mirrors/ParkanPlayground
0
Fork 0
mirror of https://github.com/sampletext32/ParkanPlayground.git synced 2025-05-18 19:31:17 +03:00
Code Issues Releases Activity

nice big refactor

Browse Source
This commit is contained in:
bird_egop 2025-04-13 23:06:52 +03:00
parent 59df064ca4
commit 11a2cfada4
92 changed files with 981 additions and 1509 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ParkanPlayground.sln.DotSettings.user
View File

@ -1,6 +1,7 @@
<wpf:ResourceDictionary xml:space="preserve" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:s="clr-namespace:System;assembly=mscorlib" xmlns:ss="urn:shemas-jetbrains-com:settings-storage-xaml" xmlns:wpf="http://schemas.microsoft.com/winfx/2006/xaml/presentation">
<s:String x:Key="/Default/CodeInspection/ExcludedFiles/FilesAndFoldersToSkip2/=7020124F_002D9FFC_002D4AC3_002D8F3D_002DAAB8E0240759_002Ff_003AAssemblyCodeArray_002Ecs_002Fl_003A_002E_002E_003F_002E_002E_003F_002E_002E_003FUsers_003FAdmin_003FAppData_003FRoaming_003FJetBrains_003FRider2024_002E3_003Fresharper_002Dhost_003FDecompilerCache_003Fdecompiler_003Fa494e0aa381c41ff9484df33e5edb42535e00_003Fa1_003Fbc9d4e81_003FAssemblyCodeArray_002Ecs/@EntryIndexedValue">ForceIncluded</s:String>
<s:String x:Key="/Default/CodeInspection/ExcludedFiles/FilesAndFoldersToSkip2/=7020124F_002D9FFC_002D4AC3_002D8F3D_002DAAB8E0240759_002Ff_003AAssemblyCodeMemory_002Ecs_002Fl_003A_002E_002E_003F_002E_002E_003F_002E_002E_003FUsers_003FAdmin_003FAppData_003FRoaming_003FJetBrains_003FRider2024_002E3_003Fresharper_002Dhost_003FDecompilerCache_003Fdecompiler_003Fa494e0aa381c41ff9484df33e5edb42535e00_003F6e_003F09b667c6_003FAssemblyCodeMemory_002Ecs/@EntryIndexedValue">ForceIncluded</s:String>
<s:String x:Key="/Default/CodeInspection/ExcludedFiles/FilesAndFoldersToSkip2/=7020124F_002D9FFC_002D4AC3_002D8F3D_002DAAB8E0240759_002Ff_003ACollectionAsserts_002Ecs_002Fl_003A_002E_002E_003F_002E_002E_003F_002E_002E_003FUsers_003FAdmin_003FAppData_003FRoaming_003FJetBrains_003FRider2024_002E3_003Fresharper_002Dhost_003FSourcesCache_003F435f965090c5b89f0c5efb49ac3c5a72367d90599314191af25a832d0942f_003FCollectionAsserts_002Ecs/@EntryIndexedValue">ForceIncluded</s:String>
<s:String x:Key="/Default/CodeInspection/ExcludedFiles/FilesAndFoldersToSkip2/=7020124F_002D9FFC_002D4AC3_002D8F3D_002DAAB8E0240759_002Ff_003ACsvReader_002Ecs_002Fl_003A_002E_002E_003F_002E_002E_003F_002E_002E_003FUsers_003FAdmin_003FAppData_003FRoaming_003FJetBrains_003FRider2024_002E3_003Fresharper_002Dhost_003FSourcesCache_003Ff7b87edd534764eebf2388a77d49e5cd9c6d49eb6788dca9b1c07d4545412715_003FCsvReader_002Ecs/@EntryIndexedValue">ForceIncluded</s:String>
<s:String x:Key="/Default/CodeInspection/ExcludedFiles/FilesAndFoldersToSkip2/=7020124F_002D9FFC_002D4AC3_002D8F3D_002DAAB8E0240759_002Ff_003ADefaultTypeConverter_002Ecs_002Fl_003A_002E_002E_003F_002E_002E_003F_002E_002E_003FUsers_003FAdmin_003FAppData_003FRoaming_003FJetBrains_003FRider2024_002E3_003Fresharper_002Dhost_003FSourcesCache_003F64b864a5d465bc24fc4b55e1026aba213beb1733ef631abeca5a9f25357eda_003FDefaultTypeConverter_002Ecs/@EntryIndexedValue">ForceIncluded</s:String>
<s:String x:Key="/Default/CodeInspection/ExcludedFiles/FilesAndFoldersToSkip2/=7020124F_002D9FFC_002D4AC3_002D8F3D_002DAAB8E0240759_002Ff_003ADisassembler_002Ecs_002Fl_003A_002E_002E_003F_002E_002E_003F_002E_002E_003FUsers_003FAdmin_003FAppData_003FRoaming_003FJetBrains_003FRider2024_002E3_003Fresharper_002Dhost_003FDecompilerCache_003Fdecompiler_003Fa494e0aa381c41ff9484df33e5edb42535e00_003Fd4_003Fad0818f9_003FDisassembler_002Ecs/@EntryIndexedValue">ForceIncluded</s:String>
@ -10,6 +11,7 @@
<s:String x:Key="/Default/CodeInspection/ExcludedFiles/FilesAndFoldersToSkip2/=7020124F_002D9FFC_002D4AC3_002D8F3D_002DAAB8E0240759_002Ff_003AMatrix4x4_002Ecs_002Fl_003A_002E_002E_003F_002E_002E_003F_002E_002E_003FUsers_003FAdmin_003FAppData_003FRoaming_003FJetBrains_003FRider2024_002E3_003Fresharper_002Dhost_003FSourcesCache_003Fed6aa59cd75423c5b655901d6ec4fb4be48ab669fa6fb01b3a7a7f31be95_003FMatrix4x4_002Ecs/@EntryIndexedValue">ForceIncluded</s:String>
<s:String x:Key="/Default/CodeInspection/ExcludedFiles/FilesAndFoldersToSkip2/=7020124F_002D9FFC_002D4AC3_002D8F3D_002DAAB8E0240759_002Ff_003AMemory_002Ecs_002Fl_003A_002E_002E_003F_002E_002E_003F_002E_002E_003FUsers_003FAdmin_003FAppData_003FLocal_003FSymbols_003Fsrc_003Fdotnet_003Fruntime_003F5535e31a712343a63f5d7d796cd874e563e5ac14_003Fsrc_003Flibraries_003FSystem_002EPrivate_002ECoreLib_003Fsrc_003FSystem_003FMemory_002Ecs/@EntryIndexedValue">ForceIncluded</s:String>
<s:String x:Key="/Default/CodeInspection/ExcludedFiles/FilesAndFoldersToSkip2/=7020124F_002D9FFC_002D4AC3_002D8F3D_002DAAB8E0240759_002Ff_003ASingle_002Ecs_002Fl_003A_002E_002E_003F_002E_002E_003F_002E_002E_003FUsers_003FAdmin_003FAppData_003FRoaming_003FJetBrains_003FRider2024_002E3_003Fresharper_002Dhost_003FSourcesCache_003Fc99a63bcf3d2a18c20ee19e58ac875ab1edf2a147c8b92ffeed185ab8a44b4_003FSingle_002Ecs/@EntryIndexedValue">ForceIncluded</s:String>
<s:String x:Key="/Default/CodeInspection/ExcludedFiles/FilesAndFoldersToSkip2/=7020124F_002D9FFC_002D4AC3_002D8F3D_002DAAB8E0240759_002Ff_003AStringAsserts_002Ecs_002Fl_003A_002E_002E_003F_002E_002E_003F_002E_002E_003FUsers_003FAdmin_003FAppData_003FRoaming_003FJetBrains_003FRider2024_002E3_003Fresharper_002Dhost_003FSourcesCache_003F999ae9cc4ab7b7cfbc5080803e994426e97fd9d87c5b1f44544a799bc114_003FStringAsserts_002Ecs/@EntryIndexedValue">ForceIncluded</s:String>
<s:String x:Key="/Default/CodeInspection/ExcludedFiles/FilesAndFoldersToSkip2/=7020124F_002D9FFC_002D4AC3_002D8F3D_002DAAB8E0240759_002Ff_003Aud_002Ecs_002Fl_003A_002E_002E_003F_002E_002E_003F_002E_002E_003FUsers_003FAdmin_003FAppData_003FRoaming_003FJetBrains_003FRider2024_002E3_003Fresharper_002Dhost_003FDecompilerCache_003Fdecompiler_003Fa494e0aa381c41ff9484df33e5edb42535e00_003F15_003F87bd9007_003Fud_002Ecs/@EntryIndexedValue">ForceIncluded</s:String>
<s:String x:Key="/Default/CodeInspection/ExcludedFiles/FilesAndFoldersToSkip2/=7020124F_002D9FFC_002D4AC3_002D8F3D_002DAAB8E0240759_002Ff_003Audis86_002Ecs_002Fl_003A_002E_002E_003F_002E_002E_003F_002E_002E_003FUsers_003FAdmin_003FAppData_003FRoaming_003FJetBrains_003FRider2024_002E3_003Fresharper_002Dhost_003FDecompilerCache_003Fdecompiler_003Fa494e0aa381c41ff9484df33e5edb42535e00_003F95_003F953bbb0f_003Fudis86_002Ecs/@EntryIndexedValue">ForceIncluded</s:String>
<s:String x:Key="/Default/Environment/Highlighting/HighlightingSourceSnapshotLocation/@EntryValue">C:\Users\Admin\AppData\Local\JetBrains\Rider2024.3\resharper-host\temp\Rider\vAny\CoverageData\_ParkanPlayground.1073341822\Snapshot\snapshot.utdcvr</s:String>

52
X86Disassembler/X86/Handlers/Adc/AdcImmToRm32Handler.cs
View File

@ -11,11 +11,11 @@ public class AdcImmToRm32Handler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public AdcImmToRm32Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public AdcImmToRm32Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,18 +25,18 @@ public class AdcImmToRm32Handler : InstructionHandler
{
if (opcode != 0x81)
return false;
// Check if the reg field of the ModR/M byte is 2 (ADC)
int position = Decoder.GetPosition();
if (position >= Length)
return false;
byte modRM = CodeBuffer[position];
byte reg = (byte)((modRM & 0x38) >> 3);
byte reg = (byte) ((modRM & 0x38) >> 3);
return reg == 2; // 2 = ADC
}
/// <summary>
/// Decodes an ADC r/m32, imm32 instruction
/// </summary>
@ -47,49 +47,37 @@ public class AdcImmToRm32Handler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "adc";
int position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 2 for ADC
byte rm = (byte)(modRM & 0x07);
// Decode the destination operand
string destOperand = ModRMDecoder.DecodeModRM(mod, rm, false);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Read the immediate value
if (position + 3 >= Length)
{
return false;
}
// Read the immediate value in little-endian format
byte b0 = CodeBuffer[position];
byte b1 = CodeBuffer[position + 1];
byte b2 = CodeBuffer[position + 2];
byte b3 = CodeBuffer[position + 3];
var imm = Decoder.ReadUInt32();
// Format the immediate value as expected by the tests (0x12345678)
// Note: The bytes are reversed to match the expected format in the tests
string immStr = $"0x{b3:X2}{b2:X2}{b1:X2}{b0:X2}";
string immStr = $"0x{imm:X8}";
// Advance the position past the immediate value
position += 4;
Decoder.SetPosition(position);
// Set the operands
instruction.Operands = $"{destOperand}, {immStr}";
return true;
}
}
}

46
X86Disassembler/X86/Handlers/Adc/AdcImmToRm32SignExtendedHandler.cs
View File

@ -11,11 +11,11 @@ public class AdcImmToRm32SignExtendedHandler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public AdcImmToRm32SignExtendedHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public AdcImmToRm32SignExtendedHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,18 +25,18 @@ public class AdcImmToRm32SignExtendedHandler : InstructionHandler
{
if (opcode != 0x83)
return false;
// Check if the reg field of the ModR/M byte is 2 (ADC)
int position = Decoder.GetPosition();
if (position >= Length)
return false;
byte modRM = CodeBuffer[position];
byte reg = (byte)((modRM & 0x38) >> 3);
byte reg = (byte) ((modRM & 0x38) >> 3);
return reg == 2; // 2 = ADC
}
/// <summary>
/// Decodes an ADC r/m32, imm8 (sign-extended) instruction
/// </summary>
@ -47,39 +47,29 @@ public class AdcImmToRm32SignExtendedHandler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "adc";
int position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 2 for ADC
byte rm = (byte)(modRM & 0x07);
// Decode the destination operand
string destOperand = ModRMDecoder.DecodeModRM(mod, rm, false);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Read the immediate value (sign-extended from 8 to 32 bits)
if (position >= Length)
{
return false;
}
sbyte imm8 = (sbyte)CodeBuffer[position];
int imm32 = imm8; // Sign-extend to 32 bits
Decoder.SetPosition(position + 1);
// Sign-extend to 32 bits
int imm32 = (sbyte) Decoder.ReadByte();
// Set the operands
instruction.Operands = $"{destOperand}, 0x{imm32:X8}";
return true;
}
}
}

12
X86Disassembler/X86/Handlers/Add/AddEaxImmHandler.cs
View File

@ -68,17 +68,7 @@ public class AddEaxImmHandler : InstructionHandler
}
// Read the 32-bit immediate value
uint imm32 = 0;
for (int i = 0; i < 4; i++)
{
if (startPosition + i < Length)
{
imm32 |= (uint)(CodeBuffer[startPosition + i] << (i * 8));
}
}
// Advance the decoder position
Decoder.SetPosition(startPosition + 4);
uint imm32 = Decoder.ReadUInt32();
// Set the operands
instruction.Operands = $"eax, 0x{imm32:X8}";

22
X86Disassembler/X86/Handlers/Add/AddImmToRm32Handler.cs
View File

@ -56,16 +56,7 @@ public class AddImmToRm32Handler : InstructionHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 0 for ADD
byte rm = (byte)(modRM & 0x07);
// Decode the destination operand
string destOperand = ModRMDecoder.DecodeModRM(mod, rm, false);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Read the immediate value
if (position + 3 >= Length)
@ -74,18 +65,11 @@ public class AddImmToRm32Handler : InstructionHandler
}
// Read the immediate value in little-endian format
byte b0 = CodeBuffer[position];
byte b1 = CodeBuffer[position + 1];
byte b2 = CodeBuffer[position + 2];
byte b3 = CodeBuffer[position + 3];
var imm = Decoder.ReadUInt32();
// Format the immediate value as expected by the tests (0x12345678)
// Note: The bytes are reversed to match the expected format in the tests
string immStr = $"0x{b3:X2}{b2:X2}{b1:X2}{b0:X2}";
// Advance the position past the immediate value
position += 4;
Decoder.SetPosition(position);
string immStr = $"0x{imm:X8}";
// Set the operands
instruction.Operands = $"{destOperand}, {immStr}";

45
X86Disassembler/X86/Handlers/Add/AddImmToRm32SignExtendedHandler.cs
View File

@ -59,24 +59,19 @@ public class AddImmToRm32SignExtendedHandler : InstructionHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[startPosition];
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 0 for ADD
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Track the bytes needed for this instruction
int bytesNeeded = 1; // ModR/M byte
// Process SIB byte if needed
byte sib = 0;
if (mod != 3 && rm == 4) // SIB byte present
if (mod != 3 && rm == RegisterIndex.Si) // SIB byte present
{
if (startPosition + bytesNeeded >= Length)
{
instruction.Operands = "??";
instruction.RawBytes = new byte[] { opcode, modRM };
instruction.RawBytes = new byte[] { opcode, CodeBuffer[startPosition] };
return true;
}
sib = CodeBuffer[startPosition + bytesNeeded];
@ -85,7 +80,7 @@ public class AddImmToRm32SignExtendedHandler : InstructionHandler
// Handle displacement
int dispSize = 0;
if (mod == 0 && rm == 5) // 32-bit displacement
if (mod == 0 && rm == RegisterIndex.Di) // 32-bit displacement
{
dispSize = 4;
}
@ -102,21 +97,15 @@ public class AddImmToRm32SignExtendedHandler : InstructionHandler
if (startPosition + bytesNeeded + dispSize >= Length)
{
instruction.Operands = "??";
instruction.RawBytes = new byte[] { opcode, modRM };
instruction.RawBytes = new byte[] { opcode, CodeBuffer[startPosition] };
return true;
}
bytesNeeded += dispSize; // Add displacement bytes
// Use ModRMDecoder to decode the destination operand
var modRMDecoder = new ModRMDecoder(CodeBuffer, Decoder, Length);
// Set the decoder position to after the ModR/M byte
Decoder.SetPosition(startPosition + 1);
// Decode the destination operand
string destOperand = modRMDecoder.DecodeModRM(mod, rm, false);
// Get the position after decoding the ModR/M byte
int newPosition = Decoder.GetPosition();
@ -141,15 +130,21 @@ public class AddImmToRm32SignExtendedHandler : InstructionHandler
return true;
}
// Read the immediate value as a signed byte and sign-extend it
sbyte imm8 = (sbyte)CodeBuffer[newPosition];
newPosition++; // Advance past the immediate byte
// Read the immediate value as a signed byte and automatically sign-extend it to int
int signExtendedImm = (sbyte)Decoder.ReadByte();
// Set the decoder position
Decoder.SetPosition(newPosition);
// Format the immediate value as a 32-bit hex value (sign-extended)
string immStr = $"0x{(uint)imm8:X8}";
// Format the immediate value as a 32-bit hex value
string immStr;
if (signExtendedImm < 0)
{
// For negative values, use the full 32-bit representation (0xFFFFFFxx)
immStr = $"0x{(uint)signExtendedImm:X8}";
}
else
{
// For positive values, use the regular format
immStr = $"0x{signExtendedImm:X8}";
}
// Set the operands
instruction.Operands = $"{destOperand}, {immStr}";

