insn 245 tools/capdis.c static void describe_insn_ops(csh handle, cs_insn *insn) { insn 246 tools/capdis.c printf("%s OPERANDS %d:\n",comment_start,insn->detail->arm.op_count); insn 248 tools/capdis.c for(i=0;i<insn->detail->arm.op_count;i++) { insn 249 tools/capdis.c printf("%s %d: %s",comment_start,i,arm_op_type_name(insn->detail->arm.operands[i].type)); insn 250 tools/capdis.c switch(insn->detail->arm.operands[i].type) { insn 254 tools/capdis.c printf("=0x%x",insn->detail->arm.operands[i].imm); insn 257 tools/capdis.c const char *reg=cs_reg_name(handle,insn->detail->arm.operands[i].mem.base); insn 261 tools/capdis.c reg=cs_reg_name(handle,insn->detail->arm.operands[i].mem.index); insn 265 tools/capdis.c if(insn->detail->arm.operands[i].mem.disp) { insn 267 tools/capdis.c insn->detail->arm.operands[i].mem.scale, insn 268 tools/capdis.c insn->detail->arm.operands[i].mem.disp); insn 273 tools/capdis.c printf(" %s",cs_reg_name(handle,insn->detail->arm.operands[i].reg)); insn 281 tools/capdis.c static void describe_insn_groups(csh handle, cs_insn *insn) { insn 283 tools/capdis.c printf("%s GROUPS %d:",comment_start,insn->detail->groups_count); insn 284 tools/capdis.c for(i=0;i<insn->detail->groups_count;i++) { insn 288 tools/capdis.c printf("%s",cs_group_name(handle,insn->detail->groups[i])); insn 460 tools/capdis.c uint32_t target = B_target(fw,is->insn); insn 463 tools/capdis.c target = CBx_target(fw,is->insn); insn 467 tools/capdis.c sprintf(op_pfx,"%s, ",cs_reg_name(is->cs_handle,is->insn->detail->arm.operands[0].reg)); insn 517 tools/capdis.c if(!((is->insn->id == ARM_INS_BL || is->insn->id == ARM_INS_BLX) insn 518 tools/capdis.c && is->insn->detail->arm.operands[0].type == ARM_OP_IMM)) { insn 577 tools/capdis.c cs_insn *insn=is->insn; insn 580 tools/capdis.c strcpy(mnem,insn->mnemonic); insn 581 tools/capdis.c strcpy(ops,insn->op_str); insn 590 tools/capdis.c if((dis_opts & (DIS_OPT_CONSTS|DIS_OPT_DETAIL_CONST)) && isLDR_PC(insn)) { insn 592 tools/capdis.c uint32_t ad=LDR_PC2adr(fw,insn); insn 598 tools/capdis.c cs_reg_name(is->cs_handle,insn->detail->arm.operands[0].reg), insn 602 tools/capdis.c sprintf(comment,"[pc, #%d] (0x%08x)",insn->detail->arm.operands[1].mem.disp,ad); insn 612 tools/capdis.c } else if((dis_opts & (DIS_OPT_CONSTS|DIS_OPT_DETAIL_CONST)) && isADRx(insn)) { insn 613 tools/capdis.c unsigned ad=ADRx2adr(fw,insn); insn 619 tools/capdis.c cs_reg_name(is->cs_handle,insn->detail->arm.operands[0].reg), insn 623 tools/capdis.c if(insn->id == ARM_INS_ADR) { insn 625 tools/capdis.c cs_reg_name(is->cs_handle,insn->detail->arm.operands[0].reg), insn 626 tools/capdis.c insn->detail->arm.operands[1].imm, insn 630 tools/capdis.c insn->mnemonic, insn 631 tools/capdis.c cs_reg_name(is->cs_handle,insn->detail->arm.operands[0].reg), insn 632 tools/capdis.c insn->detail->arm.operands[2].imm, insn 637 tools/capdis.c if(insn->id == ARM_INS_ADR) { insn 641 tools/capdis.c cs_reg_name(is->cs_handle,insn->detail->arm.operands[0].reg), insn 642 tools/capdis.c insn->detail->arm.operands[1].imm); insn 657 tools/capdis.c insn->detail->arm.operands[0].mem.index - ARM_REG_R0, insn 666 tools/capdis.c uint32_t adr=is->insn->address; insn 888 tools/capdis.c printf(" 0x%"PRIx64"",is->insn->address); insn 892 tools/capdis.c for(k=0;k<is->insn->size;k++) { insn 893 tools/capdis.c printf(" %02x",is->insn->bytes[k]); insn 899 tools/capdis.c describe_insn_ops(is->cs_handle,is->insn); insn 902 tools/capdis.c describe_insn_groups(is->cs_handle,is->insn); insn 921 tools/capdis.c printf("%08"PRIx64": \t",is->insn->address); insn 924 tools/capdis.c if(is->insn->size == 2) { insn 925 tools/capdis.c printf("%02x%02x ",is->insn->bytes[1],is->insn->bytes[0]); insn 926 tools/capdis.c } else if(is->insn->size == 4) { insn 927 tools/capdis.c printf("%02x%02x %02x%02x",is->insn->bytes[1],is->insn->bytes[0],is->insn->bytes[3],is->insn->bytes[2]); insn 953 tools/capdis.c if((dis_opts & DIS_OPT_END_RET) && isRETx(is->insn)) { // end disassembly on return insn 1056 tools/finsig_thumb2.c if(is->insn->detail->arm.operands[0].reg == ARM_REG_R0) { insn 1090 tools/finsig_thumb2.c reg_evp=ADR_SET_THUMB(is->insn->detail->arm.operands[0].imm); insn 1113 tools/finsig_thumb2.c if(is->insn->detail->arm.operands[0].reg != ARM_REG_R0) { insn 1119 tools/finsig_thumb2.c reg_evp_alt1=ADR_SET_THUMB(is->insn->detail->arm.operands[0].imm); insn 1143 tools/finsig_thumb2.c reg_evp_tbl=ADR_SET_THUMB(is->insn->detail->arm.operands[0].imm); insn 1167 tools/finsig_thumb2.c if(is->insn->detail->arm.operands[0].reg != ARM_REG_R0) { insn 1177 tools/finsig_thumb2.c reg_evp_alt2=ADR_SET_THUMB(is->insn->detail->arm.operands[0].imm); insn 1180 tools/finsig_thumb2.c printf("RegisterEventProcedure_alt2 == _alt1 at %"PRIx64"\n",is->insn->address); insn 1210 tools/finsig_thumb2.c if(is->insn->detail->arm.operands[0].reg != ARM_REG_R0) { insn 1248 tools/finsig_thumb2.c uint32_t tbl=LDR_PC2val(fw,is->insn); insn 1275 tools/finsig_thumb2.c if (is->insn->id == ARM_INS_B) { insn 1300 tools/finsig_thumb2.c if(is->insn->detail->arm.operands[0].reg == ARM_REG_R0) { insn 1375 tools/finsig_thumb2.c if (B_target(fw,is->insn)) insn 1492 tools/finsig_thumb2.c uint32_t f1=LDR_PC2val(fw,is->insn); insn 1531 tools/finsig_thumb2.c uint32_t base=LDR_PC2val(fw,is->insn); insn 1532 tools/finsig_thumb2.c uint32_t reg=is->insn->detail->arm.operands[0].reg; insn 1540 tools/finsig_thumb2.c if(is->insn->detail->arm.operands[1].mem.base != reg) { insn 1544 tools/finsig_thumb2.c uint32_t off=is->insn->detail->arm.operands[1].mem.disp; insn 1546 tools/finsig_thumb2.c save_misc_val("imager_active",base,off,(uint32_t)is->insn->address); insn 1579 tools/finsig_thumb2.c printf("sig_match_screenlock_helper: match 2 failed 0x%"PRIx64"\n",is->insn->address); insn 1584 tools/finsig_thumb2.c uint32_t adr = LDR_PC2val(fw,is->insn); insn 1586 tools/finsig_thumb2.c printf("sig_match_screenlock_helper: no match LDR PC 0x%"PRIx64"\n",is->insn->address); insn 1697 tools/finsig_thumb2.c physw_run=LDR_PC2val(fw,is->insn); insn 1700 tools/finsig_thumb2.c save_misc_val("physw_run",physw_run,0,(uint32_t)is->insn->address); insn 1741 tools/finsig_thumb2.c if(is->insn->id != ARM_INS_LDR insn 1742 tools/finsig_thumb2.c || is->insn->detail->arm.operands[0].reg != ARM_REG_R0) { insn 1745 tools/finsig_thumb2.c save_misc_val("physw_sleep_delay",physw_run,is->insn->detail->arm.operands[1].mem.disp,(uint32_t)is->insn->address); insn 1780 tools/finsig_thumb2.c uint32_t physw_status=LDR_PC2val(fw,is->insn); insn 1782 tools/finsig_thumb2.c