---

x86instr.cpp

Go to the documentation of this file.

/*
PeRdr - PE file disassembler
Copyright (C) 1999-2002 Frediano Ziglio
-----

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-----

INFORMATION
  www: https://freddy77.tripod.com/perdr/
  e-mail: freddy77@angelfire.com
*/
#include "global.h"
#ifdef HAVE_HDRSTOP
#pragma hdrstop
#endif

#include <cstring>
#include "x86istr.h"
#include "x86instr.h"

#define REG_INFO(reg) (*RegistryInfo::GetInfo(reg))
#define COMPLETE(reg) (REG_INFO(reg).completeReg)
#define INTERSECT(reg_a,reg_b) ( REG_INFO(reg_a).completeReg == REG_INFO(reg_b).completeReg && (REG_INFO(reg_a).partialMask&REG_INFO(reg_b).partialMask)!=0 )
#define USE_TYPE(u) static_cast<enum Instruction::UseType>(u)

enum Instruction::UseType Instruction::GetUseType(reg_t reg,Param* param) const
{
  unsigned res = useNone;
  unsigned overwriteMask = useReadWrite;

  // caso generale
  // primo parametro scrive
  // altri legge
  // se parte di indirizzamento sempre lettura
  if (numArg>0)
  {
    int i = 0;
    if (Args[0].type == Param::t_registry)
    {
      if ( INTERSECT(reg,Args[0].mem_reg1) )
      {
        if ( (REG_INFO(reg).partialMask&REG_INFO(Args[0].mem_reg1).partialMask) != REG_INFO(reg).partialMask)
          overwriteMask = useReadModify;
        res |= (useModify|useOverwrite);
      }
      i = 1;
    }
    for(;i<numArg;++i)
    {
      switch(Args[i].type)
      {
      case Param::t_memory:
        if ( Args[i].mem_reg2 != null_reg && INTERSECT(reg,Args[i].mem_reg2) )
          res |= useRead;
      case Param::t_registry:
        if ( Args[i].mem_reg1 != null_reg && INTERSECT(reg,Args[i].mem_reg1) )
          res |= useRead;
        break;
      }
    }
  }

  // !!! registri flag non gestiti
  // !!! per parziale e sovrascrittura ritorna un valore piu' grande !!
  switch(instruction)
  {
  case istr_jb:
  case istr_jbe:
  case istr_jc:
  case istr_jg:
  case istr_jl:
  case istr_jle:
  case istr_jnbe:
  case istr_jnb:
  case istr_jnc:
  case istr_jng:
  case istr_jnl:
  case istr_jnle:
  case istr_jno:
  case istr_jnp:
  case istr_jns:
  case istr_jnz:
  case istr_jo:
  case istr_jp:
  case istr_js:
  case istr_jz:
  case istr_cld:
    break;
  case istr_call:
    _PRG_ASSERT(numArg==1);
    if (res != useNone) // anche se primo operando sempre lettura
      return useRead;
    break;
  case istr_setb:
  case istr_setbe:
  case istr_setl:
  case istr_setle:
  case istr_setnb:
  case istr_setnbe:
  case istr_setnl:
  case istr_setnle:
  case istr_setno:
  case istr_setnp:
  case istr_setns:
  case istr_setnz:
  case istr_seto:
  case istr_setp:
  case istr_sets:
  case istr_setz:
    _PRG_ASSERT(numArg == 1);
    return USE_TYPE(res&useReadModify); // !!! potrebbe essere Overwrite ma cosa ci scrivo ?

  // istruzioni flag
  case istr_bts:
  case istr_btr:
  case istr_btc:

  // istruzioni shift
  case istr_shl:
  case istr_shr:
  case istr_sar:
  case istr_ror:

  case istr_sbb: // sebbene sembri simile a sub non c'e' la condizione di write
  case istr_adc:
    // !!! manca CF
  case istr_add:
    _PRG_ASSERT(numArg == 2);
    return USE_TYPE(res&useReadModify);
  case istr_not:
  case istr_neg:
  case istr_inc:
  case istr_dec:
    _PRG_ASSERT(numArg==1);
    return USE_TYPE(res&useReadModify);
  case istr_or:
  case istr_and:
    _PRG_ASSERT(numArg==2);
    // caso speciale, stesso registro in tutti gli operandi
    if ( (res&useReadWrite) == useReadWrite && Args[1].type == Param::t_registry)
      return useRead; // !!! non none, cambia flag
    return USE_TYPE(res&useReadModify);
  case istr_xor:
  case istr_sub:
    _PRG_ASSERT(numArg == 2);
    // caso speciale, stesso registro in tutti gli operandi
    if ( (res&useReadWrite) == useReadWrite && Args[1].type == Param::t_registry)
    {
      if ( (overwriteMask&useOverwrite) && param)
        *param = Param(Param::Literal,0);
      return USE_TYPE(res&overwriteMask);
    }
    return USE_TYPE(res&useReadModify);
  case istr_movsx: // !!! come viene gestito estensione ??
  case istr_movzx:
  case istr_mov:
    _PRG_ASSERT(numArg == 2);
    // caso speciale, stesso registro in tutti gli operandi
    if ( (res&useReadWrite) == useReadWrite && Args[1].type == Param::t_registry)
      return useNone;
    // sovrascrittura
    if ( (overwriteMask&useOverwrite) && param)
      *param = Args[1]; // !!! per parziale ??
    return USE_TYPE(res&overwriteMask);
  // !!! in 16 bit mode se modifico cx e chiedo ecx problemi
  case istr_repnz:
  case istr_repz:
    if (COMPLETE(reg) == REG(ecx))
      return useModify;
    break;
  case istr_stosd:
  case istr_stosw:
    if (reg == REG(ah)) return useRead;
  case istr_stosb:
    if (reg == REG(eax)) return useRead;
    if (reg == REG(ax)) return useRead;
    if (reg == REG(al)) return useRead;
    if (COMPLETE(reg) == REG(edi))
      return useModify;
    break;
  case istr_movsb:
  case istr_movsw:
  case istr_movsd:
    if (COMPLETE(reg) == REG(esi))
      return useModify;
    if (COMPLETE(reg) == REG(edi))
      return useModify;
    break;
  case istr_xchg:
    _PRG_ASSERT(numArg == 2);
    _PRG_ASSERT(Args[0].type == Param::t_registry);
    _PRG_ASSERT(Args[1].type == Param::t_registry || Args[1].type == Param::t_memory);
    // caso speciale, stesso registro in tutti gli operandi (nop)
    if ( (res&useReadWrite) == useReadWrite && Args[1].type == Param::t_registry)
      return useNone;
    // gestisce caso in cui sia primo parametro
    if (res & useOverwrite)
    {
      if ( (overwriteMask&useOverwrite) && param)
        *param = Args[1]; // !!! per parziale ??
      return USE_TYPE(res&overwriteMask);
    }
    // caso 2o parametro
    if (res & useRead && Args[1].type == Param::t_registry)
    {
      // sovrascrive interamente registro richiesto ?
      if ( (REG_INFO(reg).partialMask&REG_INFO(Args[1].mem_reg1).partialMask) == REG_INFO(reg).partialMask)
      {
        if ( param)
          *param = Args[0]; // !!! per parziale ??
        return useOverwrite;
      }
    }
    break;
  case istr_push:
    // !!! push [esp+6] ? push esp
    _PRG_ASSERT(numArg == 1);
    if (REG(esp) == COMPLETE(reg))
      return (res!=useNone?useReadModify:useModify);
    if (res != useNone)
      return useRead;
    break;
  case istr_popa:
  case istr_popf:
    if (REG(esp) == COMPLETE(reg))
      return useModify;
    break;
  case istr_pop:
    // !!! pop [esp+6] ? pop esp
    // !!! speriamo di non incontrare un pop sp in 32bit (Modify e basta)
    _PRG_ASSERT(numArg == 1);
    if (REG(esp) == COMPLETE(reg))
    {
      // caso speciale: pop [esp+x]
      if (res&useRead)
        return useReadModify;
      // caso speciale: pop esp
      if (res&useOverwrite)
        return useReadWrite;
      return useModify;
    }
    if (res != useNone)
    {
      if ( (overwriteMask&useOverwrite) && param)
        // !!! size and reg constant
        *param = Param(Param::Memory,REG(esp),0,Param::memInt32);
      return USE_TYPE(res&overwriteMask);
    }
    break;
  case istr_cmp:
  case istr_test:
    _PRG_ASSERT(numArg==2);
    if (res & useReadWrite)
      return useRead;
    break;
  case istr_lea:
    _PRG_ASSERT(numArg==2 && Args[1].type == Param::t_memory);
    if (res & useReadWrite)
      return useModify;
    if (res & useOverwrite)
    {
      if ( (overwriteMask&useOverwrite) && param)
      {
        // !!! in realta' non sovrascrive con la memoria
        _PRG_ASSERT(0);
        // !!! e per parziale ?
        *param = Args[1];
      }
      return USE_TYPE(res&overwriteMask);
    }
    break;
  case istr_cdq:
    _PRG_ASSERT(numArg == 0);
    if (COMPLETE(reg) == REG(eax))
      return useRead;
    if (COMPLETE(reg) == REG(edx))
      return useModify; // !!! potrebbe essere Overwrite ma cosa ci scrivo ??
    break;
  case istr_div:
  case istr_idiv:
    {
    _PRG_ASSERT(numArg == 1);
    _PRG_ASSERT(Args[0].type == Param::t_memory || Args[0].type == Param::t_registry);
    _PRG_ASSERT(Args[0].type != Param::t_memory || Args[0].GetMemSize() <= 4);
    _PRG_ASSERT(Args[0].type != Param::t_memory || ((1<<Args[0].GetMemSize() )&026)!=0 );
    if (res != useNone)
      res = useRead;
    if (COMPLETE(reg) == REG(eax))
      return USE_TYPE(res|useModify);

