Skip to content
This repository has been archived by the owner on Aug 23, 2022. It is now read-only.

Unimplemented AVX instructions #323

Closed
pgoodman opened this issue Nov 10, 2017 · 5 comments
Closed

Unimplemented AVX instructions #323

pgoodman opened this issue Nov 10, 2017 · 5 comments
Assignees
@pgoodman @mike-myers-tob
Labels
enhancement SEEL x86
Projects
SEEL

Comments

@pgoodman
Copy link
Collaborator

We're getting the following issue

F1109 19:56:17.375583 14182 Instruction.cpp:78] Unused memory reference operand to 140017340 in instruction (AMD64 14000ef5a 8 (BYTES c5 d1 fa 2d de 83 00 00) VPSUBD_XMMdq_XMMdq_MEMdq)

image
Due to the semantics of this AVX instruction not being available:
(AMD64 14000ef5a 8 (BYTES c5 d1 fa 2d de 83 00 00) VPSUBD_XMMdq_XMMdq_MEMdq)
@pgoodman
Copy link
Collaborator Author

This is a bit more than just a missing instruction semantics fix, because it's showing how one issue snowballs into another. That is, missing instructions is typically a non-fatal error, but failing to resolve a data cross-reference for an operand is a fatal error.

@pgoodman
Copy link
Collaborator Author

pgoodman commented Nov 13, 2017
edited by mike-myers-tob
Loading

  • (AMD64 14000f9d1 5 (BYTES 0f ae 5c 24 08) STMXCSR_MEMd (WRITE_OP (DWORD_PTR (ADD (REG_64 RSP) (SIGNED_IMM_64 0x8)))))
  • (AMD64 14000fa47 5 (BYTES 0f ae 54 24 08) LDMXCSR_MEMd (READ_OP (DWORD_PTR (ADD (REG_64 RSP) (SIGNED_IMM_64 0x8)))))
  • (AMD64 1400107c0 4 (BYTES 0f 2b 41 e0) MOVNTPS_MEMdq_XMMps (WRITE_OP (DWORD_PTR (ADD (REG_64 RCX) (SIGNED_IMM_64 -0x20)))) (READ_OP (REG_128 XMM0)))
  • (AMD64 140010b53 5 (BYTES f2 0f 70 c8 00) PSHUFLW_XMMdq_XMMdq_IMMb (WRITE_OP (REG_256 YMM1)) (READ_OP (REG_128 XMM0)) (READ_OP (IMM_8 0)))
  • (AMD64 14000edbb 5 (BYTES c5 e1 73 f3 01) VPSLLQ_XMMdq_XMMdq_IMMb (WRITE_OP (REG_256 YMM3)) (READ_OP (REG_128 XMM3)) (READ_OP (IMM_8 1)))
  • (AMD64 14000edc0 4 (BYTES c5 e1 d4 c9) VPADDQ_XMMdq_XMMdq_XMMdq (WRITE_OP (REG_256 YMM1)) (READ_OP (REG_128 XMM3)) (READ_OP (REG_128 XMM1)))
  • (AMD64 14000ef49 5 (BYTES c5 d1 73 d2 34) VPSRLQ_XMMdq_XMMdq_IMMb (WRITE_OP (REG_256 YMM5)) (READ_OP (REG_128 XMM2)) (READ_OP (IMM_8 34)))
  • (AMD64 14000ed5d 8 (BYTES c5 e1 fb 1d 8b 84 00 00) VPSUBQ_XMMdq_XMMdq_MEMdq (WRITE_OP (REG_256 YMM3)) (READ_OP (REG_128 XMM3)) (READ_OP (DWORD_PTR (ADD (REG_64 PC) (SIGNED_IMM_64 0x849b)))))
  • (AMD64 14000ef5a 8 (BYTES c5 d1 fa 2d de 83 00 00) VPSUBD_XMMdq_XMMdq_MEMdq (WRITE_OP (REG_256 YMM5)) (READ_OP (REG_128 XMM5)) (READ_OP (DWORD_PTR (ADD (REG_64 PC) (SIGNED_IMM_64 0x83ee)))))
  • (AMD64 14000eec4 9 (BYTES c4 e2 e9 a9 25 d3 84 00 00) VFMADD213SD_XMMdq_XMMq_MEMq (WRITE_OP (REG_256 YMM4)) (READ_OP (REG_256 YMM4)) (READ_OP (REG_128 XMM2)) (READ_OP (QWORD_PTR (ADD (REG_64 PC) (SIGNED_IMM_64 0x84e5)))))
  • (AMD64 14000ee77 9 (BYTES c4 e2 c9 b9 05 f0 83 00 00) VFMADD231SD_XMMdq_XMMq_MEMq (WRITE_OP (REG_256 YMM0)) (READ_OP (REG_256 YMM0)) (READ_OP (REG_128 XMM6)) (READ_OP (QWORD_PTR (ADD (REG_64 PC) (SIGNED_IMM_64 0x8402)))))
  • (AMD64 14000ee42 5 (BYTES c4 e2 d1 b9 c8) VFMADD231SD_XMMdq_XMMq_XMMq (WRITE_OP (REG_256 YMM1)) (READ_OP (REG_256 YMM1)) (READ_OP (REG_128 XMM5)) (READ_OP (REG_128 XMM0)))
  • (... VFMSUB213SD_XMMdq_XMMq_XMMq (WRITE_OP (REG_256 YMM5)) (READ_OP (REG_256 YMM5)) (READ_OP (REG_128 XMM6)) (READ_OP (REG_128 XMM1)))

pgoodman added a commit that referenced this issue Nov 16, 2017
@pgoodman
Updates mcsema to understand that the InstructionLifter returns a Lif…
705778c 
…tStatus now, instead of a bool. This allows us to partially resolve Issue #323. Next up is instruction support.
pgoodman added a commit that referenced this issue Nov 17, 2017
@pgoodman
Issue 323 unimplemented avx instructions (#328)
a68f401 
* Updates mcsema to understand that the InstructionLifter returns a LiftStatus now, instead of a bool. This allows us to partially resolve Issue #323. Next up is instruction support.

* Add missing function to runtime.
@mike-myers-tob
Copy link
Contributor

@pgoodman you mentioned that the MXCSR (control/status register) state management instructions (STMXCSR and LDMXCSR) may require "hyper calls or stop failures", can you elaborate what you meant by that?

How would we write a semantic function for an instruction that just loads or stores a register from memory? Is MXCSR part of the State struct? If not, where would it belong?

@pgoodman
Copy link
Collaborator Author

pgoodman commented Dec 3, 2017

  • (X86 f115d018 5 (BYTES 0f ae 44 24 30) FXSAVE_MEMmfpxenv (WRITE_OP (DWORD_PTR (ADD (REG_32 SS_BASE) (REG_32 ESP) (SIGNED_IMM_32 0x30)))))

@mike-myers-tob mike-myers-tob added this to To-Do in SEEL Dec 4, 2017
@mike-myers-tob mike-myers-tob moved this from To-Do to Doing in SEEL Dec 4, 2017
@mike-myers-tob mike-myers-tob mentioned this issue Dec 11, 2017
Merged
@mike-myers-tob
Copy link
Contributor

I'm moving the implementation of FXSAVE semantics over to lifting-bits/remill#45
so we can close this issue.

@mike-myers-tob mike-myers-tob moved this from Doing to Done in SEEL Dec 16, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@pgoodman pgoodman

@mike-myers-tob mike-myers-tob

Labels
enhancement SEEL x86
Projects
No open projects
SEEL
  
Done
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pgoodman @mike-myers-tob