metasm 1.0.1 → 1.0.2

data/{lib/metasm → metasm/cpu}/ia32/parse.rb

@@ -4,8 +4,8 @@
 #    Licence is LGPL, see LICENCE in the top-level directory
 
 
-require 'metasm/ia32/opcodes'
-require 'metasm/ia32/encode'
+require 'metasm/cpu/ia32/opcodes'
+require 'metasm/cpu/ia32/encode'
 require 'metasm/parse'
 
 module Metasm
@@ -99,14 +99,18 @@ class ModRM
 				else
 					b = o
 				end
+			when SimdReg
+				raise otok, 'mrm: too many regs' if i
+				i = o
+				s = 1
 			when Expression
-				if o.op == :* and (o.rexpr.kind_of? Reg or o.lexpr.kind_of? Reg)
+				if o.op == :* and (o.rexpr.kind_of?(Reg) or o.lexpr.kind_of?(Reg))
 					# scaled index
 					raise otok, 'mrm: too many indexes' if i
 					s = o.lexpr
 					i = o.rexpr
 					s, i = i, s if s.kind_of? Reg
-					raise otok, 'mrm: bad scale' unless s.kind_of? Integer
+					raise otok, "mrm: bad scale #{s}" unless [1, 2, 4, 8].include?(s)
 				elsif o.op == :+
 					# recurse
 					walker[o.lexpr]
@@ -125,7 +129,9 @@ class ModRM
 		walker[regify[content.reduce]]
 
 		# ensure found immediate is really an immediate
-		raise otok, 'mrm: reg in imm' if imm.kind_of? Expression and not imm.externals.grep(Reg).empty?
+		raise otok, 'mrm: reg in imm' if imm.kind_of?(Expression) and not imm.externals.grep(Reg).empty?
+
+		raise otok, 'mrm: bad reg size' if b.kind_of?(Reg) and i.kind_of?(Reg) and b.sz != i.sz
 
 		# find default address size
 		adsz = b ? b.sz : i ? i.sz : nil
@@ -153,7 +159,6 @@ end
 	end
 
 	def parse_prefix(i, pfx)
-		# XXX check for redefinition ?
 		# implicit 'true' return value when assignment occur
 		i.prefix ||= {}
 		case pfx
@@ -163,6 +168,9 @@ end
 		when 'repne', 'repnz'; i.prefix[:rep] = 'repnz'
 		when 'code16';         i.prefix[:sz] = 16
 		when 'code32';         i.prefix[:sz] = 32
+		when 'hintjmp', 'ht';  i.prefix[:jmphint] = 'hintjmp'
+		when 'hintnojmp', 'hnt';i.prefix[:jmphint] = 'hintnojmp'
+		when /^seg_([c-g]s)$/; i.prefix[:seg] = SegReg.new(SegReg.s_to_i[$1])
 		end
 	end
 
@@ -230,17 +238,30 @@ end
 	# check if the argument matches the opcode's argument spec
 	def parse_arg_valid?(o, spec, arg)
 		if o.name ==  'movsx' or o.name == 'movzx'
-			if not arg.kind_of? Reg and not arg.kind_of? ModRM
- 				return
+			if not arg.kind_of?(Reg) and not arg.kind_of?(ModRM)
+				return
 			elsif not arg.sz
 				puts "ambiguous arg size for indirection in #{o.name}" if $VERBOSE
 				return
 			elsif spec == :reg	# reg=dst, modrm=src (smaller)
-				return (arg.kind_of? Reg and arg.sz >= 16)
+				return (arg.kind_of?(Reg) and arg.sz >= 16)
+			elsif o.props[:argsz]
+				return arg.sz == o.props[:argsz]
+			else
+				return arg.sz == 16
+			end
+		elsif o.name == 'crc32'
+			if not arg.kind_of?(Reg) and not arg.kind_of?(ModRM)
+				return
+			elsif not arg.sz
+				puts "ambiguous arg size for indirection in #{o.name}" if $VERBOSE
+				return
+			elsif spec == :reg
+				return (arg.kind_of?(Reg) and arg.sz >= 32)
 			elsif o.props[:argsz]
 				return arg.sz == o.props[:argsz]
 			else
-				return arg.sz <= 16
+				return arg.sz >= 16
 			end
 		end
 
