/* ==================================================================== * * ==================================================================== */ void __bea_callspec__ EvIv(PDISASM pMyDisasm) { (*pMyDisasm).Argument1.ArgSize = (*pMyDisasm).Instruction.OperandSize; if ((*pMyDisasm).Instruction.OperandSize >= 32) { GV.ImmediatSize = 32; /* place this instruction before MOD_RM routine to inform it there is an immediat value */ MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); GV.EIP_ += GV.DECALAGE_EIP+4; if (!Security(0, pMyDisasm)) return; (*pMyDisasm).Argument2.ArgType = CONSTANT_TYPE+ABSOLUTE_; (*pMyDisasm).Argument2.ArgSize = 32; if ((*pMyDisasm).Instruction.OperandSize == 64) { (*pMyDisasm).Instruction.Immediat = *((Int32*)(UIntPtr) (GV.EIP_-4)); } else { (*pMyDisasm).Instruction.Immediat = *((UInt32*)(UIntPtr) (GV.EIP_-4)); } } else { GV.ImmediatSize = 16; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); GV.EIP_ += GV.DECALAGE_EIP+2; if (!Security(0, pMyDisasm)) return; (*pMyDisasm).Argument2.ArgType = CONSTANT_TYPE+ABSOLUTE_; (*pMyDisasm).Argument2.ArgSize = 16; (*pMyDisasm).Instruction.Immediat = *((UInt16*)(UIntPtr) (GV.EIP_-2)); } }
/* ==================================================================== * * ==================================================================== */ void __bea_callspec__ EvIb(PDISASM pMyDisasm) { Int8 MyNumber; (*pMyDisasm).Argument2.ArgType = CONSTANT_TYPE+ABSOLUTE_; (*pMyDisasm).Argument2.ArgSize = 8; GV.ImmediatSize = 8; if (GV.OperandSize >= 32) { if (GV.OperandSize == 64) { GV.MemDecoration = Arg1qword; } else { GV.MemDecoration = Arg1dword; } MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); GV.EIP_ += GV.DECALAGE_EIP+3; if (!Security(0, pMyDisasm)) return; if (GV.OperandSize == 32) { #ifndef BEA_LIGHT_DISASSEMBLY MyNumber = *((Int8*)(UIntPtr) (GV.EIP_-1)); if (MyNumber > 0) { (void) CopyFormattedNumber(pMyDisasm, (char*) &(*pMyDisasm).Argument2.ArgMnemonic,"%.2X",(Int64)*((Int8*)(UIntPtr) (GV.EIP_-1))); } else { (void) CopyFormattedNumber(pMyDisasm, (char*) &(*pMyDisasm).Argument2.ArgMnemonic,"%.8X",(Int64)*((Int8*)(IntPtr) (GV.EIP_-1))); } #endif } else { #ifndef BEA_LIGHT_DISASSEMBLY MyNumber = *((Int8*)(UIntPtr) (GV.EIP_-1)); if (MyNumber > 0) { (void) CopyFormattedNumber(pMyDisasm, (char*) &(*pMyDisasm).Argument2.ArgMnemonic,"%.2X",(Int64)*((Int8*)(UIntPtr) (GV.EIP_-1))); } else { (void) CopyFormattedNumber(pMyDisasm, (char*) &(*pMyDisasm).Argument2.ArgMnemonic,"%.16llX",(Int64)*((Int8*)(IntPtr) (GV.EIP_-1))); } #endif } (*pMyDisasm).Instruction.Immediat = *((UInt8*)(UIntPtr) (GV.EIP_-1)); } else { GV.MemDecoration = Arg1word; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); GV.EIP_ += GV.DECALAGE_EIP+3; if (!Security(0, pMyDisasm)) return; #ifndef BEA_LIGHT_DISASSEMBLY (void) CopyFormattedNumber(pMyDisasm, (char*) &(*pMyDisasm).Argument2.ArgMnemonic,"%.4X",(Int64)*((Int8*)(UIntPtr) (GV.EIP_-1))); #endif (*pMyDisasm).Instruction.Immediat = *((UInt8*)(UIntPtr) (GV.EIP_-1)); } }
/* ==================================================================== * * ==================================================================== */ void __bea_callspec__ EvGv(PDISASM pMyDisasm) { (*pMyDisasm).Argument1.ArgSize = (*pMyDisasm).Instruction.OperandSize; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); Reg_Opcode(&(*pMyDisasm).Argument2, pMyDisasm); GV.EIP_ += GV.DECALAGE_EIP; }
/* ==================================================================== * * ==================================================================== */ void __bea_callspec__ GvEd(PDISASM pMyDisasm) { MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); (*pMyDisasm).Argument2.ArgSize = 32; Reg_Opcode(&(*pMyDisasm).Argument1, pMyDisasm); GV.EIP_ += GV.DECALAGE_EIP; }
/* ==================================================================== * * ==================================================================== */ void __bea_callspec__ Eb(PDISASM pMyDisasm) { (*pMyDisasm).Instruction.OperandSize = 8; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); (*pMyDisasm).Argument1.ArgSize = 8; GV.EIP_ += GV.DECALAGE_EIP; }
/* ==================================================================== * * ==================================================================== */ void __bea_callspec__ Eb(PDISASM pMyDisasm) { GV.MemDecoration = Arg1byte; GV.OperandSize = 8; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); GV.OperandSize = 32; GV.EIP_ += GV.DECALAGE_EIP+2; }
/* ==================================================================== * * ==================================================================== */ void __bea_callspec__ GvMptp(PDISASM pMyDisasm) { MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); if (GV.MOD_ == 3) FailDecode(pMyDisasm); Reg_Opcode(&(*pMyDisasm).Argument1, pMyDisasm); (*pMyDisasm).Argument2.ArgSize = (*pMyDisasm).Instruction.OperandSize + 16; (*pMyDisasm).Argument2.ArgType = MEMORY_TYPE + FARPTR_MEM; GV.EIP_ += GV.DECALAGE_EIP; }
/* ==================================================================== * * ==================================================================== */ void __bea_callspec__ GvEw(PDISASM pMyDisasm) { GV.MemDecoration = Arg2word; GV.OriginalOperandSize = GV.OperandSize; GV.OperandSize = 16; MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); GV.OperandSize = GV.OriginalOperandSize; Reg_Opcode(&(*pMyDisasm).Argument1, pMyDisasm); GV.EIP_ += GV.DECALAGE_EIP+2; }
/* ==================================================================== * * ==================================================================== */ void __bea_callspec__ GvEw(PDISASM pMyDisasm) { (*pMyDisasm).Argument2.ArgSize = 16; GV.OriginalOperandSize = (*pMyDisasm).Instruction.OperandSize; (*pMyDisasm).Instruction.OperandSize = 16; MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); (*pMyDisasm).Instruction.OperandSize = GV.OriginalOperandSize; Reg_Opcode(&(*pMyDisasm).Argument1, pMyDisasm); GV.EIP_ += GV.DECALAGE_EIP; }
/* ==================================================================== * * ==================================================================== */ void __bea_callspec__ EvIb(PDISASM pMyDisasm) { (*pMyDisasm).Argument2.ArgType = CONSTANT_TYPE+ABSOLUTE_; (*pMyDisasm).Argument2.ArgSize = 8; GV.ImmediatSize = 8; (*pMyDisasm).Argument1.ArgSize = (*pMyDisasm).Instruction.OperandSize; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); GV.EIP_ += GV.DECALAGE_EIP+1; if (!Security(0, pMyDisasm)) return; (*pMyDisasm).Instruction.Immediat = *((Int8*)(UIntPtr) (GV.EIP_-1)); }
/* ==================================================================== * * ==================================================================== */ void __bea_callspec__ GvEb(PDISASM pMyDisasm) { (*pMyDisasm).Argument2.ArgSize = 8; if ((*pMyDisasm).Instruction.OperandSize == 64) { (*pMyDisasm).Instruction.OperandSize = 8; MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); (*pMyDisasm).Instruction.OperandSize = 64; } else if ((*pMyDisasm).Instruction.OperandSize == 32) { (*pMyDisasm).Instruction.OperandSize = 8; MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); (*pMyDisasm).Instruction.OperandSize = 32; } else { (*pMyDisasm).Instruction.OperandSize = 8; MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); (*pMyDisasm).Instruction.OperandSize = 16; } Reg_Opcode(&(*pMyDisasm).Argument1, pMyDisasm); GV.EIP_ += GV.DECALAGE_EIP; }
/* ==================================================================== * * ==================================================================== */ void __bea_callspec__ EvIv(PDISASM pMyDisasm) { if (GV.OperandSize >= 32) { if (GV.OperandSize == 64) { GV.MemDecoration = Arg1qword; } else { GV.MemDecoration = Arg1dword; } GV.ImmediatSize = 32; /* place this instruction before MOD_RM routine to inform it there is an immediat value */ MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); GV.EIP_ += GV.DECALAGE_EIP+6; if (!Security(0, pMyDisasm)) return; #ifndef BEA_LIGHT_DISASSEMBLY if (GV.OperandSize == 64) { (void) CopyFormattedNumber(pMyDisasm, (char*) &(*pMyDisasm).Argument2.ArgMnemonic,"%.16llX",(Int64) *((Int32*)(UIntPtr) (GV.EIP_-4))); } else { (void) CopyFormattedNumber(pMyDisasm, (char*) &(*pMyDisasm).Argument2.ArgMnemonic,"%.8X",(Int64) *((UInt32*)(UIntPtr) (GV.EIP_-4))); } #endif (*pMyDisasm).Argument2.ArgType = CONSTANT_TYPE+ABSOLUTE_; (*pMyDisasm).Argument2.ArgSize = 32; (*pMyDisasm).Instruction.Immediat = *((UInt32*)(UIntPtr) (GV.EIP_-4)); } else { GV.MemDecoration = Arg1word; GV.ImmediatSize = 16; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); GV.EIP_ += GV.DECALAGE_EIP+4; if (!Security(0, pMyDisasm)) return; #ifndef BEA_LIGHT_DISASSEMBLY (void) CopyFormattedNumber(pMyDisasm, (char*) &(*pMyDisasm).Argument2.ArgMnemonic,"%.4X",(Int64)*((UInt16*)(UIntPtr) (GV.EIP_-2))); #endif (*pMyDisasm).Argument2.ArgType = CONSTANT_TYPE+ABSOLUTE_; (*pMyDisasm).Argument2.ArgSize = 16; (*pMyDisasm).Instruction.Immediat = *((UInt16*)(UIntPtr) (GV.EIP_-2)); } }
/* ==================================================================== * * ==================================================================== */ void __bea_callspec__ GvEb(PDISASM pMyDisasm) { if (GV.OperandSize == 64) { GV.MemDecoration = Arg2byte; GV.OperandSize = 8; MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); GV.OperandSize = 64; } else if (GV.OperandSize == 32) { GV.MemDecoration = Arg2byte; GV.OperandSize = 8; MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); GV.OperandSize = 32; } else { GV.MemDecoration = Arg2byte; GV.OperandSize = 8; MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); GV.OperandSize = 16; } Reg_Opcode(&(*pMyDisasm).Argument1, pMyDisasm); GV.EIP_ += GV.DECALAGE_EIP+2; }
/* ==================================================================== * * ==================================================================== */ void __bea_callspec__ Ev(PDISASM pMyDisasm) { if (GV.OperandSize == 64) { GV.MemDecoration = Arg1qword; } else if (GV.OperandSize == 32) { GV.MemDecoration = Arg1dword; } else { GV.MemDecoration = Arg1word; } MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); GV.EIP_ += GV.DECALAGE_EIP+2; }
/* ==================================================================== * * ==================================================================== */ void __bea_callspec__ EbIb(PDISASM pMyDisasm) { (*pMyDisasm).Argument2.ArgType = CONSTANT_TYPE+ABSOLUTE_; (*pMyDisasm).Argument2.ArgSize = 8; GV.ImmediatSize = 8; GV.MemDecoration = Arg1byte; GV.OperandSize = 8; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); GV.OperandSize = 32; GV.EIP_ += GV.DECALAGE_EIP+3; if (!Security(0, pMyDisasm)) return; #ifndef BEA_LIGHT_DISASSEMBLY (void) CopyFormattedNumber(pMyDisasm, (char*) &(*pMyDisasm).Argument2.ArgMnemonic,"%.8X",(Int64)*((Int8*)(UIntPtr) (GV.EIP_-1))); #endif (*pMyDisasm).Instruction.Immediat = *((UInt8*)(UIntPtr) (GV.EIP_-1)); }
/* ==================================================================== * * ==================================================================== */ void __bea_callspec__ G12_(PDISASM pMyDisasm) { long MyNumber; GV.REGOPCODE = ((*((UInt8*)(UIntPtr) (GV.EIP_+1))) >> 3) & 0x7; if (GV.REGOPCODE == 2) { if (GV.OperandSize == 16) { (*pMyDisasm).Instruction.Category = SSE_INSTRUCTION+SHIFT_ROTATE; GV.MemDecoration = Arg1dqword; GV.ImmediatSize = 8; GV.SSE_ = 1; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); GV.SSE_ = 0; if (GV.MOD_== 0x3) { #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "psrlw "); #endif } else { FailDecode(pMyDisasm); } GV.EIP_ += GV.DECALAGE_EIP+3; if (!Security(0, pMyDisasm)) return; MyNumber = *((UInt8*)(UIntPtr) (GV.EIP_-1)); #ifndef BEA_LIGHT_DISASSEMBLY (void) CopyFormattedNumber(pMyDisasm, (char*) &(*pMyDisasm).Argument2.ArgMnemonic,"%.2X",(Int64) MyNumber); #endif (*pMyDisasm).Instruction.Immediat = MyNumber; (*pMyDisasm).Argument2.ArgType = CONSTANT_TYPE+ABSOLUTE_; (*pMyDisasm).Argument2.ArgSize = 8; } else { (*pMyDisasm).Instruction.Category = MMX_INSTRUCTION+SHIFT_ROTATE; GV.MemDecoration = Arg1qword; GV.ImmediatSize = 8; GV.MMX_ = 1; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); GV.MMX_ = 0; if (GV.MOD_== 0x3) { #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "psrlw "); #endif } else { FailDecode(pMyDisasm); } GV.EIP_ += GV.DECALAGE_EIP+3; if (!Security(0, pMyDisasm)) return; MyNumber = *((UInt8*)(UIntPtr) (GV.EIP_-1)); #ifndef BEA_LIGHT_DISASSEMBLY (void) CopyFormattedNumber(pMyDisasm, (char*) &(*pMyDisasm).Argument2.ArgMnemonic,"%.2X",(Int64) MyNumber); #endif (*pMyDisasm).Instruction.Immediat = MyNumber; (*pMyDisasm).Argument2.ArgType = CONSTANT_TYPE+ABSOLUTE_; (*pMyDisasm).Argument2.ArgSize = 8; } } else if (GV.REGOPCODE == 4) { if (GV.OperandSize == 16) { (*pMyDisasm).Instruction.Category = SSE_INSTRUCTION+SHIFT_ROTATE; GV.MemDecoration = Arg1dqword; GV.ImmediatSize = 8; GV.SSE_ = 1; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); GV.SSE_ = 0; if (GV.MOD_== 0x3) { #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "psraw "); #endif } else { FailDecode(pMyDisasm); } GV.EIP_ += GV.DECALAGE_EIP+3; if (!Security(0, pMyDisasm)) return; MyNumber = *((UInt8*)(UIntPtr) (GV.EIP_-1)); #ifndef BEA_LIGHT_DISASSEMBLY (void) CopyFormattedNumber(pMyDisasm, (char*) &(*pMyDisasm).Argument2.ArgMnemonic,"%.2X",(Int64) MyNumber); #endif (*pMyDisasm).Instruction.Immediat = MyNumber; (*pMyDisasm).Argument2.ArgType = CONSTANT_TYPE+ABSOLUTE_; (*pMyDisasm).Argument2.ArgSize = 8; } else { (*pMyDisasm).Instruction.Category = MMX_INSTRUCTION+SHIFT_ROTATE; GV.MemDecoration = Arg1qword; GV.ImmediatSize = 8; GV.MMX_ = 1; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); GV.MMX_ = 0; if (GV.MOD_== 0x3) { #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "psraw "); #endif } else { FailDecode(pMyDisasm); } GV.EIP_ += GV.DECALAGE_EIP+3; if (!Security(0, pMyDisasm)) return; MyNumber = *((UInt8*)(UIntPtr) (GV.EIP_-1)); #ifndef BEA_LIGHT_DISASSEMBLY (void) CopyFormattedNumber(pMyDisasm, (char*) &(*pMyDisasm).Argument2.ArgMnemonic,"%.2X",(Int64) MyNumber); #endif (*pMyDisasm).Instruction.Immediat = MyNumber; (*pMyDisasm).Argument2.ArgType = CONSTANT_TYPE+ABSOLUTE_; (*pMyDisasm).Argument2.ArgSize = 8; } } else if (GV.REGOPCODE == 6) { if (GV.OperandSize == 16) { (*pMyDisasm).Instruction.Category = SSE_INSTRUCTION+SHIFT_ROTATE; GV.MemDecoration = Arg1dqword; GV.ImmediatSize = 8; GV.SSE_ = 1; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); GV.SSE_ = 0; if (GV.MOD_== 0x3) { #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "psllw "); #endif } else { FailDecode(pMyDisasm); } GV.EIP_ += GV.DECALAGE_EIP+3; if (!Security(0, pMyDisasm)) return; MyNumber = *((UInt8*)(UIntPtr) (GV.EIP_-1)); #ifndef BEA_LIGHT_DISASSEMBLY (void) CopyFormattedNumber(pMyDisasm, (char*) &(*pMyDisasm).Argument2.ArgMnemonic,"%.2X",(Int64) MyNumber); #endif (*pMyDisasm).Instruction.Immediat = MyNumber; (*pMyDisasm).Argument2.ArgType = CONSTANT_TYPE+ABSOLUTE_; (*pMyDisasm).Argument2.ArgSize = 8; } else { (*pMyDisasm).Instruction.Category = MMX_INSTRUCTION+SHIFT_ROTATE; GV.MemDecoration = Arg1qword; GV.ImmediatSize = 8; GV.MMX_ = 1; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); GV.MMX_ = 0; if (GV.MOD_== 0x3) { #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "psllw "); #endif } else { FailDecode(pMyDisasm); } GV.EIP_ += GV.DECALAGE_EIP+3; if (!Security(0, pMyDisasm)) return; MyNumber = *((UInt8*)(UIntPtr) (GV.EIP_-1)); #ifndef BEA_LIGHT_DISASSEMBLY (void) CopyFormattedNumber(pMyDisasm, (char*) &(*pMyDisasm).Argument2.ArgMnemonic,"%.2X",(Int64) MyNumber); #endif (*pMyDisasm).Instruction.Immediat = MyNumber; (*pMyDisasm).Argument2.ArgType = CONSTANT_TYPE+ABSOLUTE_; (*pMyDisasm).Argument2.ArgSize = 8; } } else { FailDecode(pMyDisasm); } }
/* ==================================================================== * 0f01h * ==================================================================== */ void __bea_callspec__ G7_(PDISASM pMyDisasm) { (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; if (!Security1(pMyDisasm)) return; GV.REGOPCODE = ((*((UInt8*)(UIntPtr) (GV.EIP_))) >> 3) & 0x7; GV.MOD_= ((*((UInt8*)(UIntPtr) (GV.EIP_))) >> 6); GV.RM_ = (*((UInt8*)(UIntPtr) (GV.EIP_))) & 0x7; if (GV.REGOPCODE == 0) { if (GV.MOD_== 0x3) { if (GV.RM_ == 0x1) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_VMCALL; GV.EIP_++; } else if (GV.RM_ == 0x2) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_VMLAUNCH; GV.EIP_++; } else if (GV.RM_ == 0x3) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_VMRESUME; GV.EIP_++; } else if (GV.RM_ == 0x4) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_VMXOFF; GV.EIP_++; } else { FailDecode(pMyDisasm); } } else { MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); (*pMyDisasm).Argument1.ArgSize = 48; (*pMyDisasm).Instruction.Mnemonic = I_SGDT; (*pMyDisasm).Argument2.ArgType = IMPLICIT_ARG+REGISTER_TYPE+MEMORY_MANAGEMENT_REG+REG0; (*pMyDisasm).Argument2.ArgSize = 48; GV.EIP_+= GV.DECALAGE_EIP; } } else if (GV.REGOPCODE == 1) { if (GV.MOD_== 0x3) { if (GV.RM_ == 0x00) { (*pMyDisasm).Instruction.Category = SSE3_INSTRUCTION+AGENT_SYNCHRONISATION; (*pMyDisasm).Instruction.Mnemonic = I_MONITOR; GV.EIP_++; } else if (GV.RM_ == 0x01) { (*pMyDisasm).Instruction.Category = SSE3_INSTRUCTION+AGENT_SYNCHRONISATION; (*pMyDisasm).Instruction.Mnemonic = I_MWAIT; GV.EIP_++; } else { FailDecode(pMyDisasm); } } else { (*pMyDisasm).Argument1.ArgSize = 48; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_SIDT; (*pMyDisasm).Argument2.ArgType = IMPLICIT_ARG+REGISTER_TYPE+MEMORY_MANAGEMENT_REG+REG2; (*pMyDisasm).Argument2.ArgSize = 48; GV.EIP_+= GV.DECALAGE_EIP; } } else if (GV.REGOPCODE == 2) { if (GV.MOD_== 0x3) { if (GV.RM_ == 0x0) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_XGETBV; GV.EIP_++; } else if (GV.RM_ == 0x1) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_XSETBV; GV.EIP_++; } else { FailDecode(pMyDisasm); } } else { (*pMyDisasm).Argument2.ArgSize = 48; MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_LGDT; (*pMyDisasm).Argument1.ArgType = IMPLICIT_ARG+REGISTER_TYPE+MEMORY_MANAGEMENT_REG+REG0; (*pMyDisasm).Argument1.ArgSize = 48; GV.EIP_+= GV.DECALAGE_EIP; } } else if (GV.REGOPCODE == 3) { if (GV.MOD_== 0x3) { if (GV.RM_ == 0x0) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_VMRUN; GV.EIP_++; } else if (GV.RM_ == 0x1) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_VMMCALL; GV.EIP_++; } else if (GV.RM_ == 0x2) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_VMLOAD; GV.EIP_++; } else if (GV.RM_ == 0x3) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_VMSAVE; GV.EIP_++; } else if (GV.RM_ == 0x4) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_STGI; GV.EIP_++; } else if (GV.RM_ == 0x5) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_CLGI; GV.EIP_++; } else if (GV.RM_ == 0x6) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_SKINIT; GV.EIP_++; } else if (GV.RM_ == 0x7) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_INVLPGA; GV.EIP_++; } else { FailDecode(pMyDisasm); } } else { MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); (*pMyDisasm).Argument2.ArgSize = 48; (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_LIDT; (*pMyDisasm).Argument1.ArgType = IMPLICIT_ARG+REGISTER_TYPE+MEMORY_MANAGEMENT_REG+REG2; (*pMyDisasm).Argument1.ArgSize = 48; GV.EIP_+= GV.DECALAGE_EIP; } } else if (GV.REGOPCODE == 4) { MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); (*pMyDisasm).Argument2.ArgSize = 16; (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_SMSW; (*pMyDisasm).Argument1.ArgType = IMPLICIT_ARG+REGISTER_TYPE+CR_REG+REG0; (*pMyDisasm).Argument1.ArgSize = 16; GV.EIP_+= GV.DECALAGE_EIP; } else if (GV.REGOPCODE == 6) { MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); (*pMyDisasm).Argument1.ArgSize = 16; (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_LMSW; (*pMyDisasm).Argument2.ArgType = IMPLICIT_ARG+REGISTER_TYPE+CR_REG+REG0; (*pMyDisasm).Argument2.ArgSize = 16; GV.EIP_+= GV.DECALAGE_EIP; } else if (GV.REGOPCODE == 7) { if (GV.MOD_== 0x3) { if ((*pMyDisasm).Archi == 64) { if (GV.RM_ == 0x0) { (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_SWAPGS; GV.EIP_++; } else { FailDecode(pMyDisasm); } } else { if (GV.RM_ == 0x1) { (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_RDTSCP; GV.EIP_++; } else { FailDecode(pMyDisasm); } } } else { MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); (*pMyDisasm).Argument2.ArgSize = 8; (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; (*pMyDisasm).Instruction.Mnemonic = I_INVLPG; GV.EIP_+= GV.DECALAGE_EIP; } } else { FailDecode(pMyDisasm); } }
/* ==================================================================== * 0f01h * ==================================================================== */ void __bea_callspec__ G7_(PDISASM pMyDisasm) { (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; GV.REGOPCODE = ((*((UInt8*)(UIntPtr) (GV.EIP_+1))) >> 3) & 0x7; GV.MOD_= ((*((UInt8*)(UIntPtr) (GV.EIP_+1))) >> 6) & 0x3; GV.RM_ = (*((UInt8*)(UIntPtr) (GV.EIP_+1))) & 0x7; if (GV.REGOPCODE == 0) { if (GV.MOD_== 0x3) { if (GV.RM_ == 0x1) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "vmcall "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else if (GV.RM_ == 0x2) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "vmlaunch "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else if (GV.RM_ == 0x3) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "vmresume "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else if (GV.RM_ == 0x4) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "vmxoff "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else { FailDecode(pMyDisasm); } } else { GV.MemDecoration = Arg1fword; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "sgdt "); #endif (*pMyDisasm).Argument2.ArgType = REGISTER_TYPE+MEMORY_MANAGEMENT_REG+REG0; (*pMyDisasm).Argument2.ArgSize = 48; GV.EIP_+= GV.DECALAGE_EIP+2; } } else if (GV.REGOPCODE == 1) { if (GV.MOD_== 0x3) { if (GV.RM_ == 0x00) { (*pMyDisasm).Instruction.Category = SSE3_INSTRUCTION+AGENT_SYNCHRONISATION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "monitor "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else if (GV.RM_ == 0x01) { (*pMyDisasm).Instruction.Category = SSE3_INSTRUCTION+AGENT_SYNCHRONISATION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "mwait "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else { FailDecode(pMyDisasm); } } else { GV.MemDecoration = Arg1fword; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "sidt "); #endif (*pMyDisasm).Argument2.ArgType = REGISTER_TYPE+MEMORY_MANAGEMENT_REG+REG2; (*pMyDisasm).Argument2.ArgSize = 48; GV.EIP_+= GV.DECALAGE_EIP+2; } } else if (GV.REGOPCODE == 2) { if (GV.MOD_== 0x3) { if (GV.RM_ == 0x0) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "xgetbv "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else if (GV.RM_ == 0x1) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "xsetbv "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else { FailDecode(pMyDisasm); } } else { GV.MemDecoration = Arg2fword; MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "lgdt "); #endif (*pMyDisasm).Argument1.ArgType = REGISTER_TYPE+MEMORY_MANAGEMENT_REG+REG0; (*pMyDisasm).Argument1.ArgSize = 48; GV.EIP_+= GV.DECALAGE_EIP+2; } } else if (GV.REGOPCODE == 3) { if (GV.MOD_== 0x3) { if (GV.RM_ == 0x0) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "vmrun "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else if (GV.RM_ == 0x1) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "vmmcall "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else if (GV.RM_ == 0x2) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "vmload "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else if (GV.RM_ == 0x3) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "vmsave "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else if (GV.RM_ == 0x4) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "stgi "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else if (GV.RM_ == 0x5) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "clgi "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else if (GV.RM_ == 0x6) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "skinit "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else if (GV.RM_ == 0x7) { (*pMyDisasm).Instruction.Category = VM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "invlpga "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else { FailDecode(pMyDisasm); } } else { GV.MemDecoration = Arg2fword; MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "lidt "); #endif (*pMyDisasm).Argument1.ArgType = REGISTER_TYPE+MEMORY_MANAGEMENT_REG+REG2; (*pMyDisasm).Argument1.ArgSize = 48; GV.EIP_+= GV.DECALAGE_EIP+2; } } else if (GV.REGOPCODE == 4) { GV.MemDecoration = Arg2word; MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "smsw "); #endif (*pMyDisasm).Argument1.ArgType = REGISTER_TYPE+CR_REG+REG0; (*pMyDisasm).Argument1.ArgSize = 16; GV.EIP_+= GV.DECALAGE_EIP+2; } else if (GV.REGOPCODE == 6) { GV.MemDecoration = Arg1word; MOD_RM(&(*pMyDisasm).Argument1, pMyDisasm); (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "lmsw "); #endif (*pMyDisasm).Argument2.ArgType = REGISTER_TYPE+CR_REG+REG0; (*pMyDisasm).Argument2.ArgSize = 16; GV.EIP_+= GV.DECALAGE_EIP+2; } else if (GV.REGOPCODE == 7) { if (GV.MOD_== 0x3) { if (GV.Architecture == 64) { if (GV.RM_ == 0x0) { (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "swapgs "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else { FailDecode(pMyDisasm); } } else { if (GV.RM_ == 0x1) { (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "rdtscp "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } else { FailDecode(pMyDisasm); } } } else { GV.MemDecoration = Arg2byte; MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); (*pMyDisasm).Instruction.Category = SYSTEM_INSTRUCTION; #ifndef BEA_LIGHT_DISASSEMBLY (void) strcpy ((*pMyDisasm).Instruction.Mnemonic, "invlpg "); #endif GV.EIP_+= GV.DECALAGE_EIP+2; } } else { FailDecode(pMyDisasm); } }
/* ==================================================================== * * ==================================================================== */ void __bea_callspec__ GxEx(PDISASM pMyDisasm) { MOD_RM(&(*pMyDisasm).Argument2, pMyDisasm); Reg_Opcode(&(*pMyDisasm).Argument1, pMyDisasm); GV.EIP_ += GV.DECALAGE_EIP+2; }