void CreateTest(int bitness, string hexBytes, Func<Instruction> create) {
var bytes = HexUtils.ToByteArray(hexBytes);
var decoder = Decoder.Create(bitness, new ByteArrayCodeReader(bytes));
switch (bitness) {
case 16: decoder.InstructionPointer = DecoderConstants.DEFAULT_IP16; break;
case 32: decoder.InstructionPointer = DecoderConstants.DEFAULT_IP32; break;
case 64: decoder.InstructionPointer = DecoderConstants.DEFAULT_IP64; break;
default: throw new InvalidOperationException();
}
var origRip = decoder.InstructionPointer;
decoder.Decode(out var decodedInstr);
decodedInstr.CodeSize = 0;
decodedInstr.ByteLength = 0;
decodedInstr.NextIP64 = 0;
var createdInstr = create();
Assert.True(Instruction.TEST_BitByBitEquals(ref decodedInstr, ref createdInstr));
var writer = new CodeWriterImpl();
var encoder = decoder.CreateEncoder(writer);
bool result = encoder.TryEncode(ref createdInstr, origRip, out _, out var errorMessage);
Assert.Null(errorMessage);
Assert.True(result);
Assert.Equal(bytes, writer.ToArray());
}
public static IntPtr RunRemoteCode(IntPtr hProc, IReadOnlyList <Instruction> instructions, bool x86)
{
var cw = new CodeWriterImpl();
var ib = new InstructionBlock(cw, new List <Instruction>(instructions), 0);
if (!BlockEncoder.TryEncode(x86 ? 32 : 64, ib, out string?errMsg, out _))
{
throw new Exception("Error during Iced encode: " + errMsg);
}
byte[] bytes = cw.ToArray();
var ptrStub = Native.VirtualAllocEx(hProc, IntPtr.Zero, (uint)bytes.Length, 0x1000, 0x40);
Native.WriteProcessMemory(hProc, ptrStub, bytes, (uint)bytes.Length, out _);
Console.WriteLine("Written to 0x" + ptrStub.ToInt64().ToString("X8"));
#if DEBUG
Console.WriteLine("Press ENTER to start remote thread (you have the chance to place a breakpoint now)");
Console.ReadLine();
#endif
var thread = Native.CreateRemoteThread(hProc, IntPtr.Zero, 0u, ptrStub, IntPtr.Zero, 0u, IntPtr.Zero);
// NOTE: could wait for thread to finish with WaitForSingleObject
Debug.Assert(thread != IntPtr.Zero);
return(thread);
}
void Test_zero_bytes()
{
var a = new Assembler(64);
var lblf = a.CreateLabel();
var lbll = a.CreateLabel();
var lbl1 = a.CreateLabel();
var lbl2 = a.CreateLabel();
a.Label(ref lblf);
a.zero_bytes();
a.je(lbl1);
a.je(lbl2);
a.Label(ref lbl1);
a.zero_bytes();
a.Label(ref lbl2);
a.nop();
[email protected]_bytes();
a.Label(ref lbll);
a.zero_bytes();
var writer = new CodeWriterImpl();
a.Assemble(writer, 0);
var bytes = writer.ToArray();
Assert.Equal(new byte[] { 0x74, 0x02, 0x74, 0x00, 0x90 }, bytes);
}
/// <summary>
/// Encodes the original bytes for a new address fixing e.g. branches, calls, jumps for execution at a given address.
/// </summary>
/// <param name="newAddress">The new address to encode the original instructions for.</param>
public byte[] EncodeForNewAddress(IntPtr newAddress)
{
var writer = new CodeWriterImpl(_bytes.Length * 2);
var block = new InstructionBlock(writer, DecodePrologue(), (ulong)newAddress);
BlockEncoder.TryEncode(_bitness, block, out _);
return(writer.ToArray());
}
/// <summary>
/// Encodes the original bytes for a new address fixing e.g. branches, calls, jumps for execution at a given address.
