15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright 2008, Google Inc. 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// All rights reserved. 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Redistribution and use in source and binary forms, with or without 55821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// modification, are permitted provided that the following conditions are 65821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// met: 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// * Redistributions of source code must retain the above copyright 95821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// notice, this list of conditions and the following disclaimer. 105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// * Redistributions in binary form must reproduce the above 115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// copyright notice, this list of conditions and the following disclaimer 125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// in the documentation and/or other materials provided with the 135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// distribution. 145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// * Neither the name of Google Inc. nor the names of its 155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// contributors may be used to endorse or promote products derived from 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// this software without specific prior written permission. 175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// 185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Implementation of MiniDisassembler. 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "sidestep/mini_disassembler.h" 335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace sidestep { 355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)MiniDisassembler::MiniDisassembler(bool operand_default_is_32_bits, 375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool address_default_is_32_bits) 385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) : operand_default_is_32_bits_(operand_default_is_32_bits), 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) address_default_is_32_bits_(address_default_is_32_bits) { 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Initialize(); 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)MiniDisassembler::MiniDisassembler() 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) : operand_default_is_32_bits_(true), 455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) address_default_is_32_bits_(true) { 465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Initialize(); 475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)InstructionType MiniDisassembler::Disassemble( 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) unsigned char* start_byte, 515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) unsigned int* instruction_bytes) { 525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Clean up any state from previous invocations. 535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Initialize(); 545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Start by processing any prefixes. 565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) unsigned char* current_byte = start_byte; 575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) unsigned int size = 0; 585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) InstructionType instruction_type = ProcessPrefixes(current_byte, &size); 595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (IT_UNKNOWN == instruction_type) 615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return instruction_type; 625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) current_byte += size; 645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) size = 0; 655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Invariant: We have stripped all prefixes, and the operand_is_32_bits_ 675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // and address_is_32_bits_ flags are correctly set. 685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) instruction_type = ProcessOpcode(current_byte, 0, &size); 705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Check for error processing instruction 725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if ((IT_UNKNOWN == instruction_type_) || (IT_UNUSED == instruction_type_)) { 735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return IT_UNKNOWN; 745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) current_byte += size; 775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Invariant: operand_bytes_ indicates the total size of operands 795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // specified by the opcode and/or ModR/M byte and/or SIB byte. 805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // pCurrentByte points to the first byte after the ModR/M byte, or after 815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // the SIB byte if it is present (i.e. the first byte of any operands 825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // encoded in the instruction). 835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We get the total length of any prefixes, the opcode, and the ModR/M and 855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // SIB bytes if present, by taking the difference of the original starting 865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // address and the current byte (which points to the first byte of the 875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // operands if present, or to the first byte of the next instruction if 885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // they are not). Adding the count of bytes in the operands encoded in 895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // the instruction gives us the full length of the instruction in bytes. 905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) *instruction_bytes += operand_bytes_ + (current_byte - start_byte); 915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Return the instruction type, which was set by ProcessOpcode(). 935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return instruction_type_; 945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void MiniDisassembler::Initialize() { 975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_is_32_bits_ = operand_default_is_32_bits_; 985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) address_is_32_bits_ = address_default_is_32_bits_; 995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ = 0; 1005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) have_modrm_ = false; 1015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) should_decode_modrm_ = false; 1025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) instruction_type_ = IT_UNKNOWN; 1035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) got_f2_prefix_ = false; 1045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) got_f3_prefix_ = false; 1055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) got_66_prefix_ = false; 1065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 1075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)InstructionType MiniDisassembler::ProcessPrefixes(unsigned char* start_byte, 1095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) unsigned int* size) { 1105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) InstructionType instruction_type = IT_GENERIC; 1115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const Opcode& opcode = s_ia32_opcode_map_[0].table_[*start_byte]; 1125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) switch (opcode.type_) { 1145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case IT_PREFIX_ADDRESS: 1155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) address_is_32_bits_ = !address_default_is_32_bits_; 1165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) goto nochangeoperand; 1175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case IT_PREFIX_OPERAND: 1185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_is_32_bits_ = !operand_default_is_32_bits_; 1195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) nochangeoperand: 1205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case IT_PREFIX: 1215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (0xF2 == (*start_byte)) 1235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) got_f2_prefix_ = true; 1245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) else if (0xF3 == (*start_byte)) 1255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) got_f3_prefix_ = true; 1265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) else if (0x66 == (*start_byte)) 1275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) got_66_prefix_ = true; 1285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) instruction_type = opcode.type_; 1305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) (*size)++; 1315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // we got a prefix, so add one and check next byte 1325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ProcessPrefixes(start_byte + 1, size); 1335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) default: 1345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; // not a prefix byte 1355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return instruction_type; 1385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 1395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)InstructionType MiniDisassembler::ProcessOpcode(unsigned char* start_byte, 1415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) unsigned int table_index, 1425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) unsigned int* size) { 1435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const OpcodeTable& table = s_ia32_opcode_map_[table_index]; // Get our table 1445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) unsigned char current_byte = (*start_byte) >> table.shift_; 1455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) current_byte = current_byte & table.mask_; // Mask out the bits we will use 1465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Check whether the byte we have is inside the table we have. 1485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (current_byte < table.min_lim_ || current_byte > table.max_lim_) { 1495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) instruction_type_ = IT_UNKNOWN; 1505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return instruction_type_; 1515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const Opcode& opcode = table.table_[current_byte]; 1545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (IT_UNUSED == opcode.type_) { 1555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // This instruction is not used by the IA-32 ISA, so we indicate 1565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // this to the user. Probably means that we were pointed to 1575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // a byte in memory that was not the start of an instruction. 1585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) instruction_type_ = IT_UNUSED; 1595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return instruction_type_; 1605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else if (IT_REFERENCE == opcode.type_) { 1615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We are looking at an opcode that has more bytes (or is continued 1625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // in the ModR/M byte). Recursively find the opcode definition in 1635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // the table for the opcode's next byte. 1645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) (*size)++; 1655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ProcessOpcode(start_byte + 1, opcode.table_index_, size); 1665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return instruction_type_; 1675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const SpecificOpcode* specific_opcode = reinterpret_cast< 1705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const SpecificOpcode*>(&opcode); 1715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (opcode.is_prefix_dependent_) { 1725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (got_f2_prefix_ && opcode.opcode_if_f2_prefix_.mnemonic_ != 0) { 1735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) specific_opcode = &opcode.opcode_if_f2_prefix_; 1745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else if (got_f3_prefix_ && opcode.opcode_if_f3_prefix_.mnemonic_ != 0) { 1755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) specific_opcode = &opcode.opcode_if_f3_prefix_; 1765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else if (got_66_prefix_ && opcode.opcode_if_66_prefix_.mnemonic_ != 0) { 1775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) specific_opcode = &opcode.opcode_if_66_prefix_; 1785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Inv: The opcode type is known. 1825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) instruction_type_ = specific_opcode->type_; 1835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Let's process the operand types to see if we have any immediate 1855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // operands, and/or a ModR/M byte. 1865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ProcessOperand(specific_opcode->flag_dest_); 1885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ProcessOperand(specific_opcode->flag_source_); 1895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ProcessOperand(specific_opcode->flag_aux_); 1905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Inv: We have processed the opcode and incremented operand_bytes_ 1925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // by the number of bytes of any operands specified by the opcode 1935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // that are stored in the instruction (not registers etc.). Now 1945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // we need to return the total number of bytes for the opcode and 1955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // for the ModR/M or SIB bytes if they are present. 1965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (table.mask_ != 0xff) { 1985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (have_modrm_) { 1995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // we're looking at a ModR/M byte so we're not going to 2005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // count that into the opcode size 2015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ProcessModrm(start_byte, size); 2025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return IT_GENERIC; 2035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else { 2045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // need to count the ModR/M byte even if it's just being 2055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // used for opcode extension 2065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) (*size)++; 2075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return IT_GENERIC; 2085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else { 2105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (have_modrm_) { 2115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The ModR/M byte is the next byte. 2125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) (*size)++; 2135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ProcessModrm(start_byte + 1, size); 2145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return IT_GENERIC; 2155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else { 2165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) (*size)++; 2175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return IT_GENERIC; 2185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)bool MiniDisassembler::ProcessOperand(int flag_operand) { 2235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool succeeded = true; 2245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (AM_NOT_USED == flag_operand) 2255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return succeeded; 2265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Decide what to do based on the addressing mode. 2285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) switch (flag_operand & AM_MASK) { 2295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // No ModR/M byte indicated by these addressing modes, and no 2305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // additional (e.g. immediate) parameters. 2315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_A: // Direct address 2325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_F: // EFLAGS register 2335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_X: // Memory addressed by the DS:SI register pair 2345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_Y: // Memory addressed by the ES:DI register pair 2355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_IMPLICIT: // Parameter is implicit, occupies no space in 2365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // instruction 2375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 2385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // There is a ModR/M byte but it does not necessarily need 2405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // to be decoded. 2415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_C: // reg field of ModR/M selects a control register 2425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_D: // reg field of ModR/M selects a debug register 2435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_G: // reg field of ModR/M selects a general register 2445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_P: // reg field of ModR/M selects an MMX register 2455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_R: // mod field of ModR/M may refer only to a general register 2465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_S: // reg field of ModR/M selects a segment register 2475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_T: // reg field of ModR/M selects a test register 2485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_V: // reg field of ModR/M selects a 128-bit XMM register 2495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) have_modrm_ = true; 2505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 2515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // In these addressing modes, there is a ModR/M byte and it needs to be 2535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // decoded. No other (e.g. immediate) params than indicated in ModR/M. 2545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_E: // Operand is either a general-purpose register or memory, 2555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // specified by ModR/M byte 2565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_M: // ModR/M byte will refer only to memory 2575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_Q: // Operand is either an MMX register or memory (complex 2585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // evaluation), specified by ModR/M byte 2595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_W: // Operand is either a 128-bit XMM register or memory (complex 2605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // eval), specified by ModR/M byte 2615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) have_modrm_ = true; 2625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) should_decode_modrm_ = true; 2635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 2645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // These addressing modes specify an immediate or an offset value 2665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // directly, so we need to look at the operand type to see how many 2675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // bytes. 2685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_I: // Immediate data. 2695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_J: // Jump to offset. 2705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case AM_O: // Operand is at offset. 2715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) switch (flag_operand & OT_MASK) { 2725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case OT_B: // Byte regardless of operand-size attribute. 2735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ += OS_BYTE; 2745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 2755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case OT_C: // Byte or word, depending on operand-size attribute. 2765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (operand_is_32_bits_) 2775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ += OS_WORD; 2785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) else 2795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ += OS_BYTE; 2805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 2815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case OT_D: // Doubleword, regardless of operand-size attribute. 2825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ += OS_DOUBLE_WORD; 2835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 2845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case OT_DQ: // Double-quadword, regardless of operand-size attribute. 2855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ += OS_DOUBLE_QUAD_WORD; 2865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 2875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case OT_P: // 32-bit or 48-bit pointer, depending on operand-size 2885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // attribute. 2895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (operand_is_32_bits_) 2905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ += OS_48_BIT_POINTER; 2915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) else 2925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ += OS_32_BIT_POINTER; 2935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 2945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case OT_PS: // 128-bit packed single-precision floating-point data. 2955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ += OS_128_BIT_PACKED_SINGLE_PRECISION_FLOATING; 2965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 2975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case OT_Q: // Quadword, regardless of operand-size attribute. 2985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ += OS_QUAD_WORD; 2995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 3005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case OT_S: // 6-byte pseudo-descriptor. 3015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ += OS_PSEUDO_DESCRIPTOR; 3025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 3035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case OT_SD: // Scalar Double-Precision Floating-Point Value 3045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case OT_PD: // Unaligned packed double-precision floating point value 3055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ += OS_DOUBLE_PRECISION_FLOATING; 3065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 3075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case OT_SS: 3085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Scalar element of a 128-bit packed single-precision 3095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // floating data. 3105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We simply return enItUnknown since we don't have to support 3115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // floating point 3125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) succeeded = false; 3135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 3145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case OT_V: // Word or doubleword, depending on operand-size attribute. 3155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (operand_is_32_bits_) 3165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ += OS_DOUBLE_WORD; 3175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) else 3185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ += OS_WORD; 3195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 3205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case OT_W: // Word, regardless of operand-size attribute. 3215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ += OS_WORD; 3225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 3235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Can safely ignore these. 3255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case OT_A: // Two one-word operands in memory or two double-word 3265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // operands in memory 3275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case OT_PI: // Quadword MMX technology register (e.g. mm0) 3285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case OT_SI: // Doubleword integer register (e.g., eax) 3295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 3305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) default: 3325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 3335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 3345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 3355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) default: 3375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 3385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 3395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return succeeded; 3415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 3425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)bool MiniDisassembler::ProcessModrm(unsigned char* start_byte, 3445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) unsigned int* size) { 3455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // If we don't need to decode, we just return the size of the ModR/M 3465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // byte (there is never a SIB byte in this case). 3475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (!should_decode_modrm_) { 3485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) (*size)++; 3495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return true; 3505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 3515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We never care about the reg field, only the combination of the mod 3535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // and r/m fields, so let's start by packing those fields together into 3545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // 5 bits. 3555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) unsigned char modrm = (*start_byte); 3565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) unsigned char mod = modrm & 0xC0; // mask out top two bits to get mod field 3575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) modrm = modrm & 0x07; // mask out bottom 3 bits to get r/m field 3585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) mod = mod >> 3; // shift the mod field to the right place 3595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) modrm = mod | modrm; // combine the r/m and mod fields as discussed 3605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) mod = mod >> 3; // shift the mod field to bits 2..0 3615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Invariant: modrm contains the mod field in bits 4..3 and the r/m field 3635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // in bits 2..0, and mod contains the mod field in bits 2..0 3645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const ModrmEntry* modrm_entry = 0; 3665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (address_is_32_bits_) 3675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) modrm_entry = &s_ia32_modrm_map_[modrm]; 3685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) else 3695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) modrm_entry = &s_ia16_modrm_map_[modrm]; 3705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Invariant: modrm_entry points to information that we need to decode 3725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // the ModR/M byte. 3735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Add to the count of operand bytes, if the ModR/M byte indicates 3755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // that some operands are encoded in the instruction. 3765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (modrm_entry->is_encoded_in_instruction_) 3775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ += modrm_entry->operand_size_; 3785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Process the SIB byte if necessary, and return the count 3805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // of ModR/M and SIB bytes. 3815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (modrm_entry->use_sib_byte_) { 3825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) (*size)++; 3835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return ProcessSib(start_byte + 1, mod, size); 3845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else { 3855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) (*size)++; 3865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return true; 3875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 3885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 3895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)bool MiniDisassembler::ProcessSib(unsigned char* start_byte, 3915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) unsigned char mod, 3925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) unsigned int* size) { 3935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // get the mod field from the 2..0 bits of the SIB byte 3945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) unsigned char sib_base = (*start_byte) & 0x07; 3955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (0x05 == sib_base) { 3965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) switch (mod) { 3975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 0x00: // mod == 00 3985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 0x02: // mod == 10 3995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ += OS_DOUBLE_WORD; 4005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 4015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 0x01: // mod == 01 4025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) operand_bytes_ += OS_BYTE; 4035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 4045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 0x03: // mod == 11 4055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // According to the IA-32 docs, there does not seem to be a disp 4065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // value for this value of mod 4075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) default: 4085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 4095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 4105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 4115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 4125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) (*size)++; 4135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return true; 4145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 4155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 4165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; // namespace sidestep 417