diff --git a/SMPDataFlowAnalysis.cpp b/SMPDataFlowAnalysis.cpp
index b70bfd8c46b14ab9876718db51744cf0e76eedb6..59ee70206eb621b30d9e5509bc85b804b85bd1ea 100644
--- a/SMPDataFlowAnalysis.cpp
+++ b/SMPDataFlowAnalysis.cpp
@@ -1940,7 +1940,9 @@ void InitTypeCategory(void) {
// If new instructions are added to this category that are not single
// operand and do require some updating, the category should be split.
// Category 5 instructions have a result type identical to the 1st source operand
- // type whenever the 2nd source operand is an operand of type 'n'.
+ // type whenever the 2nd source operand is an operand of type 'n' & vice versa.
+ // Examples are add, sub, adc, and sbb. There are subtle exceptions
+ // handled in the SMPInstr::EmitTypeAnnotations() method.
// Category 6 instructions always have a result type of 'p' (pointer).
// Category 7 instructions are category 2 instructions with two destinations,
// such as multiply and divide instructions that affect EDX:EAX. There are
@@ -1952,10 +1954,9 @@ void InitTypeCategory(void) {
// Category 9 instructions are floating point instructions that either
// have a memory destination (treat as category 13) or a FP reg destination
// (treat as category 1, as FP regs are always 'n' and ignored in our system).
- // Category 10 instructions have 'n' results if the sources are all 'n'; they
- // have 'p' results if the sources are all 'p'; and we cannot infer the type
- // of the result if the sources are of mixed types. Bitwise OR and AND are
- // examples.
+ // Category 10 instructions have 'n' results if the sources are all 'n';
+ // we cannot infer the type of the result if the sources are of mixed types.
+ // Bitwise OR and AND and LEA (load effective address) are examples.
// Category 11 instructions need to have their types and locations on the stack
// frame tracked, e.g. push and pop instructions. No direct type inference.
// Category 12 instructions are similar to category 10, except that we do not
@@ -2026,13 +2027,13 @@ SMPTypeCategory[NN_imul] = 7; // Signed Multiply
SMPTypeCategory[NN_in] = 0; // Input from Port **
SMPTypeCategory[NN_inc] = 4; // Increment by 1
SMPTypeCategory[NN_ins] = 2; // Input Byte(s) from Port to String **
-SMPTypeCategory[NN_int] = 1; // Call to Interrupt Procedure
-SMPTypeCategory[NN_into] = 1; // Call to Interrupt Procedure if Overflow Flag = 1
-SMPTypeCategory[NN_int3] = 1; // Trap to Debugger
-SMPTypeCategory[NN_iretw] = 1; // Interrupt Return
-SMPTypeCategory[NN_iret] = 1; // Interrupt Return
-SMPTypeCategory[NN_iretd] = 1; // Interrupt Return (use32)
-SMPTypeCategory[NN_iretq] = 1; // Interrupt Return (use64)
+SMPTypeCategory[NN_int] = 0; // Call to Interrupt Procedure
+SMPTypeCategory[NN_into] = 0; // Call to Interrupt Procedure if Overflow Flag = 1
+SMPTypeCategory[NN_int3] = 0; // Trap to Debugger
+SMPTypeCategory[NN_iretw] = 0; // Interrupt Return
+SMPTypeCategory[NN_iret] = 0; // Interrupt Return
+SMPTypeCategory[NN_iretd] = 0; // Interrupt Return (use32)
+SMPTypeCategory[NN_iretq] = 0; // Interrupt Return (use64)
SMPTypeCategory[NN_ja] = 1; // Jump if Above (CF=0 & ZF=0)
SMPTypeCategory[NN_jae] = 1; // Jump if Above or Equal (CF=0)
SMPTypeCategory[NN_jb] = 1; // Jump if Below (CF=1)
@@ -2072,7 +2073,7 @@ SMPTypeCategory[NN_jmpni] = 1; // Indirect Near Jump
SMPTypeCategory[NN_jmpshort] = 1; // Jump Short (not used)
SMPTypeCategory[NN_lahf] = 2; // Load Flags into AH Register
SMPTypeCategory[NN_lar] = 2; // Load Access Rights Byte
-SMPTypeCategory[NN_lea] = 0; // Load Effective Address **
+SMPTypeCategory[NN_lea] = 0; // Load Effective Address **
SMPTypeCategory[NN_leavew] = 0; // High Level Procedure Exit **
SMPTypeCategory[NN_leave] = 0; // High Level Procedure Exit **
SMPTypeCategory[NN_leaved] = 0; // High Level Procedure Exit **