about summary refs log tree commit diff stats
path: root/subx
diff options
context:
space:
mode:
Diffstat (limited to 'subx')
-rw-r--r--subx/012indirect_addressing.cc6
-rw-r--r--subx/016functions.cc77
2 files changed, 80 insertions, 3 deletions
diff --git a/subx/012indirect_addressing.cc b/subx/012indirect_addressing.cc
index f4e8c665..0acd7a1e 100644
--- a/subx/012indirect_addressing.cc
+++ b/subx/012indirect_addressing.cc
@@ -323,11 +323,11 @@ case 0x8b: {  // copy r32 to r/m32
 -run: inst: 0x00000003
 
 :(before "End Single-Byte Opcodes")
-case 0xff: {  // jump to r/m32
+case 0xff: {
   uint8_t modrm = next();
   uint8_t subop = (modrm>>3)&0x7;  // middle 3 'reg opcode' bits
   switch (subop) {
-    case 4: {
+    case 4: {  // jump to r/m32
       trace(2, "run") << "jump to effective address" << end();
       int32_t* arg2 = effective_address(modrm);
       EIP = *arg2;
@@ -353,7 +353,7 @@ case 0xff: {  // jump to r/m32
 +run: pushing value 0x000000af
 
 :(before "End Op ff Subops")
-case 6: {
+case 6: {  // push r/m32 to stack
   trace(2, "run") << "push effective address" << end();
   const int32_t* val = effective_address(modrm);
   push(*val);
diff --git a/subx/016functions.cc b/subx/016functions.cc
new file mode 100644
index 00000000..7837f080
--- /dev/null
+++ b/subx/016functions.cc
@@ -0,0 +1,77 @@
+//:: call
+
+:(scenario call_imm32)
+% Reg[ESP].u = 0x64;
+# op  ModRM   SIB   displacement  immediate
+  e8                              a0 00 00 00  # call function offset at 0x000000a0
+  # next EIP is 6
++run: call imm32 0x000000a0
++run: decrementing ESP to 0x00000060
++run: pushing value 0x00000006
++run: jumping to 0x000000a6
+
+:(before "End Single-Byte Opcodes")
+case 0xe8: {  // call imm32 relative to next EIP
+  int32_t offset = imm32();
+  trace(2, "run") << "call imm32 0x" << HEXWORD << offset << end();
+  push(EIP);
+  EIP += offset;
+  trace(2, "run") << "jumping to 0x" << HEXWORD << EIP << end();
+  break;
+}
+
+//:
+
+:(scenario call_r32)
+% Reg[ESP].u = 0x64;
+% Reg[EBX].u = 0x000000a0;
+# op  ModRM   SIB   displacement  immediate
+  ff  d3                                       # call function offset at EBX (reg 3)
+  # next EIP is 3
++run: call to effective address
++run: effective address is reg 3
++run: decrementing ESP to 0x00000060
++run: pushing value 0x00000003
++run: jumping to 0x000000a3
+
+:(before "End Op ff Subops")
+case 2: {  // call function pointer at r/m32
+  trace(2, "run") << "call to effective address" << end();
+  int32_t* offset = effective_address(modrm);
+  push(EIP);
+  EIP += *offset;
+  trace(2, "run") << "jumping to 0x" << HEXWORD << EIP << end();
+  break;
+}
+
+:(scenario call_mem_at_r32)
+% Reg[ESP].u = 0x64;
+% Reg[EBX].u = 0x10;
+% SET_WORD_IN_MEM(0x10, 0x000000a0);
+# op  ModRM   SIB   displacement  immediate
+  ff  13                                       # call function offset at *EBX (reg 3)
+  # next EIP is 3
++run: call to effective address
++run: effective address is mem at address 0x10 (reg 3)
++run: decrementing ESP to 0x00000060
++run: pushing value 0x00000003
++run: jumping to 0x000000a3
+
+//:: ret
+
+:(scenario ret)
+% Reg[ESP].u = 0x60;
+% SET_WORD_IN_MEM(0x60, 0x00000010);
+# op  ModRM   SIB   displacement  immediate
+  c3
++run: return
++run: popping value 0x00000010
++run: jumping to 0x00000010
+
+:(before "End Single-Byte Opcodes")
+case 0xc3: {  // return from a call
+  trace(2, "run") << "return" << end();
+  EIP = pop();
+  trace(2, "run") << "jumping to 0x" << HEXWORD << EIP << end();
+  break;
+}