<div dir="ltr"><div>I don&#39;t believe R_AH is directly accessible through cpu-&gt;regs. cpu-&gt;regs contains the full length registers. <div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration-style:initial;text-decoration-color:initial">By checking the definitions in target/i386/cpu.h, cpu-&gt;regs[R_AH] will return the value of the ESP register.</div></div><div><br></div><font face="monospace, monospace">#define R_ESP 4<br></font><div><font face="monospace, monospace">...</font></div><div><font face="monospace, monospace">#define R_AH 4<br></font></div><div><br></div><div>To get the value of R_AH, you should probably use <span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">cpu-&gt;regs[R_EAX] and extract the appropriate bits from it.</span></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><br></span></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">M.</span></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><br></span></div></div><div class="gmail_extra"><br><div class="gmail_quote">2018-04-25 14:37 GMT+02:00 alessandro mantovani <span dir="ltr">&lt;<a href="mailto:alk13@hotmail.it" target="_blank">alk13@hotmail.it</a>&gt;</span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">




<div dir="ltr">
<div id="m_-4476071443177370796divtagdefaultwrapper" style="font-size:12pt;color:#000000;font-family:Calibri,Helvetica,sans-serif" dir="ltr">
<p style="margin-top:0;margin-bottom:0">Hi all,</p>
<p style="margin-top:0;margin-bottom:0"><br>
</p>
<p style="margin-top:0;margin-bottom:0">I&#39;m writing a plugin which needs to read values contained in registers of an x86 architecture. In particular I need to access to &#39;AH&#39; and &#39;AL&#39; registers from a &quot;translate_insn&quot; callback correcly registered. If I access
 the registers through:</p>
<p style="margin-top:0;margin-bottom:0"><br>
</p>
<p style="margin-top:0;margin-bottom:0"></p>
<div>#ifdef TARGET_I386<br>
CPUArchState * cpu = (CPUArchState*) env;<br>
target_ulong reg_ah = cpu-&gt;regs[R_AH];<br>
target_ulong reg_al = cpu-&gt;regs[R_AL];<br>
....<br>
#endif<br>
<br>
The problem is that if I print variables &quot;reg_ah&quot; and &quot;reg_al&quot; I always collect the same value for &#39;AH&#39; and the same value for &#39;AL&#39;. It is like if the plugin doesn&#39;t flush. So if the first read value is &#39;0xabcd&#39; for &#39;AH&#39; all the following callbacks will print
 that register &#39;AH&#39; contains &#39;0xabcd&#39;. <br>
In addition to this, it is strange (in my opinion) that if I do: <br>
<br>
printf(&quot;value of ah: &quot; TARGET_FMT_lx &quot;\n&quot;, cpu-&gt;regs[R_AH]);<br>
<br>
It prints a value which is bigger than an 8-bit number. Registers &#39;AH&#39; and &#39;AL&#39; have both size 8 bit , so I would expect that I can get 0xff at maximum. Maybe I must enable something to correctly access to registers?<br>
<br>
Thanks,<br>
<br>
elmanto<br>
<br>
</div>
<br>
<p></p>
<p style="margin-top:0;margin-bottom:0"><br>
</p>
</div>
</div>

<br>______________________________<wbr>_________________<br>
panda-users mailing list<br>
<a href="mailto:panda-users@mit.edu">panda-users@mit.edu</a><br>
<a href="http://mailman.mit.edu/mailman/listinfo/panda-users" rel="noreferrer" target="_blank">http://mailman.mit.edu/<wbr>mailman/listinfo/panda-users</a><br>
<br></blockquote></div><br></div>