save_misc_val("physw_status",physw_status,0,(uint32_t)is->insn->address); insn 1783 tools/finsig_thumb2.c save_sig(fw,"kbd_p1_f_cont",(uint32_t)(is->insn->address) | is->thumb); insn 1908 tools/finsig_thumb2.c cs_insn *insn=fw->is->insn; insn 1909 tools/finsig_thumb2.c if(insn->id != ARM_INS_LDR) { insn 1913 tools/finsig_thumb2.c && insn->detail->arm.operands[0].reg == ARM_REG_R0 insn 1914 tools/finsig_thumb2.c && insn->detail->arm.operands[1].mem.base != ARM_REG_PC) { insn 1915 tools/finsig_thumb2.c ptr_reg = insn->detail->arm.operands[1].mem.base; insn 1918 tools/finsig_thumb2.c if(ptr_reg == ARM_REG_INVALID || !isLDR_PC(insn) || (arm_reg)insn->detail->arm.operands[0].reg != ptr_reg) { insn 1921 tools/finsig_thumb2.c sem_adr=LDR_PC2val(fw,insn); insn 1929 tools/finsig_thumb2.c save_misc_val("fileio_semaphore",sem_adr,0,(uint32_t)is->insn->address); insn 1959 tools/finsig_thumb2.c if(insn_match_any(fw->is->insn,match_bl_blximm)){ insn 1989 tools/finsig_thumb2.c if(is->insn->detail->arm.operands[0].reg == ARM_REG_R0) { insn 2099 tools/finsig_thumb2.c if(!insn_match_any(fw->is->insn,match_mov_r1)){ insn 2174 tools/finsig_thumb2.c if(insn_match_any(fw->is->insn,match_bl_blximm)) { insn 2177 tools/finsig_thumb2.c if(insn_match_any(fw->is->insn,match_cbnz_r0)) { insn 2185 tools/finsig_thumb2.c if(insn_match_any(fw->is->insn,match_bl_blximm)) { insn 2188 tools/finsig_thumb2.c if(insn_match_any(fw->is->insn,match_cbz_r0)) { insn 2317 tools/finsig_thumb2.c if(!insn_match(is->insn,match_mov_r3_imm)){ insn 2344 tools/finsig_thumb2.c if(fw->is->insn->id == ARM_INS_PUSH && fw->is->insn->detail->arm.operands[0].reg == ARM_REG_R0) { insn 2346 tools/finsig_thumb2.c uint32_t adr=(uint32_t)(fw->is->insn->address) | is->thumb; insn 2368 tools/finsig_thumb2.c if (B_target(fw,is->insn) && (is->insn->detail->arm.cc == ARM_CC_NE)) { insn 2371 tools/finsig_thumb2.c if (B_target(fw,is->insn) && (is->insn->detail->arm.cc == ARM_CC_NE)) { insn 2419 tools/finsig_thumb2.c if(is->insn->detail->arm.operands[2].mem.base == ARM_REG_SP) { insn 2551 tools/finsig_thumb2.c if (B_target(fw, is->insn)) insn 2729 tools/finsig_thumb2.c if (!CBx_target(fw,is->insn)) insn 3080 tools/finsig_thumb2.c printf("sig_match_wait_all_eventflag_strict: no match bl 0x%"PRIx64"\n",is->insn->address); insn 3099 tools/finsig_thumb2.c printf("sig_match_get_num_posted_messages: no match bl 0x%"PRIx64"\n",is->insn->address); insn 3163 tools/finsig_thumb2.c printf("sig_match_transfer_src_overlay: no match bl 0x%"PRIx64"\n",is->insn->address); insn 3170 tools/finsig_thumb2.c save_misc_val("active_bitmap_buffer",desc.adr_adj,desc.off,(uint32_t)is->insn->address); insn 3181 tools/finsig_thumb2.c if((arm_reg)is->insn->detail->arm.operands[1].reg == desc.reg_base) { insn 3182 tools/finsig_thumb2.c save_misc_val("bitmap_buffer",desc.adr_adj,is->insn->detail->arm.operands[2].imm,(uint32_t)is->insn->address); insn 3211 tools/finsig_thumb2.c adr[0]=LDR_PC2val(fw,is->insn); insn 3212 tools/finsig_thumb2.c fnd[0]=(uint32_t)is->insn->address; insn 3217 tools/finsig_thumb2.c adr[1]=LDR_PC2val(fw,is->insn); insn 3218 tools/finsig_thumb2.c fnd[1]=(uint32_t)is->insn->address; insn 3270 tools/finsig_thumb2.c if (!(isLDR_PC(fw->is->insn) && fw->is->insn->detail->arm.operands[0].reg == ARM_REG_R0)) { insn 3275 tools/finsig_thumb2.c uint32_t adr=(uint32_t)(fw->is->insn->address) | is->thumb; insn 3281 tools/finsig_thumb2.c if (is->insn->id == ARM_INS_PUSH && is->insn->detail->arm.operands[0].reg == ARM_REG_R4) { insn 3310 tools/finsig_thumb2.c if (fw->is->insn->id == ARM_INS_PUSH && fw->is->insn->detail->arm.operands[0].reg == ARM_REG_R4) { insn 3315 tools/finsig_thumb2.c if (isLDR_PC(fw->is->insn) && fw->is->insn->detail->arm.operands[0].reg == ARM_REG_R0) { insn 3316 tools/finsig_thumb2.c return save_sig_with_j(fw,rule->name,(uint32_t)(fw->is->insn->address) | is->thumb); insn 3382 tools/finsig_thumb2.c if (is->insn->id == ARM_INS_LDR && is->insn->detail->arm.operands[1].type == ARM_OP_MEM) { insn 3383 tools/finsig_thumb2.c uint32_t u = LDR_PC2val(fw,is->insn); insn 3392 tools/finsig_thumb2.c else if (is->insn->id == ARM_INS_BL) { insn 3425 tools/finsig_thumb2.c else if (is->insn->id == ARM_INS_POP) { insn 3464 tools/finsig_thumb2.c if(is->insn->id == ARM_INS_PUSH) { insn 3507 tools/finsig_thumb2.c save_misc_val("omar_init_data",dadr,0,(uint32_t)is->insn->address); insn 3612 tools/finsig_thumb2.c printf("get_task_properties: no match dry_error_printf 0x%"PRIx64"\n",is->insn->address); insn 3616 tools/finsig_thumb2.c printf("sig_match_get_task_properties: no match bl 0x%"PRIx64"\n",is->insn->address); insn 3621 tools/finsig_thumb2.c printf("sig_match_get_task_properties: no match 'Occured Time' 0x%"PRIx64"\n",is->insn->address); insn 3640 tools/finsig_thumb2.c printf("sig_match_enable_hdmi_power: no match bl seq cbnz 0x%"PRIx64"\n",is->insn->address); insn 3670 tools/finsig_thumb2.c printf("sig_match_disable_hdmi_power: no match seq bl movs pop 0x%"PRIx64"\n",is->insn->address); insn 3704 tools/finsig_thumb2.c uint32_t adr=LDR_PC2val(fw,is->insn); insn 3711 tools/finsig_thumb2.c printf("sig_match_levent_table: 0x%08x not a ROM adr 0x%"PRIx64"\n",adr,is->insn->address); insn 3715 tools/finsig_thumb2.c printf("sig_match_levent_table: expected 0x800 not 0x%x at 0x%08x ref 0x%"PRIx64"\n",*(p+1),adr,is->insn->address); insn 3719 tools/finsig_thumb2.c save_misc_val(rule->name,adr,0,(uint32_t)is->insn->address); insn 3770 tools/finsig_thumb2.c uint32_t adr=LDR_PC2val(fw,is->insn); insn 3775 tools/finsig_thumb2.c save_misc_val(rule->name,adr,0,(uint32_t)is->insn->address); insn 3811 tools/finsig_thumb2.c save_misc_val(rule->name,regs[0],0,(uint32_t)is->insn->address); insn 3945 tools/finsig_thumb2.c save_misc_val(rule->name,is->insn->detail->arm.operands[2].imm,0,(uint32_t)is->insn->address); insn 3964 tools/finsig_thumb2.c if(is->insn->detail->arm.operands[0].reg != ARM_REG_R0) { insn 4016 tools/finsig_thumb2.c if(is->insn->id == ARM_INS_MOV) { insn 4021 tools/finsig_thumb2.c if(is->insn->id != ARM_INS_B) { insn 4025 tools/finsig_thumb2.c } else if(is->insn->id == ARM_INS_PUSH) { insn 4086 tools/finsig_thumb2.c uint32_t adr=LDR_PC2val(fw,is->insn); insn 4088 tools/finsig_thumb2.c printf("sig_match_physw_event_table: no match LDR PC 0x%"PRIx64"\n",is->insn->address); insn 4092 tools/finsig_thumb2.c printf("sig_match_physw_event_table: adr not ROM 0x%08x at 0x%"PRIx64"\n",adr,is->insn->address); insn 4095 tools/finsig_thumb2.c save_misc_val(rule->name,adr,0,(uint32_t)is->insn->address); insn 4120 tools/finsig_thumb2.c save_misc_val(rule->name,is->insn->detail->arm.operands[1].imm,0,(uint32_t)is->insn->address); insn 4152 tools/finsig_thumb2.c if(insn_match_any(is->insn,match_mov_r0_1)) { insn 4158 tools/finsig_thumb2.c if(!insn_match_any(is->insn,match_bl_blximm)) { insn 4231 tools/finsig_thumb2.c uint32_t base=LDR_PC2val(fw,is->insn); insn 4232 tools/finsig_thumb2.c arm_reg rb=is->insn->detail->arm.operands[0].reg; insn 4244 tools/finsig_thumb2.c if(is->insn->id != ARM_INS_LDR insn 4245 tools/finsig_thumb2.c || is->insn->detail->arm.operands[0].reg != ARM_REG_R0 insn 4246 tools/finsig_thumb2.c || is->insn->detail->arm.operands[1].mem.base != rb) { insn 4250 tools/finsig_thumb2.c save_misc_val(rule->name,base,is->insn->detail->arm.operands[1].mem.disp,(uint32_t)is->insn->address); insn 4276 tools/finsig_thumb2.c uint32_t base=LDR_PC2val(fw,is->insn); insn 4277 tools/finsig_thumb2.c arm_reg rb=is->insn->detail->arm.operands[0].reg; insn 4297 tools/finsig_thumb2.c if(is->insn->detail->arm.operands[1].mem.base != rb) { insn 4301 tools/finsig_thumb2.c save_misc_val(rule->name,base,is->insn->detail->arm.operands[1].mem.disp,(uint32_t)is->insn->address); insn 4319 tools/finsig_thumb2.c uint32_t val=is->insn->detail->arm.operands[1].imm; insn 4323 tools/finsig_thumb2.c save_misc_val(rule->name,val,0,(uint32_t)is->insn->address); insn 4351 tools/finsig_thumb2.c uint32_t val=is->insn->detail->arm.operands[1].imm; insn 4355 tools/finsig_thumb2.c save_misc_val(rule->name,val,0,(uint32_t)is->insn->address); insn 4379 tools/finsig_thumb2.c uint32_t adr=LDR_PC2val(fw,is->insn); insn 4381 tools/finsig_thumb2.c printf("sig_match_aram_start: no match LDR PC 0x%"PRIx64"\n",is->insn->address); insn 4385 tools/finsig_thumb2.c save_misc_val(rule->name,adr,0,(uint32_t)is->insn->address); insn 4413 tools/finsig_thumb2.c uint32_t adr=LDR_PC2val(fw,is->insn); insn 4415 tools/finsig_thumb2.c printf("sig_match_aram_start2: no match LDR PC 0x%"PRIx64"\n",is->insn->address); insn 4419 tools/finsig_thumb2.c save_misc_val(rule->name,adr,0,(uint32_t)is->insn->address); insn 4438 tools/finsig_thumb2.c printf("sig_icache_flush_range: bl match failed at 0x%"PRIx64"\n",is->insn->address); insn 4456 tools/finsig_thumb2.c if(!insn_match_find_next_seq(fw,is,4,match_cmp_b) || is->insn->detail->arm.cc == ARM_CC_AL) { insn 4467 tools/finsig_thumb2.c uint32_t adr=LDR_PC2val(fw,is->insn); insn 4469 tools/finsig_thumb2.c printf("sig_match__nrflag: no match LDR PC 0x%"PRIx64"\n",is->insn->address); insn 4472 tools/finsig_thumb2.c arm_reg reg_base = is->insn->detail->arm.operands[0].reg; // reg value was loaded into insn 4478 tools/finsig_thumb2.c if(isADDx_imm(is->insn) || isSUBx_imm(is->insn)) { insn 4479 tools/finsig_thumb2.c if((arm_reg)is->insn->detail->arm.operands[0].reg != reg_base) { insn 4483 tools/finsig_thumb2.c if(isADDx_imm(is->insn)) { insn 4484 tools/finsig_thumb2.c adr+=is->insn->detail->arm.operands[1].imm; insn 4486 tools/finsig_thumb2.c adr-=is->insn->detail->arm.operands[1].imm; insn 4493 tools/finsig_thumb2.c if(is->insn->id != ARM_INS_STR || (arm_reg)is->insn->detail->arm.operands[1].reg != reg_base) { insn 4497 tools/finsig_thumb2.c uint32_t disp = is->insn->detail->arm.operands[1].mem.disp; insn 4521 tools/finsig_thumb2.c if(!insn_match(is->insn,match_bxlr)) { insn 4554 tools/finsig_thumb2.c if(!insn_match(is->insn,match_bx_r1)) { insn 4588 tools/finsig_thumb2.c printf("sig_match_av_over_sem: no match TakeSemaphore at 0x%"PRIx64"\n",is->insn->address); insn 4596 tools/finsig_thumb2.c printf("sig_match_av_over_sem: no match ldr at 0x%"PRIx64"\n",is->insn->address); insn 4600 tools/finsig_thumb2.c save_misc_val(rule->name,desc.adr_adj,desc.off,(uint32_t)is->insn->address); insn 4611 tools/finsig_thumb2.c printf("sig_match_canon_menu_active: no match ldr at 0x%"PRIx64"\n",is->insn->address); insn 4618 tools/finsig_thumb2.c if(is->insn->id != ARM_INS_CMP) { insn 4619 tools/finsig_thumb2.c printf("sig_match_canon_menu_active: no match cmp at 0x%"PRIx64"\n",is->insn->address); insn 4622 tools/finsig_thumb2.c save_misc_val(rule->name,desc.adr_adj,desc.off,(uint32_t)is->insn->address); insn 4657 tools/finsig_thumb2.c if(!isLDR_PC(is->insn)) { insn 4669 tools/finsig_thumb2.c uint32_t adr=LDR_PC2val(fw,is->insn); insn 4674 tools/finsig_thumb2.c if(is->insn->detail->arm.operands[0].reg != ARM_REG_R0) { insn 4682 tools/finsig_thumb2.c save_misc_val(rule->name,adr,0,(uint32_t)is->insn->address); insn 4709 tools/finsig_thumb2.c printf("sig_match_palette_vars: no match bl 1 0x%"PRIx64"\n",fw->is->insn->address); insn 4716 tools/finsig_thumb2.c printf("sig_match_palette_vars: no match bl 2 0x%"PRIx64"\n",is->insn->address); insn 4723 tools/finsig_thumb2.c printf("sig_match_palette_vars: no match ldr pc 0x%"PRIx64"\n",is->insn->address); insn 4727 tools/finsig_thumb2.c uint32_t pal_base=LDR_PC2val(fw,is->insn); insn 4729 tools/finsig_thumb2.c printf("sig_match_palette_vars: bad LDR PC 0x%"PRIx64"\n",is->insn->address); insn 4733 tools/finsig_thumb2.c arm_reg ptr_reg = is->insn->detail->arm.operands[0].reg; insn 4735 tools/finsig_thumb2.c save_misc_val(rule->name,pal_base,0,(uint32_t)is->insn->address); insn 4744 tools/finsig_thumb2.c if (is->insn->id == ARM_INS_LDR && is->insn->detail->arm.operands[1].mem.base == ptr_reg) { insn 4747 tools/finsig_thumb2.c is->insn->detail->arm.operands[1].mem.disp, insn 4748 tools/finsig_thumb2.c (uint32_t)is->insn->address); insn 4754 tools/finsig_thumb2.c printf("sig_match_palette_vars: no match active_palette_buffer 0x%"PRIx64"\n",is->insn->address); insn 4768 tools/finsig_thumb2.c if (is->insn->id == ARM_INS_LDR && is->insn->detail->arm.operands[1].mem.base == ptr_reg) { insn 4771 tools/finsig_thumb2.c is->insn->detail->arm.operands[1].mem.disp, insn 4772 tools/finsig_thumb2.c (uint32_t)is->insn->address); insn 4776 tools/finsig_thumb2.c printf("sig_match_palette_vars: no match palette_buffer_ptr 0x%"PRIx64"\n",is->insn->address); insn 4788 tools/finsig_thumb2.c printf("sig_match_live_free_cluster_count: no match bl1 0x%"PRIx64"\n",is->insn->address); insn 4795 tools/finsig_thumb2.c printf("sig_match_live_free_cluster_count: no get_fstype 0x%"PRIx64"\n",is->insn->address); insn 4801 tools/finsig_thumb2.c printf("sig_match_live_free_cluster_count: no match bl2 0x%"PRIx64"\n",is->insn->address); insn 4810 tools/finsig_thumb2.c printf("sig_match_live_free_cluster_count: no match ldr1 0x%"PRIx64"\n",is->insn->address); insn 4815 tools/finsig_thumb2.c printf("sig_match_live_free_cluster_count: no match ldr2 0x%"PRIx64"\n",is->insn->address); insn 4818 