diff options
| author | Camille Mougey <commial@gmail.com> | 2016-01-30 16:43:30 +0100 |
|---|---|---|
| committer | Camille Mougey <commial@gmail.com> | 2016-01-30 16:43:30 +0100 |
| commit | dbf10438741443d59b8db500905d3d110a34c73c (patch) | |
| tree | 678a6229f3ab9bd93207faedc9425d89da56275a | |
| parent | 32b2b3ea15b42cbc76cb49119e76ee6e031f72ce (diff) | |
| parent | 7ed8f7c5638cdca4950d05b8021233d13e339fb7 (diff) | |
| download | miasm-dbf10438741443d59b8db500905d3d110a34c73c.tar.gz miasm-dbf10438741443d59b8db500905d3d110a34c73c.zip | |
Merge pull request #313 from serpilliere/x86_fix
X86 fix
| -rw-r--r-- | miasm2/arch/x86/arch.py | 219 | ||||
| -rw-r--r-- | miasm2/arch/x86/sem.py | 136 | ||||
| -rw-r--r-- | miasm2/core/cpu.py | 3 | ||||
| -rw-r--r-- | test/arch/x86/arch.py | 36 |
4 files changed, 244 insertions, 150 deletions
diff --git a/miasm2/arch/x86/arch.py b/miasm2/arch/x86/arch.py index a10e1038..724f6b86 100644 --- a/miasm2/arch/x86/arch.py +++ b/miasm2/arch/x86/arch.py @@ -272,6 +272,8 @@ deref_ptr = Group(int_or_expr + COLON + PTR = Suppress('PTR') +FAR = Suppress('FAR') + BYTE = Literal('BYTE') WORD = Literal('WORD') @@ -313,6 +315,9 @@ rmarg = Group(gpregs08.parser | rmarg |= deref_mem +mem_far = FAR + deref_mem + + cl_or_imm = Group(r08_ecx.parser).setParseAction(getreg) cl_or_imm |= int_or_expr @@ -583,7 +588,13 @@ class instruction_x86(instruction): def arg2str(expr, pos=None): if isinstance(expr, ExprId) or isinstance(expr, ExprInt): o = str(expr) - elif isinstance(expr, ExprMem): + elif ((isinstance(expr, ExprOp) and expr.op == 'far' and + isinstance(expr.args[0], ExprMem)) or + isinstance(expr, ExprMem)): + if isinstance(expr, ExprOp): + prefix, expr = "FAR ", expr.args[0] + else: + prefix = "" sz = SIZE2MEMPREFIX[expr.size] segm = "" if expr.is_op_segm(): @@ -595,7 +606,7 @@ class instruction_x86(instruction): s = str(expr).replace('(', '').replace(')', '') else: s = str(expr) - o = sz + ' PTR %s[%s]' % (segm, s) + o = prefix + sz + ' PTR %s[%s]' % (segm, s) elif isinstance(expr, ExprOp) and expr.op == 'segm': o = "%s:%s" % (expr.args[0], expr.args[1]) else: @@ -777,9 +788,6 @@ class mn_x86(cls_mn): m = a.expr a.expr = ExprMem( ExprOp('segm', enc2segm[self.g2.value], m.arg), m.size) - if self.name in ['LEA', 'LDS', 'LES', 'LFS', 'LGS', 'LSS']: - if not isinstance(self.args[1].expr, ExprMem): - return None return self def dup_info(self, infos): @@ -2034,6 +2042,49 @@ class x86_rm_arg(m_arg): for x in self.gen_cand(v_cand, admode): yield x +class x86_rm_mem(x86_rm_arg): + def fromstring(self, s, parser_result=None): + self.expr = None + start, stop = super(x86_rm_mem, self).fromstring(s, parser_result) + if not isinstance(self.expr, ExprMem): + return None, None + return start, stop + + +class x86_rm_mem_far(x86_rm_arg): + parser = mem_far + def fromstring(self, s, parser_result=None): + self.expr = None + start, stop = super(x86_rm_mem_far, self).fromstring(s, parser_result) + if not isinstance(self.expr, ExprMem): + return