/// </summary>
/// <param name="newAddress">The new address to encode the original instructions for.</param>
public byte[] EncodeForNewAddress(nuint newAddress)
{
var writer = new CodeWriterImpl(_bytes.Length * 2);
var block = new InstructionBlock(writer, DecodePrologue(), newAddress);
if (!BlockEncoder.TryEncode(_bitness, block, out var error, out _))
{
throw new Exception($"Reloaded Hooks: Internal Error in {nameof(Reloaded.Hooks.Internal)}/{nameof(IcedPatcher)}. " +
$"Failed to re-encode code for new address. Process will probably die." +
$"Error: {error}");
}
return(writer.ToArray());
}
void Anonymous_labels()
{
var c = new Assembler(64);
var lbl1 = c.CreateLabel();
var lbl2 = c.CreateLabel();
var lbl3 = c.CreateLabel();
var lbl4 = c.CreateLabel();
c.Label(ref lbl1);
c.inc(eax);
c.nop();
c.AnonymousLabel();
c.je(c.@B);
c.nop();
c.Label(ref lbl2);
c.je(c.@B);
c.nop();
c.jmp(lbl1);
c.nop();
c.jmp(lbl2);
c.nop();
c.jmp(lbl3);
c.nop();
c.jmp(lbl4);
c.nop();
c.jne(c.@F);
c.nop();
c.Label(ref lbl3);
c.jne(c.@F);
c.nop();
c.AnonymousLabel();
c.inc(eax);
c.nop();
c.Label(ref lbl4);
c.nop();
c.nop();
var expectedData = new byte[] {
0xFF, 0xC0, 0x90, 0x74, 0xFE, 0x90, 0x74, 0xFB, 0x90, 0xEB, 0xF5, 0x90, 0xEB, 0xF8, 0x90, 0xEB,
0x07, 0x90, 0xEB, 0x0A, 0x90, 0x75, 0x04, 0x90, 0x75, 0x01, 0x90, 0xFF, 0xC0, 0x90, 0x90, 0x90,
};
var writer = new CodeWriterImpl();
c.Assemble(writer, 0);
Assert.Equal(expectedData, writer.ToArray());
}
public void TestInvalidStateAssembler()
{
{
var assembler = new Assembler(Bitness);
var writer = new CodeWriterImpl();
var ex = Assert.Throws <InvalidOperationException>(() => assembler.rep.Assemble(writer, 0));
Assert.Contains("Unused prefixes", ex.Message);
}
{
var assembler = new Assembler(Bitness);
var label = assembler.CreateLabel(("BadLabel"));
assembler.Label(ref label);
var writer = new CodeWriterImpl();
var ex = Assert.Throws <InvalidOperationException>(() => assembler.Assemble(writer, 0));
Assert.Contains("Unused label", ex.Message);
}
}
void Reset_works()
{
var c = new Assembler(Bitness);
c.CreateLabel();
c.add(rax, rcx);
_ = c.@lock;
c.PreferVex = false;
c.PreferBranchShort = false;
c.Reset();
Assert.False(c.PreferVex);
Assert.False(c.PreferBranchShort);
Assert.Empty(c.Instructions);
Assert.True(c.CurrentLabel.IsEmpty);
var writer = new CodeWriterImpl();
var result = c.Assemble(writer, 0);
Assert.Single(result.Result);
Assert.Empty(writer.ToArray());
}
public void TestLabelRIP()
{
{
var c = new Assembler(Bitness);
var label0 = c.CreateLabel();
var label1 = c.CreateLabel();
c.nop();
c.nop();
c.nop();
c.Label(ref label1);
c.nop();
var writer = new CodeWriterImpl();
var result = c.Assemble(writer, 0x100, BlockEncoderOptions.ReturnNewInstructionOffsets);
var label1RIP = result.GetLabelRIP(label1);
Assert.Equal((ulong)0x103, label1RIP);
Assert.Throws <ArgumentOutOfRangeException>(() => result.GetLabelRIP(label1, 1));
Assert.Throws <ArgumentException>(() => result.GetLabelRIP(label0));
}
{
var c = new Assembler(Bitness);
var label1 = c.CreateLabel();