tools/finsig_thumb2.c uint32_t base = LDR_PC2val(fw,is->insn); insn 4821 tools/finsig_thumb2.c printf("sig_match_live_free_cluster_count: no takesemaphore_low 0x%"PRIx64"\n",is->insn->address); insn 4831 tools/finsig_thumb2.c printf("sig_match_live_free_cluster_count: no match ldrd 0x%"PRIx64"\n",is->insn->address); insn 4835 tools/finsig_thumb2.c save_misc_val(rule->name,base,is->insn->detail->arm.operands[2].mem.disp + 4,(uint32_t)is->insn->address); insn 4848 tools/finsig_thumb2.c arm_reg call_reg = is->insn->detail->arm.operands[0].reg; insn 4854 tools/finsig_thumb2.c cs_insn *insn=fw->is->insn; insn 4855 tools/finsig_thumb2.c if((arm_reg)insn->detail->arm.operands[0].reg != call_reg || insn->id == ARM_INS_CMP ) { insn 4859 tools/finsig_thumb2.c if(insn->id == ARM_INS_LDR && insn->detail->arm.operands[1].type == ARM_OP_MEM) { insn 4860 tools/finsig_thumb2.c arm_reg base_reg = (arm_reg)insn->detail->arm.operands[1].reg; insn 4861 tools/finsig_thumb2.c int disp = insn->detail->arm.operands[1].mem.disp; insn 4865 tools/finsig_thumb2.c uint32_t adr = LDR_PC2val(fw,fw->is->insn); insn 4866 tools/finsig_thumb2.c if(!adr || (arm_reg)fw->is->insn->detail->arm.operands[0].reg != base_reg) { insn 4867 tools/finsig_thumb2.c printf("sig_match_debug_logging_ptr: no match ldr2 0x%x 0x%"PRIx64"\n",adr,fw->is->insn->address); insn 4870 tools/finsig_thumb2.c save_misc_val(rule->name,adr + disp,disp,(uint32_t)fw->is->insn->address); insn 4873 tools/finsig_thumb2.c printf("sig_match_debug_logging_ptr: reg clobbered 0x%"PRIx64"\n",fw->is->insn->address); insn 4876 tools/finsig_thumb2.c printf("sig_match_debug_logging_ptr: no match ldr 0x%"PRIx64"\n",fw->is->insn->address); insn 4887 tools/finsig_thumb2.c printf("sig_match_debug_logging_flag: no match ldr pc 0x%"PRIx64"\n",is->insn->address); insn 4890 tools/finsig_thumb2.c uint32_t adr = LDR_PC2val(fw,is->insn); insn 4895 tools/finsig_thumb2.c arm_reg base_reg = (arm_reg)is->insn->detail->arm.operands[1].reg; insn 4896 tools/finsig_thumb2.c uint32_t ref_adr = (uint32_t)is->insn->address; insn 4898 tools/finsig_thumb2.c if(is->insn->id != ARM_INS_LDRB) { insn 4899 tools/finsig_thumb2.c printf("sig_match_debug_logging_flag: no match ldrb 0x%"PRIx64"\n",is->insn->address); insn 4903 tools/finsig_thumb2.c if(is->insn->id != ARM_INS_LDR) { insn 4904 tools/finsig_thumb2.c printf("sig_match_debug_logging_flag: no match ldr 0x%"PRIx64"\n",is->insn->address); insn 4908 tools/finsig_thumb2.c if((arm_reg)is->insn->detail->arm.operands[1].reg != base_reg) { insn 4909 tools/finsig_thumb2.c printf("sig_match_debug_logging_flag: no match reg 0x%"PRIx64"\n",is->insn->address); insn 4912 tools/finsig_thumb2.c int disp = (arm_reg)is->insn->detail->arm.operands[1].mem.disp; insn 4917 tools/finsig_thumb2.c if(is->insn->id != ARM_INS_LSL) { insn 4935 tools/finsig_thumb2.c save_misc_val(rule->name,(uint32_t)is->insn->address | is->thumb,0,0); insn 4949 tools/finsig_thumb2.c printf("match get_displaytype 0x%"PRIx64"\n",is->insn->address); insn 4954 tools/finsig_thumb2.c printf("match 0x%"PRIx64"\n",is->insn->address); insn 4961 tools/finsig_thumb2.c save_misc_val(rule->name,regs[1],0,(uint32_t)fw->is->insn->address); // fw is has backtracked address insn 4984 tools/finsig_thumb2.c save_misc_val(rule->name,regs[1],0,(uint32_t)fw->is->insn->address); // fw is has backtracked address insn 4998 tools/finsig_thumb2.c uint32_t adr=LDR_PC2val(fw,is->insn); insn 5000 tools/finsig_thumb2.c printf("sig_match_rom_ptr_get: no match LDR PC 0x%"PRIx64"\n",is->insn->address); insn 5003 tools/finsig_thumb2.c if(is->insn->detail->arm.operands[0].reg != ARM_REG_R0) { insn 5012 tools/finsig_thumb2.c if(!insn_match(is->insn,match_bxlr)) { insn 5066 tools/finsig_thumb2.c if(insn_match_any(fw->is->insn,insn_match)) { insn 5196 tools/finsig_thumb2.c if(insn_match_any(fw->is->insn,match_mov_r0_imm)) { insn 5199 tools/finsig_thumb2.c if(isRETx(fw->is->insn)) { insn 5323 tools/finsig_thumb2.c printf("sig_match_named: disasm failed %s 0x%08x\n",rule->name,(uint32_t)is->insn->address); insn 5332 tools/finsig_thumb2.c uint32_t adr = B_BL_BLXimm_target(fw,is->insn); insn 5335 tools/finsig_thumb2.c if(is->insn->id == ARM_INS_BLX) { insn 5848 tools/finsig_thumb2.c printf("eventproc name not string at 0x%"PRIx64"\n",is->insn->address); insn 5855 tools/finsig_thumb2.c uint64_t adr = is->insn->address; insn 5865 tools/finsig_thumb2.c if (is->insn->address >= adr) break; insn 5866 tools/finsig_thumb2.c if (is->insn->id == ARM_INS_LDR && is->insn->detail->arm.operands[1].type == ARM_OP_MEM) { insn 5867 tools/finsig_thumb2.c uint32_t u = LDR_PC2val(fw,is->insn); insn 5869 tools/finsig_thumb2.c ar = is->insn->detail->arm.operands[0].reg; insn 5878 tools/finsig_thumb2.c if (is->insn->address >= adr) break; insn 5879 tools/finsig_thumb2.c if (is->insn->id == ARM_INS_ADD && is->insn->detail->arm.operands[1].reg == ar) { insn 5937 tools/finsig_thumb2.c if (fw->is->insn->id == ARM_INS_BLX && adr1 == adr2) { insn 5969 tools/finsig_thumb2.c printf("failed to get *EventProcTable arg 0x%08x at 0x%"PRIx64"\n",regs[0],is->insn->address); insn 5972 tools/finsig_thumb2.c printf("failed to get *EventProcTable r0 at 0x%"PRIx64"\n",is->insn->address); insn 5990 tools/finsig_thumb2.c printf("task name name not string at 0x%"PRIx64"\n",is->insn->address); insn 5993 tools/finsig_thumb2.c printf("failed to get CreateTask args at 0x%"PRIx64"\n",is->insn->address); insn 6020 tools/finsig_thumb2.c printf("add_ptp_handler op 0x%08x out of range 0x%"PRIx64"\n",regs[0],is->insn->address); insn 6030 tools/finsig_thumb2.c cs_insn *insn=fw->is->insn; insn 6031 tools/finsig_thumb2.c if(insn->id != ARM_INS_LDRH) { insn 6034 tools/finsig_thumb2.c if(insn->detail->arm.operands[0].reg != ARM_REG_R0 insn 6035 tools/finsig_thumb2.c || insn->detail->arm.operands[1].mem.base == ARM_REG_PC insn 6040 tools/finsig_thumb2.c ptr_reg = insn->detail->arm.operands[1].mem.base; insn 6046 tools/finsig_thumb2.c printf("failed to get add_ptp_handler args at 0x%"PRIx64"\n",is->insn->address); insn 6054 tools/finsig_thumb2.c cs_insn *insn=fw->is->insn; insn 6055 tools/finsig_thumb2.c if(!isLDR_PC(insn)) { insn 6058 tools/finsig_thumb2.c if((arm_reg)insn->detail->arm.operands[0].reg != ptr_reg) { insn 6062 tools/finsig_thumb2.c uint32_t adr=LDR_PC2val(fw,insn); insn 6070 tools/finsig_thumb2.c printf("failed to get ptp handler table adr at 0x%"PRIx64"\n",is->insn->address); insn 6145 tools/finsig_thumb2.c ex_vec = LDR_PC2val(fw,is->insn); insn 6167 tools/finsig_thumb2.c uint32_t addr=LDR_PC2val(fw,is->insn); insn 