unicorn/bindings/vb6/uc_def.bas

2505 lines
83 KiB
QBasic
Raw Normal View History

Attribute VB_Name = "uc_def"
Option Explicit
'Unicorn Engine x86 32bit wrapper class for vb6
'Contributed by: FireEye FLARE team
'Author: David Zimmer <david.zimmer@fireeye.com>, <dzzie@yahoo.com>
'License: Apache
' supported api:
' ucs_version
' ucs_arch_supported
' ucs_open
' ucs_close
' uc_reg_write
' uc_reg_read
' uc_mem_write
' UC_MEM_READ
' uc_emu_start
' uc_emu_stop
' ucs_hook_add
' uc_mem_map
' uc_hook_del
' uc_mem_regions
' uc_mem_map_ptr
' uc_context_alloc
' uc_free
' uc_context_save
' uc_context_restore
' uc_mem_unmap
' uc_mem_protect
' uc_strerror
' uc_errno
' supported hooks:
' UC_HOOK_CODE
' UC_HOOK_BLOCK
' memory READ/WRITE/FETCH
' invalid memory access
' interrupts
'
' bonus:
' disasm_addr (32bit only uses libdasm)
' mem_write_block (map and write data auto handles alignment)
' get_memMap (wrapper for uc_mem_regions)
'
'
'sample supports multiple instances, required since callbacks must be in a shared module
Global instances As New Collection
Global UNICORN_PATH As String
Global DYNLOAD As Long
Public Enum uc_arch
UC_ARCH_ARM = 1 ' ARM architecture (including Thumb, Thumb-2)
UC_ARCH_ARM64 = 2 ' ARM-64, also called AArch64okok
UC_ARCH_MIPS = 3 ' Mips architecture
UC_ARCH_X86 = 4 ' X86 architecture (including x86 & x86-64)
UC_ARCH_PPC = 5 ' PowerPC architecture (currently unsupported)
UC_ARCH_SPARC = 6 ' Sparc architecture
UC_ARCH_M68K = 7 ' M68K architecture
UC_ARCH_MAX = 8
End Enum
Public Enum uc_prot
UC_PROT_NONE = 0
UC_PROT_READ = 1
UC_PROT_WRITE = 2
UC_PROT_EXEC = 4
UC_PROT_ALL = 7
End Enum
Public Enum uc_err
uc_err_ok = 0 ' No error: everything was fine
UC_ERR_NOMEM = 1 ' Out-Of-Memory error: uc_open(), uc_emulate()
UC_ERR_ARCH = 2 ' Unsupported architecture: uc_open()
UC_ERR_HANDLE = 3 ' Invalid handle
UC_ERR_MODE = 4 ' Invalid/unsupported mode: uc_open()
UC_ERR_VERSION = 5 ' Unsupported version (bindings)
UC_ERR_READ_UNMAPPED = 6 ' Quit emulation due to READ on unmapped memory: uc_emu_start()
UC_ERR_WRITE_UNMAPPED = 7 ' Quit emulation due to WRITE on unmapped memory: uc_emu_start()
UC_ERR_FETCH_UNMAPPED = 8 ' Quit emulation due to FETCH on unmapped memory: uc_emu_start()
UC_ERR_HOOK = 9 ' Invalid hook type: uc_hook_add()
UC_ERR_INSN_INVALID = 10 ' Quit emulation due to invalid instruction: uc_emu_start()
UC_ERR_MAP = 11 ' Invalid memory mapping: uc_mem_map()
UC_ERR_WRITE_PROT = 12 ' Quit emulation due to UC_MEM_WRITE_PROT violation: uc_emu_start()
UC_ERR_READ_PROT = 13 ' Quit emulation due to UC_MEM_READ_PROT violation: uc_emu_start()
UC_ERR_FETCH_PROT = 14 ' Quit emulation due to UC_MEM_FETCH_PROT violation: uc_emu_start()
UC_ERR_ARG = 15 ' Inavalid argument provided to uc_xxx function (See specific function API)
UC_ERR_READ_UNALIGNED = 16 ' Unaligned read
UC_ERR_WRITE_UNALIGNED = 17 ' Unaligned write
UC_ERR_FETCH_UNALIGNED = 18 ' Unaligned fetch
UC_ERR_HOOK_EXIST = 19 ' hook for this event already existed
UC_ERR_RESOURCE = 20 ' Insufficient resource: uc_emu_start()
UC_ERR_EXCEPTION = 21 ' Unhandled CPU exception
End Enum
' All type of memory accesses for UC_HOOK_MEM_*
Public Enum uc_mem_type
UC_MEM_READ = 16 ' Memory is read from
uc_mem_write = 17 ' Memory is written to
UC_MEM_FETCH = 18 ' Memory is fetched
UC_MEM_READ_UNMAPPED = 19 ' Unmapped memory is read from
UC_MEM_WRITE_UNMAPPED = 20 ' Unmapped memory is written to
UC_MEM_FETCH_UNMAPPED = 21 ' Unmapped memory is fetched
UC_MEM_WRITE_PROT = 22 ' Write to write protected, but mapped, memory
UC_MEM_READ_PROT = 23 ' Read from read protected, but mapped, memory
UC_MEM_FETCH_PROT = 24 ' Fetch from non-executable, but mapped, memory
UC_MEM_READ_AFTER = 25 ' Memory is read from (successful access)
End Enum
Public Enum uc_mode 'from /bindings/dotnet/common.fs
UC_MODE_LITTLE_ENDIAN = 0 'little-endian mode (default mode)
UC_MODE_BIG_ENDIAN = 1073741824 'big-endian mode
' UC_MODE_ARM = 0 'ARM mode
' UC_MODE_THUMB = 16 'THUMB mode (including Thumb-2)
' UC_MODE_MCLASS = 32 'ARM's Cortex-M series (currently unsupported)
' UC_MODE_V8 = 64 'ARMv8 A32 encodings for ARM (currently unsupported)
' UC_MODE_MICRO = 16 'MicroMips mode (currently unsupported)
' UC_MODE_MIPS3 = 32 'Mips III ISA (currently unsupported)
' UC_MODE_MIPS32R6 = 64 'Mips32r6 ISA (currently unsupported)
' UC_MODE_MIPS32 = 4 'Mips32 ISA
' UC_MODE_MIPS64 = 8 'Mips64 ISA
UC_MODE_16 = 2 '16-bit mode
UC_MODE_32 = 4 '32-bit mode
UC_MODE_64 = 8 '64-bit mode
' UC_MODE_PPC32 = 4 '32-bit mode (currently unsupported)
' UC_MODE_PPC64 = 8 '64-bit mode (currently unsupported)
' UC_MODE_QPX = 16 'Quad Processing eXtensions mode (currently unsupported)
' UC_MODE_SPARC32 = 4 '32-bit mode
' UC_MODE_SPARC64 = 8 '64-bit mode
' UC_MODE_V9 = 16 'SparcV9 mode (currently unsupported)
End Enum
Public Enum uc_hook_type 'from /bindings/dotnet/common.fs
UC_HOOK_INTR = 1 ' Hook all interrupt/syscall events
UC_HOOK_INSN = 2 ' Hook a particular instruction
UC_HOOK_CODE = 4 ' Hook a range of code
UC_HOOK_BLOCK = 8 ' Hook basic blocks
UC_HOOK_MEM_READ_UNMAPPED = 16 ' Hook for memory read on unmapped memory
UC_HOOK_MEM_WRITE_UNMAPPED = 32 ' Hook for invalid memory write events
UC_HOOK_MEM_FETCH_UNMAPPED = 64 ' Hook for invalid memory fetch for execution events
UC_HOOK_MEM_READ_PROT = 128 ' Hook for memory read on read-protected memory
UC_HOOK_MEM_WRITE_PROT = 256 ' Hook for memory write on write-protected memory
UC_HOOK_MEM_FETCH_PROT = 512 ' Hook for memory fetch on non-executable memory
UC_HOOK_MEM_READ = 1024 ' Hook memory read events.
UC_HOOK_MEM_WRITE = 2048 ' Hook memory write events.
UC_HOOK_MEM_FETCH = 4096 ' Hook memory fetch for execution events
UC_HOOK_MEM_READ_AFTER = 8192 ' Hook memory read events, but only successful access.(triggered after successful read.)
UC_HOOK_MEM_UNMAPPED = 112
UC_HOOK_MEM_PROT = 896
UC_HOOK_MEM_READ_INVALID = 144
UC_HOOK_MEM_WRITE_INVALID = 288
UC_HOOK_MEM_FETCH_INVALID = 576
UC_HOOK_MEM_INVALID = 1008
UC_HOOK_MEM_VALID = 7168
End Enum
Public Enum hookCatagory
hc_code = 0
hc_block = 1
hc_inst = 2
hc_int = 3
hc_mem = 4
hc_memInvalid = 5
End Enum
Public Enum uc_x86_reg
UC_X86_REG_INVALID = 0
UC_X86_REG_AH = 1
UC_X86_REG_AL = 2
UC_X86_REG_AX = 3
UC_X86_REG_BH = 4
UC_X86_REG_Bl = 5
UC_X86_REG_BP = 6
UC_X86_REG_BPL = 7
UC_X86_REG_BX = 8
UC_X86_REG_CH = 9
UC_X86_REG_CL = 10
UC_X86_REG_CS = 11
UC_X86_REG_CX = 12
UC_X86_REG_DH = 13
UC_X86_REG_DI = 14
UC_X86_REG_DIL = 15
UC_X86_REG_DL = 16
UC_X86_REG_DS = 17
UC_X86_REG_DX = 18
UC_X86_REG_EAX = 19
UC_X86_REG_EBP = 20
UC_X86_REG_EBX = 21
UC_X86_REG_ECX = 22
UC_X86_REG_EDI = 23
UC_X86_REG_EDX = 24
UC_X86_REG_EFLAGS = 25
UC_X86_REG_EIP = 26
UC_X86_REG_EIZ = 27
UC_X86_REG_ES = 28
UC_X86_REG_ESI = 29
UC_X86_REG_ESP = 30
UC_X86_REG_FPSW = 31
UC_X86_REG_FS = 32
UC_X86_REG_GS = 33
UC_X86_REG_IP = 34
UC_X86_REG_RAX = 35
UC_X86_REG_RBP = 36
UC_X86_REG_RBX = 37
UC_X86_REG_RCX = 38
UC_X86_REG_RDI = 39
UC_X86_REG_RDX = 40
UC_X86_REG_RIP = 41
UC_X86_REG_RIZ = 42
UC_X86_REG_RSI = 43
UC_X86_REG_RSP = 44
UC_X86_REG_SI = 45
UC_X86_REG_SIL = 46
UC_X86_REG_SP = 47
UC_X86_REG_SPL = 48
UC_X86_REG_SS = 49
UC_X86_REG_CR0 = 50
UC_X86_REG_CR1 = 51
UC_X86_REG_CR2 = 52
UC_X86_REG_CR3 = 53
UC_X86_REG_CR4 = 54
UC_X86_REG_CR5 = 55
UC_X86_REG_CR6 = 56
UC_X86_REG_CR7 = 57
UC_X86_REG_CR8 = 58
UC_X86_REG_CR9 = 59
UC_X86_REG_CR10 = 60
UC_X86_REG_CR11 = 61
UC_X86_REG_CR12 = 62
UC_X86_REG_CR13 = 63
UC_X86_REG_CR14 = 64
UC_X86_REG_CR15 = 65
UC_X86_REG_DR0 = 66
UC_X86_REG_DR1 = 67
UC_X86_REG_DR2 = 68
UC_X86_REG_DR3 = 69
UC_X86_REG_DR4 = 70
UC_X86_REG_DR5 = 71
UC_X86_REG_DR6 = 72
UC_X86_REG_DR7 = 73
UC_X86_REG_DR8 = 74
UC_X86_REG_DR9 = 75
UC_X86_REG_DR10 = 76
UC_X86_REG_DR11 = 77
UC_X86_REG_DR12 = 78
UC_X86_REG_DR13 = 79
UC_X86_REG_DR14 = 80
UC_X86_REG_DR15 = 81
UC_X86_REG_FP0 = 82
UC_X86_REG_FP1 = 83
UC_X86_REG_FP2 = 84
UC_X86_REG_FP3 = 85
UC_X86_REG_FP4 = 86
UC_X86_REG_FP5 = 87
UC_X86_REG_FP6 = 88
UC_X86_REG_FP7 = 89
UC_X86_REG_K0 = 90
UC_X86_REG_K1 = 91
UC_X86_REG_K2 = 92
UC_X86_REG_K3 = 93
UC_X86_REG_K4 = 94
UC_X86_REG_K5 = 95
