VOGONS


Common log format

Topic actions

Reply 20 of 90, by vladstamate

User metadata
Rank Oldbie
Rank
Oldbie

For 386+ processors I expect EIP to always be used. When running on 16bit CS descriptor the CPU probably masks out the top 16bit.

YouTube channel: https://www.youtube.com/channel/UC7HbC_nq8t1S9l7qGYL0mTA
Collection: http://www.digiloguemuseum.com/index.html
Emulator: https://sites.google.com/site/capex86/
Raytracer: https://sites.google.com/site/opaqueraytracer/

Reply 21 of 90, by superfury

User metadata
Rank l33t++
Rank
l33t++

Wouldn't that break 0xFFFF limit behaviour?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 22 of 90, by vladstamate

User metadata
Rank Oldbie
Rank
Oldbie

I don't see how. We are talking about CS and not about the segment offset/limit.

In real mode, virtual mode and 16bit protected mode (AKA 286 protected mode) the EIP is only 16bits so top bits are masked off for address calculation (or segment selector selection).

In 32 bit protected mode the EIP is treated as a 32bit value.

YouTube channel: https://www.youtube.com/channel/UC7HbC_nq8t1S9l7qGYL0mTA
Collection: http://www.digiloguemuseum.com/index.html
Emulator: https://sites.google.com/site/capex86/
Raytracer: https://sites.google.com/site/opaqueraytracer/

Reply 23 of 90, by hottobar

User metadata
Rank Newbie
Rank
Newbie
vladstamate wrote:

@hottobar: I like that format, except for the empty spaces. When we are dumping millions of instructions that can easily double the log size for no actual useful reason. We should just print the instruction bytes followed by space then instruction decoding. Compact is important.

I decided in favor of fixed width columns because it's easier for me to parse the logfile with my own eyes, but it's trivial to remove the spaces with a config flag, so no problem.

vladstamate wrote:

we might be able to change bochs too.

Bochs is easy to adapt via instrumentation plugins. I've already done that to generate trace logs identical to my emu.

Reply 24 of 90, by vladstamate

User metadata
Rank Oldbie
Rank
Oldbie
hottobar wrote:

I decided in favor of fixed width columns because it's easier for me to parse the logfile with my own eyes, but it's trivial to remove the spaces with a config flag, so no problem.

Well it looks the common log format will be very close to what you originally had, so you won't have to change much.

hottobar wrote:

Bochs is easy to adapt via instrumentation plugins. I've already done that to generate trace logs identical to my emu.

Do you have a diff or code that I can apply to bochs' source code to have that instrumentation plugin? I can work on changing it to match the new common log format.

YouTube channel: https://www.youtube.com/channel/UC7HbC_nq8t1S9l7qGYL0mTA
Collection: http://www.digiloguemuseum.com/index.html
Emulator: https://sites.google.com/site/capex86/
Raytracer: https://sites.google.com/site/opaqueraytracer/

Reply 25 of 90, by hottobar

User metadata
Rank Newbie
Rank
Newbie
vladstamate wrote:

Do you have a diff or code that I can apply to bochs' source code to have that instrumentation plugin? I can work on changing it to match the new common log format.

Filename
bochs-instrument.zip
File size
5.19 KiB
Downloads
90 downloads
File license
Fair use/fair dealing exception

Place the code inside the Bochs' intrument folder and follow the instructions inside instrumentations.txt to compile.

instrument.cc/bx_instr_initialize() reads some initialization params from .bochsrc, but to enable those params you must modify config.cc/parse_line_formatted() and extend the Bochs' config file format accordingly. It's not necessary though and everything can be made static.

Reply 26 of 90, by superfury

User metadata
Rank l33t++
Rank
l33t++

I've looked at the 80386 manual again: no wrapping can be applied to EIP. it will cause a #GP fault when fetching/executing past 0xFFFF(80(1)8X wraps instead).

https://pdos.csail.mit.edu/6.828/2006/reading … i386/s15_06.htm , #8.

Thus, EIP is used(otherwise it cannot detect operands past 0xFFFF, since it would be truncated to 0x0000 for e.g. 0x10000)? It's just that only the low 16 bits are saved during exception handling and loading 16-bits in any way causes it to clear the upper 16 bits? Only the 80(1)8X CPUs wrap those 16-bit values. 80286 will generate an exception in the case it goes past 0xFFFF in real/protected mode(due to limit causing an exception).

Also you're forgetting huge real mode, which is real mode with a 32-bit CS descriptor.

Edit: Thinking about it, the 80286+ 'wrapping' on IP is an illusion: it doesn't wrap at all. When it reaches offset 0x10000, it will fault, which will cause a pseudo protection fault. The fault handling will only store the 16-bit 0x0000 IP value(truncated EIP on the 80386) on the stack. When the fault handler returns from that, it will essentially jump to offset 0x0000. Of course, it requires a IRET dummy minimin for the CPU to not crash on the fault handler. So, to the application it looks like IP is wrapping around 16-bits, but the fault handler in between causes 0x10000 to be truncated. Of couse, instructions spanning 0x10000 will always faul, due to obvious reasons: the fault will always return to the point before 0x10000, infinitely faulting(except if the exception handler does something about it).

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 27 of 90, by superfury

User metadata
Rank l33t++
Rank
l33t++

Shouldn't the EIP(which is the sum of the immediate displacement and/or next instruction EIP address) be logged as 4 digits(16-bit offset) or 8 digits(32-bit offset), depending on the operand size? That is the correct way of displaying such an address, as it's the sum of EIP+disp8/16/32 or IP+disp8/16(depending on the operand size)? I currently have the 16-bit IP values for jumps using a 16-bit operand size and 32-bit EIP values for jumps with a 32-bit operand size(so it's dependant on the CS descriptor's D-bit and operand size override only)?

This is what UniPCemu currently generates using it's implementation of the common log format, running the test386.asm BIOS(which fails):

