def _(bs):
ints = len([x for x in arg_types if x is type_impl.Int or x is type_impl.Str or x is Raw or x is type_impl.NoneType or isinstance(x, _FuncPtr) or x is type_impl.Bool])
floats = len([x for x in arg_types if x is type_impl.Float])
floats_orig = floats
pos = 0
for arg_type in reversed(arg_types):
type = bs.flow.stack.pop()
assert arg_type is type, (type, arg_type)
if type is type_impl.Int or type is type_impl.Bool:
ints -= 1
bs.code += isa.mov(int_regs[ints], MemRef(registers.rsp, pos))
pos += 8
elif isinstance(type, _FuncPtr):
ints -= 1
bs.code += isa.mov(int_regs[ints], MemRef(registers.rsp, pos))
pos += 8
elif type is type_impl.NoneType:
ints -= 1
bs.code += isa.mov(int_regs[ints], 0)
elif type is Raw:
ints -= 1
bs.code += isa.mov(int_regs[ints], MemRef(registers.rsp, pos))
pos += 8
bs.code += isa.add(int_regs[ints], 8)
elif type is type_impl.Float:
floats -= 1
bs.code += isa.movsd(float_regs[floats], MemRef(registers.rsp, pos))
pos += 8
elif type is type_impl.Str:
ints -= 1
bs.code += isa.mov(int_regs[ints], MemRef(registers.rsp, pos))
bs.code += isa.test(int_regs[ints], 1)
short = bs.program.get_unique_label()
end = bs.program.get_unique_label()
bs.code += isa.jnz(short)
# long
bs.code += isa.add(int_regs[ints], 8)
bs.code += isa.jmp(end)
bs.code += short
# short
bs.code += isa.shr(MemRef(registers.rsp, pos), 8)
bs.code += isa.lea(int_regs[ints], MemRef(registers.rsp, pos, data_size=None))
bs.code += end
pos += 8
else:
assert False, type
assert bs.flow.stack.pop() is self
bs.code += isa.mov(registers.rbx, ctypes.cast(self.func, ctypes.c_void_p).value)
bs.code += isa.mov(registers.r12, registers.rsp)
bs.code += isa.and_(registers.rsp, -16)
bs.code += isa.mov(registers.rax, floats)
bs.code += isa.call(registers.rbx)
bs.code += isa.mov(registers.rsp, registers.r12)
bs.code += isa.add(registers.rsp, pos)
bs.code += isa.push(registers.rax)
bs.flow.stack.append(type_impl.Int)
def _(bs):
assert bs.flow.stack.pop() is type_impl.Int
bs.code += isa.pop(registers.rcx)
assert bs.flow.stack.pop() is self
bs.code += isa.pop(registers.rbx)
bs.code += isa.add(registers.rbx, registers.rcx)
bs.code += isa.add(registers.rbx, 8)
bs.code += isa.mov(registers.rax, MemRef(registers.rbx))
bs.code += isa.push(registers.rax)
bs.flow.stack.append(type_impl.Int)
def getattr_raw(self, bs):
bs.code += isa.pop(registers.r12)
bs.code += isa.mov(registers.rdi, MemRef(registers.r12))
bs.code += isa.add(registers.rdi, 8)
bs.code += isa.mov(registers.rax, util.malloc_addr)
bs.code += isa.call(registers.rax)
bs.code += isa.push(registers.rax)
bs.code += isa.mov(registers.rdi, registers.rax)
bs.code += isa.mov(registers.rsi, registers.r12)
bs.code += isa.mov(registers.rcx, MemRef(registers.r12))
bs.code += isa.add(registers.rcx, 8)
bs.code += isa.rep()
bs.code += isa.movsb()
bs.flow.stack.append(type_impl.Str)
def _(bs):
assert bs.flow.stack.pop() is type_impl.Int
bs.code += isa.pop(registers.rcx)
assert bs.flow.stack.pop() is self
bs.code += isa.pop(registers.rbx)
bs.code += isa.add(registers.rbx, registers.rcx)
bs.code += isa.add(registers.rbx, 8)
bs.code += isa.mov(registers.rax, MemRef(registers.rbx))
bs.code += isa.push(registers.rax)
bs.flow.stack.append(type_impl.Int)
def getattr_raw(self, bs):
bs.code += isa.pop(registers.r12)
bs.code += isa.mov(registers.rdi, MemRef(registers.r12))
bs.code += isa.add(registers.rdi, 8)
bs.code += isa.mov(registers.rax, util.malloc_addr)
bs.code += isa.call(registers.rax)
bs.code += isa.push(registers.rax)
bs.code += isa.mov(registers.rdi, registers.rax)
bs.code += isa.mov(registers.rsi, registers.r12)
bs.code += isa.mov(registers.rcx, MemRef(registers.r12))
bs.code += isa.add(registers.rcx, 8)
bs.code += isa.rep()
bs.code += isa.movsb()
bs.flow.stack.append(type_impl.Str)
def _(bs):
assert bs.flow.stack.pop() is type_impl.Int
bs.code += isa.pop(registers.rcx)
assert bs.flow.stack.pop() is type_impl.Int
bs.code += isa.pop(registers.rbx)
assert bs.flow.stack.pop() is self
bs.code += isa.pop(registers.rax)
bs.code += isa.shl(registers.rbx, 3)
bs.code += isa.add(registers.rax, registers.rbx)
bs.code += isa.add(registers.rax, registers.rbx)
bs.code += isa.mov(MemRef(registers.rax), registers.rcx)
type_impl.NoneType.load()(bs)
def _(bs):
assert bs.flow.stack.pop() is type_impl.Int
bs.code += isa.pop(registers.rcx)
assert bs.flow.stack.pop() is type_impl.Int
bs.code += isa.pop(registers.rbx)
assert bs.flow.stack.pop() is self
bs.code += isa.pop(registers.rax)
bs.code += isa.shl(registers.rbx, 3)
bs.code += isa.add(registers.rax, registers.rbx)
bs.code += isa.add(registers.rax, registers.rbx)
bs.code += isa.mov(MemRef(registers.rax), registers.rcx)
type_impl.NoneType.load()(bs)
def load_double(code, reg, val):
data = extarray.extarray('d', (val,))
data.change_type('L')
# reg better be an mmx or xmm, should we check?
code.add(x86.push(data[0]))
code.add(x86.pshufd(reg, mem.MemRef(regs.rsp, data_size = 128), 0x44))
return code.add(x86.add(regs.rsp, 8))
def load_float(code, reg, val, clear=False):
data = extarray.extarray('f', (val, ))
data.change_type('I')
# reg better be an mmx or xmm, should we check?
code.add(x86.push(data[0]))
code.add(x86.pshufd(reg, mem.MemRef(regs.rsp, data_size=128), 0))
return code.add(x86.add(regs.rsp, 8))
def load_double(code, reg, val):
data = extarray.extarray('d', (val, ))
data.change_type('L')
# reg better be an mmx or xmm, should we check?
code.add(x86.push(data[0]))
code.add(x86.pshufd(reg, mem.MemRef(regs.rsp, data_size=128), 0x44))
return code.add(x86.add(regs.rsp, 8))
def load_float(code, reg, val, clear = False):
data = extarray.extarray('f', (val,))
data.change_type('I')
# reg better be an mmx or xmm, should we check?
code.add(x86.push(data[0]))
code.add(x86.pshufd(reg, mem.MemRef(regs.rsp, data_size = 128), 0))
return code.add(x86.add(regs.rsp, 8))
def _(bs):
assert bs.flow.stack.pop() is type_impl.Int
assert bs.flow.stack.pop() is self
bs.code += isa.pop(registers.r12)
bs.code += isa.mov(registers.rdi, registers.r12)
bs.code += isa.add(registers.rdi, 8)
bs.code += isa.mov(registers.rax, util.malloc_addr)
bs.code += isa.call(registers.rax)
bs.code += isa.push(registers.rax)
bs.code += isa.mov(MemRef(registers.rax), registers.r12)
bs.flow.stack.append(Raw)
def _(bs):
assert bs.flow.stack.pop() is type_impl.Int
assert bs.flow.stack.pop() is self
bs.code += isa.pop(registers.r12)
bs.code += isa.mov(registers.rdi, registers.r12)
bs.code += isa.add(registers.rdi, 8)
bs.code += isa.mov(registers.rax, util.malloc_addr)
bs.code += isa.call(registers.rax)
bs.code += isa.push(registers.rax)
bs.code += isa.mov(MemRef(registers.rax), registers.r12)
bs.flow.stack.append(Raw)
def lower(bs, n):
assert n >= 0, n
if n == 0: return
regs = list(good_regs)
a = pop(bs, regs)
d = 0
for i in xrange(n):
t = bs.flow.stack.pop()
d += t.size
if d:
bs.code += isa.add(registers.rsp, 8 * d)
push(bs, a)
def lower(bs, n):
assert n >= 0, n
if n == 0: return
regs = list(good_regs)
a = pop(bs, regs)
d = 0
for i in xrange(n):
t = bs.flow.stack.pop()
d += t.size
if d:
bs.code += isa.add(registers.rsp, 8*d)
push(bs, a)
def cleanup(self):
"""Do end-of-loop iterator code"""
# Update the current count
if self.mode == DEC:
if self.step_size() == 1:
self.code.add(x86_64.dec(self.r_count))
else:
if self.r_step is not None:
if isinstance(self.r_step, memory.MemRef):
self.code.add(x86_64.mov(self.r_clobber, self.r_step))
self.code.add(x86_64.add(self.r_count, self.r_clobber))
else:
self.code.add(x86_64.add(self.r_count, self.r_step))
else:
self.code.add(x86_64.add(self.r_count, self.step_size()))
elif self.mode == INC:
if self.step_size() == 1:
self.code.add(x86_64.inc(self.r_count))
else:
if self.r_step is not None:
if isinstance(self.r_step, memory.MemRef):
self.code.add(x86_64.mov(self.r_clobber, self.r_step))
self.code.add(x86_64.add(self.r_count, self.r_clobber))
else:
self.code.add(x86_64.add(self.r_count, self.r_step))
else:
self.code.add(x86_64.add(self.r_count, self.step_size()))
return
def cleanup(self):
"""Do end-of-loop iterator code"""
# Update the current count
if self.mode == DEC:
if self.step_size() == 1:
self.code.add(x86_64.dec(self.r_count))
else:
if self.r_step is not None:
if isinstance(self.r_step, memory.MemRef):
self.code.add(x86_64.mov(self.r_clobber, self.r_step))
self.code.add(x86_64.add(self.r_count, self.r_clobber))
else:
self.code.add(x86_64.add(self.r_count, self.r_step))
else:
self.code.add(x86_64.add(self.r_count, self.step_size()))
elif self.mode == INC:
if self.step_size() == 1:
self.code.add(x86_64.inc(self.r_count))
else:
if self.r_step is not None:
if isinstance(self.r_step, memory.MemRef):
self.code.add(x86_64.mov(self.r_clobber, self.r_step))
self.code.add(x86_64.add(self.r_count, self.r_clobber))
else:
self.code.add(x86_64.add(self.r_count, self.r_step))
else:
self.code.add(x86_64.add(self.r_count, self.step_size()))
return
def _(bs):
assert bs.flow.stack.pop() is type_impl.Int
bs.code += isa.pop(registers.rcx)
assert bs.flow.stack.pop() is self
bs.code += isa.pop(registers.rbx)
bs.code += isa.add(registers.rbx, registers.rcx)
bs.code += isa.mov(regsisters.rax, 0)
bs.code += isa.mov(registers.ax, MemRef(registers.rbx, data_size=8))
bs.code += isa.shl(registers.rax, 8)
bs.code += isa.mov(registers.ax, 2 * 1 + 1)
bs.flow.stack.append(type_impl.Str)
def _(bs):
assert bs.flow.stack.pop() is type_impl.Int
bs.code += isa.pop(registers.rcx)
assert bs.flow.stack.pop() is self
bs.code += isa.pop(registers.rbx)
bs.code += isa.add(registers.rbx, registers.rcx)
bs.code += isa.mov(regsisters.rax, 0)
bs.code += isa.mov(registers.ax, MemRef(registers.rbx,
data_size=8))
bs.code += isa.shl(registers.rax, 8)
bs.code += isa.mov(registers.ax, 2 * 1 + 1)
bs.flow.stack.append(type_impl.Str)
def load_float(code, reg, val, clear=False):
data = extarray.extarray('f', (val, ))
data.change_type('I')
