Skip to content

sysret should be considered a terminator #6628

New issue
New issue
Closed
Bug
Closed
sysret should be considered a terminator#6628
Bug
Assignees
galenbwill
Labels
Arch: x86Issues with the x86/x64 architecture pluginComponent: ArchitectureIssue needs changes to an architecture pluginEffort: TrivialIssues require < 1 day of workImpact: MediumIssue is impactful with a bad, or no, workaround
Milestone
Helion
@whitequark

Description

@whitequark
whitequark
opened on Apr 12, 2025

Version and Platform (required):

  • Binary Ninja Version: 5.0.7208-dev Personal (9967e4cb)
  • OS: Windows
  • OS Version: 10
  • CPU Architecture: x64

Bug Description:
sysret sets RIP to RCX and so it should be considered a function terminator (not merely a basic block terminator, as it currently is, with a fallthrough to the next instruction).

Steps To Reproduce:

  1. Open sysret.bin
  2. Create an x86_64 function at offset 0

Expected Behavior:
A function with two instructions: swapgs; sysret.

Screenshots/Video Recording:
This is what it currently looks like:

Image

Binary:
sysret.zip

Metadata

Metadata

Assignees

Labels

Arch: x86Issues with the x86/x64 architecture pluginComponent: ArchitectureIssue needs changes to an architecture pluginEffort: TrivialIssues require < 1 day of workImpact: MediumIssue is impactful with a bad, or no, workaround

Type

Bug

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions