Disassemble x86 opcode 0xc7.
This was our most popular unknown opcode by far. Example (now):
0x0007: move-exception v0
0x60f51fe8: 648B0578000000 mov eax, fs:[0x78]
0x60f51fef: 64C7057800000000000000 mov fs:[0x78], 0
Change-Id: I39d8dde72503a4c418b2d4f5cb7e238ae576d74c
diff --git a/src/disassembler_x86.cc b/src/disassembler_x86.cc
index 48074b8..9fc6fbf 100644
--- a/src/disassembler_x86.cc
+++ b/src/disassembler_x86.cc
@@ -276,6 +276,14 @@
byte_operand = *instr == 0xC0;
break;
case 0xC3: opcode << "ret"; break;
+ case 0xC7:
+ static const char* c7_opcodes[] = {"mov", "unknown-c7", "unknown-c7", "unknown-c7", "unknown-c7", "unknown-c7", "unknown-c7", "unknown-c7"};
+ modrm_opcodes = c7_opcodes;
+ store = true;
+ immediate_bytes = 4;
+ has_modrm = true;
+ reg_is_opcode = true;
+ break;
case 0xCC: opcode << "int 3"; break;
case 0xE8: opcode << "call"; branch_bytes = 4; break;
case 0xE9: opcode << "jmp"; branch_bytes = 4; break;