    // se e' memoria ed e' un byte ritorna
    if (Args[0].type == Param::t_memory)
    {
      if (Args[0].GetMemSize() == 1)
        return USE_TYPE(res);
    }
    else if (REG_INFO(Args[0].mem_reg1).size == reg_info::byte)
      return USE_TYPE(res);

    if (COMPLETE(reg) == REG(edx))
      return USE_TYPE(res|useModify);
    }
    return USE_TYPE(res);
  case istr_out:
    _PRG_ASSERT(numArg == 2);
    if (res)
      return useRead;
    break;
  case istr_in:
    _PRG_ASSERT(numArg == 2);
    // in al,dx o in al,Imm8
    // !!! dovrebbe essere Overwrite
    return USE_TYPE(res&useReadModify);
  case istr_nop:
    break;
  default:
    // !!!
#ifdef DEBUG
    fprintf(stderr,"Debug: (UseMode) %s\n",x86instructions_names[instruction]);
#else
    static bool bUnimplPassed = false;
    if (!bUnimplPassed)
    {
            fprintf(stderr,"Something is yet unimplemented!\n");
      bUnimplPassed = true;
    }
#endif
//              exit(1);
    throw UseTypeUnimplemented(static_cast<enum x86instructions>(instruction));
#ifdef DEBUG
    return USE_TYPE(32);
#endif
    break;
  }
  return useNone;
}