# reg better be an mmx or xmm, should we check?
code.add(x86.push(data[0]))
code.add(x86.movd(reg, mem.MemRef(regs.rsp, data_size=32)))
ret = code.add(x86.add(regs.rsp, 8))
if clear == False:
# Need to duplicate the value out across now
# Assumes reg is xmm
ret = x86.pshufd(reg, reg, 0)
return ret
def TestInt(): code = InstructionStream() proc = Processor() params = x86_64_exec.ExecParams() params.p1 = 32 code.add(x86.mov(eax, spe.MemRef(ebp, 8))) #code.add(x86.xor(code.eax, code.eax)) code.add(x86.add(eax, 1200)) code.print_code(pro = False, epi = False, binary = True) r = proc.execute(code, debug = True, params = params) print 'int result:', r assert(r == 1232) return
def TestInt(): code = InstructionStream() proc = Processor() params = x86_64_exec.ExecParams() params.p1 = 32 code.add(x86.mov(eax, spe.MemRef(ebp, 8))) #code.add(x86.xor(code.eax, code.eax)) code.add(x86.add(eax, 1200)) code.print_code(pro = False, epi = False, binary = True) r = proc.execute(code, debug = True, params = params) print 'int result:', r assert(r == 1232) return
def _(bs):
type = bs.flow.stack.pop()
for i, reg in zip(xrange(type.size), [registers.r11, registers.r12, registers.r13, registers.r14]):
bs.code += isa.pop(reg)
assert bs.flow.stack.pop() is type_impl.Int
bs.code += isa.pop(registers.rbx)
assert bs.flow.stack.pop() is self
bs.code += isa.pop(registers.rax)
bs.code += isa.shl(registers.rbx, 3)
bs.code += isa.add(registers.rax, registers.rbx)
bs.code += isa.mov(MemRef(registers.rax), type.id)
for i, reg in zip(xrange(type.size), [registers.r11, registers.r12, registers.r13, registers.r14]):
bs.code += isa.mov(MemRef(registers.rax, i * 8 + 8), reg)
bs.code += isa.push(1 + type.size)
bs.flow.stack.append(type_impl.Int)
def _(bs):
assert bs.flow.stack.pop() is type_impl.Int
bs.code += isa.pop(registers.r13)
assert bs.flow.stack.pop() is self
bs.code += isa.pop(registers.r12)
bs.code += isa.shl(registers.r13, 3)
bs.code += isa.add(registers.r12, registers.r13)
bs.code += isa.push(MemRef(registers.r12))
def _(value):
def _(bs):
type = type_impl.id_to_type[value]
for i in reversed(xrange(type.size)):
bs.code += isa.push(MemRef(registers.r12, i * 8 + 8))
bs.flow.stack.append(type)
return _
util.unlift(bs, _, "RawLoadObjectMeth.call")
def _(bs):
assert bs.flow.stack.pop() is type_impl.Int
bs.code += isa.pop(registers.r13)
assert bs.flow.stack.pop() is self
bs.code += isa.pop(registers.r12)
bs.code += isa.shl(registers.r13, 3)
bs.code += isa.add(registers.r12, registers.r13)
bs.code += isa.push(MemRef(registers.r12))
def _(value):
def _(bs):
type = type_impl.id_to_type[value]
for i in reversed(xrange(type.size)):
bs.code += isa.push(MemRef(registers.r12, i * 8 + 8))
bs.flow.stack.append(type)
return _
util.unlift(bs, _, "RawLoadObjectMeth.call")
def _(bs):
type = bs.flow.stack.pop()
for i, reg in zip(
xrange(type.size),
[registers.r11, registers.r12, registers.r13, registers.r14]):
bs.code += isa.pop(reg)
assert bs.flow.stack.pop() is type_impl.Int
bs.code += isa.pop(registers.rbx)
assert bs.flow.stack.pop() is self
bs.code += isa.pop(registers.rax)
bs.code += isa.shl(registers.rbx, 3)
bs.code += isa.add(registers.rax, registers.rbx)
bs.code += isa.mov(MemRef(registers.rax), type.id)
for i, reg in zip(
xrange(type.size),
[registers.r11, registers.r12, registers.r13, registers.r14]):
bs.code += isa.mov(MemRef(registers.rax, i * 8 + 8), reg)
bs.code += isa.push(1 + type.size)
bs.flow.stack.append(type_impl.Int)
from corepy.arch.x86_64.types.registers import * import corepy.arch.x86_64.platform as env from corepy.arch.x86_64.lib.memory import MemRef import corepy.arch.x86_64.lib.iterators as iter prgm = env.Program() code = prgm.get_stream() proc = env.Processor() # Generate sub-stream # Multiple rax by 2, add 1 subcode = prgm.get_stream() subcode.add(x86.shl(rax, 1)) subcode.add(x86.add(rax, 1)) # Initialize a register, insert code code.add(x86.mov(rax, 5)) code.add(subcode) # Add 3, insert again code.add(x86.add(rax, 3)) code.add(subcode) prgm.add(code) prgm.print_code() ret = proc.execute(prgm, mode = 'int') print "ret", ret
# should this be done in printis?
#code.cache_code()
#code.print_code(pro = True, epi = True)
#PrintInstructionStream(code, Default(show_prologue = True, show_epilogue = True, line_numbers = True, show_hex = True))
#PrintInstructionStream(code, Default())
#PrintInstructionStream(code, SPU_Asm(comment_chan = True))
import corepy.arch.x86_64.platform as env
import corepy.arch.x86_64.isa as x86
import corepy.arch.x86_64.types.registers as regs
import corepy.arch.x86_64.lib.memory as mem
code = env.InstructionStream()
code.add(x86.mov(regs.rax, 0xDEADBEEF))
code.add(x86.add(regs.rax, 0xDEADBEEF))
code.add(x86.call(-6))
code.add(
x86.div(
mem.MemRef(regs.r8,
1048576,
regs.r13,
4,
data_size=16,
addr_size=32)))
code.add(x86.sub(regs.rax, 0xBEEF))
code.add(x86.mov(regs.rax, mem.MemRef(regs.rbp, 8)))
code.cache_code()
PrintInstructionStream(code, Default(show_hex=True))
PrintInstructionStream(code, x86_64_Nasm(function_name="foobar"))
def discard2(bs):
type = bs.flow.stack.pop()
type1 = bs.flow.stack.pop()
if type.size + type1.size:
bs.code += isa.add(registers.rsp, 8 * (type.size + type1.size))
def _(bs):
ints = len([
x for x in arg_types if x is type_impl.Int
or x is type_impl.Str or x is Raw or x is type_impl.NoneType
or isinstance(x, _FuncPtr) or x is type_impl.Bool
])
floats = len([x for x in arg_types if x is type_impl.Float])
floats_orig = floats
pos = 0
for arg_type in reversed(arg_types):
type = bs.flow.stack.pop()
assert arg_type is type, (type, arg_type)
if type is type_impl.Int or type is type_impl.Bool:
ints -= 1
bs.code += isa.mov(int_regs[ints],
MemRef(registers.rsp, pos))
pos += 8
elif isinstance(type, _FuncPtr):
ints -= 1
bs.code += isa.mov(int_regs[ints],
MemRef(registers.rsp, pos))
pos += 8
elif type is type_impl.NoneType:
ints -= 1
bs.code += isa.mov(int_regs[ints], 0)
elif type is Raw:
ints -= 1
bs.code += isa.mov(int_regs[ints],
MemRef(registers.rsp, pos))
pos += 8
bs.code += isa.add(int_regs[ints], 8)
elif type is type_impl.Float:
floats -= 1
bs.code += isa.movsd(float_regs[floats],
MemRef(registers.rsp, pos))
pos += 8
elif type is type_impl.Str:
ints -= 1
bs.code += isa.mov(int_regs[ints],
MemRef(registers.rsp, pos))
bs.code += isa.test(int_regs[ints], 1)
short = bs.program.get_unique_label()
end = bs.program.get_unique_label()
bs.code += isa.jnz(short)
# long
bs.code += isa.add(int_regs[ints], 8)
bs.code += isa.jmp(end)
bs.code += short
# short
bs.code += isa.shr(MemRef(registers.rsp, pos), 8)
bs.code += isa.lea(
int_regs[ints],
MemRef(registers.rsp, pos, data_size=None))
bs.code += end
pos += 8
else:
assert False, type
assert bs.flow.stack.pop() is self
bs.code += isa.mov(registers.rbx,
ctypes.cast(self.func, ctypes.c_void_p).value)
