metasm 1.0.0 → 1.0.5

data/metasm/cpu/webasm/main.rb

@@ -0,0 +1,81 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2010 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+
+require 'metasm/main'
+
+module Metasm
+
+class WebAsm < CPU
+	attr_accessor :wasm_file
+	def initialize(*args)
+		super()
+		@size = args.grep(Integer).first || 64
+		@wasm_file = args.grep(ExeFormat).first
+		@endianness = args.delete(:little) || args.delete(:big) || (@wasm_file ? @wasm_file.endianness : :little)
+	end
+
+	class Memref
+		attr_accessor :off
+
+		def initialize(off)
+			@off = Expression[off]
+		end
+
+		def symbolic(di=nil)
+			sz = 8
+			off = Expression[:mem, :+, [@off]]
+			if di and di.opcode.name =~ /(32|64)\.(load|store)(8|16|32)?/
+				opsz, op, mode = $1, $2, $3
+				sz = mode ? mode.to_i/8 : opsz.to_i/8
+				stack_off = (op == 'store' ? [:opstack, :+, 8] : [:opstack])
+				off = Expression[Indirection[stack_off, 4], :+, off]
+			end
+			Indirection[off, sz, (di.address if di)]
+		end
+
+		include Renderable
+		def render
+			['[', @off, ']']
+		end
+	end
+
+	class BrTable
+		attr_accessor :ary, :default
+		def initialize(ary, default)
+			@ary = ary
+			@default = default
+		end
+
+		include Renderable
+		def render
+			out = ['[']
+			@ary.each { |a| out << a << ', ' }
+			out.pop if out.length > 1
+			out << ']' << ' or ' << @default
+		end
+	end
+
+	class BlockSignature
+		attr_accessor :id
+
+		def initialize(id)
+			@id = id
+		end
+
+		def symbolic(di=nil)
+			Expression[@id]
+		end
+
+		include Renderable
+		def render
+			[WasmFile::TYPE.fetch(@id, Expression[@id])]
+		end
+	end
+
+	def init_opcode_list
+		init
+	end
+end
+end

