RubyGems - metasm - Versions diffs - 1.0.0 - Mend

metasm 1.0.0

Files changed (192) hide show

data/BUGS +11 -0
data/CREDITS +17 -0
data/README +270 -0
data/TODO +114 -0
data/doc/code_organisation.txt +146 -0
data/doc/const_missing.txt +16 -0
data/doc/core_classes.txt +75 -0
data/doc/feature_list.txt +53 -0
data/doc/index.txt +59 -0
data/doc/install_notes.txt +170 -0
data/doc/style.css +3 -0
data/doc/use_cases.txt +18 -0
data/lib/metasm.rb +80 -0
data/lib/metasm/arm.rb +12 -0
data/lib/metasm/arm/debug.rb +39 -0
data/lib/metasm/arm/decode.rb +167 -0
data/lib/metasm/arm/encode.rb +77 -0
data/lib/metasm/arm/main.rb +75 -0
data/lib/metasm/arm/opcodes.rb +177 -0
data/lib/metasm/arm/parse.rb +130 -0
data/lib/metasm/arm/render.rb +55 -0
data/lib/metasm/compile_c.rb +1457 -0
data/lib/metasm/dalvik.rb +8 -0
data/lib/metasm/dalvik/decode.rb +196 -0
data/lib/metasm/dalvik/main.rb +60 -0
data/lib/metasm/dalvik/opcodes.rb +366 -0
data/lib/metasm/decode.rb +213 -0
data/lib/metasm/decompile.rb +2659 -0
data/lib/metasm/disassemble.rb +2068 -0
data/lib/metasm/disassemble_api.rb +1280 -0
data/lib/metasm/dynldr.rb +1329 -0
data/lib/metasm/encode.rb +333 -0
data/lib/metasm/exe_format/a_out.rb +194 -0
data/lib/metasm/exe_format/autoexe.rb +82 -0
data/lib/metasm/exe_format/bflt.rb +189 -0
data/lib/metasm/exe_format/coff.rb +455 -0
data/lib/metasm/exe_format/coff_decode.rb +901 -0
data/lib/metasm/exe_format/coff_encode.rb +1078 -0
data/lib/metasm/exe_format/dex.rb +457 -0
data/lib/metasm/exe_format/dol.rb +145 -0
data/lib/metasm/exe_format/elf.rb +923 -0
data/lib/metasm/exe_format/elf_decode.rb +979 -0
data/lib/metasm/exe_format/elf_encode.rb +1375 -0
data/lib/metasm/exe_format/macho.rb +827 -0
data/lib/metasm/exe_format/main.rb +228 -0
data/lib/metasm/exe_format/mz.rb +164 -0
data/lib/metasm/exe_format/nds.rb +172 -0
data/lib/metasm/exe_format/pe.rb +437 -0
data/lib/metasm/exe_format/serialstruct.rb +246 -0
data/lib/metasm/exe_format/shellcode.rb +114 -0
data/lib/metasm/exe_format/xcoff.rb +167 -0
data/lib/metasm/gui.rb +23 -0
data/lib/metasm/gui/cstruct.rb +373 -0
data/lib/metasm/gui/dasm_coverage.rb +199 -0
data/lib/metasm/gui/dasm_decomp.rb +369 -0
data/lib/metasm/gui/dasm_funcgraph.rb +103 -0
data/lib/metasm/gui/dasm_graph.rb +1354 -0
data/lib/metasm/gui/dasm_hex.rb +543 -0
data/lib/metasm/gui/dasm_listing.rb +599 -0
data/lib/metasm/gui/dasm_main.rb +906 -0
data/lib/metasm/gui/dasm_opcodes.rb +291 -0
data/lib/metasm/gui/debug.rb +1228 -0
data/lib/metasm/gui/gtk.rb +884 -0
data/lib/metasm/gui/qt.rb +495 -0
data/lib/metasm/gui/win32.rb +3004 -0
data/lib/metasm/gui/x11.rb +621 -0
data/lib/metasm/ia32.rb +14 -0
data/lib/metasm/ia32/compile_c.rb +1523 -0
data/lib/metasm/ia32/debug.rb +193 -0
data/lib/metasm/ia32/decode.rb +1167 -0
data/lib/metasm/ia32/decompile.rb +564 -0
data/lib/metasm/ia32/encode.rb +314 -0
data/lib/metasm/ia32/main.rb +233 -0
data/lib/metasm/ia32/opcodes.rb +872 -0
data/lib/metasm/ia32/parse.rb +327 -0
data/lib/metasm/ia32/render.rb +91 -0
data/lib/metasm/main.rb +1193 -0
data/lib/metasm/mips.rb +11 -0
data/lib/metasm/mips/compile_c.rb +7 -0
data/lib/metasm/mips/decode.rb +253 -0
data/lib/metasm/mips/encode.rb +51 -0
data/lib/metasm/mips/main.rb +72 -0
data/lib/metasm/mips/opcodes.rb +443 -0
data/lib/metasm/mips/parse.rb +51 -0
data/lib/metasm/mips/render.rb +43 -0
data/lib/metasm/os/gnu_exports.rb +270 -0
data/lib/metasm/os/linux.rb +1112 -0
data/lib/metasm/os/main.rb +1686 -0
data/lib/metasm/os/remote.rb +527 -0
data/lib/metasm/os/windows.rb +2027 -0
data/lib/metasm/os/windows_exports.rb +745 -0
data/lib/metasm/parse.rb +876 -0
data/lib/metasm/parse_c.rb +3938 -0
data/lib/metasm/pic16c/decode.rb +42 -0
