distorm update

Author: NtQuery

diStorm/include/distorm.h

@@ -91,10 +91,10 @@ typedef unsigned __int8		uint8_t;
 
 /*
  * Operand Size or Adderss size are stored inside the flags:
- * 0 - 16 bits
- * 1 - 32 bits
- * 2 - 64 bits
- * 3 - reserved
+ * 00 - 16 bits
+ * 01 - 32 bits
+ * 10 - 64 bits
+ * 11 - reserved
  *
  * If you call these set-macros more than once, you will have to clean the bits before doing so.
  */
@@ -104,6 +104,8 @@ typedef unsigned __int8		uint8_t;
 #define FLAG_GET_ADDRSIZE(flags) (((flags) >> 10) & 3)
 /* To get the LOCK/REPNZ/REP prefixes. */
 #define FLAG_GET_PREFIX(flags) ((flags) & 7)
+/* Indicates whether the instruction is privileged. */
+#define FLAG_GET_PRIVILEGED(flags) (((flags) & FLAG_PRIVILEGED_INSTRUCTION) != 0)
 
 /*
  * Macros to extract segment registers from 'segment':
@@ -179,7 +181,7 @@ typedef struct {
 	*/
 	uint8_t index;
 
-	/* Size of:
+	/* Size in bits of:
 		O_REG: register
 		O_IMM: instruction.imm
 		O_IMM1: instruction.imm.ex.i1
@@ -206,13 +208,18 @@ typedef struct {
 #define FLAG_HINT_TAKEN (1 << 3)
 /* Indicates there is a hint non-taken for Jcc instructions only. */
 #define FLAG_HINT_NOT_TAKEN (1 << 4)
-/* The Imm value is signed extended. */
+/* The Imm value is signed extended (E.G in 64 bit decoding mode, a 32 bit imm is usually sign extended into 64 bit imm). */
 #define FLAG_IMM_SIGNED (1 << 5)
 /* The destination operand is writable. */
 #define FLAG_DST_WR (1 << 6)
 /* The instruction uses RIP-relative indirection. */
 #define FLAG_RIP_RELATIVE (1 << 7)
 
+/* See flag FLAG_GET_XXX macros above. */
+
+/* The instruction is privileged and can only be used from Ring0. */
+#define FLAG_PRIVILEGED_INSTRUCTION (1 << 15)
+
 /* No register was defined. */
 #define R_NONE ((uint8_t)-1)
 
@@ -243,12 +250,12 @@ typedef struct {
 	/* Unused prefixes mask, for each bit that is set that prefix is not used (LSB is byte [addr + 0]). */
 	uint16_t unusedPrefixesMask;
 	/* Mask of registers that were used in the operands, only used for quick look up, in order to know *some* operand uses that register class. */
-	uint16_t usedRegistersMask;
+	uint32_t usedRegistersMask;
 	/* ID of opcode in the global opcode table. Use for mnemonic look up. */
 	uint16_t opcode;
 	/* Up to four operands per instruction, ignored if ops[n].type == O_NONE. */
 	_Operand ops[OPERANDS_NO];
-	/* Size of the whole instruction. */
+	/* Size of the whole instruction in bytes. */
 	uint8_t size;
 	/* Segment information of memory indirection, default segment, or overriden one, can be -1. Use SEGMENT macros. */
 	uint8_t segment;
@@ -258,7 +265,7 @@ typedef struct {
 	/* Meta defines the instruction set class, and the flow control flags. Use META macros. */
 	uint8_t meta;
 	/* The CPU flags that the instruction operates upon. */
-	uint8_t modifiedFlagsMask, testedFlagsMask, undefinedFlagsMask;
+	uint16_t modifiedFlagsMask, testedFlagsMask, undefinedFlagsMask;
 } _DInst;
 
