; 164 | /// Customized instruction mnemonic. 165 | const char *mnemonic; 166 | } cs_opt_mnem; 167 | 168 | /// Runtime option for the disassembled engine 169 | typedef enum cs_opt_type { 170 | CS_OPT_INVALID = 0, ///< No option specified 171 | CS_OPT_SYNTAX, ///< Assembly output syntax 172 | CS_OPT_DETAIL, ///< Break down instruction structure into details 173 | CS_OPT_MODE, ///< Change engine's mode at run-time 174 | CS_OPT_MEM, ///< User-defined dynamic memory related functions 175 | CS_OPT_SKIPDATA, ///< Skip data when disassembling. Then engine is in SKIPDATA mode. 176 | CS_OPT_SKIPDATA_SETUP, ///< Setup user-defined function for SKIPDATA option 177 | CS_OPT_MNEMONIC, ///< Customize instruction mnemonic 178 | CS_OPT_UNSIGNED, ///< print immediate operands in unsigned form 179 | } cs_opt_type; 180 | 181 | /// Runtime option value (associated with option type above) 182 | typedef enum cs_opt_value { 183 | CS_OPT_OFF = 0, ///< Turn OFF an option - default for CS_OPT_DETAIL, CS_OPT_SKIPDATA, CS_OPT_UNSIGNED. 184 | CS_OPT_ON = 3, ///< Turn ON an option (CS_OPT_DETAIL, CS_OPT_SKIPDATA). 185 | CS_OPT_SYNTAX_DEFAULT = 0, ///< Default asm syntax (CS_OPT_SYNTAX). 186 | CS_OPT_SYNTAX_INTEL, ///< X86 Intel asm syntax - default on X86 (CS_OPT_SYNTAX). 187 | CS_OPT_SYNTAX_ATT, ///< X86 ATT asm syntax (CS_OPT_SYNTAX). 188 | CS_OPT_SYNTAX_NOREGNAME, ///< Prints register name with only number (CS_OPT_SYNTAX) 189 | CS_OPT_SYNTAX_MASM, ///< X86 Intel Masm syntax (CS_OPT_SYNTAX). 190 | } cs_opt_value; 191 | 192 | /// Common instruction operand types - to be consistent across all architectures. 193 | typedef enum cs_op_type { 194 | CS_OP_INVALID = 0, ///< uninitialized/invalid operand. 195 | CS_OP_REG, ///< Register operand. 196 | CS_OP_IMM, ///< Immediate operand. 197 | CS_OP_MEM, ///< Memory operand. 198 | CS_OP_FP, ///< Floating-Point operand. 199 | } cs_op_type; 200 | 201 | /// Common instruction operand access types - to be consistent across all architectures. 202 | /// It is possible to combine access types, for example: CS_AC_READ | CS_AC_WRITE 203 | typedef enum cs_ac_type { 204 | CS_AC_INVALID = 0, ///< Uninitialized/invalid access type. 205 | CS_AC_READ = 1 << 0, ///< Operand read from memory or register. 206 | CS_AC_WRITE = 1 << 1, ///< Operand write to memory or register. 207 | } cs_ac_type; 208 | 209 | /// Common instruction groups - to be consistent across all architectures. 210 | typedef enum cs_group_type { 211 | CS_GRP_INVALID = 0, ///< uninitialized/invalid group. 212 | CS_GRP_JUMP, ///< all jump instructions (conditional+direct+indirect jumps) 213 | CS_GRP_CALL, ///< all call instructions 214 | CS_GRP_RET, ///< all return instructions 215 | CS_GRP_INT, ///< all interrupt instructions (int+syscall) 216 | CS_GRP_IRET, ///< all interrupt return instructions 217 | CS_GRP_PRIVILEGE, ///< all privileged instructions 218 | CS_GRP_BRANCH_RELATIVE, ///< all relative branching instructions 219 | } cs_group_type; 220 | 221 | /** 222 | User-defined callback function for SKIPDATA option. 223 | See tests/test_skipdata.c for sample code demonstrating this API. 224 | 225 | @code: the input buffer containing code to be disassembled. 226 | This is the same buffer passed to cs_disasm(). 227 | @code_size: size (in bytes) of the above @code buffer. 228 | @offset: the position of the currently-examining byte in the input 229 | buffer @code mentioned above. 230 | @user_data: user-data passed to cs_option() via @user_data field in 231 | cs_opt_skipdata struct below. 232 | 233 | @return: return number of bytes to skip, or 0 to immediately stop disassembling. 234 | */ 235 | typedef size_t (CAPSTONE_API *cs_skipdata_cb_t)(const uint8_t *code, size_t code_size, size_t offset, void *user_data); 236 | 237 | /// User-customized setup for SKIPDATA option 238 | typedef struct cs_opt_skipdata { 239 | /// Capstone considers data to skip as special "instructions". 240 | /// User can specify the string for this instruction's "mnemonic" here. 241 | /// By default (if @mnemonic is NULL), Capstone use ".byte". 242 | const char *mnemonic; 243 | 244 | /// User-defined callback function to be called when Capstone hits data. 245 | /// If the returned value from this callback is positive (>0), Capstone 246 | /// will skip exactly that number of bytes & continue. Otherwise, if 247 | /// the callback returns 0, Capstone stops disassembling and returns 248 | /// immediately from cs_disasm() 249 | /// NOTE: if this callback pointer is NULL, Capstone would skip a number 250 | /// of bytes depending on architectures, as following: 251 | /// Arm: 2 bytes (Thumb mode) or 4 bytes. 252 | /// Arm64: 4 bytes. 253 | /// Mips: 4 bytes. 254 | /// M680x: 1 byte. 255 | /// PowerPC: 4 bytes. 256 | /// Sparc: 4 bytes. 257 | /// SystemZ: 2 bytes. 258 | /// X86: 1 bytes. 259 | /// XCore: 2 bytes. 260 | /// EVM: 1 bytes. 261 | /// MOS65XX: 1 bytes. 262 | cs_skipdata_cb_t callback; // default value is NULL 263 | 264 | /// User-defined data to be passed to @callback function pointer. 265 | void *user_data; 266 | } cs_opt_skipdata; 267 | 268 | 269 | #include "arm.h" 270 | #include "arm64.h" 271 | #include "m68k.h" 272 | #include "mips.h" 273 | #include "ppc.h" 274 | #include "sparc.h" 275 | #include "systemz.h" 276 | #include "x86.h" 277 | #include "xcore.h" 278 | #include "tms320c64x.h" 279 | #include "m680x.h" 280 | #include "evm.h" 281 | #include "mos65xx.h" 282 | 283 | /// NOTE: All information in cs_detail is only available when CS_OPT_DETAIL = CS_OPT_ON 284 | /// Initialized as memset(., 0, offsetof(cs_detail, ARCH)+sizeof(cs_ARCH)) 285 | /// by ARCH_getInstruction in arch/ARCH/ARCHDisassembler.c 286 | /// if cs_detail changes, in particular if a field is added after the union, 287 | /// then update arch/ARCH/ARCHDisassembler.c accordingly 288 | typedef struct cs_detail { 289 | uint16_t regs_read[16]; ///< list of implicit registers read by this insn 290 | uint8_t regs_read_count; ///< number of implicit registers read by this insn 291 | 292 | uint16_t regs_write[20]; ///< list of implicit registers modified by this insn 293 | uint8_t regs_write_count; ///< number of implicit registers modified by this insn 294 | 295 | uint8_t groups[8]; ///< list of group this instruction belong to 296 | uint8_t groups_count; ///< number of groups this insn belongs to 297 | 298 | /// Architecture-specific instruction info 299 | union { 300 | cs_x86 x86; ///< X86 architecture, including 16-bit, 32-bit & 64-bit mode 301 | cs_arm64 arm64; ///< ARM64 architecture (aka AArch64) 302 | cs_arm arm; ///< ARM architecture (including Thumb/Thumb2) 303 | cs_m68k m68k; ///< M68K architecture 304 | cs_mips mips; ///< MIPS architecture 305 | cs_ppc ppc; ///< PowerPC architecture 306 | cs_sparc sparc; ///< Sparc architecture 307 | cs_sysz sysz; ///< SystemZ architecture 308 | cs_xcore xcore; ///< XCore architecture 309 | cs_tms320c64x tms320c64x; ///< TMS320C64x architecture 310 | cs_m680x m680x; ///< M680X architecture 311 | cs_evm evm; ///< Ethereum architecture 312 | cs_mos65xx mos65xx; ///< MOS65XX architecture (including MOS6502) 313 | }; 314 | } cs_detail; 315 | 316 | /// Detail information of disassembled instruction 317 | typedef struct cs_insn { 318 | /// Instruction ID (basically a numeric ID for the instruction mnemonic) 319 | /// Find the instruction id in the '[ARCH]_insn' enum in the header file 320 | /// of corresponding architecture, such as 'arm_insn' in arm.h for ARM, 321 | /// 'x86_insn' in x86.h for X86, etc... 322 | /// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF 323 | /// NOTE: in Skipdata mode, "data" instruction has 0 for this id field. 324 | unsigned int id; 325 | 326 | /// Address (EIP) of this instruction 327 | /// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF 328 | uint64_t address; 329 | 330 | /// Size of this instruction 331 | /// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF 332 | uint16_t size; 333 | 334 | /// Machine bytes of this instruction, with number of bytes indicated by @size above 335 | /// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF 336 | uint8_t bytes[24]; 337 | 338 | /// Ascii text of instruction mnemonic 339 | /// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF 340 | char mnemonic[CS_MNEMONIC_SIZE]; 341 | 342 | /// Ascii text of instruction operands 343 | /// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF 344 | char op_str[160]; 345 | 346 | /// Pointer to cs_detail. 347 | /// NOTE: detail pointer is only valid when both requirements below are met: 348 | /// (1) CS_OP_DETAIL = CS_OPT_ON 349 | /// (2) Engine is not in Skipdata mode (CS_OP_SKIPDATA option set to CS_OPT_ON) 350 | /// 351 | /// NOTE 2: when in Skipdata mode, or when detail mode is OFF, even if this pointer 352 | /// is not NULL, its content is still irrelevant. 353 | cs_detail *detail; 354 | } cs_insn; 355 | 356 | 357 | /// Calculate the offset of a disassembled instruction in its buffer, given its position 358 | /// in its array of disassembled insn 359 | /// NOTE: this macro works with position (>=1), not index 360 | #define CS_INSN_OFFSET(insns, post) (insns[post - 1].address - insns[0].address) 361 | 362 | 363 | /// All type of errors encountered by Capstone API. 364 | /// These are values returned by cs_errno() 365 | typedef enum cs_err { 366 | CS_ERR_OK = 0, ///< No error: everything was fine 367 | CS_ERR_MEM, ///< Out-Of-Memory error: cs_open(), cs_disasm(), cs_disasm_iter() 368 | CS_ERR_ARCH, ///< Unsupported architecture: cs_open() 369 | CS_ERR_HANDLE, ///< Invalid handle: cs_op_count(), cs_op_index() 370 | CS_ERR_CSH, ///< Invalid csh argument: cs_close(), cs_errno(), cs_option() 371 | CS_ERR_MODE, ///< Invalid/unsupported mode: cs_open() 372 | CS_ERR_OPTION, ///< Invalid/unsupported option: cs_option() 373 | CS_ERR_DETAIL, ///< Information is unavailable because detail option is OFF 374 | CS_ERR_MEMSETUP, ///< Dynamic memory management uninitialized (see CS_OPT_MEM) 375 | CS_ERR_VERSION, ///< Unsupported version (bindings) 376 | CS_ERR_DIET, ///< Access irrelevant data in "diet" engine 377 | CS_ERR_SKIPDATA, ///< Access irrelevant data for "data" instruction in SKIPDATA mode 378 | CS_ERR_X86_ATT, ///< X86 AT&T syntax is unsupported (opt-out at compile time) 379 | CS_ERR_X86_INTEL, ///< X86 Intel syntax is unsupported (opt-out at compile time) 380 | CS_ERR_X86_MASM, ///< X86 Masm syntax is unsupported (opt-out at compile time) 381 | } cs_err; 382 | 383 | /** 384 | Return combined API version & major and minor version numbers. 385 | 386 | @major: major number of API version 387 | @minor: minor number of API version 388 | 389 | @return hexical number as (major << 8 | minor), which encodes both 390 | major & minor versions. 391 | NOTE: This returned value can be compared with version number made 392 | with macro CS_MAKE_VERSION 393 | 394 | For example, second API version would return 1 in @major, and 1 in @minor 395 | The return value would be 0x0101 396 | 397 | NOTE: if you only care about returned value, but not major and minor values, 398 | set both @major & @minor arguments to NULL. 399 | */ 400 | CAPSTONE_EXPORT 401 | unsigned int CAPSTONE_API cs_version(int *major, int *minor); 402 | 403 | 404 | /** 405 | This API can be used to either ask for archs supported by this library, 406 | or check to see if the library was compile with 'diet' option (or called 407 | in 'diet' mode). 408 | 409 | To check if a particular arch is supported by this library, set @query to 410 | arch mode (CS_ARCH_* value). 411 | To verify if this library supports all the archs, use CS_ARCH_ALL. 412 | 413 | To check if this library is in 'diet' mode, set @query to CS_SUPPORT_DIET. 414 | 415 | @return True if this library supports the given arch, or in 'diet' mode. 416 | */ 417 | CAPSTONE_EXPORT 418 | bool CAPSTONE_API cs_support(int query); 419 | 420 | /** 421 | Initialize CS handle: this must be done before any usage of CS. 422 | 423 | @arch: architecture type (CS_ARCH_*) 424 | @mode: hardware mode. This is combined of CS_MODE_* 425 | @handle: pointer to handle, which will be updated at return time 426 | 427 | @return CS_ERR_OK on success, or other value on failure (refer to cs_err enum 428 | for detailed error). 429 | */ 430 | CAPSTONE_EXPORT 431 | cs_err CAPSTONE_API cs_open(cs_arch arch, cs_mode mode, csh *handle); 432 | 433 | /** 434 | Close CS handle: MUST do to release the handle when it is not used anymore. 435 | NOTE: this must be only called when there is no longer usage of Capstone, 436 | not even access to cs_insn array. The reason is the this API releases some 437 | cached memory, thus access to any Capstone API after cs_close() might crash 438 | your application. 439 | 440 | In fact,this API invalidate @handle by ZERO out its value (i.e *handle = 0). 441 | 442 | @handle: pointer to a handle returned by cs_open() 443 | 444 | @return CS_ERR_OK on success, or other value on failure (refer to cs_err enum 445 | for detailed error). 446 | */ 447 | CAPSTONE_EXPORT 448 | cs_err CAPSTONE_API cs_close(csh *handle); 449 | 450 | /** 451 | Set option for disassembling engine at runtime 452 | 453 | @handle: handle returned by cs_open() 454 | @type: type of option to be set 455 | @value: option value corresponding with @type 456 | 457 | @return: CS_ERR_OK on success, or other value on failure. 458 | Refer to cs_err enum for detailed error. 459 | 460 | NOTE: in the case of CS_OPT_MEM, handle's value can be anything, 461 | so that cs_option(handle, CS_OPT_MEM, value) can (i.e must) be called 462 | even before cs_open() 463 | */ 464 | CAPSTONE_EXPORT 465 | cs_err CAPSTONE_API cs_option(csh handle, cs_opt_type type, size_t value); 466 | 467 | /** 468 | Report the last error number when some API function fail. 469 | Like glibc's errno, cs_errno might not retain its old value once accessed. 470 | 471 | @handle: handle returned by cs_open() 472 | 473 | @return: error code of cs_err enum type (CS_ERR_*, see above) 474 | */ 475 | CAPSTONE_EXPORT 476 | cs_err CAPSTONE_API cs_errno(csh handle); 477 | 478 | 479 | /** 480 | Return a string describing given error code. 481 | 482 | @code: error code (see CS_ERR_* above) 483 | 484 | @return: returns a pointer to a string that describes the error code 485 | passed in the argument @code 486 | */ 487 | CAPSTONE_EXPORT 488 | const char * CAPSTONE_API cs_strerror(cs_err code); 489 | 490 | /** 491 | Disassemble binary code, given the code buffer, size, address and number 492 | of instructions to be decoded. 493 | This API dynamically allocate memory to contain disassembled instruction. 494 | Resulting instructions will be put into @*insn 495 | 496 | NOTE 1: this API will automatically determine memory needed to contain 497 | output disassembled instructions in @insn. 498 | 499 | NOTE 2: caller must free the allocated memory itself to avoid memory leaking. 500 | 501 | NOTE 3: for system with scarce memory to be dynamically allocated such as 502 | OS kernel or firmware, the API cs_disasm_iter() might be a better choice than 503 | cs_disasm(). The reason is that with cs_disasm(), based on limited available 504 | memory, we have to calculate in advance how many instructions to be disassembled, 505 | which complicates things. This is especially troublesome for the case @count=0, 506 | when cs_disasm() runs uncontrollably (until either end of input buffer, or 507 | when it encounters an invalid instruction). 508 | 509 | @handle: handle returned by cs_open() 510 | @code: buffer containing raw binary code to be disassembled. 511 | @code_size: size of the above code buffer. 512 | @address: address of the first instruction in given raw code buffer. 513 | @insn: array of instructions filled in by this API. 514 | NOTE: @insn will be allocated by this function, and should be freed 515 | with cs_free() API. 516 | @count: number of instructions to be disassembled, or 0 to get all of them 517 | 518 | @return: the number of successfully disassembled instructions, 519 | or 0 if this function failed to disassemble the given code 520 | 521 | On failure, call cs_errno() for error code. 522 | */ 523 | CAPSTONE_EXPORT 524 | size_t CAPSTONE_API cs_disasm(csh handle, 525 | const uint8_t *code, size_t code_size, 526 | uint64_t address, 527 | size_t count, 528 | cs_insn **insn); 529 | 530 | /** 531 | Deprecated function - to be retired in the next version! 532 | Use cs_disasm() instead of cs_disasm_ex() 533 | */ 534 | CAPSTONE_EXPORT 535 | CAPSTONE_DEPRECATED 536 | size_t CAPSTONE_API cs_disasm_ex(csh handle, 537 | const uint8_t *code, size_t code_size, 538 | uint64_t address, 539 | size_t count, 540 | cs_insn **insn); 541 | 542 | /** 543 | Free memory allocated by cs_malloc() or cs_disasm() (argument @insn) 544 | 545 | @insn: pointer returned by @insn argument in cs_disasm() or cs_malloc() 546 | @count: number of cs_insn structures returned by cs_disasm(), or 1 547 | to free memory allocated by cs_malloc(). 