data/lib/metasm/pic16c/main.rb +17 -0
data/lib/metasm/pic16c/opcodes.rb +68 -0
data/lib/metasm/ppc.rb +11 -0
data/lib/metasm/ppc/decode.rb +264 -0
data/lib/metasm/ppc/decompile.rb +251 -0
data/lib/metasm/ppc/encode.rb +51 -0
data/lib/metasm/ppc/main.rb +129 -0
data/lib/metasm/ppc/opcodes.rb +410 -0
data/lib/metasm/ppc/parse.rb +52 -0
data/lib/metasm/preprocessor.rb +1277 -0
data/lib/metasm/render.rb +130 -0
data/lib/metasm/sh4.rb +8 -0
data/lib/metasm/sh4/decode.rb +336 -0
data/lib/metasm/sh4/main.rb +292 -0
data/lib/metasm/sh4/opcodes.rb +381 -0
data/lib/metasm/x86_64.rb +12 -0
data/lib/metasm/x86_64/compile_c.rb +1025 -0
data/lib/metasm/x86_64/debug.rb +59 -0
data/lib/metasm/x86_64/decode.rb +268 -0
data/lib/metasm/x86_64/encode.rb +264 -0
data/lib/metasm/x86_64/main.rb +135 -0
data/lib/metasm/x86_64/opcodes.rb +118 -0
data/lib/metasm/x86_64/parse.rb +68 -0
data/misc/bottleneck.rb +61 -0
data/misc/cheader-findpppath.rb +58 -0
data/misc/hexdiff.rb +74 -0
data/misc/hexdump.rb +55 -0
data/misc/metasm-all.rb +13 -0
data/misc/objdiff.rb +47 -0
data/misc/objscan.rb +40 -0
data/misc/pdfparse.rb +661 -0
data/misc/ppc_pdf2oplist.rb +192 -0
data/misc/tcp_proxy_hex.rb +84 -0
data/misc/txt2html.rb +440 -0
data/samples/a.out.rb +31 -0
data/samples/asmsyntax.rb +77 -0
data/samples/bindiff.rb +555 -0
data/samples/compilation-steps.rb +49 -0
data/samples/cparser_makestackoffset.rb +55 -0
data/samples/dasm-backtrack.rb +38 -0
data/samples/dasmnavig.rb +318 -0
data/samples/dbg-apihook.rb +228 -0
data/samples/dbghelp.rb +143 -0
data/samples/disassemble-gui.rb +102 -0
data/samples/disassemble.rb +133 -0
data/samples/dump_upx.rb +95 -0
data/samples/dynamic_ruby.rb +1929 -0
data/samples/elf_list_needed.rb +46 -0
data/samples/elf_listexports.rb +33 -0
data/samples/elfencode.rb +25 -0
data/samples/exeencode.rb +128 -0
data/samples/factorize-headers-elfimports.rb +77 -0
data/samples/factorize-headers-peimports.rb +109 -0
data/samples/factorize-headers.rb +43 -0
data/samples/gdbclient.rb +583 -0
data/samples/generate_libsigs.rb +102 -0
data/samples/hotfix_gtk_dbg.rb +59 -0
data/samples/install_win_env.rb +78 -0
data/samples/lindebug.rb +924 -0
data/samples/linux_injectsyscall.rb +95 -0
data/samples/machoencode.rb +31 -0
data/samples/metasm-shell.rb +91 -0
data/samples/pe-hook.rb +69 -0
data/samples/pe-ia32-cpuid.rb +203 -0
data/samples/pe-mips.rb +35 -0
data/samples/pe-shutdown.rb +78 -0
data/samples/pe-testrelocs.rb +51 -0
data/samples/pe-testrsrc.rb +24 -0
data/samples/pe_listexports.rb +31 -0
data/samples/peencode.rb +19 -0
data/samples/peldr.rb +494 -0
data/samples/preprocess-flatten.rb +19 -0
data/samples/r0trace.rb +308 -0
data/samples/rubstop.rb +399 -0
data/samples/scan_pt_gnu_stack.rb +54 -0
data/samples/scanpeexports.rb +62 -0
data/samples/shellcode-c.rb +40 -0
data/samples/shellcode-dynlink.rb +146 -0
data/samples/source.asm +34 -0
data/samples/struct_offset.rb +47 -0
data/samples/testpe.rb +32 -0
data/samples/testraw.rb +45 -0
data/samples/win32genloader.rb +132 -0
data/samples/win32hooker-advanced.rb +169 -0
data/samples/win32hooker.rb +96 -0
data/samples/win32livedasm.rb +33 -0
data/samples/win32remotescan.rb +133 -0
data/samples/wintrace.rb +92 -0
data/tests/all.rb +8 -0
data/tests/dasm.rb +39 -0
data/tests/dynldr.rb +35 -0
data/tests/encodeddata.rb +132 -0
data/tests/ia32.rb +82 -0
data/tests/mips.rb +116 -0
data/tests/parse_c.rb +239 -0
data/tests/preprocessor.rb +269 -0
data/tests/x86_64.rb +62 -0
metadata +255 -0

@@ -0,0 +1,8 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+require 'metasm/main'
+require 'metasm/dalvik/decode'

data/lib/metasm/dalvik/decode.rb ADDED

