Standardize X86 register names

Add some infrastructure for flexible register name matching (i.e. using
'PC' to look up RIP):

 - `Arch.to_regname` tries to look up a register's standard name from an
   arbitrary string.

 - `ArchX86` overrides `to_regname` to resolve alias names for
   registers. Currently just 'PC' for 'RIP'.

 - `ProgramState.read` and `ProgramState.write` use `to_regname` to make
   register access more convenient.

Add all flags with their standard abbreviations to `x86.regnames`.

Implement a full RFLAGS decomposition into its individual flags in
`x86`. Replace the hacks in `run.py` and `miasm_test.py` with this more
complete solution.

Co-authored-by: Theofilos Augoustis <theofilos.augoustis@gmail.com>
Co-authored-by: Nicola Crivellin <nicola.crivellin98@gmail.com>

1 files changed, 74 insertions, 24 deletions

diff --git a/arch/x86.py b/arch/x86.py
index 2b27315..01c1631 100644
--- a/arch/x86.py
+++ b/arch/x86.py
@@ -3,31 +3,81 @@
 from .arch import Arch
 
 # Names of registers in the architexture
-regnames = ['PC',
-            'RAX',
-            'RBX',
-            'RCX',
-            'RDX',
-            'RSI',
-            'RDI',
-            'RBP',
-            'RSP',
-            'R8',
-            'R9',
-            'R10',
-            'R11',
-            'R12',
-            'R13',
-            'R14',
-            'R15',
-            'RFLAGS',
-            'flag ZF',
-            'flag CF',
-            'flag OF',
-            'flag SF',
-            'flag PF',
-            'flag DF']
+regnames = [
+    'RIP',
+    'RAX',
+    'RBX',
+    'RCX',
+    'RDX',
+    'RSI',
+    'RDI',
+    'RBP',
+    'RSP',
+    'R8',
+    'R9',
+    'R10',
+    'R11',
+    'R12',
+    'R13',
+    'R14',
+    'R15',
+    'RFLAGS',
+    # FLAGS
+    'CF', 'PF', 'AF', 'ZF', 'SF', 'TF', 'IF', 'DF', 'OF', 'IOPL', 'NT',
+    # EFLAGS
+    'RF', 'VM', 'AC', 'VIF', 'VIP', 'ID',
+]
+
+# A dictionary mapping aliases to standard register names.
+regname_aliases = {
+    'PC': 'RIP',
+}
+
+def decompose_rflags(rflags: int) -> dict[str, int]:
+    """Decompose the RFLAGS register's value into its separate flags.
+
+    Uses flag name abbreviation conventions from
+    `https://en.wikipedia.org/wiki/FLAGS_register`.
+
+    :param rflags: The RFLAGS register value.
+    :return: A dictionary mapping Miasm's flag names to their values.
+    """
+    return {
+        # FLAGS
+        'CF':     rflags & 0x0001,
+                         # 0x0002   reserved
+        'PF':     rflags & 0x0004,
+                         # 0x0008   reserved
+        'AF':     rflags & 0x0010,
+                         # 0x0020   reserved
+        'ZF':     rflags & 0x0040,
+        'SF':     rflags & 0x0080,
+        'TF':     rflags & 0x0100,
+        'IF':     rflags & 0x0200,
+        'DF':     rflags & 0x0400,
+        'OF':     rflags & 0x0800,
+        'IOPL':   rflags & 0x3000,
+        'NT':     rflags & 0x4000,
+
+        # EFLAGS
+        'RF':     rflags & 0x00010000,
+        'VM':     rflags & 0x00020000,
+        'AC':     rflags & 0x00040000,
+        'VIF':    rflags & 0x00080000,
+        'VIP':    rflags & 0x00100000,
+        'ID':     rflags & 0x00200000,
+    }
 
 class ArchX86(Arch):
     def __init__(self):
         super().__init__("X86", regnames)
+
+    def to_regname(self, name: str) -> str | None:
+        """The X86 override of the standard register name lookup.
+
+        Applies certain register name aliases.
+        """
+        reg = super().to_regname(name)
+        if reg in regname_aliases:
+            return regname_aliases[reg]
+        return reg