1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
|
//===-- EDOperand.cpp - LLVM Enhanced Disassembler ------------------------===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
//
// This file implements the Enhanced Disassembly library's operand class. The
// operand is responsible for allowing evaluation given a particular register
// context.
//
//===----------------------------------------------------------------------===//
#include "EDOperand.h"
#include "EDDisassembler.h"
#include "EDInst.h"
#include "llvm/MC/EDInstInfo.h"
#include "llvm/MC/MCInst.h"
using namespace llvm;
EDOperand::EDOperand(const EDDisassembler &disassembler,
const EDInst &inst,
unsigned int opIndex,
unsigned int &mcOpIndex) :
Disassembler(disassembler),
Inst(inst),
OpIndex(opIndex),
MCOpIndex(mcOpIndex) {
unsigned int numMCOperands = 0;
if (Disassembler.Key.Arch == Triple::x86 ||
Disassembler.Key.Arch == Triple::x86_64) {
uint8_t operandType = inst.ThisInstInfo->operandTypes[opIndex];
switch (operandType) {
default:
break;
case kOperandTypeImmediate:
numMCOperands = 1;
break;
case kOperandTypeRegister:
numMCOperands = 1;
break;
case kOperandTypeX86Memory:
numMCOperands = 5;
break;
case kOperandTypeX86EffectiveAddress:
numMCOperands = 4;
break;
case kOperandTypeX86PCRelative:
numMCOperands = 1;
break;
}
}
else if (Disassembler.Key.Arch == Triple::arm ||
Disassembler.Key.Arch == Triple::thumb) {
uint8_t operandType = inst.ThisInstInfo->operandTypes[opIndex];
switch (operandType) {
default:
case kOperandTypeARMRegisterList:
break;
case kOperandTypeImmediate:
case kOperandTypeRegister:
case kOperandTypeARMBranchTarget:
case kOperandTypeARMSoImm:
case kOperandTypeThumb2SoImm:
case kOperandTypeARMSoImm2Part:
case kOperandTypeARMPredicate:
case kOperandTypeThumbITMask:
case kOperandTypeThumb2AddrModeImm8Offset:
case kOperandTypeARMTBAddrMode:
case kOperandTypeThumb2AddrModeImm8s4Offset:
numMCOperands = 1;
break;
case kOperandTypeThumb2SoReg:
case kOperandTypeARMAddrMode2Offset:
case kOperandTypeARMAddrMode3Offset:
case kOperandTypeARMAddrMode4:
case kOperandTypeARMAddrMode5:
case kOperandTypeARMAddrModePC:
case kOperandTypeThumb2AddrModeImm8:
case kOperandTypeThumb2AddrModeImm12:
case kOperandTypeThumb2AddrModeImm8s4:
case kOperandTypeThumbAddrModeRR:
case kOperandTypeThumbAddrModeSP:
numMCOperands = 2;
break;
case kOperandTypeARMSoReg:
case kOperandTypeARMAddrMode2:
case kOperandTypeARMAddrMode3:
case kOperandTypeThumb2AddrModeSoReg:
case kOperandTypeThumbAddrModeS1:
case kOperandTypeThumbAddrModeS2:
case kOperandTypeThumbAddrModeS4:
case kOperandTypeARMAddrMode6Offset:
numMCOperands = 3;
break;
case kOperandTypeARMAddrMode6:
numMCOperands = 4;
break;
}
}
mcOpIndex += numMCOperands;
}
EDOperand::~EDOperand() {
}
int EDOperand::evaluate(uint64_t &result,
EDRegisterReaderCallback callback,
void *arg) {
uint8_t operandType = Inst.ThisInstInfo->operandTypes[OpIndex];
switch (Disassembler.Key.Arch) {
default:
return -1;
case Triple::x86:
case Triple::x86_64:
switch (operandType) {
default:
return -1;
case kOperandTypeImmediate:
result = Inst.Inst->getOperand(MCOpIndex).getImm();
return 0;
case kOperandTypeRegister:
{
unsigned reg = Inst.Inst->getOperand(MCOpIndex).getReg();
return callback(&result, reg, arg);
}
case kOperandTypeX86PCRelative:
{
int64_t displacement = Inst.Inst->getOperand(MCOpIndex).getImm();