548 | */ 549 | CAPSTONE_EXPORT 550 | void CAPSTONE_API cs_free(cs_insn *insn, size_t count); 551 | 552 | 553 | /** 554 | Allocate memory for 1 instruction to be used by cs_disasm_iter(). 555 | 556 | @handle: handle returned by cs_open() 557 | 558 | NOTE: when no longer in use, you can reclaim the memory allocated for 559 | this instruction with cs_free(insn, 1) 560 | */ 561 | CAPSTONE_EXPORT 562 | cs_insn * CAPSTONE_API cs_malloc(csh handle); 563 | 564 | /** 565 | Fast API to disassemble binary code, given the code buffer, size, address 566 | and number of instructions to be decoded. 567 | This API puts the resulting instruction into a given cache in @insn. 568 | See tests/test_iter.c for sample code demonstrating this API. 569 | 570 | NOTE 1: this API will update @code, @size & @address to point to the next 571 | instruction in the input buffer. Therefore, it is convenient to use 572 | cs_disasm_iter() inside a loop to quickly iterate all the instructions. 573 | While decoding one instruction at a time can also be achieved with 574 | cs_disasm(count=1), some benchmarks shown that cs_disasm_iter() can be 30% 575 | faster on random input. 576 | 577 | NOTE 2: the cache in @insn can be created with cs_malloc() API. 578 | 579 | NOTE 3: for system with scarce memory to be dynamically allocated such as 580 | OS kernel or firmware, this API is recommended over cs_disasm(), which 581 | allocates memory based on the number of instructions to be disassembled. 582 | The reason is that with cs_disasm(), based on limited available memory, 583 | we have to calculate in advance how many instructions to be disassembled, 584 | which complicates things. This is especially troublesome for the case 585 | @count=0, when cs_disasm() runs uncontrollably (until either end of input 586 | buffer, or when it encounters an invalid instruction). 587 | 588 | @handle: handle returned by cs_open() 589 | @code: buffer containing raw binary code to be disassembled 590 | @size: size of above code 591 | @address: address of the first insn in given raw code buffer 592 | @insn: pointer to instruction to be filled in by this API. 593 | 594 | @return: true if this API successfully decode 1 instruction, 595 | or false otherwise. 596 | 597 | On failure, call cs_errno() for error code. 598 | */ 599 | CAPSTONE_EXPORT 600 | bool CAPSTONE_API cs_disasm_iter(csh handle, 601 | const uint8_t **code, size_t *size, 602 | uint64_t *address, cs_insn *insn); 603 | 604 | /** 605 | Return friendly name of register in a string. 606 | Find the instruction id from header file of corresponding architecture (arm.h for ARM, 607 | x86.h for X86, ...) 608 | 609 | WARN: when in 'diet' mode, this API is irrelevant because engine does not 610 | store register name. 611 | 612 | @handle: handle returned by cs_open() 613 | @reg_id: register id 614 | 615 | @return: string name of the register, or NULL if @reg_id is invalid. 616 | */ 617 | CAPSTONE_EXPORT 618 | const char * CAPSTONE_API cs_reg_name(csh handle, unsigned int reg_id); 619 | 620 | /** 621 | Return friendly name of an instruction in a string. 622 | Find the instruction id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) 623 | 624 | WARN: when in 'diet' mode, this API is irrelevant because the engine does not 625 | store instruction name. 626 | 627 | @handle: handle returned by cs_open() 628 | @insn_id: instruction id 629 | 630 | @return: string name of the instruction, or NULL if @insn_id is invalid. 631 | */ 632 | CAPSTONE_EXPORT 633 | const char * CAPSTONE_API cs_insn_name(csh handle, unsigned int insn_id); 634 | 635 | /** 636 | Return friendly name of a group id (that an instruction can belong to) 637 | Find the group id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) 638 | 639 | WARN: when in 'diet' mode, this API is irrelevant because the engine does not 640 | store group name. 641 | 642 | @handle: handle returned by cs_open() 643 | @group_id: group id 644 | 645 | @return: string name of the group, or NULL if @group_id is invalid. 646 | */ 647 | CAPSTONE_EXPORT 648 | const char * CAPSTONE_API cs_group_name(csh handle, unsigned int group_id); 649 | 650 | /** 651 | Check if a disassembled instruction belong to a particular group. 652 | Find the group id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) 653 | Internally, this simply verifies if @group_id matches any member of insn->groups array. 654 | 655 | NOTE: this API is only valid when detail option is ON (which is OFF by default). 656 | 657 | WARN: when in 'diet' mode, this API is irrelevant because the engine does not 658 | update @groups array. 659 | 660 | @handle: handle returned by cs_open() 661 | @insn: disassembled instruction structure received from cs_disasm() or cs_disasm_iter() 662 | @group_id: group that you want to check if this instruction belong to. 663 | 664 | @return: true if this instruction indeed belongs to the given group, or false otherwise. 665 | */ 666 | CAPSTONE_EXPORT 667 | bool CAPSTONE_API cs_insn_group(csh handle, const cs_insn *insn, unsigned int group_id); 668 | 669 | /** 670 | Check if a disassembled instruction IMPLICITLY used a particular register. 671 | Find the register id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) 672 | Internally, this simply verifies if @reg_id matches any member of insn->regs_read array. 673 | 674 | NOTE: this API is only valid when detail option is ON (which is OFF by default) 675 | 676 | WARN: when in 'diet' mode, this API is irrelevant because the engine does not 677 | update @regs_read array. 678 | 679 | @insn: disassembled instruction structure received from cs_disasm() or cs_disasm_iter() 680 | @reg_id: register that you want to check if this instruction used it. 681 | 682 | @return: true if this instruction indeed implicitly used the given register, or false otherwise. 683 | */ 684 | CAPSTONE_EXPORT 685 | bool CAPSTONE_API cs_reg_read(csh handle, const cs_insn *insn, unsigned int reg_id); 686 | 687 | /** 688 | Check if a disassembled instruction IMPLICITLY modified a particular register. 689 | Find the register id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) 690 | Internally, this simply verifies if @reg_id matches any member of insn->regs_write array. 691 | 692 | NOTE: this API is only valid when detail option is ON (which is OFF by default) 693 | 694 | WARN: when in 'diet' mode, this API is irrelevant because the engine does not 695 | update @regs_write array. 696 | 697 | @insn: disassembled instruction structure received from cs_disasm() or cs_disasm_iter() 698 | @reg_id: register that you want to check if this instruction modified it. 699 | 700 | @return: true if this instruction indeed implicitly modified the given register, or false otherwise. 701 | */ 702 | CAPSTONE_EXPORT 703 | bool CAPSTONE_API cs_reg_write(csh handle, const cs_insn *insn, unsigned int reg_id); 704 | 705 | /** 706 | Count the number of operands of a given type. 707 | Find the operand type in header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) 708 | 709 | NOTE: this API is only valid when detail option is ON (which is OFF by default) 710 | 711 | @handle: handle returned by cs_open() 712 | @insn: disassembled instruction structure received from cs_disasm() or cs_disasm_iter() 713 | @op_type: Operand type to be found. 714 | 715 | @return: number of operands of given type @op_type in instruction @insn, 716 | or -1 on failure. 717 | */ 718 | CAPSTONE_EXPORT 719 | int CAPSTONE_API cs_op_count(csh handle, const cs_insn *insn, unsigned int op_type); 720 | 721 | /** 722 | Retrieve the position of operand of given type in .operands[] array. 723 | Later, the operand can be accessed using the returned position. 724 | Find the operand type in header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) 725 | 726 | NOTE: this API is only valid when detail option is ON (which is OFF by default) 727 | 728 | @handle: handle returned by cs_open() 729 | @insn: disassembled instruction structure received from cs_disasm() or cs_disasm_iter() 730 | @op_type: Operand type to be found. 731 | @position: position of the operand to be found. This must be in the range 732 | [1, cs_op_count(handle, insn, op_type)] 733 | 734 | @return: index of operand of given type @op_type in .operands[] array 735 | in instruction @insn, or -1 on failure. 736 | */ 737 | CAPSTONE_EXPORT 738 | int CAPSTONE_API cs_op_index(csh handle, const cs_insn *insn, unsigned int op_type, 739 | unsigned int position); 740 | 741 | /// Type of array to keep the list of registers 742 | typedef uint16_t cs_regs[64]; 743 | 744 | /** 745 | Retrieve all the registers accessed by an instruction, either explicitly or 746 | implicitly. 747 | 748 | WARN: when in 'diet' mode, this API is irrelevant because engine does not 749 | store registers. 750 | 751 | @handle: handle returned by cs_open() 752 | @insn: disassembled instruction structure returned from cs_disasm() or cs_disasm_iter() 753 | @regs_read: on return, this array contains all registers read by instruction. 754 | @regs_read_count: number of registers kept inside @regs_read array. 755 | @regs_write: on return, this array contains all registers written by instruction. 756 | @regs_write_count: number of registers kept inside @regs_write array. 757 | 758 | @return CS_ERR_OK on success, or other value on failure (refer to cs_err enum 759 | for detailed error). 760 | */ 761 | CAPSTONE_EXPORT 762 | cs_err CAPSTONE_API cs_regs_access(csh handle, const cs_insn *insn, 763 | cs_regs regs_read, uint8_t *regs_read_count, 764 | cs_regs regs_write, uint8_t *regs_write_count); 765 | 766 | #ifdef __cplusplus 767 | } 768 | #endif 769 | 770 | #endif 771 | -------------------------------------------------------------------------------- /Lexa/capstone/evm.h: -------------------------------------------------------------------------------- 1 | #ifndef CAPSTONE_EVM_H 2 | #define CAPSTONE_EVM_H 3 | 4 | /* Capstone Disassembly Engine */ 5 | /* By Nguyen Anh Quynh , 2013-2018 */ 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "platform.h" 12 | 13 | #ifdef _MSC_VER 14 | #pragma warning(disable:4201) 15 | #endif 16 | 17 | /// Instruction structure 18 | typedef struct cs_evm { 19 | unsigned char pop; ///< number of items popped from the stack 20 | unsigned char push; ///< number of items pushed into the stack 21 | unsigned int fee; ///< gas fee for the instruction 22 | } cs_evm; 23 | 24 | /// EVM instruction 25 | typedef enum evm_insn { 26 | EVM_INS_STOP = 0, 27 | EVM_INS_ADD = 1, 28 | EVM_INS_MUL = 2, 29 | EVM_INS_SUB = 3, 30 | EVM_INS_DIV = 4, 31 | EVM_INS_SDIV = 5, 32 | EVM_INS_MOD = 6, 33 | EVM_INS_SMOD = 7, 34 | EVM_INS_ADDMOD = 8, 35 | EVM_INS_MULMOD = 9, 36 | EVM_INS_EXP = 10, 37 | EVM_INS_SIGNEXTEND = 11, 38 | EVM_INS_LT = 16, 39 | EVM_INS_GT = 17, 40 | EVM_INS_SLT = 18, 41 | EVM_INS_SGT = 19, 42 | EVM_INS_EQ = 20, 43 | EVM_INS_ISZERO = 21, 44 | EVM_INS_AND = 22, 45 | EVM_INS_OR = 23, 46 | EVM_INS_XOR = 24, 47 | EVM_INS_NOT = 25, 48 | EVM_INS_BYTE = 26, 49 | EVM_INS_SHA3 = 32, 50 | EVM_INS_ADDRESS = 48, 51 | EVM_INS_BALANCE = 49, 52 | EVM_INS_ORIGIN = 50, 53 | EVM_INS_CALLER = 51, 54 | EVM_INS_CALLVALUE = 52, 55 | EVM_INS_CALLDATALOAD = 53, 56 | EVM_INS_CALLDATASIZE = 54, 57 | EVM_INS_CALLDATACOPY = 55, 58 | EVM_INS_CODESIZE = 56, 59 | EVM_INS_CODECOPY = 57, 60 | EVM_INS_GASPRICE = 58, 61 | EVM_INS_EXTCODESIZE = 59, 62 | EVM_INS_EXTCODECOPY = 60, 63 | EVM_INS_RETURNDATASIZE = 61, 64 | EVM_INS_RETURNDATACOPY = 62, 65 | EVM_INS_BLOCKHASH = 64, 66 | EVM_INS_COINBASE = 65, 67 | EVM_INS_TIMESTAMP = 66, 68 | EVM_INS_NUMBER = 67, 69 | EVM_INS_DIFFICULTY = 68, 70 | EVM_INS_GASLIMIT = 69, 71 | EVM_INS_POP = 80, 72 | EVM_INS_MLOAD = 81, 73 | EVM_INS_MSTORE = 82, 74 | EVM_INS_MSTORE8 = 83, 75 | EVM_INS_SLOAD = 84, 76 | EVM_INS_SSTORE = 85, 77 | EVM_INS_JUMP = 86, 78 | EVM_INS_JUMPI = 87, 79 | EVM_INS_PC = 88, 80 | EVM_INS_MSIZE = 89, 81 | EVM_INS_GAS = 90, 82 | EVM_INS_JUMPDEST = 91, 83 | EVM_INS_PUSH1 = 96, 84 | EVM_INS_PUSH2 = 97, 85 | EVM_INS_PUSH3 = 98, 86 | EVM_INS_PUSH4 = 99, 87 | EVM_INS_PUSH5 = 100, 88 | EVM_INS_PUSH6 = 101, 89 | EVM_INS_PUSH7 = 102, 90 | EVM_INS_PUSH8 = 103, 91 | EVM_INS_PUSH9 = 104, 92 | EVM_INS_PUSH10 = 105, 93 | EVM_INS_PUSH11 = 106, 94 | EVM_INS_PUSH12 = 107, 95 | EVM_INS_PUSH13 = 108, 96 | EVM_INS_PUSH14 = 109, 97 | EVM_INS_PUSH15 = 110, 98 | EVM_INS_PUSH16 = 111, 99 | EVM_INS_PUSH17 = 112, 100 | EVM_INS_PUSH18 = 113, 101 | EVM_INS_PUSH19 = 114, 102 | EVM_INS_PUSH20 = 115, 103 | EVM_INS_PUSH21 = 116, 104 | EVM_INS_PUSH22 = 117, 105 | EVM_INS_PUSH23 = 118, 106 | EVM_INS_PUSH24 = 119, 107 | EVM_INS_PUSH25 = 120, 108 | EVM_INS_PUSH26 = 121, 109 | EVM_INS_PUSH27 = 122, 110 | EVM_INS_PUSH28 = 123, 111 | EVM_INS_PUSH29 = 124, 112 | EVM_INS_PUSH30 = 125, 113 | EVM_INS_PUSH31 = 126, 114 | EVM_INS_PUSH32 = 127, 115 | EVM_INS_DUP1 = 128, 116 | EVM_INS_DUP2 = 129, 117 | EVM_INS_DUP3 = 130, 118 | EVM_INS_DUP4 = 131, 119 | EVM_INS_DUP5 = 132, 120 | EVM_INS_DUP6 = 133, 121 | EVM_INS_DUP7 = 134, 122 | EVM_INS_DUP8 = 135, 123 | EVM_INS_DUP9 = 136, 124 | EVM_INS_DUP10 = 137, 125 | EVM_INS_DUP11 = 138, 126 | EVM_INS_DUP12 = 139, 127 | EVM_INS_DUP13 = 140, 128 | EVM_INS_DUP14 = 141, 129 | EVM_INS_DUP15 = 142, 130 | EVM_INS_DUP16 = 143, 131 | EVM_INS_SWAP1 = 144, 132 | EVM_INS_SWAP2 = 145, 133 | EVM_INS_SWAP3 = 146, 134 | EVM_INS_SWAP4 = 147, 135 | EVM_INS_SWAP5 = 148, 136 | EVM_INS_SWAP6 = 149, 137 | EVM_INS_SWAP7 = 150, 138 | EVM_INS_SWAP8 = 151, 139 | EVM_INS_SWAP9 = 152, 140 | EVM_INS_SWAP10 = 153, 141 | EVM_INS_SWAP11 = 154, 142 | EVM_INS_SWAP12 = 155, 143 | EVM_INS_SWAP13 = 156, 144 | EVM_INS_SWAP14 = 157, 145 | EVM_INS_SWAP15 = 158, 146 | EVM_INS_SWAP16 = 159, 147 | EVM_INS_LOG0 = 160, 148 | EVM_INS_LOG1 = 161, 149 | EVM_INS_LOG2 = 162, 150 | EVM_INS_LOG3 = 163, 151 | EVM_INS_LOG4 = 164, 152 | EVM_INS_CREATE = 240, 153 | EVM_INS_CALL = 241, 154 | EVM_INS_CALLCODE = 242, 155 | EVM_INS_RETURN = 243, 156 | EVM_INS_DELEGATECALL = 244, 157 | EVM_INS_CALLBLACKBOX = 245, 158 | EVM_INS_STATICCALL = 250, 159 | EVM_INS_REVERT = 253, 160 | EVM_INS_SUICIDE = 255, 161 | 162 | EVM_INS_INVALID = 512, 163 | EVM_INS_ENDING, // <-- mark the end of the list of instructions 164 | } evm_insn; 165 | 166 | /// Group of EVM instructions 167 | typedef enum evm_insn_group { 168 | EVM_GRP_INVALID = 0, ///< = CS_GRP_INVALID 169 | 170 | EVM_GRP_JUMP, ///< all jump instructions 171 | 172 | EVM_GRP_MATH = 8, ///< math instructions 173 | EVM_GRP_STACK_WRITE, ///< instructions write to stack 174 | EVM_GRP_STACK_READ, ///< instructions read from stack 175 | EVM_GRP_MEM_WRITE, ///< instructions write to memory 176 | EVM_GRP_MEM_READ, ///< instructions read from memory 177 | EVM_GRP_STORE_WRITE, ///< instructions write to storage 178 | EVM_GRP_STORE_READ, ///< instructions read from storage 179 | EVM_GRP_HALT, ///< instructions halt execution 180 | 181 | EVM_GRP_ENDING, ///< <-- mark the end of the list of groups 182 | } evm_insn_group; 183 | 184 | #ifdef __cplusplus 185 | } 186 | #endif 187 | 188 | #endif 189 | -------------------------------------------------------------------------------- /Lexa/capstone/m680x.h: -------------------------------------------------------------------------------- 1 | #ifndef CAPSTONE_M680X_H 2 | #define CAPSTONE_M680X_H 3 | 4 | /* Capstone Disassembly Engine */ 5 | /* M680X Backend by Wolfgang Schwotzer 2017 */ 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "platform.h" 12 | 13 | #ifdef _MSC_VER 14 | #pragma warning(disable:4201) 15 | #endif 16 | 17 | #define M680X_OPERAND_COUNT 9 18 | 19 | /// M680X registers and special registers 20 | typedef enum m680x_reg { 21 | M680X_REG_INVALID = 0, 22 | 23 | M680X_REG_A, ///< M6800/1/2/3/9, HD6301/9 24 | M680X_REG_B, ///< M6800/1/2/3/9, HD6301/9 25 | M680X_REG_E, ///< HD6309 26 | M680X_REG_F, ///< HD6309 27 | M680X_REG_0, ///< HD6309 28 | 29 | M680X_REG_D, ///< M6801/3/9, HD6301/9 30 | M680X_REG_W, ///< HD6309 31 | 32 | M680X_REG_CC, ///< M6800/1/2/3/9, M6301/9 33 | M680X_REG_DP, ///< M6809/M6309 34 | M680X_REG_MD, ///< M6309 35 | 36 | M680X_REG_HX, ///< M6808 37 | M680X_REG_H, ///< M6808 38 | M680X_REG_X, ///< M6800/1/2/3/9, M6301/9 39 | M680X_REG_Y, ///< M6809/M6309 40 | M680X_REG_S, ///< M6809/M6309 41 | M680X_REG_U, ///< M6809/M6309 42 | M680X_REG_V, ///< M6309 43 | 44 | M680X_REG_Q, ///< M6309 45 | 46 | M680X_REG_PC, ///< M6800/1/2/3/9, M6301/9 47 | 48 | M680X_REG_TMP2, ///< CPU12 49 | M680X_REG_TMP3, ///< CPU12 50 | 51 | M680X_REG_ENDING, ///< <-- mark the end of the list of registers 52 | } m680x_reg; 53 | 54 | /// Operand type for instruction's operands 55 | typedef enum m680x_op_type { 56 | M680X_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized). 57 | M680X_OP_REGISTER, ///< = Register operand. 58 | M680X_OP_IMMEDIATE, ///< = Immediate operand. 59 | M680X_OP_INDEXED, ///< = Indexed addressing operand. 