pax_global_header00006660000000000000000000000064134042530240014507gustar00rootroot0000000000000052 comment=39de02a118f95e254550a944843ee69f721c79d9 distorm-3.4.1/000077500000000000000000000000001340425302400131755ustar00rootroot00000000000000distorm-3.4.1/COPYING000066400000000000000000000027771340425302400142450ustar00rootroot00000000000000:[diStorm3}: The ultimate disassembler library. Copyright (c) 2003-2018, Gil Dabah All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of the Gil Dabah nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GIL DABAH BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. distorm-3.4.1/MANIFEST000066400000000000000000000010361340425302400143260ustar00rootroot00000000000000COPYING setup.cfg setup.py include\distorm.h include\mnemonics.h python\distorm3\__init__.py examples\python\sample.py src\config.h src\decoder.c src\decoder.h src\distorm.c src\instructions.c src\instructions.h src\insts.c src\insts.h src\mnemonics.c src\operands.c src\operands.h src\prefix.c src\prefix.h src\textdefs.c src\textdefs.h src\wstring.c src\wstring.h src\x86defs.h make\win32\cdistorm.vcxproj make\win32\cdistorm.vcxproj.filters make\win32\distorm.sln make\win32\resource.h make\win32\Resource.rc distorm-3.4.1/MANIFEST.in000066400000000000000000000004101340425302400147260ustar00rootroot00000000000000include COPYING setup.cfg setup.py include make\win32\cdistorm.vcxproj make\win32\cdistorm.vcxproj.filters make\win32\distorm.sln make\win32\resource.h make\win32\Resource.rc recursive-include src *.c *.h recursive-include include *.c *.h recursive-include . *.py distorm-3.4.1/README.md000066400000000000000000000016451340425302400144620ustar00rootroot00000000000000Powerful Disassembler Library For x86/AMD64 ----------- Welcome to the diStorm3 binary stream disassembler library project. diStorm3 is really a decomposer, which means it takes an instruction and returns a binary structure which describes it rather than static text, which is great for advanced binary code analysis. diStorm3 is super lightweight (~45KB), ultra fast and easy to use (a single API)! "We benchmarked five popular open-source disassembly libraries and chose diStorm3, which had the best performance (and furthermore, has complete 64-bit support).", July 2014, Quoting David Williams-King in his Thesis about Binary Shuffling. diStorm3 is licensed under BSD! Installing diStorm3 - Clone repo locally and then 'python setup.py install' or alternatively: 'python -m pip install distorm3'. For Windows, use these pre-built installers in https://pypi.org/project/distorm3/#files. RTFM, the wiki has plenty of info. distorm-3.4.1/disOps/000077500000000000000000000000001340425302400144365ustar00rootroot00000000000000distorm-3.4.1/disOps/disOps.py000066400000000000000000000215001340425302400162470ustar00rootroot00000000000000# # disOps.py v 1.0.0 # # Copyright (C) 2003-2018 Gil Dabah, http://ragestorm.net/distorm/ # # disOps is a part of the diStorm project, but can be used for anything. # The generated output is tightly coupled with diStorm data structures which can be found at instructions.h. # The code in diStorm that actually walks these structures is found at instructions.c. # # Since the DB was built purposely for diStorm, there are some # Known issues: # 1. ARPL/MOVSXD information in DB is stored as ARPL. # Since ARPL and MOVSXD share the same opcode this DB doesn't support this mix. # Therefore, if you use this DB for x64 instructions, you have to take care of this one. # # 2. SSE CMP pseudo instructions have the DEFAULT suffix letters of its type in the second mnemonic, # the third operand, Imm8 which is responsible for determining the suffix, # doesn't appear in the operands list but rather an InstFlag.PSEUDO_OPCODE implies this behavior. # # 3. The WAIT instruction is a bit problematic from a static DB point of view, read the comments in init_FPU in x86sets.py. # # 4. The OpLen.OL_33, [0x66, 0x0f, 0x78, 0x0], ["EXTRQ"] is very problematic as well. # Since there's another 8 group table after the 0x78 byte in this case, but it's already a Prefixed table. # Therefore, we will handle it as a normal 0x78 instruction with a mandatory prefix of 0x66. # But the REG (=0) field of the ModRM byte will be checked in the decoder by a flag that states so. # Otherwise, another normal table after Prefixed table really complicates matters, # and doesn't worth the hassle for one exceptional instruction. # # 5. The NOP (0x90) instruction is really set in the DB as xchg rAX, rAX. Rather than true NOP, this is because of x64 behavior. # Hence, it will be decided in runtime when decoding streams according to the mode. # # 6. The PAUSE (0xf3, 0x90) instruction isn't found in the DB, it will be returned directly by diStorm. # This is because the 0xf3 in this case is not a mandatory prefix, and we don't want it to be built as part of a prefixed table. # # 7. The IO String instructions don't have explicit form and they don't support segments. # It's up to diStorm to decide what to do with the operands and which segment is default and overrided. # # 8. Since opcodeId is an offset into the mnemonics table, the psuedo compare mnemonics needs a helper table to fix the offset. # Psuedo compare instructions work in such a way that only the first instruction is defined in the DB. # The rest are found using the third operand (that's why they are psuedo). # # To maximize the usage of this DB, one should learn the documentation of diStorm regarding the InstFlag and Operands Types. # import re import time import functools import x86sets import x86db import x86generator # Work with multi line and dot-all. reFlags = re.M | re.S def CreateMnemonicsC(mnemonicsIds): """ Create the opcodes arrays for C header files. """ opsEnum = "typedef enum {\n\tI_UNDEFINED = 0, " pos = 0 l2 = sorted(mnemonicsIds.keys()) for i in l2: s = "I_%s = %d" % (i.replace(" ", "_").replace(",", ""), mnemonicsIds[i]) if i != l2[-1]: s += "," pos += len(s) if pos >= 70: s += "\n\t" pos = 0 elif i != l2[-1]: s += " " opsEnum += s opsEnum += "\n} _InstructionType;" # Mnemonics are sorted by insertion order. (Psuedo mnemonics depend on this!) # NOTE: EXTRA BACKSLASHES FORE RE.SUB !!! s = "const unsigned char _MNEMONICS[] =\n\"\\\\x09\" \"UNDEFINED\\\\0\" " l = list(zip(mnemonicsIds.keys(), mnemonicsIds.values())) l = sorted(l, key=functools.cmp_to_key(lambda x, y: x[1] - y[1])) for i in l: s += "\"\\\\x%02x\" \"%s\\\\0\" " % (len(i[0]), i[0]) if len(s) - s.rfind("\n") >= 76: s += "\\\\\n" s = s[:-1] + ";" # Ignore last space. # Return enum & mnemonics. return (opsEnum, s) def CreateMnemonicsPython(mnemonicsIds): """ Create the opcodes dictionary for Python. """ s = "Mnemonics = {\n" for i in mnemonicsIds: s += "0x%x: \"%s\", " % (mnemonicsIds[i], i) if len(s) - s.rfind("\n") >= 76: s = s[:-1] + "\n" # Fix ending of the block. s = s[:-2] # Remote last comma/space we always add for the last line. if s[-1] != "\n": s += "\n" # Return mnemonics dictionary only. return s + "}" def CreateMnemonicsJava(mnemonicsIds): """ Create the opcodes dictionary/enum for Java. """ s = "public enum OpcodeEnum {\n\tUNDEFINED, " for i in mnemonicsIds: s += "%s, " % (i.replace(" ", "_").replace(",", "")) if len(s) - s.rfind("\n") >= 76: s = s[:-1] + "\n\t" # Fix ending of the block. s = s[:-2] # Remote last comma/space we always add for the last line. if s[-1] != "\n": s += "\n" opsEnum = s + "}" s = "static {\n\t\tmOpcodes.put(0, OpcodeEnum.UNDEFINED);\n" for i in mnemonicsIds: s += "\t\tmOpcodes.put(0x%x, OpcodeEnum.%s);\n" % (mnemonicsIds[i], i.replace(" ", "_").replace(",", "")) s += "\t}" # Return enum & mnemonics. return (opsEnum, s) def WriteMnemonicsC(mnemonicsIds): """ Write the enum of opcods and their corresponding mnemonics to the C files. """ path = "..\\include\\mnemonics.h" print("- Try rewriting mnemonics for %s." % path) e, m = CreateMnemonicsC(mnemonicsIds) old = open(path, "r").read() rePattern = "typedef.{5,20}I_UNDEFINED.*?_InstructionType\;" if re.compile(rePattern, reFlags).search(old) == None: raise Exception("Couldn't find matching mnemonics enum block for substitution in " + path) new = re.sub(rePattern, e, old, 1, reFlags) open(path, "w").write(new) print("Succeeded") path = "..\\src\\mnemonics.c" print("- Try rewriting mnemonics for %s." % path) old = open(path, "r").read() rePattern = "const unsigned char _MNEMONICS\[\] =.*?;" if re.compile(rePattern, reFlags).search(old) == None: raise Exception("Couldn't find matching mnemonics text block for substitution in " + path) new = re.sub(rePattern, m, old, 1, reFlags) open(path, "w").write(new) print("Succeeded") def WriteMnemonicsPython(mnemonicsIds): """ Write the dictionary of opcods to the python module. """ # # Fix Python dictionary inside __init__.py. # path = "..\\python\\distorm3\\__init__.py" print("- Try rewriting mnemonics for %s." % path) d = CreateMnemonicsPython(mnemonicsIds) old = open(path, "r").read() rePattern = "Mnemonics = \{.*?\}" if re.compile(rePattern, reFlags).search(old) == None: raise Exception("Couldn't find matching mnemonics dictionary for substitution in " + path) new = re.sub(rePattern, d, old, 1, reFlags) open(path, "w").write(new) print("Succeeded") def WriteMnemonicsJava(mnemonicsIds): """ Write the enum of opcods and their corresponding mnemonics to the Java files. """ # # Fix Java enum and mnemonics arrays # path = "..\\examples\\java\\distorm\\src\\diStorm3\\OpcodeEnum.java" print("- Try rewriting mnemonics for %s." % path) e, m = CreateMnemonicsJava(mnemonicsIds) old = open(path, "r").read() rePattern = "public enum OpcodeEnum \{.*?}" if re.compile(rePattern, reFlags).search(old) == None: raise Exception("Couldn't find matching mnemonics enum block for substitution in " + path) new = re.sub(rePattern, e, old, 1, reFlags) open(path, "w").write(new) print("Succeeded") path = "..\\examples\\java\\distorm\\src\\diStorm3\\Opcodes.java" print("- Try rewriting mnemonics for %s." % path) old = open(path, "r").read() rePattern = "static \{.*?}" if re.compile(rePattern, reFlags).search(old) == None: raise Exception("Couldn't find matching mnemonics text block for substitution in " + path) new = re.sub(rePattern, m, old, 1, reFlags) open(path, "w").write(new) print("Succeeded") def WriteInstsC(lists): """ Write the tables of the instructions in the C source code. """ path = "..\\src\\insts.c" print("- Try rewriting instructions for %s." % path) old = open(path, "r").read() pos = old.find("/*\n * GENERATED") if pos == -1: raise Exception("Can't find marker in %s" % path) new = old[:pos] new += "/*\n * GENERATED BY disOps at %s\n */\n\n" % time.asctime() new += lists open(path, "w").write(new) print("Succeeded") def main(): # Init the 80x86/x64 instructions sets DB. db = x86db.InstructionsDB() x86InstructionsSet = x86sets.Instructions(db.SetInstruction) # Generate all tables of id's and pointers with the instructions themselves. mnemonicsIds, lists = x86generator.CreateTables(db) # Rewrite C instructions tables. WriteInstsC(lists) # Rewrite mnemonics of the C source code. WriteMnemonicsC(mnemonicsIds) # Rewrite mnemonics for the Python module. WriteMnemonicsPython(mnemonicsIds) # Rewrite mnemonics for the Java binding example code. WriteMnemonicsJava(mnemonicsIds) # C#: # Note that it will update its mnemonics upon compilation by taking them directly from the C code. main() distorm-3.4.1/disOps/registers.py000077500000000000000000000034271340425302400170300ustar00rootroot00000000000000# All VIAL and diStorm3 code are based on the order of this list, do NOT edit! REGISTERS = [ "RAX", "RCX", "RDX", "RBX", "RSP", "RBP", "RSI", "RDI", "R8", "R9", "R10", "R11", "R12", "R13", "R14", "R15", "XX", "EAX", "ECX", "EDX", "EBX", "ESP", "EBP", "ESI", "EDI", "R8D", "R9D", "R10D", "R11D", "R12D", "R13D", "R14D", "R15D", "XX", "AX", "CX", "DX", "BX", "SP", "BP", "SI", "DI", "R8W", "R9W", "R10W", "R11W", "R12W", "R13W", "R14W", "R15W", "XX", "AL", "CL", "DL", "BL", "AH", "CH", "DH", "BH", "R8B", "R9B", "R10B", "R11B", "R12B", "R13B", "R14B", "R15B", "XX", "SPL", "BPL", "SIL", "DIL", "XX", "ES", "CS", "SS", "DS", "FS", "GS", "XX", "RIP", "XX", "ST0", "ST1", "ST2", "ST3", "ST4", "ST5", "ST6", "ST7", "XX", "MM0", "MM1", "MM2", "MM3", "MM4", "MM5", "MM6", "MM7", "XX", "XMM0", "XMM1", "XMM2", "XMM3", "XMM4", "XMM5", "XMM6", "XMM7", "XMM8", "XMM9", "XMM10", "XMM11", "XMM12", "XMM13", "XMM14", "XMM15", "XX", "YMM0", "YMM1", "YMM2", "YMM3", "YMM4", "YMM5", "YMM6", "YMM7", "YMM8", "YMM9", "YMM10", "YMM11", "YMM12", "YMM13", "YMM14", "YMM15", "XX", "CR0", "", "CR2", "CR3", "CR4", "", "", "", "CR8", "XX", "DR0", "DR1", "DR2", "DR3", "", "", "DR6", "DR7"] regsText = "const _WRegister _REGISTERS[] = {\n\t" regsEnum = "typedef enum {\n\t" old = "*" unused = 0 for i in REGISTERS: if old != "*": if old == "XX": regsText += "\n\t" regsEnum += "\n\t" old = i continue else: regsText += "{%d, \"%s\"}," % (len(old), old) if len(old): regsEnum += "R_%s," % old else: regsEnum += "R_UNUSED%d," % unused unused += 1 if i != "XX": regsText += " " regsEnum += " " old = i regsText += "{%d, \"%s\"}\n};\n" % (len(old), old) regsEnum += "R_" + old + "\n} _RegisterType;\n" print(regsEnum) print(regsText) distorm-3.4.1/disOps/x86db.py000066400000000000000000000434631340425302400157550ustar00rootroot00000000000000# # x86db.py # # Copyright (C) 2012 Gil Dabah, http://ragestorm.net/disops/ # from x86header import * # The mandatory prefix bytes list: _MandatoryPrefixesList = [0x9b, 0x66, 0xf3, 0xf2] # Map the mandatory prefix to its corresponding entry number in the PREFIXED table. # Note that no-prefix is first entry. _MandatoryPrefixToEntry = {0x9b: 1, 0x66: 1, 0xf3: 2, 0xf2: 3} # # Prefixed Table (12 entries): # # Normal optional prefix: # 0 - NONE, 1 - 66/9b, 2 - f3, 3 - f2 # # With VEX prefix (if based on MOD, then MOD=11): # 4 - NONE, 5 - 66/9b, 6 - f3, 7 - f2 # # With VEX prefix, (MOD!=11): # 8 - NONE, 9 - 66/9b, 10 - f3, 11 - f2 # # Note: VEX.L and VEX.W affections can be described in a single InstInfo structure and thus we don't need to split them too. # The problem with instructions that are encodable with or without VEX.VVVV # is that a single InstInfo structure doesn't have a few sets of operands. class DBException(Exception): """ Used in order to throw an exception when an error occurrs in the DB. """ pass class InstructionInfo: """ Instruction Info holds all information relevant for an instruction. another string member, self.tag, will be initialized in runtime to have the bytes of the opcode (I.E: 0f_0f_a7). """ def __init__(self, classType, OL, pos, isModRMIncluded, mnemonics, operands, flags): self.tag = "" self.classType = classType # Check for special mandatory-prefixed instruction. if pos[0] in _MandatoryPrefixesList: self.pos = pos[1:] self.prefix = pos[0] self.OL = OpcodeLength.NextOL[OL] self.prefixed = True self.entryNo = _MandatoryPrefixToEntry[pos[0]] else: self.pos = pos self.prefix = 0 self.OL = OL self.prefixed = False self.entryNo = 0 self.mnemonics = mnemonics self.operands = operands self.flags = flags # CPU affected flags by instruction: self.modifiedFlags = 0 self.testedFlags = 0 self.undefinedFlags = 0 if len(self.operands) == 3: self.flags |= InstFlag.USE_OP3 elif len(self.operands) == 4: self.flags |= InstFlag.USE_OP3 | InstFlag.USE_OP4 if isModRMIncluded: self.flags |= InstFlag.MODRM_INCLUDED # Does it use any of the VEX.vvvv field to describe an operand? if len(list(filter(lambda x: x in [OperandType.VXMM, OperandType.VYMM, OperandType.VYXMM], self.operands))) == 0: self.flags |= InstFlag.VEX_V_UNUSED self.VEXtag = "" # Special treatment for VEX instructions: if self.flags & InstFlag.PRE_VEX: # We assume that for now VEX.vvvv and MODRR are coupled in some instructions, it might not be the case in the future. # VEX instructions have 3 options (only latter two can collide), so we will have to split them: # 1) Normal VEX instruction is mapped to range 4 - 8 by default. # 2) Instruction which is MODRR based and uses VEX.vvvv is mapped to range 4 - 8. # 3) Instruction which is MODRR based and doesn't use VEX.vvvv is mapped to range 8 - 12. self.entryNo += 4 # For VEX self.VEXtag = "V" if self.flags & (InstFlag.MODRR_BASED | InstFlag.VEX_V_UNUSED) == (InstFlag.MODRR_BASED | InstFlag.VEX_V_UNUSED): self.entryNo += 4 # MODRR without VEX.VVVV self.VEXtag += "RR" # Assert that OL is < OL_33: if self.OL >= OpcodeLength.OL_33: raise DBException("Instruction OL is bigger than OL_33.") class InstructionsTable: """ A table contains all instructions under its index. The number of instructions varyies and depends on its type. Note that a table be nested in itself. Every table has its position beginning in the db.root. So all opcodes that begin with first byte with the value of 0x0f, will be in the 0x0f table (which has a tag "0f"). """ Full = 256 Divided = 72 Group = 8 Prefixed = 12 def __init__(self, size, tag, pos): self.list = {} self.size = size # The type of the table is determined by its actual size. # Set up a limit number for the table, used in the iterator. if size == self.Full: self.type = NodeType.LIST_FULL self.limit = self.Full elif size == self.Divided: # Since the ranges of Divided instructions are 0x0-0x7 and 0xc0-0xff, we limit it as a full sized table. self.type = NodeType.LIST_DIVIDED self.limit = self.Full elif size == self.Group: self.type = NodeType.LIST_GROUP self.limit = size elif size == self.Prefixed: self.type = NodeType.LIST_PREFIXED self.limit = size self.tag = tag self.pos = pos def __iter__(self): """ This is the "ctor" of the iterator. """ # Begin with the first opcode. self.__iterIndex = -1 return self def __next__(self): """ This is the core of the iterator, return the next instruction or halt. """ # Get next instruction. self.__iterIndex += 1 # Optimization: skip unused entries in Divided tables. if self.type == NodeType.LIST_DIVIDED and self.__iterIndex == 8: # Actually it must be done, because the iterator-user assumes Divided table is 72 entries long. # So it happens that len(list(divided-table)) == 72 ! self.__iterIndex = 0xc0 # Stop the iteration in case we reached the limit. if self.__iterIndex == self.limit: raise StopIteration # If we have the key return its corresponding opcode, # it might be that we return an object of another nested InstructionTable as well. if self.__iterIndex in self.list: item = self.list[self.__iterIndex] return item # In case no InstructionInfo or InstructionsTable were found, return None (this doesn't stop the iteration!). return None # Fix for Python2.x next = __next__ class GenBlock: """ There are some special instructions which have the operand encoded in the code byte itself. For instance: 40: INC EAX 41: ECX. push/pop/dec, etc... Therefore, these instructions can be treated specially in the tables, so instead of generating a unique instruction-info per such instruction. We "cheat" by making some entries in the table point to the same instruction-info. Following the last example, all instructions in the range of 0x40-0x47 point to the instruction-info 0x40, which means INC . This means that we don't call SetInstruction for the range 0x40-0x47, only a single set instruction per this block (8 instructions which their REG field is extracted from their own byte code). So in order to simulate the real case where there are actually 8 instructions that were set using SetInstruction, this class handles this special flag and returns the same first instruction for its corresponding block at runtime. """ # Number of generated instructions in a row. Block = 8 def __init__(self, list): if isinstance(list, InstructionsTable) == False: raise DBException("List must be InstructionsTable object") self.list = list def __iter__(self): """ This is the "ctor" of the iterator. """ # Count up to Block instructions. self.counter = 0 # This is the item we're going to return every iteration. self.item = None # Start the InstructionsTable internal iterator as well. self.list.__iter__() return self def __next__(self): # Get next item from internal iterator. i = self.list.next() # If there's an item set, it means we hit the special opcode before. if self.item != None: # Countup self.counter += 1 # If we reached the limit, stop. if self.counter == self.Block: self.counter = 0 self.item = None # See if the item we read is an opcode and whether it has the GEN_BLOCK. if isinstance(i, InstructionInfo) and i.flags & InstFlag.GEN_BLOCK: # Store this instruction for next 8 iterations. self.item = i return i elif i == None and self.item != None: # Return the stored item, only if there's no opcode set. # Sometimes, there are GEN_BLOCK instructions and the next instruction is also set (means it has its own OpcodeInfo) # so we have to return real instructions first, and then generated instructions. return self.item # Return the instruction we read from the real list. return i # Fix for Python2.x next = __next__ class InstructionsDB: """ The Instructions Data Base holds all instructions under it. The self.root is where all instructions begin, so instructions that are 1 byte long, will be set directly there. But instructions that are 2 instructions long, will be set under another InstructionsTable nested inside the self.root. The DB is actually the root of a Trie. (For more info about Trie see diStorm's instructions.h). """ def __init__(self): # Root contains a Full InstructionsTable with 256 entries. self.root = InstructionsTable(InstructionsTable.Full, "", []) # Special instructions that diStorm has to use manually and can look them up using the tables. self.exportedInstructions = [] def getExportedInstructions(self): return self.exportedInstructions def HandleMandatoryPrefix(self, type, o, pos, ii, tag): if ii.prefixed: ii.tag = "_%02X%s" % (ii.prefix, ii.tag) if ii.flags & InstFlag.PRE_VEX: ii.tag = "_%s%s" % (ii.VEXtag, ii.tag) # If there is nothing at this index, create a prefixed table. if pos[0] not in o.list: o.list[pos[0]] = InstructionsTable(InstructionsTable.Prefixed, tag, "") # If there's a table constructred already (doesn't matter if by last line). if isinstance(o.list[pos[0]], InstructionsTable) and o.list[pos[0]].type == NodeType.LIST_PREFIXED: # Check for obvious collision. if ii.entryNo in o.list[pos[0]].list: raise DBException("Collision in prefix table.") # Link the instruction to its index. o.list[pos[0]].list[ii.entryNo] = ii # The index is taken and it's not a prefixed table, we will have to convert it then. else: # Store current instruction which we are going to replace with a table. tmp = o.list[pos[0]] # Check for collision first, if it's a prefixed instruction at all. if (not ii.prefixed and ii.pos[0] != 0x0f) or (tmp.entryNo == ii.entryNo): msg = "Instruction Collision: %s" % str(o.list[pos[0]]) raise DBException(msg) # Create a prefixed table. o.list[pos[0]] = InstructionsTable(InstructionsTable.Prefixed, tag, "") # Link the previous instruction. o.list[pos[0]].list[tmp.entryNo] = tmp # Link new instruction. o.list[pos[0]].list[ii.entryNo] = ii def CreateSet(self, type, o, pos, ii, tag = "", level = 0): """ This is the most improtant function in the whole project. It builds and links a new InstructionsTable if required and afterwards sets the given InstructionInfo object in its correct place. It knows to generate the nested lists dynamically, building a Trie DB. The algorithm for building the nested tables is as follows: See if you got to the last byte code of the instruction, if so, link the instruction info and exit. Try to enter the first index in the list, if it doesn't exist, create it. If it exists, take off the first index from its array, (since we already entered it), and RECURSE with the new(/existing) list now. In practice it's a bit more complex since there are 3 types of tables we can create, and we have to take care of it. Let's see two examples of how it really works with the following input (assuming root is empty): 0: OL_3, root, [0x67, 0x69, 0x6c], II_INST 1: Create Table - with size of 256 at index 0x67 Recurse - OL_2, root[0x67], [0x69, 0x6c], II_INST 2: Create Table - with size of 256 at index 0x69 Recurse - OL_1, root[0x67][0x69], [0x6c], II_INST 3: Link Instruction Information - at index 0x6c, since type is OL_1 root[0x67][0x69][0x6c] = II_INST exit Second example: 0: OL_23, root, [0x0f, 0xb0, 0x03], II_INST2 1: Create Table - with size of 256 at index 0x0f Recurse - OL_13, root[0x0f], [0xb0, 0x03], II_INST2 2: Create Table - with size of 8(GROUP) at index 0xb0, since input type is OL_13 Recurse - OL_1, root[0x0f][0xb0], [0x03], II_INST2 3: Link Instruction Information - at index 0x03, since type is OL_1 root[0x0f][0xb0][0x03] = II_INST2 exit Every table we create is usually a Full sized table (256 entries), since it can point to next 256 instructions. If the input type is OL_13 or OL_1d we know we have to create a Group sized table or Divided sized table, correspondingly. OL_13/OL_1d means its the last table to build in the sequence of byte codes of the given instruction. OL_1 always means that we just have to link the instruction information and that all tables are built already. Therefore the "next" of OL_13/OL_1d is always OL_1. Special case for mandatory prefixed instructions: If the instruction's first opcode byte is a mandatory prefix (0x66, 0xf2, 0xf3), then we will skip it in the root. However, it will be set in the same table of that instruction without the prefix byte. Therefore if there are a few instructions that the only difference among them is the mandatory prefix byte, they will share a special table. This "PREFIXED" table points to the Instruction Information of those possible instructions. Also the information for the same instruction without any mandatory prefix will be stored in this table. Entries order: None, 0x66, 0xf2, 0xf3. Example: [0x0f, 0x2a], ["CVTPI2PS"] [0x66, 0x0f, 0x2a], ["CVTPI2PD"] [0xf3, 0x0f, 0x2a], ["CVTSI2SS"] When there is a collision with the same instruction, we will know to change it into a PREFIXED table. """ # Keep track of the index we scan. tag += "_%02X" % pos[0] # If the type is OL_1, it means we have to set the InstructionInfo in o.list, which is the last table we need. if type == OpcodeLength.OL_1: # Set the tag (position formatted in text) of the Instruction itself. ii.tag = tag # If the instruction is already set, there's something wrong with the DB initializer, # probably a collision inside x86sets.py. if ii.prefixed: self.HandleMandatoryPrefix(type, o, pos, ii, tag) return if pos[0] in o.list: self.HandleMandatoryPrefix(type, o, pos, ii, tag) return # Link the instruction info in its place. o.list[pos[0]] = ii # Stop recursion. return # See whether we have to create a nested table. if pos[0] not in o.list: # All tables are full sized. tableType = InstructionsTable.Full if type == OpcodeLength.OL_13: # Except 1.3 - Create a Group table. tableType = InstructionsTable.Group elif type == OpcodeLength.OL_1d: # And except 1.d - Create a Divided table. tableType = InstructionsTable.Divided # Create and link the new table at the same time in its place. o.list[pos[0]] = InstructionsTable(tableType, tag, ii.pos[:-1]) # This is the tricky recursive call, # 1) Get the next OL we need, so we know what to do next, place an instruction info, or create another table. # 2) Return the current table, which must be created, because it's either was just created or exists from before. # 3) Since pos is a list with the indexes of the instruction, and we just used pos[0], we move to the next indexes, # by removing the first item. # 4) The instruction info to set when we reach its place. # 5) The updated tag with the indexes of the instruction. self.CreateSet(OpcodeLength.NextOL[type], o.list[pos[0]], pos[1:], ii, tag, level + 1) def SetInstruction(self, *args): """ This function is used in order to insert an instruction info into the DB. """ if (args[4] & InstFlag.EXPORTED) != 0: ii = InstructionInfo(args[0], OpcodeLength.OL_1, [0], False, args[2], args[3], args[4]) self.exportedInstructions.append(ii) return # *args = ISetClass, OL, pos, mnemonics, operands, flags # Construct an Instruction Info object with the info given in args. opcode = args[1].replace(" ", "").split(",") # The number of bytes is the base length, now we need to check the last entry. pos = [int(i[:2], 16) for i in opcode] last = opcode[-1][2:] # Skip hex of last full byte isModRMIncluded = False # Indicates whether 3 bits of the REG field in the ModRM byte were used. if last[:2] == "//": # Divided Instruction pos.append(int(last[2:], 16)) isModRMIncluded = True try: OL = {1:OpcodeLength.OL_1d, 2:OpcodeLength.OL_2d}[len(opcode)] except KeyError: raise DBException("Invalid divided instruction opcode") elif last[:1] == "/": # Group Instruction isModRMIncluded = True pos.append(int(last[1:], 16)) try: OL = {1:OpcodeLength.OL_13, 2:OpcodeLength.OL_23, 3:OpcodeLength.OL_33}[len(opcode)] except KeyError: raise DBException("Invalid group instruction opcode") elif len(last) != 0: raise DBException("Invalid last byte in opcode") # Normal full bytes instruction else: try: OL = {1:OpcodeLength.OL_1, 2:OpcodeLength.OL_2, 3:OpcodeLength.OL_3, 4:OpcodeLength.OL_4}[len(opcode)] except KeyError: raise DBException("Invalid normal instruction opcode") ii = InstructionInfo(args[0], OL, pos, isModRMIncluded, args[2], args[3], args[4]) # Insert the instruction into the table, take care of nested tables, etc... self.CreateSet(ii.OL, self.root, ii.pos, ii) def GenerateTables(self, filter): """ GenerateTables is a generator function that iterates over an InstructionsTable, it returns all nested tables in the DB. The tables are returned in BFS order! If you pass a filter, that filter will be called for every table and should return True for letting the generator return it. """ # Start with the root, if no list was specified. list = self.root list.tag = "ROOT" # Return the root first. stack = [list] while len(stack) > 0: list = stack.pop(0) yield list for i in list: if isinstance(i, InstructionsTable): if filter is not None: # If a filter is set, call it with the table. if filter(i): # If the return value was True, return this same InstructionInfo. stack.append(i) else: # If no filter was set, just push this table. stack.append(i) distorm-3.4.1/disOps/x86generator.py000077500000000000000000000613221340425302400173530ustar00rootroot00000000000000import x86db import x86header from x86header import * SSECmpTypes = ["EQ", "LT", "LE", "UNORD", "NEQ", "NLT", "NLE", "ORD"] AVXCmpTypes = ["EQ", "LT", "LE", "UNORD", "NEQ", "NLT", "NLE", "ORD", "EQ_UQ", "NGE", "NGT", "FALSE", "NEQ_OQ", "GE", "GT", "TRUE", "EQ_OS", "LT_OQ", "LE_OQ", "UNORD_S", "NEQ_US", "NLT_UQ", "NLE_UQ", "ORD_S", "EQ_US", "NGE_UQ", "NGT_UQ", "FALSE_OS", "NEQ_OS", "GE_OQ", "GT_OQ", "TRUE_US"] # Support SSE pseudo compare instructions. We will have to add them manually. def FixPseudo(mnems): return [mnems[0] + i + mnems[1] for i in SSECmpTypes] # Support AVX pseudo compare instructions. We will have to add them manually. def FixPseudo2(mnems): return [mnems[0] + i + mnems[1] for i in AVXCmpTypes] idsCounter = len("undefined") + 2 # Starts immediately after this one. def TranslateMnemonics(pseudoClassType, mnems, mnemonicsIds): global idsCounter l = [] if pseudoClassType == ISetClass.SSE or pseudoClassType == ISetClass.SSE2: mnems = FixPseudo(mnems) elif pseudoClassType == ISetClass.AVX: mnems = FixPseudo2(mnems) for i in mnems: if len(i) == 0: # Some mnemonics are empty on purpose because they're not used. # Set them to zero to keep the order of the list. l.append(0) # Undefined instruction. continue if i in mnemonicsIds: l.append(mnemonicsIds[i]) else: mnemonicsIds[i] = idsCounter l.append(idsCounter) idsCounter += len(i) + 2 # For len/null chars. if idsCounter >= 2**16: raise Exception("opcodeId is too big to fit into uint16_t") return l O_NONE = 0 # REG standalone O_REG = 1 # IMM standalone O_IMM = 2 # IMM_1 standalone O_IMM_1 = 4 # IMM_2 standalone O_IMM_2 = 5 # DISP standlone O_DISP = 3 # MEM uses DISP O_MEM = 3 # PC uses IMM O_PC = 2 # PTR uses IMM O_PTR = 2 _OPT2T = {OperandType.NONE : O_NONE, OperandType.IMM8 : O_IMM, OperandType.IMM16 : O_IMM, OperandType.IMM_FULL : O_IMM, OperandType.IMM32 : O_IMM, OperandType.SEIMM8 : O_IMM, OperandType.IMM16_1 : O_IMM_1, OperandType.IMM8_1 : O_IMM_1, OperandType.IMM8_2 : O_IMM_2, OperandType.REG8 : O_REG, OperandType.REG16 : O_REG, OperandType.REG_FULL : O_REG, OperandType.REG32 : O_REG, OperandType.REG32_64 : O_REG, OperandType.FREG32_64_RM : O_REG, OperandType.RM8 : O_MEM, OperandType.RM16 : O_MEM, OperandType.RM_FULL : O_MEM, OperandType.RM32_64 : O_MEM, OperandType.RM16_32 : O_MEM, OperandType.FPUM16 : O_MEM, OperandType.FPUM32 : O_MEM, OperandType.FPUM64 : O_MEM, OperandType.FPUM80 : O_MEM, OperandType.R32_M8 : O_MEM, OperandType.R32_M16 : O_MEM, OperandType.R32_64_M8 : O_MEM, OperandType.R32_64_M16 : O_MEM, OperandType.RFULL_M16 : O_MEM, OperandType.CREG : O_REG, OperandType.DREG : O_REG, OperandType.SREG : O_REG, OperandType.SEG : O_REG, OperandType.ACC8 : O_REG, OperandType.ACC16 : O_REG, OperandType.ACC_FULL : O_REG, OperandType.ACC_FULL_NOT64 : O_REG, OperandType.MEM16_FULL : O_MEM, OperandType.PTR16_FULL : O_PTR, OperandType.MEM16_3264 : O_MEM, OperandType.RELCB : O_PC, OperandType.RELC_FULL : O_PC, OperandType.MEM : O_MEM, OperandType.MEM_OPT : O_MEM, OperandType.MEM32 : O_MEM, OperandType.MEM32_64 : O_MEM, OperandType.MEM64 : O_MEM, OperandType.MEM128 : O_MEM, OperandType.MEM64_128 : O_MEM, OperandType.MOFFS8 : O_MEM, OperandType.MOFFS_FULL : O_MEM, OperandType.CONST1 : O_IMM, OperandType.REGCL : O_REG, OperandType.IB_RB : O_REG, OperandType.IB_R_FULL : O_REG, OperandType.REGI_ESI : O_MEM, OperandType.REGI_EDI : O_MEM, OperandType.REGI_EBXAL : O_MEM, OperandType.REGI_EAX : O_MEM, OperandType.REGDX : O_REG, OperandType.REGECX : O_REG, OperandType.FPU_SI : O_REG, OperandType.FPU_SSI : O_REG, OperandType.FPU_SIS : O_REG, OperandType.MM : O_REG, OperandType.MM_RM : O_REG, OperandType.MM32 : O_MEM, OperandType.MM64 : O_MEM, OperandType.XMM : O_REG, OperandType.XMM_RM : O_REG, OperandType.XMM16 : O_MEM, OperandType.XMM32 : O_MEM, OperandType.XMM64 : O_MEM, OperandType.XMM128 : O_MEM, OperandType.REGXMM0 : O_REG, OperandType.RM32 : O_MEM, OperandType.REG32_64_M8 : O_MEM, OperandType.REG32_64_M16 : O_MEM, OperandType.WREG32_64 : O_REG, OperandType.WRM32_64 : O_REG, OperandType.WXMM32_64 : O_MEM, OperandType.VXMM : O_REG, OperandType.XMM_IMM : O_IMM, OperandType.YXMM : O_REG, OperandType.YXMM_IMM : O_REG, OperandType.YMM : O_REG, OperandType.YMM256 : O_MEM, OperandType.VYMM : O_REG, OperandType.VYXMM : O_REG, OperandType.YXMM64_256 : O_MEM, OperandType.YXMM128_256 : O_MEM, OperandType.LXMM64_128 : O_MEM, OperandType.LMEM128_256 : O_MEM } def CheckOTCollisions(ii): """ Checks whether an instruction has two or more operands that use the same fields in the diStorm3 structure. E.G: ENTER 0x10, 0x1 --> This instruction uses two OT_IMM, which will cause a collision and use the same field twice which is bougs. """ types = list(map(lambda x: _OPT2T[x], ii.operands)) # Regs cannot cause a collision, since each register is stored inside the operand itself. for i in types: if i != O_REG and types.count(i) > 1: print("**WARNING: Operand type collision for instruction: " + ii.mnemonics[0], ii.tag) break # This fucntion for certain flow control related instructions will set their type. def UpdateForFlowControl(ii): if ii.mnemonics[0].find("CMOV") == 0: ii.flowControl = FlowControl.CMOV return # Should I include SYSCALL ? pairs = [ (["INT", "INT1", "INT 3", "INTO", "UD2"], FlowControl.INT), (["CALL", "CALL FAR"], FlowControl.CALL), (["RET", "IRET", "RETF"], FlowControl.RET), (["SYSCALL", "SYSENTER", "SYSRET", "SYSEXIT"], FlowControl.SYS), (["JMP", "JMP FAR"], FlowControl.UNC_BRANCH), (["JCXZ", "JO", "JNO", "JB", "JAE", "JZ", "JNZ", "JBE", "JA", "JS", "JNS", "JP", "JNP", "JL", "JGE", "JLE", "JG", "LOOP", "LOOPZ", "LOOPNZ"], FlowControl.CND_BRANCH) ] ii.flowControl = 0 for p in pairs: if ii.mnemonics[0] in p[0]: ii.flowControl = p[1] return def UpdateWritableDestinationOperand(ii): " Mark dst-wrt flag for all Integer instructions that write to GPR/mem. " prefixes = ["MOV", "SET", "CMOV", "CMPXCHG"] for i in prefixes: if ii.mnemonics[0].find(i) == 0: ii.flags |= InstFlag.DST_WR return mnemonics = [ "ADD", "OR", "ADC", "SBB", "AND", "SUB", "XOR", "INC", "DEC", "LEA", "XCHG", "ROL", "ROR", "RCL", "RCR", "SHL", "SHR", "SAL", "SAR", "SHLD", "SHRD", "NEG", "NOT", "MUL", "IMUL", "DIV", "IDIV", "POP", "BTR", "BTS", "BTC", "XADD", "BSWAP", "LZCNT", "MOVBE", "POPCNT", "CRC32", "SMSW" ] for i in mnemonics: if ii.mnemonics[0] in i: ii.flags |= InstFlag.DST_WR return # Make sure it's an FPU instruction before we continue. if ii.classType != ISetClass.FPU: return fpu_mnemonics = [ "FSTENV", "FSTCW", "FSAVE", "FSTSW", "FST", "FSTP", "FNSTENV", "FNSTCW", "FIST", "FISTP", "FNSAVE", "FBSTP", "FNSTSW" ] for i in fpu_mnemonics: if ii.mnemonics[0] in i: if len(ii.operands) > 0: # Ignore operands of FPU STi. if ii.operands[0] not in [OperandType.FPU_SI, OperandType.FPU_SSI, OperandType.FPU_SIS]: ii.flags |= InstFlag.DST_WR return def UpdatePrivilegedInstruction(opcodeIds, ii): """ Checks whether a given mnemonic from the given list is privileged, and changes the relevant opcodeId to indicate so. Most significant bit of the OpcodeId is the indicator. """ def IsPrivilegedMov(ii): " Check for MOV instruction with Debug/Control registers which is privileged. " return (ii.mnemonics[0] == "MOV") and ((OperandType.CREG in ii.operands) or (OperandType.DREG in ii.operands)) privileged = [ "LGDT", "LLDT", "LTR", "LIDT", "LMSW", "CLTS", "INVD", "WBINVD", "INVLPG", "HLT", "RDMSR", "WRMSR", "RDPMC", "RDTSC", # IO Sensitive Instructions, mostly allowed by ring0 only. "IN", "INS", "OUT", "OUTS", "CLI", "STI", "IRET" ] for i in enumerate(ii.mnemonics): if (i[1] in privileged) or IsPrivilegedMov(ii): opcodeIds[i[0]] |= 0x8000 def SetInstructionAffectedFlags(ii, flagsTuple): """ Helper routine to set the m/t/u flags for an instruction info. """ # Pad tuple for fast access. if not isinstance(flagsTuple, type(())): flagsTuple = (flagsTuple,) flagsTuple += (0,) * (3 - len(flagsTuple)) ii.modifiedFlags = flagsTuple[0] ii.testedFlags = flagsTuple[1] ii.undefinedFlags = flagsTuple[2] def GetTestedFlagsForCondition(cond): OF, SF, ZF, AF, PF, CF, IF, DF = CPUFlags.OF, CPUFlags.SF, CPUFlags.ZF, CPUFlags.AF, CPUFlags.PF, CPUFlags.CF, CPUFlags.IF, CPUFlags.DF Conditions = { "O": OF, "NO": OF, "B": CF, "AE": CF, "Z": ZF, "NZ": ZF, "BE": CF | ZF, "A": CF | ZF, "S": SF, "NS": SF, "P": PF, "NP": PF, "L": SF | OF, "GE": SF | OF, "LE": SF | OF | ZF, "G": SF | OF | ZF, # Special for FCMOV "U": PF, "NU": PF, "E": ZF, "NE": ZF, "NB": CF, "NBE": CF | ZF } # Return tested flags only. return (0, Conditions[cond], 0) def UpdateInstructionAffectedFlags(ii): """ Add flags for each instruction that is in the following table. We add modified/tested/undefined flags. Note that some instruction reset specific flags, but we don't record that here, we only care about actually modified ones. """ # MNEM: MODIFIED, TEST, UNDEFINED. OF, SF, ZF, AF, PF, CF, IF, DF = CPUFlags.OF, CPUFlags.SF, CPUFlags.ZF, CPUFlags.AF, CPUFlags.PF, CPUFlags.CF, CPUFlags.IF, CPUFlags.DF InstByMnem = { "AAA": (AF | CF, AF, OF | SF | ZF | PF), "AAS": (AF | CF, AF, OF | SF | ZF | PF), "AAD": (SF | ZF | PF, 0, OF | AF | CF), "AAM": (SF | ZF | PF, 0, OF | AF | CF), "ADC": (OF | SF | ZF | AF | PF | CF, CF), "ADD": (OF | SF | ZF | AF | PF | CF), "AND": (OF | SF | ZF | PF | CF, 0, AF), "ARPL": (ZF), "BSF": (ZF, 0, OF | SF | ZF | AF | PF | CF), "BSR": (ZF, 0, OF | SF | ZF | AF | PF | CF), "BT": (CF, 0, OF | SF | ZF | AF | PF), "BTS": (CF, 0, OF | SF | ZF | AF | PF), "BTR": (CF, 0, OF | SF | ZF | AF | PF), "BTC": (CF, 0, OF | SF | ZF | AF | PF), "CLC": (CF), "CLD": (DF), "CLI": (IF), "CMC": (CF), "CMP": (OF | SF | ZF | AF | PF | CF), "CMPXCHG": (OF | SF | ZF | AF | PF | CF), "CMPXCHG8B": (ZF), "CMPXCHG16B": (ZF), # Same inst as previous. "COMSID": (ZF | PF | CF), "COMISS": (ZF | PF | CF), "DAA": (SF | ZF | AF | PF | CF, AF | CF, OF), "DAS": (SF | ZF | AF | PF | CF, AF | CF, OF), "DEC": (OF | SF | ZF | AF | PF), "DIV": (0, 0, OF | SF | ZF | AF | PF | CF), "FCOMI": (ZF | PF | CF), "FCOMIP": (ZF | PF | CF), "FUCOMI": (ZF | PF | CF), "FUCOMIP": (ZF | PF | CF), "IDIV": (0, 0, OF | SF | ZF | AF | PF | CF), "IMUL": (OF | CF, 0, SF | ZF | AF | PF), "INC": (OF | SF | ZF | AF | PF), "UCOMSID": (ZF | PF | CF), "UCOMISS": (ZF | PF | CF), "IRET": (OF | SF | ZF | AF | PF | CF | IF | DF), "LAR": (ZF), "LOOPZ": (0, ZF), "LOOPNZ": (0, ZF), "LSL": (ZF), "LZCNT": (ZF | CF, 0, OF | SF | AF | PF), "MUL": (OF | CF, 0, SF | ZF | AF | PF), "NEG": (OF | SF | ZF | AF | PF | CF), "OR": (SF | ZF | PF, AF), "POPCNT": (ZF), "POPF": (OF | SF | ZF | AF | PF | CF | IF | DF), "RSM": (OF | SF | ZF | AF | PF | CF | IF | DF), "SAHF": (SF | ZF | AF | PF | CF), "SBB": (OF | SF | ZF | AF | PF | CF, CF), "STC": (CF), "STD": (DF), "STI": (IF), "SUB": (OF | SF | ZF | AF | PF | CF), "TEST": (SF | ZF | PF, 0, AF), "VERR": (ZF), "VERW": (ZF), "XADD": (OF | SF | ZF | AF | PF | CF), "XOR": (SF | ZF | PF, 0, AF), # IO/String instructions: "MOVS": (0, DF), "LODS": (0, DF), "STOS": (0, DF), "CMPS": (OF | SF | ZF | AF | PF | CF, DF), "SCAS": (OF | SF | ZF | AF | PF | CF, DF), "INS": (0, DF), "OUTS": (0, DF) } # Check for mnemonics in the above table. for i in ii.mnemonics: if i in InstByMnem and (ii.flags & InstFlag.PSEUDO_OPCODE) == 0: SetInstructionAffectedFlags(ii, InstByMnem[i]) return # Look carefuly for SETcc or Jcc instructions. for i in ["SET", "CMOV", "FCMOV"]: if ii.mnemonics[0].find(i) == 0: SetInstructionAffectedFlags(ii, GetTestedFlagsForCondition(ii.mnemonics[0][len(i):])) return # See if it's a Jcc instruction. if ii.mnemonics[0][:1] == "J" and ii.mnemonics[0][:2] not in ["JM", "JC", "JE", "JR"]: SetInstructionAffectedFlags(ii, GetTestedFlagsForCondition(ii.mnemonics[0][1:])) return # Still no match, try special shift/rotate instructions. # Special shift/rotate instruction that with constant 1 have different flag affections: # First tuple is with constant 1, second tuple is with any count (CL). Shifts = [ (["RCL", "RCR"], (OF | CF, CF), (CF, CF, OF)), (["ROL", "ROR"], (OF | CF), (CF, 0, OF)), (["SAL", "SAR", "SHL", "SHR"], (OF | SF | ZF | PF | CF, 0, AF), (SF | ZF | PF | CF, 0, OF | AF)), (["SHLD", "SHRD"], (OF | SF | ZF | PF | CF, 0, AF), (SF | ZF | PF | CF, 0, OF | AF)) ] for i in Shifts: for j in i[0]: if ii.mnemonics[0] == j: flags = i[1] if ii.operands[1] == OperandType.CONST1 else i[2] SetInstructionAffectedFlags(ii, flags) return # The instruction doesn't affect any flags... return # Table to hold shared inst-info. sharedInfoDict = {} # Table to hold shared flags. flagsDict = {} def FormatInstruction(ii, mnemonicsIds): """ Formats a string with all information relevant for diStorm InstInfo structure or the InstInfoEx. These are the internal structures diStorm uses for holding the instructions' information. Using this structure diStorm knows how to format an opcode when it reads it from the stream. An instruction information structure is found by its byte codes with a prefix of "II_". So for example ADD EAX, Imm32 instruction is II_00. Since there are several types of instructions information structures, the tables which point to these non-default InstInfo structures, will have to cast the pointer. """ # There might be optional fields, if there's a 3rd operand or a second/third mnemonic. optFields = "" # Default type of structure is InstInfo. type = "_InstInfo" # Make sure the instruction can be fully represented using the diStorm3 _DecodeInst structure. CheckOTCollisions(ii) # Add flags for flow control instructions. UpdateForFlowControl(ii) # Add flags for writable destination operand. UpdateWritableDestinationOperand(ii) # Add affected modified/tested/undefined flags for instruction. UpdateInstructionAffectedFlags(ii) # Pad mnemonics to three, in case EXMNEMONIC/2 isn't used (so we don't get an exception). mnems = TranslateMnemonics([None, ii.classType][(ii.flags & InstFlag.PSEUDO_OPCODE) == InstFlag.PSEUDO_OPCODE], ii.mnemonics, mnemonicsIds) + [0, 0] # Mark whether the instruction is privileged, by setting MSB of the OpcodeId field. UpdatePrivilegedInstruction(mnems, ii) # Pad operands to atleast three (so we don't get an exception too, since there might be instructions with no operands at all). ops = ii.operands + [OperandType.NONE, OperandType.NONE, OperandType.NONE, OperandType.NONE] # Is it an extended structure? isExtended = (ii.flags & InstFlag.EXTENDED) != 0 if isExtended: # Since there's a second and/or a third mnemonic, use the the InstInfoEx structure. type = "_InstInfoEx" flagsEx = 0 # Fix flagsEx to have the VEX flags, except PRE_VEX. if ii.flags & InstFlag.PRE_VEX: flagsEx = ii.flags >> InstFlag.FLAGS_EX_START_INDEX # If there's a third operand, use it, otherwise NONE. op3 = [OperandType.NONE, ops[2]][(ii.flags & InstFlag.USE_OP3) == InstFlag.USE_OP3] op4 = [OperandType.NONE, ops[3]][(ii.flags & InstFlag.USE_OP4) == InstFlag.USE_OP4] if flagsEx >= 256: # Assert the size of flagsEx is enough to holds this value. raise Exception("FlagsEx exceeded its 8 bits. Change flagsEx of _InstInfoEx to be uint16!") # Concat the mnemonics and the third operand. optFields = ", 0x%x, %d, %d, %d, %d" % (flagsEx, op3, op4, mnems[1], mnems[2]) # Notice we filter out internal bits from flags. flags = ii.flags & ((1 << InstFlag.FLAGS_EX_START_INDEX)-1) # Allocate a slot for this flag if needed. if flags not in flagsDict: flagsDict[flags] = len(flagsDict) # Get the flags-index. flagsIndex = flagsDict[flags] if flagsIndex >= 256: raise Exception("FlagsIndex exceeded its 8 bits. Change flags of _InstInfo to be uint16!") # InstSharedInfo: sharedInfo = (flagsIndex, ops[1], ops[0], (ii.classType << 3) | ii.flowControl, ii.modifiedFlags, ii.testedFlags, ii.undefinedFlags) if sharedInfo not in sharedInfoDict: sharedInfoDict[sharedInfo] = len(sharedInfoDict) # Get the shared-info-index. sharedInfoIndex = sharedInfoDict[sharedInfo] if sharedInfoIndex >= 2**16: raise Exception("SharedInfoIndex exceeded its 16 bits. Change type of sharedInfoIndex in _InstInfo!") fields = "0x%x, %d" % (sharedInfoIndex, mnems[0]) if (ii.flags & InstFlag.EXTENDED): fields = "{%s}" % fields # Extra parentheses for sub structure in case it's InstInfoEx. # "Structure-Name" = II_Bytes-Code {Fields + Optional-Fields}. return ("\t/*II%s*/ {%s%s}" % (ii.tag, fields, optFields), (ii.flags & InstFlag.EXTENDED) != 0) def FilterTable(table): # All tables must go to output. return True def GeneratePseudoMnemonicOffsets(): """ Generate the static offset tables for psuedo compare instructions both for SSE and AVX. The table is built in such a way that each cell holds the offset from the first pseudo mnemonic to the indexed one. """ # Lengths of pesudo mnemonics (SSE=CMPxxxYY + null + lengthByte) lengths = list(map(lambda x: 3 + len(x) + 2 + 2, SSECmpTypes)) s = "uint16_t CmpMnemonicOffsets[8] = {\n" + ", ".join([str(sum(lengths[:i] or [0])) for i in range(len(lengths))]) + "\n};\n"; # (AVX=VCMPxxxYY + null + lengthByte). lengths = list(map(lambda x: 4 + len(x) + 2 + 2, AVXCmpTypes)) s += "uint16_t VCmpMnemonicOffsets[32] = {\n" + ", ".join([str(sum(lengths[:i] or [0])) for i in range(len(lengths))]) + "\n};"; return s def CreateTables(db): """ This is the new tables generator code as for May 2011. Its purpose is to return all tables and structures ready to use at once by diStorm. The information is divided into 3 categories (arrays): 1) The InstructionsTree root table, which holds all id's (InstNode) and refelects a tree, inside a flat array. 2) The InstInfos table, which holds all Instruction-Information structures - the actual (basic) info per instruction. 3) The InstInfosEx table, which holds all extended Instruction-Information structures. Each array should be flat one defined only once. This means that we need to serialize all instruction-set tables into a single table of pointers, kinda. This pointer is now a InstNode, which is really a 16 bits structure. The low 13 bits are an index. The upper 3 bits are the type of what the index points to. So basically, an index can be up to 8192 which is good enough as for now, cause we only have around ~5k entries in the tree. However, it can be an index into the InstInfos or InstInfosEx tables, depends on the type. A note from Feb 2007 - This new data layout in contrast with the old data layout saves more memory space (~12KB). This new serialization should even save around 25kb! Because now we don't use real pointers anymore, only this tiny formatted InstNode. The new method uses the last method, but instead of dividing the tree into many id's and pointer's tables, it will now concatenate them all into the relevant tables. And instead of a real pointer to an Instruction-Information structure, we will use an index into each table. For example, say we have the following instructions table (byte code and mnemonic): 0 - AND 1 - XOR 2 - OR 3 - EMPTY (NO-INSTRUCTION-IS-ENCODED) 4 - EMPTY 5 - SHL 6 - SHR 7 - EMPTY Old Documentation: ------------------ So instead of generating the following old data layout: {&II_00, &II_01, &II_02, NULL, NULL, &II_05, &II_06, NULL} (Actually the old layout is a bit more complicated and consumes another byte for indicating the type of node.) Anyways, we can generate the follow table: {1, 2, 3, 0, 0, 4, 5, 0} This time the table is in bytes, a byte is enough to index 256 instructions (which is a Full sized table). However, an id's table is not enough, we need another table, the pointers table, which will look like this (following the above example): {NULL, &II_00, &II_01, &II_02, &II_05, &II_06} Note that if there are no EMPTY instructions in the table the first NULL entry will be omitted! Assuming most of the space we managed to spare goes for telling diStorm "hey, this instruction is not encoded", we spared around 12KB. So all empty instructions points to the same first entry inside its corresponding pointers table. This way we pay another array of bytes for each table, but eliminate all NULL's. So the actual node looks something like this: {8, &table_00_ids, &table_00_pointers} Which costs another dereference inside diStorm decoder. New Documentation: ------------------ As you can see, I did a pass back in 2007 to spare some empty entries in the tables. But I kept using real pointers, which took lots of space. This time, I am going to use a flat array which will represent the whole tree. And combine all data into arrays, and spare even the old InstNode which was a small structure that says what's the type of the table it points to. This type stuff will now be embedded inside the InstNode integer. The new tables look like this (according to the above example): InstInfo InstInfos[] = { {AND info...}, {XOR info...}, {OR info...}, {SHL info...}, {SHR info...} }; And another InstNodes table: InstNode InstructionsTree[] = { 0 | INSTINFO << 13, 1 | INSTINFO << 13, 2 | INSTINFO << 13, -1, -1, 3 | INSTINFO << 13, 4 | INSTINFO << 13, -1, }; The example happened to be a single table. But suppose there's another index which points to another table in the tree, it would look like: {TableIndexInInstructionsTree | TABLE << 13} This way we know to read another byte and follow the next table... :!:NOTE:!: You MUST iterate a table with GenBlock wrapper, otherwise you might NOT get all instructions from the DB! Refer to x86db.py-class GenBlock for more information. """ indexShift = 13 # According to InstNode in instructions.h. InstInfos = [] InstInfosEx = [] InstructionsTree = [] externTables = [] nextTableIndex = 256 # Root tree takes 256 nodes by default, so skip them. # Out value to return mnemonicsIds = {} # mnemonic : offset to mnemonics table of strings. # Scan all tables in the DB. for x in db.GenerateTables(FilterTable): # Don't make static definitions for specific exported tables. if x.tag in ["_0F_0F", "_0F", "_0F_3A", "_0F_38"]: # Store the index of these special tables, they are used directly in instructions.c. externTables.append((x.tag, len(InstructionsTree))) # Notice we use GenBlock for the special instructions, this is a must, otherwise we miss instructions from the DB. for i in x86db.GenBlock(x): if isinstance(i, x86db.InstructionInfo): formattedII, isExtended = FormatInstruction(i, mnemonicsIds) if isExtended: InstInfosEx.append(formattedII) index = len(InstInfosEx) - 1 InstructionsTree.append((NodeType.INFOEX << indexShift | index, i.tag)) else: InstInfos.append(formattedII) index = len(InstInfos) - 1 InstructionsTree.append((NodeType.INFO << indexShift | index, i.tag)) elif isinstance(i, x86db.InstructionsTable): InstructionsTree.append(((i.type << indexShift) | nextTableIndex, i.tag)) nextTableIndex += i.size # This assumes we walk on the instructions tables in BFS order! else: # False indicates this entry points nothing. InstructionsTree.append((0, "")) s = ["\n".join(["_InstInfo II_%s =%s;" % (i.mnemonics[0] if i.mnemonics[0][0] != '_' else i.mnemonics[0][1:], FormatInstruction(i, mnemonicsIds)[0]) for i in db.getExportedInstructions()]), "_iflags FlagsTable[%d] = {\n%s\n};" % (len(flagsDict), ",\n".join(["0x%x" % i[1] for i in sorted(zip(flagsDict.values(), flagsDict.keys()))])), "\n".join(["_InstNode Table%s = %d;" % (i[0], i[1]) for i in externTables]), "_InstInfo InstInfos[%d] = {\n%s\n};" % (len(InstInfos), ",\n".join(InstInfos)), "_InstInfoEx InstInfosEx[%d] = {\n%s\n};" % (len(InstInfosEx), ",\n".join(InstInfosEx)), "_InstNode InstructionsTree[%d] = {\n%s\n};" % (len(InstructionsTree), ",\n".join(["/* %x - %s */ %s" % (i[0], i[1][1], "0" if i[1][0] == 0 else "0x%x" % i[1][0]) for i in enumerate(InstructionsTree)])), # sharedInfoDict must be evaluated last, since the exported instructions above add items to it! "_InstSharedInfo InstSharedInfoTable[%d] = {\n%s\n};" % (len(sharedInfoDict), ",\n".join(["{%s}" % str(i[1])[1:-1] for i in sorted(zip(sharedInfoDict.values(), sharedInfoDict.keys()))])), GeneratePseudoMnemonicOffsets()] return (mnemonicsIds, "\n\n".join(s)) distorm-3.4.1/disOps/x86header.py000066400000000000000000000133721340425302400166140ustar00rootroot00000000000000# # x86header.py # # Copyright (C) 2009 Gil Dabah, http://ragestorm.net/disops/ # class OperandType: """ Types of possible operands in an opcode. Refer to the diStorm's documentation or diStorm's instructions.h for more explanation about every one of them. """ (NONE, IMM8, IMM16, IMM_FULL, IMM32, SEIMM8, IMM16_1, # NEW IMM8_1, # NEW IMM8_2, # NEW REG8, REG16, REG_FULL, REG32, REG32_64, FREG32_64_RM, RM8, RM16, RM_FULL, RM32_64, RM16_32, FPUM16, FPUM32, FPUM64, FPUM80, R32_M8, R32_M16, R32_64_M8, R32_64_M16, RFULL_M16, CREG, DREG, SREG, SEG, ACC8, ACC16, ACC_FULL, ACC_FULL_NOT64, MEM16_FULL, PTR16_FULL, MEM16_3264, RELCB, RELC_FULL, MEM, MEM_OPT, # NEW MEM32, MEM32_64, # NEW MEM64, MEM128, MEM64_128, MOFFS8, MOFFS_FULL, CONST1, REGCL, IB_RB, IB_R_FULL, REGI_ESI, REGI_EDI, REGI_EBXAL, REGI_EAX, REGDX, REGECX, FPU_SI, FPU_SSI, FPU_SIS, MM, MM_RM, MM32, MM64, XMM, XMM_RM, XMM16, XMM32, XMM64, XMM128, REGXMM0, # Below new for AVX: RM32, REG32_64_M8, REG32_64_M16, WREG32_64, WRM32_64, WXMM32_64, VXMM, XMM_IMM, YXMM, YXMM_IMM, YMM, YMM256, VYMM, VYXMM, YXMM64_256, YXMM128_256, LXMM64_128, LMEM128_256) = range(93) class OpcodeLength: """ The length of the opcode in bytes. Where a suffix of '3' means we have to read the REG field of the ModR/M byte (REG size is 3 bits). Suffix of 'd' means it's a Divided instruction (see documentation), tells the disassembler to read the REG field or the whole next byte. OL_33 and OL_4 are used in raw opcode bytes, they include the mandatory prefix, therefore when they are defined in the instruction tables, the mandatory prefix table is added, and they become OL_23 and OL_3 correspondingly. There is no effective opcode which is more than 3 bytes. """ (OL_1, # 0 OL_13, # 1 OL_1d, # 2 - Can be prefixed (only by WAIT/9b) OL_2, # 3 - Can be prefixed OL_23, # 4 - Can be prefixed OL_2d, # 5 OL_3, # 6 - Can be prefixed OL_33, # 7 - Internal only OL_4 # 8 - Internal only ) = range(9) """ Next-Opcode-Length dictionary is used in order to recursively build the instructions' tables dynamically. It is used in such a way that it indicates how many more nested tables we have to build and link starting from a given OL. """ NextOL = {OL_13: OL_1, OL_1d: OL_1, OL_2: OL_1, OL_23: OL_13, OL_2d: OL_1d, OL_3: OL_2, OL_33: OL_23, OL_4: OL_3} class InstFlag: """ Instruction Flag contains all bit mask constants for describing an instruction. You can bitwise-or the flags. See diStorm's documentation for more explanation. The GEN_BLOCK is a special flag, it is used in the tables generator only; See GenBlock class inside x86db.py. """ FLAGS_EX_START_INDEX = 32 INST_FLAGS_NONE = 0 (MODRM_REQUIRED, # 0 NOT_DIVIDED, # 1 _16BITS, # 2 _32BITS, # 3 PRE_LOCK, # 4 PRE_REPNZ, # 5 PRE_REP, # 6 PRE_CS, # 7 PRE_SS, # 8 PRE_DS, # 9 PRE_ES, # 10 PRE_FS, # 11 PRE_GS, # 12 PRE_OP_SIZE, # 13 PRE_ADDR_SIZE, # 14 NATIVE, # 15 USE_EXMNEMONIC, # 16 USE_OP3, # 17 USE_OP4, # 18 MNEMONIC_MODRM_BASED, # 19 MODRR_REQUIRED, # 20 _3DNOW_FETCH, # 21 PSEUDO_OPCODE, # 22 INVALID_64BITS, # 23 _64BITS, # 24 PRE_REX, # 25 USE_EXMNEMONIC2, # 26 _64BITS_FETCH, # 27 FORCE_REG0, # 28 PRE_VEX, # 29 MODRM_INCLUDED, # 30 DST_WR, # 31 VEX_L, # 32 From here on: flagsEx. VEX_W, # 33 MNEMONIC_VEXW_BASED, # 34 MNEMONIC_VEXL_BASED, # 35 FORCE_VEXL, # 36 MODRR_BASED, # 37 VEX_V_UNUSED, # 38 GEN_BLOCK, # 39 From here on: internal to disOps. EXPORTED # 40 ) = [1 << i for i in range(41)] # Nodes are extended if they have any of the following flags: EXTENDED = (PRE_VEX | USE_EXMNEMONIC | USE_EXMNEMONIC2 | USE_OP3 | USE_OP4) SEGMENTS = (PRE_CS | PRE_SS | PRE_DS | PRE_ES | PRE_FS | PRE_FS) class ISetClass: """ Instruction-Set-Class indicates to which set the instruction belongs. These types are taken from the documentation of Intel/AMD. """ (INTEGER, FPU, P6, MMX, SSE, SSE2, SSE3, SSSE3, SSE4_1, SSE4_2, SSE4_A, _3DNOW, _3DNOWEXT, VMX, SVM, AVX, FMA, CLMUL, AES) = range(1, 20) class FlowControl: """ The flow control instruction will be flagged in the lo nibble of the 'meta' field in _InstInfo of diStorm. They are used to distinguish between flow control instructions (such as: ret, call, jmp, jz, etc) to normal ones. """ (CALL, RET, SYS, UNC_BRANCH, CND_BRANCH, INT, CMOV) = range(1, 8) class NodeType: """ A node can really be an object holder for an instruction-info object or another table (list) with a different size. GROUP - 8 entries in the table FULL - 256 entries in the table. Divided - 72 entries in the table (ranges: 0x0-0x7, 0xc0-0xff). Prefixed - 12 entries in the table (none, 0x66, 0xf2, 0xf3). """ (NONE, # 0 INFO, # 1 INFOEX, # 2 LIST_GROUP, # 3 LIST_FULL, # 4 LIST_DIVIDED, # 5 LIST_PREFIXED # 6 ) = range(0, 7) class CPUFlags: """ Specifies all the flags that the x86/x64 CPU supports, in a special compact order. """ (CF, # 0 IF, # 1 PF, # 2 DF, # 3 AF, # 4 OF, # 5 ZF, # 6 SF # 7 ) = [1 << i for i in range(8)] distorm-3.4.1/disOps/x86sets.py000066400000000000000000004171521340425302400163460ustar00rootroot00000000000000# # x86sets.py # # Copyright (C) 2009 Gil Dabah, http://ragestorm.net/disops/ # from x86header import * OPT = OperandType IFlag = InstFlag class Instructions: """ Initializes all instruction of the 80x86 CPU (includes AMD64). """ def init_INTEGER(self): Set = lambda *args: self.SetCallback(ISetClass.INTEGER, *args) # V 1.5.13 - Pushes can be affected by operand size prefix. Segment is encoded in flags. # SAL is exactly like SHL, so I prefer to use the mnemonic "SHL" (below). Set("00", ["ADD"], [OPT.RM8, OPT.REG8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("01", ["ADD"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("02", ["ADD"], [OPT.REG8, OPT.RM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("03", ["ADD"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("04", ["ADD"], [OPT.ACC8, OPT.IMM8], IFlag.INST_FLAGS_NONE) Set("05", ["ADD"], [OPT.ACC_FULL, OPT.IMM_FULL], IFlag.INST_FLAGS_NONE) Set("06", ["PUSH"], [OPT.SEG], IFlag.PRE_ES | IFlag.INVALID_64BITS) Set("07", ["POP"], [OPT.SEG], IFlag.PRE_ES | IFlag.INVALID_64BITS) Set("08", ["OR"], [OPT.RM8, OPT.REG8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("09", ["OR"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("0a", ["OR"], [OPT.REG8, OPT.RM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("0b", ["OR"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("0c", ["OR"], [OPT.ACC8, OPT.IMM8], IFlag.INST_FLAGS_NONE) Set("0d", ["OR"], [OPT.ACC_FULL, OPT.IMM_FULL], IFlag.INST_FLAGS_NONE) Set("0e", ["PUSH"], [OPT.SEG], IFlag.PRE_CS | IFlag.INVALID_64BITS) Set("0f, 00 /00", ["SLDT"], [OPT.RM_FULL], IFlag.MODRM_REQUIRED) Set("0f, 00 /01", ["STR"], [OPT.RM16], IFlag.MODRM_REQUIRED) Set("0f, 00 /02", ["LLDT"], [OPT.RM16], IFlag.MODRM_REQUIRED) Set("0f, 00 /03", ["LTR"], [OPT.RM16], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 00 /04", ["VERR"], [OPT.RM16], IFlag.MODRM_REQUIRED) Set("0f, 00 /05", ["VERW"], [OPT.RM16], IFlag.MODRM_REQUIRED) Set("0f, 01 //00", ["SGDT"], [OPT.MEM16_3264], IFlag.MODRM_REQUIRED | IFlag._64BITS) Set("0f, 01 //01", ["SIDT"], [OPT.MEM16_3264], IFlag.MODRM_REQUIRED | IFlag._64BITS) Set("0f, 01 //02", ["LGDT"], [OPT.MEM16_3264], IFlag.MODRM_REQUIRED | IFlag._64BITS) Set("0f, 01 //03", ["LIDT"], [OPT.MEM16_3264], IFlag.MODRM_REQUIRED | IFlag._64BITS) # These two instructions need the whole byte, means they use the whole third byte and are NOT divided. # We'll recognize them by their 3 REG bits in their third byte. Set("0f, 01 //04", ["SMSW"], [OPT.RFULL_M16], IFlag.MODRM_REQUIRED | IFlag.NOT_DIVIDED) Set("0f, 01 //06", ["LMSW"], [OPT.RM16], IFlag.MODRM_REQUIRED | IFlag.NOT_DIVIDED) Set("0f, 01 //07", ["INVLPG"], [OPT.MEM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 01 //c8", ["MONITOR"], [], IFlag._32BITS) Set("0f, 01 //c9", ["MWAIT"], [], IFlag._32BITS) Set("0f, 01 //f8", ["SWAPGS"], [], IFlag._64BITS_FETCH) Set("0f, 01 //f9", ["RDTSCP"], [], IFlag._64BITS_FETCH) Set("0f, 02", ["LAR"], [OPT.REG_FULL, OPT.RM16], IFlag.MODRM_REQUIRED) Set("0f, 03", ["LSL"], [OPT.REG_FULL, OPT.RM16], IFlag.MODRM_REQUIRED) Set("0f, 06", ["CLTS"], [], IFlag._32BITS) Set("0f, 08", ["INVD"], [], IFlag._32BITS) Set("0f, 09", ["WBINVD"], [], IFlag._32BITS) Set("0f, 0b", ["UD2"], [], IFlag._32BITS) # MOV: In 64 bits decoding mode REG is 64 bits by default. Set("0f, 20", ["MOV"], [OPT.FREG32_64_RM, OPT.CREG], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS) Set("0f, 21", ["MOV"], [OPT.FREG32_64_RM, OPT.DREG], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS) Set("0f, 22", ["MOV"], [OPT.CREG, OPT.FREG32_64_RM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS) Set("0f, 23", ["MOV"], [OPT.DREG, OPT.FREG32_64_RM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS) Set("0f, 30", ["WRMSR"], [], IFlag._32BITS) Set("0f, 31", ["RDTSC"], [], IFlag._32BITS) Set("0f, 32", ["RDMSR"], [], IFlag._32BITS) Set("0f, 33", ["RDPMC"], [], IFlag._32BITS) Set("0f, 80", ["JO"], [OPT.RELC_FULL], IFlag._32BITS) Set("0f, 81", ["JNO"], [OPT.RELC_FULL], IFlag._32BITS) Set("0f, 82", ["JB"], [OPT.RELC_FULL], IFlag._32BITS) Set("0f, 83", ["JAE"], [OPT.RELC_FULL], IFlag._32BITS) Set("0f, 84", ["JZ"], [OPT.RELC_FULL], IFlag._32BITS) Set("0f, 85", ["JNZ"], [OPT.RELC_FULL], IFlag._32BITS) Set("0f, 86", ["JBE"], [OPT.RELC_FULL], IFlag._32BITS) Set("0f, 87", ["JA"], [OPT.RELC_FULL], IFlag._32BITS) Set("0f, 88", ["JS"], [OPT.RELC_FULL], IFlag._32BITS) Set("0f, 89", ["JNS"], [OPT.RELC_FULL], IFlag._32BITS) Set("0f, 8a", ["JP"], [OPT.RELC_FULL], IFlag._32BITS) Set("0f, 8b", ["JNP"], [OPT.RELC_FULL], IFlag._32BITS) Set("0f, 8c", ["JL"], [OPT.RELC_FULL], IFlag._32BITS) Set("0f, 8d", ["JGE"], [OPT.RELC_FULL], IFlag._32BITS) Set("0f, 8e", ["JLE"], [OPT.RELC_FULL], IFlag._32BITS) Set("0f, 8f", ["JG"], [OPT.RELC_FULL], IFlag._32BITS) Set("0f, 90", ["SETO"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 91", ["SETNO"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 92", ["SETB"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 93", ["SETAE"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 94", ["SETZ"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 95", ["SETNZ"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 96", ["SETBE"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 97", ["SETA"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 98", ["SETS"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 99", ["SETNS"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 9a", ["SETP"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 9b", ["SETNP"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 9c", ["SETL"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 9d", ["SETGE"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 9e", ["SETLE"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 9f", ["SETG"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, a0", ["PUSH"], [OPT.SEG], IFlag._32BITS | IFlag.PRE_FS | IFlag._64BITS) Set("0f, a1", ["POP"], [OPT.SEG], IFlag._32BITS | IFlag.PRE_FS | IFlag._64BITS) Set("0f, a2", ["CPUID"], [], IFlag._32BITS) Set("0f, a3", ["BT"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, a4", ["SHLD"], [OPT.RM_FULL, OPT.REG_FULL, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, a5", ["SHLD"], [OPT.RM_FULL, OPT.REG_FULL, OPT.REGCL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, a8", ["PUSH"], [OPT.SEG], IFlag._32BITS | IFlag.PRE_GS | IFlag._64BITS) Set("0f, a9", ["POP"], [OPT.SEG], IFlag._32BITS | IFlag.PRE_GS | IFlag._64BITS) Set("0f, aa", ["RSM"], [], IFlag._32BITS) Set("0f, ab", ["BTS"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_LOCK) Set("0f, ac", ["SHRD"], [OPT.RM_FULL, OPT.REG_FULL, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, ad", ["SHRD"], [OPT.RM_FULL, OPT.REG_FULL, OPT.REGCL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, ae /00", ["FXSAVE", "", "FXSAVE64"], [OPT.MEM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX | IFlag.USE_EXMNEMONIC2) Set("0f, ae /01", ["FXRSTOR", "", "FXRSTOR64"], [OPT.MEM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX | IFlag.USE_EXMNEMONIC2) Set("0f, ae /02", ["LDMXCSR"], [OPT.MEM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, ae /03", ["STMXCSR"], [OPT.MEM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) # MFENCE and XSAVEOPT share the same opcode 0f ae /6. It's MFENCE when MOD=11, else XSAVEOPT or XSAVEOPT64 in 64. Set("0f, ae /06", ["MFENCE", "XSAVEOPT", "XSAVEOPT64"], [OPT.MEM_OPT], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.USE_EXMNEMONIC | IFlag.MNEMONIC_MODRM_BASED | IFlag._64BITS | IFlag.PRE_REX | IFlag.USE_EXMNEMONIC2) # SFENCE and CLFLUSH share the same opcode 0f ae /7. It's SFENCE when MOD=11, else CLFLUSH. # But the operand is used only for CLFLUSH, which means it's optional. MOD=11 for first mnemonic. Set("0f, ae /07", ["SFENCE", "CLFLUSH"], [OPT.MEM_OPT], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.USE_EXMNEMONIC | IFlag.MNEMONIC_MODRM_BASED) # Same for LFENCE and XRSTOR with 0f ae /5. Set("0f, ae /05", ["LFENCE", "XRSTOR", "XRSTOR64"], [OPT.MEM_OPT], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.USE_EXMNEMONIC | IFlag.MNEMONIC_MODRM_BASED | IFlag._64BITS | IFlag.PRE_REX | IFlag.USE_EXMNEMONIC2) Set("0f, af", ["IMUL"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, b0", ["CMPXCHG"], [OPT.RM8, OPT.REG8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_LOCK) Set("0f, b1", ["CMPXCHG"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_LOCK) Set("0f, b2", ["LSS"], [OPT.REG_FULL, OPT.MEM16_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX) Set("0f, b3", ["BTR"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_LOCK) Set("0f, b4", ["LFS"], [OPT.REG_FULL, OPT.MEM16_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX) Set("0f, b5", ["LGS"], [OPT.REG_FULL, OPT.MEM16_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX) Set("0f, b6", ["MOVZX"], [OPT.REG_FULL, OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, b7", ["MOVZX"], [OPT.REG_FULL, OPT.RM16], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX) Set("0f, b9", ["UD2"], [], IFlag._32BITS) Set("0f, ba /04", ["BT"], [OPT.RM_FULL, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, ba /05", ["BTS"], [OPT.RM_FULL, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_LOCK) Set("0f, ba /06", ["BTR"], [OPT.RM_FULL, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_LOCK) Set("0f, ba /07", ["BTC"], [OPT.RM_FULL, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_LOCK) Set("0f, bb", ["BTC"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_LOCK) Set("0f, bc", ["BSF"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, bd", ["BSR"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) # V 1.1.6 MOVSX/MOVZX now support 16bits regs. Set("0f, be", ["MOVSX"], [OPT.REG_FULL, OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, bf", ["MOVSX"], [OPT.REG_FULL, OPT.RM16], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX) Set("0f, c0", ["XADD"], [OPT.RM8, OPT.REG8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_LOCK) Set("0f, c1", ["XADD"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_LOCK) Set("0f, c7 /01", ["CMPXCHG8B", "", "CMPXCHG16B"], [OPT.MEM64_128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_LOCK | IFlag._64BITS | IFlag.PRE_REX | IFlag.USE_EXMNEMONIC2) Set("0f, c8", ["BSWAP"], [OPT.IB_R_FULL], IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX | IFlag.GEN_BLOCK) Set("10", ["ADC"], [OPT.RM8, OPT.REG8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("11", ["ADC"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("12", ["ADC"], [OPT.REG8, OPT.RM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("13", ["ADC"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("14", ["ADC"], [OPT.ACC8, OPT.IMM8], IFlag.INST_FLAGS_NONE) Set("15", ["ADC"], [OPT.ACC_FULL, OPT.IMM_FULL], IFlag.INST_FLAGS_NONE) Set("16", ["PUSH"], [OPT.SEG], IFlag.PRE_SS | IFlag.INVALID_64BITS) Set("17", ["POP"], [OPT.SEG], IFlag.PRE_SS | IFlag.INVALID_64BITS) Set("18", ["SBB"], [OPT.RM8, OPT.REG8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("19", ["SBB"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("1a", ["SBB"], [OPT.REG8, OPT.RM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("1b", ["SBB"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("1c", ["SBB"], [OPT.ACC8, OPT.IMM8], IFlag.INST_FLAGS_NONE) Set("1d", ["SBB"], [OPT.ACC_FULL, OPT.IMM_FULL], IFlag.INST_FLAGS_NONE) Set("1e", ["PUSH"], [OPT.SEG], IFlag.PRE_DS | IFlag.INVALID_64BITS) Set("1f", ["POP"], [OPT.SEG], IFlag.PRE_DS | IFlag.INVALID_64BITS) Set("20", ["AND"], [OPT.RM8, OPT.REG8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("21", ["AND"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("22", ["AND"], [OPT.REG8, OPT.RM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("23", ["AND"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("24", ["AND"], [OPT.ACC8, OPT.IMM8], IFlag.INST_FLAGS_NONE) Set("25", ["AND"], [OPT.ACC_FULL, OPT.IMM_FULL], IFlag.INST_FLAGS_NONE) Set("27", ["DAA"], [], IFlag.INVALID_64BITS) Set("28", ["SUB"], [OPT.RM8, OPT.REG8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("29", ["SUB"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("2a", ["SUB"], [OPT.REG8, OPT.RM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("2b", ["SUB"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("2c", ["SUB"], [OPT.ACC8, OPT.IMM8], IFlag.INST_FLAGS_NONE) Set("2d", ["SUB"], [OPT.ACC_FULL, OPT.IMM_FULL], IFlag.INST_FLAGS_NONE) Set("2f", ["DAS"], [], IFlag.INVALID_64BITS) Set("30", ["XOR"], [OPT.RM8, OPT.REG8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("31", ["XOR"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("32", ["XOR"], [OPT.REG8, OPT.RM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("33", ["XOR"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("34", ["XOR"], [OPT.ACC8, OPT.IMM8], IFlag.INST_FLAGS_NONE) Set("35", ["XOR"], [OPT.ACC_FULL, OPT.IMM_FULL], IFlag.INST_FLAGS_NONE) Set("37", ["AAA"], [], IFlag.INVALID_64BITS) Set("38", ["CMP"], [OPT.RM8, OPT.REG8], IFlag.MODRM_REQUIRED) Set("39", ["CMP"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED) Set("3a", ["CMP"], [OPT.REG8, OPT.RM8], IFlag.MODRM_REQUIRED) Set("3b", ["CMP"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED) Set("3c", ["CMP"], [OPT.ACC8, OPT.IMM8], IFlag.INST_FLAGS_NONE) Set("3d", ["CMP"], [OPT.ACC_FULL, OPT.IMM_FULL], IFlag.INST_FLAGS_NONE) Set("3f", ["AAS"], [], IFlag.INVALID_64BITS) Set("40", ["INC"], [OPT.IB_R_FULL], IFlag.INVALID_64BITS | IFlag.GEN_BLOCK) Set("48", ["DEC"], [OPT.IB_R_FULL], IFlag.INVALID_64BITS | IFlag.GEN_BLOCK) Set("50", ["PUSH"], [OPT.IB_R_FULL], IFlag._64BITS | IFlag.GEN_BLOCK) Set("58", ["POP"], [OPT.IB_R_FULL], IFlag._64BITS | IFlag.GEN_BLOCK) Set("60", ["PUSHA"], [], IFlag.NATIVE | IFlag.INVALID_64BITS) Set("61", ["POPA"], [], IFlag.NATIVE | IFlag.INVALID_64BITS) Set("62", ["BOUND"], [OPT.REG_FULL, OPT.MEM], IFlag.MODRM_REQUIRED | IFlag.INVALID_64BITS) Set("68", ["PUSH"], [OPT.IMM_FULL], IFlag._64BITS) Set("69", ["IMUL"], [OPT.REG_FULL, OPT.RM_FULL, OPT.IMM_FULL], IFlag.MODRM_REQUIRED) Set("6a", ["PUSH"], [OPT.SEIMM8], IFlag.PRE_OP_SIZE | IFlag._64BITS) Set("6b", ["IMUL"], [OPT.REG_FULL, OPT.RM_FULL, OPT.SEIMM8], IFlag.MODRM_REQUIRED) # V 1.5.14 - String instructions aren't supposed to be promoted automatically in 64bits, only with a REX prefix. # In 64 bits INS/OUTS still supports only 8/16/32 bits. Set("6c", ["INS"], [OPT.REGI_EDI, OPT.REGDX], IFlag.PRE_REPNZ | IFlag.PRE_REP) # 8 bit. Set("6d", ["INS"], [OPT.REGI_EDI, OPT.REGDX], IFlag._16BITS | IFlag.PRE_REPNZ | IFlag.PRE_REP) # Full size. Set("6e", ["OUTS"], [OPT.REGDX, OPT.REGI_ESI], IFlag.PRE_REPNZ | IFlag.PRE_REP) # 8 bit. Set("6f", ["OUTS"], [OPT.REGDX, OPT.REGI_ESI], IFlag._16BITS | IFlag.PRE_REPNZ | IFlag.PRE_REP) # Full size. Set("70", ["JO"], [OPT.RELCB], IFlag._64BITS) Set("71", ["JNO"], [OPT.RELCB], IFlag._64BITS) Set("72", ["JB"], [OPT.RELCB], IFlag._64BITS) Set("73", ["JAE"], [OPT.RELCB], IFlag._64BITS) Set("74", ["JZ"], [OPT.RELCB], IFlag._64BITS) Set("75", ["JNZ"], [OPT.RELCB], IFlag._64BITS) Set("76", ["JBE"], [OPT.RELCB], IFlag._64BITS) Set("77", ["JA"], [OPT.RELCB], IFlag._64BITS) Set("78", ["JS"], [OPT.RELCB], IFlag._64BITS) Set("79", ["JNS"], [OPT.RELCB], IFlag._64BITS) Set("7a", ["JP"], [OPT.RELCB], IFlag._64BITS) Set("7b", ["JNP"], [OPT.RELCB], IFlag._64BITS) Set("7c", ["JL"], [OPT.RELCB], IFlag._64BITS) Set("7d", ["JGE"], [OPT.RELCB], IFlag._64BITS) Set("7e", ["JLE"], [OPT.RELCB], IFlag._64BITS) Set("7f", ["JG"], [OPT.RELCB], IFlag._64BITS) Set("80 /00", ["ADD"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("80 /01", ["OR"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("80 /02", ["ADC"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("80 /03", ["SBB"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("80 /04", ["AND"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("80 /05", ["SUB"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("80 /06", ["XOR"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("80 /07", ["CMP"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("81 /00", ["ADD"], [OPT.RM_FULL, OPT.IMM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("81 /01", ["OR"], [OPT.RM_FULL, OPT.IMM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("81 /02", ["ADC"], [OPT.RM_FULL, OPT.IMM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("81 /03", ["SBB"], [OPT.RM_FULL, OPT.IMM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("81 /04", ["AND"], [OPT.RM_FULL, OPT.IMM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("81 /05", ["SUB"], [OPT.RM_FULL, OPT.IMM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("81 /06", ["XOR"], [OPT.RM_FULL, OPT.IMM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("81 /07", ["CMP"], [OPT.RM_FULL, OPT.IMM_FULL], IFlag.MODRM_REQUIRED) Set("82 /00", ["ADD"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK | IFlag.INVALID_64BITS) Set("82 /01", ["OR"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK | IFlag.INVALID_64BITS) Set("82 /02", ["ADC"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK | IFlag.INVALID_64BITS) Set("82 /03", ["SBB"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK | IFlag.INVALID_64BITS) Set("82 /04", ["AND"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK | IFlag.INVALID_64BITS) Set("82 /05", ["SUB"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK | IFlag.INVALID_64BITS) Set("82 /06", ["XOR"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK | IFlag.INVALID_64BITS) Set("82 /07", ["CMP"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag.INVALID_64BITS) Set("83 /00", ["ADD"], [OPT.RM_FULL, OPT.SEIMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("83 /01", ["OR"], [OPT.RM_FULL, OPT.SEIMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_LOCK) Set("83 /02", ["ADC"], [OPT.RM_FULL, OPT.SEIMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("83 /03", ["SBB"], [OPT.RM_FULL, OPT.SEIMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("83 /04", ["AND"], [OPT.RM_FULL, OPT.SEIMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_LOCK) Set("83 /05", ["SUB"], [OPT.RM_FULL, OPT.SEIMM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("83 /06", ["XOR"], [OPT.RM_FULL, OPT.SEIMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_LOCK) Set("83 /07", ["CMP"], [OPT.RM_FULL, OPT.SEIMM8], IFlag.MODRM_REQUIRED) Set("84", ["TEST"], [OPT.RM8, OPT.REG8], IFlag.MODRM_REQUIRED) Set("85", ["TEST"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED) Set("86", ["XCHG"], [OPT.RM8, OPT.REG8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("87", ["XCHG"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("88", ["MOV"], [OPT.RM8, OPT.REG8], IFlag.MODRM_REQUIRED) Set("89", ["MOV"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED) Set("8a", ["MOV"], [OPT.REG8, OPT.RM8], IFlag.MODRM_REQUIRED) Set("8b", ["MOV"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED) Set("8c", ["MOV"], [OPT.RFULL_M16, OPT.SREG], IFlag.MODRM_REQUIRED) Set("8d", ["LEA"], [OPT.REG_FULL, OPT.MEM], IFlag.MODRM_REQUIRED) Set("8e", ["MOV"], [OPT.SREG, OPT.RFULL_M16], IFlag.MODRM_REQUIRED) Set("8f /00", ["POP"], [OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._64BITS) # V 1.7.28 - NOP in 64bits can be prefixed by REX - # Therefore 0x90 in 16/32 bits is NOP. 0x90 with REX base is an XCHG. All else are NOP. Set("90", ["XCHG"], [OPT.IB_R_FULL, OPT.ACC_FULL], IFlag.INST_FLAGS_NONE) # V 1.7.24 - New instruction multi-byte NOP. Set("0f, 1f", ["NOP"], [OPT.RM_FULL], IFlag.MODRM_REQUIRED) Set("91", ["XCHG"], [OPT.IB_R_FULL, OPT.ACC_FULL], IFlag.INST_FLAGS_NONE) Set("92", ["XCHG"], [OPT.IB_R_FULL, OPT.ACC_FULL], IFlag.INST_FLAGS_NONE) Set("93", ["XCHG"], [OPT.IB_R_FULL, OPT.ACC_FULL], IFlag.INST_FLAGS_NONE) Set("94", ["XCHG"], [OPT.IB_R_FULL, OPT.ACC_FULL], IFlag.INST_FLAGS_NONE) Set("95", ["XCHG"], [OPT.IB_R_FULL, OPT.ACC_FULL], IFlag.INST_FLAGS_NONE) Set("96", ["XCHG"], [OPT.IB_R_FULL, OPT.ACC_FULL], IFlag.INST_FLAGS_NONE) Set("97", ["XCHG"], [OPT.IB_R_FULL, OPT.ACC_FULL], IFlag.INST_FLAGS_NONE) Set("98", ["CBW", "CWDE", "CDQE"], [], IFlag.USE_EXMNEMONIC | IFlag.USE_EXMNEMONIC2) Set("99", ["CWD", "CDQ", "CQO"], [], IFlag.USE_EXMNEMONIC | IFlag.USE_EXMNEMONIC2) Set("9a", ["CALL FAR"], [OPT.PTR16_FULL], IFlag.INVALID_64BITS) # V 1.4.a PUSHF/POPF are supposed to be promoted to 64 bits, without a REX. Set("9c", ["PUSHF"], [], IFlag.NATIVE | IFlag._64BITS) Set("9d", ["POPF"], [], IFlag.NATIVE | IFlag._64BITS) Set("9e", ["SAHF"], [], IFlag.INST_FLAGS_NONE) Set("9f", ["LAHF"], [], IFlag.INST_FLAGS_NONE) # V 1.6.21 MOV MEM-OFFSET instructions are NOT automatically promoted to 64bits, only with a REX. Set("a0", ["MOV"], [OPT.ACC8, OPT.MOFFS8], IFlag.INST_FLAGS_NONE) Set("a1", ["MOV"], [OPT.ACC_FULL, OPT.MOFFS_FULL], IFlag.INST_FLAGS_NONE) Set("a2", ["MOV"], [OPT.MOFFS8, OPT.ACC8], IFlag.INST_FLAGS_NONE) Set("a3", ["MOV"], [OPT.MOFFS_FULL, OPT.ACC_FULL], IFlag.INST_FLAGS_NONE) # movs es:di, ds:si* # cmps ds:si*, es:di # stos es:di, al # scas es:di al # lods al, ds:si* Set("a4", ["MOVS"], [OPT.REGI_EDI, OPT.REGI_ESI], IFlag.PRE_REPNZ | IFlag.PRE_REP) Set("a5", ["MOVS"], [OPT.REGI_EDI, OPT.REGI_ESI], IFlag._16BITS | IFlag.PRE_REPNZ | IFlag.PRE_REP | IFlag._64BITS | IFlag.PRE_REX) Set("a6", ["CMPS"], [OPT.REGI_ESI, OPT.REGI_EDI], IFlag.PRE_REPNZ | IFlag.PRE_REP) Set("a7", ["CMPS"], [OPT.REGI_ESI, OPT.REGI_EDI], IFlag._16BITS | IFlag.PRE_REPNZ | IFlag.PRE_REP | IFlag._64BITS | IFlag.PRE_REX) Set("aa", ["STOS"], [OPT.REGI_EDI, OPT.ACC8], IFlag.PRE_REPNZ | IFlag.PRE_REP) Set("ab", ["STOS"], [OPT.REGI_EDI, OPT.ACC_FULL], IFlag._16BITS | IFlag.PRE_REPNZ | IFlag.PRE_REP | IFlag._64BITS | IFlag.PRE_REX) Set("ac", ["LODS"], [OPT.ACC8, OPT.REGI_ESI], IFlag.PRE_REPNZ | IFlag.PRE_REP) Set("ad", ["LODS"], [OPT.ACC_FULL, OPT.REGI_ESI], IFlag._16BITS | IFlag.PRE_REPNZ | IFlag.PRE_REP | IFlag._64BITS | IFlag.PRE_REX) Set("ae", ["SCAS"], [OPT.REGI_EDI, OPT.ACC8], IFlag.PRE_REPNZ | IFlag.PRE_REP) Set("af", ["SCAS"], [OPT.REGI_EDI, OPT.ACC_FULL], IFlag._16BITS | IFlag.PRE_REPNZ | IFlag.PRE_REP | IFlag._64BITS | IFlag.PRE_REX) Set("a8", ["TEST"], [OPT.ACC8, OPT.IMM8], IFlag.INST_FLAGS_NONE) Set("a9", ["TEST"], [OPT.ACC_FULL, OPT.IMM_FULL], IFlag.INST_FLAGS_NONE) Set("b0", ["MOV"], [OPT.IB_RB, OPT.IMM8], IFlag.GEN_BLOCK) Set("b8", ["MOV"], [OPT.IB_R_FULL, OPT.IMM_FULL], IFlag._64BITS | IFlag.PRE_REX | IFlag.GEN_BLOCK) Set("c0 /00", ["ROL"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("c0 /01", ["ROR"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("c0 /02", ["RCL"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("c0 /03", ["RCR"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("c0 /04", ["SHL"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("c0 /05", ["SHR"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("c0 /06", ["SAL"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("c0 /07", ["SAR"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("c1 /00", ["ROL"], [OPT.RM_FULL, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("c1 /01", ["ROR"], [OPT.RM_FULL, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("c1 /02", ["RCL"], [OPT.RM_FULL, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("c1 /03", ["RCR"], [OPT.RM_FULL, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("c1 /04", ["SHL"], [OPT.RM_FULL, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("c1 /05", ["SHR"], [OPT.RM_FULL, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("c1 /06", ["SAL"], [OPT.RM_FULL, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("c1 /07", ["SAR"], [OPT.RM_FULL, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("c2", ["RET"], [OPT.IMM16], IFlag._64BITS) Set("c3", ["RET"], [], IFlag._64BITS) Set("c4", ["LES"], [OPT.REG_FULL, OPT.MEM16_FULL], IFlag.MODRM_REQUIRED | IFlag.INVALID_64BITS) Set("c5", ["LDS"], [OPT.REG_FULL, OPT.MEM16_FULL], IFlag.MODRM_REQUIRED | IFlag.INVALID_64BITS) Set("c6 //00", ["MOV"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag.NOT_DIVIDED) Set("c7 //00", ["MOV"], [OPT.RM_FULL, OPT.IMM_FULL], IFlag.MODRM_REQUIRED | IFlag.NOT_DIVIDED) Set("c8", ["ENTER"], [OPT.IMM16_1, OPT.IMM8_2], IFlag._64BITS) Set("c9", ["LEAVE"], [], IFlag._64BITS) # V 1.1.6 RETF is NOT promoted automatically in 64bits. So with REX it should be RETFQ. Set("ca", ["RETF"], [OPT.IMM16], IFlag.NATIVE | IFlag._64BITS | IFlag.PRE_REX) Set("cb", ["RETF"], [], IFlag.NATIVE | IFlag._64BITS | IFlag.PRE_REX) Set("cc", ["INT 3"], [], IFlag.INST_FLAGS_NONE) Set("cd", ["INT"], [OPT.IMM8], IFlag.INST_FLAGS_NONE) Set("ce", ["INTO"], [], IFlag.INVALID_64BITS) Set("cf", ["IRET"], [], IFlag.NATIVE | IFlag._64BITS | IFlag.PRE_REX) Set("d0 /00", ["ROL"], [OPT.RM8, OPT.CONST1], IFlag.MODRM_REQUIRED) Set("d0 /01", ["ROR"], [OPT.RM8, OPT.CONST1], IFlag.MODRM_REQUIRED) Set("d0 /02", ["RCL"], [OPT.RM8, OPT.CONST1], IFlag.MODRM_REQUIRED) Set("d0 /03", ["RCR"], [OPT.RM8, OPT.CONST1], IFlag.MODRM_REQUIRED) Set("d0 /04", ["SHL"], [OPT.RM8, OPT.CONST1], IFlag.MODRM_REQUIRED) Set("d0 /05", ["SHR"], [OPT.RM8, OPT.CONST1], IFlag.MODRM_REQUIRED) Set("d0 /06", ["SAL"], [OPT.RM8, OPT.CONST1], IFlag.MODRM_REQUIRED) Set("d0 /07", ["SAR"], [OPT.RM8, OPT.CONST1], IFlag.MODRM_REQUIRED) Set("d1 /00", ["ROL"], [OPT.RM_FULL, OPT.CONST1], IFlag.MODRM_REQUIRED) Set("d1 /01", ["ROR"], [OPT.RM_FULL, OPT.CONST1], IFlag.MODRM_REQUIRED) Set("d1 /02", ["RCL"], [OPT.RM_FULL, OPT.CONST1], IFlag.MODRM_REQUIRED) Set("d1 /03", ["RCR"], [OPT.RM_FULL, OPT.CONST1], IFlag.MODRM_REQUIRED) Set("d1 /04", ["SHL"], [OPT.RM_FULL, OPT.CONST1], IFlag.MODRM_REQUIRED) Set("d1 /05", ["SHR"], [OPT.RM_FULL, OPT.CONST1], IFlag.MODRM_REQUIRED) Set("d1 /06", ["SAL"], [OPT.RM_FULL, OPT.CONST1], IFlag.MODRM_REQUIRED) Set("d1 /07", ["SAR"], [OPT.RM_FULL, OPT.CONST1], IFlag.MODRM_REQUIRED) Set("d2 /00", ["ROL"], [OPT.RM8, OPT.REGCL], IFlag.MODRM_REQUIRED) Set("d2 /01", ["ROR"], [OPT.RM8, OPT.REGCL], IFlag.MODRM_REQUIRED) Set("d2 /02", ["RCL"], [OPT.RM8, OPT.REGCL], IFlag.MODRM_REQUIRED) Set("d2 /03", ["RCR"], [OPT.RM8, OPT.REGCL], IFlag.MODRM_REQUIRED) Set("d2 /04", ["SHL"], [OPT.RM8, OPT.REGCL], IFlag.MODRM_REQUIRED) Set("d2 /05", ["SHR"], [OPT.RM8, OPT.REGCL], IFlag.MODRM_REQUIRED) Set("d2 /06", ["SAL"], [OPT.RM8, OPT.REGCL], IFlag.MODRM_REQUIRED) Set("d2 /07", ["SAR"], [OPT.RM8, OPT.REGCL], IFlag.MODRM_REQUIRED) Set("d3 /00", ["ROL"], [OPT.RM_FULL, OPT.REGCL], IFlag.MODRM_REQUIRED) Set("d3 /01", ["ROR"], [OPT.RM_FULL, OPT.REGCL], IFlag.MODRM_REQUIRED) Set("d3 /02", ["RCL"], [OPT.RM_FULL, OPT.REGCL], IFlag.MODRM_REQUIRED) Set("d3 /03", ["RCR"], [OPT.RM_FULL, OPT.REGCL], IFlag.MODRM_REQUIRED) Set("d3 /04", ["SHL"], [OPT.RM_FULL, OPT.REGCL], IFlag.MODRM_REQUIRED) Set("d3 /05", ["SHR"], [OPT.RM_FULL, OPT.REGCL], IFlag.MODRM_REQUIRED) Set("d3 /06", ["SAL"], [OPT.RM_FULL, OPT.REGCL], IFlag.MODRM_REQUIRED) Set("d3 /07", ["SAR"], [OPT.RM_FULL, OPT.REGCL], IFlag.MODRM_REQUIRED) Set("d4", ["AAM"], [OPT.IMM8], IFlag.INVALID_64BITS) Set("d5", ["AAD"], [OPT.IMM8], IFlag.INVALID_64BITS) Set("d6", ["SALC"], [], IFlag.INVALID_64BITS) # XLATB / XLAT BYTE PTR DS:[EBX + AL] Set("d7", ["XLAT"], [OPT.REGI_EBXAL], IFlag.PRE_DS) # LOOPxx are also affected by the ADDRESS-SIZE prefix! # But they require a suffix letter indicating their size. # LOOPxx are promoted to 64bits. Set("e0", ["LOOPNZ"], [OPT.RELCB], IFlag.PRE_ADDR_SIZE | IFlag.NATIVE) Set("e1", ["LOOPZ"], [OPT.RELCB], IFlag.PRE_ADDR_SIZE | IFlag.NATIVE) Set("e2", ["LOOP"], [OPT.RELCB], IFlag.PRE_ADDR_SIZE | IFlag.NATIVE) # JMP CX: # This is a special instruction, because the ADDRESS-SIZE prefix affects its register size!!! # INST_PRE_ADDR_SIZE isn't supposed to really be a flag of a static instruction, it's quite a hack to distinguish this instruction. # J(r/e)CXZ are promoted to 64bits. Set("e3", ["JCXZ", "JECXZ", "JRCXZ"], [OPT.RELCB], IFlag.PRE_ADDR_SIZE | IFlag.USE_EXMNEMONIC | IFlag.USE_EXMNEMONIC2) Set("e4", ["IN"], [OPT.ACC8, OPT.IMM8], IFlag.INST_FLAGS_NONE) Set("e5", ["IN"], [OPT.ACC_FULL_NOT64, OPT.IMM8], IFlag.INST_FLAGS_NONE) Set("e6", ["OUT"], [OPT.IMM8, OPT.ACC8], IFlag.INST_FLAGS_NONE) Set("e7", ["OUT"], [OPT.IMM8, OPT.ACC_FULL_NOT64], IFlag.INST_FLAGS_NONE) Set("e8", ["CALL"], [OPT.RELC_FULL], IFlag._64BITS) Set("e9", ["JMP"], [OPT.RELC_FULL], IFlag._64BITS) Set("ea", ["JMP FAR"], [OPT.PTR16_FULL], IFlag.INVALID_64BITS) Set("eb", ["JMP"], [OPT.RELCB], IFlag._64BITS) Set("ec", ["IN"], [OPT.ACC8, OPT.REGDX], IFlag.INST_FLAGS_NONE) Set("ed", ["IN"], [OPT.ACC_FULL_NOT64, OPT.REGDX], IFlag.INST_FLAGS_NONE) Set("ee", ["OUT"], [OPT.REGDX, OPT.ACC8], IFlag.INST_FLAGS_NONE) Set("ef", ["OUT"], [OPT.REGDX, OPT.ACC_FULL_NOT64], IFlag.INST_FLAGS_NONE) Set("f1", ["INT1"], [], IFlag.INST_FLAGS_NONE) Set("f4", ["HLT"], [], IFlag.INST_FLAGS_NONE) Set("f5", ["CMC"], [], IFlag.INST_FLAGS_NONE) Set("f6 /00", ["TEST"], [OPT.RM8, OPT.IMM8], IFlag.MODRM_REQUIRED) Set("f6 /02", ["NOT"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("f6 /03", ["NEG"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("f6 /04", ["MUL"], [OPT.RM8], IFlag.MODRM_REQUIRED) Set("f6 /05", ["IMUL"], [OPT.RM8], IFlag.MODRM_REQUIRED) Set("f6 /06", ["DIV"], [OPT.RM8], IFlag.MODRM_REQUIRED) Set("f6 /07", ["IDIV"], [OPT.RM8], IFlag.MODRM_REQUIRED) Set("f7 /00", ["TEST"], [OPT.RM_FULL, OPT.IMM_FULL], IFlag.MODRM_REQUIRED) Set("f7 /02", ["NOT"], [OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("f7 /03", ["NEG"], [OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("f7 /04", ["MUL"], [OPT.RM_FULL], IFlag.MODRM_REQUIRED) Set("f7 /05", ["IMUL"], [OPT.RM_FULL], IFlag.MODRM_REQUIRED) Set("f7 /06", ["DIV"], [OPT.RM_FULL], IFlag.MODRM_REQUIRED) Set("f7 /07", ["IDIV"], [OPT.RM_FULL], IFlag.MODRM_REQUIRED) Set("f8", ["CLC"], [], IFlag.INST_FLAGS_NONE) Set("f9", ["STC"], [], IFlag.INST_FLAGS_NONE) Set("fa", ["CLI"], [], IFlag.INST_FLAGS_NONE) Set("fb", ["STI"], [], IFlag.INST_FLAGS_NONE) Set("fc", ["CLD"], [], IFlag.INST_FLAGS_NONE) Set("fd", ["STD"], [], IFlag.INST_FLAGS_NONE) Set("fe /00", ["INC"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("fe /01", ["DEC"], [OPT.RM8], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("ff /00", ["INC"], [OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("ff /01", ["DEC"], [OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_LOCK) Set("ff /02", ["CALL"], [OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._64BITS) Set("ff /03", ["CALL FAR"], [OPT.MEM16_FULL], IFlag.MODRM_REQUIRED | IFlag._64BITS | IFlag.PRE_REX) Set("ff /04", ["JMP"], [OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._64BITS) Set("ff /05", ["JMP FAR"], [OPT.MEM16_FULL], IFlag.MODRM_REQUIRED | IFlag._64BITS | IFlag.PRE_REX) Set("ff /06", ["PUSH"], [OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._64BITS) # New instructions from AMD July 2007 (POPCNT is already defined in SSE4.2, MONITOR, MWAIT are already defined above): # Note LZCNT can be prefixed by 0x66 although it has also a mandatory prefix! Set("f3, 0f, bd", ["LZCNT"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_OP_SIZE) Set("0f, 38, f0", ["MOVBE"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 38, f1", ["MOVBE"], [OPT.RM_FULL, OPT.REG_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) # New instructions from Intel 2008: Set("0f, 01, d0", ["XGETBV"], [], IFlag._32BITS) Set("0f, 01, d1", ["XSETBV"], [], IFlag._32BITS) Set("0f, ae /04", ["XSAVE", "", "XSAVE64"], [OPT.MEM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX | IFlag.USE_EXMNEMONIC2) # XRSTOR is declared below (see LFENCE), cause it is shared with LFENCE. # New instruction from Intel September 2009: Set("0f, 37", ["GETSEC"], [], IFlag.MODRM_REQUIRED | IFlag._32BITS) # XSAVEOPT is declared below (see SFENCE). def init_Exported(self): """ Exported instruction are special instruction that create a collision in the DB. Therefore they are exported directly so diStorm can use them manually in the insts.c instruction look-up code. Note that their opcodes are totally ignored here. Also the path to the instruction in the trie has to be defined by any instruction with same opcode! So for instance, NOP|PAUSE|XCHG -> XHG is really defined, the rest are exported. Inside diStorm it will know which one to use. """ Set = lambda *args: self.SetCallback(ISetClass.INTEGER, *args) # 63 /R # 16/32: ARPL reg/mem16, reg16 # 64: MOVSXD OT_REG_FULL, OT_RM_FULL # Damn processor, my DB won't support mixing of operands types. # Define ARPL! Set("63", ["ARPL"], [OPT.RM16, OPT.REG16], IFlag.MODRM_REQUIRED) # MOVSXD: # This is the worst defined instruction ever. It has so many variations. # I decided after a third review, to make it like MOVSXD RAX, EAX when there IS a REX.W. # Otherwise it will be MOVSXD EAX, EAX, which really zero extends to RAX. # Completely ignoring DB 0x66, which is possible by the docs, BTW. Set("63", ["MOVSXD"], [OPT.REG32_64, OPT.RM32], IFlag.MODRM_REQUIRED | IFlag._64BITS | IFlag.PRE_REX | IFlag.EXPORTED) Set("90", ["NOP"], [], IFlag.EXPORTED) # This instruction is supported directly in diStorm, since it's not a mandatory prefix really. Set("f3, 90", ["PAUSE"], [], IFlag._32BITS | IFlag.EXPORTED) # Wait instruction is needed, but it can be a prefix. See next page for more info. Set("9b", ["WAIT"], [], IFlag.EXPORTED) # VMPTRLD and RDRAND use same 2 first bytes and 06 as group (thus 2.3 bytes). # When MOD is 3 it's the RDRAND instruction and for the rest it's VMPTRLD. # The problem is that they have different operands, so a hack is required in the lookup instruction code. # Plus remember that this opcode is prefixed (because of VMCLEAR) sometimes and therefore will be part of a prefixed table! Set("0f, c7 /06", ["RDRAND"], [OPT.RM_FULL], IFlag._32BITS | IFlag.MODRM_INCLUDED | IFlag.MODRM_REQUIRED | IFlag._64BITS | IFlag.EXPORTED) Set = lambda *args: self.SetCallback(ISetClass._3DNOW, *args) # This is not really an instruction, but a gateway to all 3dnow instructions. Set("0f, 0f", ["_3DNOW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._3DNOW_FETCH | IFlag.EXPORTED) def init_FPU(self): Set = lambda *args: self.SetCallback(ISetClass.FPU, *args) # The WAIT instruction is tricky, it starts a 3 bytes instruction series. # If you find a 3 bytes long instruction you are on your own. # But the problem is that if you don't find a 3 bytes long instruction and the first byte that is going to be DB'ed # is this 0x9b byte, which represents the WAIT instruction, thus you'll have to output it as a standalone instruction. # Example: # 9B DB E3 ~ FINIT # 9B DB E4 ~ WAIT; DB 0xDB; ... # Get the idea? # It might be a part of a long instruction (3 bytes), else it just a simple one byte instruction by its own. # This way is a simple rule which is broken easily when dealing with Trie DB, the whole point is that the byte says # "read another byte" or "I'm your one", but here both happens. # That's why I will have to hardcode the WAIT instruction in the decode function which DB'es unknown bytes. # Set(0x9b, "WAIT") .... # IFlag.PRE_OP_SIZE is set in order to tell the decoder that 0x9b can be part of the instruction. # Because it's found in the prefixed table at the same entry of 0x66 for mandatory prefix. Set("9b, d9 //06", ["FSTENV"], [OPT.MEM], IFlag.PRE_OP_SIZE | IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("9b, d9 //07", ["FSTCW"], [OPT.FPUM16], IFlag.PRE_OP_SIZE | IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("9b, db //e2", ["FCLEX"], [], IFlag.PRE_OP_SIZE | IFlag._32BITS) Set("9b, db //e3", ["FINIT"], [], IFlag.PRE_OP_SIZE | IFlag._32BITS) Set("9b, dd //06", ["FSAVE"], [OPT.MEM], IFlag.PRE_OP_SIZE | IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("9b, dd //07", ["FSTSW"], [OPT.FPUM16], IFlag.PRE_OP_SIZE | IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("9b, df //e0", ["FSTSW"], [OPT.ACC16], IFlag.PRE_OP_SIZE | IFlag._32BITS) Set("d8 //00", ["FADD"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("d8 //01", ["FMUL"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("d8 //02", ["FCOM"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("d8 //03", ["FCOMP"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("d8 //04", ["FSUB"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("d8 //05", ["FSUBR"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("d8 //06", ["FDIV"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("d8 //07", ["FDIVR"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("d8 //c0", ["FADD"], [OPT.FPU_SSI], IFlag.GEN_BLOCK) Set("d8 //c8", ["FMUL"], [OPT.FPU_SSI], IFlag.GEN_BLOCK) Set("d8 //d0", ["FCOM"], [OPT.FPU_SI], IFlag.GEN_BLOCK) Set("d8 //d8", ["FCOMP"], [OPT.FPU_SI], IFlag.GEN_BLOCK) Set("d8 //d9", ["FCOMP"], [], IFlag.INST_FLAGS_NONE) Set("d8 //e0", ["FSUB"], [OPT.FPU_SSI], IFlag.GEN_BLOCK) Set("d8 //e8", ["FSUBR"], [OPT.FPU_SSI], IFlag.GEN_BLOCK) Set("d8 //f0", ["FDIV"], [OPT.FPU_SSI], IFlag.GEN_BLOCK) Set("d8 //f8", ["FDIVR"], [OPT.FPU_SSI], IFlag.GEN_BLOCK) Set("d9 //00", ["FLD"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("d9 //02", ["FST"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("d9 //03", ["FSTP"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("d9 //04", ["FLDENV"], [OPT.MEM], IFlag.MODRM_REQUIRED) Set("d9 //05", ["FLDCW"], [OPT.FPUM16], IFlag.MODRM_REQUIRED) Set("d9 //06", ["FNSTENV"], [OPT.MEM], IFlag.MODRM_REQUIRED) Set("d9 //07", ["FNSTCW"], [OPT.FPUM16], IFlag.MODRM_REQUIRED) Set("d9 //c0", ["FLD"], [OPT.FPU_SI], IFlag.GEN_BLOCK) Set("d9 //c8", ["FXCH"], [OPT.FPU_SI], IFlag.GEN_BLOCK) Set("d9 //c9", ["FXCH"], [], IFlag.INST_FLAGS_NONE) Set("d9 //d0", ["FNOP"], [], IFlag.INST_FLAGS_NONE) Set("d9 //e0", ["FCHS"], [], IFlag.INST_FLAGS_NONE) Set("d9 //e1", ["FABS"], [], IFlag.INST_FLAGS_NONE) Set("d9 //e4", ["FTST"], [], IFlag.INST_FLAGS_NONE) Set("d9 //e5", ["FXAM"], [], IFlag.INST_FLAGS_NONE) Set("d9 //e8", ["FLD1"], [], IFlag.INST_FLAGS_NONE) Set("d9 //e9", ["FLDL2T"], [], IFlag.INST_FLAGS_NONE) Set("d9 //ea", ["FLDL2E"], [], IFlag.INST_FLAGS_NONE) Set("d9 //eb", ["FLDPI"], [], IFlag.INST_FLAGS_NONE) Set("d9 //ec", ["FLDLG2"], [], IFlag.INST_FLAGS_NONE) Set("d9 //ed", ["FLDLN2"], [], IFlag.INST_FLAGS_NONE) Set("d9 //ee", ["FLDZ"], [], IFlag.INST_FLAGS_NONE) Set("d9 //f0", ["F2XM1"], [], IFlag.INST_FLAGS_NONE) Set("d9 //f1", ["FYL2X"], [], IFlag.INST_FLAGS_NONE) Set("d9 //f2", ["FPTAN"], [], IFlag.INST_FLAGS_NONE) Set("d9 //f3", ["FPATAN"], [], IFlag.INST_FLAGS_NONE) Set("d9 //f4", ["FXTRACT"], [], IFlag.INST_FLAGS_NONE) Set("d9 //f5", ["FPREM1"], [], IFlag.INST_FLAGS_NONE) Set("d9 //f6", ["FDECSTP"], [], IFlag.INST_FLAGS_NONE) Set("d9 //f7", ["FINCSTP"], [], IFlag.INST_FLAGS_NONE) Set("d9 //f8", ["FPREM"], [], IFlag.INST_FLAGS_NONE) Set("d9 //f9", ["FYL2XP1"], [], IFlag.INST_FLAGS_NONE) Set("d9 //fa", ["FSQRT"], [], IFlag.INST_FLAGS_NONE) Set("d9 //fb", ["FSINCOS"], [], IFlag.INST_FLAGS_NONE) Set("d9 //fc", ["FRNDINT"], [], IFlag.INST_FLAGS_NONE) Set("d9 //fd", ["FSCALE"], [], IFlag.INST_FLAGS_NONE) Set("d9 //fe", ["FSIN"], [], IFlag.INST_FLAGS_NONE) Set("d9 //ff", ["FCOS"], [], IFlag.INST_FLAGS_NONE) Set("da //00", ["FIADD"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("da //01", ["FIMUL"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("da //02", ["FICOM"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("da //03", ["FICOMP"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("da //04", ["FISUB"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("da //05", ["FISUBR"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("da //06", ["FIDIV"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("da //07", ["FIDIVR"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("da //e9", ["FUCOMPP"], [], IFlag.INST_FLAGS_NONE) Set("db //00", ["FILD"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("db //02", ["FIST"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("db //03", ["FISTP"], [OPT.FPUM32], IFlag.MODRM_REQUIRED) Set("db //05", ["FLD"], [OPT.FPUM80], IFlag.MODRM_REQUIRED) Set("db //07", ["FSTP"], [OPT.FPUM80], IFlag.MODRM_REQUIRED) # Obsolete. Set("db //e0", ["FENI"], [], IFlag.INST_FLAGS_NONE) # Obsolete. Set("db //e1", ["FEDISI"], [], IFlag.INST_FLAGS_NONE) Set("db //e2", ["FNCLEX"], [], IFlag.INST_FLAGS_NONE) Set("db //e3", ["FNINIT"], [], IFlag.INST_FLAGS_NONE) # Obsolete. Set("db //e4", ["FSETPM"], [], IFlag.INST_FLAGS_NONE) Set("db //e8", ["FUCOMI"], [OPT.FPU_SSI], IFlag._32BITS | IFlag.GEN_BLOCK) Set("dc //00", ["FADD"], [OPT.FPUM64], IFlag.MODRM_REQUIRED) Set("dc //01", ["FMUL"], [OPT.FPUM64], IFlag.MODRM_REQUIRED) Set("dc //02", ["FCOM"], [OPT.FPUM64], IFlag.MODRM_REQUIRED) Set("dc //03", ["FCOMP"], [OPT.FPUM64], IFlag.MODRM_REQUIRED) Set("dc //04", ["FSUB"], [OPT.FPUM64], IFlag.MODRM_REQUIRED) Set("dc //05", ["FSUBR"], [OPT.FPUM64], IFlag.MODRM_REQUIRED) Set("dc //06", ["FDIV"], [OPT.FPUM64], IFlag.MODRM_REQUIRED) Set("dc //07", ["FDIVR"], [OPT.FPUM64], IFlag.MODRM_REQUIRED) Set("dc //c0", ["FADD"], [OPT.FPU_SIS], IFlag.GEN_BLOCK) Set("dc //c8", ["FMUL"], [OPT.FPU_SIS], IFlag.GEN_BLOCK) Set("dc //e0", ["FSUBR"], [OPT.FPU_SIS], IFlag.GEN_BLOCK) Set("dc //e8", ["FSUB"], [OPT.FPU_SIS], IFlag.GEN_BLOCK) Set("dc //f0", ["FDIVR"], [OPT.FPU_SIS], IFlag.GEN_BLOCK) Set("dc //f8", ["FDIV"], [OPT.FPU_SIS], IFlag.GEN_BLOCK) Set("dd //00", ["FLD"], [OPT.FPUM64], IFlag.MODRM_REQUIRED) Set("dd //02", ["FST"], [OPT.FPUM64], IFlag.MODRM_REQUIRED) Set("dd //03", ["FSTP"], [OPT.FPUM64], IFlag.MODRM_REQUIRED) Set("dd //04", ["FRSTOR"], [OPT.MEM], IFlag.MODRM_REQUIRED) Set("dd //06", ["FNSAVE"], [OPT.MEM], IFlag.MODRM_REQUIRED) Set("dd //07", ["FNSTSW"], [OPT.FPUM16], IFlag.MODRM_REQUIRED) Set("dd //c0", ["FFREE"], [OPT.FPU_SI], IFlag.GEN_BLOCK) Set("dd //d0", ["FST"], [OPT.FPU_SI], IFlag.GEN_BLOCK) Set("dd //d8", ["FSTP"], [OPT.FPU_SI], IFlag.GEN_BLOCK) Set("dd //e0", ["FUCOM"], [OPT.FPU_SIS], IFlag.GEN_BLOCK) Set("dd //e1", ["FUCOM"], [], IFlag.INST_FLAGS_NONE) Set("dd //e8", ["FUCOMP"], [OPT.FPU_SI], IFlag.GEN_BLOCK) Set("dd //e9", ["FUCOMP"], [], IFlag.INST_FLAGS_NONE) Set("de //00", ["FIADD"], [OPT.FPUM16], IFlag.MODRM_REQUIRED) Set("de //01", ["FIMUL"], [OPT.FPUM16], IFlag.MODRM_REQUIRED) Set("de //02", ["FICOM"], [OPT.FPUM16], IFlag.MODRM_REQUIRED) Set("de //03", ["FICOMP"], [OPT.FPUM16], IFlag.MODRM_REQUIRED) Set("de //04", ["FISUB"], [OPT.FPUM16], IFlag.MODRM_REQUIRED) Set("de //05", ["FISUBR"], [OPT.FPUM16], IFlag.MODRM_REQUIRED) Set("de //06", ["FIDIV"], [OPT.FPUM16], IFlag.MODRM_REQUIRED) Set("de //07", ["FIDIVR"], [OPT.FPUM16], IFlag.MODRM_REQUIRED) Set("de //c0", ["FADDP"], [OPT.FPU_SIS], IFlag.GEN_BLOCK) Set("de //c1", ["FADDP"], [], IFlag.INST_FLAGS_NONE) Set("de //c8", ["FMULP"], [OPT.FPU_SIS], IFlag.GEN_BLOCK) Set("de //c9", ["FMULP"], [], IFlag.INST_FLAGS_NONE) Set("de //d9", ["FCOMPP"], [], IFlag.INST_FLAGS_NONE) Set("de //e0", ["FSUBRP"], [OPT.FPU_SIS], IFlag.GEN_BLOCK) Set("de //e1", ["FSUBRP"], [], IFlag.INST_FLAGS_NONE) Set("de //e8", ["FSUBP"], [OPT.FPU_SIS], IFlag.GEN_BLOCK) Set("de //e9", ["FSUBP"], [], IFlag.INST_FLAGS_NONE) Set("de //f0", ["FDIVRP"], [OPT.FPU_SIS], IFlag.GEN_BLOCK) Set("de //f1", ["FDIVRP"], [], IFlag.INST_FLAGS_NONE) Set("de //f8", ["FDIVP"], [OPT.FPU_SIS], IFlag.GEN_BLOCK) Set("de //f9", ["FDIVP"], [], IFlag.INST_FLAGS_NONE) Set("df //00", ["FILD"], [OPT.FPUM16], IFlag.MODRM_REQUIRED) Set("df //02", ["FIST"], [OPT.FPUM16], IFlag.MODRM_REQUIRED) Set("df //03", ["FISTP"], [OPT.FPUM16], IFlag.MODRM_REQUIRED) Set("df //04", ["FBLD"], [OPT.FPUM80], IFlag.MODRM_REQUIRED) Set("df //05", ["FILD"], [OPT.FPUM64], IFlag.MODRM_REQUIRED) Set("df //06", ["FBSTP"], [OPT.FPUM80], IFlag.MODRM_REQUIRED) Set("df //07", ["FISTP"], [OPT.FPUM64], IFlag.MODRM_REQUIRED) Set("df //e0", ["FNSTSW"], [OPT.ACC16], IFlag.INST_FLAGS_NONE) Set("df //e8", ["FUCOMIP"], [OPT.FPU_SSI], IFlag._32BITS | IFlag.GEN_BLOCK) Set("df //f0", ["FCOMIP"], [OPT.FPU_SSI], IFlag._32BITS | IFlag.GEN_BLOCK) def init_P6(self): Set = lambda *args: self.SetCallback(ISetClass.P6, *args) Set("0f, 05", ["SYSCALL"], [], IFlag._32BITS) Set("0f, 07", ["SYSRET"], [], IFlag._32BITS) Set("0f, 34", ["SYSENTER"], [], IFlag._32BITS) # Only AMD states invalid in 64 bits. Set("0f, 35", ["SYSEXIT"], [], IFlag._32BITS) # Only AMD states invalid in 64 bits. Set("0f, 40", ["CMOVO"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 41", ["CMOVNO"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 42", ["CMOVB"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 43", ["CMOVAE"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 44", ["CMOVZ"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 45", ["CMOVNZ"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 46", ["CMOVBE"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 47", ["CMOVA"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 48", ["CMOVS"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 49", ["CMOVNS"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 4a", ["CMOVP"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 4b", ["CMOVNP"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 4c", ["CMOVL"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 4d", ["CMOVGE"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 4e", ["CMOVLE"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 4f", ["CMOVG"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("da //c0", ["FCMOVB"], [OPT.FPU_SSI], IFlag._32BITS | IFlag.GEN_BLOCK) Set("da //c8", ["FCMOVE"], [OPT.FPU_SSI], IFlag._32BITS | IFlag.GEN_BLOCK) Set("da //d0", ["FCMOVBE"], [OPT.FPU_SSI], IFlag._32BITS | IFlag.GEN_BLOCK) Set("da //d8", ["FCMOVU"], [OPT.FPU_SSI], IFlag._32BITS | IFlag.GEN_BLOCK) Set("db //c0", ["FCMOVNB"], [OPT.FPU_SSI], IFlag._32BITS | IFlag.GEN_BLOCK) Set("db //c8", ["FCMOVNE"], [OPT.FPU_SSI], IFlag._32BITS | IFlag.GEN_BLOCK) Set("db //d0", ["FCMOVNBE"], [OPT.FPU_SSI], IFlag._32BITS | IFlag.GEN_BLOCK) Set("db //d8", ["FCMOVNU"], [OPT.FPU_SSI], IFlag._32BITS | IFlag.GEN_BLOCK) Set("db //f0", ["FCOMI"], [OPT.FPU_SSI], IFlag._32BITS | IFlag.GEN_BLOCK) # Transactional Set("0f, 01, d5", ["XEND"], [], IFlag._64BITS) Set("c6 //f8", ["XABORT"], [OPT.IMM8], IFlag._64BITS) Set("c7 //f8", ["XBEGIN"], [OPT.RELC_FULL], IFlag._64BITS) def init_MMX(self): Set = lambda *args: self.SetCallback(ISetClass.MMX, *args) # Pseudo Opcodes, the second mnemonic is concatenated to the first mnemonic. Set("0f, 60", ["PUNPCKLBW"], [OPT.MM, OPT.MM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 61", ["PUNPCKLWD"], [OPT.MM, OPT.MM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 62", ["PUNPCKLDQ"], [OPT.MM, OPT.MM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 63", ["PACKSSWB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 64", ["PCMPGTB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 65", ["PCMPGTW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 66", ["PCMPGTD"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 67", ["PACKUSWB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 68", ["PUNPCKHBW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 69", ["PUNPCKHWD"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 6a", ["PUNPCKHDQ"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 6b", ["PACKSSDW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) # V 1.6.22 MOVD/MOVQ are used for 32bits or 64bits correspondignly. Set("0f, 6e", ["MOVD", "", "MOVQ"], [OPT.MM, OPT.RM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX | IFlag.USE_EXMNEMONIC2) Set("0f, 6f", ["MOVQ"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 71 /02", ["PSRLW"], [OPT.MM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.MODRR_REQUIRED) Set("0f, 71 /04", ["PSRAW"], [OPT.MM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.MODRR_REQUIRED) Set("0f, 71 /06", ["PSLLW"], [OPT.MM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.MODRR_REQUIRED) Set("0f, 72 /02", ["PSRLD"], [OPT.MM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.MODRR_REQUIRED) Set("0f, 72 /04", ["PSRAD"], [OPT.MM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.MODRR_REQUIRED) Set("0f, 72 /06", ["PSLLD"], [OPT.MM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.MODRR_REQUIRED) Set("0f, 73 /02", ["PSRLQ"], [OPT.MM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.MODRR_REQUIRED) Set("0f, 73 /06", ["PSLLQ"], [OPT.MM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.MODRR_REQUIRED) Set("0f, 74", ["PCMPEQB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 75", ["PCMPEQW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 76", ["PCMPEQD"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 77", ["EMMS"], [], IFlag._32BITS) # V 1.6.22 MOVD/MOVQ are used for 32bits or 64bits correspondignly. Set("0f, 7e", ["MOVD", "", "MOVQ"], [OPT.RM32_64, OPT.MM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX | IFlag.USE_EXMNEMONIC2) Set("0f, 7f", ["MOVQ"], [OPT.MM64, OPT.MM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, d1", ["PSRLW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, d2", ["PSRLD"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, d3", ["PSRLQ"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, d5", ["PMULLW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, d8", ["PSUBUSB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, d9", ["PSUBUSW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, db", ["PAND"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, dc", ["PADDUSB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, dd", ["PADDUSW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, df", ["PANDN"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, e1", ["PSRAW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, e2", ["PSRAD"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, e5", ["PMULHW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, e8", ["PSUBSB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, e9", ["PSUBSW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, eb", ["POR"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, ec", ["PADDSB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, ed", ["PADDSW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, ef", ["PXOR"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, f1", ["PSLLW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, f2", ["PSLLD"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, f3", ["PSLLQ"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, f5", ["PMADDWD"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, f8", ["PSUBB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, f9", ["PSUBW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, fa", ["PSUBD"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, fc", ["PADDB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, fd", ["PADDW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, fe", ["PADDD"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) def init_SSE(self): Set = lambda *args: self.SetCallback(ISetClass.SSE, *args) Set("0f, 10", ["MOVUPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 11", ["MOVUPS"], [OPT.XMM128, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) # The problem with these instructions (MOVHLPS/MOVLHPS) is that both kinds need partialy the ModR/M byte. # mod=11 for first mnemonic. Set("0f, 12", ["MOVHLPS", "MOVLPS"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.USE_EXMNEMONIC | IFlag.MNEMONIC_MODRM_BASED) Set("0f, 13", ["MOVLPS"], [OPT.MEM64, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 14", ["UNPCKLPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 15", ["UNPCKHPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 16", ["MOVLHPS", "MOVHPS"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.USE_EXMNEMONIC | IFlag.MNEMONIC_MODRM_BASED) Set("0f, 17", ["MOVHPS"], [OPT.MEM64, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 18 /00", ["PREFETCHNTA"], [OPT.MEM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 18 /01", ["PREFETCHT0"], [OPT.MEM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 18 /02", ["PREFETCHT1"], [OPT.MEM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 18 /03", ["PREFETCHT2"], [OPT.MEM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 28", ["MOVAPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 29", ["MOVAPS"], [OPT.XMM128, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 2a", ["CVTPI2PS"], [OPT.XMM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 2b", ["MOVNTPS"], [OPT.MEM128, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 2c", ["CVTTPS2PI"], [OPT.MM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 2d", ["CVTPS2PI"], [OPT.MM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 2e", ["UCOMISS"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 2f", ["COMISS"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 50", ["MOVMSKPS"], [OPT.REG32, OPT.XMM_RM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.MODRR_REQUIRED) Set("0f, 51", ["SQRTPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 52", ["RSQRTPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 53", ["RCPPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 54", ["ANDPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 55", ["ANDNPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 56", ["ORPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 57", ["XORPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 58", ["ADDPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 59", ["MULPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 5c", ["SUBPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 5d", ["MINPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 5e", ["DIVPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 5f", ["MAXPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 70", ["PSHUFW"], [OPT.MM, OPT.MM64, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, c2", ["CMP", "PS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.USE_EXMNEMONIC | IFlag.PSEUDO_OPCODE) Set("0f, c4", ["PINSRW"], [OPT.MM, OPT.R32_M16, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, c5", ["PEXTRW"], [OPT.REG32, OPT.MM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.MODRR_REQUIRED) Set("0f, c6", ["SHUFPS"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, d7", ["PMOVMSKB"], [OPT.REG32, OPT.MM_RM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.MODRR_REQUIRED) Set("0f, da", ["PMINUB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, de", ["PMAXUB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, e0", ["PAVGB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, e3", ["PAVGW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, e4", ["PMULHUW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, e7", ["MOVNTQ"], [OPT.MEM64, OPT.MM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, ea", ["PMINSW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, ee", ["PMAXSW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, f6", ["PSADBW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, f7", ["MASKMOVQ"], [OPT.MM, OPT.MM_RM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.MODRR_REQUIRED) Set("f3, 0f, 10", ["MOVSS"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 11", ["MOVSS"], [OPT.XMM32, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 2a", ["CVTSI2SS"], [OPT.XMM, OPT.RM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX) Set("f3, 0f, 2c", ["CVTTSS2SI"], [OPT.REG32_64, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX) Set("f3, 0f, 2d", ["CVTSS2SI"], [OPT.REG32_64, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX) Set("f3, 0f, 51", ["SQRTSS"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 52", ["RSQRTSS"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 53", ["RCPSS"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 58", ["ADDSS"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 59", ["MULSS"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 5c", ["SUBSS"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 5d", ["MINSS"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 5e", ["DIVSS"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 5f", ["MAXSS"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, c2", ["CMP", "SS"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.USE_EXMNEMONIC | IFlag.PSEUDO_OPCODE) def init_SSE2(self): Set = lambda *args: self.SetCallback(ISetClass.SSE2, *args) Set("0f, 5a", ["CVTPS2PD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 5b", ["CVTDQ2PS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, c3", ["MOVNTI"], [OPT.MEM32_64, OPT.REG32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX) Set("0f, d4", ["PADDQ"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, f4", ["PMULUDQ"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, fb", ["PSUBQ"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 10", ["MOVUPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 11", ["MOVUPD"], [OPT.XMM128, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 12", ["MOVLPD"], [OPT.XMM, OPT.MEM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 13", ["MOVLPD"], [OPT.MEM64, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 14", ["UNPCKLPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 15", ["UNPCKHPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 16", ["MOVHPD"], [OPT.XMM, OPT.MEM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 17", ["MOVHPD"], [OPT.MEM64, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 28", ["MOVAPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 29", ["MOVAPD"], [OPT.XMM128, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 2a", ["CVTPI2PD"], [OPT.XMM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 2b", ["MOVNTPD"], [OPT.MEM128, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 2c", ["CVTTPD2PI"], [OPT.MM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 2d", ["CVTPD2PI"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 2e", ["UCOMISD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 2f", ["COMISD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 50", ["MOVMSKPD"], [OPT.REG32, OPT.XMM_RM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.MODRR_REQUIRED) Set("66, 0f, 51", ["SQRTPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 54", ["ANDPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 55", ["ANDNPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 56", ["ORPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 57", ["XORPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 58", ["ADDPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 59", ["MULPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 5a", ["CVTPD2PS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 5b", ["CVTPS2DQ"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 5c", ["SUBPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 5d", ["MINPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 5e", ["DIVPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 5f", ["MAXPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 60", ["PUNPCKLBW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 61", ["PUNPCKLWD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 62", ["PUNPCKLDQ"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 63", ["PACKSSWB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 64", ["PCMPGTB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 65", ["PCMPGTW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 66", ["PCMPGTD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 67", ["PACKUSWB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 68", ["PUNPCKHBW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 69", ["PUNPCKHWD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 6a", ["PUNPCKHDQ"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 6b", ["PACKSSDW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 6c", ["PUNPCKLQDQ"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 6d", ["PUNPCKHQDQ"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) # V 1.6.22 MOVD/MOVQ are used for 32bits or 64bits correspondignly. Set("66, 0f, 6e", ["MOVD", "", "MOVQ"], [OPT.XMM, OPT.RM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX | IFlag.USE_EXMNEMONIC2) Set("66, 0f, 6f", ["MOVDQA"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 70", ["PSHUFD"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 71 /02", ["PSRLW"], [OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 71 /04", ["PSRAW"], [OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 71 /06", ["PSLLW"], [OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 72 /02", ["PSRLD"], [OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 72 /04", ["PSRAD"], [OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 72 /06", ["PSLLD"], [OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 73 /02", ["PSRLQ"], [OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 73 /03", ["PSRLDQ"], [OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 73 /06", ["PSLLQ"], [OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 73 /07", ["PSLLDQ"], [OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 74", ["PCMPEQB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 75", ["PCMPEQW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 76", ["PCMPEQD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) # V 1.6.22 MOVD/MOVQ are used for 32bits or 64bits correspondignly. Set("66, 0f, 7e", ["MOVD", "", "MOVQ"], [OPT.RM32_64, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX | IFlag.USE_EXMNEMONIC2) Set("66, 0f, 7f", ["MOVDQA"], [OPT.XMM128, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, c2", ["CMP", "PD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.USE_EXMNEMONIC | IFlag.PSEUDO_OPCODE) Set("66, 0f, c4", ["PINSRW"], [OPT.XMM, OPT.R32_M16, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, c5", ["PEXTRW"], [OPT.REG32, OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, c6", ["SHUFPD"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, d1", ["PSRLW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, d2", ["PSRLD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, d3", ["PSRLQ"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, d4", ["PADDQ"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, d5", ["PMULLW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, d6", ["MOVQ"], [OPT.XMM64, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, d7", ["PMOVMSKB"], [OPT.REG32, OPT.XMM_RM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.MODRR_REQUIRED) Set("66, 0f, d8", ["PSUBUSB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, d9", ["PSUBUSW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, da", ["PMINUB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, db", ["PAND"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, dc", ["PADDUSB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, dd", ["PADDUSW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, de", ["PMAXUB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, df", ["PANDN"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, e0", ["PAVGB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, e1", ["PSRAW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, e2", ["PSRAD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, e3", ["PAVGW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, e4", ["PMULHUW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, e5", ["PMULHW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, e6", ["CVTTPD2DQ"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, e7", ["MOVNTDQ"], [OPT.MEM128, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, e8", ["PSUBSB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, e9", ["PSUBSW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, ea", ["PMINSW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, eb", ["POR"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, ec", ["PADDSB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, ed", ["PADDSW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, ee", ["PMAXSW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, ef", ["PXOR"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, f1", ["PSLLW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, f2", ["PSLLD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, f3", ["PSLLQ"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, f4", ["PMULUDQ"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, f5", ["PMADDWD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, f6", ["PSADBW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, f7", ["MASKMOVDQU"], [OPT.XMM, OPT.XMM_RM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.MODRR_REQUIRED) Set("66, 0f, f8", ["PSUBB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, f9", ["PSUBW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, fa", ["PSUBD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, fb", ["PSUBQ"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, fc", ["PADDB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, fd", ["PADDW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, fe", ["PADDD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, 10", ["MOVSD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, 11", ["MOVSD"], [OPT.XMM64, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, 2a", ["CVTSI2SD"], [OPT.XMM, OPT.RM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX) Set("f2, 0f, 2c", ["CVTTSD2SI"], [OPT.REG32_64, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX) Set("f2, 0f, 2d", ["CVTSD2SI"], [OPT.REG32_64, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_REX) Set("f2, 0f, 51", ["SQRTSD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, 58", ["ADDSD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, 59", ["MULSD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, 5a", ["CVTSD2SS"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, 5c", ["SUBSD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, 5d", ["MINSD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, 5e", ["DIVSD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, 5f", ["MAXSD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, 70", ["PSHUFLW"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, c2", ["CMP", "SD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.USE_EXMNEMONIC | IFlag.PSEUDO_OPCODE) Set("f2, 0f, d6", ["MOVDQ2Q"], [OPT.MM, OPT.XMM_RM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.MODRR_REQUIRED) Set("f2, 0f, e6", ["CVTPD2DQ"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 5a", ["CVTSS2SD"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 5b", ["CVTTPS2DQ"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 6f", ["MOVDQU"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 70", ["PSHUFHW"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 7e", ["MOVQ"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 7f", ["MOVDQU"], [OPT.XMM128, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, d6", ["MOVQ2DQ"], [OPT.XMM, OPT.MM_RM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.MODRR_REQUIRED) Set("f3, 0f, e6", ["CVTDQ2PD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) def init_SSE3(self): Set = lambda *args: self.SetCallback(ISetClass.SSE3, *args) Set("66, 0f, 7c", ["HADDPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 7d", ["HSUBPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, d0", ["ADDSUBPD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("db //01", ["FISTTP"], [OPT.FPUM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("dd //01", ["FISTTP"], [OPT.FPUM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("df //01", ["FISTTP"], [OPT.FPUM16], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, 12", ["MOVDDUP"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 12", ["MOVSLDUP"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, 7c", ["HADDPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, 7d", ["HSUBPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, d0", ["ADDSUBPS"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, f0", ["LDDQU"], [OPT.XMM, OPT.MEM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 16", ["MOVSHDUP"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) def init_SSSE3(self): Set = lambda *args: self.SetCallback(ISetClass.SSSE3, *args) Set("0f, 38, 00", ["PSHUFB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 38, 01", ["PHADDW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 38, 02", ["PHADDD"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 38, 03", ["PHADDSW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 38, 04", ["PMADDUBSW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 38, 05", ["PHSUBW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 38, 06", ["PHSUBD"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 38, 07", ["PHSUBSW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 38, 08", ["PSIGNB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 38, 09", ["PSIGNW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 38, 0a", ["PSIGND"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 38, 0b", ["PMULHRSW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 38, 1c", ["PABSB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 38, 1d", ["PABSW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 38, 1e", ["PABSD"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 3a, 0f", ["PALIGNR"], [OPT.MM, OPT.MM64, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 00", ["PSHUFB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 01", ["PHADDW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 02", ["PHADDD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 03", ["PHADDSW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 04", ["PMADDUBSW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 05", ["PHSUBW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 06", ["PHSUBD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 07", ["PHSUBSW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 08", ["PSIGNB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 09", ["PSIGNW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 0a", ["PSIGND"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 0b", ["PMULHRSW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 1c", ["PABSB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 1d", ["PABSW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 1e", ["PABSD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 0f", ["PALIGNR"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) def init_SSE4_1(self): Set = lambda *args: self.SetCallback(ISetClass.SSE4_1, *args) Set("66, 0f, 3a, 0d", ["BLENDPD"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 0c", ["BLENDPS"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 15", ["BLENDVPD"], [OPT.XMM, OPT.XMM128, OPT.REGXMM0], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 14", ["BLENDVPS"], [OPT.XMM, OPT.XMM128, OPT.REGXMM0], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 41", ["DPPD"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 40", ["DPPS"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 17", ["EXTRACTPS"], [OPT.RM32_64, OPT.XMM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 21", ["INSERTPS"], [OPT.XMM, OPT.XMM32, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 2a", ["MOVNTDQA"], [OPT.XMM, OPT.MEM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 42", ["MPSADBW"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 2b", ["PACKUSDW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 10", ["PBLENDVB"], [OPT.XMM, OPT.XMM128, OPT.REGXMM0], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 0e", ["PBLENDW"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 29", ["PCMPEQQ"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 14", ["PEXTRB"], [OPT.R32_64_M8, OPT.XMM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 16", ["PEXTRD", "", "PEXTRQ"], [OPT.RM32_64, OPT.XMM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.USE_EXMNEMONIC2) Set("66, 0f, 3a, 15", ["PEXTRW"], [OPT.R32_64_M16, OPT.XMM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 41", ["PHMINPOSUW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 20", ["PINSRB"], [OPT.XMM, OPT.R32_M8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 22", ["PINSRD", "", "PINSRQ"], [OPT.XMM, OPT.RM32_64, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.USE_EXMNEMONIC2) Set("66, 0f, 38, 3c", ["PMAXSB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 3d", ["PMAXSD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 3f", ["PMAXUD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 3e", ["PMAXUW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 38", ["PMINSB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 39", ["PMINSD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 3b", ["PMINUD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 3a", ["PMINUW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 20", ["PMOVSXBW"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 21", ["PMOVSXBD"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 22", ["PMOVSXBQ"], [OPT.XMM, OPT.XMM16], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 23", ["PMOVSXWD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 24", ["PMOVSXWQ"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 25", ["PMOVSXDQ"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 30", ["PMOVZXBW"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 31", ["PMOVZXBD"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 32", ["PMOVZXBQ"], [OPT.XMM, OPT.XMM16], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 33", ["PMOVZXWD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 34", ["PMOVZXWQ"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 35", ["PMOVZXDQ"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 28", ["PMULDQ"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 40", ["PMULLD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 09", ["ROUNDPD"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 08", ["ROUNDPS"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 0b", ["ROUNDSD"], [OPT.XMM, OPT.XMM64, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 0a", ["ROUNDSS"], [OPT.XMM, OPT.XMM32, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) def init_SSE4_2(self): Set = lambda *args: self.SetCallback(ISetClass.SSE4_2, *args) Set("f2, 0f, 38, f0", ["CRC32"], [OPT.REG32_64, OPT.RM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f2, 0f, 38, f1", ["CRC32"], [OPT.REG32_64, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 17", ["PTEST"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 61", ["PCMPESTRI"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 60", ["PCMPESTRM"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 63", ["PCMPISTRI"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 3a, 62", ["PCMPISTRM"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 38, 37", ["PCMPGTQ"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) # Note POPCNT can be prefixed by 0x66 although it has also a mandatory prefix! Set("f3, 0f, b8", ["POPCNT"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_OP_SIZE) def init_SSE4_A(self): # New instructions from AMD July 2007 Set = lambda *args: self.SetCallback(ISetClass.SSE4_A, *args) # DB can't support a table after Prefixed table (it will really complicate everything and doesn't worth it), # therefore we will have to force a REG of 0 in the flags! Beats me. :( #Set("66, 0f, 78 /00", ["EXTRQ"], [OPT.XMM_RM, OPT.IMM8_1, OPT.IMM8_2], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, 78", ["EXTRQ"], [OPT.XMM_RM, OPT.IMM8_1, OPT.IMM8_2], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.FORCE_REG0) Set("66, 0f, 79", ["EXTRQ"], [OPT.XMM, OPT.XMM_RM], IFlag.MODRM_REQUIRED | IFlag._32BITS) # Four operands(!) I want m'mommy Set("f2, 0f, 78", ["INSERTQ"], [OPT.XMM, OPT.XMM_RM, OPT.IMM8_1, OPT.IMM8_2], IFlag.MODRM_REQUIRED | IFlag.MODRR_REQUIRED | IFlag._32BITS) Set("f2, 0f, 79", ["INSERTQ"], [OPT.XMM, OPT.XMM_RM], IFlag.MODRM_REQUIRED | IFlag.MODRR_REQUIRED | IFlag._32BITS) Set("f2, 0f, 2b", ["MOVNTSD"], [OPT.MEM64, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, 2b", ["MOVNTSS"], [OPT.MEM32, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS) def init_3DNOW(self): Set = lambda *args: self.SetCallback(ISetClass._3DNOW, *args) Set("0f, 0d /00", ["PREFETCH"], [OPT.MEM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 0d /01", ["PREFETCHW"], [OPT.MEM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 0e", ["FEMMS"], [], IFlag.INST_FLAGS_NONE) Set("0f, 0f, 0d", ["PI2FD"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, 1d", ["PF2ID"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, 90", ["PFCMPGE"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, 94", ["PFMIN"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, 96", ["PFRCP"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, 97", ["PFRSQRT"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, 9a", ["PFSUB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, 9e", ["PFADD"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, a0", ["PFCMPGT"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, a4", ["PFMAX"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, a6", ["PFRCPIT1"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, a7", ["PFRSQIT1"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, aa", ["PFSUBR"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, ae", ["PFACC"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, b0", ["PFCMPEQ"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, b4", ["PFMUL"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, b6", ["PFRCPIT2"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, b7", ["PMULHRW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, bf", ["PAVGUSB"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) def init_3DNOWEXT(self): Set = lambda *args: self.SetCallback(ISetClass._3DNOWEXT, *args) Set("0f, 0f, 0c", ["PI2FW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, 1c", ["PF2IW"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, 8a", ["PFNACC"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, 8e", ["PFPNACC"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) Set("0f, 0f, bb", ["PSWAPD"], [OPT.MM, OPT.MM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._3DNOW_FETCH) def init_VMX(self): Set = lambda *args: self.SetCallback(ISetClass.VMX, *args) Set("0f, 01 //c1", ["VMCALL"], [], IFlag._32BITS) Set("0f, 01 //c2", ["VMLAUNCH"], [], IFlag._32BITS) Set("0f, 01 //c3", ["VMRESUME"], [], IFlag._32BITS) Set("0f, 01 //c4", ["VMXOFF"], [], IFlag._32BITS) # In 64bits the operands are promoted to 64bits automatically. Set("0f, 78", ["VMREAD"], [OPT.RM32_64, OPT.REG32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS) Set("0f, 79", ["VMWRITE"], [OPT.REG32_64, OPT.RM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS) # VMPTRLD collides with RDRAND (see exported instructions). Set("0f, c7 /06", ["VMPTRLD"], [OPT.MEM], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, c7 /07", ["VMPTRST"], [OPT.MEM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("66, 0f, c7 /06", ["VMCLEAR"], [OPT.MEM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("f3, 0f, c7 /06", ["VMXON"], [OPT.MEM64], IFlag.MODRM_REQUIRED | IFlag._32BITS) # New VMX instructions from Intel September 2009: Set("66, 0f, 38, 80", ["INVEPT"], [OPT.REG32_64, OPT.MEM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS) Set("66, 0f, 38, 81", ["INVVPID"], [OPT.REG32_64, OPT.MEM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS) # New instructions from Intel December 2011. Set("0f, 01 //d4", ["VMFUNC"], [], IFlag._32BITS) Set("66, 0f, 38, 82", ["INVPCID"], [OPT.REG32_64, OPT.MEM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS) # Can be prefixed with 0x66, see LZCNT. Set("f3, 0f, bc", ["TZCNT"], [OPT.REG_FULL, OPT.RM_FULL], IFlag.MODRM_REQUIRED | IFlag.PRE_OP_SIZE) Set("f3, 0f, ae /0", ["RDFSBASE"], [OPT.REG32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS) Set("f3, 0f, ae /1", ["RDGSBASE"], [OPT.REG32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS) Set("f3, 0f, ae /2", ["WRFSBASE"], [OPT.REG32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS) Set("f3, 0f, ae /3", ["WRGSBASE"], [OPT.REG32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS) # SSE5. Set("0f, 7a, 31", ["CVTPS2PH"], [OPT.XMM64, OPT.XMM], IFlag._32BITS, IFlag._64BITS) Set("0f, 7a, 30", ["CVTPH2PS"], [OPT.XMM, OPT.XMM64], IFlag._32BITS, IFlag._64BITS) def init_SVM(self): Set = lambda *args: self.SetCallback(ISetClass.SVM, *args) Set("0f, 01 //d8", ["VMRUN"], [OPT.REGI_EAX], IFlag.MODRM_REQUIRED | IFlag._32BITS) Set("0f, 01 //d9", ["VMMCALL"], [], IFlag._32BITS) Set("0f, 01 //da", ["VMLOAD"], [OPT.REGI_EAX], IFlag._32BITS) Set("0f, 01 //db", ["VMSAVE"], [OPT.REGI_EAX], IFlag._32BITS) Set("0f, 01 //dc", ["STGI"], [], IFlag._32BITS) Set("0f, 01 //dd", ["CLGI"], [], IFlag._32BITS) Set("0f, 01 //de", ["SKINIT"], [OPT.REGI_EAX], IFlag._32BITS) Set("0f, 01 //df", ["INVLPGA"], [OPT.REGI_EAX, OPT.REGECX], IFlag._32BITS) def init_AVX(self): # Most SSE/SSE2/SSE3/SSSE3/SSE4 instructions have been promoted, and they are all part of the AVX category. # It's easier to keep them separated, also because some of the promoted instructions have different number of operands, etc. Set = lambda *args: self.SetCallback(ISetClass.AVX, *args) SetAes = lambda *args: self.SetCallback(ISetClass.AES, *args) SetClmul = lambda *args: self.SetCallback(ISetClass.CLMUL, *args) Set("66, 0f, 58", ["VADDPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 58", ["VADDPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f2, 0f, 58", ["VADDSD"], [OPT.XMM, OPT.VXMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("f3, 0f, 58", ["VADDSS"], [OPT.XMM, OPT.VXMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, d0", ["VADDSUBPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f2, 0f, d0", ["VADDSUBPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) SetAes("66, 0f, 38, dc", ["AESENC"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) SetAes("66, 0f, 38, dd", ["AESENCLAST"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) SetAes("66, 0f, 38, dc", ["VAESENC"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) SetAes("66, 0f, 38, dd", ["VAESENCLAST"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) SetAes("66, 0f, 38, de", ["AESDEC"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) SetAes("66, 0f, 38, df", ["AESDECLAST"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) SetAes("66, 0f, 38, de", ["VAESDEC"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) SetAes("66, 0f, 38, df", ["VAESDECLAST"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) SetAes("66, 0f, 38, db", ["AESIMC"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS) SetAes("66, 0f, 38, db", ["VAESIMC"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) SetAes("66, 0f, 3a, df", ["AESKEYGENASSIST"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) SetAes("66, 0f, 3a, df", ["VAESKEYGENASSIST"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 54", ["VANDPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 54", ["VANDPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 55", ["VANDNPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 55", ["VANDNPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 3a, 0d", ["VBLENDPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 3a, 0c", ["VBLENDPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 3a, 4b", ["VBLENDVPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256, OPT.YXMM_IMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 3a, 4a", ["VBLENDVPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256, OPT.YXMM_IMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 38, 18", ["VBROADCASTSS"], [OPT.YXMM, OPT.MEM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 38, 19", ["VBROADCASTSD"], [OPT.YMM, OPT.MEM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.FORCE_VEXL) Set("66, 0f, 38, 1a", ["VBROADCASTF128"], [OPT.YMM, OPT.MEM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.FORCE_VEXL) Set("66, 0f, c2", ["VCMP", "PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L | IFlag.PSEUDO_OPCODE) Set("0f, c2", ["VCMP", "PS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L | IFlag.PSEUDO_OPCODE) Set("f2, 0f, c2", ["VCMP", "SD"], [OPT.XMM, OPT.VXMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.PSEUDO_OPCODE) Set("f3, 0f, c2", ["VCMP", "SS"], [OPT.XMM, OPT.VXMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.PSEUDO_OPCODE) Set("66, 0f, 2f", ["VCOMISD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("0f, 2f", ["VCOMISS"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("f3, 0f, e6", ["VCVTDQ2PD"], [OPT.YXMM, OPT.LXMM64_128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 5b", ["VCVTDQ2PS"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f2, 0f, e6", ["VCVTPD2DQ"], [OPT.XMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 5a", ["VCVTPD2PS"], [OPT.XMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 5b", ["VCVTPS2DQ"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 5a", ["VCVTPS2PD"], [OPT.YXMM, OPT.LXMM64_128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f2, 0f, 2d", ["VCVTSD2SI"], [OPT.WREG32_64, OPT.WXMM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W) Set("f2, 0f, 5a", ["VCVTSD2SS"], [OPT.XMM, OPT.VXMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("f2, 0f, 2a", ["VCVTSI2SD"], [OPT.XMM, OPT.VXMM, OPT.WRM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W) Set("f3, 0f, 2a", ["VCVTSI2SS"], [OPT.XMM, OPT.VXMM, OPT.WRM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W) Set("f3, 0f, 5a", ["VCVTSS2SD"], [OPT.XMM, OPT.VXMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("f3, 0f, 2d", ["VCVTSS2SI"], [OPT.WREG32_64, OPT.WXMM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W) Set("66, 0f, e6", ["VCVTTPD2DQ"], [OPT.XMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f3, 0f, 5b", ["VCVTTPS2DQ"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f2, 0f, 2c", ["VCVTTSD2SI"], [OPT.WREG32_64, OPT.WXMM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W) Set("f3, 0f, 2c", ["VCVTTSS2SI"], [OPT.WREG32_64, OPT.WXMM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W) Set("66, 0f, 5e", ["VDIVPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 5e", ["VDIVPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f2, 0f, 5e", ["VDIVSD"], [OPT.XMM, OPT.VXMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("f3, 0f, 5e", ["VDIVSS"], [OPT.XMM, OPT.VXMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 3a, 41", ["VDPPD"], [OPT.XMM, OPT.VXMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 3a, 40", ["VDPPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 3a, 19", ["VEXTRACTF128"], [OPT.XMM128, OPT.YMM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.FORCE_VEXL) Set("66, 0f, 3a, 17", ["VEXTRACTPS"], [OPT.RM32, OPT.XMM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 7c", ["VHADDPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f2, 0f, 7c", ["VHADDPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 7d", ["VHSUBPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f2, 0f, 7d", ["VHSUBPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 3a, 18", ["VINSERTF128"], [OPT.YMM, OPT.VYMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.FORCE_VEXL) Set("66, 0f, 3a, 21", ["VINSERTPS"], [OPT.XMM, OPT.VXMM, OPT.XMM32, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("f2, 0f, f0", ["VLDDQU"], [OPT.YXMM, OPT.LMEM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, ae /02", ["VLDMXCSR"], [OPT.MEM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, f7", ["VMASKMOVDQU"], [OPT.XMM, OPT.XMM_RM], IFlag.MODRM_REQUIRED | IFlag.MODRR_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 2c", ["VMASKMOVPS"], [OPT.YXMM, OPT.VYXMM, OPT.LMEM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 38, 2d", ["VMASKMOVPD"], [OPT.YXMM, OPT.VYXMM, OPT.LMEM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 38, 2e", ["VMASKMOVPS"], [OPT.LMEM128_256, OPT.VYXMM, OPT.YXMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 38, 2f", ["VMASKMOVPD"], [OPT.LMEM128_256, OPT.VYXMM, OPT.YXMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 5f", ["VMAXPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 5f", ["VMAXPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f2, 0f, 5f", ["VMAXSD"], [OPT.XMM, OPT.VXMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("f3, 0f, 5f", ["VMAXSS"], [OPT.XMM, OPT.VXMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 5d", ["VMINPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 5d", ["VMINPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f2, 0f, 5d", ["VMINSD"], [OPT.XMM, OPT.VXMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("f3, 0f, 5d", ["VMINSS"], [OPT.XMM, OPT.VXMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 28", ["VMOVAPD"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 29", ["VMOVAPD"], [OPT.YXMM128_256, OPT.YXMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 28", ["VMOVAPS"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 29", ["VMOVAPS"], [OPT.YXMM128_256, OPT.YXMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 6e", ["VMOVD", "VMOVQ"], [OPT.XMM, OPT.WRM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 7e", ["VMOVD", "VMOVQ"], [OPT.WRM32_64, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.MNEMONIC_VEXW_BASED) Set("f3, 0f, 7e", ["VMOVQ"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, d6", ["VMOVQ"], [OPT.XMM64, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("f2, 0f, 12", ["VMOVDDUP"], [OPT.YXMM, OPT.YXMM64_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 6f", ["VMOVDQA"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 7f", ["VMOVDQA"], [OPT.YXMM128_256, OPT.YXMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f3, 0f, 6f", ["VMOVDQU"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f3, 0f, 7f", ["VMOVDQU"], [OPT.YXMM128_256, OPT.YXMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 12", ["VMOVHLPS", "VMOVLPS"], [OPT.XMM, OPT.VXMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MNEMONIC_MODRM_BASED | IFlag.USE_EXMNEMONIC) Set("66, 0f, 12", ["VMOVLPD"], [OPT.XMM, OPT.VXMM, OPT.MEM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("0f, 13", ["VMOVLPS"], [OPT.MEM64, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 13", ["VMOVLPD"], [OPT.MEM64, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("0f, 16", ["VMOVLHPS", "VMOVHPS"], [OPT.XMM, OPT.VXMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MNEMONIC_MODRM_BASED | IFlag.USE_EXMNEMONIC) Set("66, 0f, 16", ["VMOVHPD"], [OPT.XMM, OPT.VXMM, OPT.MEM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("0f, 17", ["VMOVHPS"], [OPT.MEM64, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 17", ["VMOVHPD"], [OPT.MEM64, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 50", ["VMOVMSKPD"], [OPT.REG32_64, OPT.YXMM], IFlag.MODRM_REQUIRED | IFlag.MODRR_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 50", ["VMOVMSKPS"], [OPT.REG32_64, OPT.YXMM], IFlag.MODRM_REQUIRED | IFlag.MODRR_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, e7", ["VMOVNTDQ"], [OPT.LMEM128_256, OPT.YXMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 38, 2a", ["VMOVNTDQA"], [OPT.XMM, OPT.MEM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 2b", ["VMOVNTPD"], [OPT.LMEM128_256, OPT.YXMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 2b", ["VMOVNTPS"], [OPT.LMEM128_256, OPT.YXMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) # Next two instructions are based on vvvv field. Set("f2, 0f, 10", ["VMOVSD"], [OPT.XMM, OPT.VXMM, OPT.XMM_RM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRM_INCLUDED | IFlag.MODRR_BASED) Set("f2, 0f, 10", ["VMOVSD"], [OPT.XMM, OPT.MEM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRM_INCLUDED | IFlag.MODRR_BASED) # Next two instructions are based on vvvv field. Set("f2, 0f, 11", ["VMOVSD"], [OPT.XMM, OPT.VXMM, OPT.XMM_RM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRM_INCLUDED | IFlag.MODRR_BASED) Set("f2, 0f, 11", ["VMOVSD"], [OPT.MEM64, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRM_INCLUDED | IFlag.MODRR_BASED) Set("f3, 0f, 16", ["VMOVSHDUP"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f3, 0f, 12", ["VMOVSLDUP"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) # Next two instructions are based on vvvv field. Set("f3, 0f, 10", ["VMOVSS"], [OPT.XMM, OPT.VXMM, OPT.XMM_RM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRM_INCLUDED | IFlag.MODRR_BASED) Set("f3, 0f, 10", ["VMOVSS"], [OPT.XMM, OPT.MEM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRM_INCLUDED | IFlag.MODRR_BASED) # Next two instructions are based on vvvv field. Set("f3, 0f, 11", ["VMOVSS"], [OPT.XMM, OPT.VXMM, OPT.XMM_RM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRM_INCLUDED | IFlag.MODRR_BASED) Set("f3, 0f, 11", ["VMOVSS"], [OPT.MEM32, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRM_INCLUDED | IFlag.MODRR_BASED) Set("66, 0f, 10", ["VMOVUPD"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 11", ["VMOVUPD"], [OPT.YXMM128_256, OPT.YXMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 10", ["VMOVUPS"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 11", ["VMOVUPS"], [OPT.YXMM128_256, OPT.YXMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 3a, 42", ["VMPSADBW"], [OPT.XMM, OPT.VXMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 59", ["VMULPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 59", ["VMULPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f2, 0f, 59", ["VMULSD"], [OPT.XMM, OPT.VXMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("f3, 0f, 59", ["VMULSS"], [OPT.XMM, OPT.VXMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 56", ["VORPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 56", ["VORPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 38, 1c", ["VPABSB"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 1d", ["VPABSW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 1e", ["VPABSD"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 63", ["VPACKSSWB"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 6b", ["VPACKSSDW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 67", ["VPACKUSWB"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 2b", ["VPACKUSDW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, fc", ["VPADDB"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, fd", ["VPADDW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, fe", ["VPADDD"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, d4", ["VPADDQ"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, ec", ["VPADDSB"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, ed", ["VPADDSW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, dc", ["VPADDUSW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, dd", ["VPADDUSW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 3a, 0f", ["VPALIGNR"], [OPT.XMM, OPT.VXMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, db", ["VPAND"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, df", ["VPANDN"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, e0", ["VPAVGB"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, e3", ["VPAVGW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 3a, 4c", ["VPBLENDVB"], [OPT.XMM, OPT.VXMM, OPT.XMM128, OPT.XMM_IMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 3a, 0e", ["VPBLENDW"], [OPT.XMM, OPT.VXMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) # This instruction is not prefixed with VEX. SetClmul("66, 0f, 3a, 44", ["PCLMULQDQ"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS) # Next instruction is prefixed with VEX. SetClmul("66, 0f, 3a, 44", ["VPCLMULQDQ"], [OPT.XMM, OPT.VXMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 3a, 61", ["VPCMPESTRI"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 3a, 60", ["VPCMPESTRM"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 3a, 63", ["VPCMPISTRI"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 3a, 62", ["VPCMPISTRM"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 74", ["VPCMPEQB"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 75", ["VPCMPEQW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 76", ["VPCMPEQD"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 29", ["VPCMPEQQ"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 64", ["VPCMPGTB"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 65", ["VPCMPGTW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 66", ["VPCMPGTD"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 37", ["VPCMPGTQ"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 0d", ["VPERMILPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 3a, 05", ["VPERMILPD"], [OPT.YXMM, OPT.YXMM128_256, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 3a, 04", ["VPERMILPS"], [OPT.YXMM, OPT.YXMM128_256, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 38, 0c", ["VPERMILPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 3a, 06", ["VPERM2F128"], [OPT.YMM, OPT.VYMM, OPT.YMM256, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.FORCE_VEXL) Set("66, 0f, 3a, 14", ["VPEXTRB"], [OPT.REG32_64_M8, OPT.XMM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_VEX) Set("66, 0f, c5", ["VPEXTRW"], [OPT.REG32_64, OPT.XMM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_VEX) Set("66, 0f, 3a, 15", ["VPEXTRW"], [OPT.REG32_64_M16, OPT.XMM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_VEX) Set("66, 0f, 3a, 16", ["VPEXTRD", "VPEXTRQ"], [OPT.WRM32_64, OPT.XMM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, 01", ["VPHADDW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 02", ["VPHADDD"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 03", ["VPHADDSW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 41", ["VPHMINPOSUW"], [OPT.XMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 05", ["VPHSUBW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 06", ["VPHSUBD"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 07", ["VPHSUBSW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 3a, 20", ["VPINSRB"], [OPT.XMM, OPT.VXMM, OPT.REG32_64_M8, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, c4", ["VPINSRW"], [OPT.XMM, OPT.VXMM, OPT.R32_M16, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 3a, 22", ["VPINSRD", "VPINSRQ"], [OPT.XMM, OPT.VXMM, OPT.WRM32_64, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, f5", ["VPMADDWD"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 04", ["VPMADDUBSW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 3c", ["VPMAXSB"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, ee", ["VPMAXSW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 3d", ["VPMAXSD"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, de", ["VPMAXUB"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 3e", ["VPMAXUW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 3f", ["VPMAXUD"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 38", ["VPMINSB"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, ea", ["VPMINSW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 39", ["VPMINSD"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, da", ["VPMINUB"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 3a", ["VPMINUW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 3b", ["VPMINUD"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, d7", ["VPMOVMSKB"], [OPT.REG32_64, OPT.XMM], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag._64BITS | IFlag.PRE_VEX | IFlag.MODRR_REQUIRED) Set("66, 0f, 38, 20", ["VPMOVSXBW"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 21", ["VPMOVSXBD"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 22", ["VPMOVSXBQ"], [OPT.XMM, OPT.XMM16], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 23", ["VPMOVSXWD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 24", ["VPMOVSXWQ"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 25", ["VPMOVSXDQ"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 30", ["VPMOVZXBW"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 31", ["VPMOVZXBD"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 32", ["VPMOVZXBQ"], [OPT.XMM, OPT.XMM16], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 33", ["VPMOVZXWD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 34", ["VPMOVZXWQ"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 35", ["VPMOVZXDQ"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, e4", ["VPMULHUW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 0b", ["VPMULHRSW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, e5", ["VPMULHW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, d5", ["VPMULLW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 40", ["VPMULLD"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, f4", ["VPMULUDQ"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 28", ["VPMULDQ"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, eb", ["VPOR"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, f6", ["VPSADBW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 00", ["VPSHUFB"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 70", ["VPSHUFD"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("f3, 0f, 70", ["VPSHUFHW"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("f2, 0f, 70", ["VPSHUFLW"], [OPT.XMM, OPT.XMM128, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 08", ["VPSIGNB"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 09", ["VPSIGNW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 38, 0a", ["VPSIGND"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 73 /07", ["VPSLLDQ"], [OPT.VXMM, OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRR_REQUIRED) Set("66, 0f, 73 /03", ["VPSRLDQ"], [OPT.VXMM, OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRR_REQUIRED) Set("66, 0f, f1", ["VPSLLW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 71 /06", ["VPSLLW"], [OPT.VXMM, OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRR_REQUIRED) Set("66, 0f, f2", ["VPSLLD"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 72 /06", ["VPSLLD"], [OPT.VXMM, OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRR_REQUIRED) Set("66, 0f, f3", ["VPSLLQ"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 73 /06", ["VPSLLQ"], [OPT.VXMM, OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRR_REQUIRED) Set("66, 0f, e1", ["VPSRAW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 71 /04", ["VPSRAW"], [OPT.VXMM, OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRR_REQUIRED) Set("66, 0f, e2", ["VPSRAD"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 72 /04", ["VPSRAD"], [OPT.VXMM, OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRR_REQUIRED) Set("66, 0f, d1", ["VPSRLW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 71 /02", ["VPSRLW"], [OPT.VXMM, OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRR_REQUIRED) Set("66, 0f, d2", ["VPSRLD"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 72 /02", ["VPSRLD"], [OPT.VXMM, OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRR_REQUIRED) Set("66, 0f, d3", ["VPSRLQ"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 73 /02", ["VPSRLQ"], [OPT.VXMM, OPT.XMM_RM, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.MODRR_REQUIRED) Set("66, 0f, 38, 17", ["VPTEST"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 38, 0e", ["VTESTPS"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 38, 0f", ["VTESTPD"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, f8", ["VPSUBB"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, f9", ["VPSUBW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, fa", ["VPSUBD"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, fb", ["VPSUBQ"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, e8", ["VPSUBSB"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, e9", ["VPSUBSW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, d8", ["VPSUBUSB"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, d9", ["VPSUBUSW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 68", ["VPUNPCKHBW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 69", ["VPUNPCKHWD"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 6a", ["VPUNPCKHDQ"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 6d", ["VPUNPCKHQDQ"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 60", ["VPUNPCKLBW"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 61", ["VPUNPCKLWD"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 62", ["VPUNPCKLDQ"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 6c", ["VPUNPCKLQDQ"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, ef", ["VPXOR"], [OPT.XMM, OPT.VXMM, OPT.XMM128], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("0f, 53", ["VRCPPS"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f3, 0f, 53", ["VRCPSS"], [OPT.XMM, OPT.VXMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("0f, 52", ["VRSQRTPS"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f3, 0f, 52", ["VRSQRTSS"], [OPT.XMM, OPT.VXMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 3a, 09", ["VROUNDPD"], [OPT.YXMM, OPT.YXMM128_256, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 3a, 08", ["VROUNDPS"], [OPT.YXMM, OPT.YXMM128_256, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 3a, 0b", ["VROUNDSD"], [OPT.XMM, OPT.VXMM, OPT.XMM64, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 3a, 0a", ["VROUNDSS"], [OPT.XMM, OPT.VXMM, OPT.XMM32, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, c6", ["VSHUFPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, c6", ["VSHUFPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256, OPT.IMM8], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 51", ["VSQRTPD"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 51", ["VSQRTPS"], [OPT.YXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f2, 0f, 51", ["VSQRTSD"], [OPT.XMM, OPT.VXMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("f3, 0f, 51", ["VSQRTSS"], [OPT.XMM, OPT.VXMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("0f, ae /03", ["VSTMXCSR"], [OPT.MEM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 5c", ["VSUBPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 5c", ["VSUBPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("f2, 0f, 5c", ["VSUBSD"], [OPT.XMM, OPT.VXMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("f3, 0f, 5c", ["VSUBSS"], [OPT.XMM, OPT.VXMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 2e", ["VUCOMISD"], [OPT.XMM, OPT.XMM64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("0f, 2e", ["VUCOMISS"], [OPT.XMM, OPT.XMM32], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX) Set("66, 0f, 15", ["VUNPCKHPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 15", ["VUNPCKHPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 14", ["VUNPCKLPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 14", ["VUNPCKLPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("66, 0f, 57", ["VXORPD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 57", ["VXORPS"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L) Set("0f, 77", ["VZEROUPPER", "VZEROALL"], [], IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_L | IFlag.MNEMONIC_VEXL_BASED) def init_FMA(self): Set = lambda *args: self.SetCallback(ISetClass.FMA, *args) Set("66, 0f, 38, 98", ["VFMADD132PS", "VFMADD132PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, a8", ["VFMADD213PS", "VFMADD213PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, b8", ["VFMADD231PS", "VFMADD231PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, 99", ["VFMADD132SS", "VFMADD132SD"], [OPT.XMM, OPT.VXMM, OPT.WXMM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, a9", ["VFMADD213SS", "VFMADD213SD"], [OPT.XMM, OPT.VXMM, OPT.WXMM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, b9", ["VFMADD231SS", "VFMADD231SD"], [OPT.XMM, OPT.VXMM, OPT.WXMM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, 96", ["VFMADDSUB132PS", "VFMADDSUB132PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, a6", ["VFMADDSUB213PS", "VFMADDSUB213PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, b6", ["VFMADDSUB231PS", "VFMADDSUB231PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, 97", ["VFMSUBADD132PS", "VFMSUBADD132PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, a7", ["VFMSUBADD213PS", "VFMSUBADD213PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, b7", ["VFMSUBADD231PS", "VFMSUBADD231PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, 9a", ["VFMSUB132PS", "VFMSUB132PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, aa", ["VFMSUB213PS", "VFMSUB213PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, ba", ["VFMSUB231PS", "VFMSUB231PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, 9b", ["VFMSUB132SS", "VFMSUB132SD"], [OPT.XMM, OPT.VXMM, OPT.WXMM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, ab", ["VFMSUB213SS", "VFMSUB213SD"], [OPT.XMM, OPT.VXMM, OPT.WXMM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, bb", ["VFMSUB231SS", "VFMSUB231SD"], [OPT.XMM, OPT.VXMM, OPT.WXMM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, 9c", ["VFNMADD132PS", "VFNMADD132PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, ac", ["VFNMADD213PS", "VFNMADD213PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, bc", ["VFNMADD231PS", "VFNMADD231PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, 9d", ["VFNMADD132SS", "VFNMADD132SD"], [OPT.XMM, OPT.VXMM, OPT.WXMM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, ad", ["VFNMADD213SS", "VFNMADD213SD"], [OPT.XMM, OPT.VXMM, OPT.WXMM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, bd", ["VFNMADD231SS", "VFNMADD231SD"], [OPT.XMM, OPT.VXMM, OPT.WXMM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, 9e", ["VFNMSUB132PS", "VFNMSUB132PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, ae", ["VFNMSUB213PS", "VFNMSUB213PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, be", ["VFNMSUB231PS", "VFNMSUB231PD"], [OPT.YXMM, OPT.VYXMM, OPT.YXMM128_256], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.VEX_L | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, 9f", ["VFNMSUB132SS", "VFNMSUB132SD"], [OPT.XMM, OPT.VXMM, OPT.WXMM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, af", ["VFNMSUB213SS", "VFNMSUB213SD"], [OPT.XMM, OPT.VXMM, OPT.WXMM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.MNEMONIC_VEXW_BASED) Set("66, 0f, 38, bf", ["VFNMSUB231SS", "VFNMSUB231SD"], [OPT.XMM, OPT.VXMM, OPT.WXMM32_64], IFlag.MODRM_REQUIRED | IFlag._32BITS | IFlag.PRE_VEX | IFlag.VEX_W | IFlag.MNEMONIC_VEXW_BASED) def __init__(self, SetCallback): """ Initializes all instructions-sets using the given callback. The arguments of the callback are as follows: (iset-class, opcode-length, list of bytes of opcode, list of string of mnemonics, list of operands, flags) """ self.SetCallback = SetCallback Set = lambda *args: self.SetCallback(ISetClass.INTEGER, *args) self.init_INTEGER() self.init_Exported() self.init_FPU() self.init_P6() self.init_MMX() self.init_SSE() self.init_SSE2() self.init_SSE3() self.init_SSSE3() self.init_SSE4_1() self.init_SSE4_2() self.init_SSE4_A() self.init_3DNOW() self.init_3DNOWEXT() self.init_VMX() self.init_SVM() self.init_AVX() self.init_FMA() distorm-3.4.1/examples/000077500000000000000000000000001340425302400150135ustar00rootroot00000000000000distorm-3.4.1/examples/cs/000077500000000000000000000000001340425302400154205ustar00rootroot00000000000000distorm-3.4.1/examples/cs/TestdiStorm/000077500000000000000000000000001340425302400177015ustar00rootroot00000000000000distorm-3.4.1/examples/cs/TestdiStorm/Program.cs000066400000000000000000000051321340425302400216400ustar00rootroot00000000000000using System; using System.Reflection; using System.Reflection.Emit; using diStorm; namespace TestdiStorm { public class Program { private static IntPtr LeakNativeMethodPtr(MethodInfo x) { //if ((x.MethodImplementationFlags & MethodImplAttributes.InternalCall) != 0) // Console.WriteLine("{0} is an InternalCall method. These methods always point to the same address.", x.Name); var domain = AppDomain.CurrentDomain; var dynAsm = new AssemblyName("MethodLeakAssembly"); var asmBuilder = domain.DefineDynamicAssembly(dynAsm, AssemblyBuilderAccess.Run); var moduleBuilder = asmBuilder.DefineDynamicModule("MethodLeakModule"); var typeBuilder = moduleBuilder.DefineType("MethodLeaker", TypeAttributes.Public); var p = new Type[0]; var methodBuilder = typeBuilder.DefineMethod("LeakNativeMethodPtr", MethodAttributes.Public | MethodAttributes.Static, typeof(IntPtr), null); var generator = methodBuilder.GetILGenerator(); // Push unmanaged pointer to MethodInfo onto the evaluation stack generator.Emit(OpCodes.Ldftn, x); // Convert the pointer to type - unsigned int64 //generator.Emit(OpCodes.Conv_Ovf_U); generator.Emit(OpCodes.Ret); // Assemble everything var type = typeBuilder.CreateType(); var method = type.GetMethod("LeakNativeMethodPtr"); try { // Call the method and return its JITed address var address = (IntPtr) method.Invoke(null, new object[0]); Console.WriteLine("0x{0}", address.ToString(string.Format("X{0})", IntPtr.Size * 2))); return address; } catch (Exception e) { Console.WriteLine("{0} cannot return an unmanaged address."); } return IntPtr.Zero; } private static unsafe void Main(string[] args) { var buf = new byte[4]; buf[0] = (byte) 0xc3; buf[1] = (byte) 0x33; buf[2] = (byte) 0xc0; buf[3] = (byte) 0xc3; var ci = new CodeInfo((long) 0x1000, buf, DecodeType.Decode32Bits, 0); var dr = new DecodedResult(10); diStorm3.Decode(ci, dr); foreach (var x in dr.Instructions) { var s = String.Format("{0:X} {1} {2}", x.Offset, x.Mnemonic, x.Operands); Console.WriteLine(s); } var dr2 = new DecomposedResult(10); diStorm3.Decompose(ci, dr2); foreach (var y in dr2.Instructions) { if (y.Opcode != Opcode.RET) { var x = diStorm3.Format(ci, y); var s = String.Format("{0:X} {1} {2}", x.Offset, x.Mnemonic, x.Operands); Console.WriteLine(s); } } } } } distorm-3.4.1/examples/cs/TestdiStorm/Properties/000077500000000000000000000000001340425302400220355ustar00rootroot00000000000000distorm-3.4.1/examples/cs/TestdiStorm/Properties/AssemblyInfo.cs000066400000000000000000000025661340425302400247700ustar00rootroot00000000000000using System.Reflection; using System.Runtime.CompilerServices; using System.Runtime.InteropServices; // General Information about an assembly is controlled through the following // set of attributes. Change these attribute values to modify the information // associated with an assembly. [assembly: AssemblyTitle("TestDiStorm")] [assembly: AssemblyDescription("")] [assembly: AssemblyConfiguration("")] [assembly: AssemblyCompany("")] [assembly: AssemblyProduct("TestDiStorm")] [assembly: AssemblyCopyright("Copyright © 2012")] [assembly: AssemblyTrademark("")] [assembly: AssemblyCulture("")] // Setting ComVisible to false makes the types in this assembly not visible // to COM components. If you need to access a type in this assembly from // COM, set the ComVisible attribute to true on that type. [assembly: ComVisible(false)] // The following GUID is for the ID of the typelib if this project is exposed to COM [assembly: Guid("737cf66b-c136-47be-b92d-3f2fefbaf27a")] // Version information for an assembly consists of the following four values: // // Major Version // Minor Version // Build Number // Revision // // You can specify all the values or you can default the Build and Revision Numbers // by using the '*' as shown below: // [assembly: AssemblyVersion("1.0.*")] [assembly: AssemblyVersion("1.0.0.0")] [assembly: AssemblyFileVersion("1.0.0.0")] distorm-3.4.1/examples/cs/TestdiStorm/TestdiStorm.csproj000066400000000000000000000057411340425302400234130ustar00rootroot00000000000000 Debug AnyCPU {2F2F3CBD-F968-47E4-ADEC-D42E42A924AC} Exe Properties TestDiStorm TestDiStorm v4.0 512 x64 true full false bin\Debug\ DEBUG;TRACE prompt 4 true false x64 pdbonly true bin\Release\ TRACE prompt 4 true {137ade63-2489-4235-91c6-6cb664cab63f} distorm-net copy $(SolutionDir)\..\..\distorm3.dll $(TargetDir) distorm-3.4.1/examples/cs/distorm-net.sln000066400000000000000000000026021340425302400204030ustar00rootroot00000000000000 Microsoft Visual Studio Solution File, Format Version 12.00 # Visual Studio 2012 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "distorm-net", "distorm-net\distorm-net.csproj", "{137ADE63-2489-4235-91C6-6CB664CAB63F}" EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "TestdiStorm", "TestDiStorm\TestdiStorm.csproj", "{2F2F3CBD-F968-47E4-ADEC-D42E42A924AC}" EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|Any CPU = Debug|Any CPU Release|Any CPU = Release|Any CPU EndGlobalSection GlobalSection(ProjectConfigurationPlatforms) = postSolution {137ADE63-2489-4235-91C6-6CB664CAB63F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {137ADE63-2489-4235-91C6-6CB664CAB63F}.Debug|Any CPU.Build.0 = Debug|Any CPU {137ADE63-2489-4235-91C6-6CB664CAB63F}.Release|Any CPU.ActiveCfg = Release|Any CPU {137ADE63-2489-4235-91C6-6CB664CAB63F}.Release|Any CPU.Build.0 = Release|Any CPU {2F2F3CBD-F968-47E4-ADEC-D42E42A924AC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {2F2F3CBD-F968-47E4-ADEC-D42E42A924AC}.Debug|Any CPU.Build.0 = Debug|Any CPU {2F2F3CBD-F968-47E4-ADEC-D42E42A924AC}.Release|Any CPU.ActiveCfg = Release|Any CPU {2F2F3CBD-F968-47E4-ADEC-D42E42A924AC}.Release|Any CPU.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE EndGlobalSection EndGlobal distorm-3.4.1/examples/cs/distorm-net/000077500000000000000000000000001340425302400176655ustar00rootroot00000000000000distorm-3.4.1/examples/cs/distorm-net/CodeInfo.cs000066400000000000000000000007561340425302400217120ustar00rootroot00000000000000using System; namespace diStorm { public class CodeInfo { public CodeInfo(long codeOffset, byte[] rawCode, DecodeType dt, int features) { _code = new byte[rawCode.Length]; Array.Copy(rawCode, _code, _code.Length); _codeOffset = codeOffset; _decodeType = dt; _features = features; } internal long _codeOffset; internal long _nextOffset; internal byte[] _code; internal DecodeType _decodeType; internal int _features; } } distorm-3.4.1/examples/cs/distorm-net/DecodedInst.cs000066400000000000000000000005301340425302400223770ustar00rootroot00000000000000using System; namespace diStorm { public class DecodedInst { internal DecodedInst() { } public string Mnemonic { get; internal set; } public string Operands { get; internal set; } public string Hex { get; internal set; } public uint Size { get; internal set; } public IntPtr Offset { get; internal set; } } }distorm-3.4.1/examples/cs/distorm-net/DecodedResult.cs000066400000000000000000000004561340425302400227470ustar00rootroot00000000000000 namespace diStorm { public class DecodedResult { public DecodedResult(int maxInstructions) { MaxInstructions = maxInstructions; Instructions = null; } public DecodedInst[] Instructions { get; internal set; } public int MaxInstructions { get; internal set; } } }distorm-3.4.1/examples/cs/distorm-net/DecomposedInst.cs000066400000000000000000000023531340425302400231370ustar00rootroot00000000000000using System; namespace diStorm { public class DecomposedInst { public class ImmVariant { public ulong Imm { get; internal set; } public int Size { get; internal set; } } public class DispVariant { public ulong Displacement { get; internal set; } public int Size { get; internal set; } } internal int _segment; public IntPtr Address { get; internal set; } public ushort Flags { get; internal set; } public int Size { get; internal set; } public Opcode Opcode { get; internal set; } public int Segment { get { return _segment & 0x7f; } } public bool IsSegmentDefault { get { return (_segment & 0x80) == 0x80; } } public int Base { get; internal set; } public int Scale { get; internal set; } public int UnusedPrefixesMask { get; internal set; } public int Meta { get; internal set; } public int RegistersMask { get; internal set; } public int ModifiedFlagsMask { get; internal set; } public int TestedFlagsMask { get; internal set; } public int UndefinedFlagsMask { get; internal set; } public ImmVariant Imm { get; internal set; } public DispVariant Disp { get; internal set; } public Operand[] Operands { get; internal set; } } }distorm-3.4.1/examples/cs/distorm-net/DecomposedResult.cs000066400000000000000000000004641340425302400235010ustar00rootroot00000000000000namespace diStorm { public class DecomposedResult { public DecomposedResult(int maxInstructions) { MaxInstructions = maxInstructions; Instructions = null; } public DecomposedInst[] Instructions { get; internal set; } public int MaxInstructions { get; private set; } } }distorm-3.4.1/examples/cs/distorm-net/Opcodes.cs000066400000000000000000000515071340425302400216200ustar00rootroot00000000000000 // This file was auto generated from the distrom opcodes.h file // on 2015-01-03 15:05:06.323 namespace diStorm { public enum Opcode : ushort { UNDEFINED = 0, AAA = 66, AAD = 389, AAM = 384, AAS = 76, ADC = 31, ADD = 11, ADDPD = 3110, ADDPS = 3103, ADDSD = 3124, ADDSS = 3117, ADDSUBPD = 6394, ADDSUBPS = 6404, AESDEC = 9209, AESDECLAST = 9226, AESENC = 9167, AESENCLAST = 9184, AESIMC = 9150, AESKEYGENASSIST = 9795, AND = 41, ANDNPD = 3021, ANDNPS = 3013, ANDPD = 2990, ANDPS = 2983, ARPL = 111, BLENDPD = 9372, BLENDPS = 9353, BLENDVPD = 7619, BLENDVPS = 7609, BOUND = 104, BSF = 4346, BSR = 4358, BSWAP = 960, BT = 872, BTC = 934, BTR = 912, BTS = 887, CALL = 456, CALL_FAR = 260, CBW = 228, CDQ = 250, CDQE = 239, CLC = 492, CLD = 512, CLFLUSH = 4329, CLGI = 1833, CLI = 502, CLTS = 541, CMC = 487, CMOVA = 694, CMOVAE = 663, CMOVB = 656, CMOVBE = 686, CMOVG = 754, CMOVGE = 738, CMOVL = 731, CMOVLE = 746, CMOVNO = 648, CMOVNP = 723, CMOVNS = 708, CMOVNZ = 678, CMOVO = 641, CMOVP = 716, CMOVS = 701, CMOVZ = 671, CMP = 71, CMPEQPD = 4449, CMPEQPS = 4370, CMPEQSD = 4607, CMPEQSS = 4528, CMPLEPD = 4467, CMPLEPS = 4388, CMPLESD = 4625, CMPLESS = 4546, CMPLTPD = 4458, CMPLTPS = 4379, CMPLTSD = 4616, CMPLTSS = 4537, CMPNEQPD = 4488, CMPNEQPS = 4409, CMPNEQSD = 4646, CMPNEQSS = 4567, CMPNLEPD = 4508, CMPNLEPS = 4429, CMPNLESD = 4666, CMPNLESS = 4587, CMPNLTPD = 4498, CMPNLTPS = 4419, CMPNLTSD = 4656, CMPNLTSS = 4577, CMPORDPD = 4518, CMPORDPS = 4439, CMPORDSD = 4676, CMPORDSS = 4597, CMPS = 301, CMPUNORDPD = 4476, CMPUNORDPS = 4397, CMPUNORDSD = 4634, CMPUNORDSS = 4555, CMPXCHG = 898, CMPXCHG16B = 6373, CMPXCHG8B = 6362, COMISD = 2779, COMISS = 2771, CPUID = 865, CQO = 255, CRC32 = 9258, CVTDQ2PD = 6787, CVTDQ2PS = 3307, CVTPD2DQ = 6797, CVTPD2PI = 2681, CVTPD2PS = 3233, CVTPH2PS = 4161, CVTPI2PD = 2495, CVTPI2PS = 2485, CVTPS2DQ = 3317, CVTPS2PD = 3223, CVTPS2PH = 4171, CVTPS2PI = 2671, CVTSD2SI = 2701, CVTSD2SS = 3253, CVTSI2SD = 2515, CVTSI2SS = 2505, CVTSS2SD = 3243, CVTSS2SI = 2691, CVTTPD2DQ = 6776, CVTTPD2PI = 2614, CVTTPS2DQ = 3327, CVTTPS2PI = 2603, CVTTSD2SI = 2636, CVTTSS2SI = 2625, CWD = 245, CWDE = 233, DAA = 46, DAS = 56, DEC = 86, DIV = 1630, DIVPD = 3499, DIVPS = 3492, DIVSD = 3513, DIVSS = 3506, DPPD = 9615, DPPS = 9602, EMMS = 4100, ENTER = 340, EXTRACTPS = 9480, EXTRQ = 4136, F2XM1 = 1176, FABS = 1107, FADD = 1007, FADDP = 1533, FBLD = 1585, FBSTP = 1591, FCHS = 1101, FCLEX = 7289, FCMOVB = 1360, FCMOVBE = 1376, FCMOVE = 1368, FCMOVNB = 1429, FCMOVNBE = 1447, FCMOVNE = 1438, FCMOVNU = 1457, FCMOVU = 1385, FCOM = 1019, FCOMI = 1496, FCOMIP = 1607, FCOMP = 1025, FCOMPP = 1547, FCOS = 1295, FDECSTP = 1222, FDIV = 1045, FDIVP = 1578, FDIVR = 1051, FDIVRP = 1570, FEDISI = 1472, FEMMS = 574, FENI = 1466, FFREE = 1511, FIADD = 1301, FICOM = 1315, FICOMP = 1322, FIDIV = 1345, FIDIVR = 1352, FILD = 1402, FIMUL = 1308, FINCSTP = 1231, FINIT = 7304, FIST = 1416, FISTP = 1422, FISTTP = 1408, FISUB = 1330, FISUBR = 1337, FLD = 1058, FLD1 = 1125, FLDCW = 1082, FLDENV = 1074, FLDL2E = 1139, FLDL2T = 1131, FLDLG2 = 1154, FLDLN2 = 1162, FLDPI = 1147, FLDZ = 1170, FMUL = 1013, FMULP = 1540, FNCLEX = 7281, FNINIT = 7296, FNOP = 1095, FNSAVE = 7311, FNSTCW = 7266, FNSTENV = 7249, FNSTSW = 7326, FPATAN = 1197, FPREM = 1240, FPREM1 = 1214, FPTAN = 1190, FRNDINT = 1272, FRSTOR = 1503, FSAVE = 7319, FSCALE = 1281, FSETPM = 1480, FSIN = 1289, FSINCOS = 1263, FSQRT = 1256, FST = 1063, FSTCW = 7274, FSTENV = 7258, FSTP = 1068, FSTSW = 7334, FSUB = 1032, FSUBP = 1563, FSUBR = 1038, FSUBRP = 1555, FTST = 1113, FUCOM = 1518, FUCOMI = 1488, FUCOMIP = 1598, FUCOMP = 1525, FUCOMPP = 1393, FXAM = 1119, FXCH = 1089, FXRSTOR = 9892, FXRSTOR64 = 9901, FXSAVE = 9864, FXSAVE64 = 9872, FXTRACT = 1205, FYL2X = 1183, FYL2XP1 = 1247, GETSEC = 633, HADDPD = 4181, HADDPS = 4189, HLT = 482, HSUBPD = 4215, HSUBPS = 4223, IDIV = 1635, IMUL = 117, IN = 447, INC = 81, INS = 123, INSERTPS = 9547, INSERTQ = 4143, INT = 367, INT_3 = 360, INT1 = 476, INTO = 372, INVD = 555, INVEPT = 8284, INVLPG = 1711, INVLPGA = 1847, INVPCID = 8301, INVVPID = 8292, IRET = 378, JA = 166, JAE = 147, JB = 143, JBE = 161, JCXZ = 427, JECXZ = 433, JG = 202, JGE = 192, JL = 188, JLE = 197, JMP = 462, JMP_FAR = 467, JNO = 138, JNP = 183, JNS = 174, JNZ = 156, JO = 134, JP = 179, JRCXZ = 440, JS = 170, JZ = 152, LAHF = 289, LAR = 522, LDDQU = 6994, LDMXCSR = 9922, LDS = 335, LEA = 223, LEAVE = 347, LES = 330, LFENCE = 4265, LFS = 917, LGDT = 1687, LGS = 922, LIDT = 1693, LLDT = 1652, LMSW = 1705, LODS = 313, LOOP = 421, LOOPNZ = 406, LOOPZ = 414, LSL = 527, LSS = 907, LTR = 1658, LZCNT = 4363, MASKMOVDQU = 7119, MASKMOVQ = 7109, MAXPD = 3559, MAXPS = 3552, MAXSD = 3573, MAXSS = 3566, MFENCE = 4291, MINPD = 3439, MINPS = 3432, MINSD = 3453, MINSS = 3446, MONITOR = 1755, MOV = 218, MOVAPD = 2459, MOVAPS = 2451, MOVBE = 9251, MOVD = 3920, MOVDDUP = 2186, MOVDQ2Q = 6522, MOVDQA = 3946, MOVDQU = 3954, MOVHLPS = 2151, MOVHPD = 2345, MOVHPS = 2337, MOVLHPS = 2328, MOVLPD = 2168, MOVLPS = 2160, MOVMSKPD = 2815, MOVMSKPS = 2805, MOVNTDQ = 6849, MOVNTDQA = 7895, MOVNTI = 952, MOVNTPD = 2556, MOVNTPS = 2547, MOVNTQ = 6841, MOVNTSD = 2574, MOVNTSS = 2565, MOVQ = 3926, MOVQ2DQ = 6513, MOVS = 295, MOVSD = 2110, MOVSHDUP = 2353, MOVSLDUP = 2176, MOVSS = 2103, MOVSX = 939, MOVSXD = 10005, MOVUPD = 2095, MOVUPS = 2087, MOVZX = 927, MPSADBW = 9628, MUL = 1625, MULPD = 3170, MULPS = 3163, MULSD = 3184, MULSS = 3177, MWAIT = 1764, NEG = 1620, NOP = 581, NOT = 1615, OR = 27, ORPD = 3053, ORPS = 3047, OUT = 451, OUTS = 128, PABSB = 7688, PABSD = 7718, PABSW = 7703, PACKSSDW = 3849, PACKSSWB = 3681, PACKUSDW = 7916, PACKUSWB = 3759, PADDB = 7204, PADDD = 7234, PADDQ = 6481, PADDSB = 6930, PADDSW = 6947, PADDUSB = 6620, PADDUSW = 6639, PADDW = 7219, PALIGNR = 9410, PAND = 6607, PANDN = 6665, PAUSE = 10013, PAVGB = 6680, PAVGUSB = 2078, PAVGW = 6725, PBLENDVB = 7599, PBLENDW = 9391, PCLMULQDQ = 9647, PCMPEQB = 4043, PCMPEQD = 4081, PCMPEQQ = 7876, PCMPEQW = 4062, PCMPESTRI = 9726, PCMPESTRM = 9703, PCMPGTB = 3702, PCMPGTD = 3740, PCMPGTQ = 8087, PCMPGTW = 3721, PCMPISTRI = 9772, PCMPISTRM = 9749, PEXTRB = 9429, PEXTRD = 9446, PEXTRQ = 9454, PEXTRW = 6311, PF2ID = 1914, PF2IW = 1907, PFACC = 2028, PFADD = 1977, PFCMPEQ = 2035, PFCMPGE = 1938, PFCMPGT = 1984, PFMAX = 1993, PFMIN = 1947, PFMUL = 2044, PFNACC = 1921, PFPNACC = 1929, PFRCP = 1954, PFRCPIT1 = 2000, PFRCPIT2 = 2051, PFRSQIT1 = 2010, PFRSQRT = 1961, PFSUB = 1970, PFSUBR = 2020, PHADDD = 7375, PHADDSW = 7392, PHADDW = 7358, PHMINPOSUW = 8259, PHSUBD = 7451, PHSUBSW = 7468, PHSUBW = 7434, PI2FD = 1900, PI2FW = 1893, PINSRB = 9530, PINSRD = 9568, PINSRQ = 9576, PINSRW = 6294, PMADDUBSW = 7411, PMADDWD = 7073, PMAXSB = 8174, PMAXSD = 8191, PMAXSW = 6964, PMAXUB = 6648, PMAXUD = 8225, PMAXUW = 8208, PMINSB = 8106, PMINSD = 8123, PMINSW = 6902, PMINUB = 6590, PMINUD = 8157, PMINUW = 8140, PMOVMSKB = 6531, PMOVSXBD = 7754, PMOVSXBQ = 7775, PMOVSXBW = 7733, PMOVSXDQ = 7838, PMOVSXWD = 7796, PMOVSXWQ = 7817, PMOVZXBD = 7982, PMOVZXBQ = 8003, PMOVZXBW = 7961, PMOVZXDQ = 8066, PMOVZXWD = 8024, PMOVZXWQ = 8045, PMULDQ = 7859, PMULHRSW = 7538, PMULHRW = 2061, PMULHUW = 6740, PMULHW = 6759, PMULLD = 8242, PMULLW = 6496, PMULUDQ = 7054, POP = 22, POPA = 98, POPCNT = 4338, POPF = 277, POR = 6919, PREFETCH = 1872, PREFETCHNTA = 2402, PREFETCHT0 = 2415, PREFETCHT1 = 2427, PREFETCHT2 = 2439, PREFETCHW = 1882, PSADBW = 7092, PSHUFB = 7341, PSHUFD = 3988, PSHUFHW = 3996, PSHUFLW = 4005, PSHUFW = 3980, PSIGNB = 7487, PSIGND = 7521, PSIGNW = 7504, PSLLD = 7024, PSLLDQ = 9847, PSLLQ = 7039, PSLLW = 7009, PSRAD = 6710, PSRAW = 6695, PSRLD = 6451, PSRLDQ = 9830, PSRLQ = 6466, PSRLW = 6436, PSUBB = 7144, PSUBD = 7174, PSUBQ = 7189, PSUBSB = 6868, PSUBSW = 6885, PSUBUSB = 6552, PSUBUSW = 6571, PSUBW = 7159, PSWAPD = 2070, PTEST = 7629, PUNPCKHBW = 3780, PUNPCKHDQ = 3826, PUNPCKHQDQ = 3895, PUNPCKHWD = 3803, PUNPCKLBW = 3612, PUNPCKLDQ = 3658, PUNPCKLQDQ = 3870, PUNPCKLWD = 3635, PUSH = 16, PUSHA = 91, PUSHF = 270, PXOR = 6981, RCL = 977, RCPPS = 2953, RCPSS = 2960, RCR = 982, RDFSBASE = 9882, RDGSBASE = 9912, RDMSR = 600, RDPMC = 607, RDRAND = 10026, RDTSC = 593, RDTSCP = 1864, RET = 325, RETF = 354, ROL = 967, ROR = 972, ROUNDPD = 9296, ROUNDPS = 9277, ROUNDSD = 9334, ROUNDSS = 9315, RSM = 882, RSQRTPS = 2915, RSQRTSS = 2924, SAHF = 283, SAL = 997, SALC = 394, SAR = 1002, SBB = 36, SCAS = 319, SETA = 807, SETAE = 780, SETB = 774, SETBE = 800, SETG = 859, SETGE = 845, SETL = 839, SETLE = 852, SETNO = 767, SETNP = 832, SETNS = 819, SETNZ = 793, SETO = 761, SETP = 826, SETS = 813, SETZ = 787, SFENCE = 4321, SGDT = 1675, SHL = 987, SHLD = 876, SHR = 992, SHRD = 892, SHUFPD = 6336, SHUFPS = 6328, SIDT = 1681, SKINIT = 1839, SLDT = 1641, SMSW = 1699, SQRTPD = 2855, SQRTPS = 2847, SQRTSD = 2871, SQRTSS = 2863, STC = 497, STD = 517, STGI = 1827, STI = 507, STMXCSR = 9951, STOS = 307, STR = 1647, SUB = 51, SUBPD = 3379, SUBPS = 3372, SUBSD = 3393, SUBSS = 3386, SWAPGS = 1856, SYSCALL = 532, SYSENTER = 614, SYSEXIT = 624, SYSRET = 547, TEST = 206, TZCNT = 4351, UCOMISD = 2742, UCOMISS = 2733, UD2 = 569, UNPCKHPD = 2296, UNPCKHPS = 2286, UNPCKLPD = 2254, UNPCKLPS = 2244, VADDPD = 3139, VADDPS = 3131, VADDSD = 3155, VADDSS = 3147, VADDSUBPD = 6414, VADDSUBPS = 6425, VAESDEC = 9217, VAESDECLAST = 9238, VAESENC = 9175, VAESENCLAST = 9196, VAESIMC = 9158, VAESKEYGENASSIST = 9812, VANDNPD = 3038, VANDNPS = 3029, VANDPD = 3005, VANDPS = 2997, VBLENDPD = 9381, VBLENDPS = 9362, VBLENDVPD = 9681, VBLENDVPS = 9670, VBROADCASTF128 = 7672, VBROADCASTSD = 7658, VBROADCASTSS = 7644, VCMPEQPD = 5088, VCMPEQPS = 4686, VCMPEQSD = 5892, VCMPEQSS = 5490, VCMPEQ_OSPD = 5269, VCMPEQ_OSPS = 4867, VCMPEQ_OSSD = 6073, VCMPEQ_OSSS = 5671, VCMPEQ_UQPD = 5175, VCMPEQ_UQPS = 4773, VCMPEQ_UQSD = 5979, VCMPEQ_UQSS = 5577, VCMPEQ_USPD = 5378, VCMPEQ_USPS = 4976, VCMPEQ_USSD = 6182, VCMPEQ_USSS = 5780, VCMPFALSEPD = 5210, VCMPFALSEPS = 4808, VCMPFALSESD = 6014, VCMPFALSESS = 5612, VCMPFALSE_OSPD = 5419, VCMPFALSE_OSPS = 5017, VCMPFALSE_OSSD = 6223, VCMPFALSE_OSSS = 5821, VCMPGEPD = 5237, VCMPGEPS = 4835, VCMPGESD = 6041, VCMPGESS = 5639, VCMPGE_OQPD = 5449, VCMPGE_OQPS = 5047, VCMPGE_OQSD = 6253, VCMPGE_OQSS = 5851, VCMPGTPD = 5247, VCMPGTPS = 4845, VCMPGTSD = 6051, VCMPGTSS = 5649, VCMPGT_OQPD = 5462, VCMPGT_OQPS = 5060, VCMPGT_OQSD = 6266, VCMPGT_OQSS = 5864, VCMPLEPD = 5108, VCMPLEPS = 4706, VCMPLESD = 5912, VCMPLESS = 5510, VCMPLE_OQPD = 5295, VCMPLE_OQPS = 4893, VCMPLE_OQSD = 6099, VCMPLE_OQSS = 5697, VCMPLTPD = 5098, VCMPLTPS = 4696, VCMPLTSD = 5902, VCMPLTSS = 5500, VCMPLT_OQPD = 5282, VCMPLT_OQPS = 4880, VCMPLT_OQSD = 6086, VCMPLT_OQSS = 5684, VCMPNEQPD = 5131, VCMPNEQPS = 4729, VCMPNEQSD = 5935, VCMPNEQSS = 5533, VCMPNEQ_OQPD = 5223, VCMPNEQ_OQPS = 4821, VCMPNEQ_OQSD = 6027, VCMPNEQ_OQSS = 5625, VCMPNEQ_OSPD = 5435, VCMPNEQ_OSPS = 5033, VCMPNEQ_OSSD = 6239, VCMPNEQ_OSSS = 5837, VCMPNEQ_USPD = 5323, VCMPNEQ_USPS = 4921, VCMPNEQ_USSD = 6127, VCMPNEQ_USSS = 5725, VCMPNGEPD = 5188, VCMPNGEPS = 4786, VCMPNGESD = 5992, VCMPNGESS = 5590, VCMPNGE_UQPD = 5391, VCMPNGE_UQPS = 4989, VCMPNGE_UQSD = 6195, VCMPNGE_UQSS = 5793, VCMPNGTPD = 5199, VCMPNGTPS = 4797, VCMPNGTSD = 6003, VCMPNGTSS = 5601, VCMPNGT_UQPD = 5405, VCMPNGT_UQPS = 5003, VCMPNGT_UQSD = 6209, VCMPNGT_UQSS = 5807, VCMPNLEPD = 5153, VCMPNLEPS = 4751, VCMPNLESD = 5957, VCMPNLESS = 5555, VCMPNLE_UQPD = 5351, VCMPNLE_UQPS = 4949, VCMPNLE_UQSD = 6155, VCMPNLE_UQSS = 5753, VCMPNLTPD = 5142, VCMPNLTPS = 4740, VCMPNLTSD = 5946, VCMPNLTSS = 5544, VCMPNLT_UQPD = 5337, VCMPNLT_UQPS = 4935, VCMPNLT_UQSD = 6141, VCMPNLT_UQSS = 5739, VCMPORDPD = 5164, VCMPORDPS = 4762, VCMPORDSD = 5968, VCMPORDSS = 5566, VCMPORD_SPD = 5365, VCMPORD_SPS = 4963, VCMPORD_SSD = 6169, VCMPORD_SSS = 5767, VCMPTRUEPD = 5257, VCMPTRUEPS = 4855, VCMPTRUESD = 6061, VCMPTRUESS = 5659, VCMPTRUE_USPD = 5475, VCMPTRUE_USPS = 5073, VCMPTRUE_USSD = 6279, VCMPTRUE_USSS = 5877, VCMPUNORDPD = 5118, VCMPUNORDPS = 4716, VCMPUNORDSD = 5922, VCMPUNORDSS = 5520, VCMPUNORD_SPD = 5308, VCMPUNORD_SPS = 4906, VCMPUNORD_SSD = 6112, VCMPUNORD_SSS = 5710, VCOMISD = 2796, VCOMISS = 2787, VCVTDQ2PD = 6819, VCVTDQ2PS = 3338, VCVTPD2DQ = 6830, VCVTPD2PS = 3274, VCVTPS2DQ = 3349, VCVTPS2PD = 3263, VCVTSD2SI = 2722, VCVTSD2SS = 3296, VCVTSI2SD = 2536, VCVTSI2SS = 2525, VCVTSS2SD = 3285, VCVTSS2SI = 2711, VCVTTPD2DQ = 6807, VCVTTPS2DQ = 3360, VCVTTSD2SI = 2659, VCVTTSS2SI = 2647, VDIVPD = 3528, VDIVPS = 3520, VDIVSD = 3544, VDIVSS = 3536, VDPPD = 9621, VDPPS = 9608, VERR = 1663, VERW = 1669, VEXTRACTF128 = 9516, VEXTRACTPS = 9491, VFMADD132PD = 8387, VFMADD132PS = 8374, VFMADD132SD = 8413, VFMADD132SS = 8400, VFMADD213PD = 8667, VFMADD213PS = 8654, VFMADD213SD = 8693, VFMADD213SS = 8680, VFMADD231PD = 8947, VFMADD231PS = 8934, VFMADD231SD = 8973, VFMADD231SS = 8960, VFMADDSUB132PD = 8326, VFMADDSUB132PS = 8310, VFMADDSUB213PD = 8606, VFMADDSUB213PS = 8590, VFMADDSUB231PD = 8886, VFMADDSUB231PS = 8870, VFMSUB132PD = 8439, VFMSUB132PS = 8426, VFMSUB132SD = 8465, VFMSUB132SS = 8452, VFMSUB213PD = 8719, VFMSUB213PS = 8706, VFMSUB213SD = 8745, VFMSUB213SS = 8732, VFMSUB231PD = 8999, VFMSUB231PS = 8986, VFMSUB231SD = 9025, VFMSUB231SS = 9012, VFMSUBADD132PD = 8358, VFMSUBADD132PS = 8342, VFMSUBADD213PD = 8638, VFMSUBADD213PS = 8622, VFMSUBADD231PD = 8918, VFMSUBADD231PS = 8902, VFNMADD132PD = 8492, VFNMADD132PS = 8478, VFNMADD132SD = 8520, VFNMADD132SS = 8506, VFNMADD213PD = 8772, VFNMADD213PS = 8758, VFNMADD213SD = 8800, VFNMADD213SS = 8786, VFNMADD231PD = 9052, VFNMADD231PS = 9038, VFNMADD231SD = 9080, VFNMADD231SS = 9066, VFNMSUB132PD = 8548, VFNMSUB132PS = 8534, VFNMSUB132SD = 8576, VFNMSUB132SS = 8562, VFNMSUB213PD = 8828, VFNMSUB213PS = 8814, VFNMSUB213SD = 8856, VFNMSUB213SS = 8842, VFNMSUB231PD = 9108, VFNMSUB231PS = 9094, VFNMSUB231SD = 9136, VFNMSUB231SS = 9122, VHADDPD = 4197, VHADDPS = 4206, VHSUBPD = 4231, VHSUBPS = 4240, VINSERTF128 = 9503, VINSERTPS = 9557, VLDDQU = 7001, VLDMXCSR = 9941, VMASKMOVDQU = 7131, VMASKMOVPD = 7949, VMASKMOVPS = 7937, VMAXPD = 3588, VMAXPS = 3580, VMAXSD = 3604, VMAXSS = 3596, VMCALL = 1719, VMCLEAR = 9989, VMFUNC = 1787, VMINPD = 3468, VMINPS = 3460, VMINSD = 3484, VMINSS = 3476, VMLAUNCH = 1727, VMLOAD = 1811, VMMCALL = 1802, VMOVAPD = 2476, VMOVAPS = 2467, VMOVD = 3932, VMOVDDUP = 2234, VMOVDQA = 3962, VMOVDQU = 3971, VMOVHLPS = 2195, VMOVHPD = 2382, VMOVHPS = 2373, VMOVLHPS = 2363, VMOVLPD = 2214, VMOVLPS = 2205, VMOVMSKPD = 2836, VMOVMSKPS = 2825, VMOVNTDQ = 6858, VMOVNTDQA = 7905, VMOVNTPD = 2593, VMOVNTPS = 2583, VMOVQ = 3939, VMOVSD = 2143, VMOVSHDUP = 2391, VMOVSLDUP = 2223, VMOVSS = 2135, VMOVUPD = 2126, VMOVUPS = 2117, VMPSADBW = 9637, VMPTRLD = 9980, VMPTRST = 6385, VMREAD = 4128, VMRESUME = 1737, VMRUN = 1795, VMSAVE = 1819, VMULPD = 3199, VMULPS = 3191, VMULSD = 3215, VMULSS = 3207, VMWRITE = 4152, VMXOFF = 1747, VMXON = 9998, VORPD = 3066, VORPS = 3059, VPABSB = 7695, VPABSD = 7725, VPABSW = 7710, VPACKSSDW = 3859, VPACKSSWB = 3691, VPACKUSDW = 7926, VPACKUSWB = 3769, VPADDB = 7211, VPADDD = 7241, VPADDQ = 6488, VPADDSB = 6938, VPADDSW = 6955, VPADDUSW = 6629, VPADDW = 7226, VPALIGNR = 9419, VPAND = 6613, VPANDN = 6672, VPAVGB = 6687, VPAVGW = 6732, VPBLENDVB = 9692, VPBLENDW = 9400, VPCLMULQDQ = 9658, VPCMPEQB = 4052, VPCMPEQD = 4090, VPCMPEQQ = 7885, VPCMPEQW = 4071, VPCMPESTRI = 9737, VPCMPESTRM = 9714, VPCMPGTB = 3711, VPCMPGTD = 3749, VPCMPGTQ = 8096, VPCMPGTW = 3730, VPCMPISTRI = 9783, VPCMPISTRM = 9760, VPERM2F128 = 9265, VPERMILPD = 7570, VPERMILPS = 7559, VPEXTRB = 9437, VPEXTRD = 9462, VPEXTRQ = 9471, VPEXTRW = 6319, VPHADDD = 7383, VPHADDSW = 7401, VPHADDW = 7366, VPHMINPOSUW = 8271, VPHSUBD = 7459, VPHSUBSW = 7477, VPHSUBW = 7442, VPINSRB = 9538, VPINSRD = 9584, VPINSRQ = 9593, VPINSRW = 6302, VPMADDUBSW = 7422, VPMADDWD = 7082, VPMAXSB = 8182, VPMAXSD = 8199, VPMAXSW = 6972, VPMAXUB = 6656, VPMAXUD = 8233, VPMAXUW = 8216, VPMINSB = 8114, VPMINSD = 8131, VPMINSW = 6910, VPMINUB = 6598, VPMINUD = 8165, VPMINUW = 8148, VPMOVMSKB = 6541, VPMOVSXBD = 7764, VPMOVSXBQ = 7785, VPMOVSXBW = 7743, VPMOVSXDQ = 7848, VPMOVSXWD = 7806, VPMOVSXWQ = 7827, VPMOVZXBD = 7992, VPMOVZXBQ = 8013, VPMOVZXBW = 7971, VPMOVZXDQ = 8076, VPMOVZXWD = 8034, VPMOVZXWQ = 8055, VPMULDQ = 7867, VPMULHRSW = 7548, VPMULHUW = 6749, VPMULHW = 6767, VPMULLD = 8250, VPMULLW = 6504, VPMULUDQ = 7063, VPOR = 6924, VPSADBW = 7100, VPSHUFB = 7349, VPSHUFD = 4014, VPSHUFHW = 4023, VPSHUFLW = 4033, VPSIGNB = 7495, VPSIGND = 7529, VPSIGNW = 7512, VPSLLD = 7031, VPSLLDQ = 9855, VPSLLQ = 7046, VPSLLW = 7016, VPSRAD = 6717, VPSRAW = 6702, VPSRLD = 6458, VPSRLDQ = 9838, VPSRLQ = 6473, VPSRLW = 6443, VPSUBB = 7151, VPSUBD = 7181, VPSUBQ = 7196, VPSUBSB = 6876, VPSUBSW = 6893, VPSUBUSB = 6561, VPSUBUSW = 6580, VPSUBW = 7166, VPTEST = 7636, VPUNPCKHBW = 3791, VPUNPCKHDQ = 3837, VPUNPCKHQDQ = 3907, VPUNPCKHWD = 3814, VPUNPCKLBW = 3623, VPUNPCKLDQ = 3669, VPUNPCKLQDQ = 3882, VPUNPCKLWD = 3646, VPXOR = 6987, VRCPPS = 2967, VRCPSS = 2975, VROUNDPD = 9305, VROUNDPS = 9286, VROUNDSD = 9343, VROUNDSS = 9324, VRSQRTPS = 2933, VRSQRTSS = 2943, VSHUFPD = 6353, VSHUFPS = 6344, VSQRTPD = 2888, VSQRTPS = 2879, VSQRTSD = 2906, VSQRTSS = 2897, VSTMXCSR = 9970, VSUBPD = 3408, VSUBPS = 3400, VSUBSD = 3424, VSUBSS = 3416, VTESTPD = 7590, VTESTPS = 7581, VUCOMISD = 2761, VUCOMISS = 2751, VUNPCKHPD = 2317, VUNPCKHPS = 2306, VUNPCKLPD = 2275, VUNPCKLPS = 2264, VXORPD = 3095, VXORPS = 3087, VZEROALL = 4118, VZEROUPPER = 4106, WAIT = 10020, WBINVD = 561, WRFSBASE = 9931, WRGSBASE = 9960, WRMSR = 586, XADD = 946, XCHG = 212, XGETBV = 1771, XLAT = 400, XOR = 61, XORPD = 3080, XORPS = 3073, XRSTOR = 4273, XRSTOR64 = 4281, XSAVE = 4249, XSAVE64 = 4256, XSAVEOPT = 4299, XSAVEOPT64 = 4309, XSETBV = 1779, _3DNOW = 10034, } public enum Register { R_RAX, R_RCX, R_RDX, R_RBX, R_RSP, R_RBP, R_RSI, R_RDI, R_R8, R_R9, R_R10, R_R11, R_R12, R_R13, R_R14, R_R15, R_EAX, R_ECX, R_EDX, R_EBX, R_ESP, R_EBP, R_ESI, R_EDI, R_R8D, R_R9D, R_R10D, R_R11D, R_R12D, R_R13D, R_R14D, R_R15D, R_AX, R_CX, R_DX, R_BX, R_SP, R_BP, R_SI, R_DI, R_R8W, R_R9W, R_R10W, R_R11W, R_R12W, R_R13W, R_R14W, R_R15W, R_AL, R_CL, R_DL, R_BL, R_AH, R_CH, R_DH, R_BH, R_R8B, R_R9B, R_R10B, R_R11B, R_R12B, R_R13B, R_R14B, R_R15B, R_SPL, R_BPL, R_SIL, R_DIL, R_ES, R_CS, R_SS, R_DS, R_FS, R_GS, R_RIP, R_ST0, R_ST1, R_ST2, R_ST3, R_ST4, R_ST5, R_ST6, R_ST7, R_MM0, R_MM1, R_MM2, R_MM3, R_MM4, R_MM5, R_MM6, R_MM7, R_XMM0, R_XMM1, R_XMM2, R_XMM3, R_XMM4, R_XMM5, R_XMM6, R_XMM7, R_XMM8, R_XMM9, R_XMM10, R_XMM11, R_XMM12, R_XMM13, R_XMM14, R_XMM15, R_YMM0, R_YMM1, R_YMM2, R_YMM3, R_YMM4, R_YMM5, R_YMM6, R_YMM7, R_YMM8, R_YMM9, R_YMM10, R_YMM11, R_YMM12, R_YMM13, R_YMM14, R_YMM15, R_CR0, R_UNUSED0, R_CR2, R_CR3, R_CR4, R_UNUSED1, R_UNUSED2, R_UNUSED3, R_CR8, R_DR0, R_DR1, R_DR2, R_DR3, R_UNUSED4, R_UNUSED5, R_DR6, R_DR7, } } distorm-3.4.1/examples/cs/distorm-net/Opcodes.tt000066400000000000000000000026011340425302400216310ustar00rootroot00000000000000<#@ template debug="true" hostSpecific="true" #> <#@ output extension=".cs" #> <#@ Assembly Name="System.Core" #> <#@ Assembly Name="System.Windows.Forms" #> <#@ import namespace="System" #> <#@ import namespace="System.IO" #> <#@ import namespace="System.Diagnostics" #> <#@ import namespace="System.Linq" #> <#@ import namespace="System.Collections" #> <#@ import namespace="System.Collections.Generic" #> <#@ import namespace="System.Text.RegularExpressions" #> // This file was auto generated from the distrom opcodes.h file // on <#= DateTime.UtcNow.ToString("yyyy-MM-dd HH:mm:ss.FFF") #> <# var mnemonics = File.ReadAllText(Host.ResolvePath(@"..\..\..\include\mnemonics.h")); var instRe = new Regex("typedef enum {(.+)} _InstructionType;", RegexOptions.Singleline); var regRe = new Regex("typedef enum {(.+)} _RegisterType;", RegexOptions.Singleline); var m = instRe.Match(mnemonics); var insts = m.Groups[1].Value.Split(',').Select(x => new { Name = x.Split('=')[0].Trim().Substring(2), Value = x.Split('=')[1].Trim(), }).ToArray(); m = regRe.Match(mnemonics, m.Index + m.Length); var regs = m.Groups[1].Value.Split(',').Select(x => x.Trim()).ToArray(); #> namespace diStorm { public enum Opcode : ushort { <# foreach (var i in insts) { #> <#= i.Name #> = <#= i.Value #>,<# } #> } public enum Register { <# foreach (var r in regs) { #> <#= r #>,<# } #> } } distorm-3.4.1/examples/cs/distorm-net/Operand.cs000066400000000000000000000005071340425302400216060ustar00rootroot00000000000000 namespace diStorm { public enum OperandType : byte { None, Reg, Imm, Imm1, Imm2, Disp, Smem, Mem, Pc, Ptr } public class Operand { public OperandType Type { get; internal set; } public int Index { get; internal set; } public int Size { get; internal set; } } }distorm-3.4.1/examples/cs/distorm-net/Properties/000077500000000000000000000000001340425302400220215ustar00rootroot00000000000000distorm-3.4.1/examples/cs/distorm-net/Properties/AssemblyInfo.cs000066400000000000000000000025661340425302400247540ustar00rootroot00000000000000using System.Reflection; using System.Runtime.CompilerServices; using System.Runtime.InteropServices; // General Information about an assembly is controlled through the following // set of attributes. Change these attribute values to modify the information // associated with an assembly. [assembly: AssemblyTitle("distorm-net")] [assembly: AssemblyDescription("")] [assembly: AssemblyConfiguration("")] [assembly: AssemblyCompany("")] [assembly: AssemblyProduct("distorm-net")] [assembly: AssemblyCopyright("Copyright © 2012")] [assembly: AssemblyTrademark("")] [assembly: AssemblyCulture("")] // Setting ComVisible to false makes the types in this assembly not visible // to COM components. If you need to access a type in this assembly from // COM, set the ComVisible attribute to true on that type. [assembly: ComVisible(false)] // The following GUID is for the ID of the typelib if this project is exposed to COM [assembly: Guid("ddf3403b-11ea-4470-9fb3-03e68ac68fb5")] // Version information for an assembly consists of the following four values: // // Major Version // Minor Version // Build Number // Revision // // You can specify all the values or you can default the Build and Revision Numbers // by using the '*' as shown below: // [assembly: AssemblyVersion("1.0.*")] [assembly: AssemblyVersion("1.0.0.0")] [assembly: AssemblyFileVersion("1.0.0.0")] distorm-3.4.1/examples/cs/distorm-net/diStorm3.cs000066400000000000000000000320371340425302400217250ustar00rootroot00000000000000using System; using System.Runtime.CompilerServices; using System.Runtime.InteropServices; namespace diStorm { public enum DecodeType { Decode16Bits, Decode32Bits, Decode64Bits } public class diStorm3 { [StructLayout(LayoutKind.Sequential, Pack = 8)] public unsafe struct _CodeInfo { internal IntPtr codeOffset; internal IntPtr nextOffset; /* nextOffset is OUT only. */ internal byte* code; internal int codeLen; /* Using signed integer makes it easier to detect an underflow. */ internal DecodeType dt; internal int features; }; public struct _WString { public const int MAX_TEXT_SIZE = 48; public uint length; public unsafe fixed sbyte p[MAX_TEXT_SIZE]; /* p is a null terminated string. */ } [StructLayout(LayoutKind.Sequential, Pack = 8)] public struct _DecodedInst { public _WString mnemonic; /* Mnemonic of decoded instruction, prefixed if required by REP, LOCK etc. */ public _WString operands; /* Operands of the decoded instruction, up to 3 operands, comma-seperated. */ public _WString instructionHex; /* Hex dump - little endian, including prefixes. */ public uint size; /* Size of decoded instruction. */ public IntPtr offset; /* Start offset of the decoded instruction. */ }; /* Used by O_PTR: */ public struct PtrStruct { private ushort seg; /* Can be 16 or 32 bits, size is in ops[n].size. */ private uint off; }; /* Used by O_IMM1 (i1) and O_IMM2 (i2). ENTER instruction only. */ public struct ExStruct { private uint i1; private uint i2; }; [StructLayout(LayoutKind.Explicit)] public struct _Value { /* Used by O_IMM: */ [FieldOffset(0)] public sbyte sbyt; [FieldOffset(0)] public byte byt; [FieldOffset(0)] public short sword; [FieldOffset(0)] public ushort word; [FieldOffset(0)] public int sdword; [FieldOffset(0)] public uint dword; [FieldOffset(0)] public long sqword; /* All immediates are SIGN-EXTENDED to 64 bits! */ [FieldOffset(0)] public ulong qword; /* Used by O_PC: (Use GET_TARGET_ADDR).*/ [FieldOffset(0)] public IntPtr addr; /* It's a relative offset as for now. */ [FieldOffset(0)] public PtrStruct ptr; [FieldOffset(0)] public ExStruct ex; }; public struct _Operand { /* Type of operand: O_NONE: operand is to be ignored. O_REG: index holds global register index. O_IMM: instruction.imm. O_IMM1: instruction.imm.ex.i1. O_IMM2: instruction.imm.ex.i2. O_DISP: memory dereference with displacement only, instruction.disp. O_SMEM: simple memory dereference with optional displacement (a single register memory dereference). O_MEM: complex memory dereference (optional fields: s/i/b/disp). O_PC: the relative address of a branch instruction (instruction.imm.addr). O_PTR: the absolute target address of a far branch instruction (instruction.imm.ptr.seg/off). */ public OperandType type; /* _OperandType */ /* Index of: O_REG: holds global register index O_SMEM: holds the 'base' register. E.G: [ECX], [EBX+0x1234] are both in operand.index. O_MEM: holds the 'index' register. E.G: [EAX*4] is in operand.index. */ public byte index; /* Size of: O_REG: register O_IMM: instruction.imm O_IMM1: instruction.imm.ex.i1 O_IMM2: instruction.imm.ex.i2 O_DISP: instruction.disp O_SMEM: size of indirection. O_MEM: size of indirection. O_PC: size of the relative offset O_PTR: size of instruction.imm.ptr.off (16 or 32) */ public ushort size; }; public struct _DInst { public const int OPERANDS_NO = 4; private const int OPERANDS_SIZE = 4*OPERANDS_NO; /* Used by ops[n].type == O_IMM/O_IMM1&O_IMM2/O_PTR/O_PC. Its size is ops[n].size. */ internal _Value imm; /* Used by ops[n].type == O_SMEM/O_MEM/O_DISP. Its size is dispSize. */ internal ulong disp; /* Virtual address of first byte of instruction. */ internal IntPtr addr; /* General flags of instruction, holds prefixes and more, if FLAG_NOT_DECODABLE, instruction is invalid. */ internal ushort flags; /* Unused prefixes mask, for each bit that is set that prefix is not used (LSB is byte [addr + 0]). */ internal ushort unusedPrefixesMask; /* Mask of registers that were used in the operands, only used for quick look up, in order to know *some* operand uses that register class. */ internal ushort usedRegistersMask; /* ID of opcode in the global opcode table. Use for mnemonic look up. */ internal ushort opcode; /* Up to four operands per instruction, ignored if ops[n].type == O_NONE. */ private unsafe fixed byte ops_storage[OPERANDS_SIZE]; internal unsafe _Operand* ops { get { fixed (byte* p = ops_storage) { return (_Operand*) p; } } } /* Size of the whole instruction. */ internal byte size; /* Segment information of memory indirection, default segment, or overridden one, can be -1. Use SEGMENT macros. */ internal byte segment; /* Used by ops[n].type == O_MEM. Base global register index (might be R_NONE), scale size (2/4/8), ignored for 0 or 1. */ internal byte ibase, scale; internal byte dispSize; /* Meta defines the instruction set class, and the flow control flags. Use META macros. */ internal byte meta; /* The CPU flags that the instruction operates upon. */ internal byte modifiedFlagsMask, testedFlagsMask, undefinedFlagsMask; }; [DllImport("distorm3")] private static extern unsafe void distorm_decompose64(void* codeInfo, void* dinsts, int maxInstructions, int* usedInstructions); [DllImport("distorm3")] private static extern unsafe void distorm_decode64(IntPtr codeOffset, byte* code, int codeLen, DecodeType dt, void *result, uint maxInstructions, uint* usedInstructionsCount); [DllImport("distorm3")] private static extern unsafe void distorm_format64(void* codeInfo, void* dinst, void* output); public static unsafe void* Malloc(int sz) { return Marshal.AllocHGlobal(new IntPtr(sz)).ToPointer(); } private static unsafe void Free(void* mem) { Marshal.FreeHGlobal(new IntPtr(mem)); } private static unsafe _CodeInfo* AcquireCodeInfoStruct(CodeInfo nci, out GCHandle gch) { var ci = (_CodeInfo*) Malloc(sizeof (_CodeInfo)); if (ci == null) throw new OutOfMemoryException(); Memset(ci, 0, sizeof (_CodeInfo)); //memset(ci, 0, sizeof(_CodeInfo)); ci->codeOffset = new IntPtr(nci._codeOffset); gch = GCHandle.Alloc(nci._code, GCHandleType.Pinned); ci->code = (byte*) gch.AddrOfPinnedObject().ToPointer(); ci->codeLen = nci._code.Length; ci->dt = nci._decodeType; ci->features = nci._features; return ci; } private static unsafe DecodedInst CreateDecodedInstObj(_DecodedInst* inst) { return new DecodedInst { Mnemonic = new String(inst->mnemonic.p), Operands = new String(inst->operands.p), Hex = new string(inst->instructionHex.p), Size = inst->size, Offset = inst->offset }; } private static unsafe void Memset(void *p, int v, int sz) { } public static unsafe void Decompose(CodeInfo nci, DecomposedResult ndr) { _CodeInfo* ci = null; _DInst* insts = null; var gch = new GCHandle(); var usedInstructionsCount = 0; try { if ((ci = AcquireCodeInfoStruct(nci, out gch)) == null) throw new OutOfMemoryException(); var maxInstructions = ndr.MaxInstructions; if ((insts = (_DInst*) Malloc(maxInstructions*sizeof (_DInst))) == null) throw new OutOfMemoryException(); distorm_decompose64(ci, insts, maxInstructions, &usedInstructionsCount); var dinsts = new DecomposedInst[usedInstructionsCount]; for (var i = 0; i < usedInstructionsCount; i++) { var di = new DecomposedInst { Address = insts[i].addr, Flags = insts[i].flags, Size = insts[i].size, _segment = insts[i].segment, Base = insts[i].ibase, Scale = insts[i].scale, Opcode = (Opcode) insts[i].opcode, UnusedPrefixesMask = insts[i].unusedPrefixesMask, Meta = insts[i].meta, RegistersMask = insts[i].usedRegistersMask, ModifiedFlagsMask = insts[i].modifiedFlagsMask, TestedFlagsMask = insts[i].testedFlagsMask, UndefinedFlagsMask = insts[i].undefinedFlagsMask }; /* Simple fields: */ /* Immediate variant. */ var immVariant = new DecomposedInst.ImmVariant { Imm = insts[i].imm.qword, Size = 0 }; /* The size of the immediate is in one of the operands, if at all. Look for it below. Zero by default. */ /* Count operands. */ var operandsNo = 0; for (operandsNo = 0; operandsNo < _DInst.OPERANDS_NO; operandsNo++) { if (insts[i].ops[operandsNo].type == OperandType.None) break; } var ops = new Operand[operandsNo]; for (var j = 0; j < operandsNo; j++) { if (insts[i].ops[j].type == OperandType.Imm) { /* Set the size of the immediate operand. */ immVariant.Size = insts[i].ops[j].size; } var op = new Operand { Type = insts[i].ops[j].type, Index = insts[i].ops[j].index, Size = insts[i].ops[j].size }; ops[j] = op; } di.Operands = ops; /* Attach the immediate variant. */ di.Imm = immVariant; /* Displacement variant. */ var disp = new DecomposedInst.DispVariant { Displacement = insts[i].disp, Size = insts[i].dispSize }; di.Disp = disp; dinsts[i] = di; } ndr.Instructions = dinsts; } finally { if (gch.IsAllocated) gch.Free(); if (ci != null) Free(ci); if (insts != null) Free(insts); } } public static unsafe void Decode(CodeInfo nci, DecodedResult dr) { _CodeInfo* ci = null; _DecodedInst* insts = null; var gch = new GCHandle(); uint usedInstructionsCount = 0; try { if ((ci = AcquireCodeInfoStruct(nci, out gch)) == null) throw new OutOfMemoryException(); var maxInstructions = dr.MaxInstructions; if ((insts = (_DecodedInst*) Malloc(maxInstructions*sizeof (_DecodedInst))) == null) throw new OutOfMemoryException(); distorm_decode64(ci->codeOffset, ci->code, ci->codeLen, ci->dt, insts, (uint) maxInstructions, &usedInstructionsCount); var dinsts = new DecodedInst[usedInstructionsCount]; for (var i = 0; i < usedInstructionsCount; i++) dinsts[i] = CreateDecodedInstObj(&insts[i]); dr.Instructions = dinsts; } finally { /* In case of an error, jInsts will get cleaned automatically. */ if (gch.IsAllocated) gch.Free(); if (ci != null) Free(ci); if (insts != null) Free(insts); } } public static unsafe DecodedInst Format(CodeInfo nci, DecomposedInst ndi) { var input = new _DInst(); _CodeInfo *ci = null; var gch = new GCHandle(); DecodedInst di; try { ci = AcquireCodeInfoStruct(nci, out gch); if (ci == null) throw new OutOfMemoryException(); input.addr = ndi.Address; input.flags = ndi.Flags; input.size = (byte) ndi.Size; input.segment = (byte) ndi._segment; input.ibase = (byte) ndi.Base; input.scale = (byte) ndi.Scale; input.opcode = (ushort) ndi.Opcode; /* unusedPrefixesMask is unused indeed, lol. */ input.meta = (byte) ndi.Meta; /* Nor usedRegistersMask. */ int opsCount = ndi.Operands.Length; for (var i = 0; i < opsCount; i++) { var op = ndi.Operands[i]; if (op == null) continue; input.ops[i].index = (byte) op.Index; input.ops[i].type = op.Type; input.ops[i].size = (ushort) op.Size; } if (ndi.Imm != null) input.imm.qword = ndi.Imm.Imm; if (ndi.Disp != null) { input.disp = ndi.Disp.Displacement; input.dispSize = (byte) ndi.Disp.Size; } _DecodedInst output; distorm_format64(ci, &input, &output); di = CreateDecodedInstObj(&output); } finally { if (gch.IsAllocated) gch.Free(); if (ci != null) Free(ci); } return di; } } } distorm-3.4.1/examples/cs/distorm-net/distorm-net.csproj000066400000000000000000000064241340425302400233620ustar00rootroot00000000000000 Debug AnyCPU {137ADE63-2489-4235-91C6-6CB664CAB63F} Library Properties diStorm diStorm v4.0 512 true full false bin\Debug\ DEBUG;TRACE prompt 4 true x64 pdbonly true bin\Release\ TRACE prompt 4 true x64 True True Opcodes.tt TextTemplatingFileGenerator Opcodes.cs distorm-3.4.1/examples/cs/readme000066400000000000000000000002511340425302400165760ustar00rootroot00000000000000This is a .NET Wrapper of the distorm project for seamless decompilation of 32-bit and 64-bit intel binaries. This project is licensed under the GPLv3. By Dan Shechterdistorm-3.4.1/examples/ddk/000077500000000000000000000000001340425302400155555ustar00rootroot00000000000000distorm-3.4.1/examples/ddk/README000066400000000000000000000045431340425302400164430ustar00rootroot00000000000000diStorm3 for Ring 0 Gil Dabah Aug 2010 http://ragestorm.net/distorm/ Tested sample with DDK 7600.16385.1 using WinXPSP2. Steps of how to build the diStorm64 sample using the DDK. Warning - Make sure the path you extracted diStorm to does not include any spaces, otherwise you will get an error from the build. 