// !!! aggiungere caso speciale per istruzioni stringa
void Instruction::Write(char* buffer) const
{
  char* p = buffer;
  strcpy(p,x86instructions_names[instruction]);
  p += strlen(p);
  // parse special function
  switch (instruction)
  {
  case istr_int3:
    strcpy(buffer,"int\t3");
    return;
  case istr_insb:
  case istr_insw:
  case istr_insd:
  case istr_outsb:
  case istr_outsw:
  case istr_outsd:
  case istr_movsb:
  case istr_movsw:
  case istr_movsd:
  case istr_cmpsb:
  case istr_cmpsw:
  case istr_cmpsd:
  case istr_stosb:
  case istr_stosw:
  case istr_stosd:
  case istr_lodsb:
  case istr_lodsw:
  case istr_lodsd:
  case istr_scasb:
  case istr_scasw:
  case istr_scasd:
    if (segOver == -1)
      return;
    break;
  }
  if (numArg)
  {
    *p++ = '\t';
    for (int i=0;i<numArg;++i)
    {
      const Param &param = Args[i];
      if (i!=0)
        *p++ = ',';
      switch(param.type)
      {
      default:
        _PRG_ASSERT(0);
        break;
      case Param::t_farliteral:
        _PRG_ASSERT(param.mem_reg1 >= 0 && param.mem_reg1 < 0x10000l);
        sprintf(p,"%04Xh:",param.mem_reg1);
        p += strlen(p);
        if (param.GetLiteralSize() == 2)
          sprintf(p,"%04Xh",param.literal);
        else
          sprintf(p,"%08Xh",param.literal);
        break;
      case Param::t_literal:
        if (param.GetLiteralSize() == 1)
          sprintf(p,"%02Xh",param.literal);
        else if (param.GetLiteralSize() == 2)
          sprintf(p,"%04Xh",param.literal);
        else
          sprintf(p,"%08Xh",param.literal);
        break;
      case Param::t_registry:
        strcpy(p,RegistryInfo::GetInfo(param.mem_reg1)->name);
        break;
      case Param::t_memory:
        // print memory size
        if (param.MustWriteMemSize())
          switch(param.GetMemSize())
          {
          default:
          case 0:  break;
          case 1:  strcpy(p,"byte ptr ");  p+=9;  break;
          case 2:  strcpy(p,"word ptr ");  p+=9;  break;
          case 4:  strcpy(p,"dword ptr "); p+=10; break;
          case 6:  strcpy(p,"fword ptr "); p+=10; break;
          case 8:  strcpy(p,"qword ptr "); p+=10; break;
          case 10: strcpy(p,"tbyte ptr "); p+=10; break;
          }
        // write seg over
        if (segOver != -1)
        {
          _PRG_ASSERT( segOver>=0 && segOver<6 );
          char c;
          switch(segOver)
          {
          case 0: c = 'e'; break;
          case 1: c = 'c'; break;
          case 2: c = 's'; break;
          case 3: c = 'd'; break;
          case 4: c = 'f'; break;
          default: _PRG_ASSERT(0);
          case 5: c = 'g'; break;
          }
          *p++ = c;
          *p++ = 's';
          *p++ = ':';
        }
        *p++ ='[';
        bool begin = false;
        if (param.mem_reg1 != null_reg)
        {
          strcpy(p,RegistryInfo::GetInfo(param.mem_reg1)->name);
          p += strlen(p);
          begin = true;
        }
        if (param.mem_reg2 != null_reg)
        {
          if (begin) *p++ = '+';
          strcpy(p,RegistryInfo::GetInfo(param.mem_reg2)->name);
          p += strlen(p);
          if (param.factor > 1)
          {
            sprintf(p,"*%i",param.factor);
            p += strlen(p);
          }
          begin = true;
        }
        if (param.literal != 0 || !begin)
        {
          if ( (param.literal & 0x80000000lu) && begin)
            sprintf(p,"-%08Xh",-param.literal);
          else
          {
            if (begin) *p++ = '+';
              sprintf(p,"%08Xh",param.literal);
          }
          p += strlen(p);
        }
        *p++ = ']';
        *p = '\0';
        break;
      }
      p += strlen(p);
    }
  }
  *p = '\0';
}

enum FlowTypes Instruction::GetFlowType() const
{
  switch(instruction)
  {
  // ritorno
  case istr_ret:
  case istr_retf:
  case istr_iret:
    return FLOW_RET;
  // chiamata
  case istr_call:
    return FLOW_CALL;
  // jmp incondizionato
  case istr_jmp:
    return FLOW_JUMP;
  default:
        // jmp condizionato
        if (x86instructions_names[instruction][0] == 'j')
        return FLOW_CJUMP;
        return FLOW_NONE;
  }
}

typedef enum { Assign,Negate,Complement,Zero,Xor,Sub,Add,And,Or } Operations;
typedef enum { UsuallyFlag,FlagCarry,FlagZero,FlagParity,FlagNone } FlagCombine;
void Operation1(Operations op,const Param& param,FlagCombine flag)
{}
void Operation2(Operations op,const Param* dst,const Param& p1,FlagCombine flag)
{}
void Operation3(Operations op,const Param* dst,const Param& p1,const Param& p2,FlagCombine flag)
{}
void SetFlag(FlagCombine flag,FlagCombine mask)
{}

void Instruction::WriteRegUsage(FILE* f) const
{
  switch(instruction)
  {
  case istr_sbb:
  case istr_adc:
    // leggono in piu' CF
    //goto intere;
    break;

  case istr_xor:
  case istr_sub:
    // caso speciale: se 2 registri uguali scrive solo
    if (Args[0].RegEqual(Args[1]))
    {
      Operation1(Zero,Args[0],UsuallyFlag);
      break;
    }
    if (instruction == istr_xor)
      Operation3(Xor,&Args[0],Args[0],Args[1],UsuallyFlag);
    else
      Operation3(Sub,&Args[0],Args[0],Args[1],UsuallyFlag);
    break;

  case istr_inc:
    Operation3(Add,&Args[0],Args[0],Param(Param::Literal,1,(unsigned char)4),(FlagCombine)(UsuallyFlag&~FlagCarry));
    break;

  case istr_dec:
    Operation3(Sub,&Args[0],Args[0],Param(Param::Literal,1,(unsigned char)4),(FlagCombine)(UsuallyFlag&~FlagCarry));
    break;

