Initial Commit

thirdparty/capstone/tests/integration/CMakeLists.txt

@@ -0,0 +1,17 @@
+cmake_minimum_required(VERSION 3.15)
+
+# Old integration tests.
+if (CAPSTONE_BUILD_LEGACY_TESTS)
+  enable_testing()
+  set(TEST_SOURCES test_skipdata.c test_iter.c)
+  if(CAPSTONE_X86_SUPPORT)
+    set(TEST_SOURCES ${TEST_SOURCES} test_customized_mnem.c)
+  endif()
+
+  foreach(TSRC ${TEST_SOURCES})
+      string(REGEX REPLACE ".c$" "" TBIN ${TSRC})
+      add_executable(${TBIN} "${TESTS_INTEGRATION_DIR}/${TSRC}")
+      target_link_libraries(${TBIN} PRIVATE capstone)
+      add_test(NAME "legacy_${TBIN}" COMMAND ${TBIN})
+  endforeach()
+endif()

thirdparty/capstone/tests/integration/README.md

@@ -0,0 +1,12 @@
+This directory contains some test code to show how to use Capstone API.
+
+- test_iter.c:
+  This code shows how to use the API cs_disasm_iter() to decode one instruction at
+  a time inside a loop.
+
+- test_customized_mnem.c:
+  This code shows how to use MNEMONIC option to customize instruction mnemonic
+  at run-time, and then how to reset the engine to use the default mnemonic.
+
+- test_winkernel.cpp
+  This code shows how to use Capstone from a Windows driver.

thirdparty/capstone/tests/integration/test_customized_mnem.c

@@ -0,0 +1,89 @@
+/* Capstone Disassembly Engine */
+/* By Nguyen Anh Quynh <aquynh@gmail.com>, 2015-2019 */
+
+// This sample code demonstrates the option CS_OPT_MNEMONIC
+// to customize instruction mnemonic.
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <capstone/platform.h>
+#include <capstone/capstone.h>
+
+#define X86_CODE32 "\x75\x01"
+
+// Print out the input code in hexadecimal format
+static void print_string_hex(unsigned char *str, size_t len)
+{
+	unsigned char *c;
+
+	for (c = str; c < str + len; c++) {
+		printf("%02x ", *c & 0xff);
+	}
+	printf("\t");
+}
+
+// Print one instruction
+static void print_insn(csh handle)
+{
+	cs_insn *insn;
+	size_t count;
+	
+	count = cs_disasm(handle, (const uint8_t *)X86_CODE32, sizeof(X86_CODE32) - 1, 0x1000, 1, &insn);
+	if (count) {
+		print_string_hex((unsigned char *)X86_CODE32, sizeof(X86_CODE32) - 1);
+		printf("\t%s\t%s\n", insn[0].mnemonic, insn[0].op_str); 
+		// Free memory allocated by cs_disasm()
+		cs_free(insn, count);
+	} else {
+		printf("ERROR: Failed to disasm given code!\n");
+		abort();
+	}
+}
+
+static void test()
+{
+	csh handle;
+	cs_err err;
+	// Customize mnemonic JNE to "jnz"
+	cs_opt_mnem my_mnem = { X86_INS_JNE, "jnz" };
+	// Set .mnemonic to NULL to reset to default mnemonic
+	cs_opt_mnem default_mnem = { X86_INS_JNE, NULL };
+
+	err = cs_open(CS_ARCH_X86, CS_MODE_32, &handle);
+	if (err) {
+		if (cs_support(CS_ARCH_X86)) {
+			printf("Failed on cs_open() with error returned: %u\n", err);
+			abort();
+		} else
+			return;
+	}
+
+	// 1. Print out the instruction in default setup.
+	printf("Disassemble X86 code with default instruction mnemonic\n");
+	print_insn(handle);
+
+	// Customized mnemonic JNE to JNZ using CS_OPT_MNEMONIC option
+	printf("\nNow customize engine to change mnemonic from 'JNE' to 'JNZ'\n");
+	cs_option(handle, CS_OPT_MNEMONIC, (size_t)&my_mnem);
+
+	// 2. Now print out the instruction in newly customized setup.
+	print_insn(handle);
+
+	// Reset engine to use the default mnemonic of JNE
+	printf("\nReset engine to use the default mnemonic\n");
+	cs_option(handle, CS_OPT_MNEMONIC, (size_t)&default_mnem);
+
+	// 3. Now print out the instruction in default setup.
+	print_insn(handle);
+
+	// Done
+	cs_close(&handle);
+}
+
+int main()
+{
+	test();
+
+	return 0;
+}

thirdparty/capstone/tests/integration/test_iter.c

@@ -0,0 +1,408 @@
+/* Capstone Disassembler Engine */
+/* By Nguyen Anh Quynh <aquynh@gmail.com>, 2013-2019 */
+
+// This sample code demonstrates the APIs cs_malloc() & cs_disasm_iter().