bs.code += isa.mov(registers.r12, registers.rsp)
bs.code += isa.and_(registers.rsp, -16)
bs.code += isa.mov(registers.rax, floats)
bs.code += isa.call(registers.rbx)
bs.code += isa.mov(registers.rsp, registers.r12)
bs.code += isa.add(registers.rsp, pos)
bs.code += isa.push(registers.rax)
bs.flow.stack.append(type_impl.Int)
def Test():
verify(x86.xor(ebx, eax), [0x31, 0xC3])
verify(x86.add(ebx, ebx), [0x01, 0xdb])
verify(x86.add(ebx, r13d), [0x44, 0x01, 0xeb])
verify(x86.add(r13d, ebx), [0x41, 0x01, 0xdd])
verify(x86.xor(rax, r15), [0x4c, 0x31, 0xf8])
verify(x86.xor(r15, rax), [0x49, 0x31, 0xc7])
verify(x86.xor(r13, r13), [0x4d, 0x31, 0xed])
verify(x86.mov(rax, 0xDEADDEADBEEFl),
[0x48, 0xb8, 0xef, 0xbe, 0xad, 0xde, 0xad, 0xde, 0x00, 0x00])
verify(x86.mov(r11, 0xDEADDEADBEEFl),
[0x49, 0xbb, 0xef, 0xbe, 0xad, 0xde, 0xad, 0xde, 0x00, 0x00])
verify(x86.mov(r12, 0xDEADDEADBEEFl),
[0x49, 0xbc, 0xef, 0xbe, 0xad, 0xde, 0xad, 0xde, 0x00, 0x00])
verify(x86.mov(r13, 0xDEADDEADBEEFl),
[0x49, 0xbd, 0xef, 0xbe, 0xad, 0xde, 0xad, 0xde, 0x00, 0x00])
verify(x86.mov(r14, 0xDEADDEADBEEFl),
[0x49, 0xbe, 0xef, 0xbe, 0xad, 0xde, 0xad, 0xde, 0x00, 0x00])
verify(x86.mov(r15, 0xDEADDEADBEEFl),
[0x49, 0xbf, 0xef, 0xbe, 0xad, 0xde, 0xad, 0xde, 0x00, 0x00])
verify(x86.add(r15, 0xBEEF), [0x49, 0x81, 0xc7, 0xef, 0xbe, 0x00, 0x00])
verify(x86.add(r8, 0xA), [0x49, 0x83, 0xc0, 0x0a])
verify(x86.mov(r8, MemRef(rbx, 3)), [0x4c, 0x8b, 0x43, 0x03])
verify(x86.mov(rax, MemRef(r9, 3)), [0x49, 0x8b, 0x41, 0x03])
verify(x86.mov(rcx, MemRef(rsp)), [0x48, 0x8b, 0x0c, 0x24])
verify(x86.mov(rbx, MemRef(rsp)), [0x48, 0x8b, 0x1c, 0x24])
verify(x86.mov(rdx, MemRef(rbp, 64)), [0x48, 0x8b, 0x55, 0x40])
verify(x86.mov(rdi, MemRef(rbp)), [0x48, 0x8b, 0x7d, 0x00])
verify(x86.mov(rdx, MemRef(rax, 64, r10, 4)),
[0x4a, 0x8b, 0x54, 0x90, 0x40])
verify(x86.mov(rdx, MemRef(r14, 24, rbx, 2)),
[0x49, 0x8b, 0x54, 0x5e, 0x18])
verify(x86.add(MemRef(rsp), 16), [0x48, 0x83, 0x04, 0x24, 0x10])
verify(x86.add(MemRef(rsp), r15), [0x4c, 0x01, 0x3c, 0x24])
verify(x86.call(MemRef(r12)), [0x41, 0xff, 0x14, 0x24])
verify(x86.cmpxchg8b(MemRef(rax)), [0x0f, 0xc7, 0x08])
verify(x86.cmpxchg8b(MemRef(r8)), [0x41, 0x0f, 0xc7, 0x08])
verify(x86.cmpxchg16b(MemRef(rax, data_size=128)),
[0x48, 0x0f, 0xc7, 0x08])
verify(x86.cmpxchg16b(MemRef(r8, data_size=128)), [0x49, 0x0f, 0xc7, 0x08])
verify(x86.add(MemRef(rbp), 5), [0x48, 0x83, 0x45, 0x00, 0x05])
verify(x86.add(MemRef(rbp), 0x1EADBEEF),
[0x48, 0x81, 0x45, 0x00, 0xef, 0xbe, 0xad, 0x1e])
verify(x86.call(MemRef(rdx)), [0xff, 0x12])
verify(x86.dec(rax), [0x48, 0xff, 0xc8])
verify(x86.dec(MemRef(rax)), [0x48, 0xff, 0x08])
verify(x86.dec(MemRef(r15)), [0x49, 0xff, 0x0f])
verify(x86.div(rax), [0x48, 0xf7, 0xf0])
verify(x86.div(r13), [0x49, 0xf7, 0xf5])
verify(x86.div(MemRef(rax)), [0x48, 0xf7, 0x30])
verify(x86.div(MemRef(r13)), [0x49, 0xf7, 0x75, 0x00])
verify(x86.jmp(rax), [0x48, 0xff, 0xe0])
verify(x86.jmp(MemRef(r13)), [0x41, 0xff, 0x65, 0x00])
verify(x86.jmp(MemRef(rax)), [0xff, 0x20])
verify(x86.lea(rdx, MemRef(r14, 24, rbx, 2, data_size=None)),
[0x49, 0x8d, 0x54, 0x5e, 0x18])
verify(x86.loop(-4), [0xe2, 0xfc])
verify(x86.mov(r13, -0x1EADBEEFDEADBEEF),
[0x49, 0xbd, 0x11, 0x41, 0x52, 0x21, 0x10, 0x41, 0x52, 0xe1])
verify(x86.shld(rax, r15, cl), [0x4c, 0x0f, 0xa5, 0xf8])
verify(x86.movd(xmm8, r15), [0x66, 0x4d, 0x0f, 0x6e, 0xc7])
verify(x86.addpd(xmm11, xmm10), [0x66, 0x45, 0x0f, 0x58, 0xda])
verify(x86.addpd(xmm11, MemRef(rdx, data_size=128)),
[0x66, 0x44, 0x0f, 0x58, 0x1a])
verify(x86.cmpxchg8b(MemRef(eax)), [0x67, 0x0f, 0xc7, 0x08])
verify(x86.mov(r8, MemRef(ebx, 3)), [0x67, 0x4c, 0x8b, 0x43, 0x03])
verify(x86.mov(rax, MemRef(r9d, 3)), [0x67, 0x49, 0x8b, 0x41, 0x03])
verify(x86.mov(rdx, MemRef(ebp, 64)), [0x67, 0x48, 0x8b, 0x55, 0x40])
verify(x86.mov(rdx, MemRef(eax, 64, r10d, 4)),
[0x67, 0x4a, 0x8b, 0x54, 0x90, 0x40])
verify(x86.mov(rdx, MemRef(r14d, 24, ebx, 2)),
[0x67, 0x49, 0x8b, 0x54, 0x5e, 0x18])
verify(x86.add(MemRef(rbp, data_size=32), 5), [0x83, 0x45, 0x00, 0x05])
verify(x86.add(MemRef(rbp, data_size=32), 0x1EADBEEF),
[0x81, 0x45, 0x00, 0xef, 0xbe, 0xad, 0x1e])
verify(x86.add(ebp, 8), [0x83, 0xc5, 0x08])
verify(x86.add(r15d, 8), [0x41, 0x83, 0xc7, 0x08])
verify(x86.add(r15d, 0x1EADBEEF),
[0x41, 0x81, 0xc7, 0xef, 0xbe, 0xad, 0x1e])
verify(x86.mov(r8d, 0x1EADBEEF), [0x41, 0xb8, 0xef, 0xbe, 0xad, 0x1e])
verify(x86.add(ax, r9w), [0x66, 0x44, 0x01, 0xc8])
verify(x86.add(eax, r9d), [0x44, 0x01, 0xc8])
verify(x86.add(rax, MemRef(rbp, -8)), [0x48, 0x03, 0x45, 0xf8])
verify(x86.cmplepd(xmm11, xmm10), [0x66, 0x45, 0x0f, 0xc2, 0xda, 0x02])
verify(x86.pextrw(eax, xmm7, 2), [0x66, 0x0f, 0xc5, 0xc7, 0x02])
verify(x86.mov(rax, MemRef(rip, 128)),
[0x48, 0x8b, 0x05, 0x80, 0x00, 0x00, 0x00])
verify(x86.mov(MemRef(rip, 128), rax),
[0x48, 0x89, 0x05, 0x80, 0x00, 0x00, 0x00])
verify(x86.mov(eax, MemRef(rip, 128, data_size=32)),
[0x8b, 0x05, 0x80, 0x00, 0x00, 0x00])
verify(x86.mov(rax, MemRef(128)),
[0x48, 0x8b, 0x04, 0x25, 0x80, 0x00, 0x00, 0x00])
verify(x86.mov(rax, MemRef(rbp)), [0x48, 0x8b, 0x45, 0x00])
verify(x86.mov(rbx, MemRef(rbp, index=rdx, scale=2)),
[0x48, 0x8b, 0x5c, 0x55, 0x00])
verify(x86.mov(rbx, MemRef(rdi, index=rdx, scale=2)),
[0x48, 0x8b, 0x1c, 0x57])
verify(x86.mov(rbx, MemRef(rsp, index=rdx, scale=2)),
[0x48, 0x8b, 0x1c, 0x54])
verify(x86.mov(rax, MemRef(rbp, 0, index=rdx, scale=2)),
[0x48, 0x8b, 0x44, 0x55, 0x00])
verify(x86.mov(eax, MemRef(ebp, data_size=32)), [0x67, 0x8b, 0x45, 0x00])
verify(x86.and_(al, bl), [0x20, 0xd8])
verify(x86.and_(al, ch), [0x20, 0xe8])
verify(x86.and_(al, sil), [0x40, 0x20, 0xf0])
verify(x86.and_(al, spl), [0x40, 0x20, 0xe0])
verify(x86.and_(bpl, MemRef(rax, data_size=8)), [0x40, 0x22, 0x28])
verify(x86.invlpg(MemRef(rax, data_size=8)), [0x0F, 0x01, 0x38])
verify(x86.rdtscp(), [0x0F, 0x01, 0xF9])
verify(x86.cmove(rcx, rdx), [0x48, 0x0F, 0x44, 0xCA])
verify(x86.cmove(ecx, edx), [0x0F, 0x44, 0xCA])
verify(x86.cmove(cx, dx), [0x66, 0x0F, 0x44, 0xCA])
verify(x86.shld(rax, rbx, cl), [0x48, 0x0F, 0xA5, 0xD8])
verify(x86.shld(eax, ebx, cl), [0x0F, 0xA5, 0xD8])
verify(x86.shld(ax, bx, cl), [0x66, 0x0F, 0xA5, 0xD8])
verify(x86.shld(rax, rbx, 4), [0x48, 0x0F, 0xA4, 0xD8, 0x04])
verify(x86.shld(eax, ebx, 4), [0x0F, 0xA4, 0xD8, 0x04])
verify(x86.shld(ax, bx, 4), [0x66, 0x0F, 0xA4, 0xD8, 0x04])
verify(x86.imul(rax, rdx, 0x100000),
[0x48, 0x69, 0xC2, 0x00, 0x00, 0x10, 0x00])
verify(x86.imul(rax, rdx, 0x10), [0x48, 0x6B, 0xC2, 0x10])
verify(x86.imul(eax, edx, 0x100000), [0x69, 0xC2, 0x00, 0x00, 0x10, 0x00])
verify(x86.imul(ax, dx, 0x1000), [0x66, 0x69, 0xC2, 0x00, 0x10])
verify(x86.shl(rax, 1), [0x48, 0xD1, 0xE0])
verify(x86.add(eax, 1), [0x83, 0xC0, 0x01])
verify(x86.mov(r15, 4), [0x49, 0xC7, 0xC7, 0x04, 0x00, 0x00, 0x00])
print
verify(x86.cvtss2si(r9d, xmm0), [0xf3, 0x44, 0x0f, 0x2d, 0xc8])