@@ -254,7 +275,7 @@ end
 		cond and
 		case spec
 		when :reg; arg.kind_of? Reg and (arg.sz >= 16 or o.props[:argsz])
-		when :modrm; (arg.kind_of? ModRM or arg.kind_of? Reg) and (!arg.sz or arg.sz >= 16 or o.props[:argsz])
+		when :modrm; (arg.kind_of? ModRM or arg.kind_of? Reg) and (!arg.sz or arg.sz >= 16 or o.props[:argsz]) and (!o.props[:modrmA] or arg.kind_of? ModRM) and (!o.props[:modrmR] or arg.kind_of? Reg)
 		when :i;        arg.kind_of? Expression
 		when :imm_val1; arg.kind_of? Expression and arg.reduce == 1
 		when :imm_val3; arg.kind_of? Expression and arg.reduce == 3
@@ -268,15 +289,21 @@ end
 		when :eeec;     arg.kind_of? CtrlReg
 		when :eeed;     arg.kind_of? DbgReg
 		when :eeet;     arg.kind_of? TstReg
-		when :modrmA;   arg.kind_of? ModRM
 		when :mrm_imm;  arg.kind_of? ModRM   and not arg.s and not arg.i and not arg.b
 		when :farptr;   arg.kind_of? Farptr
 		when :regfp;    arg.kind_of? FpReg
 		when :regfp0;   arg.kind_of? FpReg   and (arg.val == nil or arg.val == 0)
-		when :modrmmmx; arg.kind_of? ModRM   or (arg.kind_of? SimdReg and (arg.sz == 64 or (arg.sz == 128 and o.props[:xmmx])))
+		when :modrmmmx; arg.kind_of? ModRM   or (arg.kind_of? SimdReg and (arg.sz == 64 or (arg.sz == 128 and o.props[:xmmx]))) and (!o.props[:modrmA] or arg.kind_of? ModRM) and (!o.props[:modrmR] or arg.kind_of? SimdReg)
 		when :regmmx;   arg.kind_of? SimdReg and (arg.sz == 64 or (arg.sz == 128 and o.props[:xmmx]))
-		when :modrmxmm; arg.kind_of? ModRM   or (arg.kind_of? SimdReg and arg.sz == 128)
+		when :modrmxmm; arg.kind_of? ModRM   or (arg.kind_of? SimdReg and arg.sz == 128) and (!o.props[:modrmA] or arg.kind_of? ModRM) and (!o.props[:modrmR] or arg.kind_of? SimdReg)
 		when :regxmm;   arg.kind_of? SimdReg and arg.sz == 128
+		when :modrmymm; arg.kind_of? ModRM   or (arg.kind_of? SimdReg and arg.sz == 256) and (!o.props[:modrmA] or arg.kind_of? ModRM) and (!o.props[:modrmR] or arg.kind_of? SimdReg)
+		when :regymm;   arg.kind_of? SimdReg and arg.sz == 256
+
+		when :vexvreg;  arg.kind_of? Reg and arg.sz == @size
+		when :vexvxmm, :i4xmm;  arg.kind_of? SimdReg and arg.sz == 128
+		when :vexvymm, :i4ymm;  arg.kind_of? SimdReg and arg.sz == 256
+
 		when :i8, :u8, :u16
 			arg.kind_of? Expression and
 			(o.props[:setip] or Expression.in_range?(arg, spec) != false)	# true or nil allowed
@@ -303,8 +330,8 @@ end
 			else
 				if r = i.args.grep(Reg).first
 					m.sz = r.sz
-				elsif opcode_list_byname[i.opname].all? { |o| o.props[:argsz] }
-					m.sz = opcode_list_byname[i.opname].first.props[:argsz]
+				elsif l = opcode_list_byname[i.opname].map { |o| o.props[:argsz] }.uniq and l.length == 1 and l.first
+					m.sz = l.first
 				else
 					# this is also the size of ctrlreg/dbgreg etc
 					# XXX fpu/simd ?
@@ -321,6 +348,10 @@ end
 		end
 	end
 
