Open
Description
Work environment
Questions | Answers |
---|---|
OS/arch/bits | x86_64 Ubuntu 20.04 |
Architecture | x86_64 |
Source of Capstone | git clone , default on next branch. |
Version/git commit | v6.0.0, d7be5f9 |
Instruction bytes giving faulty results
0xf0,0xf2,0x41,0x0f,0xb7,0xd6
Expected results
It should be:
ERROR: invalid assembly code
Steps to get the wrong result
With cstool
:
$ ./cstool -d x64 "0xf0,0xf2,0x41,0x0f,0xb7,0xd6"
0 f0 f2 41 0f b7 d6 movzx edx, r14w
ID: 496 (movzx)
Prefix:0x00 0x00 0x00 0x00
Opcode:0x0f 0xb7 0x00 0x00
rex: 0x41
addr_size: 8
modrm: 0xd6
disp: 0x0
sib: 0x0
op_count: 2
operands[0].type: REG = edx
operands[0].size: 4
operands[0].access: WRITE
operands[1].type: REG = r14w
operands[1].size: 2
operands[1].access: READ
Registers read: r14w
Registers modified: edx
$ ./cstool -d x64 "0xf0,0x41,0x0f,0xb7,0xd6"
ERROR: invalid assembly code
$ ./cstool -d x64 "0xf2,0x41,0x0f,0xb7,0xd6"
0 f2 41 0f b7 d6 movzx edx, r14w
ID: 496 (movzx)
Prefix:0x00 0x00 0x00 0x00
Opcode:0x0f 0xb7 0x00 0x00
rex: 0x41
addr_size: 8
modrm: 0xd6
disp: 0x0
sib: 0x0
op_count: 2
operands[0].type: REG = edx
operands[0].size: 4
operands[0].access: WRITE
operands[1].type: REG = r14w
operands[1].size: 2
operands[1].access: READ
Registers read: r14w
Registers modified: edx
Additional Logs, screenshots, source code, configuration dump, ...
Capstone correctly identifies that the LOCK
prefix (0xf0) is incompatible with the movzx
instruction. It also has no problem with the REPNE/REPNZ
prefix (0xf2). However, it fails to recognize that the prefixes 0xf2
and 0xf0
are mutually exclusive and cannot appear together in a single instruction. In contrast, both XED and Zydis disassemblers return an 'invalid assembly code' error for the sequence 0xf0, 0xf2, 0x41, 0x0f, 0xb7, 0xd6