Rizin
unix-like reverse engineering framework and cli tools
Functions | Variables
analysis_cris.c File Reference
#include <rz_asm.h>
#include <rz_lib.h>

Go to the source code of this file.

Functions

static int analop (RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf, int len, RzAnalysisOpMask mask)
 
static char * get_reg_profile (RzAnalysis *analysis)
 

Variables

RzAnalysisPlugin rz_analysis_plugin_cris
 
RZ_API RzLibStruct rizin_plugin
 

Function Documentation

◆ analop()

static int analop ( RzAnalysis a,
RzAnalysisOp op,
ut64  addr,
const ut8 buf,
int  len,
RzAnalysisOpMask  mask 
)
static

Definition at line 7 of file analysis_cris.c.

7  {
8  int opsize = -1;
9  op->type = -1;
10  opsize = 2;
11  switch (buf[0]) {
12  case 0x3f:
13  case 0x4f:
14  op->type = RZ_ANALYSIS_OP_TYPE_MOV;
15  opsize = 4;
16  break;
17  case 0x6f:
18  op->type = RZ_ANALYSIS_OP_TYPE_MOV;
19  opsize = 6;
20  break;
21  case 0x7f:
22  op->type = RZ_ANALYSIS_OP_TYPE_LEA;
23  if (len > 5) {
24  op->ptr = buf[2];
25  op->ptr |= buf[3] << 8;
26  op->ptr |= buf[4] << 16;
27  op->ptr |= ((ut32)(0xff & buf[5])) << 24;
28  op->ptr += addr;
29  opsize = 6;
30  } else {
31  // error
32  op->ptr = UT64_MAX;
33  }
34  break;
35  case 0xbf: // bsr
36  op->type = RZ_ANALYSIS_OP_TYPE_CALL;
37  if (len > 5) {
38  st32 delta = buf[2];
39  delta |= buf[3] << 8;
40  delta |= buf[4] << 16;
41  delta |= buf[5] << 24;
42  op->jump = addr + delta;
43  } else {
44  op->jump = UT64_MAX;
45  }
46  op->fail = addr + 6;
47  opsize = 6;
48  break;
49  case 0x00:
50  if (buf[1] == 0x00) {
51  op->type = RZ_ANALYSIS_OP_TYPE_TRAP;
52  } else {
53  op->type = RZ_ANALYSIS_OP_TYPE_JMP;
54  {
55  st8 delta = buf[0];
56  op->jump = addr + delta;
57  }
58  }
59  break;
60  case 0xf0:
61  if (buf[1] == 0xb9) {
62  op->type = RZ_ANALYSIS_OP_TYPE_RET;
63  }
64  break;
65  default:
66  switch (buf[1]) {
67  case 0x00:
68  op->type = RZ_ANALYSIS_OP_TYPE_CJMP; // BCC
69  break;
70  case 0xf3:
71  op->type = RZ_ANALYSIS_OP_TYPE_SHR;
72  break;
73  case 0x96: // move.d r, r
74  if (buf[0] >= 0xc0) {
75  op->type = RZ_ANALYSIS_OP_TYPE_CMP;
76  } else {
77  op->type = RZ_ANALYSIS_OP_TYPE_MOV;
78  }
79  break;
80  case 0xf2:
81  case 0x0b:
82  case 0x72:
83  op->type = RZ_ANALYSIS_OP_TYPE_CMP;
84  break;
85  case 0x05:
