Exception while decompiling 6257:009f

[NancyAurum]

Describe the bug Decompilation of specific realmode x86 code results into the

  Exception while decompiling 6257:009f: ghidra.program.model.address.AddressOutOfBoundsException:
       Offset must be between 0x0 and 0x10ffef, got 0x24105e2c instead!

To Reproduce Steps to reproduce the behavior:

1. Import the attached st.exe into Ghidra
2. Analyze it using the default settings.
3. Pree G and go to the function at 6257:009f
4. See error

Expected behavior Code decompiles correctly or prompts the user for additional information, required for decompilation.

Screenshots

Attachments zip file with the offending code st.zip

Environment (please complete the following information):

• OS: Microsoft Windows 23H2 (OS Build 22631.3737)
• Java Version: java 17.0.7 2023-04-18 LTS
• Ghidra Version: 11.1.1
• Ghidra Origin: https://github.com/NationalSecurityAgency/ghidra/releases/tag/Ghidra_11.1.1_build

Additional context Work around: at the entrance to the function, set DS value to 0.

Apparently decompiler doesn't construct a segmented far pointer properly (0x2410 is the DATA segment there), instead it loads two words like a flat 32bit pointer. As I understand it relates to the generally subpar support for x86 segmented code. For example, decompiler confuses ES with DS, so overriding DS results into decompiler misinterpretingES:[...] accesses once more. One strategy would be first decoupling these registers, and then determining where DS and ES are used to reference global variables, and where they are used as pointers (i.e. as some ebx in 32bit x86).