REX prefix not supported?

[bytefire]

Is it possible that REX prefixes, like REX.W in the example below are not fully supported? I'm using python to disassemble following function from objdump output and distorm doesn't return anything.

0000000000001070 <deregister_tm_clones>:
    1070:       48 8d 3d b9 2f 00 00    lea    0x2fb9(%rip),%rdi        # 4030 <__TMC_END__>
    1077:       48 8d 05 b2 2f 00 00    lea    0x2fb2(%rip),%rax        # 4030 <__TMC_END__>
    107e:       48 39 f8                cmp    %rdi,%rax
    1081:       74 15                   je     1098 <deregister_tm_clones+0x28>
    1083:       48 8b 05 4e 2f 00 00    mov    0x2f4e(%rip),%rax        # 3fd8 <_ITM_deregisterTMCloneTable>
    108a:       48 85 c0                test   %rax,%rax
    108d:       74 09                   je     1098 <deregister_tm_clones+0x28>
    108f:       ff e0                   jmpq   *%rax
    1091:       0f 1f 80 00 00 00 00    nopl   0x0(%rax)
    1098:       c3                      retq   
    1099:       0f 1f 80 00 00 00 00    nopl   0x0(%rax)

Thanks

[gdabah]

Hi there, can you be more specific about the problem you're experiencing? I'm not saying there's no (potential) bug, but this is the part where I worked the most to make sure diStorm is as robust as possible in x64, so I'd like to fully understand the claim in order to be able to assess whether it's a bug or not. Thanks

[gdabah]

This is what I'm getting from distorm in x64: 00000000 (07) 488d3db92f0000 LEA RDI, [RIP+0x2fb9] 00000007 (07) 488d05b22f0000 LEA RAX, [RIP+0x2fb2] 0000000e (03) 4839f8 CMP RAX, RDI 00000011 (02) 7415 JZ 0x28 00000013 (07) 488b054e2f0000 MOV RAX, [RIP+0x2f4e] 0000001a (03) 4885c0 TEST RAX, RAX 0000001d (02) 7409 JZ 0x28 0000001f (02) ffe0 JMP RAX 00000021 (07) 0f1f8000000000 NOP DWORD [RAX+0x0] 00000028 (01) c3 RET 00000029 (07) 0f1f8000000000 NOP DWORD [RAX+0x0]

[gdabah]

@bytefire so it seems correct to me.