[panda-users] Access to registers

aicardi@eurecom.fr aicardi at eurecom.fr
Wed Apr 25 09:37:38 EDT 2018 

Hey there,

I think that the problem is that you are using the wrong offset to  
access AH and AL. R_AH is defined in target/i386/cpu.h as '#define  
R_AH 4', which is not the correct offset of register EAX (again  
defined in the same file as '#define R_EAX 0'. You should use the  
offset R_EAX to access the right register value, then you may want to  
mask and shift it in order to get to the right 8bit register (either  
AH or AL):

   printf("value of ah: " TARGET_FMT_lx "\n", (cpu->regs[R_EAX] & 0xff) );

Furthermore, have a look at 'struct CPUState' defined in  
./include/qom/cpu.h. One of its fields is 'env_ptr', which is a  
pointer to a 'struct CPUArchState'.
To get the correct value of AH and AL, try to access the 'regs' field  
in this way:

...
bool insn_translate(CPUState *env, target_ulong pc){
   ..
   #ifdef TARGET_I386
     CPUX86State *cpu = (CPUX86State *) env->env_ptr;
     printf("value of ah: " TARGET_FMT_lx "\n", (cpu->regs[R_EAX] & 0xff) );
   ..
   #endif
}
...

Cheers!

- samaicardi



Quoting alessandro mantovani <alk13 at hotmail.it>:

> Hi all,
>
>
> I'm writing a plugin which needs to read values contained in   
> registers of an x86 architecture. In particular I need to access to   
> 'AH' and 'AL' registers from a "translate_insn" callback correcly   
> registered. If I access the registers through:
>
>
> #ifdef TARGET_I386
> CPUArchState * cpu = (CPUArchState*) env;
> target_ulong reg_ah = cpu->regs[R_AH];
> target_ulong reg_al = cpu->regs[R_AL];
> ....
> #endif
>
> The problem is that if I print variables "reg_ah" and "reg_al" I   
> always collect the same value for 'AH' and the same value for 'AL'.   
> It is like if the plugin doesn't flush. So if the first read value   
> is '0xabcd' for 'AH' all the following callbacks will print that   
> register 'AH' contains '0xabcd'.
> In addition to this, it is strange (in my opinion) that if I do:
>
> printf("value of ah: " TARGET_FMT_lx "\n", cpu->regs[R_AH]);
>
> It prints a value which is bigger than an 8-bit number. Registers   
> 'AH' and 'AL' have both size 8 bit , so I would expect that I can   
> get 0xff at maximum. Maybe I must enable something to correctly   
> access to registers?
>
> Thanks,
>
> elmanto
>
>
>
>



-------------------------------------------------------------------------------
This message was sent using EURECOM Webmail: http://webmail.eurecom.fr

More information about the panda-users mailing list