UC_X86_REG_K6 = 96
UC_X86_REG_K7 = 97
UC_X86_REG_MM0 = 98
UC_X86_REG_MM1 = 99
UC_X86_REG_MM2 = 100
UC_X86_REG_MM3 = 101
UC_X86_REG_MM4 = 102
UC_X86_REG_MM5 = 103
UC_X86_REG_MM6 = 104
UC_X86_REG_MM7 = 105
UC_X86_REG_R8 = 106
UC_X86_REG_R9 = 107
UC_X86_REG_R10 = 108
UC_X86_REG_R11 = 109
UC_X86_REG_R12 = 110
UC_X86_REG_R13 = 111
UC_X86_REG_R14 = 112
UC_X86_REG_R15 = 113
UC_X86_REG_ST0 = 114
UC_X86_REG_ST1 = 115
UC_X86_REG_ST2 = 116
UC_X86_REG_ST3 = 117
UC_X86_REG_ST4 = 118
UC_X86_REG_ST5 = 119
UC_X86_REG_ST6 = 120
UC_X86_REG_ST7 = 121
UC_X86_REG_XMM0 = 122
UC_X86_REG_XMM1 = 123
UC_X86_REG_XMM2 = 124
UC_X86_REG_XMM3 = 125
UC_X86_REG_XMM4 = 126
UC_X86_REG_XMM5 = 127
UC_X86_REG_XMM6 = 128
UC_X86_REG_XMM7 = 129
UC_X86_REG_XMM8 = 130
UC_X86_REG_XMM9 = 131
UC_X86_REG_XMM10 = 132
UC_X86_REG_XMM11 = 133
UC_X86_REG_XMM12 = 134
UC_X86_REG_XMM13 = 135
UC_X86_REG_XMM14 = 136
UC_X86_REG_XMM15 = 137
UC_X86_REG_XMM16 = 138
UC_X86_REG_XMM17 = 139
UC_X86_REG_XMM18 = 140
UC_X86_REG_XMM19 = 141
UC_X86_REG_XMM20 = 142
UC_X86_REG_XMM21 = 143
UC_X86_REG_XMM22 = 144
UC_X86_REG_XMM23 = 145
UC_X86_REG_XMM24 = 146
UC_X86_REG_XMM25 = 147
UC_X86_REG_XMM26 = 148
UC_X86_REG_XMM27 = 149
UC_X86_REG_XMM28 = 150
UC_X86_REG_XMM29 = 151
UC_X86_REG_XMM30 = 152
UC_X86_REG_XMM31 = 153
UC_X86_REG_YMM0 = 154
UC_X86_REG_YMM1 = 155
UC_X86_REG_YMM2 = 156
UC_X86_REG_YMM3 = 157
UC_X86_REG_YMM4 = 158
UC_X86_REG_YMM5 = 159
UC_X86_REG_YMM6 = 160
UC_X86_REG_YMM7 = 161
UC_X86_REG_YMM8 = 162
UC_X86_REG_YMM9 = 163
UC_X86_REG_YMM10 = 164
UC_X86_REG_YMM11 = 165
UC_X86_REG_YMM12 = 166
UC_X86_REG_YMM13 = 167
UC_X86_REG_YMM14 = 168
UC_X86_REG_YMM15 = 169
UC_X86_REG_YMM16 = 170
UC_X86_REG_YMM17 = 171
UC_X86_REG_YMM18 = 172
UC_X86_REG_YMM19 = 173
UC_X86_REG_YMM20 = 174
UC_X86_REG_YMM21 = 175
UC_X86_REG_YMM22 = 176
UC_X86_REG_YMM23 = 177
UC_X86_REG_YMM24 = 178
UC_X86_REG_YMM25 = 179
UC_X86_REG_YMM26 = 180
UC_X86_REG_YMM27 = 181
UC_X86_REG_YMM28 = 182
UC_X86_REG_YMM29 = 183
UC_X86_REG_YMM30 = 184
UC_X86_REG_YMM31 = 185
UC_X86_REG_ZMM0 = 186
UC_X86_REG_ZMM1 = 187
UC_X86_REG_ZMM2 = 188
UC_X86_REG_ZMM3 = 189
UC_X86_REG_ZMM4 = 190
UC_X86_REG_ZMM5 = 191
UC_X86_REG_ZMM6 = 192
UC_X86_REG_ZMM7 = 193
UC_X86_REG_ZMM8 = 194
UC_X86_REG_ZMM9 = 195
UC_X86_REG_ZMM10 = 196
UC_X86_REG_ZMM11 = 197
UC_X86_REG_ZMM12 = 198
UC_X86_REG_ZMM13 = 199
UC_X86_REG_ZMM14 = 200
UC_X86_REG_ZMM15 = 201
UC_X86_REG_ZMM16 = 202
UC_X86_REG_ZMM17 = 203
UC_X86_REG_ZMM18 = 204
UC_X86_REG_ZMM19 = 205
UC_X86_REG_ZMM20 = 206
UC_X86_REG_ZMM21 = 207
UC_X86_REG_ZMM22 = 208
UC_X86_REG_ZMM23 = 209
UC_X86_REG_ZMM24 = 210
UC_X86_REG_ZMM25 = 211
UC_X86_REG_ZMM26 = 212
UC_X86_REG_ZMM27 = 213
UC_X86_REG_ZMM28 = 214
UC_X86_REG_ZMM29 = 215
UC_X86_REG_ZMM30 = 216
UC_X86_REG_ZMM31 = 217
UC_X86_REG_R8B = 218
UC_X86_REG_R9B = 219
UC_X86_REG_R10B = 220
UC_X86_REG_R11B = 221
UC_X86_REG_R12B = 222
UC_X86_REG_R13B = 223
UC_X86_REG_R14B = 224
UC_X86_REG_R15B = 225
UC_X86_REG_R8D = 226
UC_X86_REG_R9D = 227
UC_X86_REG_R10D = 228
UC_X86_REG_R11D = 229
UC_X86_REG_R12D = 230
UC_X86_REG_R13D = 231
UC_X86_REG_R14D = 232
UC_X86_REG_R15D = 233
UC_X86_REG_R8W = 234
UC_X86_REG_R9W = 235
UC_X86_REG_R10W = 236
UC_X86_REG_R11W = 237
UC_X86_REG_R12W = 238
UC_X86_REG_R13W = 239
UC_X86_REG_R14W = 240
UC_X86_REG_R15W = 241
UC_X86_REG_IDTR = 242
UC_X86_REG_GDTR = 243
UC_X86_REG_LDTR = 244
UC_X86_REG_TR = 245
UC_X86_REG_FPCW = 246
UC_X86_REG_FPTAG = 247
UC_X86_REG_ENDING = 248
End Enum
'Public Enum uc_x86_insn
' UC_X86_INS_INVALID = 0
' UC_X86_INS_AAA = 1
' UC_X86_INS_AAD = 2
' UC_X86_INS_AAM = 3
' UC_X86_INS_AAS = 4
' UC_X86_INS_FABS = 5
' UC_X86_INS_ADC = 6
' UC_X86_INS_ADCX = 7
' UC_X86_INS_ADD = 8
' UC_X86_INS_ADDPD = 9
' UC_X86_INS_ADDPS = 10
' UC_X86_INS_ADDSD = 11
' UC_X86_INS_ADDSS = 12
' UC_X86_INS_ADDSUBPD = 13
' UC_X86_INS_ADDSUBPS = 14
' UC_X86_INS_FADD = 15
' UC_X86_INS_FIADD = 16
' UC_X86_INS_FADDP = 17
' UC_X86_INS_ADOX = 18
' UC_X86_INS_AESDECLAST = 19
' UC_X86_INS_AESDEC = 20
' UC_X86_INS_AESENCLAST = 21
' UC_X86_INS_AESENC = 22
' UC_X86_INS_AESIMC = 23
' UC_X86_INS_AESKEYGENASSIST = 24
' UC_X86_INS_AND = 25
' UC_X86_INS_ANDN = 26
' UC_X86_INS_ANDNPD = 27
' UC_X86_INS_ANDNPS = 28
' UC_X86_INS_ANDPD = 29
' UC_X86_INS_ANDPS = 30
' UC_X86_INS_ARPL = 31
' UC_X86_INS_BEXTR = 32
' UC_X86_INS_BLCFILL = 33
' UC_X86_INS_BLCI = 34
' UC_X86_INS_BLCIC = 35
' UC_X86_INS_BLCMSK = 36
' UC_X86_INS_BLCS = 37
' UC_X86_INS_BLENDPD = 38
' UC_X86_INS_BLENDPS = 39
' UC_X86_INS_BLENDVPD = 40
' UC_X86_INS_BLENDVPS = 41
' UC_X86_INS_BLSFILL = 42
' UC_X86_INS_BLSI = 43
' UC_X86_INS_BLSIC = 44
' UC_X86_INS_BLSMSK = 45
' UC_X86_INS_BLSR = 46
' UC_X86_INS_BOUND = 47
' UC_X86_INS_BSF = 48
' UC_X86_INS_BSR = 49
' UC_X86_INS_BSWAP = 50
' UC_X86_INS_BT = 51
' UC_X86_INS_BTC = 52
' UC_X86_INS_BTR = 53
' UC_X86_INS_BTS = 54
' UC_X86_INS_BZHI = 55
' UC_X86_INS_CALL = 56
' UC_X86_INS_CBW = 57
' UC_X86_INS_CDQ = 58
' UC_X86_INS_CDQE = 59
' UC_X86_INS_FCHS = 60
' UC_X86_INS_CLAC = 61
' UC_X86_INS_CLC = 62
' UC_X86_INS_CLD = 63
' UC_X86_INS_CLFLUSH = 64
' UC_X86_INS_CLFLUSHOPT = 65
' UC_X86_INS_CLGI = 66
' UC_X86_INS_CLI = 67
' UC_X86_INS_CLTS = 68
' UC_X86_INS_CLWB = 69
' UC_X86_INS_CMC = 70
' UC_X86_INS_CMOVA = 71
' UC_X86_INS_CMOVAE = 72
' UC_X86_INS_CMOVB = 73
' UC_X86_INS_CMOVBE = 74
' UC_X86_INS_FCMOVBE = 75
' UC_X86_INS_FCMOVB = 76
' UC_X86_INS_CMOVE = 77
' UC_X86_INS_FCMOVE = 78
' UC_X86_INS_CMOVG = 79
' UC_X86_INS_CMOVGE = 80
' UC_X86_INS_CMOVL = 81
' UC_X86_INS_CMOVLE = 82
' UC_X86_INS_FCMOVNBE = 83
' UC_X86_INS_FCMOVNB = 84
' UC_X86_INS_CMOVNE = 85
' UC_X86_INS_FCMOVNE = 86
' UC_X86_INS_CMOVNO = 87
' UC_X86_INS_CMOVNP = 88
' UC_X86_INS_FCMOVNU = 89
' UC_X86_INS_CMOVNS = 90
' UC_X86_INS_CMOVO = 91
' UC_X86_INS_CMOVP = 92
' UC_X86_INS_FCMOVU = 93
' UC_X86_INS_CMOVS = 94
' UC_X86_INS_CMP = 95
' UC_X86_INS_CMPPD = 96
' UC_X86_INS_CMPPS = 97
' UC_X86_INS_CMPSB = 98
' UC_X86_INS_CMPSD = 99
' UC_X86_INS_CMPSQ = 100
' UC_X86_INS_CMPSS = 101
' UC_X86_INS_CMPSW = 102
' UC_X86_INS_CMPXCHG16B = 103
' UC_X86_INS_CMPXCHG = 104
' UC_X86_INS_CMPXCHG8B = 105
' UC_X86_INS_COMISD = 106
' UC_X86_INS_COMISS = 107
' UC_X86_INS_FCOMP = 108
' UC_X86_INS_FCOMPI = 109
' UC_X86_INS_FCOMI = 110
' UC_X86_INS_FCOM = 111
' UC_X86_INS_FCOS = 112
' UC_X86_INS_CPUID = 113
' UC_X86_INS_CQO = 114
' UC_X86_INS_CRC32 = 115
' UC_X86_INS_CVTDQ2PD = 116
' UC_X86_INS_CVTDQ2PS = 117
' UC_X86_INS_CVTPD2DQ = 118
' UC_X86_INS_CVTPD2PS = 119
' UC_X86_INS_CVTPS2DQ = 120
' UC_X86_INS_CVTPS2PD = 121
' UC_X86_INS_CVTSD2SI = 122
' UC_X86_INS_CVTSD2SS = 123
' UC_X86_INS_CVTSI2SD = 124
' UC_X86_INS_CVTSI2SS = 125
' UC_X86_INS_CVTSS2SD = 126
' UC_X86_INS_CVTSS2SI = 127
' UC_X86_INS_CVTTPD2DQ = 128
' UC_X86_INS_CVTTPS2DQ = 129
' UC_X86_INS_CVTTSD2SI = 130
' UC_X86_INS_CVTTSS2SI = 131
' UC_X86_INS_CWD = 132
' UC_X86_INS_CWDE = 133
' UC_X86_INS_DAA = 134
' UC_X86_INS_DAS = 135
' UC_X86_INS_DATA16 = 136
' UC_X86_INS_DEC = 137
' UC_X86_INS_DIV = 138
' UC_X86_INS_DIVPD = 139
' UC_X86_INS_DIVPS = 140
' UC_X86_INS_FDIVR = 141
' UC_X86_INS_FIDIVR = 142
' UC_X86_INS_FDIVRP = 143
' UC_X86_INS_DIVSD = 144
' UC_X86_INS_DIVSS = 145
' UC_X86_INS_FDIV = 146
' UC_X86_INS_FIDIV = 147
' UC_X86_INS_FDIVP = 148
' UC_X86_INS_DPPD = 149
' UC_X86_INS_DPPS = 150
' UC_X86_INS_RET = 151
' UC_X86_INS_ENCLS = 152
' UC_X86_INS_ENCLU = 153
' UC_X86_INS_ENTER = 154
' UC_X86_INS_EXTRACTPS = 155
' UC_X86_INS_EXTRQ = 156
' UC_X86_INS_F2XM1 = 157
' UC_X86_INS_LCALL = 158
' UC_X86_INS_LJMP = 159
' UC_X86_INS_FBLD = 160
' UC_X86_INS_FBSTP = 161
' UC_X86_INS_FCOMPP = 162
' UC_X86_INS_FDECSTP = 163
' UC_X86_INS_FEMMS = 164
' UC_X86_INS_FFREE = 165
' UC_X86_INS_FICOM = 166
' UC_X86_INS_FICOMP = 167
' UC_X86_INS_FINCSTP = 168
' UC_X86_INS_FLDCW = 169
' UC_X86_INS_FLDENV = 170
' UC_X86_INS_FLDL2E = 171
' UC_X86_INS_FLDL2T = 172
' UC_X86_INS_FLDLG2 = 173
' UC_X86_INS_FLDLN2 = 174
' UC_X86_INS_FLDPI = 175
' UC_X86_INS_FNCLEX = 176
' UC_X86_INS_FNINIT = 177
' UC_X86_INS_FNOP = 178
' UC_X86_INS_FNSTCW = 179
' UC_X86_INS_FNSTSW = 180
' UC_X86_INS_FPATAN = 181
' UC_X86_INS_FPREM = 182