    // la maggior parte delle operazioni intere
//intere:
    // legge il secondo
    // scrive e legge il primo
    // scrive flag in base al risultato
  case istr_and:
    Operation3(And,&Args[0],Args[0],Args[1],UsuallyFlag);
    break;

  case istr_or:
    Operation3(Or,&Args[0],Args[0],Args[1],UsuallyFlag);
    break;

  case istr_add:
    Operation3(Add,&Args[0],Args[0],Args[1],UsuallyFlag);
    break;

  case istr_neg:
    Operation2(Complement,&Args[0],Args[0],UsuallyFlag);
    break;

  case istr_not:
    // unaria legge e scrive il primo
    Operation2(Negate,&Args[0],Args[0],UsuallyFlag);
    break;

  case istr_mov:
    // sembra uguale alle aritmetiche ma non scrive flag ne legge dest

    // registri uguali e' un NOP
    if (Args[0].RegEqual(Args[1]))
      break;
    //HandleRead(Args[1]);
    //HandleWrite(Args[0]);
    Operation2(Assign,&Args[0],Args[1],FlagNone); // assegnazione
    break;

  case istr_lea:
    // caso speciale, NOP complessi
    if (Args[1].literal == 0)
    {
      // lea eax,[eax+0]
      if (Args[0].mem_reg1 == Args[1].mem_reg1 && Args[1].mem_reg2 == null_reg)
        break;
      // lea eax,[eax*1+0]
      if (Args[0].mem_reg1 == Args[1].mem_reg2 && Args[1].mem_reg1 == null_reg && Args[1].factor == 1)
        break;
    }

    // carica costanti
    //!!!Operation2(Assign,&TempReg0,Param(ParaM::Literal,Args[1].literal,4),0);
    //!!!if (Args[1].mem_reg1 != null_reg)
      //!!!Operation3(Add,&TempReg0,TempReg0,Param(ParaM::Registry,Args[1].mem_reg1),0);
    if (Args[1].mem_reg2 != null_reg)
    {
      int s = 1;
      switch(Args[1].factor)
      {
      case 1:
        //!!!Operation3(Add,&TempReg0,TempReg0,Param(ParaM::Registry,Args[1].mem_reg2),0);
        break;
      case 8:
        ++s;
      case 4:
        ++s;
      case 2:
        //!!!Operation2(Assign,&TempReg1,Param(ParaM::Registry,Args[1].mem_reg2),0);
        //!!!Operation3(ShiftLeft,&TempReg1,TempReg1,Param(ParaM::Literal,s,4),0);
        //!!!Operation3(Add,&TempReg0,TempReg0,TempReg1,0);
        break;
      }
    }

    //!!!Operation2(Assign,&Args[0],TempReg0,0);
    break;

    // uguali aritmetiche ma non modificano destinazione
  case istr_test:
    Operation3(And,NULL,Args[0],Args[1],UsuallyFlag);
    break;

  case istr_cmp:
    // registri uguali setta solo flags
    if (Args[0].RegEqual(Args[1]))
    {
      SetFlag((FlagCombine)(FlagParity|FlagZero),UsuallyFlag);
      break;
    }
    Operation3(Sub,NULL,Args[0],Args[1],UsuallyFlag);
    break;

  case istr_jnz:
    // legge ZF , flusso
    break;

  case istr_push:
    // !!! no support for 16bit
    {
    // traduci in sub esp,size src; mov [esp], src
    Param resp(Param::Registry,REG(esp));
    Operation3(Sub,&resp,resp,Param(Param::Literal,Args[0].GetSize()==2?2:4,(unsigned char)4),FlagNone);
    Param stack(Param::Memory,REG(esp));
    Operation2(Assign,&stack,Args[0],FlagNone); // assegnazione
    }
    break;
  case istr_pop:
    // !!! no support for 16bit
    // traduci in mov dst,[esp]; add esp,size dst
    {
    Param stack(Param::Memory,REG(esp));
    Operation2(Assign,&Args[0],stack,FlagNone);
    Param resp(Param::Registry,REG(esp));
    Operation3(Add,&resp,resp,Param(Param::Literal,Args[0].GetSize()==2?2:4,(unsigned char)4),FlagNone);
    }
    break;

  case istr_call:
    // traduci in sub esp,2/4; mov [esp], next_istr; jmp dst
    break;

  case istr_ret:
    // traduci in mov temp,[esp]; add esp,2/4; jmp temp
    break;
  case istr_leave:
    // e se parametri ??
    // traduci in mov esp,ebp pop ebp
    break;

  // qualcosa di sconosciuto
  default:
    fprintf(f,"unknown");
  }
  fprintf(f,"\n");
}

---