@@ -0,0 +1,196 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+require 'metasm/dalvik/opcodes'
+require 'metasm/decode'
+module Metasm
+class Dalvik
+	def build_bin_lookaside
+	end
+	def decode_findopcode(edata)
+		return if edata.ptr >= edata.data.length
+		di = DecodedInstruction.new(self)
+		di.opcode = opcode_list[edata.decode_imm(:u16, @endianness) & 0xff]
+		edata.ptr -= 2
+		di
+	end
+	def decode_instr_op(edata, di)
+		op = di.opcode
+		di.instruction.opname = op.name
+		val = [edata.decode_imm(:u16, @endianness)]
+		op.args.each { |a|
+			di.instruction.args << case a
+			when :i16
+				val << edata.decode_imm(:i16, @endianness)
+				Expression[val.last]
+			when :u16
+				val << edata.decode_imm(:u16, @endianness)
+				Expression[val.last]
+			when :r16
+				val << edata.decode_imm(:u16, @endianness)
+				Reg.new(val.last)
+			when :i16_32hi
+				val << edata.decode_imm(:i16, @endianness)
+				Expression[val.last << 16]
+			when :i16_64hi
+				val << edata.decode_imm(:i16, @endianness)
+				Expression[val.last << 48]
+			when :i32
+				val << edata.decode_imm(:u16, @endianness)
+				val << edata.decode_imm(:i16, @endianness)
+				Expression[val[-2] | (val[-1] << 16)]
+			when :u32
+				val << edata.decode_imm(:u16, @endianness)
+				val << edata.decode_imm(:u16, @endianness)
+				Expression[val[-2] | (val[-1] << 16)]
+			when :u64
+				val << edata.decode_imm(:u16, @endianness)
+				val << edata.decode_imm(:u16, @endianness)
+				val << edata.decode_imm(:u16, @endianness)
+				val << edata.decode_imm(:u16, @endianness)
+				Expression[val[-4] | (val[-3] << 16) | (val[-2] << 32) | (val[-1] << 48)]
+			when :ra
+				Reg.new((val[0] >> 8) & 0xf)
+			when :rb
+				Reg.new((val[0] >> 12) & 0xf)
+			when :ib
+				Expression[Expression.make_signed((val[0] >> 12) & 0xf, 4)]
+			when :raa
+				Reg.new((val[0] >> 8) & 0xff)
+			when :iaa
+				Expression[Expression.make_signed((val[0] >> 8) & 0xff, 8)]
+			when :rbb
+				val[1] ||= edata.decode_imm(:u16, @endianness)
+				Reg.new(val[1] & 0xff)
+			when :ibb
+				val[1] ||= edata.decode_imm(:u16, @endianness)
+				Expression[Expression.make_signed(val[1] & 0xff, 8)]
+			when :rcc
+				val[1] ||= edata.decode_imm(:u16, @endianness)
+				Reg.new((val[1] >> 8) & 0xff)
+			when :icc
+				val[1] ||= edata.decode_imm(:u16, @endianness)
+				Expression[Expression.make_signed((val[1] >> 8) & 0xff, 8)]
+			when :rlist4, :rlist5
+				cnt = (val[0] >> 12) & 0xf
+			       	val << edata.decode_imm(:u16, @endianness)
+				[cnt, 4].min.times {
+					di.instruction.args << Reg.new(val[-1] & 0xf)
+					val[-1] >>= 4
+				}
+				di.instruction.args << Reg.new((val[0] >> 8) & 0xf) if cnt > 4
+				next
+			when :rlist16
+				cnt = (val[0] >> 8) & 0xff
+				val << edata.decode_imm(:u16, @endianness)
+				cnt.times { |c|
+					di.instruction.args << Reg.new(val[-1] + c)
+				}
+				next
+			when :m16
+				val << edata.decode_imm(:u16, @endianness)
+				Method.new(@dex, val.last)
+			else raise SyntaxError, "Internal error: invalid argument #{a} in #{op.name}"
+			end
+		}
+		di.bin_length = val.length*2
+		di
+	end
+	def backtrace_binding
+		@backtrace_binding ||= init_backtrace_binding
+	end
+	def init_backtrace_binding
+		@backtrace_binding ||= {}
+		sz = @size/8
+		@opcode_list.each { |op|
+			case op.name
+			when /invoke/
+				@backtrace_binding[op.name] = lambda { |di, *args| {
+					:callstack => Expression[:callstack, :-, sz],
+					Indirection[:callstack, sz] => Expression[di.next_addr]
+				} }
+			when /return/
+				@backtrace_binding[op.name] = lambda { |di, *args| {
+			       		:callstack => Expression[:callstack, :+, sz]
+				} }