 #ifndef DISTORM_LIGHT
@@ -279,7 +286,7 @@ typedef struct {
 	_WString mnemonic; /* Mnemonic of decoded instruction, prefixed if required by REP, LOCK etc. */
 	_WString operands; /* Operands of the decoded instruction, up to 3 operands, comma-seperated. */
 	_WString instructionHex; /* Hex dump - little endian, including prefixes. */
-	unsigned int size; /* Size of decoded instruction. */
+	unsigned int size; /* Size of decoded instruction in bytes. */
 	_OffsetType offset; /* Start offset of the decoded instruction. */
 } _DecodedInst;
 
@@ -300,20 +307,29 @@ typedef struct {
 #define RM_AVX 0x800 /* YMM0 - YMM15 */
 #define RM_CR 0x1000 /* CR0, CR2, CR3, CR4, CR8 */
 #define RM_DR 0x2000 /* DR0, DR1, DR2, DR3, DR6, DR7 */
+#define RM_R8 0x4000 /* R8B, R8W, R8D, R8 */
+#define RM_R9 0x8000 /* R9B, R9W, R9D, R9 */
+#define RM_R10 0x10000 /* R10B, R10W, R10D, R10 */
+#define RM_R11 0x20000 /* R11B, R11W, R11D, R11 */
+#define RM_R12 0x40000 /* R12B, R12W, R12D, R12 */
+#define RM_R13 0x80000 /* R13B, R13W, R13D, R13 */
+#define RM_R14 0x100000 /* R14B, R14W, R14D, R14 */
+#define RM_R15 0x200000 /* R15B, R15W, R15D, R15 */
+
 /* RIP should be checked using the 'flags' field and FLAG_RIP_RELATIVE.
  * Segments should be checked using the segment macros.
  * For now R8 - R15 are not supported and non general purpose registers map into same RM.
  */
 
-/* CPU Flags that instructions modify, test or undefine. */
-#define D_ZF 1 /* Zero */
-#define D_SF 2 /* Sign */
-#define D_CF 4 /* Carry */
-#define D_OF 8 /* Overflow */
-#define D_PF 0x10 /* Parity */
-#define D_AF 0x20 /* Auxilary */
-#define D_DF 0x40 /* Direction */
-#define D_IF 0x80 /* Interrupt */
+/* CPU flags that instructions modify, test or undefine (are EFLAGS compatible!). */
+#define D_CF 1		/* Carry */
+#define D_PF 4		/* Parity */
+#define D_AF 0x10	/* Auxiliary */
+#define D_ZF 0x40	/* Zero */
+#define D_SF 0x80	/* Sign */
+#define D_IF 0x200	/* Interrupt */
+#define D_DF 0x400	/* Direction */
+#define D_OF 0x800	/* Overflow */
 
 /*
  * Instructions Set classes:
@@ -427,6 +443,15 @@ typedef enum { DECRES_NONE, DECRES_SUCCESS, DECRES_MEMORYERR, DECRES_INPUTERR, D
  * Notes:  1)The minimal size of maxInstructions is 15.
  *         2)You will have to synchronize the offset,code and length by yourself if you pass code fragments and not a complete code block!
  */
+ 
+/* distorm_decompose
+ * There is lots of documentation about diStorm at https://code.google.com/p/distorm/wiki
+ *
+ * Please read https://code.google.com/p/distorm/wiki/DecomposeInterface
+ *
+ * And also see https://code.google.com/p/distorm/wiki/TipsnTricks
+ *
+ */
 #ifdef SUPPORT_64BIT_OFFSET
 
