AVR: Fixed profile, (null) instruction and anal ##rizin

This commit is contained in:
wargio 2021-01-19 03:37:42 +01:00 committed by pancake
parent 4827f58ea6
commit 3de5f99e68
4 changed files with 299 additions and 15 deletions

View File

@ -1597,6 +1597,18 @@ OPCODE_DESC opcodes[] = {
INST_LAST
};
static void set_invalid_op(RAnalysisOp *op, ut64 addr) {
// Unknown or invalid instruction.
op->family = R_ANALYSIS_OP_FAMILY_UNKNOWN;
op->type = R_ANALYSIS_OP_TYPE_UNK;
op->addr = addr;
op->nopcode = 1;
op->cycles = 1;
op->size = 2;
// set an esil trap to prevent the execution of it
r_strbuf_set (&op->esil, "1,$");
}
static OPCODE_DESC* avr_op_analyze(RAnal *anal, RAnalOp *op, ut64 addr, const ut8 *buf, int len, CPU_MODEL *cpu) {
OPCODE_DESC *opcode_desc;
if (len < 2) {
@ -1646,7 +1658,7 @@ static OPCODE_DESC* avr_op_analyze(RAnal *anal, RAnalOp *op, ut64 addr, const ut
return opcode_desc;
}
}
#if 0
// ignore reserved opcodes (if they have not been caught by the previous loop)
if ((ins & 0xff00) == 0xff00 && (ins & 0xf) > 7) {
goto INVALID_OP;
@ -1664,6 +1676,10 @@ INVALID_OP:
// launch esil trap (for communicating upper layers about this weird
// and stinky situation
r_strbuf_set (&op->esil, "1,$");
#else
INVALID_OP:
set_invalid_op (op, addr);
#endif
return NULL;
}
@ -1674,8 +1690,18 @@ static int avr_op(RAnal *anal, RAnalOp *op, ut64 addr, const ut8 *buf, int len,
int size = -1;
char mnemonic[32] = {0};
if (!op) {
return avr_decode (mnemonic, addr, buf, len);
set_invalid_op (op, addr);
size = avr_decode (mnemonic, addr, buf, len);
if (!strcmp (mnemonic, "invalid") ||
!strcmp (mnemonic, "truncated")) {
op->eob = true;
op->mnemonic = strdup(mnemonic);
size = -2;
}
if (!op || size < 0) {
return size;
}
// select cpu info
@ -1701,14 +1727,8 @@ static int avr_op(RAnal *anal, RAnalOp *op, ut64 addr, const ut8 *buf, int len,
// process opcode
avr_op_analyze (anal, op, addr, buf, len, cpu);
if ((size = avr_decode (mnemonic, addr, buf, len)) > 0) {
if (*mnemonic == '.') {
op->mnemonic = strdup("invalid");
} else {
op->mnemonic = strdup(mnemonic);
}
op->size = size;
}
op->mnemonic = strdup(mnemonic);
op->size = size;
return size;
}
@ -1921,6 +1941,7 @@ static int esil_avr_fini(RAnalEsil *esil) {
static bool set_reg_profile(RAnal *anal) {
const char *p =
"=PC pcl\n"
"=SN r24\n"
"=SP sp\n"
"=BP y\n"
// explained in http://www.nongnu.org/avr-libc/user-manual/FAQ.html

View File

@ -8,12 +8,18 @@ int avr_decode (char *out, ut64 addr, cut8 *buf, int len) {
disassembledInstruction dins;
assembledInstruction ins;
avrDisassembleContext context = { 0 };
int opsize = 2;
if (len < 2) {
strcpy (out, "truncated");
return -1;
}
// be sure that the buffer is always set.
ins.address = addr;
ins.opcode = (buf[0] | buf[1] << 8); // | (buf[2]<<16) | (buf[3]<<24);
out[0] = 0;
if (disassembleInstruction (&context, &dins, ins)) {
strcpy (out, "invalid");
return -1;
@ -38,11 +44,13 @@ int avr_decode (char *out, ut64 addr, cut8 *buf, int len) {
strcpy (out, "invalid");
return -1;
}
return 4;
}
if (printDisassembledInstruction (&context, out, dins, opt) < 0) {
opsize = 4;
} else if (printDisassembledInstruction (&context, out, dins, opt) < 0) {
strcpy (out, "invalid");
return -1;
}
return 2;
if (out[0] == '.' || !out[0]) {
strcpy (out, "invalid");
}
return opsize;
}

View File

@ -591,3 +591,257 @@ EXPECT=<<EOF
0x00000032 0x00000040 00:0000 14
EOF
RUN
NAME=avr no warnings.
FILE=bins/firmware/arduino_avr.bin
CMDS=<<EOF
e asm.arch=avr
s 0x2ee8
af
aae
EOF
EXPECT=<<EOF
EOF
EXPECT_ERR=<<EOF
EOF
RUN
NAME=avr stop anal when invalid instruction is found
FILE=bins/firmware/arduino_avr.bin
BROKEN=1
CMDS=<<EOF
e asm.arch=avr
aaa
f
EOF
EXPECT=<<EOF
0x00000000 2 r1_r0
0x00000000 2 r17_r16
0x00000000 2 r19_r18
0x00000000 2 r21_rz0
0x00000000 2 r23_rz2
0x00000000 2 r25_rz4
0x00000000 2 r27_rz6
0x00000000 2 r31_r30
0x00000000 2 x
0x00000000 2 z
0x00000000 2 pch
0x00000000 1 r0
0x00000000 1 r1
0x00000000 1 r2
0x00000000 1 r3
0x00000000 1 r4
0x00000000 1 r5
0x00000000 1 r6
0x00000000 1 r7
0x00000000 1 r8
0x00000000 1 r9
0x00000000 1 r10
0x00000000 1 r11
0x00000000 1 r12
0x00000000 1 r13
0x00000000 1 r14
0x00000000 1 r15
0x00000000 1 r16
0x00000000 1 r17
0x00000000 1 r18
0x00000000 1 r19
0x00000000 1 r20
0x00000000 1 r21
0x00000000 1 r22
0x00000000 1 r23
0x00000000 1 r24
0x00000000 1 r25
0x00000000 1 r26
0x00000000 1 r27
0x00000000 1 r28
0x00000000 1 r30
0x00000000 1 r31
0x00000000 1 spl
0x00000000 1 sreg
0x00000000 1 rampx
0x00000000 1 rampy
0x00000000 1 rampz
0x00000000 1 rampd
0x00000000 1 eind
0x00000000 1 spmcsr
0x00000066 4 aav.0x00000066
0x00000080 1 r29
0x00000080 1 sph
0x00000158 13478 entry0
0x00000158 2 pcl
0x000001ba 188 fcn.000001ba
0x000001d0 1 syscall.read.2
0x00000260 1 syscall.read.3
0x0000029e 164 fcn.0000029e
0x000002ae 1 syscall.read.5
0x000002f2 1 syscall.inotify_rm_watch.1
0x00000318 1 syscall.inotify_rm_watch.0
0x00000330 1 syscall.inotify_rm_watch
0x00000342 5256 fcn.00000342
0x00000360 152 fcn.00000360
0x0000036c 1 syscall.read.26
0x00000390 4 aav.0x00000390
0x000003ea 1 syscall.read.27
0x0000048c 24 fcn.0000048c
0x0000048e 1 syscall.read.19
0x000004a4 72 fcn.000004a4
0x000004a6 1 syscall.read.6
0x000004ec 76 fcn.000004ec
0x00000504 4 aav.0x00000504
0x0000054e 84 fcn.0000054e
0x0000054e 1 syscall.read.25
0x000005a2 78 fcn.000005a2
0x000005f0 114 fcn.000005f0
0x0000062a 1 syscall.uname
0x0000062e 1 syscall.rt_sigprocmask
0x0000063e 1 syscall.uname.1
0x00000644 1 syscall.rt_sigprocmask.0
0x00000652 1 syscall.uname.0
0x00000662 108 fcn.00000662
0x000006ae 1 syscall.read.4
0x000006b6 1 syscall.sched_rr_get_interval
0x00000770 44 fcn.00000770
0x0000079c 74 fcn.0000079c
0x000007e6 106 fcn.000007e6
0x00000854 14 fcn.00000854
0x00000862 20 fcn.00000862
0x00000876 40 fcn.00000876
0x000008e6 36 fcn.000008e6
0x00000952 178 fcn.00000952
0x00000972 1 syscall.read.7
0x000009e2 1 syscall.read.8
0x00000a04 148 fcn.00000a04
0x00000afc 26 fcn.00000afc
0x00000bae 240 fcn.00000bae
0x00000bf0 1 syscall.read.17
0x00000bf2 1 syscall.read.18
0x00000c90 1 syscall.read.40
0x00000c92 1 syscall.read.41
0x00000c94 1 syscall.read.42
0x00000c96 1 syscall.read.43
0x00000d2e 1 syscall.read.39
0x00000d78 4 aav.0x00000d78
0x00000dac 92 fcn.00000dac
0x00000e08 92 fcn.00000e08
0x00000e64 56 fcn.00000e64
0x00000e9c 12 fcn.00000e9c
0x00000ea8 198 fcn.00000ea8
0x00000ef4 1 syscall.read.22
0x00000f0c 1 syscall.read.21
0x00000f2e 1 syscall.read.20
0x00000fd0 206 fcn.00000fd0
0x00000ff0 1 syscall.read.24
