-
Notifications
You must be signed in to change notification settings - Fork 144
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Inconsistencies between lifting IRs and physical CPU #705
Comments
This is probably the cause: remill/lib/Arch/X86/Semantics/BINARY.cpp Lines 246 to 256 in 269e61a
|
Adding some context to Peter's comments: According to the Intel Processor Manual (https://cdrdv2.intel.com/v1/dl/getContent/671110), for IMUL: Where this becomes confusing is that operations that happen on real, physical CPUs for undefined flags sometimes feel very much defined in practice. The problem is that since these flags are officially undefined and documented as being undefined, the observed behavior is inconsistent across generations of CPU and CPUs from different manufacturers (e.g., AMD). |
We should really have a one-argument form of |
It looks like with the P4 core, IMUL started preserving some of the flags: https://www.sandpile.org/x86/flags.htm |
Hi, guys, several consistencies between lifting IRs and physical CPU are discovered while using.
1, In the case of the
imul
instruction, Remill resets both theAF
andZF
flags to zero, while adjusting thePF
andSF
flags according to the results of the calculation. Contrarily, the physical CPU does not alter these four flags in the same way, but rather maintains the status established by the precedingadd %r11, %ecx
instruction.2, In the case of
sar
,sal
,shr
, andshl
instructions, Remill overlooks the effect on theAF
flag. Conversely, the physical CPU does take this flag into account.The following is the assembly code.
The following are IRs for the instruction
0x40050b imul %rax, %rdx
.The text was updated successfully, but these errors were encountered: