uint_t br_taken : 1; // 0x3E
uint_t op_size : 1; // 0x66
uint_t addr_size : 1; // 0x67
+ struct {
+ uint_t rm : 1; // REX.B
+ uint_t sib_idx : 1; // REX.X
+ uint_t reg : 1; // REX.R
+ uint_t op_size : 1; // REX.W
+ uint8_t rsvd : 4;
+ } __attribute__((packed)) rex;
} __attribute__((packed));
uint8_t v3_get_prefixes(uint8_t * instr, struct x86_prefixes * prefixes);
-
void v3_print_instr(struct x86_instr * instr);
switch (v3_get_vm_cpu_mode(info)) {
case REAL:
return (instr->prefixes.addr_size) ? 4 : 2;
+ case LONG:
+ return 8;
case PROTECTED:
case PROTECTED_PAE:
- return (instr->prefixes.addr_size) ? 2 : 4;
case LONG_32_COMPAT:
- case LONG:
+ if (info->segments.cs.db) {
+ return (instr->prefixes.addr_size) ? 2 : 4;
+ } else {
+ return (instr->prefixes.addr_size) ? 4 : 2;
+ }
default:
PrintError("Unsupported CPU mode: %d\n", info->cpu_mode);
return -1;
case OR_IMM2SX_8:
case SUB_IMM2SX_8:
case XOR_IMM2SX_8:
- switch (v3_get_vm_cpu_mode(info)) {
+ switch (v3_get_vm_cpu_mode(info)) {
case REAL:
return (instr->prefixes.op_size) ? 4 : 2;
+ case LONG:
+ if (instr->prefixes.rex.op_size) {
+ return 8;
+ }
case PROTECTED:
case PROTECTED_PAE:
- return (instr->prefixes.op_size) ? 2 : 4;
case LONG_32_COMPAT:
- case LONG:
+ if (info->segments.cs.db) {
+ // default is 32
+ return (instr->prefixes.op_size) ? 2 : 4;
+ } else {
+ return (instr->prefixes.op_size) ? 4 : 2;
+ }
default:
PrintError("Unsupported CPU mode: %d\n", info->cpu_mode);
return -1;
return 0;
case PROTECTED:
case PROTECTED_PAE:
- return 4;
case LONG_32_COMPAT:
+
+ return 4;
case LONG:
+ return 8;
default:
PrintError("Unsupported CPU mode: %d\n", info->cpu_mode);
return -1;
return 2;
case PROTECTED:
case PROTECTED_PAE:
- return 4;
case LONG_32_COMPAT:
+ return 4;
case LONG:
+ return 8;
default:
PrintError("Unsupported CPU mode: %d\n", info->cpu_mode);
return -1;
case REAL:
case PROTECTED:
case PROTECTED_PAE:
- return 4;
case LONG_32_COMPAT:
+
+ return 4;
case LONG:
+ return 8;
default:
PrintError("Unsupported CPU mode: %d\n", info->cpu_mode);
return -1;
}
-
+int decode_rm_operand64(struct guest_info * core, uint8_t * instr_ptr,
+ struct x86_instr * instr, struct x86_operand * operand,
+ uint8_t * reg_code) {
+
+
+ return 0;
+}
static int decode_rm_operand(struct guest_info * core,
if (mode == REAL) {
return decode_rm_operand16(core, instr_ptr, instr, operand, reg_code);
- } else if ((mode == PROTECTED) || (mode == PROTECTED_PAE)) {
+ } else if ((mode == PROTECTED) || (mode == PROTECTED_PAE) || (mode == LONG_32_COMPAT)) {
return decode_rm_operand32(core, instr_ptr, instr, operand, reg_code);
+ } else if (mode == LONG) {
+ return decode_rm_operand64(core, instr_ptr, instr, operand, reg_code);
} else {
PrintError("Invalid CPU_MODE (%d)\n", mode);
return -1;