' UC_X86_INS_FPREM1 = 183
' UC_X86_INS_FPTAN = 184
' UC_X86_INS_FFREEP = 185
' UC_X86_INS_FRNDINT = 186
' UC_X86_INS_FRSTOR = 187
' UC_X86_INS_FNSAVE = 188
' UC_X86_INS_FSCALE = 189
' UC_X86_INS_FSETPM = 190
' UC_X86_INS_FSINCOS = 191
' UC_X86_INS_FNSTENV = 192
' UC_X86_INS_FXAM = 193
' UC_X86_INS_FXRSTOR = 194
' UC_X86_INS_FXRSTOR64 = 195
' UC_X86_INS_FXSAVE = 196
' UC_X86_INS_FXSAVE64 = 197
' UC_X86_INS_FXTRACT = 198
' UC_X86_INS_FYL2X = 199
' UC_X86_INS_FYL2XP1 = 200
' UC_X86_INS_MOVAPD = 201
' UC_X86_INS_MOVAPS = 202
' UC_X86_INS_ORPD = 203
' UC_X86_INS_ORPS = 204
' UC_X86_INS_VMOVAPD = 205
' UC_X86_INS_VMOVAPS = 206
' UC_X86_INS_XORPD = 207
' UC_X86_INS_XORPS = 208
' UC_X86_INS_GETSEC = 209
' UC_X86_INS_HADDPD = 210
' UC_X86_INS_HADDPS = 211
' UC_X86_INS_HLT = 212
' UC_X86_INS_HSUBPD = 213
' UC_X86_INS_HSUBPS = 214
' UC_X86_INS_IDIV = 215
' UC_X86_INS_FILD = 216
' UC_X86_INS_IMUL = 217
' UC_X86_INS_IN = 218
' UC_X86_INS_INC = 219
' UC_X86_INS_INSB = 220
' UC_X86_INS_INSERTPS = 221
' UC_X86_INS_INSERTQ = 222
' UC_X86_INS_INSD = 223
' UC_X86_INS_INSW = 224
' UC_X86_INS_INT = 225
' UC_X86_INS_INT1 = 226
' UC_X86_INS_INT3 = 227
' UC_X86_INS_INTO = 228
' UC_X86_INS_INVD = 229
' UC_X86_INS_INVEPT = 230
' UC_X86_INS_INVLPG = 231
' UC_X86_INS_INVLPGA = 232
' UC_X86_INS_INVPCID = 233
' UC_X86_INS_INVVPID = 234
' UC_X86_INS_IRET = 235
' UC_X86_INS_IRETD = 236
' UC_X86_INS_IRETQ = 237
' UC_X86_INS_FISTTP = 238
' UC_X86_INS_FIST = 239
' UC_X86_INS_FISTP = 240
' UC_X86_INS_UCOMISD = 241
' UC_X86_INS_UCOMISS = 242
' UC_X86_INS_VCOMISD = 243
' UC_X86_INS_VCOMISS = 244
' UC_X86_INS_VCVTSD2SS = 245
' UC_X86_INS_VCVTSI2SD = 246
' UC_X86_INS_VCVTSI2SS = 247
' UC_X86_INS_VCVTSS2SD = 248
' UC_X86_INS_VCVTTSD2SI = 249
' UC_X86_INS_VCVTTSD2USI = 250
' UC_X86_INS_VCVTTSS2SI = 251
' UC_X86_INS_VCVTTSS2USI = 252
' UC_X86_INS_VCVTUSI2SD = 253
' UC_X86_INS_VCVTUSI2SS = 254
' UC_X86_INS_VUCOMISD = 255
' UC_X86_INS_VUCOMISS = 256
' UC_X86_INS_JAE = 257
' UC_X86_INS_JA = 258
' UC_X86_INS_JBE = 259
' UC_X86_INS_JB = 260
' UC_X86_INS_JCXZ = 261
' UC_X86_INS_JECXZ = 262
' UC_X86_INS_JE = 263
' UC_X86_INS_JGE = 264
' UC_X86_INS_JG = 265
' UC_X86_INS_JLE = 266
' UC_X86_INS_JL = 267
' UC_X86_INS_JMP = 268
' UC_X86_INS_JNE = 269
' UC_X86_INS_JNO = 270
' UC_X86_INS_JNP = 271
' UC_X86_INS_JNS = 272
' UC_X86_INS_JO = 273
' UC_X86_INS_JP = 274
' UC_X86_INS_JRCXZ = 275
' UC_X86_INS_JS = 276
' UC_X86_INS_KANDB = 277
' UC_X86_INS_KANDD = 278
' UC_X86_INS_KANDNB = 279
' UC_X86_INS_KANDND = 280
' UC_X86_INS_KANDNQ = 281
' UC_X86_INS_KANDNW = 282
' UC_X86_INS_KANDQ = 283
' UC_X86_INS_KANDW = 284
' UC_X86_INS_KMOVB = 285
' UC_X86_INS_KMOVD = 286
' UC_X86_INS_KMOVQ = 287
' UC_X86_INS_KMOVW = 288
' UC_X86_INS_KNOTB = 289
' UC_X86_INS_KNOTD = 290
' UC_X86_INS_KNOTQ = 291
' UC_X86_INS_KNOTW = 292
' UC_X86_INS_KORB = 293
' UC_X86_INS_KORD = 294
' UC_X86_INS_KORQ = 295
' UC_X86_INS_KORTESTB = 296
' UC_X86_INS_KORTESTD = 297
' UC_X86_INS_KORTESTQ = 298
' UC_X86_INS_KORTESTW = 299
' UC_X86_INS_KORW = 300
' UC_X86_INS_KSHIFTLB = 301
' UC_X86_INS_KSHIFTLD = 302
' UC_X86_INS_KSHIFTLQ = 303
' UC_X86_INS_KSHIFTLW = 304
' UC_X86_INS_KSHIFTRB = 305
' UC_X86_INS_KSHIFTRD = 306
' UC_X86_INS_KSHIFTRQ = 307
' UC_X86_INS_KSHIFTRW = 308
' UC_X86_INS_KUNPCKBW = 309
' UC_X86_INS_KXNORB = 310
' UC_X86_INS_KXNORD = 311
' UC_X86_INS_KXNORQ = 312
' UC_X86_INS_KXNORW = 313
' UC_X86_INS_KXORB = 314
' UC_X86_INS_KXORD = 315
' UC_X86_INS_KXORQ = 316
' UC_X86_INS_KXORW = 317
' UC_X86_INS_LAHF = 318
' UC_X86_INS_LAR = 319
' UC_X86_INS_LDDQU = 320
' UC_X86_INS_LDMXCSR = 321
' UC_X86_INS_LDS = 322
' UC_X86_INS_FLDZ = 323
' UC_X86_INS_FLD1 = 324
' UC_X86_INS_FLD = 325
' UC_X86_INS_LEA = 326
' UC_X86_INS_LEAVE = 327
' UC_X86_INS_LES = 328
' UC_X86_INS_LFENCE = 329
' UC_X86_INS_LFS = 330
' UC_X86_INS_LGDT = 331
' UC_X86_INS_LGS = 332
' UC_X86_INS_LIDT = 333
' UC_X86_INS_LLDT = 334
' UC_X86_INS_LMSW = 335
' UC_X86_INS_OR = 336
' UC_X86_INS_SUB = 337
' UC_X86_INS_XOR = 338
' UC_X86_INS_LODSB = 339
' UC_X86_INS_LODSD = 340
' UC_X86_INS_LODSQ = 341
' UC_X86_INS_LODSW = 342
' UC_X86_INS_LOOP = 343
' UC_X86_INS_LOOPE = 344
' UC_X86_INS_LOOPNE = 345
' UC_X86_INS_RETF = 346
' UC_X86_INS_RETFQ = 347
' UC_X86_INS_LSL = 348
' UC_X86_INS_LSS = 349
' UC_X86_INS_LTR = 350
' UC_X86_INS_XADD = 351
' UC_X86_INS_LZCNT = 352
' UC_X86_INS_MASKMOVDQU = 353
' UC_X86_INS_MAXPD = 354
' UC_X86_INS_MAXPS = 355
' UC_X86_INS_MAXSD = 356
' UC_X86_INS_MAXSS = 357
' UC_X86_INS_MFENCE = 358
' UC_X86_INS_MINPD = 359
' UC_X86_INS_MINPS = 360
' UC_X86_INS_MINSD = 361
' UC_X86_INS_MINSS = 362
' UC_X86_INS_CVTPD2PI = 363
' UC_X86_INS_CVTPI2PD = 364
' UC_X86_INS_CVTPI2PS = 365
' UC_X86_INS_CVTPS2PI = 366
' UC_X86_INS_CVTTPD2PI = 367
' UC_X86_INS_CVTTPS2PI = 368
' UC_X86_INS_EMMS = 369
' UC_X86_INS_MASKMOVQ = 370
' UC_X86_INS_MOVD = 371
' UC_X86_INS_MOVDQ2Q = 372
' UC_X86_INS_MOVNTQ = 373
' UC_X86_INS_MOVQ2DQ = 374
' UC_X86_INS_MOVQ = 375
' UC_X86_INS_PABSB = 376
' UC_X86_INS_PABSD = 377
' UC_X86_INS_PABSW = 378
' UC_X86_INS_PACKSSDW = 379
' UC_X86_INS_PACKSSWB = 380
' UC_X86_INS_PACKUSWB = 381
' UC_X86_INS_PADDB = 382
' UC_X86_INS_PADDD = 383
' UC_X86_INS_PADDQ = 384
' UC_X86_INS_PADDSB = 385
' UC_X86_INS_PADDSW = 386
' UC_X86_INS_PADDUSB = 387
' UC_X86_INS_PADDUSW = 388
' UC_X86_INS_PADDW = 389
' UC_X86_INS_PALIGNR = 390
' UC_X86_INS_PANDN = 391
' UC_X86_INS_PAND = 392
' UC_X86_INS_PAVGB = 393
' UC_X86_INS_PAVGW = 394
' UC_X86_INS_PCMPEQB = 395
' UC_X86_INS_PCMPEQD = 396
' UC_X86_INS_PCMPEQW = 397
' UC_X86_INS_PCMPGTB = 398
' UC_X86_INS_PCMPGTD = 399
' UC_X86_INS_PCMPGTW = 400
' UC_X86_INS_PEXTRW = 401
' UC_X86_INS_PHADDSW = 402
' UC_X86_INS_PHADDW = 403
' UC_X86_INS_PHADDD = 404
' UC_X86_INS_PHSUBD = 405
' UC_X86_INS_PHSUBSW = 406
' UC_X86_INS_PHSUBW = 407
' UC_X86_INS_PINSRW = 408
' UC_X86_INS_PMADDUBSW = 409
' UC_X86_INS_PMADDWD = 410
' UC_X86_INS_PMAXSW = 411
' UC_X86_INS_PMAXUB = 412
' UC_X86_INS_PMINSW = 413
' UC_X86_INS_PMINUB = 414
' UC_X86_INS_PMOVMSKB = 415
' UC_X86_INS_PMULHRSW = 416
' UC_X86_INS_PMULHUW = 417
' UC_X86_INS_PMULHW = 418
' UC_X86_INS_PMULLW = 419
' UC_X86_INS_PMULUDQ = 420
' UC_X86_INS_POR = 421
' UC_X86_INS_PSADBW = 422
' UC_X86_INS_PSHUFB = 423
' UC_X86_INS_PSHUFW = 424
' UC_X86_INS_PSIGNB = 425
' UC_X86_INS_PSIGND = 426
' UC_X86_INS_PSIGNW = 427
' UC_X86_INS_PSLLD = 428
' UC_X86_INS_PSLLQ = 429
' UC_X86_INS_PSLLW = 430
' UC_X86_INS_PSRAD = 431
' UC_X86_INS_PSRAW = 432
' UC_X86_INS_PSRLD = 433
' UC_X86_INS_PSRLQ = 434
' UC_X86_INS_PSRLW = 435
' UC_X86_INS_PSUBB = 436
' UC_X86_INS_PSUBD = 437
' UC_X86_INS_PSUBQ = 438
' UC_X86_INS_PSUBSB = 439
' UC_X86_INS_PSUBSW = 440
' UC_X86_INS_PSUBUSB = 441
' UC_X86_INS_PSUBUSW = 442
' UC_X86_INS_PSUBW = 443
' UC_X86_INS_PUNPCKHBW = 444
' UC_X86_INS_PUNPCKHDQ = 445
' UC_X86_INS_PUNPCKHWD = 446
' UC_X86_INS_PUNPCKLBW = 447
' UC_X86_INS_PUNPCKLDQ = 448
' UC_X86_INS_PUNPCKLWD = 449
' UC_X86_INS_PXOR = 450
' UC_X86_INS_MONITOR = 451
' UC_X86_INS_MONTMUL = 452
' UC_X86_INS_MOV = 453
' UC_X86_INS_MOVABS = 454
' UC_X86_INS_MOVBE = 455
' UC_X86_INS_MOVDDUP = 456
' UC_X86_INS_MOVDQA = 457
' UC_X86_INS_MOVDQU = 458
' UC_X86_INS_MOVHLPS = 459
' UC_X86_INS_MOVHPD = 460
' UC_X86_INS_MOVHPS = 461
' UC_X86_INS_MOVLHPS = 462
' UC_X86_INS_MOVLPD = 463
' UC_X86_INS_MOVLPS = 464
' UC_X86_INS_MOVMSKPD = 465
' UC_X86_INS_MOVMSKPS = 466
' UC_X86_INS_MOVNTDQA = 467
' UC_X86_INS_MOVNTDQ = 468
' UC_X86_INS_MOVNTI = 469
' UC_X86_INS_MOVNTPD = 470
' UC_X86_INS_MOVNTPS = 471
' UC_X86_INS_MOVNTSD = 472
' UC_X86_INS_MOVNTSS = 473
' UC_X86_INS_MOVSB = 474
' UC_X86_INS_MOVSD = 475
' UC_X86_INS_MOVSHDUP = 476
' UC_X86_INS_MOVSLDUP = 477
' UC_X86_INS_MOVSQ = 478
' UC_X86_INS_MOVSS = 479
' UC_X86_INS_MOVSW = 480
' UC_X86_INS_MOVSX = 481
' UC_X86_INS_MOVSXD = 482
' UC_X86_INS_MOVUPD = 483
' UC_X86_INS_MOVUPS = 484
' UC_X86_INS_MOVZX = 485
' UC_X86_INS_MPSADBW = 486
' UC_X86_INS_MUL = 487
' UC_X86_INS_MULPD = 488
' UC_X86_INS_MULPS = 489
' UC_X86_INS_MULSD = 490
' UC_X86_INS_MULSS = 491
' UC_X86_INS_MULX = 492
' UC_X86_INS_FMUL = 493
