5 * This work is licensed under the terms of 3-clause BSD license.
6 * See COPYING file in the top-level directory.
14 #include "my_assert.h"
17 #define ARRAY_SIZE(x) (sizeof(x) / sizeof(x[0]))
18 #define IS(w, y) !strcmp(w, y)
19 #define IS_START(w, y) !strncmp(w, y, strlen(y))
21 #include "protoparse.h"
23 static const char *asmfn;
27 #define anote(fmt, ...) \
28 printf("%s:%d: note: " fmt, asmfn, asmln, ##__VA_ARGS__)
29 #define awarn(fmt, ...) \
30 printf("%s:%d: warning: " fmt, asmfn, asmln, ##__VA_ARGS__)
31 #define aerr(fmt, ...) do { \
32 printf("%s:%d: error: " fmt, asmfn, asmln, ##__VA_ARGS__); \
37 #include "masm_tools.h"
40 OPF_RMD = (1 << 0), /* removed or optimized out */
41 OPF_DATA = (1 << 1), /* data processing - writes to dst opr */
42 OPF_FLAGS = (1 << 2), /* sets flags */
43 OPF_JMP = (1 << 3), /* branch, call */
44 OPF_CJMP = (1 << 4), /* cond. branch (cc or jecxz) */
45 OPF_CC = (1 << 5), /* uses flags */
46 OPF_TAIL = (1 << 6), /* ret or tail call */
47 OPF_RSAVE = (1 << 7), /* push/pop is local reg save/load */
48 OPF_REP = (1 << 8), /* prefixed by rep */
49 OPF_REPZ = (1 << 9), /* rep is repe/repz */
50 OPF_REPNZ = (1 << 10), /* rep is repne/repnz */
51 OPF_FARG = (1 << 11), /* push collected as func arg (no reuse) */
52 OPF_EBP_S = (1 << 12), /* ebp used as scratch here, not BP */
53 OPF_DF = (1 << 13), /* DF flag set */
54 OPF_ATAIL = (1 << 14), /* tail call with reused arg frame */
55 OPF_32BIT = (1 << 15), /* 32bit division */
56 OPF_LOCK = (1 << 16), /* op has lock prefix */
57 OPF_VAPUSH = (1 << 17), /* vararg ptr push (as call arg) */
127 // must be sorted (larger len must be further in enum)
136 #define MAX_OPERANDS 3
141 enum opr_lenmod lmod;
142 unsigned int is_ptr:1; // pointer in C
143 unsigned int is_array:1; // array in C
144 unsigned int type_from_var:1; // .. in header, sometimes wrong
145 unsigned int size_mismatch:1; // type override differs from C
146 unsigned int size_lt:1; // type override is larger than C
147 unsigned int had_ds:1; // had ds: prefix
148 const struct parsed_proto *pp; // for OPT_LABEL
156 struct parsed_opr operand[MAX_OPERANDS];
159 unsigned char pfo_inv;
160 unsigned char operand_cnt;
161 unsigned char p_argnum; // arg push: altered before call arg #
162 unsigned char p_arggrp; // arg push: arg group # for above
163 unsigned char p_argpass;// arg push: arg of host func
164 short p_argnext;// arg push: same arg pushed elsewhere or -1
165 int regmask_src; // all referensed regs
167 int pfomask; // flagop: parsed_flag_op that can't be delayed
168 int cc_scratch; // scratch storage during analysis
169 int bt_i; // branch target for branches
170 struct parsed_data *btj;// branch targets for jumptables
171 struct parsed_proto *pp;// parsed_proto for OP_CALL
177 // OP_CALL - parser proto hint (str)
178 // (OPF_CC) - points to one of (OPF_FLAGS) that affects cc op
179 // OP_POP - points to OP_PUSH in push/pop pair
183 enum opr_lenmod lmod;
190 enum opr_lenmod lmod;
204 struct label_ref *next;
208 IDAFA_BP_FRAME = (1 << 0),
209 IDAFA_LIB_FUNC = (1 << 1),
210 IDAFA_STATIC = (1 << 2),
211 IDAFA_NORETURN = (1 << 3),
212 IDAFA_THUNK = (1 << 4),
213 IDAFA_FPD = (1 << 5),
216 // note: limited to 32k due to p_argnext
218 #define MAX_ARG_GRP 2
220 static struct parsed_op ops[MAX_OPS];
221 static struct parsed_equ *g_eqs;
223 static char *g_labels[MAX_OPS];
224 static struct label_ref g_label_refs[MAX_OPS];
225 static const struct parsed_proto *g_func_pp;
226 static struct parsed_data *g_func_pd;
227 static int g_func_pd_cnt;
228 static char g_func[256];
229 static char g_comment[256];
230 static int g_bp_frame;
231 static int g_sp_frame;
232 static int g_stack_frame_used;
233 static int g_stack_fsz;
234 static int g_ida_func_attr;
235 static int g_allow_regfunc;
236 static int g_quiet_pp;
238 #define ferr(op_, fmt, ...) do { \
239 printf("%s:%d: error: [%s] '%s': " fmt, asmfn, (op_)->asmln, g_func, \
240 dump_op(op_), ##__VA_ARGS__); \
244 #define fnote(op_, fmt, ...) \
245 printf("%s:%d: note: [%s] '%s': " fmt, asmfn, (op_)->asmln, g_func, \
246 dump_op(op_), ##__VA_ARGS__)
248 const char *regs_r32[] = {
249 "eax", "ebx", "ecx", "edx", "esi", "edi", "ebp", "esp",
250 // not r32, but list here for easy parsing and printing
251 "mm0", "mm1", "mm2", "mm3", "mm4", "mm5", "mm6", "mm7",
253 const char *regs_r16[] = { "ax", "bx", "cx", "dx", "si", "di", "bp", "sp" };
254 const char *regs_r8l[] = { "al", "bl", "cl", "dl" };
255 const char *regs_r8h[] = { "ah", "bh", "ch", "dh" };
257 enum x86_regs { xUNSPEC = -1, xAX, xBX, xCX, xDX, xSI, xDI, xBP, xSP };
259 // possible basic comparison types (without inversion)
260 enum parsed_flag_op {
264 PFO_BE, // 6 CF=1||ZF=1
268 PFO_LE, // e ZF=1||SF!=OF
271 #define PFOB_O (1 << PFO_O)
272 #define PFOB_C (1 << PFO_C)
273 #define PFOB_Z (1 << PFO_Z)
274 #define PFOB_S (1 << PFO_S)
276 static const char *parsed_flag_op_names[] = {
277 "o", "c", "z", "be", "s", "p", "l", "le"
280 static int char_array_i(const char *array[], size_t len, const char *s)
284 for (i = 0; i < len; i++)
291 static void printf_number(char *buf, size_t buf_size,
292 unsigned long number)
294 // output in C-friendly form
295 snprintf(buf, buf_size, number < 10 ? "%lu" : "0x%02lx", number);
298 static int check_segment_prefix(const char *s)
300 if (s[0] == 0 || s[1] != 's' || s[2] != ':')
314 static int parse_reg(enum opr_lenmod *reg_lmod, const char *s)
318 reg = char_array_i(regs_r32, ARRAY_SIZE(regs_r32), s);
320 *reg_lmod = OPLM_QWORD;
324 *reg_lmod = OPLM_DWORD;
327 reg = char_array_i(regs_r16, ARRAY_SIZE(regs_r16), s);
329 *reg_lmod = OPLM_WORD;
332 reg = char_array_i(regs_r8h, ARRAY_SIZE(regs_r8h), s);
334 *reg_lmod = OPLM_BYTE;
337 reg = char_array_i(regs_r8l, ARRAY_SIZE(regs_r8l), s);
339 *reg_lmod = OPLM_BYTE;
346 static int parse_indmode(char *name, int *regmask, int need_c_cvt)
348 enum opr_lenmod lmod;
361 while (my_isblank(*s))
363 for (; my_issep(*s); d++, s++)
365 while (my_isblank(*s))
369 // skip '?s:' prefixes
370 if (check_segment_prefix(s))
373 s = next_idt(w, sizeof(w), s);
378 reg = parse_reg(&lmod, w);
380 *regmask |= 1 << reg;
384 if ('0' <= w[0] && w[0] <= '9') {
385 number = parse_number(w);
386 printf_number(d, sizeof(cvtbuf) - (d - cvtbuf), number);
390 // probably some label/identifier - pass
393 snprintf(d, sizeof(cvtbuf) - (d - cvtbuf), "%s", w);
397 strcpy(name, cvtbuf);
402 static int is_reg_in_str(const char *s)
406 if (strlen(s) < 3 || (s[3] && !my_issep(s[3]) && !my_isblank(s[3])))
409 for (i = 0; i < ARRAY_SIZE(regs_r32); i++)
410 if (!strncmp(s, regs_r32[i], 3))
416 static const char *parse_stack_el(const char *name, char *extra_reg,
419 const char *p, *p2, *s;
425 if (g_bp_frame || early_try)
428 if (IS_START(p + 3, "+ebp+") && is_reg_in_str(p)) {
430 if (extra_reg != NULL) {
431 strncpy(extra_reg, name, 3);
436 if (IS_START(p, "ebp+")) {
440 if (p2 != NULL && is_reg_in_str(p)) {
441 if (extra_reg != NULL) {
442 strncpy(extra_reg, p, p2 - p);
443 extra_reg[p2 - p] = 0;
448 if (!('0' <= *p && *p <= '9'))
455 if (!IS_START(name, "esp+"))
461 if (is_reg_in_str(s)) {
462 if (extra_reg != NULL) {
463 strncpy(extra_reg, s, p - s);
464 extra_reg[p - s] = 0;
469 aerr("%s IDA stackvar not set?\n", __func__);
471 if (!('0' <= *s && *s <= '9')) {
472 aerr("%s IDA stackvar offset not set?\n", __func__);
475 if (s[0] == '0' && s[1] == 'x')
478 if (len < sizeof(buf) - 1) {
479 strncpy(buf, s, len);
481 val = strtol(buf, &endp, 16);
482 if (val == 0 || *endp != 0) {
483 aerr("%s num parse fail for '%s'\n", __func__, buf);
492 if ('0' <= *p && *p <= '9')
498 static int guess_lmod_from_name(struct parsed_opr *opr)
500 if (!strncmp(opr->name, "dword_", 6)) {
501 opr->lmod = OPLM_DWORD;
504 if (!strncmp(opr->name, "word_", 5)) {
505 opr->lmod = OPLM_WORD;
508 if (!strncmp(opr->name, "byte_", 5)) {
509 opr->lmod = OPLM_BYTE;
512 if (!strncmp(opr->name, "qword_", 6)) {
513 opr->lmod = OPLM_QWORD;
519 static int guess_lmod_from_c_type(enum opr_lenmod *lmod,
520 const struct parsed_type *c_type)
522 static const char *dword_types[] = {
523 "int", "_DWORD", "UINT_PTR", "DWORD",
524 "WPARAM", "LPARAM", "UINT", "__int32",
525 "LONG", "HIMC", "BOOL", "size_t",
528 static const char *word_types[] = {
529 "uint16_t", "int16_t", "_WORD", "WORD",
530 "unsigned __int16", "__int16",
532 static const char *byte_types[] = {
533 "uint8_t", "int8_t", "char",
534 "unsigned __int8", "__int8", "BYTE", "_BYTE",
536 // structures.. deal the same as with _UNKNOWN for now
542 if (c_type->is_ptr) {
547 n = skip_type_mod(c_type->name);
549 for (i = 0; i < ARRAY_SIZE(dword_types); i++) {
550 if (IS(n, dword_types[i])) {
556 for (i = 0; i < ARRAY_SIZE(word_types); i++) {
557 if (IS(n, word_types[i])) {
563 for (i = 0; i < ARRAY_SIZE(byte_types); i++) {
564 if (IS(n, byte_types[i])) {
573 static char *default_cast_to(char *buf, size_t buf_size,
574 struct parsed_opr *opr)
580 if (opr->pp == NULL || opr->pp->type.name == NULL
583 snprintf(buf, buf_size, "%s", "(void *)");
587 snprintf(buf, buf_size, "(%s)", opr->pp->type.name);
591 static enum opr_type lmod_from_directive(const char *d)
595 else if (IS(d, "dw"))
597 else if (IS(d, "db"))
600 aerr("unhandled directive: '%s'\n", d);
604 static void setup_reg_opr(struct parsed_opr *opr, int reg, enum opr_lenmod lmod,
610 *regmask |= 1 << reg;
613 static struct parsed_equ *equ_find(struct parsed_op *po, const char *name,
616 static int parse_operand(struct parsed_opr *opr,
617 int *regmask, int *regmask_indirect,
618 char words[16][256], int wordc, int w, unsigned int op_flags)
620 const struct parsed_proto *pp = NULL;
621 enum opr_lenmod tmplmod;
622 unsigned long number;
630 aerr("parse_operand w %d, wordc %d\n", w, wordc);
634 for (i = w; i < wordc; i++) {
635 len = strlen(words[i]);
636 if (words[i][len - 1] == ',') {
637 words[i][len - 1] = 0;
643 wordc_in = wordc - w;
645 if ((op_flags & OPF_JMP) && wordc_in > 0
646 && !('0' <= words[w][0] && words[w][0] <= '9'))
648 const char *label = NULL;
650 if (wordc_in == 3 && !strncmp(words[w], "near", 4)
651 && IS(words[w + 1], "ptr"))
652 label = words[w + 2];
653 else if (wordc_in == 2 && IS(words[w], "short"))
654 label = words[w + 1];
655 else if (wordc_in == 1
656 && strchr(words[w], '[') == NULL
657 && parse_reg(&tmplmod, words[w]) < 0)
661 opr->type = OPT_LABEL;
662 ret = check_segment_prefix(label);
665 aerr("fs/gs used\n");
669 strcpy(opr->name, label);
675 if (IS(words[w + 1], "ptr")) {
676 if (IS(words[w], "dword"))
677 opr->lmod = OPLM_DWORD;
678 else if (IS(words[w], "word"))
679 opr->lmod = OPLM_WORD;
680 else if (IS(words[w], "byte"))
681 opr->lmod = OPLM_BYTE;
682 else if (IS(words[w], "qword"))
683 opr->lmod = OPLM_QWORD;
685 aerr("type parsing failed\n");
687 wordc_in = wordc - w;
692 if (IS(words[w], "offset")) {
693 opr->type = OPT_OFFSET;
694 opr->lmod = OPLM_DWORD;
695 strcpy(opr->name, words[w + 1]);
696 pp = proto_parse(g_fhdr, opr->name, 1);
699 if (IS(words[w], "(offset")) {
700 p = strchr(words[w + 1], ')');
702 aerr("parse of bracketed offset failed\n");
704 opr->type = OPT_OFFSET;
705 strcpy(opr->name, words[w + 1]);
711 aerr("parse_operand 1 word expected\n");
713 ret = check_segment_prefix(words[w]);
716 aerr("fs/gs used\n");
718 memmove(words[w], words[w] + 3, strlen(words[w]) - 2);
720 strcpy(opr->name, words[w]);
722 if (words[w][0] == '[') {
723 opr->type = OPT_REGMEM;
724 ret = sscanf(words[w], "[%[^]]]", opr->name);
726 aerr("[] parse failure\n");
728 parse_indmode(opr->name, regmask_indirect, 1);
729 if (opr->lmod == OPLM_UNSPEC && parse_stack_el(opr->name, NULL, 1))
732 struct parsed_equ *eq =
733 equ_find(NULL, parse_stack_el(opr->name, NULL, 1), &i);
735 opr->lmod = eq->lmod;
739 else if (strchr(words[w], '[')) {
741 p = strchr(words[w], '[');
742 opr->type = OPT_REGMEM;
743 parse_indmode(p, regmask_indirect, 0);
744 strncpy(buf, words[w], p - words[w]);
745 buf[p - words[w]] = 0;
746 pp = proto_parse(g_fhdr, buf, 1);
749 else if (('0' <= words[w][0] && words[w][0] <= '9')
750 || words[w][0] == '-')
752 number = parse_number(words[w]);
753 opr->type = OPT_CONST;
755 printf_number(opr->name, sizeof(opr->name), number);
759 ret = parse_reg(&tmplmod, opr->name);
761 setup_reg_opr(opr, ret, tmplmod, regmask);
765 // most likely var in data segment
766 opr->type = OPT_LABEL;
767 pp = proto_parse(g_fhdr, opr->name, g_quiet_pp);
771 if (pp->is_fptr || pp->is_func) {
772 opr->lmod = OPLM_DWORD;
776 tmplmod = OPLM_UNSPEC;
777 if (!guess_lmod_from_c_type(&tmplmod, &pp->type))
778 anote("unhandled C type '%s' for '%s'\n",
779 pp->type.name, opr->name);
781 if (opr->lmod == OPLM_UNSPEC) {
783 opr->type_from_var = 1;
785 else if (opr->lmod != tmplmod) {
786 opr->size_mismatch = 1;
787 if (tmplmod < opr->lmod)
790 opr->is_ptr = pp->type.is_ptr;
792 opr->is_array = pp->type.is_array;
796 if (opr->lmod == OPLM_UNSPEC)
797 guess_lmod_from_name(opr);
801 static const struct {
806 { "repe", OPF_REP|OPF_REPZ },
807 { "repz", OPF_REP|OPF_REPZ },
808 { "repne", OPF_REP|OPF_REPNZ },
809 { "repnz", OPF_REP|OPF_REPNZ },
810 { "lock", OPF_LOCK }, // ignored for now..
813 #define OPF_CJMP_CC (OPF_JMP|OPF_CJMP|OPF_CC)
815 static const struct {
818 unsigned short minopr;
819 unsigned short maxopr;
822 unsigned char pfo_inv;
824 { "nop", OP_NOP, 0, 0, 0 },
825 { "push", OP_PUSH, 1, 1, 0 },
826 { "pop", OP_POP, 1, 1, OPF_DATA },
827 { "leave",OP_LEAVE, 0, 0, OPF_DATA },
828 { "mov" , OP_MOV, 2, 2, OPF_DATA },
829 { "lea", OP_LEA, 2, 2, OPF_DATA },
830 { "movzx",OP_MOVZX, 2, 2, OPF_DATA },
831 { "movsx",OP_MOVSX, 2, 2, OPF_DATA },
832 { "xchg", OP_XCHG, 2, 2, OPF_DATA },
833 { "not", OP_NOT, 1, 1, OPF_DATA },
834 { "cdq", OP_CDQ, 0, 0, OPF_DATA },
835 { "lodsb",OP_LODS, 0, 0, OPF_DATA },
836 { "lodsw",OP_LODS, 0, 0, OPF_DATA },
837 { "lodsd",OP_LODS, 0, 0, OPF_DATA },
838 { "stosb",OP_STOS, 0, 0, OPF_DATA },
839 { "stosw",OP_STOS, 0, 0, OPF_DATA },
840 { "stosd",OP_STOS, 0, 0, OPF_DATA },
841 { "movsb",OP_MOVS, 0, 0, OPF_DATA },
842 { "movsw",OP_MOVS, 0, 0, OPF_DATA },
843 { "movsd",OP_MOVS, 0, 0, OPF_DATA },
844 { "cmpsb",OP_CMPS, 0, 0, OPF_DATA|OPF_FLAGS },
845 { "cmpsw",OP_CMPS, 0, 0, OPF_DATA|OPF_FLAGS },
846 { "cmpsd",OP_CMPS, 0, 0, OPF_DATA|OPF_FLAGS },
847 { "scasb",OP_SCAS, 0, 0, OPF_DATA|OPF_FLAGS },
848 { "scasw",OP_SCAS, 0, 0, OPF_DATA|OPF_FLAGS },
849 { "scasd",OP_SCAS, 0, 0, OPF_DATA|OPF_FLAGS },
850 { "std", OP_STD, 0, 0, OPF_DATA }, // special flag
851 { "cld", OP_CLD, 0, 0, OPF_DATA },
852 { "add", OP_ADD, 2, 2, OPF_DATA|OPF_FLAGS },
853 { "sub", OP_SUB, 2, 2, OPF_DATA|OPF_FLAGS },
854 { "and", OP_AND, 2, 2, OPF_DATA|OPF_FLAGS },
855 { "or", OP_OR, 2, 2, OPF_DATA|OPF_FLAGS },
856 { "xor", OP_XOR, 2, 2, OPF_DATA|OPF_FLAGS },
857 { "shl", OP_SHL, 2, 2, OPF_DATA|OPF_FLAGS },
858 { "shr", OP_SHR, 2, 2, OPF_DATA|OPF_FLAGS },
859 { "sal", OP_SHL, 2, 2, OPF_DATA|OPF_FLAGS },
860 { "sar", OP_SAR, 2, 2, OPF_DATA|OPF_FLAGS },
861 { "shrd", OP_SHRD, 3, 3, OPF_DATA|OPF_FLAGS },
862 { "rol", OP_ROL, 2, 2, OPF_DATA|OPF_FLAGS },
863 { "ror", OP_ROR, 2, 2, OPF_DATA|OPF_FLAGS },
864 { "rcl", OP_RCL, 2, 2, OPF_DATA|OPF_FLAGS|OPF_CC, PFO_C },
865 { "rcr", OP_RCR, 2, 2, OPF_DATA|OPF_FLAGS|OPF_CC, PFO_C },
866 { "adc", OP_ADC, 2, 2, OPF_DATA|OPF_FLAGS|OPF_CC, PFO_C },
867 { "sbb", OP_SBB, 2, 2, OPF_DATA|OPF_FLAGS|OPF_CC, PFO_C },
868 { "bsf", OP_BSF, 2, 2, OPF_DATA|OPF_FLAGS },
869 { "inc", OP_INC, 1, 1, OPF_DATA|OPF_FLAGS },
870 { "dec", OP_DEC, 1, 1, OPF_DATA|OPF_FLAGS },
871 { "neg", OP_NEG, 1, 1, OPF_DATA|OPF_FLAGS },
872 { "mul", OP_MUL, 1, 1, OPF_DATA|OPF_FLAGS },
873 { "imul", OP_IMUL, 1, 3, OPF_DATA|OPF_FLAGS },
874 { "div", OP_DIV, 1, 1, OPF_DATA|OPF_FLAGS },
875 { "idiv", OP_IDIV, 1, 1, OPF_DATA|OPF_FLAGS },
876 { "test", OP_TEST, 2, 2, OPF_FLAGS },
877 { "cmp", OP_CMP, 2, 2, OPF_FLAGS },
878 { "retn", OP_RET, 0, 1, OPF_TAIL },
879 { "call", OP_CALL, 1, 1, OPF_JMP|OPF_DATA|OPF_FLAGS },
880 { "jmp", OP_JMP, 1, 1, OPF_JMP },
881 { "jecxz",OP_JECXZ, 1, 1, OPF_JMP|OPF_CJMP },
882 { "jo", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_O, 0 }, // 70 OF=1
883 { "jno", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_O, 1 }, // 71 OF=0
884 { "jc", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_C, 0 }, // 72 CF=1
885 { "jb", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_C, 0 }, // 72
886 { "jnc", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_C, 1 }, // 73 CF=0
887 { "jnb", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_C, 1 }, // 73
888 { "jae", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_C, 1 }, // 73
889 { "jz", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_Z, 0 }, // 74 ZF=1
890 { "je", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_Z, 0 }, // 74
891 { "jnz", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_Z, 1 }, // 75 ZF=0
892 { "jne", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_Z, 1 }, // 75
893 { "jbe", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_BE, 0 }, // 76 CF=1||ZF=1
894 { "jna", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_BE, 0 }, // 76
895 { "ja", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_BE, 1 }, // 77 CF=0&&ZF=0
896 { "jnbe", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_BE, 1 }, // 77
897 { "js", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_S, 0 }, // 78 SF=1
898 { "jns", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_S, 1 }, // 79 SF=0
899 { "jp", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_P, 0 }, // 7a PF=1
900 { "jpe", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_P, 0 }, // 7a
901 { "jnp", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_P, 1 }, // 7b PF=0
902 { "jpo", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_P, 1 }, // 7b
903 { "jl", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_L, 0 }, // 7c SF!=OF
904 { "jnge", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_L, 0 }, // 7c
905 { "jge", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_L, 1 }, // 7d SF=OF
906 { "jnl", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_L, 1 }, // 7d
907 { "jle", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_LE, 0 }, // 7e ZF=1||SF!=OF
908 { "jng", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_LE, 0 }, // 7e
909 { "jg", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_LE, 1 }, // 7f ZF=0&&SF=OF
910 { "jnle", OP_JCC, 1, 1, OPF_CJMP_CC, PFO_LE, 1 }, // 7f
911 { "seto", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_O, 0 },
912 { "setno", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_O, 1 },
913 { "setc", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_C, 0 },
914 { "setb", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_C, 0 },
915 { "setnc", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_C, 1 },
916 { "setae", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_C, 1 },
917 { "setnb", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_C, 1 },
918 { "setz", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_Z, 0 },
919 { "sete", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_Z, 0 },
920 { "setnz", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_Z, 1 },
921 { "setne", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_Z, 1 },
922 { "setbe", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_BE, 0 },
923 { "setna", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_BE, 0 },
924 { "seta", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_BE, 1 },
925 { "setnbe", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_BE, 1 },
926 { "sets", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_S, 0 },
927 { "setns", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_S, 1 },
928 { "setp", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_P, 0 },
929 { "setpe", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_P, 0 },
930 { "setnp", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_P, 1 },
931 { "setpo", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_P, 1 },
932 { "setl", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_L, 0 },
933 { "setnge", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_L, 0 },
934 { "setge", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_L, 1 },
935 { "setnl", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_L, 1 },
936 { "setle", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_LE, 0 },
937 { "setng", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_LE, 0 },
938 { "setg", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_LE, 1 },
939 { "setnle", OP_SCC, 1, 1, OPF_DATA|OPF_CC, PFO_LE, 1 },
942 { "emms", OP_EMMS, 0, 0, OPF_DATA },
943 { "movq", OP_MOV, 2, 2, OPF_DATA },
948 static void parse_op(struct parsed_op *op, char words[16][256], int wordc)
950 enum opr_lenmod lmod = OPLM_UNSPEC;
951 int prefix_flags = 0;
959 for (i = 0; i < ARRAY_SIZE(pref_table); i++) {
960 if (IS(words[w], pref_table[i].name)) {
961 prefix_flags = pref_table[i].flags;
968 aerr("lone prefix: '%s'\n", words[0]);
973 for (i = 0; i < ARRAY_SIZE(op_table); i++) {
974 if (IS(words[w], op_table[i].name))
978 if (i == ARRAY_SIZE(op_table)) {
979 anote("unhandled op: '%s'\n", words[0]);
984 op->op = op_table[i].op;
985 op->flags = op_table[i].flags | prefix_flags;
986 op->pfo = op_table[i].pfo;
987 op->pfo_inv = op_table[i].pfo_inv;
988 op->regmask_src = op->regmask_dst = 0;
991 if (op->op == OP_UD2)
994 for (opr = 0; opr < op_table[i].maxopr; opr++) {
995 if (opr >= op_table[i].minopr && w >= wordc)
998 regmask = regmask_ind = 0;
999 w = parse_operand(&op->operand[opr], ®mask, ®mask_ind,
1000 words, wordc, w, op->flags);
1002 if (opr == 0 && (op->flags & OPF_DATA))
1003 op->regmask_dst = regmask;
1005 op->regmask_src |= regmask;
1006 op->regmask_src |= regmask_ind;
1010 aerr("parse_op %s incomplete: %d/%d\n",
1011 words[0], w, wordc);
1014 op->operand_cnt = opr;
1015 if (!strncmp(op_table[i].name, "set", 3))
1016 op->operand[0].lmod = OPLM_BYTE;
1019 // first operand is not dst
1022 op->regmask_src |= op->regmask_dst;
1023 op->regmask_dst = 0;
1026 // first operand is src too
1038 op->regmask_src |= op->regmask_dst;
1043 op->regmask_src |= op->regmask_dst;
1044 op->regmask_dst |= op->regmask_src;
1050 if (op->operand[0].type == OPT_REG && op->operand[1].type == OPT_REG
1051 && op->operand[0].lmod == op->operand[1].lmod
1052 && op->operand[0].reg == op->operand[1].reg
1053 && IS(op->operand[0].name, op->operand[1].name)) // ! ah, al..
1055 op->regmask_src = 0;
1058 op->regmask_src |= op->regmask_dst;
1061 // ops with implicit argumets
1063 op->operand_cnt = 2;
1064 setup_reg_opr(&op->operand[0], xDX, OPLM_DWORD, &op->regmask_dst);
1065 setup_reg_opr(&op->operand[1], xAX, OPLM_DWORD, &op->regmask_src);
1071 if (op->operand_cnt != 0)
1073 if (words[op_w][4] == 'b')
1075 else if (words[op_w][4] == 'w')
1077 else if (words[op_w][4] == 'd')
1079 op->operand_cnt = 3;
1080 setup_reg_opr(&op->operand[0], op->op == OP_LODS ? xSI : xDI,
1081 lmod, &op->regmask_src);
1082 setup_reg_opr(&op->operand[1], xCX, OPLM_DWORD, &op->regmask_src);
1083 op->regmask_dst = op->regmask_src;
1084 setup_reg_opr(&op->operand[2], xAX, OPLM_DWORD,
1085 op->op == OP_LODS ? &op->regmask_dst : &op->regmask_src);
1090 if (op->operand_cnt != 0)
1092 if (words[op_w][4] == 'b')
1094 else if (words[op_w][4] == 'w')
1096 else if (words[op_w][4] == 'd')
1098 op->operand_cnt = 3;
1099 setup_reg_opr(&op->operand[0], xDI, lmod, &op->regmask_src);
1100 setup_reg_opr(&op->operand[1], xSI, OPLM_DWORD, &op->regmask_src);
1101 setup_reg_opr(&op->operand[2], xCX, OPLM_DWORD, &op->regmask_src);
1102 op->regmask_dst = op->regmask_src;
1106 op->operand_cnt = 1;
1107 op->regmask_src = 1 << xCX;
1108 op->operand[0].type = OPT_REG;
1109 op->operand[0].reg = xCX;
1110 op->operand[0].lmod = OPLM_DWORD;
1114 if (op->operand_cnt != 1)
1119 op->regmask_src |= op->regmask_dst;
1120 op->regmask_dst = (1 << xDX) | (1 << xAX);
1121 if (op->operand[0].lmod == OPLM_UNSPEC)
1122 op->operand[0].lmod = OPLM_DWORD;
1127 // we could set up operands for edx:eax, but there is no real need to
1128 // (see is_opr_modified())
1129 op->regmask_src |= op->regmask_dst;
1130 op->regmask_dst = (1 << xDX) | (1 << xAX);
1131 if (op->operand[0].lmod == OPLM_UNSPEC)
1132 op->operand[0].lmod = OPLM_DWORD;
1140 op->regmask_src |= op->regmask_dst;
1141 if (op->operand[1].lmod == OPLM_UNSPEC)
1142 op->operand[1].lmod = OPLM_BYTE;
1146 op->regmask_src |= op->regmask_dst;
1147 if (op->operand[2].lmod == OPLM_UNSPEC)
1148 op->operand[2].lmod = OPLM_BYTE;
1152 op->regmask_src |= op->regmask_dst;
1153 op->regmask_dst = 0;
1154 if (op->operand[0].lmod == OPLM_UNSPEC
1155 && (op->operand[0].type == OPT_CONST
1156 || op->operand[0].type == OPT_OFFSET
1157 || op->operand[0].type == OPT_LABEL))
1158 op->operand[0].lmod = OPLM_DWORD;
1164 if (op->operand[0].type == OPT_REG && op->operand[1].type == OPT_REG
1165 && op->operand[0].lmod == op->operand[1].lmod
1166 && op->operand[0].reg == op->operand[1].reg
1167 && IS(op->operand[0].name, op->operand[1].name)) // ! ah, al..
1169 op->flags |= OPF_RMD;
1170 op->regmask_src = op->regmask_dst = 0;
1175 if (op->operand[0].type == OPT_REG
1176 && op->operand[1].type == OPT_REGMEM)
1179 snprintf(buf, sizeof(buf), "%s+0", op->operand[0].name);
1180 if (IS(buf, op->operand[1].name))
1181 op->flags |= OPF_RMD;
1186 // trashed regs must be explicitly detected later
1187 op->regmask_dst = 0;
1191 op->regmask_dst = (1 << xBP) | (1 << xSP);
1192 op->regmask_src = 1 << xBP;
1200 static const char *op_name(struct parsed_op *po)
1202 static char buf[16];
1206 if (po->op == OP_JCC || po->op == OP_SCC) {
1208 *p++ = (po->op == OP_JCC) ? 'j' : 's';
1211 strcpy(p, parsed_flag_op_names[po->pfo]);
1215 for (i = 0; i < ARRAY_SIZE(op_table); i++)
1216 if (op_table[i].op == po->op)
1217 return op_table[i].name;
1223 static const char *dump_op(struct parsed_op *po)
1225 static char out[128];
1232 snprintf(out, sizeof(out), "%s", op_name(po));
1233 for (i = 0; i < po->operand_cnt; i++) {
1237 snprintf(p, sizeof(out) - (p - out),
1238 po->operand[i].type == OPT_REGMEM ? " [%s]" : " %s",
1239 po->operand[i].name);
1245 static const char *lmod_type_u(struct parsed_op *po,
1246 enum opr_lenmod lmod)
1258 ferr(po, "invalid lmod: %d\n", lmod);
1259 return "(_invalid_)";
1263 static const char *lmod_cast_u(struct parsed_op *po,
1264 enum opr_lenmod lmod)
1276 ferr(po, "invalid lmod: %d\n", lmod);
1277 return "(_invalid_)";
1281 static const char *lmod_cast_u_ptr(struct parsed_op *po,
1282 enum opr_lenmod lmod)
1294 ferr(po, "invalid lmod: %d\n", lmod);
1295 return "(_invalid_)";
1299 static const char *lmod_cast_s(struct parsed_op *po,
1300 enum opr_lenmod lmod)
1312 ferr(po, "%s: invalid lmod: %d\n", __func__, lmod);
1313 return "(_invalid_)";
1317 static const char *lmod_cast(struct parsed_op *po,
1318 enum opr_lenmod lmod, int is_signed)
1321 lmod_cast_s(po, lmod) :
1322 lmod_cast_u(po, lmod);
1325 static int lmod_bytes(struct parsed_op *po, enum opr_lenmod lmod)
1337 ferr(po, "%s: invalid lmod: %d\n", __func__, lmod);
1342 static const char *opr_name(struct parsed_op *po, int opr_num)
1344 if (opr_num >= po->operand_cnt)
1345 ferr(po, "opr OOR: %d/%d\n", opr_num, po->operand_cnt);
1346 return po->operand[opr_num].name;
1349 static unsigned int opr_const(struct parsed_op *po, int opr_num)
1351 if (opr_num >= po->operand_cnt)
1352 ferr(po, "opr OOR: %d/%d\n", opr_num, po->operand_cnt);
1353 if (po->operand[opr_num].type != OPT_CONST)
1354 ferr(po, "opr %d: const expected\n", opr_num);
1355 return po->operand[opr_num].val;
1358 static const char *opr_reg_p(struct parsed_op *po, struct parsed_opr *popr)
1360 if ((unsigned int)popr->reg >= ARRAY_SIZE(regs_r32))
1361 ferr(po, "invalid reg: %d\n", popr->reg);
1362 return regs_r32[popr->reg];
1365 // cast1 is the "final" cast
1366 static const char *simplify_cast(const char *cast1, const char *cast2)
1368 static char buf[256];
1374 if (IS(cast1, cast2))
1376 if (IS(cast1, "(s8)") && IS(cast2, "(u8)"))
1378 if (IS(cast1, "(s16)") && IS(cast2, "(u16)"))
1380 if (IS(cast1, "(u8)") && IS_START(cast2, "*(u8 *)"))
1382 if (IS(cast1, "(u16)") && IS_START(cast2, "*(u16 *)"))
1384 if (strchr(cast1, '*') && IS_START(cast2, "(u32)"))
1387 snprintf(buf, sizeof(buf), "%s%s", cast1, cast2);
1391 static const char *simplify_cast_num(const char *cast, unsigned int val)
1393 if (IS(cast, "(u8)") && val < 0x100)
1395 if (IS(cast, "(s8)") && val < 0x80)
1397 if (IS(cast, "(u16)") && val < 0x10000)
1399 if (IS(cast, "(s16)") && val < 0x8000)
1401 if (IS(cast, "(s32)") && val < 0x80000000)
1407 static struct parsed_equ *equ_find(struct parsed_op *po, const char *name,
1416 namelen = strlen(name);
1418 p = strchr(name, '+');
1422 ferr(po, "equ parse failed for '%s'\n", name);
1424 if (IS_START(p, "0x"))
1426 *extra_offs = strtol(p, &endp, 16);
1428 ferr(po, "equ parse failed for '%s'\n", name);
1431 for (i = 0; i < g_eqcnt; i++)
1432 if (strncmp(g_eqs[i].name, name, namelen) == 0
1433 && g_eqs[i].name[namelen] == 0)
1437 ferr(po, "unresolved equ name: '%s'\n", name);
1444 static int is_stack_access(struct parsed_op *po,
1445 const struct parsed_opr *popr)
1447 return (parse_stack_el(popr->name, NULL, 0)
1448 || (g_bp_frame && !(po->flags & OPF_EBP_S)
1449 && IS_START(popr->name, "ebp")));
1452 static void parse_stack_access(struct parsed_op *po,
1453 const char *name, char *ofs_reg, int *offset_out,
1454 int *stack_ra_out, const char **bp_arg_out, int is_lea)
1456 const char *bp_arg = "";
1457 const char *p = NULL;
1458 struct parsed_equ *eq;
1465 if (IS_START(name, "ebp-")
1466 || (IS_START(name, "ebp+") && '0' <= name[4] && name[4] <= '9'))
1469 if (IS_START(p, "0x"))
1471 offset = strtoul(p, &endp, 16);
1475 ferr(po, "ebp- parse of '%s' failed\n", name);
1478 bp_arg = parse_stack_el(name, ofs_reg, 0);
1479 snprintf(g_comment, sizeof(g_comment), "%s", bp_arg);
1480 eq = equ_find(po, bp_arg, &offset);
1482 ferr(po, "detected but missing eq\n");
1483 offset += eq->offset;
1486 if (!strncmp(name, "ebp", 3))
1489 // yes it sometimes LEAs ra for compares..
1490 if (!is_lea && ofs_reg[0] == 0
1491 && stack_ra <= offset && offset < stack_ra + 4)
1493 ferr(po, "reference to ra? %d %d\n", offset, stack_ra);
1496 *offset_out = offset;
1497 *stack_ra_out = stack_ra;
1499 *bp_arg_out = bp_arg;
1502 static int stack_frame_access(struct parsed_op *po,
1503 struct parsed_opr *popr, char *buf, size_t buf_size,
1504 const char *name, const char *cast, int is_src, int is_lea)
1506 enum opr_lenmod tmp_lmod = OPLM_UNSPEC;
1507 const char *prefix = "";
1508 const char *bp_arg = NULL;
1509 char ofs_reg[16] = { 0, };
1510 int i, arg_i, arg_s;
1518 if (po->flags & OPF_EBP_S)
1519 ferr(po, "stack_frame_access while ebp is scratch\n");
1521 parse_stack_access(po, name, ofs_reg, &offset,
1522 &stack_ra, &bp_arg, is_lea);
1524 if (offset > stack_ra)
1526 arg_i = (offset - stack_ra - 4) / 4;
1527 if (arg_i < 0 || arg_i >= g_func_pp->argc_stack)
1529 if (g_func_pp->is_vararg
1530 && arg_i == g_func_pp->argc_stack && is_lea)
1532 // should be va_list
1535 snprintf(buf, buf_size, "%sap", cast);
1538 ferr(po, "offset %d (%s,%d) doesn't map to any arg\n",
1539 offset, bp_arg, arg_i);
1541 if (ofs_reg[0] != 0)
1542 ferr(po, "offset reg on arg access?\n");
1544 for (i = arg_s = 0; i < g_func_pp->argc; i++) {
1545 if (g_func_pp->arg[i].reg != NULL)
1551 if (i == g_func_pp->argc)
1552 ferr(po, "arg %d not in prototype?\n", arg_i);
1554 popr->is_ptr = g_func_pp->arg[i].type.is_ptr;
1561 ferr(po, "lea/byte to arg?\n");
1562 if (is_src && (offset & 3) == 0)
1563 snprintf(buf, buf_size, "%sa%d",
1564 simplify_cast(cast, "(u8)"), i + 1);
1566 snprintf(buf, buf_size, "%sBYTE%d(a%d)",
1567 cast, offset & 3, i + 1);
1572 ferr(po, "lea/word to arg?\n");
1577 ferr(po, "problematic arg store\n");
1578 snprintf(buf, buf_size, "%s((char *)&a%d + 1)",
1579 simplify_cast(cast, "*(u16 *)"), i + 1);
1582 ferr(po, "unaligned arg word load\n");
1584 else if (is_src && (offset & 2) == 0)
1585 snprintf(buf, buf_size, "%sa%d",
1586 simplify_cast(cast, "(u16)"), i + 1);
1588 snprintf(buf, buf_size, "%s%sWORD(a%d)",
1589 cast, (offset & 2) ? "HI" : "LO", i + 1);
1601 snprintf(buf, buf_size, "(u32)&a%d + %d",
1604 ferr(po, "unaligned arg store\n");
1606 // mov edx, [ebp+arg_4+2]; movsx ecx, dx
1607 snprintf(buf, buf_size, "%s(a%d >> %d)",
1608 prefix, i + 1, (offset & 3) * 8);
1612 snprintf(buf, buf_size, "%s%sa%d",
1613 prefix, is_lea ? "&" : "", i + 1);
1618 ferr(po, "bp_arg bad lmod: %d\n", popr->lmod);
1622 snprintf(g_comment, sizeof(g_comment), "%s unaligned", bp_arg);
1625 guess_lmod_from_c_type(&tmp_lmod, &g_func_pp->arg[i].type);
1626 if (tmp_lmod != OPLM_DWORD
1627 && (unaligned || (!is_src && lmod_bytes(po, tmp_lmod)
1628 < lmod_bytes(po, popr->lmod) + (offset & 3))))
1630 ferr(po, "bp_arg arg%d/w offset %d and type '%s' is too small\n",
1631 i + 1, offset, g_func_pp->arg[i].type.name);
1633 // can't check this because msvc likes to reuse
1634 // arg space for scratch..
1635 //if (popr->is_ptr && popr->lmod != OPLM_DWORD)
1636 // ferr(po, "bp_arg arg%d: non-dword ptr access\n", i + 1);
1640 if (g_stack_fsz == 0)
1641 ferr(po, "stack var access without stackframe\n");
1642 g_stack_frame_used = 1;
1644 sf_ofs = g_stack_fsz + offset;
1645 lim = (ofs_reg[0] != 0) ? -4 : 0;
1646 if (offset > 0 || sf_ofs < lim)
1647 ferr(po, "bp_stack offset %d/%d\n", offset, g_stack_fsz);
1657 snprintf(buf, buf_size, "%ssf.b[%d%s%s]",
1658 prefix, sf_ofs, ofs_reg[0] ? "+" : "", ofs_reg);
1662 if ((sf_ofs & 1) || ofs_reg[0] != 0) {
1663 // known unaligned or possibly unaligned
1664 strcat(g_comment, " unaligned");
1666 prefix = "*(u16 *)&";
1667 snprintf(buf, buf_size, "%ssf.b[%d%s%s]",
1668 prefix, sf_ofs, ofs_reg[0] ? "+" : "", ofs_reg);
1671 snprintf(buf, buf_size, "%ssf.w[%d]", prefix, sf_ofs / 2);
1675 if ((sf_ofs & 3) || ofs_reg[0] != 0) {
1676 // known unaligned or possibly unaligned
1677 strcat(g_comment, " unaligned");
1679 prefix = "*(u32 *)&";
1680 snprintf(buf, buf_size, "%ssf.b[%d%s%s]",
1681 prefix, sf_ofs, ofs_reg[0] ? "+" : "", ofs_reg);
1684 snprintf(buf, buf_size, "%ssf.d[%d]", prefix, sf_ofs / 4);
1688 ferr(po, "bp_stack bad lmod: %d\n", popr->lmod);
1695 static void check_func_pp(struct parsed_op *po,
1696 const struct parsed_proto *pp, const char *pfx)
1698 enum opr_lenmod tmp_lmod;
1702 if (pp->argc_reg != 0) {
1703 if (/*!g_allow_regfunc &&*/ !pp->is_fastcall) {
1704 pp_print(buf, sizeof(buf), pp);
1705 ferr(po, "%s: unexpected reg arg in icall: %s\n", pfx, buf);
1707 if (pp->argc_stack > 0 && pp->argc_reg != 2)
1708 ferr(po, "%s: %d reg arg(s) with %d stack arg(s)\n",
1709 pfx, pp->argc_reg, pp->argc_stack);
1712 // fptrs must use 32bit args, callsite might have no information and
1713 // lack a cast to smaller types, which results in incorrectly masked
1714 // args passed (callee may assume masked args, it does on ARM)
1715 if (!pp->is_oslib) {
1716 for (i = 0; i < pp->argc; i++) {
1717 ret = guess_lmod_from_c_type(&tmp_lmod, &pp->arg[i].type);
1718 if (ret && tmp_lmod != OPLM_DWORD)
1719 ferr(po, "reference to %s with arg%d '%s'\n", pp->name,
1720 i + 1, pp->arg[i].type.name);
1725 static const char *check_label_read_ref(struct parsed_op *po,
1728 const struct parsed_proto *pp;
1730 pp = proto_parse(g_fhdr, name, 0);
1732 ferr(po, "proto_parse failed for ref '%s'\n", name);
1735 check_func_pp(po, pp, "ref");
1740 static char *out_src_opr(char *buf, size_t buf_size,
1741 struct parsed_op *po, struct parsed_opr *popr, const char *cast,
1744 char tmp1[256], tmp2[256];
1753 switch (popr->type) {
1756 ferr(po, "lea from reg?\n");
1758 switch (popr->lmod) {
1760 snprintf(buf, buf_size, "%s%s.q", cast, opr_reg_p(po, popr));
1763 snprintf(buf, buf_size, "%s%s", cast, opr_reg_p(po, popr));
1766 snprintf(buf, buf_size, "%s%s",
1767 simplify_cast(cast, "(u16)"), opr_reg_p(po, popr));
1770 if (popr->name[1] == 'h') // XXX..
1771 snprintf(buf, buf_size, "%s(%s >> 8)",
1772 simplify_cast(cast, "(u8)"), opr_reg_p(po, popr));
1774 snprintf(buf, buf_size, "%s%s",
1775 simplify_cast(cast, "(u8)"), opr_reg_p(po, popr));
1778 ferr(po, "invalid src lmod: %d\n", popr->lmod);
1783 if (is_stack_access(po, popr)) {
1784 stack_frame_access(po, popr, buf, buf_size,
1785 popr->name, cast, 1, is_lea);
1789 strcpy(expr, popr->name);
1790 if (strchr(expr, '[')) {
1791 // special case: '[' can only be left for label[reg] form
1792 ret = sscanf(expr, "%[^[][%[^]]]", tmp1, tmp2);
1794 ferr(po, "parse failure for '%s'\n", expr);
1795 if (tmp1[0] == '(') {
1796 // (off_4FFF50+3)[eax]
1797 p = strchr(tmp1 + 1, ')');
1798 if (p == NULL || p[1] != 0)
1799 ferr(po, "parse failure (2) for '%s'\n", expr);
1801 memmove(tmp1, tmp1 + 1, strlen(tmp1));
1803 snprintf(expr, sizeof(expr), "(u32)&%s + %s", tmp1, tmp2);
1806 // XXX: do we need more parsing?
1808 snprintf(buf, buf_size, "%s", expr);
1812 snprintf(buf, buf_size, "%s(%s)",
1813 simplify_cast(cast, lmod_cast_u_ptr(po, popr->lmod)), expr);
1817 name = check_label_read_ref(po, popr->name);
1818 if (cast[0] == 0 && popr->is_ptr)
1822 snprintf(buf, buf_size, "(u32)&%s", name);
1823 else if (popr->size_lt)
1824 snprintf(buf, buf_size, "%s%s%s%s", cast,
1825 lmod_cast_u_ptr(po, popr->lmod),
1826 popr->is_array ? "" : "&", name);
1828 snprintf(buf, buf_size, "%s%s%s", cast, name,
1829 popr->is_array ? "[0]" : "");
1833 name = check_label_read_ref(po, popr->name);
1837 ferr(po, "lea an offset?\n");
1838 snprintf(buf, buf_size, "%s&%s", cast, name);
1843 ferr(po, "lea from const?\n");
1845 printf_number(tmp1, sizeof(tmp1), popr->val);
1846 if (popr->val == 0 && strchr(cast, '*'))
1847 snprintf(buf, buf_size, "NULL");
1849 snprintf(buf, buf_size, "%s%s",
1850 simplify_cast_num(cast, popr->val), tmp1);
1854 ferr(po, "invalid src type: %d\n", popr->type);
1860 // note: may set is_ptr (we find that out late for ebp frame..)
1861 static char *out_dst_opr(char *buf, size_t buf_size,
1862 struct parsed_op *po, struct parsed_opr *popr)
1864 switch (popr->type) {
1866 switch (popr->lmod) {
1868 snprintf(buf, buf_size, "%s.q", opr_reg_p(po, popr));
1871 snprintf(buf, buf_size, "%s", opr_reg_p(po, popr));
1875 snprintf(buf, buf_size, "LOWORD(%s)", opr_reg_p(po, popr));
1879 if (popr->name[1] == 'h') // XXX..
1880 snprintf(buf, buf_size, "BYTE1(%s)", opr_reg_p(po, popr));
1882 snprintf(buf, buf_size, "LOBYTE(%s)", opr_reg_p(po, popr));
1885 ferr(po, "invalid dst lmod: %d\n", popr->lmod);
1890 if (is_stack_access(po, popr)) {
1891 stack_frame_access(po, popr, buf, buf_size,
1892 popr->name, "", 0, 0);
1896 return out_src_opr(buf, buf_size, po, popr, NULL, 0);
1899 if (popr->size_mismatch)
1900 snprintf(buf, buf_size, "%s%s%s",
1901 lmod_cast_u_ptr(po, popr->lmod),
1902 popr->is_array ? "" : "&", popr->name);
1904 snprintf(buf, buf_size, "%s%s", popr->name,
1905 popr->is_array ? "[0]" : "");
1909 ferr(po, "invalid dst type: %d\n", popr->type);
1915 static char *out_src_opr_u32(char *buf, size_t buf_size,
1916 struct parsed_op *po, struct parsed_opr *popr)
1918 return out_src_opr(buf, buf_size, po, popr, NULL, 0);
1921 static void out_test_for_cc(char *buf, size_t buf_size,
1922 struct parsed_op *po, enum parsed_flag_op pfo, int is_inv,
1923 enum opr_lenmod lmod, const char *expr)
1925 const char *cast, *scast;
1927 cast = lmod_cast_u(po, lmod);
1928 scast = lmod_cast_s(po, lmod);
1932 case PFO_BE: // CF=1||ZF=1; CF=0
1933 snprintf(buf, buf_size, "(%s%s %s 0)",
1934 cast, expr, is_inv ? "!=" : "==");
1938 case PFO_L: // SF!=OF; OF=0
1939 snprintf(buf, buf_size, "(%s%s %s 0)",
1940 scast, expr, is_inv ? ">=" : "<");
1943 case PFO_LE: // ZF=1||SF!=OF; OF=0
1944 snprintf(buf, buf_size, "(%s%s %s 0)",
1945 scast, expr, is_inv ? ">" : "<=");
1949 ferr(po, "%s: unhandled parsed_flag_op: %d\n", __func__, pfo);
1953 static void out_cmp_for_cc(char *buf, size_t buf_size,
1954 struct parsed_op *po, enum parsed_flag_op pfo, int is_inv)
1956 const char *cast, *scast, *cast_use;
1957 char buf1[256], buf2[256];
1958 enum opr_lenmod lmod;
1960 if (po->op != OP_DEC && po->operand[0].lmod != po->operand[1].lmod)
1961 ferr(po, "%s: lmod mismatch: %d %d\n", __func__,
1962 po->operand[0].lmod, po->operand[1].lmod);
1963 lmod = po->operand[0].lmod;
1965 cast = lmod_cast_u(po, lmod);
1966 scast = lmod_cast_s(po, lmod);
1982 ferr(po, "%s: unhandled parsed_flag_op: %d\n", __func__, pfo);
1985 out_src_opr(buf1, sizeof(buf1), po, &po->operand[0], cast_use, 0);
1986 if (po->op == OP_DEC)
1987 snprintf(buf2, sizeof(buf2), "1");
1989 out_src_opr(buf2, sizeof(buf2), po, &po->operand[1], cast_use, 0);
1993 // note: must be unsigned compare
1994 snprintf(buf, buf_size, "(%s %s %s)",
1995 buf1, is_inv ? ">=" : "<", buf2);
1999 snprintf(buf, buf_size, "(%s %s %s)",
2000 buf1, is_inv ? "!=" : "==", buf2);
2004 // note: must be unsigned compare
2005 snprintf(buf, buf_size, "(%s %s %s)",
2006 buf1, is_inv ? ">" : "<=", buf2);
2009 if (is_inv && lmod == OPLM_BYTE
2010 && po->operand[1].type == OPT_CONST
2011 && po->operand[1].val == 0xff)
2013 snprintf(g_comment, sizeof(g_comment), "if %s", buf);
2014 snprintf(buf, buf_size, "(0)");
2018 // note: must be signed compare
2020 snprintf(buf, buf_size, "(%s(%s - %s) %s 0)",
2021 scast, buf1, buf2, is_inv ? ">=" : "<");
2025 snprintf(buf, buf_size, "(%s %s %s)",
2026 buf1, is_inv ? ">=" : "<", buf2);
2030 snprintf(buf, buf_size, "(%s %s %s)",
2031 buf1, is_inv ? ">" : "<=", buf2);
2039 static void out_cmp_test(char *buf, size_t buf_size,
2040 struct parsed_op *po, enum parsed_flag_op pfo, int is_inv)
2042 char buf1[256], buf2[256], buf3[256];
2044 if (po->op == OP_TEST) {
2045 if (IS(opr_name(po, 0), opr_name(po, 1))) {
2046 out_src_opr_u32(buf3, sizeof(buf3), po, &po->operand[0]);
2049 out_src_opr_u32(buf1, sizeof(buf1), po, &po->operand[0]);
2050 out_src_opr_u32(buf2, sizeof(buf2), po, &po->operand[1]);
2051 snprintf(buf3, sizeof(buf3), "(%s & %s)", buf1, buf2);
2053 out_test_for_cc(buf, buf_size, po, pfo, is_inv,
2054 po->operand[0].lmod, buf3);
2056 else if (po->op == OP_CMP) {
2057 out_cmp_for_cc(buf, buf_size, po, pfo, is_inv);
2060 ferr(po, "%s: unhandled op: %d\n", __func__, po->op);
2063 static void propagate_lmod(struct parsed_op *po, struct parsed_opr *popr1,
2064 struct parsed_opr *popr2)
2066 if (popr1->lmod == OPLM_UNSPEC && popr2->lmod == OPLM_UNSPEC)
2067 ferr(po, "missing lmod for both operands\n");
2069 if (popr1->lmod == OPLM_UNSPEC)
2070 popr1->lmod = popr2->lmod;
2071 else if (popr2->lmod == OPLM_UNSPEC)
2072 popr2->lmod = popr1->lmod;
2073 else if (popr1->lmod != popr2->lmod) {
2074 if (popr1->type_from_var) {
2075 popr1->size_mismatch = 1;
2076 if (popr1->lmod < popr2->lmod)
2078 popr1->lmod = popr2->lmod;
2080 else if (popr2->type_from_var) {
2081 popr2->size_mismatch = 1;
2082 if (popr2->lmod < popr1->lmod)
2084 popr2->lmod = popr1->lmod;
2087 ferr(po, "conflicting lmods: %d vs %d\n",
2088 popr1->lmod, popr2->lmod);
2092 static const char *op_to_c(struct parsed_op *po)
2116 ferr(po, "op_to_c was supplied with %d\n", po->op);
2120 static void op_set_clear_flag(struct parsed_op *po,
2121 enum op_flags flag_set, enum op_flags flag_clear)
2123 po->flags |= flag_set;
2124 po->flags &= ~flag_clear;
2127 // last op in stream - unconditional branch or ret
2128 #define LAST_OP(_i) ((ops[_i].flags & OPF_TAIL) \
2129 || ((ops[_i].flags & (OPF_JMP|OPF_CJMP|OPF_RMD)) == OPF_JMP \
2130 && ops[_i].op != OP_CALL))
2132 static int scan_for_pop(int i, int opcnt, const char *reg,
2133 int magic, int depth, int *maxdepth, int do_flags)
2135 const struct parsed_proto *pp;
2136 struct parsed_op *po;
2140 for (; i < opcnt; i++) {
2142 if (po->cc_scratch == magic)
2143 break; // already checked
2144 po->cc_scratch = magic;
2146 if (po->flags & OPF_TAIL) {
2147 if (po->op == OP_CALL) {
2148 pp = proto_parse(g_fhdr, po->operand[0].name, g_quiet_pp);
2149 if (pp != NULL && pp->is_noreturn)
2150 // no stack cleanup for noreturn
2153 return -1; // deadend
2156 if ((po->flags & OPF_RMD)
2157 || (po->op == OP_PUSH && po->p_argnum != 0)) // arg push
2160 if ((po->flags & OPF_JMP) && po->op != OP_CALL) {
2161 if (po->btj != NULL) {
2163 for (j = 0; j < po->btj->count; j++) {
2164 ret |= scan_for_pop(po->btj->d[j].bt_i, opcnt, reg, magic,
2165 depth, maxdepth, do_flags);
2167 return ret; // dead end
2173 ferr(po, "dead branch\n");
2177 if (po->flags & OPF_CJMP) {
2178 ret |= scan_for_pop(po->bt_i, opcnt, reg, magic,
2179 depth, maxdepth, do_flags);
2181 return ret; // dead end
2189 if ((po->op == OP_POP || po->op == OP_PUSH)
2190 && po->operand[0].type == OPT_REG
2191 && IS(po->operand[0].name, reg))
2193 if (po->op == OP_PUSH && !(po->flags & OPF_FARG)) {
2195 if (depth > *maxdepth)
2198 op_set_clear_flag(po, OPF_RSAVE, OPF_RMD);
2200 else if (po->op == OP_POP) {
2203 op_set_clear_flag(po, OPF_RMD, OPF_RSAVE);
2208 if (depth < 0) // should not happen
2209 ferr(po, "fail with depth\n");
2211 op_set_clear_flag(po, OPF_RSAVE, OPF_RMD);
2220 // scan for pop starting from 'ret' op (all paths)
2221 static int scan_for_pop_ret(int i, int opcnt, const char *reg,
2227 for (; i < opcnt; i++) {
2228 if (!(ops[i].flags & OPF_TAIL))
2231 for (j = i - 1; j >= 0; j--) {
2232 if (ops[j].flags & OPF_RMD)
2234 if (ops[j].flags & OPF_JMP)
2237 if (ops[j].op == OP_POP && ops[j].operand[0].type == OPT_REG
2238 && IS(ops[j].operand[0].name, reg))
2241 ops[j].flags |= flag_set;
2245 if (g_labels[j] != NULL)
2250 return found ? 0 : -1;
2253 static void scan_propagate_df(int i, int opcnt)
2255 struct parsed_op *po = &ops[i];
2258 for (; i < opcnt; i++) {
2260 if (po->flags & OPF_DF)
2261 return; // already resolved
2262 po->flags |= OPF_DF;
2264 if (po->op == OP_CALL)
2265 ferr(po, "call with DF set?\n");
2267 if (po->flags & OPF_JMP) {
2268 if (po->btj != NULL) {
2270 for (j = 0; j < po->btj->count; j++)
2271 scan_propagate_df(po->btj->d[j].bt_i, opcnt);
2276 ferr(po, "dead branch\n");
2280 if (po->flags & OPF_CJMP)
2281 scan_propagate_df(po->bt_i, opcnt);
2287 if (po->flags & OPF_TAIL)
2290 if (po->op == OP_CLD) {
2291 po->flags |= OPF_RMD;
2296 ferr(po, "missing DF clear?\n");
2299 // is operand 'opr' modified by parsed_op 'po'?
2300 static int is_opr_modified(const struct parsed_opr *opr,
2301 const struct parsed_op *po)
2305 if ((po->flags & OPF_RMD) || !(po->flags & OPF_DATA))
2308 if (opr->type == OPT_REG) {
2309 if (po->op == OP_CALL) {
2310 mask = (1 << xAX) | (1 << xCX) | (1 << xDX);
2311 if ((1 << opr->reg) & mask)
2317 if (po->operand[0].type == OPT_REG) {
2318 if (po->regmask_dst & (1 << opr->reg))
2325 return IS(po->operand[0].name, opr->name);
2328 // is any operand of parsed_op 'po_test' modified by parsed_op 'po'?
2329 static int is_any_opr_modified(const struct parsed_op *po_test,
2330 const struct parsed_op *po, int c_mode)
2335 if ((po->flags & OPF_RMD) || !(po->flags & OPF_DATA))
2338 if (po_test->operand_cnt == 1 && po_test->operand[0].type == OPT_CONST)
2341 if ((po_test->regmask_src | po_test->regmask_dst) & po->regmask_dst)
2344 // in reality, it can wreck any register, but in decompiled C
2345 // version it can only overwrite eax or edx:eax
2346 mask = (1 << xAX) | (1 << xDX);
2350 if (po->op == OP_CALL
2351 && ((po_test->regmask_src | po_test->regmask_dst) & mask))
2354 for (i = 0; i < po_test->operand_cnt; i++)
2355 if (IS(po_test->operand[i].name, po->operand[0].name))
2361 // scan for any po_test operand modification in range given
2362 static int scan_for_mod(struct parsed_op *po_test, int i, int opcnt,
2365 if (po_test->operand_cnt == 1 && po_test->operand[0].type == OPT_CONST)
2368 for (; i < opcnt; i++) {
2369 if (is_any_opr_modified(po_test, &ops[i], c_mode))
2376 // scan for po_test operand[0] modification in range given
2377 static int scan_for_mod_opr0(struct parsed_op *po_test,
2380 for (; i < opcnt; i++) {
2381 if (is_opr_modified(&po_test->operand[0], &ops[i]))
2388 #define check_i(po, i) \
2390 ferr(po, "bad " #i ": %d\n", i)
2392 static int scan_for_flag_set(int i, int magic, int *branched,
2393 int *setters, int *setter_cnt)
2395 struct label_ref *lr;
2399 if (ops[i].cc_scratch == magic) {
2400 ferr(&ops[i], "%s looped\n", __func__);
2403 ops[i].cc_scratch = magic;
2405 if (g_labels[i] != NULL) {
2408 lr = &g_label_refs[i];
2409 for (; lr->next; lr = lr->next) {
2410 check_i(&ops[i], lr->i);
2411 ret = scan_for_flag_set(lr->i, magic,
2412 branched, setters, setter_cnt);
2417 check_i(&ops[i], lr->i);
2418 if (i > 0 && LAST_OP(i - 1)) {
2422 ret = scan_for_flag_set(lr->i, magic,
2423 branched, setters, setter_cnt);
2429 if (ops[i].flags & OPF_FLAGS) {
2430 setters[*setter_cnt] = i;
2435 if ((ops[i].flags & (OPF_JMP|OPF_CJMP)) == OPF_JMP)
2442 // scan back for cdq, if anything modifies edx, fail
2443 static int scan_for_cdq_edx(int i)
2446 if (g_labels[i] != NULL) {
2447 if (g_label_refs[i].next != NULL)
2449 if (i > 0 && LAST_OP(i - 1)) {
2450 i = g_label_refs[i].i;
2457 if (ops[i].op == OP_CDQ)
2460 if (ops[i].regmask_dst & (1 << xDX))
2467 static int scan_for_reg_clear(int i, int reg)
2470 if (g_labels[i] != NULL) {
2471 if (g_label_refs[i].next != NULL)
2473 if (i > 0 && LAST_OP(i - 1)) {
2474 i = g_label_refs[i].i;
2481 if (ops[i].op == OP_XOR
2482 && ops[i].operand[0].lmod == OPLM_DWORD
2483 && ops[i].operand[0].reg == ops[i].operand[1].reg
2484 && ops[i].operand[0].reg == reg)
2487 if (ops[i].regmask_dst & (1 << reg))
2494 // scan for positive, constant esp adjust
2495 static int scan_for_esp_adjust(int i, int opcnt, int *adj,
2498 struct parsed_op *po;
2501 *adj = *multipath = 0;
2503 for (; i < opcnt; i++) {
2506 if (g_labels[i] != NULL)
2509 if (po->op == OP_ADD && po->operand[0].reg == xSP) {
2510 if (po->operand[1].type != OPT_CONST)
2511 ferr(&ops[i], "non-const esp adjust?\n");
2512 *adj += po->operand[1].val;
2514 ferr(&ops[i], "unaligned esp adjust: %x\n", *adj);
2517 else if (po->op == OP_PUSH && !(po->flags & OPF_RMD)) {
2518 //if (first_pop == -1)
2519 // first_pop = -2; // none
2520 *adj -= lmod_bytes(po, po->operand[0].lmod);
2522 else if (po->op == OP_POP && !(po->flags & OPF_RMD)) {
2523 // seems like msvc only uses 'pop ecx' for stack realignment..