6168 tools/finsig_thumb2.c if(!addr && is->insn->id == ARM_INS_B) { insn 6181 tools/finsig_thumb2.c addr=LDR_PC2val(fw,is->insn); insn 478 tools/firmware_load_ng.c int isARM(cs_insn *insn) insn 481 tools/firmware_load_ng.c for(i=0;i<insn->detail->groups_count;i++) { insn 482 tools/firmware_load_ng.c if(insn->detail->groups[i] == ARM_GRP_ARM) { insn 492 tools/firmware_load_ng.c int isLDR_PC(cs_insn *insn) insn 494 tools/firmware_load_ng.c return insn->id == ARM_INS_LDR insn 495 tools/firmware_load_ng.c && insn->detail->arm.op_count == 2 insn 496 tools/firmware_load_ng.c && insn->detail->arm.operands[0].type == ARM_OP_REG insn 497 tools/firmware_load_ng.c && insn->detail->arm.operands[1].type == ARM_OP_MEM insn 498 tools/firmware_load_ng.c && insn->detail->arm.operands[1].mem.base == ARM_REG_PC; insn 505 tools/firmware_load_ng.c int isLDR_PC_PC(cs_insn *insn) insn 507 tools/firmware_load_ng.c if(!isLDR_PC(insn)) { insn 510 tools/firmware_load_ng.c return (insn->detail->arm.operands[0].reg == ARM_REG_PC); insn 514 tools/firmware_load_ng.c int isSUBW_PC(cs_insn *insn) insn 516 tools/firmware_load_ng.c return(insn->id == ARM_INS_SUBW insn 517 tools/firmware_load_ng.c && insn->detail->arm.op_count == 3 insn 518 tools/firmware_load_ng.c && insn->detail->arm.operands[0].type == ARM_OP_REG insn 519 tools/firmware_load_ng.c && insn->detail->arm.operands[0].reg != ARM_REG_PC insn 520 tools/firmware_load_ng.c && insn->detail->arm.operands[1].type == ARM_OP_REG insn 521 tools/firmware_load_ng.c && insn->detail->arm.operands[1].reg == ARM_REG_PC insn 522 tools/firmware_load_ng.c && insn->detail->arm.operands[2].type == ARM_OP_IMM); insn 526 tools/firmware_load_ng.c int isADDW_PC(cs_insn *insn) insn 528 tools/firmware_load_ng.c return(insn->id == ARM_INS_ADDW insn 529 tools/firmware_load_ng.c && insn->detail->arm.op_count == 3 insn 530 tools/firmware_load_ng.c && insn->detail->arm.operands[0].type == ARM_OP_REG insn 531 tools/firmware_load_ng.c && insn->detail->arm.operands[0].reg != ARM_REG_PC insn 532 tools/firmware_load_ng.c && insn->detail->arm.operands[1].type == ARM_OP_REG insn 533 tools/firmware_load_ng.c && insn->detail->arm.operands[1].reg == ARM_REG_PC insn 534 tools/firmware_load_ng.c && insn->detail->arm.operands[2].type == ARM_OP_IMM); insn 538 tools/firmware_load_ng.c int isADD_PC(cs_insn *insn) insn 540 tools/firmware_load_ng.c return (insn->id == ARM_INS_ADD insn 541 tools/firmware_load_ng.c && insn->detail->arm.op_count == 3 insn 542 tools/firmware_load_ng.c && insn->detail->arm.operands[0].reg != ARM_REG_PC insn 543 tools/firmware_load_ng.c && insn->detail->arm.operands[1].type == ARM_OP_REG insn 544 tools/firmware_load_ng.c && insn->detail->arm.operands[1].reg == ARM_REG_PC insn 545 tools/firmware_load_ng.c && insn->detail->arm.operands[2].type == ARM_OP_IMM); insn 549 tools/firmware_load_ng.c int isSUB_PC(cs_insn *insn) insn 551 tools/firmware_load_ng.c return (insn->id == ARM_INS_SUB insn 552 tools/firmware_load_ng.c && insn->detail->arm.op_count == 3 insn 553 tools/firmware_load_ng.c && insn->detail->arm.operands[0].reg != ARM_REG_PC insn 554 tools/firmware_load_ng.c && insn->detail->arm.operands[1].type == ARM_OP_REG insn 555 tools/firmware_load_ng.c && insn->detail->arm.operands[1].reg == ARM_REG_PC insn 556 tools/firmware_load_ng.c && insn->detail->arm.operands[2].type == ARM_OP_IMM); insn 560 tools/firmware_load_ng.c int isRETx(cs_insn *insn) insn 563 tools/firmware_load_ng.c if(insn->id == ARM_INS_BX insn 564 tools/firmware_load_ng.c && insn->detail->arm.op_count == 1 insn 565 tools/firmware_load_ng.c && insn->detail->arm.operands[0].type == ARM_OP_REG insn 566 tools/firmware_load_ng.c && insn->detail->arm.operands[0].reg == ARM_REG_LR) { insn 573 tools/firmware_load_ng.c if(insn->id == ARM_INS_POP) { insn 575 tools/firmware_load_ng.c for(i=0; i < insn->detail->arm.op_count; i++) { insn 576 tools/firmware_load_ng.c if(insn->detail->arm.operands[i].type == ARM_OP_REG insn 577 tools/firmware_load_ng.c && insn->detail->arm.operands[i].reg == ARM_REG_PC) { insn 583 tools/firmware_load_ng.c if(insn->id == ARM_INS_MOV insn 584 tools/firmware_load_ng.c && insn->detail->arm.operands[0].type == ARM_OP_REG insn 585 tools/firmware_load_ng.c && insn->detail->arm.operands[0].reg == ARM_REG_PC insn 586 tools/firmware_load_ng.c && insn->detail->arm.operands[1].type == ARM_OP_REG insn 587 tools/firmware_load_ng.c && insn->detail->arm.operands[1].reg == ARM_REG_LR) { insn 594 tools/firmware_load_ng.c int isPUSH_LR(cs_insn *insn) insn 596 tools/firmware_load_ng.c if(insn->id != ARM_INS_PUSH) { insn 600 tools/firmware_load_ng.c for(i=0; i < insn->detail->arm.op_count; i++) { insn 601 tools/firmware_load_ng.c if(insn->detail->arm.operands[i].type == ARM_OP_REG insn 602 tools/firmware_load_ng.c && insn->detail->arm.operands[i].reg == ARM_REG_LR) { insn 610 tools/firmware_load_ng.c int isPOP_LR(cs_insn *insn) insn 612 tools/firmware_load_ng.c if(insn->id != ARM_INS_POP) { insn 616 tools/firmware_load_ng.c for(i=0; i < insn->detail->arm.op_count; i++) { insn 617 tools/firmware_load_ng.c if(insn->detail->arm.operands[i].type == ARM_OP_REG insn 618 tools/firmware_load_ng.c && insn->detail->arm.operands[i].reg == ARM_REG_LR) { insn 626 tools/firmware_load_ng.c int isPOP_PC(cs_insn *insn) insn 628 tools/firmware_load_ng.c if(insn->id != ARM_INS_POP) { insn 632 tools/firmware_load_ng.c for(i=0; i < insn->detail->arm.op_count; i++) { insn 633 tools/firmware_load_ng.c if(insn->detail->arm.operands[i].type == ARM_OP_REG insn 634 tools/firmware_load_ng.c && insn->detail->arm.operands[i].reg == ARM_REG_PC) { insn 642 tools/firmware_load_ng.c int isADDx_imm(cs_insn *insn) insn 644 tools/firmware_load_ng.c return ((insn->id == ARM_INS_ADD || insn->id == ARM_INS_ADDW) && insn->detail->arm.operands[1].type == ARM_OP_IMM); insn 647 tools/firmware_load_ng.c int isSUBx_imm(cs_insn *insn) insn 649 tools/firmware_load_ng.c return (IS_INSN_ID_SUBx(insn->id) && insn->detail->arm.operands[1].type == ARM_OP_IMM); insn 653 tools/firmware_load_ng.c int isADRx(cs_insn *insn) insn 655 tools/firmware_load_ng.c return ((insn->id == ARM_INS_ADR) insn 656 tools/firmware_load_ng.c || isSUBW_PC(insn) insn 657 tools/firmware_load_ng.c || isADDW_PC(insn) insn 658 tools/firmware_load_ng.c || (isARM(insn) && (isADD_PC(insn) || isSUB_PC(insn)))); insn 662 tools/firmware_load_ng.c uint32_t* LDR_PC2valptr_thumb(firmware *fw, cs_insn *insn) insn 664 tools/firmware_load_ng.c if(!isLDR_PC(insn)) { insn 670 tools/firmware_load_ng.c adr=(insn->address&~3)+4+insn->detail->arm.operands[1].mem.disp; insn 