Multiple improvements

- New shemu flag - SHEMU_FLAG_SIDT, set when sheu encounters a SIDT in ring0.
- Added the CET Tracked flag to SYSCLAL, SYSENTER and INT n instructions.
- Fixed Do Not Track prefix recognition for CALL and JMP in long-mode.
- Fixed MONITOR and MONITORX implicit operands - the rAX register encodes a virtual address that will be used as the monitored range. That address is subject to a 1 byte load.
- Fixed RMPADJUST and RMPUPDATE implicit operands - the rAX register encodes a virtual address, and the rCX register encodes a virtual address of the RMP updated entry.

bddisasm/bddisasm.c

@@ -215,6 +215,8 @@ static const uint16_t gOperandMap[] =
     ND_OPE_S,       // ND_OPT_SSE_XMM6
     ND_OPE_S,       // ND_OPT_SSE_XMM7
 
+    ND_OPE_S,       // ND_OPT_MEM_rAX (as used by MONITOR, MONITORX and RMPADJUST)
+    ND_OPE_S,       // ND_OPT_MEM_rCX (as used by RMPUPDATE)
     ND_OPE_S,       // ND_OPT_MEM_rBX_AL (as used by XLAT)
     ND_OPE_S,       // ND_OPT_MEM_rDI (as used by masked moves)
     ND_OPE_S,       // ND_OPT_MEM_SHS
@@ -733,10 +735,26 @@ NdFetchPrefixes(
             case ND_PREFIX_G2_SEG_GS:
                 if (ND_CODE_64 == Instrux->DefCode)
                 {
-                    // Do not overwrite FS/GS with ES/CS/DS/SS in 64 bit mode. In 64 bit mode, only FS/GS overrides
-                    // are considered.
-                    if (prefix == ND_PREFIX_G2_SEG_FS || prefix == ND_PREFIX_G2_SEG_GS)
+                    if (prefix == ND_PREFIX_G2_SEG_FS || 
+                        prefix == ND_PREFIX_G2_SEG_GS)
                     {
+                        // The last FS/GS is always used, if present.
+                        Instrux->Seg = prefix;
+                        Instrux->HasSeg = true;
+                    }
+                    else if (prefix == ND_PREFIX_G2_NO_TRACK && 
+                        Instrux->Seg != ND_PREFIX_G2_SEG_FS &&
+                        Instrux->Seg != ND_PREFIX_G2_SEG_GS)
+                    {
+                        // The Do Not Track prefix is considered only if there isn't a FS/GS prefix.
+                        Instrux->Seg = prefix;
+                        Instrux->HasSeg = true;
+                    }
+                    else if (Instrux->Seg != ND_PREFIX_G2_SEG_FS && 
+                        Instrux->Seg != ND_PREFIX_G2_SEG_GS &&
+                        Instrux->Seg != ND_PREFIX_G2_NO_TRACK)
+                    {
+                        // All other prefixes are considered if Do Not Track, FS, GS are not present.
                         Instrux->Seg = prefix;
                         Instrux->HasSeg = true;
                     }
@@ -746,11 +764,6 @@ NdFetchPrefixes(
                     Instrux->Seg = prefix;
                     Instrux->HasSeg = true;
                 }
-                if (prefix == ND_PREFIX_G2_BR_TAKEN || prefix == ND_PREFIX_G2_BR_NOT_TAKEN)
-                {
-                    Instrux->Bhint = prefix;
-                    Instrux->HasSeg = true;
-                }
                 morePrefixes = true;
                 break;
             case ND_PREFIX_G3_OPERAND_SIZE:
@@ -2909,6 +2922,28 @@ memory:
         operand->Info.Memory.Seg = NdGetSegOverride(Instrux, NDR_DS);
         break;
 
+    case ND_OPT_MEM_rAX:
+        // [rAX], used implicitly by MONITOR, MONITORX and RMPADJUST instructions.
+        Instrux->MemoryAccess |= operand->Access.Access;
+        operand->Type = ND_OP_MEM;
+        operand->Info.Memory.HasBase = true;
+        operand->Info.Memory.BaseSize = 2 << Instrux->AddrMode;
+        operand->Info.Memory.Base = NDR_RAX;            // Always rAX.
+        operand->Info.Memory.HasSeg = true;
+        operand->Info.Memory.Seg = NdGetSegOverride(Instrux, NDR_DS);
+        break;
+
+    case ND_OPT_MEM_rCX:
+        // [rCX], used implicitly by RMPUPDATE.
+        Instrux->MemoryAccess |= operand->Access.Access;
+        operand->Type = ND_OP_MEM;
+        operand->Info.Memory.HasBase = true;
+        operand->Info.Memory.BaseSize = 2 << Instrux->AddrMode;
+        operand->Info.Memory.Base = NDR_RCX;            // Always rCX.
+        operand->Info.Memory.HasSeg = true;
+        operand->Info.Memory.Seg = NdGetSegOverride(Instrux, NDR_DS);
+        break;
+
     case ND_OPT_MEM_SHS:
         // Shadow stack access using the current SSP.
         Instrux->MemoryAccess |= operand->Access.Access;
@@ -4231,10 +4266,9 @@ NdDecodeWithContext(
     Instrux->IsRepeated = ((Instrux->Rep != 0) && (ND_REP_SUPPORT(Instrux) || ND_REPC_SUPPORT(Instrux)));
 
     // Check if the instruction is CET tracked. The do not track prefix (0x3E) works only for indirect near JMP and CALL
-    // via register. It is always enabled for indirect far JMP and CALL or near indirect JMP and CALL via memoery.
+    // instructions. It is always enabled for far JMP and CALL instructions.
     Instrux->IsCetTracked = ND_HAS_CETT(Instrux) && ((!ND_DNT_SUPPORT(Instrux)) ||
-                                                     (Instrux->Seg != ND_PREFIX_G2_NO_TRACK) ||
-                                                     (Instrux->HasModRm && (Instrux->ModRm.mod != 3)));
+                                                     (Instrux->Seg != ND_PREFIX_G2_NO_TRACK));
 
