7 #include <capstone/capstone.h>
8 #include <capstone/arm.h>
12 #include "../arch/arm/arm_cs.h"
13 #include "../arch/arm/arm_accessors32.h"
14 #include "../arch/arm/arm_accessors64.h"
15 #include "../../asm/arch/arm/arm_it.h"
174 pj_ka(pj,
"operands");
175 cs_arm *
x = &insn->detail->arm;
176 for (
i = 0;
i <
x->op_count;
i++) {
181 pj_ks(pj,
"type",
"reg");
185 pj_ks(pj,
"type",
"imm");
189 pj_ks(pj,
"type",
"mem");
196 pj_ki(pj,
"scale",
op->mem.scale);
197 pj_ki(pj,
"disp",
op->mem.disp);
200 pj_ks(pj,
"type",
"fp");
204 pj_ks(pj,
"type",
"cimm");
208 pj_ks(pj,
"type",
"pimm");
212 pj_ks(pj,
"type",
"setend");
213 switch (
op->setend) {
215 pj_ks(pj,
"value",
"be");
218 pj_ks(pj,
"value",
"le");
221 pj_ks(pj,
"value",
"invalid");
226 pj_ks(pj,
"type",
"sysreg");
234 pj_ks(pj,
"type",
"invalid");
239 switch (
op->shift.type) {
261 if (
op->vector_index != -1) {
262 pj_ki(pj,
"vector_index",
op->vector_index);
264 if (
op->subtracted) {
265 pj_kb(pj,
"subtracted",
true);
271 pj_kb(pj,
"usermode",
true);
273 if (
x->update_flags) {
274 pj_kb(pj,
"update_flags",
true);
277 pj_kb(pj,
"writeback",
true);
279 if (
x->vector_size) {
280 pj_ki(pj,
"vector_size",
x->vector_size);
286 pj_ki(pj,
"cps_mode",
x->cps_mode);
289 pj_ki(pj,
"cps_flag",
x->cps_flag);
295 pj_ki(pj,
"mem_barrier",
x->mem_barrier - 1);
399 #if CS_API_MAJOR == 4
400 static const char *vess_name(
arm64_vess vess) {
423 pj_ka(pj,
"operands");
425 for (
i = 0;
i <
x->op_count;
i++) {
430 pj_ks(pj,
"type",
"reg");
434 pj_ks(pj,
"type",
"reg_mrs");
438 pj_ks(pj,
"type",
"reg_msr");
442 pj_ks(pj,
"type",
"imm");
446 pj_ks(pj,
"type",
"mem");
453 pj_ki(pj,
"disp",
op->mem.disp);
456 pj_ks(pj,
"type",
"fp");
460 pj_ks(pj,
"type",
"cimm");
464 pj_ks(pj,
"type",
"pstate");
465 switch (
op->pstate) {
467 pj_ks(pj,
"value",
"spsel");
470 pj_ks(pj,
"value",
"daifset");
473 pj_ks(pj,
"value",
"daifclr");
476 pj_ki(pj,
"value",
op->pstate);
480 pj_ks(pj,
"type",
"sys");
484 pj_ks(pj,
"type",
"prefetch");
485 pj_ki(pj,
"value",
op->prefetch - 1);
488 pj_ks(pj,
"type",
"prefetch");
489 pj_ki(pj,
"value",
op->barrier - 1);
492 pj_ks(pj,
"type",
"invalid");
497 switch (
op->shift.type) {
499 pj_ks(pj,
"type",
"lsl");
502 pj_ks(pj,
"type",
"msl");
505 pj_ks(pj,
"type",
"lsr");
508 pj_ks(pj,
"type",
"asr");
511 pj_ks(pj,
"type",
"ror");
522 if (
op->vector_index != -1) {
523 pj_ki(pj,
"vector_index",
op->vector_index);
528 #if CS_API_MAJOR == 4
530 pj_ks(pj,
"vess", vess_name(
op->vess));
536 if (
x->update_flags) {
537 pj_kb(pj,
"update_flags",
true);
540 pj_kb(pj,
"writeback",
true);
585 #if CS_API_MAJOR >= 4
603 switch (insn->detail->arm64.cc) {
616 case ARM64_INS_PACDA:
617 case ARM64_INS_PACDB:
618 case ARM64_INS_PACDZA:
619 case ARM64_INS_PACDZB:
620 case ARM64_INS_PACGA:
621 case ARM64_INS_PACIA:
622 case ARM64_INS_PACIA1716:
623 case ARM64_INS_PACIASP:
624 case ARM64_INS_PACIAZ:
625 case ARM64_INS_PACIB:
626 case ARM64_INS_PACIB1716:
627 case ARM64_INS_PACIBSP:
628 case ARM64_INS_PACIBZ:
629 case ARM64_INS_PACIZA:
630 case ARM64_INS_PACIZB:
631 case ARM64_INS_AUTDA:
632 case ARM64_INS_AUTDB:
633 case ARM64_INS_AUTDZA:
634 case ARM64_INS_AUTDZB:
635 case ARM64_INS_AUTIA:
636 case ARM64_INS_AUTIA1716:
637 case ARM64_INS_AUTIASP:
638 case ARM64_INS_AUTIAZ:
639 case ARM64_INS_AUTIB:
640 case ARM64_INS_AUTIB1716:
641 case ARM64_INS_AUTIBSP:
642 case ARM64_INS_AUTIBZ:
643 case ARM64_INS_AUTIZA:
644 case ARM64_INS_AUTIZB:
645 case ARM64_INS_XPACD:
646 case ARM64_INS_XPACI:
647 case ARM64_INS_XPACLRI:
670 op->stackptr =
IMM(1);
675 op->val =
op->stackptr;
705 op->stackptr = -
IMM(1);
710 op->val =
op->stackptr;
938 op->ptr = (
d < 0) ? -
d :
d;
944 case ARM64_INS_BLRAA:
945 case ARM64_INS_BLRAAZ:
946 case ARM64_INS_BLRAB:
947 case ARM64_INS_BLRABZ:
952 case ARM64_INS_BRAAZ:
954 case ARM64_INS_BRABZ:
958 case ARM64_INS_LDRAA:
959 case ARM64_INS_LDRAB:
963 case ARM64_INS_RETAA:
964 case ARM64_INS_RETAB:
965 case ARM64_INS_ERETAA:
966 case ARM64_INS_ERETAB:
1008 if (insn->detail->arm64.operands[0].reg ==
ARM64_REG_LR) {
1010 }
else if (insn->detail->arm64.cc) {
1028 const int pcdelta = thumb ? 4 : 8;
1042 #if CS_API_MAJOR >= 4
1067 These
instructions cause
a PC-relative forward
branch using a table of single
byte offsets (TBB) or halfword offsets (TBH). Rn
provides a pointer
to the table, and Rm supplies an index into the table. The
branch length is twice the
value of the byte (TBB) or the halfword (TBH) returned
from the table. The target of the
branch table must be
in the same execution
state.
