On 8/27/20 3:22 AM, Edgar E. Iglesias wrote: > Thanks. Here's another issue, it seems some branches are jumping > to the wrong address. > > This is a disasm from a failing case: > > 0x00000000ffd033a0: brlid r15, -636 // 0xffffffffffd03124 > 0x00000000ffd033a4: or r0, r0, r0 > > 0x00000000ffa73124: Address 0xffa73124 is out of bounds.
That's a weird one. My guess is that IMM_FLAG is set in iflags incorrectly. Can you verify this with -d in_asm,op,exec? When IMM_FLAG is set, you'll see in in iflags: bit 0 will be set in the second word of the insn_data. E.g.: ---- 00000000ffd033a0 0000000000000001 It would also show up in the tb_flags of the exec lines. E.g. Trace 0: 0x7f38a4000940 [0000000000000000/0000000090000058/0] where the format is host_pc [cs_base/pc/tb_flags]. If so, then we'll need to check where iflags got out of sync. r~
