T0b1/fadec
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
617ebe5c8a542f0147f19c73329e8533fdc3e126
fadec/README.md
Alexis Engelke 8063cb7401 Decode additional segment prefixes 
This is mainly needed to handle the new control flow enforcement
extensions, making 3E a "notrack" prefix for indirect calls and jumps.

This is not (yet) modeled, and requires additional information on the
order of the prefixes, as 3E_66 (16-bit in ds segment) has a different
meaning than 66_3E (16-bit notrack). Before implementing this, an
analysis of the performance impact when decoding more prefix information
is probably required to avoid degrading overall performance for very few
and (as of now) seldomly used corner cases.
2018-12-31 13:23:42 +01:00

20 lines
2.0 KiB
Markdown
Raw Blame History

# libx86decode
A fast and lightweight decoder for x86 and x86-64. *This is not a disassembler, it does not intend to procude valid assembly.* To meet the goal of speed, lookup tables are used to map the opcode the (internal) description of the instruction encoding. This table currently has a size of roughly 21 kiB.
Currently, decoding 32-bit assembly required the `ARCH_386` macro to be defined and is only tested when compiling as 32-bit binary. Decoding of 64-bit instruction requires the macro `ARCH_X86_64` and is only supported in 64-bit mode. This restriction might change in future.
### Known issues
- An implicit `FWAIT` in FPU instructions is decoded as a separate instruction. For example, the instruction `FINIT` is decoded as an `FWAIT` followed by an `FINIT` where as `FNINIT` is decoded as a plain `FINIT` instruction.
- The AVX VSIB encoding is not supported yet, all instructions using this will result in a decode error.
- A mandatory L0 or L1 in the VEX prefix is currently ignored to reduce the size of the prefix tables. The only instructions where this has an effect are `VZEROALL` (L1) and `VZEROUPPER` (L0) and are currently decoded as `VZERO`, the vector length prefix can be used to determine the actual instruction.
- The EVEX prefix (AVX-512) is not supported (yet).
- No ABI stability as the value associated with the mnemonics will change if further instructions are added. When using this library, please link it statically.
- The instruction formatter does not include prefixes. (Help needed.)
- The layout of entries in the tables can be improved to improve usage of caches. (Help needed.)
- Low test coverage. (Help needed.)
- No benchmarking has been performed yet. (Help needed.)
- Prefixes for indirect jumps and calls are not properly decoded, e.g. `notrack`, `bnd`. This requires additional information on the prefix ordering, which is currently not decoded. (Analysis of performance impact and help needed.)
If you find any other issues, please report a bug. Or, even better, send a patch fixing the issue.
Reference in New Issue View Git Blame Copy Permalink