+			end
+		}
+		@backtrace_binding
+	end
+	def get_backtrace_binding(di)
+		a = di.instruction.args.map { |arg|
+			case arg
+			when Reg; arg.symbolic
+			else arg
+			end
+		}
+		if binding = backtrace_binding[di.opcode.name]
+			bd = binding[di, *a]
+		else
+			puts "unhandled instruction to backtrace: #{di}" if $VERBOSE
+			# assume nothing except the 1st arg is modified
+			case a[0]
+			when Indirection, Symbol; { a[0] => Expression::Unknown }
+			when Expression; (x = a[0].externals.first) ? { x => Expression::Unknown } : {}
+			else {}
+			end.update(:incomplete_binding => Expression[1])
+		end
+	end
+	def get_xrefs_x(dasm, di)
+		if di.opcode.props[:saveip]
+			m = di.instruction.args.first
+			if m.kind_of? Method and m.off
+				[m.off]
+			else
+				[:default]
+			end
+		elsif di.opcode.props[:setip]
+			if di.opcode.name =~ /return/
+				[Indirection[:callstack, @size/8]]
+			else
+				[]	# [di.instruction.args.last]
+			end
+		else
+			[]
+		end
+	end
+	# returns a DecodedFunction suitable for :default
+	# uses disassembler_default_bt{for/bind}_callback
+	def disassembler_default_func
+		df = DecodedFunction.new
+		ra = Indirection[:callstack, @size/8]
+		df.backtracked_for << BacktraceTrace.new(ra, :default, ra, :x, nil)
+		df.backtrace_binding[:callstack] = Expression[:callstack, :+, @size/8]
+		df.btfor_callback = lambda { |dasm, btfor, funcaddr, calladdr|
+			if funcaddr != :default
+				btfor
+			elsif di = dasm.decoded[calladdr] and di.opcode.props[:saveip]
+				btfor
+			else []
+			end
+		}
+		df
+	end
+	def backtrace_is_function_return(expr, di=nil)
+		expr and Expression[expr] == Expression[Indirection[:callstack, @size/8]]
+	end
+end
+end

data/lib/metasm/dalvik/main.rb ADDED

@@ -0,0 +1,60 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+require 'metasm/main'
+module Metasm
+class Dalvik < CPU
+	class Reg
+		attr_accessor :i
+		def initialize(i)
+			@i = i
+		end
+		def symbolic
+			"r#@i".to_sym
+		end
+		def to_s
+			"r#@i"
+		end
+	end
+	class Method
+		attr_accessor :dex, :midx, :off
+		def initialize(dex, midx)
+			@dex = dex
+			@midx = midx
+			if @dex and m = @dex.methods[midx] and c = @dex.classes[m.classidx] and c.data and
+				me = (c.data.direct_methods+c.data.virtual_methods).find { |mm| mm.method == m }
+				@off = me.codeoff + me.code.insns_off
+			end
+		end
+		def to_s
+			if @dex and m = @dex.methods[@midx]
+				@dex.types[m.classidx] + '->' + @dex.strings[m.nameidx]
+				#dex.encoded.inv_export[@off]
+			else
+				"method_#@midx"
+			end
+		end
+	end
+	def initialize(*args)
+		super()
+		@size = args.grep(Integer).first || 32
+		@dex = args.grep(ExeFormat).first
+		@endianness = args.delete(:little) || args.delete(:big) || (@dex ? @dex.endianness : :little)
+	end
+	def init_opcode_list
+		init_latest
+		@opcode_list
+	end
+end
+end

data/lib/metasm/dalvik/opcodes.rb ADDED

@@ -0,0 +1,366 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+# the Dalvik binary format, aka android java backend bytecode
+# this file was generated using the android source tree, as reference,
+# specifically dalvik/libdex/InstrUtils.c
+# the binary opcode format is 16 bit word-based
+# the opcode number is in the low-order byte, and determines the
+# argument format, which may take up to 4 other words
+require 'metasm/dalvik/main'
+module Metasm
+class Dalvik
+	OPCODES = %w[nop move move_from16 move_16 move_wide move_wide_from16
+move_wide_16 move_object move_object_from16 move_object_16 move_result
+move_result_wide move_result_object move_exception
+return_void return return_wide return_object
+const_4 const_16 const const_high16 const_wide_16 const_wide_32