1069 jmp $$ + 4 + ( [
delta] * 2 )
1110 op->stackptr = -4LL * insn->detail->arm.op_count;
1120 for (
i = 0;
i < insn->detail->arm.op_count;
i++) {
1121 if (insn->detail->arm.operands[
i].type ==
ARM_OP_REG &&
1122 insn->detail->arm.operands[
i].reg ==
ARM_REG_PC) {
1123 if (insn->detail->arm.cc ==
ARM_CC_AL) {
1137 op->stackptr =
IMM(1);
1140 op->stackptr =
IMM(2);
1142 op->val =
op->stackptr;
1156 op->stackptr = -
IMM(1);
1159 op->stackptr = -
IMM(2);
1161 op->val =
op->stackptr;
1285 op->stackptr = 4LL * insn->detail->arm.op_count;
1351 if (insn->detail->arm.cc !=
ARM_CC_AL) {
1400 op->hint.new_bits = (
a->bits == 32) ? 16 : 32;
1411 op->hint.new_bits =
a->bits;
1419 if (
op->jump ==
op->fail) {
1430 }
else if (insn->detail->arm.cc ==
ARM_CC_AL) {
1439 op->hint.new_bits =
a->bits;
1456 op->jump = (
addr & ~3LL) + pcdelta;
1457 op->hint.new_bits = 32;
1501 cc_name(insn->detail->arm.cc),
1502 insn->op_str[0] ?
" " :
"",
1514 switch (armop.
type) {
1539 "x0",
"x1",
"x2",
"x3",
"x4",
1540 "x5",
"x6",
"x7",
"x8",
"x9",
1541 "x10",
"x11",
"x12",
"x13",
"x14",
1542 "x15",
"x16",
"x17",
"x18",
"x19",
1543 "x20",
"x21",
"x22",
"x23",
"x24",
1544 "x25",
"x26",
"x27",
"x28",
"x29",
1550 switch (armop.
type) {
1567 if (*reg_base && *(*reg_base)->
name ==
'w') {
1604 switch (arm64op.
type) {
1620 switch (armop.
type) {
1626 #if CS_API_MAJOR > 3
1651 int count =
bits == 64 ? insn->detail->arm64.op_count : insn->detail->arm.op_count;
1674 #if CS_API_MAJOR > 3
1690 for (j = 0; j < 3; j++,
i++) {
1710 for (j = 0; j < 3 && j <
count; j++) {
1720 if (!insn->detail) {
1732 if (!(
op & (1 << 23))) {
1733 detail->operands[2].subtracted =
true;
1742 cs_insn *insn =
NULL;
1746 if (
a->cpu && strstr(
a->cpu,
"cortex")) {
1750 if (
mode !=
ctx->omode ||
a->bits !=
ctx->obits) {
1754 ctx->obits =
a->bits;
1756 op->size = (
a->bits == 16) ? 2 : 4;
1758 if (
ctx->handle == 0) {
1766 int haa = hackyArmAnal(
a,
op,
buf,
len);
1782 insn->op_str[0] ?
" " :
"",
1786 bool thumb =
a->bits == 16;
1787 op->size = insn->size;
1789 if (
a->bits == 64) {
1824 if (analysis->
bits == 64) {
1825 const char *snReg = (!strcmp(analysis->
os,
"android") || !strcmp(analysis->
os,
"linux")) ?