uint64_t ripVal;
// TODO fix how we do this
if (callback(&ripVal, Disassembler.registerIDWithName("RIP"), arg))
return -1;
result = ripVal + displacement;
return 0;
}
case kOperandTypeX86Memory:
case kOperandTypeX86EffectiveAddress:
{
unsigned baseReg = Inst.Inst->getOperand(MCOpIndex).getReg();
uint64_t scaleAmount = Inst.Inst->getOperand(MCOpIndex+1).getImm();
unsigned indexReg = Inst.Inst->getOperand(MCOpIndex+2).getReg();
int64_t displacement = Inst.Inst->getOperand(MCOpIndex+3).getImm();
//unsigned segmentReg = Inst.Inst->getOperand(MCOpIndex+4).getReg();
uint64_t addr = 0;
if (baseReg) {
uint64_t baseVal;
if (callback(&baseVal, baseReg, arg))
return -1;
addr += baseVal;
}
if (indexReg) {
uint64_t indexVal;
if (callback(&indexVal, indexReg, arg))
return -1;
addr += (scaleAmount * indexVal);
}
addr += displacement;
result = addr;
return 0;
}
}
break;
case Triple::arm:
case Triple::thumb:
switch (operandType) {
default:
return -1;
case kOperandTypeImmediate:
result = Inst.Inst->getOperand(MCOpIndex).getImm();
return 0;
case kOperandTypeRegister:
{
unsigned reg = Inst.Inst->getOperand(MCOpIndex).getReg();
return callback(&result, reg, arg);
}
case kOperandTypeARMBranchTarget:
{
int64_t displacement = Inst.Inst->getOperand(MCOpIndex).getImm();
uint64_t pcVal;
if (callback(&pcVal, Disassembler.registerIDWithName("PC"), arg))
return -1;
result = pcVal + displacement;
return 0;
}
}
}
return -1;
}
int EDOperand::isRegister() {
return(Inst.ThisInstInfo->operandFlags[OpIndex] == kOperandTypeRegister);
}
unsigned EDOperand::regVal() {
return Inst.Inst->getOperand(MCOpIndex).getReg();
}
int EDOperand::isImmediate() {
return(Inst.ThisInstInfo->operandFlags[OpIndex] == kOperandTypeImmediate);
}
uint64_t EDOperand::immediateVal() {
return Inst.Inst->getOperand(MCOpIndex).getImm();
}
int EDOperand::isMemory() {
uint8_t operandType = Inst.ThisInstInfo->operandTypes[OpIndex];
switch (operandType) {
default:
return 0;
case kOperandTypeX86Memory:
case kOperandTypeX86PCRelative:
case kOperandTypeX86EffectiveAddress:
case kOperandTypeARMSoReg:
case kOperandTypeARMSoImm:
case kOperandTypeARMAddrMode2:
case kOperandTypeARMAddrMode2Offset:
case kOperandTypeARMAddrMode3:
case kOperandTypeARMAddrMode3Offset:
case kOperandTypeARMAddrMode4:
case kOperandTypeARMAddrMode5:
case kOperandTypeARMAddrMode6:
case kOperandTypeARMAddrModePC:
case kOperandTypeARMBranchTarget:
case kOperandTypeThumbAddrModeS1:
case kOperandTypeThumbAddrModeS2:
case kOperandTypeThumbAddrModeS4:
case kOperandTypeThumbAddrModeRR:
case kOperandTypeThumbAddrModeSP:
case kOperandTypeThumb2SoImm:
case kOperandTypeThumb2AddrModeImm8:
case kOperandTypeThumb2AddrModeImm8Offset:
case kOperandTypeThumb2AddrModeImm12:
case kOperandTypeThumb2AddrModeSoReg:
case kOperandTypeThumb2AddrModeImm8s4:
return 1;
}
}
#ifdef __BLOCKS__
struct RegisterReaderWrapper {
EDOperand::EDRegisterBlock_t regBlock;
};
int readerWrapperCallback(uint64_t *value,
unsigned regID,
void *arg) {
struct RegisterReaderWrapper *wrapper = (struct RegisterReaderWrapper *)arg;
return wrapper->regBlock(value, regID);
}
int EDOperand::evaluate(uint64_t &result,
EDRegisterBlock_t regBlock) {
struct RegisterReaderWrapper wrapper;
wrapper.regBlock = regBlock;
return evaluate(result,
readerWrapperCallback,
(void*)&wrapper);
}
#endif
|