Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Zydis formats extra operand-size suffix for VSIB instructions #550

Open
recoules opened this issue Feb 11, 2025 · 4 comments · May be fixed by #551
Open

Zydis formats extra operand-size suffix for VSIB instructions #550

recoules opened this issue Feb 11, 2025 · 4 comments · May be fixed by #551
Labels
A-formatter Area: Formatter C-bug Category: This is a bug (or a fix for a bug, when applied to PRs)

Comments

@recoules
Copy link

Dear developers,

The FormatterATT module appends the operand-size suffix for instruction using VSIB.

For instance, the opcode c42289914c3afc is disassembled as vpgatherqqq %xmm14, -0x04(%rdx,%xmm15,1), %xmm9.

Yet, in case of vpgather, the operand-size is already part of the mnemonic. The extra suffix makes the printed disassembly invalid.
I am not sure, but I think it is the same for other mnemonics using a VSIB operand.

Would it make sense to remove the second case here ?
https://github.com/zyantific/zydis/blob/bffbb610cfea643b98e87658b9058382f7522807/src/FormatterATT.c#L306C14-L306C15

Regards,
@flobernd
Copy link
Member

Hi @recoules, good catch!

This could be a potential fix, but we have to check all VSIB instructions first to be sure this doesn't break anything (aka making sure that the mnemonics always include the size suffix natively).

@mappzor
Copy link
Contributor

mappzor commented Feb 12, 2025

This could be a potential fix, but we have to check all VSIB instructions first to be sure this doesn't break anything (aka making sure that the mnemonics always include the size suffix natively).

This seems to be the case. At least for now all VSIB instructions have mandatory OSIZE prefix.

@flobernd
Copy link
Member

Thanks for checking @mappzor 🙂

Do you want to create a PR @recoules ?

@recoules
Copy link
Author

recoules commented Feb 12, 2025
edited
Loading

Thanks for reactive responses :)

Do you want to create a PR @recoules ?

Yes I can (but will have to wait this evening or tomorrow)

recoules added a commit to recoules/zydis that referenced this issue Feb 12, 2025
@recoules
Fix ATT Formatter VSIB extra operand-size suffix (zyantific#550)
20f013a
@recoules recoules linked a pull request Feb 12, 2025 that will close this issue
Open
@flobernd flobernd added C-bug Category: This is a bug (or a fix for a bug, when applied to PRs) A-formatter Area: Formatter labels Mar 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-formatter Area: Formatter C-bug Category: This is a bug (or a fix for a bug, when applied to PRs)
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix ATT Formatter VSIB extra operand-size suffix recoules/zydis
3 participants
@flobernd @recoules @mappzor