' UC_X86_INS_FIMUL = 494
' UC_X86_INS_FMULP = 495
' UC_X86_INS_MWAIT = 496
' UC_X86_INS_NEG = 497
' UC_X86_INS_NOP = 498
' UC_X86_INS_NOT = 499
' UC_X86_INS_OUT = 500
' UC_X86_INS_OUTSB = 501
' UC_X86_INS_OUTSD = 502
' UC_X86_INS_OUTSW = 503
' UC_X86_INS_PACKUSDW = 504
' UC_X86_INS_PAUSE = 505
' UC_X86_INS_PAVGUSB = 506
' UC_X86_INS_PBLENDVB = 507
' UC_X86_INS_PBLENDW = 508
' UC_X86_INS_PCLMULQDQ = 509
' UC_X86_INS_PCMPEQQ = 510
' UC_X86_INS_PCMPESTRI = 511
' UC_X86_INS_PCMPESTRM = 512
' UC_X86_INS_PCMPGTQ = 513
' UC_X86_INS_PCMPISTRI = 514
' UC_X86_INS_PCMPISTRM = 515
' UC_X86_INS_PCOMMIT = 516
' UC_X86_INS_PDEP = 517
' UC_X86_INS_PEXT = 518
' UC_X86_INS_PEXTRB = 519
' UC_X86_INS_PEXTRD = 520
' UC_X86_INS_PEXTRQ = 521
' UC_X86_INS_PF2ID = 522
' UC_X86_INS_PF2IW = 523
' UC_X86_INS_PFACC = 524
' UC_X86_INS_PFADD = 525
' UC_X86_INS_PFCMPEQ = 526
' UC_X86_INS_PFCMPGE = 527
' UC_X86_INS_PFCMPGT = 528
' UC_X86_INS_PFMAX = 529
' UC_X86_INS_PFMIN = 530
' UC_X86_INS_PFMUL = 531
' UC_X86_INS_PFNACC = 532
' UC_X86_INS_PFPNACC = 533
' UC_X86_INS_PFRCPIT1 = 534
' UC_X86_INS_PFRCPIT2 = 535
' UC_X86_INS_PFRCP = 536
' UC_X86_INS_PFRSQIT1 = 537
' UC_X86_INS_PFRSQRT = 538
' UC_X86_INS_PFSUBR = 539
' UC_X86_INS_PFSUB = 540
' UC_X86_INS_PHMINPOSUW = 541
' UC_X86_INS_PI2FD = 542
' UC_X86_INS_PI2FW = 543
' UC_X86_INS_PINSRB = 544
' UC_X86_INS_PINSRD = 545
' UC_X86_INS_PINSRQ = 546
' UC_X86_INS_PMAXSB = 547
' UC_X86_INS_PMAXSD = 548
' UC_X86_INS_PMAXUD = 549
' UC_X86_INS_PMAXUW = 550
' UC_X86_INS_PMINSB = 551
' UC_X86_INS_PMINSD = 552
' UC_X86_INS_PMINUD = 553
' UC_X86_INS_PMINUW = 554
' UC_X86_INS_PMOVSXBD = 555
' UC_X86_INS_PMOVSXBQ = 556
' UC_X86_INS_PMOVSXBW = 557
' UC_X86_INS_PMOVSXDQ = 558
' UC_X86_INS_PMOVSXWD = 559
' UC_X86_INS_PMOVSXWQ = 560
' UC_X86_INS_PMOVZXBD = 561
' UC_X86_INS_PMOVZXBQ = 562
' UC_X86_INS_PMOVZXBW = 563
' UC_X86_INS_PMOVZXDQ = 564
' UC_X86_INS_PMOVZXWD = 565
' UC_X86_INS_PMOVZXWQ = 566
' UC_X86_INS_PMULDQ = 567
' UC_X86_INS_PMULHRW = 568
' UC_X86_INS_PMULLD = 569
' UC_X86_INS_POP = 570
' UC_X86_INS_POPAW = 571
' UC_X86_INS_POPAL = 572
' UC_X86_INS_POPCNT = 573
' UC_X86_INS_POPF = 574
' UC_X86_INS_POPFD = 575
' UC_X86_INS_POPFQ = 576
' UC_X86_INS_PREFETCH = 577
' UC_X86_INS_PREFETCHNTA = 578
' UC_X86_INS_PREFETCHT0 = 579
' UC_X86_INS_PREFETCHT1 = 580
' UC_X86_INS_PREFETCHT2 = 581
' UC_X86_INS_PREFETCHW = 582
' UC_X86_INS_PSHUFD = 583
' UC_X86_INS_PSHUFHW = 584
' UC_X86_INS_PSHUFLW = 585
' UC_X86_INS_PSLLDQ = 586
' UC_X86_INS_PSRLDQ = 587
' UC_X86_INS_PSWAPD = 588
' UC_X86_INS_PTEST = 589
' UC_X86_INS_PUNPCKHQDQ = 590
' UC_X86_INS_PUNPCKLQDQ = 591
' UC_X86_INS_PUSH = 592
' UC_X86_INS_PUSHAW = 593
' UC_X86_INS_PUSHAL = 594
' UC_X86_INS_PUSHF = 595
' UC_X86_INS_PUSHFD = 596
' UC_X86_INS_PUSHFQ = 597
' UC_X86_INS_RCL = 598
' UC_X86_INS_RCPPS = 599
' UC_X86_INS_RCPSS = 600
' UC_X86_INS_RCR = 601
' UC_X86_INS_RDFSBASE = 602
' UC_X86_INS_RDGSBASE = 603
' UC_X86_INS_RDMSR = 604
' UC_X86_INS_RDPMC = 605
' UC_X86_INS_RDRAND = 606
' UC_X86_INS_RDSEED = 607
' UC_X86_INS_RDTSC = 608
' UC_X86_INS_RDTSCP = 609
' UC_X86_INS_ROL = 610
' UC_X86_INS_ROR = 611
' UC_X86_INS_RORX = 612
' UC_X86_INS_ROUNDPD = 613
' UC_X86_INS_ROUNDPS = 614
' UC_X86_INS_ROUNDSD = 615
' UC_X86_INS_ROUNDSS = 616
' UC_X86_INS_RSM = 617
' UC_X86_INS_RSQRTPS = 618
' UC_X86_INS_RSQRTSS = 619
' UC_X86_INS_SAHF = 620
' UC_X86_INS_SAL = 621
' UC_X86_INS_SALC = 622
' UC_X86_INS_SAR = 623
' UC_X86_INS_SARX = 624
' UC_X86_INS_SBB = 625
' UC_X86_INS_SCASB = 626
' UC_X86_INS_SCASD = 627
' UC_X86_INS_SCASQ = 628
' UC_X86_INS_SCASW = 629
' UC_X86_INS_SETAE = 630
' UC_X86_INS_SETA = 631
' UC_X86_INS_SETBE = 632
' UC_X86_INS_SETB = 633
' UC_X86_INS_SETE = 634
' UC_X86_INS_SETGE = 635
' UC_X86_INS_SETG = 636
' UC_X86_INS_SETLE = 637
' UC_X86_INS_SETL = 638
' UC_X86_INS_SETNE = 639
' UC_X86_INS_SETNO = 640
' UC_X86_INS_SETNP = 641
' UC_X86_INS_SETNS = 642
' UC_X86_INS_SETO = 643
' UC_X86_INS_SETP = 644
' UC_X86_INS_SETS = 645
' UC_X86_INS_SFENCE = 646
' UC_X86_INS_SGDT = 647
' UC_X86_INS_SHA1MSG1 = 648
' UC_X86_INS_SHA1MSG2 = 649
' UC_X86_INS_SHA1NEXTE = 650
' UC_X86_INS_SHA1RNDS4 = 651
' UC_X86_INS_SHA256MSG1 = 652
' UC_X86_INS_SHA256MSG2 = 653
' UC_X86_INS_SHA256RNDS2 = 654
' UC_X86_INS_SHL = 655
' UC_X86_INS_SHLD = 656
' UC_X86_INS_SHLX = 657
' UC_X86_INS_SHR = 658
' UC_X86_INS_SHRD = 659
' UC_X86_INS_SHRX = 660
' UC_X86_INS_SHUFPD = 661
' UC_X86_INS_SHUFPS = 662
' UC_X86_INS_SIDT = 663
' UC_X86_INS_FSIN = 664
' UC_X86_INS_SKINIT = 665
' UC_X86_INS_SLDT = 666
' UC_X86_INS_SMSW = 667
' UC_X86_INS_SQRTPD = 668
' UC_X86_INS_SQRTPS = 669
' UC_X86_INS_SQRTSD = 670
' UC_X86_INS_SQRTSS = 671
' UC_X86_INS_FSQRT = 672
' UC_X86_INS_STAC = 673
' UC_X86_INS_STC = 674
' UC_X86_INS_STD = 675
' UC_X86_INS_STGI = 676
' UC_X86_INS_STI = 677
' UC_X86_INS_STMXCSR = 678
' UC_X86_INS_STOSB = 679
' UC_X86_INS_STOSD = 680
' UC_X86_INS_STOSQ = 681
' UC_X86_INS_STOSW = 682
' UC_X86_INS_STR = 683
' UC_X86_INS_FST = 684
' UC_X86_INS_FSTP = 685
' UC_X86_INS_FSTPNCE = 686
' UC_X86_INS_FXCH = 687
' UC_X86_INS_SUBPD = 688
' UC_X86_INS_SUBPS = 689
' UC_X86_INS_FSUBR = 690
' UC_X86_INS_FISUBR = 691
' UC_X86_INS_FSUBRP = 692
' UC_X86_INS_SUBSD = 693
' UC_X86_INS_SUBSS = 694
' UC_X86_INS_FSUB = 695
' UC_X86_INS_FISUB = 696
' UC_X86_INS_FSUBP = 697
' UC_X86_INS_SWAPGS = 698
' UC_X86_INS_SYSCALL = 699
' UC_X86_INS_SYSENTER = 700
' UC_X86_INS_SYSEXIT = 701
' UC_X86_INS_SYSRET = 702
' UC_X86_INS_T1MSKC = 703
' UC_X86_INS_TEST = 704
' UC_X86_INS_UD2 = 705
' UC_X86_INS_FTST = 706
' UC_X86_INS_TZCNT = 707
' UC_X86_INS_TZMSK = 708
' UC_X86_INS_FUCOMPI = 709
' UC_X86_INS_FUCOMI = 710
' UC_X86_INS_FUCOMPP = 711
' UC_X86_INS_FUCOMP = 712
' UC_X86_INS_FUCOM = 713
' UC_X86_INS_UD2B = 714
' UC_X86_INS_UNPCKHPD = 715
' UC_X86_INS_UNPCKHPS = 716
' UC_X86_INS_UNPCKLPD = 717
' UC_X86_INS_UNPCKLPS = 718
' UC_X86_INS_VADDPD = 719
' UC_X86_INS_VADDPS = 720
' UC_X86_INS_VADDSD = 721
' UC_X86_INS_VADDSS = 722
' UC_X86_INS_VADDSUBPD = 723
' UC_X86_INS_VADDSUBPS = 724
' UC_X86_INS_VAESDECLAST = 725
' UC_X86_INS_VAESDEC = 726
' UC_X86_INS_VAESENCLAST = 727
' UC_X86_INS_VAESENC = 728
' UC_X86_INS_VAESIMC = 729
' UC_X86_INS_VAESKEYGENASSIST = 730
' UC_X86_INS_VALIGND = 731
' UC_X86_INS_VALIGNQ = 732
' UC_X86_INS_VANDNPD = 733
' UC_X86_INS_VANDNPS = 734
' UC_X86_INS_VANDPD = 735
' UC_X86_INS_VANDPS = 736
' UC_X86_INS_VBLENDMPD = 737
' UC_X86_INS_VBLENDMPS = 738
' UC_X86_INS_VBLENDPD = 739
' UC_X86_INS_VBLENDPS = 740
' UC_X86_INS_VBLENDVPD = 741
' UC_X86_INS_VBLENDVPS = 742
' UC_X86_INS_VBROADCASTF128 = 743
' UC_X86_INS_VBROADCASTI32X4 = 744
' UC_X86_INS_VBROADCASTI64X4 = 745
' UC_X86_INS_VBROADCASTSD = 746
' UC_X86_INS_VBROADCASTSS = 747
' UC_X86_INS_VCMPPD = 748
' UC_X86_INS_VCMPPS = 749
' UC_X86_INS_VCMPSD = 750
' UC_X86_INS_VCMPSS = 751
' UC_X86_INS_VCOMPRESSPD = 752
' UC_X86_INS_VCOMPRESSPS = 753
' UC_X86_INS_VCVTDQ2PD = 754
' UC_X86_INS_VCVTDQ2PS = 755
' UC_X86_INS_VCVTPD2DQX = 756
' UC_X86_INS_VCVTPD2DQ = 757
' UC_X86_INS_VCVTPD2PSX = 758
' UC_X86_INS_VCVTPD2PS = 759
' UC_X86_INS_VCVTPD2UDQ = 760
' UC_X86_INS_VCVTPH2PS = 761
' UC_X86_INS_VCVTPS2DQ = 762
' UC_X86_INS_VCVTPS2PD = 763
' UC_X86_INS_VCVTPS2PH = 764
' UC_X86_INS_VCVTPS2UDQ = 765
' UC_X86_INS_VCVTSD2SI = 766
' UC_X86_INS_VCVTSD2USI = 767
' UC_X86_INS_VCVTSS2SI = 768
' UC_X86_INS_VCVTSS2USI = 769
' UC_X86_INS_VCVTTPD2DQX = 770
' UC_X86_INS_VCVTTPD2DQ = 771
' UC_X86_INS_VCVTTPD2UDQ = 772
' UC_X86_INS_VCVTTPS2DQ = 773
' UC_X86_INS_VCVTTPS2UDQ = 774
' UC_X86_INS_VCVTUDQ2PD = 775
' UC_X86_INS_VCVTUDQ2PS = 776
' UC_X86_INS_VDIVPD = 777
' UC_X86_INS_VDIVPS = 778
' UC_X86_INS_VDIVSD = 779
' UC_X86_INS_VDIVSS = 780
' UC_X86_INS_VDPPD = 781
' UC_X86_INS_VDPPS = 782
' UC_X86_INS_VERR = 783
' UC_X86_INS_VERW = 784
' UC_X86_INS_VEXP2PD = 785
' UC_X86_INS_VEXP2PS = 786
' UC_X86_INS_VEXPANDPD = 787
' UC_X86_INS_VEXPANDPS = 788
' UC_X86_INS_VEXTRACTF128 = 789
' UC_X86_INS_VEXTRACTF32X4 = 790
' UC_X86_INS_VEXTRACTF64X4 = 791
' UC_X86_INS_VEXTRACTI128 = 792
' UC_X86_INS_VEXTRACTI32X4 = 793
' UC_X86_INS_VEXTRACTI64X4 = 794