52
X86Disassembler/X86/Handlers/Add/AddImmToRm8Handler.cs
View File

@ -11,11 +11,11 @@ public class AddImmToRm8Handler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public AddImmToRm8Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public AddImmToRm8Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,18 +25,18 @@ public class AddImmToRm8Handler : InstructionHandler
{
if (opcode != 0x80)
return false;
// Check if the reg field of the ModR/M byte is 0 (ADD)
int position = Decoder.GetPosition();
if (position >= Length)
return false;
byte modRM = CodeBuffer[position];
byte reg = (byte)((modRM & 0x38) >> 3);
byte reg = (byte) ((modRM & 0x38) >> 3);
return reg == 0; // 0 = ADD
}
/// <summary>
/// Decodes an ADD r/m8, imm8 instruction
/// </summary>
@ -47,49 +47,35 @@ public class AddImmToRm8Handler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "add";
int position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 0 for ADD
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// For direct register addressing (mod == 3), use 8-bit register names
string destOperand;
if (mod == 3)
{
// Use 8-bit register names for direct register addressing
destOperand = GetRegister8(rm);
destOperand = ModRMDecoder.GetRegisterName(rm, 8);
}
else
{
// Use ModR/M decoder for memory addressing
destOperand = ModRMDecoder.DecodeModRM(mod, rm, false);
}
Decoder.SetPosition(position);
// Read the immediate value
if (position >= Length)
{
return false;
}
byte imm8 = CodeBuffer[position++];
Decoder.SetPosition(position);
byte imm8 = Decoder.ReadByte();
// Set the operands
instruction.Operands = $"{destOperand}, 0x{imm8:X2}";
return true;
}
}
}

12
X86Disassembler/X86/Handlers/Add/AddR32Rm32Handler.cs
View File

@ -42,19 +42,13 @@ public class AddR32Rm32Handler : InstructionHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3);
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Set the mnemonic
instruction.Mnemonic = "add";
// Get the register name
string regName = GetRegister32(reg);
string regName = ModRMDecoder.GetRegisterName(reg, 32);
// For memory operands, set the operand
if (mod != 3) // Memory operand
@ -64,7 +58,7 @@ public class AddR32Rm32Handler : InstructionHandler
}
else // Register operand
{
string rmName = GetRegister32(rm);
string rmName = ModRMDecoder.GetRegisterName(rm, 32);
instruction.Operands = $"{regName}, {rmName}";
}

12
X86Disassembler/X86/Handlers/Add/AddRm32R32Handler.cs
View File

@ -42,19 +42,13 @@ public class AddRm32R32Handler : InstructionHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3);
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Set the mnemonic
instruction.Mnemonic = "add";
// Get the register name
string regName = GetRegister32(reg);
string regName = ModRMDecoder.GetRegisterName(reg, 32);;
// For memory operands, set the operand
if (mod != 3) // Memory operand
@ -64,7 +58,7 @@ public class AddRm32R32Handler : InstructionHandler
}
else // Register operand
{
string rmName = GetRegister32(rm);
string rmName = ModRMDecoder.GetRegisterName(rm, 32);;
instruction.Operands = $"{rmName}, {regName}";
}

22
X86Disassembler/X86/Handlers/And/AndImmToRm32Handler.cs
View File

@ -56,16 +56,7 @@ public class AndImmToRm32Handler : InstructionHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 4 for AND
byte rm = (byte)(modRM & 0x07);
// Decode the destination operand
string destOperand = ModRMDecoder.DecodeModRM(mod, rm, false);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Read the immediate value
if (position + 3 >= Length)
@ -74,18 +65,11 @@ public class AndImmToRm32Handler : InstructionHandler
}
// Read the immediate value in little-endian format
byte b0 = CodeBuffer[position];
byte b1 = CodeBuffer[position + 1];
byte b2 = CodeBuffer[position + 2];
byte b3 = CodeBuffer[position + 3];
var imm = Decoder.ReadUInt32();
// Format the immediate value as expected by the tests (0x12345678)
// Note: The bytes are reversed to match the expected format in the tests
string immStr = $"0x{b3:X2}{b2:X2}{b1:X2}{b0:X2}";
// Advance the position past the immediate value
position += 4;
Decoder.SetPosition(position);
string immStr = $"0x{imm:X8}";
// Set the operands
instruction.Operands = $"{destOperand}, {immStr}";

4
X86Disassembler/X86/Handlers/And/AndImmToRm32SignExtendedHandler.cs
View File

@ -76,9 +76,7 @@ public class AndImmToRm32SignExtendedHandler : InstructionHandler
}
// Read and sign-extend the immediate value
byte imm8 = Decoder.ReadByte();
int signExtended = (sbyte)imm8;
uint imm32 = (uint)signExtended;
uint imm32 = (uint)(sbyte)Decoder.ReadByte();
// Set operands
if (mod == 3)

13
X86Disassembler/X86/Handlers/ArithmeticUnary/DivRm32Handler.cs
View File

@ -56,19 +56,10 @@ public class DivRm32Handler : InstructionHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 6 for DIV
byte rm = (byte)(modRM & 0x07);
// Decode the operand
string operand = ModRMDecoder.DecodeModRM(mod, rm, false);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Set the operands
instruction.Operands = operand;
instruction.Operands = destOperand;
return true;
}

13
X86Disassembler/X86/Handlers/ArithmeticUnary/IdivRm32Handler.cs
View File

@ -56,19 +56,10 @@ public class IdivRm32Handler : InstructionHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 7 for IDIV
byte rm = (byte)(modRM & 0x07);
// Decode the operand
string operand = ModRMDecoder.DecodeModRM(mod, rm, false);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Set the operands
instruction.Operands = operand;
instruction.Operands = destOperand;
return true;
}

13
X86Disassembler/X86/Handlers/ArithmeticUnary/ImulRm32Handler.cs
View File

@ -56,19 +56,10 @@ public class ImulRm32Handler : InstructionHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 5 for IMUL
byte rm = (byte)(modRM & 0x07);
// Decode the operand
string operand = ModRMDecoder.DecodeModRM(mod, rm, false);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Set the operands
instruction.Operands = operand;
instruction.Operands = destOperand;
return true;
}

13
X86Disassembler/X86/Handlers/ArithmeticUnary/MulRm32Handler.cs
View File

@ -56,19 +56,10 @@ public class MulRm32Handler : InstructionHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 4 for MUL
byte rm = (byte)(modRM & 0x07);
// Decode the operand
string operand = ModRMDecoder.DecodeModRM(mod, rm, false);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Set the operands
instruction.Operands = operand;
instruction.Operands = destOperand;
return true;
}

13
X86Disassembler/X86/Handlers/ArithmeticUnary/NegRm32Handler.cs
View File

@ -56,19 +56,10 @@ public class NegRm32Handler : InstructionHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 3 for NEG
byte rm = (byte)(modRM & 0x07);
// Decode the operand
string operand = ModRMDecoder.DecodeModRM(mod, rm, false);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Set the operands
instruction.Operands = operand;
instruction.Operands = destOperand;
return true;
}

19
X86Disassembler/X86/Handlers/ArithmeticUnary/NotRm32Handler.cs
View File

@ -54,15 +54,10 @@ public class NotRm32Handler : InstructionHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 2 for NOT
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Verify this is a NOT instruction
if (reg != 2)
if (reg != RegisterIndex.C)
{
return false;
}
@ -73,19 +68,13 @@ public class NotRm32Handler : InstructionHandler
Decoder.SetPosition(position);
// For direct register addressing (mod == 3), the r/m field specifies a register
string operand;
if (mod == 3)
{
operand = GetRegister32(rm);
}
else
{
// Use the ModR/M decoder for memory addressing
operand = ModRMDecoder.DecodeModRM(mod, rm, false);
destOperand = ModRMDecoder.GetRegisterName(rm, 32);
}
// Set the operands
instruction.Operands = operand;
instruction.Operands = destOperand;
return true;
}

27
X86Disassembler/X86/Handlers/Call/CallRm32Handler.cs
View File

@ -42,16 +42,10 @@ public class CallRm32Handler : InstructionHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3);
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// CALL r/m32 is encoded as FF /2
if (reg != 2)
if (reg != RegisterIndex.C)
{
return false;
}
@ -59,18 +53,15 @@ public class CallRm32Handler : InstructionHandler
// Set the mnemonic
instruction.Mnemonic = "call";
// For memory operands, set the operand
if (mod != 3) // Memory operand
// For register operands, set the operand
if (mod == 3)
{
string operand = ModRMDecoder.DecodeModRM(mod, rm, false);
instruction.Operands = operand;
}
else // Register operand
{
string rmName = GetRegister32(rm);
instruction.Operands = rmName;
// Register operand
destOperand = ModRMDecoder.GetRegisterName(rm, 32);
}
instruction.Operands = destOperand;
return true;
}
}
}

20
X86Disassembler/X86/Handlers/Cmp/CmpAlImmHandler.cs
View File

@ -11,11 +11,11 @@ public class CmpAlImmHandler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public CmpAlImmHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public CmpAlImmHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,7 +25,7 @@ public class CmpAlImmHandler : InstructionHandler
{
return opcode == 0x3C;
}
/// <summary>
/// Decodes a CMP AL, imm8 instruction
/// </summary>
@ -36,21 +36,21 @@ public class CmpAlImmHandler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "cmp";
int position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
// Read the immediate value
byte imm8 = CodeBuffer[position++];
byte imm8 = Decoder.ReadByte();
Decoder.SetPosition(position);
// Set the operands
instruction.Operands = $"al, 0x{imm8:X2}";
return true;
}
}
}

54
X86Disassembler/X86/Handlers/Cmp/CmpImmWithRm32Handler.cs
View File

@ -11,11 +11,11 @@ public class CmpImmWithRm32Handler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public CmpImmWithRm32Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public CmpImmWithRm32Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,18 +25,18 @@ public class CmpImmWithRm32Handler : InstructionHandler
{
if (opcode != 0x81)
return false;
// Check if the reg field of the ModR/M byte is 7 (CMP)
int position = Decoder.GetPosition();
if (position >= Length)
return false;
byte modRM = CodeBuffer[position];
byte reg = (byte)((modRM & 0x38) >> 3);
byte reg = (byte) ((modRM & 0x38) >> 3);
return reg == 7; // 7 = CMP
}
/// <summary>
/// Decodes a CMP r/m32, imm32 instruction
/// </summary>
@ -47,49 +47,33 @@ public class CmpImmWithRm32Handler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "cmp";
int position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 7 for CMP
byte rm = (byte)(modRM & 0x07);
// Decode the destination operand
string destOperand = ModRMDecoder.DecodeModRM(mod, rm, false);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Read the immediate value
if (position + 3 >= Length)
{
return false;
}
// Read the immediate value in little-endian format
byte b0 = CodeBuffer[position];
byte b1 = CodeBuffer[position + 1];
byte b2 = CodeBuffer[position + 2];
byte b3 = CodeBuffer[position + 3];
var imm = Decoder.ReadUInt32();
// Format the immediate value as expected by the tests (0x12345678)
// Note: The bytes are reversed to match the expected format in the tests
string immStr = $"0x{b3:X2}{b2:X2}{b1:X2}{b0:X2}";
// Advance the position past the immediate value
position += 4;
Decoder.SetPosition(position);
string immStr = $"0x{imm:X8}";
// Set the operands
instruction.Operands = $"{destOperand}, {immStr}";
return true;
}
}
}

45
X86Disassembler/X86/Handlers/Cmp/CmpImmWithRm32SignExtendedHandler.cs
View File

@ -11,11 +11,11 @@ public class CmpImmWithRm32SignExtendedHandler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public CmpImmWithRm32SignExtendedHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public CmpImmWithRm32SignExtendedHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,18 +25,18 @@ public class CmpImmWithRm32SignExtendedHandler : InstructionHandler
{
if (opcode != 0x83)
return false;
// Check if the reg field of the ModR/M byte is 7 (CMP)
int position = Decoder.GetPosition();
if (position >= Length)
return false;
byte modRM = CodeBuffer[position];
byte reg = (byte)((modRM & 0x38) >> 3);
byte reg = (byte) ((modRM & 0x38) >> 3);
return reg == 7; // 7 = CMP
}
/// <summary>
/// Decodes a CMP r/m32, imm8 (sign-extended) instruction
/// </summary>
@ -47,39 +47,30 @@ public class CmpImmWithRm32SignExtendedHandler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "cmp";
int position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 7 for CMP
byte rm = (byte)(modRM & 0x07);
// Decode the destination operand
string destOperand = ModRMDecoder.DecodeModRM(mod, rm, false);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Read the immediate value
if (position >= Length)
{
return false;
}
// Read the immediate value as a signed byte and sign-extend it
sbyte imm8 = (sbyte)CodeBuffer[position++];
sbyte imm8 = (sbyte) Decoder.ReadByte();
Decoder.SetPosition(position);
// Set the operands
instruction.Operands = $"{destOperand}, 0x{(uint)imm8:X2}";
instruction.Operands = $"{destOperand}, 0x{(uint) imm8:X2}";
return true;
}
}
}

58
X86Disassembler/X86/Handlers/Cmp/CmpImmWithRm8Handler.cs
View File

@ -25,15 +25,15 @@ public class CmpImmWithRm8Handler : InstructionHandler
{
if (opcode != 0x80)
return false;
// Check if the reg field of the ModR/M byte is 7 (CMP)
int position = Decoder.GetPosition();
if (position >= Length)
return false;
byte modRM = CodeBuffer[position];
byte reg = (byte)((modRM & 0x38) >> 3);
byte reg = (byte) ((modRM & 0x38) >> 3);
return reg == 7; // 7 = CMP
}
@ -47,39 +47,30 @@ public class CmpImmWithRm8Handler : InstructionHandler
{
// Save the original position for raw bytes calculation
int startPosition = Decoder.GetPosition();
// Set the mnemonic
instruction.Mnemonic = "cmp";
if (startPosition >= Length)
{
instruction.Operands = "??";
instruction.RawBytes = new byte[] { opcode };
instruction.RawBytes = new byte[] {opcode};
return true;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[startPosition];
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3);
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// CMP r/m8, imm8 is encoded as 80 /7
if (reg != 7)
if (reg != RegisterIndex.Bp)
{
instruction.Operands = "??";
instruction.RawBytes = new byte[] { opcode, modRM };
return true;
}
// Use ModRMDecoder to decode the ModR/M byte
var (_, _, _, rmOperand) = ModRMDecoder.ReadModRM(false);
// Get the position after decoding the ModR/M byte
int newPosition = Decoder.GetPosition();
// Check if we have enough bytes for the immediate value
if (newPosition >= Length)
{
@ -93,36 +84,36 @@ public class CmpImmWithRm8Handler : InstructionHandler
rawBytesImm[i + 1] = CodeBuffer[startPosition + i];
}
}
instruction.RawBytes = rawBytesImm;
return true;
}
// Read the immediate byte
byte imm8 = CodeBuffer[newPosition];
Decoder.SetPosition(newPosition + 1);
byte imm8 = Decoder.ReadByte();
// Replace the size prefix with "byte ptr"
string operand;
if (rmOperand.StartsWith("qword ptr "))
if (destOperand.StartsWith("qword ptr "))
{
operand = rmOperand.Replace("qword ptr ", "byte ptr ");
operand = destOperand.Replace("qword ptr ", "byte ptr ");
}
else if (rmOperand.StartsWith("dword ptr "))
else if (destOperand.StartsWith("dword ptr "))
{
operand = rmOperand.Replace("dword ptr ", "byte ptr ");
operand = destOperand.Replace("dword ptr ", "byte ptr ");
}
else if (mod != 3) // Memory operand without prefix
{
operand = $"byte ptr {rmOperand}";
operand = $"byte ptr {destOperand}";
}
else // Register operand
{
operand = GetRegister8(rm);
operand = ModRMDecoder.GetRegisterName(rm, 8);
}
// Set the operands
instruction.Operands = $"{operand}, 0x{imm8:X2}";
// Set the raw bytes
byte[] rawBytes = new byte[newPosition - startPosition + 2]; // +1 for opcode, +1 for immediate
rawBytes[0] = opcode;
@ -133,9 +124,10 @@ public class CmpImmWithRm8Handler : InstructionHandler
rawBytes[i + 1] = CodeBuffer[startPosition + i];
}
}
rawBytes[rawBytes.Length - 1] = imm8;
instruction.RawBytes = rawBytes;
return true;
}
}
}

25
X86Disassembler/X86/Handlers/Cmp/CmpR32Rm32Handler.cs
View File

@ -42,32 +42,23 @@ public class CmpR32Rm32Handler : InstructionHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3);
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Set the mnemonic
instruction.Mnemonic = "cmp";
// Get the register name
string regName = GetRegister32(reg);
string regName = ModRMDecoder.GetRegisterName(reg, 32);
// For memory operands, set the operand
if (mod != 3) // Memory operand
// For register operands, set the operand
if (mod == 3)
{
string operand = ModRMDecoder.DecodeModRM(mod, rm, false);
instruction.Operands = $"{regName}, {operand}";
}
else // Register operand
{
string rmName = GetRegister32(rm);
instruction.Operands = $"{regName}, {rmName}";
// Register operand
destOperand = ModRMDecoder.GetRegisterName(rm, 32);
}
instruction.Operands = $"{regName}, {destOperand}";
return true;
}
}