 	_DecodeResult distorm_decompose64(_CodeInfo* ci, _DInst result[], unsigned int maxInstructions, unsigned int* usedInstructionsCount);

diStorm/include/mnemonics.h

@@ -124,14 +124,14 @@ typedef enum {
 	I_MOVNTDQA = 7895, I_MOVNTI = 952, I_MOVNTPD = 2556, I_MOVNTPS = 2547, I_MOVNTQ = 6841,
 	I_MOVNTSD = 2574, I_MOVNTSS = 2565, I_MOVQ = 3926, I_MOVQ2DQ = 6513, I_MOVS = 295,
 	I_MOVSD = 2110, I_MOVSHDUP = 2353, I_MOVSLDUP = 2176, I_MOVSS = 2103, I_MOVSX = 939,
-	I_MOVSXD = 10013, I_MOVUPD = 2095, I_MOVUPS = 2087, I_MOVZX = 927, I_MPSADBW = 9628,
+	I_MOVSXD = 10005, I_MOVUPD = 2095, I_MOVUPS = 2087, I_MOVZX = 927, I_MPSADBW = 9628,
 	I_MUL = 1625, I_MULPD = 3170, I_MULPS = 3163, I_MULSD = 3184, I_MULSS = 3177,
 	I_MWAIT = 1764, I_NEG = 1620, I_NOP = 581, I_NOT = 1615, I_OR = 27, I_ORPD = 3053,
 	I_ORPS = 3047, I_OUT = 451, I_OUTS = 128, I_PABSB = 7688, I_PABSD = 7718, I_PABSW = 7703,
 	I_PACKSSDW = 3849, I_PACKSSWB = 3681, I_PACKUSDW = 7916, I_PACKUSWB = 3759,
 	I_PADDB = 7204, I_PADDD = 7234, I_PADDQ = 6481, I_PADDSB = 6930, I_PADDSW = 6947,
 	I_PADDUSB = 6620, I_PADDUSW = 6639, I_PADDW = 7219, I_PALIGNR = 9410, I_PAND = 6607,
-	I_PANDN = 6665, I_PAUSE = 10021, I_PAVGB = 6680, I_PAVGUSB = 2078, I_PAVGW = 6725,
+	I_PANDN = 6665, I_PAUSE = 10013, I_PAVGB = 6680, I_PAVGUSB = 2078, I_PAVGW = 6725,
 	I_PBLENDVB = 7599, I_PBLENDW = 9391, I_PCLMULQDQ = 9647, I_PCMPEQB = 4043,
 	I_PCMPEQD = 4081, I_PCMPEQQ = 7876, I_PCMPEQW = 4062, I_PCMPESTRI = 9726,
 	I_PCMPESTRM = 9703, I_PCMPGTB = 3702, I_PCMPGTD = 3740, I_PCMPGTQ = 8087,
@@ -163,7 +163,7 @@ typedef enum {
 	I_PUNPCKLDQ = 3658, I_PUNPCKLQDQ = 3870, I_PUNPCKLWD = 3635, I_PUSH = 16,
 	I_PUSHA = 91, I_PUSHF = 270, I_PXOR = 6981, I_RCL = 977, I_RCPPS = 2953, I_RCPSS = 2960,
 	I_RCR = 982, I_RDFSBASE = 9882, I_RDGSBASE = 9912, I_RDMSR = 600, I_RDPMC = 607,
-	I_RDRAND = 9980, I_RDTSC = 593, I_RDTSCP = 1864, I_RET = 325, I_RETF = 354,
+	I_RDRAND = 10026, I_RDTSC = 593, I_RDTSCP = 1864, I_RET = 325, I_RETF = 354,
 	I_ROL = 967, I_ROR = 972, I_ROUNDPD = 9296, I_ROUNDPS = 9277, I_ROUNDSD = 9334,
 	I_ROUNDSS = 9315, I_RSM = 882, I_RSQRTPS = 2915, I_RSQRTSS = 2924, I_SAHF = 283,
 	I_SAL = 997, I_SALC = 394, I_SAR = 1002, I_SBB = 36, I_SCAS = 319, I_SETA = 807,
@@ -241,17 +241,17 @@ typedef enum {
 	I_VHADDPD = 4197, I_VHADDPS = 4206, I_VHSUBPD = 4231, I_VHSUBPS = 4240, I_VINSERTF128 = 9503,