     // Do instruction validations. These checks are made in order to filter out encodings that would normally
     // be invalid and would generate #UD.
@@ -4391,7 +4425,7 @@ NdToText(
 
     if (Instrux->HasSeg && ND_BHINT_SUPPORT(Instrux))
     {
-       switch (Instrux->Bhint)
+       switch (Instrux->Seg)
        {
        case ND_PREFIX_G2_BR_TAKEN:
             res = nd_strcat_s(Buffer, BufferSize, "BHT ");

bddisasm/include/instructions.h

@@ -7316,7 +7316,7 @@ const ND_INSTRUCTION gInstructions[2701] =
         ND_INS_INT, ND_CAT_INTERRUPT, ND_SET_I86, 291, 
         0, 
         ND_MOD_R0|ND_MOD_R1|ND_MOD_R2|ND_MOD_R3|ND_MOD_REAL|ND_MOD_V8086|ND_MOD_PROT|ND_MOD_COMPAT|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF, 
-        0, ND_OPS_CNT(1, 5), 0, 0, 0, 0, 0, 0, 0, 0, 
+        0, ND_OPS_CNT(1, 5), 0, 0, 0, 0, 0, 0, ND_FLAG_CETT, 0, 
         0|NDR_RFLAG_VM,
         0|NDR_RFLAG_VM|NDR_RFLAG_IF|NDR_RFLAG_NT|NDR_RFLAG_AC|NDR_RFLAG_RF|NDR_RFLAG_TF,
         0,
@@ -7354,7 +7354,7 @@ const ND_INSTRUCTION gInstructions[2701] =
         ND_INS_INT3, ND_CAT_INTERRUPT, ND_SET_I86, 293, 
         0, 
         ND_MOD_R0|ND_MOD_R1|ND_MOD_R2|ND_MOD_R3|ND_MOD_REAL|ND_MOD_V8086|ND_MOD_PROT|ND_MOD_COMPAT|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF, 
-        0, ND_OPS_CNT(0, 5), 0, 0, 0, 0, 0, 0, 0, 0, 
+        0, ND_OPS_CNT(0, 5), 0, 0, 0, 0, 0, 0, ND_FLAG_CETT, 0, 
         0|NDR_RFLAG_VM,
         0|NDR_RFLAG_VM|NDR_RFLAG_IF|NDR_RFLAG_NT|NDR_RFLAG_AC|NDR_RFLAG_RF|NDR_RFLAG_TF,
         0,
@@ -7373,7 +7373,7 @@ const ND_INSTRUCTION gInstructions[2701] =
         ND_INS_INTO, ND_CAT_INTERRUPT, ND_SET_I86, 294, 
         0, 
         ND_MOD_R0|ND_MOD_R1|ND_MOD_R2|ND_MOD_R3|ND_MOD_REAL|ND_MOD_V8086|ND_MOD_PROT|ND_MOD_COMPAT|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF, 
-        0, ND_OPS_CNT(0, 5), 0, 0, 0, 0, 0, 0, ND_FLAG_I64, 0, 
+        0, ND_OPS_CNT(0, 5), 0, 0, 0, 0, 0, 0, ND_FLAG_CETT|ND_FLAG_I64, 0, 
         0|NDR_RFLAG_VM,
         0|NDR_RFLAG_VM|NDR_RFLAG_IF|NDR_RFLAG_NT|NDR_RFLAG_AC|NDR_RFLAG_RF|NDR_RFLAG_TF,
         0,
@@ -10276,7 +10276,7 @@ const ND_INSTRUCTION gInstructions[2701] =
         0,
         0,
         {
-            OP(ND_OPT_GPR_rAX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_R, 0, 0), 
+            OP(ND_OPT_MEM_rAX, ND_OPS_b, ND_OPF_DEFAULT, ND_OPA_R, 0, 0), 
             OP(ND_OPT_GPR_rCX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_R, 0, 0), 
             OP(ND_OPT_GPR_rDX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_R, 0, 0), 
         },
@@ -10293,7 +10293,7 @@ const ND_INSTRUCTION gInstructions[2701] =
         0,
         0,
         {
-            OP(ND_OPT_GPR_rAX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_R, 0, 0), 
+            OP(ND_OPT_MEM_rAX, ND_OPS_b, ND_OPF_DEFAULT, ND_OPA_R, 0, 0), 
             OP(ND_OPT_GPR_rCX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_R, 0, 0), 
             OP(ND_OPT_GPR_rDX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_R, 0, 0), 
         },
@@ -19031,13 +19031,14 @@ const ND_INSTRUCTION gInstructions[2701] =
         ND_INS_RMPADJUST, ND_CAT_SYSTEM, ND_SET_SNP, 684, 
         0, 
         ND_MOD_R0|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF, 
-        0, ND_OPS_CNT(0, 4), 0, 0, 0, 0, 0, 0, ND_FLAG_MODRM|ND_FLAG_O64, ND_CFF_SNP, 
+        0, ND_OPS_CNT(0, 5), 0, 0, 0, 0, 0, 0, ND_FLAG_I67|ND_FLAG_MODRM|ND_FLAG_O64, ND_CFF_SNP, 
         0,
         0|NDR_RFLAG_OF|NDR_RFLAG_ZF|NDR_RFLAG_AF|NDR_RFLAG_PF|NDR_RFLAG_SF,
         0,
         0,
         {
-            OP(ND_OPT_GPR_rAX, ND_OPS_q, ND_OPF_DEFAULT, ND_OPA_RW, 0, 0), 
+            OP(ND_OPT_MEM_rAX, ND_OPS_b, ND_OPF_DEFAULT, ND_OPA_R, 0, 0), 
+            OP(ND_OPT_GPR_rAX, ND_OPS_d, ND_OPF_DEFAULT, ND_OPA_RW, 0, 0), 
             OP(ND_OPT_GPR_rCX, ND_OPS_q, ND_OPF_DEFAULT, ND_OPA_R, 0, 0), 
             OP(ND_OPT_GPR_rDX, ND_OPS_q, ND_OPF_DEFAULT, ND_OPA_R, 0, 0), 
             OP(ND_OPT_F, ND_OPS_v, ND_OPF_DEFAULT, ND_OPA_W, 0, 0), 
@@ -19049,14 +19050,14 @@ const ND_INSTRUCTION gInstructions[2701] =
         ND_INS_RMPUPDATE, ND_CAT_SYSTEM, ND_SET_SNP, 685, 
         0, 
         ND_MOD_R0|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF, 
-        0, ND_OPS_CNT(0, 3), 0, 0, 0, 0, 0, 0, ND_FLAG_MODRM|ND_FLAG_O64, ND_CFF_SNP, 
+        0, ND_OPS_CNT(0, 3), 0, 0, 0, 0, 0, 0, ND_FLAG_I67|ND_FLAG_MODRM|ND_FLAG_O64, ND_CFF_SNP, 
         0,
         0|NDR_RFLAG_OF|NDR_RFLAG_ZF|NDR_RFLAG_AF|NDR_RFLAG_PF|NDR_RFLAG_SF,
         0,
         0,
         {
             OP(ND_OPT_GPR_rAX, ND_OPS_q, ND_OPF_DEFAULT, ND_OPA_RW, 0, 0), 
-            OP(ND_OPT_GPR_rCX, ND_OPS_q, ND_OPF_DEFAULT, ND_OPA_R, 0, 0), 
+            OP(ND_OPT_MEM_rCX, ND_OPS_dq, ND_OPF_DEFAULT, ND_OPA_R, 0, 0), 
             OP(ND_OPT_F, ND_OPS_v, ND_OPF_DEFAULT, ND_OPA_W, 0, 0), 
         },
     }, 
@@ -21694,7 +21695,7 @@ const ND_INSTRUCTION gInstructions[2701] =
         ND_INS_SYSCALL, ND_CAT_SYSCALL, ND_SET_AMD, 783, 
         0, 
         ND_MOD_R0|ND_MOD_R1|ND_MOD_R2|ND_MOD_R3|ND_MOD_REAL|ND_MOD_V8086|ND_MOD_PROT|ND_MOD_COMPAT|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF, 
-        0, ND_OPS_CNT(0, 10), 0, 0, 0, 0, 0, 0, ND_FLAG_F64, ND_CFF_FSC, 
+        0, ND_OPS_CNT(0, 10), 0, 0, 0, 0, 0, 0, ND_FLAG_F64|ND_FLAG_CETT, ND_CFF_FSC, 
         0,
         0,
         0,
@@ -21718,7 +21719,7 @@ const ND_INSTRUCTION gInstructions[2701] =
         ND_INS_SYSENTER, ND_CAT_SYSCALL, ND_SET_PPRO, 784, 
         0, 
         ND_MOD_R0|ND_MOD_R1|ND_MOD_R2|ND_MOD_R3|ND_MOD_PROT|ND_MOD_COMPAT|ND_MOD_LONG|ND_MOD_VMXR|ND_MOD_VMXN|ND_MOD_VMXR_SEAM|ND_MOD_VMXN_SEAM|ND_MOD_VMX_OFF|ND_MOD_SMM|ND_MOD_SMM_OFF|ND_MOD_SGX_OFF|ND_MOD_TSX|ND_MOD_TSX_OFF, 
-        0, ND_OPS_CNT(0, 9), 0, 0, 0, 0, 0, 0, 0, ND_CFF_SEP, 
+        0, ND_OPS_CNT(0, 9), 0, 0, 0, 0, 0, 0, ND_FLAG_CETT, ND_CFF_SEP, 
         0,
         0,
         0,

