Merge pull request #1522 from w4kfu/x86_fix_and_instr_add

X86 fix and instr add

Author: serpilliere

miasm/arch/x86/arch.py

@@ -4285,7 +4285,8 @@ class ia32_aaa(mn_x86):
       rmmod(xmm_reg, rm_arg_xmm_m128) + [u08])
 addop("pshufhw", [bs8(0x0f), bs8(0x70), pref_f3] +
       rmmod(xmm_reg, rm_arg_xmm_m128) + [u08])
-
+addop("ptest", [bs8(0x0f), bs8(0x38), bs8(0x17), pref_66] +
+      rmmod(xmm_reg, rm_arg_xmm_m128))
 
 ### Convert
 ### SS = single precision
@@ -4345,6 +4346,23 @@ class ia32_aaa(mn_x86):
 addop("palignr", [bs8(0x0f), bs8(0x3a), bs8(0x0f), pref_66] +
       rmmod(xmm_reg, rm_arg_xmm_m128) + [u08], [xmm_reg, rm_arg_xmm_m128, u08])
 
+addop("pclmulqdq", [bs8(0x0f), bs8(0x3a), bs8(0x44), pref_66] +
+      rmmod(xmm_reg, rm_arg_xmm_m128) + [u08],
+      [xmm_reg, rm_arg_xmm_m128, u08])
+
+addop("psignb", [bs8(0x0f), bs8(0x38), bs8(0x08), no_xmm_pref] +
+      rmmod(mm_reg, rm_arg_mm_m64))
+addop("psignb", [bs8(0x0f), bs8(0x38), bs8(0x08), pref_66] +
+      rmmod(xmm_reg, rm_arg_xmm_m128))
+addop("psignw", [bs8(0x0f), bs8(0x38), bs8(0x09), no_xmm_pref] +
+      rmmod(mm_reg, rm_arg_mm_m64))
+addop("psignw", [bs8(0x0f), bs8(0x38), bs8(0x09), pref_66] +
+      rmmod(xmm_reg, rm_arg_xmm_m128))
+addop("psignd", [bs8(0x0f), bs8(0x38), bs8(0x0a), no_xmm_pref] +
+      rmmod(mm_reg, rm_arg_mm_m64))
+addop("psignd", [bs8(0x0f), bs8(0x38), bs8(0x0a), pref_66] +
+      rmmod(xmm_reg, rm_arg_xmm_m128))
+
 addop("psrlq", [bs8(0x0f), bs8(0x73), no_xmm_pref] +
       rmmod(d2, rm_arg_mm) + [u08], [rm_arg_mm, u08])
 addop("psrlq", [bs8(0x0f), bs8(0x73), pref_66] +
@@ -4447,6 +4465,9 @@ class ia32_aaa(mn_x86):
 addop("pmaxud", [bs8(0x0f), bs8(0x38), bs8(0x3f), pref_66] +
       rmmod(xmm_reg, rm_arg_xmm))
 
+addop("pmaxsd", [bs8(0x0f), bs8(0x38), bs8(0x3d), pref_66] +
+      rmmod(xmm_reg, rm_arg_xmm))
+
 addop("pmaxsw", [bs8(0x0f), bs8(0xee), no_xmm_pref] +
       rmmod(mm_reg, rm_arg_mm_m64))
 addop("pmaxsw", [bs8(0x0f), bs8(0xee), pref_66] +
@@ -4460,9 +4481,14 @@ class ia32_aaa(mn_x86):
 addop("pminuw", [bs8(0x0f), bs8(0x38), bs8(0x3a), pref_66] +
       rmmod(xmm_reg, rm_arg_xmm))
 
+addop("phminposuw", [bs8(0x0f), bs8(0x38), bs8(0x41), pref_66] +
+      rmmod(xmm_reg, rm_arg_xmm_m128))
+
 addop("pminud", [bs8(0x0f), bs8(0x38), bs8(0x3b), pref_66] +
       rmmod(xmm_reg, rm_arg_xmm))
 
