(bits 32)
call pm2rm
bits 16
fstenv [eax] ; *better* be less than 64k!
call rm2pm
bits 32
I'm pretty sure that's not what you have in mind. I see no indication that a size override prefix is going to have any effect, regardless where it's placed. Does 9B 66 D9 30 actually do what you want??? Seems to me that even if you *could* save ip instead of eip, and a truncated address... it would be totally useless.
I'm only certified for Beginner Questions, so I could be totally wrong, but what you want to do seems impossible to me...
Best,
Frank
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
> I see no indication that a size override prefix is going to have any effect, regardless where it's placed.
See Intel manual Volume 1: Basic Architecture, chapter 8.1.10 Saving the x87 FPU’s State with FSTENV/FNSTENV and FSAVE/FNSAVE:
"The manner in which this information is stored in memory depends on the operating
mode of the processor (protected mode or real-address mode) and on the operand size
attribute in effect (32-bit or 16-bit)."
Under BITS 32, operand size override provides 14-byte state information instead of default 28-byte one.
According to the documentation, "o16 fstenv [eax]" should work, but it places the prefix 66 at wrong place. It must be behind the WAIT prefix (9B) to take effect.
That's why I ask for another syntax which would provide the 14-byte operand.
Best regards,
MazeGen
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Seems to produce the sequence you're looking for - 9B 66 D9 ...
Seems like kind of a PITA to have to write it that way - wait, oh wait, don't wait... Appears to store different information with/without the 66 - I haven't confirmed that it's "right"...
Best,
Frank
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Is there any syntax which allows FSTENV instruction with 14-byte operand under BITS 32?
I have tried:
o16 fstenv [eax]
which assembles to:
66 9B D9 30
what is wrong, because the leading prefix 0x66 have no effect on fstenv operand.
It must be:
9B 66 D9 30
(bits 32)
call pm2rm
bits 16
fstenv [eax] ; *better* be less than 64k!
call rm2pm
bits 32
I'm pretty sure that's not what you have in mind. I see no indication that a size override prefix is going to have any effect, regardless where it's placed. Does 9B 66 D9 30 actually do what you want??? Seems to me that even if you *could* save ip instead of eip, and a truncated address... it would be totally useless.
I'm only certified for Beginner Questions, so I could be totally wrong, but what you want to do seems impossible to me...
Best,
Frank
> I see no indication that a size override prefix is going to have any effect, regardless where it's placed.
See Intel manual Volume 1: Basic Architecture, chapter 8.1.10 Saving the x87 FPU’s State with FSTENV/FNSTENV and FSAVE/FNSAVE:
"The manner in which this information is stored in memory depends on the operating
mode of the processor (protected mode or real-address mode) and on the operand size
attribute in effect (32-bit or 16-bit)."
Under BITS 32, operand size override provides 14-byte state information instead of default 28-byte one.
According to the documentation, "o16 fstenv [eax]" should work, but it places the prefix 66 at wrong place. It must be behind the WAIT prefix (9B) to take effect.
That's why I ask for another syntax which would provide the 14-byte operand.
Best regards,
MazeGen
fwait
o16 fnstenv [...]
???
Seems to produce the sequence you're looking for - 9B 66 D9 ...
Seems like kind of a PITA to have to write it that way - wait, oh wait, don't wait... Appears to store different information with/without the 66 - I haven't confirmed that it's "right"...
Best,
Frank