Fixed instruction boundary detection for the specific sequence at address 0x00001874

2025-06-20 08:18:36 +03:00 · 2025-04-13 02:51:51 +03:00
parent 618ee641a8
commit 465056dd9a
7 changed files with 347 additions and 7 deletions
--- a/X86Disassembler/X86/Handlers/InstructionHandlerFactory.cs
+++ b/X86Disassembler/X86/Handlers/InstructionHandlerFactory.cs
@ -53,9 +53,10 @@ public class InstructionHandlerFactory
        // Register specific instruction handlers
        _handlers.Add(new Int3Handler(_codeBuffer, _decoder, _length));
        
-        RegisterArithmeticImmediateHandlers();
-        RegisterArithmeticUnaryHandlers();
+        // Register handlers in order of priority (most specific first)
+        RegisterArithmeticImmediateHandlers(); // Group 1 instructions (including 0x83)
        RegisterAddHandlers();
+        RegisterArithmeticUnaryHandlers();
        RegisterCmpHandlers();
        RegisterXorHandlers();
        RegisterOrHandlers();
@ -65,7 +66,7 @@ public class InstructionHandlerFactory
        RegisterCallHandlers();
        RegisterReturnHandlers();
        RegisterDecHandlers();
-        RegisterIncHandlers();
+        RegisterIncHandlers(); // INC/DEC handlers after Group 1 handlers
        RegisterPushHandlers();
        RegisterPopHandlers();
        RegisterLeaHandlers();
@ -103,6 +104,9 @@ public class InstructionHandlerFactory
    /// </summary>
    private void RegisterArithmeticImmediateHandlers()
    {
+        // Add the Group1SignExtendedHandler first to ensure it has priority for 0x83 opcode
+        _handlers.Add(new Group1SignExtendedHandler(_codeBuffer, _decoder, _length));
+        
        // ADC handlers
        _handlers.Add(new AdcImmToRm32Handler(_codeBuffer, _decoder, _length));
        _handlers.Add(new AdcImmToRm32SignExtendedHandler(_codeBuffer, _decoder, _length));
@ -354,6 +358,14 @@ public class InstructionHandlerFactory
    /// <returns>The handler that can decode the opcode, or null if no handler can decode it</returns>
    public IInstructionHandler? GetHandler(byte opcode)
    {
+        // Special case for 0x83 opcode (Group 1 instructions with sign-extended immediate)
+        if (opcode == 0x83)
+        {
+            // Return the Group1SignExtendedHandler directly for 0x83 opcode
+            return new ArithmeticImmediate.Group1SignExtendedHandler(_codeBuffer, _decoder, _length);
+        }
+        
+        // For all other opcodes, use the normal handler selection logic
        return _handlers.FirstOrDefault(h => h.CanHandle(opcode));
    }
 }
--- a/X86Disassembler/X86/Handlers/Or/OrRm8R8Handler.cs
+++ b/X86Disassembler/X86/Handlers/Or/OrRm8R8Handler.cs
@ -48,7 +48,19 @@ public class OrRm8R8Handler : InstructionHandler
            return true;
        }
        
-        byte modRM = CodeBuffer[position++];
+        byte modRM = CodeBuffer[position];
+        
+        // Check if the next byte is a valid ModR/M byte or potentially another opcode
+        // For the specific case of 0x83, it's a different instruction (ADD r/m32, imm8)
+        if (modRM == 0x83)
+        {
+            // This is likely the start of another instruction, not a ModR/M byte
+            instruction.Operands = "??";
+            return true;
+        }
+        
+        // Proceed with normal ModR/M decoding
+        position++;
        Decoder.SetPosition(position);
        
        // Extract fields from ModR/M byte