Metadata for PUSHAD / POPAD instructions should show stackptr: 32. (because it affects 8 registers)
For POPAD the type should be POP
Metadata is wrong.
stackptr for PUSHAD/POPAD is shown as 4 (single register)
The type for POPAD is RET
❯ rizin malloc://32
-- Seek at relative offsets with 's +<offset>' or 's -<offset>'
[0x00000000]> e asm.arch=x86
[0x00000000]> e asm.bits=32
[0x00000000]> wa "pushad;popad"
[0x00000000]> ao
address: 0x0
opcode: pushad
disasm: pushad
pseudo: pushad
mnemonic: pushad
description: push all general-purpose registers
mask: ff
prefix: 0
id: 667
bytes: 60
refptr: 0
size: 1
sign: false
type: rpush
cycles: 1
esil: 0,esp,+,4,esp,-=,eax,esp,=[4],4,esp,-=,ecx,esp,=[4],4,esp,-=,edx,esp,=[4],4,esp,-=,ebx,esp,=[4],4,esp,-=,esp,=[4],4,esp,-=,ebp,esp,=[4],4,esp,-=,esi,esp,=[4],4,esp,-=,edi,esp,=[4]
opex:
operands: []
family: cpu
stackop: inc
stackptr: 4
[0x00000000]> ao @ 1
address: 0x1
opcode: popad
disasm: popad
pseudo: popad
mnemonic: popad
description: pop all general-purpose registers
mask: ff
prefix: 0
id: 611
bytes: 61
refptr: 0
size: 1
sign: false
type: ret
cycles: 3
esil: esp,[4],4,esp,+=,edi,=,esp,[4],4,esp,+=,esi,=,esp,[4],4,esp,+=,ebp,=,esp,[4],4,esp,+=,esp,[4],4,esp,+=,ebx,=,esp,[4],4,esp,+=,edx,=,esp,[4],4,esp,+=,ecx,=,esp,[4],4,esp,+=,eax,=,esp,=
rzil: empty
opex:
operands: []
family: priv
stackop: inc
stackptr: -4
Work environment
rizin -vfull output, not truncated (mandatory)Expected behavior
Metadata for PUSHAD / POPAD instructions should show stackptr: 32. (because it affects 8 registers)
For POPAD the type should be
POPActual behavior
Metadata is wrong.
stackptr for PUSHAD/POPAD is shown as 4 (single register)
The
typefor POPAD isRETSteps to reproduce the behavior