 	I_VINSERTPS = 9557, I_VLDDQU = 7001, I_VLDMXCSR = 9941, I_VMASKMOVDQU = 7131,
 	I_VMASKMOVPD = 7949, I_VMASKMOVPS = 7937, I_VMAXPD = 3588, I_VMAXPS = 3580,
-	I_VMAXSD = 3604, I_VMAXSS = 3596, I_VMCALL = 1719, I_VMCLEAR = 9997, I_VMFUNC = 1787,
+	I_VMAXSD = 3604, I_VMAXSS = 3596, I_VMCALL = 1719, I_VMCLEAR = 9989, I_VMFUNC = 1787,
 	I_VMINPD = 3468, I_VMINPS = 3460, I_VMINSD = 3484, I_VMINSS = 3476, I_VMLAUNCH = 1727,
 	I_VMLOAD = 1811, I_VMMCALL = 1802, I_VMOVAPD = 2476, I_VMOVAPS = 2467, I_VMOVD = 3932,
 	I_VMOVDDUP = 2234, I_VMOVDQA = 3962, I_VMOVDQU = 3971, I_VMOVHLPS = 2195,
 	I_VMOVHPD = 2382, I_VMOVHPS = 2373, I_VMOVLHPS = 2363, I_VMOVLPD = 2214, I_VMOVLPS = 2205,
 	I_VMOVMSKPD = 2836, I_VMOVMSKPS = 2825, I_VMOVNTDQ = 6858, I_VMOVNTDQA = 7905,
 	I_VMOVNTPD = 2593, I_VMOVNTPS = 2583, I_VMOVQ = 3939, I_VMOVSD = 2143, I_VMOVSHDUP = 2391,
 	I_VMOVSLDUP = 2223, I_VMOVSS = 2135, I_VMOVUPD = 2126, I_VMOVUPS = 2117, I_VMPSADBW = 9637,
-	I_VMPTRLD = 9988, I_VMPTRST = 6385, I_VMREAD = 4128, I_VMRESUME = 1737, I_VMRUN = 1795,
+	I_VMPTRLD = 9980, I_VMPTRST = 6385, I_VMREAD = 4128, I_VMRESUME = 1737, I_VMRUN = 1795,
 	I_VMSAVE = 1819, I_VMULPD = 3199, I_VMULPS = 3191, I_VMULSD = 3215, I_VMULSS = 3207,
-	I_VMWRITE = 4152, I_VMXOFF = 1747, I_VMXON = 10006, I_VORPD = 3066, I_VORPS = 3059,
+	I_VMWRITE = 4152, I_VMXOFF = 1747, I_VMXON = 9998, I_VORPD = 3066, I_VORPS = 3059,
 	I_VPABSB = 7695, I_VPABSD = 7725, I_VPABSW = 7710, I_VPACKSSDW = 3859, I_VPACKSSWB = 3691,
 	I_VPACKUSDW = 7926, I_VPACKUSWB = 3769, I_VPADDB = 7211, I_VPADDD = 7241,
 	I_VPADDQ = 6488, I_VPADDSB = 6938, I_VPADDSW = 6955, I_VPADDUSW = 6629, I_VPADDW = 7226,
@@ -287,7 +287,7 @@ typedef enum {
 	I_VTESTPD = 7590, I_VTESTPS = 7581, I_VUCOMISD = 2761, I_VUCOMISS = 2751,
 	I_VUNPCKHPD = 2317, I_VUNPCKHPS = 2306, I_VUNPCKLPD = 2275, I_VUNPCKLPS = 2264,
 	I_VXORPD = 3095, I_VXORPS = 3087, I_VZEROALL = 4118, I_VZEROUPPER = 4106,
-	I_WAIT = 10028, I_WBINVD = 561, I_WRFSBASE = 9931, I_WRGSBASE = 9960, I_WRMSR = 586,
+	I_WAIT = 10020, I_WBINVD = 561, I_WRFSBASE = 9931, I_WRGSBASE = 9960, I_WRMSR = 586,
 	I_XADD = 946, I_XCHG = 212, I_XGETBV = 1771, I_XLAT = 400, I_XOR = 61, I_XORPD = 3080,
 	I_XORPS = 3073, I_XRSTOR = 4273, I_XRSTOR64 = 4281, I_XSAVE = 4249, I_XSAVE64 = 4256,
 	I_XSAVEOPT = 4299, I_XSAVEOPT64 = 4309, I_XSETBV = 1779, I__3DNOW = 10034

