Newer
Older
3001
3002
3003
3004
3005
3006
3007
3008
3009
3010
3011
3012
3013
3014
3015
3016
3017
3018
3019
3020
3021
3022
3023
3024
3025
3026
3027
3028
3029
3030
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
3041
3042
3043
3044
3045
3046
3047
3048
3049
3050
3051
3052
3053
3054
3055
3056
3057
3058
3059
3060
3061
3062
3063
3064
3065
3066
3067
3068
3069
3070
3071
3072
3073
3074
3075
3076
3077
3078
3079
3080
3081
3082
3083
3084
3085
3086
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
3117
3118
3119
3120
3121
3122
3123
3124
3125
3126
3127
3128
3129
3130
3131
3132
3133
3134
3135
3136
3137
3138
3139
3140
3141
3142
StackAlteration[NN_leaved] = 4; // High Level Procedure Exit **
StackAlteration[NN_leaveq] = 8; // High Level Procedure Exit **
StackAlteration[NN_pop] = 4; // Pop a word from the Stack
StackAlteration[NN_popaw] = 14; // Pop all General Registers
StackAlteration[NN_popa] = 28; // Pop all General Registers
StackAlteration[NN_popad] = 28; // Pop all General Registers (use32)
StackAlteration[NN_popaq] = 56; // Pop all General Registers (use64)
StackAlteration[NN_popfw] = 2; // Pop Stack into Flags Register **
StackAlteration[NN_popf] = 4; // Pop Stack into Flags Register **
StackAlteration[NN_popfd] = 4; // Pop Stack into Eflags Register **
StackAlteration[NN_popfq] = 8; // Pop Stack into Rflags Register **
StackAlteration[NN_push] = -4; // Push Operand onto the Stack
StackAlteration[NN_pushaw] = -14; // Push all General Registers
StackAlteration[NN_pusha] = -28; // Push all General Registers
StackAlteration[NN_pushad] = -28; // Push all General Registers (use32)
StackAlteration[NN_pushaq] = -56; // Push all General Registers (use64)
StackAlteration[NN_pushfw] = -2; // Push Flags Register onto the Stack
StackAlteration[NN_pushf] = -4; // Push Flags Register onto the Stack
StackAlteration[NN_pushfd] = -4; // Push Flags Register onto the Stack (use32)
StackAlteration[NN_pushfq] = -8; // Push Flags Register onto the Stack (use64)
StackAlteration[NN_retn] = 4; // Return Near from Procedure
StackAlteration[NN_retf] = 8; // Return Far from Procedure
StackAlteration[NN_sub] = 1; // Subtraction; check operands for stack pointer
//
// 486 instructions
//
//
// Pentium instructions
//
//
// Pentium Pro instructions
//
//
// FPP instructions
//
//
// 80387 instructions
//
//
// Instructions added 28.02.96
//
StackAlteration[NN_loadall] = 0; // Load the entire CPU state from ES:EDI ?? Cannot find in Intel manuals
//
// MMX instructions
//
//
// Undocumented Deschutes processor instructions
//
// Pentium II instructions
StackAlteration[NN_sysenter] = 0; // Fast Transition to System Call Entry Point
StackAlteration[NN_sysexit] = 0; // Fast Transition from System Call Entry Point
// 3DNow! instructions
// Pentium III instructions
// Pentium III Pseudo instructions
// AMD K7 instructions
// Revisit AMD if we port to it.
// Undocumented FP instructions (thanks to norbert.juffa@adm.com)
// Pentium 4 instructions
// AMD syscall/sysret instructions NOTE: not AMD, found in Intel manual
StackAlteration[NN_syscall] = 0; // Low latency system call
StackAlteration[NN_sysret] = 0; // Return from system call
// AMD64 instructions NOTE: not AMD, found in Intel manual
// New Pentium instructions (SSE3)
// Missing AMD64 instructions NOTE: also found in Intel manual
// SSE3 instructions
// SSSE3 instructions
// VMX instructions
#if 599 < IDA_SDK_VERSION
// Added with x86-64
// Geode LX 3DNow! extensions
// SSE2 pseudoinstructions
// SSSE4.1 instructions
// SSSE4.2 instructions
// AMD SSE4a instructions
// xsave/xrstor instructions
// Intel Safer Mode Extensions (SMX)
// AMD-V Virtualization ISA Extension
// VMX+ instructions
// Intel Atom instructions
// Intel AES instructions
// Carryless multiplication
#endif // 599 < IDA_SDK_VERSION
StackAlteration[NN_last] = 0;
return;
} // end InitOptCategory()