verify(x86.cvttsd2si(r9d, xmm0), [0xf2, 0x44, 0x0f, 0x2c, 0xc8])
verify(x86.cvttss2si(r9d, xmm0), [0xf3, 0x44, 0x0f, 0x2c, 0xc8])
verify(x86.movmskpd(eax, xmm9), [0x66, 0x41, 0x0F, 0x50, 0xC1])
verify(x86.pmovmskb(eax, xmm9), [0x66, 0x41, 0x0F, 0xD7, 0xC1])
verify(x86.pextrw(ebx, xmm12, 4), [0x66, 0x41, 0x0F, 0xC5, 0xDC, 0x04])
verify(x86.pinsrw(xmm12, ebx, 4), [0x66, 0x44, 0x0F, 0xC4, 0xE3, 0x04])
verify(x86.movd(ecx, xmm5), [0x66, 0x0F, 0x7E, 0xE9])
verify(x86.movd(xmm5, edx), [0x66, 0x0F, 0x6E, 0xEA])
verify(x86.movd(xmm5, rdx), [0x66, 0x48, 0x0F, 0x6E, 0xEA])
print
verify(x86.cvtsi2sd(xmm0, r9), [0xF3, 0x49, 0x0F, 0x2A, 0xC1])
verify(x86.cvtss2si(r9, xmm0), [0xF3, 0x4C, 0x0F, 0x2D, 0xC8])
verify(x86.cvttsd2si(r9, xmm0), [0xF2, 0x4C, 0x0F, 0x2C, 0xC8])
verify(x86.cvttss2si(r9, xmm0), [0xF3, 0x4C, 0x0F, 0x2C, 0xC8])
verify(x86.movd(rcx, xmm5), [0x66, 0x48, 0x0F, 0x7E, 0xE9])
verify(x86.movd(xmm5, rdx), [0x66, 0x48, 0x0F, 0x6E, 0xEA])
print
verify(x86.pmovmskb(eax, mm1), [0x0F, 0xD7, 0xC1])
verify(x86.pmovmskb(rax, mm1), [0x48, 0x0F, 0xD7, 0xC1])
verify(x86.movd(rcx, mm5), [0x48, 0x0F, 0x7E, 0xE9])
verify(x86.movd(mm5, rdx), [0x48, 0x0F, 0x6E, 0xEA])
return
def Test():
prgm = env.Program()
code = prgm.get_stream()
proc = env.Processor()
params = env.ExecParams()
params.p1 = 3
lbl1 = prgm.get_label("lbl1")
lbl2 = prgm.get_label("lbl2")
code.add(x86.xor(prgm.gp_return, prgm.gp_return))
code.add(x86.cmp(prgm.gp_return, 1))
code.add(x86.jne(lbl1))
code.add(x86.ud2())
code.add(x86.ud2())
code.add(lbl1)
code.add(x86.cmp(prgm.gp_return, 1))
code.add(x86.je(lbl2))
code.add(x86.add(prgm.gp_return, 12))
code.add(lbl2)
prgm.add(code)
#prgm.print_code(pro = True, epi = True, hex = True)
ret = proc.execute(prgm, mode = 'int')
print "ret", ret
assert(ret == 12)
prgm.reset()
code.reset()
code.add(x86.xor(prgm.gp_return, prgm.gp_return))
code.add(x86.cmp(prgm.gp_return, 1))
code.add(x86.jne(28))
code.add(x86.ud2())
code.add(x86.ud2())
code.add(x86.cmp(prgm.gp_return, 1))
code.add(x86.je(37))
code.add(x86.add(prgm.gp_return, 12))
prgm.add(code)
prgm.print_code(hex = True, pro = True, epi = True)
ret = proc.execute(prgm)
print "ret", ret
assert(ret == 12)
prgm.reset()
code.reset()
call_lbl = prgm.get_label("call_fn")
code.add(x86.xor(prgm.gp_return, prgm.gp_return))
code.add(x86.call(call_lbl))
code.add(x86.jmp(prgm.lbl_epilogue))
code.add(x86.mov(prgm.gp_return, 75))
code.add(x86.mov(prgm.gp_return, 42))
code.add(call_lbl)
code.add(x86.mov(prgm.gp_return, 15))
code.add(x86.ret())
prgm.add(code)
prgm.print_code()
ret = proc.execute(prgm, mode = 'int')
print "ret", ret
assert(ret == 15)
prgm.reset()
code.reset()
fwd_lbl = prgm.get_label("FORWARD")
bck_lbl = prgm.get_label("BACKWARD")
code.add(x86.xor(prgm.gp_return, prgm.gp_return))
code.add(bck_lbl)
code.add(x86.cmp(prgm.gp_return, 1))
code.add(x86.jne(fwd_lbl))
r_foo = prgm.acquire_register()
for i in xrange(0, 65):
code.add(x86.pop(r_foo))
prgm.release_register(r_foo)
code.add(fwd_lbl)
prgm.add(code)
ret = proc.execute(prgm, mode = 'int')
print "ret", ret
assert(ret == 0)
prgm.reset()
code.reset()
loop_lbl = prgm.get_label("LOOP")
out_lbl = prgm.get_label("OUT")
skip_lbl = prgm.get_label("SKIP")
code.add(x86.xor(prgm.gp_return, prgm.gp_return))
code.add(loop_lbl)
r_foo = prgm.acquire_register()
for i in range(0, 1):
for i in xrange(0, 24):
code.add(x86.add(r_foo, MemRef(rsp, 4)))
code.add(x86.add(prgm.gp_return, 4))
code.add(x86.cmp(prgm.gp_return, 20))
code.add(x86.je(out_lbl))
for i in xrange(0, 24):
code.add(x86.add(r_foo, MemRef(rsp, 4)))
code.add(x86.cmp(prgm.gp_return, 32))
code.add(x86.jne(loop_lbl))
code.add(out_lbl)
code.add(x86.jmp(skip_lbl))
for i in xrange(0, 2):
code.add(x86.add(r_foo, MemRef(rsp, 4)))
code.add(skip_lbl)
prgm.release_register(r_foo)
prgm.add(code)
ret = proc.execute(prgm, mode = 'int')
print "ret", ret
assert(ret == 20)
prgm.reset()
code.reset()
r_tmp = prgm.acquire_registers(2)
loop_lbl = prgm.get_label("LOOP")
else_lbl = prgm.get_label("ELSE")
finish_lbl = prgm.get_label("finish")
code.add(x86.mov(prgm.gp_return, 0))
code.add(x86.mov(r_tmp[0], 0))
code.add(loop_lbl)
code.add(x86.add(prgm.gp_return, 1))
code.add(x86.cmp(prgm.gp_return, 16))
code.add(x86.jge(finish_lbl))
code.add(x86.add(r_tmp[0], prgm.gp_return))
code.add(x86.mov(r_tmp[1], r_tmp[0]))
code.add(x86.and_(r_tmp[1], 0x1))
code.add(x86.jnz(else_lbl))
code.add(x86.add(r_tmp[0], 1))
code.add(x86.jmp(loop_lbl))
code.add(else_lbl)
code.add(x86.add(r_tmp[0], r_tmp[1]))
code.add(x86.jmp(loop_lbl))
code.add(finish_lbl)
code.add(x86.mov(prgm.gp_return, r_tmp[0]))
prgm.release_registers(r_tmp)
prgm.add(code)
ret = proc.execute(prgm, mode = 'int')
print "ret", ret
assert(ret == 135)
prgm.reset()
code.reset()
loop_lbl = prgm.get_label("LOOP")
r_one = prgm.acquire_register()
code.add(x86.xor(prgm.gp_return, prgm.gp_return))
code.add(x86.xor(rcx, rcx))
code.add(x86.mov(r_one, 1))
code.add(loop_lbl)
code.add(x86.inc(prgm.gp_return))
code.add(x86.cmp(prgm.gp_return, 7))
code.add(x86.cmove(rcx, r_one))
code.add(x86.jrcxz(loop_lbl))
prgm.release_register(r_one)
prgm.add(code)
prgm.print_code(hex = True)
ret = proc.execute(prgm, mode = 'int')
print "ret", ret
assert(ret == 7)
prgm.reset()
code.reset()
r_tmp = prgm.acquire_register()
code.add(x86.mov(prgm.gp_return, rdi))
code.add(x86.xor(r_tmp, r_tmp))
code.add(x86.mov(r_tmp, -1))
code.add(x86.mov(cl, 1))
code.add(x86.shld(prgm.gp_return, r_tmp, cl))
prgm.release_register(r_tmp)
prgm.add(code)
ret = proc.execute(prgm, params = params, mode = 'int')
print "ret", ret
assert(ret == 7)
prgm.reset()
code.reset()
code.add(x86.add(eax, 200))
code.add(x86.xor(eax, eax))
code.add(x86.add(al, 32))
code.add(x86.add(bl, 32))
code.add(x86.xor(bl, bl))
code.add(x86.mov(dil, al))
code.add(x86.add(rdi, 0))
code.add(x86.mov(eax, edi))
code.add(x86.mov(al, dil))
code.add(x86.imul(ax, ax, 4))
code.add(x86.imul(eax, ebx, 10))
code.add(x86.mov(cx, 1232))
code.add(x86.sub(ax, cx))
code.add(x86.xor(eax,eax))
code.add(x86.mov(eax,ebx))
code.add(x86.clc())
code.add(x86.rcl(eax, 1))
code.add(x86.rcr(eax, 1))
prgm.add(code)
#ret = proc.execute(prgm, debug = True, params = params)
id1 = proc.execute(prgm, params = params, mode = 'int', async = True)
id2 = proc.execute(prgm, params = params, mode = 'int', async = True)
ret = proc.execute(prgm, params = params, mode = 'int')
print "Return main thread: %d" % (ret)
assert(ret == 1280)
ret = proc.join(id1)
print "Return thread 1: %d" % (ret)
assert(ret == 1280)
ret = proc.join(id2)
print "Return thread 2: %d" % (ret)
assert(ret == 1280)
prgm.reset()
code.reset()
code.add(x86.fldpi())
code.add(x86.pxor(xmm0, xmm0))
code.add(x86.fld1())
code.add(x86.fadd(st0, st0))
code.add(x86.fmulp())
code.add(x86.fsin())
code.add(x86.fcos())
code.add(x86.fld1())
code.add(x86.fyl2xp1())
# x86_64 now uses xmm0 to return floats, not st0. So here, just make room
# on the stack, convert the FP result to an int and store it on the stack,
# then pop it into rax, the int return register.
code.add(x86.push(prgm.gp_return))
code.add(x86.fistp(MemRef(rsp)))
code.add(x86.pop(prgm.gp_return))
prgm.add(code)
prgm.print_code(hex = True)
ret = proc.execute(prgm, params = params, mode = 'int')
assert(ret == 1)
print "Return main thread: %d" % (ret)
prgm.reset()
code.reset()
lbl_ok = prgm.get_label("OK")
code.add(x86.emms())
code.add(x86.movd(xmm0, edi))
code.add(x86.mov(ebx, edi))
code.add(x86.cmp(ebx, 3))
code.add(x86.je(lbl_ok))
code.add(x86.movd(eax, xmm0))
code.add(x86.cmp(eax, 3))
code.add(x86.je(lbl_ok))
code.add(x86.ud2())
code.add(lbl_ok)
code.add(x86.xor(eax, eax))
code.add(x86.movd(xmm1, ebx))
code.add(x86.paddq(xmm0, xmm1))
code.add(x86.pextrw(ecx, xmm0, 0))
code.add(x86.pxor(mm1, mm1))
code.add(x86.pinsrw(mm1, ecx, 0))
code.add(x86.movq2dq(xmm0, mm1))
code.add(x86.movdq2q(mm2, xmm0))
code.add(x86.movd(edx,mm2))
code.add(x86.movd(xmm5,edx))
code.add(x86.movd(ecx, xmm5))
code.add(x86.pxor(xmm6, xmm6))
code.add(x86.pinsrw(xmm6, ecx, 0))
code.add(x86.movd(eax, xmm6))
prgm.add(code)
prgm.print_code(hex = True)
ret = proc.execute(prgm, params = params, mode = 'int')
print "Return main thread: %d" % (ret)
assert(ret == 6)
prgm.reset()
code.reset()
code.add(x86.mov(edx, 0x1234))
code.add(x86.mov(eax, 0xFFFF))
code.add(x86.xchg(edx, eax))
prgm.add(code)
prgm.print_code(hex = True)
ret = proc.execute(prgm, params = params)
print "ret:", ret
assert(ret == 0x1234)
prgm.reset()
code.reset()
code.add(x86.mov(prgm.gp_return, rsp))
code.add(x86.pushfq())
code.add(x86.sub(prgm.gp_return, rsp))
code.add(x86.add(rsp, prgm.gp_return))
prgm.add(code)
prgm.print_code(hex = True)
ret = proc.execute(prgm, params = params)
print "ret:", ret
assert(ret == 8)
prgm.reset()
code.reset()
data = extarray.extarray('H', xrange(0, 16))
r_128 = prgm.acquire_register(reg_type = XMMRegister)
regs = prgm.acquire_registers(4)
code.add(x86.mov(regs[0], data.buffer_info()[0]))
code.add(x86.movaps(r_128, MemRef(regs[0], data_size = 128)))
code.add(x86.pextrw(prgm.gp_return, r_128, 0))
code.add(x86.pextrw(regs[1], r_128, 1))
code.add(x86.pextrw(regs[2], r_128, 2))
code.add(x86.pextrw(regs[3], r_128, 3))
code.add(x86.shl(regs[1], 16))
code.add(x86.shl(regs[2], 32))
code.add(x86.shl(regs[3], 48))
code.add(x86.or_(prgm.gp_return, regs[1]))
code.add(x86.or_(prgm.gp_return, regs[2]))
code.add(x86.or_(prgm.gp_return, regs[3]))
prgm.release_register(r_128)
prgm.release_registers(regs)
prgm.add(code)
prgm.print_code()
ret = proc.execute(prgm, mode = 'int')
print "ret %x" % ret
assert(ret == 0x0003000200010000)
prgm.reset()
code.reset()
util.load_float(code, xmm0, 3.14159)
prgm.add(code)
ret = proc.execute(prgm, mode = 'fp')
print "ret", ret
assert(ret - 3.14159 < 0.00001)
return
def discard(bs, n=1):
d = 0
for i in xrange(n):
d += bs.flow.stack.pop().size
if d:
bs.code += isa.add(registers.rsp, 8 * d)
def discard2(bs):
type = bs.flow.stack.pop()
type1 = bs.flow.stack.pop()
if type.size + type1.size:
bs.code += isa.add(registers.rsp, 8*(type.size+type1.size))
def Test(): verify(x86.xor(ebx, eax), [0x31, 0xC3]) verify(x86.add(ebx, ebx), [0x01, 0xdb]) verify(x86.add(ebx, r13d), [0x44, 0x01, 0xeb]) verify(x86.add(r13d, ebx), [0x41, 0x01, 0xdd]) verify(x86.xor(rax, r15), [0x4c, 0x31, 0xf8]) verify(x86.xor(r15, rax), [0x49, 0x31, 0xc7]) verify(x86.xor(r13, r13), [0x4d, 0x31, 0xed]) verify(x86.mov(rax, 0xDEADDEADBEEFl), [0x48, 0xb8, 0xef, 0xbe, 0xad, 0xde, 0xad, 0xde, 0x00, 0x00]) verify(x86.mov(r11, 0xDEADDEADBEEFl), [0x49, 0xbb, 0xef, 0xbe, 0xad, 0xde, 0xad, 0xde, 0x00, 0x00]) verify(x86.mov(r12, 0xDEADDEADBEEFl), [0x49, 0xbc, 0xef, 0xbe, 0xad, 0xde, 0xad, 0xde, 0x00, 0x00]) verify(x86.mov(r13, 0xDEADDEADBEEFl), [0x49, 0xbd, 0xef, 0xbe, 0xad, 0xde, 0xad, 0xde, 0x00, 0x00]) verify(x86.mov(r14, 0xDEADDEADBEEFl), [0x49, 0xbe, 0xef, 0xbe, 0xad, 0xde, 0xad, 0xde, 0x00, 0x00]) verify(x86.mov(r15, 0xDEADDEADBEEFl), [0x49, 0xbf, 0xef, 0xbe, 0xad, 0xde, 0xad, 0xde, 0x00, 0x00]) verify(x86.add(r15, 0xBEEF), [0x49, 0x81, 0xc7, 0xef, 0xbe, 0x00, 0x00]) verify(x86.add(r8, 0xA), [0x49, 0x83, 0xc0, 0x0a]) verify(x86.mov(r8, MemRef(rbx, 3)), [0x4c, 0x8b, 0x43, 0x03]) verify(x86.mov(rax, MemRef(r9, 3)), [0x49, 0x8b, 0x41, 0x03]) verify(x86.mov(rcx, MemRef(rsp)), [0x48, 0x8b, 0x0c, 0x24]) verify(x86.mov(rbx, MemRef(rsp)), [0x48, 0x8b, 0x1c, 0x24]) verify(x86.mov(rdx, MemRef(rbp, 64)), [0x48, 0x8b, 0x55, 0x40]) verify(x86.mov(rdi, MemRef(rbp)), [0x48, 0x8b, 0x7d, 0x00]) verify(x86.mov(rdx, MemRef(rax, 64, r10, 4)), [0x4a, 0x8b, 0x54, 0x90, 0x40]) verify(x86.mov(rdx, MemRef(r14, 24, rbx, 2)), [0x49, 0x8b, 0x54, 0x5e, 0x18]) verify(x86.add(MemRef(rsp), 16), [0x48, 0x83, 0x04, 0x24, 0x10]) verify(x86.add(MemRef(rsp), r15), [0x4c, 0x01, 0x3c, 0x24]) verify(x86.call(MemRef(r12)), [0x41, 0xff, 0x14, 0x24]) verify(x86.cmpxchg8b(MemRef(rax)), [0x0f, 0xc7, 0x08]) verify(x86.cmpxchg8b(MemRef(r8)), [0x41, 0x0f, 0xc7, 0x08]) verify(x86.cmpxchg16b(MemRef(rax, data_size = 128)), [0x48, 0x0f, 0xc7, 0x08]) verify(x86.cmpxchg16b(MemRef(r8, data_size = 128)), [0x49, 0x0f, 0xc7, 0x08]) verify(x86.add(MemRef(rbp), 5), [0x48, 0x83, 0x45, 0x00, 0x05]) verify(x86.add(MemRef(rbp), 0x1EADBEEF), [0x48, 0x81, 0x45, 0x00, 0xef, 0xbe, 0xad, 0x1e]) verify(x86.call(MemRef(rdx)), [0xff, 0x12]) verify(x86.dec(rax), [0x48, 0xff, 0xc8]) verify(x86.dec(MemRef(rax)), [0x48, 0xff, 0x08]) verify(x86.dec(MemRef(r15)), [0x49, 0xff, 0x0f]) verify(x86.div(rax), [0x48, 0xf7, 0xf0]) verify(x86.div(r13), [0x49, 0xf7, 0xf5]) verify(x86.div(MemRef(rax)), [0x48, 0xf7, 0x30]) verify(x86.div(MemRef(r13)), [0x49, 0xf7, 0x75, 0x00]) verify(x86.jmp(rax), [0x48, 0xff, 0xe0]) verify(x86.jmp(MemRef(r13)), [0x41, 0xff, 0x65, 0x00]) verify(x86.jmp(MemRef(rax)), [0xff, 0x20]) verify(x86.lea(rdx, MemRef(r14, 24, rbx, 2, data_size = None)), [0x49, 0x8d, 0x54, 0x5e, 0x18]) verify(x86.loop(-4), [0xe2, 0xfc]) verify(x86.mov(r13, -0x1EADBEEFDEADBEEF), [0x49, 0xbd, 0x11, 0x41, 0x52, 0x21, 0x10, 0x41, 0x52, 0xe1]) verify(x86.shld(rax, r15, cl), [0x4c, 0x0f, 0xa5, 0xf8]) verify(x86.movd(xmm8, r15), [0x66, 0x4d, 0x0f, 0x6e, 0xc7]) verify(x86.addpd(xmm11, xmm10), [0x66, 0x45, 0x0f, 0x58, 0xda]) verify(x86.addpd(xmm11, MemRef(rdx, data_size = 128)), [0x66, 0x44, 0x0f, 0x58, 0x1a]) verify(x86.cmpxchg8b(MemRef(eax)), [0x67, 0x0f, 0xc7, 0x08]) verify(x86.mov(r8, MemRef(ebx, 3)), [0x67, 0x4c, 0x8b, 0x43, 0x03]) verify(x86.mov(rax, MemRef(r9d, 3)), [0x67, 0x49, 0x8b, 0x41, 0x03]) verify(x86.mov(rdx, MemRef(ebp, 64)), [0x67, 0x48, 0x8b, 0x55, 0x40]) verify(x86.mov(rdx, MemRef(eax, 64, r10d, 4)), [0x67, 0x4a, 0x8b, 0x54, 0x90, 0x40]) verify(x86.mov(rdx, MemRef(r14d, 24, ebx, 2)), [0x67, 0x49, 0x8b, 0x54, 0x5e, 0x18]) verify(x86.add(MemRef(rbp, data_size = 32), 5), [0x83, 0x45, 0x00, 0x05]) verify(x86.add(MemRef(rbp, data_size = 32), 0x1EADBEEF), [0x81, 0x45, 0x00, 0xef, 0xbe, 0xad, 0x1e]) verify(x86.add(ebp, 8), [0x83, 0xc5, 0x08]) verify(x86.add(r15d, 8), [0x41, 0x83, 0xc7, 0x08]) verify(x86.add(r15d, 0x1EADBEEF), [0x41, 0x81, 0xc7, 0xef, 0xbe, 0xad, 0x1e]) verify(x86.mov(r8d, 0x1EADBEEF), [0x41, 0xb8, 0xef, 0xbe, 0xad, 0x1e]) verify(x86.add(ax, r9w), [0x66, 0x44, 0x01, 0xc8]) verify(x86.add(eax, r9d), [0x44, 0x01, 0xc8]) verify(x86.add(rax, MemRef(rbp, -8)), [0x48, 0x03, 0x45, 0xf8]) verify(x86.cmplepd(xmm11, xmm10), [0x66, 0x45, 0x0f, 0xc2, 0xda, 0x02]) verify(x86.pextrw(eax, xmm7, 2), [0x66, 0x0f, 0xc5, 0xc7, 0x02]) verify(x86.mov(rax, MemRef(rip, 128)), [0x48, 0x8b, 0x05, 0x80, 0x00, 0x00, 0x00]) verify(x86.mov(MemRef(rip, 128), rax), [0x48, 0x89, 0x05, 0x80, 0x00, 0x00, 0x00]) verify(x86.mov(eax, MemRef(rip, 128, data_size = 32)), [0x8b, 0x05, 0x80, 0x00, 0x00, 0x00]) verify(x86.mov(rax,MemRef(128)), [0x48, 0x8b, 0x04, 0x25, 0x80, 0x00, 0x00, 0x00]) verify(x86.mov(rax,MemRef(rbp)), [0x48, 0x8b, 0x45, 0x00]) verify(x86.mov(rbx,MemRef(rbp, index = rdx, scale=2)), [0x48, 0x8b, 0x5c, 0x55, 0x00]) verify(x86.mov(rbx,MemRef(rdi, index = rdx, scale=2)), [0x48, 0x8b, 0x1c, 0x57]) verify(x86.mov(rbx,MemRef(rsp, index = rdx, scale=2)), [0x48, 0x8b, 0x1c, 0x54]) verify(x86.mov(rax,MemRef(rbp, 0, index = rdx, scale=2)), [0x48, 0x8b, 0x44, 0x55, 0x00]) verify(x86.mov(eax,MemRef(ebp, data_size = 32)), [0x67, 0x8b, 0x45, 0x00]) verify(x86.and_(al,bl), [0x20, 0xd8]) verify(x86.and_(al,ch), [0x20, 0xe8]) verify(x86.and_(al,sil), [0x40, 0x20, 0xf0]) verify(x86.and_(al,spl), [0x40, 0x20, 0xe0]) verify(x86.and_(bpl,MemRef(rax, data_size = 8)), [0x40, 0x22, 0x28]) verify(x86.invlpg(MemRef(rax, data_size = 8)), [0x0F, 0x01, 0x38]) verify(x86.rdtscp(), [0x0F, 0x01, 0xF9]) verify(x86.cmove(rcx, rdx), [0x48, 0x0F, 0x44, 0xCA]) verify(x86.cmove(ecx, edx), [0x0F, 0x44, 0xCA]) verify(x86.cmove(cx, dx), [0x66, 0x0F, 0x44, 0xCA]) verify(x86.shld(rax, rbx, cl), [0x48, 0x0F, 0xA5, 0xD8]) verify(x86.shld(eax, ebx, cl), [0x0F, 0xA5, 0xD8]) verify(x86.shld(ax, bx, cl), [0x66, 0x0F, 0xA5, 0xD8]) verify(x86.shld(rax, rbx, 4), [0x48, 0x0F, 0xA4, 0xD8, 0x04]) verify(x86.shld(eax, ebx, 4), [0x0F, 0xA4, 0xD8, 0x04]) verify(x86.shld(ax, bx, 4), [0x66, 0x0F, 0xA4, 0xD8, 0x04]) verify(x86.imul(rax, rdx, 0x100000), [0x48, 0x69, 0xC2, 0x00, 0x00, 0x10, 0x00]) verify(x86.imul(rax, rdx, 0x10), [0x48, 0x6B, 0xC2, 0x10]) verify(x86.imul(eax, edx, 0x100000), [0x69, 0xC2, 0x00, 0x00, 0x10, 0x00]) verify(x86.imul(ax, dx, 0x1000), [0x66, 0x69, 0xC2, 0x00, 0x10]) verify(x86.shl(rax, 1), [0x48, 0xD1, 0xE0]) verify(x86.add(eax, 1), [0x83, 0xC0, 0x01]) verify(x86.mov(r15, 4), [0x49, 0xC7, 0xC7, 0x04, 0x00, 0x00, 0x00]) print verify(x86.cvtss2si(r9d, xmm0), [0xf3, 0x44, 0x0f, 0x2d, 0xc8]) verify(x86.cvttsd2si(r9d, xmm0), [0xf2, 0x44, 0x0f, 0x2c, 0xc8]) verify(x86.cvttss2si(r9d, xmm0), [0xf3, 0x44, 0x0f, 0x2c, 0xc8]) verify(x86.movmskpd(eax,xmm9), [0x66, 0x41, 0x0F, 0x50, 0xC1]) verify(x86.pmovmskb(eax,xmm9), [0x66, 0x41, 0x0F, 0xD7, 0xC1]) verify(x86.pextrw(ebx, xmm12, 4), [0x66, 0x41, 0x0F, 0xC5, 0xDC, 0x04]) verify(x86.pinsrw(xmm12, ebx, 4), [0x66, 0x44, 0x0F, 0xC4, 0xE3, 0x04]) verify(x86.movd(ecx,xmm5), [0x66, 0x0F, 0x7E, 0xE9]) verify(x86.movd(xmm5,edx), [0x66, 0x0F, 0x6E, 0xEA]) verify(x86.movd(xmm5,rdx), [0x66, 0x48, 0x0F, 0x6E, 0xEA]) print verify(x86.cvtsi2sd(xmm0, r9), [0xF3, 0x49, 0x0F, 0x2A, 0xC1]) verify(x86.cvtss2si(r9, xmm0), [0xF3, 0x4C, 0x0F, 0x2D, 0xC8]) verify(x86.cvttsd2si(r9, xmm0), [0xF2, 0x4C, 0x0F, 0x2C, 0xC8]) verify(x86.cvttss2si(r9, xmm0), [0xF3, 0x4C, 0x0F, 0x2C, 0xC8]) verify(x86.movd(rcx,xmm5), [0x66, 0x48, 0x0F, 0x7E, 0xE9]) verify(x86.movd(xmm5,rdx), [0x66, 0x48, 0x0F, 0x6E, 0xEA]) print verify(x86.pmovmskb(eax,mm1), [0x0F, 0xD7, 0xC1]) verify(x86.pmovmskb(rax,mm1), [0x48, 0x0F, 0xD7, 0xC1]) verify(x86.movd(rcx,mm5), [0x48, 0x0F, 0x7E, 0xE9]) verify(x86.movd(mm5,rdx), [0x48, 0x0F, 0x6E, 0xEA]) return
def Test():
prgm = env.Program()
code = prgm.get_stream()
proc = env.Processor()
params = env.ExecParams()
params.p1 = 3
lbl1 = prgm.get_label("lbl1")
lbl2 = prgm.get_label("lbl2")
code.add(x86.xor(prgm.gp_return, prgm.gp_return))
code.add(x86.cmp(prgm.gp_return, 1))
code.add(x86.jne(lbl1))
code.add(x86.ud2())
code.add(x86.ud2())
code.add(lbl1)
code.add(x86.cmp(prgm.gp_return, 1))
code.add(x86.je(lbl2))
code.add(x86.add(prgm.gp_return, 12))
code.add(lbl2)
prgm.add(code)
#prgm.print_code(pro = True, epi = True, hex = True)
ret = proc.execute(prgm, mode='int')
print "ret", ret
assert (ret == 12)
prgm.reset()
code.reset()
code.add(x86.xor(prgm.gp_return, prgm.gp_return))
code.add(x86.cmp(prgm.gp_return, 1))
code.add(x86.jne(28))
code.add(x86.ud2())
code.add(x86.ud2())
code.add(x86.cmp(prgm.gp_return, 1))
code.add(x86.je(37))
code.add(x86.add(prgm.gp_return, 12))
prgm.add(code)
prgm.print_code(hex=True, pro=True, epi=True)
ret = proc.execute(prgm)
print "ret", ret
assert (ret == 12)
prgm.reset()
code.reset()
call_lbl = prgm.get_label("call_fn")
code.add(x86.xor(prgm.gp_return, prgm.gp_return))
code.add(x86.call(call_lbl))
code.add(x86.jmp(prgm.lbl_epilogue))
code.add(x86.mov(prgm.gp_return, 75))
code.add(x86.mov(prgm.gp_return, 42))
code.add(call_lbl)
code.add(x86.mov(prgm.gp_return, 15))
code.add(x86.ret())
prgm.add(code)
prgm.print_code()
ret = proc.execute(prgm, mode='int')
print "ret", ret
assert (ret == 15)
prgm.reset()
code.reset()
fwd_lbl = prgm.get_label("FORWARD")
bck_lbl = prgm.get_label("BACKWARD")
code.add(x86.xor(prgm.gp_return, prgm.gp_return))
code.add(bck_lbl)
code.add(x86.cmp(prgm.gp_return, 1))
code.add(x86.jne(fwd_lbl))
r_foo = prgm.acquire_register()
for i in xrange(0, 65):
code.add(x86.pop(r_foo))
prgm.release_register(r_foo)
code.add(fwd_lbl)
prgm.add(code)
ret = proc.execute(prgm, mode='int')
print "ret", ret
assert (ret == 0)
prgm.reset()
code.reset()
loop_lbl = prgm.get_label("LOOP")
out_lbl = prgm.get_label("OUT")
skip_lbl = prgm.get_label("SKIP")
code.add(x86.xor(prgm.gp_return, prgm.gp_return))
code.add(loop_lbl)
r_foo = prgm.acquire_register()
for i in range(0, 1):
for i in xrange(0, 24):
code.add(x86.add(r_foo, MemRef(rsp, 4)))
code.add(x86.add(prgm.gp_return, 4))
code.add(x86.cmp(prgm.gp_return, 20))
code.add(x86.je(out_lbl))
for i in xrange(0, 24):
code.add(x86.add(r_foo, MemRef(rsp, 4)))
code.add(x86.cmp(prgm.gp_return, 32))
code.add(x86.jne(loop_lbl))
code.add(out_lbl)
code.add(x86.jmp(skip_lbl))
for i in xrange(0, 2):
code.add(x86.add(r_foo, MemRef(rsp, 4)))
code.add(skip_lbl)
prgm.release_register(r_foo)
prgm.add(code)
ret = proc.execute(prgm, mode='int')
print "ret", ret
assert (ret == 20)
prgm.reset()
code.reset()
r_tmp = prgm.acquire_registers(2)
loop_lbl = prgm.get_label("LOOP")
else_lbl = prgm.get_label("ELSE")
finish_lbl = prgm.get_label("finish")
code.add(x86.mov(prgm.gp_return, 0))
code.add(x86.mov(r_tmp[0], 0))
code.add(loop_lbl)
code.add(x86.add(prgm.gp_return, 1))
code.add(x86.cmp(prgm.gp_return, 16))
code.add(x86.jge(finish_lbl))
code.add(x86.add(r_tmp[0], prgm.gp_return))
code.add(x86.mov(r_tmp[1], r_tmp[0]))
code.add(x86.and_(r_tmp[1], 0x1))
code.add(x86.jnz(else_lbl))
code.add(x86.add(r_tmp[0], 1))
code.add(x86.jmp(loop_lbl))
code.add(else_lbl)
code.add(x86.add(r_tmp[0], r_tmp[1]))
code.add(x86.jmp(loop_lbl))
code.add(finish_lbl)
code.add(x86.mov(prgm.gp_return, r_tmp[0]))
prgm.release_registers(r_tmp)
prgm.add(code)
ret = proc.execute(prgm, mode='int')
print "ret", ret
assert (ret == 135)
prgm.reset()
code.reset()
loop_lbl = prgm.get_label("LOOP")
r_one = prgm.acquire_register()
code.add(x86.xor(prgm.gp_return, prgm.gp_return))
code.add(x86.xor(rcx, rcx))
code.add(x86.mov(r_one, 1))
code.add(loop_lbl)
code.add(x86.inc(prgm.gp_return))
code.add(x86.cmp(prgm.gp_return, 7))
code.add(x86.cmove(rcx, r_one))
code.add(x86.jrcxz(loop_lbl))
prgm.release_register(r_one)
prgm.add(code)
prgm.print_code(hex=True)
