Eric Pouech wrote:
- first of all, a lot of code should be factorized
Can you give me an example of what factorised means here? I assume that you would like to see the common register code for mod 0, 1, 2 reduced. If that is the case, I thought that the variation in mod 0 rm 6 made combining it somewhat messy and that the code would execute faster by keeping sections separate. If that is not what you meant or I am wrong about the performance aspects, let me know.
- segment is always expressed as an unsigned short (even in ADDRESS
structure), so you shouldn't convert it to an int...
My mistake, is it better to use unsigned short or WORD when specifying this?
- ...
A+
- case 0xe8: /* Call near, relative to
next instruction */
callee->Mode = get_selector_type(dbg_curr_thread->handle,
&dbg_context, dbg_context.SegCs);+ if (callee->Mode == AddrMode1616) {
if (!dbg_read_memory((const char*)insn + 1, &delta16,
sizeof(delta16)))
return FALSE;
delta = delta16; /* Align to 32 bits */
in this case, the callee should be kept as AddrMode1616, not in flat mode.
What happens given that there is no segment filled in the callee structure? Happy to fix it but I thought that as the segment is not filled in it would be a flat mode.
return TRUE;
} + else if (reg == 0x03) /* Indirect
Far call into other segment */
{
far char * faraddr;
you shouldn't need the far here (it brings nothing)
My reading of the m16:32 was that I needed 6 bytes bytes for the address, ie it was a far address. Hence the far. Are you saying that the indirect address is actually a near address?
/* Extract the far address of the indirect address */
if (dbg_read_memory((const char*)insn + 2, &faraddr,
sizeof(faraddr)))
return FALSE;
/* Extract the far address of the callee */
if (dbg_read_memory((const char*)faraddr + sizeof(delta),
&segment, sizeof(segment)))
return FALSE;
Jeff Latimer