F000:0000FFF0 EA 45 00 00 F0 jmp f000:0045
F000:00000045 FA cli
F000:00000046 B4 01 movb ah, 01
F000:00000048 9E sahf
F000:00000049 73 24 jae 006f
F000:0000004B 72 23 jb 0070
F000:00000070 72 DC jb 004e
F000:0000004E B4 40 movb ah, 40
F000:00000050 9E sahf
F000:00000051 75 1C jne 006f
F000:00000053 74 1D je 0072
F000:00000072 74 E2 je 0056
F000:00000056 B4 04 movb ah, 04
F000:00000058 9E sahf
F000:00000059 7B 14 jnp 006f
F000:0000005B 7A 17 jp 0074
F000:00000074 7A E8 jp 005e
F000:0000005E B4 80 movb ah, 80
F000:00000060 9E sahf
F000:00000061 79 0C jns 006f
F000:00000063 78 11 js 0076
F000:00000076 78 EE js 0066
F000:00000066 B4 41 movb ah, 41
F000:00000068 9E sahf
F000:00000069 77 04 ja 006f
F000:0000006B 76 0B jbe 0078
F000:00000078 76 F3 jbe 006d
F000:0000006D EB 0B jmp 007a
F000:0000007A B4 D4 movb ah, d4
F000:0000007C 9E sahf
F000:0000007D B8 00 00 movw ax, 0000
F000:00000080 9E sahf
F000:00000081 73 1B jae 009e
F000:0000009E 73 E4 jae 0084
F000:00000084 B4 95 movb ah, 95
F000:00000086 9E sahf
F000:00000087 75 17 jne 00a0
F000:000000A0 75 E8 jne 008a
F000:0000008A B4 D1 movb ah, d1
F000:0000008C 9E sahf
F000:0000008D 7B 13 jnp 00a2
F000:000000A2 7B EC jnp 0090
F000:00000090 B4 55 movb ah, 55
F000:00000092 9E sahf
F000:00000093 79 0F jns 00a4
F000:000000A4 79 F0 jns 0096
F000:00000096 B4 94 movb ah, 94
F000:00000098 9E sahf
F000:00000099 77 0B ja 00a6
F000:000000A6 77 F4 ja 009c
F000:0000009C EB 0A jmp 00a8
F000:000000A8 B4 00 movb ah, 00
F000:000000AA 9E sahf
F000:000000AB B0 40 movb al, 40
F000:000000AD D0 E0 shlb al,1
F000:000000AF 71 34 jno 00e5
F000:000000B1 70 33 jo 00e6
F000:000000E6 70 CC jo 00b4
F000:000000B4 7C 2F jl 00e5
F000:000000B6 7D 30 jnl 00e8
Show last 21 lines
F000:000000E8 7D CF jnl 00b9
F000:000000B9 7E 2A jle 00e5
F000:000000BB 7F 2D jg 00ea
F000:000000EA 7F D2 jg 00be
F000:000000BE B4 40 movb ah, 40
F000:000000C0 9E sahf
F000:000000C1 7C 29 jl 00ec
F000:000000EC 7C D6 jl 00c4
F000:000000C4 7E 28 jle 00ee
F000:000000EE 7E D7 jle 00c7
F000:000000C7 66 B9 01 00 00 00 movd ecx, 00000001
F000:000000CD E3 16 jcxz 00e5
F000:000000CF 66 B9 00 00 01 00 movd ecx, 00010000
F000:000000D5 E3 19 jcxz 00f0
F000:000000F0 E3 E5 jcxz 00d7
F000:000000D7 67 E3 0B jcxz 00e5
F000:000000E5 F4 hlt
F000:000000E6 F4 <hlt>
F000:000000E6 F4 <hlt>
F000:000000E6 F4 <hlt>
F000:000000E6 F4 <hlt>

Edit: A little improvement, extending all offsets to become 32-bits always in the common log format. I've also modified the second or onwards immediate parameters to not add a space before it(e.g. "movd ecx,00010000" instead of "movd ecx, 00010000" (the final loading instruction in the above log).

The is the newly generated log running the entire test386.asm(which goes wrong immediately):

F000:0000FFF0 EA 45 00 00 F0 jmp f000:00000045
F000:00000045 FA cli
F000:00000046 B4 01 movb ah,01
F000:00000048 9E sahf
F000:00000049 73 24 jae 0000006f
F000:0000004B 72 23 jb 00000070
F000:00000070 72 DC jb 0000004e
F000:0000004E B4 40 movb ah,40
F000:00000050 9E sahf
F000:00000051 75 1C jne 0000006f
F000:00000053 74 1D je 00000072
F000:00000072 74 E2 je 00000056
F000:00000056 B4 04 movb ah,04
F000:00000058 9E sahf
F000:00000059 7B 14 jnp 0000006f
F000:0000005B 7A 17 jp 00000074
F000:00000074 7A E8 jp 0000005e
F000:0000005E B4 80 movb ah,80
F000:00000060 9E sahf
F000:00000061 79 0C jns 0000006f
F000:00000063 78 11 js 00000076
F000:00000076 78 EE js 00000066
F000:00000066 B4 41 movb ah,41
F000:00000068 9E sahf
F000:00000069 77 04 ja 0000006f
F000:0000006B 76 0B jbe 00000078
F000:00000078 76 F3 jbe 0000006d
F000:0000006D EB 0B jmp 0000007a
F000:0000007A B4 D4 movb ah,d4
F000:0000007C 9E sahf
F000:0000007D B8 00 00 movw ax,0000
F000:00000080 9E sahf
F000:00000081 73 1B jae 0000009e
F000:0000009E 73 E4 jae 00000084
F000:00000084 B4 95 movb ah,95
F000:00000086 9E sahf
F000:00000087 75 17 jne 000000a0
F000:000000A0 75 E8 jne 0000008a
F000:0000008A B4 D1 movb ah,d1
F000:0000008C 9E sahf
F000:0000008D 7B 13 jnp 000000a2
F000:000000A2 7B EC jnp 00000090
F000:00000090 B4 55 movb ah,55
F000:00000092 9E sahf
F000:00000093 79 0F jns 000000a4
F000:000000A4 79 F0 jns 00000096
F000:00000096 B4 94 movb ah,94
F000:00000098 9E sahf
F000:00000099 77 0B ja 000000a6
F000:000000A6 77 F4 ja 0000009c
F000:0000009C EB 0A jmp 000000a8
F000:000000A8 B4 00 movb ah,00
F000:000000AA 9E sahf
F000:000000AB B0 40 movb al,40
F000:000000AD D0 E0 shlb al,1
F000:000000AF 71 34 jno 000000e5
F000:000000B1 70 33 jo 000000e6
F000:000000E6 70 CC jo 000000b4
F000:000000B4 7C 2F jl 000000e5
F000:000000B6 7D 30 jnl 000000e8
Show last 21 lines
F000:000000E8 7D CF jnl 000000b9
F000:000000B9 7E 2A jle 000000e5
F000:000000BB 7F 2D jg 000000ea
F000:000000EA 7F D2 jg 000000be
F000:000000BE B4 40 movb ah,40
F000:000000C0 9E sahf
F000:000000C1 7C 29 jl 000000ec
F000:000000EC 7C D6 jl 000000c4
F000:000000C4 7E 28 jle 000000ee
F000:000000EE 7E D7 jle 000000c7
F000:000000C7 66 B9 01 00 00 00 movd ecx,00000001
F000:000000CD E3 16 jcxz 000000e5
F000:000000CF 66 B9 00 00 01 00 movd ecx,00010000
F000:000000D5 E3 19 jcxz 000000f0
F000:000000F0 E3 E5 jcxz 000000d7
F000:000000D7 67 E3 0B jcxz 000000e5
F000:000000E5 F4 hlt
F000:000000E6 F4 <hlt>
F000:000000E6 F4 <hlt>
F000:000000E6 F4 <hlt>
F000:000000E6 F4 <hlt>

Edit: Hmmmm.... That MOVD ECX,00000001 instruction isn't supposed to exist, according to https://github.com/barotto/test386.asm/blob/m … ests/loop_m.asm ?

Edit: Found a problem: The 32-bit operand size prefix isn't working on JCXZ for some reason?
Edit: Found the bug and fixed it: the J(E)CXZ and LOOPnn instructions depend on the address size attribute instead of the operand size attribute to select between CX and ECX. Having fixed this, it now continues on to the next tests.

There's something strange, though: the POST instructions are not assembled by the nasm compiler(netwide assembler)? I don't see the POST 1 being assembled? The POST card indicates 01h now(before crashing to a long lost of 0000h instructions)?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 28 of 90, by vladstamate

User metadata
Rank Oldbie
Rank
Oldbie

I noticed you used "movb". Why not just use mov? The size is implied in the argument. Intel does not seem to have those instructions. I've also looked at IBMulator code and it does not use size qualifier on instructions. All others like XOR, ADD, MUL, DIV have clear sizes based on arguments.