None, None + self.expr = ExprOp('far', self.expr) + return start, stop + + def decode(self, v): + ret = super(x86_rm_mem_far, self).decode(v) + if not ret: + return ret + if isinstance(self.expr, m2_expr.ExprMem): + self.expr = ExprOp('far', self.expr) + return True + + def encode(self): + if not (isinstance(self.expr, m2_expr.ExprOp) and + self.expr.op == 'far'): + raise StopIteration + + expr = self.expr.args[0] + if isinstance(expr, ExprInt): + raise StopIteration + p = self.parent + admode = p.v_admode() + mode = expr.size + v_cand, segm, ok = expr2modrm(expr, p, 1) + if segm: + p.g2.value = segm2enc[segm] + for x in self.gen_cand(v_cand, admode): + yield x class x86_rm_w8(x86_rm_arg): @@ -3138,6 +3189,9 @@ rm_arg_m64 = bs(l=0, cls=(x86_rm_m64,), fname='rmarg') rm_arg_m80 = bs(l=0, cls=(x86_rm_m80,), fname='rmarg') rm_arg_m16 = bs(l=0, cls=(x86_rm_m16,), fname='rmarg') +rm_mem = bs(l=0, cls=(x86_rm_mem,), fname='rmarg') +rm_mem_far = bs(l=0, cls=(x86_rm_mem_far,), fname='rmarg') + rm_arg_mm = bs(l=0, cls=(x86_rm_mm,), fname='rmarg') rm_arg_mm_m64 = bs(l=0, cls=(x86_rm_mm_m64,), fname='rmarg') rm_arg_mm_reg = bs(l=0, cls=(x86_rm_mm_reg,), fname='rmarg') @@ -3150,6 +3204,74 @@ rm_arg_xmm_reg = bs(l=0, cls=(x86_rm_xmm_reg,), fname='rmarg') swapargs = bs_swapargs(l=1, fname="swap", mn_mod=range(1 << 1)) +class bs_op_mode(bsi): + + def decode(self, v): + opmode = self.parent.v_opmode() + return opmode == self.mode + + +class bs_ad_mode(bsi): + + def decode(self, v): + admode = self.parent.v_admode() + return admode == self.mode + + +class bs_op_mode_no64(bsi): + + def encode(self): + if self.parent.mode == 64: + return False + return super(bs_op_mode_no64, self).encode() + + def decode(self, v): + if self.parent.mode == 64: + return False + opmode = self.parent.v_opmode() + return opmode == self.mode + + +class bs_op_mode64(bsi): + def encode(self): + if self.parent.mode != 64: + return False + return super(bs_op_mode64, self).encode() + + def decode(self, v): + if self.parent.mode != 64: + return False + return True + +class bs_op_modeno64(bsi): + def encode(self): + if self.parent.mode == 64: + return False + return super(bs_op_modeno64, self).encode() + + def decode(self, v): + if self.parent.mode == 64: + return False + return True + + + +bs_opmode16 = bs(l=0, cls=(bs_op_mode,), mode = 16, fname="fopmode") +bs_opmode32 = bs(l=0, cls=(bs_op_mode,), mode = 32, fname="fopmode") +bs_opmode64 = bs(l=0, cls=(bs_op_mode,), mode = 64, fname="fopmode") + + +bs_admode16 = bs(l=0, cls=(bs_ad_mode,), mode = 16, fname="fadmode") +bs_admode32 = bs(l=0, cls=(bs_ad_mode,), mode = 32, fname="fadmode") +bs_admode64 = bs(l=0, cls=(bs_ad_mode,), mode = 64, fname="fadmode") + +bs_opmode16_no64 = bs(l=0, cls=(bs_op_mode_no64,), mode = 16, fname="fopmode") +bs_opmode32_no64 = bs(l=0, cls=(bs_op_mode_no64,), mode = 32, fname="fopmode") + +bs_mode64 = bs(l=0, cls=(bs_op_mode64,)) +bs_modeno64 = bs(l=0, cls=(bs_op_modeno64,)) + + cond_list = ["O", "NO", "B", "AE", "Z", "NZ", "BE", "A", "S", "NS", "PE", "NP", @@ -3223,76 +3345,9 @@ addop("bts", [bs8(0x0f), bs8(0xba)] + rmmod(d5) + [u08]) addop("call", [bs8(0xe8), rel_off]) addop("call", [bs8(0xff), stk] + rmmod(d2)) -addop("call", [bs8(0xff), stk] + rmmod(d3, modrm=mod_mem)) -addop("call", [bs8(0x9a), moff, msegoff]) - - -class bs_op_mode(bsi): - - def decode(self, v): - opmode = self.parent.v_opmode() - return opmode == self.mode - - -class bs_ad_mode(bsi): - - def decode(self, v): - admode = self.parent.v_admode() - return admode == self.mode - - -class bs_op_mode_no64(bsi): - - def encode(self): - if self.parent.mode == 64: - return False - return super(bs_op_mode_no64, self).encode() - - def decode(self, v): - if self.parent.mode == 64: - return False - opmode = self.parent.v_opmode() - return opmode == self.mode - - -class bs_op_mode64(bsi): - def encode(self): - if self.parent.mode != 64: - return False - return super(bs_op_mode64, self).encode() - - def decode(self, v): - if self.parent.mode != 64: - return False - return True - -class bs_op_modeno64(bsi): - def encode(self): - if self.parent.mode == 64: - return False - return super(bs_op_modeno64, self).encode() +addop("call", [bs8(0xff), stk] + rmmod(d3, rm_arg_x=rm_mem_far, modrm=mod_mem)) +addop("call", [bs8(0x9a), bs_modeno64, moff, msegoff]) - def decode(self, v): - if self.parent.mode == 64: - return False - return True - - - -bs_opmode16 = bs(l=0, cls=(bs_op_mode,), mode = 16, fname="fopmode") -bs_opmode32 = bs(l=0, cls=(bs_op_mode,), mode = 32, fname="fopmode") -bs_opmode64 = bs(l=0, cls=(bs_op_mode,), mode = 64, fname="fopmode") - - -bs_admode16 = bs(l=0, cls=(bs_ad_mode,), mode = 16, fname="fadmode") -bs_admode32 = bs(l=0, cls=(bs_ad_mode,), mode = 32, fname="fadmode") -bs_admode64 = bs(l=0, cls=(bs_ad_mode,), mode = 64, fname="fadmode") - -bs_opmode16_no64 = bs(l=0, cls=(bs_op_mode_no64,), mode = 16, fname="fopmode") -bs_opmode32_no64 = bs(l=0, cls=(bs_op_mode_no64,), mode = 32, fname="fopmode") - -bs_mode64 = bs(l=0, cls=(bs_op_mode64,)) -bs_modeno64 = bs(l=0, cls=(bs_op_modeno64,)) addop("cbw", [bs8(0x98), bs_opmode16]) addop("cwde", [bs8(0x98), bs_opmode32]) @@ -3545,19 +3600,19 @@ addop("jmp", [bs8(0xeb), rel_off08]) addop("jmp", [bs8(0xe9), rel_off]) # TODO XXX replace stk force64? addop("jmp", [bs8(0xff), stk] + rmmod(d4)) -addop("jmpf", [bs8(0xea), moff, msegoff]) +addop("jmp", [bs8(0xea), bs_modeno64, moff, msegoff]) -addop("jmpf", [bs8(0xff)] + rmmod(d5)) +addop("jmp", [bs8(0xff)] + rmmod(d5, rm_arg_x=rm_mem_far, modrm=mod_mem)) addop("lahf", [bs8(0x9f)]) addop("lar", [bs8(0x0f), bs8(0x02)] + rmmod(rmreg)) -addop("lea", [bs8(0x8d)] + rmmod(rmreg)) -addop("les", [bs8(0xc4)] + rmmod(rmreg)) -addop("lds", [bs8(0xc5)] + rmmod(rmreg)) -addop("lss", [bs8(0x0f), bs8(0xb2)] + rmmod(rmreg)) -addop("lfs", [bs8(0x0f), bs8(0xb4)] + rmmod(rmreg)) -addop("lgs", [bs8(0x0f), bs8(0xb5)] + rmmod(rmreg)) +addop("lea", [bs8(0x8d)] + rmmod(rmreg, rm_arg_x=rm_mem, modrm=mod_mem)) +addop("les", [bs8(0xc4)] + rmmod(rmreg