60 | M680X_OP_EXTENDED, ///< = Extended addressing operand. 61 | M680X_OP_DIRECT, ///< = Direct addressing operand. 62 | M680X_OP_RELATIVE, ///< = Relative addressing operand. 63 | M680X_OP_CONSTANT, ///< = constant operand (Displayed as number only). 64 | ///< Used e.g. for a bit index or page number. 65 | } m680x_op_type; 66 | 67 | // Supported bit values for mem.idx.offset_bits 68 | #define M680X_OFFSET_NONE 0 69 | #define M680X_OFFSET_BITS_5 5 70 | #define M680X_OFFSET_BITS_8 8 71 | #define M680X_OFFSET_BITS_9 9 72 | #define M680X_OFFSET_BITS_16 16 73 | 74 | // Supported bit flags for mem.idx.flags 75 | // These flags can be combined 76 | #define M680X_IDX_INDIRECT 1 77 | #define M680X_IDX_NO_COMMA 2 78 | #define M680X_IDX_POST_INC_DEC 4 79 | 80 | /// Instruction's operand referring to indexed addressing 81 | typedef struct m680x_op_idx { 82 | m680x_reg base_reg; ///< base register (or M680X_REG_INVALID if 83 | ///< irrelevant) 84 | m680x_reg offset_reg; ///< offset register (or M680X_REG_INVALID if 85 | ///< irrelevant) 86 | int16_t offset; ///< 5-,8- or 16-bit offset. See also offset_bits. 87 | uint16_t offset_addr; ///< = offset addr. if base_reg == M680X_REG_PC. 88 | ///< calculated as offset + PC 89 | uint8_t offset_bits; ///< offset width in bits for indexed addressing 90 | int8_t inc_dec; ///< inc. or dec. value: 91 | ///< 0: no inc-/decrement 92 | ///< 1 .. 8: increment by 1 .. 8 93 | ///< -1 .. -8: decrement by 1 .. 8 94 | ///< if flag M680X_IDX_POST_INC_DEC set it is post 95 | ///< inc-/decrement otherwise pre inc-/decrement 96 | uint8_t flags; ///< 8-bit flags (see above) 97 | } m680x_op_idx; 98 | 99 | /// Instruction's memory operand referring to relative addressing (Bcc/LBcc) 100 | typedef struct m680x_op_rel { 101 | uint16_t address; ///< The absolute address. 102 | ///< calculated as PC + offset. PC is the first 103 | ///< address after the instruction. 104 | int16_t offset; ///< the offset/displacement value 105 | } m680x_op_rel; 106 | 107 | /// Instruction's operand referring to extended addressing 108 | typedef struct m680x_op_ext { 109 | uint16_t address; ///< The absolute address 110 | bool indirect; ///< true if extended indirect addressing 111 | } m680x_op_ext; 112 | 113 | /// Instruction operand 114 | typedef struct cs_m680x_op { 115 | m680x_op_type type; 116 | union { 117 | int32_t imm; ///< immediate value for IMM operand 118 | m680x_reg reg; ///< register value for REG operand 119 | m680x_op_idx idx; ///< Indexed addressing operand 120 | m680x_op_rel rel; ///< Relative address. operand (Bcc/LBcc) 121 | m680x_op_ext ext; ///< Extended address 122 | uint8_t direct_addr; ///<, 2015-2016 */ 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "platform.h" 12 | 13 | #ifdef _MSC_VER 14 | #pragma warning(disable:4201) 15 | #endif 16 | 17 | #define M68K_OPERAND_COUNT 4 18 | 19 | /// M68K registers and special registers 20 | typedef enum m68k_reg { 21 | M68K_REG_INVALID = 0, 22 | 23 | M68K_REG_D0, 24 | M68K_REG_D1, 25 | M68K_REG_D2, 26 | M68K_REG_D3, 27 | M68K_REG_D4, 28 | M68K_REG_D5, 29 | M68K_REG_D6, 30 | M68K_REG_D7, 31 | 32 | M68K_REG_A0, 33 | M68K_REG_A1, 34 | M68K_REG_A2, 35 | M68K_REG_A3, 36 | M68K_REG_A4, 37 | M68K_REG_A5, 38 | M68K_REG_A6, 39 | M68K_REG_A7, 40 | 41 | M68K_REG_FP0, 42 | M68K_REG_FP1, 43 | M68K_REG_FP2, 44 | M68K_REG_FP3, 45 | M68K_REG_FP4, 46 | M68K_REG_FP5, 47 | M68K_REG_FP6, 48 | M68K_REG_FP7, 49 | 50 | M68K_REG_PC, 51 | 52 | M68K_REG_SR, 53 | M68K_REG_CCR, 54 | M68K_REG_SFC, 55 | M68K_REG_DFC, 56 | M68K_REG_USP, 57 | M68K_REG_VBR, 58 | M68K_REG_CACR, 59 | M68K_REG_CAAR, 60 | M68K_REG_MSP, 61 | M68K_REG_ISP, 62 | M68K_REG_TC, 63 | M68K_REG_ITT0, 64 | M68K_REG_ITT1, 65 | M68K_REG_DTT0, 66 | M68K_REG_DTT1, 67 | M68K_REG_MMUSR, 68 | M68K_REG_URP, 69 | M68K_REG_SRP, 70 | 71 | M68K_REG_FPCR, 72 | M68K_REG_FPSR, 73 | M68K_REG_FPIAR, 74 | 75 | M68K_REG_ENDING, // <-- mark the end of the list of registers 76 | } m68k_reg; 77 | 78 | /// M68K Addressing Modes 79 | typedef enum m68k_address_mode { 80 | M68K_AM_NONE = 0, ///< No address mode. 81 | 82 | M68K_AM_REG_DIRECT_DATA, ///< Register Direct - Data 83 | M68K_AM_REG_DIRECT_ADDR, ///< Register Direct - Address 84 | 85 | M68K_AM_REGI_ADDR, ///< Register Indirect - Address 86 | M68K_AM_REGI_ADDR_POST_INC, ///< Register Indirect - Address with Postincrement 87 | M68K_AM_REGI_ADDR_PRE_DEC, ///< Register Indirect - Address with Predecrement 88 | M68K_AM_REGI_ADDR_DISP, ///< Register Indirect - Address with Displacement 89 | 90 | M68K_AM_AREGI_INDEX_8_BIT_DISP, ///< Address Register Indirect With Index- 8-bit displacement 91 | M68K_AM_AREGI_INDEX_BASE_DISP, ///< Address Register Indirect With Index- Base displacement 92 | 93 | M68K_AM_MEMI_POST_INDEX, ///< Memory indirect - Postindex 94 | M68K_AM_MEMI_PRE_INDEX, ///< Memory indirect - Preindex 95 | 96 | M68K_AM_PCI_DISP, ///< Program Counter Indirect - with Displacement 97 | 98 | M68K_AM_PCI_INDEX_8_BIT_DISP, ///< Program Counter Indirect with Index - with 8-Bit Displacement 99 | M68K_AM_PCI_INDEX_BASE_DISP, ///< Program Counter Indirect with Index - with Base Displacement 100 | 101 | M68K_AM_PC_MEMI_POST_INDEX, ///< Program Counter Memory Indirect - Postindexed 102 | M68K_AM_PC_MEMI_PRE_INDEX, ///< Program Counter Memory Indirect - Preindexed 103 | 104 | M68K_AM_ABSOLUTE_DATA_SHORT, ///< Absolute Data Addressing - Short 105 | M68K_AM_ABSOLUTE_DATA_LONG, ///< Absolute Data Addressing - Long 106 | M68K_AM_IMMEDIATE, ///< Immediate value 107 | 108 | M68K_AM_BRANCH_DISPLACEMENT, ///< Address as displacement from (PC+2) used by branches 109 | } m68k_address_mode; 110 | 111 | /// Operand type for instruction's operands 112 | typedef enum m68k_op_type { 113 | M68K_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized). 114 | M68K_OP_REG, ///< = CS_OP_REG (Register operand). 115 | M68K_OP_IMM, ///< = CS_OP_IMM (Immediate operand). 116 | M68K_OP_MEM, ///< = CS_OP_MEM (Memory operand). 117 | M68K_OP_FP_SINGLE, ///< single precision Floating-Point operand 118 | M68K_OP_FP_DOUBLE, ///< double precision Floating-Point operand 119 | M68K_OP_REG_BITS, ///< Register bits move 120 | M68K_OP_REG_PAIR, ///< Register pair in the same op (upper 4 bits for first reg, lower for second) 121 | M68K_OP_BR_DISP, ///< Branch displacement 122 | } m68k_op_type; 123 | 124 | /// Instruction's operand referring to memory 125 | /// This is associated with M68K_OP_MEM operand type above 126 | typedef struct m68k_op_mem { 127 | m68k_reg base_reg; ///< base register (or M68K_REG_INVALID if irrelevant) 128 | m68k_reg index_reg; ///< index register (or M68K_REG_INVALID if irrelevant) 129 | m68k_reg in_base_reg; ///< indirect base register (or M68K_REG_INVALID if irrelevant) 130 | uint32_t in_disp; ///< indirect displacement 131 | uint32_t out_disp; ///< other displacement 132 | int16_t disp; ///< displacement value 133 | uint8_t scale; ///< scale for index register 134 | uint8_t bitfield; ///< set to true if the two values below should be used 135 | uint8_t width; ///< used for bf* instructions 136 | uint8_t offset; ///< used for bf* instructions 137 | uint8_t index_size; ///< 0 = w, 1 = l 138 | } m68k_op_mem; 139 | 140 | /// Operand type for instruction's operands 141 | typedef enum m68k_op_br_disp_size { 142 | M68K_OP_BR_DISP_SIZE_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized). 143 | M68K_OP_BR_DISP_SIZE_BYTE = 1, ///< signed 8-bit displacement 144 | M68K_OP_BR_DISP_SIZE_WORD = 2, ///< signed 16-bit displacement 145 | M68K_OP_BR_DISP_SIZE_LONG = 4, ///< signed 32-bit displacement 146 | } m68k_op_br_disp_size; 147 | 148 | typedef struct m68k_op_br_disp { 149 | int32_t disp; ///< displacement value 150 | uint8_t disp_size; ///< Size from m68k_op_br_disp_size type above 151 | } m68k_op_br_disp; 152 | 153 | /// Instruction operand 154 | typedef struct cs_m68k_op { 155 | union { 156 | uint64_t imm; ///< immediate value for IMM operand 157 | double dimm; ///< double imm 158 | float simm; ///< float imm 159 | m68k_reg reg; ///< register value for REG operand 160 | struct { ///< register pair in one operand 161 | m68k_reg reg_0; 162 | m68k_reg reg_1; 163 | } reg_pair; 164 | }; 165 | 166 | m68k_op_mem mem; ///< data when operand is targeting memory 167 | m68k_op_br_disp br_disp; ///< data when operand is a branch displacement 168 | uint32_t register_bits; ///< register bits for movem etc. (always in d0-d7, a0-a7, fp0 - fp7 order) 169 | m68k_op_type type; 170 | m68k_address_mode address_mode; ///< M68K addressing mode for this op 171 | } cs_m68k_op; 172 | 173 | /// Operation size of the CPU instructions 174 | typedef enum m68k_cpu_size { 175 | M68K_CPU_SIZE_NONE = 0, ///< unsized or unspecified 176 | M68K_CPU_SIZE_BYTE = 1, ///< 1 byte in size 177 | M68K_CPU_SIZE_WORD = 2, ///< 2 bytes in size 178 | M68K_CPU_SIZE_LONG = 4, ///< 4 bytes in size 179 | } m68k_cpu_size; 180 | 181 | /// Operation size of the FPU instructions (Notice that FPU instruction can also use CPU sizes if needed) 182 | typedef enum m68k_fpu_size { 183 | M68K_FPU_SIZE_NONE = 0, ///< unsized like fsave/frestore 184 | M68K_FPU_SIZE_SINGLE = 4, ///< 4 byte in size (single float) 185 | M68K_FPU_SIZE_DOUBLE = 8, ///< 8 byte in size (double) 186 | M68K_FPU_SIZE_EXTENDED = 12, ///< 12 byte in size (extended real format) 187 | } m68k_fpu_size; 188 | 189 | /// Type of size that is being used for the current instruction 190 | typedef enum m68k_size_type { 191 | M68K_SIZE_TYPE_INVALID = 0, 192 | 193 | M68K_SIZE_TYPE_CPU, 194 | M68K_SIZE_TYPE_FPU, 195 | } m68k_size_type; 196 | 197 | /// Operation size of the current instruction (NOT the actually size of instruction) 198 | typedef struct m68k_op_size { 199 | m68k_size_type type; 200 | union { 201 | m68k_cpu_size cpu_size; 202 | m68k_fpu_size fpu_size; 203 | }; 204 | } m68k_op_size; 205 | 206 | /// The M68K instruction and it's operands 207 | typedef struct cs_m68k { 208 | // Number of operands of this instruction or 0 when instruction has no operand. 209 | cs_m68k_op operands[M68K_OPERAND_COUNT]; ///< operands for this instruction. 210 | m68k_op_size op_size; ///< size of data operand works on in bytes (.b, .w, .l, etc) 211 | uint8_t op_count; ///< number of operands for the instruction 212 | } cs_m68k; 213 | 214 | /// M68K instruction 215 | typedef enum m68k_insn { 216 | M68K_INS_INVALID = 0, 217 | 218 | M68K_INS_ABCD, 219 | M68K_INS_ADD, 220 | M68K_INS_ADDA, 221 | M68K_INS_ADDI, 222 | M68K_INS_ADDQ, 223 | M68K_INS_ADDX, 224 | M68K_INS_AND, 225 | M68K_INS_ANDI, 226 | M68K_INS_ASL, 227 | M68K_INS_ASR, 228 | M68K_INS_BHS, 229 | M68K_INS_BLO, 230 | M68K_INS_BHI, 231 | M68K_INS_BLS, 232 | M68K_INS_BCC, 233 | M68K_INS_BCS, 234 | M68K_INS_BNE, 235 | M68K_INS_BEQ, 236 | M68K_INS_BVC, 237 | M68K_INS_BVS, 238 | M68K_INS_BPL, 239 | M68K_INS_BMI, 240 | M68K_INS_BGE, 241 | M68K_INS_BLT, 242 | M68K_INS_BGT, 243 | M68K_INS_BLE, 244 | M68K_INS_BRA, 245 | M68K_INS_BSR, 246 | M68K_INS_BCHG, 247 | M68K_INS_BCLR, 248 | M68K_INS_BSET, 249 | M68K_INS_BTST, 250 | M68K_INS_BFCHG, 251 | M68K_INS_BFCLR, 252 | M68K_INS_BFEXTS, 253 | M68K_INS_BFEXTU, 254 | M68K_INS_BFFFO, 255 | M68K_INS_BFINS, 256 | M68K_INS_BFSET, 257 | M68K_INS_BFTST, 258 | M68K_INS_BKPT, 259 | M68K_INS_CALLM, 260 | M68K_INS_CAS, 261 | M68K_INS_CAS2, 262 | M68K_INS_CHK, 263 | M68K_INS_CHK2, 264 | M68K_INS_CLR, 265 | M68K_INS_CMP, 266 | M68K_INS_CMPA, 267 | M68K_INS_CMPI, 268 | M68K_INS_CMPM, 269 | M68K_INS_CMP2, 270 | M68K_INS_CINVL, 271 | M68K_INS_CINVP, 272 | M68K_INS_CINVA, 273 | M68K_INS_CPUSHL, 274 | M68K_INS_CPUSHP, 275 | M68K_INS_CPUSHA, 276 | M68K_INS_DBT, 277 | M68K_INS_DBF, 278 | M68K_INS_DBHI, 279 | M68K_INS_DBLS, 280 | M68K_INS_DBCC, 281 | M68K_INS_DBCS, 282 | M68K_INS_DBNE, 283 | M68K_INS_DBEQ, 284 | M68K_INS_DBVC, 285 | M68K_INS_DBVS, 286 | M68K_INS_DBPL, 287 | M68K_INS_DBMI, 288 | M68K_INS_DBGE, 289 | M68K_INS_DBLT, 290 | M68K_INS_DBGT, 291 | M68K_INS_DBLE, 292 | M68K_INS_DBRA, 293 | M68K_INS_DIVS, 294 | M68K_INS_DIVSL, 295 | M68K_INS_DIVU, 296 | M68K_INS_DIVUL, 297 | M68K_INS_EOR, 298 | M68K_INS_EORI, 299 | M68K_INS_EXG, 300 | M68K_INS_EXT, 301 | M68K_INS_EXTB, 302 | M68K_INS_FABS, 303 | M68K_INS_FSABS, 304 | M68K_INS_FDABS, 305 | M68K_INS_FACOS, 306 | M68K_INS_FADD, 307 | M68K_INS_FSADD, 308 | M68K_INS_FDADD, 309 | M68K_INS_FASIN, 310 | M68K_INS_FATAN, 311 | M68K_INS_FATANH, 312 | M68K_INS_FBF, 313 | M68K_INS_FBEQ, 314 | M68K_INS_FBOGT, 315 | M68K_INS_FBOGE, 316 | M68K_INS_FBOLT, 317 | M68K_INS_FBOLE, 318 | M68K_INS_FBOGL, 319 | M68K_INS_FBOR, 320 | M68K_INS_FBUN, 321 | M68K_INS_FBUEQ, 322 | M68K_INS_FBUGT, 323 | M68K_INS_FBUGE, 324 | M68K_INS_FBULT, 325 | M68K_INS_FBULE, 326 | M68K_INS_FBNE, 327 | M68K_INS_FBT, 328 | M68K_INS_FBSF, 329 | M68K_INS_FBSEQ, 330 | M68K_INS_FBGT, 331 | M68K_INS_FBGE, 332 | M68K_INS_FBLT, 333 | M68K_INS_FBLE, 334 | M68K_INS_FBGL, 335 | M68K_INS_FBGLE, 336 | M68K_INS_FBNGLE, 337 | M68K_INS_FBNGL, 338 | M68K_INS_FBNLE, 339 | M68K_INS_FBNLT, 340 | M68K_INS_FBNGE, 341 | M68K_INS_FBNGT, 342 | M68K_INS_FBSNE, 343 | M68K_INS_FBST, 344 | M68K_INS_FCMP, 345 | M68K_INS_FCOS, 346 | M68K_INS_FCOSH, 347 | M68K_INS_FDBF, 348 | M68K_INS_FDBEQ, 349 | M68K_INS_FDBOGT, 350 | M68K_INS_FDBOGE, 351 | M68K_INS_FDBOLT, 352 | M68K_INS_FDBOLE, 353 | M68K_INS_FDBOGL, 354 | M68K_INS_FDBOR, 355 | M68K_INS_FDBUN, 356 | M68K_INS_FDBUEQ, 357 | M68K_INS_FDBUGT, 358 | M68K_INS_FDBUGE, 359 | M68K_INS_FDBULT, 360 | M68K_INS_FDBULE, 361 | M68K_INS_FDBNE, 362 | M68K_INS_FDBT, 363 | M68K_INS_FDBSF, 364 | M68K_INS_FDBSEQ, 365 | M68K_INS_FDBGT, 366 | M68K_INS_FDBGE, 367 | M68K_INS_FDBLT, 368 | M68K_INS_FDBLE, 369 | M68K_INS_FDBGL, 370 | M68K_INS_FDBGLE, 371 | M68K_INS_FDBNGLE, 372 | M68K_INS_FDBNGL, 373 | M68K_INS_FDBNLE, 374 | M68K_INS_FDBNLT, 375 | M68K_INS_FDBNGE, 376 | M68K_INS_FDBNGT, 377 | M68K_INS_FDBSNE, 378 | M68K_INS_FDBST, 379 | M68K_INS_FDIV, 380 | M68K_INS_FSDIV, 381 | M68K_INS_FDDIV, 382 | M68K_INS_FETOX, 383 | M68K_INS_FETOXM1, 384 | M68K_INS_FGETEXP, 385 | M68K_INS_FGETMAN, 386 | M68K_INS_FINT, 387 | M68K_INS_FINTRZ, 388 | M68K_INS_FLOG10, 389 | M68K_INS_FLOG2, 390 | M68K_INS_FLOGN, 391 | M68K_INS_FLOGNP1, 392 | M68K_INS_FMOD, 393 | M68K_INS_FMOVE, 394 | M68K_INS_FSMOVE, 395 | M68K_INS_FDMOVE, 396 | M68K_INS_FMOVECR, 397 | M68K_INS_FMOVEM, 398 | M68K_INS_FMUL, 399 | M68K_INS_FSMUL, 400 | M68K_INS_FDMUL, 401 | M68K_INS_FNEG, 402 | M68K_INS_FSNEG, 403 | M68K_INS_FDNEG, 404 | M68K_INS_FNOP, 405 | M68K_INS_FREM, 406 | M68K_INS_FRESTORE, 407 | M68K_INS_FSAVE, 408 | M68K_INS_FSCALE, 409 | M68K_INS_FSGLDIV, 410 | M68K_INS_FSGLMUL, 411 | M68K_INS_FSIN, 412 | M68K_INS_FSINCOS, 413 | M68K_INS_FSINH, 414 | M68K_INS_FSQRT, 415 | M68K_INS_FSSQRT, 416 | M68K_INS_FDSQRT, 417 | M68K_INS_FSF, 418 | M68K_INS_FSBEQ, 419 | M68K_INS_FSOGT, 420 | M68K_INS_FSOGE, 421 | M68K_INS_FSOLT, 422 | M68K_INS_FSOLE, 423 | M68K_INS_FSOGL, 424 | M68K_INS_FSOR, 425 | M68K_INS_FSUN, 426 | M68K_INS_FSUEQ, 427 | M68K_INS_FSUGT, 428 | M68K_INS_FSUGE, 429 | M68K_INS_FSULT, 430 | M68K_INS_FSULE, 431 | M68K_INS_FSNE, 432 | M68K_INS_FST, 433 | M68K_INS_FSSF, 434 | M68K_INS_FSSEQ, 435 | M68K_INS_FSGT, 436 | M68K_INS_FSGE, 437 | M68K_INS_FSLT, 438 | M68K_INS_FSLE, 439 | M68K_INS_FSGL, 440 | M68K_INS_FSGLE, 441 | M68K_INS_FSNGLE, 442 | M68K_INS_FSNGL, 443 | M68K_INS_FSNLE, 444 | M68K_INS_FSNLT, 445 | M68K_INS_FSNGE, 446 | M68K_INS_FSNGT, 447 | M68K_INS_FSSNE, 448 | M68K_INS_FSST, 449 | M68K_INS_FSUB, 450 | M68K_INS_FSSUB, 451 | M68K_INS_FDSUB, 452 | M68K_INS_FTAN, 453 | M68K_INS_FTANH, 454 | M68K_INS_FTENTOX, 455 | M68K_INS_FTRAPF, 456 | M68K_INS_FTRAPEQ, 457 | M68K_INS_FTRAPOGT, 458 | M68K_INS_FTRAPOGE, 459 | M68K_INS_FTRAPOLT, 460 | M68K_INS_FTRAPOLE, 461 | M68K_INS_FTRAPOGL, 462 | M68K_INS_FTRAPOR, 463 | M68K_INS_FTRAPUN, 464 | M68K_INS_FTRAPUEQ, 465 | M68K_INS_FTRAPUGT, 466 | M68K_INS_FTRAPUGE, 467 | M68K_INS_FTRAPULT, 468 | M68K_INS_FTRAPULE, 469 | M68K_INS_FTRAPNE, 470 | M68K_INS_FTRAPT, 471 | M68K_INS_FTRAPSF, 472 | M68K_INS_FTRAPSEQ, 473 | M68K_INS_FTRAPGT, 474 | M68K_INS_FTRAPGE, 475 | M68K_INS_FTRAPLT, 476 | M68K_INS_FTRAPLE, 477 | M68K_INS_FTRAPGL, 478 | M68K_INS_FTRAPGLE, 479 | M68K_INS_FTRAPNGLE, 480 | M68K_INS_FTRAPNGL, 481 | M68K_INS_FTRAPNLE, 482 | M68K_INS_FTRAPNLT, 483 | M68K_INS_FTRAPNGE, 484 | M68K_INS_FTRAPNGT, 485 | M68K_INS_FTRAPSNE, 486 | M68K_INS_FTRAPST, 487 | M68K_INS_FTST, 488 | M68K_INS_FTWOTOX, 489 | M68K_INS_HALT, 490 | M68K_INS_ILLEGAL, 491 | M68K_INS_JMP, 492 | M68K_INS_JSR, 493 | M68K_INS_LEA, 494 | M68K_INS_LINK, 495 | M68K_INS_LPSTOP, 496 | M68K_INS_LSL, 497 | M68K_INS_LSR, 498 | M68K_INS_MOVE, 499 | M68K_INS_MOVEA, 500 | M68K_INS_MOVEC, 501 | M68K_INS_MOVEM, 502 | M68K_INS_MOVEP, 503 | M68K_INS_MOVEQ, 504 | M68K_INS_MOVES, 505 | M68K_INS_MOVE16, 506 | M68K_INS_MULS, 507 | M68K_INS_MULU, 508 | M68K_INS_NBCD, 509 | M68K_INS_NEG, 510 | M68K_INS_NEGX, 511 | M68K_INS_NOP, 512 | M68K_INS_NOT, 513 | M68K_INS_OR, 514 | M68K_INS_ORI, 515 | M68K_INS_PACK, 516 | M68K_INS_PEA, 517 | M68K_INS_PFLUSH, 518 | M68K_INS_PFLUSHA, 519 | M68K_INS_PFLUSHAN, 520 | M68K_INS_PFLUSHN, 521 | M68K_INS_PLOADR, 522 | M68K_INS_PLOADW, 523 | M68K_INS_PLPAR, 524 | M68K_INS_PLPAW, 525 | M68K_INS_PMOVE, 526 | M68K_INS_PMOVEFD, 527 | M68K_INS_PTESTR, 528 | M68K_INS_PTESTW, 529 | M68K_INS_PULSE, 530 | M68K_INS_REMS, 531 | M68K_INS_REMU, 532 | M68K_INS_RESET, 533 | M68K_INS_ROL, 534 | M68K_INS_ROR, 535 | M68K_INS_ROXL, 536 | M68K_INS_ROXR, 537 | M68K_INS_RTD, 538 | M68K_INS_RTE, 539 | M68K_INS_RTM, 540 | M68K_INS_RTR, 541 | M68K_INS_RTS, 542 | M68K_INS_SBCD, 543 | M68K_INS_ST, 544 | M68K_INS_SF, 545 | M68K_INS_SHI, 546 | M68K_INS_SLS, 547 | M68K_INS_SCC, 548 | M68K_INS_SHS, 549 | M68K_INS_SCS, 550 | M68K_INS_SLO, 551 | M68K_INS_SNE, 552 | M68K_INS_SEQ, 553 | M68K_INS_SVC, 554 | M68K_INS_SVS, 555 | M68K_INS_SPL, 556 | M68K_INS_SMI, 557 | M68K_INS_SGE, 558 | M68K_INS_SLT, 559 | M68K_INS_SGT, 560 | M68K_INS_SLE, 561 | M68K_INS_STOP, 562 | M68K_INS_SUB, 563 | M68K_INS_SUBA, 564 | M68K_INS_SUBI, 565 | M68K_INS_SUBQ, 566 | M68K_INS_SUBX, 567 | M68K_INS_SWAP, 568 | M68K_INS_TAS, 569 | M68K_INS_TRAP, 570 | M68K_INS_TRAPV, 571 | M68K_INS_TRAPT, 572 | M68K_INS_TRAPF, 573 | M68K_INS_TRAPHI, 574 | M68K_INS_TRAPLS, 575 | M68K_INS_TRAPCC, 576 | M68K_INS_TRAPHS, 577 | M68K_INS_TRAPCS, 578 | M68K_INS_TRAPLO, 579 | M68K_INS_TRAPNE, 580 | M68K_INS_TRAPEQ, 581 | M68K_INS_TRAPVC, 582 | M68K_INS_TRAPVS, 583 | M68K_INS_TRAPPL, 584 | M68K_INS_TRAPMI, 585 | M68K_INS_TRAPGE, 586 | M68K_INS_TRAPLT, 587 | M68K_INS_TRAPGT, 588 | M68K_INS_TRAPLE, 589 | M68K_INS_TST, 590 | M68K_INS_UNLK, 591 | M68K_INS_UNPK, 592 | M68K_INS_ENDING, // <-- mark the end of the list of instructions 593 | } m68k_insn; 594 | 595 | /// Group of M68K instructions 596 | typedef enum m68k_group_type { 597 | M68K_GRP_INVALID = 0, ///< CS_GRUP_INVALID 598 | M68K_GRP_JUMP, ///< = CS_GRP_JUMP 599 | M68K_GRP_RET = 3, ///< = CS_GRP_RET 600 | M68K_GRP_IRET = 5, ///< = CS_GRP_IRET 601 | M68K_GRP_BRANCH_RELATIVE = 7, ///< = CS_GRP_BRANCH_RELATIVE 602 | 603 | M68K_GRP_ENDING,// <-- mark the end of the list of groups 604 | } m68k_group_type; 605 | 606 | #ifdef __cplusplus 607 | } 608 | #endif 609 | 610 | #endif 611 | -------------------------------------------------------------------------------- /Lexa/capstone/mips.h: -------------------------------------------------------------------------------- 1 | #ifndef CAPSTONE_MIPS_H 2 | #define CAPSTONE_MIPS_H 3 | 4 | /* Capstone Disassembly Engine */ 5 | /* By Nguyen Anh Quynh , 2013-2015 */ 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "platform.h" 12 | 13 | // GCC MIPS toolchain has a default macro called "mips" which breaks 14 | // compilation 15 | #undef mips 16 | 17 | #ifdef _MSC_VER 18 | #pragma warning(disable:4201) 19 | #endif 20 | 21 | /// Operand type for instruction's operands 22 | typedef enum mips_op_type { 23 | MIPS_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized). 24 | MIPS_OP_REG, ///< = CS_OP_REG (Register operand). 25 | MIPS_OP_IMM, ///< = CS_OP_IMM (Immediate operand). 26 | MIPS_OP_MEM, ///< = CS_OP_MEM (Memory operand). 27 | } mips_op_type; 28 | 29 | /// MIPS registers 30 | typedef enum mips_reg { 31 | MIPS_REG_INVALID = 0, 32 | // General purpose registers 33 | MIPS_REG_PC, 34 | 35 | MIPS_REG_0, 36 | MIPS_REG_1, 37 | MIPS_REG_2, 38 | MIPS_REG_3, 39 | MIPS_REG_4, 40 | MIPS_REG_5, 41 | MIPS_REG_6, 42 | MIPS_REG_7, 43 | MIPS_REG_8, 44 | MIPS_REG_9, 45 | MIPS_REG_10, 46 | MIPS_REG_11, 47 | MIPS_REG_12, 48 | MIPS_REG_13, 49 | MIPS_REG_14, 50 | MIPS_REG_15, 51 | MIPS_REG_16, 52 | MIPS_REG_17, 53 | MIPS_REG_18, 54 | MIPS_REG_19, 55 | MIPS_REG_20, 56 | MIPS_REG_21, 57 | MIPS_REG_22, 58 | MIPS_REG_23, 59 | MIPS_REG_24, 60 | MIPS_REG_25, 61 | MIPS_REG_26, 62 | MIPS_REG_27, 63 | MIPS_REG_28, 64 | MIPS_REG_29, 65 | MIPS_REG_30, 66 | MIPS_REG_31, 67 | 68 | // DSP registers 69 | MIPS_REG_DSPCCOND, 70 | MIPS_REG_DSPCARRY, 71 | MIPS_REG_DSPEFI, 72 | MIPS_REG_DSPOUTFLAG, 73 | MIPS_REG_DSPOUTFLAG16_19, 74 | MIPS_REG_DSPOUTFLAG20, 75 | MIPS_REG_DSPOUTFLAG21, 76 | MIPS_REG_DSPOUTFLAG22, 77 | MIPS_REG_DSPOUTFLAG23, 78 | MIPS_REG_DSPPOS, 79 | MIPS_REG_DSPSCOUNT, 80 | 81 | // ACC registers 82 | MIPS_REG_AC0, 83 | MIPS_REG_AC1, 84 | MIPS_REG_AC2, 85 | MIPS_REG_AC3, 86 | 87 | // COP registers 88 | MIPS_REG_CC0, 89 | MIPS_REG_CC1, 90 | MIPS_REG_CC2, 91 | MIPS_REG_CC3, 92 | MIPS_REG_CC4, 93 | MIPS_REG_CC5, 94 | MIPS_REG_CC6, 95 | MIPS_REG_CC7, 96 | 97 | // FPU registers 98 | MIPS_REG_F0, 99 | MIPS_REG_F1, 100 | MIPS_REG_F2, 101 | MIPS_REG_F3, 102 | MIPS_REG_F4, 103 | MIPS_REG_F5, 104 | MIPS_REG_F6, 105 | MIPS_REG_F7, 106 | MIPS_REG_F8, 107 | MIPS_REG_F9, 108 | MIPS_REG_F10, 109 | MIPS_REG_F11, 110 | MIPS_REG_F12, 111 | MIPS_REG_F13, 112 | MIPS_REG_F14, 113 | MIPS_REG_F15, 114 | MIPS_REG_F16, 115 | MIPS_REG_F17, 116 | MIPS_REG_F18, 117 | MIPS_REG_F19, 118 | MIPS_REG_F20, 119 | MIPS_REG_F21, 120 | MIPS_REG_F22, 121 | MIPS_REG_F23, 122 | MIPS_REG_F24, 123 | MIPS_REG_F25, 124 | MIPS_REG_F26, 125 | MIPS_REG_F27, 126 | MIPS_REG_F28, 127 | MIPS_REG_F29, 128 | MIPS_REG_F30, 129 | MIPS_REG_F31, 130 | 131 | MIPS_REG_FCC0, 132 | MIPS_REG_FCC1, 133 | MIPS_REG_FCC2, 134 | MIPS_REG_FCC3, 135 | MIPS_REG_FCC4, 136 | MIPS_REG_FCC5, 137 | MIPS_REG_FCC6, 138 | MIPS_REG_FCC7, 139 | 140 | // AFPR128 141 | MIPS_REG_W0, 142 | MIPS_REG_W1, 143 | MIPS_REG_W2, 144 | MIPS_REG_W3, 145 | MIPS_REG_W4, 146 | MIPS_REG_W5, 147 | MIPS_REG_W6, 148 | MIPS_REG_W7, 149 | MIPS_REG_W8, 150 | MIPS_REG_W9, 151 | MIPS_REG_W10, 152 | MIPS_REG_W11, 153 | MIPS_REG_W12, 154 | MIPS_REG_W13, 155 | MIPS_REG_W14, 156 | MIPS_REG_W15, 157 | MIPS_REG_W16, 158 | MIPS_REG_W17, 159 | MIPS_REG_W18, 160 | MIPS_REG_W19, 161 | MIPS_REG_W20, 162 | MIPS_REG_W21, 163 | MIPS_REG_W22, 164 | MIPS_REG_W23, 165 | MIPS_REG_W24, 166 | MIPS_REG_W25, 167 | MIPS_REG_W26, 168 | MIPS_REG_W27, 169 | MIPS_REG_W28, 170 | MIPS_REG_W29, 171 | MIPS_REG_W30, 172 | MIPS_REG_W31, 173 | 174 | MIPS_REG_HI, 175 | MIPS_REG_LO, 176 | 177 | MIPS_REG_P0, 178 | MIPS_REG_P1, 179 | MIPS_REG_P2, 180 | 181 | MIPS_REG_MPL0, 182 | MIPS_REG_MPL1, 183 | MIPS_REG_MPL2, 184 | 185 | MIPS_REG_ENDING, // <-- mark the end of the list or registers 186 | 187 | // alias registers 188 | MIPS_REG_ZERO = MIPS_REG_0, 189 | MIPS_REG_AT = MIPS_REG_1, 190 | MIPS_REG_V0 = MIPS_REG_2, 191 | MIPS_REG_V1 = MIPS_REG_3, 192 | MIPS_REG_A0 = MIPS_REG_4, 193 | MIPS_REG_A1 = MIPS_REG_5, 194 | MIPS_REG_A2 = MIPS_REG_6, 195 | MIPS_REG_A3 = MIPS_REG_7, 196 | MIPS_REG_T0 = MIPS_REG_8, 197 | MIPS_REG_T1 = MIPS_REG_9, 198 | MIPS_REG_T2 = MIPS_REG_10, 199 | MIPS_REG_T3 = MIPS_REG_11, 200 | MIPS_REG_T4 = MIPS_REG_12, 201 | MIPS_REG_T5 = MIPS_REG_13, 202 | MIPS_REG_T6 = MIPS_REG_14, 203 | MIPS_REG_T7 = MIPS_REG_15, 204 | MIPS_REG_S0 = MIPS_REG_16, 205 | MIPS_REG_S1 = MIPS_REG_17, 206 | MIPS_REG_S2 = MIPS_REG_18, 207 | MIPS_REG_S3 = MIPS_REG_19, 208 | MIPS_REG_S4 = MIPS_REG_20, 209 | MIPS_REG_S5 = MIPS_REG_21, 210 | MIPS_REG_S6 = MIPS_REG_22, 211 | MIPS_REG_S7 = MIPS_REG_23, 212 | MIPS_REG_T8 = MIPS_REG_24, 213 | MIPS_REG_T9 = MIPS_REG_25, 214 | MIPS_REG_K0 = MIPS_REG_26, 215 | MIPS_REG_K1 = MIPS_REG_27, 216 | MIPS_REG_GP = MIPS_REG_28, 217 | MIPS_REG_SP = MIPS_REG_29, 218 | MIPS_REG_FP = MIPS_REG_30, MIPS_REG_S8 = MIPS_REG_30, 219 | MIPS_REG_RA = MIPS_REG_31, 220 | 221 | MIPS_REG_HI0 = MIPS_REG_AC0, 222 | MIPS_REG_HI1 = MIPS_REG_AC1, 223 | MIPS_REG_HI2 = MIPS_REG_AC2, 224 | MIPS_REG_HI3 = MIPS_REG_AC3, 225 | 226 | MIPS_REG_LO0 = MIPS_REG_HI0, 227 | MIPS_REG_LO1 = MIPS_REG_HI1, 228 | MIPS_REG_LO2 = MIPS_REG_HI2, 229 | MIPS_REG_LO3 = MIPS_REG_HI3, 230 | } mips_reg; 231 | 232 | /// Instruction's operand referring to memory 233 | /// This is associated with MIPS_OP_MEM operand type above 234 | typedef struct mips_op_mem { 235 | mips_reg base; ///< base register 236 | int64_t disp; ///< displacement/offset value 237 | } mips_op_mem; 238 | 239 | /// Instruction operand 240 | typedef struct cs_mips_op { 241 | mips_op_type type; ///< operand type 242 | union { 243 | mips_reg reg; ///< register value for REG operand 244 | int64_t imm; ///< immediate value for IMM operand 245 | mips_op_mem mem; ///< base/index/scale/disp value for MEM operand 246 | }; 247 | } cs_mips_op; 248 | 249 | /// Instruction structure 250 | typedef struct cs_mips { 251 | /// Number of operands of this instruction, 252 | /// or 0 when instruction has no operand. 253 | uint8_t op_count; 254 | cs_mips_op operands[10]; ///< operands for this instruction. 255 | } cs_mips; 256 | 257 | /// MIPS instruction 258 | typedef enum mips_insn { 259 | MIPS_INS_INVALID = 0, 260 | 261 | MIPS_INS_ABSQ_S, 262 | MIPS_INS_ADD, 263 | MIPS_INS_ADDIUPC, 264 | MIPS_INS_ADDIUR1SP, 265 | MIPS_INS_ADDIUR2, 266 | MIPS_INS_ADDIUS5, 267 | MIPS_INS_ADDIUSP, 268 | MIPS_INS_ADDQH, 269 | MIPS_INS_ADDQH_R, 270 | MIPS_INS_ADDQ, 271 | MIPS_INS_ADDQ_S, 272 | MIPS_INS_ADDSC, 273 | MIPS_INS_ADDS_A, 274 | MIPS_INS_ADDS_S, 275 | MIPS_INS_ADDS_U, 276 | MIPS_INS_ADDU16, 277 | MIPS_INS_ADDUH, 278 | MIPS_INS_ADDUH_R, 279 | MIPS_INS_ADDU, 280 | MIPS_INS_ADDU_S, 281 | MIPS_INS_ADDVI, 282 | MIPS_INS_ADDV, 283 | MIPS_INS_ADDWC, 284 | MIPS_INS_ADD_A, 285 | MIPS_INS_ADDI, 286 | MIPS_INS_ADDIU, 287 | MIPS_INS_ALIGN, 288 | MIPS_INS_ALUIPC, 289 | MIPS_INS_AND, 290 | MIPS_INS_AND16, 291 | MIPS_INS_ANDI16, 292 | MIPS_INS_ANDI, 293 | MIPS_INS_APPEND, 294 | MIPS_INS_ASUB_S, 295 | MIPS_INS_ASUB_U, 296 | MIPS_INS_AUI, 297 | MIPS_INS_AUIPC, 298 | MIPS_INS_AVER_S, 299 | MIPS_INS_AVER_U, 300 | MIPS_INS_AVE_S, 301 | MIPS_INS_AVE_U, 302 | MIPS_INS_B16, 303 | MIPS_INS_BADDU, 304 | MIPS_INS_BAL, 305 | MIPS_INS_BALC, 306 | MIPS_INS_BALIGN, 307 | MIPS_INS_BBIT0, 308 | MIPS_INS_BBIT032, 309 | MIPS_INS_BBIT1, 310 | MIPS_INS_BBIT132, 311 | MIPS_INS_BC, 312 | MIPS_INS_BC0F, 313 | MIPS_INS_BC0FL, 314 | MIPS_INS_BC0T, 315 | MIPS_INS_BC0TL, 316 | MIPS_INS_BC1EQZ, 317 | MIPS_INS_BC1F, 318 | MIPS_INS_BC1FL, 319 | MIPS_INS_BC1NEZ, 320 | MIPS_INS_BC1T, 321 | MIPS_INS_BC1TL, 322 | MIPS_INS_BC2EQZ, 323 | MIPS_INS_BC2F, 324 | MIPS_INS_BC2FL, 325 | MIPS_INS_BC2NEZ, 326 | MIPS_INS_BC2T, 327 | MIPS_INS_BC2TL, 328 | MIPS_INS_BC3F, 329 | MIPS_INS_BC3FL, 330 | MIPS_INS_BC3T, 331 | MIPS_INS_BC3TL, 332 | MIPS_INS_BCLRI, 333 | MIPS_INS_BCLR, 334 | MIPS_INS_BEQ, 335 | MIPS_INS_BEQC, 336 | MIPS_INS_BEQL, 337 | MIPS_INS_BEQZ16, 338 | MIPS_INS_BEQZALC, 339 | MIPS_INS_BEQZC, 340 | MIPS_INS_BGEC, 341 | MIPS_INS_BGEUC, 342 | MIPS_INS_BGEZ, 343 | MIPS_INS_BGEZAL, 344 | MIPS_INS_BGEZALC, 345 | MIPS_INS_BGEZALL, 346 | MIPS_INS_BGEZALS, 347 | MIPS_INS_BGEZC, 348 | MIPS_INS_BGEZL, 349 | MIPS_INS_BGTZ, 350 | MIPS_INS_BGTZALC, 351 | MIPS_INS_BGTZC, 352 | MIPS_INS_BGTZL, 353 | MIPS_INS_BINSLI, 354 | MIPS_INS_BINSL, 355 | MIPS_INS_BINSRI, 356 | MIPS_INS_BINSR, 357 | MIPS_INS_BITREV, 358 | MIPS_INS_BITSWAP, 359 | MIPS_INS_BLEZ, 360 | MIPS_INS_BLEZALC, 361 | MIPS_INS_BLEZC, 362 | MIPS_INS_BLEZL, 363 | MIPS_INS_BLTC, 364 | MIPS_INS_BLTUC, 365 | MIPS_INS_BLTZ, 366 | MIPS_INS_BLTZAL, 367 | MIPS_INS_BLTZALC, 368 | MIPS_INS_BLTZALL, 369 | MIPS_INS_BLTZALS, 370 | MIPS_INS_BLTZC, 371 | MIPS_INS_BLTZL, 372 | MIPS_INS_BMNZI, 373 | MIPS_INS_BMNZ, 374 | MIPS_INS_BMZI, 375 | MIPS_INS_BMZ, 376 | MIPS_INS_BNE, 377 | MIPS_INS_BNEC, 378 | MIPS_INS_BNEGI, 379 | MIPS_INS_BNEG, 380 | MIPS_INS_BNEL, 381 | MIPS_INS_BNEZ16, 382 | MIPS_INS_BNEZALC, 383 | MIPS_INS_BNEZC, 384 | MIPS_INS_BNVC, 385 | MIPS_INS_BNZ, 386 | MIPS_INS_BOVC, 387 | MIPS_INS_BPOSGE32, 388 | MIPS_INS_BREAK, 389 | MIPS_INS_BREAK16, 390 | MIPS_INS_BSELI, 391 | MIPS_INS_BSEL, 392 | MIPS_INS_BSETI, 393 | MIPS_INS_BSET, 394 | MIPS_INS_BZ, 395 | MIPS_INS_BEQZ, 396 | MIPS_INS_B, 397 | MIPS_INS_BNEZ, 398 | MIPS_INS_BTEQZ, 399 | MIPS_INS_BTNEZ, 400 | MIPS_INS_CACHE, 401 | MIPS_INS_CEIL, 402 | MIPS_INS_CEQI, 403 | MIPS_INS_CEQ, 404 | MIPS_INS_CFC1, 405 | MIPS_INS_CFCMSA, 406 | MIPS_INS_CINS, 407 | MIPS_INS_CINS32, 408 | MIPS_INS_CLASS, 409 | MIPS_INS_CLEI_S, 410 | MIPS_INS_CLEI_U, 411 | MIPS_INS_CLE_S, 412 | MIPS_INS_CLE_U, 413 | MIPS_INS_CLO, 414 | MIPS_INS_CLTI_S, 415 | MIPS_INS_CLTI_U, 416 | MIPS_INS_CLT_S, 417 | MIPS_INS_CLT_U, 418 | MIPS_INS_CLZ, 419 | MIPS_INS_CMPGDU, 420 | MIPS_INS_CMPGU, 421 | MIPS_INS_CMPU, 422 | MIPS_INS_CMP, 423 | MIPS_INS_COPY_S, 424 | MIPS_INS_COPY_U, 425 | MIPS_INS_CTC1, 426 | MIPS_INS_CTCMSA, 427 | MIPS_INS_CVT, 428 | MIPS_INS_C, 429 | MIPS_INS_CMPI, 430 | MIPS_INS_DADD, 431 | MIPS_INS_DADDI, 432 | MIPS_INS_DADDIU, 433 | MIPS_INS_DADDU, 434 | MIPS_INS_DAHI, 435 | MIPS_INS_DALIGN, 436 | MIPS_INS_DATI, 437 | MIPS_INS_DAUI, 438 | MIPS_INS_DBITSWAP, 439 | MIPS_INS_DCLO, 440 | MIPS_INS_DCLZ, 441 | MIPS_INS_DDIV, 442 | MIPS_INS_DDIVU, 443 | MIPS_INS_DERET, 444 | MIPS_INS_DEXT, 445 | MIPS_INS_DEXTM, 446 | MIPS_INS_DEXTU, 447 | MIPS_INS_DI, 448 | MIPS_INS_DINS, 449 | MIPS_INS_DINSM, 450 | MIPS_INS_DINSU, 451 | MIPS_INS_DIV, 452 | MIPS_INS_DIVU, 453 | MIPS_INS_DIV_S, 454 | MIPS_INS_DIV_U, 455 | MIPS_INS_DLSA, 456 | MIPS_INS_DMFC0, 457 | MIPS_INS_DMFC1, 458 | MIPS_INS_DMFC2, 459 | MIPS_INS_DMOD, 460 | MIPS_INS_DMODU, 461 | MIPS_INS_DMTC0, 462 | MIPS_INS_DMTC1, 463 | MIPS_INS_DMTC2, 464 | MIPS_INS_DMUH, 465 | MIPS_INS_DMUHU, 466 | MIPS_INS_DMUL, 467 | MIPS_INS_DMULT, 468 | MIPS_INS_DMULTU, 469 | MIPS_INS_DMULU, 470 | MIPS_INS_DOTP_S, 471 | MIPS_INS_DOTP_U, 472 | MIPS_INS_DPADD_S, 473 | MIPS_INS_DPADD_U, 474 | MIPS_INS_DPAQX_SA, 475 | MIPS_INS_DPAQX_S, 476 | MIPS_INS_DPAQ_SA, 477 | MIPS_INS_DPAQ_S, 478 | MIPS_INS_DPAU, 479 | MIPS_INS_DPAX, 480 | MIPS_INS_DPA, 481 | MIPS_INS_DPOP, 482 | MIPS_INS_DPSQX_SA, 483 | MIPS_INS_DPSQX_S, 484 | MIPS_INS_DPSQ_SA, 485 | MIPS_INS_DPSQ_S, 486 | MIPS_INS_DPSUB_S, 487 | MIPS_INS_DPSUB_U, 488 | MIPS_INS_DPSU, 489 | MIPS_INS_DPSX, 490 | MIPS_INS_DPS, 491 | MIPS_INS_DROTR, 492 | MIPS_INS_DROTR32, 493 | MIPS_INS_DROTRV, 494 | MIPS_INS_DSBH, 495 | MIPS_INS_DSHD, 496 | MIPS_INS_DSLL, 497 | MIPS_INS_DSLL32, 498 | MIPS_INS_DSLLV, 499 | MIPS_INS_DSRA, 500 | MIPS_INS_DSRA32, 501 | MIPS_INS_DSRAV, 502 | MIPS_INS_DSRL, 503 | MIPS_INS_DSRL32, 504 | MIPS_INS_DSRLV, 505 | MIPS_INS_DSUB, 506 | MIPS_INS_DSUBU, 507 | MIPS_INS_EHB, 508 | MIPS_INS_EI, 509 | MIPS_INS_ERET, 510 | MIPS_INS_EXT, 511 | MIPS_INS_EXTP, 512 | MIPS_INS_EXTPDP, 513 | MIPS_INS_EXTPDPV, 514 | MIPS_INS_EXTPV, 515 | MIPS_INS_EXTRV_RS, 516 | MIPS_INS_EXTRV_R, 517 | MIPS_INS_EXTRV_S, 518 | MIPS_INS_EXTRV, 519 | MIPS_INS_EXTR_RS, 520 | MIPS_INS_EXTR_R, 521 | MIPS_INS_EXTR_S, 522 | MIPS_INS_EXTR, 523 | MIPS_INS_EXTS, 524 | MIPS_INS_EXTS32, 525 | MIPS_INS_ABS, 526 | MIPS_INS_FADD, 527 | MIPS_INS_FCAF, 528 | MIPS_INS_FCEQ, 529 | MIPS_INS_FCLASS, 530 | MIPS_INS_FCLE, 531 | MIPS_INS_FCLT, 532 | MIPS_INS_FCNE, 533 | MIPS_INS_FCOR, 534 | MIPS_INS_FCUEQ, 535 | MIPS_INS_FCULE, 536 | MIPS_INS_FCULT, 537 | MIPS_INS_FCUNE, 538 | MIPS_INS_FCUN, 539 | MIPS_INS_FDIV, 540 | MIPS_INS_FEXDO, 541 | MIPS_INS_FEXP2, 542 | MIPS_INS_FEXUPL, 543 | MIPS_INS_FEXUPR, 544 | MIPS_INS_FFINT_S, 545 | MIPS_INS_FFINT_U, 546 | MIPS_INS_FFQL, 547 | MIPS_INS_FFQR, 548 | MIPS_INS_FILL, 549 | MIPS_INS_FLOG2, 550 | MIPS_INS_FLOOR, 551 | MIPS_INS_FMADD, 552 | MIPS_INS_FMAX_A, 553 | MIPS_INS_FMAX, 554 | MIPS_INS_FMIN_A, 555 | MIPS_INS_FMIN, 556 | MIPS_INS_MOV, 557 | MIPS_INS_FMSUB, 558 | MIPS_INS_FMUL, 559 | MIPS_INS_MUL, 560 | MIPS_INS_NEG, 561 | MIPS_INS_FRCP, 562 | MIPS_INS_FRINT, 563 | MIPS_INS_FRSQRT, 564 | MIPS_INS_FSAF, 565 | MIPS_INS_FSEQ, 566 | MIPS_INS_FSLE, 567 | MIPS_INS_FSLT, 568 | MIPS_INS_FSNE, 569 | MIPS_INS_FSOR, 570 | MIPS_INS_FSQRT, 571 | MIPS_INS_SQRT, 572 | MIPS_INS_FSUB, 573 | MIPS_INS_SUB, 574 | MIPS_INS_FSUEQ, 575 | MIPS_INS_FSULE, 576 | MIPS_INS_FSULT, 577 | MIPS_INS_FSUNE, 578 | MIPS_INS_FSUN, 579 | MIPS_INS_FTINT_S, 580 | MIPS_INS_FTINT_U, 581 | MIPS_INS_FTQ, 582 | MIPS_INS_FTRUNC_S, 583 | MIPS_INS_FTRUNC_U, 584 | MIPS_INS_HADD_S, 585 | MIPS_INS_HADD_U, 586 | MIPS_INS_HSUB_S, 587 | MIPS_INS_HSUB_U, 588 | MIPS_INS_ILVEV, 589 | MIPS_INS_ILVL, 590 | MIPS_INS_ILVOD, 591 | MIPS_INS_ILVR, 592 | MIPS_INS_INS, 593 | MIPS_INS_INSERT, 594 | MIPS_INS_INSV, 595 | MIPS_INS_INSVE, 596 | MIPS_INS_J, 597 | MIPS_INS_JAL, 598 | MIPS_INS_JALR, 599 | MIPS_INS_JALRS16, 600 | MIPS_INS_JALRS, 601 | MIPS_INS_JALS, 602 | MIPS_INS_JALX, 603 | MIPS_INS_JIALC, 604 | MIPS_INS_JIC, 605 | MIPS_INS_JR, 606 | MIPS_INS_JR16, 607 | MIPS_INS_JRADDIUSP, 608 | MIPS_INS_JRC, 609 | MIPS_INS_JALRC, 610 | MIPS_INS_LB, 611 | MIPS_INS_LBU16, 612 | MIPS_INS_LBUX, 613 | MIPS_INS_LBU, 614 | MIPS_INS_LD, 615 | MIPS_INS_LDC1, 616 | MIPS_INS_LDC2, 617 | MIPS_INS_LDC3, 618 | MIPS_INS_LDI, 619 | MIPS_INS_LDL, 620 | MIPS_INS_LDPC, 621 | MIPS_INS_LDR, 622 | MIPS_INS_LDXC1, 623 | MIPS_INS_LH, 624 | MIPS_INS_LHU16, 625 | MIPS_INS_LHX, 626 | MIPS_INS_LHU, 627 | MIPS_INS_LI16, 628 | MIPS_INS_LL, 629 | MIPS_INS_LLD, 630 | MIPS_INS_LSA, 631 | MIPS_INS_LUXC1, 632 | MIPS_INS_LUI, 633 | MIPS_INS_LW, 634 | MIPS_INS_LW16, 635 | MIPS_INS_LWC1, 636 | MIPS_INS_LWC2, 637 | MIPS_INS_LWC3, 638 | MIPS_INS_LWL, 639 | MIPS_INS_LWM16, 640 | MIPS_INS_LWM32, 641 | MIPS_INS_LWPC, 642 | MIPS_INS_LWP, 643 | MIPS_INS_LWR, 644 | MIPS_INS_LWUPC, 645 | MIPS_INS_LWU, 646 | MIPS_INS_LWX, 647 | MIPS_INS_LWXC1, 648 | MIPS_INS_LWXS, 649 | MIPS_INS_LI, 650 | MIPS_INS_MADD, 651 | MIPS_INS_MADDF, 652 | MIPS_INS_MADDR_Q, 653 | MIPS_INS_MADDU, 654 | MIPS_INS_MADDV, 655 | MIPS_INS_MADD_Q, 656 | MIPS_INS_MAQ_SA, 657 | MIPS_INS_MAQ_S, 658 | MIPS_INS_MAXA, 659 | MIPS_INS_MAXI_S, 660 | MIPS_INS_MAXI_U, 661 | MIPS_INS_MAX_A, 662 | MIPS_INS_MAX, 663 | MIPS_INS_MAX_S, 664 | MIPS_INS_MAX_U, 665 | MIPS_INS_MFC0, 666 | MIPS_INS_MFC1, 667 | MIPS_INS_MFC2, 668 | MIPS_INS_MFHC1, 669 | MIPS_INS_MFHI, 670 | MIPS_INS_MFLO, 671 | MIPS_INS_MINA, 672 | MIPS_INS_MINI_S, 673 | MIPS_INS_MINI_U, 674 | MIPS_INS_MIN_A, 675 | MIPS_INS_MIN, 676 | MIPS_INS_MIN_S, 677 | MIPS_INS_MIN_U, 678 | MIPS_INS_MOD, 679 | MIPS_INS_MODSUB, 680 | MIPS_INS_MODU, 681 | MIPS_INS_MOD_S, 682 | MIPS_INS_MOD_U, 683 | MIPS_INS_MOVE, 684 | MIPS_INS_MOVEP, 685 | MIPS_INS_MOVF, 686 | MIPS_INS_MOVN, 687 | MIPS_INS_MOVT, 688 | MIPS_INS_MOVZ, 689 | MIPS_INS_MSUB, 690 | MIPS_INS_MSUBF, 691 | MIPS_INS_MSUBR_Q, 692 | MIPS_INS_MSUBU, 693 | MIPS_INS_MSUBV, 694 | MIPS_INS_MSUB_Q, 695 | MIPS_INS_MTC0, 696 | MIPS_INS_MTC1, 697 | MIPS_INS_MTC2, 698 | MIPS_INS_MTHC1, 699 | MIPS_INS_MTHI, 700 | MIPS_INS_MTHLIP, 701 | MIPS_INS_MTLO, 702 | MIPS_INS_MTM0, 703 | MIPS_INS_MTM1, 704 | MIPS_INS_MTM2, 705 | MIPS_INS_MTP0, 706 | MIPS_INS_MTP1, 707 | MIPS_INS_MTP2, 708 | MIPS_INS_MUH, 709 | MIPS_INS_MUHU, 710 | MIPS_INS_MULEQ_S, 711 | MIPS_INS_MULEU_S, 712 | MIPS_INS_MULQ_RS, 713 | MIPS_INS_MULQ_S, 714 | MIPS_INS_MULR_Q, 715 | MIPS_INS_MULSAQ_S, 716 | MIPS_INS_MULSA, 717 | MIPS_INS_MULT, 718 | MIPS_INS_MULTU, 719 | MIPS_INS_MULU, 720 | MIPS_INS_MULV, 721 | MIPS_INS_MUL_Q, 722 | MIPS_INS_MUL_S, 723 | MIPS_INS_NLOC, 724 | MIPS_INS_NLZC, 725 | MIPS_INS_NMADD, 726 | MIPS_INS_NMSUB, 727 | MIPS_INS_NOR, 728 | MIPS_INS_NORI, 729 | MIPS_INS_NOT16, 730 | MIPS_INS_NOT, 731 | MIPS_INS_OR, 732 | MIPS_INS_OR16, 733 | MIPS_INS_ORI, 734 | MIPS_INS_PACKRL, 735 | MIPS_INS_PAUSE, 736 | MIPS_INS_PCKEV, 737 | MIPS_INS_PCKOD, 738 | MIPS_INS_PCNT, 739 | MIPS_INS_PICK, 740 | MIPS_INS_POP, 741 | MIPS_INS_PRECEQU, 742 | MIPS_INS_PRECEQ, 743 | MIPS_INS_PRECEU, 744 | MIPS_INS_PRECRQU_S, 745 | MIPS_INS_PRECRQ, 746 | MIPS_INS_PRECRQ_RS, 747 | MIPS_INS_PRECR, 748 | MIPS_INS_PRECR_SRA, 749 | MIPS_INS_PRECR_SRA_R, 750 | MIPS_INS_PREF, 751 | MIPS_INS_PREPEND, 752 | MIPS_INS_RADDU, 753 | MIPS_INS_RDDSP, 754 | MIPS_INS_RDHWR, 755 | MIPS_INS_REPLV, 756 | MIPS_INS_REPL, 757 | MIPS_INS_RINT, 758 | MIPS_INS_ROTR, 759 | MIPS_INS_ROTRV, 760 | MIPS_INS_ROUND, 761 | MIPS_INS_SAT_S, 762 | MIPS_INS_SAT_U, 763 | MIPS_INS_SB, 764 | MIPS_INS_SB16, 765 | MIPS_INS_SC, 766 | MIPS_INS_SCD, 767 | MIPS_INS_SD, 768 | MIPS_INS_SDBBP, 769 | MIPS_INS_SDBBP16, 770 | MIPS_INS_SDC1, 771 | MIPS_INS_SDC2, 772 | MIPS_INS_SDC3, 773 | MIPS_INS_SDL, 774 | MIPS_INS_SDR, 775 | MIPS_INS_SDXC1, 776 | MIPS_INS_SEB, 777 | MIPS_INS_SEH, 778 | MIPS_INS_SELEQZ, 779 | MIPS_INS_SELNEZ, 780 | MIPS_INS_SEL, 781 | MIPS_INS_SEQ, 782 | MIPS_INS_SEQI, 783 | MIPS_INS_SH, 784 | MIPS_INS_SH16, 785 | MIPS_INS_SHF, 786 | MIPS_INS_SHILO, 787 | MIPS_INS_SHILOV, 788 | MIPS_INS_SHLLV, 789 | MIPS_INS_SHLLV_S, 790 | MIPS_INS_SHLL, 791 | MIPS_INS_SHLL_S, 792 | MIPS_INS_SHRAV, 793 | MIPS_INS_SHRAV_R, 794 | MIPS_INS_SHRA, 795 | MIPS_INS_SHRA_R, 796 | MIPS_INS_SHRLV, 797 | MIPS_INS_SHRL, 798 | MIPS_INS_SLDI, 799 | MIPS_INS_SLD, 800 | MIPS_INS_SLL, 801 | MIPS_INS_SLL16, 802 | MIPS_INS_SLLI, 803 | MIPS_INS_SLLV, 804 | MIPS_INS_SLT, 805 | MIPS_INS_SLTI, 806 | MIPS_INS_SLTIU, 807 | MIPS_INS_SLTU, 808 | MIPS_INS_SNE, 809 | MIPS_INS_SNEI, 810 | MIPS_INS_SPLATI, 811 | MIPS_INS_SPLAT, 812 | MIPS_INS_SRA, 813 | MIPS_INS_SRAI, 814 | MIPS_INS_SRARI, 815 | MIPS_INS_SRAR, 816 | MIPS_INS_SRAV, 817 | MIPS_INS_SRL, 818 | MIPS_INS_SRL16, 819 | MIPS_INS_SRLI, 820 | MIPS_INS_SRLRI, 821 | MIPS_INS_SRLR, 822 | MIPS_INS_SRLV, 823 | MIPS_INS_SSNOP, 824 | MIPS_INS_ST, 825 | MIPS_INS_SUBQH, 826 | MIPS_INS_SUBQH_R, 827 | MIPS_INS_SUBQ, 828 | MIPS_INS_SUBQ_S, 829 | MIPS_INS_SUBSUS_U, 830 | MIPS_INS_SUBSUU_S, 831 | MIPS_INS_SUBS_S, 832 | MIPS_INS_SUBS_U, 833 | MIPS_INS_SUBU16, 834 | MIPS_INS_SUBUH, 835 | MIPS_INS_SUBUH_R, 836 | MIPS_INS_SUBU, 837 | MIPS_INS_SUBU_S, 838 | MIPS_INS_SUBVI, 839 | MIPS_INS_SUBV, 840 | MIPS_INS_SUXC1, 841 | MIPS_INS_SW, 842 | MIPS_INS_SW16, 843 | MIPS_INS_SWC1, 844 | MIPS_INS_SWC2, 845 | MIPS_INS_SWC3, 846 | MIPS_INS_SWL, 847 | MIPS_INS_SWM16, 848 | MIPS_INS_SWM32, 849 | MIPS_INS_SWP, 850 | MIPS_INS_SWR, 851 | MIPS_INS_SWXC1, 852 | MIPS_INS_SYNC, 853 | MIPS_INS_SYNCI, 854 | MIPS_INS_SYSCALL, 855 | MIPS_INS_TEQ, 856 | MIPS_INS_TEQI, 857 | MIPS_INS_TGE, 858 | MIPS_INS_TGEI, 859 | MIPS_INS_TGEIU, 860 | MIPS_INS_TGEU, 861 | MIPS_INS_TLBP, 862 | MIPS_INS_TLBR, 863 | MIPS_INS_TLBWI, 864 | MIPS_INS_TLBWR, 865 | MIPS_INS_TLT, 866 | MIPS_INS_TLTI, 867 | MIPS_INS_TLTIU, 868 | MIPS_INS_TLTU, 869 | MIPS_INS_TNE, 870 | MIPS_INS_TNEI, 871 | MIPS_INS_TRUNC, 872 | MIPS_INS_V3MULU, 873 | MIPS_INS_VMM0, 874 | MIPS_INS_VMULU, 875 | MIPS_INS_VSHF, 876 | MIPS_INS_WAIT, 877 | MIPS_INS_WRDSP, 878 | MIPS_INS_WSBH, 879 | MIPS_INS_XOR, 880 | MIPS_INS_XOR16, 881 | MIPS_INS_XORI, 882 | 883 | //> some alias instructions 884 | MIPS_INS_NOP, 885 | MIPS_INS_NEGU, 886 | 887 | //> special instructions 888 | MIPS_INS_JALR_HB, // jump and link with Hazard Barrier 889 | MIPS_INS_JR_HB, // jump register with Hazard Barrier 890 | 891 | MIPS_INS_ENDING, 892 | } mips_insn; 893 | 894 | /// Group of MIPS instructions 895 | typedef enum mips_insn_group { 896 | MIPS_GRP_INVALID = 0, ///< = CS_GRP_INVALID 897 | 898 | // Generic groups 899 | // all jump instructions (conditional+direct+indirect jumps) 900 | MIPS_GRP_JUMP, ///< = CS_GRP_JUMP 901 | // all call instructions 902 | MIPS_GRP_CALL, ///< = CS_GRP_CALL 903 | // all return instructions 904 | MIPS_GRP_RET, ///< = CS_GRP_RET 905 | // all interrupt instructions (int+syscall) 906 | MIPS_GRP_INT, ///< = CS_GRP_INT 907 | // all interrupt return instructions 908 | MIPS_GRP_IRET, ///< = CS_GRP_IRET 909 | // all privileged instructions 910 | MIPS_GRP_PRIVILEGE, ///< = CS_GRP_PRIVILEGE 911 | // all relative branching instructions 912 | MIPS_GRP_BRANCH_RELATIVE, ///< = CS_GRP_BRANCH_RELATIVE 913 | 914 | // Architecture-specific groups 915 | MIPS_GRP_BITCOUNT = 128, 916 | MIPS_GRP_DSP, 917 | MIPS_GRP_DSPR2, 918 | MIPS_GRP_FPIDX, 919 | MIPS_GRP_MSA, 920 | MIPS_GRP_MIPS32R2, 921 | MIPS_GRP_MIPS64, 922 | MIPS_GRP_MIPS64R2, 923 | MIPS_GRP_SEINREG, 924 | MIPS_GRP_STDENC, 925 | MIPS_GRP_SWAP, 926 | MIPS_GRP_MICROMIPS, 927 | MIPS_GRP_MIPS16MODE, 928 | MIPS_GRP_FP64BIT, 929 | MIPS_GRP_NONANSFPMATH, 930 | MIPS_GRP_NOTFP64BIT, 931 | MIPS_GRP_NOTINMICROMIPS, 932 | MIPS_GRP_NOTNACL, 933 | MIPS_GRP_NOTMIPS32R6, 934 | MIPS_GRP_NOTMIPS64R6, 935 | MIPS_GRP_CNMIPS, 936 | MIPS_GRP_MIPS32, 937 | MIPS_GRP_MIPS32R6, 938 | MIPS_GRP_MIPS64R6, 939 | MIPS_GRP_MIPS2, 940 | MIPS_GRP_MIPS3, 941 | MIPS_GRP_MIPS3_32, 942 | MIPS_GRP_MIPS3_32R2, 943 | MIPS_GRP_MIPS4_32, 944 | MIPS_GRP_MIPS4_32R2, 945 | MIPS_GRP_MIPS5_32R2, 946 | MIPS_GRP_GP32BIT, 947 | MIPS_GRP_GP64BIT, 948 | 949 | MIPS_GRP_ENDING, 950 | } mips_insn_group; 951 | 952 | #ifdef __cplusplus 953 | } 954 | #endif 955 | 956 | #endif 957 | -------------------------------------------------------------------------------- /Lexa/capstone/mos65xx.h: -------------------------------------------------------------------------------- 1 | #ifndef CAPSTONE_MOS65XX_H 2 | #define CAPSTONE_MOS65XX_H 3 | 4 | /* Capstone Disassembly Engine */ 5 | /* By Sebastian Macke C99 is supported 23 | #include 24 | #endif // (_MSC_VER < 1800) || defined(_KERNEL_MODE) 25 | 26 | #else 27 | // not MSVC -> C99 is supported 28 | #include 29 | #endif // !defined(__CYGWIN__) && !defined(__MINGW32__) && !defined(__MINGW64__) && (defined (WIN32) || defined (WIN64) || defined (_WIN32) || defined (_WIN64)) 30 | 31 | 32 | // handle inttypes.h / stdint.h compatibility 33 | #if defined(_WIN32_WCE) && (_WIN32_WCE < 0x800) 34 | #include "windowsce/stdint.h" 35 | #endif // defined(_WIN32_WCE) && (_WIN32_WCE < 0x800) 36 | 37 | #if defined(CAPSTONE_HAS_OSXKERNEL) || (defined(_MSC_VER) && (_MSC_VER <= 1700 || defined(_KERNEL_MODE))) 38 | // this system does not have inttypes.h 39 | 40 | #if defined(_MSC_VER) && (_MSC_VER <= 1600 || defined(_KERNEL_MODE)) 41 | // this system does not have stdint.h 42 | typedef signed char int8_t; 43 | typedef signed short int16_t; 44 | typedef signed int int32_t; 45 | typedef unsigned char uint8_t; 46 | typedef unsigned short uint16_t; 47 | typedef unsigned int uint32_t; 48 | typedef signed long long int64_t; 49 | typedef unsigned long long uint64_t; 50 | #endif // defined(_MSC_VER) && (_MSC_VER <= 1600 || defined(_KERNEL_MODE)) 51 | 52 | #if defined(_MSC_VER) && (_MSC_VER < 1600 || defined(_KERNEL_MODE)) 53 | #define INT8_MIN (-127i8 - 1) 54 | #define INT16_MIN (-32767i16 - 1) 55 | #define INT32_MIN (-2147483647i32 - 1) 56 | #define INT64_MIN (-9223372036854775807i64 - 1) 57 | #define INT8_MAX 127i8 58 | #define INT16_MAX 32767i16 59 | #define INT32_MAX 2147483647i32 60 | #define INT64_MAX 9223372036854775807i64 61 | #define UINT8_MAX 0xffui8 62 | #define UINT16_MAX 0xffffui16 63 | #define UINT32_MAX 0xffffffffui32 64 | #define UINT64_MAX 0xffffffffffffffffui64 65 | #endif // defined(_MSC_VER) && (_MSC_VER < 1600 || defined(_KERNEL_MODE)) 66 | 67 | #ifdef CAPSTONE_HAS_OSXKERNEL 68 | // this system has stdint.h 69 | #include 70 | #endif 71 | 72 | #define __PRI_8_LENGTH_MODIFIER__ "hh" 73 | #define __PRI_64_LENGTH_MODIFIER__ "ll" 74 | 75 | #define PRId8 __PRI_8_LENGTH_MODIFIER__ "d" 76 | #define PRIi8 __PRI_8_LENGTH_MODIFIER__ "i" 77 | #define PRIo8 __PRI_8_LENGTH_MODIFIER__ "o" 78 | #define PRIu8 __PRI_8_LENGTH_MODIFIER__ "u" 79 | #define PRIx8 __PRI_8_LENGTH_MODIFIER__ "x" 80 | #define PRIX8 __PRI_8_LENGTH_MODIFIER__ "X" 81 | 82 | #define PRId16 "hd" 83 | #define PRIi16 "hi" 84 | #define PRIo16 "ho" 85 | #define PRIu16 "hu" 86 | #define PRIx16 "hx" 87 | #define PRIX16 "hX" 88 | 89 | #if defined(_MSC_VER) && _MSC_VER <= 1700 90 | #define PRId32 "ld" 91 | #define PRIi32 "li" 92 | #define PRIo32 "lo" 93 | #define PRIu32 "lu" 94 | #define PRIx32 "lx" 95 | #define PRIX32 "lX" 96 | #else // OSX 97 | #define PRId32 "d" 98 | #define PRIi32 "i" 99 | #define PRIo32 "o" 100 | #define PRIu32 "u" 101 | #define PRIx32 "x" 102 | #define PRIX32 "X" 103 | #endif // defined(_MSC_VER) && _MSC_VER <= 1700 104 | 105 | #if defined(_MSC_VER) && _MSC_VER <= 1700 106 | // redefine functions from inttypes.h used in cstool 107 | #define strtoull _strtoui64 108 | #endif 109 | 110 | #define PRId64 __PRI_64_LENGTH_MODIFIER__ "d" 111 | #define PRIi64 __PRI_64_LENGTH_MODIFIER__ "i" 112 | #define PRIo64 __PRI_64_LENGTH_MODIFIER__ "o" 113 | #define PRIu64 __PRI_64_LENGTH_MODIFIER__ "u" 114 | #define PRIx64 __PRI_64_LENGTH_MODIFIER__ "x" 115 | #define PRIX64 __PRI_64_LENGTH_MODIFIER__ "X" 116 | 117 | #else 118 | // this system has inttypes.h by default 119 | #include 120 | #endif // defined(CAPSTONE_HAS_OSXKERNEL) || (defined(_MSC_VER) && (_MSC_VER <= 1700 || defined(_KERNEL_MODE))) 121 | 122 | #endif 123 | -------------------------------------------------------------------------------- /Lexa/capstone/sparc.h: -------------------------------------------------------------------------------- 1 | #ifndef CAPSTONE_SPARC_H 2 | #define CAPSTONE_SPARC_H 3 | 4 | /* Capstone Disassembly Engine */ 5 | /* By Nguyen Anh Quynh , 2014-2015 */ 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "platform.h" 12 | 13 | // GCC SPARC toolchain has a default macro called "sparc" which breaks 14 | // compilation 15 | #undef sparc 16 | 17 | #ifdef _MSC_VER 18 | #pragma warning(disable:4201) 19 | #endif 20 | 21 | /// Enums corresponding to Sparc condition codes, both icc's and fcc's. 22 | typedef enum sparc_cc { 23 | SPARC_CC_INVALID = 0, ///< invalid CC (default) 24 | // Integer condition codes 25 | SPARC_CC_ICC_A = 8+256, ///< Always 26 | SPARC_CC_ICC_N = 0+256, ///< Never 27 | SPARC_CC_ICC_NE = 9+256, ///< Not Equal 28 | SPARC_CC_ICC_E = 1+256, ///< Equal 29 | SPARC_CC_ICC_G = 10+256, ///< Greater 30 | SPARC_CC_ICC_LE = 2+256, ///< Less or Equal 31 | SPARC_CC_ICC_GE = 11+256, ///< Greater or Equal 32 | SPARC_CC_ICC_L = 3+256, ///< Less 33 | SPARC_CC_ICC_GU = 12+256, ///< Greater Unsigned 34 | SPARC_CC_ICC_LEU = 4+256, ///< Less or Equal Unsigned 35 | SPARC_CC_ICC_CC = 13+256, ///< Carry Clear/Great or Equal Unsigned 36 | SPARC_CC_ICC_CS = 5+256, ///< Carry Set/Less Unsigned 37 | SPARC_CC_ICC_POS = 14+256, ///< Positive 38 | SPARC_CC_ICC_NEG = 6+256, ///< Negative 39 | SPARC_CC_ICC_VC = 15+256, ///< Overflow Clear 40 | SPARC_CC_ICC_VS = 7+256, ///< Overflow Set 41 | 42 | // Floating condition codes 43 | SPARC_CC_FCC_A = 8+16+256, ///< Always 44 | SPARC_CC_FCC_N = 0+16+256, ///< Never 45 | SPARC_CC_FCC_U = 7+16+256, ///< Unordered 46 | SPARC_CC_FCC_G = 6+16+256, ///< Greater 47 | SPARC_CC_FCC_UG = 5+16+256, ///< Unordered or Greater 48 | SPARC_CC_FCC_L = 4+16+256, ///< Less 49 | SPARC_CC_FCC_UL = 3+16+256, ///< Unordered or Less 50 | SPARC_CC_FCC_LG = 2+16+256, ///< Less or Greater 51 | SPARC_CC_FCC_NE = 1+16+256, ///< Not Equal 52 | SPARC_CC_FCC_E = 9+16+256, ///< Equal 53 | SPARC_CC_FCC_UE = 10+16+256, ///< Unordered or Equal 54 | SPARC_CC_FCC_GE = 11+16+256, ///< Greater or Equal 55 | SPARC_CC_FCC_UGE = 12+16+256, ///< Unordered or Greater or Equal 56 | SPARC_CC_FCC_LE = 13+16+256, ///< Less or Equal 57 | SPARC_CC_FCC_ULE = 14+16+256, ///< Unordered or Less or Equal 58 | SPARC_CC_FCC_O = 15+16+256, ///< Ordered 59 | } sparc_cc; 60 | 61 | /// Branch hint 62 | typedef enum sparc_hint { 63 | SPARC_HINT_INVALID = 0, ///< no hint 64 | SPARC_HINT_A = 1 << 0, ///< annul delay slot instruction 65 | SPARC_HINT_PT = 1 << 1, ///< branch taken 66 | SPARC_HINT_PN = 1 << 2, ///< branch NOT taken 67 | } sparc_hint; 68 | 69 | /// Operand type for instruction's operands 70 | typedef enum sparc_op_type { 71 | SPARC_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized). 72 | SPARC_OP_REG, ///< = CS_OP_REG (Register operand). 73 | SPARC_OP_IMM, ///< = CS_OP_IMM (Immediate operand). 74 | SPARC_OP_MEM, ///< = CS_OP_MEM (Memory operand). 75 | } sparc_op_type; 76 | 77 | /// SPARC registers 78 | typedef enum sparc_reg { 79 | SPARC_REG_INVALID = 0, 80 | 81 | SPARC_REG_F0, 82 | SPARC_REG_F1, 83 | SPARC_REG_F2, 84 | SPARC_REG_F3, 85 | SPARC_REG_F4, 86 | SPARC_REG_F5, 87 | SPARC_REG_F6, 88 | SPARC_REG_F7, 89 | SPARC_REG_F8, 90 | SPARC_REG_F9, 91 | SPARC_REG_F10, 92 | SPARC_REG_F11, 93 | SPARC_REG_F12, 94 | SPARC_REG_F13, 95 | SPARC_REG_F14, 96 | SPARC_REG_F15, 97 | SPARC_REG_F16, 98 | SPARC_REG_F17, 99 | SPARC_REG_F18, 100 | SPARC_REG_F19, 101 | SPARC_REG_F20, 102 | SPARC_REG_F21, 103 | SPARC_REG_F22, 104 | SPARC_REG_F23, 105 | SPARC_REG_F24, 106 | SPARC_REG_F25, 107 | SPARC_REG_F26, 108 | SPARC_REG_F27, 109 | SPARC_REG_F28, 110 | SPARC_REG_F29, 111 | SPARC_REG_F30, 112 | SPARC_REG_F31, 113 | SPARC_REG_F32, 114 | SPARC_REG_F34, 115 | SPARC_REG_F36, 116 | SPARC_REG_F38, 117 | SPARC_REG_F40, 118 | SPARC_REG_F42, 119 | SPARC_REG_F44, 120 | SPARC_REG_F46, 121 | SPARC_REG_F48, 122 | SPARC_REG_F50, 123 | SPARC_REG_F52, 124 | SPARC_REG_F54, 125 | SPARC_REG_F56, 126 | SPARC_REG_F58, 127 | SPARC_REG_F60, 128 | SPARC_REG_F62, 129 | SPARC_REG_FCC0, // Floating condition codes 130 | SPARC_REG_FCC1, 131 | SPARC_REG_FCC2, 132 | SPARC_REG_FCC3, 133 | SPARC_REG_FP, 134 | SPARC_REG_G0, 135 | SPARC_REG_G1, 136 | SPARC_REG_G2, 137 | SPARC_REG_G3, 138 | SPARC_REG_G4, 139 | SPARC_REG_G5, 140 | SPARC_REG_G6, 141 | SPARC_REG_G7, 142 | SPARC_REG_I0, 143 | SPARC_REG_I1, 144 | SPARC_REG_I2, 145 | SPARC_REG_I3, 146 | SPARC_REG_I4, 147 | SPARC_REG_I5, 148 | SPARC_REG_I7, 149 | SPARC_REG_ICC, // Integer condition codes 150 | SPARC_REG_L0, 151 | SPARC_REG_L1, 152 | SPARC_REG_L2, 153 | SPARC_REG_L3, 154 | SPARC_REG_L4, 155 | SPARC_REG_L5, 156 | SPARC_REG_L6, 157 | SPARC_REG_L7, 158 | SPARC_REG_O0, 159 | SPARC_REG_O1, 160 | SPARC_REG_O2, 161 | SPARC_REG_O3, 162 | SPARC_REG_O4, 163 | SPARC_REG_O5, 164 | SPARC_REG_O7, 165 | SPARC_REG_SP, 166 | SPARC_REG_Y, 167 | 168 | // special register 169 | SPARC_REG_XCC, 170 | 171 | SPARC_REG_ENDING, // <-- mark the end of the list of registers 172 | 173 | // extras 174 | SPARC_REG_O6 = SPARC_REG_SP, 175 | SPARC_REG_I6 = SPARC_REG_FP, 176 | } sparc_reg; 177 | 178 | /// Instruction's operand referring to memory 179 | /// This is associated with SPARC_OP_MEM operand type above 180 | typedef struct sparc_op_mem { 181 | uint8_t base; ///< base register, can be safely interpreted as 182 | ///< a value of type `sparc_reg`, but it is only 183 | ///< one byte wide 184 | uint8_t index; ///< index register, same conditions apply here 185 | int32_t disp; ///< displacement/offset value 186 | } sparc_op_mem; 187 | 188 | /// Instruction operand 189 | typedef struct cs_sparc_op { 190 | sparc_op_type type; ///< operand type 191 | union { 192 | sparc_reg reg; ///< register value for REG operand 193 | int64_t imm; ///< immediate value for IMM operand 194 | sparc_op_mem mem; ///< base/disp value for MEM operand 195 | }; 196 | } cs_sparc_op; 197 | 198 | /// Instruction structure 199 | typedef struct cs_sparc { 200 | sparc_cc cc; ///< code condition for this insn 201 | sparc_hint hint; ///< branch hint: encoding as bitwise OR of sparc_hint. 202 | /// Number of operands of this instruction, 203 | /// or 0 when instruction has no operand. 204 | uint8_t op_count; 205 | cs_sparc_op operands[4]; ///< operands for this instruction. 206 | } cs_sparc; 207 | 208 | /// SPARC instruction 209 | typedef enum sparc_insn { 210 | SPARC_INS_INVALID = 0, 211 | 212 | SPARC_INS_ADDCC, 213 | SPARC_INS_ADDX, 214 | SPARC_INS_ADDXCC, 215 | SPARC_INS_ADDXC, 216 | SPARC_INS_ADDXCCC, 217 | SPARC_INS_ADD, 218 | SPARC_INS_ALIGNADDR, 219 | SPARC_INS_ALIGNADDRL, 220 | SPARC_INS_ANDCC, 221 | SPARC_INS_ANDNCC, 222 | SPARC_INS_ANDN, 223 | SPARC_INS_AND, 224 | SPARC_INS_ARRAY16, 225 | SPARC_INS_ARRAY32, 226 | SPARC_INS_ARRAY8, 227 | SPARC_INS_B, 228 | SPARC_INS_JMP, 229 | SPARC_INS_BMASK, 230 | SPARC_INS_FB, 231 | SPARC_INS_BRGEZ, 232 | SPARC_INS_BRGZ, 233 | SPARC_INS_BRLEZ, 234 | SPARC_INS_BRLZ, 235 | SPARC_INS_BRNZ, 236 | SPARC_INS_BRZ, 237 | SPARC_INS_BSHUFFLE, 238 | SPARC_INS_CALL, 239 | SPARC_INS_CASX, 240 | SPARC_INS_CAS, 241 | SPARC_INS_CMASK16, 242 | SPARC_INS_CMASK32, 243 | SPARC_INS_CMASK8, 244 | SPARC_INS_CMP, 245 | SPARC_INS_EDGE16, 246 | SPARC_INS_EDGE16L, 247 | SPARC_INS_EDGE16LN, 248 | SPARC_INS_EDGE16N, 249 | SPARC_INS_EDGE32, 250 | SPARC_INS_EDGE32L, 251 | SPARC_INS_EDGE32LN, 252 | SPARC_INS_EDGE32N, 253 | SPARC_INS_EDGE8, 254 | SPARC_INS_EDGE8L, 255 | SPARC_INS_EDGE8LN, 256 | SPARC_INS_EDGE8N, 257 | SPARC_INS_FABSD, 258 | SPARC_INS_FABSQ, 259 | SPARC_INS_FABSS, 260 | SPARC_INS_FADDD, 261 | SPARC_INS_FADDQ, 262 | SPARC_INS_FADDS, 263 | SPARC_INS_FALIGNDATA, 264 | SPARC_INS_FAND, 265 | SPARC_INS_FANDNOT1, 266 | SPARC_INS_FANDNOT1S, 267 | SPARC_INS_FANDNOT2, 268 | SPARC_INS_FANDNOT2S, 269 | SPARC_INS_FANDS, 270 | SPARC_INS_FCHKSM16, 271 | SPARC_INS_FCMPD, 272 | SPARC_INS_FCMPEQ16, 273 | SPARC_INS_FCMPEQ32, 274 | SPARC_INS_FCMPGT16, 275 | SPARC_INS_FCMPGT32, 276 | SPARC_INS_FCMPLE16, 277 | SPARC_INS_FCMPLE32, 278 | SPARC_INS_FCMPNE16, 279 | SPARC_INS_FCMPNE32, 280 | SPARC_INS_FCMPQ, 281 | SPARC_INS_FCMPS, 282 | SPARC_INS_FDIVD, 283 | SPARC_INS_FDIVQ, 284 | SPARC_INS_FDIVS, 285 | SPARC_INS_FDMULQ, 286 | SPARC_INS_FDTOI, 287 | SPARC_INS_FDTOQ, 288 | SPARC_INS_FDTOS, 289 | SPARC_INS_FDTOX, 290 | SPARC_INS_FEXPAND, 291 | SPARC_INS_FHADDD, 292 | SPARC_INS_FHADDS, 293 | SPARC_INS_FHSUBD, 294 | SPARC_INS_FHSUBS, 295 | SPARC_INS_FITOD, 296 | SPARC_INS_FITOQ, 297 | SPARC_INS_FITOS, 298 | SPARC_INS_FLCMPD, 299 | SPARC_INS_FLCMPS, 300 | SPARC_INS_FLUSHW, 301 | SPARC_INS_FMEAN16, 302 | SPARC_INS_FMOVD, 303 | SPARC_INS_FMOVQ, 304 | SPARC_INS_FMOVRDGEZ, 305 | SPARC_INS_FMOVRQGEZ, 306 | SPARC_INS_FMOVRSGEZ, 307 | SPARC_INS_FMOVRDGZ, 308 | SPARC_INS_FMOVRQGZ, 309 | SPARC_INS_FMOVRSGZ, 310 | SPARC_INS_FMOVRDLEZ, 311 | SPARC_INS_FMOVRQLEZ, 312 | SPARC_INS_FMOVRSLEZ, 313 | SPARC_INS_FMOVRDLZ, 314 | SPARC_INS_FMOVRQLZ, 315 | SPARC_INS_FMOVRSLZ, 316 | SPARC_INS_FMOVRDNZ, 317 | SPARC_INS_FMOVRQNZ, 318 | SPARC_INS_FMOVRSNZ, 319 | SPARC_INS_FMOVRDZ, 320 | SPARC_INS_FMOVRQZ, 321 | SPARC_INS_FMOVRSZ, 322 | SPARC_INS_FMOVS, 323 | SPARC_INS_FMUL8SUX16, 324 | SPARC_INS_FMUL8ULX16, 325 | SPARC_INS_FMUL8X16, 326 | SPARC_INS_FMUL8X16AL, 327 | SPARC_INS_FMUL8X16AU, 328 | SPARC_INS_FMULD, 329 | SPARC_INS_FMULD8SUX16, 330 | SPARC_INS_FMULD8ULX16, 331 | SPARC_INS_FMULQ, 332 | SPARC_INS_FMULS, 333 | SPARC_INS_FNADDD, 334 | SPARC_INS_FNADDS, 335 | SPARC_INS_FNAND, 336 | SPARC_INS_FNANDS, 337 | SPARC_INS_FNEGD, 338 | SPARC_INS_FNEGQ, 339 | SPARC_INS_FNEGS, 340 | SPARC_INS_FNHADDD, 341 | SPARC_INS_FNHADDS, 342 | SPARC_INS_FNOR, 343 | SPARC_INS_FNORS, 344 | SPARC_INS_FNOT1, 345 | SPARC_INS_FNOT1S, 346 | SPARC_INS_FNOT2, 347 | SPARC_INS_FNOT2S, 348 | SPARC_INS_FONE, 349 | SPARC_INS_FONES, 350 | SPARC_INS_FOR, 351 | SPARC_INS_FORNOT1, 352 | SPARC_INS_FORNOT1S, 353 | SPARC_INS_FORNOT2, 354 | SPARC_INS_FORNOT2S, 355 | SPARC_INS_FORS, 356 | SPARC_INS_FPACK16, 357 | SPARC_INS_FPACK32, 358 | SPARC_INS_FPACKFIX, 359 | SPARC_INS_FPADD16, 360 | SPARC_INS_FPADD16S, 361 | SPARC_INS_FPADD32, 362 | SPARC_INS_FPADD32S, 363 | SPARC_INS_FPADD64, 364 | SPARC_INS_FPMERGE, 365 | SPARC_INS_FPSUB16, 366 | SPARC_INS_FPSUB16S, 367 | SPARC_INS_FPSUB32, 368 | SPARC_INS_FPSUB32S, 369 | SPARC_INS_FQTOD, 370 | SPARC_INS_FQTOI, 371 | SPARC_INS_FQTOS, 372 | SPARC_INS_FQTOX, 373 | SPARC_INS_FSLAS16, 374 | SPARC_INS_FSLAS32, 375 | SPARC_INS_FSLL16, 376 | SPARC_INS_FSLL32, 377 | SPARC_INS_FSMULD, 378 | SPARC_INS_FSQRTD, 379 | SPARC_INS_FSQRTQ, 380 | SPARC_INS_FSQRTS, 381 | SPARC_INS_FSRA16, 382 | SPARC_INS_FSRA32, 383 | SPARC_INS_FSRC1, 384 | SPARC_INS_FSRC1S, 385 | SPARC_INS_FSRC2, 386 | SPARC_INS_FSRC2S, 387 | SPARC_INS_FSRL16, 388 | SPARC_INS_FSRL32, 389 | SPARC_INS_FSTOD, 390 | SPARC_INS_FSTOI, 391 | SPARC_INS_FSTOQ, 392 | SPARC_INS_FSTOX, 393 | SPARC_INS_FSUBD, 394 | SPARC_INS_FSUBQ, 395 | SPARC_INS_FSUBS, 396 | SPARC_INS_FXNOR, 397 | SPARC_INS_FXNORS, 398 | SPARC_INS_FXOR, 399 | SPARC_INS_FXORS, 400 | SPARC_INS_FXTOD, 401 | SPARC_INS_FXTOQ, 402 | SPARC_INS_FXTOS, 403 | SPARC_INS_FZERO, 404 | SPARC_INS_FZEROS, 405 | SPARC_INS_JMPL, 406 | SPARC_INS_LDD, 407 | SPARC_INS_LD, 408 | SPARC_INS_LDQ, 409 | SPARC_INS_LDSB, 410 | SPARC_INS_LDSH, 411 | SPARC_INS_LDSW, 412 | SPARC_INS_LDUB, 413 | SPARC_INS_LDUH, 414 | SPARC_INS_LDX, 415 | SPARC_INS_LZCNT, 416 | SPARC_INS_MEMBAR, 417 | SPARC_INS_MOVDTOX, 418 | SPARC_INS_MOV, 419 | SPARC_INS_MOVRGEZ, 420 | SPARC_INS_MOVRGZ, 421 | SPARC_INS_MOVRLEZ, 422 | SPARC_INS_MOVRLZ, 423 | SPARC_INS_MOVRNZ, 424 | SPARC_INS_MOVRZ, 425 | SPARC_INS_MOVSTOSW, 426 | SPARC_INS_MOVSTOUW, 427 | SPARC_INS_MULX, 428 | SPARC_INS_NOP, 429 | SPARC_INS_ORCC, 430 | SPARC_INS_ORNCC, 431 | SPARC_INS_ORN, 432 | SPARC_INS_OR, 433 | SPARC_INS_PDIST, 434 | SPARC_INS_PDISTN, 435 | SPARC_INS_POPC, 436 | SPARC_INS_RD, 437 | SPARC_INS_RESTORE, 438 | SPARC_INS_RETT, 439 | SPARC_INS_SAVE, 440 | SPARC_INS_SDIVCC, 441 | SPARC_INS_SDIVX, 442 | SPARC_INS_SDIV, 443 | SPARC_INS_SETHI, 444 | SPARC_INS_SHUTDOWN, 445 | SPARC_INS_SIAM, 446 | SPARC_INS_SLLX, 447 | SPARC_INS_SLL, 448 | SPARC_INS_SMULCC, 449 | SPARC_INS_SMUL, 450 | SPARC_INS_SRAX, 451 | SPARC_INS_SRA, 452 | SPARC_INS_SRLX, 453 | SPARC_INS_SRL, 454 | SPARC_INS_STBAR, 455 | SPARC_INS_STB, 456 | SPARC_INS_STD, 457 | SPARC_INS_ST, 458 | SPARC_INS_STH, 459 | SPARC_INS_STQ, 460 | SPARC_INS_STX, 461 | SPARC_INS_SUBCC, 462 | SPARC_INS_SUBX, 463 | SPARC_INS_SUBXCC, 464 | SPARC_INS_SUB, 465 | SPARC_INS_SWAP, 466 | SPARC_INS_TADDCCTV, 467 | SPARC_INS_TADDCC, 468 | SPARC_INS_T, 469 | SPARC_INS_TSUBCCTV, 470 | SPARC_INS_TSUBCC, 471 | SPARC_INS_UDIVCC, 472 | SPARC_INS_UDIVX, 473 | SPARC_INS_UDIV, 474 | SPARC_INS_UMULCC, 475 | SPARC_INS_UMULXHI, 476 | SPARC_INS_UMUL, 477 | SPARC_INS_UNIMP, 478 | SPARC_INS_FCMPED, 479 | SPARC_INS_FCMPEQ, 480 | SPARC_INS_FCMPES, 481 | SPARC_INS_WR, 482 | SPARC_INS_XMULX, 483 | SPARC_INS_XMULXHI, 484 | SPARC_INS_XNORCC, 485 | SPARC_INS_XNOR, 486 | SPARC_INS_XORCC, 487 | SPARC_INS_XOR, 488 | 489 | // alias instructions 490 | SPARC_INS_RET, 491 | SPARC_INS_RETL, 492 | 493 | SPARC_INS_ENDING, // <-- mark the end of the list of instructions 494 | } sparc_insn; 495 | 496 | /// Group of SPARC instructions 497 | typedef enum sparc_insn_group { 498 | SPARC_GRP_INVALID = 0, ///< = CS_GRP_INVALID 499 | 500 | // Generic groups 501 | // all jump instructions (conditional+direct+indirect jumps) 502 | SPARC_GRP_JUMP, ///< = CS_GRP_JUMP 503 | 504 | // Architecture-specific groups 505 | SPARC_GRP_HARDQUAD = 128, 506 | SPARC_GRP_V9, 507 | SPARC_GRP_VIS, 508 | SPARC_GRP_VIS2, 509 | SPARC_GRP_VIS3, 510 | SPARC_GRP_32BIT, 511 | SPARC_GRP_64BIT, 512 | 513 | SPARC_GRP_ENDING, // <-- mark the end of the list of groups 514 | } sparc_insn_group; 515 | 516 | #ifdef __cplusplus 517 | } 518 | #endif 519 | 520 | #endif 521 | -------------------------------------------------------------------------------- /Lexa/capstone/tms320c64x.h: -------------------------------------------------------------------------------- 1 | /* Capstone Disassembly Engine */ 2 | /* TMS320C64x Backend by Fotis Loukos 2016 */ 3 | 4 | #ifndef CAPSTONE_TMS320C64X_H 5 | #define CAPSTONE_TMS320C64X_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include 12 | #include "platform.h" 13 | 14 | #ifdef _MSC_VER 15 | #pragma warning(disable:4201) 16 | #endif 17 | 18 | typedef enum tms320c64x_op_type { 19 | TMS320C64X_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized). 20 | TMS320C64X_OP_REG, ///< = CS_OP_REG (Register operand). 21 | TMS320C64X_OP_IMM, ///< = CS_OP_IMM (Immediate operand). 22 | TMS320C64X_OP_MEM, ///< = CS_OP_MEM (Memory operand). 23 | TMS320C64X_OP_REGPAIR = 64, ///< Register pair for double word ops 24 | } tms320c64x_op_type; 25 | 26 | typedef enum tms320c64x_mem_disp { 27 | TMS320C64X_MEM_DISP_INVALID = 0, 28 | TMS320C64X_MEM_DISP_CONSTANT, 29 | TMS320C64X_MEM_DISP_REGISTER, 30 | } tms320c64x_mem_disp; 31 | 32 | typedef enum tms320c64x_mem_dir { 33 | TMS320C64X_MEM_DIR_INVALID = 0, 34 | TMS320C64X_MEM_DIR_FW, 35 | TMS320C64X_MEM_DIR_BW, 36 | } tms320c64x_mem_dir; 37 | 38 | typedef enum tms320c64x_mem_mod { 39 | TMS320C64X_MEM_MOD_INVALID = 0, 40 | TMS320C64X_MEM_MOD_NO, 41 | TMS320C64X_MEM_MOD_PRE, 42 | TMS320C64X_MEM_MOD_POST, 43 | } tms320c64x_mem_mod; 44 | 45 | typedef struct tms320c64x_op_mem { 46 | unsigned int base; ///< base register 47 | unsigned int disp; ///< displacement/offset value 48 | unsigned int unit; ///< unit of base and offset register 49 | unsigned int scaled; ///< offset scaled 50 | unsigned int disptype; ///< displacement type 51 | unsigned int direction; ///< direction 52 | unsigned int modify; ///< modification 53 | } tms320c64x_op_mem; 54 | 55 | typedef struct cs_tms320c64x_op { 56 | tms320c64x_op_type type; ///< operand type 57 | union { 58 | unsigned int reg; ///< register value for REG operand or first register for REGPAIR operand 59 | int32_t imm; ///< immediate value for IMM operand 60 | tms320c64x_op_mem mem; ///< base/disp value for MEM operand 61 | }; 62 | } cs_tms320c64x_op; 63 | 64 | typedef struct cs_tms320c64x { 65 | uint8_t op_count; 66 | cs_tms320c64x_op operands[8]; ///< operands for this instruction. 67 | struct { 68 | unsigned int reg; 69 | unsigned int zero; 70 | } condition; 71 | struct { 72 | unsigned int unit; 73 | unsigned int side; 74 | unsigned int crosspath; 75 | } funit; 76 | unsigned int parallel; 77 | } cs_tms320c64x; 78 | 79 | typedef enum tms320c64x_reg { 80 | TMS320C64X_REG_INVALID = 0, 81 | 82 | TMS320C64X_REG_AMR, 83 | TMS320C64X_REG_CSR, 84 | TMS320C64X_REG_DIER, 85 | TMS320C64X_REG_DNUM, 86 | TMS320C64X_REG_ECR, 87 | TMS320C64X_REG_GFPGFR, 88 | TMS320C64X_REG_GPLYA, 89 | TMS320C64X_REG_GPLYB, 90 | TMS320C64X_REG_ICR, 91 | TMS320C64X_REG_IER, 92 | TMS320C64X_REG_IERR, 93 | TMS320C64X_REG_ILC, 94 | TMS320C64X_REG_IRP, 95 | TMS320C64X_REG_ISR, 96 | TMS320C64X_REG_ISTP, 97 | TMS320C64X_REG_ITSR, 98 | TMS320C64X_REG_NRP, 99 | TMS320C64X_REG_NTSR, 100 | TMS320C64X_REG_REP, 101 | TMS320C64X_REG_RILC, 102 | TMS320C64X_REG_SSR, 103 | TMS320C64X_REG_TSCH, 104 | TMS320C64X_REG_TSCL, 105 | TMS320C64X_REG_TSR, 106 | TMS320C64X_REG_A0, 107 | TMS320C64X_REG_A1, 108 | TMS320C64X_REG_A2, 109 | TMS320C64X_REG_A3, 110 | TMS320C64X_REG_A4, 111 | TMS320C64X_REG_A5, 112 | TMS320C64X_REG_A6, 113 | TMS320C64X_REG_A7, 114 | TMS320C64X_REG_A8, 115 | TMS320C64X_REG_A9, 116 | TMS320C64X_REG_A10, 117 | TMS320C64X_REG_A11, 118 | TMS320C64X_REG_A12, 119 | TMS320C64X_REG_A13, 120 | TMS320C64X_REG_A14, 121 | TMS320C64X_REG_A15, 122 | TMS320C64X_REG_A16, 123 | TMS320C64X_REG_A17, 124 | TMS320C64X_REG_A18, 125 | TMS320C64X_REG_A19, 126 | TMS320C64X_REG_A20, 127 | TMS320C64X_REG_A21, 128 | TMS320C64X_REG_A22, 129 | TMS320C64X_REG_A23, 130 | TMS320C64X_REG_A24, 131 | TMS320C64X_REG_A25, 132 | TMS320C64X_REG_A26, 133 | TMS320C64X_REG_A27, 134 | TMS320C64X_REG_A28, 135 | TMS320C64X_REG_A29, 136 | TMS320C64X_REG_A30, 137 | TMS320C64X_REG_A31, 138 | TMS320C64X_REG_B0, 139 | TMS320C64X_REG_B1, 140 | TMS320C64X_REG_B2, 141 | TMS320C64X_REG_B3, 142 | TMS320C64X_REG_B4, 143 | TMS320C64X_REG_B5, 144 | TMS320C64X_REG_B6, 145 | TMS320C64X_REG_B7, 146 | TMS320C64X_REG_B8, 147 | TMS320C64X_REG_B9, 148 | TMS320C64X_REG_B10, 149 | TMS320C64X_REG_B11, 150 | TMS320C64X_REG_B12, 151 | TMS320C64X_REG_B13, 152 | TMS320C64X_REG_B14, 153 | TMS320C64X_REG_B15, 154 | TMS320C64X_REG_B16, 155 | TMS320C64X_REG_B17, 156 | TMS320C64X_REG_B18, 157 | TMS320C64X_REG_B19, 158 | TMS320C64X_REG_B20, 159 | TMS320C64X_REG_B21, 160 | TMS320C64X_REG_B22, 161 | TMS320C64X_REG_B23, 162 | TMS320C64X_REG_B24, 163 | TMS320C64X_REG_B25, 164 | TMS320C64X_REG_B26, 165 | TMS320C64X_REG_B27, 166 | TMS320C64X_REG_B28, 167 | TMS320C64X_REG_B29, 168 | TMS320C64X_REG_B30, 169 | TMS320C64X_REG_B31, 170 | TMS320C64X_REG_PCE1, 171 | 172 | TMS320C64X_REG_ENDING, // <-- mark the end of the list of registers 173 | 174 | // Alias registers 175 | TMS320C64X_REG_EFR = TMS320C64X_REG_ECR, 176 | TMS320C64X_REG_IFR = TMS320C64X_REG_ISR, 177 | } tms320c64x_reg; 178 | 179 | typedef enum tms320c64x_insn { 180 | TMS320C64X_INS_INVALID = 0, 181 | 182 | TMS320C64X_INS_ABS, 183 | TMS320C64X_INS_ABS2, 184 | TMS320C64X_INS_ADD, 185 | TMS320C64X_INS_ADD2, 186 | TMS320C64X_INS_ADD4, 187 | TMS320C64X_INS_ADDAB, 188 | TMS320C64X_INS_ADDAD, 189 | TMS320C64X_INS_ADDAH, 190 | TMS320C64X_INS_ADDAW, 191 | TMS320C64X_INS_ADDK, 192 | TMS320C64X_INS_ADDKPC, 193 | TMS320C64X_INS_ADDU, 194 | TMS320C64X_INS_AND, 195 | TMS320C64X_INS_ANDN, 196 | TMS320C64X_INS_AVG2, 197 | TMS320C64X_INS_AVGU4, 198 | TMS320C64X_INS_B, 199 | TMS320C64X_INS_BDEC, 200 | TMS320C64X_INS_BITC4, 201 | TMS320C64X_INS_BNOP, 202 | TMS320C64X_INS_BPOS, 203 | TMS320C64X_INS_CLR, 204 | TMS320C64X_INS_CMPEQ, 205 | TMS320C64X_INS_CMPEQ2, 206 | TMS320C64X_INS_CMPEQ4, 207 | TMS320C64X_INS_CMPGT, 208 | TMS320C64X_INS_CMPGT2, 209 | TMS320C64X_INS_CMPGTU4, 210 | TMS320C64X_INS_CMPLT, 211 | TMS320C64X_INS_CMPLTU, 212 | TMS320C64X_INS_DEAL, 213 | TMS320C64X_INS_DOTP2, 214 | TMS320C64X_INS_DOTPN2, 215 | TMS320C64X_INS_DOTPNRSU2, 216 | TMS320C64X_INS_DOTPRSU2, 217 | TMS320C64X_INS_DOTPSU4, 218 | TMS320C64X_INS_DOTPU4, 219 | TMS320C64X_INS_EXT, 220 | TMS320C64X_INS_EXTU, 221 | TMS320C64X_INS_GMPGTU, 222 | TMS320C64X_INS_GMPY4, 223 | TMS320C64X_INS_LDB, 224 | TMS320C64X_INS_LDBU, 225 | TMS320C64X_INS_LDDW, 226 | TMS320C64X_INS_LDH, 227 | TMS320C64X_INS_LDHU, 228 | TMS320C64X_INS_LDNDW, 229 | TMS320C64X_INS_LDNW, 230 | TMS320C64X_INS_LDW, 231 | TMS320C64X_INS_LMBD, 232 | TMS320C64X_INS_MAX2, 233 | TMS320C64X_INS_MAXU4, 234 | TMS320C64X_INS_MIN2, 235 | TMS320C64X_INS_MINU4, 236 | TMS320C64X_INS_MPY, 237 | TMS320C64X_INS_MPY2, 238 | TMS320C64X_INS_MPYH, 239 | TMS320C64X_INS_MPYHI, 240 | TMS320C64X_INS_MPYHIR, 241 | TMS320C64X_INS_MPYHL, 242 | TMS320C64X_INS_MPYHLU, 243 | TMS320C64X_INS_MPYHSLU, 244 | TMS320C64X_INS_MPYHSU, 245 | TMS320C64X_INS_MPYHU, 246 | TMS320C64X_INS_MPYHULS, 247 | TMS320C64X_INS_MPYHUS, 248 | TMS320C64X_INS_MPYLH, 249 | TMS320C64X_INS_MPYLHU, 250 | TMS320C64X_INS_MPYLI, 251 | TMS320C64X_INS_MPYLIR, 252 | TMS320C64X_INS_MPYLSHU, 253 | TMS320C64X_INS_MPYLUHS, 254 | TMS320C64X_INS_MPYSU, 255 | TMS320C64X_INS_MPYSU4, 256 | TMS320C64X_INS_MPYU, 257 | TMS320C64X_INS_MPYU4, 258 | TMS320C64X_INS_MPYUS, 259 | TMS320C64X_INS_MVC, 260 | TMS320C64X_INS_MVD, 261 | TMS320C64X_INS_MVK, 262 | TMS320C64X_INS_MVKL, 263 | TMS320C64X_INS_MVKLH, 264 | TMS320C64X_INS_NOP, 265 | TMS320C64X_INS_NORM, 266 | TMS320C64X_INS_OR, 267 | TMS320C64X_INS_PACK2, 268 | TMS320C64X_INS_PACKH2, 269 | TMS320C64X_INS_PACKH4, 270 | TMS320C64X_INS_PACKHL2, 271 | TMS320C64X_INS_PACKL4, 272 | TMS320C64X_INS_PACKLH2, 273 | TMS320C64X_INS_ROTL, 274 | TMS320C64X_INS_SADD, 275 | TMS320C64X_INS_SADD2, 276 | TMS320C64X_INS_SADDU4, 277 | TMS320C64X_INS_SADDUS2, 278 | TMS320C64X_INS_SAT, 279 | TMS320C64X_INS_SET, 280 | TMS320C64X_INS_SHFL, 281 | TMS320C64X_INS_SHL, 282 | TMS320C64X_INS_SHLMB, 283 | TMS320C64X_INS_SHR, 284 | TMS320C64X_INS_SHR2, 285 | TMS320C64X_INS_SHRMB, 286 | TMS320C64X_INS_SHRU, 287 | TMS320C64X_INS_SHRU2, 288 | TMS320C64X_INS_SMPY, 289 | TMS320C64X_INS_SMPY2, 290 | TMS320C64X_INS_SMPYH, 291 | TMS320C64X_INS_SMPYHL, 292 | TMS320C64X_INS_SMPYLH, 293 | TMS320C64X_INS_SPACK2, 294 | TMS320C64X_INS_SPACKU4, 295 | TMS320C64X_INS_SSHL, 296 | TMS320C64X_INS_SSHVL, 297 | TMS320C64X_INS_SSHVR, 298 | TMS320C64X_INS_SSUB, 299 | TMS320C64X_INS_STB, 300 | TMS320C64X_INS_STDW, 301 | TMS320C64X_INS_STH, 302 | TMS320C64X_INS_STNDW, 303 | TMS320C64X_INS_STNW, 304 | TMS320C64X_INS_STW, 305 | TMS320C64X_INS_SUB, 306 | TMS320C64X_INS_SUB2, 307 | TMS320C64X_INS_SUB4, 308 | TMS320C64X_INS_SUBAB, 309 | TMS320C64X_INS_SUBABS4, 310 | TMS320C64X_INS_SUBAH, 311 | TMS320C64X_INS_SUBAW, 312 | TMS320C64X_INS_SUBC, 313 | TMS320C64X_INS_SUBU, 314 | TMS320C64X_INS_SWAP4, 315 | TMS320C64X_INS_UNPKHU4, 316 | TMS320C64X_INS_UNPKLU4, 317 | TMS320C64X_INS_XOR, 318 | TMS320C64X_INS_XPND2, 319 | TMS320C64X_INS_XPND4, 320 | // Aliases 321 | TMS320C64X_INS_IDLE, 322 | TMS320C64X_INS_MV, 323 | TMS320C64X_INS_NEG, 324 | TMS320C64X_INS_NOT, 325 | TMS320C64X_INS_SWAP2, 326 | TMS320C64X_INS_ZERO, 327 | 328 | TMS320C64X_INS_ENDING, // <-- mark the end of the list of instructions 329 | } tms320c64x_insn; 330 | 331 | typedef enum tms320c64x_insn_group { 332 | TMS320C64X_GRP_INVALID = 0, ///< = CS_GRP_INVALID 333 | 334 | TMS320C64X_GRP_JUMP, ///< = CS_GRP_JUMP 335 | 336 | TMS320C64X_GRP_FUNIT_D = 128, 337 | TMS320C64X_GRP_FUNIT_L, 338 | TMS320C64X_GRP_FUNIT_M, 339 | TMS320C64X_GRP_FUNIT_S, 340 | TMS320C64X_GRP_FUNIT_NO, 341 | 342 | TMS320C64X_GRP_ENDING, // <-- mark the end of the list of groups 343 | } tms320c64x_insn_group; 344 | 345 | typedef enum tms320c64x_funit { 346 | TMS320C64X_FUNIT_INVALID = 0, 347 | TMS320C64X_FUNIT_D, 348 | TMS320C64X_FUNIT_L, 349 | TMS320C64X_FUNIT_M, 350 | TMS320C64X_FUNIT_S, 351 | TMS320C64X_FUNIT_NO 352 | } tms320c64x_funit; 353 | 354 | #ifdef __cplusplus 355 | } 356 | #endif 357 | 358 | #endif 359 | 360 | -------------------------------------------------------------------------------- /Lexa/capstone/xcore.h: -------------------------------------------------------------------------------- 1 | #ifndef CAPSTONE_XCORE_H 2 | #define CAPSTONE_XCORE_H 3 | 4 | /* Capstone Disassembly Engine */ 5 | /* By Nguyen Anh Quynh , 2014-2015 */ 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "platform.h" 12 | 13 | #ifdef _MSC_VER 14 | #pragma warning(disable:4201) 15 | #endif 16 | 17 | /// Operand type for instruction's operands 18 | typedef enum xcore_op_type { 19 | XCORE_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized). 20 | XCORE_OP_REG, ///< = CS_OP_REG (Register operand). 21 | XCORE_OP_IMM, ///< = CS_OP_IMM (Immediate operand). 22 | XCORE_OP_MEM, ///< = CS_OP_MEM (Memory operand). 23 | } xcore_op_type; 24 | 25 | /// XCore registers 26 | typedef enum xcore_reg { 27 | XCORE_REG_INVALID = 0, 28 | 29 | XCORE_REG_CP, 30 | XCORE_REG_DP, 31 | XCORE_REG_LR, 32 | XCORE_REG_SP, 33 | XCORE_REG_R0, 34 | XCORE_REG_R1, 35 | XCORE_REG_R2, 36 | XCORE_REG_R3, 37 | XCORE_REG_R4, 38 | XCORE_REG_R5, 39 | XCORE_REG_R6, 40 | XCORE_REG_R7, 41 | XCORE_REG_R8, 42 | XCORE_REG_R9, 43 | XCORE_REG_R10, 44 | XCORE_REG_R11, 45 | 46 | // pseudo registers 47 | XCORE_REG_PC, ///< pc 48 | 49 | // internal thread registers 50 | // see The-XMOS-XS1-Architecture(X7879A).pdf 51 | XCORE_REG_SCP, ///< save pc 52 | XCORE_REG_SSR, //< save status 53 | XCORE_REG_ET, //< exception type 54 | XCORE_REG_ED, //< exception data 55 | XCORE_REG_SED, //< save exception data 56 | XCORE_REG_KEP, //< kernel entry pointer 57 | XCORE_REG_KSP, //< kernel stack pointer 58 | XCORE_REG_ID, //< thread ID 59 | 60 | XCORE_REG_ENDING, // <-- mark the end of the list of registers 61 | } xcore_reg; 62 | 63 | /// Instruction's operand referring to memory 64 | /// This is associated with XCORE_OP_MEM operand type above 65 | typedef struct xcore_op_mem { 66 | uint8_t base; ///< base register, can be safely interpreted as 67 | ///< a value of type `xcore_reg`, but it is only 68 | ///< one byte wide 69 | uint8_t index; ///< index register, same conditions apply here 70 | int32_t disp; ///< displacement/offset value 71 | int direct; ///< +1: forward, -1: backward 72 | } xcore_op_mem; 73 | 74 | /// Instruction operand 75 | typedef struct cs_xcore_op { 76 | xcore_op_type type; ///< operand type 77 | union { 78 | xcore_reg reg; ///< register value for REG operand 79 | int32_t imm; ///< immediate value for IMM operand 80 | xcore_op_mem mem; ///< base/disp value for MEM operand 81 | }; 82 | } cs_xcore_op; 83 | 84 | /// Instruction structure 85 | typedef struct cs_xcore { 86 | /// Number of operands of this instruction, 87 | /// or 0 when instruction has no operand. 88 | uint8_t op_count; 89 | cs_xcore_op operands[8]; ///< operands for this instruction. 90 | } cs_xcore; 91 | 92 | /// XCore instruction 93 | typedef enum xcore_insn { 94 | XCORE_INS_INVALID = 0, 95 | 96 | XCORE_INS_ADD, 97 | XCORE_INS_ANDNOT, 98 | XCORE_INS_AND, 99 | XCORE_INS_ASHR, 100 | XCORE_INS_BAU, 101 | XCORE_INS_BITREV, 102 | XCORE_INS_BLA, 103 | XCORE_INS_BLAT, 104 | XCORE_INS_BL, 105 | XCORE_INS_BF, 106 | XCORE_INS_BT, 107 | XCORE_INS_BU, 108 | XCORE_INS_BRU, 109 | XCORE_INS_BYTEREV, 110 | XCORE_INS_CHKCT, 111 | XCORE_INS_CLRE, 112 | XCORE_INS_CLRPT, 113 | XCORE_INS_CLRSR, 114 | XCORE_INS_CLZ, 115 | XCORE_INS_CRC8, 116 | XCORE_INS_CRC32, 117 | XCORE_INS_DCALL, 118 | XCORE_INS_DENTSP, 119 | XCORE_INS_DGETREG, 120 | XCORE_INS_DIVS, 121 | XCORE_INS_DIVU, 122 | XCORE_INS_DRESTSP, 123 | XCORE_INS_DRET, 124 | XCORE_INS_ECALLF, 125 | XCORE_INS_ECALLT, 126 | XCORE_INS_EDU, 127 | XCORE_INS_EEF, 128 | XCORE_INS_EET, 129 | XCORE_INS_EEU, 130 | XCORE_INS_ENDIN, 131 | XCORE_INS_ENTSP, 132 | XCORE_INS_EQ, 133 | XCORE_INS_EXTDP, 134 | XCORE_INS_EXTSP, 135 | XCORE_INS_FREER, 136 | XCORE_INS_FREET, 137 | XCORE_INS_GETD, 138 | XCORE_INS_GET, 139 | XCORE_INS_GETN, 140 | XCORE_INS_GETR, 141 | XCORE_INS_GETSR, 142 | XCORE_INS_GETST, 143 | XCORE_INS_GETTS, 144 | XCORE_INS_INCT, 145 | XCORE_INS_INIT, 146 | XCORE_INS_INPW, 147 | XCORE_INS_INSHR, 148 | XCORE_INS_INT, 149 | XCORE_INS_IN, 150 | XCORE_INS_KCALL, 151 | XCORE_INS_KENTSP, 152 | XCORE_INS_KRESTSP, 153 | XCORE_INS_KRET, 154 | XCORE_INS_LADD, 155 | XCORE_INS_LD16S, 156 | XCORE_INS_LD8U, 157 | XCORE_INS_LDA16, 158 | XCORE_INS_LDAP, 159 | XCORE_INS_LDAW, 160 | XCORE_INS_LDC, 161 | XCORE_INS_LDW, 162 | XCORE_INS_LDIVU, 163 | XCORE_INS_LMUL, 164 | XCORE_INS_LSS, 165 | XCORE_INS_LSUB, 166 | XCORE_INS_LSU, 167 | XCORE_INS_MACCS, 168 | XCORE_INS_MACCU, 169 | XCORE_INS_MJOIN, 170 | XCORE_INS_MKMSK, 171 | XCORE_INS_MSYNC, 172 | XCORE_INS_MUL, 173 | XCORE_INS_NEG, 174 | XCORE_INS_NOT, 175 | XCORE_INS_OR, 176 | XCORE_INS_OUTCT, 177 | XCORE_INS_OUTPW, 178 | XCORE_INS_OUTSHR, 179 | XCORE_INS_OUTT, 180 | XCORE_INS_OUT, 181 | XCORE_INS_PEEK, 182 | XCORE_INS_REMS, 183 | XCORE_INS_REMU, 184 | XCORE_INS_RETSP, 185 | XCORE_INS_SETCLK, 186 | XCORE_INS_SET, 187 | XCORE_INS_SETC, 188 | XCORE_INS_SETD, 189 | XCORE_INS_SETEV, 190 | XCORE_INS_SETN, 191 | XCORE_INS_SETPSC, 192 | XCORE_INS_SETPT, 193 | XCORE_INS_SETRDY, 194 | XCORE_INS_SETSR, 195 | XCORE_INS_SETTW, 196 | XCORE_INS_SETV, 197 | XCORE_INS_SEXT, 198 | XCORE_INS_SHL, 199 | XCORE_INS_SHR, 200 | XCORE_INS_SSYNC, 201 | XCORE_INS_ST16, 202 | XCORE_INS_ST8, 203 | XCORE_INS_STW, 204 | XCORE_INS_SUB, 205 | XCORE_INS_SYNCR, 206 | XCORE_INS_TESTCT, 207 | XCORE_INS_TESTLCL, 208 | XCORE_INS_TESTWCT, 209 | XCORE_INS_TSETMR, 210 | XCORE_INS_START, 211 | XCORE_INS_WAITEF, 212 | XCORE_INS_WAITET, 213 | XCORE_INS_WAITEU, 214 | XCORE_INS_XOR, 215 | XCORE_INS_ZEXT, 216 | 217 | XCORE_INS_ENDING, // <-- mark the end of the list of instructions 218 | } xcore_insn; 219 | 220 | /// Group of XCore instructions 221 | typedef enum xcore_insn_group { 222 | XCORE_GRP_INVALID = 0, ///< = CS_GRP_INVALID 223 | 224 | // Generic groups 225 | // all jump instructions (conditional+direct+indirect jumps) 226 | XCORE_GRP_JUMP, ///< = CS_GRP_JUMP 227 | 228 | XCORE_GRP_ENDING, // <-- mark the end of the list of groups 229 | } xcore_insn_group; 230 | 231 | #ifdef __cplusplus 232 | } 233 | #endif 234 | 235 | #endif 236 | -------------------------------------------------------------------------------- /Lexa/iat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | #include 4 | using namespace std; 5 | #define getNtHdr(buf) ((IMAGE_NT_HEADERS*)((size_t)buf + ((IMAGE_DOS_HEADER *)buf)->e_lfanew )) 6 | #define getSectionArr(buf) ((IMAGE_SECTION_HEADER *)((size_t)buf + ((IMAGE_DOS_HEADER *)buf)->e_lfanew + sizeof(IMAGE_NT_HEADERS))) 7 | 8 | map< DWORD, string> getIAT_callVia(size_t modulePtr) { 9 | map impThunkVaArr = map< DWORD, string>(); 10 | PIMAGE_IMPORT_DESCRIPTOR impLib = (PIMAGE_IMPORT_DESCRIPTOR)(modulePtr + getNtHdr(modulePtr)->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress); 11 | size_t libCount = getNtHdr(modulePtr)->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].Size / sizeof(IMAGE_IMPORT_DESCRIPTOR); 12 | 13 | // enumerate modules 14 | for (;(libCount-- > 0) && impLib->Name; impLib++) { 15 | char* impLibName = (char *)(modulePtr + impLib->Name); 16 | 17 | // enumerate thunk 18 | for (PIMAGE_THUNK_DATA callVia = (PIMAGE_THUNK_DATA)(modulePtr + impLib->FirstThunk); callVia->u1.ForwarderString; callVia++) { 19 | pair newRecord = pair((size_t)callVia - (size_t)modulePtr, impLibName); 20 | impThunkVaArr.insert(newRecord); 21 | } 22 | } 23 | return impThunkVaArr; 24 | } 25 | -------------------------------------------------------------------------------- /Lexa/keystone/arm.h: -------------------------------------------------------------------------------- 1 | /* Keystone Assembler Engine */ 2 | /* By Nguyen Anh Quynh, 2016 */ 3 | 4 | #ifndef KEYSTONE_ARM_H 5 | #define KEYSTONE_ARM_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "keystone.h" 12 | 13 | typedef enum ks_err_asm_arm { 14 | KS_ERR_ASM_ARM_INVALIDOPERAND = KS_ERR_ASM_ARCH, 15 | KS_ERR_ASM_ARM_MISSINGFEATURE, 16 | KS_ERR_ASM_ARM_MNEMONICFAIL, 17 | } ks_err_asm_arm; 18 | 19 | #ifdef __cplusplus 20 | } 21 | #endif 22 | 23 | #endif 24 | -------------------------------------------------------------------------------- /Lexa/keystone/arm64.h: -------------------------------------------------------------------------------- 1 | /* Keystone Assembler Engine */ 2 | /* By Nguyen Anh Quynh, 2016 */ 3 | 4 | #ifndef KEYSTONE_ARM64_H 5 | #define KEYSTONE_ARM64_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "keystone.h" 12 | 13 | typedef enum ks_err_asm_arm64 { 14 | KS_ERR_ASM_ARM64_INVALIDOPERAND = KS_ERR_ASM_ARCH, 15 | KS_ERR_ASM_ARM64_MISSINGFEATURE, 16 | KS_ERR_ASM_ARM64_MNEMONICFAIL, 17 | } ks_err_asm_arm64; 18 | 19 | #ifdef __cplusplus 20 | } 21 | #endif 22 | 23 | #endif 24 | -------------------------------------------------------------------------------- /Lexa/keystone/hexagon.h: -------------------------------------------------------------------------------- 1 | /* Keystone Assembler Engine */ 2 | /* By Nguyen Anh Quynh, 2016 */ 3 | 4 | #ifndef KEYSTONE_HEXAGON_H 5 | #define KEYSTONE_HEXAGON_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "keystone.h" 12 | 13 | typedef enum ks_err_asm_hexagon { 14 | KS_ERR_ASM_HEXAGON_INVALIDOPERAND = KS_ERR_ASM_ARCH, 15 | KS_ERR_ASM_HEXAGON_MISSINGFEATURE, 16 | KS_ERR_ASM_HEXAGON_MNEMONICFAIL, 17 | } ks_err_asm_hexagon; 18 | 19 | 20 | #ifdef __cplusplus 21 | } 22 | #endif 23 | 24 | #endif 25 | -------------------------------------------------------------------------------- /Lexa/keystone/keystone.h: -------------------------------------------------------------------------------- 1 | /* Keystone Assembler Engine (www.keystone-engine.org) */ 2 | /* By Nguyen Anh Quynh , 2016 */ 3 | 4 | #ifndef KEYSTONE_ENGINE_H 5 | #define KEYSTONE_ENGINE_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include 12 | #include 13 | #include 14 | #include 15 | 16 | #ifdef _MSC_VER // MSVC compiler 17 | #pragma warning(disable:4201) 18 | #pragma warning(disable:4100) 19 | #define KEYSTONE_EXPORT __declspec(dllexport) 20 | #else 21 | #ifdef __GNUC__ 22 | #define KEYSTONE_EXPORT __attribute__((visibility("default"))) 23 | #else 24 | #define KEYSTONE_EXPORT 25 | #endif 26 | #endif 27 | 28 | 29 | struct ks_struct; 30 | typedef struct ks_struct ks_engine; 31 | 32 | // Keystone API version 33 | #define KS_API_MAJOR 0 34 | #define KS_API_MINOR 9 35 | 36 | /* 37 | Macro to create combined version which can be compared to 38 | result of ks_version() API. 39 | */ 40 | #define KS_MAKE_VERSION(major, minor) ((major << 8) + minor) 41 | 42 | // Architecture type 43 | typedef enum ks_arch { 44 | KS_ARCH_ARM = 1, // ARM architecture (including Thumb, Thumb-2) 45 | KS_ARCH_ARM64, // ARM-64, also called AArch64 46 | KS_ARCH_MIPS, // Mips architecture 47 | KS_ARCH_X86, // X86 architecture (including x86 & x86-64) 48 | KS_ARCH_PPC, // PowerPC architecture (currently unsupported) 49 | KS_ARCH_SPARC, // Sparc architecture 50 | KS_ARCH_SYSTEMZ, // SystemZ architecture (S390X) 51 | KS_ARCH_HEXAGON, // Hexagon architecture 52 | KS_ARCH_MAX, 53 | } ks_arch; 54 | 55 | // Mode type 56 | typedef enum ks_mode { 57 | KS_MODE_LITTLE_ENDIAN = 0, // little-endian mode (default mode) 58 | KS_MODE_BIG_ENDIAN = 1 << 30, // big-endian mode 59 | // arm / arm64 60 | KS_MODE_ARM = 1 << 0, // ARM mode 61 | KS_MODE_THUMB = 1 << 4, // THUMB mode (including Thumb-2) 62 | KS_MODE_V8 = 1 << 6, // ARMv8 A32 encodings for ARM 63 | // mips 64 | KS_MODE_MICRO = 1 << 4, // MicroMips mode 65 | KS_MODE_MIPS3 = 1 << 5, // Mips III ISA 66 | KS_MODE_MIPS32R6 = 1 << 6, // Mips32r6 ISA 67 | KS_MODE_MIPS32 = 1 << 2, // Mips32 ISA 68 | KS_MODE_MIPS64 = 1 << 3, // Mips64 ISA 69 | // x86 / x64 70 | KS_MODE_16 = 1 << 1, // 16-bit mode 71 | KS_MODE_32 = 1 << 2, // 32-bit mode 72 | KS_MODE_64 = 1 << 3, // 64-bit mode 73 | // ppc 74 | KS_MODE_PPC32 = 1 << 2, // 32-bit mode 75 | KS_MODE_PPC64 = 1 << 3, // 64-bit mode 76 | KS_MODE_QPX = 1 << 4, // Quad Processing eXtensions mode 77 | // sparc 78 | KS_MODE_SPARC32 = 1 << 2, // 32-bit mode 79 | KS_MODE_SPARC64 = 1 << 3, // 64-bit mode 80 | KS_MODE_V9 = 1 << 4, // SparcV9 mode 81 | } ks_mode; 82 | 83 | // All generic errors related to input assembly >= KS_ERR_ASM 84 | #define KS_ERR_ASM 128 85 | 86 | // All architecture-specific errors related to input assembly >= KS_ERR_ASM_ARCH 87 | #define KS_ERR_ASM_ARCH 512 88 | 89 | // All type of errors encountered by Keystone API. 90 | typedef enum ks_err { 91 | KS_ERR_OK = 0, // No error: everything was fine 92 | KS_ERR_NOMEM, // Out-Of-Memory error: ks_open(), ks_emulate() 93 | KS_ERR_ARCH, // Unsupported architecture: ks_open() 94 | KS_ERR_HANDLE, // Invalid handle 95 | KS_ERR_MODE, // Invalid/unsupported mode: ks_open() 96 | KS_ERR_VERSION, // Unsupported version (bindings) 97 | KS_ERR_OPT_INVALID, // Unsupported option 98 | 99 | // generic input assembly errors - parser specific 100 | KS_ERR_ASM_EXPR_TOKEN = KS_ERR_ASM, // unknown token in expression 101 | KS_ERR_ASM_DIRECTIVE_VALUE_RANGE, // literal value out of range for directive 102 | KS_ERR_ASM_DIRECTIVE_ID, // expected identifier in directive 103 | KS_ERR_ASM_DIRECTIVE_TOKEN, // unexpected token in directive 104 | KS_ERR_ASM_DIRECTIVE_STR, // expected string in directive 105 | KS_ERR_ASM_DIRECTIVE_COMMA, // expected comma in directive 106 | KS_ERR_ASM_DIRECTIVE_RELOC_NAME, // expected relocation name in directive 107 | KS_ERR_ASM_DIRECTIVE_RELOC_TOKEN, // unexpected token in .reloc directive 108 | KS_ERR_ASM_DIRECTIVE_FPOINT, // invalid floating point in directive 109 | KS_ERR_ASM_DIRECTIVE_UNKNOWN, // unknown directive 110 | KS_ERR_ASM_DIRECTIVE_EQU, // invalid equal directive 111 | KS_ERR_ASM_DIRECTIVE_INVALID, // (generic) invalid directive 112 | KS_ERR_ASM_VARIANT_INVALID, // invalid variant 113 | KS_ERR_ASM_EXPR_BRACKET, // brackets expression not supported on this target 114 | KS_ERR_ASM_SYMBOL_MODIFIER, // unexpected symbol modifier following '@' 115 | KS_ERR_ASM_SYMBOL_REDEFINED, // invalid symbol redefinition 116 | KS_ERR_ASM_SYMBOL_MISSING, // cannot find a symbol 117 | KS_ERR_ASM_RPAREN, // expected ')' in parentheses expression 118 | KS_ERR_ASM_STAT_TOKEN, // unexpected token at start of statement 119 | KS_ERR_ASM_UNSUPPORTED, // unsupported token yet 120 | KS_ERR_ASM_MACRO_TOKEN, // unexpected token in macro instantiation 121 | KS_ERR_ASM_MACRO_PAREN, // unbalanced parentheses in macro argument 122 | KS_ERR_ASM_MACRO_EQU, // expected '=' after formal parameter identifier 123 | KS_ERR_ASM_MACRO_ARGS, // too many positional arguments 124 | KS_ERR_ASM_MACRO_LEVELS_EXCEED, // macros cannot be nested more than 20 levels deep 125 | KS_ERR_ASM_MACRO_STR, // invalid macro string 126 | KS_ERR_ASM_MACRO_INVALID, // invalid macro (generic error) 127 | KS_ERR_ASM_ESC_BACKSLASH, // unexpected backslash at end of escaped string 128 | KS_ERR_ASM_ESC_OCTAL, // invalid octal escape sequence (out of range) 129 | KS_ERR_ASM_ESC_SEQUENCE, // invalid escape sequence (unrecognized character) 130 | KS_ERR_ASM_ESC_STR, // broken escape string 131 | KS_ERR_ASM_TOKEN_INVALID, // invalid token 132 | KS_ERR_ASM_INSN_UNSUPPORTED, // this instruction is unsupported in this mode 133 | KS_ERR_ASM_FIXUP_INVALID, // invalid fixup 134 | KS_ERR_ASM_LABEL_INVALID, // invalid label 135 | KS_ERR_ASM_FRAGMENT_INVALID, // invalid fragment 136 | 137 | // generic input assembly errors - architecture specific 138 | KS_ERR_ASM_INVALIDOPERAND = KS_ERR_ASM_ARCH, 139 | KS_ERR_ASM_MISSINGFEATURE, 140 | KS_ERR_ASM_MNEMONICFAIL, 141 | } ks_err; 142 | 143 | 144 | // Runtime option for the Keystone engine 145 | typedef enum ks_opt_type { 146 | KS_OPT_SYNTAX = 1, // Choose syntax for input assembly 147 | } ks_opt_type; 148 | 149 | 150 | // Runtime option value (associated with ks_opt_type above) 151 | typedef enum ks_opt_value { 152 | KS_OPT_SYNTAX_INTEL = 1 << 0, // X86 Intel syntax - default on X86 (KS_OPT_SYNTAX). 