Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NotImplementedError: #1430

Open
zzjss12 opened this issue May 24, 2022 · 5 comments
Open

NotImplementedError: #1430

zzjss12 opened this issue May 24, 2022 · 5 comments

Comments

@zzjss12
Copy link

zzjss12 commented May 24, 2022

NotImplementedError: Mnemonic XGETBV not implemented.
NotImplementedError: Mnemonic FNSAVE not implemented.

problem like this .

how it happend?
@zzjss12
Copy link
Author

zzjss12 commented May 24, 2022

image

I use IDA Pro software to disassemble exe files. During this period, I will use miasm library. I find that different notimplemented errors will appear when I disassemble different programs. When I comment out the corresponding addop, the program may be disassembled successfully. So what is the addop operation? Do I have any other way to solve my problem? After all, every EXE file is very laborious if I do this

@serpilliere
Copy link
Contributor

Hi @zzjss12
The addp is here to add an instruction to the disasm engine.
So the code will be correctly disassembled.
But, I think you are doing a Lift of the assembly code to the IR code.
But the semantic of the xgetbv instruction is not defined in miasm, to during the lift of the xgetbv, you get the error that the instruction is missing.
When you remove the addop, the disassembler won't be able to disasm it and the graph of the exec flow will stop at that unknown instruction.
Later, when you will lift the code to ir, it works as the xgetbv is not prendsent on the asm listing.
But you have an unfinished basic block, and so an unfinished IR representation.

@zzjss12
Copy link
Author

zzjss12 commented May 25, 2022

Thanks a lot .
Miasm doesn't add semantics. Does that mean that the latest miasm doesn't support these scripts.If so, maybe I have to accept a small number of wrong results.

@JHeinzde
Copy link

JHeinzde commented Jun 17, 2022
edited

@serpilliere Are there any plans to implement this? And if not how hard would it be to implement these two instructions myself? Is there any guideline how to add instructions to the lifter? And also would you take and review a PR adding these?

@serpilliere
Copy link
Contributor

Hi @JHeinzde
The instruction is interesting as there is an arbitrary number of control register.
The instruction can be implemented with the following mecanism:
simply raise an excecption in the IR (like int 0x3 for example) which will call a python callback to store or get the value of the register during emulation. Thus, you can manipulate the value and do some specific behavior to react to crx modifications for example.
However, if your goal is to analyse the IR code, this model is a bit annoying.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@serpilliere @JHeinzde @zzjss12