"x8" :
"x16";
1851 "gpr x10 .64 80 0\n"
1852 "gpr x11 .64 88 0\n"
1853 "gpr x12 .64 96 0\n"
1854 "gpr x13 .64 104 0\n"
1855 "gpr x14 .64 112 0\n"
1856 "gpr x15 .64 120 0\n"
1857 "gpr x16 .64 128 0\n"
1858 "gpr x17 .64 136 0\n"
1859 "gpr x18 .64 144 0\n"
1860 "gpr x19 .64 152 0\n"
1861 "gpr x20 .64 160 0\n"
1862 "gpr x21 .64 168 0\n"
1863 "gpr x22 .64 176 0\n"
1864 "gpr x23 .64 184 0\n"
1865 "gpr x24 .64 192 0\n"
1866 "gpr x25 .64 200 0\n"
1867 "gpr x26 .64 208 0\n"
1868 "gpr x27 .64 216 0\n"
1869 "gpr x28 .64 224 0\n"
1870 "gpr x29 .64 232 0\n"
1871 "gpr x30 .64 240 0\n"
1872 "gpr tmp .64 288 0\n"
1884 "gpr w10 .32 80 0\n"
1885 "gpr w11 .32 88 0\n"
1886 "gpr w12 .32 96 0\n"
1887 "gpr w13 .32 104 0\n"
1888 "gpr w14 .32 112 0\n"
1889 "gpr w15 .32 120 0\n"
1890 "gpr w16 .32 128 0\n"
1891 "gpr w17 .32 136 0\n"
1892 "gpr w18 .32 144 0\n"
1893 "gpr w19 .32 152 0\n"
1894 "gpr w20 .32 160 0\n"
1895 "gpr w21 .32 168 0\n"
1896 "gpr w22 .32 176 0\n"
1897 "gpr w23 .32 184 0\n"
1898 "gpr w24 .32 192 0\n"
1899 "gpr w25 .32 200 0\n"
1900 "gpr w26 .32 208 0\n"
1901 "gpr w27 .32 216 0\n"
1902 "gpr w28 .32 224 0\n"
1903 "gpr w29 .32 232 0\n"
1904 "gpr w30 .32 240 0\n"
1905 "gpr wsp .32 248 0\n"
1909 "gpr fp .64 232 0\n"
1910 "gpr lr .64 240 0\n"
1911 "gpr sp .64 248 0\n"
1912 "gpr pc .64 256 0\n"
1916 "flg pstate .64 280 0 _____tfiae_____________j__qvczn\n"
1918 "flg vf .1 280.28 0 overflow\n"
1919 "flg cf .1 280.29 0 carry\n"
1920 "flg zf .1 280.30 0 zero\n"
1921 "flg nf .1 280.31 0 sign\n"
1934 "fpu d10 .64 80 0\n"
1935 "fpu d11 .64 88 0\n"
1936 "fpu d12 .64 96 0\n"
1937 "fpu d13 .64 104 0\n"
1938 "fpu d14 .64 112 0\n"
1939 "fpu d15 .64 120 0\n"
1940 "fpu d16 .64 128 0\n"
1941 "fpu d17 .64 136 0\n"
1942 "fpu d18 .64 144 0\n"
1943 "fpu d19 .64 152 0\n"
1944 "fpu d20 .64 160 0\n"
1945 "fpu d21 .64 168 0\n"
1946 "fpu d22 .64 176 0\n"
1947 "fpu d23 .64 184 0\n"
1948 "fpu d24 .64 192 0\n"
1949 "fpu d25 .64 200 0\n"
1950 "fpu d26 .64 208 0\n"
1951 "fpu d27 .64 216 0\n"
1952 "fpu d28 .64 224 0\n"
1953 "fpu d29 .64 232 0\n"
1954 "fpu d30 .64 240 0\n"
1955 "fpu dsp .64 248 0\n"
1967 "fpu s10 .32 80 0\n"
1968 "fpu s11 .32 88 0\n"
1969 "fpu s12 .32 96 0\n"
1970 "fpu s13 .32 104 0\n"
1971 "fpu s14 .32 112 0\n"
1972 "fpu s15 .32 120 0\n"
1973 "fpu s16 .32 128 0\n"
1974 "fpu s17 .32 136 0\n"
1975 "fpu s18 .32 144 0\n"
1976 "fpu s19 .32 152 0\n"
1977 "fpu s20 .32 160 0\n"
1978 "fpu s21 .32 168 0\n"
1979 "fpu s22 .32 176 0\n"
1980 "fpu s23 .32 184 0\n"
1981 "fpu s24 .32 192 0\n"
1982 "fpu s25 .32 200 0\n"
1983 "fpu s26 .32 208 0\n"
1984 "fpu s27 .32 216 0\n"
1985 "fpu s28 .32 224 0\n"
1986 "fpu s29 .32 232 0\n"
1987 "fpu s30 .32 240 0\n"
1999 "fpu h10 .16 80 0\n"
2000 "fpu h11 .16 88 0\n"
2001 "fpu h12 .16 96 0\n"
2002 "fpu h13 .16 104 0\n"
2003 "fpu h14 .16 112 0\n"
2004 "fpu h15 .16 120 0\n"
2005 "fpu h16 .16 128 0\n"
2006 "fpu h17 .16 136 0\n"
2007 "fpu h18 .16 144 0\n"
2008 "fpu h19 .16 152 0\n"
2009 "fpu h20 .16 160 0\n"
2010 "fpu h21 .16 168 0\n"
2011 "fpu h22 .16 176 0\n"
2012 "fpu h23 .16 184 0\n"
2013 "fpu h24 .16 192 0\n"
2014 "fpu h25 .16 200 0\n"
2015 "fpu h26 .16 208 0\n"
2016 "fpu h27 .16 216 0\n"
2017 "fpu h28 .16 224 0\n"
2018 "fpu h29 .16 232 0\n"
2019 "fpu h30 .16 240 0\n"
2034 "fpu b13 .8 104 0\n"
2035 "fpu b14 .8 112 0\n"
2036 "fpu b15 .8 120 0\n"
2037 "fpu b16 .8 128 0\n"
2038 "fpu b17 .8 136 0\n"
2039 "fpu b18 .8 144 0\n"
2040 "fpu b19 .8 152 0\n"
2041 "fpu b20 .8 160 0\n"
2042 "fpu b21 .8 168 0\n"
2043 "fpu b22 .8 176 0\n"
2044 "fpu b23 .8 184 0\n"
2045 "fpu b24 .8 192 0\n"