data/metasm/cpu/webasm/opcodes.rb

@@ -0,0 +1,214 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2010 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+
+require 'metasm/cpu/webasm/main'
+
+module Metasm
+class WebAsm
+	def addop(name, bin, *args)
+		o = Opcode.new name, bin
+
+		args.each { |a|
+			if a == :mem
+				o.args << :uleb << :memoff
+			elsif @valid_props[a]
+				o.props[a] = true
+			else
+				o.args << a
+			end
+		}
+
+		@opcode_list << o
+	end
+
+	def init
+		@opcode_list = []
+		@valid_props = { :setip => true, :stopexec => true, :saveip => true }
+
+		addop 'unreachable',   0x00, :stopexec
+		addop 'nop',           0x01
+		addop 'block',         0x02, :blocksig		# arg = signature (block_type)
+		addop 'loop',          0x03, :blocksig		# ^
+		addop 'if',            0x04, :blocksig, :setip	# ^
+		addop 'else',          0x05, :setip, :stopexec
+		addop 'end',           0x0b, :stopexec		# end of function (default with no function context)
+		addop 'end',           0x0b			# end of if/else/block/loop
+		addop 'br',            0x0c, :uleb, :setip, :stopexec	# arg = depth to break up to
+		addop 'br_if',         0x0d, :uleb, :setip
+		addop 'br_table',      0x0e, :br_table, :setip, :stopexec
+		addop 'return',        0x0f, :stopexec
+		addop 'call',          0x10, :uleb, :setip, :saveip, :stopexec	# function index
+		addop 'call_indirect', 0x11, :uleb, :uleb, :setip, :saveip, :stopexec	# type index for target function signature ; table index where the function indexes come from (fixed 0)
+
+		addop 'drop',   0x1a
+		addop 'select', 0x1b
+
+		addop 'get_local',  0x20, :uleb
+		addop 'set_local',  0x21, :uleb
+		addop 'tee_local',  0x22, :uleb
+		addop 'get_global', 0x23, :uleb
+		addop 'set_global', 0x24, :uleb
+
+		addop 'i32.load', 0x28, :mem
+		addop 'i64.load', 0x29, :mem
+		addop 'f32.load', 0x2a, :mem
+		addop 'f64.load', 0x2b, :mem
+		addop 'i32.load8_s',  0x2c, :mem
+		addop 'i32.load8_u',  0x2d, :mem
+		addop 'i32.load16_s', 0x2e, :mem
+		addop 'i32.load16_u', 0x2f, :mem
+		addop 'i64.load8_s',  0x30, :mem
+		addop 'i64.load8_u',  0x31, :mem
+		addop 'i64.load16_s', 0x32, :mem
+		addop 'i64.load16_u', 0x33, :mem
+		addop 'i64.load32_s', 0x34, :mem
+		addop 'i64.load32_u', 0x35, :mem
+		addop 'i32.store',   0x36, :mem
+		addop 'i64.store',   0x37, :mem
+		addop 'f32.store',   0x38, :mem
+		addop 'f64.store',   0x39, :mem
+		addop 'i32.store8',  0x3a, :mem
+		addop 'i32.store16', 0x3b, :mem
+		addop 'i64.store8',  0x3c, :mem
+		addop 'i64.store16', 0x3d, :mem
+		addop 'i64.store32', 0x3e, :mem
+		addop 'current_memory', 0x3f, :uleb	# resv1
+		addop 'grow_memory', 0x40, :uleb	# resv1
+
+		addop 'i32.const', 0x41, :sleb
+		addop 'i64.const', 0x42, :sleb
+		addop 'f32.const', 0x43, :f32
+		addop 'f64.const', 0x44, :f64
+
+		addop 'i32.eqz', 0x45	 	 
+		addop 'i32.eq', 0x46	 	 
+		addop 'i32.ne', 0x47	 	 
+		addop 'i32.lt_s', 0x48	 	 
+		addop 'i32.lt_u', 0x49	 	 
+		addop 'i32.gt_s', 0x4a	 	 
+		addop 'i32.gt_u', 0x4b	 	 
+		addop 'i32.le_s', 0x4c	 	 
+		addop 'i32.le_u', 0x4d	 	 
+		addop 'i32.ge_s', 0x4e	 	 
+		addop 'i32.ge_u', 0x4f	 	 
+		addop 'i64.eqz', 0x50	 	 
+		addop 'i64.eq', 0x51	 	 
+		addop 'i64.ne', 0x52	 	 
+		addop 'i64.lt_s', 0x53	 	 
+		addop 'i64.lt_u', 0x54	 	 
+		addop 'i64.gt_s', 0x55	 	 
+		addop 'i64.gt_u', 0x56	 	 