, rm_arg_x=rm_mem, modrm=mod_mem)) +addop("lds", [bs8(0xc5)] + rmmod(rmreg, rm_arg_x=rm_mem, modrm=mod_mem)) +addop("lss", [bs8(0x0f), bs8(0xb2)] + rmmod(rmreg, rm_arg_x=rm_mem, modrm=mod_mem)) +addop("lfs", [bs8(0x0f), bs8(0xb4)] + rmmod(rmreg, rm_arg_x=rm_mem, modrm=mod_mem)) +addop("lgs", [bs8(0x0f), bs8(0xb5)] + rmmod(rmreg, rm_arg_x=rm_mem, modrm=mod_mem)) addop("lgdt", [bs8(0x0f), bs8(0x01)] + rmmod(d2, modrm=mod_mem)) addop("lidt", [bs8(0x0f), bs8(0x01)] + rmmod(d3, modrm=mod_mem)) diff --git a/miasm2/arch/x86/sem.py b/miasm2/arch/x86/sem.py index fde5e5f0..18410bf9 100644 --- a/miasm2/arch/x86/sem.py +++ b/miasm2/arch/x86/sem.py @@ -272,6 +272,13 @@ def mov(ir, instr, a, b): return e, [] +def movq(ir, instr, dst, src): + src_final = (src.zeroExtend(dst.size) + if dst.size >= src.size else + src[:dst.size]) + return [m2_expr.ExprAff(dst, src_final)], [] + + @sbuild.parse def xchg(arg1, arg2): arg1 = arg2 @@ -421,7 +428,10 @@ def l_test(ir, instr, a, b): def get_shift(a, b): # b.size must match a - b = b.zeroExtend(a.size) + if isinstance(b, m2_expr.ExprInt): + b = m2_expr.ExprInt(int(b.arg), a.size) + else: + b = b.zeroExtend(a.size) if a.size == 64: shift = b & m2_expr.ExprInt_from(b, 0x3f) else: @@ -582,24 +592,6 @@ def shr(ir, instr, a, b): return _shift_tpl(">>", ir, instr, a, b, custom_of=a.msb()) -def shrd_cl(ir, instr, a, b): - e = [] - opmode, admode = s, instr.v_admode() - shifter = mRCX[instr.mode][:8].zeroExtend(a.size) - shifter &= m2_expr.ExprInt_from(a, 0x1f) - c = (a >> shifter) | (b << (m2_expr.ExprInt_from(a, a.size) - shifter)) - new_cf = (a >> (shifter - m2_expr.ExprInt_from(a, 1)))[:1] - e.append(m2_expr.ExprAff(cf, m2_expr.ExprCond(shifter, - new_cf, - cf) - ) - ) - e.append(m2_expr.ExprAff(of, a.msb())) - e += update_flag_znp(c) - e.append(m2_expr.ExprAff(a, c)) - return e, [] - - def shrd(ir, instr, a, b, c): return _shift_tpl(">>>", ir, instr, a, b, c, "<<<") @@ -624,10 +616,6 @@ def shl(ir, instr, a, b): return _shift_tpl("<<", ir, instr, a, b, left=True) -def shld_cl(ir, instr, a, b): - return shld(ir, instr, a, b, ecx) - - def shld(ir, instr, a, b, c): return _shift_tpl("<<<", ir, instr, a, b, c, ">>>", left=True) @@ -1146,14 +1134,24 @@ def call(ir, instr, dst): myesp = mRSP[instr.mode][:opmode] n = m2_expr.ExprId(ir.get_next_label(instr), ir.IRDst.size) - if (isinstance(dst, m2_expr.ExprOp) and dst.op == "segm"): - # call far - if instr.mode != 16: - raise NotImplementedError('add 32 bit support!') - segm = dst.args[0] - base = dst.args[1] - m1 = segm.zeroExtend(CS.size) - m2 = base.zeroExtend(meip.size) + if isinstance(dst, m2_expr.ExprOp): + if dst.op == "segm": + # Far call segm:addr + if instr.mode not in [16, 32]: + raise RuntimeError('not supported') + segm = dst.args[0] + base = dst.args[1] + m1 = segm.zeroExtend(CS.size) + m2 = base.zeroExtend(meip.size) + elif dst.op == "far": + # Far call far [eax] + addr = dst.args[0].arg + m1 = m2_expr.ExprMem(addr, CS.size) + m2 = m2_expr.ExprMem(addr + m2_expr.ExprInt_from(addr, 2), + meip.size) + else: + raise RuntimeError("bad call operator") + e.append(m2_expr.ExprAff(CS, m1)) e.append(m2_expr.ExprAff(meip, m2)) @@ -1195,7 +1193,7 @@ def ret(ir, instr, a=None): a = m2_expr.ExprInt(0, s) value = (myesp + (m2_expr.ExprInt((s / 8), s))) else: - a = a.zeroExtend(s) + a = m2_expr.ExprInt(int(a.arg), s) value = (myesp + (m2_expr.ExprInt((s / 8), s) + a)) e.append(m2_expr.ExprAff(myesp, value)) @@ -1271,33 +1269,34 @@ def enter(ir, instr, a, b): def jmp(ir, instr, dst): e = [] meip = mRIP[ir.IRDst.size] - e.append(m2_expr.ExprAff(meip, dst)) # dst.zeroExtend(ir.IRDst.size))) - e.append(m2_expr.ExprAff(ir.IRDst, dst)) # dst.zeroExtend(ir.IRDst.size))) - if isinstance(dst, m2_expr.ExprMem): - dst = meip - return e, [] + if isinstance(dst, m2_expr.ExprOp): + if dst.op == "segm": + # Far jmp segm:addr + segm = dst.args[0] + base = dst.args[1] + m1 = segm.zeroExtend(CS.size) + m2 = base.zeroExtend(meip.size) + elif dst.op == "far": + # Far jmp far [eax] + addr = dst.args[0].arg + m1 = m2_expr.ExprMem(addr, CS.size) + m2 = m2_expr.ExprMem(addr + m2_expr.ExprInt_from(addr, 2), + meip.size) + else: + raise RuntimeError("bad jmp operator") + e.append(m2_expr.ExprAff(CS, m1)) + e.append(m2_expr.ExprAff(meip, m2)) + e.append(m2_expr.ExprAff(ir.IRDst, m2)) -def jmpf(ir, instr, a): - e = [] - meip = mRIP[ir.IRDst.size] - s = instr.mode - if (isinstance(a, m2_expr.ExprOp) and a.op == "segm"): - segm = a.args[0] - base = a.args[1] - m1 = segm.zeroExtend( - CS.size) # m2_expr.ExprMem(m2_expr.ExprOp('segm', segm, base), 16) - m2 = base.zeroExtend(meip.size) - # m2_expr.ExprMem(m2_expr.ExprOp('segm', segm, - # base + m2_expr.ExprInt_from(base, 2)), s) else: - m1 = m2_expr.ExprMem(a, 16) - m2 = m2_expr.ExprMem(a + m2_expr.ExprInt_from(a, 2), meip.size) + # Classic jmp + e.append(m2_expr.ExprAff(meip, dst)) + e.append(m2_expr.ExprAff(ir.IRDst, dst)) - e.append(m2_expr.ExprAff(CS, m1)) - e.append(m2_expr.ExprAff(meip, m2)) - e.append(m2_expr.ExprAff(ir.IRDst, m2)) + if isinstance(dst, m2_expr.ExprMem): + dst = meip return e, [] @@ -2860,6 +2859,7 @@ def icebp(ir, instr): return e, [] # XXX + def l_int(ir, instr, a): e = [] # XXX @@ -3896,16 +3896,27 @@ def movlps(ir, instr, a, b): def movhpd(ir, instr, a, b): e = [] - e.append(m2_expr.ExprAff(a[64:128], b[:64])) + if b.size == 64: + e.append(m2_expr.ExprAff(a[64:128], b)) + elif a.size == 64: + e.append(m2_expr.ExprAff(a, b[64:128])) + else: + raise RuntimeError("bad encoding!") return e, [] -def movhps(ir, instr, a, b): +def movlhps(ir, instr, a, b): e = [] e.append(m2_expr.ExprAff(a[64:128], b[:64])) return e, [] +def movhlps(ir, instr, a, b): + e = [] + e.append(m2_expr.ExprAff(a[:64], b[64:128])) + return e, [] + + def movdq2q(ir, instr, a, b): e = [] e.append(m2_expr.ExprAff(a, b[:64])) @@ -3982,10 +3993,8 @@ mnemo_func = {'mov': mov, 'rcr': rcr, 'sar': sar, 'shr': shr, - 'shrd_cl': shrd_cl, 'sal': sal, 'shl': shl, - 'shld_cl': shld_cl, 'shld': shld, 'cmc': cmc, 'clc': clc, @@ -4037,9 +4046,11 @@ mnemo_func = {'mov': mov, 'cmpsb': lambda ir, instr: cmps(ir, instr, 8), 'cmpsw': lambda ir, instr: cmps(ir, instr, 16), 'cmpsd': lambda ir, instr: cmps(ir, instr, 32), + 'cmpsq': lambda ir, instr: cmps(ir, instr, 64), 'scasb': lambda ir, instr: scas(ir, instr, 8), 'scasw': lambda ir, instr: scas(ir, instr, 16), 'scasd': lambda ir, instr: scas(ir, instr, 32), + 'scasq': lambda ir, instr: scas(ir, instr, 64), 'pushfd': pushfd, 'pushfq': pushfq, 'pushfw': pushfw, @@ -4058,7 +4069,6 @@ mnemo_func = {'mov': mov, 'leave': leave, 'enter': enter, 'jmp': jmp, - 'jmpf': jmpf, 'jz': jz, 'je': jz, 'jcxz': jcxz, @@ -4275,7 +4285,7 @@ mnemo_func = {'mov': mov, "xorps": xorps, "xorpd": xorps, - "movq": mov, + "movq": movq, "pminsw": pminsw, "cvtdq2pd": cvtdq2pd, @@ -4424,9 +4434,9 @@ mnemo_func = {'mov': mov, "movlpd": movlpd, "movlps": movlps, "movhpd": movhpd, - "movhps": movhps, - "movlhps": movhps, - "movhlps": movlps, + "movhps": movhpd, + "movlhps": movlhps, + "movhlps": movhlps, "movdq2q": movdq2q, "sqrtpd": sqrtpd, diff --git a/miasm2/core/cpu.py b/miasm2/core/cpu.py index d304108d..8195f920 100644 --- a/miasm2/core/cpu.py +++ b/miasm2/core/cpu.py @@ -262,7 +262,8 @@ def extract_ast_core(v, my_id2expr, my_int2expr): size = sizes.pop() my_int2expr = lambda x: m2_expr.ExprInt(x, size) else: - raise ValueError('multiple sizes in ids') + # Multiple sizes in ids + raise StopIteration e = ast_raw2expr(ast_tokens, my_id2expr, my_int2expr) return e diff --git a/test/arch/x86/arch.py b/test/arch/x86/arch.py index dfe4ef91..6d20d473 100644 --- a/test/arch/x86/arch.py +++ b/test/arch/x86/arch.py @@ -767,20 +767,41 @@ reg_tests = [ "e830221100"), (m32, "00000000 CALL DWORD PTR [EAX]", "ff10"), + (m32, "00000000 CALL EAX", + "ffd0"), + (m32, "00000000 CALL DWORD PTR [EAX+EBX]", + "ff1403"), + (m32, "00000000 CALL DWORD PTR [EAX+EBX+0x11223344]", + "ff941844332211"), + + + + + (m64, "00000000 CALL QWORD PTR [RAX]", "ff10"), - (m32, "00000000 CALL 0x6655:0x44332211", "9a112233445566"), (m32, "00000000 CALL 0x6655:0xFF332211", "9a112233FF5566"), - (m32, "00000000 CALL DWORD PTR [0xFFFFFFA3]", + (m64, "00000000 CALL QWORD PTR [RAX+RBX]", + "ff1403"), + (m64, "00000000 CALL QWORD PTR [RAX+RBX+0x11223344]", + "ff941844332211"), + + + (m32, "00000000 CALL FAR DWORD PTR [EAX]", + "ff18"), + (m32, "00000000 CALL FAR DWORD PTR [EAX+EBX]", + "ff1c03"), + (m32, "00000000 CALL FAR DWORD PTR [EAX+EBX+0x11223344]", + "ff9c1844332211"), + (m32, "00000000 CALL FAR DWORD PTR [0xFFFFFFA3]", "FF1DA3FFFFFF"), - (m64, "00000000 CALL QWORD PTR [RIP+0xFFFFFFFFFFFFFFA3]", + (m64, "00000000 CALL FAR QWORD PTR [RIP+0xFFFFFFFFFFFFFFA3]", "FF1DA3FFFFFF"), - (m16, "00000000 CBW", "98"), (m16, "00000000 CWDE", @@ -2419,6 +2440,13 @@ reg_tests = [ (m64, "00000000 JMP RDX", "FFE2"), + (m32, "00000000 JMP FAR DWORD PTR [EAX]", + "FF28"), + (m64, "00000000 JMP FAR DWORD PTR [RAX]", + "FF28"), + (m32, "00000000 JMP 0x6655:0x44332211", + "EA112233445566"), + (m32, "00000000 XGETBV", "0f01d0"), |