86  if (buf[0] == 0xb0) {
87  op->type = RZ_ANALYSIS_OP_TYPE_NOP;
88  }
89  break;
90  case 0x01:
91  case 0x02:
92  case 0xc2:
93  case 0xf5:
94  case 0x91:
95  case 0x41:
96  case 0x61:
97  case 0x65:
98  op->type = RZ_ANALYSIS_OP_TYPE_ADD;
99  break;
100  case 0x12:
101  case 0xf6:
102  case 0xe2:
103  op->type = RZ_ANALYSIS_OP_TYPE_SUB;
104  break;
105  case 0x82: // moveq i, r
106  case 0xba: // move.d [r], r
107  case 0xeb: // move.d r, [r]
108  case 0xc6: // move.d r, r
109  case 0x92: // moveq i, r
110  case 0x9b: // move.d i, r
111  case 0xbe: // move [sp+], srp
112  case 0x06:
113  case 0x26:
114  case 0xfb:
115  case 0x9a:
116  case 0xb2:
117  case 0xda:
118  case 0x2b:
119  case 0x6f:
120  case 0xa2:
121  case 0x2f:
122  case 0x8b:
123  case 0x1b:
124  case 0xaa:
125  case 0xa6:
126  case 0xb6:
127  op->type = RZ_ANALYSIS_OP_TYPE_MOV;
128  break;
129  case 0xe0:
130  op->type = RZ_ANALYSIS_OP_TYPE_JMP;
131  {
132  st8 delta = buf[0];
133  op->jump = addr + delta;
134  }
135  break;
136  case 0x10:
137  case 0x30:
138  case 0x20:
139  case 0x2d:
140  op->type = RZ_ANALYSIS_OP_TYPE_CJMP;
141  op->jump = addr + buf[0];
142  op->fail = addr + 2; // delay slot here?
143  break;
144  case 0xbf:
145  op->type = RZ_ANALYSIS_OP_TYPE_CALL; // bsr
146  break;
147  case 0xb9:
148  op->type = RZ_ANALYSIS_OP_TYPE_UJMP; // jsr reg
149  break;
150  }
151  }
152 #if 0
153  switch (*buf) {
154  case 0x3f: // adds.w N, R
155  opsize = 4;
156  case 0x01:
157  case 0x53: // addi, acr.w, r3, acr
158  case 0x04:
159  case 0x61:
160  case 0x62:
161  case 0x63:
162  op->type = RZ_ANALYSIS_OP_TYPE_ADD;
163  break;
164  case 0x88:
165  case 0x84:
166  case 0x81:
167  case 0x8c:
168  case 0xad:
169  op->type = RZ_ANALYSIS_OP_TYPE_SUB;
170  break;
171  case 0x7f: // lapc <addr>, <reg>
172  op->type = RZ_ANALYSIS_OP_TYPE_LEA;
173  break;
174  case 0xcf:
175  case 0xbe:
176  case 0x60:
177  case 0x6f:
178  case 0x6a: // move.d reg, reg
179  case 0x7e:
180  case 0xfe:
181  op->type = RZ_ANALYSIS_OP_TYPE_MOV;
182  break;
183  case 0x00:
184  op->type = RZ_ANALYSIS_OP_TYPE_JMP;
185  // jsr acr
186  break;
187  case 0xff:
188  opsize = 6;
189  case 0x14:
190  case 0x0e:
191  case 0x1a:
192  case 0x9c:
193  case 0x6d: // bne
194  op->type = RZ_ANALYSIS_OP_TYPE_CJMP;
195  // jsr acr
196  break;
197  case 0xbf:
198  opsize = 6;
199  case 0xb1:
200  case 0xb2:
201  case 0xb3:
202  case 0xb4:
203  case 0xb5:
204  case 0xb6:
205  case 0xb7:
206  case 0xb8:
207  case 0xb9:
208  op->type = RZ_ANALYSIS_OP_TYPE_UJMP;
209  // jsr acr
210  break;
211  case 0x8f: // test.b [acr]
212  case 0xc0:
213  case 0xe1:
214  case 0xaa:
215  op->type = RZ_ANALYSIS_OP_TYPE_CMP;
216  break;
217  default:
218  switch (*w) {
219  case 0xb0b9:
220  op->type = RZ_ANALYSIS_OP_TYPE_CJMP;
221  break;
222  case 0xb005:
223  case 0x05b0:
224  op->type = RZ_ANALYSIS_OP_TYPE_NOP;
225  break;
226  case 0xf0b9:
227  case 0xb9f0:
228  op->type = RZ_ANALYSIS_OP_TYPE_RET;
229  break;
230  default:
231  op->type = RZ_ANALYSIS_OP_TYPE_MOV;
232  break;
233  }
234  }
235 #endif
236  op->size = opsize;
237  // op->delay = 1;
238  return opsize;
239 }
len
size_t len
Definition: 6502dis.c:15
w
#define w
Definition: crypto_rc6.c:13
ut32
uint32_t ut32
Definition: demangler_util.h:31
buf
voidpf void * buf
Definition: ioapi.h:138
RZ_ANALYSIS_OP_TYPE_CMP
@ RZ_ANALYSIS_OP_TYPE_CMP
Definition: rz_analysis.h:399
RZ_ANALYSIS_OP_TYPE_SUB
@ RZ_ANALYSIS_OP_TYPE_SUB
Definition: rz_analysis.h:402
RZ_ANALYSIS_OP_TYPE_JMP
@ RZ_ANALYSIS_OP_TYPE_JMP
Definition: rz_analysis.h:368
RZ_ANALYSIS_OP_TYPE_UJMP
@ RZ_ANALYSIS_OP_TYPE_UJMP
Definition: rz_analysis.h:369
RZ_ANALYSIS_OP_TYPE_TRAP
@ RZ_ANALYSIS_OP_TYPE_TRAP
Definition: rz_analysis.h:392
RZ_ANALYSIS_OP_TYPE_CALL
@ RZ_ANALYSIS_OP_TYPE_CALL
Definition: rz_analysis.h:378
RZ_ANALYSIS_OP_TYPE_ADD
@ RZ_ANALYSIS_OP_TYPE_ADD
Definition: rz_analysis.h:401
RZ_ANALYSIS_OP_TYPE_SHR
@ RZ_ANALYSIS_OP_TYPE_SHR
Definition: rz_analysis.h:406
RZ_ANALYSIS_OP_TYPE_CJMP
@ RZ_ANALYSIS_OP_TYPE_CJMP
Definition: rz_analysis.h:373
RZ_ANALYSIS_OP_TYPE_MOV
@ RZ_ANALYSIS_OP_TYPE_MOV
Definition: rz_analysis.h:390
RZ_ANALYSIS_OP_TYPE_RET
@ RZ_ANALYSIS_OP_TYPE_RET
Definition: rz_analysis.h:385
RZ_ANALYSIS_OP_TYPE_NOP
@ RZ_ANALYSIS_OP_TYPE_NOP
Definition: rz_analysis.h:389
RZ_ANALYSIS_OP_TYPE_LEA
@ RZ_ANALYSIS_OP_TYPE_LEA
Definition: rz_analysis.h:417
st8
#define st8
Definition: rz_types_base.h:16
UT64_MAX
#define UT64_MAX
Definition: rz_types_base.h:86
st32
#define st32
Definition: rz_types_base.h:12
op
Definition: dis.c:32
delta
static st64 delta
Definition: vmenus.c:2425
addr
static int addr
Definition: z80asm.c:58