+		addop 'i64.le_s', 0x57	 	 
+		addop 'i64.le_u', 0x58	 	 
+		addop 'i64.ge_s', 0x59	 	 
+		addop 'i64.ge_u', 0x5a	 	 
+		addop 'f32.eq', 0x5b	 	 
+		addop 'f32.ne', 0x5c	 	 
+		addop 'f32.lt', 0x5d	 	 
+		addop 'f32.gt', 0x5e	 	 
+		addop 'f32.le', 0x5f	 	 
+		addop 'f32.ge', 0x60	 	 
+		addop 'f64.eq', 0x61	 	 
+		addop 'f64.ne', 0x62	 	 
+		addop 'f64.lt', 0x63	 	 
+		addop 'f64.gt', 0x64	 	 
+		addop 'f64.le', 0x65	 	 
+		addop 'f64.ge', 0x66	 	 
+
+		addop 'i32.clz', 0x67	 	 
+		addop 'i32.ctz', 0x68	 	 
+		addop 'i32.popcnt', 0x69	 	 
+		addop 'i32.add', 0x6a	 	 
+		addop 'i32.sub', 0x6b	 	 
+		addop 'i32.mul', 0x6c	 	 
+		addop 'i32.div_s', 0x6d	 	 
+		addop 'i32.div_u', 0x6e	 	 
+		addop 'i32.rem_s', 0x6f	 	 
+		addop 'i32.rem_u', 0x70	 	 
+		addop 'i32.and', 0x71	 	 
+		addop 'i32.or', 0x72	 	 
+		addop 'i32.xor', 0x73	 	 
+		addop 'i32.shl', 0x74	 	 
+		addop 'i32.shr_s', 0x75	 	 
+		addop 'i32.shr_u', 0x76	 	 
+		addop 'i32.rotl', 0x77	 	 
+		addop 'i32.rotr', 0x78	 	 
+		addop 'i64.clz', 0x79	 	 
+		addop 'i64.ctz', 0x7a	 	 
+		addop 'i64.popcnt', 0x7b	 	 
+		addop 'i64.add', 0x7c	 	 
+		addop 'i64.sub', 0x7d	 	 
+		addop 'i64.mul', 0x7e	 	 
+		addop 'i64.div_s', 0x7f	 	 
+		addop 'i64.div_u', 0x80	 	 
+		addop 'i64.rem_s', 0x81	 	 
+		addop 'i64.rem_u', 0x82	 	 
+		addop 'i64.and', 0x83	 	 
+		addop 'i64.or', 0x84	 	 
+		addop 'i64.xor', 0x85	 	 
+		addop 'i64.shl', 0x86	 	 
+		addop 'i64.shr_s', 0x87	 	 
+		addop 'i64.shr_u', 0x88	 	 
+		addop 'i64.rotl', 0x89	 	 
+		addop 'i64.rotr', 0x8a	 	 
+		addop 'f32.abs', 0x8b	 	 
+		addop 'f32.neg', 0x8c	 	 
+		addop 'f32.ceil', 0x8d	 	 
+		addop 'f32.floor', 0x8e	 	 
+		addop 'f32.trunc', 0x8f	 	 
+		addop 'f32.nearest', 0x90	 	 
+		addop 'f32.sqrt', 0x91	 	 
+		addop 'f32.add', 0x92	 	 
+		addop 'f32.sub', 0x93	 	 
+		addop 'f32.mul', 0x94	 	 
+		addop 'f32.div', 0x95	 	 
+		addop 'f32.min', 0x96	 	 
+		addop 'f32.max', 0x97	 	 
+		addop 'f32.copysign', 0x98	 	 
+		addop 'f64.abs', 0x99	 	 
+		addop 'f64.neg', 0x9a	 	 
+		addop 'f64.ceil', 0x9b	 	 
+		addop 'f64.floor', 0x9c	 	 
+		addop 'f64.trunc', 0x9d	 	 
+		addop 'f64.nearest', 0x9e	 	 
+		addop 'f64.sqrt', 0x9f	 	 
+		addop 'f64.add', 0xa0	 	 
+		addop 'f64.sub', 0xa1	 	 
+		addop 'f64.mul', 0xa2	 	 
+		addop 'f64.div', 0xa3	 	 
+		addop 'f64.min', 0xa4	 	 
+		addop 'f64.max', 0xa5	 	 
+		addop 'f64.copysign', 0xa6	 	 
+
+		addop 'i32.wrap/i64', 0xa7	 	 
+		addop 'i32.trunc_s/f32', 0xa8	 	 
+		addop 'i32.trunc_u/f32', 0xa9	 	 
+		addop 'i32.trunc_s/f64', 0xaa	 	 
+		addop 'i32.trunc_u/f64', 0xab	 	 
+		addop 'i64.extend_s/i32', 0xac	 	 
+		addop 'i64.extend_u/i32', 0xad	 	 
+		addop 'i64.trunc_s/f32', 0xae	 	 
+		addop 'i64.trunc_u/f32', 0xaf	 	 
+		addop 'i64.trunc_s/f64', 0xb0	 	 
+		addop 'i64.trunc_u/f64', 0xb1	 	 
+		addop 'f32.convert_s/i32', 0xb2	 	 
+		addop 'f32.convert_u/i32', 0xb3	 	 
+		addop 'f32.convert_s/i64', 0xb4	 	 
+		addop 'f32.convert_u/i64', 0xb5	 	 
+		addop 'f32.demote/f64', 0xb6	 	 
+		addop 'f64.convert_s/i32', 0xb7	 	 
+		addop 'f64.convert_u/i32', 0xb8	 	 
+		addop 'f64.convert_s/i64', 0xb9	 	 
+		addop 'f64.convert_u/i64', 0xba	 	 
+		addop 'f64.promote/f32', 0xbb	 	 
+
+		addop 'i32.reinterpret/f32', 0xbc	 	 
+		addop 'i64.reinterpret/f64', 0xbd	 	 
+		addop 'f32.reinterpret/i32', 0xbe	 	 
+		addop 'f64.reinterpret/i64', 0xbf
+	end
+
+end
+end