674 tools/firmware_load_ng.c uint32_t* LDR_PC2valptr_arm(firmware *fw, cs_insn *insn) insn 676 tools/firmware_load_ng.c if(!isLDR_PC(insn)) { insn 682 tools/firmware_load_ng.c adr=insn->address+8+insn->detail->arm.operands[1].mem.disp; insn 686 tools/firmware_load_ng.c uint32_t* LDR_PC2valptr(firmware *fw, cs_insn *insn) insn 688 tools/firmware_load_ng.c if(isARM(insn)) { insn 689 tools/firmware_load_ng.c return LDR_PC2valptr_arm(fw,insn); insn 691 tools/firmware_load_ng.c return LDR_PC2valptr_thumb(fw,insn); insn 696 tools/firmware_load_ng.c uint32_t LDR_PC2adr(__attribute__ ((unused))firmware *fw, cs_insn *insn) insn 698 tools/firmware_load_ng.c if(!isLDR_PC(insn)) { insn 701 tools/firmware_load_ng.c if(isARM(insn)) { insn 702 tools/firmware_load_ng.c return insn->address+8+insn->detail->arm.operands[1].mem.disp; insn 704 tools/firmware_load_ng.c return (insn->address&~3)+4+insn->detail->arm.operands[1].mem.disp; insn 709 tools/firmware_load_ng.c uint32_t ADRx2adr(__attribute__ ((unused))firmware *fw, cs_insn *insn) insn 711 tools/firmware_load_ng.c if(insn->id == ARM_INS_ADR) { insn 712 tools/firmware_load_ng.c return (insn->address&~3)+4+insn->detail->arm.operands[1].imm; insn 714 tools/firmware_load_ng.c if(isSUBW_PC(insn)) { insn 715 tools/firmware_load_ng.c return (insn->address&~3)+4-insn->detail->arm.operands[2].imm; insn 717 tools/firmware_load_ng.c if(isADDW_PC(insn)) { insn 718 tools/firmware_load_ng.c return (insn->address&~3)+4+insn->detail->arm.operands[2].imm; insn 720 tools/firmware_load_ng.c if(isARM(insn)) { insn 721 tools/firmware_load_ng.c if(isADD_PC(insn)) { insn 722 tools/firmware_load_ng.c return insn->address+8+insn->detail->arm.operands[2].imm; insn 724 tools/firmware_load_ng.c if(isSUB_PC(insn)) { insn 725 tools/firmware_load_ng.c return insn->address+8-insn->detail->arm.operands[2].imm; insn 733 tools/firmware_load_ng.c uint32_t ADR2adr(__attribute__ ((unused))firmware *fw, cs_insn *insn) insn 735 tools/firmware_load_ng.c if(insn->id != ARM_INS_ADR) { insn 744 tools/firmware_load_ng.c return (insn->address&~3)+4+insn->detail->arm.operands[1].imm; insn 748 tools/firmware_load_ng.c uint32_t* ADR2valptr(firmware *fw, cs_insn *insn) insn 750 tools/firmware_load_ng.c uint32_t adr=ADR2adr(fw,insn); insn 755 tools/firmware_load_ng.c uint32_t LDR_PC2val(firmware *fw, cs_insn *insn) insn 757 tools/firmware_load_ng.c uint32_t *p=LDR_PC2valptr(fw,insn); insn 765 tools/firmware_load_ng.c uint32_t LDR_PC_PC_target(firmware *fw, cs_insn *insn) insn 767 tools/firmware_load_ng.c if(!isLDR_PC_PC(insn)) { insn 770 tools/firmware_load_ng.c return LDR_PC2val(fw,insn); insn 774 tools/firmware_load_ng.c uint32_t B_target(__attribute__ ((unused))firmware *fw, cs_insn *insn) insn 776 tools/firmware_load_ng.c if(insn->id == ARM_INS_B) { insn 777 tools/firmware_load_ng.c return insn->detail->arm.operands[0].imm; insn 784 tools/firmware_load_ng.c uint32_t CBx_target(__attribute__ ((unused))firmware *fw, cs_insn *insn) insn 786 tools/firmware_load_ng.c if(insn->id == ARM_INS_CBZ || insn->id == ARM_INS_CBNZ) { insn 787 tools/firmware_load_ng.c return insn->detail->arm.operands[1].imm; insn 793 tools/firmware_load_ng.c uint32_t BLXimm_target(__attribute__ ((unused))firmware *fw, cs_insn *insn) insn 795 tools/firmware_load_ng.c if(insn->id == ARM_INS_BLX && insn->detail->arm.operands[0].type == ARM_OP_IMM) { insn 796 tools/firmware_load_ng.c return insn->detail->arm.operands[0].imm; insn 803 tools/firmware_load_ng.c uint32_t BL_target(__attribute__ ((unused))firmware *fw, cs_insn *insn) insn 805 tools/firmware_load_ng.c if(insn->id == ARM_INS_BL) { insn 806 tools/firmware_load_ng.c return insn->detail->arm.operands[0].imm; insn 812 tools/firmware_load_ng.c uint32_t B_BL_target(__attribute__ ((unused))firmware *fw, cs_insn *insn) insn 814 tools/firmware_load_ng.c if(insn->id == ARM_INS_B || insn->id == ARM_INS_BL) { insn 815 tools/firmware_load_ng.c return insn->detail->arm.operands[0].imm; insn 822 tools/firmware_load_ng.c uint32_t B_BL_BLXimm_target(__attribute__ ((unused))firmware *fw, cs_insn *insn) insn 824 tools/firmware_load_ng.c if(insn->id == ARM_INS_B insn 825 tools/firmware_load_ng.c || insn->id == ARM_INS_BL insn 826 tools/firmware_load_ng.c || (insn->id == ARM_INS_BLX && insn->detail->arm.operands[0].type == ARM_OP_IMM)) { insn 827 tools/firmware_load_ng.c return insn->detail->arm.operands[0].imm; insn 833 tools/firmware_load_ng.c uint32_t BX_PC_target(__attribute__ ((unused))firmware *fw, cs_insn *insn) insn 835 tools/firmware_load_ng.c if(insn->id == ARM_INS_BX insn 836 tools/firmware_load_ng.c && insn->detail->arm.operands[0].type == ARM_OP_REG insn 837 tools/firmware_load_ng.c && insn->detail->arm.operands[0].reg == ARM_REG_PC) { insn 838 tools/firmware_load_ng.c if(insn->size == 2) { // thumb insn 841 tools/firmware_load_ng.c if((insn->address & 2) == 2) { insn 844 tools/firmware_load_ng.c return (uint32_t)(insn->address) + 4; insn 846 tools/firmware_load_ng.c return (uint32_t)(insn->address) + 8; insn 857 tools/firmware_load_ng.c if(!(is->insn->id == ARM_INS_TBH || is->insn->id == ARM_INS_TBB) || is->insn->detail->arm.operands[0].mem.base != ARM_REG_PC) { insn 862 tools/firmware_load_ng.c ti->bytes=(is->insn->id == ARM_INS_TBH)?2:1; insn 871 tools/firmware_load_ng.c arm_reg i_reg=is->insn->detail->arm.operands[0].mem.index; insn 886 tools/firmware_load_ng.c if(fw->is->insn->id == ARM_INS_B && fw->is->insn->detail->arm.cc == ARM_CC_HS) { insn 891 tools/firmware_load_ng.c if(found_bhs && fw->is->insn->id == ARM_INS_CMP) { insn 893 tools/firmware_load_ng.c if((arm_reg)fw->is->insn->detail->arm.operands[0].reg == i_reg insn 894 tools/firmware_load_ng.c || fw->is->insn->detail->arm.operands[1].type == ARM_OP_IMM) { insn 895 tools/firmware_load_ng.c max_count = fw->is->insn->detail->arm.operands[1].imm; insn 957 tools/firmware_load_ng.c is->insn=cs_malloc(fw->cs_handle_arm); insn 965 tools/firmware_load_ng.c cs_free(is->insn,1); insn 1025 tools/firmware_load_ng.c return cs_disasm_iter(is->cs_handle, &is->code, &is->size, &is->adr, is->insn); insn 1036 tools/firmware_load_ng.c is->code -= is->insn->size; insn 1037 tools/firmware_load_ng.c is->adr -= is->insn->size; insn 1038 tools/firmware_load_ng.c is->size += is->insn->size; insn 1040 tools/firmware_load_ng.c return cs_disasm_iter(is->cs_handle, &is->code, &is->size, &is->adr, is->insn); insn 1075 tools/firmware_load_ng.c size_t fw_disasm_adr(firmware *fw, uint32_t adr, unsigned count, cs_insn **insn) insn 1079 tools/firmware_load_ng.c *insn=NULL; // ? insn 1082 tools/firmware_load_ng.c return cs_disasm(fw->cs_handle, p, fw->size8 - (p-fw->buf8), adr, count, insn); insn 1197 tools/firmware_load_ng.c uint32_t av=ADRx2adr(fw,is->insn); insn 1201 tools/firmware_load_ng.c return (uint32_t)is->insn->address; insn 1205 tools/firmware_load_ng.c uint32_t *pv=LDR_PC2valptr(fw,is->insn); insn 1209 tools/firmware_load_ng.c return (uint32_t)is->insn->address; insn 1220 tools/firmware_load_ng.c uint32_t av=ADRx2adr(fw,is->insn); insn 1225 tools/firmware_load_ng.c return (uint32_t)is->insn->address; insn 1229 tools/firmware_load_ng.c uint32_t *pv=LDR_PC2valptr(fw,is->insn); insn 1234 tools/firmware_load_ng.c return (uint32_t)is->insn->address; insn 1357 tools/firmware_load_ng.c arm_insn insn_id = fw->is->insn->id; insn 1363 tools/firmware_load_ng.c && fw->is->insn->detail->arm.cc == ARM_CC_AL) { insn 1369 tools/firmware_load_ng.c if(fw->is->insn->detail->arm.operands[0].type != ARM_OP_REG) { insn 1372 tools/firmware_load_ng.c arm_reg rd = fw->is->insn->detail->arm.operands[0].reg; insn 1387 tools/firmware_load_ng.c uint32_t *pv=LDR_PC2valptr(fw,fw->is->insn); insn 1394 tools/firmware_load_ng.c uint32_t v=ADRx2adr(fw,fw->is->insn); // assumes ADR doesn't generate 0, probably safe insn 1403 tools/firmware_load_ng.c && fw->is->insn->detail->arm.operands[1].type == ARM_OP_IMM) { insn 1404 tools/firmware_load_ng.c res[rd_i] += fw->is->insn->detail->arm.operands[1].imm; insn 1407 tools/firmware_load_ng.c } else if(isADDx_imm(fw->is->insn)) { insn 1408 tools/firmware_load_ng.c res[rd_i] += fw->is->insn->detail->arm.operands[1].imm; insn 1413 tools/firmware_load_ng.c } else if(isSUBx_imm(fw->is->insn)) { insn 1414 tools/firmware_load_ng.c res[rd_i] = (int)(res[rd_i]) - fw->is->insn->detail->arm.operands[1].imm; insn 1443 tools/firmware_load_ng.c uint32_t adr=B_target(fw,is_init->insn); insn 1448 tools/firmware_load_ng.c adr=LDR_PC_PC_target(fw,is_init->insn); insn 1454 tools/firmware_load_ng.c adr=BX_PC_target(fw,is_init->insn); insn 1464 tools/firmware_load_ng.c if((is_init->insn->id == ARM_INS_MOV || is_init->insn->id == ARM_INS_MOVW) insn 1465 tools/firmware_load_ng.c && is_init->insn->detail->arm.operands[0].reg == ARM_REG_IP insn 1466 tools/firmware_load_ng.c && is_init->insn->detail->arm.operands[1].type == ARM_OP_IMM) { insn 1467 tools/firmware_load_ng.c adr = is_init->insn->detail->arm.operands[1].imm; insn 1470 tools/firmware_load_ng.c fprintf(stderr,"get_direct_jump_target: disasm single failed at 0x%"PRIx64"\n",fw->is->insn->address); insn 1474 tools/firmware_load_ng.c if(!(fw->is->insn->id == ARM_INS_MOVT insn 1475 tools/firmware_load_ng.c && fw->is->insn->detail->arm.operands[0].reg == ARM_REG_IP insn 1476 tools/firmware_load_ng.c && fw->is->insn->detail->arm.operands[1].type == ARM_OP_IMM)) { insn 1482 tools/firmware_load_ng.c adr = (fw->is->insn->detail->arm.operands[1].imm << 16) | (adr&0xFFFF); insn 1484 tools/firmware_load_ng.c fprintf(stderr,"get_direct_jump_target: disasm 2 failed at 0x%"PRIx64"\n",fw->is->insn->address); insn 1488 tools/firmware_load_ng.c if(fw->is->insn->id == ARM_INS_BX insn 1489 tools/firmware_load_ng.c && fw->is->insn->detail->arm.operands[0].type == ARM_OP_REG insn 1490 tools/firmware_load_ng.c && fw->is->insn->detail->arm.operands[0].reg == ARM_REG_IP) { insn 1504 tools/firmware_load_ng.c uint32_t adr=B_BL_target(fw,is->insn); insn 1510 tools/firmware_load_ng.c adr=CBx_target(fw,is->insn); insn 1516 tools/firmware_load_ng.c adr=BLXimm_target(fw,is->insn); insn 1525 tools/firmware_load_ng.c adr=LDR_PC_PC_target(fw,is->insn); insn 1529 tools/firmware_load_ng.c adr=BX_PC_target(fw,is->insn); insn 1571 tools/firmware_load_ng.c r.reg_base=is->insn->detail->arm.operands[0].reg; insn 1572 tools/firmware_load_ng.c r.adr_base=LDR_PC2val(fw,is->insn); insn 1583 tools/firmware_load_ng.c if(isLDR_PC(is->insn)) { insn 1589 tools/firmware_load_ng.c if(isADDx_imm(is->insn) || isSUBx_imm(is->insn)) { insn 1590 tools/firmware_load_ng.c if((arm_reg)is->insn->detail->arm.operands[0].reg != r.reg_base) { insn 1593 tools/firmware_load_ng.c if(isADDx_imm(is->insn)) { insn 1594 tools/firmware_load_ng.c r.adj=is->insn->detail->arm.operands[1].imm; insn 1596 tools/firmware_load_ng.c r.adj=-is->insn->detail->arm.operands[1].imm; insn 1610 tools/firmware_load_ng.c && (is->insn->id == ARM_INS_BL || is->insn->id == ARM_INS_BLX insn 1611 tools/firmware_load_ng.c || is->insn->id == ARM_INS_B || is->insn->id == ARM_INS_BX) insn 1612 tools/firmware_load_ng.c && is->insn->detail->arm.cc == ARM_CC_AL) { insn 1616 tools/firmware_load_ng.c if(is->insn->id != ARM_INS_LDR || (arm_reg)is->insn->detail->arm.operands[1].reg != r.reg_base) { insn 1619 tools/firmware_load_ng.c if(is->insn->detail->arm.operands[0].type == ARM_OP_REG && (arm_reg)is->insn->detail->arm.operands[0].reg == r.reg_base) { insn 1625 tools/firmware_load_ng.c r.reg_val = is->insn->detail->arm.operands[0].reg; insn 1629 tools/firmware_load_ng.c r.off = is->insn->detail->arm.operands[1].mem.disp; insn 1750 tools/firmware_load_ng.c if(insn_match_any(fw->is->insn,match_mov_r0_imm)) { insn 1751 tools/firmware_load_ng.c found_val = fw->is->insn->detail->arm.operands[1].imm; insn 1760 tools/firmware_load_ng.c if(!isRETx(fw->is->insn)) { insn 1798 tools/firmware_load_ng.c if(isPUSH_LR(is->insn)) { insn 1813 tools/firmware_load_ng.c if(insn_match_any(is->insn,match_bl_blximm) && count >= min_insns) { insn 1819 tools/firmware_load_ng.c if(isPOP_PC(is->insn)) { insn 1828 tools/firmware_load_ng.c if(isPOP_LR(is->insn)) { insn 1852 tools/firmware_load_ng.c while(insn_match_any(is->insn,match_tail) && count < max_insns) { insn 1859 tools/firmware_load_ng.c if(is->insn->id == ARM_INS_B && is->insn->detail->arm.cc == ARM_CC_AL) { insn 1867 tools/firmware_load_ng.c if(isRETx(is->insn)) { insn 1930 tools/firmware_load_ng.c while(match->id != ARM_INS_ENDING && disasm_iter(fw,is) && insn_match(is->insn,match)) { insn 1980 tools/firmware_load_ng.c int insn_match(cs_insn *insn,const insn_match_t *match) insn 1983 tools/firmware_load_ng.c if(match->id != ARM_INS_INVALID && insn->id != match->id) { insn 1987 tools/firmware_load_ng.c if(match->cc != ARM_CC_INVALID && insn->detail->arm.cc != match->cc) { insn 1995 tools/firmware_load_ng.c if(match->op_count >= 0 && insn->detail->arm.op_count != match->op_count) { insn 2000 tools/firmware_load_ng.c for(i=0; i<MATCH_MAX_OPS && i < insn->detail->arm.op_count; i++) { insn 2002 tools/firmware_load_ng.c if(match->operands[i].type != ARM_OP_INVALID && insn->detail->arm.operands[i].type != match->operands[i].type) { insn 2007 tools/firmware_load_ng.c if(insn->detail->arm.operands[i].type == ARM_OP_REG) { insn 2010 tools/firmware_load_ng.c if(!reg_in_range((arm_reg)insn->detail->arm.operands[i].reg, insn 2014 tools/firmware_load_ng.c } else if((arm_reg)insn->detail->arm.operands[i].reg != match->operands[i].reg1) { insn 2017 tools/firmware_load_ng.c } else if(insn->detail->arm.operands[i].type == ARM_OP_MEM) { insn 2018 tools/firmware_load_ng.c if(insn->detail->arm.operands[i].mem.base != match->operands[i].reg1) { insn 2023 tools/firmware_load_ng.c insn->detail->arm.operands[i].type); insn 2027 tools/firmware_load_ng.c if(insn->detail->arm.operands[i].type == ARM_OP_MEM) { insn 2028 tools/firmware_load_ng.c if(insn->detail->arm.operands[i].mem.index != match->operands[i].reg2) { insn 2031 tools/firmware_load_ng.c } else if(insn->detail->arm.operands[i].type != ARM_OP_REG) { // reg handled above insn 2033 tools/firmware_load_ng.c insn->detail->arm.operands[i].type); insn 2037 tools/firmware_load_ng.c if(insn->detail->arm.operands[i].type == ARM_OP_IMM insn 2038 tools/firmware_load_ng.c || insn->detail->arm.operands[i].type == ARM_OP_PIMM insn 2039 tools/firmware_load_ng.c || insn->detail->arm.operands[i].type == ARM_OP_CIMM) { insn 2040 tools/firmware_load_ng.c if(insn->detail->arm.operands[i].imm != match->operands[i].imm) { insn 2043 tools/firmware_load_ng.c } else if(insn->detail->arm.operands[i].type == ARM_OP_MEM) { insn 2044 tools/firmware_load_ng.c if(insn->detail->arm.operands[i].mem.disp != match->operands[i].imm) { insn 2049 tools/firmware_load_ng.c insn->detail->arm.operands[i].type); insn 2060 tools/firmware_load_ng.c int insn_match_any(cs_insn *insn,const insn_match_t *match) insn 2065 tools/firmware_load_ng.c if(insn_match(insn,m)) { insn 2082 tools/firmware_load_ng.c if(insn_match_any(is->insn,match)) { insn 2106 tools/firmware_load_ng.c if(insn_match(is->insn,m)) { insn 2126 tools/firmware_load_ng.c while(m->id != ARM_INS_ENDING && disasm_iter(fw,is) && insn_match(is->insn,m)) { insn 2376 tools/firmware_load_ng.c cs_insn *insn; insn 2378 tools/firmware_load_ng.c count = cs_disasm(fw->cs_handle_thumb, code, sizeof(code), 0xFF000000, 3, &insn); insn 2380 tools/firmware_load_ng.c if(!(count == 3 && insn[0].id == ARM_INS_BLX && insn[2].id == ARM_INS_BLX)) { insn 2385 tools/firmware_load_ng.c int r=(insn[0].detail->arm.operands[0].imm == insn[2].detail->arm.operands[0].imm); insn 2391 tools/firmware_load_ng.c cs_free(insn,count); insn 2437 tools/firmware_load_ng.c uint32_t *pv=LDR_PC2valptr(fw,is->insn); insn 2501 tools/firmware_load_ng.c if(!IS_INSN_ID_MOVx(is->insn->id) || is->insn->detail->arm.operands[1].type != ARM_OP_IMM) { insn 2504 tools/firmware_load_ng.c ra = is->insn->detail->arm.operands[0].reg; insn 2505 tools/firmware_load_ng.c va = is->insn->detail->arm.operands[1].imm; insn 2507 tools/firmware_load_ng.c if(is->insn->id != ARM_INS_MOVT insn 2508 tools/firmware_load_ng.c || is->insn->detail->arm.operands[0].reg != ra insn 2509 tools/firmware_load_ng.c || is->insn->detail->arm.operands[1].type != ARM_OP_IMM) { insn 2512 tools/firmware_load_ng.c va = (is->insn->detail->arm.operands[1].imm << 16) | (va & 0xFFFF); insn 2519 tools/firmware_load_ng.c if(!IS_INSN_ID_MOVx(is->insn->id) || is->insn->detail->arm.operands[1].type != ARM_OP_IMM) { insn 2522 tools/firmware_load_ng.c rb = is->insn->detail->arm.operands[0].reg; insn 2523 tools/firmware_load_ng.c vb = is->insn->detail->arm.operands[1].imm; insn 2525 tools/firmware_load_ng.c if(is->insn->id != ARM_INS_MOVT insn 2526 tools/firmware_load_ng.c || is->insn->detail->arm.operands[0].reg != rb insn 2527 tools/firmware_load_ng.c || is->insn->detail->arm.operands[1].type != ARM_OP_IMM) { insn 2530 tools/firmware_load_ng.c vb = (is->insn->detail->arm.operands[1].imm << 16) | (vb & 0xFFFF); insn 2541 tools/firmware_load_ng.c } else if(is->insn->id == ARM_INS_MCR) { insn 2644 tools/firmware_load_ng.c uint32_t *pv=LDR_PC2valptr(fw,is->insn); insn 62 tools/firmware_load_ng.h cs_insn *insn; // cached instruction insn 253 tools/firmware_load_ng.h int isARM(cs_insn *insn); insn 258 tools/firmware_load_ng.h int isLDR_PC(cs_insn *insn); insn 263 tools/firmware_load_ng.h int isLDR_PC_PC(cs_insn *insn); insn 266 tools/firmware_load_ng.h uint32_t* LDR_PC2valptr_thumb(firmware *fw, cs_insn *insn); insn 267 tools/firmware_load_ng.h uint32_t* LDR_PC2valptr_arm(firmware *fw, cs_insn *insn); insn 268 tools/firmware_load_ng.h uint32_t* LDR_PC2valptr(firmware *fw, cs_insn *insn); insn 271 tools/firmware_load_ng.h uint32_t LDR_PC2adr(firmware *fw, cs_insn *insn); insn 274 tools/firmware_load_ng.h int isSUBW_PC(cs_insn *insn); insn 277 tools/firmware_load_ng.h int isADDW_PC(cs_insn *insn); insn 280 tools/firmware_load_ng.h int isADD_PC(cs_insn *insn); insn 283 tools/firmware_load_ng.h int isSUB_PC(cs_insn *insn); insn 286 tools/firmware_load_ng.h int isRETx(cs_insn *insn); insn 289 tools/firmware_load_ng.h int isPUSH_LR(cs_insn *insn); insn 292 tools/firmware_load_ng.h int isPOP_LR(cs_insn *insn); insn 295 tools/firmware_load_ng.h int isPOP_PC(cs_insn *insn); insn 298 tools/firmware_load_ng.h int isADDx_imm(cs_insn *insn); insn 301 tools/firmware_load_ng.h int isSUBx_imm(cs_insn *insn); insn 304 tools/firmware_load_ng.h int isADRx(cs_insn *insn); insn 307 tools/firmware_load_ng.h uint32_t ADRx2adr(firmware *fw, cs_insn *insn); insn 311 tools/firmware_load_ng.h uint32_t ADR2adr(firmware *fw, cs_insn *insn); insn 314 tools/firmware_load_ng.h uint32_t* ADR2valptr(firmware *fw, cs_insn *insn); insn 317 tools/firmware_load_ng.h uint32_t LDR_PC2val(firmware *fw, cs_insn *insn); insn 322 tools/firmware_load_ng.h uint32_t B_target(firmware *fw, cs_insn *insn); insn 325 tools/firmware_load_ng.h uint32_t CBx_target(firmware *fw, cs_insn *insn); insn 328 tools/firmware_load_ng.h uint32_t BLXimm_target(firmware *fw, cs_insn *insn); insn 333 tools/firmware_load_ng.h uint32_t BL_target(firmware *fw, cs_insn *insn); insn 336 tools/firmware_load_ng.h uint32_t B_BL_target(firmware *fw, cs_insn *insn); insn 339 tools/firmware_load_ng.h uint32_t B_BL_BLXimm_target(firmware *fw, cs_insn *insn); insn 342 tools/firmware_load_ng.h uint32_t BX_PC_target(__attribute__ ((unused))firmware *fw, cs_insn *insn); insn 633 tools/firmware_load_ng.h int insn_match(cs_insn *insn, const insn_match_t *match); insn 636 tools/firmware_load_ng.h int insn_match_any(cs_insn *insn,const insn_match_t *match); insn 710 tools/firmware_load_ng.h #define iter_state_adr(is) ((uint32_t)is->insn->address | is->thumb)