about summary refs log tree commit diff stats
path: root/subx/021byte_addressing.cc
blob: cffc40509f0127a765cdc4eb21f2f6cdb821270d (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
//: SubX mostly deals with instructions operating on 32-bit operands, but we
//: still need to deal with raw bytes for strings and so on.

//: Unfortunately the register encodings when dealing with bytes are a mess.
//: We need a special case for them.
:(code)
string rname_8bit(uint8_t r) {
  switch (r) {
  case 0: return "AL";  // lowest byte of EAX
  case 1: return "CL";  // lowest byte of ECX
  case 2: return "DL";  // lowest byte of EDX
  case 3: return "BL";  // lowest byte of EBX
  case 4: return "AH";  // second lowest byte of EAX
  case 5: return "CH";  // second lowest byte of ECX
  case 6: return "DH";  // second lowest byte of EDX
  case 7: return "BH";  // second lowest byte of EBX
  default: raise << "invalid 8-bit register " << r << '\n' << end();  return "";
  }
}

uint8_t* effective_byte_address(uint8_t modrm) {
  uint8_t mod = (modrm>>6);
  uint8_t rm = modrm & 0x7;
  if (mod == 3) {
    // select an 8-bit register
    trace(90, "run") << "r/m8 is " << rname_8bit(rm) << end();
    return reg_8bit(rm);
  }
  // the rest is as usual
  return mem_addr_u8(effective_address_number(modrm));
}

uint8_t* reg_8bit(uint8_t rm) {
  uint8_t* result = reinterpret_cast<uint8_t*>(&Reg[rm & 0x3].i);  // _L register
  if (rm & 0x4)
    ++result;  // _H register;  assumes host is little-endian
  return result;
}

:(before "End Initialize Op Names")
put_new(Name, "88", "copy r8 to r8/m8-at-r32");

:(scenario copy_r8_to_mem_at_r32)
% Reg[EBX].i = 0x224488ab;
% Reg[EAX].i = 0x2000;
== 0x1
# op  ModR/M  SIB   displacement  immediate
  88  18                                      # copy BL to the byte at *EAX
# ModR/M in binary: 00 (indirect mode) 011 (src BL) 000 (dest EAX)
== 0x2000
f0 cc bb aa  # 0xf0 with more data in following bytes
+run: copy BL to r8/m8-at-r32
+run: effective address is 0x00002000 (EAX)
+run: storing 0xab
% CHECK_EQ(0xaabbccab, read_mem_u32(0x2000));

:(before "End Single-Byte Opcodes")
case 0x88: {  // copy r8 to r/m8
  const uint8_t modrm = next();
  const uint8_t rsrc = (modrm>>3)&0x7;
  trace(90, "run") << "copy " << rname_8bit(rsrc) << " to r8/m8-at-r32" << end();
  // use unsigned to zero-extend 8-bit value to 32 bits
  uint8_t* dest = reinterpret_cast<uint8_t*>(effective_byte_address(modrm));
  const uint8_t* src = reg_8bit(rsrc);
  *dest = *src;
  trace(90, "run") << "storing 0x" << HEXBYTE << NUM(*dest) << end();
  break;
}

//:

:(before "End Initialize Op Names")
put_new(Name, "8a", "copy r8/m8-at-r32 to r8");

:(scenario copy_mem_at_r32_to_r8)
% Reg[EBX].i = 0xaabbcc0f;  // one nibble each of lowest byte set to all 0s and all 1s, to maximize value of this test
% Reg[EAX].i = 0x2000;
== 0x1
# op  ModR/M  SIB   displacement  immediate
  8a  18                                      # copy just the byte at *EAX to BL
# ModR/M in binary: 00 (indirect mode) 011 (dest EBX) 000 (src EAX)
== 0x2000  # data segment
ab ff ff ff  # 0xab with more data in following bytes
+run: copy r8/m8-at-r32 to BL
+run: effective address is 0x00002000 (EAX)
+run: storing 0xab
# remaining bytes of EBX are *not* cleared
+run: EBX now contains 0xaabbccab

:(before "End Single-Byte Opcodes")
case 0x8a: {  // copy r/m8 to r8
  const uint8_t modrm = next();
  const uint8_t rdest = (modrm>>3)&0x7;
  trace(90, "run") << "copy r8/m8-at-r32 to " << rname_8bit(rdest) << end();
  // use unsigned to zero-extend 8-bit value to 32 bits
  const uint8_t* src = reinterpret_cast<uint8_t*>(effective_byte_address(modrm));
  uint8_t* dest = reg_8bit(rdest);
  trace(90, "run") << "storing 0x" << HEXBYTE << NUM(*src) << end();
  *dest = *src;
  const uint8_t rdest_32bit = rdest & 0x3;
  trace(90, "run") << rname(rdest_32bit) << " now contains 0x" << HEXWORD << Reg[rdest_32bit].u << end();
  break;
}

:(scenario cannot_copy_byte_to_ESP_EBP_ESI_EDI)
% Reg[ESI].u = 0xaabbccdd;
% Reg[EBX].u = 0x11223344;
== 0x1
# op  ModR/M  SIB   displacement  immediate
  8a  f3                                      # copy just the byte at *EBX to 8-bit register '6'
# ModR/M in binary: 11 (direct mode) 110 (dest 8-bit 'register 6') 011 (src EBX)
# ensure 8-bit register '6' is DH, not ESI
+run: copy r8/m8-at-r32 to DH
+run: storing 0x44
# ensure ESI is unchanged
% CHECK_EQ(Reg[ESI].u, 0xaabbccdd);