data/metasm/cpu/x86_64.rb

@@ -0,0 +1,15 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+
+class Metasm::X86_64 < Metasm::Ia32
+end
+
+require 'metasm/main'
+require 'metasm/cpu/x86_64/parse'
+require 'metasm/cpu/x86_64/encode'
+require 'metasm/cpu/x86_64/decode'
+require 'metasm/cpu/x86_64/render'
+require 'metasm/cpu/x86_64/debug'
+require 'metasm/cpu/x86_64/compile_c'

data/{lib/metasm → metasm/cpu}/x86_64/compile_c.rb

@@ -4,7 +4,7 @@
 #    Licence is LGPL, see LICENCE in the top-level directory
 
 
-require 'metasm/x86_64/parse'
+require 'metasm/cpu/x86_64/parse'
 require 'metasm/compile_c'
 
 module Metasm
@@ -32,6 +32,8 @@ class CCompiler < C::Compiler
 		attr_accessor :regargs
 		# stack space reserved for subfunction in ABI
 		attr_accessor :args_space
+		# ensure stack is 16byte aligned before calls
+		attr_accessor :stack_align16
 		# list of reg values that are not kept across function call
 		attr_accessor :abi_flushregs_call
 		# list of regs we can trash without restoring them
@@ -52,6 +54,7 @@ class CCompiler < C::Compiler
 			@bound = {}
 			@regargs = []
 			@args_space = 0
+			@stack_align16 = true
 			@abi_flushregs_call = [0, 1, 2, 6, 7, 8, 9, 10, 11]
 			@abi_trashregs = @abi_flushregs_call.dup
 		end
@@ -236,7 +239,7 @@ class CCompiler < C::Compiler
 				e2
 			elsif type.float?
 				raise 'float unhandled'
-			else raise
+			else raise "cannot cast #{e} to #{type}"
 			end
 		elsif e.kind_of? Address
 			make_volatile resolve_address(e), type, rsz
@@ -247,6 +250,7 @@ class CCompiler < C::Compiler
 				e2
 			elsif type.float?
 				raise 'float unhandled'
+			else raise "cannot cast #{e} to #{type}"
 			end
 		else
 			e
@@ -262,7 +266,7 @@ class CCompiler < C::Compiler
 			elsif i >= (1<<64)-0x8000_0000
 				v = Expression[Expression.make_signed(i, 64)]
 			else
-				v = make_volatile(v)
+				v = make_volatile(v, C::BaseType.new(:int))
 				unuse v
 			end
 		end
@@ -417,7 +421,6 @@ class CCompiler < C::Compiler
 					r = reg
 				end
 			end
-		else raise
 		end
 		r
 	end
@@ -491,7 +494,9 @@ class CCompiler < C::Compiler
 						unuse l
 						l = Address.new(l.modrm.dup)
 						inuse l
-						if l.modrm.b
+						if (l.modrm.b and l.modrm.b.val == 16) or (l.modrm.i and l.modrm.i.val == 16)
+							# cannot encode [rip+reg+imm]
+						elsif l.modrm.b
 							if not l.modrm.i or (l.modrm.i.val == r.val and l.modrm.s == 1)
 								l.modrm.i = r
 								l.modrm.s = (l.modrm.s || 0) + 1
@@ -512,6 +517,7 @@ class CCompiler < C::Compiler
 					end
 				when :-
 					r = c_cexpr_inner(expr.rexpr)
+					r = resolve_address r if r.kind_of? Address
 					if r.kind_of? Expression
 						unuse l, r
 						l = Address.new(l.modrm.dup)
@@ -574,6 +580,13 @@ class CCompiler < C::Compiler
 						else
 							instr 'mov', l, Reg.new(r.val, l.sz)
 						end
+					elsif l.kind_of? ModRM and r.kind_of? Expression and l.sz == 64
+						rval = r.reduce
+						if !rval.kind_of?(Integer) or rval > 0xffff_ffff or rval < -0x8000_0000
+							r = make_volatile(r, expr.type)
+							unuse r
+						end
+						instr 'mov', l, r
 					else
 						instr 'mov', l, r
 					end
@@ -586,6 +599,7 @@ class CCompiler < C::Compiler
 			l = c_cexpr_inner(expr.lexpr)
 			l = make_volatile(l, expr.type)
 			r = c_cexpr_inner(expr.rexpr)
+			r = make_volatile(r, expr.type) if r.kind_of?(ModRM) and r.sz != l.sz
 			unuse r
 			if expr.lexpr.type.integral? or expr.lexpr.type.pointer?
 				instr 'cmp', l, i_to_i32(r)
@@ -611,7 +625,6 @@ class CCompiler < C::Compiler
 		ft = ft.pointed if ft.pointer?
 		ft = nil if not ft.kind_of? C::Function
 