1) Open the DDK's build environment, for example: "Win XP Free Build Environment", which readies the evnrionment variables for building a driver. Or run the SETENV.BAT in console. 2) Launch "build", once you're in the directory of the /ddkproj. 3) If everything worked smoothly, you should see a new file named "distorm.sys" under objfre_wxp_x86\i386 (that's if you use WinXP and the Free Environment). - If you experienced any errors, try moving the whole distorm directory to c:\winddk\src\ (or any other directory tree which doesn't contain spaces in its name). 4) Now you will have to register the new driver: a. Copy the distorm.sys file to \windows\system32\drivers\. b. Use the DDK's regini.exe with the supplied distorm.ini. c. Restart Windows for the effect to take place. :( **The alternative is to use some tool like KmdManager.exe, which will register the driver without a need for the .ini file, nor a reboot. 5) Now open your favorite debug-strings monitor (mine is DebugView). Make sure you monitor kernel debug-strings. 6) Launching "net start distorm" from command line, will run the DriverEntry code in "main.c", which will disassemble a few instructions from the KeBugcheck routine and dump it using DbgPrint. NOTES: -+---- The sample uses the stack for storing the results from the decode function. If you have too many structures on the stack, you better allocate memory before calling the decode function, and later on free that memory. Don't use the NONPAGED pool if you don't really need it. _OffsetType is the type of the DecodedInstruction.Offset field, which defaults to 64bits, so make sure that when you print this variable you use %I64X, or when you use it anywhere else, you use the _OffsetType as well. Notice that we call directly distorm_decode64, since we SUPPORT_64BIT_OFFSET and because we don't have the macros of distorm.h. diStorm can be really compiled for all IRQL, it doesn't use any resource or the standard C library at all. Although the sample uses diStorm at PASSIVE level. distorm-3.4.1/examples/ddk/distorm.ini000066400000000000000000000006051340425302400177400ustar00rootroot00000000000000\registry\machine\system\currentcontrolset\services\distorm ImagePath = system32\drivers\distorm.sys DisplayName = "distorm" Type = REG_DWORD 0x1 Start = REG_DWORD 0x3 Group = Extended base ErrorControl = REG_DWORD 0x1 \registry\machine\system\currentcontrolset\services\distorm\Parameters BreakOnEntry = REG_DWORD 0x0 DebugMask = REG_DWORD 0x0 LogEvents = REG_DWORD 0x0distorm-3.4.1/examples/ddk/dummy.c000066400000000000000000000006721340425302400170610ustar00rootroot00000000000000// Since the DDK's nmake is limited with directories, we will bypass that with this simple hack. // Thanks to Razvan Hobeanu. // Sep 2009. #include "../src/mnemonics.c" #include "../src/wstring.c" #include "../src/textdefs.c" #include "../src/x86defs.c" #include "../src/prefix.c" #include "../src/operands.c" #include "../src/insts.c" #include "../src/instructions.c" #include "../src/distorm.c" #include "../src/decoder.c" distorm-3.4.1/examples/ddk/main.c000066400000000000000000000056161340425302400166550ustar00rootroot00000000000000/* * main.c * Sample kernel driver to show how diStorm can be easily compiled and used in Ring 0. * * /// Follow the README file in order to compile diStorm using the DDK. \\\ * * Izik, Gil Dabah * Jan 2007 * http://ragestorm.net/distorm/ */ #include #include "../include/distorm.h" #include "dummy.c" // The number of the array of instructions the decoder function will use to return the disassembled instructions. // Play with this value for performance... #define MAX_INSTRUCTIONS (15) void DriverUnload(IN PDRIVER_OBJECT DriverObject) { } NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath) { UNICODE_STRING pFcnName; // Holds the result of the decoding. _DecodeResult res; // Decoded instruction information. _DecodedInst decodedInstructions[MAX_INSTRUCTIONS]; // next is used for instruction's offset synchronization. // decodedInstructionsCount holds the count of filled instructions' array by the decoder. unsigned int decodedInstructionsCount = 0, i, next; // Default decoding mode is 32 bits, could be set by command line. _DecodeType dt = Decode32Bits; // Default offset for buffer is 0, could be set in command line. _OffsetType offset = 0; char* errch = NULL; // Buffer to disassemble. unsigned char *buf; int len = 100; // Register unload routine DriverObject->DriverUnload = DriverUnload; DbgPrint("diStorm Loaded!\n"); // Get address of KeBugCheck RtlInitUnicodeString(&pFcnName, L"KeBugCheck"); buf = (char *)MmGetSystemRoutineAddress(&pFcnName); offset = (unsigned) (_OffsetType)buf; DbgPrint("Resolving KeBugCheck @ 0x%08x\n", buf); // Decode the buffer at given offset (virtual address). while (1) { res = distorm_decode64(offset, (const unsigned char*)buf, len, dt, decodedInstructions, MAX_INSTRUCTIONS, &decodedInstructionsCount); if (res == DECRES_INPUTERR) { DbgPrint(("NULL Buffer?!\n")); break; } for (i = 0; i < decodedInstructionsCount; i++) { // Note that we print the offset as a 64 bits variable!!! // It might be that you'll have to change it to %08X... DbgPrint("%08I64x (%02d) %s %s %s\n", decodedInstructions[i].offset, decodedInstructions[i].size, (char*)decodedInstructions[i].instructionHex.p, (char*)decodedInstructions[i].mnemonic.p, (char*)decodedInstructions[i].operands.p); } if (res == DECRES_SUCCESS || decodedInstructionsCount == 0) { break; // All instructions were decoded. } // Synchronize: next = (unsigned int)(decodedInstructions[decodedInstructionsCount-1].offset - offset); next += decodedInstructions[decodedInstructionsCount-1].size; // Advance ptr and recalc offset. buf += next; len -= next; offset += next; } DbgPrint(("Done!\n")); return STATUS_UNSUCCESSFUL; // Make sure the driver doesn't stay resident, so we can recompile and run again! } distorm-3.4.1/examples/ddk/makefile000066400000000000000000000000421340425302400172510ustar00rootroot00000000000000!INCLUDE $(NTMAKEENV)\makefile.defdistorm-3.4.1/examples/ddk/sources000066400000000000000000000003221340425302400171600ustar00rootroot00000000000000TARGETNAME = distorm TARGETPATH = obj TARGETTYPE = DRIVER C_DEFINES = $(C_DEFINES) -DSUPPORT_64BIT_OFFSET -DLIBDISTORM INCLUDES = %BUILD%\inc;..\src; LIBS = %BUILD%\lib SOURCES = main.c distorm-3.4.1/examples/java/000077500000000000000000000000001340425302400157345ustar00rootroot00000000000000distorm-3.4.1/examples/java/Makefile000066400000000000000000000010741340425302400173760ustar00rootroot00000000000000UNAME_S := $(shell uname -s) ifeq ($(UNAME_S),Darwin) JAVA_HOME=$(shell /usr/libexec/java_home) all: libjdistorm.dylib libjdistorm.dylib: jdistorm.c jdistorm.h gcc -dynamiclib -o libjdistorm.dylib jdistorm.c -I ${JAVA_HOME}/include/ -I ${JAVA_HOME}/include/darwin/ -ldistorm3 endif ifeq ($(UNAME_S),Linux) all: libjdistorm.so jdistorm.o: jdistorm.c jdistorm.h gcc -c jdistorm.c -fPIC -I ${JAVA_HOME}/include -I ${JAVA_HOME}/include/linux libjdistorm.so: jdistorm.o gcc -shared -o libjdistorm.so -L${JAVA_HOME}/jre/lib -ldistorm3 jdistorm.o endif distorm-3.4.1/examples/java/distorm/000077500000000000000000000000001340425302400174155ustar00rootroot00000000000000distorm-3.4.1/examples/java/distorm/.classpath000066400000000000000000000004551340425302400214040ustar00rootroot00000000000000 distorm-3.4.1/examples/java/distorm/.project000066400000000000000000000005771340425302400210750ustar00rootroot00000000000000 distorm org.eclipse.jdt.core.javabuilder org.eclipse.jdt.core.javanature distorm-3.4.1/examples/java/distorm/.settings/000077500000000000000000000000001340425302400213335ustar00rootroot00000000000000distorm-3.4.1/examples/java/distorm/.settings/org.eclipse.jdt.core.prefs000066400000000000000000000011651340425302400263200ustar00rootroot00000000000000#Sun Oct 31 17:27:29 IST 2010 eclipse.preferences.version=1 org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.6 org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve org.eclipse.jdt.core.compiler.compliance=1.6 org.eclipse.jdt.core.compiler.debug.lineNumber=generate org.eclipse.jdt.core.compiler.debug.localVariable=generate org.eclipse.jdt.core.compiler.debug.sourceFile=generate org.eclipse.jdt.core.compiler.problem.assertIdentifier=error org.eclipse.jdt.core.compiler.problem.enumIdentifier=error org.eclipse.jdt.core.compiler.source=1.6 distorm-3.4.1/examples/java/distorm/src/000077500000000000000000000000001340425302400202045ustar00rootroot00000000000000distorm-3.4.1/examples/java/distorm/src/Main.java000066400000000000000000000022011340425302400217260ustar00rootroot00000000000000import java.nio.ByteBuffer; import diStorm3.distorm3.*; import diStorm3.CodeInfo; import diStorm3.DecodedInst; import diStorm3.OpcodeEnum; import diStorm3.distorm3; import diStorm3.DecodedResult; import diStorm3.DecomposedResult; import diStorm3.DecomposedInst; public class Main { public static void main(String[] args) { byte[] buf = new byte[4]; buf[0] = (byte)0xc3; buf[1] = (byte)0x33; buf[2] = (byte)0xc0; buf[3] = (byte)0xc3; CodeInfo ci = new CodeInfo((long)0x1000, buf, DecodeType.Decode32Bits, 0); DecodedResult dr = new DecodedResult(10); distorm3.Decode(ci, dr); for (DecodedInst x : dr.mInstructions) { String s = String.format("%x %s %s", x.getOffset(), x.getMnemonic(), x.getOperands()); System.out.println(s); } DecomposedResult dr2 = new DecomposedResult(10); distorm3.Decompose(ci, dr2); for (DecomposedInst y: dr2.mInstructions) { if (y.getOpcode() != OpcodeEnum.RET) { DecodedInst x = distorm3.Format(ci, y); String s = String.format("%x %s %s", x.getOffset(), x.getMnemonic(), x.getOperands()); System.out.println(s); } } } } distorm-3.4.1/examples/java/distorm/src/diStorm3/000077500000000000000000000000001340425302400217105ustar00rootroot00000000000000distorm-3.4.1/examples/java/distorm/src/diStorm3/CodeInfo.java000066400000000000000000000012431340425302400242410ustar00rootroot00000000000000package diStorm3; import java.nio.ByteBuffer; public class CodeInfo { public CodeInfo(long codeOffset, ByteBuffer code, distorm3.DecodeType dt, int features) { mCodeOffset = codeOffset; mCode = code; mDecodeType = dt.ordinal(); mFeatures = features; } public CodeInfo(long codeOffset, byte[] rawCode, distorm3.DecodeType dt, int features) { mCode = ByteBuffer.allocateDirect(rawCode.length); mCode.put(rawCode); mCodeOffset = codeOffset; mDecodeType = dt.ordinal(); mFeatures = features; } private long mCodeOffset; private long mNextOffset; private ByteBuffer mCode; private int mDecodeType; private int mFeatures; }distorm-3.4.1/examples/java/distorm/src/diStorm3/DecodedInst.java000066400000000000000000000007261340425302400247450ustar00rootroot00000000000000package diStorm3; public class DecodedInst { DecodedInst() { } private String mMnemonic; private String mOperands; private String mHex; private int mSize; private long mOffset; public String getMnemonic() { return mMnemonic; } public String getOperands() { return mOperands; } public String getHex() { return mHex; } public int getSize() { return mSize; } public long getOffset() { return mOffset; } }distorm-3.4.1/examples/java/distorm/src/diStorm3/DecodedResult.java000066400000000000000000000003561340425302400253050ustar00rootroot00000000000000package diStorm3; public class DecodedResult { public DecodedResult(int maxInstructions) { mMaxInstructions = maxInstructions; mInstructions = null; } public DecodedInst[] mInstructions; private int mMaxInstructions; }distorm-3.4.1/examples/java/distorm/src/diStorm3/DecomposedInst.java000066400000000000000000000032621340425302400254760ustar00rootroot00000000000000package diStorm3; import diStorm3.Operand; import diStorm3.Opcodes; public class DecomposedInst { private class ImmVariant { private long mValue; private int mSize; public long getImm() { return mValue; } public int getSize() { return mSize; } } private class DispVariant { private long mDisplacement; private int mSize; public long getDisplacement() { return mDisplacement; } public int getSize() { return mSize; } } private long mAddr; private int mSize; private int mFlags; private int mSegment; private int mBase, mScale; private int mOpcode; public Operand[] mOperands; public DispVariant mDisp; public ImmVariant mImm; private int mUnusedPrefixesMask; private int mMeta; private int mRegistersMask; private int mModifiedFlagsMask; private int mTestedFlagsMask; private int mUndefinedFlagsMask; public long getAddress() { return mAddr; } public int getSize() { return mSize; } public OpcodeEnum getOpcode() { return Opcodes.lookup(mOpcode); } public int getSegment() { return mSegment & 0x7f; } public boolean isSegmentDefault() { return (mSegment & 0x80) == 0x80; } public int getBase() { return mBase; } public int getScale() { return mScale; } public int getUnusedPrefixesMask() { return mUnusedPrefixesMask; } public int getMeta() { return mMeta; } public int getRegistersMask() { return mRegistersMask; } public int getModifiedFlagsMask() { return mModifiedFlagsMask; } public int getTestedFlagsMask() { return mTestedFlagsMask; } public int getUndefinedFlagsMask() { return mUndefinedFlagsMask; } }distorm-3.4.1/examples/java/distorm/src/diStorm3/DecomposedResult.java000066400000000000000000000003671340425302400260420ustar00rootroot00000000000000package diStorm3; public class DecomposedResult { public DecomposedResult(int maxInstructions) { mMaxInstructions = maxInstructions; mInstructions = null; } public DecomposedInst[] mInstructions; private int mMaxInstructions; }distorm-3.4.1/examples/java/distorm/src/diStorm3/OpcodeEnum.java000066400000000000000000000241771340425302400246240ustar00rootroot00000000000000package diStorm3; public enum OpcodeEnum { UNDEFINED, ADD, PUSH, POP, OR, ADC, SBB, AND, DAA, SUB, DAS, XOR, AAA, CMP, AAS, INC, DEC, PUSHA, POPA, BOUND, ARPL, IMUL, INS, OUTS, JO, JNO, JB, JAE, JZ, JNZ, JBE, JA, JS, JNS, JP, JNP, JL, JGE, JLE, JG, TEST, XCHG, MOV, LEA, CBW, CWDE, CDQE, CWD, CDQ, CQO, CALL_FAR, PUSHF, POPF, SAHF, LAHF, MOVS, CMPS, STOS, LODS, SCAS, RET, LES, LDS, ENTER, LEAVE, RETF, INT_3, INT, INTO, IRET, AAM, AAD, SALC, XLAT, LOOPNZ, LOOPZ, LOOP, JCXZ, JECXZ, JRCXZ, IN, OUT, CALL, JMP, JMP_FAR, INT1, HLT, CMC, CLC, STC, CLI, STI, CLD, STD, LAR, LSL, SYSCALL, CLTS, SYSRET, INVD, WBINVD, UD2, FEMMS, NOP, WRMSR, RDTSC, RDMSR, RDPMC, SYSENTER, SYSEXIT, GETSEC, CMOVO, CMOVNO, CMOVB, CMOVAE, CMOVZ, CMOVNZ, CMOVBE, CMOVA, CMOVS, CMOVNS, CMOVP, CMOVNP, CMOVL, CMOVGE, CMOVLE, CMOVG, SETO, SETNO, SETB, SETAE, SETZ, SETNZ, SETBE, SETA, SETS, SETNS, SETP, SETNP, SETL, SETGE, SETLE, SETG, CPUID, BT, SHLD, RSM, BTS, SHRD, CMPXCHG, LSS, BTR, LFS, LGS, MOVZX, BTC, MOVSX, XADD, MOVNTI, BSWAP, ROL, ROR, RCL, RCR, SHL, SHR, SAL, SAR, XABORT, XBEGIN, FADD, FMUL, FCOM, FCOMP, FSUB, FSUBR, FDIV, FDIVR, FLD, FST, FSTP, FLDENV, FLDCW, FXCH, FNOP, FCHS, FABS, FTST, FXAM, FLD1, FLDL2T, FLDL2E, FLDPI, FLDLG2, FLDLN2, FLDZ, F2XM1, FYL2X, FPTAN, FPATAN, FXTRACT, FPREM1, FDECSTP, FINCSTP, FPREM, FYL2XP1, FSQRT, FSINCOS, FRNDINT, FSCALE, FSIN, FCOS, FIADD, FIMUL, FICOM, FICOMP, FISUB, FISUBR, FIDIV, FIDIVR, FCMOVB, FCMOVE, FCMOVBE, FCMOVU, FUCOMPP, FILD, FISTTP, FIST, FISTP, FCMOVNB, FCMOVNE, FCMOVNBE, FCMOVNU, FENI, FEDISI, FSETPM, FUCOMI, FCOMI, FRSTOR, FFREE, FUCOM, FUCOMP, FADDP, FMULP, FCOMPP, FSUBRP, FSUBP, FDIVRP, FDIVP, FBLD, FBSTP, FUCOMIP, FCOMIP, NOT, NEG, MUL, DIV, IDIV, SLDT, STR, LLDT, LTR, VERR, VERW, SGDT, SIDT, LGDT, LIDT, SMSW, LMSW, INVLPG, VMCALL, VMLAUNCH, VMRESUME, VMXOFF, MONITOR, MWAIT, XGETBV, XSETBV, VMFUNC, XEND, VMRUN, VMMCALL, VMLOAD, VMSAVE, STGI, CLGI, SKINIT, INVLPGA, SWAPGS, RDTSCP, PREFETCH, PREFETCHW, PI2FW, PI2FD, PF2IW, PF2ID, PFNACC, PFPNACC, PFCMPGE, PFMIN, PFRCP, PFRSQRT, PFSUB, PFADD, PFCMPGT, PFMAX, PFRCPIT1, PFRSQIT1, PFSUBR, PFACC, PFCMPEQ, PFMUL, PFRCPIT2, PMULHRW, PSWAPD, PAVGUSB, MOVUPS, MOVUPD, MOVSS, MOVSD, VMOVUPS, VMOVUPD, VMOVSS, VMOVSD, MOVHLPS, MOVLPS, MOVLPD, MOVSLDUP, MOVDDUP, VMOVHLPS, VMOVLPS, VMOVLPD, VMOVSLDUP, VMOVDDUP, UNPCKLPS, UNPCKLPD, VUNPCKLPS, VUNPCKLPD, UNPCKHPS, UNPCKHPD, VUNPCKHPS, VUNPCKHPD, MOVLHPS, MOVHPS, MOVHPD, MOVSHDUP, VMOVLHPS, VMOVHPS, VMOVHPD, VMOVSHDUP, PREFETCHNTA, PREFETCHT0, PREFETCHT1, PREFETCHT2, MOVAPS, MOVAPD, VMOVAPS, VMOVAPD, CVTPI2PS, CVTPI2PD, CVTSI2SS, CVTSI2SD, VCVTSI2SS, VCVTSI2SD, MOVNTPS, MOVNTPD, MOVNTSS, MOVNTSD, VMOVNTPS, VMOVNTPD, CVTTPS2PI, CVTTPD2PI, CVTTSS2SI, CVTTSD2SI, VCVTTSS2SI, VCVTTSD2SI, CVTPS2PI, CVTPD2PI, CVTSS2SI, CVTSD2SI, VCVTSS2SI, VCVTSD2SI, UCOMISS, UCOMISD, VUCOMISS, VUCOMISD, COMISS, COMISD, VCOMISS, VCOMISD, MOVMSKPS, MOVMSKPD, VMOVMSKPS, VMOVMSKPD, SQRTPS, SQRTPD, SQRTSS, SQRTSD, VSQRTPS, VSQRTPD, VSQRTSS, VSQRTSD, RSQRTPS, RSQRTSS, VRSQRTPS, VRSQRTSS, RCPPS, RCPSS, VRCPPS, VRCPSS, ANDPS, ANDPD, VANDPS, VANDPD, ANDNPS, ANDNPD, VANDNPS, VANDNPD, ORPS, ORPD, VORPS, VORPD, XORPS, XORPD, VXORPS, VXORPD, ADDPS, ADDPD, ADDSS, ADDSD, VADDPS, VADDPD, VADDSS, VADDSD, MULPS, MULPD, MULSS, MULSD, VMULPS, VMULPD, VMULSS, VMULSD, CVTPS2PD, CVTPD2PS, CVTSS2SD, CVTSD2SS, VCVTPS2PD, VCVTPD2PS, VCVTSS2SD, VCVTSD2SS, CVTDQ2PS, CVTPS2DQ, CVTTPS2DQ, VCVTDQ2PS, VCVTPS2DQ, VCVTTPS2DQ, SUBPS, SUBPD, SUBSS, SUBSD, VSUBPS, VSUBPD, VSUBSS, VSUBSD, MINPS, MINPD, MINSS, MINSD, VMINPS, VMINPD, VMINSS, VMINSD, DIVPS, DIVPD, DIVSS, DIVSD, VDIVPS, VDIVPD, VDIVSS, VDIVSD, MAXPS, MAXPD, MAXSS, MAXSD, VMAXPS, VMAXPD, VMAXSS, VMAXSD, PUNPCKLBW, VPUNPCKLBW, PUNPCKLWD, VPUNPCKLWD, PUNPCKLDQ, VPUNPCKLDQ, PACKSSWB, VPACKSSWB, PCMPGTB, VPCMPGTB, PCMPGTW, VPCMPGTW, PCMPGTD, VPCMPGTD, PACKUSWB, VPACKUSWB, PUNPCKHBW, VPUNPCKHBW, PUNPCKHWD, VPUNPCKHWD, PUNPCKHDQ, VPUNPCKHDQ, PACKSSDW, VPACKSSDW, PUNPCKLQDQ, VPUNPCKLQDQ, PUNPCKHQDQ, VPUNPCKHQDQ, MOVD, MOVQ, VMOVD, VMOVQ, MOVDQA, MOVDQU, VMOVDQA, VMOVDQU, PSHUFW, PSHUFD, PSHUFHW, PSHUFLW, VPSHUFD, VPSHUFHW, VPSHUFLW, PCMPEQB, VPCMPEQB, PCMPEQW, VPCMPEQW, PCMPEQD, VPCMPEQD, EMMS, VZEROUPPER, VZEROALL, VMREAD, EXTRQ, INSERTQ, VMWRITE, CVTPH2PS, CVTPS2PH, HADDPD, HADDPS, VHADDPD, VHADDPS, HSUBPD, HSUBPS, VHSUBPD, VHSUBPS, XSAVE, XSAVE64, LFENCE, XRSTOR, XRSTOR64, MFENCE, XSAVEOPT, XSAVEOPT64, SFENCE, CLFLUSH, POPCNT, BSF, TZCNT, BSR, LZCNT, CMPEQPS, CMPLTPS, CMPLEPS, CMPUNORDPS, CMPNEQPS, CMPNLTPS, CMPNLEPS, CMPORDPS, CMPEQPD, CMPLTPD, CMPLEPD, CMPUNORDPD, CMPNEQPD, CMPNLTPD, CMPNLEPD, CMPORDPD, CMPEQSS, CMPLTSS, CMPLESS, CMPUNORDSS, CMPNEQSS, CMPNLTSS, CMPNLESS, CMPORDSS, CMPEQSD, CMPLTSD, CMPLESD, CMPUNORDSD, CMPNEQSD, CMPNLTSD, CMPNLESD, CMPORDSD, VCMPEQPS, VCMPLTPS, VCMPLEPS, VCMPUNORDPS, VCMPNEQPS, VCMPNLTPS, VCMPNLEPS, VCMPORDPS, VCMPEQ_UQPS, VCMPNGEPS, VCMPNGTPS, VCMPFALSEPS, VCMPNEQ_OQPS, VCMPGEPS, VCMPGTPS, VCMPTRUEPS, VCMPEQ_OSPS, VCMPLT_OQPS, VCMPLE_OQPS, VCMPUNORD_SPS, VCMPNEQ_USPS, VCMPNLT_UQPS, VCMPNLE_UQPS, VCMPORD_SPS, VCMPEQ_USPS, VCMPNGE_UQPS, VCMPNGT_UQPS, VCMPFALSE_OSPS, VCMPNEQ_OSPS, VCMPGE_OQPS, VCMPGT_OQPS, VCMPTRUE_USPS, VCMPEQPD, VCMPLTPD, VCMPLEPD, VCMPUNORDPD, VCMPNEQPD, VCMPNLTPD, VCMPNLEPD, VCMPORDPD, VCMPEQ_UQPD, VCMPNGEPD, VCMPNGTPD, VCMPFALSEPD, VCMPNEQ_OQPD, VCMPGEPD, VCMPGTPD, VCMPTRUEPD, VCMPEQ_OSPD, VCMPLT_OQPD, VCMPLE_OQPD, VCMPUNORD_SPD, VCMPNEQ_USPD, VCMPNLT_UQPD, VCMPNLE_UQPD, VCMPORD_SPD, VCMPEQ_USPD, VCMPNGE_UQPD, VCMPNGT_UQPD, VCMPFALSE_OSPD, VCMPNEQ_OSPD, VCMPGE_OQPD, VCMPGT_OQPD, VCMPTRUE_USPD, VCMPEQSS, VCMPLTSS, VCMPLESS, VCMPUNORDSS, VCMPNEQSS, VCMPNLTSS, VCMPNLESS, VCMPORDSS, VCMPEQ_UQSS, VCMPNGESS, VCMPNGTSS, VCMPFALSESS, VCMPNEQ_OQSS, VCMPGESS, VCMPGTSS, VCMPTRUESS, VCMPEQ_OSSS, VCMPLT_OQSS, VCMPLE_OQSS, VCMPUNORD_SSS, VCMPNEQ_USSS, VCMPNLT_UQSS, VCMPNLE_UQSS, VCMPORD_SSS, VCMPEQ_USSS, VCMPNGE_UQSS, VCMPNGT_UQSS, VCMPFALSE_OSSS, VCMPNEQ_OSSS, VCMPGE_OQSS, VCMPGT_OQSS, VCMPTRUE_USSS, VCMPEQSD, VCMPLTSD, VCMPLESD, VCMPUNORDSD, VCMPNEQSD, VCMPNLTSD, VCMPNLESD, VCMPORDSD, VCMPEQ_UQSD, VCMPNGESD, VCMPNGTSD, VCMPFALSESD, VCMPNEQ_OQSD, VCMPGESD, VCMPGTSD, VCMPTRUESD, VCMPEQ_OSSD, VCMPLT_OQSD, VCMPLE_OQSD, VCMPUNORD_SSD, VCMPNEQ_USSD, VCMPNLT_UQSD, VCMPNLE_UQSD, VCMPORD_SSD, VCMPEQ_USSD, VCMPNGE_UQSD, VCMPNGT_UQSD, VCMPFALSE_OSSD, VCMPNEQ_OSSD, VCMPGE_OQSD, VCMPGT_OQSD, VCMPTRUE_USSD, PINSRW, VPINSRW, PEXTRW, VPEXTRW, SHUFPS, SHUFPD, VSHUFPS, VSHUFPD, CMPXCHG8B, CMPXCHG16B, VMPTRST, ADDSUBPD, ADDSUBPS, VADDSUBPD, VADDSUBPS, PSRLW, VPSRLW, PSRLD, VPSRLD, PSRLQ, VPSRLQ, PADDQ, VPADDQ, PMULLW, VPMULLW, MOVQ2DQ, MOVDQ2Q, PMOVMSKB, VPMOVMSKB, PSUBUSB, VPSUBUSB, PSUBUSW, VPSUBUSW, PMINUB, VPMINUB, PAND, VPAND, PADDUSB, VPADDUSW, PADDUSW, PMAXUB, VPMAXUB, PANDN, VPANDN, PAVGB, VPAVGB, PSRAW, VPSRAW, PSRAD, VPSRAD, PAVGW, VPAVGW, PMULHUW, VPMULHUW, PMULHW, VPMULHW, CVTTPD2DQ, CVTDQ2PD, CVTPD2DQ, VCVTTPD2DQ, VCVTDQ2PD, VCVTPD2DQ, MOVNTQ, MOVNTDQ, VMOVNTDQ, PSUBSB, VPSUBSB, PSUBSW, VPSUBSW, PMINSW, VPMINSW, POR, VPOR, PADDSB, VPADDSB, PADDSW, VPADDSW, PMAXSW, VPMAXSW, PXOR, VPXOR, LDDQU, VLDDQU, PSLLW, VPSLLW, PSLLD, VPSLLD, PSLLQ, VPSLLQ, PMULUDQ, VPMULUDQ, PMADDWD, VPMADDWD, PSADBW, VPSADBW, MASKMOVQ, MASKMOVDQU, VMASKMOVDQU, PSUBB, VPSUBB, PSUBW, VPSUBW, PSUBD, VPSUBD, PSUBQ, VPSUBQ, PADDB, VPADDB, PADDW, VPADDW, PADDD, VPADDD, FNSTENV, FSTENV, FNSTCW, FSTCW, FNCLEX, FCLEX, FNINIT, FINIT, FNSAVE, FSAVE, FNSTSW, FSTSW, PSHUFB, VPSHUFB, PHADDW, VPHADDW, PHADDD, VPHADDD, PHADDSW, VPHADDSW, PMADDUBSW, VPMADDUBSW, PHSUBW, VPHSUBW, PHSUBD, VPHSUBD, PHSUBSW, VPHSUBSW, PSIGNB, VPSIGNB, PSIGNW, VPSIGNW, PSIGND, VPSIGND, PMULHRSW, VPMULHRSW, VPERMILPS, VPERMILPD, VTESTPS, VTESTPD, PBLENDVB, BLENDVPS, BLENDVPD, PTEST, VPTEST, VBROADCASTSS, VBROADCASTSD, VBROADCASTF128, PABSB, VPABSB, PABSW, VPABSW, PABSD, VPABSD, PMOVSXBW, VPMOVSXBW, PMOVSXBD, VPMOVSXBD, PMOVSXBQ, VPMOVSXBQ, PMOVSXWD, VPMOVSXWD, PMOVSXWQ, VPMOVSXWQ, PMOVSXDQ, VPMOVSXDQ, PMULDQ, VPMULDQ, PCMPEQQ, VPCMPEQQ, MOVNTDQA, VMOVNTDQA, PACKUSDW, VPACKUSDW, VMASKMOVPS, VMASKMOVPD, PMOVZXBW, VPMOVZXBW, PMOVZXBD, VPMOVZXBD, PMOVZXBQ, VPMOVZXBQ, PMOVZXWD, VPMOVZXWD, PMOVZXWQ, VPMOVZXWQ, PMOVZXDQ, VPMOVZXDQ, PCMPGTQ, VPCMPGTQ, PMINSB, VPMINSB, PMINSD, VPMINSD, PMINUW, VPMINUW, PMINUD, VPMINUD, PMAXSB, VPMAXSB, PMAXSD, VPMAXSD, PMAXUW, VPMAXUW, PMAXUD, VPMAXUD, PMULLD, VPMULLD, PHMINPOSUW, VPHMINPOSUW, INVEPT, INVVPID, INVPCID, VFMADDSUB132PS, VFMADDSUB132PD, VFMSUBADD132PS, VFMSUBADD132PD, VFMADD132PS, VFMADD132PD, VFMADD132SS, VFMADD132SD, VFMSUB132PS, VFMSUB132PD, VFMSUB132SS, VFMSUB132SD, VFNMADD132PS, VFNMADD132PD, VFNMADD132SS, VFNMADD132SD, VFNMSUB132PS, VFNMSUB132PD, VFNMSUB132SS, VFNMSUB132SD, VFMADDSUB213PS, VFMADDSUB213PD, VFMSUBADD213PS, VFMSUBADD213PD, VFMADD213PS, VFMADD213PD, VFMADD213SS, VFMADD213SD, VFMSUB213PS, VFMSUB213PD, VFMSUB213SS, VFMSUB213SD, VFNMADD213PS, VFNMADD213PD, VFNMADD213SS, VFNMADD213SD, VFNMSUB213PS, VFNMSUB213PD, VFNMSUB213SS, VFNMSUB213SD, VFMADDSUB231PS, VFMADDSUB231PD, VFMSUBADD231PS, VFMSUBADD231PD, VFMADD231PS, VFMADD231PD, VFMADD231SS, VFMADD231SD, VFMSUB231PS, VFMSUB231PD, VFMSUB231SS, VFMSUB231SD, VFNMADD231PS, VFNMADD231PD, VFNMADD231SS, VFNMADD231SD, VFNMSUB231PS, VFNMSUB231PD, VFNMSUB231SS, VFNMSUB231SD, AESIMC, VAESIMC, AESENC, VAESENC, AESENCLAST, VAESENCLAST, AESDEC, VAESDEC, AESDECLAST, VAESDECLAST, MOVBE, CRC32, VPERM2F128, ROUNDPS, VROUNDPS, ROUNDPD, VROUNDPD, ROUNDSS, VROUNDSS, ROUNDSD, VROUNDSD, BLENDPS, VBLENDPS, BLENDPD, VBLENDPD, PBLENDW, VPBLENDW, PALIGNR, VPALIGNR, PEXTRB, VPEXTRB, PEXTRD, PEXTRQ, VPEXTRD, VPEXTRQ, EXTRACTPS, VEXTRACTPS, VINSERTF128, VEXTRACTF128, PINSRB, VPINSRB, INSERTPS, VINSERTPS, PINSRD, PINSRQ, VPINSRD, VPINSRQ, DPPS, VDPPS, DPPD, VDPPD, MPSADBW, VMPSADBW, PCLMULQDQ, VPCLMULQDQ, VBLENDVPS, VBLENDVPD, VPBLENDVB, PCMPESTRM, VPCMPESTRM, PCMPESTRI, VPCMPESTRI, PCMPISTRM, VPCMPISTRM, PCMPISTRI, VPCMPISTRI, AESKEYGENASSIST, VAESKEYGENASSIST, PSRLDQ, VPSRLDQ, PSLLDQ, VPSLLDQ, FXSAVE, FXSAVE64, RDFSBASE, FXRSTOR, FXRSTOR64, RDGSBASE, LDMXCSR, WRFSBASE, VLDMXCSR, STMXCSR, WRGSBASE, VSTMXCSR, VMPTRLD, VMCLEAR, VMXON, MOVSXD, PAUSE, WAIT, RDRAND, _3DNOW }distorm-3.4.1/examples/java/distorm/src/diStorm3/Opcodes.java000066400000000000000000001406511340425302400241560ustar00rootroot00000000000000package diStorm3; import java.util.HashMap; import java.util.Map; public class Opcodes { private static Map mOpcodes; public static OpcodeEnum lookup(int op) { return mOpcodes.get(op); } static { mOpcodes.put(0, OpcodeEnum.UNDEFINED); mOpcodes.put(0xb, OpcodeEnum.ADD); mOpcodes.put(0x10, OpcodeEnum.PUSH); mOpcodes.put(0x16, OpcodeEnum.POP); mOpcodes.put(0x1b, OpcodeEnum.OR); mOpcodes.put(0x1f, OpcodeEnum.ADC); mOpcodes.put(0x24, OpcodeEnum.SBB); mOpcodes.put(0x29, OpcodeEnum.AND); mOpcodes.put(0x2e, OpcodeEnum.DAA); mOpcodes.put(0x33, OpcodeEnum.SUB); mOpcodes.put(0x38, OpcodeEnum.DAS); mOpcodes.put(0x3d, OpcodeEnum.XOR); mOpcodes.put(0x42, OpcodeEnum.AAA); mOpcodes.put(0x47, OpcodeEnum.CMP); mOpcodes.put(0x4c, OpcodeEnum.AAS); mOpcodes.put(0x51, OpcodeEnum.INC); mOpcodes.put(0x56, OpcodeEnum.DEC); mOpcodes.put(0x5b, OpcodeEnum.PUSHA); mOpcodes.put(0x62, OpcodeEnum.POPA); mOpcodes.put(0x68, OpcodeEnum.BOUND); mOpcodes.put(0x6f, OpcodeEnum.ARPL); mOpcodes.put(0x75, OpcodeEnum.IMUL); mOpcodes.put(0x7b, OpcodeEnum.INS); mOpcodes.put(0x80, OpcodeEnum.OUTS); mOpcodes.put(0x86, OpcodeEnum.JO); mOpcodes.put(0x8a, OpcodeEnum.JNO); mOpcodes.put(0x8f, OpcodeEnum.JB); mOpcodes.put(0x93, OpcodeEnum.JAE); mOpcodes.put(0x98, OpcodeEnum.JZ); mOpcodes.put(0x9c, OpcodeEnum.JNZ); mOpcodes.put(0xa1, OpcodeEnum.JBE); mOpcodes.put(0xa6, OpcodeEnum.JA); mOpcodes.put(0xaa, OpcodeEnum.JS); mOpcodes.put(0xae, OpcodeEnum.JNS); mOpcodes.put(0xb3, OpcodeEnum.JP); mOpcodes.put(0xb7, OpcodeEnum.JNP); mOpcodes.put(0xbc, OpcodeEnum.JL); mOpcodes.put(0xc0, OpcodeEnum.JGE); mOpcodes.put(0xc5, OpcodeEnum.JLE); mOpcodes.put(0xca, OpcodeEnum.JG); mOpcodes.put(0xce, OpcodeEnum.TEST); mOpcodes.put(0xd4, OpcodeEnum.XCHG); mOpcodes.put(0xda, OpcodeEnum.MOV); mOpcodes.put(0xdf, OpcodeEnum.LEA); mOpcodes.put(0xe4, OpcodeEnum.CBW); mOpcodes.put(0xe9, OpcodeEnum.CWDE); mOpcodes.put(0xef, OpcodeEnum.CDQE); mOpcodes.put(0xf5, OpcodeEnum.CWD); mOpcodes.put(0xfa, OpcodeEnum.CDQ); mOpcodes.put(0xff, OpcodeEnum.CQO); mOpcodes.put(0x104, OpcodeEnum.CALL_FAR); mOpcodes.put(0x10e, OpcodeEnum.PUSHF); mOpcodes.put(0x115, OpcodeEnum.POPF); mOpcodes.put(0x11b, OpcodeEnum.SAHF); mOpcodes.put(0x121, OpcodeEnum.LAHF); mOpcodes.put(0x127, OpcodeEnum.MOVS); mOpcodes.put(0x12d, OpcodeEnum.CMPS); mOpcodes.put(0x133, OpcodeEnum.STOS); mOpcodes.put(0x139, OpcodeEnum.LODS); mOpcodes.put(0x13f, OpcodeEnum.SCAS); mOpcodes.put(0x145, OpcodeEnum.RET); mOpcodes.put(0x14a, OpcodeEnum.LES); mOpcodes.put(0x14f, OpcodeEnum.LDS); mOpcodes.put(0x154, OpcodeEnum.ENTER); mOpcodes.put(0x15b, OpcodeEnum.LEAVE); mOpcodes.put(0x162, OpcodeEnum.RETF); mOpcodes.put(0x168, OpcodeEnum.INT_3); mOpcodes.put(0x16f, OpcodeEnum.INT); mOpcodes.put(0x174, OpcodeEnum.INTO); mOpcodes.put(0x17a, OpcodeEnum.IRET); mOpcodes.put(0x180, OpcodeEnum.AAM); mOpcodes.put(0x185, OpcodeEnum.AAD); mOpcodes.put(0x18a, OpcodeEnum.SALC); mOpcodes.put(0x190, OpcodeEnum.XLAT); mOpcodes.put(0x196, OpcodeEnum.LOOPNZ); mOpcodes.put(0x19e, OpcodeEnum.LOOPZ); mOpcodes.put(0x1a5, OpcodeEnum.LOOP); mOpcodes.put(0x1ab, OpcodeEnum.JCXZ); mOpcodes.put(0x1b1, OpcodeEnum.JECXZ); mOpcodes.put(0x1b8, OpcodeEnum.JRCXZ); mOpcodes.put(0x1bf, OpcodeEnum.IN); mOpcodes.put(0x1c3, OpcodeEnum.OUT); mOpcodes.put(0x1c8, OpcodeEnum.CALL); mOpcodes.put(0x1ce, OpcodeEnum.JMP); mOpcodes.put(0x1d3, OpcodeEnum.JMP_FAR); mOpcodes.put(0x1dc, OpcodeEnum.INT1); mOpcodes.put(0x1e2, OpcodeEnum.HLT); mOpcodes.put(0x1e7, OpcodeEnum.CMC); mOpcodes.put(0x1ec, OpcodeEnum.CLC); mOpcodes.put(0x1f1, OpcodeEnum.STC); mOpcodes.put(0x1f6, OpcodeEnum.CLI); mOpcodes.put(0x1fb, OpcodeEnum.STI); mOpcodes.put(0x200, OpcodeEnum.CLD); mOpcodes.put(0x205, OpcodeEnum.STD); mOpcodes.put(0x20a, OpcodeEnum.LAR); mOpcodes.put(0x20f, OpcodeEnum.LSL); mOpcodes.put(0x214, OpcodeEnum.SYSCALL); mOpcodes.put(0x21d, OpcodeEnum.CLTS); mOpcodes.put(0x223, OpcodeEnum.SYSRET); mOpcodes.put(0x22b, OpcodeEnum.INVD); mOpcodes.put(0x231, OpcodeEnum.WBINVD); mOpcodes.put(0x239, OpcodeEnum.UD2); mOpcodes.put(0x23e, OpcodeEnum.FEMMS); mOpcodes.put(0x245, OpcodeEnum.NOP); mOpcodes.put(0x24a, OpcodeEnum.WRMSR); mOpcodes.put(0x251, OpcodeEnum.RDTSC); mOpcodes.put(0x258, OpcodeEnum.RDMSR); mOpcodes.put(0x25f, OpcodeEnum.RDPMC); mOpcodes.put(0x266, OpcodeEnum.SYSENTER); mOpcodes.put(0x270, OpcodeEnum.SYSEXIT); mOpcodes.put(0x279, OpcodeEnum.GETSEC); mOpcodes.put(0x281, OpcodeEnum.CMOVO); mOpcodes.put(0x288, OpcodeEnum.CMOVNO); mOpcodes.put(0x290, OpcodeEnum.CMOVB); mOpcodes.put(0x297, OpcodeEnum.CMOVAE); mOpcodes.put(0x29f, OpcodeEnum.CMOVZ); mOpcodes.put(0x2a6, OpcodeEnum.CMOVNZ); mOpcodes.put(0x2ae, OpcodeEnum.CMOVBE); mOpcodes.put(0x2b6, OpcodeEnum.CMOVA); mOpcodes.put(0x2bd, OpcodeEnum.CMOVS); mOpcodes.put(0x2c4, OpcodeEnum.CMOVNS); mOpcodes.put(0x2cc, OpcodeEnum.CMOVP); mOpcodes.put(0x2d3, OpcodeEnum.CMOVNP); mOpcodes.put(0x2db, OpcodeEnum.CMOVL); mOpcodes.put(0x2e2, OpcodeEnum.CMOVGE); mOpcodes.put(0x2ea, OpcodeEnum.CMOVLE); mOpcodes.put(0x2f2, OpcodeEnum.CMOVG); mOpcodes.put(0x2f9, OpcodeEnum.SETO); mOpcodes.put(0x2ff, OpcodeEnum.SETNO); mOpcodes.put(0x306, OpcodeEnum.SETB); mOpcodes.put(0x30c, OpcodeEnum.SETAE); mOpcodes.put(0x313, OpcodeEnum.SETZ); mOpcodes.put(0x319, OpcodeEnum.SETNZ); mOpcodes.put(0x320, OpcodeEnum.SETBE); mOpcodes.put(0x327, OpcodeEnum.SETA); mOpcodes.put(0x32d, OpcodeEnum.SETS); mOpcodes.put(0x333, OpcodeEnum.SETNS); mOpcodes.put(0x33a, OpcodeEnum.SETP); mOpcodes.put(0x340, OpcodeEnum.SETNP); mOpcodes.put(0x347, OpcodeEnum.SETL); mOpcodes.put(0x34d, OpcodeEnum.SETGE); mOpcodes.put(0x354, OpcodeEnum.SETLE); mOpcodes.put(0x35b, OpcodeEnum.SETG); mOpcodes.put(0x361, OpcodeEnum.CPUID); mOpcodes.put(0x368, OpcodeEnum.BT); mOpcodes.put(0x36c, OpcodeEnum.SHLD); mOpcodes.put(0x372, OpcodeEnum.RSM); mOpcodes.put(0x377, OpcodeEnum.BTS); mOpcodes.put(0x37c, OpcodeEnum.SHRD); mOpcodes.put(0x382, OpcodeEnum.CMPXCHG); mOpcodes.put(0x38b, OpcodeEnum.LSS); mOpcodes.put(0x390, OpcodeEnum.BTR); mOpcodes.put(0x395, OpcodeEnum.LFS); mOpcodes.put(0x39a, OpcodeEnum.LGS); mOpcodes.put(0x39f, OpcodeEnum.MOVZX); mOpcodes.put(0x3a6, OpcodeEnum.BTC); mOpcodes.put(0x3ab, OpcodeEnum.MOVSX); mOpcodes.put(0x3b2, OpcodeEnum.XADD); mOpcodes.put(0x3b8, OpcodeEnum.MOVNTI); mOpcodes.put(0x3c0, OpcodeEnum.BSWAP); mOpcodes.put(0x3c7, OpcodeEnum.ROL); mOpcodes.put(0x3cc, OpcodeEnum.ROR); mOpcodes.put(0x3d1, OpcodeEnum.RCL); mOpcodes.put(0x3d6, OpcodeEnum.RCR); mOpcodes.put(0x3db, OpcodeEnum.SHL); mOpcodes.put(0x3e0, OpcodeEnum.SHR); mOpcodes.put(0x3e5, OpcodeEnum.SAL); mOpcodes.put(0x3ea, OpcodeEnum.SAR); mOpcodes.put(0x3ef, OpcodeEnum.XABORT); mOpcodes.put(0x3f7, OpcodeEnum.XBEGIN); mOpcodes.put(0x3ff, OpcodeEnum.FADD); mOpcodes.put(0x405, OpcodeEnum.FMUL); mOpcodes.put(0x40b, OpcodeEnum.FCOM); mOpcodes.put(0x411, OpcodeEnum.FCOMP); mOpcodes.put(0x418, OpcodeEnum.FSUB); mOpcodes.put(0x41e, OpcodeEnum.FSUBR); mOpcodes.put(0x425, OpcodeEnum.FDIV); mOpcodes.put(0x42b, OpcodeEnum.FDIVR); mOpcodes.put(0x432, OpcodeEnum.FLD); mOpcodes.put(0x437, OpcodeEnum.FST); mOpcodes.put(0x43c, OpcodeEnum.FSTP); mOpcodes.put(0x442, OpcodeEnum.FLDENV); mOpcodes.put(0x44a, OpcodeEnum.FLDCW); mOpcodes.put(0x451, OpcodeEnum.FXCH); mOpcodes.put(0x457, OpcodeEnum.FNOP); mOpcodes.put(0x45d, OpcodeEnum.FCHS); mOpcodes.put(0x463, OpcodeEnum.FABS); mOpcodes.put(0x469, OpcodeEnum.FTST); mOpcodes.put(0x46f, OpcodeEnum.FXAM); mOpcodes.put(0x475, OpcodeEnum.FLD1); mOpcodes.put(0x47b, OpcodeEnum.FLDL2T); mOpcodes.put(0x483, OpcodeEnum.FLDL2E); mOpcodes.put(0x48b, OpcodeEnum.FLDPI); mOpcodes.put(0x492, OpcodeEnum.FLDLG2); mOpcodes.put(0x49a, OpcodeEnum.FLDLN2); mOpcodes.put(0x4a2, OpcodeEnum.FLDZ); mOpcodes.put(0x4a8, OpcodeEnum.F2XM1); mOpcodes.put(0x4af, OpcodeEnum.FYL2X); mOpcodes.put(0x4b6, OpcodeEnum.FPTAN); mOpcodes.put(0x4bd, OpcodeEnum.FPATAN); mOpcodes.put(0x4c5, OpcodeEnum.FXTRACT); mOpcodes.put(0x4ce, OpcodeEnum.FPREM1); mOpcodes.put(0x4d6, OpcodeEnum.FDECSTP); mOpcodes.put(0x4df, OpcodeEnum.FINCSTP); mOpcodes.put(0x4e8, OpcodeEnum.FPREM); mOpcodes.put(0x4ef, OpcodeEnum.FYL2XP1); mOpcodes.put(0x4f8, OpcodeEnum.FSQRT); mOpcodes.put(0x4ff, OpcodeEnum.FSINCOS); mOpcodes.put(0x508, OpcodeEnum.FRNDINT); mOpcodes.put(0x511, OpcodeEnum.FSCALE); mOpcodes.put(0x519, OpcodeEnum.FSIN); mOpcodes.put(0x51f, OpcodeEnum.FCOS); mOpcodes.put(0x525, OpcodeEnum.FIADD); mOpcodes.put(0x52c, OpcodeEnum.FIMUL); mOpcodes.put(0x533, OpcodeEnum.FICOM); mOpcodes.put(0x53a, OpcodeEnum.FICOMP); mOpcodes.put(0x542, OpcodeEnum.FISUB); mOpcodes.put(0x549, OpcodeEnum.FISUBR); mOpcodes.put(0x551, OpcodeEnum.FIDIV); mOpcodes.put(0x558, OpcodeEnum.FIDIVR); mOpcodes.put(0x560, OpcodeEnum.FCMOVB); mOpcodes.put(0x568, OpcodeEnum.FCMOVE); mOpcodes.put(0x570, OpcodeEnum.FCMOVBE); mOpcodes.put(0x579, OpcodeEnum.FCMOVU); mOpcodes.put(0x581, OpcodeEnum.FUCOMPP); mOpcodes.put(0x58a, OpcodeEnum.FILD); mOpcodes.put(0x590, OpcodeEnum.FISTTP); mOpcodes.put(0x598, OpcodeEnum.FIST); mOpcodes.put(0x59e, OpcodeEnum.FISTP); mOpcodes.put(0x5a5, OpcodeEnum.FCMOVNB); mOpcodes.put(0x5ae, OpcodeEnum.FCMOVNE); mOpcodes.put(0x5b7, OpcodeEnum.FCMOVNBE); mOpcodes.put(0x5c1, OpcodeEnum.FCMOVNU); mOpcodes.put(0x5ca, OpcodeEnum.FENI); mOpcodes.put(0x5d0, OpcodeEnum.FEDISI); mOpcodes.put(0x5d8, OpcodeEnum.FSETPM); mOpcodes.put(0x5e0, OpcodeEnum.FUCOMI); mOpcodes.put(0x5e8, OpcodeEnum.FCOMI); mOpcodes.put(0x5ef, OpcodeEnum.FRSTOR); mOpcodes.put(0x5f7, OpcodeEnum.FFREE); mOpcodes.put(0x5fe, OpcodeEnum.FUCOM); mOpcodes.put(0x605, OpcodeEnum.FUCOMP); mOpcodes.put(0x60d, OpcodeEnum.FADDP); mOpcodes.put(0x614, OpcodeEnum.FMULP); mOpcodes.put(0x61b, OpcodeEnum.FCOMPP); mOpcodes.put(0x623, OpcodeEnum.FSUBRP); mOpcodes.put(0x62b, OpcodeEnum.FSUBP); mOpcodes.put(0x632, OpcodeEnum.FDIVRP); mOpcodes.put(0x63a, OpcodeEnum.FDIVP); mOpcodes.put(0x641, OpcodeEnum.FBLD); mOpcodes.put(0x647, OpcodeEnum.FBSTP); mOpcodes.put(0x64e, OpcodeEnum.FUCOMIP); mOpcodes.put(0x657, OpcodeEnum.FCOMIP); mOpcodes.put(0x65f, OpcodeEnum.NOT); mOpcodes.put(0x664, OpcodeEnum.NEG); mOpcodes.put(0x669, OpcodeEnum.MUL); mOpcodes.put(0x66e, OpcodeEnum.DIV); mOpcodes.put(0x673, OpcodeEnum.IDIV); mOpcodes.put(0x679, OpcodeEnum.SLDT); mOpcodes.put(0x67f, OpcodeEnum.STR); mOpcodes.put(0x684, OpcodeEnum.LLDT); mOpcodes.put(0x68a, OpcodeEnum.LTR); mOpcodes.put(0x68f, OpcodeEnum.VERR); mOpcodes.put(0x695, OpcodeEnum.VERW); mOpcodes.put(0x69b, OpcodeEnum.SGDT); mOpcodes.put(0x6a1, OpcodeEnum.SIDT); mOpcodes.put(0x6a7, OpcodeEnum.LGDT); mOpcodes.put(0x6ad, OpcodeEnum.LIDT); mOpcodes.put(0x6b3, OpcodeEnum.SMSW); mOpcodes.put(0x6b9, OpcodeEnum.LMSW); mOpcodes.put(0x6bf, OpcodeEnum.INVLPG); mOpcodes.put(0x6c7, OpcodeEnum.VMCALL); mOpcodes.put(0x6cf, OpcodeEnum.VMLAUNCH); mOpcodes.put(0x6d9, OpcodeEnum.VMRESUME); mOpcodes.put(0x6e3, OpcodeEnum.VMXOFF); mOpcodes.put(0x6eb, OpcodeEnum.MONITOR); mOpcodes.put(0x6f4, OpcodeEnum.MWAIT); mOpcodes.put(0x6fb, OpcodeEnum.XGETBV); mOpcodes.put(0x703, OpcodeEnum.XSETBV); mOpcodes.put(0x70b, OpcodeEnum.VMFUNC); mOpcodes.put(0x713, OpcodeEnum.XEND); mOpcodes.put(0x719, OpcodeEnum.VMRUN); mOpcodes.put(0x720, OpcodeEnum.VMMCALL); mOpcodes.put(0x729, OpcodeEnum.VMLOAD); mOpcodes.put(0x731, OpcodeEnum.VMSAVE); mOpcodes.put(0x739, OpcodeEnum.STGI); mOpcodes.put(0x73f, OpcodeEnum.CLGI); mOpcodes.put(0x745, OpcodeEnum.SKINIT); mOpcodes.put(0x74d, OpcodeEnum.INVLPGA); mOpcodes.put(0x756, OpcodeEnum.SWAPGS); mOpcodes.put(0x75e, OpcodeEnum.RDTSCP); mOpcodes.put(0x766, OpcodeEnum.PREFETCH); mOpcodes.put(0x770, OpcodeEnum.PREFETCHW); mOpcodes.put(0x77b, OpcodeEnum.PI2FW); mOpcodes.put(0x782, OpcodeEnum.PI2FD); mOpcodes.put(0x789, OpcodeEnum.PF2IW); mOpcodes.put(0x790, OpcodeEnum.PF2ID); mOpcodes.put(0x797, OpcodeEnum.PFNACC); mOpcodes.put(0x79f, OpcodeEnum.PFPNACC); mOpcodes.put(0x7a8, OpcodeEnum.PFCMPGE); mOpcodes.put(0x7b1, OpcodeEnum.PFMIN); mOpcodes.put(0x7b8, OpcodeEnum.PFRCP); mOpcodes.put(0x7bf, OpcodeEnum.PFRSQRT); mOpcodes.put(0x7c8, OpcodeEnum.PFSUB); mOpcodes.put(0x7cf, OpcodeEnum.PFADD); mOpcodes.put(0x7d6, OpcodeEnum.PFCMPGT); mOpcodes.put(0x7df, OpcodeEnum.PFMAX); mOpcodes.put(0x7e6, OpcodeEnum.PFRCPIT1); mOpcodes.put(0x7f0, OpcodeEnum.PFRSQIT1); mOpcodes.put(0x7fa, OpcodeEnum.PFSUBR); mOpcodes.put(0x802, OpcodeEnum.PFACC); mOpcodes.put(0x809, OpcodeEnum.PFCMPEQ); mOpcodes.put(0x812, OpcodeEnum.PFMUL); mOpcodes.put(0x819, OpcodeEnum.PFRCPIT2); mOpcodes.put(0x823, OpcodeEnum.PMULHRW); mOpcodes.put(0x82c, OpcodeEnum.PSWAPD); mOpcodes.put(0x834, OpcodeEnum.PAVGUSB); mOpcodes.put(0x83d, OpcodeEnum.MOVUPS); mOpcodes.put(0x845, OpcodeEnum.MOVUPD); mOpcodes.put(0x84d, OpcodeEnum.MOVSS); mOpcodes.put(0x854, OpcodeEnum.MOVSD); mOpcodes.put(0x85b, OpcodeEnum.VMOVUPS); mOpcodes.put(0x864, OpcodeEnum.VMOVUPD); mOpcodes.put(0x86d, OpcodeEnum.VMOVSS); mOpcodes.put(0x875, OpcodeEnum.VMOVSD); mOpcodes.put(0x87d, OpcodeEnum.MOVHLPS); mOpcodes.put(0x886, OpcodeEnum.MOVLPS); mOpcodes.put(0x88e, OpcodeEnum.MOVLPD); mOpcodes.put(0x896, OpcodeEnum.MOVSLDUP); mOpcodes.put(0x8a0, OpcodeEnum.MOVDDUP); mOpcodes.put(0x8a9, OpcodeEnum.VMOVHLPS); mOpcodes.put(0x8b3, OpcodeEnum.VMOVLPS); mOpcodes.put(0x8bc, OpcodeEnum.VMOVLPD); mOpcodes.put(0x8c5, OpcodeEnum.VMOVSLDUP); mOpcodes.put(0x8d0, OpcodeEnum.VMOVDDUP); mOpcodes.put(0x8da, OpcodeEnum.UNPCKLPS); mOpcodes.put(0x8e4, OpcodeEnum.UNPCKLPD); mOpcodes.put(0x8ee, OpcodeEnum.VUNPCKLPS); mOpcodes.put(0x8f9, OpcodeEnum.VUNPCKLPD); mOpcodes.put(0x904, OpcodeEnum.UNPCKHPS); mOpcodes.put(0x90e, OpcodeEnum.UNPCKHPD); mOpcodes.put(0x918, OpcodeEnum.VUNPCKHPS); mOpcodes.put(0x923, OpcodeEnum.VUNPCKHPD); mOpcodes.put(0x92e, OpcodeEnum.MOVLHPS); mOpcodes.put(0x937, OpcodeEnum.MOVHPS); mOpcodes.put(0x93f, OpcodeEnum.MOVHPD); mOpcodes.put(0x947, OpcodeEnum.MOVSHDUP); mOpcodes.put(0x951, OpcodeEnum.VMOVLHPS); mOpcodes.put(0x95b, OpcodeEnum.VMOVHPS); mOpcodes.put(0x964, OpcodeEnum.VMOVHPD); mOpcodes.put(0x96d, OpcodeEnum.VMOVSHDUP); mOpcodes.put(0x978, OpcodeEnum.PREFETCHNTA); mOpcodes.put(0x985, OpcodeEnum.PREFETCHT0); mOpcodes.put(0x991, OpcodeEnum.PREFETCHT1); mOpcodes.put(0x99d, OpcodeEnum.PREFETCHT2); mOpcodes.put(0x9a9, OpcodeEnum.MOVAPS); mOpcodes.put(0x9b1, OpcodeEnum.MOVAPD); mOpcodes.put(0x9b9, OpcodeEnum.VMOVAPS); mOpcodes.put(0x9c2, OpcodeEnum.VMOVAPD); mOpcodes.put(0x9cb, OpcodeEnum.CVTPI2PS); mOpcodes.put(0x9d5, OpcodeEnum.CVTPI2PD); mOpcodes.put(0x9df, OpcodeEnum.CVTSI2SS); mOpcodes.put(0x9e9, OpcodeEnum.CVTSI2SD); mOpcodes.put(0x9f3, OpcodeEnum.VCVTSI2SS); mOpcodes.put(0x9fe, OpcodeEnum.VCVTSI2SD); mOpcodes.put(0xa09, OpcodeEnum.MOVNTPS); mOpcodes.put(0xa12, OpcodeEnum.MOVNTPD); mOpcodes.put(0xa1b, OpcodeEnum.MOVNTSS); mOpcodes.put(0xa24, OpcodeEnum.MOVNTSD); mOpcodes.put(0xa2d, OpcodeEnum.VMOVNTPS); mOpcodes.put(0xa37, OpcodeEnum.VMOVNTPD); mOpcodes.put(0xa41, OpcodeEnum.CVTTPS2PI); mOpcodes.put(0xa4c, OpcodeEnum.CVTTPD2PI); mOpcodes.put(0xa57, OpcodeEnum.CVTTSS2SI); mOpcodes.put(0xa62, OpcodeEnum.CVTTSD2SI); mOpcodes.put(0xa6d, OpcodeEnum.VCVTTSS2SI); mOpcodes.put(0xa79, OpcodeEnum.VCVTTSD2SI); mOpcodes.put(0xa85, OpcodeEnum.CVTPS2PI); mOpcodes.put(0xa8f, OpcodeEnum.CVTPD2PI); mOpcodes.put(0xa99, OpcodeEnum.CVTSS2SI); mOpcodes.put(0xaa3, OpcodeEnum.CVTSD2SI); mOpcodes.put(0xaad, OpcodeEnum.VCVTSS2SI); mOpcodes.put(0xab8, OpcodeEnum.VCVTSD2SI); mOpcodes.put(0xac3, OpcodeEnum.UCOMISS); mOpcodes.put(0xacc, OpcodeEnum.UCOMISD); mOpcodes.put(0xad5, OpcodeEnum.VUCOMISS); mOpcodes.put(0xadf, OpcodeEnum.VUCOMISD); mOpcodes.put(0xae9, OpcodeEnum.COMISS); mOpcodes.put(0xaf1, OpcodeEnum.COMISD); mOpcodes.put(0xaf9, OpcodeEnum.VCOMISS); mOpcodes.put(0xb02, OpcodeEnum.VCOMISD); mOpcodes.put(0xb0b, OpcodeEnum.MOVMSKPS); mOpcodes.put(0xb15, OpcodeEnum.MOVMSKPD); mOpcodes.put(0xb1f, OpcodeEnum.VMOVMSKPS); mOpcodes.put(0xb2a, OpcodeEnum.VMOVMSKPD); mOpcodes.put(0xb35, OpcodeEnum.SQRTPS); mOpcodes.put(0xb3d, OpcodeEnum.SQRTPD); mOpcodes.put(0xb45, OpcodeEnum.SQRTSS); mOpcodes.put(0xb4d, OpcodeEnum.SQRTSD); mOpcodes.put(0xb55, OpcodeEnum.VSQRTPS); mOpcodes.put(0xb5e, OpcodeEnum.VSQRTPD); mOpcodes.put(0xb67, OpcodeEnum.VSQRTSS); mOpcodes.put(0xb70, OpcodeEnum.VSQRTSD); mOpcodes.put(0xb79, OpcodeEnum.RSQRTPS); mOpcodes.put(0xb82, OpcodeEnum.RSQRTSS); mOpcodes.put(0xb8b, OpcodeEnum.VRSQRTPS); mOpcodes.put(0xb95, OpcodeEnum.VRSQRTSS); mOpcodes.put(0xb9f, OpcodeEnum.RCPPS); mOpcodes.put(0xba6, OpcodeEnum.RCPSS); mOpcodes.put(0xbad, OpcodeEnum.VRCPPS); mOpcodes.put(0xbb5, OpcodeEnum.VRCPSS); mOpcodes.put(0xbbd, OpcodeEnum.ANDPS); mOpcodes.put(0xbc4, OpcodeEnum.ANDPD); mOpcodes.put(0xbcb, OpcodeEnum.VANDPS); mOpcodes.put(0xbd3, OpcodeEnum.VANDPD); mOpcodes.put(0xbdb, OpcodeEnum.ANDNPS); mOpcodes.put(0xbe3, OpcodeEnum.ANDNPD); mOpcodes.put(0xbeb, OpcodeEnum.VANDNPS); mOpcodes.put(0xbf4, OpcodeEnum.VANDNPD); mOpcodes.put(0xbfd, OpcodeEnum.ORPS); mOpcodes.put(0xc03, OpcodeEnum.ORPD); mOpcodes.put(0xc09, OpcodeEnum.VORPS); mOpcodes.put(0xc10, OpcodeEnum.VORPD); mOpcodes.put(0xc17, OpcodeEnum.XORPS); mOpcodes.put(0xc1e, OpcodeEnum.XORPD); mOpcodes.put(0xc25, OpcodeEnum.VXORPS); mOpcodes.put(0xc2d, OpcodeEnum.VXORPD); mOpcodes.put(0xc35, OpcodeEnum.ADDPS); mOpcodes.put(0xc3c, OpcodeEnum.ADDPD); mOpcodes.put(0xc43, OpcodeEnum.ADDSS); mOpcodes.put(0xc4a, OpcodeEnum.ADDSD); mOpcodes.put(0xc51, OpcodeEnum.VADDPS); mOpcodes.put(0xc59, OpcodeEnum.VADDPD); mOpcodes.put(0xc61, OpcodeEnum.VADDSS); mOpcodes.put(0xc69, OpcodeEnum.VADDSD); mOpcodes.put(0xc71, OpcodeEnum.MULPS); mOpcodes.put(0xc78, OpcodeEnum.MULPD); mOpcodes.put(0xc7f, OpcodeEnum.MULSS); mOpcodes.put(0xc86, OpcodeEnum.MULSD); mOpcodes.put(0xc8d, OpcodeEnum.VMULPS); mOpcodes.put(0xc95, OpcodeEnum.VMULPD); mOpcodes.put(0xc9d, OpcodeEnum.VMULSS); mOpcodes.put(0xca5, OpcodeEnum.VMULSD); mOpcodes.put(0xcad, OpcodeEnum.CVTPS2PD); mOpcodes.put(0xcb7, OpcodeEnum.CVTPD2PS); mOpcodes.put(0xcc1, OpcodeEnum.CVTSS2SD); mOpcodes.put(0xccb, OpcodeEnum.CVTSD2SS); mOpcodes.put(0xcd5, OpcodeEnum.VCVTPS2PD); mOpcodes.put(0xce0, OpcodeEnum.VCVTPD2PS); mOpcodes.put(0xceb, OpcodeEnum.VCVTSS2SD); mOpcodes.put(0xcf6, OpcodeEnum.VCVTSD2SS); mOpcodes.put(0xd01, OpcodeEnum.CVTDQ2PS); mOpcodes.put(0xd0b, OpcodeEnum.CVTPS2DQ); mOpcodes.put(0xd15, OpcodeEnum.CVTTPS2DQ); mOpcodes.put(0xd20, OpcodeEnum.VCVTDQ2PS); mOpcodes.put(0xd2b, OpcodeEnum.VCVTPS2DQ); mOpcodes.put(0xd36, OpcodeEnum.VCVTTPS2DQ); mOpcodes.put(0xd42, OpcodeEnum.SUBPS); mOpcodes.put(0xd49, OpcodeEnum.SUBPD); mOpcodes.put(0xd50, OpcodeEnum.SUBSS); mOpcodes.put(0xd57, OpcodeEnum.SUBSD); mOpcodes.put(0xd5e, OpcodeEnum.VSUBPS); mOpcodes.put(0xd66, OpcodeEnum.VSUBPD); mOpcodes.put(0xd6e, OpcodeEnum.VSUBSS); mOpcodes.put(0xd76, OpcodeEnum.VSUBSD); mOpcodes.put(0xd7e, OpcodeEnum.MINPS); mOpcodes.put(0xd85, OpcodeEnum.MINPD); mOpcodes.put(0xd8c, OpcodeEnum.MINSS); mOpcodes.put(0xd93, OpcodeEnum.MINSD); mOpcodes.put(0xd9a, OpcodeEnum.VMINPS); mOpcodes.put(0xda2, OpcodeEnum.VMINPD); mOpcodes.put(0xdaa, OpcodeEnum.VMINSS); mOpcodes.put(0xdb2, OpcodeEnum.VMINSD); mOpcodes.put(0xdba, OpcodeEnum.DIVPS); mOpcodes.put(0xdc1, OpcodeEnum.DIVPD); mOpcodes.put(0xdc8, OpcodeEnum.DIVSS); mOpcodes.put(0xdcf, OpcodeEnum.DIVSD); mOpcodes.put(0xdd6, OpcodeEnum.VDIVPS); mOpcodes.put(0xdde, OpcodeEnum.VDIVPD); mOpcodes.put(0xde6, OpcodeEnum.VDIVSS); mOpcodes.put(0xdee, OpcodeEnum.VDIVSD); mOpcodes.put(0xdf6, OpcodeEnum.MAXPS); mOpcodes.put(0xdfd, OpcodeEnum.MAXPD); mOpcodes.put(0xe04, OpcodeEnum.MAXSS); mOpcodes.put(0xe0b, OpcodeEnum.MAXSD); mOpcodes.put(0xe12, OpcodeEnum.VMAXPS); mOpcodes.put(0xe1a, OpcodeEnum.VMAXPD); mOpcodes.put(0xe22, OpcodeEnum.VMAXSS); mOpcodes.put(0xe2a, OpcodeEnum.VMAXSD); mOpcodes.put(0xe32, OpcodeEnum.PUNPCKLBW); mOpcodes.put(0xe3d, OpcodeEnum.VPUNPCKLBW); mOpcodes.put(0xe49, OpcodeEnum.PUNPCKLWD); mOpcodes.put(0xe54, OpcodeEnum.VPUNPCKLWD); mOpcodes.put(0xe60, OpcodeEnum.PUNPCKLDQ); mOpcodes.put(0xe6b, OpcodeEnum.VPUNPCKLDQ); mOpcodes.put(0xe77, OpcodeEnum.PACKSSWB); mOpcodes.put(0xe81, OpcodeEnum.VPACKSSWB); mOpcodes.put(0xe8c, OpcodeEnum.PCMPGTB); mOpcodes.put(0xe95, OpcodeEnum.VPCMPGTB); mOpcodes.put(0xe9f, OpcodeEnum.PCMPGTW); mOpcodes.put(0xea8, OpcodeEnum.VPCMPGTW); mOpcodes.put(0xeb2, OpcodeEnum.PCMPGTD); mOpcodes.put(0xebb, OpcodeEnum.VPCMPGTD); mOpcodes.put(0xec5, OpcodeEnum.PACKUSWB); mOpcodes.put(0xecf, OpcodeEnum.VPACKUSWB); mOpcodes.put(0xeda, OpcodeEnum.PUNPCKHBW); mOpcodes.put(0xee5, OpcodeEnum.VPUNPCKHBW); mOpcodes.put(0xef1, OpcodeEnum.PUNPCKHWD); mOpcodes.put(0xefc, OpcodeEnum.VPUNPCKHWD); mOpcodes.put(0xf08, OpcodeEnum.PUNPCKHDQ); mOpcodes.put(0xf13, OpcodeEnum.VPUNPCKHDQ); mOpcodes.put(0xf1f, OpcodeEnum.PACKSSDW); mOpcodes.put(0xf29, OpcodeEnum.VPACKSSDW); mOpcodes.put(0xf34, OpcodeEnum.PUNPCKLQDQ); mOpcodes.put(0xf40, OpcodeEnum.VPUNPCKLQDQ); mOpcodes.put(0xf4d, OpcodeEnum.PUNPCKHQDQ); mOpcodes.put(0xf59, OpcodeEnum.VPUNPCKHQDQ); mOpcodes.put(0xf66, OpcodeEnum.MOVD); mOpcodes.put(0xf6c, OpcodeEnum.MOVQ); mOpcodes.put(0xf72, OpcodeEnum.VMOVD); mOpcodes.put(0xf79, OpcodeEnum.VMOVQ); mOpcodes.put(0xf80, OpcodeEnum.MOVDQA); mOpcodes.put(0xf88, OpcodeEnum.MOVDQU); mOpcodes.put(0xf90, OpcodeEnum.VMOVDQA); mOpcodes.put(0xf99, OpcodeEnum.VMOVDQU); mOpcodes.put(0xfa2, OpcodeEnum.PSHUFW); mOpcodes.put(0xfaa, OpcodeEnum.PSHUFD); mOpcodes.put(0xfb2, OpcodeEnum.PSHUFHW); mOpcodes.put(0xfbb, OpcodeEnum.PSHUFLW); mOpcodes.put(0xfc4, OpcodeEnum.VPSHUFD); mOpcodes.put(0xfcd, OpcodeEnum.VPSHUFHW); mOpcodes.put(0xfd7, OpcodeEnum.VPSHUFLW); mOpcodes.put(0xfe1, OpcodeEnum.PCMPEQB); mOpcodes.put(0xfea, OpcodeEnum.VPCMPEQB); mOpcodes.put(0xff4, OpcodeEnum.PCMPEQW); mOpcodes.put(0xffd, OpcodeEnum.VPCMPEQW); mOpcodes.put(0x1007, OpcodeEnum.PCMPEQD); mOpcodes.put(0x1010, OpcodeEnum.VPCMPEQD); mOpcodes.put(0x101a, OpcodeEnum.EMMS); mOpcodes.put(0x1020, OpcodeEnum.VZEROUPPER); mOpcodes.put(0x102c, OpcodeEnum.VZEROALL); mOpcodes.put(0x1036, OpcodeEnum.VMREAD); mOpcodes.put(0x103e, OpcodeEnum.EXTRQ); mOpcodes.put(0x1045, OpcodeEnum.INSERTQ); mOpcodes.put(0x104e, OpcodeEnum.VMWRITE); mOpcodes.put(0x1057, OpcodeEnum.CVTPH2PS); mOpcodes.put(0x1061, OpcodeEnum.CVTPS2PH); mOpcodes.put(0x106b, OpcodeEnum.HADDPD); mOpcodes.put(0x1073, OpcodeEnum.HADDPS); mOpcodes.put(0x107b, OpcodeEnum.VHADDPD); mOpcodes.put(0x1084, OpcodeEnum.VHADDPS); mOpcodes.put(0x108d, OpcodeEnum.HSUBPD); mOpcodes.put(0x1095, OpcodeEnum.HSUBPS); mOpcodes.put(0x109d, OpcodeEnum.VHSUBPD); mOpcodes.put(0x10a6, OpcodeEnum.VHSUBPS); mOpcodes.put(0x10af, OpcodeEnum.XSAVE); mOpcodes.put(0x10b6, OpcodeEnum.XSAVE64); mOpcodes.put(0x10bf, OpcodeEnum.LFENCE); mOpcodes.put(0x10c7, OpcodeEnum.XRSTOR); mOpcodes.put(0x10cf, OpcodeEnum.XRSTOR64); mOpcodes.put(0x10d9, OpcodeEnum.MFENCE); mOpcodes.put(0x10e1, OpcodeEnum.XSAVEOPT); mOpcodes.put(0x10eb, OpcodeEnum.XSAVEOPT64); mOpcodes.put(0x10f7, OpcodeEnum.SFENCE); mOpcodes.put(0x10ff, OpcodeEnum.CLFLUSH); mOpcodes.put(0x1108, OpcodeEnum.POPCNT); mOpcodes.put(0x1110, OpcodeEnum.BSF); mOpcodes.put(0x1115, OpcodeEnum.TZCNT); mOpcodes.put(0x111c, OpcodeEnum.BSR); mOpcodes.put(0x1121, OpcodeEnum.LZCNT); mOpcodes.put(0x1128, OpcodeEnum.CMPEQPS); mOpcodes.put(0x1131, OpcodeEnum.CMPLTPS); mOpcodes.put(0x113a, OpcodeEnum.CMPLEPS); mOpcodes.put(0x1143, OpcodeEnum.CMPUNORDPS); mOpcodes.put(0x114f, OpcodeEnum.CMPNEQPS); mOpcodes.put(0x1159, OpcodeEnum.CMPNLTPS); mOpcodes.put(0x1163, OpcodeEnum.CMPNLEPS); mOpcodes.put(0x116d, OpcodeEnum.CMPORDPS); mOpcodes.put(0x1177, OpcodeEnum.CMPEQPD); mOpcodes.put(0x1180, OpcodeEnum.CMPLTPD); mOpcodes.put(0x1189, OpcodeEnum.CMPLEPD); mOpcodes.put(0x1192, OpcodeEnum.CMPUNORDPD); mOpcodes.put(0x119e, OpcodeEnum.CMPNEQPD); mOpcodes.put(0x11a8, OpcodeEnum.CMPNLTPD); mOpcodes.put(0x11b2, OpcodeEnum.CMPNLEPD); mOpcodes.put(0x11bc, OpcodeEnum.CMPORDPD); mOpcodes.put(0x11c6, OpcodeEnum.CMPEQSS); mOpcodes.put(0x11cf, OpcodeEnum.CMPLTSS); mOpcodes.put(0x11d8, OpcodeEnum.CMPLESS); mOpcodes.put(0x11e1, OpcodeEnum.CMPUNORDSS); mOpcodes.put(0x11ed, OpcodeEnum.CMPNEQSS); mOpcodes.put(0x11f7, OpcodeEnum.CMPNLTSS); mOpcodes.put(0x1201, OpcodeEnum.CMPNLESS); mOpcodes.put(0x120b, OpcodeEnum.CMPORDSS); mOpcodes.put(0x1215, OpcodeEnum.CMPEQSD); mOpcodes.put(0x121e, OpcodeEnum.CMPLTSD); mOpcodes.put(0x1227, OpcodeEnum.CMPLESD); mOpcodes.put(0x1230, OpcodeEnum.CMPUNORDSD); mOpcodes.put(0x123c, OpcodeEnum.CMPNEQSD); mOpcodes.put(0x1246, OpcodeEnum.CMPNLTSD); mOpcodes.put(0x1250, OpcodeEnum.CMPNLESD); mOpcodes.put(0x125a, OpcodeEnum.CMPORDSD); mOpcodes.put(0x1264, OpcodeEnum.VCMPEQPS); mOpcodes.put(0x126e, OpcodeEnum.VCMPLTPS); mOpcodes.put(0x1278, OpcodeEnum.VCMPLEPS); mOpcodes.put(0x1282, OpcodeEnum.VCMPUNORDPS); mOpcodes.put(0x128f, OpcodeEnum.VCMPNEQPS); mOpcodes.put(0x129a, OpcodeEnum.VCMPNLTPS); mOpcodes.put(0x12a5, OpcodeEnum.VCMPNLEPS); mOpcodes.put(0x12b0, OpcodeEnum.VCMPORDPS); mOpcodes.put(0x12bb, OpcodeEnum.VCMPEQ_UQPS); mOpcodes.put(0x12c8, OpcodeEnum.VCMPNGEPS); mOpcodes.put(0x12d3, OpcodeEnum.VCMPNGTPS); mOpcodes.put(0x12de, OpcodeEnum.VCMPFALSEPS); mOpcodes.put(0x12eb, OpcodeEnum.VCMPNEQ_OQPS); mOpcodes.put(0x12f9, OpcodeEnum.VCMPGEPS); mOpcodes.put(0x1303, OpcodeEnum.VCMPGTPS); mOpcodes.put(0x130d, OpcodeEnum.VCMPTRUEPS); mOpcodes.put(0x1319, OpcodeEnum.VCMPEQ_OSPS); mOpcodes.put(0x1326, OpcodeEnum.VCMPLT_OQPS); mOpcodes.put(0x1333, OpcodeEnum.VCMPLE_OQPS); mOpcodes.put(0x1340, OpcodeEnum.VCMPUNORD_SPS); mOpcodes.put(0x134f, OpcodeEnum.VCMPNEQ_USPS); mOpcodes.put(0x135d, OpcodeEnum.VCMPNLT_UQPS); mOpcodes.put(0x136b, OpcodeEnum.VCMPNLE_UQPS); mOpcodes.put(0x1379, OpcodeEnum.VCMPORD_SPS); mOpcodes.put(0x1386, OpcodeEnum.VCMPEQ_USPS); mOpcodes.put(0x1393, OpcodeEnum.VCMPNGE_UQPS); mOpcodes.put(0x13a1, OpcodeEnum.VCMPNGT_UQPS); mOpcodes.put(0x13af, OpcodeEnum.VCMPFALSE_OSPS); mOpcodes.put(0x13bf, OpcodeEnum.VCMPNEQ_OSPS); mOpcodes.put(0x13cd, OpcodeEnum.VCMPGE_OQPS); mOpcodes.put(0x13da, OpcodeEnum.VCMPGT_OQPS); mOpcodes.put(0x13e7, OpcodeEnum.VCMPTRUE_USPS); mOpcodes.put(0x13f6, OpcodeEnum.VCMPEQPD); mOpcodes.put(0x1400, OpcodeEnum.VCMPLTPD); mOpcodes.put(0x140a, OpcodeEnum.VCMPLEPD); mOpcodes.put(0x1414, OpcodeEnum.VCMPUNORDPD); mOpcodes.put(0x1421, OpcodeEnum.VCMPNEQPD); mOpcodes.put(0x142c, OpcodeEnum.VCMPNLTPD); mOpcodes.put(0x1437, OpcodeEnum.VCMPNLEPD); mOpcodes.put(0x1442, OpcodeEnum.VCMPORDPD); mOpcodes.put(0x144d, OpcodeEnum.VCMPEQ_UQPD); mOpcodes.put(0x145a, OpcodeEnum.VCMPNGEPD); mOpcodes.put(0x1465, OpcodeEnum.VCMPNGTPD); mOpcodes.put(0x1470, OpcodeEnum.VCMPFALSEPD); mOpcodes.put(0x147d, OpcodeEnum.VCMPNEQ_OQPD); mOpcodes.put(0x148b, OpcodeEnum.VCMPGEPD); mOpcodes.put(0x1495, OpcodeEnum.VCMPGTPD); mOpcodes.put(0x149f, OpcodeEnum.VCMPTRUEPD); mOpcodes.put(0x14ab, OpcodeEnum.VCMPEQ_OSPD); mOpcodes.put(0x14b8, OpcodeEnum.VCMPLT_OQPD); mOpcodes.put(0x14c5, OpcodeEnum.VCMPLE_OQPD); mOpcodes.put(0x14d2, OpcodeEnum.VCMPUNORD_SPD); mOpcodes.put(0x14e1, OpcodeEnum.VCMPNEQ_USPD); mOpcodes.put(0x14ef, OpcodeEnum.VCMPNLT_UQPD); mOpcodes.put(0x14fd, OpcodeEnum.VCMPNLE_UQPD); mOpcodes.put(0x150b, OpcodeEnum.VCMPORD_SPD); mOpcodes.put(0x1518, OpcodeEnum.VCMPEQ_USPD); mOpcodes.put(0x1525, OpcodeEnum.VCMPNGE_UQPD); mOpcodes.put(0x1533, OpcodeEnum.VCMPNGT_UQPD); mOpcodes.put(0x1541, OpcodeEnum.VCMPFALSE_OSPD); mOpcodes.put(0x1551, OpcodeEnum.VCMPNEQ_OSPD); mOpcodes.put(0x155f, OpcodeEnum.VCMPGE_OQPD); mOpcodes.put(0x156c, OpcodeEnum.VCMPGT_OQPD); mOpcodes.put(0x1579, OpcodeEnum.VCMPTRUE_USPD); mOpcodes.put(0x1588, OpcodeEnum.VCMPEQSS); mOpcodes.put(0x1592, OpcodeEnum.VCMPLTSS); mOpcodes.put(0x159c, OpcodeEnum.VCMPLESS); mOpcodes.put(0x15a6, OpcodeEnum.VCMPUNORDSS); mOpcodes.put(0x15b3, OpcodeEnum.VCMPNEQSS); mOpcodes.put(0x15be, OpcodeEnum.VCMPNLTSS); mOpcodes.put(0x15c9, OpcodeEnum.VCMPNLESS); mOpcodes.put(0x15d4, OpcodeEnum.VCMPORDSS); mOpcodes.put(0x15df, OpcodeEnum.VCMPEQ_UQSS); mOpcodes.put(0x15ec, OpcodeEnum.VCMPNGESS); mOpcodes.put(0x15f7, OpcodeEnum.VCMPNGTSS); mOpcodes.put(0x1602, OpcodeEnum.VCMPFALSESS); mOpcodes.put(0x160f, OpcodeEnum.VCMPNEQ_OQSS); mOpcodes.put(0x161d, OpcodeEnum.VCMPGESS); mOpcodes.put(0x1627, OpcodeEnum.VCMPGTSS); mOpcodes.put(0x1631, OpcodeEnum.VCMPTRUESS); mOpcodes.put(0x163d, OpcodeEnum.VCMPEQ_OSSS); mOpcodes.put(0x164a, OpcodeEnum.VCMPLT_OQSS); mOpcodes.put(0x1657, OpcodeEnum.VCMPLE_OQSS); mOpcodes.put(0x1664, OpcodeEnum.VCMPUNORD_SSS); mOpcodes.put(0x1673, OpcodeEnum.VCMPNEQ_USSS); mOpcodes.put(0x1681, OpcodeEnum.VCMPNLT_UQSS); mOpcodes.put(0x168f, OpcodeEnum.VCMPNLE_UQSS); mOpcodes.put(0x169d, OpcodeEnum.VCMPORD_SSS); mOpcodes.put(0x16aa, OpcodeEnum.VCMPEQ_USSS); mOpcodes.put(0x16b7, OpcodeEnum.VCMPNGE_UQSS); mOpcodes.put(0x16c5, OpcodeEnum.VCMPNGT_UQSS); mOpcodes.put(0x16d3, OpcodeEnum.VCMPFALSE_OSSS); mOpcodes.put(0x16e3, OpcodeEnum.VCMPNEQ_OSSS); mOpcodes.put(0x16f1, OpcodeEnum.VCMPGE_OQSS); mOpcodes.put(0x16fe, OpcodeEnum.VCMPGT_OQSS); mOpcodes.put(0x170b, OpcodeEnum.VCMPTRUE_USSS); mOpcodes.put(0x171a, OpcodeEnum.VCMPEQSD); mOpcodes.put(0x1724, OpcodeEnum.VCMPLTSD); mOpcodes.put(0x172e, OpcodeEnum.VCMPLESD); mOpcodes.put(0x1738, OpcodeEnum.VCMPUNORDSD); mOpcodes.put(0x1745, OpcodeEnum.VCMPNEQSD); mOpcodes.put(0x1750, OpcodeEnum.VCMPNLTSD); mOpcodes.put(0x175b, OpcodeEnum.VCMPNLESD); mOpcodes.put(0x1766, OpcodeEnum.VCMPORDSD); mOpcodes.put(0x1771, OpcodeEnum.VCMPEQ_UQSD); mOpcodes.put(0x177e, OpcodeEnum.VCMPNGESD); mOpcodes.put(0x1789, OpcodeEnum.VCMPNGTSD); mOpcodes.put(0x1794, OpcodeEnum.VCMPFALSESD); mOpcodes.put(0x17a1, OpcodeEnum.VCMPNEQ_OQSD); mOpcodes.put(0x17af, OpcodeEnum.VCMPGESD); mOpcodes.put(0x17b9, OpcodeEnum.VCMPGTSD); mOpcodes.put(0x17c3, OpcodeEnum.VCMPTRUESD); mOpcodes.put(0x17cf, OpcodeEnum.VCMPEQ_OSSD); mOpcodes.put(0x17dc, OpcodeEnum.VCMPLT_OQSD); mOpcodes.put(0x17e9, OpcodeEnum.VCMPLE_OQSD); mOpcodes.put(0x17f6, OpcodeEnum.VCMPUNORD_SSD); mOpcodes.put(0x1805, OpcodeEnum.VCMPNEQ_USSD); mOpcodes.put(0x1813, OpcodeEnum.VCMPNLT_UQSD); mOpcodes.put(0x1821, OpcodeEnum.VCMPNLE_UQSD); mOpcodes.put(0x182f, OpcodeEnum.VCMPORD_SSD); mOpcodes.put(0x183c, OpcodeEnum.VCMPEQ_USSD); mOpcodes.put(0x1849, OpcodeEnum.VCMPNGE_UQSD); mOpcodes.put(0x1857, OpcodeEnum.VCMPNGT_UQSD); mOpcodes.put(0x1865, OpcodeEnum.VCMPFALSE_OSSD); mOpcodes.put(0x1875, OpcodeEnum.VCMPNEQ_OSSD); mOpcodes.put(0x1883, OpcodeEnum.VCMPGE_OQSD); mOpcodes.put(0x1890, OpcodeEnum.VCMPGT_OQSD); mOpcodes.put(0x189d, OpcodeEnum.VCMPTRUE_USSD); mOpcodes.put(0x18ac, OpcodeEnum.PINSRW); mOpcodes.put(0x18b4, OpcodeEnum.VPINSRW); mOpcodes.put(0x18bd, OpcodeEnum.PEXTRW); mOpcodes.put(0x18c5, OpcodeEnum.VPEXTRW); mOpcodes.put(0x18ce, OpcodeEnum.SHUFPS); mOpcodes.put(0x18d6, OpcodeEnum.SHUFPD); mOpcodes.put(0x18de, OpcodeEnum.VSHUFPS); mOpcodes.put(0x18e7, OpcodeEnum.VSHUFPD); mOpcodes.put(0x18f0, OpcodeEnum.CMPXCHG8B); mOpcodes.put(0x18fb, OpcodeEnum.CMPXCHG16B); mOpcodes.put(0x1907, OpcodeEnum.VMPTRST); mOpcodes.put(0x1910, OpcodeEnum.ADDSUBPD); mOpcodes.put(0x191a, OpcodeEnum.ADDSUBPS); mOpcodes.put(0x1924, OpcodeEnum.VADDSUBPD); mOpcodes.put(0x192f, OpcodeEnum.VADDSUBPS); mOpcodes.put(0x193a, OpcodeEnum.PSRLW); mOpcodes.put(0x1941, OpcodeEnum.VPSRLW); mOpcodes.put(0x1949, OpcodeEnum.PSRLD); mOpcodes.put(0x1950, OpcodeEnum.VPSRLD); mOpcodes.put(0x1958, OpcodeEnum.PSRLQ); mOpcodes.put(0x195f, OpcodeEnum.VPSRLQ); mOpcodes.put(0x1967, OpcodeEnum.PADDQ); mOpcodes.put(0x196e, OpcodeEnum.VPADDQ); mOpcodes.put(0x1976, OpcodeEnum.PMULLW); mOpcodes.put(0x197e, OpcodeEnum.VPMULLW); mOpcodes.put(0x1987, OpcodeEnum.MOVQ2DQ); mOpcodes.put(0x1990, OpcodeEnum.MOVDQ2Q); mOpcodes.put(0x1999, OpcodeEnum.PMOVMSKB); mOpcodes.put(0x19a3, OpcodeEnum.VPMOVMSKB); mOpcodes.put(0x19ae, OpcodeEnum.PSUBUSB); mOpcodes.put(0x19b7, OpcodeEnum.VPSUBUSB); mOpcodes.put(0x19c1, OpcodeEnum.PSUBUSW); mOpcodes.put(0x19ca, OpcodeEnum.VPSUBUSW); mOpcodes.put(0x19d4, OpcodeEnum.PMINUB); mOpcodes.put(0x19dc, OpcodeEnum.VPMINUB); mOpcodes.put(0x19e5, OpcodeEnum.PAND); mOpcodes.put(0x19eb, OpcodeEnum.VPAND); mOpcodes.put(0x19f2, OpcodeEnum.PADDUSB); mOpcodes.put(0x19fb, OpcodeEnum.VPADDUSW); mOpcodes.put(0x1a05, OpcodeEnum.PADDUSW); mOpcodes.put(0x1a0e, OpcodeEnum.PMAXUB); mOpcodes.put(0x1a16, OpcodeEnum.VPMAXUB); mOpcodes.put(0x1a1f, OpcodeEnum.PANDN); mOpcodes.put(0x1a26, OpcodeEnum.VPANDN); mOpcodes.put(0x1a2e, OpcodeEnum.PAVGB); mOpcodes.put(0x1a35, OpcodeEnum.VPAVGB); mOpcodes.put(0x1a3d, OpcodeEnum.PSRAW); mOpcodes.put(0x1a44, OpcodeEnum.VPSRAW); mOpcodes.put(0x1a4c, OpcodeEnum.PSRAD); mOpcodes.put(0x1a53, OpcodeEnum.VPSRAD); mOpcodes.put(0x1a5b, OpcodeEnum.PAVGW); mOpcodes.put(0x1a62, OpcodeEnum.VPAVGW); mOpcodes.put(0x1a6a, OpcodeEnum.PMULHUW); mOpcodes.put(0x1a73, OpcodeEnum.VPMULHUW); mOpcodes.put(0x1a7d, OpcodeEnum.PMULHW); mOpcodes.put(0x1a85, OpcodeEnum.VPMULHW); mOpcodes.put(0x1a8e, OpcodeEnum.CVTTPD2DQ); mOpcodes.put(0x1a99, OpcodeEnum.CVTDQ2PD); mOpcodes.put(0x1aa3, OpcodeEnum.CVTPD2DQ); mOpcodes.put(0x1aad, OpcodeEnum.VCVTTPD2DQ); mOpcodes.put(0x1ab9, OpcodeEnum.VCVTDQ2PD); mOpcodes.put(0x1ac4, OpcodeEnum.VCVTPD2DQ); mOpcodes.put(0x1acf, OpcodeEnum.MOVNTQ); mOpcodes.put(0x1ad7, OpcodeEnum.MOVNTDQ); mOpcodes.put(0x1ae0, OpcodeEnum.VMOVNTDQ); mOpcodes.put(0x1aea, OpcodeEnum.PSUBSB); mOpcodes.put(0x1af2, OpcodeEnum.VPSUBSB); mOpcodes.put(0x1afb, OpcodeEnum.PSUBSW); mOpcodes.put(0x1b03, OpcodeEnum.VPSUBSW); mOpcodes.put(0x1b0c, OpcodeEnum.PMINSW); mOpcodes.put(0x1b14, OpcodeEnum.VPMINSW); mOpcodes.put(0x1b1d, OpcodeEnum.POR); mOpcodes.put(0x1b22, OpcodeEnum.VPOR); mOpcodes.put(0x1b28, OpcodeEnum.PADDSB); mOpcodes.put(0x1b30, OpcodeEnum.VPADDSB); mOpcodes.put(0x1b39, OpcodeEnum.PADDSW); mOpcodes.put(0x1b41, OpcodeEnum.VPADDSW); mOpcodes.put(0x1b4a, OpcodeEnum.PMAXSW); mOpcodes.put(0x1b52, OpcodeEnum.VPMAXSW); mOpcodes.put(0x1b5b, OpcodeEnum.PXOR); mOpcodes.put(0x1b61, OpcodeEnum.VPXOR); mOpcodes.put(0x1b68, OpcodeEnum.LDDQU); mOpcodes.put(0x1b6f, OpcodeEnum.VLDDQU); mOpcodes.put(0x1b77, OpcodeEnum.PSLLW); mOpcodes.put(0x1b7e, OpcodeEnum.VPSLLW); mOpcodes.put(0x1b86, OpcodeEnum.PSLLD); mOpcodes.put(0x1b8d, OpcodeEnum.VPSLLD); mOpcodes.put(0x1b95, OpcodeEnum.PSLLQ); mOpcodes.put(0x1b9c, OpcodeEnum.VPSLLQ); mOpcodes.put(0x1ba4, OpcodeEnum.PMULUDQ); mOpcodes.put(0x1bad, OpcodeEnum.VPMULUDQ); mOpcodes.put(0x1bb7, OpcodeEnum.PMADDWD); mOpcodes.put(0x1bc0, OpcodeEnum.VPMADDWD); mOpcodes.put(0x1bca, OpcodeEnum.PSADBW); mOpcodes.put(0x1bd2, OpcodeEnum.VPSADBW); mOpcodes.put(0x1bdb, OpcodeEnum.MASKMOVQ); mOpcodes.put(0x1be5, OpcodeEnum.MASKMOVDQU); mOpcodes.put(0x1bf1, OpcodeEnum.VMASKMOVDQU); mOpcodes.put(0x1bfe, OpcodeEnum.PSUBB); mOpcodes.put(0x1c05, OpcodeEnum.VPSUBB); mOpcodes.put(0x1c0d, OpcodeEnum.PSUBW); mOpcodes.put(0x1c14, OpcodeEnum.VPSUBW); mOpcodes.put(0x1c1c, OpcodeEnum.PSUBD); mOpcodes.put(0x1c23, OpcodeEnum.VPSUBD); mOpcodes.put(0x1c2b, OpcodeEnum.PSUBQ); mOpcodes.put(0x1c32, OpcodeEnum.VPSUBQ); mOpcodes.put(0x1c3a, OpcodeEnum.PADDB); mOpcodes.put(0x1c41, OpcodeEnum.VPADDB); mOpcodes.put(0x1c49, OpcodeEnum.PADDW); mOpcodes.put(0x1c50, OpcodeEnum.VPADDW); mOpcodes.put(0x1c58, OpcodeEnum.PADDD); mOpcodes.put(0x1c5f, OpcodeEnum.VPADDD); mOpcodes.put(0x1c67, OpcodeEnum.FNSTENV); mOpcodes.put(0x1c70, OpcodeEnum.FSTENV); mOpcodes.put(0x1c78, OpcodeEnum.FNSTCW); mOpcodes.put(0x1c80, OpcodeEnum.FSTCW); mOpcodes.put(0x1c87, OpcodeEnum.FNCLEX); mOpcodes.put(0x1c8f, OpcodeEnum.FCLEX); mOpcodes.put(0x1c96, OpcodeEnum.FNINIT); mOpcodes.put(0x1c9e, OpcodeEnum.FINIT); mOpcodes.put(0x1ca5, OpcodeEnum.FNSAVE); mOpcodes.put(0x1cad, OpcodeEnum.FSAVE); mOpcodes.put(0x1cb4, OpcodeEnum.FNSTSW); mOpcodes.put(0x1cbc, OpcodeEnum.FSTSW); mOpcodes.put(0x1cc3, OpcodeEnum.PSHUFB); mOpcodes.put(0x1ccb, OpcodeEnum.VPSHUFB); mOpcodes.put(0x1cd4, OpcodeEnum.PHADDW); mOpcodes.put(0x1cdc, OpcodeEnum.VPHADDW); mOpcodes.put(0x1ce5, OpcodeEnum.PHADDD); mOpcodes.put(0x1ced, OpcodeEnum.VPHADDD); mOpcodes.put(0x1cf6, OpcodeEnum.PHADDSW); mOpcodes.put(0x1cff, OpcodeEnum.VPHADDSW); mOpcodes.put(0x1d09, OpcodeEnum.PMADDUBSW); mOpcodes.put(0x1d14, OpcodeEnum.VPMADDUBSW); mOpcodes.put(0x1d20, OpcodeEnum.PHSUBW); mOpcodes.put(0x1d28, OpcodeEnum.VPHSUBW); mOpcodes.put(0x1d31, OpcodeEnum.PHSUBD); mOpcodes.put(0x1d39, OpcodeEnum.VPHSUBD); mOpcodes.put(0x1d42, OpcodeEnum.PHSUBSW); mOpcodes.put(0x1d4b, OpcodeEnum.VPHSUBSW); mOpcodes.put(0x1d55, OpcodeEnum.PSIGNB); mOpcodes.put(0x1d5d, OpcodeEnum.VPSIGNB); mOpcodes.put(0x1d66, OpcodeEnum.PSIGNW); mOpcodes.put(0x1d6e, OpcodeEnum.VPSIGNW); mOpcodes.put(0x1d77, OpcodeEnum.PSIGND); mOpcodes.put(0x1d7f, OpcodeEnum.VPSIGND); mOpcodes.put(0x1d88, OpcodeEnum.PMULHRSW); mOpcodes.put(0x1d92, OpcodeEnum.VPMULHRSW); mOpcodes.put(0x1d9d, OpcodeEnum.VPERMILPS); mOpcodes.put(0x1da8, OpcodeEnum.VPERMILPD); mOpcodes.put(0x1db3, OpcodeEnum.VTESTPS); mOpcodes.put(0x1dbc, OpcodeEnum.VTESTPD); mOpcodes.put(0x1dc5, OpcodeEnum.PBLENDVB); mOpcodes.put(0x1dcf, OpcodeEnum.BLENDVPS); mOpcodes.put(0x1dd9, OpcodeEnum.BLENDVPD); mOpcodes.put(0x1de3, OpcodeEnum.PTEST); mOpcodes.put(0x1dea, OpcodeEnum.VPTEST); mOpcodes.put(0x1df2, OpcodeEnum.VBROADCASTSS); mOpcodes.put(0x1e00, OpcodeEnum.VBROADCASTSD); mOpcodes.put(0x1e0e, OpcodeEnum.VBROADCASTF128); mOpcodes.put(0x1e1e, OpcodeEnum.PABSB); mOpcodes.put(0x1e25, OpcodeEnum.VPABSB); mOpcodes.put(0x1e2d, OpcodeEnum.PABSW); mOpcodes.put(0x1e34, OpcodeEnum.VPABSW); mOpcodes.put(0x1e3c, OpcodeEnum.PABSD); mOpcodes.put(0x1e43, OpcodeEnum.VPABSD); mOpcodes.put(0x1e4b, OpcodeEnum.PMOVSXBW); mOpcodes.put(0x1e55, OpcodeEnum.VPMOVSXBW); mOpcodes.put(0x1e60, OpcodeEnum.PMOVSXBD); mOpcodes.put(0x1e6a, OpcodeEnum.VPMOVSXBD); mOpcodes.put(0x1e75, OpcodeEnum.PMOVSXBQ); mOpcodes.put(0x1e7f, OpcodeEnum.VPMOVSXBQ); mOpcodes.put(0x1e8a, OpcodeEnum.PMOVSXWD); mOpcodes.put(0x1e94, OpcodeEnum.VPMOVSXWD); mOpcodes.put(0x1e9f, OpcodeEnum.PMOVSXWQ); mOpcodes.put(0x1ea9, OpcodeEnum.VPMOVSXWQ); mOpcodes.put(0x1eb4, OpcodeEnum.PMOVSXDQ); mOpcodes.put(0x1ebe, OpcodeEnum.VPMOVSXDQ); mOpcodes.put(0x1ec9, OpcodeEnum.PMULDQ); mOpcodes.put(0x1ed1, OpcodeEnum.VPMULDQ); mOpcodes.put(0x1eda, OpcodeEnum.PCMPEQQ); mOpcodes.put(0x1ee3, OpcodeEnum.VPCMPEQQ); mOpcodes.put(0x1eed, OpcodeEnum.MOVNTDQA); mOpcodes.put(0x1ef7, OpcodeEnum.VMOVNTDQA); mOpcodes.put(0x1f02, OpcodeEnum.PACKUSDW); mOpcodes.put(0x1f0c, OpcodeEnum.VPACKUSDW); mOpcodes.put(0x1f17, OpcodeEnum.VMASKMOVPS); mOpcodes.put(0x1f23, OpcodeEnum.VMASKMOVPD); mOpcodes.put(0x1f2f, OpcodeEnum.PMOVZXBW); mOpcodes.put(0x1f39, OpcodeEnum.VPMOVZXBW); mOpcodes.put(0x1f44, OpcodeEnum.PMOVZXBD); mOpcodes.put(0x1f4e, OpcodeEnum.VPMOVZXBD); mOpcodes.put(0x1f59, OpcodeEnum.PMOVZXBQ); mOpcodes.put(0x1f63, OpcodeEnum.VPMOVZXBQ); mOpcodes.put(0x1f6e, OpcodeEnum.PMOVZXWD); mOpcodes.put(0x1f78, OpcodeEnum.VPMOVZXWD); mOpcodes.put(0x1f83, OpcodeEnum.PMOVZXWQ); mOpcodes.put(0x1f8d, OpcodeEnum.VPMOVZXWQ); mOpcodes.put(0x1f98, OpcodeEnum.PMOVZXDQ); mOpcodes.put(0x1fa2, OpcodeEnum.VPMOVZXDQ); mOpcodes.put(0x1fad, OpcodeEnum.PCMPGTQ); mOpcodes.put(0x1fb6, OpcodeEnum.VPCMPGTQ); mOpcodes.put(0x1fc0, OpcodeEnum.PMINSB); mOpcodes.put(0x1fc8, OpcodeEnum.VPMINSB); mOpcodes.put(0x1fd1, OpcodeEnum.PMINSD); mOpcodes.put(0x1fd9, OpcodeEnum.VPMINSD); mOpcodes.put(0x1fe2, OpcodeEnum.PMINUW); mOpcodes.put(0x1fea, OpcodeEnum.VPMINUW); mOpcodes.put(0x1ff3, OpcodeEnum.PMINUD); mOpcodes.put(0x1ffb, OpcodeEnum.VPMINUD); mOpcodes.put(0x2004, OpcodeEnum.PMAXSB); mOpcodes.put(0x200c, OpcodeEnum.VPMAXSB); mOpcodes.put(0x2015, OpcodeEnum.PMAXSD); mOpcodes.put(0x201d, OpcodeEnum.VPMAXSD); mOpcodes.put(0x2026, OpcodeEnum.PMAXUW); mOpcodes.put(0x202e, OpcodeEnum.VPMAXUW); mOpcodes.put(0x2037, OpcodeEnum.PMAXUD); mOpcodes.put(0x203f, OpcodeEnum.VPMAXUD); mOpcodes.put(0x2048, OpcodeEnum.PMULLD); mOpcodes.put(0x2050, OpcodeEnum.VPMULLD); mOpcodes.put(0x2059, OpcodeEnum.PHMINPOSUW); mOpcodes.put(0x2065, OpcodeEnum.VPHMINPOSUW); mOpcodes.put(0x2072, OpcodeEnum.INVEPT); mOpcodes.put(0x207a, OpcodeEnum.INVVPID); mOpcodes.put(0x2083, OpcodeEnum.INVPCID); mOpcodes.put(0x208c, OpcodeEnum.VFMADDSUB132PS); mOpcodes.put(0x209c, OpcodeEnum.VFMADDSUB132PD); mOpcodes.put(0x20ac, OpcodeEnum.VFMSUBADD132PS); mOpcodes.put(0x20bc, OpcodeEnum.VFMSUBADD132PD); mOpcodes.put(0x20cc, OpcodeEnum.VFMADD132PS); mOpcodes.put(0x20d9, OpcodeEnum.VFMADD132PD); mOpcodes.put(0x20e6, OpcodeEnum.VFMADD132SS); mOpcodes.put(0x20f3, OpcodeEnum.VFMADD132SD); mOpcodes.put(0x2100, OpcodeEnum.VFMSUB132PS); mOpcodes.put(0x210d, OpcodeEnum.VFMSUB132PD); mOpcodes.put(0x211a, OpcodeEnum.VFMSUB132SS); mOpcodes.put(0x2127, OpcodeEnum.VFMSUB132SD); mOpcodes.put(0x2134, OpcodeEnum.VFNMADD132PS); mOpcodes.put(0x2142, OpcodeEnum.VFNMADD132PD); mOpcodes.put(0x2150, OpcodeEnum.VFNMADD132SS); mOpcodes.put(0x215e, OpcodeEnum.VFNMADD132SD); mOpcodes.put(0x216c, OpcodeEnum.VFNMSUB132PS); mOpcodes.put(0x217a, OpcodeEnum.VFNMSUB132PD); mOpcodes.put(0x2188, OpcodeEnum.VFNMSUB132SS); mOpcodes.put(0x2196, OpcodeEnum.VFNMSUB132SD); mOpcodes.put(0x21a4, OpcodeEnum.VFMADDSUB213PS); mOpcodes.put(0x21b4, OpcodeEnum.VFMADDSUB213PD); mOpcodes.put(0x21c4, OpcodeEnum.VFMSUBADD213PS); mOpcodes.put(0x21d4, OpcodeEnum.VFMSUBADD213PD); mOpcodes.put(0x21e4, OpcodeEnum.VFMADD213PS); mOpcodes.put(0x21f1, OpcodeEnum.VFMADD213PD); mOpcodes.put(0x21fe, OpcodeEnum.VFMADD213SS); mOpcodes.put(0x220b, OpcodeEnum.VFMADD213SD); mOpcodes.put(0x2218, OpcodeEnum.VFMSUB213PS); mOpcodes.put(0x2225, OpcodeEnum.VFMSUB213PD); mOpcodes.put(0x2232, OpcodeEnum.VFMSUB213SS); mOpcodes.put(0x223f, OpcodeEnum.VFMSUB213SD); mOpcodes.put(0x224c, OpcodeEnum.VFNMADD213PS); mOpcodes.put(0x225a, OpcodeEnum.VFNMADD213PD); mOpcodes.put(0x2268, OpcodeEnum.VFNMADD213SS); mOpcodes.put(0x2276, OpcodeEnum.VFNMADD213SD); mOpcodes.put(0x2284, OpcodeEnum.VFNMSUB213PS); mOpcodes.put(0x2292, OpcodeEnum.VFNMSUB213PD); mOpcodes.put(0x22a0, OpcodeEnum.VFNMSUB213SS); mOpcodes.put(0x22ae, OpcodeEnum.VFNMSUB213SD); mOpcodes.put(0x22bc, OpcodeEnum.VFMADDSUB231PS); mOpcodes.put(0x22cc, OpcodeEnum.VFMADDSUB231PD); mOpcodes.put(0x22dc, OpcodeEnum.VFMSUBADD231PS); mOpcodes.put(0x22ec, OpcodeEnum.VFMSUBADD231PD); mOpcodes.put(0x22fc, OpcodeEnum.VFMADD231PS); mOpcodes.put(0x2309, OpcodeEnum.VFMADD231PD); mOpcodes.put(0x2316, OpcodeEnum.VFMADD231SS); mOpcodes.put(0x2323, OpcodeEnum.VFMADD231SD); mOpcodes.put(0x2330, OpcodeEnum.VFMSUB231PS); mOpcodes.put(0x233d, OpcodeEnum.VFMSUB231PD); mOpcodes.put(0x234a, OpcodeEnum.VFMSUB231SS); mOpcodes.put(0x2357, OpcodeEnum.VFMSUB231SD); mOpcodes.put(0x2364, OpcodeEnum.VFNMADD231PS); mOpcodes.put(0x2372, OpcodeEnum.VFNMADD231PD); mOpcodes.put(0x2380, OpcodeEnum.VFNMADD231SS); mOpcodes.put(0x238e, OpcodeEnum.VFNMADD231SD); mOpcodes.put(0x239c, OpcodeEnum.VFNMSUB231PS); mOpcodes.put(0x23aa, OpcodeEnum.VFNMSUB231PD); mOpcodes.put(0x23b8, OpcodeEnum.VFNMSUB231SS); mOpcodes.put(0x23c6, OpcodeEnum.VFNMSUB231SD); mOpcodes.put(0x23d4, OpcodeEnum.AESIMC); mOpcodes.put(0x23dc, OpcodeEnum.VAESIMC); mOpcodes.put(0x23e5, OpcodeEnum.AESENC); mOpcodes.put(0x23ed, OpcodeEnum.VAESENC); mOpcodes.put(0x23f6, OpcodeEnum.AESENCLAST); mOpcodes.put(0x2402, OpcodeEnum.VAESENCLAST); mOpcodes.put(0x240f, OpcodeEnum.AESDEC); mOpcodes.put(0x2417, OpcodeEnum.VAESDEC); mOpcodes.put(0x2420, OpcodeEnum.AESDECLAST); mOpcodes.put(0x242c, OpcodeEnum.VAESDECLAST); mOpcodes.put(0x2439, OpcodeEnum.MOVBE); mOpcodes.put(0x2440, OpcodeEnum.CRC32); mOpcodes.put(0x2447, OpcodeEnum.VPERM2F128); mOpcodes.put(0x2453, OpcodeEnum.ROUNDPS); mOpcodes.put(0x245c, OpcodeEnum.VROUNDPS); mOpcodes.put(0x2466, OpcodeEnum.ROUNDPD); mOpcodes.put(0x246f, OpcodeEnum.VROUNDPD); mOpcodes.put(0x2479, OpcodeEnum.ROUNDSS); mOpcodes.put(0x2482, OpcodeEnum.VROUNDSS); mOpcodes.put(0x248c, OpcodeEnum.ROUNDSD); mOpcodes.put(0x2495, OpcodeEnum.VROUNDSD); mOpcodes.put(0x249f, OpcodeEnum.BLENDPS); mOpcodes.put(0x24a8, OpcodeEnum.VBLENDPS); mOpcodes.put(0x24b2, OpcodeEnum.BLENDPD); mOpcodes.put(0x24bb, OpcodeEnum.VBLENDPD); mOpcodes.put(0x24c5, OpcodeEnum.PBLENDW); mOpcodes.put(0x24ce, OpcodeEnum.VPBLENDW); mOpcodes.put(0x24d8, OpcodeEnum.PALIGNR); mOpcodes.put(0x24e1, OpcodeEnum.VPALIGNR); mOpcodes.put(0x24eb, OpcodeEnum.PEXTRB); mOpcodes.put(0x24f3, OpcodeEnum.VPEXTRB); mOpcodes.put(0x24fc, OpcodeEnum.PEXTRD); mOpcodes.put(0x2504, OpcodeEnum.PEXTRQ); mOpcodes.put(0x250c, OpcodeEnum.VPEXTRD); mOpcodes.put(0x2515, OpcodeEnum.VPEXTRQ); mOpcodes.put(0x251e, OpcodeEnum.EXTRACTPS); mOpcodes.put(0x2529, OpcodeEnum.VEXTRACTPS); mOpcodes.put(0x2535, OpcodeEnum.VINSERTF128); mOpcodes.put(0x2542, OpcodeEnum.VEXTRACTF128); mOpcodes.put(0x2550, OpcodeEnum.PINSRB); mOpcodes.put(0x2558, OpcodeEnum.VPINSRB); mOpcodes.put(0x2561, OpcodeEnum.INSERTPS); mOpcodes.put(0x256b, OpcodeEnum.VINSERTPS); mOpcodes.put(0x2576, OpcodeEnum.PINSRD); mOpcodes.put(0x257e, OpcodeEnum.PINSRQ); mOpcodes.put(0x2586, OpcodeEnum.VPINSRD); mOpcodes.put(0x258f, OpcodeEnum.VPINSRQ); mOpcodes.put(0x2598, OpcodeEnum.DPPS); mOpcodes.put(0x259e, OpcodeEnum.VDPPS); mOpcodes.put(0x25a5, OpcodeEnum.DPPD); mOpcodes.put(0x25ab, OpcodeEnum.VDPPD); mOpcodes.put(0x25b2, OpcodeEnum.MPSADBW); mOpcodes.put(0x25bb, OpcodeEnum.VMPSADBW); mOpcodes.put(0x25c5, OpcodeEnum.PCLMULQDQ); mOpcodes.put(0x25d0, OpcodeEnum.VPCLMULQDQ); mOpcodes.put(0x25dc, OpcodeEnum.VBLENDVPS); mOpcodes.put(0x25e7, OpcodeEnum.VBLENDVPD); mOpcodes.put(0x25f2, OpcodeEnum.VPBLENDVB); mOpcodes.put(0x25fd, OpcodeEnum.PCMPESTRM); mOpcodes.put(0x2608, OpcodeEnum.VPCMPESTRM); mOpcodes.put(0x2614, OpcodeEnum.PCMPESTRI); mOpcodes.put(0x261f, OpcodeEnum.VPCMPESTRI); mOpcodes.put(0x262b, OpcodeEnum.PCMPISTRM); mOpcodes.put(0x2636, OpcodeEnum.VPCMPISTRM); mOpcodes.put(0x2642, OpcodeEnum.PCMPISTRI); mOpcodes.put(0x264d, OpcodeEnum.VPCMPISTRI); mOpcodes.put(0x2659, OpcodeEnum.AESKEYGENASSIST); mOpcodes.put(0x266a, OpcodeEnum.VAESKEYGENASSIST); mOpcodes.put(0x267c, OpcodeEnum.PSRLDQ); mOpcodes.put(0x2684, OpcodeEnum.VPSRLDQ); mOpcodes.put(0x268d, OpcodeEnum.PSLLDQ); mOpcodes.put(0x2695, OpcodeEnum.VPSLLDQ); mOpcodes.put(0x269e, OpcodeEnum.FXSAVE); mOpcodes.put(0x26a6, OpcodeEnum.FXSAVE64); mOpcodes.put(0x26b0, OpcodeEnum.RDFSBASE); mOpcodes.put(0x26ba, OpcodeEnum.FXRSTOR); mOpcodes.put(0x26c3, OpcodeEnum.FXRSTOR64); mOpcodes.put(0x26ce, OpcodeEnum.RDGSBASE); mOpcodes.put(0x26d8, OpcodeEnum.LDMXCSR); mOpcodes.put(0x26e1, OpcodeEnum.WRFSBASE); mOpcodes.put(0x26eb, OpcodeEnum.VLDMXCSR); mOpcodes.put(0x26f5, OpcodeEnum.STMXCSR); mOpcodes.put(0x26fe, OpcodeEnum.WRGSBASE); mOpcodes.put(0x2708, OpcodeEnum.VSTMXCSR); mOpcodes.put(0x2712, OpcodeEnum.VMPTRLD); mOpcodes.put(0x271b, OpcodeEnum.VMCLEAR); mOpcodes.put(0x2724, OpcodeEnum.VMXON); mOpcodes.put(0x272b, OpcodeEnum.MOVSXD); mOpcodes.put(0x2733, OpcodeEnum.PAUSE); mOpcodes.put(0x273a, OpcodeEnum.WAIT); mOpcodes.put(0x2740, OpcodeEnum.RDRAND); mOpcodes.put(0x2748, OpcodeEnum._3DNOW); } } distorm-3.4.1/examples/java/distorm/src/diStorm3/Operand.java000066400000000000000000000005721340425302400241470ustar00rootroot00000000000000package diStorm3; public class Operand { public enum OperandType { None, Reg, Imm, Imm1, Imm2, Disp, Smem, Mem, Pc, Ptr } private int mType; private int mIndex; private int mSize; public OperandType getType() { return OperandType.values()[mType]; } public int getIndex() { return mIndex; } public int getSize() { return mSize; } }distorm-3.4.1/examples/java/distorm/src/diStorm3/distorm3.java000066400000000000000000000025741340425302400243270ustar00rootroot00000000000000/* * diStorm3 JNI * Gil Dabah, Sep 2010 * */ package diStorm3; import diStorm3.CodeInfo; import diStorm3.DecodedResult; import diStorm3.DecomposedResult; import diStorm3.Opcodes; public class distorm3 { public enum DecodeType { Decode16Bits, Decode32Bits, Decode64Bits } public static native void Decompose(CodeInfo ci, DecomposedResult dr); public static native void Decode(CodeInfo ci, DecodedResult dr); public static native DecodedInst Format(CodeInfo ci, DecomposedInst di); public enum Registers { RAX, RCX, RDX, RBX, RSP, RBP, RSI, RDI, R8, R9, R10, R11, R12, R13, R14, R15, EAX, ECX, EDX, EBX, ESP, EBP, ESI, EDI, R8D, R9D, R10D, R11D, R12D, R13D, R14D, R15D, AX, CX, DX, BX, SP, BP, SI, DI, R8W, R9W, R10W, R11W, R12W, R13W, R14W, R15W, AL, CL, DL, BL, AH, CH, DH, BH, R8B, R9B, R10B, R11B, R12B, R13B, R14B, R15B, SPL, BPL, SIL, DIL, ES, CS, SS, DS, FS, GS, RIP, ST0, ST1, ST2, ST3, ST4, ST5, ST6, ST7, MM0, MM1, MM2, MM3, MM4, MM5, MM6, MM7, XMM0, XMM1, XMM2, XMM3, XMM4, XMM5, XMM6, XMM7, XMM8, XMM9, XMM10, XMM11, XMM12, XMM13, XMM14, XMM15, YMM0, YMM1, YMM2, YMM3, YMM4, YMM5, YMM6, YMM7, YMM8, YMM9, YMM10, YMM11, YMM12, YMM13, YMM14, YMM15, CR0, UNUSED0, CR2, CR3, CR4, UNUSED1, UNUSED2, UNUSED3, CR8, DR0, DR1, DR2, DR3, UNUSED4, UNUSED5, DR6, DR7 }; static { System.loadLibrary("jdistorm"); } } distorm-3.4.1/examples/java/jdistorm.c000066400000000000000000000375021340425302400177420ustar00rootroot00000000000000/* * diStorm3 JNI wrapper. * Gil Dabah, October 2010. */ #include "jdistorm.h" #include "../../include/distorm.h" #include #include #include #pragma comment(lib, "../../distorm.lib") static struct _CodeInfoIds { jclass jCls; jfieldID ID_CodeOffset; jfieldID ID_Code; jfieldID ID_DecodeType; jfieldID ID_Features; } g_CodeInfoIds; static struct _DecodedResultIds { jclass jCls; jfieldID ID_Instructions; jfieldID ID_MaxInstructions; } g_DecodedResultIds; static struct _DecodedInstIds { jclass jCls; jfieldID ID_Mnemonic; jfieldID ID_Operands; jfieldID ID_Hex; jfieldID ID_Size; jfieldID ID_Offset; } g_DecodedInstIds; static struct _DecomposedResultIds { jclass jCls; jfieldID ID_Instructions; jfieldID ID_MaxInstructions; } g_DecomposedResultIds; static struct _DecomposedInstIds { jclass jCls; jfieldID ID_Address; jfieldID ID_Size; jfieldID ID_Flags; jfieldID ID_Segment; jfieldID ID_Base; jfieldID ID_Scale; jfieldID ID_Opcode; jfieldID ID_Operands; jfieldID ID_Disp; jfieldID ID_Imm; jfieldID ID_UnusedPrefixesMask; jfieldID ID_Meta; jfieldID ID_RegistersMask; jfieldID ID_ModifiedFlagsMask; jfieldID ID_TestedFlagsMask; jfieldID ID_UndefinedFlagsMask; } g_DecomposedInstIds; static struct _OperandIds { jclass jCls; jfieldID ID_Type; jfieldID ID_Index; jfieldID ID_Size; } g_OperandIds; static struct _ImmIds { jclass jCls; jfieldID ID_Value; jfieldID ID_Size; } g_ImmIds; static struct _DispIds { jclass jCls; jfieldID ID_Displacement; jfieldID ID_Size; } g_DispIds; void JThrowByName(JNIEnv* env, const char *name, const char* msg) { jclass cls = (*env)->FindClass(env, name); if (cls != NULL) { (*env)->ThrowNew(env, cls, msg); } (*env)->DeleteLocalRef(env, cls); } _CodeInfo* AcquireCodeInfoStruct(JNIEnv *env, jobject jciObj) { jobject jCodeObj = NULL; _CodeInfo* ci = (_CodeInfo*)malloc(sizeof(_CodeInfo)); if (ci == NULL) { JThrowByName(env, "java/lang/OutOfMemoryError", NULL); return NULL; } memset(ci, 0, sizeof(_CodeInfo)); ci->codeOffset = (*env)->GetLongField(env, jciObj, g_CodeInfoIds.ID_CodeOffset); jCodeObj = (*env)->GetObjectField(env, jciObj, g_CodeInfoIds.ID_Code); ci->code = (uint8_t*) (*env)->GetDirectBufferAddress(env, jCodeObj); ci->codeLen = (int)(*env)->GetDirectBufferCapacity(env, jCodeObj); ci->dt = (*env)->GetIntField(env, jciObj, g_CodeInfoIds.ID_DecodeType); ci->features = (*env)->GetIntField(env, jciObj, g_CodeInfoIds.ID_Features); return ci; } jobject CreateDecodedInstObj(JNIEnv* env, const _DecodedInst* inst) { jobject jInst = (*env)->AllocObject(env, g_DecodedInstIds.jCls); if (jInst == NULL) return NULL; (*env)->SetObjectField(env, jInst, g_DecodedInstIds.ID_Mnemonic, (*env)->NewStringUTF(env, (const char*)inst->mnemonic.p)); (*env)->SetObjectField(env, jInst, g_DecodedInstIds.ID_Operands, (*env)->NewStringUTF(env, (const char*)inst->operands.p)); (*env)->SetObjectField(env, jInst, g_DecodedInstIds.ID_Hex, (*env)->NewStringUTF(env, (const char*)inst->instructionHex.p)); (*env)->SetIntField(env, jInst, g_DecodedInstIds.ID_Size, inst->size); (*env)->SetLongField(env, jInst, g_DecodedInstIds.ID_Offset, inst->offset); return jInst; } JNIEXPORT void JNICALL Java_diStorm3_distorm3_Decode (JNIEnv *env, jobject thiz, jobject jciObj, jobject jdrObj) { jarray jInsts = NULL; jobject jInst = NULL; _CodeInfo* ci = NULL; _DecodedInst* insts = NULL; jint maxInstructions = 0; unsigned int usedInstructionsCount = 0, i = 0; thiz; /* Unused. */ ci = AcquireCodeInfoStruct(env, jciObj); if (ci == NULL) { JThrowByName(env, "java/lang/OutOfMemoryError", NULL); return; } maxInstructions = (*env)->GetIntField(env, jdrObj, g_DecodedResultIds.ID_MaxInstructions); insts = (_DecodedInst*)malloc(maxInstructions * sizeof(_DecodedInst)); if (insts == NULL) goto Cleanup; distorm_decode(ci->codeOffset, ci->code, ci->codeLen, ci->dt, insts, maxInstructions, &usedInstructionsCount); jInsts = (*env)->NewObjectArray(env, usedInstructionsCount, g_DecodedInstIds.jCls, NULL); if (jInsts == NULL) goto Cleanup; for (i = 0; i < usedInstructionsCount; i++) { jInst = CreateDecodedInstObj(env, &insts[i]); if (jInst == NULL) goto Cleanup; (*env)->SetObjectArrayElement(env, jInsts, i, jInst); } (*env)->SetObjectField(env, jdrObj, g_DecodedResultIds.ID_Instructions, jInsts); Cleanup: /* In case of an error, jInsts will get cleaned automatically. */ if (ci != NULL) free(ci); if (insts != NULL) free(insts); } JNIEXPORT void JNICALL Java_diStorm3_distorm3_Decompose (JNIEnv *env, jobject thiz, jobject jciObj, jobject jdrObj) { jarray jInsts = NULL, jOperands = NULL; jobject jInst = NULL, jOperand = NULL, jImm = NULL, jDisp = NULL; _CodeInfo* ci = NULL; _DInst* insts = NULL; jint maxInstructions = 0; unsigned int usedInstructionsCount = 0, i = 0, j = 0, operandsNo = 0; int success = 0; thiz; /* Unused. */ ci = AcquireCodeInfoStruct(env, jciObj); if (ci == NULL) { JThrowByName(env, "java/lang/OutOfMemoryError", NULL); return; } maxInstructions = (*env)->GetIntField(env, jdrObj, g_DecomposedResultIds.ID_MaxInstructions); insts = (_DInst*)malloc(maxInstructions * sizeof(_DInst)); if (insts == NULL) goto Cleanup; distorm_decompose(ci, insts, maxInstructions, &usedInstructionsCount); jInsts = (*env)->NewObjectArray(env, usedInstructionsCount, g_DecomposedInstIds.jCls, NULL); if (jInsts == NULL) goto Cleanup; for (i = 0; i < usedInstructionsCount; i++) { jInst = (*env)->AllocObject(env, g_DecomposedInstIds.jCls); if (jInst == NULL) goto Cleanup; /* Simple fields: */ (*env)->SetLongField(env, jInst, g_DecomposedInstIds.ID_Address, insts[i].addr); (*env)->SetIntField(env, jInst, g_DecomposedInstIds.ID_Flags, insts[i].flags); (*env)->SetIntField(env, jInst, g_DecomposedInstIds.ID_Size, insts[i].size); (*env)->SetIntField(env, jInst, g_DecomposedInstIds.ID_Segment, insts[i].segment); (*env)->SetIntField(env, jInst, g_DecomposedInstIds.ID_Base, insts[i].base); (*env)->SetIntField(env, jInst, g_DecomposedInstIds.ID_Scale, insts[i].scale); (*env)->SetIntField(env, jInst, g_DecomposedInstIds.ID_Opcode, insts[i].opcode); (*env)->SetIntField(env, jInst, g_DecomposedInstIds.ID_UnusedPrefixesMask, insts[i].unusedPrefixesMask); (*env)->SetIntField(env, jInst, g_DecomposedInstIds.ID_Meta, insts[i].meta); (*env)->SetIntField(env, jInst, g_DecomposedInstIds.ID_RegistersMask, insts[i].usedRegistersMask); (*env)->SetIntField(env, jInst, g_DecomposedInstIds.ID_ModifiedFlagsMask, insts[i].modifiedFlagsMask); (*env)->SetIntField(env, jInst, g_DecomposedInstIds.ID_TestedFlagsMask, insts[i].testedFlagsMask); (*env)->SetIntField(env, jInst, g_DecomposedInstIds.ID_UndefinedFlagsMask, insts[i].undefinedFlagsMask); /* Immediate variant. */ jImm = (*env)->AllocObject(env, g_ImmIds.jCls); if (jImm == NULL) goto Cleanup; (*env)->SetLongField(env, jImm, g_ImmIds.ID_Value, insts[i].imm.qword); /* The size of the immediate is in one of the operands, if at all. Look for it below. Zero by default. */ (*env)->SetIntField(env, jImm, g_ImmIds.ID_Size, 0); /* Count operands. */ for (operandsNo = 0; operandsNo < OPERANDS_NO; operandsNo++) { if (insts[i].ops[operandsNo].type == O_NONE) break; } jOperands = (*env)->NewObjectArray(env, operandsNo, g_OperandIds.jCls, NULL); if (jOperands == NULL) goto Cleanup; for (j = 0; j < operandsNo; j++) { if (insts[i].ops[j].type == O_IMM) { /* Set the size of the immediate operand. */ (*env)->SetIntField(env, jImm, g_ImmIds.ID_Size, insts[i].ops[j].size); } jOperand = (*env)->AllocObject(env, g_OperandIds.jCls); if (jOperand == NULL) goto Cleanup; (*env)->SetIntField(env, jOperand, g_OperandIds.ID_Type, insts[i].ops[j].type); (*env)->SetIntField(env, jOperand, g_OperandIds.ID_Index, insts[i].ops[j].index); (*env)->SetIntField(env, jOperand, g_OperandIds.ID_Size, insts[i].ops[j].size); (*env)->SetObjectArrayElement(env, jOperands, j, jOperand); } (*env)->SetObjectField(env, jInst, g_DecomposedInstIds.ID_Operands, jOperands); /* Attach the immediate variant. */ (*env)->SetObjectField(env, jInst, g_DecomposedInstIds.ID_Imm, jImm); /* Displacement variant. */ jDisp = (*env)->AllocObject(env, g_DispIds.jCls); if (jDisp == NULL) goto Cleanup; (*env)->SetLongField(env, jDisp, g_DispIds.ID_Displacement, insts[i].disp); (*env)->SetIntField(env, jDisp, g_DispIds.ID_Size, insts[i].dispSize); (*env)->SetObjectField(env, jInst, g_DecomposedInstIds.ID_Disp, jDisp); (*env)->SetObjectArrayElement(env, jInsts, i, jInst); } (*env)->SetObjectField(env, jdrObj, g_DecodedResultIds.ID_Instructions, jInsts); Cleanup: /* In case of an error, jInsts will get cleaned automatically. */ if (ci != NULL) free(ci); if (insts != NULL) free(insts); } JNIEXPORT jobject JNICALL Java_diStorm3_distorm3_Format (JNIEnv *env, jobject thiz, jobject jciObj, jobject jdiObj) { _CodeInfo* ci = NULL; _DInst input = {0}; _DecodedInst output = {0}; jobject ret = NULL, jOperands = NULL, jOp = NULL, jTmp = NULL; jsize i, opsCount; thiz; /* Unused. */ ci = AcquireCodeInfoStruct(env, jciObj); if (ci == NULL) { JThrowByName(env, "java/lang/OutOfMemoryError", NULL); return NULL; } input.addr = (*env)->GetLongField(env, jdiObj, g_DecomposedInstIds.ID_Address); input.flags = (uint16_t) (*env)->GetIntField(env, jdiObj, g_DecomposedInstIds.ID_Flags); input.size = (uint8_t) (*env)->GetIntField(env, jdiObj, g_DecomposedInstIds.ID_Size); input.segment = (uint8_t) (*env)->GetIntField(env, jdiObj, g_DecomposedInstIds.ID_Segment); input.base = (uint8_t) (*env)->GetIntField(env, jdiObj, g_DecomposedInstIds.ID_Base); input.scale = (uint8_t) (*env)->GetIntField(env, jdiObj, g_DecomposedInstIds.ID_Scale); input.opcode = (uint16_t) (*env)->GetIntField(env, jdiObj, g_DecomposedInstIds.ID_Opcode); /* unusedPrefixesMask is unused indeed, lol. */ input.meta = (uint8_t) (*env)->GetIntField(env, jdiObj, g_DecomposedInstIds.ID_Meta); /* Nor usedRegistersMask. */ jOperands = (*env)->GetObjectField(env, jdiObj, g_DecomposedInstIds.ID_Operands); if (jOperands != NULL) { opsCount = (*env)->GetArrayLength(env, jOperands); for (i = 0; i < opsCount; i++) { jOp = (*env)->GetObjectArrayElement(env, jOperands, i); if (jOp != NULL) { input.ops[i].index = (uint8_t) (*env)->GetIntField(env, jOp, g_OperandIds.ID_Index); input.ops[i].type = (uint8_t) (*env)->GetIntField(env, jOp, g_OperandIds.ID_Type); input.ops[i].size = (uint16_t) (*env)->GetIntField(env, jOp, g_OperandIds.ID_Size); } } } jTmp = (*env)->GetObjectField(env, jdiObj, g_DecomposedInstIds.ID_Imm); if (jTmp != NULL) { input.imm.qword = (uint64_t) (*env)->GetLongField(env, jTmp, g_ImmIds.ID_Value); } jTmp = (*env)->GetObjectField(env, jdiObj, g_DecomposedInstIds.ID_Disp); if (jTmp != NULL) { input.disp = (uint64_t) (*env)->GetLongField(env, jTmp, g_DispIds.ID_Displacement); input.dispSize = (uint8_t) (*env)->GetIntField(env, jTmp, g_DispIds.ID_Size); } distorm_format(ci, &input, &output); ret = CreateDecodedInstObj(env, &output); if (ci != NULL) free(ci); return ret; } /* Cache all ID's and classes! Release in unload. */ jint JNI_OnLoad(JavaVM *vm, void *reserved) { jclass jCls = NULL; JNIEnv* env = NULL; if ((*vm)->GetEnv(vm, (void**)&env, JNI_VERSION_1_6) != JNI_OK) { return JNI_VERSION_1_6; } jCls = (*env)->FindClass(env, PACKAGE_PREFIX "CodeInfo"); g_CodeInfoIds.jCls = (*env)->NewWeakGlobalRef(env, jCls); g_CodeInfoIds.ID_CodeOffset = (*env)->GetFieldID(env, jCls, "mCodeOffset", "J"); g_CodeInfoIds.ID_Code = (*env)->GetFieldID(env, jCls, "mCode", "Ljava/nio/ByteBuffer;"); g_CodeInfoIds.ID_DecodeType = (*env)->GetFieldID(env, jCls, "mDecodeType", "I"); g_CodeInfoIds.ID_Features = (*env)->GetFieldID(env, jCls, "mFeatures", "I"); jCls = (*env)->FindClass(env, PACKAGE_PREFIX "DecodedResult"); g_DecodedResultIds.jCls = (*env)->NewWeakGlobalRef(env, jCls); g_DecodedResultIds.ID_MaxInstructions = (*env)->GetFieldID(env, jCls, "mMaxInstructions", "I"); g_DecodedResultIds.ID_Instructions = (*env)->GetFieldID(env, jCls, "mInstructions", "[L" PACKAGE_PREFIX "DecodedInst;"); jCls = (*env)->FindClass(env, PACKAGE_PREFIX "DecodedInst"); g_DecodedInstIds.jCls = (*env)->NewWeakGlobalRef(env, jCls); g_DecodedInstIds.ID_Mnemonic = (*env)->GetFieldID(env, jCls, "mMnemonic", "Ljava/lang/String;"); g_DecodedInstIds.ID_Operands = (*env)->GetFieldID(env, jCls, "mOperands", "Ljava/lang/String;"); g_DecodedInstIds.ID_Hex = (*env)->GetFieldID(env, jCls, "mHex", "Ljava/lang/String;"); g_DecodedInstIds.ID_Size = (*env)->GetFieldID(env, jCls, "mSize", "I"); g_DecodedInstIds.ID_Offset = (*env)->GetFieldID(env, jCls, "mOffset", "J"); jCls = (*env)->FindClass(env, PACKAGE_PREFIX "DecomposedResult"); g_DecomposedResultIds.jCls = (*env)->NewWeakGlobalRef(env, jCls); g_DecomposedResultIds.ID_Instructions = (*env)->GetFieldID(env, jCls, "mInstructions", "[L" PACKAGE_PREFIX "DecomposedInst;"); g_DecomposedResultIds.ID_MaxInstructions = (*env)->GetFieldID(env, jCls, "mMaxInstructions", "I"); jCls = (*env)->FindClass(env, PACKAGE_PREFIX "DecomposedInst"); g_DecomposedInstIds.jCls = (*env)->NewWeakGlobalRef(env, jCls); g_DecomposedInstIds.ID_Address = (*env)->GetFieldID(env, jCls, "mAddr", "J"); g_DecomposedInstIds.ID_Size = (*env)->GetFieldID(env, jCls, "mSize", "I"); g_DecomposedInstIds.ID_Flags = (*env)->GetFieldID(env, jCls, "mFlags", "I"); g_DecomposedInstIds.ID_Segment = (*env)->GetFieldID(env, jCls, "mSegment", "I"); g_DecomposedInstIds.ID_Base = (*env)->GetFieldID(env, jCls, "mBase", "I"); g_DecomposedInstIds.ID_Scale = (*env)->GetFieldID(env, jCls, "mScale", "I"); g_DecomposedInstIds.ID_Opcode = (*env)->GetFieldID(env, jCls, "mOpcode", "I"); g_DecomposedInstIds.ID_Operands = (*env)->GetFieldID(env, jCls, "mOperands", "[L" PACKAGE_PREFIX "Operand;"); g_DecomposedInstIds.ID_Disp = (*env)->GetFieldID(env, jCls, "mDisp", "L" PACKAGE_PREFIX "DecomposedInst$DispVariant;"); g_DecomposedInstIds.ID_Imm = (*env)->GetFieldID(env, jCls, "mImm", "L" PACKAGE_PREFIX "DecomposedInst$ImmVariant;"); g_DecomposedInstIds.ID_UnusedPrefixesMask = (*env)->GetFieldID(env, jCls, "mUnusedPrefixesMask", "I"); g_DecomposedInstIds.ID_Meta = (*env)->GetFieldID(env, jCls, "mMeta", "I"); g_DecomposedInstIds.ID_RegistersMask = (*env)->GetFieldID(env, jCls, "mRegistersMask", "I"); g_DecomposedInstIds.ID_ModifiedFlagsMask = (*env)->GetFieldID(env, jCls, "mModifiedFlagsMask", "I"); g_DecomposedInstIds.ID_TestedFlagsMask = (*env)->GetFieldID(env, jCls, "mTestedFlagsMask", "I"); g_DecomposedInstIds.ID_UndefinedFlagsMask = (*env)->GetFieldID(env, jCls, "mUndefinedFlagsMask", "I"); jCls = (*env)->FindClass(env, PACKAGE_PREFIX "Operand"); g_OperandIds.jCls = (*env)->NewWeakGlobalRef(env, jCls); g_OperandIds.ID_Type = (*env)->GetFieldID(env, jCls, "mType", "I"); g_OperandIds.ID_Index = (*env)->GetFieldID(env, jCls, "mIndex", "I"); g_OperandIds.ID_Size = (*env)->GetFieldID(env, jCls, "mSize", "I"); jCls = (*env)->FindClass(env, PACKAGE_PREFIX "DecomposedInst$ImmVariant"); g_ImmIds.jCls = (*env)->NewWeakGlobalRef(env, jCls); g_ImmIds.ID_Value = (*env)->GetFieldID(env, jCls, "mValue", "J"); g_ImmIds.ID_Size = (*env)->GetFieldID(env, jCls, "mSize", "I"); jCls = (*env)->FindClass(env, PACKAGE_PREFIX "DecomposedInst$DispVariant"); g_DispIds.jCls = (*env)->NewWeakGlobalRef(env, jCls); g_DispIds.ID_Displacement = (*env)->GetFieldID(env, jCls, "mDisplacement", "J"); g_DispIds.ID_Size = (*env)->GetFieldID(env, jCls, "mSize", "I"); return JNI_VERSION_1_6; } JNIEXPORT void JNICALL JNI_OnUnload(JavaVM *vm, void *reserved) { /* Free global weak refs. */ }distorm-3.4.1/examples/java/jdistorm.h000066400000000000000000000020711340425302400177400ustar00rootroot00000000000000/* DO NOT EDIT THIS FILE - it is machine generated */ #include /* Header for class Distorm3 */ #ifndef _Included_Distorm3 #define _Included_Distorm3 #ifdef __cplusplus extern "C" { #endif #define PACKAGE_PREFIX "diStorm3/" /* * Class: com_reviverstudio_core_disasms_distorm3_Distorm3 * Method: Decompose * Signature: (LdiStorm3/CodeInfo;LdiStorm3/DecomposedResult;)V */ JNIEXPORT void JNICALL Java_diStorm3_distorm3_Decompose (JNIEnv *, jclass, jobject, jobject); /* * Class: com_reviverstudio_core_disasms_distorm3_Distorm3 * Method: Decode * Signature: (LdiStorm3/CodeInfo;LdiStorm3/DecodedResult;)V */ JNIEXPORT void JNICALL Java_diStorm3_distorm3_Decode (JNIEnv *, jclass, jobject, jobject); /* * Class: com_reviverstudio_core_disasms_distorm3_Distorm3 * Method: Format * Signature: (LdiStorm3/CodeInfo;LdiStorm3/DecomposedInst;)LdiStorm3/DecodedInst; */ JNIEXPORT jobject JNICALL Java_diStorm3_distorm3_Format (JNIEnv *, jclass, jobject, jobject); #ifdef __cplusplus } #endif #endif distorm-3.4.1/examples/java/jdistorm.sln000066400000000000000000000015311340425302400203050ustar00rootroot00000000000000 Microsoft Visual Studio Solution File, Format Version 10.00 # Visual Studio 2008 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "jdistorm", "jdistorm.vcproj", "{AB6B51F5-79C6-44CA-9D0B-7CB2A009A9AB}" EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|x64 = Debug|x64 Release|x64 = Release|x64 EndGlobalSection GlobalSection(ProjectConfigurationPlatforms) = postSolution {AB6B51F5-79C6-44CA-9D0B-7CB2A009A9AB}.Debug|x64.ActiveCfg = Debug|x64 {AB6B51F5-79C6-44CA-9D0B-7CB2A009A9AB}.Debug|x64.Build.0 = Debug|x64 {AB6B51F5-79C6-44CA-9D0B-7CB2A009A9AB}.Release|x64.ActiveCfg = Release|x64 {AB6B51F5-79C6-44CA-9D0B-7CB2A009A9AB}.Release|x64.Build.0 = Release|x64 EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE EndGlobalSection EndGlobal distorm-3.4.1/examples/java/jdistorm.vcproj000066400000000000000000000113321340425302400210140ustar00rootroot00000000000000 distorm-3.4.1/examples/linux/000077500000000000000000000000001340425302400161525ustar00rootroot00000000000000distorm-3.4.1/examples/linux/Makefile000066400000000000000000000003241340425302400176110ustar00rootroot00000000000000# # diStorm (Linux Port) / Demo Application Makefile # TARGET = disasm CC = gcc CFLAGS = -Wall -O2 -o all: disasm disasm: ${CC} ${CFLAGS} ${TARGET} main.c ../../distorm3.a clean: /bin/rm -rf *.o ${TARGET} distorm-3.4.1/examples/linux/main.c000066400000000000000000000132721340425302400172470ustar00rootroot00000000000000// diStorm64 library sample // http://ragestorm.net/distorm/ // Arkon, Stefan, 2005 // Mikhail, 2006 // JvW, 2007 #include #include #include #include #include #include // For the compilers who don't have sysexits.h, which is not an ISO/ANSI include! #define EX_OK 0 #define EX_USAGE 64 #define EX_DATAERR 65 #define EX_NOINPUT 66 #define EX_NOUSER 67 #define EX_NOHOST 68 #define EX_UNAVAILABLE 69 #define EX_SOFTWARE 70 #define EX_OSERR 71 #define EX_OSFILE 72 #define EX_CANTCREAT 73 #define EX_IOERR 74 #define EX_TEMPFAIL 75 #define EX_PROTOCOL 76 #define EX_NOPERM 77 #define EX_CONFIG 78 #include "../../include/distorm.h" // The number of the array of instructions the decoder function will use to return the disassembled instructions. // Play with this value for performance... #define MAX_INSTRUCTIONS (1000) int main(int argc, char **argv) { // Version of used compiled library. unsigned int dver = 0; // Holds the result of the decoding. _DecodeResult res; // Decoded instruction information. _DecodedInst decodedInstructions[MAX_INSTRUCTIONS]; // next is used for instruction's offset synchronization. // decodedInstructionsCount holds the count of filled instructions' array by the decoder. unsigned int decodedInstructionsCount = 0, i, next; // Default decoding mode is 32 bits, could be set by command line. _DecodeType dt = Decode32Bits; // Default offset for buffer is 0, could be set in command line. _OffsetType offset = 0; char* errch = NULL; // Index to file name in argv. int param = 1; // Handling file. FILE* f; unsigned long filesize = 0, bytesread = 0; struct stat st; // Buffer to disassemble. unsigned char *buf, *buf2; // Disassembler version. dver = distorm_version(); printf("diStorm version: %u.%u.%u\n", (dver >> 16), ((dver) >> 8) & 0xff, dver & 0xff); // Check params. if (argc < 2 || argc > 4) { printf("Usage: ./disasm [-b16] [-b64] filename [memory offset]\r\nRaw disassembler output.\r\nMemory offset is origin of binary file in memory (address in hex).\r\nDefault decoding mode is -b32.\r\nexample: disasm -b16 demo.com 789a\r\n"); return EX_USAGE; } if (strncmp(argv[param], "-b16", 4) == 0) { dt = Decode16Bits; param++; } else if (strncmp(argv[param], "-b64", 4) == 0) { dt = Decode64Bits; param++; } else if (*argv[param] == '-') { fputs("Decoding mode size isn't specified!\n", stderr); return EX_USAGE; } else if (argc == 4) { fputs("Too many parameters are set.\n", stderr); return EX_USAGE; } if (param >= argc) { fputs("Filename is missing.\n", stderr); return EX_USAGE; } if (param + 1 == argc-1) { // extra param? #ifdef SUPPORT_64BIT_OFFSET offset = strtoull(argv[param + 1], &errch, 16); #else offset = strtoul(argv[param + 1], &errch, 16); #endif if (*errch != '\0') { fprintf(stderr, "Offset `%s' couldn't be converted.\n", argv[param + 1]); return EX_USAGE; } } f = fopen(argv[param], "rb"); if (f == NULL) { perror(argv[param]); return EX_NOINPUT; } if (fstat(fileno(f), &st) != 0) { perror("fstat"); fclose(f); return EX_NOINPUT; } filesize = st.st_size; // We read the whole file into memory in order to make life easier, // otherwise we would have to synchronize the code buffer as well (so instructions won't be split). buf2 = buf = malloc(filesize); if (buf == NULL) { perror("File too large."); fclose(f); return EX_UNAVAILABLE; } bytesread = fread(buf, 1, filesize, f); if (bytesread != filesize) { perror("Can't read file into memory."); free(buf); fclose(f); return EX_IOERR; } fclose(f); printf("bits: %d\nfilename: %s\norigin: ", dt == Decode16Bits ? 16 : dt == Decode32Bits ? 32 : 64, argv[param]); #ifdef SUPPORT_64BIT_OFFSET if (dt != Decode64Bits) printf("%08llx\n", offset); else printf("%016llx\n", offset); #else printf("%08x\n", offset); #endif // Decode the buffer at given offset (virtual address). while (1) { // If you get an undefined reference linker error for the following line, // change the SUPPORT_64BIT_OFFSET in distorm.h. res = distorm_decode(offset, (const unsigned char*)buf, filesize, dt, decodedInstructions, MAX_INSTRUCTIONS, &decodedInstructionsCount); if (res == DECRES_INPUTERR) { // Null buffer? Decode type not 16/32/64? fputs("Input error, halting!\n", stderr); free(buf2); return EX_SOFTWARE; } for (i = 0; i < decodedInstructionsCount; i++) #ifdef SUPPORT_64BIT_OFFSET printf("%0*llx (%02d) %-24s %s%s%s\r\n", dt != Decode64Bits ? 8 : 16, decodedInstructions[i].offset, decodedInstructions[i].size, (char*)decodedInstructions[i].instructionHex.p, (char*)decodedInstructions[i].mnemonic.p, decodedInstructions[i].operands.length != 0 ? " " : "", (char*)decodedInstructions[i].operands.p); #else printf("%08x (%02d) %-24s %s%s%s\r\n", decodedInstructions[i].offset, decodedInstructions[i].size, (char*)decodedInstructions[i].instructionHex.p, (char*)decodedInstructions[i].mnemonic.p, decodedInstructions[i].operands.length != 0 ? " " : "", (char*)decodedInstructions[i].operands.p); #endif if (res == DECRES_SUCCESS) break; // All instructions were decoded. else if (decodedInstructionsCount == 0) break; // Synchronize: next = (unsigned int)(decodedInstructions[decodedInstructionsCount-1].offset - offset); next += decodedInstructions[decodedInstructionsCount-1].size; // Advance ptr and recalc offset. buf += next; filesize -= next; offset += next; } // Release buffer free(buf2); return EX_OK; } distorm-3.4.1/examples/python/000077500000000000000000000000001340425302400163345ustar00rootroot00000000000000distorm-3.4.1/examples/python/sample.py000066400000000000000000000034731340425302400201760ustar00rootroot00000000000000# Mario Vilas, http://breakingcode.wordpress.com # Licensed under BSD in 2016 # Example code import distorm3 import sys import optparse # Parse the command line arguments usage = 'Usage: %prog [--b16 | --b32 | --b64] filename [offset]' parser = optparse.OptionParser(usage=usage) parser.add_option( '--b16', help='80286 decoding', action='store_const', dest='dt', const=distorm3.Decode16Bits ) parser.add_option( '--b32', help='IA-32 decoding [default]', action='store_const', dest='dt', const=distorm3.Decode32Bits ) parser.add_option( '--b64', help='AMD64 decoding', action='store_const', dest='dt', const=distorm3.Decode64Bits ) parser.set_defaults(dt=distorm3.Decode32Bits) options, args = parser.parse_args(sys.argv) if len(args) < 2: parser.error('missing parameter: filename') filename = args[1] offset = 0 length = None if len(args) == 3: try: offset = int(args[2], 10) except ValueError: parser.error('invalid offset: %s' % args[2]) if offset < 0: parser.error('invalid offset: %s' % args[2]) elif len(args) > 3: parser.error('too many parameters') # Read the code from the file try: code = open(filename, 'rb').read() except Exception as e: parser.error('error reading file %s: %s' % (filename, e)) # Print each decoded instruction # This shows how to use the Deocode - Generator iterable = distorm3.DecodeGenerator(offset, code, options.dt) for (offset, size, instruction, hexdump) in iterable: print("%.8x: %-32s %s" % (offset, hexdump, instruction)) # It could also be used as a returned list: # l = distorm3.Decode(offset, code, options.dt) # for (offset, size, instruction, hexdump) in l: # print("%.8x: %-32s %s" % (offset, hexdump, instruction)) distorm-3.4.1/examples/tests/000077500000000000000000000000001340425302400161555ustar00rootroot00000000000000distorm-3.4.1/examples/tests/Makefile000066400000000000000000000003301340425302400176110ustar00rootroot00000000000000# # diStorm (Linux Port) / Demo Application Makefile # TARGET = disasm CC = gcc CFLAGS = -Wall -O2 -I. -o all: disasm disasm: ${CC} ${CFLAGS} ${TARGET} main.cpp ../distorm64.a clean: /bin/rm -rf *.o ${TARGET} distorm-3.4.1/examples/tests/main.cpp000066400000000000000000000027261340425302400176140ustar00rootroot00000000000000// diStorm64 library sample // http://ragestorm.net/distorm/ // Arkon, Stefan, 2005 #include #include #pragma comment(lib, "../../distorm.lib") #include "../../include/distorm.h" // The number of the array of instructions the decoder function will use to return the disassembled instructions. // Play with this value for performance... #define MAX_INSTRUCTIONS (1000) int main(int argc, char **argv) { _DecodeResult res; _DecodedInst decodedInstructions[1000]; unsigned int decodedInstructionsCount = 0, i = 0; _OffsetType offset = 0; unsigned int dver = distorm_version(); printf("diStorm version: %d.%d.%d\n", (dver >> 16), ((dver) >> 8) & 0xff, dver & 0xff); unsigned char rawData[] = { 0x68, 0, 0, 0, 0, 0x9b, 0xdf, 0xe0, 0x66, 0xa1, 0xcc, 0xb0, 0x97, 0x7c, 0xC7, 0xC1, 0x08, 0x00, 0x00, 0x00, 0xc7, 0xf8, 0xaa, 0xaa, 0xaa, 0xaa, 0x48, 0xC7, 0xC0, 0x00, 0x00, 0x00, 0x00 } ; res = distorm_decode(offset, (const unsigned char*)rawData, sizeof(rawData), Decode64Bits, decodedInstructions, MAX_INSTRUCTIONS, &decodedInstructionsCount); for (int i = 0; i < decodedInstructionsCount; i++) { printf("%08I64x (%02d) %-24s %s%s%s\r\n", decodedInstructions[i].offset, decodedInstructions[i].size, (char*)decodedInstructions[i].instructionHex.p, (char*)decodedInstructions[i].mnemonic.p, decodedInstructions[i].operands.length != 0 ? " " : "", (char*)decodedInstructions[i].operands.p); } return 0; } distorm-3.4.1/examples/tests/main.py000066400000000000000000000046051340425302400174600ustar00rootroot00000000000000#import distorm from pyasm import * from distorm3 import * _REGS = ["RAX", "RCX", "RDX", "RBX", "RSP", "RBP", "RSI", "RDI", "R8", "R9", "R10", "R11", "R12", "R13", "R14", "R15", "EAX", "ECX", "EDX", "EBX", "ESP", "EBP", "ESI", "EDI", "R8D", "R9D", "R10D", "R11D", "R12D", "R13D", "R14D", "R15D", "AX", "CX", "DX", "BX", "SP", "BP", "SI", "DI", "R8W", "R9W", "R10W", "R11W", "R12W", "R13W", "R14W", "R15W", "AL", "CL", "DL", "BL", "AH", "CH", "DH", "BH", "R8B", "R9B", "R10B", "R11B", "R12B", "R13B", "R14B", "R15B", "SPL", "BPL", "SIL", "DIL", "ES", "CS", "SS", "DS", "FS", "GS", "RIP", "ST0", "ST1", "ST2", "ST3", "ST4", "ST5", "ST6", "ST7", "MM0", "MM1", "MM2", "MM3", "MM4", "MM5", "MM6", "MM7", "XMM0", "XMM1", "XMM2", "XMM3", "XMM4", "XMM5", "XMM6", "XMM7", "XMM8", "XMM9", "XMM10", "XMM11", "XMM12", "XMM13", "XMM14", "XMM15", "YMM0", "YMM1", "YMM2", "YMM3", "YMM4", "YMM5", "YMM6", "YMM7", "YMM8", "YMM9", "YMM10", "YMM11", "YMM12", "YMM13", "YMM14", "YMM15", "CR0", "", "CR2", "CR3", "CR4", "", "", "", "CR8", "DR0", "DR1", "DR2", "DR3", "", "", "DR6", "DR7"] def decode(x, mode = 1): sizes = [16, 32, 64] x = Assemble(x, sizes[mode]) print x.encode('hex') #print distorm.Decode(0, x, mode) print Decode(0, x, mode) #decode("bswap ecx", 1) #distorm3.Decode(0, "480fc3c0".decode('hex'), 2) def xxx(x): buf = "".join(map(lambda txt: Assemble(txt, 32), x.split("\n"))) print ",0x".join(map(lambda x: "%02x" % ord(x), buf)) return Decode(0, buf, Decode32Bits)[0] def yyy(inst): print "%x (%d): " % (inst["addr"], inst["size"]) print inst ops = filter(lambda x:x is not None, inst["ops"]) for o in ops: if o["type"] == O_REG: print _REGS[o["index"]] elif o["type"] == O_IMM: print hex(inst["imm"]) elif o["type"] == O_MEM: print "[", if inst["base"] != R_NONE: print _REGS[inst["base"]], print "+", print _REGS[o["index"]], if inst["scale"] != 0: print "*%d" % inst["scale"], if inst["dispSize"] != 0: print " + 0x%x" % (inst["disp"]), print "]" elif o["type"] == O_SMEM: print "[%s" % (_REGS[o["index"]]), if inst["dispSize"] != 0: print " + 0x%x" % (inst["disp"]), print "]" elif o["type"] == O_DISP: print "[0x%x]" % inst["disp"] elif o["type"] == O_PC: print hex(inst["imm"]) #yyy(Decode(0, "0fae38".decode('hex'), Decode32Bits)[0]) yyy(xxx("mov eax, [ebp*4]")) distorm-3.4.1/examples/tests/test_distorm3.py000066400000000000000000002134751340425302400213460ustar00rootroot00000000000000# # Gil Dabah 2006, http://ragestorm.net/distorm # Tests for diStorm3 # import os import distorm3 from distorm3 import * import struct import unittest import random REG_NONE = 255 _REGISTERS = ["RAX", "RCX", "RDX", "RBX", "RSP", "RBP", "RSI", "RDI", "R8", "R9", "R10", "R11", "R12", "R13", "R14", "R15", "EAX", "ECX", "EDX", "EBX", "ESP", "EBP", "ESI", "EDI", "R8D", "R9D", "R10D", "R11D", "R12D", "R13D", "R14D", "R15D", "AX", "CX", "DX", "BX", "SP", "BP", "SI", "DI", "R8W", "R9W", "R10W", "R11W", "R12W", "R13W", "R14W", "R15W", "AL", "CL", "DL", "BL", "AH", "CH", "DH", "BH", "R8B", "R9B", "R10B", "R11B", "R12B", "R13B", "R14B", "R15B", "SPL", "BPL", "SIL", "DIL", "ES", "CS", "SS", "DS", "FS", "GS", "RIP", "ST0", "ST1", "ST2", "ST3", "ST4", "ST5", "ST6", "ST7", "MM0", "MM1", "MM2", "MM3", "MM4", "MM5", "MM6", "MM7", "XMM0", "XMM1", "XMM2", "XMM3", "XMM4", "XMM5", "XMM6", "XMM7", "XMM8", "XMM9", "XMM10", "XMM11", "XMM12", "XMM13", "XMM14", "XMM15", "YMM0", "YMM1", "YMM2", "YMM3", "YMM4", "YMM5", "YMM6", "YMM7", "YMM8", "YMM9", "YMM10", "YMM11", "YMM12", "YMM13", "YMM14", "YMM15", "CR0", "", "CR2", "CR3", "CR4", "", "", "", "CR8", "DR0", "DR1", "DR2", "DR3", "", "", "DR6", "DR7"] class Registers(object): def __init__(self): for i in enumerate(_REGISTERS): if len(i[1]): setattr(self, i[1], i[0]) Regs = Registers() fbin = [] def Assemble(text, mode): lines = text.replace("\n", "\r\n") if mode is None: mode = 32 lines = ("bits %d\r\n" % mode) + lines open("1.asm", "wb").write(lines.encode()) if mode == 64: mode = "amd64" else: mode = "x86" os.system("c:\\yasm -m%s 1.asm" % mode) s = open("1", "rb").read() #if (not isinstance(s, str)): return s class Test(unittest.TestCase): def __init__(self): unittest.TestCase.