c.nop();
c.Label(ref label1);
c.nop();
// Cannot use a label not created via CreateLabel
var emptyLabel = new Label();
Assert.Throws <ArgumentException>(() => c.Label(ref emptyLabel));
// Cannot use a label already emitted
Assert.Throws <ArgumentException>(() => c.Label(ref label1));
var writer = new CodeWriterImpl();
var result = c.Assemble(writer, 0);
// Will throw without BlockEncoderOptions.ReturnNewInstructionOffsets
Assert.Throws <ArgumentOutOfRangeException>(() => result.GetLabelRIP(label1));
Assert.Throws <ArgumentOutOfRangeException>(() => default(AssemblerResult).GetLabelRIP(label1));
Assert.Throws <ArgumentException>(() => result.GetLabelRIP(new Label()));
}
}
public void TestNops()
{
foreach (var bitness in new[] { 16, 32, 64 })
{
for (int i = 0; i <= 128; i++)
{
var a = new Assembler(bitness);
a.nop(i);
var writer = new CodeWriterImpl();
a.Assemble(writer, 0);
var data = writer.ToArray();
Assert.Equal(i, data.Length);
var reader = new ByteArrayCodeReader(data);
var decoder = Decoder.Create(bitness, reader);
while (reader.CanReadByte)
{
var instr = decoder.Decode();
switch (instr.Code)
{
case Code.Nopw:
case Code.Nopd:
case Code.Nopq:
case Code.Nop_rm16:
case Code.Nop_rm32:
case Code.Nop_rm64:
break;
default:
Assert.True(false, $"Expected a NOP but got {instr.Code}");
break;
}
}
}
{
var a = new Assembler(bitness);
Assert.Throws <ArgumentOutOfRangeException>(() => a.nop(-1));
}
}
}
void TestVexEvexPrefixes()
{
var a = new Assembler(64);
a.PreferVex = true;
Assert.True(a.PreferVex);
a.vaddpd(xmm1, xmm2, xmm3);
a.vex.vaddpd(xmm1, xmm2, xmm3);
a.vaddpd(xmm1, xmm2, xmm3);
a.evex.vaddpd(xmm1, xmm2, xmm3);
a.vaddpd(xmm1, xmm2, xmm3);
Assert.True(a.PreferVex);
a.PreferVex = false;
Assert.False(a.PreferVex);
a.vaddpd(xmm1, xmm2, xmm3);
a.vex.vaddpd(xmm1, xmm2, xmm3);
a.vaddpd(xmm1, xmm2, xmm3);
a.evex.vaddpd(xmm1, xmm2, xmm3);
a.vaddpd(xmm1, xmm2, xmm3);
Assert.False(a.PreferVex);
var writer = new CodeWriterImpl();
a.Assemble(writer, 0);
var bytes = writer.ToArray();
Assert.Equal(new byte[] {
0xC5, 0xE9, 0x58, 0xCB,
0xC5, 0xE9, 0x58, 0xCB,
0xC5, 0xE9, 0x58, 0xCB,
0x62, 0xF1, 0xED, 0x08, 0x58, 0xCB,
0xC5, 0xE9, 0x58, 0xCB,
0x62, 0xF1, 0xED, 0x08, 0x58, 0xCB,
0xC5, 0xE9, 0x58, 0xCB,
0x62, 0xF1, 0xED, 0x08, 0x58, 0xCB,
0x62, 0xF1, 0xED, 0x08, 0x58, 0xCB,
0x62, 0xF1, 0xED, 0x08, 0x58, 0xCB,
}, bytes);
}
protected unsafe void TestAssemblerDeclareData <T>(Action <Assembler> fAsm, T[] data) where T : unmanaged
{
var assembler = new Assembler(Bitness);
var sizeOfT = sizeof(T);
fAsm(assembler);
var writer = new CodeWriterImpl();
assembler.Assemble(writer, 0);
var buffer = writer.ToArray();
Assert.Equal(sizeOfT * data.Length, buffer.Length);
fixed(void *pData = data)
{
for (int i = 0; i < buffer.Length; i++)
{
var expectedData = ((byte *)pData)[i];
Assert.True(expectedData == buffer[i], $"Invalid data at offset {i}. Expecting {expectedData:x2}. Actual: {buffer[i]}");
}
}
}
/// <summary>
/// Patches the prologue of a function with iced and returns the new address of the prologue.