bddisasm/include/tabledefs.h

@@ -441,6 +441,8 @@ typedef enum _ND_OPERAND_TYPE_SPEC
     ND_OPT_SSE_XMM7,
 
     // Implicit memory operands.
+    ND_OPT_MEM_rAX,
+    ND_OPT_MEM_rCX,
     ND_OPT_MEM_rBX_AL,
     ND_OPT_MEM_rDI,
     ND_OPT_MEM_SHS,

bddisasm_test/basic/basic2_64.result

@@ -66,7 +66,8 @@
                 REP: no, REPcc: no, LOCK: no
                 HLE: no, XACQUIRE only: no, XRELEASE only: no
                 BND: no, BHINT: no, DNT: no
-        Operand: 0, Acc:  R-,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:  General Purpose, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 0, Acc:  R-,  Type:     Memory, Size:  1, RawSize:  1, Encoding: S, 
+                Segment: 3, Base: 0, 
         Operand: 1, Acc:  R-,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:  General Purpose, RegSize:  4, RegId: 1, RegCount: 1
         Operand: 2, Acc:  R-,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:  General Purpose, RegSize:  4, RegId: 2, RegCount: 1
 

bddisasm_test/basic/branch_16.result

@@ -580,7 +580,7 @@
 
 0000000000000066 cd21                            INT       0x21
         DSIZE: 16, ASIZE: 16, VLEN: -
-        ISA Set: I86, Ins cat: INTERRUPT, CET tracked: no
+        ISA Set: I86, Ins cat: INTERRUPT, CET tracked: yes
         FLAGS access
                 TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m, 
         Valid modes
@@ -603,7 +603,7 @@
 
 0000000000000068 cc                              INT3
         DSIZE: 16, ASIZE: 16, VLEN: -
-        ISA Set: I86, Ins cat: INTERRUPT, CET tracked: no
+        ISA Set: I86, Ins cat: INTERRUPT, CET tracked: yes
         FLAGS access
                 TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m, 
         Valid modes

bddisasm_test/basic/branch_32.result

@@ -580,7 +580,7 @@
 
 0000000000000064 cd21                            INT       0x21
         DSIZE: 32, ASIZE: 32, VLEN: -
-        ISA Set: I86, Ins cat: INTERRUPT, CET tracked: no
+        ISA Set: I86, Ins cat: INTERRUPT, CET tracked: yes
         FLAGS access
                 TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m, 
         Valid modes
@@ -603,7 +603,7 @@
 
 0000000000000066 cc                              INT3
         DSIZE: 32, ASIZE: 32, VLEN: -
-        ISA Set: I86, Ins cat: INTERRUPT, CET tracked: no
+        ISA Set: I86, Ins cat: INTERRUPT, CET tracked: yes
         FLAGS access
                 TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m, 
         Valid modes
@@ -786,7 +786,7 @@
 