+addop("pminsd", [bs8(0x0f), bs8(0x38), bs8(0x39), pref_66] +
+      rmmod(xmm_reg, rm_arg_xmm))
 
 addop("pcmpeqb", [bs8(0x0f), bs8(0x74), no_xmm_pref] +
       rmmod(mm_reg, rm_arg_mm))
@@ -4566,9 +4592,8 @@ class ia32_aaa(mn_x86):
       rmmod(xmm_reg, rm_arg_reg_m08) + [u08], [rm_arg_reg_m08, xmm_reg, u08])
 addop("pextrd", [bs8(0x0f), bs8(0x3a), bs8(0x16), pref_66, bs_opmode32] +
       rmmod(xmm_reg, rm_arg) + [u08], [rm_arg, xmm_reg, u08])
-addop("pextrq", [bs8(0x0f), bs8(0x3a), bs8(0x16), pref_66] +
-      rmmod(xmm_reg, rm_arg_m64) + [bs_opmode64] + [u08], [rm_arg_m64, xmm_reg, u08])
-
+addop("pextrq", [bs8(0x0F), bs8(0x3A), bs8(0x16), pref_66, bs_opmode64] +
+      rmmod(xmm_reg, rm_arg) + [u08], [rm_arg, xmm_reg, u08])
 
 addop("pextrw", [bs8(0x0f), bs8(0x3a), bs8(0x15), pref_66] +
       rmmod(xmm_reg, rm_arg_reg_m16) + [u08], [rm_arg_reg_m16, xmm_reg, u08])
@@ -4592,6 +4617,18 @@ class ia32_aaa(mn_x86):
 addop("pmovmskb", [bs8(0x0f), bs8(0xd7), pref_66] +
       rmmod(reg_modrm, rm_arg_xmm_reg))
 
+addop("pmovsxwd", [bs8(0x0f), bs8(0x38), bs8(0x23), pref_66] +
+      rmmod(xmm_reg, rm_arg_xmm_m64))
+
+addop("pmovsxwq", [bs8(0x0f), bs8(0x38), bs8(0x24), pref_66] +
+      rmmod(xmm_reg, rm_arg_xmm_m32))
+
+addop("pmovsxbd", [bs8(0x0f), bs8(0x38), bs8(0x21), pref_66] +
+      rmmod(xmm_reg, rm_arg_xmm_m32))
+
+addop("pmovsxdq", [bs8(0x0f), bs8(0x38), bs8(0x25), pref_66] +
+      rmmod(xmm_reg, rm_arg_xmm_m64))
+
 addop("shufps", [bs8(0x0f), bs8(0xc6), no_xmm_pref] +
       rmmod(xmm_reg, rm_arg_xmm) + [u08])
 addop("shufpd", [bs8(0x0f), bs8(0xc6), pref_66] +
@@ -4617,6 +4654,9 @@ class ia32_aaa(mn_x86):
 addop("packuswb", [bs8(0x0f), bs8(0x67), pref_66] +
       rmmod(xmm_reg, rm_arg_xmm_m128))
 
+addop("packusdw", [bs8(0x0f), bs8(0x38), bs8(0x2b), pref_66] +
+      rmmod(xmm_reg, rm_arg_xmm_m128))
+
 addop("pmullw", [bs8(0x0f), bs8(0xd5), no_xmm_pref] +
       rmmod(mm_reg, rm_arg_mm_m64))
 addop("pmullw", [bs8(0x0f), bs8(0xd5), pref_66] +
@@ -4629,6 +4669,8 @@ class ia32_aaa(mn_x86):
       rmmod(mm_reg, rm_arg_mm_m64))
 addop("pmulhw", [bs8(0x0f), bs8(0xe5), pref_66] +
       rmmod(xmm_reg, rm_arg_xmm_m128))
+addop("pmuldq", [bs8(0x0f), bs8(0x38), bs8(0x28), pref_66] +
+      rmmod(xmm_reg, rm_arg_xmm_m128))
 addop("pmuludq", [bs8(0x0f), bs8(0xf4), no_xmm_pref] +
       rmmod(mm_reg, rm_arg_mm_m64))
 addop("pmuludq", [bs8(0x0f), bs8(0xf4), pref_66] +