110
X86Disassembler/X86/Handlers/Cmp/CmpRm32R32Handler.cs
View File

@ -37,118 +37,34 @@ public class CmpRm32R32Handler : InstructionHandler
// Set the mnemonic
instruction.Mnemonic = "cmp";
int position = Decoder.GetPosition();
// Save the original position to properly handle the ModR/M byte
int originalPosition = Decoder.GetPosition();
if (position >= Length)
if (originalPosition >= Length)
{
return false;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6); // Top 2 bits
byte reg = (byte)((modRM & 0x38) >> 3); // Middle 3 bits
byte rm = (byte)(modRM & 0x07); // Bottom 3 bits
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Get the register name for the reg field
string regName = GetRegister32(reg);
string regName = ModRMDecoder.GetRegisterName(reg, 32);
// Handle the different addressing modes
string rmOperand;
// Use the destOperand directly from ModRMDecoder
string rmOperand = destOperand;
if (mod == 3) // Direct register addressing
// If it's a direct register operand, we need to remove the size prefix
if (mod == 3)
{
// Get the register name for the r/m field
rmOperand = GetRegister32(rm);
rmOperand = ModRMDecoder.GetRegisterName(rm, 32);
}
else // Memory addressing
else if (rmOperand.StartsWith("dword ptr "))
{
// Handle SIB byte if needed
if (mod != 3 && rm == 4) // SIB byte present
{
if (position >= Length)
{
return false;
}
byte sib = CodeBuffer[position++];
// Extract the fields from the SIB byte
byte scale = (byte)((sib & 0xC0) >> 6);
byte index = (byte)((sib & 0x38) >> 3);
byte base_ = (byte)(sib & 0x07);
// TODO: Handle SIB byte properly
rmOperand = $"[complex addressing]";
}
else if (mod == 0 && rm == 5) // Displacement only addressing
{
if (position + 3 >= Length)
{
return false;
}
// Read the 32-bit displacement
uint disp = (uint)(CodeBuffer[position] |
(CodeBuffer[position + 1] << 8) |
(CodeBuffer[position + 2] << 16) |
(CodeBuffer[position + 3] << 24));
position += 4;
rmOperand = $"[0x{disp:X8}]";
}
else // Simple addressing modes
{
string baseReg = GetRegister32(rm);
if (mod == 0) // No displacement
{
rmOperand = $"[{baseReg}]";
}
else // Displacement
{
uint disp;
if (mod == 1) // 8-bit displacement
{
if (position >= Length)
{
return false;
}
// Sign-extend the 8-bit displacement
sbyte dispByte = (sbyte)CodeBuffer[position++];
disp = (uint)(int)dispByte;
// Format the displacement
string dispStr = dispByte < 0 ? $"-0x{-dispByte:X2}" : $"0x{dispByte:X2}";
rmOperand = $"[{baseReg}+{dispStr}]";
}
else // 32-bit displacement
{
if (position + 3 >= Length)
{
return false;
}
// Read the 32-bit displacement
disp = (uint)(CodeBuffer[position] |
(CodeBuffer[position + 1] << 8) |
(CodeBuffer[position + 2] << 16) |
(CodeBuffer[position + 3] << 24));
position += 4;
rmOperand = $"[{baseReg}+0x{disp:X8}]";
}
}
}
// Remove the "dword ptr " prefix as we'll handle the operands differently
rmOperand = rmOperand.Substring(10);
}
// Update the decoder position
Decoder.SetPosition(position);
// Set the operands
instruction.Operands = $"{rmOperand}, {regName}";

4
X86Disassembler/X86/Handlers/Dec/DecRegHandler.cs
View File

@ -36,13 +36,13 @@ public class DecRegHandler : InstructionHandler
public override bool Decode(byte opcode, Instruction instruction)
{
// Calculate the register index (0 for EAX, 1 for ECX, etc.)
byte reg = (byte)(opcode - 0x48);
RegisterIndex reg = (RegisterIndex)(opcode - 0x48);
// Set the mnemonic
instruction.Mnemonic = "dec";
// Set the operand (register name)
instruction.Operands = GetRegister32(reg);
instruction.Operands = ModRMDecoder.GetRegisterName(reg, 32);
return true;
}

17
X86Disassembler/X86/Handlers/FloatingPoint/Float32OperationHandler.cs
View File

@ -3,7 +3,7 @@ namespace X86Disassembler.X86.Handlers.FloatingPoint;
/// <summary>
/// Handler for floating-point operations on float32 (D8 opcode)
/// </summary>
public class Float32OperationHandler : FloatingPointBaseHandler
public class Float32OperationHandler : InstructionHandler
{
// D8 opcode - operations on float32
private static readonly string[] Mnemonics =
@ -55,27 +55,20 @@ public class Float32OperationHandler : FloatingPointBaseHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte) ((modRM & 0xC0) >> 6);
byte reg = (byte) ((modRM & 0x38) >> 3);
byte rm = (byte) (modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Set the mnemonic based on the opcode and reg field
instruction.Mnemonic = Mnemonics[reg];
instruction.Mnemonic = Mnemonics[(int)reg];
// For memory operands, set the operand
if (mod != 3) // Memory operand
{
string operand = ModRMDecoder.DecodeModRM(mod, rm, false);
instruction.Operands = operand;
instruction.Operands = destOperand;
}
else // Register operand (ST(i))
{
// For register operands, we need to handle the stack registers
instruction.Operands = $"st(0), st({rm})";
instruction.Operands = $"st(0), st({(int)rm})";
}
return true;

17
X86Disassembler/X86/Handlers/FloatingPoint/Float64OperationHandler.cs
View File

@ -3,7 +3,7 @@ namespace X86Disassembler.X86.Handlers.FloatingPoint;
/// <summary>
/// Handler for floating-point operations on float64 (DC opcode)
/// </summary>
public class Float64OperationHandler : FloatingPointBaseHandler
public class Float64OperationHandler : InstructionHandler
{
// DC opcode - operations on float64
private static readonly string[] Mnemonics =
@ -55,27 +55,20 @@ public class Float64OperationHandler : FloatingPointBaseHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3);
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM(true); // true for 64-bit operand
// Set the mnemonic based on the opcode and reg field
instruction.Mnemonic = Mnemonics[reg];
instruction.Mnemonic = Mnemonics[(int)reg];
// For memory operands, set the operand
if (mod != 3) // Memory operand
{
string operand = ModRMDecoder.DecodeModRM(mod, rm, true); // true for 64-bit operand
instruction.Operands = operand;
instruction.Operands = destOperand;
}
else // Register operand (ST(i))
{
// For DC C0-DC FF, the operands are reversed: ST(i), ST(0)
instruction.Operands = $"st({rm}), st(0)";
instruction.Operands = $"st({(int)rm}), st(0)";
}
return true;

18
X86Disassembler/X86/Handlers/FloatingPoint/FloatingPointBaseHandler.cs
View File

@ -1,18 +0,0 @@
namespace X86Disassembler.X86.Handlers.FloatingPoint;
/// <summary>
/// Base class for floating-point instruction handlers
/// </summary>
public abstract class FloatingPointBaseHandler : InstructionHandler
{
/// <summary>
/// Initializes a new instance of the FloatingPointBaseHandler class
/// </summary>
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
protected FloatingPointBaseHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
}

44
X86Disassembler/X86/Handlers/FloatingPoint/Int16OperationHandler.cs
View File

@ -3,7 +3,7 @@ namespace X86Disassembler.X86.Handlers.FloatingPoint;
/// <summary>
/// Handler for floating-point operations on int16 (DE opcode)
/// </summary>
public class Int16OperationHandler : FloatingPointBaseHandler
public class Int16OperationHandler : InstructionHandler
{
// DE opcode - operations on int16
private static readonly string[] Mnemonics =
@ -55,67 +55,59 @@ public class Int16OperationHandler : FloatingPointBaseHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte) ((modRM & 0xC0) >> 6);
byte reg = (byte) ((modRM & 0x38) >> 3);
byte rm = (byte) (modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Set the mnemonic based on the opcode and reg field
instruction.Mnemonic = Mnemonics[reg];
instruction.Mnemonic = Mnemonics[(int)reg];
// For memory operands, set the operand
if (mod != 3) // Memory operand
{
// Need to modify the default dword ptr to word ptr for 16-bit integers
string operand = ModRMDecoder.DecodeModRM(mod, rm, false);
operand = operand.Replace("dword ptr", "word ptr");
instruction.Operands = operand;
instruction.Operands = destOperand.Replace("dword ptr", "word ptr");
}
else // Register operand (ST(i))
{
// Special handling for register-register operations
if (reg == 0) // FADDP
if (reg == RegisterIndex.A) // FADDP
{
instruction.Mnemonic = "faddp";
instruction.Operands = $"st({rm}), st(0)";
instruction.Operands = $"st({(int)rm}), st(0)";
}
else if (reg == 1) // FMULP
else if (reg == RegisterIndex.B) // FMULP
{
instruction.Mnemonic = "fmulp";
instruction.Operands = $"st({rm}), st(0)";
instruction.Operands = $"st({(int)rm}), st(0)";
}
else if (reg == 2 && rm == 1) // FCOMP
else if (reg == RegisterIndex.C && rm == RegisterIndex.B) // FCOMP
{
instruction.Mnemonic = "fcomp";
instruction.Operands = "";
}
else if (reg == 3 && rm == 1) // FCOMPP
else if (reg == RegisterIndex.D && rm == RegisterIndex.B) // FCOMPP
{
instruction.Mnemonic = "fcompp";
instruction.Operands = "";
}
else if (reg == 4) // FSUBP
else if (reg == RegisterIndex.Si) // FSUBP
{
instruction.Mnemonic = "fsubp";
instruction.Operands = $"st({rm}), st(0)";
instruction.Operands = $"st({(int)rm}), st(0)";
}
else if (reg == 5) // FSUBRP
else if (reg == RegisterIndex.Di) // FSUBRP
{
instruction.Mnemonic = "fsubrp";
instruction.Operands = $"st({rm}), st(0)";
instruction.Operands = $"st({(int)rm}), st(0)";
}
else if (reg == 6) // FDIVP
else if (reg == RegisterIndex.Sp) // FDIVP
{
instruction.Mnemonic = "fdivp";
instruction.Operands = $"st({rm}), st(0)";
instruction.Operands = $"st({(int)rm}), st(0)";
}
else if (reg == 7) // FDIVRP
else if (reg == RegisterIndex.Bp) // FDIVRP
{
instruction.Mnemonic = "fdivrp";
instruction.Operands = $"st({rm}), st(0)";
instruction.Operands = $"st({(int)rm}), st(0)";
}
else
{

33
X86Disassembler/X86/Handlers/FloatingPoint/Int32OperationHandler.cs
View File

@ -3,7 +3,7 @@ namespace X86Disassembler.X86.Handlers.FloatingPoint;
/// <summary>
/// Handler for floating-point operations on int32 (DA opcode)
/// </summary>
public class Int32OperationHandler : FloatingPointBaseHandler
public class Int32OperationHandler : InstructionHandler
{
// DA opcode - operations on int32
private static readonly string[] Mnemonics =
@ -55,47 +55,40 @@ public class Int32OperationHandler : FloatingPointBaseHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte) ((modRM & 0xC0) >> 6);
byte reg = (byte) ((modRM & 0x38) >> 3);
byte rm = (byte) (modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Set the mnemonic based on the opcode and reg field
instruction.Mnemonic = Mnemonics[reg];
instruction.Mnemonic = Mnemonics[(int)reg];
// For memory operands, set the operand
if (mod != 3) // Memory operand
{
string operand = ModRMDecoder.DecodeModRM(mod, rm, false);
instruction.Operands = operand;
instruction.Operands = destOperand;
}
else // Register operand (ST(i))
{
// Special handling for register-register operations
if (reg == 0) // FCMOVB
if (reg == RegisterIndex.A) // FCMOVB
{
instruction.Mnemonic = "fcmovb";
instruction.Operands = $"st(0), st({rm})";
instruction.Operands = $"st(0), st({(int)rm})";
}
else if (reg == 1) // FCMOVE
else if (reg == RegisterIndex.B) // FCMOVE
{
instruction.Mnemonic = "fcmove";
instruction.Operands = $"st(0), st({rm})";
instruction.Operands = $"st(0), st({(int)rm})";
}
else if (reg == 2) // FCMOVBE
else if (reg == RegisterIndex.C) // FCMOVBE
{
instruction.Mnemonic = "fcmovbe";
instruction.Operands = $"st(0), st({rm})";
instruction.Operands = $"st(0), st({(int)rm})";
}
else if (reg == 3) // FCMOVU
else if (reg == RegisterIndex.D) // FCMOVU
{
instruction.Mnemonic = "fcmovu";
instruction.Operands = $"st(0), st({rm})";
instruction.Operands = $"st(0), st({(int)rm})";
}
else if (reg == 5 && rm == 1) // FUCOMPP
else if (reg == RegisterIndex.Di && rm == RegisterIndex.B) // FUCOMPP
{
instruction.Mnemonic = "fucompp";
instruction.Operands = "";

78
X86Disassembler/X86/Handlers/FloatingPoint/LoadStoreControlHandler.cs
View File

@ -3,7 +3,7 @@ namespace X86Disassembler.X86.Handlers.FloatingPoint;
/// <summary>
/// Handler for floating-point load, store, and control operations (D9 opcode)
/// </summary>
public class LoadStoreControlHandler : FloatingPointBaseHandler
public class LoadStoreControlHandler : InstructionHandler
{
// D9 opcode - load, store, and control operations
private static readonly string[] Mnemonics =
@ -55,71 +55,63 @@ public class LoadStoreControlHandler : FloatingPointBaseHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3);
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Set the mnemonic based on the opcode and reg field
instruction.Mnemonic = Mnemonics[reg];
instruction.Mnemonic = Mnemonics[(int)reg];
// For memory operands, set the operand
if (mod != 3) // Memory operand
{
string operand = ModRMDecoder.DecodeModRM(mod, rm, false);
// Different operand types based on the instruction
if (reg == 0 || reg == 2 || reg == 3) // fld, fst, fstp
if (reg == RegisterIndex.A || reg == RegisterIndex.C || reg == RegisterIndex.D) // fld, fst, fstp
{
// Keep the dword ptr prefix from ModRMDecoder
instruction.Operands = operand;
instruction.Operands = destOperand;
}
else // fldenv, fldcw, fnstenv, fnstcw
{
if (reg == 5) // fldcw - should use word ptr
if (reg == RegisterIndex.Di) // fldcw - should use word ptr
{
instruction.Operands = operand.Replace("dword ptr", "word ptr");
instruction.Operands = destOperand.Replace("dword ptr", "word ptr");
}
else // fldenv, fnstenv, fnstcw
{
// Remove the dword ptr prefix for other control operations
instruction.Operands = operand.Replace("dword ptr ", "");
instruction.Operands = destOperand.Replace("dword ptr ", "");
}
}
}
else // Register operand (ST(i))
{
// Special handling for D9C0-D9FF (register-register operations)
if (reg == 0) // FLD ST(i)
if (reg == RegisterIndex.A) // FLD ST(i)
{
instruction.Operands = $"st({rm})";
instruction.Operands = $"st({(int)rm})";
}
else if (reg == 1) // FXCH ST(i)
else if (reg == RegisterIndex.B) // FXCH ST(i)
{
instruction.Mnemonic = "fxch";
instruction.Operands = $"st({rm})";
instruction.Operands = $"st({(int)rm})";
}
else if (reg == 4)
else if (reg == RegisterIndex.Si)
{
// D9E0-D9EF special instructions
switch (rm)
{
case 0:
case RegisterIndex.A:
instruction.Mnemonic = "fchs";
instruction.Operands = "";
break;
case 1:
case RegisterIndex.B:
instruction.Mnemonic = "fabs";
instruction.Operands = "";
break;
case 4:
case RegisterIndex.Si:
instruction.Mnemonic = "ftst";
instruction.Operands = "";
break;
case 5:
case RegisterIndex.Di:
instruction.Mnemonic = "fxam";
instruction.Operands = "";
break;
@ -129,40 +121,40 @@ public class LoadStoreControlHandler : FloatingPointBaseHandler
break;
}
}
else if (reg == 5)
else if (reg == RegisterIndex.Di)
{
// D9F0-D9FF special instructions
switch (rm)
{
case 0:
case RegisterIndex.A:
instruction.Mnemonic = "f2xm1";
instruction.Operands = "";
break;
case 1:
case RegisterIndex.B:
instruction.Mnemonic = "fyl2x";
instruction.Operands = "";
break;
case 2:
case RegisterIndex.C:
instruction.Mnemonic = "fptan";
instruction.Operands = "";
break;
case 3:
case RegisterIndex.D:
instruction.Mnemonic = "fpatan";
instruction.Operands = "";
break;
case 4:
case RegisterIndex.Si:
instruction.Mnemonic = "fxtract";
instruction.Operands = "";
break;
case 5:
case RegisterIndex.Di:
instruction.Mnemonic = "fprem1";
instruction.Operands = "";
break;
case 6:
case RegisterIndex.Sp:
instruction.Mnemonic = "fdecstp";
instruction.Operands = "";
break;
case 7:
case RegisterIndex.Bp:
instruction.Mnemonic = "fincstp";
instruction.Operands = "";
break;
@ -172,40 +164,40 @@ public class LoadStoreControlHandler : FloatingPointBaseHandler
break;
}
}
else if (reg == 6)
else if (reg == RegisterIndex.Sp)
{
// D9F0-D9FF more special instructions
switch (rm)
{
case 0:
case RegisterIndex.A:
instruction.Mnemonic = "fprem";
instruction.Operands = "";
break;
case 1:
case RegisterIndex.B:
instruction.Mnemonic = "fyl2xp1";
instruction.Operands = "";
break;
case 2:
case RegisterIndex.C:
instruction.Mnemonic = "fsqrt";
instruction.Operands = "";
break;
case 3:
case RegisterIndex.D:
instruction.Mnemonic = "fsincos";
instruction.Operands = "";
break;
case 4:
case RegisterIndex.Si:
instruction.Mnemonic = "frndint";
instruction.Operands = "";
break;
case 5:
case RegisterIndex.Di:
instruction.Mnemonic = "fscale";
instruction.Operands = "";
break;
case 6:
case RegisterIndex.Sp:
instruction.Mnemonic = "fsin";
instruction.Operands = "";
break;
case 7:
case RegisterIndex.Bp:
instruction.Mnemonic = "fcos";
instruction.Operands = "";
break;