+const_wide const_wide_high16 const_string const_string_jumbo const_class
+monitor_enter monitor_exit check_cast instance_of array_length
+new_instance new_array filled_new_array filled_new_array_range fill_array_data
+throw goto goto_16 goto_32 packed_switch sparse_switch
+cmpl_float cmpg_float cmpl_double cmpg_double cmp_long
+if_eq if_ne if_lt if_ge if_gt if_le if_eqz if_nez if_ltz if_gez if_gtz if_lez
+unused_3e unused_3f unused_40 unused_41 unused_42 unused_43
+aget aget_wide aget_object aget_boolean aget_byte aget_char aget_short
+aput aput_wide aput_object aput_boolean aput_byte aput_char aput_short
+iget iget_wide iget_object iget_boolean iget_byte iget_char iget_short
+iput iput_wide iput_object iput_boolean iput_byte iput_char iput_short
+sget sget_wide sget_object sget_boolean sget_byte sget_char sget_short
+sput sput_wide sput_object sput_boolean sput_byte sput_char sput_short
+invoke_virtual invoke_super invoke_direct invoke_static invoke_interface
+unused_73
+invoke_virtual_range invoke_super_range invoke_direct_range invoke_static_range invoke_interface_range
+unused_79 unused_7a
+neg_int not_int neg_long not_long neg_float neg_double
+int_to_long int_to_float int_to_double long_to_int long_to_float long_to_double
+float_to_int float_to_long float_to_double double_to_int double_to_long
+double_to_float int_to_byte int_to_char int_to_short
+add_int sub_int mul_int div_int rem_int and_int or_int xor_int shl_int shr_int ushr_int
+add_long sub_long mul_long div_long rem_long and_long or_long xor_long shl_long shr_long ushr_long
+add_float sub_float mul_float div_float rem_float
+add_double sub_double mul_double div_double rem_double
+add_int_2addr sub_int_2addr mul_int_2addr div_int_2addr rem_int_2addr
+and_int_2addr or_int_2addr xor_int_2addr shl_int_2addr shr_int_2addr ushr_int_2addr
+add_long_2addr sub_long_2addr mul_long_2addr div_long_2addr rem_long_2addr
+and_long_2addr or_long_2addr xor_long_2addr shl_long_2addr shr_long_2addr ushr_long_2addr
+add_float_2addr sub_float_2addr mul_float_2addr div_float_2addr rem_float_2addr
+add_double_2addr sub_double_2addr mul_double_2addr div_double_2addr rem_double_2addr
+add_int_lit16 rsub_int mul_int_lit16 div_int_lit16 rem_int_lit16 and_int_lit16 or_int_lit16 xor_int_lit16
+add_int_lit8 rsub_int_lit8 mul_int_lit8 div_int_lit8 rem_int_lit8 and_int_lit8 or_int_lit8 xor_int_lit8
+shl_int_lit8 shr_int_lit8 ushr_int_lit8
+unused_e3 unused_e4 unused_e5 unused_e6 unused_e7 unused_e8 unused_e9 unused_ea unused_eb unused_ec
+throw_verification_error execute_inline unused_ef invoke_direct_empty unused_f1
+iget_quick iget_wide_quick iget_object_quick iput_quick iput_wide_quick iput_object_quick
+invoke_virtual_quick invoke_virtual_quick_range invoke_super_quick invoke_super_quick_range
+unused_fc unused_fd unused_fe unused_ff]
+	def init_dalvik
+		@valid_props << :canthrow
+		@valid_args = [:i16, :i16_32hi, :i16_64hi, :i32, :iaa, :ib, :icc, :u16, :u32, :u64,
+			:r16, :ra, :raa, :rb, :rbb, :rcc, :rlist16, :rlist4, :rlist5, :m16]
+		@opcode_list = []
+		OPCODES.each_with_index { |n, b|
+			op = Opcode.new(n, b)
+			addop_args(op)
+			addop_props(op)
+			@opcode_list << op
+		}
+		raise "Internal error #{@opcode_list.length}" if @opcode_list.length != 256
+	end
+	alias init_latest init_dalvik
+	def addop_args(op)
+		fmt = case op.name
+		when 'goto'
+  			:fmt10t
+		when 'nop', 'return_void'
+			:fmt10x
+		when 'const_4'
+			:fmt11n
+		when 'const_high16'
+			:fmt21h
+		when 'const_wide_high16'
+			:fmt21hh
+		when 'move_result', 'move_result_wide', 'move_result_object',
+			'move_exception', 'return', 'return_wide',