/// </summary>
/// <returns></returns>
public IntPtr GetFunctionAddress()
{
if (_newPrologueAddress != IntPtr.Zero)
{
return(_newPrologueAddress);
}
var estimateLength = _bytes.Length * 2; // Super generous! Exact length not known till relocated, just ensuring the size is enough under any circumstance.
var buffer = Utilities.FindOrCreateBufferInRange(estimateLength);
return(buffer.ExecuteWithLock(() =>
{
// Patch prologue
var newBaseAddress = buffer.Properties.WritePointer;
var writer = new CodeWriterImpl(estimateLength);
var block = new InstructionBlock((CodeWriter)writer, DecodePrologue(), (ulong)newBaseAddress);
BlockEncoder.TryEncode(_bitness, block, out _);
var data = writer.ToArray();
_newPrologueAddress = buffer.Add(data, 1);
return _newPrologueAddress;
}));
}
private static IntPtr AllocateStub(IntPtr hProc, string asmPath, string typeName, string methodName, string?args, IntPtr fnAddr, bool x86, bool isV4)
{
const string clrVersion2 = "v2.0.50727";
const string clrVersion4 = "v4.0.30319";
string clrVersion = isV4 ? clrVersion4 : clrVersion2;
const string buildFlavor = "wks"; // WorkStation
var clsidCLRRuntimeHost = new Guid(0x90F1A06E, 0x7712, 0x4762, 0x86, 0xB5, 0x7A, 0x5E, 0xBA, 0x6B, 0xDB, 0x02);
var iidICLRRuntimeHost = new Guid(0x90F1A06C, 0x7712, 0x4762, 0x86, 0xB5, 0x7A, 0x5E, 0xBA, 0x6B, 0xDB, 0x02);
IntPtr ppv = alloc(IntPtr.Size);
IntPtr riid = allocBytes(iidICLRRuntimeHost.ToByteArray());
IntPtr rcslid = allocBytes(clsidCLRRuntimeHost.ToByteArray());
IntPtr pwszBuildFlavor = allocString(buildFlavor);
IntPtr pwszVersion = allocString(clrVersion);
IntPtr pReturnValue = alloc(4);
IntPtr pwzArgument = allocString(args);
IntPtr pwzMethodName = allocString(methodName);
IntPtr pwzTypeName = allocString(typeName);
IntPtr pwzAssemblyPath = allocString(asmPath);
var instructions = new InstructionList();
if (x86)
{
// call CorBindtoRuntimeEx
instructions.Add(Instruction.Create(Code.Pushd_imm32, ppv.ToInt32()));
instructions.Add(Instruction.Create(Code.Pushd_imm32, riid.ToInt32()));
instructions.Add(Instruction.Create(Code.Pushd_imm32, rcslid.ToInt32()));
instructions.Add(Instruction.Create(Code.Pushd_imm8, 0)); // startupFlags
instructions.Add(Instruction.Create(Code.Pushd_imm32, pwszBuildFlavor.ToInt32()));
instructions.Add(Instruction.Create(Code.Pushd_imm32, pwszVersion.ToInt32()));
instructions.Add(Instruction.Create(Code.Mov_r32_imm32, Register.EAX, fnAddr.ToInt32()));
instructions.Add(Instruction.Create(Code.Call_rm32, Register.EAX));
// call ICLRRuntimeHost::Start
instructions.Add(Instruction.Create(Code.Mov_r32_rm32, Register.EAX, new MemoryOperand(Register.None, ppv.ToInt32())));
instructions.Add(Instruction.Create(Code.Mov_r32_rm32, Register.ECX, new MemoryOperand(Register.EAX)));