__init__(self, "test_dummy") def test_dummy(self): self.fail("dummy") class InstBin(Test): def __init__(self, bin, mode): Test.__init__(self) try: bin = bin.decode("hex") except: bin = bytes.fromhex(bin) #fbin[mode].write(bin) self.insts = Decompose(0, bin, mode) self.inst = self.insts[0] def check_valid(self, instsNo = 1): self.assertNotEqual(self.inst.rawFlags, 65535) self.assertEqual(len(self.insts), instsNo) def check_invalid(self): self.assertEqual(self.inst.rawFlags, 65535) def check_mnemonic(self, mnemonic, instNo = 0): self.assertNotEqual(self.inst.rawFlags, 65535) self.assertEqual(self.insts[instNo].mnemonic, mnemonic) class Inst(Test): def __init__(self, instText, mode, instNo, features): Test.__init__(self) modeSize = [16, 32, 64][mode] bin = Assemble(instText, modeSize) #print map(lambda x: hex(ord(x)), bin) #fbin[mode].write(bin) self.insts = Decompose(0, bin, mode) self.inst = self.insts[instNo] def check_mnemonic(self, mnemonic): self.assertEqual(self.inst.mnemonic, mnemonic) def check_imm(self, n, val, sz): self.assertEqual(self.inst.operands[n].type, distorm3.OPERAND_IMMEDIATE) self.assertEqual(self.inst.operands[n].size, sz) self.assertEqual(self.inst.operands[n].value, val) def check_reg(self, n, idx, sz): self.assertEqual(self.inst.operands[n].type, distorm3.OPERAND_REGISTER) self.assertEqual(self.inst.operands[n].size, sz) self.assertEqual(self.inst.operands[n].index, idx) def check_pc(self, val, sz): self.assertEqual(self.inst.operands[0].type, distorm3.OPERAND_IMMEDIATE) self.assertEqual(self.inst.operands[0].size, sz) self.assertEqual(self.inst.operands[0].value, val) def check_disp(self, n, val, dispSize, derefSize): self.assertEqual(self.inst.operands[n].type, distorm3.OPERAND_MEMORY) self.assertEqual(self.inst.operands[n].dispSize, dispSize) self.assertEqual(self.inst.operands[n].size, derefSize) self.assertEqual(self.inst.operands[n].disp, val) def check_abs_disp(self, n, val, dispSize, derefSize): self.assertEqual(self.inst.operands[n].type, distorm3.OPERAND_ABSOLUTE_ADDRESS) self.assertEqual(self.inst.operands[n].dispSize, dispSize) self.assertEqual(self.inst.operands[n].size, derefSize) self.assertEqual(self.inst.operands[n].disp, val) def check_simple_deref(self, n, idx, derefSize): """ Checks whether a (simple) memory dereference type is used, size of deref is in ops.size. Displacement is ignored in this check. """ self.assertEqual(self.inst.operands[n].type, distorm3.OPERAND_MEMORY) self.assertEqual(self.inst.operands[n].size, derefSize) self.assertEqual(self.inst.operands[n].index, idx) def check_deref(self, n, idx, base, derefSize): """ Checks whether a memory dereference type is used, size of deref is in ops.size. Base registers is in inst.base. Displacement is ignored in this check. """ self.assertEqual(self.inst.operands[n].type, distorm3.OPERAND_MEMORY) self.assertEqual(self.inst.operands[n].size, derefSize) self.assertEqual(self.inst.operands[n].index, idx) self.assertEqual(self.inst.operands[n].base, base) def check_type_size(self, n, t, sz): self.assertEqual(self.inst.operands[n].type, t) self.assertEqual(self.inst.operands[n].size, sz) def check_addr_size(self, sz): self.assertEqual({0: 16, 1: 32, 2: 64}[(self.inst.rawFlags >> 10) & 3], sz) def I16(instText, instNo = 0, features = 0): return Inst(instText, Decode16Bits, instNo, features) def I32(instText, features = 0): return Inst(instText, Decode32Bits, 0, features) def IB32(bin): return InstBin(bin, Decode32Bits) def I64(instText, features = 0): return Inst(instText, Decode64Bits, 0, features) def IB64(bin): return InstBin(bin, Decode64Bits) def ABS64(x): return x #return struct.unpack("q", struct.pack("Q", x))[0] class TestMode16(unittest.TestCase): Derefs = ["BX + SI", "BX + DI", "BP + SI", "BP + DI", "SI", "DI", "BP", "BX"] DerefsInfo = [(Regs.BX, Regs.SI), (Regs.BX, Regs.DI), (Regs.BP, Regs.SI), (Regs.BP, Regs.DI), (Regs.SI,), (Regs.DI,), (Regs.BP,), (Regs.BX,)] def test_none(self): self.failIf(len(I16("cbw").inst.operands) > 0) def test_imm8(self): I16("int 0x55").check_imm(0, 0x55, 8) def test_imm16(self): I16("ret 0x1122").check_imm(0, 0x1122, 16) def test_imm_full(self): I16("push 0x1234").check_imm(0, 0x1234, 16) def test_imm_aadm(self): I16("aam").check_imm(0, 0xa, 8) I16("aam 0x15").check_imm(0, 0x15, 8) I16("aad").check_imm(0, 0xa, 8) I16("aad 0x51").check_imm(0, 0x51, 8) def test_seimm(self): I16("push 5").check_imm(0, 0x5, 8) a = I16("push -6") self.assertEqual(a.inst.size, 2) a.check_type_size(0, distorm3.OPERAND_IMMEDIATE, 8) self.failIf(ABS64(a.inst.operands[0].value) != -6) a = I16("db 0x66\n push -5") self.assertEqual(a.inst.size, 3) a.check_type_size(0, distorm3.OPERAND_IMMEDIATE, 32) self.failIf(ABS64(a.inst.operands[0].value) != -5) def test_imm16_1_imm8_2(self): a = I16("enter 0x1234, 0x40") a.check_imm(0, 0x1234, 16) a.check_imm(1, 0x40, 8) def test_imm8_1_imm8_2(self): a = I16("extrq xmm0, 0x55, 0xff") a.check_imm(1, 0x55, 8) a.check_imm(2, 0xff, 8) def test_reg8(self): I16("inc dh").check_reg(0, Regs.DH, 8) def test_reg16(self): I16("arpl ax, bp").check_reg(1, Regs.BP, 16) def test_reg_full(self): I16("dec di").check_reg(0, Regs.DI, 16) def test_reg32(self): I16("movmskps ebx, xmm6").check_reg(0, Regs.EBX, 32) def test_reg32_64(self): I16("cvttsd2si esp, xmm3").check_reg(0, Regs.ESP, 32) def test_freg32_64_rm(self): I16("mov cr0, eax").check_reg(1, Regs.EAX, 32) def test_rm8(self): I16("seto dh").check_reg(0, Regs.DH, 8) def test_rm16(self): I16("str di").check_reg(0, Regs.DI, 16) def test_rm_full(self): I16("push bp").check_reg(0, Regs.BP, 16) def test_rm32_64(self): I16("movd xmm0, ebx").check_reg(1, Regs.EBX, 32) def test_fpum16(self): I16("fiadd word [bx]").check_simple_deref(0, Regs.BX, 16) def test_fpum32(self): I16("fisttp dword [si]").check_simple_deref(0, Regs.SI, 32) def test_fpum64(self): I16("fadd qword [esp]").check_simple_deref(0, Regs.ESP, 64) def test_fpum80(self): I16("fbld [eax]").check_simple_deref(0, Regs.EAX, 80) def test_r32_m8(self): I16("pinsrb xmm4, eax, 0x55").check_reg(1, Regs.EAX, 32) I16("pinsrb xmm4, [bx], 0x55").check_simple_deref(1, Regs.BX, 8) def test_r32_m16(self): I16("pinsrw xmm4, edi, 0x55").check_reg(1, Regs.EDI, 32) I16("pinsrw xmm1, word [si], 0x55").check_simple_deref(1, Regs.SI, 16) def test_r32_64_m8(self): I16("pextrb eax, xmm4, 0xaa").check_reg(0, Regs.EAX, 32) I16("pextrb [bx], xmm2, 0xaa").check_simple_deref(0, Regs.BX, 8) def test_r32_64_m16(self): I16("pextrw esp, xmm7, 0x11").check_reg(0, Regs.ESP, 32) I16("pextrw [bp], xmm0, 0xbb").check_simple_deref(0, Regs.BP, 16) def test_rfull_m16(self): I16("smsw ax").check_reg(0, Regs.AX, 16) I16("smsw [bx]").check_simple_deref(0, Regs.BX, 16) def test_creg(self): I16("mov esp, cr3").check_reg(1, Regs.CR3, 32) #I16("mov esp, cr8").check_reg(1, Regs.CR8, 32) def test_dreg(self): I16("mov edi, dr7").check_reg(1, Regs.DR7, 32) def test_sreg(self): I16("mov ax, ds").check_reg(1, Regs.DS, 16) def test_seg(self): I16("push fs").check_reg(0, Regs.FS, 16) I16("db 0x66\n push es").check_reg(0, Regs.ES, 16) def test_acc8(self): I16("in al, 0x60").check_reg(0, Regs.AL, 8) def test_acc_full(self): I16("add ax, 0x100").check_reg(0, Regs.AX, 16) def test_acc_full_not64(self): I16("out 0x64, ax").check_reg(1, Regs.AX, 16) def test_mem16_full(self): I16("call far [bp]").check_simple_deref(0, Regs.BP, 16) def test_ptr16_full(self): a = I16("jmp 0xffff:0x1234").inst self.assertEqual(a.size, 5) self.assertEqual(a.operands[0].type, distorm3.OPERAND_FAR_MEMORY) self.assertEqual(a.operands[0].size, 16) self.assertEqual(a.operands[0].seg, 0xffff) self.assertEqual(a.operands[0].off, 0x1234) def test_mem16_3264(self): I16("sgdt [bx]").check_simple_deref(0, Regs.BX, 32) def test_relcb(self): a = I16("db 0xe9\ndw 0x00") a.check_pc(3, 16) a = I16("db 0xe2\ndb 0x50") a.check_pc(0x52, 8) a = I16("db 0xe2\ndb 0xfd") a.check_pc(-1, 8) a = I16("db 0x67\ndb 0xe2\ndb 0xf0") a.check_pc(-0xd, 8) def test_relc_full(self): a = I16("jmp 0x100") self.assertEqual(a.inst.size, 3) a.check_type_size(0, distorm3.OPERAND_IMMEDIATE, 16) def test_mem(self): I16("lea ax, [bx]").check_simple_deref(1, Regs.BX, 0) def test_mem32(self): I16("movntss [ebx], xmm5").check_simple_deref(0, Regs.EBX, 32) def test_mem32_64(self): I16("movnti [ebx], eax").check_simple_deref(0, Regs.EBX, 32) def test_mem64(self): I16("movlps [edi], xmm7").check_simple_deref(0, Regs.EDI, 64) def test_mem128(self): I16("movntps [eax], xmm3").check_simple_deref(0, Regs.EAX, 128) def test_mem64_128(self): I16("cmpxchg8b [edx]").check_simple_deref(0, Regs.EDX, 64) def test_moffs8(self): I16("mov al, [0x1234]").check_abs_disp(1, 0x1234, 16, 8) I16("mov [dword 0x11112222], al").check_abs_disp(0, 0x11112222, 32, 8) def test_moff_full(self): I16("mov [0x8765], ax").check_abs_disp(0, 0x8765, 16, 16) I16("mov ax, [dword 0x11112222]").check_abs_disp(1, 0x11112222, 32, 16) def test_const1(self): I16("shl si, 1").check_imm(1, 1, 8) def test_regcl(self): I16("rcl bp, cl").check_reg(1, Regs.CL, 8) def test_ib_rb(self): I16("mov dl, 0x88").check_reg(0, Regs.DL, 8) def test_ib_r_dw_qw(self): I16("bswap ecx").check_reg(0, Regs.ECX, 32) def test_ib_r_full(self): I16("inc si").check_reg(0, Regs.SI, 16) def test_regi_esi(self): I16("lodsb").check_simple_deref(1, Regs.SI, 8) I16("cmpsw").check_simple_deref(0, Regs.SI, 16) I16("lodsd").check_simple_deref(1, Regs.SI, 32) def test_regi_edi(self): I16("movsb").check_simple_deref(0, Regs.DI, 8) I16("scasw").check_simple_deref(0, Regs.DI, 16) I16("stosd").check_simple_deref(0, Regs.DI, 32) def test_regi_ebxal(self): a = I16("xlatb") a.check_type_size(0, distorm3.OPERAND_MEMORY, 8) self.failIf(a.inst.operands[0].index != Regs.AL) self.failIf(a.inst.operands[0].base != Regs.BX) def test_regi_eax(self): I16("vmrun [ax]").check_simple_deref(0, Regs.AX, 16) def test_regdx(self): I16("in ax, dx").check_reg(1, Regs.DX, 16) def test_regecx(self): I16("invlpga [eax], ecx").check_reg(1, Regs.ECX, 32) def test_fpu_si(self): I16("fxch st4").check_reg(0, Regs.ST4, 32) def test_fpu_ssi(self): a = I16("fcmovnbe st0, st3") a.check_reg(0, Regs.ST0, 32) a.check_reg(1, Regs.ST3, 32) def test_fpu_sis(self): a = I16("fadd st3, st0") a.check_reg(0, Regs.ST3, 32) a.check_reg(1, Regs.ST0, 32) def test_mm(self): I16("pand mm0, mm7").check_reg(0, Regs.MM0, 64) def test_mm_rm(self): I16("psllw mm0, 0x55").check_reg(0, Regs.MM0, 64) def test_mm32(self): I16("punpcklbw mm1, [si]").check_simple_deref(1, Regs.SI, 32) def test_mm64(self): I16("packsswb mm3, [bx]").check_simple_deref(1, Regs.BX, 64) def test_xmm(self): I16("orps xmm5, xmm4").check_reg(0, Regs.XMM5, 128) def test_xmm_rm(self): I16("psrlw xmm6, 0x12").check_reg(0, Regs.XMM6, 128) def test_xmm16(self): I16("pmovsxbq xmm3, [bp]").check_simple_deref(1, Regs.BP, 16) def test_xmm32(self): I16("pmovsxwq xmm5, [di]").check_simple_deref(1, Regs.DI, 32) def test_xmm64(self): I16("roundsd xmm6, [si], 0x55").check_simple_deref(1, Regs.SI, 64) def test_xmm128(self): I16("roundpd xmm7, [bx], 0xaa").check_simple_deref(1, Regs.BX, 128) def test_regxmm0(self): I16("blendvpd xmm1, xmm3, xmm0").check_reg(2, Regs.XMM0, 128) def test_disp_only(self): a = I16("add [0x1234], bx") a.check_type_size(0, distorm3.OPERAND_ABSOLUTE_ADDRESS, 16) self.failIf(a.inst.operands[0].dispSize != 16) self.failIf(a.inst.operands[0].disp != 0x1234) def test_modrm(self): texts = ["ADD [%s], AX" % i for i in self.Derefs] for i in enumerate(texts): a = I16(i[1]) if len(self.DerefsInfo[i[0]]) == 2: a.check_deref(0, self.DerefsInfo[i[0]][1], self.DerefsInfo[i[0]][0], 16) else: a.check_simple_deref(0, self.DerefsInfo[i[0]][0], 16) def test_modrm_disp8(self): texts = ["ADD [%s + 0x55], AX" % i for i in self.Derefs] for i in enumerate(texts): a = I16(i[1]) if len(self.DerefsInfo[i[0]]) == 2: a.check_deref(0, self.DerefsInfo[i[0]][1], self.DerefsInfo[i[0]][0], 16) else: a.check_simple_deref(0, self.DerefsInfo[i[0]][0], 16) self.failIf(a.inst.operands[0].dispSize != 8) self.failIf(a.inst.operands[0].disp != 0x55) def test_modrm_disp16(self): texts = ["ADD [%s + 0x3322], AX" % i for i in self.Derefs] for i in enumerate(texts): a = I16(i[1]) if len(self.DerefsInfo[i[0]]) == 2: a.check_deref(0, self.DerefsInfo[i[0]][1], self.DerefsInfo[i[0]][0], 16) else: a.check_simple_deref(0, self.DerefsInfo[i[0]][0], 16) self.failIf(a.inst.operands[0].dispSize != 16) self.failIf(a.inst.operands[0].disp != 0x3322) class TestMode32(unittest.TestCase): Derefs = ["EAX", "ECX", "EDX", "EBX", "EBP", "ESI", "EDI"] DerefsInfo = [Regs.EAX, Regs.ECX, Regs.EDX, Regs.EBX, Regs.EBP, Regs.ESI, Regs.EDI] def test_none(self): self.failIf(len(I32("cdq").inst.operands) > 0) def test_imm8(self): I32("int 0x55").check_imm(0, 0x55, 8) def test_imm16(self): I32("ret 0x1122").check_imm(0, 0x1122, 16) def test_imm_full(self): I32("push 0x12345678").check_imm(0, 0x12345678, 32) def test_imm_aadm(self): I32("aam").check_imm(0, 0xa, 8) I32("aam 0x15").check_imm(0, 0x15, 8) I32("aad").check_imm(0, 0xa, 8) I32("aad 0x51").check_imm(0, 0x51, 8) def test_seimm(self): I32("push 6").check_imm(0, 0x6, 8) a = I32("push -7") self.assertEqual(a.inst.size, 2) a.check_type_size(0, distorm3.OPERAND_IMMEDIATE, 8) self.failIf(ABS64(a.inst.operands[0].value) != -7) a = I32("db 0x66\n push -5") self.assertEqual(a.inst.size, 3) a.check_type_size(0, distorm3.OPERAND_IMMEDIATE, 16) self.failIf(ABS64(a.inst.operands[0].value) != -5) def test_imm16_1_imm8_2(self): a = I32("enter 0x1234, 0x40") a.check_imm(0, 0x1234, 16) a.check_imm(1, 0x40, 8) def test_imm8_1_imm8_2(self): a = I32("extrq xmm0, 0x55, 0xff") a.check_imm(1, 0x55, 8) a.check_imm(2, 0xff, 8) def test_reg8(self): I32("inc dh").check_reg(0, Regs.DH, 8) def test_reg16(self): I32("arpl ax, bp").check_reg(1, Regs.BP, 16) def test_reg_full(self): I32("dec edi").check_reg(0, Regs.EDI, 32) def test_reg32(self): I32("movmskps ebx, xmm6").check_reg(0, Regs.EBX, 32) def test_reg32_64(self): I32("cvttsd2si esp, xmm3").check_reg(0, Regs.ESP, 32) def test_freg32_64_rm(self): I32("mov cr0, eax").check_reg(1, Regs.EAX, 32) def test_rm8(self): I32("seto dh").check_reg(0, Regs.DH, 8) def test_rm16(self): I32("verr di").check_reg(0, Regs.DI, 16) def test_rm_full(self): I32("push ebp").check_reg(0, Regs.EBP, 32) def test_rm32_64(self): I32("movd xmm0, ebx").check_reg(1, Regs.EBX, 32) def test_fpum16(self): I32("fiadd word [ebx]").check_simple_deref(0, Regs.EBX, 16) def test_fpum32(self): I32("fisttp dword [esi]").check_simple_deref(0, Regs.ESI, 32) def test_fpum64(self): I32("fadd qword [esp]").check_simple_deref(0, Regs.ESP, 64) def test_fpum80(self): I32("fbld [eax]").check_simple_deref(0, Regs.EAX, 80) def test_r32_m8(self): I32("pinsrb xmm4, eax, 0x55").check_reg(1, Regs.EAX, 32) I32("pinsrb xmm4, [ebx], 0x55").check_simple_deref(1, Regs.EBX, 8) def test_r32_m16(self): I32("pinsrw xmm4, edi, 0x55").check_reg(1, Regs.EDI, 32) I32("pinsrw xmm1, word [esi], 0x55").check_simple_deref(1, Regs.ESI, 16) def test_r32_64_m8(self): I32("pextrb eax, xmm4, 0xaa").check_reg(0, Regs.EAX, 32) I32("pextrb [ebx], xmm2, 0xaa").check_simple_deref(0, Regs.EBX, 8) def test_r32_64_m16(self): I32("pextrw esp, xmm7, 0x11").check_reg(0, Regs.ESP, 32) I32("pextrw [ebp], xmm0, 0xbb").check_simple_deref(0, Regs.EBP, 16) def test_rfull_m16(self): I32("smsw eax").check_reg(0, Regs.EAX, 32) I32("smsw [ebx]").check_simple_deref(0, Regs.EBX, 16) def test_creg(self): I32("mov esp, cr3").check_reg(1, Regs.CR3, 32) def test_dreg(self): I32("mov edi, dr7").check_reg(1, Regs.DR7, 32) def test_sreg(self): I32("mov ax, ds").check_reg(1, Regs.DS, 16) def test_seg(self): I32("push ss").check_reg(0, Regs.SS, 16) I32("db 0x66\n push ds").check_reg(0, Regs.DS, 16) def test_acc8(self): I32("in al, 0x60").check_reg(0, Regs.AL, 8) def test_acc_full(self): I32("add eax, 0x100").check_reg(0, Regs.EAX, 32) def test_acc_full_not64(self): I32("out 0x64, eax").check_reg(1, Regs.EAX, 32) def test_mem16_full(self): I32("call far [ebp]").check_simple_deref(0, Regs.EBP, 32) def test_ptr16_full(self): a = I32("jmp 0xffff:0x12345678").inst self.assertEqual(a.size, 7) self.assertEqual(a.operands[0].type, distorm3.OPERAND_FAR_MEMORY) self.assertEqual(a.operands[0].size, 32) self.assertEqual(a.operands[0].seg, 0xffff) self.assertEqual(a.operands[0].off, 0x12345678) def test_mem16_3264(self): I32("sgdt [ebx]").check_simple_deref(0, Regs.EBX, 32) def test_relcb(self): a = I32("db 0xe9\ndd 0x00") a.check_pc(5, 32) a = I32("db 0xe2\ndb 0x50") a.check_pc(0x52, 8) a = I32("db 0xe2\ndb 0xfd") a.check_pc(-1, 8) a = I32("db 0x67\ndb 0xe2\ndb 0xf0") a.check_pc(-0xd, 8) def test_relc_full(self): a = I32("jmp 0x100") self.assertEqual(a.inst.size, 5) a.check_type_size(0, distorm3.OPERAND_IMMEDIATE, 32) def test_mem(self): I32("lea ax, [ebx]").check_simple_deref(1, Regs.EBX, 0) def test_mem32(self): I32("movntss [ebx], xmm5").check_simple_deref(0, Regs.EBX, 32) def test_mem32_64(self): I32("movnti [edi], eax").check_simple_deref(0, Regs.EDI, 32) def test_mem64(self): I32("movlps [edi], xmm7").check_simple_deref(0, Regs.EDI, 64) def test_mem128(self): I32("movntps [eax], xmm3").check_simple_deref(0, Regs.EAX, 128) def test_mem64_128(self): I32("cmpxchg8b [edx]").check_simple_deref(0, Regs.EDX, 64) def test_moffs8(self): I32("mov al, [word 0x5678]").check_abs_disp(1, 0x5678, 16, 8) I32("mov [0x11112222], al").check_abs_disp(0, 0x11112222, 32, 8) def test_moff_full(self): I32("mov [word 0x4321], eax").check_abs_disp(0, 0x4321, 16, 32) I32("mov eax, [0x11112222]").check_abs_disp(1, 0x11112222, 32, 32) def test_const1(self): I32("shl esi, 1").check_imm(1, 1, 8) def test_regcl(self): I32("rcl ebp, cl").check_reg(1, Regs.CL, 8) def test_ib_rb(self): I32("mov dl, 0x88").check_reg(0, Regs.DL, 8) def test_ib_r_dw_qw(self): I32("bswap ecx").check_reg(0, Regs.ECX, 32) def test_ib_r_full(self): I32("inc esi").check_reg(0, Regs.ESI, 32) def test_regi_esi(self): I32("lodsb").check_simple_deref(1, Regs.ESI, 8) I32("cmpsw").check_simple_deref(0, Regs.ESI, 16) I32("lodsd").check_simple_deref(1, Regs.ESI, 32) def test_regi_edi(self): I32("movsb").check_simple_deref(0, Regs.EDI, 8) I32("scasw").check_simple_deref(0, Regs.EDI, 16) I32("stosd").check_simple_deref(0, Regs.EDI, 32) def test_regi_ebxal(self): a = I32("xlatb") a.check_type_size(0, distorm3.OPERAND_MEMORY, 8) self.failIf(a.inst.operands[0].index != Regs.AL) self.failIf(a.inst.operands[0].base != Regs.EBX) def test_regi_eax(self): I32("vmrun [eax]").check_simple_deref(0, Regs.EAX, 32) def test_regdx(self): I32("in eax, dx").check_reg(1, Regs.DX, 16) def test_regecx(self): I32("invlpga [eax], ecx").check_reg(1, Regs.ECX, 32) def test_fpu_si(self): I32("fxch st4").check_reg(0, Regs.ST4, 32) def test_fpu_ssi(self): a = I32("fcmovnbe st0, st3") a.check_reg(0, Regs.ST0, 32) a.check_reg(1, Regs.ST3, 32) def test_fpu_sis(self): a = I32("fadd st3, st0") a.check_reg(0, Regs.ST3, 32) a.check_reg(1, Regs.ST0, 32) def test_mm(self): I32("pand mm0, mm7").check_reg(0, Regs.MM0, 64) def test_mm_rm(self): I32("psllw mm0, 0x55").check_reg(0, Regs.MM0, 64) def test_mm32(self): I32("punpcklbw mm1, [esi]").check_simple_deref(1, Regs.ESI, 32) def test_mm64(self): I32("packsswb mm3, [ebx]").check_simple_deref(1, Regs.EBX, 64) def test_xmm(self): I32("orps xmm5, xmm4").check_reg(0, Regs.XMM5, 128) def test_xmm_rm(self): I32("psrlw xmm6, 0x12").check_reg(0, Regs.XMM6, 128) def test_xmm16(self): I32("pmovsxbq xmm3, [ebp]").check_simple_deref(1, Regs.EBP, 16) def test_xmm32(self): I32("pmovsxwq xmm5, [edi]").check_simple_deref(1, Regs.EDI, 32) def test_xmm64(self): I32("roundsd xmm6, [esi], 0x55").check_simple_deref(1, Regs.ESI, 64) def test_xmm128(self): I32("roundpd xmm7, [ebx], 0xaa").check_simple_deref(1, Regs.EBX, 128) def test_regxmm0(self): I32("blendvpd xmm1, xmm3, xmm0").check_reg(2, Regs.XMM0, 128) def test_cr8(self): I32("db 0xf0\n mov cr0, eax").check_reg(0, Regs.CR8, 32) def test_disp_only(self): a = I32("add [0x12345678], ebx") a.check_type_size(0, distorm3.OPERAND_ABSOLUTE_ADDRESS, 32) self.failIf(a.inst.operands[0].dispSize != 32) self.failIf(a.inst.operands[0].disp != 0x12345678) def test_modrm(self): texts = ["ADD [%s], EDI" % i for i in self.Derefs] for i in enumerate(texts): a = I32(i[1]) a.check_simple_deref(0, self.DerefsInfo[i[0]], 32) def test_modrm_disp8(self): texts = ["ADD [%s + 0x55], ESI" % i for i in self.Derefs] for i in enumerate(texts): a = I32(i[1]) a.check_simple_deref(0, self.DerefsInfo[i[0]], 32) self.failIf(a.inst.operands[0].dispSize != 8) self.failIf(a.inst.operands[0].disp != 0x55) def test_modrm_disp32(self): texts = ["ADD [%s + 0x33221144], EDX" % i for i in self.Derefs] for i in enumerate(texts): a = I32(i[1]) a.check_simple_deref(0, self.DerefsInfo[i[0]], 32) self.failIf(a.inst.operands[0].dispSize != 32) self.failIf(a.inst.operands[0].disp != 0x33221144) def test_base_ebp(self): a = I32("mov [ebp+0x55], eax") a.check_simple_deref(0, Regs.EBP, 32) self.failIf(a.inst.operands[0].dispSize != 8) self.failIf(a.inst.operands[0].disp != 0x55) a = I32("mov [ebp+0x55+eax], eax") a.check_deref(0, Regs.EAX, Regs.EBP, 32) self.failIf(a.inst.operands[0].dispSize != 8) self.failIf(a.inst.operands[0].disp != 0x55) a = I32("mov [ebp+0x55443322], eax") a.check_simple_deref(0, Regs.EBP, 32) self.failIf(a.inst.operands[0].dispSize != 32) self.failIf(a.inst.operands[0].disp != 0x55443322) Bases = ["EAX", "ECX", "EDX", "EBX", "ESP", "ESI", "EDI"] BasesInfo = [Regs.EAX, Regs.ECX, Regs.EDX, Regs.EBX, Regs.ESP, Regs.ESI, Regs.EDI] Indices = ["EAX", "ECX", "EDX", "EBX", "EBP", "ESI", "EDI"] IndicesInfo = [Regs.EAX, Regs.ECX, Regs.EDX, Regs.EBX, Regs.EBP, Regs.ESI, Regs.EDI] def test_bases(self): for i in enumerate(self.Bases): a = I32("cmp ebp, [%s]" % (i[1])) a.check_simple_deref(1, self.BasesInfo[i[0]], 32) def test_bases_disp32(self): for i in enumerate(self.Bases): a = I32("cmp ebp, [%s+0x12345678]" % (i[1])) a.check_simple_deref(1, self.BasesInfo[i[0]], 32) self.failIf(a.inst.operands[1].dispSize != 32) self.failIf(a.inst.operands[1].disp != 0x12345678) def test_scales(self): for i in enumerate(self.Indices): # A scale of 2 causes the scale to be omitted and changed from reg*2 to reg+reg. for s in [4, 8]: a = I32("and bp, [%s*%d]" % (i[1], s)) a.check_deref(1, self.IndicesInfo[i[0]], None, 16) self.failIf(a.inst.operands[1].scale != s) def test_sib(self): for i in enumerate(self.Indices): for j in enumerate(self.Bases): for s in [1, 2, 4, 8]: a = I32("or bp, [%s*%d + %s]" % (i[1], s, j[1])) a.check_deref(1, self.IndicesInfo[i[0]], self.BasesInfo[j[0]], 16) if s != 1: self.failIf(a.inst.operands[1].scale != s) def test_sib_disp8(self): for i in enumerate(self.Indices): for j in enumerate(self.Bases): for s in [1, 2, 4, 8]: a = I32("xor al, [%s*%d + %s + 0x55]" % (i[1], s, j[1])) a.check_deref(1, self.IndicesInfo[i[0]], self.BasesInfo[j[0]], 8) self.failIf(a.inst.operands[1].dispSize != 8) self.failIf(a.inst.operands[1].disp != 0x55) if s != 1: self.failIf(a.inst.operands[1].scale != s) def test_sib_disp32(self): for i in enumerate(self.Indices): for j in enumerate(self.Bases): for s in [1, 2, 4, 8]: a = I32("sub ebp, [%s*%d + %s + 0x55aabbcc]" % (i[1], s, j[1])) a.check_deref(1, self.IndicesInfo[i[0]], self.BasesInfo[j[0]], 32) self.failIf(a.inst.operands[1].dispSize != 32) self.failIf(a.inst.operands[1].disp != 0x55aabbcc) if s != 1: self.failIf(a.inst.operands[1].scale != s) class TestMode64(unittest.TestCase): Derefs = ["RAX", "RCX", "RDX", "RBX", "RBP", "RSI", "RDI"] DerefsInfo = [Regs.RAX, Regs.RCX, Regs.RDX, Regs.RBX, Regs.RBP, Regs.RSI, Regs.RDI] def test_none(self): self.failIf(len(I64("cdq").inst.operands) > 0) def test_imm8(self): I64("int 0x55").check_imm(0, 0x55, 8) def test_imm16(self): I64("ret 0x1122").check_imm(0, 0x1122, 16) def test_imm_full(self): I64("push 0x12345678").check_imm(0, 0x12345678, 32) I64("mov rax, 0x1234567812345678").check_imm(1, 0x1234567812345678, 64) def test_imm_aadm(self): #I64("aam").check_imm(0, 0xa, 8) #I64("aam 0x15").check_imm(0, 0x15, 8) #I64("aad").check_imm(0, 0xa, 8) #I64("aad 0x51").check_imm(0, 0x51, 8) pass def test_seimm(self): I64("push 6").check_imm(0, 0x6, 8) a = I64("push -7") self.assertEqual(a.inst.size, 2) a.check_type_size(0, distorm3.OPERAND_IMMEDIATE, 8) self.failIf(ABS64(a.inst.operands[0].value) != -7) def test_imm16_1_imm8_2(self): a = I64("enter 0x1234, 0x40") a.check_imm(0, 0x1234, 16) a.check_imm(1, 0x40, 8) def test_imm8_1_imm8_2(self): a = I64("extrq xmm0, 0x55, 0xff") a.check_imm(1, 0x55, 8) a.check_imm(2, 0xff, 8) def test_reg8(self): I64("inc dh").check_reg(0, Regs.DH, 8) def test_reg_full(self): I64("dec rdi").check_reg(0, Regs.RDI, 64) I64("cmp r15, r14").check_reg(0, Regs.R15, 64) I64("cmp r8d, r9d").check_reg(0, Regs.R8D, 32) I64("cmp r9w, r8w").check_reg(0, Regs.R9W, 16) def test_reg32(self): I64("movmskps ebx, xmm6").check_reg(0, Regs.EBX, 32) I64("movmskps r11d, xmm6").check_reg(0, Regs.R11D, 32) def test_reg32_64(self): I64("cvttsd2si rsp, xmm3").check_reg(0, Regs.RSP, 64) I64("cvttsd2si r14, xmm3").check_reg(0, Regs.R14, 64) def test_freg32_64_rm(self): I64("mov cr0, rax").check_reg(1, Regs.RAX, 64) I64("mov cr0, r14").check_reg(1, Regs.R14, 64) def test_rm8(self): I64("seto dh").check_reg(0, Regs.DH, 8) def test_rm16(self): I64("verr di").check_reg(0, Regs.DI, 16) I64("verr r8w").check_reg(0, Regs.R8W, 16) def test_rm_full(self): I64("push rbp").check_reg(0, Regs.RBP, 64) def test_rm32_64(self): I64("movq xmm0, rdx").check_reg(1, Regs.RDX, 64) I64("movq xmm0, r10").check_reg(1, Regs.R10, 64) I64("cvtsi2sd xmm0, rdx").check_reg(1, Regs.RDX, 64) I64("vmread rax, rax").check_reg(1, Regs.RAX, 64) def test_rm16_32(self): I64("movsxd rax, eax").check_reg(1, Regs.EAX, 32) I64("movzx rax, ax").check_reg(1, Regs.AX, 16) def test_fpum16(self): I64("fiadd word [rbx]").check_simple_deref(0, Regs.RBX, 16) def test_fpum32(self): I64("fisttp dword [rsi]").check_simple_deref(0, Regs.RSI, 32) def test_fpum64(self): I64("fadd qword [rsp]").check_simple_deref(0, Regs.RSP, 64) def test_fpum80(self): I64("fbld [rax]").check_simple_deref(0, Regs.RAX, 80) def test_r32_m8(self): I64("pinsrb xmm4, eax, 0x55").check_reg(1, Regs.EAX, 32) I64("pinsrb xmm4, [rbx], 0x55").check_simple_deref(1, Regs.RBX, 8) def test_r32_m16(self): I64("pinsrw xmm4, edi, 0x55").check_reg(1, Regs.EDI, 32) I64("pinsrw xmm1, word [rsi], 0x55").check_simple_deref(1, Regs.RSI, 16) I64("pinsrw xmm1, r8d, 0x55").check_reg(1, Regs.R8D, 32) def test_r32_64_m8(self): I64("pextrb eax, xmm4, 0xaa").check_reg(0, Regs.EAX, 32) I64("pextrb [rbx], xmm2, 0xaa").check_simple_deref(0, Regs.RBX, 8) def test_r32_64_m16(self): I64("pextrw esp, xmm7, 0x11").check_reg(0, Regs.ESP, 32) I64("pextrw [rbp], xmm0, 0xbb").check_simple_deref(0, Regs.RBP, 16) def test_rfull_m16(self): I64("smsw eax").check_reg(0, Regs.EAX, 32) I64("smsw [rbx]").check_simple_deref(0, Regs.RBX, 16) def test_creg(self): I64("mov rsp, cr3").check_reg(1, Regs.CR3, 64) I64("mov cr8, rdx").check_reg(0, Regs.CR8, 64) def test_dreg(self): I64("mov rdi, dr7").check_reg(1, Regs.DR7, 64) def test_sreg(self): I64("mov ax, fs").check_reg(1, Regs.FS, 16) def test_seg(self): I64("push gs").check_reg(0, Regs.GS, 16) def test_acc8(self): I64("in al, 0x60").check_reg(0, Regs.AL, 8) def test_acc_full(self): I64("add rax, 0x100").check_reg(0, Regs.RAX, 64) def test_acc_full_not64(self): I64("out 0x64, eax").check_reg(1, Regs.EAX, 32) def test_mem16_full(self): I64("call far [rbp]").check_simple_deref(0, Regs.RBP, 32) I64("db 0x48\n call far [rbp]").check_simple_deref(0, Regs.RBP, 64) def test_mem16_3264(self): I64("sgdt [rbx]").check_simple_deref(0, Regs.RBX, 64) def test_relcb(self): a = I64("db 0xe9\ndd 0x00") a.check_pc(5, 32) a = I64("db 0xe2\ndb 0x50") a.check_pc(0x52, 8) a = I64("db 0xe2\ndb 0xfd") a.check_pc(-1, 8) a = I64("db 0x67\ndb 0xe2\ndb 0xf0") a.check_pc(-0xd, 8) def test_relc_full(self): a = I64("jmp 0x100") self.assertEqual(a.inst.size, 5) a.check_type_size(0, distorm3.OPERAND_IMMEDIATE, 32) def test_mem(self): I64("lea ax, [rbx]").check_simple_deref(1, Regs.RBX, 0) def test_mem32(self): I64("movntss [rbx], xmm5").check_simple_deref(0, Regs.RBX, 32) def test_mem32_64(self): I64("movnti [rdi], eax").check_simple_deref(0, Regs.RDI, 32) I64("movnti [rbp], rax").check_simple_deref(0, Regs.RBP, 64) def test_mem64(self): I64("movlps [rdi], xmm7").check_simple_deref(0, Regs.RDI, 64) def test_mem128(self): I64("movntps [rax], xmm3").check_simple_deref(0, Regs.RAX, 128) def test_mem64_128(self): I64("cmpxchg8b [rdx]").check_simple_deref(0, Regs.RDX, 64) I64("cmpxchg16b [rbx]").check_simple_deref(0, Regs.RBX, 128) def test_moffs8(self): I64("mov al, [dword 0x12345678]").check_abs_disp(1, 0x12345678, 32, 8) I64("mov [qword 0xaaaabbbbccccdddd], al").check_abs_disp(0, 0xaaaabbbbccccdddd, 64, 8) def test_moff_full(self): I64("mov [dword 0xaaaabbbb], rax").check_abs_disp(0, 0xffffffffaaaabbbb, 32, 64) I64("mov rax, [qword 0xaaaabbbbccccdddd]").check_abs_disp(1, 0xaaaabbbbccccdddd, 64, 64) def test_const1(self): I64("shl rsi, 1").check_imm(1, 1, 8) def test_regcl(self): I64("rcl rbp, cl").check_reg(1, Regs.CL, 8) def test_ib_rb(self): I64("mov dl, 0x88").check_reg(0, Regs.DL, 8) I64("mov spl, 0x88").check_reg(0, Regs.SPL, 8) I64("mov r10b, 0x88").check_reg(0, Regs.R10B, 8) def test_ib_r_dw_qw(self): I64("bswap rcx").check_reg(0, Regs.RCX, 64) I64("bswap r10").check_reg(0, Regs.R10, 64) I64("push r10").check_reg(0, Regs.R10, 64) def test_ib_r_full(self): I64("inc rsi").check_reg(0, Regs.RSI, 64) I64("inc r9").check_reg(0, Regs.R9, 64) I64("push r10w").check_reg(0, Regs.R10W, 16) I64("xchg r10d, eax").check_reg(0, Regs.R10D, 32) def test_regi_esi(self): I64("lodsb").check_simple_deref(1, Regs.RSI, 8) I64("cmpsw").check_simple_deref(0, Regs.RSI, 16) I64("lodsd").check_simple_deref(1, Regs.RSI, 32) I64("lodsq").check_simple_deref(1, Regs.RSI, 64) def test_regi_edi(self): I64("movsb").check_simple_deref(0, Regs.RDI, 8) I64("scasw").check_simple_deref(0, Regs.RDI, 16) I64("stosd").check_simple_deref(0, Regs.RDI, 32) I64("stosq").check_simple_deref(0, Regs.RDI, 64) def test_regi_ebxal(self): a = I64("xlatb") a.check_type_size(0, distorm3.OPERAND_MEMORY, 8) self.failIf(a.inst.operands[0].index != Regs.AL) self.failIf(a.inst.operands[0].base != Regs.RBX) def test_regi_eax(self): I64("vmrun [rax]").check_simple_deref(0, Regs.RAX, 64) def test_regdx(self): #I64("in eax, dx").check_reg(1, Regs.DX, 16) pass def test_regecx(self): I64("invlpga [rax], ecx").check_reg(1, Regs.ECX, 32) def test_fpu_si(self): I64("fxch st4").check_reg(0, Regs.ST4, 32) def test_fpu_ssi(self): a = I64("fcmovnbe st0, st3") a.check_reg(0, Regs.ST0, 32) a.check_reg(1, Regs.ST3, 32) def test_fpu_sis(self): a = I64("fadd st3, st0") a.check_reg(0, Regs.ST3, 32) a.check_reg(1, Regs.ST0, 32) def test_mm(self): I64("pand mm0, mm7").check_reg(0, Regs.MM0, 64) def test_mm_rm(self): I64("psllw mm0, 0x55").check_reg(0, Regs.MM0, 64) def test_mm32(self): I64("punpcklbw mm1, [rsi]").check_simple_deref(1, Regs.RSI, 32) def test_mm64(self): I64("packsswb mm3, [rbx]").check_simple_deref(1, Regs.RBX, 64) def test_xmm(self): I64("orps xmm5, xmm4").check_reg(0, Regs.XMM5, 128) I64("orps xmm15, xmm4").check_reg(0, Regs.XMM15, 128) def test_xmm_rm(self): I64("psrlw xmm6, 0x12").check_reg(0, Regs.XMM6, 128) I64("psrlw xmm13, 0x12").check_reg(0, Regs.XMM13, 128) def test_xmm16(self): I64("pmovsxbq xmm3, [rbp]").check_simple_deref(1, Regs.RBP, 16) def test_xmm32(self): I64("pmovsxwq xmm5, [rdi]").check_simple_deref(1, Regs.RDI, 32) def test_xmm64(self): I64("roundsd xmm6, [rsi], 0x55").check_simple_deref(1, Regs.RSI, 64) def test_xmm128(self): I64("roundpd xmm7, [rbx], 0xaa").check_simple_deref(1, Regs.RBX, 128) I64("roundpd xmm7, xmm15, 0xaa").check_reg(1, Regs.XMM15, 128) def test_regxmm0(self): I64("blendvpd xmm1, xmm3, xmm0").check_reg(2, Regs.XMM0, 128) def test_disp_only(self): a = I64("add [0x12345678], rbx") a.check_type_size(0, distorm3.OPERAND_ABSOLUTE_ADDRESS, 64) self.failIf(a.inst.operands[0].dispSize != 32) self.failIf(a.inst.operands[0].disp != 0x12345678) def test_modrm(self): texts = ["ADD [%s], RDI" % i for i in self.Derefs] for i in enumerate(texts): a = I64(i[1]) a.check_simple_deref(0, self.DerefsInfo[i[0]], 64) def test_modrm_disp8(self): texts = ["ADD [%s + 0x55], RSI" % i for i in self.Derefs] for i in enumerate(texts): a = I64(i[1]) a.check_simple_deref(0, self.DerefsInfo[i[0]], 64) self.failIf(a.inst.operands[0].dispSize != 8) self.failIf(a.inst.operands[0].disp != 0x55) def test_modrm_disp32(self): texts = ["ADD [%s + 0x33221144], RDX" % i for i in self.Derefs] for i in enumerate(texts): a = I64(i[1]) a.check_simple_deref(0, self.DerefsInfo[i[0]], 64) self.failIf(a.inst.operands[0].dispSize != 32) self.failIf(a.inst.operands[0].disp != 0x33221144) def test_base_rbp(self): a = I64("mov [rbp+0x55], eax") a.check_simple_deref(0, Regs.RBP, 32) self.failIf(a.inst.operands[0].dispSize != 8) self.failIf(a.inst.operands[0].disp != 0x55) a = I64("mov [rbp+0x55443322], eax") a.check_simple_deref(0, Regs.RBP, 32) self.failIf(a.inst.operands[0].dispSize != 32) self.failIf(a.inst.operands[0].disp != 0x55443322) def test_base_rip(self): a = I64("mov [rip+0x12345678], rdx") a.check_simple_deref(0, Regs.RIP, 64) self.failIf(a.inst.operands[0].dispSize != 32) self.failIf(a.inst.operands[0].disp != 0x12345678) def test_reg8_rex(self): I64("mov sil, al").check_reg(0, Regs.SIL, 8) I64("inc bpl").check_reg(0, Regs.BPL, 8) def test_imm64(self): I64("mov rax, 0x1234567890abcdef").check_imm(1, 0x1234567890abcdef, 64) def test_reg64(self): I64("movsxd r10, eax").check_reg(0, Regs.R10, 64) def test_rm16_32(self): #MOVZXD RAX, [RAX] I64("db 0x63\n db 0x00").check_simple_deref(1, Regs.RAX, 32) #MOVZXDW RAX, [RAX] #I64("db 0x66\n db 0x63\n db 0x00").check_simple_deref(1, Regs.RAX, 16) #MOVZXD RAX, EAX I64("db 0x63\n db 0xc0").check_reg(1, Regs.EAX, 32) #MOVZXDW RAX, AX #I64("db 0x66\n db 0x63\n db 0xc0").check_reg(1, Regs.AX, 16) #MOVZXDW RAX, R8W #I64("db 0x66\n db 0x41\n db 0x63\n db 0xc0").check_reg(1, Regs.R8W, 16) Bases = ["RAX", "RCX", "RDX", "RBX", "RSP", "RSI", "RDI", "R8", "R9", "R10", "R11", "R12", "R13", "R14", "R15"] BasesInfo = [Regs.RAX, Regs.RCX, Regs.RDX, Regs.RBX, Regs.RSP, Regs.RSI, Regs.RDI, Regs.R8, Regs.R9, Regs.R10, Regs.R11, Regs.R12, Regs.R13, Regs.R14, Regs.R15] Indices = ["RAX", "RCX", "RDX", "RBX", "RBP", "RSI", "RDI", "R8", "R9", "R10", "R11", "R12", "R13", "R14", "R15"] IndicesInfo = [Regs.RAX, Regs.RCX, Regs.RDX, Regs.RBX, Regs.RBP, Regs.RSI, Regs.RDI, Regs.R8, Regs.R9, Regs.R10, Regs.R11, Regs.R12, Regs.R13, Regs.R14, Regs.R15] def test_bases(self): for i in enumerate(self.Bases): a = I64("cmp rbp, [%s]" % (i[1])) a.check_simple_deref(1, self.BasesInfo[i[0]], 64) def test_bases_disp32(self): for i in enumerate(self.Bases): a = I64("cmp rbp, [%s+0x12345678]" % (i[1])) a.check_simple_deref(1, self.BasesInfo[i[0]], 64) self.failIf(a.inst.operands[1].dispSize != 32) self.failIf(a.inst.operands[1].disp != 0x12345678) def test_scales(self): for i in enumerate(self.Indices): # A scale of 2 causes the scale to be omitted and changed from reg*2 to reg+reg. for s in [4, 8]: a = I64("and rbp, [%s*%d]" % (i[1], s)) a.check_deref(1, self.IndicesInfo[i[0]], None, 64) self.failIf(a.inst.operands[1].scale != s) def test_sib(self): for i in enumerate(self.Indices): for j in enumerate(self.Bases): for s in [1, 2, 4, 8]: a = I64("or rbp, [%s*%d + %s]" % (i[1], s, j[1])) a.check_deref(1, self.IndicesInfo[i[0]], self.BasesInfo[j[0]], 64) if s != 1: self.failIf(a.inst.operands[1].scale != s) def test_sib_disp8(self): for i in enumerate(self.Indices): for j in enumerate(self.Bases): for s in [1, 2, 4, 8]: a = I64("xor al, [%s*%d + %s + 0x55]" % (i[1], s, j[1])) a.check_deref(1, self.IndicesInfo[i[0]], self.BasesInfo[j[0]], 8) self.failIf(a.inst.operands[1].dispSize != 8) self.failIf(a.inst.operands[1].disp != 0x55) if s != 1: self.failIf(a.inst.operands[1].scale != s) def test_sib_disp32(self): for i in enumerate(self.Indices): for j in enumerate(self.Bases): for s in [1, 2, 4, 8]: a = I64("sub rdx, [%s*%d + %s + 0x55aabbcc]" % (i[1], s, j[1])) a.check_deref(1, self.IndicesInfo[i[0]], self.BasesInfo[j[0]], 64) self.failIf(a.inst.operands[1].dispSize != 32) self.failIf(a.inst.operands[1].disp != 0x55aabbcc) if s != 1: self.failIf(a.inst.operands[1].scale != s) def test_base32(self): I64("mov eax, [ebx]").check_simple_deref(1, Regs.EBX, 32) class TestInstTable(unittest.TestCase): """ Check that locate_inst algorithm covers all opcode-length (ol) for the varying sizes of opcodes. The bad tests should not find an instruction, so they should fail on purpose, to see we don't crash the diassembler. Also test for some end-cases with nop and wait. """ def test_c7_opcode(self): IB32("c7f8aaaaaaaa").check_mnemonic("XBEGIN") IB64("c7f8aaaaaaaa").check_mnemonic("XBEGIN") IB32("C7C108000000").check_mnemonic("MOV") IB64("C7C108000000").check_mnemonic("MOV") IB64("48C7C000000000").check_mnemonic("MOV") def test_tx(self): IB64("0f01d5").check_mnemonic("XEND") IB64("c6f8bb").check_mnemonic("XABORT") IB64("c7f800000000").check_mnemonic("XBEGIN") def test_fuzz_9b_and_c7(self): for i in range(10000): s = "%02x%02x" % (i & 0xff, random.randint(0, 255)) IB32("9b%sffffffff" % s) IB32("c7%sffffffff" % s) def test_ol1(self): IB32("00c0").check_mnemonic("ADD") def test_ol13(self): IB32("80c055").check_mnemonic("ADD") def test_ol1d(self): IB32("d900").check_mnemonic("FLD") IB32("d9c8").check_mnemonic("FXCH") IB32("d9e1").check_mnemonic("FABS") def test_ol2(self): IB32("0f06").check_mnemonic("CLTS") def test_ol23(self): IB32("0fbae055").check_mnemonic("BT") def test_ol2d(self): IB32("0f01e0").check_mnemonic("SMSW") IB32("0f0130").check_mnemonic("LMSW") IB32("0f01c9").check_mnemonic("MWAIT") def test_ol3(self): IB32("0f380000").check_mnemonic("PSHUFB") def test_ol1_bad(self): # There is no undefined instruction in the root, except a prefix, oh well. pass def test_ol13_bad(self): IB32("f780").check_invalid() def test_ol1d_bad(self): IB32("d908").check_invalid() IB32("d9d1").check_invalid() IB32("d9ef").check_invalid() def test_ol2_bad(self): IB32("0fff").check_invalid() def test_ol23_bad(self): IB32("0f0dff").check_invalid() def test_ol2d_bad(self): IB32("0f0128").check_invalid() IB32("0f01ca").check_invalid() def test_ol3_bad(self): IB32("0f0fff").check_invalid() def test_index63(self): # Test arpl, since it has a special treatment for 32/64 bits. a = IB32("63c0") a.check_mnemonic("ARPL") a = IB64("63c0") a.check_mnemonic("MOVSXD") def test_index90(self): # If nop is prefixed with f3, it is pause then. If it is prefixed with rex, it might be xchg. IB32("90").check_mnemonic("NOP") IB64("90").check_mnemonic("NOP") IB64("4890").check_mnemonic("NOP") IB64("4190").check_mnemonic("XCHG") IB64("f390").check_mnemonic("PAUSE") def test_wait(self): # Wait instruction is very tricky. It might be coalesced with the next bytes. # If the next bytes are 'waitable', otherwise it is a standalone instruction. IB32("9b90").check_mnemonic("WAIT", 0) # nop isn't waitable. IB32("9bdfe0").check_mnemonic("FSTSW") # waitable stsw IB32("dfe0").check_mnemonic("FNSTSW") # non-waitable stsw IB32("9b00c0").check_mnemonic("WAIT") # add isn't waitable IB32("9bd930").check_mnemonic("FSTENV") # waitable fstenv IB32("9b66dbe3").check_mnemonic("WAIT") # prefix breaks waiting def test_3dnow(self): IB32("0f0fc00d").check_mnemonic("PI2FD") IB32("0f0d00").check_mnemonic("PREFETCH") def test_mandatory(self): IB32("f30f10c0").check_mnemonic("MOVSS") IB32("660f10c0").check_mnemonic("MOVUPD") IB32("660f71d055").check_mnemonic("PSRLW") IB32("660ffec0").check_mnemonic("PADDD") IB32("f20f10c0").check_mnemonic("MOVSD") IB32("f20f11c0").check_mnemonic("MOVSD") IB32("660f3800c0").check_mnemonic("PSHUFB") IB32("f20f38f0c0").check_mnemonic("CRC32") IB32("660fc730").check_mnemonic("VMCLEAR") IB32("f30fc730").check_mnemonic("VMXON") def test_vex(self): I32("vaddpd ymm1, ymm2, ymm2").check_mnemonic("VADDPD") # pre encoding: 66, 0f, 58 I32("vaddps ymm1, ymm2, ymm2").check_mnemonic("VADDPS") # pre encoding: 0f, 58 I32("vaddsd xmm1, xmm2, qword [eax]").check_mnemonic("VADDSD") # pre encoding: f2, 0f, 58 I32("vaddss xmm1, xmm2, dword [eax]").check_mnemonic("VADDSS") # pre encoding: f3, 0f, 58 I32("vmovsd xmm1, xmm2, xmm3").check_mnemonic("VMOVSD") # pre encoding: f2, 0f, 10 I32("vmovsd xmm1, qword [eax]").check_mnemonic("VMOVSD") # pre encoding: f2 0f 10 - but VEX.vvvv is not encoded! # Since in a VEX prefix you can encode the virtual prefix, we got three ways to get to 0xf 0x38 # So see that both work well. IB32("c4e279dbc2").check_mnemonic("VAESIMC") # pre encoding: 66, 0f, 38, db, virtual prefix is 0f 38 IB32("c4e17938dbc2").check_mnemonic("VAESIMC") # the virtual prefix is only 0f IB32("c5f938dbc2").check_mnemonic("VAESIMC") # the virtual prefix is only 0f, but short VEX # Same test as earlier, but for 0xf 0x3a, though this instruction doesn't have a short form. IB32("c4e3710dc255").check_mnemonic("VBLENDPD") # pre encoding: 66, 0f, 3a, 0d, virtual prefix is 0f 3a IB32("c4e1713a0dc255").check_mnemonic("VBLENDPD") # pre encoding: 66, 0f, 3a, 0d, virtual prefix is 0f I32("vldmxcsr dword [eax]").check_mnemonic("VLDMXCSR") I32("vzeroupper").check_mnemonic("VZEROUPPER") I32("vzeroall").check_mnemonic("VZEROALL") I32("vpslld xmm1, xmm2, xmm3").check_mnemonic("VPSLLD") def test_vex_special(self): # VVVV encoded, where there is not such an encoding for the VAESIMC instruction. IB32("c4e271dbca").check_invalid() IB32("c4e2791800").check_mnemonic("VBROADCASTSS") # just to make sure this instruction is fine. IB32("c4e279ff00").check_invalid() # pre encoding: 66, 0f, 38, ff IB32("c4e179ff00").check_invalid() # pre encoding: 66, 0f, 38, ff, mmmmm = 1 IB32("c4e379ff00").check_invalid() # pre encoding: 66, 0f, 38, ff, mmmmm = 3 IB32("c4e4791800").check_invalid() # pre encoding: 66, 0f, 38, 18, mmmmm = 4 IB32("c5f8ae10").check_mnemonic("VLDMXCSR") # pre encoding: 0f, ae /02 IB32("c4c178ae10").check_mnemonic("VLDMXCSR") # longer form of 0f, ae /02 IB32("c4c179ae10").check_invalid() # longer form of 0f, ae /02, invalid pp=1 IB32("c4c17aae10").check_invalid() # longer form of 0f, ae /02, invalid pp=2 IB32("c4c17bae10").check_invalid() # longer form of 0f, ae /02, invalid pp=3 IB32("c4c17877").check_mnemonic("VZEROUPPER") # longer form of 0f, 77 IB32("c4c17c77").check_mnemonic("VZEROALL") # longer form of 0f, 77 IB32("c4c97c77").check_invalid() # longer form of 0f, 77, invalid mmmmm def test_crc32(self): I32("crc32 eax, al").check_reg(0, Regs.EAX, 32) def test_lzcnt(self): # This is the only instruction that has a mandatory prefix and can have ALSO a valid operand size prefix! I32("lzcnt ax, bx").check_reg(0, Regs.AX, 16) I32("lzcnt eax, ebx").check_reg(0, Regs.EAX, 32) I64("lzcnt rax, rbx").check_reg(0, Regs.RAX, 64) class TestAVXOperands(unittest.TestCase): def test_rm32(self): #I16("vextractps eax, xmm2, 3").check_reg(0, Regs.EAX, 32) I32("vextractps eax, xmm2, 3").check_reg(0, Regs.EAX, 32) I64("vextractps eax, xmm2, 3").check_reg(0, Regs.EAX, 32) def test_reg32_64_m8(self): #I16("vpextrb eax, xmm2, 3").check_reg(0, Regs.EAX, 32) I32("vpextrb eax, xmm2, 3").check_reg(0, Regs.EAX, 32) I64("vpextrb eax, xmm2, 3").check_reg(0, Regs.EAX, 32) I64("vpextrb rax, xmm2, 3").check_reg(0, Regs.RAX, 64) I32("vpextrb [ebx], xmm2, 3").check_simple_deref(0, Regs.EBX, 8) I64("vpextrb [rbx], xmm2, 3").check_simple_deref(0, Regs.RBX, 8) def test_reg32_64_m16(self): I32("vpextrw eax, xmm2, 3").check_reg(0, Regs.EAX, 32) I64("vpextrw rax, xmm2, 3").check_reg(0, Regs.RAX, 64) I64("vpextrw rax, xmm2, 3").check_reg(0, Regs.RAX, 64) I32("vpextrw [ebx], xmm2, 3").check_simple_deref(0, Regs.EBX, 16) I64("vpextrw [rbx], xmm2, 3").check_simple_deref(0, Regs.RBX, 16) def test_wreg32_64_WITH_wxmm32_64(self): a = I32("vcvtss2si eax, xmm1") a.check_reg(0, Regs.EAX, 32) a.check_reg(1, Regs.XMM1, 128) a = I64("vcvtss2si rax, [rbx]") a.check_reg(0, Regs.RAX, 64) a.check_simple_deref(1, Regs.RBX, 64) a = I64("vcvtss2si eax, [rbx]") a.check_reg(0, Regs.EAX, 32) a.check_simple_deref(1, Regs.RBX, 32) def test_vxmm(self): I32("vaddsd xmm1, xmm2, xmm3").check_reg(1, Regs.XMM2, 128) I64("vaddsd xmm2, xmm3, xmm4").check_reg(1, Regs.XMM3, 128) def test_xmm_imm(self): I32("vpblendvb xmm1, xmm2, xmm3, xmm4").check_reg(3, Regs.XMM4, 128) # Force XMM15, but high bit is ignored in 32bits. self.failIf(IB32("c4e3694ccbf0").inst.operands[3].index != Regs.XMM7) I64("vpblendvb xmm1, xmm2, xmm3, xmm15").check_reg(3, Regs.XMM15, 128) def test_yxmm(self): I32("vaddsubpd ymm2, ymm4, ymm6").check_reg(0, Regs.YMM2, 256) I32("vaddsubpd xmm7, xmm4, xmm6").check_reg(0, Regs.XMM7, 128) I64("vaddsubpd ymm12, ymm4, ymm6").check_reg(0, Regs.YMM12, 256) I64("vaddsubpd xmm14, xmm4, xmm6").check_reg(0, Regs.XMM14, 128) def test_yxmm_imm(self): I32("vblendvpd xmm1, xmm2, xmm3, xmm4").check_reg(3, Regs.XMM4, 128) I32("vblendvpd ymm1, ymm2, ymm3, ymm4").check_reg(3, Regs.YMM4, 256) # Force YMM15, but high bit is ignored in 32bits. self.failIf(IB32("c4e36d4bcbf0").inst.operands[3].index != Regs.YMM7) I64("vblendvpd xmm1, xmm2, xmm3, xmm14").check_reg(3, Regs.XMM14, 128) I64("vblendvpd ymm1, ymm2, ymm3, ymm9").check_reg(3, Regs.YMM9, 256) def test_ymm(self): I32("vbroadcastsd ymm5, [eax]").check_reg(0, Regs.YMM5, 256) I64("vbroadcastsd ymm13, [rax]").check_reg(0, Regs.YMM13, 256) def test_ymm256(self): I32("vperm2f128 ymm2, ymm4, [eax], 0x55").check_simple_deref(2, Regs.EAX, 256) I64("vperm2f128 ymm2, ymm14, [rax], 0x55").check_simple_deref(2, Regs.RAX, 256) def test_vymm(self): I32("vinsertf128 ymm1, ymm4, xmm4, 0xaa").check_reg(1, Regs.YMM4, 256) I64("vinsertf128 ymm1, ymm15, xmm4, 0xaa").check_reg(1, Regs.YMM15, 256) def test_vyxmm(self): I32("vmaxpd xmm1, xmm2, xmm3").check_reg(1, Regs.XMM2, 128) I32("vmaxpd ymm1, ymm2, ymm3").check_reg(1, Regs.YMM2, 256) I64("vmaxpd xmm1, xmm12, xmm3").check_reg(1, Regs.XMM12, 128) I64("vmaxpd ymm1, ymm12, ymm3").check_reg(1, Regs.YMM12, 256) def test_yxmm64_256(self): I32("vmovddup xmm1, xmm2").check_reg(1, Regs.XMM2, 128) I32("vmovddup ymm1, ymm2").check_reg(1, Regs.YMM2, 256) I32("vmovddup xmm1, [ecx]").check_simple_deref(1, Regs.ECX, 64) I32("vmovddup ymm1, [ebx]").check_simple_deref(1, Regs.EBX, 256) I64("vmovddup xmm1, xmm12").check_reg(1, Regs.XMM12, 128) I64("vmovddup ymm1, ymm12").check_reg(1, Regs.YMM12, 256) I64("vmovddup xmm1, [rcx]").check_simple_deref(1, Regs.RCX, 64) I64("vmovddup ymm1, [rbx]").check_simple_deref(1, Regs.RBX, 256) def test_yxmm128_256(self): I32("vandnpd xmm1, xmm2, xmm3").check_reg(2, Regs.XMM3, 128) I32("vandnpd ymm1, ymm2, ymm3").check_reg(2, Regs.YMM3, 256) I32("vandnpd xmm1, xmm2, [edi]").check_simple_deref(2, Regs.EDI, 128) I32("vandnpd ymm1, ymm2, [esi]").check_simple_deref(2, Regs.ESI, 256) I64("vandnpd xmm1, xmm2, xmm13").check_reg(2, Regs.XMM13, 128) I64("vandnpd ymm1, ymm2, ymm13").check_reg(2, Regs.YMM13, 256) I64("vandnpd xmm1, xmm2, [rdi]").check_simple_deref(2, Regs.RDI, 128) I64("vandnpd ymm1, ymm2, [rsi]").check_simple_deref(2, Regs.RSI, 256) def test_lxmm64_128(self): I32("vcvtdq2pd xmm1, xmm2").check_reg(1, Regs.XMM2, 128) I32("vcvtdq2pd xmm1, [eax]").check_simple_deref(1, Regs.EAX, 64) I32("vcvtdq2pd ymm1, [ebx]").check_simple_deref(1, Regs.EBX, 128) I64("vcvtdq2pd xmm1, xmm12").check_reg(1, Regs.XMM12, 128) I64("vcvtdq2pd xmm1, [rax]").check_simple_deref(1, Regs.RAX, 64) I64("vcvtdq2pd ymm1, [rbx]").check_simple_deref(1, Regs.RBX, 128) def test_lmem128_256(self): I32("vlddqu xmm1, [eax]").check_simple_deref(1, Regs.EAX, 128) I32("vlddqu ymm1, [eax]").check_simple_deref(1, Regs.EAX, 256) I64("vlddqu xmm1, [r14]").check_simple_deref(1, Regs.R14, 128) I64("vlddqu ymm1, [r13]").check_simple_deref(1, Regs.R13, 256) class TestMisc(unittest.TestCase): def test_lods(self): a = I16("lodsb") a.check_reg(0, Regs.AL, 8) a.check_simple_deref(1, Regs.SI, 8) self.assertEqual(a.inst.isSegmentDefault, True) a = I32("lodsw") a.check_reg(0, Regs.AX, 16) a.check_simple_deref(1, Regs.ESI, 16) self.assertEqual(a.inst.isSegmentDefault, True) a = I32("lodsd") a.check_reg(0, Regs.EAX, 32) a.check_simple_deref(1, Regs.ESI, 32) self.assertEqual(a.inst.isSegmentDefault, True) a = I64("lodsq") a.check_reg(0, Regs.RAX, 64) a.check_simple_deref(1, Regs.RSI, 64) self.assertEqual(a.inst.isSegmentDefault, False) a = I16("db 0x2e\nlodsb") a.check_reg(0, Regs.AL, 8) a.check_simple_deref(1, Regs.SI, 8) self.assertEqual(a.inst.segment, Regs.CS) self.assertEqual(a.inst.isSegmentDefault, False) a = I32("db 0x2e\nlodsw") a.check_reg(0, Regs.AX, 16) a.check_simple_deref(1, Regs.ESI, 16) self.assertEqual(a.inst.segment, Regs.CS) self.assertEqual(a.inst.isSegmentDefault, False) a = I32("db 0x2e\nlodsd") a.check_reg(0, Regs.EAX, 32) a.check_simple_deref(1, Regs.ESI, 32) self.assertEqual(a.inst.segment, Regs.CS) self.assertEqual(a.inst.isSegmentDefault, False) a = I64("db 0x65\nlodsq") a.check_reg(0, Regs.RAX, 64) a.check_simple_deref(1, Regs.RSI, 64) self.assertEqual(a.inst.segment, Regs.GS) self.assertEqual(a.inst.isSegmentDefault, False) def test_stos(self): a = I16("stosb") a.check_simple_deref(0, Regs.DI, 8) a.check_reg(1, Regs.AL, 8) self.assertEqual(a.inst.isSegmentDefault, True) a = I32("stosw") a.check_simple_deref(0, Regs.EDI, 16) a.check_reg(1, Regs.AX, 16) self.assertEqual(a.inst.isSegmentDefault, True) a = I32("stosd") a.check_simple_deref(0, Regs.EDI, 32) a.check_reg(1, Regs.EAX, 32) self.assertEqual(a.inst.isSegmentDefault, True) a = I64("stosq") a.check_simple_deref(0, Regs.RDI, 64) a.check_reg(1, Regs.RAX, 64) self.assertEqual(a.inst.isSegmentDefault, False) a = I16("db 0x2e\nstosb") a.check_simple_deref(0, Regs.DI, 8) a.check_reg(1, Regs.AL, 8) self.assertEqual(a.inst.unusedPrefixesMask, 1) self.assertEqual(a.inst.segment, Regs.ES) self.assertEqual(a.inst.isSegmentDefault, True) a = I32("db 0x2e\nstosw") a.check_simple_deref(0, Regs.EDI, 16) a.check_reg(1, Regs.AX, 16) self.assertEqual(a.inst.unusedPrefixesMask, 1) self.assertEqual(a.inst.segment, Regs.ES) self.assertEqual(a.inst.isSegmentDefault, True) a = I32("db 0x2e\nstosd") a.check_simple_deref(0, Regs.EDI, 32) a.check_reg(1, Regs.EAX, 32) self.assertEqual(a.inst.unusedPrefixesMask, 1) self.assertEqual(a.inst.segment, Regs.ES) self.assertEqual(a.inst.isSegmentDefault, True) a = I64("db 0x65\nstosq") a.check_simple_deref(0, Regs.RDI, 64) a.check_reg(1, Regs.RAX, 64) self.assertEqual(a.inst.unusedPrefixesMask, 1) self.assertEqual(a.inst.segment, REG_NONE) def test_scas(self): a = I16("scasb") a.check_simple_deref(0, Regs.DI, 8) a.check_reg(1, Regs.AL, 8) self.assertEqual(a.inst.isSegmentDefault, True) a = I32("scasw") a.check_simple_deref(0, Regs.EDI, 16) a.check_reg(1, Regs.AX, 16) self.assertEqual(a.inst.isSegmentDefault, True) a = I32("scasd") a.check_simple_deref(0, Regs.EDI, 32) a.check_reg(1, Regs.EAX, 32) self.assertEqual(a.inst.isSegmentDefault, True) a = I64("scasq") a.check_simple_deref(0, Regs.RDI, 64) a.check_reg(1, Regs.RAX, 64) self.assertEqual(a.inst.isSegmentDefault, False) a = I16("db 0x2e\nscasb") a.check_simple_deref(0, Regs.DI, 8) a.check_reg(1, Regs.AL, 8) self.assertEqual(a.inst.unusedPrefixesMask, 1) self.assertEqual(a.inst.segment, Regs.ES) self.assertEqual(a.inst.isSegmentDefault, True) a = I32("db 0x2e\nscasw") a.check_simple_deref(0, Regs.EDI, 16) a.check_reg(1, Regs.AX, 16) self.assertEqual(a.inst.unusedPrefixesMask, 1) self.assertEqual(a.inst.segment, Regs.ES) self.assertEqual(a.inst.isSegmentDefault, True) a = I32("db 0x2e\nscasd") a.check_simple_deref(0, Regs.EDI, 32) a.check_reg(1, Regs.EAX, 32) self.assertEqual(a.inst.unusedPrefixesMask, 1) self.assertEqual(a.inst.segment, Regs.ES) self.assertEqual(a.inst.isSegmentDefault, True) a = I64("db 0x65\nscasq") a.check_simple_deref(0, Regs.RDI, 64) a.check_reg(1, Regs.RAX, 64) self.assertEqual(a.inst.unusedPrefixesMask, 1) self.assertEqual(a.inst.segment, REG_NONE) def test_cmps(self): a = I64("cmpsd") a.check_simple_deref(0, Regs.RSI, 32) a.check_simple_deref(1, Regs.RDI, 32) self.assertEqual(a.inst.unusedPrefixesMask, 0) self.assertEqual(a.inst.segment, REG_NONE) a = I16("db 0x2e\ncmpsb") a.check_simple_deref(0, Regs.SI, 8) a.check_simple_deref(1, Regs.DI, 8) self.assertEqual(a.inst.unusedPrefixesMask, 0) self.assertEqual(a.inst.segment, Regs.CS) self.assertEqual(a.inst.isSegmentDefault, False) def test_movs(self): a = I32("movsd") a.check_simple_deref(0, Regs.EDI, 32) a.check_simple_deref(1, Regs.ESI, 32) self.assertEqual(a.inst.unusedPrefixesMask, 0) self.assertEqual(a.inst.segment, Regs.DS) self.assertEqual(a.inst.isSegmentDefault, True) a = I32("db 0x2e\nmovsw") a.check_simple_deref(0, Regs.EDI, 16) a.check_simple_deref(1, Regs.ESI, 16) self.assertEqual(a.inst.unusedPrefixesMask, 0) self.assertEqual(a.inst.segment, Regs.CS) self.assertEqual(a.inst.isSegmentDefault, False) def test_ins(self): a = I32("db 0x65\ninsw") a.check_simple_deref(0, Regs.EDI, 16) a.check_reg(1, Regs.DX, 16) self.assertEqual(a.inst.unusedPrefixesMask, 1) self.assertEqual(a.inst.segment, Regs.ES) self.assertEqual(a.inst.isSegmentDefault, True) def test_outs(self): a = I64("db 0x65\noutsd") a.check_reg(0, Regs.DX, 16) a.check_simple_deref(1, Regs.RSI, 32) self.assertEqual(a.inst.segment, Regs.GS) self.assertEqual(a.inst.isSegmentDefault, False) def test_branch_hints(self): self.failIf("FLAG_HINT_TAKEN" not in I32("db 0x3e\n jnz 0x50").inst.flags) self.failIf("FLAG_HINT_NOT_TAKEN" not in I32("db 0x2e\n jp 0x55").inst.flags) self.failIf("FLAG_HINT_NOT_TAKEN" not in I32("db 0x2e\n jo 0x55000").inst.flags) self.failIf(I32("db 0x2e\n loop 0x55").inst.rawFlags & 0x1f, 0) def test_mnemonic_by_vexw(self): I32("vmovd xmm1, eax").check_mnemonic("VMOVD") I64("vmovd xmm1, eax").check_reg(1, Regs.EAX, 32) a = I64("vmovq xmm1, rax") a.check_mnemonic("VMOVQ") a.check_reg(1, Regs.RAX, 64) def test_vexl_ignored(self): I32("vaesdeclast xmm1, xmm2, xmm3").check_reg(0, Regs.XMM1, 128) IB32("c4e26ddfcb").check_mnemonic("VAESDECLAST") IB64("c4e26ddfcb").check_mnemonic("VAESDECLAST") def test_vexl_needed(self): I32("vinsertf128 ymm1, ymm2, xmm4, 0x42").check_mnemonic("VINSERTF128") IB32("c4e36918cc42").check_invalid() # Without VEX.L. IB64("c4e36918cc42").check_invalid() # Without VEX.L. def test_force_reg0(self): I32("extrq xmm1, 0x55, 0x66").check_mnemonic("EXTRQ") I64("extrq xmm14, 0x55, 0x66").check_reg(0, Regs.XMM14, 128) def test_pause(self): self.assertEqual(I16("pause").inst.size, 2) self.assertEqual(I32("pause").inst.size, 2) self.assertEqual(I64("pause").inst.size, 2) def test_nop(self): self.assertEqual(I16("db 0x90").inst.size, 1) self.assertEqual(I32("db 0x90").inst.size, 1) self.assertEqual(I64("db 0x90").inst.size, 1) self.assertEqual(I64("db 0x48, 0x90").inst.size, 2) # XCHG R8D, EAX a = I64("db 0x41, 0x90") a.check_reg(0, Regs.R8D, 32) a.check_reg(1, Regs.EAX, 32) # XCHG R8, RAX a = I64("db 0x49, 0x90") a.check_reg(0, Regs.R8, 64) a.check_reg(1, Regs.RAX, 64) a = I64("db 0x4f, 0x90") a.check_reg(0, Regs.R8, 64) a.check_reg(1, Regs.RAX, 64) def test_3dnow(self): I32("pfadd mm4, [eax]").check_reg(0, Regs.MM4, 64) I32("pfsub mm5, [eax]").check_reg(0, Regs.MM5, 64) I32("pfrcpit1 mm1, [ebx]").check_mnemonic("PFRCPIT1") I64("pavgusb mm1, mm2").check_mnemonic("PAVGUSB") def test_all_segs(self): I16("push fs").check_reg(0, Regs.FS, 16) I16("push gs").check_reg(0, Regs.GS, 16) I16("push ds").check_reg(0, Regs.DS, 16) I16("push cs").check_reg(0, Regs.CS, 16) I16("push ds").check_reg(0, Regs.DS, 16) I16("push es").check_reg(0, Regs.ES, 16) def test_op4(self): a = I32("insertq xmm2, xmm1, 0x55, 0xaa") a.check_reg(0, Regs.XMM2, 128) a.check_reg(1, Regs.XMM1, 128) a.check_type_size(2, distorm3.OPERAND_IMMEDIATE, 8) self.assertEqual(a.inst.operands[2].value, 0x55) a.check_type_size(3, distorm3.OPERAND_IMMEDIATE, 8) self.assertEqual(a.inst.operands[3].value, 0xaa) def test_pseudo_cmp(self): I32("cmpps xmm2, xmm3, 0x7") I64("cmpps xmm2, xmm4, 0x2") def test_jmp_counters(self): I16("jcxz 0x100") I32("jecxz 0x100") I64("jrcxz 0x100") def test_natives(self): self.assertEqual(I16("pusha").inst.size, 1) self.assertEqual(I16("pushad").inst.size, 2) self.assertEqual(I32("pusha").inst.size, 1) self.assertEqual(I32("pushaw").inst.size, 2) self.assertEqual(I16("CBW").inst.size, 1) self.assertEqual(I32("CWDE").inst.size, 1) self.assertEqual(I64("CDQE").inst.size, 2) def test_modrm_based(self): I32("movhlps xmm0, xmm1") I32("movhps xmm0, [eax]") I64("movhlps xmm0, xmm1") I64("movhps xmm0, [eax]") I64("movhlps xmm0, xmm1") I64("movlps xmm0, [eax]") def test_wait(self): self.assertEqual(I16("wait").inst.size, 1) def test_include_wait(self): self.assertEqual(I16("db 0x9b\n db 0xd9\n db 0x30").inst.size, 3) def test_loopxx_counters_size(self): a = I16("loopz 0x50") a.check_type_size(0,distorm3.OPERAND_IMMEDIATE, 8) a.check_addr_size(16) a = I32("loopz 0x50") a.check_type_size(0,distorm3.OPERAND_IMMEDIATE, 8) a.check_addr_size(32) a = I64("loopz 0x50") a.check_type_size(0,distorm3.OPERAND_IMMEDIATE, 8) a.check_addr_size(64) a = I16("db 0x67\n loopz 0x50") a.check_type_size(0,distorm3.OPERAND_IMMEDIATE, 8) a.check_addr_size(32) a = I32("db 0x67\n loopz 0x50") a.check_type_size(0,distorm3.OPERAND_IMMEDIATE, 8) a.check_addr_size(16) a = I64("db 0x67\n loopnz 0x50") a.check_type_size(0,distorm3.OPERAND_IMMEDIATE, 8) a.check_addr_size(32) class TestPrefixes(unittest.TestCase): Derefs16 = ["BX + SI", "BX + DI", "BP + SI", "BP + DI", "SI", "DI", "BP", "BX"] Derefs32 = ["EAX", "ECX", "EDX", "EBX", "EBP", "ESI", "EDI"] Bases = ["EAX", "ECX", "EDX", "EBX", "ESP", "ESI", "EDI"] def test_without_seg(self): self.assertEqual(I64("and [rip+0X5247], ch").inst.segment, REG_NONE) self.assertEqual(I32("mov eax, [ebp*4]").inst.segment, Regs.DS) self.assertEqual(I32("mov eax, [eax*4+ebp]").inst.segment, Regs.SS) def test_default_seg16(self): a = I16("mov [ds:0x1234], ax") self.assertEqual(a.inst.segment, Regs.DS) self.assertEqual(a.inst.isSegmentDefault, 1) a = I16("mov [cs:0x1234], ax") self.assertEqual(a.inst.segment, Regs.CS) self.assertEqual(a.inst.isSegmentDefault, False) def test_default_seg16_all(self): for i in ["ADD [ds:%s], AX" % i for i in self.Derefs16]: a = I16(i) self.assertEqual(a.inst.segment, Regs.DS) if i[8:10] == "BP": self.assertEqual(a.inst.isSegmentDefault, False) else: self.assertEqual(a.inst.isSegmentDefault, True) # Test with disp8 for i in ["ADD [ds:%s + 0x55], AX" % i for i in self.Derefs16]: a = I16(i) self.assertEqual(a.inst.segment, Regs.DS) if i[8:10] == "BP": self.assertEqual(a.inst.isSegmentDefault, False) else: self.assertEqual(a.inst.isSegmentDefault, True) def test_default_seg32(self): self.assertEqual(I32("mov [ds:0x12345678], eax").inst.segment, Regs.DS) self.assertEqual(I32("mov [cs:0x12345678], eax").inst.segment, Regs.CS) texts = ["ADD [ds:%s], EAX" % i for i in self.Derefs32] for i in enumerate(texts): a = I32(i[1]) self.assertEqual(a.inst.segment, Regs.DS) if self.Derefs32[i[0]] == "EBP": self.assertEqual(a.inst.isSegmentDefault, False) else: self.assertEqual(a.inst.isSegmentDefault, True) # Test with disp8 texts = ["ADD [ds:%s + 0x55], EAX" % i for i in self.Derefs32] for i in enumerate(texts): a = I32(i[1]) self.assertEqual(a.inst.segment, Regs.DS) if self.Derefs32[i[0]] == "EBP": self.assertEqual(a.inst.isSegmentDefault, False) else: self.assertEqual(a.inst.isSegmentDefault, True) def test_sib(self): for i in enumerate(self.Derefs32): for j in enumerate(self.Bases): for s in [1, 2, 4, 8]: a = I32("cmp ebp, [ds:%s*%d + %s]" % (i[1], s, j[1])) a2 = I32("cmp ebp, [ds:%s*%d + %s + 0x55]" % (i[1], s, j[1])) self.assertEqual(a.inst.segment, Regs.DS) self.assertEqual(a2.inst.segment, Regs.DS) if (j[1] == "EBP" or j[1] == "ESP"): self.assertEqual(a.inst.isSegmentDefault, False) self.assertEqual(a2.inst.isSegmentDefault, False) else: self.assertEqual(a.inst.isSegmentDefault, True) self.assertEqual(a2.inst.isSegmentDefault, True) def test_seg64(self): self.assertEqual(I64("mov [gs:rip+0x12345678], eax").inst.segment, Regs.GS) self.assertEqual(I64("mov [fs:0x12345678], eax").inst.segment, Regs.FS) def test_lock(self): self.failIf("FLAG_LOCK" not in I32("lock inc dword [eax]").inst.flags) def test_repnz(self): self.failIf("FLAG_REPNZ" not in I32("repnz scasb").inst.flags) def test_rep(self): self.failIf("FLAG_REP" not in I32("rep movsb").inst.flags) def test_segment_override(self): self.assertEqual(I32("mov eax, [cs:eax]").inst.segment, Regs.CS) self.assertEqual(I32("mov eax, [ds:eax]").inst.segment, Regs.DS) self.assertEqual(I32("mov eax, [es:eax]").inst.segment, Regs.ES) self.assertEqual(I32("mov eax, [ss:eax]").inst.segment, Regs.SS) self.assertEqual(I32("mov eax, [fs:eax]").inst.segment, Regs.FS) self.assertEqual(I32("mov eax, [gs:eax]").inst.segment, Regs.GS) def test_unused_normal(self): self.assertEqual(IB64("4090").inst.unusedPrefixesMask, 1) self.assertEqual(IB64("6790").inst.unusedPrefixesMask, 1) self.assertEqual(IB64("6690").inst.unusedPrefixesMask, 1) self.assertEqual(IB64("f290").inst.unusedPrefixesMask, 1) self.assertEqual(IB64("f090").inst.unusedPrefixesMask, 1) self.assertEqual(IB64("f3c3").inst.unusedPrefixesMask, 1) self.assertEqual(IB64("64c3").inst.unusedPrefixesMask, 1) def test_unused_doubles(self): self.assertEqual(IB64("404090").inst.unusedPrefixesMask, 3) self.assertEqual(IB64("676790").inst.unusedPrefixesMask, 3) self.assertEqual(IB64("666690").inst.unusedPrefixesMask, 3) self.assertEqual(IB64("f2f290").inst.unusedPrefixesMask, 3) self.assertEqual(IB64("f0f090").inst.unusedPrefixesMask, 3) self.assertEqual(IB64("f3f3c3").inst.unusedPrefixesMask, 3) self.assertEqual(IB64("642ec3").inst.unusedPrefixesMask, 3) def test_unused_sequences(self): self.assertEqual(len(IB64("66"*15).insts), 15) r = int(random.random() * 14) self.assertEqual(IB64("66"*r + "90").inst.unusedPrefixesMask, (1 << r) - 1) def test_rexw_66(self): self.assertEqual(IB64("6648ffc0").inst.unusedPrefixesMask, 1) self.assertEqual(IB64("6640ffc0").inst.unusedPrefixesMask, 2) self.assertEqual(IB64("48660f10c0").inst.unusedPrefixesMask, 1) self.assertEqual(IB64("664f0f10c0").inst.unusedPrefixesMask, 0) class TestInvalid(unittest.TestCase): def align(self): for i in range(15): IB32("90") def test_filter_mem(self): #cmpxchg8b eax IB32("0fc7c8") self.align() def test_drop_prefixes(self): # Drop prefixes when we encountered an instruction that couldn't be decoded. IB32("666764ffff") self.align() def test_zzz_must_be_last_drop_prefixes(self): # Drop prefixes when the last byte in stream is a prefix. IB32("66") class FlowControl: """ The flow control instruction will be flagged in the lo nibble of the 'meta' field in _InstInfo of diStorm. They are used to distinguish between flow control instructions (such as: ret, call, jmp, jz, etc) to normal ones. """ (CALL, RET, SYS, BRANCH, COND_BRANCH, INT) = range(1, 7) DF_MAXIMUM_ADDR16 = 1 DF_MAXIMUM_ADDR32 = 2 DF_RETURN_FC_ONLY = 4 DF_STOP_ON_CALL = 8 DF_STOP_ON_RET = 0x10 DF_STOP_ON_SYS = 0x20 DF_STOP_ON_BRANCH = 0x40 DF_STOP_ON_COND_BRANCH = 0x80 DF_STOP_ON_INT = 0x100 DF_STOP_ON_FLOW_CONTROL = (DF_STOP_ON_CALL | DF_STOP_ON_RET | DF_STOP_ON_SYS | DF_STOP_ON_BRANCH | DF_STOP_ON_COND_BRANCH | DF_STOP_ON_INT) class TestFeatures(unittest.TestCase): def test_addr16(self): #I16("mov [-4], bx", 0, DF_MAXIMUM_ADDR16).check_disp(0, 0xfffc, 16, 16) pass def test_add32(self): pass def test_fc(self): pairs = [ (["INT 5", "db 0xf1", "INT 3", "INTO", "UD2"], FlowControl.INT), (["CALL 0x50", "CALL FAR [ebx]"], FlowControl.CALL), (["RET", "IRET", "RETF"], FlowControl.RET), (["SYSCALL", "SYSENTER", "SYSRET", "SYSEXIT"], FlowControl.SYS), (["JMP 0x50", "JMP FAR [ebx]"], FlowControl.BRANCH), (["JCXZ 0x50", "JO 0x50", "JNO 0x50", "JB 0x50", "JAE 0x50", "JZ 0x50", "JNZ 0x50", "JBE 0x50", "JA 0x50", "JS 0x50", "JNS 0x50", "JP 0x50", "JNP 0x50", "JL 0x50", "JGE 0x50", "JLE 0x50", "JG 0x50", "LOOP 0x50", "LOOPZ 0x50", "LOOPNZ 0x50"], FlowControl.COND_BRANCH) ] for i in pairs: for j in i[0]: a = I32(j + "\nnop", DF_STOP_ON_FLOW_CONTROL) self.assertEqual(len(a.insts), 1) self.assertEqual(a.inst["meta"] & 7, i[1]) a = I32("push eax\nnop\n" + j, DF_RETURN_FC_ONLY) self.assertEqual(len(a.insts), 1) a = I32("nop\nxor eax, eax\n" + j + "\ninc eax", DF_RETURN_FC_ONLY | DF_STOP_ON_FLOW_CONTROL) self.assertEqual(len(a.insts), 1) def test_filter(self): pass def GetNewSuite(className): suite = unittest.TestSuite() suite.addTest(unittest.makeSuite(className)) return suite def initfiles(): for i in ["bin16", "bin32", "bin64"]: fbin.append(open("build\\linux\\"+i, "wb")) if __name__ == "__main__": random.seed() #initfiles() # Used to emit the bytes of the tests - useful for code coverage input. suite = unittest.TestSuite() suite.addTest(GetNewSuite(TestMode16)) suite.addTest(GetNewSuite(TestMode32)) suite.addTest(GetNewSuite(TestMode64)) suite.addTest(GetNewSuite(TestInstTable)) suite.addTest(GetNewSuite(TestAVXOperands)) suite.addTest(GetNewSuite(TestMisc)) suite.addTest(GetNewSuite(TestPrefixes)) #suite.addTest(GetNewSuite(TestInvalid)) #suite.addTest(GetNewSuite(TestFeatures)) unittest.TextTestRunner(verbosity=1).run(suite) distorm-3.4.1/examples/tests/tests.sln000066400000000000000000000015541340425302400200420ustar00rootroot00000000000000 Microsoft Visual Studio Solution File, Format Version 11.00 # Visual Studio 2010 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "tests", "tests.vcxproj", "{C35D3921-227A-432A-BB5D-90ECEBAB08B2}" EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|Win32 = Debug|Win32 Release|Win32 = Release|Win32 EndGlobalSection GlobalSection(ProjectConfigurationPlatforms) = postSolution {C35D3921-227A-432A-BB5D-90ECEBAB08B2}.Debug|Win32.ActiveCfg = Debug|Win32 {C35D3921-227A-432A-BB5D-90ECEBAB08B2}.Debug|Win32.Build.0 = Debug|Win32 {C35D3921-227A-432A-BB5D-90ECEBAB08B2}.Release|Win32.ActiveCfg = Release|Win32 {C35D3921-227A-432A-BB5D-90ECEBAB08B2}.Release|Win32.Build.0 = Release|Win32 EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE EndGlobalSection EndGlobal distorm-3.4.1/examples/tests/tests.vcxproj000066400000000000000000000075131340425302400207420ustar00rootroot00000000000000 Debug Win32 Release Win32 {C35D3921-227A-432A-BB5D-90ECEBAB08B2} Win32Proj tests Application true Unicode Application false true Unicode true false Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) Console true Level3 MaxSpeed true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) Console true true true distorm-3.4.1/examples/tests/tests.vcxproj.filters000066400000000000000000000016711340425302400224100ustar00rootroot00000000000000 {4FC737F1-C7A5-4376-A066-2A32D752A2FF} cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx {93995380-89BD-4b04-88EB-625FBE52EBFB} h;hpp;hxx;hm;inl;inc;xsd {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms Source Files distorm-3.4.1/examples/win32/000077500000000000000000000000001340425302400157555ustar00rootroot00000000000000distorm-3.4.1/examples/win32/disasm.sln000066400000000000000000000023131340425302400177520ustar00rootroot00000000000000Microsoft Visual Studio Solution File, Format Version 11.00 # Visual Studio 2010 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "disasm", "disasm.vcxproj", "{91227BA8-F7EB-43CC-8C4A-A4944C00567B}" EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|Win32 = Debug|Win32 Debug|x64 = Debug|x64 Release|Win32 = Release|Win32 Release|x64 = Release|x64 EndGlobalSection GlobalSection(ProjectConfigurationPlatforms) = postSolution {91227BA8-F7EB-43CC-8C4A-A4944C00567B}.Debug|Win32.ActiveCfg = Debug|Win32 {91227BA8-F7EB-43CC-8C4A-A4944C00567B}.Debug|Win32.Build.0 = Debug|Win32 {91227BA8-F7EB-43CC-8C4A-A4944C00567B}.Debug|x64.ActiveCfg = Debug|x64 {91227BA8-F7EB-43CC-8C4A-A4944C00567B}.Debug|x64.Build.0 = Debug|x64 {91227BA8-F7EB-43CC-8C4A-A4944C00567B}.Release|Win32.ActiveCfg = Release|Win32 {91227BA8-F7EB-43CC-8C4A-A4944C00567B}.Release|Win32.Build.0 = Release|Win32 {91227BA8-F7EB-43CC-8C4A-A4944C00567B}.Release|x64.ActiveCfg = Release|x64 {91227BA8-F7EB-43CC-8C4A-A4944C00567B}.Release|x64.Build.0 = Release|x64 EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE EndGlobalSection EndGlobal distorm-3.4.1/examples/win32/disasm.vcxproj000066400000000000000000000251761340425302400206650ustar00rootroot00000000000000 Debug Win32 Debug x64 Release Win32 Release x64 {91227BA8-F7EB-43CC-8C4A-A4944C00567B} disasm Win32Proj Application MultiByte Application MultiByte Application MultiByte Application MultiByte <_ProjectFileVersion>10.0.30319.1 Debug\ Debug\ true $(Platform)\$(Configuration)\ $(Platform)\$(Configuration)\ true Release\ Release\ false $(Platform)\$(Configuration)\ $(Platform)\$(Configuration)\ false AllRules.ruleset AllRules.ruleset AllRules.ruleset AllRules.ruleset Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) true EnableFastChecks MultiThreadedDebug Level3 EditAndContinue CompileAsCpp $(OutDir)disasm.exe true $(OutDir)disasm.pdb Console false MachineX86 X64 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) true EnableFastChecks MultiThreadedDebug Level3 ProgramDatabase CompileAsCpp $(OutDir)disasm.exe true $(OutDir)disasm.pdb Console false MachineX64 Full WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) MultiThreaded Level3 ProgramDatabase CompileAsCpp $(OutDir)disasm.exe true Console true true false MachineX86 X64 Full WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) MultiThreaded Level3 CompileAsCpp $(OutDir)disasm.exe true Console true true false MachineX64 distorm-3.4.1/examples/win32/disasm.vcxproj.filters000066400000000000000000000007661340425302400223320ustar00rootroot00000000000000 {4FC737F1-C7A5-4376-A066-2A32D752A2FF} cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx Source Files distorm-3.4.1/examples/win32/main.cpp000066400000000000000000000125021340425302400174050ustar00rootroot00000000000000// diStorm64 library sample // http://ragestorm.net/distorm/ // Arkon, Stefan, 2005 #include #include #include #include #include "../../include/distorm.h" // Link the library into our project. #pragma comment(lib, "../../distorm.lib") // The number of the array of instructions the decoder function will use to return the disassembled instructions. // Play with this value for performance... #define MAX_INSTRUCTIONS (1000) int main(int argc, char **argv) { // Version of used compiled library. unsigned long dver = 0; // Holds the result of the decoding. _DecodeResult res; // Decoded instruction information. _DecodedInst decodedInstructions[MAX_INSTRUCTIONS]; // next is used for instruction's offset synchronization. // decodedInstructionsCount holds the count of filled instructions' array by the decoder. unsigned int decodedInstructionsCount = 0, i, next; // Default decoding mode is 32 bits, could be set by command line. _DecodeType dt = Decode32Bits; // Default offset for buffer is 0, could be set in command line. _OffsetType offset = 0; char* errch = NULL; // Index to file name in argv. int param = 1; // Handling file. HANDLE file; DWORD filesize, bytesread; // Buffer to disassemble. unsigned char *buf, *buf2; // Disassembler version. dver = distorm_version(); printf("diStorm version: %d.%d.%d\n", (dver >> 16), ((dver) >> 8) & 0xff, dver & 0xff); // Check params. if (argc < 2 || argc > 4) { printf("Usage: disasm.exe [-b16] [-b64] filename [memory offset]\r\nRaw disassembler output.\r\nMemory offset is origin of binary file in memory (address in hex).\r\nDefault decoding mode is -b32.\r\nexample: disasm -b16 demo.com 789a\r\n"); return -1; } if (strncmp(argv[param], "-b16", 4) == 0) { dt = Decode16Bits; param++; } else if (strncmp(argv[param], "-b64", 4) == 0) { dt = Decode64Bits; param++; } else if (*argv[param] == '-') { printf("Decoding mode size isn't specified!"); return -1; } else if (argc == 4) { printf("Too many parameters are set."); return -1; } if (param >= argc) { printf("Filename is missing."); return -1; } if (param + 1 == argc-1) { // extra param? #ifdef SUPPORT_64BIT_OFFSET offset = _strtoui64(argv[param + 1], &errch, 16); #else offset = strtoul(argv[param + 1], &errch, 16); #endif if (*errch != '\0') { printf("Offset couldn't be converted."); return -1; } } file = CreateFile(argv[param], GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); if (file == INVALID_HANDLE_VALUE) { printf("Could not open file %s (error %d)\n", argv[param], GetLastError()); return -2; } if ((filesize = GetFileSize(file, NULL)) < 0) { printf("Error getting filesize (error %d)\n", GetLastError()); CloseHandle(file); return -3; } // We read the whole file into memory in order to make life easier, // otherwise we would have to synchronize the code buffer as well (so instructions won't be split). buf2 = buf = (unsigned char*)malloc(filesize); if (!ReadFile(file, buf, filesize, &bytesread, NULL)) { printf("Error reading file (error %d)\n", GetLastError()); CloseHandle(file); free(buf); return -3; } if (filesize != bytesread) { printf("Internal read-error in system\n"); CloseHandle(file); free(buf); return -3; } CloseHandle(file); printf("bits: %d\nfilename: %s\norigin: ", dt == Decode16Bits ? 16 : dt == Decode32Bits ? 32 : 64, argv[param]); #ifdef SUPPORT_64BIT_OFFSET if (dt != Decode64Bits) printf("%08I64x\n", offset); else printf("%016I64x\n", offset); #else printf("%08x\n", offset); #endif // Decode the buffer at given offset (virtual address). while (1) { // If you get an unresolved external symbol linker error for the following line, // change the SUPPORT_64BIT_OFFSET in distorm.h. res = distorm_decode(offset, (const unsigned char*)buf, filesize, dt, decodedInstructions, MAX_INSTRUCTIONS, &decodedInstructionsCount); if (res == DECRES_INPUTERR) { // Null buffer? Decode type not 16/32/64? printf("Input error, halting!"); free(buf2); return -4; } for (i = 0; i < decodedInstructionsCount; i++) { #ifdef SUPPORT_64BIT_OFFSET printf("%0*I64x (%02d) %-24s %s%s%s\n", dt != Decode64Bits ? 8 : 16, decodedInstructions[i].offset, decodedInstructions[i].size, (char*)decodedInstructions[i].instructionHex.p, (char*)decodedInstructions[i].mnemonic.p, decodedInstructions[i].operands.length != 0 ? " " : "", (char*)decodedInstructions[i].operands.p); #else printf("%08x (%02d) %-24s %s%s%s\n", decodedInstructions[i].offset, decodedInstructions[i].size, (char*)decodedInstructions[i].instructionHex.p, (char*)decodedInstructions[i].mnemonic.p, decodedInstructions[i].operands.length != 0 ? " " : "", (char*)decodedInstructions[i].operands.p); #endif } if (res == DECRES_SUCCESS) break; // All instructions were decoded. else if (decodedInstructionsCount == 0) break; // Synchronize: next = (unsigned long)(decodedInstructions[decodedInstructionsCount-1].offset - offset); next += decodedInstructions[decodedInstructionsCount-1].size; // Advance ptr and recalc offset. buf += next; filesize -= next; offset += next; } // Release buffer free(buf2); return 0; } distorm-3.4.1/include/000077500000000000000000000000001340425302400146205ustar00rootroot00000000000000distorm-3.4.1/include/distorm.h000077500000000000000000000461241340425302400164640ustar00rootroot00000000000000/* diStorm 3.4.0 */ /* distorm.h diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #ifndef DISTORM_H #define DISTORM_H /* * 64 bit offsets support: * If the diStorm library you use was compiled with 64 bits offsets, * make sure you compile your own code with the following macro set: * SUPPORT_64BIT_OFFSET * Otherwise comment it out, or you will get a linker error of an unresolved symbol... * Turned on by default! */ #if !(defined(DISTORM_STATIC) || defined(DISTORM_DYNAMIC)) /* Define this macro for outer projects by default. */ #define SUPPORT_64BIT_OFFSET #endif /* TINYC has a problem with some 64bits library functions, so ignore 64 bit offsets. */ #ifdef __TINYC__ #undef SUPPORT_64BIT_OFFSET #endif /* If your compiler doesn't support stdint.h, define your own 64 bits type. */ #ifdef SUPPORT_64BIT_OFFSET #ifdef _MSC_VER #define OFFSET_INTEGER unsigned __int64 #else #include #define OFFSET_INTEGER uint64_t #endif #else /* 32 bit offsets are used. */ #define OFFSET_INTEGER unsigned long #endif #ifdef _MSC_VER /* Since MSVC isn't shipped with stdint.h, we will have our own: */ typedef signed __int64 int64_t; typedef unsigned __int64 uint64_t; typedef signed __int32 int32_t; typedef unsigned __int32 uint32_t; typedef signed __int16 int16_t; typedef unsigned __int16 uint16_t; typedef signed __int8 int8_t; typedef unsigned __int8 uint8_t; #endif /* Support C++ compilers */ #ifdef __cplusplus extern "C" { #endif /* *** Helper Macros *** */ /* Get the ISC of the instruction, used with the definitions below. */ #define META_GET_ISC(meta) (((meta) >> 3) & 0x1f) #define META_SET_ISC(di, isc) (((di)->meta) |= ((isc) << 3)) /* Get the flow control flags of the instruction, see 'features for decompose' below. */ #define META_GET_FC(meta) ((meta) & 0x7) /* Get the target address of a branching instruction. O_PC operand type. */ #define INSTRUCTION_GET_TARGET(di) ((_OffsetType)(((di)->addr + (di)->imm.addr + (di)->size))) /* Get the target address of a RIP-relative memory indirection. */ #define INSTRUCTION_GET_RIP_TARGET(di) ((_OffsetType)(((di)->addr + (di)->disp + (di)->size))) /* * Operand Size or Adderss size are stored inside the flags: * 00 - 16 bits * 01 - 32 bits * 10 - 64 bits * 11 - reserved * * If you call these set-macros more than once, you will have to clean the bits before doing so. */ #define FLAG_SET_OPSIZE(di, size) ((di->flags) |= (((size) & 3) << 8)) #define FLAG_SET_ADDRSIZE(di, size) ((di->flags) |= (((size) & 3) << 10)) #define FLAG_GET_OPSIZE(flags) (((flags) >> 8) & 3) #define FLAG_GET_ADDRSIZE(flags) (((flags) >> 10) & 3) /* To get the LOCK/REPNZ/REP prefixes. */ #define FLAG_GET_PREFIX(flags) ((flags) & 7) /* Indicates whether the instruction is privileged. */ #define FLAG_GET_PRIVILEGED(flags) (((flags) & FLAG_PRIVILEGED_INSTRUCTION) != 0) /* * Macros to extract segment registers from 'segment': */ #define SEGMENT_DEFAULT 0x80 #define SEGMENT_SET(di, seg) ((di->segment) |= seg) #define SEGMENT_GET(segment) (((segment) == R_NONE) ? R_NONE : ((segment) & 0x7f)) #define SEGMENT_IS_DEFAULT(segment) (((segment) & SEGMENT_DEFAULT) == SEGMENT_DEFAULT) /* Decodes modes of the disassembler, 16 bits or 32 bits or 64 bits for AMD64, x86-64. */ typedef enum { Decode16Bits = 0, Decode32Bits = 1, Decode64Bits = 2 } _DecodeType; typedef OFFSET_INTEGER _OffsetType; typedef struct { _OffsetType codeOffset, nextOffset; /* nextOffset is OUT only. */ const uint8_t* code; int codeLen; /* Using signed integer makes it easier to detect an underflow. */ _DecodeType dt; unsigned int features; } _CodeInfo; typedef enum { O_NONE, O_REG, O_IMM, O_IMM1, O_IMM2, O_DISP, O_SMEM, O_MEM, O_PC, O_PTR } _OperandType; typedef union { /* Used by O_IMM: */ int8_t sbyte; uint8_t byte; int16_t sword; uint16_t word; int32_t sdword; uint32_t dword; int64_t sqword; /* All immediates are SIGN-EXTENDED to 64 bits! */ uint64_t qword; /* Used by O_PC: (Use GET_TARGET_ADDR).*/ _OffsetType addr; /* It's a relative offset as for now. */ /* Used by O_PTR: */ struct { uint16_t seg; /* Can be 16 or 32 bits, size is in ops[n].size. */ uint32_t off; } ptr; /* Used by O_IMM1 (i1) and O_IMM2 (i2). ENTER instruction only. */ struct { uint32_t i1; uint32_t i2; } ex; } _Value; typedef struct { /* Type of operand: O_NONE: operand is to be ignored. O_REG: index holds global register index. O_IMM: instruction.imm. O_IMM1: instruction.imm.ex.i1. O_IMM2: instruction.imm.ex.i2. O_DISP: memory dereference with displacement only, instruction.disp. O_SMEM: simple memory dereference with optional displacement (a single register memory dereference). O_MEM: complex memory dereference (optional fields: s/i/b/disp). O_PC: the relative address of a branch instruction (instruction.imm.addr). O_PTR: the absolute target address of a far branch instruction (instruction.imm.ptr.seg/off). */ uint8_t type; /* _OperandType */ /* Index of: O_REG: holds global register index O_SMEM: holds the 'base' register. E.G: [ECX], [EBX+0x1234] are both in operand.index. O_MEM: holds the 'index' register. E.G: [EAX*4] is in operand.index. */ uint8_t index; /* Size in bits of: O_REG: register O_IMM: instruction.imm O_IMM1: instruction.imm.ex.i1 O_IMM2: instruction.imm.ex.i2 O_DISP: instruction.disp O_SMEM: size of indirection. O_MEM: size of indirection. O_PC: size of the relative offset O_PTR: size of instruction.imm.ptr.off (16 or 32) */ uint16_t size; } _Operand; #define OPCODE_ID_NONE 0 /* Instruction could not be disassembled. */ #define FLAG_NOT_DECODABLE ((uint16_t)-1) /* The instruction locks memory access. */ #define FLAG_LOCK (1 << 0) /* The instruction is prefixed with a REPNZ. */ #define FLAG_REPNZ (1 << 1) /* The instruction is prefixed with a REP, this can be a REPZ, it depends on the specific instruction. */ #define FLAG_REP (1 << 2) /* Indicates there is a hint taken for Jcc instructions only. */ #define FLAG_HINT_TAKEN (1 << 3) /* Indicates there is a hint non-taken for Jcc instructions only. */ #define FLAG_HINT_NOT_TAKEN (1 << 4) /* The Imm value is signed extended (E.G in 64 bit decoding mode, a 32 bit imm is usually sign extended into 64 bit imm). */ #define FLAG_IMM_SIGNED (1 << 5) /* The destination operand is writable. */ #define FLAG_DST_WR (1 << 6) /* The instruction uses RIP-relative indirection. */ #define FLAG_RIP_RELATIVE (1 << 7) /* See flag FLAG_GET_XXX macros above. */ /* The instruction is privileged and can only be used from Ring0. */ #define FLAG_PRIVILEGED_INSTRUCTION (1 << 15) /* No register was defined. */ #define R_NONE ((uint8_t)-1) #define REGS64_BASE 0 #define REGS32_BASE 16 #define REGS16_BASE 32 #define REGS8_BASE 48 #define REGS8_REX_BASE 64 #define SREGS_BASE 68 #define FPUREGS_BASE 75 #define MMXREGS_BASE 83 #define SSEREGS_BASE 91 #define AVXREGS_BASE 107 #define CREGS_BASE 123 #define DREGS_BASE 132 #define OPERANDS_NO (4) typedef struct { /* Used by ops[n].type == O_IMM/O_IMM1&O_IMM2/O_PTR/O_PC. Its size is ops[n].size. */ _Value imm; /* Used by ops[n].type == O_SMEM/O_MEM/O_DISP. Its size is dispSize. */ uint64_t disp; /* Virtual address of first byte of instruction. */ _OffsetType addr; /* General flags of instruction, holds prefixes and more, if FLAG_NOT_DECODABLE, instruction is invalid. */ uint16_t flags; /* Unused prefixes mask, for each bit that is set that prefix is not used (LSB is byte [addr + 0]). */ uint16_t unusedPrefixesMask; /* Mask of registers that were used in the operands, only used for quick look up, in order to know *some* operand uses that register class. */ uint32_t usedRegistersMask; /* ID of opcode in the global opcode table. Use for mnemonic look up. */ uint16_t opcode; /* Up to four operands per instruction, ignored if ops[n].type == O_NONE. */ _Operand ops[OPERANDS_NO]; /* Size of the whole instruction in bytes. */ uint8_t size; /* Segment information of memory indirection, default segment, or overriden one, can be -1. Use SEGMENT macros. */ uint8_t segment; /* Used by ops[n].type == O_MEM. Base global register index (might be R_NONE), scale size (2/4/8), ignored for 0 or 1. */ uint8_t base, scale; uint8_t dispSize; /* Meta defines the instruction set class, and the flow control flags. Use META macros. */ uint8_t meta; /* The CPU flags that the instruction operates upon. */ uint16_t modifiedFlagsMask, testedFlagsMask, undefinedFlagsMask; } _DInst; #ifndef DISTORM_LIGHT /* Static size of strings. Do not change this value. Keep Python wrapper in sync. */ #define MAX_TEXT_SIZE (48) typedef struct { unsigned int length; unsigned char p[MAX_TEXT_SIZE]; /* p is a null terminated string. */ } _WString; /* * Old decoded instruction structure in text format. * Used only for backward compatibility with diStorm64. * This structure holds all information the disassembler generates per instruction. */ typedef struct { _WString mnemonic; /* Mnemonic of decoded instruction, prefixed if required by REP, LOCK etc. */ _WString operands; /* Operands of the decoded instruction, up to 3 operands, comma-seperated. */ _WString instructionHex; /* Hex dump - little endian, including prefixes. */ unsigned int size; /* Size of decoded instruction in bytes. */ _OffsetType offset; /* Start offset of the decoded instruction. */ } _DecodedInst; #endif /* DISTORM_LIGHT */ /* Register masks for quick look up, each mask indicates one of a register-class that is being used in some operand. */ #define RM_AX 1 /* AL, AH, AX, EAX, RAX */ #define RM_CX 2 /* CL, CH, CX, ECX, RCX */ #define RM_DX 4 /* DL, DH, DX, EDX, RDX */ #define RM_BX 8 /* BL, BH, BX, EBX, RBX */ #define RM_SP 0x10 /* SPL, SP, ESP, RSP */ #define RM_BP 0x20 /* BPL, BP, EBP, RBP */ #define RM_SI 0x40 /* SIL, SI, ESI, RSI */ #define RM_DI 0x80 /* DIL, DI, EDI, RDI */ #define RM_FPU 0x100 /* ST(0) - ST(7) */ #define RM_MMX 0x200 /* MM0 - MM7 */ #define RM_SSE 0x400 /* XMM0 - XMM15 */ #define RM_AVX 0x800 /* YMM0 - YMM15 */ #define RM_CR 0x1000 /* CR0, CR2, CR3, CR4, CR8 */ #define RM_DR 0x2000 /* DR0, DR1, DR2, DR3, DR6, DR7 */ #define RM_R8 0x4000 /* R8B, R8W, R8D, R8 */ #define RM_R9 0x8000 /* R9B, R9W, R9D, R9 */ #define RM_R10 0x10000 /* R10B, R10W, R10D, R10 */ #define RM_R11 0x20000 /* R11B, R11W, R11D, R11 */ #define RM_R12 0x40000 /* R12B, R12W, R12D, R12 */ #define RM_R13 0x80000 /* R13B, R13W, R13D, R13 */ #define RM_R14 0x100000 /* R14B, R14W, R14D, R14 */ #define RM_R15 0x200000 /* R15B, R15W, R15D, R15 */ /* RIP should be checked using the 'flags' field and FLAG_RIP_RELATIVE. * Segments should be checked using the segment macros. * For now R8 - R15 are not supported and non general purpose registers map into same RM. */ /* CPU flags that instructions modify, test or undefine (are EFLAGS compatible!). */ #define D_CF 1 /* Carry */ #define D_PF 4 /* Parity */ #define D_AF 0x10 /* Auxiliary */ #define D_ZF 0x40 /* Zero */ #define D_SF 0x80 /* Sign */ #define D_IF 0x200 /* Interrupt */ #define D_DF 0x400 /* Direction */ #define D_OF 0x800 /* Overflow */ /* * Instructions Set classes: * if you want a better understanding of the available classes, look at disOps project, file: x86sets.py. */ /* Indicates the instruction belongs to the General Integer set. */ #define ISC_INTEGER 1 /* Indicates the instruction belongs to the 387 FPU set. */ #define ISC_FPU 2 /* Indicates the instruction belongs to the P6 set. */ #define ISC_P6 3 /* Indicates the instruction belongs to the MMX set. */ #define ISC_MMX 4 /* Indicates the instruction belongs to the SSE set. */ #define ISC_SSE 5 /* Indicates the instruction belongs to the SSE2 set. */ #define ISC_SSE2 6 /* Indicates the instruction belongs to the SSE3 set. */ #define ISC_SSE3 7 /* Indicates the instruction belongs to the SSSE3 set. */ #define ISC_SSSE3 8 /* Indicates the instruction belongs to the SSE4.1 set. */ #define ISC_SSE4_1 9 /* Indicates the instruction belongs to the SSE4.2 set. */ #define ISC_SSE4_2 10 /* Indicates the instruction belongs to the AMD's SSE4.A set. */ #define ISC_SSE4_A 11 /* Indicates the instruction belongs to the 3DNow! set. */ #define ISC_3DNOW 12 /* Indicates the instruction belongs to the 3DNow! Extensions set. */ #define ISC_3DNOWEXT 13 /* Indicates the instruction belongs to the VMX (Intel) set. */ #define ISC_VMX 14 /* Indicates the instruction belongs to the SVM (AMD) set. */ #define ISC_SVM 15 /* Indicates the instruction belongs to the AVX (Intel) set. */ #define ISC_AVX 16 /* Indicates the instruction belongs to the FMA (Intel) set. */ #define ISC_FMA 17 /* Indicates the instruction belongs to the AES/AVX (Intel) set. */ #define ISC_AES 18 /* Indicates the instruction belongs to the CLMUL (Intel) set. */ #define ISC_CLMUL 19 /* Features for decompose: */ #define DF_NONE 0 /* The decoder will limit addresses to a maximum of 16 bits. */ #define DF_MAXIMUM_ADDR16 1 /* The decoder will limit addresses to a maximum of 32 bits. */ #define DF_MAXIMUM_ADDR32 2 /* The decoder will return only flow control instructions (and filter the others internally). */ #define DF_RETURN_FC_ONLY 4 /* The decoder will stop and return to the caller when the instruction 'CALL' (near and far) was decoded. */ #define DF_STOP_ON_CALL 8 /* The decoder will stop and return to the caller when the instruction 'RET' (near and far) was decoded. */ #define DF_STOP_ON_RET 0x10 /* The decoder will stop and return to the caller when the instruction system-call/ret was decoded. */ #define DF_STOP_ON_SYS 0x20 /* The decoder will stop and return to the caller when any of the branch 'JMP', (near and far) instructions were decoded. */ #define DF_STOP_ON_UNC_BRANCH 0x40 /* The decoder will stop and return to the caller when any of the conditional branch instruction were decoded. */ #define DF_STOP_ON_CND_BRANCH 0x80 /* The decoder will stop and return to the caller when the instruction 'INT' (INT, INT1, INTO, INT 3) was decoded. */ #define DF_STOP_ON_INT 0x100 /* The decoder will stop and return to the caller when any of the 'CMOVxx' instruction was decoded. */ #define DF_STOP_ON_CMOV 0x200 /* The decoder will stop and return to the caller when any flow control instruction was decoded. */ #define DF_STOP_ON_FLOW_CONTROL (DF_STOP_ON_CALL | DF_STOP_ON_RET | DF_STOP_ON_SYS | DF_STOP_ON_UNC_BRANCH | DF_STOP_ON_CND_BRANCH | DF_STOP_ON_INT | DF_STOP_ON_CMOV) /* Indicates the instruction is not a flow-control instruction. */ #define FC_NONE 0 /* Indicates the instruction is one of: CALL, CALL FAR. */ #define FC_CALL 1 /* Indicates the instruction is one of: RET, IRET, RETF. */ #define FC_RET 2 /* Indicates the instruction is one of: SYSCALL, SYSRET, SYSENTER, SYSEXIT. */ #define FC_SYS 3 /* Indicates the instruction is one of: JMP, JMP FAR. */ #define FC_UNC_BRANCH 4 /* * Indicates the instruction is one of: * JCXZ, JO, JNO, JB, JAE, JZ, JNZ, JBE, JA, JS, JNS, JP, JNP, JL, JGE, JLE, JG, LOOP, LOOPZ, LOOPNZ. */ #define FC_CND_BRANCH 5 /* Indiciates the instruction is one of: INT, INT1, INT 3, INTO, UD2. */ #define FC_INT 6 /* Indicates the instruction is one of: CMOVxx. */ #define FC_CMOV 7 /* Return code of the decoding function. */ typedef enum { DECRES_NONE, DECRES_SUCCESS, DECRES_MEMORYERR, DECRES_INPUTERR, DECRES_FILTERED } _DecodeResult; /* Define the following interface functions only for outer projects. */ #if !(defined(DISTORM_STATIC) || defined(DISTORM_DYNAMIC)) /* distorm_decode * Input: * offset - Origin of the given code (virtual address that is), NOT an offset in code. * code - Pointer to the code buffer to be disassembled. * length - Amount of bytes that should be decoded from the code buffer. * dt - Decoding mode, 16 bits (Decode16Bits), 32 bits (Decode32Bits) or AMD64 (Decode64Bits). * result - Array of type _DecodeInst which will be used by this function in order to return the disassembled instructions. * maxInstructions - The maximum number of entries in the result array that you pass to this function, so it won't exceed its bound. * usedInstructionsCount - Number of the instruction that successfully were disassembled and written to the result array. * Output: usedInstructionsCount will hold the number of entries used in the result array * and the result array itself will be filled with the disassembled instructions. * Return: DECRES_SUCCESS on success (no more to disassemble), DECRES_INPUTERR on input error (null code buffer, invalid decoding mode, etc...), * DECRES_MEMORYERR when there are not enough entries to use in the result array, BUT YOU STILL have to check for usedInstructionsCount! * Side-Effects: Even if the return code is DECRES_MEMORYERR, there might STILL be data in the * array you passed, this function will try to use as much entries as possible! * Notes: 1)The minimal size of maxInstructions is 15. * 2)You will have to synchronize the offset,code and length by yourself if you pass code fragments and not a complete code block! */ /* distorm_decompose * See more documentation online at the GitHub project's wiki. * */ #ifdef SUPPORT_64BIT_OFFSET _DecodeResult distorm_decompose64(_CodeInfo* ci, _DInst result[], unsigned int maxInstructions, unsigned int* usedInstructionsCount); #define distorm_decompose distorm_decompose64 #ifndef DISTORM_LIGHT /* If distorm-light is defined, we won't export these text-formatting functionality. */ _DecodeResult distorm_decode64(_OffsetType codeOffset, const unsigned char* code, int codeLen, _DecodeType dt, _DecodedInst result[], unsigned int maxInstructions, unsigned int* usedInstructionsCount); void distorm_format64(const _CodeInfo* ci, const _DInst* di, _DecodedInst* result); #define distorm_decode distorm_decode64 #define distorm_format distorm_format64 #endif /*DISTORM_LIGHT*/ #else /*SUPPORT_64BIT_OFFSET*/ _DecodeResult distorm_decompose32(_CodeInfo* ci, _DInst result[], unsigned int maxInstructions, unsigned int* usedInstructionsCount); #define distorm_decompose distorm_decompose32 #ifndef DISTORM_LIGHT /* If distorm-light is defined, we won't export these text-formatting functionality. */ _DecodeResult distorm_decode32(_OffsetType codeOffset, const unsigned char* code, int codeLen, _DecodeType dt, _DecodedInst result[], unsigned int maxInstructions, unsigned int* usedInstructionsCount); void distorm_format32(const _CodeInfo* ci, const _DInst* di, _DecodedInst* result); #define distorm_decode distorm_decode32 #define distorm_format distorm_format32 #endif /*DISTORM_LIGHT*/ #endif /* * distorm_version * Input: * none * * Output: unsigned int - version of compiled library. */ unsigned int distorm_version(void); #endif /* DISTORM_STATIC */ #ifdef __cplusplus } /* End Of Extern */ #endif #endif /* DISTORM_H */ distorm-3.4.1/include/mnemonics.h000077500000000000000000000536421340425302400167760ustar00rootroot00000000000000/* mnemonics.h diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #ifndef MNEMONICS_H #define MNEMONICS_H #ifdef __cplusplus extern "C" { #endif #ifndef DISTORM_LIGHT typedef struct WMnemonic { unsigned char length; unsigned char p[1]; /* p is a null terminated string, which contains 'length' characters. */ } _WMnemonic; typedef struct WRegister { unsigned int length; unsigned char p[6]; /* p is a null terminated string. */ } _WRegister; extern const unsigned char _MNEMONICS[]; extern const _WRegister _REGISTERS[]; #endif /* DISTORM_LIGHT */ #ifdef __cplusplus } /* End Of Extern */ #endif #define GET_REGISTER_NAME(r) (unsigned char*)_REGISTERS[(r)].p #define GET_MNEMONIC_NAME(m) ((_WMnemonic*)&_MNEMONICS[(m)])->p typedef enum { I_UNDEFINED = 0, I_AAA = 66, I_AAD = 389, I_AAM = 384, I_AAS = 76, I_ADC = 31, I_ADD = 11, I_ADDPD = 3132, I_ADDPS = 3125, I_ADDSD = 3146, I_ADDSS = 3139, I_ADDSUBPD = 6416, I_ADDSUBPS = 6426, I_AESDEC = 9231, I_AESDECLAST = 9248, I_AESENC = 9189, I_AESENCLAST = 9206, I_AESIMC = 9172, I_AESKEYGENASSIST = 9817, I_AND = 41, I_ANDNPD = 3043, I_ANDNPS = 3035, I_ANDPD = 3012, I_ANDPS = 3005, I_ARPL = 111, I_BLENDPD = 9394, I_BLENDPS = 9375, I_BLENDVPD = 7641, I_BLENDVPS = 7631, I_BOUND = 104, I_BSF = 4368, I_BSR = 4380, I_BSWAP = 960, I_BT = 872, I_BTC = 934, I_BTR = 912, I_BTS = 887, I_CALL = 456, I_CALL_FAR = 260, I_CBW = 228, I_CDQ = 250, I_CDQE = 239, I_CLC = 492, I_CLD = 512, I_CLFLUSH = 4351, I_CLGI = 1855, I_CLI = 502, I_CLTS = 541, I_CMC = 487, I_CMOVA = 694, I_CMOVAE = 663, I_CMOVB = 656, I_CMOVBE = 686, I_CMOVG = 754, I_CMOVGE = 738, I_CMOVL = 731, I_CMOVLE = 746, I_CMOVNO = 648, I_CMOVNP = 723, I_CMOVNS = 708, I_CMOVNZ = 678, I_CMOVO = 641, I_CMOVP = 716, I_CMOVS = 701, I_CMOVZ = 671, I_CMP = 71, I_CMPEQPD = 4471, I_CMPEQPS = 4392, I_CMPEQSD = 4629, I_CMPEQSS = 4550, I_CMPLEPD = 4489, I_CMPLEPS = 4410, I_CMPLESD = 4647, I_CMPLESS = 4568, I_CMPLTPD = 4480, I_CMPLTPS = 4401, I_CMPLTSD = 4638, I_CMPLTSS = 4559, I_CMPNEQPD = 4510, I_CMPNEQPS = 4431, I_CMPNEQSD = 4668, I_CMPNEQSS = 4589, I_CMPNLEPD = 4530, I_CMPNLEPS = 4451, I_CMPNLESD = 4688, I_CMPNLESS = 4609, I_CMPNLTPD = 4520, I_CMPNLTPS = 4441, I_CMPNLTSD = 4678, I_CMPNLTSS = 4599, I_CMPORDPD = 4540, I_CMPORDPS = 4461, I_CMPORDSD = 4698, I_CMPORDSS = 4619, I_CMPS = 301, I_CMPUNORDPD = 4498, I_CMPUNORDPS = 4419, I_CMPUNORDSD = 4656, I_CMPUNORDSS = 4577, I_CMPXCHG = 898, I_CMPXCHG16B = 6395, I_CMPXCHG8B = 6384, I_COMISD = 2801, I_COMISS = 2793, I_CPUID = 865, I_CQO = 255, I_CRC32 = 9280, I_CVTDQ2PD = 6809, I_CVTDQ2PS = 3329, I_CVTPD2DQ = 6819, I_CVTPD2PI = 2703, I_CVTPD2PS = 3255, I_CVTPH2PS = 4183, I_CVTPI2PD = 2517, I_CVTPI2PS = 2507, I_CVTPS2DQ = 3339, I_CVTPS2PD = 3245, I_CVTPS2PH = 4193, I_CVTPS2PI = 2693, I_CVTSD2SI = 2723, I_CVTSD2SS = 3275, I_CVTSI2SD = 2537, I_CVTSI2SS = 2527, I_CVTSS2SD = 3265, I_CVTSS2SI = 2713, I_CVTTPD2DQ = 6798, I_CVTTPD2PI = 2636, I_CVTTPS2DQ = 3349, I_CVTTPS2PI = 2625, I_CVTTSD2SI = 2658, I_CVTTSS2SI = 2647, I_CWD = 245, I_CWDE = 233, I_DAA = 46, I_DAS = 56, I_DEC = 86, I_DIV = 1646, I_DIVPD = 3521, I_DIVPS = 3514, I_DIVSD = 3535, I_DIVSS = 3528, I_DPPD = 9637, I_DPPS = 9624, I_EMMS = 4122, I_ENTER = 340, I_EXTRACTPS = 9502, I_EXTRQ = 4158, I_F2XM1 = 1192, I_FABS = 1123, I_FADD = 1023, I_FADDP = 1549, I_FBLD = 1601, I_FBSTP = 1607, I_FCHS = 1117, I_FCLEX = 7311, I_FCMOVB = 1376, I_FCMOVBE = 1392, I_FCMOVE = 1384, I_FCMOVNB = 1445, I_FCMOVNBE = 1463, I_FCMOVNE = 1454, I_FCMOVNU = 1473, I_FCMOVU = 1401, I_FCOM = 1035, I_FCOMI = 1512, I_FCOMIP = 1623, I_FCOMP = 1041, I_FCOMPP = 1563, I_FCOS = 1311, I_FDECSTP = 1238, I_FDIV = 1061, I_FDIVP = 1594, I_FDIVR = 1067, I_FDIVRP = 1586, I_FEDISI = 1488, I_FEMMS = 574, I_FENI = 1482, I_FFREE = 1527, I_FIADD = 1317, I_FICOM = 1331, I_FICOMP = 1338, I_FIDIV = 1361, I_FIDIVR = 1368, I_FILD = 1418, I_FIMUL = 1324, I_FINCSTP = 1247, I_FINIT = 7326, I_FIST = 1432, I_FISTP = 1438, I_FISTTP = 1424, I_FISUB = 1346, I_FISUBR = 1353, I_FLD = 1074, I_FLD1 = 1141, I_FLDCW = 1098, I_FLDENV = 1090, I_FLDL2E = 1155, I_FLDL2T = 1147, I_FLDLG2 = 1170, I_FLDLN2 = 1178, I_FLDPI = 1163, I_FLDZ = 1186, I_FMUL = 1029, I_FMULP = 1556, I_FNCLEX = 7303, I_FNINIT = 7318, I_FNOP = 1111, I_FNSAVE = 7333, I_FNSTCW = 7288, I_FNSTENV = 7271, I_FNSTSW = 7348, I_FPATAN = 1213, I_FPREM = 1256, I_FPREM1 = 1230, I_FPTAN = 1206, I_FRNDINT = 1288, I_FRSTOR = 1519, I_FSAVE = 7341, I_FSCALE = 1297, I_FSETPM = 1496, I_FSIN = 1305, I_FSINCOS = 1279, I_FSQRT = 1272, I_FST = 1079, I_FSTCW = 7296, I_FSTENV = 7280, I_FSTP = 1084, I_FSTSW = 7356, I_FSUB = 1048, I_FSUBP = 1579, I_FSUBR = 1054, I_FSUBRP = 1571, I_FTST = 1129, I_FUCOM = 1534, I_FUCOMI = 1504, I_FUCOMIP = 1614, I_FUCOMP = 1541, I_FUCOMPP = 1409, I_FXAM = 1135, I_FXCH = 1105, I_FXRSTOR = 9914, I_FXRSTOR64 = 9923, I_FXSAVE = 9886, I_FXSAVE64 = 9894, I_FXTRACT = 1221, I_FYL2X = 1199, I_FYL2XP1 = 1263, I_GETSEC = 633, I_HADDPD = 4203, I_HADDPS = 4211, I_HLT = 482, I_HSUBPD = 4237, I_HSUBPS = 4245, I_IDIV = 1651, I_IMUL = 117, I_IN = 447, I_INC = 81, I_INS = 123, I_INSERTPS = 9569, I_INSERTQ = 4165, I_INT = 367, I_INT_3 = 360, I_INT1 = 476, I_INTO = 372, I_INVD = 555, I_INVEPT = 8306, I_INVLPG = 1727, I_INVLPGA = 1869, I_INVPCID = 8323, I_INVVPID = 8314, I_IRET = 378, I_JA = 166, I_JAE = 147, I_JB = 143, I_JBE = 161, I_JCXZ = 427, I_JECXZ = 433, I_JG = 202, I_JGE = 192, I_JL = 188, I_JLE = 197, I_JMP = 462, I_JMP_FAR = 467, I_JNO = 138, I_JNP = 183, I_JNS = 174, I_JNZ = 156, I_JO = 134, I_JP = 179, I_JRCXZ = 440, I_JS = 170, I_JZ = 152, I_LAHF = 289, I_LAR = 522, I_LDDQU = 7016, I_LDMXCSR = 9944, I_LDS = 335, I_LEA = 223, I_LEAVE = 347, I_LES = 330, I_LFENCE = 4287, I_LFS = 917, I_LGDT = 1703, I_LGS = 922, I_LIDT = 1709, I_LLDT = 1668, I_LMSW = 1721, I_LODS = 313, I_LOOP = 421, I_LOOPNZ = 406, I_LOOPZ = 414, I_LSL = 527, I_LSS = 907, I_LTR = 1674, I_LZCNT = 4385, I_MASKMOVDQU = 7141, I_MASKMOVQ = 7131, I_MAXPD = 3581, I_MAXPS = 3574, I_MAXSD = 3595, I_MAXSS = 3588, I_MFENCE = 4313, I_MINPD = 3461, I_MINPS = 3454, I_MINSD = 3475, I_MINSS = 3468, I_MONITOR = 1771, I_MOV = 218, I_MOVAPD = 2481, I_MOVAPS = 2473, I_MOVBE = 9273, I_MOVD = 3942, I_MOVDDUP = 2208, I_MOVDQ2Q = 6544, I_MOVDQA = 3968, I_MOVDQU = 3976, I_MOVHLPS = 2173, I_MOVHPD = 2367, I_MOVHPS = 2359, I_MOVLHPS = 2350, I_MOVLPD = 2190, I_MOVLPS = 2182, I_MOVMSKPD = 2837, I_MOVMSKPS = 2827, I_MOVNTDQ = 6871, I_MOVNTDQA = 7917, I_MOVNTI = 952, I_MOVNTPD = 2578, I_MOVNTPS = 2569, I_MOVNTQ = 6863, I_MOVNTSD = 2596, I_MOVNTSS = 2587, I_MOVQ = 3948, I_MOVQ2DQ = 6535, I_MOVS = 295, I_MOVSD = 2132, I_MOVSHDUP = 2375, I_MOVSLDUP = 2198, I_MOVSS = 2125, I_MOVSX = 939, I_MOVSXD = 10027, I_MOVUPD = 2117, I_MOVUPS = 2109, I_MOVZX = 927, I_MPSADBW = 9650, I_MUL = 1641, I_MULPD = 3192, I_MULPS = 3185, I_MULSD = 3206, I_MULSS = 3199, I_MWAIT = 1780, I_NEG = 1636, I_NOP = 581, I_NOT = 1631, I_OR = 27, I_ORPD = 3075, I_ORPS = 3069, I_OUT = 451, I_OUTS = 128, I_PABSB = 7710, I_PABSD = 7740, I_PABSW = 7725, I_PACKSSDW = 3871, I_PACKSSWB = 3703, I_PACKUSDW = 7938, I_PACKUSWB = 3781, I_PADDB = 7226, I_PADDD = 7256, I_PADDQ = 6503, I_PADDSB = 6952, I_PADDSW = 6969, I_PADDUSB = 6642, I_PADDUSW = 6661, I_PADDW = 7241, I_PALIGNR = 9432, I_PAND = 6629, I_PANDN = 6687, I_PAUSE = 10035, I_PAVGB = 6702, I_PAVGUSB = 2100, I_PAVGW = 6747, I_PBLENDVB = 7621, I_PBLENDW = 9413, I_PCLMULQDQ = 9669, I_PCMPEQB = 4065, I_PCMPEQD = 4103, I_PCMPEQQ = 7898, I_PCMPEQW = 4084, I_PCMPESTRI = 9748, I_PCMPESTRM = 9725, I_PCMPGTB = 3724, I_PCMPGTD = 3762, I_PCMPGTQ = 8109, I_PCMPGTW = 3743, I_PCMPISTRI = 9794, I_PCMPISTRM = 9771, I_PEXTRB = 9451, I_PEXTRD = 9468, I_PEXTRQ = 9476, I_PEXTRW = 6333, I_PF2ID = 1936, I_PF2IW = 1929, I_PFACC = 2050, I_PFADD = 1999, I_PFCMPEQ = 2057, I_PFCMPGE = 1960, I_PFCMPGT = 2006, I_PFMAX = 2015, I_PFMIN = 1969, I_PFMUL = 2066, I_PFNACC = 1943, I_PFPNACC = 1951, I_PFRCP = 1976, I_PFRCPIT1 = 2022, I_PFRCPIT2 = 2073, I_PFRSQIT1 = 2032, I_PFRSQRT = 1983, I_PFSUB = 1992, I_PFSUBR = 2042, I_PHADDD = 7397, I_PHADDSW = 7414, I_PHADDW = 7380, I_PHMINPOSUW = 8281, I_PHSUBD = 7473, I_PHSUBSW = 7490, I_PHSUBW = 7456, I_PI2FD = 1922, I_PI2FW = 1915, I_PINSRB = 9552, I_PINSRD = 9590, I_PINSRQ = 9598, I_PINSRW = 6316, I_PMADDUBSW = 7433, I_PMADDWD = 7095, I_PMAXSB = 8196, I_PMAXSD = 8213, I_PMAXSW = 6986, I_PMAXUB = 6670, I_PMAXUD = 8247, I_PMAXUW = 8230, I_PMINSB = 8128, I_PMINSD = 8145, I_PMINSW = 6924, I_PMINUB = 6612, I_PMINUD = 8179, I_PMINUW = 8162, I_PMOVMSKB = 6553, I_PMOVSXBD = 7776, I_PMOVSXBQ = 7797, I_PMOVSXBW = 7755, I_PMOVSXDQ = 7860, I_PMOVSXWD = 7818, I_PMOVSXWQ = 7839, I_PMOVZXBD = 8004, I_PMOVZXBQ = 8025, I_PMOVZXBW = 7983, I_PMOVZXDQ = 8088, I_PMOVZXWD = 8046, I_PMOVZXWQ = 8067, I_PMULDQ = 7881, I_PMULHRSW = 7560, I_PMULHRW = 2083, I_PMULHUW = 6762, I_PMULHW = 6781, I_PMULLD = 8264, I_PMULLW = 6518, I_PMULUDQ = 7076, I_POP = 22, I_POPA = 98, I_POPCNT = 4360, I_POPF = 277, I_POR = 6941, I_PREFETCH = 1894, I_PREFETCHNTA = 2424, I_PREFETCHT0 = 2437, I_PREFETCHT1 = 2449, I_PREFETCHT2 = 2461, I_PREFETCHW = 1904, I_PSADBW = 7114, I_PSHUFB = 7363, I_PSHUFD = 4010, I_PSHUFHW = 4018, I_PSHUFLW = 4027, I_PSHUFW = 4002, I_PSIGNB = 7509, I_PSIGND = 7543, I_PSIGNW = 7526, I_PSLLD = 7046, I_PSLLDQ = 9869, I_PSLLQ = 7061, I_PSLLW = 7031, I_PSRAD = 6732, I_PSRAW = 6717, I_PSRLD = 6473, I_PSRLDQ = 9852, I_PSRLQ = 6488, I_PSRLW = 6458, I_PSUBB = 7166, I_PSUBD = 7196, I_PSUBQ = 7211, I_PSUBSB = 6890, I_PSUBSW = 6907, I_PSUBUSB = 6574, I_PSUBUSW = 6593, I_PSUBW = 7181, I_PSWAPD = 2092, I_PTEST = 7651, I_PUNPCKHBW = 3802, I_PUNPCKHDQ = 3848, I_PUNPCKHQDQ = 3917, I_PUNPCKHWD = 3825, I_PUNPCKLBW = 3634, I_PUNPCKLDQ = 3680, I_PUNPCKLQDQ = 3892, I_PUNPCKLWD = 3657, I_PUSH = 16, I_PUSHA = 91, I_PUSHF = 270, I_PXOR = 7003, I_RCL = 977, I_RCPPS = 2975, I_RCPSS = 2982, I_RCR = 982, I_RDFSBASE = 9904, I_RDGSBASE = 9934, I_RDMSR = 600, I_RDPMC = 607, I_RDRAND = 10048, I_RDTSC = 593, I_RDTSCP = 1886, I_RET = 325, I_RETF = 354, I_ROL = 967, I_ROR = 972, I_ROUNDPD = 9318, I_ROUNDPS = 9299, I_ROUNDSD = 9356, I_ROUNDSS = 9337, I_RSM = 882, I_RSQRTPS = 2937, I_RSQRTSS = 2946, I_SAHF = 283, I_SAL = 997, I_SALC = 394, I_SAR = 1002, I_SBB = 36, I_SCAS = 319, I_SETA = 807, I_SETAE = 780, I_SETB = 774, I_SETBE = 800, I_SETG = 859, I_SETGE = 845, I_SETL = 839, I_SETLE = 852, I_SETNO = 767, I_SETNP = 832, I_SETNS = 819, I_SETNZ = 793, I_SETO = 761, I_SETP = 826, I_SETS = 813, I_SETZ = 787, I_SFENCE = 4343, I_SGDT = 1691, I_SHL = 987, I_SHLD = 876, I_SHR = 992, I_SHRD = 892, I_SHUFPD = 6358, I_SHUFPS = 6350, I_SIDT = 1697, I_SKINIT = 1861, I_SLDT = 1657, I_SMSW = 1715, I_SQRTPD = 2877, I_SQRTPS = 2869, I_SQRTSD = 2893, I_SQRTSS = 2885, I_STC = 497, I_STD = 517, I_STGI = 1849, I_STI = 507, I_STMXCSR = 9973, I_STOS = 307, I_STR = 1663, I_SUB = 51, I_SUBPD = 3401, I_SUBPS = 3394, I_SUBSD = 3415, I_SUBSS = 3408, I_SWAPGS = 1878, I_SYSCALL = 532, I_SYSENTER = 614, I_SYSEXIT = 624, I_SYSRET = 547, I_TEST = 206, I_TZCNT = 4373, I_UCOMISD = 2764, I_UCOMISS = 2755, I_UD2 = 569, I_UNPCKHPD = 2318, I_UNPCKHPS = 2308, I_UNPCKLPD = 2276, I_UNPCKLPS = 2266, I_VADDPD = 3161, I_VADDPS = 3153, I_VADDSD = 3177, I_VADDSS = 3169, I_VADDSUBPD = 6436, I_VADDSUBPS = 6447, I_VAESDEC = 9239, I_VAESDECLAST = 9260, I_VAESENC = 9197, I_VAESENCLAST = 9218, I_VAESIMC = 9180, I_VAESKEYGENASSIST = 9834, I_VANDNPD = 3060, I_VANDNPS = 3051, I_VANDPD = 3027, I_VANDPS = 3019, I_VBLENDPD = 9403, I_VBLENDPS = 9384, I_VBLENDVPD = 9703, I_VBLENDVPS = 9692, I_VBROADCASTF128 = 7694, I_VBROADCASTSD = 7680, I_VBROADCASTSS = 7666, I_VCMPEQPD = 5110, I_VCMPEQPS = 4708, I_VCMPEQSD = 5914, I_VCMPEQSS = 5512, I_VCMPEQ_OSPD = 5291, I_VCMPEQ_OSPS = 4889, I_VCMPEQ_OSSD = 6095, I_VCMPEQ_OSSS = 5693, I_VCMPEQ_UQPD = 5197, I_VCMPEQ_UQPS = 4795, I_VCMPEQ_UQSD = 6001, I_VCMPEQ_UQSS = 5599, I_VCMPEQ_USPD = 5400, I_VCMPEQ_USPS = 4998, I_VCMPEQ_USSD = 6204, I_VCMPEQ_USSS = 5802, I_VCMPFALSEPD = 5232, I_VCMPFALSEPS = 4830, I_VCMPFALSESD = 6036, I_VCMPFALSESS = 5634, I_VCMPFALSE_OSPD = 5441, I_VCMPFALSE_OSPS = 5039, I_VCMPFALSE_OSSD = 6245, I_VCMPFALSE_OSSS = 5843, I_VCMPGEPD = 5259, I_VCMPGEPS = 4857, I_VCMPGESD = 6063, I_VCMPGESS = 5661, I_VCMPGE_OQPD = 5471, I_VCMPGE_OQPS = 5069, I_VCMPGE_OQSD = 6275, I_VCMPGE_OQSS = 5873, I_VCMPGTPD = 5269, I_VCMPGTPS = 4867, I_VCMPGTSD = 6073, I_VCMPGTSS = 5671, I_VCMPGT_OQPD = 5484, I_VCMPGT_OQPS = 5082, I_VCMPGT_OQSD = 6288, I_VCMPGT_OQSS = 5886, I_VCMPLEPD = 5130, I_VCMPLEPS = 4728, I_VCMPLESD = 5934, I_VCMPLESS = 5532, I_VCMPLE_OQPD = 5317, I_VCMPLE_OQPS = 4915, I_VCMPLE_OQSD = 6121, I_VCMPLE_OQSS = 5719, I_VCMPLTPD = 5120, I_VCMPLTPS = 4718, I_VCMPLTSD = 5924, I_VCMPLTSS = 5522, I_VCMPLT_OQPD = 5304, I_VCMPLT_OQPS = 4902, I_VCMPLT_OQSD = 6108, I_VCMPLT_OQSS = 5706, I_VCMPNEQPD = 5153, I_VCMPNEQPS = 4751, I_VCMPNEQSD = 5957, I_VCMPNEQSS = 5555, I_VCMPNEQ_OQPD = 5245, I_VCMPNEQ_OQPS = 4843, I_VCMPNEQ_OQSD = 6049, I_VCMPNEQ_OQSS = 5647, I_VCMPNEQ_OSPD = 5457, I_VCMPNEQ_OSPS = 5055, I_VCMPNEQ_OSSD = 6261, I_VCMPNEQ_OSSS = 5859, I_VCMPNEQ_USPD = 5345, I_VCMPNEQ_USPS = 4943, I_VCMPNEQ_USSD = 6149, I_VCMPNEQ_USSS = 5747, I_VCMPNGEPD = 5210, I_VCMPNGEPS = 4808, I_VCMPNGESD = 6014, I_VCMPNGESS = 5612, I_VCMPNGE_UQPD = 5413, I_VCMPNGE_UQPS = 5011, I_VCMPNGE_UQSD = 6217, I_VCMPNGE_UQSS = 5815, I_VCMPNGTPD = 5221, I_VCMPNGTPS = 4819, I_VCMPNGTSD = 6025, I_VCMPNGTSS = 5623, I_VCMPNGT_UQPD = 5427, I_VCMPNGT_UQPS = 5025, I_VCMPNGT_UQSD = 6231, I_VCMPNGT_UQSS = 5829, I_VCMPNLEPD = 5175, I_VCMPNLEPS = 4773, I_VCMPNLESD = 5979, I_VCMPNLESS = 5577, I_VCMPNLE_UQPD = 5373, I_VCMPNLE_UQPS = 4971, I_VCMPNLE_UQSD = 6177, I_VCMPNLE_UQSS = 5775, I_VCMPNLTPD = 5164, I_VCMPNLTPS = 4762, I_VCMPNLTSD = 5968, I_VCMPNLTSS = 5566, I_VCMPNLT_UQPD = 5359, I_VCMPNLT_UQPS = 4957, I_VCMPNLT_UQSD = 6163, I_VCMPNLT_UQSS = 5761, I_VCMPORDPD = 5186, I_VCMPORDPS = 4784, I_VCMPORDSD = 5990, I_VCMPORDSS = 5588, I_VCMPORD_SPD = 5387, I_VCMPORD_SPS = 4985, I_VCMPORD_SSD = 6191, I_VCMPORD_SSS = 5789, I_VCMPTRUEPD = 5279, I_VCMPTRUEPS = 4877, I_VCMPTRUESD = 6083, I_VCMPTRUESS = 5681, I_VCMPTRUE_USPD = 5497, I_VCMPTRUE_USPS = 5095, I_VCMPTRUE_USSD = 6301, I_VCMPTRUE_USSS = 5899, I_VCMPUNORDPD = 5140, I_VCMPUNORDPS = 4738, I_VCMPUNORDSD = 5944, I_VCMPUNORDSS = 5542, I_VCMPUNORD_SPD = 5330, I_VCMPUNORD_SPS = 4928, I_VCMPUNORD_SSD = 6134, I_VCMPUNORD_SSS = 5732, I_VCOMISD = 2818, I_VCOMISS = 2809, I_VCVTDQ2PD = 6841, I_VCVTDQ2PS = 3360, I_VCVTPD2DQ = 6852, I_VCVTPD2PS = 3296, I_VCVTPS2DQ = 3371, I_VCVTPS2PD = 3285, I_VCVTSD2SI = 2744, I_VCVTSD2SS = 3318, I_VCVTSI2SD = 2558, I_VCVTSI2SS = 2547, I_VCVTSS2SD = 3307, I_VCVTSS2SI = 2733, I_VCVTTPD2DQ = 6829, I_VCVTTPS2DQ = 3382, I_VCVTTSD2SI = 2681, I_VCVTTSS2SI = 2669, I_VDIVPD = 3550, I_VDIVPS = 3542, I_VDIVSD = 3566, I_VDIVSS = 3558, I_VDPPD = 9643, I_VDPPS = 9630, I_VERR = 1679, I_VERW = 1685, I_VEXTRACTF128 = 9538, I_VEXTRACTPS = 9513, I_VFMADD132PD = 8409, I_VFMADD132PS = 8396, I_VFMADD132SD = 8435, I_VFMADD132SS = 8422, I_VFMADD213PD = 8689, I_VFMADD213PS = 8676, I_VFMADD213SD = 8715, I_VFMADD213SS = 8702, I_VFMADD231PD = 8969, I_VFMADD231PS = 8956, I_VFMADD231SD = 8995, I_VFMADD231SS = 8982, I_VFMADDSUB132PD = 8348, I_VFMADDSUB132PS = 8332, I_VFMADDSUB213PD = 8628, I_VFMADDSUB213PS = 8612, I_VFMADDSUB231PD = 8908, I_VFMADDSUB231PS = 8892, I_VFMSUB132PD = 8461, I_VFMSUB132PS = 8448, I_VFMSUB132SD = 8487, I_VFMSUB132SS = 8474, I_VFMSUB213PD = 8741, I_VFMSUB213PS = 8728, I_VFMSUB213SD = 8767, I_VFMSUB213SS = 8754, I_VFMSUB231PD = 9021, I_VFMSUB231PS = 9008, I_VFMSUB231SD = 9047, I_VFMSUB231SS = 9034, I_VFMSUBADD132PD = 8380, I_VFMSUBADD132PS = 8364, I_VFMSUBADD213PD = 8660, I_VFMSUBADD213PS = 8644, I_VFMSUBADD231PD = 8940, I_VFMSUBADD231PS = 8924, I_VFNMADD132PD = 8514, I_VFNMADD132PS = 8500, I_VFNMADD132SD = 8542, I_VFNMADD132SS = 8528, I_VFNMADD213PD = 8794, I_VFNMADD213PS = 8780, I_VFNMADD213SD = 8822, I_VFNMADD213SS = 8808, I_VFNMADD231PD = 9074, I_VFNMADD231PS = 9060, I_VFNMADD231SD = 9102, I_VFNMADD231SS = 9088, I_VFNMSUB132PD = 8570, I_VFNMSUB132PS = 8556, I_VFNMSUB132SD = 8598, I_VFNMSUB132SS = 8584, I_VFNMSUB213PD = 8850, I_VFNMSUB213PS = 8836, I_VFNMSUB213SD = 8878, I_VFNMSUB213SS = 8864, I_VFNMSUB231PD = 9130, I_VFNMSUB231PS = 9116, I_VFNMSUB231SD = 9158, I_VFNMSUB231SS = 9144, I_VHADDPD = 4219, I_VHADDPS = 4228, I_VHSUBPD = 4253, I_VHSUBPS = 4262, I_VINSERTF128 = 9525, I_VINSERTPS = 9579, I_VLDDQU = 7023, I_VLDMXCSR = 9963, I_VMASKMOVDQU = 7153, I_VMASKMOVPD = 7971, I_VMASKMOVPS = 7959, I_VMAXPD = 3610, I_VMAXPS = 3602, I_VMAXSD = 3626, I_VMAXSS = 3618, I_VMCALL = 1735, I_VMCLEAR = 10011, I_VMFUNC = 1803, I_VMINPD = 3490, I_VMINPS = 3482, I_VMINSD = 3506, I_VMINSS = 3498, I_VMLAUNCH = 1743, I_VMLOAD = 1833, I_VMMCALL = 1824, I_VMOVAPD = 2498, I_VMOVAPS = 2489, I_VMOVD = 3954, I_VMOVDDUP = 2256, I_VMOVDQA = 3984, I_VMOVDQU = 3993, I_VMOVHLPS = 2217, I_VMOVHPD = 2404, I_VMOVHPS = 2395, I_VMOVLHPS = 2385, I_VMOVLPD = 2236, I_VMOVLPS = 2227, I_VMOVMSKPD = 2858, I_VMOVMSKPS = 2847, I_VMOVNTDQ = 6880, I_VMOVNTDQA = 7927, I_VMOVNTPD = 2615, I_VMOVNTPS = 2605, I_VMOVQ = 3961, I_VMOVSD = 2165, I_VMOVSHDUP = 2413, I_VMOVSLDUP = 2245, I_VMOVSS = 2157, I_VMOVUPD = 2148, I_VMOVUPS = 2139, I_VMPSADBW = 9659, I_VMPTRLD = 10002, I_VMPTRST = 6407, I_VMREAD = 4150, I_VMRESUME = 1753, I_VMRUN = 1817, I_VMSAVE = 1841, I_VMULPD = 3221, I_VMULPS = 3213, I_VMULSD = 3237, I_VMULSS = 3229, I_VMWRITE = 4174, I_VMXOFF = 1763, I_VMXON = 10020, I_VORPD = 3088, I_VORPS = 3081, I_VPABSB = 7717, I_VPABSD = 7747, I_VPABSW = 7732, I_VPACKSSDW = 3881, I_VPACKSSWB = 3713, I_VPACKUSDW = 7948, I_VPACKUSWB = 3791, I_VPADDB = 7233, I_VPADDD = 7263, I_VPADDQ = 6510, I_VPADDSB = 6960, I_VPADDSW = 6977, I_VPADDUSW = 6651, I_VPADDW = 7248, I_VPALIGNR = 9441, I_VPAND = 6635, I_VPANDN = 6694, I_VPAVGB = 6709, I_VPAVGW = 6754, I_VPBLENDVB = 9714, I_VPBLENDW = 9422, I_VPCLMULQDQ = 9680, I_VPCMPEQB = 4074, I_VPCMPEQD = 4112, I_VPCMPEQQ = 7907, I_VPCMPEQW = 4093, I_VPCMPESTRI = 9759, I_VPCMPESTRM = 9736, I_VPCMPGTB = 3733, I_VPCMPGTD = 3771, I_VPCMPGTQ = 8118, I_VPCMPGTW = 3752, I_VPCMPISTRI = 9805, I_VPCMPISTRM = 9782, I_VPERM2F128 = 9287, I_VPERMILPD = 7592, I_VPERMILPS = 7581, I_VPEXTRB = 9459, I_VPEXTRD = 9484, I_VPEXTRQ = 9493, I_VPEXTRW = 6341, I_VPHADDD = 7405, I_VPHADDSW = 7423, I_VPHADDW = 7388, I_VPHMINPOSUW = 8293, I_VPHSUBD = 7481, I_VPHSUBSW = 7499, I_VPHSUBW = 7464, I_VPINSRB = 9560, I_VPINSRD = 9606, I_VPINSRQ = 9615, I_VPINSRW = 6324, I_VPMADDUBSW = 7444, I_VPMADDWD = 7104, I_VPMAXSB = 8204, I_VPMAXSD = 8221, I_VPMAXSW = 6994, I_VPMAXUB = 6678, I_VPMAXUD = 8255, I_VPMAXUW = 8238, I_VPMINSB = 8136, I_VPMINSD = 8153, I_VPMINSW = 6932, I_VPMINUB = 6620, I_VPMINUD = 8187, I_VPMINUW = 8170, I_VPMOVMSKB = 6563, I_VPMOVSXBD = 7786, I_VPMOVSXBQ = 7807, I_VPMOVSXBW = 7765, I_VPMOVSXDQ = 7870, I_VPMOVSXWD = 7828, I_VPMOVSXWQ = 7849, I_VPMOVZXBD = 8014, I_VPMOVZXBQ = 8035, I_VPMOVZXBW = 7993, I_VPMOVZXDQ = 8098, I_VPMOVZXWD = 8056, I_VPMOVZXWQ = 8077, I_VPMULDQ = 7889, I_VPMULHRSW = 7570, I_VPMULHUW = 6771, I_VPMULHW = 6789, I_VPMULLD = 8272, I_VPMULLW = 6526, I_VPMULUDQ = 7085, I_VPOR = 6946, I_VPSADBW = 7122, I_VPSHUFB = 7371, I_VPSHUFD = 4036, I_VPSHUFHW = 4045, I_VPSHUFLW = 4055, I_VPSIGNB = 7517, I_VPSIGND = 7551, I_VPSIGNW = 7534, I_VPSLLD = 7053, I_VPSLLDQ = 9877, I_VPSLLQ = 7068, I_VPSLLW = 7038, I_VPSRAD = 6739, I_VPSRAW = 6724, I_VPSRLD = 6480, I_VPSRLDQ = 9860, I_VPSRLQ = 6495, I_VPSRLW = 6465, I_VPSUBB = 7173, I_VPSUBD = 7203, I_VPSUBQ = 7218, I_VPSUBSB = 6898, I_VPSUBSW = 6915, I_VPSUBUSB = 6583, I_VPSUBUSW = 6602, I_VPSUBW = 7188, I_VPTEST = 7658, I_VPUNPCKHBW = 3813, I_VPUNPCKHDQ = 3859, I_VPUNPCKHQDQ = 3929, I_VPUNPCKHWD = 3836, I_VPUNPCKLBW = 3645, I_VPUNPCKLDQ = 3691, I_VPUNPCKLQDQ = 3904, I_VPUNPCKLWD = 3668, I_VPXOR = 7009, I_VRCPPS = 2989, I_VRCPSS = 2997, I_VROUNDPD = 9327, I_VROUNDPS = 9308, I_VROUNDSD = 9365, I_VROUNDSS = 9346, I_VRSQRTPS = 2955, I_VRSQRTSS = 2965, I_VSHUFPD = 6375, I_VSHUFPS = 6366, I_VSQRTPD = 2910, I_VSQRTPS = 2901, I_VSQRTSD = 2928, I_VSQRTSS = 2919, I_VSTMXCSR = 9992, I_VSUBPD = 3430, I_VSUBPS = 3422, I_VSUBSD = 3446, I_VSUBSS = 3438, I_VTESTPD = 7612, I_VTESTPS = 7603, I_VUCOMISD = 2783, I_VUCOMISS = 2773, I_VUNPCKHPD = 2339, I_VUNPCKHPS = 2328, I_VUNPCKLPD = 2297, I_VUNPCKLPS = 2286, I_VXORPD = 3117, I_VXORPS = 3109, I_VZEROALL = 4140, I_VZEROUPPER = 4128, I_WAIT = 10042, I_WBINVD = 561, I_WRFSBASE = 9953, I_WRGSBASE = 9982, I_WRMSR = 586, I_XABORT = 1007, I_XADD = 946, I_XBEGIN = 1015, I_XCHG = 212, I_XEND = 1811, I_XGETBV = 1787, I_XLAT = 400, I_XOR = 61, I_XORPD = 3102, I_XORPS = 3095, I_XRSTOR = 4295, I_XRSTOR64 = 4303, I_XSAVE = 4271, I_XSAVE64 = 4278, I_XSAVEOPT = 4321, I_XSAVEOPT64 = 4331, I_XSETBV = 1795, I__3DNOW = 10056 } _InstructionType; typedef enum { R_RAX, R_RCX, R_RDX, R_RBX, R_RSP, R_RBP, R_RSI, R_RDI, R_R8, R_R9, R_R10, R_R11, R_R12, R_R13, R_R14, R_R15, R_EAX, R_ECX, R_EDX, R_EBX, R_ESP, R_EBP, R_ESI, R_EDI, R_R8D, R_R9D, R_R10D, R_R11D, R_R12D, R_R13D, R_R14D, R_R15D, R_AX, R_CX, R_DX, R_BX, R_SP, R_BP, R_SI, R_DI, R_R8W, R_R9W, R_R10W, R_R11W, R_R12W, R_R13W, R_R14W, R_R15W, R_AL, R_CL, R_DL, R_BL, R_AH, R_CH, R_DH, R_BH, R_R8B, R_R9B, R_R10B, R_R11B, R_R12B, R_R13B, R_R14B, R_R15B, R_SPL, R_BPL, R_SIL, R_DIL, R_ES, R_CS, R_SS, R_DS, R_FS, R_GS, R_RIP, R_ST0, R_ST1, R_ST2, R_ST3, R_ST4, R_ST5, R_ST6, R_ST7, R_MM0, R_MM1, R_MM2, R_MM3, R_MM4, R_MM5, R_MM6, R_MM7, R_XMM0, R_XMM1, R_XMM2, R_XMM3, R_XMM4, R_XMM5, R_XMM6, R_XMM7, R_XMM8, R_XMM9, R_XMM10, R_XMM11, R_XMM12, R_XMM13, R_XMM14, R_XMM15, R_YMM0, R_YMM1, R_YMM2, R_YMM3, R_YMM4, R_YMM5, R_YMM6, R_YMM7, R_YMM8, R_YMM9, R_YMM10, R_YMM11, R_YMM12, R_YMM13, R_YMM14, R_YMM15, R_CR0, R_UNUSED0, R_CR2, R_CR3, R_CR4, R_UNUSED1, R_UNUSED2, R_UNUSED3, R_CR8, R_DR0, R_DR1, R_DR2, R_DR3, R_UNUSED4, R_UNUSED5, R_DR6, R_DR7 } _RegisterType; #endif /* MNEMONICS_H */ distorm-3.4.1/make/000077500000000000000000000000001340425302400141125ustar00rootroot00000000000000distorm-3.4.1/make/linux/000077500000000000000000000000001340425302400152515ustar00rootroot00000000000000distorm-3.4.1/make/linux/Makefile000066400000000000000000000020261340425302400167110ustar00rootroot00000000000000# # diStorm3 (Linux Port) # TARGET_BASE = libdistorm3.so COBJS = ../../src/mnemonics.o ../../src/wstring.o ../../src/textdefs.o ../../src/prefix.o ../../src/operands.o ../../src/insts.o ../../src/instructions.o ../../src/distorm.o ../../src/decoder.o CC = gcc CFLAGS += -fPIC -O2 -Wall -DSUPPORT_64BIT_OFFSET -DDISTORM_STATIC LDFLAGS += -shared PREFIX = /usr/local # The lib SONAME version: LIB_S_VERSION = 3 # The lib real version: LIB_R_VERSION = 3.4.0 LDFLAGS += -Wl,-soname,${TARGET_BASE}.