The only instructions that need that are string instructions

STOSB/W/D
MOVSB/W/D
CMPSB/W/D
LODSB/W/D
SCASB/W/D

Can we get a consensus here?

YouTube channel: https://www.youtube.com/channel/UC7HbC_nq8t1S9l7qGYL0mTA
Collection: http://www.digiloguemuseum.com/index.html
Emulator: https://sites.google.com/site/capex86/
Raytracer: https://sites.google.com/site/opaqueraytracer/

Reply 29 of 90, by superfury

User metadata
Rank l33t++
Rank
l33t++

What about instructions that might have a memory operand only, like [cs:bx]? You can't see what is being transferred or processed with such instructions(like NEG, DIV, MUL, PUSH Mem instructions and other 1-parameter byte/word/dword ambiguous instructions?)?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 30 of 90, by hottobar

User metadata
Rank Newbie
Rank
Newbie
superfury wrote:

What about instructions that might have a memory operand only

DOSBox's disassembler specifies the size before the operand, for example:

push word cs:[bp+01]
cmp byte [0030],00

Reply 31 of 90, by vladstamate

User metadata
Rank Oldbie
Rank
Oldbie

I agree that something like "push cs:[bp+1]" is not very clear what size is being pushed.

So what do we like more?

a) the more verbose DOSBOX style of "push word cs:[bp+01]"
or
b) "pushw cs:[bp+01]"

I am inclined more towards a) as it has precedents in documentation but I am open.

YouTube channel: https://www.youtube.com/channel/UC7HbC_nq8t1S9l7qGYL0mTA
Collection: http://www.digiloguemuseum.com/index.html
Emulator: https://sites.google.com/site/capex86/
Raytracer: https://sites.google.com/site/opaqueraytracer/

Reply 32 of 90, by superfury

User metadata
Rank l33t++
Rank
l33t++

Well, thinking about it:
- PUSHB/W/D follows the same principle as the string instructions. Size is easily seen. Modr/m parameters can be used universally with any instruction, not depending on the byte/word/dword size(it's literally a dynamic void* pointer).
- Having to add byte/word/dword keyword to all memory operands adds more space to the logs. It also requires that each and every instruction variant needs to specify operand size data to keep things modular. It also complicates searching for a specific instruction in either parameter order(e.g. opcode 01 vs 03) or rough variants of instructions(e.g. word moves).

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 33 of 90, by Azarien

User metadata
Rank Oldbie
Rank
Oldbie

On the other hand, commonly used Intel syntax uses "mov word" (or even more verbose "mov word ptr") instead of movw.

For example, NASM uses push word [cs:bp+01] (note that cs is inside brackets too)

Reply 34 of 90, by vladstamate

User metadata
Rank Oldbie
Rank
Oldbie

Ok, let me suggest a middle road then. For any instruction that uses 2 registers, or has one source/destination and that is a register size modifiers are not needed.

mov ax, bx
mul eax
push ecx

However when a source or destination is memory, size is explicit:

push word cs:[bp+01]
mov dword ds:[di], eax

I believe this should match Intel documentation and what we already have (including dosbox) so it should be a good compromise.

As for segment inside address ([cs:bp+1] vs cs:[bp+1]) I believe we already settled on the second, as most emulators do that already (plus I think it is more readable).

YouTube channel: https://www.youtube.com/channel/UC7HbC_nq8t1S9l7qGYL0mTA
Collection: http://www.digiloguemuseum.com/index.html
Emulator: https://sites.google.com/site/capex86/
Raytracer: https://sites.google.com/site/opaqueraytracer/

Reply 35 of 90, by superfury

User metadata
Rank l33t++
Rank
l33t++

Just improved the ModR/M decoding to use Base+Index*Scale+Displacement, in that order. Now I just need to modify the segment register location to appear before the brackets. Then the bugs are still there to be solved(protected mode bugs and other unknown bugs), as well as the complicated matter of the byte/word/dword keyboard being added to the modr/m memory addresses only.

Edit: Just modified the segments to appear outside of the brackets (e.g. ES:[ESI]). The only problem left is how to implement the byte/word/dword keyboard into the modr/m parameters.

Edit: I've finished modifying all(except if I forgot any) instructions to no longer using the B/W/D suffix, except when it isn't identified by looking at modr/m data or parameters(like RETFD vs RETF, RETD vs RET, PUSHFD vs PUSHF, POPFD vs POPF, string instructions, IRETD, PUSHAD and POPAD). The ModR/M has a little extension added to it's memory addresses, prefixing "byte", "word" or "dword" to the memory address automatically, except with the MOVSX and MOVZX instructions(which override that behaviour because it redirects to using byte/word instead of word/dword for it's r/m operand only(r/m8 and r/m16 respectively).

So now it fully complies with the current log format?
Edit: Btw, no spaces are added after the comma sign, UniPCemu just adds the parameters seperated directly after it(when using more than one parameter for an instruction).