' UC_X86_INS_VEXTRACTPS = 795
' UC_X86_INS_VFMADD132PD = 796
' UC_X86_INS_VFMADD132PS = 797
' UC_X86_INS_VFMADDPD = 798
' UC_X86_INS_VFMADD213PD = 799
' UC_X86_INS_VFMADD231PD = 800
' UC_X86_INS_VFMADDPS = 801
' UC_X86_INS_VFMADD213PS = 802
' UC_X86_INS_VFMADD231PS = 803
' UC_X86_INS_VFMADDSD = 804
' UC_X86_INS_VFMADD213SD = 805
' UC_X86_INS_VFMADD132SD = 806
' UC_X86_INS_VFMADD231SD = 807
' UC_X86_INS_VFMADDSS = 808
' UC_X86_INS_VFMADD213SS = 809
' UC_X86_INS_VFMADD132SS = 810
' UC_X86_INS_VFMADD231SS = 811
' UC_X86_INS_VFMADDSUB132PD = 812
' UC_X86_INS_VFMADDSUB132PS = 813
' UC_X86_INS_VFMADDSUBPD = 814
' UC_X86_INS_VFMADDSUB213PD = 815
' UC_X86_INS_VFMADDSUB231PD = 816
' UC_X86_INS_VFMADDSUBPS = 817
' UC_X86_INS_VFMADDSUB213PS = 818
' UC_X86_INS_VFMADDSUB231PS = 819
' UC_X86_INS_VFMSUB132PD = 820
' UC_X86_INS_VFMSUB132PS = 821
' UC_X86_INS_VFMSUBADD132PD = 822
' UC_X86_INS_VFMSUBADD132PS = 823
' UC_X86_INS_VFMSUBADDPD = 824
' UC_X86_INS_VFMSUBADD213PD = 825
' UC_X86_INS_VFMSUBADD231PD = 826
' UC_X86_INS_VFMSUBADDPS = 827
' UC_X86_INS_VFMSUBADD213PS = 828
' UC_X86_INS_VFMSUBADD231PS = 829
' UC_X86_INS_VFMSUBPD = 830
' UC_X86_INS_VFMSUB213PD = 831
' UC_X86_INS_VFMSUB231PD = 832
' UC_X86_INS_VFMSUBPS = 833
' UC_X86_INS_VFMSUB213PS = 834
' UC_X86_INS_VFMSUB231PS = 835
' UC_X86_INS_VFMSUBSD = 836
' UC_X86_INS_VFMSUB213SD = 837
' UC_X86_INS_VFMSUB132SD = 838
' UC_X86_INS_VFMSUB231SD = 839
' UC_X86_INS_VFMSUBSS = 840
' UC_X86_INS_VFMSUB213SS = 841
' UC_X86_INS_VFMSUB132SS = 842
' UC_X86_INS_VFMSUB231SS = 843
' UC_X86_INS_VFNMADD132PD = 844
' UC_X86_INS_VFNMADD132PS = 845
' UC_X86_INS_VFNMADDPD = 846
' UC_X86_INS_VFNMADD213PD = 847
' UC_X86_INS_VFNMADD231PD = 848
' UC_X86_INS_VFNMADDPS = 849
' UC_X86_INS_VFNMADD213PS = 850
' UC_X86_INS_VFNMADD231PS = 851
' UC_X86_INS_VFNMADDSD = 852
' UC_X86_INS_VFNMADD213SD = 853
' UC_X86_INS_VFNMADD132SD = 854
' UC_X86_INS_VFNMADD231SD = 855
' UC_X86_INS_VFNMADDSS = 856
' UC_X86_INS_VFNMADD213SS = 857
' UC_X86_INS_VFNMADD132SS = 858
' UC_X86_INS_VFNMADD231SS = 859
' UC_X86_INS_VFNMSUB132PD = 860
' UC_X86_INS_VFNMSUB132PS = 861
' UC_X86_INS_VFNMSUBPD = 862
' UC_X86_INS_VFNMSUB213PD = 863
' UC_X86_INS_VFNMSUB231PD = 864
' UC_X86_INS_VFNMSUBPS = 865
' UC_X86_INS_VFNMSUB213PS = 866
' UC_X86_INS_VFNMSUB231PS = 867
' UC_X86_INS_VFNMSUBSD = 868
' UC_X86_INS_VFNMSUB213SD = 869
' UC_X86_INS_VFNMSUB132SD = 870
' UC_X86_INS_VFNMSUB231SD = 871
' UC_X86_INS_VFNMSUBSS = 872
' UC_X86_INS_VFNMSUB213SS = 873
' UC_X86_INS_VFNMSUB132SS = 874
' UC_X86_INS_VFNMSUB231SS = 875
' UC_X86_INS_VFRCZPD = 876
' UC_X86_INS_VFRCZPS = 877
' UC_X86_INS_VFRCZSD = 878
' UC_X86_INS_VFRCZSS = 879
' UC_X86_INS_VORPD = 880
' UC_X86_INS_VORPS = 881
' UC_X86_INS_VXORPD = 882
' UC_X86_INS_VXORPS = 883
' UC_X86_INS_VGATHERDPD = 884
' UC_X86_INS_VGATHERDPS = 885
' UC_X86_INS_VGATHERPF0DPD = 886
' UC_X86_INS_VGATHERPF0DPS = 887
' UC_X86_INS_VGATHERPF0QPD = 888
' UC_X86_INS_VGATHERPF0QPS = 889
' UC_X86_INS_VGATHERPF1DPD = 890
' UC_X86_INS_VGATHERPF1DPS = 891
' UC_X86_INS_VGATHERPF1QPD = 892
' UC_X86_INS_VGATHERPF1QPS = 893
' UC_X86_INS_VGATHERQPD = 894
' UC_X86_INS_VGATHERQPS = 895
' UC_X86_INS_VHADDPD = 896
' UC_X86_INS_VHADDPS = 897
' UC_X86_INS_VHSUBPD = 898
' UC_X86_INS_VHSUBPS = 899
' UC_X86_INS_VINSERTF128 = 900
' UC_X86_INS_VINSERTF32X4 = 901
' UC_X86_INS_VINSERTF32X8 = 902
' UC_X86_INS_VINSERTF64X2 = 903
' UC_X86_INS_VINSERTF64X4 = 904
' UC_X86_INS_VINSERTI128 = 905
' UC_X86_INS_VINSERTI32X4 = 906
' UC_X86_INS_VINSERTI32X8 = 907
' UC_X86_INS_VINSERTI64X2 = 908
' UC_X86_INS_VINSERTI64X4 = 909
' UC_X86_INS_VINSERTPS = 910
' UC_X86_INS_VLDDQU = 911
' UC_X86_INS_VLDMXCSR = 912
' UC_X86_INS_VMASKMOVDQU = 913
' UC_X86_INS_VMASKMOVPD = 914
' UC_X86_INS_VMASKMOVPS = 915
' UC_X86_INS_VMAXPD = 916
' UC_X86_INS_VMAXPS = 917
' UC_X86_INS_VMAXSD = 918
' UC_X86_INS_VMAXSS = 919
' UC_X86_INS_VMCALL = 920
' UC_X86_INS_VMCLEAR = 921
' UC_X86_INS_VMFUNC = 922
' UC_X86_INS_VMINPD = 923
' UC_X86_INS_VMINPS = 924
' UC_X86_INS_VMINSD = 925
' UC_X86_INS_VMINSS = 926
' UC_X86_INS_VMLAUNCH = 927
' UC_X86_INS_VMLOAD = 928
' UC_X86_INS_VMMCALL = 929
' UC_X86_INS_VMOVQ = 930
' UC_X86_INS_VMOVDDUP = 931
' UC_X86_INS_VMOVD = 932
' UC_X86_INS_VMOVDQA32 = 933
' UC_X86_INS_VMOVDQA64 = 934
' UC_X86_INS_VMOVDQA = 935
' UC_X86_INS_VMOVDQU16 = 936
' UC_X86_INS_VMOVDQU32 = 937
' UC_X86_INS_VMOVDQU64 = 938
' UC_X86_INS_VMOVDQU8 = 939
' UC_X86_INS_VMOVDQU = 940
' UC_X86_INS_VMOVHLPS = 941
' UC_X86_INS_VMOVHPD = 942
' UC_X86_INS_VMOVHPS = 943
' UC_X86_INS_VMOVLHPS = 944
' UC_X86_INS_VMOVLPD = 945
' UC_X86_INS_VMOVLPS = 946
' UC_X86_INS_VMOVMSKPD = 947
' UC_X86_INS_VMOVMSKPS = 948
' UC_X86_INS_VMOVNTDQA = 949
' UC_X86_INS_VMOVNTDQ = 950
' UC_X86_INS_VMOVNTPD = 951
' UC_X86_INS_VMOVNTPS = 952
' UC_X86_INS_VMOVSD = 953
' UC_X86_INS_VMOVSHDUP = 954
' UC_X86_INS_VMOVSLDUP = 955
' UC_X86_INS_VMOVSS = 956
' UC_X86_INS_VMOVUPD = 957
' UC_X86_INS_VMOVUPS = 958
' UC_X86_INS_VMPSADBW = 959
' UC_X86_INS_VMPTRLD = 960
' UC_X86_INS_VMPTRST = 961
' UC_X86_INS_VMREAD = 962
' UC_X86_INS_VMRESUME = 963
' UC_X86_INS_VMRUN = 964
' UC_X86_INS_VMSAVE = 965
' UC_X86_INS_VMULPD = 966
' UC_X86_INS_VMULPS = 967
' UC_X86_INS_VMULSD = 968
' UC_X86_INS_VMULSS = 969
' UC_X86_INS_VMWRITE = 970
' UC_X86_INS_VMXOFF = 971
' UC_X86_INS_VMXON = 972
' UC_X86_INS_VPABSB = 973
' UC_X86_INS_VPABSD = 974
' UC_X86_INS_VPABSQ = 975
' UC_X86_INS_VPABSW = 976
' UC_X86_INS_VPACKSSDW = 977
' UC_X86_INS_VPACKSSWB = 978
' UC_X86_INS_VPACKUSDW = 979
' UC_X86_INS_VPACKUSWB = 980
' UC_X86_INS_VPADDB = 981
' UC_X86_INS_VPADDD = 982
' UC_X86_INS_VPADDQ = 983
' UC_X86_INS_VPADDSB = 984
' UC_X86_INS_VPADDSW = 985
' UC_X86_INS_VPADDUSB = 986
' UC_X86_INS_VPADDUSW = 987
' UC_X86_INS_VPADDW = 988
' UC_X86_INS_VPALIGNR = 989
' UC_X86_INS_VPANDD = 990
' UC_X86_INS_VPANDND = 991
' UC_X86_INS_VPANDNQ = 992
' UC_X86_INS_VPANDN = 993
' UC_X86_INS_VPANDQ = 994
' UC_X86_INS_VPAND = 995
' UC_X86_INS_VPAVGB = 996
' UC_X86_INS_VPAVGW = 997
' UC_X86_INS_VPBLENDD = 998
' UC_X86_INS_VPBLENDMB = 999
' UC_X86_INS_VPBLENDMD = 1000
' UC_X86_INS_VPBLENDMQ = 1001
' UC_X86_INS_VPBLENDMW = 1002
' UC_X86_INS_VPBLENDVB = 1003
' UC_X86_INS_VPBLENDW = 1004
' UC_X86_INS_VPBROADCASTB = 1005
' UC_X86_INS_VPBROADCASTD = 1006
' UC_X86_INS_VPBROADCASTMB2Q = 1007
' UC_X86_INS_VPBROADCASTMW2D = 1008
' UC_X86_INS_VPBROADCASTQ = 1009
' UC_X86_INS_VPBROADCASTW = 1010
' UC_X86_INS_VPCLMULQDQ = 1011
' UC_X86_INS_VPCMOV = 1012
' UC_X86_INS_VPCMPB = 1013
' UC_X86_INS_VPCMPD = 1014
' UC_X86_INS_VPCMPEQB = 1015
' UC_X86_INS_VPCMPEQD = 1016
' UC_X86_INS_VPCMPEQQ = 1017
' UC_X86_INS_VPCMPEQW = 1018
' UC_X86_INS_VPCMPESTRI = 1019
' UC_X86_INS_VPCMPESTRM = 1020
' UC_X86_INS_VPCMPGTB = 1021
' UC_X86_INS_VPCMPGTD = 1022
' UC_X86_INS_VPCMPGTQ = 1023
' UC_X86_INS_VPCMPGTW = 1024
' UC_X86_INS_VPCMPISTRI = 1025
' UC_X86_INS_VPCMPISTRM = 1026
' UC_X86_INS_VPCMPQ = 1027
' UC_X86_INS_VPCMPUB = 1028
' UC_X86_INS_VPCMPUD = 1029
' UC_X86_INS_VPCMPUQ = 1030
' UC_X86_INS_VPCMPUW = 1031
' UC_X86_INS_VPCMPW = 1032
' UC_X86_INS_VPCOMB = 1033
' UC_X86_INS_VPCOMD = 1034
' UC_X86_INS_VPCOMPRESSD = 1035
' UC_X86_INS_VPCOMPRESSQ = 1036
' UC_X86_INS_VPCOMQ = 1037
' UC_X86_INS_VPCOMUB = 1038
' UC_X86_INS_VPCOMUD = 1039
' UC_X86_INS_VPCOMUQ = 1040
' UC_X86_INS_VPCOMUW = 1041
' UC_X86_INS_VPCOMW = 1042
' UC_X86_INS_VPCONFLICTD = 1043
' UC_X86_INS_VPCONFLICTQ = 1044
' UC_X86_INS_VPERM2F128 = 1045
' UC_X86_INS_VPERM2I128 = 1046
' UC_X86_INS_VPERMD = 1047
' UC_X86_INS_VPERMI2D = 1048
' UC_X86_INS_VPERMI2PD = 1049
' UC_X86_INS_VPERMI2PS = 1050
' UC_X86_INS_VPERMI2Q = 1051
' UC_X86_INS_VPERMIL2PD = 1052
' UC_X86_INS_VPERMIL2PS = 1053
' UC_X86_INS_VPERMILPD = 1054
' UC_X86_INS_VPERMILPS = 1055
' UC_X86_INS_VPERMPD = 1056
' UC_X86_INS_VPERMPS = 1057
' UC_X86_INS_VPERMQ = 1058
' UC_X86_INS_VPERMT2D = 1059
' UC_X86_INS_VPERMT2PD = 1060
' UC_X86_INS_VPERMT2PS = 1061
' UC_X86_INS_VPERMT2Q = 1062
' UC_X86_INS_VPEXPANDD = 1063
' UC_X86_INS_VPEXPANDQ = 1064
' UC_X86_INS_VPEXTRB = 1065
' UC_X86_INS_VPEXTRD = 1066