-		arglist = expr.rexpr.dup
 		regargsmask = @state.regargs.dup
 		if ft
 			ft.args.each_with_index { |a, i|
@@ -638,21 +651,21 @@ class CCompiler < C::Compiler
 
 		stackargs = expr.rexpr.zip(regargsmask).map { |a, r| a if not r }.compact
 
-		# preserve 16byte stack align under windows
-		stackalign = true if (stackargs + backup).length & 1 == 1
-		instr 'push', rax if stackalign
+		stackalign = true if @state.stack_align16 and (stackargs + backup).length & 1 == 1
+		instr 'sub', Reg.new(4, @cpusz), Expression[8] if stackalign
 
 		stackargs.reverse_each { |arg|
 			raise 'arg unhandled' if not arg.type.integral? or arg.type.pointer?
 			a = c_cexpr_inner(arg)
-			a = resolve_address a if a.kind_of? Address
-			a = make_volatile(a, arg.type) if a.kind_of? ModRM and arg.type.name != :__int64
+			a = resolve_address a if a.kind_of?(Address)
+			a = make_volatile(a, arg.type) if (a.kind_of?(ModRM) and arg.type.name != :__int64) or
+							  (a.kind_of?(Expression) and (va = a.reduce) and (not va.kind_of?(::Integer) or va < -0x8000_0000 or va > 0x7fff_ffff))
 			unuse a
 			instr 'push', a
 		}
 
 		regargs_unuse = []
-		regargsmask.zip(expr.rexpr).each { |ra, arg|
+		regargsmask.zip(expr.rexpr).reverse_each { |ra, arg|
 			next if not arg or not ra
 			a = c_cexpr_inner(arg)
 			a = resolve_address a if a.kind_of? Address
@@ -666,9 +679,9 @@ class CCompiler < C::Compiler
 
 		if ft.kind_of? C::Function and ft.varargs and @state.args_space == 0
 			# gcc stores here the nr of xmm args passed, real args are passed the standard way
-			# TODO check visualstudio/ms ABI
 			instr 'xor', rax, rax
 			inuse rax
+			regargs_unuse << rax
 		end
 