F000:0000FFF0 EA 45 00 00 F0 jmp f000:00000045
F000:00000045 FA cli
F000:00000046 B0 00 mov al,00
F000:00000048 BA 84 00 mov dx,0084
F000:0000004B EE out dx,al
F000:0000004C B4 01 mov ah,01
F000:0000004E 9E sahf
F000:0000004F 73 24 jae 00000075
F000:00000051 72 23 jb 00000076
F000:00000076 72 DC jb 00000054
F000:00000054 B4 40 mov ah,40
F000:00000056 9E sahf
F000:00000057 75 1C jne 00000075
F000:00000059 74 1D je 00000078
F000:00000078 74 E2 je 0000005c
F000:0000005C B4 04 mov ah,04
F000:0000005E 9E sahf
F000:0000005F 7B 14 jnp 00000075
F000:00000061 7A 17 jp 0000007a
F000:0000007A 7A E8 jp 00000064
F000:00000064 B4 80 mov ah,80
F000:00000066 9E sahf
F000:00000067 79 0C jns 00000075
F000:00000069 78 11 js 0000007c
F000:0000007C 78 EE js 0000006c
F000:0000006C B4 41 mov ah,41
F000:0000006E 9E sahf
F000:0000006F 77 04 ja 00000075
F000:00000071 76 0B jbe 0000007e
F000:0000007E 76 F3 jbe 00000073
F000:00000073 EB 0B jmp 00000080
F000:00000080 B4 D4 mov ah,d4
F000:00000082 9E sahf
F000:00000083 B8 00 00 mov ax,0000
F000:00000086 9E sahf
F000:00000087 73 1B jae 000000a4
F000:000000A4 73 E4 jae 0000008a
F000:0000008A B4 95 mov ah,95
F000:0000008C 9E sahf
F000:0000008D 75 17 jne 000000a6
F000:000000A6 75 E8 jne 00000090
F000:00000090 B4 D1 mov ah,d1
F000:00000092 9E sahf
F000:00000093 7B 13 jnp 000000a8
F000:000000A8 7B EC jnp 00000096
F000:00000096 B4 55 mov ah,55
F000:00000098 9E sahf
F000:00000099 79 0F jns 000000aa
F000:000000AA 79 F0 jns 0000009c
F000:0000009C B4 94 mov ah,94
F000:0000009E 9E sahf
F000:0000009F 77 0B ja 000000ac
F000:000000AC 77 F4 ja 000000a2
F000:000000A2 EB 0A jmp 000000ae
F000:000000AE B4 00 mov ah,00
F000:000000B0 9E sahf
F000:000000B1 B0 40 mov al,40
F000:000000B3 D0 E0 shl al,1
F000:000000B5 71 34 jno 000000eb
F000:000000B7 70 33 jo 000000ec
Show last 128 lines
F000:000000EC 70 CC jo 000000ba
F000:000000BA 7C 2F jl 000000eb
F000:000000BC 7D 30 jnl 000000ee
F000:000000EE 7D CF jnl 000000bf
F000:000000BF 7E 2A jle 000000eb
F000:000000C1 7F 2D jg 000000f0
F000:000000F0 7F D2 jg 000000c4
F000:000000C4 B4 40 mov ah,40
F000:000000C6 9E sahf
F000:000000C7 7C 29 jl 000000f2
F000:000000F2 7C D6 jl 000000ca
F000:000000CA 7E 28 jle 000000f4
F000:000000F4 7E D7 jle 000000cd
F000:000000CD 66 B9 01 00 00 00 mov ecx,00000001
F000:000000D3 E3 16 jcxz 000000eb
F000:000000D5 66 B9 00 00 01 00 mov ecx,00010000
F000:000000DB E3 19 jcxz 000000f6
F000:000000F6 E3 E5 jcxz 000000dd
F000:000000DD 67 E3 0B jecxz 000000eb
F000:000000E0 66 B9 00 00 00 00 mov ecx,00000000
F000:000000E6 67 E3 0F jecxz 000000f8
F000:000000F8 67 E3 EE jecxz 000000e9
F000:000000E9 EB 10 jmp 000000fb
F000:000000FB B4 01 mov ah,01
F000:000000FD 9E sahf
F000:000000FE 0F 83 B7 00 jnb 000001b9
F000:00000102 0F 82 B4 00 jnae 000001ba
F000:000001BA 0F 82 49 FF jnae 00000107
F000:00000107 B4 40 mov ah,40
F000:00000109 9E sahf
F000:0000010A 0F 85 AB 00 jne 000001b9
F000:0000010E 0F 84 AC 00 je 000001be
F000:000001BE 0F 84 51 FF je 00000113
F000:00000113 B4 04 mov ah,04
F000:00000115 9E sahf
F000:00000116 0F 8B 9F 00 jnp 000001b9
F000:0000011A 0F 8A A4 00 jp 000001c2
F000:000001C2 0F 8A 59 FF jp 0000011f
F000:0000011F B4 80 mov ah,80
F000:00000121 9E sahf
F000:00000122 0F 89 93 00 jns 000001b9
F000:00000126 0F 88 9C 00 js 000001c6
F000:000001C6 0F 88 61 FF js 0000012b
F000:0000012B B4 41 mov ah,41
F000:0000012D 9E sahf
F000:0000012E 0F 87 87 00 jnbe 000001b9
F000:00000132 0F 86 94 00 jbe 000001ca
F000:000001CA 0F 86 68 FF jbe 00000136
F000:00000136 E9 95 00 jmp 000001ce
F000:000001CE B4 D4 mov ah,d4
F000:000001D0 9E sahf
F000:000001D1 B8 00 00 mov ax,0000
F000:000001D4 9E sahf
F000:000001D5 0F 83 A4 00 jnb 0000027d
F000:0000027D 0F 83 59 FF jnb 000001da
F000:000001DA B4 95 mov ah,95
F000:000001DC 9E sahf
F000:000001DD 0F 85 A0 00 jne 00000281
F000:00000281 0F 85 5D FF jne 000001e2
F000:000001E2 B4 D1 mov ah,d1
F000:000001E4 9E sahf
F000:000001E5 0F 8B 9C 00 jnp 00000285
F000:00000285 0F 8B 61 FF jnp 000001ea
F000:000001EA B4 55 mov ah,55
F000:000001EC 9E sahf
F000:000001ED 0F 89 98 00 jns 00000289
F000:00000289 0F 89 65 FF jns 000001f2
F000:000001F2 B4 94 mov ah,94
F000:000001F4 9E sahf
F000:000001F5 0F 87 94 00 jnbe 0000028d
F000:0000028D 0F 87 69 FF jnbe 000001fa
F000:000001FA E9 94 00 jmp 00000291
F000:00000291 B4 00 mov ah,00
F000:00000293 9E sahf
F000:00000294 B0 40 mov al,40
F000:00000296 D0 E0 shl al,1
F000:00000298 0F 81 A7 00 jno 00000343
F000:0000029C 0F 80 A4 00 jo 00000344
F000:00000344 0F 80 59 FF jo 000002a1
F000:000002A1 0F 8C 9E 00 jl 00000343
F000:000002A5 0F 8D 9F 00 jnl 00000348
F000:00000348 0F 8D 5E FF jnl 000002aa
F000:000002AA 0F 8E 95 00 jle 00000343
F000:000002AE 0F 8F 9A 00 jg 0000034c
F000:0000034C 0F 8F 63 FF jg 000002b3
F000:000002B3 B4 40 mov ah,40
F000:000002B5 9E sahf
F000:000002B6 0F 8C 96 00 jl 00000350
F000:00000350 0F 8C 67 FF jl 000002bb
F000:000002BB 0F 8E 95 00 jle 00000354
F000:00000354 0F 8E 68 FF jle 000002c0
F000:000002C0 E9 95 00 jmp 00000358
F000:00000358 66 B9 00 00 02 00 mov ecx,00020000
F000:0000035E 66 B8 00 00 00 00 mov eax,00000000
F000:00000364 66 40 inc eax
F000:00000366 E2 FC loop 00000364
F000:00000364 66 40 inc eax
F000:00000366 E2 FC loop 00000364
F000:00000364 66 40 inc eax
F000:00000366 E2 FC loop 00000364
F000:00000364 66 40 inc eax
F000:00000366 E2 FC loop 00000364
F000:00000364 66 40 inc eax
F000:00000366 E2 FC loop 00000364
F000:00000364 66 40 inc eax
F000:00000366 E2 FC loop 00000364
F000:00000364 66 40 inc eax
F000:00000366 E2 FC loop 00000364
F000:00000364 66 40 inc eax
F000:00000366 E2 FC loop 00000364
F000:00000364 66 40 inc eax
F000:00000366 E2 FC loop 00000364
F000:00000364 66 40 inc eax
F000:00000366 E2 FC loop 00000364
F000:00000364 66 40 inc eax
F000:00000366 E2 FC loop 00000364
F000:00000364 66 40 inc eax
F000:00000366 E2 FC loop 00000364
F000:00000364 66 40 inc eax
F000:00000366 E2 FC loop 00000364
F000:00000364 66 40 inc eax
F000:00000366 E2 FC loop 00000364
F000:00000364 66 40 inc eax
F000:00000366 E2 FC loop 00000364
F000:00000364 66 40 inc eax
F000:00000366 E2 FC loop 00000364
F000:00000364 66 40 inc eax
F000:00000366 E2 FC loop 00000364

Test E(sign extension and onwards test from test386.asm):