+	def check_reserved_name(name)
+		Reg.s_to_i[name]
+	end
+
 	def instr_uncond_jump_to(target)
 		parse_instruction("jmp #{target}")
 	end

data/{lib/metasm → metasm/cpu}/ia32/render.rb

@@ -4,7 +4,7 @@
 #    Licence is LGPL, see LICENCE in the top-level directory
 
 
-require 'metasm/ia32/opcodes'
+require 'metasm/cpu/ia32/opcodes'
 require 'metasm/render'
 
 # XXX move context in another file ?
@@ -60,12 +60,18 @@ class Ia32
 
 	def render_instruction(i)
 		r = []
-		r << 'lock ' if i.prefix and i.prefix[:lock]
-		r << i.prefix[:rep] << ' ' if i.prefix and i.prefix[:rep]
+		if pfx = i.prefix
+			r << 'lock ' if pfx[:lock]
+			r << pfx[:rep] << ' ' if pfx[:rep]
+			r << pfx[:jmphint] << ' ' if pfx[:jmphint]
+			r << 'seg_' << pfx[:seg] << ' ' if pfx[:seg]
+		end
 		r << i.opname
+		sep = ' '
 		i.args.each { |a|
 			a.instruction = i if a.kind_of? ModRM
-			r << (r.last == i.opname ? ' ' : ', ') << a
+			r << sep << a
+			sep = ', '
 		}
 		r
 	end
@@ -87,5 +93,26 @@ class Ia32
 		h['toggle lock'] = lambda { (i.prefix ||= {})[:lock] = !i.prefix[:lock] }
 		h
 	end
+
+	def gui_hilight_word_regexp_init
+		ret = {}
+
+		%w[a b c d].each { |r|
+			ret["#{r}l"] = "e?#{r}x|#{r}l"
+			ret["#{r}h"] = "e?#{r}x|#{r}h"
+			ret["#{r}x"] = ret["e#{r}x"] = "e?#{r}x|#{r}[hl]"
+		}
+
+		%w[sp bp si di].each { |r|
+			ret[r] = ret["e#{r}"] = "e?#{r}"
+		}
+
+		ret
+	end
+
+	def gui_hilight_word_regexp(word)
+		@gui_hilight_word_hash ||= gui_hilight_word_regexp_init
+		@gui_hilight_word_hash[word] or super(word)
+	end
 end
 end

data/metasm/cpu/mips.rb

@@ -0,0 +1,14 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+
+class Metasm::MIPS < Metasm::CPU
+end
+
+require 'metasm/main'
+require 'metasm/cpu/mips/parse'
+require 'metasm/cpu/mips/encode'
+require 'metasm/cpu/mips/decode'
+require 'metasm/cpu/mips/render'
+require 'metasm/cpu/mips/debug'

data/{lib/metasm → metasm/cpu}/mips/compile_c.rb

@@ -3,5 +3,5 @@
 #
 #    Licence is LGPL, see LICENCE in the top-level directory
 
-require 'metasm/mips/parse'
+require 'metasm/cpu/mips/parse'
 require 'metasm/compile_c'

data/metasm/cpu/mips/debug.rb

@@ -0,0 +1,42 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+
+
+require 'metasm/main'
+
+module Metasm
+class MIPS
+	def dbg_register_pc
+		@dbg_register_pc ||= :pc
+	end
+	def dbg_register_flags
+		@dbg_register_flags ||= :flags
+	end
+
+	def dbg_register_list
+		@dbg_register_list ||= %w[z0 at v0 v1 a0 a1 a2 a3
+					t0 t1 t2 t3 t4 t5 t6 t7
+					s0 s1 s2 s3 s4 s5 s6 s7
+					t8 t9 k0 k1 gp sp fp ra
+					sr mullo mulhi badva cause pc].map { |r| r.to_sym }
+	end
+
+	def dbg_flag_list
+		@dbg_flag_list ||= []
+	end
+
+	def dbg_register_size
+		@dbg_register_size ||= Hash.new(@size)
+	end
+
+	def dbg_need_stepover(dbg, addr, di)
+		di and di.opcode.props[:saveip]
+	end
+
+	def dbg_end_stepout(dbg, addr, di)
+		di and di.opcode.name == 'foobar'	# TODO
+	end
+end
+end

data/{lib/metasm → metasm/cpu}/mips/decode.rb

@@ -4,7 +4,7 @@
 #    Licence is LGPL, see LICENCE in the top-level directory
 
 
-require 'metasm/mips/opcodes'
+require 'metasm/cpu/mips/opcodes'
 require 'metasm/decode'
 
 module Metasm
@@ -35,30 +35,46 @@ class MIPS
 	end
 
 	def decode_findopcode(edata)
-		return if edata.ptr >= edata.data.length
-		# TODO handle relocations !!
 		di = DecodedInstruction.new(self)
 		val = edata.decode_imm(:u32, @endianness)
 		edata.ptr -= 4
-		di if di.opcode = @bin_lookaside[val >> 24].find { |op|
-			(op.bin & op.bin_mask) == (val & op.bin_mask)
-		}
+		if val.kind_of?(Expression)
+			# relocations
+			hval = Expression[val, :&, 0xff000000].reduce
+			if hval.kind_of?(Expression)
+				# reloc_i26
+				if hval.kind_of?(Expression) and pat = hval.match(Expression[['a', :&, 0x300_0000], :|, 'b'], 'a', 'b')
+					hval = pat['b']
+				end
+			end
+			di if di.opcode = @bin_lookaside[hval >> 24].find { |op|
+				(op.bin & op.bin_mask) == Expression[val, :&, op.bin_mask].reduce
+			}
+		else
+			di if di.opcode = @bin_lookaside[val >> 24].find { |op|
+				(op.bin & op.bin_mask) == (val & op.bin_mask)
+			}
+		end
 	end
 
 	def decode_instr_op(edata, di)
-		# TODO handle relocations !!
 		before_ptr = edata.ptr
 		op = di.opcode
 		di.instruction.opname = op.name
 		val = edata.decode_imm(:u32, @endianness)
 
 		field_val = lambda { |f|
-			r = (val >> @fields_shift[f]) & @fields_mask[f]
-			# XXX do that cleanly (Expr.decode_imm)
+			if val.kind_of?(Expression)
+				r = Expression[[val, :>>, @fields_shift[f]], :&, @fields_mask[f]].reduce
+			else
+				r = (val >> @fields_shift[f]) & @fields_mask[f]
+			end
+
+			next r if r.kind_of?(Expression)
 			case f
-			when :sa, :i16, :it; r = Expression.make_signed(r, 16)
+			when :msbd; r += 1
+			when :i16; r = Expression.make_signed(r, 16)
 			when :i20; r = Expression.make_signed(r, 20)
-			when :i26; r = Expression.make_signed(r, 26)
 			else r
 			end
 		}
@@ -66,15 +82,23 @@ class MIPS
 		op.args.each { |a|
 			di.instruction.args << case a
 			when :rs, :rt, :rd; Reg.new field_val[a]
-			when :sa, :i16, :i20, :i26, :it; Expression[field_val[a]]
-			when :rs_i16; Memref.new Reg.new(field_val[:rs]), Expression[field_val[:i16]]
+			when :sa, :i16, :i20, :i26, :it, :msbd, :sel, :idb; Expression[field_val[a]]
+			when :rs_i16
+				len = 32
+				len = 64 if op.props[:m64]
+				len = 16 if op.props[:mi16] or op.props[:mu16]
+				len = 8  if op.props[:mi8 ] or op.props[:mu8]
+				Memref.new Reg.new(field_val[:rs]), Expression[field_val[:i16]], len
 			when :ft; FpReg.new field_val[a]
-			when :idm1, :idb; Expression['unsupported']
+			when :idm1; Expression['unsupported']
 			else raise SyntaxError, "Internal error: invalid argument #{a} in #{op.name}"
 			end
 		}
+
 		di.bin_length += edata.ptr - before_ptr
 
+		return false if edata.ptr > edata.length
+
 		di
 	end
 
@@ -86,7 +110,13 @@ class MIPS
 		if di.opcode.props[:setip] and di.instruction.args.last.kind_of? Expression and di.opcode.name[0] != ?t
 			delta = Expression[di.instruction.args.last, :<<, 2].reduce
 			if di.opcode.args.include? :i26
-				arg = Expression[[[addr, :+, di.bin_length], :&, 0xfc00_0000], :+, delta].reduce
+				# absolute jump in the 0x3ff_ffff region surrounding next_pc
+				if delta.kind_of? Expression and delta.op == :& and delta.rexpr == 0xfff_fffc
+					# relocated arg: assume the linker mapped so that instr&target are in the same region
+					arg = Expression[delta.lexpr].reduce
+				else
+					arg = Expression[[[addr, :+, di.bin_length], :&, 0xf000_0000], :+, delta].reduce
+				end
 			else
 				arg = Expression[[addr, :+, di.bin_length], :+, delta].reduce
 			end
@@ -112,7 +142,7 @@ class MIPS
 				{ :$ra => Expression[Expression[di.address, :+, 2*di.bin_length].reduce] }
 			}
 			when 'nop', 'j', 'jr', /^b/; lambda { |di, *a| {} }
-			when 'lui'; lambda { |di, a0, a1| { a0 => Expression[a1, :<<, 16] } }
+			when 'lui'; lambda { |di, a0, a1| { a0 => Expression[[a1, :&, 0xffff], :<<, 16] } }
 			when 'add', 'addu', 'addi', 'addiu'; lambda { |di, a0, a1, a2| { a0 => Expression[a1, :+, a2] } }	# XXX addiu $sp, -40h should be addiu $sp, 0xffc0 from the books, but..
 			when 'sub', 'subu'; lambda { |di, a0, a1, a2| { a0 => Expression[a1, :-, a2] } }
 			when 'slt', 'slti'; lambda { |di, a0, a1, a2| { a0 => Expression[a1, :<, a2] } }

data/{lib/metasm → metasm/cpu}/mips/encode.rb

@@ -4,7 +4,7 @@
 #    Licence is LGPL, see LICENCE in the top-level directory
 
 
-require 'metasm/mips/opcodes'
+require 'metasm/cpu/mips/opcodes'
 require 'metasm/encode'
 
 module Metasm
@@ -40,12 +40,13 @@ class MIPS
 			when :rs_i16
 				set_field[:rs, arg.base.i]
 				val, mask, shift = arg.offset, @fields_mask[:i16], @fields_shift[:i16]
-			when :sa, :i16, :i20, :i26
+			when :sa, :i16, :i20, :i26, :it, :msbd, :sel, :idb
 				val, mask, shift = arg, @fields_mask[sym], @fields_shift[sym]
+				val = Expression[val, :-, 1] if sym == :msbd
 			end
 		}
 