40
X86Disassembler/X86/Handlers/FloatingPoint/LoadStoreFloat64Handler.cs
View File

@ -3,7 +3,7 @@ namespace X86Disassembler.X86.Handlers.FloatingPoint;
/// <summary>
/// Handler for floating-point load/store float64 operations (DD opcode)
/// </summary>
public class LoadStoreFloat64Handler : FloatingPointBaseHandler
public class LoadStoreFloat64Handler : InstructionHandler
{
// DD opcode - load/store float64
private static readonly string[] Mnemonics =
@ -55,59 +55,51 @@ public class LoadStoreFloat64Handler : FloatingPointBaseHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte) ((modRM & 0xC0) >> 6);
byte reg = (byte) ((modRM & 0x38) >> 3);
byte rm = (byte) (modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM(true);// true for 64-bit operand
// Set the mnemonic based on the opcode and reg field
instruction.Mnemonic = Mnemonics[reg];
instruction.Mnemonic = Mnemonics[(int)reg];
// For memory operands, set the operand
if (mod != 3) // Memory operand
{
string operand = ModRMDecoder.DecodeModRM(mod, rm, true); // true for 64-bit operand
if (reg == 0 || reg == 2 || reg == 3) // fld, fst, fstp
if (reg == RegisterIndex.A || reg == RegisterIndex.C || reg == RegisterIndex.D) // fld, fst, fstp
{
instruction.Operands = operand;
instruction.Operands = destOperand;
}
else // frstor, fnsave, fnstsw
{
// Remove the qword ptr prefix for these operations
instruction.Operands = operand.Replace("qword ptr ", "");
instruction.Operands = destOperand.Replace("qword ptr ", "");
}
}
else // Register operand (ST(i))
{
// Special handling for register-register operations
if (reg == 0) // FFREE
if (reg == RegisterIndex.A) // FFREE
{
instruction.Mnemonic = "ffree";
instruction.Operands = $"st({rm})";
instruction.Operands = $"st({(int)rm})";
}
else if (reg == 2) // FST
else if (reg == RegisterIndex.C) // FST
{
instruction.Mnemonic = "fst";
instruction.Operands = $"st({rm})";
instruction.Operands = $"st({(int)rm})";
}
else if (reg == 3) // FSTP
else if (reg == RegisterIndex.D) // FSTP
{
instruction.Mnemonic = "fstp";
instruction.Operands = $"st({rm})";
instruction.Operands = $"st({(int)rm})";
}
else if (reg == 4) // FUCOM
else if (reg == RegisterIndex.Si) // FUCOM
{
instruction.Mnemonic = "fucom";
instruction.Operands = $"st({rm})";
instruction.Operands = $"st({(int)rm})";
}
else if (reg == 5) // FUCOMP
else if (reg == RegisterIndex.Di) // FUCOMP
{
instruction.Mnemonic = "fucomp";
instruction.Operands = $"st({rm})";
instruction.Operands = $"st({(int)rm})";
}
else
{

40
X86Disassembler/X86/Handlers/FloatingPoint/LoadStoreInt16Handler.cs
View File

@ -3,7 +3,7 @@ namespace X86Disassembler.X86.Handlers.FloatingPoint;
/// <summary>
/// Handler for floating-point load/store int16 and miscellaneous operations (DF opcode)
/// </summary>
public class LoadStoreInt16Handler : FloatingPointBaseHandler
public class LoadStoreInt16Handler : InstructionHandler
{
// DF opcode - load/store int16, misc
private static readonly string[] Mnemonics =
@ -55,32 +55,26 @@ public class LoadStoreInt16Handler : FloatingPointBaseHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte) ((modRM & 0xC0) >> 6);
byte reg = (byte) ((modRM & 0x38) >> 3);
byte rm = (byte) (modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Check for FNSTSW AX (DF E0)
if (mod == 3 && reg == 7 && rm == 0)
if (mod == 3 && reg == RegisterIndex.Bp && rm == RegisterIndex.A)
{
// This is handled by the FnstswHandler, so we should not handle it here
return false;
}
// Set the mnemonic based on the opcode and reg field
instruction.Mnemonic = Mnemonics[reg];
instruction.Mnemonic = Mnemonics[(int)reg];
// For memory operands, set the operand
if (mod != 3) // Memory operand
{
string operand = ModRMDecoder.DecodeModRM(mod, rm, false);
if (reg == 0 || reg == 2 || reg == 3 || reg == 5 || reg == 7) // fild, fist, fistp, fild, fistp
if (reg == RegisterIndex.A || reg == RegisterIndex.C || reg == RegisterIndex.D || reg == RegisterIndex.Di || reg == RegisterIndex.Bp) // fild, fist, fistp, fild, fistp
{
if (reg == 5 || reg == 7) // 64-bit integer
if (reg == RegisterIndex.Di || reg == RegisterIndex.Bp) // 64-bit integer
{
// Replace dword ptr with qword ptr for 64-bit integers
operand = operand.Replace("dword ptr", "qword ptr");
@ -93,7 +87,7 @@ public class LoadStoreInt16Handler : FloatingPointBaseHandler
instruction.Operands = operand;
}
}
else if (reg == 4 || reg == 6) // fbld, fbstp
else if (reg == RegisterIndex.Si || reg == RegisterIndex.Sp) // fbld, fbstp
{
// Replace dword ptr with tbyte ptr for 80-bit packed BCD
operand = operand.Replace("dword ptr", "tbyte ptr");
@ -107,41 +101,41 @@ public class LoadStoreInt16Handler : FloatingPointBaseHandler
else // Register operand (ST(i))
{
// Special handling for register-register operations
if (reg == 0) // FFREEP
if (reg == RegisterIndex.A) // FFREEP
{
instruction.Mnemonic = "ffreep";
instruction.Operands = $"st({rm})";
instruction.Operands = $"st({(int)rm})";
}
else if (reg == 1 && rm == 0) // FXCH
else if (reg == RegisterIndex.B && rm == RegisterIndex.A) // FXCH
{
instruction.Mnemonic = "fxch";
instruction.Operands = "";
}
else if (reg == 2 && rm == 0) // FSTP
else if (reg == RegisterIndex.C && rm == RegisterIndex.A) // FSTP
{
instruction.Mnemonic = "fstp";
instruction.Operands = "st(1)";
}
else if (reg == 3 && rm == 0) // FSTP
else if (reg == RegisterIndex.D && rm == RegisterIndex.A) // FSTP
{
instruction.Mnemonic = "fstp";
instruction.Operands = "st(1)";
}
else if (reg == 4) // FNSTSW
else if (reg == RegisterIndex.Si) // FNSTSW
{
// This should not happen as FNSTSW AX is handled by FnstswHandler
instruction.Mnemonic = "??";
instruction.Operands = "";
}
else if (reg == 5) // FUCOMIP
else if (reg == RegisterIndex.Di) // FUCOMIP
{
instruction.Mnemonic = "fucomip";
instruction.Operands = $"st(0), st({rm})";
instruction.Operands = $"st(0), st({(int)rm})";
}
else if (reg == 6) // FCOMIP
else if (reg == RegisterIndex.Sp) // FCOMIP
{
instruction.Mnemonic = "fcomip";
instruction.Operands = $"st(0), st({rm})";
instruction.Operands = $"st(0), st({(int)rm})";
}
else
{

55
X86Disassembler/X86/Handlers/FloatingPoint/LoadStoreInt32Handler.cs
View File

@ -3,7 +3,7 @@ namespace X86Disassembler.X86.Handlers.FloatingPoint;
/// <summary>
/// Handler for floating-point load/store int32 and miscellaneous operations (DB opcode)
/// </summary>
public class LoadStoreInt32Handler : FloatingPointBaseHandler
public class LoadStoreInt32Handler : InstructionHandler
{
// DB opcode - load/store int32, misc
private static readonly string[] Mnemonics =
@ -55,69 +55,60 @@ public class LoadStoreInt32Handler : FloatingPointBaseHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte) ((modRM & 0xC0) >> 6);
byte reg = (byte) ((modRM & 0x38) >> 3);
byte rm = (byte) (modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Set the mnemonic based on the opcode and reg field
instruction.Mnemonic = Mnemonics[reg];
instruction.Mnemonic = Mnemonics[(int)reg];
// For memory operands, set the operand
if (mod != 3) // Memory operand
{
string operand = ModRMDecoder.DecodeModRM(mod, rm, false);
if (reg == 0 || reg == 2 || reg == 3) // fild, fist, fistp
if (reg == RegisterIndex.A || reg == RegisterIndex.C || reg == RegisterIndex.D) // fild, fist, fistp
{
// Keep the dword ptr prefix for integer operations
instruction.Operands = operand;
instruction.Operands = destOperand;
}
else if (reg == 5 || reg == 7) // fld, fstp (extended precision)
else if (reg == RegisterIndex.Di || reg == RegisterIndex.Bp) // fld, fstp (extended precision)
{
// Replace dword ptr with tword ptr for extended precision
operand = operand.Replace("dword ptr", "tword ptr");
instruction.Operands = operand;
instruction.Operands = destOperand.Replace("dword ptr", "tword ptr");
}
else
{
instruction.Operands = operand;
instruction.Operands = destOperand;
}
}
else // Register operand (ST(i))
{
// Special handling for register-register operations
if (reg == 0) // FCMOVNB
if (reg == RegisterIndex.A) // FCMOVNB
{
instruction.Mnemonic = "fcmovnb";
instruction.Operands = $"st(0), st({rm})";
instruction.Operands = $"st(0), st({(int)rm})";
}
else if (reg == 1) // FCMOVNE
else if (reg == RegisterIndex.B) // FCMOVNE
{
instruction.Mnemonic = "fcmovne";
instruction.Operands = $"st(0), st({rm})";
instruction.Operands = $"st(0), st({(int)rm})";
}
else if (reg == 2) // FCMOVNBE
else if (reg == RegisterIndex.C) // FCMOVNBE
{
instruction.Mnemonic = "fcmovnbe";
instruction.Operands = $"st(0), st({rm})";
instruction.Operands = $"st(0), st({(int)rm})";
}
else if (reg == 3) // FCMOVNU
else if (reg == RegisterIndex.D) // FCMOVNU
{
instruction.Mnemonic = "fcmovnu";
instruction.Operands = $"st(0), st({rm})";
instruction.Operands = $"st(0), st({(int)rm})";
}
else if (reg == 4)
else if (reg == RegisterIndex.Si)
{
if (rm == 2) // FCLEX
if (rm == RegisterIndex.C) // FCLEX
{
instruction.Mnemonic = "fclex";
instruction.Operands = "";
}
else if (rm == 3) // FINIT
else if (rm == RegisterIndex.D) // FINIT
{
instruction.Mnemonic = "finit";
instruction.Operands = "";
@ -128,15 +119,15 @@ public class LoadStoreInt32Handler : FloatingPointBaseHandler
instruction.Operands = "";
}
}
else if (reg == 5) // FUCOMI
else if (reg == RegisterIndex.Di) // FUCOMI
{
instruction.Mnemonic = "fucomi";
instruction.Operands = $"st(0), st({rm})";
instruction.Operands = $"st(0), st({(int)rm})";
}
else if (reg == 6) // FCOMI
else if (reg == RegisterIndex.Sp) // FCOMI
{
instruction.Mnemonic = "fcomi";
instruction.Operands = $"st(0), st({rm})";
instruction.Operands = $"st(0), st({(int)rm})";
}
else
{

4
X86Disassembler/X86/Handlers/Inc/IncRegHandler.cs
View File

@ -36,13 +36,13 @@ public class IncRegHandler : InstructionHandler
public override bool Decode(byte opcode, Instruction instruction)
{
// Calculate the register index (0 for EAX, 1 for ECX, etc.)
byte reg = (byte)(opcode - 0x40);
RegisterIndex reg = (RegisterIndex)(byte)(opcode - 0x40);
// Set the mnemonic
instruction.Mnemonic = "inc";
// Set the operand (register name)
instruction.Operands = GetRegister32(reg);
instruction.Operands = ModRMDecoder.GetRegisterName(reg, 32);
return true;
}

22
X86Disassembler/X86/Handlers/InstructionHandler.cs
View File

@ -45,26 +45,4 @@ public abstract class InstructionHandler : IInstructionHandler
/// <param name="instruction">The instruction object to populate</param>
/// <returns>True if the instruction was successfully decoded</returns>
public abstract bool Decode(byte opcode, Instruction instruction);
/// <summary>
/// Gets the 32-bit register name for the given register index
/// </summary>
/// <param name="reg">The register index</param>
/// <returns>The register name</returns>
protected static string GetRegister32(byte reg)
{
string[] registerNames = { "eax", "ecx", "edx", "ebx", "esp", "ebp", "esi", "edi" };
return registerNames[reg & 0x07];
}
/// <summary>
/// Gets the 8-bit register name for the given register index
/// </summary>
/// <param name="reg">The register index</param>
/// <returns>The register name</returns>
protected static string GetRegister8(byte reg)
{
string[] registerNames = { "al", "cl", "dl", "bl", "ah", "ch", "dh", "bh" };
return registerNames[reg & 0x07];
}
}

19
X86Disassembler/X86/Handlers/Lea/LeaR32MHandler.cs
View File

@ -42,13 +42,7 @@ public class LeaR32MHandler : InstructionHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3);
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// LEA only works with memory operands, not registers
if (mod == 3)
@ -60,17 +54,14 @@ public class LeaR32MHandler : InstructionHandler
instruction.Mnemonic = "lea";
// Get the register name
string regName = GetRegister32(reg);
string regName = ModRMDecoder.GetRegisterName(reg, 32);
// Get the memory operand without the size prefix
string operand = ModRMDecoder.DecodeModRM(mod, rm, false);
// Remove the "dword ptr" prefix for LEA instructions
operand = operand.Replace("dword ptr ", "");
destOperand = destOperand.Replace("dword ptr ", "");
// Set the operands
instruction.Operands = $"{regName}, {operand}";
instruction.Operands = $"{regName}, {destOperand}";
return true;
}
}
}

23
X86Disassembler/X86/Handlers/Mov/MovEaxMoffsHandler.cs
View File

@ -11,11 +11,11 @@ public class MovEaxMoffsHandler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public MovEaxMoffsHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public MovEaxMoffsHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,7 +25,7 @@ public class MovEaxMoffsHandler : InstructionHandler
{
return opcode == 0xA0 || opcode == 0xA1;
}
/// <summary>
/// Decodes a MOV EAX, moffs32 or MOV AL, moffs8 instruction
/// </summary>
@ -36,21 +36,24 @@ public class MovEaxMoffsHandler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "mov";
// Get the operand size and register name
int operandSize = (opcode == 0xA0) ? 8 : 32;
string regName = (opcode == 0xA0) ? "al" : "eax";
int operandSize = (opcode == 0xA0)
? 8
: 32;
string regName = ModRMDecoder.GetRegisterName(RegisterIndex.A, operandSize);
// Read the memory offset
uint offset = Decoder.ReadUInt32();
if (Decoder.GetPosition() > Length)
{
return false;
}
// Set the operands
instruction.Operands = $"{regName}, [0x{offset:X}]";
return true;
}
}
}

22
X86Disassembler/X86/Handlers/Mov/MovMemRegHandler.cs
View File

@ -11,11 +11,11 @@ public class MovMemRegHandler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public MovMemRegHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public MovMemRegHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,7 +25,7 @@ public class MovMemRegHandler : InstructionHandler
{
return opcode == 0x88 || opcode == 0x89;
}
/// <summary>
/// Decodes a MOV r/m32, r32 or MOV r/m8, r8 instruction
/// </summary>
@ -36,24 +36,24 @@ public class MovMemRegHandler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "mov";
int position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
// Determine operand size (0 = 8-bit, 1 = 32-bit)
bool operandSize32 = (opcode & 0x01) != 0;
int operandSize = operandSize32 ? 32 : 8;
// Read the ModR/M byte
var (mod, reg, rm, memOperand) = ModRMDecoder.ReadModRM();
// Get register name based on size
string regName = ModRMDecoder.GetRegisterName(reg, operandSize);
// For mod == 3, both operands are registers
if (mod == 3)
{
@ -64,7 +64,7 @@ public class MovMemRegHandler : InstructionHandler
{
instruction.Operands = $"{memOperand}, {regName}";
}
return true;
}
}
}

21
X86Disassembler/X86/Handlers/Mov/MovMoffsEaxHandler.cs
View File

@ -11,11 +11,11 @@ public class MovMoffsEaxHandler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public MovMoffsEaxHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public MovMoffsEaxHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,7 +25,7 @@ public class MovMoffsEaxHandler : InstructionHandler
{
return opcode == 0xA2 || opcode == 0xA3;
}
/// <summary>
/// Decodes a MOV moffs32, EAX or MOV moffs8, AL instruction
/// </summary>
@ -36,21 +36,22 @@ public class MovMoffsEaxHandler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "mov";
// Get the operand size and register name
int operandSize = (opcode == 0xA2) ? 8 : 32;
string regName = (opcode == 0xA2) ? "al" : "eax";
int operandSize = opcode == 0xA2 ? 8 : 32;
string regName = ModRMDecoder.GetRegisterName(RegisterIndex.A, operandSize);
// Read the memory offset
uint offset = Decoder.ReadUInt32();
if (Decoder.GetPosition() > Length)
{
return false;
}
// Set the operands
instruction.Operands = $"[0x{offset:X}], {regName}";
return true;
}
}
}

18
X86Disassembler/X86/Handlers/Mov/MovRegImm32Handler.cs
View File

@ -11,11 +11,11 @@ public class MovRegImm32Handler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public MovRegImm32Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public MovRegImm32Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,7 +25,7 @@ public class MovRegImm32Handler : InstructionHandler
{
return opcode >= 0xB8 && opcode <= 0xBF;
}
/// <summary>
/// Decodes a MOV r32, imm32 instruction
/// </summary>
@ -36,21 +36,21 @@ public class MovRegImm32Handler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "mov";
// Register is encoded in the low 3 bits of the opcode
int reg = opcode & 0x07;
RegisterIndex reg = (RegisterIndex) (opcode & 0x07);
string regName = ModRMDecoder.GetRegisterName(reg, 32);
// Read the immediate value
uint imm32 = Decoder.ReadUInt32();
if (Decoder.GetPosition() > Length)
{
return false;
}
// Set the operands
instruction.Operands = $"{regName}, 0x{imm32:X}";
return true;
}
}
}

19
X86Disassembler/X86/Handlers/Mov/MovRegImm8Handler.cs
View File

@ -11,11 +11,11 @@ public class MovRegImm8Handler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public MovRegImm8Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public MovRegImm8Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,7 +25,7 @@ public class MovRegImm8Handler : InstructionHandler
{
return opcode >= 0xB0 && opcode <= 0xB7;
}
/// <summary>
/// Decodes a MOV r8, imm8 instruction
/// </summary>
@ -36,21 +36,22 @@ public class MovRegImm8Handler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "mov";
// Register is encoded in the low 3 bits of the opcode
int reg = opcode & 0x07;
RegisterIndex reg = (RegisterIndex) (opcode & 0x07);
string regName = ModRMDecoder.GetRegisterName(reg, 8);
// Read the immediate value
byte imm8 = Decoder.ReadByte();
if (Decoder.GetPosition() > Length)
{
return false;
}
// Set the operands
instruction.Operands = $"{regName}, 0x{imm8:X2}";
return true;
}
}
}

45
X86Disassembler/X86/Handlers/Mov/MovRegMemHandler.cs
View File

@ -11,11 +11,11 @@ public class MovRegMemHandler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public MovRegMemHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public MovRegMemHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,7 +25,7 @@ public class MovRegMemHandler : InstructionHandler
{
return opcode == 0x8A || opcode == 0x8B;
}
/// <summary>
/// Decodes a MOV r32, r/m32 or MOV r8, r/m8 instruction
/// </summary>
@ -36,42 +36,36 @@ public class MovRegMemHandler : InstructionHandler
{
// Save the original position for raw bytes calculation
int startPosition = Decoder.GetPosition();
// Set the mnemonic
instruction.Mnemonic = "mov";
if (startPosition >= Length)
{
instruction.Operands = "??";
instruction.RawBytes = new byte[] { opcode };
instruction.RawBytes = new byte[] {opcode};
return true;
}
// Determine operand size (0 = 8-bit, 1 = 32-bit)
bool operandSize32 = (opcode & 0x01) != 0;
int operandSize = operandSize32 ? 32 : 8;
int operandSize = operandSize32
? 32
: 8;
// Use ModRMDecoder to decode the ModR/M byte
var (mod, reg, rm, rmOperand) = ModRMDecoder.ReadModRM(false); // false for 32-bit operand
var (mod, reg, rm, rmOperand) = ModRMDecoder.ReadModRM(); // false for 32-bit operand
// Get register name based on size
string regName;
if (operandSize == 8)
{
regName = GetRegister8(reg);
}
else
{
regName = GetRegister32(reg);
}
string regName = ModRMDecoder.GetRegisterName(reg, operandSize);
// Get the position after decoding the ModR/M byte
int newPosition = Decoder.GetPosition();
// Set the operands - register is the destination, r/m is the source (for 0x8B)
// This matches the correct x86 instruction format: MOV r32, r/m32
instruction.Operands = $"{regName}, {rmOperand}";
// Set the raw bytes
int totalBytes = newPosition - startPosition + 1; // +1 for opcode
byte[] rawBytes = new byte[totalBytes];
@ -83,8 +77,9 @@ public class MovRegMemHandler : InstructionHandler
rawBytes[i + 1] = CodeBuffer[startPosition + i];
}
}
instruction.RawBytes = rawBytes;
return true;
}
}
}

11
X86Disassembler/X86/Handlers/Mov/MovRm32Imm32Handler.cs
View File

@ -48,7 +48,7 @@ public class MovRm32Imm32Handler : InstructionHandler
}
// Use ModRMDecoder to decode the ModR/M byte
var (mod, reg, rm, rmOperand) = ModRMDecoder.ReadModRM(false);
var (mod, reg, rm, operand) = ModRMDecoder.ReadModRM(false);
// MOV r/m32, imm32 only uses reg=0
if (reg != 0)
@ -88,15 +88,10 @@ public class MovRm32Imm32Handler : InstructionHandler
}
// Read the immediate dword
byte b0 = CodeBuffer[newPosition];
byte b1 = CodeBuffer[newPosition + 1];
byte b2 = CodeBuffer[newPosition + 2];
byte b3 = CodeBuffer[newPosition + 3];
uint imm32 = (uint)(b0 | (b1 << 8) | (b2 << 16) | (b3 << 24));
Decoder.SetPosition(newPosition + 4);
uint imm32 = Decoder.ReadUInt32();
// Set the operands
instruction.Operands = $"{rmOperand}, 0x{imm32:X8}";
instruction.Operands = $"{operand}, 0x{imm32:X8}";
// Set the raw bytes
byte[] rawBytes = new byte[Decoder.GetPosition() - startPosition + 1]; // +1 for opcode

114
X86Disassembler/X86/Handlers/Mov/MovRm8Imm8Handler.cs
View File

@ -34,22 +34,18 @@ public class MovRm8Imm8Handler : InstructionHandler
/// <returns>True if the instruction was successfully decoded</returns>
public override bool Decode(byte opcode, Instruction instruction)
{
// Save the original position for raw bytes calculation
int startPosition = Decoder.GetPosition();
int position = startPosition;
// Set the mnemonic
instruction.Mnemonic = "mov";
int position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3);
byte rm = (byte)(modRM & 0x07);
// Read the ModR/M byte
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// MOV r/m8, imm8 only uses reg=0
if (reg != 0)
@ -57,98 +53,28 @@ public class MovRm8Imm8Handler : InstructionHandler
return false;
}
// Track the bytes needed for this instruction
int bytesNeeded = 1; // ModR/M byte
// Process SIB byte if needed
byte sib = 0;
if (mod != 3 && rm == 4) // SIB byte present
// For direct register addressing (mod == 3), use 8-bit register names
if (mod == 3)
{
if (position >= Length)
{
return false;
}
sib = CodeBuffer[position++];
bytesNeeded++;
// Use 8-bit register names for direct register addressing
destOperand = ModRMDecoder.GetRegisterName(rm, 8);
}
else
{
// Replace the size prefix with "byte ptr" for memory operands
destOperand = destOperand.Replace("dword ptr", "byte ptr");
}
// Handle displacement
int dispSize = 0;
if (mod == 0 && rm == 5) // 32-bit displacement
{
dispSize = 4;
}
else if (mod == 1) // 8-bit displacement
{
dispSize = 1;
}
else if (mod == 2) // 32-bit displacement
{
dispSize = 4;
}
// Check if we have enough bytes for the displacement
if (position + dispSize > Length)
// Read the immediate value
if (Decoder.GetPosition() >= Length)
{
return false;
}
// Skip over the displacement bytes
position += dispSize;
bytesNeeded += dispSize;
byte imm8 = Decoder.ReadByte();
// Read the immediate byte
if (position >= Length)
{
return false;
}
byte imm8 = CodeBuffer[position++];
bytesNeeded++; // Immediate byte
// Update the decoder position
Decoder.SetPosition(position);
// Set the mnemonic
instruction.Mnemonic = "mov";
// Use ModRMDecoder to get the operand string
var modRMDecoder = new ModRMDecoder(CodeBuffer, Decoder, Length);
// Reset the decoder position to after the ModR/M byte
Decoder.SetPosition(startPosition + 1);
// Get the operand string
string operand;
if (mod != 3) // Memory operand
{
string memOperand = modRMDecoder.DecodeModRM(mod, rm, false);
// Replace the size prefix with "byte ptr"
operand = memOperand.Replace("dword ptr", "byte ptr");
}
else // Register operand
{
operand = GetRegister8(rm);
}
// Set the operands
instruction.Operands = $"{operand}, 0x{imm8:X2}";
// Set the raw bytes
byte[] rawBytes = new byte[bytesNeeded + 1]; // +1 for opcode
rawBytes[0] = opcode;
for (int i = 0; i < bytesNeeded; i++)
{
if (startPosition + i < Length)
{
rawBytes[i + 1] = CodeBuffer[startPosition + i];
}
}
instruction.RawBytes = rawBytes;
// Restore the decoder position
Decoder.SetPosition(position);
instruction.Operands = $"{destOperand}, 0x{imm8:X2}";
return true;
}

137
X86Disassembler/X86/Handlers/Nop/MultiByteNopHandler.cs
View File

@ -29,15 +29,15 @@ public class MultiByteNopHandler : InstructionHandler
{
return false;
}
int position = Decoder.GetPosition();
// Check if we have enough bytes to read the second opcode
if (position >= Length)
{
return false;
}
// Check if the second byte is 0x1F (part of the multi-byte NOP encoding)
byte secondByte = CodeBuffer[position];
return secondByte == 0x1F;
@ -53,103 +53,82 @@ public class MultiByteNopHandler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "nop";
int position = Decoder.GetPosition();
// Skip the second byte (0x1F)
position++;
Decoder.ReadByte();
// Check if we have enough bytes to read the ModR/M byte
if (position >= Length)
if (Decoder.GetPosition() >= Length)
{
return false;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3);
byte rm = (byte)(modRM & 0x07);
// Update the decoder position
Decoder.SetPosition(position);
// Check if we have an operand size prefix (0x66)
bool hasOperandSizePrefix = Decoder.HasOperandSizeOverridePrefix();
// Determine the size of the operand
string ptrType = hasOperandSizePrefix ? "word ptr" : "dword ptr";
// Decode the memory operand
// Read the ModR/M byte to identify the NOP variant
int position = Decoder.GetPosition();
byte modRm = CodeBuffer[position];
Decoder.SetPosition(position + 1); // Skip the ModR/M byte
// Determine the operand based on the NOP variant
string memOperand;
if (mod == 3)
// 3-byte NOP: 0F 1F 00
if (modRm == 0x00)
{
// This is a register operand, which is not a valid multi-byte NOP
// But we'll handle it anyway
memOperand = ModRMDecoder.GetRegisterName(rm, 32);
memOperand = "[eax]";
}
// 4-byte NOP: 0F 1F 40 00
else if (modRm == 0x40 && position + 1 < Length && CodeBuffer[position + 1] == 0x00)
{
memOperand = "[eax]";
Decoder.SetPosition(position + 2); // Skip the displacement byte
}
// 5-byte NOP: 0F 1F 44 00 00
else if (modRm == 0x44 && position + 2 < Length &&
CodeBuffer[position + 1] == 0x00 && CodeBuffer[position + 2] == 0x00)
{
memOperand = "[eax+eax*1]";
Decoder.SetPosition(position + 3); // Skip the SIB and displacement bytes
}
// 6-byte NOP: 0F 1F 44 00 00 00
else if (modRm == 0x44 && position + 3 < Length &&
CodeBuffer[position + 1] == 0x00 && CodeBuffer[position + 2] == 0x00 &&
CodeBuffer[position + 3] == 0x00)
{
memOperand = "[eax+eax*1]";
Decoder.SetPosition(position + 4); // Skip the SIB, displacement, and extra byte
}
// 7-byte NOP: 0F 1F 80 00 00 00 00
else if (modRm == 0x80 && position + 4 < Length &&
CodeBuffer[position + 1] == 0x00 && CodeBuffer[position + 2] == 0x00 &&
CodeBuffer[position + 3] == 0x00 && CodeBuffer[position + 4] == 0x00)
{
memOperand = "[eax]";
Decoder.SetPosition(position + 5); // Skip the displacement bytes
}
// 8-byte NOP: 0F 1F 84 00 00 00 00 00
else if (modRm == 0x84 && position + 5 < Length &&
CodeBuffer[position + 1] == 0x00 && CodeBuffer[position + 2] == 0x00 &&
CodeBuffer[position + 3] == 0x00 && CodeBuffer[position + 4] == 0x00 &&
CodeBuffer[position + 5] == 0x00)
{
memOperand = "[eax+eax*1]";
Decoder.SetPosition(position + 6); // Skip the SIB and displacement bytes
}
// For any other variant, use a generic NOP operand
else
{
// For specific NOP variants, use the expected format directly
// This ensures we match the exact format expected by the tests
// 3-byte NOP: 0F 1F 00
if (modRM == 0x00)
{
memOperand = "[eax]";
}
// 4-byte NOP: 0F 1F 40 00
else if (modRM == 0x40 && position < Length && CodeBuffer[position] == 0x00)
{
memOperand = "[eax]";
// Skip the displacement byte
Decoder.SetPosition(position + 1);
}
// 5-byte NOP: 0F 1F 44 00 00
else if (modRM == 0x44 && position + 1 < Length && CodeBuffer[position] == 0x00 && CodeBuffer[position + 1] == 0x00)
{
memOperand = "[eax+eax*1]";
// Skip the SIB and displacement bytes
Decoder.SetPosition(position + 2);
}
// 7-byte NOP: 0F 1F 80 00 00 00 00
else if (modRM == 0x80 && position + 3 < Length &&
CodeBuffer[position] == 0x00 && CodeBuffer[position + 1] == 0x00 &&
CodeBuffer[position + 2] == 0x00 && CodeBuffer[position + 3] == 0x00)
{
memOperand = "[eax]";
// Skip the displacement bytes
Decoder.SetPosition(position + 4);
}
// 8-byte NOP: 0F 1F 84 00 00 00 00 00
else if (modRM == 0x84 && position + 4 < Length &&
CodeBuffer[position] == 0x00 && CodeBuffer[position + 1] == 0x00 &&
CodeBuffer[position + 2] == 0x00 && CodeBuffer[position + 3] == 0x00 &&
CodeBuffer[position + 4] == 0x00)
{
memOperand = "[eax+eax*1]";
// Skip the SIB and displacement bytes
Decoder.SetPosition(position + 5);
}
else
{
// For other cases, use the standard ModR/M decoding
memOperand = ModRMDecoder.DecodeModRM(mod, rm, false);
// Remove the "dword ptr" prefix if present, as we'll add it back later
if (memOperand.StartsWith("dword ptr "))
{
memOperand = memOperand.Substring(10);
}
}
memOperand = "[eax]";
}
// Set the operands
// Set the operands with the appropriate size prefix
instruction.Operands = $"{ptrType} {memOperand}";
return true;
}
}
}

3
X86Disassembler/X86/Handlers/Or/OrAlImmHandler.cs
View File

@ -42,8 +42,7 @@ public class OrAlImmHandler : InstructionHandler
}
// Read the immediate byte
byte imm8 = CodeBuffer[position++];
Decoder.SetPosition(position);
byte imm8 = Decoder.ReadByte();
// Set the mnemonic
instruction.Mnemonic = "or";

8
X86Disassembler/X86/Handlers/Or/OrEaxImmHandler.cs
View File

@ -42,12 +42,8 @@ public class OrEaxImmHandler : InstructionHandler
}
// Read the immediate dword (little-endian)
byte b0 = CodeBuffer[position++];
byte b1 = CodeBuffer[position++];
byte b2 = CodeBuffer[position++];
byte b3 = CodeBuffer[position++];
uint imm32 = (uint)(b0 | (b1 << 8) | (b2 << 16) | (b3 << 24));
Decoder.SetPosition(position);
uint imm32 = Decoder.ReadUInt32();
// Set the mnemonic
instruction.Mnemonic = "or";

45
X86Disassembler/X86/Handlers/Or/OrImmToRm32Handler.cs
View File

@ -11,11 +11,11 @@ public class OrImmToRm32Handler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public OrImmToRm32Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public OrImmToRm32Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,18 +25,18 @@ public class OrImmToRm32Handler : InstructionHandler
{
if (opcode != 0x81)
return false;
// Check if the reg field of the ModR/M byte is 1 (OR)
int position = Decoder.GetPosition();
if (position >= Length)
return false;
byte modRM = CodeBuffer[position];
byte reg = (byte)((modRM & 0x38) >> 3);
byte reg = (byte) ((modRM & 0x38) >> 3);
return reg == 1; // 1 = OR
}
/// <summary>
/// Decodes an OR r/m32, imm32 instruction
/// </summary>
@ -47,38 +47,29 @@ public class OrImmToRm32Handler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "or";
int position = Decoder.GetPosition();
if (position >= Length)
if (Decoder.GetPosition() >= Length)
{
return false;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 1 for OR
byte rm = (byte)(modRM & 0x07);
// Decode the destination operand
string destOperand = ModRMDecoder.DecodeModRM(mod, rm, false);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
int position = Decoder.GetPosition();
// Read the immediate value
if (position + 3 >= Length)
{
return false;
}
uint imm32 = BitConverter.ToUInt32(CodeBuffer, position);
Decoder.SetPosition(position + 4);
// Set the operands
instruction.Operands = $"{destOperand}, 0x{imm32:X8}";
return true;
}
}
}

46
X86Disassembler/X86/Handlers/Or/OrImmToRm32SignExtendedHandler.cs
View File

@ -11,11 +11,11 @@ public class OrImmToRm32SignExtendedHandler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public OrImmToRm32SignExtendedHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public OrImmToRm32SignExtendedHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,18 +25,18 @@ public class OrImmToRm32SignExtendedHandler : InstructionHandler
{
if (opcode != 0x83)
return false;
// Check if the reg field of the ModR/M byte is 1 (OR)
int position = Decoder.GetPosition();
if (position >= Length)
return false;
byte modRM = CodeBuffer[position];
byte reg = (byte)((modRM & 0x38) >> 3);
byte reg = (byte) ((modRM & 0x38) >> 3);
return reg == 1; // 1 = OR
}
/// <summary>
/// Decodes an OR r/m32, imm8 (sign-extended) instruction
/// </summary>
@ -47,39 +47,29 @@ public class OrImmToRm32SignExtendedHandler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "or";
int position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 1 for OR
byte rm = (byte)(modRM & 0x07);
// Decode the destination operand
string destOperand = ModRMDecoder.DecodeModRM(mod, rm, false);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Read the immediate value (sign-extended from 8 to 32 bits)
if (position >= Length)
{
return false;
}
sbyte imm8 = (sbyte)CodeBuffer[position];
int imm32 = imm8; // Sign-extend to 32 bits
Decoder.SetPosition(position + 1);
// Sign-extend to 32 bits
int imm32 = (sbyte) Decoder.ReadByte();
// Set the operands
instruction.Operands = $"{destOperand}, 0x{imm32:X8}";
return true;
}
}
}