instructions.Add(Instruction.Create(Code.Mov_r32_rm32, Register.EDX, new MemoryOperand(Register.ECX, 0x0C)));
instructions.Add(Instruction.Create(Code.Push_r32, Register.EAX));
instructions.Add(Instruction.Create(Code.Call_rm32, Register.EDX));
// call ICLRRuntimeHost::ExecuteInDefaultAppDomain
instructions.Add(Instruction.Create(Code.Pushd_imm32, pReturnValue.ToInt32()));
instructions.Add(Instruction.Create(Code.Pushd_imm32, pwzArgument.ToInt32()));
instructions.Add(Instruction.Create(Code.Pushd_imm32, pwzMethodName.ToInt32()));
instructions.Add(Instruction.Create(Code.Pushd_imm32, pwzTypeName.ToInt32()));
instructions.Add(Instruction.Create(Code.Pushd_imm32, pwzAssemblyPath.ToInt32()));
instructions.Add(Instruction.Create(Code.Mov_r32_rm32, Register.EAX, new MemoryOperand(Register.None, ppv.ToInt32())));
instructions.Add(Instruction.Create(Code.Mov_r32_rm32, Register.ECX, new MemoryOperand(Register.EAX)));
instructions.Add(Instruction.Create(Code.Push_r32, Register.EAX));
instructions.Add(Instruction.Create(Code.Mov_r32_rm32, Register.EAX, new MemoryOperand(Register.ECX, 0x2C)));
instructions.Add(Instruction.Create(Code.Call_rm32, Register.EAX));
instructions.Add(Instruction.Create(Code.Retnd));
}
else
{
const int maxStackIndex = 3;
const int stackSize = 0x20 + maxStackIndex * 8; // 0x20 bytes shadow space, because x64
MemoryOperand stackAccess(int i) => new MemoryOperand(Register.RSP, stackSize - (maxStackIndex - i) * 8);
instructions.Add(Instruction.Create(Code.Sub_rm64_imm8, Register.RSP, stackSize));
// call CorBindtoRuntimeEx
// calling convention: https://docs.microsoft.com/en-us/cpp/build/x64-calling-convention?view=vs-2019
instructions.Add(Instruction.Create(Code.Mov_r64_imm64, Register.RAX, ppv.ToInt64()));
instructions.Add(Instruction.Create(Code.Mov_rm64_r64, stackAccess(1), Register.RAX));
instructions.Add(Instruction.Create(Code.Mov_r64_imm64, Register.RAX, riid.ToInt64()));
instructions.Add(Instruction.Create(Code.Mov_rm64_r64, stackAccess(0), Register.RAX));
instructions.Add(Instruction.Create(Code.Mov_r64_imm64, Register.R9, rcslid.ToInt64()));
instructions.Add(Instruction.Create(Code.Mov_r32_imm32, Register.R8D, 0)); // startupFlags
instructions.Add(Instruction.Create(Code.Mov_r64_imm64, Register.RDX, pwszBuildFlavor.ToInt64()));
instructions.Add(Instruction.Create(Code.Mov_r64_imm64, Register.RCX, pwszVersion.ToInt64()));
instructions.Add(Instruction.Create(Code.Mov_r64_imm64, Register.RAX, fnAddr.ToInt64()));
instructions.Add(Instruction.Create(Code.Call_rm64, Register.RAX));
// call pClrHost->Start();
instructions.Add(Instruction.Create(Code.Mov_r64_imm64, Register.RCX, ppv.ToInt64()));
instructions.Add(Instruction.Create(Code.Mov_r64_rm64, Register.RCX, new MemoryOperand(Register.RCX)));
instructions.Add(Instruction.Create(Code.Mov_r64_rm64, Register.RAX, new MemoryOperand(Register.RCX)));
instructions.Add(Instruction.Create(Code.Mov_r64_rm64, Register.RDX, new MemoryOperand(Register.RAX, 0x18)));
instructions.Add(Instruction.Create(Code.Call_rm64, Register.RDX));
// call pClrHost->ExecuteInDefaultAppDomain()
instructions.Add(Instruction.Create(Code.Mov_r64_imm64, Register.RDX, pReturnValue.ToInt64()));
instructions.Add(Instruction.Create(Code.Mov_rm64_r64, stackAccess(1), Register.RDX));
instructions.Add(Instruction.Create(Code.Mov_r64_imm64, Register.RDX, pwzArgument.ToInt64()));
instructions.Add(Instruction.Create(Code.Mov_rm64_r64, stackAccess(0), Register.RDX));
instructions.Add(Instruction.Create(Code.Mov_r64_imm64, Register.R9, pwzMethodName.ToInt64()));
instructions.Add(Instruction.Create(Code.Mov_r64_imm64, Register.R8, pwzTypeName.ToInt64()));
instructions.Add(Instruction.Create(Code.Mov_r64_imm64, Register.RDX, pwzAssemblyPath.ToInt64()));
instructions.Add(Instruction.Create(Code.Mov_r64_imm64, Register.RCX, ppv.ToInt64()));
instructions.Add(Instruction.Create(Code.Mov_r64_rm64, Register.RCX, new MemoryOperand(Register.RCX)));
instructions.Add(Instruction.Create(Code.Mov_r64_rm64, Register.RAX, new MemoryOperand(Register.RCX)));
instructions.Add(Instruction.Create(Code.Mov_r64_rm64, Register.RAX, new MemoryOperand(Register.RAX, 0x58)));
instructions.Add(Instruction.Create(Code.Call_rm64, Register.RAX));
instructions.Add(Instruction.Create(Code.Add_rm64_imm8, Register.RSP, stackSize));
instructions.Add(Instruction.Create(Code.Retnq));
}
var cw = new CodeWriterImpl();
var ib = new InstructionBlock(cw, instructions, 0);
bool success = BlockEncoder.TryEncode(x86 ? 32 : 64, ib, out string errMsg);
if (!success)
{
throw new Exception("Error during Iced encode: " + errMsg);
}
byte[] bytes = cw.ToArray();
var ptrStub = alloc(bytes.Length, 0x40); // RWX
writeBytes(ptrStub, bytes);
return(ptrStub);
IntPtr alloc(int size, int protection = 0x04) => Native.VirtualAllocEx(hProc, IntPtr.Zero, (uint)size, 0x1000, protection);
void writeBytes(IntPtr address, byte[] b) => Native.WriteProcessMemory(hProc, address, b, (uint)b.Length, out _);
void writeString(IntPtr address, string str) => writeBytes(address, new UnicodeEncoding().GetBytes(str));
IntPtr allocString(string?str)
{
if (str is null)
{
return(IntPtr.Zero);
}
IntPtr pString = alloc(str.Length * 2 + 2);
writeString(pString, str);
return(pString);
}
IntPtr allocBytes(byte[] buffer)
{
IntPtr pBuffer = alloc(buffer.Length);
writeBytes(pBuffer, buffer);
return(pBuffer);
}
}
protected void TestAssembler(Action <Assembler> fAsm, Instruction expectedInst, LocalOpCodeFlags flags = LocalOpCodeFlags.None)
{
var assembler = new Assembler(_bitness);
// Encode the instruction
if ((flags & LocalOpCodeFlags.PreferVex) != 0)
{