${LIB_S_VERSION} DESTDIR = TARGET_NAME = ${TARGET_BASE}.${LIB_R_VERSION} all: clib clean: /bin/rm -rf ../../src/*.o ${TARGET_NAME} ../../distorm3.a ./../*.o clib: ${COBJS} ${CC} ${CFLAGS} ${VERSION} ${COBJS} ${LDFLAGS} -o ${TARGET_NAME} ar rs ../../distorm3.a ${COBJS} install: ${TARGET_NAME} install -D -s ${TARGET_NAME} ${DESTDIR}${PREFIX}/lib/${TARGET_NAME} ln -sf ${DESTDIR}${PREFIX}/lib/${TARGET_NAME} ${DESTDIR}${PREFIX}/lib/${TARGET_BASE} @echo "... running ldconfig might be smart ..." .c.o: ${CC} ${CFLAGS} ${VERSION} -c $< -o $@ distorm-3.4.1/make/mac/000077500000000000000000000000001340425302400146525ustar00rootroot00000000000000distorm-3.4.1/make/mac/Makefile000066400000000000000000000015521340425302400163150ustar00rootroot00000000000000# # diStorm3 (Mac Port) # DISTORM_MODE ?= DISTORM_DYNAMIC TARGET = libdistorm3.dylib PYTHON_BUILD_DIR = ../../Python/macosx-x86 COBJS = ../../src/mnemonics.o ../../src/wstring.o ../../src/textdefs.o ../../src/prefix.o ../../src/operands.o ../../src/insts.o ../../src/instructions.o ../../src/distorm.o ../../src/decoder.o CC = gcc CFLAGS = -arch i386 -arch x86_64 -O2 -Wall -fPIC -DSUPPORT_64BIT_OFFSET -D${DISTORM_MODE} all: clib clean: /bin/rm -rf ../../src/*.o ${TARGET} ../../libdistorm3.dylib ../../distorm3.a ../../*.a clib: ${COBJS} ifeq '$(DISTORM_MODE)' 'DISTORM_DYNAMIC' ${CC} ${CFLAGS} ${VERSION} ${COBJS} -fPIC -dynamiclib -o ${TARGET} [ -d ${PYTHON_BUILD_DIR} ] && rm -rf ${PYTHON_BUILD_DIR} || true mkdir ${PYTHON_BUILD_DIR} cp ${TARGET} ${PYTHON_BUILD_DIR}/ else ar rs ../../distorm3.a ${COBJS} endif .c.o: ${CC} ${CFLAGS} ${VERSION} -c $< -o $@ distorm-3.4.1/make/win32/000077500000000000000000000000001340425302400150545ustar00rootroot00000000000000distorm-3.4.1/make/win32/cdistorm.vcxproj000066400000000000000000000321351340425302400203210ustar00rootroot00000000000000 clib Win32 clib x64 dll Win32 dll x64 distorm {15051CE1-AB10-4239-973D-01B84F2AD0A9} distorm Win32Proj 10.0.17134.0 DynamicLibrary false NotSet false v141 StaticLibrary false NotSet v141 DynamicLibrary false NotSet false v141 StaticLibrary false NotSet v141 <_ProjectFileVersion>10.0.30319.1 $(Configuration)\ $(Platform)\$(Configuration)\ $(Configuration)\ $(Platform)\$(Configuration)\ AllRules.ruleset AllRules.ruleset AllRules.ruleset AllRules.ruleset distorm3 distorm3 $(SolutionDir)..\..\ $(SolutionDir)..\..\ $(SolutionDir)..\..\ $(SolutionDir)..\..\ distorm distorm Full AnySuitable Speed true false %(AdditionalIncludeDirectories) WIN32;NDEBUG;DISTORM_STATIC;SUPPORT_64BIT_OFFSET;%(PreprocessorDefinitions) true true false MultiThreaded true ProgramDatabase CompileAsC distorm.pdb Level4 true MachineX86 X64 Full AnySuitable Speed true false %(AdditionalIncludeDirectories) WIN32;NDEBUG;DISTORM_STATIC;SUPPORT_64BIT_OFFSET;%(PreprocessorDefinitions) true true false MultiThreaded true Level4 true ProgramDatabase CompileAsC distorm.pdb MachineX64 Full AnySuitable Speed true false %(AdditionalIncludeDirectories) WIN32;NDEBUG;DISTORM_DYNAMIC;SUPPORT_64BIT_OFFSET;%(PreprocessorDefinitions) true true false true Level4 ProgramDatabase CompileAsC true distorm3.pdb MultiThreadedDLL X64 Full AnySuitable Speed true false %(AdditionalIncludeDirectories) WIN32;NDEBUG;DISTORM_DYNAMIC;SUPPORT_64BIT_OFFSET;%(PreprocessorDefinitions) true true false MultiThreadedDLL true Level4 ProgramDatabase CompileAsC true distorm3.pdb MachineX64 distorm-3.4.1/make/win32/cdistorm.vcxproj.filters000066400000000000000000000054471340425302400217760ustar00rootroot00000000000000 {50ac9ad6-0895-4596-b142-1a7fad1b97d5} cpp;c;cxx;def;odl;idl;hpj;bat;asm {8612ae75-7b41-4557-b23b-d3e14e7f9613} h;hpp;hxx;hm;inl;inc Source Files Source Files Source Files Source Files Source Files Source Files Source Files Source Files Source Files Header Files Header Files Header Files Header Files Header Files Header Files Header Files Header Files Header Files Header Files Header Files Header Files distorm-3.4.1/make/win32/distorm.sln000066400000000000000000000022221340425302400172510ustar00rootroot00000000000000Microsoft Visual Studio Solution File, Format Version 11.00 # Visual Studio 2010 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "distorm", "cdistorm.vcxproj", "{15051CE1-AB10-4239-973D-01B84F2AD0A9}" EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution clib|Win32 = clib|Win32 clib|x64 = clib|x64 dll|Win32 = dll|Win32 dll|x64 = dll|x64 EndGlobalSection GlobalSection(ProjectConfigurationPlatforms) = postSolution {15051CE1-AB10-4239-973D-01B84F2AD0A9}.clib|Win32.ActiveCfg = clib|Win32 {15051CE1-AB10-4239-973D-01B84F2AD0A9}.clib|Win32.Build.0 = clib|Win32 {15051CE1-AB10-4239-973D-01B84F2AD0A9}.clib|x64.ActiveCfg = clib|x64 {15051CE1-AB10-4239-973D-01B84F2AD0A9}.clib|x64.Build.0 = clib|x64 {15051CE1-AB10-4239-973D-01B84F2AD0A9}.dll|Win32.ActiveCfg = dll|Win32 {15051CE1-AB10-4239-973D-01B84F2AD0A9}.dll|Win32.Build.0 = dll|Win32 {15051CE1-AB10-4239-973D-01B84F2AD0A9}.dll|x64.ActiveCfg = dll|x64 {15051CE1-AB10-4239-973D-01B84F2AD0A9}.dll|x64.Build.0 = dll|x64 EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE EndGlobalSection EndGlobal distorm-3.4.1/make/win32/resource.h000066400000000000000000000014441340425302400170570ustar00rootroot00000000000000//{{NO_DEPENDENCIES}} // Microsoft Visual C++ generated include file. // Used by resource.rc // Next default values for new objects // #ifdef APSTUDIO_INVOKED #ifndef APSTUDIO_READONLY_SYMBOLS #define _APS_NEXT_RESOURCE_VALUE 101 #define _APS_NEXT_COMMAND_VALUE 40001 #define _APS_NEXT_CONTROL_VALUE 1001 #define _APS_NEXT_SYMED_VALUE 101 #endif #endif //{{NO_DEPENDENCIES}} // Microsoft Visual C++ generated include file. // Used by Resource.rc // Next default values for new objects // #ifdef APSTUDIO_INVOKED #ifndef APSTUDIO_READONLY_SYMBOLS #define _APS_NEXT_RESOURCE_VALUE 101 #define _APS_NEXT_COMMAND_VALUE 40001 #define _APS_NEXT_CONTROL_VALUE 1001 #define _APS_NEXT_SYMED_VALUE 101 #endif #endif distorm-3.4.1/make/win32/resource.rc000077500000000000000000000110241340425302400172320ustar00rootroot00000000000000ÿþ// Microsoft Visual C++ generated resource script. // #include "resource.h" #define APSTUDIO_READONLY_SYMBOLS ///////////////////////////////////////////////////////////////////////////// // // Generated from the TEXTINCLUDE 2 resource. // #include "winres.h" ///////////////////////////////////////////////////////////////////////////// #undef APSTUDIO_READONLY_SYMBOLS ///////////////////////////////////////////////////////////////////////////// // English (United States) resources #if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU) LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US #ifdef APSTUDIO_INVOKED ///////////////////////////////////////////////////////////////////////////// // // TEXTINCLUDE // 1 TEXTINCLUDE BEGIN "resource.h\0" END 2 TEXTINCLUDE BEGIN "#include ""winres.h""\r\n" "\0" END 3 TEXTINCLUDE BEGIN "\r\n" "\0" END #endif // APSTUDIO_INVOKED ///////////////////////////////////////////////////////////////////////////// // // Version // VS_VERSION_INFO VERSIONINFO FILEVERSION 3,4,0,0 PRODUCTVERSION 3,4,0,0 FILEFLAGSMASK 0x3fL #ifdef _DEBUG FILEFLAGS 0x1L #else FILEFLAGS 0x0L #endif FILEOS 0x40004L FILETYPE 0x2L FILESUBTYPE 0x0L BEGIN BLOCK "StringFileInfo" BEGIN BLOCK "040904b0" BEGIN VALUE "CompanyName", "Gil Dabah" VALUE "FileDescription", "diStorm3 module" VALUE "FileVersion", "3.4.0.0" VALUE "InternalName", "diStorm3" VALUE "LegalCopyright", "Copyright (C) 2003-2018 Gil Dabah" VALUE "OriginalFilename", "diStorm3.dll" VALUE "ProductName", "diStorm3 Disassembler Library" VALUE "ProductVersion", "3.4.0.0" END END BLOCK "VarFileInfo" BEGIN VALUE "Translation", 0x409, 1200 END END #endif // English (United States) resources ///////////////////////////////////////////////////////////////////////////// #ifndef APSTUDIO_INVOKED ///////////////////////////////////////////////////////////////////////////// // // Generated from the TEXTINCLUDE 3 resource. // ///////////////////////////////////////////////////////////////////////////// #endif // not APSTUDIO_INVOKED distorm-3.4.1/python/000077500000000000000000000000001340425302400145165ustar00rootroot00000000000000distorm-3.4.1/python/distorm3/000077500000000000000000000000001340425302400162625ustar00rootroot00000000000000distorm-3.4.1/python/distorm3/__init__.py000077500000000000000000001274641340425302400204140ustar00rootroot00000000000000# :[diStorm3}: Python binding # Based on diStorm64 Python binding by Mario Vilas # Initial support for decompose API added by Roee Shenberg # Licensed under BSD in 2016. # # Compatible with Python2.x and 3.x. # info = ( "diStorm3 by Gil Dabah, https://github.com/gdabah/distorm/\n" "Based on diStorm64 Python binding by Mario Vilas, http://breakingcode.wordpress.com/\n" ) __revision__ = "$Id: distorm.py 186 2010-05-01 14:20:41Z gdabah $" __all__ = [ 'Decode', 'DecodeGenerator', 'Decompose', 'DecomposeGenerator', 'Decode16Bits', 'Decode32Bits', 'Decode64Bits', 'Mnemonics', 'Registers', ] from ctypes import * from os.path import split, join from os import name as os_name import sys if sys.version_info[0] >= 3: xrange = range #============================================================================== # Load the diStorm DLL # Guess the DLL filename and load the library. _distorm_path = split(__file__)[0] if hasattr(sys, '_MEIPASS'): _distorm_path = sys._MEIPASS potential_libs = ['libdistorm3.so', 'libdistorm3.dylib'] if os_name == 'nt': potential_libs = ['distorm3.dll', 'libdistorm3.dll'] lib_was_found = False for i in potential_libs: try: _distorm_file = join(_distorm_path, i) _distorm = cdll.LoadLibrary(_distorm_file) lib_was_found = True break except OSError: pass if lib_was_found == False: raise ImportError("Error loading the diStorm dynamic library (or cannot load library into process).") # Get the decode C function (try 64 bits version first, only then 32 bits). SUPPORT_64BIT_OFFSET = False try: internal_decode = _distorm.distorm_decode64 internal_decompose = _distorm.distorm_decompose64 internal_format = _distorm.distorm_format64 SUPPORT_64BIT_OFFSET = True except AttributeError: try: internal_decode = _distorm.distorm_decode32 internal_decompose = _distorm.distorm_decompose32 internal_format = _distorm.distorm_format32 except AttributeError: raise ImportError("Error loading distorm") #============================================================================== # diStorm C interface MAX_TEXT_SIZE = 48 # See distorm.h for this value. MAX_INSTRUCTIONS = 1000 DECRES_NONE = 0 DECRES_SUCCESS = 1 DECRES_MEMORYERR = 2 DECRES_INPUTERR = 3 if SUPPORT_64BIT_OFFSET: _OffsetType = c_ulonglong else: _OffsetType = c_uint class _WString (Structure): _fields_ = [ ('length', c_uint), ('p', c_char * MAX_TEXT_SIZE), ] class _CodeInfo (Structure): _fields_ = [ ('codeOffset', _OffsetType), ('nextOffset', _OffsetType), ('code', c_char_p), ('codeLen', c_int), ('dt', c_byte), ('features', c_uint), ] class _DecodedInst (Structure): _fields_ = [ ('mnemonic', _WString), ('operands', _WString), ('instructionHex', _WString), ('size', c_uint), ('offset', _OffsetType), ] # _OperandType enum _OperandType = c_ubyte O_NONE = 0 O_REG = 1 O_IMM = 2 O_IMM1 = 3 O_IMM2 = 4 O_DISP = 5 O_SMEM = 6 O_MEM = 7 O_PC = 8 O_PTR = 9 class _Operand (Structure): _fields_ = [ ('type', c_ubyte), # of type _OperandType ('index', c_ubyte), ('size', c_uint16), ] class _ex (Structure): _fields_ = [ ('i1', c_uint32), ('i2', c_uint32), ] class _ptr (Structure): _fields_ = [ ('seg', c_uint16), ('off', c_uint32), ] class _Value (Union): _fields_ = [ ('sbyte', c_byte), ('byte', c_ubyte), ('sword', c_int16), ('word', c_uint16), ('sdword', c_int32), ('dword', c_uint32), ('sqword', c_int64), ('qword', c_uint64), ('addr', _OffsetType), ('ptr', _ptr), ('ex', _ex), ] class _DInst (Structure): _fields_ = [ ('imm', _Value), ('disp', c_uint64), # displacement. size is according to dispSize ('addr', _OffsetType), ('flags', c_uint16), # -1 if invalid. See C headers for more info ('unusedPrefixesMask', c_uint16), ('usedRegistersMask', c_uint32), # used registers mask. ('opcode', c_uint16), # look up in opcode table ('ops', _Operand*4), ('size', c_ubyte), ('segment', c_ubyte), # -1 if unused. See C headers for more info ('base', c_ubyte), # base register for indirections ('scale', c_ubyte), # ignore for values 0, 1 (other valid values - 2,4,8) ('dispSize', c_ubyte), ('meta', c_ubyte), # meta flags - instruction set class, etc. See C headers again... ('modifiedFlagsMask', c_uint16), # CPU modified (output) flags by instruction. ('testedFlagsMask', c_uint16), # CPU tested (input) flags by instruction. ('undefinedFlagsMask', c_uint16) # CPU undefined flags by instruction. ] #============================================================================== # diStorm Python interface Decode16Bits = 0 # 80286 decoding Decode32Bits = 1 # IA-32 decoding Decode64Bits = 2 # AMD64 decoding OffsetTypeSize = sizeof(_OffsetType) Mnemonics = { 0xb: "ADD", 0x10: "PUSH", 0x16: "POP", 0x1b: "OR", 0x1f: "ADC", 0x24: "SBB", 0x29: "AND", 0x2e: "DAA", 0x33: "SUB", 0x38: "DAS", 0x3d: "XOR", 0x42: "AAA", 0x47: "CMP", 0x4c: "AAS", 0x51: "INC", 0x56: "DEC", 0x5b: "PUSHA", 0x62: "POPA", 0x68: "BOUND", 0x6f: "ARPL", 0x75: "IMUL", 0x7b: "INS", 0x80: "OUTS", 0x86: "JO", 0x8a: "JNO", 0x8f: "JB", 0x93: "JAE", 0x98: "JZ", 0x9c: "JNZ", 0xa1: "JBE", 0xa6: "JA", 0xaa: "JS", 0xae: "JNS", 0xb3: "JP", 0xb7: "JNP", 0xbc: "JL", 0xc0: "JGE", 0xc5: "JLE", 0xca: "JG", 0xce: "TEST", 0xd4: "XCHG", 0xda: "MOV", 0xdf: "LEA", 0xe4: "CBW", 0xe9: "CWDE", 0xef: "CDQE", 0xf5: "CWD", 0xfa: "CDQ", 0xff: "CQO", 0x104: "CALL FAR", 0x10e: "PUSHF", 0x115: "POPF", 0x11b: "SAHF", 0x121: "LAHF", 0x127: "MOVS", 0x12d: "CMPS", 0x133: "STOS", 0x139: "LODS", 0x13f: "SCAS", 0x145: "RET", 0x14a: "LES", 0x14f: "LDS", 0x154: "ENTER", 0x15b: "LEAVE", 0x162: "RETF", 0x168: "INT 3", 0x16f: "INT", 0x174: "INTO", 0x17a: "IRET", 0x180: "AAM", 0x185: "AAD", 0x18a: "SALC", 0x190: "XLAT", 0x196: "LOOPNZ", 0x19e: "LOOPZ", 0x1a5: "LOOP", 0x1ab: "JCXZ", 0x1b1: "JECXZ", 0x1b8: "JRCXZ", 0x1bf: "IN", 0x1c3: "OUT", 0x1c8: "CALL", 0x1ce: "JMP", 0x1d3: "JMP FAR", 0x1dc: "INT1", 0x1e2: "HLT", 0x1e7: "CMC", 0x1ec: "CLC", 0x1f1: "STC", 0x1f6: "CLI", 0x1fb: "STI", 0x200: "CLD", 0x205: "STD", 0x20a: "LAR", 0x20f: "LSL", 0x214: "SYSCALL", 0x21d: "CLTS", 0x223: "SYSRET", 0x22b: "INVD", 0x231: "WBINVD", 0x239: "UD2", 0x23e: "FEMMS", 0x245: "NOP", 0x24a: "WRMSR", 0x251: "RDTSC", 0x258: "RDMSR", 0x25f: "RDPMC", 0x266: "SYSENTER", 0x270: "SYSEXIT", 0x279: "GETSEC", 0x281: "CMOVO", 0x288: "CMOVNO", 0x290: "CMOVB", 0x297: "CMOVAE", 0x29f: "CMOVZ", 0x2a6: "CMOVNZ", 0x2ae: "CMOVBE", 0x2b6: "CMOVA", 0x2bd: "CMOVS", 0x2c4: "CMOVNS", 0x2cc: "CMOVP", 0x2d3: "CMOVNP", 0x2db: "CMOVL", 0x2e2: "CMOVGE", 0x2ea: "CMOVLE", 0x2f2: "CMOVG", 0x2f9: "SETO", 0x2ff: "SETNO", 0x306: "SETB", 0x30c: "SETAE", 0x313: "SETZ", 0x319: "SETNZ", 0x320: "SETBE", 0x327: "SETA", 0x32d: "SETS", 0x333: "SETNS", 0x33a: "SETP", 0x340: "SETNP", 0x347: "SETL", 0x34d: "SETGE", 0x354: "SETLE", 0x35b: "SETG", 0x361: "CPUID", 0x368: "BT", 0x36c: "SHLD", 0x372: "RSM", 0x377: "BTS", 0x37c: "SHRD", 0x382: "CMPXCHG", 0x38b: "LSS", 0x390: "BTR", 0x395: "LFS", 0x39a: "LGS", 0x39f: "MOVZX", 0x3a6: "BTC", 0x3ab: "MOVSX", 0x3b2: "XADD", 0x3b8: "MOVNTI", 0x3c0: "BSWAP", 0x3c7: "ROL", 0x3cc: "ROR", 0x3d1: "RCL", 0x3d6: "RCR", 0x3db: "SHL", 0x3e0: "SHR", 0x3e5: "SAL", 0x3ea: "SAR", 0x3ef: "XABORT", 0x3f7: "XBEGIN", 0x3ff: "FADD", 0x405: "FMUL", 0x40b: "FCOM", 0x411: "FCOMP", 0x418: "FSUB", 0x41e: "FSUBR", 0x425: "FDIV", 0x42b: "FDIVR", 0x432: "FLD", 0x437: "FST", 0x43c: "FSTP", 0x442: "FLDENV", 0x44a: "FLDCW", 0x451: "FXCH", 0x457: "FNOP", 0x45d: "FCHS", 0x463: "FABS", 0x469: "FTST", 0x46f: "FXAM", 0x475: "FLD1", 0x47b: "FLDL2T", 0x483: "FLDL2E", 0x48b: "FLDPI", 0x492: "FLDLG2", 0x49a: "FLDLN2", 0x4a2: "FLDZ", 0x4a8: "F2XM1", 0x4af: "FYL2X", 0x4b6: "FPTAN", 0x4bd: "FPATAN", 0x4c5: "FXTRACT", 0x4ce: "FPREM1", 0x4d6: "FDECSTP", 0x4df: "FINCSTP", 0x4e8: "FPREM", 0x4ef: "FYL2XP1", 0x4f8: "FSQRT", 0x4ff: "FSINCOS", 0x508: "FRNDINT", 0x511: "FSCALE", 0x519: "FSIN", 0x51f: "FCOS", 0x525: "FIADD", 0x52c: "FIMUL", 0x533: "FICOM", 0x53a: "FICOMP", 0x542: "FISUB", 0x549: "FISUBR", 0x551: "FIDIV", 0x558: "FIDIVR", 0x560: "FCMOVB", 0x568: "FCMOVE", 0x570: "FCMOVBE", 0x579: "FCMOVU", 0x581: "FUCOMPP", 0x58a: "FILD", 0x590: "FISTTP", 0x598: "FIST", 0x59e: "FISTP", 0x5a5: "FCMOVNB", 0x5ae: "FCMOVNE", 0x5b7: "FCMOVNBE", 0x5c1: "FCMOVNU", 0x5ca: "FENI", 0x5d0: "FEDISI", 0x5d8: "FSETPM", 0x5e0: "FUCOMI", 0x5e8: "FCOMI", 0x5ef: "FRSTOR", 0x5f7: "FFREE", 0x5fe: "FUCOM", 0x605: "FUCOMP", 0x60d: "FADDP", 0x614: "FMULP", 0x61b: "FCOMPP", 0x623: "FSUBRP", 0x62b: "FSUBP", 0x632: "FDIVRP", 0x63a: "FDIVP", 0x641: "FBLD", 0x647: "FBSTP", 0x64e: "FUCOMIP", 0x657: "FCOMIP", 0x65f: "NOT", 0x664: "NEG", 0x669: "MUL", 0x66e: "DIV", 0x673: "IDIV", 0x679: "SLDT", 0x67f: "STR", 0x684: "LLDT", 0x68a: "LTR", 0x68f: "VERR", 0x695: "VERW", 0x69b: "SGDT", 0x6a1: "SIDT", 0x6a7: "LGDT", 0x6ad: "LIDT", 0x6b3: "SMSW", 0x6b9: "LMSW", 0x6bf: "INVLPG", 0x6c7: "VMCALL", 0x6cf: "VMLAUNCH", 0x6d9: "VMRESUME", 0x6e3: "VMXOFF", 0x6eb: "MONITOR", 0x6f4: "MWAIT", 0x6fb: "XGETBV", 0x703: "XSETBV", 0x70b: "VMFUNC", 0x713: "XEND", 0x719: "VMRUN", 0x720: "VMMCALL", 0x729: "VMLOAD", 0x731: "VMSAVE", 0x739: "STGI", 0x73f: "CLGI", 0x745: "SKINIT", 0x74d: "INVLPGA", 0x756: "SWAPGS", 0x75e: "RDTSCP", 0x766: "PREFETCH", 0x770: "PREFETCHW", 0x77b: "PI2FW", 0x782: "PI2FD", 0x789: "PF2IW", 0x790: "PF2ID", 0x797: "PFNACC", 0x79f: "PFPNACC", 0x7a8: "PFCMPGE", 0x7b1: "PFMIN", 0x7b8: "PFRCP", 0x7bf: "PFRSQRT", 0x7c8: "PFSUB", 0x7cf: "PFADD", 0x7d6: "PFCMPGT", 0x7df: "PFMAX", 0x7e6: "PFRCPIT1", 0x7f0: "PFRSQIT1", 0x7fa: "PFSUBR", 0x802: "PFACC", 0x809: "PFCMPEQ", 0x812: "PFMUL", 0x819: "PFRCPIT2", 0x823: "PMULHRW", 0x82c: "PSWAPD", 0x834: "PAVGUSB", 0x83d: "MOVUPS", 0x845: "MOVUPD", 0x84d: "MOVSS", 0x854: "MOVSD", 0x85b: "VMOVUPS", 0x864: "VMOVUPD", 0x86d: "VMOVSS", 0x875: "VMOVSD", 0x87d: "MOVHLPS", 0x886: "MOVLPS", 0x88e: "MOVLPD", 0x896: "MOVSLDUP", 0x8a0: "MOVDDUP", 0x8a9: "VMOVHLPS", 0x8b3: "VMOVLPS", 0x8bc: "VMOVLPD", 0x8c5: "VMOVSLDUP", 0x8d0: "VMOVDDUP", 0x8da: "UNPCKLPS", 0x8e4: "UNPCKLPD", 0x8ee: "VUNPCKLPS", 0x8f9: "VUNPCKLPD", 0x904: "UNPCKHPS", 0x90e: "UNPCKHPD", 0x918: "VUNPCKHPS", 0x923: "VUNPCKHPD", 0x92e: "MOVLHPS", 0x937: "MOVHPS", 0x93f: "MOVHPD", 0x947: "MOVSHDUP", 0x951: "VMOVLHPS", 0x95b: "VMOVHPS", 0x964: "VMOVHPD", 0x96d: "VMOVSHDUP", 0x978: "PREFETCHNTA", 0x985: "PREFETCHT0", 0x991: "PREFETCHT1", 0x99d: "PREFETCHT2", 0x9a9: "MOVAPS", 0x9b1: "MOVAPD", 0x9b9: "VMOVAPS", 0x9c2: "VMOVAPD", 0x9cb: "CVTPI2PS", 0x9d5: "CVTPI2PD", 0x9df: "CVTSI2SS", 0x9e9: "CVTSI2SD", 0x9f3: "VCVTSI2SS", 0x9fe: "VCVTSI2SD", 0xa09: "MOVNTPS", 0xa12: "MOVNTPD", 0xa1b: "MOVNTSS", 0xa24: "MOVNTSD", 0xa2d: "VMOVNTPS", 0xa37: "VMOVNTPD", 0xa41: "CVTTPS2PI", 0xa4c: "CVTTPD2PI", 0xa57: "CVTTSS2SI", 0xa62: "CVTTSD2SI", 0xa6d: "VCVTTSS2SI", 0xa79: "VCVTTSD2SI", 0xa85: "CVTPS2PI", 0xa8f: "CVTPD2PI", 0xa99: "CVTSS2SI", 0xaa3: "CVTSD2SI", 0xaad: "VCVTSS2SI", 0xab8: "VCVTSD2SI", 0xac3: "UCOMISS", 0xacc: "UCOMISD", 0xad5: "VUCOMISS", 0xadf: "VUCOMISD", 0xae9: "COMISS", 0xaf1: "COMISD", 0xaf9: "VCOMISS", 0xb02: "VCOMISD", 0xb0b: "MOVMSKPS", 0xb15: "MOVMSKPD", 0xb1f: "VMOVMSKPS", 0xb2a: "VMOVMSKPD", 0xb35: "SQRTPS", 0xb3d: "SQRTPD", 0xb45: "SQRTSS", 0xb4d: "SQRTSD", 0xb55: "VSQRTPS", 0xb5e: "VSQRTPD", 0xb67: "VSQRTSS", 0xb70: "VSQRTSD", 0xb79: "RSQRTPS", 0xb82: "RSQRTSS", 0xb8b: "VRSQRTPS", 0xb95: "VRSQRTSS", 0xb9f: "RCPPS", 0xba6: "RCPSS", 0xbad: "VRCPPS", 0xbb5: "VRCPSS", 0xbbd: "ANDPS", 0xbc4: "ANDPD", 0xbcb: "VANDPS", 0xbd3: "VANDPD", 0xbdb: "ANDNPS", 0xbe3: "ANDNPD", 0xbeb: "VANDNPS", 0xbf4: "VANDNPD", 0xbfd: "ORPS", 0xc03: "ORPD", 0xc09: "VORPS", 0xc10: "VORPD", 0xc17: "XORPS", 0xc1e: "XORPD", 0xc25: "VXORPS", 0xc2d: "VXORPD", 0xc35: "ADDPS", 0xc3c: "ADDPD", 0xc43: "ADDSS", 0xc4a: "ADDSD", 0xc51: "VADDPS", 0xc59: "VADDPD", 0xc61: "VADDSS", 0xc69: "VADDSD", 0xc71: "MULPS", 0xc78: "MULPD", 0xc7f: "MULSS", 0xc86: "MULSD", 0xc8d: "VMULPS", 0xc95: "VMULPD", 0xc9d: "VMULSS", 0xca5: "VMULSD", 0xcad: "CVTPS2PD", 0xcb7: "CVTPD2PS", 0xcc1: "CVTSS2SD", 0xccb: "CVTSD2SS", 0xcd5: "VCVTPS2PD", 0xce0: "VCVTPD2PS", 0xceb: "VCVTSS2SD", 0xcf6: "VCVTSD2SS", 0xd01: "CVTDQ2PS", 0xd0b: "CVTPS2DQ", 0xd15: "CVTTPS2DQ", 0xd20: "VCVTDQ2PS", 0xd2b: "VCVTPS2DQ", 0xd36: "VCVTTPS2DQ", 0xd42: "SUBPS", 0xd49: "SUBPD", 0xd50: "SUBSS", 0xd57: "SUBSD", 0xd5e: "VSUBPS", 0xd66: "VSUBPD", 0xd6e: "VSUBSS", 0xd76: "VSUBSD", 0xd7e: "MINPS", 0xd85: "MINPD", 0xd8c: "MINSS", 0xd93: "MINSD", 0xd9a: "VMINPS", 0xda2: "VMINPD", 0xdaa: "VMINSS", 0xdb2: "VMINSD", 0xdba: "DIVPS", 0xdc1: "DIVPD", 0xdc8: "DIVSS", 0xdcf: "DIVSD", 0xdd6: "VDIVPS", 0xdde: "VDIVPD", 0xde6: "VDIVSS", 0xdee: "VDIVSD", 0xdf6: "MAXPS", 0xdfd: "MAXPD", 0xe04: "MAXSS", 0xe0b: "MAXSD", 0xe12: "VMAXPS", 0xe1a: "VMAXPD", 0xe22: "VMAXSS", 0xe2a: "VMAXSD", 0xe32: "PUNPCKLBW", 0xe3d: "VPUNPCKLBW", 0xe49: "PUNPCKLWD", 0xe54: "VPUNPCKLWD", 0xe60: "PUNPCKLDQ", 0xe6b: "VPUNPCKLDQ", 0xe77: "PACKSSWB", 0xe81: "VPACKSSWB", 0xe8c: "PCMPGTB", 0xe95: "VPCMPGTB", 0xe9f: "PCMPGTW", 0xea8: "VPCMPGTW", 0xeb2: "PCMPGTD", 0xebb: "VPCMPGTD", 0xec5: "PACKUSWB", 0xecf: "VPACKUSWB", 0xeda: "PUNPCKHBW", 0xee5: "VPUNPCKHBW", 0xef1: "PUNPCKHWD", 0xefc: "VPUNPCKHWD", 0xf08: "PUNPCKHDQ", 0xf13: "VPUNPCKHDQ", 0xf1f: "PACKSSDW", 0xf29: "VPACKSSDW", 0xf34: "PUNPCKLQDQ", 0xf40: "VPUNPCKLQDQ", 0xf4d: "PUNPCKHQDQ", 0xf59: "VPUNPCKHQDQ", 0xf66: "MOVD", 0xf6c: "MOVQ", 0xf72: "VMOVD", 0xf79: "VMOVQ", 0xf80: "MOVDQA", 0xf88: "MOVDQU", 0xf90: "VMOVDQA", 0xf99: "VMOVDQU", 0xfa2: "PSHUFW", 0xfaa: "PSHUFD", 0xfb2: "PSHUFHW", 0xfbb: "PSHUFLW", 0xfc4: "VPSHUFD", 0xfcd: "VPSHUFHW", 0xfd7: "VPSHUFLW", 0xfe1: "PCMPEQB", 0xfea: "VPCMPEQB", 0xff4: "PCMPEQW", 0xffd: "VPCMPEQW", 0x1007: "PCMPEQD", 0x1010: "VPCMPEQD", 0x101a: "EMMS", 0x1020: "VZEROUPPER", 0x102c: "VZEROALL", 0x1036: "VMREAD", 0x103e: "EXTRQ", 0x1045: "INSERTQ", 0x104e: "VMWRITE", 0x1057: "CVTPH2PS", 0x1061: "CVTPS2PH", 0x106b: "HADDPD", 0x1073: "HADDPS", 0x107b: "VHADDPD", 0x1084: "VHADDPS", 0x108d: "HSUBPD", 0x1095: "HSUBPS", 0x109d: "VHSUBPD", 0x10a6: "VHSUBPS", 0x10af: "XSAVE", 0x10b6: "XSAVE64", 0x10bf: "LFENCE", 0x10c7: "XRSTOR", 0x10cf: "XRSTOR64", 0x10d9: "MFENCE", 0x10e1: "XSAVEOPT", 0x10eb: "XSAVEOPT64", 0x10f7: "SFENCE", 0x10ff: "CLFLUSH", 0x1108: "POPCNT", 0x1110: "BSF", 0x1115: "TZCNT", 0x111c: "BSR", 0x1121: "LZCNT", 0x1128: "CMPEQPS", 0x1131: "CMPLTPS", 0x113a: "CMPLEPS", 0x1143: "CMPUNORDPS", 0x114f: "CMPNEQPS", 0x1159: "CMPNLTPS", 0x1163: "CMPNLEPS", 0x116d: "CMPORDPS", 0x1177: "CMPEQPD", 0x1180: "CMPLTPD", 0x1189: "CMPLEPD", 0x1192: "CMPUNORDPD", 0x119e: "CMPNEQPD", 0x11a8: "CMPNLTPD", 0x11b2: "CMPNLEPD", 0x11bc: "CMPORDPD", 0x11c6: "CMPEQSS", 0x11cf: "CMPLTSS", 0x11d8: "CMPLESS", 0x11e1: "CMPUNORDSS", 0x11ed: "CMPNEQSS", 0x11f7: "CMPNLTSS", 0x1201: "CMPNLESS", 0x120b: "CMPORDSS", 0x1215: "CMPEQSD", 0x121e: "CMPLTSD", 0x1227: "CMPLESD", 0x1230: "CMPUNORDSD", 0x123c: "CMPNEQSD", 0x1246: "CMPNLTSD", 0x1250: "CMPNLESD", 0x125a: "CMPORDSD", 0x1264: "VCMPEQPS", 0x126e: "VCMPLTPS", 0x1278: "VCMPLEPS", 0x1282: "VCMPUNORDPS", 0x128f: "VCMPNEQPS", 0x129a: "VCMPNLTPS", 0x12a5: "VCMPNLEPS", 0x12b0: "VCMPORDPS", 0x12bb: "VCMPEQ_UQPS", 0x12c8: "VCMPNGEPS", 0x12d3: "VCMPNGTPS", 0x12de: "VCMPFALSEPS", 0x12eb: "VCMPNEQ_OQPS", 0x12f9: "VCMPGEPS", 0x1303: "VCMPGTPS", 0x130d: "VCMPTRUEPS", 0x1319: "VCMPEQ_OSPS", 0x1326: "VCMPLT_OQPS", 0x1333: "VCMPLE_OQPS", 0x1340: "VCMPUNORD_SPS", 0x134f: "VCMPNEQ_USPS", 0x135d: "VCMPNLT_UQPS", 0x136b: "VCMPNLE_UQPS", 0x1379: "VCMPORD_SPS", 0x1386: "VCMPEQ_USPS", 0x1393: "VCMPNGE_UQPS", 0x13a1: "VCMPNGT_UQPS", 0x13af: "VCMPFALSE_OSPS", 0x13bf: "VCMPNEQ_OSPS", 0x13cd: "VCMPGE_OQPS", 0x13da: "VCMPGT_OQPS", 0x13e7: "VCMPTRUE_USPS", 0x13f6: "VCMPEQPD", 0x1400: "VCMPLTPD", 0x140a: "VCMPLEPD", 0x1414: "VCMPUNORDPD", 0x1421: "VCMPNEQPD", 0x142c: "VCMPNLTPD", 0x1437: "VCMPNLEPD", 0x1442: "VCMPORDPD", 0x144d: "VCMPEQ_UQPD", 0x145a: "VCMPNGEPD", 0x1465: "VCMPNGTPD", 0x1470: "VCMPFALSEPD", 0x147d: "VCMPNEQ_OQPD", 0x148b: "VCMPGEPD", 0x1495: "VCMPGTPD", 0x149f: "VCMPTRUEPD", 0x14ab: "VCMPEQ_OSPD", 0x14b8: "VCMPLT_OQPD", 0x14c5: "VCMPLE_OQPD", 0x14d2: "VCMPUNORD_SPD", 0x14e1: "VCMPNEQ_USPD", 0x14ef: "VCMPNLT_UQPD", 0x14fd: "VCMPNLE_UQPD", 0x150b: "VCMPORD_SPD", 0x1518: "VCMPEQ_USPD", 0x1525: "VCMPNGE_UQPD", 0x1533: "VCMPNGT_UQPD", 0x1541: "VCMPFALSE_OSPD", 0x1551: "VCMPNEQ_OSPD", 0x155f: "VCMPGE_OQPD", 0x156c: "VCMPGT_OQPD", 0x1579: "VCMPTRUE_USPD", 0x1588: "VCMPEQSS", 0x1592: "VCMPLTSS", 0x159c: "VCMPLESS", 0x15a6: "VCMPUNORDSS", 0x15b3: "VCMPNEQSS", 0x15be: "VCMPNLTSS", 0x15c9: "VCMPNLESS", 0x15d4: "VCMPORDSS", 0x15df: "VCMPEQ_UQSS", 0x15ec: "VCMPNGESS", 0x15f7: "VCMPNGTSS", 0x1602: "VCMPFALSESS", 0x160f: "VCMPNEQ_OQSS", 0x161d: "VCMPGESS", 0x1627: "VCMPGTSS", 0x1631: "VCMPTRUESS", 0x163d: "VCMPEQ_OSSS", 0x164a: "VCMPLT_OQSS", 0x1657: "VCMPLE_OQSS", 0x1664: "VCMPUNORD_SSS", 0x1673: "VCMPNEQ_USSS", 0x1681: "VCMPNLT_UQSS", 0x168f: "VCMPNLE_UQSS", 0x169d: "VCMPORD_SSS", 0x16aa: "VCMPEQ_USSS", 0x16b7: "VCMPNGE_UQSS", 0x16c5: "VCMPNGT_UQSS", 0x16d3: "VCMPFALSE_OSSS", 0x16e3: "VCMPNEQ_OSSS", 0x16f1: "VCMPGE_OQSS", 0x16fe: "VCMPGT_OQSS", 0x170b: "VCMPTRUE_USSS", 0x171a: "VCMPEQSD", 0x1724: "VCMPLTSD", 0x172e: "VCMPLESD", 0x1738: "VCMPUNORDSD", 0x1745: "VCMPNEQSD", 0x1750: "VCMPNLTSD", 0x175b: "VCMPNLESD", 0x1766: "VCMPORDSD", 0x1771: "VCMPEQ_UQSD", 0x177e: "VCMPNGESD", 0x1789: "VCMPNGTSD", 0x1794: "VCMPFALSESD", 0x17a1: "VCMPNEQ_OQSD", 0x17af: "VCMPGESD", 0x17b9: "VCMPGTSD", 0x17c3: "VCMPTRUESD", 0x17cf: "VCMPEQ_OSSD", 0x17dc: "VCMPLT_OQSD", 0x17e9: "VCMPLE_OQSD", 0x17f6: "VCMPUNORD_SSD", 0x1805: "VCMPNEQ_USSD", 0x1813: "VCMPNLT_UQSD", 0x1821: "VCMPNLE_UQSD", 0x182f: "VCMPORD_SSD", 0x183c: "VCMPEQ_USSD", 0x1849: "VCMPNGE_UQSD", 0x1857: "VCMPNGT_UQSD", 0x1865: "VCMPFALSE_OSSD", 0x1875: "VCMPNEQ_OSSD", 0x1883: "VCMPGE_OQSD", 0x1890: "VCMPGT_OQSD", 0x189d: "VCMPTRUE_USSD", 0x18ac: "PINSRW", 0x18b4: "VPINSRW", 0x18bd: "PEXTRW", 0x18c5: "VPEXTRW", 0x18ce: "SHUFPS", 0x18d6: "SHUFPD", 0x18de: "VSHUFPS", 0x18e7: "VSHUFPD", 0x18f0: "CMPXCHG8B", 0x18fb: "CMPXCHG16B", 0x1907: "VMPTRST", 0x1910: "ADDSUBPD", 0x191a: "ADDSUBPS", 0x1924: "VADDSUBPD", 0x192f: "VADDSUBPS", 0x193a: "PSRLW", 0x1941: "VPSRLW", 0x1949: "PSRLD", 0x1950: "VPSRLD", 0x1958: "PSRLQ", 0x195f: "VPSRLQ", 0x1967: "PADDQ", 0x196e: "VPADDQ", 0x1976: "PMULLW", 0x197e: "VPMULLW", 0x1987: "MOVQ2DQ", 0x1990: "MOVDQ2Q", 0x1999: "PMOVMSKB", 0x19a3: "VPMOVMSKB", 0x19ae: "PSUBUSB", 0x19b7: "VPSUBUSB", 0x19c1: "PSUBUSW", 0x19ca: "VPSUBUSW", 0x19d4: "PMINUB", 0x19dc: "VPMINUB", 0x19e5: "PAND", 0x19eb: "VPAND", 0x19f2: "PADDUSB", 0x19fb: "VPADDUSW", 0x1a05: "PADDUSW", 0x1a0e: "PMAXUB", 0x1a16: "VPMAXUB", 0x1a1f: "PANDN", 0x1a26: "VPANDN", 0x1a2e: "PAVGB", 0x1a35: "VPAVGB", 0x1a3d: "PSRAW", 0x1a44: "VPSRAW", 0x1a4c: "PSRAD", 0x1a53: "VPSRAD", 0x1a5b: "PAVGW", 0x1a62: "VPAVGW", 0x1a6a: "PMULHUW", 0x1a73: "VPMULHUW", 0x1a7d: "PMULHW", 0x1a85: "VPMULHW", 0x1a8e: "CVTTPD2DQ", 0x1a99: "CVTDQ2PD", 0x1aa3: "CVTPD2DQ", 0x1aad: "VCVTTPD2DQ", 0x1ab9: "VCVTDQ2PD", 0x1ac4: "VCVTPD2DQ", 0x1acf: "MOVNTQ", 0x1ad7: "MOVNTDQ", 0x1ae0: "VMOVNTDQ", 0x1aea: "PSUBSB", 0x1af2: "VPSUBSB", 0x1afb: "PSUBSW", 0x1b03: "VPSUBSW", 0x1b0c: "PMINSW", 0x1b14: "VPMINSW", 0x1b1d: "POR", 0x1b22: "VPOR", 0x1b28: "PADDSB", 0x1b30: "VPADDSB", 0x1b39: "PADDSW", 0x1b41: "VPADDSW", 0x1b4a: "PMAXSW", 0x1b52: "VPMAXSW", 0x1b5b: "PXOR", 0x1b61: "VPXOR", 0x1b68: "LDDQU", 0x1b6f: "VLDDQU", 0x1b77: "PSLLW", 0x1b7e: "VPSLLW", 0x1b86: "PSLLD", 0x1b8d: "VPSLLD", 0x1b95: "PSLLQ", 0x1b9c: "VPSLLQ", 0x1ba4: "PMULUDQ", 0x1bad: "VPMULUDQ", 0x1bb7: "PMADDWD", 0x1bc0: "VPMADDWD", 0x1bca: "PSADBW", 0x1bd2: "VPSADBW", 0x1bdb: "MASKMOVQ", 0x1be5: "MASKMOVDQU", 0x1bf1: "VMASKMOVDQU", 0x1bfe: "PSUBB", 0x1c05: "VPSUBB", 0x1c0d: "PSUBW", 0x1c14: "VPSUBW", 0x1c1c: "PSUBD", 0x1c23: "VPSUBD", 0x1c2b: "PSUBQ", 0x1c32: "VPSUBQ", 0x1c3a: "PADDB", 0x1c41: "VPADDB", 0x1c49: "PADDW", 0x1c50: "VPADDW", 0x1c58: "PADDD", 0x1c5f: "VPADDD", 0x1c67: "FNSTENV", 0x1c70: "FSTENV", 0x1c78: "FNSTCW", 0x1c80: "FSTCW", 0x1c87: "FNCLEX", 0x1c8f: "FCLEX", 0x1c96: "FNINIT", 0x1c9e: "FINIT", 0x1ca5: "FNSAVE", 0x1cad: "FSAVE", 0x1cb4: "FNSTSW", 0x1cbc: "FSTSW", 0x1cc3: "PSHUFB", 0x1ccb: "VPSHUFB", 0x1cd4: "PHADDW", 0x1cdc: "VPHADDW", 0x1ce5: "PHADDD", 0x1ced: "VPHADDD", 0x1cf6: "PHADDSW", 0x1cff: "VPHADDSW", 0x1d09: "PMADDUBSW", 0x1d14: "VPMADDUBSW", 0x1d20: "PHSUBW", 0x1d28: "VPHSUBW", 0x1d31: "PHSUBD", 0x1d39: "VPHSUBD", 0x1d42: "PHSUBSW", 0x1d4b: "VPHSUBSW", 0x1d55: "PSIGNB", 0x1d5d: "VPSIGNB", 0x1d66: "PSIGNW", 0x1d6e: "VPSIGNW", 0x1d77: "PSIGND", 0x1d7f: "VPSIGND", 0x1d88: "PMULHRSW", 0x1d92: "VPMULHRSW", 0x1d9d: "VPERMILPS", 0x1da8: "VPERMILPD", 0x1db3: "VTESTPS", 0x1dbc: "VTESTPD", 0x1dc5: "PBLENDVB", 0x1dcf: "BLENDVPS", 0x1dd9: "BLENDVPD", 0x1de3: "PTEST", 0x1dea: "VPTEST", 0x1df2: "VBROADCASTSS", 0x1e00: "VBROADCASTSD", 0x1e0e: "VBROADCASTF128", 0x1e1e: "PABSB", 0x1e25: "VPABSB", 0x1e2d: "PABSW", 0x1e34: "VPABSW", 0x1e3c: "PABSD", 0x1e43: "VPABSD", 0x1e4b: "PMOVSXBW", 0x1e55: "VPMOVSXBW", 0x1e60: "PMOVSXBD", 0x1e6a: "VPMOVSXBD", 0x1e75: "PMOVSXBQ", 0x1e7f: "VPMOVSXBQ", 0x1e8a: "PMOVSXWD", 0x1e94: "VPMOVSXWD", 0x1e9f: "PMOVSXWQ", 0x1ea9: "VPMOVSXWQ", 0x1eb4: "PMOVSXDQ", 0x1ebe: "VPMOVSXDQ", 0x1ec9: "PMULDQ", 0x1ed1: "VPMULDQ", 0x1eda: "PCMPEQQ", 0x1ee3: "VPCMPEQQ", 0x1eed: "MOVNTDQA", 0x1ef7: "VMOVNTDQA", 0x1f02: "PACKUSDW", 0x1f0c: "VPACKUSDW", 0x1f17: "VMASKMOVPS", 0x1f23: "VMASKMOVPD", 0x1f2f: "PMOVZXBW", 0x1f39: "VPMOVZXBW", 0x1f44: "PMOVZXBD", 0x1f4e: "VPMOVZXBD", 0x1f59: "PMOVZXBQ", 0x1f63: "VPMOVZXBQ", 0x1f6e: "PMOVZXWD", 0x1f78: "VPMOVZXWD", 0x1f83: "PMOVZXWQ", 0x1f8d: "VPMOVZXWQ", 0x1f98: "PMOVZXDQ", 0x1fa2: "VPMOVZXDQ", 0x1fad: "PCMPGTQ", 0x1fb6: "VPCMPGTQ", 0x1fc0: "PMINSB", 0x1fc8: "VPMINSB", 0x1fd1: "PMINSD", 0x1fd9: "VPMINSD", 0x1fe2: "PMINUW", 0x1fea: "VPMINUW", 0x1ff3: "PMINUD", 0x1ffb: "VPMINUD", 0x2004: "PMAXSB", 0x200c: "VPMAXSB", 0x2015: "PMAXSD", 0x201d: "VPMAXSD", 0x2026: "PMAXUW", 0x202e: "VPMAXUW", 0x2037: "PMAXUD", 0x203f: "VPMAXUD", 0x2048: "PMULLD", 0x2050: "VPMULLD", 0x2059: "PHMINPOSUW", 0x2065: "VPHMINPOSUW", 0x2072: "INVEPT", 0x207a: "INVVPID", 0x2083: "INVPCID", 0x208c: "VFMADDSUB132PS", 0x209c: "VFMADDSUB132PD", 0x20ac: "VFMSUBADD132PS", 0x20bc: "VFMSUBADD132PD", 0x20cc: "VFMADD132PS", 0x20d9: "VFMADD132PD", 0x20e6: "VFMADD132SS", 0x20f3: "VFMADD132SD", 0x2100: "VFMSUB132PS", 0x210d: "VFMSUB132PD", 0x211a: "VFMSUB132SS", 0x2127: "VFMSUB132SD", 0x2134: "VFNMADD132PS", 0x2142: "VFNMADD132PD", 0x2150: "VFNMADD132SS", 0x215e: "VFNMADD132SD", 0x216c: "VFNMSUB132PS", 0x217a: "VFNMSUB132PD", 0x2188: "VFNMSUB132SS", 0x2196: "VFNMSUB132SD", 0x21a4: "VFMADDSUB213PS", 0x21b4: "VFMADDSUB213PD", 0x21c4: "VFMSUBADD213PS", 0x21d4: "VFMSUBADD213PD", 0x21e4: "VFMADD213PS", 0x21f1: "VFMADD213PD", 0x21fe: "VFMADD213SS", 0x220b: "VFMADD213SD", 0x2218: "VFMSUB213PS", 0x2225: "VFMSUB213PD", 0x2232: "VFMSUB213SS", 0x223f: "VFMSUB213SD", 0x224c: "VFNMADD213PS", 0x225a: "VFNMADD213PD", 0x2268: "VFNMADD213SS", 0x2276: "VFNMADD213SD", 0x2284: "VFNMSUB213PS", 0x2292: "VFNMSUB213PD", 0x22a0: "VFNMSUB213SS", 0x22ae: "VFNMSUB213SD", 0x22bc: "VFMADDSUB231PS", 0x22cc: "VFMADDSUB231PD", 0x22dc: "VFMSUBADD231PS", 0x22ec: "VFMSUBADD231PD", 0x22fc: "VFMADD231PS", 0x2309: "VFMADD231PD", 0x2316: "VFMADD231SS", 0x2323: "VFMADD231SD", 0x2330: "VFMSUB231PS", 0x233d: "VFMSUB231PD", 0x234a: "VFMSUB231SS", 0x2357: "VFMSUB231SD", 0x2364: "VFNMADD231PS", 0x2372: "VFNMADD231PD", 0x2380: "VFNMADD231SS", 0x238e: "VFNMADD231SD", 0x239c: "VFNMSUB231PS", 0x23aa: "VFNMSUB231PD", 0x23b8: "VFNMSUB231SS", 0x23c6: "VFNMSUB231SD", 0x23d4: "AESIMC", 0x23dc: "VAESIMC", 0x23e5: "AESENC", 0x23ed: "VAESENC", 0x23f6: "AESENCLAST", 0x2402: "VAESENCLAST", 0x240f: "AESDEC", 0x2417: "VAESDEC", 0x2420: "AESDECLAST", 0x242c: "VAESDECLAST", 0x2439: "MOVBE", 0x2440: "CRC32", 0x2447: "VPERM2F128", 0x2453: "ROUNDPS", 0x245c: "VROUNDPS", 0x2466: "ROUNDPD", 0x246f: "VROUNDPD", 0x2479: "ROUNDSS", 0x2482: "VROUNDSS", 0x248c: "ROUNDSD", 0x2495: "VROUNDSD", 0x249f: "BLENDPS", 0x24a8: "VBLENDPS", 0x24b2: "BLENDPD", 0x24bb: "VBLENDPD", 0x24c5: "PBLENDW", 0x24ce: "VPBLENDW", 0x24d8: "PALIGNR", 0x24e1: "VPALIGNR", 0x24eb: "PEXTRB", 0x24f3: "VPEXTRB", 0x24fc: "PEXTRD", 0x2504: "PEXTRQ", 0x250c: "VPEXTRD", 0x2515: "VPEXTRQ", 0x251e: "EXTRACTPS", 0x2529: "VEXTRACTPS", 0x2535: "VINSERTF128", 0x2542: "VEXTRACTF128", 0x2550: "PINSRB", 0x2558: "VPINSRB", 0x2561: "INSERTPS", 0x256b: "VINSERTPS", 0x2576: "PINSRD", 0x257e: "PINSRQ", 0x2586: "VPINSRD", 0x258f: "VPINSRQ", 0x2598: "DPPS", 0x259e: "VDPPS", 0x25a5: "DPPD", 0x25ab: "VDPPD", 0x25b2: "MPSADBW", 0x25bb: "VMPSADBW", 0x25c5: "PCLMULQDQ", 0x25d0: "VPCLMULQDQ", 0x25dc: "VBLENDVPS", 0x25e7: "VBLENDVPD", 0x25f2: "VPBLENDVB", 0x25fd: "PCMPESTRM", 0x2608: "VPCMPESTRM", 0x2614: "PCMPESTRI", 0x261f: "VPCMPESTRI", 0x262b: "PCMPISTRM", 0x2636: "VPCMPISTRM", 0x2642: "PCMPISTRI", 0x264d: "VPCMPISTRI", 0x2659: "AESKEYGENASSIST", 0x266a: "VAESKEYGENASSIST", 0x267c: "PSRLDQ", 0x2684: "VPSRLDQ", 0x268d: "PSLLDQ", 0x2695: "VPSLLDQ", 0x269e: "FXSAVE", 0x26a6: "FXSAVE64", 0x26b0: "RDFSBASE", 0x26ba: "FXRSTOR", 0x26c3: "FXRSTOR64", 0x26ce: "RDGSBASE", 0x26d8: "LDMXCSR", 0x26e1: "WRFSBASE", 0x26eb: "VLDMXCSR", 0x26f5: "STMXCSR", 0x26fe: "WRGSBASE", 0x2708: "VSTMXCSR", 0x2712: "VMPTRLD", 0x271b: "VMCLEAR", 0x2724: "VMXON", 0x272b: "MOVSXD", 0x2733: "PAUSE", 0x273a: "WAIT", 0x2740: "RDRAND", 0x2748: "_3DNOW" } Registers = ["RAX", "RCX", "RDX", "RBX", "RSP", "RBP", "RSI", "RDI", "R8", "R9", "R10", "R11", "R12", "R13", "R14", "R15", "EAX", "ECX", "EDX", "EBX", "ESP", "EBP", "ESI", "EDI", "R8D", "R9D", "R10D", "R11D", "R12D", "R13D", "R14D", "R15D", "AX", "CX", "DX", "BX", "SP", "BP", "SI", "DI", "R8W", "R9W", "R10W", "R11W", "R12W", "R13W", "R14W", "R15W", "AL", "CL", "DL", "BL", "AH", "CH", "DH", "BH", "R8B", "R9B", "R10B", "R11B", "R12B", "R13B", "R14B", "R15B", "SPL", "BPL", "SIL", "DIL", "ES", "CS", "SS", "DS", "FS", "GS", "RIP", "ST0", "ST1", "ST2", "ST3", "ST4", "ST5", "ST6", "ST7", "MM0", "MM1", "MM2", "MM3", "MM4", "MM5", "MM6", "MM7", "XMM0", "XMM1", "XMM2", "XMM3", "XMM4", "XMM5", "XMM6", "XMM7", "XMM8", "XMM9", "XMM10", "XMM11", "XMM12", "XMM13", "XMM14", "XMM15", "YMM0", "YMM1", "YMM2", "YMM3", "YMM4", "YMM5", "YMM6", "YMM7", "YMM8", "YMM9", "YMM10", "YMM11", "YMM12", "YMM13", "YMM14", "YMM15", "CR0", "", "CR2", "CR3", "CR4", "", "", "", "CR8", "DR0", "DR1", "DR2", "DR3", "", "", "DR6", "DR7"] # Special case R_NONE = 0xFF # -1 in uint8 FLAGS = [ # The instruction locks memory access. "FLAG_LOCK", # The instruction is prefixed with a REPNZ. "FLAG_REPNZ", # The instruction is prefixed with a REP, this can be a REPZ, it depends on the specific instruction. "FLAG_REP", # Indicates there is a hint taken for Jcc instructions only. "FLAG_HINT_TAKEN", # Indicates there is a hint non-taken for Jcc instructions only. "FLAG_HINT_NOT_TAKEN", # The Imm value is signed extended. "FLAG_IMM_SIGNED", # The destination operand is writable. "FLAG_DST_WR", # The instruction uses the RIP-relative indirection. "FLAG_RIP_RELATIVE" ] # Instruction could not be disassembled. Special-case handling FLAG_NOT_DECODABLE = 0xFFFF # -1 in uint16 # Some features DF_NONE = 0 DF_MAXIMUM_ADDR16 = 1 DF_MAXIMUM_ADDR32 = 2 DF_RETURN_FC_ONLY = 4 # Flow control flags DF_STOP_ON_CALL = 0x8 DF_STOP_ON_RET = 0x10 DF_STOP_ON_SYS = 0x20 DF_STOP_ON_UNC_BRANCH = 0x40 DF_STOP_ON_CND_BRANCH = 0x80 DF_STOP_ON_INT = 0x100 DF_STOP_ON_CMOV = 0x200 DF_STOP_ON_FLOW_CONTROL = (DF_STOP_ON_CALL | DF_STOP_ON_RET | DF_STOP_ON_SYS | \ DF_STOP_ON_UNC_BRANCH | DF_STOP_ON_CND_BRANCH | DF_STOP_ON_INT | DF_STOP_ON_CMOV) def DecodeGenerator(codeOffset, code, dt): """ @type codeOffset: long @param codeOffset: Memory address where the code is located. This is B{not} an offset into the code! It's the actual memory address where it was read from. @type code: str @param code: Code to disassemble. @type dt: int @param dt: Disassembly type. Can be one of the following: * L{Decode16Bits}: 80286 decoding * L{Decode32Bits}: IA-32 decoding * L{Decode64Bits}: AMD64 decoding @rtype: generator of tuple( long, int, str, str ) @return: Generator of tuples. Each tuple represents an assembly instruction and contains: - Memory address of instruction. - Size of instruction in bytes. - Disassembly line of instruction. - Hexadecimal dump of instruction. @raise ValueError: Invalid arguments. """ if not code: return if not codeOffset: codeOffset = 0 if dt not in (Decode16Bits, Decode32Bits, Decode64Bits): raise ValueError("Invalid decode type value: %r" % (dt,)) codeLen = len(code) code_buf = create_string_buffer(code) p_code = byref(code_buf) result = (_DecodedInst * MAX_INSTRUCTIONS)() p_result = byref(result) instruction_off = 0 # Support cross Python compatibility toUnicode = lambda s: s spaceCh = b" " if sys.version_info[0] >= 3: if sys.version_info[1] > 0: toUnicode = lambda s: s.decode() else: spaceCh = " " while codeLen > 0: usedInstructionsCount = c_uint(0) status = internal_decode(_OffsetType(codeOffset), p_code, codeLen, dt, p_result, MAX_INSTRUCTIONS, byref(usedInstructionsCount)) if status == DECRES_INPUTERR: raise ValueError("Invalid arguments passed to distorm_decode()") used = usedInstructionsCount.value if not used: break for index in xrange(used): di = result[index] asm = di.mnemonic.p if len(di.operands.p): asm += spaceCh + di.operands.p pydi = (di.offset, di.size, toUnicode(asm), toUnicode(di.instructionHex.p)) instruction_off += di.size yield pydi di = result[used - 1] delta = di.offset - codeOffset + result[used - 1].size if delta <= 0: break codeOffset = codeOffset + delta p_code = byref(code_buf, instruction_off) codeLen = codeLen - delta def Decode(offset, code, type = Decode32Bits): """ @type offset: long @param offset: Memory address where the code is located. This is B{not} an offset into the code! It's the actual memory address where it was read from. @type code: str @param code: Code to disassemble. @type type: int @param type: Disassembly type. Can be one of the following: * L{Decode16Bits}: 80286 decoding * L{Decode32Bits}: IA-32 decoding * L{Decode64Bits}: AMD64 decoding @rtype: list of tuple( long, int, str, str ) @return: List of tuples. Each tuple represents an assembly instruction and contains: - Memory address of instruction. - Size of instruction in bytes. - Disassembly line of instruction. - Hexadecimal dump of instruction. @raise ValueError: Invalid arguments. """ return list(DecodeGenerator(offset, code, type)) OPERAND_NONE = "" OPERAND_IMMEDIATE = "Immediate" OPERAND_REGISTER = "Register" # the operand is a memory address OPERAND_ABSOLUTE_ADDRESS = "AbsoluteMemoryAddress" # The address calculated is absolute OPERAND_MEMORY = "AbsoluteMemory" # The address calculated uses registers expression OPERAND_FAR_MEMORY = "FarMemory" # like absolute but with selector/segment specified too InstructionSetClasses = [ "ISC_UNKNOWN", # Indicates the instruction belongs to the General Integer set. "ISC_INTEGER", # Indicates the instruction belongs to the 387 FPU set. "ISC_FPU", # Indicates the instruction belongs to the P6 set. "ISC_P6", # Indicates the instruction belongs to the MMX set. "ISC_MMX", # Indicates the instruction belongs to the SSE set. "ISC_SSE", # Indicates the instruction belongs to the SSE2 set. "ISC_SSE2", # Indicates the instruction belongs to the SSE3 set. "ISC_SSE3", # Indicates the instruction belongs to the SSSE3 set. "ISC_SSSE3", # Indicates the instruction belongs to the SSE4.1 set. "ISC_SSE4_1", # Indicates the instruction belongs to the SSE4.2 set. "ISC_SSE4_2", # Indicates the instruction belongs to the AMD's SSE4.A set. "ISC_SSE4_A", # Indicates the instruction belongs to the 3DNow! set. "ISC_3DNOW", # Indicates the instruction belongs to the 3DNow! Extensions set. "ISC_3DNOWEXT", # Indicates the instruction belongs to the VMX (Intel) set. "ISC_VMX", # Indicates the instruction belongs to the SVM (AMD) set. "ISC_SVM", # Indicates the instruction belongs to the AVX (Intel) set. "ISC_AVX", # Indicates the instruction belongs to the FMA (Intel) set. "ISC_FMA", # Indicates the instruction belongs to the AES/AVX (Intel) set. "ISC_AES", # Indicates the instruction belongs to the CLMUL (Intel) set. "ISC_CLMUL", ] FlowControlFlags = [ # Indicates the instruction is not a flow-control instruction. "FC_NONE", # Indicates the instruction is one of: CALL, CALL FAR. "FC_CALL", # Indicates the instruction is one of: RET, IRET, RETF. "FC_RET", # Indicates the instruction is one of: SYSCALL, SYSRET, SYSENTER, SYSEXIT. "FC_SYS", # Indicates the instruction is one of: JMP, JMP FAR. "FC_UNC_BRANCH", # Indicates the instruction is one of: # JCXZ, JO, JNO, JB, JAE, JZ, JNZ, JBE, JA, JS, JNS, JP, JNP, JL, JGE, JLE, JG, LOOP, LOOPZ, LOOPNZ. "FC_CND_BRANCH", # Indiciates the instruction is one of: INT, INT1, INT 3, INTO, UD2. "FC_INT", # Indicates the instruction is one of: CMOVxx. "FC_CMOV" ] def _getOpSize(flags): return ((flags >> 7) & 3) def _getISC(metaflags): realvalue = ((metaflags >> 3) & 0x1f) return InstructionSetClasses[realvalue] def _getFC(metaflags): realvalue = (metaflags & 0x7) try: return FlowControlFlags[realvalue] except IndexError: print ("Bad meta-flags: {}".format(realvalue)) raise def _getMnem(opcode): return Mnemonics.get(opcode, "UNDEFINED") def _unsignedToSigned64(val): return int(val if val < 0x8000000000000000 else (val - 0x10000000000000000)) def _unsignedToSigned32(val): return int(val if val < 0x80000000 else (val - 0x10000000)) if SUPPORT_64BIT_OFFSET: _unsignedToSigned = _unsignedToSigned64 else: _unsignedToSigned = _unsignedToSigned32 class Operand (object): def __init__(self, type, *args): self.type = type self.index = None self.name = "" self.size = 0 self.value = 0 self.disp = 0 self.dispSize = 0 self.base = 0 self.segment = 0 if type == OPERAND_IMMEDIATE: self.value = int(args[0]) self.size = args[1] elif type == OPERAND_REGISTER: self.index = args[0] self.size = args[1] self.name = Registers[self.index] elif type == OPERAND_MEMORY: self.base = args[0] if args[0] != R_NONE else None self.index = args[1] self.size = args[2] self.scale = args[3] if args[3] > 1 else 1 self.disp = int(args[4]) self.dispSize = args[5] self.segment = args[6] elif type == OPERAND_ABSOLUTE_ADDRESS: self.size = args[0] self.disp = int(args[1]) self.dispSize = args[2] self.segment = args[3] elif type == OPERAND_FAR_MEMORY: self.size = args[2] self.seg = args[0] self.off = args[1] def _toText(self): if self.type == OPERAND_IMMEDIATE: if self.value >= 0: return "0x%x" % self.value else: return "-0x%x" % abs(self.value) elif self.type == OPERAND_REGISTER: return self.name elif self.type == OPERAND_ABSOLUTE_ADDRESS: return '[0x%x]' % self.disp elif self.type == OPERAND_FAR_MEMORY: return '%s:%s' % (hex(self.seg), hex(self.off)) elif (self.type == OPERAND_MEMORY): result = "[" if self.base != None: result += Registers[self.base] + "+" if self.index != None: result += Registers[self.index] if self.scale > 1: result += "*%d" % self.scale if self.disp >= 0: result += "+0x%x" % self.disp else: result += "-0x%x" % abs(self.disp) return result + "]" def __str__(self): return self._toText() class Instruction (object): def __init__(self, di, instructionBytes, dt): "Expects a filled _DInst structure, and the corresponding byte code of the whole instruction" #self.di = di flags = di.flags self.instructionBytes = instructionBytes self.opcode = di.opcode self.operands = [] self.flags = [] self.rawFlags = di.flags self.instructionClass = _getISC(0) self.flowControl = _getFC(0) self.address = di.addr self.size = di.size self.dt = dt self.valid = False if di.segment != R_NONE: self.segment = di.segment & 0x7f self.isSegmentDefault = (di.segment & 0x80) == 0x80 else: self.segment = R_NONE self.isSegmentDefault = False self.unusedPrefixesMask = di.unusedPrefixesMask if flags == FLAG_NOT_DECODABLE: self.mnemonic = 'DB 0x%02x' % (di.imm.byte) self.flags = ['FLAG_NOT_DECODABLE'] return self.valid = True self.mnemonic = _getMnem(self.opcode) # decompose the flags for a valid opcode for index, flag in enumerate(FLAGS): if (flags & (1 << index)) != 0: self.flags.append(flag) # read the operands for operand in di.ops: if operand.type != O_NONE: self.operands.append(self._extractOperand(di, operand)) # decode the meta-flags metas = di.meta self.instructionClass = _getISC(metas) self.flowControl = _getFC(metas) def _extractOperand(self, di, operand): # a single operand can be up to: reg1 + reg2*scale + constant if operand.type == O_IMM: if ("FLAG_IMM_SIGNED" in self.flags): # immediate is sign-extended, do your thing. it's already signed, just make it Python-signed. constant = _unsignedToSigned(di.imm.sqword) else: # immediate is zero-extended, though it's already aligned. constant = di.imm.qword return Operand(OPERAND_IMMEDIATE, constant, operand.size) elif operand.type == O_IMM1: # first operand for ENTER return Operand(OPERAND_IMMEDIATE, di.imm.ex.i1, operand.size) elif operand.type == O_IMM2: # second operand for ENTER return Operand(OPERAND_IMMEDIATE, di.imm.ex.i2, operand.size) elif operand.type == O_REG: return Operand(OPERAND_REGISTER, operand.index, operand.size) elif operand.type == O_MEM: return Operand(OPERAND_MEMORY, di.base, operand.index, operand.size, di.scale, _unsignedToSigned(di.disp), di.dispSize, self.segment) elif operand.type == O_SMEM: return Operand(OPERAND_MEMORY, None, operand.index, operand.size, di.scale, _unsignedToSigned(di.disp), di.dispSize, self.segment) elif operand.type == O_DISP: return Operand(OPERAND_ABSOLUTE_ADDRESS, operand.size, di.disp, di.dispSize, self.segment) elif operand.type == O_PC: return Operand(OPERAND_IMMEDIATE, _unsignedToSigned(di.imm.addr) + self.address + self.size, operand.size) elif operand.type == O_PTR: return Operand(OPERAND_FAR_MEMORY, di.imm.ptr.seg, di.imm.ptr.off, operand.size) else: raise ValueError("Unknown operand type encountered: %d!" % operand.type) def _toText(self): # use the decode which already returns the text formatted well (with prefixes, etc). return Decode(self.address, self.instructionBytes, self.dt)[0][2] def __str__(self): return self._toText() def DecomposeGenerator(codeOffset, code, dt, features = 0): """ @type codeOffset: long @param codeOffset: Memory address where the code is located. This is B{not} an offset into the code! It's the actual memory address where it was read from. @type code: str, in Py3 bytes @param code: Code to disassemble. @type dt: int @param dt: Disassembly type. Can be one of the following: * L{Decode16Bits}: 80286 decoding * L{Decode32Bits}: IA-32 decoding * L{Decode64Bits}: AMD64 decoding @type features: int @param features: A flow control stopping criterion, eg. DF_STOP_ON_CALL. or other features, eg. DF_RETURN_FC_ONLY. @rtype: generator of TODO @return: Generator of TODO @raise ValueError: Invalid arguments. """ if not code: return if not codeOffset: codeOffset = 0 if dt not in (Decode16Bits, Decode32Bits, Decode64Bits): raise ValueError("Invalid decode type value: %r" % (dt,)) codeLen = len(code) code_buf = create_string_buffer(code) p_code = byref(code_buf) result = (_DInst * MAX_INSTRUCTIONS)() instruction_off = 0 while codeLen > 0: usedInstructionsCount = c_uint(0) codeInfo = _CodeInfo(_OffsetType(codeOffset), _OffsetType(0), cast(p_code, c_char_p), codeLen, dt, features) status = internal_decompose(byref(codeInfo), byref(result), MAX_INSTRUCTIONS, byref(usedInstructionsCount)) if status == DECRES_INPUTERR: raise ValueError("Invalid arguments passed to distorm_decode()") used = usedInstructionsCount.value if not used: break delta = 0 for index in range(used): di = result[index] yield Instruction(di, code[instruction_off : instruction_off + di.size], dt) delta += di.size instruction_off += di.size if delta <= 0: break codeOffset = codeOffset + delta p_code = byref(code_buf, instruction_off) codeLen = codeLen - delta if (features & DF_STOP_ON_FLOW_CONTROL) != 0: break # User passed a stop flag. def Decompose(offset, code, type = Decode32Bits, features = 0): """ @type offset: long @param offset: Memory address where the code is located. This is B{not} an offset into the code! It's the actual memory address where it was read from. @type code: str, in Py3 bytes @param code: Code to disassemble. @type type: int @param type: Disassembly type. Can be one of the following: * L{Decode16Bits}: 80286 decoding * L{Decode32Bits}: IA-32 decoding * L{Decode64Bits}: AMD64 decoding @type features: int @param features: A flow control stopping criterion, eg. DF_STOP_ON_CALL. or other features, eg. DF_RETURN_FC_ONLY. @rtype: TODO @return: TODO @raise ValueError: Invalid arguments. """ return list(DecomposeGenerator(offset, code, type, features)) distorm-3.4.1/setup.cfg000066400000000000000000000001501340425302400150120ustar00rootroot00000000000000[wheel] universal = 1 [install] force=1 compile=1 optimize=1 [bdist_wininst] user-access-control=auto distorm-3.4.1/setup.py000077500000000000000000000277441340425302400147300ustar00rootroot00000000000000#!/usr/bin/env python # Copyright (c) 2009, Mario Vilas # Rob Ruana 2010 # Gil Dabah # All rights reserved. # Licensed under BSD. # __revision__ = "$Id: setup.py 603 2010-01-31 00:11:05Z qvasimodo $" import re import os import os.path import platform import string import shutil import sys import subprocess as sp from glob import glob from shutil import ignore_patterns from setuptools import dist from distutils import log from distutils.command.build import build from distutils.command.build_clib import build_clib from distutils.command.clean import clean from setuptools.command.install import install from distutils.command.install_lib import install_lib from distutils.command.sdist import sdist from distutils.core import setup, Extension from distutils.errors import DistutilsSetupError def scanfor_vc_all(): fname = "vcvarsall.bat" startDir = "C:\\Program Files (x86)\\Microsoft Visual Studio\\" print("searching for %s" % fname) for dirpath, dirnames, filenames in os.walk(startDir): for f in filenames: if f == fname: return os.path.join(dirpath, f) def compile_vc(solution_path, config, platform): match_vs = re.compile('vs(\d+)comntools$', re.I).match compilers = [ m.group(1, 0) for m in (match_vs(k) for k in os.environ.keys()) if m is not None ] msbuild = [ 'msbuild', '/p:Configuration=%s' % config, '/p:Platform=%s' % platform, solution_path ] for ver, var in sorted(compilers, key = lambda v: -int(v[0])): bat = os.path.join(os.environ[var], r'..\..\vc\vcvarsall.bat') try: log.info('Compiling with %s: %s', var, ' '.join(msbuild)) sp.check_call(['call', bat, '&&'] + msbuild, shell = True) return except sp.CalledProcessError: log.info('compilation with %s failed', var) # Try brute force find the batch file for VS env try: bat = scanfor_vc_all() log.info('Compiling with %s' % bat) sp.check_call(['call', bat, 'x86_amd64' if platform=='x64' else 'x86', '&&'] + msbuild, shell = True) return except sp.CalledProcessError: log.info('compilation failed') raise DistutilsSetupError( 'Failed to compile "%s" with any available compiler' % solution_path ) def get_sources(): """Returns a list of C source files that should be compiled to create the libdistorm3 library. """ return sorted(glob('src/*.c')) class custom_build(build): """Customized build command""" def run(self): log.info('running custom_build') if 'windows' in platform.system().lower(): bits = 'win32' # x86 by default # If x64 is specified in command line, change it here for i in sys.argv: if i.find("--plat-name=win-amd64") != -1: bits = 'x64' compile_vc('make/win32/distorm.sln', 'dll', bits) self.copy_file('distorm3.dll', 'python/distorm3') build.run(self) class custom_build_clib(build_clib): """Customized build_clib command This custom_build_clib will create dynamically linked libraries rather than statically linked libraries. In addition, it places the compiled libraries alongside the python packages, to facilitate the use of ctypes. """ def finalize_options(self): # We want build-clib to default to build-lib as defined by the # "build" command. This is so the compiled library will be put # in the right place along side the python code. self.set_undefined_options('build', ('build_lib', 'build_clib'), ('build_temp', 'build_temp'), ('compiler', 'compiler'), ('debug', 'debug'), ('force', 'force')) self.libraries = self.distribution.libraries if self.libraries: # In Python 3.0 they have a bug in check_library_list, comment it out then. self.check_library_list(self.libraries) if self.include_dirs is None: self.include_dirs = self.distribution.include_dirs or [] if type(self.include_dirs) in (bytes, str): self.include_dirs = string.split(self.include_dirs, os.pathsep) def get_source_files_for_lib(self, lib_name, build_info): sources = build_info.get('sources', []) if hasattr(sources, '__call__'): sources = sources() if (sources is None or type(sources) not in (list, tuple) or len(sources) == 0): raise DistutilsSetupError( "in 'libraries' option (library '%s'), 'sources' must be " "present and must be a list of source filenames" % lib_name ) return sources def get_source_files(self): self.check_library_list(self.libraries) filenames = [] for (lib_name, build_info) in self.libraries: sources = self.get_source_files_for_lib(lib_name, build_info) filenames.extend(sources) return filenames def run(self): log.info('running custom_build_clib') build_clib.run(self) def build_libraries(self, libraries): for (lib_name, build_info) in libraries: sources = self.get_source_files_for_lib(lib_name, build_info) sources = list(sources) log.info("building '%s' library", lib_name) # First, compile the source code to object files in the # library directory. macros = build_info.get('macros') include_dirs = build_info.get('include_dirs') objects = self.compiler.compile(sources, output_dir=self.build_temp, macros=macros, include_dirs=include_dirs, extra_postargs=build_info.get('extra_compile_args', []), debug=self.debug) # Then link the object files and put the result in the # package build directory. package = build_info.get('package', '') self.compiler.link_shared_lib( objects, lib_name, output_dir=os.path.join(self.build_clib, package), extra_postargs=build_info.get('extra_link_args', []), debug=self.debug,) class custom_clean(clean): """Customized clean command Customized clean command removes .pyc files from the project, as well as build and dist directories.""" def run(self): log.info('running custom_clean') # Remove .pyc files if hasattr(os, 'walk'): for root, dirs, files in os.walk('.'): for f in files: if f.endswith('.pyc'): log.info("removing '%s'" % f) try: os.unlink(f) except: pass # Remove generated directories for dir in ['build', 'dist']: if os.path.exists(dir): log.info("removing '%s' (and everything under it)"%dir) try: shutil.rmtree(dir, ignore_errors=True) except: pass clean.run(self) class custom_sdist(sdist): """Customized sdist command""" def run(self): log.info('running custom_sdist') sdist.run(self) class BinaryDistribution(dist.Distribution): def is_pure(self): return False def has_ext_modules(self): return True class custom_install(install): def finalize_options(self): install.finalize_options(self) self.install_lib = self.install_platlib def main(): # Just in case we are being called from a different directory cwd = os.path.dirname(__file__) if cwd: os.chdir(cwd) # Get the target platform system = platform.system().lower() # Setup the extension module # Setup the library ext_modules = None libraries = None package_data = [] if 'windows' in system: package_data = ['distorm3.dll'] elif 'darwin' in system or 'macosx' in system: libraries = [( 'distorm3', dict( package='distorm3', sources=get_sources, include_dirs=['src', 'include'], extra_compile_args=['-arch', 'i386', '-arch', 'x86_64', '-O2', '-Wall', '-fPIC', '-DSUPPORT_64BIT_OFFSET', '-DDISTORM_DYNAMIC']))] elif 'cygwin' in system: libraries = [( 'distorm3', dict( package='distorm3', sources=get_sources, include_dirs=['src', 'include'], extra_compile_args=['-fPIC', '-O2', '-Wall', '-DSUPPORT_64BIT_OFFSET', '-DDISTORM_STATIC']))] else: libraries = [( 'distorm3', dict( package='distorm3', sources=get_sources, include_dirs=['src', 'include'], extra_link_args=['-Wl,-soname,libdistorm3.so.3'], extra_compile_args=['-fPIC', '-O2', '-Wall', '-DSUPPORT_64BIT_OFFSET', '-DDISTORM_STATIC']))] options = { # Setup instructions 'requires' : ['ctypes'], 'provides' : ['distorm3'], 'packages' : ['distorm3'], 'package_dir' : { '' : 'python' }, 'cmdclass' : { 'build' : custom_build, 'build_clib' : custom_build_clib, 'clean' : custom_clean, 'sdist' : custom_sdist, 'install' : custom_install }, 'libraries' : libraries, 'package_data' : {'distorm3': package_data}, 'distclass' : BinaryDistribution, # Metadata 'name' : 'distorm3', 'version' : '3.4.1', 'description' : 'The goal of diStorm3 is to decode x86/AMD64' \ ' binary streams and return a structure that' \ ' describes each instruction.', 'long_description' : ( 'Powerful Disassembler Library For AMD64\n' 'by Gil Dabah (distorm@gmail.com)\n' '\n' 'Python bindings by Mario Vilas (mvilas@gmail.com)' ), 'author' : 'Gil Dabah', 'author_email' : 'distorm@gmail.com', 'maintainer' : 'Gil Dabah', 'maintainer_email' : 'distorm@gmail.com', 'url' : 'https://github.com/gdabah/distorm/', 'download_url' : 'https://github.com/gdabah/distorm/', 'platforms' : ['cygwin', 'win', 'linux', 'macosx'], 'classifiers' : [ 'License :: OSI Approved :: BSD License', 'Development Status :: 5 - Production/Stable', 'Intended Audience :: Developers', 'Natural Language :: English', 'Operating System :: Microsoft :: Windows', 'Operating System :: MacOS :: MacOS X', 'Operating System :: POSIX :: Linux', 'Programming Language :: Python :: 2.7', 'Programming Language :: Python :: 3.5', 'Topic :: Software Development :: Disassemblers', 'Topic :: Software Development :: Libraries :: Python Modules', ] } # Call the setup function setup(**options) if __name__ == '__main__': main() distorm-3.4.1/src/000077500000000000000000000000001340425302400137645ustar00rootroot00000000000000distorm-3.4.1/src/config.h000077500000000000000000000107471340425302400154160ustar00rootroot00000000000000/* config.h diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #ifndef CONFIG_H #define CONFIG_H /* diStorm version number. */ #define __DISTORMV__ 0x030400 #include /* memset, memcpy - can be easily self implemented for libc independency. */ #include "../include/distorm.h" /* * 64 bit offsets support: * This macro should be defined from compiler command line flags, e.g: -DSUPPORT_64BIT_OFFSET * Note: make sure that the caller (library user) defines it too! */ /* #define SUPPORT_64BIT_OFFSET */ /* * If you compile diStorm as a dynamic library (.dll or .so) file, make sure you uncomment the next line. * So the interface functions will be exported, otherwise they are useable only for static library. * For example, this macro is being set for compiling diStorm as a .dll for Python with CTypes. */ /* #define DISTORM_DYNAMIC */ /* * If DISTORM_LIGHT is defined, everything involved in formatting the instructions * as text will be excluded from compilation. * distorm_decode(..) and distorm_format(..) will not be available. * This will decrease the size of the executable and leave you with decomposition functionality only. * * Note: it should be either set in the preprocessor definitions manually or in command line -D switch. * #define DISTORM_LIGHT */ /* * diStorm now supports little/big endian CPU's. * It should detect the endianness according to predefined macro's of the compiler. * If you don't use GCC/MSVC you will have to define it on your own. */ /* These macros are used in order to make the code portable. */ #ifdef __GNUC__ #include #define _DLLEXPORT_ #define _FASTCALL_ #define _INLINE_ static /* GCC ignores this directive... */ /*#define _FASTCALL_ __attribute__((__fastcall__))*/ /* Set endianity (supposed to be LE though): */ #ifdef __BIG_ENDIAN__ #define BE_SYSTEM #endif /* End of __GCC__ */ #elif __WATCOMC__ #include #define _DLLEXPORT_ #define _FASTCALL_ #define _INLINE_ __inline /* End of __WATCOMC__ */ #elif __DMC__ #include #define _DLLEXPORT_ #define _FASTCALL_ #define _INLINE_ __inline /* End of __DMC__ */ #elif __TINYC__ #include #define _DLLEXPORT_ #define _FASTCALL_ #define _INLINE_ /* End of __TINYC__ */ #elif _MSC_VER /* stdint alternative is defined in distorm.h */ #define _DLLEXPORT_ __declspec(dllexport) #define _FASTCALL_ __fastcall #define _INLINE_ __inline /* Set endianity (supposed to be LE though): */ #if !defined(_M_IX86) && !defined(_M_X64) #define BE_SYSTEM #endif #endif /* #elif _MSC_VER */ /* If the library isn't compiled as a dynamic library don't export any functions. */ #ifndef DISTORM_DYNAMIC #undef _DLLEXPORT_ #define _DLLEXPORT_ #endif #ifndef FALSE #define FALSE 0 #endif #ifndef TRUE #define TRUE 1 #endif /* Define stream read functions for big endian systems. */ #ifdef BE_SYSTEM /* Avoid defining 'static static' for GCC. */ #ifndef __GNUC__ #define STATIC_INLINE static _INLINE_ #else #define STATIC_INLINE static #endif /* * Assumption: These functions can read from the stream safely! * Swap endianity of input to little endian. */ STATIC_INLINE int16_t RSHORT(const uint8_t *s) { return s[0] | (s[1] << 8); } STATIC_INLINE uint16_t RUSHORT(const uint8_t *s) { return s[0] | (s[1] << 8); } STATIC_INLINE int32_t RLONG(const uint8_t *s) { return s[0] | (s[1] << 8) | (s[2] << 16) | (s[3] << 24); } STATIC_INLINE uint32_t RULONG(const uint8_t *s) { return s[0] | (s[1] << 8) | (s[2] << 16) | (s[3] << 24); } STATIC_INLINE int64_t RLLONG(const uint8_t *s) { return s[0] | (s[1] << 8) | (s[2] << 16) | (s[3] << 24) | ((uint64_t)s[4] << 32) | ((uint64_t)s[5] << 40) | ((uint64_t)s[6] << 48) | ((uint64_t)s[7] << 56); } STATIC_INLINE uint64_t RULLONG(const uint8_t *s) { return s[0] | (s[1] << 8) | (s[2] << 16) | (s[3] << 24) | ((uint64_t)s[4] << 32) | ((uint64_t)s[5] << 40) | ((uint64_t)s[6] << 48) | ((uint64_t)s[7] << 56); } #undef STATIC_INLINE #else /* Little endian macro's will just make the cast. */ #define RSHORT(x) *(int16_t *)x #define RUSHORT(x) *(uint16_t *)x #define RLONG(x) *(int32_t *)x #define RULONG(x) *(uint32_t *)x #define RLLONG(x) *(int64_t *)x #define RULLONG(x) *(uint64_t *)x #endif #endif /* CONFIG_H */ distorm-3.4.1/src/decoder.c000077500000000000000000000613521340425302400155470ustar00rootroot00000000000000/* decoder.c diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #include "decoder.h" #include "instructions.h" #include "insts.h" #include "prefix.h" #include "x86defs.h" #include "operands.h" #include "insts.h" #include "../include/mnemonics.h" /* Instruction Prefixes - Opcode - ModR/M - SIB - Displacement - Immediate */ static _DecodeType decode_get_effective_addr_size(_DecodeType dt, _iflags decodedPrefixes) { /* * This table is to map from the current decoding mode to an effective address size: * Decode16 -> Decode32 * Decode32 -> Decode16 * Decode64 -> Decode32 */ static _DecodeType AddrSizeTable[] = {Decode32Bits, Decode16Bits, Decode32Bits}; /* Switch to non default mode if prefix exists, only for ADDRESS SIZE. */ if (decodedPrefixes & INST_PRE_ADDR_SIZE) dt = AddrSizeTable[dt]; return dt; } static _DecodeType decode_get_effective_op_size(_DecodeType dt, _iflags decodedPrefixes, unsigned int rex, _iflags instFlags) { /* * This table is to map from the current decoding mode to an effective operand size: * Decode16 -> Decode32 * Decode32 -> Decode16 * Decode64 -> Decode16 * Not that in 64bits it's a bit more complicated, because of REX and promoted instructions. */ static _DecodeType OpSizeTable[] = {Decode32Bits, Decode16Bits, Decode16Bits}; if (decodedPrefixes & INST_PRE_OP_SIZE) return OpSizeTable[dt]; if (dt == Decode64Bits) { /* * REX Prefix toggles data size to 64 bits. * Operand size prefix toggles data size to 16. * Default data size is 32 bits. * Promoted instructions are 64 bits if they don't require a REX perfix. * Non promoted instructions are 64 bits if the REX prefix exists. */ /* Automatically promoted instructions have only INST_64BITS SET! */ if (((instFlags & (INST_64BITS | INST_PRE_REX)) == INST_64BITS) || /* Other instructions in 64 bits can be promoted only with a REX prefix. */ ((decodedPrefixes & INST_PRE_REX) && (rex & PREFIX_EX_W))) dt = Decode64Bits; else dt = Decode32Bits; /* Default. */ } return dt; } /* A helper macro to convert from diStorm's CPU flags to EFLAGS. */ #define CONVERT_FLAGS_TO_EFLAGS(dst, src, field) dst->field = ((src->field & D_COMPACT_SAME_FLAGS) | \ ((src->field & D_COMPACT_IF) ? D_IF : 0) | \ ((src->field & D_COMPACT_DF) ? D_DF : 0) | \ ((src->field & D_COMPACT_OF) ? D_OF : 0)); static _DecodeResult decode_inst(_CodeInfo* ci, _PrefixState* ps, _DInst* di) { /* Remember whether the instruction is privileged. */ uint16_t privilegedFlag = 0; /* The ModR/M byte of the current instruction. */ unsigned int modrm = 0; /* The REX/VEX prefix byte value. */ unsigned int vrex = ps->vrex; /* * Backup original input, so we can use it later if a problem occurs * (like not enough data for decoding, invalid opcode, etc). */ const uint8_t* startCode = ci->code; /* Holds the info about the current found instruction. */ _InstInfo* ii = NULL; _InstInfo iip; /* Privileged instruction cache. */ _InstSharedInfo* isi = NULL; /* Used only for special CMP instructions which have pseudo opcodes suffix. */ unsigned char cmpType = 0; /* * Indicates whether it is right to LOCK the instruction by decoding its first operand. * Only then you know if it's ok to output the LOCK prefix's text... * Used for first operand only. */ int lockable = FALSE; /* Calculate (and cache) effective-operand-size and effective-address-size only once. */ _DecodeType effOpSz, effAdrSz; _iflags instFlags; ii = inst_lookup(ci, ps); if (ii == NULL) goto _Undecodable; isi = &InstSharedInfoTable[ii->sharedIndex]; instFlags = FlagsTable[isi->flagsIndex]; privilegedFlag = ii->opcodeId & OPCODE_ID_PRIVILEGED; if (privilegedFlag) { /* * Copy the privileged instruction info so we can remove the privileged bit * from the opcodeId field. This makes sure we're not modifying the tables * in case we lookup this privileged instruction later. */ iip = *ii; iip.opcodeId &= ~OPCODE_ID_PRIVILEGED; ii = &iip; } /* * If both REX and OpSize are available we will have to disable the OpSize, because REX has precedence. * However, only if REX.W is set ! * We had to wait with this test, since the operand size may be a mandatory prefix, * and we know it only after prefetching. */ if ((ps->prefixExtType == PET_REX) && (ps->decodedPrefixes & INST_PRE_OP_SIZE) && (!ps->isOpSizeMandatory) && (vrex & PREFIX_EX_W)) { ps->decodedPrefixes &= ~INST_PRE_OP_SIZE; prefixes_ignore(ps, PFXIDX_OP_SIZE); } /* * In this point we know the instruction we are about to decode and its operands (unless, it's an invalid one!), * so it makes it the right time for decoding-type suitability testing. * Which practically means, don't allow 32 bits instructions in 16 bits decoding mode, but do allow * 16 bits instructions in 32 bits decoding mode, of course... * NOTE: Make sure the instruction set for 32 bits has explicitly this specific flag set. * NOTE2: Make sure the instruction set for 64 bits has explicitly this specific flag set. * If this is the case, drop what we've got and restart all over after DB'ing that byte. * Though, don't drop an instruction which is also supported in 16 and 32 bits. */ /* ! ! ! DISABLED UNTIL FURTHER NOTICE ! ! ! Decode16Bits CAN NOW DECODE 32 BITS INSTRUCTIONS ! ! !*/ /* if (ii && (dt == Decode16Bits) && (instFlags & INST_32BITS) && (~instFlags & INST_16BITS)) ii = NULL; */ /* Drop instructions which are invalid in 64 bits. */ if ((ci->dt == Decode64Bits) && (instFlags & INST_INVALID_64BITS)) goto _Undecodable; /* If it's only a 64 bits instruction drop it in other decoding modes. */ if ((ci->dt != Decode64Bits) && (instFlags & INST_64BITS_FETCH)) goto _Undecodable; if (instFlags & INST_MODRM_REQUIRED) { /* If the ModRM byte is not part of the opcode, skip the last byte code, so code points now to ModRM. */ if (~instFlags & INST_MODRM_INCLUDED) { ci->code++; if (--ci->codeLen < 0) goto _Undecodable; } modrm = *ci->code; /* Some instructions enforce that reg=000, so validate that. (Specifically EXTRQ). */ if ((instFlags & INST_FORCE_REG0) && (((modrm >> 3) & 7) != 0)) goto _Undecodable; /* Some instructions enforce that mod=11, so validate that. */ if ((instFlags & INST_MODRR_REQUIRED) && (modrm < INST_DIVIDED_MODRM)) goto _Undecodable; } ci->code++; /* Skip the last byte we just read (either last opcode's byte code or a ModRM). */ /* Cache the effective operand-size and address-size. */ effOpSz = decode_get_effective_op_size(ci->dt, ps->decodedPrefixes, vrex, instFlags); effAdrSz = decode_get_effective_addr_size(ci->dt, ps->decodedPrefixes); memset(di, 0, sizeof(_DInst)); di->base = R_NONE; /* * Try to extract the next operand only if the latter exists. * For example, if there is not first operand, no reason to try to extract second operand... * I decided that a for-break is better for readability in this specific case than goto. * Note: do-while with a constant 0 makes the compiler warning about it. */ for (;;) { if (isi->d != OT_NONE) { if (!operands_extract(ci, di, ii, instFlags, (_OpType)isi->d, ONT_1, modrm, ps, effOpSz, effAdrSz, &lockable)) goto _Undecodable; } else break; if (isi->s != OT_NONE) { if (!operands_extract(ci, di, ii, instFlags, (_OpType)isi->s, ONT_2, modrm, ps, effOpSz, effAdrSz, NULL)) goto _Undecodable; } else break; /* Use third operand, only if the flags says this InstInfo requires it. */ if (instFlags & INST_USE_OP3) { if (!operands_extract(ci, di, ii, instFlags, (_OpType)((_InstInfoEx*)ii)->op3, ONT_3, modrm, ps, effOpSz, effAdrSz, NULL)) goto _Undecodable; } else break; /* Support for a fourth operand is added for (i.e:) INSERTQ instruction. */ if (instFlags & INST_USE_OP4) { if (!operands_extract(ci, di, ii, instFlags, (_OpType)((_InstInfoEx*)ii)->op4, ONT_4, modrm, ps, effOpSz, effAdrSz, NULL)) goto _Undecodable; } break; } /* Continue here after all operands were extracted. */ /* If it were a 3DNow! instruction, we will have to find the instruction itself now that we got its operands extracted. */ if (instFlags & INST_3DNOW_FETCH) { ii = inst_lookup_3dnow(ci); if (ii == NULL) goto _Undecodable; isi = &InstSharedInfoTable[ii->sharedIndex]; instFlags = FlagsTable[isi->flagsIndex]; } /* Check whether pseudo opcode is needed, only for CMP instructions: */ if (instFlags & INST_PSEUDO_OPCODE) { if (--ci->codeLen < 0) goto _Undecodable; cmpType = *ci->code; ci->code++; if (instFlags & INST_PRE_VEX) { /* AVX Comparison type must be between 0 to 32, otherwise Reserved. */ if (cmpType >= INST_VCMP_MAX_RANGE) goto _Undecodable; } else { /* SSE Comparison type must be between 0 to 8, otherwise Reserved. */ if (cmpType >= INST_CMP_MAX_RANGE) goto _Undecodable; } } /* * There's a limit of 15 bytes on instruction length. The only way to violate * this limit is by putting redundant prefixes before an instruction. * start points to first prefix if any, otherwise it points to instruction first byte. */ if ((ci->code - ps->start) > INST_MAXIMUM_SIZE) goto _Undecodable; /* Drop instruction. */ /* * If we reached here the instruction was fully decoded, we located the instruction in the DB and extracted operands. * Use the correct mnemonic according to the DT. * If we are in 32 bits decoding mode it doesn't necessarily mean we will choose mnemonic2, alas, * it means that if there is a mnemonic2, it will be used. */ /* Start with prefix LOCK. */ if ((lockable == TRUE) && (instFlags & INST_PRE_LOCK)) { ps->usedPrefixes |= INST_PRE_LOCK; di->flags |= FLAG_LOCK; } else if ((instFlags & INST_PRE_REPNZ) && (ps->decodedPrefixes & INST_PRE_REPNZ)) { ps->usedPrefixes |= INST_PRE_REPNZ; di->flags |= FLAG_REPNZ; } else if ((instFlags & INST_PRE_REP) && (ps->decodedPrefixes & INST_PRE_REP)) { ps->usedPrefixes |= INST_PRE_REP; di->flags |= FLAG_REP; } /* If it's JeCXZ the ADDR_SIZE prefix affects them. */ if ((instFlags & (INST_PRE_ADDR_SIZE | INST_USE_EXMNEMONIC)) == (INST_PRE_ADDR_SIZE | INST_USE_EXMNEMONIC)) { ps->usedPrefixes |= INST_PRE_ADDR_SIZE; if (effAdrSz == Decode16Bits) di->opcode = ii->opcodeId; else if (effAdrSz == Decode32Bits) di->opcode = ((_InstInfoEx*)ii)->opcodeId2; /* Ignore REX.W in 64bits, JECXZ is promoted. */ else /* Decode64Bits */ di->opcode = ((_InstInfoEx*)ii)->opcodeId3; } /* LOOPxx instructions are also native instruction, but they are special case ones, ADDR_SIZE prefix affects them. */ else if ((instFlags & (INST_PRE_ADDR_SIZE | INST_NATIVE)) == (INST_PRE_ADDR_SIZE | INST_NATIVE)) { di->opcode = ii->opcodeId; /* If LOOPxx gets here from 64bits, it must be Decode32Bits because Address Size prefix is set. */ ps->usedPrefixes |= INST_PRE_ADDR_SIZE; } /* * Note: * If the instruction is prefixed by operand size we will format it in the non-default decoding mode! * So there might be a situation that an instruction of 32 bit gets formatted in 16 bits decoding mode. * Both ways should end up with a correct and expected formatting of the text. */ else if (effOpSz == Decode16Bits) { /* Decode16Bits */ /* Set operand size. */ FLAG_SET_OPSIZE(di, Decode16Bits); /* * If it's a special instruction which has two mnemonics, then use the 16 bits one + update usedPrefixes. * Note: use 16 bits mnemonic if that instruction supports 32 bit or 64 bit explicitly. */ if ((instFlags & INST_USE_EXMNEMONIC) && ((instFlags & (INST_32BITS | INST_64BITS)) == 0)) ps->usedPrefixes |= INST_PRE_OP_SIZE; di->opcode = ii->opcodeId; } else if (effOpSz == Decode32Bits) { /* Decode32Bits */ /* Set operand size. */ FLAG_SET_OPSIZE(di, Decode32Bits); /* Give a chance for special mnemonic instruction in 32 bits decoding. */ if (instFlags & INST_USE_EXMNEMONIC) { ps->usedPrefixes |= INST_PRE_OP_SIZE; /* Is it a special instruction which has another mnemonic for mod=11 ? */ if (instFlags & INST_MNEMONIC_MODRM_BASED) { if (modrm >= INST_DIVIDED_MODRM) di->opcode = ii->opcodeId; else di->opcode = ((_InstInfoEx*)ii)->opcodeId2; } else di->opcode = ((_InstInfoEx*)ii)->opcodeId2; } else di->opcode = ii->opcodeId; } else { /* Decode64Bits, note that some instructions might be decoded in Decode32Bits above. */ /* Set operand size. */ FLAG_SET_OPSIZE(di, Decode64Bits); if (instFlags & (INST_USE_EXMNEMONIC | INST_USE_EXMNEMONIC2)) { /* * We shouldn't be here for MODRM based mnemonics with a MOD=11, * because they must not use REX (otherwise it will get to the wrong instruction which share same opcode). * See XRSTOR and XSAVEOPT. */ if ((instFlags & INST_MNEMONIC_MODRM_BASED) && (modrm >= INST_DIVIDED_MODRM)) goto _Undecodable; /* Use third mnemonic, for 64 bits. */ if ((instFlags & INST_USE_EXMNEMONIC2) && (vrex & PREFIX_EX_W)) { ps->usedPrefixes |= INST_PRE_REX; di->opcode = ((_InstInfoEx*)ii)->opcodeId3; } else di->opcode = ((_InstInfoEx*)ii)->opcodeId2; /* Use second mnemonic. */ } else di->opcode = ii->opcodeId; } /* If it's a native instruction use OpSize Prefix. */ if ((instFlags & INST_NATIVE) && (ps->decodedPrefixes & INST_PRE_OP_SIZE)) ps->usedPrefixes |= INST_PRE_OP_SIZE; /* Check VEX mnemonics: */ if ((instFlags & INST_PRE_VEX) && (((((_InstInfoEx*)ii)->flagsEx & INST_MNEMONIC_VEXW_BASED) && (vrex & PREFIX_EX_W)) || ((((_InstInfoEx*)ii)->flagsEx & INST_MNEMONIC_VEXL_BASED) && (vrex & PREFIX_EX_L)))) { di->opcode = ((_InstInfoEx*)ii)->opcodeId2; } /* Or is it a special CMP instruction which needs a pseudo opcode suffix ? */ if (instFlags & INST_PSEUDO_OPCODE) { /* * The opcodeId is the offset to the FIRST pseudo compare mnemonic, * we will have to fix it so it offsets into the corrected mnemonic. * Therefore, we use another table to fix the offset. */ if (instFlags & INST_PRE_VEX) { /* Use the AVX pseudo compare mnemonics table. */ di->opcode = ii->opcodeId + VCmpMnemonicOffsets[cmpType]; } else { /* Use the SSE pseudo compare mnemonics table. */ di->opcode = ii->opcodeId + CmpMnemonicOffsets[cmpType]; } } /* * Store the address size inside the flags. * This is necessary for the caller to know the size of rSP when using PUSHA for example. */ FLAG_SET_ADDRSIZE(di, effAdrSz); /* Copy DST_WR flag. */ if (instFlags & INST_DST_WR) di->flags |= FLAG_DST_WR; /* Set the unused prefixes mask. */ di->unusedPrefixesMask = prefixes_set_unused_mask(ps); /* Fix privileged. Assumes the privilegedFlag is 0x8000 only. */ di->flags |= privilegedFlag; /* Copy instruction meta. */ di->meta = isi->meta; if (di->segment == 0) di->segment = R_NONE; /* Take into account the O_MEM base register for the mask. */ if (di->base != R_NONE) di->usedRegistersMask |= _REGISTERTORCLASS[di->base]; /* Copy CPU affected flags. */ CONVERT_FLAGS_TO_EFLAGS(di, isi, modifiedFlagsMask); CONVERT_FLAGS_TO_EFLAGS(di, isi, testedFlagsMask); CONVERT_FLAGS_TO_EFLAGS(di, isi, undefinedFlagsMask); /* Calculate the size of the instruction we've just decoded. */ di->size = (uint8_t)((ci->code - startCode) & 0xff); return DECRES_SUCCESS; _Undecodable: /* If the instruction couldn't be decoded for some reason, drop the first byte. */ memset(di, 0, sizeof(_DInst)); di->base = R_NONE; di->size = 1; /* Clean prefixes just in case... */ ps->usedPrefixes = 0; /* Special case for WAIT instruction: If it's dropped, you have to return a valid instruction! */ if (*startCode == INST_WAIT_INDEX) { di->opcode = I_WAIT; META_SET_ISC(di, ISC_INTEGER); return DECRES_SUCCESS; } /* Mark that we didn't manage to decode the instruction well, caller will drop it. */ return DECRES_INPUTERR; } /* * decode_internal * * supportOldIntr - Since now we work with new structure instead of the old _DecodedInst, we are still interested in backward compatibility. * So although, the array is now of type _DInst, we want to read it in jumps of the old array element's size. * This is in order to save memory allocation for conversion between the new and the old structures. * It really means we can do the conversion in-place now. */ _DecodeResult decode_internal(_CodeInfo* _ci, int supportOldIntr, _DInst result[], unsigned int maxResultCount, unsigned int* usedInstructionsCount) { _PrefixState ps; unsigned int prefixSize; _CodeInfo ci; unsigned int features; unsigned int mfc; _OffsetType codeOffset = _ci->codeOffset; const uint8_t* code = _ci->code; int codeLen = _ci->codeLen; /* * This is used for printing only, it is the real offset of where the whole instruction begins. * We need this variable in addition to codeOffset, because prefixes might change the real offset an instruction begins at. * So we keep track of both. */ _OffsetType startInstOffset = 0; const uint8_t* p; /* Current working decoded instruction in results. */ unsigned int nextPos = 0; _DInst *pdi = NULL; _OffsetType addrMask = (_OffsetType)-1; _DecodeResult decodeResult; #ifdef DISTORM_LIGHT supportOldIntr; /* Unreferenced. */ /* * Only truncate address if we are using the decompose interface. * Otherwise, we use the textual interface which needs full addresses for formatting bytes output. * So distorm_format will truncate later. */ if (_ci->features & DF_MAXIMUM_ADDR32) addrMask = 0xffffffff; else if (_ci->features & DF_MAXIMUM_ADDR16) addrMask = 0xffff; #endif /* No entries are used yet. */ *usedInstructionsCount = 0; ci.dt = _ci->dt; _ci->nextOffset = codeOffset; /* Decode instructions as long as we have what to decode/enough room in entries. */ while (codeLen > 0) { /* startInstOffset holds the displayed offset of current instruction. */ startInstOffset = codeOffset; memset(&ps, 0, (size_t)((char*)&ps.pfxIndexer[0] - (char*)&ps)); memset(ps.pfxIndexer, PFXIDX_NONE, sizeof(int) * PFXIDX_MAX); ps.start = code; ps.last = code; prefixSize = 0; if (prefixes_is_valid(*code, ci.dt)) { prefixes_decode(code, codeLen, &ps, ci.dt); /* Count prefixes, start points to first prefix. */ prefixSize = (unsigned int)(ps.last - ps.start); /* * It might be that we will just notice that we ran out of bytes, or only prefixes * so we will have to drop everything and halt. * Also take into consideration of flow control instruction filter. */ codeLen -= prefixSize; if ((codeLen == 0) || (prefixSize == INST_MAXIMUM_SIZE)) { if (~_ci->features & DF_RETURN_FC_ONLY) { /* Make sure there is enough room. */ if (nextPos + (ps.last - code) > maxResultCount) return DECRES_MEMORYERR; for (p = code; p < ps.last; p++, startInstOffset++) { /* Use next entry. */ #ifndef DISTORM_LIGHT if (supportOldIntr) { pdi = (_DInst*)((char*)result + nextPos * sizeof(_DecodedInst)); } else #endif /* DISTORM_LIGHT */ { pdi = &result[nextPos]; } nextPos++; memset(pdi, 0, sizeof(_DInst)); pdi->flags = FLAG_NOT_DECODABLE; pdi->imm.byte = *p; pdi->size = 1; pdi->addr = startInstOffset & addrMask; } *usedInstructionsCount = nextPos; /* Include them all. */ } if (codeLen == 0) break; /* Bye bye, out of bytes. */ } code += prefixSize; codeOffset += prefixSize; /* If we got only prefixes continue to next instruction. */ if (prefixSize == INST_MAXIMUM_SIZE) continue; } /* * Now we decode the instruction and only then we do further prefixes handling. * This is because the instruction could not be decoded at all, or an instruction requires * a mandatory prefix, or some of the prefixes were useless, etc... * Even if there were a mandatory prefix, we already took into account its size as a normal prefix. * so prefixSize includes that, and the returned size in pdi is simply the size of the real(=without prefixes) instruction. */ if (ci.dt == Decode64Bits) { if (ps.decodedPrefixes & INST_PRE_REX) { /* REX prefix must precede first byte of instruction. */ if (ps.rexPos != (code - 1)) { ps.decodedPrefixes &= ~INST_PRE_REX; ps.prefixExtType = PET_NONE; prefixes_ignore(&ps, PFXIDX_REX); } /* * We will disable operand size prefix, * if it exists only after decoding the instruction, since it might be a mandatory prefix. * This will be done after calling inst_lookup in decode_inst. */ } /* In 64 bits, segment overrides of CS, DS, ES and SS are ignored. So don't take'em into account. */ if (ps.decodedPrefixes & INST_PRE_SEGOVRD_MASK32) { ps.decodedPrefixes &= ~INST_PRE_SEGOVRD_MASK32; prefixes_ignore(&ps, PFXIDX_SEG); } } /* Make sure there is at least one more entry to use, for the upcoming instruction. */ if (nextPos + 1 > maxResultCount) return DECRES_MEMORYERR; #ifndef DISTORM_LIGHT if (supportOldIntr) { pdi = (_DInst*)((char*)result + nextPos * sizeof(_DecodedInst)); } else #endif /* DISTORM_LIGHT */ { pdi = &result[nextPos]; } nextPos++; /* * The reason we copy these two again is because we have to keep track on the input ourselves. * There might be a case when an instruction is invalid, and then it will be counted as one byte only. * But that instruction already read a byte or two from the stream and only then returned the error. * Thus, we end up unsynchronized on the stream. * This way, we are totally safe, because we keep track after the call to decode_inst, using the returned size. */ ci.code = code; ci.codeLen = codeLen; /* Nobody uses codeOffset in the decoder itself, so spare it. */ decodeResult = decode_inst(&ci, &ps, pdi); /* See if we need to filter this instruction. */ if ((_ci->features & DF_RETURN_FC_ONLY) && (META_GET_FC(pdi->meta) == FC_NONE)) decodeResult = DECRES_FILTERED; /* Set address to the beginning of the instruction. */ pdi->addr = startInstOffset & addrMask; /* pdi->disp &= addrMask; */ if ((decodeResult == DECRES_INPUTERR) && (ps.decodedPrefixes & INST_PRE_VEX)) { if (ps.prefixExtType == PET_VEX3BYTES) { prefixSize -= 2; codeLen += 2; } else if (ps.prefixExtType == PET_VEX2BYTES) { prefixSize -= 1; codeLen += 1; } ps.last = ps.start + prefixSize - 1; code = ps.last + 1; codeOffset = startInstOffset + prefixSize; } else { /* Advance to next instruction. */ codeLen -= pdi->size; codeOffset += pdi->size; code += pdi->size; /* Instruction's size should include prefixes. */ pdi->size += (uint8_t)prefixSize; } /* Drop all prefixes and the instruction itself, because the instruction wasn't successfully decoded. */ if ((decodeResult == DECRES_INPUTERR) && (~_ci->features & DF_RETURN_FC_ONLY)) { nextPos--; /* Undo last result. */ if ((prefixSize + 1) > 0) { /* 1 for the first instruction's byte. */ if ((nextPos + prefixSize + 1) > maxResultCount) return DECRES_MEMORYERR; for (p = ps.start; p < ps.last + 1; p++, startInstOffset++) { /* Use next entry. */ #ifndef DISTORM_LIGHT if (supportOldIntr) { pdi = (_DInst*)((char*)result + nextPos * sizeof(_DecodedInst)); } else #endif /* DISTORM_LIGHT */ { pdi = &result[nextPos]; } nextPos++; memset(pdi, 0, sizeof(_DInst)); pdi->flags = FLAG_NOT_DECODABLE; pdi->imm.byte = *p; pdi->size = 1; pdi->addr = startInstOffset & addrMask; } } } else if (decodeResult == DECRES_FILTERED) nextPos--; /* Return it to pool, since it was filtered. */ /* Alright, the caller can read, at least, up to this one. */ *usedInstructionsCount = nextPos; /* Fix next offset. */ _ci->nextOffset = codeOffset; /* Check whether we need to stop on any flow control instruction. */ features = _ci->features; mfc = META_GET_FC(pdi->meta); if ((decodeResult == DECRES_SUCCESS) && (features & DF_STOP_ON_FLOW_CONTROL)) { if (((features & DF_STOP_ON_CALL) && (mfc == FC_CALL)) || ((features & DF_STOP_ON_RET) && (mfc == FC_RET)) || ((features & DF_STOP_ON_SYS) && (mfc == FC_SYS)) || ((features & DF_STOP_ON_UNC_BRANCH) && (mfc == FC_UNC_BRANCH)) || ((features & DF_STOP_ON_CND_BRANCH) && (mfc == FC_CND_BRANCH)) || ((features & DF_STOP_ON_INT) && (mfc == FC_INT)) || ((features & DF_STOP_ON_CMOV) && (mfc == FC_CMOV))) return DECRES_SUCCESS; } } return DECRES_SUCCESS; } distorm-3.4.1/src/decoder.h000066400000000000000000000020421340425302400155400ustar00rootroot00000000000000/* decoder.h diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2011 Gil Dabah This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see */ #ifndef DECODER_H #define DECODER_H #include "config.h" typedef unsigned int _iflags; _DecodeResult decode_internal(_CodeInfo* ci, int supportOldIntr, _DInst result[], unsigned int maxResultCount, unsigned int* usedInstructionsCount); #endif /* DECODER_H */ distorm-3.4.1/src/distorm.c000077500000000000000000000315131340425302400156170ustar00rootroot00000000000000/* distorm.c diStorm3 C Library Interface diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #include "../include/distorm.h" #include "config.h" #include "decoder.h" #include "x86defs.h" #include "textdefs.h" #include "wstring.h" #include "../include/mnemonics.h" /* C DLL EXPORTS */ #ifdef SUPPORT_64BIT_OFFSET _DLLEXPORT_ _DecodeResult distorm_decompose64(_CodeInfo* ci, _DInst result[], unsigned int maxInstructions, unsigned int* usedInstructionsCount) #else _DLLEXPORT_ _DecodeResult distorm_decompose32(_CodeInfo* ci, _DInst result[], unsigned int maxInstructions, unsigned int* usedInstructionsCount) #endif { if (usedInstructionsCount == NULL) { return DECRES_SUCCESS; } /* DECRES_SUCCESS still may indicate we may have something in the result, so zero it first thing. */ *usedInstructionsCount = 0; if ((ci == NULL) || (ci->codeLen < 0) || ((ci->dt != Decode16Bits) && (ci->dt != Decode32Bits) && (ci->dt != Decode64Bits)) || (ci->code == NULL) || (result == NULL) || ((ci->features & (DF_MAXIMUM_ADDR16 | DF_MAXIMUM_ADDR32)) == (DF_MAXIMUM_ADDR16 | DF_MAXIMUM_ADDR32))) { return DECRES_INPUTERR; } /* Assume length=0 is success. */ if (ci->codeLen == 0) { return DECRES_SUCCESS; } return decode_internal(ci, FALSE, result, maxInstructions, usedInstructionsCount); } #ifndef DISTORM_LIGHT /* Helper function to concatenate an explicit size when it's unknown from the operands. */ static void distorm_format_size(_WString* str, const _DInst* di, int opNum) { int isSizingRequired = 0; /* * We only have to output the size explicitly if it's not clear from the operands. * For example: * mov al, [0x1234] -> The size is 8, we know it from the AL register operand. * mov [0x1234], 0x11 -> Now we don't know the size. Pam pam pam * * If given operand number is higher than 2, then output the size anyways. */ isSizingRequired = ((opNum >= 2) || ((di->ops[0].type != O_REG) && (di->ops[1].type != O_REG))); /* Still not sure? Try some special instructions. */ if (!isSizingRequired) { /* * INS/OUTS are exception, because DX is a port specifier and not a real src/dst register. * A few exceptions that always requires sizing: * MOVZX, MOVSX, MOVSXD. * ROL, ROR, RCL, RCR, SHL, SHR, SAL, SAR. * SHLD, SHRD. */ switch (di->opcode) { case I_INS: case I_OUTS: case I_MOVZX: case I_MOVSX: case I_MOVSXD: case I_ROL: case I_ROR: case I_RCL: case I_RCR: case I_SHL: case I_SHR: case I_SAL: case I_SAR: case I_SHLD: case I_SHRD: isSizingRequired = 1; break; default: /* Instruction doesn't require sizing. */ break; } } if (isSizingRequired) { switch (di->ops[opNum].size) { case 0: break; /* OT_MEM's unknown size. */ case 8: strcat_WSN(str, "BYTE "); break; case 16: strcat_WSN(str, "WORD "); break; case 32: strcat_WSN(str, "DWORD "); break; case 64: strcat_WSN(str, "QWORD "); break; case 80: strcat_WSN(str, "TBYTE "); break; case 128: strcat_WSN(str, "DQWORD "); break; case 256: strcat_WSN(str, "YWORD "); break; default: /* Big oh uh if it gets here. */ break; } } } static void distorm_format_signed_disp(_WString* str, const _DInst* di, uint64_t addrMask) { int64_t tmpDisp64; if (di->dispSize) { chrcat_WS(str, ((int64_t)di->disp < 0) ? MINUS_DISP_CHR : PLUS_DISP_CHR); if ((int64_t)di->disp < 0) tmpDisp64 = -(int64_t)di->disp; else tmpDisp64 = di->disp; tmpDisp64 &= addrMask; str_code_hqw(str, (uint8_t*)&tmpDisp64); } } #ifdef SUPPORT_64BIT_OFFSET _DLLEXPORT_ void distorm_format64(const _CodeInfo* ci, const _DInst* di, _DecodedInst* result) #else _DLLEXPORT_ void distorm_format32(const _CodeInfo* ci, const _DInst* di, _DecodedInst* result) #endif { _WString* str; unsigned int i, isDefault; int64_t tmpDisp64; uint64_t addrMask = (uint64_t)-1; uint8_t segment; const _WMnemonic* mnemonic; /* Set address mask, when default is for 64bits addresses. */ if (ci->features & DF_MAXIMUM_ADDR32) addrMask = 0xffffffff; else if (ci->features & DF_MAXIMUM_ADDR16) addrMask = 0xffff; /* Copy other fields. */ result->size = di->size; result->offset = di->addr; if (di->flags == FLAG_NOT_DECODABLE) { str = &result->mnemonic; result->offset &= addrMask; strclear_WS(&result->operands); strcpy_WSN(str, "DB "); str_code_hb(str, di->imm.byte); strclear_WS(&result->instructionHex); str_hex_b(&result->instructionHex, di->imm.byte); return; /* Skip to next instruction. */ } str = &result->instructionHex; strclear_WS(str); /* Gotta have full address for (di->addr - ci->codeOffset) to work in all modes. */ for (i = 0; i < di->size; i++) str_hex_b(str, ci->code[(unsigned int)(di->addr - ci->codeOffset + i)]); /* Truncate address now. */ result->offset &= addrMask; str = &result->mnemonic; switch (FLAG_GET_PREFIX(di->flags)) { case FLAG_LOCK: strcpy_WSN(str, "LOCK "); break; case FLAG_REP: /* REP prefix for CMPS and SCAS is really a REPZ. */ if ((di->opcode == I_CMPS) || (di->opcode == I_SCAS)) strcpy_WSN(str, "REPZ "); else strcpy_WSN(str, "REP "); break; case FLAG_REPNZ: strcpy_WSN(str, "REPNZ "); break; default: /* Init mnemonic string, cause next touch is concatenation. */ strclear_WS(str); break; } mnemonic = (const _WMnemonic*)&_MNEMONICS[di->opcode]; memcpy((int8_t*)&str->p[str->length], mnemonic->p, mnemonic->length + 1); str->length += mnemonic->length; /* Format operands: */ str = &result->operands; strclear_WS(str); /* Special treatment for String instructions. */ if ((META_GET_ISC(di->meta) == ISC_INTEGER) && ((di->opcode == I_MOVS) || (di->opcode == I_CMPS) || (di->opcode == I_STOS) || (di->opcode == I_LODS) || (di->opcode == I_SCAS))) { /* * No operands are needed if the address size is the default one, * and no segment is overridden, so add the suffix letter, * to indicate size of operation and continue to next instruction. */ if ((FLAG_GET_ADDRSIZE(di->flags) == ci->dt) && (SEGMENT_IS_DEFAULT(di->segment))) { str = &result->mnemonic; switch (di->ops[0].size) { case 8: chrcat_WS(str, 'B'); break; case 16: chrcat_WS(str, 'W'); break; case 32: chrcat_WS(str, 'D'); break; case 64: chrcat_WS(str, 'Q'); break; } return; } } for (i = 0; ((i < OPERANDS_NO) && (di->ops[i].type != O_NONE)); i++) { if (i > 0) strcat_WSN(str, ", "); switch (di->ops[i].type) { case O_REG: strcat_WS(str, (const _WString*)&_REGISTERS[di->ops[i].index]); break; case O_IMM: /* If the instruction is 'push', show explicit size (except byte imm). */ if ((di->opcode == I_PUSH) && (di->ops[i].size != 8)) distorm_format_size(str, di, i); /* Special fix for negative sign extended immediates. */ if ((di->flags & FLAG_IMM_SIGNED) && (di->ops[i].size == 8)) { if (di->imm.sbyte < 0) { chrcat_WS(str, MINUS_DISP_CHR); str_code_hb(str, -di->imm.sbyte); break; } } if (di->ops[i].size == 64) str_code_hqw(str, (uint8_t*)&di->imm.qword); else str_code_hdw(str, di->imm.dword); break; case O_IMM1: str_code_hdw(str, di->imm.ex.i1); break; case O_IMM2: str_code_hdw(str, di->imm.ex.i2); break; case O_DISP: distorm_format_size(str, di, i); chrcat_WS(str, OPEN_CHR); if ((SEGMENT_GET(di->segment) != R_NONE) && !SEGMENT_IS_DEFAULT(di->segment)) { strcat_WS(str, (const _WString*)&_REGISTERS[SEGMENT_GET(di->segment)]); chrcat_WS(str, SEG_OFF_CHR); } tmpDisp64 = di->disp & addrMask; str_code_hqw(str, (uint8_t*)&tmpDisp64); chrcat_WS(str, CLOSE_CHR); break; case O_SMEM: distorm_format_size(str, di, i); chrcat_WS(str, OPEN_CHR); /* * This is where we need to take special care for String instructions. * If we got here, it means we need to explicitly show their operands. * The problem with CMPS and MOVS is that they have two(!) memory operands. * So we have to complete it ourselves, since the structure supplies only the segment that can be overridden. * And make the rest of the String operations explicit. */ segment = SEGMENT_GET(di->segment); isDefault = SEGMENT_IS_DEFAULT(di->segment); switch (di->opcode) { case I_MOVS: isDefault = FALSE; if (i == 0) segment = R_ES; break; case I_CMPS: isDefault = FALSE; if (i == 1) segment = R_ES; break; case I_INS: case I_LODS: case I_STOS: case I_SCAS: isDefault = FALSE; break; } if (!isDefault && (segment != R_NONE)) { strcat_WS(str, (const _WString*)&_REGISTERS[segment]); chrcat_WS(str, SEG_OFF_CHR); } strcat_WS(str, (const _WString*)&_REGISTERS[di->ops[i].index]); distorm_format_signed_disp(str, di, addrMask); chrcat_WS(str, CLOSE_CHR); break; case O_MEM: distorm_format_size(str, di, i); chrcat_WS(str, OPEN_CHR); if ((SEGMENT_GET(di->segment) != R_NONE) && !SEGMENT_IS_DEFAULT(di->segment)) { strcat_WS(str, (const _WString*)&_REGISTERS[SEGMENT_GET(di->segment)]); chrcat_WS(str, SEG_OFF_CHR); } if (di->base != R_NONE) { strcat_WS(str, (const _WString*)&_REGISTERS[di->base]); chrcat_WS(str, PLUS_DISP_CHR); } strcat_WS(str, (const _WString*)&_REGISTERS[di->ops[i].index]); if (di->scale != 0) { chrcat_WS(str, '*'); if (di->scale == 2) chrcat_WS(str, '2'); else if (di->scale == 4) chrcat_WS(str, '4'); else /* if (di->scale == 8) */ chrcat_WS(str, '8'); } distorm_format_signed_disp(str, di, addrMask); chrcat_WS(str, CLOSE_CHR); break; case O_PC: #ifdef SUPPORT_64BIT_OFFSET str_off64(str, (di->imm.sqword + di->addr + di->size) & addrMask); #else str_code_hdw(str, ((_OffsetType)di->imm.sdword + di->addr + di->size) & (uint32_t)addrMask); #endif break; case O_PTR: str_code_hdw(str, di->imm.ptr.seg); chrcat_WS(str, SEG_OFF_CHR); str_code_hdw(str, di->imm.ptr.off); break; } } if (di->flags & FLAG_HINT_TAKEN) strcat_WSN(str, " ;TAKEN"); else if (di->flags & FLAG_HINT_NOT_TAKEN) strcat_WSN(str, " ;NOT TAKEN"); } #ifdef SUPPORT_64BIT_OFFSET _DLLEXPORT_ _DecodeResult distorm_decode64(_OffsetType codeOffset, const unsigned char* code, int codeLen, _DecodeType dt, _DecodedInst result[], unsigned int maxInstructions, unsigned int* usedInstructionsCount) #else _DLLEXPORT_ _DecodeResult distorm_decode32(_OffsetType codeOffset, const unsigned