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <capstone/platform.h>
+#include <capstone/capstone.h>
+
+struct platform {
+	cs_arch arch;
+	cs_mode mode;
+	unsigned char *code;
+	size_t size;
+	const char *comment;
+	cs_opt_type opt_type;
+	cs_opt_value opt_value;
+};
+
+static void print_string_hex(unsigned char *str, size_t len)
+{
+	unsigned char *c;
+
+	printf("Code: ");
+	for (c = str; c < str + len; c++) {
+		printf("0x%02x ", *c & 0xff);
+	}
+	printf("\n");
+}
+
+static void test()
+{
+#ifdef CAPSTONE_HAS_X86
+#define X86_CODE16 "\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00"
+#define X86_CODE32 "\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00"
+#define X86_CODE64 "\x55\x48\x8b\x05\xb8\x13\x00\x00"
+#endif
+#ifdef CAPSTONE_HAS_ARM
+#define ARM_CODE "\xED\xFF\xFF\xEB\x04\xe0\x2d\xe5\x00\x00\x00\x00\xe0\x83\x22\xe5\xf1\x02\x03\x0e\x00\x00\xa0\xe3\x02\x30\xc1\xe7\x00\x00\x53\xe3"
+#define ARM_CODE2 "\x10\xf1\x10\xe7\x11\xf2\x31\xe7\xdc\xa1\x2e\xf3\xe8\x4e\x62\xf3"
+#define THUMB_CODE "\x70\x47\xeb\x46\x83\xb0\xc9\x68"
+#define THUMB_CODE2 "\x4f\xf0\x00\x01\xbd\xe8\x00\x88\xd1\xe8\x00\xf0"
+#endif
+#ifdef CAPSTONE_HAS_MIPS
+#define MIPS_CODE "\x0C\x10\x00\x97\x00\x00\x00\x00\x24\x02\x00\x0c\x8f\xa2\x00\x00\x34\x21\x34\x56\x00\x80\x04\x08"
+#define MIPS_CODE2 "\x56\x34\x21\x34\xc2\x17\x01\x00"
+#endif
+#ifdef CAPSTONE_HAS_AARCH64
+#define AARCH64_CODE "\x09\x00\x38\xd5\xbf\x40\x00\xd5\x0c\x05\x13\xd5\x20\x50\x02\x0e\x20\xe4\x3d\x0f\x00\x18\xa0\x5f\xa2\x00\xae\x9e\x9f\x37\x03\xd5\xbf\x33\x03\xd5\xdf\x3f\x03\xd5\x21\x7c\x02\x9b\x21\x7c\x00\x53\x00\x40\x21\x4b\xe1\x0b\x40\xb9\x20\x04\x81\xda\x20\x08\x02\x8b\x10\x5b\xe8\x3c"
+#endif
+#ifdef CAPSTONE_HAS_POWERPC
+#define PPC_CODE "\x80\x20\x00\x00\x80\x3f\x00\x00\x10\x43\x23\x0e\xd0\x44\x00\x80\x4c\x43\x22\x02\x2d\x03\x00\x80\x7c\x43\x20\x14\x7c\x43\x20\x93\x4f\x20\x00\x21\x4c\xc8\x00\x21\x40\x82\x00\x14"
+#endif
+#ifdef CAPSTONE_HAS_SPARC
+#define SPARC_CODE "\x80\xa0\x40\x02\x85\xc2\x60\x08\x85\xe8\x20\x01\x81\xe8\x00\x00\x90\x10\x20\x01\xd5\xf6\x10\x16\x21\x00\x00\x0a\x86\x00\x40\x02\x01\x00\x00\x00\x12\xbf\xff\xff\x10\xbf\xff\xff\xa0\x02\x00\x09\x0d\xbf\xff\xff\xd4\x20\x60\x00\xd4\x4e\x00\x16\x2a\xc2\x80\x03"
+#define SPARCV9_CODE "\x81\xa8\x0a\x24\x89\xa0\x10\x20\x89\xa0\x1a\x60\x89\xa0\x00\xe0"
+#endif
+#ifdef CAPSTONE_HAS_SYSZ
+#define SYSZ_CODE "\xed\x00\x00\x00\x00\x1a\x5a\x0f\x1f\xff\xc2\x09\x80\x00\x00\x00\x07\xf7\xeb\x2a\xff\xff\x7f\x57\xe3\x01\xff\xff\x7f\x57\xeb\x00\xf0\x00\x00\x24\xb2\x4f\x00\x78"
+#endif
+#ifdef CAPSTONE_HAS_XCORE
+#define XCORE_CODE "\xfe\x0f\xfe\x17\x13\x17\xc6\xfe\xec\x17\x97\xf8\xec\x4f\x1f\xfd\xec\x37\x07\xf2\x45\x5b\xf9\xfa\x02\x06\x1b\x10"
+#endif
+#ifdef CAPSTONE_HAS_M680X
+#define M680X_CODE "\x06\x10\x19\x1a\x55\x1e\x01\x23\xe9\x31\x06\x34\x55\xa6\x81\xa7\x89\x7f\xff\xa6\x9d\x10\x00\xa7\x91\xa6\x9f\x10\x00\x11\xac\x99\x10\x00\x39"
+#endif
+#ifdef CAPSTONE_HAS_MOS65XX
+#define MOS65XX_CODE "\x0d\x34\x12\x08\x09\xFF\x10\x80\x20\x00\x00\x98"
+#endif
+#define EBPF_CODE "\x97\x09\x00\x00\x37\x13\x03\x00\xdc\x02\x00\x00\x20\x00\x00\x00\x30\x00\x00\x00\x00\x00\x00\x00\xdb\x3a\x00\x01\x00\x00\x00\x00\x84\x02\x00\x00\x00\x00\x00\x00\x6d\x33\x17\x02\x00\x00\x00\x00"
+
+#ifdef CAPSTONE_HAS_RISCV
