emesare
commented
2 hours ago An example of the split pointer arithmetic from TriCore:
00000074 911000f8 movh.a a15, 0x8001
00000078 d9ff6c38 lea a15, a15, -0x7b14 {0x800084ec}Open emesare opened 2 hours ago
emesare
commented
2 hours ago An example of the split pointer arithmetic from TriCore:
00000074 911000f8 movh.a a15, 0x8001
00000078 d9ff6c38 lea a15, a15, -0x7b14 {0x800084ec}Another path forward is utilizing Binary Ninja's MLIL that would be able to identify these patterns and simplify them down to a constant pointer, the issue is that it is not portable. IDA and Ghidra would not be able to replicate that behavior.
Masking of instructions requires us to know that a constant is a pointer to a relocatable section. The issue is that in many RISCy architectures the pattern for loading a pointer will be split across multiple instructions. Identifying this pattern is very error prone if not done on an ISA level.
We should provide a way to register ISA specific handlers that can mask out instructions. This complicates the basic block GUID generation, however these functions wouldn't match regardless because the relocatable instructions weren't masked.