2046 "fpu b25 .8 200 0\n"
2047 "fpu b26 .8 208 0\n"
2048 "fpu b27 .8 216 0\n"
2049 "fpu b28 .8 224 0\n"
2050 "fpu b29 .8 232 0\n"
2051 "fpu b30 .8 240 0\n"
2052 "fpu bsp .8 248 0\n";
2087 "gpr r10 .32 40 0\n"
2088 "gpr r11 .32 44 0\n"
2089 "gpr r12 .32 48 0\n"
2090 "gpr r13 .32 52 0\n"
2091 "gpr r14 .32 56 0\n"
2092 "gpr r15 .32 60 0\n"
2093 "flg cpsr .32 64 0\n"
2104 "flg tf .1 .517 0 thumb\n"
2108 "flg ef .1 .521 0 endian\n"
2109 "flg itc .4 .522 0 if_then_count\n"
2111 "flg gef .4 .528 0 great_or_equal\n"
2112 "flg jf .1 .536 0 java\n"
2114 "flg qf .1 .539 0 sticky_overflow\n"
2115 "flg vf .1 .540 0 overflow\n"
2116 "flg cf .1 .541 0 carry\n"
2117 "flg zf .1 .542 0 zero\n"
2118 "flg nf .1 .543 0 negative\n"
2130 "fpu s8 .32 100 0\n"
2131 "fpu s9 .32 104 0\n"
2132 "fpu s10 .32 108 0\n"
2133 "fpu s11 .32 112 0\n"
2134 "fpu s12 .32 116 0\n"
2135 "fpu s13 .32 120 0\n"
2136 "fpu s14 .32 124 0\n"
2137 "fpu s15 .32 128 0\n"
2138 "fpu s16 .32 132 0\n"
2139 "fpu s17 .32 136 0\n"
2140 "fpu s18 .32 140 0\n"
2141 "fpu s19 .32 144 0\n"
2142 "fpu s20 .32 148 0\n"
2143 "fpu s21 .32 152 0\n"
2144 "fpu s22 .32 156 0\n"
2145 "fpu s23 .32 160 0\n"
2146 "fpu s24 .32 164 0\n"
2147 "fpu s25 .32 168 0\n"
2148 "fpu s26 .32 172 0\n"
2149 "fpu s27 .32 176 0\n"
2150 "fpu s28 .32 180 0\n"
2151 "fpu s29 .32 184 0\n"
2152 "fpu s30 .32 188 0\n"
2153 "fpu s31 .32 192 0\n"
2160 "fpu d4 .64 100 0\n"
2161 "fpu d5 .64 108 0\n"
2162 "fpu d6 .64 116 0\n"
2163 "fpu d7 .64 124 0\n"
2164 "fpu d8 .64 132 0\n"
2165 "fpu d9 .64 140 0\n"
2166 "fpu d10 .64 148 0\n"
2167 "fpu d11 .64 156 0\n"
2168 "fpu d12 .64 164 0\n"
2169 "fpu d13 .64 172 0\n"
2170 "fpu d14 .64 180 0\n"
2171 "fpu d15 .64 188 0\n"
2172 "fpu d16 .64 196 0\n"
2173 "fpu d17 .64 204 0\n"
2174 "fpu d18 .64 212 0\n"
2175 "fpu d19 .64 220 0\n"
2176 "fpu d20 .64 228 0\n"
2177 "fpu d21 .64 236 0\n"
2178 "fpu d22 .64 244 0\n"
2179 "fpu d23 .64 252 0\n"
2180 "fpu d24 .64 260 0\n"
2181 "fpu d25 .64 268 0\n"
2182 "fpu d26 .64 276 0\n"
2183 "fpu d27 .64 284 0\n"
2184 "fpu d28 .64 292 0\n"
2185 "fpu d29 .64 300 0\n"
2186 "fpu d30 .64 308 0\n"
2187 "fpu d31 .64 316 0\n"
2190 "fpu q0 .128 68 0\n"
2191 "fpu q1 .128 84 0\n"
2192 "fpu q2 .128 100 0\n"
2193 "fpu q3 .128 116 0\n"
2194 "fpu q4 .128 132 0\n"
2195 "fpu q5 .128 148 0\n"
2196 "fpu q6 .128 164 0\n"
2197 "fpu q7 .128 180 0\n"
2198 "fpu q8 .128 196 0\n"
2199 "fpu q9 .128 212 0\n"
2200 "fpu q10 .128 228 0\n"
2201 "fpu q11 .128 244 0\n"
2202 "fpu q12 .128 260 0\n"
2203 "fpu q13 .128 276 0\n"
2204 "fpu q14 .128 292 0\n"
2205 "fpu q15 .128 308 0\n";
2215 if (analysis && analysis->
bits == 16) {
2224 if (analysis && analysis->
bits == 16) {
2235 int oplen,
idx = 0, obits = analysis->
bits;
2249 if (hint->
bits != 0) {
2259 if ((oplen * 8) >
size -
idx) {
2268 if (analysis->
bits == 64) {
2311 bool is_literal = (opcode & 0x38000000) == 0x18000000;
2349 analysis->
bits = obits;
2356 #define KW(d, ds, m, ms) rz_list_append(l, rz_search_keyword_new((const ut8 *)d, ds, (const ut8 *)m, ms, NULL))
2358 switch (analysis->
bits) {
2360 KW(
"\x00\xb5", 2,
"\x0f\xff", 2);
2361 KW(
"\x08\xb5", 2,
"\x0f\xff", 2);
2364 KW(
"\x00\x00\x2d\xe9", 4,
"\x0f\x0f\xff\xff", 4);
2367 KW(
"\xf0\x0f\x00\xf8", 4,
"\xf0\x0f\x00\xff", 4);
2368 KW(
"\xf0\x00\x00\xd1", 4,
"\xf0\x00\x00\xff", 4);
2369 KW(
"\xf0\x00\x00\xa9", 4,
"\xf0\x00\x00\xff", 4);
2370 KW(
"\x7f\x23\x03\xd5\xff", 5,
NULL, 0);
2381 return bits == 16 ? 32 : -1;
2407 if (analysis->
bits == 64) {
2415 .desc =
"Capstone ARM analyzer",
2423 .bits = 16 | 32 | 64,
2431 #ifndef RZ_PLUGIN_INCORE
