search

radareorg / radare2

UNIX-like reverse engineering framework and command-line toolset
https://www.radare.org/
GNU Lesser General Public License v3.0
20.2k stars 2.96k forks source link

xtensa support missing #20657

Closed crazyquark closed 1 year ago

crazyquark commented 1 year ago

Environment

# copypaste this script into your shell and replace it with the output
miercuri 31 august 2022, 09:05:55 +0300

radare2 5.6.6 0 @ linux-x86-64 git.5.6.6
commit: unknown build: 2022-03-24__21:51:21

Linux x86_64

Description

The xtensa plugin is missing in the radare2 builds, so iaito cannot dissasemble xtensa binaries. rasm2 -L also shows it is missing:

adAe  16 32 64   bf          LGPL3   Brainfuck (by pancake, nibble) v4.0.0
_dAe  8 16       6502        LGPL3   6502/NES/C64/Tamagotchi/T-1000 CPU
a_Ae  8          8051        PD      8051 Intel CPU
_dA_  32         amd29k      LGPL3   AMD 29k RISC CPU (by deroad)
a___  16 32 64   arm.as      LGPL3   as ARM Assembler (use R2_ARM32_AS and R2_ARM64_AS environment) (by pancake)
adAe  16 32 64   arm         BSD     Capstone v4 ARM disassembler
_d__  16 32      arm.winedbg LGPL2   WineDBG's ARM disassembler
adAe  8 16       avr         GPL     AVR Atmel
_dA_  16         cr16        LGPL3   cr16 disassembly plugin
adAe  32 64      dalvik      LGPL3   AndroidVM Dalvik
ad__  16         dcpu16      PD      Mojang's DCPU-16
adAe  16         gb          LGPL3   GameBoy(TM) (z80-like) (by condret)
_dAe  16         h8300       LGPL3   H8/300 disassembly plugin
adAe  4          i4004       LGPL3   Intel 4004 microprocessor
_dA_  8          i8080       BSD     Intel 8080 CPU
adA_  32         java        Apache  Java bytecode
_d__  8          lh5801      LGPL3   SHARP LH5801 disassembler
_d__  32         lm32        BSD     disassembly plugin for Lattice Micro 32 ISA (by Felix Held)
_dA_  8 32       m680x       BSD     Capstone v4 M680X Disassembler
_dA_  32         malbolge    LGPL3   Malbolge Ternary VM (by condret)
_dA_  32         mcore       LGPL3   Motorola MCORE disassembler
_d__  16         mcs96       LGPL3   condrets car
adAe  16 32 64   mips        BSD     Capstone v4 MIPS disassembler
_dA_  32         nios2       GPL3    NIOS II Embedded Processor
_dA_  32         or1k        LGPL3   OpenRISC 1000
_dAe  8          pic         LGPL3   PIC disassembler
a___  32 64      ppc.as      LGPL3   as PPC Assembler (use R2_PPC_AS environment) (by eagleoflqj)
_dAe  32 64      ppc         BSD     Capstone v4 PowerPC disassembler (by pancake)
_dA_  32         propeller   LGPL3   propeller disassembly plugin
adA_  32 64      riscv       GPL     RISC-V disassembler
_dAe  32         rsp         LGPL3   Reality Signal Processor
_dAe  32         sh          GPL3    SuperH-4 CPU
_dA_  8 16       snes        LGPL3   SuperNES CPU
_dAe  32 64      sparc       BSD     Capstone v4 SPARC disassembler
_dA_  32 64      s390        BSD     s390/SystemZ CPU disassembler
_dA_  32         tms320      LGPLv3  TMS320 DSP family (c54x,c55x,c55x+,c64x)
_d__  32         tms320c64x  BSD     Capstone TMS320c64x disassembler
_dA_  32         tricore     GPL3    Siemens TriCore CPU
_dAe  32         v810        LGPL3   v810 disassembly plugin (by pancake)
_dAe  32         v850        LGPL3   v850 disassembly plugin
_dAe  32         vax         GPL     VAX
_dA_  32         ws          LGPL3   Whitespace esotheric VM
a___  16 32 64   x86.as      LGPL3   Intel X86 GNU Assembler (Use R2_X86_AS env)
_dAe  16 32 64   x86         BSD     Capstone v4 X86 disassembler
a___  16 32 64   x86.nasm    LGPL3   X86 nasm assembler
a___  16 32 64   x86.nz      LGPL3   x86 handmade assembler
_dA_  16         xap         PD      XAP4 RISC (CSR)
_dA_  32         xcore       BSD     Capstone v4 XCore disassembler (by pancake)
_dA_  16 32 64   arm.gnu     GPL3    GNU Disassembler for ARM, Thumb and Aarch64
_dA_  32         cris        GPL3    Axis Communications 32-bit embedded processor (by pancake)
_d__  32         m68k.gnu    GPL3    Binutils 2.36 based m68k disassembler
_d__  32         lanai       GPL3    LANAI
adAe  32 64      mips.gnu    GPL3    MIPS CPU
_dA_  32 64      ppc.gnu     GPL3    PowerPC
_dA_  32 64      sparc.gnu   GPL3    Scalable Processor Architecture
_d__  32 64      s390.gnu    GPL3    s390/SystemZ CPU disassembler
_d__  32         v850.gnu    GPL3    Binutils 2.35 based v850 disassembler
_dAe  8 16 32 64   r2ghidra    GPL3    SLEIGH Disassembler from Ghidra (by FXTi)

Test

rasm -L

rasm2 -a xtensa -b 32 "movi a2,0"
rasm2: Unknown asm plugin 'xtensa'

# built from source:
rasm2 -v                         
rasm2 5.6.6 0 @ linux-x86-64 git.5.6.6
commit: unknown build: 2022-03-24__21:51:21

I have also tried building from source but this also results in a rasm2 without xtensa. Also tried the BlackArch builds in VM(from the official repo), same issue.

swoops commented 1 year ago

I am not the best suited to answer this, but I think I am first. So maybe I can help move your forward a bit until someone smarter shows up.

There might be two problems that are hiding each other.

first problem

Version 5.6.6 is a bit old, your source build should be 5.7.7 and you can get a 5.7.6 release from here: https://github.com/radareorg/radare2/releases/tag/5.7.6

For comparison, my install from source gives me this:

> rasm2 -v
rasm2 5.7.7 29132 @ linux-x86-64 git.5.7.6-199-gaadacb2c9c
commit: aadacb2c9c91bd585673c37831dbaddf89db1677 build: 2022-08-31__02:20:49
> r2 -v
radare2 5.7.7 29132 @ linux-x86-64 git.5.7.6-199-gaadacb2c9c
commit: aadacb2c9c91bd585673c37831dbaddf89db1677 build: 2022-08-31__02:20:49

second problem

When I run rasm2 -L |grep -i xtensa with the above build, I get nothing. I think this is a bug in rasm2 -L because I can apparently still disassemble with xtensa. My build of rasm2 and r2 both accept it in -a

> rasm2 -b32 -da xtensa 112233445566778899
l32r a1, 0xfffccc88
excw
bany a8, a7, 0xffffffa3

So this bug might of tricked you into thinking your source build does not have xtensa?

crazyquark commented 1 year ago

Hi @swoops , thank you for the quick reply. OK, freshly built radare2 from sources(master branch):

/usr/local/bin/r2 -v
radare2 5.7.7 28813 @ linux-x86-64 git.5.7.6-199-gaadacb2c9
commit: aadacb2c9c91bd585673c37831dbaddf89db1677 build: 2022-08-31__13:42:02

/usr/local/bin/rasm2 -v
rasm2 5.7.7 28813 @ linux-x86-64 git.5.7.6-199-gaadacb2c9
commit: aadacb2c9c91bd585673c37831dbaddf89db1677 build: 2022-08-31__13:42:02

Yes, seems you were right, disassembly works for xtensa however assembly does not work or I am doing something wrong:

/usr/local/bin/rasm2 -b32 -a xtensa 'movi a1,0'
ERROR: Cannot assemble 'movi a1,0' at line 3
crazyquark commented 1 year ago

Also, possibly as a consequence, iaito is unable to edit instructions: image It is however able to disassemble it: image iaito is also built from source.

trufae commented 1 year ago

there's no assembler for xtensa:

$ rasm2 -LL| grep xten
_dAe 32          xtensa      LGPL3   Xtensa disassembler
0$

the first _ means that there's no assembler support for this architecture, so it's totally expected that iaito cant assemble instructions. it's not a bug in iaito.

If you want to assemble xtensa instructions you can do three things: