Skip to content

Update read/written registers for x86 loop instructions#2799

Merged
Rot127 merged 3 commits intocapstone-engine:nextfrom
hainest:x86_loop
Oct 30, 2025
Merged

Update read/written registers for x86 loop instructions#2799
Rot127 merged 3 commits intocapstone-engine:nextfrom
hainest:x86_loop

Conversation

@hainest
Copy link
Contributor

@hainest hainest commented Oct 14, 2025

Your checklist for this pull request

  • I've documented or updated the documentation of every API function and struct this PR changes.
  • I've added tests that prove my fix is effective or that my feature works (if possible)

Detailed description

Add read/written registers for loop, loope, and loopne instructions.

Test plan

Tests are included.


This fixes a bug in 64-bit mode where eip and ecx are read/written instead of rip and rcx. However, it introduces the bug that using the size prefix override (e.g., 0x67e210) still reads/writes rip and rcx instead of eip and ecx. There is currently no way to solve this issue because insn->detail->x86.prefixes isn't populated at the time when the register translation is happening in X86_get_insn_id.

@Rot127
Copy link
Collaborator

Rot127 commented Oct 18, 2025

that using the size prefix override (e.g., 0x67e210) still reads/writes rip and rcx instead of eip and ecx

Please open an issue about this once this is merged.

@Rot127
Copy link
Collaborator

Rot127 commented Oct 29, 2025

Sorry for the delay. Can you please rebase. I was waiting to merge #2807 before looking at this.

This fixes a bug in 64-bit mode where eip and ecx are read/written
instead of rip and rcx. However, it introduces the bug that using the
size prefix override (0x67e210) still reads/writes rip and rcx instead
of eip and ecx. There is currently no way to solve this issue because
'insn->detail->x86.prefixes' isn't populated at the time when the
register translation is happening in 'X86_get_insn_id'.
When the address size prefix override is present, 'rcx' is incorrectly
reported as being read/written instead of 'ecx'.
As with loope when the address size prefix override is present, 'rcx'
is incorrectly reported as being read/written instead of 'ecx'.
@hainest
Copy link
Contributor Author

hainest commented Oct 29, 2025

Sorry for the delay. Can you please rebase. I was waiting to merge #2807 before looking at this.

No need for apologies. If I hadn't made such a silly mistake, you wouldn't have been spending time fixing the tests. I am sorry for that. Updated.

@hainest
Copy link
Contributor Author

hainest commented Oct 29, 2025

It looks like the failed job is due to an unreachable server to download a package:

2025-10-29T15:44:07.9134289Z Attempting to gather dependency information for package 'pythonarm64.3.14.0-rc1' with respect to project 'C:\Users\runneradmin\AppData\Local\pypa\cibuildwheel\Cache\nuget-cpython', targeting 'Any,Version=v0.0'
2025-10-29T15:44:08.3671360Z Gathering dependency information took 426 ms
2025-10-29T15:44:08.3796290Z Attempting to resolve dependencies for package 'pythonarm64.3.14.0-rc1' with DependencyBehavior 'Lowest'
2025-10-29T15:44:08.4839525Z Resolving dependency information took 0 ms
2025-10-29T15:44:08.4843267Z Resolving actions to install package 'pythonarm64.3.14.0-rc1'
2025-10-29T15:44:08.4892383Z Resolved actions to install package 'pythonarm64.3.14.0-rc1'
2025-10-29T15:44:08.5337929Z Retrieving package 'pythonarm64 3.14.0-rc1' from 'nuget.org'.
2025-10-29T15:44:08.9021339Z   GET https://api.nuget.org/v3-flatcontainer/pythonarm64/3.14.0-rc1/pythonarm64.3.14.0-rc1.nupkg
2025-10-29T15:44:51.0875205Z WARNING: Error downloading 'pythonarm64.3.14.0-rc1' from 'https://api.nuget.org/v3-flatcontainer/pythonarm64/3.14.0-rc1/pythonarm64.3.14.0-rc1.nupkg'.
2025-10-29T15:44:51.0875811Z An error occurred while sending the request.
2025-10-29T15:44:51.0876055Z   Unable to connect to the remote server
2025-10-29T15:44:51.0876740Z   A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 13.107.213.41:443
2025-10-29T15:44:51.0880199Z   GET https://api.nuget.org/v3-flatcontainer/pythonarm64/3.14.0-rc1/pythonarm64.3.14.0-rc1.nupkg

@Rot127 Rot127 merged commit 5f9dc2a into capstone-engine:next Oct 30, 2025
32 of 33 checks passed
@hainest hainest deleted the x86_loop branch October 30, 2025 18:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants