From 972fc8baf60ee23e38e42467acff180148906046 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Mon, 19 Jun 2023 11:31:54 -0500 Subject: [PATCH 001/106] [REVERT ME] Add auto-sync Capstone --- meson_options.txt | 2 +- subprojects/capstone-auto-sync-arm.wrap | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 subprojects/capstone-auto-sync-arm.wrap diff --git a/meson_options.txt b/meson_options.txt index 3f463091bc0..1c1ed0f347e 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -20,7 +20,7 @@ option('rizin_bindings', type: 'string', value: '', description: 'Path where riz option('checks_level', type: 'integer', value: 9999, description: 'Value between 0 and 3 to enable different level of assert (see RZ_CHECKS_LEVEL). By default its value depends on buildtype (2 on debug, 1 on release).') option('use_sys_capstone', type: 'feature', value: 'disabled') -option('use_capstone_version', type: 'combo', choices: ['v3', 'v4', 'v5', 'next'], value: 'next', description: 'Specify which version of capstone to use') +option('use_capstone_version', type: 'combo', choices: ['v3', 'v4', 'v5', 'next', 'auto-sync-arm'], value: 'auto-sync-arm', description: 'Specify which version of capstone to use') option('use_sys_magic', type: 'feature', value: 'disabled') option('use_sys_libzip', type: 'feature', value: 'disabled') option('use_sys_libzip_openssl', type: 'boolean', value: false, description: 'Whether to use or not system openssl dependency to build libzip') diff --git a/subprojects/capstone-auto-sync-arm.wrap b/subprojects/capstone-auto-sync-arm.wrap new file mode 100644 index 00000000000..518a7c6bf20 --- /dev/null +++ b/subprojects/capstone-auto-sync-arm.wrap @@ -0,0 +1,5 @@ +[wrap-git] +url = https://github.com/Rot127/capstone.git +revision = auto-sync +directory = capstone-auto-sync-arm +depth = 1 From 3ccd09c158ec72cf7f9d366acf0f05ae4402dfb2 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Mon, 19 Jun 2023 11:32:23 -0500 Subject: [PATCH 002/106] Fix ARM identifiers and API changes. --- librz/analysis/arch/arm/arm_accessors32.h | 2 +- librz/analysis/arch/arm/arm_esil32.c | 64 +++++++------- librz/analysis/arch/arm/arm_il32.c | 52 ++++++----- librz/analysis/p/analysis_arm_cs.c | 103 ++++++++-------------- librz/asm/p/asm_arm_cs.c | 44 +-------- 5 files changed, 97 insertions(+), 168 deletions(-) diff --git a/librz/analysis/arch/arm/arm_accessors32.h b/librz/analysis/arch/arm/arm_accessors32.h index 6b9127e9a4d..cf6e88c44e3 100644 --- a/librz/analysis/arch/arm/arm_accessors32.h +++ b/librz/analysis/arch/arm/arm_accessors32.h @@ -38,6 +38,6 @@ SHIFTTYPE(x) == ARM_SFT_RRX_REG) #define SHIFTVALUE(x) insn->detail->arm.operands[x].shift.value -#define ISWRITEBACK32() insn->detail->arm.writeback +#define ISWRITEBACK32() insn->detail->writeback #define ISPREINDEX32() (((OPCOUNT() == 2) && (ISMEM(1)) && (ISWRITEBACK32())) || ((OPCOUNT() == 3) && (ISMEM(2)) && (ISWRITEBACK32()))) #define ISPOSTINDEX32() (((OPCOUNT() == 3) && (ISIMM(2) || ISREG(2)) && (ISWRITEBACK32())) || ((OPCOUNT() == 4) && (ISIMM(3) || ISREG(3)) && (ISWRITEBACK32()))) diff --git a/librz/analysis/arch/arm/arm_esil32.c b/librz/analysis/arch/arm/arm_esil32.c index 385d39f04c1..e171222298b 100644 --- a/librz/analysis/arch/arm/arm_esil32.c +++ b/librz/analysis/arch/arm/arm_esil32.c @@ -66,65 +66,65 @@ RZ_IPI const char *rz_arm_cs_esil_prefix_cond(RzAnalysisOp *op, int cond_type) { close_cond[1] = ",}"; int close_type = 0; switch (cond_type) { - case ARM_CC_EQ: + case ARMCC_EQ: close_type = 1; rz_strbuf_setf(&op->esil, "zf,?{,"); break; - case ARM_CC_NE: + case ARMCC_NE: close_type = 1; rz_strbuf_setf(&op->esil, "zf,!,?{,"); break; - case ARM_CC_HS: + case ARMCC_HS: close_type = 1; rz_strbuf_setf(&op->esil, "cf,?{,"); break; - case ARM_CC_LO: + case ARMCC_LO: close_type = 1; rz_strbuf_setf(&op->esil, "cf,!,?{,"); break; - case ARM_CC_MI: + case ARMCC_MI: close_type = 1; rz_strbuf_setf(&op->esil, "nf,?{,"); break; - case ARM_CC_PL: + case ARMCC_PL: close_type = 1; rz_strbuf_setf(&op->esil, "nf,!,?{,"); break; - case ARM_CC_VS: + case ARMCC_VS: close_type = 1; rz_strbuf_setf(&op->esil, "vf,?{,"); break; - case ARM_CC_VC: + case ARMCC_VC: close_type = 1; rz_strbuf_setf(&op->esil, "vf,!,?{,"); break; - case ARM_CC_HI: + case ARMCC_HI: close_type = 1; rz_strbuf_setf(&op->esil, "cf,zf,!,&,?{,"); break; - case ARM_CC_LS: + case ARMCC_LS: close_type = 1; rz_strbuf_setf(&op->esil, "cf,!,zf,|,?{,"); break; - case ARM_CC_GE: + case ARMCC_GE: close_type = 1; rz_strbuf_setf(&op->esil, "nf,vf,^,!,?{,"); break; - case ARM_CC_LT: + case ARMCC_LT: close_type = 1; rz_strbuf_setf(&op->esil, "nf,vf,^,?{,"); break; - case ARM_CC_GT: + case ARMCC_GT: // zf == 0 && nf == vf close_type = 1; rz_strbuf_setf(&op->esil, "zf,!,nf,vf,^,!,&,?{,"); break; - case ARM_CC_LE: + case ARMCC_LE: // zf == 1 || nf != vf close_type = 1; rz_strbuf_setf(&op->esil, "zf,nf,vf,^,|,?{,"); break; - case ARM_CC_AL: + case ARMCC_AL: // always executed break; default: @@ -391,7 +391,7 @@ PUSH { r4, r5, r6, r7, lr } rz_strbuf_appendf(&op->esil, "%s,%s,%d,+,=[4],", REG(i), ARG(0), (i + offset) * 4); } - if (insn->detail->arm.writeback == true) { // writeback, reg should be incremented + if (insn->detail->writeback == true) { // writeback, reg should be incremented rz_strbuf_appendf(&op->esil, "%d,%s,+=,", direction * (insn->detail->arm.op_count - 1) * 4, ARG(0)); } @@ -406,7 +406,7 @@ PUSH { r4, r5, r6, r7, lr } width += REGSIZE32(i); } // increment if writeback - if (insn->detail->arm.writeback) { + if (insn->detail->writeback) { rz_strbuf_appendf(&op->esil, "%d,%s,+=,", width, ARG(0)); } break; @@ -430,7 +430,7 @@ PUSH { r4, r5, r6, r7, lr } width += REGSIZE32(i); } // increment if writeback - if (insn->detail->arm.writeback) { + if (insn->detail->writeback) { rz_strbuf_appendf(&op->esil, "%d,%s,+=,", width, ARG(0)); } break; @@ -489,7 +489,7 @@ r6,r5,r4,3,sp,[*],12,sp,+= for (i = 1; i < insn->detail->arm.op_count; i++) { rz_strbuf_appendf(&op->esil, "%s,%d,+,[4],%s,=,", ARG(0), (i + offset) * 4, REG(i)); } - if (insn->detail->arm.writeback) { + if (insn->detail->writeback) { rz_strbuf_appendf(&op->esil, "%d,%s,+=,", direction * (insn->detail->arm.op_count - 1) * 4, ARG(0)); } @@ -552,7 +552,7 @@ r6,r5,r4,3,sp,[*],12,sp,+= disp = disp >= 0 ? disp : -disp; rz_strbuf_appendf(&op->esil, "%s,0x%x,%s,%c,0xffffffff,&,=[%d]", REG(0), disp, MEMBASE(1), sign, str_ldr_bytes); - if (insn->detail->arm.writeback) { + if (insn->detail->writeback) { rz_strbuf_appendf(&op->esil, ",%d,%s,%c,%s,=", disp, MEMBASE(1), sign, MEMBASE(1)); } @@ -563,7 +563,7 @@ r6,r5,r4,3,sp,[*],12,sp,+= case ARM_SFT_LSL: rz_strbuf_appendf(&op->esil, "%s,%s,%d,%s,<<,+,0xffffffff,&,=[%d]", REG(0), MEMBASE(1), SHIFTVALUE(1), MEMINDEX(1), str_ldr_bytes); - if (insn->detail->arm.writeback) { // e.g. 'str r2, [r3, r1, lsl 4]!' + if (insn->detail->writeback) { // e.g. 'str r2, [r3, r1, lsl 4]!' rz_strbuf_appendf(&op->esil, ",%s,%d,%s,<<,+,%s,=", MEMBASE(1), SHIFTVALUE(1), MEMINDEX(1), MEMBASE(1)); } @@ -571,7 +571,7 @@ r6,r5,r4,3,sp,[*],12,sp,+= case ARM_SFT_LSR: rz_strbuf_appendf(&op->esil, "%s,%s,%d,%s,>>,+,0xffffffff,&,=[%d]", REG(0), MEMBASE(1), SHIFTVALUE(1), MEMINDEX(1), str_ldr_bytes); - if (insn->detail->arm.writeback) { + if (insn->detail->writeback) { rz_strbuf_appendf(&op->esil, ",%s,%d,%s,>>,+,%s,=", MEMBASE(1), SHIFTVALUE(1), MEMINDEX(1), MEMBASE(1)); } @@ -579,7 +579,7 @@ r6,r5,r4,3,sp,[*],12,sp,+= case ARM_SFT_ASR: rz_strbuf_appendf(&op->esil, "%s,%s,%d,%s,>>>>,+,0xffffffff,&,=[%d]", REG(0), MEMBASE(1), SHIFTVALUE(1), MEMINDEX(1), str_ldr_bytes); - if (insn->detail->arm.writeback) { + if (insn->detail->writeback) { rz_strbuf_appendf(&op->esil, ",%s,%d,%s,>>>>,+,%s,=", MEMBASE(1), SHIFTVALUE(1), MEMINDEX(1), MEMBASE(1)); } @@ -587,7 +587,7 @@ r6,r5,r4,3,sp,[*],12,sp,+= case ARM_SFT_ROR: rz_strbuf_appendf(&op->esil, "%s,%s,%d,%s,>>>,+,0xffffffff,&,=[%d]", REG(0), MEMBASE(1), SHIFTVALUE(1), MEMINDEX(1), str_ldr_bytes); - if (insn->detail->arm.writeback) { + if (insn->detail->writeback) { rz_strbuf_appendf(&op->esil, ",%s,%d,%s,>>>,+,%s,=", MEMBASE(1), SHIFTVALUE(1), MEMINDEX(1), MEMBASE(1)); } @@ -602,7 +602,7 @@ r6,r5,r4,3,sp,[*],12,sp,+= } else { // No shift rz_strbuf_appendf(&op->esil, "%s,%s,%s,+,0xffffffff,&,=[%d]", REG(0), MEMINDEX(1), MEMBASE(1), str_ldr_bytes); - if (insn->detail->arm.writeback) { + if (insn->detail->writeback) { rz_strbuf_appendf(&op->esil, ",%s,%s,+,%s,=", MEMINDEX(1), MEMBASE(1), MEMBASE(1)); } @@ -651,7 +651,7 @@ r6,r5,r4,3,sp,[*],12,sp,+= disp = disp >= 0 ? disp : -disp; rz_strbuf_appendf(&op->esil, "%s,%d,%s,%c,0xffffffff,&,=[4],%s,4,%d,+,%s,%c,0xffffffff,&,=[4]", REG(0), disp, MEMBASE(2), sign, REG(1), disp, MEMBASE(2), sign); - if (insn->detail->arm.writeback) { + if (insn->detail->writeback) { rz_strbuf_appendf(&op->esil, ",%d,%s,%c,%s,=", disp, MEMBASE(2), sign, MEMBASE(2)); } @@ -659,10 +659,10 @@ r6,r5,r4,3,sp,[*],12,sp,+= if (ISSHIFTED(2)) { // it seems strd does not support SHIFT which is good, but have a check nonetheless } else { - rz_strbuf_appendf(&op->esil, "%s,%s,+,0xffffffff,&,=[4],%s,4,%s,+,0xffffffff,&,=[4]", - REG(0), MEMBASE(2), REG(1), MEMBASE(2)); + const char sign = ISMEMINDEXSUB(2) ? '-' : '+'; + rz_strbuf_appendf(&op->esil, "%s,%s,%s,%c,0xffffffff,&,=[4],%s,4,%s,+,%s,%c,0xffffffff,&,=[4]", + REG(0), MEMINDEX(2), MEMBASE(2), sign, REG(1), MEMINDEX(2), MEMBASE(2), sign); if (insn->detail->arm.writeback) { - const char sign = ISMEMINDEXSUB(2) ? '-' : '+'; rz_strbuf_appendf(&op->esil, ",%s,%s,%c=", MEMINDEX(2), MEMBASE(2), sign); } @@ -730,7 +730,7 @@ r6,r5,r4,3,sp,[*],12,sp,+= rz_strbuf_appendf(&op->esil, "%d,%s,+,0xffffffff,&,DUP,[4],%s,=,4,+,[4],%s,=", MEMDISP(2), MEMBASE(2), REG(0), REG(1)); } - if (insn->detail->arm.writeback) { + if (insn->detail->writeback) { if (ISPOSTINDEX32()) { if (ISIMM(3)) { rz_strbuf_appendf(&op->esil, ",%s,%d,+,%s,=", @@ -765,7 +765,7 @@ r6,r5,r4,3,sp,[*],12,sp,+= rz_strbuf_appendf(&op->esil, "%s,%d,+,[1],%s,=", MEMBASE(1), MEMDISP(1), REG(0)); } - if (insn->detail->arm.writeback) { + if (insn->detail->writeback) { if (ISIMM(2)) { rz_strbuf_appendf(&op->esil, ",%s,%d,+,%s,=", MEMBASE(1), IMM(2), MEMBASE(1)); @@ -858,7 +858,7 @@ r6,r5,r4,3,sp,[*],12,sp,+= rz_strbuf_appendf(&op->esil, "%d,%s,+,0xffffffff,&,[4],0x%x,&,%s,=", MEMDISP(1), MEMBASE(1), mask, REG(0)); } - if (insn->detail->arm.writeback) { + if (insn->detail->writeback) { if (ISIMM(2)) { rz_strbuf_appendf(&op->esil, ",%s,%d,+,%s,=", MEMBASE(1), IMM(2), MEMBASE(1)); diff --git a/librz/analysis/arch/arm/arm_il32.c b/librz/analysis/arch/arm/arm_il32.c index 00d7ccf602f..8bea27e57ff 100644 --- a/librz/analysis/arch/arm/arm_il32.c +++ b/librz/analysis/arch/arm/arm_il32.c @@ -283,37 +283,37 @@ static RzILOpEffect *write_reg(arm_reg reg, RZ_OWN RZ_NONNULL RzILOpBitVector *v * IL for arm condition * unconditional is returned as NULL (rather than true), for simpler code */ -static RZ_NULLABLE RzILOpBool *cond(arm_cc c) { +static RZ_NULLABLE RzILOpBool *cond(ARMCC_CondCodes c) { switch (c) { - case ARM_CC_EQ: + case ARMCC_EQ: return VARG("zf"); - case ARM_CC_NE: + case ARMCC_NE: return INV(VARG("zf")); - case ARM_CC_HS: + case ARMCC_HS: return VARG("cf"); - case ARM_CC_LO: + case ARMCC_LO: return INV(VARG("cf")); - case ARM_CC_MI: + case ARMCC_MI: return VARG("nf"); - case ARM_CC_PL: + case ARMCC_PL: return INV(VARG("nf")); - case ARM_CC_VS: + case ARMCC_VS: return VARG("vf"); - case ARM_CC_VC: + case ARMCC_VC: return INV(VARG("vf")); - case ARM_CC_HI: + case ARMCC_HI: return AND(VARG("cf"), INV(VARG("zf"))); - case ARM_CC_LS: + case ARMCC_LS: return OR(INV(VARG("cf")), VARG("zf")); - case ARM_CC_GE: + case ARMCC_GE: return INV(XOR(VARG("nf"), VARG("vf"))); - case ARM_CC_LT: + case ARMCC_LT: return XOR(VARG("nf"), VARG("vf")); - case ARM_CC_GT: + case ARMCC_GT: return AND(INV(VARG("zf")), INV(XOR(VARG("nf"), VARG("vf")))); - case ARM_CC_LE: + case ARMCC_LE: return OR(VARG("zf"), XOR(VARG("nf"), VARG("vf"))); - case ARM_CC_AL: + case ARMCC_AL: default: return NULL; } @@ -806,7 +806,7 @@ static RzILOpEffect *ldr(cs_insn *insn, bool is_thumb) { if (!addr) { return NULL; } - bool writeback = insn->detail->arm.writeback; + bool writeback = insn->detail->writeback; if (ISIMM(mem_idx + 1)) { // capstone incorrectly sets writeback to false for e.g. 0400b1e4 ldrt r0, [r1], 4 writeback = true; @@ -895,7 +895,7 @@ static RzILOpEffect *str(cs_insn *insn, bool is_thumb) { if (!addr) { return NULL; } - bool writeback = insn->detail->arm.writeback; + bool writeback = insn->detail->writeback; if (ISIMM(mem_idx + 1)) { // capstone incorrectly sets writeback to false for e.g. 04b0ade4 strt fp, [sp], 4 writeback = true; @@ -1199,7 +1199,7 @@ static RzILOpEffect *stm(cs_insn *insn, bool is_thumb) { size_t op_first; arm_reg ptr_reg; bool writeback; - if (insn->id == ARM_INS_PUSH || insn->id == ARM_INS_VPUSH) { + if (insn->id == ARM_INS_PUSH) { op_first = 0; ptr_reg = ARM_REG_SP; writeback = true; @@ -1209,7 +1209,7 @@ static RzILOpEffect *stm(cs_insn *insn, bool is_thumb) { } op_first = 1; ptr_reg = REGID(0); - writeback = insn->detail->arm.writeback; + writeback = insn->detail->writeback; } size_t op_count = OPCOUNT() - op_first; if (!op_count) { @@ -1220,9 +1220,9 @@ static RzILOpEffect *stm(cs_insn *insn, bool is_thumb) { return NULL; } bool decrement = insn->id == ARM_INS_STMDA || insn->id == ARM_INS_STMDB || insn->id == ARM_INS_PUSH || - insn->id == ARM_INS_VSTMDB || insn->id == ARM_INS_VPUSH; + insn->id == ARM_INS_VSTMDB; bool before = insn->id == ARM_INS_STMDB || insn->id == ARM_INS_PUSH || insn->id == ARM_INS_VSTMDB || - insn->id == ARM_INS_STMIB || insn->id == ARM_INS_VPUSH; + insn->id == ARM_INS_STMIB; ut32 regsize = reg_bits(REGID(op_first)) / 8; RzILOpEffect *eff = NULL; // build up in reverse order so the result recurses in the second arg of seq (for tail-call optimization) @@ -1260,7 +1260,7 @@ static RzILOpEffect *ldm(cs_insn *insn, bool is_thumb) { size_t op_first; arm_reg ptr_reg; bool writeback; - if (insn->id == ARM_INS_POP || insn->id == ARM_INS_VPOP) { + if (insn->id == ARM_INS_POP) { op_first = 0; ptr_reg = ARM_REG_SP; writeback = true; @@ -1270,7 +1270,7 @@ static RzILOpEffect *ldm(cs_insn *insn, bool is_thumb) { } op_first = 1; ptr_reg = REGID(0); - writeback = insn->detail->arm.writeback; + writeback = insn->detail->writeback; } size_t op_count = OPCOUNT() - op_first; if (!op_count) { @@ -1879,7 +1879,7 @@ static RzILOpEffect *rfe(cs_insn *insn, bool is_thumb) { RzILOpEffect *wb = NULL; bool wordhigher = insn->id == ARM_INS_RFEDA || insn->id == ARM_INS_RFEIB; bool increment = insn->id == ARM_INS_RFEIA || insn->id == ARM_INS_RFEIB; - if (insn->detail->arm.writeback) { + if (insn->detail->writeback) { wb = write_reg(REGID(0), increment ? ADD(DUP(base), U32(8)) : SUB(DUP(base), U32(8))); if (!wb) { @@ -4312,11 +4312,9 @@ static RzILOpEffect *il_unconditional(csh *handle, cs_insn *insn, bool is_thumb) // Advanced SIMD and Floating-point case ARM_INS_VSTMIA: case ARM_INS_VSTMDB: - case ARM_INS_VPUSH: return stm(insn, is_thumb); case ARM_INS_VLDMIA: case ARM_INS_VLDMDB: - case ARM_INS_VPOP: return ldm(insn, is_thumb); #if CS_API_MAJOR > 4 case ARM_INS_VMOVL: diff --git a/librz/analysis/p/analysis_arm_cs.c b/librz/analysis/p/analysis_arm_cs.c index 95ca7bde18f..9c4f4d39412 100644 --- a/librz/analysis/p/analysis_arm_cs.c +++ b/librz/analysis/p/analysis_arm_cs.c @@ -129,41 +129,6 @@ static const char *vector_data_type_name(arm_vectordata_type type) { } } -static const char *cc_name(arm_cc cc) { - switch (cc) { - case ARM_CC_EQ: // Equal Equal - return "eq"; - case ARM_CC_NE: // Not equal Not equal, or unordered - return "ne"; - case ARM_CC_HS: // Carry set >, ==, or unordered - return "hs"; - case ARM_CC_LO: // Carry clear Less than - return "lo"; - case ARM_CC_MI: // Minus, negative Less than - return "mi"; - case ARM_CC_PL: // Plus, positive or zero >, ==, or unordered - return "pl"; - case ARM_CC_VS: // Overflow Unordered - return "vs"; - case ARM_CC_VC: // No overflow Not unordered - return "vc"; - case ARM_CC_HI: // Unsigned higher Greater than, or unordered - return "hi"; - case ARM_CC_LS: // Unsigned lower or same Less than or equal - return "ls"; - case ARM_CC_GE: // Greater than or equal Greater than or equal - return "ge"; - case ARM_CC_LT: // Less than Less than, or unordered - return "lt"; - case ARM_CC_GT: // Greater than Greater than - return "gt"; - case ARM_CC_LE: // Less than or equal <, ==, or unordered - return "le"; - default: - return ""; - } -} - static void opex(RzStrBuf *buf, csh handle, cs_insn *insn) { int i; PJ *pj = pj_new(); @@ -273,7 +238,7 @@ static void opex(RzStrBuf *buf, csh handle, cs_insn *insn) { if (x->update_flags) { pj_kb(pj, "update_flags", true); } - if (x->writeback) { + if (insn->detail->writeback) { pj_kb(pj, "writeback", true); } if (x->vector_size) { @@ -288,10 +253,10 @@ static void opex(RzStrBuf *buf, csh handle, cs_insn *insn) { if (x->cps_flag != ARM_CPSFLAG_INVALID) { pj_ki(pj, "cps_flag", x->cps_flag); } - if (x->cc != ARM_CC_INVALID && x->cc != ARM_CC_AL) { - pj_ks(pj, "cc", cc_name(x->cc)); + if (x->cc != ARMCC_UNDEF && x->cc != ARMCC_AL) { + pj_ks(pj, "cc", ARMCondCodeToString(x->cc)); } - if (x->mem_barrier != ARM_MB_INVALID) { + if (x->mem_barrier != ARM_MB_RESERVED_0) { pj_ki(pj, "mem_barrier", x->mem_barrier - 1); } pj_end(pj); @@ -550,24 +515,24 @@ static void opex64(RzStrBuf *buf, csh handle, cs_insn *insn) { } static int cond_cs2r2(int cc) { - if (cc == ARM_CC_AL || cc < 0) { + if (cc == ARMCC_AL || cc < 0) { cc = RZ_TYPE_COND_AL; } else { switch (cc) { - case ARM_CC_EQ: cc = RZ_TYPE_COND_EQ; break; - case ARM_CC_NE: cc = RZ_TYPE_COND_NE; break; - case ARM_CC_HS: cc = RZ_TYPE_COND_HS; break; - case ARM_CC_LO: cc = RZ_TYPE_COND_LO; break; - case ARM_CC_MI: cc = RZ_TYPE_COND_MI; break; - case ARM_CC_PL: cc = RZ_TYPE_COND_PL; break; - case ARM_CC_VS: cc = RZ_TYPE_COND_VS; break; - case ARM_CC_VC: cc = RZ_TYPE_COND_VC; break; - case ARM_CC_HI: cc = RZ_TYPE_COND_HI; break; - case ARM_CC_LS: cc = RZ_TYPE_COND_LS; break; - case ARM_CC_GE: cc = RZ_TYPE_COND_GE; break; - case ARM_CC_LT: cc = RZ_TYPE_COND_LT; break; - case ARM_CC_GT: cc = RZ_TYPE_COND_GT; break; - case ARM_CC_LE: cc = RZ_TYPE_COND_LE; break; + case ARMCC_EQ: cc = RZ_TYPE_COND_EQ; break; + case ARMCC_NE: cc = RZ_TYPE_COND_NE; break; + case ARMCC_HS: cc = RZ_TYPE_COND_HS; break; + case ARMCC_LO: cc = RZ_TYPE_COND_LO; break; + case ARMCC_MI: cc = RZ_TYPE_COND_MI; break; + case ARMCC_PL: cc = RZ_TYPE_COND_PL; break; + case ARMCC_VS: cc = RZ_TYPE_COND_VS; break; + case ARMCC_VC: cc = RZ_TYPE_COND_VC; break; + case ARMCC_HI: cc = RZ_TYPE_COND_HI; break; + case ARMCC_LS: cc = RZ_TYPE_COND_LS; break; + case ARMCC_GE: cc = RZ_TYPE_COND_GE; break; + case ARMCC_LT: cc = RZ_TYPE_COND_LT; break; + case ARMCC_GT: cc = RZ_TYPE_COND_GT; break; + case ARMCC_LE: cc = RZ_TYPE_COND_LE; break; } } return cc; @@ -902,7 +867,7 @@ static void anop64(ArmCSContext *ctx, RzAnalysisOp *op, cs_insn *insn) { } if (REGID(0) == ARM_REG_PC) { op->type = RZ_ANALYSIS_OP_TYPE_UJMP; - if (insn->detail->arm.cc != ARM_CC_AL) { + if (insn->detail->arm.cc != ARMCC_AL) { // op->type = RZ_ANALYSIS_OP_TYPE_MCJMP; op->type = RZ_ANALYSIS_OP_TYPE_UCJMP; } @@ -1028,21 +993,22 @@ static void anop32(RzAnalysis *a, csh handle, RzAnalysisOp *op, cs_insn *insn, b } op->cycles = 1; /* grab family */ - if (cs_insn_group(handle, insn, ARM_GRP_CRYPTO)) { + if (cs_insn_group(handle, insn, ARM_FEATURE_HasAES)) { op->family = RZ_ANALYSIS_OP_FAMILY_CRYPTO; - } else if (cs_insn_group(handle, insn, ARM_GRP_CRC)) { + } else if (cs_insn_group(handle, insn, ARM_FEATURE_HasCRC)) { op->family = RZ_ANALYSIS_OP_FAMILY_CRYPTO; #if CS_API_MAJOR >= 4 } else if (cs_insn_group(handle, insn, ARM_GRP_PRIVILEGE)) { op->family = RZ_ANALYSIS_OP_FAMILY_PRIV; - } else if (cs_insn_group(handle, insn, ARM_GRP_VIRTUALIZATION)) { + } else if (cs_insn_group(handle, insn, ARM_FEATURE_HasVirtualization)) { op->family = RZ_ANALYSIS_OP_FAMILY_VIRT; #endif - } else if (cs_insn_group(handle, insn, ARM_GRP_NEON)) { + } else if (cs_insn_group(handle, insn, ARM_FEATURE_HasNEON)) { op->family = RZ_ANALYSIS_OP_FAMILY_MMX; - } else if (cs_insn_group(handle, insn, ARM_GRP_FPARMV8)) { + } else if (cs_insn_group(handle, insn, ARM_FEATURE_HasFPARMv8)) { op->family = RZ_ANALYSIS_OP_FAMILY_FPU; - } else if (cs_insn_group(handle, insn, ARM_GRP_THUMB2DSP)) { + } else if (cs_insn_group(handle, insn, ARM_FEATURE_HasDSP) && + cs_insn_group(handle, insn, ARM_FEATURE_HasDSP)) { op->family = RZ_ANALYSIS_OP_FAMILY_MMX; } else { op->family = RZ_ANALYSIS_OP_FAMILY_CPU; @@ -1113,7 +1079,7 @@ jmp $$ + 4 + ( [delta] * 2 ) for (i = 0; i < insn->detail->arm.op_count; i++) { if (insn->detail->arm.operands[i].type == ARM_OP_REG && insn->detail->arm.operands[i].reg == ARM_REG_PC) { - if (insn->detail->arm.cc == ARM_CC_AL) { + if (insn->detail->arm.cc == ARMCC_AL) { op->type = RZ_ANALYSIS_OP_TYPE_RET; } else { op->type = RZ_ANALYSIS_OP_TYPE_CRET; @@ -1158,7 +1124,7 @@ jmp $$ + 4 + ( [delta] * 2 ) op->type = RZ_ANALYSIS_OP_TYPE_ADD; if (REGID(0) == ARM_REG_PC) { op->type = RZ_ANALYSIS_OP_TYPE_UJMP; - if (REGID(1) == ARM_REG_PC && insn->detail->arm.cc != ARM_CC_AL) { + if (REGID(1) == ARM_REG_PC && insn->detail->arm.cc != ARMCC_AL) { // op->type = RZ_ANALYSIS_OP_TYPE_RCJMP; op->type = RZ_ANALYSIS_OP_TYPE_UCJMP; op->fail = addr + op->size; @@ -1341,7 +1307,7 @@ jmp $$ + 4 + ( [delta] * 2 ) op->disp = MEMDISP(1); if (REGID(0) == ARM_REG_PC) { op->type = RZ_ANALYSIS_OP_TYPE_UJMP; - if (insn->detail->arm.cc != ARM_CC_AL) { + if (insn->detail->arm.cc != ARMCC_AL) { // op->type = RZ_ANALYSIS_OP_TYPE_MCJMP; op->type = RZ_ANALYSIS_OP_TYPE_UCJMP; } @@ -1364,7 +1330,7 @@ jmp $$ + 4 + ( [delta] * 2 ) } else if (REGBASE(1) == ARM_REG_PC) { op->ptr = (addr & ~3LL) + (thumb ? 4 : 8) + MEMDISP(1); op->refptr = 4; - if (REGID(0) == ARM_REG_PC && insn->detail->arm.cc != ARM_CC_AL) { + if (REGID(0) == ARM_REG_PC && insn->detail->arm.cc != ARMCC_AL) { // op->type = RZ_ANALYSIS_OP_TYPE_MCJMP; op->type = RZ_ANALYSIS_OP_TYPE_UCJMP; op->fail = addr + op->size; @@ -1417,10 +1383,10 @@ jmp $$ + 4 + ( [delta] * 2 ) case ARM_INS_B: /* b.cc label */ op->cycles = 4; - if (insn->detail->arm.cc == ARM_CC_INVALID) { + if (insn->detail->arm.cc == ARMCC_UNDEF) { op->type = RZ_ANALYSIS_OP_TYPE_ILL; op->fail = addr + op->size; - } else if (insn->detail->arm.cc == ARM_CC_AL) { + } else if (insn->detail->arm.cc == ARMCC_AL) { op->type = RZ_ANALYSIS_OP_TYPE_JMP; op->fail = UT64_MAX; } else { @@ -1491,7 +1457,7 @@ jmp $$ + 4 + ( [delta] * 2 ) if (thumb && rz_arm_it_apply_cond(&ctx->it, insn)) { op->mnemonic = rz_str_newf("%s%s%s%s", rz_analysis_optype_to_string(op->type), - cc_name(insn->detail->arm.cc), + ARMCondCodeToString(insn->detail->arm.cc), insn->op_str[0] ? " " : "", insn->op_str); op->cond = (RzTypeCond)insn->detail->arm.cc; @@ -1775,6 +1741,7 @@ static int analysis_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *bu } else { patch_capstone_bugs(insn, a->bits, a->big_endian); if (mask & RZ_ANALYSIS_OP_MASK_DISASM) { + // TODO Remove after Capstone auto-sync update. op->mnemonic = rz_str_newf("%s%s%s", insn->mnemonic, insn->op_str[0] ? " " : "", diff --git a/librz/asm/p/asm_arm_cs.c b/librz/asm/p/asm_arm_cs.c index de5bac5e9d1..b944a5822f8 100644 --- a/librz/asm/p/asm_arm_cs.c +++ b/librz/asm/p/asm_arm_cs.c @@ -27,10 +27,9 @@ static bool check_features(RzAsm *a, cs_insn *insn) { for (i = 0; i < insn->detail->groups_count; i++) { int id = insn->detail->groups[i]; switch (id) { - case ARM_GRP_ARM: - case ARM_GRP_THUMB: - case ARM_GRP_THUMB1ONLY: - case ARM_GRP_THUMB2: + case ARM_FEATURE_IsARM: + case ARM_FEATURE_IsThumb: + case ARM_FEATURE_IsThumb2: continue; default: if (id < 128) { @@ -48,41 +47,6 @@ static bool check_features(RzAsm *a, cs_insn *insn) { return true; } -static const char *cc_name(arm_cc cc) { - switch (cc) { - case ARM_CC_EQ: // Equal Equal - return "eq"; - case ARM_CC_NE: // Not equal Not equal, or unordered - return "ne"; - case ARM_CC_HS: // Carry set >, ==, or unordered - return "hs"; - case ARM_CC_LO: // Carry clear Less than - return "lo"; - case ARM_CC_MI: // Minus, negative Less than - return "mi"; - case ARM_CC_PL: // Plus, positive or zero >, ==, or unordered - return "pl"; - case ARM_CC_VS: // Overflow Unordered - return "vs"; - case ARM_CC_VC: // No overflow Not unordered - return "vc"; - case ARM_CC_HI: // Unsigned higher Greater than, or unordered - return "hi"; - case ARM_CC_LS: // Unsigned lower or same Less than or equal - return "ls"; - case ARM_CC_GE: // Greater than or equal Greater than or equal - return "ge"; - case ARM_CC_LT: // Less than Less than, or unordered - return "lt"; - case ARM_CC_GT: // Greater than Greater than - return "gt"; - case ARM_CC_LE: // Less than or equal <, ==, or unordered - return "le"; - default: - return ""; - } -} - static int disassemble(RzAsm *a, RzAsmOp *op, const ut8 *buf, int len) { ArmCSContext *ctx = (ArmCSContext *)a->plugin_data; @@ -162,7 +126,7 @@ static int disassemble(RzAsm *a, RzAsmOp *op, const ut8 *buf, int len) { if (thumb && rz_arm_it_apply_cond(&ctx->it, insn)) { char *tmpstr = rz_str_newf("%s%s", cs_insn_name(ctx->cd, insn->id), - cc_name(insn->detail->arm.cc)); + ARMCondCodeToString(insn->detail->arm.cc)); rz_str_cpy(insn->mnemonic, tmpstr); free(tmpstr); } From d21314d9faee23bbc17e87fc47dc3d1e4faa63bd Mon Sep 17 00:00:00 2001 From: Rot127 Date: Mon, 19 Jun 2023 12:02:21 -0500 Subject: [PATCH 003/106] Add auto-sync packagefile --- subprojects/capstone-auto-sync-arm.wrap | 1 + .../capstone-auto-sync-arm/meson.build | 98 +++++++++++++++++++ 2 files changed, 99 insertions(+) create mode 100644 subprojects/packagefiles/capstone-auto-sync-arm/meson.build diff --git a/subprojects/capstone-auto-sync-arm.wrap b/subprojects/capstone-auto-sync-arm.wrap index 518a7c6bf20..9c4c98946d2 100644 --- a/subprojects/capstone-auto-sync-arm.wrap +++ b/subprojects/capstone-auto-sync-arm.wrap @@ -3,3 +3,4 @@ url = https://github.com/Rot127/capstone.git revision = auto-sync directory = capstone-auto-sync-arm depth = 1 +patch_directory = capstone-auto-sync-arm diff --git a/subprojects/packagefiles/capstone-auto-sync-arm/meson.build b/subprojects/packagefiles/capstone-auto-sync-arm/meson.build new file mode 100644 index 00000000000..708fcfdc470 --- /dev/null +++ b/subprojects/packagefiles/capstone-auto-sync-arm/meson.build @@ -0,0 +1,98 @@ +project('capstone', 'c', version: '5.0', meson_version: '>=0.55.0') + +cs_files = [ + 'arch/AArch64/AArch64BaseInfo.c', + 'arch/AArch64/AArch64Disassembler.c', + 'arch/AArch64/AArch64InstPrinter.c', + 'arch/AArch64/AArch64Mapping.c', + 'arch/AArch64/AArch64Module.c', + 'arch/ARM/ARMBaseInfo.c', + 'arch/ARM/ARMDisassemblerExtension.c', + 'arch/ARM/ARMDisassembler.c', + 'arch/ARM/ARMInstPrinter.c', + 'arch/ARM/ARMMapping.c', + 'arch/ARM/ARMModule.c', + 'arch/M680X/M680XDisassembler.c', + 'arch/M680X/M680XInstPrinter.c', + 'arch/M680X/M680XModule.c', + 'arch/M68K/M68KDisassembler.c', + 'arch/M68K/M68KInstPrinter.c', + 'arch/M68K/M68KModule.c', + 'arch/Mips/MipsDisassembler.c', + 'arch/Mips/MipsInstPrinter.c', + 'arch/Mips/MipsMapping.c', + 'arch/Mips/MipsModule.c', + 'arch/PowerPC/PPCDisassembler.c', + 'arch/PowerPC/PPCInstPrinter.c', + 'arch/PowerPC/PPCMapping.c', + 'arch/PowerPC/PPCModule.c', + 'arch/Sparc/SparcDisassembler.c', + 'arch/Sparc/SparcInstPrinter.c', + 'arch/Sparc/SparcMapping.c', + 'arch/Sparc/SparcModule.c', + 'arch/SystemZ/SystemZDisassembler.c', + 'arch/SystemZ/SystemZInstPrinter.c', + 'arch/SystemZ/SystemZMapping.c', + 'arch/SystemZ/SystemZMCTargetDesc.c', + 'arch/SystemZ/SystemZModule.c', + 'arch/TMS320C64x/TMS320C64xDisassembler.c', + 'arch/TMS320C64x/TMS320C64xInstPrinter.c', + 'arch/TMS320C64x/TMS320C64xMapping.c', + 'arch/TMS320C64x/TMS320C64xModule.c', + 'arch/X86/X86ATTInstPrinter.c', + 'arch/X86/X86Disassembler.c', + 'arch/X86/X86DisassemblerDecoder.c', + 'arch/X86/X86IntelInstPrinter.c', + 'arch/X86/X86Mapping.c', + 'arch/X86/X86Module.c', + 'arch/X86/X86InstPrinterCommon.c', + 'arch/XCore/XCoreDisassembler.c', + 'arch/XCore/XCoreInstPrinter.c', + 'arch/XCore/XCoreMapping.c', + 'arch/XCore/XCoreModule.c', + 'arch/TriCore/TriCoreDisassembler.c', + 'arch/TriCore/TriCoreInstPrinter.c', + 'arch/TriCore/TriCoreMapping.c', + 'arch/TriCore/TriCoreModule.c', + 'cs.c', + 'Mapping.c', + 'MCInst.c', + 'MCInstrDesc.c', + 'MCInstPrinter.c', + 'MCRegisterInfo.c', + 'SStream.c', + 'Mapping.c', + 'utils.c', +] + +capstone_includes = [include_directories('include'), include_directories('include/capstone')] + +libcapstone_c_args = [ + '-DCAPSTONE_X86_ATT_DISABLE_NO', + '-DCAPSTONE_X86_REDUCE_NO', + '-DCAPSTONE_USE_SYS_DYN_MEM', + '-DCAPSTONE_DIET_NO', + '-DCAPSTONE_HAS_ARM', + '-DCAPSTONE_HAS_ARM64', + '-DCAPSTONE_HAS_M68K', + '-DCAPSTONE_HAS_M680X', + '-DCAPSTONE_HAS_MIPS', + '-DCAPSTONE_HAS_POWERPC', + '-DCAPSTONE_HAS_SPARC', + '-DCAPSTONE_HAS_SYSZ', + '-DCAPSTONE_HAS_X86', + '-DCAPSTONE_HAS_XCORE', + '-DCAPSTONE_HAS_TMS320C64X', + '-DCAPSTONE_HAS_TRICORE', +] + +libcapstone = library('capstone', cs_files, + c_args: libcapstone_c_args, + include_directories: capstone_includes, + implicit_include_directories: false +) + +capstone_dep = declare_dependency( + link_with: libcapstone, + include_directories: capstone_includes +) From 18e87c0911b992296300fceb206e774808e9f001 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Mon, 19 Jun 2023 12:17:47 -0500 Subject: [PATCH 004/106] Rename registers --- librz/analysis/arch/arm/arm_il32.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/librz/analysis/arch/arm/arm_il32.c b/librz/analysis/arch/arm/arm_il32.c index 8bea27e57ff..35d79cef1bb 100644 --- a/librz/analysis/arch/arm/arm_il32.c +++ b/librz/analysis/arch/arm/arm_il32.c @@ -1506,13 +1506,13 @@ static RzILOpEffect *msr(cs_insn *insn, bool is_thumb) { bool update_f = false; bool update_s = false; switch (dst->reg) { - case ARM_SYSREG_APSR_NZCVQ: + case ARM_MCLASSSYSREG_APSR_NZCVQ: update_f = true; break; - case ARM_SYSREG_APSR_G: + case ARM_MCLASSSYSREG_APSR_G: update_s = true; break; - case ARM_SYSREG_APSR_NZCVQG: + case ARM_MCLASSSYSREG_APSR_NZCVQG: update_f = true; update_s = true; break; From e00ac0b9e6de80cb081d698da00788141bac2a99 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 21 Jun 2023 10:04:32 -0500 Subject: [PATCH 005/106] Set option for CS register alias. --- librz/analysis/p/analysis_arm_cs.c | 1 + librz/asm/p/asm_arm_cs.c | 1 + 2 files changed, 2 insertions(+) diff --git a/librz/analysis/p/analysis_arm_cs.c b/librz/analysis/p/analysis_arm_cs.c index 9c4f4d39412..af6dd27bc5c 100644 --- a/librz/analysis/p/analysis_arm_cs.c +++ b/librz/analysis/p/analysis_arm_cs.c @@ -1722,6 +1722,7 @@ static int analysis_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *bu if (ctx->handle == 0) { ret = (a->bits == 64) ? cs_open(CS_ARCH_ARM64, mode, &ctx->handle) : cs_open(CS_ARCH_ARM, mode, &ctx->handle); cs_option(ctx->handle, CS_OPT_DETAIL, CS_OPT_ON); + cs_option(ctx->handle, CS_OPT_SYNTAX, CS_OPT_SYNTAX_CS_REG_ALIAS); if (ret != CS_ERR_OK) { ctx->handle = 0; return -1; diff --git a/librz/asm/p/asm_arm_cs.c b/librz/asm/p/asm_arm_cs.c index b944a5822f8..59e427e61af 100644 --- a/librz/asm/p/asm_arm_cs.c +++ b/librz/asm/p/asm_arm_cs.c @@ -92,6 +92,7 @@ static int disassemble(RzAsm *a, RzAsmOp *op, const ut8 *buf, int len) { } } cs_option(ctx->cd, CS_OPT_SYNTAX, (a->syntax == RZ_ASM_SYNTAX_REGNUM) ? CS_OPT_SYNTAX_NOREGNAME : CS_OPT_SYNTAX_DEFAULT); + cs_option(ctx->cd, CS_OPT_SYNTAX, CS_OPT_SYNTAX_CS_REG_ALIAS); cs_option(ctx->cd, CS_OPT_DETAIL, (a->features && *a->features) ? CS_OPT_ON : CS_OPT_OFF); cs_option(ctx->cd, CS_OPT_DETAIL, CS_OPT_ON); if (!buf) { From 0ec0290588d51716b3618be4d094136101668765 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 21 Jun 2023 11:43:05 -0500 Subject: [PATCH 006/106] Fix: Shift amounts are always decimal. --- test/db/asm/arm_32 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/db/asm/arm_32 b/test/db/asm/arm_32 index 8f8e683fcfd..90fa1542c83 100644 --- a/test/db/asm/arm_32 +++ b/test/db/asm/arm_32 @@ -464,7 +464,7 @@ d "ror r2, r7, r3" 7723a0e1 0x0 (set r2 (| (>> (var r7) (cast 5 false (var r3)) d "rors r2, r7, r3" 7723b0e1 0x0 (seq (set cf_tmp (ite (is_zero (cast 5 false (var r3))) (var cf) (msb (<< (var r7) (~- (cast 5 false (var r3))) false)))) (set r2 (| (>> (var r7) (cast 5 false (var r3)) false) (<< (var r7) (~- (cast 5 false (var r3))) false))) (set cf (var cf_tmp)) (set zf (is_zero (var r2))) (set nf (msb (var r2)))) d "rrx r2, r3" 6320a0e1 0x0 (set r2 (>> (var r3) (bv 5 0x1) (var cf))) d "rrxs r2, r3" 6320b0e1 0x0 (seq (set cf_tmp (lsb (var r3))) (set r2 (>> (var r3) (bv 5 0x1) (var cf))) (set cf (var cf_tmp)) (set zf (is_zero (var r2))) (set nf (msb (var r2)))) -d "lsr r1, r3, 0x1f" a31fa0e1 0x0 (set r1 (>> (var r3) (bv 5 0x1f) false)) +d "lsr r1, r3, 32" a31fa0e1 0x0 (set r1 (>> (var r3) (bv 5 0x1f) false)) d "mvn r1, 0x90000000" 0912e0e3 0x0 (set r1 (~ (bv 32 0x90000000))) d "mvns r1, 0x90000000" 0912f0e3 0x0 (seq (set cf_tmp true) (set r1 (~ (bv 32 0x90000000))) (set cf (var cf_tmp)) (set zf (is_zero (var r1))) (set nf (msb (var r1)))) ad "tst r1, r2" 020011e1 0x0 (seq (set zf (is_zero (& (var r1) (var r2)))) (set nf (msb (& (var r1) (var r2))))) From 7a98e4e84206d084f42aed40c3a8e69a97fd85e0 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Mon, 26 Jun 2023 00:02:14 -0500 Subject: [PATCH 007/106] Remove code which handles fixed CS issue. --- librz/analysis/arch/arm/arm_il32.c | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/librz/analysis/arch/arm/arm_il32.c b/librz/analysis/arch/arm/arm_il32.c index 35d79cef1bb..a4800886ba0 100644 --- a/librz/analysis/arch/arm/arm_il32.c +++ b/librz/analysis/arch/arm/arm_il32.c @@ -807,10 +807,7 @@ static RzILOpEffect *ldr(cs_insn *insn, bool is_thumb) { return NULL; } bool writeback = insn->detail->writeback; - if (ISIMM(mem_idx + 1)) { - // capstone incorrectly sets writeback to false for e.g. 0400b1e4 ldrt r0, [r1], 4 - writeback = true; - } + RzILOpEffect *writeback_eff = NULL; bool writeback_post = false; if (writeback) { @@ -896,10 +893,6 @@ static RzILOpEffect *str(cs_insn *insn, bool is_thumb) { return NULL; } bool writeback = insn->detail->writeback; - if (ISIMM(mem_idx + 1)) { - // capstone incorrectly sets writeback to false for e.g. 04b0ade4 strt fp, [sp], 4 - writeback = true; - } RzILOpEffect *writeback_eff = NULL; bool writeback_post = false; if (writeback) { From 4c6583ff574bcdfcdca29597060500bb3a3c8829 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Mon, 26 Jun 2023 00:02:58 -0500 Subject: [PATCH 008/106] Use mem disp which is a member of the member operand. --- librz/analysis/arch/arm/arm_il32.c | 22 ++++++++-------------- 1 file changed, 8 insertions(+), 14 deletions(-) diff --git a/librz/analysis/arch/arm/arm_il32.c b/librz/analysis/arch/arm/arm_il32.c index a4800886ba0..61d733999fe 100644 --- a/librz/analysis/arch/arm/arm_il32.c +++ b/librz/analysis/arch/arm/arm_il32.c @@ -812,13 +812,10 @@ static RzILOpEffect *ldr(cs_insn *insn, bool is_thumb) { bool writeback_post = false; if (writeback) { arm_reg base = insn->detail->arm.operands[mem_idx].mem.base; - if (ISIMM(mem_idx + 1)) { - // "ldr r0, [r1], 4" is treated as an extra operand after the mem - addr = insn->detail->arm.operands[mem_idx + 1].subtracted - ? SUB(addr, ARG(mem_idx + 1)) - : ADD(addr, ARG(mem_idx + 1)); - writeback_post = true; - } + addr = insn->detail->arm.operands[mem_idx].subtracted + ? SUB(addr, ARG(mem_idx)) + : ADD(addr, ARG(mem_idx)); + writeback_post = true; writeback_eff = write_reg(base, addr); if (!writeback_eff) { // 'ldrb r0, [pc, 0x104]!' (0401ffe5) for example is unpredictable. write_reg will return NULL for pc. @@ -897,13 +894,10 @@ static RzILOpEffect *str(cs_insn *insn, bool is_thumb) { bool writeback_post = false; if (writeback) { arm_reg base = insn->detail->arm.operands[mem_idx].mem.base; - if (ISIMM(mem_idx + 1)) { - // "str r0, [r1], 4" is treated as an extra operand after the mem - addr = insn->detail->arm.operands[mem_idx + 1].subtracted - ? SUB(addr, ARG(mem_idx + 1)) - : ADD(addr, ARG(mem_idx + 1)); - writeback_post = true; - } + addr = insn->detail->arm.operands[mem_idx].subtracted + ? SUB(addr, ARG(mem_idx)) + : ADD(addr, ARG(mem_idx)); + writeback_post = true; writeback_eff = write_reg(base, addr); if (!writeback_eff) { return NULL; From d70f2bb1ea2d0f2acfec0f564fe8a9b724679c45 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Mon, 26 Jun 2023 00:29:30 -0500 Subject: [PATCH 009/106] Get register and imm memory disponent. --- librz/analysis/arch/arm/arm_accessors32.h | 1 + librz/analysis/arch/arm/arm_il32.c | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/librz/analysis/arch/arm/arm_accessors32.h b/librz/analysis/arch/arm/arm_accessors32.h index cf6e88c44e3..096ba3e635a 100644 --- a/librz/analysis/arch/arm/arm_accessors32.h +++ b/librz/analysis/arch/arm/arm_accessors32.h @@ -18,6 +18,7 @@ #define HASMEMINDEX(x) (insn->detail->arm.operands[x].mem.index != ARM_REG_INVALID) #define ISMEMINDEXSUB(x) insn->detail->arm.operands[x].subtracted #define MEMDISP(x) insn->detail->arm.operands[x].mem.disp +#define MEMDISP_BV(x) (HASMEMINDEX(x) ? REG_VAL(insn->detail->arm.operands[x].mem.index) : U32(MEMDISP(x))) #define ISIMM(x) (insn->detail->arm.operands[x].type == ARM_OP_IMM || insn->detail->arm.operands[x].type == ARM_OP_FP) #define ISREG(x) (insn->detail->arm.operands[x].type == ARM_OP_REG) #define ISMEM(x) (insn->detail->arm.operands[x].type == ARM_OP_MEM) diff --git a/librz/analysis/arch/arm/arm_il32.c b/librz/analysis/arch/arm/arm_il32.c index 61d733999fe..63322f84056 100644 --- a/librz/analysis/arch/arm/arm_il32.c +++ b/librz/analysis/arch/arm/arm_il32.c @@ -813,8 +813,8 @@ static RzILOpEffect *ldr(cs_insn *insn, bool is_thumb) { if (writeback) { arm_reg base = insn->detail->arm.operands[mem_idx].mem.base; addr = insn->detail->arm.operands[mem_idx].subtracted - ? SUB(addr, ARG(mem_idx)) - : ADD(addr, ARG(mem_idx)); + ? SUB(addr, MEMDISP_BV(mem_idx)) + : ADD(addr, MEMDISP_BV(mem_idx)); writeback_post = true; writeback_eff = write_reg(base, addr); if (!writeback_eff) { From 144c0c7438c0150cb128f217e17289bf1de62795 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 29 Jun 2023 05:45:36 -0500 Subject: [PATCH 010/106] Remove duplicate extension --- librz/analysis/arch/arm/arm_il32.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/librz/analysis/arch/arm/arm_il32.c b/librz/analysis/arch/arm/arm_il32.c index 63322f84056..e0516ca6fb4 100644 --- a/librz/analysis/arch/arm/arm_il32.c +++ b/librz/analysis/arch/arm/arm_il32.c @@ -812,9 +812,6 @@ static RzILOpEffect *ldr(cs_insn *insn, bool is_thumb) { bool writeback_post = false; if (writeback) { arm_reg base = insn->detail->arm.operands[mem_idx].mem.base; - addr = insn->detail->arm.operands[mem_idx].subtracted - ? SUB(addr, MEMDISP_BV(mem_idx)) - : ADD(addr, MEMDISP_BV(mem_idx)); writeback_post = true; writeback_eff = write_reg(base, addr); if (!writeback_eff) { @@ -894,9 +891,6 @@ static RzILOpEffect *str(cs_insn *insn, bool is_thumb) { bool writeback_post = false; if (writeback) { arm_reg base = insn->detail->arm.operands[mem_idx].mem.base; - addr = insn->detail->arm.operands[mem_idx].subtracted - ? SUB(addr, ARG(mem_idx)) - : ADD(addr, ARG(mem_idx)); writeback_post = true; writeback_eff = write_reg(base, addr); if (!writeback_eff) { From c21d0a55241ad98959b0768480b8abe300043064 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 29 Jun 2023 08:54:36 -0500 Subject: [PATCH 011/106] Check for subtracted flag. --- librz/analysis/arch/arm/arm_il32.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/librz/analysis/arch/arm/arm_il32.c b/librz/analysis/arch/arm/arm_il32.c index e0516ca6fb4..73183d2ce62 100644 --- a/librz/analysis/arch/arm/arm_il32.c +++ b/librz/analysis/arch/arm/arm_il32.c @@ -527,10 +527,10 @@ static RzILOpBitVector *arg(cs_insn *insn, bool is_thumb, int n, RZ_NULLABLE RzI case ARM_OP_MEM: { RzILOpBitVector *addr = MEMBASE(n); int disp = MEMDISP(n); - if (disp > 0) { + if (disp != 0 && !op->subtracted) { addr = ADD(addr, U32(disp)); - } else if (disp < 0) { - addr = SUB(addr, U32(-disp)); + } else if (disp != 0 && op->subtracted) { + addr = SUB(addr, U32(disp)); } return arg_mem(addr, &insn->detail->arm.operands[n], carry_out); } From 846d1e43a5640825e24e1bec7eb7285a313bf6e7 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sat, 1 Jul 2023 13:24:38 -0500 Subject: [PATCH 012/106] Determine post writeback by CS em operand flag. --- librz/analysis/arch/arm/arm_il32.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/librz/analysis/arch/arm/arm_il32.c b/librz/analysis/arch/arm/arm_il32.c index 73183d2ce62..1592d7d649c 100644 --- a/librz/analysis/arch/arm/arm_il32.c +++ b/librz/analysis/arch/arm/arm_il32.c @@ -809,10 +809,9 @@ static RzILOpEffect *ldr(cs_insn *insn, bool is_thumb) { bool writeback = insn->detail->writeback; RzILOpEffect *writeback_eff = NULL; - bool writeback_post = false; + bool writeback_post = insn->detail->arm.post_index; if (writeback) { arm_reg base = insn->detail->arm.operands[mem_idx].mem.base; - writeback_post = true; writeback_eff = write_reg(base, addr); if (!writeback_eff) { // 'ldrb r0, [pc, 0x104]!' (0401ffe5) for example is unpredictable. write_reg will return NULL for pc. @@ -888,10 +887,9 @@ static RzILOpEffect *str(cs_insn *insn, bool is_thumb) { } bool writeback = insn->detail->writeback; RzILOpEffect *writeback_eff = NULL; - bool writeback_post = false; + bool writeback_post = insn->detail->arm.post_index; if (writeback) { arm_reg base = insn->detail->arm.operands[mem_idx].mem.base; - writeback_post = true; writeback_eff = write_reg(base, addr); if (!writeback_eff) { return NULL; From 092ff34f33c2cc63edf5c99093c77cb6030e3400 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sun, 2 Jul 2023 06:37:13 -0500 Subject: [PATCH 013/106] Add VPOP and VPUSH again. --- librz/analysis/arch/arm/arm_il32.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/librz/analysis/arch/arm/arm_il32.c b/librz/analysis/arch/arm/arm_il32.c index 1592d7d649c..0ae5a0ba017 100644 --- a/librz/analysis/arch/arm/arm_il32.c +++ b/librz/analysis/arch/arm/arm_il32.c @@ -1178,7 +1178,7 @@ static RzILOpEffect *stm(cs_insn *insn, bool is_thumb) { size_t op_first; arm_reg ptr_reg; bool writeback; - if (insn->id == ARM_INS_PUSH) { + if (insn->id == ARM_INS_PUSH || insn->id == ARM_INS_VPUSH) { op_first = 0; ptr_reg = ARM_REG_SP; writeback = true; @@ -1199,9 +1199,9 @@ static RzILOpEffect *stm(cs_insn *insn, bool is_thumb) { return NULL; } bool decrement = insn->id == ARM_INS_STMDA || insn->id == ARM_INS_STMDB || insn->id == ARM_INS_PUSH || - insn->id == ARM_INS_VSTMDB; + insn->id == ARM_INS_VSTMDB || insn->id == ARM_INS_VPUSH; bool before = insn->id == ARM_INS_STMDB || insn->id == ARM_INS_PUSH || insn->id == ARM_INS_VSTMDB || - insn->id == ARM_INS_STMIB; + insn->id == ARM_INS_STMIB || insn->id == ARM_INS_VPUSH; ut32 regsize = reg_bits(REGID(op_first)) / 8; RzILOpEffect *eff = NULL; // build up in reverse order so the result recurses in the second arg of seq (for tail-call optimization) @@ -1239,7 +1239,7 @@ static RzILOpEffect *ldm(cs_insn *insn, bool is_thumb) { size_t op_first; arm_reg ptr_reg; bool writeback; - if (insn->id == ARM_INS_POP) { + if (insn->id == ARM_INS_POP || insn->id == ARM_INS_VPOP) { op_first = 0; ptr_reg = ARM_REG_SP; writeback = true; @@ -4130,9 +4130,11 @@ static RzILOpEffect *il_unconditional(csh *handle, cs_insn *insn, bool is_thumb) case ARM_INS_STMDA: case ARM_INS_STMDB: case ARM_INS_PUSH: + case ARM_INS_VPUSH: case ARM_INS_STMIB: return stm(insn, is_thumb); case ARM_INS_POP: + case ARM_INS_VPOP: case ARM_INS_LDM: case ARM_INS_LDMDA: case ARM_INS_LDMDB: From 34d746ad3056566fb9300b0cbfa676fde2513988 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Mon, 3 Jul 2023 07:27:15 -0500 Subject: [PATCH 014/106] Check for subtracted flag if disp is added to PC --- librz/analysis/arch/arm/arm_il32.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/librz/analysis/arch/arm/arm_il32.c b/librz/analysis/arch/arm/arm_il32.c index 0ae5a0ba017..686f996185a 100644 --- a/librz/analysis/arch/arm/arm_il32.c +++ b/librz/analysis/arch/arm/arm_il32.c @@ -799,7 +799,8 @@ static RzILOpEffect *ldr(cs_insn *insn, bool is_thumb) { cs_arm_op *memop = &insn->detail->arm.operands[mem_idx]; if (memop->mem.base == ARM_REG_PC) { // LDR (literal) is different in the sense that it aligns the pc value: - addr = arg_mem(U32(PCALIGN(insn->address, is_thumb) + MEMDISP(mem_idx)), memop, NULL); + int32_t mem_disp = memop->subtracted ? -MEMDISP(mem_idx) : MEMDISP(mem_idx); + addr = arg_mem(U32(PCALIGN(insn->address, is_thumb) + mem_disp), memop, NULL); } else { addr = ARG(mem_idx); } From 24c86e614edc358bfba1ee5814c5eee5fc870a9f Mon Sep 17 00:00:00 2001 From: Rot127 Date: Mon, 3 Jul 2023 07:38:34 -0500 Subject: [PATCH 015/106] Fix hex <-> decimal tests and off by one --- test/db/asm/arm_32 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/test/db/asm/arm_32 b/test/db/asm/arm_32 index 90fa1542c83..d4e1dd28266 100644 --- a/test/db/asm/arm_32 +++ b/test/db/asm/arm_32 @@ -142,8 +142,8 @@ d "andeq r0, r0, 1" 01000002 d "andeq r3, r5, 0x80000000" 02310502 d "andne r3, r3, r2" 02300310 d "andne ip, ip, r7" 07c00c10 -d "asreq r0, ip, 0x1f" cc0fa001 -d "asrne r0, r4, 0x1f" c40fa011 +d "asreq r0, ip, 31" cc0fa001 +d "asrne r0, r4, 31" c40fa011 d "beq 8" 0000000a 0x0 (branch (var zf) (jmp (bv 32 0x8)) nop) d "biceq r3, r3, 7" 0730c303 d "blne 0x1900" 3E06001B @@ -182,7 +182,7 @@ d "ldrdne r2, r3, [r3, ip]" dc208311 d "ldreq r0, [fp, -0xb4]" b4001b05 d "ldrheq r0, [r3, r0]" b0009301 d "lslne r1, r1, 2" 0111a011 -d "lsreq r0, r0, 0x10" 2008a001 +d "lsreq r0, r0, 16" 2008a001 d "lsrne r0, r0, 9" a004a011 d "mlaeq r7, r5, r7, r0" 95072700 d "mlane r3, r1, r3, r2" 91232310 @@ -464,7 +464,7 @@ d "ror r2, r7, r3" 7723a0e1 0x0 (set r2 (| (>> (var r7) (cast 5 false (var r3)) d "rors r2, r7, r3" 7723b0e1 0x0 (seq (set cf_tmp (ite (is_zero (cast 5 false (var r3))) (var cf) (msb (<< (var r7) (~- (cast 5 false (var r3))) false)))) (set r2 (| (>> (var r7) (cast 5 false (var r3)) false) (<< (var r7) (~- (cast 5 false (var r3))) false))) (set cf (var cf_tmp)) (set zf (is_zero (var r2))) (set nf (msb (var r2)))) d "rrx r2, r3" 6320a0e1 0x0 (set r2 (>> (var r3) (bv 5 0x1) (var cf))) d "rrxs r2, r3" 6320b0e1 0x0 (seq (set cf_tmp (lsb (var r3))) (set r2 (>> (var r3) (bv 5 0x1) (var cf))) (set cf (var cf_tmp)) (set zf (is_zero (var r2))) (set nf (msb (var r2)))) -d "lsr r1, r3, 32" a31fa0e1 0x0 (set r1 (>> (var r3) (bv 5 0x1f) false)) +d "lsr r1, r3, 31" a31fa0e1 0x0 (set r1 (>> (var r3) (bv 5 0x1f) false)) d "mvn r1, 0x90000000" 0912e0e3 0x0 (set r1 (~ (bv 32 0x90000000))) d "mvns r1, 0x90000000" 0912f0e3 0x0 (seq (set cf_tmp true) (set r1 (~ (bv 32 0x90000000))) (set cf (var cf_tmp)) (set zf (is_zero (var r1))) (set nf (msb (var r1)))) ad "tst r1, r2" 020011e1 0x0 (seq (set zf (is_zero (& (var r1) (var r2)))) (set nf (msb (& (var r1) (var r2))))) From 62c2f0341aed61a73784326bec76d58809852250 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Mon, 3 Jul 2023 09:23:59 -0500 Subject: [PATCH 016/106] Print immediates ins signed form as LLVM does. --- test/db/asm/arm_16 | 14 +++++++------- test/db/asm/arm_32 | 20 ++++++++++---------- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/test/db/asm/arm_16 b/test/db/asm/arm_16 index be3ff449294..8a39c97bcff 100755 --- a/test/db/asm/arm_16 +++ b/test/db/asm/arm_16 @@ -21,7 +21,7 @@ a "sub ip, 0x33" acf1330c a "sub r8, 0xf9" a8f1f908 ad "adc r0, r1, 0x7b" 41f17b00 0x0 (set r0 (+ (+ (var r1) (bv 32 0x7b)) (ite (var cf) (bv 32 0x1) (bv 32 0x0)))) ad "adc r0, r1, 0xaf00af" 41f1af10 -ad "adc r0, r1, -0x47ff4800" 41f1b820 # -0xb800b800 +ad "adc r0, r1, 0xb800b800" 41f1b820 ad "adc r0, r1, 0x26262626" 41f12630 ad "adc r0, r1, 0x8f0000" 41f50f00 ad "adc r0, r1, 0x1360000" 41f19b70 @@ -99,7 +99,7 @@ d "adds r6, r2, 5" 561d 0x0 (seq (set a (var r2)) (set b (bv 32 0x5)) (set r6 (+ a "add r6, r2, 5" 561d d "adds r7, 0xc3" c337 a "add r7, 0xc3" c337 -d "add.w sb, ip, -0x4dff4e00" 0cf1b229 # 0xb200b200 +d "add.w sb, ip, 0xb200b200" 0cf1b229 a "add r9, r12, -0x4dff4e00" 0cf1b229 # 0xb200b200 ad "add.w r1, r3, 0x2c" 03f12c01 d "adds.w sb, r2, 0x250000" 12f51419 @@ -237,7 +237,7 @@ d "cmn.w r1, r3, asr 30" 11eba37f 0x0 (seq (set a (var r1)) (set b (>> (var r3) a "cmn r1, r3, asr 30" 11eba37f ad "cmn.w r2, r5" 12eb050f ad "cmp r3, 0x73" 732b 0x0 (seq (set a (var r3)) (set b (bv 32 0x73)) (set res (- (var a) (var b))) (set cf (ule (var b) (var a))) (set vf (&& (^^ (msb (var a)) (msb (var b))) (^^ (msb (var a)) (msb (var res))))) (set zf (is_zero (var res))) (set nf (msb (var res)))) -d "cmp.w r8, -0x54545455" b8f1ab3f 0x0 (seq (set a (var r8)) (set b (bv 32 0xabababab)) (set res (- (var a) (var b))) (set cf (ule (var b) (var a))) (set vf (&& (^^ (msb (var a)) (msb (var b))) (^^ (msb (var a)) (msb (var res))))) (set zf (is_zero (var res))) (set nf (msb (var res)))) +d "cmp.w r8, 0xabababab" b8f1ab3f 0x0 (seq (set a (var r8)) (set b (bv 32 0xabababab)) (set res (- (var a) (var b))) (set cf (ule (var b) (var a))) (set vf (&& (^^ (msb (var a)) (msb (var b))) (^^ (msb (var a)) (msb (var res))))) (set zf (is_zero (var res))) (set nf (msb (var res)))) a "cmp r8, -0x54545455" b8f1ab3f # 0xabababab ad "cmp.w r6, 0x23" b6f1230f ad "cmp r3, r4" a342 @@ -455,7 +455,7 @@ d "mls r6, sl, r2, r5" 0afb1256 a "mls r6, r10, r2, r5" 0afb1256 d "movs r6, 0x26" 2626 0x0 (seq (set r6 (bv 32 0x26)) (set zf (is_zero (var r6))) (set nf (msb (var r6)))) a "mov r6, 0x26" 2626 -d "mov.w r7, -0x4dff4e00" 4ff0b227 # 0xb200b200 +d "mov.w r7, 0xb200b200" 4ff0b227 a "mov r7, 0xb200b200" 4ff0b227 d "movs.w fp, 0x130000" 5ff4981b a "movs r11, 0x00130000" 5ff4981b @@ -510,7 +510,7 @@ a "mvn r10, r3, lsr 17" 6fea534a ad "mvn.w r1, r2" 6fea0201 ad "nop" 00bf ad "nop.w" aff30080 -d "orn r6, sl, -0x54545455" 6af0ab36 # 0xabababab +d "orn r6, sl, 0xabababab" 6af0ab36 a "orn r6, r10, 0xabababab" 6af0ab36 d "orns r2, r3, 0x12800" 73f49432 0x0 (seq (set r2 (| (var r3) (~ (bv 32 0x12800)))) (set cf false) (set zf (is_zero (var r2))) (set nf (msb (var r2)))) a "orns r2, r3, 0x00012800" 73f49432 @@ -665,7 +665,7 @@ d "rsbs r6, r6, 0" 7642 a "rsb r6, 0" 7642 d "rsb.w sb, r2, 0x16" c2f11609 a "rsb r9, r2, 0x16" c2f11609 -d "rsbs.w r7, sb, -0x54ff5500" d9f1ab27 # 0xab00ab00 +d "rsbs.w r7, sb, 0xab00ab00" d9f1ab27 a "rsbs r7, r9, 0xab00ab00" d9f1ab27 ad "rsb.w r2, r3, 0" c3f10002 ad "rsbs.w r3, r5, 0" d5f10003 @@ -691,7 +691,7 @@ d "sbc r7, r2, 0xf30000" 62f57307 a "sbc r7, r2, 0x00f30000" 62f57307 d "sbc r1, r1, 0xfb" 61f1fb01 a "sbc r1, 0xfb" 61f1fb01 -d "sbcs r2, r5, -0x54ff5500" 75f1ab22 # 0xab00ab00 +d "sbcs r2, r5, 0xab00ab00" 75f1ab22 a "sbcs r2, r5, 0xab00ab00" 75f1ab22 d "sbcs r2, r5" aa41 a "sbc r2, r5" aa41 diff --git a/test/db/asm/arm_32 b/test/db/asm/arm_32 index d4e1dd28266..6320cd5829c 100644 --- a/test/db/asm/arm_32 +++ b/test/db/asm/arm_32 @@ -139,7 +139,7 @@ d "sbc r6, r6, 0xc" 0c60c6e2 0x0 (set r6 (- (- (var r6) (bv 32 0xc)) (ite (var c d "sbc r6, r7, r5" 0560c7e0 0x0 (set r6 (- (- (var r7) (var r5)) (ite (var cf) (bv 32 0x0) (bv 32 0x1)))) d "sbcs r6, r7, r5" 0560d7e0 0x0 (seq (set a (var r7)) (set b (var r5)) (set r6 (- (- (var r7) (var r5)) (ite (var cf) (bv 32 0x0) (bv 32 0x1)))) (set cf (msb (+ (+ (cast 33 false (var a)) (cast 33 false (~ (var b)))) (ite (var cf) (bv 33 0x1) (bv 33 0x0))))) (set vf (&& (^^ (msb (var a)) (msb (var b))) (^^ (msb (var a)) (msb (var r6))))) (set zf (is_zero (var r6))) (set nf (msb (var r6)))) d "andeq r0, r0, 1" 01000002 -d "andeq r3, r5, 0x80000000" 02310502 +d "andeq r3, r5, -0x80000000" 02310502 d "andne r3, r3, r2" 02300310 d "andne ip, ip, r7" 07c00c10 d "asreq r0, ip, 31" cc0fa001 @@ -190,10 +190,10 @@ d "moveq r0, sl" 0a00a001 d "movne r0, sb" 0900a011 d "mulne r3, r3, r0" 93000310 d "mvneq r0, 0x15" 1500e003 -d "mvneq r0, 0x80000000" 0201e003 +d "mvneq r0, -0x80000000" 0201e003 d "orreq r5, r5, r3" 03508501 d "orreq r6, r6, r2, lsr 1" a2608601 -d "orreq r3, r3, 0x80000000" 02318303 +d "orreq r3, r3, -0x80000000" 02318303 d "orrne r0, r0, r1, lsl ip" 110c8011 d "orrne r1, r1, r3" 03108111 d "popeq {pc}" 04f09d04 @@ -235,7 +235,7 @@ d "movs r1, 0, 2" 0011b0e3 0x0 (seq (set cf_tmp false) (set r1 (bv 32 0x0)) (set d "movs r1, 1, 30" 011fb0e3 0x0 (seq (set cf_tmp false) (set r1 (bv 32 0x4)) (set cf (var cf_tmp)) (set zf (is_zero (var r1))) (set nf (msb (var r1)))) d "movs r1, 4" 0410b0e3 0x0 (seq (set r1 (bv 32 0x4)) (set zf (is_zero (var r1))) (set nf (msb (var r1)))) d "movs r1, 0x40000000" 0111b0e3 0x0 (seq (set cf_tmp false) (set r1 (bv 32 0x40000000)) (set cf (var cf_tmp)) (set zf (is_zero (var r1))) (set nf (msb (var r1)))) -d "movs r1, 0x80000000" 0211b0e3 0x0 (seq (set cf_tmp true) (set r1 (bv 32 0x80000000)) (set cf (var cf_tmp)) (set zf (is_zero (var r1))) (set nf (msb (var r1)))) +d "movs r1, -0x80000000" 0211b0e3 0x0 (seq (set cf_tmp true) (set r1 (bv 32 0x80000000)) (set cf (var cf_tmp)) (set zf (is_zero (var r1))) (set nf (msb (var r1)))) ad "movs r0, 0x2a" 2a00b0e3 0x0 (seq (set r0 (bv 32 0x2a)) (set zf (is_zero (var r0))) (set nf (msb (var r0)))) ad "mov pc, 0x2a" 2af0a0e3 0x0 (jmp (bv 32 0x2a)) ad "movs pc, 0x2a" 2af0b0e3 @@ -392,10 +392,10 @@ d "eor r4, r3, 3" 034023e2 0x0 (set r4 (^ (var r3) (bv 32 0x3))) d "eors r4, r3, 3" 034033e2 0x0 (seq (set r4 (^ (var r3) (bv 32 0x3))) (set zf (is_zero (var r4))) (set nf (msb (var r4)))) d "eors r4, r3, 0x30000" 034833e2 0x0 (seq (set r4 (^ (var r3) (bv 32 0x30000))) (set cf false) (set zf (is_zero (var r4))) (set nf (msb (var r4)))) d "eors r3, r3, 0x30000" 033833e2 0x0 (seq (set r3 (^ (var r3) (bv 32 0x30000))) (set cf false) (set zf (is_zero (var r3))) (set nf (msb (var r3)))) -d "eors r3, r3, 0x80000000" 023133e2 0x0 (seq (set r3 (^ (var r3) (bv 32 0x80000000))) (set cf true) (set zf (is_zero (var r3))) (set nf (msb (var r3)))) +d "eors r3, r3, -0x80000000" 023133e2 0x0 (seq (set r3 (^ (var r3) (bv 32 0x80000000))) (set cf true) (set zf (is_zero (var r3))) (set nf (msb (var r3)))) d "and r0, r1, r2" 020001e0 0x0 (set r0 (& (var r1) (var r2))) -d "ands r0, r1, 0x80000000" 020111e2 0x0 (seq (set r0 (& (var r1) (bv 32 0x80000000))) (set cf true) (set zf (is_zero (var r0))) (set nf (msb (var r0)))) -d "ands r0, r0, 0x80000000" 020110e2 0x0 (seq (set r0 (& (var r0) (bv 32 0x80000000))) (set cf true) (set zf (is_zero (var r0))) (set nf (msb (var r0)))) +d "ands r0, r1, -0x80000000" 020111e2 0x0 (seq (set r0 (& (var r1) (bv 32 0x80000000))) (set cf true) (set zf (is_zero (var r0))) (set nf (msb (var r0)))) +d "ands r0, r0, -0x80000000" 020110e2 0x0 (seq (set r0 (& (var r0) (bv 32 0x80000000))) (set cf true) (set zf (is_zero (var r0))) (set nf (msb (var r0)))) d "ands r0, r1, 0x42" 420011e2 0x0 (seq (set r0 (& (var r1) (bv 32 0x42))) (set zf (is_zero (var r0))) (set nf (msb (var r0)))) d "orr r0, r1, 0x42" 420081e3 0x0 (set r0 (| (var r1) (bv 32 0x42))) d "orrs r0, r1, 0x42" 420091e3 0x0 (seq (set r0 (| (var r1) (bv 32 0x42))) (set zf (is_zero (var r0))) (set nf (msb (var r0)))) @@ -465,13 +465,13 @@ d "rors r2, r7, r3" 7723b0e1 0x0 (seq (set cf_tmp (ite (is_zero (cast 5 false (v d "rrx r2, r3" 6320a0e1 0x0 (set r2 (>> (var r3) (bv 5 0x1) (var cf))) d "rrxs r2, r3" 6320b0e1 0x0 (seq (set cf_tmp (lsb (var r3))) (set r2 (>> (var r3) (bv 5 0x1) (var cf))) (set cf (var cf_tmp)) (set zf (is_zero (var r2))) (set nf (msb (var r2)))) d "lsr r1, r3, 31" a31fa0e1 0x0 (set r1 (>> (var r3) (bv 5 0x1f) false)) -d "mvn r1, 0x90000000" 0912e0e3 0x0 (set r1 (~ (bv 32 0x90000000))) -d "mvns r1, 0x90000000" 0912f0e3 0x0 (seq (set cf_tmp true) (set r1 (~ (bv 32 0x90000000))) (set cf (var cf_tmp)) (set zf (is_zero (var r1))) (set nf (msb (var r1)))) +d "mvn r1, -0x70000000" 0912e0e3 0x0 (set r1 (~ (bv 32 0x90000000))) +d "mvns r1, -0x70000000" 0912f0e3 0x0 (seq (set cf_tmp true) (set r1 (~ (bv 32 0x90000000))) (set cf (var cf_tmp)) (set zf (is_zero (var r1))) (set nf (msb (var r1)))) ad "tst r1, r2" 020011e1 0x0 (seq (set zf (is_zero (& (var r1) (var r2)))) (set nf (msb (& (var r1) (var r2))))) ad "tst ip, r3" 03001ce1 0x0 (seq (set zf (is_zero (& (var r12) (var r3)))) (set nf (msb (& (var r12) (var r3))))) d "tst r0, r1, ror 16" 610810e1 0x0 (seq (set cf (ite (is_zero (bv 5 0x10)) (var cf) (msb (<< (var r1) (~- (bv 5 0x10)) false)))) (set zf (is_zero (& (var r0) (| (>> (var r1) (bv 5 0x10) false) (<< (var r1) (~- (bv 5 0x10)) false))))) (set nf (msb (& (var r0) (| (>> (var r1) (bv 5 0x10) false) (<< (var r1) (~- (bv 5 0x10)) false)))))) d "teq r1, r2" 020031e1 0x0 (seq (set zf (is_zero (| (var r1) (var r2)))) (set nf (msb (| (var r1) (var r2))))) -d "teq r1, 0x80000000" 020131e3 0x0 (seq (set cf true) (set zf (is_zero (| (var r1) (bv 32 0x80000000)))) (set nf (msb (| (var r1) (bv 32 0x80000000))))) +d "teq r1, -0x80000000" 020131e3 0x0 (seq (set cf true) (set zf (is_zero (| (var r1) (bv 32 0x80000000)))) (set nf (msb (| (var r1) (bv 32 0x80000000))))) ad "clz r3, r2" 123f6fe1 0x0 (seq (set v (var r2)) (set i (bv 32 0x20)) (repeat (! (is_zero (var v))) (seq (set v (>> (var v) (bv 5 0x1) false)) (set i (- (var i) (bv 32 0x1))))) (set r3 (var i))) ad "svc 0" 000000ef 0x0 (goto svc) ad "bfc r3, 3, 5" 9f31c7e7 0x0 (set r3 (& (var r3) (bv 32 0xffffff07))) From 31dd8cc7eee5557b9e6e1472ba92ed37d07496b9 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Mon, 3 Jul 2023 09:56:58 -0500 Subject: [PATCH 017/106] Fix tests wit equivalent results --- test/db/asm/arm_16 | 10 +++++----- test/db/asm/arm_32 | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/test/db/asm/arm_16 b/test/db/asm/arm_16 index 8a39c97bcff..87e6e008d41 100755 --- a/test/db/asm/arm_16 +++ b/test/db/asm/arm_16 @@ -87,13 +87,13 @@ ad "adr r6, 0x360" d8a6 0x0 (set r6 (bv 32 0x364)) d "adr r6, 0x360" d8a6 0x1000 (set r6 (bv 32 0x1364)) d "adr r6, 0x360" d8a6 0x1002 (set r6 (bv 32 0x1364)) d "adr r6, 0x360" d8a6 0x1004 (set r6 (bv 32 0x1368)) -d "subw r8, pc, 0xec7" aff6c768 0x1000 (set r8 (bv 32 0x13d)) +d "adr.w r8, -0xec7" aff6c768 0x1000 (set r8 (bv 32 0x13d)) a "adr r8, -0xec7" aff6c768 -d "subw r2, pc, 0x10" aff21002 0x1000 (set r2 (bv 32 0xff4)) +d "adr.w r2, -0x10" aff21002 0x1000 (set r2 (bv 32 0xff4)) a "adr.w r2, -0x10" aff21002 -d "addw r8, pc, 0xa23" 0ff62328 0x1000 (set r8 (bv 32 0x1a27)) +d "adr.w r8, 0xa23" 0ff62328 0x1000 (set r8 (bv 32 0x1a27)) a "adr r8, 0xa23" 0ff62328 -d "addw r3, pc, 0x24" 0ff22403 0x1000 (set r3 (bv 32 0x1028)) +d "adr.w r3, 0x24" 0ff22403 0x1000 (set r3 (bv 32 0x1028)) a "adr.w r3, 0x24" 0ff22403 d "adds r6, r2, 5" 561d 0x0 (seq (set a (var r2)) (set b (bv 32 0x5)) (set r6 (+ (var r2) (bv 32 0x5))) (set cf (msb (+ (cast 33 false (var a)) (cast 33 false (var b))))) (set vf (&& (! (^^ (msb (var a)) (msb (var b)))) (^^ (msb (var a)) (msb (var r6))))) (set zf (is_zero (var r6))) (set nf (msb (var r6)))) a "add r6, r2, 5" 561d @@ -1144,5 +1144,5 @@ ad "wfi.w" aff30380 ad "yield" 10bf ad "yield.w" aff30180 d "add r1, pc" 7944 0x3ffd70ca (set r1 (+ (var r1) (bv 32 0x3ffd70ce))) -d "subw r5, pc, 0x27" aff22705 0x1000 (set r5 (bv 32 0xfdd)) +d "adr.w r5, -0x27" aff22705 0x1000 (set r5 (bv 32 0xfdd)) d "addw ip, ip, 0x604" 0cf2046c 0x0 (set r12 (+ (var r12) (bv 32 0x604))) diff --git a/test/db/asm/arm_32 b/test/db/asm/arm_32 index 6320cd5829c..bb743ef35c1 100644 --- a/test/db/asm/arm_32 +++ b/test/db/asm/arm_32 @@ -196,7 +196,7 @@ d "orreq r6, r6, r2, lsr 1" a2608601 d "orreq r3, r3, -0x80000000" 02318303 d "orrne r0, r0, r1, lsl ip" 110c8011 d "orrne r1, r1, r3" 03108111 -d "popeq {pc}" 04f09d04 +d "ldreq pc, [sp], 4" 04f09d04 d "popeq {r4, pc}" 1080bd08 d "popeq {r4, r5, pc}" 3080bd08 d "popeq {r3, r4, r5, pc}" 3880bd08 @@ -338,16 +338,16 @@ d "ldr r0, [r1, r4, ror 5]" e40291e7 0x0 (set r0 (loadw 0 32 (+ (var r1) (| (>> d "ldr r0, [r1, r4, rrx]" 640091e7 0x0 (set r0 (loadw 0 32 (+ (var r1) (>> (var r4) (bv 5 0x1) (var cf))))) d "ldrb r2, [r3]" 0020d3e5 0x0 (set r2 (cast 32 false (load 0 (var r3)))) d "ldrsb r2, [r3]" d020d3e1 0x0 (set r2 (cast 32 (msb (load 0 (var r3))) (load 0 (var r3)))) -d "ldrsbt r2, [r3], 0" d020f3e0 0x0 (seq (set r2 (cast 32 (msb (load 0 (var r3))) (load 0 (var r3)))) (set r3 (+ (var r3) (bv 32 0x0)))) +d "ldrsbt r2, [r3], 0" d020f3e0 0x0 (seq (set r2 (cast 32 (msb (load 0 (var r3))) (load 0 (var r3)))) (set r3 (var r3))) d "ldrh r0, [r1]" b000d1e1 0x0 (set r0 (cast 32 false (loadw 0 16 (var r1)))) d "ldrsh r4, [r2]" f040d2e1 0x0 (set r4 (cast 32 (msb (loadw 0 16 (var r2))) (loadw 0 16 (var r2)))) -d "ldrsht r4, [r2], 0" f040f2e0 0x0 (seq (set r4 (cast 32 (msb (loadw 0 16 (var r2))) (loadw 0 16 (var r2)))) (set r2 (+ (var r2) (bv 32 0x0)))) +d "ldrsht r4, [r2], 0" f040f2e0 0x0 (seq (set r4 (cast 32 (msb (loadw 0 16 (var r2))) (loadw 0 16 (var r2)))) (set r2 (var r2))) d "ldr r6, [pc, 0x48]" 48609fe5 0x10660 (set r6 (loadw 0 32 (bv 32 0x106b0))) d "ldr r2, [pc, -0x10]" 10201fe5 0x1000 (set r2 (loadw 0 32 (bv 32 0xff8))) d "ldr sb, [pc, r3]" 03909fe7 0x1000 (set r9 (loadw 0 32 (+ (bv 32 0x1008) (var r3)))) d "ldr r2, [fp, -0x10]!" 10203be5 0x0 (seq (set r11 (- (var r11) (bv 32 0x10))) (set r2 (loadw 0 32 (var r11)))) d "ldr r0, [r1], 4" 040091e4 0x0 (seq (set r0 (loadw 0 32 (var r1))) (set r1 (+ (var r1) (bv 32 0x4)))) -d "ldrt r0, [r1], 0" 0000b1e4 0x0 (seq (set r0 (loadw 0 32 (var r1))) (set r1 (+ (var r1) (bv 32 0x0)))) +d "ldrt r0, [r1], 0" 0000b1e4 0x0 (seq (set r0 (loadw 0 32 (var r1))) (set r1 (var r1))) d "ldrt r0, [r1], 4" 0400b1e4 0x0 (seq (set r0 (loadw 0 32 (var r1))) (set r1 (+ (var r1) (bv 32 0x4)))) d "ldrbt r0, [r1], 4" 0400f1e4 0x0 (seq (set r0 (cast 32 false (load 0 (var r1)))) (set r1 (+ (var r1) (bv 32 0x4)))) d "ldrht r0, [r1], 4" b400f1e0 0x0 (seq (set r0 (cast 32 false (loadw 0 16 (var r1)))) (set r1 (+ (var r1) (bv 32 0x4)))) @@ -439,7 +439,7 @@ d "stmib r0, {r1, r3, r4}" 1a0080e9 0x0 (seq (storew 0 (+ (var r0) (bv 32 0x4)) d "stmib r0!, {r1, r3, r4}" 1a00a0e9 0x0 (seq (storew 0 (+ (var r0) (bv 32 0x4)) (var r1)) (storew 0 (+ (var r0) (bv 32 0x8)) (var r3)) (storew 0 (+ (var r0) (bv 32 0xc)) (var r4)) (set r0 (+ (var r0) (bv 32 0xc)))) d "stmdb r0, {r1, r3, r4}" 1a0000e9 0x0 (seq (storew 0 (- (var r0) (bv 32 0xc)) (var r1)) (storew 0 (- (var r0) (bv 32 0x8)) (var r3)) (storew 0 (- (var r0) (bv 32 0x4)) (var r4))) d "stmdb r0!, {r1, r3, r4}" 1a0020e9 0x0 (seq (storew 0 (- (var r0) (bv 32 0xc)) (var r1)) (storew 0 (- (var r0) (bv 32 0x8)) (var r3)) (storew 0 (- (var r0) (bv 32 0x4)) (var r4)) (set r0 (- (var r0) (bv 32 0xc)))) -d "pop {fp}" 04b09de4 0x0 (seq (set base (var sp)) (set r11 (loadw 0 32 (+ (var base) (bv 32 0x0)))) (set sp (+ (var base) (bv 32 0x4)))) +d "ldr fp, [sp], 4" 04b09de4 0x0 (seq (set r11 (loadw 0 32 (var sp))) (set sp (+ (var sp) (bv 32 0x4)))) d "pop {r3, pc}" 0880bde8 0x0 (seq (set base (var sp)) (set r3 (loadw 0 32 (+ (var base) (bv 32 0x0)))) (set tgt (loadw 0 32 (+ (var base) (bv 32 0x4)))) (set sp (+ (var base) (bv 32 0x8))) (jmp (var tgt))) d "ldm r0, {r1, r3, r4}" 1a0090e8 0x0 (seq (set base (var r0)) (set r1 (loadw 0 32 (+ (var base) (bv 32 0x0)))) (set r3 (loadw 0 32 (+ (var base) (bv 32 0x4)))) (set r4 (loadw 0 32 (+ (var base) (bv 32 0x8))))) d "ldm r0!, {r1, r3, r4}" 1a00b0e8 0x0 (seq (set base (var r0)) (set r1 (loadw 0 32 (+ (var base) (bv 32 0x0)))) (set r3 (loadw 0 32 (+ (var base) (bv 32 0x4)))) (set r4 (loadw 0 32 (+ (var base) (bv 32 0x8)))) (set r0 (+ (var base) (bv 32 0xc)))) From ed1c50078acc48a3a07e041d9ee276b7bf941937 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Tue, 4 Jul 2023 05:36:21 -0500 Subject: [PATCH 018/106] Revert use of subtracted flag and move it into the macro --- librz/analysis/arch/arm/arm_accessors32.h | 2 +- librz/analysis/arch/arm/arm_il32.c | 9 ++++----- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/librz/analysis/arch/arm/arm_accessors32.h b/librz/analysis/arch/arm/arm_accessors32.h index 096ba3e635a..63ef2468161 100644 --- a/librz/analysis/arch/arm/arm_accessors32.h +++ b/librz/analysis/arch/arm/arm_accessors32.h @@ -17,7 +17,7 @@ // s/index/base|reg/ #define HASMEMINDEX(x) (insn->detail->arm.operands[x].mem.index != ARM_REG_INVALID) #define ISMEMINDEXSUB(x) insn->detail->arm.operands[x].subtracted -#define MEMDISP(x) insn->detail->arm.operands[x].mem.disp +#define MEMDISP(x) (ISMEMINDEXSUB(x) ? -insn->detail->arm.operands[x].mem.disp : insn->detail->arm.operands[x].mem.disp) #define MEMDISP_BV(x) (HASMEMINDEX(x) ? REG_VAL(insn->detail->arm.operands[x].mem.index) : U32(MEMDISP(x))) #define ISIMM(x) (insn->detail->arm.operands[x].type == ARM_OP_IMM || insn->detail->arm.operands[x].type == ARM_OP_FP) #define ISREG(x) (insn->detail->arm.operands[x].type == ARM_OP_REG) diff --git a/librz/analysis/arch/arm/arm_il32.c b/librz/analysis/arch/arm/arm_il32.c index 686f996185a..56f859ac138 100644 --- a/librz/analysis/arch/arm/arm_il32.c +++ b/librz/analysis/arch/arm/arm_il32.c @@ -527,10 +527,10 @@ static RzILOpBitVector *arg(cs_insn *insn, bool is_thumb, int n, RZ_NULLABLE RzI case ARM_OP_MEM: { RzILOpBitVector *addr = MEMBASE(n); int disp = MEMDISP(n); - if (disp != 0 && !op->subtracted) { + if (disp > 0) { addr = ADD(addr, U32(disp)); - } else if (disp != 0 && op->subtracted) { - addr = SUB(addr, U32(disp)); + } else if (disp < 0) { + addr = SUB(addr, U32(-disp)); } return arg_mem(addr, &insn->detail->arm.operands[n], carry_out); } @@ -799,8 +799,7 @@ static RzILOpEffect *ldr(cs_insn *insn, bool is_thumb) { cs_arm_op *memop = &insn->detail->arm.operands[mem_idx]; if (memop->mem.base == ARM_REG_PC) { // LDR (literal) is different in the sense that it aligns the pc value: - int32_t mem_disp = memop->subtracted ? -MEMDISP(mem_idx) : MEMDISP(mem_idx); - addr = arg_mem(U32(PCALIGN(insn->address, is_thumb) + mem_disp), memop, NULL); + addr = arg_mem(U32(PCALIGN(insn->address, is_thumb) + MEMDISP(mem_idx)), memop, NULL); } else { addr = ARG(mem_idx); } From 807b753b160ea9fa30e80ce1823024bc28b39179 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Tue, 4 Jul 2023 13:58:50 -0500 Subject: [PATCH 019/106] Check for VPT blocks. --- librz/asm/arch/arm/arm_it.c | 2 +- librz/asm/p/asm_arm_cs.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/librz/asm/arch/arm/arm_it.c b/librz/asm/arch/arm/arm_it.c index f764723c26f..564032510f7 100644 --- a/librz/asm/arch/arm/arm_it.c +++ b/librz/asm/arch/arm/arm_it.c @@ -52,7 +52,7 @@ RZ_API void rz_arm_it_update_block(RzArmITContext *ctx, cs_insn *insn) { cond.cond = insn->detail->arm.cc; break; case 0x65: //'e' - cond.cond = (insn->detail->arm.cc % 2) ? insn->detail->arm.cc + 1 : insn->detail->arm.cc - 1; + cond.cond = ARMCC_getOppositeCondition(insn->detail->arm.cc); break; default: break; diff --git a/librz/asm/p/asm_arm_cs.c b/librz/asm/p/asm_arm_cs.c index 59e427e61af..8aa682513d4 100644 --- a/librz/asm/p/asm_arm_cs.c +++ b/librz/asm/p/asm_arm_cs.c @@ -119,7 +119,7 @@ static int disassemble(RzAsm *a, RzAsmOp *op, const ut8 *buf, int len) { } if (op && !op->size) { op->size = insn->size; - if (insn->id == ARM_INS_IT) { + if (insn->id == ARM_INS_IT || insn->id == ARM_INS_VPT) { rz_arm_it_update_block(&ctx->it, insn); } else { rz_arm_it_update_nonblock(&ctx->it, insn); From 6c40cfed1fc52714499d69daf0410d01b05cc082 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 5 Jul 2023 12:30:16 -0500 Subject: [PATCH 020/106] Fix more incorrect usages of mem disponents --- librz/analysis/arch/arm/arm_accessors32.h | 5 +-- librz/analysis/arch/arm/arm_esil32.c | 41 ++++++----------------- 2 files changed, 13 insertions(+), 33 deletions(-) diff --git a/librz/analysis/arch/arm/arm_accessors32.h b/librz/analysis/arch/arm/arm_accessors32.h index 63ef2468161..9caf6406e1e 100644 --- a/librz/analysis/arch/arm/arm_accessors32.h +++ b/librz/analysis/arch/arm/arm_accessors32.h @@ -39,6 +39,7 @@ SHIFTTYPE(x) == ARM_SFT_RRX_REG) #define SHIFTVALUE(x) insn->detail->arm.operands[x].shift.value +#define ISPOSTINDEX() insn->detail->arm.post_index #define ISWRITEBACK32() insn->detail->writeback -#define ISPREINDEX32() (((OPCOUNT() == 2) && (ISMEM(1)) && (ISWRITEBACK32())) || ((OPCOUNT() == 3) && (ISMEM(2)) && (ISWRITEBACK32()))) -#define ISPOSTINDEX32() (((OPCOUNT() == 3) && (ISIMM(2) || ISREG(2)) && (ISWRITEBACK32())) || ((OPCOUNT() == 4) && (ISIMM(3) || ISREG(3)) && (ISWRITEBACK32()))) +#define ISPREINDEX32() (((OPCOUNT() == 2) && (ISMEM(1)) && (ISWRITEBACK32()) && (!ISPOSTINDEX())) || \ + ((OPCOUNT() == 3) && (ISMEM(2)) && (ISWRITEBACK32()) && (!ISPOSTINDEX()))) diff --git a/librz/analysis/arch/arm/arm_esil32.c b/librz/analysis/arch/arm/arm_esil32.c index e171222298b..5e868f1e0b6 100644 --- a/librz/analysis/arch/arm/arm_esil32.c +++ b/librz/analysis/arch/arm/arm_esil32.c @@ -670,20 +670,6 @@ r6,r5,r4,3,sp,[*],12,sp,+= } } } - if (OPCOUNT() == 4) { // e.g. 'strd r2, r3, [r4], 4' or 'strd r2, r3, [r4], r5' - if (ISIMM(3)) { // e.g. 'strd r2, r3, [r4], 4' - rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[%d],%s,4,%s,+,0xffffffff,&,=[%d],%d,%s,+=,", - REG(0), MEMBASE(2), str_ldr_bytes, REG(1), MEMBASE(2), str_ldr_bytes, IMM(3), MEMBASE(2)); - } - if (ISREG(3)) { // e.g. 'strd r2, r3, [r4], r5' - if (ISSHIFTED(3)) { - // same as above - } else { - rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[%d],%s,4,%s,+,0xffffffff,&,=[%d],%s,%s,+=", - REG(0), MEMBASE(2), str_ldr_bytes, REG(1), MEMBASE(2), str_ldr_bytes, REG(3), MEMBASE(2)); - } - } - } break; case ARM_INS_TST: rz_strbuf_appendf(&op->esil, "0,%s,%s,&,==", ARG(1), ARG(0)); @@ -731,10 +717,10 @@ r6,r5,r4,3,sp,[*],12,sp,+= MEMDISP(2), MEMBASE(2), REG(0), REG(1)); } if (insn->detail->writeback) { - if (ISPOSTINDEX32()) { - if (ISIMM(3)) { + if (ISPOSTINDEX()) { + if (!HASMEMINDEX(2)) { rz_strbuf_appendf(&op->esil, ",%s,%d,+,%s,=", - MEMBASE(2), IMM(3), MEMBASE(2)); + MEMBASE(2), MEMDISP(2), MEMBASE(2)); } else { const char op_index = ISMEMINDEXSUB(3) ? '-' : '+'; rz_strbuf_appendf(&op->esil, ",%s,%s,%c,%s,=", @@ -766,13 +752,8 @@ r6,r5,r4,3,sp,[*],12,sp,+= MEMBASE(1), MEMDISP(1), REG(0)); } if (insn->detail->writeback) { - if (ISIMM(2)) { - rz_strbuf_appendf(&op->esil, ",%s,%d,+,%s,=", - MEMBASE(1), IMM(2), MEMBASE(1)); - } else { - rz_strbuf_appendf(&op->esil, ",%s,%d,+,%s,=", - MEMBASE(1), MEMDISP(1), MEMBASE(1)); - } + rz_strbuf_appendf(&op->esil, ",%s,%d,+,%s,=", + MEMBASE(1), MEMDISP(1), MEMBASE(1)); } break; case ARM_INS_SXTH: @@ -854,18 +835,16 @@ r6,r5,r4,3,sp,[*],12,sp,+= } else if (HASMEMINDEX(1)) { // e.g. `ldr r2, [r3, r1]` rz_strbuf_appendf(&op->esil, "%s,%s,+,0xffffffff,&,[4],0x%x,&,%s,=", MEMINDEX(1), MEMBASE(1), mask, REG(0)); + } else if (ISPOSTINDEX()) { + rz_strbuf_appendf(&op->esil, "%s,0xffffffff,&,[4],0x%x,&,%s,=", + MEMBASE(1), mask, REG(0)); } else { rz_strbuf_appendf(&op->esil, "%d,%s,+,0xffffffff,&,[4],0x%x,&,%s,=", MEMDISP(1), MEMBASE(1), mask, REG(0)); } if (insn->detail->writeback) { - if (ISIMM(2)) { - rz_strbuf_appendf(&op->esil, ",%s,%d,+,%s,=", - MEMBASE(1), IMM(2), MEMBASE(1)); - } else { - rz_strbuf_appendf(&op->esil, ",%s,%d,+,%s,=", - MEMBASE(1), MEMDISP(1), MEMBASE(1)); - } + rz_strbuf_appendf(&op->esil, ",%s,%d,+,%s,=", + MEMBASE(1), MEMDISP(1), MEMBASE(1)); } } } From 39a2b0c8d0442a8de70afeed8bddea7318e10d3d Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 5 Jul 2023 13:09:38 -0500 Subject: [PATCH 021/106] Fix restoring of condition codes. --- librz/asm/arch/arm/arm_it.c | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/librz/asm/arch/arm/arm_it.c b/librz/asm/arch/arm/arm_it.c index 564032510f7..9c326c20a1f 100644 --- a/librz/asm/arch/arm/arm_it.c +++ b/librz/asm/arch/arm/arm_it.c @@ -13,6 +13,7 @@ typedef union arm_cs_itcond_t { struct { ut32 cond; ///< arm_cc ut8 off; ///< offset of this instruction from the it, for back-referencing to the ArmCSITBlock + ut8 vpt; ///< >0 if it is a VCC condition. 0 otherwise. }; ut64 packed; ///< for putting into HtUU } ArmCSITCond; @@ -32,7 +33,8 @@ RZ_API void rz_arm_it_context_fini(RzArmITContext *ctx) { * \p insn must be ARM_INS_IT */ RZ_API void rz_arm_it_update_block(RzArmITContext *ctx, cs_insn *insn) { - rz_return_if_fail(ctx && insn && insn->id == ARM_INS_IT); + rz_return_if_fail(ctx && insn && (insn->id == ARM_INS_IT || insn->id == ARM_INS_VPT)); + bool is_vpt = insn->id == ARM_INS_VPT; bool found; ht_uu_find(ctx->ht_itblock, insn->address, &found); if (found) { @@ -49,14 +51,21 @@ RZ_API void rz_arm_it_update_block(RzArmITContext *ctx, cs_insn *insn) { cond.off = block.off[i - 1] = 2 * i; switch (insn->mnemonic[i]) { case 0x74: //'t' - cond.cond = insn->detail->arm.cc; + cond.cond = is_vpt ? insn->detail->arm.vcc : insn->detail->arm.cc; break; case 0x65: //'e' - cond.cond = ARMCC_getOppositeCondition(insn->detail->arm.cc); + if (is_vpt) { + cond.cond = insn->detail->arm.vcc; + } else if (insn->detail->arm.cc == ARMCC_AL) { + cond.cond = ARMCC_AL; + } else { + cond.cond = ARMCC_getOppositeCondition(insn->detail->arm.cc); + } break; default: break; } + cond.vpt = is_vpt ? 1 : 0; RZ_STATIC_ASSERT(sizeof(cond) == sizeof(cond.packed)); ht_uu_update(ctx->ht_itcond, insn->address + cond.off, cond.packed); } @@ -91,7 +100,11 @@ RZ_API bool rz_arm_it_apply_cond(RzArmITContext *ctx, cs_insn *insn) { if (!found) { return false; } - insn->detail->arm.cc = cond.cond; + if (cond.vpt) { + insn->detail->arm.vcc = cond.cond; + } else { + insn->detail->arm.cc = cond.cond; + } insn->detail->arm.update_flags = 0; // Readjust if we detected that the previous assumption of all-2-byte instructions in From 2ca8cbbf8cfff5851806215e9e4459a748bf68db Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 5 Jul 2023 16:56:34 -0500 Subject: [PATCH 022/106] Test for shifting via registers. --- librz/analysis/arch/arm/arm_accessors32.h | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/librz/analysis/arch/arm/arm_accessors32.h b/librz/analysis/arch/arm/arm_accessors32.h index 9caf6406e1e..ec45d03a745 100644 --- a/librz/analysis/arch/arm/arm_accessors32.h +++ b/librz/analysis/arch/arm/arm_accessors32.h @@ -31,12 +31,12 @@ #define LSHIFT(x) 0 #define LSHIFT2(x) 0 #endif -#define OPCOUNT() insn->detail->arm.op_count -#define ISSHIFTED(x) (insn->detail->arm.operands[x].shift.type != ARM_SFT_INVALID && insn->detail->arm.operands[x].shift.value != 0) -#define SHIFTTYPE(x) insn->detail->arm.operands[x].shift.type +#define OPCOUNT() insn->detail->arm.op_count +#define ISSHIFTED(x) (insn->detail->arm.operands[x].shift.type != ARM_SFT_INVALID && insn->detail->arm.operands[x].shift.value != 0) +#define SHIFTTYPE(x) insn->detail->arm.operands[x].shift.type #define SHIFTTYPEREG(x) (SHIFTTYPE(x) == ARM_SFT_ASR_REG || SHIFTTYPE(x) == ARM_SFT_LSL_REG || \ - SHIFTTYPE(x) == ARM_SFT_LSR_REG || SHIFTTYPE(x) == ARM_SFT_ROR_REG || \ - SHIFTTYPE(x) == ARM_SFT_RRX_REG) + SHIFTTYPE(x) == ARM_SFT_LSR_REG || SHIFTTYPE(x) == ARM_SFT_ROR_REG || \ + SHIFTTYPE(x) == ARM_SFT_RRX_REG) #define SHIFTVALUE(x) insn->detail->arm.operands[x].shift.value #define ISPOSTINDEX() insn->detail->arm.post_index From 2d6a55ae223f5d6a8ed29d07077d811a663378e0 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 5 Jul 2023 16:57:21 -0500 Subject: [PATCH 023/106] Fix: mem index is no longer its own operand. --- librz/analysis/arch/arm/arm_esil32.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/librz/analysis/arch/arm/arm_esil32.c b/librz/analysis/arch/arm/arm_esil32.c index 5e868f1e0b6..2999d6ae0c6 100644 --- a/librz/analysis/arch/arm/arm_esil32.c +++ b/librz/analysis/arch/arm/arm_esil32.c @@ -545,7 +545,7 @@ r6,r5,r4,3,sp,[*],12,sp,+= default: str_ldr_bytes = 4; } - if (OPCOUNT() == 2) { + if (!ISPOSTINDEX()) { if (ISMEM(1) && !HASMEMINDEX(1)) { int disp = MEMDISP(1); char sign = disp >= 0 ? '+' : '-'; @@ -609,28 +609,28 @@ r6,r5,r4,3,sp,[*],12,sp,+= } } } - if (OPCOUNT() == 3) { // e.g. 'str r2, [r3], 4 - if (ISIMM(2) && str_ldr_bytes != 8) { // e.g. 'str r2, [r3], 4 + if (ISPOSTINDEX()) { // e.g. 'str r2, [r3], 4 + if (!HASMEMINDEX(1)) { // e.g. 'str r2, [r3], 4 rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[%d],%d,%s,+=", REG(0), MEMBASE(1), str_ldr_bytes, IMM(2), MEMBASE(1)); - } else if (str_ldr_bytes != 8) { + } else { // e.g. 'str r2, [r3], r1 if (ISSHIFTED(2)) { // e.g. 'str r2, [r3], r1, lsl 4' switch (SHIFTTYPE(2)) { case ARM_SFT_LSL: rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[%d],%s,%d,%s,<<,+,%s,=", - REG(0), MEMBASE(1), str_ldr_bytes, MEMBASE(1), SHIFTVALUE(2), REG(2), MEMBASE(1)); + REG(0), MEMBASE(1), str_ldr_bytes, MEMBASE(1), SHIFTVALUE(2), MEMINDEX(1), MEMBASE(1)); break; case ARM_SFT_LSR: rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[%d],%s,%d,%s,>>,+,%s,=", - REG(0), MEMBASE(1), str_ldr_bytes, MEMBASE(1), SHIFTVALUE(2), REG(2), MEMBASE(1)); + REG(0), MEMBASE(1), str_ldr_bytes, MEMBASE(1), SHIFTVALUE(2), MEMINDEX(1), MEMBASE(1)); break; case ARM_SFT_ASR: rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[%d],%s,%d,%s,>>>>,+,%s,=", - REG(0), MEMBASE(1), str_ldr_bytes, MEMBASE(1), SHIFTVALUE(2), REG(2), MEMBASE(1)); + REG(0), MEMBASE(1), str_ldr_bytes, MEMBASE(1), SHIFTVALUE(2), MEMINDEX(1), MEMBASE(1)); break; case ARM_SFT_ROR: rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[%d],%s,%d,%s,>>>,+,%s,=", - REG(0), MEMBASE(1), str_ldr_bytes, MEMBASE(1), SHIFTVALUE(2), REG(2), MEMBASE(1)); + REG(0), MEMBASE(1), str_ldr_bytes, MEMBASE(1), SHIFTVALUE(2), MEMINDEX(1), MEMBASE(1)); break; case ARM_SFT_RRX: // TODO @@ -641,7 +641,7 @@ r6,r5,r4,3,sp,[*],12,sp,+= } } else { // No shift rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[%d],%s,%s,+=", - REG(0), MEMBASE(1), str_ldr_bytes, REG(2), MEMBASE(1)); + REG(0), MEMBASE(1), str_ldr_bytes, MEMINDEX(1), MEMBASE(1)); } } if (ISREG(1) && str_ldr_bytes == 8) { // e.g. 'strd r2, r3, [r4]', normally should be the only case for ISREG(1). From ff6003be55793d736064aa976a0f44bc4ab82181 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 5 Jul 2023 17:01:33 -0500 Subject: [PATCH 024/106] Update ids for new ones --- test/db/analysis/arm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/db/analysis/arm b/test/db/analysis/arm index 39ab6e034ac..c1bd150ec29 100644 --- a/test/db/analysis/arm +++ b/test/db/analysis/arm @@ -912,7 +912,7 @@ pseudo: push (r3, lr) mnemonic: push mask: ffffffff prefix: 0 -id: 128 +id: 635 bytes: 08402de9 refptr: 0 size: 4 @@ -934,7 +934,7 @@ mnemonic: add description: add two values mask: ffff prefix: 0 -id: 2 +id: 31 bytes: 00af refptr: 0 size: 2 From a6a6fa46f924994e07776740959cc79b4689a69b Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 6 Jul 2023 10:47:18 -0500 Subject: [PATCH 025/106] Fix another memdisp post_index bug --- librz/analysis/arch/arm/arm_esil32.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/librz/analysis/arch/arm/arm_esil32.c b/librz/analysis/arch/arm/arm_esil32.c index 2999d6ae0c6..792727f6352 100644 --- a/librz/analysis/arch/arm/arm_esil32.c +++ b/librz/analysis/arch/arm/arm_esil32.c @@ -612,7 +612,7 @@ r6,r5,r4,3,sp,[*],12,sp,+= if (ISPOSTINDEX()) { // e.g. 'str r2, [r3], 4 if (!HASMEMINDEX(1)) { // e.g. 'str r2, [r3], 4 rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[%d],%d,%s,+=", - REG(0), MEMBASE(1), str_ldr_bytes, IMM(2), MEMBASE(1)); + REG(0), MEMBASE(1), str_ldr_bytes, MEMDISP(1), MEMBASE(1)); } else { // e.g. 'str r2, [r3], r1 if (ISSHIFTED(2)) { // e.g. 'str r2, [r3], r1, lsl 4' switch (SHIFTTYPE(2)) { From f157c5778f552c266b901bd8d26bf7a2243b04ff Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 6 Jul 2023 10:48:27 -0500 Subject: [PATCH 026/106] Formatting --- librz/analysis/arch/arm/arm_accessors32.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/librz/analysis/arch/arm/arm_accessors32.h b/librz/analysis/arch/arm/arm_accessors32.h index ec45d03a745..4a4b472e9b6 100644 --- a/librz/analysis/arch/arm/arm_accessors32.h +++ b/librz/analysis/arch/arm/arm_accessors32.h @@ -31,15 +31,15 @@ #define LSHIFT(x) 0 #define LSHIFT2(x) 0 #endif -#define OPCOUNT() insn->detail->arm.op_count -#define ISSHIFTED(x) (insn->detail->arm.operands[x].shift.type != ARM_SFT_INVALID && insn->detail->arm.operands[x].shift.value != 0) -#define SHIFTTYPE(x) insn->detail->arm.operands[x].shift.type +#define OPCOUNT() insn->detail->arm.op_count +#define ISSHIFTED(x) (insn->detail->arm.operands[x].shift.type != ARM_SFT_INVALID && insn->detail->arm.operands[x].shift.value != 0) +#define SHIFTTYPE(x) insn->detail->arm.operands[x].shift.type #define SHIFTTYPEREG(x) (SHIFTTYPE(x) == ARM_SFT_ASR_REG || SHIFTTYPE(x) == ARM_SFT_LSL_REG || \ - SHIFTTYPE(x) == ARM_SFT_LSR_REG || SHIFTTYPE(x) == ARM_SFT_ROR_REG || \ - SHIFTTYPE(x) == ARM_SFT_RRX_REG) + SHIFTTYPE(x) == ARM_SFT_LSR_REG || SHIFTTYPE(x) == ARM_SFT_ROR_REG || \ + SHIFTTYPE(x) == ARM_SFT_RRX_REG) #define SHIFTVALUE(x) insn->detail->arm.operands[x].shift.value #define ISPOSTINDEX() insn->detail->arm.post_index #define ISWRITEBACK32() insn->detail->writeback #define ISPREINDEX32() (((OPCOUNT() == 2) && (ISMEM(1)) && (ISWRITEBACK32()) && (!ISPOSTINDEX())) || \ - ((OPCOUNT() == 3) && (ISMEM(2)) && (ISWRITEBACK32()) && (!ISPOSTINDEX()))) + ((OPCOUNT() == 3) && (ISMEM(2)) && (ISWRITEBACK32()) && (!ISPOSTINDEX()))) From dc32b615d23a5278239b70bbe54b4015936830f2 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 6 Jul 2023 11:23:19 -0500 Subject: [PATCH 027/106] Another post_index --- librz/analysis/arch/arm/arm_esil32.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/librz/analysis/arch/arm/arm_esil32.c b/librz/analysis/arch/arm/arm_esil32.c index 792727f6352..10f7e829068 100644 --- a/librz/analysis/arch/arm/arm_esil32.c +++ b/librz/analysis/arch/arm/arm_esil32.c @@ -749,7 +749,7 @@ r6,r5,r4,3,sp,[*],12,sp,+= MEMINDEX(1), MEMBASE(1), REG(0)); } else { rz_strbuf_appendf(&op->esil, "%s,%d,+,[1],%s,=", - MEMBASE(1), MEMDISP(1), REG(0)); + MEMBASE(1), ISPOSTINDEX() ? 0 : MEMDISP(1), REG(0)); } if (insn->detail->writeback) { rz_strbuf_appendf(&op->esil, ",%s,%d,+,%s,=", From 3a7e928e3844922ea74fce7af3e253353501e783 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 6 Jul 2023 13:32:29 -0500 Subject: [PATCH 028/106] Fix 8 byte stores. --- librz/analysis/arch/arm/arm_esil32.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/librz/analysis/arch/arm/arm_esil32.c b/librz/analysis/arch/arm/arm_esil32.c index 10f7e829068..3ee33078ab9 100644 --- a/librz/analysis/arch/arm/arm_esil32.c +++ b/librz/analysis/arch/arm/arm_esil32.c @@ -610,10 +610,10 @@ r6,r5,r4,3,sp,[*],12,sp,+= } } if (ISPOSTINDEX()) { // e.g. 'str r2, [r3], 4 - if (!HASMEMINDEX(1)) { // e.g. 'str r2, [r3], 4 + if (!HASMEMINDEX(1) && (str_ldr_bytes != 8)) { // e.g. 'str r2, [r3], 4 rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[%d],%d,%s,+=", REG(0), MEMBASE(1), str_ldr_bytes, MEMDISP(1), MEMBASE(1)); - } else { // e.g. 'str r2, [r3], r1 + } else if (str_ldr_bytes != 8) { // e.g. 'str r2, [r3], r1 if (ISSHIFTED(2)) { // e.g. 'str r2, [r3], r1, lsl 4' switch (SHIFTTYPE(2)) { case ARM_SFT_LSL: @@ -643,8 +643,7 @@ r6,r5,r4,3,sp,[*],12,sp,+= rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[%d],%s,%s,+=", REG(0), MEMBASE(1), str_ldr_bytes, MEMINDEX(1), MEMBASE(1)); } - } - if (ISREG(1) && str_ldr_bytes == 8) { // e.g. 'strd r2, r3, [r4]', normally should be the only case for ISREG(1). + } else if (ISREG(1) && str_ldr_bytes == 8) { // e.g. 'strd r2, r3, [r4]', normally should be the only case for ISREG(1). if (!HASMEMINDEX(2)) { int disp = MEMDISP(2); char sign = disp >= 0 ? '+' : '-'; @@ -659,10 +658,10 @@ r6,r5,r4,3,sp,[*],12,sp,+= if (ISSHIFTED(2)) { // it seems strd does not support SHIFT which is good, but have a check nonetheless } else { - const char sign = ISMEMINDEXSUB(2) ? '-' : '+'; - rz_strbuf_appendf(&op->esil, "%s,%s,%s,%c,0xffffffff,&,=[4],%s,4,%s,+,%s,%c,0xffffffff,&,=[4]", - REG(0), MEMINDEX(2), MEMBASE(2), sign, REG(1), MEMINDEX(2), MEMBASE(2), sign); - if (insn->detail->arm.writeback) { + rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[4],%s,4,%s,+,0xffffffff,&,=[4]", + REG(0), MEMBASE(2), REG(1), MEMBASE(2)); + if (insn->detail->writeback) { + const char sign = ISMEMINDEXSUB(2) ? '-' : '+'; rz_strbuf_appendf(&op->esil, ",%s,%s,%c=", MEMINDEX(2), MEMBASE(2), sign); } From 53c9784e21097bea77895f46989ec3d0fb33a5d1 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 6 Jul 2023 13:33:30 -0500 Subject: [PATCH 029/106] Add flag checking for MOV with shifts. --- librz/analysis/arch/arm/arm_esil32.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/librz/analysis/arch/arm/arm_esil32.c b/librz/analysis/arch/arm/arm_esil32.c index 3ee33078ab9..24dfd29b162 100644 --- a/librz/analysis/arch/arm/arm_esil32.c +++ b/librz/analysis/arch/arm/arm_esil32.c @@ -995,6 +995,22 @@ r6,r5,r4,3,sp,[*],12,sp,+= case ARM_INS_CMN: rz_strbuf_appendf(&op->esil, ",$z,zf,:=,31,$s,nf,:=,31,$c,cf,:=,31,$o,vf,:="); break; + case ARM_INS_MOV: + switch (SHIFTTYPE(1)) { + default: + break; + case ARM_SFT_LSL: + case ARM_SFT_LSL_REG: + rz_strbuf_appendf(&op->esil, ",%s,!,!,?{,%s,32,-,%s,>>,cf,:=,}", ARG(1), ARG(1), ARG(0)); + break; + case ARM_SFT_LSR: + case ARM_SFT_LSR_REG: + case ARM_SFT_ASR: + case ARM_SFT_ASR_REG: + rz_strbuf_appendf(&op->esil, ",%s,!,!,?{,%s,1,%s,-,0x1,<<,&,!,!,cf,:=,}", ARG(1), ARG(0), ARG(1)); + break; + } + // fallthrough default: rz_strbuf_appendf(&op->esil, ",$z,zf,:=,31,$s,nf,:="); } From 838ceba1fed79dc57c06e79df9c0fa0205fa68c3 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 20 Jul 2023 09:34:09 -0500 Subject: [PATCH 030/106] Revert "[REVERT ME] Add auto-sync Capstone" This reverts commit b86eb6dc6c1c8046307f27593cce13cb89d301df. --- meson_options.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meson_options.txt b/meson_options.txt index 1c1ed0f347e..3f463091bc0 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -20,7 +20,7 @@ option('rizin_bindings', type: 'string', value: '', description: 'Path where riz option('checks_level', type: 'integer', value: 9999, description: 'Value between 0 and 3 to enable different level of assert (see RZ_CHECKS_LEVEL). By default its value depends on buildtype (2 on debug, 1 on release).') option('use_sys_capstone', type: 'feature', value: 'disabled') -option('use_capstone_version', type: 'combo', choices: ['v3', 'v4', 'v5', 'next', 'auto-sync-arm'], value: 'auto-sync-arm', description: 'Specify which version of capstone to use') +option('use_capstone_version', type: 'combo', choices: ['v3', 'v4', 'v5', 'next'], value: 'next', description: 'Specify which version of capstone to use') option('use_sys_magic', type: 'feature', value: 'disabled') option('use_sys_libzip', type: 'feature', value: 'disabled') option('use_sys_libzip_openssl', type: 'boolean', value: false, description: 'Whether to use or not system openssl dependency to build libzip') From 9b7ff2cfb56cf1c2038aac6070efed42b66cf7d0 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 20 Jul 2023 09:46:07 -0500 Subject: [PATCH 031/106] Remove capstone-auto-sync subproject and replace with next --- subprojects/capstone-auto-sync-arm.wrap | 6 -- subprojects/capstone-next.wrap | 2 +- .../capstone-auto-sync-arm/meson.build | 98 ------------------- .../packagefiles/capstone-next/meson.build | 5 +- 4 files changed, 5 insertions(+), 106 deletions(-) delete mode 100644 subprojects/capstone-auto-sync-arm.wrap delete mode 100644 subprojects/packagefiles/capstone-auto-sync-arm/meson.build diff --git a/subprojects/capstone-auto-sync-arm.wrap b/subprojects/capstone-auto-sync-arm.wrap deleted file mode 100644 index 9c4c98946d2..00000000000 --- a/subprojects/capstone-auto-sync-arm.wrap +++ /dev/null @@ -1,6 +0,0 @@ -[wrap-git] -url = https://github.com/Rot127/capstone.git -revision = auto-sync -directory = capstone-auto-sync-arm -depth = 1 -patch_directory = capstone-auto-sync-arm diff --git a/subprojects/capstone-next.wrap b/subprojects/capstone-next.wrap index ca2a1e47cf0..196aca72591 100644 --- a/subprojects/capstone-next.wrap +++ b/subprojects/capstone-next.wrap @@ -1,5 +1,5 @@ [wrap-git] url = https://github.com/capstone-engine/capstone.git -revision = 097c04d9413c59a58b00d4d1c8d5dc0ac158ffaa +revision = 0daa5044b8904d55e7628f3528d588c1354cd275 directory = capstone-next patch_directory = capstone-next diff --git a/subprojects/packagefiles/capstone-auto-sync-arm/meson.build b/subprojects/packagefiles/capstone-auto-sync-arm/meson.build deleted file mode 100644 index 708fcfdc470..00000000000 --- a/subprojects/packagefiles/capstone-auto-sync-arm/meson.build +++ /dev/null @@ -1,98 +0,0 @@ -project('capstone', 'c', version: '5.0', meson_version: '>=0.55.0') - -cs_files = [ - 'arch/AArch64/AArch64BaseInfo.c', - 'arch/AArch64/AArch64Disassembler.c', - 'arch/AArch64/AArch64InstPrinter.c', - 'arch/AArch64/AArch64Mapping.c', - 'arch/AArch64/AArch64Module.c', - 'arch/ARM/ARMBaseInfo.c', - 'arch/ARM/ARMDisassemblerExtension.c', - 'arch/ARM/ARMDisassembler.c', - 'arch/ARM/ARMInstPrinter.c', - 'arch/ARM/ARMMapping.c', - 'arch/ARM/ARMModule.c', - 'arch/M680X/M680XDisassembler.c', - 'arch/M680X/M680XInstPrinter.c', - 'arch/M680X/M680XModule.c', - 'arch/M68K/M68KDisassembler.c', - 'arch/M68K/M68KInstPrinter.c', - 'arch/M68K/M68KModule.c', - 'arch/Mips/MipsDisassembler.c', - 'arch/Mips/MipsInstPrinter.c', - 'arch/Mips/MipsMapping.c', - 'arch/Mips/MipsModule.c', - 'arch/PowerPC/PPCDisassembler.c', - 'arch/PowerPC/PPCInstPrinter.c', - 'arch/PowerPC/PPCMapping.c', - 'arch/PowerPC/PPCModule.c', - 'arch/Sparc/SparcDisassembler.c', - 'arch/Sparc/SparcInstPrinter.c', - 'arch/Sparc/SparcMapping.c', - 'arch/Sparc/SparcModule.c', - 'arch/SystemZ/SystemZDisassembler.c', - 'arch/SystemZ/SystemZInstPrinter.c', - 'arch/SystemZ/SystemZMapping.c', - 'arch/SystemZ/SystemZMCTargetDesc.c', - 'arch/SystemZ/SystemZModule.c', - 'arch/TMS320C64x/TMS320C64xDisassembler.c', - 'arch/TMS320C64x/TMS320C64xInstPrinter.c', - 'arch/TMS320C64x/TMS320C64xMapping.c', - 'arch/TMS320C64x/TMS320C64xModule.c', - 'arch/X86/X86ATTInstPrinter.c', - 'arch/X86/X86Disassembler.c', - 'arch/X86/X86DisassemblerDecoder.c', - 'arch/X86/X86IntelInstPrinter.c', - 'arch/X86/X86Mapping.c', - 'arch/X86/X86Module.c', - 'arch/X86/X86InstPrinterCommon.c', - 'arch/XCore/XCoreDisassembler.c', - 'arch/XCore/XCoreInstPrinter.c', - 'arch/XCore/XCoreMapping.c', - 'arch/XCore/XCoreModule.c', - 'arch/TriCore/TriCoreDisassembler.c', - 'arch/TriCore/TriCoreInstPrinter.c', - 'arch/TriCore/TriCoreMapping.c', - 'arch/TriCore/TriCoreModule.c', - 'cs.c', - 'Mapping.c', - 'MCInst.c', - 'MCInstrDesc.c', - 'MCInstPrinter.c', - 'MCRegisterInfo.c', - 'SStream.c', - 'Mapping.c', - 'utils.c', -] - -capstone_includes = [include_directories('include'), include_directories('include/capstone')] - -libcapstone_c_args = [ - '-DCAPSTONE_X86_ATT_DISABLE_NO', - '-DCAPSTONE_X86_REDUCE_NO', - '-DCAPSTONE_USE_SYS_DYN_MEM', - '-DCAPSTONE_DIET_NO', - '-DCAPSTONE_HAS_ARM', - '-DCAPSTONE_HAS_ARM64', - '-DCAPSTONE_HAS_M68K', - '-DCAPSTONE_HAS_M680X', - '-DCAPSTONE_HAS_MIPS', - '-DCAPSTONE_HAS_POWERPC', - '-DCAPSTONE_HAS_SPARC', - '-DCAPSTONE_HAS_SYSZ', - '-DCAPSTONE_HAS_X86', - '-DCAPSTONE_HAS_XCORE', - '-DCAPSTONE_HAS_TMS320C64X', - '-DCAPSTONE_HAS_TRICORE', -] - -libcapstone = library('capstone', cs_files, - c_args: libcapstone_c_args, - include_directories: capstone_includes, - implicit_include_directories: false -) - -capstone_dep = declare_dependency( - link_with: libcapstone, - include_directories: capstone_includes -) diff --git a/subprojects/packagefiles/capstone-next/meson.build b/subprojects/packagefiles/capstone-next/meson.build index 647b1478dfb..93220396e68 100644 --- a/subprojects/packagefiles/capstone-next/meson.build +++ b/subprojects/packagefiles/capstone-next/meson.build @@ -6,7 +6,9 @@ cs_files = [ 'arch/AArch64/AArch64InstPrinter.c', 'arch/AArch64/AArch64Mapping.c', 'arch/AArch64/AArch64Module.c', + 'arch/ARM/ARMBaseInfo.c', 'arch/ARM/ARMDisassembler.c', + 'arch/ARM/ARMDisassemblerExtension.c', 'arch/ARM/ARMInstPrinter.c', 'arch/ARM/ARMMapping.c', 'arch/ARM/ARMModule.c', @@ -53,11 +55,12 @@ cs_files = [ 'arch/TriCore/TriCoreMapping.c', 'arch/TriCore/TriCoreModule.c', 'cs.c', + 'Mapping.c', 'MCInst.c', 'MCInstrDesc.c', + 'MCInstPrinter.c', 'MCRegisterInfo.c', 'SStream.c', - 'Mapping.c', 'utils.c', ] From caee23d59e3d250f3cf7693202171b1fd660e24a Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 20 Jul 2023 10:15:09 -0500 Subject: [PATCH 032/106] Fix rebase mistakes --- librz/analysis/arch/arm/arm_il32.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/librz/analysis/arch/arm/arm_il32.c b/librz/analysis/arch/arm/arm_il32.c index 56f859ac138..594859286f5 100644 --- a/librz/analysis/arch/arm/arm_il32.c +++ b/librz/analysis/arch/arm/arm_il32.c @@ -2975,7 +2975,7 @@ static RzILOpEffect *vldn_multiple_elem(cs_insn *insn, bool is_thumb) { ut32 rm_idx = OPCOUNT() - 1; ut32 rn_idx; ut32 regs = 0; - bool wback = insn->detail->arm.writeback; + bool wback = insn->detail->writeback; bool use_rm_as_wback_offset = false; ut32 group_sz = insn->id - ARM_INS_VLD1 + 1; @@ -3145,7 +3145,7 @@ static RzILOpEffect *vldn_single_lane(cs_insn *insn, bool is_thumb) { return NULL; } - bool wback = insn->detail->arm.writeback; + bool wback = insn->detail->writeback; RzILOpEffect *wback_eff; if (wback) { RzILOpBitVector *new_offset = use_rm ? ARG(rm_idx) : UN(32, elem_bytes * group_sz); @@ -3234,7 +3234,7 @@ static RzILOpEffect *vldn_all_lane(cs_insn *insn, bool is_thumb) { return NULL; } - bool wback = insn->detail->arm.writeback; + bool wback = insn->detail->writeback; RzILOpEffect *wback_eff; if (wback) { RzILOpBitVector *new_offset = use_rm ? ARG(rm_idx) : UN(32, elem_bytes * group_sz); @@ -3269,7 +3269,7 @@ static RzILOpEffect *vstn_multiple_elem(cs_insn *insn, bool is_thumb) { ut32 rm_idx = OPCOUNT() - 1; ut32 rn_idx; ut32 regs = 0; - bool wback = insn->detail->arm.writeback; + bool wback = insn->detail->writeback; bool use_rm_as_wback_offset = false; ut32 group_sz = insn->id - ARM_INS_VST1 + 1; @@ -3434,7 +3434,7 @@ static RzILOpEffect *vstn_from_single_lane(cs_insn *insn, bool is_thumb) { return NULL; } - bool wback = insn->detail->arm.writeback; + bool wback = insn->detail->writeback; RzILOpEffect *wback_eff; if (wback) { RzILOpBitVector *new_offset = use_rm ? ARG(rm_idx) : UN(32, elem_bytes * group_sz); @@ -4018,7 +4018,6 @@ static RzILOpEffect *il_unconditional(csh *handle, cs_insn *insn, bool is_thumb) case ARM_INS_PLD: case ARM_INS_PLDW: case ARM_INS_PLI: - case ARM_INS_YIELD: // barriers/synchronization case ARM_INS_DMB: case ARM_INS_DSB: From dcf10612365eaf3f38661f8224385a4e8d4c5f93 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 20 Jul 2023 10:17:26 -0500 Subject: [PATCH 033/106] Check for NEON features. --- librz/analysis/arch/arm/arm_cs.h | 2 ++ librz/analysis/arch/arm/arm_il32.c | 32 +++++++++++++++++++++++++----- 2 files changed, 29 insertions(+), 5 deletions(-) diff --git a/librz/analysis/arch/arm/arm_cs.h b/librz/analysis/arch/arm/arm_cs.h index 5fc14a1e755..b5f7161e815 100644 --- a/librz/analysis/arch/arm/arm_cs.h +++ b/librz/analysis/arch/arm/arm_cs.h @@ -10,6 +10,8 @@ RZ_IPI int rz_arm_cs_analysis_op_32_esil(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf, int len, csh *handle, cs_insn *insn, bool thumb); RZ_IPI int rz_arm_cs_analysis_op_64_esil(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf, int len, csh *handle, cs_insn *insn); +RZ_IPI bool rz_arm_cs_is_group_member(const cs_insn *insn, arm_insn_group feature); + RZ_IPI const char *rz_arm_cs_esil_prefix_cond(RzAnalysisOp *op, int cond_type); RZ_IPI RzILOpEffect *rz_arm_cs_32_il(csh *handle, cs_insn *insn, bool thumb); diff --git a/librz/analysis/arch/arm/arm_il32.c b/librz/analysis/arch/arm/arm_il32.c index 594859286f5..9a131f9e1ab 100644 --- a/librz/analysis/arch/arm/arm_il32.c +++ b/librz/analysis/arch/arm/arm_il32.c @@ -2,6 +2,7 @@ // SPDX-License-Identifier: LGPL-3.0-only #include +#include #include #include "arm_cs.h" @@ -11,6 +12,27 @@ #include "arm_il_common.inc" +/** + * \brief Tests if the instruction is part of the given group. + * + * \param insn The instruction to test. + * \param group The group to test for. + * \return true The instruction is part of the group. + * \return false The instruction is not part of the group. + */ +RZ_IPI bool rz_arm_cs_is_group_member(RZ_NONNULL const cs_insn *insn, arm_insn_group group) { + rz_return_val_if_fail(insn && insn->detail, false); + uint32_t i = 0; + arm_insn_group group_it = insn->detail->groups[i]; + while (group_it) { + if (group_it == group) { + return true; + } + group_it = insn->detail->groups[++i]; + } + return false; +} + /** * All regs available as global IL variables */ @@ -3554,7 +3576,7 @@ static RzILOpEffect *try_as_int_cvt(cs_insn *insn, bool is_thumb, bool *success) bv_sz = cvt_isize(VVEC_DT(insn), &is_signed); ut32 fl_sz = rz_float_get_format_info(is_f2i ? from_fmt : to_fmt, RZ_FLOAT_INFO_TOTAL_LEN); - if (insn->detail->groups[0] != ARM_GRP_NEON) { + if (!rz_arm_cs_is_group_member(insn, ARM_FEATURE_HasNEON)) { // vfp // VCVT.F64.S32/U32
, // VCVT.F32.S32/U32 , @@ -3789,7 +3811,7 @@ static RzILOpEffect *vadd(cs_insn *insn, bool is_thumb) { RzFloatFormat fmt = dt2fmt(dt); bool is_float_vec = fmt == RZ_FLOAT_UNK ? false : true; - if (insn->detail->groups[0] != ARM_GRP_NEON) { + if (!rz_arm_cs_is_group_member(insn, ARM_FEATURE_HasNEON)) { // VFP return write_reg(REGID(0), F2BV(FADD(RZ_FLOAT_RMODE_RNE, @@ -3836,7 +3858,7 @@ static RzILOpEffect *vsub(cs_insn *insn, bool is_thumb) { RzFloatFormat fmt = dt2fmt(dt); bool is_float_vec = fmt == RZ_FLOAT_UNK ? false : true; - if (insn->detail->groups[0] != ARM_GRP_NEON) { + if (!rz_arm_cs_is_group_member(insn, ARM_FEATURE_HasNEON)) { // VFP return write_reg(REGID(0), F2BV(FSUB(RZ_FLOAT_RMODE_RNE, @@ -3881,7 +3903,7 @@ static RzILOpEffect *vmul(cs_insn *insn, bool is_thumb) { arm_vectordata_type dt = VVEC_DT(insn); RzFloatFormat fmt = dt2fmt(dt); - if (insn->detail->groups[0] != ARM_GRP_NEON) { + if (!rz_arm_cs_is_group_member(insn, ARM_FEATURE_HasNEON)) { // VFP fmul return write_reg(REGID(0), F2BV(FMUL(RZ_FLOAT_RMODE_RNE, @@ -3978,7 +4000,7 @@ static RzILOpEffect *vabs(cs_insn *insn, bool is_thumb) { return NULL; } - if (insn->detail->groups[0] == ARM_GRP_NEON) { + if (rz_arm_cs_is_group_member(insn, ARM_FEATURE_HasNEON)) { // not implement return NULL; } From 30744775642c8c805ebe338cacd352dc91e50ca0 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Fri, 21 Jul 2023 09:31:36 -0500 Subject: [PATCH 034/106] Fix tests where ldr was replaced with pop --- test/db/asm/arm_32 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/db/asm/arm_32 b/test/db/asm/arm_32 index bb743ef35c1..b3e554fbed0 100644 --- a/test/db/asm/arm_32 +++ b/test/db/asm/arm_32 @@ -196,7 +196,7 @@ d "orreq r6, r6, r2, lsr 1" a2608601 d "orreq r3, r3, -0x80000000" 02318303 d "orrne r0, r0, r1, lsl ip" 110c8011 d "orrne r1, r1, r3" 03108111 -d "ldreq pc, [sp], 4" 04f09d04 +d "popeq {pc}" 04f09d04 d "popeq {r4, pc}" 1080bd08 d "popeq {r4, r5, pc}" 3080bd08 d "popeq {r3, r4, r5, pc}" 3880bd08 @@ -439,7 +439,7 @@ d "stmib r0, {r1, r3, r4}" 1a0080e9 0x0 (seq (storew 0 (+ (var r0) (bv 32 0x4)) d "stmib r0!, {r1, r3, r4}" 1a00a0e9 0x0 (seq (storew 0 (+ (var r0) (bv 32 0x4)) (var r1)) (storew 0 (+ (var r0) (bv 32 0x8)) (var r3)) (storew 0 (+ (var r0) (bv 32 0xc)) (var r4)) (set r0 (+ (var r0) (bv 32 0xc)))) d "stmdb r0, {r1, r3, r4}" 1a0000e9 0x0 (seq (storew 0 (- (var r0) (bv 32 0xc)) (var r1)) (storew 0 (- (var r0) (bv 32 0x8)) (var r3)) (storew 0 (- (var r0) (bv 32 0x4)) (var r4))) d "stmdb r0!, {r1, r3, r4}" 1a0020e9 0x0 (seq (storew 0 (- (var r0) (bv 32 0xc)) (var r1)) (storew 0 (- (var r0) (bv 32 0x8)) (var r3)) (storew 0 (- (var r0) (bv 32 0x4)) (var r4)) (set r0 (- (var r0) (bv 32 0xc)))) -d "ldr fp, [sp], 4" 04b09de4 0x0 (seq (set r11 (loadw 0 32 (var sp))) (set sp (+ (var sp) (bv 32 0x4)))) +d "pop {fp}" 04b09de4 0x0 (seq (set base (var sp)) (set r11 (loadw 0 32 (+ (var base) (bv 32 0x0)))) (set sp (+ (var base) (bv 32 0x4)))) d "pop {r3, pc}" 0880bde8 0x0 (seq (set base (var sp)) (set r3 (loadw 0 32 (+ (var base) (bv 32 0x0)))) (set tgt (loadw 0 32 (+ (var base) (bv 32 0x4)))) (set sp (+ (var base) (bv 32 0x8))) (jmp (var tgt))) d "ldm r0, {r1, r3, r4}" 1a0090e8 0x0 (seq (set base (var r0)) (set r1 (loadw 0 32 (+ (var base) (bv 32 0x0)))) (set r3 (loadw 0 32 (+ (var base) (bv 32 0x4)))) (set r4 (loadw 0 32 (+ (var base) (bv 32 0x8))))) d "ldm r0!, {r1, r3, r4}" 1a00b0e8 0x0 (seq (set base (var r0)) (set r1 (loadw 0 32 (+ (var base) (bv 32 0x0)))) (set r3 (loadw 0 32 (+ (var base) (bv 32 0x4)))) (set r4 (loadw 0 32 (+ (var base) (bv 32 0x8)))) (set r0 (+ (var base) (bv 32 0xc)))) From 421b5ef65af616fbe913ecbabcb4e5bdf190891b Mon Sep 17 00:00:00 2001 From: Rot127 Date: Fri, 21 Jul 2023 09:41:23 -0500 Subject: [PATCH 035/106] Fix postindex 8byte store --- librz/analysis/arch/arm/arm_esil32.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/librz/analysis/arch/arm/arm_esil32.c b/librz/analysis/arch/arm/arm_esil32.c index 24dfd29b162..719120052e6 100644 --- a/librz/analysis/arch/arm/arm_esil32.c +++ b/librz/analysis/arch/arm/arm_esil32.c @@ -648,8 +648,8 @@ r6,r5,r4,3,sp,[*],12,sp,+= int disp = MEMDISP(2); char sign = disp >= 0 ? '+' : '-'; disp = disp >= 0 ? disp : -disp; - rz_strbuf_appendf(&op->esil, "%s,%d,%s,%c,0xffffffff,&,=[4],%s,4,%d,+,%s,%c,0xffffffff,&,=[4]", - REG(0), disp, MEMBASE(2), sign, REG(1), disp, MEMBASE(2), sign); + rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[4],%s,4,%s,+,0xffffffff,&,=[4]", + REG(0), MEMBASE(2), REG(1), MEMBASE(2)); if (insn->detail->writeback) { rz_strbuf_appendf(&op->esil, ",%d,%s,%c,%s,=", disp, MEMBASE(2), sign, MEMBASE(2)); From de3ef5f874892e1e53cb5b7559ea83bd1bf62600 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Fri, 21 Jul 2023 10:45:01 -0500 Subject: [PATCH 036/106] Remove unreachable code for ESIL LDR. --- librz/analysis/arch/arm/arm_esil32.c | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/librz/analysis/arch/arm/arm_esil32.c b/librz/analysis/arch/arm/arm_esil32.c index 719120052e6..8b99dfaa617 100644 --- a/librz/analysis/arch/arm/arm_esil32.c +++ b/librz/analysis/arch/arm/arm_esil32.c @@ -800,15 +800,10 @@ r6,r5,r4,3,sp,[*],12,sp,+= rz_strbuf_appendf(&op->esil, "0x%" PFMT64x ",2,2,%s,>>,<<,+,0xffffffff,&,[4],0x%x,&,%s,=", (ut64)MEMDISP(1), pc, mask, REG(0)); } else { - int disp = MEMDISP(1); + st64 disp = MEMDISP(1); // not refptr, because we can't grab the reg value statically op->refptr = 4; - if (disp < 0) { - rz_strbuf_appendf(&op->esil, "0x%" PFMT64x ",%s,-,0xffffffff,&,[4],0x%x,&,%s,=", - (ut64)-disp, MEMBASE(1), mask, REG(0)); - } else { - rz_strbuf_appendf(&op->esil, "0x%" PFMT64x ",%s,+,0xffffffff,&,[4],0x%x,&,%s,=", - (ut64)disp, MEMBASE(1), mask, REG(0)); - } + rz_strbuf_appendf(&op->esil, "0x%" PFMT64x ",%s,-,0xffffffff,&,[4],0x%x,&,%s,=", + (ut64)-disp, MEMBASE(1), mask, REG(0)); } } else { if (ISMEM(1) && REGBASE(1) == ARM_REG_PC) { From 2e979940c4747491f9b44b8614d7b52d4d6ae030 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Fri, 21 Jul 2023 11:42:39 -0500 Subject: [PATCH 037/106] Fix flag check/set of mov instructions with shift. --- librz/analysis/arch/arm/arm_esil32.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/librz/analysis/arch/arm/arm_esil32.c b/librz/analysis/arch/arm/arm_esil32.c index 8b99dfaa617..e60ef641616 100644 --- a/librz/analysis/arch/arm/arm_esil32.c +++ b/librz/analysis/arch/arm/arm_esil32.c @@ -990,22 +990,30 @@ r6,r5,r4,3,sp,[*],12,sp,+= case ARM_INS_CMN: rz_strbuf_appendf(&op->esil, ",$z,zf,:=,31,$s,nf,:=,31,$c,cf,:=,31,$o,vf,:="); break; - case ARM_INS_MOV: + case ARM_INS_MOV: { + // Move has already set the dest register at this point. + // But mind that ARG() always includes the shift of the source register. + // If the source register is the same as the destination register it would shift the value twice. + // We need to prepend the move (already in op->esil) to the flag check. + char move_esil[64]; switch (SHIFTTYPE(1)) { default: break; case ARM_SFT_LSL: case ARM_SFT_LSL_REG: - rz_strbuf_appendf(&op->esil, ",%s,!,!,?{,%s,32,-,%s,>>,cf,:=,}", ARG(1), ARG(1), ARG(0)); + rz_strf(move_esil, "%s", rz_strbuf_drain_nofree(&op->esil)); + rz_strbuf_appendf(&op->esil, ",%s,!,!,?{,%s,32,-,%s,>>,cf,:=,},%s", ARG(1), ARG(1), ARG(0), move_esil); break; case ARM_SFT_LSR: case ARM_SFT_LSR_REG: case ARM_SFT_ASR: case ARM_SFT_ASR_REG: - rz_strbuf_appendf(&op->esil, ",%s,!,!,?{,%s,1,%s,-,0x1,<<,&,!,!,cf,:=,}", ARG(1), ARG(0), ARG(1)); + rz_strf(move_esil, "%s", rz_strbuf_drain_nofree(&op->esil)); + rz_strbuf_appendf(&op->esil, "%s,!,!,?{,%s,1,%s,-,0x1,<<,&,!,!,cf,:=,},%s", ARG(1), ARG(0), ARG(1), move_esil); break; } - // fallthrough + } + // fallthrough default: rz_strbuf_appendf(&op->esil, ",$z,zf,:=,31,$s,nf,:="); } From 28dba41f1f87401a7a4968e74ccd3a25102dc175 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Fri, 21 Jul 2023 12:15:04 -0500 Subject: [PATCH 038/106] Check for subtracted flag of mem.disp. --- librz/analysis/p/analysis_arm_cs.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/librz/analysis/p/analysis_arm_cs.c b/librz/analysis/p/analysis_arm_cs.c index af6dd27bc5c..5fe01f499d7 100644 --- a/librz/analysis/p/analysis_arm_cs.c +++ b/librz/analysis/p/analysis_arm_cs.c @@ -159,7 +159,11 @@ static void opex(RzStrBuf *buf, csh handle, cs_insn *insn) { pj_ks(pj, "index", cs_reg_name(handle, op->mem.index)); } pj_ki(pj, "scale", op->mem.scale); +#if CS_API_MAJOR >= 6 + pj_ki(pj, "disp", (op->subtracted ? -op->mem.disp : op->mem.disp)); +#else pj_ki(pj, "disp", op->mem.disp); +#endif break; case ARM_OP_FP: pj_ks(pj, "type", "fp"); @@ -1585,7 +1589,11 @@ static void set_src_dst(RzAnalysisValue *val, RzReg *reg, csh *handle, cs_insn * #if CS_API_MAJOR > 3 val->mul = armop.mem.scale << armop.mem.lshift; #endif +#if CS_API_MAJOR >= 6 + val->delta = armop.subtracted ? -armop.mem.disp : armop.mem.disp; +#else val->delta = armop.mem.disp; +#endif break; case ARM_OP_IMM: val->type = RZ_ANALYSIS_VAL_IMM; From 28a248cc7b4a8f14a1497352d033905cefbf0ea9 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sat, 22 Jul 2023 07:12:25 -0500 Subject: [PATCH 039/106] Use macro for disp access --- librz/analysis/p/analysis_arm_cs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/librz/analysis/p/analysis_arm_cs.c b/librz/analysis/p/analysis_arm_cs.c index 5fe01f499d7..a376dde4950 100644 --- a/librz/analysis/p/analysis_arm_cs.c +++ b/librz/analysis/p/analysis_arm_cs.c @@ -1590,7 +1590,7 @@ static void set_src_dst(RzAnalysisValue *val, RzReg *reg, csh *handle, cs_insn * val->mul = armop.mem.scale << armop.mem.lshift; #endif #if CS_API_MAJOR >= 6 - val->delta = armop.subtracted ? -armop.mem.disp : armop.mem.disp; + val->delta = MEMDISP(x); #else val->delta = armop.mem.disp; #endif From 1a62ef9db072da24ecc046d1064092a59beaa9e2 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sat, 22 Jul 2023 08:21:09 -0500 Subject: [PATCH 040/106] Fix function variable recognition. The variable should not added if sp was only moved. --- librz/analysis/var.c | 5 +++++ test/db/analysis/vars | 6 +++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/librz/analysis/var.c b/librz/analysis/var.c index 07ffa326f23..27e472c602a 100644 --- a/librz/analysis/var.c +++ b/librz/analysis/var.c @@ -1171,6 +1171,11 @@ static void extract_stack_var(RzAnalysis *analysis, RzAnalysisFunction *fcn, RzA if (*sign == '-') { addend = -addend; } + if (addend == 0 && op->direction != RZ_ANALYSIS_OP_DIR_READ && op->direction != RZ_ANALYSIS_OP_DIR_WRITE) { + // avoid creating variables for just `mov rbp, rsp`, which would otherwise detect a var at rsp+0 + // so for addend == 0, we only consider actual memory operations for now + goto beach; + } } if (!op->src[0] || !op->dst) { diff --git a/test/db/analysis/vars b/test/db/analysis/vars index 42de673ee01..25df34daa6c 100644 --- a/test/db/analysis/vars +++ b/test/db/analysis/vars @@ -427,11 +427,11 @@ afvR arg1 0x6 arg2 0x8 arg3 0xc - var_10h 0x4,0x2c + var_10h var_ch 0x18,0x22 var_eh 0x16,0x1e var_fh 0x10 - var_4h 0x2c + var_4h afvW arg1 arg2 @@ -472,7 +472,7 @@ afvW | `--> 0x00000026 00bf nop | 0x00000028 0c37 adds r7, 0xc | 0x0000002a bd46 mov sp, r7 -| 0x0000002c 5df8047b ldr r7, [sp], 4 +| 0x0000002c 5df8047b pop {r7} \ 0x00000030 7047 bx lr EOF RUN From 4632b0fb4621b974850c78aa108ff67bd238e80d Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sat, 22 Jul 2023 09:35:00 -0500 Subject: [PATCH 041/106] Fix json tests --- librz/analysis/p/analysis_arm_cs.c | 4 ---- test/db/cmd/cmd_ao | 2 +- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/librz/analysis/p/analysis_arm_cs.c b/librz/analysis/p/analysis_arm_cs.c index a376dde4950..311fac768fd 100644 --- a/librz/analysis/p/analysis_arm_cs.c +++ b/librz/analysis/p/analysis_arm_cs.c @@ -159,11 +159,7 @@ static void opex(RzStrBuf *buf, csh handle, cs_insn *insn) { pj_ks(pj, "index", cs_reg_name(handle, op->mem.index)); } pj_ki(pj, "scale", op->mem.scale); -#if CS_API_MAJOR >= 6 - pj_ki(pj, "disp", (op->subtracted ? -op->mem.disp : op->mem.disp)); -#else pj_ki(pj, "disp", op->mem.disp); -#endif break; case ARM_OP_FP: pj_ks(pj, "type", "fp"); diff --git a/test/db/cmd/cmd_ao b/test/db/cmd/cmd_ao index dc96586a4cd..17bb690cfe6 100644 --- a/test/db/cmd/cmd_ao +++ b/test/db/cmd/cmd_ao @@ -117,7 +117,7 @@ aoj~{[0].opex} EOF EXPECT=< Date: Sat, 22 Jul 2023 09:35:29 -0500 Subject: [PATCH 042/106] Fix new id --- test/db/cmd/cmd_a_capital_o | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/db/cmd/cmd_a_capital_o b/test/db/cmd/cmd_a_capital_o index 2c650d6c06e..565bc55788b 100644 --- a/test/db/cmd/cmd_a_capital_o +++ b/test/db/cmd/cmd_a_capital_o @@ -10,6 +10,6 @@ EXPECT=<>,<<,36,+,0xffffffff,&,[4],0xffffffff,&,ip,= -[{"opcode":"ldr ip, [pc, 0x24]","disasm":"ldr ip, sym.__libc_csu_fini","pseudo":"ip = sym.__libc_csu_fini","description":"load from memory to register","mnemonic":"ldr","mask":"ffffffff","esil":"2,2,8,$$,+,>>,<<,36,+,0xffffffff,&,[4],0xffffffff,&,ip,=","rzil":{"opcode":"set","dst":"r12","src":{"opcode":"loadw","mem":0,"key":{"opcode":"bitv","bits":"0x817c","len":32},"bits":32}},"sign":false,"prefix":0,"id":83,"opex":{"operands":[{"type":"reg","value":"ip"},{"type":"mem","base":"pc","scale":1,"disp":36}]},"addr":33104,"bytes":"24c09fe5","disp":36,"ptr":33148,"size":4,"type":"load","esilcost":4,"ireg":"pc","scale":1,"refptr":4,"cycles":4,"failcycles":0,"delay":0,"stackptr":0,"family":"cpu"}] +[{"opcode":"ldr ip, [pc, 0x24]","disasm":"ldr ip, sym.__libc_csu_fini","pseudo":"ip = sym.__libc_csu_fini","description":"load from memory to register","mnemonic":"ldr","mask":"ffffffff","esil":"2,2,8,$$,+,>>,<<,36,+,0xffffffff,&,[4],0xffffffff,&,ip,=","rzil":{"opcode":"set","dst":"r12","src":{"opcode":"loadw","mem":0,"key":{"opcode":"bitv","bits":"0x817c","len":32},"bits":32}},"sign":false,"prefix":0,"id":4,"opex":{"operands":[{"type":"reg","value":"ip"},{"type":"mem","base":"pc","scale":1,"disp":36}]},"addr":33104,"bytes":"24c09fe5","disp":36,"ptr":33148,"size":4,"type":"load","esilcost":4,"ireg":"pc","scale":1,"refptr":4,"cycles":4,"failcycles":0,"delay":0,"stackptr":0,"family":"cpu"}] EOF RUN \ No newline at end of file From ae21fb8d92b49e1c04414332e203cfe7af251684 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sat, 22 Jul 2023 10:29:26 -0500 Subject: [PATCH 043/106] Fix post-index ldrd esil instructions --- librz/analysis/arch/arm/arm_esil32.c | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/librz/analysis/arch/arm/arm_esil32.c b/librz/analysis/arch/arm/arm_esil32.c index e60ef641616..09e5ac1f5fe 100644 --- a/librz/analysis/arch/arm/arm_esil32.c +++ b/librz/analysis/arch/arm/arm_esil32.c @@ -683,15 +683,10 @@ r6,r5,r4,3,sp,[*],12,sp,+= rz_strbuf_appendf(&op->esil, "0x%" PFMT64x ",2,2,%s,%d,+,>>,<<,+,0xffffffff,&,DUP,[4],%s,=,4,+,[4],%s,=", (ut64)MEMDISP(2), pc, pcdelta, REG(0), REG(1)); } else { - int disp = MEMDISP(2); + int disp = ISPOSTINDEX() ? 0 : MEMDISP(2); // not refptr, because we can't grab the reg value statically op->refptr = 4; - if (disp < 0) { - rz_strbuf_appendf(&op->esil, "0x%" PFMT64x ",%s,-,0xffffffff,&,DUP,[4],%s,=,4,+,[4],%s,=", - (ut64)-disp, MEMBASE(2), REG(0), REG(1)); - } else { - rz_strbuf_appendf(&op->esil, "0x%" PFMT64x ",%s,+,0xffffffff,&,DUP,[4],%s,=,4,+,[4],%s,=", - (ut64)disp, MEMBASE(2), REG(0), REG(1)); - } + rz_strbuf_appendf(&op->esil, "0x%" PFMT64x ",%s,-,0xffffffff,&,DUP,[4],%s,=,4,+,[4],%s,=", + (ut64)-disp, MEMBASE(2), REG(0), REG(1)); } } else { if (REGBASE(2) == ARM_REG_PC) { @@ -712,8 +707,9 @@ r6,r5,r4,3,sp,[*],12,sp,+= rz_strbuf_appendf(&op->esil, "%s,%s,%c,0xffffffff,&,DUP,[4],%s,=,4,+,[4],%s,=", MEMINDEX(2), MEMBASE(2), op_index, REG(0), REG(1)); } else { + int disp = ISPOSTINDEX() ? 0 : MEMDISP(2); rz_strbuf_appendf(&op->esil, "%d,%s,+,0xffffffff,&,DUP,[4],%s,=,4,+,[4],%s,=", - MEMDISP(2), MEMBASE(2), REG(0), REG(1)); + disp, MEMBASE(2), REG(0), REG(1)); } if (insn->detail->writeback) { if (ISPOSTINDEX()) { From 595dd3195e4db056f1f8cc73de3930b1ada9741d Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sat, 22 Jul 2023 11:05:51 -0500 Subject: [PATCH 044/106] Fix ARM64 tests by separating their esil condition code. --- librz/analysis/arch/arm/arm_cs.h | 3 +- librz/analysis/arch/arm/arm_esil32.c | 4 +- librz/analysis/arch/arm/arm_esil64.c | 75 +++++++++++++++++++++++++++- 3 files changed, 78 insertions(+), 4 deletions(-) diff --git a/librz/analysis/arch/arm/arm_cs.h b/librz/analysis/arch/arm/arm_cs.h index b5f7161e815..8bfaa543e50 100644 --- a/librz/analysis/arch/arm/arm_cs.h +++ b/librz/analysis/arch/arm/arm_cs.h @@ -12,7 +12,8 @@ RZ_IPI int rz_arm_cs_analysis_op_64_esil(RzAnalysis *a, RzAnalysisOp *op, ut64 a RZ_IPI bool rz_arm_cs_is_group_member(const cs_insn *insn, arm_insn_group feature); -RZ_IPI const char *rz_arm_cs_esil_prefix_cond(RzAnalysisOp *op, int cond_type); +RZ_IPI const char *rz_arm32_cs_esil_prefix_cond(RzAnalysisOp *op, ARMCC_CondCodes cond_type); +RZ_IPI const char *rz_arm64_cs_esil_prefix_cond(RzAnalysisOp *op, arm64_cc cond_type); RZ_IPI RzILOpEffect *rz_arm_cs_32_il(csh *handle, cs_insn *insn, bool thumb); RZ_IPI RzAnalysisILConfig *rz_arm_cs_32_il_config(bool big_endian); diff --git a/librz/analysis/arch/arm/arm_esil32.c b/librz/analysis/arch/arm/arm_esil32.c index 09e5ac1f5fe..d7dc40ca509 100644 --- a/librz/analysis/arch/arm/arm_esil32.c +++ b/librz/analysis/arch/arm/arm_esil32.c @@ -60,7 +60,7 @@ static unsigned int regsize32(cs_insn *insn, int n) { #define REGSIZE32(x) regsize32(insn, x) // return postfix -RZ_IPI const char *rz_arm_cs_esil_prefix_cond(RzAnalysisOp *op, int cond_type) { +RZ_IPI const char *rz_arm32_cs_esil_prefix_cond(RzAnalysisOp *op, ARMCC_CondCodes cond_type) { const char *close_cond[2]; close_cond[0] = ""; close_cond[1] = ",}"; @@ -256,7 +256,7 @@ RZ_IPI int rz_arm_cs_analysis_op_32_esil(RzAnalysis *a, RzAnalysisOp *op, ut64 a rz_strbuf_init(&op->esil); rz_strbuf_set(&op->esil, ""); - postfix = rz_arm_cs_esil_prefix_cond(op, insn->detail->arm.cc); + postfix = rz_arm32_cs_esil_prefix_cond(op, insn->detail->arm.cc); switch (insn->id) { case ARM_INS_CLZ: diff --git a/librz/analysis/arch/arm/arm_esil64.c b/librz/analysis/arch/arm/arm_esil64.c index 91c5787e313..30e04b51635 100644 --- a/librz/analysis/arch/arm/arm_esil64.c +++ b/librz/analysis/arch/arm/arm_esil64.c @@ -11,6 +11,79 @@ #define MEMBASE64(x) rz_str_get_null(cs_reg_name(*handle, insn->detail->arm64.operands[x].mem.base)) #define MEMINDEX64(x) rz_str_get_null(cs_reg_name(*handle, insn->detail->arm64.operands[x].mem.index)) +RZ_IPI const char *rz_arm64_cs_esil_prefix_cond(RzAnalysisOp *op, arm64_cc cond_type) { + const char *close_cond[2]; + close_cond[0] = ""; + close_cond[1] = ",}"; + int close_type = 0; + switch (cond_type) { + case ARM64_CC_EQ: + close_type = 1; + rz_strbuf_setf(&op->esil, "zf,?{,"); + break; + case ARM64_CC_NE: + close_type = 1; + rz_strbuf_setf(&op->esil, "zf,!,?{,"); + break; + case ARM64_CC_HS: + close_type = 1; + rz_strbuf_setf(&op->esil, "cf,?{,"); + break; + case ARM64_CC_LO: + close_type = 1; + rz_strbuf_setf(&op->esil, "cf,!,?{,"); + break; + case ARM64_CC_MI: + close_type = 1; + rz_strbuf_setf(&op->esil, "nf,?{,"); + break; + case ARM64_CC_PL: + close_type = 1; + rz_strbuf_setf(&op->esil, "nf,!,?{,"); + break; + case ARM64_CC_VS: + close_type = 1; + rz_strbuf_setf(&op->esil, "vf,?{,"); + break; + case ARM64_CC_VC: + close_type = 1; + rz_strbuf_setf(&op->esil, "vf,!,?{,"); + break; + case ARM64_CC_HI: + close_type = 1; + rz_strbuf_setf(&op->esil, "cf,zf,!,&,?{,"); + break; + case ARM64_CC_LS: + close_type = 1; + rz_strbuf_setf(&op->esil, "cf,!,zf,|,?{,"); + break; + case ARM64_CC_GE: + close_type = 1; + rz_strbuf_setf(&op->esil, "nf,vf,^,!,?{,"); + break; + case ARM64_CC_LT: + close_type = 1; + rz_strbuf_setf(&op->esil, "nf,vf,^,?{,"); + break; + case ARM64_CC_GT: + // zf == 0 && nf == vf + close_type = 1; + rz_strbuf_setf(&op->esil, "zf,!,nf,vf,^,!,&,?{,"); + break; + case ARM64_CC_LE: + // zf == 1 || nf != vf + close_type = 1; + rz_strbuf_setf(&op->esil, "zf,nf,vf,^,|,?{,"); + break; + case ARM64_CC_AL: + // always executed + break; + default: + break; + } + return close_cond[close_type]; +} + static int arm64_reg_width(int reg) { switch (reg) { case ARM64_REG_W0: @@ -205,7 +278,7 @@ RZ_IPI int rz_arm_cs_analysis_op_64_esil(RzAnalysis *a, RzAnalysisOp *op, ut64 a rz_strbuf_init(&op->esil); rz_strbuf_set(&op->esil, ""); - postfix = rz_arm_cs_esil_prefix_cond(op, insn->detail->arm64.cc); + postfix = rz_arm64_cs_esil_prefix_cond(op, insn->detail->arm64.cc); switch (insn->id) { case ARM64_INS_REV: From a2fa5231dadb8d3b88eec9f6a27874e47b677b7f Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sat, 22 Jul 2023 11:48:16 -0500 Subject: [PATCH 045/106] Fix shift of post index stores --- librz/analysis/arch/arm/arm_esil32.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/librz/analysis/arch/arm/arm_esil32.c b/librz/analysis/arch/arm/arm_esil32.c index d7dc40ca509..b0d5e5cfa3d 100644 --- a/librz/analysis/arch/arm/arm_esil32.c +++ b/librz/analysis/arch/arm/arm_esil32.c @@ -614,23 +614,23 @@ r6,r5,r4,3,sp,[*],12,sp,+= rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[%d],%d,%s,+=", REG(0), MEMBASE(1), str_ldr_bytes, MEMDISP(1), MEMBASE(1)); } else if (str_ldr_bytes != 8) { // e.g. 'str r2, [r3], r1 - if (ISSHIFTED(2)) { // e.g. 'str r2, [r3], r1, lsl 4' - switch (SHIFTTYPE(2)) { + if (ISSHIFTED(1)) { // e.g. 'str r2, [r3], r1, lsl 4' + switch (SHIFTTYPE(1)) { case ARM_SFT_LSL: rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[%d],%s,%d,%s,<<,+,%s,=", - REG(0), MEMBASE(1), str_ldr_bytes, MEMBASE(1), SHIFTVALUE(2), MEMINDEX(1), MEMBASE(1)); + REG(0), MEMBASE(1), str_ldr_bytes, MEMBASE(1), SHIFTVALUE(1), MEMINDEX(1), MEMBASE(1)); break; case ARM_SFT_LSR: rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[%d],%s,%d,%s,>>,+,%s,=", - REG(0), MEMBASE(1), str_ldr_bytes, MEMBASE(1), SHIFTVALUE(2), MEMINDEX(1), MEMBASE(1)); + REG(0), MEMBASE(1), str_ldr_bytes, MEMBASE(1), SHIFTVALUE(1), MEMINDEX(1), MEMBASE(1)); break; case ARM_SFT_ASR: rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[%d],%s,%d,%s,>>>>,+,%s,=", - REG(0), MEMBASE(1), str_ldr_bytes, MEMBASE(1), SHIFTVALUE(2), MEMINDEX(1), MEMBASE(1)); + REG(0), MEMBASE(1), str_ldr_bytes, MEMBASE(1), SHIFTVALUE(1), MEMINDEX(1), MEMBASE(1)); break; case ARM_SFT_ROR: rz_strbuf_appendf(&op->esil, "%s,%s,0xffffffff,&,=[%d],%s,%d,%s,>>>,+,%s,=", - REG(0), MEMBASE(1), str_ldr_bytes, MEMBASE(1), SHIFTVALUE(2), MEMINDEX(1), MEMBASE(1)); + REG(0), MEMBASE(1), str_ldr_bytes, MEMBASE(1), SHIFTVALUE(1), MEMINDEX(1), MEMBASE(1)); break; case ARM_SFT_RRX: // TODO From f6d5a28cd96e9732b2259a0dc11667f2b7a2ff5f Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sat, 22 Jul 2023 12:31:07 -0500 Subject: [PATCH 046/106] Fix more post index memory instructions. --- librz/analysis/arch/arm/arm_esil32.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/librz/analysis/arch/arm/arm_esil32.c b/librz/analysis/arch/arm/arm_esil32.c index b0d5e5cfa3d..cf0b9052df6 100644 --- a/librz/analysis/arch/arm/arm_esil32.c +++ b/librz/analysis/arch/arm/arm_esil32.c @@ -702,10 +702,11 @@ r6,r5,r4,3,sp,[*],12,sp,+= pcdelta, pc, MEMDISP(2), REG(0), REG(1)); } } else { - if (HASMEMINDEX(2)) { // e.g. `ldrd r2, r3 [r4, r1]` + if (HASMEMINDEX(2)) { // e.g. `ldrd r2, r3 [r4, r1]` or `ldrd r2, r3 [r4], r1` const char op_index = ISMEMINDEXSUB(2) ? '-' : '+'; + const char *mem_index = ISPOSTINDEX() ? "0" : MEMINDEX(2); rz_strbuf_appendf(&op->esil, "%s,%s,%c,0xffffffff,&,DUP,[4],%s,=,4,+,[4],%s,=", - MEMINDEX(2), MEMBASE(2), op_index, REG(0), REG(1)); + mem_index, MEMBASE(2), op_index, REG(0), REG(1)); } else { int disp = ISPOSTINDEX() ? 0 : MEMDISP(2); rz_strbuf_appendf(&op->esil, "%d,%s,+,0xffffffff,&,DUP,[4],%s,=,4,+,[4],%s,=", @@ -717,9 +718,9 @@ r6,r5,r4,3,sp,[*],12,sp,+= rz_strbuf_appendf(&op->esil, ",%s,%d,+,%s,=", MEMBASE(2), MEMDISP(2), MEMBASE(2)); } else { - const char op_index = ISMEMINDEXSUB(3) ? '-' : '+'; + const char op_index = ISMEMINDEXSUB(2) ? '-' : '+'; rz_strbuf_appendf(&op->esil, ",%s,%s,%c,%s,=", - REG(3), MEMBASE(2), op_index, MEMBASE(2)); + MEMINDEX(2), MEMBASE(2), op_index, MEMBASE(2)); } } else if (ISPREINDEX32()) { if (HASMEMINDEX(2)) { From cd03ae766bcbe812dfc3fd91d1bab5f8506e1612 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sat, 22 Jul 2023 12:42:11 -0500 Subject: [PATCH 047/106] Fix invalid variable recognition. --- test/db/formats/elf/thumb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/db/formats/elf/thumb b/test/db/formats/elf/thumb index 0c85b0c267c..af682a4bfd6 100644 --- a/test/db/formats/elf/thumb +++ b/test/db/formats/elf/thumb @@ -118,7 +118,7 @@ EXPECT=< Date: Sun, 23 Jul 2023 11:00:46 -0500 Subject: [PATCH 048/106] Use https://github.com/capstone-engine/capstone/pull/2122 for better system operand support. --- librz/analysis/arch/arm/arm_accessors32.h | 1 + librz/analysis/arch/arm/arm_esil32.c | 5 ++++- librz/analysis/arch/arm/arm_il32.c | 10 +++++----- test/db/tools/rz_asm | 1 + 4 files changed, 11 insertions(+), 6 deletions(-) diff --git a/librz/analysis/arch/arm/arm_accessors32.h b/librz/analysis/arch/arm/arm_accessors32.h index 4a4b472e9b6..7d3d5b06858 100644 --- a/librz/analysis/arch/arm/arm_accessors32.h +++ b/librz/analysis/arch/arm/arm_accessors32.h @@ -21,6 +21,7 @@ #define MEMDISP_BV(x) (HASMEMINDEX(x) ? REG_VAL(insn->detail->arm.operands[x].mem.index) : U32(MEMDISP(x))) #define ISIMM(x) (insn->detail->arm.operands[x].type == ARM_OP_IMM || insn->detail->arm.operands[x].type == ARM_OP_FP) #define ISREG(x) (insn->detail->arm.operands[x].type == ARM_OP_REG) +#define ISPSRFLAGS(x) (insn->detail->arm.operands[x].type == ARM_OP_CPSR || insn->detail->arm.operands[x].type == ARM_OP_SPSR) #define ISMEM(x) (insn->detail->arm.operands[x].type == ARM_OP_MEM) #define ISFPIMM(x) (insn->detail->arm.operands[x].type == ARM_OP_FP) diff --git a/librz/analysis/arch/arm/arm_esil32.c b/librz/analysis/arch/arm/arm_esil32.c index cf0b9052df6..507cc611928 100644 --- a/librz/analysis/arch/arm/arm_esil32.c +++ b/librz/analysis/arch/arm/arm_esil32.c @@ -844,7 +844,7 @@ r6,r5,r4,3,sp,[*],12,sp,+= // TODO: esil for MRS break; case ARM_INS_MSR: - msr_flags = insn->detail->arm.operands[0].reg >> 4; + msr_flags = insn->detail->arm.operands[0].sysop.msr_mask; rz_strbuf_appendf(&op->esil, "0,"); if (msr_flags & 1) { rz_strbuf_appendf(&op->esil, "0xFF,|,"); @@ -976,6 +976,9 @@ r6,r5,r4,3,sp,[*],12,sp,+= // many errors if (insn->detail->arm.update_flags) { switch (insn->id) { + case ARM_INS_MSR: + // Updates flags manually + break; case ARM_INS_CMP: rz_strbuf_appendf(&op->esil, ",$z,zf,:=,31,$s,nf,:=,32,$b,!,cf,:=,31,$o,vf,:="); break; diff --git a/librz/analysis/arch/arm/arm_il32.c b/librz/analysis/arch/arm/arm_il32.c index 9a131f9e1ab..8f75449a6f6 100644 --- a/librz/analysis/arch/arm/arm_il32.c +++ b/librz/analysis/arch/arm/arm_il32.c @@ -1477,10 +1477,10 @@ static RzILOpEffect *mla(cs_insn *insn, bool is_thumb) { * ARM: mrs */ static RzILOpEffect *mrs(cs_insn *insn, bool is_thumb) { - if (!ISREG(0) || !ISREG(1)) { + if (!ISREG(0) || !(ISREG(1) || ISPSRFLAGS(1))) { return NULL; } - if (REGID(1) != ARM_REG_CPSR && REGID(1) != ARM_REG_SPSR && REGID(1) != ARM_REG_APSR) { + if (REGID(1) != ARM_REG_CPSR && REGID(1) != ARM_REG_SPSR && REGID(1) != ARM_REG_APSR && !ISPSRFLAGS(1)) { // only these regs supported return NULL; } @@ -1500,7 +1500,7 @@ static RzILOpEffect *mrs(cs_insn *insn, bool is_thumb) { */ static RzILOpEffect *msr(cs_insn *insn, bool is_thumb) { cs_arm_op *dst = &insn->detail->arm.operands[0]; - if (dst->type != ARM_OP_SYSREG) { + if ((dst->type != ARM_OP_SYSREG) && (dst->type != ARM_OP_CPSR) && (dst->type != ARM_OP_SPSR)) { return NULL; } // check if the reg+mask contains any of the flags we have: @@ -1518,8 +1518,8 @@ static RzILOpEffect *msr(cs_insn *insn, bool is_thumb) { update_s = true; break; default: - update_f = (dst->reg & ARM_SYSREG_CPSR_F) || (dst->reg & ARM_SYSREG_SPSR_F); - update_s = (dst->reg & ARM_SYSREG_CPSR_S) || (dst->reg & ARM_SYSREG_SPSR_S); + update_f = (dst->sysop.psr_bits & ARM_FIELD_CPSR_F) || (dst->sysop.psr_bits & ARM_FIELD_SPSR_F); + update_s = (dst->sysop.psr_bits & ARM_FIELD_CPSR_S) || (dst->sysop.psr_bits & ARM_FIELD_SPSR_S); break; } if (!update_f && !update_s) { diff --git a/test/db/tools/rz_asm b/test/db/tools/rz_asm index ce7afca77c6..b990402cbe5 100644 --- a/test/db/tools/rz_asm +++ b/test/db/tools/rz_asm @@ -395,6 +395,7 @@ EOF RUN NAME=rz-asm -A with -c and -o +BROKEN=1 FILE== CMDS=!rz-asm -a arm -b 16 -A -o 0x1000 -c cortexm 0x80f30988 EXPECT=< Date: Sun, 23 Jul 2023 11:08:52 -0500 Subject: [PATCH 049/106] Distinguish between 32 and 64bit cc check. --- librz/analysis/p/analysis_arm_cs.c | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/librz/analysis/p/analysis_arm_cs.c b/librz/analysis/p/analysis_arm_cs.c index 311fac768fd..1b9179d6322 100644 --- a/librz/analysis/p/analysis_arm_cs.c +++ b/librz/analysis/p/analysis_arm_cs.c @@ -514,7 +514,7 @@ static void opex64(RzStrBuf *buf, csh handle, cs_insn *insn) { pj_free(pj); } -static int cond_cs2r2(int cc) { +static int cond_cs2r2_32(int cc) { if (cc == ARMCC_AL || cc < 0) { cc = RZ_TYPE_COND_AL; } else { @@ -538,6 +538,30 @@ static int cond_cs2r2(int cc) { return cc; } +static int cond_cs2r2_64(int cc) { + if (cc == ARMCC_AL || cc < 0) { + cc = RZ_TYPE_COND_AL; + } else { + switch (cc) { + case ARM64_CC_EQ: cc = RZ_TYPE_COND_EQ; break; + case ARM64_CC_NE: cc = RZ_TYPE_COND_NE; break; + case ARM64_CC_HS: cc = RZ_TYPE_COND_HS; break; + case ARM64_CC_LO: cc = RZ_TYPE_COND_LO; break; + case ARM64_CC_MI: cc = RZ_TYPE_COND_MI; break; + case ARM64_CC_PL: cc = RZ_TYPE_COND_PL; break; + case ARM64_CC_VS: cc = RZ_TYPE_COND_VS; break; + case ARM64_CC_VC: cc = RZ_TYPE_COND_VC; break; + case ARM64_CC_HI: cc = RZ_TYPE_COND_HI; break; + case ARM64_CC_LS: cc = RZ_TYPE_COND_LS; break; + case ARM64_CC_GE: cc = RZ_TYPE_COND_GE; break; + case ARM64_CC_LT: cc = RZ_TYPE_COND_LT; break; + case ARM64_CC_GT: cc = RZ_TYPE_COND_GT; break; + case ARM64_CC_LE: cc = RZ_TYPE_COND_LE; break; + } + } + return cc; +} + static void anop64(ArmCSContext *ctx, RzAnalysisOp *op, cs_insn *insn) { csh handle = ctx->handle; ut64 addr = op->addr; @@ -559,7 +583,7 @@ static void anop64(ArmCSContext *ctx, RzAnalysisOp *op, cs_insn *insn) { op->family = RZ_ANALYSIS_OP_FAMILY_CPU; } - op->cond = cond_cs2r2(insn->detail->arm64.cc); + op->cond = cond_cs2r2_64(insn->detail->arm64.cc); if (op->cond == RZ_TYPE_COND_NV) { op->type = RZ_ANALYSIS_OP_TYPE_NOP; return; @@ -986,7 +1010,7 @@ static void anop32(RzAnalysis *a, csh handle, RzAnalysisOp *op, cs_insn *insn, b const int pcdelta = thumb ? 4 : 8; int i; - op->cond = cond_cs2r2(insn->detail->arm.cc); + op->cond = cond_cs2r2_32(insn->detail->arm.cc); if (op->cond == RZ_TYPE_COND_NV) { op->type = RZ_ANALYSIS_OP_TYPE_NOP; return; From c00cb89e1eed0eba43593cdec0de1b458cf3d204 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sun, 23 Jul 2023 11:26:17 -0500 Subject: [PATCH 050/106] Check for CS API version >5 --- librz/analysis/arch/ppc/ppc_il_ops.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index c74a92d982f..3bcfb74b6d7 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -1050,7 +1050,8 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i // C/CL/CR Clear, clear left/right // M/NM/MI Mask, AND with mask, mask insert -#if CS_API_MAJOR == 5 && CS_API_MINOR == 0 +// FIXME: With update to auto-sync ppc arch +#if CS_API_MAJOR >= 5 && CS_API_MINOR == 0 // weird bug on capstone v5.0 if (id == PPC_INS_CLRLDI && !strcmp(insn->mnemonic, "rldicl")) { id = PPC_INS_RLDICL; From e715409243524181709f1b92dfc684eb5fae987e Mon Sep 17 00:00:00 2001 From: Rot127 Date: Mon, 24 Jul 2023 02:57:22 -0500 Subject: [PATCH 051/106] Check for CS_NEXT_VERSION instead of CS_API_MAJOR. --- librz/analysis/p/analysis_arm_cs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/librz/analysis/p/analysis_arm_cs.c b/librz/analysis/p/analysis_arm_cs.c index 1b9179d6322..5ee9180dc42 100644 --- a/librz/analysis/p/analysis_arm_cs.c +++ b/librz/analysis/p/analysis_arm_cs.c @@ -1609,7 +1609,7 @@ static void set_src_dst(RzAnalysisValue *val, RzReg *reg, csh *handle, cs_insn * #if CS_API_MAJOR > 3 val->mul = armop.mem.scale << armop.mem.lshift; #endif -#if CS_API_MAJOR >= 6 +#if CS_NEXT_VERSION == 6 val->delta = MEMDISP(x); #else val->delta = armop.mem.disp; From 5f8c6a7d22757209404b0a5b270a6b9490270c68 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 7 Sep 2023 13:36:44 -0500 Subject: [PATCH 052/106] Fix VSTn and VLDn instructions to use corrected memory operands. --- librz/analysis/arch/arm/arm_il32.c | 115 ++++++++++++----------------- 1 file changed, 47 insertions(+), 68 deletions(-) diff --git a/librz/analysis/arch/arm/arm_il32.c b/librz/analysis/arch/arm/arm_il32.c index 8f75449a6f6..61229b52228 100644 --- a/librz/analysis/arch/arm/arm_il32.c +++ b/librz/analysis/arch/arm/arm_il32.c @@ -257,6 +257,7 @@ static inline RzFloatFormat cvtdt2fmt(arm_vectordata_type type, bool choose_src) #define REG_VAL(id) read_reg(PC(insn->address, is_thumb), id) #define REG(n) REG_VAL(REGID(n)) #define MEMBASE(x) REG_VAL(insn->detail->arm.operands[x].mem.base) +#define MEMINDEX(x) REG_VAL(insn->detail->arm.operands[x].mem.index) #define DT_WIDTH(insn) arm_data_width(insn->detail->arm.vector_data) #define REG_WIDTH(n) reg_bits(REGID(n)) #define VVEC_SIZE(insn) insn->detail->arm.vector_size @@ -2994,25 +2995,20 @@ static RzILOpEffect *vtst(cs_insn *insn, bool is_thumb) { } static RzILOpEffect *vldn_multiple_elem(cs_insn *insn, bool is_thumb) { - ut32 rm_idx = OPCOUNT() - 1; - ut32 rn_idx; + ut32 mem_idx; ut32 regs = 0; bool wback = insn->detail->writeback; bool use_rm_as_wback_offset = false; ut32 group_sz = insn->id - ARM_INS_VLD1 + 1; // vldn {list}, [Rn], Rm - if (!ISMEM(rm_idx)) { - regs = OPCOUNT() - 2; + if (ISPOSTINDEX()) { use_rm_as_wback_offset = true; - } else { - // vldn {list}, [Rn] - rm_idx = -1; - regs = OPCOUNT() - 1; } + regs = OPCOUNT() - 1; // mem_idx - rn_idx = regs; + mem_idx = regs; // assert list_size % n == 0 // assert they were all Dn @@ -3020,11 +3016,11 @@ static RzILOpEffect *vldn_multiple_elem(cs_insn *insn, bool is_thumb) { ut32 elem_bits = VVEC_SIZE(insn); ut32 elem_bytes = elem_bits / 8; ut32 lanes = 64 / elem_bits; - ut32 addr_bits = REG_WIDTH(rn_idx); + ut32 addr_bits = REG_WIDTH(mem_idx); RzILOpEffect *wback_eff = NULL; RzILOpEffect *eff = EMPTY(); - RzILOpBitVector *addr = ARG(rn_idx); + RzILOpBitVector *addr = ISPOSTINDEX() ? MEMBASE(mem_idx) : ARG(mem_idx); for (int i = 0; i < n_groups; ++i) { for (int j = 0; j < lanes; ++j) { @@ -3083,8 +3079,8 @@ static RzILOpEffect *vldn_multiple_elem(cs_insn *insn, bool is_thumb) { // update Rn // if write_back then Rn = Rn + (if use_rm then Rm else 8 * regs) if (wback) { - RzILOpBitVector *new_offset = use_rm_as_wback_offset ? ARG(rm_idx) : UN(32, 8 * regs); - wback_eff = write_reg(REGID(rn_idx), ADD(REG(rn_idx), new_offset)); + RzILOpBitVector *new_offset = use_rm_as_wback_offset ? MEMINDEX(mem_idx) : UN(32, 8 * regs); + wback_eff = write_reg(REGBASE(mem_idx), ADD(MEMBASE(mem_idx), new_offset)); } else { wback_eff = EMPTY(); } @@ -3094,19 +3090,15 @@ static RzILOpEffect *vldn_multiple_elem(cs_insn *insn, bool is_thumb) { #if CS_API_MAJOR > 3 static RzILOpEffect *vldn_single_lane(cs_insn *insn, bool is_thumb) { - ut32 rm_idx = OPCOUNT() - 1; - ut32 rn_idx; - bool use_rm = false; + ut32 mem_idx; + bool use_rm_as_wback_offset = false; ut32 regs; // number of regs in {list} - if (!ISMEM(rm_idx)) { - use_rm = true; - regs = OPCOUNT() - 2; - } else { - rm_idx = -1; - regs = OPCOUNT() - 1; + if (ISPOSTINDEX()) { + use_rm_as_wback_offset = true; } - rn_idx = regs; + regs = OPCOUNT() - 1; + mem_idx = regs; ut32 group_sz = insn->id - ARM_INS_VLD1 + 1; if (group_sz != regs) { @@ -3115,11 +3107,11 @@ static RzILOpEffect *vldn_single_lane(cs_insn *insn, bool is_thumb) { RzILOpBitVector *data0, *data1, *data2, *data3; RzILOpEffect *eff; - RzILOpBitVector *addr = ARG(rn_idx); + RzILOpBitVector *addr = ISPOSTINDEX() ? MEMBASE(mem_idx) : ARG(mem_idx); ut32 vreg_idx = 0; ut32 elem_bits = VVEC_SIZE(insn); ut32 elem_bytes = elem_bits / 8; - ut32 addr_bits = REG_WIDTH(rn_idx); + ut32 addr_bits = REG_WIDTH(mem_idx); // vld1/vld2/vld3/vld4, max(lane_size) == 4 Bytes if (group_sz > 4 || elem_bytes > 4) { @@ -3170,8 +3162,8 @@ static RzILOpEffect *vldn_single_lane(cs_insn *insn, bool is_thumb) { bool wback = insn->detail->writeback; RzILOpEffect *wback_eff; if (wback) { - RzILOpBitVector *new_offset = use_rm ? ARG(rm_idx) : UN(32, elem_bytes * group_sz); - wback_eff = write_reg(REGID(rn_idx), ADD(REG(rn_idx), new_offset)); + RzILOpBitVector *new_offset = use_rm_as_wback_offset ? MEMINDEX(mem_idx) : UN(32, elem_bytes * group_sz); + wback_eff = write_reg(REGID(mem_idx), ADD(MEMBASE(mem_idx), new_offset)); } else { wback_eff = EMPTY(); } @@ -3181,19 +3173,15 @@ static RzILOpEffect *vldn_single_lane(cs_insn *insn, bool is_thumb) { #endif static RzILOpEffect *vldn_all_lane(cs_insn *insn, bool is_thumb) { - ut32 rm_idx = OPCOUNT() - 1; - ut32 rn_idx; - bool use_rm = false; + ut32 mem_idx; + bool use_rm_as_wback_offset = false; ut32 regs; // number of regs in {list} - if (!ISMEM(rm_idx)) { - use_rm = true; - regs = OPCOUNT() - 2; - } else { - rm_idx = -1; - regs = OPCOUNT() - 1; + if (ISPOSTINDEX()) { + use_rm_as_wback_offset = true; } - rn_idx = regs; + regs = OPCOUNT() - 1; + mem_idx = regs; ut32 group_sz = insn->id - ARM_INS_VLD1 + 1; if (group_sz != regs) { @@ -3202,10 +3190,10 @@ static RzILOpEffect *vldn_all_lane(cs_insn *insn, bool is_thumb) { RzILOpBitVector *data0 = NULL, *data1 = NULL, *data2 = NULL, *data3 = NULL; RzILOpEffect *eff = NULL; - RzILOpBitVector *addr = ARG(rn_idx); + RzILOpBitVector *addr = ISPOSTINDEX() ? MEMBASE(mem_idx) : ARG(mem_idx); ut32 elem_bits = VVEC_SIZE(insn); ut32 elem_bytes = elem_bits / 8; - ut32 addr_bits = REG_WIDTH(rn_idx); + ut32 addr_bits = REG_WIDTH(mem_idx); // vld1/vld2/vld3/vld4, max(lane_size) == 4 Bytes if (group_sz > 4 || elem_bytes > 4) { @@ -3259,8 +3247,8 @@ static RzILOpEffect *vldn_all_lane(cs_insn *insn, bool is_thumb) { bool wback = insn->detail->writeback; RzILOpEffect *wback_eff; if (wback) { - RzILOpBitVector *new_offset = use_rm ? ARG(rm_idx) : UN(32, elem_bytes * group_sz); - wback_eff = write_reg(REGID(rn_idx), ADD(REG(rn_idx), new_offset)); + RzILOpBitVector *new_offset = use_rm_as_wback_offset ? MEMINDEX(mem_idx) : UN(32, elem_bytes * group_sz); + wback_eff = write_reg(REGID(mem_idx), ADD(MEMBASE(mem_idx), new_offset)); } else { wback_eff = EMPTY(); } @@ -3288,25 +3276,20 @@ static RzILOpEffect *vldn(cs_insn *insn, bool is_thumb) { } static RzILOpEffect *vstn_multiple_elem(cs_insn *insn, bool is_thumb) { - ut32 rm_idx = OPCOUNT() - 1; - ut32 rn_idx; + ut32 mem_idx; ut32 regs = 0; bool wback = insn->detail->writeback; bool use_rm_as_wback_offset = false; ut32 group_sz = insn->id - ARM_INS_VST1 + 1; // vldn {list}, [Rn], Rm - if (!ISMEM(rm_idx)) { - regs = OPCOUNT() - 2; + if (ISPOSTINDEX()) { use_rm_as_wback_offset = true; - } else { - // vldn {list}, [Rn] - rm_idx = -1; - regs = OPCOUNT() - 1; } + regs = OPCOUNT() - 1; // mem_idx - rn_idx = regs; + mem_idx = regs; // assert list_size % n == 0 // assert they were all Dn @@ -3314,11 +3297,11 @@ static RzILOpEffect *vstn_multiple_elem(cs_insn *insn, bool is_thumb) { ut32 elem_bits = VVEC_SIZE(insn); ut32 elem_bytes = elem_bits / 8; ut32 lanes = 64 / elem_bits; - ut32 addr_bits = REG_WIDTH(rn_idx); + ut32 addr_bits = REG_WIDTH(mem_idx); RzILOpEffect *wback_eff = NULL; RzILOpEffect *eff = EMPTY(), *eff_ = NULL, *eff__ = NULL; - RzILOpBitVector *addr = ARG(rn_idx); + RzILOpBitVector *addr = ISPOSTINDEX() ? MEMBASE(mem_idx) : ARG(mem_idx); for (int i = 0; i < n_groups; ++i) { for (int j = 0; j < lanes; ++j) { @@ -3373,8 +3356,8 @@ static RzILOpEffect *vstn_multiple_elem(cs_insn *insn, bool is_thumb) { // update Rn // if write_back then Rn = Rn + (if use_rm then Rm else 8 * regs) if (wback) { - RzILOpBitVector *new_offset = use_rm_as_wback_offset ? ARG(rm_idx) : UN(32, 8 * regs); - wback_eff = write_reg(REGID(rn_idx), ADD(REG(rn_idx), new_offset)); + RzILOpBitVector *new_offset = use_rm_as_wback_offset ? MEMINDEX(mem_idx) : UN(32, 8 * regs); + wback_eff = write_reg(REGID(mem_idx), ADD(MEMBASE(mem_idx), new_offset)); } else { wback_eff = EMPTY(); } @@ -3384,19 +3367,15 @@ static RzILOpEffect *vstn_multiple_elem(cs_insn *insn, bool is_thumb) { #if CS_API_MAJOR > 3 static RzILOpEffect *vstn_from_single_lane(cs_insn *insn, bool is_thumb) { - ut32 rm_idx = OPCOUNT() - 1; - ut32 rn_idx; - bool use_rm = false; + ut32 mem_idx; + bool use_rm_as_wback_offset = false; ut32 regs; // number of regs in {list} - if (!ISMEM(rm_idx)) { - use_rm = true; - regs = OPCOUNT() - 2; - } else { - rm_idx = -1; - regs = OPCOUNT() - 1; + if (ISPOSTINDEX()) { + use_rm_as_wback_offset = true; } - rn_idx = regs; + regs = OPCOUNT() - 1; + mem_idx = regs; ut32 group_sz = insn->id - ARM_INS_VST1 + 1; if (group_sz != regs) { @@ -3405,11 +3384,11 @@ static RzILOpEffect *vstn_from_single_lane(cs_insn *insn, bool is_thumb) { RzILOpBitVector *data0, *data1, *data2, *data3; RzILOpEffect *eff, *eff_, *eff__; - RzILOpBitVector *addr = ARG(rn_idx); + RzILOpBitVector *addr = ISPOSTINDEX() ? MEMBASE(mem_idx) : ARG(mem_idx); ut32 vreg_idx = 0; ut32 elem_bits = VVEC_SIZE(insn); ut32 elem_bytes = elem_bits / 8; - ut32 addr_bits = REG_WIDTH(rn_idx); + ut32 addr_bits = REG_WIDTH(mem_idx); if (group_sz > 4 || elem_bytes > 4) { return NULL; @@ -3459,8 +3438,8 @@ static RzILOpEffect *vstn_from_single_lane(cs_insn *insn, bool is_thumb) { bool wback = insn->detail->writeback; RzILOpEffect *wback_eff; if (wback) { - RzILOpBitVector *new_offset = use_rm ? ARG(rm_idx) : UN(32, elem_bytes * group_sz); - wback_eff = write_reg(REGID(rn_idx), ADD(REG(rn_idx), new_offset)); + RzILOpBitVector *new_offset = use_rm_as_wback_offset ? MEMINDEX(mem_idx) : UN(32, elem_bytes * group_sz); + wback_eff = write_reg(REGID(mem_idx), ADD(MEMBASE(mem_idx), new_offset)); } else { wback_eff = EMPTY(); } From 81e7baad63091692394035022a14be8a96e8de04 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 7 Sep 2023 13:41:06 -0500 Subject: [PATCH 053/106] Fix incorrect tests with missing writeback due to missing post-index flag --- test/db/asm/arm_32 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/db/asm/arm_32 b/test/db/asm/arm_32 index b3e554fbed0..3aec5cc31a9 100644 --- a/test/db/asm/arm_32 +++ b/test/db/asm/arm_32 @@ -769,7 +769,7 @@ d "vzip.16 d2, d3" 8321b6f3 0x0 (seq (set d2 (cast 64 false (| (| (| (| (bv 128 d "vuzp.8 d0, d1" 0101b2f3 0x0 (seq (set d0 (| (| (| (| (bv 64 0x0) (| (<< (cast 64 false (cast 8 false (>> (var d0) (bv 8 0x0) false))) (bv 8 0x0) false) (<< (<< (cast 64 false (cast 8 false (>> (var d1) (bv 8 0x0) false))) (bv 8 0x0) false) (bv 8 0x20) false))) (| (<< (cast 64 false (cast 8 false (>> (var d0) (bv 8 0x10) false))) (bv 8 0x8) false) (<< (<< (cast 64 false (cast 8 false (>> (var d1) (bv 8 0x10) false))) (bv 8 0x8) false) (bv 8 0x20) false))) (| (<< (cast 64 false (cast 8 false (>> (var d0) (bv 8 0x20) false))) (bv 8 0x10) false) (<< (<< (cast 64 false (cast 8 false (>> (var d1) (bv 8 0x20) false))) (bv 8 0x10) false) (bv 8 0x20) false))) (| (<< (cast 64 false (cast 8 false (>> (var d0) (bv 8 0x30) false))) (bv 8 0x18) false) (<< (<< (cast 64 false (cast 8 false (>> (var d1) (bv 8 0x30) false))) (bv 8 0x18) false) (bv 8 0x20) false)))) (set d1 (| (| (| (| (bv 64 0x0) (| (<< (cast 64 false (cast 8 false (>> (var d0) (bv 8 0x8) false))) (bv 8 0x0) false) (<< (<< (cast 64 false (cast 8 false (>> (var d1) (bv 8 0x8) false))) (bv 8 0x0) false) (bv 8 0x20) false))) (| (<< (cast 64 false (cast 8 false (>> (var d0) (bv 8 0x18) false))) (bv 8 0x8) false) (<< (<< (cast 64 false (cast 8 false (>> (var d1) (bv 8 0x18) false))) (bv 8 0x8) false) (bv 8 0x20) false))) (| (<< (cast 64 false (cast 8 false (>> (var d0) (bv 8 0x28) false))) (bv 8 0x10) false) (<< (<< (cast 64 false (cast 8 false (>> (var d1) (bv 8 0x28) false))) (bv 8 0x10) false) (bv 8 0x20) false))) (| (<< (cast 64 false (cast 8 false (>> (var d0) (bv 8 0x38) false))) (bv 8 0x18) false) (<< (<< (cast 64 false (cast 8 false (>> (var d1) (bv 8 0x38) false))) (bv 8 0x18) false) (bv 8 0x20) false))))) d "vuzp.8 q0, q1" 4201b2f3 0x0 (seq (set d0 (cast 64 false (| (| (| (| (| (| (| (| (bv 128 0x0) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x0) false))) (bv 8 0x0) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x0) false))) (bv 8 0x0) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x10) false))) (bv 8 0x8) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x10) false))) (bv 8 0x8) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x20) false))) (bv 8 0x10) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x20) false))) (bv 8 0x10) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x30) false))) (bv 8 0x18) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x30) false))) (bv 8 0x18) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x40) false))) (bv 8 0x20) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x40) false))) (bv 8 0x20) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x50) false))) (bv 8 0x28) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x50) false))) (bv 8 0x28) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x60) false))) (bv 8 0x30) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x60) false))) (bv 8 0x30) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x70) false))) (bv 8 0x38) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x70) false))) (bv 8 0x38) false) (bv 8 0x40) false))))) (set d1 (cast 64 false (>> (| (| (| (| (| (| (| (| (bv 128 0x0) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x0) false))) (bv 8 0x0) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x0) false))) (bv 8 0x0) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x10) false))) (bv 8 0x8) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x10) false))) (bv 8 0x8) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x20) false))) (bv 8 0x10) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x20) false))) (bv 8 0x10) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x30) false))) (bv 8 0x18) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x30) false))) (bv 8 0x18) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x40) false))) (bv 8 0x20) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x40) false))) (bv 8 0x20) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x50) false))) (bv 8 0x28) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x50) false))) (bv 8 0x28) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x60) false))) (bv 8 0x30) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x60) false))) (bv 8 0x30) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x70) false))) (bv 8 0x38) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x70) false))) (bv 8 0x38) false) (bv 8 0x40) false))) (bv 8 0x40) false))) (set d2 (cast 64 false (| (| (| (| (| (| (| (| (bv 128 0x0) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x8) false))) (bv 8 0x0) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x8) false))) (bv 8 0x0) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x18) false))) (bv 8 0x8) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x18) false))) (bv 8 0x8) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x28) false))) (bv 8 0x10) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x28) false))) (bv 8 0x10) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x38) false))) (bv 8 0x18) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x38) false))) (bv 8 0x18) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x48) false))) (bv 8 0x20) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x48) false))) (bv 8 0x20) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x58) false))) (bv 8 0x28) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x58) false))) (bv 8 0x28) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x68) false))) (bv 8 0x30) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x68) false))) (bv 8 0x30) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x78) false))) (bv 8 0x38) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x78) false))) (bv 8 0x38) false) (bv 8 0x40) false))))) (set d3 (cast 64 false (>> (| (| (| (| (| (| (| (| (bv 128 0x0) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x8) false))) (bv 8 0x0) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x8) false))) (bv 8 0x0) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x18) false))) (bv 8 0x8) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x18) false))) (bv 8 0x8) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x28) false))) (bv 8 0x10) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x28) false))) (bv 8 0x10) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x38) false))) (bv 8 0x18) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x38) false))) (bv 8 0x18) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x48) false))) (bv 8 0x20) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x48) false))) (bv 8 0x20) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x58) false))) (bv 8 0x28) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x58) false))) (bv 8 0x28) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x68) false))) (bv 8 0x30) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x68) false))) (bv 8 0x30) false) (bv 8 0x40) false))) (| (<< (cast 128 false (cast 8 false (>> (append (var d1) (var d0)) (bv 8 0x78) false))) (bv 8 0x38) false) (<< (<< (cast 128 false (cast 8 false (>> (append (var d3) (var d2)) (bv 8 0x78) false))) (bv 8 0x38) false) (bv 8 0x40) false))) (bv 8 0x40) false)))) d "vuzp.16 d2, d4" 0421b6f3 0x0 (seq (set d2 (| (| (bv 64 0x0) (| (<< (cast 64 false (cast 16 false (>> (var d2) (bv 8 0x0) false))) (bv 8 0x0) false) (<< (<< (cast 64 false (cast 16 false (>> (var d4) (bv 8 0x0) false))) (bv 8 0x0) false) (bv 8 0x20) false))) (| (<< (cast 64 false (cast 16 false (>> (var d2) (bv 8 0x20) false))) (bv 8 0x10) false) (<< (<< (cast 64 false (cast 16 false (>> (var d4) (bv 8 0x20) false))) (bv 8 0x10) false) (bv 8 0x20) false)))) (set d4 (| (| (bv 64 0x0) (| (<< (cast 64 false (cast 16 false (>> (var d2) (bv 8 0x10) false))) (bv 8 0x0) false) (<< (<< (cast 64 false (cast 16 false (>> (var d4) (bv 8 0x10) false))) (bv 8 0x0) false) (bv 8 0x20) false))) (| (<< (cast 64 false (cast 16 false (>> (var d2) (bv 8 0x30) false))) (bv 8 0x10) false) (<< (<< (cast 64 false (cast 16 false (>> (var d4) (bv 8 0x30) false))) (bv 8 0x10) false) (bv 8 0x20) false))))) -d "vld1.8 {d0}, [r1], r0" 000721f4 0x0 (seq empty (set d0 (<< (cast 64 false (loadw 0 8 (var r1))) (bv 8 0x0) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (var r1) (bv 32 0x1)))) (bv 8 0x8) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x10) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x18) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x20) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x28) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x30) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x38) false)) empty) +d "vld1.8 {d0}, [r1], r0" 000721f4 0x0 (seq empty (set d0 (<< (cast 64 false (loadw 0 8 (var r1))) (bv 8 0x0) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (var r1) (bv 32 0x1)))) (bv 8 0x8) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x10) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x18) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x20) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x28) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x30) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x38) false)) (set r1 (+ (var r1) (var r0)))) d "vld1.16 {d1}, [r7]!" 4d1727f4 0x0 (seq empty (set d1 (<< (cast 64 false (loadw 0 16 (var r7))) (bv 8 0x0) false)) (set d1 (<< (cast 64 false (loadw 0 16 (+ (var r7) (bv 32 0x2)))) (bv 8 0x10) false)) (set d1 (<< (cast 64 false (loadw 0 16 (+ (+ (var r7) (bv 32 0x2)) (bv 32 0x2)))) (bv 8 0x20) false)) (set d1 (<< (cast 64 false (loadw 0 16 (+ (+ (+ (var r7) (bv 32 0x2)) (bv 32 0x2)) (bv 32 0x2)))) (bv 8 0x30) false)) (set r7 (+ (var r7) (bv 32 0x8)))) d "vld1.16 {d1}, [r7]" 4f1727f4 0x0 (seq empty (set d1 (<< (cast 64 false (loadw 0 16 (var r7))) (bv 8 0x0) false)) (set d1 (<< (cast 64 false (loadw 0 16 (+ (var r7) (bv 32 0x2)))) (bv 8 0x10) false)) (set d1 (<< (cast 64 false (loadw 0 16 (+ (+ (var r7) (bv 32 0x2)) (bv 32 0x2)))) (bv 8 0x20) false)) (set d1 (<< (cast 64 false (loadw 0 16 (+ (+ (+ (var r7) (bv 32 0x2)) (bv 32 0x2)) (bv 32 0x2)))) (bv 8 0x30) false)) empty) d "vld1.32 {d1}, [r7]" 8f1727f4 0x0 (seq empty (set d1 (<< (cast 64 false (loadw 0 32 (var r7))) (bv 8 0x0) false)) (set d1 (<< (cast 64 false (loadw 0 32 (+ (var r7) (bv 32 0x4)))) (bv 8 0x20) false)) empty) @@ -786,7 +786,7 @@ d "vld1.8 {d0, d1, d2}, [r0]" 0f0620f4 0x0 (seq empty (set d0 (<< (cast 64 false d "vld2.8 {d0, d2}, [r0]" 0f0920f4 0x0 (seq empty (set d0 (<< (cast 64 false (loadw 0 8 (var r0))) (bv 8 0x0) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (var r0) (bv 32 0x1)))) (bv 8 0x0) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x8) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x8) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x10) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x10) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x18) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x18) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x20) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x20) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x28) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x28) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x30) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x30) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x38) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x38) false)) empty) d "vld3.8 {d0, d1, d2}, [r0]" 0f0420f4 0x0 (seq empty (set d0 (<< (cast 64 false (loadw 0 8 (var r0))) (bv 8 0x0) false)) (set d1 (<< (cast 64 false (loadw 0 8 (+ (var r0) (bv 32 0x1)))) (bv 8 0x0) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x0) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x8) false)) (set d1 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x8) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x8) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x10) false)) (set d1 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x10) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x10) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x18) false)) (set d1 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x18) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x18) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x20) false)) (set d1 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x20) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x20) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x28) false)) (set d1 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x28) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x28) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x30) false)) (set d1 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x30) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x30) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x38) false)) (set d1 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x38) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x38) false)) empty) d "vld4.8 {d0, d1, d2, d3}, [r0]" 0f0020f4 0x0 (seq empty (set d0 (<< (cast 64 false (loadw 0 8 (var r0))) (bv 8 0x0) false)) (set d1 (<< (cast 64 false (loadw 0 8 (+ (var r0) (bv 32 0x1)))) (bv 8 0x0) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x0) false)) (set d3 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x0) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x8) false)) (set d1 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x8) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x8) false)) (set d3 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x8) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x10) false)) (set d1 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x10) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x10) false)) (set d3 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x10) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x18) false)) (set d1 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x18) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x18) false)) (set d3 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x18) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x20) false)) (set d1 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x20) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x20) false)) (set d3 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x20) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x28) false)) (set d1 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x28) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x28) false)) (set d3 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x28) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x30) false)) (set d1 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x30) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x30) false)) (set d3 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x30) false)) (set d0 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x38) false)) (set d1 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x38) false)) (set d2 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x38) false)) (set d3 (<< (cast 64 false (loadw 0 8 (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (+ (var r0) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)))) (bv 8 0x38) false)) empty) -d "vst1.8 {d0}, [r1], r0" 000701f4 0x0 (seq empty (storew 0 (var r1) (cast 8 false (>> (var d0) (bv 8 0x0) false))) (storew 0 (+ (var r1) (bv 32 0x1)) (cast 8 false (>> (var d0) (bv 8 0x8) false))) (storew 0 (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (cast 8 false (>> (var d0) (bv 8 0x10) false))) (storew 0 (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (cast 8 false (>> (var d0) (bv 8 0x18) false))) (storew 0 (+ (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (cast 8 false (>> (var d0) (bv 8 0x20) false))) (storew 0 (+ (+ (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (cast 8 false (>> (var d0) (bv 8 0x28) false))) (storew 0 (+ (+ (+ (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (cast 8 false (>> (var d0) (bv 8 0x30) false))) (storew 0 (+ (+ (+ (+ (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (cast 8 false (>> (var d0) (bv 8 0x38) false))) empty) +d "vst1.8 {d0}, [r1], r0" 000701f4 0x0 (seq empty (storew 0 (var r1) (cast 8 false (>> (var d0) (bv 8 0x0) false))) (storew 0 (+ (var r1) (bv 32 0x1)) (cast 8 false (>> (var d0) (bv 8 0x8) false))) (storew 0 (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (cast 8 false (>> (var d0) (bv 8 0x10) false))) (storew 0 (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (cast 8 false (>> (var d0) (bv 8 0x18) false))) (storew 0 (+ (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (cast 8 false (>> (var d0) (bv 8 0x20) false))) (storew 0 (+ (+ (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (cast 8 false (>> (var d0) (bv 8 0x28) false))) (storew 0 (+ (+ (+ (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (cast 8 false (>> (var d0) (bv 8 0x30) false))) (storew 0 (+ (+ (+ (+ (+ (+ (+ (var r1) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (bv 32 0x1)) (cast 8 false (>> (var d0) (bv 8 0x38) false))) (set r1 (+ (var r1) (var r0)))) d "vst1.16 {d1}, [r7]!" 4d1707f4 0x0 (seq empty (storew 0 (var r7) (cast 16 false (>> (var d1) (bv 8 0x0) false))) (storew 0 (+ (var r7) (bv 32 0x2)) (cast 16 false (>> (var d1) (bv 8 0x10) false))) (storew 0 (+ (+ (var r7) (bv 32 0x2)) (bv 32 0x2)) (cast 16 false (>> (var d1) (bv 8 0x20) false))) (storew 0 (+ (+ (+ (var r7) (bv 32 0x2)) (bv 32 0x2)) (bv 32 0x2)) (cast 16 false (>> (var d1) (bv 8 0x30) false))) (set r7 (+ (var r7) (bv 32 0x8)))) d "vst1.16 {d1}, [r7]" 4f1707f4 0x0 (seq empty (storew 0 (var r7) (cast 16 false (>> (var d1) (bv 8 0x0) false))) (storew 0 (+ (var r7) (bv 32 0x2)) (cast 16 false (>> (var d1) (bv 8 0x10) false))) (storew 0 (+ (+ (var r7) (bv 32 0x2)) (bv 32 0x2)) (cast 16 false (>> (var d1) (bv 8 0x20) false))) (storew 0 (+ (+ (+ (var r7) (bv 32 0x2)) (bv 32 0x2)) (bv 32 0x2)) (cast 16 false (>> (var d1) (bv 8 0x30) false))) empty) d "vst1.32 {d1}, [r7]" 8f1707f4 0x0 (seq empty (storew 0 (var r7) (cast 32 false (>> (var d1) (bv 8 0x0) false))) (storew 0 (+ (var r7) (bv 32 0x4)) (cast 32 false (>> (var d1) (bv 8 0x20) false))) empty) From c85eb8c4b61a99d9c71f469520e5e62da382198b Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sat, 8 Jul 2023 11:30:02 -0500 Subject: [PATCH 054/106] [REVERT ME] Add auto-sync-ppc dev branch to build options. --- meson_options.txt | 2 +- subprojects/capstone-auto-sync-ppc.wrap | 6 ++ .../capstone-auto-sync-ppc/meson.build | 98 +++++++++++++++++++ 3 files changed, 105 insertions(+), 1 deletion(-) create mode 100644 subprojects/capstone-auto-sync-ppc.wrap create mode 100644 subprojects/packagefiles/capstone-auto-sync-ppc/meson.build diff --git a/meson_options.txt b/meson_options.txt index 3f463091bc0..44c4a83fbd7 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -20,7 +20,7 @@ option('rizin_bindings', type: 'string', value: '', description: 'Path where riz option('checks_level', type: 'integer', value: 9999, description: 'Value between 0 and 3 to enable different level of assert (see RZ_CHECKS_LEVEL). By default its value depends on buildtype (2 on debug, 1 on release).') option('use_sys_capstone', type: 'feature', value: 'disabled') -option('use_capstone_version', type: 'combo', choices: ['v3', 'v4', 'v5', 'next'], value: 'next', description: 'Specify which version of capstone to use') +option('use_capstone_version', type: 'combo', choices: ['v3', 'v4', 'v5', 'next', 'auto-sync-ppc'], value: 'auto-sync-ppc', description: 'Specify which version of capstone to use') option('use_sys_magic', type: 'feature', value: 'disabled') option('use_sys_libzip', type: 'feature', value: 'disabled') option('use_sys_libzip_openssl', type: 'boolean', value: false, description: 'Whether to use or not system openssl dependency to build libzip') diff --git a/subprojects/capstone-auto-sync-ppc.wrap b/subprojects/capstone-auto-sync-ppc.wrap new file mode 100644 index 00000000000..92d65b9aa67 --- /dev/null +++ b/subprojects/capstone-auto-sync-ppc.wrap @@ -0,0 +1,6 @@ +[wrap-git] +url = https://github.com/Rot127/capstone.git +revision = auto-sync-ppc +directory = capstone-auto-sync-ppc +depth = 1 +patch_directory = capstone-auto-sync-ppc diff --git a/subprojects/packagefiles/capstone-auto-sync-ppc/meson.build b/subprojects/packagefiles/capstone-auto-sync-ppc/meson.build new file mode 100644 index 00000000000..708fcfdc470 --- /dev/null +++ b/subprojects/packagefiles/capstone-auto-sync-ppc/meson.build @@ -0,0 +1,98 @@ +project('capstone', 'c', version: '5.0', meson_version: '>=0.55.0') + +cs_files = [ + 'arch/AArch64/AArch64BaseInfo.c', + 'arch/AArch64/AArch64Disassembler.c', + 'arch/AArch64/AArch64InstPrinter.c', + 'arch/AArch64/AArch64Mapping.c', + 'arch/AArch64/AArch64Module.c', + 'arch/ARM/ARMBaseInfo.c', + 'arch/ARM/ARMDisassemblerExtension.c', + 'arch/ARM/ARMDisassembler.c', + 'arch/ARM/ARMInstPrinter.c', + 'arch/ARM/ARMMapping.c', + 'arch/ARM/ARMModule.c', + 'arch/M680X/M680XDisassembler.c', + 'arch/M680X/M680XInstPrinter.c', + 'arch/M680X/M680XModule.c', + 'arch/M68K/M68KDisassembler.c', + 'arch/M68K/M68KInstPrinter.c', + 'arch/M68K/M68KModule.c', + 'arch/Mips/MipsDisassembler.c', + 'arch/Mips/MipsInstPrinter.c', + 'arch/Mips/MipsMapping.c', + 'arch/Mips/MipsModule.c', + 'arch/PowerPC/PPCDisassembler.c', + 'arch/PowerPC/PPCInstPrinter.c', + 'arch/PowerPC/PPCMapping.c', + 'arch/PowerPC/PPCModule.c', + 'arch/Sparc/SparcDisassembler.c', + 'arch/Sparc/SparcInstPrinter.c', + 'arch/Sparc/SparcMapping.c', + 'arch/Sparc/SparcModule.c', + 'arch/SystemZ/SystemZDisassembler.c', + 'arch/SystemZ/SystemZInstPrinter.c', + 'arch/SystemZ/SystemZMapping.c', + 'arch/SystemZ/SystemZMCTargetDesc.c', + 'arch/SystemZ/SystemZModule.c', + 'arch/TMS320C64x/TMS320C64xDisassembler.c', + 'arch/TMS320C64x/TMS320C64xInstPrinter.c', + 'arch/TMS320C64x/TMS320C64xMapping.c', + 'arch/TMS320C64x/TMS320C64xModule.c', + 'arch/X86/X86ATTInstPrinter.c', + 'arch/X86/X86Disassembler.c', + 'arch/X86/X86DisassemblerDecoder.c', + 'arch/X86/X86IntelInstPrinter.c', + 'arch/X86/X86Mapping.c', + 'arch/X86/X86Module.c', + 'arch/X86/X86InstPrinterCommon.c', + 'arch/XCore/XCoreDisassembler.c', + 'arch/XCore/XCoreInstPrinter.c', + 'arch/XCore/XCoreMapping.c', + 'arch/XCore/XCoreModule.c', + 'arch/TriCore/TriCoreDisassembler.c', + 'arch/TriCore/TriCoreInstPrinter.c', + 'arch/TriCore/TriCoreMapping.c', + 'arch/TriCore/TriCoreModule.c', + 'cs.c', + 'Mapping.c', + 'MCInst.c', + 'MCInstrDesc.c', + 'MCInstPrinter.c', + 'MCRegisterInfo.c', + 'SStream.c', + 'Mapping.c', + 'utils.c', +] + +capstone_includes = [include_directories('include'), include_directories('include/capstone')] + +libcapstone_c_args = [ + '-DCAPSTONE_X86_ATT_DISABLE_NO', + '-DCAPSTONE_X86_REDUCE_NO', + '-DCAPSTONE_USE_SYS_DYN_MEM', + '-DCAPSTONE_DIET_NO', + '-DCAPSTONE_HAS_ARM', + '-DCAPSTONE_HAS_ARM64', + '-DCAPSTONE_HAS_M68K', + '-DCAPSTONE_HAS_M680X', + '-DCAPSTONE_HAS_MIPS', + '-DCAPSTONE_HAS_POWERPC', + '-DCAPSTONE_HAS_SPARC', + '-DCAPSTONE_HAS_SYSZ', + '-DCAPSTONE_HAS_X86', + '-DCAPSTONE_HAS_XCORE', + '-DCAPSTONE_HAS_TMS320C64X', + '-DCAPSTONE_HAS_TRICORE', +] + +libcapstone = library('capstone', cs_files, + c_args: libcapstone_c_args, + include_directories: capstone_includes, + implicit_include_directories: false +) + +capstone_dep = declare_dependency( + link_with: libcapstone, + include_directories: capstone_includes +) From 30f1ca1c5b2388945eddef1c99c4e40f0b84da4d Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 20 Jul 2023 12:34:03 -0500 Subject: [PATCH 055/106] Exclude multiple instruction alias which are no longer a valid id --- librz/analysis/arch/ppc/ppc_il.c | 80 ++++++++++++++++----------- librz/analysis/arch/ppc/ppc_il_ops.c | 82 ++++++++++++++++++++++------ librz/analysis/p/analysis_ppc_cs.c | 12 +++- 3 files changed, 120 insertions(+), 54 deletions(-) diff --git a/librz/analysis/arch/ppc/ppc_il.c b/librz/analysis/arch/ppc/ppc_il.c index faf73a567db..833fd66c549 100644 --- a/librz/analysis/arch/ppc/ppc_il.c +++ b/librz/analysis/arch/ppc/ppc_il.c @@ -240,7 +240,7 @@ RZ_IPI bool ppc_sets_lr(ut32 insn_id) { switch (insn_id) { default: return false; -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 case PPC_INS_BEQCTRL: case PPC_INS_BFCTRL: case PPC_INS_BGECTRL: @@ -258,11 +258,8 @@ RZ_IPI bool ppc_sets_lr(ut32 insn_id) { case PPC_INS_BGEL: case PPC_INS_BGELRL: case PPC_INS_BGELA: -#endif - case PPC_INS_BCCTRL: - case PPC_INS_BCL: - case PPC_INS_BCLRL: - case PPC_INS_BCTRL: + case PPC_INS_BDNZTL: + case PPC_INS_BDNZTLA: case PPC_INS_BDNZL: case PPC_INS_BDNZLA: case PPC_INS_BDNZLRL: @@ -281,6 +278,15 @@ RZ_IPI bool ppc_sets_lr(ut32 insn_id) { case PPC_INS_BDZTLA: case PPC_INS_BDZFL: case PPC_INS_BDZFLA: +#endif + case PPC_INS_BCCTRL: + case PPC_INS_BCL: + case PPC_INS_BCLRL: + case PPC_INS_BCTRL: + case PPC_INS_BL: + case PPC_INS_BLA: + case PPC_INS_BLRL: + case PPC_INS_BCLA: return true; } } @@ -295,7 +301,7 @@ RZ_IPI bool ppc_is_conditional(ut32 insn_id) { switch (insn_id) { default: return false; -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 case PPC_INS_BEQ: case PPC_INS_BEQA: case PPC_INS_BF: @@ -330,6 +336,22 @@ RZ_IPI bool ppc_is_conditional(ut32 insn_id) { case PPC_INS_BGELRL: case PPC_INS_BGECTR: case PPC_INS_BGECTRL: + case PPC_INS_BDNZT: + case PPC_INS_BDNZTL: + case PPC_INS_BDNZTA: + case PPC_INS_BDNZTLA: + case PPC_INS_BDNZF: + case PPC_INS_BDNZFL: + case PPC_INS_BDNZFA: + case PPC_INS_BDNZFLA: + case PPC_INS_BDZT: + case PPC_INS_BDZTA: + case PPC_INS_BDZTL: + case PPC_INS_BDZTLA: + case PPC_INS_BDZF: + case PPC_INS_BDZFA: + case PPC_INS_BDZFL: + case PPC_INS_BDZFLA: #endif case PPC_INS_BC: case PPC_INS_BCCTR: @@ -341,32 +363,13 @@ RZ_IPI bool ppc_is_conditional(ut32 insn_id) { case PPC_INS_BCLA: case PPC_INS_BDNZ: case PPC_INS_BDNZA: - case PPC_INS_BDNZL: - case PPC_INS_BDNZLA: case PPC_INS_BDNZLR: case PPC_INS_BDNZLRL: case PPC_INS_BDZ: case PPC_INS_BDZA: - case PPC_INS_BDZL: case PPC_INS_BDZLA: case PPC_INS_BDZLR: case PPC_INS_BDZLRL: - case PPC_INS_BDNZT: - case PPC_INS_BDNZTL: - case PPC_INS_BDNZTA: - case PPC_INS_BDNZTLA: - case PPC_INS_BDNZF: - case PPC_INS_BDNZFL: - case PPC_INS_BDNZFA: - case PPC_INS_BDNZFLA: - case PPC_INS_BDZT: - case PPC_INS_BDZTA: - case PPC_INS_BDZTL: - case PPC_INS_BDZTLA: - case PPC_INS_BDZF: - case PPC_INS_BDZFA: - case PPC_INS_BDZFL: - case PPC_INS_BDZFLA: return true; } } @@ -378,6 +381,10 @@ RZ_IPI bool ppc_is_conditional(ut32 insn_id) { * \return bool True if the instructions moves a value to a SPR. False otherwise. */ RZ_IPI bool ppc_moves_to_spr(ut32 insn_id) { +#if CS_API_MAJOR >= 6 + return (insn_id > PPC_MTSPR_ALIAS_FIRST && insn_id < PPC_INS_ENDING) || insn_id == PPC_INS_MTSPR; +#else + switch (insn_id) { default: return false; @@ -395,7 +402,9 @@ RZ_IPI bool ppc_moves_to_spr(ut32 insn_id) { case PPC_INS_MTSR: case PPC_INS_MTSRIN: case PPC_INS_MTVSCR: +#if CS_API_MAJOR < 6 case PPC_INS_MTCR: +#endif case PPC_INS_MTBR0: case PPC_INS_MTBR1: case PPC_INS_MTBR2: @@ -417,10 +426,12 @@ RZ_IPI bool ppc_moves_to_spr(ut32 insn_id) { case PPC_INS_MTTBU: case PPC_INS_MTTBLO: case PPC_INS_MTTBHI: +#if CS_API_MAJOR < 6 case PPC_INS_MTDBATU: case PPC_INS_MTDBATL: case PPC_INS_MTIBATU: case PPC_INS_MTIBATL: +#endif case PPC_INS_MTDCCR: case PPC_INS_MTICCR: case PPC_INS_MTDEAR: @@ -430,6 +441,7 @@ RZ_IPI bool ppc_moves_to_spr(ut32 insn_id) { case PPC_INS_MFSRIN: return true; } +#endif } /** @@ -446,7 +458,7 @@ RZ_IPI bool ppc_decrements_ctr(RZ_BORROW cs_insn *insn, const cs_mode mode) { switch (id) { default: return false; -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 case PPC_INS_BGEL: case PPC_INS_BGELA: #endif @@ -469,6 +481,7 @@ RZ_IPI bool ppc_decrements_ctr(RZ_BORROW cs_insn *insn, const cs_mode mode) { case PPC_INS_BDZLR: case PPC_INS_BDZLRL: return !(0x4 & PPC_READ_BO_FIELD); // not BO_2 +#if CS_API_MAJOR < 6 case PPC_INS_BDNZT: case PPC_INS_BDNZTL: case PPC_INS_BDNZTA: @@ -486,6 +499,7 @@ RZ_IPI bool ppc_decrements_ctr(RZ_BORROW cs_insn *insn, const cs_mode mode) { case PPC_INS_BDZFL: case PPC_INS_BDZFLA: return true; +#endif } } @@ -663,7 +677,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins return IL_FALSE; // For learning how the conditions of BCxxx branch instructions are // formed see the Power ISA -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 case PPC_INS_BEQ: case PPC_INS_BEQA: case PPC_INS_BF: @@ -724,7 +738,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins return LET("bo", UN(5, bo), AND(cond_ok, ctr_ok)); case PPC_INS_BCCTR: case PPC_INS_BCCTRL: -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 case PPC_INS_BEQCTR: case PPC_INS_BEQCTRL: case PPC_INS_BFCTR: @@ -868,7 +882,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_ta(RZ_BORROW cs_insn *insn, const cs_mo case PPC_INS_BDZFLA: // EXTS(LI || 0b00) // Branch to relative address -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 case PPC_INS_BEQ: case PPC_INS_BEQA: case PPC_INS_BF: @@ -919,7 +933,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_ta(RZ_BORROW cs_insn *insn, const cs_mo case PPC_INS_BDNZA: case PPC_INS_BDNZLA: // EXTS(BD || 0b00) -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 case PPC_INS_BGEL: case PPC_INS_BGELA: #endif @@ -937,7 +951,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_ta(RZ_BORROW cs_insn *insn, const cs_mo return UA(INSOP(0).imm); } // Branch to LR -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 case PPC_INS_BEQLR: case PPC_INS_BEQLRL: case PPC_INS_BLELR: @@ -958,7 +972,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_ta(RZ_BORROW cs_insn *insn, const cs_mo // LR_0:61 || 0b00 return LOGAND(UA(-4), VARG("lr")); // Branch to CTR -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 case PPC_INS_BEQCTR: case PPC_INS_BEQCTRL: case PPC_INS_BFCTR: diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index 3bcfb74b6d7..294053ae916 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -436,7 +436,7 @@ static RzILOpEffect *compare_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, c bool signed_cmp = false; -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 // weird bug on cmp/cmpl in capstone v5 if (id == PPC_INS_CMP) { if (!strcmp(insn->mnemonic, "cmpw")) { @@ -531,7 +531,7 @@ static RzILOpEffect *compare_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, c return ret; } -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 // bug on xori in capstone v5 static bool is_xnop(cs_insn *insn) { return insn->id == PPC_INS_XNOP && @@ -543,7 +543,7 @@ static bool is_xnop(cs_insn *insn) { static RzILOpEffect *bitwise_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, const cs_mode mode) { rz_return_val_if_fail(handle && insn, EMPTY()); -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 if (is_xnop(insn)) { return NOP(); } @@ -582,7 +582,6 @@ static RzILOpEffect *bitwise_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, c } res = LOGAND(op0, op1); break; - case PPC_INS_MR: case PPC_INS_OR: case PPC_INS_ORC: case PPC_INS_ORI: @@ -590,14 +589,12 @@ static RzILOpEffect *bitwise_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, c op0 = VARG(rS); if (id == PPC_INS_OR || id == PPC_INS_ORC) { op1 = (id == PPC_INS_OR) ? VARG(rB) : LOGNOT(VARG(rB)); - } else if (id == PPC_INS_MR) { - op1 = DUP(op0); // Extended Mnemonic for `or RA, RS, RS` } else { op1 = (id == PPC_INS_ORI) ? EXTZ(U16(uI)) : EXTZ(APPEND(U16(uI), U16(0))); } res = LOGOR(op0, op1); break; -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 // bug on xori in capstone v5 case PPC_INS_XNOP: op0 = VARG(rS); @@ -848,7 +845,6 @@ static RzILOpEffect *move_from_to_spr_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MTMSR: case PPC_INS_MTMSRD: NOT_IMPLEMENTED; - case PPC_INS_MTCR: case PPC_INS_MTCRF: { ut32 mask = 0xffffffff; if (id == PPC_INS_MTCRF) { @@ -972,10 +968,29 @@ static RzILOpEffect *move_from_to_spr_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MFPID: case PPC_INS_MFTBLO: case PPC_INS_MFTBHI: +#if CS_API_MAJOR == 6 + case PPC_INS_MFDBATU0: + case PPC_INS_MFDBATL0: + case PPC_INS_MFDBATU1: + case PPC_INS_MFDBATL1: + case PPC_INS_MFDBATU2: + case PPC_INS_MFDBATL2: + case PPC_INS_MFDBATU3: + case PPC_INS_MFDBATL3: + case PPC_INS_MFIBATU0: + case PPC_INS_MFIBATL0: + case PPC_INS_MFIBATU1: + case PPC_INS_MFIBATL1: + case PPC_INS_MFIBATU2: + case PPC_INS_MFIBATL2: + case PPC_INS_MFIBATU3: + case PPC_INS_MFIBATL3: +#else case PPC_INS_MFDBATU: case PPC_INS_MFDBATL: case PPC_INS_MFIBATU: case PPC_INS_MFIBATL: +#endif case PPC_INS_MFDCCR: case PPC_INS_MFICCR: case PPC_INS_MFDEAR: @@ -984,7 +999,9 @@ static RzILOpEffect *move_from_to_spr_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MFTCR: case PPC_INS_MFASR: case PPC_INS_MFPVR: +#if CS_API_MAJOR < 6 case PPC_INS_MFTBU: +#endif case PPC_INS_MTDSISR: case PPC_INS_MTDAR: case PPC_INS_MTSRR2: @@ -996,10 +1013,29 @@ static RzILOpEffect *move_from_to_spr_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MTTBU: case PPC_INS_MTTBLO: case PPC_INS_MTTBHI: +#if CS_API_MAJOR == 6 + case PPC_INS_MTDBATU0: + case PPC_INS_MTDBATL0: + case PPC_INS_MTDBATU1: + case PPC_INS_MTDBATL1: + case PPC_INS_MTDBATU2: + case PPC_INS_MTDBATL2: + case PPC_INS_MTDBATU3: + case PPC_INS_MTDBATL3: + case PPC_INS_MTIBATU0: + case PPC_INS_MTIBATL0: + case PPC_INS_MTIBATU1: + case PPC_INS_MTIBATL1: + case PPC_INS_MTIBATU2: + case PPC_INS_MTIBATL2: + case PPC_INS_MTIBATU3: + case PPC_INS_MTIBATL3: +#else case PPC_INS_MTDBATU: case PPC_INS_MTDBATL: case PPC_INS_MTIBATU: case PPC_INS_MTIBATL: +#endif case PPC_INS_MTDCCR: case PPC_INS_MTICCR: case PPC_INS_MTDEAR: @@ -1269,9 +1305,11 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn // Everything is executed linear => Sync instructions are NOP()s. case PPC_INS_ISYNC: case PPC_INS_SYNC: +#if CS_API_MAJOR < 6 case PPC_INS_LWSYNC: case PPC_INS_MSYNC: case PPC_INS_PTESYNC: +#endif case PPC_INS_TLBSYNC: lop = NOP(); break; @@ -1395,7 +1433,9 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn #endif lop = store_op(handle, insn, mode); break; +#if CS_API_MAJOR < 6 case PPC_INS_MR: +#endif case PPC_INS_AND: case PPC_INS_ANDC: case PPC_INS_ANDIS: @@ -1406,7 +1446,7 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_ORIS: case PPC_INS_NAND: case PPC_INS_NOR: -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 // bug on xori in capstone v5 case PPC_INS_XNOP: #endif @@ -1424,13 +1464,13 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn #if CS_API_MAJOR > 3 case PPC_INS_CMPB: #endif -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 case PPC_INS_CMPRB: case PPC_INS_CMPEQB: #endif lop = bitwise_op(handle, insn, mode); break; -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 case PPC_INS_CMP: case PPC_INS_CMPI: case PPC_INS_CMPL: @@ -1474,6 +1514,7 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_BLRL: case PPC_INS_BCA: case PPC_INS_BCLA: +#if CS_API_MAJOR < 6 case PPC_INS_BDNZT: case PPC_INS_BDNZTL: case PPC_INS_BDNZTA: @@ -1490,7 +1531,8 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_BDZFA: case PPC_INS_BDZFL: case PPC_INS_BDZFLA: -#if CS_API_MAJOR > 4 +#endif +#if CS_API_MAJOR == 5 case PPC_INS_BCDCFN: case PPC_INS_BCDCFSQ: case PPC_INS_BCDCFZ: @@ -1678,10 +1720,18 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MFPID: case PPC_INS_MFTBLO: case PPC_INS_MFTBHI: +#if CS_API_MAJOR < 6 case PPC_INS_MFDBATU: case PPC_INS_MFDBATL: case PPC_INS_MFIBATU: case PPC_INS_MFIBATL: + case PPC_INS_MFTBU: + case PPC_INS_MTCR: + case PPC_INS_MTDBATU: + case PPC_INS_MTDBATL: + case PPC_INS_MTIBATU: + case PPC_INS_MTIBATL: +#endif case PPC_INS_MFDCCR: case PPC_INS_MFICCR: case PPC_INS_MFDEAR: @@ -1690,8 +1740,6 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MFTCR: case PPC_INS_MFASR: case PPC_INS_MFPVR: - case PPC_INS_MFTBU: - case PPC_INS_MTCR: case PPC_INS_MTBR0: case PPC_INS_MTBR1: case PPC_INS_MTBR2: @@ -1713,10 +1761,6 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MTTBU: case PPC_INS_MTTBLO: case PPC_INS_MTTBHI: - case PPC_INS_MTDBATU: - case PPC_INS_MTDBATL: - case PPC_INS_MTIBATU: - case PPC_INS_MTIBATL: case PPC_INS_MTDCCR: case PPC_INS_MTICCR: case PPC_INS_MTDEAR: @@ -1736,10 +1780,12 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_CRNOR: case PPC_INS_CROR: case PPC_INS_CRORC: +#if CS_API_MAJOR < 6 case PPC_INS_CRSET: case PPC_INS_CRNOT: case PPC_INS_CRMOVE: case PPC_INS_CRCLR: +#endif NOT_IMPLEMENTED; case PPC_INS_MCRF: lop = cr_logical(handle, insn, mode); diff --git a/librz/analysis/p/analysis_ppc_cs.c b/librz/analysis/p/analysis_ppc_cs.c index 4488e2ce624..84bf084b36b 100644 --- a/librz/analysis/p/analysis_ppc_cs.c +++ b/librz/analysis/p/analysis_ppc_cs.c @@ -982,7 +982,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf case PPC_INS_CMPLWI: case PPC_INS_CMPW: case PPC_INS_CMPWI: -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 case PPC_INS_CMP: case PPC_INS_CMPI: #endif @@ -1004,7 +1004,9 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->type = RZ_ANALYSIS_OP_TYPE_MOV; esilprintf(op, "%s,lr,=", ARG(0)); break; +#if CS_API_MAJOR < 6 case PPC_INS_MR: +#endif case PPC_INS_LI: op->type = RZ_ANALYSIS_OP_TYPE_MOV; op->val = IMM(1); @@ -1051,9 +1053,11 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf break; case PPC_INS_SYNC: case PPC_INS_ISYNC: +#if CS_API_MAJOR < 6 case PPC_INS_LWSYNC: case PPC_INS_MSYNC: case PPC_INS_PTESYNC: +#endif case PPC_INS_TLBSYNC: case PPC_INS_SLBIA: case PPC_INS_SLBIE: @@ -1250,12 +1254,14 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->type = RZ_ANALYSIS_OP_TYPE_ADD; esilprintf(op, "%s,%s,+,%s,=", ARG(2), ARG(1), ARG(0)); break; +#if CS_API_MAJOR < 6 case PPC_INS_CRCLR: case PPC_INS_CRSET: case PPC_INS_CRMOVE: + case PPC_INS_CRNOT: +#endif case PPC_INS_CRXOR: case PPC_INS_CRNOR: - case PPC_INS_CRNOT: // reset conditional bits op->type = RZ_ANALYSIS_OP_TYPE_MOV; break; @@ -1283,7 +1289,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->type = RZ_ANALYSIS_OP_TYPE_CALL; esilprintf(op, "pc,lr,=,ctr,pc,="); break; -#if CS_API_MAJOR > 4 +#if CS_API_MAJOR == 5 case PPC_INS_BEQ: case PPC_INS_BEQA: case PPC_INS_BFA: From 583cb3418e8f367508484beb163eda613aa683f2 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Mon, 24 Jul 2023 03:26:22 -0500 Subject: [PATCH 056/106] Use CS_NEXT_VERSION as include guard. --- librz/analysis/arch/ppc/ppc_il.c | 2 +- librz/analysis/arch/ppc/ppc_il_ops.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/librz/analysis/arch/ppc/ppc_il.c b/librz/analysis/arch/ppc/ppc_il.c index 833fd66c549..a9c3a7dd48e 100644 --- a/librz/analysis/arch/ppc/ppc_il.c +++ b/librz/analysis/arch/ppc/ppc_il.c @@ -381,7 +381,7 @@ RZ_IPI bool ppc_is_conditional(ut32 insn_id) { * \return bool True if the instructions moves a value to a SPR. False otherwise. */ RZ_IPI bool ppc_moves_to_spr(ut32 insn_id) { -#if CS_API_MAJOR >= 6 +#if CS_NEXT_VERSION >= 6 return (insn_id > PPC_MTSPR_ALIAS_FIRST && insn_id < PPC_INS_ENDING) || insn_id == PPC_INS_MTSPR; #else diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index 294053ae916..5c2ccb47ea9 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -968,7 +968,7 @@ static RzILOpEffect *move_from_to_spr_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MFPID: case PPC_INS_MFTBLO: case PPC_INS_MFTBHI: -#if CS_API_MAJOR == 6 +#if CS_NEXT_VERSION == 6 case PPC_INS_MFDBATU0: case PPC_INS_MFDBATL0: case PPC_INS_MFDBATU1: @@ -999,7 +999,7 @@ static RzILOpEffect *move_from_to_spr_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MFTCR: case PPC_INS_MFASR: case PPC_INS_MFPVR: -#if CS_API_MAJOR < 6 +#if CS_NEXT_VERSION < 6 case PPC_INS_MFTBU: #endif case PPC_INS_MTDSISR: From 3883cb4f615dc354dacfdc44d92c9ddb1874c03b Mon Sep 17 00:00:00 2001 From: Rot127 Date: Mon, 24 Jul 2023 05:17:34 -0500 Subject: [PATCH 057/106] Warp removed instruction alias into include guards. --- librz/analysis/arch/ppc/ppc_il.c | 2 ++ librz/analysis/arch/ppc/ppc_il_ops.c | 40 ++++++++++++++++++++++++++-- librz/analysis/p/analysis_ppc_cs.c | 6 +++++ 3 files changed, 46 insertions(+), 2 deletions(-) diff --git a/librz/analysis/arch/ppc/ppc_il.c b/librz/analysis/arch/ppc/ppc_il.c index a9c3a7dd48e..9e0737505b7 100644 --- a/librz/analysis/arch/ppc/ppc_il.c +++ b/librz/analysis/arch/ppc/ppc_il.c @@ -789,6 +789,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins case PPC_INS_BDZLR: case PPC_INS_BDZLRL: return IS_ZERO(VARG("ctr")); +#if CS_NEXT_VERSION < 6 // ctr != 0 && cr_bi == 1 case PPC_INS_BDNZT: case PPC_INS_BDNZTL: @@ -837,6 +838,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins } return AND(NON_ZERO(VARG("ctr")), IS_ZERO(LOGAND(cr, cr_bit))); } +#endif } /** diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index 5c2ccb47ea9..35b84b16da1 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -1,7 +1,6 @@ // SPDX-FileCopyrightText: 2022 Rot127 // SPDX-License-Identifier: LGPL-3.0-only -#include "opcode/ppc.h" #include "ppc_il.h" #include "ppc_analysis.h" #include "rz_types_base.h" @@ -1087,7 +1086,7 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i // M/NM/MI Mask, AND with mask, mask insert // FIXME: With update to auto-sync ppc arch -#if CS_API_MAJOR >= 5 && CS_API_MINOR == 0 +#if CS_API_MAJOR == 5 && CS_API_MINOR == 0 && CS_NEXT_VERSION < 6 // weird bug on capstone v5.0 if (id == PPC_INS_CLRLDI && !strcmp(insn->mnemonic, "rldicl")) { id = PPC_INS_RLDICL; @@ -1099,17 +1098,27 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i switch (id) { default: NOT_IMPLEMENTED; +#if CS_NEXT_VERSION < 6 case PPC_INS_ROTLW: case PPC_INS_ROTLWI: +#endif case PPC_INS_RLWIMI: case PPC_INS_RLWINM: case PPC_INS_RLWNM: +#if CS_NEXT_VERSION >= 6 + if (id == PPC_INS_RLWNM) { +#else if (id == PPC_INS_RLWNM || id == PPC_INS_ROTLW) { +#endif n = CAST(6, IL_FALSE, LOGAND(VARG(rB), UA(0x1f))); } else { n = U8(sH); } r = ROTL32(UNSIGNED(32, VARG(rS)), n); +#if CS_NEXT_VERSION >= 6 + b = mB + 32; + e = mE + 32; +#else if (id == PPC_INS_ROTLW || id == PPC_INS_ROTLWI) { b = 32; // mb: 0 + 32 e = 63; // me: 31 + 32 @@ -1117,6 +1126,7 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i b = mB + 32; e = mE + 32; } +#endif // Mask has all bits set. all_bits_set = (((b - 1) & 0x3f) == e); set_mask = all_bits_set ? NULL : SET_MASK(U8(b), U8(e)); @@ -1125,15 +1135,21 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i into_rA = LOGOR(into_rA, LOGAND(VARG(rA), LOGNOT(VARL("mask")))); } break; +#if CS_NEXT_VERSION < 6 case PPC_INS_ROTLD: case PPC_INS_ROTLDI: +#endif case PPC_INS_RLDCL: case PPC_INS_RLDCR: case PPC_INS_RLDIC: case PPC_INS_RLDICL: case PPC_INS_RLDICR: case PPC_INS_RLDIMI: +#if CS_NEXT_VERSION >= 6 + if (id == PPC_INS_RLDCR || id == PPC_INS_RLDCL) { +#else if (id == PPC_INS_RLDCR || id == PPC_INS_RLDCL || id == PPC_INS_ROTLD) { +#endif // For these instruction ME is the third operand, not MB. mE = INSOP(3).imm; n = UNSIGNED(8, VARG(rB)); @@ -1145,6 +1161,21 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i } n = LOGAND(U8(0x3f), n); r = ROTL64(VARG(rS), n); +#if CS_NEXT_VERSION >= 6 + if (id == PPC_INS_RLDICR || id == PPC_INS_RLDCR) { + b = 0; + e = mE; + } else { + b = mB; + if (id == PPC_INS_RLDCL || id == PPC_INS_RLDICL) { + e = 63; + } else if (id == PPC_INS_RLDIMI) { + e = (63 - sH) & 0x3f; + } else { + e = sH; + } + } +#else if (id == PPC_INS_RLDICR || id == PPC_INS_RLDCR || id == PPC_INS_ROTLDI || id == PPC_INS_ROTLD) { b = 0; if (id == PPC_INS_ROTLDI || id == PPC_INS_ROTLD) { @@ -1162,6 +1193,7 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i e = sH; } } +#endif all_bits_set = (((b - 1) & 0x3f) == e); set_mask = all_bits_set ? NULL : SET_MASK(U8(b), U8(e)); @@ -1229,6 +1261,7 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i IL_FALSE); set_ca = SETG("ca", ca_val); break; +#if CS_NEXT_VERSION < 6 case PPC_INS_CLRLDI: case PPC_INS_CLRLWI: r = VARG(rS); @@ -1237,6 +1270,7 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i all_bits_set = (((b - 1) & 0x3f) == e); set_mask = all_bits_set ? NULL : SET_MASK(U8(b), U8(e)); into_rA = all_bits_set ? r : LOGAND(r, VARL("mask")); +#endif } RzILOpPure *zero = UA(0); @@ -1800,12 +1834,14 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_RLWIMI: case PPC_INS_RLWINM: case PPC_INS_RLWNM: +#if CS_NEXT_VERSION < 6 case PPC_INS_ROTLD: case PPC_INS_ROTLDI: case PPC_INS_CLRLDI: case PPC_INS_ROTLWI: case PPC_INS_CLRLWI: case PPC_INS_ROTLW: +#endif case PPC_INS_SLD: case PPC_INS_SLW: case PPC_INS_SRAD: diff --git a/librz/analysis/p/analysis_ppc_cs.c b/librz/analysis/p/analysis_ppc_cs.c index 84bf084b36b..4ad894d514e 100644 --- a/librz/analysis/p/analysis_ppc_cs.c +++ b/librz/analysis/p/analysis_ppc_cs.c @@ -1018,10 +1018,12 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->val <<= 16; esilprintf(op, "%s0000,%s,=", ARG(1), ARG(0)); break; +#if CS_NEXT_VERSION < 6 case PPC_INS_CLRLWI: op->type = RZ_ANALYSIS_OP_TYPE_AND; esilprintf(op, "%s,%s,&,%s,=", ARG(1), cmask32(ARG(2), "0x1F"), ARG(0)); break; +#endif case PPC_INS_RLWINM: op->type = RZ_ANALYSIS_OP_TYPE_ROL; esilprintf(op, "%s,%s,<<<,%s,&,%s,=", ARG(2), ARG(1), cmask32(ARG(3), ARG(4)), ARG(0)); @@ -1235,8 +1237,10 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->type = RZ_ANALYSIS_OP_TYPE_MUL; esilprintf(op, "%s,%s,*,%s,=", ARG(2), ARG(1), ARG(0)); break; +#if CS_NEXT_VERSION < 6 case PPC_INS_SUB: case PPC_INS_SUBC: +#endif case PPC_INS_SUBF: case PPC_INS_SUBFIC: case PPC_INS_SUBFZE: @@ -1649,6 +1653,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->type = RZ_ANALYSIS_OP_TYPE_STORE; esilprintf(op, "%s,%s", ARG(0), ARG2(1, ",=[128]")); break; +#if CS_NEXT_VERSION < 6 case PPC_INS_CLRLDI: op->type = RZ_ANALYSIS_OP_TYPE_AND; esilprintf(op, "%s,%s,&,%s,=", ARG(1), cmask64(ARG(2), "0x3F"), ARG(0)); @@ -1657,6 +1662,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->type = RZ_ANALYSIS_OP_TYPE_ROL; esilprintf(op, "%s,%s,<<<,%s,=", ARG(2), ARG(1), ARG(0)); break; +#endif case PPC_INS_RLDCL: case PPC_INS_RLDICL: op->type = RZ_ANALYSIS_OP_TYPE_ROL; From 363c91f73ec48745fa652c35ef14b0fc7c4a0141 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Tue, 25 Jul 2023 10:53:30 -0500 Subject: [PATCH 058/106] Add CS v6 include guards. --- librz/analysis/p/analysis_ppc_cs.c | 75 +++++++++++++++++++++++++++++- 1 file changed, 74 insertions(+), 1 deletion(-) diff --git a/librz/analysis/p/analysis_ppc_cs.c b/librz/analysis/p/analysis_ppc_cs.c index 4ad894d514e..29a128097c6 100644 --- a/librz/analysis/p/analysis_ppc_cs.c +++ b/librz/analysis/p/analysis_ppc_cs.c @@ -95,10 +95,12 @@ static char *getarg2(struct Getarg *gop, int n, const char *setstr) { (ut64)op.mem.disp, cs_reg_name(handle, op.mem.base), setstr); break; +#if CS_NEXT_VERSION < 6 case PPC_OP_CRX: // Condition Register field snprintf(words[n], sizeof(words[n]), "%" PFMT64d "%s", (ut64)op.imm, setstr); break; +#endif } return words[n]; } @@ -125,9 +127,11 @@ static ut64 getarg(struct Getarg *gop, int n) { case PPC_OP_MEM: value = op.mem.disp + op.mem.base; break; +#if CS_NEXT_VERSION < 6 case PPC_OP_CRX: // Condition Register field value = (ut64)op.imm; break; +#endif } return value; } @@ -1326,8 +1330,13 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->type = RZ_ANALYSIS_OP_TYPE_CJMP; op->jump = ARG(1)[0] == '\0' ? IMM(0) : IMM(1); op->fail = addr + op->size; +#if CS_NEXT_VERSION >= 6 + switch (insn->detail->ppc.bc.pred_cr) { + case PPC_PRED_LT: +#else switch (insn->detail->ppc.bc) { case PPC_BC_LT: +#endif /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { @@ -1336,7 +1345,11 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf esilprintf(op, "2,%s,&,?{,%s,pc,=,},", ARG(0), ARG(1)); } break; +#if CS_NEXT_VERSION >= 6 + case PPC_PRED_LE: +#else case PPC_BC_LE: +#endif /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { @@ -1345,7 +1358,11 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf esilprintf(op, "3,%s,&,?{,%s,pc,=,},", ARG(0), ARG(1)); } break; +#if CS_NEXT_VERSION >= 6 + case PPC_PRED_EQ: +#else case PPC_BC_EQ: +#endif /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { @@ -1354,7 +1371,11 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf esilprintf(op, "1,%s,&,?{,%s,pc,=,},", ARG(0), ARG(1)); } break; +#if CS_NEXT_VERSION >= 6 + case PPC_PRED_GE: +#else case PPC_BC_GE: +#endif /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { @@ -1363,7 +1384,11 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf esilprintf(op, "2,%s,^,3,&,?{,%s,pc,=,},", ARG(0), ARG(1)); } break; +#if CS_NEXT_VERSION >= 6 + case PPC_PRED_GT: +#else case PPC_BC_GT: +#endif /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { @@ -1372,7 +1397,11 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf esilprintf(op, "2,%s,&,!,?{,%s,pc,=,},", ARG(0), ARG(1)); } break; +#if CS_NEXT_VERSION >= 6 + case PPC_PRED_NE: +#else case PPC_BC_NE: +#endif /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { @@ -1381,17 +1410,27 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf esilprintf(op, "%s,1,&,!,?{,%s,pc,=,},", ARG(0), ARG(1)); } break; +#if CS_NEXT_VERSION >= 6 + case PPC_PRED_INVALID: +#else case PPC_BC_INVALID: +#endif op->type = RZ_ANALYSIS_OP_TYPE_JMP; esilprintf(op, "%s,pc,=", ARG(0)); +#if CS_NEXT_VERSION >= 6 + case PPC_PRED_UN: // unordered + PPC_PRED_SO - summary overflow + case PPC_PRED_NU: // not unordered + PPC_PRED_NS - not summary overflow +#else case PPC_BC_UN: // unordered case PPC_BC_NU: // not unordered case PPC_BC_SO: // summary overflow case PPC_BC_NS: // not summary overflow +#endif default: break; } break; +#if CS_NEXT_VERSION < 6 case PPC_INS_BT: case PPC_INS_BF: switch (insn->detail->ppc.operands[0].type) { @@ -1412,6 +1451,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf break; } break; +#endif case PPC_INS_BDNZ: op->type = RZ_ANALYSIS_OP_TYPE_CJMP; op->jump = IMM(0); @@ -1478,12 +1518,20 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf case PPC_INS_BCLRL: op->type = RZ_ANALYSIS_OP_TYPE_CRET; op->fail = addr + op->size; - switch (insn->detail->ppc.bc) { + switch (insn->detail->ppc.bc.pred_cr) { +#if CS_NEXT_VERSION >= 6 + case PPC_PRED_INVALID: +#else case PPC_BC_INVALID: +#endif op->type = RZ_ANALYSIS_OP_TYPE_RET; esilprintf(op, "lr,pc,="); break; +#if CS_NEXT_VERSION >= 6 + case PPC_PRED_LT: +#else case PPC_BC_LT: +#endif /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { @@ -1492,7 +1540,11 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf esilprintf(op, "2,%s,&,?{,lr,pc,=,},", ARG(0)); } break; +#if CS_NEXT_VERSION >= 6 + case PPC_PRED_LE: +#else case PPC_BC_LE: +#endif /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { @@ -1501,7 +1553,11 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf esilprintf(op, "3,%s,&,?{,lr,pc,=,},", ARG(0)); } break; +#if CS_NEXT_VERSION >= 6 + case PPC_PRED_EQ: +#else case PPC_BC_EQ: +#endif /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { @@ -1510,7 +1566,11 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf esilprintf(op, "1,%s,&,?{,lr,pc,=,},", ARG(0)); } break; +#if CS_NEXT_VERSION >= 6 + case PPC_PRED_GE: +#else case PPC_BC_GE: +#endif /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { @@ -1519,7 +1579,11 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf esilprintf(op, "2,%s,^,3,&,?{,lr,pc,=,},", ARG(0)); } break; +#if CS_NEXT_VERSION >= 6 + case PPC_PRED_GT: +#else case PPC_BC_GT: +#endif /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { @@ -1528,7 +1592,11 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf esilprintf(op, "2,%s,&,!,?{,lr,pc,=,},", ARG(0)); } break; +#if CS_NEXT_VERSION >= 6 + case PPC_PRED_NE: +#else case PPC_BC_NE: +#endif /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { @@ -1537,10 +1605,15 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf esilprintf(op, "%s,1,&,!,?{,lr,pc,=,},", ARG(0)); } break; +#if CS_NEXT_VERSION >= 6 + case PPC_PRED_UN: // unordered + PPC_PRED_SO - summary overflow + case PPC_PRED_NU: // not unordered + PPC_PRED_NS - not summary overflow +#else case PPC_BC_UN: // unordered case PPC_BC_NU: // not unordered case PPC_BC_SO: // summary overflow case PPC_BC_NS: // not summary overflow +#endif default: break; } From 1d6d376095bba516a9ff836b02ee2322001e10a1 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Tue, 25 Jul 2023 10:55:45 -0500 Subject: [PATCH 059/106] Add CS v6 support to branch conditions for Rzil. --- librz/analysis/arch/ppc/ppc_analysis.h | 2 +- librz/analysis/arch/ppc/ppc_il.c | 52 ++++++++++++++++++++------ 2 files changed, 41 insertions(+), 13 deletions(-) diff --git a/librz/analysis/arch/ppc/ppc_analysis.h b/librz/analysis/arch/ppc/ppc_analysis.h index a72cdbe6daf..1c16570bdd8 100644 --- a/librz/analysis/arch/ppc/ppc_analysis.h +++ b/librz/analysis/arch/ppc/ppc_analysis.h @@ -4,7 +4,7 @@ #ifndef PPC_ANALYSIS_H #define PPC_ANALYSIS_H -#define INSOPS insn->detail->ppc.op_count +#define PPC_DETAIL(insn) insn->detail->ppc #define INSOP(n) insn->detail->ppc.operands[n] #define OP_CNT insn->detail->ppc.op_count #define IMM(x) (ut64)(insn->detail->ppc.operands[x].imm) diff --git a/librz/analysis/arch/ppc/ppc_il.c b/librz/analysis/arch/ppc/ppc_il.c index 9e0737505b7..fda2405bb40 100644 --- a/librz/analysis/arch/ppc/ppc_il.c +++ b/librz/analysis/arch/ppc/ppc_il.c @@ -2,6 +2,7 @@ // SPDX-License-Identifier: LGPL-3.0-only #include "ppc_il.h" +#include "capstone.h" #include "ppc_analysis.h" #include #include @@ -619,8 +620,10 @@ static const char *get_crx_reg(const csh handle, cs_insn *insn, size_t n) { rz_warn_if_reached(); } return cs_reg_name(handle, reg); -#else +#elif CS_NEXT_VERSION < 6 return cs_reg_name(handle, INSOP(n).crx.reg); +#else + return cs_reg_name(handle, PPC_DETAIL(insn).bc.crX); #endif } @@ -639,8 +642,10 @@ static ut32 get_crx_cond(const csh handle, cs_insn *insn, size_t n) { } rz_warn_if_reached(); return PPC_BC_INVALID; -#else +#elif CS_NEXT_VERSION < 6 return INSOP(n).crx.cond; +#else + return PPC_DETAIL(insn).bc.pred_cr; #endif } @@ -649,7 +654,7 @@ static ut32 get_crx_cond(const csh handle, cs_insn *insn, size_t n) { * Checkout the "Simple Branch Mnemonics" in Appendix C in PowerISA v3.1B and * the chapter about branch instructions for an overview of possible conditions. * - * NODE: This function *does not* decrement CTR, if required by the instruction. + * NOTE: This function *does not* decrement CTR, if required by the instruction. * This should have been done before. * * \param insn The capstone instructions. @@ -660,16 +665,25 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins rz_return_val_if_fail(insn, NULL); ut32 id = insn->id; +#if CS_NEXT_VERSION >= 6 + ut8 bo = PPC_DETAIL(insn).bc.bi; + ut8 bi = PPC_DETAIL(insn).bc.bo; + RzILOpBool *decr_ctr = cs_ppc_bc_decr_ctr(bo) ? IL_TRUE : IL_FALSE; + RzILOpBool *test_cr_bit = cs_ppc_bc_cr_is_tested(bo) ? IL_TRUE : IL_FALSE; + RzILOpBool *check_ctr_is_zero = cs_ppc_bc_tests_ctr_is_zero(bo) ? IL_TRUE : IL_FALSE; + RzILOpBool *check_cr_bit_is_set = cs_ppc_bc_tests_cr_bit_is_set(bo) ? IL_TRUE : IL_FALSE; +#else ut8 bo = PPC_READ_BO_FIELD; ut8 bi = PPC_READ_BI_FIELD; - RzILOpPure *ctr_ok; - RzILOpPure *cond_ok; RzILOpPure *bo_0; RzILOpPure *bo_1; RzILOpPure *bo_2; RzILOpPure *bo_3; RzILOpPure *cr; RzILOpPure *cr_bit; +#endif + RzILOpPure *ctr_cond_fullfilled; + RzILOpPure *cr_cond_fullfilled; switch (id) { default: @@ -717,6 +731,11 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins case PPC_INS_BCLA: case PPC_INS_BCLR: case PPC_INS_BCLRL: +#if CS_NEXT_VERSION >= 6 + ctr_cond_fullfilled = AND(decr_ctr, XOR(NON_ZERO(VARG("ctr")), check_ctr_is_zero)); + cr_cond_fullfilled = AND(test_cr_bit, XOR(get_cr_bit(bi + 32), INV(check_cr_bit_is_set))); + return AND(ctr_cond_fullfilled, cr_cond_fullfilled); +#else // BO_2 == 0: Decrement CTR // BO_2 == 1: Don't use CTR bo_2 = NON_ZERO(LOGAND(UN(5, 0b00100), VARLP("bo"))); @@ -724,7 +743,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins // BO_3 == 0: Check CTR != 0 // BO_3 == 1: Check CTR == 0 bo_3 = NON_ZERO(LOGAND(UN(5, 0b00010), VARLP("bo"))); - ctr_ok = OR(bo_2, XOR(NON_ZERO(VARG("ctr")), bo_3)); // BO_2 | (CTR_M:63 ≠ 0) ⊕ BO_3 + ctr_cond_fullfilled = OR(bo_2, XOR(NON_ZERO(VARG("ctr")), bo_3)); // BO_2 | (CTR_M:63 ≠ 0) ⊕ BO_3 // BO_0 == 0: Check CR_bi // BO_0 == 1: Don't check CR_bi @@ -733,9 +752,9 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins // BO_1 == 0: Check CR_bi == 0 // BO_1 == 1: Check CR_bi == 1 bo_1 = NON_ZERO(LOGAND(UN(5, 0b01000), VARLP("bo"))); - cond_ok = OR(bo_0, XOR(get_cr_bit(bi + 32), INV(bo_1))); // BO_0 | (CR_BI+32 ≡ BO_1) - - return LET("bo", UN(5, bo), AND(cond_ok, ctr_ok)); + cr_cond_fullfilled = OR(bo_0, XOR(get_cr_bit(bi + 32), INV(bo_1))); // BO_0 | (CR_BI+32 ≡ BO_1) + return LET("bo", UN(5, bo), AND(cr_cond_fullfilled, ctr_cond_fullfilled)); +#endif case PPC_INS_BCCTR: case PPC_INS_BCCTRL: #if CS_API_MAJOR == 5 @@ -768,11 +787,16 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins case PPC_INS_BGECTR: case PPC_INS_BGECTRL: #endif +#if CS_NEXT_VERSION >= 6 + cr_cond_fullfilled = AND(test_cr_bit, XOR(get_cr_bit(bi + 32), INV(check_cr_bit_is_set))); + return cr_cond_fullfilled; +#else bo_0 = NON_ZERO(LOGAND(UN(5, 0b10000), VARLP("bo"))); bo_1 = NON_ZERO(LOGAND(UN(5, 0b01000), VARLP("bo"))); - cond_ok = OR(bo_0, XOR(get_cr_bit(bi + 32), INV(bo_1))); // BO_0 | (CR_BI+32 ≡ BO_1) + cr_cond_fullfilled = OR(bo_0, XOR(get_cr_bit(bi + 32), INV(bo_1))); // BO_0 | (CR_BI+32 ≡ BO_1) - return LET("bo", UN(5, bo), cond_ok); + return LET("bo", UN(5, bo), cr_cond_fullfilled); +#endif // CTR != 0 case PPC_INS_BDNZ: case PPC_INS_BDNZA: @@ -837,8 +861,8 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins return AND(IS_ZERO(VARG("ctr")), IS_ZERO(LOGAND(cr, cr_bit))); } return AND(NON_ZERO(VARG("ctr")), IS_ZERO(LOGAND(cr, cr_bit))); - } #endif + } } /** @@ -874,6 +898,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_ta(RZ_BORROW cs_insn *insn, const cs_mo case PPC_INS_BLA: case PPC_INS_BCA: case PPC_INS_BCLA: +#if CS_NEXT_VERSION < 6 case PPC_INS_BDNZTA: case PPC_INS_BDNZTLA: case PPC_INS_BDNZFA: @@ -882,6 +907,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_ta(RZ_BORROW cs_insn *insn, const cs_mo case PPC_INS_BDZTLA: case PPC_INS_BDZFA: case PPC_INS_BDZFLA: +#endif // EXTS(LI || 0b00) // Branch to relative address #if CS_API_MAJOR == 5 @@ -916,6 +942,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_ta(RZ_BORROW cs_insn *insn, const cs_mo #endif case PPC_INS_B: case PPC_INS_BL: +#if CS_NEXT_VERSION < 6 case PPC_INS_BDZF: case PPC_INS_BDZFL: case PPC_INS_BDZT: @@ -924,6 +951,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_ta(RZ_BORROW cs_insn *insn, const cs_mo case PPC_INS_BDNZFL: case PPC_INS_BDNZT: case PPC_INS_BDNZTL: +#endif // CIA + EXTS(LI || 0b00) if (insn->detail->ppc.op_count == 2) { return UA(INSOP(1).imm); From 4edad23ec8e873f9c41d5df4369ad867e2df6323 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Tue, 25 Jul 2023 12:57:58 -0500 Subject: [PATCH 060/106] Add more CSv6 guards. --- librz/analysis/arch/ppc/ppc_il.c | 2 ++ librz/analysis/arch/ppc/ppc_il_ops.c | 13 +++++++++++++ librz/analysis/p/analysis_ppc_cs.c | 2 -- 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/librz/analysis/arch/ppc/ppc_il.c b/librz/analysis/arch/ppc/ppc_il.c index fda2405bb40..40bad78fed5 100644 --- a/librz/analysis/arch/ppc/ppc_il.c +++ b/librz/analysis/arch/ppc/ppc_il.c @@ -88,8 +88,10 @@ RZ_IPI st32 ppc_get_mem_acc_size(ut32 insn_id) { default: RZ_LOG_INFO("Memory access size for instruction %d requested. But it is not in the switch case.\n", insn_id); return -1; +#if CS_NEXT_VERSION < 6 case PPC_INS_LI: case PPC_INS_LIS: +#endif // Doesn't read from memory. return 0; case PPC_INS_LBZ: diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index 35b84b16da1..d7c5d6fe23d 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -17,7 +17,9 @@ static RzILOpEffect *load_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, cons const char *rA = cs_reg_name(handle, INSOP(1).mem.base); const char *rB = cs_reg_name(handle, INSOP(2).reg); st64 d = INSOP(1).mem.disp; // RA = base ; D = Disposition +#if CS_NEXT_VERSION < 6 st64 sI = INSOP(1).imm; // liX instructions (alias for addX). +#endif bool update_ra = ppc_updates_ra_with_ea(id); // Save ea in RA? ut32 mem_acc_size = ppc_get_mem_acc_size(id); RzILOpPure *base; @@ -43,6 +45,7 @@ static RzILOpEffect *load_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, cons switch (id) { default: NOT_IMPLEMENTED; +#if CS_NEXT_VERSION < 6 case PPC_INS_LI: // RT = sI into_rt = EXTEND(PPC_ARCH_BITS, SN(16, sI)); update_ra = false; @@ -51,6 +54,7 @@ static RzILOpEffect *load_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, cons into_rt = EXTEND(PPC_ARCH_BITS, APPEND(SN(16, sI), U16(0))); update_ra = false; break; +#endif case PPC_INS_LA: // RT = EA NOT_IMPLEMENTED; case PPC_INS_LBZ: @@ -473,6 +477,12 @@ static RzILOpEffect *compare_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, c #endif // READ +#if CS_NEXT_VERSION >= 6 + crX = cs_reg_name(handle, PPC_DETAIL(insn).bc.crX); + rA = cs_reg_name(handle, INSOP(0).reg); + rB = cs_reg_name(handle, INSOP(1).reg); + imm = INSOP(1).imm; +#else // cr0 reg is not explicitly stored in the operands list. if (OP_CNT == 2) { crX = "cr0"; @@ -485,6 +495,7 @@ static RzILOpEffect *compare_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, c rB = cs_reg_name(handle, INSOP(2).reg); imm = INSOP(2).imm; } +#endif // How to read instruction ids: // Letter Meaning @@ -1379,8 +1390,10 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MULLW: lop = div_mul_op(handle, insn, mode); break; +#if CS_NEXT_VERSION < 6 case PPC_INS_LI: case PPC_INS_LIS: +#endif case PPC_INS_LA: case PPC_INS_LBZ: case PPC_INS_LBZU: diff --git a/librz/analysis/p/analysis_ppc_cs.c b/librz/analysis/p/analysis_ppc_cs.c index 29a128097c6..c377ba72359 100644 --- a/librz/analysis/p/analysis_ppc_cs.c +++ b/librz/analysis/p/analysis_ppc_cs.c @@ -1010,7 +1010,6 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf break; #if CS_API_MAJOR < 6 case PPC_INS_MR: -#endif case PPC_INS_LI: op->type = RZ_ANALYSIS_OP_TYPE_MOV; op->val = IMM(1); @@ -1022,7 +1021,6 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->val <<= 16; esilprintf(op, "%s0000,%s,=", ARG(1), ARG(0)); break; -#if CS_NEXT_VERSION < 6 case PPC_INS_CLRLWI: op->type = RZ_ANALYSIS_OP_TYPE_AND; esilprintf(op, "%s,%s,&,%s,=", ARG(1), cmask32(ARG(2), "0x1F"), ARG(0)); From f98a03bb08c0b96b9de649eef6b3c36164ed6def Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 26 Jul 2023 06:31:29 -0500 Subject: [PATCH 061/106] Handle PPC_REG_ZERO case --- librz/analysis/arch/ppc/ppc_il_ops.c | 16 ++++++++++++++++ librz/analysis/p/analysis_ppc_cs.c | 6 ++++-- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index d7c5d6fe23d..c843af53f2e 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -86,7 +86,11 @@ static RzILOpEffect *load_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, cons case PPC_INS_LWZCIX: case PPC_INS_LDCIX: #endif +#if CS_NEXT_VERSION >= 6 + base = VARG(rA); +#else base = rA ? VARG(rA) : NULL; +#endif if (ppc_is_x_form(id)) { disp = VARG(rB); } else { @@ -110,7 +114,11 @@ static RzILOpEffect *load_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, cons case PPC_INS_LHBRX: case PPC_INS_LWBRX: case PPC_INS_LDBRX: +#if CS_NEXT_VERSION >= 6 + base = VARG(rA); +#else base = rA ? VARG(rA) : NULL; +#endif disp = VARG(rB); ea = base ? ADD(base, disp) : disp; @@ -228,7 +236,11 @@ static RzILOpEffect *store_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, con ut32 r = ppc_log_2(DCACHE_LINE_SIZE); rA = cs_reg_name(handle, INSOP(0).reg); rB = cs_reg_name(handle, INSOP(1).reg); +#if CS_NEXT_VERSION >= 6 + base = VARG(rA); +#else base = rA ? VARG(rA) : NULL; +#endif ea = base ? ADD(base, VARG(rB)) : VARG(rB); // Align EA @@ -259,7 +271,11 @@ static RzILOpEffect *store_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, con case PPC_INS_STWCIX: case PPC_INS_STDCIX: #endif +#if CS_NEXT_VERSION >= 6 + base = VARG(rA); +#else base = rA ? VARG(rA) : NULL; +#endif if (ppc_is_x_form(id)) { disp = VARG(rB); } else { diff --git a/librz/analysis/p/analysis_ppc_cs.c b/librz/analysis/p/analysis_ppc_cs.c index c377ba72359..9b7cf81de83 100644 --- a/librz/analysis/p/analysis_ppc_cs.c +++ b/librz/analysis/p/analysis_ppc_cs.c @@ -469,7 +469,8 @@ static char *get_reg_profile(RzAnalysis *analysis) { "ctr ppr32 .32 2580 0 # Process Priority Register 32-bit\n" "flg so .1 2584 0 # Summary Overflow\n" "flg ov .1 2585 0 # Overflow\n" - "flg ca .1 2586 0 # Carry\n"; + "flg ca .1 2586 0 # Carry\n" + "gpr 0 .64 2587 0 # The zero register.\n"; return strdup(p); } else { p = @@ -729,7 +730,8 @@ static char *get_reg_profile(RzAnalysis *analysis) { "ctr ppr32 .32 2580 0 # Process Priority Register 32-bit\n" "flg so .1 2584 0 # Summary Overflow\n" "flg ov .1 2585 0 # Overflow\n" - "flg ca .1 2586 0 # Carry\n"; + "flg ca .1 2586 0 # Carry\n" + "gpr 0 .32 2587 0 # The zero register.\n"; return strdup(p); } } From cfe8b74a5fe05e8c0b84b8901b936639cfa581fd Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 26 Jul 2023 06:52:21 -0500 Subject: [PATCH 062/106] Fix: Compare instr. do not use the branch predicate. --- librz/analysis/arch/ppc/ppc_il_ops.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index c843af53f2e..1eef1da1105 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -494,10 +494,11 @@ static RzILOpEffect *compare_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, c // READ #if CS_NEXT_VERSION >= 6 - crX = cs_reg_name(handle, PPC_DETAIL(insn).bc.crX); - rA = cs_reg_name(handle, INSOP(0).reg); - rB = cs_reg_name(handle, INSOP(1).reg); - imm = INSOP(1).imm; + // Uses REAL instruction operand set. + crX = cs_reg_name(handle, INSOP(0).reg); + rA = cs_reg_name(handle, INSOP(1).reg); + rB = cs_reg_name(handle, INSOP(2).reg); + imm = INSOP(2).imm; #else // cr0 reg is not explicitly stored in the operands list. if (OP_CNT == 2) { From a8c2ec107e4dd22cb26c438a04aa460aee35b130 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 26 Jul 2023 09:08:22 -0500 Subject: [PATCH 063/106] Check for LR def by read_regs --- librz/analysis/arch/ppc/ppc_il.c | 17 +++++++++++++++++ librz/analysis/arch/ppc/ppc_il.h | 1 + librz/analysis/arch/ppc/ppc_il_ops.c | 4 ++++ 3 files changed, 22 insertions(+) diff --git a/librz/analysis/arch/ppc/ppc_il.c b/librz/analysis/arch/ppc/ppc_il.c index 40bad78fed5..e401d97dc16 100644 --- a/librz/analysis/arch/ppc/ppc_il.c +++ b/librz/analysis/arch/ppc/ppc_il.c @@ -233,6 +233,23 @@ RZ_IPI bool ppc_is_algebraic(ut32 insn_id) { } } +/** + * \brief Returns true if the given branch instruction sets the LR register. + * + * \param insn_id The instruction id. + * \return bool True if the branch instruction writes the LR register. False otherwise. + */ +RZ_IPI bool ppc_insn_sets_lr(const cs_insn *insn) { + rz_return_val_if_fail(insn, false); + for (int i = 0; i < insn->detail->regs_write_count; ++i) { + ppc_reg reg = insn->detail->regs_write[i]; + if (reg == PPC_REG_LR) { + return true; + } + } + return false; +} + /** * \brief Returns true if the given branch instruction sets the LR register. * diff --git a/librz/analysis/arch/ppc/ppc_il.h b/librz/analysis/arch/ppc/ppc_il.h index 7871414cefd..f4df445b696 100644 --- a/librz/analysis/arch/ppc/ppc_il.h +++ b/librz/analysis/arch/ppc/ppc_il.h @@ -163,6 +163,7 @@ RZ_IPI st32 ppc_get_mem_acc_size(ut32 insn_id); RZ_IPI bool ppc_updates_ra_with_ea(ut32 insn_id); RZ_IPI bool ppc_is_algebraic(ut32 insn_id); RZ_IPI bool ppc_sets_lr(ut32 insn_id); +RZ_IPI bool ppc_insn_sets_lr(const cs_insn *insn); RZ_IPI bool ppc_is_conditional(ut32 insn_id); RZ_IPI bool ppc_moves_to_spr(ut32 insn_id); RZ_IPI bool ppc_is_mul_div_d(const ut32 id, const cs_mode mode); diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index 1eef1da1105..beda52caa2a 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -750,7 +750,11 @@ static RzILOpEffect *branch_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, co } set_cia = SETL("CIA", UA(insn->address)); +#if CS_NEXT_VERSION >= 6 + set_lr = ppc_insn_sets_lr(insn) ? SETG("lr", ADD(VARL("CIA"), UA(4))) : EMPTY(); +#else set_lr = ppc_sets_lr(id) ? SETG("lr", ADD(VARL("CIA"), UA(4))) : EMPTY(); +#endif decr_ctr = ppc_decrements_ctr(insn, mode) ? SETG("ctr", SUB(VARG("ctr"), UA(1))) : EMPTY(); return SEQ5(set_cia, decr_ctr, set_lr, set_nia, JMP(VARL("NIA"))); From 3aa54f39f41895db129293eee66e6ecd182ff795 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 26 Jul 2023 10:39:39 -0500 Subject: [PATCH 064/106] Fix conditional and ctr checks --- librz/analysis/arch/ppc/ppc_il.c | 14 ++++++++++++++ librz/analysis/arch/ppc/ppc_il.h | 1 + librz/analysis/arch/ppc/ppc_il_ops.c | 4 ++++ 3 files changed, 19 insertions(+) diff --git a/librz/analysis/arch/ppc/ppc_il.c b/librz/analysis/arch/ppc/ppc_il.c index e401d97dc16..97ea57e5f51 100644 --- a/librz/analysis/arch/ppc/ppc_il.c +++ b/librz/analysis/arch/ppc/ppc_il.c @@ -311,6 +311,17 @@ RZ_IPI bool ppc_sets_lr(ut32 insn_id) { } } +/** + * \brief Returns true if the given branch instruction is conditional. + * + * \param insn_id The instruction id. + * \return bool True if the branch instruction only branches if a condition is met. False otherwise. + */ +RZ_IPI bool ppc_insn_is_conditional(const cs_insn *insn) { + rz_return_val_if_fail(insn, false); + return PPC_DETAIL(insn).bc.pred_cr != PPC_PRED_INVALID || PPC_DETAIL(insn).bc.pred_ctr != PPC_PRED_INVALID; +} + /** * \brief Returns true if the given branch instruction is conditional. * @@ -473,6 +484,9 @@ RZ_IPI bool ppc_moves_to_spr(ut32 insn_id) { */ RZ_IPI bool ppc_decrements_ctr(RZ_BORROW cs_insn *insn, const cs_mode mode) { rz_return_val_if_fail(insn, false); +#if CS_NEXT_VERSION >= 6 + return cs_ppc_bc_decr_ctr(PPC_DETAIL(insn).bc.bo); +#endif ut32 id = insn->id; switch (id) { diff --git a/librz/analysis/arch/ppc/ppc_il.h b/librz/analysis/arch/ppc/ppc_il.h index f4df445b696..b603e8ed988 100644 --- a/librz/analysis/arch/ppc/ppc_il.h +++ b/librz/analysis/arch/ppc/ppc_il.h @@ -165,6 +165,7 @@ RZ_IPI bool ppc_is_algebraic(ut32 insn_id); RZ_IPI bool ppc_sets_lr(ut32 insn_id); RZ_IPI bool ppc_insn_sets_lr(const cs_insn *insn); RZ_IPI bool ppc_is_conditional(ut32 insn_id); +RZ_IPI bool ppc_insn_is_conditional(const cs_insn *insn); RZ_IPI bool ppc_moves_to_spr(ut32 insn_id); RZ_IPI bool ppc_is_mul_div_d(const ut32 id, const cs_mode mode); RZ_IPI bool ppc_is_mul_div_u(const ut32 id); diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index beda52caa2a..17b7ca1fc61 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -728,8 +728,12 @@ static RzILOpEffect *bitwise_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, c static RzILOpEffect *branch_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, const cs_mode mode) { rz_return_val_if_fail(handle && insn, EMPTY()); +#if CS_NEXT_VERSION >= 6 + bool is_conditional = ppc_insn_is_conditional(insn); +#else ut32 id = insn->id; bool is_conditional = ppc_is_conditional(id); +#endif RzILOpEffect *set_cia; // Current instruction address RzILOpEffect *set_nia; // Next instruction address RzILOpEffect *set_lr; // Set Link Register From 0cc7c9fc7a12bc4da0ba2d64106cb1085973a9e7 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 26 Jul 2023 10:41:13 -0500 Subject: [PATCH 065/106] Handle XNOP --- librz/analysis/arch/ppc/ppc_il_ops.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index 17b7ca1fc61..485a2448d92 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -1524,6 +1524,10 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn #endif case PPC_INS_XOR: case PPC_INS_XORI: + if (insn->is_alias && insn->alias_id == PPC_INS_ALIAS_XNOP) { + return NOP(); + } + // fallthrough case PPC_INS_XORIS: case PPC_INS_EQV: case PPC_INS_EXTSB: From ededae59fbe304bc4fc99f292a2947d3d954153a Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 26 Jul 2023 12:00:58 -0500 Subject: [PATCH 066/106] Remove old replacement for alias code. --- librz/analysis/arch/ppc/ppc_il.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/librz/analysis/arch/ppc/ppc_il.c b/librz/analysis/arch/ppc/ppc_il.c index 97ea57e5f51..adfb3379bfd 100644 --- a/librz/analysis/arch/ppc/ppc_il.c +++ b/librz/analysis/arch/ppc/ppc_il.c @@ -412,10 +412,6 @@ RZ_IPI bool ppc_is_conditional(ut32 insn_id) { * \return bool True if the instructions moves a value to a SPR. False otherwise. */ RZ_IPI bool ppc_moves_to_spr(ut32 insn_id) { -#if CS_NEXT_VERSION >= 6 - return (insn_id > PPC_MTSPR_ALIAS_FIRST && insn_id < PPC_INS_ENDING) || insn_id == PPC_INS_MTSPR; -#else - switch (insn_id) { default: return false; @@ -472,7 +468,6 @@ RZ_IPI bool ppc_moves_to_spr(ut32 insn_id) { case PPC_INS_MFSRIN: return true; } -#endif } /** From 646edda6350798792f075156b5a307065d64bda4 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 26 Jul 2023 12:26:51 -0500 Subject: [PATCH 067/106] Fix MTSPR and MFSPR instructions. --- librz/analysis/arch/ppc/ppc_il.c | 4 +-- librz/analysis/arch/ppc/ppc_il_ops.c | 40 +++++++++++++++------------- librz/analysis/p/analysis_ppc_cs.c | 6 +++++ 3 files changed, 29 insertions(+), 21 deletions(-) diff --git a/librz/analysis/arch/ppc/ppc_il.c b/librz/analysis/arch/ppc/ppc_il.c index adfb3379bfd..f2f04cd4e85 100644 --- a/librz/analysis/arch/ppc/ppc_il.c +++ b/librz/analysis/arch/ppc/ppc_il.c @@ -431,7 +431,6 @@ RZ_IPI bool ppc_moves_to_spr(ut32 insn_id) { case PPC_INS_MTVSCR: #if CS_API_MAJOR < 6 case PPC_INS_MTCR: -#endif case PPC_INS_MTBR0: case PPC_INS_MTBR1: case PPC_INS_MTBR2: @@ -453,18 +452,17 @@ RZ_IPI bool ppc_moves_to_spr(ut32 insn_id) { case PPC_INS_MTTBU: case PPC_INS_MTTBLO: case PPC_INS_MTTBHI: -#if CS_API_MAJOR < 6 case PPC_INS_MTDBATU: case PPC_INS_MTDBATL: case PPC_INS_MTIBATU: case PPC_INS_MTIBATL: -#endif case PPC_INS_MTDCCR: case PPC_INS_MTICCR: case PPC_INS_MTDEAR: case PPC_INS_MTESR: case PPC_INS_MTSPEFSCR: case PPC_INS_MTTCR: +#endif case PPC_INS_MFSRIN: return true; } diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index 485a2448d92..942799f7322 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -855,8 +855,20 @@ static RzILOpEffect *move_from_to_spr_op(RZ_BORROW csh handle, RZ_BORROW cs_insn rz_return_val_if_fail(handle && insn, EMPTY()); ut32 id = insn->id; +#if CS_NEXT_VERSION >= 6 + const char *rS; + const char *rT; + if (insn->id == PPC_INS_MFSPR || insn->id == PPC_INS_MTSPR) { + rT = cs_reg_name(handle, INSOP(0).reg); + rS = cs_reg_name(handle, INSOP(1).reg); + } else { + rS = cs_reg_name(handle, INSOP(0).reg); + rT = cs_reg_name(handle, INSOP(0).reg); + } +#else const char *rS = cs_reg_name(handle, INSOP(0).reg); const char *rT = cs_reg_name(handle, INSOP(0).reg); +#endif const char *spr_name; // Some registers need to assemble the value before it is read or written (e.g. XER with all its bits). // Leave it NULL if the value of the SPR or RS should be used. @@ -915,6 +927,12 @@ static RzILOpEffect *move_from_to_spr_op(RZ_BORROW csh handle, RZ_BORROW cs_insn break; case PPC_INS_MFSPR: case PPC_INS_MTSPR: { + if (insn->alias_id == PPC_INS_ALIAS_MTXER) { + return ppc_set_xer(VARG(rS), mode); + } else if (insn->alias_id == PPC_INS_ALIAS_MFXER) { + set_val = SETL("val", ppc_get_xer(mode)); + break; + } ut32 spr = INSOP(1).imm; switch (spr) { default: @@ -962,6 +980,7 @@ static RzILOpEffect *move_from_to_spr_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MTFSF: case PPC_INS_MFFS: case PPC_INS_MFTB: +#if CS_NEXT_VERSION < 6 case PPC_INS_MFRTCU: case PPC_INS_MFRTCL: NOT_IMPLEMENTED; @@ -983,14 +1002,6 @@ static RzILOpEffect *move_from_to_spr_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MTBR6: case PPC_INS_MTBR7: NOT_IMPLEMENTED; - case PPC_INS_MFXER: - case PPC_INS_MTXER: - if (id == PPC_INS_MTXER) { - return ppc_set_xer(VARG(rS), mode); - } - spr_name = "xer"; - set_val = SETL("val", ppc_get_xer(mode)); - break; case PPC_INS_MFDSCR: case PPC_INS_MTDSCR: NOT_IMPLEMENTED; @@ -1003,7 +1014,6 @@ static RzILOpEffect *move_from_to_spr_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MFPID: case PPC_INS_MFTBLO: case PPC_INS_MFTBHI: -#if CS_NEXT_VERSION == 6 case PPC_INS_MFDBATU0: case PPC_INS_MFDBATL0: case PPC_INS_MFDBATU1: @@ -1020,12 +1030,10 @@ static RzILOpEffect *move_from_to_spr_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MFIBATL2: case PPC_INS_MFIBATU3: case PPC_INS_MFIBATL3: -#else case PPC_INS_MFDBATU: case PPC_INS_MFDBATL: case PPC_INS_MFIBATU: case PPC_INS_MFIBATL: -#endif case PPC_INS_MFDCCR: case PPC_INS_MFICCR: case PPC_INS_MFDEAR: @@ -1034,9 +1042,7 @@ static RzILOpEffect *move_from_to_spr_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MFTCR: case PPC_INS_MFASR: case PPC_INS_MFPVR: -#if CS_NEXT_VERSION < 6 case PPC_INS_MFTBU: -#endif case PPC_INS_MTDSISR: case PPC_INS_MTDAR: case PPC_INS_MTSRR2: @@ -1048,7 +1054,6 @@ static RzILOpEffect *move_from_to_spr_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MTTBU: case PPC_INS_MTTBLO: case PPC_INS_MTTBHI: -#if CS_API_MAJOR == 6 case PPC_INS_MTDBATU0: case PPC_INS_MTDBATL0: case PPC_INS_MTDBATU1: @@ -1065,18 +1070,17 @@ static RzILOpEffect *move_from_to_spr_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MTIBATL2: case PPC_INS_MTIBATU3: case PPC_INS_MTIBATL3: -#else case PPC_INS_MTDBATU: case PPC_INS_MTDBATL: case PPC_INS_MTIBATU: case PPC_INS_MTIBATL: -#endif case PPC_INS_MTDCCR: case PPC_INS_MTICCR: case PPC_INS_MTDEAR: case PPC_INS_MTESR: case PPC_INS_MTSPEFSCR: case PPC_INS_MTTCR: +#endif NOT_IMPLEMENTED; } if (set_val) { @@ -1775,6 +1779,7 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MTSR: case PPC_INS_MTSRIN: case PPC_INS_MTVSCR: +#if CS_API_MAJOR < 6 case PPC_INS_MFBR0: case PPC_INS_MFBR1: case PPC_INS_MFBR2: @@ -1796,7 +1801,6 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MFPID: case PPC_INS_MFTBLO: case PPC_INS_MFTBHI: -#if CS_API_MAJOR < 6 case PPC_INS_MFDBATU: case PPC_INS_MFDBATL: case PPC_INS_MFIBATU: @@ -1807,7 +1811,6 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MTDBATL: case PPC_INS_MTIBATU: case PPC_INS_MTIBATL: -#endif case PPC_INS_MFDCCR: case PPC_INS_MFICCR: case PPC_INS_MFDEAR: @@ -1843,6 +1846,7 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MTESR: case PPC_INS_MTSPEFSCR: case PPC_INS_MTTCR: +#endif lop = move_from_to_spr_op(handle, insn, mode); break; case PPC_INS_ISEL: diff --git a/librz/analysis/p/analysis_ppc_cs.c b/librz/analysis/p/analysis_ppc_cs.c index 9b7cf81de83..a34ab3c3060 100644 --- a/librz/analysis/p/analysis_ppc_cs.c +++ b/librz/analysis/p/analysis_ppc_cs.c @@ -1672,10 +1672,12 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->type = RZ_ANALYSIS_OP_TYPE_OR; esilprintf(op, "16,%s,<<,%s,|,%s,=", ARG(2), ARG(1), ARG(0)); break; +#if CS_NEXT_VERSION < 6 case PPC_INS_MFPVR: op->type = RZ_ANALYSIS_OP_TYPE_MOV; esilprintf(op, "pvr,%s,=", ARG(0)); break; +#endif case PPC_INS_MFSPR: op->type = RZ_ANALYSIS_OP_TYPE_MOV; esilprintf(op, "%s,%s,=", PPCSPR(1), ARG(0)); @@ -1684,6 +1686,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->type = RZ_ANALYSIS_OP_TYPE_MOV; esilprintf(op, "ctr,%s,=", ARG(0)); break; +#if CS_NEXT_VERSION < 6 case PPC_INS_MFDCCR: op->type = RZ_ANALYSIS_OP_TYPE_MOV; esilprintf(op, "dccr,%s,=", ARG(0)); @@ -1696,6 +1699,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->type = RZ_ANALYSIS_OP_TYPE_MOV; esilprintf(op, "dear,%s,=", ARG(0)); break; +#endif case PPC_INS_MFMSR: op->type = RZ_ANALYSIS_OP_TYPE_MOV; esilprintf(op, "msr,%s,=", ARG(0)); @@ -1704,6 +1708,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->type = RZ_ANALYSIS_OP_TYPE_MOV; esilprintf(op, "%s,ctr,=", ARG(0)); break; +#if CS_NEXT_VERSION < 6 case PPC_INS_MTDCCR: op->type = RZ_ANALYSIS_OP_TYPE_MOV; esilprintf(op, "%s,dccr,=", ARG(0)); @@ -1716,6 +1721,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->type = RZ_ANALYSIS_OP_TYPE_MOV; esilprintf(op, "%s,dear,=", ARG(0)); break; +#endif case PPC_INS_MTMSR: case PPC_INS_MTMSRD: op->type = RZ_ANALYSIS_OP_TYPE_MOV; From 61d8fa95172ff0d09e740413e54691c83d53e147 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 27 Jul 2023 08:27:12 -0500 Subject: [PATCH 068/106] Don't use CS v5 code for every version < 6 --- librz/analysis/arch/ppc/ppc_il_ops.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index 942799f7322..5493e6203c7 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -1126,7 +1126,7 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i // M/NM/MI Mask, AND with mask, mask insert // FIXME: With update to auto-sync ppc arch -#if CS_API_MAJOR == 5 && CS_API_MINOR == 0 && CS_NEXT_VERSION < 6 +#if CS_API_MAJOR == 5 && CS_API_MINOR == 0 // weird bug on capstone v5.0 if (id == PPC_INS_CLRLDI && !strcmp(insn->mnemonic, "rldicl")) { id = PPC_INS_RLDICL; From 96176de9a7274f1fa3c6526a3cea2036fb7873d6 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sat, 29 Jul 2023 06:21:10 -0500 Subject: [PATCH 069/106] Exclude more branch alias no longer present in v6 from switch cases. --- librz/analysis/arch/ppc/ppc_il.c | 49 +++++++++++++++------------- librz/analysis/arch/ppc/ppc_il_ops.c | 14 ++++---- librz/analysis/p/analysis_ppc_cs.c | 2 +- 3 files changed, 35 insertions(+), 30 deletions(-) diff --git a/librz/analysis/arch/ppc/ppc_il.c b/librz/analysis/arch/ppc/ppc_il.c index f2f04cd4e85..e308900009a 100644 --- a/librz/analysis/arch/ppc/ppc_il.c +++ b/librz/analysis/arch/ppc/ppc_il.c @@ -260,7 +260,7 @@ RZ_IPI bool ppc_sets_lr(ut32 insn_id) { switch (insn_id) { default: return false; -#if CS_API_MAJOR == 5 +#if CS_API_MAJOR == 5 && CS_NEXT_VERSION < 6 case PPC_INS_BEQCTRL: case PPC_INS_BFCTRL: case PPC_INS_BGECTRL: @@ -332,7 +332,15 @@ RZ_IPI bool ppc_is_conditional(ut32 insn_id) { switch (insn_id) { default: return false; -#if CS_API_MAJOR == 5 + case PPC_INS_BC: + case PPC_INS_BCCTR: + case PPC_INS_BCCTRL: + case PPC_INS_BCL: + case PPC_INS_BCLR: + case PPC_INS_BCLRL: + case PPC_INS_BCA: + case PPC_INS_BCLA: +#if CS_API_MAJOR == 5 && CS_NEXT_VERSION < 6 case PPC_INS_BEQ: case PPC_INS_BEQA: case PPC_INS_BF: @@ -383,15 +391,6 @@ RZ_IPI bool ppc_is_conditional(ut32 insn_id) { case PPC_INS_BDZFA: case PPC_INS_BDZFL: case PPC_INS_BDZFLA: -#endif - case PPC_INS_BC: - case PPC_INS_BCCTR: - case PPC_INS_BCCTRL: - case PPC_INS_BCL: - case PPC_INS_BCLR: - case PPC_INS_BCLRL: - case PPC_INS_BCA: - case PPC_INS_BCLA: case PPC_INS_BDNZ: case PPC_INS_BDNZA: case PPC_INS_BDNZLR: @@ -401,6 +400,7 @@ RZ_IPI bool ppc_is_conditional(ut32 insn_id) { case PPC_INS_BDZLA: case PPC_INS_BDZLR: case PPC_INS_BDZLRL: +#endif return true; } } @@ -479,22 +479,22 @@ RZ_IPI bool ppc_decrements_ctr(RZ_BORROW cs_insn *insn, const cs_mode mode) { rz_return_val_if_fail(insn, false); #if CS_NEXT_VERSION >= 6 return cs_ppc_bc_decr_ctr(PPC_DETAIL(insn).bc.bo); -#endif +#else ut32 id = insn->id; switch (id) { default: return false; -#if CS_API_MAJOR == 5 - case PPC_INS_BGEL: - case PPC_INS_BGELA: -#endif case PPC_INS_BC: case PPC_INS_BCL: case PPC_INS_BCA: case PPC_INS_BCLA: case PPC_INS_BCLR: case PPC_INS_BCLRL: +#if CS_API_MAJOR == 5 + case PPC_INS_BGEL: + case PPC_INS_BGELA: +#endif case PPC_INS_BDNZ: case PPC_INS_BDNZA: case PPC_INS_BDNZL: @@ -508,7 +508,6 @@ RZ_IPI bool ppc_decrements_ctr(RZ_BORROW cs_insn *insn, const cs_mode mode) { case PPC_INS_BDZLR: case PPC_INS_BDZLRL: return !(0x4 & PPC_READ_BO_FIELD); // not BO_2 -#if CS_API_MAJOR < 6 case PPC_INS_BDNZT: case PPC_INS_BDNZTL: case PPC_INS_BDNZTA: @@ -526,8 +525,8 @@ RZ_IPI bool ppc_decrements_ctr(RZ_BORROW cs_insn *insn, const cs_mode mode) { case PPC_INS_BDZFL: case PPC_INS_BDZFLA: return true; -#endif } +#endif } // @@ -783,7 +782,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins #endif case PPC_INS_BCCTR: case PPC_INS_BCCTRL: -#if CS_API_MAJOR == 5 +#if CS_API_MAJOR == 5 && CS_NEXT_VERSION < 6 case PPC_INS_BEQCTR: case PPC_INS_BEQCTRL: case PPC_INS_BFCTR: @@ -822,7 +821,6 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins cr_cond_fullfilled = OR(bo_0, XOR(get_cr_bit(bi + 32), INV(bo_1))); // BO_0 | (CR_BI+32 ≡ BO_1) return LET("bo", UN(5, bo), cr_cond_fullfilled); -#endif // CTR != 0 case PPC_INS_BDNZ: case PPC_INS_BDNZA: @@ -839,7 +837,6 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins case PPC_INS_BDZLR: case PPC_INS_BDZLRL: return IS_ZERO(VARG("ctr")); -#if CS_NEXT_VERSION < 6 // ctr != 0 && cr_bi == 1 case PPC_INS_BDNZT: case PPC_INS_BDNZTL: @@ -984,10 +981,12 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_ta(RZ_BORROW cs_insn *insn, const cs_mo } else { return UA(INSOP(0).imm); } +#if CS_NEXT_VERSION < 6 case PPC_INS_BDZA: case PPC_INS_BDZLA: case PPC_INS_BDNZA: case PPC_INS_BDNZLA: +#endif // EXTS(BD || 0b00) #if CS_API_MAJOR == 5 case PPC_INS_BGEL: @@ -995,6 +994,9 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_ta(RZ_BORROW cs_insn *insn, const cs_mo #endif case PPC_INS_BC: case PPC_INS_BCL: +#if CS_NEXT_VERSION >= 6 + return UA(INSOP(2).imm); +#else case PPC_INS_BDZ: case PPC_INS_BDZL: case PPC_INS_BDNZ: @@ -1006,6 +1008,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_ta(RZ_BORROW cs_insn *insn, const cs_mo } else { return UA(INSOP(0).imm); } +#endif // Branch to LR #if CS_API_MAJOR == 5 case PPC_INS_BEQLR: @@ -1020,11 +1023,13 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_ta(RZ_BORROW cs_insn *insn, const cs_mo case PPC_INS_BLR: case PPC_INS_BLRL: case PPC_INS_BCLR: - case PPC_INS_BDZLR: case PPC_INS_BCLRL: +#if CS_NEXT_VERSION < 6 + case PPC_INS_BDZLR: case PPC_INS_BDZLRL: case PPC_INS_BDNZLR: case PPC_INS_BDNZLRL: +#endif // LR_0:61 || 0b00 return LOGAND(UA(-4), VARG("lr")); // Branch to CTR diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index 5493e6203c7..ba2d4aa7cac 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -1576,6 +1576,13 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_BCLRL: case PPC_INS_BCTR: case PPC_INS_BCTRL: + case PPC_INS_BL: + case PPC_INS_BLA: + case PPC_INS_BLR: + case PPC_INS_BLRL: + case PPC_INS_BCA: + case PPC_INS_BCLA: +#if CS_NEXT_VERSION < 6 case PPC_INS_BDNZ: case PPC_INS_BDNZA: case PPC_INS_BDNZL: @@ -1588,13 +1595,6 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_BDZLA: case PPC_INS_BDZLR: case PPC_INS_BDZLRL: - case PPC_INS_BL: - case PPC_INS_BLA: - case PPC_INS_BLR: - case PPC_INS_BLRL: - case PPC_INS_BCA: - case PPC_INS_BCLA: -#if CS_API_MAJOR < 6 case PPC_INS_BDNZT: case PPC_INS_BDNZTL: case PPC_INS_BDNZTA: diff --git a/librz/analysis/p/analysis_ppc_cs.c b/librz/analysis/p/analysis_ppc_cs.c index a34ab3c3060..2041d719aaf 100644 --- a/librz/analysis/p/analysis_ppc_cs.c +++ b/librz/analysis/p/analysis_ppc_cs.c @@ -1451,7 +1451,6 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf break; } break; -#endif case PPC_INS_BDNZ: op->type = RZ_ANALYSIS_OP_TYPE_CJMP; op->jump = IMM(0); @@ -1512,6 +1511,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->type = RZ_ANALYSIS_OP_TYPE_CJMP; op->fail = addr + op->size; break; +#endif case PPC_INS_BLR: case PPC_INS_BLRL: case PPC_INS_BCLR: From 6171c461a0e648997efb8ad002887419e92af353 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sat, 29 Jul 2023 07:52:10 -0500 Subject: [PATCH 070/106] Exclude unused functions get_crx_* --- librz/analysis/arch/ppc/ppc_il.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/librz/analysis/arch/ppc/ppc_il.c b/librz/analysis/arch/ppc/ppc_il.c index e308900009a..be7968c10eb 100644 --- a/librz/analysis/arch/ppc/ppc_il.c +++ b/librz/analysis/arch/ppc/ppc_il.c @@ -629,6 +629,7 @@ RZ_IPI ut32 ppc_fmx_to_mask(const ut8 fmx) { (fmx & 0x01 ? x : 0)); } +#if CS_NEXT_VERSION < 6 static const char *get_crx_reg(const csh handle, cs_insn *insn, size_t n) { #if CS_API_MAJOR == 5 && CS_API_MINOR == 0 // bug on crx not being populated in capstone v5.0 @@ -645,10 +646,8 @@ static const char *get_crx_reg(const csh handle, cs_insn *insn, size_t n) { rz_warn_if_reached(); } return cs_reg_name(handle, reg); -#elif CS_NEXT_VERSION < 6 - return cs_reg_name(handle, INSOP(n).crx.reg); #else - return cs_reg_name(handle, PPC_DETAIL(insn).bc.crX); + return cs_reg_name(handle, INSOP(n).crx.reg); #endif } @@ -667,12 +666,11 @@ static ut32 get_crx_cond(const csh handle, cs_insn *insn, size_t n) { } rz_warn_if_reached(); return PPC_BC_INVALID; -#elif CS_NEXT_VERSION < 6 - return INSOP(n).crx.cond; #else - return PPC_DETAIL(insn).bc.pred_cr; + return INSOP(n).crx.cond; #endif } +#endif /** * \brief Get the branch condition for a given instruction. From a69958b808319af3145434cf2bd1ac1f5904bc81 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sat, 29 Jul 2023 11:47:42 -0500 Subject: [PATCH 071/106] Fix incorrectly assigned variables. --- librz/analysis/arch/ppc/ppc_il.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/librz/analysis/arch/ppc/ppc_il.c b/librz/analysis/arch/ppc/ppc_il.c index be7968c10eb..8d53b7d809f 100644 --- a/librz/analysis/arch/ppc/ppc_il.c +++ b/librz/analysis/arch/ppc/ppc_il.c @@ -689,8 +689,8 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins ut32 id = insn->id; #if CS_NEXT_VERSION >= 6 - ut8 bo = PPC_DETAIL(insn).bc.bi; - ut8 bi = PPC_DETAIL(insn).bc.bo; + ut8 bi = PPC_DETAIL(insn).bc.bi; + ut8 bo = PPC_DETAIL(insn).bc.bo; RzILOpBool *decr_ctr = cs_ppc_bc_decr_ctr(bo) ? IL_TRUE : IL_FALSE; RzILOpBool *test_cr_bit = cs_ppc_bc_cr_is_tested(bo) ? IL_TRUE : IL_FALSE; RzILOpBool *check_ctr_is_zero = cs_ppc_bc_tests_ctr_is_zero(bo) ? IL_TRUE : IL_FALSE; From d7c7dae92fd9b421c6cb072cf0cdead4370a75c9 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sat, 29 Jul 2023 12:11:06 -0500 Subject: [PATCH 072/106] Fix condition checks for branches. --- librz/analysis/arch/ppc/ppc_il.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/librz/analysis/arch/ppc/ppc_il.c b/librz/analysis/arch/ppc/ppc_il.c index 8d53b7d809f..1768edb21d6 100644 --- a/librz/analysis/arch/ppc/ppc_il.c +++ b/librz/analysis/arch/ppc/ppc_il.c @@ -12,7 +12,6 @@ #include #include #include -#include RZ_IPI RzAnalysisILConfig *rz_ppc_cs_64_il_config(bool big_endian) { RzAnalysisILConfig *r = rz_analysis_il_config_new(64, big_endian, 64); @@ -694,7 +693,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins RzILOpBool *decr_ctr = cs_ppc_bc_decr_ctr(bo) ? IL_TRUE : IL_FALSE; RzILOpBool *test_cr_bit = cs_ppc_bc_cr_is_tested(bo) ? IL_TRUE : IL_FALSE; RzILOpBool *check_ctr_is_zero = cs_ppc_bc_tests_ctr_is_zero(bo) ? IL_TRUE : IL_FALSE; - RzILOpBool *check_cr_bit_is_set = cs_ppc_bc_tests_cr_bit_is_set(bo) ? IL_TRUE : IL_FALSE; + RzILOpBool *check_cr_bit_is_one = cs_ppc_bc_cr_bit_is_one(bo) ? IL_TRUE : IL_FALSE; #else ut8 bo = PPC_READ_BO_FIELD; ut8 bi = PPC_READ_BI_FIELD; @@ -755,8 +754,8 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins case PPC_INS_BCLR: case PPC_INS_BCLRL: #if CS_NEXT_VERSION >= 6 - ctr_cond_fullfilled = AND(decr_ctr, XOR(NON_ZERO(VARG("ctr")), check_ctr_is_zero)); - cr_cond_fullfilled = AND(test_cr_bit, XOR(get_cr_bit(bi + 32), INV(check_cr_bit_is_set))); + ctr_cond_fullfilled = OR(INV(decr_ctr), XOR(NON_ZERO(VARG("ctr")), check_ctr_is_zero)); + cr_cond_fullfilled = OR(INV(test_cr_bit), XOR(get_cr_bit(bi + 32), INV(check_cr_bit_is_one))); return AND(ctr_cond_fullfilled, cr_cond_fullfilled); #else // BO_2 == 0: Decrement CTR @@ -811,7 +810,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins case PPC_INS_BGECTRL: #endif #if CS_NEXT_VERSION >= 6 - cr_cond_fullfilled = AND(test_cr_bit, XOR(get_cr_bit(bi + 32), INV(check_cr_bit_is_set))); + cr_cond_fullfilled = AND(test_cr_bit, XOR(get_cr_bit(bi + 32), INV(check_cr_bit_is_one))); return cr_cond_fullfilled; #else bo_0 = NON_ZERO(LOGAND(UN(5, 0b10000), VARLP("bo"))); From a1b8650f9841a901ba4ded4bf8ad4e50ed6c812b Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sun, 30 Jul 2023 06:35:18 -0500 Subject: [PATCH 073/106] Use ITE for condition checks, to prevent not necessary reads of CTR or CR. --- librz/analysis/arch/ppc/ppc_il.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/librz/analysis/arch/ppc/ppc_il.c b/librz/analysis/arch/ppc/ppc_il.c index 1768edb21d6..cad88d141f7 100644 --- a/librz/analysis/arch/ppc/ppc_il.c +++ b/librz/analysis/arch/ppc/ppc_il.c @@ -754,8 +754,8 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins case PPC_INS_BCLR: case PPC_INS_BCLRL: #if CS_NEXT_VERSION >= 6 - ctr_cond_fullfilled = OR(INV(decr_ctr), XOR(NON_ZERO(VARG("ctr")), check_ctr_is_zero)); - cr_cond_fullfilled = OR(INV(test_cr_bit), XOR(get_cr_bit(bi + 32), INV(check_cr_bit_is_one))); + ctr_cond_fullfilled = ITE(decr_ctr, XOR(NON_ZERO(VARG("ctr")), check_ctr_is_zero), IL_TRUE); + cr_cond_fullfilled = ITE(test_cr_bit, XOR(get_cr_bit(bi + 32), INV(check_cr_bit_is_one)), IL_TRUE); return AND(ctr_cond_fullfilled, cr_cond_fullfilled); #else // BO_2 == 0: Decrement CTR From 27b3e49ff7593dfe2da5710c35f941b4d8954263 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Sun, 30 Jul 2023 09:16:33 -0500 Subject: [PATCH 074/106] Fix rzil tests with new semantic using register 0 --- test/db/rzil/ppc32 | 13 ++++++- test/db/rzil/ppc64 | 93 +++++++++++++++++++++++++++++----------------- 2 files changed, 70 insertions(+), 36 deletions(-) diff --git a/test/db/rzil/ppc32 b/test/db/rzil/ppc32 index 783d1d0480f..acf587aefc5 100644 --- a/test/db/rzil/ppc32 +++ b/test/db/rzil/ppc32 @@ -12,7 +12,7 @@ EXPECT=<> (>> (bv 64 0x0) (bv 8 0x1) true) (var mstart) false))) (set mstart (mod (+ (var mstart) (bv 8 0x1)) (bv 8 0x40))))) (set m (| (var m) (>> (>> (bv 64 0x0) (bv 8 0x1) true) (var mstop) false))) (set mask (cast 32 false (var m))) empty (set result (& (let rotl32_x (cast 32 false (var r1)) (let rotl32_y (bv 8 0x0) (| (<< (var rotl32_x) (var rotl32_y) false) (>> (var rotl32_x) (- (bv 8 0x20) (cast 8 false (var rotl32_y))) false)))) (var mask))) (set r1 (var result)) empty) -0x100280 (seq (set r0 (let v (bv 16 0x0) (ite (msb (var v)) (cast 32 (msb (var v)) (var v)) (cast 32 false (var v))))) empty) +0x100280 (seq (set a (var 0)) (set b (let v (bv 16 0x0) (ite (msb (var v)) (cast 32 (msb (var v)) (var v)) (cast 32 false (var v))))) empty (set r0 (+ (var a) (var b))) empty empty empty) 0x100284 (seq (storew 0 (+ (var r1) (let v (bv 16 0xfff0) (ite (msb (var v)) (cast 32 (msb (var v)) (var v)) (cast 32 false (var v))))) (cast 32 false (var r1))) (set r1 (+ (var r1) (let v (bv 16 0xfff0) (ite (msb (var v)) (cast 32 (msb (var v)) (var v)) (cast 32 false (var v))))))) 0x100288 (set lr (cast 32 false (var r0))) -- pretty @@ -97,7 +97,9 @@ EXPECT=<> (>> (bv 64 0x0) (bv 8 0x1) true) (var mstart) false))) (set mstart (mod (+ (var mstart) (bv 8 0x1)) (bv 8 0x40))))) (set m (| (var m) (>> (>> (bv 64 0x0) (bv 8 0x1) true) (var mstop) false))) (set mask (cast 64 false (var m))) empty (set result (& (let rotl64_x (var r1) (let rotl64_y (& (bv 8 0x3f) (bv 8 0x0)) (| (<< (var rotl64_x) (var rotl64_y) false) (>> (var rotl64_x) (- (bv 8 0x40) (cast 8 false (var rotl64_y))) false)))) (var mask))) (set r1 (var result)) empty) -0x100518 (seq (set r0 (let v (bv 16 0x0) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) empty) +0x100518 (seq (set a (var 0)) (set b (let v (bv 16 0x0) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) empty (set r0 (+ (var a) (var b))) empty empty empty) -- pretty 0x100508 (seq - (set r2 + (set a + (var 0)) + (set b (let v (append (bv 16 0x1e) @@ -33,6 +35,13 @@ EXPECT=< Date: Thu, 24 Aug 2023 18:51:31 -0500 Subject: [PATCH 075/106] Update include guards for Capstone versions to use CS_NEXT_VERSION. --- librz/analysis/arch/ppc/ppc_il.c | 12 ++++++------ librz/analysis/arch/ppc/ppc_il_ops.c | 24 ++++++++++++------------ librz/analysis/p/analysis_ppc_cs.c | 10 +++++----- 3 files changed, 23 insertions(+), 23 deletions(-) diff --git a/librz/analysis/arch/ppc/ppc_il.c b/librz/analysis/arch/ppc/ppc_il.c index cad88d141f7..5bc9662e66e 100644 --- a/librz/analysis/arch/ppc/ppc_il.c +++ b/librz/analysis/arch/ppc/ppc_il.c @@ -428,7 +428,7 @@ RZ_IPI bool ppc_moves_to_spr(ut32 insn_id) { case PPC_INS_MTSR: case PPC_INS_MTSRIN: case PPC_INS_MTVSCR: -#if CS_API_MAJOR < 6 +#if CS_NEXT_VERSION < 6 case PPC_INS_MTCR: case PPC_INS_MTBR0: case PPC_INS_MTBR1: @@ -713,7 +713,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_cond(const csh handle, RZ_BORROW cs_ins return IL_FALSE; // For learning how the conditions of BCxxx branch instructions are // formed see the Power ISA -#if CS_API_MAJOR == 5 +#if CS_API_MAJOR == 5 && CS_NEXT_VERSION < 6 case PPC_INS_BEQ: case PPC_INS_BEQA: case PPC_INS_BF: @@ -930,7 +930,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_ta(RZ_BORROW cs_insn *insn, const cs_mo #endif // EXTS(LI || 0b00) // Branch to relative address -#if CS_API_MAJOR == 5 +#if CS_API_MAJOR == 5 && CS_NEXT_VERSION < 6 case PPC_INS_BEQ: case PPC_INS_BEQA: case PPC_INS_BF: @@ -985,7 +985,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_ta(RZ_BORROW cs_insn *insn, const cs_mo case PPC_INS_BDNZLA: #endif // EXTS(BD || 0b00) -#if CS_API_MAJOR == 5 +#if CS_API_MAJOR == 5 && CS_NEXT_VERSION < 6 case PPC_INS_BGEL: case PPC_INS_BGELA: #endif @@ -1007,7 +1007,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_ta(RZ_BORROW cs_insn *insn, const cs_mo } #endif // Branch to LR -#if CS_API_MAJOR == 5 +#if CS_API_MAJOR == 5 && CS_NEXT_VERSION < 6 case PPC_INS_BEQLR: case PPC_INS_BEQLRL: case PPC_INS_BLELR: @@ -1030,7 +1030,7 @@ RZ_IPI RZ_OWN RzILOpPure *ppc_get_branch_ta(RZ_BORROW cs_insn *insn, const cs_mo // LR_0:61 || 0b00 return LOGAND(UA(-4), VARG("lr")); // Branch to CTR -#if CS_API_MAJOR == 5 +#if CS_API_MAJOR == 5 && CS_NEXT_VERSION < 6 case PPC_INS_BEQCTR: case PPC_INS_BEQCTRL: case PPC_INS_BFCTR: diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index ba2d4aa7cac..e95f732376a 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -455,7 +455,7 @@ static RzILOpEffect *compare_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, c bool signed_cmp = false; -#if CS_API_MAJOR == 5 +#if CS_API_MAJOR == 5 && CS_NEXT_VERSION < 6 // weird bug on cmp/cmpl in capstone v5 if (id == PPC_INS_CMP) { if (!strcmp(insn->mnemonic, "cmpw")) { @@ -558,7 +558,7 @@ static RzILOpEffect *compare_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, c return ret; } -#if CS_API_MAJOR == 5 +#if CS_API_MAJOR == 5 && CS_NEXT_VERSION < 6 // bug on xori in capstone v5 static bool is_xnop(cs_insn *insn) { return insn->id == PPC_INS_XNOP && @@ -570,7 +570,7 @@ static bool is_xnop(cs_insn *insn) { static RzILOpEffect *bitwise_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, const cs_mode mode) { rz_return_val_if_fail(handle && insn, EMPTY()); -#if CS_API_MAJOR == 5 +#if CS_API_MAJOR == 5 && CS_NEXT_VERSION < 6 if (is_xnop(insn)) { return NOP(); } @@ -621,7 +621,7 @@ static RzILOpEffect *bitwise_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, c } res = LOGOR(op0, op1); break; -#if CS_API_MAJOR == 5 +#if CS_NEXT_VERSION < 6 // bug on xori in capstone v5 case PPC_INS_XNOP: op0 = VARG(rS); @@ -1126,7 +1126,7 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i // M/NM/MI Mask, AND with mask, mask insert // FIXME: With update to auto-sync ppc arch -#if CS_API_MAJOR == 5 && CS_API_MINOR == 0 +#if CS_API_MAJOR == 5 && CS_API_MINOR == 0 && CS_NEXT_VERSION < 6 // weird bug on capstone v5.0 if (id == PPC_INS_CLRLDI && !strcmp(insn->mnemonic, "rldicl")) { id = PPC_INS_RLDICL; @@ -1379,7 +1379,7 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn // Everything is executed linear => Sync instructions are NOP()s. case PPC_INS_ISYNC: case PPC_INS_SYNC: -#if CS_API_MAJOR < 6 +#if CS_NEXT_VERSION < 6 case PPC_INS_LWSYNC: case PPC_INS_MSYNC: case PPC_INS_PTESYNC: @@ -1509,7 +1509,7 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn #endif lop = store_op(handle, insn, mode); break; -#if CS_API_MAJOR < 6 +#if CS_NEXT_VERSION < 6 case PPC_INS_MR: #endif case PPC_INS_AND: @@ -1522,7 +1522,7 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_ORIS: case PPC_INS_NAND: case PPC_INS_NOR: -#if CS_API_MAJOR == 5 +#if CS_API_MAJOR == 5 && CS_NEXT_VERSION < 6 // bug on xori in capstone v5 case PPC_INS_XNOP: #endif @@ -1550,7 +1550,7 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn #endif lop = bitwise_op(handle, insn, mode); break; -#if CS_API_MAJOR == 5 +#if CS_API_MAJOR == 5 && CS_NEXT_VERSION < 6 case PPC_INS_CMP: case PPC_INS_CMPI: case PPC_INS_CMPL: @@ -1612,7 +1612,7 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_BDZFL: case PPC_INS_BDZFLA: #endif -#if CS_API_MAJOR == 5 +#if CS_API_MAJOR == 5 && CS_NEXT_VERSION < 6 case PPC_INS_BCDCFN: case PPC_INS_BCDCFSQ: case PPC_INS_BCDCFZ: @@ -1779,7 +1779,7 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_MTSR: case PPC_INS_MTSRIN: case PPC_INS_MTVSCR: -#if CS_API_MAJOR < 6 +#if CS_NEXT_VERSION < 6 case PPC_INS_MFBR0: case PPC_INS_MFBR1: case PPC_INS_MFBR2: @@ -1860,7 +1860,7 @@ RZ_IPI RzILOpEffect *rz_ppc_cs_get_il_op(RZ_BORROW csh handle, RZ_BORROW cs_insn case PPC_INS_CRNOR: case PPC_INS_CROR: case PPC_INS_CRORC: -#if CS_API_MAJOR < 6 +#if CS_NEXT_VERSION < 6 case PPC_INS_CRSET: case PPC_INS_CRNOT: case PPC_INS_CRMOVE: diff --git a/librz/analysis/p/analysis_ppc_cs.c b/librz/analysis/p/analysis_ppc_cs.c index 2041d719aaf..dd68de1d99f 100644 --- a/librz/analysis/p/analysis_ppc_cs.c +++ b/librz/analysis/p/analysis_ppc_cs.c @@ -988,7 +988,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf case PPC_INS_CMPLWI: case PPC_INS_CMPW: case PPC_INS_CMPWI: -#if CS_API_MAJOR == 5 +#if CS_API_MAJOR == 5 && CS_NEXT_VERSION < 6 case PPC_INS_CMP: case PPC_INS_CMPI: #endif @@ -1010,7 +1010,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->type = RZ_ANALYSIS_OP_TYPE_MOV; esilprintf(op, "%s,lr,=", ARG(0)); break; -#if CS_API_MAJOR < 6 +#if CS_NEXT_VERSION < 6 case PPC_INS_MR: case PPC_INS_LI: op->type = RZ_ANALYSIS_OP_TYPE_MOV; @@ -1059,7 +1059,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf break; case PPC_INS_SYNC: case PPC_INS_ISYNC: -#if CS_API_MAJOR < 6 +#if CS_NEXT_VERSION < 6 case PPC_INS_LWSYNC: case PPC_INS_MSYNC: case PPC_INS_PTESYNC: @@ -1262,7 +1262,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->type = RZ_ANALYSIS_OP_TYPE_ADD; esilprintf(op, "%s,%s,+,%s,=", ARG(2), ARG(1), ARG(0)); break; -#if CS_API_MAJOR < 6 +#if CS_NEXT_VERSION < 6 case PPC_INS_CRCLR: case PPC_INS_CRSET: case PPC_INS_CRMOVE: @@ -1297,7 +1297,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->type = RZ_ANALYSIS_OP_TYPE_CALL; esilprintf(op, "pc,lr,=,ctr,pc,="); break; -#if CS_API_MAJOR == 5 +#if CS_API_MAJOR == 5 && CS_NEXT_VERSION < 6 case PPC_INS_BEQ: case PPC_INS_BEQA: case PPC_INS_BFA: From e69678cf347fd3ffdf79e4a84c80a934164d27cf Mon Sep 17 00:00:00 2001 From: Rot127 Date: Fri, 8 Sep 2023 10:13:32 -0500 Subject: [PATCH 076/106] Init spr_name to prevent unitialized use. --- librz/analysis/arch/ppc/ppc_il_ops.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index e95f732376a..36c24ec776c 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -869,7 +869,7 @@ static RzILOpEffect *move_from_to_spr_op(RZ_BORROW csh handle, RZ_BORROW cs_insn const char *rS = cs_reg_name(handle, INSOP(0).reg); const char *rT = cs_reg_name(handle, INSOP(0).reg); #endif - const char *spr_name; + const char *spr_name = ""; // Some registers need to assemble the value before it is read or written (e.g. XER with all its bits). // Leave it NULL if the value of the SPR or RS should be used. RzILOpEffect *set_val = NULL; From 4831230ab151bf0d000ac021129cfe3f30b1a55a Mon Sep 17 00:00:00 2001 From: Rot127 Date: Fri, 8 Sep 2023 14:53:19 -0500 Subject: [PATCH 077/106] Use mem.offset register for CSv6 --- librz/analysis/arch/ppc/ppc_il_ops.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index 36c24ec776c..45e96ae5229 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -15,7 +15,11 @@ static RzILOpEffect *load_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, cons // READ const char *rT = cs_reg_name(handle, INSOP(0).reg); const char *rA = cs_reg_name(handle, INSOP(1).mem.base); +#if CS_NEXT_VERSION < 6 const char *rB = cs_reg_name(handle, INSOP(2).reg); +#else + const char *rB = cs_reg_name(handle, INSOP(1).mem.offset); +#endif st64 d = INSOP(1).mem.disp; // RA = base ; D = Disposition #if CS_NEXT_VERSION < 6 st64 sI = INSOP(1).imm; // liX instructions (alias for addX). @@ -215,7 +219,11 @@ static RzILOpEffect *store_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, con // READ const char *rS = cs_reg_name(handle, INSOP(0).reg); const char *rA = cs_reg_name(handle, INSOP(1).mem.base); +#if CS_NEXT_VERSION < 6 const char *rB = cs_reg_name(handle, INSOP(2).reg); +#else + const char *rB = cs_reg_name(handle, INSOP(1).mem.offset); +#endif st64 d = INSOP(1).mem.disp; // RA = base ; D = Disposition bool update_ra = ppc_updates_ra_with_ea(id); // Save ea in RA? ut32 mem_acc_size = ppc_get_mem_acc_size(id); From 6459638ccb1c0d548fe255b93d76f4c1087b0471 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Fri, 8 Sep 2023 14:53:31 -0500 Subject: [PATCH 078/106] Always use real operand details. --- librz/analysis/p/analysis_ppc_cs.c | 1 + 1 file changed, 1 insertion(+) diff --git a/librz/analysis/p/analysis_ppc_cs.c b/librz/analysis/p/analysis_ppc_cs.c index dd68de1d99f..5e0a9839811 100644 --- a/librz/analysis/p/analysis_ppc_cs.c +++ b/librz/analysis/p/analysis_ppc_cs.c @@ -953,6 +953,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf return -1; } cs_option(handle, CS_OPT_DETAIL, CS_OPT_ON); + cs_option(handle, CS_OPT_DETAIL, CS_OPT_DETAIL_REAL); } op->size = 4; From 83d692974a4f813f01fabf1b63f04e2cad62e385 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Fri, 8 Sep 2023 15:01:55 -0500 Subject: [PATCH 079/106] Use mem operand for DCBZ --- librz/analysis/arch/ppc/ppc_il_ops.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index 45e96ae5229..14f859582c5 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -242,11 +242,13 @@ static RzILOpEffect *store_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, con NOT_IMPLEMENTED; case PPC_INS_DCBZ: { ut32 r = ppc_log_2(DCACHE_LINE_SIZE); - rA = cs_reg_name(handle, INSOP(0).reg); - rB = cs_reg_name(handle, INSOP(1).reg); #if CS_NEXT_VERSION >= 6 + rA = cs_reg_name(handle, INSOP(0).mem.base); + rB = cs_reg_name(handle, INSOP(0).mem.offset); base = VARG(rA); #else + rA = cs_reg_name(handle, INSOP(0).reg); + rB = cs_reg_name(handle, INSOP(1).reg); base = rA ? VARG(rA) : NULL; #endif From 765c04caceddebac6fda03ee568b92217c2d0ae6 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Fri, 8 Sep 2023 15:11:18 -0500 Subject: [PATCH 080/106] Fix tests which are semantical identical. --- test/db/asm/ppc_64 | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/test/db/asm/ppc_64 b/test/db/asm/ppc_64 index 6e5858d8b19..8bcce83be5d 100644 --- a/test/db/asm/ppc_64 +++ b/test/db/asm/ppc_64 @@ -6,8 +6,8 @@ dE "addme r0, r2" 7c0201d4 0x10 (seq (set a (var r2)) (set b (ite (var ca) (bv 6 dE "addze r0, r2" 7c020194 0x14 (seq (set a (var r2)) (set b (ite (var ca) (bv 64 0x1) (bv 64 0x0))) empty (set r0 (+ (var a) (var b))) (set ca (msb (+ (cast 65 false (var a)) (cast 65 false (var b))))) empty empty) dE "adde r0, r2, r1" 7c020914 0x18 (seq (set a (var r2)) (set b (var r1)) (set c (ite (var ca) (bv 64 0x1) (bv 64 0x0))) (set r0 (+ (var a) (+ (var b) (var c)))) (set ca (let r1 (+ (cast 65 false (var b)) (cast 65 false (var c))) (|| (msb (var r1)) (msb (+ (cast 65 false (var a)) (var r1)))))) empty empty) dE "addc r0, r2, r1" 7c020814 0x1c (seq (set a (var r2)) (set b (var r1)) empty (set r0 (+ (var a) (var b))) (set ca (msb (+ (cast 65 false (var a)) (cast 65 false (var b))))) empty empty) -dE "subf r0, r1, r2" 7c011050 0x20 (seq (set a (+ (~ (var r1)) (bv 64 0x1))) (set b (var r2)) empty (set r0 (+ (var a) (var b))) empty empty empty) -dE "subfc r0, r1, r2" 7c011010 0x24 (seq (set a (+ (~ (var r1)) (bv 64 0x1))) (set b (var r2)) empty (set r0 (+ (var a) (var b))) (set ca (msb (+ (cast 65 false (var a)) (cast 65 false (var b))))) empty empty) +dE "sub r0, r2, r1" 7c011050 0x20 (seq (set a (+ (~ (var r1)) (bv 64 0x1))) (set b (var r2)) empty (set r0 (+ (var a) (var b))) empty empty empty) +dE "subc r0, r2, r1" 7c011010 0x24 (seq (set a (+ (~ (var r1)) (bv 64 0x1))) (set b (var r2)) empty (set r0 (+ (var a) (var b))) (set ca (msb (+ (cast 65 false (var a)) (cast 65 false (var b))))) empty empty) dE "subfic r0, r2, 1" 20020001 0x28 (seq (set a (~ (var r2))) (set b (let v (bv 16 0x1) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) (set c (bv 64 0x1)) (set r0 (+ (var a) (+ (var b) (var c)))) (set ca (let r1 (+ (cast 65 false (var b)) (cast 65 false (var c))) (|| (msb (var r1)) (msb (+ (cast 65 false (var a)) (var r1)))))) empty empty) dE "subfe r0, r1, r2" 7c011110 0x2c (seq (set a (~ (var r1))) (set b (var r2)) (set c (ite (var ca) (bv 64 0x1) (bv 64 0x0))) (set r0 (+ (var a) (+ (var b) (var c)))) (set ca (let r1 (+ (cast 65 false (var b)) (cast 65 false (var c))) (|| (msb (var r1)) (msb (+ (cast 65 false (var a)) (var r1)))))) empty empty) dE "subfme r0, r2" 7c0201d0 0x30 (seq (set a (~ (var r2))) (set b (ite (var ca) (bv 64 0x1) (bv 64 0x0))) (set c (bv 64 0xffffffffffffffff)) (set r0 (+ (var a) (+ (var b) (var c)))) (set ca (let r1 (+ (cast 65 false (var b)) (cast 65 false (var c))) (|| (msb (var r1)) (msb (+ (cast 65 false (var a)) (var r1)))))) empty empty) @@ -34,8 +34,8 @@ dE "stbcix r0, r26, r1" 7c1a0faa 0x80 (seq (storew 0 (+ (var r26) (var r1)) (cas dE "sthcix r0, r26, r1" 7c1a0f6a 0x84 (seq (storew 0 (+ (var r26) (var r1)) (cast 16 false (var r0))) empty) dE "stwcix r0, r26, r1" 7c1a0f2a 0x88 (seq (storew 0 (+ (var r26) (var r1)) (cast 32 false (var r0))) empty) dE "stdcix r0, r26, r1" 7c1a0fea 0x8c (seq (storew 0 (+ (var r26) (var r1)) (cast 64 false (var r0))) empty) -dE "li r0, 1" 38000001 0x90 (seq (set r0 (let v (bv 16 0x1) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) empty) -dE "lis r0, 1" 3c000001 0x94 (seq (set r0 (let v (append (bv 16 0x1) (bv 16 0x0)) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) empty) +dE "li r0, 1" 38000001 0x90 (set r0 (let v (bv 16 0x1) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) +dE "lis r0, 1" 3c000001 0x94 (set r0 (let v (append (bv 16 0x1) (bv 16 0x0)) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) dE "addi r0, r26, 8" 381a0008 0x98 (seq (set a (var r26)) (set b (let v (bv 16 0x8) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) empty (set r0 (+ (var a) (var b))) empty empty empty) dE "lbz r0, 4(r26)" 881a0004 0x9c (seq (set r0 (let ea (+ (var r26) (let v (bv 16 0x4) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) (let loadw (loadw 0 8 (var ea)) (cast 64 false (var loadw))))) empty) dE "lbzx r0, r26, r1" 7c1a08ae 0xa0 (seq (set r0 (let ea (+ (var r26) (var r1)) (let loadw (loadw 0 8 (var ea)) (cast 64 false (var loadw))))) empty) @@ -207,7 +207,7 @@ dE "slw r10, r20, r4" 7e8a2030 0x320 (seq empty empty (set result (append (bv 32 dE "srw r10, r20, r4" 7e8a2430 0x324 (seq empty empty (set result (append (bv 32 0x0) (>> (cast 32 false (var r20)) (var r4) false))) (set r10 (var result)) empty) dE "srad r10, r20, r4" 7e8a2634 0x328 (seq empty (set ca (ite (&& (msb (var r20)) (! (is_zero (mod (var r20) (cast 64 false (<< (bv 64 0x1) (cast 6 false (& (var r4) (bv 64 0x3f))) false)))))) true false)) (set result (>> (var r20) (cast 6 false (& (var r4) (bv 64 0x3f))) (msb (var r20)))) (set r10 (var result)) empty) dE "sradi r10, r20, 4" 7e8a2674 0x32c (seq empty (set ca (ite (&& (msb (var r20)) (! (is_zero (mod (var r20) (cast 64 false (<< (bv 64 0x1) (bv 8 0x4) false)))))) true false)) (set result (>> (var r20) (bv 8 0x4) (msb (var r20)))) (set r10 (var result)) empty) -dE "lis r22, 0" 3ec00000 0x330 (seq (set r22 (let v (append (bv 16 0x0) (bv 16 0x0)) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) empty) +dE "lis r22, 0" 3ec00000 0x330 (set r22 (let v (append (bv 16 0x0) (bv 16 0x0)) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) dE "addi r22, r22, 0" 3ad60000 0x334 (seq (set a (var r22)) (set b (let v (bv 16 0x0) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) empty (set r22 (+ (var a) (var b))) empty empty empty) dE "ld r22, 0(r22)" ead60000 0x338 (seq (set r22 (let ea (+ (var r22) (let v (bv 16 0x0) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) (let loadw (loadw 0 64 (var ea)) (cast 64 false (var loadw))))) empty) dE "sraw r10, r22, r4" 7eca2630 0x33c (seq empty (set ca (ite (&& (msb (cast 32 (msb (var r22)) (var r22))) (! (is_zero (mod (cast 32 false (var r22)) (cast 32 false (<< (bv 64 0x1) (cast 6 false (& (var r4) (bv 64 0x3f))) false)))))) true false)) (set result (cast 64 (msb (>> (cast 32 false (var r22)) (cast 6 false (& (var r4) (bv 64 0x3f))) (msb (cast 32 false (var r22))))) (>> (cast 32 false (var r22)) (cast 6 false (& (var r4) (bv 64 0x3f))) (msb (cast 32 false (var r22)))))) (set r10 (var result)) empty) From 96fdfc57d1787c144f8bcd55bf13f0bbe6289ebc Mon Sep 17 00:00:00 2001 From: Rot127 Date: Fri, 8 Sep 2023 15:11:40 -0500 Subject: [PATCH 081/106] Handle LI LIS alias --- librz/analysis/arch/ppc/ppc_il_ops.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index 14f859582c5..278aedac61c 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -365,6 +365,18 @@ static RzILOpEffect *add_sub_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, b // I/M/Z Immediate, Minus one, Zero extend, // C/E/S Carry (sets it), Extends (adds carry it), Shift immediate + // Handle Add alias + switch (insn->alias_id) { + default: + break; + case PPC_INS_ALIAS_LI: // RT = sI + return SETG(rT, EXTEND(PPC_ARCH_BITS, SN(16, sI))); + break; + case PPC_INS_ALIAS_LIS: // RT = SI << 16 + return SETG(rT, EXTEND(PPC_ARCH_BITS, APPEND(SN(16, sI), U16(0)))); + break; + } + // EXEC switch (id) { default: From efc3d1138506fb7d57efc8143140132106e2db10 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 14 Sep 2023 13:11:46 -0500 Subject: [PATCH 082/106] Fix rzil tests (with simplified semantics) --- test/db/rzil/ppc32 | 35 ++++-------- test/db/rzil/ppc64 | 140 +++++++++++++++++---------------------------- 2 files changed, 66 insertions(+), 109 deletions(-) diff --git a/test/db/rzil/ppc32 b/test/db/rzil/ppc32 index acf587aefc5..281656c6a1b 100644 --- a/test/db/rzil/ppc32 +++ b/test/db/rzil/ppc32 @@ -12,7 +12,7 @@ EXPECT=<> (>> (bv 64 0x0) (bv 8 0x1) true) (var mstart) false))) (set mstart (mod (+ (var mstart) (bv 8 0x1)) (bv 8 0x40))))) (set m (| (var m) (>> (>> (bv 64 0x0) (bv 8 0x1) true) (var mstop) false))) (set mask (cast 32 false (var m))) empty (set result (& (let rotl32_x (cast 32 false (var r1)) (let rotl32_y (bv 8 0x0) (| (<< (var rotl32_x) (var rotl32_y) false) (>> (var rotl32_x) (- (bv 8 0x20) (cast 8 false (var rotl32_y))) false)))) (var mask))) (set r1 (var result)) empty) -0x100280 (seq (set a (var 0)) (set b (let v (bv 16 0x0) (ite (msb (var v)) (cast 32 (msb (var v)) (var v)) (cast 32 false (var v))))) empty (set r0 (+ (var a) (var b))) empty empty empty) +0x100280 (set r0 (let v (bv 16 0x0) (ite (msb (var v)) (cast 32 (msb (var v)) (var v)) (cast 32 false (var v))))) 0x100284 (seq (storew 0 (+ (var r1) (let v (bv 16 0xfff0) (ite (msb (var v)) (cast 32 (msb (var v)) (var v)) (cast 32 false (var v))))) (cast 32 false (var r1))) (set r1 (+ (var r1) (let v (bv 16 0xfff0) (ite (msb (var v)) (cast 32 (msb (var v)) (var v)) (cast 32 false (var v))))))) 0x100288 (set lr (cast 32 false (var r0))) -- pretty @@ -96,30 +96,19 @@ EXPECT=<> (>> (bv 64 0x0) (bv 8 0x1) true) (var mstart) false))) (set mstart (mod (+ (var mstart) (bv 8 0x1)) (bv 8 0x40))))) (set m (| (var m) (>> (>> (bv 64 0x0) (bv 8 0x1) true) (var mstop) false))) (set mask (cast 64 false (var m))) empty (set result (& (let rotl64_x (var r1) (let rotl64_y (& (bv 8 0x3f) (bv 8 0x0)) (| (<< (var rotl64_x) (var rotl64_y) false) (>> (var rotl64_x) (- (bv 8 0x40) (cast 8 false (var rotl64_y))) false)))) (var mask))) (set r1 (var result)) empty) -0x100518 (seq (set a (var 0)) (set b (let v (bv 16 0x0) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) empty (set r0 (+ (var a) (var b))) empty empty empty) +0x100518 (set r0 (let v (bv 16 0x0) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) -- pretty 0x100508 -(seq - (set a - (var 0)) - (set b - (let v - (append - (bv 16 0x1e) - (bv 16 0x0)) - (ite +(set r2 + (let v + (append + (bv 16 0x1e) + (bv 16 0x0)) + (ite + (msb + (var v)) + (cast 64 (msb (var v)) - (cast 64 - (msb - (var v)) - (var v)) - (cast 64 - false - (var v))))) - empty - (set r2 - (+ - (var a) - (var b))) - empty - empty - empty) + (var v)) + (cast 64 + false + (var v))))) 0x10050c (seq (set a @@ -148,68 +137,48 @@ EXPECT=< Date: Thu, 14 Sep 2023 13:28:38 -0500 Subject: [PATCH 083/106] Fix branch alias with new cond test method. --- test/db/asm/ppc_64 | 76 +++++++++++++++++++++++----------------------- 1 file changed, 38 insertions(+), 38 deletions(-) diff --git a/test/db/asm/ppc_64 b/test/db/asm/ppc_64 index 8bcce83be5d..b708c384ed2 100644 --- a/test/db/asm/ppc_64 +++ b/test/db/asm/ppc_64 @@ -51,7 +51,7 @@ dE "lhax r0, r26, r1" 7c1a0aae 0xc4 (seq (set r0 (let ea (+ (var r26) (var r1)) dE "lhaux r0, r26, r1" 7c1a0aee 0xc8 (seq (set r0 (let ea (+ (var r26) (var r1)) (let loadw (loadw 0 16 (var ea)) (let v (var loadw) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))))) (set r26 (+ (var r26) (var r1)))) dE "lhzcix r0, r26, r1" 7c1a0e6a 0xcc (seq (set r0 (let ea (+ (var r26) (var r1)) (let loadw (loadw 0 16 (var ea)) (cast 64 false (var loadw))))) empty) dE "lwa r0, 4(r26)" e81a0006 0xd0 (seq (set r0 (let ea (+ (var r26) (let v (bv 16 0x4) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) (let loadw (loadw 0 32 (var ea)) (let v (var loadw) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))))) empty) -dE "lwa r0, 0(0)" e8000002 0xd0 (seq (set r0 (let ea (let v (bv 16 0x0) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v)))) (let loadw (loadw 0 32 (var ea)) (let v (var loadw) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))))) empty) +dE "lwa r0, 0(0)" e8000002 0xd0 (seq (set r0 (let ea (+ (var 0) (let v (bv 16 0x0) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) (let loadw (loadw 0 32 (var ea)) (let v (var loadw) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))))) empty) dE "lwz r0, 4(r26)" 801a0004 0xd4 (seq (set r0 (let ea (+ (var r26) (let v (bv 16 0x4) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))) (let loadw (loadw 0 32 (var ea)) (cast 64 false (var loadw))))) empty) dE "lwzx r0, r26, r1" 7c1a082e 0xd8 (seq (set r0 (let ea (+ (var r26) (var r1)) (let loadw (loadw 0 32 (var ea)) (cast 64 false (var loadw))))) empty) dE "lwax r0, r26, r1" 7c1a0aaa 0xdc (seq (set r0 (let ea (+ (var r26) (var r1)) (let loadw (loadw 0 32 (var ea)) (let v (var loadw) (ite (msb (var v)) (cast 64 (msb (var v)) (var v)) (cast 64 false (var v))))))) empty) @@ -99,50 +99,50 @@ dE "cmplwi cr6, r0, 0" 2b000000 0x174 (seq (set l (cast 64 (msb (cast 32 false ( dE "cmpldi cr7, r0, 1" 2ba00001 0x178 (seq (set l (var r0)) (set r (append (bv 48 0x0) (bv 16 0x1))) (set so_flag (ite (var so) (bv 1 0x1) (bv 1 0x0))) (branch (&& (ule (var l) (var r)) (! (== (var l) (var r)))) (set cr7 (append (bv 3 0x4) (var so_flag))) (branch (! (ule (var l) (var r))) (set cr7 (append (bv 3 0x2) (var so_flag))) (set cr7 (append (bv 3 0x1) (var so_flag)))))) dE "b 0x180" 48000004 0x17c (seq (set CIA (bv 64 0x17c)) empty empty (set NIA (bv 64 0x180)) (jmp (var NIA))) dE "ba 4" 48000006 0x180 (seq (set CIA (bv 64 0x180)) empty empty (set NIA (bv 64 0x4)) (jmp (var NIA))) -dE "bgectr" 4c800420 0x184 (seq (set CIA (bv 64 0x184)) empty empty (set NIA (ite (let bo (bv 5 0x4) (|| (! (is_zero (& (bv 5 0x10) (var bo)))) (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! (! (is_zero (& (bv 5 0x8) (var bo)))))))) (& (bv 64 0xfffffffffffffffc) (var ctr)) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bgectrl" 4c800421 0x188 (seq (set CIA (bv 64 0x188)) empty (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (let bo (bv 5 0x4) (|| (! (is_zero (& (bv 5 0x10) (var bo)))) (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! (! (is_zero (& (bv 5 0x8) (var bo)))))))) (& (bv 64 0xfffffffffffffffc) (var ctr)) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bge 0x190" 40800004 0x18c (seq (set CIA (bv 64 0x18c)) empty empty (set NIA (ite (let bo (bv 5 0x4) (&& (|| (! (is_zero (& (bv 5 0x10) (var bo)))) (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! (! (is_zero (& (bv 5 0x8) (var bo))))))) (|| (! (is_zero (& (bv 5 0x4) (var bo)))) (^^ (! (is_zero (var ctr))) (! (is_zero (& (bv 5 0x2) (var bo)))))))) (bv 64 0x190) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "ble 0x194" 40810004 0x190 (seq (set CIA (bv 64 0x190)) empty empty (set NIA (ite (let bo (bv 5 0x4) (&& (|| (! (is_zero (& (bv 5 0x10) (var bo)))) (^^ (! (is_zero (& (var cr0) (bv 4 0x4)))) (! (! (is_zero (& (bv 5 0x8) (var bo))))))) (|| (! (is_zero (& (bv 5 0x4) (var bo)))) (^^ (! (is_zero (var ctr))) (! (is_zero (& (bv 5 0x2) (var bo)))))))) (bv 64 0x194) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bgel 0x198" 40800005 0x194 (seq (set CIA (bv 64 0x194)) empty (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (let bo (bv 5 0x4) (&& (|| (! (is_zero (& (bv 5 0x10) (var bo)))) (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! (! (is_zero (& (bv 5 0x8) (var bo))))))) (|| (! (is_zero (& (bv 5 0x4) (var bo)))) (^^ (! (is_zero (var ctr))) (! (is_zero (& (bv 5 0x2) (var bo)))))))) (bv 64 0x198) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bgelr" 4c800020 0x198 (seq (set CIA (bv 64 0x198)) empty empty (set NIA (ite (let bo (bv 5 0x4) (&& (|| (! (is_zero (& (bv 5 0x10) (var bo)))) (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! (! (is_zero (& (bv 5 0x8) (var bo))))))) (|| (! (is_zero (& (bv 5 0x4) (var bo)))) (^^ (! (is_zero (var ctr))) (! (is_zero (& (bv 5 0x2) (var bo)))))))) (& (bv 64 0xfffffffffffffffc) (var lr)) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bgelrl" 4c800021 0x19c (seq (set CIA (bv 64 0x19c)) empty (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (let bo (bv 5 0x4) (&& (|| (! (is_zero (& (bv 5 0x10) (var bo)))) (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! (! (is_zero (& (bv 5 0x8) (var bo))))))) (|| (! (is_zero (& (bv 5 0x4) (var bo)))) (^^ (! (is_zero (var ctr))) (! (is_zero (& (bv 5 0x2) (var bo)))))))) (& (bv 64 0xfffffffffffffffc) (var lr)) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bfctr lt" 4c800420 0x184 (seq (set CIA (bv 64 0x184)) empty empty (set NIA (ite (&& true (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false))) (& (bv 64 0xfffffffffffffffc) (var ctr)) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bfctrl lt" 4c800421 0x188 (seq (set CIA (bv 64 0x188)) empty (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& true (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false))) (& (bv 64 0xfffffffffffffffc) (var ctr)) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bf lt, 0x190" 40800004 0x18c (seq (set CIA (bv 64 0x18c)) empty empty (set NIA (ite (&& (ite false (^^ (! (is_zero (var ctr))) false) true) (ite true (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false)) true)) (bv 64 0x190) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bf gt, 0x194" 40810004 0x190 (seq (set CIA (bv 64 0x190)) empty empty (set NIA (ite (&& (ite false (^^ (! (is_zero (var ctr))) false) true) (ite true (^^ (! (is_zero (& (var cr0) (bv 4 0x4)))) (! false)) true)) (bv 64 0x194) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bfl lt, 0x198" 40800005 0x194 (seq (set CIA (bv 64 0x194)) empty (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (ite false (^^ (! (is_zero (var ctr))) false) true) (ite true (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false)) true)) (bv 64 0x198) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bflr lt" 4c800020 0x198 (seq (set CIA (bv 64 0x198)) empty empty (set NIA (ite (&& (ite false (^^ (! (is_zero (var ctr))) false) true) (ite true (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false)) true)) (& (bv 64 0xfffffffffffffffc) (var lr)) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bflrl lt" 4c800021 0x19c (seq (set CIA (bv 64 0x19c)) empty (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (ite false (^^ (! (is_zero (var ctr))) false) true) (ite true (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false)) true)) (& (bv 64 0xfffffffffffffffc) (var lr)) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) dE "bctr" 4e800420 0x1a0 (seq (set CIA (bv 64 0x1a0)) empty empty (set NIA (& (bv 64 0xfffffffffffffffc) (var ctr))) (jmp (var NIA))) dE "bctrl" 4e800421 0x1a4 (seq (set CIA (bv 64 0x1a4)) empty (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (& (bv 64 0xfffffffffffffffc) (var ctr))) (jmp (var NIA))) dB "bne cr5, 0x1a4" 00009640 0x1a4 (seq (set CIA (bv 64 0x1a4)) empty empty (set NIA (ite (let bo (bv 5 0x4) (&& (|| (! (is_zero (& (bv 5 0x10) (var bo)))) (^^ (! (is_zero (& (var cr5) (bv 4 0x2)))) (! (! (is_zero (& (bv 5 0x8) (var bo))))))) (|| (! (is_zero (& (bv 5 0x4) (var bo)))) (^^ (! (is_zero (var ctr))) (! (is_zero (& (bv 5 0x2) (var bo)))))))) (bv 64 0x1a4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdnz 0x1ac" 42000004 0x1a8 (seq (set CIA (bv 64 0x1a8)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (! (is_zero (var ctr))) (bv 64 0x1ac) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdnza 4" 42000006 0x1ac (seq (set CIA (bv 64 0x1ac)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (! (is_zero (var ctr))) (bv 64 0x4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdnzl 0x1b4" 42000005 0x1b0 (seq (set CIA (bv 64 0x1b0)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (! (is_zero (var ctr))) (bv 64 0x1b4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdnzla 4" 42000007 0x1b4 (seq (set CIA (bv 64 0x1b4)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (! (is_zero (var ctr))) (bv 64 0x4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdnzlr" 4e000020 0x1b8 (seq (set CIA (bv 64 0x1b8)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (! (is_zero (var ctr))) (& (bv 64 0xfffffffffffffffc) (var lr)) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdnzlrl" 4e000021 0x1bc (seq (set CIA (bv 64 0x1bc)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (! (is_zero (var ctr))) (& (bv 64 0xfffffffffffffffc) (var lr)) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdz 0x1c4" 42400004 0x1c0 (seq (set CIA (bv 64 0x1c0)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (is_zero (var ctr)) (bv 64 0x1c4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdza 4" 42400006 0x1c4 (seq (set CIA (bv 64 0x1c4)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (is_zero (var ctr)) (bv 64 0x4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdzl 0x1cc" 42400005 0x1c8 (seq (set CIA (bv 64 0x1c8)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (is_zero (var ctr)) (bv 64 0x1cc) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdzla 4" 42400007 0x1cc (seq (set CIA (bv 64 0x1cc)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (is_zero (var ctr)) (bv 64 0x4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdzlr" 4e400020 0x1d0 (seq (set CIA (bv 64 0x1d0)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (is_zero (var ctr)) (& (bv 64 0xfffffffffffffffc) (var lr)) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdzlrl" 4e400021 0x1d4 (seq (set CIA (bv 64 0x1d4)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (is_zero (var ctr)) (& (bv 64 0xfffffffffffffffc) (var lr)) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bc 0x10, lt, 0x1ac" 42000004 0x1a8 (seq (set CIA (bv 64 0x1a8)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) false) true) (ite false (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false)) true)) (bv 64 0x1ac) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bca 0x10, lt, 4" 42000006 0x1ac (seq (set CIA (bv 64 0x1ac)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) false) true) (ite false (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false)) true)) (bv 64 0x10) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bcl 0x10, lt, 0x1b4" 42000005 0x1b0 (seq (set CIA (bv 64 0x1b0)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) false) true) (ite false (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false)) true)) (bv 64 0x1b4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bcla 0x10, lt, 4" 42000007 0x1b4 (seq (set CIA (bv 64 0x1b4)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) false) true) (ite false (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false)) true)) (bv 64 0x10) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdnzlr" 4e000020 0x1b8 (seq (set CIA (bv 64 0x1b8)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) false) true) (ite false (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false)) true)) (& (bv 64 0xfffffffffffffffc) (var lr)) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdnzlrl" 4e000021 0x1bc (seq (set CIA (bv 64 0x1bc)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) false) true) (ite false (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false)) true)) (& (bv 64 0xfffffffffffffffc) (var lr)) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bc 0x12, lt, 0x1c4" 42400004 0x1c0 (seq (set CIA (bv 64 0x1c0)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) true) true) (ite false (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false)) true)) (bv 64 0x1c4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bca 0x12, lt, 4" 42400006 0x1c4 (seq (set CIA (bv 64 0x1c4)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) true) true) (ite false (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false)) true)) (bv 64 0x12) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bcl 0x12, lt, 0x1cc" 42400005 0x1c8 (seq (set CIA (bv 64 0x1c8)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) true) true) (ite false (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false)) true)) (bv 64 0x1cc) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bcla 0x12, lt, 4" 42400007 0x1cc (seq (set CIA (bv 64 0x1cc)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) true) true) (ite false (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false)) true)) (bv 64 0x12) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdzlr" 4e400020 0x1d0 (seq (set CIA (bv 64 0x1d0)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) true) true) (ite false (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false)) true)) (& (bv 64 0xfffffffffffffffc) (var lr)) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdzlrl" 4e400021 0x1d4 (seq (set CIA (bv 64 0x1d4)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) true) true) (ite false (^^ (! (is_zero (& (var cr0) (bv 4 0x8)))) (! false)) true)) (& (bv 64 0xfffffffffffffffc) (var lr)) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) dE "bl 0x1dc" 48000005 0x1d8 (seq (set CIA (bv 64 0x1d8)) empty (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (bv 64 0x1dc)) (jmp (var NIA))) dE "bla 4" 48000007 0x1dc (seq (set CIA (bv 64 0x1dc)) empty (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (bv 64 0x4)) (jmp (var NIA))) dE "blr" 4e800020 0x1e0 (seq (set CIA (bv 64 0x1e0)) empty empty (set NIA (& (bv 64 0xfffffffffffffffc) (var lr))) (jmp (var NIA))) dE "blrl" 4e800021 0x1e4 (seq (set CIA (bv 64 0x1e4)) empty (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (& (bv 64 0xfffffffffffffffc) (var lr))) (jmp (var NIA))) -dE "bnsa 0x18" 4083001a 0x1e8 (seq (set CIA (bv 64 0x1e8)) empty empty (set NIA (ite (let bo (bv 5 0x4) (&& (|| (! (is_zero (& (bv 5 0x10) (var bo)))) (^^ (! (is_zero (& (var cr0) (bv 4 0x1)))) (! (! (is_zero (& (bv 5 0x8) (var bo))))))) (|| (! (is_zero (& (bv 5 0x4) (var bo)))) (^^ (! (is_zero (var ctr))) (! (is_zero (& (bv 5 0x2) (var bo)))))))) (bv 64 0x18) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bgela cr1, 0x18" 4084001b 0x1ec (seq (set CIA (bv 64 0x1ec)) empty (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (let bo (bv 5 0x4) (&& (|| (! (is_zero (& (bv 5 0x10) (var bo)))) (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! (! (is_zero (& (bv 5 0x8) (var bo))))))) (|| (! (is_zero (& (bv 5 0x4) (var bo)))) (^^ (! (is_zero (var ctr))) (! (is_zero (& (bv 5 0x2) (var bo)))))))) (bv 64 0x18) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdnzt 4*cr1+lt, 0x81d4" 41047fe4 0x1f0 (seq (set CIA (bv 64 0x1f0)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (! (is_zero (var ctr))) (! (is_zero (& (var cr1) (bv 4 0x1))))) (bv 64 0x81d4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdnztl 4*cr1+lt, 0x81d8" 41047fe5 0x1f4 (seq (set CIA (bv 64 0x1f4)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (! (is_zero (var ctr))) (! (is_zero (& (var cr1) (bv 4 0x1))))) (bv 64 0x81d8) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdnzta 4*cr1+lt, 0x7fe4" 41047fe6 0x1f8 (seq (set CIA (bv 64 0x1f8)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (! (is_zero (var ctr))) (! (is_zero (& (var cr1) (bv 4 0x1))))) (bv 64 0x7fe4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdnztla 4*cr1+lt, 0x7fe4" 41047fe7 0x1fc (seq (set CIA (bv 64 0x1fc)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (! (is_zero (var ctr))) (! (is_zero (& (var cr1) (bv 4 0x1))))) (bv 64 0x7fe4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdnzf 4*cr1+lt, 0x81e4" 40047fe4 0x200 (seq (set CIA (bv 64 0x200)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (! (is_zero (var ctr))) (is_zero (& (var cr1) (bv 4 0x1)))) (bv 64 0x81e4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdnzfl 4*cr1+lt, 0x81e8" 40047fe5 0x204 (seq (set CIA (bv 64 0x204)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (! (is_zero (var ctr))) (is_zero (& (var cr1) (bv 4 0x1)))) (bv 64 0x81e8) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdnzfa 4*cr1+lt, 0x7fe4" 40047fe6 0x208 (seq (set CIA (bv 64 0x208)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (! (is_zero (var ctr))) (is_zero (& (var cr1) (bv 4 0x1)))) (bv 64 0x7fe4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdnzfla 4*cr1+lt, 0x7fe4" 40047fe7 0x20c (seq (set CIA (bv 64 0x20c)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (! (is_zero (var ctr))) (is_zero (& (var cr1) (bv 4 0x1)))) (bv 64 0x7fe4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdzt 4*cr1+lt, 0x81f4" 41447fe4 0x210 (seq (set CIA (bv 64 0x210)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (is_zero (var ctr)) (! (is_zero (& (var cr1) (bv 4 0x1))))) (bv 64 0x81f4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdzta 4*cr1+lt, 0x7fe4" 41447fe6 0x214 (seq (set CIA (bv 64 0x214)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (is_zero (var ctr)) (! (is_zero (& (var cr1) (bv 4 0x1))))) (bv 64 0x7fe4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdztl 4*cr1+lt, 0x81fc" 41447fe5 0x218 (seq (set CIA (bv 64 0x218)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (is_zero (var ctr)) (! (is_zero (& (var cr1) (bv 4 0x1))))) (bv 64 0x81fc) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdztla 4*cr1+lt, 0x7fe4" 41447fe7 0x21c (seq (set CIA (bv 64 0x21c)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (is_zero (var ctr)) (! (is_zero (& (var cr1) (bv 4 0x1))))) (bv 64 0x7fe4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdzf 4*cr1+lt, 0x8204" 40447fe4 0x220 (seq (set CIA (bv 64 0x220)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (is_zero (var ctr)) (is_zero (& (var cr1) (bv 4 0x1)))) (bv 64 0x8204) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdzfa 4*cr1+lt, 0x7fe4" 40447fe6 0x224 (seq (set CIA (bv 64 0x224)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (is_zero (var ctr)) (is_zero (& (var cr1) (bv 4 0x1)))) (bv 64 0x7fe4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdzfl 4*cr1+lt, 0x820c" 40447fe5 0x228 (seq (set CIA (bv 64 0x228)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (is_zero (var ctr)) (is_zero (& (var cr1) (bv 4 0x1)))) (bv 64 0x820c) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) -dE "bdzfla 4*cr1+lt, 0x7fe4" 40447fe7 0x22c (seq (set CIA (bv 64 0x22c)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (is_zero (var ctr)) (is_zero (& (var cr1) (bv 4 0x1)))) (bv 64 0x7fe4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bfa un, 0x18" 4083001a 0x1e8 (seq (set CIA (bv 64 0x1e8)) empty empty (set NIA (ite (&& (ite false (^^ (! (is_zero (var ctr))) false) true) (ite true (^^ (! (is_zero (& (var cr0) (bv 4 0x1)))) (! false)) true)) (bv 64 0x4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bfla 4*cr1+lt, 0x18" 4084001b 0x1ec (seq (set CIA (bv 64 0x1ec)) empty (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (ite false (^^ (! (is_zero (var ctr))) false) true) (ite true (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! false)) true)) (bv 64 0x4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdnzt 4*cr1+lt, 0x81d4" 41047fe4 0x1f0 (seq (set CIA (bv 64 0x1f0)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) false) true) (ite true (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! true)) true)) (bv 64 0x81d4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdnztl 4*cr1+lt, 0x81d8" 41047fe5 0x1f4 (seq (set CIA (bv 64 0x1f4)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) false) true) (ite true (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! true)) true)) (bv 64 0x81d8) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdnzta 4*cr1+lt, 0x7fe4" 41047fe6 0x1f8 (seq (set CIA (bv 64 0x1f8)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) false) true) (ite true (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! true)) true)) (bv 64 0x8) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdnztla 4*cr1+lt, 0x7fe4" 41047fe7 0x1fc (seq (set CIA (bv 64 0x1fc)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) false) true) (ite true (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! true)) true)) (bv 64 0x8) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdnzf 4*cr1+lt, 0x81e4" 40047fe4 0x200 (seq (set CIA (bv 64 0x200)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) false) true) (ite true (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! false)) true)) (bv 64 0x81e4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdnzfl 4*cr1+lt, 0x81e8" 40047fe5 0x204 (seq (set CIA (bv 64 0x204)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) false) true) (ite true (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! false)) true)) (bv 64 0x81e8) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdnzfa 4*cr1+lt, 0x7fe4" 40047fe6 0x208 (seq (set CIA (bv 64 0x208)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) false) true) (ite true (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! false)) true)) (bv 64 0x0) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdnzfla 4*cr1+lt, 0x7fe4" 40047fe7 0x20c (seq (set CIA (bv 64 0x20c)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) false) true) (ite true (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! false)) true)) (bv 64 0x0) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdzt 4*cr1+lt, 0x81f4" 41447fe4 0x210 (seq (set CIA (bv 64 0x210)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) true) true) (ite true (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! true)) true)) (bv 64 0x81f4) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdzta 4*cr1+lt, 0x7fe4" 41447fe6 0x214 (seq (set CIA (bv 64 0x214)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) true) true) (ite true (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! true)) true)) (bv 64 0xa) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdztl 4*cr1+lt, 0x81fc" 41447fe5 0x218 (seq (set CIA (bv 64 0x218)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) true) true) (ite true (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! true)) true)) (bv 64 0x81fc) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdztla 4*cr1+lt, 0x7fe4" 41447fe7 0x21c (seq (set CIA (bv 64 0x21c)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) true) true) (ite true (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! true)) true)) (bv 64 0xa) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdzf 4*cr1+lt, 0x8204" 40447fe4 0x220 (seq (set CIA (bv 64 0x220)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) true) true) (ite true (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! false)) true)) (bv 64 0x8204) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdzfa 4*cr1+lt, 0x7fe4" 40447fe6 0x224 (seq (set CIA (bv 64 0x224)) (set ctr (- (var ctr) (bv 64 0x1))) empty (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) true) true) (ite true (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! false)) true)) (bv 64 0x2) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdzfl 4*cr1+lt, 0x820c" 40447fe5 0x228 (seq (set CIA (bv 64 0x228)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) true) true) (ite true (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! false)) true)) (bv 64 0x820c) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) +dE "bdzfla 4*cr1+lt, 0x7fe4" 40447fe7 0x22c (seq (set CIA (bv 64 0x22c)) (set ctr (- (var ctr) (bv 64 0x1))) (set lr (+ (var CIA) (bv 64 0x4))) (set NIA (ite (&& (ite true (^^ (! (is_zero (var ctr))) true) true) (ite true (^^ (! (is_zero (& (var cr1) (bv 4 0x8)))) (! false)) true)) (bv 64 0x2) (+ (var CIA) (bv 64 0x4)))) (jmp (var NIA))) dE "nop" 60000000 0x230 nop dE "xnop" 68000000 0x234 nop dEB "mtocrf 4, r4" 7c904120 0x238 (seq (set val (>> (var r4) (bv 8 0x18) false)) (set cr6 (cast 4 false (var val)))) From 32b654d9c72f961add69b723b5acd1c9d6cbf03e Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 14 Sep 2023 14:22:52 -0500 Subject: [PATCH 084/106] Handle clrl. alias --- librz/analysis/arch/ppc/ppc_il_ops.c | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index 278aedac61c..3ee7f349340 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -1168,6 +1168,10 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i case PPC_INS_RLWINM: case PPC_INS_RLWNM: #if CS_NEXT_VERSION >= 6 + if (insn->alias_id == PPC_INS_ALIAS_CLRLWI || + insn->alias_id == PPC_INS_ALIAS_CLRLWI_) { + break; // Handle down below + } if (id == PPC_INS_RLWNM) { #else if (id == PPC_INS_RLWNM || id == PPC_INS_ROTLW) { @@ -1208,6 +1212,10 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i case PPC_INS_RLDICR: case PPC_INS_RLDIMI: #if CS_NEXT_VERSION >= 6 + if (insn->alias_id == PPC_INS_ALIAS_CLRLDI || + insn->alias_id == PPC_INS_ALIAS_CLRLDI_) { + break; // Handle below + } if (id == PPC_INS_RLDCR || id == PPC_INS_RLDCL) { #else if (id == PPC_INS_RLDCR || id == PPC_INS_RLDCL || id == PPC_INS_ROTLD) { @@ -1332,8 +1340,21 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i all_bits_set = (((b - 1) & 0x3f) == e); set_mask = all_bits_set ? NULL : SET_MASK(U8(b), U8(e)); into_rA = all_bits_set ? r : LOGAND(r, VARL("mask")); -#endif } +#else + } + if (insn->alias_id == PPC_INS_ALIAS_CLRLDI || + insn->alias_id == PPC_INS_ALIAS_CLRLWI || + insn->alias_id == PPC_INS_ALIAS_CLRLDI_ || + insn->alias_id == PPC_INS_ALIAS_CLRLWI_) { + r = VARG(rS); + b = (insn->alias_id == PPC_INS_ALIAS_CLRLWI) ? INSOP(3).imm + 32 : INSOP(3).imm; + e = 63; + all_bits_set = (((b - 1) & 0x3f) == e); + set_mask = all_bits_set ? NULL : SET_MASK(U8(b), U8(e)); + into_rA = all_bits_set ? r : LOGAND(r, VARL("mask")); + } +#endif RzILOpPure *zero = UA(0); RzILOpPure *old_res = VARL("result"); From 0af402d0a7e638612f5b84e7e9140a49a45ce4be Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 14 Sep 2023 14:29:45 -0500 Subject: [PATCH 085/106] Handle SL/SR alias --- librz/analysis/arch/ppc/ppc_il_ops.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index 3ee7f349340..91dcb2ce3a1 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -1156,6 +1156,15 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i id = PPC_INS_RLWINM; } #endif +#if CS_NEXT_VERSION >= 6 + if (insn->alias_id == PPC_INS_ALIAS_SLWI) { + id = PPC_INS_SLWI; + } else if (insn->alias_id == PPC_INS_ALIAS_SRWI) { + id = PPC_INS_SRWI; + } else if (insn->alias_id == PPC_INS_ALIAS_SLDI) { + id = PPC_INS_SLDI; + } +#endif switch (id) { default: @@ -1273,9 +1282,11 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i } break; case PPC_INS_SLDI: +#if CS_NEXT_VERSION < 6 // Currently broken in rizins capstone version. // Immediate is not in instruction. NOT_IMPLEMENTED; +#endif case PPC_INS_SLD: case PPC_INS_SRD: case PPC_INS_SLWI: From 424afb4c7c0c24bc422b5253d1001ad4088c8d28 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 14 Sep 2023 15:43:37 -0500 Subject: [PATCH 086/106] Fix conditional braches in ESIL. --- librz/analysis/p/analysis_ppc_cs.c | 127 +++++++++++++++++++---------- test/db/esil/ppc_32 | 4 +- 2 files changed, 86 insertions(+), 45 deletions(-) diff --git a/librz/analysis/p/analysis_ppc_cs.c b/librz/analysis/p/analysis_ppc_cs.c index 5e0a9839811..d4bd159cbb6 100644 --- a/librz/analysis/p/analysis_ppc_cs.c +++ b/librz/analysis/p/analysis_ppc_cs.c @@ -8,6 +8,7 @@ #include "../../asm/arch/ppc/libvle/vle.h" #include "../arch/ppc/ppc_analysis.h" #include "../arch/ppc/ppc_il.h" +#include "rz_util/rz_strbuf.h" #define SPR_HID0 0x3f0 /* Hardware Implementation Register 0 */ #define SPR_HID1 0x3f1 /* Hardware Implementation Register 1 */ @@ -1328,22 +1329,28 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf case PPC_INS_B: case PPC_INS_BC: case PPC_INS_BA: - op->type = RZ_ANALYSIS_OP_TYPE_CJMP; - op->jump = ARG(1)[0] == '\0' ? IMM(0) : IMM(1); + if (insn->id == PPC_INS_BC) { + op->type = RZ_ANALYSIS_OP_TYPE_CJMP; + } else { + op->type = RZ_ANALYSIS_OP_TYPE_JMP; + } op->fail = addr + op->size; + bool cr_cond_set = true; #if CS_NEXT_VERSION >= 6 + op->jump = insn->id == PPC_INS_BC ? IMM(2) : IMM(0); switch (insn->detail->ppc.bc.pred_cr) { case PPC_PRED_LT: #else + op->jump = ARG(1)[0] == '\0' ? IMM(0) : IMM(1); switch (insn->detail->ppc.bc) { case PPC_BC_LT: #endif /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { - esilprintf(op, "2,cr0,&,?{,%s,pc,=,},", ARG(0)); + esilprintf(op, "2,cr0,&,"); } else { - esilprintf(op, "2,%s,&,?{,%s,pc,=,},", ARG(0), ARG(1)); + esilprintf(op, "2,%s,&,", ARG(0)); } break; #if CS_NEXT_VERSION >= 6 @@ -1354,9 +1361,9 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { - esilprintf(op, "3,cr0,&,?{,%s,pc,=,},", ARG(0)); + esilprintf(op, "3,cr0,&,"); } else { - esilprintf(op, "3,%s,&,?{,%s,pc,=,},", ARG(0), ARG(1)); + esilprintf(op, "3,%s,&,", ARG(0)); } break; #if CS_NEXT_VERSION >= 6 @@ -1367,9 +1374,9 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { - esilprintf(op, "1,cr0,&,?{,%s,pc,=,},", ARG(0)); + esilprintf(op, "1,cr0,&,"); } else { - esilprintf(op, "1,%s,&,?{,%s,pc,=,},", ARG(0), ARG(1)); + esilprintf(op, "1,%s,&,", ARG(0)); } break; #if CS_NEXT_VERSION >= 6 @@ -1380,9 +1387,9 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { - esilprintf(op, "2,cr0,^,3,&,?{,%s,pc,=,},", ARG(0)); + esilprintf(op, "2,cr0,^,3,&,"); } else { - esilprintf(op, "2,%s,^,3,&,?{,%s,pc,=,},", ARG(0), ARG(1)); + esilprintf(op, "2,%s,^,3,&,", ARG(0)); } break; #if CS_NEXT_VERSION >= 6 @@ -1393,9 +1400,9 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { - esilprintf(op, "2,cr0,&,!,?{,%s,pc,=,},", ARG(0)); + esilprintf(op, "2,cr0,&,!,"); } else { - esilprintf(op, "2,%s,&,!,?{,%s,pc,=,},", ARG(0), ARG(1)); + esilprintf(op, "2,%s,&,!,", ARG(0)); } break; #if CS_NEXT_VERSION >= 6 @@ -1406,29 +1413,42 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { - esilprintf(op, "cr0,1,&,!,?{,%s,pc,=,},", ARG(0)); + esilprintf(op, "cr0,1,&,!,"); } else { - esilprintf(op, "%s,1,&,!,?{,%s,pc,=,},", ARG(0), ARG(1)); + esilprintf(op, "%s,1,&,!,", ARG(0)); } break; #if CS_NEXT_VERSION >= 6 case PPC_PRED_INVALID: -#else - case PPC_BC_INVALID: -#endif - op->type = RZ_ANALYSIS_OP_TYPE_JMP; - esilprintf(op, "%s,pc,=", ARG(0)); -#if CS_NEXT_VERSION >= 6 case PPC_PRED_UN: // unordered + PPC_PRED_SO - summary overflow case PPC_PRED_NU: // not unordered + PPC_PRED_NS - not summary overflow #else + case PPC_BC_INVALID: case PPC_BC_UN: // unordered case PPC_BC_NU: // not unordered case PPC_BC_SO: // summary overflow case PPC_BC_NS: // not summary overflow #endif default: + cr_cond_set = false; + break; + } +#if CS_NEXT_VERSION >= 6 + switch (insn->detail->ppc.bc.pred_ctr) { + default: + break; + case PPC_PRED_Z: + rz_strbuf_appendf(&op->esil, "1,ctr,-=,$z,%s", cr_cond_set ? "&&,?" : "?"); break; + case PPC_PRED_NZ: + rz_strbuf_appendf(&op->esil, "1,ctr,-=,$z,!,%s", cr_cond_set ? "&&,?" : "?"); + break; + } +#endif + if (op->type == RZ_ANALYSIS_OP_TYPE_CJMP) { + rz_strbuf_appendf(&op->esil, "{,0x%llx,pc,=,},", op->jump); + } else { + esilprintf(op, ",%s,pc,=,", ARG(0)); } break; #if CS_NEXT_VERSION < 6 @@ -1516,29 +1536,27 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf case PPC_INS_BLR: case PPC_INS_BLRL: case PPC_INS_BCLR: - case PPC_INS_BCLRL: - op->type = RZ_ANALYSIS_OP_TYPE_CRET; - op->fail = addr + op->size; - switch (insn->detail->ppc.bc.pred_cr) { -#if CS_NEXT_VERSION >= 6 - case PPC_PRED_INVALID: -#else - case PPC_BC_INVALID: -#endif + case PPC_INS_BCLRL: { + if (insn->id == PPC_INS_BCLR || insn->id == PPC_INS_BCLRL) { + op->type = RZ_ANALYSIS_OP_TYPE_CRET; + } else { op->type = RZ_ANALYSIS_OP_TYPE_RET; - esilprintf(op, "lr,pc,="); - break; + } + op->fail = addr + op->size; + bool cr_cond_set = true; #if CS_NEXT_VERSION >= 6 + switch (insn->detail->ppc.bc.pred_cr) { case PPC_PRED_LT: #else + switch (insn->detail->ppc.bc) { case PPC_BC_LT: #endif /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { - esilprintf(op, "2,cr0,&,?{,lr,pc,=,},"); + esilprintf(op, "2,cr0,&,"); } else { - esilprintf(op, "2,%s,&,?{,lr,pc,=,},", ARG(0)); + esilprintf(op, "2,%s,&,", ARG(0)); } break; #if CS_NEXT_VERSION >= 6 @@ -1549,9 +1567,9 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { - esilprintf(op, "3,cr0,&,?{,lr,pc,=,},"); + esilprintf(op, "3,cr0,&,"); } else { - esilprintf(op, "3,%s,&,?{,lr,pc,=,},", ARG(0)); + esilprintf(op, "3,%s,&,", ARG(0)); } break; #if CS_NEXT_VERSION >= 6 @@ -1562,9 +1580,9 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { - esilprintf(op, "1,cr0,&,?{,lr,pc,=,},"); + esilprintf(op, "1,cr0,&,"); } else { - esilprintf(op, "1,%s,&,?{,lr,pc,=,},", ARG(0)); + esilprintf(op, "1,%s,&,", ARG(0)); } break; #if CS_NEXT_VERSION >= 6 @@ -1575,9 +1593,9 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { - esilprintf(op, "2,cr0,^,3,&,?{,lr,pc,=,},"); + esilprintf(op, "2,cr0,^,3,&,"); } else { - esilprintf(op, "2,%s,^,3,&,?{,lr,pc,=,},", ARG(0)); + esilprintf(op, "2,%s,^,3,&,", ARG(0)); } break; #if CS_NEXT_VERSION >= 6 @@ -1588,9 +1606,9 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { - esilprintf(op, "2,cr0,&,!,?{,lr,pc,=,},"); + esilprintf(op, "2,cr0,&,!,"); } else { - esilprintf(op, "2,%s,&,!,?{,lr,pc,=,},", ARG(0)); + esilprintf(op, "2,%s,&,!,", ARG(0)); } break; #if CS_NEXT_VERSION >= 6 @@ -1601,24 +1619,47 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf /* 0b01 == equal * 0b10 == less than */ if (ARG(1)[0] == '\0') { - esilprintf(op, "cr0,1,&,!,?{,lr,pc,=,},"); + esilprintf(op, "cr0,1,&,!,"); } else { - esilprintf(op, "%s,1,&,!,?{,lr,pc,=,},", ARG(0)); + esilprintf(op, "%s,1,&,!,", ARG(0)); } break; #if CS_NEXT_VERSION >= 6 + case PPC_PRED_INVALID: case PPC_PRED_UN: // unordered + PPC_PRED_SO - summary overflow case PPC_PRED_NU: // not unordered + PPC_PRED_NS - not summary overflow #else + case PPC_BC_INVALID: case PPC_BC_UN: // unordered case PPC_BC_NU: // not unordered case PPC_BC_SO: // summary overflow case PPC_BC_NS: // not summary overflow #endif default: + cr_cond_set = false; + break; + } +#if CS_NEXT_VERSION >= 6 + switch (insn->detail->ppc.bc.pred_ctr) { + default: + break; + case PPC_PRED_Z: + rz_strbuf_appendf(&op->esil, "1,ctr,-=,$z,%s", cr_cond_set ? "&&,?" : "?"); break; + case PPC_PRED_NZ: + rz_strbuf_appendf(&op->esil, "1,ctr,-=,$z,!,%s", cr_cond_set ? "&&,?" : "?"); + break; + } +#endif + if (op->type == RZ_ANALYSIS_OP_TYPE_CRET) { + op->type = RZ_ANALYSIS_OP_TYPE_CRET; + rz_strbuf_appendf(&op->esil, "{,lr,pc,=,},"); + } else { + op->type = RZ_ANALYSIS_OP_TYPE_RET; + esilprintf(op, ",lr,pc,=,"); } break; + } case PPC_INS_NOR: op->type = RZ_ANALYSIS_OP_TYPE_NOR; esilprintf(op, "%s,%s,|,!,%s,=", ARG(2), ARG(1), ARG(0)); diff --git a/test/db/esil/ppc_32 b/test/db/esil/ppc_32 index 9aa5c4467fb..d95339f2dbe 100644 --- a/test/db/esil/ppc_32 +++ b/test/db/esil/ppc_32 @@ -38,7 +38,7 @@ e cfg.bigendian=true .(pi 4200fff0) EOF EXPECT=< Date: Thu, 14 Sep 2023 15:56:47 -0500 Subject: [PATCH 087/106] Fix possible multiplication result overflow. --- librz/analysis/arch/arm/arm_il32.