RZ_API RzAnalysisValue * rz_analysis_value_new(void)
static ut8 * analysis_mask(RzAnalysis *analysis, int size, const ut8 *data, ut64 at)
static int cond_cs2r2(int cc)
static void op_fillval(RzAnalysis *analysis, RzAnalysisOp *op, csh handle, cs_insn *insn, int bits)
static bool is_valid64(arm64_reg reg)
static char * get_reg_profile(RzAnalysis *analysis)
static void opex64(RzStrBuf *buf, csh handle, cs_insn *insn)
static RzAnalysisILConfig * il_config(RzAnalysis *analysis)
static void create_src_dst(RzAnalysisOp *op)
static const char * cc_name(arm_cc cc)
static const char * cc_name64(arm64_cc cc)
static void opex(RzStrBuf *buf, csh handle, cs_insn *insn)
struct arm_cs_context_t ArmCSContext
static const char * extender_name(arm64_extender extender)
RZ_API RzLibStruct rizin_plugin
static int parse_reg_name(RzReg *reg, RzRegItem **reg_base, RzRegItem **reg_delta, csh handle, cs_insn *insn, int reg_num)
static void anop64(ArmCSContext *ctx, RzAnalysisOp *op, cs_insn *insn)
static int analysis_op(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf, int len, RzAnalysisOpMask mask)
static void set_src_dst(RzAnalysisValue *val, RzReg *reg, csh *handle, cs_insn *insn, int x, int bits)
static const char * shift_type_name(arm_shifter type)
RzAnalysisPlugin rz_analysis_plugin_arm_cs
static int address_bits(RzAnalysis *analysis, int bits)
static void anop32(RzAnalysis *a, csh handle, RzAnalysisOp *op, cs_insn *insn, bool thumb, const ut8 *buf, int len)
static void set_opdir(RzAnalysisOp *op)
static const char * vas_name(arm64_vas vas)
static const char * vector_data_type_name(arm_vectordata_type type)
static bool init(void **user)
static int archinfo(RzAnalysis *analysis, int q)
static bool is_valid(arm_reg reg)
static int parse_reg64_name(RzReg *reg, RzRegItem **reg_base, RzRegItem **reg_delta, csh handle, cs_insn *insn, int reg_num)
static RzList * analysis_preludes(RzAnalysis *analysis)
static void patch_capstone_bugs(cs_insn *insn, int bits, bool big_endian)
static bool fini(void *user)
RZ_IPI int rz_arm_cs_analysis_op_32_esil(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf, int len, csh *handle, cs_insn *insn, bool thumb)
RZ_IPI RzAnalysisILConfig * rz_arm_cs_64_il_config(bool big_endian)
RZ_IPI RzAnalysisILConfig * rz_arm_cs_32_il_config(bool big_endian)
RZ_IPI RzILOpEffect * rz_arm_cs_64_il(csh *handle, cs_insn *insn)
RZ_IPI RzILOpEffect * rz_arm_cs_32_il(csh *handle, cs_insn *insn, bool thumb)
RZ_IPI int rz_arm_cs_analysis_op_64_esil(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf, int len, csh *handle, cs_insn *insn)
#define PC(addr, is_thumb)
RZ_API void rz_arm_it_context_fini(RzArmITContext *ctx)
RZ_API void rz_arm_it_context_init(RzArmITContext *ctx)
RZ_API void rz_arm_it_update_nonblock(RzArmITContext *ctx, cs_insn *insn)
RZ_API bool rz_arm_it_apply_cond(RzArmITContext *ctx, cs_insn *insn)
RZ_API void rz_arm_it_update_block(RzArmITContext *ctx, cs_insn *insn)
static mcore_handle handle
static const AvrInstruction instructions[]
int bits(struct state *s, int need)
const lzma_allocator const uint8_t * in
arm64_vess
Vector element size specifier.
@ ARM64_OP_FP
= CS_OP_FP (Floating-Point operand).
@ ARM64_OP_PSTATE
PState operand.
@ ARM64_OP_BARRIER
Memory barrier operand (ISB/DMB/DSB instructions).
@ ARM64_OP_REG
= CS_OP_REG (Register operand).
@ ARM64_OP_PREFETCH
Prefetch operand (PRFM).
@ ARM64_OP_MEM
= CS_OP_MEM (Memory operand).
@ ARM64_OP_SYS
SYS operand for IC/DC/AT/TLBI instructions.
@ ARM64_OP_REG_MRS
MRS register operand.
@ ARM64_OP_CIMM
C-Immediate.