 0000000000000074 0f34                            SYSENTER
         DSIZE: 32, ASIZE: 32, VLEN: -
-        ISA Set: PPRO, Ins cat: SYSCALL, CET tracked: no
+        ISA Set: PPRO, Ins cat: SYSCALL, CET tracked: yes
         CPUID leaf: 0x00000001, reg: edx, bit: 11
         FLAGS access
                 IF: 0, 

bddisasm_test/basic/branch_64.result

@@ -360,7 +360,7 @@
 
 0000000000000032 cd21                            INT       0x21
         DSIZE: 32, ASIZE: 64, VLEN: -
-        ISA Set: I86, Ins cat: INTERRUPT, CET tracked: no
+        ISA Set: I86, Ins cat: INTERRUPT, CET tracked: yes
         FLAGS access
                 TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m, 
         Valid modes
@@ -383,7 +383,7 @@
 
 0000000000000034 cc                              INT3
         DSIZE: 32, ASIZE: 64, VLEN: -
-        ISA Set: I86, Ins cat: INTERRUPT, CET tracked: no
+        ISA Set: I86, Ins cat: INTERRUPT, CET tracked: yes
         FLAGS access
                 TF: m, IF: m, NT: m, RF: m, VM: tm, AC: m, 
         Valid modes
@@ -566,7 +566,7 @@
 
 0000000000000042 0f05                            SYSCALL
         DSIZE: 64, ASIZE: 64, VLEN: -
-        ISA Set: AMD, Ins cat: SYSCALL, CET tracked: no
+        ISA Set: AMD, Ins cat: SYSCALL, CET tracked: yes
         CPUID leaf: 0x80000001, reg: ecx, bit: 11
         FLAGS access
                 Entire register

bddisasm_test/basic/snp_64.result

@@ -13,10 +13,12 @@
                 REP: no, REPcc: no, LOCK: no
                 HLE: no, XACQUIRE only: no, XRELEASE only: no
                 BND: no, BHINT: no, DNT: no
-        Operand: 0, Acc:  RW,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:  General Purpose, RegSize:  8, RegId: 0, RegCount: 1
-        Operand: 1, Acc:  R-,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:  General Purpose, RegSize:  8, RegId: 1, RegCount: 1
-        Operand: 2, Acc:  R-,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:  General Purpose, RegSize:  8, RegId: 2, RegCount: 1
-        Operand: 3, Acc:  -W,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:            Flags, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 0, Acc:  R-,  Type:     Memory, Size:  1, RawSize:  1, Encoding: S, 
+                Segment: 3, Base: 0, 
+        Operand: 1, Acc:  RW,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:  General Purpose, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  R-,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:  General Purpose, RegSize:  8, RegId: 1, RegCount: 1
+        Operand: 3, Acc:  R-,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:  General Purpose, RegSize:  8, RegId: 2, RegCount: 1
+        Operand: 4, Acc:  -W,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:            Flags, RegSize:  4, RegId: 0, RegCount: 1
 
 0000000000000004 f20f01fe                        RMPUPDATE
         DSIZE: 32, ASIZE: 64, VLEN: -
@@ -34,7 +36,8 @@
                 HLE: no, XACQUIRE only: no, XRELEASE only: no
                 BND: no, BHINT: no, DNT: no
         Operand: 0, Acc:  RW,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:  General Purpose, RegSize:  8, RegId: 0, RegCount: 1
-        Operand: 1, Acc:  R-,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:  General Purpose, RegSize:  8, RegId: 1, RegCount: 1
+        Operand: 1, Acc:  R-,  Type:     Memory, Size: 16, RawSize: 16, Encoding: S, 
+                Segment: 3, Base: 1, 
         Operand: 2, Acc:  -W,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:            Flags, RegSize:  4, RegId: 0, RegCount: 1
 
 0000000000000008 f30f01ff                        PSMASH

bddisasm_test/cet/dnt_32

@@ -0,0 +1 @@
+<EFBFBD><10>衐<EFBFBD>d<><64>><3E>><3E><>>.<2E>>.<2E><>.><3E>.><3E><>>d<>>d<>衐><3E>d><3E><>

bddisasm_test/cet/dnt_32.asm

@@ -0,0 +1,28 @@
+    bits 32
+    
+    call    dword [eax]
+    call    eax
+    db 0x64
+    call    dword [eax]
+    db 0x64
+    call    eax
+    db 0x3E
+    call    dword [eax]
+    db 0x3E
+    call    eax
+    db 0x3E, 0x2E
+    call    dword [eax]
+    db 0x3E, 0x2E
+    call    eax
+    db 0x2E, 0x3E
+    call    dword [eax]
+    db 0x2E, 0x3E
+    call    eax
+    db 0x3E, 0x64
+    call    dword [eax]
+    db 0x3E, 0x64
+    call    eax
+    db 0x64, 0x3E
+    call    dword [eax]
+    db 0x64, 0x3E
+    call    eax