 
@@ -699,6 +712,7 @@ class CCompiler < C::Compiler
 			else
 				instr 'pop', Reg.new(reg, 64)
 			end
+			inuse getreg(reg)
 		}
 		retreg
 	end
@@ -750,8 +764,10 @@ class CCompiler < C::Compiler
 
 		case op
 		when 'add', 'sub', 'and', 'or', 'xor'
-			r = make_volatile(r, type) if l.kind_of? ModRM and r.kind_of? ModRM
+			r = make_volatile(r, type) if l.kind_of?(ModRM) and r.kind_of?(ModRM)
+			r = make_volatile(r, type) if r.kind_of?(ModRM) and r.sz != l.sz	# add rax, word [moo]
 			unuse r
+			r = Reg.new(r.val, l.sz) if r.kind_of?(Reg) and l.kind_of?(ModRM) and l.sz and l.sz != r.sz     # add byte ptr [rax], bl
 			instr op, l, i_to_i32(r)
 		when 'shr', 'sar', 'shl'
 			if r.kind_of? Expression
@@ -780,6 +796,7 @@ class CCompiler < C::Compiler
 				end
 				instr 'mov', l, ll
 			else
+				r = make_volatile(r, type) if r.kind_of?(ModRM) and r.sz != l.sz
 				instr 'imul', l, r
 			end
 			unuse r
@@ -866,18 +883,21 @@ class CCompiler < C::Compiler
 			l = c_cexpr_inner(expr.lexpr)
 			r = c_cexpr_inner(expr.rexpr)
 			r = make_volatile(r, expr.type) if r.kind_of? ModRM and l.kind_of? ModRM
+			r = make_volatile(r, expr.type) if r.kind_of?(ModRM) and r.sz != l.sz
+			l = make_volatile(l, expr.type) if l.kind_of?(ModRM) and r.kind_of?(Reg) and r.sz != l.sz
 			if l.kind_of? Expression
 				o = { :< => :>, :> => :<, :>= => :<=, :<= => :>= }[o] || o
 				l, r = r, l
 			end
-			unuse l, r
 			if expr.lexpr.type.integral? or expr.lexpr.type.pointer?
-				r = Reg.new(r.val, l.sz) if r.kind_of? Reg and r.sz != l.sz	# XXX
-				instr 'cmp', l, i_to_i32(r)
+				rr = i_to_i32(r)
+				rr = Reg.new(rr.val, l.sz) if rr.kind_of? Reg and rr.sz != l.sz	# XXX
+				instr 'cmp', l, rr
 			elsif expr.lexpr.type.float?
 				raise 'float unhandled'
 			else raise 'bad comparison ' + expr.to_s
 			end
+			unuse l, r
 			op = 'j' + getcc(o, expr.lexpr.type)
 			instr op, Expression[target]
 		when :'!'
@@ -967,8 +987,7 @@ class CCompiler < C::Compiler
 		@state.dirty -= @state.abi_trashregs
 		if localspc
 			localspc = (localspc + 7) / 8 * 8
-			if @state.args_space > 0 and (localspc/8 + @state.dirty.length) & 1 == 1
-				# ensure 16-o stack align on windows
+			if @state.stack_align16 and (localspc/8 + @state.dirty.length) & 1 == 1
 				localspc += 8
 			end
 			ebp = @state.saved_rbp
@@ -987,7 +1006,7 @@ class CCompiler < C::Compiler
 				v = findvar(a)
 				instr 'mov', v, Reg.new(r, v.sz)
 			}
-		elsif @state.args_space > 0 and @state.dirty.length & 1 == 0
+		elsif @state.stack_align16 and @state.dirty.length & 1 == 0
 			instr 'sub', Reg.new(4, @cpusz), Expression[8]
 		end
 		@state.dirty.each { |reg|
@@ -1003,7 +1022,7 @@ class CCompiler < C::Compiler
 		if ebp = @state.saved_rbp
 			instr 'mov', Reg.new(4, ebp.sz), ebp
 			instr 'pop', ebp
-		elsif @state.args_space > 0 and @state.dirty.length & 1 == 0
+		elsif @state.stack_align16 and @state.dirty.length & 1 == 0
 			instr 'add', Reg.new(4, @cpusz), Expression[8]
 		end
 		instr 'ret'
@@ -1011,10 +1030,6 @@ class CCompiler < C::Compiler
 
 	def c_program_epilog
 	end
-
-	def check_reserved_name(var)
-		Reg.s_to_i[var.name] or super(var)
-	end
 end
 
 	def new_ccompiler(parser, exe=ExeFormat.new)