Capstone displacement size is incorrect

[HacMan137]

I'm running into a weird issue with capstone where the following instruction:

66 0F 6F 05 DC A7 01 00

is presented as movdqa xmm0, xmmword ptr [rip + 0x1a7dc], however the disp_size value is 2 and disp_offset is 4. These two things do not agree with each other, because if the disp_size was 2 then the displacement bytes would be DC A7, which, when sign-extended would give a value of -22564 which should be added to the current value of rip. However, the string disassembly clearly shows the displacement as 0x1a7dc. After verifying against objdump and GDB, I can see that 0x1a7dc is the correct displacement value. This means that the disp_size should be coming back as 4, not 2.

Unless I'm missing something?

Tested with Capstone 5.0.5

Work environment

Questions	Answers
System Capstone runs on OS/arch/bits	PopOS x86-64
Capstone module affected	x86
Source of Capstone	git clone
Version/git commit	v5.0.5:55261253c3f14d957c58382df82e61123dad45b9

Instruction bytes giving faulty results

66 0F 6F 05 DC A7 01 00

Expected results

It should be:

disp_size=4

Steps to get the wrong result

With Python

CODE = b'\x66\x0F\x6F\x05\xDC\xA7\x01\x00'

md = Cs(CS_ARCH_X86, CS_MODE_64)
md.detail = True
for insn in md.disasm(CODE, 0x1000):
  print(insn.disp_size)

[Rot127]

Please use the issue template for bugs. Also, see the following discussion: #2505

[HacMan137]

Please use the issue template for bugs. Also, see the following discussion: #2505

Apologies - should be better now