0010:00000B44 2E 0F BE 05 28 C6 00 00 movsx eax,byte cs:[0000c628]
0010:00000B4C 83 F8 80 cmp eax,80
0010:00000B4F 0F 85 AB B4 00 00 jne 0000c000
0010:00000B55 2E 0F BF 05 27 C6 00 00 movsx eax,word cs:[0000c627]
0010:00000B5D 3D 80 80 FF FF cmp eax,ffff8080
0010:00000B62 0F 85 98 B4 00 00 jne 0000c000
0010:00000B68 2E 0F B6 05 28 C6 00 00 movzx eax,byte cs:[0000c628]
0010:00000B70 3D 80 00 00 00 cmp eax,00000080
0010:00000B75 0F 85 85 B4 00 00 jne 0000c000
0010:00000B7B 2E 0F B7 05 27 C6 00 00 movzx eax,word cs:[0000c627]
0010:00000B83 3D 80 80 00 00 cmp eax,00008080
0010:00000B88 0F 85 72 B4 00 00 jne 0000c000
0010:00000B8E BC 00 00 04 00 mov esp,00040000
0010:00000B93 8B 14 24 mov edx,dword ss:[esp]
0010:00000B96 52 push edx
0010:00000B97 83 C4 04 add esp,04
0010:00000B9A 6A 80 push 80
0010:00000B9C 5B pop ebx
0010:00000B9D 83 FB 80 cmp ebx,80
0010:00000BA0 0F 85 5A B4 00 00 jne 0000c000
0010:00000BA6 81 E3 FF 00 00 00 and ebx,000000ff
0010:00000BAC 81 FB 80 00 00 00 cmp ebx,00000080
0010:00000BB2 0F 85 48 B4 00 00 jne 0000c000
0010:00000BB8 66 0F BE DB movsx bx,bl
0010:00000BBC 81 FB 80 FF 00 00 cmp ebx,0000ff80
0010:00000BC2 0F 85 38 B4 00 00 jne 0000c000
0010:00000BC8 0F BF DB movsx ebx,bx
0010:00000BCB 83 FB 80 cmp ebx,80
0010:00000BCE 0F 85 2C B4 00 00 jne 0000c000
0010:00000BD4 66 0F B6 DB movzx bx,bl
0010:00000BD8 81 FB 80 00 FF FF cmp ebx,ffff0080
0010:00000BDE 0F 85 1C B4 00 00 jne 0000c000
0010:00000BE4 0F B6 DB movzx ebx,bl
0010:00000BE7 81 FB 80 00 00 00 cmp ebx,00000080
0010:00000BED 0F 85 0D B4 00 00 jne 0000c000
0010:00000BF3 F7 D3 not ebx
0010:00000BF5 81 FB 7F FF FF FF cmp ebx,ffffff7f
0010:00000BFB 0F 85 FF B3 00 00 jne 0000c000
0010:00000C01 66 0F BE DB movsx bx,bl
0010:00000C05 81 FB 7F 00 FF FF cmp ebx,ffff007f
0010:00000C0B 0F 85 EF B3 00 00 jne 0000c000
0010:00000C11 0F BE DB movsx ebx,bl
0010:00000C14 83 FB 7F cmp ebx,7f
0010:00000C17 0F 85 E3 B3 00 00 jne 0000c000
0010:00000C1D F7 D3 not ebx
0010:00000C1F 83 FB 80 cmp ebx,80
0010:00000C22 0F 85 D8 B3 00 00 jne 0000c000
0010:00000C28 0F B7 DB movzx ebx,bx
0010:00000C2B 81 FB 80 FF 00 00 cmp ebx,0000ff80
0010:00000C31 0F 85 C9 B3 00 00 jne 0000c000
0010:00000C37 66 0F B6 DB movzx bx,bl
0010:00000C3B 81 FB 80 00 00 00 cmp ebx,00000080
0010:00000C41 0F 85 B9 B3 00 00 jne 0000c000
0010:00000C47 66 0F BE DB movsx bx,bl
0010:00000C4B 66 F7 DB neg bx
0010:00000C4E 66 F7 DB neg bx
0010:00000C51 81 FB 80 FF 00 00 cmp ebx,0000ff80
0010:00000C57 0F 85 A3 B3 00 00 jne 0000c000
0010:00000C5D 0F BF DB movsx ebx,bx
0010:00000C60 F7 DB neg ebx
Show last 373 lines
0010:00000C62 F7 DB neg ebx
0010:00000C64 83 FB 80 cmp ebx,80
0010:00000C67 0F 85 93 B3 00 00 jne 0000c000
0010:00000C6D B0 0D mov al,0d
0010:00000C6F 66 BA 84 00 mov dx,0084
0010:00000C73 EE out dx,al
0010:00000C74 66 B8 01 00 mov ax,0001
0010:00000C78 66 BB 02 00 mov bx,0002
0010:00000C7C 66 B9 04 00 mov cx,0004
0010:00000C80 66 BA 08 00 mov dx,0008
0010:00000C84 66 BE 10 00 mov si,0010
0010:00000C88 66 BF 20 00 mov di,0020
0010:00000C8C 66 50 push ax
0010:00000C8E 66 67 8D 06 00 40 lea ax,word ds:[4000]
0010:00000C94 66 3D 00 40 cmp ax,4000
0010:00000C98 0F 85 62 B3 00 00 jne 0000c000
0010:00000C9E 66 58 pop ax
0010:00000CA0 66 50 push ax
0010:00000CA2 66 67 8D 07 lea ax,word ds:[bx]
0010:00000CA6 66 83 F8 02 cmp ax,0002
0010:00000CAA 0F 85 50 B3 00 00 jne 0000c000
0010:00000CB0 66 58 pop ax
0010:00000CB2 66 50 push ax
0010:00000CB4 66 67 8D 04 lea ax,word ds:[si]
0010:00000CB8 66 83 F8 10 cmp ax,0010
0010:00000CBC 0F 85 3E B3 00 00 jne 0000c000
0010:00000CC2 66 58 pop ax
0010:00000CC4 66 50 push ax
0010:00000CC6 66 67 8D 05 lea ax,word ds:[di]
0010:00000CCA 66 83 F8 20 cmp ax,0020
0010:00000CCE 0F 85 2C B3 00 00 jne 0000c000
0010:00000CD4 66 58 pop ax
0010:00000CD6 66 50 push ax
0010:00000CD8 66 67 8D 47 40 lea ax,word ds:[bx+40]
0010:00000CDD 66 83 F8 42 cmp ax,0042
0010:00000CE1 0F 85 19 B3 00 00 jne 0000c000
0010:00000CE7 66 58 pop ax
0010:00000CE9 66 50 push ax
0010:00000CEB 66 67 8D 44 40 lea ax,word ds:[si+40]
0010:00000CF0 66 83 F8 50 cmp ax,0050
0010:00000CF4 0F 85 06 B3 00 00 jne 0000c000
0010:00000CFA 66 58 pop ax
0010:00000CFC 66 50 push ax
0010:00000CFE 66 67 8D 45 40 lea ax,word ds:[di+40]
0010:00000D03 66 83 F8 60 cmp ax,0060
0010:00000D07 0F 85 F3 B2 00 00 jne 0000c000
0010:00000D0D 66 58 pop ax
0010:00000D0F 66 50 push ax
0010:00000D11 66 67 8D 87 00 40 lea ax,word ds:[bx+4000]
0010:00000D17 66 3D 02 40 cmp ax,4002
0010:00000D1B 0F 85 DF B2 00 00 jne 0000c000
0010:00000D21 66 58 pop ax
0010:00000D23 66 50 push ax
0010:00000D25 66 67 8D 84 00 40 lea ax,word ds:[si+4000]
0010:00000D2B 66 3D 10 40 cmp ax,4010
0010:00000D2F 0F 85 CB B2 00 00 jne 0000c000
0010:00000D35 66 58 pop ax
0010:00000D37 66 50 push ax
0010:00000D39 66 67 8D 00 lea ax,word ds:[bx+si]
0010:00000D3D 66 83 F8 12 cmp ax,0012
0010:00000D41 0F 85 B9 B2 00 00 jne 0000c000
0010:00000D47 66 58 pop ax
0010:00000D49 66 50 push ax
0010:00000D4B 66 67 8D 01 lea ax,word ds:[bx+di]
0010:00000D4F 66 83 F8 22 cmp ax,0022
0010:00000D53 0F 85 A7 B2 00 00 jne 0000c000
0010:00000D59 66 58 pop ax
0010:00000D5B 66 50 push ax
0010:00000D5D 66 67 8D 40 40 lea ax,word ds:[bx+si+40]
0010:00000D62 66 83 F8 52 cmp ax,0052
0010:00000D66 0F 85 94 B2 00 00 jne 0000c000
0010:00000D6C 66 58 pop ax
0010:00000D6E 66 50 push ax
0010:00000D70 66 67 8D 41 40 lea ax,word ds:[bx+di+40]
0010:00000D75 66 83 F8 62 cmp ax,0062
0010:00000D79 0F 85 81 B2 00 00 jne 0000c000
0010:00000D7F 66 58 pop ax
0010:00000D81 66 50 push ax
0010:00000D83 66 67 8D 80 00 40 lea ax,word ds:[bx+si+4000]
