Add a few missing instructions/tests

Author: mrexodia

include/remill/Arch/Runtime/HyperCall.h

@@ -32,6 +32,8 @@ class SyncHyperCall {
     kX86ReadTSCP,
     kX86LoadGlobalDescriptorTable,
     kX86LoadInterruptDescriptorTable,
+    kX86LoadAccessRights,
+    kX86VerifySegmentReadable,
     kX86ReadModelSpecificRegister,
     kX86WriteModelSpecificRegister,
     kX86WriteBackInvalidate,

lib/Arch/Runtime/HyperCall.cpp

@@ -78,7 +78,7 @@ Memory *__remill_sync_hyper_call(State &state, Memory *mem,
 
     case SyncHyperCall::kX86ReadTSC:
       asm volatile("rdtsc"
-                   : "=a"(state.gpr.rax.dword), "=d"(state.gpr.rdx.dword));
+                   : "=a"(state.gpr.rax.aword), "=d"(state.gpr.rdx.aword));
       break;
 
     case SyncHyperCall::kX86ReadTSCP:
@@ -113,6 +113,38 @@ Memory *__remill_sync_hyper_call(State &state, Memory *mem,
       break;
     }
 
+    case SyncHyperCall::kX86LoadAccessRights: {
+      const auto selector = static_cast<uint16_t>(state.addr_to_load);
+      uint8_t zf = 0;
+#if REMILL_HYPERCALL_X86
+      uint32_t result = 0;
+#else
+      uint64_t result = 0;
+#endif
+      asm volatile("lar %[src], %[dst] \n\t"
+                   "setz %[zf]"
+                   : [dst] "=r"(result), [zf] "=qm"(zf)
+                   : [src] "rm"(selector)
+                   : "cc");
+      state.addr_to_store = result;
+      state.rflag.zf = zf;
+      state.aflag.zf = zf;
+      break;
+    }
+
+    case SyncHyperCall::kX86VerifySegmentReadable: {
+      const auto selector = static_cast<uint16_t>(state.addr_to_load);
+      uint8_t zf = 0;
+      asm volatile("verr %[src] \n\t"
+                   "setz %[zf]"
+                   : [zf] "=qm"(zf)
+                   : [src] "rm"(selector)
+                   : "cc");
+      state.rflag.zf = zf;
+      state.aflag.zf = zf;
+      break;
+    }
+
     case SyncHyperCall::kX86ReadModelSpecificRegister:
       asm volatile("rdmsr"
                    : "=c"(state.gpr.rcx.dword)

lib/Arch/X86/Semantics/BINARY.cpp

@@ -402,8 +402,12 @@ IF_64BIT(DEF_ISEL(MUL_GPRv_64) = MULrax<R64>;)
 
 DEF_ISEL(MULX_GPR32d_GPR32d_GPR32d) = MULX<R32W, R32>;
 DEF_ISEL(MULX_GPR32d_GPR32d_MEMd) = MULX<R32W, M32>;
+DEF_ISEL(MULX_VGPR32d_VGPR32d_VGPR32d) = MULX<R32W, R32>;
+DEF_ISEL(MULX_VGPR32d_VGPR32d_MEMd) = MULX<R32W, M32>;
 IF_64BIT(DEF_ISEL(MULX_GPR64q_GPR64q_GPR64q) = MULX<R64W, R64>;)
 IF_64BIT(DEF_ISEL(MULX_GPR64q_GPR64q_MEMq) = MULX<R64W, M64>;)
+IF_64BIT(DEF_ISEL(MULX_VGPR64q_VGPR64q_VGPR64q) = MULX<R64W, R64>;)
+IF_64BIT(DEF_ISEL(MULX_VGPR64q_VGPR64q_MEMq) = MULX<R64W, M64>;)
 
 DEF_ISEL(MULPS_XMMps_MEMps) = MULPS<V128W, V128, MV128>;
 DEF_ISEL(MULPS_XMMps_XMMps) = MULPS<V128W, V128, V128>;

lib/Arch/X86/Semantics/BITBYTE.cpp

@@ -123,6 +123,8 @@ DEF_ISEL(SETP_MEMb) = SETP<M8W>;
 DEF_ISEL(SETP_GPR8) = SETP<R8W>;
 DEF_ISEL(SETZ_MEMb) = SETZ<M8W>;
 DEF_ISEL(SETZ_GPR8) = SETZ<R8W>;
+DEF_ISEL(SETE_MEMb) = SETZ<M8W>;
+DEF_ISEL(SETE_GPR8) = SETZ<R8W>;
 DEF_ISEL(SETS_MEMb) = SETS<M8W>;
 DEF_ISEL(SETS_GPR8) = SETS<R8W>;
 DEF_ISEL(SETNO_MEMb) = SETNO<M8W>;
@@ -323,6 +325,159 @@ DEF_SEM(LZCNT, D dst, S src) {
   return memory;
 }
 