diStorm/src/decoder.c

@@ -78,8 +78,17 @@ static _DecodeType decode_get_effective_op_size(_DecodeType dt, _iflags decodedP
 	return dt;
 }
 
+/* A helper macro to convert from diStorm's CPU flags to EFLAGS. */
+#define CONVERT_FLAGS_TO_EFLAGS(dst, src, field) dst->field = ((src->field & D_COMPACT_SAME_FLAGS) | \
+	((src->field & D_COMPACT_IF) ? D_IF : 0) | \
+	((src->field & D_COMPACT_DF) ? D_DF : 0) | \
+	((src->field & D_COMPACT_OF) ? D_OF : 0));
+
 static _DecodeResult decode_inst(_CodeInfo* ci, _PrefixState* ps, _DInst* di)
 {
+	/* Remember whether the instruction is privileged. */
+	uint16_t privilegedFlag = 0;
+
 	/* The ModR/M byte of the current instruction. */
 	unsigned int modrm = 0;
 
@@ -106,7 +115,7 @@ static _DecodeResult decode_inst(_CodeInfo* ci, _PrefixState* ps, _DInst* di)
 	 */
 	int lockable = FALSE;
 
-	/* Calcualte (and cache) effective-operand-size and effective-address-size only once. */
+	/* Calculate (and cache) effective-operand-size and effective-address-size only once. */
 	_DecodeType effOpSz, effAdrSz;
 	_iflags instFlags;
 
@@ -115,6 +124,10 @@ static _DecodeResult decode_inst(_CodeInfo* ci, _PrefixState* ps, _DInst* di)
 	isi = &InstSharedInfoTable[ii->sharedIndex];
 	instFlags = FlagsTable[isi->flagsIndex];
 
+	/* Copy the privileged bit and remove it from the opcodeId field ASAP. */
+	privilegedFlag = ii->opcodeId & OPCODE_ID_PRIVILEGED;
+	ii->opcodeId &= ~OPCODE_ID_PRIVILEGED;
+
 	/*
 	 * If both REX and OpSize are available we will have to disable the OpSize, because REX has precedence.
 	 * However, only if REX.W is set !
@@ -135,8 +148,8 @@ static _DecodeResult decode_inst(_CodeInfo* ci, _PrefixState* ps, _DInst* di)
 	 * Which practically means, don't allow 32 bits instructions in 16 bits decoding mode, but do allow
 	 * 16 bits instructions in 32 bits decoding mode, of course...
 
-	 * NOTE: Make sure the instruction set for 32 bits has explicitly this specfic flag set.
-	 * NOTE2: Make sure the instruction set for 64 bits has explicitly this specfic flag set.
+	 * NOTE: Make sure the instruction set for 32 bits has explicitly this specific flag set.
+	 * NOTE2: Make sure the instruction set for 64 bits has explicitly this specific flag set.
 
 	 * If this is the case, drop what we've got and restart all over after DB'ing that byte.
 