2524 if (po->operand[0].type != OPT_REG || po->operand[0].reg != xCX)
2526 if (first_pop == -1 && *adj >= 0)
2528 *adj += lmod_bytes(po, po->operand[0].lmod);
2530 else if (po->flags & (OPF_JMP|OPF_TAIL)) {
2531 if (po->op == OP_JMP && po->btj == NULL) {
2535 if (po->op != OP_CALL)
2537 if (po->operand[0].type != OPT_LABEL)
2539 if (po->pp != NULL && po->pp->is_stdcall)
2544 if (first_pop >= 0) {
2545 // probably 'pop ecx' was used..
2552 static void scan_fwd_set_flags(int i, int opcnt, int magic, int flags)
2554 struct parsed_op *po;
2558 ferr(ops, "%s: followed bad branch?\n", __func__);
2560 for (; i < opcnt; i++) {
2562 if (po->cc_scratch == magic)
2564 po->cc_scratch = magic;
2567 if ((po->flags & OPF_JMP) && po->op != OP_CALL) {
2568 if (po->btj != NULL) {
2570 for (j = 0; j < po->btj->count; j++)
2571 scan_fwd_set_flags(po->btj->d[j].bt_i, opcnt, magic, flags);
2575 scan_fwd_set_flags(po->bt_i, opcnt, magic, flags);
2576 if (!(po->flags & OPF_CJMP))
2579 if (po->flags & OPF_TAIL)
2584 static const struct parsed_proto *try_recover_pp(
2585 struct parsed_op *po, const struct parsed_opr *opr, int *search_instead)
2587 const struct parsed_proto *pp = NULL;
2591 // maybe an arg of g_func?
2592 if (opr->type == OPT_REGMEM && is_stack_access(po, opr))
2594 char ofs_reg[16] = { 0, };
2595 int arg, arg_s, arg_i;
2599 parse_stack_access(po, opr->name, ofs_reg,
2600 &offset, &stack_ra, NULL, 0);
2601 if (ofs_reg[0] != 0)
2602 ferr(po, "offset reg on arg access?\n");
2603 if (offset <= stack_ra) {
2604 // search who set the stack var instead
2605 if (search_instead != NULL)
2606 *search_instead = 1;
2610 arg_i = (offset - stack_ra - 4) / 4;
2611 for (arg = arg_s = 0; arg < g_func_pp->argc; arg++) {
2612 if (g_func_pp->arg[arg].reg != NULL)
2618 if (arg == g_func_pp->argc)
2619 ferr(po, "stack arg %d not in prototype?\n", arg_i);
2621 pp = g_func_pp->arg[arg].fptr;
2623 ferr(po, "icall sa: arg%d is not a fptr?\n", arg + 1);
2624 check_func_pp(po, pp, "icall arg");
2626 else if (opr->type == OPT_REGMEM && strchr(opr->name + 1, '[')) {
2628 p = strchr(opr->name + 1, '[');
2629 memcpy(buf, opr->name, p - opr->name);
2630 buf[p - opr->name] = 0;
2631 pp = proto_parse(g_fhdr, buf, g_quiet_pp);
2633 else if (opr->type == OPT_OFFSET || opr->type == OPT_LABEL) {
2634 pp = proto_parse(g_fhdr, opr->name, 0);
2636 ferr(po, "proto_parse failed for icall from '%s'\n", opr->name);
2637 check_func_pp(po, pp, "reg-fptr ref");
2643 static void scan_for_call_type(int i, const struct parsed_opr *opr,
2644 int magic, const struct parsed_proto **pp_found, int *multi)
2646 const struct parsed_proto *pp = NULL;
2647 struct parsed_op *po;
2648 struct label_ref *lr;
2650 ops[i].cc_scratch = magic;
2653 if (g_labels[i] != NULL) {
2654 lr = &g_label_refs[i];
2655 for (; lr != NULL; lr = lr->next) {
2656 check_i(&ops[i], lr->i);
2657 scan_for_call_type(lr->i, opr, magic, pp_found, multi);
2659 if (i > 0 && LAST_OP(i - 1))
2667 if (ops[i].cc_scratch == magic)
2669 ops[i].cc_scratch = magic;
2671 if (!(ops[i].flags & OPF_DATA))
2673 if (!is_opr_modified(opr, &ops[i]))
2675 if (ops[i].op != OP_MOV && ops[i].op != OP_LEA) {
2676 // most probably trashed by some processing
2681 opr = &ops[i].operand[1];
2682 if (opr->type != OPT_REG)
2686 po = (i >= 0) ? &ops[i] : ops;
2689 // reached the top - can only be an arg-reg
2690 if (opr->type != OPT_REG)
2693 for (i = 0; i < g_func_pp->argc; i++) {
2694 if (g_func_pp->arg[i].reg == NULL)
2696 if (IS(opr->name, g_func_pp->arg[i].reg))
2699 if (i == g_func_pp->argc)
2701 pp = g_func_pp->arg[i].fptr;
2703 ferr(po, "icall: arg%d (%s) is not a fptr?\n",
2704 i + 1, g_func_pp->arg[i].reg);
2705 check_func_pp(po, pp, "icall reg-arg");
2708 pp = try_recover_pp(po, opr, NULL);
2710 if (*pp_found != NULL && pp != NULL && *pp_found != pp) {
2711 if (!IS((*pp_found)->ret_type.name, pp->ret_type.name)
2712 || (*pp_found)->is_stdcall != pp->is_stdcall
2713 || (*pp_found)->is_fptr != pp->is_fptr
2714 || (*pp_found)->argc != pp->argc
2715 || (*pp_found)->argc_reg != pp->argc_reg
2716 || (*pp_found)->argc_stack != pp->argc_stack)
2718 ferr(po, "icall: parsed_proto mismatch\n");
2726 static const struct parsed_proto *resolve_icall(int i, int opcnt,
2729 const struct parsed_proto *pp = NULL;
2730 int search_advice = 0;
2734 switch (ops[i].operand[0].type) {
2738 pp = try_recover_pp(&ops[i], &ops[i].operand[0], &search_advice);
2743 scan_for_call_type(i, &ops[i].operand[0], i + opcnt * 9, &pp,
2751 // find an instruction that changed opr before i op
2752 // *op_i must be set to -1 by caller
2753 // *entry is set to 1 if one source is determined to be the caller
2754 // returns 1 if found, *op_i is then set to origin
2755 static int resolve_origin(int i, const struct parsed_opr *opr,
2756 int magic, int *op_i, int *is_caller)
2758 struct label_ref *lr;
2761 if (ops[i].cc_scratch == magic)
2763 ops[i].cc_scratch = magic;
2766 if (g_labels[i] != NULL) {
2767 lr = &g_label_refs[i];
2768 for (; lr != NULL; lr = lr->next) {
2769 check_i(&ops[i], lr->i);
2770 ret |= resolve_origin(lr->i, opr, magic, op_i, is_caller);
2772 if (i > 0 && LAST_OP(i - 1))
2778 if (is_caller != NULL)
2783 if (ops[i].cc_scratch == magic)
2785 ops[i].cc_scratch = magic;
2787 if (!(ops[i].flags & OPF_DATA))
2789 if (!is_opr_modified(opr, &ops[i]))
2795 // XXX: could check if the other op does the same
2804 static int try_resolve_const(int i, const struct parsed_opr *opr,
2805 int magic, unsigned int *val)
2810 ret = resolve_origin(i, opr, magic, &s_i, NULL);
2813 if (ops[i].op != OP_MOV && ops[i].operand[1].type != OPT_CONST)
2816 *val = ops[i].operand[1].val;
2823 static int collect_call_args_r(struct parsed_op *po, int i,
2824 struct parsed_proto *pp, int *regmask, int *save_arg_vars,
2825 int *arg_grp, int arg, int magic, int need_op_saving, int may_reuse)
2827 struct parsed_proto *pp_tmp;
2828 struct parsed_op *po_tmp;
2829 struct label_ref *lr;
2830 int need_to_save_current;
2831 int arg_grp_current = 0;
2832 int save_args_seen = 0;
2840 ferr(po, "dead label encountered\n");
2844 for (; arg < pp->argc; arg++)
2845 if (pp->arg[arg].reg == NULL)
2847 magic = (magic & 0xffffff) | (arg << 24);
2849 for (j = i; j >= 0 && (arg < pp->argc || pp->is_unresolved); )
2851 if (((ops[j].cc_scratch ^ magic) & 0xffffff) == 0) {
2852 if (ops[j].cc_scratch != magic) {
2853 ferr(&ops[j], "arg collect hit same path with diff args for %s\n",
2857 // ok: have already been here
2860 ops[j].cc_scratch = magic;
2862 if (g_labels[j] != NULL && g_label_refs[j].i != -1) {
2863 lr = &g_label_refs[j];
2864 if (lr->next != NULL)
2866 for (; lr->next; lr = lr->next) {
2867 check_i(&ops[j], lr->i);
2868 if ((ops[lr->i].flags & (OPF_JMP|OPF_CJMP)) != OPF_JMP)
2870 ret = collect_call_args_r(po, lr->i, pp, regmask, save_arg_vars,
2871 arg_grp, arg, magic, need_op_saving, may_reuse);
2876 check_i(&ops[j], lr->i);
2877 if ((ops[lr->i].flags & (OPF_JMP|OPF_CJMP)) != OPF_JMP)
2879 if (j > 0 && LAST_OP(j - 1)) {
2880 // follow last branch in reverse
2885 ret = collect_call_args_r(po, lr->i, pp, regmask, save_arg_vars,
2886 arg_grp, arg, magic, need_op_saving, may_reuse);
2892 if (ops[j].op == OP_CALL)
2894 if (pp->is_unresolved)
2899 ferr(po, "arg collect hit unparsed call '%s'\n",
2900 ops[j].operand[0].name);
2901 if (may_reuse && pp_tmp->argc_stack > 0)
2902 ferr(po, "arg collect %d/%d hit '%s' with %d stack args\n",
2903 arg, pp->argc, opr_name(&ops[j], 0), pp_tmp->argc_stack);
2905 // esp adjust of 0 means we collected it before
2906 else if (ops[j].op == OP_ADD && ops[j].operand[0].reg == xSP
2907 && (ops[j].operand[1].type != OPT_CONST
2908 || ops[j].operand[1].val != 0))
2910 if (pp->is_unresolved)
2913 ferr(po, "arg collect %d/%d hit esp adjust of %d\n",
2914 arg, pp->argc, ops[j].operand[1].val);
2916 else if (ops[j].op == OP_POP) {
2917 if (pp->is_unresolved)
2920 ferr(po, "arg collect %d/%d hit pop\n", arg, pp->argc);
2922 else if (ops[j].flags & OPF_CJMP)
2924 if (pp->is_unresolved)
2929 else if (ops[j].op == OP_PUSH && !(ops[j].flags & OPF_FARG))
2931 if (pp->is_unresolved && (ops[j].flags & OPF_RMD))
2934 ops[j].p_argnext = -1;
2935 po_tmp = pp->arg[arg].datap;
2937 ops[j].p_argnext = po_tmp - ops;
2938 pp->arg[arg].datap = &ops[j];
2940 need_to_save_current = 0;
2943 if (ops[j].operand[0].type == OPT_REG)
2944 reg = ops[j].operand[0].reg;
2946 if (!need_op_saving) {
2947 ret = scan_for_mod(&ops[j], j + 1, i, 1);
2948 need_to_save_current = (ret >= 0);
2950 if (need_op_saving || need_to_save_current) {
2951 // mark this push as one that needs operand saving
2952 ops[j].flags &= ~OPF_RMD;
2953 if (ops[j].p_argnum == 0) {
2954 ops[j].p_argnum = arg + 1;
2955 save_args |= 1 << arg;
2957 else if (ops[j].p_argnum < arg + 1) {
2958 // XXX: might kill valid var..
2959 //*save_arg_vars &= ~(1 << (ops[j].p_argnum - 1));
2960 ops[j].p_argnum = arg + 1;
2961 save_args |= 1 << arg;
2964 if (save_args_seen & (1 << (ops[j].p_argnum - 1))) {
2967 if (arg_grp_current >= MAX_ARG_GRP)
2968 ferr(&ops[j], "out of arg groups (arg%d), f %s\n",
2969 ops[j].p_argnum, pp->name);
2972 else if (ops[j].p_argnum == 0)
2973 ops[j].flags |= OPF_RMD;
2975 // some PUSHes are reused by different calls on other branches,
2976 // but that can't happen if we didn't branch, so they
2977 // can be removed from future searches (handles nested calls)
2979 ops[j].flags |= OPF_FARG;
2981 ops[j].flags &= ~OPF_RSAVE;
2983 // check for __VALIST
2984 if (!pp->is_unresolved && pp->arg[arg].type.is_va_list) {
2986 ret = resolve_origin(j, &ops[j].operand[0],
2987 magic + 1, &k, NULL);
2988 if (ret == 1 && k >= 0)
2990 if (ops[k].op == OP_LEA) {
2991 snprintf(buf, sizeof(buf), "arg_%X",
2992 g_func_pp->argc_stack * 4);
2993 if (!g_func_pp->is_vararg
2994 || strstr(ops[k].operand[1].name, buf))
2996 ops[k].flags |= OPF_RMD;
2997 ops[j].flags |= OPF_RMD | OPF_VAPUSH;
2998 save_args &= ~(1 << arg);
3002 ferr(&ops[j], "lea va_list used, but no vararg?\n");
3004 // check for va_list from g_func_pp arg too
3005 else if (ops[k].op == OP_MOV
3006 && is_stack_access(&ops[k], &ops[k].operand[1]))
3008 ret = stack_frame_access(&ops[k], &ops[k].operand[1],
3009 buf, sizeof(buf), ops[k].operand[1].name, "", 1, 0);
3011 ops[k].flags |= OPF_RMD;
3012 ops[j].flags |= OPF_RMD;
3013 ops[j].p_argpass = ret + 1;
3014 save_args &= ~(1 << arg);
3021 *save_arg_vars |= save_args;
3023 // tracking reg usage
3025 *regmask |= 1 << reg;
3028 if (!pp->is_unresolved) {
3030 for (; arg < pp->argc; arg++)
3031 if (pp->arg[arg].reg == NULL)
3034 magic = (magic & 0xffffff) | (arg << 24);
3037 if (ops[j].p_arggrp > arg_grp_current) {
3039 arg_grp_current = ops[j].p_arggrp;
3041 if (ops[j].p_argnum > 0)
3042 save_args_seen |= 1 << (ops[j].p_argnum - 1);
3045 if (arg < pp->argc) {
3046 ferr(po, "arg collect failed for '%s': %d/%d\n",
3047 pp->name, arg, pp->argc);
3051 if (arg_grp_current > *arg_grp)
3052 *arg_grp = arg_grp_current;
3057 static int collect_call_args(struct parsed_op *po, int i,
3058 struct parsed_proto *pp, int *regmask, int *save_arg_vars,
3061 // arg group is for cases when pushes for
3062 // multiple funcs are going on
3063 struct parsed_op *po_tmp;
3064 int save_arg_vars_current = 0;
3069 ret = collect_call_args_r(po, i, pp, regmask,
3070 &save_arg_vars_current, &arg_grp, 0, magic, 0, 0);
3075 // propagate arg_grp
3076 for (a = 0; a < pp->argc; a++) {
3077 if (pp->arg[a].reg != NULL)
3080 po_tmp = pp->arg[a].datap;
3081 while (po_tmp != NULL) {
3082 po_tmp->p_arggrp = arg_grp;
3083 if (po_tmp->p_argnext > 0)
3084 po_tmp = &ops[po_tmp->p_argnext];
3090 save_arg_vars[arg_grp] |= save_arg_vars_current;
3092 if (pp->is_unresolved) {
3094 pp->argc_stack += ret;
3095 for (a = 0; a < pp->argc; a++)
3096 if (pp->arg[a].type.name == NULL)
3097 pp->arg[a].type.name = strdup("int");
3103 // early check for tail call or branch back
3104 static int is_like_tailjmp(int j)
3106 if (!(ops[j].flags & OPF_JMP))
3109 if (ops[j].op == OP_JMP && !ops[j].operand[0].had_ds)
3110 // probably local branch back..
3112 if (ops[j].op == OP_CALL)
3113 // probably noreturn call..
3119 static void pp_insert_reg_arg(struct parsed_proto *pp, const char *reg)
3123 for (i = 0; i < pp->argc; i++)
3124 if (pp->arg[i].reg == NULL)
3128 memmove(&pp->arg[i + 1], &pp->arg[i],
3129 sizeof(pp->arg[0]) * pp->argc_stack);
3130 memset(&pp->arg[i], 0, sizeof(pp->arg[i]));
3131 pp->arg[i].reg = strdup(reg);
3132 pp->arg[i].type.name = strdup("int");
3137 static void add_label_ref(struct label_ref *lr, int op_i)
3139 struct label_ref *lr_new;
3146 lr_new = calloc(1, sizeof(*lr_new));
3148 lr_new->next = lr->next;
3152 static struct parsed_data *try_resolve_jumptab(int i, int opcnt)
3154 struct parsed_op *po = &ops[i];
3155 struct parsed_data *pd;
3156 char label[NAMELEN], *p;
3159 p = strchr(po->operand[0].name, '[');
3163 len = p - po->operand[0].name;
3164 strncpy(label, po->operand[0].name, len);
3167 for (j = 0, pd = NULL; j < g_func_pd_cnt; j++) {
3168 if (IS(g_func_pd[j].label, label)) {
3174 //ferr(po, "label '%s' not parsed?\n", label);
3177 if (pd->type != OPT_OFFSET)
3178 ferr(po, "label '%s' with non-offset data?\n", label);
3180 // find all labels, link
3181 for (j = 0; j < pd->count; j++) {
3182 for (l = 0; l < opcnt; l++) {
3183 if (g_labels[l] != NULL && IS(g_labels[l], pd->d[j].u.label)) {
3184 add_label_ref(&g_label_refs[l], i);
3194 static void clear_labels(int count)
3198 for (i = 0; i < count; i++) {
3199 if (g_labels[i] != NULL) {
3206 static void output_std_flags(FILE *fout, struct parsed_op *po,
3207 int *pfomask, const char *dst_opr_text)
3209 if (*pfomask & (1 << PFO_Z)) {
3210 fprintf(fout, "\n cond_z = (%s%s == 0);",
3211 lmod_cast_u(po, po->operand[0].lmod), dst_opr_text);
3212 *pfomask &= ~(1 << PFO_Z);
3214 if (*pfomask & (1 << PFO_S)) {
3215 fprintf(fout, "\n cond_s = (%s%s < 0);",
3216 lmod_cast_s(po, po->operand[0].lmod), dst_opr_text);
3217 *pfomask &= ~(1 << PFO_S);
3221 static void output_pp_attrs(FILE *fout, const struct parsed_proto *pp,
3224 if (pp->is_fastcall)
3225 fprintf(fout, "__fastcall ");
3226 else if (pp->is_stdcall && pp->argc_reg == 0)
3227 fprintf(fout, "__stdcall ");
3228 if (pp->is_noreturn || is_noreturn)
3229 fprintf(fout, "noreturn ");
3232 static char *saved_arg_name(char *buf, size_t buf_size, int grp, int num)
3238 snprintf(buf1, sizeof(buf1), "%d", grp);
3239 snprintf(buf, buf_size, "s%s_a%d", buf1, num);
3244 static void gen_func(FILE *fout, FILE *fhdr, const char *funcn, int opcnt)
3246 struct parsed_op *po, *delayed_flag_op = NULL, *tmp_op;
3247 struct parsed_opr *last_arith_dst = NULL;
3248 char buf1[256], buf2[256], buf3[256], cast[64];
3249 const struct parsed_proto *pp_c;
3250 struct parsed_proto *pp, *pp_tmp;
3251 struct parsed_data *pd;
3252 const char *tmpname;
3254 int save_arg_vars[MAX_ARG_GRP] = { 0, };
3256 int need_tmp_var = 0;
3259 int label_pending = 0;
3260 int regmask_save = 0;
3261 int regmask_arg = 0;
3262 int regmask_now = 0;
3263 int regmask_init = 0;
3274 g_bp_frame = g_sp_frame = g_stack_fsz = 0;
3275 g_stack_frame_used = 0;
3277 g_func_pp = proto_parse(fhdr, funcn, 0);
3278 if (g_func_pp == NULL)
3279 ferr(ops, "proto_parse failed for '%s'\n", funcn);
3281 for (i = 0; i < g_func_pp->argc; i++) {
3282 if (g_func_pp->arg[i].reg != NULL) {
3283 reg = char_array_i(regs_r32,
3284 ARRAY_SIZE(regs_r32), g_func_pp->arg[i].reg);
3286 ferr(ops, "arg '%s' is not a reg?\n", g_func_pp->arg[i].reg);
3287 regmask_arg |= 1 << reg;
3292 // - handle ebp/esp frame, remove ops related to it
3293 if (ops[0].op == OP_PUSH && IS(opr_name(&ops[0], 0), "ebp")
3294 && ops[1].op == OP_MOV
3295 && IS(opr_name(&ops[1], 0), "ebp")
3296 && IS(opr_name(&ops[1], 1), "esp"))
3301 ops[0].flags |= OPF_RMD;
3302 ops[1].flags |= OPF_RMD;
3305 if (ops[2].op == OP_SUB && IS(opr_name(&ops[2], 0), "esp")) {
3306 g_stack_fsz = opr_const(&ops[2], 1);
3307 ops[2].flags |= OPF_RMD;
3311 // another way msvc builds stack frame..