+			'return_object', 'monitor_enter', 'monitor_exit',
+			'throw'
+			:fmt11x
+		when 'move', 'move_wide', 'move_object', 'array_length',
+			'neg_int', 'not_int', 'neg_long', 'not_long',
+			'neg_float', 'neg_double', 'int_to_long',
+			'int_to_float', 'int_to_double', 'long_to_int',
+			'long_to_float', 'long_to_double', 'float_to_int',
+			'float_to_long', 'float_to_double', 'double_to_int',
+			'double_to_long', 'double_to_float', 'int_to_byte',
+			'int_to_char', 'int_to_short', 'add_int_2addr',
+			'sub_int_2addr', 'mul_int_2addr', 'div_int_2addr',
+			'rem_int_2addr', 'and_int_2addr', 'or_int_2addr',
+			'xor_int_2addr', 'shl_int_2addr', 'shr_int_2addr',
+			'ushr_int_2addr', 'add_long_2addr', 'sub_long_2addr',
+			'mul_long_2addr', 'div_long_2addr', 'rem_long_2addr',
+			'and_long_2addr', 'or_long_2addr', 'xor_long_2addr',
+			'shl_long_2addr', 'shr_long_2addr', 'ushr_long_2addr',
+			'add_float_2addr', 'sub_float_2addr', 'mul_float_2addr',
+			'div_float_2addr', 'rem_float_2addr',
+			'add_double_2addr', 'sub_double_2addr',
+			'mul_double_2addr', 'div_double_2addr',
+			'rem_double_2addr'
+			:fmt12x
+		when 'goto_16'
+			:fmt20t
+		when 'goto_32'
+			:fmt30t
+		when 'const_string', 'const_class', 'check_cast',
+			'new_instance', 'sget', 'sget_wide', 'sget_object',
+			'sget_boolean', 'sget_byte', 'sget_char', 'sget_short',
+			'sput', 'sput_wide', 'sput_object', 'sput_boolean',
+			'sput_byte', 'sput_char', 'sput_short'
+			:fmt21c
+		when 'const_16', 'const_wide_16'
+			:fmt21s
+		when 'if_eqz', 'if_nez', 'if_ltz', 'if_gez', 'if_gtz', 'if_lez'
+			:fmt21t
+		when 'fill_array_data', 'packed_switch', 'sparse_switch'
+			:fmt31t
+		when 'add_int_lit8', 'rsub_int_lit8', 'mul_int_lit8',
+			'div_int_lit8', 'rem_int_lit8', 'and_int_lit8',
+			'or_int_lit8', 'xor_int_lit8', 'shl_int_lit8',
+			'shr_int_lit8', 'ushr_int_lit8'
+			:fmt22b
+		when 'instance_of', 'new_array', 'iget', 'iget_wide',
+			'iget_object', 'iget_boolean', 'iget_byte',
+			'iget_char', 'iget_short', 'iput', 'iput_wide',
+			'iput_object', 'iput_boolean', 'iput_byte',
+			'iput_char', 'iput_short'
+			:fmt22c
+		when 'add_int_lit16', 'rsub_int', 'mul_int_lit16',
+			'div_int_lit16', 'rem_int_lit16', 'and_int_lit16',
+			'or_int_lit16', 'xor_int_lit16'
+			:fmt22s
+		when 'if_eq', 'if_ne', 'if_lt', 'if_ge', 'if_gt', 'if_le'
+			:fmt22t
+		when 'move_from16', 'move_wide_from16', 'move_object_from16'
+			:fmt22x
+		when 'cmpl_float', 'cmpg_float', 'cmpl_double', 'cmpg_double',
+			'cmp_long', 'aget', 'aget_wide', 'aget_object',
+			'aget_boolean', 'aget_byte', 'aget_char', 'aget_short',
+			'aput', 'aput_wide', 'aput_object', 'aput_boolean',
+			'aput_byte', 'aput_char', 'aput_short', 'add_int',
+			'sub_int', 'mul_int', 'div_int', 'rem_int', 'and_int',
+			'or_int', 'xor_int', 'shl_int', 'shr_int', 'ushr_int',
+			'add_long', 'sub_long', 'mul_long', 'div_long',
+			'rem_long', 'and_long', 'or_long', 'xor_long',
+			'shl_long', 'shr_long', 'ushr_long', 'add_float',
+			'sub_float', 'mul_float', 'div_float', 'rem_float',
+			'add_double', 'sub_double', 'mul_double', 'div_double',
+			'rem_double'
+			:fmt23x
+		when 'const', 'const_wide_32'
+			:fmt31i
+		when 'const_string_jumbo'
+			:fmt31c
+		when 'move_16', 'move_wide_16', 'move_object_16'
+			:fmt32x
+		when 'filled_new_array'
+			:fmt35ca
+		when 'invoke_virtual', 'invoke_super',
+			'invoke_direct', 'invoke_static', 'invoke_interface'
+			:fmt35c
+		when 'filled_new_array_range', 'invoke_virtual_range',
+			'invoke_super_range', 'invoke_direct_range',
+			'invoke_static_range', 'invoke_interface_range'
+			:fmt3rc
+		when 'const_wide'
+			:fmt51l
+		when 'throw_verification_error'