@@ -263,7 +276,7 @@ static _DecodeResult decode_inst(_CodeInfo* ci, _PrefixState* ps, _DInst* di)
 	else if ((instFlags & (INST_PRE_ADDR_SIZE | INST_NATIVE)) == (INST_PRE_ADDR_SIZE | INST_NATIVE)) {
 		di->opcode = ii->opcodeId;
 
-		/* If LOOPxx gets here from 64bits, it must be Decode32Bits because Address Size perfix is set. */
+		/* If LOOPxx gets here from 64bits, it must be Decode32Bits because Address Size prefix is set. */
 		ps->usedPrefixes |= INST_PRE_ADDR_SIZE;
 	}
 	/*
@@ -336,10 +349,10 @@ static _DecodeResult decode_inst(_CodeInfo* ci, _PrefixState* ps, _DInst* di)
 		 * Therefore, we use another table to fix the offset.
 		 */
 		if (instFlags & INST_PRE_VEX) {
-			/* Use the AVX pesudo compare mnemonics table. */
+			/* Use the AVX pseudo compare mnemonics table. */
 			di->opcode = ii->opcodeId + VCmpMnemonicOffsets[cmpType];
 		} else {
-			/* Use the SSE psuedo compare mnemonics table. */
+			/* Use the SSE pseudo compare mnemonics table. */
 			di->opcode = ii->opcodeId + CmpMnemonicOffsets[cmpType];
 		}
 	}
@@ -356,6 +369,9 @@ static _DecodeResult decode_inst(_CodeInfo* ci, _PrefixState* ps, _DInst* di)
 	/* Set the unused prefixes mask. */
 	di->unusedPrefixesMask = prefixes_set_unused_mask(ps);
 
+	/* Fix privileged. Assumes the privilegedFlag is 0x8000 only. */
+	di->flags |= privilegedFlag;
+
 	/* Copy instruction meta. */
 	di->meta = isi->meta;
 	if (di->segment == 0) di->segment = R_NONE;
@@ -364,9 +380,9 @@ static _DecodeResult decode_inst(_CodeInfo* ci, _PrefixState* ps, _DInst* di)
 	if (di->base != R_NONE) di->usedRegistersMask |= _REGISTERTORCLASS[di->base];
 
 	/* Copy CPU affected flags. */
-	di->modifiedFlagsMask = isi->modifiedFlags;
-	di->testedFlagsMask = isi->testedFlags;
-	di->undefinedFlagsMask = isi->undefinedFlags;
+	CONVERT_FLAGS_TO_EFLAGS(di, isi, modifiedFlagsMask);
+	CONVERT_FLAGS_TO_EFLAGS(di, isi, testedFlagsMask);
+	CONVERT_FLAGS_TO_EFLAGS(di, isi, undefinedFlagsMask);
 
 	/* Calculate the size of the instruction we've just decoded. */
 	di->size = (uint8_t)((ci->code - startCode) & 0xff);
@@ -404,6 +420,8 @@ _DecodeResult decode_internal(_CodeInfo* _ci, int supportOldIntr, _DInst result[
 	_PrefixState ps;
 	unsigned int prefixSize;
 	_CodeInfo ci;
+	unsigned int features;
+	unsigned int mfc;
 
 	_OffsetType codeOffset = _ci->codeOffset;
 	const uint8_t* code = _ci->code;
@@ -428,10 +446,15 @@ _DecodeResult decode_internal(_CodeInfo* _ci, int supportOldIntr, _DInst result[
 
 #ifdef DISTORM_LIGHT
 	supportOldIntr; /* Unreferenced. */
-#endif
 
+	/*
+	 * Only truncate address if we are using the decompose interface.
+	 * Otherwise, we use the textual interface which needs full addresses for formatting bytes output.
+	 * So distorm_format will truncate later.
+	 */
 	if (_ci->features & DF_MAXIMUM_ADDR32) addrMask = 0xffffffff;
 	else if (_ci->features & DF_MAXIMUM_ADDR16) addrMask = 0xffff;
+#endif
 