3313 while (ops[i].op == OP_PUSH && IS(opr_name(&ops[i], 0), "ecx")) {
3315 ops[i].flags |= OPF_RMD;
3319 // and another way..
3320 if (i == 2 && ops[i].op == OP_MOV && ops[i].operand[0].reg == xAX
3321 && ops[i].operand[1].type == OPT_CONST
3322 && ops[i + 1].op == OP_CALL
3323 && IS(opr_name(&ops[i + 1], 0), "__alloca_probe"))
3325 g_stack_fsz += ops[i].operand[1].val;
3326 ops[i].flags |= OPF_RMD;
3328 ops[i].flags |= OPF_RMD;
3335 for (; i < opcnt; i++)
3336 if (ops[i].op == OP_RET)
3339 if (i == opcnt && (ops[j].flags & OPF_JMP)) {
3340 if (found && is_like_tailjmp(j))
3345 if ((ops[j].op == OP_POP && IS(opr_name(&ops[j], 0), "ebp"))
3346 || ops[j].op == OP_LEAVE)
3348 ops[j].flags |= OPF_RMD;
3350 else if (!(g_ida_func_attr & IDAFA_NORETURN))
3351 ferr(&ops[j], "'pop ebp' expected\n");
3353 if (g_stack_fsz != 0) {
3354 if (ops[j - 1].op == OP_MOV
3355 && IS(opr_name(&ops[j - 1], 0), "esp")
3356 && IS(opr_name(&ops[j - 1], 1), "ebp"))
3358 ops[j - 1].flags |= OPF_RMD;
3360 else if (ops[j].op != OP_LEAVE
3361 && !(g_ida_func_attr & IDAFA_NORETURN))
3363 ferr(&ops[j - 1], "esp restore expected\n");
3366 if (ecx_push && ops[j - 2].op == OP_POP
3367 && IS(opr_name(&ops[j - 2], 0), "ecx"))
3369 ferr(&ops[j - 2], "unexpected ecx pop\n");
3375 } while (i < opcnt);
3378 int ecx_push = 0, esp_sub = 0;
3381 while (ops[i].op == OP_PUSH && IS(opr_name(&ops[i], 0), "ecx")) {
3382 ops[i].flags |= OPF_RMD;
3388 for (; i < opcnt; i++) {
3389 if (ops[i].op == OP_PUSH || (ops[i].flags & (OPF_JMP|OPF_TAIL)))
3391 if (ops[i].op == OP_SUB && ops[i].operand[0].reg == xSP
3392 && ops[i].operand[1].type == OPT_CONST)
3394 g_stack_fsz = ops[i].operand[1].val;
3395 ops[i].flags |= OPF_RMD;
3402 if (ecx_push || esp_sub)
3408 for (; i < opcnt; i++)
3409 if (ops[i].op == OP_RET)
3412 if (i == opcnt && (ops[j].flags & OPF_JMP)) {
3413 if (found && is_like_tailjmp(j))
3419 for (l = 0; l < ecx_push; l++) {
3420 if (ops[j].op != OP_POP
3421 || !IS(opr_name(&ops[j], 0), "ecx"))
3423 ferr(&ops[j], "'pop ecx' expected\n");
3425 ops[j].flags |= OPF_RMD;
3433 if (ops[j].op != OP_ADD
3434 || !IS(opr_name(&ops[j], 0), "esp")
3435 || ops[j].operand[1].type != OPT_CONST
3436 || ops[j].operand[1].val != g_stack_fsz)
3437 ferr(&ops[j], "'add esp' expected\n");
3438 ops[j].flags |= OPF_RMD;
3444 } while (i < opcnt);
3449 // - parse calls with labels
3450 // - resolve all branches
3451 for (i = 0; i < opcnt; i++)
3457 if (po->flags & OPF_RMD)
3460 if (po->op == OP_CALL) {
3463 if (po->operand[0].type == OPT_LABEL) {
3464 tmpname = opr_name(po, 0);
3465 if (IS_START(tmpname, "loc_"))
3466 ferr(po, "call to loc_*\n");
3467 pp_c = proto_parse(fhdr, tmpname, 0);
3469 ferr(po, "proto_parse failed for call '%s'\n", tmpname);
3471 pp = proto_clone(pp_c);
3472 my_assert_not(pp, NULL);
3474 else if (po->datap != NULL) {
3475 pp = calloc(1, sizeof(*pp));
3476 my_assert_not(pp, NULL);
3478 ret = parse_protostr(po->datap, pp);
3480 ferr(po, "bad protostr supplied: %s\n", (char *)po->datap);
3487 check_func_pp(po, pp, "fptr var call");
3488 if (pp->is_noreturn)
3489 po->flags |= OPF_TAIL;
3495 if (!(po->flags & OPF_JMP) || po->op == OP_RET)
3498 if (po->operand[0].type == OPT_REGMEM) {
3499 pd = try_resolve_jumptab(i, opcnt);
3507 for (l = 0; l < opcnt; l++) {
3508 if (g_labels[l] != NULL
3509 && IS(po->operand[0].name, g_labels[l]))
3511 if (l == i + 1 && po->op == OP_JMP) {
3512 // yet another alignment type..
3513 po->flags |= OPF_RMD;
3516 add_label_ref(&g_label_refs[l], i);
3522 if (po->bt_i != -1 || (po->flags & OPF_RMD))
3525 if (po->operand[0].type == OPT_LABEL)
3529 ferr(po, "unhandled branch\n");
3533 po->flags |= OPF_TAIL;
3534 if (i > 0 && ops[i - 1].op == OP_POP)
3535 po->flags |= OPF_ATAIL;
3540 // - remove dead labels
3542 for (i = 0; i < opcnt; i++)
3544 if (g_labels[i] != NULL && g_label_refs[i].i == -1) {
3550 if (po->flags & OPF_RMD)
3553 if (po->op == OP_CALL)
3555 tmpname = opr_name(po, 0);
3560 pp_c = resolve_icall(i, opcnt, &l);
3562 if (!pp_c->is_func && !pp_c->is_fptr)
3563 ferr(po, "call to non-func: %s\n", pp_c->name);
3564 pp = proto_clone(pp_c);
3565 my_assert_not(pp, NULL);
3567 // not resolved just to single func
3570 switch (po->operand[0].type) {
3572 // we resolved this call and no longer need the register
3573 po->regmask_src &= ~(1 << po->operand[0].reg);
3583 pp = calloc(1, sizeof(*pp));
3584 my_assert_not(pp, NULL);
3586 ret = scan_for_esp_adjust(i + 1, opcnt, &j, &l);
3588 if (!g_allow_regfunc)
3589 ferr(po, "non-__cdecl indirect call unhandled yet\n");
3590 pp->is_unresolved = 1;
3594 if (j > ARRAY_SIZE(pp->arg))
3595 ferr(po, "esp adjust too large: %d\n", j);
3596 pp->ret_type.name = strdup("int");
3597 pp->argc = pp->argc_stack = j;
3598 for (arg = 0; arg < pp->argc; arg++)
3599 pp->arg[arg].type.name = strdup("int");
3604 // look for and make use of esp adjust
3606 if (!pp->is_stdcall && pp->argc_stack > 0)
3607 ret = scan_for_esp_adjust(i + 1, opcnt, &j, &l);
3609 if (pp->is_vararg) {
3610 if (j / 4 < pp->argc_stack)
3611 ferr(po, "esp adjust is too small: %x < %x\n",
3612 j, pp->argc_stack * 4);
3613 // modify pp to make it have varargs as normal args
3615 pp->argc += j / 4 - pp->argc_stack;
3616 for (; arg < pp->argc; arg++) {
3617 pp->arg[arg].type.name = strdup("int");
3620 if (pp->argc > ARRAY_SIZE(pp->arg))
3621 ferr(po, "too many args for '%s'\n", tmpname);
3623 if (pp->argc_stack != j / 4)
3624 ferr(po, "stack tracking failed for '%s': %x %x\n",
3625 tmpname, pp->argc_stack * 4, j);
3627 ops[ret].flags |= OPF_RMD;
3628 if (ops[ret].op == OP_POP && j > 4) {
3629 // deal with multi-pop stack adjust
3631 while (ops[ret].op == OP_POP && j > 0 && ret < opcnt) {
3632 ops[ret].flags |= OPF_RMD;
3638 // a bit of a hack, but deals with use of
3639 // single adj for multiple calls
3640 ops[ret].operand[1].val -= j;
3643 else if (pp->is_vararg)
3644 ferr(po, "missing esp_adjust for vararg func '%s'\n",
3647 if (!pp->is_unresolved && !(po->flags & OPF_ATAIL)) {
3648 // since we know the args, collect them
3649 collect_call_args(po, i, pp, ®mask, save_arg_vars,
3653 if (strstr(pp->ret_type.name, "int64"))
3659 // - find POPs for PUSHes, rm both
3660 // - scan for STD/CLD, propagate DF
3661 // - scan for all used registers
3662 // - find flag set ops for their users
3663 // - do unreselved calls
3664 // - declare indirect functions
3665 for (i = 0; i < opcnt; i++) {
3667 if (po->flags & OPF_RMD)
3670 if (po->op == OP_PUSH && (po->flags & OPF_RSAVE)) {
3671 reg = po->operand[0].reg;
3672 if (!(regmask & (1 << reg)))
3673 // not a reg save after all, rerun scan_for_pop
3674 po->flags &= ~OPF_RSAVE;
3676 regmask_save |= 1 << reg;
3679 if (po->op == OP_PUSH && po->p_argnum == 0
3680 && !(po->flags & OPF_RSAVE) && !g_func_pp->is_userstack)
3682 if (po->operand[0].type == OPT_REG)
3684 reg = po->operand[0].reg;
3686 ferr(po, "reg not set for push?\n");
3689 ret = scan_for_pop(i + 1, opcnt,
3690 po->operand[0].name, i + opcnt * 3, 0, &depth, 0);
3693 ferr(po, "too much depth: %d\n", depth);
3695 po->flags |= OPF_RMD;
3696 scan_for_pop(i + 1, opcnt, po->operand[0].name,
3697 i + opcnt * 4, 0, &depth, 1);
3700 ret = scan_for_pop_ret(i + 1, opcnt, po->operand[0].name, 0);
3703 if (regmask & (1 << reg)) {
3704 if (regmask_save & (1 << reg))
3705 ferr(po, "%s already saved?\n", po->operand[0].name);
3709 scan_for_pop_ret(i + 1, opcnt, po->operand[0].name, arg);
3713 else if (po->operand[0].type == OPT_CONST) {
3714 for (j = i + 1; j < opcnt; j++) {
3715 if ((ops[j].flags & (OPF_JMP|OPF_TAIL|OPF_RSAVE))
3716 || ops[j].op == OP_PUSH || g_labels[i] != NULL)
3721 if (!(ops[j].flags & OPF_RMD) && ops[j].op == OP_POP)
3723 po->flags |= OPF_RMD;
3731 if (po->op == OP_STD) {
3732 po->flags |= OPF_DF | OPF_RMD;
3733 scan_propagate_df(i + 1, opcnt);
3736 regmask_now = po->regmask_src | po->regmask_dst;
3737 if (regmask_now & (1 << xBP)) {
3738 if (g_bp_frame && !(po->flags & OPF_EBP_S)) {
3739 if (po->regmask_dst & (1 << xBP))
3740 // compiler decided to drop bp frame and use ebp as scratch
3741 scan_fwd_set_flags(i + 1, opcnt, i + opcnt * 5, OPF_EBP_S);
3743 regmask_now &= ~(1 << xBP);
3747 regmask |= regmask_now;
3749 if (po->flags & OPF_CC)
3751 int setters[16], cnt = 0, branched = 0;
3753 ret = scan_for_flag_set(i, i + opcnt * 6,
3754 &branched, setters, &cnt);
3755 if (ret < 0 || cnt <= 0)
3756 ferr(po, "unable to trace flag setter(s)\n");
3757 if (cnt > ARRAY_SIZE(setters))
3758 ferr(po, "too many flag setters\n");
3760 for (j = 0; j < cnt; j++)
3762 tmp_op = &ops[setters[j]]; // flag setter
3765 // to get nicer code, we try to delay test and cmp;
3766 // if we can't because of operand modification, or if we
3767 // have arith op, or branch, make it calculate flags explicitly
3768 if (tmp_op->op == OP_TEST || tmp_op->op == OP_CMP)
3770 if (branched || scan_for_mod(tmp_op, setters[j] + 1, i, 0) >= 0)
3771 pfomask = 1 << po->pfo;
3773 else if (tmp_op->op == OP_CMPS || tmp_op->op == OP_SCAS) {
3774 pfomask = 1 << po->pfo;
3777 // see if we'll be able to handle based on op result
3778 if ((tmp_op->op != OP_AND && tmp_op->op != OP_OR
3779 && po->pfo != PFO_Z && po->pfo != PFO_S
3780 && po->pfo != PFO_P)
3782 || scan_for_mod_opr0(tmp_op, setters[j] + 1, i) >= 0)
3784 pfomask = 1 << po->pfo;
3787 if (tmp_op->op == OP_ADD && po->pfo == PFO_C) {
3788 propagate_lmod(tmp_op, &tmp_op->operand[0],
3789 &tmp_op->operand[1]);
3790 if (tmp_op->operand[0].lmod == OPLM_DWORD)
3795 tmp_op->pfomask |= pfomask;
3796 cond_vars |= pfomask;
3798 // note: may overwrite, currently not a problem
3802 if (po->op == OP_RCL || po->op == OP_RCR
3803 || po->op == OP_ADC || po->op == OP_SBB)
3804 cond_vars |= 1 << PFO_C;
3807 if (po->op == OP_CMPS || po->op == OP_SCAS) {
3808 cond_vars |= 1 << PFO_Z;
3810 else if (po->op == OP_MUL
3811 || (po->op == OP_IMUL && po->operand_cnt == 1))
3813 if (po->operand[0].lmod == OPLM_DWORD)
3816 else if (po->op == OP_CALL) {
3819 ferr(po, "NULL pp\n");
3821 if (pp->is_unresolved) {
3822 int regmask_stack = 0;
3823 collect_call_args(po, i, pp, ®mask, save_arg_vars,
3826 // this is pretty rough guess:
3827 // see ecx and edx were pushed (and not their saved versions)
3828 for (arg = 0; arg < pp->argc; arg++) {
3829 if (pp->arg[arg].reg != NULL)
3832 tmp_op = pp->arg[arg].datap;
3834 ferr(po, "parsed_op missing for arg%d\n", arg);
3835 if (tmp_op->p_argnum == 0 && tmp_op->operand[0].type == OPT_REG)
3836 regmask_stack |= 1 << tmp_op->operand[0].reg;
3839 if (!((regmask_stack & (1 << xCX))
3840 && (regmask_stack & (1 << xDX))))
3842 if (pp->argc_stack != 0
3843 || ((regmask | regmask_arg) & ((1 << xCX)|(1 << xDX))))
3845 pp_insert_reg_arg(pp, "ecx");
3846 pp->is_fastcall = 1;
3847 regmask_init |= 1 << xCX;
3848 regmask |= 1 << xCX;
3850 if (pp->argc_stack != 0
3851 || ((regmask | regmask_arg) & (1 << xDX)))
3853 pp_insert_reg_arg(pp, "edx");
3854 regmask_init |= 1 << xDX;
3855 regmask |= 1 << xDX;
3859 // note: __cdecl doesn't fall into is_unresolved category
3860 if (pp->argc_stack > 0)
3864 for (arg = 0; arg < pp->argc; arg++) {
3865 if (pp->arg[arg].reg != NULL) {
3866 reg = char_array_i(regs_r32,
3867 ARRAY_SIZE(regs_r32), pp->arg[arg].reg);
3869 ferr(ops, "arg '%s' is not a reg?\n", pp->arg[arg].reg);
3870 if (!(regmask & (1 << reg))) {
3871 regmask_init |= 1 << reg;
3872 regmask |= 1 << reg;
3877 else if (po->op == OP_MOV && po->operand[0].pp != NULL
3878 && po->operand[1].pp != NULL)
3880 // <var> = offset <something>
3881 if ((po->operand[1].pp->is_func || po->operand[1].pp->is_fptr)
3882 && !IS_START(po->operand[1].name, "off_"))
3884 if (!po->operand[0].pp->is_fptr)
3885 ferr(po, "%s not declared as fptr when it should be\n",
3886 po->operand[0].name);
3887 if (pp_cmp_func(po->operand[0].pp, po->operand[1].pp)) {
3888 pp_print(buf1, sizeof(buf1), po->operand[0].pp);
3889 pp_print(buf2, sizeof(buf2), po->operand[1].pp);
3890 fnote(po, "var: %s\n", buf1);
3891 fnote(po, "func: %s\n", buf2);
3892 ferr(po, "^ mismatch\n");
3896 else if (po->op == OP_RET && !IS(g_func_pp->ret_type.name, "void"))
3897 regmask |= 1 << xAX;
3898 else if (po->op == OP_DIV || po->op == OP_IDIV) {
3899 // 32bit division is common, look for it
3900 if (po->op == OP_DIV)
3901 ret = scan_for_reg_clear(i, xDX);
3903 ret = scan_for_cdq_edx(i);
3905 po->flags |= OPF_32BIT;
3909 else if (po->op == OP_CLD)
3910 po->flags |= OPF_RMD;
3912 if (po->op == OP_RCL || po->op == OP_RCR || po->op == OP_XCHG) {
3918 // - confirm regmask_save, it might have been reduced
3919 if (regmask_save != 0)
3922 for (i = 0; i < opcnt; i++) {
3924 if (po->flags & OPF_RMD)
3927 if (po->op == OP_PUSH && (po->flags & OPF_RSAVE))
3928 regmask_save |= 1 << po->operand[0].reg;
3932 // output starts here
3934 // define userstack size
3935 if (g_func_pp->is_userstack) {
3936 fprintf(fout, "#ifndef US_SZ_%s\n", g_func_pp->name);
3937 fprintf(fout, "#define US_SZ_%s USERSTACK_SIZE\n", g_func_pp->name);
3938 fprintf(fout, "#endif\n");
3941 // the function itself
3942 fprintf(fout, "%s ", g_func_pp->ret_type.name);
3943 output_pp_attrs(fout, g_func_pp, g_ida_func_attr & IDAFA_NORETURN);
3944 fprintf(fout, "%s(", g_func_pp->name);
3946 for (i = 0; i < g_func_pp->argc; i++) {
3948 fprintf(fout, ", ");
3949 if (g_func_pp->arg[i].fptr != NULL) {
3951 pp = g_func_pp->arg[i].fptr;
3952 fprintf(fout, "%s (", pp->ret_type.name);
3953 output_pp_attrs(fout, pp, 0);
3954 fprintf(fout, "*a%d)(", i + 1);
3955 for (j = 0; j < pp->argc; j++) {
3957 fprintf(fout, ", ");
3958 if (pp->arg[j].fptr)
3959 ferr(ops, "nested fptr\n");
3960 fprintf(fout, "%s", pp->arg[j].type.name);
3962 if (pp->is_vararg) {
3964 fprintf(fout, ", ");
3965 fprintf(fout, "...");
3969 else if (g_func_pp->arg[i].type.is_retreg) {
3970 fprintf(fout, "u32 *r_%s", g_func_pp->arg[i].reg);
3973 fprintf(fout, "%s a%d", g_func_pp->arg[i].type.name, i + 1);
3976 if (g_func_pp->is_vararg) {
3978 fprintf(fout, ", ");
3979 fprintf(fout, "...");
3982 fprintf(fout, ")\n{\n");
3984 // declare indirect functions
3985 for (i = 0; i < opcnt; i++) {
3987 if (po->flags & OPF_RMD)
3990 if (po->op == OP_CALL) {
3993 ferr(po, "NULL pp\n");
3995 if (pp->is_fptr && !(pp->name[0] != 0 && pp->is_arg)) {
3996 if (pp->name[0] != 0) {
3997 memmove(pp->name + 2, pp->name, strlen(pp->name) + 1);
3998 memcpy(pp->name, "i_", 2);
4000 // might be declared already
4002 for (j = 0; j < i; j++) {
4003 if (ops[j].op == OP_CALL && (pp_tmp = ops[j].pp)) {
4004 if (pp_tmp->is_fptr && IS(pp->name, pp_tmp->name)) {
4014 snprintf(pp->name, sizeof(pp->name), "icall%d", i);
4016 fprintf(fout, " %s (", pp->ret_type.name);
4017 output_pp_attrs(fout, pp, 0);
4018 fprintf(fout, "*%s)(", pp->name);
4019 for (j = 0; j < pp->argc; j++) {
4021 fprintf(fout, ", ");
4022 fprintf(fout, "%s a%d", pp->arg[j].type.name, j + 1);
4024 fprintf(fout, ");\n");
4029 // output LUTs/jumptables
4030 for (i = 0; i < g_func_pd_cnt; i++) {
4032 fprintf(fout, " static const ");
4033 if (pd->type == OPT_OFFSET) {
4034 fprintf(fout, "void *jt_%s[] =\n { ", pd->label);
4036 for (j = 0; j < pd->count; j++) {
4038 fprintf(fout, ", ");
4039 fprintf(fout, "&&%s", pd->d[j].u.label);
4043 fprintf(fout, "%s %s[] =\n { ",
4044 lmod_type_u(ops, pd->lmod), pd->label);
4046 for (j = 0; j < pd->count; j++) {
4048 fprintf(fout, ", ");
4049 fprintf(fout, "%u", pd->d[j].u.val);
4052 fprintf(fout, " };\n");
4056 // declare stack frame, va_arg
4058 fprintf(fout, " union { u32 d[%d]; u16 w[%d]; u8 b[%d]; } sf;\n",
4059 (g_stack_fsz + 3) / 4, (g_stack_fsz + 1) / 2, g_stack_fsz);
4063 if (g_func_pp->is_userstack) {
4064 fprintf(fout, " u32 fake_sf[US_SZ_%s / 4];\n", g_func_pp->name);
4065 fprintf(fout, " u32 *esp = &fake_sf[sizeof(fake_sf) / 4];\n");
4069 if (g_func_pp->is_vararg) {
4070 fprintf(fout, " va_list ap;\n");
4074 // declare arg-registers
4075 for (i = 0; i < g_func_pp->argc; i++) {
4076 if (g_func_pp->arg[i].reg != NULL) {
4077 reg = char_array_i(regs_r32,
4078 ARRAY_SIZE(regs_r32), g_func_pp->arg[i].reg);
4079 if (regmask & (1 << reg)) {
4080 if (g_func_pp->arg[i].type.is_retreg)
4081 fprintf(fout, " u32 %s = *r_%s;\n",
4082 g_func_pp->arg[i].reg, g_func_pp->arg[i].reg);
4084 fprintf(fout, " u32 %s = (u32)a%d;\n",
4085 g_func_pp->arg[i].reg, i + 1);
4088 if (g_func_pp->arg[i].type.is_retreg)
4089 ferr(ops, "retreg '%s' is unused?\n",
4090 g_func_pp->arg[i].reg);
4091 fprintf(fout, " // %s = a%d; // unused\n",
4092 g_func_pp->arg[i].reg, i + 1);
4098 regmask_now = regmask & ~regmask_arg;
4099 regmask_now &= ~(1 << xSP);
4100 if (regmask_now & 0x00ff) {
4101 for (reg = 0; reg < 8; reg++) {
4102 if (regmask_now & (1 << reg)) {
4103 fprintf(fout, " u32 %s", regs_r32[reg]);
4104 if (regmask_init & (1 << reg))
4105 fprintf(fout, " = 0");
4106 fprintf(fout, ";\n");
4111 if (regmask_now & 0xff00) {
4112 for (reg = 8; reg < 16; reg++) {
4113 if (regmask_now & (1 << reg)) {
4114 fprintf(fout, " mmxr %s", regs_r32[reg]);
4115 if (regmask_init & (1 << reg))
4116 fprintf(fout, " = { 0, }");
4117 fprintf(fout, ";\n");
4124 for (reg = 0; reg < 8; reg++) {
4125 if (regmask_save & (1 << reg)) {
4126 fprintf(fout, " u32 s_%s;\n", regs_r32[reg]);
4132 for (i = 0; i < ARRAY_SIZE(save_arg_vars); i++) {
4133 if (save_arg_vars[i] == 0)
4135 for (reg = 0; reg < 32; reg++) {
4136 if (save_arg_vars[i] & (1 << reg)) {
4137 fprintf(fout, " u32 %s;\n",
4138 saved_arg_name(buf1, sizeof(buf1), i, reg + 1));
4145 for (i = 0; i < 8; i++) {
4146 if (cond_vars & (1 << i)) {
4147 fprintf(fout, " u32 cond_%s;\n", parsed_flag_op_names[i]);
4154 fprintf(fout, " u32 tmp;\n");
4159 fprintf(fout, " u64 tmp64;\n");
4164 fprintf(fout, "\n");
4166 if (g_func_pp->is_vararg) {
4167 if (g_func_pp->argc_stack == 0)
4168 ferr(ops, "vararg func without stack args?\n");
4169 fprintf(fout, " va_start(ap, a%d);\n", g_func_pp->argc);
4173 for (i = 0; i < opcnt; i++)
4175 if (g_labels[i] != NULL) {
4176 fprintf(fout, "\n%s:\n", g_labels[i]);
4179 delayed_flag_op = NULL;
4180 last_arith_dst = NULL;
4184 if (po->flags & OPF_RMD)
4189 #define assert_operand_cnt(n_) \
4190 if (po->operand_cnt != n_) \
4191 ferr(po, "operand_cnt is %d/%d\n", po->operand_cnt, n_)
4193 // conditional/flag using op?