ret = proc.execute(prgm, mode='int')
print "ret", ret
assert (ret == 7)
prgm.reset()
code.reset()
r_tmp = prgm.acquire_register()
code.add(x86.mov(prgm.gp_return, rdi))
code.add(x86.xor(r_tmp, r_tmp))
code.add(x86.mov(r_tmp, -1))
code.add(x86.mov(cl, 1))
code.add(x86.shld(prgm.gp_return, r_tmp, cl))
prgm.release_register(r_tmp)
prgm.add(code)
ret = proc.execute(prgm, params=params, mode='int')
print "ret", ret
assert (ret == 7)
prgm.reset()
code.reset()
code.add(x86.add(eax, 200))
code.add(x86.xor(eax, eax))
code.add(x86.add(al, 32))
code.add(x86.add(bl, 32))
code.add(x86.xor(bl, bl))
code.add(x86.mov(dil, al))
code.add(x86.add(rdi, 0))
code.add(x86.mov(eax, edi))
code.add(x86.mov(al, dil))
code.add(x86.imul(ax, ax, 4))
code.add(x86.imul(eax, ebx, 10))
code.add(x86.mov(cx, 1232))
code.add(x86.sub(ax, cx))
code.add(x86.xor(eax, eax))
code.add(x86.mov(eax, ebx))
code.add(x86.clc())
code.add(x86.rcl(eax, 1))
code.add(x86.rcr(eax, 1))
prgm.add(code)
#ret = proc.execute(prgm, debug = True, params = params)
id1 = proc.execute(prgm, params=params, mode='int', async=True)
id2 = proc.execute(prgm, params=params, mode='int', async=True)
ret = proc.execute(prgm, params=params, mode='int')
print "Return main thread: %d" % (ret)
assert (ret == 1280)
ret = proc.join(id1)
print "Return thread 1: %d" % (ret)
assert (ret == 1280)
ret = proc.join(id2)
print "Return thread 2: %d" % (ret)
assert (ret == 1280)
prgm.reset()
code.reset()
code.add(x86.fldpi())
code.add(x86.pxor(xmm0, xmm0))
code.add(x86.fld1())
code.add(x86.fadd(st0, st0))
code.add(x86.fmulp())
code.add(x86.fsin())
code.add(x86.fcos())
code.add(x86.fld1())
code.add(x86.fyl2xp1())
# x86_64 now uses xmm0 to return floats, not st0. So here, just make room
# on the stack, convert the FP result to an int and store it on the stack,
# then pop it into rax, the int return register.
code.add(x86.push(prgm.gp_return))
code.add(x86.fistp(MemRef(rsp)))
code.add(x86.pop(prgm.gp_return))
prgm.add(code)
prgm.print_code(hex=True)
ret = proc.execute(prgm, params=params, mode='int')
assert (ret == 1)
print "Return main thread: %d" % (ret)
prgm.reset()
code.reset()
lbl_ok = prgm.get_label("OK")
code.add(x86.emms())
code.add(x86.movd(xmm0, edi))
code.add(x86.mov(ebx, edi))
code.add(x86.cmp(ebx, 3))
code.add(x86.je(lbl_ok))
code.add(x86.movd(eax, xmm0))
code.add(x86.cmp(eax, 3))
code.add(x86.je(lbl_ok))
code.add(x86.ud2())
code.add(lbl_ok)
code.add(x86.xor(eax, eax))
code.add(x86.movd(xmm1, ebx))
code.add(x86.paddq(xmm0, xmm1))
code.add(x86.pextrw(ecx, xmm0, 0))
code.add(x86.pxor(mm1, mm1))
code.add(x86.pinsrw(mm1, ecx, 0))
code.add(x86.movq2dq(xmm0, mm1))
code.add(x86.movdq2q(mm2, xmm0))
code.add(x86.movd(edx, mm2))
code.add(x86.movd(xmm5, edx))
code.add(x86.movd(ecx, xmm5))
code.add(x86.pxor(xmm6, xmm6))
code.add(x86.pinsrw(xmm6, ecx, 0))
code.add(x86.movd(eax, xmm6))
prgm.add(code)
prgm.print_code(hex=True)
ret = proc.execute(prgm, params=params, mode='int')
print "Return main thread: %d" % (ret)
assert (ret == 6)
prgm.reset()
code.reset()
code.add(x86.mov(edx, 0x1234))
code.add(x86.mov(eax, 0xFFFF))
code.add(x86.xchg(edx, eax))
prgm.add(code)
prgm.print_code(hex=True)
ret = proc.execute(prgm, params=params)
print "ret:", ret
assert (ret == 0x1234)
prgm.reset()
code.reset()
code.add(x86.mov(prgm.gp_return, rsp))
code.add(x86.pushfq())
code.add(x86.sub(prgm.gp_return, rsp))
code.add(x86.add(rsp, prgm.gp_return))
prgm.add(code)
prgm.print_code(hex=True)
ret = proc.execute(prgm, params=params)
print "ret:", ret
assert (ret == 8)
prgm.reset()
code.reset()
data = extarray.extarray('H', xrange(0, 16))
r_128 = prgm.acquire_register(reg_type=XMMRegister)
regs = prgm.acquire_registers(4)
code.add(x86.mov(regs[0], data.buffer_info()[0]))
code.add(x86.movaps(r_128, MemRef(regs[0], data_size=128)))
code.add(x86.pextrw(prgm.gp_return, r_128, 0))
code.add(x86.pextrw(regs[1], r_128, 1))
code.add(x86.pextrw(regs[2], r_128, 2))
code.add(x86.pextrw(regs[3], r_128, 3))
code.add(x86.shl(regs[1], 16))
code.add(x86.shl(regs[2], 32))
code.add(x86.shl(regs[3], 48))
code.add(x86.or_(prgm.gp_return, regs[1]))
code.add(x86.or_(prgm.gp_return, regs[2]))
code.add(x86.or_(prgm.gp_return, regs[3]))
prgm.release_register(r_128)
prgm.release_registers(regs)
prgm.add(code)
prgm.print_code()
ret = proc.execute(prgm, mode='int')
print "ret %x" % ret
assert (ret == 0x0003000200010000)
prgm.reset()
code.reset()
util.load_float(code, xmm0, 3.14159)
prgm.add(code)
ret = proc.execute(prgm, mode='fp')
print "ret", ret
assert (ret - 3.14159 < 0.00001)
return
def Test():
code = env.InstructionStream()
proc = env.Processor()
params = env.ExecParams()
params.p1 = 3
mr32 = MemRef(rbp, 16, data_size=32)
mr8 = MemRef(rbp, 16, data_size=8)
lbl1 = code.get_label("lbl1")
lbl2 = code.get_label("lbl2")
code.add(x86.xor(rax, rax))
code.add(x86.cmp(rax, 1))
code.add(x86.jne(lbl1))
code.add(x86.ud2())
code.add(x86.ud2())
code.add(lbl1)
code.add(x86.cmp(rax, 1))
code.add(x86.je(lbl2))
code.add(x86.add(rax, 12))
code.add(lbl2)
# printer.PrintInstructionStream(code, printer.x86_64_Nasm(function_name="foobar"))
ret = proc.execute(code)
print "ret", ret
assert (ret == 12)
print "W00T"
code.reset()
code.add(x86.xor(rax, rax))
code.add(x86.cmp(rax, 1))
code.add(x86.jne(28))
code.add(x86.ud2())
code.add(x86.ud2())
code.add(x86.cmp(eax, 1))
code.add(x86.je(37))
code.add(x86.add(rax, 12))
code.print_code(hex=True, pro=True, epi=True)
print "a"
ret = proc.execute(code)
print "b"
print "ret", ret
assert (ret == 12)
print "w00t 2"
code.reset()
call_lbl = code.get_label("call_fn")
code.add(x86.xor(rax, rax))
code.add(x86.call(call_lbl))
code.add(x86.jmp(code.lbl_epilogue))
code.add(x86.mov(rax, 75))
code.add(x86.mov(rax, 42))
code.add(call_lbl)
code.add(x86.mov(rax, 15))
code.add(x86.ret())
code.print_code()
ret = proc.execute(code)
print "ret", ret
assert (ret == 15)
code.reset()
fwd_lbl = code.get_label("FORWARD")
bck_lbl = code.get_label("BACKWARD")
code.add(x86.xor(rax, rax))
code.add(bck_lbl)
code.add(x86.cmp(rax, 1))
code.add(x86.jne(fwd_lbl))
for i in xrange(0, 65):
code.add(x86.pop(r15))
code.add(fwd_lbl)
ret = proc.execute(code, mode='int')
assert (ret == 0)
code.reset()
loop_lbl = code.get_label("LOOP")
out_lbl = code.get_label("OUT")
skip_lbl = code.get_label("SKIP")
code.add(x86.xor(rax, rax))
code.add(loop_lbl)
for i in range(0, 1):
for i in xrange(0, 24):
code.add(x86.add(r15, MemRef(rsp, 4)))
code.add(x86.add(rax, 4))
code.add(x86.cmp(rax, 20))
code.add(x86.je(out_lbl))
for i in xrange(0, 24):
code.add(x86.add(r15, MemRef(rsp, 4)))
code.add(x86.cmp(rax, 32))
code.add(x86.jne(loop_lbl))
code.add(out_lbl)
code.add(x86.jmp(skip_lbl))
for i in xrange(0, 2):
code.add(x86.add(r15, MemRef(rsp, 4)))
code.add(skip_lbl)
ret = proc.execute(code, mode='int')
print "ret", ret
assert (ret == 20)
code.reset()
loop_lbl = code.get_label("LOOP")
else_lbl = code.get_label("ELSE")
finish_lbl = code.get_label("finish")
code.add(x86.mov(rax, 0))
code.add(x86.mov(rdx, 0))
code.add(loop_lbl)
code.add(x86.add(rax, 1))
code.add(x86.cmp(rax, 16))
code.add(x86.jge(finish_lbl))
code.add(x86.add(rdx, rax))
code.add(x86.mov(r8, rdx))
code.add(x86.and_(r8, 0x1))
code.add(x86.jnz(else_lbl))
code.add(x86.add(rdx, 1))
code.add(x86.jmp(loop_lbl))
code.add(else_lbl)
code.add(x86.add(rdx, r8))
code.add(x86.jmp(loop_lbl))
code.add(finish_lbl)
code.add(x86.mov(rax, rdx))
ret = proc.execute(code, mode='int')
