Disassemble x86 opcode 0xc7. This was our most popular unknown opcode by far. Example (now): 0x0007: move-exception v0 0x60f51fe8: 648B0578000000 mov eax, fs:[0x78] 0x60f51fef: 64C7057800000000000000 mov fs:[0x78], 0 Change-Id: I39d8dde72503a4c418b2d4f5cb7e238ae576d74c

commit: 0589ca9245849df238812444952c674e01361f2a [log] [tgz]
author: Elliott Hughes <enh@google.com> Mon Apr 09 18:26:20 2012 -0700
committer: Elliott Hughes <enh@google.com> Mon Apr 09 18:26:20 2012 -0700
tree: 6c1abb39d336da73c49267b8ba231e2542356ec3
parent: 28fa76d17d741238da86dbdb47f721ae97c9eac8 [diff] [blame]
diff --git a/src/disassembler_x86.cc b/src/disassembler_x86.cc
index 48074b8..9fc6fbf 100644
--- a/src/disassembler_x86.cc
+++ b/src/disassembler_x86.cc

@@ -276,6 +276,14 @@
     byte_operand = *instr == 0xC0;
     break;
   case 0xC3: opcode << "ret"; break;
+  case 0xC7:
+    static const char* c7_opcodes[] = {"mov", "unknown-c7", "unknown-c7", "unknown-c7", "unknown-c7", "unknown-c7", "unknown-c7", "unknown-c7"};
+    modrm_opcodes = c7_opcodes;
+    store = true;
+    immediate_bytes = 4;
+    has_modrm = true;
+    reg_is_opcode = true;
+    break;
   case 0xCC: opcode << "int 3"; break;
   case 0xE8: opcode << "call"; branch_bytes = 4; break;
   case 0xE9: opcode << "jmp"; branch_bytes = 4; break;
commit	0589ca9245849df238812444952c674e01361f2a	[log] [tgz]
author	Elliott Hughes <enh@google.com>	Mon Apr 09 18:26:20 2012 -0700
committer	Elliott Hughes <enh@google.com>	Mon Apr 09 18:26:20 2012 -0700
tree	6c1abb39d336da73c49267b8ba231e2542356ec3
parent	28fa76d17d741238da86dbdb47f721ae97c9eac8 [diff] [blame]