char* code, int codeLen, _DecodeType dt, _DecodedInst result[], unsigned int maxInstructions, unsigned int* usedInstructionsCount) #endif { _DecodeResult res; _DInst di; _CodeInfo ci; unsigned int instsCount = 0, i; *usedInstructionsCount = 0; /* I use codeLen as a signed variable in order to ease detection of underflow... and besides - */ if (codeLen < 0) { return DECRES_INPUTERR; } if ((dt != Decode16Bits) && (dt != Decode32Bits) && (dt != Decode64Bits)) { return DECRES_INPUTERR; } if (code == NULL || result == NULL) { return DECRES_INPUTERR; } /* Assume length=0 is success. */ if (codeLen == 0) { return DECRES_SUCCESS; } /* * We have to format the result into text. But the interal decoder works with the new structure of _DInst. * Therefore, we will pass the result array(!) from the caller and the interal decoder will fill it in with _DInst's. * Then we will copy each result to a temporary structure, and use it to reformat that specific result. * * This is all done to save memory allocation and to work on the same result array in-place!!! * It's a bit ugly, I have to admit, but worth it. */ ci.codeOffset = codeOffset; ci.code = code; ci.codeLen = codeLen; ci.dt = dt; ci.features = DF_NONE; if (dt == Decode16Bits) ci.features = DF_MAXIMUM_ADDR16; else if (dt == Decode32Bits) ci.features = DF_MAXIMUM_ADDR32; res = decode_internal(&ci, TRUE, (_DInst*)result, maxInstructions, &instsCount); for (i = 0; i < instsCount; i++) { if ((*usedInstructionsCount + i) >= maxInstructions) return DECRES_MEMORYERR; /* Copy the current decomposed result to a temp structure, so we can override the result with text. */ memcpy(&di, (char*)result + (i * sizeof(_DecodedInst)), sizeof(_DInst)); #ifdef SUPPORT_64BIT_OFFSET distorm_format64(&ci, &di, &result[i]); #else distorm_format32(&ci, &di, &result[i]); #endif } *usedInstructionsCount = instsCount; return res; } #endif /* DISTORM_LIGHT */ _DLLEXPORT_ unsigned int distorm_version(void) { return __DISTORMV__; } distorm-3.4.1/src/instructions.c000077500000000000000000000602161340425302400167040ustar00rootroot00000000000000/* instructions.c diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #include "instructions.h" #include "insts.h" #include "prefix.h" #include "x86defs.h" #include "../include/mnemonics.h" /* Helper macros to extract the type or index from an inst-node value. */ #define INST_NODE_INDEX(n) ((n) & 0x1fff) #define INST_NODE_TYPE(n) ((n) >> 13) /* Helper macro to read the actual flags that are associated with an inst-info. */ #define INST_INFO_FLAGS(ii) (FlagsTable[InstSharedInfoTable[(ii)->sharedIndex].flagsIndex]) /* I use the trie data structure as I found it most fitting to a disassembler mechanism. When you read a byte and have to decide if it's enough or you should read more bytes, 'till you get to the instruction information. It's really fast because you POP the instruction info in top 3 iterates on the DB, because an instruction can be formed from two bytes + 3 bits reg from the ModR/M byte. For a simple explanation, check this out: http://www.csse.monash.edu.au/~lloyd/tildeAlgDS/Tree/Trie/ Further reading: http://en.wikipedia.org/wiki/Trie The first GATE (array you read off a trie data structure), as I call them, is statically allocated by the compiler. The second and third gates if used are being allocated dynamically by the instructions-insertion functionality. How would such a thing look in memory, say we support 4 instructions with 3 bytes top (means 2 dynamically allocated gates). -> |-------| 0, |0| -------------------------------> |-------| |1|RET | 1, |0|AND | |2| -----> |-------| |1|XOR | |3|INT3 | |0|PUSH | |2|OR | 0,3, |-------| |1|POP | |3| --------->|-------| |2|PUSHF| |-------| |0|ROR | |3|POPF | |1|ROL | |-------| |2|SHR | |3|SHL | |-------| Of course, this is NOT how Intel instructions set looks!!! but I just wanted to give a small demonstration. Now the instructions you get from such a trie DB goes like this: 0, 0 - AND 0, 1 - XOR 0, 2 - OR 0, 3, 0, ROR 0, 3, 1, ROL 0, 3, 2, SHR 0, 3, 3, SHL 1 - RET 2, 0 - PUSH 2, 1 - POP 2, 2 - PUSHF 2, 3 - POPF 3 - INT3 I guess it's clear by now. So now, if you read 0, you know that you have to enter the second gate(list) with the second byte specifying the index. But if you read 1, you know that you go to an instruction (in this case, a RET). That's why there's an Instruction-Node structure, it tells you whether you got to an instruction or another list so you should keep on reading byte). In Intel, you could go through 4 gates at top, because there are instructions which are built from 2 bytes and another smaller list for the REG part, or newest SSE4 instructions which use 4 bytes for opcode. Therefore, Intel's first gate is 256 long, and other gates are 256 (/72) or 8 long, yes, it costs pretty much a lot of memory for non-used defined instructions, but I think that it still rocks. */ /* * A helper function to look up the correct inst-info structure. * It does one fetch from the index-table, and then another to get the inst-info. * Note that it takes care about basic inst-info or inst-info-ex. * The caller should worry about boundary checks and whether it accesses a last-level table. */ static _InstInfo* inst_get_info(_InstNode in, int index) { int instIndex = 0; in = InstructionsTree[INST_NODE_INDEX(in) + index]; if (in == INT_NOTEXISTS) return NULL; instIndex = INST_NODE_INDEX(in); return INST_NODE_TYPE(in) == INT_INFO ? &InstInfos[instIndex] : (_InstInfo*)&InstInfosEx[instIndex]; } /* * This function is responsible to return the instruction information of the first found in code. * It returns the _InstInfo of the found instruction, otherwise NULL. * code should point to the ModR/M byte upon exit (if used), or after the instruction binary code itself. * This function is NOT decoding-type dependant, it is up to the caller to see whether the instruction is valid. * Get the instruction info, using a Trie data structure. * * Sometimes normal prefixes become mandatory prefixes, which means they are now part of the instruction opcode bytes. * This is a bit tricky now, * if the first byte is a REP (F3) prefix, we will have to give a chance to an SSE instruction. * If an instruction doesn't exist, we will make it as a prefix and re-locateinst. * A case such that a REP prefix is being changed into an instruction byte and also an SSE instruction will not be found can't happen, * simply because there are no collisions between string instruction and SSE instructions (they are escaped). * As for S/SSE2/3, check for F2 and 66 as well. * In 64 bits, we have to make sure that we will skip the REX prefix, if it exists. * There's a specific case, where a 66 is mandatory but it was dropped because REG.W was used, * but it doesn't behave as an operand size prefix but as a mandatory, so we will have to take it into account. * For example (64 bits decoding mode): * 66 98 CBW * 48 98 CDQE * 66 48 98: db 0x66; CDQE * Shows that operand size is dropped. * Now, it's a mandatory prefix and NOT an operand size one. * 66480f2dc0 db 0x48; CVTPD2PI XMM0, XMM0 * Although this instruction doesn't require a REX.W, it just shows, that even if it did - it doesn't matter. * REX.W is dropped because it's not required, but the decode function disabled the operand size even so. */ static _InstInfo* inst_lookup_prefixed(_InstNode in, _PrefixState* ps) { int checkOpSize = FALSE; int index = 0; _InstInfo* ii = NULL; /* Check prefixes of current decoded instruction (None, 0x66, 0xf3, 0xf2). */ switch (ps->decodedPrefixes & (INST_PRE_OP_SIZE | INST_PRE_REPS)) { case 0: /* Non-prefixed, index = 0. */ index = 0; break; case INST_PRE_OP_SIZE: /* 0x66, index = 1. */ index = 1; /* Mark that we used it as a mandatory prefix. */ ps->isOpSizeMandatory = TRUE; ps->decodedPrefixes &= ~INST_PRE_OP_SIZE; break; case INST_PRE_REP: /* 0xf3, index = 2. */ index = 2; ps->decodedPrefixes &= ~INST_PRE_REP; break; case INST_PRE_REPNZ: /* 0xf2, index = 3. */ index = 3; ps->decodedPrefixes &= ~INST_PRE_REPNZ; break; default: /* * Now we got a problem, since there are a few mandatory prefixes at once. * There is only one case when it's ok, when the operand size prefix is for real (not mandatory). * Otherwise we will have to return NULL, since the instruction is illegal. * Therefore we will start with REPNZ and REP prefixes, * try to get the instruction and only then check for the operand size prefix. */ /* If both REPNZ and REP are together, it's illegal for sure. */ if ((ps->decodedPrefixes & INST_PRE_REPS) == INST_PRE_REPS) return NULL; /* Now we know it's either REPNZ+OPSIZE or REP+OPSIZE, so examine the instruction. */ if (ps->decodedPrefixes & INST_PRE_REPNZ) { index = 3; ps->decodedPrefixes &= ~INST_PRE_REPNZ; } else if (ps->decodedPrefixes & INST_PRE_REP) { index = 2; ps->decodedPrefixes &= ~INST_PRE_REP; } /* Mark to verify the operand-size prefix of the fetched instruction below. */ checkOpSize = TRUE; break; } /* Fetch the inst-info from the index. */ ii = inst_get_info(in, index); if (checkOpSize) { /* If the instruction doesn't support operand size prefix, then it's illegal. */ if ((ii == NULL) || (~INST_INFO_FLAGS(ii) & INST_PRE_OP_SIZE)) return NULL; } /* If there was a prefix, but the instruction wasn't found. Try to fall back to use the normal instruction. */ if (ii == NULL) ii = inst_get_info(in, 0); return ii; } /* A helper function to look up special VEX instructions. * See if it's a MOD based instruction and fix index if required. * Only after a first lookup (that was done by caller), we can tell if we need to fix the index. * Because these are coupled instructions * (which means that the base instruction hints about the other instruction). * Note that caller should check if it's a MOD dependent instruction before getting in here. */ static _InstInfo* inst_vex_mod_lookup(_CodeInfo* ci, _InstNode in, _InstInfo* ii, unsigned int index) { /* Advance to read the MOD from ModRM byte. */ ci->code += 1; ci->codeLen -= 1; if (ci->codeLen < 0) return NULL; if (*ci->code < INST_DIVIDED_MODRM) { /* MOD is not 11, therefore change the index to 8 - 12 range in the prefixed table. */ index += 4; /* Make a second lookup for this special instruction. */ return inst_get_info(in, index); } /* Return the original one, in case we didn't find a suited instruction. */ return ii; } static _InstInfo* inst_vex_lookup(_CodeInfo* ci, _PrefixState* ps) { _InstNode in = 0; unsigned int pp = 0, start = 0; unsigned int index = 4; /* VEX instructions start at index 4 in the Prefixed table. */ uint8_t vex = *ps->vexPos, vex2 = 0, v = 0; int instType = 0, instIndex = 0; /* The VEX instruction will #ud if any of 66, f0, f2, f3, REX prefixes precede. */ _iflags illegal = (INST_PRE_OP_SIZE | INST_PRE_LOCK | INST_PRE_REP | INST_PRE_REPNZ | INST_PRE_REX); if ((ps->decodedPrefixes & illegal) != 0) return NULL; /* Read the some fields from the VEX prefix we need to extract the instruction. */ if (ps->prefixExtType == PET_VEX2BYTES) { ps->vexV = v = (~vex >> 3) & 0xf; pp = vex & 3; /* Implied leading 0x0f byte by default for 2 bytes VEX prefix. */ start = 1; } else { /* PET_VEX3BYTES */ start = vex & 0x1f; vex2 = *(ps->vexPos + 1); ps->vexV = v = (~vex2 >> 3) & 0xf; pp = vex2 & 3; } /* start can be either 1 (0x0f), 2 (0x0f, 0x038) or 3 (0x0f, 0x3a), otherwise it's illegal. */ switch (start) { case 1: in = Table_0F; break; case 2: in = Table_0F_38; break; case 3: in = Table_0F_3A; break; default: return NULL; } /* pp is actually the implied mandatory prefix, apply it to the index. */ index += pp; /* (None, 0x66, 0xf3, 0xf2) */ /* Read a byte from the stream. */ ci->codeLen -= 1; if (ci->codeLen < 0) return NULL; in = InstructionsTree[INST_NODE_INDEX(in) + *ci->code]; if (in == INT_NOTEXISTS) return NULL; instType = INST_NODE_TYPE(in); instIndex = INST_NODE_INDEX(in); /* * If we started with 0f38 or 0f3a so it's a prefixed table, * therefore it's surely a VEXed instruction (because of a high index). * However, starting with 0f, could also lead immediately to a prefixed table for some bytes. * it might return NULL, if the index is invalid. */ if (instType == INT_LIST_PREFIXED) { _InstInfo* ii = inst_get_info(in, index); /* See if the instruction is dependent on MOD. */ if ((ii != NULL) && (((_InstInfoEx*)ii)->flagsEx & INST_MODRR_BASED)) { ii = inst_vex_mod_lookup(ci, in, ii, index); } return ii; } /* * If we reached here, obviously we started with 0f. VEXed instructions must be nodes of a prefixed table. * But since we found an instruction (or divided one), just return NULL. * They cannot lead to a VEXed instruction. */ if ((instType == INT_INFO) || (instType == INT_INFOEX) || (instType == INT_LIST_DIVIDED)) return NULL; /* Now we are left with handling either GROUP or FULL tables, therefore we will read another byte from the stream. */ ci->code += 1; ci->codeLen -= 1; if (ci->codeLen < 0) return NULL; if (instType == INT_LIST_GROUP) { in = InstructionsTree[instIndex + ((*ci->code >> 3) & 7)]; /* Continue below to check prefixed table. */ } else if (instType == INT_LIST_FULL) { in = InstructionsTree[instIndex + *ci->code]; /* Continue below to check prefixed table. */ } /* Now that we got to the last table in the trie, check for a prefixed table. */ if (INST_NODE_TYPE(in) == INT_LIST_PREFIXED) { _InstInfo* ii = inst_get_info(in, index); /* See if the instruction is dependent on MOD. */ if ((ii != NULL) && (((_InstInfoEx*)ii)->flagsEx & INST_MODRR_BASED)) { ii = inst_vex_mod_lookup(ci, in, ii, index); } return ii; } /* No VEXed instruction was found. */ return NULL; } _InstInfo* inst_lookup(_CodeInfo* ci, _PrefixState* ps) { unsigned int tmpIndex0 = 0, tmpIndex1 = 0, tmpIndex2 = 0, rex = ps->vrex; int instType = 0; _InstNode in = 0; _InstInfo* ii = NULL; int isWaitIncluded = FALSE; /* See whether we have to handle a VEX prefixed instruction. */ if (ps->decodedPrefixes & INST_PRE_VEX) { ii = inst_vex_lookup(ci, ps); if (ii != NULL) { /* Make sure that VEX.L exists when forced. */ if ((((_InstInfoEx*)ii)->flagsEx & INST_FORCE_VEXL) && (~ps->vrex & PREFIX_EX_L)) return NULL; /* If the instruction doesn't use VEX.vvvv it must be zero. */ if ((((_InstInfoEx*)ii)->flagsEx & INST_VEX_V_UNUSED) && ps->vexV) return NULL; } return ii; } /* Read first byte. */ ci->codeLen -= 1; if (ci->codeLen < 0) return NULL; tmpIndex0 = *ci->code; /* Check for special 0x9b, WAIT instruction, which can be part of some instructions(x87). */ if (tmpIndex0 == INST_WAIT_INDEX) { /* Only OCST_1dBYTES get a chance to include this byte as part of the opcode. */ isWaitIncluded = TRUE; /* Ignore all prefixes, since they are useless and operate on the WAIT instruction itself. */ prefixes_ignore_all(ps); /* Move to next code byte as a new whole instruction. */ ci->code += 1; ci->codeLen -= 1; if (ci->codeLen < 0) return NULL; /* Faster to return NULL, it will be detected as WAIT later anyway. */ /* Since we got a WAIT prefix, we re-read the first byte. */ tmpIndex0 = *ci->code; } /* Walk first byte in InstructionsTree root. */ in = InstructionsTree[tmpIndex0]; if (in == INT_NOTEXISTS) return NULL; instType = INST_NODE_TYPE(in); /* Single byte instruction (OCST_1BYTE). */ if ((instType < INT_INFOS) && (!isWaitIncluded)) { /* Some single byte instructions need extra treatment. */ switch (tmpIndex0) { case INST_ARPL_INDEX: /* * ARPL/MOVSXD share the same opcode, and both have different operands and mnemonics, of course. * Practically, I couldn't come up with a comfortable way to merge the operands' types of ARPL/MOVSXD. * And since the DB can't be patched dynamically, because the DB has to be multi-threaded compliant, * I have no choice but to check for ARPL/MOVSXD right here - "right about now, the funk soul brother, check it out now, the funk soul brother...", fatboy slim */ if (ci->dt == Decode64Bits) { return &II_MOVSXD; } /* else ARPL will be returned because its defined in the DB already. */ break; case INST_NOP_INDEX: /* Nopnopnop */ /* Check for Pause, since it's prefixed with 0xf3, which is not a real mandatory prefix. */ if (ps->decodedPrefixes & INST_PRE_REP) { /* Flag this prefix as used. */ ps->usedPrefixes |= INST_PRE_REP; return &II_PAUSE; } /* * Treat NOP/XCHG specially. * If we're not in 64bits restore XCHG to NOP, since in the DB it's XCHG. * Else if we're in 64bits examine REX, if exists, and decide which instruction should go to output. * 48 90 XCHG RAX, RAX is a true NOP (eat REX in this case because it's valid). * 90 XCHG EAX, EAX is a true NOP (and not high dword of RAX = 0 although it should be a 32 bits operation). * Note that if the REX.B is used, then the register is not RAX anymore but R8, which means it's not a NOP. */ if (rex & PREFIX_EX_W) ps->usedPrefixes |= INST_PRE_REX; if ((ci->dt != Decode64Bits) || (~rex & PREFIX_EX_B)) return &II_NOP; break; case INST_LEA_INDEX: /* Ignore segment override prefixes for LEA instruction. */ ps->decodedPrefixes &= ~INST_PRE_SEGOVRD_MASK; /* Update unused mask for ignoring segment prefix. */ prefixes_ignore(ps, PFXIDX_SEG); break; } /* Return the 1 byte instruction we found. */ return instType == INT_INFO ? &InstInfos[INST_NODE_INDEX(in)] : (_InstInfo*)&InstInfosEx[INST_NODE_INDEX(in)]; } /* Read second byte, still doesn't mean all of its bits are used (I.E: ModRM). */ ci->code += 1; ci->codeLen -= 1; if (ci->codeLen < 0) return NULL; tmpIndex1 = *ci->code; /* Try single byte instruction + reg bits (OCST_13BYTES). */ if ((instType == INT_LIST_GROUP) && (!isWaitIncluded)) return inst_get_info(in, (tmpIndex1 >> 3) & 7); /* Try single byte instruction + reg byte OR one whole byte (OCST_1dBYTES). */ if (instType == INT_LIST_DIVIDED) { /* Checking for inst by REG bits is higher priority if it's found not to be divided instruction. */ { _InstNode in2 = InstructionsTree[INST_NODE_INDEX(in) + ((tmpIndex1 >> 3) & 7)]; /* * Do NOT check for NULL here, since we do a bit of a guess work, * hence we don't override 'in', cause we might still need it. */ instType = INST_NODE_TYPE(in2); if (instType == INT_INFO) ii = &InstInfos[INST_NODE_INDEX(in2)]; else if (instType == INT_INFOEX) ii = (_InstInfo*)&InstInfosEx[INST_NODE_INDEX(in2)]; if ((ii != NULL) && (INST_INFO_FLAGS(ii) & INST_NOT_DIVIDED)) return ii; /* ii is reset below. */ } /* Continue normally because of wait prefix. */ if (tmpIndex1 < INST_DIVIDED_MODRM) { /* An instruction which requires a ModR/M byte. Thus it's 1.3 bytes long instruction. */ tmpIndex1 = (tmpIndex1 >> 3) & 7; /* Isolate the 3 REG/OPCODE bits. */ } else { /* Normal 2 bytes instruction. */ /* * Divided instructions can't be in the range of 0x8-0xc0. * That's because 0-8 are used for 3 bits group. * And 0xc0-0xff are used for not-divided instruction. * So the in between range is omitted, thus saving some more place in the tables. */ tmpIndex1 -= INST_DIVIDED_MODRM - 8; } in = InstructionsTree[INST_NODE_INDEX(in) + tmpIndex1]; if (in == INT_NOTEXISTS) return NULL; instType = INST_NODE_TYPE(in); if (instType < INT_INFOS) { /* If the instruction doesn't support the wait (marked as opsize) as part of the opcode, it's illegal. */ ii = instType == INT_INFO ? &InstInfos[INST_NODE_INDEX(in)] : (_InstInfo*)&InstInfosEx[INST_NODE_INDEX(in)]; if ((~INST_INFO_FLAGS(ii) & INST_PRE_OP_SIZE) && (isWaitIncluded)) return NULL; return ii; } /* * If we got here the instruction can support the wait prefix, so see if it was part of the stream. * Examine prefixed table, specially used for 0x9b, since it's optional. * No Wait: index = 0. * Wait Exists, index = 1. */ return inst_get_info(in, isWaitIncluded); } /* Don't allow to continue if WAIT is part of the opcode, because there are no instructions that include it. */ if (isWaitIncluded) return NULL; /* Try 2 bytes long instruction (doesn't include ModRM byte). */ if (instType == INT_LIST_FULL) { in = InstructionsTree[INST_NODE_INDEX(in) + tmpIndex1]; if (in == INT_NOTEXISTS) return NULL; instType = INST_NODE_TYPE(in); /* This is where we check if we just read two escape bytes in a row, which means it is a 3DNow! instruction. */ if ((tmpIndex0 == _3DNOW_ESCAPE_BYTE) && (tmpIndex1 == _3DNOW_ESCAPE_BYTE)) return &II_3DNOW; /* 2 bytes instruction (OCST_2BYTES). */ if (instType < INT_INFOS) return instType == INT_INFO ? &InstInfos[INST_NODE_INDEX(in)] : (_InstInfo*)&InstInfosEx[INST_NODE_INDEX(in)]; /* * 2 bytes + mandatory prefix. * Mandatory prefixes can be anywhere in the prefixes. * There cannot be more than one mandatory prefix, unless it's a normal operand size prefix. */ if (instType == INT_LIST_PREFIXED) return inst_lookup_prefixed(in, ps); } /* Read third byte, still doesn't mean all of its bits are used (I.E: ModRM). */ ci->code += 1; ci->codeLen -= 1; if (ci->codeLen < 0) return NULL; tmpIndex2 = *ci->code; /* Try 2 bytes + reg instruction (OCST_23BYTES). */ if (instType == INT_LIST_GROUP) { in = InstructionsTree[INST_NODE_INDEX(in) + ((tmpIndex2 >> 3) & 7)]; if (in == INT_NOTEXISTS) return NULL; instType = INST_NODE_TYPE(in); if (instType < INT_INFOS) return instType == INT_INFO ? &InstInfos[INST_NODE_INDEX(in)] : (_InstInfo*)&InstInfosEx[INST_NODE_INDEX(in)]; /* It has to be a prefixed table then. */ ii = inst_lookup_prefixed(in, ps); /* RDRAND and VMPTRLD share same 2.3 bytes opcode, and alternate on the MOD bits. See insts.h for more info. */ if ((ii != NULL) && (ii->opcodeId == I_VMPTRLD) && (tmpIndex1 >= INST_DIVIDED_MODRM)) return &II_RDRAND; return ii; } /* Try 2 bytes + divided range (OCST_2dBYTES). */ if (instType == INT_LIST_DIVIDED) { _InstNode in2 = InstructionsTree[INST_NODE_INDEX(in) + ((tmpIndex2 >> 3) & 7)]; /* * Do NOT check for NULL here, since we do a bit of a guess work, * hence we don't override 'in', cause we might still need it. */ instType = INST_NODE_TYPE(in2); if (instType == INT_INFO) ii = &InstInfos[INST_NODE_INDEX(in2)]; else if (instType == INT_INFOEX) ii = (_InstInfo*)&InstInfosEx[INST_NODE_INDEX(in2)]; /* * OCST_2dBYTES is complex, because there are a few instructions which are not divided in some special cases. * If the instruction wasn't divided (but still it must be a 2.3 because we are in divided category) * or it was an official 2.3 (because its index was less than 0xc0) - * Then it means the instruction should be using the REG bits, otherwise give a chance to range 0xc0-0xff. */ /* If we found an instruction only by its REG bits, AND it is not divided, then return it. */ if ((ii != NULL) && (INST_INFO_FLAGS(ii) & INST_NOT_DIVIDED)) return ii; /* Otherwise, if the range is above 0xc0, try the special divided range (range 0x8-0xc0 is omitted). */ if (tmpIndex2 >= INST_DIVIDED_MODRM) return inst_get_info(in, tmpIndex2 - INST_DIVIDED_MODRM + 8); /* It might be that we got here without touching ii in the above if statements, then it becomes an invalid instruction prolly. */ return ii; } /* Try 3 full bytes (OCST_3BYTES - no ModRM byte). */ if (instType == INT_LIST_FULL) { /* OCST_3BYTES. */ in = InstructionsTree[INST_NODE_INDEX(in) + tmpIndex2]; if (in == INT_NOTEXISTS) return NULL; instType = INST_NODE_TYPE(in); if (instType < INT_INFOS) return instType == INT_INFO ? &InstInfos[INST_NODE_INDEX(in)] : (_InstInfo*)&InstInfosEx[INST_NODE_INDEX(in)]; if (instType == INT_LIST_PREFIXED) return inst_lookup_prefixed(in, ps); } /* Kahtchinggg, damn. */ return NULL; } /* * 3DNow! instruction handling: * This is used when we encounter a 3DNow! instruction. * We can't really locate a 3DNow! instruction before we see two escaped bytes, * 0x0f, 0x0f. Then we have to extract operands which are, dest=mmx register, src=mmx register or quadword indirection. * When we are finished with the extraction of operands we can resume to locate the instruction by reading another byte * which tells us which 3DNow instruction we really tracked down... * So in order to tell the extract operands function which operands the 3DNow! instruction require, we need to set up some * generic instruction info for 3DNow! instructions. * In the inst_lookup itself, when we read an OCST_3BYTES which the two first bytes are 0x0f and 0x0f. * we will return this special generic II for the specific operands we are interested in (MM, MM64). * Then after extracting the operand, we'll call a completion routine for locating the instruction * which will be called only for 3DNow! instructions, distinguished by a flag, and it will read the last byte of the 3 bytes. * * The id of this opcode should not be used, the following function should change it anyway. */ _InstInfo* inst_lookup_3dnow(_CodeInfo* ci) { /* Start off from the two escape bytes gates... which is 3DNow! table.*/ _InstNode in = Table_0F_0F; int index; /* Make sure we can read a byte off the stream. */ if (ci->codeLen < 1) return NULL; index = *ci->code; ci->codeLen -= 1; ci->code += 1; return inst_get_info(in, index); } distorm-3.4.1/src/instructions.h000077500000000000000000000422411340425302400167070ustar00rootroot00000000000000/* instructions.h diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #ifndef INSTRUCTIONS_H #define INSTRUCTIONS_H #include "config.h" #include "prefix.h" /* * Operand type possibilities: * Note "_FULL" suffix indicates to decode the operand as 16 bits or 32 bits depends on DecodeType - * actually, it depends on the decoding mode, unless there's an operand/address size prefix. * For example, the code: 33 c0 could be decoded/executed as XOR AX, AX or XOR EAX, EAX. */ typedef enum OpType { /* No operand is set */ OT_NONE = 0, /* Read a byte(8 bits) immediate */ OT_IMM8, /* Force a read of a word(16 bits) immediate, used by ret only */ OT_IMM16, /* Read a word/dword immediate */ OT_IMM_FULL, /* Read a double-word(32 bits) immediate */ OT_IMM32, /* Read a signed extended byte(8 bits) immediate */ OT_SEIMM8, /* * Special immediates for instructions which have more than one immediate, * which is an exception from standard instruction format. * As to version v1.0: ENTER, INSERTQ, EXTRQ are the only problematic ones. */ /* 16 bits immediate using the first imm-slot */ OT_IMM16_1, /* 8 bits immediate using the first imm-slot */ OT_IMM8_1, /* 8 bits immediate using the second imm-slot */ OT_IMM8_2, /* Use a 8bit register */ OT_REG8, /* Use a 16bit register */ OT_REG16, /* Use a 16/32/64bit register */ OT_REG_FULL, /* Use a 32bit register */ OT_REG32, /* * If used with REX the reg operand size becomes 64 bits, otherwise 32 bits. * VMX instructions are promoted automatically without a REX prefix. */ OT_REG32_64, /* Used only by MOV CR/DR(n). Promoted with REX onlly. */ OT_FREG32_64_RM, /* Use or read (indirection) a 8bit register or immediate byte */ OT_RM8, /* Some instructions force 16 bits (mov sreg, rm16) */ OT_RM16, /* Use or read a 16/32/64bit register or immediate word/dword/qword */ OT_RM_FULL, /* * 32 or 64 bits (with REX) operand size indirection memory operand. * Some instructions are promoted automatically without a REX prefix. */ OT_RM32_64, /* 16 or 32 bits RM. This is used only with MOVZXD instruction in 64bits. */ OT_RM16_32, /* Same as OT_RMXX but POINTS to 16 bits [cannot use GENERAL-PURPOSE REG!] */ OT_FPUM16, /* Same as OT_RMXX but POINTS to 32 bits (single precision) [cannot use GENERAL-PURPOSE REG!] */ OT_FPUM32, /* Same as OT_RMXX but POINTS to 64 bits (double precision) [cannot use GENERAL-PURPOSE REG!] */ OT_FPUM64, /* Same as OT_RMXX but POINTS to 80 bits (extended precision) [cannot use GENERAL-PURPOSE REG!] */ OT_FPUM80, /* * Special operand type for SSE4 where the ModR/M might * be a 32 bits register or 8 bits memory indirection operand. */ OT_R32_M8, /* * Special ModR/M for PINSRW, which need a 16 bits memory operand or 32 bits register. * In 16 bits decoding mode R32 becomes R16, operand size cannot affect this. */ OT_R32_M16, /* * Special type for SSE4, ModR/M might be a 32 bits or 64 bits (with REX) register or * a 8 bits memory indirection operand. */ OT_R32_64_M8, /* * Special type for SSE4, ModR/M might be a 32 bits or 64 bits (with REX) register or * a 16 bits memory indirection operand. */ OT_R32_64_M16, /* * Special operand type for MOV reg16/32/64/mem16, segReg 8C /r. and SMSW. * It supports all decoding modes, but if used as a memory indirection it's a 16 bit ModR/M indirection. */ OT_RFULL_M16, /* Use a control register */ OT_CREG, /* Use a debug register */ OT_DREG, /* Use a segment register */ OT_SREG, /* * SEG is encoded in the flags of the opcode itself! * This is used for specific "push SS" where SS is a segment where * each "push SS" has an absolutely different opcode byte. * We need this to detect whether an operand size prefix is used. */ OT_SEG, /* Use AL */ OT_ACC8, /* Use AX (FSTSW) */ OT_ACC16, /* Use AX/EAX/RAX */ OT_ACC_FULL, /* Use AX/EAX, no REX is possible for RAX, used only with IN/OUT which don't support 64 bit registers */ OT_ACC_FULL_NOT64, /* * Read one word (seg), and a word/dword/qword (depends on operand size) from memory. * JMP FAR [EBX] means EBX point to 16:32 ptr. */ OT_MEM16_FULL, /* Read one word (seg) and a word/dword/qword (depends on operand size), usually SEG:OFF, JMP 1234:1234 */ OT_PTR16_FULL, /* Read one word (limit) and a dword/qword (limit) (depends on operand size), used by SGDT, SIDT, LGDT, LIDT. */ OT_MEM16_3264, /* Read a byte(8 bits) immediate and calculate it relatively to the current offset of the instruction being decoded */ OT_RELCB, /* Read a word/dword immediate and calculate it relatively to the current offset of the instruction being decoded */ OT_RELC_FULL, /* Use general memory indirection, with varying sizes: */ OT_MEM, /* Used when a memory indirection is required, but if the mod field is 11, this operand will be ignored. */ OT_MEM_OPT, OT_MEM32, /* Memory dereference for MOVNTI, either 32 or 64 bits (with REX). */ OT_MEM32_64, OT_MEM64, OT_MEM128, /* Used for cmpxchg8b/16b. */ OT_MEM64_128, /* Read an immediate as an absolute address, size is known by instruction, used by MOV (memory offset) only */ OT_MOFFS8, OT_MOFFS_FULL, /* Use an immediate of 1, as for SHR R/M, 1 */ OT_CONST1, /* Use CL, as for SHR R/M, CL */ OT_REGCL, /* * Instruction-Block for one byte long instructions, used by INC/DEC/PUSH/POP/XCHG, * REG is extracted from the value of opcode * Use a 8bit register */ OT_IB_RB, /* Use a 16/32/64bit register */ OT_IB_R_FULL, /* Use [(r)SI] as INDIRECTION, for repeatable instructions */ OT_REGI_ESI, /* Use [(r)DI] as INDIRECTION, for repeatable instructions */ OT_REGI_EDI, /* Use [(r)BX + AL] as INDIRECTIOM, used by XLAT only */ OT_REGI_EBXAL, /* Use [(r)AX] as INDIRECTION, used by AMD's SVM instructions */ OT_REGI_EAX, /* Use DX, as for OUTS DX, BYTE [SI] */ OT_REGDX, /* Use ECX in INVLPGA instruction */ OT_REGECX, /* FPU registers: */ OT_FPU_SI, /* ST(i) */ OT_FPU_SSI, /* ST(0), ST(i) */ OT_FPU_SIS, /* ST(i), ST(0) */ /* MMX registers: */ OT_MM, /* Extract the MMX register from the RM bits this time (used when the REG bits are used for opcode extension) */ OT_MM_RM, /* ModR/M points to 32 bits MMX variable */ OT_MM32, /* ModR/M points to 32 bits MMX variable */ OT_MM64, /* SSE registers: */ OT_XMM, /* Extract the SSE register from the RM bits this time (used when the REG bits are used for opcode extension) */ OT_XMM_RM, /* ModR/M points to 16 bits SSE variable */ OT_XMM16, /* ModR/M points to 32 bits SSE variable */ OT_XMM32, /* ModR/M points to 64 bits SSE variable */ OT_XMM64, /* ModR/M points to 128 bits SSE variable */ OT_XMM128, /* Implied XMM0 register as operand, used in SSE4. */ OT_REGXMM0, /* AVX operands: */ /* ModR/M for 32 bits. */ OT_RM32, /* Reg32/Reg64 (prefix width) or Mem8. */ OT_REG32_64_M8, /* Reg32/Reg64 (prefix width) or Mem16. */ OT_REG32_64_M16, /* Reg32/Reg 64 depends on prefix width only. */ OT_WREG32_64, /* RM32/RM64 depends on prefix width only. */ OT_WRM32_64, /* XMM or Mem32/Mem64 depends on perfix width only. */ OT_WXMM32_64, /* XMM is encoded in VEX.VVVV. */ OT_VXMM, /* XMM is encoded in the high nibble of an immediate byte. */ OT_XMM_IMM, /* YMM/XMM is dependent on VEX.L. */ OT_YXMM, /* YMM/XMM (depends on prefix length) is encoded in the high nibble of an immediate byte. */ OT_YXMM_IMM, /* YMM is encoded in reg. */ OT_YMM, /* YMM or Mem256. */ OT_YMM256, /* YMM is encoded in VEX.VVVV. */ OT_VYMM, /* YMM/XMM is dependent on VEX.L, and encoded in VEX.VVVV. */ OT_VYXMM, /* YMM/XMM or Mem64/Mem256 is dependent on VEX.L. */ OT_YXMM64_256, /* YMM/XMM or Mem128/Mem256 is dependent on VEX.L. */ OT_YXMM128_256, /* XMM or Mem64/Mem256 is dependent on VEX.L. */ OT_LXMM64_128, /* Mem128/Mem256 is dependent on VEX.L. */ OT_LMEM128_256 } _OpType; /* Flags for instruction: */ /* Empty flags indicator: */ #define INST_FLAGS_NONE (0) /* The instruction we are going to decode requires ModR/M encoding. */ #define INST_MODRM_REQUIRED (1) /* Special treatment for instructions which are in the divided-category but still needs the whole byte for ModR/M... */ #define INST_NOT_DIVIDED (1 << 1) /* * Used explicitly in repeatable instructions, * which needs a suffix letter in their mnemonic to specify operation-size (depend on operands). */ #define INST_16BITS (1 << 2) /* If the opcode is supported by 80286 and upper models (16/32 bits). */ #define INST_32BITS (1 << 3) /* * Prefix flags (6 types: lock/rep, seg override, addr-size, oper-size, REX, VEX) * There are several specific instructions that can follow LOCK prefix, * note that they must be using a memory operand form, otherwise they generate an exception. */ #define INST_PRE_LOCK (1 << 4) /* REPNZ prefix for string instructions only - means an instruction can follow it. */ #define INST_PRE_REPNZ (1 << 5) /* REP prefix for string instructions only - means an instruction can follow it. */ #define INST_PRE_REP (1 << 6) /* CS override prefix. */ #define INST_PRE_CS (1 << 7) /* SS override prefix. */ #define INST_PRE_SS (1 << 8) /* DS override prefix. */ #define INST_PRE_DS (1 << 9) /* ES override prefix. */ #define INST_PRE_ES (1 << 10) /* FS override prefix. Funky Segment :) */ #define INST_PRE_FS (1 << 11) /* GS override prefix. Groovy Segment, of course not, duh ! */ #define INST_PRE_GS (1 << 12) /* Switch operand size from 32 to 16 and vice versa. */ #define INST_PRE_OP_SIZE (1 << 13) /* Switch address size from 32 to 16 and vice versa. */ #define INST_PRE_ADDR_SIZE (1 << 14) /* Native instructions which needs suffix letter to indicate their operation-size (and don't depend on operands). */ #define INST_NATIVE (1 << 15) /* Use extended mnemonic, means it's an _InstInfoEx structure, which contains another mnemonic for 32 bits specifically. */ #define INST_USE_EXMNEMONIC (1 << 16) /* Use third operand, means it's an _InstInfoEx structure, which contains another operand for special instructions. */ #define INST_USE_OP3 (1 << 17) /* Use fourth operand, means it's an _InstInfoEx structure, which contains another operand for special instructions. */ #define INST_USE_OP4 (1 << 18) /* The instruction's mnemonic depends on the mod value of the ModR/M byte (mod=11, mod!=11). */ #define INST_MNEMONIC_MODRM_BASED (1 << 19) /* The instruction uses a ModR/M byte which the MOD must be 11 (for registers operands only). */ #define INST_MODRR_REQUIRED (1 << 20) /* The way of 3DNow! instructions are built, we have to handle their locating specially. Suffix imm8 tells which instruction it is. */ #define INST_3DNOW_FETCH (1 << 21) /* The instruction needs two suffixes, one for the comparison type (imm8) and the second for its operation size indication (second mnemonic). */ #define INST_PSEUDO_OPCODE (1 << 22) /* Invalid instruction at 64 bits decoding mode. */ #define INST_INVALID_64BITS (1 << 23) /* Specific instruction can be promoted to 64 bits (without REX, it is promoted automatically). */ #define INST_64BITS (1 << 24) /* Indicates the instruction must be REX prefixed in order to use 64 bits operands. */ #define INST_PRE_REX (1 << 25) /* Third mnemonic is set. */ #define INST_USE_EXMNEMONIC2 (1 << 26) /* Instruction is only valid in 64 bits decoding mode. */ #define INST_64BITS_FETCH (1 << 27) /* Forces that the ModRM-REG/Opcode field will be 0. (For EXTRQ). */ #define INST_FORCE_REG0 (1 << 28) /* Indicates that instruction is encoded with a VEX prefix. */ #define INST_PRE_VEX (1 << 29) /* Indicates that the instruction is encoded with a ModRM byte (REG field specifically). */ #define INST_MODRM_INCLUDED (1 << 30) /* Indicates that the first (/destination) operand of the instruction is writable. */ #define INST_DST_WR (1 << 31) #define INST_PRE_REPS (INST_PRE_REPNZ | INST_PRE_REP) #define INST_PRE_LOKREP_MASK (INST_PRE_LOCK | INST_PRE_REPNZ | INST_PRE_REP) #define INST_PRE_SEGOVRD_MASK32 (INST_PRE_CS | INST_PRE_SS | INST_PRE_DS | INST_PRE_ES) #define INST_PRE_SEGOVRD_MASK64 (INST_PRE_FS | INST_PRE_GS) #define INST_PRE_SEGOVRD_MASK (INST_PRE_SEGOVRD_MASK32 | INST_PRE_SEGOVRD_MASK64) /* Extended flags for VEX: */ /* Indicates that the instruction might have VEX.L encoded. */ #define INST_VEX_L (1) /* Indicates that the instruction might have VEX.W encoded. */ #define INST_VEX_W (1 << 1) /* Indicates that the mnemonic of the instruction is based on the VEX.W bit. */ #define INST_MNEMONIC_VEXW_BASED (1 << 2) /* Indicates that the mnemonic of the instruction is based on the VEX.L bit. */ #define INST_MNEMONIC_VEXL_BASED (1 << 3) /* Forces the instruction to be encoded with VEX.L, otherwise it's undefined. */ #define INST_FORCE_VEXL (1 << 4) /* * Indicates that the instruction is based on the MOD field of the ModRM byte. * (MOD==11: got the right instruction, else skip +4 in prefixed table for the correct instruction). */ #define INST_MODRR_BASED (1 << 5) /* Indicates that the instruction doesn't use the VVVV field of the VEX prefix, if it does then it's undecodable. */ #define INST_VEX_V_UNUSED (1 << 6) /* Indication that the instruction is privileged (Ring 0), this should be checked on the opcodeId field. */ #define OPCODE_ID_PRIVILEGED ((uint16_t)0x8000) /* * Indicates which operand is being decoded. * Destination (1st), Source (2nd), op3 (3rd), op4 (4th). * Used to set the operands' fields in the _DInst structure! */ typedef enum {ONT_NONE = -1, ONT_1 = 0, ONT_2 = 1, ONT_3 = 2, ONT_4 = 3} _OperandNumberType; /* CPU Flags that instructions modify, test or undefine, in compacted form (CF,PF,AF,ZF,SF are 1:1 map to EFLAGS). */ #define D_COMPACT_CF 1 /* Carry */ #define D_COMPACT_PF 4 /* Parity */ #define D_COMPACT_AF 0x10 /* Auxiliary */ #define D_COMPACT_ZF 0x40 /* Zero */ #define D_COMPACT_SF 0x80 /* Sign */ /* The following flags have to be translated to EFLAGS. */ #define D_COMPACT_IF 2 /* Interrupt */ #define D_COMPACT_DF 8 /* Direction */ #define D_COMPACT_OF 0x20 /* Overflow */ /* The mask of flags that are already compatible with EFLAGS. */ #define D_COMPACT_SAME_FLAGS (D_COMPACT_CF | D_COMPACT_PF | D_COMPACT_AF | D_COMPACT_ZF | D_COMPACT_SF) /* * In order to save more space for storing the DB statically, * I came up with another level of shared info. * Because I saw that most of the information that instructions use repeats itself. * * Info about the instruction, source/dest types, meta and flags. * _InstInfo points to a table of _InstSharedInfo. */ typedef struct { uint8_t flagsIndex; /* An index into FlagsTables */ uint8_t s, d; /* OpType. */ uint8_t meta; /* Hi 5 bits = Instruction set class | Lo 3 bits = flow control flags. */ /* * The following are CPU flag masks that the instruction changes. * The flags are compacted so 8 bits representation is enough. * They will be expanded in runtime to be compatible to EFLAGS. */ uint8_t modifiedFlagsMask; uint8_t testedFlagsMask; uint8_t undefinedFlagsMask; } _InstSharedInfo; /* * This structure is used for the instructions DB and NOT for the disassembled result code! * This is the BASE structure, there are extensions to this structure below. */ typedef struct { uint16_t sharedIndex; /* An index into the SharedInfoTable. */ uint16_t opcodeId; /* The opcodeId is really a byte-offset into the mnemonics table. MSB is a privileged indication. */ } _InstInfo; /* * There are merely few instructions which need a second mnemonic for 32 bits. * Or a third for 64 bits. Therefore sometimes the second mnemonic is empty but not the third. * In all decoding modes the first mnemonic is the default. * A flag will indicate it uses another mnemonic. * * There are a couple of (SSE4) instructions in the whole DB which need both op3 and 3rd mnemonic for 64bits, * therefore, I decided to make the extended structure contain all extra info in the same structure. * There are a few instructions (SHLD/SHRD/IMUL and SSE too) which use third operand (or a fourth). * A flag will indicate it uses a third/fourth operand. */ typedef struct { /* Base structure (doesn't get accessed directly from code). */ _InstInfo BASE; /* Extended starts here. */ uint8_t flagsEx; /* 8 bits are enough, in the future we might make it a bigger integer. */ uint8_t op3, op4; /* OpType. */ uint16_t opcodeId2, opcodeId3; } _InstInfoEx; /* Trie data structure node type: */ typedef enum { INT_NOTEXISTS = 0, /* Not exists. */ INT_INFO = 1, /* It's an instruction info. */ INT_INFOEX, INT_LIST_GROUP, INT_LIST_FULL, INT_LIST_DIVIDED, INT_LIST_PREFIXED } _InstNodeType; /* Used to check instType < INT_INFOS, means we got an inst-info. Cause it has to be only one of them. */ #define INT_INFOS (INT_LIST_GROUP) /* Instruction node is treated as { int index:13; int type:3; } */ typedef uint16_t _InstNode; _InstInfo* inst_lookup(_CodeInfo* ci, _PrefixState* ps); _InstInfo* inst_lookup_3dnow(_CodeInfo* ci); #endif /* INSTRUCTIONS_H */ distorm-3.4.1/src/insts.c000077500000000000000000006110611340425302400153000ustar00rootroot00000000000000/* insts.c diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #include "config.h" #include "insts.h" #include "instructions.h" /* * GENERATED BY disOps at Sat Nov 10 19:20:27 2018 */ _InstInfo II_MOVSXD = /*II*/ {0x1d4, 10027}; _InstInfo II_NOP = /*II*/ {0x53, 581}; _InstInfo II_PAUSE = /*II*/ {0x88, 10035}; _InstInfo II_WAIT = /*II*/ {0x53, 10042}; _InstInfo II_RDRAND = /*II*/ {0x1d5, 10048}; _InstInfo II_3DNOW = /*II*/ {0x1d6, 10056}; _iflags FlagsTable[101] = { 0x80000011, 0x80000000, 0x800400, 0x80800400, 0x800080, 0x800100, 0x80800100, 0x800200, 0x80800200, 0x800000, 0x1, 0x0, 0x80800000, 0x1000000, 0x81000000, 0x808000, 0x800001, 0x80020001, 0x1002000, 0x60, 0x64, 0x80000001, 0x4010000, 0x1008000, 0x80000060, 0x83000064, 0x3000064, 0x83000000, 0x3008000, 0x200, 0xc000, 0x4014000, 0x8, 0x81000009, 0x9, 0x80000009, 0x1000808, 0x81000808, 0x80020009, 0x1001008, 0x81001008, 0x80000019, 0x3000009, 0x83000009, 0x83000008, 0xc0000011, 0x40000001, 0xc0800011, 0x40800001, 0xc0000019, 0xc1000001, 0xc0000001, 0xc0000003, 0x41000000, 0x40000000, 0x40000008, 0x40000009, 0x41000001, 0x43000001, 0x40000003, 0x48000000, 0x200009, 0x20000009, 0x60020009, 0x60000009, 0x80090009, 0x200b0009, 0x20020009, 0x80100009, 0x21100009, 0x87000009, 0x20009, 0x20000008, 0x1000009, 0x10020009, 0x160009, 0x100009, 0x47000009, 0x47090009, 0x40090009, 0x80002009, 0xc0000009, 0x2001, 0x80002001, 0x410009, 0x20420009, 0x20060009, 0x120009, 0x21020009, 0xc7000019, 0x20100009, 0xc0002009, 0x40002008, 0xc0000000, 0xc0002008, 0x4020009, 0x40100009, 0x60120009, 0x41000009, 0x83000001, 0x200001 }; _InstNode Table_0F = 256; _InstNode Table_0F_0F = 1440; _InstNode Table_0F_38 = 1896; _InstNode Table_0F_3A = 2152; _InstInfo InstInfos[1246] = { /*II_00*/ {0x0, 11}, /*II_01*/ {0x1, 11}, /*II_02*/ {0x2, 11}, /*II_03*/ {0x3, 11}, /*II_04*/ {0x4, 11}, /*II_05*/ {0x5, 11}, /*II_06*/ {0x6, 16}, /*II_07*/ {0x7, 22}, /*II_08*/ {0x8, 27}, /*II_09*/ {0x9, 27}, /*II_0A*/ {0xa, 27}, /*II_0B*/ {0xb, 27}, /*II_0C*/ {0xc, 27}, /*II_0D*/ {0xd, 27}, /*II_0E*/ {0xe, 16}, /*II_10*/ {0xf, 31}, /*II_11*/ {0x10, 31}, /*II_12*/ {0x11, 31}, /*II_13*/ {0x12, 31}, /*II_14*/ {0x13, 31}, /*II_15*/ {0x14, 31}, /*II_16*/ {0x15, 16}, /*II_17*/ {0x16, 22}, /*II_18*/ {0xf, 36}, /*II_19*/ {0x10, 36}, /*II_1A*/ {0x11, 36}, /*II_1B*/ {0x12, 36}, /*II_1C*/ {0x13, 36}, /*II_1D*/ {0x14, 36}, /*II_1E*/ {0x17, 16}, /*II_1F*/ {0x18, 22}, /*II_20*/ {0x19, 41}, /*II_21*/ {0x1a, 41}, /*II_22*/ {0x1b, 41}, /*II_23*/ {0x1c, 41}, /*II_24*/ {0x1d, 41}, /*II_25*/ {0x1e, 41}, /*II_27*/ {0x1f, 46}, /*II_28*/ {0x0, 51}, /*II_29*/ {0x1, 51}, /*II_2A*/ {0x2, 51}, /*II_2B*/ {0x3, 51}, /*II_2C*/ {0x4, 51}, /*II_2D*/ {0x5, 51}, /*II_2F*/ {0x1f, 56}, /*II_30*/ {0x20, 61}, /*II_31*/ {0x21, 61}, /*II_32*/ {0x22, 61}, /*II_33*/ {0x23, 61}, /*II_34*/ {0x24, 61}, /*II_35*/ {0x25, 61}, /*II_37*/ {0x26, 66}, /*II_38*/ {0x27, 71}, /*II_39*/ {0x28, 71}, /*II_3A*/ {0x29, 71}, /*II_3B*/ {0x2a, 71}, /*II_3C*/ {0x2b, 71}, /*II_3D*/ {0x2c, 71}, /*II_3F*/ {0x26, 76}, /*II_40*/ {0x2d, 81}, /*II_40*/ {0x2d, 81}, /*II_40*/ {0x2d, 81}, /*II_40*/ {0x2d, 81}, /*II_40*/ {0x2d, 81}, /*II_40*/ {0x2d, 81}, /*II_40*/ {0x2d, 81}, /*II_40*/ {0x2d, 81}, /*II_48*/ {0x2d, 86}, /*II_48*/ {0x2d, 86}, /*II_48*/ {0x2d, 86}, /*II_48*/ {0x2d, 86}, /*II_48*/ {0x2d, 86}, /*II_48*/ {0x2d, 86}, /*II_48*/ {0x2d, 86}, /*II_48*/ {0x2d, 86}, /*II_50*/ {0x2e, 16}, /*II_50*/ {0x2e, 16}, /*II_50*/ {0x2e, 16}, /*II_50*/ {0x2e, 16}, /*II_50*/ {0x2e, 16}, /*II_50*/ {0x2e, 16}, /*II_50*/ {0x2e, 16}, /*II_50*/ {0x2e, 16}, /*II_58*/ {0x2f, 22}, /*II_58*/ {0x2f, 22}, /*II_58*/ {0x2f, 22}, /*II_58*/ {0x2f, 22}, /*II_58*/ {0x2f, 22}, /*II_58*/ {0x2f, 22}, /*II_58*/ {0x2f, 22}, /*II_58*/ {0x2f, 22}, /*II_60*/ {0x30, 91}, /*II_61*/ {0x30, 98}, /*II_62*/ {0x31, 104}, /*II_63*/ {0x32, 111}, /*II_68*/ {0x33, 16}, /*II_6A*/ {0x35, 16}, /*II_6C*/ {0x36, 32891}, /*II_6D*/ {0x37, 32891}, /*II_6E*/ {0x38, 32896}, /*II_6F*/ {0x39, 32896}, /*II_70*/ {0x3a, 134}, /*II_71*/ {0x3a, 138}, /*II_72*/ {0x3b, 143}, /*II_73*/ {0x3b, 147}, /*II_74*/ {0x3c, 152}, /*II_75*/ {0x3c, 156}, /*II_76*/ {0x3d, 161}, /*II_77*/ {0x3d, 166}, /*II_78*/ {0x3e, 170}, /*II_79*/ {0x3e, 174}, /*II_7A*/ {0x3f, 179}, /*II_7B*/ {0x3f, 183}, /*II_7C*/ {0x40, 188}, /*II_7D*/ {0x40, 192}, /*II_7E*/ {0x41, 197}, /*II_7F*/ {0x41, 202}, /*II_84*/ {0x42, 206}, /*II_85*/ {0x43, 206}, /*II_86*/ {0x44, 212}, /*II_87*/ {0x45, 212}, /*II_88*/ {0x46, 218}, /*II_89*/ {0x47, 218}, /*II_8A*/ {0x48, 218}, /*II_8B*/ {0x49, 218}, /*II_8C*/ {0x4a, 218}, /*II_8D*/ {0x4b, 223}, /*II_8E*/ {0x4c, 218}, /*II_90*/ {0x4d, 212}, /*II_91*/ {0x4d, 212}, /*II_92*/ {0x4d, 212}, /*II_93*/ {0x4d, 212}, /*II_94*/ {0x4d, 212}, /*II_95*/ {0x4d, 212}, /*II_96*/ {0x4d, 212}, /*II_97*/ {0x4d, 212}, /*II_9A*/ {0x4f, 260}, /*II_9C*/ {0x50, 270}, /*II_9D*/ {0x51, 277}, /*II_9E*/ {0x52, 283}, /*II_9F*/ {0x53, 289}, /*II_A0*/ {0x54, 218}, /*II_A1*/ {0x55, 218}, /*II_A2*/ {0x56, 218}, /*II_A3*/ {0x57, 218}, /*II_A4*/ {0x58, 295}, /*II_A5*/ {0x59, 295}, /*II_A6*/ {0x5a, 301}, /*II_A7*/ {0x5b, 301}, /*II_A8*/ {0x5c, 206}, /*II_A9*/ {0x5d, 206}, /*II_AA*/ {0x5e, 307}, /*II_AB*/ {0x5f, 307}, /*II_AC*/ {0x60, 313}, /*II_AD*/ {0x61, 313}, /*II_AE*/ {0x62, 319}, /*II_AF*/ {0x63, 319}, /*II_B0*/ {0x64, 218}, /*II_B0*/ {0x64, 218}, /*II_B0*/ {0x64, 218}, /*II_B0*/ {0x64, 218}, /*II_B0*/ {0x64, 218}, /*II_B0*/ {0x64, 218}, /*II_B0*/ {0x64, 218}, /*II_B0*/ {0x64, 218}, /*II_B8*/ {0x65, 218}, /*II_B8*/ {0x65, 218}, /*II_B8*/ {0x65, 218}, /*II_B8*/ {0x65, 218}, /*II_B8*/ {0x65, 218}, /*II_B8*/ {0x65, 218}, /*II_B8*/ {0x65, 218}, /*II_B8*/ {0x65, 218}, /*II_C2*/ {0x66, 325}, /*II_C3*/ {0x67, 325}, /*II_C4*/ {0x68, 330}, /*II_C5*/ {0x68, 335}, /*II_C8*/ {0x69, 340}, /*II_C9*/ {0x6a, 347}, /*II_CA*/ {0x6b, 354}, /*II_CB*/ {0x6c, 354}, /*II_CC*/ {0x6d, 360}, /*II_CD*/ {0x6e, 367}, /*II_CE*/ {0x6f, 372}, /*II_CF*/ {0x70, 33146}, /*II_D4*/ {0x71, 384}, /*II_D5*/ {0x71, 389}, /*II_D6*/ {0x72, 394}, /*II_D7*/ {0x73, 400}, /*II_E0*/ {0x74, 406}, /*II_E1*/ {0x74, 414}, /*II_E2*/ {0x75, 421}, /*II_E4*/ {0x77, 33215}, /*II_E5*/ {0x78, 33215}, /*II_E6*/ {0x79, 33219}, /*II_E7*/ {0x7a, 33219}, /*II_E8*/ {0x7b, 456}, /*II_E9*/ {0x7c, 462}, /*II_EA*/ {0x7d, 467}, /*II_EB*/ {0x7e, 462}, /*II_EC*/ {0x7f, 33215}, /*II_ED*/ {0x80, 33215}, /*II_EE*/ {0x81, 33219}, /*II_EF*/ {0x82, 33219}, /*II_F1*/ {0x6d, 476}, /*II_F4*/ {0x53, 33250}, /*II_F5*/ {0x83, 487}, /*II_F8*/ {0x83, 492}, /*II_F9*/ {0x83, 497}, /*II_FA*/ {0x84, 33270}, /*II_FB*/ {0x84, 33275}, /*II_FC*/ {0x85, 512}, /*II_FD*/ {0x85, 517}, /*II_0F_02*/ {0x86, 522}, /*II_0F_03*/ {0x86, 527}, /*II_0F_05*/ {0x87, 532}, /*II_0F_06*/ {0x88, 33309}, /*II_0F_07*/ {0x87, 547}, /*II_0F_08*/ {0x88, 33323}, /*II_0F_09*/ {0x88, 33329}, /*II_0F_0B*/ {0x89, 569}, /*II_0F_0E*/ {0x8a, 574}, /*II_0F_1F*/ {0x8b, 581}, /*II_0F_20*/ {0x8c, 32986}, /*II_0F_21*/ {0x8d, 32986}, /*II_0F_22*/ {0x8e, 32986}, /*II_0F_23*/ {0x8f, 32986}, /*II_0F_30*/ {0x88, 33354}, /*II_0F_31*/ {0x88, 33361}, /*II_0F_32*/ {0x88, 33368}, /*II_0F_33*/ {0x88, 33375}, /*II_0F_34*/ {0x87, 614}, /*II_0F_35*/ {0x87, 624}, /*II_0F_37*/ {0x90, 633}, /*II_0F_40*/ {0x91, 641}, /*II_0F_41*/ {0x91, 648}, /*II_0F_42*/ {0x92, 656}, /*II_0F_43*/ {0x92, 663}, /*II_0F_44*/ {0x93, 671}, /*II_0F_45*/ {0x93, 678}, /*II_0F_46*/ {0x94, 686}, /*II_0F_47*/ {0x94, 694}, /*II_0F_48*/ {0x95, 701}, /*II_0F_49*/ {0x95, 708}, /*II_0F_4A*/ {0x96, 716}, /*II_0F_4B*/ {0x96, 723}, /*II_0F_4C*/ {0x97, 731}, /*II_0F_4D*/ {0x97, 738}, /*II_0F_4E*/ {0x98, 746}, /*II_0F_4F*/ {0x98, 754}, /*II_0F_80*/ {0x99, 134}, /*II_0F_81*/ {0x99, 138}, /*II_0F_82*/ {0x9a, 143}, /*II_0F_83*/ {0x9a, 147}, /*II_0F_84*/ {0x9b, 152}, /*II_0F_85*/ {0x9b, 156}, /*II_0F_86*/ {0x9c, 161}, /*II_0F_87*/ {0x9c, 166}, /*II_0F_88*/ {0x9d, 170}, /*II_0F_89*/ {0x9d, 174}, /*II_0F_8A*/ {0x9e, 179}, /*II_0F_8B*/ {0x9e, 183}, /*II_0F_8C*/ {0x9f, 188}, /*II_0F_8D*/ {0x9f, 192}, /*II_0F_8E*/ {0xa0, 197}, /*II_0F_8F*/ {0xa0, 202}, /*II_0F_90*/ {0xa1, 761}, /*II_0F_91*/ {0xa1, 767}, /*II_0F_92*/ {0xa2, 774}, /*II_0F_93*/ {0xa2, 780}, /*II_0F_94*/ {0xa3, 787}, /*II_0F_95*/ {0xa3, 793}, /*II_0F_96*/ {0xa4, 800}, /*II_0F_97*/ {0xa4, 807}, /*II_0F_98*/ {0xa5, 813}, /*II_0F_99*/ {0xa5, 819}, /*II_0F_9A*/ {0xa6, 826}, /*II_0F_9B*/ {0xa6, 832}, /*II_0F_9C*/ {0xa7, 839}, /*II_0F_9D*/ {0xa7, 845}, /*II_0F_9E*/ {0xa8, 852}, /*II_0F_9F*/ {0xa8, 859}, /*II_0F_A0*/ {0xa9, 16}, /*II_0F_A1*/ {0xaa, 22}, /*II_0F_A2*/ {0x88, 865}, /*II_0F_A3*/ {0xab, 872}, /*II_0F_A8*/ {0xad, 16}, /*II_0F_A9*/ {0xae, 22}, /*II_0F_AA*/ {0xaf, 882}, /*II_0F_AB*/ {0xb0, 887}, /*II_0F_AF*/ {0xb1, 117}, /*II_0F_B0*/ {0xb2, 898}, /*II_0F_B1*/ {0xb3, 898}, /*II_0F_B2*/ {0xb4, 907}, /*II_0F_B3*/ {0xb0, 912}, /*II_0F_B4*/ {0xb4, 917}, /*II_0F_B5*/ {0xb4, 922}, /*II_0F_B6*/ {0xb5, 927}, /*II_0F_B7*/ {0xb6, 927}, /*II_0F_B9*/ {0x89, 569}, /*II_0F_BB*/ {0xb0, 934}, /*II_0F_BE*/ {0xb5, 939}, /*II_0F_BF*/ {0xb6, 939}, /*II_0F_C0*/ {0xb2, 946}, /*II_0F_C1*/ {0xb3, 946}, /*II_0F_C3*/ {0xb7, 952}, /*II_0F_C8*/ {0xb8, 960}, /*II_0F_C8*/ {0xb8, 960}, /*II_0F_C8*/ {0xb8, 960}, /*II_0F_C8*/ {0xb8, 960}, /*II_0F_C8*/ {0xb8, 960}, /*II_0F_C8*/ {0xb8, 960}, /*II_0F_C8*/ {0xb8, 960}, /*II_0F_C8*/ {0xb8, 960}, /*II_80_00*/ {0xb9, 11}, /*II_80_01*/ {0xba, 27}, /*II_80_02*/ {0xbb, 31}, /*II_80_03*/ {0xbb, 36}, /*II_80_04*/ {0xbc, 41}, /*II_80_05*/ {0xb9, 51}, /*II_80_06*/ {0xbd, 61}, /*II_80_07*/ {0xbe, 71}, /*II_81_00*/ {0xbf, 11}, /*II_81_01*/ {0xc0, 27}, /*II_81_02*/ {0xc1, 31}, /*II_81_03*/ {0xc1, 36}, /*II_81_04*/ {0xc2, 41}, /*II_81_05*/ {0xbf, 51}, /*II_81_06*/ {0xc3, 61}, /*II_81_07*/ {0xc4, 71}, /*II_82_00*/ {0xc5, 11}, /*II_82_01*/ {0xc6, 27}, /*II_82_02*/ {0xc7, 31}, /*II_82_03*/ {0xc7, 36}, /*II_82_04*/ {0xc8, 41}, /*II_82_05*/ {0xc5, 51}, /*II_82_06*/ {0xc9, 61}, /*II_82_07*/ {0xca, 71}, /*II_83_00*/ {0xcb, 11}, /*II_83_01*/ {0xcc, 27}, /*II_83_02*/ {0xcd, 31}, /*II_83_03*/ {0xcd, 36}, /*II_83_04*/ {0xce, 41}, /*II_83_05*/ {0xcb, 51}, /*II_83_06*/ {0xcf, 61}, /*II_83_07*/ {0xd0, 71}, /*II_8F_00*/ {0xd1, 22}, /*II_C0_00*/ {0xd2, 967}, /*II_C0_01*/ {0xd2, 972}, /*II_C0_02*/ {0xd3, 977}, /*II_C0_03*/ {0xd3, 982}, /*II_C0_04*/ {0xd4, 987}, /*II_C0_05*/ {0xd4, 992}, /*II_C0_06*/ {0xd4, 997}, /*II_C0_07*/ {0xd4, 1002}, /*II_C1_00*/ {0xd5, 967}, /*II_C1_01*/ {0xd5, 972}, /*II_C1_02*/ {0xd6, 977}, /*II_C1_03*/ {0xd6, 982}, /*II_C1_04*/ {0xd7, 987}, /*II_C1_05*/ {0xd7, 992}, /*II_C1_06*/ {0xd7, 997}, /*II_C1_07*/ {0xd7, 1002}, /*II_C6_00*/ {0xd8, 218}, /*II_C6_F8*/ {0xd9, 1007}, /*II_C7_00*/ {0xda, 218}, /*II_C7_F8*/ {0xdb, 1015}, /*II_D0_00*/ {0xdc, 967}, /*II_D0_01*/ {0xdc, 972}, /*II_D0_02*/ {0xdd, 977}, /*II_D0_03*/ {0xdd, 982}, /*II_D0_04*/ {0xde, 987}, /*II_D0_05*/ {0xde, 992}, /*II_D0_06*/ {0xde, 997}, /*II_D0_07*/ {0xde, 1002}, /*II_D1_00*/ {0xdf, 967}, /*II_D1_01*/ {0xdf, 972}, /*II_D1_02*/ {0xe0, 977}, /*II_D1_03*/ {0xe0, 982}, /*II_D1_04*/ {0xe1, 987}, /*II_D1_05*/ {0xe1, 992}, /*II_D1_06*/ {0xe1, 997}, /*II_D1_07*/ {0xe1, 1002}, /*II_D2_00*/ {0xe2, 967}, /*II_D2_01*/ {0xe2, 972}, /*II_D2_02*/ {0xe3, 977}, /*II_D2_03*/ {0xe3, 982}, /*II_D2_04*/ {0xe4, 987}, /*II_D2_05*/ {0xe4, 992}, /*II_D2_06*/ {0xe4, 997}, /*II_D2_07*/ {0xe4, 1002}, /*II_D3_00*/ {0xe5, 967}, /*II_D3_01*/ {0xe5, 972}, /*II_D3_02*/ {0xe6, 977}, /*II_D3_03*/ {0xe6, 982}, /*II_D3_04*/ {0xe7, 987}, /*II_D3_05*/ {0xe7, 992}, /*II_D3_06*/ {0xe7, 997}, /*II_D3_07*/ {0xe7, 1002}, /*II_D8_00*/ {0xe8, 1023}, /*II_D8_01*/ {0xe8, 1029}, /*II_D8_02*/ {0xe8, 1035}, /*II_D8_03*/ {0xe8, 1041}, /*II_D8_04*/ {0xe8, 1048}, /*II_D8_05*/ {0xe8, 1054}, /*II_D8_06*/ {0xe8, 1061}, /*II_D8_07*/ {0xe8, 1067}, /*II_D8_C0*/ {0xe9, 1023}, /*II_D8_C0*/ {0xe9, 1023}, /*II_D8_C0*/ {0xe9, 1023}, /*II_D8_C0*/ {0xe9, 1023}, /*II_D8_C0*/ {0xe9, 1023}, /*II_D8_C0*/ {0xe9, 1023}, /*II_D8_C0*/ {0xe9, 1023}, /*II_D8_C0*/ {0xe9, 1023}, /*II_D8_C8*/ {0xe9, 1029}, /*II_D8_C8*/ {0xe9, 1029}, /*II_D8_C8*/ {0xe9, 1029}, /*II_D8_C8*/ {0xe9, 1029}, /*II_D8_C8*/ {0xe9, 1029}, /*II_D8_C8*/ {0xe9, 1029}, /*II_D8_C8*/ {0xe9, 1029}, /*II_D8_C8*/ {0xe9, 1029}, /*II_D8_D0*/ {0xea, 1035}, /*II_D8_D0*/ {0xea, 1035}, /*II_D8_D0*/ {0xea, 1035}, /*II_D8_D0*/ {0xea, 1035}, /*II_D8_D0*/ {0xea, 1035}, /*II_D8_D0*/ {0xea, 1035}, /*II_D8_D0*/ {0xea, 1035}, /*II_D8_D0*/ {0xea, 1035}, /*II_D8_D8*/ {0xea, 1041}, /*II_D8_D9*/ {0xeb, 1041}, /*II_D8_D8*/ {0xea, 1041}, /*II_D8_D8*/ {0xea, 1041}, /*II_D8_D8*/ {0xea, 1041}, /*II_D8_D8*/ {0xea, 1041}, /*II_D8_D8*/ {0xea, 1041}, /*II_D8_D8*/ {0xea, 1041}, /*II_D8_E0*/ {0xe9, 1048}, /*II_D8_E0*/ {0xe9, 1048}, /*II_D8_E0*/ {0xe9, 1048}, /*II_D8_E0*/ {0xe9, 1048}, /*II_D8_E0*/ {0xe9, 1048}, /*II_D8_E0*/ {0xe9, 1048}, /*II_D8_E0*/ {0xe9, 1048}, /*II_D8_E0*/ {0xe9, 1048}, /*II_D8_E8*/ {0xe9, 1054}, /*II_D8_E8*/ {0xe9, 1054}, /*II_D8_E8*/ {0xe9, 1054}, /*II_D8_E8*/ {0xe9, 1054}, /*II_D8_E8*/ {0xe9, 1054}, /*II_D8_E8*/ {0xe9, 1054}, /*II_D8_E8*/ {0xe9, 1054}, /*II_D8_E8*/ {0xe9, 1054}, /*II_D8_F0*/ {0xe9, 1061}, /*II_D8_F0*/ {0xe9, 1061}, /*II_D8_F0*/ {0xe9, 1061}, /*II_D8_F0*/ {0xe9, 1061}, /*II_D8_F0*/ {0xe9, 1061}, /*II_D8_F0*/ {0xe9, 1061}, /*II_D8_F0*/ {0xe9, 1061}, /*II_D8_F0*/ {0xe9, 1061}, /*II_D8_F8*/ {0xe9, 1067}, /*II_D8_F8*/ {0xe9, 1067}, /*II_D8_F8*/ {0xe9, 1067}, /*II_D8_F8*/ {0xe9, 1067}, /*II_D8_F8*/ {0xe9, 1067}, /*II_D8_F8*/ {0xe9, 1067}, /*II_D8_F8*/ {0xe9, 1067}, /*II_D8_F8*/ {0xe9, 1067}, /*II_D9_00*/ {0xe8, 1074}, /*II_D9_02*/ {0xec, 1079}, /*II_D9_03*/ {0xec, 1084}, /*II_D9_04*/ {0xed, 1090}, /*II_D9_05*/ {0xee, 1098}, /*II_D9_C0*/ {0xea, 1074}, /*II_D9_C0*/ {0xea, 1074}, /*II_D9_C0*/ {0xea, 1074}, /*II_D9_C0*/ {0xea, 1074}, /*II_D9_C0*/ {0xea, 1074}, /*II_D9_C0*/ {0xea, 1074}, /*II_D9_C0*/ {0xea, 1074}, /*II_D9_C0*/ {0xea, 1074}, /*II_D9_C8*/ {0xea, 1105}, /*II_D9_C9*/ {0xeb, 1105}, /*II_D9_C8*/ {0xea, 1105}, /*II_D9_C8*/ {0xea, 1105}, /*II_D9_C8*/ {0xea, 1105}, /*II_D9_C8*/ {0xea, 1105}, /*II_D9_C8*/ {0xea, 1105}, /*II_D9_C8*/ {0xea, 1105}, /*II_D9_D0*/ {0xeb, 1111}, /*II_D9_E0*/ {0xeb, 1117}, /*II_D9_E1*/ {0xeb, 1123}, /*II_D9_E4*/ {0xeb, 1129}, /*II_D9_E5*/ {0xeb, 1135}, /*II_D9_E8*/ {0xeb, 1141}, /*II_D9_E9*/ {0xeb, 1147}, /*II_D9_EA*/ {0xeb, 1155}, /*II_D9_EB*/ {0xeb, 1163}, /*II_D9_EC*/ {0xeb, 1170}, /*II_D9_ED*/ {0xeb, 1178}, /*II_D9_EE*/ {0xeb, 1186}, /*II_D9_F0*/ {0xeb, 1192}, /*II_D9_F1*/ {0xeb, 1199}, /*II_D9_F2*/ {0xeb, 1206}, /*II_D9_F3*/ {0xeb, 1213}, /*II_D9_F4*/ {0xeb, 1221}, /*II_D9_F5*/ {0xeb, 1230}, /*II_D9_F6*/ {0xeb, 1238}, /*II_D9_F7*/ {0xeb, 1247}, /*II_D9_F8*/ {0xeb, 1256}, /*II_D9_F9*/ {0xeb, 1263}, /*II_D9_FA*/ {0xeb, 1272}, /*II_D9_FB*/ {0xeb, 1279}, /*II_D9_FC*/ {0xeb, 1288}, /*II_D9_FD*/ {0xeb, 1297}, /*II_D9_FE*/ {0xeb, 1305}, /*II_D9_FF*/ {0xeb, 1311}, /*II_DA_00*/ {0xe8, 1317}, /*II_DA_01*/ {0xe8, 1324}, /*II_DA_02*/ {0xe8, 1331}, /*II_DA_03*/ {0xe8, 1338}, /*II_DA_04*/ {0xe8, 1346}, /*II_DA_05*/ {0xe8, 1353}, /*II_DA_06*/ {0xe8, 1361}, /*II_DA_07*/ {0xe8, 1368}, /*II_DA_C0*/ {0xef, 1376}, /*II_DA_C0*/ {0xef, 1376}, /*II_DA_C0*/ {0xef, 1376}, /*II_DA_C0*/ {0xef, 1376}, /*II_DA_C0*/ {0xef, 1376}, /*II_DA_C0*/ {0xef, 1376}, /*II_DA_C0*/ {0xef, 1376}, /*II_DA_C0*/ {0xef, 1376}, /*II_DA_C8*/ {0xf0, 1384}, /*II_DA_C8*/ {0xf0, 1384}, /*II_DA_C8*/ {0xf0, 1384}, /*II_DA_C8*/ {0xf0, 1384}, /*II_DA_C8*/ {0xf0, 1384}, /*II_DA_C8*/ {0xf0, 1384}, /*II_DA_C8*/ {0xf0, 1384}, /*II_DA_C8*/ {0xf0, 1384}, /*II_DA_D0*/ {0xf1, 1392}, /*II_DA_D0*/ {0xf1, 1392}, /*II_DA_D0*/ {0xf1, 1392}, /*II_DA_D0*/ {0xf1, 1392}, /*II_DA_D0*/ {0xf1, 1392}, /*II_DA_D0*/ {0xf1, 1392}, /*II_DA_D0*/ {0xf1, 1392}, /*II_DA_D0*/ {0xf1, 1392}, /*II_DA_D8*/ {0xf2, 1401}, /*II_DA_D8*/ {0xf2, 1401}, /*II_DA_D8*/ {0xf2, 1401}, /*II_DA_D8*/ {0xf2, 1401}, /*II_DA_D8*/ {0xf2, 1401}, /*II_DA_D8*/ {0xf2, 1401}, /*II_DA_D8*/ {0xf2, 1401}, /*II_DA_D8*/ {0xf2, 1401}, /*II_DA_E9*/ {0xeb, 1409}, /*II_DB_00*/ {0xe8, 1418}, /*II_DB_01*/ {0xf3, 1424}, /*II_DB_02*/ {0xec, 1432}, /*II_DB_03*/ {0xec, 1438}, /*II_DB_05*/ {0xf4, 1074}, /*II_DB_07*/ {0xf5, 1084}, /*II_DB_C0*/ {0xef, 1445}, /*II_DB_C0*/ {0xef, 1445}, /*II_DB_C0*/ {0xef, 1445}, /*II_DB_C0*/ {0xef, 1445}, /*II_DB_C0*/ {0xef, 1445}, /*II_DB_C0*/ {0xef, 1445}, /*II_DB_C0*/ {0xef, 1445}, /*II_DB_C0*/ {0xef, 1445}, /*II_DB_C8*/ {0xf0, 1454}, /*II_DB_C8*/ {0xf0, 1454}, /*II_DB_C8*/ {0xf0, 1454}, /*II_DB_C8*/ {0xf0, 1454}, /*II_DB_C8*/ {0xf0, 1454}, /*II_DB_C8*/ {0xf0, 1454}, /*II_DB_C8*/ {0xf0, 1454}, /*II_DB_C8*/ {0xf0, 1454}, /*II_DB_D0*/ {0xf1, 1463}, /*II_DB_D0*/ {0xf1, 1463}, /*II_DB_D0*/ {0xf1, 1463}, /*II_DB_D0*/ {0xf1, 1463}, /*II_DB_D0*/ {0xf1, 1463}, /*II_DB_D0*/ {0xf1, 1463}, /*II_DB_D0*/ {0xf1, 1463}, /*II_DB_D0*/ {0xf1, 1463}, /*II_DB_D8*/ {0xf2, 1473}, /*II_DB_D8*/ {0xf2, 1473}, /*II_DB_D8*/ {0xf2, 1473}, /*II_DB_D8*/ {0xf2, 1473}, /*II_DB_D8*/ {0xf2, 1473}, /*II_DB_D8*/ {0xf2, 1473}, /*II_DB_D8*/ {0xf2, 1473}, /*II_DB_D8*/ {0xf2, 1473}, /*II_DB_E0*/ {0xeb, 1482}, /*II_DB_E1*/ {0xeb, 1488}, /*II_DB_E4*/ {0xeb, 1496}, /*II_DB_E8*/ {0xf6, 1504}, /*II_DB_E8*/ {0xf6, 1504}, /*II_DB_E8*/ {0xf6, 1504}, /*II_DB_E8*/ {0xf6, 1504}, /*II_DB_E8*/ {0xf6, 1504}, /*II_DB_E8*/ {0xf6, 1504}, /*II_DB_E8*/ {0xf6, 1504}, /*II_DB_E8*/ {0xf6, 1504}, /*II_DB_F0*/ {0xf7, 1512}, /*II_DB_F0*/ {0xf7, 1512}, /*II_DB_F0*/ {0xf7, 1512}, /*II_DB_F0*/ {0xf7, 1512}, /*II_DB_F0*/ {0xf7, 1512}, /*II_DB_F0*/ {0xf7, 1512}, /*II_DB_F0*/ {0xf7, 1512}, /*II_DB_F0*/ {0xf7, 1512}, /*II_DC_00*/ {0xf8, 1023}, /*II_DC_01*/ {0xf8, 1029}, /*II_DC_02*/ {0xf8, 1035}, /*II_DC_03*/ {0xf8, 1041}, /*II_DC_04*/ {0xf8, 1048}, /*II_DC_05*/ {0xf8, 1054}, /*II_DC_06*/ {0xf8, 1061}, /*II_DC_07*/ {0xf8, 1067}, /*II_DC_C0*/ {0xf9, 1023}, /*II_DC_C0*/ {0xf9, 1023}, /*II_DC_C0*/ {0xf9, 1023}, /*II_DC_C0*/ {0xf9, 1023}, /*II_DC_C0*/ {0xf9, 1023}, /*II_DC_C0*/ {0xf9, 1023}, /*II_DC_C0*/ {0xf9, 1023}, /*II_DC_C0*/ {0xf9, 1023}, /*II_DC_C8*/ {0xf9, 1029}, /*II_DC_C8*/ {0xf9, 1029}, /*II_DC_C8*/ {0xf9, 1029}, /*II_DC_C8*/ {0xf9, 1029}, /*II_DC_C8*/ {0xf9, 1029}, /*II_DC_C8*/ {0xf9, 1029}, /*II_DC_C8*/ {0xf9, 1029}, /*II_DC_C8*/ {0xf9, 1029}, /*II_DC_E0*/ {0xf9, 1054}, /*II_DC_E0*/ {0xf9, 1054}, /*II_DC_E0*/ {0xf9, 1054}, /*II_DC_E0*/ {0xf9, 1054}, /*II_DC_E0*/ {0xf9, 1054}, /*II_DC_E0*/ {0xf9, 1054}, /*II_DC_E0*/ {0xf9, 1054}, /*II_DC_E0*/ {0xf9, 1054}, /*II_DC_E8*/ {0xf9, 1048}, /*II_DC_E8*/ {0xf9, 1048}, /*II_DC_E8*/ {0xf9, 1048}, /*II_DC_E8*/ {0xf9, 1048}, /*II_DC_E8*/ {0xf9, 1048}, /*II_DC_E8*/ {0xf9, 1048}, /*II_DC_E8*/ {0xf9, 1048}, /*II_DC_E8*/ {0xf9, 1048}, /*II_DC_F0*/ {0xf9, 1067}, /*II_DC_F0*/ {0xf9, 1067}, /*II_DC_F0*/ {0xf9, 1067}, /*II_DC_F0*/ {0xf9, 1067}, /*II_DC_F0*/ {0xf9, 1067}, /*II_DC_F0*/ {0xf9, 1067}, /*II_DC_F0*/ {0xf9, 1067}, /*II_DC_F0*/ {0xf9, 1067}, /*II_DC_F8*/ {0xf9, 1061}, /*II_DC_F8*/ {0xf9, 1061}, /*II_DC_F8*/ {0xf9, 1061}, /*II_DC_F8*/ {0xf9, 1061}, /*II_DC_F8*/ {0xf9, 1061}, /*II_DC_F8*/ {0xf9, 1061}, /*II_DC_F8*/ {0xf9, 1061}, /*II_DC_F8*/ {0xf9, 1061}, /*II_DD_00*/ {0xf8, 1074}, /*II_DD_01*/ {0xfa, 1424}, /*II_DD_02*/ {0xfb, 1079}, /*II_DD_03*/ {0xfb, 1084}, /*II_DD_04*/ {0xed, 1519}, /*II_DD_C0*/ {0xea, 1527}, /*II_DD_C0*/ {0xea, 1527}, /*II_DD_C0*/ {0xea, 1527}, /*II_DD_C0*/ {0xea, 1527}, /*II_DD_C0*/ {0xea, 1527}, /*II_DD_C0*/ {0xea, 1527}, /*II_DD_C0*/ {0xea, 1527}, /*II_DD_C0*/ {0xea, 1527}, /*II_DD_D0*/ {0xea, 1079}, /*II_DD_D0*/ {0xea, 1079}, /*II_DD_D0*/ {0xea, 1079}, /*II_DD_D0*/ {0xea, 1079}, /*II_DD_D0*/ {0xea, 1079}, /*II_DD_D0*/ {0xea, 1079}, /*II_DD_D0*/ {0xea, 1079}, /*II_DD_D0*/ {0xea, 1079}, /*II_DD_D8*/ {0xea, 1084}, /*II_DD_D8*/ {0xea, 1084}, /*II_DD_D8*/ {0xea, 1084}, /*II_DD_D8*/ {0xea, 1084}, /*II_DD_D8*/ {0xea, 1084}, /*II_DD_D8*/ {0xea, 1084}, /*II_DD_D8*/ {0xea, 1084}, /*II_DD_D8*/ {0xea, 1084}, /*II_DD_E0*/ {0xf9, 1534}, /*II_DD_E1*/ {0xeb, 1534}, /*II_DD_E0*/ {0xf9, 1534}, /*II_DD_E0*/ {0xf9, 1534}, /*II_DD_E0*/ {0xf9, 1534}, /*II_DD_E0*/ {0xf9, 1534}, /*II_DD_E0*/ {0xf9, 1534}, /*II_DD_E0*/ {0xf9, 1534}, /*II_DD_E8*/ {0xea, 1541}, /*II_DD_E9*/ {0xeb, 1541}, /*II_DD_E8*/ {0xea, 1541}, /*II_DD_E8*/ {0xea, 1541}, /*II_DD_E8*/ {0xea, 1541}, /*II_DD_E8*/ {0xea, 1541}, /*II_DD_E8*/ {0xea, 1541}, /*II_DD_E8*/ {0xea, 1541}, /*II_DE_00*/ {0xee, 1317}, /*II_DE_01*/ {0xee, 1324}, /*II_DE_02*/ {0xee, 1331}, /*II_DE_03*/ {0xee, 1338}, /*II_DE_04*/ {0xee, 1346}, /*II_DE_05*/ {0xee, 1353}, /*II_DE_06*/ {0xee, 1361}, /*II_DE_07*/ {0xee, 1368}, /*II_DE_C0*/ {0xf9, 1549}, /*II_DE_C1*/ {0xeb, 1549}, /*II_DE_C0*/ {0xf9, 1549}, /*II_DE_C0*/ {0xf9, 1549}, /*II_DE_C0*/ {0xf9, 1549}, /*II_DE_C0*/ {0xf9, 1549}, /*II_DE_C0*/ {0xf9, 1549}, /*II_DE_C0*/ {0xf9, 1549}, /*II_DE_C8*/ {0xf9, 1556}, /*II_DE_C9*/ {0xeb, 1556}, /*II_DE_C8*/ {0xf9, 1556}, /*II_DE_C8*/ {0xf9, 1556}, /*II_DE_C8*/ {0xf9, 1556}, /*II_DE_C8*/ {0xf9, 1556}, /*II_DE_C8*/ {0xf9, 1556}, /*II_DE_C8*/ {0xf9, 1556}, /*II_DE_D9*/ {0xeb, 1563}, /*II_DE_E0*/ {0xf9, 1571}, /*II_DE_E1*/ {0xeb, 1571}, /*II_DE_E0*/ {0xf9, 1571}, /*II_DE_E0*/ {0xf9, 1571}, /*II_DE_E0*/ {0xf9, 1571}, /*II_DE_E0*/ {0xf9, 1571}, /*II_DE_E0*/ {0xf9, 1571}, /*II_DE_E0*/ {0xf9, 1571}, /*II_DE_E8*/ {0xf9, 1579}, /*II_DE_E9*/ {0xeb, 1579}, /*II_DE_E8*/ {0xf9, 1579}, /*II_DE_E8*/ {0xf9, 1579}, /*II_DE_E8*/ {0xf9, 1579}, /*II_DE_E8*/ {0xf9, 1579}, /*II_DE_E8*/ {0xf9, 1579}, /*II_DE_E8*/ {0xf9, 1579}, /*II_DE_F0*/ {0xf9, 1586}, /*II_DE_F1*/ {0xeb, 1586}, /*II_DE_F0*/ {0xf9, 1586}, /*II_DE_F0*/ {0xf9, 1586}, /*II_DE_F0*/ {0xf9, 1586}, /*II_DE_F0*/ {0xf9, 1586}, /*II_DE_F0*/ {0xf9, 1586}, /*II_DE_F0*/ {0xf9, 1586}, /*II_DE_F8*/ {0xf9, 1594}, /*II_DE_F9*/ {0xeb, 1594}, /*II_DE_F8*/ {0xf9, 1594}, /*II_DE_F8*/ {0xf9, 1594}, /*II_DE_F8*/ {0xf9, 1594}, /*II_DE_F8*/ {0xf9, 1594}, /*II_DE_F8*/ {0xf9, 1594}, /*II_DE_F8*/ {0xf9, 1594}, /*II_DF_00*/ {0xee, 1418}, /*II_DF_01*/ {0xfc, 1424}, /*II_DF_02*/ {0xfd, 1432}, /*II_DF_03*/ {0xfd, 1438}, /*II_DF_04*/ {0xf4, 1601}, /*II_DF_05*/ {0xf8, 1418}, /*II_DF_06*/ {0xf5, 1607}, /*II_DF_07*/ {0xfb, 1438}, /*II_DF_E8*/ {0xf6, 1614}, /*II_DF_E8*/ {0xf6, 1614}, /*II_DF_E8*/ {0xf6, 1614}, /*II_DF_E8*/ {0xf6, 1614}, /*II_DF_E8*/ {0xf6, 1614}, /*II_DF_E8*/ {0xf6, 1614}, /*II_DF_E8*/ {0xf6, 1614}, /*II_DF_E8*/ {0xf6, 1614}, /*II_DF_F0*/ {0xf6, 1623}, /*II_DF_F0*/ {0xf6, 1623}, /*II_DF_F0*/ {0xf6, 1623}, /*II_DF_F0*/ {0xf6, 1623}, /*II_DF_F0*/ {0xf6, 1623}, /*II_DF_F0*/ {0xf6, 1623}, /*II_DF_F0*/ {0xf6, 1623}, /*II_DF_F0*/ {0xf6, 1623}, /*II_F6_00*/ {0xfe, 206}, /*II_F6_02*/ {0xff, 1631}, /*II_F6_03*/ {0x100, 1636}, /*II_F6_04*/ {0x101, 1641}, /*II_F6_05*/ {0x101, 117}, /*II_F6_06*/ {0x102, 1646}, /*II_F6_07*/ {0x102, 1651}, /*II_F7_00*/ {0x103, 206}, /*II_F7_02*/ {0x104, 1631}, /*II_F7_03*/ {0x105, 1636}, /*II_F7_04*/ {0x106, 1641}, /*II_F7_05*/ {0x106, 117}, /*II_F7_06*/ {0x107, 1646}, /*II_F7_07*/ {0x107, 1651}, /*II_FE_00*/ {0x108, 81}, /*II_FE_01*/ {0x108, 86}, /*II_FF_00*/ {0x109, 81}, /*II_FF_01*/ {0x109, 86}, /*II_FF_02*/ {0x10a, 456}, /*II_FF_03*/ {0x10b, 260}, /*II_FF_04*/ {0x10c, 462}, /*II_FF_05*/ {0x10d, 467}, /*II_FF_06*/ {0x10e, 16}, /*II_0F_00_00*/ {0x10f, 1657}, /*II_0F_00_01*/ {0x110, 1663}, /*II_0F_00_02*/ {0x110, 34436}, /*II_0F_00_03*/ {0x111, 34442}, /*II_0F_00_04*/ {0x112, 1679}, /*II_0F_00_05*/ {0x112, 1685}, /*II_0F_01_00*/ {0x113, 1691}, /*II_0F_01_01*/ {0x113, 1697}, /*II_0F_01_02*/ {0x113, 34471}, /*II_0F_01_03*/ {0x113, 34477}, /*II_0F_01_04*/ {0x114, 1715}, /*II_0F_01_06*/ {0x115, 34489}, /*II_0F_01_07*/ {0x116, 34495}, /*II_0F_01_C1*/ {0x117, 1735}, /*II_0F_01_C2*/ {0x117, 1743}, /*II_0F_01_C3*/ {0x117, 1753}, /*II_0F_01_C4*/ {0x117, 1763}, /*II_0F_01_C8*/ {0x118, 1771}, /*II_0F_01_C9*/ {0x118, 1780}, /*II_0F_01_D0*/ {0x88, 1787}, /*II_0F_01_D1*/ {0x88, 1795}, /*II_0F_01_D4*/ {0x117, 1803}, /*II_0F_01_D5*/ {0x119, 1811}, /*II_0F_01_D8*/ {0x11a, 1817}, /*II_0F_01_D9*/ {0x11b, 1824}, /*II_0F_01_DA*/ {0x11c, 1833}, /*II_0F_01_DB*/ {0x11c, 1841}, /*II_0F_01_DC*/ {0x11b, 1849}, /*II_0F_01_DD*/ {0x11b, 1855}, /*II_0F_01_DE*/ {0x11c, 1861}, /*II_0F_01_DF*/ {0x11d, 1869}, /*II_0F_01_F8*/ {0x11e, 1878}, /*II_0F_01_F9*/ {0x11e, 1886}, /*II_0F_0D_00*/ {0x11f, 1894}, /*II_0F_0D_01*/ {0x11f, 1904}, /*II_0F_0F_0C*/ {0x120, 1915}, /*II_0F_0F_0D*/ {0x121, 1922}, /*II_0F_0F_1C*/ {0x120, 1929}, /*II_0F_0F_1D*/ {0x121, 1936}, /*II_0F_0F_8A*/ {0x120, 1943}, /*II_0F_0F_8E*/ {0x120, 1951}, /*II_0F_0F_90*/ {0x121, 1960}, /*II_0F_0F_94*/ {0x121, 1969}, /*II_0F_0F_96*/ {0x121, 1976}, /*II_0F_0F_97*/ {0x121, 1983}, /*II_0F_0F_9A*/ {0x121, 1992}, /*II_0F_0F_9E*/ {0x121, 1999}, /*II_0F_0F_A0*/ {0x121, 2006}, /*II_0F_0F_A4*/ {0x121, 2015}, /*II_0F_0F_A6*/ {0x121, 2022}, /*II_0F_0F_A7*/ {0x121, 2032}, /*II_0F_0F_AA*/ {0x121, 2042}, /*II_0F_0F_AE*/ {0x121, 2050}, /*II_0F_0F_B0*/ {0x121, 2057}, /*II_0F_0F_B4*/ {0x121, 2066}, /*II_0F_0F_B6*/ {0x121, 2073}, /*II_0F_0F_B7*/ {0x121, 2083}, /*II_0F_0F_BB*/ {0x120, 2092}, /*II_0F_0F_BF*/ {0x121, 2100}, /*II_0F_10*/ {0x122, 2109}, /*II_66_0F_10*/ {0x123, 2117}, /*II_F3_0F_10*/ {0x124, 2125}, /*II_F2_0F_10*/ {0x125, 2132}, /*II_0F_11*/ {0x12a, 2109}, /*II_66_0F_11*/ {0x12b, 2117}, /*II_F3_0F_11*/ {0x12c, 2125}, /*II_F2_0F_11*/ {0x12d, 2132}, /*II_66_0F_12*/ {0x132, 2190}, /*II_F3_0F_12*/ {0x133, 2198}, /*II_F2_0F_12*/ {0x133, 2208}, /*II_0F_13*/ {0x137, 2182}, /*II_66_0F_13*/ {0x138, 2190}, /*II_0F_14*/ {0x13a, 2266}, /*II_66_0F_14*/ {0x13b, 2276}, /*II_0F_15*/ {0x13a, 2308}, /*II_66_0F_15*/ {0x13b, 2318}, /*II_66_0F_16*/ {0x132, 2367}, /*II_F3_0F_16*/ {0x13d, 2375}, /*II_0F_17*/ {0x137, 2359}, /*II_66_0F_17*/ {0x138, 2367}, /*II_0F_18_00*/ {0x13e, 2424}, /*II_0F_18_01*/ {0x13e, 2437}, /*II_0F_18_02*/ {0x13e, 2449}, /*II_0F_18_03*/ {0x13e, 2461}, /*II_0F_28*/ {0x122, 2473}, /*II_66_0F_28*/ {0x123, 2481}, /*II_0F_29*/ {0x12a, 2473}, /*II_66_0F_29*/ {0x12b, 2481}, /*II_0F_2A*/ {0x13f, 2507}, /*II_66_0F_2A*/ {0x140, 2517}, /*II_F3_0F_2A*/ {0x141, 2527}, /*II_F2_0F_2A*/ {0x142, 2537}, /*II_0F_2B*/ {0x143, 2569}, /*II_66_0F_2B*/ {0x144, 2578}, /*II_F3_0F_2B*/ {0x145, 2587}, /*II_F2_0F_2B*/ {0x146, 2596}, /*II_0F_2C*/ {0x148, 2625}, /*II_66_0F_2C*/ {0x149, 2636}, /*II_F3_0F_2C*/ {0x14a, 2647}, /*II_F2_0F_2C*/ {0x14b, 2658}, /*II_0F_2D*/ {0x148, 2693}, /*II_66_0F_2D*/ {0x13b, 2703}, /*II_F3_0F_2D*/ {0x14a, 2713}, /*II_F2_0F_2D*/ {0x14b, 2723}, /*II_0F_2E*/ {0x14d, 2755}, /*II_66_0F_2E*/ {0x14e, 2764}, /*II_0F_2F*/ {0x14d, 2793}, /*II_66_0F_2F*/ {0x14e, 2801}, /*II_0F_50*/ {0x151, 2827}, /*II_66_0F_50*/ {0x152, 2837}, /*II_0F_51*/ {0x13a, 2869}, /*II_66_0F_51*/ {0x13b, 2877}, /*II_F3_0F_51*/ {0x154, 2885}, /*II_F2_0F_51*/ {0x14e, 2893}, /*II_0F_52*/ {0x13a, 2937}, /*II_F3_0F_52*/ {0x154, 2946}, /*II_0F_53*/ {0x13a, 2975}, /*II_F3_0F_53*/ {0x154, 2982}, /*II_0F_54*/ {0x13a, 3005}, /*II_66_0F_54*/ {0x13b, 3012}, /*II_0F_55*/ {0x13a, 3035}, /*II_66_0F_55*/ {0x13b, 3043}, /*II_0F_56*/ {0x13a, 3069}, /*II_66_0F_56*/ {0x13b, 3075}, /*II_0F_57*/ {0x13a, 3095}, /*II_66_0F_57*/ {0x13b, 3102}, /*II_0F_58*/ {0x13a, 3125}, /*II_66_0F_58*/ {0x13b, 3132}, /*II_F3_0F_58*/ {0x154, 3139}, /*II_F2_0F_58*/ {0x14e, 3146}, /*II_0F_59*/ {0x13a, 3185}, /*II_66_0F_59*/ {0x13b, 3192}, /*II_F3_0F_59*/ {0x154, 3199}, /*II_F2_0F_59*/ {0x14e, 3206}, /*II_0F_5A*/ {0x14e, 3245}, /*II_66_0F_5A*/ {0x13b, 3255}, /*II_F3_0F_5A*/ {0x155, 3265}, /*II_F2_0F_5A*/ {0x14e, 3275}, /*II_0F_5B*/ {0x13b, 3329}, /*II_66_0F_5B*/ {0x13b, 3339}, /*II_F3_0F_5B*/ {0x13b, 3349}, /*II_0F_5C*/ {0x13a, 3394}, /*II_66_0F_5C*/ {0x13b, 3401}, /*II_F3_0F_5C*/ {0x154, 3408}, /*II_F2_0F_5C*/ {0x14e, 3415}, /*II_0F_5D*/ {0x13a, 3454}, /*II_66_0F_5D*/ {0x13b, 3461}, /*II_F3_0F_5D*/ {0x154, 3468}, /*II_F2_0F_5D*/ {0x14e, 3475}, /*II_0F_5E*/ {0x13a, 3514}, /*II_66_0F_5E*/ {0x13b, 3521}, /*II_F3_0F_5E*/ {0x154, 3528}, /*II_F2_0F_5E*/ {0x14e, 3535}, /*II_0F_5F*/ {0x13a, 3574}, /*II_66_0F_5F*/ {0x13b, 3581}, /*II_F3_0F_5F*/ {0x154, 3588}, /*II_F2_0F_5F*/ {0x14e, 3595}, /*II_0F_60*/ {0x158, 3634}, /*II_66_0F_60*/ {0x13b, 3634}, /*II_0F_61*/ {0x158, 3657}, /*II_66_0F_61*/ {0x13b, 3657}, /*II_0F_62*/ {0x158, 3680}, /*II_66_0F_62*/ {0x13b, 3680}, /*II_0F_63*/ {0x159, 3703}, /*II_66_0F_63*/ {0x13b, 3703}, /*II_0F_64*/ {0x159, 3724}, /*II_66_0F_64*/ {0x13b, 3724}, /*II_0F_65*/ {0x159, 3743}, /*II_66_0F_65*/ {0x13b, 3743}, /*II_0F_66*/ {0x159, 3762}, /*II_66_0F_66*/ {0x13b, 3762}, /*II_0F_67*/ {0x159, 3781}, /*II_66_0F_67*/ {0x13b, 3781}, /*II_0F_68*/ {0x159, 3802}, /*II_66_0F_68*/ {0x13b, 3802}, /*II_0F_69*/ {0x159, 3825}, /*II_66_0F_69*/ {0x13b, 3825}, /*II_0F_6A*/ {0x159, 3848}, /*II_66_0F_6A*/ {0x13b, 3848}, /*II_0F_6B*/ {0x159, 3871}, /*II_66_0F_6B*/ {0x13b, 3871}, /*II_66_0F_6C*/ {0x13b, 3892}, /*II_66_0F_6D*/ {0x13b, 3917}, /*II_0F_6F*/ {0x15d, 3948}, /*II_66_0F_6F*/ {0x123, 3968}, /*II_F3_0F_6F*/ {0x123, 3976}, /*II_0F_74*/ {0x159, 4065}, /*II_66_0F_74*/ {0x13b, 4065}, /*II_0F_75*/ {0x159, 4084}, /*II_66_0F_75*/ {0x13b, 4084}, /*II_0F_76*/ {0x159, 4103}, /*II_66_0F_76*/ {0x13b, 4103}, /*II_0F_77*/ {0x161, 4122}, /*II_0F_78*/ {0x163, 4150}, /*II_0F_79*/ {0x166, 4174}, /*II_66_0F_79*/ {0x167, 4158}, /*II_F2_0F_79*/ {0x168, 4165}, /*II_0F_7A_30*/ {0x169, 4183}, /*II_0F_7A_31*/ {0x16a, 4193}, /*II_66_0F_7C*/ {0x16b, 4203}, /*II_F2_0F_7C*/ {0x16b, 4211}, /*II_66_0F_7D*/ {0x16b, 4237}, /*II_F2_0F_7D*/ {0x16b, 4245}, /*II_F3_0F_7E*/ {0x125, 3948}, /*II_0F_7F*/ {0x16f, 3948}, /*II_66_0F_7F*/ {0x12b, 3968}, /*II_F3_0F_7F*/ {0x12b, 3976}, /*II_F3_0F_B8*/ {0x173, 4360}, /*II_0F_BA_04*/ {0x174, 872}, /*II_0F_BA_05*/ {0x175, 887}, /*II_0F_BA_06*/ {0x175, 912}, /*II_0F_BA_07*/ {0x175, 934}, /*II_0F_BC*/ {0x176, 4368}, /*II_F3_0F_BC*/ {0x177, 4373}, /*II_0F_BD*/ {0x176, 4380}, /*II_F3_0F_BD*/ {0x178, 4385}, /*II_0F_C7_07*/ {0x188, 6407}, /*II_66_0F_D0*/ {0x16b, 6416}, /*II_F2_0F_D0*/ {0x16b, 6426}, /*II_0F_D1*/ {0x159, 6458}, /*II_66_0F_D1*/ {0x13b, 6458}, /*II_0F_D2*/ {0x159, 6473}, /*II_66_0F_D2*/ {0x13b, 6473}, /*II_0F_D3*/ {0x159, 6488}, /*II_66_0F_D3*/ {0x13b, 6488}, /*II_0F_D4*/ {0x14e, 6503}, /*II_66_0F_D4*/ {0x13b, 6503}, /*II_0F_D5*/ {0x159, 6518}, /*II_66_0F_D5*/ {0x13b, 6518}, /*II_66_0F_D6*/ {0x12d, 3948}, /*II_F3_0F_D6*/ {0x189, 6535}, /*II_F2_0F_D6*/ {0x18a, 6544}, /*II_0F_D7*/ {0x18c, 6553}, /*II_66_0F_D7*/ {0x18d, 6553}, /*II_0F_D8*/ {0x159, 6574}, /*II_66_0F_D8*/ {0x13b, 6574}, /*II_0F_D9*/ {0x159, 6593}, /*II_66_0F_D9*/ {0x13b, 6593}, /*II_0F_DA*/ {0x18f, 6612}, /*II_66_0F_DA*/ {0x13b, 6612}, /*II_0F_DB*/ {0x159, 6629}, /*II_66_0F_DB*/ {0x13b, 6629}, /*II_0F_DC*/ {0x159, 6642}, /*II_66_0F_DC*/ {0x13b, 6642}, /*II_0F_DD*/ {0x159, 6661}, /*II_66_0F_DD*/ {0x13b, 6661}, /*II_0F_DE*/ {0x18f, 6670}, /*II_66_0F_DE*/ {0x13b, 6670}, /*II_0F_DF*/ {0x159, 6687}, /*II_66_0F_DF*/ {0x13b, 6687}, /*II_0F_E0*/ {0x18f, 6702}, /*II_66_0F_E0*/ {0x13b, 6702}, /*II_0F_E1*/ {0x159, 6717}, /*II_66_0F_E1*/ {0x13b, 6717}, /*II_0F_E2*/ {0x159, 6732}, /*II_66_0F_E2*/ {0x13b, 6732}, /*II_0F_E3*/ {0x18f, 6747}, /*II_66_0F_E3*/ {0x13b, 6747}, /*II_0F_E4*/ {0x18f, 6762}, /*II_66_0F_E4*/ {0x13b, 6762}, /*II_0F_E5*/ {0x159, 6781}, /*II_66_0F_E5*/ {0x13b, 6781}, /*II_66_0F_E6*/ {0x13b, 6798}, /*II_F3_0F_E6*/ {0x14e, 6809}, /*II_F2_0F_E6*/ {0x13b, 6819}, /*II_0F_E7*/ {0x190, 6863}, /*II_66_0F_E7*/ {0x144, 6871}, /*II_0F_E8*/ {0x159, 6890}, /*II_66_0F_E8*/ {0x13b, 6890}, /*II_0F_E9*/ {0x159, 6907}, /*II_66_0F_E9*/ {0x13b, 6907}, /*II_0F_EA*/ {0x18f, 6924}, /*II_66_0F_EA*/ {0x13b, 6924}, /*II_0F_EB*/ {0x159, 6941}, /*II_66_0F_EB*/ {0x13b, 6941}, /*II_0F_EC*/ {0x159, 6952}, /*II_66_0F_EC*/ {0x13b, 6952}, /*II_0F_ED*/ {0x159, 6969}, /*II_66_0F_ED*/ {0x13b, 6969}, /*II_0F_EE*/ {0x18f, 6986}, /*II_66_0F_EE*/ {0x13b, 6986}, /*II_0F_EF*/ {0x159, 7003}, /*II_66_0F_EF*/ {0x13b, 7003}, /*II_F2_0F_F0*/ {0x191, 7016}, /*II_0F_F1*/ {0x159, 7031}, /*II_66_0F_F1*/ {0x13b, 7031}, /*II_0F_F2*/ {0x159, 7046}, /*II_66_0F_F2*/ {0x13b, 7046}, /*II_0F_F3*/ {0x159, 7061}, /*II_66_0F_F3*/ {0x13b, 7061}, /*II_0F_F4*/ {0x193, 7076}, /*II_66_0F_F4*/ {0x13b, 7076}, /*II_0F_F5*/ {0x159, 7095}, /*II_66_0F_F5*/ {0x13b, 7095}, /*II_0F_F6*/ {0x18f, 7114}, /*II_66_0F_F6*/ {0x13b, 7114}, /*II_0F_F7*/ {0x194, 7131}, /*II_66_0F_F7*/ {0x195, 7141}, /*II_0F_F8*/ {0x159, 7166}, /*II_66_0F_F8*/ {0x13b, 7166}, /*II_0F_F9*/ {0x159, 7181}, /*II_66_0F_F9*/ {0x13b, 7181}, /*II_0F_FA*/ {0x159, 7196}, /*II_66_0F_FA*/ {0x13b, 7196}, /*II_0F_FB*/ {0x193, 7211}, /*II_66_0F_FB*/ {0x13b, 7211}, /*II_0F_FC*/ {0x159, 7226}, /*II_66_0F_FC*/ {0x13b, 7226}, /*II_0F_FD*/ {0x159, 7241}, /*II_66_0F_FD*/ {0x13b, 7241}, /*II_0F_FE*/ {0x159, 7256}, /*II_66_0F_FE*/ {0x13b, 7256}, /*II_D9_06*/ {0x197, 7271}, /*II_9B_D9_06*/ {0x198, 7280}, /*II_D9_07*/ {0xfd, 7288}, /*II_9B_D9_07*/ {0x199, 7296}, /*II_DB_E2*/ {0xeb, 7303}, /*II_9B_DB_E2*/ {0x19a, 7311}, /*II_DB_E3*/ {0xeb, 7318}, /*II_9B_DB_E3*/ {0x19a, 7326}, /*II_DD_06*/ {0x197, 7333}, /*II_9B_DD_06*/ {0x198, 7341}, /*II_DD_07*/ {0xfd, 7348}, /*II_9B_DD_07*/ {0x199, 7356}, /*II_DF_E0*/ {0x19b, 7348}, /*II_9B_DF_E0*/ {0x19c, 7356}, /*II_0F_38_00*/ {0x19d, 7363}, /*II_66_0F_38_00*/ {0x19e, 7363}, /*II_0F_38_01*/ {0x19d, 7380}, /*II_66_0F_38_01*/ {0x19e, 7380}, /*II_0F_38_02*/ {0x19d, 7397}, /*II_66_0F_38_02*/ {0x19e, 7397}, /*II_0F_38_03*/ {0x19d, 7414}, /*II_66_0F_38_03*/ {0x19e, 7414}, /*II_0F_38_04*/ {0x19d, 7433}, /*II_66_0F_38_04*/ {0x19e, 7433}, /*II_0F_38_05*/ {0x19d, 7456}, /*II_66_0F_38_05*/ {0x19e, 7456}, /*II_0F_38_06*/ {0x19d, 7473}, /*II_66_0F_38_06*/ {0x19e, 7473}, /*II_0F_38_07*/ {0x19d, 7490}, /*II_66_0F_38_07*/ {0x19e, 7490}, /*II_0F_38_08*/ {0x19d, 7509}, /*II_66_0F_38_08*/ {0x19e, 7509}, /*II_0F_38_09*/ {0x19d, 7526}, /*II_66_0F_38_09*/ {0x19e, 7526}, /*II_0F_38_0A*/ {0x19d, 7543}, /*II_66_0F_38_0A*/ {0x19e, 7543}, /*II_0F_38_0B*/ {0x19d, 7560}, /*II_66_0F_38_0B*/ {0x19e, 7560}, /*II_66_0F_38_17*/ {0x1a0, 7651}, /*II_0F_38_1C*/ {0x19d, 7710}, /*II_66_0F_38_1C*/ {0x19e, 7710}, /*II_0F_38_1D*/ {0x19d, 7725}, /*II_66_0F_38_1D*/ {0x19e, 7725}, /*II_0F_38_1E*/ {0x19d, 7740}, /*II_66_0F_38_1E*/ {0x19e, 7740}, /*II_66_0F_38_20*/ {0x1a5, 7755}, /*II_66_0F_38_21*/ {0x1a6, 7776}, /*II_66_0F_38_22*/ {0x1a7, 7797}, /*II_66_0F_38_23*/ {0x1a5, 7818}, /*II_66_0F_38_24*/ {0x1a6, 7839}, /*II_66_0F_38_25*/ {0x1a5, 7860}, /*II_66_0F_38_28*/ {0x1a9, 7881}, /*II_66_0F_38_29*/ {0x1a9, 7898}, /*II_66_0F_38_2A*/ {0x1aa, 7917}, /*II_66_0F_38_2B*/ {0x1a9, 7938}, /*II_66_0F_38_30*/ {0x1a5, 7983}, /*II_66_0F_38_31*/ {0x1a6, 8004}, /*II_66_0F_38_32*/ {0x1a7, 8025}, /*II_66_0F_38_33*/ {0x1a5, 8046}, /*II_66_0F_38_34*/ {0x1a6, 8067}, /*II_66_0F_38_35*/ {0x1a5, 8088}, /*II_66_0F_38_37*/ {0x1a0, 8109}, /*II_66_0F_38_38*/ {0x1a9, 8128}, /*II_66_0F_38_39*/ {0x1a9, 8145}, /*II_66_0F_38_3A*/ {0x1a9, 8162}, /*II_66_0F_38_3B*/ {0x1a9, 8179}, /*II_66_0F_38_3C*/ {0x1a9, 8196}, /*II_66_0F_38_3D*/ {0x1a9, 8213}, /*II_66_0F_38_3E*/ {0x1a9, 8230}, /*II_66_0F_38_3F*/ {0x1a9, 8247}, /*II_66_0F_38_40*/ {0x1a9, 8264}, /*II_66_0F_38_41*/ {0x1a9, 8281}, /*II_66_0F_38_80*/ {0x1ad, 8306}, /*II_66_0F_38_81*/ {0x1ad, 8314}, /*II_66_0F_38_82*/ {0x1ad, 8323}, /*II_66_0F_38_DB*/ {0x1b0, 9172}, /*II_66_0F_38_DC*/ {0x1b0, 9189}, /*II_66_0F_38_DD*/ {0x1b0, 9206}, /*II_66_0F_38_DE*/ {0x1b0, 9231}, /*II_66_0F_38_DF*/ {0x1b0, 9248}, /*II_0F_38_F0*/ {0x1b3, 9273}, /*II_F2_0F_38_F0*/ {0x1b4, 9280}, /*II_0F_38_F1*/ {0x1b5, 9273}, /*II_F2_0F_38_F1*/ {0x1b6, 9280}, /*II_0F_71_02*/ {0x1cd, 6458}, /*II_66_0F_71_02*/ {0x1ce, 6458}, /*II_0F_71_04*/ {0x1cd, 6717}, /*II_66_0F_71_04*/ {0x1ce, 6717}, /*II_0F_71_06*/ {0x1cd, 7031}, /*II_66_0F_71_06*/ {0x1ce, 7031}, /*II_0F_72_02*/ {0x1cd, 6473}, /*II_66_0F_72_02*/ {0x1ce, 6473}, /*II_0F_72_04*/ {0x1cd, 6732}, /*II_66_0F_72_04*/ {0x1ce, 6732}, /*II_0F_72_06*/ {0x1cd, 7046}, /*II_66_0F_72_06*/ {0x1ce, 7046}, /*II_0F_73_02*/ {0x1cd, 6488}, /*II_66_0F_73_02*/ {0x1ce, 6488}, /*II_66_0F_73_03*/ {0x1ce, 9852}, /*II_0F_73_06*/ {0x1cd, 7061}, /*II_66_0F_73_06*/ {0x1ce, 7061}, /*II_66_0F_73_07*/ {0x1ce, 9869}, /*II_F3_0F_AE_00*/ {0x1d0, 9904}, /*II_F3_0F_AE_01*/ {0x1d0, 9934}, /*II_0F_AE_02*/ {0x1d1, 9944}, /*II_F3_0F_AE_02*/ {0x1d0, 9953}, /*II_0F_AE_03*/ {0x1d1, 9973}, /*II_F3_0F_AE_03*/ {0x1d0, 9982}, /*II_0F_C7_06*/ {0x1d3, 10002}, /*II_66_0F_C7_06*/ {0x188, 10011}, /*II_F3_0F_C7_06*/ {0x188, 10020} }; _InstInfoEx InstInfosEx[381] = { /*II_69*/ {{0x34, 117}, 0x0, 3, 0, 0, 0}, /*II_6B*/ {{0x34, 117}, 0x0, 5, 0, 0, 0}, /*II_98*/ {{0x4e, 228}, 0x0, 0, 0, 233, 239}, /*II_99*/ {{0x4e, 245}, 0x0, 0, 0, 250, 255}, /*II_E3*/ {{0x76, 427}, 0x0, 0, 0, 433, 440}, /*II_0F_A4*/ {{0xac, 876}, 0x0, 1, 0, 0, 0}, /*II_0F_A5*/ {{0xac, 876}, 0x0, 52, 0, 0, 0}, /*II_0F_AC*/ {{0xac, 892}, 0x0, 1, 0, 0, 0}, /*II_0F_AD*/ {{0xac, 892}, 0x0, 52, 0, 0, 0}, /*II_V_0F_10*/ {{0x126, 2139}, 0x41, 0, 0, 0, 0}, /*II_V_66_0F_10*/ {{0x126, 2148}, 0x41, 0, 0, 0, 0}, /*II_V_F3_0F_10*/ {{0x127, 2157}, 0x20, 69, 0, 0, 0}, /*II_V_F2_0F_10*/ {{0x127, 2165}, 0x20, 69, 0, 0, 0}, /*II_VRR_F3_0F_10*/ {{0x128, 2157}, 0x60, 0, 0, 0, 0}, /*II_VRR_F2_0F_10*/ {{0x129, 2165}, 0x60, 0, 0, 0, 0}, /*II_V_0F_11*/ {{0x12e, 2139}, 0x41, 0, 0, 0, 0}, /*II_V_66_0F_11*/ {{0x12e, 2148}, 0x41, 0, 0, 0, 0}, /*II_V_F3_0F_11*/ {{0x127, 2157}, 0x20, 69, 0, 0, 0}, /*II_V_F2_0F_11*/ {{0x127, 2165}, 0x20, 69, 0, 0, 0}, /*II_VRR_F3_0F_11*/ {{0x12f, 2157}, 0x60, 0, 0, 0, 0}, /*II_VRR_F2_0F_11*/ {{0x130, 2165}, 0x60, 0, 0, 0, 0}, /*II_0F_12*/ {{0x131, 2173}, 0x0, 0, 0, 2182, 0}, /*II_V_0F_12*/ {{0x134, 2217}, 0x0, 72, 0, 2227, 0}, /*II_V_66_0F_12*/ {{0x135, 2236}, 0x0, 46, 0, 0, 0}, /*II_V_F3_0F_12*/ {{0x126, 2245}, 0x41, 0, 0, 0, 0}, /*II_V_F2_0F_12*/ {{0x136, 2256}, 0x41, 0, 0, 0, 0}, /*II_V_0F_13*/ {{0x139, 2227}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_13*/ {{0x139, 2236}, 0x40, 0, 0, 0, 0}, /*II_V_0F_14*/ {{0x13c, 2286}, 0x1, 90, 0, 0, 0}, /*II_V_66_0F_14*/ {{0x13c, 2297}, 0x1, 90, 0, 0, 0}, /*II_V_0F_15*/ {{0x13c, 2328}, 0x1, 90, 0, 0, 0}, /*II_V_66_0F_15*/ {{0x13c, 2339}, 0x1, 90, 0, 0, 0}, /*II_0F_16*/ {{0x131, 2350}, 0x0, 0, 0, 2359, 0}, /*II_V_0F_16*/ {{0x134, 2385}, 0x0, 72, 0, 2395, 0}, /*II_V_66_0F_16*/ {{0x135, 2404}, 0x0, 46, 0, 0, 0}, /*II_V_F3_0F_16*/ {{0x126, 2413}, 0x41, 0, 0, 0, 0}, /*II_V_0F_17*/ {{0x139, 2395}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_17*/ {{0x139, 2404}, 0x40, 0, 0, 0, 0}, /*II_V_0F_28*/ {{0x126, 2489}, 0x41, 0, 0, 0, 0}, /*II_V_66_0F_28*/ {{0x126, 2498}, 0x41, 0, 0, 0, 0}, /*II_V_0F_29*/ {{0x12e, 2489}, 0x41, 0, 0, 0, 0}, /*II_V_66_0F_29*/ {{0x12e, 2498}, 0x41, 0, 0, 0, 0}, /*II_V_F3_0F_2A*/ {{0x135, 2547}, 0x2, 79, 0, 0, 0}, /*II_V_F2_0F_2A*/ {{0x135, 2558}, 0x2, 79, 0, 0, 0}, /*II_V_0F_2B*/ {{0x147, 2605}, 0x41, 0, 0, 0, 0}, /*II_V_66_0F_2B*/ {{0x147, 2615}, 0x41, 0, 0, 0, 0}, /*II_V_F3_0F_2C*/ {{0x14c, 2669}, 0x42, 0, 0, 0, 0}, /*II_V_F2_0F_2C*/ {{0x14c, 2681}, 0x42, 0, 0, 0, 0}, /*II_V_F3_0F_2D*/ {{0x14c, 2733}, 0x42, 0, 0, 0, 0}, /*II_V_F2_0F_2D*/ {{0x14c, 2744}, 0x42, 0, 0, 0, 0}, /*II_V_0F_2E*/ {{0x14f, 2773}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_2E*/ {{0x150, 2783}, 0x40, 0, 0, 0, 0}, /*II_V_0F_2F*/ {{0x14f, 2809}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_2F*/ {{0x150, 2818}, 0x40, 0, 0, 0, 0}, /*II_V_0F_50*/ {{0x153, 2847}, 0x41, 0, 0, 0, 0}, /*II_V_66_0F_50*/ {{0x153, 2858}, 0x41, 0, 0, 0, 0}, /*II_V_0F_51*/ {{0x126, 2901}, 0x41, 0, 0, 0, 0}, /*II_V_66_0F_51*/ {{0x126, 2910}, 0x41, 0, 0, 0, 0}, /*II_V_F3_0F_51*/ {{0x135, 2919}, 0x0, 71, 0, 0, 0}, /*II_V_F2_0F_51*/ {{0x135, 2928}, 0x0, 72, 0, 0, 0}, /*II_V_0F_52*/ {{0x126, 2955}, 0x41, 0, 0, 0, 0}, /*II_V_F3_0F_52*/ {{0x135, 2965}, 0x0, 71, 0, 0, 0}, /*II_V_0F_53*/ {{0x126, 2989}, 0x41, 0, 0, 0, 0}, /*II_V_F3_0F_53*/ {{0x135, 2997}, 0x0, 71, 0, 0, 0}, /*II_V_0F_54*/ {{0x13c, 3019}, 0x1, 90, 0, 0, 0}, /*II_V_66_0F_54*/ {{0x13c, 3027}, 0x1, 90, 0, 0, 0}, /*II_V_0F_55*/ {{0x13c, 3051}, 0x1, 90, 0, 0, 0}, /*II_V_66_0F_55*/ {{0x13c, 3060}, 0x1, 90, 0, 0, 0}, /*II_V_0F_56*/ {{0x13c, 3081}, 0x1, 90, 0, 0, 0}, /*II_V_66_0F_56*/ {{0x13c, 3088}, 0x1, 90, 0, 0, 0}, /*II_V_0F_57*/ {{0x13c, 3109}, 0x1, 90, 0, 0, 0}, /*II_V_66_0F_57*/ {{0x13c, 3117}, 0x1, 90, 0, 0, 0}, /*II_V_0F_58*/ {{0x13c, 3153}, 0x1, 90, 0, 0, 0}, /*II_V_66_0F_58*/ {{0x13c, 3161}, 0x1, 90, 0, 0, 0}, /*II_V_F3_0F_58*/ {{0x135, 3169}, 0x0, 71, 0, 0, 0}, /*II_V_F2_0F_58*/ {{0x135, 3177}, 0x0, 72, 0, 0, 0}, /*II_V_0F_59*/ {{0x13c, 3213}, 0x1, 90, 0, 0, 0}, /*II_V_66_0F_59*/ {{0x13c, 3221}, 0x1, 90, 0, 0, 0}, /*II_V_F3_0F_59*/ {{0x135, 3229}, 0x0, 71, 0, 0, 0}, /*II_V_F2_0F_59*/ {{0x135, 3237}, 0x0, 72, 0, 0, 0}, /*II_V_0F_5A*/ {{0x156, 3285}, 0x41, 0, 0, 0, 0}, /*II_V_66_0F_5A*/ {{0x157, 3296}, 0x41, 0, 0, 0, 0}, /*II_V_F3_0F_5A*/ {{0x135, 3307}, 0x0, 71, 0, 0, 0}, /*II_V_F2_0F_5A*/ {{0x135, 3318}, 0x0, 72, 0, 0, 0}, /*II_V_0F_5B*/ {{0x126, 3360}, 0x41, 0, 0, 0, 0}, /*II_V_66_0F_5B*/ {{0x126, 3371}, 0x41, 0, 0, 0, 0}, /*II_V_F3_0F_5B*/ {{0x126, 3382}, 0x41, 0, 0, 0, 0}, /*II_V_0F_5C*/ {{0x13c, 3422}, 0x1, 90, 0, 0, 0}, /*II_V_66_0F_5C*/ {{0x13c, 3430}, 0x1, 90, 0, 0, 0}, /*II_V_F3_0F_5C*/ {{0x135, 3438}, 0x0, 71, 0, 0, 0}, /*II_V_F2_0F_5C*/ {{0x135, 3446}, 0x0, 72, 0, 0, 0}, /*II_V_0F_5D*/ {{0x13c, 3482}, 0x1, 90, 0, 0, 0}, /*II_V_66_0F_5D*/ {{0x13c, 3490}, 0x1, 90, 0, 0, 0}, /*II_V_F3_0F_5D*/ {{0x135, 3498}, 0x0, 71, 0, 0, 0}, /*II_V_F2_0F_5D*/ {{0x135, 3506}, 0x0, 72, 0, 0, 0}, /*II_V_0F_5E*/ {{0x13c, 3542}, 0x1, 90, 0, 0, 0}, /*II_V_66_0F_5E*/ {{0x13c, 3550}, 0x1, 90, 0, 0, 0}, /*II_V_F3_0F_5E*/ {{0x135, 3558}, 0x0, 71, 0, 0, 0}, /*II_V_F2_0F_5E*/ {{0x135, 3566}, 0x0, 72, 0, 0, 0}, /*II_V_0F_5F*/ {{0x13c, 3602}, 0x1, 90, 0, 0, 0}, /*II_V_66_0F_5F*/ {{0x13c, 3610}, 0x1, 90, 0, 0, 0}, /*II_V_F3_0F_5F*/ {{0x135, 3618}, 0x0, 71, 0, 0, 0}, /*II_V_F2_0F_5F*/ {{0x135, 3626}, 0x0, 72, 0, 0, 0}, /*II_V_66_0F_60*/ {{0x135, 3645}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_61*/ {{0x135, 3668}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_62*/ {{0x135, 3691}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_63*/ {{0x135, 3713}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_64*/ {{0x135, 3733}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_65*/ {{0x135, 3752}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_66*/ {{0x135, 3771}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_67*/ {{0x135, 3791}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_68*/ {{0x135, 3813}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_69*/ {{0x135, 3836}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_6A*/ {{0x135, 3859}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_6B*/ {{0x135, 3881}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_6C*/ {{0x135, 3904}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_6D*/ {{0x135, 3929}, 0x0, 73, 0, 0, 0}, /*II_0F_6E*/ {{0x15a, 3942}, 0x0, 0, 0, 0, 3948}, /*II_66_0F_6E*/ {{0x15b, 3942}, 0x0, 0, 0, 0, 3948}, /*II_V_66_0F_6E*/ {{0x15c, 3954}, 0x46, 0, 0, 3961, 0}, /*II_V_66_0F_6F*/ {{0x126, 3984}, 0x41, 0, 0, 0, 0}, /*II_V_F3_0F_6F*/ {{0x126, 3993}, 0x41, 0, 0, 0, 0}, /*II_0F_70*/ {{0x15e, 4002}, 0x0, 1, 0, 0, 0}, /*II_66_0F_70*/ {{0x15f, 4010}, 0x0, 1, 0, 0, 0}, /*II_F3_0F_70*/ {{0x15f, 4018}, 0x0, 1, 0, 0, 0}, /*II_F2_0F_70*/ {{0x15f, 4027}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_70*/ {{0x160, 4036}, 0x40, 1, 0, 0, 0}, /*II_V_F3_0F_70*/ {{0x160, 4045}, 0x40, 1, 0, 0, 0}, /*II_V_F2_0F_70*/ {{0x160, 4055}, 0x40, 1, 0, 0, 0}, /*II_V_66_0F_74*/ {{0x135, 4074}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_75*/ {{0x135, 4093}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_76*/ {{0x135, 4112}, 0x0, 73, 0, 0, 0}, /*II_V_0F_77*/ {{0x162, 4128}, 0x49, 0, 0, 4140, 0}, /*II_66_0F_78*/ {{0x164, 4158}, 0x0, 8, 0, 0, 0}, /*II_F2_0F_78*/ {{0x165, 4165}, 0x0, 7, 8, 0, 0}, /*II_V_66_0F_7C*/ {{0x13c, 4219}, 0x1, 90, 0, 0, 0}, /*II_V_F2_0F_7C*/ {{0x13c, 4228}, 0x1, 90, 0, 0, 0}, /*II_V_66_0F_7D*/ {{0x13c, 4253}, 0x1, 90, 0, 0, 0}, /*II_V_F2_0F_7D*/ {{0x13c, 4262}, 0x1, 90, 0, 0, 0}, /*II_0F_7E*/ {{0x16c, 3942}, 0x0, 0, 0, 0, 3948}, /*II_66_0F_7E*/ {{0x16d, 3942}, 0x0, 0, 0, 0, 3948}, /*II_V_66_0F_7E*/ {{0x16e, 3954}, 0x46, 0, 0, 3961, 0}, /*II_V_F3_0F_7E*/ {{0x150, 3961}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_7F*/ {{0x12e, 3984}, 0x41, 0, 0, 0, 0}, /*II_V_F3_0F_7F*/ {{0x12e, 3993}, 0x41, 0, 0, 0, 0}, /*II_0F_AE_04*/ {{0x170, 4271}, 0x0, 0, 0, 0, 4278}, /*II_0F_AE_05*/ {{0x171, 4287}, 0x0, 0, 0, 4295, 4303}, /*II_0F_AE_06*/ {{0x171, 4313}, 0x0, 0, 0, 4321, 4331}, /*II_0F_AE_07*/ {{0x172, 4343}, 0x0, 0, 0, 4351, 0}, /*II_0F_C2*/ {{0x179, 4392}, 0x0, 0, 0, 4401, 4410}, /*II_66_0F_C2*/ {{0x17a, 4471}, 0x0, 0, 0, 4480, 4489}, /*II_F3_0F_C2*/ {{0x17b, 4550}, 0x0, 0, 0, 4559, 4568}, /*II_F2_0F_C2*/ {{0x17c, 4629}, 0x0, 0, 0, 4638, 4647}, /*II_V_0F_C2*/ {{0x17d, 4708}, 0x1, 90, 0, 4718, 4728}, /*II_V_66_0F_C2*/ {{0x17d, 5110}, 0x1, 90, 0, 5120, 5130}, /*II_V_F3_0F_C2*/ {{0x17e, 5512}, 0x0, 71, 0, 5522, 5532}, /*II_V_F2_0F_C2*/ {{0x17e, 5914}, 0x0, 72, 0, 5924, 5934}, /*II_0F_C4*/ {{0x17f, 6316}, 0x0, 1, 0, 0, 0}, /*II_66_0F_C4*/ {{0x180, 6316}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_C4*/ {{0x181, 6324}, 0x0, 25, 1, 0, 0}, /*II_0F_C5*/ {{0x182, 6333}, 0x0, 1, 0, 0, 0}, /*II_66_0F_C5*/ {{0x183, 6333}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_C5*/ {{0x184, 6341}, 0x40, 1, 0, 0, 0}, /*II_0F_C6*/ {{0x185, 6350}, 0x0, 1, 0, 0, 0}, /*II_66_0F_C6*/ {{0x15f, 6358}, 0x0, 1, 0, 0, 0}, /*II_V_0F_C6*/ {{0x186, 6366}, 0x1, 90, 1, 0, 0}, /*II_V_66_0F_C6*/ {{0x186, 6375}, 0x1, 90, 1, 0, 0}, /*II_0F_C7_01*/ {{0x187, 6384}, 0x0, 0, 0, 0, 6395}, /*II_V_66_0F_D0*/ {{0x13c, 6436}, 0x1, 90, 0, 0, 0}, /*II_V_F2_0F_D0*/ {{0x13c, 6447}, 0x1, 90, 0, 0, 0}, /*II_V_66_0F_D1*/ {{0x135, 6465}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_D2*/ {{0x135, 6480}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_D3*/ {{0x135, 6495}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_D4*/ {{0x135, 6510}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_D5*/ {{0x135, 6526}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_D6*/ {{0x18b, 3961}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_D7*/ {{0x18e, 6563}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_D8*/ {{0x135, 6583}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_D9*/ {{0x135, 6602}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_DA*/ {{0x135, 6620}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_DB*/ {{0x135, 6635}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_DC*/ {{0x135, 6651}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_DD*/ {{0x135, 6651}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_DE*/ {{0x135, 6678}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_DF*/ {{0x135, 6694}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_E0*/ {{0x135, 6709}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_E1*/ {{0x135, 6724}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_E2*/ {{0x135, 6739}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_E3*/ {{0x135, 6754}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_E4*/ {{0x135, 6771}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_E5*/ {{0x135, 6789}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_E6*/ {{0x157, 6829}, 0x41, 0, 0, 0, 0}, /*II_V_F3_0F_E6*/ {{0x156, 6841}, 0x41, 0, 0, 0, 0}, /*II_V_F2_0F_E6*/ {{0x157, 6852}, 0x41, 0, 0, 0, 0}, /*II_V_66_0F_E7*/ {{0x147, 6880}, 0x41, 0, 0, 0, 0}, /*II_V_66_0F_E8*/ {{0x135, 6898}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_E9*/ {{0x135, 6915}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_EA*/ {{0x135, 6932}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_EB*/ {{0x135, 6946}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_EC*/ {{0x135, 6960}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_ED*/ {{0x135, 6977}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_EE*/ {{0x135, 6994}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_EF*/ {{0x135, 7009}, 0x0, 73, 0, 0, 0}, /*II_V_F2_0F_F0*/ {{0x192, 7023}, 0x41, 0, 0, 0, 0}, /*II_V_66_0F_F1*/ {{0x135, 7038}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_F2*/ {{0x135, 7053}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_F3*/ {{0x135, 7068}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_F4*/ {{0x135, 7085}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_F5*/ {{0x135, 7104}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_F6*/ {{0x135, 7122}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_F7*/ {{0x196, 7153}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_F8*/ {{0x135, 7173}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_F9*/ {{0x135, 7188}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_FA*/ {{0x135, 7203}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_FB*/ {{0x135, 7218}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_FC*/ {{0x135, 7233}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_FD*/ {{0x135, 7248}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_FE*/ {{0x135, 7263}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_00*/ {{0x135, 7371}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_01*/ {{0x135, 7388}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_02*/ {{0x135, 7405}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_03*/ {{0x135, 7423}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_04*/ {{0x135, 7444}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_05*/ {{0x135, 7464}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_06*/ {{0x135, 7481}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_07*/ {{0x135, 7499}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_08*/ {{0x135, 7517}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_09*/ {{0x135, 7534}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_0A*/ {{0x135, 7551}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_0B*/ {{0x135, 7570}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_0C*/ {{0x13c, 7581}, 0x1, 90, 0, 0, 0}, /*II_V_66_0F_38_0D*/ {{0x13c, 7592}, 0x1, 90, 0, 0, 0}, /*II_V_66_0F_38_0E*/ {{0x126, 7603}, 0x41, 0, 0, 0, 0}, /*II_V_66_0F_38_0F*/ {{0x126, 7612}, 0x41, 0, 0, 0, 0}, /*II_66_0F_38_10*/ {{0x19f, 7621}, 0x0, 74, 0, 0, 0}, /*II_66_0F_38_14*/ {{0x19f, 7631}, 0x0, 74, 0, 0, 0}, /*II_66_0F_38_15*/ {{0x19f, 7641}, 0x0, 74, 0, 0, 0}, /*II_V_66_0F_38_17*/ {{0x126, 7658}, 0x41, 0, 0, 0, 0}, /*II_V_66_0F_38_18*/ {{0x1a1, 7666}, 0x41, 0, 0, 0, 0}, /*II_V_66_0F_38_19*/ {{0x1a2, 7680}, 0x50, 0, 0, 0, 0}, /*II_V_66_0F_38_1A*/ {{0x1a3, 7694}, 0x50, 0, 0, 0, 0}, /*II_V_66_0F_38_1C*/ {{0x1a4, 7717}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_1D*/ {{0x1a4, 7732}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_1E*/ {{0x1a4, 7747}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_20*/ {{0x150, 7765}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_21*/ {{0x14f, 7786}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_22*/ {{0x1a8, 7807}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_23*/ {{0x150, 7828}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_24*/ {{0x14f, 7849}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_25*/ {{0x150, 7870}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_28*/ {{0x135, 7889}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_29*/ {{0x135, 7907}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_2A*/ {{0x1ab, 7927}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_2B*/ {{0x135, 7948}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_2C*/ {{0x13c, 7959}, 0x1, 92, 0, 0, 0}, /*II_V_66_0F_38_2D*/ {{0x13c, 7971}, 0x1, 92, 0, 0, 0}, /*II_V_66_0F_38_2E*/ {{0x1ac, 7959}, 0x1, 83, 0, 0, 0}, /*II_V_66_0F_38_2F*/ {{0x1ac, 7971}, 0x1, 83, 0, 0, 0}, /*II_V_66_0F_38_30*/ {{0x150, 7993}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_31*/ {{0x14f, 8014}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_32*/ {{0x1a8, 8035}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_33*/ {{0x150, 8056}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_34*/ {{0x14f, 8077}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_35*/ {{0x150, 8098}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_37*/ {{0x135, 8118}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_38*/ {{0x135, 8136}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_39*/ {{0x135, 8153}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_3A*/ {{0x135, 8170}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_3B*/ {{0x135, 8187}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_3C*/ {{0x135, 8204}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_3D*/ {{0x135, 8221}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_3E*/ {{0x135, 8238}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_3F*/ {{0x135, 8255}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_40*/ {{0x135, 8272}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_41*/ {{0x1a4, 8293}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_96*/ {{0x1ae, 8332}, 0x7, 90, 0, 8348, 0}, /*II_V_66_0F_38_97*/ {{0x1ae, 8364}, 0x7, 90, 0, 8380, 0}, /*II_V_66_0F_38_98*/ {{0x1ae, 8396}, 0x7, 90, 0, 8409, 0}, /*II_V_66_0F_38_99*/ {{0x1af, 8422}, 0x6, 80, 0, 8435, 0}, /*II_V_66_0F_38_9A*/ {{0x1ae, 8448}, 0x7, 90, 0, 8461, 0}, /*II_V_66_0F_38_9B*/ {{0x1af, 8474}, 0x6, 80, 0, 8487, 0}, /*II_V_66_0F_38_9C*/ {{0x1ae, 8500}, 0x7, 90, 0, 8514, 0}, /*II_V_66_0F_38_9D*/ {{0x1af, 8528}, 0x6, 80, 0, 8542, 0}, /*II_V_66_0F_38_9E*/ {{0x1ae, 8556}, 0x7, 90, 0, 8570, 0}, /*II_V_66_0F_38_9F*/ {{0x1af, 8584}, 0x6, 80, 0, 8598, 0}, /*II_V_66_0F_38_A6*/ {{0x1ae, 8612}, 0x7, 90, 0, 8628, 0}, /*II_V_66_0F_38_A7*/ {{0x1ae, 8644}, 0x7, 90, 0, 8660, 0}, /*II_V_66_0F_38_A8*/ {{0x1ae, 8676}, 0x7, 90, 0, 8689, 0}, /*II_V_66_0F_38_A9*/ {{0x1af, 8702}, 0x6, 80, 0, 8715, 0}, /*II_V_66_0F_38_AA*/ {{0x1ae, 8728}, 0x7, 90, 0, 8741, 0}, /*II_V_66_0F_38_AB*/ {{0x1af, 8754}, 0x6, 80, 0, 8767, 0}, /*II_V_66_0F_38_AC*/ {{0x1ae, 8780}, 0x7, 90, 0, 8794, 0}, /*II_V_66_0F_38_AD*/ {{0x1af, 8808}, 0x6, 80, 0, 8822, 0}, /*II_V_66_0F_38_AE*/ {{0x1ae, 8836}, 0x7, 90, 0, 8850, 0}, /*II_V_66_0F_38_AF*/ {{0x1af, 8864}, 0x6, 80, 0, 8878, 0}, /*II_V_66_0F_38_B6*/ {{0x1ae, 8892}, 0x7, 90, 0, 8908, 0}, /*II_V_66_0F_38_B7*/ {{0x1ae, 8924}, 0x7, 90, 0, 8940, 0}, /*II_V_66_0F_38_B8*/ {{0x1ae, 8956}, 0x7, 90, 0, 8969, 0}, /*II_V_66_0F_38_B9*/ {{0x1af, 8982}, 0x6, 80, 0, 8995, 0}, /*II_V_66_0F_38_BA*/ {{0x1ae, 9008}, 0x7, 90, 0, 9021, 0}, /*II_V_66_0F_38_BB*/ {{0x1af, 9034}, 0x6, 80, 0, 9047, 0}, /*II_V_66_0F_38_BC*/ {{0x1ae, 9060}, 0x7, 90, 0, 9074, 0}, /*II_V_66_0F_38_BD*/ {{0x1af, 9088}, 0x6, 80, 0, 9102, 0}, /*II_V_66_0F_38_BE*/ {{0x1ae, 9116}, 0x7, 90, 0, 9130, 0}, /*II_V_66_0F_38_BF*/ {{0x1af, 9144}, 0x6, 80, 0, 9158, 0}, /*II_V_66_0F_38_DB*/ {{0x1b1, 9180}, 0x40, 0, 0, 0, 0}, /*II_V_66_0F_38_DC*/ {{0x1b2, 9197}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_DD*/ {{0x1b2, 9218}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_DE*/ {{0x1b2, 9239}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_38_DF*/ {{0x1b2, 9260}, 0x0, 73, 0, 0, 0}, /*II_V_66_0F_3A_04*/ {{0x1b7, 7581}, 0x41, 1, 0, 0, 0}, /*II_V_66_0F_3A_05*/ {{0x1b7, 7592}, 0x41, 1, 0, 0, 0}, /*II_V_66_0F_3A_06*/ {{0x1b8, 9287}, 0x10, 86, 1, 0, 0}, /*II_66_0F_3A_08*/ {{0x19f, 9299}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_08*/ {{0x1b7, 9308}, 0x41, 1, 0, 0, 0}, /*II_66_0F_3A_09*/ {{0x19f, 9318}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_09*/ {{0x1b7, 9327}, 0x41, 1, 0, 0, 0}, /*II_66_0F_3A_0A*/ {{0x1b9, 9337}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_0A*/ {{0x181, 9346}, 0x0, 71, 1, 0, 0}, /*II_66_0F_3A_0B*/ {{0x1ba, 9356}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_0B*/ {{0x181, 9365}, 0x0, 72, 1, 0, 0}, /*II_66_0F_3A_0C*/ {{0x19f, 9375}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_0C*/ {{0x186, 9384}, 0x1, 90, 1, 0, 0}, /*II_66_0F_3A_0D*/ {{0x19f, 9394}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_0D*/ {{0x186, 9403}, 0x1, 90, 1, 0, 0}, /*II_66_0F_3A_0E*/ {{0x19f, 9413}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_0E*/ {{0x181, 9422}, 0x0, 73, 1, 0, 0}, /*II_0F_3A_0F*/ {{0x1bb, 9432}, 0x0, 1, 0, 0, 0}, /*II_66_0F_3A_0F*/ {{0x1bc, 9432}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_0F*/ {{0x181, 9441}, 0x0, 73, 1, 0, 0}, /*II_66_0F_3A_14*/ {{0x1bd, 9451}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_14*/ {{0x1be, 9459}, 0x40, 1, 0, 0, 0}, /*II_66_0F_3A_15*/ {{0x1bf, 6333}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_15*/ {{0x1c0, 6341}, 0x40, 1, 0, 0, 0}, /*II_66_0F_3A_16*/ {{0x1c1, 9468}, 0x0, 1, 0, 0, 9476}, /*II_V_66_0F_3A_16*/ {{0x1c2, 9484}, 0x46, 1, 0, 9493, 0}, /*II_66_0F_3A_17*/ {{0x1c3, 9502}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_17*/ {{0x1c4, 9513}, 0x40, 1, 0, 0, 0}, /*II_V_66_0F_3A_18*/ {{0x1b8, 9525}, 0x10, 73, 1, 0, 0}, /*II_V_66_0F_3A_19*/ {{0x1c5, 9538}, 0x50, 1, 0, 0, 0}, /*II_66_0F_3A_20*/ {{0x1c6, 9552}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_20*/ {{0x181, 9560}, 0x0, 76, 1, 0, 0}, /*II_66_0F_3A_21*/ {{0x1b9, 9569}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_21*/ {{0x181, 9579}, 0x0, 71, 1, 0, 0}, /*II_66_0F_3A_22*/ {{0x1c7, 9590}, 0x0, 1, 0, 0, 9598}, /*II_V_66_0F_3A_22*/ {{0x181, 9606}, 0x6, 79, 1, 9615, 0}, /*II_66_0F_3A_40*/ {{0x19f, 9624}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_40*/ {{0x186, 9630}, 0x1, 90, 1, 0, 0}, /*II_66_0F_3A_41*/ {{0x19f, 9637}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_41*/ {{0x181, 9643}, 0x0, 73, 1, 0, 0}, /*II_66_0F_3A_42*/ {{0x19f, 9650}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_42*/ {{0x181, 9659}, 0x0, 73, 1, 0, 0}, /*II_66_0F_3A_44*/ {{0x1c8, 9669}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_44*/ {{0x1c9, 9680}, 0x0, 73, 1, 0, 0}, /*II_V_66_0F_3A_4A*/ {{0x186, 9692}, 0x1, 90, 84, 0, 0}, /*II_V_66_0F_3A_4B*/ {{0x186, 9703}, 0x1, 90, 84, 0, 0}, /*II_V_66_0F_3A_4C*/ {{0x181, 9714}, 0x0, 73, 82, 0, 0}, /*II_66_0F_3A_60*/ {{0x1ca, 9725}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_60*/ {{0x160, 9736}, 0x40, 1, 0, 0, 0}, /*II_66_0F_3A_61*/ {{0x1ca, 9748}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_61*/ {{0x160, 9759}, 0x40, 1, 0, 0, 0}, /*II_66_0F_3A_62*/ {{0x1ca, 9771}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_62*/ {{0x160, 9782}, 0x40, 1, 0, 0, 0}, /*II_66_0F_3A_63*/ {{0x1ca, 9794}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_63*/ {{0x160, 9805}, 0x40, 1, 0, 0, 0}, /*II_66_0F_3A_DF*/ {{0x1cb, 9817}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_3A_DF*/ {{0x1cc, 9834}, 0x40, 1, 0, 0, 0}, /*II_V_66_0F_71_02*/ {{0x1cf, 6465}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_71_04*/ {{0x1cf, 6724}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_71_06*/ {{0x1cf, 7038}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_72_02*/ {{0x1cf, 6480}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_72_04*/ {{0x1cf, 6739}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_72_06*/ {{0x1cf, 7053}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_73_02*/ {{0x1cf, 6495}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_73_03*/ {{0x1cf, 9860}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_73_06*/ {{0x1cf, 7068}, 0x0, 1, 0, 0, 0}, /*II_V_66_0F_73_07*/ {{0x1cf, 9877}, 0x0, 1, 0, 0, 0}, /*II_0F_AE_00*/ {{0x170, 9886}, 0x0, 0, 0, 0, 9894}, /*II_0F_AE_01*/ {{0x170, 9914}, 0x0, 0, 0, 0, 9923}, /*II_V_0F_AE_02*/ {{0x1d2, 9963}, 0x40, 0, 0, 0, 0}, /*II_V_0F_AE_03*/ {{0x1d2, 9992}, 0x40, 0, 0, 0, 0} }; _InstNode InstructionsTree[5688] = { /* 0 - _00 */ 0x2000, /* 1 - _01 */ 0x2001, /* 2 - _02 */ 0x2002, /* 3 - _03 */ 0x2003, /* 4 - _04 */ 0x2004, /* 5 - _05 */ 0x2005, /* 6 - _06 */ 0x2006, /* 7 - _07 */ 0x2007, /* 8 - _08 */ 0x2008, /* 9 - _09 */ 0x2009, /* a - _0A */ 0x200a, /* b - _0B */ 0x200b, /* c - _0C */ 0x200c, /* d - _0D */ 0x200d, /* e - _0E */ 0x200e, /* f - _0F */ 0x8100, /* 10 - _10 */ 0x200f, /* 11 - _11 */ 0x2010, /* 12 - _12 */ 0x2011, /* 13 - _13 */ 0x2012, /* 14 - _14 */ 0x2013, /* 15 - _15 */ 0x2014, /* 16 - _16 */ 0x2015, /* 17 - _17 */ 0x2016, /* 18 - _18 */ 0x2017, /* 19 - _19 */ 0x2018, /* 1a - _1A */ 0x2019, /* 1b - _1B */ 0x201a, /* 1c - _1C */ 0x201b, /* 1d - _1D */ 0x201c, /* 1e - _1E */ 0x201d, /* 1f - _1F */ 0x201e, /* 20 - _20 */ 0x201f, /* 21 - _21 */ 0x2020, /* 22 - _22 */ 0x2021, /* 23 - _23 */ 0x2022, /* 24 - _24 */ 0x2023, /* 25 - _25 */ 0x2024, /* 26 - */ 0, /* 27 - _27 */ 0x2025, /* 28 - _28 */ 0x2026, /* 29 - _29 */ 0x2027, /* 2a - _2A */ 0x2028, /* 2b - _2B */ 0x2029, /* 2c - _2C */ 0x202a, /* 2d - _2D */ 0x202b, /* 2e - */ 0, /* 2f - _2F */ 0x202c, /* 30 - _30 */ 0x202d, /* 31 - _31 */ 0x202e, /* 32 - _32 */ 0x202f, /* 33 - _33 */ 0x2030, /* 34 - _34 */ 0x2031, /* 35 - _35 */ 0x2032, /* 36 - */ 0, /* 37 - _37 */ 0x2033, /* 38 - _38 */ 0x2034, /* 39 - _39 */ 0x2035, /* 3a - _3A */ 0x2036, /* 3b - _3B */ 0x2037, /* 3c - _3C */ 0x2038, /* 3d - _3D */ 0x2039, /* 3e - */ 0, /* 3f - _3F */ 0x203a, /* 40 - _40 */ 0x203b, /* 41 - _40 */ 0x203c, /* 42 - _40 */ 0x203d, /* 43 - _40 */ 0x203e, /* 44 - _40 */ 0x203f, /* 45 - _40 */ 0x2040, /* 46 - _40 */ 0x2041, /* 47 - _40 */ 0x2042, /* 48 - _48 */ 0x2043, /* 49 - _48 */ 0x2044, /* 4a - _48 */ 0x2045, /* 4b - _48 */ 0x2046, /* 4c - _48 */ 0x2047, /* 4d - _48 */ 0x2048, /* 4e - _48 */ 0x2049, /* 4f - _48 */ 0x204a, /* 50 - _50 */ 0x204b, /* 51 - _50 */ 0x204c, /* 52 - _50 */ 0x204d, /* 53 - _50 */ 0x204e, /* 54 - _50 */ 0x204f, /* 55 - _50 */ 0x2050, /* 56 - _50 */ 0x2051, /* 57 - _50 */ 0x2052, /* 58 - _58 */ 0x2053, /* 59 - _58 */ 0x2054, /* 5a - _58 */ 0x2055, /* 5b - _58 */ 0x2056, /* 5c - _58 */ 0x2057, /* 5d - _58 */ 0x2058, /* 5e - _58 */ 0x2059, /* 5f - _58 */ 0x205a, /* 60 - _60 */ 0x205b, /* 61 - _61 */ 0x205c, /* 62 - _62 */ 0x205d, /* 63 - _63 */ 0x205e, /* 64 - */ 0, /* 65 - */ 0, /* 66 - */ 0, /* 67 - */ 0, /* 68 - _68 */ 0x205f, /* 69 - _69 */ 0x4000, /* 6a - _6A */ 0x2060, /* 6b - _6B */ 0x4001, /* 6c - _6C */ 0x2061, /* 6d - _6D */ 0x2062, /* 6e - _6E */ 0x2063, /* 6f - _6F */ 0x2064, /* 70 - _70 */ 0x2065, /* 71 - _71 */ 0x2066, /* 72 - _72 */ 0x2067, /* 73 - _73 */ 0x2068, /* 74 - _74 */ 0x2069, /* 75 - _75 */ 0x206a, /* 76 - _76 */ 0x206b, /* 77 - _77 */ 0x206c, /* 78 - _78 */ 0x206d, /* 79 - _79 */ 0x206e, /* 7a - _7A */ 0x206f, /* 7b - _7B */ 0x2070, /* 7c - _7C */ 0x2071, /* 7d - _7D */ 0x2072, /* 7e - _7E */ 0x2073, /* 7f - _7F */ 0x2074, /* 80 - _80 */ 0x6200, /* 81 - _81 */ 0x6208, /* 82 - _82 */ 0x6210, /* 83 - _83 */ 0x6218, /* 84 - _84 */ 0x2075, /* 85 - _85 */ 0x2076, /* 86 - _86 */ 0x2077, /* 87 - _87 */ 0x2078, /* 88 - _88 */ 0x2079, /* 89 - _89 */ 0x207a, /* 8a - _8A */ 0x207b, /* 8b - _8B */ 0x207c, /* 8c - _8C */ 0x207d, /* 8d - _8D */ 0x207e, /* 8e - _8E */ 0x207f, /* 8f - _8F */ 0x6220, /* 90 - _90 */ 0x2080, /* 91 - _91 */ 0x2081, /* 92 - _92 */ 0x2082, /* 93 - _93 */ 0x2083, /* 94 - _94 */ 0x2084, /* 95 - _95 */ 0x2085, /* 96 - _96 */ 0x2086, /* 97 - _97 */ 0x2087, /* 98 - _98 */ 0x4002, /* 99 - _99 */ 0x4003, /* 9a - _9A */ 0x2088, /* 9b - */ 0, /* 9c - _9C */ 0x2089, /* 9d - _9D */ 0x208a, /* 9e - _9E */ 0x208b, /* 9f - _9F */ 0x208c, /* a0 - _A0 */ 0x208d, /* a1 - _A1 */ 0x208e, /* a2 - _A2 */ 0x208f, /* a3 - _A3 */ 0x2090, /* a4 - _A4 */ 0x2091, /* a5 - _A5 */ 0x2092, /* a6 - _A6 */ 0x2093, /* a7 - _A7 */ 0x2094, /* a8 - _A8 */ 0x2095, /* a9 - _A9 */ 0x2096, /* aa - _AA */ 0x2097, /* ab - _AB */ 0x2098, /* ac - _AC */ 0x2099, /* ad - _AD */ 0x209a, /* ae - _AE */ 0x209b, /* af - _AF */ 0x209c, /* b0 - _B0 */ 0x209d, /* b1 - _B0 */ 0x209e, /* b2 - _B0 */ 0x209f, /* b3 - _B0 */ 0x20a0, /* b4 - _B0 */ 0x20a1, /* b5 - _B0 */ 0x20a2, /* b6 - _B0 */ 0x20a3, /* b7 - _B0 */ 0x20a4, /* b8 - _B8 */ 0x20a5, /* b9 - _B8 */ 0x20a6, /* ba - _B8 */ 0x20a7, /* bb - _B8 */ 0x20a8, /* bc - _B8 */ 0x20a9, /* bd - _B8 */ 0x20aa, /* be - _B8 */ 0x20ab, /* bf - _B8 */ 0x20ac, /* c0 - _C0 */ 0x6228, /* c1 - _C1 */ 0x6230, /* c2 - _C2 */ 0x20ad, /* c3 - _C3 */ 0x20ae, /* c4 - _C4 */ 0x20af, /* c5 - _C5 */ 0x20b0, /* c6 - _C6 */ 0xa238, /* c7 - _C7 */ 0xa280, /* c8 - _C8 */ 0x20b1, /* c9 - _C9 */ 0x20b2, /* ca - _CA */ 0x20b3, /* cb - _CB */ 0x20b4, /* cc - _CC */ 0x20b5, /* cd - _CD */ 0x20b6, /* ce - _CE */ 0x20b7, /* cf - _CF */ 0x20b8, /* d0 - _D0 */ 0x62c8, /* d1 - _D1 */ 0x62d0, /* d2 - _D2 */ 0x62d8, /* d3 - _D3 */ 0x62e0, /* d4 - _D4 */ 0x20b9, /* d5 - _D5 */ 0x20ba, /* d6 - _D6 */ 0x20bb, /* d7 - _D7 */ 0x20bc, /* d8 - _D8 */ 0xa2e8, /* d9 - _D9 */ 0xa330, /* da - _DA */ 0xa378, /* db - _DB */ 0xa3c0, /* dc - _DC */ 0xa408, /* dd - _DD */ 0xa450, /* de - _DE */ 0xa498, /* df - _DF */ 0xa4e0, /* e0 - _E0 */ 0x20bd, /* e1 - _E1 */ 0x20be, /* e2 - _E2 */ 0x20bf, /* e3 - _E3 */ 0x4004, /* e4 - _E4 */ 0x20c0, /* e5 - _E5 */ 0x20c1, /* e6 - _E6 */ 0x20c2, /* e7 - _E7 */ 0x20c3, /* e8 - _E8 */ 0x20c4, /* e9 - _E9 */ 0x20c5, /* ea - _EA */ 0x20c6, /* eb - _EB */ 0x20c7, /* ec - _EC */ 0x20c8, /* ed - _ED */ 0x20c9, /* ee - _EE */ 