0010:00000D89 66 3D 12 40 cmp ax,4012
0010:00000D8D 0F 85 6D B2 00 00 jne 0000c000
0010:00000D93 66 58 pop ax
0010:00000D95 66 50 push ax
0010:00000D97 66 67 8D 81 00 40 lea ax,word ds:[bx+di+4000]
0010:00000D9D 66 3D 22 40 cmp ax,4022
0010:00000DA1 0F 85 59 B2 00 00 jne 0000c000
0010:00000DA7 66 58 pop ax
0010:00000DA9 B0 0E mov al,0e
0010:00000DAB 66 BA 84 00 mov dx,0084
0010:00000DAF EE out dx,al
0010:00000DB0 B8 01 00 00 00 mov eax,00000001
0010:00000DB5 BB 02 00 00 00 mov ebx,00000002
0010:00000DBA B9 04 00 00 00 mov ecx,00000004
0010:00000DBF BA 08 00 00 00 mov edx,00000008
0010:00000DC4 BE 10 00 00 00 mov esi,00000010
0010:00000DC9 BF 20 00 00 00 mov edi,00000020
0010:00000DCE 50 push eax
0010:00000DCF 8D 05 00 40 00 00 lea eax,dword ds:[00004000]
0010:00000DD5 3D 00 40 00 00 cmp eax,00004000
0010:00000DDA 0F 85 20 B2 00 00 jne 0000c000
0010:00000DE0 58 pop eax
0010:00000DE1 50 push eax
0010:00000DE2 8D 00 lea eax,dword ds:[eax]
0010:00000DE4 83 F8 01 cmp eax,01
0010:00000DE7 0F 85 13 B2 00 00 jne 0000c000
0010:00000DED 58 pop eax
0010:00000DEE 50 push eax
0010:00000DEF 8D 03 lea eax,dword ds:[ebx]
0010:00000DF1 83 F8 02 cmp eax,02
0010:00000DF4 0F 85 06 B2 00 00 jne 0000c000
0010:00000DFA 58 pop eax
0010:00000DFB 50 push eax
0010:00000DFC 8D 01 lea eax,dword ds:[ecx]
0010:00000DFE 83 F8 04 cmp eax,04
0010:00000E01 0F 85 F9 B1 00 00 jne 0000c000
0010:00000E07 58 pop eax
0010:00000E08 50 push eax
0010:00000E09 8D 02 lea eax,dword ds:[edx]
0010:00000E0B 83 F8 08 cmp eax,08
0010:00000E0E 0F 85 EC B1 00 00 jne 0000c000
0010:00000E14 58 pop eax
0010:00000E15 50 push eax
0010:00000E16 8D 06 lea eax,dword ds:[esi]
0010:00000E18 83 F8 10 cmp eax,10
0010:00000E1B 0F 85 DF B1 00 00 jne 0000c000
0010:00000E21 58 pop eax
0010:00000E22 50 push eax
0010:00000E23 8D 07 lea eax,dword ds:[edi]
0010:00000E25 83 F8 20 cmp eax,20
0010:00000E28 0F 85 D2 B1 00 00 jne 0000c000
0010:00000E2E 58 pop eax
0010:00000E2F 50 push eax
0010:00000E30 8D 40 40 lea eax,dword ds:[eax+40]
0010:00000E33 83 F8 41 cmp eax,41
0010:00000E36 0F 85 C4 B1 00 00 jne 0000c000
0010:00000E3C 58 pop eax
0010:00000E3D 50 push eax
0010:00000E3E 8D 43 40 lea eax,dword ds:[ebx+40]
0010:00000E41 83 F8 42 cmp eax,42
0010:00000E44 0F 85 B6 B1 00 00 jne 0000c000
0010:00000E4A 58 pop eax
0010:00000E4B 50 push eax
0010:00000E4C 8D 41 40 lea eax,dword ds:[ecx+40]
0010:00000E4F 83 F8 44 cmp eax,44
0010:00000E52 0F 85 A8 B1 00 00 jne 0000c000
0010:00000E58 58 pop eax
0010:00000E59 50 push eax
0010:00000E5A 8D 42 40 lea eax,dword ds:[edx+40]
0010:00000E5D 83 F8 48 cmp eax,48
0010:00000E60 0F 85 9A B1 00 00 jne 0000c000
0010:00000E66 58 pop eax
0010:00000E67 50 push eax
0010:00000E68 8D 46 40 lea eax,dword ds:[esi+40]
0010:00000E6B 83 F8 50 cmp eax,50
0010:00000E6E 0F 85 8C B1 00 00 jne 0000c000
0010:00000E74 58 pop eax
0010:00000E75 50 push eax
0010:00000E76 8D 47 40 lea eax,dword ds:[edi+40]
0010:00000E79 83 F8 60 cmp eax,60
0010:00000E7C 0F 85 7E B1 00 00 jne 0000c000
0010:00000E82 58 pop eax
0010:00000E83 50 push eax
0010:00000E84 8D 80 00 00 04 00 lea eax,dword ds:[eax+00040000]
0010:00000E8A 3D 01 00 04 00 cmp eax,00040001
0010:00000E8F 0F 85 6B B1 00 00 jne 0000c000
0010:00000E95 58 pop eax
0010:00000E96 50 push eax
0010:00000E97 8D 83 00 00 04 00 lea eax,dword ds:[ebx+00040000]
0010:00000E9D 3D 02 00 04 00 cmp eax,00040002
0010:00000EA2 0F 85 58 B1 00 00 jne 0000c000
0010:00000EA8 58 pop eax
0010:00000EA9 50 push eax
0010:00000EAA 8D 81 00 00 04 00 lea eax,dword ds:[ecx+00040000]
0010:00000EB0 3D 04 00 04 00 cmp eax,00040004
0010:00000EB5 0F 85 45 B1 00 00 jne 0000c000
0010:00000EBB 58 pop eax
0010:00000EBC 50 push eax
0010:00000EBD 8D 82 00 00 04 00 lea eax,dword ds:[edx+00040000]
0010:00000EC3 3D 08 00 04 00 cmp eax,00040008
0010:00000EC8 0F 85 32 B1 00 00 jne 0000c000
0010:00000ECE 58 pop eax
0010:00000ECF 50 push eax
0010:00000ED0 8D 86 00 00 04 00 lea eax,dword ds:[esi+00040000]
0010:00000ED6 3D 10 00 04 00 cmp eax,00040010
0010:00000EDB 0F 85 1F B1 00 00 jne 0000c000
0010:00000EE1 58 pop eax
0010:00000EE2 50 push eax
0010:00000EE3 8D 87 00 00 04 00 lea eax,dword ds:[edi+00040000]
0010:00000EE9 3D 20 00 04 00 cmp eax,00040020
0010:00000EEE 0F 85 0C B1 00 00 jne 0000c000
0010:00000EF4 58 pop eax
0010:00000EF5 50 push eax
0010:00000EF6 8D 04 08 lea eax,dword ds:[eax+ecx*1]
0010:00000EF9 83 F8 05 cmp eax,05
0010:00000EFC 0F 85 FE B0 00 00 jne 0000c000
0010:00000F02 58 pop eax
0010:00000F03 50 push eax
0010:00000F04 8D 04 13 lea eax,dword ds:[ebx+edx*1]
0010:00000F07 83 F8 0A cmp eax,0a
0010:00000F0A 0F 85 F0 B0 00 00 jne 0000c000
0010:00000F10 58 pop eax
0010:00000F11 50 push eax
0010:00000F12 8D 04 09 lea eax,dword ds:[ecx+ecx*1]
0010:00000F15 83 F8 08 cmp eax,08
0010:00000F18 0F 85 E2 B0 00 00 jne 0000c000
0010:00000F1E 58 pop eax
0010:00000F1F 50 push eax
0010:00000F20 8D 04 0A lea eax,dword ds:[edx+ecx*1]
0010:00000F23 83 F8 0C cmp eax,0c
0010:00000F26 0F 85 D4 B0 00 00 jne 0000c000
0010:00000F2C 58 pop eax
0010:00000F2D 50 push eax
0010:00000F2E 8D 04 0E lea eax,dword ds:[esi+ecx*1]
0010:00000F31 83 F8 14 cmp eax,14
0010:00000F34 0F 85 C6 B0 00 00 jne 0000c000
0010:00000F3A 58 pop eax
0010:00000F3B 50 push eax
0010:00000F3C 8D 04 0F lea eax,dword ds:[+00000000edi+ecx*1]
0010:00000F3F 83 F8 24 cmp eax,24
0010:00000F42 0F 85 B8 B0 00 00 jne 0000c000
0010:00000F48 58 pop eax
0010:00000F49 50 push eax
0010:00000F4A 8D 44 08 40 lea eax,dword ds:[eax+ecx*1+40]
0010:00000F4E 83 F8 45 cmp eax,45
0010:00000F51 0F 85 A9 B0 00 00 jne 0000c000
0010:00000F57 58 pop eax
0010:00000F58 50 push eax
