Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

udis86 cannot into SSE #53

Closed
ghost opened this issue Aug 27, 2013 · 7 comments
Closed

udis86 cannot into SSE #53

ghost opened this issue Aug 27, 2013 · 7 comments

Comments

@ghost
Copy link

ghost commented Aug 27, 2013

https://www.dropbox.com/s/aolwqzmqo7ffw7p/test
https://www.dropbox.com/s/yxi4lhjlhwfai2n/test.c
@vmt
Copy link
Owner

vmt commented Sep 2, 2013

Hi, sorry, I couldn't make sense of you report. Can you describe the problem?

@radare
Copy link
Contributor

radare commented Sep 6, 2013

This bug was reported in radare2 before. The problem is that udis86 doesn't seems to properly disassemble SSE instructions. If you go to 0x00000824 you'll see something like this:

      | |   0x00000824      8b85fcfeffff     mov eax, [rbp-0x104]
      | |   0x0000082a      8b9d00ffffff     mov ebx, [rbp-0x100]
      | |   0x00000830      899dd8feffff     mov [rbp-0x128], ebx
            0x00000836      c5               invalid
            0x00000837      f9               stc
            0x00000838      6e               outsb
            0x00000839      95               xchg ebp, eax
            0x0000083a      d8fe             fdivr st0, st6
            0x0000083c      ff               invalid
            0x0000083d      ffc4             inc esp
            0x0000083f      e369             jrcxz 0x8aa
            0x00000841      22c0             and al, al
            0x00000843      018b8504ffff     add [rbx-0xfb7b], ecx
            0x00000849      ff8b9d08ffff     dec dword [rbx-0xf763]
            0x0000084f      ff899dd8feff     dec dword [rcx-0x12763]
            0x00000855      ffc5             inc ebp
            0x00000857      f9               stc

According to objdump, this should be disassembled as:

 830:   89 9d d8 fe ff ff       mov    %ebx,-0x128(%rbp)
 836:   c5 f9 6e 95 d8 fe ff    vmovd  -0x128(%rbp),%xmm2
 83d:   ff
 83e:   c4 e3 69 22 c0 01       vpinsrd $0x1,%eax,%xmm2,%xmm0
 844:   8b 85 04 ff ff ff       mov    -0xfc(%rbp),%eax
 84a:   8b 9d 08 ff ff ff       mov    -0xf8(%rbp),%ebx
 850:   89 9d d8 fe ff ff       mov    %ebx,-0x128(%rbp)
 856:   c5 f9 6e 9d d8 fe ff    vmovd  -0x128(%rbp),%xmm3
 85d:   ff
 85e:   c4 e3 61 22 c8 01       vpinsrd $0x1,%eax,%xmm3,%xmm1
 864:   c5 f1 6c c0             vpunpcklqdq %xmm0,%xmm1,%xmm0
 868:   c5 f9 7f 85 70 ff ff    vmovdqa %xmm0,-0x90(%rbp)
 86f:   ff
 870:   c5 f9 6f 85 70 ff ff    vmovdqa -0x90(%rbp),%xmm0
 877:   ff
 878:   c5 f9 7f 85 40 ff ff    vmovdqa %xmm0,-0xc0(%rbp)
 87f:   ff
 880:   8b 45 bc                mov    -0x44(%rbp),%eax
 883:   8b 55 b4                mov    -0x4c(%rbp),%edx

@XVilka
Copy link

XVilka commented Oct 29, 2013

Any updates/decisions on this?

@XVilka XVilka mentioned this issue Oct 29, 2013
Closed
@vmt
Copy link
Owner

vmt commented Nov 14, 2013

Can you try top of tree?

$ echo c5 f9 7f 85 70 ff ff ff | udcli/udcli -x -32
0000000000000000 c5f97f8570ffffff vmovdqa [ebp-0x90], xmm0

$ echo c5 f1 6c c0 | udcli/udcli -x -32
0000000000000000 c5f16cc0         vpunpcklqdq xmm0, xmm1, xmm0

@ghost
Copy link
Author

ghost commented Nov 14, 2013

echo c5 f9 7f 85 70 ff ff ff | udcli -x -32
0000000000000000 c5f97f8570ffffff vmovdqa [ebp-0x90], xmm0

echo c5 f1 6c c0 | udcli -x -32
0000000000000000 c5f16cc0 vpunpcklqdq xmm0, xmm1, xmm0

Looks good

@radare
Copy link
Contributor

radare commented Nov 15, 2013

Looks good in r2 too after updating to latest udis86 code. Thanks! IMHO you can close the bug

$ rasm2 -d "c4 e3 69 22 c0 01"
vpinsrd xmm0, xmm2, eax, 0x1
$ rasm2 -d c5f97f8570ffffff
vmovdqa [ebp-0x90], xmm0
$ rasm2 -d c5f16cc0
vpunpcklqdq xmm0, xmm1, xmm0

@vmt
Copy link
Owner

vmt commented Nov 15, 2013

Thanks!

@vmt vmt closed this as completed Nov 15, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@vmt @XVilka @radare