-		Expression[base, :+, [[val, :&, mask], :<<, shift]].encode(:u32, @endianness) << postdata
+		Expression[base, :|, [[val, :&, mask], :<<, shift]].encode(:u32, @endianness) << postdata
 	end
 end
 end

data/{lib/metasm → metasm/cpu}/mips/main.rb

@@ -43,16 +43,16 @@ class MIPS < CPU
 	end
 
 	class Memref
-		attr_accessor :base, :offset
-		def initialize(base, offset)
-			@base, @offset = base, offset
+		attr_accessor :base, :offset, :sz
+		def initialize(base, offset, sz=32)
+			@base, @offset, @sz = base, offset, sz
 		end
 
 		def symbolic(orig)
 			p = nil
 			p = Expression[p, :+, @base.symbolic] if base
 			p = Expression[p, :+, @offset] if offset
-			Indirection[p.reduce, 4, orig]
+			Indirection[p.reduce, @sz/8, orig]
 		end
 	end
 
@@ -68,5 +68,12 @@ class MIPS < CPU
 		@opcode_list
 	end
 end
+
+class MIPS64 < MIPS
+	def initialize(endianness = :big, family = :latest)
+		super(endianness, family)
+		@size = 64
+	end
+end
 end
 

data/{lib/metasm → metasm/cpu}/mips/opcodes.rb

@@ -4,7 +4,7 @@
 #    Licence is LGPL, see LICENCE in the top-level directory
 
 
-require 'metasm/mips/main'
+require 'metasm/cpu/mips/main'
 
 # TODO coprocessors, floating point, 64bits, thumb mode
 
@@ -13,8 +13,10 @@ module Metasm
 class MIPS
 	def addop(name, bin, *args)
 		o = Opcode.new name, bin
-		o.args.concat(args & @fields_mask.keys)
-		(args & @valid_props).each { |p| o.props[p] = true }
+		args.each { |a|
+			o.args << a if @fields_mask[a]
+			o.props[a] = true if @valid_props[a]
+		}
 		@opcode_list << o
 	end
 
@@ -45,10 +47,11 @@ class MIPS
 		@opcode_list = []
 		@fields_mask.update :rs => 0x1f, :rt => 0x1f, :rd => 0x1f, :sa => 0x1f,
 			:i16 => 0xffff, :i26 => 0x3ffffff, :rs_i16 => 0x3e0ffff, :it => 0x1f,
-			:ft => 0x1f, :idm1 => 0x1f, :idb => 0x1f, :sel => 7, :i20 => 0xfffff #, :i32 => 0
+			:ft => 0x1f, :idm1 => 0x1f, :idb => 0x1f, :sel => 7, :i20 => 0xfffff
 		@fields_shift.update :rs => 21, :rt => 16, :rd => 11, :sa => 6,
 			:i16 => 0, :i26 => 0, :rs_i16 => 0, :it => 16,
-			:ft => 16, :idm1 => 11, :idb => 11, :sel => 0, :i20 => 6 #, :i32 => 0
+			:ft => 16, :idm1 => 11, :idb => 11, :sel => 0, :i20 => 6
+		@valid_props.update :mi8 => true, :mu8 => true, :mi16 => true, :mu16 => true
 
 		init_mips32_obsolete
 		init_mips32_reserved
@@ -58,12 +61,11 @@ class MIPS
 
 		addop 'mov',  0b001000 << 26, :rt, :rs			# rt <- rs+0
 		addop 'addi', 0b001000 << 26, :rt, :rs, :i16		# add		rt <- rs+i
-		addop 'li',   0b001001 << 26, :rt, :i16			# add $0	# XXX liu ?
+		addop 'li',   0b001001 << 26, :rt, :i16			# addiu rt <- zero+i
 		addop 'addiu',0b001001 << 26, :rt, :rs, :i16		# add unsigned
 		addop 'slti', 0b001010 << 26, :rt, :rs, :i16		# set on less than
 		addop 'sltiu',0b001011 << 26, :rt, :rs, :i16		# set on less than unsigned
 		addop 'andi', 0b001100 << 26, :rt, :rs, :i16		# and
-		addop 'li',   0b001101 << 26, :rt, :i16			# or $0
 		addop 'ori',  0b001101 << 26, :rt, :rs, :i16		# or
 		addop 'xori', 0b001110 << 26, :rt, :rs, :i16		# xor
 		addop 'lui',  0b001111 << 26, :rt, :i16			# load upper
@@ -80,16 +82,16 @@ class MIPS
 		addop 'blez', 0b000110 << 26, :rs, :i16, :setip		# <= 0
 		addop 'bgtz', 0b000111 << 26, :rs, :i16, :setip		# > 0
 