+template <typename T>
+ALWAYS_INLINE static T LowBitMask(T count, T bit_size) {
+  if (UCmpEq(count, 0)) {
+    return Literal<T>(0);
+  }
+  if (!UCmpLt(count, bit_size)) {
+    return Maximize(Literal<T>(0));
+  }
+  return USub(UShl(Literal<T>(1), count), Literal<T>(1));
+}
+
+template <typename T>
+ALWAYS_INLINE static T PopulationCount(T val) {
+  auto count = Literal<T>(0);
+  for (unsigned i = 0; i < (sizeof(T) * 8U); ++i) {
+    count = UAdd(count, UAnd(UShr(val, Literal<T>(i)), Literal<T>(1)));
+  }
+  return count;
+}
+
+ALWAYS_INLINE static uint32_t CRC32Byte(uint32_t crc, uint8_t byte) {
+  crc = UXor(crc, ZExtTo<uint32_t>(byte));
+  for (unsigned i = 0; i < 8U; ++i) {
+    auto low_bit_set = UCmpNeq(UAnd(crc, Literal<uint32_t>(1)), 0U);
+    crc = UShr(crc, 1U);
+    crc = Select(low_bit_set, UXor(crc, Literal<uint32_t>(0x82F63B78U)), crc);
+  }
+  return crc;
+}
+
+template <typename T>
+ALWAYS_INLINE static uint32_t CRC32Value(uint32_t crc, T val) {
+  for (unsigned i = 0; i < sizeof(T); ++i) {
+    crc = CRC32Byte(crc,
+                    TruncTo<uint8_t>(UShr(val, Literal<T>(i * 8U))));
+  }
+  return crc;
+}
+
+template <typename D, typename S1, typename S2>
+DEF_SEM(BEXTR, D dst, S1 src1, S2 src2) {
+  auto val = Read(src1);
+  auto control = Read(src2);
+  auto bit_size = BitSizeOf(src1);
+  auto start = ZExtTo<S1>(TruncTo<uint8_t>(control));
+  auto length =
+      ZExtTo<S1>(TruncTo<uint8_t>(UShr(control, Literal<decltype(control)>(8))));
+  auto res = Literal<S1>(0);
+
+  if (UCmpLt(start, bit_size) && UCmpNeq(length, 0)) {
+    auto avail = USub(bit_size, start);
+    auto use_len = Select(UCmpLt(avail, length), avail, length);
+    auto mask = LowBitMask(use_len, bit_size);
+    res = UAnd(UShr(val, start), mask);
+  }
+
+  WriteZExt(dst, res);
+  Write(FLAG_CF, false);
+  Write(FLAG_OF, false);
+  Write(FLAG_ZF, ZeroFlag(res));
+  Write(FLAG_SF, false);
+  UndefFlag(af);
+  UndefFlag(pf);
+  return memory;
+}
+
+template <typename D, typename S1, typename S2>
+DEF_SEM(BZHI, D dst, S1 src1, S2 src2) {
+  auto val = Read(src1);
+  auto count = ZExtTo<S1>(TruncTo<uint8_t>(Read(src2)));
+  auto bit_size = BitSizeOf(src1);
+  auto out_of_range = !UCmpLt(count, bit_size);
+  auto mask = LowBitMask(count, bit_size);
+  auto res = Select(out_of_range, val, UAnd(val, mask));
+
+  WriteZExt(dst, res);
+  Write(FLAG_CF, out_of_range);
+  Write(FLAG_OF, false);
+  Write(FLAG_ZF, ZeroFlag(res));
+  Write(FLAG_SF, SignFlag(res));
+  UndefFlag(af);
+  UndefFlag(pf);
+  return memory;
+}
+
+template <typename D, typename S>
+DEF_SEM(POPCNT, D dst, S src) {
+  auto val = Read(src);
+  auto count = PopulationCount(val);
+  WriteZExt(dst, count);
+  Write(FLAG_CF, false);
+  Write(FLAG_PF, false);
+  Write(FLAG_AF, false);
+  Write(FLAG_ZF, ZeroFlag(val));
+  Write(FLAG_SF, false);
+  Write(FLAG_OF, false);
+  return memory;
+}
+
+template <typename D, typename S1, typename S2>
+DEF_SEM(PDEP, D dst, S1 src1, S2 src2) {
+  auto src = Read(src1);
+  auto mask = Read(src2);
+  auto res = Literal<S1>(0);
+  unsigned src_index = 0;
+
+  for (unsigned i = 0; i < (sizeof(decltype(src)) * 8U); ++i) {
+    auto mask_bit = UShl(Literal<S1>(1), Literal<decltype(src)>(i));
+    if (UCmpNeq(UAnd(mask, mask_bit), 0)) {
+      auto src_bit =
+          UAnd(UShr(src, Literal<decltype(src)>(src_index)), Literal<S1>(1));
+      if (UCmpNeq(src_bit, 0)) {
+        res = UOr(res, mask_bit);
+      }
+      ++src_index;
+    }
+  }
+
+  WriteZExt(dst, res);
+  return memory;
+}
+
+template <typename D, typename S1, typename S2>
+DEF_SEM(PEXT, D dst, S1 src1, S2 src2) {
+  auto src = Read(src1);
+  auto mask = Read(src2);
+  auto res = Literal<S1>(0);
+  unsigned dst_index = 0;
+
+  for (unsigned i = 0; i < (sizeof(decltype(src)) * 8U); ++i) {
+    auto mask_bit = UShl(Literal<S1>(1), Literal<decltype(src)>(i));
+    if (UCmpNeq(UAnd(mask, mask_bit), 0)) {
+      auto src_bit = UAnd(UShr(src, Literal<decltype(src)>(i)), Literal<S1>(1));
+      if (UCmpNeq(src_bit, 0)) {
+        res = UOr(res, UShl(Literal<S1>(1), Literal<decltype(src)>(dst_index)));
+      }
+      ++dst_index;
+    }
+  }
+
+  WriteZExt(dst, res);
+  return memory;
+}
+
+template <typename D, typename S1, typename S2>
+DEF_SEM(CRC32, D dst, S1 src1, S2 src2) {
+  auto seed = TruncTo<uint32_t>(Read(src1));
+  auto val = Read(src2);
+  auto crc = CRC32Value(seed, val);
+  WriteZExt(dst, crc);
+  return memory;
+}
+
 }  // namespace
 