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/librz/analysis/arch/arm/arm_il32.c b/librz/analysis/arch/arm/arm_il32.c index 61229b52228..ed5c369c1ba 100644 --- a/librz/analysis/arch/arm/arm_il32.c +++ b/librz/analysis/arch/arm/arm_il32.c @@ -3162,7 +3162,7 @@ static RzILOpEffect *vldn_single_lane(cs_insn *insn, bool is_thumb) { bool wback = insn->detail->writeback; RzILOpEffect *wback_eff; if (wback) { - RzILOpBitVector *new_offset = use_rm_as_wback_offset ? MEMINDEX(mem_idx) : UN(32, elem_bytes * group_sz); + RzILOpBitVector *new_offset = use_rm_as_wback_offset ? MEMINDEX(mem_idx) : UN(32, (ut64) elem_bytes * group_sz); wback_eff = write_reg(REGID(mem_idx), ADD(MEMBASE(mem_idx), new_offset)); } else { wback_eff = EMPTY(); @@ -3247,7 +3247,7 @@ static RzILOpEffect *vldn_all_lane(cs_insn *insn, bool is_thumb) { bool wback = insn->detail->writeback; RzILOpEffect *wback_eff; if (wback) { - RzILOpBitVector *new_offset = use_rm_as_wback_offset ? MEMINDEX(mem_idx) : UN(32, elem_bytes * group_sz); + RzILOpBitVector *new_offset = use_rm_as_wback_offset ? MEMINDEX(mem_idx) : UN(32, (ut64) elem_bytes * group_sz); wback_eff = write_reg(REGID(mem_idx), ADD(MEMBASE(mem_idx), new_offset)); } else { wback_eff = EMPTY(); @@ -3438,7 +3438,7 @@ static RzILOpEffect *vstn_from_single_lane(cs_insn *insn, bool is_thumb) { bool wback = insn->detail->writeback; RzILOpEffect *wback_eff; if (wback) { - RzILOpBitVector *new_offset = use_rm_as_wback_offset ? MEMINDEX(mem_idx) : UN(32, elem_bytes * group_sz); + RzILOpBitVector *new_offset = use_rm_as_wback_offset ? MEMINDEX(mem_idx) : UN(32, (ut64) elem_bytes * group_sz); wback_eff = write_reg(REGID(mem_idx), ADD(MEMBASE(mem_idx), new_offset)); } else { wback_eff = EMPTY(); From bc3b74354a486a5340810f0625905094a8431c9e Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 20 Sep 2023 10:24:35 -0500 Subject: [PATCH 088/106] Set capstone-next to newest commit . --- subprojects/capstone-next.wrap | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/subprojects/capstone-next.wrap b/subprojects/capstone-next.wrap index 196aca72591..79ed5b425d1 100644 --- a/subprojects/capstone-next.wrap +++ b/subprojects/capstone-next.wrap @@ -1,5 +1,5 @@ [wrap-git] url = https://github.com/capstone-engine/capstone.git -revision = 0daa5044b8904d55e7628f3528d588c1354cd275 +revision = 103ace5768b3cf9c36ec6ce1a5ab4617333080de directory = capstone-next patch_directory = capstone-next From 2b19e0212c1d5fcb22181ccb5034430de19a3ae2 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 20 Sep 2023 10:26:57 -0500 Subject: [PATCH 089/106] Add RZ_NONNULL --- librz/analysis/arch/arm/arm_cs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/librz/analysis/arch/arm/arm_cs.h b/librz/analysis/arch/arm/arm_cs.h index 8bfaa543e50..efb9e8e5fd7 100644 --- a/librz/analysis/arch/arm/arm_cs.h +++ b/librz/analysis/arch/arm/arm_cs.h @@ -10,7 +10,7 @@ RZ_IPI int rz_arm_cs_analysis_op_32_esil(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf, int len, csh *handle, cs_insn *insn, bool thumb); RZ_IPI int rz_arm_cs_analysis_op_64_esil(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf, int len, csh *handle, cs_insn *insn); -RZ_IPI bool rz_arm_cs_is_group_member(const cs_insn *insn, arm_insn_group feature); +RZ_IPI bool rz_arm_cs_is_group_member(RZ_NONNULL const cs_insn *insn, arm_insn_group feature); RZ_IPI const char *rz_arm32_cs_esil_prefix_cond(RzAnalysisOp *op, ARMCC_CondCodes cond_type); RZ_IPI const char *rz_arm64_cs_esil_prefix_cond(RzAnalysisOp *op, arm64_cc cond_type); From 84c5ceb3266be39cd615061e14761491021e2098 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 20 Sep 2023 10:38:03 -0500 Subject: [PATCH 090/106] Use Capstone's next branch as default branch --- meson_options.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meson_options.txt b/meson_options.txt index 44c4a83fbd7..3f463091bc0 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -20,7 +20,7 @@ option('rizin_bindings', type: 'string', value: '', description: 'Path where riz option('checks_level', type: 'integer', value: 9999, description: 'Value between 0 and 3 to enable different level of assert (see RZ_CHECKS_LEVEL). By default its value depends on buildtype (2 on debug, 1 on release).') option('use_sys_capstone', type: 'feature', value: 'disabled') -option('use_capstone_version', type: 'combo', choices: ['v3', 'v4', 'v5', 'next', 'auto-sync-ppc'], value: 'auto-sync-ppc', description: 'Specify which version of capstone to use') +option('use_capstone_version', type: 'combo', choices: ['v3', 'v4', 'v5', 'next'], value: 'next', description: 'Specify which version of capstone to use') option('use_sys_magic', type: 'feature', value: 'disabled') option('use_sys_libzip', type: 'feature', value: 'disabled') option('use_sys_libzip_openssl', type: 'boolean', value: false, description: 'Whether to use or not system openssl dependency to build libzip') From d75e11bbf61126364b7d0a296208a4f90340e936 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 20 Sep 2023 10:40:52 -0500 Subject: [PATCH 091/106] Run clang-format --- librz/analysis/arch/arm/arm_il32.c | 6 +++--- librz/analysis/arch/ppc/ppc_analysis.h | 6 +++--- librz/analysis/arch/ppc/ppc_il_ops.c | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/librz/analysis/arch/arm/arm_il32.c b/librz/analysis/arch/arm/arm_il32.c index ed5c369c1ba..4f5cbc68829 100644 --- a/librz/analysis/arch/arm/arm_il32.c +++ b/librz/analysis/arch/arm/arm_il32.c @@ -3162,7 +3162,7 @@ static RzILOpEffect *vldn_single_lane(cs_insn *insn, bool is_thumb) { bool wback = insn->detail->writeback; RzILOpEffect *wback_eff; if (wback) { - RzILOpBitVector *new_offset = use_rm_as_wback_offset ? MEMINDEX(mem_idx) : UN(32, (ut64) elem_bytes * group_sz); + RzILOpBitVector *new_offset = use_rm_as_wback_offset ? MEMINDEX(mem_idx) : UN(32, (ut64)elem_bytes * group_sz); wback_eff = write_reg(REGID(mem_idx), ADD(MEMBASE(mem_idx), new_offset)); } else { wback_eff = EMPTY(); @@ -3247,7 +3247,7 @@ static RzILOpEffect *vldn_all_lane(cs_insn *insn, bool is_thumb) { bool wback = insn->detail->writeback; RzILOpEffect *wback_eff; if (wback) { - RzILOpBitVector *new_offset = use_rm_as_wback_offset ? MEMINDEX(mem_idx) : UN(32, (ut64) elem_bytes * group_sz); + RzILOpBitVector *new_offset = use_rm_as_wback_offset ? MEMINDEX(mem_idx) : UN(32, (ut64)elem_bytes * group_sz); wback_eff = write_reg(REGID(mem_idx), ADD(MEMBASE(mem_idx), new_offset)); } else { wback_eff = EMPTY(); @@ -3438,7 +3438,7 @@ static RzILOpEffect *vstn_from_single_lane(cs_insn *insn, bool is_thumb) { bool wback = insn->detail->writeback; RzILOpEffect *wback_eff; if (wback) { - RzILOpBitVector *new_offset = use_rm_as_wback_offset ? MEMINDEX(mem_idx) : UN(32, (ut64) elem_bytes * group_sz); + RzILOpBitVector *new_offset = use_rm_as_wback_offset ? MEMINDEX(mem_idx) : UN(32, (ut64)elem_bytes * group_sz); wback_eff = write_reg(REGID(mem_idx), ADD(MEMBASE(mem_idx), new_offset)); } else { wback_eff = EMPTY(); diff --git a/librz/analysis/arch/ppc/ppc_analysis.h b/librz/analysis/arch/ppc/ppc_analysis.h index 1c16570bdd8..b83ab509982 100644 --- a/librz/analysis/arch/ppc/ppc_analysis.h +++ b/librz/analysis/arch/ppc/ppc_analysis.h @@ -5,9 +5,9 @@ #define PPC_ANALYSIS_H #define PPC_DETAIL(insn) insn->detail->ppc -#define INSOP(n) insn->detail->ppc.operands[n] -#define OP_CNT insn->detail->ppc.op_count -#define IMM(x) (ut64)(insn->detail->ppc.operands[x].imm) +#define INSOP(n) insn->detail->ppc.operands[n] +#define OP_CNT insn->detail->ppc.op_count +#define IMM(x) (ut64)(insn->detail->ppc.operands[x].imm) #define PPC_IN_BE_MODE (mode & CS_MODE_BIG_ENDIAN) // Capstone does not extract the BO or BI fields of instructions. So we do it manually. diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index 91dcb2ce3a1..3ff9d4ab431 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -1364,7 +1364,7 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i all_bits_set = (((b - 1) & 0x3f) == e); set_mask = all_bits_set ? NULL : SET_MASK(U8(b), U8(e)); into_rA = all_bits_set ? r : LOGAND(r, VARL("mask")); - } + } #endif RzILOpPure *zero = UA(0); From c12f3c5bd54f68f818921be0c651d4d667ea0333 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 20 Sep 2023 11:13:54 -0500 Subject: [PATCH 092/106] Add 0 register --- test/db/abi/platforms/reg_profile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/db/abi/platforms/reg_profile b/test/db/abi/platforms/reg_profile index 9568b3eddd0..0b8760ac785 100644 --- a/test/db/abi/platforms/reg_profile +++ b/test/db/abi/platforms/reg_profile @@ -192,6 +192,7 @@ r31 = 0x00000000 so = 0x0 ov = 0x0 ca = 0x0 +0 = 0x00000000 EOF RUN @@ -235,6 +236,7 @@ r31 = 0x00000000 so = 0x0 ov = 0x0 ca = 0x0 +0 = 0x00000000 EOF RUN From 5d4dc79be4c919373cad7d0268ae5dadb736a736 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 20 Sep 2023 11:39:36 -0500 Subject: [PATCH 093/106] Handle LIS alias --- librz/analysis/arch/ppc/ppc_il_ops.c | 2 -- librz/analysis/p/analysis_ppc_cs.c | 15 +++++++++++++++ 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index 3ff9d4ab431..4e8d7a22ca5 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -371,10 +371,8 @@ static RzILOpEffect *add_sub_op(RZ_BORROW csh handle, RZ_BORROW cs_insn *insn, b break; case PPC_INS_ALIAS_LI: // RT = sI return SETG(rT, EXTEND(PPC_ARCH_BITS, SN(16, sI))); - break; case PPC_INS_ALIAS_LIS: // RT = SI << 16 return SETG(rT, EXTEND(PPC_ARCH_BITS, APPEND(SN(16, sI), U16(0)))); - break; } // EXEC diff --git a/librz/analysis/p/analysis_ppc_cs.c b/librz/analysis/p/analysis_ppc_cs.c index d4bd159cbb6..51f962e11d3 100644 --- a/librz/analysis/p/analysis_ppc_cs.c +++ b/librz/analysis/p/analysis_ppc_cs.c @@ -1284,8 +1284,23 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf case PPC_INS_ADDIS: case PPC_INS_ADDME: case PPC_INS_ADDZE: +#if CS_NEXT_VERSION >= 6 + switch (insn->alias_id) { + default: + op->type = RZ_ANALYSIS_OP_TYPE_ADD; + esilprintf(op, "%s,%s,+,%s,=", ARG(2), ARG(1), ARG(0)); + break; + case PPC_INS_ALIAS_LIS: + op->type = RZ_ANALYSIS_OP_TYPE_MOV; + op->val = IMM(2); + op->val <<= 16; + esilprintf(op, "0x%llx0000,%s,=", IMM(2), ARG(0)); + break; + } +#else op->type = RZ_ANALYSIS_OP_TYPE_ADD; esilprintf(op, "%s,%s,+,%s,=", ARG(2), ARG(1), ARG(0)); +#endif break; case PPC_INS_MTSPR: op->type = RZ_ANALYSIS_OP_TYPE_MOV; From afa18ac2d01178313b0cc0973bc751bd194a8524 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 20 Sep 2023 13:01:40 -0500 Subject: [PATCH 094/106] Fix: Print crX reg name in CS v6 --- librz/analysis/p/analysis_ppc_cs.c | 69 ++++++++++++------------------ 1 file changed, 28 insertions(+), 41 deletions(-) diff --git a/librz/analysis/p/analysis_ppc_cs.c b/librz/analysis/p/analysis_ppc_cs.c index 51f962e11d3..99d7fd95a3e 100644 --- a/librz/analysis/p/analysis_ppc_cs.c +++ b/librz/analysis/p/analysis_ppc_cs.c @@ -1354,84 +1354,81 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf #if CS_NEXT_VERSION >= 6 op->jump = insn->id == PPC_INS_BC ? IMM(2) : IMM(0); switch (insn->detail->ppc.bc.pred_cr) { - case PPC_PRED_LT: #else op->jump = ARG(1)[0] == '\0' ? IMM(0) : IMM(1); switch (insn->detail->ppc.bc) { - case PPC_BC_LT: #endif - /* 0b01 == equal - * 0b10 == less than */ +#if CS_NEXT_VERSION >= 6 + case PPC_PRED_LT: + esilprintf(op, "2,%s,&,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); +#else + case PPC_BC_LT: if (ARG(1)[0] == '\0') { esilprintf(op, "2,cr0,&,"); } else { esilprintf(op, "2,%s,&,", ARG(0)); } +#endif break; #if CS_NEXT_VERSION >= 6 case PPC_PRED_LE: + esilprintf(op, "3,%s,&,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); #else case PPC_BC_LE: -#endif - /* 0b01 == equal - * 0b10 == less than */ if (ARG(1)[0] == '\0') { esilprintf(op, "3,cr0,&,"); } else { esilprintf(op, "3,%s,&,", ARG(0)); } +#endif break; #if CS_NEXT_VERSION >= 6 case PPC_PRED_EQ: + esilprintf(op, "1,%s,&,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); #else case PPC_BC_EQ: -#endif - /* 0b01 == equal - * 0b10 == less than */ if (ARG(1)[0] == '\0') { esilprintf(op, "1,cr0,&,"); } else { esilprintf(op, "1,%s,&,", ARG(0)); } +#endif break; #if CS_NEXT_VERSION >= 6 case PPC_PRED_GE: + esilprintf(op, "2,%s,^,3,&,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); #else case PPC_BC_GE: -#endif - /* 0b01 == equal - * 0b10 == less than */ if (ARG(1)[0] == '\0') { esilprintf(op, "2,cr0,^,3,&,"); } else { esilprintf(op, "2,%s,^,3,&,", ARG(0)); } +#endif break; #if CS_NEXT_VERSION >= 6 case PPC_PRED_GT: + esilprintf(op, "2,%s,&,!,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); #else case PPC_BC_GT: -#endif - /* 0b01 == equal - * 0b10 == less than */ if (ARG(1)[0] == '\0') { esilprintf(op, "2,cr0,&,!,"); } else { esilprintf(op, "2,%s,&,!,", ARG(0)); } +#endif break; #if CS_NEXT_VERSION >= 6 case PPC_PRED_NE: + esilprintf(op, "%s,1,&,!,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); #else case PPC_BC_NE: -#endif - /* 0b01 == equal - * 0b10 == less than */ if (ARG(1)[0] == '\0') { esilprintf(op, "cr0,1,&,!,"); } else { esilprintf(op, "%s,1,&,!,", ARG(0)); } +#endif break; #if CS_NEXT_VERSION >= 6 case PPC_PRED_INVALID: @@ -1562,82 +1559,72 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf #if CS_NEXT_VERSION >= 6 switch (insn->detail->ppc.bc.pred_cr) { case PPC_PRED_LT: + esilprintf(op, "2,%s,&,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); #else switch (insn->detail->ppc.bc) { case PPC_BC_LT: -#endif - /* 0b01 == equal - * 0b10 == less than */ if (ARG(1)[0] == '\0') { esilprintf(op, "2,cr0,&,"); } else { esilprintf(op, "2,%s,&,", ARG(0)); } +#endif break; #if CS_NEXT_VERSION >= 6 case PPC_PRED_LE: + esilprintf(op, "3,%s,&,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); #else case PPC_BC_LE: + esilprintf(op, "3,%s,&,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); #endif - /* 0b01 == equal - * 0b10 == less than */ - if (ARG(1)[0] == '\0') { - esilprintf(op, "3,cr0,&,"); - } else { - esilprintf(op, "3,%s,&,", ARG(0)); - } break; #if CS_NEXT_VERSION >= 6 case PPC_PRED_EQ: + esilprintf(op, "1,%s,&,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); #else case PPC_BC_EQ: -#endif - /* 0b01 == equal - * 0b10 == less than */ if (ARG(1)[0] == '\0') { esilprintf(op, "1,cr0,&,"); } else { esilprintf(op, "1,%s,&,", ARG(0)); } +#endif break; #if CS_NEXT_VERSION >= 6 case PPC_PRED_GE: + esilprintf(op, "2,%s,^,3,&,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); #else case PPC_BC_GE: -#endif - /* 0b01 == equal - * 0b10 == less than */ if (ARG(1)[0] == '\0') { esilprintf(op, "2,cr0,^,3,&,"); } else { esilprintf(op, "2,%s,^,3,&,", ARG(0)); } +#endif break; #if CS_NEXT_VERSION >= 6 case PPC_PRED_GT: + esilprintf(op, "2,%s,&,!,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); #else case PPC_BC_GT: -#endif - /* 0b01 == equal - * 0b10 == less than */ if (ARG(1)[0] == '\0') { esilprintf(op, "2,cr0,&,!,"); } else { esilprintf(op, "2,%s,&,!,", ARG(0)); } +#endif break; #if CS_NEXT_VERSION >= 6 case PPC_PRED_NE: + esilprintf(op, "%s,1,&,!,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); #else case PPC_BC_NE: -#endif - /* 0b01 == equal - * 0b10 == less than */ if (ARG(1)[0] == '\0') { esilprintf(op, "cr0,1,&,!,"); } else { esilprintf(op, "%s,1,&,!,", ARG(0)); } +#endif break; #if CS_NEXT_VERSION >= 6 case PPC_PRED_INVALID: From d5625b0a35f5bce8eeda4741d6f1b36cd828a266 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 20 Sep 2023 15:56:42 -0500 Subject: [PATCH 095/106] Handle all general branch instructions into a single case statement. --- librz/analysis/p/analysis_ppc_cs.c | 179 ++++++++--------------------- 1 file changed, 48 insertions(+), 131 deletions(-) diff --git a/librz/analysis/p/analysis_ppc_cs.c b/librz/analysis/p/analysis_ppc_cs.c index 99d7fd95a3e..1513cb90e02 100644 --- a/librz/analysis/p/analysis_ppc_cs.c +++ b/librz/analysis/p/analysis_ppc_cs.c @@ -1341,128 +1341,6 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf case PPC_INS_BUN: case PPC_INS_BUNA: #endif - case PPC_INS_B: - case PPC_INS_BC: - case PPC_INS_BA: - if (insn->id == PPC_INS_BC) { - op->type = RZ_ANALYSIS_OP_TYPE_CJMP; - } else { - op->type = RZ_ANALYSIS_OP_TYPE_JMP; - } - op->fail = addr + op->size; - bool cr_cond_set = true; -#if CS_NEXT_VERSION >= 6 - op->jump = insn->id == PPC_INS_BC ? IMM(2) : IMM(0); - switch (insn->detail->ppc.bc.pred_cr) { -#else - op->jump = ARG(1)[0] == '\0' ? IMM(0) : IMM(1); - switch (insn->detail->ppc.bc) { -#endif -#if CS_NEXT_VERSION >= 6 - case PPC_PRED_LT: - esilprintf(op, "2,%s,&,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); -#else - case PPC_BC_LT: - if (ARG(1)[0] == '\0') { - esilprintf(op, "2,cr0,&,"); - } else { - esilprintf(op, "2,%s,&,", ARG(0)); - } -#endif - break; -#if CS_NEXT_VERSION >= 6 - case PPC_PRED_LE: - esilprintf(op, "3,%s,&,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); -#else - case PPC_BC_LE: - if (ARG(1)[0] == '\0') { - esilprintf(op, "3,cr0,&,"); - } else { - esilprintf(op, "3,%s,&,", ARG(0)); - } -#endif - break; -#if CS_NEXT_VERSION >= 6 - case PPC_PRED_EQ: - esilprintf(op, "1,%s,&,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); -#else - case PPC_BC_EQ: - if (ARG(1)[0] == '\0') { - esilprintf(op, "1,cr0,&,"); - } else { - esilprintf(op, "1,%s,&,", ARG(0)); - } -#endif - break; -#if CS_NEXT_VERSION >= 6 - case PPC_PRED_GE: - esilprintf(op, "2,%s,^,3,&,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); -#else - case PPC_BC_GE: - if (ARG(1)[0] == '\0') { - esilprintf(op, "2,cr0,^,3,&,"); - } else { - esilprintf(op, "2,%s,^,3,&,", ARG(0)); - } -#endif - break; -#if CS_NEXT_VERSION >= 6 - case PPC_PRED_GT: - esilprintf(op, "2,%s,&,!,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); -#else - case PPC_BC_GT: - if (ARG(1)[0] == '\0') { - esilprintf(op, "2,cr0,&,!,"); - } else { - esilprintf(op, "2,%s,&,!,", ARG(0)); - } -#endif - break; -#if CS_NEXT_VERSION >= 6 - case PPC_PRED_NE: - esilprintf(op, "%s,1,&,!,", cs_reg_name(handle, insn->detail->ppc.bc.crX)); -#else - case PPC_BC_NE: - if (ARG(1)[0] == '\0') { - esilprintf(op, "cr0,1,&,!,"); - } else { - esilprintf(op, "%s,1,&,!,", ARG(0)); - } -#endif - break; -#if CS_NEXT_VERSION >= 6 - case PPC_PRED_INVALID: - case PPC_PRED_UN: // unordered + PPC_PRED_SO - summary overflow - case PPC_PRED_NU: // not unordered + PPC_PRED_NS - not summary overflow -#else - case PPC_BC_INVALID: - case PPC_BC_UN: // unordered - case PPC_BC_NU: // not unordered - case PPC_BC_SO: // summary overflow - case PPC_BC_NS: // not summary overflow -#endif - default: - cr_cond_set = false; - break; - } -#if CS_NEXT_VERSION >= 6 - switch (insn->detail->ppc.bc.pred_ctr) { - default: - break; - case PPC_PRED_Z: - rz_strbuf_appendf(&op->esil, "1,ctr,-=,$z,%s", cr_cond_set ? "&&,?" : "?"); - break; - case PPC_PRED_NZ: - rz_strbuf_appendf(&op->esil, "1,ctr,-=,$z,!,%s", cr_cond_set ? "&&,?" : "?"); - break; - } -#endif - if (op->type == RZ_ANALYSIS_OP_TYPE_CJMP) { - rz_strbuf_appendf(&op->esil, "{,0x%llx,pc,=,},", op->jump); - } else { - esilprintf(op, ",%s,pc,=,", ARG(0)); - } - break; #if CS_NEXT_VERSION < 6 case PPC_INS_BT: case PPC_INS_BF: @@ -1545,17 +1423,29 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf op->fail = addr + op->size; break; #endif + case PPC_INS_B: + case PPC_INS_BC: + case PPC_INS_BA: + case PPC_INS_BCL: case PPC_INS_BLR: case PPC_INS_BLRL: case PPC_INS_BCLR: - case PPC_INS_BCLRL: { - if (insn->id == PPC_INS_BCLR || insn->id == PPC_INS_BCLRL) { + case PPC_INS_BCLRL: + case PPC_INS_BCCTR: + case PPC_INS_BCCTRL: { + if (insn->id == PPC_INS_BC || insn->id == PPC_INS_BCCTR) { + op->type = RZ_ANALYSIS_OP_TYPE_CJMP; + } else if (insn->id == PPC_INS_B || insn->id == PPC_INS_BA) { + op->type = RZ_ANALYSIS_OP_TYPE_JMP; + } else if (insn->id == PPC_INS_BCLR || insn->id == PPC_INS_BCLRL) { op->type = RZ_ANALYSIS_OP_TYPE_CRET; - } else { + } else if (insn->id == PPC_INS_BLR || insn->id == PPC_INS_BLRL) { op->type = RZ_ANALYSIS_OP_TYPE_RET; + } else if (insn->id == PPC_INS_BCCTRL) { + op->type = RZ_ANALYSIS_OP_TYPE_CCALL; } - op->fail = addr + op->size; bool cr_cond_set = true; + bool ctr_cond_set = true; #if CS_NEXT_VERSION >= 6 switch (insn->detail->ppc.bc.pred_cr) { case PPC_PRED_LT: @@ -1644,6 +1534,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf #if CS_NEXT_VERSION >= 6 switch (insn->detail->ppc.bc.pred_ctr) { default: + ctr_cond_set = false; break; case PPC_PRED_Z: rz_strbuf_appendf(&op->esil, "1,ctr,-=,$z,%s", cr_cond_set ? "&&,?" : "?"); @@ -1653,12 +1544,38 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf break; } #endif - if (op->type == RZ_ANALYSIS_OP_TYPE_CRET) { - op->type = RZ_ANALYSIS_OP_TYPE_CRET; - rz_strbuf_appendf(&op->esil, "{,lr,pc,=,},"); + bool is_cond = cr_cond_set || ctr_cond_set; + if (is_cond) { + rz_strbuf_appendf(&op->esil, "{,"); + op->fail = addr + op->size; + } + + if (insn->id == PPC_INS_B || insn->id == PPC_INS_BC || insn->id == PPC_INS_BA || insn->id == PPC_INS_BCL) { +#if CS_NEXT_VERSION >= 6 + op->jump = (insn->id == PPC_INS_BC || insn->id == PPC_INS_BCL) ? IMM(2) : IMM(0); +#else + op->jump = ARG(1)[0] == '\0' ? IMM(0) : IMM(1); +#endif + } + + if (insn->id == PPC_INS_BLRL || + insn->id == PPC_INS_BCLRL || + insn->id == PPC_INS_BCCTRL || + insn->id == PPC_INS_BCL) { + op->fail = addr + op->size; + rz_strbuf_appendf(&op->esil, "0x%"PFMT64x",lr,=,", op->fail); + } + + // Set target source + if (insn->id == PPC_INS_BCCTR || insn->id == PPC_INS_BCCTRL) { + rz_strbuf_appendf(&op->esil, "ctr,pc,=,"); + } else if (op->type == RZ_ANALYSIS_OP_TYPE_CRET || op->type == RZ_ANALYSIS_OP_TYPE_RET) { + rz_strbuf_appendf(&op->esil, "lr,pc,=,"); } else { - op->type = RZ_ANALYSIS_OP_TYPE_RET; - esilprintf(op, ",lr,pc,=,"); + rz_strbuf_appendf(&op->esil, "0x%"PFMT64x",pc,=,", op->jump); + } + if (is_cond) { + rz_strbuf_appendf(&op->esil, "},"); } break; } From 1061887d77670f38db023b661781fb9eebb26328 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 20 Sep 2023 15:58:59 -0500 Subject: [PATCH 096/106] Fix no semantic issues in tests. --- test/db/analysis/ppc | 2 +- test/db/cmd/cmd_a_capital_o | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/test/db/analysis/ppc b/test/db/analysis/ppc index d194ac92259..f3da1a416ef 100644 --- a/test/db/analysis/ppc +++ b/test/db/analysis/ppc @@ -702,7 +702,7 @@ EXPECT=<>,<<,36,+,0xffffffff,&,[4],0xffffffff,&,ip,= -[{"opcode":"ldr ip, [pc, 0x24]","disasm":"ldr ip, sym.__libc_csu_fini","pseudo":"ip = sym.__libc_csu_fini","description":"load from memory to register","mnemonic":"ldr","mask":"ffffffff","esil":"2,2,8,$$,+,>>,<<,36,+,0xffffffff,&,[4],0xffffffff,&,ip,=","rzil":{"opcode":"set","dst":"r12","src":{"opcode":"loadw","mem":0,"key":{"opcode":"bitv","bits":"0x817c","len":32},"bits":32}},"sign":false,"prefix":0,"id":4,"opex":{"operands":[{"type":"reg","value":"ip"},{"type":"mem","base":"pc","scale":1,"disp":36}]},"addr":33104,"bytes":"24c09fe5","disp":36,"ptr":33148,"size":4,"type":"load","esilcost":4,"ireg":"pc","scale":1,"refptr":4,"cycles":4,"failcycles":0,"delay":0,"stackptr":0,"family":"cpu"}] +[{"opcode":"ldr ip, [pc, 0x24]","disasm":"ldr ip, sym.__libc_csu_fini","pseudo":"ip = sym.__libc_csu_fini","description":"load from memory to register","mnemonic":"ldr","mask":"ffffffff","esil":"2,2,8,$$,+,>>,<<,36,+,0xffffffff,&,[4],0xffffffff,&,ip,=","rzil":{"opcode":"set","dst":"r12","src":{"opcode":"loadw","mem":0,"key":{"opcode":"bitv","bits":"0x817c","len":32},"bits":32}},"sign":false,"prefix":0,"id":4,"opex":{"operands":[{"type":"reg","value":"ip"},{"type":"mem","base":"pc","scale":0,"disp":36}]},"addr":33104,"bytes":"24c09fe5","disp":36,"ptr":33148,"size":4,"type":"load","esilcost":4,"ireg":"pc","scale":0,"refptr":4,"cycles":4,"failcycles":0,"delay":0,"stackptr":0,"family":"cpu"}] EOF RUN \ No newline at end of file From 16f1aa0d39d5d20d738bd9963cadf9c510450151 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Wed, 20 Sep 2023 15:59:34 -0500 Subject: [PATCH 097/106] Add new discovered calls --- test/db/analysis/ppc | 36 +++++++++++++++++++++++++----------- 1 file changed, 25 insertions(+), 11 deletions(-) diff --git a/test/db/analysis/ppc b/test/db/analysis/ppc index f3da1a416ef..e47e1f16920 100644 --- a/test/db/analysis/ppc +++ b/test/db/analysis/ppc @@ -61,13 +61,6 @@ fcn.10003f90: sym.imp.unlink fcn.10003e40 -fcn.10003e40: - sym.imp.free - sym.imp.elf_getdata - sym.imp.elf_end - sym.imp.fsync - sym.imp.close - fcn.100016f0: sym.imp.memset sym.imp.gelf_fsize @@ -199,6 +192,13 @@ fcn.100030f0: fcn.10003bc0 sym.imp.elf_getdata +fcn.10003e40: + sym.imp.free + sym.imp.elf_getdata + sym.imp.elf_end + sym.imp.fsync + sym.imp.close + fcn.10003ce0: sym.imp.error @@ -287,10 +287,6 @@ fcn.1000cbf0: sym.imp.calloc sym.imp.free -fcn.1000c730: - sym.imp.fprintf - sym.imp.abort - fcn.1000cb20: fcn.1000c730 sym.imp.free @@ -301,7 +297,18 @@ fcn.1000c650: sym.imp.free fcn.10009270: + fcn.10003bc0 + sym.imp.elf_flagscn sym.imp.error + fcn.10008f70 + sym.imp.__assert_fail + +fcn.1000c490: + sym.imp.abort + +fcn.1000c730: + sym.imp.fprintf + sym.imp.abort fcn.1000ce30: sym.imp.memset @@ -336,6 +343,12 @@ fcn.100036e0: fcn.100139b0: sym.imp.qsort + sym.imp.calloc + sym.imp.memset + fcn.100139b0 + sym.imp.error + fcn.10025b30 + fcn.10003230 fcn.10003230: fcn.100030f0 @@ -357,6 +370,7 @@ fcn.10003770: fcn.100034d0: fcn.100030f0 + sym.imp.elf_flagscn fcn.10003630: fcn.100030f0 From e843fcba8e30274dd7c52ec30367c94fccecdffa Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 21 Sep 2023 10:59:38 -0500 Subject: [PATCH 098/106] Move direction check to inline functoin. --- librz/analysis/var.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/librz/analysis/var.c b/librz/analysis/var.c index 27e472c602a..943517522a6 100644 --- a/librz/analysis/var.c +++ b/librz/analysis/var.c @@ -1084,6 +1084,10 @@ static const char *get_regname(RzAnalysis *analysis, RzAnalysisValue *value) { return name; } +static inline bool is_not_read_nor_write(const RzAnalysisOpDirection direction) { + return direction != RZ_ANALYSIS_OP_DIR_READ && direction != RZ_ANALYSIS_OP_DIR_WRITE; +} + /** * Try to extract any args from a single op * @@ -1106,7 +1110,7 @@ static void extract_stack_var(RzAnalysis *analysis, RzAnalysisFunction *fcn, RzA if ((delta < 0 && *sign == '+') || (delta >= 0 && *sign == '-')) { continue; } - if (!delta && op->direction != RZ_ANALYSIS_OP_DIR_READ && op->direction != RZ_ANALYSIS_OP_DIR_WRITE) { + if (!delta && is_not_read_nor_write(op->direction)) { // avoid creating variables for just `mov rbp, rsp`, which would otherwise detect a var at rsp+0 // so for delta == 0, we only consider actual memory operations for now continue; @@ -1171,7 +1175,7 @@ static void extract_stack_var(RzAnalysis *analysis, RzAnalysisFunction *fcn, RzA if (*sign == '-') { addend = -addend; } - if (addend == 0 && op->direction != RZ_ANALYSIS_OP_DIR_READ && op->direction != RZ_ANALYSIS_OP_DIR_WRITE) { + if (addend == 0 && is_not_read_nor_write(op->direction)) { // avoid creating variables for just `mov rbp, rsp`, which would otherwise detect a var at rsp+0 // so for addend == 0, we only consider actual memory operations for now goto beach; From f55a2642c3a543625974e053b0ca044dc0b7ff5d Mon Sep 17 00:00:00 2001 From: Rot127 Date: Thu, 21 Sep 2023 11:42:53 -0500 Subject: [PATCH 099/106] Add link of root cause for broken test. --- test/db/tools/rz_asm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/db/tools/rz_asm b/test/db/tools/rz_asm index b990402cbe5..32167b3a05a 100644 --- a/test/db/tools/rz_asm +++ b/test/db/tools/rz_asm @@ -395,7 +395,7 @@ EOF RUN NAME=rz-asm -A with -c and -o -BROKEN=1 +BROKEN=1 # See: https://github.com/rizinorg/rizin/issues/3694 FILE== CMDS=!rz-asm -a arm -b 16 -A -o 0x1000 -c cortexm 0x80f30988 EXPECT=< Date: Thu, 21 Sep 2023 13:59:24 -0500 Subject: [PATCH 100/106] Add QPX support. --- librz/analysis/p/analysis_ppc_cs.c | 2 + librz/asm/p/asm_ppc_cs.c | 6 +- test/db/asm/ppc_qpx_64 | 124 +++++++++++++++++++++++++++++ 3 files changed, 131 insertions(+), 1 deletion(-) create mode 100644 test/db/asm/ppc_qpx_64 diff --git a/librz/analysis/p/analysis_ppc_cs.c b/librz/analysis/p/analysis_ppc_cs.c index 1513cb90e02..7811073f8d5 100644 --- a/librz/analysis/p/analysis_ppc_cs.c +++ b/librz/analysis/p/analysis_ppc_cs.c @@ -940,6 +940,8 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf if (ret >= 0) { return op->size; } + } else if (a->cpu && RZ_STR_EQ(a->cpu, "qpx")) { + mode |= CS_MODE_QPX; } if (mode != omode || a->bits != obits) { diff --git a/librz/asm/p/asm_ppc_cs.c b/librz/asm/p/asm_ppc_cs.c index 36e4588eaee..d19ab8cb548 100644 --- a/librz/asm/p/asm_ppc_cs.c +++ b/librz/asm/p/asm_ppc_cs.c @@ -90,6 +90,10 @@ static int disassemble(RzAsm *a, RzAsmOp *op, const ut8 *buf, int len) { break; } mode |= a->big_endian ? CS_MODE_BIG_ENDIAN : CS_MODE_LITTLE_ENDIAN; + if (a->cpu && RZ_STR_EQ(a->cpu, "qpx")) { + mode |= CS_MODE_QPX; + } + if (mode != omode || a->bits != obits) { cs_close(&handle); handle = 0; @@ -125,7 +129,7 @@ RzAsmPlugin rz_asm_plugin_ppc_cs = { .license = "BSD", .author = "pancake", .arch = "ppc", - .cpus = "ppc,vle,ps", + .cpus = "ppc,vle,ps,qpx", .bits = 32 | 64, .endian = RZ_SYS_ENDIAN_LITTLE | RZ_SYS_ENDIAN_BIG, .fini = the_end, diff --git a/test/db/asm/ppc_qpx_64 b/test/db/asm/ppc_qpx_64 new file mode 100644 index 00000000000..0185de4484d --- /dev/null +++ b/test/db/asm/ppc_qpx_64 @@ -0,0 +1,124 @@ +dE "qvfabs q3, q5" 10602a10 +dE "qvfabs q3, q5" 10602a10 +dE "qvfadd q3, q4, q5" 1064282a +dE "qvfadds q3, q4, q5" 0064282a +dE "qvfandc q3, q4, q5" 10642a08 +dE "qvfand q3, q4, q5" 10642888 +dE "qvfcfid q3, q5" 10602e9c +dE "qvfcfids q3, q5" 00602e9c +dE "qvfcfidu q3, q5" 10602f9c +dE "qvfcfidus q3, q5" 00602f9c +dE "qvfclr q3" 10631808 +dE "qvfcpsgn q3, q4, q5" 10642810 +dE "qvfctfb q3, q4" 10642288 +dE "qvfctid q3, q5" 10602e5c +dE "qvfctidu q3, q5" 10602f5c +dE "qvfctiduz q3, q5" 10602f5e +dE "qvfctidz q3, q5" 10602e5e +dE "qvfctiw q3, q5" 1060281c +dE "qvfctiwu q3, q5" 1060291c +dE "qvfctiwuz q3, q5" 1060291e +dE "qvfctiwz q3, q5" 1060281e +dE "qvfequ q3, q4, q5" 10642c88 +dE "qvflogical q3, q4, q5, 0xc" 10642e08 +dE "qvfmadd q3, q4, q6, q5" 106429ba +dE "qvfmadds q3, q4, q6, q5" 006429ba +dE "qvfmr q3, q5" 10602890 +dE "qvfmsub q3, q4, q6, q5" 106429b8 +dE "qvfmsubs q3, q4, q6, q5" 006429b8 +dE "qvfmul q3, q4, q6" 106401b2 +dE "qvfmuls q3, q4, q6" 006401b2 +dE "qvfnabs q3, q5" 10602910 +dE "qvfnand q3, q4, q5" 10642f08 +dE "qvfneg q3, q5" 10602850 +dE "qvfnmadd q3, q4, q6, q5" 106429be +dE "qvfnmadds q3, q4, q6, q5" 006429be +dE "qvfnmsub q3, q4, q6, q5" 106429bc +dE "qvfnmsubs q3, q4, q6, q5" 006429bc +dE "qvfnor q3, q4, q5" 10642c08 +dE "qvfnot q3, q4" 10642508 +dE "qvforc q3, q4, q5" 10642e88 +dE "qvfor q3, q4, q5" 10642b88 +dE "qvfperm q3, q4, q5, q6" 1064298c +dE "qvfre q3, q5" 10602830 +dE "qvfres q3, q5" 00602830 +dE "qvfrim q3, q5" 10602bd0 +dE "qvfrin q3, q5" 10602b10 +dE "qvfrip q3, q5" 10602b90 +dE "qvfriz q3, q5" 10602b50 +dE "qvfrsp q3, q5" 10602818 +dE "qvfrsqrte q3, q5" 10602834 +dE "qvfrsqrtes q3, q5" 00602834 +dE "qvfsel q3, q4, q6, q5" 106429ae +dE "qvfset q3" 10631f88 +dE "qvfsub q3, q4, q5" 10642828 +dE "qvfsubs q3, q4, q5" 00642828 +dE "qvfxmadd q3, q4, q6, q5" 10642992 +dE "qvfxmadds q3, q4, q6, q5" 00642992 +dE "qvfxmul q3, q4, q6" 106401a2 +dE "qvfxmuls q3, q4, q6" 006401a2 +dE "qvfxor q3, q4, q5" 10642b08 +dE "qvfxxcpnmadd q3, q4, q6, q5" 10642986 +dE "qvfxxcpnmadds q3, q4, q6, q5" 00642986 +dE "qvfxxmadd q3, q4, q6, q5" 10642982 +dE "qvfxxmadds q3, q4, q6, q5" 00642982 +dE "qvfxxnpmadd q3, q4, q6, q5" 10642996 +dE "qvfxxnpmadds q3, q4, q6, q5" 00642996 +dE "qvlfcduxa q3, r9, r11" 7c6958cf +dE "qvlfcdux q3, r9, r11" 7c6958ce +dE "qvlfcdxa q3, r10, r11" 7c6a588f +dE "qvlfcdx q3, r10, r11" 7c6a588e +dE "qvlfcsuxa q3, r9, r11" 7c69584f +dE "qvlfcsux q3, r9, r11" 7c69584e +dE "qvlfcsxa q3, r10, r11" 7c6a580f +dE "qvlfcsx q3, r10, r11" 7c6a580e +dE "qvlfduxa q3, r9, r11" 7c695ccf +dE "qvlfdux q3, r9, r11" 7c695cce +dE "qvlfdxa q3, r10, r11" 7c6a5c8f +dE "qvlfdx q3, r10, r11" 7c6a5c8e +dE "qvlfiwaxa q3, r10, r11" 7c6a5ecf +dE "qvlfiwax q3, r10, r11" 7c6a5ece +dE "qvlfiwzxa q3, r10, r11" 7c6a5e8f +dE "qvlfiwzx q3, r10, r11" 7c6a5e8e +dE "qvlfsuxa q3, r9, r11" 7c695c4f +dE "qvlfsux q3, r9, r11" 7c695c4e +dE "qvlfsxa q3, r10, r11" 7c6a5c0f +dE "qvlfsx q3, r10, r11" 7c6a5c0e +dE "qvlpcldx q3, r10, r11" 7c6a5c8c +dE "qvlpclsx q3, r10, r11" 7c6a5c0c +dE "qvlpcrdx q3, r10, r11" 7c6a588c +dE "qvlpcrsx q3, r10, r11" 7c6a580c +dE "qvstfcduxa q2, r9, r11" 7c4959cf +dE "qvstfcduxia q2, r9, r11" 7c4959cb +dE "qvstfcduxi q2, r9, r11" 7c4959ca +dE "qvstfcdux q2, r9, r11" 7c4959ce +dE "qvstfcdxa q2, r10, r11" 7c4a598f +dE "qvstfcdxia q2, r10, r11" 7c4a598b +dE "qvstfcdxi q2, r10, r11" 7c4a598a +dE "qvstfcdx q2, r10, r11" 7c4a598e +dE "qvstfcsuxa q2, r9, r11" 7c49594f +dE "qvstfcsuxia q2, r9, r11" 7c49594b +dE "qvstfcsuxi q2, r9, r11" 7c49594a +dE "qvstfcsux q2, r9, r11" 7c49594e +dE "qvstfcsxa q2, r10, r11" 7c4a590f +dE "qvstfcsxia q2, r10, r11" 7c4a590b +dE "qvstfcsxi q2, r10, r11" 7c4a590a +dE "qvstfcsx q2, r10, r11" 7c4a590e +dE "qvstfduxa q2, r9, r11" 7c495dcf +dE "qvstfduxia q2, r9, r11" 7c495dcb +dE "qvstfduxi q2, r9, r11" 7c495dca +dE "qvstfdux q2, r9, r11" 7c495dce +dE "qvstfdxa q2, r10, r11" 7c4a5d8f +dE "qvstfdxia q2, r10, r11" 7c4a5d8b +dE "qvstfdxi q2, r10, r11" 7c4a5d8a +dE "qvstfdx q2, r10, r11" 7c4a5d8e +dE "qvstfiwxa q2, r10, r11" 7c4a5f8f +dE "qvstfiwx q2, r10, r11" 7c4a5f8e +dE "qvstfsuxa q2, r9, r11" 7c495d4f +dE "qvstfsuxia q2, r9, r11" 7c495d4b +dE "qvstfsuxi q2, r9, r11" 7c495d4a +dE "qvstfsux q2, r9, r11" 7c495d4e +dE "qvstfsxa q2, r10, r11" 7c4a5d0f +dE "qvstfsxia q2, r10, r11" 7c4a5d0b +dE "qvstfsxi q2, r10, r11" 7c4a5d0a +dE "qvstfsx q2, r10, r11" 7c4a5d0e From a47fea13c5b472d22857fb2cebe7b2ac719cfb2e Mon Sep 17 00:00:00 2001 From: Rot127 Date: Fri, 22 Sep 2023 12:57:37 -0500 Subject: [PATCH 101/106] Set Capstone next branch to latest commit. --- subprojects/capstone-next.wrap | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/subprojects/capstone-next.wrap b/subprojects/capstone-next.wrap index 79ed5b425d1..18a9d2baa6e 100644 --- a/subprojects/capstone-next.wrap +++ b/subprojects/capstone-next.wrap @@ -1,5 +1,5 @@ [wrap-git] url = https://github.com/capstone-engine/capstone.git -revision = 103ace5768b3cf9c36ec6ce1a5ab4617333080de +revision = 0155912af04d0d8a4f13b762c9e7fe9b6ddba7f6 directory = capstone-next patch_directory = capstone-next From a9c62abd4e28e0e3e4814abf0040ca7a83413d8a Mon Sep 17 00:00:00 2001 From: Rot127 Date: Fri, 22 Sep 2023 13:02:25 -0500 Subject: [PATCH 102/106] Run clang-format --- librz/analysis/p/analysis_ppc_cs.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/librz/analysis/p/analysis_ppc_cs.c b/librz/analysis/p/analysis_ppc_cs.c index 7811073f8d5..83dd3353d09 100644 --- a/librz/analysis/p/analysis_ppc_cs.c +++ b/librz/analysis/p/analysis_ppc_cs.c @@ -1565,7 +1565,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf insn->id == PPC_INS_BCCTRL || insn->id == PPC_INS_BCL) { op->fail = addr + op->size; - rz_strbuf_appendf(&op->esil, "0x%"PFMT64x",lr,=,", op->fail); + rz_strbuf_appendf(&op->esil, "0x%" PFMT64x ",lr,=,", op->fail); } // Set target source @@ -1574,7 +1574,7 @@ static int analyze_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf } else if (op->type == RZ_ANALYSIS_OP_TYPE_CRET || op->type == RZ_ANALYSIS_OP_TYPE_RET) { rz_strbuf_appendf(&op->esil, "lr,pc,=,"); } else { - rz_strbuf_appendf(&op->esil, "0x%"PFMT64x",pc,=,", op->jump); + rz_strbuf_appendf(&op->esil, "0x%" PFMT64x ",pc,=,", op->jump); } if (is_cond) { rz_strbuf_appendf(&op->esil, "},"); From dc905dfc3db3bd12fa3f7ceb74751cb403f068db Mon Sep 17 00:00:00 2001 From: Rot127 Date: Fri, 22 Sep 2023 13:23:24 -0500 Subject: [PATCH 103/106] Fix uninitialized warning. --- librz/analysis/arch/ppc/ppc_il_ops.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/librz/analysis/arch/ppc/ppc_il_ops.c b/librz/analysis/arch/ppc/ppc_il_ops.c index 4e8d7a22ca5..f39aab2172d 100644 --- a/librz/analysis/arch/ppc/ppc_il_ops.c +++ b/librz/analysis/arch/ppc/ppc_il_ops.c @@ -1132,7 +1132,7 @@ static RzILOpEffect *shift_and_rotate(RZ_BORROW csh handle, RZ_BORROW cs_insn *i RzILOpPure *n; // Shift/rotate steps RzILOpPure *r; // Rotate result - RzILOpPure *into_rA; + RzILOpPure *into_rA = NULL; RzILOpPure *ca_val; // Arithmetic shift instructions set the ca field. RzILOpEffect *set_mask = NULL, *set_ca = NULL, *update_cr0 = NULL; From 466f2af667c9f72a9dff81175eb6a7df858a57f7 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Mon, 25 Sep 2023 11:10:23 -0500 Subject: [PATCH 104/106] Set CS next branch to newes commit --- subprojects/capstone-next.wrap | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/subprojects/capstone-next.wrap b/subprojects/capstone-next.wrap index 18a9d2baa6e..9b86501c59e 100644 --- a/subprojects/capstone-next.wrap +++ b/subprojects/capstone-next.wrap @@ -1,5 +1,5 @@ [wrap-git] url = https://github.com/capstone-engine/capstone.git -revision = 0155912af04d0d8a4f13b762c9e7fe9b6ddba7f6 +revision = fa0b8187be89f2a21fca719a33b4058de86d8edf directory = capstone-next patch_directory = capstone-next From 697de35dece1340a7a1a4cd2b15d36ddbe8c77ec Mon Sep 17 00:00:00 2001 From: Rot127 Date: Mon, 25 Sep 2023 11:12:37 -0500 Subject: [PATCH 105/106] Remove CS auto-sync subproject branches. --- subprojects/capstone-auto-sync-ppc.wrap | 6 -- .../capstone-auto-sync-ppc/meson.build | 98 ------------------- 2 files changed, 104 deletions(-) delete mode 100644 subprojects/capstone-auto-sync-ppc.wrap delete mode 100644 subprojects/packagefiles/capstone-auto-sync-ppc/meson.build diff --git a/subprojects/capstone-auto-sync-ppc.wrap b/subprojects/capstone-auto-sync-ppc.wrap deleted file mode 100644 index 92d65b9aa67..00000000000 --- a/subprojects/capstone-auto-sync-ppc.wrap +++ /dev/null @@ -1,6 +0,0 @@ -[wrap-git] -url = https://github.com/Rot127/capstone.git -revision = auto-sync-ppc -directory = capstone-auto-sync-ppc -depth = 1 -patch_directory = capstone-auto-sync-ppc diff --git a/subprojects/packagefiles/capstone-auto-sync-ppc/meson.build b/subprojects/packagefiles/capstone-auto-sync-ppc/meson.build deleted file mode 100644 index 708fcfdc470..00000000000 --- a/subprojects/packagefiles/capstone-auto-sync-ppc/meson.build +++ /dev/null @@ -1,98 +0,0 @@ -project('capstone', 'c', version: '5.0', meson_version: '>=0.55.0') - -cs_files = [ - 'arch/AArch64/AArch64BaseInfo.c', - 'arch/AArch64/AArch64Disassembler.c', - 'arch/AArch64/AArch64InstPrinter.c', - 'arch/AArch64/AArch64Mapping.c', - 'arch/AArch64/AArch64Module.c', - 'arch/ARM/ARMBaseInfo.c', - 'arch/ARM/ARMDisassemblerExtension.c', - 'arch/ARM/ARMDisassembler.c', - 'arch/ARM/ARMInstPrinter.c', - 'arch/ARM/ARMMapping.c', - 'arch/ARM/ARMModule.c', - 'arch/M680X/M680XDisassembler.c', - 'arch/M680X/M680XInstPrinter.c', - 'arch/M680X/M680XModule.c', - 'arch/M68K/M68KDisassembler.c', - 'arch/M68K/M68KInstPrinter.c', - 'arch/M68K/M68KModule.c', - 'arch/Mips/MipsDisassembler.c', - 'arch/Mips/MipsInstPrinter.c', - 'arch/Mips/MipsMapping.c', - 'arch/Mips/MipsModule.c', - 'arch/PowerPC/PPCDisassembler.c', - 'arch/PowerPC/PPCInstPrinter.c', - 'arch/PowerPC/PPCMapping.c', - 'arch/PowerPC/PPCModule.c', - 'arch/Sparc/SparcDisassembler.c', - 'arch/Sparc/SparcInstPrinter.c', - 'arch/Sparc/SparcMapping.c', - 'arch/Sparc/SparcModule.c', - 'arch/SystemZ/SystemZDisassembler.c', - 'arch/SystemZ/SystemZInstPrinter.c', - 'arch/SystemZ/SystemZMapping.c', - 'arch/SystemZ/SystemZMCTargetDesc.c', - 'arch/SystemZ/SystemZModule.c', - 'arch/TMS320C64x/TMS320C64xDisassembler.c', - 'arch/TMS320C64x/TMS320C64xInstPrinter.c', - 'arch/TMS320C64x/TMS320C64xMapping.c', - 'arch/TMS320C64x/TMS320C64xModule.c', - 'arch/X86/X86ATTInstPrinter.c', - 'arch/X86/X86Disassembler.c', - 'arch/X86/X86DisassemblerDecoder.c', - 'arch/X86/X86IntelInstPrinter.c', - 'arch/X86/X86Mapping.c', - 'arch/X86/X86Module.c', - 'arch/X86/X86InstPrinterCommon.c', - 'arch/XCore/XCoreDisassembler.c', - 'arch/XCore/XCoreInstPrinter.c', - 'arch/XCore/XCoreMapping.c', - 'arch/XCore/XCoreModule.c', - 'arch/TriCore/TriCoreDisassembler.c', - 'arch/TriCore/TriCoreInstPrinter.c', - 'arch/TriCore/TriCoreMapping.c', - 'arch/TriCore/TriCoreModule.c', - 'cs.c', - 'Mapping.c', - 'MCInst.c', - 'MCInstrDesc.c', - 'MCInstPrinter.c', - 'MCRegisterInfo.c', - 'SStream.c', - 'Mapping.c', - 'utils.c', -] - -capstone_includes = [include_directories('include'), include_directories('include/capstone')] - -libcapstone_c_args = [ - '-DCAPSTONE_X86_ATT_DISABLE_NO', - '-DCAPSTONE_X86_REDUCE_NO', - '-DCAPSTONE_USE_SYS_DYN_MEM', - '-DCAPSTONE_DIET_NO', - '-DCAPSTONE_HAS_ARM', - '-DCAPSTONE_HAS_ARM64', - '-DCAPSTONE_HAS_M68K', - '-DCAPSTONE_HAS_M680X', - '-DCAPSTONE_HAS_MIPS', - '-DCAPSTONE_HAS_POWERPC', - '-DCAPSTONE_HAS_SPARC', - '-DCAPSTONE_HAS_SYSZ', - '-DCAPSTONE_HAS_X86', - '-DCAPSTONE_HAS_XCORE', - '-DCAPSTONE_HAS_TMS320C64X', - '-DCAPSTONE_HAS_TRICORE', -] - -libcapstone = library('capstone', cs_files, - c_args: libcapstone_c_args, - include_directories: capstone_includes, - implicit_include_directories: false -) - -capstone_dep = declare_dependency( - link_with: libcapstone, - include_directories: capstone_includes -) From 8bfc6910edca9b87c572e2ce818ae02c0de7e107 Mon Sep 17 00:00:00 2001 From: Rot127 Date: Mon, 25 Sep 2023 11:14:00 -0500 Subject: [PATCH 106/106] Set correct commit hash --- subprojects/capstone-next.wrap | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/subprojects/capstone-next.wrap b/subprojects/capstone-next.wrap index 9b86501c59e..820104cdfdf 100644 --- a/subprojects/capstone-next.wrap +++ b/subprojects/capstone-next.wrap @@ -1,5 +1,5 @@ [wrap-git] url = https://github.com/capstone-engine/capstone.git -revision = fa0b8187be89f2a21fca719a33b4058de86d8edf +revision = 1fc1011d669c893ecd7cb107d3a8e4976ff10e19 directory = capstone-next patch_directory = capstone-next