Generate minimal RISC-V code
Minimal code:
static int a = 0;
_start() {
a += 1;
a -= 1;
a = 2;
if (a == 2)
a *= 2;
else
a = 2;
}
Compile:
riscv64-linux-gnu-gcc -O0 test.c -static -nostdlib -ffreestanding -fno-stack-protector -fno-stack-check -nolibc -Ttext=0x0 -no-pie
-s:
.file "test.c"
.option pic
.attribute arch, "rv64i2p1_m2p0_a2p1_f2p2_d2p2_c2p0_zicsr2p0_zifencei2p0"
.attribute unaligned_access, 0
.attribute stack_align, 16
.text
.local a
.comm a,4,4
.align 1
.globl _start
.type _start, @function
_start:
addi sp,sp,-16
sd s0,8(sp)
addi s0,sp,16
lla a5,a
lw a5,0(a5)
addiw a5,a5,1
sext.w a4,a5
lla a5,a
sw a4,0(a5)
lla a5,a
lw a5,0(a5)
addiw a5,a5,-1
sext.w a4,a5
lla a5,a
sw a4,0(a5)
lla a5,a
li a4,2
sw a4,0(a5)
lla a5,a
lw a5,0(a5)
mv a4,a5
li a5,2
bne a4,a5,.L2
lla a5,a
lw a5,0(a5)
slliw a5,a5,1
sext.w a4,a5
lla a5,a
sw a4,0(a5)
j .L3
.L2:
lla a5,a
li a4,2
sw a4,0(a5)
.L3:
nop
mv a0,a5
ld s0,8(sp)
addi sp,sp,16
jr ra
.size _start, .-_start
.ident "GCC: (GNU) 12.2.0"
.section .note.GNU-stack,"",@progbits
radare2:
[ecomaikgolf@desktop ~/]$ r2 a.out -- Analyze socket connections with the socket plugin: 'radare2 socket://www.foo.com:80'. Use 'w' to send data [0x00000000]> aa [x] Analyze all flags starting with sym. and entry0 (aa) [x] Analyze all functions arguments/locals [0x00000000]> pdf @ entry0 (...) 140: entry0 (int64_t arg6, int64_t arg_8h); │ ; arg int64_t arg6 @ a5 │ ; arg int64_t arg_8h @ sp+0x8 │ 0x00000000 4111 addi sp, sp, -16 ; [08] ---- section size 84 named .shstrtab │ 0x00000002 22e4 sd s0, 8(sp) │ 0x00000004 0008 addi s0, sp, 16 │ 0x00000006 97170000 auipc a5, 0x1 │ 0x0000000a 93876708 addi a5, a5, 134 ; arg6 │ 0x0000000e 9c43 lw a5, 0(a5) ; arg6 │ 0x00000010 8527 addiw a5, a5, 1 ; arg6 │ 0x00000012 1b870700 sext.w a4, a5 ; arg6 │ 0x00000016 97170000 auipc a5, 0x1 │ 0x0000001a 93876707 addi a5, a5, 118 ; arg6 │ 0x0000001e 98c3 sw a4, 0(a5) ; arg6 │ 0x00000020 97170000 auipc a5, 0x1 │ 0x00000024 9387c706 addi a5, a5, 108 ; arg6 │ 0x00000028 9c43 lw a5, 0(a5) ; arg6 │ 0x0000002a fd37 addiw a5, a5, -1 ; arg6 │ 0x0000002c 1b870700 sext.w a4, a5 ; arg6 │ 0x00000030 97170000 auipc a5, 0x1 │ 0x00000034 9387c705 addi a5, a5, 92 ; arg6 │ 0x00000038 98c3 sw a4, 0(a5) ; arg6 │ 0x0000003a 97170000 auipc a5, 0x1 │ 0x0000003e ~ 93872705 addi a5, a5, 82 ; arg6 │ ;-- elf_phdr: .. │ 0x00000042 0947 li a4, 2 │ 0x00000044 98c3 sw a4, 0(a5) ; arg6 │ 0x00000046 97170000 auipc a5, 0x1 │ 0x0000004a 93876704 addi a5, a5, 70 ; arg6 │ 0x0000004e 9c43 lw a5, 0(a5) ; arg6 │ 0x00000050 3e87 mv a4, a5 ; arg6 │ 0x00000052 8947 li a5, 2 │ ┌─< 0x00000054 6311f702 bne a4, a5, 0x76 │ │ 0x00000058 97170000 auipc a5, 0x1 │ │ 0x0000005c 93874703 addi a5, a5, 52 ; arg6 │ │ 0x00000060 9c43 lw a5, 0(a5) ; arg6 │ │ 0x00000062 9b971700 slliw a5, a5, 0x1 ; arg6 │ │ 0x00000066 1b870700 sext.w a4, a5 ; arg6 │ │ 0x0000006a 97170000 auipc a5, 0x1 │ │ 0x0000006e 93872702 addi a5, a5, 34 ; arg6 │ │ 0x00000072 98c3 sw a4, 0(a5) ; arg6 │ ┌──< 0x00000074 39a0 j 0x82 │ │└─> 0x00000076 97170000 auipc a5, 0x1 │ │ 0x0000007a 93876701 addi a5, a5, 22 ; arg6 │ │ 0x0000007e 0947 li a4, 2 │ │ 0x00000080 98c3 sw a4, 0(a5) │ │ ; CODE XREF from entry0 @ 0x74(x) │ └──> 0x00000082 0100 nop │ 0x00000084 3e85 mv a0, a5 ; arg6 │ 0x00000086 2264 ld s0, 8(sp) │ 0x00000088 4101 addi sp, sp, 16 │ 0x0000008a 8280 ret
Extra (decompilation with ghidra):
int entry0 (int esi, int edx) {
loc_0x0:
sp = sp - 16 // [08] ---- section size 84 named .shstrtab
[8(sp)] = (double)s0
s0 = sp + 16
auipc a5,0x1
a5 = a5 + 134 // arg6 // loc._edata
a5 = [0(a5)] // arg6
addiw a5,a5,1 // arg6
sext.w a4,a5 // arg6
auipc a5,0x1
a5 = a5 + 118 // arg6 // loc._edata
[0(a5)] = a4 // arg6
auipc a5,0x1
a5 = a5 + 108 // arg6 // loc._edata
a5 = [0(a5)] // arg6
addiw a5,a5,-1 // arg6
sext.w a4,a5 // arg6
auipc a5,0x1
a5 = a5 + 92 // arg6 // loc._edata
[0(a5)] = a4 // arg6
auipc a5,0x1
~ a5 = a5 + 82 // arg6 // loc._edata
a5 = a5 + 82
[0(a5)] = a4 // arg6
auipc a5,0x1
a5 = a5 + 70 // arg6 // loc._edata
a5 = [0(a5)] // arg6
a4 = a5 // arg6
a5 = 2
if (a4 != a5) goto 0x76 // unlikely
loc_0x76:
auipc a5,0x1
a5 = a5 + 22 // arg6 // loc._edata
a4 = 2
[0(a5)] = a4
// do {
loc_0x82:
// CODE XREF from entry0 @ 0x74(x)
0x00000082
a0 = a5 // arg6
s0 = (double)[8(sp)]
sp = sp + 16
0x0000008a
// } while (?);
// } while (?);
}
return eax;
}
Quite weird