0x00001018 1 syscall.read.23
0x0000110c 1 syscall.io_getevents
0x0000113a 136 fcn.0000113a
0x00001174 1 syscall.read.44
0x00001176 1 syscall.read.45
0x00001178 1 syscall.read.46
0x0000117a 1 syscall.read.47
0x00001202 12 fcn.00001202
0x0000120e 106 fcn.0000120e
0x00001238 1 syscall.read.1
0x00001294 24 fcn.00001294
0x00001296 10 fcn.00001296
0x000012c2 58 fcn.000012c2
0x000012d0 1 syscall.read.48
0x000012fc 26 fcn.000012fc
0x00001316 26 fcn.00001316
0x00001394 14 fcn.00001394
0x000013ee 14 fcn.000013ee
0x000013fc 48 fcn.000013fc
0x0000142c 12 fcn.0000142c
0x00001438 2 fcn.00001438
0x0000143c 54 int.0000143c
0x00001490 2 int.00001490
0x0000149e 16 fcn.0000149e
0x0000152c 34 fcn.0000152c
0x000017b6 1 syscall.write
0x00001b0c 36 fcn.00001b0c
0x00001b30 52 fcn.00001b30
0x00001b64 56 fcn.00001b64
0x00001b9c 66 fcn.00001b9c
0x00001bde 46 fcn.00001bde
0x00001c4e 48 fcn.00001c4e
0x00001c84 44 fcn.00001c84
0x00001e78 88 fcn.00001e78
0x00001efe 38 fcn.00001efe
0x00001f24 14 fcn.00001f24
0x00001f32 76 fcn.00001f32
0x00001f7e 100 fcn.00001f7e
0x00001f92 1 syscall.read.33
0x00001fcc 1 syscall.read.34
0x00001fe2 14 fcn.00001fe2
0x00001ff0 80 fcn.00001ff0
0x0000202a 1 syscall.read.32
0x00002040 102 fcn.00002040
0x00002054 1 syscall.read.35
0x00002090 1 syscall.read.36
0x000020a6 102 fcn.000020a6
0x000020ba 1 syscall.read.37
0x000020f6 1 syscall.read.38
0x0000220e 96 fcn.0000220e
0x0000246e 34 fcn.0000246e
0x000025dc 156 fcn.000025dc
0x0000268c 138 fcn.0000268c
0x00002818 34 fcn.00002818
0x00002a54 328 fcn.00002a54
0x00002c26 304 fcn.00002c26
0x00002d56 286 fcn.00002d56
0x00002ec2 1 syscall.read
0x00002ec8 16 fcn.00002ec8
0x00002ed8 16 fcn.00002ed8
0x00002ee8 16 fcn.00002ee8
0x00002ef8 6 fcn.00002ef8
0x00002f0a 36 fcn.00002f0a
0x00002f2e 22 fcn.00002f2e
0x00002f44 18 fcn.00002f44
0x00002f56 14 fcn.00002f56
0x00002f64 28 fcn.00002f64
0x00002f80 30 fcn.00002f80
0x00002f9e 22 fcn.00002f9e
0x00002fb4 52 fcn.00002fb4
0x00002fe8 44 fcn.00002fe8
0x0000300a 1 syscall.read.28
0x00003014 184 fcn.00003014
0x00003036 1 syscall.read.30
0x00003038 1 syscall.read.31
0x0000303a 1 syscall.inotify_rm_watch.4
0x00003048 42 fcn.00003048
0x00003072 24 fcn.00003072
0x00003098 1 syscall.read.29
0x000030cc 1182 fcn.000030cc
0x00003116 2 fcn.00003116
0x00003118 8 fcn.00003118
0x000031e0 8 fcn.000031e0
0x000031e8 4 fcn.000031e8
0x000032b8 10 fcn.000032b8
0x000032ba 1 syscall.read.12
0x000032c2 88 fcn.000032c2
0x0000330a 1 syscall.read.9
0x0000330c 1 syscall.read.10
0x0000330e 1 syscall.inotify_rm_watch.2
0x0000331a 4 fcn.0000331a
0x0000331a 1 syscall.read.11
0x0000331e 118 fcn.0000331e
0x0000331e 1 syscall.read.13
0x00003322 1 syscall.read.15
0x00003324 1 syscall.read.16
0x00003326 1 syscall.inotify_rm_watch.3
0x00003390 1 syscall.read.14
0x0000347e 8 fcn.0000347e
0x00003486 4 fcn.00003486
0x0000354c 8 fcn.0000354c
0x0000357a 12 int.0000357a
0x000035be 22 fcn.000035be
0x000035d4 8 fcn.000035d4
0x000035dc 30 fcn.000035dc
0x000035fa 1 syscall.read.0
0x00008000 2 r29_rz8
0x00008000 2 y
0x00008000 2 sp
EOF
RUN

View File

@ -66,3 +66,4 @@ ad "brlt 0xc" 0cf0 8
ad "brhs 0xe" 0df0 0xa
ad "brts 0x10" 0ef0 0xc
ad "brie 0x12" 0ff0 0xe
d "invalid" ffff 2