assembler.PreferVex = true;
}
else if ((flags & LocalOpCodeFlags.PreferEvex) != 0)
{
assembler.PreferVex = false;
}
if ((flags & LocalOpCodeFlags.PreferBranchShort) != 0)
{
assembler.PreferBranchShort = true;
}
else if ((flags & LocalOpCodeFlags.PreferBranchNear) != 0)
{
assembler.PreferBranchShort = false;
}
fAsm(assembler);
// Expecting only one instruction
Assert.Equal(1, assembler.Instructions.Count);
// Encode the instruction first to get any errors
var writer = new CodeWriterImpl();
assembler.Assemble(writer, 0, (flags & LocalOpCodeFlags.BranchUlong) != 0 ? BlockEncoderOptions.None : BlockEncoderOptions.DontFixBranches);
// Check that the instruction is the one expected
if ((flags & LocalOpCodeFlags.Broadcast) != 0)
{
expectedInst.IsBroadcast = true;
}
var inst = assembler.Instructions[0];
Assert.Equal(expectedInst, inst);
// Special for decoding options
DecoderOptions decoderOptions = DecoderOptions.None;
switch (inst.Code)
{
case Code.Umov_rm8_r8:
case Code.Umov_rm16_r16:
case Code.Umov_rm32_r32:
case Code.Umov_r8_rm8:
case Code.Umov_r16_rm16:
case Code.Umov_r32_rm32:
decoderOptions = DecoderOptions.Umov;
break;
case Code.Xbts_r16_rm16:
case Code.Xbts_r32_rm32:
case Code.Ibts_rm16_r16:
case Code.Ibts_rm32_r32:
decoderOptions = DecoderOptions.Xbts;
break;
case Code.Frstpm:
case Code.Fstdw_AX:
case Code.Fstsg_AX:
decoderOptions = DecoderOptions.OldFpu;
break;
case Code.Pcommit:
decoderOptions = DecoderOptions.Pcommit;
break;
case Code.Loadall386:
decoderOptions = DecoderOptions.Loadall386;
break;
case Code.Cl1invmb:
decoderOptions = DecoderOptions.Cl1invmb;
break;
case Code.Mov_r32_tr:
case Code.Mov_tr_r32:
decoderOptions = DecoderOptions.MovTr;
break;
case Code.Jmpe_rm16:
case Code.Jmpe_rm32:
case Code.Jmpe_disp16:
case Code.Jmpe_disp32:
decoderOptions = DecoderOptions.Jmpe;
break;
case Code.ReservedNop_rm16_r16_0F0D:
case Code.ReservedNop_rm32_r32_0F0D:
case Code.ReservedNop_rm64_r64_0F0D:
case Code.ReservedNop_rm16_r16_0F18:
case Code.ReservedNop_rm32_r32_0F18:
case Code.ReservedNop_rm64_r64_0F18:
case Code.ReservedNop_rm16_r16_0F19:
case Code.ReservedNop_rm32_r32_0F19:
case Code.ReservedNop_rm64_r64_0F19:
case Code.ReservedNop_rm16_r16_0F1A:
case Code.ReservedNop_rm32_r32_0F1A:
case Code.ReservedNop_rm64_r64_0F1A:
case Code.ReservedNop_rm16_r16_0F1B:
case Code.ReservedNop_rm32_r32_0F1B:
case Code.ReservedNop_rm64_r64_0F1B:
case Code.ReservedNop_rm16_r16_0F1C:
case Code.ReservedNop_rm32_r32_0F1C:
case Code.ReservedNop_rm64_r64_0F1C:
case Code.ReservedNop_rm16_r16_0F1D:
case Code.ReservedNop_rm32_r32_0F1D:
case Code.ReservedNop_rm64_r64_0F1D:
case Code.ReservedNop_rm16_r16_0F1E:
case Code.ReservedNop_rm32_r32_0F1E:
case Code.ReservedNop_rm64_r64_0F1E:
case Code.ReservedNop_rm16_r16_0F1F:
case Code.ReservedNop_rm32_r32_0F1F:
case Code.ReservedNop_rm64_r64_0F1F:
decoderOptions = DecoderOptions.ForceReservedNop;
break;
}
if ((flags & LocalOpCodeFlags.BranchUlong) == 0)
{
decoderOptions |= DecoderOptions.AmdBranches;
}
// Check decoding back against the original instruction
var instructionAsBytes = new System.Text.StringBuilder();
foreach (var b in writer.ToArray())
{
instructionAsBytes.Append($"{b:x2} ");
}
var decoder = Decoder.Create(_bitness, new ByteArrayCodeReader(writer.ToArray()), decoderOptions);
var decodedInst = decoder.Decode();
if ((flags & LocalOpCodeFlags.Fwait) != 0)
{
Assert.Equal(decodedInst, Instruction.Create(Code.Wait));
decodedInst = decoder.Decode();
switch (decodedInst.Code)
{
case Code.Fnstenv_m14byte:
decodedInst.Code = Code.Fstenv_m14byte;
break;
case Code.Fnstenv_m28byte:
decodedInst.Code = Code.Fstenv_m28byte;
break;
case Code.Fnstcw_m2byte:
decodedInst.Code = Code.Fstcw_m2byte;
break;
case Code.Fneni:
decodedInst.Code = Code.Feni;
break;
case Code.Fndisi:
decodedInst.Code = Code.Fdisi;
break;
case Code.Fnclex:
decodedInst.Code = Code.Fclex;
break;
case Code.Fninit:
decodedInst.Code = Code.Finit;
break;
case Code.Fnsetpm:
decodedInst.Code = Code.Fsetpm;
break;
case Code.Fnsave_m94byte:
decodedInst.Code = Code.Fsave_m94byte;
break;
case Code.Fnsave_m108byte:
decodedInst.Code = Code.Fsave_m108byte;
break;
case Code.Fnstsw_m2byte:
decodedInst.Code = Code.Fstsw_m2byte;
break;
case Code.Fnstsw_AX:
decodedInst.Code = Code.Fstsw_AX;
break;
}
}
// Reset IP to 0 when matching against decode
if (inst.Code != Code.Jmpe_disp16 && inst.Code != Code.Jmpe_disp32 && (flags & LocalOpCodeFlags.Branch) != 0)
{
// Check if it's a label ID, if so, replace it with the IP
if (inst.NearBranch64 == 1)
{
inst.NearBranch64 = 0;
}
}
// Special case for branch via ulong. An instruction like `loopne 000031D0h`
// could have been encoded with a sequence like:
//
// 0: e0 02 loopne 0x4
// 2: eb 05 jmp 0x9
// 4: e9 c7 31 00 00 jmp 0x31d0
if ((flags & LocalOpCodeFlags.BranchUlong) != 0)
{
Assert.Equal(inst.Code.ToShortBranch(), decodedInst.Code.ToShortBranch());
if (decodedInst.NearBranch64 == 4)
{
var nextDecodedInst = decoder.Decode();
var expectedCode = Bitness switch {
16 => Code.Jmp_rel8_16,
32 => Code.Jmp_rel8_32,
64 => Code.Jmp_rel8_64,
_ => throw new InvalidOperationException(),
};
Assert.True(nextDecodedInst.Code == expectedCode, $"Branch ulong next decoding failed!\nExpected: {expectedCode} \nActual Decoded: {nextDecodedInst}\n");
}
else
{
Assert.True(inst.NearBranch64 == decodedInst.NearBranch64, $"Branch decoding offset failed!\nExpected: {inst} ({instructionAsBytes})\nActual Decoded: {decodedInst}\n");
}
}
else
{
Assert.True(inst == decodedInst, $"Decoding failed!\nExpected: {inst} ({instructionAsBytes})\nActual Decoded: {decodedInst}\n");
}
}