+#define RISCV_CODE32 "\x37\x34\x00\x00\x97\x82\x00\x00\xef\x00\x80\x00\xef\xf0\x1f\xff\xe7\x00\x45\x00\xe7\x00\xc0\xff\x63\x05\x41\x00\xe3\x9d\x61\xfe\x63\xca\x93\x00\x63\x53\xb5\x00\x63\x65\xd6\x00\x63\x76\xf7\x00\x03\x88\x18\x00\x03\x99\x49\x00\x03\xaa\x6a\x00\x03\xcb\x2b\x01\x03\xdc\x8c\x01\x23\x86\xad\x03\x23\x9a\xce\x03\x23\x8f\xef\x01\x93\x00\xe0\x00\x13\xa1\x01\x01\x13\xb2\x02\x7d\x13\xc3\x03\xdd\x13\xe4\xc4\x12\x13\xf5\x85\x0c\x13\x96\xe6\x01\x13\xd7\x97\x01\x13\xd8\xf8\x40\x33\x89\x49\x01\xb3\x0a\x7b\x41\x33\xac\xac\x01\xb3\x3d\xde\x01\x33\xd2\x62\x40\xb3\x43\x94\x00\x33\xe5\xc5\x00\xb3\x76\xf7\x00\xb3\x54\x39\x01\xb3\x50\x31\x00\x33\x9f\x0f\x00"
+#define RISCV_CODE64 "\x13\x04\xa8\x7a"  // aaa80413
+#endif
+
+#ifdef CAPSTONE_HAS_TRICORE
+#define TRICORE_CODE "\x16\x01\x20\x01\x1d\x00\x02\x00\x8f\x70\x00\x11\x40\xae\x89\xee\x04\x09\x42\xf2\xe2\xf2\xc2\x11\x19\xff\xc0\x70\x19\xff\x20\x10"
+#endif
+
+#ifdef CAPSTONE_HAS_ALPHA
+#define ALPHA_CODE "\x02\x00\xbb\x27\x50\x7a\xbd\x23\xd0\xff\xde\x23\x00\x00\x5e\xb7"
+#define ALPHA_CODE_BE "\x27\xbb\x00\x02\x23\xbd\x7a\x50\x23\xde\xff\xd0\xb7\x5e\x00\x00"
+#endif
+
+#ifdef CAPSTONE_HAS_HPPA
+#define HPPA_20_CODE_BE  "\x00\x20\x50\xa2\x00\x01\x58\x20\x00\x00\x44\xa1\x00\x41\x18\x40\x00\x20\x08\xa2\x01\x60\x48\xa1\x01\x61\x18\xc0\x00\x00\x14\xa1\x00\x0f\x0d\x61\x00\x0f\x0e\x61\x00\x01\x18\x60\x00\x00\x0c\x00\x00\x00\x0c\xa0\x03\xff\xc0\x1f\x00\x00\x04\x00\x00\x10\x04\x00\x04\x22\x51\x83\x04\x22\x51\xc3\x04\x22\x51\x83\x04\x2f\x71\x83\x04\x2f\x71\xc3\x04\x2f\x71\x83\x04\x41\x53\x43\x04\x41\x53\x63\x04\x41\x53\x03\x04\x41\x12\x00\x04\x41\x16\x00\x04\x41\x16\x20\x04\x41\x42\x00\x04\x41\x46\x00\x04\x41\x46\x20\x04\x41\x12\x40\x04\x41\x12\x60\x04\x41\x42\x40\x04\x41\x42\x60\x04\x41\x18\x00\x04\x41\x08\x00\x04\x41\x13\x80\x04\x41\x13\xa0\x04\x41\x52\x80\x04\x41\x52\xa0\x04\x5e\x72\x80\x04\x41\x42\x80\x04\x41\x52\xc0\x04\x41\x52\xe0\x04\x41\x42\xc0\x04\x41\x42\xe0\x14\x00\xde\xad"
+#define HPPA_20_CODE     "\xa2\x50\x20\x00\x20\x58\x01\x00\xa1\x44\x00\x00\x40\x18\x41\x00\xa2\x08\x20\x00\xa1\x48\x60\x01\xc0\x18\x61\x01\xa1\x14\x00\x00\x61\x0d\x0f\x00\x61\x0e\x0f\x00\x60\x18\x01\x00\x00\x0c\x00\x00\xa0\x0c\x00\x00\x1f\xc0\xff\x03\x00\x04\x00\x00\x00\x04\x10\x00\x83\x51\x22\x04\xc3\x51\x22\x04\x83\x51\x22\x04\x83\x71\x2f\x04\xc3\x71\x2f\x04\x83\x71\x2f\x04\x43\x53\x41\x04\x63\x53\x41\x04\x03\x53\x41\x04\x00\x12\x41\x04\x00\x16\x41\x04\x20\x16\x41\x04\x00\x42\x41\x04\x00\x46\x41\x04\x20\x46\x41\x04\x40\x12\x41\x04\x60\x12\x41\x04\x40\x42\x41\x04\x60\x42\x41\x04\x00\x18\x41\x04\x00\x08\x41\x04\x80\x13\x41\x04\xa0\x13\x41\x04\x80\x52\x41\x04\xa0\x52\x41\x04\x80\x72\x5e\x04\x80\x42\x41\x04\xc0\x52\x41\x04\xe0\x52\x41\x04\xc0\x42\x41\x04\xe0\x42\x41\x04\xad\xde\x00\x14"
+#define HPPA_11_CODE_BE  "\x24\x41\x40\xc3\x24\x41\x60\xc3\x24\x41\x40\xe3\x24\x41\x60\xe3\x24\x41\x68\xe3\x2c\x41\x40\xc3\x2c\x41\x60\xc3\x2c\x41\x40\xe3\x2c\x41\x60\xe3\x2c\x41\x68\xe3\x24\x62\x42\xc1\x24\x62\x62\xc1\x24\x62\x42\xe1\x24\x62\x46\xe1\x24\x62\x62\xe1\x24\x62\x6a\xe1\x2c\x62\x42\xc1\x2c\x62\x62\xc1\x2c\x62\x42\xe1\x2c\x62\x46\xe1\x2c\x62\x62\xe1\x2c\x62\x6a\xe1\x24\x3e\x50\xc2\x24\x3e\x50\xe2\x24\x3e\x70\xe2\x24\x3e\x78\xe2\x2c\x3e\x50\xc2\x2c\x3e\x50\xe2\x2c\x3e\x70\xe2\x2c\x3e\x78\xe2\x24\x5e\x52\xc1\x24\x5e\x52\xe1\x24\x5e\x56\xe1\x24\x5e\x72\xe1\x24\x5e\x7a\xe1\x2c\x5e\x52\xc1\x2c\x5e\x52\xe1\x2c\x5e\x56\xe1\x2c\x5e\x72\xe1\x2c\x5e\x7a\xe1"