References addr, delta, len, RZ_ANALYSIS_OP_TYPE_ADD, RZ_ANALYSIS_OP_TYPE_CALL, RZ_ANALYSIS_OP_TYPE_CJMP, RZ_ANALYSIS_OP_TYPE_CMP, RZ_ANALYSIS_OP_TYPE_JMP, RZ_ANALYSIS_OP_TYPE_LEA, RZ_ANALYSIS_OP_TYPE_MOV, RZ_ANALYSIS_OP_TYPE_NOP, RZ_ANALYSIS_OP_TYPE_RET, RZ_ANALYSIS_OP_TYPE_SHR, RZ_ANALYSIS_OP_TYPE_SUB, RZ_ANALYSIS_OP_TYPE_TRAP, RZ_ANALYSIS_OP_TYPE_UJMP, st32, st8, UT64_MAX, and w.

◆ get_reg_profile()

static char* get_reg_profile ( RzAnalysis analysis)
static

Definition at line 241 of file analysis_cris.c.

241  {
242  const char *p =
243  "=PC pc\n"
244  "=SP r14\n" // XXX
245  "=BP srp\n" // XXX
246  "=A0 r0\n"
247  "=A1 r1\n"
248  "=A2 r2\n"
249  "=A3 r3\n"
250  "gpr sp .32 56 0\n" // r14
251  "gpr acr .32 60 0\n" // r15
252  "gpr pc .32 64 0\n" // r16 // out of context
253  "gpr srp .32 68 0\n" // like rbp on x86 // out of context
254  // GPR
255  "gpr r0 .32 0 0\n"
256  "gpr r1 .32 4 0\n"
257  "gpr r2 .32 8 0\n"
258  "gpr r3 .32 12 0\n"
259  "gpr r4 .32 16 0\n"
260  "gpr r5 .32 20 0\n"
261  "gpr r6 .32 24 0\n"
262  "gpr r7 .32 28 0\n"
263  "gpr r8 .32 32 0\n"
264  "gpr r9 .32 36 0\n"
265  "gpr r10 .32 40 0\n"
266  "gpr r11 .32 44 0\n"
267  "gpr r12 .32 48 0\n"
268  "gpr r13 .32 52 0\n"
269 
270  // STACK POINTER
271  "gpr r14 .32 56 0\n"
272  "gpr r15 .32 60 0\n"
273  // ADD P REGISTERS
274  ;
275  return strdup(p);
276 }
p
void * p
Definition: libc.cpp:67
strdup
return strdup("=SP r13\n" "=LR r14\n" "=PC r15\n" "=A0 r0\n" "=A1 r1\n" "=A2 r2\n" "=A3 r3\n" "=ZF zf\n" "=SF nf\n" "=OF vf\n" "=CF cf\n" "=SN or0\n" "gpr lr .32 56 0\n" "gpr pc .32 60 0\n" "gpr cpsr .32 64 0 ____tfiae_________________qvczn\n" "gpr or0 .32 68 0\n" "gpr tf .1 64.5 0 thumb\n" "gpr ef .1 64.9 0 endian\n" "gpr jf .1 64.24 0 java\n" "gpr qf .1 64.27 0 sticky_overflow\n" "gpr vf .1 64.28 0 overflow\n" "gpr cf .1 64.29 0 carry\n" "gpr zf .1 64.30 0 zero\n" "gpr nf .1 64.31 0 negative\n" "gpr itc .4 64.10 0 if_then_count\n" "gpr gef .4 64.16 0 great_or_equal\n" "gpr r0 .32 0 0\n" "gpr r1 .32 4 0\n" "gpr r2 .32 8 0\n" "gpr r3 .32 12 0\n" "gpr r4 .32 16 0\n" "gpr r5 .32 20 0\n" "gpr r6 .32 24 0\n" "gpr r7 .32 28 0\n" "gpr r8 .32 32 0\n" "gpr r9 .32 36 0\n" "gpr r10 .32 40 0\n" "gpr r11 .32 44 0\n" "gpr r12 .32 48 0\n" "gpr r13 .32 52 0\n" "gpr r14 .32 56 0\n" "gpr r15 .32 60 0\n" "gpr r16 .32 64 0\n" "gpr r17 .32 68 0\n")

References p, and strdup().

Variable Documentation

◆ rizin_plugin

RZ_API RzLibStruct rizin_plugin
Initial value:
= {
.type = RZ_LIB_TYPE_ANALYSIS,
.data = &rz_analysis_plugin_cris,
.version = RZ_VERSION
}
rz_analysis_plugin_cris
RzAnalysisPlugin rz_analysis_plugin_cris
Definition: analysis_cris.c:278
RZ_LIB_TYPE_ANALYSIS
@ RZ_LIB_TYPE_ANALYSIS
Definition: rz_lib.h:73
RZ_VERSION
#define RZ_VERSION
Definition: rz_version.h:8
rz_analysis_plugin_t::version
const char * version
Definition: rz_analysis.h:1239

Definition at line 290 of file analysis_cris.c.

◆ rz_analysis_plugin_cris

RzAnalysisPlugin rz_analysis_plugin_cris
Initial value:
= {
.name = "cris",
.desc = "Axis Communications 32-bit embedded processor",
.license = "LGPL3",
.esil = false,
.arch = "cris",
.get_reg_profile = get_reg_profile,
.bits = 32,
.op = &analop,
}
get_reg_profile
static char * get_reg_profile(RzAnalysis *analysis)
Definition: analysis_cris.c:241
analop
static int analop(RzAnalysis *a, RzAnalysisOp *op, ut64 addr, const ut8 *buf, int len, RzAnalysisOpMask mask)
Definition: analysis_cris.c:7

Definition at line 278 of file analysis_cris.c.