bddisasm_test/cet/dnt_32.result

@@ -0,0 +1,273 @@
+0000000000000000 ff10                            CALL      dword ptr [eax]
+        DSIZE: 32, ASIZE: 32, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: yes
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:     Memory, Size:  4, RawSize:  4, Encoding: M, 
+                Segment: 3, Base: 0, 
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:               IP, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000002 ffd0                            CALL      eax
+        DSIZE: 32, ASIZE: 32, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: yes
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:   Register, Size:  4, RawSize:  4, Encoding: M, RegType:  General Purpose, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:               IP, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000004 64ff10                          CALL      dword ptr fs:[eax]
+        DSIZE: 32, ASIZE: 32, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: yes
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:     Memory, Size:  4, RawSize:  4, Encoding: M, 
+                Segment: 4, Base: 0, 
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:               IP, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000007 64ffd0                          CALL      eax
+        DSIZE: 32, ASIZE: 32, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: yes
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:   Register, Size:  4, RawSize:  4, Encoding: M, RegType:  General Purpose, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:               IP, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Shadow stack: 3, 
+                
+
+000000000000000A 3eff10                          DNT CALL  dword ptr ds:[eax]
+        DSIZE: 32, ASIZE: 32, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: no
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:     Memory, Size:  4, RawSize:  4, Encoding: M, 
+                Segment: 3, Base: 0, 
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:               IP, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Shadow stack: 3, 
+                
+
+000000000000000D 3effd0                          DNT CALL  eax
+        DSIZE: 32, ASIZE: 32, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: no
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:   Register, Size:  4, RawSize:  4, Encoding: M, RegType:  General Purpose, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:               IP, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000010 3e2eff10                        CALL      dword ptr cs:[eax]
+        DSIZE: 32, ASIZE: 32, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: yes
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:     Memory, Size:  4, RawSize:  4, Encoding: M, 
+                Segment: 1, Base: 0, 
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:               IP, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000014 3e2effd0                        CALL      eax
+        DSIZE: 32, ASIZE: 32, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: yes
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:   Register, Size:  4, RawSize:  4, Encoding: M, RegType:  General Purpose, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:               IP, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000018 2e3eff10                        DNT CALL  dword ptr ds:[eax]
+        DSIZE: 32, ASIZE: 32, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: no
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:     Memory, Size:  4, RawSize:  4, Encoding: M, 
+                Segment: 3, Base: 0, 
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:               IP, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Shadow stack: 3, 
+                
+
+000000000000001C 2e3effd0                        DNT CALL  eax
+        DSIZE: 32, ASIZE: 32, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: no
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:   Register, Size:  4, RawSize:  4, Encoding: M, RegType:  General Purpose, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:               IP, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000020 3e64ff10                        CALL      dword ptr fs:[eax]
+        DSIZE: 32, ASIZE: 32, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: yes
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:     Memory, Size:  4, RawSize:  4, Encoding: M, 
+                Segment: 4, Base: 0, 
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:               IP, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000024 3e64ffd0                        CALL      eax
+        DSIZE: 32, ASIZE: 32, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: yes
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:   Register, Size:  4, RawSize:  4, Encoding: M, RegType:  General Purpose, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:               IP, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000028 643eff10                        DNT CALL  dword ptr ds:[eax]
+        DSIZE: 32, ASIZE: 32, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: no
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:     Memory, Size:  4, RawSize:  4, Encoding: M, 
+                Segment: 3, Base: 0, 
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:               IP, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Shadow stack: 3, 
+                
+
+000000000000002C 643effd0                        DNT CALL  eax
+        DSIZE: 32, ASIZE: 32, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: no
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:   Register, Size:  4, RawSize:  4, Encoding: M, RegType:  General Purpose, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  4, RawSize:  4, Encoding: S, RegType:               IP, RegSize:  4, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  4, RawSize:  4, Encoding: S, Shadow stack: 3, 
+                
+

bddisasm_test/cet/dnt_64

@@ -0,0 +1 @@
+<EFBFBD><10>衐<EFBFBD>d<><64>><3E>><3E><>>.<2E>>.<2E><>.><3E>.><3E><>>d<>>d<>衐><3E>d><3E><>

bddisasm_test/cet/dnt_64.asm

@@ -0,0 +1,28 @@
+    bits 64
+    
+    call    qword [rax]
+    call    rax
+    db 0x64
+    call    qword [rax]
+    db 0x64
+    call    rax
+    db 0x3E
+    call    qword [rax]
+    db 0x3E
+    call    rax
+    db 0x3E, 0x2E
+    call    qword [rax]
+    db 0x3E, 0x2E
+    call    rax
+    db 0x2E, 0x3E
+    call    qword [rax]
+    db 0x2E, 0x3E
+    call    rax
+    db 0x3E, 0x64
+    call    qword [rax]
+    db 0x3E, 0x64
+    call    rax
+    db 0x64, 0x3E
+    call    qword [rax]
+    db 0x64, 0x3E
+    call    rax

bddisasm_test/cet/dnt_64.result

@@ -0,0 +1,273 @@
+0000000000000000 ff10                            CALL      qword ptr [rax]
+        DSIZE: 64, ASIZE: 64, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: yes
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:     Memory, Size:  8, RawSize:  8, Encoding: M, 
+                Segment: 3, Base: 0, 
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:               IP, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000002 ffd0                            CALL      rax
+        DSIZE: 64, ASIZE: 64, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: yes
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:   Register, Size:  8, RawSize:  8, Encoding: M, RegType:  General Purpose, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:               IP, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000004 64ff10                          CALL      qword ptr fs:[rax]
+        DSIZE: 64, ASIZE: 64, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: yes
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:     Memory, Size:  8, RawSize:  8, Encoding: M, 
+                Segment: 4, Base: 0, 
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:               IP, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000007 64ffd0                          CALL      rax
+        DSIZE: 64, ASIZE: 64, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: yes
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:   Register, Size:  8, RawSize:  8, Encoding: M, RegType:  General Purpose, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:               IP, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Shadow stack: 3, 
+                
+
+000000000000000A 3eff10                          DNT CALL  qword ptr [rax]
+        DSIZE: 64, ASIZE: 64, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: no
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:     Memory, Size:  8, RawSize:  8, Encoding: M, 
+                Segment: 3, Base: 0, 
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:               IP, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Shadow stack: 3, 
+                
+
+000000000000000D 3effd0                          DNT CALL  rax
+        DSIZE: 64, ASIZE: 64, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: no
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:   Register, Size:  8, RawSize:  8, Encoding: M, RegType:  General Purpose, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:               IP, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000010 3e2eff10                        DNT CALL  qword ptr [rax]
+        DSIZE: 64, ASIZE: 64, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: no
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:     Memory, Size:  8, RawSize:  8, Encoding: M, 
+                Segment: 3, Base: 0, 
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:               IP, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000014 3e2effd0                        DNT CALL  rax
+        DSIZE: 64, ASIZE: 64, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: no
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:   Register, Size:  8, RawSize:  8, Encoding: M, RegType:  General Purpose, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:               IP, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000018 2e3eff10                        DNT CALL  qword ptr [rax]
+        DSIZE: 64, ASIZE: 64, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: no
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:     Memory, Size:  8, RawSize:  8, Encoding: M, 
+                Segment: 3, Base: 0, 
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:               IP, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Shadow stack: 3, 
+                
+
+000000000000001C 2e3effd0                        DNT CALL  rax
+        DSIZE: 64, ASIZE: 64, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: no
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:   Register, Size:  8, RawSize:  8, Encoding: M, RegType:  General Purpose, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:               IP, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000020 3e64ff10                        CALL      qword ptr fs:[rax]
+        DSIZE: 64, ASIZE: 64, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: yes
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:     Memory, Size:  8, RawSize:  8, Encoding: M, 
+                Segment: 4, Base: 0, 
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:               IP, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000024 3e64ffd0                        CALL      rax
+        DSIZE: 64, ASIZE: 64, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: yes
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:   Register, Size:  8, RawSize:  8, Encoding: M, RegType:  General Purpose, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:               IP, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Shadow stack: 3, 
+                
+
+0000000000000028 643eff10                        CALL      qword ptr fs:[rax]
+        DSIZE: 64, ASIZE: 64, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: yes
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:     Memory, Size:  8, RawSize:  8, Encoding: M, 
+                Segment: 4, Base: 0, 
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:               IP, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Shadow stack: 3, 
+                
+
+000000000000002C 643effd0                        CALL      rax
+        DSIZE: 64, ASIZE: 64, VLEN: -
+        ISA Set: I86, Ins cat: CALL, CET tracked: yes
+        Valid modes
+                R0: yes, R1: yes, R2: yes, R3: yes
+                Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
+                SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
+                VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
+        Valid prefixes
+                REP: no, REPcc: no, LOCK: no
+                HLE: no, XACQUIRE only: no, XRELEASE only: no
+                BND: yes, BHINT: no, DNT: yes
+        Operand: 0, Acc:  R-,  Type:   Register, Size:  8, RawSize:  8, Encoding: M, RegType:  General Purpose, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 1, Acc:  -W,  Type:   Register, Size:  8, RawSize:  8, Encoding: S, RegType:               IP, RegSize:  8, RegId: 0, RegCount: 1
+        Operand: 2, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Stack: yes, 
+                Segment: 2, Base: 4, 
+        Operand: 3, Acc:  -W,  Type:     Memory, Size:  8, RawSize:  8, Encoding: S, Shadow stack: 3, 
+                
+

bddisasm_test/special/invalid_32_skip.result

@@ -1,7 +1,7 @@
 0000000000000000 0f                              db 0x0f (0x80000009)
 0000000000000010 0f05                            SYSCALL
         DSIZE: 32, ASIZE: 32, VLEN: -
-        ISA Set: AMD, Ins cat: SYSCALL, CET tracked: no
+        ISA Set: AMD, Ins cat: SYSCALL, CET tracked: yes
         CPUID leaf: 0x80000001, reg: ecx, bit: 11
         FLAGS access
                 Entire register

bddisasm_test/special/only_64.result

@@ -60,7 +60,7 @@
 
 000000000000000B 0f05                            SYSCALL
         DSIZE: 64, ASIZE: 64, VLEN: -
-        ISA Set: AMD, Ins cat: SYSCALL, CET tracked: no
+        ISA Set: AMD, Ins cat: SYSCALL, CET tracked: yes
         CPUID leaf: 0x80000001, reg: ecx, bit: 11
         FLAGS access
                 Entire register

bddisasm_test/special/regressions_32.result

@@ -82,7 +82,7 @@
 
 000000000000000A 260f05                          SYSCALL
         DSIZE: 32, ASIZE: 32, VLEN: -
-        ISA Set: AMD, Ins cat: SYSCALL, CET tracked: no
+        ISA Set: AMD, Ins cat: SYSCALL, CET tracked: yes
         CPUID leaf: 0x80000001, reg: ecx, bit: 11
         FLAGS access
                 Entire register

inc/bdshemu.h

@@ -260,6 +260,7 @@ typedef unsigned int SHEMU_STATUS;
 #define SHEMU_FLAG_SWAPGS                       0x00020000  // SWAPGS was executed.
 #define SHEMU_FLAG_SYSCALL_MSR_READ             0x00040000  // A SYSCALL/SYSENTER MSR read.
 #define SHEMU_FLAG_SYSCALL_MSR_WRITE            0x00080000  // A SYSCALL/SYSENTER MSR write.
+#define SHEMU_FLAG_SIDT                         0x00100000  // SIDT was executed.
 
 
 //

inc/version.h

@@ -7,6 +7,6 @@
 
 #define DISASM_VERSION_MAJOR        1
 #define DISASM_VERSION_MINOR        34
-#define DISASM_VERSION_REVISION     2
+#define DISASM_VERSION_REVISION     4
 
 #endif // DISASM_VER_H

isagenerator/disasmlib.py

@@ -294,6 +294,8 @@ valid_impops = {# register      size
     'SSP'      : ('SSP',        'yf'),  # Shadow stack pointer. 32 bit in protected/compat mode, 64 in long mode.
 
     # Implicit memory operands.
+    'pAXb'     : ('pAX',        'b'),   # Implicit byte [rAX], used by MONITOR and MONITORX. Can be overriden.
+    'pCXdq'    : ('pCX',        'dq'),  # Implicit xmmword [rCX], used by RMPADJUST. Can be overriden.
     'pBXALb'   : ('pBXAL',      'b'),   # Implicit [RBX + AL], as used by XLAT.
     'pDIq'     : ('pDI',        'q'),   # Implicit qword [RDI].
     'pDIdq'    : ('pDI',        'dq'),  # Implicit xmmword [RDI].