+			:fmt20bc
+		when 'iget_quick', 'iget_wide_quick', 'iget_object_quick',
+			'iput_quick', 'iput_wide_quick', 'iput_object_quick'
+			:fmt22cs
+		when 'invoke_virtual_quick', 'invoke_super_quick'
+			:fmt35ms
+		when 'invoke_virtual_quick_range', 'invoke_super_quick_range'
+			:fmt3rms
+		when 'execute_inline'
+			:fmt3inline
+		when 'invoke_direct_empty'
+			:fmt35c
+		when 'unused_3e', 'unused_3f', 'unused_40', 'unused_41',
+			'unused_42', 'unused_43', 'unused_73', 'unused_79',
+			'unused_7a', 'unused_e3', 'unused_e4', 'unused_e5',
+			'unused_e6', 'unused_e7', 'unused_e8', 'unused_e9',
+			'unused_ea', 'unused_eb', 'unused_ec', 'unused_ef',
+			'unused_f1', 'unused_fc', 'unused_fd', 'unused_fe',
+			'unused_ff'
+			:fmtUnknown
+		else
+			raise "Internal error #{op.name}"
+		end
+		case fmt
+		when :fmt10x; op.args << :iaa
+		when :fmt12x; op.args << :ra << :rb
+		when :fmt11n; op.args << :ra << :ib
+		when :fmt11x; op.args << :raa
+		when :fmt10t; op.args << :iaa
+		when :fmt20t; op.args << :i16
+		when :fmt20bc; op.args << :iaa << :u16
+		when :fmt21c; op.args << :raa << :u16
+		when :fmt22x; op.args << :raa << :r16
+		when :fmt21s, :fmt21t; op.args << :raa << :i16
+		when :fmt21h; op.args << :raa << :i16_32hi
+		when :fmt21hh; op.args << :raa << :i16_64hi
+		when :fmt23x; op.args << :raa << :rbb << :rcc
+		when :fmt22b; op.args << :raa << :rbb << :icc
+		when :fmt22s, :fmt22t; op.args << :ra << :rb << :i16
+		when :fmt22c, :fmt22cs; op.args << :ra << :rb << :u16
+		when :fmt30t; op.args << :i32
+		when :fmt31t, :fmt31c; op.args << :raa << :u32
+		when :fmt32x; op.args << :r16 << :r16
+		when :fmt31i; op.args << :raa << :i32
+		when :fmt35ca
+			op.args << :r16 << :rlist5
+		when :fmt35c, :fmt35ms
+			# rlist:
+			#  nr of regs in :ib (max 5)
+			#  regs: :ib.times { reg :i16 & 0xf ; :i16 >>= 4 }
+			#  reg :ra if :ib == 5
+			op.args << :m16 << :rlist5
+		when :fmt3inline
+			op.args << :r16 << :rlist4
+		when :fmt3rc, :fmt3rms
+		       	# rlist = :r16, :r16+1, :r16+2, ..., :r16+:iaa-1
+			op.args << :r16 << :rlist16
+		when :fmt51l
+			# u64 = u16 | (u16 << 16) | ...
+			op.args << :raa << :u64
+		when :fmtUnknown
+			op.args << :iaa
+		else
+			raise "Internal error #{fmt.inspect}"
+		end
+	end
+	def addop_props(op)
+		case op.name
+		when 'nop', 'move', 'move_from16', 'move_16', 'move_wide',
+			'move_wide_from16', 'move_wide_16', 'move_object',
+			'move_object_from16', 'move_object_16', 'move_result',
+			'move_result_wide', 'move_result_object',
+			'move_exception', 'const_4', 'const_16', 'const',
+			'const_high16', 'const_wide_16', 'const_wide_32',
+			'const_wide', 'const_wide_high16', 'fill_array_data',
+			'cmpl_float', 'cmpg_float', 'cmpl_double',
+			'cmpg_double', 'cmp_long', 'neg_int', 'not_int',
+			'neg_long', 'not_long', 'neg_float', 'neg_double',
+			'int_to_long', 'int_to_float', 'int_to_double',
+			'long_to_int', 'long_to_float', 'long_to_double',
+			'float_to_int', 'float_to_long', 'float_to_double',
+			'double_to_int', 'double_to_long', 'double_to_float',
+			'int_to_byte', 'int_to_char', 'int_to_short', 'add_int',
+			'sub_int', 'mul_int', 'and_int', 'or_int', 'xor_int',
+			'shl_int', 'shr_int', 'ushr_int', 'add_long',
+			'sub_long', 'mul_long', 'and_long', 'or_long',
+			'xor_long', 'shl_long', 'shr_long', 'ushr_long',
+			'add_float', 'sub_float', 'mul_float', 'div_float',
+			'rem_float', 'add_double', 'sub_double', 'mul_double',
+			'div_double', 'rem_double', 'add_int_2addr',
+			'sub_int_2addr', 'mul_int_2addr', 'and_int_2addr',
+			'or_int_2addr', 'xor_int_2addr', 'shl_int_2addr',
+			'shr_int_2addr', 'ushr_int_2addr', 'add_long_2addr',
