[X86] Disassembly Error, over-decode invalid instruction with mutual exclusive prefix #2547
Description
Work environment
| Questions | Answers |
|---|---|
| OS/arch/bits | x86_64 Ubuntu 20.04 |
| Architecture | x86_64 |
| Source of Capstone | git clone, default on next branch. |
| Version/git commit | v6.0.0, d7be5f9 |
Instruction bytes giving faulty results
0xf0,0xf2,0x41,0x0f,0xb7,0xd6
Expected results
It should be:
ERROR: invalid assembly code
Steps to get the wrong result
With cstool:
$ ./cstool -d x64 "0xf0,0xf2,0x41,0x0f,0xb7,0xd6"
0 f0 f2 41 0f b7 d6 movzx edx, r14w
ID: 496 (movzx)
Prefix:0x00 0x00 0x00 0x00
Opcode:0x0f 0xb7 0x00 0x00
rex: 0x41
addr_size: 8
modrm: 0xd6
disp: 0x0
sib: 0x0
op_count: 2
operands[0].type: REG = edx
operands[0].size: 4
operands[0].access: WRITE
operands[1].type: REG = r14w
operands[1].size: 2
operands[1].access: READ
Registers read: r14w
Registers modified: edx
$ ./cstool -d x64 "0xf0,0x41,0x0f,0xb7,0xd6"
ERROR: invalid assembly code
$ ./cstool -d x64 "0xf2,0x41,0x0f,0xb7,0xd6"
0 f2 41 0f b7 d6 movzx edx, r14w
ID: 496 (movzx)
Prefix:0x00 0x00 0x00 0x00
Opcode:0x0f 0xb7 0x00 0x00
rex: 0x41
addr_size: 8
modrm: 0xd6
disp: 0x0
sib: 0x0
op_count: 2
operands[0].type: REG = edx
operands[0].size: 4
operands[0].access: WRITE
operands[1].type: REG = r14w
operands[1].size: 2
operands[1].access: READ
Registers read: r14w
Registers modified: edxAdditional Logs, screenshots, source code, configuration dump, ...
Capstone correctly identifies that the LOCK prefix (0xf0) is incompatible with the movzx instruction. It also has no problem with the REPNE/REPNZ prefix (0xf2). However, it fails to recognize that the prefixes 0xf2 and 0xf0 are mutually exclusive and cannot appear together in a single instruction. In contrast, both XED and Zydis disassemblers return an 'invalid assembly code' error for the sequence 0xf0, 0xf2, 0x41, 0x0f, 0xb7, 0xd6