+#define HPPA_11_CODE     "\xc3\x40\x41\x24\xc3\x60\x41\x24\xe3\x40\x41\x24\xe3\x60\x41\x24\xe3\x68\x41\x24\xc3\x40\x41\x2c\xc3\x60\x41\x2c\xe3\x40\x41\x2c\xe3\x60\x41\x2c\xe3\x68\x41\x2c\xc1\x42\x62\x24\xc1\x62\x62\x24\xe1\x42\x62\x24\xe1\x46\x62\x24\xe1\x62\x62\x24\xe1\x6a\x62\x24\xc1\x42\x62\x2c\xc1\x62\x62\x2c\xe1\x42\x62\x2c\xe1\x46\x62\x2c\xe1\x62\x62\x2c\xe1\x6a\x62\x2c\xc2\x50\x3e\x24\xe2\x50\x3e\x24\xe2\x70\x3e\x24\xe2\x78\x3e\x24\xc2\x50\x3e\x2c\xe2\x50\x3e\x2c\xe2\x70\x3e\x2c\xe2\x78\x3e\x2c\xc1\x52\x5e\x24\xe1\x52\x5e\x24\xe1\x56\x5e\x24\xe1\x72\x5e\x24\xe1\x7a\x5e\x24\xc1\x52\x5e\x2c\xe1\x52\x5e\x2c\xe1\x56\x5e\x2c\xe1\x72\x5e\x2c\xe1\x7a\x5e\x2c"
+#endif
+
+struct platform platforms[] = {
+#ifdef CAPSTONE_HAS_X86
+		{
+			CS_ARCH_X86,
+			CS_MODE_16,
+			(unsigned char *)X86_CODE16,
+			sizeof(X86_CODE32) - 1,
+			"X86 16bit (Intel syntax)"
+		},
+		{
+			CS_ARCH_X86,
+			CS_MODE_32,
+			(unsigned char *)X86_CODE32,
+			sizeof(X86_CODE32) - 1,
+			"X86 32bit (ATT syntax)",
+			CS_OPT_SYNTAX,
+			CS_OPT_SYNTAX_ATT,
+		},
+		{
+			CS_ARCH_X86,
+			CS_MODE_32,
+			(unsigned char *)X86_CODE32,
+			sizeof(X86_CODE32) - 1,
+			"X86 32 (Intel syntax)"
+		},
+		{
+			CS_ARCH_X86,
+			CS_MODE_64,
+			(unsigned char *)X86_CODE64,
+			sizeof(X86_CODE64) - 1,
+			"X86 64 (Intel syntax)"
+		},
+#endif
+#ifdef CAPSTONE_HAS_ARM
+		{
+			CS_ARCH_ARM,
+			CS_MODE_ARM,
+			(unsigned char *)ARM_CODE,
+			sizeof(ARM_CODE) - 1,
+			"ARM"
+		},
+		{
+			CS_ARCH_ARM,
+			CS_MODE_THUMB,
+			(unsigned char *)THUMB_CODE2,
+			sizeof(THUMB_CODE2) - 1,
+			"THUMB-2"
+		},
+		{
+			CS_ARCH_ARM,
+			CS_MODE_ARM,
+			(unsigned char *)ARM_CODE2,
+			sizeof(ARM_CODE2) - 1,
+			"ARM: Cortex-A15 + NEON"
+		},
+		{
+			CS_ARCH_ARM,
+			CS_MODE_THUMB,
+			(unsigned char *)THUMB_CODE,
+			sizeof(THUMB_CODE) - 1,
+			"THUMB"
+		},
+#endif
+#ifdef CAPSTONE_HAS_MIPS
+		{
+			CS_ARCH_MIPS,
+			(cs_mode)(CS_MODE_MIPS32 + CS_MODE_BIG_ENDIAN),
+			(unsigned char *)MIPS_CODE,
+			sizeof(MIPS_CODE) - 1,
+			"MIPS-32 (Big-endian)"
+		},
+		{
+			CS_ARCH_MIPS,
+			(cs_mode)(CS_MODE_MIPS64 + CS_MODE_LITTLE_ENDIAN),
+			(unsigned char *)MIPS_CODE2,
+			sizeof(MIPS_CODE2) - 1,
+			"MIPS-64-EL (Little-endian)"
+		},
+#endif
+#ifdef CAPSTONE_HAS_AARCH64
+		{
+			CS_ARCH_AARCH64,
+			CS_MODE_ARM,
+			(unsigned char *)AARCH64_CODE,
+			sizeof(AARCH64_CODE) - 1,
+			"AARCH64"
+		},
+#endif
+#ifdef CAPSTONE_HAS_POWERPC
+		{
+			CS_ARCH_PPC,
+			CS_MODE_BIG_ENDIAN,
+			(unsigned char*)PPC_CODE,
+			sizeof(PPC_CODE) - 1,
+			"PPC-64"
+		},
+#endif
+#ifdef CAPSTONE_HAS_SPARC
+		{
+			CS_ARCH_SPARC,
+			CS_MODE_BIG_ENDIAN,
+			(unsigned char*)SPARC_CODE,
+			sizeof(SPARC_CODE) - 1,
+			"Sparc"
+		},
+		{
+			CS_ARCH_SPARC,
+			(cs_mode)(CS_MODE_BIG_ENDIAN + CS_MODE_V9),
+			(unsigned char*)SPARCV9_CODE,
+			sizeof(SPARCV9_CODE) - 1,
+			"SparcV9"
+		},
+#endif
+#ifdef CAPSTONE_HAS_SYSZ
+		{
+			CS_ARCH_SYSZ,
+			(cs_mode)0,
+			(unsigned char*)SYSZ_CODE,
+			sizeof(SYSZ_CODE) - 1,
+			"SystemZ"
+		},
+#endif
+#ifdef CAPSTONE_HAS_XCORE
+		{
+			CS_ARCH_XCORE,
+			(cs_mode)0,