56
X86Disassembler/X86/Handlers/Or/OrImmToRm8Handler.cs
View File

@ -11,11 +11,11 @@ public class OrImmToRm8Handler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public OrImmToRm8Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public OrImmToRm8Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,18 +25,18 @@ public class OrImmToRm8Handler : InstructionHandler
{
if (opcode != 0x80)
return false;
// Check if the reg field of the ModR/M byte is 1 (OR)
int position = Decoder.GetPosition();
if (position >= Length)
return false;
byte modRM = CodeBuffer[position];
byte reg = (byte)((modRM & 0x38) >> 3);
byte reg = (byte) ((modRM & 0x38) >> 3);
return reg == 1; // 1 = OR
}
/// <summary>
/// Decodes an OR r/m8, imm8 instruction
/// </summary>
@ -47,49 +47,37 @@ public class OrImmToRm8Handler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "or";
int position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 1 for OR
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// For direct register addressing (mod == 3), use 8-bit register names
string destOperand;
if (mod == 3)
{
// Use 8-bit register names for direct register addressing
destOperand = GetRegister8(rm);
destOperand = ModRMDecoder.GetRegisterName(rm, 8);
}
else
{
// Use ModR/M decoder for memory addressing
destOperand = ModRMDecoder.DecodeModRM(mod, rm, false);
}
Decoder.SetPosition(position);
// Read the immediate value
position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
byte imm8 = CodeBuffer[position++];
Decoder.SetPosition(position);
// Read the immediate value
byte imm8 = Decoder.ReadByte();
// Set the operands
instruction.Operands = $"{destOperand}, 0x{imm8:X2}";
return true;
}
}
}

15
X86Disassembler/X86/Handlers/Or/OrR32Rm32Handler.cs
View File

@ -42,29 +42,22 @@ public class OrR32Rm32Handler : InstructionHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3);
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Set the mnemonic
instruction.Mnemonic = "or";
// Get the register name
string regName = GetRegister32(reg);
string regName = ModRMDecoder.GetRegisterName(reg, 32);
// For memory operands, set the operand
if (mod != 3) // Memory operand
{
string operand = ModRMDecoder.DecodeModRM(mod, rm, false);
instruction.Operands = $"{regName}, {operand}";
instruction.Operands = $"{regName}, {destOperand}";
}
else // Register operand
{
string rmName = GetRegister32(rm);
string rmName = ModRMDecoder.GetRegisterName(rm, 32);
instruction.Operands = $"{regName}, {rmName}";
}

17
X86Disassembler/X86/Handlers/Or/OrR8Rm8Handler.cs
View File

@ -42,31 +42,24 @@ public class OrR8Rm8Handler : InstructionHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3);
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Set the mnemonic
instruction.Mnemonic = "or";
// Get the register name
string regName = GetRegister8(reg);
string regName = ModRMDecoder.GetRegisterName(reg, 8);
// For memory operands, set the operand
if (mod != 3) // Memory operand
{
string operand = ModRMDecoder.DecodeModRM(mod, rm, false);
// Replace dword ptr with byte ptr for 8-bit operations
operand = operand.Replace("dword ptr", "byte ptr");
instruction.Operands = $"{regName}, {operand}";
destOperand = destOperand.Replace("dword ptr", "byte ptr");
instruction.Operands = $"{regName}, {destOperand}";
}
else // Register operand
{
string rmName = GetRegister8(rm);
string rmName = ModRMDecoder.GetRegisterName(rm, 8);
instruction.Operands = $"{regName}, {rmName}";
}

22
X86Disassembler/X86/Handlers/Or/OrRm8R8Handler.cs
View File

@ -5,9 +5,6 @@ namespace X86Disassembler.X86.Handlers.Or;
/// </summary>
public class OrRm8R8Handler : InstructionHandler
{
// 8-bit register names
private static readonly string[] RegisterNames8 = { "al", "cl", "dl", "bl", "ah", "ch", "dh", "bh" };
/// <summary>
/// Initializes a new instance of the OrRm8R8Handler class
/// </summary>
@ -59,17 +56,10 @@ public class OrRm8R8Handler : InstructionHandler
return true;
}
// Proceed with normal ModR/M decoding
position++;
Decoder.SetPosition(position);
// Extract fields from ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6); // Top 2 bits
byte reg = (byte)((modRM & 0x38) >> 3); // Middle 3 bits
byte rm = (byte)(modRM & 0x07); // Bottom 3 bits
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// The register operand is in the reg field (8-bit register)
string regOperand = RegisterNames8[reg];
string regOperand = ModRMDecoder.GetRegisterName(reg, 8);
// Handle the r/m operand based on mod field
string rmOperand;
@ -77,16 +67,12 @@ public class OrRm8R8Handler : InstructionHandler
if (mod == 3) // Register-to-register
{
// Direct register addressing
rmOperand = RegisterNames8[rm];
rmOperand = ModRMDecoder.GetRegisterName(rm, 8);
}
else // Memory addressing
{
// Use ModRMDecoder for memory addressing, but we need to adjust for 8-bit operands
var modRMDecoder = new ModRMDecoder(CodeBuffer, Decoder, Length);
string memOperand = modRMDecoder.DecodeModRM(mod, rm, false); // false = not 64-bit
// Replace "dword ptr" with "byte ptr" for 8-bit operands
rmOperand = memOperand.Replace("dword ptr", "byte ptr");
rmOperand = destOperand.Replace("dword ptr", "byte ptr");
}
// Set the operands (r/m8, r8 format)

2
X86Disassembler/X86/Handlers/Pop/PopRegHandler.cs
View File

@ -38,7 +38,7 @@ public class PopRegHandler : InstructionHandler
instruction.Mnemonic = "pop";
// Register is encoded in the low 3 bits of the opcode
int reg = opcode & 0x07;
RegisterIndex reg = (RegisterIndex)(opcode & 0x07);
string regName = ModRMDecoder.GetRegisterName(reg, 32);
// Set the operands

18
X86Disassembler/X86/Handlers/Push/PushImm32Handler.cs
View File

@ -11,11 +11,11 @@ public class PushImm32Handler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public PushImm32Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public PushImm32Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,7 +25,7 @@ public class PushImm32Handler : InstructionHandler
{
return opcode == 0x68;
}
/// <summary>
/// Decodes a PUSH imm32 instruction
/// </summary>
@ -36,17 +36,13 @@ public class PushImm32Handler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "push";
// Read the immediate value
uint imm32 = Decoder.ReadUInt32();
if (Decoder.GetPosition() > Length)
{
return false;
}
// Set the operands with 8-digit padding to match test expectations
instruction.Operands = $"0x{imm32:X8}";
return true;
}
}
}

18
X86Disassembler/X86/Handlers/Push/PushImm8Handler.cs
View File

@ -11,11 +11,11 @@ public class PushImm8Handler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public PushImm8Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public PushImm8Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,7 +25,7 @@ public class PushImm8Handler : InstructionHandler
{
return opcode == 0x6A;
}
/// <summary>
/// Decodes a PUSH imm8 instruction
/// </summary>
@ -36,17 +36,13 @@ public class PushImm8Handler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "push";
// Read the immediate value
byte imm8 = Decoder.ReadByte();
if (Decoder.GetPosition() > Length)
{
return false;
}
// Set the operands
instruction.Operands = $"0x{imm8:X2}";
return true;
}
}
}

16
X86Disassembler/X86/Handlers/Push/PushRegHandler.cs
View File

@ -11,11 +11,11 @@ public class PushRegHandler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public PushRegHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public PushRegHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,7 +25,7 @@ public class PushRegHandler : InstructionHandler
{
return opcode >= 0x50 && opcode <= 0x57;
}
/// <summary>
/// Decodes a PUSH r32 instruction
/// </summary>
@ -36,14 +36,14 @@ public class PushRegHandler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "push";
// Register is encoded in the low 3 bits of the opcode
int reg = opcode & 0x07;
RegisterIndex reg = (RegisterIndex) (opcode & 0x07);
string regName = ModRMDecoder.GetRegisterName(reg, 32);
// Set the operands
instruction.Operands = regName;
return true;
}
}
}

15
X86Disassembler/X86/Handlers/Push/PushRm32Handler.cs
View File

@ -42,16 +42,10 @@ public class PushRm32Handler : InstructionHandler
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3);
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// PUSH r/m32 is encoded as FF /6
if (reg != 6)
if (reg != RegisterIndex.Sp)
{
return false;
}
@ -62,12 +56,11 @@ public class PushRm32Handler : InstructionHandler
// For memory operands, set the operand
if (mod != 3) // Memory operand
{
string operand = ModRMDecoder.DecodeModRM(mod, rm, false);
instruction.Operands = operand;
instruction.Operands = destOperand;
}
else // Register operand
{
string rmName = GetRegister32(rm);
string rmName = ModRMDecoder.GetRegisterName(rm, 32);
instruction.Operands = rmName;
}

54
X86Disassembler/X86/Handlers/Sbb/SbbImmFromRm32Handler.cs
View File

@ -11,11 +11,11 @@ public class SbbImmFromRm32Handler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public SbbImmFromRm32Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public SbbImmFromRm32Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,18 +25,18 @@ public class SbbImmFromRm32Handler : InstructionHandler
{
if (opcode != 0x81)
return false;
// Check if the reg field of the ModR/M byte is 3 (SBB)
int position = Decoder.GetPosition();
if (position >= Length)
return false;
byte modRM = CodeBuffer[position];
byte reg = (byte)((modRM & 0x38) >> 3);
byte reg = (byte) ((modRM & 0x38) >> 3);
return reg == 3; // 3 = SBB
}
/// <summary>
/// Decodes a SBB r/m32, imm32 instruction
/// </summary>
@ -47,49 +47,33 @@ public class SbbImmFromRm32Handler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "sbb";
int position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 3 for SBB
byte rm = (byte)(modRM & 0x07);
// Decode the destination operand
string destOperand = ModRMDecoder.DecodeModRM(mod, rm, false);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Read the immediate value
if (position + 3 >= Length)
{
return false;
}
// Read the immediate value in little-endian format
byte b0 = CodeBuffer[position];
byte b1 = CodeBuffer[position + 1];
byte b2 = CodeBuffer[position + 2];
byte b3 = CodeBuffer[position + 3];
var imm32 = Decoder.ReadUInt32();
// Format the immediate value as expected by the tests (0x12345678)
// Note: The bytes are reversed to match the expected format in the tests
string immStr = $"0x{b3:X2}{b2:X2}{b1:X2}{b0:X2}";
// Advance the position past the immediate value
position += 4;
Decoder.SetPosition(position);
string immStr = $"0x{imm32:X8}";
// Set the operands
instruction.Operands = $"{destOperand}, {immStr}";
return true;
}
}
}

46
X86Disassembler/X86/Handlers/Sbb/SbbImmFromRm32SignExtendedHandler.cs
View File

@ -11,11 +11,11 @@ public class SbbImmFromRm32SignExtendedHandler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public SbbImmFromRm32SignExtendedHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public SbbImmFromRm32SignExtendedHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,18 +25,18 @@ public class SbbImmFromRm32SignExtendedHandler : InstructionHandler
{
if (opcode != 0x83)
return false;
// Check if the reg field of the ModR/M byte is 3 (SBB)
int position = Decoder.GetPosition();
if (position >= Length)
return false;
byte modRM = CodeBuffer[position];
byte reg = (byte)((modRM & 0x38) >> 3);
byte reg = (byte) ((modRM & 0x38) >> 3);
return reg == 3; // 3 = SBB
}
/// <summary>
/// Decodes a SBB r/m32, imm8 (sign-extended) instruction
/// </summary>
@ -47,39 +47,29 @@ public class SbbImmFromRm32SignExtendedHandler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "sbb";
int position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 3 for SBB
byte rm = (byte)(modRM & 0x07);
// Decode the destination operand
string destOperand = ModRMDecoder.DecodeModRM(mod, rm, false);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Read the immediate value (sign-extended from 8 to 32 bits)
if (position >= Length)
{
return false;
}
sbyte imm8 = (sbyte)CodeBuffer[position];
int imm32 = imm8; // Sign-extend to 32 bits
Decoder.SetPosition(position + 1);
// Sign-extend to 32 bits
int imm32 = (sbyte) Decoder.ReadByte();
// Set the operands
instruction.Operands = $"{destOperand}, 0x{imm32:X8}";
return true;
}
}
}

15
X86Disassembler/X86/Handlers/String/StringInstructionHandler.cs
View File

@ -6,7 +6,7 @@ namespace X86Disassembler.X86.Handlers.String;
public class StringInstructionHandler : InstructionHandler
{
// Dictionary mapping opcodes to their mnemonics
private static readonly Dictionary<byte, string> _mnemonics = new Dictionary<byte, string>
private static readonly Dictionary<byte, string> Mnemonics = new()
{
{ 0xA4, "movs" }, // MOVSB
{ 0xA5, "movs" }, // MOVSD
@ -41,7 +41,7 @@ public class StringInstructionHandler : InstructionHandler
public override bool CanHandle(byte opcode)
{
// Check if the opcode is a string instruction
if (_mnemonics.ContainsKey(opcode))
if (Mnemonics.ContainsKey(opcode))
{
return true;
}
@ -53,7 +53,7 @@ public class StringInstructionHandler : InstructionHandler
if (position < Length)
{
byte nextByte = CodeBuffer[position];
return _mnemonics.ContainsKey(nextByte);
return Mnemonics.ContainsKey(nextByte);
}
}
@ -82,18 +82,15 @@ public class StringInstructionHandler : InstructionHandler
return false;
}
stringOpcode = CodeBuffer[position];
if (!_mnemonics.ContainsKey(stringOpcode))
stringOpcode = Decoder.ReadByte();
if (!Mnemonics.ContainsKey(stringOpcode))
{
return false;
}
// Skip the string instruction opcode
Decoder.SetPosition(position + 1);
}
// Set the mnemonic
if (_mnemonics.TryGetValue(stringOpcode, out string? mnemonic))
if (Mnemonics.TryGetValue(stringOpcode, out string? mnemonic))
{
instruction.Mnemonic = prefixString + mnemonic;
}

3
X86Disassembler/X86/Handlers/Sub/SubAlImm8Handler.cs
View File

@ -42,8 +42,7 @@ public class SubAlImm8Handler : InstructionHandler
}
// Read the immediate byte
byte imm8 = CodeBuffer[position++];
Decoder.SetPosition(position);
byte imm8 = Decoder.ReadByte();
// Set the instruction information
instruction.Mnemonic = "sub";

12
X86Disassembler/X86/Handlers/Sub/SubImmFromRm16Handler.cs
View File

@ -43,10 +43,10 @@ public class SubImmFromRm16Handler : InstructionHandler
}
// Extract the fields from the ModR/M byte
var (mod, reg, rm, operand) = ModRMDecoder.ReadModRM();
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Check if this is a SUB instruction (reg field must be 5)
if (reg != 5)
if (reg != RegisterIndex.Di)
{
return false;
}
@ -54,9 +54,6 @@ public class SubImmFromRm16Handler : InstructionHandler
// Set the mnemonic
instruction.Mnemonic = "sub";
// Update the decoder position
Decoder.SetPosition(position);
// For mod == 3, the r/m field specifies a register
string destination;
if (mod == 3)
@ -66,11 +63,8 @@ public class SubImmFromRm16Handler : InstructionHandler
}
else
{
// Get the memory operand string
destination = ModRMDecoder.DecodeModRM(mod, rm, false);
// Replace "dword" with "word" in the memory operand
destination = destination.Replace("dword", "word");
destination = destOperand.Replace("dword", "word");
}
// Get the current position after processing the ModR/M byte

9
X86Disassembler/X86/Handlers/Sub/SubImmFromRm16SignExtendedHandler.cs
View File

@ -43,10 +43,10 @@ public class SubImmFromRm16SignExtendedHandler : InstructionHandler
}
// Extract the fields from the ModR/M byte
var (mod, reg, rm, operand) = ModRMDecoder.ReadModRM();
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Check if this is a SUB instruction (reg field must be 5)
if (reg != 5)
if (reg != RegisterIndex.Di)
{
return false;
}
@ -63,11 +63,8 @@ public class SubImmFromRm16SignExtendedHandler : InstructionHandler
}
else
{
// Get the memory operand string
destination = ModRMDecoder.DecodeModRM(mod, rm, false);
// Replace "dword" with "word" in the memory operand
destination = destination.Replace("dword", "word");
destination = destOperand.Replace("dword", "word");
}
// Get the current position after processing the ModR/M byte

4
X86Disassembler/X86/Handlers/Sub/SubImmFromRm32Handler.cs
View File

@ -77,10 +77,6 @@ public class SubImmFromRm32Handler : InstructionHandler
// Format the immediate value
string immStr = $"0x{imm:X8}";
// Advance the position past the immediate value
position += 4;
Decoder.SetPosition(position);
// Set the operands
instruction.Operands = $"{destOperand}, {immStr}";