153 | KS_OPT_SYNTAX_ATT = 1 << 1, // X86 ATT asm syntax (KS_OPT_SYNTAX). 154 | KS_OPT_SYNTAX_NASM = 1 << 2, // X86 Nasm syntax (KS_OPT_SYNTAX). 155 | KS_OPT_SYNTAX_MASM = 1 << 3, // X86 Masm syntax (KS_OPT_SYNTAX) - unsupported yet. 156 | KS_OPT_SYNTAX_GAS = 1 << 4, // X86 GNU GAS syntax (KS_OPT_SYNTAX). 157 | } ks_opt_value; 158 | 159 | 160 | #include "arm64.h" 161 | #include "arm.h" 162 | #include "hexagon.h" 163 | #include "mips.h" 164 | #include "ppc.h" 165 | #include "sparc.h" 166 | #include "systemz.h" 167 | #include "x86.h" 168 | 169 | /* 170 | Return combined API version & major and minor version numbers. 171 | 172 | @major: major number of API version 173 | @minor: minor number of API version 174 | 175 | @return hexical number as (major << 8 | minor), which encodes both 176 | major & minor versions. 177 | NOTE: This returned value can be compared with version number made 178 | with macro KS_MAKE_VERSION 179 | 180 | For example, second API version would return 1 in @major, and 1 in @minor 181 | The return value would be 0x0101 182 | 183 | NOTE: if you only care about returned value, but not major and minor values, 184 | set both @major & @minor arguments to NULL. 185 | */ 186 | KEYSTONE_EXPORT 187 | unsigned int ks_version(unsigned int *major, unsigned int *minor); 188 | 189 | 190 | /* 191 | Determine if the given architecture is supported by this library. 192 | 193 | @arch: architecture type (KS_ARCH_*) 194 | 195 | @return True if this library supports the given arch. 196 | */ 197 | KEYSTONE_EXPORT 198 | bool ks_arch_supported(ks_arch arch); 199 | 200 | 201 | /* 202 | Create new instance of Keystone engine. 203 | 204 | @arch: architecture type (KS_ARCH_*) 205 | @mode: hardware mode. This is combined of KS_MODE_* 206 | @ks: pointer to ks_engine, which will be updated at return time 207 | 208 | @return KS_ERR_OK on success, or other value on failure (refer to ks_err enum 209 | for detailed error). 210 | */ 211 | KEYSTONE_EXPORT 212 | ks_err ks_open(ks_arch arch, int mode, ks_engine **ks); 213 | 214 | 215 | /* 216 | Close KS instance: MUST do to release the handle when it is not used anymore. 217 | NOTE: this must be called only when there is no longer usage of Keystone. 218 | The reason is the this API releases some cached memory, thus access to any 219 | Keystone API after ks_close() might crash your application. 220 | After this, @ks is invalid, and nolonger usable. 221 | 222 | @ks: pointer to a handle returned by ks_open() 223 | 224 | @return KS_ERR_OK on success, or other value on failure (refer to ks_err enum 225 | for detailed error). 226 | */ 227 | KEYSTONE_EXPORT 228 | ks_err ks_close(ks_engine *ks); 229 | 230 | 231 | /* 232 | Report the last error number when some API function fail. 233 | Like glibc's errno, ks_errno might not retain its old error once accessed. 234 | 235 | @ks: handle returned by ks_open() 236 | 237 | @return: error code of ks_err enum type (KS_ERR_*, see above) 238 | */ 239 | KEYSTONE_EXPORT 240 | ks_err ks_errno(ks_engine *ks); 241 | 242 | 243 | /* 244 | Return a string describing given error code. 245 | 246 | @code: error code (see KS_ERR_* above) 247 | 248 | @return: returns a pointer to a string that describes the error code 249 | passed in the argument @code 250 | */ 251 | KEYSTONE_EXPORT 252 | const char *ks_strerror(ks_err code); 253 | 254 | 255 | /* 256 | Set option for Keystone engine at runtime 257 | 258 | @ks: handle returned by ks_open() 259 | @type: type of option to be set 260 | @value: option value corresponding with @type 261 | 262 | @return: KS_ERR_OK on success, or other value on failure. 263 | Refer to ks_err enum for detailed error. 264 | */ 265 | KEYSTONE_EXPORT 266 | ks_err ks_option(ks_engine *ks, ks_opt_type type, size_t value); 267 | 268 | 269 | /* 270 | Assemble a string given its the buffer, size, start address and number 271 | of instructions to be decoded. 272 | This API dynamically allocate memory to contain assembled instruction. 273 | Resulted array of bytes containing the machine code is put into @*encoding 274 | 275 | NOTE 1: this API will automatically determine memory needed to contain 276 | output bytes in *encoding. 277 | 278 | NOTE 2: caller must free the allocated memory itself to avoid memory leaking. 279 | 280 | @ks: handle returned by ks_open() 281 | @str: NULL-terminated assembly string. Use ; or \n to separate statements. 282 | @address: address of the first assembly instruction, or 0 to ignore. 283 | @encoding: array of bytes containing encoding of input assembly string. 284 | NOTE: *encoding will be allocated by this function, and should be freed 285 | with ks_free() function. 286 | @encoding_size: size of *encoding 287 | @stat_count: number of statements successfully processed 288 | 289 | @return: 0 on success, or -1 on failure. 290 | 291 | On failure, call ks_errno() for error code. 292 | */ 293 | KEYSTONE_EXPORT 294 | int ks_asm(ks_engine *ks, 295 | const char *string, 296 | uint64_t address, 297 | unsigned char **encoding, size_t *encoding_size, 298 | size_t *stat_count); 299 | 300 | 301 | /* 302 | Free memory allocated by ks_asm() 303 | 304 | @p: memory allocated in @encoding argument of ks_asm() 305 | */ 306 | KEYSTONE_EXPORT 307 | void ks_free(unsigned char *p); 308 | 309 | 310 | #ifdef __cplusplus 311 | } 312 | #endif 313 | 314 | #endif 315 | -------------------------------------------------------------------------------- /Lexa/keystone/mips.h: -------------------------------------------------------------------------------- 1 | /* Keystone Assembler Engine */ 2 | /* By Nguyen Anh Quynh, 2016 */ 3 | 4 | #ifndef KEYSTONE_MIPS_H 5 | #define KEYSTONE_MIPS_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "keystone.h" 12 | 13 | typedef enum ks_err_asm_mips { 14 | KS_ERR_ASM_MIPS_INVALIDOPERAND = KS_ERR_ASM_ARCH, 15 | KS_ERR_ASM_MIPS_MISSINGFEATURE, 16 | KS_ERR_ASM_MIPS_MNEMONICFAIL, 17 | } ks_err_asm_mips; 18 | 19 | #ifdef __cplusplus 20 | } 21 | #endif 22 | 23 | #endif 24 | -------------------------------------------------------------------------------- /Lexa/keystone/ppc.h: -------------------------------------------------------------------------------- 1 | /* Keystone Assembler Engine */ 2 | /* By Nguyen Anh Quynh, 2016 */ 3 | 4 | #ifndef KEYSTONE_PPC_H 5 | #define KEYSTONE_PPC_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "keystone.h" 12 | 13 | typedef enum ks_err_asm_ppc { 14 | KS_ERR_ASM_PPC_INVALIDOPERAND = KS_ERR_ASM_ARCH, 15 | KS_ERR_ASM_PPC_MISSINGFEATURE, 16 | KS_ERR_ASM_PPC_MNEMONICFAIL, 17 | } ks_err_asm_ppc; 18 | 19 | 20 | #ifdef __cplusplus 21 | } 22 | #endif 23 | 24 | #endif 25 | -------------------------------------------------------------------------------- /Lexa/keystone/sparc.h: -------------------------------------------------------------------------------- 1 | /* Keystone Assembler Engine */ 2 | /* By Nguyen Anh Quynh, 2016 */ 3 | 4 | #ifndef KEYSTONE_SPARC_H 5 | #define KEYSTONE_SPARC_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "keystone.h" 12 | 13 | typedef enum ks_err_asm_sparc { 14 | KS_ERR_ASM_SPARC_INVALIDOPERAND = KS_ERR_ASM_ARCH, 15 | KS_ERR_ASM_SPARC_MISSINGFEATURE, 16 | KS_ERR_ASM_SPARC_MNEMONICFAIL, 17 | } ks_err_asm_sparc; 18 | 19 | 20 | #ifdef __cplusplus 21 | } 22 | #endif 23 | 24 | #endif 25 | -------------------------------------------------------------------------------- /Lexa/keystone/systemz.h: -------------------------------------------------------------------------------- 1 | /* Keystone Assembler Engine */ 2 | /* By Nguyen Anh Quynh, 2016 */ 3 | 4 | #ifndef KEYSTONE_SYSTEMZ_H 5 | #define KEYSTONE_SYSTEMZ_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "keystone.h" 12 | 13 | typedef enum ks_err_asm_systemz { 14 | KS_ERR_ASM_SYSTEMZ_INVALIDOPERAND = KS_ERR_ASM_ARCH, 15 | KS_ERR_ASM_SYSTEMZ_MISSINGFEATURE, 16 | KS_ERR_ASM_SYSTEMZ_MNEMONICFAIL, 17 | } ks_err_asm_systemz; 18 | 19 | 20 | #ifdef __cplusplus 21 | } 22 | #endif 23 | 24 | #endif 25 | -------------------------------------------------------------------------------- /Lexa/keystone/x86.h: -------------------------------------------------------------------------------- 1 | /* Keystone Assembler Engine */ 2 | /* By Nguyen Anh Quynh, 2016 */ 3 | 4 | #ifndef KEYSTONE_X86_H 5 | #define KEYSTONE_X86_H 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #include "keystone.h" 12 | 13 | typedef enum ks_err_asm_x86 { 14 | KS_ERR_ASM_X86_INVALIDOPERAND = KS_ERR_ASM_ARCH, 15 | KS_ERR_ASM_X86_MISSINGFEATURE, 16 | KS_ERR_ASM_X86_MNEMONICFAIL, 17 | } ks_err_asm_x86; 18 | 19 | #ifdef __cplusplus 20 | } 21 | #endif 22 | 23 | #endif 24 | -------------------------------------------------------------------------------- /Lexa/misc.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | #pragma warning(disable:4996) 4 | #define getNtHdr(buf) ((IMAGE_NT_HEADERS*)((size_t)buf + ((IMAGE_DOS_HEADER *)buf)->e_lfanew )) 5 | #define getSectionArr(buf) ((IMAGE_SECTION_HEADER *)((size_t)buf + ((IMAGE_DOS_HEADER *)buf)->e_lfanew + sizeof(IMAGE_NT_HEADERS))) 6 | unsigned int getExeSizeByLastestSection(char* buf) { 7 | IMAGE_NT_HEADERS* ntHdr = getNtHdr(buf); 8 | IMAGE_SECTION_HEADER* sectionHdr = getSectionArr(buf); 9 | unsigned int currInputExeSize( 10 | sectionHdr[ntHdr->FileHeader.NumberOfSections - 1].PointerToRawData + \ 11 | sectionHdr[ntHdr->FileHeader.NumberOfSections - 1].SizeOfRawData 12 | ); 13 | return currInputExeSize; 14 | } 15 | 16 | 17 | bool readBinFile(const char fileName[], char** bufPtr, DWORD &length) { 18 | if (FILE* fp = fopen(fileName, "rb")) { 19 | fseek(fp, 0, SEEK_END); 20 | length = ftell(fp); 21 | *bufPtr = new char[length + 1]; 22 | fseek(fp, 0, SEEK_SET); 23 | fread(*bufPtr, sizeof(char), length, fp); 24 | return true; 25 | } 26 | else return false; 27 | } 28 | bool dumpMappedImgBin(char*buf, BYTE* &mappedImg, size_t* imgSize) { 29 | PIMAGE_SECTION_HEADER stectionArr = getSectionArr(buf); 30 | *imgSize = getNtHdr(buf)->OptionalHeader.SizeOfImage; // start with the first section data. 31 | mappedImg = (BYTE*)VirtualAlloc(0, *imgSize, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE); 32 | memset(mappedImg, 0, *imgSize); 33 | memcpy(mappedImg, buf, getNtHdr(buf)->OptionalHeader.SizeOfHeaders); 34 | 35 | for (size_t i = 0; i < getNtHdr(buf)->FileHeader.NumberOfSections; i++) 36 | memcpy(mappedImg + stectionArr[i].VirtualAddress, buf + stectionArr[i].PointerToRawData, stectionArr[i].SizeOfRawData); 37 | return true; 38 | } 39 | 40 | deque enumExecSecnHdr(BYTE* fileData) 41 | { 42 | deque executableScnHdr = deque(); 43 | for (IMAGE_SECTION_HEADER* sectionHdr = getSectionArr(fileData); *sectionHdr->Name; sectionHdr++) 44 | if (sectionHdr->Characteristics & IMAGE_SCN_MEM_EXECUTE) 45 | executableScnHdr.push_back(sectionHdr); 46 | 47 | return executableScnHdr; 48 | } -------------------------------------------------------------------------------- /Lexa/pch.cpp: -------------------------------------------------------------------------------- 1 | // pch.cpp: 對應到先行編譯過之標頭的來源檔案; 編譯需要此才可成功 2 | 3 | #include "pch.h" 4 | 5 | // 一般會略過此檔案,但若您目前正使用先行編譯過的標頭,則會先保留該檔案。 6 | -------------------------------------------------------------------------------- /Lexa/pch.h: -------------------------------------------------------------------------------- 1 | // 開始使用的秘訣: 2 | // 1. 使用 [方案總管] 視窗,新增/管理檔案 3 | // 2. 使用 [Team Explorer] 視窗,連線到原始檔控制 4 | // 3. 使用 [輸出] 視窗,參閱組建輸出與其他訊息 5 | // 4. 使用 [錯誤清單] 視窗,檢視錯誤 6 | // 5. 前往 [專案] > [新增項目],建立新的程式碼檔案,或是前往 [專案] > [新增現有項目],將現有程式碼檔案新增至專案 7 | // 6. 之後要再次開啟此專案時,請前往 [檔案] > [開啟] > [專案],然後選取 .sln 檔案 8 | 9 | #ifndef PCH_H 10 | #define PCH_H 11 | 12 | // TODO: 請於此新增您要先行編譯的標頭 13 | 14 | #endif //PCH_H 15 | -------------------------------------------------------------------------------- /Lexa/reloc.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include 3 | 4 | typedef struct _BASE_RELOCATION_ENTRY { 5 | WORD Offset : 12; 6 | WORD Type : 4; 7 | } BASE_RELOCATION_ENTRY; 8 | 9 | #define RELOC_32BIT_FIELD 3 10 | 11 | #define getNtHdr(buf) ((IMAGE_NT_HEADERS*)((size_t)buf + ((IMAGE_DOS_HEADER *)buf)->e_lfanew )) 12 | #define getSectionArr(buf) ((IMAGE_SECTION_HEADER *)((size_t)buf + ((IMAGE_DOS_HEADER *)buf)->e_lfanew + sizeof(IMAGE_NT_HEADERS))) 13 | 14 | bool applyReloc(ULONGLONG newBase, ULONGLONG oldBase, SIZE_T moduleSize) 15 | { 16 | PIMAGE_DATA_DIRECTORY relocDir = &getNtHdr(newBase)->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC]; 17 | if (relocDir == NULL) /* Cannot relocate - application have no relocation table */ 18 | return false; 19 | 20 | size_t maxSize = relocDir->Size; 21 | size_t relocAddr = relocDir->VirtualAddress; 22 | IMAGE_BASE_RELOCATION* reloc = NULL; 23 | size_t parsedSize = 0; 24 | for (; parsedSize < maxSize; parsedSize += reloc->SizeOfBlock) { 25 | reloc = (IMAGE_BASE_RELOCATION*)(relocAddr + parsedSize + size_t(newBase)); 26 | 27 | if (reloc->VirtualAddress == NULL || reloc->SizeOfBlock == 0) 28 | break; 29 | 30 | size_t entriesNum = (reloc->SizeOfBlock - sizeof(IMAGE_BASE_RELOCATION)) / sizeof(BASE_RELOCATION_ENTRY); 31 | size_t page = reloc->VirtualAddress; 32 | 33 | BASE_RELOCATION_ENTRY* entry = (BASE_RELOCATION_ENTRY*)(size_t(reloc) + sizeof(IMAGE_BASE_RELOCATION)); 34 | for (size_t i = 0; i < entriesNum; i++, entry++) { 35 | size_t offset = entry->Offset; 36 | size_t type = entry->Type; 37 | size_t reloc_field = page + offset; 38 | if (entry == NULL || type == 0) 39 | break; 40 | if (type != RELOC_32BIT_FIELD) { 41 | printf(" [!] Not supported relocations format at %d: %d\n", (int)i, (int)type); 42 | return false; 43 | } 44 | if (reloc_field >= moduleSize) { 45 | printf(" [-] Out of Bound Field: %lx\n", reloc_field); 46 | return false; 47 | } 48 | 49 | size_t* relocateAddr = (size_t*)(size_t(newBase) + reloc_field); 50 | //printf(" [V] Apply Reloc Field at %x\n", relocateAddr); 51 | (*relocateAddr) = ((*relocateAddr) - oldBase + newBase); 52 | } 53 | } 54 | return (parsedSize != 0); 55 | } 56 | 57 | 58 | deque getRelocFieldArr(ULONGLONG modulePtr, SIZE_T moduleSize) 59 | { 60 | deque ret = deque(); 61 | PIMAGE_DATA_DIRECTORY relocDir = &getNtHdr(modulePtr)->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC]; 62 | if (relocDir == NULL) return ret; 63 | 64 | size_t maxSize = relocDir->Size; 65 | size_t relocAddr = relocDir->VirtualAddress; 66 | IMAGE_BASE_RELOCATION* reloc = NULL; 67 | size_t parsedSize = 0; 68 | for (; parsedSize < maxSize; parsedSize += reloc->SizeOfBlock) { 69 | reloc = (IMAGE_BASE_RELOCATION*)(relocAddr + parsedSize + size_t(modulePtr)); 70 | 71 | if (reloc->VirtualAddress == NULL || reloc->SizeOfBlock == 0) 72 | break; 73 | 74 | size_t entriesNum = (reloc->SizeOfBlock - sizeof(IMAGE_BASE_RELOCATION)) / sizeof(BASE_RELOCATION_ENTRY); 75 | size_t page = reloc->VirtualAddress; 76 | 77 | BASE_RELOCATION_ENTRY* entry = (BASE_RELOCATION_ENTRY*)(size_t(reloc) + sizeof(IMAGE_BASE_RELOCATION)); 78 | for (size_t i = 0; i < entriesNum; i++, entry++) { 79 | size_t reloc_field = page + entry->Offset; 80 | if (entry == NULL || entry->Type == 0) break; 81 | if (entry->Type != RELOC_32BIT_FIELD) return ret; 82 | if (reloc_field >= moduleSize) return ret; 83 | size_t relocateAddr = (size_t(modulePtr) + reloc_field); 84 | ret.push_back(relocateAddr); 85 | } 86 | } 87 | return ret; 88 | } 89 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Lexa 2 | ![](https://github.com/aaaddress1/Lexa/blob/master/lexa.jpg?raw=true) 3 | 4 | It's an experimental PoC to build up a minimum application Loader, used for running \*.EXE in Memory against Scrylla 5 | 6 | ![](https://github.com/aaaddress1/Lexa/blob/master/Screen%20Shot%202019-11-22%20at%2010.13.58%20PM.png?raw=true) 7 | -------------------------------------------------------------------------------- /Screen Shot 2019-11-22 at 10.13.58 PM.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aaaddress1/Lexa/ea4ad34c577f2bc43bcfcb4b6d1c158177e4f5d9/Screen Shot 2019-11-22 at 10.13.58 PM.png -------------------------------------------------------------------------------- /lexa.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aaaddress1/Lexa/ea4ad34c577f2bc43bcfcb4b6d1c158177e4f5d9/lexa.jpg --------------------------------------------------------------------------------