neg flags
Closed this issue · 7 comments
brandonros commented
{
"i": 3165,
"iHex": "c5d",
"x64dbgLine": {
"rawLine": {
"Index": "00C5D",
"Address": "0000000144F474DB",
"Bytes": "9F",
"Disassembly": "lahf ",
"Registers": "rax: 8000000-> 8008300",
"Memory": "",
"Comments": ""
},
"rip": "144f474db",
"registerChanges": [
{
"registerName": "rax",
"previousValue": "8000000",
"newValue": "8008300"
}
],
"memoryChanges": []
},
"scemuLine": {
"rawLine": {
"diffRegLine": "diff_reg: pos = 3165 rip = 144f474db rax 8000000 -> 8009300;",
"memTraceLines": []
},
"position": "c5d",
"rip": "144f474db",
"registerChanges": [
{
"registerName": "rax",
"previousValue": "8000000",
"newValue": "8009300"
}
],
"memoryChanges": []
},
"instructionErrors": [
{
"index": 0,
"message": "newValue mismatch",
"x64dbg": "8008300",
"scemu": "8009300"
}
]
},
brandonros commented
brandonros commented
3166 0x144f474db: lahf
diff_flags: pos = 3165 rip = 144f474db in = 293 out = 293
diff_reg: pos = 3165 rip = 144f474db rax 8000000 -> 8009300;
rax: 0x8009300 rbx: 0x5370 rcx: 0x9d46c36d044f92e0 rdx: 0x7348a241ed2c3823 rsi: 0x14f490 rdi: 0x144e47126 rbp: 0x144f474a4 rsp: 0x14f290
r8: 0x50 r9: 0xfffffffffff9eca2 r10: 0x14f3d0 r11: 0x9d46c36de8d57392 r12: 0x1448a76a4 r13: 0x0 r14: 0x140000000 r15: 0x0
r8u: 0x0 r9u: 0xffffffff r10u: 0x0 r11u: 0x9d46c36d r12u: 0x1 r13u: 0x0 r14u: 0x1 r15u: 0x0
r8d: 0x50 r9d: 0xfff9eca2 r10d: 0x14f3d0 r11d: 0xe8d57392 r12d: 0x448a76a4 r13d: 0x0 r14d: 0x40000000 r15d: 0x0
r8w: 0x50 r9w: 0xeca2 r10w: 0xf3d0 r11w: 0x7392 r12w: 0x76a4 r13w: 0x0 r14w: 0x0 r15w: 0x0
r8l: 0x50 r9l: 0xa2 r10l: 0xd0 r11l: 0x92 r12l: 0xa4 r13l: 0x0 r14l: 0x0 r15l: 0x0
zf: false pf: false af: true of: false sf: true df: false cf: true tf: false if: true nt: false
brandonros commented
zf: false pf: false af: true
of: false sf: true df: false
cf: true tf: false if: true
nt: false
brandonros commented
af should be false
coming from
3165 0x144f474d8: neg rcx
diff_flags: pos = 3164 rip = 144f474d8 in = 203 out = 293 f_af 0 -> 1; f_sf 0 -> 1;
diff_reg: pos = 3164 rip = 144f474d8 rcx 62b93c92fbb06d20 -> 9d46c36d044f92e0;
rax: 0x8000000 rbx: 0x5370 rcx: 0x9d46c36d044f92e0 rdx: 0x7348a241ed2c3823 rsi: 0x14f490 rdi: 0x144e47126 rbp: 0x144f474a4 rsp: 0x14f290
r8: 0x50 r9: 0xfffffffffff9eca2 r10: 0x14f3d0 r11: 0x9d46c36de8d57392 r12: 0x1448a76a4 r13: 0x0 r14: 0x140000000 r15: 0x0
r8u: 0x0 r9u: 0xffffffff r10u: 0x0 r11u: 0x9d46c36d r12u: 0x1 r13u: 0x0 r14u: 0x1 r15u: 0x0
r8d: 0x50 r9d: 0xfff9eca2 r10d: 0x14f3d0 r11d: 0xe8d57392 r12d: 0x448a76a4 r13d: 0x0 r14d: 0x40000000 r15d: 0x0
r8w: 0x50 r9w: 0xeca2 r10w: 0xf3d0 r11w: 0x7392 r12w: 0x76a4 r13w: 0x0 r14w: 0x0 r15w: 0x0
r8l: 0x50 r9l: 0xa2 r10l: 0xd0 r11l: 0x92 r12l: 0xa4 r13l: 0x0 r14l: 0x0 r15l: 0x0
zf: false pf: false af: true of: false sf: true df: false cf: true tf: false if: true nt: false
brandonros commented
af should be false
coming from
3165 0x144f474d8: neg rcx diff_flags: pos = 3164 rip = 144f474d8 in = 203 out = 293 f_af 0 -> 1; f_sf 0 -> 1; diff_reg: pos = 3164 rip = 144f474d8 rcx 62b93c92fbb06d20 -> 9d46c36d044f92e0; rax: 0x8000000 rbx: 0x5370 rcx: 0x9d46c36d044f92e0 rdx: 0x7348a241ed2c3823 rsi: 0x14f490 rdi: 0x144e47126 rbp: 0x144f474a4 rsp: 0x14f290 r8: 0x50 r9: 0xfffffffffff9eca2 r10: 0x14f3d0 r11: 0x9d46c36de8d57392 r12: 0x1448a76a4 r13: 0x0 r14: 0x140000000 r15: 0x0 r8u: 0x0 r9u: 0xffffffff r10u: 0x0 r11u: 0x9d46c36d r12u: 0x1 r13u: 0x0 r14u: 0x1 r15u: 0x0 r8d: 0x50 r9d: 0xfff9eca2 r10d: 0x14f3d0 r11d: 0xe8d57392 r12d: 0x448a76a4 r13d: 0x0 r14d: 0x40000000 r15d: 0x0 r8w: 0x50 r9w: 0xeca2 r10w: 0xf3d0 r11w: 0x7392 r12w: 0x76a4 r13w: 0x0 r14w: 0x0 r15w: 0x0 r8l: 0x50 r9l: 0xa2 r10l: 0xd0 r11l: 0x92 r12l: 0xa4 r13l: 0x0 r14l: 0x0 r15l: 0x0 zf: false pf: false af: true of: false sf: true df: false cf: true tf: false if: true nt: false
i think i was wrong and af needs to be true?
brandonros commented
4E5 | 0000000144ECEC31 | 48:F7D9 | neg rcx | rcx: 8BDA99A706D29452-> 74256658F92D6BAE rflags: A07-> 213 | |
rcx = 8BDA99A706D29452
still not working right
brandonros commented
fixed