miasm/arch/x86/sem.py

@@ -3895,6 +3895,21 @@ def _float_min_max(expr):
 pmulhd = vec_vertical_instr('*', 32, lambda x: _keep_mul_high(x, signed=True))
 pmulhq = vec_vertical_instr('*', 64, lambda x: _keep_mul_high(x, signed=True))
 
+def pmuldq(ir, instr, dst, src):
+    e = []
+    if dst.size != 128:
+        raise RuntimeError("Unsupported size %d" % dst.size)
+
+    e.append(m2_expr.ExprAssign(
+        dst[:64],
+        src[:32].signExtend(64) * dst[:32].signExtend(64)
+    ))
+    e.append(m2_expr.ExprAssign(
+        dst[64:],
+        src[64:96].signExtend(64) * dst[64:96].signExtend(64)
+    ))
+    return e, []
+
 def pmuludq(ir, instr, dst, src):
     e = []
     if dst.size == 64:
@@ -3976,9 +3991,11 @@ def _average(expr):
 pminub = vec_vertical_instr('min', 8, lambda x: _min_max(x, signed=False))
 pminuw = vec_vertical_instr('min', 16, lambda x: _min_max(x, signed=False))
 pminud = vec_vertical_instr('min', 32, lambda x: _min_max(x, signed=False))
+pminsd = vec_vertical_instr('min', 32, lambda x: _min_max(x, signed=True))
 pmaxub = vec_vertical_instr('max', 8, lambda x: _min_max(x, signed=False))
 pmaxuw = vec_vertical_instr('max', 16, lambda x: _min_max(x, signed=False))
 pmaxud = vec_vertical_instr('max', 32, lambda x: _min_max(x, signed=False))
+pmaxsd = vec_vertical_instr('max', 32, lambda x: _min_max(x, signed=True))
 pmaxsw = vec_vertical_instr('max', 16, lambda x: _min_max(x, signed=True))
 
 # Floating-point arithmetic
@@ -4417,6 +4434,36 @@ def pshufhw(_, instr, dst, src, imm):
         out.append(src[shift + 64: shift + 16 + 64])
     return [m2_expr.ExprAssign(dst, m2_expr.ExprCompose(*out))], []
 
+def ptest(_, instr, dst, src):
+    e = []
+    e.append(m2_expr.ExprAssign(zf, m2_expr.ExprOp('FLAG_EQ', dst & src)))
+    e.append(m2_expr.ExprAssign(cf, m2_expr.ExprOp('FLAG_EQ', src & ~dst)))
+    e.append(m2_expr.ExprAssign(of, m2_expr.ExprInt(0, 1)))
+    e.append(m2_expr.ExprAssign(af, m2_expr.ExprInt(0, 1)))
+    e.append(m2_expr.ExprAssign(pf, m2_expr.ExprInt(0, 1)))
+    e.append(m2_expr.ExprAssign(nf, m2_expr.ExprInt(0, 1)))
+    return e, []
+
+def _clmul64_to_128(a64, b64):
+    assert a64.size == 64
+    assert b64.size == 64
+
+    a128 = a64.zeroExtend(128)
+    res = m2_expr.ExprInt(0, 128)
+
+    for i in range(64):
+        bit = b64[i:i + 1]
+        term = m2_expr.ExprCond(bit, a128 << m2_expr.ExprInt(i, 128), m2_expr.ExprInt(0, 128))
+        res = m2_expr.ExprOp('^', res, term)
+
+    return expr_simp(res)
+
+def pclmulqdq(_, instr, dst, src, imm8):
+    control = int(imm8)
+    a = dst[64:128] if (control & 0x01) else dst[:64]
+    b = src[64:128] if (control & 0x10) else src[:64]
+    res = _clmul64_to_128(a, b)
+    return [m2_expr.ExprAssign(dst, res)], []
 
 def ps_rl_ll(ir, instr, dst, src, op, size):
     mask = {16: 0xF,
@@ -4594,7 +4641,6 @@ def punpckldq(ir, instr, dst, src):
 def punpcklqdq(ir, instr, dst, src):
     return punpck(ir, instr, dst, src, 64, 0)
 