 DEF_ISEL(BSWAP_GPRv_16) = BSWAP_16;
@@ -335,6 +490,40 @@ DEF_ISEL_RnW_Rn(TZCNT_GPRv_GPRv, TZCNT);
 DEF_ISEL_RnW_Mn(LZCNT_GPRv_MEMv, LZCNT);
 DEF_ISEL_RnW_Rn(LZCNT_GPRv_GPRv, LZCNT);
 
+DEF_ISEL(BEXTR_VGPR32d_MEMd_VGPR32d) = BEXTR<R32W, M32, R32>;
+DEF_ISEL(BEXTR_VGPR32d_VGPR32d_VGPR32d) = BEXTR<R32W, R32, R32>;
+IF_64BIT(DEF_ISEL(BEXTR_VGPR64q_MEMq_VGPR64q) = BEXTR<R64W, M64, R64>;)
+IF_64BIT(DEF_ISEL(BEXTR_VGPR64q_VGPR64q_VGPR64q) = BEXTR<R64W, R64, R64>;)
+
+DEF_ISEL(BZHI_VGPR32d_MEMd_VGPR32d) = BZHI<R32W, M32, R32>;
+DEF_ISEL(BZHI_VGPR32d_VGPR32d_VGPR32d) = BZHI<R32W, R32, R32>;
+IF_64BIT(DEF_ISEL(BZHI_VGPR64q_MEMq_VGPR64q) = BZHI<R64W, M64, R64>;)
+IF_64BIT(DEF_ISEL(BZHI_VGPR64q_VGPR64q_VGPR64q) = BZHI<R64W, R64, R64>;)
+
+DEF_ISEL_RnW_Mn(POPCNT_GPRv_MEMv, POPCNT);
+DEF_ISEL_RnW_Rn(POPCNT_GPRv_GPRv, POPCNT);
+
+DEF_ISEL(PDEP_VGPR32d_VGPR32d_MEMd) = PDEP<R32W, R32, M32>;
+DEF_ISEL(PDEP_VGPR32d_VGPR32d_VGPR32d) = PDEP<R32W, R32, R32>;
+IF_64BIT(DEF_ISEL(PDEP_VGPR64q_VGPR64q_MEMq) = PDEP<R64W, R64, M64>;)
+IF_64BIT(DEF_ISEL(PDEP_VGPR64q_VGPR64q_VGPR64q) = PDEP<R64W, R64, R64>;)
+
+DEF_ISEL(PEXT_VGPR32d_VGPR32d_MEMd) = PEXT<R32W, R32, M32>;
+DEF_ISEL(PEXT_VGPR32d_VGPR32d_VGPR32d) = PEXT<R32W, R32, R32>;
+IF_64BIT(DEF_ISEL(PEXT_VGPR64q_VGPR64q_MEMq) = PEXT<R64W, R64, M64>;)
+IF_64BIT(DEF_ISEL(PEXT_VGPR64q_VGPR64q_VGPR64q) = PEXT<R64W, R64, R64>;)
+
+DEF_ISEL(CRC32_GPRyy_MEMb_32) = CRC32<R32W, R32, M8>;
+IF_64BIT(DEF_ISEL(CRC32_GPRyy_MEMb_64) = CRC32<R64W, R64, M8>;)
+DEF_ISEL(CRC32_GPRyy_GPR8b_32) = CRC32<R32W, R32, R8>;
+IF_64BIT(DEF_ISEL(CRC32_GPRyy_GPR8b_64) = CRC32<R64W, R64, R8>;)
+DEF_ISEL(CRC32_GPRyy_MEMv_16) = CRC32<R32W, R32, M16>;
+DEF_ISEL(CRC32_GPRyy_MEMv_32) = CRC32<R32W, R32, M32>;
+IF_64BIT(DEF_ISEL(CRC32_GPRyy_MEMv_64) = CRC32<R64W, R64, M64>;)
+DEF_ISEL(CRC32_GPRyy_GPRv_16) = CRC32<R32W, R32, R16>;
+DEF_ISEL(CRC32_GPRyy_GPRv_32) = CRC32<R32W, R32, R32>;
+IF_64BIT(DEF_ISEL(CRC32_GPRyy_GPRv_64) = CRC32<R64W, R64, R64>;)
+
 namespace {
 template <typename D, typename S>
 DEF_SEM(BSR, D dst, S src) {

lib/Arch/X86/Semantics/CMOV.cpp

@@ -52,6 +52,11 @@ DEF_SEM(CMOVNZ, D dst, S1 src1) {
   return memory;
 }
 
+template <typename D, typename S1>
+DEF_SEM(CMOVNE, D dst, S1 src1) {
+  return CMOVNZ<D, S1>(dst, src1);
+}
+
 template <typename D, typename S1>
 DEF_SEM(CMOVNB, D dst, S1 src1) {
   WriteZExt(dst, Select(__remill_compare_uge(BNot(FLAG_CF)), Read(src1),
@@ -94,6 +99,11 @@ DEF_SEM(CMOVZ, D dst, S1 src1) {
   return memory;
 }
 
+template <typename D, typename S1>
+DEF_SEM(CMOVE, D dst, S1 src1) {
+  return CMOVZ<D, S1>(dst, src1);
+}
+
 template <typename D, typename S1>
 DEF_SEM(CMOVP, D dst, S1 src1) {
   WriteZExt(dst, Select(FLAG_PF, Read(src1), TruncTo<S1>(Read(dst))));
@@ -151,6 +161,10 @@ DEF_ISEL_RnW_Mn(CMOVO_GPRv_MEMv, CMOVO);
 DEF_ISEL_RnW_Rn(CMOVO_GPRv_GPRv, CMOVO);
 DEF_ISEL_RnW_Mn(CMOVZ_GPRv_MEMv, CMOVZ);
 DEF_ISEL_RnW_Rn(CMOVZ_GPRv_GPRv, CMOVZ);
+DEF_ISEL_RnW_Mn(CMOVE_GPRv_MEMv, CMOVZ);
+DEF_ISEL_RnW_Rn(CMOVE_GPRv_GPRv, CMOVZ);
+DEF_ISEL_RnW_Mn(CMOVNE_GPRv_MEMv, CMOVNZ);
+DEF_ISEL_RnW_Rn(CMOVNE_GPRv_GPRv, CMOVNZ);
 DEF_ISEL_RnW_Mn(CMOVP_GPRv_MEMv, CMOVP);
 DEF_ISEL_RnW_Rn(CMOVP_GPRv_GPRv, CMOVP);
 DEF_ISEL_RnW_Mn(CMOVS_GPRv_MEMv, CMOVS);

lib/Arch/X86/Semantics/COND_BR.cpp

@@ -213,13 +213,25 @@ DEF_ISEL(JNZ_RELBRz_16) = JNZ;
 DEF_ISEL(JNZ_RELBRz_32) = JNZ;
 IF_64BIT(DEF_ISEL(JNZ_RELBRz_64) = JNZ;)
 DEF_ISEL(JNZ_RELBRd) = JNZ;
+DEF_ISEL(JNE_RELBRb) = JNZ;
+DEF_ISEL(JNE_RELBRz_8) = JNZ;
+DEF_ISEL(JNE_RELBRz_16) = JNZ;
+DEF_ISEL(JNE_RELBRz_32) = JNZ;
+IF_64BIT(DEF_ISEL(JNE_RELBRz_64) = JNZ;)
+DEF_ISEL(JNE_RELBRd) = JNZ;
 
