can you post your full code (but minimized, so easier to debug)?
On Tue, Jan 23, 2018 at 6:33 PM, Manduca <manduca@xxxxxxxxxxx> wrote:
I use unicorn to emulate x86 code.
It encounters problematic instruction
mov eax, dword ptr fs:
and throws UC_ERR_READ_UNMAPPED.
Not surprising, that selector probably points nowhere.
But when I do reg_read(EIP), it gives me the address of a harmless
instruction 0xF bytes back.
When I do UC_HOOK_CODE I get correct IPs until the end.
But once the exception hits, I'm 0xF bytes back, why?