-
 def pinsr(_, instr, dst, src, imm, size):
     e = []
 
@@ -4682,6 +4728,52 @@ def unpcklpd(_, instr, dst, src):
     e.append(m2_expr.ExprAssign(dst, src))
     return e, []
 
+def pmovsxwd(ir, instr, dst, src):
+    out = []
+    for i in range(4):
+        lane = src[16 * i:16 * (i + 1)]
+        out.append(lane.signExtend(32))
+    return [m2_expr.ExprAssign(dst, m2_expr.ExprCompose(*out))], []
+
+def pmovsxwq(ir, instr, dst, src):
+    e = []
+    if dst.size != 128:
+        raise RuntimeError("Unsupported size %d" % dst.size)
+
+    out = []
+    for i in range(2):
+        w = src[16 * i:16 * (i + 1)]
+        out.append(w.signExtend(64))
+
+    e.append(m2_expr.ExprAssign(dst, m2_expr.ExprCompose(*out)))
+    return e, []
+
+def pmovmskb(ir, instr, dst, src):
+    e = []
+    e.append(m2_expr.ExprAssign(dst, src.zeroExtend(dst.size)))
+    return e, []
+
+def pmovsxbd(ir, instr, dst, src):
+    e = []
+    if dst.size != 128:
+        raise RuntimeError("Unsupported size %d" % dst.size)
+    out = []
+    for i in range(4):
+        b = src[8 * i: 8 * (i + 1)]
+        out.append(b.signExtend(32))
+    e.append(m2_expr.ExprAssign(dst, m2_expr.ExprCompose(*out)))
+    return e, []
+
+def pmovsxdq(_, instr, dst, src):
+    e = []
+    if dst.size != 128:
+        raise RuntimeError("Unsupported size %d" % dst.size)
+    out = []
+    for i in range(2):
+        d = src[32 * i: 32 * (i + 1)]
+        out.append(d.signExtend(64))
+    e.append(m2_expr.ExprAssign(dst, m2_expr.ExprCompose(*out)))
+    return e, []
 
 def movlpd(_, instr, dst, src):
     e = []
@@ -4805,6 +4897,36 @@ def palignr(ir, instr, dst, src, imm):
 
     return [m2_expr.ExprAssign(dst, result)], []
 
+def psign(ir, instr, dst, src, lane_size):
+    if dst.size not in [64, 128] or src.size != dst.size:
+        raise RuntimeError("Unsupported size dst=%d src=%d" % (dst.size, src.size))
+
+    out = []
+    for i in range(0, dst.size, lane_size):
+        data = dst[i:i + lane_size]
+        control = src[i:i + lane_size]
+        neg_data = (data ^ data.mask) + m2_expr.ExprInt(1, data.size)
+        out.append(
+            m2_expr.ExprCond(
+                control.msb(),
+                neg_data,
+                m2_expr.ExprCond(
+                    control,
+                    data,
+                    m2_expr.ExprInt(0, data.size)
+                )
+            )
+        )
+    return [m2_expr.ExprAssign(dst, m2_expr.ExprCompose(*out))], []
+
+def psignb(ir, instr, dst, src):
+    return psign(ir, instr, dst, src, 8)
+
+def psignw(ir, instr, dst, src):
+    return psign(ir, instr, dst, src, 16)
+
+def psignd(ir, instr, dst, src):
+    return psign(ir, instr, dst, src, 32)
 
 def _signed_to_signed_saturation(expr, dst_size):
     """Saturate the expr @expr for @dst_size bit
@@ -4873,7 +4995,21 @@ def _signed_to_unsigned_saturation(expr, dst_size):
         )
     )
 
+def phminposuw(ir, instr, dst, src):
+    if dst.size != 128 or src.size != 128:
+        raise RuntimeError("Unsupported size dst=%d src=%d" % (dst.size, src.size))
+
+    min_val = src[:16]
+    min_idx = m2_expr.ExprInt(0, 16)
 
+    for i in range(1, 8):
+        word = src[i * 16:(i + 1) * 16]
+        cond = m2_expr.expr_is_unsigned_lower(word, min_val)
+        min_val = m2_expr.ExprCond(cond, word, min_val)
+        min_idx = m2_expr.ExprCond(cond, m2_expr.ExprInt(i, 16), min_idx)
+
+    result = m2_expr.ExprCompose(min_val, min_idx, m2_expr.ExprInt(0, 96))
+    return [m2_expr.ExprAssign(dst, result)], []
 
 def packsswb(ir, instr, dst, src):
     out = []
@@ -4898,6 +5034,12 @@ def packuswb(ir, instr, dst, src):
             out.append(_signed_to_unsigned_saturation(source[start:start + 16], 8))
     return [m2_expr.ExprAssign(dst, m2_expr.ExprCompose(*out))], []
 
+def packusdw(ir, instr, dst, src):
+    out = []
+    for source in [dst, src]:
+        for start in range(0, dst.size, 32):
+            out.append(_signed_to_unsigned_saturation(source[start:start + 32], 16))
+    return [m2_expr.ExprAssign(dst, m2_expr.ExprCompose(*out))], []
 
 def _saturation_sub_unsigned(expr):
     assert expr.is_op("+") and len(expr.args) == 2 and expr.args[-1].is_op("-")
@@ -5533,6 +5675,7 @@ def fxrstor(_ir, _instr, _dst):
               "pmulhw": pmulhw,
               "pmulhd": pmulhd,
               "pmulhq": pmulhq,
+              "pmuldq": pmuldq,
               "pmuludq": pmuludq,
 
               # Mix
@@ -5633,6 +5776,9 @@ def fxrstor(_ir, _instr, _dst):
               "pshufd": pshufd,
               "pshuflw": pshuflw,
               "pshufhw": pshufhw,
+              "ptest": ptest,
+              "ptest": ptest,
+              "pclmulqdq": pclmulqdq,
 
               "psrlw": psrlw,
               "psrld": psrld,
@@ -5647,14 +5793,20 @@ def fxrstor(_ir, _instr, _dst):
 
               "palignr": palignr,
 
+              "psignb": psignb,
+              "psignw": psignw,
+              "psignd": psignd,
+
               "pmaxub": pmaxub,
               "pmaxuw": pmaxuw,
               "pmaxud": pmaxud,
+              "pmaxsd": pmaxsd,
               "pmaxsw": pmaxsw,
 
               "pminub": pminub,
               "pminuw": pminuw,
               "pminud": pminud,
+              "pminsd": pminsd,
 
               "pcmpeqb": pcmpeqb,
               "pcmpeqw": pcmpeqw,
@@ -5707,10 +5859,17 @@ def fxrstor(_ir, _instr, _dst):
               "sqrtss": sqrtss,
 
               "pmovmskb": pmovmskb,
+              "pmovsxwd": pmovsxwd,
+              "pmovsxwq": pmovsxwq,
+              "pmovsxbd": pmovsxbd,
+              "pmovsxdq": pmovsxdq,
+
+              "phminposuw": phminposuw,
 
               "packsswb": packsswb,
               "packssdw": packssdw,
               "packuswb": packuswb,
+              "packusdw": packusdw,
 
               "psubusb": psubusb,
               "psubusw": psubusw,