[x86] LOCK NOP not decoded (F0 0F 1F 00)

[davidbrazdil]

The byte sequence "F0 0F 1F 00" disassembles to "lock nopl (%rax)" with GNU Binutils 2.26.1 and Online Disassembler [1] but is undecoded by Capstone "next" branch. It is emitted by LLVM for alignment.

[1] https://www.onlinedisassembler.com/odaweb/mkfPEHoP/0

[aquynh]

Any other disassembler can handle this code, besides Gas?

[davidbrazdil]

NASM: F00F1F00 lock nop dword [rax]
Zyan: lock nop [rax]

It's just the LOCK prefix. Capstone disassembles the NOP 0F 1F 00 just fine.

[aquynh]

fixed now, please confirm.

[davidbrazdil]

Yes, now decodes. Thank you

[gdbinit]

Zyan doesn't accept this anymore (there's a Jul 3 commit about illegal lock prefixes).

$ ./ZydisInfo -64 F0 0F 1F 00
Could not decode instruction: ILLEGAL_LOCK

Is this instruction really valid? I'm not sure per Intel manuals.

Also from XED:
$ ./xed -64 -d F0 0F 1F 00
F00F1F00
ERROR: BAD_LOCK_PREFIX Could not decode at offset: 0x0 PC: 0x0: [F00F1F000000000000000000000000]

[aquynh]

the only way to confirm this is to run it on real cpu, to see it really works. -- Thanks, Quynh http://www.keystone-engine.org http://www.capstone-engine.org http://www.unicorn-engine.org

[gdbinit]

Yes, it's an illegal instruction per Intel manuals and verified on a real cpu.