Open
Description
Work environment
Questions | Answers |
---|---|
OS/arch/bits | x86_64 Ubuntu 20.04 |
Architecture | x86_64 |
Source of Capstone | git clone , default on next branch. |
Version/git commit | v6.0.0, e46838 |
Instruction bytes giving faulty results
0x85 0x58 0x01
Expected results
It should be:
$ ./cstool_v6.0.0 -d x64 "855801"
0 85 58 01 test dword ptr [rax + 1], ebx
ID: 734 (test)
Prefix:0x00 0x00 0x00 0x00
Opcode:0x85 0x00 0x00 0x00
rex: 0x0
addr_size: 8
modrm: 0x58
disp: 0x1
sib: 0x0
op_count: 2
operands[0].type: MEM
operands[0].mem.base: REG = rax
operands[0].mem.disp: 0x1
operands[0].size: 4
***** operands[0].access: READ ******* MISSING LINE *****
operands[1].type: REG = ebx
operands[1].size: 4
***** operands[1].access: READ ******* MISSING LINE *****
Registers read: rax (rbx <--- MISSING FIELD)
***** EFLAGS: MOD_SF MOD_ZF MOD_PF UNDEF_AF ******* MISSING LINE *****
Steps to get the wrong result
With cstool
:
$ ./cstool_v6.0.0 -d x64 "855801"
0 85 58 01 test dword ptr [rax + 1], ebx
ID: 734 (test)
Prefix:0x00 0x00 0x00 0x00
Opcode:0x85 0x00 0x00 0x00
rex: 0x0
addr_size: 8
modrm: 0x58
disp: 0x1
sib: 0x0
op_count: 2
operands[0].type: MEM
operands[0].mem.base: REG = rax
operands[0].mem.disp: 0x1
operands[0].size: 4
operands[1].type: REG = ebx
operands[1].size: 4
Registers read: rax
Additional Logs, screenshots, source code, configuration dump, ...
test
instruction in x86 performs a bitwiseAND
operation between the value at a memory location and the contents of a register. The test instruction sets the correspondingEFLAGS
but the result itself is discarded. Capstone seems failed to display theEFLAGS
fields of instructiontest
.- This issue is detected with a fully automatic decoder testing tool based on my research. Please add a
Bug
tag to this page if you verify it's a problem. It means a lot to me and my research. Thank you for your consideration😊!