Wrong assembly of `nop dword [rax + rax]`.

rizinorg / rizin

UNIX-like reverse engineering framework and command-line toolset.

https://rizin.re

GNU Lesser General Public License v3.0

2.6k stars 348 forks source link

Wrong assembly of `nop dword [rax + rax]`. #1726

Open Semnodime opened 2 years ago

Semnodime commented 2 years ago

Environment information

Cutter version: 1.12.0 (Using rizin-0.1.0-git)
File format: elf64
- Arch: x86
- Type: EXEC (Executable file)

Describe the bug Wrong assembly of nop dword [rax + rax]. It results in machine code 0x90 (nop) instead of 0x0f1f440000.

To Reproduce Steps to reproduce the behavior:

Cutter -> open any elf64 x86 binary
In the Disassembly tab -> right click any instruction -> Edit -> instruction nop dword [rax + rax]
See error

Expected behavior Correct assembly into 0x0f1f440000.

Semnodime commented 2 years ago

@XVilka I was able to collect even more assembly-bugs and want to fix them.

As I assume those bugs are introduced by the "x86 handmade assembler" rz_asm_plugin_x86_nz. Now I wonder why this assembler plugin exists in parallel to the rz_asm_plugin_x86_nasm. I have read somewhere in the repo, that the latter is not available on mac_os in x86_64 mode.

Is this the only reason why there's another x86_asm in rizin? Why not just use nasm only?

ret2libc commented 2 years ago

It is a while we talk about assemblers and yes, the nz assembler is very far from perfect and it's an hand made one which gets continuous reports from users failing to assembling the instructions they want. It was there because... it always existed and since it doesn't have any other dependency it can easily compile and be used everywhere, however it has some limitations as you can see.

We are discussing whether it would make sense to switch by default to Keystone assembler, for example. Other ideas are welcome as well.

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. Considering a lot has probably changed since its creation, we kindly ask you to check again if the issue you reported is still relevant in the current version of rizin. If it is, update this issue with a comment, otherwise it will be automatically closed if no further activity occurs. Thank you for your contributions.

ret2libc commented 2 years ago

I am commenting to remove the stale tag... Anyway, I personally don't plan to fix this in nz assembler, but IMHO we should just default to Keystone assembler going forward. There are so many more instructions missing.