0x20ca, /* ef - _EF */ 0x20cb, /* f0 - */ 0, /* f1 - _F1 */ 0x20cc, /* f2 - */ 0, /* f3 - */ 0, /* f4 - _F4 */ 0x20cd, /* f5 - _F5 */ 0x20ce, /* f6 - _F6 */ 0x6528, /* f7 - _F7 */ 0x6530, /* f8 - _F8 */ 0x20cf, /* f9 - _F9 */ 0x20d0, /* fa - _FA */ 0x20d1, /* fb - _FB */ 0x20d2, /* fc - _FC */ 0x20d3, /* fd - _FD */ 0x20d4, /* fe - _FE */ 0x6538, /* ff - _FF */ 0x6540, /* 100 - _0F_00 */ 0x6548, /* 101 - _0F_01 */ 0xa550, /* 102 - _0F_02 */ 0x20d5, /* 103 - _0F_03 */ 0x20d6, /* 104 - */ 0, /* 105 - _0F_05 */ 0x20d7, /* 106 - _0F_06 */ 0x20d8, /* 107 - _0F_07 */ 0x20d9, /* 108 - _0F_08 */ 0x20da, /* 109 - _0F_09 */ 0x20db, /* 10a - */ 0, /* 10b - _0F_0B */ 0x20dc, /* 10c - */ 0, /* 10d - _0F_0D */ 0x6598, /* 10e - _0F_0E */ 0x20dd, /* 10f - _0F_0F */ 0x85a0, /* 110 - _0F_10 */ 0xc6a0, /* 111 - _0F_11 */ 0xc6ac, /* 112 - _0F_12 */ 0xc6b8, /* 113 - _0F_13 */ 0xc6c4, /* 114 - _0F_14 */ 0xc6d0, /* 115 - _0F_15 */ 0xc6dc, /* 116 - _0F_16 */ 0xc6e8, /* 117 - _0F_17 */ 0xc6f4, /* 118 - _0F_18 */ 0x6700, /* 119 - */ 0, /* 11a - */ 0, /* 11b - */ 0, /* 11c - */ 0, /* 11d - */ 0, /* 11e - */ 0, /* 11f - _0F_1F */ 0x20de, /* 120 - _0F_20 */ 0x20df, /* 121 - _0F_21 */ 0x20e0, /* 122 - _0F_22 */ 0x20e1, /* 123 - _0F_23 */ 0x20e2, /* 124 - */ 0, /* 125 - */ 0, /* 126 - */ 0, /* 127 - */ 0, /* 128 - _0F_28 */ 0xc708, /* 129 - _0F_29 */ 0xc714, /* 12a - _0F_2A */ 0xc720, /* 12b - _0F_2B */ 0xc72c, /* 12c - _0F_2C */ 0xc738, /* 12d - _0F_2D */ 0xc744, /* 12e - _0F_2E */ 0xc750, /* 12f - _0F_2F */ 0xc75c, /* 130 - _0F_30 */ 0x20e3, /* 131 - _0F_31 */ 0x20e4, /* 132 - _0F_32 */ 0x20e5, /* 133 - _0F_33 */ 0x20e6, /* 134 - _0F_34 */ 0x20e7, /* 135 - _0F_35 */ 0x20e8, /* 136 - */ 0, /* 137 - _0F_37 */ 0x20e9, /* 138 - _0F_38 */ 0x8768, /* 139 - */ 0, /* 13a - _0F_3A */ 0x8868, /* 13b - */ 0, /* 13c - */ 0, /* 13d - */ 0, /* 13e - */ 0, /* 13f - */ 0, /* 140 - _0F_40 */ 0x20ea, /* 141 - _0F_41 */ 0x20eb, /* 142 - _0F_42 */ 0x20ec, /* 143 - _0F_43 */ 0x20ed, /* 144 - _0F_44 */ 0x20ee, /* 145 - _0F_45 */ 0x20ef, /* 146 - _0F_46 */ 0x20f0, /* 147 - _0F_47 */ 0x20f1, /* 148 - _0F_48 */ 0x20f2, /* 149 - _0F_49 */ 0x20f3, /* 14a - _0F_4A */ 0x20f4, /* 14b - _0F_4B */ 0x20f5, /* 14c - _0F_4C */ 0x20f6, /* 14d - _0F_4D */ 0x20f7, /* 14e - _0F_4E */ 0x20f8, /* 14f - _0F_4F */ 0x20f9, /* 150 - _0F_50 */ 0xc968, /* 151 - _0F_51 */ 0xc974, /* 152 - _0F_52 */ 0xc980, /* 153 - _0F_53 */ 0xc98c, /* 154 - _0F_54 */ 0xc998, /* 155 - _0F_55 */ 0xc9a4, /* 156 - _0F_56 */ 0xc9b0, /* 157 - _0F_57 */ 0xc9bc, /* 158 - _0F_58 */ 0xc9c8, /* 159 - _0F_59 */ 0xc9d4, /* 15a - _0F_5A */ 0xc9e0, /* 15b - _0F_5B */ 0xc9ec, /* 15c - _0F_5C */ 0xc9f8, /* 15d - _0F_5D */ 0xca04, /* 15e - _0F_5E */ 0xca10, /* 15f - _0F_5F */ 0xca1c, /* 160 - _0F_60 */ 0xca28, /* 161 - _0F_61 */ 0xca34, /* 162 - _0F_62 */ 0xca40, /* 163 - _0F_63 */ 0xca4c, /* 164 - _0F_64 */ 0xca58, /* 165 - _0F_65 */ 0xca64, /* 166 - _0F_66 */ 0xca70, /* 167 - _0F_67 */ 0xca7c, /* 168 - _0F_68 */ 0xca88, /* 169 - _0F_69 */ 0xca94, /* 16a - _0F_6A */ 0xcaa0, /* 16b - _0F_6B */ 0xcaac, /* 16c - _0F_6C */ 0xcab8, /* 16d - _0F_6D */ 0xcac4, /* 16e - _0F_6E */ 0xcad0, /* 16f - _0F_6F */ 0xcadc, /* 170 - _0F_70 */ 0xcae8, /* 171 - _0F_71 */ 0x6af4, /* 172 - _0F_72 */ 0x6afc, /* 173 - _0F_73 */ 0x6b04, /* 174 - _0F_74 */ 0xcb0c, /* 175 - _0F_75 */ 0xcb18, /* 176 - _0F_76 */ 0xcb24, /* 177 - _0F_77 */ 0xcb30, /* 178 - _0F_78 */ 0xcb3c, /* 179 - _0F_79 */ 0xcb48, /* 17a - _0F_7A */ 0x8b54, /* 17b - */ 0, /* 17c - _0F_7C */ 0xcc54, /* 17d - _0F_7D */ 0xcc60, /* 17e - _0F_7E */ 0xcc6c, /* 17f - _0F_7F */ 0xcc78, /* 180 - _0F_80 */ 0x20fa, /* 181 - _0F_81 */ 0x20fb, /* 182 - _0F_82 */ 0x20fc, /* 183 - _0F_83 */ 0x20fd, /* 184 - _0F_84 */ 0x20fe, /* 185 - _0F_85 */ 0x20ff, /* 186 - _0F_86 */ 0x2100, /* 187 - _0F_87 */ 0x2101, /* 188 - _0F_88 */ 0x2102, /* 189 - _0F_89 */ 0x2103, /* 18a - _0F_8A */ 0x2104, /* 18b - _0F_8B */ 0x2105, /* 18c - _0F_8C */ 0x2106, /* 18d - _0F_8D */ 0x2107, /* 18e - _0F_8E */ 0x2108, /* 18f - _0F_8F */ 0x2109, /* 190 - _0F_90 */ 0x210a, /* 191 - _0F_91 */ 0x210b, /* 192 - _0F_92 */ 0x210c, /* 193 - _0F_93 */ 0x210d, /* 194 - _0F_94 */ 0x210e, /* 195 - _0F_95 */ 0x210f, /* 196 - _0F_96 */ 0x2110, /* 197 - _0F_97 */ 0x2111, /* 198 - _0F_98 */ 0x2112, /* 199 - _0F_99 */ 0x2113, /* 19a - _0F_9A */ 0x2114, /* 19b - _0F_9B */ 0x2115, /* 19c - _0F_9C */ 0x2116, /* 19d - _0F_9D */ 0x2117, /* 19e - _0F_9E */ 0x2118, /* 19f - _0F_9F */ 0x2119, /* 1a0 - _0F_A0 */ 0x211a, /* 1a1 - _0F_A1 */ 0x211b, /* 1a2 - _0F_A2 */ 0x211c, /* 1a3 - _0F_A3 */ 0x211d, /* 1a4 - _0F_A4 */ 0x4005, /* 1a5 - _0F_A5 */ 0x4006, /* 1a6 - */ 0, /* 1a7 - */ 0, /* 1a8 - _0F_A8 */ 0x211e, /* 1a9 - _0F_A9 */ 0x211f, /* 1aa - _0F_AA */ 0x2120, /* 1ab - _0F_AB */ 0x2121, /* 1ac - _0F_AC */ 0x4007, /* 1ad - _0F_AD */ 0x4008, /* 1ae - _0F_AE */ 0x6c84, /* 1af - _0F_AF */ 0x2122, /* 1b0 - _0F_B0 */ 0x2123, /* 1b1 - _0F_B1 */ 0x2124, /* 1b2 - _0F_B2 */ 0x2125, /* 1b3 - _0F_B3 */ 0x2126, /* 1b4 - _0F_B4 */ 0x2127, /* 1b5 - _0F_B5 */ 0x2128, /* 1b6 - _0F_B6 */ 0x2129, /* 1b7 - _0F_B7 */ 0x212a, /* 1b8 - _0F_B8 */ 0xcc8c, /* 1b9 - _0F_B9 */ 0x212b, /* 1ba - _0F_BA */ 0x6c98, /* 1bb - _0F_BB */ 0x212c, /* 1bc - _0F_BC */ 0xcca0, /* 1bd - _0F_BD */ 0xccac, /* 1be - _0F_BE */ 0x212d, /* 1bf - _0F_BF */ 0x212e, /* 1c0 - _0F_C0 */ 0x212f, /* 1c1 - _0F_C1 */ 0x2130, /* 1c2 - _0F_C2 */ 0xccb8, /* 1c3 - _0F_C3 */ 0x2131, /* 1c4 - _0F_C4 */ 0xccc4, /* 1c5 - _0F_C5 */ 0xccd0, /* 1c6 - _0F_C6 */ 0xccdc, /* 1c7 - _0F_C7 */ 0x6ce8, /* 1c8 - _0F_C8 */ 0x2132, /* 1c9 - _0F_C8 */ 0x2133, /* 1ca - _0F_C8 */ 0x2134, /* 1cb - _0F_C8 */ 0x2135, /* 1cc - _0F_C8 */ 0x2136, /* 1cd - _0F_C8 */ 0x2137, /* 1ce - _0F_C8 */ 0x2138, /* 1cf - _0F_C8 */ 0x2139, /* 1d0 - _0F_D0 */ 0xccf0, /* 1d1 - _0F_D1 */ 0xccfc, /* 1d2 - _0F_D2 */ 0xcd08, /* 1d3 - _0F_D3 */ 0xcd14, /* 1d4 - _0F_D4 */ 0xcd20, /* 1d5 - _0F_D5 */ 0xcd2c, /* 1d6 - _0F_D6 */ 0xcd38, /* 1d7 - _0F_D7 */ 0xcd44, /* 1d8 - _0F_D8 */ 0xcd50, /* 1d9 - _0F_D9 */ 0xcd5c, /* 1da - _0F_DA */ 0xcd68, /* 1db - _0F_DB */ 0xcd74, /* 1dc - _0F_DC */ 0xcd80, /* 1dd - _0F_DD */ 0xcd8c, /* 1de - _0F_DE */ 0xcd98, /* 1df - _0F_DF */ 0xcda4, /* 1e0 - _0F_E0 */ 0xcdb0, /* 1e1 - _0F_E1 */ 0xcdbc, /* 1e2 - _0F_E2 */ 0xcdc8, /* 1e3 - _0F_E3 */ 0xcdd4, /* 1e4 - _0F_E4 */ 0xcde0, /* 1e5 - _0F_E5 */ 0xcdec, /* 1e6 - _0F_E6 */ 0xcdf8, /* 1e7 - _0F_E7 */ 0xce04, /* 1e8 - _0F_E8 */ 0xce10, /* 1e9 - _0F_E9 */ 0xce1c, /* 1ea - _0F_EA */ 0xce28, /* 1eb - _0F_EB */ 0xce34, /* 1ec - _0F_EC */ 0xce40, /* 1ed - _0F_ED */ 0xce4c, /* 1ee - _0F_EE */ 0xce58, /* 1ef - _0F_EF */ 0xce64, /* 1f0 - _0F_F0 */ 0xce70, /* 1f1 - _0F_F1 */ 0xce7c, /* 1f2 - _0F_F2 */ 0xce88, /* 1f3 - _0F_F3 */ 0xce94, /* 1f4 - _0F_F4 */ 0xcea0, /* 1f5 - _0F_F5 */ 0xceac, /* 1f6 - _0F_F6 */ 0xceb8, /* 1f7 - _0F_F7 */ 0xcec4, /* 1f8 - _0F_F8 */ 0xced0, /* 1f9 - _0F_F9 */ 0xcedc, /* 1fa - _0F_FA */ 0xcee8, /* 1fb - _0F_FB */ 0xcef4, /* 1fc - _0F_FC */ 0xcf00, /* 1fd - _0F_FD */ 0xcf0c, /* 1fe - _0F_FE */ 0xcf18, /* 1ff - */ 0, /* 200 - _80_00 */ 0x213a, /* 201 - _80_01 */ 0x213b, /* 202 - _80_02 */ 0x213c, /* 203 - _80_03 */ 0x213d, /* 204 - _80_04 */ 0x213e, /* 205 - _80_05 */ 0x213f, /* 206 - _80_06 */ 0x2140, /* 207 - _80_07 */ 0x2141, /* 208 - _81_00 */ 0x2142, /* 209 - _81_01 */ 0x2143, /* 20a - _81_02 */ 0x2144, /* 20b - _81_03 */ 0x2145, /* 20c - _81_04 */ 0x2146, /* 20d - _81_05 */ 0x2147, /* 20e - _81_06 */ 0x2148, /* 20f - _81_07 */ 0x2149, /* 210 - _82_00 */ 0x214a, /* 211 - _82_01 */ 0x214b, /* 212 - _82_02 */ 0x214c, /* 213 - _82_03 */ 0x214d, /* 214 - _82_04 */ 0x214e, /* 215 - _82_05 */ 0x214f, /* 216 - _82_06 */ 0x2150, /* 217 - _82_07 */ 0x2151, /* 218 - _83_00 */ 0x2152, /* 219 - _83_01 */ 0x2153, /* 21a - _83_02 */ 0x2154, /* 21b - _83_03 */ 0x2155, /* 21c - _83_04 */ 0x2156, /* 21d - _83_05 */ 0x2157, /* 21e - _83_06 */ 0x2158, /* 21f - _83_07 */ 0x2159, /* 220 - _8F_00 */ 0x215a, /* 221 - */ 0, /* 222 - */ 0, /* 223 - */ 0, /* 224 - */ 0, /* 225 - */ 0, /* 226 - */ 0, /* 227 - */ 0, /* 228 - _C0_00 */ 0x215b, /* 229 - _C0_01 */ 0x215c, /* 22a - _C0_02 */ 0x215d, /* 22b - _C0_03 */ 0x215e, /* 22c - _C0_04 */ 0x215f, /* 22d - _C0_05 */ 0x2160, /* 22e - _C0_06 */ 0x2161, /* 22f - _C0_07 */ 0x2162, /* 230 - _C1_00 */ 0x2163, /* 231 - _C1_01 */ 0x2164, /* 232 - _C1_02 */ 0x2165, /* 233 - _C1_03 */ 0x2166, /* 234 - _C1_04 */ 0x2167, /* 235 - _C1_05 */ 0x2168, /* 236 - _C1_06 */ 0x2169, /* 237 - _C1_07 */ 0x216a, /* 238 - _C6_00 */ 0x216b, /* 239 - */ 0, /* 23a - */ 0, /* 23b - */ 0, /* 23c - */ 0, /* 23d - */ 0, /* 23e - */ 0, /* 23f - */ 0, /* 240 - */ 0, /* 241 - */ 0, /* 242 - */ 0, /* 243 - */ 0, /* 244 - */ 0, /* 245 - */ 0, /* 246 - */ 0, /* 247 - */ 0, /* 248 - */ 0, /* 249 - */ 0, /* 24a - */ 0, /* 24b - */ 0, /* 24c - */ 0, /* 24d - */ 0, /* 24e - */ 0, /* 24f - */ 0, /* 250 - */ 0, /* 251 - */ 0, /* 252 - */ 0, /* 253 - */ 0, /* 254 - */ 0, /* 255 - */ 0, /* 256 - */ 0, /* 257 - */ 0, /* 258 - */ 0, /* 259 - */ 0, /* 25a - */ 0, /* 25b - */ 0, /* 25c - */ 0, /* 25d - */ 0, /* 25e - */ 0, /* 25f - */ 0, /* 260 - */ 0, /* 261 - */ 0, /* 262 - */ 0, /* 263 - */ 0, /* 264 - */ 0, /* 265 - */ 0, /* 266 - */ 0, /* 267 - */ 0, /* 268 - */ 0, /* 269 - */ 0, /* 26a - */ 0, /* 26b - */ 0, /* 26c - */ 0, /* 26d - */ 0, /* 26e - */ 0, /* 26f - */ 0, /* 270 - */ 0, /* 271 - */ 0, /* 272 - */ 0, /* 273 - */ 0, /* 274 - */ 0, /* 275 - */ 0, /* 276 - */ 0, /* 277 - */ 0, /* 278 - _C6_F8 */ 0x216c, /* 279 - */ 0, /* 27a - */ 0, /* 27b - */ 0, /* 27c - */ 0, /* 27d - */ 0, /* 27e - */ 0, /* 27f - */ 0, /* 280 - _C7_00 */ 0x216d, /* 281 - */ 0, /* 282 - */ 0, /* 283 - */ 0, /* 284 - */ 0, /* 285 - */ 0, /* 286 - */ 0, /* 287 - */ 0, /* 288 - */ 0, /* 289 - */ 0, /* 28a - */ 0, /* 28b - */ 0, /* 28c - */ 0, /* 28d - */ 0, /* 28e - */ 0, /* 28f - */ 0, /* 290 - */ 0, /* 291 - */ 0, /* 292 - */ 0, /* 293 - */ 0, /* 294 - */ 0, /* 295 - */ 0, /* 296 - */ 0, /* 297 - */ 0, /* 298 - */ 0, /* 299 - */ 0, /* 29a - */ 0, /* 29b - */ 0, /* 29c - */ 0, /* 29d - */ 0, /* 29e - */ 0, /* 29f - */ 0, /* 2a0 - */ 0, /* 2a1 - */ 0, /* 2a2 - */ 0, /* 2a3 - */ 0, /* 2a4 - */ 0, /* 2a5 - */ 0, /* 2a6 - */ 0, /* 2a7 - */ 0, /* 2a8 - */ 0, /* 2a9 - */ 0, /* 2aa - */ 0, /* 2ab - */ 0, /* 2ac - */ 0, /* 2ad - */ 0, /* 2ae - */ 0, /* 2af - */ 0, /* 2b0 - */ 0, /* 2b1 - */ 0, /* 2b2 - */ 0, /* 2b3 - */ 0, /* 2b4 - */ 0, /* 2b5 - */ 0, /* 2b6 - */ 0, /* 2b7 - */ 0, /* 2b8 - */ 0, /* 2b9 - */ 0, /* 2ba - */ 0, /* 2bb - */ 0, /* 2bc - */ 0, /* 2bd - */ 0, /* 2be - */ 0, /* 2bf - */ 0, /* 2c0 - _C7_F8 */ 0x216e, /* 2c1 - */ 0, /* 2c2 - */ 0, /* 2c3 - */ 0, /* 2c4 - */ 0, /* 2c5 - */ 0, /* 2c6 - */ 0, /* 2c7 - */ 0, /* 2c8 - _D0_00 */ 0x216f, /* 2c9 - _D0_01 */ 0x2170, /* 2ca - _D0_02 */ 0x2171, /* 2cb - _D0_03 */ 0x2172, /* 2cc - _D0_04 */ 0x2173, /* 2cd - _D0_05 */ 0x2174, /* 2ce - _D0_06 */ 0x2175, /* 2cf - _D0_07 */ 0x2176, /* 2d0 - _D1_00 */ 0x2177, /* 2d1 - _D1_01 */ 0x2178, /* 2d2 - _D1_02 */ 0x2179, /* 2d3 - _D1_03 */ 0x217a, /* 2d4 - _D1_04 */ 0x217b, /* 2d5 - _D1_05 */ 0x217c, /* 2d6 - _D1_06 */ 0x217d, /* 2d7 - _D1_07 */ 0x217e, /* 2d8 - _D2_00 */ 0x217f, /* 2d9 - _D2_01 */ 0x2180, /* 2da - _D2_02 */ 0x2181, /* 2db - _D2_03 */ 0x2182, /* 2dc - _D2_04 */ 0x2183, /* 2dd - _D2_05 */ 0x2184, /* 2de - _D2_06 */ 0x2185, /* 2df - _D2_07 */ 0x2186, /* 2e0 - _D3_00 */ 0x2187, /* 2e1 - _D3_01 */ 0x2188, /* 2e2 - _D3_02 */ 0x2189, /* 2e3 - _D3_03 */ 0x218a, /* 2e4 - _D3_04 */ 0x218b, /* 2e5 - _D3_05 */ 0x218c, /* 2e6 - _D3_06 */ 0x218d, /* 2e7 - _D3_07 */ 0x218e, /* 2e8 - _D8_00 */ 0x218f, /* 2e9 - _D8_01 */ 0x2190, /* 2ea - _D8_02 */ 0x2191, /* 2eb - _D8_03 */ 0x2192, /* 2ec - _D8_04 */ 0x2193, /* 2ed - _D8_05 */ 0x2194, /* 2ee - _D8_06 */ 0x2195, /* 2ef - _D8_07 */ 0x2196, /* 2f0 - _D8_C0 */ 0x2197, /* 2f1 - _D8_C0 */ 0x2198, /* 2f2 - _D8_C0 */ 0x2199, /* 2f3 - _D8_C0 */ 0x219a, /* 2f4 - _D8_C0 */ 0x219b, /* 2f5 - _D8_C0 */ 0x219c, /* 2f6 - _D8_C0 */ 0x219d, /* 2f7 - _D8_C0 */ 0x219e, /* 2f8 - _D8_C8 */ 0x219f, /* 2f9 - _D8_C8 */ 0x21a0, /* 2fa - _D8_C8 */ 0x21a1, /* 2fb - _D8_C8 */ 0x21a2, /* 2fc - _D8_C8 */ 0x21a3, /* 2fd - _D8_C8 */ 0x21a4, /* 2fe - _D8_C8 */ 0x21a5, /* 2ff - _D8_C8 */ 0x21a6, /* 300 - _D8_D0 */ 0x21a7, /* 301 - _D8_D0 */ 0x21a8, /* 302 - _D8_D0 */ 0x21a9, /* 303 - _D8_D0 */ 0x21aa, /* 304 - _D8_D0 */ 0x21ab, /* 305 - _D8_D0 */ 0x21ac, /* 306 - _D8_D0 */ 0x21ad, /* 307 - _D8_D0 */ 0x21ae, /* 308 - _D8_D8 */ 0x21af, /* 309 - _D8_D9 */ 0x21b0, /* 30a - _D8_D8 */ 0x21b1, /* 30b - _D8_D8 */ 0x21b2, /* 30c - _D8_D8 */ 0x21b3, /* 30d - _D8_D8 */ 0x21b4, /* 30e - _D8_D8 */ 0x21b5, /* 30f - _D8_D8 */ 0x21b6, /* 310 - _D8_E0 */ 0x21b7, /* 311 - _D8_E0 */ 0x21b8, /* 312 - _D8_E0 */ 0x21b9, /* 313 - _D8_E0 */ 0x21ba, /* 314 - _D8_E0 */ 0x21bb, /* 315 - _D8_E0 */ 0x21bc, /* 316 - _D8_E0 */ 0x21bd, /* 317 - _D8_E0 */ 0x21be, /* 318 - _D8_E8 */ 0x21bf, /* 319 - _D8_E8 */ 0x21c0, /* 31a - _D8_E8 */ 0x21c1, /* 31b - _D8_E8 */ 0x21c2, /* 31c - _D8_E8 */ 0x21c3, /* 31d - _D8_E8 */ 0x21c4, /* 31e - _D8_E8 */ 0x21c5, /* 31f - _D8_E8 */ 0x21c6, /* 320 - _D8_F0 */ 0x21c7, /* 321 - _D8_F0 */ 0x21c8, /* 322 - _D8_F0 */ 0x21c9, /* 323 - _D8_F0 */ 0x21ca, /* 324 - _D8_F0 */ 0x21cb, /* 325 - _D8_F0 */ 0x21cc, /* 326 - _D8_F0 */ 0x21cd, /* 327 - _D8_F0 */ 0x21ce, /* 328 - _D8_F8 */ 0x21cf, /* 329 - _D8_F8 */ 0x21d0, /* 32a - _D8_F8 */ 0x21d1, /* 32b - _D8_F8 */ 0x21d2, /* 32c - _D8_F8 */ 0x21d3, /* 32d - _D8_F8 */ 0x21d4, /* 32e - _D8_F8 */ 0x21d5, /* 32f - _D8_F8 */ 0x21d6, /* 330 - _D9_00 */ 0x21d7, /* 331 - */ 0, /* 332 - _D9_02 */ 0x21d8, /* 333 - _D9_03 */ 0x21d9, /* 334 - _D9_04 */ 0x21da, /* 335 - _D9_05 */ 0x21db, /* 336 - _D9_06 */ 0xcf24, /* 337 - _D9_07 */ 0xcf30, /* 338 - _D9_C0 */ 0x21dc, /* 339 - _D9_C0 */ 0x21dd, /* 33a - _D9_C0 */ 0x21de, /* 33b - _D9_C0 */ 0x21df, /* 33c - _D9_C0 */ 0x21e0, /* 33d - _D9_C0 */ 0x21e1, /* 33e - _D9_C0 */ 0x21e2, /* 33f - _D9_C0 */ 0x21e3, /* 340 - _D9_C8 */ 0x21e4, /* 341 - _D9_C9 */ 0x21e5, /* 342 - _D9_C8 */ 0x21e6, /* 343 - _D9_C8 */ 0x21e7, /* 344 - _D9_C8 */ 0x21e8, /* 345 - _D9_C8 */ 0x21e9, /* 346 - _D9_C8 */ 0x21ea, /* 347 - _D9_C8 */ 0x21eb, /* 348 - _D9_D0 */ 0x21ec, /* 349 - */ 0, /* 34a - */ 0, /* 34b - */ 0, /* 34c - */ 0, /* 34d - */ 0, /* 34e - */ 0, /* 34f - */ 0, /* 350 - */ 0, /* 351 - */ 0, /* 352 - */ 0, /* 353 - */ 0, /* 354 - */ 0, /* 355 - */ 0, /* 356 - */ 0, /* 357 - */ 0, /* 358 - _D9_E0 */ 0x21ed, /* 359 - _D9_E1 */ 0x21ee, /* 35a - */ 0, /* 35b - */ 0, /* 35c - _D9_E4 */ 0x21ef, /* 35d - _D9_E5 */ 0x21f0, /* 35e - */ 0, /* 35f - */ 0, /* 360 - _D9_E8 */ 0x21f1, /* 361 - _D9_E9 */ 0x21f2, /* 362 - _D9_EA */ 0x21f3, /* 363 - _D9_EB */ 0x21f4, /* 364 - _D9_EC */ 0x21f5, /* 365 - _D9_ED */ 0x21f6, /* 366 - _D9_EE */ 0x21f7, /* 367 - */ 0, /* 368 - _D9_F0 */ 0x21f8, /* 369 - _D9_F1 */ 0x21f9, /* 36a - _D9_F2 */ 0x21fa, /* 36b - _D9_F3 */ 0x21fb, /* 36c - _D9_F4 */ 0x21fc, /* 36d - _D9_F5 */ 0x21fd, /* 36e - _D9_F6 */ 0x21fe, /* 36f - _D9_F7 */ 0x21ff, /* 370 - _D9_F8 */ 0x2200, /* 371 - _D9_F9 */ 0x2201, /* 372 - _D9_FA */ 0x2202, /* 373 - _D9_FB */ 0x2203, /* 374 - _D9_FC */ 0x2204, /* 375 - _D9_FD */ 0x2205, /* 376 - _D9_FE */ 0x2206, /* 377 - _D9_FF */ 0x2207, /* 378 - _DA_00 */ 0x2208, /* 379 - _DA_01 */ 0x2209, /* 37a - _DA_02 */ 0x220a, /* 37b - _DA_03 */ 0x220b, /* 37c - _DA_04 */ 0x220c, /* 37d - _DA_05 */ 0x220d, /* 37e - _DA_06 */ 0x220e, /* 37f - _DA_07 */ 0x220f, /* 380 - _DA_C0 */ 0x2210, /* 381 - _DA_C0 */ 0x2211, /* 382 - _DA_C0 */ 0x2212, /* 383 - _DA_C0 */ 0x2213, /* 384 - _DA_C0 */ 0x2214, /* 385 - _DA_C0 */ 0x2215, /* 386 - _DA_C0 */ 0x2216, /* 387 - _DA_C0 */ 0x2217, /* 388 - _DA_C8 */ 0x2218, /* 389 - _DA_C8 */ 0x2219, /* 38a - _DA_C8 */ 0x221a, /* 38b - _DA_C8 */ 0x221b, /* 38c - _DA_C8 */ 0x221c, /* 38d - _DA_C8 */ 0x221d, /* 38e - _DA_C8 */ 0x221e, /* 38f - _DA_C8 */ 0x221f, /* 390 - _DA_D0 */ 0x2220, /* 391 - _DA_D0 */ 0x2221, /* 392 - _DA_D0 */ 0x2222, /* 393 - _DA_D0 */ 0x2223, /* 394 - _DA_D0 */ 0x2224, /* 395 - _DA_D0 */ 0x2225, /* 396 - _DA_D0 */ 0x2226, /* 397 - _DA_D0 */ 0x2227, /* 398 - _DA_D8 */ 0x2228, /* 399 - _DA_D8 */ 0x2229, /* 39a - _DA_D8 */ 0x222a, /* 39b - _DA_D8 */ 0x222b, /* 39c - _DA_D8 */ 0x222c, /* 39d - _DA_D8 */ 0x222d, /* 39e - _DA_D8 */ 0x222e, /* 39f - _DA_D8 */ 0x222f, /* 3a0 - */ 0, /* 3a1 - */ 0, /* 3a2 - */ 0, /* 3a3 - */ 0, /* 3a4 - */ 0, /* 3a5 - */ 0, /* 3a6 - */ 0, /* 3a7 - */ 0, /* 3a8 - */ 0, /* 3a9 - _DA_E9 */ 0x2230, /* 3aa - */ 0, /* 3ab - */ 0, /* 3ac - */ 0, /* 3ad - */ 0, /* 3ae - */ 0, /* 3af - */ 0, /* 3b0 - */ 0, /* 3b1 - */ 0, /* 3b2 - */ 0, /* 3b3 - */ 0, /* 3b4 - */ 0, /* 3b5 - */ 0, /* 3b6 - */ 0, /* 3b7 - */ 0, /* 3b8 - */ 0, /* 3b9 - */ 0, /* 3ba - */ 0, /* 3bb - */ 0, /* 3bc - */ 0, /* 3bd - */ 0, /* 3be - */ 0, /* 3bf - */ 0, /* 3c0 - _DB_00 */ 0x2231, /* 3c1 - _DB_01 */ 0x2232, /* 3c2 - _DB_02 */ 0x2233, /* 3c3 - _DB_03 */ 0x2234, /* 3c4 - */ 0, /* 3c5 - _DB_05 */ 0x2235, /* 3c6 - */ 0, /* 3c7 - _DB_07 */ 0x2236, /* 3c8 - _DB_C0 */ 0x2237, /* 3c9 - _DB_C0 */ 0x2238, /* 3ca - _DB_C0 */ 0x2239, /* 3cb - _DB_C0 */ 0x223a, /* 3cc - _DB_C0 */ 0x223b, /* 3cd - _DB_C0 */ 0x223c, /* 3ce - _DB_C0 */ 0x223d, /* 3cf - _DB_C0 */ 0x223e, /* 3d0 - _DB_C8 */ 0x223f, /* 3d1 - _DB_C8 */ 0x2240, /* 3d2 - _DB_C8 */ 0x2241, /* 3d3 - _DB_C8 */ 0x2242, /* 3d4 - _DB_C8 */ 0x2243, /* 3d5 - _DB_C8 */ 0x2244, /* 3d6 - _DB_C8 */ 0x2245, /* 3d7 - _DB_C8 */ 0x2246, /* 3d8 - _DB_D0 */ 0x2247, /* 3d9 - _DB_D0 */ 0x2248, /* 3da - _DB_D0 */ 0x2249, /* 3db - _DB_D0 */ 0x224a, /* 3dc - _DB_D0 */ 0x224b, /* 3dd - _DB_D0 */ 0x224c, /* 3de - _DB_D0 */ 0x224d, /* 3df - _DB_D0 */ 0x224e, /* 3e0 - _DB_D8 */ 0x224f, /* 3e1 - _DB_D8 */ 0x2250, /* 3e2 - _DB_D8 */ 0x2251, /* 3e3 - _DB_D8 */ 0x2252, /* 3e4 - _DB_D8 */ 0x2253, /* 3e5 - _DB_D8 */ 0x2254, /* 3e6 - _DB_D8 */ 0x2255, /* 3e7 - _DB_D8 */ 0x2256, /* 3e8 - _DB_E0 */ 0x2257, /* 3e9 - _DB_E1 */ 0x2258, /* 3ea - _DB_E2 */ 0xcf3c, /* 3eb - _DB_E3 */ 0xcf48, /* 3ec - _DB_E4 */ 0x2259, /* 3ed - */ 0, /* 3ee - */ 0, /* 3ef - */ 0, /* 3f0 - _DB_E8 */ 0x225a, /* 3f1 - _DB_E8 */ 0x225b, /* 3f2 - _DB_E8 */ 0x225c, /* 3f3 - _DB_E8 */ 0x225d, /* 3f4 - _DB_E8 */ 0x225e, /* 3f5 - _DB_E8 */ 0x225f, /* 3f6 - _DB_E8 */ 0x2260, /* 3f7 - _DB_E8 */ 0x2261, /* 3f8 - _DB_F0 */ 0x2262, /* 3f9 - _DB_F0 */ 0x2263, /* 3fa - _DB_F0 */ 0x2264, /* 3fb - _DB_F0 */ 0x2265, /* 3fc - _DB_F0 */ 0x2266, /* 3fd - _DB_F0 */ 0x2267, /* 3fe - _DB_F0 */ 0x2268, /* 3ff - _DB_F0 */ 0x2269, /* 400 - */ 0, /* 401 - */ 0, /* 402 - */ 0, /* 403 - */ 0, /* 404 - */ 0, /* 405 - */ 0, /* 406 - */ 0, /* 407 - */ 0, /* 408 - _DC_00 */ 0x226a, /* 409 - _DC_01 */ 0x226b, /* 40a - _DC_02 */ 0x226c, /* 40b - _DC_03 */ 0x226d, /* 40c - _DC_04 */ 0x226e, /* 40d - _DC_05 */ 0x226f, /* 40e - _DC_06 */ 0x2270, /* 40f - _DC_07 */ 0x2271, /* 410 - _DC_C0 */ 0x2272, /* 411 - _DC_C0 */ 0x2273, /* 412 - _DC_C0 */ 0x2274, /* 413 - _DC_C0 */ 0x2275, /* 414 - _DC_C0 */ 0x2276, /* 415 - _DC_C0 */ 0x2277, /* 416 - _DC_C0 */ 0x2278, /* 417 - _DC_C0 */ 0x2279, /* 418 - _DC_C8 */ 0x227a, /* 419 - _DC_C8 */ 0x227b, /* 41a - _DC_C8 */ 0x227c, /* 41b - _DC_C8 */ 0x227d, /* 41c - _DC_C8 */ 0x227e, /* 41d - _DC_C8 */ 0x227f, /* 41e - _DC_C8 */ 0x2280, /* 41f - _DC_C8 */ 0x2281, /* 420 - */ 0, /* 421 - */ 0, /* 422 - */ 0, /* 423 - */ 0, /* 424 - */ 0, /* 425 - */ 0, /* 426 - */ 0, /* 427 - */ 0, /* 428 - */ 0, /* 429 - */ 0, /* 42a - */ 0, /* 42b - */ 0, /* 42c - */ 0, /* 42d - */ 0, /* 42e - */ 0, /* 42f - */ 0, /* 430 - _DC_E0 */ 0x2282, /* 431 - _DC_E0 */ 0x2283, /* 432 - _DC_E0 */ 0x2284, /* 433 - _DC_E0 */ 0x2285, /* 434 - _DC_E0 */ 0x2286, /* 435 - _DC_E0 */ 0x2287, /* 436 - _DC_E0 */ 0x2288, /* 437 - _DC_E0 */ 0x2289, /* 438 - _DC_E8 */ 0x228a, /* 439 - _DC_E8 */ 0x228b, /* 43a - _DC_E8 */ 0x228c, /* 43b - _DC_E8 */ 0x228d, /* 43c - _DC_E8 */ 0x228e, /* 43d - _DC_E8 */ 0x228f, /* 43e - _DC_E8 */ 0x2290, /* 43f - _DC_E8 */ 0x2291, /* 440 - _DC_F0 */ 0x2292, /* 441 - _DC_F0 */ 0x2293, /* 442 - _DC_F0 */ 0x2294, /* 443 - _DC_F0 */ 0x2295, /* 444 - _DC_F0 */ 0x2296, /* 445 - _DC_F0 */ 0x2297, /* 446 - _DC_F0 */ 0x2298, /* 447 - _DC_F0 */ 0x2299, /* 448 - _DC_F8 */ 0x229a, /* 449 - _DC_F8 */ 0x229b, /* 44a - _DC_F8 */ 0x229c, /* 44b - _DC_F8 */ 0x229d, /* 44c - _DC_F8 */ 0x229e, /* 44d - _DC_F8 */ 0x229f, /* 44e - _DC_F8 */ 0x22a0, /* 44f - _DC_F8 */ 0x22a1, /* 450 - _DD_00 */ 0x22a2, /* 451 - _DD_01 */ 0x22a3, /* 452 - _DD_02 */ 0x22a4, /* 453 - _DD_03 */ 0x22a5, /* 454 - _DD_04 */ 0x22a6, /* 455 - */ 0, /* 456 - _DD_06 */ 0xcf54, /* 457 - _DD_07 */ 0xcf60, /* 458 - _DD_C0 */ 0x22a7, /* 459 - _DD_C0 */ 0x22a8, /* 45a - _DD_C0 */ 0x22a9, /* 45b - _DD_C0 */ 0x22aa, /* 45c - _DD_C0 */ 0x22ab, /* 45d - _DD_C0 */ 0x22ac, /* 45e - _DD_C0 */ 0x22ad, /* 45f - _DD_C0 */ 0x22ae, /* 460 - */ 0, /* 461 - */ 0, /* 462 - */ 0, /* 463 - */ 0, /* 464 - */ 0, /* 465 - */ 0, /* 466 - */ 0, /* 467 - */ 0, /* 468 - _DD_D0 */ 0x22af, /* 469 - _DD_D0 */ 0x22b0, /* 46a - _DD_D0 */ 0x22b1, /* 46b - _DD_D0 */ 0x22b2, /* 46c - _DD_D0 */ 0x22b3, /* 46d - _DD_D0 */ 0x22b4, /* 46e - _DD_D0 */ 0x22b5, /* 46f - _DD_D0 */ 0x22b6, /* 470 - _DD_D8 */ 0x22b7, /* 471 - _DD_D8 */ 0x22b8, /* 472 - _DD_D8 */ 0x22b9, /* 473 - _DD_D8 */ 0x22ba, /* 474 - _DD_D8 */ 0x22bb, /* 475 - _DD_D8 */ 0x22bc, /* 476 - _DD_D8 */ 0x22bd, /* 477 - _DD_D8 */ 0x22be, /* 478 - _DD_E0 */ 0x22bf, /* 479 - _DD_E1 */ 0x22c0, /* 47a - _DD_E0 */ 0x22c1, /* 47b - _DD_E0 */ 0x22c2, /* 47c - _DD_E0 */ 0x22c3, /* 47d - _DD_E0 */ 0x22c4, /* 47e - _DD_E0 */ 0x22c5, /* 47f - _DD_E0 */ 0x22c6, /* 480 - _DD_E8 */ 0x22c7, /* 481 - _DD_E9 */ 0x22c8, /* 482 - _DD_E8 */ 0x22c9, /* 483 - _DD_E8 */ 0x22ca, /* 484 - _DD_E8 */ 0x22cb, /* 485 - _DD_E8 */ 0x22cc, /* 486 - _DD_E8 */ 0x22cd, /* 487 - _DD_E8 */ 0x22ce, /* 488 - */ 0, /* 489 - */ 0, /* 48a - */ 0, /* 48b - */ 0, /* 48c - */ 0, /* 48d - */ 0, /* 48e - */ 0, /* 48f - */ 0, /* 490 - */ 0, /* 491 - */ 0, /* 492 - */ 0, /* 493 - */ 0, /* 494 - */ 0, /* 495 - */ 0, /* 496 - */ 0, /* 497 - */ 0, /* 498 - _DE_00 */ 0x22cf, /* 499 - _DE_01 */ 0x22d0, /* 49a - _DE_02 */ 0x22d1, /* 49b - _DE_03 */ 0x22d2, /* 49c - _DE_04 */ 0x22d3, /* 49d - _DE_05 */ 0x22d4, /* 49e - _DE_06 */ 0x22d5, /* 49f - _DE_07 */ 0x22d6, /* 4a0 - _DE_C0 */ 0x22d7, /* 4a1 - _DE_C1 */ 0x22d8, /* 4a2 - _DE_C0 */ 0x22d9, /* 4a3 - _DE_C0 */ 0x22da, /* 4a4 - _DE_C0 */ 0x22db, /* 4a5 - _DE_C0 */ 0x22dc, /* 4a6 - _DE_C0 */ 0x22dd, /* 4a7 - _DE_C0 */ 0x22de, /* 4a8 - _DE_C8 */ 0x22df, /* 4a9 - _DE_C9 */ 0x22e0, /* 4aa - _DE_C8 */ 0x22e1, /* 4ab - _DE_C8 */ 0x22e2, /* 4ac - _DE_C8 */ 0x22e3, /* 4ad - _DE_C8 */ 0x22e4, /* 4ae - _DE_C8 */ 0x22e5, /* 4af - _DE_C8 */ 0x22e6, /* 4b0 - */ 0, /* 4b1 - */ 0, /* 4b2 - */ 0, /* 4b3 - */ 0, /* 4b4 - */ 0, /* 4b5 - */ 0, /* 4b6 - */ 0, /* 4b7 - */ 0, /* 4b8 - */ 0, /* 4b9 - _DE_D9 */ 0x22e7, /* 4ba - */ 0, /* 4bb - */ 0, /* 4bc - */ 0, /* 4bd - */ 0, /* 4be - */ 0, /* 4bf - */ 0, /* 4c0 - _DE_E0 */ 0x22e8, /* 4c1 - _DE_E1 */ 0x22e9, /* 4c2 - _DE_E0 */ 0x22ea, /* 4c3 - _DE_E0 */ 0x22eb, /* 4c4 - _DE_E0 */ 0x22ec, /* 4c5 - _DE_E0 */ 0x22ed, /* 4c6 - _DE_E0 */ 0x22ee, /* 4c7 - _DE_E0 */ 0x22ef, /* 4c8 - _DE_E8 */ 0x22f0, /* 4c9 - _DE_E9 */ 0x22f1, /* 4ca - _DE_E8 */ 0x22f2, /* 4cb - _DE_E8 */ 0x22f3, /* 4cc - _DE_E8 */ 0x22f4, /* 4cd - _DE_E8 */ 0x22f5, /* 4ce - _DE_E8 */ 0x22f6, /* 4cf - _DE_E8 */ 0x22f7, /* 4d0 - _DE_F0 */ 0x22f8, /* 4d1 - _DE_F1 */ 0x22f9, /* 4d2 - _DE_F0 */ 0x22fa, /* 4d3 - _DE_F0 */ 0x22fb, /* 4d4 - _DE_F0 */ 0x22fc, /* 4d5 - _DE_F0 */ 0x22fd, /* 4d6 - _DE_F0 */ 0x22fe, /* 4d7 - _DE_F0 */ 0x22ff, /* 4d8 - _DE_F8 */ 0x2300, /* 4d9 - _DE_F9 */ 0x2301, /* 4da - _DE_F8 */ 0x2302, /* 4db - _DE_F8 */ 0x2303, /* 4dc - _DE_F8 */ 0x2304, /* 4dd - _DE_F8 */ 0x2305, /* 4de - _DE_F8 */ 0x2306, /* 4df - _DE_F8 */ 0x2307, /* 4e0 - _DF_00 */ 0x2308, /* 4e1 - _DF_01 */ 0x2309, /* 4e2 - _DF_02 */ 0x230a, /* 4e3 - _DF_03 */ 0x230b, /* 4e4 - _DF_04 */ 0x230c, /* 4e5 - _DF_05 */ 0x230d, /* 4e6 - _DF_06 */ 0x230e, /* 4e7 - _DF_07 */ 0x230f, /* 4e8 - */ 0, /* 4e9 - */ 0, /* 4ea - */ 0, /* 4eb - */ 0, /* 4ec - */ 0, /* 4ed - */ 0, /* 4ee - */ 0, /* 4ef - */ 0, /* 4f0 - */ 0, /* 4f1 - */ 0, /* 4f2 - */ 0, /* 4f3 - */ 0, /* 4f4 - */ 0, /* 4f5 - */ 0, /* 4f6 - */ 0, /* 4f7 - */ 0, /* 4f8 - */ 0, /* 4f9 - */ 0, /* 4fa - */ 0, /* 4fb - */ 0, /* 4fc - */ 0, /* 4fd - */ 0, /* 4fe - */ 0, /* 4ff - */ 0, /* 500 - */ 0, /* 501 - */ 0, /* 502 - */ 0, /* 503 - */ 0, /* 504 - */ 0, /* 505 - */ 0, /* 506 - */ 0, /* 507 - */ 0, /* 508 - _DF_E0 */ 0xcf6c, /* 509 - */ 0, /* 50a - */ 0, /* 50b - */ 0, /* 50c - */ 0, /* 50d - */ 0, /* 50e - */ 0, /* 50f - */ 0, /* 510 - _DF_E8 */ 0x2310, /* 511 - _DF_E8 */ 0x2311, /* 512 - _DF_E8 */ 0x2312, /* 513 - _DF_E8 */ 0x2313, /* 514 - _DF_E8 */ 0x2314, /* 515 - _DF_E8 */ 0x2315, /* 516 - _DF_E8 */ 0x2316, /* 517 - _DF_E8 */ 0x2317, /* 518 - _DF_F0 */ 0x2318, /* 519 - _DF_F0 */ 0x2319, /* 51a - _DF_F0 */ 0x231a, /* 51b - _DF_F0 */ 0x231b, /* 51c - _DF_F0 */ 0x231c, /* 51d - _DF_F0 */ 0x231d, /* 51e - _DF_F0 */ 0x231e, /* 51f - _DF_F0 */ 0x231f, /* 520 - */ 0, /* 521 - */ 0, /* 522 - */ 0, /* 523 - */ 0, /* 524 - */ 0, /* 525 - */ 0, /* 526 - */ 0, /* 527 - */ 0, /* 528 - _F6_00 */ 0x2320, /* 529 - */ 0, /* 52a - _F6_02 */ 0x2321, /* 52b - _F6_03 */ 0x2322, /* 52c - _F6_04 */ 0x2323, /* 52d - _F6_05 */ 0x2324, /* 52e - _F6_06 */ 0x2325, /* 52f - _F6_07 */ 0x2326, /* 530 - _F7_00 */ 0x2327, /* 531 - */ 0, /* 532 - _F7_02 */ 0x2328, /* 533 - _F7_03 */ 0x2329, /* 534 - _F7_04 */ 0x232a, /* 535 - _F7_05 */ 0x232b, /* 536 - _F7_06 */ 0x232c, /* 537 - _F7_07 */ 0x232d, /* 538 - _FE_00 */ 0x232e, /* 539 - _FE_01 */ 0x232f, /* 53a - */ 0, /* 53b - */ 0, /* 53c - */ 0, /* 53d - */ 0, /* 53e - */ 0, /* 53f - */ 0, /* 540 - _FF_00 */ 0x2330, /* 541 - _FF_01 */ 0x2331, /* 542 - _FF_02 */ 0x2332, /* 543 - _FF_03 */ 0x2333, /* 544 - _FF_04 */ 0x2334, /* 545 - _FF_05 */ 0x2335, /* 546 - _FF_06 */ 0x2336, /* 547 - */ 0, /* 548 - _0F_00_00 */ 0x2337, /* 549 - _0F_00_01 */ 0x2338, /* 54a - _0F_00_02 */ 0x2339, /* 54b - _0F_00_03 */ 0x233a, /* 54c - _0F_00_04 */ 0x233b, /* 54d - _0F_00_05 */ 0x233c, /* 54e - */ 0, /* 54f - */ 0, /* 550 - _0F_01_00 */ 0x233d, /* 551 - _0F_01_01 */ 0x233e, /* 552 - _0F_01_02 */ 0x233f, /* 553 - _0F_01_03 */ 0x2340, /* 554 - _0F_01_04 */ 0x2341, /* 555 - */ 0, /* 556 - _0F_01_06 */ 0x2342, /* 557 - _0F_01_07 */ 0x2343, /* 558 - */ 0, /* 559 - _0F_01_C1 */ 0x2344, /* 55a - _0F_01_C2 */ 0x2345, /* 55b - _0F_01_C3 */ 0x2346, /* 55c - _0F_01_C4 */ 0x2347, /* 55d - */ 0, /* 55e - */ 0, /* 55f - */ 0, /* 560 - _0F_01_C8 */ 0x2348, /* 561 - _0F_01_C9 */ 0x2349, /* 562 - */ 0, /* 563 - */ 0, /* 564 - */ 0, /* 565 - */ 0, /* 566 - */ 0, /* 567 - */ 0, /* 568 - _0F_01_D0 */ 0x234a, /* 569 - _0F_01_D1 */ 0x234b, /* 56a - */ 0, /* 56b - */ 0, /* 56c - _0F_01_D4 */ 0x234c, /* 56d - _0F_01_D5 */ 0x234d, /* 56e - */ 0, /* 56f - */ 0, /* 570 - _0F_01_D8 */ 0x234e, /* 571 - _0F_01_D9 */ 0x234f, /* 572 - _0F_01_DA */ 0x2350, /* 573 - _0F_01_DB */ 0x2351, /* 574 - _0F_01_DC */ 0x2352, /* 575 - _0F_01_DD */ 0x2353, /* 576 - _0F_01_DE */ 0x2354, /* 577 - _0F_01_DF */ 0x2355, /* 578 - */ 0, /* 579 - */ 0, /* 57a - */ 0, /* 57b - */ 0, /* 57c - */ 0, /* 57d - */ 0, /* 57e - */ 0, /* 57f - */ 0, /* 580 - */ 0, /* 581 - */ 0, /* 582 - */ 0, /* 583 - */ 0, /* 584 - */ 0, /* 585 - */ 0, /* 586 - */ 0, /* 587 - */ 0, /* 588 - */ 0, /* 589 - */ 0, /* 58a - */ 0, /* 58b - */ 0, /* 58c - */ 0, /* 58d - */ 0, /* 58e - */ 0, /* 58f - */ 0, /* 590 - _0F_01_F8 */ 0x2356, /* 591 - _0F_01_F9 */ 0x2357, /* 592 - */ 0, /* 593 - */ 0, /* 594 - */ 0, /* 595 - */ 0, /* 596 - */ 0, /* 597 - */ 0, /* 598 - _0F_0D_00 */ 0x2358, /* 599 - _0F_0D_01 */ 0x2359, /* 59a - */ 0, /* 59b - */ 0, /* 59c - */ 0, /* 59d - */ 0, /* 59e - */ 0, /* 59f - */ 0, /* 5a0 - */ 0, /* 5a1 - */ 0, /* 5a2 - */ 0, /* 5a3 - */ 0, /* 5a4 - */ 0, /* 5a5 - */ 0, /* 5a6 - */ 0, /* 5a7 - */ 0, /* 5a8 - */ 0, /* 5a9 - */ 0, /* 5aa - */ 0, /* 5ab - */ 0, /* 5ac - _0F_0F_0C */ 0x235a, /* 5ad - _0F_0F_0D */ 0x235b, /* 5ae - */ 0, /* 5af - */ 0, /* 5b0 - */ 0, /* 5b1 - */ 0, /* 5b2 - */ 0, /* 5b3 - */ 0, /* 5b4 - */ 0, /* 5b5 - */ 0, /* 5b6 - */ 0, /* 5b7 - */ 0, /* 5b8 - */ 0, /* 5b9 - */ 0, /* 5ba - */ 0, /* 5bb - */ 0, /* 5bc - _0F_0F_1C */ 0x235c, /* 5bd - _0F_0F_1D */ 0x235d, /* 5be - */ 0, /* 5bf - */ 0, /* 5c0 - */ 0, /* 5c1 - */ 0, /* 5c2 - */ 0, /* 5c3 - */ 0, /* 5c4 - */ 0, /* 5c5 - */ 0, /* 5c6 - */ 0, /* 5c7 - */ 0, /* 5c8 - */ 0, /* 5c9 - */ 0, /* 5ca - */ 0, /* 5cb - */ 0, /* 5cc - */ 0, /* 5cd - */ 0, /* 5ce - */ 0, /* 5cf - */ 0, /* 5d0 - */ 0, /* 5d1 - */ 0, /* 5d2 - */ 0, /* 5d3 - */ 0, /* 5d4 - */ 0, /* 5d5 - */ 0, /* 5d6 - */ 0, /* 5d7 - */ 0, /* 5d8 - */ 0, /* 5d9 - */ 0, /* 5da - */ 0, /* 5db - */ 0, /* 5dc - */ 0, /* 5dd - */ 0, /* 5de - */ 0, /* 5df - */ 0, /* 5e0 - */ 0, /* 5e1 - */ 0, /* 5e2 - */ 0, /* 5e3 - */ 0, /* 5e4 - */ 0, /* 5e5 - */ 0, /* 5e6 - */ 0, /* 5e7 - */ 0, /* 5e8 - */ 0, /* 5e9 - */ 0, /* 5ea - */ 0, /* 5eb - */ 0, /* 5ec - */ 0, /* 5ed - */ 0, /* 5ee - */ 0, /* 5ef - */ 0, /* 5f0 - */ 0, /* 5f1 - */ 0, /* 5f2 - */ 0, /* 5f3 - */ 0, /* 5f4 - */ 0, /* 5f5 - */ 0, /* 5f6 - */ 0, /* 5f7 - */ 0, /* 5f8 - */ 0, /* 5f9 - */ 0, /* 5fa - */ 0, /* 5fb - */ 0, /* 5fc - */ 0, /* 5fd - */ 0, /* 5fe - */ 0, /* 5ff - */ 0, /* 600 - */ 0, /* 601 - */ 0, /* 602 - */ 0, /* 603 - */ 0, /* 604 - */ 0, /* 605 - */ 0, /* 606 - */ 0, /* 607 - */ 0, /* 608 - */ 0, /* 609 - */ 0, /* 60a - */ 0, /* 60b - */ 0, /* 60c - */ 0, /* 60d - */ 0, /* 60e - */ 0, /* 60f - */ 0, /* 610 - */ 0, /* 611 - */ 0, /* 612 - */ 0, /* 613 - */ 0, /* 614 - */ 0, /* 615 - */ 0, /* 616 - */ 0, /* 617 - */ 0, /* 618 - */ 0, /* 619 - */ 0, /* 61a - */ 0, /* 61b - */ 0, /* 61c - */ 0, /* 61d - */ 0, /* 61e - */ 0, /* 61f - */ 0, /* 620 - */ 0, /* 621 - */ 0, /* 622 - */ 0, /* 623 - */ 0, /* 624 - */ 0, /* 625 - */ 0, /* 626 - */ 0, /* 627 - */ 0, /* 628 - */ 0, /* 629 - */ 0, /* 62a - _0F_0F_8A */ 0x235e, /* 62b - */ 0, /* 62c - */ 0, /* 62d - */ 0, /* 62e - _0F_0F_8E */ 0x235f, /* 62f - */ 0, /* 630 - _0F_0F_90 */ 0x2360, /* 631 - */ 0, /* 632 - */ 0, /* 633 - */ 0, /* 634 - _0F_0F_94 */ 0x2361, /* 635 - */ 0, /* 636 - _0F_0F_96 */ 0x2362, /* 637 - _0F_0F_97 */ 0x2363, /* 638 - */ 0, /* 639 - */ 0, /* 63a - _0F_0F_9A */ 0x2364, /* 63b - */ 0, /* 63c - */ 0, /* 63d - */ 0, /* 63e - _0F_0F_9E */ 0x2365, /* 63f - */ 0, /* 640 - _0F_0F_A0 */ 0x2366, /* 641 - */ 0, /* 642 - */ 0, /* 643 - */ 0, /* 644 - _0F_0F_A4 */ 0x2367, /* 645 - */ 0, /* 646 - _0F_0F_A6 */ 0x2368, /* 647 - _0F_0F_A7 */ 0x2369, /* 648 - */ 0, /* 649 - */ 0, /* 64a - _0F_0F_AA */ 0x236a, /* 64b - */ 0, /* 64c - */ 0, /* 64d - */ 0, /* 64e - _0F_0F_AE */ 0x236b, /* 64f - */ 0, /* 650 - _0F_0F_B0 */ 0x236c, /* 651 - */ 0, /* 652 - */ 0, /* 653 - */ 0, /* 654 - _0F_0F_B4 */ 0x236d, /* 655 - */ 0, /* 656 - _0F_0F_B6 */ 0x236e, /* 657 - _0F_0F_B7 */ 0x236f, /* 658 - */ 0, /* 659 - */ 0, /* 65a - */ 0, /* 65b - _0F_0F_BB */ 0x2370, /* 65c - */ 0, /* 65d - */ 0, /* 65e - */ 0, /* 65f - _0F_0F_BF */ 0x2371, /* 660 - */ 0, /* 661 - */ 0, /* 662 - */ 0, /* 663 - */ 0, /* 664 - */ 0, /* 665 - */ 0, /* 666 - */ 0, /* 667 - */ 0, /* 668 - */ 0, /* 669 - */ 0, /* 66a - */ 0, /* 66b - */ 0, /* 66c - */ 0, /* 66d - */ 0, /* 66e - */ 0, /* 66f - */ 0, /* 670 - */ 0, /* 671 - */ 0, /* 672 - */ 0, /* 673 - */ 0, /* 674 - */ 0, /* 675 - */ 0, /* 676 - */ 0, /* 677 - */ 0, /* 678 - */ 0, /* 679 - */ 0, /* 67a - */ 0, /* 67b - */ 0, /* 67c - */ 0, /* 67d - */ 0, /* 67e - */ 0, /* 67f - */ 0, /* 680 - */ 0, /* 681 - */ 0, /* 682 - */ 0, /* 683 - */ 0, /* 684 - */ 0, /* 685 - */ 0, /* 686 - */ 0, /* 687 - */ 0, /* 688 - */ 0, /* 689 - */ 0, /* 68a - */ 0, /* 68b - */ 0, /* 68c - */ 0, /* 68d - */ 0, /* 68e - */ 0, /* 68f - */ 0, /* 690 - */ 0, /* 691 - */ 0, /* 692 - */ 0, /* 693 - */ 0, /* 694 - */ 0, /* 695 - */ 0, /* 696 - */ 0, /* 697 - */ 0, /* 698 - */ 0, /* 699 - */ 0, /* 69a - */ 0, /* 69b - */ 0, /* 69c - */ 0, /* 69d - */ 0, /* 69e - */ 0, /* 69f - */ 0, /* 6a0 - _0F_10 */ 0x2372, /* 6a1 - _66_0F_10 */ 0x2373, /* 6a2 - _F3_0F_10 */ 0x2374, /* 6a3 - _F2_0F_10 */ 0x2375, /* 6a4 - _V_0F_10 */ 0x4009, /* 6a5 - _V_66_0F_10 */ 0x400a, /* 6a6 - _V_F3_0F_10 */ 0x400b, /* 6a7 - _V_F2_0F_10 */ 0x400c, /* 6a8 - */ 0, /* 6a9 - */ 0, /* 6aa - _VRR_F3_0F_10 */ 0x400d, /* 6ab - _VRR_F2_0F_10 */ 0x400e, /* 6ac - _0F_11 */ 0x2376, /* 6ad - _66_0F_11 */ 0x2377, /* 6ae - _F3_0F_11 */ 0x2378, /* 6af - _F2_0F_11 */ 0x2379, /* 6b0 - _V_0F_11 */ 0x400f, /* 6b1 - _V_66_0F_11 */ 0x4010, /* 6b2 - _V_F3_0F_11 */ 0x4011, /* 6b3 - _V_F2_0F_11 */ 0x4012, /* 6b4 - */ 0, /* 6b5 - */ 0, /* 6b6 - _VRR_F3_0F_11 */ 0x4013, /* 6b7 - _VRR_F2_0F_11 */ 0x4014, /* 6b8 - _0F_12 */ 0x4015, /* 6b9 - _66_0F_12 */ 0x237a, /* 6ba - _F3_0F_12 */ 0x237b, /* 6bb - _F2_0F_12 */ 0x237c, /* 6bc - _V_0F_12 */ 0x4016, /* 6bd - _V_66_0F_12 */ 0x4017, /* 6be - _V_F3_0F_12 */ 0x4018, /* 6bf - _V_F2_0F_12 */ 0x4019, /* 6c0 - */ 0, /* 6c1 - */ 0, /* 6c2 - */ 0, /* 6c3 - */ 0, /* 6c4 - _0F_13 */ 0x237d, /* 6c5 - _66_0F_13 */ 0x237e, /* 6c6 - */ 0, /* 6c7 - */ 0, /* 6c8 - _V_0F_13 */ 0x401a, /* 6c9 - _V_66_0F_13 */ 0x401b, /* 6ca - */ 0, /* 6cb - */ 0, /* 6cc - */ 0, /* 6cd - */ 0, /* 6ce - */ 0, /* 6cf - */ 0, /* 6d0 - _0F_14 */ 0x237f, /* 6d1 - _66_0F_14 */ 0x2380, /* 6d2 - */ 0, /* 6d3 - */ 0, /* 6d4 - _V_0F_14 */ 0x401c, /* 6d5 - _V_66_0F_14 */ 0x401d, /* 6d6 - */ 0, /* 6d7 - */ 0, /* 6d8 - */ 0, /* 6d9 - */ 0, /* 6da - */ 0, /* 6db - */ 0, /* 6dc - _0F_15 */ 0x2381, /* 6dd - _66_0F_15 */ 0x2382, /* 6de - */ 0, /* 6df - */ 0, /* 6e0 - _V_0F_15 */ 0x401e, /* 6e1 - _V_66_0F_15 */ 0x401f, /* 6e2 - */ 0, /* 6e3 - */ 0, /* 6e4 - */ 0, /* 6e5 - */ 0, /* 6e6 - */ 0, /* 6e7 - */ 0, /* 6e8 - _0F_16 */ 0x4020, /* 6e9 - _66_0F_16 */ 0x2383, /* 6ea - _F3_0F_16 */ 0x2384, /* 6eb - */ 0, /* 6ec - _V_0F_16 */ 0x4021, /* 6ed - _V_66_0F_16 */ 0x4022, /* 6ee - _V_F3_0F_16 */ 0x4023, /* 6ef - */ 0, /* 6f0 - */ 0, /* 6f1 - */ 0, /* 6f2 - */ 0, /* 6f3 - */ 0, /* 6f4 - _0F_17 */ 0x2385, /* 6f5 - _66_0F_17 */ 0x2386, /* 6f6 - */ 0, /* 6f7 - */ 0, /* 6f8 - _V_0F_17 */ 0x4024, /* 6f9 - _V_66_0F_17 */ 0x4025, /* 6fa - */ 0, /* 6fb - */ 0, /* 6fc - */ 0, /* 6fd - */ 0, /* 6fe - */ 0, /* 6ff - */ 0, /* 700 - _0F_18_00 */ 0x2387, /* 701 - _0F_18_01 */ 0x2388, /* 702 - _0F_18_02 */ 0x2389, /* 703 - _0F_18_03 */ 0x238a, /* 704 - */ 0, /* 705 - */ 0, /* 706 - */ 0, /* 707 - */ 0, /* 708 - _0F_28 */ 0x238b, /* 709 - _66_0F_28 */ 0x238c, /* 70a - */ 0, /* 70b - */ 0, /* 70c - _V_0F_28 */ 0x4026, /* 70d - _V_66_0F_28 */ 0x4027, /* 70e - */ 0, /* 70f - */ 0, /* 710 - */ 0, /* 711 - */ 0, /* 712 - */ 0, /* 713 - */ 0, /* 714 - _0F_29 */ 0x238d, /* 715 - _66_0F_29 */ 0x238e, /* 716 - */ 0, /* 717 - */ 0, /* 718 - _V_0F_29 */ 0x4028, /* 719 - _V_66_0F_29 */ 0x4029, /* 71a - */ 0, /* 71b - */ 0, /* 71c - */ 0, /* 71d - */ 0, /* 71e - */ 0, /* 71f - */ 0, /* 720 - _0F_2A */ 0x238f, /* 721 - _66_0F_2A */ 0x2390, /* 722 - _F3_0F_2A */ 0x2391, /* 723 - _F2_0F_2A */ 0x2392, /* 724 - */ 0, /* 725 - */ 0, /* 726 - _V_F3_0F_2A */ 0x402a, /* 727 - _V_F2_0F_2A */ 0x402b, /* 728 - */ 0, /* 729 - */ 0, /* 72a - */ 0, /* 72b - */ 0, /* 72c - _0F_2B */ 0x2393, /* 72d - _66_0F_2B */ 0x2394, /* 72e - _F3_0F_2B */ 0x2395, /* 72f - _F2_0F_2B */ 0x2396, /* 730 - _V_0F_2B */ 0x402c, /* 731 - _V_66_0F_2B */ 0x402d, /* 732 - */ 0, /* 733 - */ 0, /* 734 - */ 0, /* 735 - */ 0, /* 736 - */ 0, /* 737 - */ 0, /* 738 - _0F_2C */ 0x2397, /* 739 - _66_0F_2C */ 0x2398, /* 73a - _F3_0F_2C */ 0x2399, /* 73b - _F2_0F_2C */ 0x239a, /* 73c - */ 0, /* 73d - */ 0, /* 73e - _V_F3_0F_2C */ 0x402e, /* 73f - _V_F2_0F_2C */ 0x402f, /* 740 - */ 0, /* 741 - */ 0, /* 742 - */ 0, /* 743 - */ 0, /* 744 - _0F_2D */ 0x239b, /* 745 - _66_0F_2D */ 0x239c, /* 746 - _F3_0F_2D */ 0x239d, /* 747 - _F2_0F_2D */ 0x239e, /* 748 - */ 0, /* 749 - */ 0, /* 74a - _V_F3_0F_2D */ 0x4030, /* 74b - _V_F2_0F_2D */ 0x4031, /* 74c - */ 0, /* 74d - */ 0, /* 74e - */ 0, /* 74f - */ 0, /* 750 - _0F_2E */ 0x239f, /* 751 - _66_0F_2E */ 0x23a0, /* 752 - */ 0, /* 753 - */ 0, /* 754 - _V_0F_2E */ 0x4032, /* 755 - _V_66_0F_2E */ 0x4033, /* 756 - */ 0, /* 757 - */ 0, /* 758 - */ 0, /* 759 - */ 0, /* 75a - */ 0, /* 75b - */ 0, /* 75c - _0F_2F */ 0x23a1, /* 75d - _66_0F_2F */ 0x23a2, /* 75e - */ 0, /* 75f - */ 0, /* 760 - _V_0F_2F */ 0x4034, /* 761 - _V_66_0F_2F */ 0x4035, /* 762 - */ 0, /* 763 - */ 0, /* 764 - */ 0, /* 765 - */ 0, /* 766 - */ 0, /* 767 - */ 0, /* 768 - _0F_38_00 */ 0xcf78, /* 769 - _0F_38_01 */ 0xcf84, /* 76a - _0F_38_02 */ 0xcf90, /* 76b - _0F_38_03 */ 0xcf9c, /* 76c - _0F_38_04 */ 0xcfa8, /* 76d - _0F_38_05 */ 0xcfb4, /* 76e - _0F_38_06 */ 0xcfc0, /* 76f - _0F_38_07 */ 0xcfcc, /* 770 - _0F_38_08 */ 0xcfd8, /* 771 - _0F_38_09 */ 0xcfe4, /* 772 - _0F_38_0A */ 0xcff0, /* 773 - _0F_38_0B */ 0xcffc, /* 774 - _0F_38_0C */ 0xd008, /* 775 - _0F_38_0D */ 0xd014, /* 776 - _0F_38_0E */ 0xd020, /* 777 - _0F_38_0F */ 0xd02c, /* 778 - _0F_38_10 */ 0xd038, /* 779 - */ 0, /* 77a - */ 0, /* 77b - */ 0, /* 77c - _0F_38_14 */ 0xd044, /* 77d - _0F_38_15 */ 0xd050, /* 77e - */ 0, /* 77f - _0F_38_17 */ 0xd05c, /* 780 - _0F_38_18 */ 0xd068, /* 781 - _0F_38_19 */ 0xd074, /* 782 - _0F_38_1A */ 0xd080, /* 783 - */ 0, /* 784 - _0F_38_1C */ 0xd08c, /* 785 - _0F_38_1D */ 0xd098, /* 786 - _0F_38_1E */ 0xd0a4, /* 787 - */ 0, /* 788 - _0F_38_20 */ 0xd0b0, /* 789 - _0F_38_21 */ 0xd0bc, /* 78a - _0F_38_22 */ 0xd0c8, /* 78b - _0F_38_23 */ 0xd0d4, /* 78c - _0F_38_24 */ 0xd0e0, /* 78d - _0F_38_25 */ 0xd0ec, /* 78e - */ 0, /* 78f - */ 0, /* 790 - _0F_38_28 */ 0xd0f8, /* 791 - _0F_38_29 */ 0xd104, /* 792 - _0F_38_2A */ 0xd110, /* 793 - _0F_38_2B */ 0xd11c, /* 794 - _0F_38_2C */ 0xd128, /* 795 - _0F_38_2D */ 0xd134, /* 796 - _0F_38_2E */ 0xd140, /* 797 - _0F_38_2F */ 0xd14c, /* 798 - _0F_38_30 */ 0xd158, /* 799 - _0F_38_31 */ 0xd164, /* 79a - _0F_38_32 */ 0xd170, /* 79b - _0F_38_33 */ 0xd17c, /* 79c - _0F_38_34 */ 0xd188, /* 79d - _0F_38_35 */ 0xd194, /* 79e - */ 0, /* 79f - _0F_38_37 */ 0xd1a0, /* 7a0 - _0F_38_38 */ 0xd1ac, /* 7a1 - _0F_38_39 */ 0xd1b8, /* 7a2 - _0F_38_3A */ 0xd1c4, /* 7a3 - _0F_38_3B */ 0xd1d0, /* 7a4 - _0F_38_3C */ 0xd1dc, /* 7a5 - _0F_38_3D */ 0xd1e8, /* 7a6 - _0F_38_3E */ 0xd1f4, /* 7a7 - _0F_38_3F */ 0xd200, /* 7a8 - _0F_38_40 */ 0xd20c, /* 7a9 - _0F_38_41 */ 0xd218, /* 7aa - */ 0, /* 7ab - */ 0, /* 7ac - */ 0, /* 7ad - */ 0, /* 7ae - */ 0, /* 7af - */ 0, /* 7b0 - */ 0, /* 7b1 - */ 0, /* 7b2 - */ 0, /* 7b3 - */ 0, /* 7b4 - */ 0, /* 7b5 - */ 0, /* 7b6 - */ 0, /* 7b7 - */ 0, /* 7b8 - */ 0, /* 7b9 - */ 0, /* 7ba - */ 0, /* 7bb - */ 0, /* 7bc - */ 0, /* 7bd - */ 0, /* 7be - */ 0, /* 7bf - */ 0, /* 7c0 - */ 0, /* 7c1 - */ 0, /* 7c2 - */ 0, /* 7c3 - */ 0, /* 7c4 - */ 0, /* 7c5 - */ 0, /* 7c6 - */ 0, /* 7c7 - */ 0, /* 7c8 - */ 0, /* 7c9 - */ 0, /* 7ca - */ 0, /* 7cb - */ 0, /* 7cc - */ 0, /* 7cd - */ 0, /* 7ce - */ 0, /* 7cf - */ 0, /* 7d0 - */ 0, /* 7d1 - */ 0, /* 7d2 - */ 0, /* 7d3 - */ 0, /* 7d4 - */ 0, /* 7d5 - */ 0, /* 7d6 - */ 0, /* 7d7 - */ 0, /* 7d8 - */ 0, /* 7d9 - */ 0, /* 7da - */ 0, /* 7db - */ 0, /* 7dc - */ 0, /* 7dd - */ 0, /* 7de - */ 0, /* 7df - */ 0, /* 7e0 - */ 0, /* 7e1 - */ 0, /* 7e2 - */ 0, /* 7e3 - */ 0, /* 7e4 - */ 0, /* 7e5 - */ 0, /* 7e6 - */ 0, /* 7e7 - */ 0, /* 7e8 - _0F_38_80 */ 0xd224, /* 7e9 - _0F_38_81 */ 0xd230, /* 7ea - _0F_38_82 */ 0xd23c, /* 7eb - */ 0, /* 7ec - */ 0, /* 7ed - */ 0, /* 7ee - */ 0, /* 7ef - */ 0, /* 7f0 - */ 0, /* 7f1 - */ 0, /* 7f2 - */ 0, /* 7f3 - */ 0, /* 7f4 - */ 0, /* 7f5 - */ 0, /* 7f6 - */ 0, /* 7f7 - */ 0, /* 7f8 - */ 0, /* 7f9 - */ 0, /* 7fa - */ 0, /* 7fb - */ 0, /* 7fc - */ 0, /* 7fd - */ 0, /* 7fe - _0F_38_96 */ 0xd248, /* 7ff - _0F_38_97 */ 0xd254, /* 800 - _0F_38_98 */ 0xd260, /* 801 - _0F_38_99 */ 0xd26c, /* 802 - _0F_38_9A */ 0xd278, /* 803 - _0F_38_9B */ 0xd284, /* 804 - _0F_38_9C */ 0xd290, /* 805 - _0F_38_9D */ 0xd29c, /* 806 - _0F_38_9E */ 0xd2a8, /* 807 - _0F_38_9F */ 0xd2b4, /* 808 - */ 0, /* 809 - */ 0, /* 80a - */ 0, /* 80b - */ 0, /* 80c - */ 0, /* 80d - */ 0, /* 80e - _0F_38_A6 */ 0xd2c0, /* 80f - _0F_38_A7 */ 0xd2cc, /* 810 - _0F_38_A8 */ 0xd2d8, /* 811 - _0F_38_A9 */ 0xd2e4, /* 812 - _0F_38_AA */ 0xd2f0, /* 813 - _0F_38_AB */ 0xd2fc, /* 814 - _0F_38_AC */ 0xd308, /* 815 - _0F_38_AD */ 0xd314, /* 816 - _0F_38_AE */ 0xd320, /* 817 - _0F_38_AF */ 0xd32c, /* 818 - */ 0, /* 819 - */ 0, /* 81a - */ 0, /* 81b - */ 0, /* 81c - */ 0, /* 81d - */ 0, /* 81e - _0F_38_B6 */ 0xd338, /* 81f - _0F_38_B7 */ 0xd344, /* 820 - _0F_38_B8 */ 0xd350, /* 821 - _0F_38_B9 */ 0xd35c, /* 822 - _0F_38_BA */ 0xd368, /* 823 - _0F_38_BB */ 0xd374, /* 824 - _0F_38_BC */ 0xd380, /* 825 - _0F_38_BD */ 0xd38c, /* 826 - _0F_38_BE */ 0xd398, /* 827 - _0F_38_BF */ 0xd3a4, /* 828 - */ 0, /* 829 - */ 0, /* 82a - */ 0, /* 82b - */ 0, /* 82c - */ 0, /* 82d - */ 0, /* 82e - */ 0, /* 82f - */ 0, /* 830 - */ 0, /* 831 - */ 0, /* 832 - */ 0, /* 833 - */ 0, /* 834 - */ 0, /* 835 - */ 0, /* 836 - */ 0, /* 837 - */ 0, /* 838 - */ 0, /* 839 - */ 0, /* 83a - */ 0, /* 83b - */ 0, /* 83c - */ 0, /* 83d - */ 0, /* 83e - */ 0, /* 83f - */ 0, /* 840 - */ 0, /* 841 - */ 0, /* 842 - */ 0, /* 843 - _0F_38_DB */ 0xd3b0, /* 844 - _0F_38_DC */ 0xd3bc, /* 845 - _0F_38_DD */ 0xd3c8, /* 846 - _0F_38_DE */ 0xd3d4, /* 847 - _0F_38_DF */ 0xd3e0, /* 848 - */ 0, /* 849 - */ 0, /* 84a - */ 0, /* 84b - */ 0, /* 84c - */ 0, /* 84d - */ 0, /* 84e - */ 0, /* 84f - */ 0, /* 850 - */ 0, /* 851 - */ 0, /* 852 - */ 0, /* 853 - */ 0, /* 854 - */ 0, /* 855 - */ 0, /* 856 - */ 0, /* 857 - */ 0, /* 858 - _0F_38_F0 */ 0xd3ec, /* 859 - _0F_38_F1 */ 0xd3f8, /* 85a - */ 0, /* 85b - */ 0, /* 85c - */ 0, /* 85d - */ 0, /* 85e - */ 0, /* 85f - */ 0, /* 860 - */ 0, /* 861 - */ 0, /* 862 - */ 0, /* 863 - */ 0, /* 864 - */ 0, /* 865 - */ 0, /* 866 - */ 0, /* 867 - */ 0, /* 868 - */ 0, /* 869 - */ 0, /* 86a - */ 0, /* 86b - */ 0, /* 86c - _0F_3A_04 */ 0xd404, /* 86d - _0F_3A_05 */ 0xd410, /* 86e - _0F_3A_06 */ 0xd41c, /* 86f - */ 0, /* 870 - _0F_3A_08 */ 0xd428, /* 871 - _0F_3A_09 */ 0xd434, /* 872 - _0F_3A_0A */ 0xd440, /* 873 - _0F_3A_0B */ 0xd44c, /* 874 - _0F_3A_0C */ 0xd458, /* 875 - _0F_3A_0D */ 0xd464, /* 876 - _0F_3A_0E */ 0xd470, /* 877 - _0F_3A_0F */ 0xd47c, /* 878 - */ 0, /* 879 - */ 0, /* 87a - */ 0, /* 87b - */ 0, /* 87c - _0F_3A_14 */ 0xd488, /* 87d - _0F_3A_15 */ 0xd494, /* 87e - _0F_3A_16 */ 0xd4a0, /* 87f - _0F_3A_17 */ 0xd4ac, /* 880 - _0F_3A_18 */ 0xd4b8, /* 881 - _0F_3A_19 */ 0xd4c4, /* 882 - */ 0, /* 883 - */ 0, /* 884 - */ 0, /* 885 - */ 0, /* 886 - */ 0, /* 887 - */ 0, /* 888 - _0F_3A_20 */ 0xd4d0, /* 889 - _0F_3A_21 */ 0xd4dc, /* 88a - _0F_3A_22 */ 0xd4e8, /* 88b - */ 0, /* 88c - */ 0, /* 88d - */ 0, /* 88e - */ 0, /* 88f - */ 0, /* 890 - */ 0, /* 891 - */ 0, /* 892 - */ 0, /* 893 - */ 0, /* 894 - */ 0, /* 895 - */ 0, /* 896 - */ 0, /* 897 - */ 0, /* 898 - */ 0, /* 899 - */ 0, /* 89a - */ 0, /* 89b - */ 0, /* 89c - */ 0, /* 89d - */ 0, /* 89e - */ 0, /* 89f - */ 0, /* 8a0 - */ 0, /* 8a1 - */ 0, /* 8a2 - */ 0, /* 8a3 - */ 0, /* 8a4 - */ 0, /* 8a5 - */ 0, /* 8a6 - */ 0, /* 8a7 - */ 0, /* 8a8 - _0F_3A_40 */ 0xd4f4, /* 8a9 - _0F_3A_41 */ 0xd500, /* 8aa - _0F_3A_42 */ 0xd50c, /* 8ab - */ 0, /* 8ac - _0F_3A_44 */ 0xd518, /* 8ad - */ 0, /* 8ae - */ 0, /* 8af - */ 0, /* 8b0 - */ 0, /* 8b1 - */ 0, /* 8b2 - _0F_3A_4A */ 0xd524, /* 8b3 - _0F_3A_4B */ 0xd530, /* 8b4 - _0F_3A_4C */ 0xd53c, /* 8b5 - */ 0, /* 8b6 - */ 0, /* 8b7 - */ 0, /* 8b8 - */ 0, /* 8b9 - */ 0, /* 8ba - */ 0, /* 8bb - */ 0, /* 8bc - */ 0, /* 8bd - */ 0, /* 8be - */ 0, /* 8bf - */ 0, /* 8c0 - */ 0, /* 8c1 - */ 0, /* 8c2 - */ 0, /* 8c3 - */ 0, /* 8c4 - */ 0, /* 8c5 - */ 0, /* 8c6 - */ 0, /* 8c7 - */ 0, /* 8c8 - _0F_3A_60 */ 0xd548, /* 8c9 - _0F_3A_61 */ 0xd554, /* 8ca - _0F_3A_62 */ 0xd560, /* 8cb - _0F_3A_63 */ 0xd56c, /* 8cc - */ 0, /* 8cd - */ 0, /* 8ce - */ 0, /* 8cf - */ 0, /* 8d0 - */ 0, /* 8d1 - */ 0, /* 8d2 - */ 0, /* 8d3 - */ 0, /* 8d4 - */ 0, /* 8d5 - */ 0, /* 8d6 - */ 0, /* 8d7 - */ 0, /* 8d8 - */ 0, /* 8d9 - */ 0, /* 8da - */ 0, /* 8db - */ 0, /* 8dc - */ 0, /* 8dd - */ 0, /* 8de - */ 0, /* 8df - */ 0, /* 8e0 - */ 0, /* 8e1 - */ 0, /* 8e2 - */ 0, /* 8e3 - */ 0, /* 8e4 - */ 0, /* 8e5 - */ 0, /* 8e6 - */ 0, /* 8e7 - */ 0, /* 8e8 - */ 0, /* 8e9 - */ 0, /* 8ea - */ 0, /* 8eb - */ 0, /* 8ec - */ 0, /* 8ed - */ 0, /* 8ee - */ 0, /* 8ef - */ 0, /* 8f0 - */ 0, /* 8f1 - */ 0, /* 8f2 - */ 0, /* 8f3 - */ 0, /* 8f4 - */ 0, /* 8f5 - */ 0, /* 8f6 - */ 0, /* 8f7 - */ 0, /* 8f8 - */ 0, /* 8f9 - */ 0, /* 8fa - */ 0, /* 8fb - */ 0, /* 8fc - */ 0, /* 8fd - */ 0, /* 8fe - */ 0, /* 8ff - */ 0, /* 900 - */ 0, /* 901 - */ 0, /* 902 - */ 0, /* 903 - */ 0, /* 904 - */ 0, /* 905 - */ 0, /* 906 - */ 0, /* 907 - */ 0, /* 908 - */ 0, /* 909 - */ 0, /* 90a - */ 0, /* 90b - */ 0, /* 90c - */ 0, /* 90d - */ 0, /* 90e - */ 0, /* 90f - */ 0, /* 910 - */ 0, /* 911 - */ 0, /* 912 - */ 0, /* 913 - */ 0, /* 914 - */ 0, /* 915 - */ 0, /* 916 - */ 0, /* 917 - */ 0, /* 918 - */ 0, /* 919 - */ 0, /* 91a - */ 0, /* 91b - */ 0, /* 91c - */ 0, /* 91d - */ 0, /* 91e - */ 0, /* 91f - */ 0, /* 920 - */ 0, /* 921 - */ 0, /* 922 - */ 0, /* 923 - */ 0, /* 924 - */ 0, /* 925 - */ 0, /* 926 - */ 0, /* 927 - */ 0, /* 928 - */ 0, /* 929 - */ 0, /* 92a - */ 0, /* 92b - */ 0, /* 92c - */ 0, /* 92d - */ 0, /* 92e - */ 0, /* 92f - */ 0, /* 930 - */ 0, /* 931 - */ 0, /* 932 - */ 0, /* 933 - */ 0, /* 934 - */ 0, /* 935 - */ 0, /* 936 - */ 0, /* 937 - */ 0, /* 938 - */ 0, /* 939 - */ 0, /* 93a - */ 0, /* 93b - */ 0, /* 93c - */ 0, /* 93d - */ 0, /* 93e - */ 0, /* 93f - */ 0, /* 940 - */ 0, /* 941 - */ 0, /* 942 - */ 0, /* 943 - */ 0, /* 944 - */ 0, /* 945 - */ 0, /* 946 - */ 0, /* 947 - _0F_3A_DF */ 0xd578, /* 948 - */ 0, /* 949 - */ 0, /* 94a - */ 0, /* 94b - */ 0, /* 94c - */ 0, /* 94d - */ 0, /* 94e - */ 0, /* 94f - */ 0, /* 950 - */ 0, /* 951 - */ 0, /* 952 - */ 0, /* 953 - */ 0, /* 954 - */ 0, /* 955 - */ 0, /* 956 - */ 0, /* 957 - */ 0, /* 958 - */ 0, /* 959 - */ 0, /* 95a - */ 0, /* 95b - */ 0, /* 95c - */ 0, /* 95d - */ 0, /* 95e - */ 0, /* 95f - */ 0, /* 960 - */ 0, /* 961 - */ 0, /* 962 - */ 0, /* 963 - */ 0, /* 964 - */ 0, /* 965 - */ 0, /* 966 - */ 0, /* 967 - */ 0, /* 968 - _0F_50 */ 0x23a3, /* 969 - _66_0F_50 */ 0x23a4, /* 96a - */ 0, /* 96b - */ 0, /* 96c - _V_0F_50 */ 0x4036, /* 96d - _V_66_0F_50 */ 0x4037, /* 96e - */ 0, /* 96f - */ 0, /* 970 - */ 0, /* 971 - */ 0, /* 972 - */ 0, /* 973 - */ 0, /* 974 - _0F_51 */ 0x23a5, /* 975 - _66_0F_51 */ 0x23a6, /* 976 - _F3_0F_51 */ 0x23a7, /* 977 - _F2_0F_51 */ 0x23a8, /* 978 - _V_0F_51 */ 0x4038, /* 979 - _V_66_0F_51 */ 0x4039, /* 97a - _V_F3_0F_51 */ 0x403a, /* 97b - _V_F2_0F_51 */ 0x403b, /* 97c - */ 0, /* 97d - */ 0, /* 97e - */ 0, /* 97f - */ 0, /* 980 - _0F_52 */ 0x23a9, /* 981 - */ 0, /* 982 - _F3_0F_52 */ 0x23aa, /* 983 - */ 0, /* 984 - _V_0F_52 */ 0x403c, /* 985 - */ 0, /* 986 - _V_F3_0F_52 */ 0x403d, /* 987 - */ 0, /* 988 - */ 0, /* 989 - */ 0, /* 98a - */ 0, /* 98b - */ 0, /* 98c - _0F_53 */ 0x23ab, /* 98d - */ 0, /* 98e - _F3_0F_53 */ 0x23ac, /* 98f - */ 0, /* 990 - _V_0F_53 */ 0x403e, /* 991 - */ 0, /* 992 - _V_F3_0F_53 */ 0x403f, /* 993 - */ 0, /* 994 - */ 0, /* 995 - */ 0, /* 996 - */ 0, /* 997 - */ 0, /* 998 - _0F_54 */ 0x23ad, /* 999 - _66_0F_54 */ 0x23ae, /* 99a - */ 0, /* 99b - */ 0, /* 99c - _V_0F_54 */ 0x4040, /* 99d - _V_66_0F_54 */ 0x4041, /* 99e - */ 0, /* 99f - */ 0, /* 9a0 - */ 0, /* 9a1 - */ 0, /* 9a2 - */ 0, /* 9a3 - */ 0, /* 9a4 - _0F_55 */ 0x23af, /* 9a5 - _66_0F_55 */ 0x23b0, /* 9a6 - */ 0, /* 9a7 - */ 0, /* 9a8 - _V_0F_55 */ 0x4042, /* 9a9 - _V_66_0F_55 */ 0x4043, /* 9aa - */ 0, /* 9ab - */ 0, /* 9ac - */ 0, /* 9ad - */ 0, /* 9ae - */ 0, /* 9af - */ 0, /* 9b0 - _0F_56 */ 0x23b1, /* 9b1 - _66_0F_56 */ 0x23b2, /* 9b2 - */ 0, /* 9b3 - */ 0, /* 9b4 - _V_0F_56 */ 0x4044, /* 9b5 - _V_66_0F_56 */ 0x4045, /* 9b6 - */ 0, /* 9b7 - */ 0, /* 9b8 - */ 0, /* 9b9 - */ 0, /* 9ba - */ 0, /* 9bb - */ 0, /* 9bc - _0F_57 */ 0x23b3, /* 9bd - _66_0F_57 */ 0x23b4, /* 9be - */ 0, /* 9bf - */ 0, /* 9c0 - _V_0F_57 */ 0x4046, /* 9c1 - _V_66_0F_57 */ 0x4047, /* 9c2 - */ 0, /* 9c3 - */ 0, /* 9c4 - */ 0, /* 9c5 - */ 0, /* 9c6 - */ 0, /* 9c7 - */ 0, /* 9c8 - _0F_58 */ 0x23b5, /* 9c9 - _66_0F_58 */ 0x23b6, /* 9ca - _F3_0F_58 */ 0x23b7, /* 9cb - _F2_0F_58 */ 0x23b8, /* 9cc - _V_0F_58 */ 0x4048, /* 9cd - _V_66_0F_58 */ 0x4049, /* 9ce - _V_F3_0F_58 */ 0x404a, /* 9cf - _V_F2_0F_58 */ 0x404b, /* 9d0 - */ 0, /* 9d1 - */ 0, /* 9d2 - */ 0, /* 9d3 - */ 0, /* 9d4 - _0F_59 */ 0x23b9, /* 9d5 - _66_0F_59 */ 0x23ba, /* 9d6 - _F3_0F_59 */ 0x23bb, /* 9d7 - _F2_0F_59 */ 0x23bc, /* 9d8 - _V_0F_59 */ 0x404c, /* 9d9 - _V_66_0F_59 */ 0x404d, /* 9da - _V_F3_0F_59 */ 0x404e, /* 9db - _V_F2_0F_59 */ 0x404f, /* 9dc - */ 0, /* 9dd - */ 0, /* 9de - */ 0, /* 9df - */ 0, /* 9e0 - _0F_5A */ 0x23bd, /* 9e1 - _66_0F_5A */ 0x23be, /* 9e2 - _F3_0F_5A */ 0x23bf, /* 9e3 - _F2_0F_5A */ 0x23c0, /* 9e4 - _V_0F_5A */ 0x4050, /* 9e5 - _V_66_0F_5A */ 0x4051, /* 9e6 - _V_F3_0F_5A */ 0x4052, /* 9e7 - _V_F2_0F_5A */ 0x4053, /* 9e8 - */ 0, /* 9e9 - */ 0, /* 9ea - */ 0, /* 9eb - */ 0, /* 9ec - _0F_5B */ 0x23c1, /* 9ed - _66_0F_5B */ 0x23c2, /* 9ee - _F3_0F_5B */ 0x23c3, /* 9ef - */ 0, /* 9f0 - _V_0F_5B */ 0x4054, /* 9f1 - _V_66_0F_5B */ 0x4055, /* 9f2 - _V_F3_0F_5B */ 0x4056, /* 9f3 - */ 0, /* 9f4 - */ 0, /* 9f5 - */ 0, /* 9f6 - */ 0, /* 9f7 - */ 0, /* 9f8 - _0F_5C */ 0x23c4, /* 9f9 - _66_0F_5C */ 0x23c5, /* 9fa - _F3_0F_5C */ 0x23c6, /* 9fb - _F2_0F_5C */ 0x23c7, /* 9fc - _V_0F_5C */ 0x4057, /* 9fd - _V_66_0F_5C */ 0x4058, /* 9fe - _V_F3_0F_5C */ 0x4059, /* 9ff - _V_F2_0F_5C */ 0x405a, /* a00 - */ 0, /* a01 - */ 0, /* a02 - */ 0, /* a03 - */ 0, /* a04 - _0F_5D */ 0x23c8, /* a05 - _66_0F_5D */ 0x23c9, /* a06 - _F3_0F_5D */ 0x23ca, /* a07 - _F2_0F_5D */ 0x23cb, /* a08 - _V_0F_5D */ 0x405b, /* a09 - _V_66_0F_5D */ 0x405c, /* a0a - _V_F3_0F_5D */ 0x405d, /* a0b - _V_F2_0F_5D */ 0x405e, /* a0c - */ 0, /* a0d - */ 0, /* a0e - */ 0, /* a0f - */ 0, /* a10 - _0F_5E */ 0x23cc, /* a11 - _66_0F_5E */ 0x23cd, /* a12 - _F3_0F_5E */ 0x23ce, /* a13 - _F2_0F_5E */ 0x23cf, /* a14 - _V_0F_5E */ 0x405f, /* a15 - _V_66_0F_5E */ 0x4060, /* a16 - _V_F3_0F_5E */ 0x4061, /* a17 - _V_F2_0F_5E */ 0x4062, /* a18 - */ 0, /* a19 - */ 0, /* a1a - */ 0, /* a1b - */ 0, /* a1c - _0F_5F */ 0x23d0, /* a1d - _66_0F_5F */ 0x23d1, /* a1e - _F3_0F_5F */ 0x23d2, /* a1f - _F2_0F_5F */ 0x23d3, /* a20 - _V_0F_5F */ 0x4063, /* a21 - _V_66_0F_5F */ 0x4064, /* a22 - _V_F3_0F_5F */ 0x4065, /* a23 - _V_F2_0F_5F */ 0x4066, /* a24 - */ 0, /* a25 - */ 0, /* a26 - */ 0, /* a27 - */ 0, /* a28 - _0F_60 */ 0x23d4, /* a29 - _66_0F_60 */ 0x23d5, /* a2a - */ 0, /* a2b - */ 0, /* a2c - */ 0, /* a2d - _V_66_0F_60 */ 0x4067, /* a2e - */ 0, /* a2f - */ 0, /* a30 - */ 0, /* a31 - */ 0, /* a32 - */ 0, /* a33 - */ 0, /* a34 - _0F_61 */ 0x23d6, /* a35 - _66_0F_61 */ 0x23d7, /* a36 - */ 0, /* a37 - */ 0, /* a38 - */ 0, /* a39 - _V_66_0F_61 */ 0x4068, /* a3a - */ 0, /* a3b - */ 0, /* a3c - */ 0, /* a3d - */ 0, /* a3e - */ 0, /* a3f - */ 0, /* a40 - _0F_62 */ 0x23d8, /* a41 - _66_0F_62 */ 0x23d9, /* a42 - */ 0, /* a43 - */ 0, /* a44 - */ 0, /* a45 - _V_66_0F_62 */ 0x4069, /* a46 - */ 0, /* a47 - */ 0, /* a48 - */ 0, /* a49 - */ 0, /* a4a - */ 0, /* a4b - */ 0, /* a4c - _0F_63 */ 0x23da, /* a4d - _66_0F_63 */ 0x23db, /* a4e - */ 0, /* a4f - */ 0, /* a50 - */ 0, /* a51 - _V_66_0F_63 */ 0x406a, /* a52 - */ 0, /* a53 - */ 0, /* a54 - */ 0, /* a55 - */ 0, /* a56 - */ 0, /* a57 - */ 0, /* a58 - _0F_64 */ 0x23dc, /* a59 - _66_0F_64 */ 0x23dd, /* a5a - */ 0, /* a5b - */ 0, /* a5c - */ 0, /* a5d - _V_66_0F_64 */ 0x406b, /* a5e - */ 0, /* a5f - */ 0, /* a60 - */ 0, /* a61 - */ 0, /* a62 - */ 0, /* a63 - */ 0, /* a64 - _0F_65 */ 0x23de, /* a65 - _66_0F_65 */ 0x23df, /* a66 - */ 0, /* a67 - */ 0, /* a68 - */ 0, /* a69 - _V_66_0F_65 */ 0x406c, /* a6a - */ 0, /* a6b - */ 0, /* a6c - */ 0, /* a6d - */ 0, /* a6e - */ 0, /* a6f - */ 0, /* a70 - _0F_66 */ 0x23e0, /* a71 - _66_0F_66 */ 0x23e1, /* a72 - */ 0, /* a73 - */ 0, /* a74 - */ 0, /* a75 - _V_66_0F_66 */ 0x406d, /* a76 - */ 0, /* a77 - */ 0, /* a78 - */ 0, /* a79 - */ 0, /* a7a - */ 0, /* a7b - */ 0, /* a7c - _0F_67 */ 0x23e2, /* a7d - _66_0F_67 */ 0x23e3, /* a7e - */ 0, /* a7f - */ 0, /* a80 - */ 0, /* a81 - _V_66_0F_67 */ 0x406e, /* a82 - */ 0, /* a83 - */ 0, /* a84 - */ 0, /* a85 - */ 0, /* a86 - */ 0, /* a87 - */ 0, /* a88 - _0F_68 */ 0x23e4, /* a89 - _66_0F_68 */ 0x23e5, /* a8a - */ 0, /* a8b - */ 0, /* a8c - */ 0, /* a8d - _V_66_0F_68 */ 0x406f, /* a8e - */ 0, /* a8f - */ 0, /* a90 - */ 0, /* a91 - */ 0, /* a92 - */ 0, /* a93 - */ 0, /* a94 - _0F_69 */ 0x23e6, /* a95 - _66_0F_69 */ 0x23e7, /* a96 - */ 0, /* a97 - */ 0, /* a98 - */ 0, /* a99 - _V_66_0F_69 */ 0x4070, /* a9a - */ 0, /* a9b - */ 0, /* a9c - */ 0, /* a9d - */ 0, /* a9e - */ 0, /* a9f - */ 0, /* aa0 - _0F_6A */ 0x23e8, /* aa1 - _66_0F_6A */ 0x23e9, /* aa2 - */ 0, /* aa3 - */ 0, /* aa4 - */ 0, /* aa5 - _V_66_0F_6A */ 0x4071, /* aa6 - */ 0, /* aa7 - */ 0, /* aa8 - */ 0, /* aa9 - */ 0, /* aaa - */ 0, /* aab - */ 0, /* aac - _0F_6B */ 0x23ea, /* aad - _66_0F_6B */ 0x23eb, /* aae - */ 0, /* aaf - */ 0, /* ab0 - */ 0, /* ab1 - _V_66_0F_6B */ 0x4072, /* ab2 - */ 0, /* ab3 - */ 0, /* ab4 - */ 0, /* ab5 - */ 0, /* ab6 - */ 0, /* ab7 - */ 0, /* ab8 - */ 0, /* ab9 - _66_0F_6C */ 0x23ec, /* aba - */ 0, /* abb - */ 0, /* abc - */ 0, /* abd - _V_66_0F_6C */ 0x4073, /* abe - */ 0, /* abf - */ 0, /* ac0 - */ 0, /* ac1 - */ 0, /* ac2 - */ 0, /* ac3 - */ 0, /* ac4 - */ 0, /* ac5 - _66_0F_6D */ 0x23ed, /* ac6 - */ 0, /* ac7 - */ 0, /* ac8 - */ 0, /* ac9 - _V_66_0F_6D */ 0x4074, /* aca - */ 0, /* acb - */ 0, /* acc - */ 0, /* acd - */ 0, /* ace - */ 0, /* acf - */ 0, /* ad0 - _0F_6E */ 0x4075, /* ad1 - _66_0F_6E */ 0x4076, /* ad2 - */ 0, /* ad3 - */ 0, /* ad4 - */ 0, /* ad5 - _V_66_0F_6E */ 0x4077, /* ad6 - */ 0, /* ad7 - */ 0, /* ad8 - */ 0, /* ad9 - */ 0, /* ada - */ 0, /* adb - */ 0, /* adc - _0F_6F */ 0x23ee, /* add - _66_0F_6F */ 0x23ef, /* ade - _F3_0F_6F */ 0x23f0, /* adf - */ 0, /* ae0 - */ 0, /* ae1 - _V_66_0F_6F */ 0x4078, /* ae2 - _V_F3_0F_6F */ 0x4079, /* ae3 - */ 0, /* ae4 - */ 0, /* ae5 - */ 0, /* ae6 - */ 0, /* ae7 - */ 0, /* ae8 - _0F_70 */ 0x407a, /* ae9 - _66_0F_70 */ 0x407b, /* aea - _F3_0F_70 */ 0x407c, /* aeb - _F2_0F_70 */ 0x407d, /* aec - */ 0, /* aed - _V_66_0F_70 */ 0x407e, /* aee - _V_F3_0F_70 */ 0x407f, /* aef - _V_F2_0F_70 */ 0x4080, /* af0 - */ 0, /* af1 - */ 0, /* af2 - */ 0, /* af3 - */ 0, /* af4 - */ 0, /* af5 - */ 0, /* af6 - _0F_71_02 */ 0xd584, /* af7 - */ 0, /* af8 - _0F_71_04 */ 0xd590, /* af9 - */ 0, /* afa - _0F_71_06 */ 0xd59c, /* afb - */ 0, /* afc - */ 0, /* afd - */ 0, /* afe - _0F_72_02 */ 0xd5a8, /* aff - */ 0, /* b00 - _0F_72_04 */ 0xd5b4, /* b01 - */ 0, /* b02 - _0F_72_06 */ 0xd5c0, /* b03 - */ 0, /* b04 - */ 0, /* b05 - */ 0, /* b06 - _0F_73_02 */ 0xd5cc, /* b07 - _0F_73_03 */ 0xd5d8, /* b08 - */ 0, /* b09 - */ 0, /* b0a - _0F_73_06 */ 0xd5e4, /* b0b - _0F_73_07 */ 0xd5f0, /* b0c - _0F_74 */ 0x23f1, /* b0d - _66_0F_74 */ 0x23f2, /* b0e - */ 0, /* b0f - */ 0, /* b10 - */ 0, /* b11 - _V_66_0F_74 */ 0x4081, /* b12 - */ 0, /* b13 - */ 0, /* b14 - */ 0, /* b15 - */ 0, /* b16 - */ 0, /* b17 - */ 0, /* b18 - _0F_75 */ 0x23f3, /* b19 - _66_0F_75 */ 0x23f4, /* b1a - */ 0, /* b1b - */ 0, /* b1c - */ 0, /* b1d - _V_66_0F_75 */ 0x4082, /* b1e - */ 0, /* b1f - */ 0, /* b20 - */ 0, /* b21 - */ 0, /* b22 - */ 0, /* b23 - */ 0, /* b24 - _0F_76 */ 0x23f5, /* b25 - _66_0F_76 */ 0x23f6, /* b26 - */ 0, /* b27 - */ 0, /* b28 - */ 0, /* b29 - _V_66_0F_76 */ 0x4083, /* b2a - */ 0, /* b2b - */ 0, /* b2c - */ 0, /* b2d - */ 0, /* b2e - */ 0, /* b2f - */ 0, /* b30 - _0F_77 */ 0x23f7, /* b31 - */ 0, /* b32 - */ 0, /* b33 - */ 0, /* b34 - _V_0F_77 */ 0x4084, /* b35 - */ 0, /* b36 - */ 0, /* b37 - */ 0, /* b38 - */ 0, /* b39 - */ 0, /* b3a - */ 0, /* b3b - */ 0, /* b3c - _0F_78 */ 0x23f8, /* b3d - _66_0F_78 */ 0x4085, /* b3e - */ 0, /* b3f - _F2_0F_78 */ 0x4086, /* b40 - */ 0, /* b41 - */ 0, /* b42 - */ 0, /* b43 - */ 0, /* b44 - */ 0, /* b45 - */ 0, /* b46 - */ 0, /* b47 - */ 0, /* b48 - _0F_79 */ 0x23f9, /* b49 - _66_0F_79 */ 0x23fa, /* b4a - */ 0, /* b4b - _F2_0F_79 */ 0x23fb, /* b4c - */ 0, /* b4d - */ 0, /* b4e - */ 0, /* b4f - */ 0, /* b50 - */ 0, /* b51 - */ 0, /* b52 - */ 0, /* b53 - */ 0, /* b54 - */ 0, /* b55 - */ 0, /* b56 - */ 0, /* b57 - */ 0, /* b58 - */ 0, /* b59 - */ 0, /* b5a - */ 0, /* b5b - */ 0, /* b5c - */ 0, /* b5d - */ 0, /* b5e - */ 0, /* b5f - */ 0, /* b60 - */ 0, /* b61 - */ 0, /* b62 - */ 0, /* b63 - */ 0, /* b64 - */ 0, /* b65 - */ 0, /* b66 - */ 0, /* b67 - */ 0, /* b68 - */ 0, /* b69 - */ 0, /* b6a - */ 0, /* b6b - */ 0, /* b6c - */ 0, /* b6d - */ 0, /* b6e - */ 0, /* b6f - */ 0, /* b70 - */ 0, /* b71 - */ 0, /* b72 - */ 0, /* b73 - */ 0, /* b74 - */ 0, /* b75 - */ 0, /* b76 - */ 0, /* b77 - */ 0, /* b78 - */ 0, /* b79 - */ 0, /* b7a - */ 0, /* b7b - */ 0, /* b7c - */ 0, /* b7d - */ 0, /* b7e - */ 0, /* b7f - */ 0, /* b80 - */ 0, /* b81 - */ 0, /* b82 - */ 0, /* b83 - */ 0, /* b84 - _0F_7A_30 */ 0x23fc, /* b85 - _0F_7A_31 */ 0x23fd, /* b86 - */ 0, /* b87 - */ 0, /* b88 - */ 0, /* b89 - */ 0, /* b8a - */ 0, /* b8b - */ 0, /* b8c - */ 0, /* b8d - */ 0, /* b8e - */ 0, /* b8f - */ 0, /* b90 - */ 0, /* b91 - */ 0, /* b92 - */ 0, /* b93 - */ 0, /* b94 - */ 0, /* b95 - */ 0, /* b96 - */ 0, /* b97 - */ 0, /* b98 - */ 0, /* b99 - */ 0, /* b9a - */ 0, /* b9b - */ 0, /* b9c - */ 0, /* b9d - */ 0, /* b9e - */ 0, /* b9f - */ 0, /* ba0 - */ 0, /* ba1 - */ 0, /* ba2 - */ 0, /* ba3 - */ 0, /* ba4 - */ 0, /* ba5 - */ 0, /* ba6 - */ 0, /* ba7 - */ 0, /* ba8 - */ 0, /* ba9 - */ 0, /* baa - */ 0, /* bab - */ 0, /* bac - */ 0, /* bad - */ 0, /* bae - */ 0, /* baf - */ 0, /* bb0 - */ 0, /* bb1 - */ 0, /* bb2 - */ 0, /* bb3 - */ 0, /* bb4 - */ 0, /* bb5 - */ 0, /* bb6 - */ 0, /* bb7 - */ 0, /* bb8 - */ 0, /* bb9 - */ 0, /* bba - */ 0, /* bbb - */ 0, /* bbc - */ 0, /* bbd - */ 0, /* bbe - */ 0, /* bbf - */ 0, /* bc0 - */ 0, /* bc1 - */ 0, /* bc2 - */ 0, /* bc3 - */ 0, /* bc4 - */ 0, /* bc5 - */ 0, /* bc6 - */ 0, /* bc7 - */ 0, /* bc8 - */ 0, /* bc9 - */ 0, /* bca - */ 0, /* bcb - */ 0, /* bcc - */ 0, /* bcd - */ 0, /* bce - */ 0, /* bcf - */ 0, /* bd0 - */ 0, /* bd1 - */ 0, /* bd2 - */ 0, /* bd3 - */ 0, /* bd4 - */ 0, /* bd5 - */ 0, /* bd6 - */ 0, /* bd7 - */ 0, /* bd8 - */ 0, /* bd9 - */ 0, /* bda - */ 0, /* bdb - */ 0, /* bdc - */ 0, /* bdd - */ 0, /* bde - */ 0, /* bdf - */ 0, /* be0 - */ 0, /* be1 - */ 0, /* be2 - */ 0, /* be3 - */ 0, /* be4 - */ 0, /* be5 - */ 0, /* be6 - */ 0, /* be7 - */ 0, /* be8 - */ 0, /* be9 - */ 0, /* bea - */ 0, /* beb - */ 0, /* bec - */ 0, /* bed - */ 0, /* bee - */ 0, /* bef - */ 0, /* bf0 - */ 0, /* bf1 - */ 0, /* bf2 - */ 0, /* bf3 - */ 0, /* bf4 - */ 0, /* bf5 - */ 0, /* bf6 - */ 0, /* bf7 - */ 0, /* bf8 - */ 0, /* bf9 - */ 0, /* bfa - */ 0, /* bfb - */ 0, /* bfc - */ 0, /* bfd - */ 0, /* bfe - */ 0, /* bff - */ 0, /* c00 - */ 0, /* c01 - */ 0, /* c02 - */ 0, /* c03 - */ 0, /* c04 - */ 0, /* c05 - */ 0, /* c06 - */ 0, /* c07 - */ 0, /* c08 - */ 0, /* c09 - */ 0, /* c0a - */ 0, /* c0b - */ 0, /* c0c - */ 0, /* c0d - */ 0, /* c0e - */ 0, /* c0f - */ 0, /* c10 - */ 0, /* c11 - */ 0, /* c12 - */ 0, /* c13 - */ 0, /* c14 - */ 0, /* c15 - */ 0, /* c16 - */ 0, /* c17 - */ 0, /* c18 - */ 0, /* c19 - */ 0, /* c1a - */ 0, /* c1b - */ 0, /* c1c - */ 0, /* c1d - */ 0, /* c1e - */ 0, /* c1f - */ 0, /* c20 - */ 0, /* c21 - */ 0, /* c22 - */ 0, /* c23 - */ 0, /* c24 - */ 0, /* c25 - */ 0, /* c26 - */ 0, /* c27 - */ 0, /* c28 - */ 0, /* c29 - */ 0, /* c2a - */ 0, /* c2b - */ 0, /* c2c - */ 0, /* c2d - */ 0, /* c2e - */ 0, /* c2f - */ 0, /* c30 - */ 0, /* c31 - */ 0, /* c32 - */ 0, /* c33 - */ 0, /* c34 - */ 0, /* c35 - */ 0, /* c36 - */ 0, /* c37 - */ 0, /* c38 - */ 0, /* c39 - */ 0, /* c3a - */ 0, /* c3b - */ 0, /* c3c - */ 0, /* c3d - */ 0, /* c3e - */ 0, /* c3f - */ 0, /* c40 - */ 0, /* c41 - */ 0, /* c42 - */ 0, /* c43 - */ 0, /* c44 - */ 0, /* c45 - */ 0, /* c46 - */ 0, /* c47 - */ 0, /* c48 - */ 0, /* c49 - */ 0, /* c4a - */ 0, /* c4b - */ 0, /* c4c - */ 0, /* c4d - */ 0, /* c4e - */ 0, /* c4f - */ 0, /* c50 - */ 0, /* c51 - */ 0, /* c52 - */ 0, /* c53 - */ 0, /* c54 - */ 0, /* c55 - _66_0F_7C */ 0x23fe, /* c56 - */ 0, /* c57 - _F2_0F_7C */ 0x23ff, /* c58 - */ 0, /* c59 - _V_66_0F_7C */ 0x4087, /* c5a - */ 0, /* c5b - _V_F2_0F_7C */ 0x4088, /* c5c - */ 0, /* c5d - */ 0, /* c5e - */ 0, /* c5f - */ 0, /* c60 - */ 0, /* c61 - _66_0F_7D */ 0x2400, /* c62 - */ 0, /* c63 - _F2_0F_7D */ 0x2401, /* c64 - */ 0, /* c65 - _V_66_0F_7D */ 0x4089, /* c66 - */ 0, /* c67 - _V_F2_0F_7D */ 0x408a, /* c68 - */ 0, /* c69 - */ 0, /* c6a - */ 0, /* c6b - */ 0, /* c6c - _0F_7E */ 0x408b, /* c6d - _66_0F_7E */ 0x408c, /* c6e - _F3_0F_7E */ 0x2402, /* c6f - */ 0, /* c70 - */ 0, /* c71 - _V_66_0F_7E */ 0x408d, /* c72 - _V_F3_0F_7E */ 0x408e, /* c73 - */ 0, /* c74 - */ 0, /* c75 - */ 0, /* c76 - */ 0, /* c77 - */ 0, /* c78 - _0F_7F */ 0x2403, /* c79 - _66_0F_7F */ 0x2404, /* c7a - _F3_0F_7F */ 0x2405, /* c7b - */ 0, /* c7c - */ 0, /* c7d - _V_66_0F_7F */ 0x408f, /* c7e - _V_F3_0F_7F */ 0x4090, /* c7f - */ 0, /* c80 - */ 0, /* c81 - */ 0, /* c82 - */ 0, /* c83 - */ 0, /* c84 - _0F_AE_00 */ 0xd5fc, /* c85 - _0F_AE_01 */ 0xd608, /* c86 - _0F_AE_02 */ 0xd614, /* c87 - _0F_AE_03 */ 0xd620, /* c88 - _0F_AE_04 */ 0x4091, /* c89 - _0F_AE_05 */ 0x4092, /* c8a - _0F_AE_06 */ 0x4093, /* c8b - _0F_AE_07 */ 0x4094, /* c8c - */ 0, /* c8d - */ 0, /* c8e - _F3_0F_B8 */ 0x2406, /* c8f - */ 0, /* c90 - */ 0, /* c91 - */ 0, /* c92 - */ 0, /* c93 - */ 0, /* c94 - */ 0, /* c95 - */ 0, /* c96 - */ 0, /* c97 - */ 0, /* c98 - */ 0, /* c99 - */ 0, /* c9a - */ 0, /* c9b - */ 0, /* c9c - _0F_BA_04 */ 0x2407, /* c9d - _0F_BA_05 */ 0x2408, /* c9e - _0F_BA_06 */ 0x2409, /* c9f - _0F_BA_07 */ 0x240a, /* ca0 - _0F_BC */ 0x240b, /* ca1 - */ 0, /* ca2 - _F3_0F_BC */ 0x240c, /* ca3 - */ 0, /* ca4 - */ 0, /* ca5 - */ 0, /* ca6 - */ 0, /* ca7 - */ 0, /* ca8 - */ 0, /* ca9 - */ 0, /* caa - */ 0, /* cab - */ 0, /* cac - _0F_BD */ 0x240d, /* cad - */ 0, /* cae - _F3_0F_BD */ 0x240e, /* caf - */ 0, /* cb0 - */ 0, /* cb1 - */ 0, /* cb2 - */ 0, /* cb3 - */ 0, /* cb4 - */ 0, /* cb5 - */ 0, /* cb6 - */ 0, /* cb7 - */ 0, /* cb8 - _0F_C2 */ 0x4095, /* cb9 - _66_0F_C2 */ 0x4096, /* cba - _F3_0F_C2 */ 0x4097, /* cbb - _F2_0F_C2 */ 0x4098, /* cbc - _V_0F_C2 */ 0x4099, /* cbd - _V_66_0F_C2 */ 0x409a, /* cbe - _V_F3_0F_C2 */ 0x409b, /* cbf - _V_F2_0F_C2 */ 0x409c, /* cc0 - */ 0, /* cc1 - */ 0, /* cc2 - */ 0, /* cc3 - */ 0, /* cc4 - _0F_C4 */ 0x409d, /* cc5 - _66_0F_C4 */ 0x409e, /* cc6 - */ 0, /* cc7 - */ 0, /* cc8 - */ 0, /* cc9 - _V_66_0F_C4 */ 0x409f, /* cca - */ 0, /* ccb - */ 0, /* ccc - */ 0, /* ccd - */ 0, /* cce - */ 0, /* ccf - */ 0, /* cd0 - _0F_C5 */ 0x40a0, /* cd1 - _66_0F_C5 */ 0x40a1, /* cd2 - */ 0, /* cd3 - */ 0, /* cd4 - */ 0, /* cd5 - _V_66_0F_C5 */ 0x40a2, /* cd6 - */ 0, /* cd7 - */ 0, /* cd8 - */ 0, /* cd9 - */ 0, /* cda - */ 0, /* cdb - */ 0, /* cdc - _0F_C6 */ 0x40a3, /* cdd - _66_0F_C6 */ 0x40a4, /* cde - */ 0, /* cdf - */ 0, /* ce0 - _V_0F_C6 */ 0x40a5, /* ce1 - _V_66_0F_C6 */ 0x40a6, /* ce2 - */ 0, /* ce3 - */ 0, /* ce4 - */ 0, /* ce5 - */ 0, /* ce6 - */ 0, /* ce7 - */ 0, /* ce8 - */ 0, /* ce9 - _0F_C7_01 */ 0x40a7, /* cea - */ 0, /* ceb - */ 0, /* cec - */ 0, /* ced - */ 0, /* cee - _0F_C7_06 */ 0xd62c, /* cef - _0F_C7_07 */ 0x240f, /* cf0 - */ 0, /* cf1 - _66_0F_D0 */ 0x2410, /* cf2 - */ 0, /* cf3 - _F2_0F_D0 */ 0x2411, /* cf4 - */ 0, /* cf5 - _V_66_0F_D0 */ 0x40a8, /* cf6 - */ 0, /* cf7 - _V_F2_0F_D0 */ 0x40a9, /* cf8 - */ 0, /* cf9 - */ 0, /* cfa - */ 0, /* cfb - */ 0, /* cfc - _0F_D1 */ 0x2412, /* cfd - _66_0F_D1 */ 0x2413, /* cfe - */ 0, /* cff - */ 0, /* d00 - */ 0, /* d01 - _V_66_0F_D1 */ 0x40aa, /* d02 - */ 0, /* d03 - */ 0, /* d04 - */ 0, /* d05 - */ 0, /* d06 - */ 0, /* d07 - */ 0, /* d08 - _0F_D2 */ 0x2414, /* d09 - _66_0F_D2 */ 0x2415, /* d0a - */ 0, /* d0b - */ 0, /* d0c - */ 0, /* d0d - _V_66_0F_D2 */ 0x40ab, /* d0e - */ 0, /* d0f - */ 0, /* d10 - */ 0, /* d11 - */ 0, /* d12 - */ 0, /* d13 - */ 0, /* d14 - _0F_D3 */ 0x2416, /* d15 - _66_0F_D3 */ 0x2417, /* d16 - */ 0, /* d17 - */ 0, /* d18 - */ 0, /* d19 - _V_66_0F_D3 */ 0x40ac, /* d1a - */ 0, /* d1b - */ 0, /* d1c - */ 0, /* d1d - */ 0, /* d1e - */ 0, /* d1f - */ 0, /* d20 - _0F_D4 */ 0x2418, /* d21 - _66_0F_D4 */ 0x2419, /* d22 - */ 0, /* d23 - */ 0, /* d24 - */ 0, /* d25 - _V_66_0F_D4 */ 0x40ad, /* d26 - */ 0, /* d27 - */ 0, /* d28 - */ 0, /* d29 - */ 0, /* d2a - */ 0, /* d2b - */ 0, /* d2c - _0F_D5 */ 0x241a, /* d2d - _66_0F_D5 */ 0x241b, /* d2e - */ 0, /* d2f - */ 0, /* d30 - */ 0, /* d31 - _V_66_0F_D5 */ 0x40ae, /* d32 - */ 0, /* d33 - */ 0, /* d34 - */ 0, /* d35 - */ 0, /* d36 - */ 0, /* d37 - */ 0, /* d38 - */ 0, /* d39 - _66_0F_D6 */ 0x241c, /* d3a - _F3_0F_D6 */ 0x241d, /* d3b - _F2_0F_D6 */ 0x241e, /* d3c - */ 0, /* d3d - _V_66_0F_D6 */ 0x40af, /* d3e - */ 0, /* d3f - */ 0, /* d40 - */ 0, /* d41 - */ 0, /* d42 - */ 0, /* d43 - */ 0, /* d44 - _0F_D7 */ 0x241f, /* d45 - _66_0F_D7 */ 0x2420, /* d46 - */ 0, /* d47 - */ 0, /* d48 - */ 0, /* d49 - _V_66_0F_D7 */ 0x40b0, /* d4a - */ 0, /* d4b - */ 0, /* d4c - */ 0, /* d4d - */ 0, /* d4e - */ 0, /* d4f - */ 0, /* d50 - _0F_D8 */ 0x2421, /* d51 - _66_0F_D8 */ 0x2422, /* d52 - */ 0, /* d53 - */ 0, /* d54 - */ 0, /* d55 - _V_66_0F_D8 */ 0x40b1, /* d56 - */ 0, /* d57 - */ 0, /* d58 - */ 0, /* d59 - */ 0, /* d5a - */ 0, /* d5b - */ 0, /* d5c - _0F_D9 */ 0x2423, /* d5d - _66_0F_D9 */ 0x2424, /* d5e - */ 0, /* d5f - */ 0, /* d60 - */ 0, /* d61 - _V_66_0F_D9 */ 0x40b2, /* d62 - */ 0, /* d63 - */ 0, /* d64 - */ 0, /* d65 - */ 0, /* d66 - */ 0, /* d67 - */ 0, /* d68 - _0F_DA */ 0x2425, /* d69 - _66_0F_DA */ 0x2426, /* d6a - */ 0, /* d6b - */ 0, /* d6c - */ 0, /* d6d - _V_66_0F_DA */ 0x40b3, /* d6e - */ 0, /* d6f - */ 0, /* d70 - */ 0, /* d71 - */ 0, /* d72 - */ 0, /* d73 - */ 0, /* d74 - _0F_DB */ 0x2427, /* d75 - _66_0F_DB */ 0x2428, /* d76 - */ 0, /* d77 - */ 0, /* d78 - */ 0, /* d79 - _V_66_0F_DB */ 0x40b4, /* d7a - */ 0, /* d7b - */ 0, /* d7c - */ 0, /* d7d - */ 0, /* d7e - */ 0, /* d7f - */ 0, /* d80 - _0F_DC */ 0x2429, /* d81 - _66_0F_DC */ 0x242a, /* d82 - */ 0, /* d83 - */ 0, /* d84 - */ 0, /* d85 - _V_66_0F_DC */ 0x40b5, /* d86 - */ 0, /* d87 - */ 0, /* d88 - */ 0, /* d89 - */ 0, /* d8a - */ 0, /* d8b - */ 0, /* d8c - _0F_DD */ 0x242b, /* d8d - _66_0F_DD */ 0x242c, /* d8e - */ 0, /* d8f - */ 0, /* d90 - */ 0, /* d91 - _V_66_0F_DD */ 0x40b6, /* d92 - */ 0, /* d93 - */ 0, /* d94 - */ 0, /* d95 - */ 0, /* d96 - */ 0, /* d97 - */ 0, /* d98 - _0F_DE */ 0x242d, /* d99 - _66_0F_DE */ 0x242e, /* d9a - */ 0, /* d9b - */ 0, /* d9c - */ 0, /* d9d - _V_66_0F_DE */ 0x40b7, /* d9e - */ 0, /* d9f - */ 0, /* da0 - */ 0, /* da1 - */ 0, /* da2 - */ 0, /* da3 - */ 0, /* da4 - _0F_DF */ 0x242f, /* da5 - _66_0F_DF */ 0x2430, /* da6 - */ 0, /* da7 - */ 0, /* da8 - */ 0, /* da9 - _V_66_0F_DF */ 0x40b8, /* daa - */ 0, /* dab - */ 0, /* dac - */ 0, /* dad - */ 0, /* dae - */ 0, /* daf - */ 0, /* db0 - _0F_E0 */ 0x2431, /* db1 - _66_0F_E0 */ 0x2432, /* db2 - */ 0, /* db3 - */ 0, /* db4 - */ 0, /* db5 - _V_66_0F_E0 */ 0x40b9, /* db6 - */ 0, /* db7 - */ 0, /* db8 - */ 0, /* db9 - */ 0, /* dba - */ 0, /* dbb - */ 0, /* dbc - _0F_E1 */ 0x2433, /* dbd - _66_0F_E1 */ 0x2434, /* dbe - */ 0, /* dbf - */ 0, /* dc0 - */ 0, /* dc1 - _V_66_0F_E1 */ 0x40ba, /* dc2 - */ 0, /* dc3 - */ 0, /* dc4 - */ 0, /* dc5 - */ 0, /* dc6 - */ 0, /* dc7 - */ 0, /* dc8 - _0F_E2 */ 0x2435, /* dc9 - _66_0F_E2 */ 0x2436, /* dca - */ 0, /* dcb - */ 0, /* dcc - */ 0, /* dcd - _V_66_0F_E2 */ 0x40bb, /* dce - */ 0, /* dcf - */ 0, /* dd0 - */ 0, /* dd1 - */ 0, /* dd2 - */ 0, /* dd3 - */ 0, /* dd4 - _0F_E3 */ 0x2437, /* dd5 - _66_0F_E3 */ 0x2438, /* dd6 - */ 0, /* dd7 - */ 0, /* dd8 - */ 0, /* dd9 - _V_66_0F_E3 */ 0x40bc, /* dda - */ 0, /* ddb - */ 0, /* ddc - */ 0, /* ddd - */ 0, /* dde - */ 0, /* ddf - */ 0, /* de0 - _0F_E4 */ 0x2439, /* de1 - _66_0F_E4 */ 0x243a, /* de2 - */ 0, /* de3 - */ 0, /* de4 - */ 0, /* de5 - _V_66_0F_E4 */ 0x40bd, /* de6 - */ 0, /* de7 - */ 0, /* de8 - */ 0, /* de9 - */ 0, /* dea - */ 0, /* deb - */ 0, /* dec - _0F_E5 */ 0x243b, /* ded - _66_0F_E5 */ 0x243c, /* dee - */ 0, /* def - */ 0, /* df0 - */ 0, /* df1 - _V_66_0F_E5 */ 0x40be, /* df2 - */ 0, /* df3 - */ 0, /* df4 - */ 0, /* df5 - */ 0, /* df6 - */ 0, /* df7 - */ 0, /* df8 - */ 0, /* df9 - _66_0F_E6 */ 0x243d, /* dfa - _F3_0F_E6 */ 0x243e, /* dfb - _F2_0F_E6 */ 0x243f, /* dfc - */ 0, /* dfd - _V_66_0F_E6 */ 0x40bf, /* dfe - _V_F3_0F_E6 */ 0x40c0, /* dff - _V_F2_0F_E6 */ 0x40c1, /* e00 - */ 0, /* e01 - */ 0, /* e02 - */ 0, /* e03 - */ 0, /* e04 - _0F_E7 */ 0x2440, /* e05 - _66_0F_E7 */ 0x2441, /* e06 - */ 0, /* e07 - */ 0, /* e08 - */ 0, /* e09 - _V_66_0F_E7 */ 0x40c2, /* e0a - */ 0, /* e0b - */ 0, /* e0c - */ 0, /* e0d - */ 0, /* e0e - */ 0, /* e0f - */ 0, /* e10 - _0F_E8 */ 0x2442, /* e11 - _66_0F_E8 */ 0x2443, /* e12 - */ 0, /* e13 - */ 0, /* e14 - */ 0, /* e15 - _V_66_0F_E8 */ 0x40c3, /* e16 - */ 0, /* e17 - */ 0, /* e18 - */ 0, /* e19 - */ 0, /* e1a - */ 0, /* e1b - */ 0, /* e1c - _0F_E9 */ 0x2444, /* e1d - _66_0F_E9 */ 0x2445, /* e1e - */ 0, /* e1f - */ 0, /* e20 - */ 0, /* e21 - _V_66_0F_E9 */ 0x40c4, /* e22 - */ 0, /* e23 - */ 0, /* e24 - */ 0, /* e25 - */ 0, /* e26 - */ 0, /* e27 - */ 0, /* e28 - _0F_EA */ 0x2446, /* e29 - _66_0F_EA */ 0x2447, /* e2a - */ 0, /* e2b - */ 0, /* e2c - */ 0, /* e2d - _V_66_0F_EA */ 0x40c5, /* e2e - */ 0, /* e2f - */ 0, /* e30 - */ 0, /* e31 - */ 0, /* e32 - */ 0, /* e33 - */ 0, /* e34 - _0F_EB */ 0x2448, /* e35 - _66_0F_EB */ 0x2449, /* e36 - */ 0, /* e37 - */ 0, /* e38 - */ 0, /* e39 - _V_66_0F_EB */ 0x40c6, /* e3a - */ 0, /* e3b - */ 0, /* e3c - */ 0, /* e3d - */ 0, /* e3e - */ 0, /* e3f - */ 0, /* e40 - _0F_EC */ 0x244a, /* e41 - _66_0F_EC */ 0x244b, /* e42 - */ 0, /* e43 - */ 0, /* e44 - */ 0, /* e45 - _V_66_0F_EC */ 0x40c7, /* e46 - */ 0, /* e47 - */ 0, /* e48 - */ 0, /* e49 - */ 0, /* e4a - */ 0, /* e4b - */ 0, /* e4c - _0F_ED */ 0x244c, /* e4d - _66_0F_ED */ 0x244d, /* e4e - */ 0, /* e4f - */ 0, /* e50 - */ 0, /* e51 - _V_66_0F_ED */ 0x40c8, /* e52 - */ 0, /* e53 - */ 0, /* e54 - */ 0, /* e55 - */ 0, /* e56 - */ 0, /* e57 - */ 0, /* e58 - _0F_EE */ 0x244e, /* e59 - _66_0F_EE */ 0x244f, /* e5a - */ 0, /* e5b - */ 0, /* e5c - */ 0, /* e5d - _V_66_0F_EE */ 0x40c9, /* e5e - */ 0, /* e5f - */ 0, /* e60 - */ 0, /* e61 - */ 0, /* e62 - */ 0, /* e63 - */ 0, /* e64 - _0F_EF */ 0x2450, /* e65 - _66_0F_EF */ 0x2451, /* e66 - */ 0, /* e67 - */ 0, /* e68 - */ 0, /* e69 - _V_66_0F_EF */ 0x40ca, /* e6a - */ 0, /* e6b - */ 0, /* e6c - */ 0, /* e6d - */ 0, /* e6e - */ 0, /* e6f - */ 0, /* e70 - */ 0, /* e71 - */ 0, /* e72 - */ 0, /* e73 - _F2_0F_F0 */ 0x2452, /* e74 - */ 0, /* e75 - */ 0, /* e76 - */ 0, /* e77 - _V_F2_0F_F0 */ 0x40cb, /* e78 - */ 0, /* e79 - */ 0, /* e7a - */ 0, /* e7b - */ 0, /* e7c - _0F_F1 */ 0x2453, /* e7d - _66_0F_F1 */ 0x2454, /* e7e - */ 0, /* e7f - */ 0, /* e80 - */ 0, /* e81 - _V_66_0F_F1 */ 0x40cc, /* e82 - */ 0, /* e83 - */ 0, /* e84 - */ 0, /* e85 - */ 0, /* e86 - */ 0, /* e87 - */ 0, /* e88 - _0F_F2 */ 0x2455, /* e89 - _66_0F_F2 */ 0x2456, /* e8a - */ 0, /* e8b - */ 0, /* e8c - */ 0, /* e8d - _V_66_0F_F2 */ 0x40cd, /* e8e - */ 0, /* e8f - */ 0, /* e90 - */ 0, /* e91 - */ 0, /* e92 - */ 0, /* e93 - */ 0, /* e94 - _0F_F3 */ 0x2457, /* e95 - _66_0F_F3 */ 0x2458, /* e96 - */ 0, /* e97 - */ 0, /* e98 - */ 0, /* e99 - _V_66_0F_F3 */ 0x40ce, /* e9a - */ 0, /* e9b - */ 0, /* e9c - */ 0, /* e9d - */ 0, /* e9e - */ 0, /* e9f - */ 0, /* ea0 - _0F_F4 */ 0x2459, /* ea1 - _66_0F_F4 */ 0x245a, /* ea2 - */ 0, /* ea3 - */ 0, /* ea4 - */ 0, /* ea5 - _V_66_0F_F4 */ 0x40cf, /* ea6 - */ 0, /* ea7 - */ 0, /* ea8 - */ 0, /* ea9 - */ 0, /* eaa - */ 0, /* eab - */ 0, /* eac - _0F_F5 */ 0x245b, /* ead - _66_0F_F5 */ 0x245c, /* eae - */ 0, /* eaf - */ 0, /* eb0 - */ 0, /* eb1 - _V_66_0F_F5 */ 0x40d0, /* eb2 - */ 0, /* eb3 - */ 0, /* eb4 - */ 0, /* eb5 - */ 0, /* eb6 - */ 0, /* eb7 - */ 0, /* eb8 - _0F_F6 */ 0x245d, /* eb9 - _66_0F_F6 */ 0x245e, /* eba - */ 0, /* ebb - */ 0, /* ebc - */ 0, /* ebd - _V_66_0F_F6 */ 0x40d1, /* ebe - */ 0, /* ebf - */ 0, /* ec0 - */ 0, /* ec1 - */ 0, /* ec2 - */ 0, /* ec3 - */ 0, /* ec4 - _0F_F7 */ 0x245f, /* ec5 - _66_0F_F7 */ 0x2460, /* ec6 - */ 0, /* ec7 - */ 0, /* ec8 - */ 0, /* ec9 - _V_66_0F_F7 */ 0x40d2, /* eca - */ 0, /* ecb - */ 0, /* ecc - */ 0, /* ecd - */ 0, /* ece - */ 0, /* ecf - */ 0, /* ed0 - _0F_F8 */ 0x2461, /* ed1 - _66_0F_F8 */ 0x2462, /* ed2 - */ 0, /* ed3 - */ 0, /* ed4 - */ 0, /* ed5 - _V_66_0F_F8 */ 0x40d3, /* ed6 - */ 0, /* ed7 - */ 0, /* ed8 - */ 0, /* ed9 - */ 0, /* eda - */ 0, /* edb - */ 0, /* edc - _0F_F9 */ 0x2463, /* edd - _66_0F_F9 */ 0x2464, /* ede - */ 0, /* edf - */ 0, /* ee0 - */ 0, /* ee1 - _V_66_0F_F9 */ 0x40d4, /* ee2 - */ 0, /* ee3 - */ 0, /* ee4 - */ 0, /* ee5 - */ 0, /* ee6 - */ 0, /* ee7 - */ 0, /* ee8 - _0F_FA */ 0x2465, /* ee9 - _66_0F_FA */ 0x2466, /* eea - */ 0, /* eeb - */ 0, /* eec - */ 0, /* eed - _V_66_0F_FA */ 0x40d5, /* eee - */ 0, /* eef - */ 0, /* ef0 - */ 0, /* ef1 - */ 0, /* ef2 - */ 0, /* ef3 - */ 0, /* ef4 - _0F_FB */ 0x2467, /* ef5 - _66_0F_FB */ 0x2468, /* ef6 - */ 0, /* ef7 - */ 0, /* ef8 - */ 0, /* ef9 - _V_66_0F_FB */ 0x40d6, /* efa - */ 0, /* efb - */ 0, /* efc - */ 0, /* efd - */ 0, /* efe - */ 0, /* eff - */ 0, /* f00 - _0F_FC */ 0x2469, /* f01 - _66_0F_FC */ 0x246a, /* f02 - */ 0, /* f03 - */ 0, /* f04 - */ 0, /* f05 - _V_66_0F_FC */ 0x40d7, /* f06 - */ 0, /* f07 - */ 0, /* f08 - */ 0, /* f09 - */ 0, /* f0a - */ 0, /* f0b - */ 0, /* f0c - _0F_FD */ 0x246b, /* f0d - _66_0F_FD */ 0x246c, /* f0e - */ 0, /* f0f - */ 0, /* f10 - */ 0, /* f11 - _V_66_0F_FD */ 0x40d8, /* f12 - */ 0, /* f13 - */ 0, /* f14 - */ 0, /* f15 - */ 0, /* f16 - */ 0, /* f17 - */ 0, /* f18 - _0F_FE */ 0x246d, /* f19 - _66_0F_FE */ 0x246e, /* f1a - */ 0, /* f1b - */ 0, /* f1c - */ 0, /* f1d - _V_66_0F_FE */ 0x40d9, /* f1e - */ 0, /* f1f - */ 0, /* f20 - */ 0, /* f21 - */ 0, /* f22 - */ 0, /* f23 - */ 0, /* f24 - _D9_06 */ 0x246f, /* f25 - _9B_D9_06 */ 0x2470, /* f26 - */ 0, /* f27 - */ 0, /* f28 - */ 0, /* f29 - */ 0, /* f2a - */ 0, /* f2b - */ 0, /* f2c - */ 0, /* f2d - */ 0, /* f2e - */ 0, /* f2f - */ 0, /* f30 - _D9_07 */ 0x2471, /* f31 - _9B_D9_07 */ 0x2472, /* f32 - */ 0, /* f33 - */ 0, /* f34 - */ 0, /* f35 - */ 0, /* f36 - */ 0, /* f37 - */ 0, /* f38 - */ 0, /* f39 - */ 0, /* f3a - */ 0, /* f3b - */ 0, /* f3c - _DB_E2 */ 0x2473, /* f3d - _9B_DB_E2 */ 0x2474, /* f3e - */ 0, /* f3f - */ 0, /* f40 - */ 0, /* f41 - */ 0, /* f42 - */ 0, /* f43 - */ 0, /* f44 - */ 0, /* f45 - */ 0, /* f46 - */ 0, /* f47 - */ 0, /* f48 - _DB_E3 */ 0x2475, /* f49 - _9B_DB_E3 */ 0x2476, /* f4a - */ 0, /* f4b - */ 0, /* f4c - */ 0, /* f4d - */ 0, /* f4e - */ 0, /* f4f - */ 0, /* f50 - */ 0, /* f51 - */ 0, /* f52 - */ 0, /* f53 - */ 0, /* f54 - _DD_06 */ 0x2477, /* f55 - _9B_DD_06 */ 0x2478, /* f56 - */ 0, /* f57 - */ 0, /* f58 - */ 0, /* f59 - */ 0, /* f5a - */ 0, /* f5b - */ 0, /* f5c - */ 0, /* f5d - */ 0, /* f5e - */ 0, /* f5f - */ 0, /* f60 - _DD_07 */ 0x2479, /* f61 - _9B_DD_07 */ 0x247a, /* f62 - */ 0, /* f63 - */ 0, /* f64 - */ 0, /* f65 - */ 0, /* f66 - */ 0, /* f67 - */ 0, /* f68 - */ 0, /* f69 - */ 0, /* f6a - */ 0, /* f6b - */ 0, /* f6c - _DF_E0 */ 0x247b, /* f6d - _9B_DF_E0 */ 0x247c, /* f6e - */ 0, /* f6f - */ 0, /* f70 - */ 0, /* f71 - */ 0, /* f72 - */ 0, /* f73 - */ 0, /* f74 - */ 0, /* f75 - */ 0, /* f76 - */ 0, /* f77 - */ 0, /* f78 - _0F_38_00 */ 0x247d, /* f79 - _66_0F_38_00 */ 0x247e, /* f7a - */ 0, /* f7b - */ 0, /* f7c - */ 0, /* f7d - _V_66_0F_38_00 */ 0x40da, /* f7e - */ 0, /* f7f - */ 0, /* f80 - */ 0, /* f81 - */ 0, /* f82 - */ 0, /* f83 - */ 0, /* f84 - _0F_38_01 */ 0x247f, /* f85 - _66_0F_38_01 */ 0x2480, /* f86 - */ 0, /* f87 - */ 0, /* f88 - */ 0, /* f89 - _V_66_0F_38_01 */ 0x40db, /* f8a - */ 0, /* f8b - */ 0, /* f8c - */ 0, /* f8d - */ 0, /* f8e - */ 0, /* f8f - */ 0, /* f90 - _0F_38_02 */ 0x2481, /* f91 - _66_0F_38_02 */ 0x2482, /* f92 - */ 0, /* f93 - */ 0, /* f94 - */ 0, /* f95 - _V_66_0F_38_02 */ 0x40dc, /* f96 - */ 0, /* f97 - */ 0, /* f98 - */ 0, /* f99 - */ 0, /* f9a - */ 0, /* f9b - */ 0, /* f9c - _0F_38_03 */ 0x2483, /* f9d - _66_0F_38_03 */ 0x2484, /* f9e - */ 0, /* f9f - */ 0, /* fa0 - */ 0, /* fa1 - _V_66_0F_38_03 */ 0x40dd, /* fa2 - */ 0, /* fa3 - */ 0, /* fa4 - */ 0, /* fa5 - */ 0, /* fa6 - */ 0, /* fa7 - */ 0, /* fa8 - _0F_38_04 */ 0x2485, /* fa9 - _66_0F_38_04 */ 0x2486, /* faa - */ 0, /* fab - */ 0, /* fac - */ 0, /* fad - _V_66_0F_38_04 */ 0x40de, /* fae - */ 0, /* faf - */ 0, /* fb0 - */ 0, /* fb1 - */ 0, /* fb2 - */ 0, /* fb3 - */ 0, /* fb4 - _0F_38_05 */ 0x2487, /* fb5 - _66_0F_38_05 */ 0x2488, /* fb6 - */ 0, /* fb7 - */ 0, /* fb8 - */ 0, /* fb9 - _V_66_0F_38_05 */ 0x40df, /* fba - */ 0, /* fbb - */ 0, /* fbc - */ 0, /* fbd - */ 0, /* fbe - */ 0, /* fbf - */ 0, /* fc0 - _0F_38_06 */ 0x2489, /* fc1 - _66_0F_38_06 */ 0x248a, /* fc2 - */ 0, /* fc3 - */ 0, /* fc4 - */ 0, /* fc5 - _V_66_0F_38_06 */ 0x40e0, /* fc6 - */ 0, /* fc7 - */ 0, /* fc8 - */ 0, /* fc9 - */ 0, /* fca - */ 0, /* fcb - */ 0, /* fcc - _0F_38_07 */ 0x248b, /* fcd - _66_0F_38_07 */ 0x248c, /* fce - */ 0, /* fcf - */ 0, /* fd0 - */ 0, /* fd1 - _V_66_0F_38_07 */ 0x40e1, /* fd2 - */ 0, /* fd3 - */ 0, /* fd4 - */ 0, /* fd5 - */ 0, /* fd6 - */ 0, /* fd7 - */ 0, /* fd8 - _0F_38_08 */ 0x248d, /* fd9 - _66_0F_38_08 */ 0x248e, /* fda - */ 0, /* fdb - */ 0, /* fdc - */ 0, /* fdd - _V_66_0F_38_08 */ 0x40e2, /* fde - */ 0, /* fdf - */ 0, /* fe0 - */ 0, /* fe1 - */ 0, /* fe2 - */ 0, /* fe3 - */ 0, /* fe4 - _0F_38_09 */ 0x248f, /* fe5 - _66_0F_38_09 */ 0x2490, /* fe6 - */ 0, /* fe7 - */ 0, /* fe8 - */ 0, /* fe9 - _V_66_0F_38_09 */ 0x40e3, /* fea - */ 0, /* feb - */ 0, /* fec - */ 0, /* fed - */ 0, /* fee - */ 0, /* fef - */ 0, /* ff0 - _0F_38_0A */ 0x2491, /* ff1 - _66_0F_38_0A */ 0x2492, /* ff2 - */ 0, /* ff3 - */ 0, /* ff4 - */ 0, /* ff5 - _V_66_0F_38_0A */ 0x40e4, /* ff6 - */ 0, /* ff7 - */ 0, /* ff8 - */ 0, /* ff9 - */ 0, /* ffa - */ 0, /* ffb - */ 0, /* ffc - _0F_38_0B */ 0x2493, /* ffd - _66_0F_38_0B */ 0x2494, /* ffe - */ 0, /* fff - */ 0, /* 1000 - */ 0, /* 1001 - _V_66_0F_38_0B */ 0x40e5, /* 1002 - */ 0, /* 1003 - */ 0, /* 1004 - */ 0, /* 1005 - */ 0, /* 1006 - */ 0, /* 1007 - */ 0, /* 1008 - */ 0, /* 1009 - */ 0, /* 100a - */ 0, /* 100b - */ 0, /* 100c - */ 0, /* 100d - _V_66_0F_38_0C */ 0x40e6, /* 100e - */ 0, /* 100f - */ 0, /* 1010 - */ 0, /* 1011 - */ 0, /* 1012 - */ 0, /* 1013 - */ 0, /* 1014 - */ 0, /* 1015 - */ 0, /* 1016 - */ 0, /* 1017 - */ 0, /* 1018 - */ 0, /* 1019 - _V_66_0F_38_0D */ 0x40e7, /* 101a - */ 0, /* 101b - */ 0, /* 101c - */ 0, /* 101d - */ 0, /* 101e - */ 0, /* 101f - */ 0, /* 1020 - */ 0, /* 1021 - */ 0, /* 1022 - */ 0, /* 1023 - */ 0, /* 1024 - */ 0, /* 1025 - _V_66_0F_38_0E */ 0x40e8, /* 1026 - */ 0, /* 1027 - */ 0, /* 1028 - */ 0, /* 1029 - */ 0, /* 102a - */ 0, /* 102b - */ 0, /* 102c - */ 0, /* 102d - */ 0, /* 102e - */ 0, /* 102f - */ 0, /* 1030 - */ 0, /* 1031 - _V_66_0F_38_0F */ 0x40e9, /* 1032 - */ 0, /* 1033 - */ 0, /* 1034 - */ 0, /* 1035 - */ 0, /* 1036 - */ 0, /* 1037 - */ 0, /* 1038 - */ 0, /* 1039 - _66_0F_38_10 */ 0x40ea, /* 103a - */ 0, /* 103b - */ 0, /* 103c - */ 0, /* 103d - */ 0, /* 103e - */ 0, /* 103f - */ 0, /* 1040 - */ 0, /* 1041 - */ 0, /* 1042 - */ 0, /* 1043 - */ 0, /* 1044 - */ 0, /* 1045 - _66_0F_38_14 */ 0x40eb, /* 1046 - */ 0, /* 1047 - */ 0, /* 1048 - */ 0, /* 1049 - */ 0, /* 104a - */ 0, /* 104b - */ 0, /* 104c - */ 0, /* 104d - */ 0, /* 104e - */ 0, /* 104f - */ 0, /* 1050 - */ 0, /* 1051 - _66_0F_38_15 */ 0x40ec, /* 1052 - */ 0, /* 1053 - */ 0, /* 1054 - */ 0, /* 1055 - */ 0, /* 1056 - */ 0, /* 1057 - */ 0, /* 1058 - */ 0, /* 1059 - */ 0, /* 105a - */ 0, /* 105b - */ 0, /* 105c - */ 0, /* 105d - _66_0F_38_17 */ 0x2495, /* 105e - */ 0, /* 105f - */ 0, /* 1060 - */ 0, /* 1061 - _V_66_0F_38_17 */ 0x40ed, /* 1062 - */ 0, /* 1063 - */ 0, /* 1064 - */ 0, /* 1065 - */ 0, /* 1066 - */ 0, /* 1067 - */ 0, /* 1068 - */ 0, /* 1069 - */ 0, /* 106a - */ 0, /* 106b - */ 0, /* 106c - */ 0, /* 106d - _V_66_0F_38_18 */ 0x40ee, /* 106e - */ 0, /* 106f - */ 0, /* 1070 - */ 0, /* 1071 - */ 0, /* 1072 - */ 0, /* 1073 - */ 0, /* 1074 - */ 0, /* 1075 - */ 0, /* 1076 - */ 0, /* 1077 - */ 0, /* 1078 - */ 0, /* 1079 - _V_66_0F_38_19 */ 0x40ef, /* 107a - */ 0, /* 107b - */ 0, /* 107c - */ 0, /* 107d - */ 0, /* 107e - */ 0, /* 107f - */ 0, /* 1080 - */ 0, /* 1081 - */ 0, /* 1082 - */ 0, /* 1083 - */ 0, /* 1084 - */ 0, /* 1085 - _V_66_0F_38_1A */ 0x40f0, /* 1086 - */ 0, /* 1087 - */ 0, /* 1088 - */ 0, /* 1089 - */ 0, /* 108a - */ 0, /* 108b - */ 0, /* 108c - _0F_38_1C */ 0x2496, /* 108d - _66_0F_38_1C */ 0x2497, /* 108e - */ 0, /* 108f - */ 0, /* 1090 - */ 0, /* 1091 - _V_66_0F_38_1C */ 0x40f1, /* 1092 - */ 0, /* 1093 - */ 0, /* 1094 - */ 0, /* 1095 - */ 0, /* 1096 - */ 0, /* 1097 - */ 0, /* 1098 - _0F_38_1D */ 0x2498, /* 1099 - _66_0F_38_1D */ 0x2499, /* 109a - */ 0, /* 109b - */ 0, /* 109c - */ 0, /* 109d - _V_66_0F_38_1D */ 0x40f2, /* 109e - */ 0, /* 109f - */ 0, /* 10a0 - */ 0, /* 10a1 - */ 0, /* 10a2 - */ 0, /* 10a3 - */ 0, /* 10a4 - _0F_38_1E */ 0x249a, /* 10a5 - _66_0F_38_1E */ 0x249b, /* 10a6 - */ 0, /* 10a7 - */ 0, /* 10a8 - */ 0, /* 10a9 - _V_66_0F_38_1E */ 0x40f3, /* 10aa - */ 0, /* 10ab - */ 0, /* 10ac - */ 0, /* 10ad - */ 0, /* 10ae - */ 0, /* 10af - */ 0, /* 10b0 - */ 0, /* 10b1 - _66_0F_38_20 */ 0x249c, /* 10b2 - */ 0, /* 10b3 - */ 0, /* 10b4 - */ 0, /* 10b5 - _V_66_0F_38_20 */ 0x40f4, /* 10b6 - */ 0, /* 10b7 - */ 0, /* 10b8 - */ 0, /* 10b9 - */ 0, /* 10ba - */ 0, /* 10bb - */ 0, /* 10bc - */ 0, /* 10bd - _66_0F_38_21 */ 0x249d, /* 10be - */ 0, /* 10bf - */ 0, /* 10c0 - */ 0, /* 10c1 - _V_66_0F_38_21 */ 0x40f5, /* 10c2 - */ 0, /* 10c3 - */ 0, /* 10c4 - */ 0, /* 10c5 - */ 0, /* 10c6 - */ 0, /* 10c7 - */ 0, /* 10c8 - */ 0, /* 10c9 - _66_0F_38_22 */ 0x249e, /* 10ca - */ 0, /* 10cb - */ 0, /* 10cc - */ 0, /* 10cd - _V_66_0F_38_22 */ 0x40f6, /* 10ce - */ 0, /* 10cf - */ 0, /* 10d0 - */ 0, /* 10d1 - */ 0, /* 10d2 - */ 0, /* 10d3 - */ 0, /* 10d4 - */ 0, /* 10d5 - _66_0F_38_23 */ 0x249f, /* 10d6 - */ 0, /* 10d7 - */ 0, /* 10d8 - */ 0, /* 10d9 - _V_66_0F_38_23 */ 0x40f7, /* 10da - */ 0, /* 10db - */ 0, /* 10dc - */ 0, /* 10dd - */ 0, /* 10de - */ 0, /* 10df - */ 0, /* 10e0 - */ 0, /* 10e1 - _66_0F_38_24 */ 0x24a0, /* 10e2 - */ 0, /* 10e3 - */ 0, /* 10e4 - */ 0, /* 10e5 - _V_66_0F_38_24 */ 0x40f8, /* 10e6 - */ 0, /* 10e7 - */ 0, /* 10e8 - */ 0, /* 10e9 - */ 0, /* 10ea - */ 0, /* 10eb - */ 0, /* 10ec - */ 0, /* 10ed - _66_0F_38_25 */ 0x24a1, /* 10ee - */ 0, /* 10ef - */ 0, /* 10f0 - */ 0, /* 10f1 - _V_66_0F_38_25 */ 0x40f9, /* 10f2 - */ 0, /* 10f3 - */ 0, /* 10f4 - */ 0, /* 10f5 - */ 0, /* 10f6 - */ 0, /* 10f7 - */ 0, /* 10f8 - */ 0, /* 10f9 - _66_0F_38_28 */ 0x24a2, /* 10fa - */ 0, /* 10fb - */ 0, /* 10fc - */ 0, /* 10fd - _V_66_0F_38_28 */ 0x40fa, /* 10fe - */ 0, /* 10ff - */ 0, /* 1100 - */ 0, /* 1101 - */ 0, /* 1102 - */ 0, /* 1103 - */ 0, /* 1104 - */ 0, /* 1105 - _66_0F_38_29 */ 0x24a3, /* 1106 - */ 0, /* 1107 - */ 0, /* 1108 - */ 0, /* 1109 - _V_66_0F_38_29 */ 0x40fb, /* 110a - */ 0, /* 110b - */ 0, /* 110c - */ 0, /* 110d - */ 0, /* 110e - */ 0, /* 110f - */ 0, /* 1110 - */ 0, /* 1111 - _66_0F_38_2A */ 0x24a4, /* 1112 - */ 0, /* 1113 - */ 0, /* 1114 - */ 0, /* 1115 - _V_66_0F_38_2A */ 0x40fc, /* 1116 - */ 0, /* 1117 - */ 0, /* 1118 - */ 0, /* 1119 - */ 0, /* 111a - */ 0, /* 111b - */ 0, /* 111c - */ 0, /* 111d - _66_0F_38_2B */ 0x24a5, /* 111e - */ 0, /* 111f - */ 0, /* 1120 - */ 0, /* 1121 - _V_66_0F_38_2B */ 0x40fd, /* 1122 - */ 0, /* 1123 - */ 0, /* 1124 - */ 0, /* 1125 - */ 0, /* 1126 - */ 0, /* 1127 - */ 0, /* 1128 - */ 0, /* 1129 - */ 0, /* 112a - */ 0, /* 112b - */ 0, /* 112c - */ 0, /* 112d - _V_66_0F_38_2C */ 0x40fe, /* 112e - */ 0, /* 112f - */ 0, /* 1130 - */ 0, /* 1131 - */ 0, /* 1132 - */ 0, /* 1133 - */ 0, /* 1134 - */ 0, /* 1135 - */ 0, /* 1136 - */ 0, /* 1137 - */ 0, /* 1138 - */ 0, /* 1139 - _V_66_0F_38_2D */ 0x40ff, /* 113a - */ 0, /* 113b - */ 0, /* 113c - */ 0, /* 113d - */ 0, /* 113e - */ 0, /* 113f - */ 0, /* 1140 - */ 0, /* 1141 - */ 0, /* 1142 - */ 0, /* 1143 - */ 0, /* 1144 - */ 0, /* 1145 - _V_66_0F_38_2E */ 0x4100, /* 1146 - */ 0, /* 1147 - */ 0, /* 1148 - */ 0, /* 1149 - */ 0, /* 114a - */ 0, /* 114b - */ 0, /* 114c - */ 0, /* 114d - */ 0, /* 114e - */ 0, /* 114f - */ 0, /* 1150 - */ 0, /* 1151 - _V_66_0F_38_2F */ 0x4101, /* 1152 - */ 0, /* 1153 - */ 0, /* 1154 - */ 0, /* 1155 - */ 0, /* 1156 - */ 0, /* 1157 - */ 0, /* 1158 - */ 0, /* 1159 - _66_0F_38_30 */ 0x24a6, /* 115a - */ 0, /* 115b - */ 0, /* 115c - */ 0, /* 115d - _V_66_0F_38_30 */ 0x4102, /* 115e - */ 0, /* 115f - */ 0, /* 1160 - */ 0, /* 1161 - */ 0, /* 1162 - */ 0, /* 1163 - */ 0, /* 1164 - */ 0, /* 1165 - _66_0F_38_31 */ 0x24a7, /* 1166 - */ 0, /* 1167 - */ 0, /* 1168 - */ 0, /* 1169 - _V_66_0F_38_31 */ 0x4103, /* 116a - */ 0, /* 116b - */ 0, /* 116c - */ 0, /* 116d - */ 0, /* 116e - */ 0, /* 116f - */ 0, /* 1170 - */ 0, /* 1171 - _66_0F_38_32 */ 0x24a8, /* 1172 - */ 0, /* 1173 - */ 0, /* 1174 - */ 0, /* 1175 - _V_66_0F_38_32 */ 0x4104, /* 1176 - */ 0, /* 1177 - */ 0, /* 1178 - */ 0, /* 1179 - */ 0, /* 117a - */ 0, /* 117b - */ 0, /* 117c - */ 0, /* 117d - _66_0F_38_33 */ 0x24a9, /* 117e - */ 0, /* 117f - */ 0, /* 1180 - */ 0, /* 1181 - _V_66_0F_38_33 */ 0x4105, /* 1182 - */ 0, /* 1183 - */ 0, /* 1184 - */ 0, /* 1185 - */ 0, /* 1186 - */ 0, /* 1187 - */ 0, /* 1188 - */ 0, /* 1189 - _66_0F_38_34 */ 0x24aa, /* 118a - */ 0, /* 118b - */ 0, /* 118c - */ 0, /* 118d - _V_66_0F_38_34 */ 0x4106, /* 118e - */ 0, /* 118f - */ 0, /* 1190 - */ 0, /* 1191 - */ 0, /* 1192 - */ 0, /* 1193 - */ 0, /* 1194 - */ 0, /* 1195 - _66_0F_38_35 */ 0x24ab, /* 1196 - */ 0, /* 1197 - */ 0, /* 1198 - */ 0, /* 1199 - _V_66_0F_38_35 */ 0x4107, /* 119a - */ 0, /* 119b - */ 0, /* 119c - */ 0, /* 119d - */ 0, /* 119e - */ 0, /* 119f - */ 0, /* 11a0 - */ 0, /* 11a1 - _66_0F_38_37 */ 0x24ac, /* 11a2 - */ 0, /* 11a3 - */ 0, /* 11a4 - */ 0, /* 11a5 - _V_66_0F_38_37 */ 0x4108, /* 11a6 - */ 0, /* 11a7 - */ 0, /* 11a8 - */ 0, /* 11a9 - */ 0, /* 11aa - */ 0, /* 11ab - */ 0, /* 11ac - */ 0, /* 11ad - _66_0F_38_38 */ 0x24ad, /* 11ae - */ 0, /* 11af - */ 0, /* 11b0 - */ 0, /* 11b1 - _V_66_0F_38_38 */ 0x4109, /* 11b2 - */ 0, /* 11b3 - */ 0, /* 11b4 - */ 0, /* 11b5 - */ 0, /* 11b6 - */ 0, /* 11b7 - */ 0, /* 11b8 - */ 0, /* 11b9 - _66_0F_38_39 */ 0x24ae, /* 11ba - */ 0, /* 11bb - */ 0, /* 11bc - */ 0, /* 11bd - _V_66_0F_38_39 */ 0x410a, /* 11be - */ 0, /* 11bf - */ 0, /* 11c0 - */ 0, /* 11c1 - */ 0, /* 11c2 - */ 0, /* 11c3 - */ 0, /* 11c4 - */ 0, /* 11c5 - _66_0F_38_3A */ 0x24af, /* 11c6 - */ 0, /* 11c7 - */ 0, /* 11c8 - */ 0, /* 11c9 - _V_66_0F_38_3A */ 0x410b, /* 11ca - */ 0, /* 11cb - */ 0, /* 11cc - */ 0, /* 11cd - */ 0, /* 11ce - */ 0, /* 11cf - */ 0, /* 11d0 - */ 0, /* 11d1 - _66_0F_38_3B */ 0x24b0, /* 11d2 - */ 0, /* 11d3 - */ 0, /* 11d4 - */ 0, /* 11d5 - _V_66_0F_38_3B */ 0x410c, /* 11d6 - */ 0, /* 11d7 - */ 0, /* 11d8 - */ 0, /* 11d9 - */ 0, /* 11da - */ 0, /* 11db - */ 0, /* 11dc - */ 0, /* 11dd - _66_0F_38_3C */ 0x24b1, /* 11de - */ 0, /* 11df - */ 0, /* 11e0 - */ 0, /* 11e1 - _V_66_0F_38_3C */ 0x410d, /* 11e2 - */ 0, /* 11e3 - */ 0, /* 11e4 - */ 0, /* 11e5 - */ 0, /* 11e6 - */ 0, /* 11e7 - */ 0, /* 11e8 - */ 0, /* 11e9 - _66_0F_38_3D */ 0x24b2, /* 11ea - */ 0, /* 11eb - */ 0, /* 11ec - */ 0, /* 11ed - _V_66_0F_38_3D */ 0x410e, /* 11ee - */ 0, /* 11ef - */ 0, /* 11f0 - */ 0, /* 11f1 - */ 0, /* 11f2 - */ 0, /* 11f3 - */ 0, /* 11f4 - */ 0, /* 11f5 - _66_0F_38_3E */ 0x24b3, /* 11f6 - */ 0, /* 11f7 - */ 0, /* 11f8 - */ 0, /* 11f9 - _V_66_0F_38_3E */ 0x410f, /* 11fa - */ 0, /* 11fb - */ 0, /* 11fc - */ 0, /* 11fd - */ 0, /* 11fe - */ 0, /* 11ff - */ 0, /* 1200 - */ 0, /* 1201 - _66_0F_38_3F */ 0x24b4, /* 1202 - */ 0, /* 1203 - */ 0, /* 1204 - */ 0, /* 1205 - _V_66_0F_38_3F */ 0x4110, /* 1206 - */ 0, /* 1207 - */ 0, /* 1208 - */ 0, /* 1209 - */ 0, /* 120a - */ 0, /* 120b - */ 0, /* 120c - */ 0, /* 120d - _66_0F_38_40 */ 0x24b5, /* 120e - */ 0, /* 120f - */ 0, /* 1210 - */ 0, /* 1211 - _V_66_0F_38_40 */ 0x4111, /* 1212 - */ 0, /* 1213 - */ 0, /* 1214 - */ 0, /* 1215 - */ 0, /* 1216 - */ 0, /* 1217 - */ 0, /* 1218 - */ 0, /* 1219 - _66_0F_38_41 */ 0x24b6, /* 121a - */ 0, /* 121b - */ 0, /* 121c - */ 0, /* 121d - _V_66_0F_38_41 */ 0x4112, /* 121e - */ 0, /* 121f - */ 0, /* 1220 - */ 0, /* 1221 - */ 0, /* 1222 - */ 0, /* 1223 - */ 0, /* 1224 - */ 0, /* 1225 - _66_0F_38_80 */ 0x24b7, /* 1226 - */ 0, /* 1227 - */ 0, /* 1228 - */ 0, /* 1229 - */ 0, /* 122a - */ 0, /* 122b - */ 0, /* 122c - */ 0, /* 122d - */ 0, /* 122e - */ 0, /* 122f - */ 0, /* 1230 - */ 0, /* 1231 - _66_0F_38_81 */ 0x24b8, /* 1232 - */ 0, /* 1233 - */ 0, /* 1234 - */ 0, /* 1235 - */ 0, /* 1236 - */ 0, /* 1237 - */ 0, /* 1238 - */ 0, /* 1239 - */ 0, /* 123a - */ 0, /* 123b - */ 0, /* 123c - */ 0, /* 123d - _66_0F_38_82 */ 0x24b9, /* 123e - */ 0, /* 123f - */ 0, /* 1240 - */ 0, /* 1241 - */ 0, /* 1242 - */ 0, /* 1243 - */ 0, /* 1244 - */ 0, /* 1245 - */ 0, /* 1246 - */ 0, /* 1247 - */ 0, /* 1248 - */ 0, /* 1249 - */ 0, /* 124a - */ 0, /* 124b - */ 0, /* 124c - */ 0, /* 124d - _V_66_0F_38_96 */ 0x4113, /* 124e - */ 0, /* 124f - */ 0, /* 1250 - */ 0, /* 1251 - */ 0, /* 1252 - */ 0, /* 1253 - */ 0, /* 1254 - */ 0, /* 1255 - */ 0, /* 1256 - */ 0, /* 1257 - */ 0, /* 1258 - */ 0, /* 1259 - _V_66_0F_38_97 */ 0x4114, /* 125a - */ 0, /* 125b - */ 0, /* 125c - */ 0, /* 125d - */ 0, /* 125e - */ 0, /* 125f - */ 0, /* 1260 - */ 0, /* 1261 - */ 0, /* 1262 - */ 0, /* 1263 - */ 0, /* 1264 - */ 0, /* 1265 - _V_66_0F_38_98 */ 0x4115, /* 1266 - */ 0, /* 1267 - */ 0, /* 1268 - */ 0, /* 1269 - */ 0, /* 126a - */ 0, /* 126b - */ 0, /* 126c - */ 0, /* 126d - */ 0, /* 126e - */ 0, /* 126f - */ 0, /* 1270 - */ 0, /* 1271 - _V_66_0F_38_99 */ 0x4116, /* 1272 - */ 0, /* 1273 - */ 0, /* 1274 - */ 0, /* 1275 - */ 0, /* 1276 - */ 0, /* 1277 - */ 0, /* 1278 - */ 0, /* 1279 - */ 0, /* 127a - */ 0, /* 127b - */ 0, /* 127c - */ 0, /* 127d - _V_66_0F_38_9A */ 0x4117, /* 127e - */ 0, /* 127f - */ 0, /* 1280 - */ 0, /* 1281 - */ 0, /* 1282 - */ 0, /* 1283 - */ 0, /* 1284 - */ 0, /* 1285 - */ 0, /* 1286 - */ 0, /* 1287 - */ 0, /* 1288 - */ 0, /* 1289 - _V_66_0F_38_9B */ 0x4118, /* 128a - */ 0, /* 128b - */ 0, /* 128c - */ 0, /* 128d - */ 0, /* 128e - */ 0, /* 128f - */ 0, /* 1290 - */ 0, /* 1291 - */ 0, /* 1292 - */ 0, /* 1293 - */ 0, /* 1294 - */ 0, /* 1295 - _V_66_0F_38_9C */ 0x4119, /* 1296 - */ 0, /* 1297 - */ 0, /* 1298 - */ 0, /* 1299 - */ 0, /* 129a - */ 0, /* 129b - */ 0, /* 129c - */ 0, /* 129d - */ 0, /* 129e - */ 0, /* 129f - */ 0, /* 12a0 - */ 0, /* 12a1 - _V_66_0F_38_9D */ 0x411a, /* 12a2 - */ 0, /* 12a3 - */ 0, /* 12a4 - */ 0, /* 12a5 - */ 0, /* 12a6 - */ 0, /* 12a7 - */ 0, /* 12a8 - */ 0, /* 12a9 - */ 0, /* 12aa - */ 0, /* 12ab - */ 0, /* 12ac - */ 0, /* 12ad - _V_66_0F_38_9E */ 0x411b, /* 12ae - */ 0, /* 12af - */ 0, /* 12b0 - */ 0, /* 12b1 - */ 0, /* 12b2 - */ 0, /* 12b3 - */ 0, /* 12b4 - */ 0, /* 12b5 - */ 0, /* 12b6 - */ 0, /* 12b7 - */ 0, /* 12b8 - */ 0, /* 12b9 - _V_66_0F_38_9F */ 0x411c, /* 12ba - */ 0, /* 12bb - */ 0, /* 12bc - */ 0, /* 12bd - */ 0, /* 12be - */ 0, /* 12bf - */ 0, /* 12c0 - */ 0, /* 12c1 - */ 0, /* 12c2 - */ 0, /* 12c3 - */ 0, /* 12c4 - */ 0, /* 12c5 - _V_66_0F_38_A6 */ 0x411d, /* 12c6 - */ 0, /* 12c7 - */ 0, /* 12c8 - */ 0, /* 12c9 - */ 0, /* 12ca - */ 0, /* 12cb - */ 0, /* 12cc - */ 0, /* 12cd - */ 0, /* 12ce - */ 0, /* 12cf - */ 0, /* 12d0 - */ 0, /* 12d1 - _V_66_0F_38_A7 */ 0x411e, /* 12d2 - */ 0, /* 12d3 - */ 0, /* 12d4 - */ 0, /* 12d5 - */ 0, /* 12d6 - */ 0, /* 12d7 - */ 0, /* 12d8 - */ 0, /* 12d9 - */ 0, /* 12da - */ 0, /* 12db - */ 0, /* 12dc - */ 0, /* 12dd - _V_66_0F_38_A8 */ 0x411f, /* 12de - */ 0, /* 12df - */ 0, /* 12e0 - */ 0, /* 12e1 - */ 0, /* 12e2 - */ 0, /* 12e3 - */ 0, /* 12e4 - */ 0, /* 12e5 - */ 0, /* 12e6 - */ 0, /* 12e7 - */ 0, /* 12e8 - */ 0, /* 12e9 - _V_66_0F_38_A9 */ 0x4120, /* 12ea - */ 0, /* 12eb - */ 0, /* 12ec - */ 0, /* 12ed - */ 0, /* 12ee - */ 0, /* 12ef - */ 0, /* 12f0 - */ 0, /* 12f1 - */ 0, /* 12f2 - */ 0, /* 12f3 - */ 0, /* 12f4 - */ 0, /* 12f5 - _V_66_0F_38_AA */ 0x4121, /* 12f6 - */ 0, /* 12f7 - */ 0, /* 12f8 - */ 0, /* 12f9 - */ 0, /* 12fa - */ 0, /* 12fb - */ 0, /* 12fc - */ 0, /* 12fd - */ 0, /* 12fe - */ 0, /* 12ff - */ 0, /* 1300 - */ 0, /* 1301 - _V_66_0F_38_AB */ 0x4122, /* 1302 - */ 0, /* 1303 - */ 0, /* 1304 - */ 0, /* 1305 - */ 0, /* 1306 - */ 0, /* 1307 - */ 0, /* 1308 - */ 0, /* 1309 - */ 0, /* 130a - */ 0, /* 130b - */ 0, /* 130c - */ 0, /* 130d - _V_66_0F_38_AC */ 0x4123, /* 130e - */ 0, /* 130f - */ 0, /* 1310 - */ 0, /* 1311 - */ 0, /* 1312 - */ 0, /* 1313 - */ 0, /* 1314 - */ 0, /* 1315 - */ 0, /* 1316 - */ 0, /* 1317 - */ 0, /* 1318 - */ 0, /* 1319 - _V_66_0F_38_AD */ 0x4124, /* 131a - */ 0, /* 131b - */ 0, /* 131c - */ 0, /* 131d - */ 0, /* 131e - */ 0, /* 131f - */ 0, /* 1320 - */ 0, /* 1321 - */ 0, /* 1322 - */ 0, /* 1323 - */ 0, /* 1324 - */ 0, /* 1325 - _V_66_0F_38_AE */ 0x4125, /* 1326 - */ 0, /* 1327 - */ 0, /* 1328 - */ 0, /* 1329 - */ 0, /* 132a - */ 0, /* 132b - */ 0, /* 132c - */ 0, /* 132d - */ 0, /* 132e - */ 0, /* 132f - */ 0, /* 1330 - */ 0, /* 1331 - _V_66_0F_38_AF */ 0x4126, /* 1332 - */ 0, /* 1333 - */ 0, /* 1334 - */ 0, /* 1335 - */ 0, /* 1336 - */ 0, /* 1337 - */ 0, /* 1338 - */ 0, /* 1339 - */ 0, /* 133a - */ 0, /* 133b - */ 0, /* 133c - */ 0, /* 133d - _V_66_0F_38_B6 */ 0x4127, /* 133e - */ 0, /* 133f - */ 0, /* 1340 - */ 0, /* 1341 - */ 0, /* 1342 - */ 0, /* 1343 - */ 0, /* 1344 - */ 0, /* 1345 - */ 0, /* 1346 - */ 0, /* 1347 - */ 0, /* 1348 - */ 0, /* 1349 - _V_66_0F_38_B7 */ 0x4128, /* 134a - */ 0, /* 134b - */ 0, /* 134c - */ 0, /* 134d - */ 0, /* 134e - */ 0, /* 134f - */ 0, /* 1350 - */ 0, /* 1351 - */ 0, /* 1352 - */ 0, /* 1353 - */ 0, /* 1354 - */ 0, /* 1355 - _V_66_0F_38_B8 */ 0x4129, /* 1356 - */ 0, /* 1357 - */ 0, /* 1358 - */ 0, /* 1359 - */ 0, /* 135a - */ 0, /* 135b - */ 0, /* 135c - */ 0, /* 135d - */ 0, /* 135e - */ 0, /* 135f - */ 0, /* 1360 - */ 0, /* 1361 - _V_66_0F_38_B9 */ 0x412a, /* 1362 - */ 0, /* 1363 - */ 0, /* 1364 - */ 0, /* 1365 - */ 0, /* 1366 - */ 0, /* 1367 - */ 0, /* 1368 - */ 0, /* 1369 - */ 0, /* 136a - */ 0, /* 136b - */ 0, /* 136c - */ 0, /* 136d - _V_66_0F_38_BA */ 0x412b, /* 136e - */ 0, /* 136f - */ 0, /* 1370 - */ 0, /* 1371 - */ 0, /* 1372 - */ 0, /* 1373 - */ 0, /* 1374 - */ 0, /* 1375 - */ 0, /* 1376 - */ 0, /* 1377 - */ 0, /* 1378 - */ 0, /* 1379 - _V_66_0F_38_BB */ 0x412c, /* 137a - */ 0, /* 137b - */ 0, /* 137c - */ 0, /* 137d - */ 0, /* 137e - */ 0, /* 137f - */ 0, /* 1380 - */ 0, /* 1381 - */ 0, /* 1382 - */ 0, /* 1383 - */ 0, /* 1384 - */ 0, /* 1385 - _V_66_0F_38_BC */ 0x412d, /* 1386 - */ 0, /* 1387 - */ 0, /* 1388 - */ 0, /* 1389 - */ 0, /* 138a - */ 0, /* 138b - */ 0, /* 138c - */ 0, /* 138d - */ 0, /* 138e - */ 0, /* 138f - */ 0, /* 1390 - */ 0, /* 1391 - _V_66_0F_38_BD */ 0x412e, /* 1392 - */ 0, /* 1393 - */ 0, /* 1394 - */ 0, /* 1395 - */ 0, /* 1396 - */ 0, /* 1397 - */ 0, /* 1398 - */ 0, /* 1399 - */ 0, /* 139a - */ 0, /* 139b - */ 0, /* 139c - */ 0, /* 139d - _V_66_0F_38_BE */ 0x412f, /* 139e - */ 0, /* 139f - */ 0, /* 13a0 - */ 0, /* 13a1 - */ 0, /* 13a2 - */ 0, /* 13a3 - */ 0, /* 13a4 - */ 0, /* 13a5 - */ 0, /* 13a6 - */ 0, /* 13a7 - */ 0, /* 13a8 - */ 0, /* 13a9 - _V_66_0F_38_BF */ 0x4130, /* 13aa - */ 0, /* 13ab - */ 0, /* 13ac - */ 0, /* 13ad - */ 0, /* 13ae - */ 0, /* 13af - */ 0, /* 13b0 - */ 0, /* 13b1 - _66_0F_38_DB */ 0x24ba, /* 13b2 - */ 0, /* 13b3 - */ 0, /* 13b4 - */ 0, /* 13b5 - _V_66_0F_38_DB */ 0x4131, /* 13b6 - */ 0, /* 13b7 - */ 0, /* 13b8 - */ 0, /* 13b9 - */ 0, /* 13ba - */ 0, /* 13bb - */ 0, /* 13bc - */ 0, /* 13bd - _66_0F_38_DC */ 0x24bb, /* 13be - */ 0, /* 13bf - */ 0, /* 13c0 - */ 0, /* 13c1 - _V_66_0F_38_DC */ 0x4132, /* 13c2 - */ 0, /* 13c3 - */ 0, /* 13c4 - */ 0, /* 13c5 - */ 0, /* 13c6 - */ 0, /* 13c7 - */ 0, /* 13c8 - */ 0, /* 13c9 - _66_0F_38_DD */ 0x24bc, /* 13ca - */ 0, /* 13cb - */ 0, /* 13cc - */ 0, /* 13cd - _V_66_0F_38_DD */ 0x4133, /* 13ce - */ 0, /* 13cf - */ 0, /* 13d0 - */ 0, /* 13d1 - */ 0, /* 13d2 - */ 0, /* 13d3 - */ 0, /* 13d4 - */ 0, /* 13d5 - _66_0F_38_DE */ 0x24bd, /* 13d6 - */ 0, /* 13d7 - */ 0, /* 13d8 - */ 0, /* 13d9 - _V_66_0F_38_DE */ 0x4134, /* 13da - */ 0, /* 13db - */ 0, /* 13dc - */ 0, /* 13dd - */ 0, /* 13de - */ 0, /* 13df - */ 0, /* 13e0 - */ 0, /* 13e1 - _66_0F_38_DF */ 0x24be, /* 13e2 - */ 0, /* 13e3 - */ 0, /* 13e4 - */ 0, /* 13e5 - _V_66_0F_38_DF */ 0x4135, /* 13e6 - */ 0, /* 13e7 - */ 0, /* 13e8 - */ 0, /* 13e9 - */ 0, /* 13ea - */ 0, /* 13eb - */ 0, /* 13ec - _0F_38_F0 */ 0x24bf, /* 13ed - */ 0, /* 13ee - */ 0, /* 13ef - _F2_0F_38_F0 */ 0x24c0, /* 13f0 - */ 0, /* 13f1 - */ 0, /* 13f2 - */ 0, /* 13f3 - */ 0, /* 13f4 - */ 0, /* 13f5 - */ 0, /* 13f6 - */ 0, /* 13f7 - */ 0, /* 13f8 - _0F_38_F1 */ 0x24c1, /* 13f9 - */ 0, /* 13fa - */ 0, /* 13fb - _F2_0F_38_F1 */ 0x24c2, /* 13fc - */ 0, /* 13fd - */ 0, /* 13fe - */ 0, /* 13ff - */ 0, /* 1400 - */ 0, /* 1401 - */ 0, /* 1402 - */ 0, /* 1403 - */ 0, /* 1404 - */ 0, /* 1405 - */ 0, /* 1406 - */ 0, /* 1407 - */ 0, /* 1408 - */ 0, /* 1409 - _V_66_0F_3A_04 */ 0x4136, /* 140a - */ 0, /* 140b - */ 0, /* 140c - */ 0, /* 140d - */ 0, /* 140e - */ 0, /* 140f - */ 0, /* 1410 - */ 0, /* 1411 - */ 0, /* 1412 - */ 0, /* 1413 - */ 0, /* 1414 - */ 0, /* 1415 - _V_66_0F_3A_05 */ 0x4137, /* 1416 - */ 0, /* 1417 - */ 0, /* 1418 - */ 0, /* 1419 - */ 0, /* 141a - */ 0, /* 141b - */ 0, /* 141c - */ 0, /* 141d - */ 0, /* 141e - */ 0, /* 141f - */ 0, /* 1420 - */ 0, /* 1421 - _V_66_0F_3A_06 */ 0x4138, /* 1422 - */ 0, /* 1423 - */ 0, /* 1424 - */ 0, /* 1425 - */ 0, /* 1426 - */ 0, /* 1427 - */ 0, /* 1428 - */ 0, /* 1429 - _66_0F_3A_08 */ 0x4139, /* 142a - */ 0, /* 142b - */ 0, /* 142c - */ 0, /* 142d - _V_66_0F_3A_08 */ 0x413a, /* 142e - */ 0, /* 142f - */ 0, /* 1430 - */ 0, /* 1431 - */ 0, /* 1432 - */ 0, /* 1433 - */ 0, /* 1434 - */ 0, /* 1435 - _66_0F_3A_09 */ 0x413b, /* 1436 - */ 0, /* 1437 - */ 0, /* 1438 - */ 0, /* 1439 - _V_66_0F_3A_09 */ 0x413c, /* 143a - */ 0, /* 143b - */ 0, /* 143c - */ 0, /* 143d - */ 0, /* 143e - */ 0, /* 143f - */ 0, /* 1440 - */ 0, /* 1441 - _66_0F_3A_0A */ 0x413d, /* 1442 - */ 0, /* 1443 - */ 0, /* 1444 - */ 0, /* 1445 - _V_66_0F_3A_0A */ 0x413e, /* 1446 - */ 0, /* 1447 - */ 0, /* 1448 - */ 0, /* 1449 - */ 0, /* 144a - */ 0, /* 144b - */ 0, /* 144c - */ 0, /* 144d - _66_0F_3A_0B */ 0x413f, /* 144e - */ 0, /* 144f - */ 0, /* 1450 - */ 0, /* 1451 - _V_66_0F_3A_0B */ 0x4140, /* 1452 - */ 0, /* 1453 - */ 0, /* 1454 - */ 0, /* 1455 - */ 0, /* 1456 - */ 0, /* 1457 - */ 0, /* 1458 - */ 0, /* 1459 - _66_0F_3A_0C */ 0x4141, /* 145a - */ 0, /* 145b - */ 0, /* 145c - */ 0, /* 145d - _V_66_0F_3A_0C */ 0x4142, /* 145e - */ 0, /* 145f - */ 0, /* 1460 - */ 0, /* 1461 - */ 0, /* 1462 - */ 0, /* 1463 - */ 0, /* 1464 - */ 0, /* 1465 - _66_0F_3A_0D */ 0x4143, /* 1466 - */ 0, /* 1467 - */ 0, /* 1468 - */ 0, /* 1469 - _V_66_0F_3A_0D */ 0x4144, /* 146a - */ 0, /* 146b - */ 0, /* 146c - */ 0, /* 146d - */ 0, /* 146e - */ 0, /* 146f - */ 0, /* 1470 - */ 0, /* 1471 - _66_0F_3A_0E */ 0x4145, /* 1472 - */ 0, /* 1473 - */ 0, /* 1474 - */ 0, /* 1475 - _V_66_0F_3A_0E */ 0x4146, /* 1476 - */ 0, /* 1477 - */ 0, /* 1478 - */ 0, /* 1479 - */ 0, /* 147a - */ 0, /* 147b - */ 0, /* 147c - _0F_3A_0F */ 0x4147, /* 147d - _66_0F_3A_0F */ 0x4148, /* 147e - */ 0, /* 147f - */ 0, /* 1480 - */ 0, /* 1481 - _V_66_0F_3A_0F */ 0x4149, /* 1482 - */ 0, /* 1483 - */ 0, /* 1484 - */ 0, /* 1485 - */ 0, /* 1486 - */ 0, /* 1487 - */ 0, /* 1488 - */ 0, /* 1489 - _66_0F_3A_14 */ 0x414a, /* 148a - */ 0, /* 148b - */ 0, /* 148c - */ 0, /* 148d - _V_66_0F_3A_14 */ 0x414b, /* 148e - */ 0, /* 148f - */ 0, /* 1490 - */ 0, /* 1491 - */ 0, /* 1492 - */ 0, /* 1493 - */ 0, /* 1494 - */ 0, /* 1495 - _66_0F_3A_15 */ 0x414c, /* 1496 - */ 0, /* 1497 - */ 0, /* 1498 - */ 0, /* 1499 - _V_66_0F_3A_15 */ 0x414d, /* 149a - */ 0, /* 149b - */ 0, /* 149c - */ 0, /* 149d - */ 0, /* 149e - */ 0, /* 149f - */ 0, /* 14a0 - */ 0, /* 14a1 - _66_0F_3A_16 */ 0x414e, /* 14a2 - */ 0, /* 14a3 - */ 0, /* 14a4 - */ 0, /* 14a5 - _V_66_0F_3A_16 */ 0x414f, /* 14a6 - */ 0, /* 14a7 - */ 0, /* 14a8 - */ 0, /* 14a9 - */ 0, /* 14aa - */ 0, /* 14ab - */ 0, /* 14ac - */ 0, /* 14ad - _66_0F_3A_17 */ 0x4150, /* 14ae - */ 0, /* 14af - */ 0, /* 14b0 - */ 0, /* 14b1 - _V_66_0F_3A_17 */ 0x4151, /* 14b2 - */ 0, /* 14b3 - */ 0, /* 14b4 - */ 0, /* 14b5 - */ 0, /* 14b6 - */ 0, /* 14b7 - */ 0, /* 14b8 - */ 0, /* 14b9 - */ 0, /* 14ba - */ 0, /* 14bb - */ 0, /* 14bc - */ 0, /* 14bd - _V_66_0F_3A_18 */ 0x4152, /* 14be - */ 0, /* 14bf - */ 0, /* 14c0 - */ 0, /* 14c1 - */ 0, /* 14c2 - */ 0, /* 14c3 - */ 0, /* 14c4 - */ 0, /* 14c5 - */ 0, /* 14c6 - */ 0, /* 14c7 - */ 0, /* 14c8 - */ 0, /* 14c9 - _V_66_0F_3A_19 */ 0x4153, /* 14ca - */ 0, /* 14cb - */ 0, /* 14cc - */ 0, /* 14cd - */ 0, /* 14ce - */ 0, /* 14cf - */ 0, /* 14d0 - */ 0, /* 14d1 - _66_0F_3A_20 */ 0x4154, /* 14d2 - */ 0, /* 14d3 - */ 0, /* 14d4 - */ 0, /* 14d5 - _V_66_0F_3A_20 */ 0x4155, /* 14d6 - */ 0, /* 14d7 - */ 0, /* 14d8 - */ 0, /* 14d9 - */ 0, /* 14da - */ 0, /* 14db - */ 0, /* 14dc - */ 0, /* 14dd - _66_0F_3A_21 */ 0x4156, /* 14de - */ 0, /* 14df - */ 0, /* 14e0 - */ 0, /* 14e1 - _V_66_0F_3A_21 */ 0x4157, /* 14e2 - */ 0, /* 14e3 - */ 0, /* 14e4 - */ 0, /* 14e5 - */ 0, /* 14e6 - */ 0, /* 14e7 - */ 0, /* 14e8 - */ 0, /* 14e9 - _66_0F_3A_22 */ 0x4158, /* 14ea - */ 0, /* 14eb - */ 0, /* 14ec - */ 0, /* 14ed - _V_66_0F_3A_22 */ 0x4159, /* 14ee - */ 0, /* 14ef - */ 0, /* 14f0 - */ 0, /* 14f1 - */ 0, /* 14f2 - */ 0, /* 14f3 - */ 0, /* 14f4 - */ 0, /* 14f5 - _66_0F_3A_40 */ 0x415a, /* 14f6 - */ 0, /* 14f7 - */ 0, /* 14f8 - */ 0, /* 14f9 - _V_66_0F_3A_40 */ 0x415b, /* 14fa - */ 0, /* 14fb - */ 0, /* 14fc - */ 0, /* 14fd - */ 0, /* 14fe - */ 0, /* 14ff - */ 0, /* 1500 - */ 0, /* 1501 - _66_0F_3A_41 */ 0x415c, /* 1502 - */ 0, /* 1503 - */ 0, /* 1504 - */ 0, /* 1505 - _V_66_0F_3A_41 */ 0x415d, /* 1506 - */ 0, /* 1507 - */ 0, /* 1508 - */ 0, /* 1509 - */ 0, /* 150a - */ 0, /* 150b - */ 0, /* 150c - */ 0, /* 150d - _66_0F_3A_42 */ 0x415e, /* 150e - */ 0, /* 150f - */ 0, /* 1510 - */ 0, /* 1511 - _V_66_0F_3A_42 */ 0x415f, /* 1512 - */ 0, /* 1513 - */ 0, /* 1514 - */ 0, /* 1515 - */ 0, /* 1516 - */ 0, /* 1517 - */ 0, /* 1518 - */ 0, /* 1519 - _66_0F_3A_44 */ 0x4160, /* 151a - */ 0, /* 151b - */ 0, /* 151c - */ 0, /* 151d - _V_66_0F_3A_44 */ 0x4161, /* 151e - */ 0, /* 151f - */ 0, /* 1520 - */ 0, /* 1521 - */ 0, /* 1522 - */ 0, /* 1523 - */ 0, /* 1524 - */ 0, /* 1525 - */ 0, /* 1526 - */ 0, /* 1527 - */ 0, /* 1528 - */ 0, /* 1529 - _V_66_0F_3A_4A */ 0x4162, /* 152a - */ 0, /* 152b - */ 0, /* 152c - */ 0, /* 152d - */ 0, /* 152e - */ 0, /* 152f - */ 0, /* 1530 - */ 0, /* 1531 - */ 0, /* 1532 - */ 0, /* 1533 - */ 0, /* 1534 - */ 0, /* 1535 - _V_66_0F_3A_4B */ 0x4163, /* 1536 - */ 0, /* 1537 - */ 0, /* 1538 - */ 0, /* 1539 - */ 0, /* 153a - */ 0, /* 153b - */ 0, /* 153c - */ 0, /* 153d - */ 0, /* 153e - */ 0, /* 153f - */ 0, /* 1540 - */ 0, /* 1541 - _V_66_0F_3A_4C */ 0x4164, /* 1542 - */ 0, /* 1543 - */ 0, /* 1544 - */ 0, /* 1545 - */ 0, /* 1546 - */ 0, /* 1547 - */ 0, /* 1548 - */ 0, /* 1549 - _66_0F_3A_60 */ 0x4165, /* 154a - */ 0, /* 154b - */ 0, /* 154c - */ 0, /* 154d - _V_66_0F_3A_60 */ 0x4166, /* 154e - */ 0, /* 154f - */ 0, /* 1550 - */ 0, /* 1551 - */ 0, /* 1552 - */ 0, /* 1553 - */ 0, /* 1554 - */ 0, /* 1555 - _66_0F_3A_61 */ 0x4167, /* 1556 - */ 0, /* 1557 - */ 0, /* 1558 - */ 0, /* 1559 - _V_66_0F_3A_61 */ 0x4168, /* 155a - */ 0, /* 155b - */ 0, /* 155c - */ 0, /* 155d - */ 0, /* 155e - */ 0, /* 155f - */ 0, /* 1560 - */ 0, /* 1561 - _66_0F_3A_62 */ 0x4169, /* 1562 - */ 0, /* 1563 - */ 0, /* 1564 - */ 0, /* 1565 - _V_66_0F_3A_62 */ 0x416a, /* 1566 - */ 0, /* 1567 - */ 0, /* 1568 - */ 0, /* 1569 - */ 0, /* 156a - */ 0, /* 156b - */ 0, /* 156c - */ 0, /* 156d - _66_0F_3A_63 */ 0x416b, /* 156e - */ 0, /* 156f - */ 0, /* 1570 - */ 0, /* 1571 - _V_66_0F_3A_63 */ 0x416c, /* 1572 - */ 0, /* 1573 - */ 0, /* 1574 - */ 0, /* 1575 - */ 0, /* 1576 - */ 0, /* 1577 - */ 0, /* 1578 - */ 0, /* 1579 - _66_0F_3A_DF */ 0x416d, /* 157a - */ 0, /* 157b - */ 0, /* 157c - */ 0, /* 157d - _V_66_0F_3A_DF */ 0x416e, /* 157e - */ 0, /* 157f - */ 0, /* 1580 - */ 0, /* 1581 - */ 0, /* 1582 - */ 0, /* 1583 - */ 0, /* 1584 - _0F_71_02 */ 0x24c3, /* 1585 - _66_0F_71_02 */ 0x24c4, /* 1586 - */ 0, /* 1587 - */ 0, /* 1588 - */ 0, /* 1589 - _V_66_0F_71_02 */ 0x416f, /* 158a - */ 0, /* 158b - */ 0, /* 158c - */ 0, /* 158d - */ 0, /* 158e - */ 0, /* 158f - */ 0, /* 1590 - _0F_71_04 */ 0x24c5, /* 1591 - _66_0F_71_04 */ 0x24c6, /* 1592 - */ 0, /* 1593 - */ 0, /* 1594 - */ 0, /* 1595 - _V_66_0F_71_04 */ 0x4170, /* 1596 - */ 0, /* 1597 - */ 0, /* 1598 - */ 0, /* 1599 - */ 0, /* 159a - */ 0, /* 159b - */ 0, /* 159c - _0F_71_06 */ 0x24c7, /* 159d - _66_0F_71_06 */ 0x24c8, /* 159e - */ 0, /* 159f - */ 0, /* 15a0 - */ 0, /* 15a1 - _V_66_0F_71_06 */ 0x4171, /* 15a2 - */ 0, /* 15a3 - */ 0, /* 15a4 - */ 0, /* 15a5 - */ 0, /* 15a6 - */ 0, /* 15a7 - */ 0, /* 15a8 - _0F_72_02 */ 0x24c9, /* 15a9 - _66_0F_72_02 */ 0x24ca, /* 15aa - */ 0, /* 15ab - */ 0, /* 15ac - */ 0, /* 15ad - _V_66_0F_72_02 */ 0x4172, /* 15ae - */ 0, /* 15af - */ 0, /* 15b0 - */ 0, /* 15b1 - */ 0, /* 15b2 - */ 0, /* 15b3 - */ 0, /* 15b4 - _0F_72_04 */ 0x24cb, /* 15b5 - _66_0F_72_04 */ 0x24cc, /* 15b6 - */ 0, /* 15b7 - */ 0, /* 15b8 - */ 0, /* 15b9 - _V_66_0F_72_04 */ 0x4173, /* 15ba - */ 0, /* 15bb - */ 0, /* 15bc - */ 0, /* 15bd - */ 0, /* 15be - */ 0, /* 15bf - */ 0, /* 15c0 - _0F_72_06 */ 0x24cd, /* 15c1 - _66_0F_72_06 */ 0x24ce, /* 15c2 - */ 0, /* 15c3 - */ 0, /* 15c4 - */ 0, /* 15c5 - _V_66_0F_72_06 */ 0x4174, /* 15c6 - */ 0, /* 15c7 - */ 0, /* 15c8 - */ 0, /* 15c9 - */ 0, /* 15ca - */ 0, /* 15cb - */ 0, /* 15cc - _0F_73_02 */ 0x24cf, /* 15cd - _66_0F_73_02 */ 0x24d0, /* 15ce - */ 0, /* 15cf - */ 0, /* 15d0 - */ 0, /* 15d1 - _V_66_0F_73_02 */ 0x4175, /* 15d2 - */ 0, /* 15d3 - */ 0, /* 15d4 - */ 0, /* 15d5 - */ 0, /* 15d6 - */ 0, /* 15d7 - */ 0, /* 15d8 - */ 0, /* 15d9 - _66_0F_73_03 */ 0x24d1, /* 15da - */ 0, /* 15db - */ 0, /* 15dc - */ 0, /* 15dd - _V_66_0F_73_03 */ 0x4176, /* 15de - */ 0, /* 15df - */ 0, /* 15e0 - */ 0, /* 15e1 - */ 0, /* 15e2 - */ 0, /* 15e3 - */ 0, /* 15e4 - _0F_73_06 */ 0x24d2, /* 15e5 - _66_0F_73_06 */ 0x24d3, /* 15e6 - */ 0, /* 15e7 - */ 0, /* 15e8 - */ 0, /* 15e9 - _V_66_0F_73_06 */ 0x4177, /* 15ea - */ 0, /* 15eb - */ 0, /* 15ec - */ 0, /* 15ed - */ 0, /* 15ee - */ 0, /* 15ef - */ 0, /* 15f0 - */ 