isagenerator/generate_tables.py

@@ -146,6 +146,8 @@ optype = {
     'XMM7'     : 'ND_OPT_SSE_XMM7',
 
     # Memory operands
+    'pAX'      : 'ND_OPT_MEM_rAX',
+    'pCX'      : 'ND_OPT_MEM_rCX',
     'pBXAL'    : 'ND_OPT_MEM_rBX_AL',
     'pDI'      : 'ND_OPT_MEM_rDI',
     'SHS'      : 'ND_OPT_MEM_SHS',

isagenerator/instructions/table_0F.dat

@@ -27,7 +27,7 @@ VMLAUNCH       nil           Fv                        [         NP 0x0F 0x01 /0
 VMRESUME       nil           Fv                        [         NP 0x0F 0x01 /0xC3]           s:VTX, t:VTX, w:W, f:VMX, m:VMXROOT
 VMXOFF         nil           Fv                        [         NP 0x0F 0x01 /0xC4]           s:VTX, t:VTX, w:W, f:VMX, m:VMXROOT
 PCONFIG        nil           EAX,RBX,RCX,RDX           [         NP 0x0F 0x01 /0xC5]           s:PCONFIG, t:PCONFIG, w:R|RW|RW|RW, m:NOV86
-MONITOR        nil           EAX,ECX,EDX               [         NP 0x0F 0x01 /0xC8]           s:SSE3, t:MISC, w:R|R|R, i:MONITOR, m:KERNEL|NOV86
+MONITOR        nil           pAXb,ECX,EDX              [         NP 0x0F 0x01 /0xC8]           s:SSE3, t:MISC, w:R|R|R, i:MONITOR, m:KERNEL|NOV86
 MWAIT          nil           EAX,ECX                   [         NP 0x0F 0x01 /0xC9]           s:SSE3, t:MISC, w:RW|R, i:MONITOR, m:KERNEL|NOV86
 CLAC           nil           Fv                        [         NP 0x0F 0x01 /0xCA]           s:SMAP, t:SMAP, w:W, f:AC=0, m:KERNEL|NOV86
 ERETU          nil           rIP,Fv,rSP,CS,SS,Kv5,SSP,GSBASE,KGSBASE [0xF3 0x0F 0x01 /0xCA]    s:FRED, t:FRED, w:W|W|W|W|W|R|CRCW|RW|RW, m:KERNEL|O64|NOTSX, a:F64
@@ -68,14 +68,14 @@ WRPKRU         nil           EDX,EAX,ECX,PKRU          [         NP 0x0F 0x01 /0
 STUI           nil           UIF                       [       0xF3 0x0F 0x01 /0xEF]           s:UINTR, t:UINTR, w:W, m:O64|NOTSX|NOSGX
 SWAPGS         nil           GSBASE,KGSBASE            [            0x0F 0x01 /0xF8]           s:LONGMODE, t:SYSTEM, w:RW|RW, m:KERNEL|O64
 RDTSCP         nil           EAX,EDX,ECX,TSC,TSCAUX    [            0x0F 0x01 /0xF9]           s:RDTSCP, t:SYSTEM, w:W|W|W|R|R
-MONITORX       nil           EAX,ECX,EDX               [         NP 0x0F 0x01 /0xFA]           s:MWAITT, t:SYSTEM, w:R|R|R, m:KERNEL|NOV86
+MONITORX       nil           pAXb,ECX,EDX              [         NP 0x0F 0x01 /0xFA]           s:MWAITT, t:SYSTEM, w:R|R|R, m:KERNEL|NOV86
 MCOMMIT        nil           Fv                        [       0xF3 0x0F 0x01 /0xFA]           s:MCOMMIT, t:MISC, w:W, f:CF=m|PF=0|AF=0|ZF=0|SF=0|OF=0
 MWAITX         nil           EAX,ECX,EBX               [         NP 0x0F 0x01 /0xFB]           s:MWAITT, t:SYSTEM, w:R|R|R, m:KERNEL|NOV86
 CLZERO         nil           rAX                       [            0x0F 0x01 /0xFC]           s:CLZERO, t:MISC, w:R
 RDPRU          nil           EAX,EDX,ECX,Fv            [            0x0F 0x01 /0xFD]           s:RDPRU, t:MISC, w:W|W|R|W, f:CF=m|PF=0|AF=0|ZF=0|SF=0|OF=0
 INVLPGB        nil           rAX,ECX,EDX               [            0x0F 0x01 /0xFE]           s:INVLPGB, t:SYSTEM, w:R|R|R, m:NOREAL|KERNEL
-RMPADJUST      nil           RAX,RCX,RDX,Fv            [       0xF3 0x0F 0x01 /0xFE]           s:SNP, t:SYSTEM, w:RW|R|R|W, f:OF=m|ZF=m|AF=m|PF=m|SF=m, m:O64|KERNEL
-RMPUPDATE      nil           RAX,RCX,Fv                [       0xF2 0x0F 0x01 /0xFE]           s:SNP, t:SYSTEM, w:RW|R|W, f:OF=m|ZF=m|AF=m|PF=m|SF=m, m:O64|KERNEL
+RMPADJUST      nil           pAXb,EAX,RCX,RDX,Fv       [       0xF3 0x0F 0x01 /0xFE]           s:SNP, t:SYSTEM, w:R|RW|R|R|W, f:OF=m|ZF=m|AF=m|PF=m|SF=m, a:I67, m:O64|KERNEL
+RMPUPDATE      nil           RAX,pCXdq,Fv              [       0xF2 0x0F 0x01 /0xFE]           s:SNP, t:SYSTEM, w:RW|R|W, f:OF=m|ZF=m|AF=m|PF=m|SF=m, a:I67, m:O64|KERNEL
 TLBSYNC        nil           nil                       [            0x0F 0x01 /0xFF]           s:INVLPGB, t:SYSTEM, m:NOREAL|KERNEL
 PSMASH         nil           RAX,Fv                    [       0xF3 0x0F 0x01 /0xFF]           s:SNP, t:SYSTEM, w:RW|W, f:OF=m|ZF=m|AF=m|PF=m|SF=m, m:O64|KERNEL
 PVALIDATE      nil           rAX,ECX,EDX,Fv            [       0xF2 0x0F 0x01 /0xFF]           s:SNP, t:SYSTEM, w:RW|R|R|W, f:OF=m|ZF=m|AF=m|PF=m|SF=m|CF=m, m:KERNEL
@@ -84,7 +84,7 @@ LAR            Gv,Rz         Fv                        [            0x0F 0x02 /r
 LSL            Gv,Mw         Fv                        [            0x0F 0x03 /r:mem]          s:I286PROT, t:SYSTEM, w:RW|R|W, f:ZF=m, m:NOREAL
 LSL            Gv,Rz         Fv                        [            0x0F 0x03 /r:reg]          s:I286PROT, t:SYSTEM, w:RW|R|W, f:ZF=m, m:NOREAL
 #LOADALL        nil           BANK                      [            0x0F 0x05]                s:I486REAL, t:UNDOC, w:R
-SYSCALL        nil           STAR,LSTAR,FMASK,SS,RCX,R11,CS,rIP,Fv,SSP [        0x0F 0x05]     s:AMD, t:SYSCALL, w:R|R|R|W|W|W|W|W|RW|RW, a:F64, i:FSC, m:NOSGX
+SYSCALL        nil           STAR,LSTAR,FMASK,SS,RCX,R11,CS,rIP,Fv,SSP [        0x0F 0x05]     s:AMD, t:SYSCALL, w:R|R|R|W|W|W|W|W|RW|RW, a:F64|CETT, i:FSC, m:NOSGX
 CLTS           nil           CR0                       [            0x0F 0x06]                 s:I286REAL, t:SYSTEM, w:W, m:KERNEL|NOV86
 #LOADALLD       nil           BANK                      [            0x0F 0x07]                s:I486REAL, t:UNDOC, w:R
 SYSRET         nil           STAR,SS,rCX,R11,CS,rIP,Fv,SSP [        0x0F 0x07]                 s:AMD, t:SYSRET, w:R|W|R|R|W|W|W|W, i:FSC, m:KERNEL
@@ -254,7 +254,7 @@ WRMSR          nil           EAX,EDX,ECX,MSR           [            0x0F 0x30]
 RDTSC          nil           EAX,EDX,TSC               [            0x0F 0x31]                 s:PENTIUMREAL, t:SYSTEM, w:W|W|R
 RDMSR          nil           EAX,EDX,ECX,MSR           [            0x0F 0x32]                 s:PENTIUMREAL, t:SYSTEM, w:W|W|R|R, m:KERNEL|NOV86, i:MSR
 RDPMC          nil           EAX,EDX,ECX,MSR           [            0x0F 0x33]                 s:RDPMC, t:SYSTEM, w:W|W|R|R, m:NOSGX
-SYSENTER       nil           SCS,SESP,SEIP,SS,sSP,CS,rIP,Fv,SSP [   0x0F 0x34]                 s:PPRO, t:SYSCALL, w:R|R|R|W|W|W|W|W|RW, i:SEP, f:IF=0, m:NOREAL|NOSGX
+SYSENTER       nil           SCS,SESP,SEIP,SS,sSP,CS,rIP,Fv,SSP [   0x0F 0x34]                 s:PPRO, t:SYSCALL, w:R|R|R|W|W|W|W|W|RW, a:CETT, i:SEP, f:IF=0, m:NOREAL|NOSGX
 SYSEXIT        nil           SS,sSP,CS,rIP,SSP         [            0x0F 0x35]                 s:PPRO, t:SYSRET, w:W|W|W|W|W|W, a:F64, i:SEP, m:KERNEL|NOREAL
 RDSHR          Ed            nil                       [      cyrix 0x0F 0x36 /r]              s:CYRIX, t:SYSTEM, w:R
 GETSEC         nil           EAX,EBX                   [         NP 0x0F 0x37]                 s:SMX, t:SYSTEM, w:RCW|R, m:KERNEL|NOREAL|NOSGX