+			(unsigned char*)XCORE_CODE,
+			sizeof(XCORE_CODE) - 1,
+			"XCore"
+		},
+#endif
+#ifdef CAPSTONE_HAS_M680X
+		{
+			CS_ARCH_M680X,
+			(cs_mode)CS_MODE_M680X_6809,
+			(unsigned char*)M680X_CODE,
+			sizeof(M680X_CODE) - 1,
+			"M680X_6809"
+		},
+#endif
+#ifdef CAPSTONE_HAS_MOS65XX
+		{
+			CS_ARCH_MOS65XX,
+			(cs_mode)CS_MODE_LITTLE_ENDIAN,
+			(unsigned char*)MOS65XX_CODE,
+			sizeof(MOS65XX_CODE) - 1,
+			"MOS65XX"
+		},
+#endif
+#ifdef CAPSTONE_HAS_BPF
+		{
+			CS_ARCH_BPF,
+			CS_MODE_LITTLE_ENDIAN | CS_MODE_BPF_EXTENDED,
+			(unsigned char*) EBPF_CODE,
+			sizeof(EBPF_CODE) - 1,
+			"eBPF"
+		},
+#endif
+#ifdef CAPSTONE_HAS_RISCV
+		{
+			CS_ARCH_RISCV,
+			CS_MODE_RISCV32,
+			(unsigned char *)RISCV_CODE32,
+			sizeof(RISCV_CODE32) - 1,
+			"RISCV32"
+		},
+		{
+			CS_ARCH_RISCV,
+			CS_MODE_RISCV64,
+			(unsigned char *)RISCV_CODE64,
+			sizeof(RISCV_CODE64) - 1,
+			"RISCV64"
+		},
+#endif
+#ifdef CAPSTONE_HAS_TRICORE
+	    {
+		CS_ARCH_TRICORE,
+		CS_MODE_TRICORE_162,
+		(unsigned char*)TRICORE_CODE,
+		sizeof(TRICORE_CODE) - 1,
+		"TriCore"
+	    },
+#endif
+#ifdef CAPSTONE_HAS_ALPHA
+	    {
+		CS_ARCH_ALPHA,
+		CS_MODE_LITTLE_ENDIAN,
+		(unsigned char*)ALPHA_CODE,
+		sizeof(ALPHA_CODE) - 1,
+		"Alpha (Little-endian)"
+	    },
+	    {
+		CS_ARCH_ALPHA,
+		CS_MODE_BIG_ENDIAN,
+		(unsigned char*)ALPHA_CODE_BE,
+		sizeof(ALPHA_CODE) - 1,
+		"Alpha (Big-endian)"
+	    },
+#endif
+#ifdef CAPSTONE_HAS_HPPA
+	    {
+		CS_ARCH_HPPA,
+		CS_MODE_BIG_ENDIAN | CS_MODE_HPPA_20,
+		(unsigned char*)HPPA_20_CODE_BE,
+		sizeof(HPPA_20_CODE_BE) - 1,
+		"HPPA 2.0 (Big-endian)"
+	    },
+	    {
+		CS_ARCH_HPPA,
+		CS_MODE_LITTLE_ENDIAN | CS_MODE_HPPA_20,
+		(unsigned char*)HPPA_20_CODE,
+		sizeof(HPPA_20_CODE) - 1,
+		"HPPA 2.0 (Little-endian)"
+	    },
+	    {
+		CS_ARCH_HPPA,
+		CS_MODE_BIG_ENDIAN | CS_MODE_HPPA_11,
+		(unsigned char*)HPPA_11_CODE_BE,
+		sizeof(HPPA_11_CODE_BE) - 1,
+		"HPPA 1.1 (Big-endian)"
+	    },
+	    {
+		CS_ARCH_HPPA,
+		CS_MODE_LITTLE_ENDIAN | CS_MODE_HPPA_11,
+		(unsigned char*)HPPA_11_CODE,
+		sizeof(HPPA_11_CODE) - 1,
+		"HPPA 1.1 (Little-endian)"
+	    },
+#endif
+	};
+
+	csh handle;
+	uint64_t address;
+	cs_insn *insn;
+	cs_detail *detail;
+	int i;
+	cs_err err;
+	const uint8_t *code;
+	size_t size;
+
+	for (i = 0; i < sizeof(platforms)/sizeof(platforms[0]); i++) {
+		printf("****************\n");
+		printf("Platform: %s\n", platforms[i].comment);
+		err = cs_open(platforms[i].arch, platforms[i].mode, &handle);
+		if (err) {
+			printf("Failed on cs_open() with error returned: %u\n", err);
+			abort();
+		}
+
+		if (platforms[i].opt_type)
+			cs_option(handle, platforms[i].opt_type, platforms[i].opt_value);
+
+		cs_option(handle, CS_OPT_DETAIL, CS_OPT_ON);
+
+		// allocate memory for the cache to be used by cs_disasm_iter()
+		insn = cs_malloc(handle);
+
+		print_string_hex(platforms[i].code, platforms[i].size);
+		printf("Disasm:\n");
+
+		address = 0x1000;
+		code = platforms[i].code;
+		size = platforms[i].size;
+		while(cs_disasm_iter(handle, &code, &size, &address, insn)) {
+			int n;
+
+			printf("0x%" PRIx64 ":\t%s\t\t%s // insn-ID: %u, insn-mnem: %s\n",
+					insn->address, insn->mnemonic, insn->op_str,
+					insn->id, cs_insn_name(handle, insn->id));
+
