I'm trying to disassemble the BIOS code for the original Xbox, but I'm having trouble setting up Xrefs involving protected-mode segmentation. For example, the instruction:
seg001:FFCE jmp large far ptr 8:0FFFFFE00h
The segment selector 8 references a GDT entry with segment base 0, so the resulting address should be 0FFFFFE00h, but IDA is treating it as a real-mode segment base; as a result, it winds up with an invalid Xref to address 0FFFFFE80h, which is in the middle of an instruction.
I've tried manually entering in the instruction, but then I don't get an Xref to the address. I could patch the selector byte to be zero, but I'm hoping there's a better way. Is it possible to tell IDA to use a custom base address for a given segment selector? If not, is there a better workaround than patching?
After poking around some IDC files, I found a function called SetSelector, which sets the base address of a given selector. So, all I needed to do was manually add a call in the script to set the base for selector 0x8 to 0:
SetSelector(0x8, 0);