-		addop 'lb',   0b100000 << 26, :rt, :rs_i16		# load byte	rs <- [rt+i]
-		addop 'lh',   0b100001 << 26, :rt, :rs_i16		# load halfword
+		addop 'lb',   0b100000 << 26, :rt, :rs_i16, :mi8	# load byte	rs <- [rt+i]
+		addop 'lh',   0b100001 << 26, :rt, :rs_i16, :mi16	# load halfword
 		addop 'lwl',  0b100010 << 26, :rt, :rs_i16		# load word left
 		addop 'lw',   0b100011 << 26, :rt, :rs_i16		# load word
-		addop 'lbu',  0b100100 << 26, :rt, :rs_i16		# load byte unsigned
-		addop 'lhu',  0b100101 << 26, :rt, :rs_i16		# load halfword unsigned
+		addop 'lbu',  0b100100 << 26, :rt, :rs_i16, :mu8	# load byte unsigned
+		addop 'lhu',  0b100101 << 26, :rt, :rs_i16, :mu16	# load halfword unsigned
 		addop 'lwr',  0b100110 << 26, :rt, :rs_i16		# load word right
 
-		addop 'sb',   0b101000 << 26, :rt, :rs_i16		# store byte
-		addop 'sh',   0b101001 << 26, :rt, :rs_i16		# store halfword
+		addop 'sb',   0b101000 << 26, :rt, :rs_i16, :mi8	# store byte
+		addop 'sh',   0b101001 << 26, :rt, :rs_i16, :mi16	# store halfword
 		addop 'swl',  0b101010 << 26, :rt, :rs_i16		# store word left
 		addop 'sw',   0b101011 << 26, :rt, :rs_i16		# store word
 		addop 'swr',  0b101110 << 26, :rt, :rs_i16		# store word right
@@ -195,10 +197,10 @@ class MIPS
 
 
 		# cp0
-		addop 'mfc0', (0b010000<<26) | (0b00000<<21), :rt, :rd
-		addop 'mfc0', (0b010000<<26) | (0b00000<<21), :rt, :rd, :sel
-		addop 'mtc0', (0b010000<<26) | (0b00100<<21), :rt, :rd
-		addop 'mtc0', (0b010000<<26) | (0b00100<<21), :rt, :rd, :sel
+		addop 'mfc0', (0b010000<<26) | (0b00000<<21), :rt, :idb
+		addop 'mfc0', (0b010000<<26) | (0b00000<<21), :rt, :idb, :sel
+		addop 'mtc0', (0b010000<<26) | (0b00100<<21), :rt, :idb
+		addop 'mtc0', (0b010000<<26) | (0b00100<<21), :rt, :idb, :sel
 
 		addop 'tlbr', (0b010000<<26) | (1<<25) | 0b000001
 		addop 'tlbwi',(0b010000<<26) | (1<<25) | 0b000010
@@ -235,6 +237,73 @@ class MIPS
 	end
 	alias init_latest init_mips32r2
 end
+
+class MIPS64
+	def init_mips64
+		init_mips32r2
+		@valid_props.update :mi64 => true
+
+		addop 'ld',     0b110111 << 26, :rt, :rs_i16, :m64
+		addop 'lwu',    0b100111 << 26, :rt, :rs_i16
+		addop 'sd',     0b111111 << 26, :rt, :rs_i16, :m64
+		addop 'scd',    0b111100 << 26, :rt, :rs_i16, :m64
+		addop 'ldl',    0b011010 << 26, :rt, :rs_i16
+		addop 'ldr',    0b011011 << 26, :rt, :rs_i16
+		addop 'sdl',    0b101100 << 26, :rt, :rs_i16
+		addop 'sdr',    0b101101 << 26, :rt, :rs_i16
+		addop 'lld',    0b110100 << 26, :rt, :rs_i16
+		addop 'daddi',  0b011000 << 26, :rt, :rs, :i16
+		addop 'daddiu', 0b011001 << 26, :rt, :rs, :i16
+
+		addop 'dclo',  (0b011100 << 26) | (0b100101), :rd, :rt, :rs
+		addop 'dclz',  (0b011100 << 26) | (0b100100), :rd, :rt, :rs
+
+		addop 'dadd',   0b101100, :rd, :rs, :rt
+		addop 'daddu',  0b101101, :rd, :rs, :rt
+		addop 'dsub',   0b101110, :rd, :rs, :rt
+		addop 'dsubu',  0b101111, :rd, :rs, :rt
+		addop 'dsll',   0b111000, :rd, :rt, :sa
+		addop 'dsll32', 0b111100, :rd, :rt, :sa
+		addop 'dsllv',  0b010100, :rd, :rt, :rs
+		addop 'dsra',   0b111011, :rd, :rt, :sa
+		addop 'dsra32', 0b111111, :rd, :rt, :sa
+		addop 'dsrav',  0b010111, :rd, :rt, :rs
+		addop 'dsrl',   0b111010, :rd, :rt, :sa
+		addop 'dsrl32', 0b111110, :rd, :rt, :sa
+		addop 'dsrlv',  0b010110, :rd, :rt, :rs
+		addop 'ddiv',   0b011110, :rs, :rt
+		addop 'ddivu',  0b011111, :rs, :rt
+		addop 'dmult',  0b011100, :rs, :rt
+		addop 'dmultu', 0b011101, :rs, :rt
+
+		addop 'dmfc0', (0b010000<<26) | (0b00001<<21), :rt, :idb
+		addop 'dmfc0', (0b010000<<26) | (0b00001<<21), :rt, :idb, :sel
+		addop 'dmtc0', (0b010000<<26) | (0b00101<<21), :rt, :idb
+		addop 'dmtc0', (0b010000<<26) | (0b00101<<21), :rt, :idb, :sel
+	end
+
+	def init_mips64r2
+		init_mips64
+		@fields_mask.update :msbd => 0x1f
+		@fields_shift.update :msbd => 11
+
+		addop 'dext',  (0b011111 << 26) | 0b000011, :rt, :rs, :sa, :msbd	# sa => lsb
+		addop 'dextm', (0b011111 << 26) | 0b000001, :rt, :rs, :sa, :msbd
+		addop 'dextu', (0b011111 << 26) | 0b000010, :rt, :rs, :sa, :msbd
+		addop 'dins',  (0b011111 << 26) | 0b000111, :rt, :rs, :sa, :msbd
+		addop 'dinsm', (0b011111 << 26) | 0b000101, :rt, :rs, :sa, :msbd
+		addop 'dinsu', (0b011111 << 26) | 0b000110, :rt, :rs, :sa, :msbd
+
+		addop 'drotr',   (1 << 21) | 0b111010, :rd, :rt, :sa
+		addop 'drotr32', (1 << 21) | 0b111110, :rd, :rt, :sa
+		addop 'drotrv',  (1 <<  6) | 0b010110, :rd, :rt, :rs
+
+		addop 'dsbh', (0b011111 << 26) | (0b00010 << 6) | 0b100100, :rd, :rt
+		addop 'dshd', (0b011111 << 26) | (0b00101 << 6) | 0b100100, :rd, :rt
+	end
+
+	alias init_latest init_mips64r2
+end
 end
 __END__
 	def macro_addop_cop1(name, bin, *aprops)