 DEF_ISEL(JNB_RELBRb) = JNB;
 DEF_ISEL(JNB_RELBRz_8) = JNB;
 DEF_ISEL(JNB_RELBRz_16) = JNB;
 DEF_ISEL(JNB_RELBRz_32) = JNB;
 IF_64BIT(DEF_ISEL(JNB_RELBRz_64) = JNB;)
 DEF_ISEL(JNB_RELBRd) = JNB;
+DEF_ISEL(JAE_RELBRb) = JNB;
+DEF_ISEL(JAE_RELBRz_8) = JNB;
+DEF_ISEL(JAE_RELBRz_16) = JNB;
+DEF_ISEL(JAE_RELBRz_32) = JNB;
+IF_64BIT(DEF_ISEL(JAE_RELBRz_64) = JNB;)
+DEF_ISEL(JAE_RELBRd) = JNB;
 
 DEF_ISEL(JNO_RELBRb) = JNO;
 DEF_ISEL(JNO_RELBRz_8) = JNO;
@@ -255,6 +267,12 @@ DEF_ISEL(JZ_RELBRz_16) = JZ;
 DEF_ISEL(JZ_RELBRz_32) = JZ;
 IF_64BIT(DEF_ISEL(JZ_RELBRz_64) = JZ;)
 DEF_ISEL(JZ_RELBRd) = JZ;
+DEF_ISEL(JE_RELBRb) = JZ;
+DEF_ISEL(JE_RELBRz_8) = JZ;
+DEF_ISEL(JE_RELBRz_16) = JZ;
+DEF_ISEL(JE_RELBRz_32) = JZ;
+IF_64BIT(DEF_ISEL(JE_RELBRz_64) = JZ;)
+DEF_ISEL(JE_RELBRd) = JZ;
 
 DEF_ISEL(JP_RELBRb) = JP;
 DEF_ISEL(JP_RELBRz_8) = JP;

lib/Arch/X86/Semantics/LOGICAL.cpp

@@ -38,6 +38,18 @@ DEF_SEM(AND, D dst, S1 src1, S2 src2) {
   return memory;
 }
 
+template <typename D, typename S1, typename S2>
+DEF_SEM(ANDN, D dst, S1 src1, S2 src2) {
+  auto lhs = Read(src1);
+  auto rhs = Read(src2);
+  auto res = UAnd(UNot(lhs), rhs);
+  WriteZExt(dst, res);
+  SetFlagsLogical(state, lhs, rhs, res);
+  UndefFlag(af);
+  UndefFlag(pf);
+  return memory;
+}
+
 template <typename D, typename S1, typename S2>
 DEF_SEM(OR, D dst, S1 src1, S2 src2) {
   auto lhs = Read(src1);
@@ -97,6 +109,11 @@ DEF_ISEL_RnW_Rn_Mn(AND_GPRv_MEMv, AND);
 DEF_ISEL(AND_AL_IMMb) = AND<R8W, R8, I8>;
 DEF_ISEL_RnW_Rn_In(AND_OrAX_IMMz, AND);
 
+DEF_ISEL(ANDN_VGPR32d_VGPR32d_MEMd) = ANDN<R32W, R32, M32>;
+DEF_ISEL(ANDN_VGPR32d_VGPR32d_VGPR32d) = ANDN<R32W, R32, R32>;
+IF_64BIT(DEF_ISEL(ANDN_VGPR64q_VGPR64q_MEMq) = ANDN<R64W, R64, M64>;)
+IF_64BIT(DEF_ISEL(ANDN_VGPR64q_VGPR64q_VGPR64q) = ANDN<R64W, R64, R64>;)
+
 DEF_ISEL(OR_MEMb_IMMb_80r1) = OR<M8W, M8, I8>;
 DEF_ISEL(OR_GPR8_IMMb_80r1) = OR<R8W, R8, I8>;
 DEF_ISEL_MnW_Mn_In(OR_MEMv_IMMz, OR);