@ ARM64_OP_IMM
= CS_OP_IMM (Immediate operand).
@ ARM64_OP_REG_MSR
MSR register operand.
arm64_vas
Vector arrangement specifier (for FloatingPoint/Advanced SIMD insn)
@ ARM64_GRP_PRIVILEGE
= CS_GRP_PRIVILEGE
arm64_reg
ARM64 registers.
arm64_extender
ARM64 extender type.
arm64_cc
ARM64 condition code.
@ ARM64_CC_HS
Unsigned higher or same: >, ==, or unordered.
@ ARM64_CC_NV
Always (unconditional): Always (unconditional)
@ ARM64_CC_PL
Plus, positive or zero: >, ==, or unordered.
@ ARM64_CC_LT
Less than: Less than, or unordered.
@ ARM64_CC_VC
No overflow: Ordered.
@ ARM64_CC_LS
Unsigned lower or same: Less than or equal.
@ ARM64_CC_GE
Greater than or equal: Greater than or equal.
@ ARM64_CC_GT
Signed greater than: Greater than.
@ ARM64_CC_NE
Not equal: Not equal, or unordered.
@ ARM64_CC_AL
Always (unconditional): Always (unconditional)
@ ARM64_CC_LO
Unsigned lower or same: Less than.
@ ARM64_CC_VS
Overflow: Unordered.
@ ARM64_CC_HI
Unsigned higher: Greater than, or unordered.
@ ARM64_CC_LE
Signed less than or equal: <, ==, or unordered.
@ ARM64_CC_MI
Minus, negative: Less than.
arm_shifter
ARM shift type.
@ ARM_SFT_ROR_REG
shift with register
@ ARM_SFT_ASR
shift with immediate const
@ ARM_SFT_LSR_REG
shift with register
@ ARM_SFT_LSL_REG
shift with register
@ ARM_SFT_ROR
shift with immediate const
@ ARM_SFT_LSL
shift with immediate const
@ ARM_SFT_RRX_REG
shift with register
@ ARM_SFT_LSR
shift with immediate const
@ ARM_SFT_RRX
shift with immediate const
@ ARM_SFT_ASR_REG
shift with register
@ ARM_SETEND_LE
LE operand.
@ ARM_SETEND_BE
BE operand.
@ ARM_GRP_PRIVILEGE
= CS_GRP_PRIVILEGE
@ ARM_OP_IMM
= CS_OP_IMM (Immediate operand).
@ ARM_OP_REG
= CS_OP_REG (Register operand).
@ ARM_OP_CIMM
C-Immediate (coprocessor registers)
@ ARM_OP_SETEND
operand for SETEND instruction
@ ARM_OP_PIMM
P-Immediate (coprocessor registers)
@ ARM_OP_MEM
= CS_OP_MEM (Memory operand).
@ ARM_OP_FP
= CS_OP_FP (Floating-Point operand).
@ ARM_OP_SYSREG
MSR/MRS special register operand.
arm_cc
ARM condition code.
@ ARM_CC_GT
Greater than Greater than.
@ ARM_CC_LE
Less than or equal <, ==, or unordered.
@ ARM_CC_AL
Always (unconditional) Always (unconditional)
@ ARM_CC_HI
Unsigned higher Greater than, or unordered.
@ ARM_CC_VC
No overflow Not unordered.
@ ARM_CC_LS
Unsigned lower or same Less than or equal.
@ ARM_CC_GE
Greater than or equal Greater than or equal.
@ ARM_CC_VS
Overflow Unordered.
@ ARM_CC_PL
Plus, positive or zero >, ==, or unordered.
@ ARM_CC_NE
Not equal Not equal, or unordered.
@ ARM_CC_LO
Carry clear Less than.
@ ARM_CC_LT
Less than Less than, or unordered.
@ ARM_CC_HS
Carry set >, ==, or unordered.
@ ARM_CC_MI
Minus, negative Less than.
arm_vectordata_type
Data type for elements of vector instructions.
@ CS_ARCH_ARM64
ARM-64, also called AArch64.
@ CS_ARCH_ARM
ARM architecture (including Thumb, Thumb-2)
@ CS_MODE_MCLASS
ARM's Cortex-M series.
@ CS_MODE_BIG_ENDIAN
big-endian mode
@ CS_MODE_THUMB
ARM's Thumb mode, including Thumb-2.
@ CS_MODE_LITTLE_ENDIAN
little-endian mode (default mode)
@ CS_OPT_DETAIL
Break down instruction structure into details.
@ CS_OPT_ON
Turn ON an option (CS_OPT_DETAIL, CS_OPT_SKIPDATA).
@ CS_AC_WRITE
Operand write to memory or register.
CAPSTONE_EXPORT size_t CAPSTONE_API cs_disasm(csh ud, const uint8_t *buffer, size_t size, uint64_t offset, size_t count, cs_insn **insn)
CAPSTONE_EXPORT cs_err CAPSTONE_API cs_open(cs_arch arch, cs_mode mode, csh *handle)
CAPSTONE_EXPORT bool CAPSTONE_API cs_insn_group(csh ud, const cs_insn *insn, unsigned int group_id)
CAPSTONE_EXPORT void CAPSTONE_API cs_free(cs_insn *insn, size_t count)
CAPSTONE_EXPORT const char *CAPSTONE_API cs_reg_name(csh ud, unsigned int reg)
CAPSTONE_EXPORT cs_err CAPSTONE_API cs_close(csh *handle)
CAPSTONE_EXPORT cs_err CAPSTONE_API cs_option(csh ud, cs_opt_type type, size_t value)
static static sync static getppid static getegid const char static filename char static len const char char static bufsiz static mask static vfork const void static prot static getpgrp const char static swapflags static arg static fd static protocol static who struct sockaddr static addrlen static backlog struct timeval struct timezone static tz const struct iovec static count static mode const void const struct sockaddr static tolen const char static pathname void count
static static sync static getppid static getegid const char static filename char static len const char char static bufsiz static mask static vfork const void static prot static getpgrp const char static swapflags static arg static fd static protocol static who struct sockaddr static addrlen static backlog struct timeval struct timezone static tz const struct iovec static count static mode const void const struct sockaddr static tolen const char static pathname void static offset struct stat static buf void long static basep static whence static length const void static len static semflg const void static shmflg const struct timespec struct timespec static rem const char static group const void length
RZ_API RzAnalysisHint * rz_analysis_hint_get(RzAnalysis *a, ut64 addr)
RZ_API void Ht_() free(HtName_(Ht) *ht)
RZ_API void rz_search_keyword_free(RzSearchKeyword *kw)
return memset(p, 0, total)
memcpy(mem, inblock.get(), min(CONTAINING_RECORD(inblock.get(), MEMBLOCK, data) ->size, size))
RZ_API RZ_OWN RzList * rz_list_newf(RzListFree f)
Returns a new initialized RzList pointer and sets the free method.
RZ_API void rz_list_free(RZ_NONNULL RzList *list)
Empties the list and frees the list pointer.
void * malloc(size_t size)
return strdup("=SP r13\n" "=LR r14\n" "=PC r15\n" "=A0 r0\n" "=A1 r1\n" "=A2 r2\n" "=A3 r3\n" "=ZF zf\n" "=SF nf\n" "=OF vf\n" "=CF cf\n" "=SN or0\n" "gpr lr .32 56 0\n" "gpr pc .32 60 0\n" "gpr cpsr .32 64 0 ____tfiae_________________qvczn\n" "gpr or0 .32 68 0\n" "gpr tf .1 64.5 0 thumb\n" "gpr ef .1 64.9 0 endian\n" "gpr jf .1 64.24 0 java\n" "gpr qf .1 64.27 0 sticky_overflow\n" "gpr vf .1 64.28 0 overflow\n" "gpr cf .1 64.29 0 carry\n" "gpr zf .1 64.30 0 zero\n" "gpr nf .1 64.31 0 negative\n" "gpr itc .4 64.10 0 if_then_count\n" "gpr gef .4 64.16 0 great_or_equal\n" "gpr r0 .32 0 0\n" "gpr r1 .32 4 0\n" "gpr r2 .32 8 0\n" "gpr r3 .32 12 0\n" "gpr r4 .32 16 0\n" "gpr r5 .32 20 0\n" "gpr r6 .32 24 0\n" "gpr r7 .32 28 0\n" "gpr r8 .32 32 0\n" "gpr r9 .32 36 0\n" "gpr r10 .32 40 0\n" "gpr r11 .32 44 0\n" "gpr r12 .32 48 0\n" "gpr r13 .32 52 0\n" "gpr r14 .32 56 0\n" "gpr r15 .32 60 0\n" "gpr r16 .32 64 0\n" "gpr r17 .32 68 0\n")
RZ_API void rz_analysis_op_free(void *op)
RZ_API const char * rz_analysis_optype_to_string(int type)
RZ_API RzAnalysisOp * rz_analysis_op_new(void)
RZ_API RzRegItem * rz_reg_get(RzReg *reg, const char *name, int type)
#define RZ_ANALYSIS_ARCHINFO_DATA_ALIGN
#define RZ_ANALYSIS_ARCHINFO_ALIGN
@ RZ_ANALYSIS_STACK_RESET
@ RZ_ANALYSIS_OP_FAMILY_FPU
@ RZ_ANALYSIS_OP_FAMILY_THREAD
@ RZ_ANALYSIS_OP_FAMILY_CRYPTO
@ RZ_ANALYSIS_OP_FAMILY_PRIV
@ RZ_ANALYSIS_OP_FAMILY_CPU
@ RZ_ANALYSIS_OP_FAMILY_MMX
@ RZ_ANALYSIS_OP_FAMILY_VIRT
@ RZ_ANALYSIS_OP_FAMILY_SECURITY
#define RZ_ANALYSIS_ARCHINFO_MAX_OP_SIZE
@ RZ_ANALYSIS_OP_DIR_READ
@ RZ_ANALYSIS_OP_DIR_EXEC
@ RZ_ANALYSIS_OP_DIR_WRITE
@ RZ_ANALYSIS_OP_MASK_DISASM
@ RZ_ANALYSIS_OP_MASK_BASIC
@ RZ_ANALYSIS_OP_MASK_VAL
@ RZ_ANALYSIS_OP_MASK_OPEX
@ RZ_ANALYSIS_OP_MASK_ESIL
#define RZ_ANALYSIS_OP_TYPE_MASK
#define RZ_ANALYSIS_ARCHINFO_MIN_OP_SIZE
@ RZ_ANALYSIS_OP_TYPE_CMP
@ RZ_ANALYSIS_OP_TYPE_SUB
@ RZ_ANALYSIS_OP_TYPE_LOAD
@ RZ_ANALYSIS_OP_TYPE_MUL
@ RZ_ANALYSIS_OP_TYPE_ROL
@ RZ_ANALYSIS_OP_TYPE_JMP
@ RZ_ANALYSIS_OP_TYPE_AND
@ RZ_ANALYSIS_OP_TYPE_SAL
@ RZ_ANALYSIS_OP_TYPE_SYNC
@ RZ_ANALYSIS_OP_TYPE_UJMP
@ RZ_ANALYSIS_OP_TYPE_NOR
@ RZ_ANALYSIS_OP_TYPE_ROR
@ RZ_ANALYSIS_OP_TYPE_SWI
@ RZ_ANALYSIS_OP_TYPE_SAR
@ RZ_ANALYSIS_OP_TYPE_CMOV
@ RZ_ANALYSIS_OP_TYPE_TRAP
@ RZ_ANALYSIS_OP_TYPE_CALL
@ RZ_ANALYSIS_OP_TYPE_ADD
@ RZ_ANALYSIS_OP_TYPE_STORE
@ RZ_ANALYSIS_OP_TYPE_CRET
@ RZ_ANALYSIS_OP_TYPE_PUSH
@ RZ_ANALYSIS_OP_TYPE_SHR
@ RZ_ANALYSIS_OP_TYPE_POP
@ RZ_ANALYSIS_OP_TYPE_RJMP
@ RZ_ANALYSIS_OP_TYPE_CJMP
@ RZ_ANALYSIS_OP_TYPE_DIV
@ RZ_ANALYSIS_OP_TYPE_CAST
@ RZ_ANALYSIS_OP_TYPE_UCJMP
@ RZ_ANALYSIS_OP_TYPE_MOV
@ RZ_ANALYSIS_OP_TYPE_SHL
@ RZ_ANALYSIS_OP_TYPE_ILL
@ RZ_ANALYSIS_OP_TYPE_UCALL
@ RZ_ANALYSIS_OP_TYPE_NOT
@ RZ_ANALYSIS_OP_TYPE_RET
@ RZ_ANALYSIS_OP_TYPE_NOP
@ RZ_ANALYSIS_OP_TYPE_LEA
@ RZ_ANALYSIS_OP_TYPE_RCALL
@ RZ_ANALYSIS_OP_TYPE_XOR
#define rz_return_val_if_fail(expr, val)
static void rz_write_ble(void *dst, ut64 val, bool big_endian, int size)
static ut32 rz_read_ble32(const void *src, bool big_endian)
static ut64 rz_read_ble(const void *src, bool big_endian, int size)
void(* RzListFree)(void *ptr)
#define RZ_LOG_DEBUG(fmtstr,...)
RZ_API PJ * pj_ko(PJ *j, const char *k)
RZ_API PJ * pj_ka(PJ *j, const char *k)
RZ_API PJ * pj_kb(PJ *j, const char *k, bool v)
RZ_API PJ * pj_ki(PJ *j, const char *k, int d)
RZ_API PJ * pj_end(PJ *j)
RZ_API const char * pj_string(PJ *pj)
RZ_API void pj_free(PJ *j)
RZ_API PJ * pj_ks(PJ *j, const char *k, const char *v)
RZ_API PJ * pj_kn(PJ *j, const char *k, ut64 n)
RZ_API PJ * pj_kd(PJ *j, const char *k, double d)
RZ_API PJ * pj_kN(PJ *j, const char *k, st64 n)
RZ_API char * rz_str_newf(const char *fmt,...) RZ_PRINTF_CHECK(1
static const char * rz_str_get_null(const char *str)
RZ_API bool rz_strbuf_append(RzStrBuf *sb, const char *s)
RZ_API void rz_strbuf_init(RzStrBuf *sb)
RzTypeCond
Type Conditions.
@ RZ_TYPE_COND_LO
Carry clear Less than.
@ RZ_TYPE_COND_VS
Overflow Unordered.
@ RZ_TYPE_COND_LE
Less or equal.
@ RZ_TYPE_COND_GE
Greater or equal.
@ RZ_TYPE_COND_VC
No overflow Not unordered.
@ RZ_TYPE_COND_LS
Unsigned lower or same Less than or equal.
@ RZ_TYPE_COND_NV
Never executed must be a nop? :D.
@ RZ_TYPE_COND_HS
Carry set >, ==, or unordered.
@ RZ_TYPE_COND_NE
Not equal.
@ RZ_TYPE_COND_AL
Always executed (no condition)
@ RZ_TYPE_COND_MI
Minus, negative Less than.
@ RZ_TYPE_COND_HI
Unsigned higher Greater than, or unordered.
@ RZ_TYPE_COND_GT
Greater than.
@ RZ_TYPE_COND_PL
Plus, positive or zero >, ==, or unordered.
@ RZ_TYPE_COND_LT
Less than.
static struct sockaddr static addrlen static backlog const void static flags void struct sockaddr from
static struct sockaddr static addrlen static backlog const void static flags void struct sockaddr socklen_t static fromlen const void const struct sockaddr to
arm64_reg base
base register
arm64_reg index
index register
int32_t disp
displacement/offset value
int scale
scale for index register (can be 1, or -1)
arm_reg base
base register
arm_reg index
index register
arm64_reg reg
register value for REG operand
arm64_op_mem mem
base/index/scale/disp value for MEM operand
arm64_shifter type
shifter type of this operand
int64_t imm
immediate value, or index for C-IMM or IMM operand
arm_op_mem mem
base/index/scale/disp value for MEM operand
int32_t imm
immediate value for C-IMM, P-IMM or IMM operand
int reg
register value for REG/SYSREG operand
Description of the global context of an RzAnalysisILVM.
ut64(WINAPI *w32_GetEnabledXStateFeatures)()
1.9.1