Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ARM LDRD instruction third operand not present operands list #2260

Closed
udiboy1209 opened this issue Jan 26, 2024 · 5 comments
Closed

ARM LDRD instruction third operand not present operands list #2260

udiboy1209 opened this issue Jan 26, 2024 · 5 comments
Labels
ARM Arch

Comments

@udiboy1209
Copy link

When parsing the ldrd ARM instruction, I do not see the third operand for the memory address in the operands list, but it shows up correctly in the op_str.

Code snippet to reproduce:

from capstone import *
from capstone.arm import *

md = Cs(CS_ARCH_ARM, CS_MODE_ARM)
md.detail = True
byt = b"\xd0\x20\xc5\xe1"
for insn in md.disasm(byt, offset=0):
    print("Mne:", insn.mnemonic)
    print("Opstr:", insn.op_str)
    for op in insn.operands:
        print("Op:", op.type)
        if op.type == ARM_OP_REG:
            print("  reg:", insn.reg_name(op.value.reg))

Output is

Mne: ldrd
Opstr: r2, r3, [r5]
Op: 1
  reg: r2
Op: 1
  reg: r3

There are only two registers in the operands list, while op_str correctly shows the third operand [r5]. Am I doing something wrong in accessing the operand list?

I am using version 5.0.1 via the python API.
@Rot127
Copy link
Collaborator

Rot127 commented Jan 26, 2024

It is very unlikely that this will be fixed due to #2089. In the next branch the instruction is disassembled correctly. Also it has many more features and is more precise:

./cstool -d arm "\xd0\x20\xc5\xe1"
 0  d0 20 c5 e1  ldrd	r2, r3, [r5]
	ID: 112 (ldrd)
	op_count: 3
		operands[0].type: REG = r2
		operands[0].access: WRITE
		operands[1].type: REG = r3
		operands[1].access: WRITE
		operands[2].type: MEM
			operands[2].mem.base: REG = r5
			operands[2].mem.scale: 0
		operands[2].access: READ
	Registers read: r5
	Registers modified: r2 r3
	Groups: IsARM HasV5TE

If you rely on a release there should be a pre-release soon. cc @kabeor for pre-release info

@udiboy1209
Copy link
Author

I built and installed the next branch but that does not fix the issue. The cstool shows the same correct output as you have shown, but the python binding still gives the wrong result. I also built the version 5.0.1 and checked cstool output. It identifies all three operands, but with less information (which is fine for my use case right now).

I believe the issue is with the python bindings and not in the library itself.

I will try to debug this further myself. If you can point me to places where I can start, that would be really helpful!

@Rot127
Copy link
Collaborator

Rot127 commented Jan 27, 2024

Weird. Make sure that you have not v4 installed and clean the complete capstone dir from build files. Or clone it freshly. It might be, that the Python bindings use the incorrect library.

@DiamondHunters DiamondHunters mentioned this issue Mar 10, 2024
Open
@udiboy1209 udiboy1209 mentioned this issue Mar 18, 2024
Open
@udiboy1209
Copy link
Author

@Rot127 sorry for the late response. There was no other capstone version on my machine, and I did a clean install.

@udiboy1209
Copy link
Author

The next branch does fix this issue. I don't know what I was doing wrong before. I also checked #2280 and #2286 and both are fixed in the next branch latest commit.

Closing this, thanks @Rot127 for your help!

@Rot127 Rot127 added the ARM Arch label Mar 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
ARM Arch
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@udiboy1209 @Rot127