isagenerator/instructions/table_base.dat

@@ -338,9 +338,9 @@ ENTER          Iw,Ib         rBP,sSP,Kv        [            0xC8 iw ib]    s:I18
 LEAVE          nil           sBP,rBP,rSP,Kv    [            0xC9]          s:I186, t:MISC, w:R|RW|RW|R, a:D64
 RETF           Iw            CS,rIP,Kv2,SHS2   [            0xCA iw]       s:I86, t:RET, w:R|W|W|R|R
 RETF           nil           CS,rIP,Kv2,SHS2   [            0xCB]          s:I86, t:RET, w:W|W|R|R
-INT3           nil           CS,rIP,Kv3,Fv,SHS3 [           0xCC]          s:I86, t:INTERRUPT, w:RW|RW|RW|W|W, f:INT, m:NOSGX
-INT            Ib            CS,rIP,Kv3,Fv,SHS3 [           0xCD ib]       s:I86, t:INTERRUPT, w:R|RW|RW|RW|W|W, f:INT, m:NOSGX
-INTO           nil           CS,rIP,Kv3,Fv,SHS3 [           0xCE]          s:I86, t:INTERRUPT, w:RW|RW|RW|W|W, f:INT, m:NO64|NOSGX
+INT3           nil           CS,rIP,Kv3,Fv,SHS3 [           0xCC]          s:I86, t:INTERRUPT, w:RW|RW|RW|W|W, a:CETT, f:INT, m:NOSGX
+INT            Ib            CS,rIP,Kv3,Fv,SHS3 [           0xCD ib]       s:I86, t:INTERRUPT, w:R|RW|RW|RW|W|W, a:CETT, f:INT, m:NOSGX
+INTO           nil           CS,rIP,Kv3,Fv,SHS3 [           0xCE]          s:I86, t:INTERRUPT, w:RW|RW|RW|W|W, a:CETT, f:INT, m:NO64|NOSGX
 IRETW          nil           CS,rIP,Kv3,Fv,SHS3 [      ds16 0xCF]          s:I86, t:RET, c:IRET, w:RW|W|R|RW|RW, a:SERIAL
 IRETD          nil           CS,rIP,Kv3,Fv,SHS3 [      ds32 0xCF]          s:I86, t:RET, c:IRET, w:RW|W|R|RW|RW, a:SERIAL
 IRETQ          nil           CS,rIP,Kv3,Fv,SHS3 [      ds64 0xCF]          s:I86, t:RET, c:IRET, w:RW|W|R|RW|RW, a:SERIAL

pybddisasm/setup.py

@@ -12,7 +12,7 @@ from setuptools import find_packages, setup, Command, Extension, Distribution
 from codecs import open
 
 VERSION = (0, 1, 3)
-LIBRARY_VERSION = (1, 34, 2)
+LIBRARY_VERSION = (1, 34, 4)
 LIBRARY_INSTRUX_SIZE = 864
 
 packages = ['pybddisasm']