[X86] Incorrect explicit read/modified registers for vcmpunordss and others
mur47x111 opened this issue · comments
Yudi Zheng commented
cstool/cstool -d -s x64 "62 f1 76 08 c2 c9 03"
may yield different results:
op_count: 3
operands[0].type: REG = k1
operands[0].size: 2
operands[1].type: REG = xmm1
operands[1].size: 16
operands[2].type: REG = xmm1
operands[2].size: 16
...
op_count: 3
operands[0].type: REG = k1
operands[0].size: 2
operands[1].type: REG = xmm1
operands[1].size: 16
operands[2].type: REG = xmm1
operands[2].size: 16
Registers read: xmm1
...
op_count: 3
operands[0].type: REG = k1
operands[0].size: 2
operands[1].type: REG = xmm1
operands[1].size: 16
operands[2].type: REG = xmm1
operands[2].size: 16
Registers read: xmm1
Registers modified: xmm1
This is due to incorrect operand access values specified for instructions such as vcmpunordss
. IIUC, operand access values are maintained in capstone/arch/X86/X86MappingInsnOp.inc
and copied to the new X86MappingInsnOp.inc
generated by tablegen, see
capstone/suite/synctools/mapping_insn_op.py
Lines 100 to 130 in 31ea133
{ 0 }
. X86IntelInstPrinter
or X86ATTInstPrinter
uses a stack allocated array for storing the access values. This array is never initialized and only the first element is set to 0. When requesting access value for second/third operands in such instructions, it then fetches random values stored in the un-initialized array, and thus yield random results.