print "ret", ret
assert (ret == 135)
code.reset()
loop_lbl = code.get_label("LOOP")
code.add(x86.xor(rax, rax))
code.add(x86.xor(rcx, rcx))
code.add(x86.mov(rdx, 1))
code.add(loop_lbl)
code.add(x86.inc(rax))
code.add(x86.cmp(rax, 7))
code.add(x86.cmove(rcx, rdx))
code.add(x86.jrcxz(loop_lbl))
code.print_code(hex=True)
ret = proc.execute(code, mode='int')
print "ret", ret
assert (ret == 7)
code.reset()
code.add(x86.mov(rax, MemRef(rbp, 16)))
code.add(x86.xor(rbx, rbx))
code.add(x86.mov(rbx, -1))
code.add(x86.mov(cl, 1))
code.add(x86.shld(rax, rbx, cl))
code.print_code(hex=True)
ret = proc.execute(code, params=params, mode='int')
print "ret", ret
assert (ret == 7)
# code.reset()
# code.add(x86.add(eax, 200))
# code.add(x86.xor(eax, eax))
# code.add(x86.add(al, 32))
# code.add(x86.add(bl, 32))
# code.add(x86.xor(bl, bl))
# code.add(x86.mov(mr8, al))
# code.add(x86.add(mr32, 0))
# code.add(x86.mov(eax, mr32))
# code.add(x86.mov(al, mr8))
#
# code.add(x86.imul(ax, ax, 4))
# code.add(x86.imul(eax, ebx, 10))
# code.add(x86.mov(cx, 1232))
# code.add(x86.sub(ax, cx))
# code.add(x86.xor(eax,eax))
# code.add(x86.mov(eax,ebx))
# code.add(x86.clc())
# code.add(x86.rcl(eax, 1))
# code.add(x86.rcr(eax, 1))
# #ret = proc.execute(code, debug = True, params = params)
# id1 = proc.execute(code, params = params, mode = 'int', async = True)
# id2 = proc.execute(code, params = params, mode = 'int', async = True)
# ret = proc.execute(code, params = params, mode = 'int')
# print "Return main thread: %d" % (ret)
# assert(ret == 1280)
# ret = proc.join(id1)
# print "Return thread 1: %d" % (ret)
# assert(ret == 1280)
# ret = proc.join(id2)
# print "Return thread 2: %d" % (ret)
# assert(ret == 1280)
code.reset()
code.add(x86.fldpi())
code.add(x86.pxor(xmm0, xmm0))
code.add(x86.fld1())
code.add(x86.fadd(st0, st0))
code.add(x86.fmulp())
code.add(x86.fsin())
code.add(x86.fcos())
code.add(x86.fld1())
code.add(x86.fyl2xp1())
# x86_64 now uses xmm0 to return floats, not st0. So here, just make room
# on the stack, convert the FP result to an int and store it on the stack,
# then pop it into rax, the int return register.
code.add(x86.push(rax))
code.add(x86.fistp(MemRef(rsp)))
code.add(x86.pop(rax))
code.print_code(hex=True)
ret = proc.execute(code, params=params, mode='int')
assert (ret == 1)
print "Return main thread: %d" % (ret)
code.reset()
lbl_ok = code.get_label("OK")
code.add(x86.emms())
code.add(x86.movd(xmm0, mr32))
code.add(x86.mov(ebx, mr32))
code.add(x86.cmp(ebx, 3))
code.add(x86.je(lbl_ok))
code.add(x86.movd(eax, xmm0))
code.add(x86.cmp(eax, 3))
code.add(x86.je(lbl_ok))
code.add(x86.ud2())
code.add(lbl_ok)
code.add(x86.xor(eax, eax))
code.add(x86.movd(xmm1, ebx))
code.add(x86.paddq(xmm0, xmm1))
code.add(x86.pextrw(ecx, xmm0, 0))
code.add(x86.pinsrw(mm1, ecx, 0))
code.add(x86.movq2dq(xmm0, mm1))
code.add(x86.movdq2q(mm2, xmm0))
code.add(x86.movd(edx, mm2))
code.add(x86.movd(xmm5, edx))
code.add(x86.movd(ecx, xmm5))
code.add(x86.pinsrw(xmm6, ecx, 0))
code.add(x86.movd(eax, xmm6))
code.print_code(hex=True)
ret = proc.execute(code, params=params, mode='int')
print "Return main thread: %d" % (ret)
assert (ret == 6)
code.reset()
# Test immediate size encodings
code.add(x86.add(eax, 300))
code.add(x86.add(ax, 300))
code.add(x86.add(ax, 30))
code.add(x86.mov(eax, 16))
code.add(x86.mov(eax, 300))
code.reset()
code.add(x86.add(eax, 0xDEADBEEF))
code.add(x86.add(ebx, 0xDEADBEEF))
code.print_code(hex=True)
# Try the LOCK prefix
code.reset()
code.add(x86.xor(eax, eax))
code.add(x86.add(mr32, eax))
code.add(x86.add(mr32, eax, lock=True))
#code.print_code(hex = True)
proc.execute(code, params=params)
code.reset()
code.add(x86.mov(edx, 0x1234))
code.add(x86.mov(eax, 0xFFFF))
code.add(x86.xchg(edx, eax))
code.print_code(hex=True)
ret = proc.execute(code, params=params)
print "ret:", ret
assert (ret == 0x1234)
code.reset()
code.add(x86.mov(rax, rsp))
code.add(x86.pushfq())
code.add(x86.sub(rax, rsp))
code.add(x86.add(rsp, rax))
code.print_code(hex=True)
ret = proc.execute(code, params=params)
print "ret:", ret
assert (ret == 8)
code.reset()
data = extarray.extarray('H', xrange(0, 16))
# code.add(x86.push(rdi))
code.add(x86.mov(rdi, data.buffer_info()[0]))
code.add(x86.movaps(xmm1, MemRef(rdi, data_size=128)))
code.add(x86.pextrw(rax, xmm1, 0))
code.add(x86.pextrw(rbx, xmm1, 1))
code.add(x86.pextrw(rcx, xmm1, 2))
code.add(x86.pextrw(rdx, xmm1, 3))
code.add(x86.shl(rbx, 16))
code.add(x86.shl(rcx, 32))
code.add(x86.shl(rdx, 48))
code.add(x86.or_(rax, rbx))
code.add(x86.or_(rax, rcx))
code.add(x86.or_(rax, rdx))
# code.add(x86.pop(rdi))
code.print_code(hex=True)
ret = proc.execute(code, mode='int')
print "ret %x" % ret
assert (ret == 0x0003000200010000)
code.reset()
L1 = code.get_label("L1")
code.add(x86.xor(rax, rax))
code.add(x86.mov(rcx, 3))
code.add(L1)
code.add(x86.add(rax, 1))
code.add(x86.loop(L1))
code.print_code(hex=True)
ret = proc.execute(code, mode='int')
print "ret %x" % ret
assert (ret == 0x03)
return
def discard(bs, n=1):
d = 0
for i in xrange(n):
d += bs.flow.stack.pop().size
if d:
bs.code += isa.add(registers.rsp, 8 * d)
# This first case is intentionally wrong to show what happens w/o locking.
data[0] = 0
prgm = env.Program()
code = prgm.get_stream()
x86.set_active_code(code)
x86.mov(rax, 1)
x86.mov(rcx, ITERS)
x86.mov(rdi, dbi[0])
lbl_loop = prgm.get_unique_label("loop")
code.add(lbl_loop)
x86.add(MemRef(rdi), rax)
x86.dec(rcx)
x86.jnz(lbl_loop)
prgm += code
prgm.print_code(hex=True)
proc = env.Processor()
t1 = time.time()
ids = [proc.execute(prgm, async=True) for i in xrange(0, THREADS)]
[proc.join(i) for i in ids]
t2 = time.time()
print "time", t2 - t1
print "val", data[0], ITERS * THREADS
print "passed?", data[0] == ITERS * THREADS
# This first case is intentionally wrong to show what happens w/o locking.
data[0] = 0
prgm = env.Program()
code = prgm.get_stream()
x86.set_active_code(code)
x86.mov(rax, 1)
x86.mov(rcx, ITERS)
x86.mov(rdi, dbi[0])
lbl_loop = prgm.get_unique_label("loop")
code.add(lbl_loop)
x86.add(MemRef(rdi), rax)
x86.dec(rcx)
x86.jnz(lbl_loop)
prgm += code
prgm.print_code(hex = True)
proc = env.Processor()
t1 = time.time()
ids = [proc.execute(prgm, async = True) for i in xrange(0, THREADS)]
[proc.join(i) for i in ids]
t2 = time.time()
print "time", t2 - t1
print "val", data[0], ITERS * THREADS
print "passed?", data[0] == ITERS * THREADS
#code.add(spu.nop(0)) #dma.mem_complete(code, 12) #code.add(spu.lnop()) # should this be done in printis? #code.cache_code() #code.print_code(pro = True, epi = True) #PrintInstructionStream(code, Default(show_prologue = True, show_epilogue = True, line_numbers = True, show_hex = True)) #PrintInstructionStream(code, Default()) #PrintInstructionStream(code, SPU_Asm(comment_chan = True)) import corepy.arch.x86_64.platform as env import corepy.arch.x86_64.isa as x86 import corepy.arch.x86_64.types.registers as regs import corepy.arch.x86_64.lib.memory as mem code = env.InstructionStream(None) code.add(x86.mov(regs.rax, 0xDEADBEEF)) code.add(x86.add(regs.rax, 0xDEADBEEF)) code.add(x86.call(-6)) code.add(x86.div(mem.MemRef(regs.r8, 1048576, regs.r13, 4, data_size = 16, addr_size = 32))) code.add(x86.sub(regs.rax, 0xBEEF)) code.add(x86.mov(regs.rax, mem.MemRef(regs.rbp, 8))) code.cache_code() PrintInstructionStream(code, Default(show_hex = True)) PrintInstructionStream(code, x86_64_Nasm(function_name="foobar"))