 	/* No entries are used yet. */
 	*usedInstructionsCount = 0;
@@ -557,13 +580,26 @@ _DecodeResult decode_internal(_CodeInfo* _ci, int supportOldIntr, _DInst result[
 		pdi->addr = startInstOffset & addrMask;
 		/* pdi->disp &= addrMask; */
 
-		/* Advance to next instruction. */
-		codeLen -= pdi->size;
-		codeOffset += pdi->size;
-		code += pdi->size;
+		if ((decodeResult == DECRES_INPUTERR) && (ps.decodedPrefixes & INST_PRE_VEX)) {
+			if (ps.prefixExtType == PET_VEX3BYTES) {
+				prefixSize -= 2;
+				codeLen += 2;
+			} else if (ps.prefixExtType == PET_VEX2BYTES) {
+				prefixSize -= 1;
+				codeLen += 1;
+			}
+			ps.last = ps.start + prefixSize - 1;
+			code = ps.last + 1;
+			codeOffset = startInstOffset + prefixSize;
+		} else {
+			/* Advance to next instruction. */
+			codeLen -= pdi->size;
+			codeOffset += pdi->size;
+			code += pdi->size;
 
-		/* Instruction's size should include prefixes. */
-		pdi->size += (uint8_t)prefixSize;
+			/* Instruction's size should include prefixes. */
+			pdi->size += (uint8_t)prefixSize;
+		}
 
 		/* Drop all prefixes and the instruction itself, because the instruction wasn't successfully decoded. */
 		if ((decodeResult == DECRES_INPUTERR) && (~_ci->features & DF_RETURN_FC_ONLY)) {
@@ -599,14 +635,16 @@ _DecodeResult decode_internal(_CodeInfo* _ci, int supportOldIntr, _DInst result[
 		_ci->nextOffset = codeOffset;
 
 		/* Check whether we need to stop on any flow control instruction. */
-		if ((decodeResult == DECRES_SUCCESS) && (_ci->features & DF_STOP_ON_FLOW_CONTROL)) {
-			if (((_ci->features & DF_STOP_ON_CALL) && (META_GET_FC(pdi->meta) == FC_CALL)) ||
-				((_ci->features & DF_STOP_ON_RET) && (META_GET_FC(pdi->meta) == FC_RET)) ||
-				((_ci->features & DF_STOP_ON_SYS) && (META_GET_FC(pdi->meta) == FC_SYS)) ||
-				((_ci->features & DF_STOP_ON_UNC_BRANCH) && (META_GET_FC(pdi->meta) == FC_UNC_BRANCH)) ||
-				((_ci->features & DF_STOP_ON_CND_BRANCH) && (META_GET_FC(pdi->meta) == FC_CND_BRANCH)) ||
-				((_ci->features & DF_STOP_ON_INT) && (META_GET_FC(pdi->meta) == FC_INT)) ||
-				((_ci->features & DF_STOP_ON_CMOV) && (META_GET_FC(pdi->meta) == FC_CMOV)))
+		features = _ci->features;
+		mfc = META_GET_FC(pdi->meta);
+		if ((decodeResult == DECRES_SUCCESS) && (features & DF_STOP_ON_FLOW_CONTROL)) {
+			if (((features & DF_STOP_ON_CALL) && (mfc == FC_CALL)) ||
+				((features & DF_STOP_ON_RET) && (mfc == FC_RET)) ||
+				((features & DF_STOP_ON_SYS) && (mfc == FC_SYS)) ||
+				((features & DF_STOP_ON_UNC_BRANCH) && (mfc == FC_UNC_BRANCH)) ||
+				((features & DF_STOP_ON_CND_BRANCH) && (mfc == FC_CND_BRANCH)) ||
+				((features & DF_STOP_ON_INT) && (mfc == FC_INT)) ||
+				((features & DF_STOP_ON_CMOV) && (mfc == FC_CMOV)))
 				return DECRES_SUCCESS;
 		}
 	}