Skip to content

Commit

Permalink
Fix disasm if first instruction is at a map boundary. (#4718)
Browse files Browse the repository at this point in the history
  • Loading branch information
Rot127 authored Nov 17, 2024
1 parent 9ef17a4 commit 6ec0249
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 8 deletions.
14 changes: 6 additions & 8 deletions librz/arch/isa/hexagon/hexagon_arch.c
Original file line number Diff line number Diff line change
Expand Up @@ -1152,7 +1152,7 @@ static RZ_BORROW HexInsnContainer *decode_hic(HexState *state, HexReversedOpcode
// Add to state as not yet fully decoded packet.
HexInsnContainer *hic = hex_add_hic_to_state(state, &hic_new);
if (!hic) {
RZ_LOG_ERROR("Could not add incsturction container to state.\n");
RZ_LOG_ERROR("Could not add instruction container to state.\n");
return NULL;
}
HexPkt *p = hex_get_pkt(state, hic->addr);
Expand Down Expand Up @@ -1189,7 +1189,8 @@ static ut64 get_pre_decoding_start(RZ_BORROW RzBuffer *buffer, ut64 addr) {
ut8 tmp[HEX_INSN_SIZE] = { 0 };
ut32 bytes = rz_buf_read(buffer, tmp, 4);
if (bytes != HEX_INSN_SIZE) {
return addr;
// Read over the mapped buffer.
return addr + HEX_INSN_SIZE;
}
ut32 data = rz_read_le32(tmp);
is_last_insn = is_last_instr(HEX_PARSE_BITS_FROM_UT32(data));
Expand Down Expand Up @@ -1272,8 +1273,9 @@ RZ_API void hexagon_reverse_opcode(HexReversedOpcode *rz_reverse, const ut64 add
RZ_LOG_DEBUG("Could not seek to address: 0x%" PFMT64x ". Attempting to read out of mapped memory region?\n", addr);
return;
}

ut64 initial_buffer_offset = rz_buf_tell(buffer);
ut64 current_addr = get_pre_decoding_start(buffer, addr);
rz_buf_seek(buffer, current_addr, RZ_BUF_SET);

HexInsnContainer *hic = NULL;
// Do pre- and post-decoding to know the context.
Expand All @@ -1294,16 +1296,12 @@ RZ_API void hexagon_reverse_opcode(HexReversedOpcode *rz_reverse, const ut64 add
}
}

if (current_addr > addr) {
// Go back to bytes of the actual instruction.
rz_buf_seek(buffer, -(current_addr - addr), RZ_BUF_CUR);
}

hic = hex_get_hic_at_addr(state, addr);
if (!hic) {
// Should have been decoded before. Maybe a race condition
// if the same RzCore is used by several threads via a plugin and
// the hic was already pushed out of the buffer by other decodings.
rz_buf_seek(buffer, initial_buffer_offset, RZ_BUF_SET);
hic = decode_hic(state, rz_reverse, buffer, addr);
}
if (!hic) {
Expand Down
12 changes: 12 additions & 0 deletions test/db/analysis/hexagon
Original file line number Diff line number Diff line change
Expand Up @@ -1503,3 +1503,15 @@ EXPECT=<<EOF
0x53c8 (seq empty (set jump_flag false) (set jump_target (bv 32 0xffffffff)) (set s (bv 32 0x4)) (set R4_tmp (cast 32 false (cast 32 false (+ (var R4) (var s))))) (set u (bv 32 0x3f)) (set P0_tmp (cast 8 false (cast 8 (msb (ite (! (ule (cast 32 false (var R5)) (var u))) (bv 32 0xff) (bv 32 0x0))) (ite (! (ule (cast 32 false (var R5)) (var u))) (bv 32 0xff) (bv 32 0x0))))) (set s (bv 32 0xb)) (branch (! (is_zero (& (cast 32 (msb (var P0_tmp)) (var P0_tmp)) (bv 32 0x1)))) (set R16_tmp (cast 32 false (cast 32 false (var s)))) nop) (set r (bv 32 0xffffffec)) (branch (! (! (is_zero (& (cast 32 (msb (var P0_tmp)) (var P0_tmp)) (bv 32 0x1))))) (seq (set r (& (var r) (bv 32 0xfffffffc))) (set jump_flag true) (set jump_target (+ (bv 32 0x53c8) (cast 32 false (var r))))) empty) empty (set R4 (var R4_tmp)) (set R16 (var R16_tmp)) (set P0 (var P0_tmp)) (branch (var jump_flag) (jmp (var jump_target)) (jmp (bv 32 0x53d8))))
EOF
RUN

NAME=hexagon missig first instruction issue
FILE=bins/elf/hexagon/hexagon_discover_recurse
CMDS=<<EOF
pi 3
EOF
EXPECT=<<EOF
? allocframe(SP,#0x8):raw
[ R0 = add(FP,##-0x4)
[ memw(R0+#0x0) = ##-0x1
EOF
RUN

0 comments on commit 6ec0249

Please sign in to comment.