' UC_X86_INS_VPEXTRQ = 1067
' UC_X86_INS_VPEXTRW = 1068
' UC_X86_INS_VPGATHERDD = 1069
' UC_X86_INS_VPGATHERDQ = 1070
' UC_X86_INS_VPGATHERQD = 1071
' UC_X86_INS_VPGATHERQQ = 1072
' UC_X86_INS_VPHADDBD = 1073
' UC_X86_INS_VPHADDBQ = 1074
' UC_X86_INS_VPHADDBW = 1075
' UC_X86_INS_VPHADDDQ = 1076
' UC_X86_INS_VPHADDD = 1077
' UC_X86_INS_VPHADDSW = 1078
' UC_X86_INS_VPHADDUBD = 1079
' UC_X86_INS_VPHADDUBQ = 1080
' UC_X86_INS_VPHADDUBW = 1081
' UC_X86_INS_VPHADDUDQ = 1082
' UC_X86_INS_VPHADDUWD = 1083
' UC_X86_INS_VPHADDUWQ = 1084
' UC_X86_INS_VPHADDWD = 1085
' UC_X86_INS_VPHADDWQ = 1086
' UC_X86_INS_VPHADDW = 1087
' UC_X86_INS_VPHMINPOSUW = 1088
' UC_X86_INS_VPHSUBBW = 1089
' UC_X86_INS_VPHSUBDQ = 1090
' UC_X86_INS_VPHSUBD = 1091
' UC_X86_INS_VPHSUBSW = 1092
' UC_X86_INS_VPHSUBWD = 1093
' UC_X86_INS_VPHSUBW = 1094
' UC_X86_INS_VPINSRB = 1095
' UC_X86_INS_VPINSRD = 1096
' UC_X86_INS_VPINSRQ = 1097
' UC_X86_INS_VPINSRW = 1098
' UC_X86_INS_VPLZCNTD = 1099
' UC_X86_INS_VPLZCNTQ = 1100
' UC_X86_INS_VPMACSDD = 1101
' UC_X86_INS_VPMACSDQH = 1102
' UC_X86_INS_VPMACSDQL = 1103
' UC_X86_INS_VPMACSSDD = 1104
' UC_X86_INS_VPMACSSDQH = 1105
' UC_X86_INS_VPMACSSDQL = 1106
' UC_X86_INS_VPMACSSWD = 1107
' UC_X86_INS_VPMACSSWW = 1108
' UC_X86_INS_VPMACSWD = 1109
' UC_X86_INS_VPMACSWW = 1110
' UC_X86_INS_VPMADCSSWD = 1111
' UC_X86_INS_VPMADCSWD = 1112
' UC_X86_INS_VPMADDUBSW = 1113
' UC_X86_INS_VPMADDWD = 1114
' UC_X86_INS_VPMASKMOVD = 1115
' UC_X86_INS_VPMASKMOVQ = 1116
' UC_X86_INS_VPMAXSB = 1117
' UC_X86_INS_VPMAXSD = 1118
' UC_X86_INS_VPMAXSQ = 1119
' UC_X86_INS_VPMAXSW = 1120
' UC_X86_INS_VPMAXUB = 1121
' UC_X86_INS_VPMAXUD = 1122
' UC_X86_INS_VPMAXUQ = 1123
' UC_X86_INS_VPMAXUW = 1124
' UC_X86_INS_VPMINSB = 1125
' UC_X86_INS_VPMINSD = 1126
' UC_X86_INS_VPMINSQ = 1127
' UC_X86_INS_VPMINSW = 1128
' UC_X86_INS_VPMINUB = 1129
' UC_X86_INS_VPMINUD = 1130
' UC_X86_INS_VPMINUQ = 1131
' UC_X86_INS_VPMINUW = 1132
' UC_X86_INS_VPMOVDB = 1133
' UC_X86_INS_VPMOVDW = 1134
' UC_X86_INS_VPMOVM2B = 1135
' UC_X86_INS_VPMOVM2D = 1136
' UC_X86_INS_VPMOVM2Q = 1137
' UC_X86_INS_VPMOVM2W = 1138
' UC_X86_INS_VPMOVMSKB = 1139
' UC_X86_INS_VPMOVQB = 1140
' UC_X86_INS_VPMOVQD = 1141
' UC_X86_INS_VPMOVQW = 1142
' UC_X86_INS_VPMOVSDB = 1143
' UC_X86_INS_VPMOVSDW = 1144
' UC_X86_INS_VPMOVSQB = 1145
' UC_X86_INS_VPMOVSQD = 1146
' UC_X86_INS_VPMOVSQW = 1147
' UC_X86_INS_VPMOVSXBD = 1148
' UC_X86_INS_VPMOVSXBQ = 1149
' UC_X86_INS_VPMOVSXBW = 1150
' UC_X86_INS_VPMOVSXDQ = 1151
' UC_X86_INS_VPMOVSXWD = 1152
' UC_X86_INS_VPMOVSXWQ = 1153
' UC_X86_INS_VPMOVUSDB = 1154
' UC_X86_INS_VPMOVUSDW = 1155
' UC_X86_INS_VPMOVUSQB = 1156
' UC_X86_INS_VPMOVUSQD = 1157
' UC_X86_INS_VPMOVUSQW = 1158
' UC_X86_INS_VPMOVZXBD = 1159
' UC_X86_INS_VPMOVZXBQ = 1160
' UC_X86_INS_VPMOVZXBW = 1161
' UC_X86_INS_VPMOVZXDQ = 1162
' UC_X86_INS_VPMOVZXWD = 1163
' UC_X86_INS_VPMOVZXWQ = 1164
' UC_X86_INS_VPMULDQ = 1165
' UC_X86_INS_VPMULHRSW = 1166
' UC_X86_INS_VPMULHUW = 1167
' UC_X86_INS_VPMULHW = 1168
' UC_X86_INS_VPMULLD = 1169
' UC_X86_INS_VPMULLQ = 1170
' UC_X86_INS_VPMULLW = 1171
' UC_X86_INS_VPMULUDQ = 1172
' UC_X86_INS_VPORD = 1173
' UC_X86_INS_VPORQ = 1174
' UC_X86_INS_VPOR = 1175
' UC_X86_INS_VPPERM = 1176
' UC_X86_INS_VPROTB = 1177
' UC_X86_INS_VPROTD = 1178
' UC_X86_INS_VPROTQ = 1179
' UC_X86_INS_VPROTW = 1180
' UC_X86_INS_VPSADBW = 1181
' UC_X86_INS_VPSCATTERDD = 1182
' UC_X86_INS_VPSCATTERDQ = 1183
' UC_X86_INS_VPSCATTERQD = 1184
' UC_X86_INS_VPSCATTERQQ = 1185
' UC_X86_INS_VPSHAB = 1186
' UC_X86_INS_VPSHAD = 1187
' UC_X86_INS_VPSHAQ = 1188
' UC_X86_INS_VPSHAW = 1189
' UC_X86_INS_VPSHLB = 1190
' UC_X86_INS_VPSHLD = 1191
' UC_X86_INS_VPSHLQ = 1192
' UC_X86_INS_VPSHLW = 1193
' UC_X86_INS_VPSHUFB = 1194
' UC_X86_INS_VPSHUFD = 1195
' UC_X86_INS_VPSHUFHW = 1196
' UC_X86_INS_VPSHUFLW = 1197
' UC_X86_INS_VPSIGNB = 1198
' UC_X86_INS_VPSIGND = 1199
' UC_X86_INS_VPSIGNW = 1200
' UC_X86_INS_VPSLLDQ = 1201
' UC_X86_INS_VPSLLD = 1202
' UC_X86_INS_VPSLLQ = 1203
' UC_X86_INS_VPSLLVD = 1204
' UC_X86_INS_VPSLLVQ = 1205
' UC_X86_INS_VPSLLW = 1206
' UC_X86_INS_VPSRAD = 1207
' UC_X86_INS_VPSRAQ = 1208
' UC_X86_INS_VPSRAVD = 1209
' UC_X86_INS_VPSRAVQ = 1210
' UC_X86_INS_VPSRAW = 1211
' UC_X86_INS_VPSRLDQ = 1212
' UC_X86_INS_VPSRLD = 1213
' UC_X86_INS_VPSRLQ = 1214
' UC_X86_INS_VPSRLVD = 1215
' UC_X86_INS_VPSRLVQ = 1216
' UC_X86_INS_VPSRLW = 1217
' UC_X86_INS_VPSUBB = 1218
' UC_X86_INS_VPSUBD = 1219
' UC_X86_INS_VPSUBQ = 1220
' UC_X86_INS_VPSUBSB = 1221
' UC_X86_INS_VPSUBSW = 1222
' UC_X86_INS_VPSUBUSB = 1223
' UC_X86_INS_VPSUBUSW = 1224
' UC_X86_INS_VPSUBW = 1225
' UC_X86_INS_VPTESTMD = 1226
' UC_X86_INS_VPTESTMQ = 1227
' UC_X86_INS_VPTESTNMD = 1228
' UC_X86_INS_VPTESTNMQ = 1229
' UC_X86_INS_VPTEST = 1230
' UC_X86_INS_VPUNPCKHBW = 1231
' UC_X86_INS_VPUNPCKHDQ = 1232
' UC_X86_INS_VPUNPCKHQDQ = 1233
' UC_X86_INS_VPUNPCKHWD = 1234
' UC_X86_INS_VPUNPCKLBW = 1235
' UC_X86_INS_VPUNPCKLDQ = 1236
' UC_X86_INS_VPUNPCKLQDQ = 1237
' UC_X86_INS_VPUNPCKLWD = 1238
' UC_X86_INS_VPXORD = 1239
' UC_X86_INS_VPXORQ = 1240
' UC_X86_INS_VPXOR = 1241
' UC_X86_INS_VRCP14PD = 1242
' UC_X86_INS_VRCP14PS = 1243
' UC_X86_INS_VRCP14SD = 1244
' UC_X86_INS_VRCP14SS = 1245
' UC_X86_INS_VRCP28PD = 1246
' UC_X86_INS_VRCP28PS = 1247
' UC_X86_INS_VRCP28SD = 1248
' UC_X86_INS_VRCP28SS = 1249
' UC_X86_INS_VRCPPS = 1250
' UC_X86_INS_VRCPSS = 1251
' UC_X86_INS_VRNDSCALEPD = 1252
' UC_X86_INS_VRNDSCALEPS = 1253
' UC_X86_INS_VRNDSCALESD = 1254
' UC_X86_INS_VRNDSCALESS = 1255
' UC_X86_INS_VROUNDPD = 1256
' UC_X86_INS_VROUNDPS = 1257
' UC_X86_INS_VROUNDSD = 1258
' UC_X86_INS_VROUNDSS = 1259
' UC_X86_INS_VRSQRT14PD = 1260
' UC_X86_INS_VRSQRT14PS = 1261
' UC_X86_INS_VRSQRT14SD = 1262
' UC_X86_INS_VRSQRT14SS = 1263
' UC_X86_INS_VRSQRT28PD = 1264
' UC_X86_INS_VRSQRT28PS = 1265
' UC_X86_INS_VRSQRT28SD = 1266
' UC_X86_INS_VRSQRT28SS = 1267
' UC_X86_INS_VRSQRTPS = 1268
' UC_X86_INS_VRSQRTSS = 1269
' UC_X86_INS_VSCATTERDPD = 1270
' UC_X86_INS_VSCATTERDPS = 1271
' UC_X86_INS_VSCATTERPF0DPD = 1272
' UC_X86_INS_VSCATTERPF0DPS = 1273
' UC_X86_INS_VSCATTERPF0QPD = 1274
' UC_X86_INS_VSCATTERPF0QPS = 1275
' UC_X86_INS_VSCATTERPF1DPD = 1276
' UC_X86_INS_VSCATTERPF1DPS = 1277
' UC_X86_INS_VSCATTERPF1QPD = 1278
' UC_X86_INS_VSCATTERPF1QPS = 1279
' UC_X86_INS_VSCATTERQPD = 1280
' UC_X86_INS_VSCATTERQPS = 1281
' UC_X86_INS_VSHUFPD = 1282
' UC_X86_INS_VSHUFPS = 1283
' UC_X86_INS_VSQRTPD = 1284
' UC_X86_INS_VSQRTPS = 1285
' UC_X86_INS_VSQRTSD = 1286
' UC_X86_INS_VSQRTSS = 1287
' UC_X86_INS_VSTMXCSR = 1288
' UC_X86_INS_VSUBPD = 1289
' UC_X86_INS_VSUBPS = 1290
' UC_X86_INS_VSUBSD = 1291
' UC_X86_INS_VSUBSS = 1292
' UC_X86_INS_VTESTPD = 1293
' UC_X86_INS_VTESTPS = 1294
' UC_X86_INS_VUNPCKHPD = 1295
' UC_X86_INS_VUNPCKHPS = 1296
' UC_X86_INS_VUNPCKLPD = 1297
' UC_X86_INS_VUNPCKLPS = 1298
' UC_X86_INS_VZEROALL = 1299
' UC_X86_INS_VZEROUPPER = 1300
' UC_X86_INS_WAIT = 1301
' UC_X86_INS_WBINVD = 1302
' UC_X86_INS_WRFSBASE = 1303
' UC_X86_INS_WRGSBASE = 1304
' UC_X86_INS_WRMSR = 1305
' UC_X86_INS_XABORT = 1306
' UC_X86_INS_XACQUIRE = 1307
' UC_X86_INS_XBEGIN = 1308
' UC_X86_INS_XCHG = 1309
' UC_X86_INS_XCRYPTCBC = 1310
' UC_X86_INS_XCRYPTCFB = 1311
' UC_X86_INS_XCRYPTCTR = 1312
' UC_X86_INS_XCRYPTECB = 1313
' UC_X86_INS_XCRYPTOFB = 1314
' UC_X86_INS_XEND = 1315
' UC_X86_INS_XGETBV = 1316
' UC_X86_INS_XLATB = 1317
' UC_X86_INS_XRELEASE = 1318
' UC_X86_INS_XRSTOR = 1319
' UC_X86_INS_XRSTOR64 = 1320
' UC_X86_INS_XRSTORS = 1321
' UC_X86_INS_XRSTORS64 = 1322
' UC_X86_INS_XSAVE = 1323
' UC_X86_INS_XSAVE64 = 1324
' UC_X86_INS_XSAVEC = 1325
' UC_X86_INS_XSAVEC64 = 1326
' UC_X86_INS_XSAVEOPT = 1327
' UC_X86_INS_XSAVEOPT64 = 1328
' UC_X86_INS_XSAVES = 1329
' UC_X86_INS_XSAVES64 = 1330
' UC_X86_INS_XSETBV = 1331
' UC_X86_INS_XSHA1 = 1332
' UC_X86_INS_XSHA256 = 1333
' UC_X86_INS_XSTORE = 1334
' UC_X86_INS_XTEST = 1335
' UC_X86_INS_FDISI8087_NOP = 1336
' UC_X86_INS_FENI8087_NOP = 1337
' UC_X86_INS_ENDING = 1338
'End Enum
'-- [x86 specific] ---------------
'// Memory-Management Register for instructions IDTR, GDTR, LDTR, TR.