0, /* 15f1 - _66_0F_73_07 */ 0x24d4, /* 15f2 - */ 0, /* 15f3 - */ 0, /* 15f4 - */ 0, /* 15f5 - _V_66_0F_73_07 */ 0x4178, /* 15f6 - */ 0, /* 15f7 - */ 0, /* 15f8 - */ 0, /* 15f9 - */ 0, /* 15fa - */ 0, /* 15fb - */ 0, /* 15fc - _0F_AE_00 */ 0x4179, /* 15fd - */ 0, /* 15fe - _F3_0F_AE_00 */ 0x24d5, /* 15ff - */ 0, /* 1600 - */ 0, /* 1601 - */ 0, /* 1602 - */ 0, /* 1603 - */ 0, /* 1604 - */ 0, /* 1605 - */ 0, /* 1606 - */ 0, /* 1607 - */ 0, /* 1608 - _0F_AE_01 */ 0x417a, /* 1609 - */ 0, /* 160a - _F3_0F_AE_01 */ 0x24d6, /* 160b - */ 0, /* 160c - */ 0, /* 160d - */ 0, /* 160e - */ 0, /* 160f - */ 0, /* 1610 - */ 0, /* 1611 - */ 0, /* 1612 - */ 0, /* 1613 - */ 0, /* 1614 - _0F_AE_02 */ 0x24d7, /* 1615 - */ 0, /* 1616 - _F3_0F_AE_02 */ 0x24d8, /* 1617 - */ 0, /* 1618 - _V_0F_AE_02 */ 0x417b, /* 1619 - */ 0, /* 161a - */ 0, /* 161b - */ 0, /* 161c - */ 0, /* 161d - */ 0, /* 161e - */ 0, /* 161f - */ 0, /* 1620 - _0F_AE_03 */ 0x24d9, /* 1621 - */ 0, /* 1622 - _F3_0F_AE_03 */ 0x24da, /* 1623 - */ 0, /* 1624 - _V_0F_AE_03 */ 0x417c, /* 1625 - */ 0, /* 1626 - */ 0, /* 1627 - */ 0, /* 1628 - */ 0, /* 1629 - */ 0, /* 162a - */ 0, /* 162b - */ 0, /* 162c - _0F_C7_06 */ 0x24db, /* 162d - _66_0F_C7_06 */ 0x24dc, /* 162e - _F3_0F_C7_06 */ 0x24dd, /* 162f - */ 0, /* 1630 - */ 0, /* 1631 - */ 0, /* 1632 - */ 0, /* 1633 - */ 0, /* 1634 - */ 0, /* 1635 - */ 0, /* 1636 - */ 0, /* 1637 - */ 0 }; _InstSharedInfo InstSharedInfoTable[471] = { {0, 9, 15, 8, 245, 0, 0}, {0, 11, 17, 8, 245, 0, 0}, {0, 15, 9, 8, 245, 0, 0}, {0, 17, 11, 8, 245, 0, 0}, {1, 1, 33, 8, 245, 0, 0}, {1, 3, 35, 8, 245, 0, 0}, {2, 0, 32, 8, 0, 0, 0}, {3, 0, 32, 8, 0, 0, 0}, {0, 9, 15, 8, 196, 16, 0}, {0, 11, 17, 8, 196, 16, 0}, {0, 15, 9, 8, 196, 16, 0}, {0, 17, 11, 8, 196, 16, 0}, {1, 1, 33, 8, 196, 16, 0}, {1, 3, 35, 8, 196, 16, 0}, {4, 0, 32, 8, 0, 0, 0}, {0, 9, 15, 8, 245, 1, 0}, {0, 11, 17, 8, 245, 1, 0}, {0, 15, 9, 8, 245, 1, 0}, {0, 17, 11, 8, 245, 1, 0}, {1, 1, 33, 8, 245, 1, 0}, {1, 3, 35, 8, 245, 1, 0}, {5, 0, 32, 8, 0, 0, 0}, {6, 0, 32, 8, 0, 0, 0}, {7, 0, 32, 8, 0, 0, 0}, {8, 0, 32, 8, 0, 0, 0}, {0, 9, 15, 8, 229, 0, 16}, {0, 11, 17, 8, 229, 0, 16}, {0, 15, 9, 8, 229, 0, 16}, {0, 17, 11, 8, 229, 0, 16}, {1, 1, 33, 8, 229, 0, 16}, {1, 3, 35, 8, 229, 0, 16}, {9, 0, 0, 8, 213, 17, 32}, {0, 9, 15, 8, 196, 0, 16}, {0, 11, 17, 8, 196, 0, 16}, {0, 15, 9, 8, 196, 0, 16}, {0, 17, 11, 8, 196, 0, 16}, {1, 1, 33, 8, 196, 0, 16}, {1, 3, 35, 8, 196, 0, 16}, {9, 0, 0, 8, 17, 16, 228}, {10, 9, 15, 8, 245, 0, 0}, {10, 11, 17, 8, 245, 0, 0}, {10, 15, 9, 8, 245, 0, 0}, {10, 17, 11, 8, 245, 0, 0}, {11, 1, 33, 8, 245, 0, 0}, {11, 3, 35, 8, 245, 0, 0}, {12, 0, 54, 8, 244, 0, 0}, {13, 0, 54, 8, 0, 0, 0}, {14, 0, 54, 8, 0, 0, 0}, {15, 0, 0, 8, 0, 0, 0}, {16, 42, 11, 8, 0, 0, 0}, {10, 10, 16, 8, 64, 0, 0}, {13, 0, 3, 8, 0, 0, 0}, {17, 17, 11, 8, 33, 0, 212}, {18, 0, 5, 8, 0, 0, 0}, {19, 59, 56, 8, 0, 8, 0}, {20, 59, 56, 8, 0, 8, 0}, {19, 55, 59, 8, 0, 8, 0}, {20, 55, 59, 8, 0, 8, 0}, {13, 0, 40, 13, 0, 32, 0}, {13, 0, 40, 13, 0, 1, 0}, {13, 0, 40, 13, 0, 64, 0}, {13, 0, 40, 13, 0, 65, 0}, {13, 0, 40, 13, 0, 128, 0}, {13, 0, 40, 13, 0, 4, 0}, {13, 0, 40, 13, 0, 160, 0}, {13, 0, 40, 13, 0, 224, 0}, {10, 9, 15, 8, 196, 0, 16}, {10, 11, 17, 8, 196, 0, 16}, {0, 9, 15, 8, 0, 0, 0}, {0, 11, 17, 8, 0, 0, 0}, {21, 9, 15, 8, 0, 0, 0}, {21, 11, 17, 8, 0, 0, 0}, {21, 15, 9, 8, 0, 0, 0}, {21, 17, 11, 8, 0, 0, 0}, {21, 31, 28, 8, 0, 0, 0}, {21, 42, 11, 8, 0, 0, 0}, {21, 28, 31, 8, 0, 0, 0}, {1, 35, 54, 8, 0, 0, 0}, {22, 0, 0, 8, 0, 0, 0}, {9, 0, 38, 9, 0, 0, 0}, {23, 0, 0, 8, 0, 0, 0}, {23, 0, 0, 8, 255, 0, 0}, {11, 0, 0, 8, 213, 0, 0}, {11, 0, 0, 8, 0, 0, 0}, {1, 49, 33, 8, 0, 0, 0}, {1, 50, 35, 8, 0, 0, 0}, {1, 33, 49, 8, 0, 0, 0}, {1, 35, 50, 8, 0, 0, 0}, {24, 55, 56, 8, 0, 8, 0}, {25, 55, 56, 8, 0, 8, 0}, {19, 56, 55, 8, 245, 8, 0}, {26, 56, 55, 8, 245, 8, 0}, {11, 1, 33, 8, 196, 0, 16}, {11, 3, 35, 8, 196, 0, 16}, {19, 33, 56, 8, 0, 8, 0}, {26, 35, 56, 8, 0, 8, 0}, {19, 55, 33, 8, 0, 8, 0}, {26, 55, 35, 8, 0, 8, 0}, {19, 33, 56, 8, 245, 8, 0}, {26, 35, 56, 8, 245, 8, 0}, {1, 1, 53, 8, 0, 0, 0}, {27, 3, 54, 8, 0, 0, 0}, {13, 0, 2, 10, 0, 0, 0}, {13, 0, 0, 10, 0, 0, 0}, {16, 37, 11, 8, 0, 0, 0}, {13, 8, 6, 8, 0, 0, 0}, {13, 0, 0, 8, 0, 0, 0}, {28, 0, 2, 10, 0, 0, 0}, {28, 0, 0, 10, 0, 0, 0}, {11, 0, 0, 14, 0, 0, 0}, {11, 0, 1, 14, 0, 0, 0}, {9, 0, 0, 14, 0, 0, 0}, {28, 0, 0, 10, 255, 0, 0}, {9, 0, 1, 8, 196, 0, 49}, {9, 0, 0, 8, 0, 0, 0}, {29, 0, 57, 8, 0, 0, 0}, {30, 0, 40, 13, 0, 64, 0}, {30, 0, 40, 13, 0, 0, 0}, {31, 0, 40, 13, 0, 0, 0}, {1, 1, 33, 8, 0, 0, 0}, {1, 1, 36, 8, 0, 0, 0}, {11, 33, 1, 8, 0, 0, 0}, {11, 36, 1, 8, 0, 0, 0}, {13, 0, 41, 9, 0, 0, 0}, {13, 0, 41, 12, 0, 0, 0}, {9, 0, 38, 12, 0, 0, 0}, {13, 0, 40, 12, 0, 0, 0}, {1, 59, 33, 8, 0, 0, 0}, {1, 59, 36, 8, 0, 0, 0}, {11, 33, 59, 8, 0, 0, 0}, {11, 36, 59, 8, 0, 0, 0}, {11, 0, 0, 8, 1, 0, 0}, {11, 0, 0, 8, 2, 0, 0}, {11, 0, 0, 8, 8, 0, 0}, {10, 16, 11, 8, 64, 0, 0}, {32, 0, 0, 27, 0, 0, 0}, {32, 0, 0, 8, 0, 0, 0}, {32, 0, 0, 14, 0, 0, 0}, {11, 0, 0, 96, 0, 0, 0}, {10, 0, 17, 8, 0, 0, 0}, {33, 29, 14, 8, 0, 0, 0}, {33, 30, 14, 8, 0, 0, 0}, {33, 14, 29, 8, 0, 0, 0}, {33, 14, 30, 8, 0, 0, 0}, {34, 0, 0, 8, 0, 0, 0}, {35, 17, 11, 31, 0, 32, 0}, {35, 17, 11, 31, 0, 1, 0}, {35, 17, 11, 31, 0, 64, 0}, {35, 17, 11, 31, 0, 65, 0}, {35, 17, 11, 31, 0, 128, 0}, {35, 17, 11, 31, 0, 4, 0}, {35, 17, 11, 31, 0, 160, 0}, {35, 17, 11, 31, 0, 224, 0}, {32, 0, 41, 13, 0, 32, 0}, {32, 0, 41, 13, 0, 1, 0}, {32, 0, 41, 13, 0, 64, 0}, {32, 0, 41, 13, 0, 65, 0}, {32, 0, 41, 13, 0, 128, 0}, {32, 0, 41, 13, 0, 4, 0}, {32, 0, 41, 13, 0, 160, 0}, {32, 0, 41, 13, 0, 224, 0}, {35, 0, 15, 8, 0, 32, 0}, {35, 0, 15, 8, 0, 1, 0}, {35, 0, 15, 8, 0, 64, 0}, {35, 0, 15, 8, 0, 65, 0}, {35, 0, 15, 8, 0, 128, 0}, {35, 0, 15, 8, 0, 4, 0}, {35, 0, 15, 8, 0, 160, 0}, {35, 0, 15, 8, 0, 224, 0}, {36, 0, 32, 8, 0, 0, 0}, {37, 0, 32, 8, 0, 0, 0}, {35, 11, 17, 8, 1, 0, 244}, {38, 11, 17, 8, 197, 0, 48}, {39, 0, 32, 8, 0, 0, 0}, {40, 0, 32, 8, 0, 0, 0}, {32, 0, 0, 8, 255, 0, 0}, {41, 11, 17, 8, 1, 0, 244}, {35, 17, 11, 8, 33, 0, 212}, {41, 9, 15, 8, 245, 0, 0}, {41, 11, 17, 8, 245, 0, 0}, {42, 37, 11, 8, 0, 0, 0}, {35, 15, 11, 8, 0, 0, 0}, {43, 16, 11, 8, 0, 0, 0}, {43, 13, 45, 48, 0, 0, 0}, {44, 0, 54, 8, 0, 0, 0}, {45, 1, 15, 8, 245, 0, 0}, {45, 1, 15, 8, 196, 16, 0}, {45, 1, 15, 8, 245, 1, 0}, {45, 1, 15, 8, 229, 0, 16}, {45, 1, 15, 8, 196, 0, 16}, {46, 1, 15, 8, 245, 0, 0}, {45, 3, 17, 8, 245, 0, 0}, {45, 3, 17, 8, 196, 16, 0}, {45, 3, 17, 8, 245, 1, 0}, {45, 3, 17, 8, 229, 0, 16}, {45, 3, 17, 8, 196, 0, 16}, {46, 3, 17, 8, 245, 0, 0}, {47, 1, 15, 8, 245, 0, 0}, {47, 1, 15, 8, 196, 16, 0}, {47, 1, 15, 8, 245, 1, 0}, {47, 1, 15, 8, 229, 0, 16}, {47, 1, 15, 8, 196, 0, 16}, {48, 1, 15, 8, 245, 0, 0}, {45, 5, 17, 8, 245, 0, 0}, {49, 5, 17, 8, 196, 16, 0}, {45, 5, 17, 8, 245, 1, 0}, {49, 5, 17, 8, 229, 0, 16}, {49, 5, 17, 8, 196, 0, 16}, {46, 5, 17, 8, 245, 0, 0}, {50, 0, 17, 8, 0, 0, 0}, {51, 1, 15, 8, 1, 0, 32}, {51, 1, 15, 8, 1, 1, 32}, {51, 1, 15, 8, 197, 0, 48}, {51, 1, 17, 8, 1, 0, 32}, {51, 1, 17, 8, 1, 1, 32}, {51, 1, 17, 8, 197, 0, 48}, {52, 1, 15, 8, 0, 0, 0}, {53, 0, 1, 24, 0, 0, 0}, {52, 3, 17, 8, 0, 0, 0}, {53, 0, 41, 24, 0, 0, 0}, {51, 51, 15, 8, 33, 0, 0}, {51, 51, 15, 8, 33, 1, 0}, {51, 51, 15, 8, 229, 0, 16}, {51, 51, 17, 8, 33, 0, 0}, {51, 51, 17, 8, 33, 1, 0}, {51, 51, 17, 8, 229, 0, 16}, {51, 52, 15, 8, 1, 0, 32}, {51, 52, 15, 8, 1, 1, 32}, {51, 52, 15, 8, 197, 0, 48}, {51, 52, 17, 8, 1, 0, 32}, {51, 52, 17, 8, 1, 1, 32}, {51, 52, 17, 8, 197, 0, 48}, {46, 0, 21, 16, 0, 0, 0}, {54, 0, 62, 16, 0, 0, 0}, {54, 0, 61, 16, 0, 0, 0}, {54, 0, 0, 16, 0, 0, 0}, {51, 0, 21, 16, 0, 0, 0}, {46, 0, 42, 16, 0, 0, 0}, {46, 0, 20, 16, 0, 0, 0}, {55, 0, 62, 24, 0, 1, 0}, {55, 0, 62, 24, 0, 64, 0}, {55, 0, 62, 24, 0, 65, 0}, {55, 0, 62, 24, 0, 4, 0}, {56, 0, 21, 56, 0, 0, 0}, {46, 0, 23, 16, 0, 0, 0}, {51, 0, 23, 16, 0, 0, 0}, {55, 0, 62, 16, 69, 0, 0}, {55, 0, 62, 24, 69, 0, 0}, {46, 0, 22, 16, 0, 0, 0}, {54, 0, 63, 16, 0, 0, 0}, {56, 0, 22, 56, 0, 0, 0}, {51, 0, 22, 16, 0, 0, 0}, {56, 0, 20, 56, 0, 0, 0}, {51, 0, 20, 16, 0, 0, 0}, {46, 1, 15, 8, 196, 0, 16}, {45, 0, 15, 8, 0, 0, 0}, {45, 0, 15, 8, 245, 0, 0}, {51, 0, 15, 8, 33, 0, 212}, {51, 0, 15, 8, 0, 0, 245}, {46, 3, 17, 8, 196, 0, 16}, {45, 0, 17, 8, 0, 0, 0}, {45, 0, 17, 8, 245, 0, 0}, {51, 0, 17, 8, 33, 0, 212}, {51, 0, 17, 8, 0, 0, 245}, {45, 0, 15, 8, 244, 0, 0}, {45, 0, 17, 8, 244, 0, 0}, {57, 0, 17, 9, 0, 0, 0}, {58, 0, 37, 9, 0, 0, 0}, {57, 0, 17, 12, 0, 0, 0}, {58, 0, 37, 12, 0, 0, 0}, {57, 0, 17, 8, 0, 0, 0}, {46, 0, 17, 8, 0, 0, 0}, {46, 0, 16, 8, 0, 0, 0}, {56, 0, 16, 8, 0, 0, 0}, {46, 0, 16, 8, 64, 0, 0}, {57, 0, 39, 8, 0, 0, 0}, {52, 0, 28, 8, 0, 0, 0}, {59, 0, 16, 8, 0, 0, 0}, {56, 0, 42, 8, 0, 0, 0}, {55, 0, 0, 112, 0, 0, 0}, {55, 0, 0, 8, 0, 0, 0}, {13, 0, 0, 24, 0, 0, 0}, {56, 0, 58, 120, 0, 0, 0}, {55, 0, 0, 120, 0, 0, 0}, {55, 0, 58, 120, 0, 0, 0}, {55, 60, 58, 120, 0, 0, 0}, {60, 0, 0, 8, 0, 0, 0}, {56, 0, 42, 96, 0, 0, 0}, {61, 67, 64, 104, 0, 0, 0}, {61, 67, 64, 96, 0, 0, 0}, {35, 73, 68, 40, 0, 0, 0}, {35, 73, 68, 48, 0, 0, 0}, {35, 71, 68, 40, 0, 0, 0}, {35, 72, 68, 48, 0, 0, 0}, {62, 90, 83, 128, 0, 0, 0}, {63, 81, 68, 128, 0, 0, 0}, {64, 44, 68, 128, 0, 0, 0}, {64, 46, 68, 128, 0, 0, 0}, {35, 68, 73, 40, 0, 0, 0}, {35, 68, 73, 48, 0, 0, 0}, {35, 68, 71, 40, 0, 0, 0}, {35, 68, 72, 48, 0, 0, 0}, {62, 83, 90, 128, 0, 0, 0}, {64, 68, 44, 128, 0, 0, 0}, {64, 68, 46, 128, 0, 0, 0}, {65, 72, 68, 40, 0, 0, 0}, {35, 46, 68, 48, 0, 0, 0}, {35, 72, 68, 56, 0, 0, 0}, {66, 81, 68, 128, 0, 0, 0}, {67, 81, 68, 128, 0, 0, 0}, {62, 89, 83, 128, 0, 0, 0}, {35, 68, 46, 40, 0, 0, 0}, {35, 68, 46, 48, 0, 0, 0}, {62, 68, 46, 128, 0, 0, 0}, {34, 73, 68, 40, 0, 0, 0}, {34, 73, 68, 48, 0, 0, 0}, {67, 88, 83, 128, 0, 0, 0}, {35, 73, 68, 56, 0, 0, 0}, {56, 0, 42, 40, 0, 0, 0}, {34, 67, 68, 40, 0, 0, 0}, {34, 67, 68, 48, 0, 0, 0}, {42, 18, 68, 40, 0, 0, 0}, {42, 18, 68, 48, 0, 0, 0}, {35, 68, 47, 40, 0, 0, 0}, {35, 68, 47, 48, 0, 0, 0}, {35, 68, 44, 88, 0, 0, 0}, {35, 68, 46, 88, 0, 0, 0}, {62, 83, 92, 128, 0, 0, 0}, {34, 72, 64, 40, 0, 0, 0}, {34, 73, 64, 48, 0, 0, 0}, {42, 71, 13, 40, 0, 0, 0}, {42, 72, 13, 48, 0, 0, 0}, {62, 80, 78, 128, 0, 0, 0}, {34, 71, 68, 40, 69, 0, 0}, {34, 72, 68, 48, 0, 0, 0}, {62, 71, 68, 128, 0, 0, 0}, {62, 72, 68, 128, 0, 0, 0}, {68, 69, 12, 40, 0, 0, 0}, {68, 69, 12, 48, 0, 0, 0}, {69, 83, 13, 128, 0, 0, 0}, {34, 71, 68, 40, 0, 0, 0}, {34, 71, 68, 48, 0, 0, 0}, {62, 91, 83, 128, 0, 0, 0}, {62, 90, 68, 128, 0, 0, 0}, {34, 66, 64, 32, 0, 0, 0}, {34, 67, 64, 32, 0, 0, 0}, {70, 18, 64, 32, 0, 0, 0}, {70, 18, 68, 48, 0, 0, 0}, {62, 79, 68, 128, 0, 0, 0}, {35, 67, 64, 32, 0, 0, 0}, {71, 67, 64, 40, 0, 0, 0}, {71, 73, 68, 48, 0, 0, 0}, {67, 73, 68, 128, 0, 0, 0}, {32, 0, 0, 32, 0, 0, 0}, {72, 0, 0, 128, 0, 0, 0}, {73, 13, 18, 112, 0, 0, 0}, {74, 7, 69, 88, 0, 0, 0}, {75, 69, 68, 88, 0, 0, 0}, {73, 18, 13, 112, 0, 0, 0}, {34, 69, 68, 88, 0, 0, 0}, {76, 69, 68, 88, 0, 0, 0}, {32, 72, 68, 112, 0, 0, 0}, {32, 68, 72, 112, 0, 0, 0}, {34, 73, 68, 56, 0, 0, 0}, {70, 64, 18, 32, 0, 0, 0}, {70, 68, 18, 48, 0, 0, 0}, {62, 68, 79, 128, 0, 0, 0}, {35, 64, 67, 32, 0, 0, 0}, {77, 0, 42, 8, 0, 0, 0}, {78, 0, 43, 8, 0, 0, 0}, {79, 0, 43, 8, 0, 0, 0}, {80, 17, 11, 80, 64, 0, 0}, {81, 1, 17, 8, 1, 0, 244}, {49, 1, 17, 8, 1, 0, 244}, {34, 17, 11, 8, 64, 0, 245}, {82, 17, 11, 112, 0, 0, 0}, {83, 17, 11, 8, 65, 0, 180}, {84, 73, 68, 40, 0, 0, 0}, {84, 73, 68, 48, 0, 0, 0}, {84, 71, 68, 40, 0, 0, 0}, {84, 72, 68, 48, 0, 0, 0}, {85, 88, 83, 128, 0, 0, 0}, {85, 81, 68, 128, 0, 0, 0}, {71, 25, 64, 40, 0, 0, 0}, {71, 25, 68, 48, 0, 0, 0}, {86, 81, 68, 128, 0, 0, 0}, {87, 65, 12, 40, 0, 0, 0}, {71, 69, 12, 48, 0, 0, 0}, {88, 68, 13, 128, 0, 0, 0}, {71, 73, 68, 40, 0, 0, 0}, {86, 88, 83, 128, 0, 0, 0}, {89, 0, 48, 8, 64, 0, 0}, {56, 0, 46, 112, 0, 0, 0}, {68, 65, 68, 48, 0, 0, 0}, {68, 69, 64, 48, 0, 0, 0}, {62, 68, 72, 128, 0, 0, 0}, {76, 65, 12, 40, 0, 0, 0}, {76, 69, 12, 48, 0, 0, 0}, {69, 68, 13, 128, 0, 0, 0}, {34, 67, 64, 40, 0, 0, 0}, {35, 64, 46, 40, 0, 0, 0}, {34, 42, 68, 56, 0, 0, 0}, {62, 92, 83, 128, 0, 0, 0}, {34, 67, 64, 48, 0, 0, 0}, {76, 65, 64, 40, 0, 0, 0}, {76, 69, 68, 48, 0, 0, 0}, {90, 69, 68, 128, 0, 0, 0}, {51, 0, 42, 16, 0, 0, 0}, {91, 0, 42, 16, 0, 0, 0}, {91, 0, 20, 16, 0, 0, 0}, {92, 0, 0, 16, 0, 0, 0}, {93, 0, 34, 16, 0, 0, 0}, {94, 0, 34, 16, 0, 0, 0}, {34, 67, 64, 64, 0, 0, 0}, {34, 73, 68, 64, 0, 0, 0}, {71, 73, 68, 72, 0, 0, 0}, {34, 73, 68, 80, 0, 0, 0}, {62, 44, 83, 128, 0, 0, 0}, {62, 46, 85, 128, 0, 0, 0}, {62, 47, 85, 128, 0, 0, 0}, {62, 73, 68, 128, 0, 0, 0}, {34, 72, 68, 72, 0, 0, 0}, {34, 71, 68, 72, 0, 0, 0}, {34, 70, 68, 72, 0, 0, 0}, {62, 70, 68, 128, 0, 0, 0}, {34, 73, 68, 72, 0, 0, 0}, {35, 47, 68, 72, 0, 0, 0}, {62, 47, 68, 128, 0, 0, 0}, {67, 88, 92, 128, 0, 0, 0}, {73, 47, 13, 112, 0, 0, 0}, {67, 88, 83, 136, 0, 0, 0}, {67, 81, 68, 136, 0, 0, 0}, {34, 73, 68, 152, 0, 0, 0}, {62, 73, 68, 152, 0, 0, 0}, {67, 81, 68, 152, 0, 0, 0}, {35, 17, 11, 8, 0, 0, 0}, {35, 15, 13, 80, 0, 0, 0}, {35, 11, 17, 8, 0, 0, 0}, {35, 17, 13, 80, 0, 0, 0}, {67, 90, 83, 128, 0, 0, 0}, {86, 87, 85, 128, 0, 0, 0}, {71, 71, 68, 72, 0, 0, 0}, {71, 72, 68, 72, 0, 0, 0}, {71, 67, 64, 64, 0, 0, 0}, {71, 73, 68, 64, 0, 0, 0}, {71, 68, 26, 72, 0, 0, 0}, {88, 68, 76, 128, 0, 0, 0}, {71, 68, 27, 72, 0, 0, 0}, {88, 68, 77, 128, 0, 0, 0}, {95, 68, 18, 72, 0, 0, 0}, {67, 68, 79, 128, 0, 0, 0}, {71, 68, 18, 72, 0, 0, 0}, {67, 68, 75, 128, 0, 0, 0}, {67, 85, 73, 128, 0, 0, 0}, {71, 24, 68, 72, 0, 0, 0}, {95, 18, 68, 72, 0, 0, 0}, {71, 73, 68, 144, 0, 0, 0}, {86, 81, 68, 144, 0, 0, 0}, {71, 73, 68, 80, 0, 0, 0}, {71, 73, 68, 152, 0, 0, 0}, {67, 73, 68, 152, 0, 0, 0}, {96, 1, 65, 32, 0, 0, 0}, {56, 1, 69, 48, 0, 0, 0}, {97, 69, 81, 128, 0, 0, 0}, {98, 0, 13, 112, 0, 0, 0}, {56, 0, 44, 8, 0, 0, 0}, {64, 0, 44, 128, 0, 0, 0}, {56, 0, 42, 112, 0, 0, 0}, {99, 75, 13, 8, 0, 0, 0}, {98, 0, 17, 8, 0, 0, 0}, {100, 67, 64, 96, 0, 0, 0} }; uint16_t CmpMnemonicOffsets[8] = { 0, 9, 18, 27, 39, 49, 59, 69 }; uint16_t VCmpMnemonicOffsets[32] = { 0, 10, 20, 30, 43, 54, 65, 76, 87, 100, 111, 122, 135, 149, 159, 169, 181, 194, 207, 220, 235, 249, 263, 277, 290, 303, 317, 331, 347, 361, 374, 387 };distorm-3.4.1/src/insts.h000077500000000000000000000036521340425302400153060ustar00rootroot00000000000000/* insts.h diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #ifndef INSTS_H #define INSTS_H #include "instructions.h" /* Flags Table */ extern _iflags FlagsTable[]; /* Root Trie DB */ extern _InstSharedInfo InstSharedInfoTable[]; extern _InstInfo InstInfos[]; extern _InstInfoEx InstInfosEx[]; extern _InstNode InstructionsTree[]; /* 3DNow! Trie DB */ extern _InstNode Table_0F_0F; /* AVX related: */ extern _InstNode Table_0F, Table_0F_38, Table_0F_3A; /* * The inst_lookup will return on of these two instructions according to the specified decoding mode. * ARPL or MOVSXD on 64 bits is one byte instruction at index 0x63. */ extern _InstInfo II_MOVSXD; /* * The NOP instruction can be prefixed by REX in 64bits, therefore we have to decide in runtime whether it's an XCHG or NOP instruction. * If 0x90 is prefixed by a usable REX it will become XCHG, otherwise it will become a NOP. * Also note that if it's prefixed by 0xf3, it becomes a Pause. */ extern _InstInfo II_NOP; extern _InstInfo II_PAUSE; /* * RDRAND and VMPTRLD share same 2.3 bytes opcode, and then alternates on the MOD bits, * RDRAND is OT_FULL_REG while VMPTRLD is OT_MEM, and there's no such mixed type. * So a hack into the inst_lookup was added for this decision, the DB isn't flexible enough. :( */ extern _InstInfo II_RDRAND; /* * Used for letting the extract operand know the type of operands without knowing the * instruction itself yet, because of the way those instructions work. * See function instructions.c!inst_lookup_3dnow. */ extern _InstInfo II_3DNOW; /* Helper tables for pseudo compare mnemonics. */ extern uint16_t CmpMnemonicOffsets[8]; /* SSE */ extern uint16_t VCmpMnemonicOffsets[32]; /* AVX */ #endif /* INSTS_H */ distorm-3.4.1/src/mnemonics.c000077500000000000000000000574731340425302400161430ustar00rootroot00000000000000/* mnemonics.c diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #include "../include/mnemonics.h" #ifndef DISTORM_LIGHT const unsigned char _MNEMONICS[] = "\x09" "UNDEFINED\0" "\x03" "ADD\0" "\x04" "PUSH\0" "\x03" "POP\0" \ "\x02" "OR\0" "\x03" "ADC\0" "\x03" "SBB\0" "\x03" "AND\0" "\x03" "DAA\0" \ "\x03" "SUB\0" "\x03" "DAS\0" "\x03" "XOR\0" "\x03" "AAA\0" "\x03" "CMP\0" \ "\x03" "AAS\0" "\x03" "INC\0" "\x03" "DEC\0" "\x05" "PUSHA\0" "\x04" "POPA\0" \ "\x05" "BOUND\0" "\x04" "ARPL\0" "\x04" "IMUL\0" "\x03" "INS\0" "\x04" "OUTS\0" \ "\x02" "JO\0" "\x03" "JNO\0" "\x02" "JB\0" "\x03" "JAE\0" "\x02" "JZ\0" \ "\x03" "JNZ\0" "\x03" "JBE\0" "\x02" "JA\0" "\x02" "JS\0" "\x03" "JNS\0" \ "\x02" "JP\0" "\x03" "JNP\0" "\x02" "JL\0" "\x03" "JGE\0" "\x03" "JLE\0" \ "\x02" "JG\0" "\x04" "TEST\0" "\x04" "XCHG\0" "\x03" "MOV\0" "\x03" "LEA\0" \ "\x03" "CBW\0" "\x04" "CWDE\0" "\x04" "CDQE\0" "\x03" "CWD\0" "\x03" "CDQ\0" \ "\x03" "CQO\0" "\x08" "CALL FAR\0" "\x05" "PUSHF\0" "\x04" "POPF\0" \ "\x04" "SAHF\0" "\x04" "LAHF\0" "\x04" "MOVS\0" "\x04" "CMPS\0" "\x04" "STOS\0" \ "\x04" "LODS\0" "\x04" "SCAS\0" "\x03" "RET\0" "\x03" "LES\0" "\x03" "LDS\0" \ "\x05" "ENTER\0" "\x05" "LEAVE\0" "\x04" "RETF\0" "\x05" "INT 3\0" \ "\x03" "INT\0" "\x04" "INTO\0" "\x04" "IRET\0" "\x03" "AAM\0" "\x03" "AAD\0" \ "\x04" "SALC\0" "\x04" "XLAT\0" "\x06" "LOOPNZ\0" "\x05" "LOOPZ\0" \ "\x04" "LOOP\0" "\x04" "JCXZ\0" "\x05" "JECXZ\0" "\x05" "JRCXZ\0" "\x02" "IN\0" \ "\x03" "OUT\0" "\x04" "CALL\0" "\x03" "JMP\0" "\x07" "JMP FAR\0" "\x04" "INT1\0" \ "\x03" "HLT\0" "\x03" "CMC\0" "\x03" "CLC\0" "\x03" "STC\0" "\x03" "CLI\0" \ "\x03" "STI\0" "\x03" "CLD\0" "\x03" "STD\0" "\x03" "LAR\0" "\x03" "LSL\0" \ "\x07" "SYSCALL\0" "\x04" "CLTS\0" "\x06" "SYSRET\0" "\x04" "INVD\0" \ "\x06" "WBINVD\0" "\x03" "UD2\0" "\x05" "FEMMS\0" "\x03" "NOP\0" "\x05" "WRMSR\0" \ "\x05" "RDTSC\0" "\x05" "RDMSR\0" "\x05" "RDPMC\0" "\x08" "SYSENTER\0" \ "\x07" "SYSEXIT\0" "\x06" "GETSEC\0" "\x05" "CMOVO\0" "\x06" "CMOVNO\0" \ "\x05" "CMOVB\0" "\x06" "CMOVAE\0" "\x05" "CMOVZ\0" "\x06" "CMOVNZ\0" \ "\x06" "CMOVBE\0" "\x05" "CMOVA\0" "\x05" "CMOVS\0" "\x06" "CMOVNS\0" \ "\x05" "CMOVP\0" "\x06" "CMOVNP\0" "\x05" "CMOVL\0" "\x06" "CMOVGE\0" \ "\x06" "CMOVLE\0" "\x05" "CMOVG\0" "\x04" "SETO\0" "\x05" "SETNO\0" \ "\x04" "SETB\0" "\x05" "SETAE\0" "\x04" "SETZ\0" "\x05" "SETNZ\0" "\x05" "SETBE\0" \ "\x04" "SETA\0" "\x04" "SETS\0" "\x05" "SETNS\0" "\x04" "SETP\0" "\x05" "SETNP\0" \ "\x04" "SETL\0" "\x05" "SETGE\0" "\x05" "SETLE\0" "\x04" "SETG\0" "\x05" "CPUID\0" \ "\x02" "BT\0" "\x04" "SHLD\0" "\x03" "RSM\0" "\x03" "BTS\0" "\x04" "SHRD\0" \ "\x07" "CMPXCHG\0" "\x03" "LSS\0" "\x03" "BTR\0" "\x03" "LFS\0" "\x03" "LGS\0" \ "\x05" "MOVZX\0" "\x03" "BTC\0" "\x05" "MOVSX\0" "\x04" "XADD\0" "\x06" "MOVNTI\0" \ "\x05" "BSWAP\0" "\x03" "ROL\0" "\x03" "ROR\0" "\x03" "RCL\0" "\x03" "RCR\0" \ "\x03" "SHL\0" "\x03" "SHR\0" "\x03" "SAL\0" "\x03" "SAR\0" "\x06" "XABORT\0" \ "\x06" "XBEGIN\0" "\x04" "FADD\0" "\x04" "FMUL\0" "\x04" "FCOM\0" "\x05" "FCOMP\0" \ "\x04" "FSUB\0" "\x05" "FSUBR\0" "\x04" "FDIV\0" "\x05" "FDIVR\0" "\x03" "FLD\0" \ "\x03" "FST\0" "\x04" "FSTP\0" "\x06" "FLDENV\0" "\x05" "FLDCW\0" "\x04" "FXCH\0" \ "\x04" "FNOP\0" "\x04" "FCHS\0" "\x04" "FABS\0" "\x04" "FTST\0" "\x04" "FXAM\0" \ "\x04" "FLD1\0" "\x06" "FLDL2T\0" "\x06" "FLDL2E\0" "\x05" "FLDPI\0" \ "\x06" "FLDLG2\0" "\x06" "FLDLN2\0" "\x04" "FLDZ\0" "\x05" "F2XM1\0" \ "\x05" "FYL2X\0" "\x05" "FPTAN\0" "\x06" "FPATAN\0" "\x07" "FXTRACT\0" \ "\x06" "FPREM1\0" "\x07" "FDECSTP\0" "\x07" "FINCSTP\0" "\x05" "FPREM\0" \ "\x07" "FYL2XP1\0" "\x05" "FSQRT\0" "\x07" "FSINCOS\0" "\x07" "FRNDINT\0" \ "\x06" "FSCALE\0" "\x04" "FSIN\0" "\x04" "FCOS\0" "\x05" "FIADD\0" \ "\x05" "FIMUL\0" "\x05" "FICOM\0" "\x06" "FICOMP\0" "\x05" "FISUB\0" \ "\x06" "FISUBR\0" "\x05" "FIDIV\0" "\x06" "FIDIVR\0" "\x06" "FCMOVB\0" \ "\x06" "FCMOVE\0" "\x07" "FCMOVBE\0" "\x06" "FCMOVU\0" "\x07" "FUCOMPP\0" \ "\x04" "FILD\0" "\x06" "FISTTP\0" "\x04" "FIST\0" "\x05" "FISTP\0" \ "\x07" "FCMOVNB\0" "\x07" "FCMOVNE\0" "\x08" "FCMOVNBE\0" "\x07" "FCMOVNU\0" \ "\x04" "FENI\0" "\x06" "FEDISI\0" "\x06" "FSETPM\0" "\x06" "FUCOMI\0" \ "\x05" "FCOMI\0" "\x06" "FRSTOR\0" "\x05" "FFREE\0" "\x05" "FUCOM\0" \ "\x06" "FUCOMP\0" "\x05" "FADDP\0" "\x05" "FMULP\0" "\x06" "FCOMPP\0" \ "\x06" "FSUBRP\0" "\x05" "FSUBP\0" "\x06" "FDIVRP\0" "\x05" "FDIVP\0" \ "\x04" "FBLD\0" "\x05" "FBSTP\0" "\x07" "FUCOMIP\0" "\x06" "FCOMIP\0" \ "\x03" "NOT\0" "\x03" "NEG\0" "\x03" "MUL\0" "\x03" "DIV\0" "\x04" "IDIV\0" \ "\x04" "SLDT\0" "\x03" "STR\0" "\x04" "LLDT\0" "\x03" "LTR\0" "\x04" "VERR\0" \ "\x04" "VERW\0" "\x04" "SGDT\0" "\x04" "SIDT\0" "\x04" "LGDT\0" "\x04" "LIDT\0" \ "\x04" "SMSW\0" "\x04" "LMSW\0" "\x06" "INVLPG\0" "\x06" "VMCALL\0" \ "\x08" "VMLAUNCH\0" "\x08" "VMRESUME\0" "\x06" "VMXOFF\0" "\x07" "MONITOR\0" \ "\x05" "MWAIT\0" "\x06" "XGETBV\0" "\x06" "XSETBV\0" "\x06" "VMFUNC\0" \ "\x04" "XEND\0" "\x05" "VMRUN\0" "\x07" "VMMCALL\0" "\x06" "VMLOAD\0" \ "\x06" "VMSAVE\0" "\x04" "STGI\0" "\x04" "CLGI\0" "\x06" "SKINIT\0" \ "\x07" "INVLPGA\0" "\x06" "SWAPGS\0" "\x06" "RDTSCP\0" "\x08" "PREFETCH\0" \ "\x09" "PREFETCHW\0" "\x05" "PI2FW\0" "\x05" "PI2FD\0" "\x05" "PF2IW\0" \ "\x05" "PF2ID\0" "\x06" "PFNACC\0" "\x07" "PFPNACC\0" "\x07" "PFCMPGE\0" \ "\x05" "PFMIN\0" "\x05" "PFRCP\0" "\x07" "PFRSQRT\0" "\x05" "PFSUB\0" \ "\x05" "PFADD\0" "\x07" "PFCMPGT\0" "\x05" "PFMAX\0" "\x08" "PFRCPIT1\0" \ "\x08" "PFRSQIT1\0" "\x06" "PFSUBR\0" "\x05" "PFACC\0" "\x07" "PFCMPEQ\0" \ "\x05" "PFMUL\0" "\x08" "PFRCPIT2\0" "\x07" "PMULHRW\0" "\x06" "PSWAPD\0" \ "\x07" "PAVGUSB\0" "\x06" "MOVUPS\0" "\x06" "MOVUPD\0" "\x05" "MOVSS\0" \ "\x05" "MOVSD\0" "\x07" "VMOVUPS\0" "\x07" "VMOVUPD\0" "\x06" "VMOVSS\0" \ "\x06" "VMOVSD\0" "\x07" "MOVHLPS\0" "\x06" "MOVLPS\0" "\x06" "MOVLPD\0" \ "\x08" "MOVSLDUP\0" "\x07" "MOVDDUP\0" "\x08" "VMOVHLPS\0" "\x07" "VMOVLPS\0" \ "\x07" "VMOVLPD\0" "\x09" "VMOVSLDUP\0" "\x08" "VMOVDDUP\0" "\x08" "UNPCKLPS\0" \ "\x08" "UNPCKLPD\0" "\x09" "VUNPCKLPS\0" "\x09" "VUNPCKLPD\0" "\x08" "UNPCKHPS\0" \ "\x08" "UNPCKHPD\0" "\x09" "VUNPCKHPS\0" "\x09" "VUNPCKHPD\0" "\x07" "MOVLHPS\0" \ "\x06" "MOVHPS\0" "\x06" "MOVHPD\0" "\x08" "MOVSHDUP\0" "\x08" "VMOVLHPS\0" \ "\x07" "VMOVHPS\0" "\x07" "VMOVHPD\0" "\x09" "VMOVSHDUP\0" "\x0b" "PREFETCHNTA\0" \ "\x0a" "PREFETCHT0\0" "\x0a" "PREFETCHT1\0" "\x0a" "PREFETCHT2\0" "\x06" "MOVAPS\0" \ "\x06" "MOVAPD\0" "\x07" "VMOVAPS\0" "\x07" "VMOVAPD\0" "\x08" "CVTPI2PS\0" \ "\x08" "CVTPI2PD\0" "\x08" "CVTSI2SS\0" "\x08" "CVTSI2SD\0" "\x09" "VCVTSI2SS\0" \ "\x09" "VCVTSI2SD\0" "\x07" "MOVNTPS\0" "\x07" "MOVNTPD\0" "\x07" "MOVNTSS\0" \ "\x07" "MOVNTSD\0" "\x08" "VMOVNTPS\0" "\x08" "VMOVNTPD\0" "\x09" "CVTTPS2PI\0" \ "\x09" "CVTTPD2PI\0" "\x09" "CVTTSS2SI\0" "\x09" "CVTTSD2SI\0" "\x0a" "VCVTTSS2SI\0" \ "\x0a" "VCVTTSD2SI\0" "\x08" "CVTPS2PI\0" "\x08" "CVTPD2PI\0" "\x08" "CVTSS2SI\0" \ "\x08" "CVTSD2SI\0" "\x09" "VCVTSS2SI\0" "\x09" "VCVTSD2SI\0" "\x07" "UCOMISS\0" \ "\x07" "UCOMISD\0" "\x08" "VUCOMISS\0" "\x08" "VUCOMISD\0" "\x06" "COMISS\0" \ "\x06" "COMISD\0" "\x07" "VCOMISS\0" "\x07" "VCOMISD\0" "\x08" "MOVMSKPS\0" \ "\x08" "MOVMSKPD\0" "\x09" "VMOVMSKPS\0" "\x09" "VMOVMSKPD\0" "\x06" "SQRTPS\0" \ "\x06" "SQRTPD\0" "\x06" "SQRTSS\0" "\x06" "SQRTSD\0" "\x07" "VSQRTPS\0" \ "\x07" "VSQRTPD\0" "\x07" "VSQRTSS\0" "\x07" "VSQRTSD\0" "\x07" "RSQRTPS\0" \ "\x07" "RSQRTSS\0" "\x08" "VRSQRTPS\0" "\x08" "VRSQRTSS\0" "\x05" "RCPPS\0" \ "\x05" "RCPSS\0" "\x06" "VRCPPS\0" "\x06" "VRCPSS\0" "\x05" "ANDPS\0" \ "\x05" "ANDPD\0" "\x06" "VANDPS\0" "\x06" "VANDPD\0" "\x06" "ANDNPS\0" \ "\x06" "ANDNPD\0" "\x07" "VANDNPS\0" "\x07" "VANDNPD\0" "\x04" "ORPS\0" \ "\x04" "ORPD\0" "\x05" "VORPS\0" "\x05" "VORPD\0" "\x05" "XORPS\0" \ "\x05" "XORPD\0" "\x06" "VXORPS\0" "\x06" "VXORPD\0" "\x05" "ADDPS\0" \ "\x05" "ADDPD\0" "\x05" "ADDSS\0" "\x05" "ADDSD\0" "\x06" "VADDPS\0" \ "\x06" "VADDPD\0" "\x06" "VADDSS\0" "\x06" "VADDSD\0" "\x05" "MULPS\0" \ "\x05" "MULPD\0" "\x05" "MULSS\0" "\x05" "MULSD\0" "\x06" "VMULPS\0" \ "\x06" "VMULPD\0" "\x06" "VMULSS\0" "\x06" "VMULSD\0" "\x08" "CVTPS2PD\0" \ "\x08" "CVTPD2PS\0" "\x08" "CVTSS2SD\0" "\x08" "CVTSD2SS\0" "\x09" "VCVTPS2PD\0" \ "\x09" "VCVTPD2PS\0" "\x09" "VCVTSS2SD\0" "\x09" "VCVTSD2SS\0" "\x08" "CVTDQ2PS\0" \ "\x08" "CVTPS2DQ\0" "\x09" "CVTTPS2DQ\0" "\x09" "VCVTDQ2PS\0" "\x09" "VCVTPS2DQ\0" \ "\x0a" "VCVTTPS2DQ\0" "\x05" "SUBPS\0" "\x05" "SUBPD\0" "\x05" "SUBSS\0" \ "\x05" "SUBSD\0" "\x06" "VSUBPS\0" "\x06" "VSUBPD\0" "\x06" "VSUBSS\0" \ "\x06" "VSUBSD\0" "\x05" "MINPS\0" "\x05" "MINPD\0" "\x05" "MINSS\0" \ "\x05" "MINSD\0" "\x06" "VMINPS\0" "\x06" "VMINPD\0" "\x06" "VMINSS\0" \ "\x06" "VMINSD\0" "\x05" "DIVPS\0" "\x05" "DIVPD\0" "\x05" "DIVSS\0" \ "\x05" "DIVSD\0" "\x06" "VDIVPS\0" "\x06" "VDIVPD\0" "\x06" "VDIVSS\0" \ "\x06" "VDIVSD\0" "\x05" "MAXPS\0" "\x05" "MAXPD\0" "\x05" "MAXSS\0" \ "\x05" "MAXSD\0" "\x06" "VMAXPS\0" "\x06" "VMAXPD\0" "\x06" "VMAXSS\0" \ "\x06" "VMAXSD\0" "\x09" "PUNPCKLBW\0" "\x0a" "VPUNPCKLBW\0" "\x09" "PUNPCKLWD\0" \ "\x0a" "VPUNPCKLWD\0" "\x09" "PUNPCKLDQ\0" "\x0a" "VPUNPCKLDQ\0" "\x08" "PACKSSWB\0" \ "\x09" "VPACKSSWB\0" "\x07" "PCMPGTB\0" "\x08" "VPCMPGTB\0" "\x07" "PCMPGTW\0" \ "\x08" "VPCMPGTW\0" "\x07" "PCMPGTD\0" "\x08" "VPCMPGTD\0" "\x08" "PACKUSWB\0" \ "\x09" "VPACKUSWB\0" "\x09" "PUNPCKHBW\0" "\x0a" "VPUNPCKHBW\0" "\x09" "PUNPCKHWD\0" \ "\x0a" "VPUNPCKHWD\0" "\x09" "PUNPCKHDQ\0" "\x0a" "VPUNPCKHDQ\0" "\x08" "PACKSSDW\0" \ "\x09" "VPACKSSDW\0" "\x0a" "PUNPCKLQDQ\0" "\x0b" "VPUNPCKLQDQ\0" "\x0a" "PUNPCKHQDQ\0" \ "\x0b" "VPUNPCKHQDQ\0" "\x04" "MOVD\0" "\x04" "MOVQ\0" "\x05" "VMOVD\0" \ "\x05" "VMOVQ\0" "\x06" "MOVDQA\0" "\x06" "MOVDQU\0" "\x07" "VMOVDQA\0" \ "\x07" "VMOVDQU\0" "\x06" "PSHUFW\0" "\x06" "PSHUFD\0" "\x07" "PSHUFHW\0" \ "\x07" "PSHUFLW\0" "\x07" "VPSHUFD\0" "\x08" "VPSHUFHW\0" "\x08" "VPSHUFLW\0" \ "\x07" "PCMPEQB\0" "\x08" "VPCMPEQB\0" "\x07" "PCMPEQW\0" "\x08" "VPCMPEQW\0" \ "\x07" "PCMPEQD\0" "\x08" "VPCMPEQD\0" "\x04" "EMMS\0" "\x0a" "VZEROUPPER\0" \ "\x08" "VZEROALL\0" "\x06" "VMREAD\0" "\x05" "EXTRQ\0" "\x07" "INSERTQ\0" \ "\x07" "VMWRITE\0" "\x08" "CVTPH2PS\0" "\x08" "CVTPS2PH\0" "\x06" "HADDPD\0" \ "\x06" "HADDPS\0" "\x07" "VHADDPD\0" "\x07" "VHADDPS\0" "\x06" "HSUBPD\0" \ "\x06" "HSUBPS\0" "\x07" "VHSUBPD\0" "\x07" "VHSUBPS\0" "\x05" "XSAVE\0" \ "\x07" "XSAVE64\0" "\x06" "LFENCE\0" "\x06" "XRSTOR\0" "\x08" "XRSTOR64\0" \ "\x06" "MFENCE\0" "\x08" "XSAVEOPT\0" "\x0a" "XSAVEOPT64\0" "\x06" "SFENCE\0" \ "\x07" "CLFLUSH\0" "\x06" "POPCNT\0" "\x03" "BSF\0" "\x05" "TZCNT\0" \ "\x03" "BSR\0" "\x05" "LZCNT\0" "\x07" "CMPEQPS\0" "\x07" "CMPLTPS\0" \ "\x07" "CMPLEPS\0" "\x0a" "CMPUNORDPS\0" "\x08" "CMPNEQPS\0" "\x08" "CMPNLTPS\0" \ "\x08" "CMPNLEPS\0" "\x08" "CMPORDPS\0" "\x07" "CMPEQPD\0" "\x07" "CMPLTPD\0" \ "\x07" "CMPLEPD\0" "\x0a" "CMPUNORDPD\0" "\x08" "CMPNEQPD\0" "\x08" "CMPNLTPD\0" \ "\x08" "CMPNLEPD\0" "\x08" "CMPORDPD\0" "\x07" "CMPEQSS\0" "\x07" "CMPLTSS\0" \ "\x07" "CMPLESS\0" "\x0a" "CMPUNORDSS\0" "\x08" "CMPNEQSS\0" "\x08" "CMPNLTSS\0" \ "\x08" "CMPNLESS\0" "\x08" "CMPORDSS\0" "\x07" "CMPEQSD\0" "\x07" "CMPLTSD\0" \ "\x07" "CMPLESD\0" "\x0a" "CMPUNORDSD\0" "\x08" "CMPNEQSD\0" "\x08" "CMPNLTSD\0" \ "\x08" "CMPNLESD\0" "\x08" "CMPORDSD\0" "\x08" "VCMPEQPS\0" "\x08" "VCMPLTPS\0" \ "\x08" "VCMPLEPS\0" "\x0b" "VCMPUNORDPS\0" "\x09" "VCMPNEQPS\0" "\x09" "VCMPNLTPS\0" \ "\x09" "VCMPNLEPS\0" "\x09" "VCMPORDPS\0" "\x0b" "VCMPEQ_UQPS\0" "\x09" "VCMPNGEPS\0" \ "\x09" "VCMPNGTPS\0" "\x0b" "VCMPFALSEPS\0" "\x0c" "VCMPNEQ_OQPS\0" "\x08" "VCMPGEPS\0" \ "\x08" "VCMPGTPS\0" "\x0a" "VCMPTRUEPS\0" "\x0b" "VCMPEQ_OSPS\0" "\x0b" "VCMPLT_OQPS\0" \ "\x0b" "VCMPLE_OQPS\0" "\x0d" "VCMPUNORD_SPS\0" "\x0c" "VCMPNEQ_USPS\0" \ "\x0c" "VCMPNLT_UQPS\0" "\x0c" "VCMPNLE_UQPS\0" "\x0b" "VCMPORD_SPS\0" \ "\x0b" "VCMPEQ_USPS\0" "\x0c" "VCMPNGE_UQPS\0" "\x0c" "VCMPNGT_UQPS\0" \ "\x0e" "VCMPFALSE_OSPS\0" "\x0c" "VCMPNEQ_OSPS\0" "\x0b" "VCMPGE_OQPS\0" \ "\x0b" "VCMPGT_OQPS\0" "\x0d" "VCMPTRUE_USPS\0" "\x08" "VCMPEQPD\0" "\x08" "VCMPLTPD\0" \ "\x08" "VCMPLEPD\0" "\x0b" "VCMPUNORDPD\0" "\x09" "VCMPNEQPD\0" "\x09" "VCMPNLTPD\0" \ "\x09" "VCMPNLEPD\0" "\x09" "VCMPORDPD\0" "\x0b" "VCMPEQ_UQPD\0" "\x09" "VCMPNGEPD\0" \ "\x09" "VCMPNGTPD\0" "\x0b" "VCMPFALSEPD\0" "\x0c" "VCMPNEQ_OQPD\0" "\x08" "VCMPGEPD\0" \ "\x08" "VCMPGTPD\0" "\x0a" "VCMPTRUEPD\0" "\x0b" "VCMPEQ_OSPD\0" "\x0b" "VCMPLT_OQPD\0" \ "\x0b" "VCMPLE_OQPD\0" "\x0d" "VCMPUNORD_SPD\0" "\x0c" "VCMPNEQ_USPD\0" \ "\x0c" "VCMPNLT_UQPD\0" "\x0c" "VCMPNLE_UQPD\0" "\x0b" "VCMPORD_SPD\0" \ "\x0b" "VCMPEQ_USPD\0" "\x0c" "VCMPNGE_UQPD\0" "\x0c" "VCMPNGT_UQPD\0" \ "\x0e" "VCMPFALSE_OSPD\0" "\x0c" "VCMPNEQ_OSPD\0" "\x0b" "VCMPGE_OQPD\0" \ "\x0b" "VCMPGT_OQPD\0" "\x0d" "VCMPTRUE_USPD\0" "\x08" "VCMPEQSS\0" "\x08" "VCMPLTSS\0" \ "\x08" "VCMPLESS\0" "\x0b" "VCMPUNORDSS\0" "\x09" "VCMPNEQSS\0" "\x09" "VCMPNLTSS\0" \ "\x09" "VCMPNLESS\0" "\x09" "VCMPORDSS\0" "\x0b" "VCMPEQ_UQSS\0" "\x09" "VCMPNGESS\0" \ "\x09" "VCMPNGTSS\0" "\x0b" "VCMPFALSESS\0" "\x0c" "VCMPNEQ_OQSS\0" "\x08" "VCMPGESS\0" \ "\x08" "VCMPGTSS\0" "\x0a" "VCMPTRUESS\0" "\x0b" "VCMPEQ_OSSS\0" "\x0b" "VCMPLT_OQSS\0" \ "\x0b" "VCMPLE_OQSS\0" "\x0d" "VCMPUNORD_SSS\0" "\x0c" "VCMPNEQ_USSS\0" \ "\x0c" "VCMPNLT_UQSS\0" "\x0c" "VCMPNLE_UQSS\0" "\x0b" "VCMPORD_SSS\0" \ "\x0b" "VCMPEQ_USSS\0" "\x0c" "VCMPNGE_UQSS\0" "\x0c" "VCMPNGT_UQSS\0" \ "\x0e" "VCMPFALSE_OSSS\0" "\x0c" "VCMPNEQ_OSSS\0" "\x0b" "VCMPGE_OQSS\0" \ "\x0b" "VCMPGT_OQSS\0" "\x0d" "VCMPTRUE_USSS\0" "\x08" "VCMPEQSD\0" "\x08" "VCMPLTSD\0" \ "\x08" "VCMPLESD\0" "\x0b" "VCMPUNORDSD\0" "\x09" "VCMPNEQSD\0" "\x09" "VCMPNLTSD\0" \ "\x09" "VCMPNLESD\0" "\x09" "VCMPORDSD\0" "\x0b" "VCMPEQ_UQSD\0" "\x09" "VCMPNGESD\0" \ "\x09" "VCMPNGTSD\0" "\x0b" "VCMPFALSESD\0" "\x0c" "VCMPNEQ_OQSD\0" "\x08" "VCMPGESD\0" \ "\x08" "VCMPGTSD\0" "\x0a" "VCMPTRUESD\0" "\x0b" "VCMPEQ_OSSD\0" "\x0b" "VCMPLT_OQSD\0" \ "\x0b" "VCMPLE_OQSD\0" "\x0d" "VCMPUNORD_SSD\0" "\x0c" "VCMPNEQ_USSD\0" \ "\x0c" "VCMPNLT_UQSD\0" "\x0c" "VCMPNLE_UQSD\0" "\x0b" "VCMPORD_SSD\0" \ "\x0b" "VCMPEQ_USSD\0" "\x0c" "VCMPNGE_UQSD\0" "\x0c" "VCMPNGT_UQSD\0" \ "\x0e" "VCMPFALSE_OSSD\0" "\x0c" "VCMPNEQ_OSSD\0" "\x0b" "VCMPGE_OQSD\0" \ "\x0b" "VCMPGT_OQSD\0" "\x0d" "VCMPTRUE_USSD\0" "\x06" "PINSRW\0" "\x07" "VPINSRW\0" \ "\x06" "PEXTRW\0" "\x07" "VPEXTRW\0" "\x06" "SHUFPS\0" "\x06" "SHUFPD\0" \ "\x07" "VSHUFPS\0" "\x07" "VSHUFPD\0" "\x09" "CMPXCHG8B\0" "\x0a" "CMPXCHG16B\0" \ "\x07" "VMPTRST\0" "\x08" "ADDSUBPD\0" "\x08" "ADDSUBPS\0" "\x09" "VADDSUBPD\0" \ "\x09" "VADDSUBPS\0" "\x05" "PSRLW\0" "\x06" "VPSRLW\0" "\x05" "PSRLD\0" \ "\x06" "VPSRLD\0" "\x05" "PSRLQ\0" "\x06" "VPSRLQ\0" "\x05" "PADDQ\0" \ "\x06" "VPADDQ\0" "\x06" "PMULLW\0" "\x07" "VPMULLW\0" "\x07" "MOVQ2DQ\0" \ "\x07" "MOVDQ2Q\0" "\x08" "PMOVMSKB\0" "\x09" "VPMOVMSKB\0" "\x07" "PSUBUSB\0" \ "\x08" "VPSUBUSB\0" "\x07" "PSUBUSW\0" "\x08" "VPSUBUSW\0" "\x06" "PMINUB\0" \ "\x07" "VPMINUB\0" "\x04" "PAND\0" "\x05" "VPAND\0" "\x07" "PADDUSB\0" \ "\x08" "VPADDUSW\0" "\x07" "PADDUSW\0" "\x06" "PMAXUB\0" "\x07" "VPMAXUB\0" \ "\x05" "PANDN\0" "\x06" "VPANDN\0" "\x05" "PAVGB\0" "\x06" "VPAVGB\0" \ "\x05" "PSRAW\0" "\x06" "VPSRAW\0" "\x05" "PSRAD\0" "\x06" "VPSRAD\0" \ "\x05" "PAVGW\0" "\x06" "VPAVGW\0" "\x07" "PMULHUW\0" "\x08" "VPMULHUW\0" \ "\x06" "PMULHW\0" "\x07" "VPMULHW\0" "\x09" "CVTTPD2DQ\0" "\x08" "CVTDQ2PD\0" \ "\x08" "CVTPD2DQ\0" "\x0a" "VCVTTPD2DQ\0" "\x09" "VCVTDQ2PD\0" "\x09" "VCVTPD2DQ\0" \ "\x06" "MOVNTQ\0" "\x07" "MOVNTDQ\0" "\x08" "VMOVNTDQ\0" "\x06" "PSUBSB\0" \ "\x07" "VPSUBSB\0" "\x06" "PSUBSW\0" "\x07" "VPSUBSW\0" "\x06" "PMINSW\0" \ "\x07" "VPMINSW\0" "\x03" "POR\0" "\x04" "VPOR\0" "\x06" "PADDSB\0" \ "\x07" "VPADDSB\0" "\x06" "PADDSW\0" "\x07" "VPADDSW\0" "\x06" "PMAXSW\0" \ "\x07" "VPMAXSW\0" "\x04" "PXOR\0" "\x05" "VPXOR\0" "\x05" "LDDQU\0" \ "\x06" "VLDDQU\0" "\x05" "PSLLW\0" "\x06" "VPSLLW\0" "\x05" "PSLLD\0" \ "\x06" "VPSLLD\0" "\x05" "PSLLQ\0" "\x06" "VPSLLQ\0" "\x07" "PMULUDQ\0" \ "\x08" "VPMULUDQ\0" "\x07" "PMADDWD\0" "\x08" "VPMADDWD\0" "\x06" "PSADBW\0" \ "\x07" "VPSADBW\0" "\x08" "MASKMOVQ\0" "\x0a" "MASKMOVDQU\0" "\x0b" "VMASKMOVDQU\0" \ "\x05" "PSUBB\0" "\x06" "VPSUBB\0" "\x05" "PSUBW\0" "\x06" "VPSUBW\0" \ "\x05" "PSUBD\0" "\x06" "VPSUBD\0" "\x05" "PSUBQ\0" "\x06" "VPSUBQ\0" \ "\x05" "PADDB\0" "\x06" "VPADDB\0" "\x05" "PADDW\0" "\x06" "VPADDW\0" \ "\x05" "PADDD\0" "\x06" "VPADDD\0" "\x07" "FNSTENV\0" "\x06" "FSTENV\0" \ "\x06" "FNSTCW\0" "\x05" "FSTCW\0" "\x06" "FNCLEX\0" "\x05" "FCLEX\0" \ "\x06" "FNINIT\0" "\x05" "FINIT\0" "\x06" "FNSAVE\0" "\x05" "FSAVE\0" \ "\x06" "FNSTSW\0" "\x05" "FSTSW\0" "\x06" "PSHUFB\0" "\x07" "VPSHUFB\0" \ "\x06" "PHADDW\0" "\x07" "VPHADDW\0" "\x06" "PHADDD\0" "\x07" "VPHADDD\0" \ "\x07" "PHADDSW\0" "\x08" "VPHADDSW\0" "\x09" "PMADDUBSW\0" "\x0a" "VPMADDUBSW\0" \ "\x06" "PHSUBW\0" "\x07" "VPHSUBW\0" "\x06" "PHSUBD\0" "\x07" "VPHSUBD\0" \ "\x07" "PHSUBSW\0" "\x08" "VPHSUBSW\0" "\x06" "PSIGNB\0" "\x07" "VPSIGNB\0" \ "\x06" "PSIGNW\0" "\x07" "VPSIGNW\0" "\x06" "PSIGND\0" "\x07" "VPSIGND\0" \ "\x08" "PMULHRSW\0" "\x09" "VPMULHRSW\0" "\x09" "VPERMILPS\0" "\x09" "VPERMILPD\0" \ "\x07" "VTESTPS\0" "\x07" "VTESTPD\0" "\x08" "PBLENDVB\0" "\x08" "BLENDVPS\0" \ "\x08" "BLENDVPD\0" "\x05" "PTEST\0" "\x06" "VPTEST\0" "\x0c" "VBROADCASTSS\0" \ "\x0c" "VBROADCASTSD\0" "\x0e" "VBROADCASTF128\0" "\x05" "PABSB\0" "\x06" "VPABSB\0" \ "\x05" "PABSW\0" "\x06" "VPABSW\0" "\x05" "PABSD\0" "\x06" "VPABSD\0" \ "\x08" "PMOVSXBW\0" "\x09" "VPMOVSXBW\0" "\x08" "PMOVSXBD\0" "\x09" "VPMOVSXBD\0" \ "\x08" "PMOVSXBQ\0" "\x09" "VPMOVSXBQ\0" "\x08" "PMOVSXWD\0" "\x09" "VPMOVSXWD\0" \ "\x08" "PMOVSXWQ\0" "\x09" "VPMOVSXWQ\0" "\x08" "PMOVSXDQ\0" "\x09" "VPMOVSXDQ\0" \ "\x06" "PMULDQ\0" "\x07" "VPMULDQ\0" "\x07" "PCMPEQQ\0" "\x08" "VPCMPEQQ\0" \ "\x08" "MOVNTDQA\0" "\x09" "VMOVNTDQA\0" "\x08" "PACKUSDW\0" "\x09" "VPACKUSDW\0" \ "\x0a" "VMASKMOVPS\0" "\x0a" "VMASKMOVPD\0" "\x08" "PMOVZXBW\0" "\x09" "VPMOVZXBW\0" \ "\x08" "PMOVZXBD\0" "\x09" "VPMOVZXBD\0" "\x08" "PMOVZXBQ\0" "\x09" "VPMOVZXBQ\0" \ "\x08" "PMOVZXWD\0" "\x09" "VPMOVZXWD\0" "\x08" "PMOVZXWQ\0" "\x09" "VPMOVZXWQ\0" \ "\x08" "PMOVZXDQ\0" "\x09" "VPMOVZXDQ\0" "\x07" "PCMPGTQ\0" "\x08" "VPCMPGTQ\0" \ "\x06" "PMINSB\0" "\x07" "VPMINSB\0" "\x06" "PMINSD\0" "\x07" "VPMINSD\0" \ "\x06" "PMINUW\0" "\x07" "VPMINUW\0" "\x06" "PMINUD\0" "\x07" "VPMINUD\0" \ "\x06" "PMAXSB\0" "\x07" "VPMAXSB\0" "\x06" "PMAXSD\0" "\x07" "VPMAXSD\0" \ "\x06" "PMAXUW\0" "\x07" "VPMAXUW\0" "\x06" "PMAXUD\0" "\x07" "VPMAXUD\0" \ "\x06" "PMULLD\0" "\x07" "VPMULLD\0" "\x0a" "PHMINPOSUW\0" "\x0b" "VPHMINPOSUW\0" \ "\x06" "INVEPT\0" "\x07" "INVVPID\0" "\x07" "INVPCID\0" "\x0e" "VFMADDSUB132PS\0" \ "\x0e" "VFMADDSUB132PD\0" "\x0e" "VFMSUBADD132PS\0" "\x0e" "VFMSUBADD132PD\0" \ "\x0b" "VFMADD132PS\0" "\x0b" "VFMADD132PD\0" "\x0b" "VFMADD132SS\0" \ "\x0b" "VFMADD132SD\0" "\x0b" "VFMSUB132PS\0" "\x0b" "VFMSUB132PD\0" \ "\x0b" "VFMSUB132SS\0" "\x0b" "VFMSUB132SD\0" "\x0c" "VFNMADD132PS\0" \ "\x0c" "VFNMADD132PD\0" "\x0c" "VFNMADD132SS\0" "\x0c" "VFNMADD132SD\0" \ "\x0c" "VFNMSUB132PS\0" "\x0c" "VFNMSUB132PD\0" "\x0c" "VFNMSUB132SS\0" \ "\x0c" "VFNMSUB132SD\0" "\x0e" "VFMADDSUB213PS\0" "\x0e" "VFMADDSUB213PD\0" \ "\x0e" "VFMSUBADD213PS\0" "\x0e" "VFMSUBADD213PD\0" "\x0b" "VFMADD213PS\0" \ "\x0b" "VFMADD213PD\0" "\x0b" "VFMADD213SS\0" "\x0b" "VFMADD213SD\0" \ "\x0b" "VFMSUB213PS\0" "\x0b" "VFMSUB213PD\0" "\x0b" "VFMSUB213SS\0" \ "\x0b" "VFMSUB213SD\0" "\x0c" "VFNMADD213PS\0" "\x0c" "VFNMADD213PD\0" \ "\x0c" "VFNMADD213SS\0" "\x0c" "VFNMADD213SD\0" "\x0c" "VFNMSUB213PS\0" \ "\x0c" "VFNMSUB213PD\0" "\x0c" "VFNMSUB213SS\0" "\x0c" "VFNMSUB213SD\0" \ "\x0e" "VFMADDSUB231PS\0" "\x0e" "VFMADDSUB231PD\0" "\x0e" "VFMSUBADD231PS\0" \ "\x0e" "VFMSUBADD231PD\0" "\x0b" "VFMADD231PS\0" "\x0b" "VFMADD231PD\0" \ "\x0b" "VFMADD231SS\0" "\x0b" "VFMADD231SD\0" "\x0b" "VFMSUB231PS\0" \ "\x0b" "VFMSUB231PD\0" "\x0b" "VFMSUB231SS\0" "\x0b" "VFMSUB231SD\0" \ "\x0c" "VFNMADD231PS\0" "\x0c" "VFNMADD231PD\0" "\x0c" "VFNMADD231SS\0" \ "\x0c" "VFNMADD231SD\0" "\x0c" "VFNMSUB231PS\0" "\x0c" "VFNMSUB231PD\0" \ "\x0c" "VFNMSUB231SS\0" "\x0c" "VFNMSUB231SD\0" "\x06" "AESIMC\0" "\x07" "VAESIMC\0" \ "\x06" "AESENC\0" "\x07" "VAESENC\0" "\x0a" "AESENCLAST\0" "\x0b" "VAESENCLAST\0" \ "\x06" "AESDEC\0" "\x07" "VAESDEC\0" "\x0a" "AESDECLAST\0" "\x0b" "VAESDECLAST\0" \ "\x05" "MOVBE\0" "\x05" "CRC32\0" "\x0a" "VPERM2F128\0" "\x07" "ROUNDPS\0" \ "\x08" "VROUNDPS\0" "\x07" "ROUNDPD\0" "\x08" "VROUNDPD\0" "\x07" "ROUNDSS\0" \ "\x08" "VROUNDSS\0" "\x07" "ROUNDSD\0" "\x08" "VROUNDSD\0" "\x07" "BLENDPS\0" \ "\x08" "VBLENDPS\0" "\x07" "BLENDPD\0" "\x08" "VBLENDPD\0" "\x07" "PBLENDW\0" \ "\x08" "VPBLENDW\0" "\x07" "PALIGNR\0" "\x08" "VPALIGNR\0" "\x06" "PEXTRB\0" \ "\x07" "VPEXTRB\0" "\x06" "PEXTRD\0" "\x06" "PEXTRQ\0" "\x07" "VPEXTRD\0" \ "\x07" "VPEXTRQ\0" "\x09" "EXTRACTPS\0" "\x0a" "VEXTRACTPS\0" "\x0b" "VINSERTF128\0" \ "\x0c" "VEXTRACTF128\0" "\x06" "PINSRB\0" "\x07" "VPINSRB\0" "\x08" "INSERTPS\0" \ "\x09" "VINSERTPS\0" "\x06" "PINSRD\0" "\x06" "PINSRQ\0" "\x07" "VPINSRD\0" \ "\x07" "VPINSRQ\0" "\x04" "DPPS\0" "\x05" "VDPPS\0" "\x04" "DPPD\0" \ "\x05" "VDPPD\0" "\x07" "MPSADBW\0" "\x08" "VMPSADBW\0" "\x09" "PCLMULQDQ\0" \ "\x0a" "VPCLMULQDQ\0" "\x09" "VBLENDVPS\0" "\x09" "VBLENDVPD\0" "\x09" "VPBLENDVB\0" \ "\x09" "PCMPESTRM\0" "\x0a" "VPCMPESTRM\0" "\x09" "PCMPESTRI\0" "\x0a" "VPCMPESTRI\0" \ "\x09" "PCMPISTRM\0" "\x0a" "VPCMPISTRM\0" "\x09" "PCMPISTRI\0" "\x0a" "VPCMPISTRI\0" \ "\x0f" "AESKEYGENASSIST\0" "\x10" "VAESKEYGENASSIST\0" "\x06" "PSRLDQ\0" \ "\x07" "VPSRLDQ\0" "\x06" "PSLLDQ\0" "\x07" "VPSLLDQ\0" "\x06" "FXSAVE\0" \ "\x08" "FXSAVE64\0" "\x08" "RDFSBASE\0" "\x07" "FXRSTOR\0" "\x09" "FXRSTOR64\0" \ "\x08" "RDGSBASE\0" "\x07" "LDMXCSR\0" "\x08" "WRFSBASE\0" "\x08" "VLDMXCSR\0" \ "\x07" "STMXCSR\0" "\x08" "WRGSBASE\0" "\x08" "VSTMXCSR\0" "\x07" "VMPTRLD\0" \ "\x07" "VMCLEAR\0" "\x05" "VMXON\0" "\x06" "MOVSXD\0" "\x05" "PAUSE\0" \ "\x04" "WAIT\0" "\x06" "RDRAND\0" "\x06" "_3DNOW\0"; const _WRegister _REGISTERS[] = { { 3, "RAX" }, { 3, "RCX" }, { 3, "RDX" }, { 3, "RBX" }, { 3, "RSP" }, { 3, "RBP" }, { 3, "RSI" }, { 3, "RDI" }, { 2, "R8" }, { 2, "R9" }, { 3, "R10" }, { 3, "R11" }, { 3, "R12" }, { 3, "R13" }, { 3, "R14" }, { 3, "R15" }, { 3, "EAX" }, { 3, "ECX" }, { 3, "EDX" }, { 3, "EBX" }, { 3, "ESP" }, { 3, "EBP" }, { 3, "ESI" }, { 3, "EDI" }, { 3, "R8D" }, { 3, "R9D" }, { 4, "R10D" }, { 4, "R11D" }, { 4, "R12D" }, { 4, "R13D" }, { 4, "R14D" }, { 4, "R15D" }, { 2, "AX" }, { 2, "CX" }, { 2, "DX" }, { 2, "BX" }, { 2, "SP" }, { 2, "BP" }, { 2, "SI" }, { 2, "DI" }, { 3, "R8W" }, { 3, "R9W" }, { 4, "R10W" }, { 4, "R11W" }, { 4, "R12W" }, { 4, "R13W" }, { 4, "R14W" }, { 4, "R15W" }, { 2, "AL" }, { 2, "CL" }, { 2, "DL" }, { 2, "BL" }, { 2, "AH" }, { 2, "CH" }, { 2, "DH" }, { 2, "BH" }, { 3, "R8B" }, { 3, "R9B" }, { 4, "R10B" }, { 4, "R11B" }, { 4, "R12B" }, { 4, "R13B" }, { 4, "R14B" }, { 4, "R15B" }, { 3, "SPL" }, { 3, "BPL" }, { 3, "SIL" }, { 3, "DIL" }, { 2, "ES" }, { 2, "CS" }, { 2, "SS" }, { 2, "DS" }, { 2, "FS" }, { 2, "GS" }, { 3, "RIP" }, { 3, "ST0" }, { 3, "ST1" }, { 3, "ST2" }, { 3, "ST3" }, { 3, "ST4" }, { 3, "ST5" }, { 3, "ST6" }, { 3, "ST7" }, { 3, "MM0" }, { 3, "MM1" }, { 3, "MM2" }, { 3, "MM3" }, { 3, "MM4" }, { 3, "MM5" }, { 3, "MM6" }, { 3, "MM7" }, { 4, "XMM0" }, { 4, "XMM1" }, { 4, "XMM2" }, { 4, "XMM3" }, { 4, "XMM4" }, { 4, "XMM5" }, { 4, "XMM6" }, { 4, "XMM7" }, { 4, "XMM8" }, { 4, "XMM9" }, { 5, "XMM10" }, { 5, "XMM11" }, { 5, "XMM12" }, { 5, "XMM13" }, { 5, "XMM14" }, { 5, "XMM15" }, { 4, "YMM0" }, { 4, "YMM1" }, { 4, "YMM2" }, { 4, "YMM3" }, { 4, "YMM4" }, { 4, "YMM5" }, { 4, "YMM6" }, { 4, "YMM7" }, { 4, "YMM8" }, { 4, "YMM9" }, { 5, "YMM10" }, { 5, "YMM11" }, { 5, "YMM12" }, { 5, "YMM13" }, { 5, "YMM14" }, { 5, "YMM15" }, { 3, "CR0" }, { 0, "" }, { 3, "CR2" }, { 3, "CR3" }, { 3, "CR4" }, { 0, "" }, { 0, "" }, { 0, "" }, { 3, "CR8" }, { 3, "DR0" }, { 3, "DR1" }, { 3, "DR2" }, { 3, "DR3" }, { 0, "" }, { 0, "" }, { 3, "DR6" }, { 3, "DR7" } }; #endif /* DISTORM_LIGHT */ distorm-3.4.1/src/operands.c000077500000000000000000001311651340425302400157550ustar00rootroot00000000000000/* operands.c diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #include "config.h" #include "operands.h" #include "x86defs.h" #include "insts.h" #include "../include/mnemonics.h" /* Maps a register to its register-class mask. */ uint32_t _REGISTERTORCLASS[] = /* Based on _RegisterType enumeration! */ {RM_AX, RM_CX, RM_DX, RM_BX, RM_SP, RM_BP, RM_SI, RM_DI, RM_R8, RM_R9, RM_R10, RM_R11, RM_R12, RM_R13, RM_R14, RM_R15, RM_AX, RM_CX, RM_DX, RM_BX, RM_SP, RM_BP, RM_SI, RM_DI, RM_R8, RM_R9, RM_R10, RM_R11, RM_R12, RM_R13, RM_R14, RM_R15, RM_AX, RM_CX, RM_DX, RM_BX, RM_SP, RM_BP, RM_SI, RM_DI, RM_R8, RM_R9, RM_R10, RM_R11, RM_R12, RM_R13, RM_R14, RM_R15, RM_AX, RM_CX, RM_DX, RM_BX, RM_AX, RM_CX, RM_DX, RM_BX, RM_R8, RM_R9, RM_R10, RM_R11, RM_R12, RM_R13, RM_R14, RM_R15, RM_SP, RM_BP, RM_SI, RM_DI, 0, 0, 0, 0, 0, 0, 0, RM_FPU, RM_FPU, RM_FPU, RM_FPU, RM_FPU, RM_FPU, RM_FPU, RM_FPU, RM_MMX, RM_MMX, RM_MMX, RM_MMX, RM_MMX, RM_MMX, RM_MMX, RM_MMX, RM_SSE, RM_SSE, RM_SSE, RM_SSE, RM_SSE, RM_SSE, RM_SSE, RM_SSE, RM_SSE, RM_SSE, RM_SSE, RM_SSE, RM_SSE, RM_SSE, RM_SSE, RM_SSE, RM_AVX, RM_AVX, RM_AVX, RM_AVX, RM_AVX, RM_AVX, RM_AVX, RM_AVX, RM_AVX, RM_AVX, RM_AVX, RM_AVX, RM_AVX, RM_AVX, RM_AVX, RM_AVX, RM_CR, 0, RM_CR, RM_CR, RM_CR, 0, 0, 0, RM_CR, RM_DR, RM_DR, RM_DR, RM_DR, 0, 0, RM_DR, RM_DR }; typedef enum {OPERAND_SIZE_NONE = 0, OPERAND_SIZE8, OPERAND_SIZE16, OPERAND_SIZE32, OPERAND_SIZE64, OPERAND_SIZE80, OPERAND_SIZE128, OPERAND_SIZE256} _OperandSizeType; static uint16_t _OPSIZETOINT[] = {0, 8, 16, 32, 64, 80, 128, 256}; /* A helper function to fix the 8 bits register if REX is used (to support SIL, DIL, etc). */ static unsigned int _FASTCALL_ operands_fix_8bit_rex_base(unsigned int reg) { if ((reg >= 4) && (reg < 8)) return reg + REGS8_REX_BASE - 4; return reg + REGS8_BASE; } /* A helper function to set operand's type and size. */ static void _FASTCALL_ operands_set_ts(_Operand* op, _OperandType type, uint16_t size) { op->type = type; op->size = size; } /* A helper function to set operand's type, size and index. */ static void _FASTCALL_ operands_set_tsi(_Operand* op, _OperandType type, uint16_t size, unsigned int index) { op->type = type; op->index = (uint8_t)index; op->size = size; } /* A helper function to read an unsigned integer from the stream safely. */ static int _FASTCALL_ read_stream_safe_uint(_CodeInfo* ci, void* result, unsigned int size) { ci->codeLen -= size; if (ci->codeLen < 0) return FALSE; switch (size) { case 1: *(uint8_t*)result = *(uint8_t*)ci->code; break; case 2: *(uint16_t*)result = RUSHORT(ci->code); break; case 4: *(uint32_t*)result = RULONG(ci->code); break; case 8: *(uint64_t*)result = RULLONG(ci->code); break; } ci->code += size; return TRUE; } /* A helper function to read a signed integer from the stream safely. */ static int _FASTCALL_ read_stream_safe_sint(_CodeInfo* ci, int64_t* result, unsigned int size) { ci->codeLen -= size; if (ci->codeLen < 0) return FALSE; switch (size) { case 1: *result = *(int8_t*)ci->code; break; case 2: *result = RSHORT(ci->code); break; case 4: *result = RLONG(ci->code); break; case 8: *result = RLLONG(ci->code); break; } ci->code += size; return TRUE; } /* * SIB decoding is the most confusing part when decoding IA-32 instructions. * This explanation should clear up some stuff. * * ! When base == 5, use EBP as the base register ! * if (rm == 4) { * if mod == 01, decode SIB byte and ALSO read a 8 bits displacement. * if mod == 10, decode SIB byte and ALSO read a 32 bits displacement. * if mod == 11 <-- EXCEPTION, this is a general-purpose register and mustn't lead to SIB decoding! * ; So far so good, now the confusing part comes in with mod == 0 and base=5, but no worry. * if (mod == 00) { * decode SIB byte WITHOUT any displacement. * EXCEPTION!!! when base == 5, read a 32 bits displacement, but this time DO NOT use (EBP) BASE at all! * } * * NOTE: base could specify None (no base register) if base==5 and mod==0, but then you also need DISP32. * } */ static void operands_extract_sib(_DInst* di, _OperandNumberType opNum, _PrefixState* ps, _DecodeType effAdrSz, unsigned int sib, unsigned int mod) { unsigned int scale = 0, index = 0, base = 0; unsigned int vrex = ps->vrex; uint8_t* pIndex = NULL; _Operand* op = &di->ops[opNum]; /* * SIB bits: * |7---6-5----3-2---0| * |SCALE| INDEX| BASE| * |------------------| */ scale = (sib >> 6) & 3; index = (sib >> 3) & 7; base = sib & 7; /* * The following fields: base/index/scale/disp8/32 are ALL optional by specific rules! * The idea here is to keep the indirection as a simple-memory type. * Because the base is optional, and we might be left with only one index. * So even if there's a base but no index, or vice versa, we end up with one index register. */ /* In 64 bits the REX prefix might affect the index of the SIB byte. */ if (vrex & PREFIX_EX_X) { ps->usedPrefixes |= INST_PRE_REX; index += EX_GPR_BASE; } if (index == 4) { /* No index is used. Use SMEM. */ op->type = O_SMEM; pIndex = &op->index; } else { op->type = O_MEM; pIndex = &di->base; /* No base, unless it is updated below. E.G: [EAX*4] has no base reg. */ } if (base != 5) { if (vrex & PREFIX_EX_B) ps->usedPrefixes |= INST_PRE_REX; *pIndex = effAdrSz == Decode64Bits ? REGS64_BASE : REGS32_BASE; *pIndex += (uint8_t)(base + ((vrex & PREFIX_EX_B) ? EX_GPR_BASE : 0)); } else if (mod != 0) { /* * if base == 5 then you have to decode according to MOD. * mod(00) - disp32. * mod(01) - disp8 + rBP * mod(10) - disp32 + rBP * mod(11) - not possible, it's a general-purpose register. */ if (vrex & PREFIX_EX_B) ps->usedPrefixes |= INST_PRE_REX; if (effAdrSz == Decode64Bits) *pIndex = REGS64_BASE + 5 + ((vrex & PREFIX_EX_B) ? EX_GPR_BASE : 0); else *pIndex = REGS32_BASE + 5 + ((vrex & PREFIX_EX_B) ? EX_GPR_BASE : 0); } else if (index == 4) { /* 32bits displacement only. */ op->type = O_DISP; return; } if (index != 4) { /* In 64 bits decoding mode, if index == R12, it's valid! */ if (effAdrSz == Decode64Bits) op->index = (uint8_t)(REGS64_BASE + index); else op->index = (uint8_t)(REGS32_BASE + index); di->scale = scale != 0 ? (1 << scale) : 0; } } /* * This seems to be the hardest part in decoding the operands. * If you take a look carefully at Table 2-2. 32-Bit Addressing Forms with the ModR/M Byte, * you will understand it's easy to decode the operands. * First we check the DT, so we can decide according to which Table in the documentation we are supposed to decode. * Then we follow the specific table whether it's 16 bits or 32/64 bits. * Don't forget that Operand Size AND Address Size prefixes may change the decoding! * Some instructions force the use of RM16 or other specific types, so take it into account. */ static int operands_extract_modrm(_CodeInfo* ci, _DInst* di, _OpType type, _OperandNumberType opNum, _PrefixState* ps, _DecodeType effOpSz, _DecodeType effAdrSz, int* lockableInstruction, unsigned int mod, unsigned int rm, _iflags instFlags) { unsigned int vrex = ps->vrex, sib = 0, base = 0; _Operand* op = &di->ops[opNum]; uint16_t size = 0; if (mod == 3) { /* * General-purpose register is handled the same way in 16/32/64 bits decoding modes. * NOTE!! that we have to override the size of the register, since it was set earlier as Memory and not Register! */ op->type = O_REG; /* Start with original size which was set earlier, some registers have same size of memory and depend on it. */ size = op->size; switch(type) { case OT_RFULL_M16: case OT_RM_FULL: switch (effOpSz) { case Decode16Bits: ps->usedPrefixes |= INST_PRE_OP_SIZE; if (vrex & PREFIX_EX_B) { ps->usedPrefixes |= INST_PRE_REX; rm += EX_GPR_BASE; } size = 16; rm += REGS16_BASE; break; case Decode32Bits: ps->usedPrefixes |= INST_PRE_OP_SIZE; if (vrex & PREFIX_EX_B) { ps->usedPrefixes |= INST_PRE_REX; rm += EX_GPR_BASE; } size = 32; rm += REGS32_BASE; break; case Decode64Bits: /* A fix for SMSW RAX which use the REX prefix. */ if (type == OT_RFULL_M16) ps->usedPrefixes |= INST_PRE_REX; /* CALL NEAR/PUSH/POP defaults to 64 bits. --> INST_64BITS, REX isn't required, thus ignored anyways. */ if (instFlags & INST_PRE_REX) ps->usedPrefixes |= INST_PRE_REX; /* Include REX if used for REX.B. */ if (vrex & PREFIX_EX_B) { ps->usedPrefixes |= INST_PRE_REX; rm += EX_GPR_BASE; } size = 64; rm += REGS64_BASE; break; } break; case OT_R32_64_M8: /* FALL THROUGH, decode 32 or 64 bits register. */ case OT_R32_64_M16: /* FALL THROUGH, decode 32 or 64 bits register. */ case OT_RM32_64: /* Take care specifically in MOVNTI/MOVD/CVT's instructions, making it _REG64 with REX or if they are promoted. */ if (vrex & PREFIX_EX_B) { ps->usedPrefixes |= INST_PRE_REX; rm += EX_GPR_BASE; } /* Is it a promoted instruction? (only INST_64BITS is set and REX isn't required.) */ if ((ci->dt == Decode64Bits) && ((instFlags & (INST_64BITS | INST_PRE_REX)) == INST_64BITS)) { size = 64; rm += REGS64_BASE; break; } /* Give a chance to REX.W. Because if it was a promoted instruction we don't care about REX.W anyways. */ if (vrex & PREFIX_EX_W) { ps->usedPrefixes |= INST_PRE_REX; size = 64; rm += REGS64_BASE; } else { size = 32; rm += REGS32_BASE; } break; case OT_RM16_32: /* Used only with MOVZXD instruction to support 16 bits operand. */ if (vrex & PREFIX_EX_B) { ps->usedPrefixes |= INST_PRE_REX; rm += EX_GPR_BASE; } /* Is it 16 bits operand size? */ if (ps->decodedPrefixes & INST_PRE_OP_SIZE) { ps->usedPrefixes |= INST_PRE_OP_SIZE; size = 16; rm += REGS16_BASE; } else { size = 32; rm += REGS32_BASE; } break; case OT_RM16: if (vrex & PREFIX_EX_B) { ps->usedPrefixes |= INST_PRE_REX; rm += EX_GPR_BASE; } rm += REGS16_BASE; break; case OT_RM8: if (ps->prefixExtType == PET_REX) { ps->usedPrefixes |= INST_PRE_REX; rm = operands_fix_8bit_rex_base(rm + ((vrex & PREFIX_EX_B) ? EX_GPR_BASE : 0)); } else rm += REGS8_BASE; break; case OT_MM32: case OT_MM64: /* MMX doesn't support extended registers. */ size = 64; rm += MMXREGS_BASE; break; case OT_XMM16: case OT_XMM32: case OT_XMM64: case OT_XMM128: if (vrex & PREFIX_EX_B) { ps->usedPrefixes |= INST_PRE_REX; rm += EX_GPR_BASE; } size = 128; rm += SSEREGS_BASE; break; case OT_RM32: case OT_R32_M8: case OT_R32_M16: if (vrex & PREFIX_EX_B) { ps->usedPrefixes |= INST_PRE_REX; rm += EX_GPR_BASE; } size = 32; rm += REGS32_BASE; break; case OT_YMM256: if (vrex & PREFIX_EX_B) rm += EX_GPR_BASE; rm += AVXREGS_BASE; break; case OT_YXMM64_256: case OT_YXMM128_256: if (vrex & PREFIX_EX_B) rm += EX_GPR_BASE; if (vrex & PREFIX_EX_L) { size = 256; rm += AVXREGS_BASE; } else { size = 128; rm += SSEREGS_BASE; } break; case OT_WXMM32_64: case OT_LXMM64_128: if (vrex & PREFIX_EX_B) rm += EX_GPR_BASE; size = 128; rm += SSEREGS_BASE; break; case OT_WRM32_64: case OT_REG32_64_M8: case OT_REG32_64_M16: if (vrex & PREFIX_EX_B) rm += EX_GPR_BASE; if (vrex & PREFIX_EX_W) { size = 64; rm += REGS64_BASE; } else { size = 32; rm += REGS32_BASE; } break; default: return FALSE; } op->size = size; op->index = (uint8_t)rm; return TRUE; } /* Memory indirection decoding ahead:) */ ps->usedPrefixes |= INST_PRE_ADDR_SIZE; if (lockableInstruction && (ps->decodedPrefixes & INST_PRE_LOCK)) *lockableInstruction = TRUE; if (effAdrSz == Decode16Bits) { /* Decoding according to Table 2-1. (16 bits) */ if ((mod == 0) && (rm == 6)) { /* 6 is a special case - only 16 bits displacement. */ op->type = O_DISP; di->dispSize = 16; if (!read_stream_safe_sint(ci, (int64_t*)&di->disp, sizeof(int16_t))) return FALSE; } else { /* * Create the O_MEM for 16 bits indirection that requires 2 registers, E.G: [BS+SI]. * or create O_SMEM for a single register indirection, E.G: [BP]. */ static uint8_t MODS[] = {R_BX, R_BX, R_BP, R_BP, R_SI, R_DI, R_BP, R_BX}; static uint8_t MODS2[] = {R_SI, R_DI, R_SI, R_DI}; if (rm < 4) { op->type = O_MEM; di->base = MODS[rm]; op->index = MODS2[rm]; } else { op->type = O_SMEM; op->index = MODS[rm]; } if (mod == 1) { /* 8 bits displacement + indirection */ di->dispSize = 8; if (!read_stream_safe_sint(ci, (int64_t*)&di->disp, sizeof(int8_t))) return FALSE; } else if (mod == 2) { /* 16 bits displacement + indirection */ di->dispSize = 16; if (!read_stream_safe_sint(ci, (int64_t*)&di->disp, sizeof(int16_t))) return FALSE; } } if ((rm == 2) || (rm == 3) || ((rm == 6) && (mod != 0))) { /* BP's default segment is SS, so ignore it. */ prefixes_use_segment(INST_PRE_SS, ps, ci->dt, di); } else { /* Ignore default DS segment. */ prefixes_use_segment(INST_PRE_DS, ps, ci->dt, di); } } else { /* Decode32Bits or Decode64Bits! */ /* Remember that from a 32/64 bits ModR/M byte a SIB byte could follow! */ if ((mod == 0) && (rm == 5)) { /* 5 is a special case - only 32 bits displacement, or RIP relative. */ di->dispSize = 32; if (!read_stream_safe_sint(ci, (int64_t*)&di->disp, sizeof(int32_t))) return FALSE; if (ci->dt == Decode64Bits) { /* In 64 bits decoding mode depsite of the address size, a RIP-relative address it is. */ op->type = O_SMEM; op->index = R_RIP; di->flags |= FLAG_RIP_RELATIVE; } else { /* Absolute address: */ op->type = O_DISP; } } else { if (rm == 4) { /* 4 is a special case - SIB byte + disp8/32 follows! */ /* Read SIB byte. */ if (!read_stream_safe_uint(ci, &sib, sizeof(int8_t))) return FALSE; operands_extract_sib(di, opNum, ps, effAdrSz, sib, mod); } else { op->type = O_SMEM; if (vrex & PREFIX_EX_B) { ps->usedPrefixes |= INST_PRE_REX; rm += EX_GPR_BASE; } if (effAdrSz == Decode64Bits) op->index = (uint8_t)(REGS64_BASE + rm); else op->index = (uint8_t)(REGS32_BASE + rm); } if (mod == 1) { di->dispSize = 8; if (!read_stream_safe_sint(ci, (int64_t*)&di->disp, sizeof(int8_t))) return FALSE; } else if ((mod == 2) || ((sib & 7) == 5)) { /* If there is no BASE, read DISP32! */ di->dispSize = 32; if (!read_stream_safe_sint(ci, (int64_t*)&di->disp, sizeof(int32_t))) return FALSE; } } /* Get the base register. */ base = op->index; if (di->base != R_NONE) base = di->base; else if (di->scale >= 2) base = 0; /* If it's only an index but got scale, it's still DS. */ /* Default for EBP/ESP is SS segment. 64 bits mode ignores DS anyway. */ if ((base == R_EBP) || (base == R_ESP)) prefixes_use_segment(INST_PRE_SS, ps, ci->dt, di); else prefixes_use_segment(INST_PRE_DS, ps, ci->dt, di); } return TRUE; } /* * This function is reponsible to textually format a required operand according to its type. * It is vital to understand that there are other operands than what the ModR/M byte specifies. * Only by decoding the operands of an instruction which got a LOCK prefix, we could tell whether it may use the LOCK prefix. * According to Intel, LOCK prefix must precede some specific instructions AND in their memory destination operand form (which means first operand). * LOCK INC EAX, would generate an exception, but LOCK INC [EAX] is alright. * Also LOCK ADD BX, [BP] would generate an exception. * Return code: * TRUE - continue parsing the instruction and its operands, everything went right 'till now. * FALSE - not enough bytes, or invalid operands. */ int operands_extract(_CodeInfo* ci, _DInst* di, _InstInfo* ii, _iflags instFlags, _OpType type, _OperandNumberType opNum, unsigned int modrm, _PrefixState* ps, _DecodeType effOpSz, _DecodeType effAdrSz, int* lockableInstruction) { int ret = 0; unsigned int mod = 0, reg = 0, rm = 0, vexV = ps->vexV; unsigned int vrex = ps->vrex, typeHandled = TRUE; _Operand* op = &di->ops[opNum]; /* Used to indicate the size of the MEMORY INDIRECTION only. */ _OperandSizeType opSize = OPERAND_SIZE_NONE; /* * ModRM bits: * |7-6-5--------3-2-0| * |MOD|REG/OPCODE|RM | * |------------------| */ mod = (modrm >> 6) & 3; /* Mode(register-indirection, disp8+reg+indirection, disp16+reg+indirection, general-purpose register) */ reg = (modrm >> 3) & 7; /* Register(could be part of the opcode itself or general-purpose register) */ rm = modrm & 7; /* Specifies which general-purpose register or disp+reg to use. */ /* -- Memory Indirection Operands (that cannot be a general purpose register) -- */ switch (type) { case OT_MEM64_128: /* Used only by CMPXCHG8/16B. */ /* Make a specific check when the type is OT_MEM64_128 since the lockable CMPXCHG8B uses this one... */ if (lockableInstruction && (ps->decodedPrefixes & INST_PRE_LOCK)) *lockableInstruction = TRUE; if (effOpSz == Decode64Bits) { ps->usedPrefixes |= INST_PRE_REX; opSize = OPERAND_SIZE128; } else opSize = OPERAND_SIZE64; break; case OT_MEM32: opSize = OPERAND_SIZE32; break; case OT_MEM32_64: /* Used by MOVNTI. Default size is 32bits, 64bits with REX. */ if (effOpSz == Decode64Bits) { ps->usedPrefixes |= INST_PRE_REX; opSize = OPERAND_SIZE64; } else opSize = OPERAND_SIZE32; break; case OT_MEM64: opSize = OPERAND_SIZE64; break; case OT_MEM128: opSize = OPERAND_SIZE128; break; case OT_MEM16_FULL: /* The size indicates about the second item of the pair. */ switch (effOpSz) { case Decode16Bits: ps->usedPrefixes |= INST_PRE_OP_SIZE; opSize = OPERAND_SIZE16; break; case Decode32Bits: ps->usedPrefixes |= INST_PRE_OP_SIZE; opSize = OPERAND_SIZE32; break; case Decode64Bits: /* Mark usage of REX only if it was required. */ if ((instFlags & (INST_64BITS | INST_PRE_REX)) == (INST_64BITS | INST_PRE_REX)) ps->usedPrefixes |= INST_PRE_REX; opSize = OPERAND_SIZE64; break; } break; case OT_MEM16_3264: /* The size indicates about the second item of the pair. */ if (ci->dt == Decode64Bits) opSize = OPERAND_SIZE64; else opSize = OPERAND_SIZE32; break; case OT_MEM_OPT: /* Since the MEM is optional, only when mod != 3, then return true as if the operand was alright. */ if (mod == 0x3) return TRUE; break; case OT_FPUM16: opSize = OPERAND_SIZE16; break; case OT_FPUM32: opSize = OPERAND_SIZE32; break; case OT_FPUM64: opSize = OPERAND_SIZE64; break; case OT_FPUM80: opSize = OPERAND_SIZE80; break; case OT_LMEM128_256: if (vrex & PREFIX_EX_L) opSize = OPERAND_SIZE256; else opSize = OPERAND_SIZE128; break; case OT_MEM: /* Size is unknown, but still handled. */ break; default: typeHandled = FALSE; break; } if (typeHandled) { /* All of the above types can't use a general-purpose register (a MOD of 3)!. */ if (mod == 0x3) { if (lockableInstruction) *lockableInstruction = FALSE; return FALSE; } op->size = _OPSIZETOINT[opSize]; ret = operands_extract_modrm(ci, di, type, opNum, ps, effOpSz, effAdrSz, lockableInstruction, mod, rm, instFlags); if ((op->type == O_REG) || (op->type == O_SMEM) || (op->type == O_MEM)) { di->usedRegistersMask |= _REGISTERTORCLASS[op->index]; } return ret; } /* -- Memory Indirection Operands (that can be a register) -- */ typeHandled = TRUE; switch (type) { case OT_RM_FULL: ps->usedPrefixes |= INST_PRE_OP_SIZE; /* PUSH/JMP/CALL are automatically promoted to 64 bits! */ if (effOpSz == Decode32Bits) { opSize = OPERAND_SIZE32; break; } else if (effOpSz == Decode64Bits) { /* Mark usage of REX only if it was required. */ if ((instFlags & INST_64BITS) == 0) ps->usedPrefixes |= INST_PRE_REX; opSize = OPERAND_SIZE64; break; } /* FALL THROUGH BECAUSE dt==Decoded16Bits @-<----*/ case OT_RM16: /* If we got here not from OT_RM16, then the prefix was used. */ if (type != OT_RM16) ps->usedPrefixes |= INST_PRE_OP_SIZE; opSize = OPERAND_SIZE16; break; case OT_RM32_64: /* The default size is 32, which can be 64 with a REX only. */ if (effOpSz == Decode64Bits) { opSize = OPERAND_SIZE64; /* Mark REX prefix as used if non-promoted instruction. */ if ((instFlags & (INST_64BITS | INST_PRE_REX)) == (INST_64BITS | INST_PRE_REX)) { ps->usedPrefixes |= INST_PRE_REX; } } else opSize = OPERAND_SIZE32; break; case OT_RM16_32: /* Ignore REX, it's either 32 or 16 bits RM. */ if (ps->decodedPrefixes & INST_PRE_OP_SIZE) { ps->usedPrefixes |= INST_PRE_OP_SIZE; /* Assume: We are in 64bits when we have this operand used. */ opSize = OPERAND_SIZE16; } else opSize = OPERAND_SIZE32; break; case OT_WXMM32_64: case OT_WRM32_64: if (vrex & PREFIX_EX_W) opSize = OPERAND_SIZE64; else opSize = OPERAND_SIZE32; break; case OT_YXMM64_256: if (vrex & PREFIX_EX_L) opSize = OPERAND_SIZE256; else opSize = OPERAND_SIZE64; break; case OT_YXMM128_256: if (vrex & PREFIX_EX_L) opSize = OPERAND_SIZE256; else opSize = OPERAND_SIZE128; break; case OT_LXMM64_128: if (vrex & PREFIX_EX_L) opSize = OPERAND_SIZE128; else opSize = OPERAND_SIZE64; break; case OT_RFULL_M16: ps->usedPrefixes |= INST_PRE_OP_SIZE; opSize = OPERAND_SIZE16; break; case OT_RM8: case OT_R32_M8: case OT_R32_64_M8: case OT_REG32_64_M8: opSize = OPERAND_SIZE8; break; case OT_XMM16: case OT_R32_M16: case OT_R32_64_M16: case OT_REG32_64_M16: opSize = OPERAND_SIZE16; break; case OT_RM32: case OT_MM32: case OT_XMM32: opSize = OPERAND_SIZE32; break; case OT_MM64: case OT_XMM64: opSize = OPERAND_SIZE64; break; case OT_XMM128: opSize = OPERAND_SIZE128; break; case OT_YMM256: opSize = OPERAND_SIZE256; break; default: typeHandled = FALSE; break; } if (typeHandled) { /* Fill size of memory dereference for operand. */ op->size = _OPSIZETOINT[opSize]; ret = operands_extract_modrm(ci, di, type, opNum, ps, effOpSz, effAdrSz, lockableInstruction, mod, rm, instFlags); if ((op->type == O_REG) || (op->type == O_SMEM) || (op->type == O_MEM)) { di->usedRegistersMask |= _REGISTERTORCLASS[op->index]; } return ret; } /* Simple operand type (no ModRM byte). */ switch (type) { case OT_IMM8: operands_set_ts(op, O_IMM, 8); if (!read_stream_safe_uint(ci, &di->imm.byte, sizeof(int8_t))) return FALSE; break; case OT_IMM_FULL: /* 16, 32 or 64, depends on prefixes. */ if (effOpSz == Decode16Bits) { ps->usedPrefixes |= INST_PRE_OP_SIZE; /* FALL THROUGH */ case OT_IMM16: /* Force 16 bits imm. */ operands_set_ts(op, O_IMM, 16); if (!read_stream_safe_uint(ci, &di->imm.word, sizeof(int16_t))) return FALSE; break; /* * Extension: MOV imm64, requires REX. * Make sure it needs the REX. * REX must be present because op size function takes it into consideration. */ } else if ((effOpSz == Decode64Bits) && ((instFlags & (INST_64BITS | INST_PRE_REX)) == (INST_64BITS | INST_PRE_REX))) { ps->usedPrefixes |= INST_PRE_REX; operands_set_ts(op, O_IMM, 64); if (!read_stream_safe_uint(ci, &di->imm.qword, sizeof(int64_t))) return FALSE; break; } else ps->usedPrefixes |= INST_PRE_OP_SIZE; /* FALL THROUGH BECAUSE dt==Decoded32Bits @-<----*/ case OT_IMM32: op->type = O_IMM; if (ci->dt == Decode64Bits) { /* * Imm32 is sign extended to 64 bits! * Originally the op size was 64, but later was changed to reflect real size of imm. */ op->size = 32; /* Use this as an indicator that it should be signed extended. */ di->flags |= FLAG_IMM_SIGNED; if (!read_stream_safe_sint(ci, &di->imm.sqword, sizeof(int32_t))) return FALSE; } else { op->size = 32; if (!read_stream_safe_uint(ci, &di->imm.dword, sizeof(int32_t))) return FALSE; } break; case OT_SEIMM8: /* Sign extended immediate. */ /* * PUSH SEIMM8 can be prefixed by operand size: * Input stream: 66, 6a, 55 * 64bits DT: push small 55 * 32bits DT: push small 55 * 16bits DT: push large 55 * small/large indicates the size of the eSP pointer advancement. * Check the instFlags (ii->flags) if it can be operand-size-prefixed and if the prefix exists. */ op->type = O_IMM; if ((instFlags & INST_PRE_OP_SIZE) && (ps->decodedPrefixes & INST_PRE_OP_SIZE)) { ps->usedPrefixes |= INST_PRE_OP_SIZE; switch (ci->dt) { case Decode16Bits: op->size = 32; break; case Decode32Bits: case Decode64Bits: op->size = 16; break; } } else op->size = 8; di->flags |= FLAG_IMM_SIGNED; if (!read_stream_safe_sint(ci, &di->imm.sqword, sizeof(int8_t))) return FALSE; break; case OT_IMM16_1: operands_set_ts(op, O_IMM1, 16); if (!read_stream_safe_uint(ci, &di->imm.ex.i1, sizeof(int16_t))) return FALSE; break; case OT_IMM8_1: operands_set_ts(op, O_IMM1, 8); if (!read_stream_safe_uint(ci, &di->imm.ex.i1, sizeof(int8_t))) return FALSE; break; case OT_IMM8_2: operands_set_ts(op, O_IMM2, 8); if (!read_stream_safe_uint(ci, &di->imm.ex.i2, sizeof(int8_t))) return FALSE; break; case OT_REG8: operands_set_ts(op, O_REG, 8); if (ps->prefixExtType) { /* * If REX prefix is valid then we will have to use low bytes. * This is a PASSIVE behavior changer of REX prefix, it affects operands even if its value is 0x40 ! */ ps->usedPrefixes |= INST_PRE_REX; op->index = (uint8_t)operands_fix_8bit_rex_base(reg + ((vrex & PREFIX_EX_R) ? EX_GPR_BASE : 0)); } else op->index = (uint8_t)(REGS8_BASE + reg); break; case OT_REG16: operands_set_tsi(op, O_REG, 16, REGS16_BASE + reg); break; case OT_REG_FULL: switch (effOpSz) { case Decode16Bits: ps->usedPrefixes |= INST_PRE_OP_SIZE; if (vrex & PREFIX_EX_R) { ps->usedPrefixes |= INST_PRE_REX; reg += EX_GPR_BASE; } operands_set_tsi(op, O_REG, 16, REGS16_BASE + reg); break; case Decode32Bits: if (vrex & PREFIX_EX_R) { ps->usedPrefixes |= INST_PRE_REX; reg += EX_GPR_BASE; } else ps->usedPrefixes |= INST_PRE_OP_SIZE; operands_set_tsi(op, O_REG, 32, REGS32_BASE + reg); break; case Decode64Bits: /* rex must be presented. */ ps->usedPrefixes |= INST_PRE_REX; operands_set_tsi(op, O_REG, 64, REGS64_BASE + reg + ((vrex & PREFIX_EX_R) ? EX_GPR_BASE : 0)); break; } break; case OT_REG32: if (vrex & PREFIX_EX_R) { ps->usedPrefixes |= INST_PRE_REX; reg += EX_GPR_BASE; } operands_set_tsi(op, O_REG, 32, REGS32_BASE + reg); break; case OT_REG32_64: /* Handle CVT's, MOVxX and MOVNTI instructions which could be extended to 64 bits registers with REX. */ if (vrex & PREFIX_EX_R) { ps->usedPrefixes |= INST_PRE_REX; reg += EX_GPR_BASE; } /* Is it a promoted instruction? (only INST_64BITS is set and REX isn't required.) */ if ((ci->dt == Decode64Bits) && ((instFlags & (INST_64BITS | INST_PRE_REX)) == INST_64BITS)) { operands_set_tsi(op, O_REG, 64, REGS64_BASE + reg); break; } /* Give a chance to REX.W. Because if it was a promoted instruction we don't care about REX.W anyways. */ if (vrex & PREFIX_EX_W) { ps->usedPrefixes |= INST_PRE_REX; operands_set_tsi(op, O_REG, 64, REGS64_BASE + reg); } else operands_set_tsi(op, O_REG, 32, REGS32_BASE + reg); break; case OT_FREG32_64_RM: /* Force decoding mode. Used for MOV CR(n)/DR(n) which defaults to 64 bits operand size in 64 bits. */ if (vrex & PREFIX_EX_B) { ps->usedPrefixes |= INST_PRE_REX; rm += EX_GPR_BASE; } if (ci->dt == Decode64Bits) operands_set_tsi(op, O_REG, 64, REGS64_BASE + rm); else operands_set_tsi(op, O_REG, 32, REGS32_BASE + rm); break; case OT_MM: /* MMX register */ operands_set_tsi(op, O_REG, 64, MMXREGS_BASE + reg); break; case OT_MM_RM: /* MMX register, this time from the RM field */ operands_set_tsi(op, O_REG, 64, MMXREGS_BASE + rm); break; case OT_REGXMM0: /* Implicit XMM0 operand. */ reg = 0; vrex = 0; /* FALL THROUGH */ case OT_XMM: /* SSE register */ if (vrex & PREFIX_EX_R) { ps->usedPrefixes |= INST_PRE_REX; reg += EX_GPR_BASE; } operands_set_tsi(op, O_REG, 128, SSEREGS_BASE + reg); break; case OT_XMM_RM: /* SSE register, this time from the RM field */ if (vrex & PREFIX_EX_B) { ps->usedPrefixes |= INST_PRE_REX; rm += EX_GPR_BASE; } operands_set_tsi(op, O_REG, 128, SSEREGS_BASE + rm); break; case OT_CREG: /* * Don't parse if the reg exceeds the bounds of the array. * Most of the CR's are not implemented, so if there's no matching string, the operand is invalid. */ if (vrex & PREFIX_EX_R) { ps->usedPrefixes |= INST_PRE_REX; reg += EX_GPR_BASE; } else if ((ci->dt == Decode32Bits) && (ps->decodedPrefixes & INST_PRE_LOCK)) { /* * NOTE: In 32 bits decoding mode, * if the lock prefix is set before MOV CR(n) it will become the 4th bit of the REG field like REX.R in 64 bits. */ reg += EX_GPR_BASE; ps->usedPrefixes |= INST_PRE_LOCK; } /* Ignore some registers which do not exist. */ if ((reg >= CREGS_MAX) || (reg == 1) || ((reg >= 5) && (reg <= 7))) return FALSE; op->type = O_REG; if (ci->dt == Decode64Bits) op->size = 64; else op->size = 32; op->index = (uint8_t)(CREGS_BASE + reg); break; case OT_DREG: /* * In 64 bits there are 16 debug registers. * but accessing any of dr8-15 which aren't implemented will cause an #ud. */ if ((reg == 4) || (reg == 5) || (vrex & PREFIX_EX_R)) return FALSE; op->type = O_REG; if (ci->dt == Decode64Bits) op->size = 64; else op->size = 32; op->index = (uint8_t)(DREGS_BASE + reg); break; case OT_SREG: /* Works with REG16 only! */ /* If lockableInstruction pointer is non-null we know it's the first operand. */ if (lockableInstruction && (reg == 1)) return FALSE; /* Can't MOV CS, . */ /*Don't parse if the reg exceeds the bounds of the array. */ if (reg <= SEG_REGS_MAX - 1) operands_set_tsi(op, O_REG, 16, SREGS_BASE + reg); else return FALSE; break; case OT_SEG: op->type = O_REG; /* Size of reg is always 16, it's up to caller to zero extend it to operand size. */ op->size = 16; ps->usedPrefixes |= INST_PRE_OP_SIZE; /* * Extract the SEG from ii->flags this time!!! * Check whether an operand size prefix is used. */ switch (instFlags & INST_PRE_SEGOVRD_MASK) { case INST_PRE_ES: op->index = R_ES; break; case INST_PRE_CS: op->index = R_CS; break; case INST_PRE_SS: op->index = R_SS; break; case INST_PRE_DS: op->index = R_DS; break; case INST_PRE_FS: op->index = R_FS; break; case INST_PRE_GS: op->index = R_GS; break; } break; case OT_ACC8: operands_set_tsi(op, O_REG, 8, R_AL); break; case OT_ACC16: operands_set_tsi(op, O_REG, 16, R_AX); break; case OT_ACC_FULL_NOT64: /* No REX.W support for IN/OUT. */ vrex &= ~PREFIX_EX_W; case OT_ACC_FULL: if (effOpSz == Decode16Bits) { ps->usedPrefixes |= INST_PRE_OP_SIZE; operands_set_tsi(op, O_REG, 16, R_AX); } else if (effOpSz == Decode32Bits) { ps->usedPrefixes |= INST_PRE_OP_SIZE; operands_set_tsi(op, O_REG, 32, R_EAX); } else { /* Decode64Bits */ /* Only non-promoted instructions need REX in order to decode in 64 bits. */ /* MEM-OFFSET MOV's are NOT automatically promoted to 64 bits. */ if (~instFlags & INST_64BITS) { ps->usedPrefixes |= INST_PRE_REX; } operands_set_tsi(op, O_REG, 64, R_RAX); } break; case OT_PTR16_FULL: /* ptr16:full - full is size of operand size to read, therefore Operand Size Prefix affects this. So we need to handle it. */ if (effOpSz == Decode16Bits) { ps->usedPrefixes |= INST_PRE_OP_SIZE; ci->codeLen -= sizeof(int16_t)*2; if (ci->codeLen < 0) return FALSE; operands_set_ts(op, O_PTR, 16); di->imm.ptr.off = RUSHORT(ci->code); /* Read offset first. */ di->imm.ptr.seg = RUSHORT((ci->code + sizeof(int16_t))); /* And read segment. */ ci->code += sizeof(int16_t)*2; } else { /* Decode32Bits, for Decode64Bits this instruction is invalid. */ ps->usedPrefixes |= INST_PRE_OP_SIZE; ci->codeLen -= sizeof(int32_t) + sizeof(int16_t); if (ci->codeLen < 0) return FALSE; operands_set_ts(op, O_PTR, 32); di->imm.ptr.off = RULONG(ci->code); /* Read 32bits offset this time. */ di->imm.ptr.seg = RUSHORT((ci->code + sizeof(int32_t))); /* And read segment, 16 bits. */ ci->code += sizeof(int32_t) + sizeof(int16_t); } break; case OT_RELCB: case OT_RELC_FULL: if (type == OT_RELCB) { operands_set_ts(op, O_PC, 8); if (!read_stream_safe_sint(ci, &di->imm.sqword, sizeof(int8_t))) return FALSE; } else { /* OT_RELC_FULL */ /* Yep, operand size prefix affects relc also. */ ps->usedPrefixes |= INST_PRE_OP_SIZE; if (effOpSz == Decode16Bits) { operands_set_ts(op, O_PC, 16); if (!read_stream_safe_sint(ci, &di->imm.sqword, sizeof(int16_t))) return FALSE; } else { /* Decode32Bits or Decode64Bits = for now they are the same */ operands_set_ts(op, O_PC, 32); if (!read_stream_safe_sint(ci, &di->imm.sqword, sizeof(int32_t))) return FALSE; } } /* Support for hint, see if there's a segment override. */ if ((ii->opcodeId >= I_JO) && (ii->opcodeId <= I_JG)) { if (ps->decodedPrefixes & INST_PRE_CS) { ps->usedPrefixes |= INST_PRE_CS; di->flags |= FLAG_HINT_NOT_TAKEN; } else if (ps->decodedPrefixes & INST_PRE_DS) { ps->usedPrefixes |= INST_PRE_DS; di->flags |= FLAG_HINT_TAKEN; } } break; case OT_MOFFS8: op->size = 8; /* FALL THROUGH, size won't be changed. */ case OT_MOFFS_FULL: op->type = O_DISP; if (op->size == 0) { /* Calculate size of operand (same as ACC size). */ switch (effOpSz) { case Decode16Bits: op->size = 16; break; case Decode32Bits: op->size = 32; break; case Decode64Bits: op->size = 64; break; } } prefixes_use_segment(INST_PRE_DS, ps, ci->dt, di); /* * Just a pointer to a BYTE, WORD, DWORD, QWORD. Works only with ACC8/16/32/64 respectively. * MOV [0x1234], AL ; MOV AX, [0x1234] ; MOV EAX, [0x1234], note that R/E/AX will be chosen by OT_ACC_FULL. */ if (effAdrSz == Decode16Bits) { ps->usedPrefixes |= INST_PRE_ADDR_SIZE; di->dispSize = 16; if (!read_stream_safe_uint(ci, &di->disp, sizeof(int16_t))) return FALSE; } else if (effAdrSz == Decode32Bits) { ps->usedPrefixes |= INST_PRE_ADDR_SIZE; di->dispSize = 32; if (!read_stream_safe_uint(ci, &di->disp, sizeof(int32_t))) return FALSE; } else { /* Decode64Bits */ di->dispSize = 64; if (!read_stream_safe_uint(ci, &di->disp, sizeof(int64_t))) return FALSE; } break; case OT_CONST1: operands_set_ts(op, O_IMM, 8); di->imm.byte = 1; break; case OT_REGCL: operands_set_tsi(op, O_REG, 8, R_CL); break; case OT_FPU_SI: /* Low 3 bits specify the REG, similar to the MODR/M byte reg. */ operands_set_tsi(op, O_REG, 32, FPUREGS_BASE + (*(ci->code-1) & 7)); break; case OT_FPU_SSI: operands_set_tsi(op, O_REG, 32, R_ST0); operands_set_tsi(op + 1, O_REG, 32, FPUREGS_BASE + (*(ci->code-1) & 7)); break; case OT_FPU_SIS: operands_set_tsi(op, O_REG, 32, FPUREGS_BASE + (*(ci->code-1) & 7)); operands_set_tsi(op + 1, O_REG, 32, R_ST0); break; /* * Special treatment for Instructions-Block: * INC/DEC (only 16/32 bits) /PUSH/POP/XCHG instructions, which get their REG from their own binary code. * Notice these instructions are 1 or 2 byte long, * code points after the byte which represents the instruction itself, * thus, even if the instructions are 2 bytes long it will read its last byte which contains the REG info. */ case OT_IB_RB: /* Low 3 bits specify the REG, similar to the MODR/M byte reg. */ operands_set_ts(op, O_REG, 8); reg = *(ci->code-1) & 7; if (vrex & PREFIX_EX_B) { ps->usedPrefixes |= INST_PRE_REX; op->index = (uint8_t)operands_fix_8bit_rex_base(reg + EX_GPR_BASE); } else if (ps->prefixExtType == PET_REX) { ps->usedPrefixes |= INST_PRE_REX; op->index = (uint8_t)operands_fix_8bit_rex_base(reg); } else op->index = (uint8_t)(REGS8_BASE + reg); break; case OT_IB_R_FULL: reg = *(ci->code-1) & 7; switch (effOpSz) { case Decode16Bits: ps->usedPrefixes |= INST_PRE_OP_SIZE; if (vrex & PREFIX_EX_B) { ps->usedPrefixes |= INST_PRE_REX; reg += EX_GPR_BASE; } operands_set_tsi(op, O_REG, 16, REGS16_BASE + reg); break; case Decode32Bits: if (vrex & PREFIX_EX_B) { ps->usedPrefixes |= INST_PRE_REX; reg += EX_GPR_BASE; } else ps->usedPrefixes |= INST_PRE_OP_SIZE; operands_set_tsi(op, O_REG, 32, REGS32_BASE + reg); break; case Decode64Bits: /* * Automatically promoted instruction can drop REX prefix if not required. * PUSH/POP defaults to 64 bits. --> INST_64BITS * MOV imm64 / BSWAP requires REX.W to be 64 bits --> INST_64BITS | INST_PRE_REX */ if ((instFlags & INST_64BITS) && ((instFlags & INST_PRE_REX) == 0)) { if (vrex & PREFIX_EX_B) { ps->usedPrefixes |= INST_PRE_REX; reg += EX_GPR_BASE; } } else { ps->usedPrefixes |= INST_PRE_REX; reg += (vrex & PREFIX_EX_B) ? EX_GPR_BASE : 0; } operands_set_tsi(op, O_REG, 64, REGS64_BASE + reg); break; } break; /* * Special treatment for repeatable instructions. * We want the following output: * If there's only the REP/NZ prefix, we won't output anything (All operands are implicit). * If there's an operand size prefix, we will change the suffix letter of the mnemonic, which specifies the size of operand to the required one. * If there's a segment override prefix, we will output the segment and the used index register (EDI/ESI). * If there's an address size prefix, we will output the (segment if needed and) the used and inverted index register (DI/SI). * Example: * :: Decoding in 16 bits mode! :: * AD ~ LODSW * 66 AD ~ LODSD * F3 AC ~ REP LODSB * F3 66 AD ~ REP LODSD * F3 3E AC ~ REP LODS BYTE DS:[SI] * F3 67 AD ~ REP LODS WORD [ESI] * The basic form of a repeatable instruction has its operands hidden and has a suffix letter * which implies on the size of operation being done. * Therefore, we cannot change the mnemonic here when we encounter another prefix and its not the decoder's responsibility to do so. * That's why the caller is responsible to add the suffix letter if no other prefixes are used. * And all we are doing here is formatting the operand correctly. */ case OT_REGI_ESI: ps->usedPrefixes |= INST_PRE_ADDR_SIZE; op->type = O_SMEM; /* This might be a 16, 32 or 64 bits instruction, depends on the decoding mode. */ if (instFlags & INST_16BITS) { ps->usedPrefixes |= INST_PRE_OP_SIZE; if (effOpSz == Decode16Bits) op->size = 16; else if ((effOpSz == Decode64Bits) && (instFlags & INST_64BITS)) { ps->usedPrefixes |= INST_PRE_REX; op->size = 64; } else op->size = 32; } else op->size = 8; /* * Clear segment in case OT_REGI_EDI was parsed earlier, * DS can be overridden and therefore has precedence. */ di->segment = 0; prefixes_use_segment(INST_PRE_DS, ps, ci->dt, di); if (effAdrSz == Decode16Bits) op->index = R_SI; else if (effAdrSz == Decode32Bits) op->index = R_ESI; else op->index = R_RSI; break; case OT_REGI_EDI: ps->usedPrefixes |= INST_PRE_ADDR_SIZE; op->type = O_SMEM; /* This might be a 16 or 32 bits instruction, depends on the decoding mode. */ if (instFlags & INST_16BITS) { ps->usedPrefixes |= INST_PRE_OP_SIZE; if (effOpSz == Decode16Bits) op->size = 16; else if ((effOpSz == Decode64Bits) && (instFlags & INST_64BITS)) { ps->usedPrefixes |= INST_PRE_REX; op->size = 64; } else op->size = 32; } else op->size = 8; /* Note: The [rDI] operand can't be prefixed by a segment override, therefore we don't set usedPrefixes. */ if ((opNum == ONT_1) && (ci->dt != Decode64Bits)) di->segment = R_ES | SEGMENT_DEFAULT; /* No ES in 64 bits mode. */ if (effAdrSz == Decode16Bits) op->index = R_DI; else if (effAdrSz == Decode32Bits) op->index = R_EDI; else op->index = R_RDI; break; /* Used for In/Out instructions varying forms. */ case OT_REGDX: /* Simple single IN/OUT instruction. */ operands_set_tsi(op, O_REG, 16, R_DX); break; /* Used for INVLPGA instruction. */ case OT_REGECX: operands_set_tsi(op, O_REG, 32, R_ECX); break; case OT_REGI_EBXAL: /* XLAT BYTE [rBX + AL] */ ps->usedPrefixes |= INST_PRE_ADDR_SIZE; prefixes_use_segment(INST_PRE_DS, ps, ci->dt, di); /* Size of deref is always 8 for xlat. */ operands_set_tsi(op, O_MEM, 8, R_AL); if (effAdrSz == Decode16Bits) di->base = R_BX; else if (effAdrSz == Decode32Bits) di->base = R_EBX; else { ps->usedPrefixes |= INST_PRE_REX; di->base = R_RBX; } break; case OT_REGI_EAX: /* * Implicit rAX as memory indirection operand. Used by AMD's SVM instructions. * Since this is a memory indirection, the default address size in 64bits decoding mode is 64. */ if (effAdrSz == Decode64Bits) operands_set_tsi(op, O_SMEM, 64, R_RAX); else if (effAdrSz == Decode32Bits) { ps->usedPrefixes |= INST_PRE_ADDR_SIZE; operands_set_tsi(op, O_SMEM, 32, R_EAX); } else { ps->usedPrefixes |= INST_PRE_ADDR_SIZE; operands_set_tsi(op, O_SMEM, 16, R_AX); } break; case OT_VXMM: operands_set_tsi(op, O_REG, 128, SSEREGS_BASE + vexV); break; case OT_XMM_IMM: ci->codeLen -= sizeof(int8_t); if (ci->codeLen < 0) return FALSE; if (ci->dt == Decode32Bits) reg = (*ci->code >> 4) & 0x7; else reg = (*ci->code >> 4) & 0xf; operands_set_tsi(op, O_REG, 128, SSEREGS_BASE + reg); ci->code += sizeof(int8_t); break; case OT_YXMM: if (vrex & PREFIX_EX_R) reg += EX_GPR_BASE; if (ps->vrex & PREFIX_EX_L) operands_set_tsi(op, O_REG, 256, AVXREGS_BASE + reg); else operands_set_tsi(op, O_REG, 128, SSEREGS_BASE + reg); break; case OT_YXMM_IMM: ci->codeLen -= sizeof(int8_t); if (ci->codeLen < 0) return FALSE; if (ci->dt == Decode32Bits) reg = (*ci->code >> 4) & 0x7; else reg = (*ci->code >> 4) & 0xf; if (ps->vrex & PREFIX_EX_L) operands_set_tsi(op, O_REG, 256, AVXREGS_BASE + reg); else operands_set_tsi(op, O_REG, 128, SSEREGS_BASE + reg); ci->code += sizeof(int8_t); break; case OT_YMM: if (vrex & PREFIX_EX_R) reg += EX_GPR_BASE; operands_set_tsi(op, O_REG, 256, AVXREGS_BASE + reg); break; case OT_VYMM: operands_set_tsi(op, O_REG, 256, AVXREGS_BASE + vexV); break; case OT_VYXMM: if (ps->vrex & PREFIX_EX_L) operands_set_tsi(op, O_REG, 256, AVXREGS_BASE + vexV); else operands_set_tsi(op, O_REG, 128, SSEREGS_BASE + vexV); break; case OT_WREG32_64: if (vrex & PREFIX_EX_R) reg += EX_GPR_BASE; if (ps->vrex & PREFIX_EX_W) operands_set_tsi(op, O_REG, 64, REGS64_BASE + reg); else operands_set_tsi(op, O_REG, 32, REGS32_BASE + reg); break; default: return FALSE; } if ((op->type == O_REG) || (op->type == O_SMEM) || (op->type == O_MEM)) { di->usedRegistersMask |= _REGISTERTORCLASS[op->index]; } return TRUE; } distorm-3.4.1/src/operands.h000077500000000000000000000013421340425302400157530ustar00rootroot00000000000000/* operands.h diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #ifndef OPERANDS_H #define OPERANDS_H #include "config.h" #include "decoder.h" #include "prefix.h" #include "instructions.h" extern uint32_t _REGISTERTORCLASS[]; int operands_extract(_CodeInfo* ci, _DInst* di, _InstInfo* ii, _iflags instFlags, _OpType type, _OperandNumberType opNum, unsigned int modrm, _PrefixState* ps, _DecodeType effOpSz, _DecodeType effAdrSz, int* lockableInstruction); #endif /* OPERANDS_H */ distorm-3.4.1/src/prefix.c000077500000000000000000000302071340425302400154320ustar00rootroot00000000000000/* prefix.c diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #include "prefix.h" #include "x86defs.h" #include "instructions.h" #include "../include/mnemonics.h" /* * The main purpose of this module is to keep track of all kind of prefixes a single instruction may have. * The problem is that a single instruction may have up to six different prefix-types. * That's why I have to detect such cases and drop those excess prefixes. */ int prefixes_is_valid(unsigned int ch, _DecodeType dt) { switch (ch) { /* for i in xrange(0x40, 0x50): print "case 0x%2x:" % i */ case 0x40: /* REX: */ case 0x41: case 0x42: case 0x43: case 0x44: case 0x45: case 0x46: case 0x47: case 0x48: case 0x49: case 0x4a: case 0x4b: case 0x4c: case 0x4d: case 0x4e: case 0x4f: return (dt == Decode64Bits); case PREFIX_LOCK: return TRUE; case PREFIX_REPNZ: return TRUE; case PREFIX_REP: return TRUE; case PREFIX_CS: return TRUE; case PREFIX_SS: return TRUE; case PREFIX_DS: return TRUE; case PREFIX_ES: return TRUE; case PREFIX_FS: return TRUE; case PREFIX_GS: return TRUE; case PREFIX_OP_SIZE: return TRUE; case PREFIX_ADDR_SIZE: return TRUE; /* The VEXs might be false positives, the decode_perfixes will determine for sure. */ case PREFIX_VEX2b: /* VEX is supported for all modes, because 16 bits Pmode is included. */ case PREFIX_VEX3b: return TRUE; } return FALSE; } /* Ignore a specific prefix type. */ void prefixes_ignore(_PrefixState* ps, _PrefixIndexer pi) { /* * If that type of prefix appeared already, set the bit of that *former* prefix. * Anyway, set the new index of that prefix type to the current index, so next time we know its position. */ if (ps->pfxIndexer[pi] != PFXIDX_NONE) ps->unusedPrefixesMask |= (1 << ps->pfxIndexer[pi]); } /* Ignore all prefix. */ void prefixes_ignore_all(_PrefixState* ps) { int i; for (i = 0; i < PFXIDX_MAX; i++) prefixes_ignore(ps, i); } /* Calculates which prefixes weren't used and accordingly sets the bits in the unusedPrefixesMask. */ uint16_t prefixes_set_unused_mask(_PrefixState* ps) { /* * The decodedPrefixes represents the prefixes that were *read* from the binary stream for the instruction. * The usedPrefixes represents the prefixes that were actually used by the instruction in the *decode* phase. * Xoring between the two will result in a 'diff' which returns the prefixes that were read * from the stream *and* that were never used in the actual decoding. * * Only one prefix per type can be set in decodedPrefixes from the stream. * Therefore it's enough to check each type once and set the flag accordingly. * That's why we had to book-keep each prefix type and its position. * So now we know which bits we need to set exactly in the mask. */ _iflags unusedPrefixesDiff = ps->decodedPrefixes ^ ps->usedPrefixes; /* Examine unused prefixes by type: */ /* * About REX: it might be set in the diff although it was never in the stream itself. * This is because the vrex is shared between VEX and REX and some places flag it as REX usage, while * we were really decoding an AVX instruction. * It's not a big problem, because the prefixes_ignore func will ignore it anyway, * since it wasn't seen earlier. But it's important to know this. */ if (unusedPrefixesDiff & INST_PRE_REX) prefixes_ignore(ps, PFXIDX_REX); if (unusedPrefixesDiff & INST_PRE_SEGOVRD_MASK) prefixes_ignore(ps, PFXIDX_SEG); if (unusedPrefixesDiff & INST_PRE_LOKREP_MASK) prefixes_ignore(ps, PFXIDX_LOREP); if (unusedPrefixesDiff & INST_PRE_OP_SIZE) prefixes_ignore(ps, PFXIDX_OP_SIZE); if (unusedPrefixesDiff & INST_PRE_ADDR_SIZE) prefixes_ignore(ps, PFXIDX_ADRS); /* If a VEX instruction was found, its prefix is considered as used, therefore no point for checking for it. */ return ps->unusedPrefixesMask; } /* * Mark a prefix as unused, and bookkeep where we last saw this same type, * because in the future we might want to disable it too. */ _INLINE_ void prefixes_track_unused(_PrefixState* ps, int index, _PrefixIndexer pi) { prefixes_ignore(ps, pi); /* Book-keep the current index for this type. */ ps->pfxIndexer[pi] = index; } /* * Read as many prefixes as possible, up to 15 bytes, and halt when we encounter non-prefix byte. * This algorithm tries to imitate a real processor, where the same prefix can appear a few times, etc. * The tiny complexity is that we want to know when a prefix was superfluous and mark any copy of it as unused. * Note that the last prefix of its type will be considered as used, and all the others (of same type) before it as unused. */ void prefixes_decode(const uint8_t* code, int codeLen, _PrefixState* ps, _DecodeType dt) { int index, done; uint8_t vex; /* * First thing to do, scan for prefixes, there are six types of prefixes. * There may be up to six prefixes before a single instruction, not the same type, no special order, * except REX/VEX must precede immediately the first opcode byte. * BTW - This is the reason why I didn't make the REP prefixes part of the instructions (STOS/SCAS/etc). * * Another thing, the instruction maximum size is 15 bytes, thus if we read more than 15 bytes, we will halt. * * We attach all prefixes to the next instruction, there might be two or more occurrences from the same prefix. * Also, since VEX can be allowed only once we will test it separately. */ for (index = 0, done = FALSE; (codeLen > 0) && (code - ps->start < INST_MAXIMUM_SIZE); code++, codeLen--, index++) { /* NOTE: AMD treat lock/rep as two different groups... But I am based on Intel. - Lock and Repeat: - 0xF0 — LOCK - 0xF2 — REPNE/REPNZ - 0xF3 - REP/REPE/REPZ - Segment Override: - 0x2E - CS - 0x36 - SS - 0x3E - DS - 0x26 - ES - 0x64 - FS - 0x65 - GS - Operand-Size Override: 0x66, switching default size. - Address-Size Override: 0x67, switching default size. 64 Bits: - REX: 0x40 - 0x4f, extends register access. - 2 Bytes VEX: 0xc4 - 3 Bytes VEX: 0xc5 32 Bits: - 2 Bytes VEX: 0xc4 11xx-xxxx - 3 Bytes VEX: 0xc5 11xx-xxxx */ /* Examine what type of prefix we got. */ switch (*code) { /* REX type, 64 bits decoding mode only: */ case 0x40: case 0x41: case 0x42: case 0x43: case 0x44: case 0x45: case 0x46: case 0x47: case 0x48: case 0x49: case 0x4a: case 0x4b: case 0x4c: case 0x4d: case 0x4e: case 0x4f: if (dt == Decode64Bits) { ps->decodedPrefixes |= INST_PRE_REX; ps->vrex = *code & 0xf; /* Keep only BXRW. */ ps->rexPos = code; ps->prefixExtType = PET_REX; prefixes_track_unused(ps, index, PFXIDX_REX); } else done = TRUE; /* If we are not in 64 bits mode, it's an instruction, then halt. */ break; /* LOCK and REPx type: */ case PREFIX_LOCK: ps->decodedPrefixes |= INST_PRE_LOCK; prefixes_track_unused(ps, index, PFXIDX_LOREP); break; case PREFIX_REPNZ: ps->decodedPrefixes |= INST_PRE_REPNZ; prefixes_track_unused(ps, index, PFXIDX_LOREP); break; case PREFIX_REP: ps->decodedPrefixes |= INST_PRE_REP; prefixes_track_unused(ps, index, PFXIDX_LOREP); break; /* Seg Overide type: */ case PREFIX_CS: ps->decodedPrefixes |= INST_PRE_CS; prefixes_track_unused(ps, index, PFXIDX_SEG); break; case PREFIX_SS: ps->decodedPrefixes |= INST_PRE_SS; prefixes_track_unused(ps, index, PFXIDX_SEG); break; case PREFIX_DS: ps->decodedPrefixes |= INST_PRE_DS; prefixes_track_unused(ps, index, PFXIDX_SEG); break; case PREFIX_ES: ps->decodedPrefixes |= INST_PRE_ES; prefixes_track_unused(ps, index, PFXIDX_SEG); break; case PREFIX_FS: ps->decodedPrefixes |= INST_PRE_FS; prefixes_track_unused(ps, index, PFXIDX_SEG); break; case PREFIX_GS: ps->decodedPrefixes |= INST_PRE_GS; prefixes_track_unused(ps, index, PFXIDX_SEG); break; /* Op Size type: */ case PREFIX_OP_SIZE: ps->decodedPrefixes |= INST_PRE_OP_SIZE; prefixes_track_unused(ps, index, PFXIDX_OP_SIZE); break; /* Addr Size type: */ case PREFIX_ADDR_SIZE: ps->decodedPrefixes |= INST_PRE_ADDR_SIZE; prefixes_track_unused(ps, index, PFXIDX_ADRS); break; /* Non-prefix byte now, so break 2. */ default: done = TRUE; break; } if (done) break; } /* 2 Bytes VEX: */ if ((codeLen >= 2) && (*code == PREFIX_VEX2b) && ((code - ps->start) <= INST_MAXIMUM_SIZE - 2)) { /* * In 32 bits the second byte has to be in the special range of Mod=11. * Otherwise it might be a normal LDS instruction. */ if ((dt == Decode64Bits) || (*(code + 1) >= INST_DIVIDED_MODRM)) { ps->vexPos = code + 1; ps->decodedPrefixes |= INST_PRE_VEX; ps->prefixExtType = PET_VEX2BYTES; /* * VEX 1 byte bits: * |7-6--3-2-10| * |R|vvvv|L|pp| * |-----------| */ /* -- Convert from VEX prefix to VREX flags -- */ vex = *ps->vexPos; if (~vex & 0x80 && dt == Decode64Bits) ps->vrex |= PREFIX_EX_R; /* Convert VEX.R. */ if (vex & 4) ps->vrex |= PREFIX_EX_L; /* Convert VEX.L. */ code += 2; } } /* 3 Bytes VEX: */ if ((codeLen >= 3) && (*code == PREFIX_VEX3b) && ((code - ps->start) <= INST_MAXIMUM_SIZE - 3) && (~ps->decodedPrefixes & INST_PRE_VEX)) { /* * In 32 bits the second byte has to be in the special range of Mod=11. * Otherwise it might be a normal LES instruction. * And we don't care now about the 3rd byte. */ if ((dt == Decode64Bits) || (*(code + 1) >= INST_DIVIDED_MODRM)) { ps->vexPos = code + 1; ps->decodedPrefixes |= INST_PRE_VEX; ps->prefixExtType = PET_VEX3BYTES; /* * VEX first and second bytes: * |7-6-5-4----0| |7-6--3-2-10| * |R|X|B|m-mmmm| |W|vvvv|L|pp| * |------------| |-----------| */ /* -- Convert from VEX prefix to VREX flags -- */ vex = *ps->vexPos; ps->vrex |= ((~vex >> 5) & 0x7); /* Shift and invert VEX.R/X/B to their place */ vex = *(ps->vexPos + 1); if (vex & 4) ps->vrex |= PREFIX_EX_L; /* Convert VEX.L. */ if (vex & 0x80) ps->vrex |= PREFIX_EX_W; /* Convert VEX.W. */ /* Clear some flags if the mode isn't 64 bits. */ if (dt != Decode64Bits) ps->vrex &= ~(PREFIX_EX_B | PREFIX_EX_X | PREFIX_EX_R | PREFIX_EX_W); code += 3; } } /* * Save last byte scanned address, so the decoder could keep on scanning from this point and on and on and on. * In addition the decoder is able to know that the last byte could lead to MMX/SSE instructions (preceding REX if exists). */ ps->last = code; /* ps->last points to an opcode byte. */ } /* * For every memory-indirection operand we want to set its corresponding default segment. * If the segment is being overrided, we need to see whether we use it or not. * We will use it only if it's not the default one already. */ void prefixes_use_segment(_iflags defaultSeg, _PrefixState* ps, _DecodeType dt, _DInst* di) { _iflags flags = 0; if (dt == Decode64Bits) flags = ps->decodedPrefixes & INST_PRE_SEGOVRD_MASK64; else flags = ps->decodedPrefixes & INST_PRE_SEGOVRD_MASK; if ((flags == 0) || (flags == defaultSeg)) { flags = defaultSeg; di->segment |= SEGMENT_DEFAULT; } else if (flags != defaultSeg) { /* Use it only if it's non-default segment. */ ps->usedPrefixes |= flags; } /* ASSERT: R_XX must be below 128. */ switch (flags) { case INST_PRE_ES: di->segment |= R_ES; break; case INST_PRE_CS: di->segment |= R_CS; break; case INST_PRE_SS: di->segment |= R_SS; break; case INST_PRE_DS: di->segment |= R_DS; break; case INST_PRE_FS: di->segment |= R_FS; break; case INST_PRE_GS: di->segment |= R_GS; break; } /* If it's one of the CS,SS,DS,ES and the mode is 64 bits, set segment it to none, since it's ignored. */ if ((dt == Decode64Bits) && (flags & INST_PRE_SEGOVRD_MASK32)) di->segment = R_NONE; } distorm-3.4.1/src/prefix.h000077500000000000000000000045531340425302400154440ustar00rootroot00000000000000/* prefix.h diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #ifndef PREFIX_H #define PREFIX_H #include "config.h" #include "decoder.h" /* Specifies the type of the extension prefix, such as: REX, 2 bytes VEX, 3 bytes VEX. */ typedef enum {PET_NONE = 0, PET_REX, PET_VEX2BYTES, PET_VEX3BYTES} _PrefixExtType; /* Specifies an index into a table of prefixes by their type. */ typedef enum {PFXIDX_NONE = -1, PFXIDX_REX, PFXIDX_LOREP, PFXIDX_SEG, PFXIDX_OP_SIZE, PFXIDX_ADRS, PFXIDX_MAX} _PrefixIndexer; /* * This holds the prefixes state for the current instruction we decode. * decodedPrefixes includes all specific prefixes that the instruction got. * start is a pointer to the first prefix to take into account. * last is a pointer to the last byte we scanned. * Other pointers are used to keep track of prefixes positions and help us know if they appeared already and where. */ typedef struct { _iflags decodedPrefixes, usedPrefixes; const uint8_t *start, *last, *vexPos, *rexPos; _PrefixExtType prefixExtType; uint16_t unusedPrefixesMask; /* Indicates whether the operand size prefix (0x66) was used as a mandatory prefix. */ int isOpSizeMandatory; /* If VEX prefix is used, store the VEX.vvvv field. */ unsigned int vexV; /* The fields B/X/R/W/L of REX and VEX are stored together in this byte. */ unsigned int vrex; /* !! Make sure pfxIndexer is LAST! Otherwise memset won't work well with it. !! */ /* Holds the offset to the prefix byte by its type. */ int pfxIndexer[PFXIDX_MAX]; } _PrefixState; /* * Intel supports 6 types of prefixes, whereas AMD supports 5 types (lock is seperated from rep/nz). * REX is the fifth prefix type, this time I'm based on AMD64. * VEX is the 6th, though it can't be repeated. */ #define MAX_PREFIXES (5) int prefixes_is_valid(unsigned int ch, _DecodeType dt); void prefixes_ignore(_PrefixState* ps, _PrefixIndexer pi); void prefixes_ignore_all(_PrefixState* ps); uint16_t prefixes_set_unused_mask(_PrefixState* ps); void prefixes_decode(const uint8_t* code, int codeLen, _PrefixState* ps, _DecodeType dt); void prefixes_use_segment(_iflags defaultSeg, _PrefixState* ps, _DecodeType dt, _DInst* di); #endif /* PREFIX_H */ distorm-3.4.1/src/textdefs.c000077500000000000000000000147271340425302400157740ustar00rootroot00000000000000/* textdefs.c diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #include "textdefs.h" #ifndef DISTORM_LIGHT static uint8_t Nibble2ChrTable[16] = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'}; #define NIBBLE_TO_CHR Nibble2ChrTable[t] void _FASTCALL_ str_hex_b(_WString* s, unsigned int x) { /* * def prebuilt(): * s = "" * for i in xrange(256): * if ((i % 0x10) == 0): * s += "\r\n" * s += "\"%02x\", " % (i) * return s */ static int8_t TextBTable[256][3] = { "00", "01", "02", "03", "04", "05", "06", "07", "08", "09", "0a", "0b", "0c", "0d", "0e", "0f", "10", "11", "12", "13", "14", "15", "16", "17", "18", "19", "1a", "1b", "1c", "1d", "1e", "1f", "20", "21", "22", "23", "24", "25", "26", "27", "28", "29", "2a", "2b", "2c", "2d", "2e", "2f", "30", "31", "32", "33", "34", "35", "36", "37", "38", "39", "3a", "3b", "3c", "3d", "3e", "3f", "40", "41", "42", "43", "44", "45", "46", "47", "48", "49", "4a", "4b", "4c", "4d", "4e", "4f", "50", "51", "52", "53", "54", "55", "56", "57", "58", "59", "5a", "5b", "5c", "5d", "5e", "5f", "60", "61", "62", "63", "64", "65", "66", "67", "68", "69", "6a", "6b", "6c", "6d", "6e", "6f", "70", "71", "72", "73", "74", "75", "76", "77", "78", "79", "7a", "7b", "7c", "7d", "7e", "7f", "80", "81", "82", "83", "84", "85", "86", "87", "88", "89", "8a", "8b", "8c", "8d", "8e", "8f", "90", "91", "92", "93", "94", "95", "96", "97", "98", "99", "9a", "9b", "9c", "9d", "9e", "9f", "a0", "a1", "a2", "a3", "a4", "a5", "a6", "a7", "a8", "a9", "aa", "ab", "ac", "ad", "ae", "af", "b0", "b1", "b2", "b3", "b4", "b5", "b6", "b7", "b8", "b9", "ba", "bb", "bc", "bd", "be", "bf", "c0", "c1", "c2", "c3", "c4", "c5", "c6", "c7", "c8", "c9", "ca", "cb", "cc", "cd", "ce", "cf", "d0", "d1", "d2", "d3", "d4", "d5", "d6", "d7", "d8", "d9", "da", "db", "dc", "dd", "de", "df", "e0", "e1", "e2", "e3", "e4", "e5", "e6", "e7", "e8", "e9", "ea", "eb", "ec", "ed", "ee", "ef", "f0", "f1", "f2", "f3", "f4", "f5", "f6", "f7", "f8", "f9", "fa", "fb", "fc", "fd", "fe", "ff" }; /* * Fixed length of 3 including null terminate character. */ memcpy(&s->p[s->length], TextBTable[x & 255], 3); s->length += 2; } void _FASTCALL_ str_code_hb(_WString* s, unsigned int x) { static int8_t TextHBTable[256][5] = { /* * def prebuilt(): * s = "" * for i in xrange(256): * if ((i % 0x10) == 0): * s += "\r\n" * s += "\"0x%x\", " % (i) * return s */ "0x0", "0x1", "0x2", "0x3", "0x4", "0x5", "0x6", "0x7", "0x8", "0x9", "0xa", "0xb", "0xc", "0xd", "0xe", "0xf", "0x10", "0x11", "0x12", "0x13", "0x14", "0x15", "0x16", "0x17", "0x18", "0x19", "0x1a", "0x1b", "0x1c", "0x1d", "0x1e", "0x1f", "0x20", "0x21", "0x22", "0x23", "0x24", "0x25", "0x26", "0x27", "0x28", "0x29", "0x2a", "0x2b", "0x2c", "0x2d", "0x2e", "0x2f", "0x30", "0x31", "0x32", "0x33", "0x34", "0x35", "0x36", "0x37", "0x38", "0x39", "0x3a", "0x3b", "0x3c", "0x3d", "0x3e", "0x3f", "0x40", "0x41", "0x42", "0x43", "0x44", "0x45", "0x46", "0x47", "0x48", "0x49", "0x4a", "0x4b", "0x4c", "0x4d", "0x4e", "0x4f", "0x50", "0x51", "0x52", "0x53", "0x54", "0x55", "0x56", "0x57", "0x58", "0x59", "0x5a", "0x5b", "0x5c", "0x5d", "0x5e", "0x5f", "0x60", "0x61", "0x62", "0x63", "0x64", "0x65", "0x66", "0x67", "0x68", "0x69", "0x6a", "0x6b", "0x6c", "0x6d", "0x6e", "0x6f", "0x70", "0x71", "0x72", "0x73", "0x74", "0x75", "0x76", "0x77", "0x78", "0x79", "0x7a", "0x7b", "0x7c", "0x7d", "0x7e", "0x7f", "0x80", "0x81", "0x82", "0x83", "0x84", "0x85", "0x86", "0x87", "0x88", "0x89", "0x8a", "0x8b", "0x8c", "0x8d", "0x8e", "0x8f", "0x90", "0x91", "0x92", "0x93", "0x94", "0x95", "0x96", "0x97", "0x98", "0x99", "0x9a", "0x9b", "0x9c", "0x9d", "0x9e", "0x9f", "0xa0", "0xa1", "0xa2", "0xa3", "0xa4", "0xa5", "0xa6", "0xa7", "0xa8", "0xa9", "0xaa", "0xab", "0xac", "0xad", "0xae", "0xaf", "0xb0", "0xb1", "0xb2", "0xb3", "0xb4", "0xb5", "0xb6", "0xb7", "0xb8", "0xb9", "0xba", "0xbb", "0xbc", "0xbd", "0xbe", "0xbf", "0xc0", "0xc1", "0xc2", "0xc3", "0xc4", "0xc5", "0xc6", "0xc7", "0xc8", "0xc9", "0xca", "0xcb", "0xcc", "0xcd", "0xce", "0xcf", "0xd0", "0xd1", "0xd2", "0xd3", "0xd4", "0xd5", "0xd6", "0xd7", "0xd8", "0xd9", "0xda", "0xdb", "0xdc", "0xdd", "0xde", "0xdf", "0xe0", "0xe1", "0xe2", "0xe3", "0xe4", "0xe5", "0xe6", "0xe7", "0xe8", "0xe9", "0xea", "0xeb", "0xec", "0xed", "0xee", "0xef", "0xf0", "0xf1", "0xf2", "0xf3", "0xf4", "0xf5", "0xf6", "0xf7", "0xf8", "0xf9", "0xfa", "0xfb", "0xfc", "0xfd", "0xfe", "0xff" }; if (x < 0x10) { /* < 0x10 has a fixed length of 4 including null terminate. */ memcpy(&s->p[s->length], TextHBTable[x & 255], 4); s->length += 3; } else { /* >= 0x10 has a fixed length of 5 including null terminate. */ memcpy(&s->p[s->length], TextHBTable[x & 255], 5); s->length += 4; } } void _FASTCALL_ str_code_hdw(_WString* s, uint32_t x) { int8_t* buf; int i = 0, shift = 0; unsigned int t = 0; buf = (int8_t*)&s->p[s->length]; buf[0] = '0'; buf[1] = 'x'; buf += 2; for (shift = 28; shift != 0; shift -= 4) { t = (x >> shift) & 0xf; if (i | t) buf[i++] = NIBBLE_TO_CHR; } t = x & 0xf; buf[i++] = NIBBLE_TO_CHR; s->length += i + 2; buf[i] = '\0'; } void _FASTCALL_ str_code_hqw(_WString* s, uint8_t src[8]) { int8_t* buf; int i = 0, shift = 0; uint32_t x = RULONG(&src[sizeof(int32_t)]); int t; buf = (int8_t*)&s->p[s->length]; buf[0] = '0'; buf[1] = 'x'; buf += 2; for (shift = 28; shift != -4; shift -= 4) { t = (x >> shift) & 0xf; if (i | t) buf[i++] = NIBBLE_TO_CHR; } x = RULONG(src); for (shift = 28; shift != 0; shift -= 4) { t = (x >> shift) & 0xf; if (i | t) buf[i++] = NIBBLE_TO_CHR; } t = x & 0xf; buf[i++] = NIBBLE_TO_CHR; s->length += i + 2; buf[i] = '\0'; } #ifdef SUPPORT_64BIT_OFFSET void _FASTCALL_ str_off64(_WString* s, OFFSET_INTEGER x) { int8_t* buf; int i = 0, shift = 0; OFFSET_INTEGER t = 0; buf = (int8_t*)&s->p[s->length]; buf[0] = '0'; buf[1] = 'x'; buf += 2; for (shift = 60; shift != 0; shift -= 4) { t = (x >> shift) & 0xf; if (i | t) buf[i++] = NIBBLE_TO_CHR; } t = x & 0xf; buf[i++] = NIBBLE_TO_CHR; s->length += i + 2; buf[i] = '\0'; } #endif /* SUPPORT_64BIT_OFFSET */ #endif /* DISTORM_LIGHT */ distorm-3.4.1/src/textdefs.h000077500000000000000000000025771340425302400160010ustar00rootroot00000000000000/* textdefs.h diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #ifndef TEXTDEFS_H #define TEXTDEFS_H #include "config.h" #include "wstring.h" #ifndef DISTORM_LIGHT #define PLUS_DISP_CHR '+' #define MINUS_DISP_CHR '-' #define OPEN_CHR '[' #define CLOSE_CHR ']' #define SP_CHR ' ' #define SEG_OFF_CHR ':' /* Naming Convention: * get - returns a pointer to a string. * str - concatenates to string. * hex - means the function is used for hex dump (number is padded to required size) - Little Endian output. * code - means the function is used for disassembled instruction - Big Endian output. * off - means the function is used for 64bit offset - Big Endian output. * h - '0x' in front of the string. * b - byte * dw - double word (can be used for word also) * qw - quad word * all numbers are in HEX. */ void _FASTCALL_ str_hex_b(_WString* s, unsigned int x); void _FASTCALL_ str_code_hb(_WString* s, unsigned int x); void _FASTCALL_ str_code_hdw(_WString* s, uint32_t x); void _FASTCALL_ str_code_hqw(_WString* s, uint8_t src[8]); #ifdef SUPPORT_64BIT_OFFSET void _FASTCALL_ str_off64(_WString* s, OFFSET_INTEGER x); #endif #endif /* DISTORM_LIGHT */ #endif /* TEXTDEFS_H */ distorm-3.4.1/src/wstring.c000077500000000000000000000016471340425302400156400ustar00rootroot00000000000000/* wstring.c diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #include "wstring.h" #ifndef DISTORM_LIGHT void strclear_WS(_WString* s) { s->p[0] = '\0'; s->length = 0; } void chrcat_WS(_WString* s, uint8_t ch) { s->p[s->length] = ch; s->p[s->length + 1] = '\0'; s->length += 1; } void strcpylen_WS(_WString* s, const int8_t* buf, unsigned int len) { s->length = len; memcpy((int8_t*)s->p, buf, len + 1); } void strcatlen_WS(_WString* s, const int8_t* buf, unsigned int len) { memcpy((int8_t*)&s->p[s->length], buf, len + 1); s->length += len; } void strcat_WS(_WString* s, const _WString* s2) { memcpy((int8_t*)&s->p[s->length], s2->p, s2->length + 1); s->length += s2->length; } #endif /* DISTORM_LIGHT */ distorm-3.4.1/src/wstring.h000077500000000000000000000020411340425302400156320ustar00rootroot00000000000000/* wstring.h diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #ifndef WSTRING_H #define WSTRING_H #include "config.h" #ifndef DISTORM_LIGHT void strclear_WS(_WString* s); void chrcat_WS(_WString* s, uint8_t ch); void strcpylen_WS(_WString* s, const int8_t* buf, unsigned int len); void strcatlen_WS(_WString* s, const int8_t* buf, unsigned int len); void strcat_WS(_WString* s, const _WString* s2); /* * Warning, this macro should be used only when the compiler knows the size of string in advance! * This macro is used in order to spare the call to strlen when the strings are known already. * Note: sizeof includes NULL terminated character. */ #define strcat_WSN(s, t) strcatlen_WS((s), ((const int8_t*)t), sizeof((t))-1) #define strcpy_WSN(s, t) strcpylen_WS((s), ((const int8_t*)t), sizeof((t))-1) #endif /* DISTORM_LIGHT */ #endif /* WSTRING_H */ distorm-3.4.1/src/x86defs.h000077500000000000000000000040751340425302400154350ustar00rootroot00000000000000/* x86defs.h diStorm3 - Powerful disassembler for X86/AMD64 http://ragestorm.net/distorm/ distorm at gmail dot com Copyright (C) 2003-2018 Gil Dabah This library is licensed under the BSD license. See the file COPYING. */ #ifndef X86DEFS_H #define X86DEFS_H #define SEG_REGS_MAX (6) #define CREGS_MAX (9) #define DREGS_MAX (8) /* Maximum instruction size, including prefixes */ #define INST_MAXIMUM_SIZE (15) /* Maximum range of imm8 (comparison type) of special SSE CMP instructions. */ #define INST_CMP_MAX_RANGE (8) /* Maximum range of imm8 (comparison type) of special AVX VCMP instructions. */ #define INST_VCMP_MAX_RANGE (32) /* Wait instruction byte code. */ #define INST_WAIT_INDEX (0x9b) /* Lea instruction byte code. */ #define INST_LEA_INDEX (0x8d) /* NOP/XCHG instruction byte code. */ #define INST_NOP_INDEX (0x90) /* ARPL/MOVSXD instruction byte code. */ #define INST_ARPL_INDEX (0x63) /* * Minimal MODR/M value of divided instructions. * It's 0xc0, two MSBs set, which indicates a general purpose register is used too. */ #define INST_DIVIDED_MODRM (0xc0) /* This is the escape byte value used for 3DNow! instructions. */ #define _3DNOW_ESCAPE_BYTE (0x0f) #define PREFIX_LOCK (0xf0) #define PREFIX_REPNZ (0xf2) #define PREFIX_REP (0xf3) #define PREFIX_CS (0x2e) #define PREFIX_SS (0x36) #define PREFIX_DS (0x3e) #define PREFIX_ES (0x26) #define PREFIX_FS (0x64) #define PREFIX_GS (0x65) #define PREFIX_OP_SIZE (0x66) #define PREFIX_ADDR_SIZE (0x67) #define PREFIX_VEX2b (0xc5) #define PREFIX_VEX3b (0xc4) /* REX prefix value range, 64 bits mode decoding only. */ #define PREFIX_REX_LOW (0x40) #define PREFIX_REX_HI (0x4f) /* In order to use the extended GPR's we have to add 8 to the Modr/M info values. */ #define EX_GPR_BASE (8) /* Mask for REX and VEX features: */ /* Base */ #define PREFIX_EX_B (1) /* Index */ #define PREFIX_EX_X (2) /* Register */ #define PREFIX_EX_R (4) /* Operand Width */ #define PREFIX_EX_W (8) /* Vector Lengh */ #define PREFIX_EX_L (0x10) #endif /* X86DEFS_H */