+			// print implicit registers used by this instruction
+			detail = insn->detail;
+
+			if (detail->regs_read_count > 0) {
+				printf("\tImplicit registers read: ");
+				for (n = 0; n < detail->regs_read_count; n++) {
+					printf("%s ", cs_reg_name(handle, detail->regs_read[n]));
+				}
+				printf("\n");
+			}
+
+			// print implicit registers modified by this instruction
+			if (detail->regs_write_count > 0) {
+				printf("\tImplicit registers modified: ");
+				for (n = 0; n < detail->regs_write_count; n++) {
+					printf("%s ", cs_reg_name(handle, detail->regs_write[n]));
+				}
+				printf("\n");
+			}
+
+			// print the groups this instruction belong to
+			if (detail->groups_count > 0) {
+				printf("\tThis instruction belongs to groups: ");
+				for (n = 0; n < detail->groups_count; n++) {
+					printf("%s ", cs_group_name(handle, detail->groups[n]));
+				}
+				printf("\n");
+			}
+		}
+
+		printf("\n");
+
+		// free memory allocated by cs_malloc()
+		cs_free(insn, 1);
+
+		cs_close(&handle);
+	}
+}
+
+int main()
+{
+	test();
+
+	return 0;
+}

thirdparty/capstone/tests/integration/test_skipdata.c

@@ -0,0 +1,184 @@
+/* Capstone Disassembler Engine */
+/* By Nguyen Anh Quynh <aquynh@gmail.com>, 2013-2019 */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <capstone/platform.h>
+#include <capstone/capstone.h>
+
+struct platform {
+	cs_arch arch;
+	cs_mode mode;
+	unsigned char *code;
+	size_t size;
+	const char *comment;
+	cs_opt_type opt_type;
+	cs_opt_value opt_value;
+	cs_opt_type opt_skipdata;
+	size_t skipdata;
+};
+
+static void print_string_hex(unsigned char *str, size_t len)
+{
+	unsigned char *c;
+
+	printf("Code: ");
+	for (c = str; c < str + len; c++) {
+		printf("0x%02x ", *c & 0xff);
+	}
+	printf("\n");
+}
+
+#ifdef CAPSTONE_HAS_ARM
+static size_t CAPSTONE_API mycallback(const uint8_t *buffer, size_t buffer_size, size_t offset, void *p)
+{
+	// always skip 2 bytes when encountering data
+	return 2;
+}
+#endif
+
+static void test()
+{
+#ifdef CAPSTONE_HAS_X86
+#define X86_CODE32 "\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00\x00\x91\x92"
+#endif
+#define RANDOM_CODE "\xed\x00\x00\x00\x00\x1a\x5a\x0f\x1f\xff\xc2\x09\x80\x00\x00\x00\x07\xf7\xeb\x2a\xff\xff\x7f\x57\xe3\x01\xff\xff\x7f\x57\xeb\x00\xf0\x00\x00\x24\xb2\x4f\x00\x78"
+
+#if defined(CAPSTONE_HAS_X86)
+	cs_opt_skipdata skipdata = {
+		// rename default "data" instruction from ".byte" to "db"
+		"db",
+	};
+#endif
+
+#ifdef CAPSTONE_HAS_ARM
+	cs_opt_skipdata skipdata_callback = {
+		"db",
+		&mycallback,
+	};
+#endif
+
+	struct platform platforms[] = {
+#ifdef CAPSTONE_HAS_X86
+		{
+			CS_ARCH_X86,
+			CS_MODE_32,
+			(unsigned char*)X86_CODE32,
+			sizeof(X86_CODE32) - 1,
+			"X86 32 (Intel syntax) - Skip data",
+		},
+		{
+			CS_ARCH_X86,
+			CS_MODE_32,
+			(unsigned char*)X86_CODE32,
+			sizeof(X86_CODE32) - 1,
+			"X86 32 (Intel syntax) - Skip data with custom mnemonic",
+			CS_OPT_INVALID,
+			CS_OPT_OFF,
+			CS_OPT_SKIPDATA_SETUP,
+			(size_t) &skipdata,
+		},
+#endif
+#ifdef CAPSTONE_HAS_ARM
+		{
+			CS_ARCH_ARM,
+			CS_MODE_ARM,
+			(unsigned char*)RANDOM_CODE,
+			sizeof(RANDOM_CODE) - 1,
+			"Arm - Skip data",
+		},
+		{
+			CS_ARCH_ARM,
+			CS_MODE_ARM,
+			(unsigned char*)RANDOM_CODE,
