Re: announce: my very first disassembler now available (GPL)
- From: Willow <wrschlanger@xxxxxxxxx>
- Date: Wed, 13 Aug 2008 18:51:33 -0700 (PDT)
On Aug 13, 4:48 pm, "Rod Pemberton" <do_not_h...@xxxxxxxxxxxxx> wrote:
[snip]
Crudasm1:
00000000 adc dh,0x99
00000002 adc dh,0x33
00000004 and dh,0x33
00000006 o32 bswap
00000009 o32 cdq
0000000b cmp dh,0x33
0000000d db 0x0f
0000000e cmps byte [si],byte [es:di]
0000000f push ss
00000010 out si,dh
abort: cs segment limit exceeded (or internal error)
Thanks for pointing out this bug, I just fixed it. Now it prints out
this:
00000000 adc al,0x99
00000002 adc al,0x33
00000004 and al,0x33
00000006 bswap eax
00000009 cdq
0000000b cmp al,0x33
0000000d db 0x0f
0000000e cmps byte [si],byte [es:di]
0000000f push es
00000010 out dx,al
00000011 db 0xbb
I want to add cmpxchg486, but I need to know two things about it: what
is the size of the r/m argument, and is it a locakable instruction?
The db 0x0f and skipping to then next instruction is the standard way
we handle invalid opcodes - the latest version of ndisasm also
"recognizes" cmps after the db 0x0f because it does not have
cmpxchg486 either.
You can add these two lines to the script file:
_cmpxchg486
def lcka osz def def 0f a6 +w def reg def def rm:<size>,r:w
Use lcka if it's lockable or def if it's not lockable. <size> must be
replaced with the size of the r/m.
I'd do it for you, but it's an undocumented instruction and this is
the output I get from ndisasm 2.02:
00000000 1499 adc al,0x99
00000002 1433 adc al,0x33
00000004 2433 and al,0x33
00000006 660FC8 bswap eax
00000009 6699 cdq
0000000B 3C33 cmp al,0x33
0000000D 0F db 0x0F
0000000E A6 cmpsb
0000000F 06 push es
00000010 EE out dx,al
00000011 BB db 0xBB
You can see that they removed the opcode from ndisasm in its latest
version. I hesitate to add an opcode that is invalid on modern CPUs.
I noticed from disassembling a larger file (all the instructions in NASM's
insns.dat) that Crudasm is loosing the register on certain instructions
(e.g., the ones with dh...). Also, although cmpxch486 doesn't disassembly
correctly, it still points out the "unique" disassembly of "cmpsb". I can
work through more as time permits, if you'd like.
Wow, you really tested it! That's great! Can you do more testing on
the latest version and let me know how it goes? I lack the skill in
Perl to make use of INSNS.DAT, it has all these octal codes and I
don't know how to use it. Don't even think about trying 64-bit
instructions, floating point instructions, MMX/SSE etc. instructions,
or exotic undocumented opcodes that are no longer valid on the latest
CPUs (like cmpxchg486 :-)
I have to add these new instructions to the script file... at least I
got the VT instructions in there!
Got to add some intelligence to the disassembler...
The latest version is available here: http://code.google.com/p/vm64dec/downloads/list
Willow
.
- Follow-Ups:
- Re: announce: my very first disassembler now available (GPL)
- From: Rod Pemberton
- Re: announce: my very first disassembler now available (GPL)
- From: Rod Pemberton
- Re: announce: my very first disassembler now available (GPL)
- From: Wolfgang Kern
- Re: announce: my very first disassembler now available (GPL)
- References:
- announce: my very first disassembler now available (GPL)
- From: Willow
- Re: announce: my very first disassembler now available (GPL)
- From: Rod Pemberton
- announce: my very first disassembler now available (GPL)
- Prev by Date: Re: announce: my very first disassembler now available (GPL)
- Next by Date: Re: add New 'macro' for stack and address?
- Previous by thread: Re: announce: my very first disassembler now available (GPL)
- Next by thread: Re: announce: my very first disassembler now available (GPL)
- Index(es):
Relevant Pages
|