0010:00000F59 8D 84 13 00 40 00 00 lea eax,dword ds:[ebx+edx*1+00004000]
0010:00000F60 3D 0A 40 00 00 cmp eax,0000400a
0010:00000F65 0F 85 95 B0 00 00 jne 0000c000
0010:00000F6B 58 pop eax
0010:00000F6C 50 push eax
0010:00000F6D 8D 04 49 lea eax,dword ds:[ecx+ecx*2]
0010:00000F70 83 F8 0C cmp eax,0c
0010:00000F73 0F 85 87 B0 00 00 jne 0000c000
0010:00000F79 58 pop eax
0010:00000F7A 50 push eax
0010:00000F7B 8D 04 8A lea eax,dword ds:[edx+ecx*4]
0010:00000F7E 83 F8 18 cmp eax,18
0010:00000F81 0F 85 79 B0 00 00 jne 0000c000
0010:00000F87 58 pop eax
0010:00000F88 50 push eax
0010:00000F89 8D 04 CE lea eax,dword ds:[esi+ecx*8]
0010:00000F8C 83 F8 30 cmp eax,30
0010:00000F8F 0F 85 6B B0 00 00 jne 0000c000
0010:00000F95 58 pop eax
0010:00000F96 50 push eax
0010:00000F97 8D 04 00 lea eax,dword ds:[eax+eax*1]
0010:00000F9A 83 F8 02 cmp eax,02
0010:00000F9D 0F 85 5D B0 00 00 jne 0000c000
0010:00000FA3 58 pop eax
0010:00000FA4 50 push eax
0010:00000FA5 8D 04 9D 00 00 00 00 lea eax,dword ds:[00000000+ebx*4]
0010:00000FAC 83 F8 08 cmp eax,08
0010:00000FAF 0F 85 4B B0 00 00 jne 0000c000
0010:00000FB5 58 pop eax
0010:00000FB6 50 push eax
0010:00000FB7 8D 04 CD 00 00 00 00 lea eax,dword ds:[00000000+ecx*8]
0010:00000FBE 83 F8 20 cmp eax,20
0010:00000FC1 0F 85 39 B0 00 00 jne 0000c000
0010:00000FC7 58 pop eax
0010:00000FC8 50 push eax
0010:00000FC9 8D 44 00 40 lea eax,dword ds:[eax+eax*1+40]
0010:00000FCD 83 F8 42 cmp eax,42
0010:00000FD0 0F 85 2A B0 00 00 jne 0000c000
0010:00000FD6 58 pop eax
0010:00000FD7 50 push eax
0010:00000FD8 8D 04 9D 40 00 00 00 lea eax,dword ds:[00000040+ebx*4]
0010:00000FDF 83 F8 48 cmp eax,48
0010:00000FE2 0F 85 18 B0 00 00 jne 0000c000
0010:00000FE8 58 pop eax
0010:00000FE9 50 push eax
0010:00000FEA 8D 04 CD 40 00 00 00 lea eax,dword ds:[00000040+ecx*8]
0010:00000FF1 83 F8 60 cmp eax,60
0010:00000FF4 0F 85 06 B0 00 00 jne 0000c000
0010:00000FFA 58 pop eax
0010:00000FFB 50 push eax
0010:00000FFC 8D 44 49 F6 lea eax,dword ds:[ecx+ecx*2-0a]
0010:00001000 83 F8 02 cmp eax,02
0010:00001003 0F 85 F7 AF 00 00 jne 0000c000
0010:00001009 58 pop eax
0010:0000100A 50 push eax
0010:0000100B 8D 44 8A F6 lea eax,dword ds:[edx+ecx*4-0a]
0010:0000100F 83 F8 0E cmp eax,0e
0010:00001012 0F 85 E8 AF 00 00 jne 0000c000
0010:00001018 58 pop eax
0010:00001019 50 push eax
0010:0000101A 8D 44 CE F6 lea eax,dword ds:[esi+ecx*8-0a]
0010:0000101E 83 F8 26 cmp eax,26
0010:00001021 0F 85 D9 AF 00 00 jne 0000c000
0010:00001027 58 pop eax
0010:00001028 50 push eax
0010:00001029 8D 84 49 00 00 04 00 lea eax,dword ds:[ecx+ecx*2+00040000]
0010:00001030 3D 0C 00 04 00 cmp eax,0004000c
0010:00001035 0F 85 C5 AF 00 00 jne 0000c000
0010:0000103B 58 pop eax
0010:0000103C 50 push eax
0010:0000103D 8D 84 8A 00 00 04 00 lea eax,dword ds:[edx+ecx*4+00040000]
0010:00001044 3D 18 00 04 00 cmp eax,00040018
0010:00001049 0F 85 B1 AF 00 00 jne 0000c000
0010:0000104F 58 pop eax
0010:00001050 50 push eax
0010:00001051 8D 84 CE 00 00 04 00 lea eax,dword ds:[esi+ecx*8+00040000]
0010:00001058 3D 30 00 04 00 cmp eax,00040030
0010:0000105D 0F 85 9D AF 00 00 jne 0000c000
0010:00001063 58 pop eax
0010:00001064 B0 0F mov al,0f
0010:00001066 66 BA 84 00 mov dx,0084
0010:0000106A EE out dx,al
0010:0000106B 66 B8 28 00 mov ax,0028
0010:0000106F 8E D0 mov ss,eax
0010:00001071 BB 44 33 22 11 mov ebx,11223344
0010:00001076 89 1D 00 00 04 00 mov dword ds:[00040000],ebx
0010:0000107C B9 00 00 04 00 mov ecx,00040000
0010:00001081 39 19 cmp dword ds:[ecx],ebx
0010:00001083 0F 85 77 AF 00 00 jne 0000c000
0010:00001089 83 C1 40 add ecx,40
0010:0000108C 39 59 C0 cmp dword ds:[ecx-40],ebx
0010:0000108F 0F 85 6B AF 00 00 jne 0000c000
0010:00001095 83 E9 40 sub ecx,40
0010:00001098 D1 E9 shr ecx,1
0010:0000109A 39 99 00 00 02 00 cmp dword ds:[ecx+00020000],ebx
0010:000010A0 0F 85 5A AF 00 00 jne 0000c000
0010:000010A6 39 1C 09 cmp dword ds:[ecx+ecx*1],ebx
0010:000010A9 0F 85 51 AF 00 00 jne 0000c000
0010:000010AF D1 E9 shr ecx,1
0010:000010B1 39 9C 49 00 00 01 00 cmp dword ds:[ecx+ecx*2+00010000],ebx
0010:000010B8 0F 85 42 AF 00 00 jne 0000c000
0010:000010BE 39 1C 8D 00 00 00 00 cmp dword ds:[00000000+ecx*4],ebx
0010:000010C5 0F 85 35 AF 00 00 jne 0000c000
0010:000010CB 89 CD mov ebp,ecx
0010:000010CD 39 9C 4D 00 00 01 00 cmp dword ss:[ebp+ecx*2+00010000],ebx
0010:000010D4 0F 84 26 AF 00 00 je 0000c000
0010:000010DA 5A pop edx
0010:000010DB 89 15 00 00 04 00 mov dword ds:[00040000],edx
0010:000010E1 B0 10 mov al,10
0010:000010E3 66 BA 84 00 mov dx,0084
0010:000010E7 EE out dx,al
0010:000010E8 60 pushad
0010:000010E9 9C pushfd
0010:000010EA B9 00 20 00 00 mov ecx,00002000
0010:000010EF BE 00 30 01 00 mov esi,00013000
0010:000010F4 BF 00 50 01 00 mov edi,00015000
0010:000010F9 89 CD mov ebp,ecx
0010:000010FB 89 CB mov ebx,ecx
0010:000010FD C1 E3 00 shl ebx,00
0010:00001100 B8 78 56 34 12 mov eax,12345678
0010:00001105 FC cld
0010:00001106 F3 AA rep stosb
0010:00001108 83 F9 00 cmp ecx,00
0010:0000110B 0F 85 EF AE 00 00 jne 0000c000
0010:00001111 29 DF sub edi,ebx
0010:00001113 66 8C C2 mov dx,es
0010:00001116 66 8C D9 mov cx,ds
0010:00001119 66 87 D1 xchg dx,cx
0010:0000111C 8E C2 mov es,edx
0010:0000111E 8E D9 mov ds,ecx
0010:00001120 87 FE xchg edi,esi
0010:00001122 89 E9 mov ecx,ebp
00:02:32:01.04816: #GP fault(00000000)!
0010:00001124 F3 AA rep stosb
0010:0000C000 FA cli
0010:0000C001 F4 hlt
0010:0000C002 F4 <hlt>
0010:0000C002 F4 <hlt>
0010:0000C002 F4 <hlt>
0010:0000C002 F4 <hlt>
0010:0000C002 F4 <hlt>
0010:0000C002 F4 <hlt>
0010:0000C002 F4 <hlt>
0010:0000C002 F4 <hlt>
0010:0000C002 F4 <hlt>
0010:0000C002 F4 <hlt>

Although the REP STOSB faults for some unknown reason(?), it does show many of the addressing modes and how UniPCemu's debugger text is now generated.

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 36 of 90, by vladstamate

User metadata
Rank Oldbie
Rank
Oldbie

Excellent, that looks really good! I am getting close to that as well. I still have to put the rep/repz/repnz in the same instruction as stos/etc. Same goes for operand and address size prefix, as those are also separate instructions as far as CAPE is concerned.

YouTube channel: https://www.youtube.com/channel/UC7HbC_nq8t1S9l7qGYL0mTA
Collection: http://www.digiloguemuseum.com/index.html
Emulator: https://sites.google.com/site/capex86/
Raytracer: https://sites.google.com/site/opaqueraytracer/

Reply 37 of 90, by superfury

User metadata
Rank l33t++
Rank
l33t++

Prefixes cannot be seperate instructions? If they are and an interrupt happens between them, the already loaded prefixes will be lost(due to invalid (E)IP return point)?

Edit: I'm also wondering: should we implement a simple Dosbox-style execution logic(which updates hardware at instruction level(constant rate) instead of cycle level). That way, it ensures stuff like cycle timing of a CPU won't interfere with the log results when comparing?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 38 of 90, by vladstamate

User metadata
Rank Oldbie
Rank
Oldbie
superfury wrote:

Prefixes cannot be seperate instructions? If they are and an interrupt happens between them, the already loaded prefixes will be lost(due to invalid (E)IP return point)?

For me in CAPE they are separate instructions. They are decoded and executed separately from the main instruction. However I do not allow interrupts to go in between a prefix and an instruction. I do not know what a real HW does.

However for logging point of view we want to merge them in the following instruction. Like this:

F000:00000405 F3 66 AB rep stosd 

YouTube channel: https://www.youtube.com/channel/UC7HbC_nq8t1S9l7qGYL0mTA
Collection: http://www.digiloguemuseum.com/index.html
Emulator: https://sites.google.com/site/capex86/
Raytracer: https://sites.google.com/site/opaqueraytracer/

Reply 39 of 90, by superfury

User metadata
Rank l33t++
Rank
l33t++

I'll have to make a little full log on this one, since I can't see if the registers are being loaded/moved correctly in this case(maybe wrong pointers or exchange etc. is occurring,
which doesn't show up in the common log format(yet)).

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io