+			sizeof(RANDOM_CODE) - 1,
+			"Arm - Skip data with callback",
+			CS_OPT_INVALID,
+			CS_OPT_OFF,
+			CS_OPT_SKIPDATA_SETUP,
+			(size_t) &skipdata_callback,
+		},
+#endif
+	};
+
+	csh handle;
+	uint64_t address = 0x1000;
+	cs_insn *insn;
+	cs_err err;
+	int i;
+	size_t count;
+
+	for (i = 0; i < sizeof(platforms)/sizeof(platforms[0]); i++) {
+		printf("****************\n");
+		printf("Platform: %s\n", platforms[i].comment);
+		err = cs_open(platforms[i].arch, platforms[i].mode, &handle);
+		if (err) {
+			printf("Failed on cs_open() with error returned: %u\n", err);
+			abort();
+		}
+
+		if (platforms[i].opt_type)
+			cs_option(handle, platforms[i].opt_type, platforms[i].opt_value);
+
+		// turn on SKIPDATA mode
+		cs_option(handle, CS_OPT_SKIPDATA, CS_OPT_ON);
+		cs_option(handle, platforms[i].opt_skipdata, platforms[i].skipdata);
+
+		count = cs_disasm(handle, platforms[i].code, platforms[i].size, address, 0, &insn);
+		if (count) {
+			size_t j;
+
+			print_string_hex(platforms[i].code, platforms[i].size);
+			printf("Disasm:\n");
+
+			for (j = 0; j < count; j++) {
+				printf("0x%" PRIx64 ":\t%s\t\t%s\n",
+						insn[j].address, insn[j].mnemonic, insn[j].op_str);
+			}
+
+			// print out the next offset, after the last insn
+			printf("0x%" PRIx64 ":\n", insn[j-1].address + insn[j-1].size);
+
+			// free memory allocated by cs_disasm()
+			cs_free(insn, count);
+		} else {
+			printf("****************\n");
+			printf("Platform: %s\n", platforms[i].comment);
+			print_string_hex(platforms[i].code, platforms[i].size);
+			printf("ERROR: Failed to disasm given code!\n");
+			abort();
+		}
+
+		printf("\n");
+
+		cs_close(&handle);
+	}
+}
+
+int main()
+{
+	test();
+
+#if 0
+	#define offsetof(st, m) __builtin_offsetof(st, m)
+
+	cs_insn insn;
+	printf("size: %lu\n", sizeof(insn));
+	printf("@id: %lu\n", offsetof(cs_insn, id));
+	printf("@address: %lu\n", offsetof(cs_insn, address));
+	printf("@size: %lu\n", offsetof(cs_insn, size));
+	printf("@bytes: %lu\n", offsetof(cs_insn, bytes));
+	printf("@mnemonic: %lu\n", offsetof(cs_insn, mnemonic));
+	printf("@op_str: %lu\n", offsetof(cs_insn, op_str));
+	printf("@regs_read: %lu\n", offsetof(cs_insn, regs_read));
+	printf("@regs_read_count: %lu\n", offsetof(cs_insn, regs_read_count));
+	printf("@regs_write: %lu\n", offsetof(cs_insn, regs_write));
+	printf("@regs_write_count: %lu\n", offsetof(cs_insn, regs_write_count));
+	printf("@groups: %lu\n", offsetof(cs_insn, groups));
+	printf("@groups_count: %lu\n", offsetof(cs_insn, groups_count));
+	printf("@arch: %lu\n", offsetof(cs_insn, x86));
+#endif
+
+	return 0;
+}

thirdparty/capstone/tests/integration/test_winkernel.cpp

@@ -0,0 +1,172 @@
+/* Capstone Disassembly Engine */
+/* By Satoshi Tanda <tanda.sat@gmail.com>, 2016 */
+
+#include <ntddk.h>
+
+#include <capstone/platform.h>
+#include <capstone/capstone.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "../utils.h"   // for cs_snprintf
+
+#ifdef __cplusplus
+}
+#endif
+
+EXTERN_C DRIVER_INITIALIZE DriverEntry;
+
+#pragma warning(push)
+#pragma warning(disable : 4005)   // 'identifier' : macro redefinition
+#pragma warning(disable : 4007)   // 'main': must be '__cdecl'
+
+// Drivers must protect floating point hardware state. See use of float.
+// Use KeSaveFloatingPointState/KeRestoreFloatingPointState around floating
+// point operations. Display Drivers should use the corresponding Eng... routines.
+#pragma warning(disable : 28110)  // Suppress this, as it is false positive.
+
+// "Import" existing tests into this file. All code is encaptured into unique
+// namespace so that the same name does not conflict. Beware that those code
+// is going to be compiled as C++ source file and not C files because this file
+// is C++.
+
+namespace basic {
+#include "test_basic.c"
+}  // namespace basic
+
+namespace detail {
+#include "test_detail.c"
+}  // namespace detail
+
+namespace skipdata {
+#include "test_skipdata.c"
+}  // namespace skipdata
+
+namespace iter {
+#include "test_iter.c"
+}  // namespace iter
+
+namespace customized_mnem_ {
+#include "test_customized_mnem.c"
+}  // namespace customized_mnem_
+
+namespace arm {
+#include "test_arm.c"
+}  // namespace arm
+
+namespace arm64 {
+#include "test_aarch64.c"
+}  // namespace arm64
+
+namespace mips {
+#include "test_mips.c"
+}  // namespace mips
+
+namespace m68k {
+#include "test_m68k.c"
+}  // namespace m68k
+
+namespace ppc {
+#include "test_ppc.c"
+}  // namespace ppc
+
+namespace sparc {
+#include "test_sparc.c"
+}  // namespace sparc
+
+namespace systemz {
+#include "test_systemz.c"
+}  // namespace systemz
+
+namespace x86 {
+#include "test_x86.c"
+}  // namespace x86
+
+namespace xcore {
+#include "test_xcore.c"
+}  // namespace xcore
+
+#pragma warning(pop)
+
+// Exercises all existing regression tests
+static void test()
+{
+	KFLOATING_SAVE float_save;
+	NTSTATUS status;
+
+	// Any of Capstone APIs cannot be called at IRQL higher than DISPATCH_LEVEL
+	// since our malloc implementation using ExAllocatePoolWithTag() is able to
+	// allocate memory only up to the DISPATCH_LEVEL level.
+	NT_ASSERT(KeGetCurrentIrql() <= DISPATCH_LEVEL);
+
+	// On a 32bit driver, KeSaveFloatingPointState() is required before using any
+	// Capstone function because Capstone can access to the MMX/x87 registers and
+	// 32bit Windows requires drivers to use KeSaveFloatingPointState() before and
+	// KeRestoreFloatingPointState() after accessing them. See "Using Floating
+	// Point or MMX in a WDM Driver" on MSDN for more details.
+	status = KeSaveFloatingPointState(&float_save);
+	if (!NT_SUCCESS(status)) {
+		printf("ERROR: Failed to save floating point state!\n");
+		return;
+	}
+
+	basic::test();
+	detail::test();
+	skipdata::test();
+	iter::test();
+	customized_mnem_::test();
+	arm::test();
+	arm64::test();
+	mips::test();
+	m68k::test();
+	ppc::test();
+	sparc::test();
+	systemz::test();
+	x86::test();
+	xcore::test();
+
+	// Restores the nonvolatile floating-point context.
+	KeRestoreFloatingPointState(&float_save);
+}
+
+// Functional test for cs_winkernel_vsnprintf()
+static void cs_winkernel_vsnprintf_test()
+{
+	char buf[10];
+	bool ok = true;
+	ok = (ok && cs_snprintf(buf, sizeof(buf), "%s", "") == 0 && strcmp(buf, "") == 0);
+	ok = (ok && cs_snprintf(buf, sizeof(buf), "%s", "0") == 1 && strcmp(buf, "0") == 0);
+	ok = (ok && cs_snprintf(buf, sizeof(buf), "%s", "012345678") == 9 && strcmp(buf, "012345678") == 0);
+	ok = (ok && cs_snprintf(buf, sizeof(buf), "%s", "0123456789") == 10 && strcmp(buf, "012345678") == 0);
+	ok = (ok && cs_snprintf(buf, sizeof(buf), "%s", "01234567890") == 11 && strcmp(buf, "012345678") == 0);
+	ok = (ok && cs_snprintf(buf, sizeof(buf), "%s", "0123456789001234567890") == 22 && strcmp(buf, "012345678") == 0);
+	if (!ok) {
+		printf("ERROR: cs_winkernel_vsnprintf_test() did not produce expected results!\n");
+	}
+}
+
+// Driver entry point
+EXTERN_C NTSTATUS DriverEntry(PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath)
+{
+	UNREFERENCED_PARAMETER(DriverObject);
+	UNREFERENCED_PARAMETER(RegistryPath);
+	cs_winkernel_vsnprintf_test();
+	test();
+	return STATUS_CANCELLED;
+}
+
+// This functions mimics printf() but does not return the same value as printf()
+// would do. printf() is required to exercise regression tests.
+_Use_decl_annotations_
+int __cdecl printf(const char * format, ...)
+{
+	NTSTATUS status;
+	va_list args;
+
+	va_start(args, format);
+	status = vDbgPrintEx(DPFLTR_DEFAULT_ID, DPFLTR_ERROR_LEVEL, format, args);
+	va_end(args);
+	return NT_SUCCESS(status);
+}