11
X86Disassembler/X86/Handlers/Sub/SubImmFromRm32SignExtendedHandler.cs
View File

@ -70,9 +70,8 @@ public class SubImmFromRm32SignExtendedHandler : InstructionHandler
return false;
}
// Read the immediate value as a signed byte and sign-extend it to 32 bits
sbyte imm8 = (sbyte) Decoder.ReadByte();
int imm32 = imm8; // Automatic sign extension from sbyte to int
// Read the immediate value as a signed byte and sign-extend it to 32 bits with sign extension from sbyte to int
int imm32 = (sbyte) Decoder.ReadByte();
// Format the immediate value based on the operand type and value
string immStr;
@ -81,12 +80,12 @@ public class SubImmFromRm32SignExtendedHandler : InstructionHandler
if (mod != 3) // Memory operand
{
// For memory operands, use the actual value as specified in the test
immStr = $"0x{(byte) imm8:X2}";
immStr = $"0x{(byte) imm32:X2}";
}
else // Register operand
{
// For register operands, format based on whether it's negative or not
if (imm8 < 0)
if (imm32 < 0)
{
// For negative values, show the full 32-bit representation with 8-digit padding
immStr = $"0x{(uint) imm32:X8}";
@ -94,7 +93,7 @@ public class SubImmFromRm32SignExtendedHandler : InstructionHandler
else
{
// For positive values, just show the value with 2-digit padding for consistency
immStr = $"0x{(byte) imm8:X2}";
immStr = $"0x{(byte) imm32:X2}";
}
}

8
X86Disassembler/X86/Handlers/Sub/SubImmFromRm8Handler.cs
View File

@ -49,7 +49,7 @@ public class SubImmFromRm8Handler : InstructionHandler
instruction.Mnemonic = "sub";
// Extract the fields from the ModR/M byte
var (mod, reg, rm, operand) = ModRMDecoder.ReadModRM();
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Read the immediate byte
var position = Decoder.GetPosition();
@ -58,8 +58,7 @@ public class SubImmFromRm8Handler : InstructionHandler
return false;
}
byte imm8 = CodeBuffer[position++];
Decoder.SetPosition(position);
byte imm8 = Decoder.ReadByte();
// Set the instruction information
// For mod == 3, the operand is a register
@ -71,8 +70,7 @@ public class SubImmFromRm8Handler : InstructionHandler
else // Memory operand
{
// Get the memory operand string
string memOperand = ModRMDecoder.DecodeModRM(mod, rm, false);
instruction.Operands = $"byte ptr {memOperand}, 0x{imm8:X2}";
instruction.Operands = $"byte ptr {destOperand}, 0x{imm8:X2}";
}
return true;

6
X86Disassembler/X86/Handlers/Sub/SubR16Rm16Handler.cs
View File

@ -46,7 +46,7 @@ public class SubR16Rm16Handler : InstructionHandler
}
// Read the ModR/M byte
var (mod, reg, rm, memOperand) = ModRMDecoder.ReadModRM();
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Get register name (16-bit)
string regName = ModRMDecoder.GetRegisterName(reg, 16);
@ -60,9 +60,9 @@ public class SubR16Rm16Handler : InstructionHandler
else // Memory operand
{
// Replace "dword" with "word" in the memory operand
memOperand = memOperand.Replace("dword", "word");
destOperand = destOperand.Replace("dword", "word");
instruction.Operands = $"{regName}, {memOperand}";
instruction.Operands = $"{regName}, {destOperand}";
}
return true;

8
X86Disassembler/X86/Handlers/Sub/SubR32Rm32Handler.cs
View File

@ -42,22 +42,22 @@ public class SubR32Rm32Handler : InstructionHandler
}
// Read the ModR/M byte
var (mod, reg, rm, operand) = ModRMDecoder.ReadModRM();
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Set the mnemonic
instruction.Mnemonic = "sub";
// Get the register name
string regName = GetRegister32(reg);
string regName = ModRMDecoder.GetRegisterName(reg, 32);
// For memory operands, set the operand
if (mod != 3) // Memory operand
{
instruction.Operands = $"{regName}, {operand}";
instruction.Operands = $"{regName}, {destOperand}";
}
else // Register operand
{
string rmName = GetRegister32(rm);
string rmName = ModRMDecoder.GetRegisterName(rm, 32);
instruction.Operands = $"{regName}, {rmName}";
}

4
X86Disassembler/X86/Handlers/Sub/SubR8Rm8Handler.cs
View File

@ -45,7 +45,7 @@ public class SubR8Rm8Handler : InstructionHandler
}
// Read the ModR/M byte
var (mod, reg, rm, memOperand) = ModRMDecoder.ReadModRM();
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Get register name
string regName = ModRMDecoder.GetRegisterName(reg, 8);
@ -58,7 +58,7 @@ public class SubR8Rm8Handler : InstructionHandler
}
else // Memory operand
{
instruction.Operands = $"{regName}, byte ptr {memOperand}";
instruction.Operands = $"{regName}, byte ptr {destOperand}";
}
return true;

6
X86Disassembler/X86/Handlers/Sub/SubRm16R16Handler.cs
View File

@ -46,7 +46,7 @@ public class SubRm16R16Handler : InstructionHandler
}
// Read the ModR/M byte
var (mod, reg, rm, memOperand) = ModRMDecoder.ReadModRM();
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Get register name (16-bit)
string regName = ModRMDecoder.GetRegisterName(reg, 16);
@ -60,9 +60,9 @@ public class SubRm16R16Handler : InstructionHandler
else // Memory operand
{
// Replace "dword" with "word" in the memory operand
memOperand = memOperand.Replace("dword", "word");
destOperand = destOperand.Replace("dword", "word");
instruction.Operands = $"{memOperand}, {regName}";
instruction.Operands = $"{destOperand}, {regName}";
}
return true;

8
X86Disassembler/X86/Handlers/Sub/SubRm32R32Handler.cs
View File

@ -42,7 +42,7 @@ public class SubRm32R32Handler : InstructionHandler
}
// Read the ModR/M byte
// Extract the fields from the ModR/M byte
var (mod, reg, rm, operand) = ModRMDecoder.ReadModRM();
@ -50,7 +50,7 @@ public class SubRm32R32Handler : InstructionHandler
instruction.Mnemonic = "sub";
// Get the register name
string regName = GetRegister32(reg);
string regName = ModRMDecoder.GetRegisterName(reg, 32);
// For memory operands, set the operand
if (mod != 3) // Memory operand
@ -59,10 +59,10 @@ public class SubRm32R32Handler : InstructionHandler
}
else // Register operand
{
string rmName = GetRegister32(rm);
string rmName = ModRMDecoder.GetRegisterName(rm, 32);
instruction.Operands = $"{rmName}, {regName}";
}
return true;
}
}
}

4
X86Disassembler/X86/Handlers/Sub/SubRm8R8Handler.cs
View File

@ -45,7 +45,7 @@ public class SubRm8R8Handler : InstructionHandler
}
// Read the ModR/M byte
var (mod, reg, rm, memOperand) = ModRMDecoder.ReadModRM();
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Get register name
string regName = ModRMDecoder.GetRegisterName(reg, 8);
@ -58,7 +58,7 @@ public class SubRm8R8Handler : InstructionHandler
}
else // Memory operand
{
instruction.Operands = $"byte ptr {memOperand}, {regName}";
instruction.Operands = $"byte ptr {destOperand}, {regName}";
}
return true;

21
X86Disassembler/X86/Handlers/Test/TestAlImmHandler.cs
View File

@ -11,11 +11,11 @@ public class TestAlImmHandler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public TestAlImmHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public TestAlImmHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,7 +25,7 @@ public class TestAlImmHandler : InstructionHandler
{
return opcode == 0xA8;
}
/// <summary>
/// Decodes a TEST AL, imm8 instruction
/// </summary>
@ -36,21 +36,20 @@ public class TestAlImmHandler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "test";
int position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
// Read the immediate value
byte imm8 = CodeBuffer[position];
Decoder.SetPosition(position + 1);
byte imm8 = Decoder.ReadByte();
// Set the operands
instruction.Operands = $"al, 0x{imm8:X2}";
return true;
}
}
}

28
X86Disassembler/X86/Handlers/Test/TestEaxImmHandler.cs
View File

@ -11,11 +11,11 @@ public class TestEaxImmHandler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public TestEaxImmHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public TestEaxImmHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,7 +25,7 @@ public class TestEaxImmHandler : InstructionHandler
{
return opcode == 0xA9;
}
/// <summary>
/// Decodes a TEST EAX, imm32 instruction
/// </summary>
@ -36,28 +36,20 @@ public class TestEaxImmHandler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "test";
int position = Decoder.GetPosition();
if (position + 3 >= Length)
{
return false;
}
// Read the immediate value - x86 is little-endian, so we need to read the bytes in the correct order
byte b0 = CodeBuffer[position];
byte b1 = CodeBuffer[position + 1];
byte b2 = CodeBuffer[position + 2];
byte b3 = CodeBuffer[position + 3];
// Combine the bytes to form a 32-bit immediate value
uint imm32 = (uint)(b0 | (b1 << 8) | (b2 << 16) | (b3 << 24));
Decoder.SetPosition(position + 4);
var imm32 = Decoder.ReadUInt32();
// Set the operands
instruction.Operands = $"eax, 0x{imm32:X8}";
return true;
}
}
}

46
X86Disassembler/X86/Handlers/Test/TestImmWithRm32Handler.cs
View File

@ -11,11 +11,11 @@ public class TestImmWithRm32Handler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public TestImmWithRm32Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public TestImmWithRm32Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -27,7 +27,7 @@ public class TestImmWithRm32Handler : InstructionHandler
// The reg field check (for TEST operation) will be done in the Decode method
return opcode == 0xF7;
}
/// <summary>
/// Decodes a TEST r/m32, imm32 instruction
/// </summary>
@ -37,58 +37,44 @@ public class TestImmWithRm32Handler : InstructionHandler
public override bool Decode(byte opcode, Instruction instruction)
{
int position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 0 for TEST
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Check if the reg field is 0 (TEST operation)
if (reg != 0)
{
return false; // Not a TEST instruction
}
// Set the mnemonic
instruction.Mnemonic = "test";
Decoder.SetPosition(position);
// Get the operand based on the addressing mode
string destOperand;
// For direct register addressing (mod == 3), the r/m field specifies a register
if (mod == 3)
{
destOperand = GetRegister32(rm);
destOperand = ModRMDecoder.GetRegisterName(rm, 32);
}
else
{
// Use the ModR/M decoder for memory addressing
destOperand = ModRMDecoder.DecodeModRM(mod, rm, false);
}
position = Decoder.GetPosition();
// Read the immediate value
if (position + 3 >= Length)
{
return false;
}
// Read the immediate value using BitConverter
uint imm32 = BitConverter.ToUInt32(CodeBuffer, position);
Decoder.SetPosition(position + 4);
// Set the operands
instruction.Operands = $"{destOperand}, 0x{imm32:X8}";
return true;
}
}
}

51
X86Disassembler/X86/Handlers/Test/TestImmWithRm8Handler.cs
View File

@ -11,11 +11,11 @@ public class TestImmWithRm8Handler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public TestImmWithRm8Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public TestImmWithRm8Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -27,7 +27,7 @@ public class TestImmWithRm8Handler : InstructionHandler
// The reg field check (for TEST operation) will be done in the Decode method
return opcode == 0xF6;
}
/// <summary>
/// Decodes a TEST r/m8, imm8 instruction
/// </summary>
@ -37,57 +37,42 @@ public class TestImmWithRm8Handler : InstructionHandler
public override bool Decode(byte opcode, Instruction instruction)
{
int position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3); // Should be 0 for TEST
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM(true);
// Check if the reg field is 0 (TEST operation)
if (reg != 0)
if (reg != RegisterIndex.A)
{
return false; // Not a TEST instruction
}
// Set the mnemonic
instruction.Mnemonic = "test";
Decoder.SetPosition(position);
// Get the operand based on the addressing mode
string destOperand;
// For direct register addressing (mod == 3), the r/m field specifies a register
if (mod == 3)
{
destOperand = GetRegister8(rm);
destOperand = ModRMDecoder.GetRegisterName(rm, 8);
}
else
{
// Use the ModR/M decoder for memory addressing
destOperand = ModRMDecoder.DecodeModRM(mod, rm, true);
}
// Use the ModR/M decoder for memory addressing
// Read the immediate value
if (position >= Length)
{
return false;
}
byte imm8 = CodeBuffer[position];
Decoder.SetPosition(position + 1);
byte imm8 = Decoder.ReadByte();
// Set the operands
instruction.Operands = $"{destOperand}, 0x{imm8:X2}";
return true;
}
}
}

41
X86Disassembler/X86/Handlers/Test/TestRegMem8Handler.cs
View File

@ -11,11 +11,11 @@ public class TestRegMem8Handler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public TestRegMem8Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public TestRegMem8Handler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,7 +25,7 @@ public class TestRegMem8Handler : InstructionHandler
{
return opcode == 0x84;
}
/// <summary>
/// Decodes a TEST r/m8, r8 instruction
/// </summary>
@ -36,30 +36,24 @@ public class TestRegMem8Handler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "test";
int position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3);
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// For direct register addressing (mod == 3), the r/m field specifies a register
if (mod == 3)
{
// Get the register names
string rmReg = GetRegister8(rm);
string regReg = GetRegister8(reg);
string rmReg = ModRMDecoder.GetRegisterName(rm, 8);
string regReg = ModRMDecoder.GetRegisterName(reg, 8);
// Set the operands (TEST r/m8, r8)
// In x86 assembly, the TEST instruction has the operand order r/m8, r8
// According to Ghidra and standard x86 assembly convention, it should be TEST CL,AL
@ -68,16 +62,13 @@ public class TestRegMem8Handler : InstructionHandler
}
else
{
// Decode the memory operand
string memOperand = ModRMDecoder.DecodeModRM(mod, rm, true);
// Get the register name
string regReg = GetRegister8(reg);
string regReg = ModRMDecoder.GetRegisterName(reg, 8);
// Set the operands (TEST r/m8, r8)
instruction.Operands = $"{memOperand}, {regReg}";
instruction.Operands = $"{destOperand}, {regReg}";
}
return true;
}
}
}

41
X86Disassembler/X86/Handlers/Test/TestRegMemHandler.cs
View File

@ -11,11 +11,11 @@ public class TestRegMemHandler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public TestRegMemHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public TestRegMemHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,7 +25,7 @@ public class TestRegMemHandler : InstructionHandler
{
return opcode == 0x85;
}
/// <summary>
/// Decodes a TEST r/m32, r32 instruction
/// </summary>
@ -36,30 +36,24 @@ public class TestRegMemHandler : InstructionHandler
{
// Set the mnemonic
instruction.Mnemonic = "test";
int position = Decoder.GetPosition();
if (position >= Length)
{
return false;
}
// Read the ModR/M byte
byte modRM = CodeBuffer[position++];
Decoder.SetPosition(position);
// Extract the fields from the ModR/M byte
byte mod = (byte)((modRM & 0xC0) >> 6);
byte reg = (byte)((modRM & 0x38) >> 3);
byte rm = (byte)(modRM & 0x07);
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// For direct register addressing (mod == 3), the r/m field specifies a register
if (mod == 3)
{
// Get the register names
string rmReg = GetRegister32(rm);
string regReg = GetRegister32(reg);
string rmReg = ModRMDecoder.GetRegisterName(rm, 32);
string regReg = ModRMDecoder.GetRegisterName(reg, 32);
// Set the operands (TEST r/m32, r32)
// In x86 assembly, the TEST instruction has the operand order r/m32, r32
// According to Ghidra and standard x86 assembly convention, it should be TEST ECX,EAX
@ -68,16 +62,13 @@ public class TestRegMemHandler : InstructionHandler
}
else
{
// Decode the memory operand
string memOperand = ModRMDecoder.DecodeModRM(mod, rm, false);
// Get the register name
string regReg = GetRegister32(reg);
string regReg = ModRMDecoder.GetRegisterName(reg, 32);
// Set the operands (TEST r/m32, r32)
instruction.Operands = $"{memOperand}, {regReg}";
instruction.Operands = $"{destOperand}, {regReg}";
}
return true;
}
}
}

18
X86Disassembler/X86/Handlers/Xchg/XchgEaxRegHandler.cs
View File

@ -11,11 +11,11 @@ public class XchgEaxRegHandler : InstructionHandler
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this handler</param>
/// <param name="length">The length of the buffer</param>
public XchgEaxRegHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
public XchgEaxRegHandler(byte[] codeBuffer, InstructionDecoder decoder, int length)
: base(codeBuffer, decoder, length)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
@ -25,7 +25,7 @@ public class XchgEaxRegHandler : InstructionHandler
{
return opcode >= 0x90 && opcode <= 0x97;
}
/// <summary>
/// Decodes an XCHG EAX, r32 instruction
/// </summary>
@ -41,17 +41,17 @@ public class XchgEaxRegHandler : InstructionHandler
instruction.Operands = "";
return true;
}
// Set the mnemonic
instruction.Mnemonic = "xchg";
// Register is encoded in the low 3 bits of the opcode
int reg = opcode & 0x07;
RegisterIndex reg = (RegisterIndex) (opcode & 0x07);
string regName = ModRMDecoder.GetRegisterName(reg, 32);
// Set the operands
instruction.Operands = $"eax, {regName}";
return true;
}
}
}

24
X86Disassembler/X86/Handlers/Xor/XorImmWithRm16Handler.cs
View File

@ -56,7 +56,27 @@ public class XorImmWithRm16Handler : InstructionHandler
}
// Read the ModR/M byte
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
var (mod, reg, rm, memOperand) = ModRMDecoder.ReadModRM();
// For the first operand, handle based on addressing mode
string rmOperand;
if (mod == 3) // Register addressing mode
{
// Get 16-bit register name for the operand
rmOperand = ModRMDecoder.GetRegisterName(rm, 16);
}
else // Memory addressing mode
{
// For memory operands, replace "dword ptr" with "word ptr"
if (memOperand.StartsWith("dword ptr "))
{
rmOperand = memOperand.Replace("dword ptr", "word ptr");
}
else
{
rmOperand = memOperand;
}
}
// Get the updated position after ModR/M decoding
position = Decoder.GetPosition();
@ -74,7 +94,7 @@ public class XorImmWithRm16Handler : InstructionHandler
string immStr = $"0x{imm16:X4}";
// Set the operands
instruction.Operands = $"{destOperand}, {immStr}";
instruction.Operands = $"{rmOperand}, {immStr}";
return true;
}

24
X86Disassembler/X86/Handlers/Xor/XorImmWithRm16SignExtendedHandler.cs
View File

@ -56,7 +56,27 @@ public class XorImmWithRm16SignExtendedHandler : InstructionHandler
}
// Read the ModR/M byte
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
var (mod, reg, rm, memOperand) = ModRMDecoder.ReadModRM();
// For the first operand, handle based on addressing mode
string rmOperand;
if (mod == 3) // Register addressing mode
{
// Get 16-bit register name for the operand
rmOperand = ModRMDecoder.GetRegisterName(rm, 16);
}
else // Memory addressing mode
{
// For memory operands, replace "dword ptr" with "word ptr"
if (memOperand.StartsWith("dword ptr "))
{
rmOperand = memOperand.Replace("dword ptr", "word ptr");
}
else
{
rmOperand = memOperand;
}
}
// Get the updated position after ModR/M decoding
position = Decoder.GetPosition();
@ -85,7 +105,7 @@ public class XorImmWithRm16SignExtendedHandler : InstructionHandler
}
// Set the operands
instruction.Operands = $"{destOperand}, {immStr}";
instruction.Operands = $"{rmOperand}, {immStr}";
return true;
}

2
X86Disassembler/X86/Handlers/Xor/XorMemRegHandler.cs
View File

@ -48,7 +48,7 @@ public class XorMemRegHandler : InstructionHandler
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
// Get the source register
string srcReg = GetRegister32(reg);
string srcReg = ModRMDecoder.GetRegisterName(reg, 32);
// Set the operands
instruction.Operands = $"{destOperand}, {srcReg}";

24
X86Disassembler/X86/Handlers/Xor/XorR16Rm16Handler.cs
View File

@ -48,11 +48,31 @@ public class XorR16Rm16Handler : InstructionHandler
// Read the ModR/M byte
var (mod, reg, rm, memOperand) = ModRMDecoder.ReadModRM();
// Get register name
// Get register name for the first operand (16-bit)
string regName = ModRMDecoder.GetRegisterName(reg, 16);
// For the second operand, handle based on addressing mode
string rmOperand;
if (mod == 3) // Register addressing mode
{
// Get 16-bit register name for the second operand
rmOperand = ModRMDecoder.GetRegisterName(rm, 16);
}
else // Memory addressing mode
{
// For memory operands, replace "dword ptr" with "word ptr"
if (memOperand.StartsWith("dword ptr "))
{
rmOperand = memOperand.Replace("dword ptr", "word ptr");
}
else
{
rmOperand = memOperand;
}
}
// Set the operands
instruction.Operands = $"{regName}, {memOperand}";
instruction.Operands = $"{regName}, {rmOperand}";
return true;
}

2
X86Disassembler/X86/Handlers/Xor/XorRegMemHandler.cs
View File

@ -48,7 +48,7 @@ public class XorRegMemHandler : InstructionHandler
var (mod, reg, rm, srcOperand) = ModRMDecoder.ReadModRM();
// Get the destination register
string destReg = GetRegister32(reg);
string destReg = ModRMDecoder.GetRegisterName(reg, 32);
// Set the operands
instruction.Operands = $"{destReg}, {srcOperand}";

24
X86Disassembler/X86/Handlers/Xor/XorRm16R16Handler.cs
View File

@ -48,11 +48,31 @@ public class XorRm16R16Handler : InstructionHandler
// Read the ModR/M byte
var (mod, reg, rm, memOperand) = ModRMDecoder.ReadModRM();
// Get register name
// Get register name for the second operand (16-bit)
string regName = ModRMDecoder.GetRegisterName(reg, 16);
// For the first operand, handle based on addressing mode
string rmOperand;
if (mod == 3) // Register addressing mode
{
// Get 16-bit register name for the first operand
rmOperand = ModRMDecoder.GetRegisterName(rm, 16);
}
else // Memory addressing mode
{
// For memory operands, replace "dword ptr" with "word ptr"
if (memOperand.StartsWith("dword ptr "))
{
rmOperand = memOperand.Replace("dword ptr", "word ptr");
}
else
{
rmOperand = memOperand;
}
}
// Set the operands
instruction.Operands = $"{memOperand}, {regName}";
instruction.Operands = $"{rmOperand}, {regName}";
return true;
}

4
X86Disassembler/X86/InstructionDecoder.cs
View File

@ -1,3 +1,5 @@
using System.Diagnostics;
namespace X86Disassembler.X86;
using Handlers;
@ -106,6 +108,8 @@ public class InstructionDecoder
// Get a handler for the opcode
var handler = _handlerFactory.GetHandler(opcode);
Debug.WriteLine($"Resolved handler {handler?.GetType().Name}");
bool handlerSuccess = false;
// Try to decode with a handler first

113
X86Disassembler/X86/ModRMDecoder.cs
View File

@ -15,11 +15,11 @@ public class ModRMDecoder
private const byte SIB_INDEX_MASK = 0x38; // 00111000b
private const byte SIB_BASE_MASK = 0x07; // 00000111b
// Register names
// Register names for different sizes
private static readonly string[] RegisterNames8 = { "al", "cl", "dl", "bl", "ah", "ch", "dh", "bh" };
private static readonly string[] RegisterNames16 = { "ax", "cx", "dx", "bx", "sp", "bp", "si", "di" };
private static readonly string[] RegisterNames32 = { "eax", "ecx", "edx", "ebx", "esp", "ebp", "esi", "edi" };
// Buffer containing the code to decode
private readonly byte[] _codeBuffer;
@ -46,10 +46,10 @@ public class ModRMDecoder
/// Decodes a ModR/M byte to get the operand string
/// </summary>
/// <param name="mod">The mod field (2 bits)</param>
/// <param name="rm">The r/m field (3 bits)</param>
/// <param name="rmIndex">The r/m field as RegisterIndex</param>
/// <param name="is64Bit">True if the operand is 64-bit</param>
/// <returns>The operand string</returns>
public string DecodeModRM(byte mod, byte rm, bool is64Bit)
public string DecodeModRM(byte mod, RegisterIndex rmIndex, bool is64Bit)
{
string sizePrefix = is64Bit ? "qword" : "dword";
int position = _decoder.GetPosition();
@ -57,7 +57,8 @@ public class ModRMDecoder
switch (mod)
{
case 0: // [reg] or disp32
if (rm == 5) // disp32
// Special case: [EBP] is encoded as disp32 with no base register
if (rmIndex == RegisterIndex.Di) // disp32 (was EBP/BP)
{
if (position + 4 <= _length)
{
@ -67,7 +68,8 @@ public class ModRMDecoder
}
return $"{sizePrefix} ptr [???]";
}
else if (rm == 4) // SIB
// Special case: [ESP] is encoded with SIB byte
else if (rmIndex == RegisterIndex.Si) // SIB (was ESP/SP)
{
// Handle SIB byte
if (position < _length)
@ -80,11 +82,12 @@ public class ModRMDecoder
}
else
{
return $"{sizePrefix} ptr [{RegisterNames32[rm]}]";
// Regular case: [reg]
return $"{sizePrefix} ptr [{GetRegisterName(rmIndex, 32)}]";
}
case 1: // [reg + disp8]
if (rm == 4) // SIB + disp8
if (rmIndex == RegisterIndex.Si) // SIB + disp8 (was ESP/SP)
{
// Handle SIB byte
if (position + 1 < _length)
@ -102,14 +105,21 @@ public class ModRMDecoder
{
sbyte disp8 = (sbyte)_codeBuffer[position];
_decoder.SetPosition(position + 1);
// Only show displacement if it's not zero
if (disp8 == 0)
{
return $"{sizePrefix} ptr [{GetRegisterName(rmIndex, 32)}]";
}
string dispStr8 = disp8 < 0 ? $"-0x{-disp8:X2}" : $"+0x{disp8:X2}";
return $"{sizePrefix} ptr [{RegisterNames32[rm]}{dispStr8}]";
return $"{sizePrefix} ptr [{GetRegisterName(rmIndex, 32)}{dispStr8}]";
}
return $"{sizePrefix} ptr [{RegisterNames32[rm]}+???]";
return $"{sizePrefix} ptr [{GetRegisterName(rmIndex, 32)}+???]";
}
case 2: // [reg + disp32]
if (rm == 4) // SIB + disp32
if (rmIndex == RegisterIndex.Si) // SIB + disp32 (was ESP/SP)
{
// Handle SIB byte
if (position + 4 < _length)
@ -127,14 +137,21 @@ public class ModRMDecoder
{
int disp32 = BitConverter.ToInt32(_codeBuffer, position);
_decoder.SetPosition(position + 4);
// Only show displacement if it's not zero
if (disp32 == 0)
{
return $"{sizePrefix} ptr [{GetRegisterName(rmIndex, 32)}]";
}
string dispStr32 = disp32 < 0 ? $"-0x{-disp32:X8}" : $"+0x{disp32:X8}";
return $"{sizePrefix} ptr [{RegisterNames32[rm]}{dispStr32}]";
return $"{sizePrefix} ptr [{GetRegisterName(rmIndex, 32)}{dispStr32}]";
}
return $"{sizePrefix} ptr [{RegisterNames32[rm]}+???]";
return $"{sizePrefix} ptr [{GetRegisterName(rmIndex, 32)}+???]";
}
case 3: // reg
return is64Bit ? "mm" + rm : RegisterNames32[rm];
case 3: // reg (direct register access)
return is64Bit ? $"mm{(int)rmIndex}" : GetRegisterName(rmIndex, 32);
default:
return "???";
@ -146,21 +163,22 @@ public class ModRMDecoder
/// </summary>
/// <param name="is64Bit">True if the operand is 64-bit</param>
/// <returns>A tuple containing the mod, reg, rm fields and the decoded operand string</returns>
public (byte mod, byte reg, byte rm, string operand) ReadModRM(bool is64Bit = false)
public (byte mod, RegisterIndex reg, RegisterIndex rm, string operand) ReadModRM(bool is64Bit = false)
{
int position = _decoder.GetPosition();
if (position >= _length)
{
return (0, 0, 0, "???");
return (0, RegisterIndex.A, RegisterIndex.A, "???");
}
byte modRM = _codeBuffer[position];
_decoder.SetPosition(position + 1);
// Extract fields from ModR/M byte
byte mod = (byte)((modRM & MOD_MASK) >> 6);
byte reg = (byte)((modRM & REG_MASK) >> 3);
byte rm = (byte)(modRM & RM_MASK);
RegisterIndex reg = (RegisterIndex)((modRM & REG_MASK) >> 3);
RegisterIndex rm = (RegisterIndex)(modRM & RM_MASK);
string operand = DecodeModRM(mod, rm, is64Bit);
@ -179,14 +197,16 @@ public class ModRMDecoder
string sizePrefix = is64Bit ? "qword" : "dword";
int position = _decoder.GetPosition();
// Extract fields from SIB byte
byte scale = (byte)((sib & SIB_SCALE_MASK) >> 6);
byte index = (byte)((sib & SIB_INDEX_MASK) >> 3);
byte @base = (byte)(sib & SIB_BASE_MASK);
RegisterIndex index = (RegisterIndex)((sib & SIB_INDEX_MASK) >> 3);
RegisterIndex @base = (RegisterIndex)(sib & SIB_BASE_MASK);
// Special case: no index register
if (index == 4)
// Special case: ESP/SP (4) in index field means no index register
if (index == RegisterIndex.Si)
{
if (@base == 5 && displacement == 0) // Special case: disp32 only
// Special case: EBP/BP (5) in base field with no displacement means disp32 only
if (@base == RegisterIndex.Di && displacement == 0)
{
if (position + 4 <= _length)
{
@ -198,45 +218,56 @@ public class ModRMDecoder
}
else
{
string baseDispStr = "";
if (displacement != 0)
// Base register only
// Only show displacement if it's not zero
if (displacement == 0)
{
baseDispStr = displacement < 0 ?
$"-0x{-displacement:X}" :
$"+0x{displacement:X}";
return $"{sizePrefix} ptr [{GetRegisterName(@base, 32)}]";
}
return $"{sizePrefix} ptr [{RegisterNames32[@base]}{baseDispStr}]";
string baseDispStr = displacement < 0 ?
$"-0x{-displacement:X}" :
$"+0x{displacement:X}";
return $"{sizePrefix} ptr [{GetRegisterName(@base, 32)}{baseDispStr}]";
}
}
// Normal case with index register
// Normal case with base and index registers
int scaleFactor = 1 << scale; // 1, 2, 4, or 8
// Only include the scale factor if it's not 1
string scaleStr = scaleFactor > 1 ? $"*{scaleFactor}" : "";
string indexDispStr = "";
if (displacement != 0)
// Only show displacement if it's not zero
if (displacement == 0)
{
indexDispStr = displacement < 0 ?
$"-0x{-displacement:X}" :
$"+0x{displacement:X}";
return $"{sizePrefix} ptr [{GetRegisterName(@base, 32)}+{GetRegisterName(index, 32)}{scaleStr}]";
}
return $"{sizePrefix} ptr [{RegisterNames32[@base]}+{RegisterNames32[index]}{scaleStr}{indexDispStr}]";
string indexDispStr = displacement < 0 ?
$"-0x{-displacement:X}" :
$"+0x{displacement:X}";
return $"{sizePrefix} ptr [{GetRegisterName(@base, 32)}+{GetRegisterName(index, 32)}{scaleStr}{indexDispStr}]";
}
/// <summary>
/// Gets the register name based on the register index and size
/// </summary>
/// <param name="index">The register index</param>
/// <param name="regIndex">The register index as RegisterIndex enum</param>
/// <param name="size">The register size (8, 16, or 32 bits)</param>
/// <returns>The register name</returns>
public static string GetRegisterName(int index, int size)
public static string GetRegisterName(RegisterIndex regIndex, int size)
{
// Convert RegisterIndex to raw index for array access
int index = (int)regIndex;
return size switch
{
8 => RegisterNames8[index],
16 => RegisterNames16[index],
_ => RegisterNames32[index]
32 => RegisterNames32[index],
_ => RegisterNames32[index] // Default to 32-bit registers
};
}
}

33
X86Disassembler/X86/RegisterIndex.cs Normal file
View File

@ -0,0 +1,33 @@
namespace X86Disassembler.X86;
/// <summary>
/// Represents the index values for x86 general-purpose registers.
/// These values correspond to the encoding used in ModR/M and SIB bytes
/// for register operand identification in x86 instructions.
/// </summary>
public enum RegisterIndex
{
/// <summary>A register (EAX/AX/AL depending on operand size)</summary>
A = 0,
/// <summary>B register (EBX/BX/BL depending on operand size)</summary>
B = 1,
/// <summary>C register (ECX/CX/CL depending on operand size)</summary>
C = 2,
/// <summary>D register (EDX/DX/DL depending on operand size)</summary>
D = 3,
/// <summary>Source Index register (ESI/SI)</summary>
Si = 4,
/// <summary>Destination Index register (EDI/DI)</summary>
Di = 5,
/// <summary>Stack Pointer register (ESP/SP)</summary>
Sp = 6,
/// <summary>Base Pointer register (EBP/BP)</summary>
Bp = 7,
}

6
X86DisassemblerTests/InstructionTests/CmpInstructionSequenceTests.cs
View File

@ -24,7 +24,7 @@ public class CmpInstructionSequenceTests
// Assert
Assert.Single(instructions);
Assert.Equal("cmp", instructions[0].Mnemonic);
Assert.Equal("byte ptr [ebp+0x00], 0x03", instructions[0].Operands);
Assert.Equal("byte ptr [ebp], 0x03", instructions[0].Operands);
}
/// <summary>
@ -47,7 +47,7 @@ public class CmpInstructionSequenceTests
// First instruction: CMP BYTE PTR [EBP], 0x03
Assert.Equal("cmp", instructions[0].Mnemonic);
Assert.Equal("byte ptr [ebp+0x00], 0x03", instructions[0].Operands);
Assert.Equal("byte ptr [ebp], 0x03", instructions[0].Operands);
// Second instruction: JGE +5
Assert.Equal("jge", instructions[1].Mnemonic);
@ -81,7 +81,7 @@ public class CmpInstructionSequenceTests
// First instruction: CMP BYTE PTR [EBP], 0x03
Assert.Equal("cmp", instructions[0].Mnemonic);
Assert.Equal("byte ptr [ebp+0x00], 0x03", instructions[0].Operands);
Assert.Equal("byte ptr [ebp], 0x03", instructions[0].Operands);
// Second instruction: JGE +5
Assert.Equal("jge", instructions[1].Mnemonic);

4
X86DisassemblerTests/TestData/xor_tests.csv
View File

@ -105,10 +105,10 @@ RawBytes;Instructions
# XOR with different addressing modes
# XOR [ebp+0x8], eax (opcode 0x31)
31458;[{ "Mnemonic": "xor", "Operands": "dword ptr [ebp+0x8], eax" }]
314508;[{ "Mnemonic": "xor", "Operands": "dword ptr [ebp+0x08], eax" }]
# XOR eax, [ebp+0x8] (opcode 0x33)
33458;[{ "Mnemonic": "xor", "Operands": "eax, dword ptr [ebp+0x8]" }]
334508;[{ "Mnemonic": "xor", "Operands": "eax, dword ptr [ebp+0x08]" }]
# XOR with other segment overrides
# XOR ss:[ebx+0x10], ecx (opcode 0x31 with SS override)

Can't render this file because it contains an unexpected character in line 6 and column 9.