'// Borrow from SegmentCache in qemu/target-i386/cpu.h
'typedef struct uc_x86_mmr {
' uint16_t selector; /* not used by GDTR and IDTR */
' uint64_t base; /* handle 32 or 64 bit CPUs */
' uint32_t limit;
' uint32_t flags; /* not used by GDTR and IDTR */
'} uc_x86_mmr;
'
'// Callback function for tracing SYSCALL/SYSENTER (for uc_hook_intr())
'// @user_data: user data passed to tracing APIs.
'typedef void (*uc_cb_insn_syscall_t)(struct uc_struct *uc, void *user_data);
'--------------------------------
'// Hook type for all events of unmapped memory access
'#define UC_HOOK_MEM_UNMAPPED (UC_HOOK_MEM_READ_UNMAPPED + UC_HOOK_MEM_WRITE_UNMAPPED + UC_HOOK_MEM_FETCH_UNMAPPED)
'// Hook type for all events of illegal protected memory access
'#define UC_HOOK_MEM_PROT (UC_HOOK_MEM_READ_PROT + UC_HOOK_MEM_WRITE_PROT + UC_HOOK_MEM_FETCH_PROT)
'// Hook type for all events of illegal read memory access
'#define UC_HOOK_MEM_READ_INVALID (UC_HOOK_MEM_READ_PROT + UC_HOOK_MEM_READ_UNMAPPED)
'// Hook type for all events of illegal write memory access
'#define UC_HOOK_MEM_WRITE_INVALID (UC_HOOK_MEM_WRITE_PROT + UC_HOOK_MEM_WRITE_UNMAPPED)
'// Hook type for all events of illegal fetch memory access
'#define UC_HOOK_MEM_FETCH_INVALID (UC_HOOK_MEM_FETCH_PROT + UC_HOOK_MEM_FETCH_UNMAPPED)
'// Hook type for all events of illegal memory access
'#define UC_HOOK_MEM_INVALID (UC_HOOK_MEM_UNMAPPED + UC_HOOK_MEM_PROT)
'// Hook type for all events of valid memory access
'#define UC_HOOK_MEM_VALID (UC_HOOK_MEM_READ + UC_HOOK_MEM_WRITE + UC_HOOK_MEM_FETCH)
'/*
' Callback function for tracing code (UC_HOOK_CODE & UC_HOOK_BLOCK)
'
' @address: address where the code is being executed
' @size: size of machine instruction(s) being executed, or 0 when size is unknown
' @user_data: user data passed to tracing APIs.
'*/
'typedef void (*uc_cb_hookcode_t)(uc_engine *uc, uint64_t address, uint32_t size, void *user_data);
' public sub code_hook(byval uc as long , byval address as currency, byval size as long, byval user_data as long)
'
'/*
' Callback function for tracing interrupts (for uc_hook_intr())
'
' @intno: interrupt number
' @user_data: user data passed to tracing APIs.
'*/
'typedef void (*uc_cb_hookintr_t)(uc_engine *uc, uint32_t intno, void *user_data);
'
'/*
' Callback function for tracing IN instruction of X86
'
' @port: port number
' @size: data size (1/2/4) to be read from this port
' @user_data: user data passed to tracing APIs.
'*/
'typedef uint32_t (*uc_cb_insn_in_t)(uc_engine *uc, uint32_t port, int size, void *user_data);
'
'/*
' Callback function for OUT instruction of X86
'
' @port: port number
' @size: data size (1/2/4) to be written to this port
' @value: data value to be written to this port
'*/
'typedef void (*uc_cb_insn_out_t)(uc_engine *uc, uint32_t port, int size, uint32_t value, void *user_data);
'
'/*
' Callback function for hooking memory (UC_MEM_READ, UC_MEM_WRITE & UC_MEM_FETCH)
'
' @type: this memory is being READ, or WRITE
' @address: address where the code is being executed
' @size: size of data being read or written
' @value: value of data being written to memory, or irrelevant if type = READ.
' @user_data: user data passed to tracing APIs
'*/
'typedef void (*uc_cb_hookmem_t)(uc_engine *uc, uc_mem_type type,
' uint64_t address, int size, int64_t value, void *user_data);
'
'/*
' Callback function for handling invalid memory access events (UC_MEM_*_UNMAPPED and
' UC_MEM_*PROT events)
'
' @type: this memory is being READ, or WRITE
' @address: address where the code is being executed
' @size: size of data being read or written
' @value: value of data being written to memory, or irrelevant if type = READ.
' @user_data: user data passed to tracing APIs
'
' @return: return true to continue, or false to stop program (due to invalid memory).
'*/
'typedef bool (*uc_cb_eventmem_t)(uc_engine *uc, uc_mem_type type,
' uint64_t address, int size, int64_t value, void *user_data);
'/*
' Memory region mapped by uc_mem_map() and uc_mem_map_ptr()
' Retrieve the list of memory regions with uc_mem_regions()
'*/
'typedef struct uc_mem_region {
' uint64_t begin; // begin address of the region (inclusive)
' uint64_t end; // end address of the region (inclusive)
' uint32_t perms; // memory permissions of the region
'} uc_mem_region;
'
'// All type of queries for uc_query() API.
'typedef enum uc_query_type {
' // Dynamically query current hardware mode.
' UC_QUERY_MODE = 1,
' UC_QUERY_PAGE_SIZE,
'} uc_query_type;
Public Declare Function ucs_dynload Lib "ucvbshim.dll" (ByVal path As String) As Long
'/*
' Return combined API version & major and minor version numbers.
'
' @major: major number of API version
' @minor: minor number of API version
'
' @return hexical number as (major << 8 | minor), which encodes both
' major & minor versions.
' NOTE: This returned value can be compared with version number made
' with macro UC_MAKE_VERSION
'
' For example, second API version would return 1 in @major, and 1 in @minor
' The return value would be 0x0101
'
' NOTE: if you only care about returned value, but not major and minor values,
' set both @major & @minor arguments to NULL.
'*/
'UNICORN_EXPORT
'unsigned int uc_version(unsigned int *major, unsigned int *minor);
Public Declare Function ucs_version Lib "ucvbshim.dll" (ByRef major As Long, ByRef minor As Long) As Long
'
'
'/*
' Determine if the given architecture is supported by this library.
'
' @arch: architecture type (UC_ARCH_*)
'
' @return True if this library supports the given arch.
'*/
'UNICORN_EXPORT
'bool uc_arch_supported(uc_arch arch);
Public Declare Function ucs_arch_supported Lib "ucvbshim.dll" (ByVal arch As uc_arch) As Long
'/*
' Create new instance of unicorn engine.
'
' @arch: architecture type (UC_ARCH_*)
' @mode: hardware mode. This is combined of UC_MODE_*
' @uc: pointer to uc_engine, which will be updated at return time
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_open(uc_arch arch, uc_mode mode, uc_engine **uc);
Public Declare Function ucs_open Lib "ucvbshim.dll" (ByVal arch As uc_arch, ByVal mode As uc_mode, ByRef hEngine As Long) As uc_err
'/*
' Close UC instance: MUST do to release the handle when it is not used anymore.
' NOTE: this must be called only when there is no longer usage of Unicorn.
' The reason is the this API releases some cached memory, thus access to any
' Unicorn API after uc_close() might crash your application.
' After this, @uc is invalid, and nolonger usable.
'
' @uc: pointer to a handle returned by uc_open()
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_close(uc_engine *uc);
Public Declare Function ucs_close Lib "ucvbshim.dll" (ByVal hEngine As Long) As uc_err
'
'/*
' Query internal status of engine.
'
' @uc: handle returned by uc_open()
' @type: query type. See uc_query_type
'
' @result: save the internal status queried
'
' @return: error code of uc_err enum type (UC_ERR_*, see above)
'*/
'// All type of queries for uc_query() API.
'typedef enum uc_query_type {
' // Dynamically query current hardware mode.
' UC_QUERY_MODE = 1,
' UC_QUERY_PAGE_SIZE,
'} uc_query_type;
'UNICORN_EXPORT
'uc_err uc_query(uc_engine *uc, uc_query_type type, size_t *result);
'/*
' Report the last error number when some API function fail.
' Like glibc's errno, uc_errno might not retain its old value once accessed.
'
' @uc: handle returned by uc_open()
'
' @return: error code of uc_err enum type (UC_ERR_*, see above)
'*/
'UNICORN_EXPORT
'uc_err uc_errno(uc_engine *uc);
Public Declare Function ucs_errno Lib "ucvbshim.dll" (ByVal hEngine As Long) As uc_err
'
'/*
' Return a string describing given error code.
'
' @code: error code (see UC_ERR_* above)
'
' @return: returns a pointer to a string that describes the error code
' passed in the argument @code
' */
'UNICORN_EXPORT
'const char *uc_strerror(uc_err code);
Public Declare Function ucs_strerror Lib "ucvbshim.dll" (ByVal code As uc_err) As Long
'/*
' Write to register.
'
' @uc: handle returned by uc_open()
' @regid: register ID that is to be modified.
' @value: pointer to the value that will set to register @regid
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_reg_write(uc_engine *uc, int regid, const void *value);
Public Declare Function ucs_reg_write Lib "ucvbshim.dll" (ByVal hEngine As Long, ByVal regid As uc_x86_reg, ByRef value As Long) As uc_err
'/*
' Read register value.
'
' @uc: handle returned by uc_open()
' @regid: register ID that is to be retrieved.
' @value: pointer to a variable storing the register value.
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_reg_read(uc_engine *uc, int regid, void *value);
Public Declare Function ucs_reg_read Lib "ucvbshim.dll" (ByVal hEngine As Long, ByVal regid As uc_x86_reg, ByRef value As Long) As uc_err
'/*
' Write multiple register values.
'
' @uc: handle returned by uc_open()
' @rges: array of register IDs to store
' @value: pointer to array of register values
' @count: length of both *regs and *vals
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_reg_write_batch(uc_engine *uc, int *regs, void *const *vals, int count);
'
'/*
' Read multiple register values.
'
' @uc: handle returned by uc_open()
' @rges: array of register IDs to retrieve
' @value: pointer to array of values to hold registers
' @count: length of both *regs and *vals
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_reg_read_batch(uc_engine *uc, int *regs, void **vals, int count);
'/*
' Write to a range of bytes in memory.
'
' @uc: handle returned by uc_open()
' @address: starting memory address of bytes to set.
' @bytes: pointer to a variable containing data to be written to memory.
' @size: size of memory to write to.
'
' NOTE: @bytes must be big enough to contain @size bytes.
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_mem_write(uc_engine *uc, uint64_t address, const void *bytes, size_t size);
Public Declare Function ucs_mem_write Lib "ucvbshim.dll" (ByVal hEngine As Long, ByVal addr As Currency, ByRef b As Byte, ByVal size As Long) As uc_err
'/*
' Read a range of bytes in memory.
'
' @uc: handle returned by uc_open()
' @address: starting memory address of bytes to get.
' @bytes: pointer to a variable containing data copied from memory.
' @size: size of memory to read.
'
' NOTE: @bytes must be big enough to contain @size bytes.
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_mem_read(uc_engine *uc, uint64_t address, void *bytes, size_t size);
Public Declare Function ucs_mem_read Lib "ucvbshim.dll" (ByVal hEngine As Long, ByVal addr As Currency, ByRef b As Byte, ByVal size As Long) As uc_err
'/*
' Emulate machine code in a specific duration of time.
'
' @uc: handle returned by uc_open()
' @begin: address where emulation starts
' @until: address where emulation stops (i.e when this address is hit)
' @timeout: duration to emulate the code (in microseconds). When this value is 0,
' we will emulate the code in infinite time, until the code is finished.
' @count: the number of instructions to be emulated. When this value is 0,
' we will emulate all the code available, until the code is finished.
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_emu_start(uc_engine *uc, uint64_t begin, uint64_t until, uint64_t timeout, size_t count);
Public Declare Function ucs_emu_start Lib "ucvbshim.dll" (ByVal hEngine As Long, ByVal startAt As Currency, ByVal endAt As Currency, ByVal timeout As Currency, ByVal count As Long) As uc_err
'
'/*
' Stop emulation (which was started by uc_emu_start() API.
' This is typically called from callback functions registered via tracing APIs.
' NOTE: for now, this will stop the execution only after the current block.
'
' @uc: handle returned by uc_open()
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_emu_stop(uc_engine *uc);
Public Declare Function ucs_emu_stop Lib "ucvbshim.dll" (ByVal hEngine As Long) As uc_err
'/*
' Register callback for a hook event.
' The callback will be run when the hook event is hit.
'
' @uc: handle returned by uc_open()
' @hh: hook handle returned from this registration. To be used in uc_hook_del() API
' @type: hook type
' @callback: callback to be run when instruction is hit
' @user_data: user-defined data. This will be passed to callback function in its
' last argument @user_data
' @begin: start address of the area where the callback is effect (inclusive)
' @end: end address of the area where the callback is effect (inclusive)
' NOTE 1: the callback is called only if related address is in range [@begin, @end]
' NOTE 2: if @begin > @end, callback is called whenever this hook type is triggered
' @...: variable arguments (depending on @type)
' NOTE: if @type = UC_HOOK_INSN, this is the instruction ID (ex: UC_X86_INS_OUT)
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err __stdcall ucs_hook_add(uc_engine *uc, uc_hook *hh, int type, void *callback, void *user_data, uint64_t begin, uint64_t end, ...)
'
'note vb6 does not support variable length arguments to api declares so UC_HOOK_INSN would require a seperate declare and stub
'also note that the callback is not used directly, it is proxied through a cdecl stub
'since the hook flags can be different combos, we pass in a catagory for simplicity in selecting which c callback to use..(bit sloppy but easy)
Public Declare Function ucs_hook_add Lib "ucvbshim.dll" (ByVal hEngine As Long, ByRef hHook As Long, ByVal hType As uc_hook_type, ByVal callback As Long, ByVal user_data As Long, ByVal beginAt As Currency, ByVal endAt As Currency, ByVal catagory As Long, Optional ByVal inst_id As Long = 0) As uc_err
'/*
' Unregister (remove) a hook callback.