+			'sub_long_2addr', 'mul_long_2addr', 'and_long_2addr',
+			'or_long_2addr', 'xor_long_2addr', 'shl_long_2addr',
+			'shr_long_2addr', 'ushr_long_2addr', 'add_float_2addr',
+			'sub_float_2addr', 'mul_float_2addr', 'div_float_2addr',
+			'rem_float_2addr', 'add_double_2addr',
+			'sub_double_2addr', 'mul_double_2addr',
+			'div_double_2addr', 'rem_double_2addr', 'add_int_lit16',
+			'rsub_int', 'mul_int_lit16', 'and_int_lit16',
+			'or_int_lit16', 'xor_int_lit16', 'add_int_lit8',
+			'rsub_int_lit8', 'mul_int_lit8', 'and_int_lit8',
+			'or_int_lit8', 'xor_int_lit8', 'shl_int_lit8',
+			'shr_int_lit8', 'ushr_int_lit8'
+			# normal opcode, continues to next, nothing raised
+		when 'const_string', 'const_string_jumbo', 'const_class',
+			'monitor_enter', 'monitor_exit', 'check_cast',
+			'instance_of', 'array_length', 'new_instance',
+			'new_array', 'filled_new_array',
+			'filled_new_array_range', 'aget', 'aget_boolean',
+			'aget_byte', 'aget_char', 'aget_short', 'aget_wide',
+			'aget_object', 'aput', 'aput_boolean', 'aput_byte',
+			'aput_char', 'aput_short', 'aput_wide', 'aput_object',
+			'iget', 'iget_boolean', 'iget_byte', 'iget_char',
+			'iget_short', 'iget_wide', 'iget_object', 'iput',
+			'iput_boolean', 'iput_byte', 'iput_char', 'iput_short',
+			'iput_wide', 'iput_object', 'sget', 'sget_boolean',
+			'sget_byte', 'sget_char', 'sget_short', 'sget_wide',
+			'sget_object', 'sput', 'sput_boolean', 'sput_byte',
+			'sput_char', 'sput_short', 'sput_wide', 'sput_object',
+			'div_int', 'rem_int', 'div_long', 'rem_long',
+			'div_int_2addr', 'rem_int_2addr', 'div_long_2addr',
+			'rem_long_2addr', 'div_int_lit16', 'rem_int_lit16',
+			'div_int_lit8', 'rem_int_lit8'
+			op.props[:canthrow] = true
+		when 'invoke_virtual', 'invoke_virtual_range', 'invoke_super',
+			'invoke_super_range', 'invoke_direct',
+			'invoke_direct_range', 'invoke_static',
+			'invoke_static_range', 'invoke_interface',
+			'invoke_interface_range'
+			op.props[:canthrow] = true
+			op.props[:saveip] = true
+			op.props[:setip] = true
+			op.props[:stopexec] = true
+		when 'return_void', 'return', 'return_wide', 'return_object'
+			op.props[:setip] = true
+			op.props[:stopexec] = true
+		when 'throw'
+			op.props[:canthrow] = true
+			op.props[:stopexec] = true
+		when 'goto', 'goto_16', 'goto_32'
+			op.props[:setip] = true
+			op.props[:stopexec] = true
+		when 'if_eq', 'if_ne', 'if_lt', 'if_ge', 'if_gt', 'if_le',
+			'if_eqz', 'if_nez', 'if_ltz', 'if_gez', 'if_gtz',
+			'if_lez'
+			op.props[:setip] = true
+		when 'packed_switch', 'sparse_switch'
+			op.props[:setip] = true	# if no table match, nostopexec
+			op.props[:setip] = true
+		when 'throw_verification_error'
+			op.props[:canthrow] = true
+			op.props[:stopexec] = true
+		when 'execute_inline'
+		when 'iget_quick', 'iget_wide_quick', 'iget_object_quick',
+			'iput_quick', 'iput_wide_quick', 'iput_object_quick'
+			op.props[:canthrow] = true
+		when 'invoke_virtual_quick', 'invoke_virtual_quick_range',
+			'invoke_super_quick', 'invoke_super_quick_range',
+			'invoke_direct_empty'
+			op.props[:canthrow] = true
+			op.props[:saveip] = true
+			op.props[:setip] = true
+			op.props[:stopexec] = true
+		when 'unused_3e', 'unused_3f', 'unused_40', 'unused_41',
+			'unused_42', 'unused_43', 'unused_73', 'unused_79',
+			'unused_7a', 'unused_e3', 'unused_e4', 'unused_e5',
+			'unused_e6', 'unused_e7', 'unused_e8', 'unused_e9',
+			'unused_ea', 'unused_eb', 'unused_ec', 'unused_ef',
+			'unused_f1', 'unused_fc', 'unused_fd', 'unused_fe',
+			'unused_ff'
+			op.props[:stopexec] = true
+		else
+			raise "Internal error #{op.name}"
+		end
+	end
+end
+end