4194 if (po->flags & OPF_CC)
4200 // we go through all this trouble to avoid using parsed_flag_op,
4201 // which makes generated code much nicer
4202 if (delayed_flag_op != NULL)
4204 out_cmp_test(buf1, sizeof(buf1), delayed_flag_op,
4205 po->pfo, po->pfo_inv);
4208 else if (last_arith_dst != NULL
4209 && (po->pfo == PFO_Z || po->pfo == PFO_S || po->pfo == PFO_P
4210 || (tmp_op && (tmp_op->op == OP_AND || tmp_op->op == OP_OR))
4213 out_src_opr_u32(buf3, sizeof(buf3), po, last_arith_dst);
4214 out_test_for_cc(buf1, sizeof(buf1), po, po->pfo, po->pfo_inv,
4215 last_arith_dst->lmod, buf3);
4218 else if (tmp_op != NULL) {
4219 // use preprocessed flag calc results
4220 if (!(tmp_op->pfomask & (1 << po->pfo)))
4221 ferr(po, "not prepared for pfo %d\n", po->pfo);
4223 // note: pfo_inv was not yet applied
4224 snprintf(buf1, sizeof(buf1), "(%scond_%s)",
4225 po->pfo_inv ? "!" : "", parsed_flag_op_names[po->pfo]);
4228 ferr(po, "all methods of finding comparison failed\n");
4231 if (po->flags & OPF_JMP) {
4232 fprintf(fout, " if %s", buf1);
4234 else if (po->op == OP_RCL || po->op == OP_RCR
4235 || po->op == OP_ADC || po->op == OP_SBB)
4238 fprintf(fout, " cond_%s = %s;\n",
4239 parsed_flag_op_names[po->pfo], buf1);
4241 else if (po->flags & OPF_DATA) { // SETcc
4242 out_dst_opr(buf2, sizeof(buf2), po, &po->operand[0]);
4243 fprintf(fout, " %s = %s;", buf2, buf1);
4246 ferr(po, "unhandled conditional op\n");
4250 pfomask = po->pfomask;
4252 if (po->flags & (OPF_REPZ|OPF_REPNZ)) {
4253 struct parsed_opr opr = {0,};
4256 opr.lmod = OPLM_DWORD;
4257 ret = try_resolve_const(i, &opr, opcnt * 7 + i, &uval);
4259 if (ret != 1 || uval == 0) {
4260 // we need initial flags for ecx=0 case..
4261 if (i > 0 && ops[i - 1].op == OP_XOR
4262 && IS(ops[i - 1].operand[0].name,
4263 ops[i - 1].operand[1].name))
4265 fprintf(fout, " cond_z = ");
4266 if (pfomask & (1 << PFO_C))
4267 fprintf(fout, "cond_c = ");
4268 fprintf(fout, "0;\n");
4270 else if (last_arith_dst != NULL) {
4271 out_src_opr_u32(buf3, sizeof(buf3), po, last_arith_dst);
4272 out_test_for_cc(buf1, sizeof(buf1), po, PFO_Z, 0,
4273 last_arith_dst->lmod, buf3);
4274 fprintf(fout, " cond_z = %s;\n", buf1);
4277 ferr(po, "missing initial ZF\n");
4284 assert_operand_cnt(2);
4285 propagate_lmod(po, &po->operand[0], &po->operand[1]);
4286 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]);
4287 default_cast_to(buf3, sizeof(buf3), &po->operand[0]);
4288 fprintf(fout, " %s = %s;", buf1,
4289 out_src_opr(buf2, sizeof(buf2), po, &po->operand[1],
4294 assert_operand_cnt(2);
4295 po->operand[1].lmod = OPLM_DWORD; // always
4296 fprintf(fout, " %s = %s;",
4297 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]),
4298 out_src_opr(buf2, sizeof(buf2), po, &po->operand[1],
4303 assert_operand_cnt(2);
4304 fprintf(fout, " %s = %s;",
4305 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]),
4306 out_src_opr_u32(buf2, sizeof(buf2), po, &po->operand[1]));
4310 assert_operand_cnt(2);
4311 switch (po->operand[1].lmod) {
4313 strcpy(buf3, "(s8)");
4316 strcpy(buf3, "(s16)");
4319 ferr(po, "invalid src lmod: %d\n", po->operand[1].lmod);
4321 fprintf(fout, " %s = %s;",
4322 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]),
4323 out_src_opr(buf2, sizeof(buf2), po, &po->operand[1],
4328 assert_operand_cnt(2);
4329 propagate_lmod(po, &po->operand[0], &po->operand[1]);
4330 fprintf(fout, " tmp = %s;",
4331 out_src_opr(buf1, sizeof(buf1), po, &po->operand[0], "", 0));
4332 fprintf(fout, " %s = %s;",
4333 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]),
4334 out_src_opr(buf2, sizeof(buf2), po, &po->operand[1],
4335 default_cast_to(buf3, sizeof(buf3), &po->operand[0]), 0));
4336 fprintf(fout, " %s = %stmp;",
4337 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[1]),
4338 default_cast_to(buf3, sizeof(buf3), &po->operand[1]));
4339 snprintf(g_comment, sizeof(g_comment), "xchg");
4343 assert_operand_cnt(1);
4344 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]);
4345 fprintf(fout, " %s = ~%s;", buf1, buf1);
4349 assert_operand_cnt(2);
4350 fprintf(fout, " %s = (s32)%s >> 31;",
4351 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]),
4352 out_src_opr_u32(buf2, sizeof(buf2), po, &po->operand[1]));
4353 strcpy(g_comment, "cdq");
4357 assert_operand_cnt(3);
4358 if (po->flags & OPF_REP) {
4363 fprintf(fout, " eax = %sesi; esi %c= %d;",
4364 lmod_cast_u_ptr(po, po->operand[0].lmod),
4365 (po->flags & OPF_DF) ? '-' : '+',
4366 lmod_bytes(po, po->operand[0].lmod));
4367 strcpy(g_comment, "lods");
4372 assert_operand_cnt(3);
4373 if (po->flags & OPF_REP) {
4374 fprintf(fout, " for (; ecx != 0; ecx--, edi %c= %d)\n",
4375 (po->flags & OPF_DF) ? '-' : '+',
4376 lmod_bytes(po, po->operand[0].lmod));
4377 fprintf(fout, " %sedi = eax;",
4378 lmod_cast_u_ptr(po, po->operand[0].lmod));
4379 strcpy(g_comment, "rep stos");
4382 fprintf(fout, " %sedi = eax; edi %c= %d;",
4383 lmod_cast_u_ptr(po, po->operand[0].lmod),
4384 (po->flags & OPF_DF) ? '-' : '+',
4385 lmod_bytes(po, po->operand[0].lmod));
4386 strcpy(g_comment, "stos");
4391 assert_operand_cnt(3);
4392 j = lmod_bytes(po, po->operand[0].lmod);
4393 strcpy(buf1, lmod_cast_u_ptr(po, po->operand[0].lmod));
4394 l = (po->flags & OPF_DF) ? '-' : '+';
4395 if (po->flags & OPF_REP) {
4397 " for (; ecx != 0; ecx--, edi %c= %d, esi %c= %d)\n",
4400 " %sedi = %sesi;", buf1, buf1);
4401 strcpy(g_comment, "rep movs");
4404 fprintf(fout, " %sedi = %sesi; edi %c= %d; esi %c= %d;",
4405 buf1, buf1, l, j, l, j);
4406 strcpy(g_comment, "movs");
4411 // repe ~ repeat while ZF=1
4412 assert_operand_cnt(3);
4413 j = lmod_bytes(po, po->operand[0].lmod);
4414 strcpy(buf1, lmod_cast_u_ptr(po, po->operand[0].lmod));
4415 l = (po->flags & OPF_DF) ? '-' : '+';
4416 if (po->flags & OPF_REP) {
4418 " for (; ecx != 0; ecx--) {\n");
4419 if (pfomask & (1 << PFO_C)) {
4422 " cond_c = %sesi < %sedi;\n", buf1, buf1);
4423 pfomask &= ~(1 << PFO_C);
4426 " cond_z = (%sesi == %sedi); esi %c= %d, edi %c= %d;\n",
4427 buf1, buf1, l, j, l, j);
4429 " if (cond_z %s 0) break;\n",
4430 (po->flags & OPF_REPZ) ? "==" : "!=");
4433 snprintf(g_comment, sizeof(g_comment), "rep%s cmps",
4434 (po->flags & OPF_REPZ) ? "e" : "ne");
4438 " cond_z = (%sesi == %sedi); esi %c= %d; edi %c= %d;",
4439 buf1, buf1, l, j, l, j);
4440 strcpy(g_comment, "cmps");
4442 pfomask &= ~(1 << PFO_Z);
4443 last_arith_dst = NULL;
4444 delayed_flag_op = NULL;
4448 // only does ZF (for now)
4449 // repe ~ repeat while ZF=1
4450 assert_operand_cnt(3);
4451 j = lmod_bytes(po, po->operand[0].lmod);
4452 l = (po->flags & OPF_DF) ? '-' : '+';
4453 if (po->flags & OPF_REP) {
4455 " for (; ecx != 0; ecx--) {\n");
4457 " cond_z = (%seax == %sedi); edi %c= %d;\n",
4458 lmod_cast_u(po, po->operand[0].lmod),
4459 lmod_cast_u_ptr(po, po->operand[0].lmod), l, j);
4461 " if (cond_z %s 0) break;\n",
4462 (po->flags & OPF_REPZ) ? "==" : "!=");
4465 snprintf(g_comment, sizeof(g_comment), "rep%s scas",
4466 (po->flags & OPF_REPZ) ? "e" : "ne");
4469 fprintf(fout, " cond_z = (%seax == %sedi); edi %c= %d;",
4470 lmod_cast_u(po, po->operand[0].lmod),
4471 lmod_cast_u_ptr(po, po->operand[0].lmod), l, j);
4472 strcpy(g_comment, "scas");
4474 pfomask &= ~(1 << PFO_Z);
4475 last_arith_dst = NULL;
4476 delayed_flag_op = NULL;
4479 // arithmetic w/flags
4482 propagate_lmod(po, &po->operand[0], &po->operand[1]);
4485 assert_operand_cnt(2);
4486 fprintf(fout, " %s %s= %s;",
4487 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]),
4489 out_src_opr_u32(buf2, sizeof(buf2), po, &po->operand[1]));
4490 output_std_flags(fout, po, &pfomask, buf1);
4491 last_arith_dst = &po->operand[0];
4492 delayed_flag_op = NULL;
4497 assert_operand_cnt(2);
4498 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]);
4499 if (pfomask & (1 << PFO_C)) {
4500 if (po->operand[1].type == OPT_CONST) {
4501 l = lmod_bytes(po, po->operand[0].lmod) * 8;
4502 j = po->operand[1].val;
4505 if (po->op == OP_SHL)
4509 fprintf(fout, " cond_c = (%s >> %d) & 1;\n",
4513 ferr(po, "zero shift?\n");
4517 pfomask &= ~(1 << PFO_C);
4519 fprintf(fout, " %s %s= %s;", buf1, op_to_c(po),
4520 out_src_opr_u32(buf2, sizeof(buf2), po, &po->operand[1]));
4521 output_std_flags(fout, po, &pfomask, buf1);
4522 last_arith_dst = &po->operand[0];
4523 delayed_flag_op = NULL;
4527 assert_operand_cnt(2);
4528 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]);
4529 fprintf(fout, " %s = %s%s >> %s;", buf1,
4530 lmod_cast_s(po, po->operand[0].lmod), buf1,
4531 out_src_opr_u32(buf2, sizeof(buf2), po, &po->operand[1]));
4532 output_std_flags(fout, po, &pfomask, buf1);
4533 last_arith_dst = &po->operand[0];
4534 delayed_flag_op = NULL;
4538 assert_operand_cnt(3);
4539 propagate_lmod(po, &po->operand[0], &po->operand[1]);
4540 l = lmod_bytes(po, po->operand[0].lmod) * 8;
4541 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]);
4542 out_src_opr_u32(buf2, sizeof(buf2), po, &po->operand[1]);
4543 out_src_opr_u32(buf3, sizeof(buf3), po, &po->operand[2]);
4544 fprintf(fout, " %s >>= %s; %s |= %s << (%d - %s);",
4545 buf1, buf3, buf1, buf2, l, buf3);
4546 strcpy(g_comment, "shrd");
4547 output_std_flags(fout, po, &pfomask, buf1);
4548 last_arith_dst = &po->operand[0];
4549 delayed_flag_op = NULL;
4554 assert_operand_cnt(2);
4555 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]);
4556 if (po->operand[1].type == OPT_CONST) {
4557 j = po->operand[1].val;
4558 j %= lmod_bytes(po, po->operand[0].lmod) * 8;
4559 fprintf(fout, po->op == OP_ROL ?
4560 " %s = (%s << %d) | (%s >> %d);" :
4561 " %s = (%s >> %d) | (%s << %d);",
4562 buf1, buf1, j, buf1,
4563 lmod_bytes(po, po->operand[0].lmod) * 8 - j);
4567 output_std_flags(fout, po, &pfomask, buf1);
4568 last_arith_dst = &po->operand[0];
4569 delayed_flag_op = NULL;
4574 assert_operand_cnt(2);
4575 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]);
4576 l = lmod_bytes(po, po->operand[0].lmod) * 8;
4577 if (po->operand[1].type == OPT_CONST) {
4578 j = po->operand[1].val % l;
4580 ferr(po, "zero rotate\n");
4581 fprintf(fout, " tmp = (%s >> %d) & 1;\n",
4582 buf1, (po->op == OP_RCL) ? (l - j) : (j - 1));
4583 if (po->op == OP_RCL) {
4585 " %s = (%s << %d) | (cond_c << %d)",
4586 buf1, buf1, j, j - 1);
4588 fprintf(fout, " | (%s >> %d)", buf1, l + 1 - j);
4592 " %s = (%s >> %d) | (cond_c << %d)",
4593 buf1, buf1, j, l - j);
4595 fprintf(fout, " | (%s << %d)", buf1, l + 1 - j);
4597 fprintf(fout, ";\n");
4598 fprintf(fout, " cond_c = tmp;");
4602 strcpy(g_comment, (po->op == OP_RCL) ? "rcl" : "rcr");
4603 output_std_flags(fout, po, &pfomask, buf1);
4604 last_arith_dst = &po->operand[0];
4605 delayed_flag_op = NULL;
4609 assert_operand_cnt(2);
4610 propagate_lmod(po, &po->operand[0], &po->operand[1]);
4611 if (IS(opr_name(po, 0), opr_name(po, 1))) {
4612 // special case for XOR
4613 if (pfomask & (1 << PFO_BE)) { // weird, but it happens..
4614 fprintf(fout, " cond_be = 1;\n");
4615 pfomask &= ~(1 << PFO_BE);
4617 fprintf(fout, " %s = 0;",
4618 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]));
4619 last_arith_dst = &po->operand[0];
4620 delayed_flag_op = NULL;
4626 assert_operand_cnt(2);
4627 propagate_lmod(po, &po->operand[0], &po->operand[1]);
4628 if (pfomask & (1 << PFO_C)) {
4629 out_src_opr_u32(buf1, sizeof(buf1), po, &po->operand[0]);
4630 out_src_opr_u32(buf2, sizeof(buf2), po, &po->operand[1]);
4631 if (po->operand[0].lmod == OPLM_DWORD) {
4632 fprintf(fout, " tmp64 = (u64)%s + %s;\n", buf1, buf2);
4633 fprintf(fout, " cond_c = tmp64 >> 32;\n");
4634 fprintf(fout, " %s = (u32)tmp64;",
4635 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]));
4636 strcat(g_comment, "add64");
4639 fprintf(fout, " cond_c = ((u32)%s + %s) >> %d;\n",
4640 buf1, buf2, lmod_bytes(po, po->operand[0].lmod) * 8);
4641 fprintf(fout, " %s += %s;",
4642 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]),
4645 pfomask &= ~(1 << PFO_C);
4646 output_std_flags(fout, po, &pfomask, buf1);
4647 last_arith_dst = &po->operand[0];
4648 delayed_flag_op = NULL;
4654 assert_operand_cnt(2);
4655 propagate_lmod(po, &po->operand[0], &po->operand[1]);
4656 if (pfomask & ~((1 << PFO_Z) | (1 << PFO_S))) {
4657 for (j = 0; j <= PFO_LE; j++) {
4658 if (!(pfomask & (1 << j)))
4660 if (j == PFO_Z || j == PFO_S)
4663 out_cmp_for_cc(buf1, sizeof(buf1), po, j, 0);
4664 fprintf(fout, " cond_%s = %s;\n",
4665 parsed_flag_op_names[j], buf1);
4666 pfomask &= ~(1 << j);
4673 assert_operand_cnt(2);
4674 propagate_lmod(po, &po->operand[0], &po->operand[1]);
4675 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]);
4676 if (po->op == OP_SBB
4677 && IS(po->operand[0].name, po->operand[1].name))
4679 // avoid use of unitialized var
4680 fprintf(fout, " %s = -cond_c;", buf1);
4681 // carry remains what it was
4682 pfomask &= ~(1 << PFO_C);
4685 fprintf(fout, " %s %s= %s + cond_c;", buf1, op_to_c(po),
4686 out_src_opr_u32(buf2, sizeof(buf2), po, &po->operand[1]));
4688 output_std_flags(fout, po, &pfomask, buf1);
4689 last_arith_dst = &po->operand[0];
4690 delayed_flag_op = NULL;
4694 assert_operand_cnt(2);
4695 out_src_opr_u32(buf2, sizeof(buf2), po, &po->operand[1]);
4696 fprintf(fout, " %s = %s ? __builtin_ffs(%s) - 1 : 0;",
4697 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]),
4699 output_std_flags(fout, po, &pfomask, buf1);
4700 last_arith_dst = &po->operand[0];
4701 delayed_flag_op = NULL;
4702 strcat(g_comment, "bsf");
4706 if (pfomask & ~(PFOB_S | PFOB_S | PFOB_C)) {
4707 for (j = 0; j <= PFO_LE; j++) {
4708 if (!(pfomask & (1 << j)))
4710 if (j == PFO_Z || j == PFO_S || j == PFO_C)
4713 out_cmp_for_cc(buf1, sizeof(buf1), po, j, 0);
4714 fprintf(fout, " cond_%s = %s;\n",
4715 parsed_flag_op_names[j], buf1);
4716 pfomask &= ~(1 << j);
4722 if (pfomask & (1 << PFO_C))
4723 // carry is unaffected by inc/dec.. wtf?
4724 ferr(po, "carry propagation needed\n");
4726 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]);
4727 if (po->operand[0].type == OPT_REG) {
4728 strcpy(buf2, po->op == OP_INC ? "++" : "--");
4729 fprintf(fout, " %s%s;", buf1, buf2);
4732 strcpy(buf2, po->op == OP_INC ? "+" : "-");
4733 fprintf(fout, " %s %s= 1;", buf1, buf2);
4735 output_std_flags(fout, po, &pfomask, buf1);
4736 last_arith_dst = &po->operand[0];
4737 delayed_flag_op = NULL;
4741 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]);
4742 out_src_opr_u32(buf2, sizeof(buf2), po, &po->operand[0]);
4743 fprintf(fout, " %s = -%s%s;", buf1,
4744 lmod_cast_s(po, po->operand[0].lmod), buf2);
4745 last_arith_dst = &po->operand[0];
4746 delayed_flag_op = NULL;
4747 if (pfomask & (1 << PFO_C)) {
4748 fprintf(fout, "\n cond_c = (%s != 0);", buf1);
4749 pfomask &= ~(1 << PFO_C);
4754 if (po->operand_cnt == 2) {
4755 propagate_lmod(po, &po->operand[0], &po->operand[1]);
4758 if (po->operand_cnt == 3)
4759 ferr(po, "TODO imul3\n");
4762 assert_operand_cnt(1);
4763 switch (po->operand[0].lmod) {
4765 strcpy(buf1, po->op == OP_IMUL ? "(s64)(s32)" : "(u64)");
4766 fprintf(fout, " tmp64 = %seax * %s%s;\n", buf1, buf1,
4767 out_src_opr_u32(buf2, sizeof(buf2), po, &po->operand[0]));
4768 fprintf(fout, " edx = tmp64 >> 32;\n");
4769 fprintf(fout, " eax = tmp64;");
4772 strcpy(buf1, po->op == OP_IMUL ? "(s16)(s8)" : "(u16)(u8)");
4773 fprintf(fout, " LOWORD(eax) = %seax * %s;", buf1,
4774 out_src_opr(buf2, sizeof(buf2), po, &po->operand[0],
4778 ferr(po, "TODO: unhandled mul type\n");
4781 last_arith_dst = NULL;
4782 delayed_flag_op = NULL;
4787 assert_operand_cnt(1);
4788 if (po->operand[0].lmod != OPLM_DWORD)
4789 ferr(po, "unhandled lmod %d\n", po->operand[0].lmod);
4791 out_src_opr_u32(buf1, sizeof(buf1), po, &po->operand[0]);
4792 strcpy(buf2, lmod_cast(po, po->operand[0].lmod,
4793 po->op == OP_IDIV));
4794 switch (po->operand[0].lmod) {
4796 if (po->flags & OPF_32BIT)
4797 snprintf(buf3, sizeof(buf3), "%seax", buf2);
4799 fprintf(fout, " tmp64 = ((u64)edx << 32) | eax;\n");
4800 snprintf(buf3, sizeof(buf3), "%stmp64",
4801 (po->op == OP_IDIV) ? "(s64)" : "");
4803 if (po->operand[0].type == OPT_REG
4804 && po->operand[0].reg == xDX)
4806 fprintf(fout, " eax = %s / %s%s;", buf3, buf2, buf1);
4807 fprintf(fout, " edx = %s %% %s%s;\n", buf3, buf2, buf1);
4810 fprintf(fout, " edx = %s %% %s%s;\n", buf3, buf2, buf1);
4811 fprintf(fout, " eax = %s / %s%s;", buf3, buf2, buf1);
4815 ferr(po, "unhandled division type\n");
4817 last_arith_dst = NULL;
4818 delayed_flag_op = NULL;
4823 propagate_lmod(po, &po->operand[0], &po->operand[1]);
4825 for (j = 0; j < 8; j++) {
4826 if (pfomask & (1 << j)) {
4827 out_cmp_test(buf1, sizeof(buf1), po, j, 0);
4828 fprintf(fout, " cond_%s = %s;",
4829 parsed_flag_op_names[j], buf1);
4836 last_arith_dst = NULL;
4837 delayed_flag_op = po;
4841 // SETcc - should already be handled
4844 // note: we reuse OP_Jcc for SETcc, only flags differ
4846 fprintf(fout, "\n goto %s;", po->operand[0].name);
4850 fprintf(fout, " if (ecx == 0)\n");
4851 fprintf(fout, " goto %s;", po->operand[0].name);
4852 strcat(g_comment, "jecxz");
4856 assert_operand_cnt(1);
4857 last_arith_dst = NULL;
4858 delayed_flag_op = NULL;
4860 if (po->operand[0].type == OPT_REGMEM) {
4861 ret = sscanf(po->operand[0].name, "%[^[][%[^*]*4]",
4864 ferr(po, "parse failure for jmp '%s'\n",
4865 po->operand[0].name);
4866 fprintf(fout, " goto *jt_%s[%s];", buf1, buf2);
4869 else if (po->operand[0].type != OPT_LABEL)
4870 ferr(po, "unhandled jmp type\n");
4872 fprintf(fout, " goto %s;", po->operand[0].name);
4876 assert_operand_cnt(1);
4878 my_assert_not(pp, NULL);
4881 if (po->flags & OPF_CC) {
4882 // we treat conditional branch to another func
4883 // (yes such code exists..) as conditional tailcall
4885 fprintf(fout, " {\n");
4888 if (pp->is_fptr && !pp->is_arg) {
4889 fprintf(fout, "%s%s = %s;\n", buf3, pp->name,
4890 out_src_opr(buf1, sizeof(buf1), po, &po->operand[0],
4892 if (pp->is_unresolved)
4893 fprintf(fout, "%sunresolved_call(\"%s:%d\", %s);\n",
4894 buf3, asmfn, po->asmln, pp->name);
4897 fprintf(fout, "%s", buf3);
4898 if (strstr(pp->ret_type.name, "int64")) {
4899 if (po->flags & OPF_TAIL)
4900 ferr(po, "int64 and tail?\n");
4901 fprintf(fout, "tmp64 = ");
4903 else if (!IS(pp->ret_type.name, "void")) {
4904 if (po->flags & OPF_TAIL) {
4905 if (!IS(g_func_pp->ret_type.name, "void")) {
4906 fprintf(fout, "return ");
4907 if (g_func_pp->ret_type.is_ptr != pp->ret_type.is_ptr)
4908 fprintf(fout, "(%s)", g_func_pp->ret_type.name);
4911 else if (regmask & (1 << xAX)) {
4912 fprintf(fout, "eax = ");
4913 if (pp->ret_type.is_ptr)
4914 fprintf(fout, "(u32)");
4918 if (pp->name[0] == 0)
4919 ferr(po, "missing pp->name\n");
4920 fprintf(fout, "%s%s(", pp->name,
4921 pp->has_structarg ? "_sa" : "");
4923 if (po->flags & OPF_ATAIL) {
4924 if (pp->argc_stack != g_func_pp->argc_stack
4925 || (pp->argc_stack > 0
4926 && pp->is_stdcall != g_func_pp->is_stdcall))
4927 ferr(po, "incompatible tailcall\n");
4928 if (g_func_pp->has_retreg)
4929 ferr(po, "TODO: retreg+tailcall\n");
4931 for (arg = j = 0; arg < pp->argc; arg++) {
4933 fprintf(fout, ", ");
4936 if (pp->arg[arg].type.is_ptr)
4937 snprintf(cast, sizeof(cast), "(%s)",
4938 pp->arg[arg].type.name);
4940 if (pp->arg[arg].reg != NULL) {
4941 fprintf(fout, "%s%s", cast, pp->arg[arg].reg);
4945 for (; j < g_func_pp->argc; j++)
4946 if (g_func_pp->arg[j].reg == NULL)
4948 fprintf(fout, "%sa%d", cast, j + 1);
4953 for (arg = 0; arg < pp->argc; arg++) {
4955 fprintf(fout, ", ");
4958 if (pp->arg[arg].type.is_ptr)
4959 snprintf(cast, sizeof(cast), "(%s)",
4960 pp->arg[arg].type.name);
4962 if (pp->arg[arg].reg != NULL) {
4963 if (pp->arg[arg].type.is_retreg)
4964 fprintf(fout, "&%s", pp->arg[arg].reg);
4966 fprintf(fout, "%s%s", cast, pp->arg[arg].reg);
4971 tmp_op = pp->arg[arg].datap;
4973 ferr(po, "parsed_op missing for arg%d\n", arg);
4975 if (tmp_op->flags & OPF_VAPUSH) {
4976 fprintf(fout, "ap");
4978 else if (tmp_op->p_argpass != 0) {
4979 fprintf(fout, "a%d", tmp_op->p_argpass);
4981 else if (tmp_op->p_argnum != 0) {
4982 fprintf(fout, "%s%s", cast,
4983 saved_arg_name(buf1, sizeof(buf1),
4984 tmp_op->p_arggrp, tmp_op->p_argnum));
4988 out_src_opr(buf1, sizeof(buf1),
4989 tmp_op, &tmp_op->operand[0], cast, 0));
4993 fprintf(fout, ");");
4995 if (strstr(pp->ret_type.name, "int64")) {
4996 fprintf(fout, "\n");
4997 fprintf(fout, "%sedx = tmp64 >> 32;\n", buf3);
4998 fprintf(fout, "%seax = tmp64;", buf3);
5001 if (pp->is_unresolved) {
5002 snprintf(buf2, sizeof(buf2), " unresolved %dreg",
5004 strcat(g_comment, buf2);
5007 if (po->flags & OPF_TAIL) {
5009 if (i == opcnt - 1 || pp->is_noreturn)
5011 else if (IS(pp->ret_type.name, "void"))
5013 else if (IS(g_func_pp->ret_type.name, "void"))
5015 // else already handled as 'return f()'
5018 if (!IS(g_func_pp->ret_type.name, "void")) {
5019 ferr(po, "int func -> void func tailcall?\n");
5022 fprintf(fout, "\n%sreturn;", buf3);
5023 strcat(g_comment, " ^ tailcall");
5027 strcat(g_comment, " tailcall");
5029 if (pp->is_noreturn)
5030 strcat(g_comment, " noreturn");
5031 if ((po->flags & OPF_ATAIL) && pp->argc_stack > 0)
5032 strcat(g_comment, " argframe");
5033 if (po->flags & OPF_CC)
5034 strcat(g_comment, " cond");
5036 if (po->flags & OPF_CC)
5037 fprintf(fout, "\n }");
5039 delayed_flag_op = NULL;
5040 last_arith_dst = NULL;
5044 if (g_func_pp->is_vararg)
5045 fprintf(fout, " va_end(ap);\n");
5046 if (g_func_pp->has_retreg) {
5047 for (arg = 0; arg < g_func_pp->argc; arg++)
5048 if (g_func_pp->arg[arg].type.is_retreg)
5049 fprintf(fout, " *r_%s = %s;\n",
5050 g_func_pp->arg[arg].reg, g_func_pp->arg[arg].reg);
5053 if (IS(g_func_pp->ret_type.name, "void")) {
5054 if (i != opcnt - 1 || label_pending)
5055 fprintf(fout, " return;");
5057 else if (g_func_pp->ret_type.is_ptr) {
5058 fprintf(fout, " return (%s)eax;",
5059 g_func_pp->ret_type.name);
5061 else if (IS(g_func_pp->ret_type.name, "__int64"))
5062 fprintf(fout, " return ((u64)edx << 32) | eax;");
5064 fprintf(fout, " return eax;");
5066 last_arith_dst = NULL;
5067 delayed_flag_op = NULL;
5071 out_src_opr_u32(buf1, sizeof(buf1), po, &po->operand[0]);
5072 if (po->p_argnum != 0) {
5073 // special case - saved func arg
5074 fprintf(fout, " %s = %s;",
5075 saved_arg_name(buf2, sizeof(buf2),
5076 po->p_arggrp, po->p_argnum), buf1);
5079 else if (po->flags & OPF_RSAVE) {
5080 fprintf(fout, " s_%s = %s;", buf1, buf1);
5083 else if (g_func_pp->is_userstack) {
5084 fprintf(fout, " *(--esp) = %s;", buf1);
5087 if (!(g_ida_func_attr & IDAFA_NORETURN))
5088 ferr(po, "stray push encountered\n");
5093 if (po->flags & OPF_RSAVE) {
5094 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]);
5095 fprintf(fout, " %s = s_%s;", buf1, buf1);
5098 else if (po->datap != NULL) {
5101 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]);
5102 fprintf(fout, " %s = %s;", buf1,
5103 out_src_opr(buf2, sizeof(buf2),
5104 tmp_op, &tmp_op->operand[0],
5105 default_cast_to(buf3, sizeof(buf3), &po->operand[0]), 0));
5108 else if (g_func_pp->is_userstack) {
5109 fprintf(fout, " %s = *esp++;",
5110 out_dst_opr(buf1, sizeof(buf1), po, &po->operand[0]));
5114 ferr(po, "stray pop encountered\n");
5123 strcpy(g_comment, "(emms)");
5128 ferr(po, "unhandled op type %d, flags %x\n",
5133 if (g_comment[0] != 0) {
5134 char *p = g_comment;
5135 while (my_isblank(*p))
5137 fprintf(fout, " // %s", p);
5142 fprintf(fout, "\n");
5144 // some sanity checking
5145 if (po->flags & OPF_REP) {
5146 if (po->op != OP_STOS && po->op != OP_MOVS
5147 && po->op != OP_CMPS && po->op != OP_SCAS)
5148 ferr(po, "unexpected rep\n");
5149 if (!(po->flags & (OPF_REPZ|OPF_REPNZ))
5150 && (po->op == OP_CMPS || po->op == OP_SCAS))
5151 ferr(po, "cmps/scas with plain rep\n");
5153 if ((po->flags & (OPF_REPZ|OPF_REPNZ))
5154 && po->op != OP_CMPS && po->op != OP_SCAS)
5155 ferr(po, "unexpected repz/repnz\n");
5158 ferr(po, "missed flag calc, pfomask=%x\n", pfomask);
5160 // see is delayed flag stuff is still valid
5161 if (delayed_flag_op != NULL && delayed_flag_op != po) {
5162 if (is_any_opr_modified(delayed_flag_op, po, 0))
5163 delayed_flag_op = NULL;
5166 if (last_arith_dst != NULL && last_arith_dst != &po->operand[0]) {
5167 if (is_opr_modified(last_arith_dst, po))
5168 last_arith_dst = NULL;
5174 if (g_stack_fsz && !g_stack_frame_used)
5175 fprintf(fout, " (void)sf;\n");
5177 fprintf(fout, "}\n\n");
5180 for (i = 0; i < opcnt; i++) {
5181 struct label_ref *lr, *lr_del;
5183 lr = g_label_refs[i].next;
5184 while (lr != NULL) {
5189 g_label_refs[i].i = -1;
5190 g_label_refs[i].next = NULL;
5192 if (ops[i].op == OP_CALL) {
5194 proto_release(ops[i].pp);
5200 struct func_proto_dep;
5202 struct func_prototype {
5207 int has_ret:3; // -1, 0, 1: unresolved, no, yes
5208 unsigned int dep_resolved:1;
5209 unsigned int is_stdcall:1;
5210 struct func_proto_dep *dep_func;
5214 struct func_proto_dep {
5216 struct func_prototype *proto;
5217 int regmask_live; // .. at the time of call
5218 unsigned int ret_dep:1; // return from this is caller's return
5221 static struct func_prototype *hg_fp;
5222 static int hg_fp_cnt;
5224 static struct func_proto_dep *hg_fp_find_dep(struct func_prototype *fp,
5229 for (i = 0; i < fp->dep_func_cnt; i++)
5230 if (IS(fp->dep_func[i].name, name))
5231 return &fp->dep_func[i];
5236 static void hg_fp_add_dep(struct func_prototype *fp, const char *name)
5239 if (hg_fp_find_dep(fp, name))
5242 if ((fp->dep_func_cnt & 0xff) == 0) {
5243 fp->dep_func = realloc(fp->dep_func,
5244 sizeof(fp->dep_func[0]) * (fp->dep_func_cnt + 0x100));
5245 my_assert_not(fp->dep_func, NULL);
5246 memset(&fp->dep_func[fp->dep_func_cnt], 0,
5247 sizeof(fp->dep_func[0]) * 0x100);
5249 fp->dep_func[fp->dep_func_cnt].name = strdup(name);
5253 static int hg_fp_cmp_name(const void *p1_, const void *p2_)
5255 const struct func_prototype *p1 = p1_, *p2 = p2_;
5256 return strcmp(p1->name, p2->name);
5260 static int hg_fp_cmp_id(const void *p1_, const void *p2_)
5262 const struct func_prototype *p1 = p1_, *p2 = p2_;
5263 return p1->id - p2->id;
5267 static void gen_hdr(const char *funcn, int opcnt)
5269 struct func_prototype *fp;
5270 struct func_proto_dep *dep;
5271 struct parsed_data *pd;
5272 struct parsed_op *po;
5273 int regmask_save = 0;
5274 int regmask_dst = 0;
5275 int regmask_dep = 0;
5276 int max_bp_offset = 0;
5278 int from_caller = 0;
5282 if ((hg_fp_cnt & 0xff) == 0) {
5283 hg_fp = realloc(hg_fp, sizeof(hg_fp[0]) * (hg_fp_cnt + 0x100));
5284 my_assert_not(hg_fp, NULL);
5285 memset(hg_fp + hg_fp_cnt, 0, sizeof(hg_fp[0]) * 0x100);
5288 fp = &hg_fp[hg_fp_cnt];
5289 snprintf(fp->name, sizeof(fp->name), "%s", funcn);
5295 // - resolve all branches
5296 for (i = 0; i < opcnt; i++)
5302 if (po->flags & OPF_RMD)
5305 if (po->op == OP_CALL) {
5306 if (po->operand[0].type == OPT_LABEL)
5307 hg_fp_add_dep(fp, opr_name(po, 0));
5312 if (!(po->flags & OPF_JMP) || po->op == OP_RET)
5315 if (po->operand[0].type == OPT_REGMEM) {
5316 pd = try_resolve_jumptab(i, opcnt);
5324 for (l = 0; l < opcnt; l++) {
5325 if (g_labels[l] != NULL
5326 && IS(po->operand[0].name, g_labels[l]))
5328 add_label_ref(&g_label_refs[l], i);
5334 if (po->bt_i != -1 || (po->flags & OPF_RMD))
5337 if (po->operand[0].type == OPT_LABEL)
5341 ferr(po, "unhandled branch\n");
5345 po->flags |= OPF_TAIL;
5346 if (i > 0 && ops[i - 1].op == OP_POP)
5347 po->flags |= OPF_ATAIL;
5352 // - remove dead labels
5353 for (i = 0; i < opcnt; i++)
5355 if (g_labels[i] != NULL && g_label_refs[i].i == -1) {
5362 // - track saved regs
5363 // - try to figure out arg-regs
5364 for (i = 0; i < opcnt; i++)
5367 if (po->flags & OPF_RMD)
5370 if (po->op == OP_PUSH && po->operand[0].type == OPT_REG)
5372 reg = po->operand[0].reg;
5374 ferr(po, "reg not set for push?\n");
5377 ret = scan_for_pop(i + 1, opcnt,
5378 po->operand[0].name, i + opcnt * 1, 0, &depth, 0);
5380 regmask_save |= 1 << reg;
5381 po->flags |= OPF_RMD;
5382 scan_for_pop(i + 1, opcnt,
5383 po->operand[0].name, i + opcnt * 2, 0, &depth, 1);
5386 ret = scan_for_pop_ret(i + 1, opcnt, po->operand[0].name, 0);
5388 regmask_save |= 1 << reg;
5389 po->flags |= OPF_RMD;
5390 scan_for_pop_ret(i + 1, opcnt, po->operand[0].name, OPF_RMD);
5394 else if (po->op == OP_PUSH && po->operand[0].type == OPT_CONST) {
5395 for (j = i + 1; j < opcnt; j++) {
5396 if ((ops[j].flags & (OPF_JMP|OPF_TAIL|OPF_RSAVE))
5397 || ops[j].op == OP_PUSH || g_labels[i] != NULL)
5402 if (!(ops[j].flags & OPF_RMD) && ops[j].op == OP_POP)
5404 po->flags |= OPF_RMD;
5411 else if (po->op == OP_CALL) {
5412 po->regmask_dst |= 1 << xAX;
5414 dep = hg_fp_find_dep(fp, po->operand[0].name);
5416 dep->regmask_live = regmask_save | regmask_dst;
5418 else if (po->op == OP_RET) {
5419 if (po->operand_cnt > 0)
5423 if (has_ret != 0 && (po->flags & OPF_TAIL)) {
5424 if (po->op == OP_CALL) {
5429 struct parsed_opr opr = { 0, };
5434 ret = resolve_origin(i, &opr, i + opcnt * 3, &j, &from_caller);
5437 if (ret == -1 && from_caller) {
5438 // unresolved eax - probably void func
5442 if (ops[j].op == OP_CALL) {
5443 dep = hg_fp_find_dep(fp, po->operand[0].name);
5454 l = po->regmask_src & ~(regmask_save | regmask_dst);
5457 fnote(po, "dep |= %04x, dst %04x, save %04x\n", l,
5458 regmask_dst, regmask_save);
5461 regmask_dst |= po->regmask_dst;
5464 if (has_ret == -1 && (regmask_dep & (1 << xAX)))
5467 for (i = 0; i < g_eqcnt; i++)
5468 if (g_eqs[i].offset > max_bp_offset && g_eqs[i].offset < 4*32)
5469 max_bp_offset = g_eqs[i].offset;
5471 if (max_bp_offset > 0) {
5472 max_bp_offset = (max_bp_offset + 3) & ~3;
5473 fp->argc_stack = max_bp_offset / 4 - 1;
5474 if (!(g_ida_func_attr & IDAFA_BP_FRAME))
5478 fp->regmask_dep = regmask_dep & ~(1 << xSP);
5479 fp->has_ret = has_ret;
5482 static void hg_fp_resolve_deps(struct func_prototype *fp)
5484 struct func_prototype fp_s;
5487 // this thing is recursive, so mark first..
5488 fp->dep_resolved = 1;
5490 for (i = 0; i < fp->dep_func_cnt; i++) {
5491 strcpy(fp_s.name, fp->dep_func[i].name);
5492 fp->dep_func[i].proto = bsearch(&fp_s, hg_fp, hg_fp_cnt,
5493 sizeof(hg_fp[0]), hg_fp_cmp_name);
5494 if (fp->dep_func[i].proto != NULL) {
5495 if (!fp->dep_func[i].proto->dep_resolved)
5496 hg_fp_resolve_deps(fp->dep_func[i].proto);
5498 fp->regmask_dep |= ~fp->dep_func[i].regmask_live
5499 & fp->dep_func[i].proto->regmask_dep;
5501 if (fp->has_ret == -1)
5502 fp->has_ret = fp->dep_func[i].proto->has_ret;
5507 static void output_hdr(FILE *fout)
5509 struct func_prototype *fp;
5510 int had_usercall = 0;
5516 qsort(hg_fp, hg_fp_cnt, sizeof(hg_fp[0]), hg_fp_cmp_name);
5517 for (i = 0; i < hg_fp_cnt; i++)
5518 hg_fp_resolve_deps(&hg_fp[i]);
5520 // note: messes up .proto ptr, don't use
5521 //qsort(hg_fp, hg_fp_cnt, sizeof(hg_fp[0]), hg_fp_cmp_id);
5523 for (i = 0; i < hg_fp_cnt; i++) {
5525 if (fp->has_ret == -1)
5526 fprintf(fout, "// ret unresolved\n");
5528 fprintf(fout, "// dep:");
5529 for (j = 0; j < fp->dep_func_cnt; j++) {
5530 fprintf(fout, " %s/", fp->dep_func[j].name);
5531 if (fp->dep_func[j].proto != NULL)
5532 fprintf(fout, "%04x/%d", fp->dep_func[j].proto->regmask_dep,
5533 fp->dep_func[j].proto->has_ret);
5535 fprintf(fout, "\n");
5538 regmask_dep = fp->regmask_dep;
5539 argc_stack = fp->argc_stack;
5541 fprintf(fout, fp->has_ret ? "int " : "void ");
5542 if (regmask_dep && (fp->is_stdcall || argc_stack == 0)
5543 && (regmask_dep & ~((1 << xCX) | (1 << xDX))) == 0)
5545 fprintf(fout, "__fastcall ");
5547 fprintf(fout, " "); // align
5548 if (!(regmask_dep & (1 << xDX)) && argc_stack == 0)
5554 else if (regmask_dep && !fp->is_stdcall) {
5555 fprintf(fout, "/*__usercall*/ ");
5558 else if (regmask_dep) {
5559 fprintf(fout, "/*__userpurge*/ ");
5562 else if (fp->is_stdcall)
5563 fprintf(fout, "__stdcall ");
5565 fprintf(fout, "__cdecl ");
5567 fprintf(fout, "%s(", fp->name);
5570 for (j = 0; j < xSP; j++) {
5571 if (regmask_dep & (1 << j)) {
5574 fprintf(fout, ", ");
5575 fprintf(fout, "int a%d/*<%s>*/", arg, regs_r32[j]);
5579 for (j = 0; j < argc_stack; j++) {
5582 fprintf(fout, ", ");
5583 fprintf(fout, "int a%d", arg);
5586 fprintf(fout, ");\n");
5590 static void set_label(int i, const char *name)
5596 p = strchr(name, ':');
5600 if (g_labels[i] != NULL && !IS_START(g_labels[i], "algn_"))
5601 aerr("dupe label '%s' vs '%s'?\n", name, g_labels[i]);
5602 g_labels[i] = realloc(g_labels[i], len + 1);
5603 my_assert_not(g_labels[i], NULL);
5604 memcpy(g_labels[i], name, len);
5605 g_labels[i][len] = 0;
5608 // '=' needs special treatment..
5609 static char *next_word_s(char *w, size_t wsize, char *s)
5615 for (i = 0; i < wsize - 1; i++) {
5616 if (s[i] == 0 || my_isblank(s[i]) || (s[i] == '=' && i > 0))
5622 if (s[i] != 0 && !my_isblank(s[i]) && s[i] != '=')
5623 printf("warning: '%s' truncated\n", w);
5634 static struct chunk_item *func_chunks;
5635 static int func_chunk_cnt;
5636 static int func_chunk_alloc;
5638 static void add_func_chunk(FILE *fasm, const char *name, int line)
5640 if (func_chunk_cnt >= func_chunk_alloc) {
5641 func_chunk_alloc *= 2;
5642 func_chunks = realloc(func_chunks,
5643 func_chunk_alloc * sizeof(func_chunks[0]));
5644 my_assert_not(func_chunks, NULL);
5646 func_chunks[func_chunk_cnt].fptr = ftell(fasm);
5647 func_chunks[func_chunk_cnt].name = strdup(name);
5648 func_chunks[func_chunk_cnt].asmln = line;
5652 static int cmp_chunks(const void *p1, const void *p2)
5654 const struct chunk_item *c1 = p1, *c2 = p2;
5655 return strcmp(c1->name, c2->name);
5658 static int cmpstringp(const void *p1, const void *p2)
5660 return strcmp(*(char * const *)p1, *(char * const *)p2);
5663 static void scan_ahead(FILE *fasm)
5673 oldpos = ftell(fasm);
5676 while (fgets(line, sizeof(line), fasm))
5687 // get rid of random tabs
5688 for (i = 0; line[i] != 0; i++)
5689 if (line[i] == '\t')
5692 if (p[2] == 'S' && IS_START(p, "; START OF FUNCTION CHUNK FOR "))
5695 next_word(words[0], sizeof(words[0]), p);
5696 if (words[0][0] == 0)
5697 aerr("missing name for func chunk?\n");
5699 add_func_chunk(fasm, words[0], asmln);
5701 else if (IS_START(p, "; sctend"))
5707 for (wordc = 0; wordc < ARRAY_SIZE(words); wordc++) {
5708 words[wordc][0] = 0;
5709 p = sskip(next_word_s(words[wordc], sizeof(words[0]), p));
5710 if (*p == 0 || *p == ';') {
5716 if (wordc == 2 && IS(words[1], "ends"))
5720 fseek(fasm, oldpos, SEEK_SET);
5724 int main(int argc, char *argv[])
5726 FILE *fout, *fasm, *frlist;
5727 struct parsed_data *pd = NULL;
5729 char **rlist = NULL;
5731 int rlist_alloc = 0;
5732 int func_chunks_used = 0;
5733 int func_chunks_sorted = 0;
5734 int func_chunk_i = -1;
5735 long func_chunk_ret = 0;
5736 int func_chunk_ret_ln = 0;
5737 int scanned_ahead = 0;
5739 char words[20][256];
5740 enum opr_lenmod lmod;
5741 char *sctproto = NULL;
5743 int pending_endp = 0;
5745 int skip_warned = 0;
5746 int header_mode = 0;
5759 for (arg = 1; arg < argc; arg++) {
5760 if (IS(argv[arg], "-v"))
5762 else if (IS(argv[arg], "-rf"))
5763 g_allow_regfunc = 1;
5764 else if (IS(argv[arg], "-m"))
5766 else if (IS(argv[arg], "-hdr"))
5767 header_mode = g_quiet_pp = 1;
5772 if (argc < arg + 3) {
5773 printf("usage:\n%s [-v] [-rf] [-m] <.c> <.asm> <hdrf> [rlist]*\n"
5774 "%s -hdr <.h> <.asm> <seed_hdrf> [rlist]*\n",
5781 asmfn = argv[arg++];
5782 fasm = fopen(asmfn, "r");
5783 my_assert_not(fasm, NULL);
5785 hdrfn = argv[arg++];
5786 g_fhdr = fopen(hdrfn, "r");
5787 my_assert_not(g_fhdr, NULL);
5790 rlist = malloc(rlist_alloc * sizeof(rlist[0]));
5791 my_assert_not(rlist, NULL);
5792 // needs special handling..
5793 rlist[rlist_len++] = "__alloca_probe";
5795 func_chunk_alloc = 32;
5796 func_chunks = malloc(func_chunk_alloc * sizeof(func_chunks[0]));
5797 my_assert_not(func_chunks, NULL);
5799 memset(words, 0, sizeof(words));
5801 for (; arg < argc; arg++) {
5802 frlist = fopen(argv[arg], "r");
5803 my_assert_not(frlist, NULL);
5805 while (fgets(line, sizeof(line), frlist)) {
5807 if (*p == 0 || *p == ';')
5810 if (IS_START(p, "#if 0")
5811 || (g_allow_regfunc && IS_START(p, "#if NO_REGFUNC")))
5815 else if (IS_START(p, "#endif"))
5822 p = next_word(words[0], sizeof(words[0]), p);
5823 if (words[0][0] == 0)
5826 if (rlist_len >= rlist_alloc) {
5827 rlist_alloc = rlist_alloc * 2 + 64;
5828 rlist = realloc(rlist, rlist_alloc * sizeof(rlist[0]));
5829 my_assert_not(rlist, NULL);
5831 rlist[rlist_len++] = strdup(words[0]);
5840 qsort(rlist, rlist_len, sizeof(rlist[0]), cmpstringp);
5842 fout = fopen(argv[arg_out], "w");
5843 my_assert_not(fout, NULL);
5846 g_eqs = malloc(eq_alloc * sizeof(g_eqs[0]));
5847 my_assert_not(g_eqs, NULL);
5849 for (i = 0; i < ARRAY_SIZE(g_label_refs); i++) {
5850 g_label_refs[i].i = -1;
5851 g_label_refs[i].next = NULL;
5854 while (fgets(line, sizeof(line), fasm))
5863 // get rid of random tabs
5864 for (i = 0; line[i] != 0; i++)
5865 if (line[i] == '\t')
5870 if (p[2] == '=' && IS_START(p, "; =============== S U B"))
5871 goto do_pending_endp; // eww..
5873 if (p[2] == 'A' && IS_START(p, "; Attributes:"))
5875 static const char *attrs[] = {
5884 // parse IDA's attribute-list comment
5885 g_ida_func_attr = 0;
5888 for (; *p != 0; p = sskip(p)) {
5889 for (i = 0; i < ARRAY_SIZE(attrs); i++) {
5890 if (!strncmp(p, attrs[i], strlen(attrs[i]))) {
5891 g_ida_func_attr |= 1 << i;
5892 p += strlen(attrs[i]);
5896 if (i == ARRAY_SIZE(attrs)) {
5897 anote("unparsed IDA attr: %s\n", p);
5900 if (IS(attrs[i], "fpd=")) {
5901 p = next_word(words[0], sizeof(words[0]), p);
5906 else if (p[2] == 'S' && IS_START(p, "; START OF FUNCTION CHUNK FOR "))
5909 next_word(words[0], sizeof(words[0]), p);
5910 if (words[0][0] == 0)
5911 aerr("missing name for func chunk?\n");
5913 if (!scanned_ahead) {
5914 add_func_chunk(fasm, words[0], asmln);
5915 func_chunks_sorted = 0;
5918 else if (p[2] == 'E' && IS_START(p, "; END OF FUNCTION CHUNK"))
5920 if (func_chunk_i >= 0) {
5921 if (func_chunk_i < func_chunk_cnt
5922 && IS(func_chunks[func_chunk_i].name, g_func))
5924 // move on to next chunk
5925 ret = fseek(fasm, func_chunks[func_chunk_i].fptr, SEEK_SET);
5927 aerr("seek failed for '%s' chunk #%d\n",
5928 g_func, func_chunk_i);
5929 asmln = func_chunks[func_chunk_i].asmln;
5933 if (func_chunk_ret == 0)
5934 aerr("no return from chunk?\n");
5935 fseek(fasm, func_chunk_ret, SEEK_SET);
5936 asmln = func_chunk_ret_ln;
5942 else if (p[2] == 'F' && IS_START(p, "; FUNCTION CHUNK AT ")) {
5943 func_chunks_used = 1;
5945 if (IS_START(g_func, "sub_")) {
5946 unsigned long addr = strtoul(p, NULL, 16);
5947 unsigned long f_addr = strtoul(g_func + 4, NULL, 16);
5948 if (addr > f_addr && !scanned_ahead) {
5949 anote("scan_ahead caused by '%s', addr %lx\n",
5953 func_chunks_sorted = 0;
5961 for (i = wordc; i < ARRAY_SIZE(words); i++)
5963 for (wordc = 0; wordc < ARRAY_SIZE(words); wordc++) {
5964 p = sskip(next_word_s(words[wordc], sizeof(words[0]), p));
5965 if (*p == 0 || *p == ';') {
5970 if (*p != 0 && *p != ';')
5971 aerr("too many words\n");
5973 // alow asm patches in comments
5975 if (IS_START(p, "; sctpatch:")) {
5977 if (*p == 0 || *p == ';')
5979 goto parse_words; // lame
5981 if (IS_START(p, "; sctproto:")) {
5982 sctproto = strdup(p + 11);
5984 else if (IS_START(p, "; sctend")) {
5993 awarn("wordc == 0?\n");
5997 // don't care about this:
5998 if (words[0][0] == '.'
5999 || IS(words[0], "include")
6000 || IS(words[0], "assume") || IS(words[1], "segment")
6001 || IS(words[0], "align"))
6007 // do delayed endp processing to collect switch jumptables
6009 if (in_func && !skip_func && !end && wordc >= 2
6010 && ((words[0][0] == 'd' && words[0][2] == 0)
6011 || (words[1][0] == 'd' && words[1][2] == 0)))
6014 if (words[1][0] == 'd' && words[1][2] == 0) {
6016 if (g_func_pd_cnt >= pd_alloc) {
6017 pd_alloc = pd_alloc * 2 + 16;
6018 g_func_pd = realloc(g_func_pd,
6019 sizeof(g_func_pd[0]) * pd_alloc);
6020 my_assert_not(g_func_pd, NULL);
6022 pd = &g_func_pd[g_func_pd_cnt];
6024 memset(pd, 0, sizeof(*pd));
6025 strcpy(pd->label, words[0]);
6026 pd->type = OPT_CONST;
6027 pd->lmod = lmod_from_directive(words[1]);
6033 anote("skipping alignment byte?\n");
6036 lmod = lmod_from_directive(words[0]);
6037 if (lmod != pd->lmod)
6038 aerr("lmod change? %d->%d\n", pd->lmod, lmod);
6041 if (pd->count_alloc < pd->count + wordc) {
6042 pd->count_alloc = pd->count_alloc * 2 + 14 + wordc;
6043 pd->d = realloc(pd->d, sizeof(pd->d[0]) * pd->count_alloc);
6044 my_assert_not(pd->d, NULL);
6046 for (; i < wordc; i++) {
6047 if (IS(words[i], "offset")) {
6048 pd->type = OPT_OFFSET;
6051 p = strchr(words[i], ',');
6054 if (pd->type == OPT_OFFSET)
6055 pd->d[pd->count].u.label = strdup(words[i]);
6057 pd->d[pd->count].u.val = parse_number(words[i]);
6058 pd->d[pd->count].bt_i = -1;
6064 if (in_func && !skip_func) {
6066 gen_hdr(g_func, pi);
6068 gen_func(fout, g_fhdr, g_func, pi);
6073 g_ida_func_attr = 0;
6077 func_chunks_used = 0;
6080 memset(&ops, 0, pi * sizeof(ops[0]));
6085 for (i = 0; i < g_func_pd_cnt; i++) {
6087 if (pd->type == OPT_OFFSET) {
6088 for (j = 0; j < pd->count; j++)
6089 free(pd->d[j].u.label);
6103 if (IS(words[1], "proc")) {
6105 aerr("proc '%s' while in_func '%s'?\n",
6108 if (bsearch(&p, rlist, rlist_len, sizeof(rlist[0]), cmpstringp))
6110 strcpy(g_func, words[0]);
6111 set_label(0, words[0]);
6116 if (IS(words[1], "endp"))
6119 aerr("endp '%s' while not in_func?\n", words[0]);
6120 if (!IS(g_func, words[0]))
6121 aerr("endp '%s' while in_func '%s'?\n",
6124 if ((g_ida_func_attr & IDAFA_THUNK) && pi == 1
6125 && ops[0].op == OP_JMP && ops[0].operand[0].had_ds)
6131 if (!skip_func && func_chunks_used) {
6132 // start processing chunks
6133 struct chunk_item *ci, key = { g_func, 0 };
6135 func_chunk_ret = ftell(fasm);
6136 func_chunk_ret_ln = asmln;
6137 if (!func_chunks_sorted) {
6138 qsort(func_chunks, func_chunk_cnt,
6139 sizeof(func_chunks[0]), cmp_chunks);
6140 func_chunks_sorted = 1;
6142 ci = bsearch(&key, func_chunks, func_chunk_cnt,
6143 sizeof(func_chunks[0]), cmp_chunks);
6145 aerr("'%s' needs chunks, but none found\n", g_func);
6146 func_chunk_i = ci - func_chunks;
6147 for (; func_chunk_i > 0; func_chunk_i--)
6148 if (!IS(func_chunks[func_chunk_i - 1].name, g_func))
6151 ret = fseek(fasm, func_chunks[func_chunk_i].fptr, SEEK_SET);
6153 aerr("seek failed for '%s' chunk #%d\n", g_func, func_chunk_i);
6154 asmln = func_chunks[func_chunk_i].asmln;
6162 if (wordc == 2 && IS(words[1], "ends")) {
6166 goto do_pending_endp;
6170 // scan for next text segment
6171 while (fgets(line, sizeof(line), fasm)) {
6174 if (*p == 0 || *p == ';')
6177 if (strstr(p, "segment para public 'CODE' use32"))
6184 p = strchr(words[0], ':');
6186 set_label(pi, words[0]);
6190 if (!in_func || skip_func) {
6191 if (!skip_warned && !skip_func && g_labels[pi] != NULL) {
6193 anote("skipping from '%s'\n", g_labels[pi]);
6197 g_labels[pi] = NULL;
6201 if (wordc > 1 && IS(words[1], "="))
6204 aerr("unhandled equ, wc=%d\n", wordc);
6205 if (g_eqcnt >= eq_alloc) {
6207 g_eqs = realloc(g_eqs, eq_alloc * sizeof(g_eqs[0]));
6208 my_assert_not(g_eqs, NULL);
6211 len = strlen(words[0]);
6212 if (len > sizeof(g_eqs[0].name) - 1)
6213 aerr("equ name too long: %d\n", len);
6214 strcpy(g_eqs[g_eqcnt].name, words[0]);
6216 if (!IS(words[3], "ptr"))
6217 aerr("unhandled equ\n");
6218 if (IS(words[2], "dword"))
6219 g_eqs[g_eqcnt].lmod = OPLM_DWORD;
6220 else if (IS(words[2], "word"))
6221 g_eqs[g_eqcnt].lmod = OPLM_WORD;
6222 else if (IS(words[2], "byte"))
6223 g_eqs[g_eqcnt].lmod = OPLM_BYTE;
6224 else if (IS(words[2], "qword"))
6225 g_eqs[g_eqcnt].lmod = OPLM_QWORD;
6227 aerr("bad lmod: '%s'\n", words[2]);
6229 g_eqs[g_eqcnt].offset = parse_number(words[4]);
6234 if (pi >= ARRAY_SIZE(ops))
6235 aerr("too many ops\n");
6237 parse_op(&ops[pi], words, wordc);
6239 if (sctproto != NULL) {
6240 if (ops[pi].op == OP_CALL || ops[pi].op == OP_JMP)
6241 ops[pi].datap = sctproto;
6257 // vim:ts=2:shiftwidth=2:expandtab
notaz.gp2x.de / ia32rtools.git / blob