aaa merges adjacent RISC-V functions

[Kreijstal]

Environment

Sun Apr 20 13:30:30 CEST 2025
radare2 5.9.8 0 @ linux-x86-64
birth: git.5.9.8 2024-12-25__11:50:37
options: gpl release -O1 cs:5 cl:2 meson
Linux x86_64

Description

aaa incorrectly merges:

1. Function at 0x20040014 (entry0)
2. Function at 0x200400ae (with addi sp, sp, -32 prologue)
   into one function spanning 0x20040014-0x200400ee.

Analysis fails to detect function boundary at 0x200400ae despite standard prologue.

Test

r2 -N -e bin.relocs.apply=true self-assesment.elf
aaa
afl  # Shows only entry0 covering both
s 0x200400ae; af new_func  # Fails with "Cannot find function"
# fixing it 
af- entry0
s 0x200400ae; af fibonacci
s 0x20040014; af entry0
afl  # Should show both functions

Note: Ghidra doesn't seem to have issue with it

self-assesment.zip

[trufae]

try this: "aac;aaa" maybe it makes sense to just run "aac" before aa in all the binaries. i think the results are more trustable. also there's anal.symsort=-1 which may help for other situations

[trufae]

i think i found the bug. stay tuned