' This API removes the hook callback registered by uc_hook_add().
' NOTE: this should be called only when you no longer want to trace.
' After this, @hh is invalid, and nolonger usable.
'
' @uc: handle returned by uc_open()
' @hh: handle returned by uc_hook_add()
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_hook_del(uc_engine *uc, uc_hook hh);
Public Declare Function ucs_hook_del Lib "ucvbshim.dll" (ByVal hEngine As Long, ByVal hHook As Long) As uc_err
'/*
' Map memory in for emulation.
' This API adds a memory region that can be used by emulation.
'
' @uc: handle returned by uc_open()
' @address: starting address of the new memory region to be mapped in.
' This address must be aligned to 4KB, or this will return with UC_ERR_ARG error.
' @size: size of the new memory region to be mapped in.
' This size must be multiple of 4KB, or this will return with UC_ERR_ARG error.
' @perms: Permissions for the newly mapped region.
' This must be some combination of UC_PROT_READ | UC_PROT_WRITE | UC_PROT_EXEC,
' or this will return with UC_ERR_ARG error.
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_mem_map(uc_engine *uc, uint64_t address, size_t size, uint32_t perms);
Public Declare Function ucs_mem_map Lib "ucvbshim.dll" (ByVal hEngine As Long, ByVal addr As Currency, ByVal size As Long, ByVal perms As uc_prot) As uc_err
'/*
' Map existing host memory in for emulation.
' This API adds a memory region that can be used by emulation.
'
' @uc: handle returned by uc_open()
' @address: starting address of the new memory region to be mapped in.
' This address must be aligned to 4KB, or this will return with UC_ERR_ARG error.
' @size: size of the new memory region to be mapped in.
' This size must be multiple of 4KB, or this will return with UC_ERR_ARG error.
' @perms: Permissions for the newly mapped region.
' This must be some combination of UC_PROT_READ | UC_PROT_WRITE | UC_PROT_EXEC,
' or this will return with UC_ERR_ARG error.
' @ptr: pointer to host memory backing the newly mapped memory. This host memory is
' expected to be an equal or larger size than provided, and be mapped with at
' least PROT_READ | PROT_WRITE. If it is not, the resulting behavior is undefined.
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_mem_map_ptr(uc_engine *uc, uint64_t address, size_t size, uint32_t perms, void *ptr);
Public Declare Function ucs_mem_map_ptr Lib "ucvbshim.dll" (ByVal hEngine As Long, ByVal addr As Currency, ByVal size As Long, ByVal perms As uc_prot, ByVal ptr As Long) As uc_err
'/*
' Unmap a region of emulation memory.
' This API deletes a memory mapping from the emulation memory space.
'
' @uc: handle returned by uc_open()
' @address: starting address of the memory region to be unmapped.
' This address must be aligned to 4KB, or this will return with UC_ERR_ARG error.
' @size: size of the memory region to be modified.
' This size must be multiple of 4KB, or this will return with UC_ERR_ARG error.
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_mem_unmap(uc_engine *uc, uint64_t address, size_t size);
Public Declare Function ucs_mem_unmap Lib "ucvbshim.dll" (ByVal hEngine As Long, ByVal addr As Currency, ByVal size As Long) As uc_err
'/*
' Set memory permissions for emulation memory.
' This API changes permissions on an existing memory region.
'
' @uc: handle returned by uc_open()
' @address: starting address of the memory region to be modified.
' This address must be aligned to 4KB, or this will return with UC_ERR_ARG error.
' @size: size of the memory region to be modified.
' This size must be multiple of 4KB, or this will return with UC_ERR_ARG error.
' @perms: New permissions for the mapped region.
' This must be some combination of UC_PROT_READ | UC_PROT_WRITE | UC_PROT_EXEC,
' or this will return with UC_ERR_ARG error.
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_mem_protect(uc_engine *uc, uint64_t address, size_t size, uint32_t perms);
Public Declare Function ucs_mem_protect Lib "ucvbshim.dll" (ByVal hEngine As Long, ByVal addr As Currency, ByVal size As Long, ByVal perm As uc_prot) As uc_err
'/*
' Retrieve all memory regions mapped by uc_mem_map() and uc_mem_map_ptr()
' This API allocates memory for @regions, and user must free this memory later
' by free() to avoid leaking memory.
' NOTE: memory regions may be splitted by uc_mem_unmap()
'
' @uc: handle returned by uc_open()
' @regions: pointer to an array of uc_mem_region struct. This is allocated by
' Unicorn, and must be freed by user later
' @count: pointer to number of struct uc_mem_region contained in @regions
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_mem_regions(uc_engine *uc, uc_mem_region **regions, uint32_t *count);
'simplofied for vb use: uc_err __stdcall getMemMap(uc_engine *uc, _CollectionPtr *pColl){
'fills a collection with csv values of all memory regions..
Public Declare Function get_memMap Lib "ucvbshim.dll" (ByVal hEngine As Long, ByRef col As Collection) As uc_err
'/*
' Allocate a region that can be used with uc_context_{save,restore} to perform
' quick save/rollback of the CPU context, which includes registers and some
' internal metadata. Contexts may not be shared across engine instances with
' differing arches or modes.
'
' @uc: handle returned by uc_open()
' @context: pointer to a uc_engine*. This will be updated with the pointer to
' the new context on successful return of this function.
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_context_alloc(uc_engine *uc, uc_context **context);
Public Declare Function ucs_context_alloc Lib "ucvbshim.dll" (ByVal hEngine As Long, ByRef context As Long) As uc_err
'/*
' Free the resource allocated by uc_context_alloc.
'
' @context: handle returned by uc_context_alloc()
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_free(void* mem);
Public Declare Function ucs_free Lib "ucvbshim.dll" (ByVal mem As Long) As uc_err
'/*
' Save a copy of the internal CPU context.
' This API should be used to efficiently make or update a saved copy of the
' internal CPU state.
'
' @uc: handle returned by uc_open()
' @context: handle returned by uc_context_alloc()
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_context_save(uc_engine *uc, uc_context *context);
Public Declare Function ucs_context_save Lib "ucvbshim.dll" (ByVal hEngine As Long, ByVal context As Long) As uc_err
'/*
' Restore the current CPU context from a saved copy.
' This API should be used to roll the CPU context back to a previous
' state saved by uc_context_save().
'
' @uc: handle returned by uc_open()
' @buffer: handle returned by uc_context_alloc that has been used with uc_context_save
'
' @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
' for detailed error).
'*/
'UNICORN_EXPORT
'uc_err uc_context_restore(uc_engine *uc, uc_context *context);
Public Declare Function ucs_context_restore Lib "ucvbshim.dll" (ByVal hEngine As Long, ByVal context As Long) As uc_err
'uses libdasm to retrieve the 32bit disassembly at a specified va
'int __stdcall disasm_addr(uc_engine *uc, int va, char *str, int bufLen){
Public Declare Function disasm_addr Lib "ucvbshim.dll" (ByVal hEngine As Long, ByVal addr As Long, ByVal buf As String, ByVal size As Long) As Long
'simplified access to map and write data to emu memory
'uc_err __stdcall mem_write_block(uc_engine *uc, uint64_t address, void* data, uint32_t size, uint32_t perm){
Public Declare Function mem_write_block Lib "ucvbshim.dll" (ByVal hEngine As Long, ByVal addr As Currency, ByRef data As Byte, ByVal size As Long, ByVal perm As Long) As uc_err
Private Declare Function lstrcpy Lib "kernel32" Alias "lstrcpyA" (ByVal lpString1 As String, ByVal lpString2 As String) As Long
Private Declare Function lstrlen Lib "kernel32" Alias "lstrlenA" (ByVal lpString As Long) As Long
'api version of the below..
'Function err2str(e As uc_err) As String
' Dim lpStr As Long
' Dim length As Long
' Dim buf() As Byte
'
' lpStr = ucs_strerror(e)
' If lpStr = 0 Then Exit Function
'
' length = lstrlen(lpStr)
' If length = 0 Then Exit Function
'
' ReDim buf(1 To length)
' CopyMemory buf(1), ByVal lpStr, length
'
' err2str2 = StrConv(buf, vbUnicode, &H409)
'
'End Function
Function err2str(e As uc_err) As String
err2str = "Unknown error code: " & e
If e = uc_err_ok Then err2str = "No error: everything was fine"
If e = UC_ERR_NOMEM Then err2str = "Out-Of-Memory error: uc_open(), uc_emulate()"
If e = UC_ERR_ARCH Then err2str = "Unsupported architecture: uc_open()"
If e = UC_ERR_HANDLE Then err2str = "Invalid handle"
If e = UC_ERR_MODE Then err2str = "Invalid/unsupported mode: uc_open()"
If e = UC_ERR_VERSION Then err2str = "Unsupported version (bindings)"
If e = UC_ERR_READ_UNMAPPED Then err2str = "Quit emulation due to READ on unmapped memory: uc_emu_start()"
If e = UC_ERR_WRITE_UNMAPPED Then err2str = "Quit emulation due to WRITE on unmapped memory: uc_emu_start()"
If e = UC_ERR_FETCH_UNMAPPED Then err2str = "Quit emulation due to FETCH on unmapped memory: uc_emu_start()"
If e = UC_ERR_HOOK Then err2str = "Invalid hook type: uc_hook_add()"
If e = UC_ERR_INSN_INVALID Then err2str = "Quit emulation due to invalid instruction: uc_emu_start()"
If e = UC_ERR_MAP Then err2str = "Invalid memory mapping: uc_mem_map()"
If e = UC_ERR_WRITE_PROT Then err2str = "Quit emulation due to UC_MEM_WRITE_PROT violation: uc_emu_start()"
If e = UC_ERR_READ_PROT Then err2str = "Quit emulation due to UC_MEM_READ_PROT violation: uc_emu_start()"
If e = UC_ERR_FETCH_PROT Then err2str = "Quit emulation due to UC_MEM_FETCH_PROT violation: uc_emu_start()"
If e = UC_ERR_ARG Then err2str = "Inavalid argument provided to uc_xxx function (See specific function API)"
If e = UC_ERR_READ_UNALIGNED Then err2str = "Unaligned read"
If e = UC_ERR_WRITE_UNALIGNED Then err2str = "Unaligned write"
If e = UC_ERR_FETCH_UNALIGNED Then err2str = "Unaligned fetch"
If e = UC_ERR_HOOK_EXIST Then err2str = "hook for this event already existed"
If e = UC_ERR_RESOURCE Then err2str = "Insufficient resource: uc_emu_start()"
If e = UC_ERR_EXCEPTION Then err2str = "Unhandled CPU exception"
End Function
Function memType2str(t As uc_mem_type)
memType2str = "Unknown memType: " & t
If t = UC_MEM_READ Then memType2str = "Memory is read from"
If t = uc_mem_write Then memType2str = "Memory is written to"
If t = UC_MEM_FETCH Then memType2str = "Memory is fetched"
If t = UC_MEM_READ_UNMAPPED Then memType2str = "Unmapped memory is read from"
If t = UC_MEM_WRITE_UNMAPPED Then memType2str = "Unmapped memory is written to"
If t = UC_MEM_FETCH_UNMAPPED Then memType2str = "Unmapped memory is fetched"
If t = UC_MEM_WRITE_PROT Then memType2str = "Write to write protected, but mapped, memory"
If t = UC_MEM_READ_PROT Then memType2str = "Read from read protected, but mapped, memory"
If t = UC_MEM_FETCH_PROT Then memType2str = "Fetch from non-executable, but mapped, memory"
If t = UC_MEM_READ_AFTER Then memType2str = "Memory is read from (successful access)"
End Function
'--------------------- [ callback support ] ---------------------------------------------
'so the callbacks must live in a module (vb6 language limitation/safety feature)
'we use a simple lookup mechanism to support multiple instances
Function findInstance(ptr As Long) As ucIntel32
On Error Resume Next
Set findInstance = instances("objptr:" & ptr)
End Function
'in case we want to keep userdata for something else..this is just as easy..
Function findInstanceByUc(uc As Long) As ucIntel32
Dim u As ucIntel32
For Each u In instances
If u.uc = uc Then
Set findInstanceByUc = u
Exit Function
End If
Next
End Function
'typedef void (__stdcall *vb_cb_hookcode_t) (uc_engine *uc, uint64_t address, uint32_t size, void *user_data);
Public Sub code_hook(ByVal uc As Long, ByVal address As Currency, ByVal size As Long, ByVal user_data As Long)
Dim u As ucIntel32
Set u = findInstance(user_data)
If u Is Nothing Then Exit Sub
u.internal_code_hook address, size
End Sub
Public Sub block_hook(ByVal uc As Long, ByVal address As Currency, ByVal size As Long, ByVal user_data As Long)
Dim u As ucIntel32
Set u = findInstance(user_data)
If u Is Nothing Then Exit Sub
u.internal_block_hook address, size
End Sub
'typedef void (*uc_cb_hookmem_t)(uc_engine *uc, uc_mem_type type, uint64_t address, int size, int64_t value, void *user_data);
Public Sub mem_hook(ByVal uc As Long, ByVal t As uc_mem_type, ByVal address As Currency, ByVal size As Long, ByVal value As Currency, ByVal user_data As Long)
Dim u As ucIntel32
Set u = findInstance(user_data)
If u Is Nothing Then Exit Sub
u.internal_mem_hook t, address, size, value
End Sub
'typedef bool (*uc_cb_eventmem_t)(uc_engine *uc, uc_mem_type type, uint64_t address, int size, int64_t value, void *user_data);
Public Function invalid_mem_hook(ByVal uc As Long, ByVal t As uc_mem_type, ByVal address As Currency, ByVal size As Long, ByVal value As Currency, ByVal user_data As Long) As Long
'return 0 to stop emulation, 1 to continue
Dim u As ucIntel32
Set u = findInstance(user_data)
If u Is Nothing Then Exit Function
invalid_mem_hook = u.internal_invalid_mem_hook(t, address, size, value)
End Function
'typedef void (*vb_cb_hookintr_t)(uc_engine *uc,uint32_t intno, void *user_data);
Public Sub interrupt_hook(ByVal uc As Long, ByVal intno As Long, ByVal user_data As Long)
Dim u As ucIntel32
Set u = findInstance(user_data)
If u Is Nothing Then Exit Sub
u.internal_interrupt_hook intno
End Sub