Support Compressed Instructions about bn-riscv HOT 10 OPEN

@fabianfreyer curl https://keybase.io/f0rki/pgp_keys.asc | gpg --import then [email protected] if you really insist on pgp :P

from bn-riscv.

capstone-engine/capstone#1682 was merged, closing capstone-engine/capstone#1594. What would need to happen for this to work?

from bn-riscv.

You're right. I missed that. I did a quick check with the latest capstone from the next branch and adapted the lifter a bit.

The compressed instructions are prefixed with c. and mostly omit the first parameter compared to the uncompressed version, i.e. c.add rX, rY is equal to add rX, rX, rY so the lifting should work for many of the compressed instructions by simply prepending op[0] to the list of operands.

Check out the latest commit, which contains some progress but is far from complete.

from bn-riscv.

hmm, I'm having trouble even getting these disassembled. For example, the following compressed bytes disassemble fine using capstone directly:

>>> CODE=b"]q\x86\xc6\xa2\xc4\xa6\xc2\xca\xc0."
>>> from capstone import *
>>> md = Cs(CS_ARCH_RISCV, CS_MODE_RISCV64 | CS_MODE_RISCVC)
>>> list(md.disasm(CODE, 0xffd005be))
[<CsInsn 0xffd005be [5d71]: c.addi16sp sp, -0x50>, <CsInsn 0xffd005c0 [86c6]: c.swsp ra, 0x4c(sp)>, <CsInsn 0xffd005c2 [a2c4]: c.swsp s0, 0x48(sp)>, <CsInsn 0xffd005c4 [a6c2]: c.swsp s1, 0x44(sp)>, <CsInsn 0xffd005c6 [cac0]: c.swsp s2, 0x40(sp)>]

However, in the disassembly view, they don't appear:

from bn-riscv.

@fabianfreyer could you post the binary you are testing on here in this issue? otherwise it is hard to reproduce the problem.

I think addi16sp is not lifted at all currently, but this doesn't explain what you are seeing as it should be disassembled. However, I am also not sure what you are seeing is an issue of this plugin? Is bn-riscv using the right capstone?

from bn-riscv.

I'll send you a binary that exhibits this problem - to the email address at https://f0rki.at/pages/about.html?

Is bn-riscv using the right capstone?

the IL above is from the bn python view, so yes, it seems so?

I don't mind adding to the lifter, I'd just like to see it disassemble first ;)

from bn-riscv.

strange. Yeah you can send it to me via mail or directly attach it to this issue if the binary is public (just drag and drop should work).

from bn-riscv.

Ah, can't find it on the webpage - there seems to be no sidebar? Also your gpg key 404's ;)

from bn-riscv.

@fabianfreyer I can't reproduce this. I am using binary ninja 2.1.2475-dev (Build ID c7d4e572) + today's capstone next branch.

from bn-riscv.

weird, also using the same capstone, just installed it again.

Either way, you're probably right and this is not an issue with this plugin. I'll dig into that separately then. Thanks for double-checking!

from bn-riscv.