From 7664bd9d99b289a7573ec1254abc9127ccb8ec52 Mon Sep 17 00:00:00 2001
From: First Last <69217234+ieee802dot11ac@users.noreply.github.com>
Date: Mon, 15 Jul 2024 16:54:32 -0700
Subject: [PATCH 1/2] Locate ProDG .bss sections (partial addressing of #62)

---
 src/analysis/cfa.rs | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/analysis/cfa.rs b/src/analysis/cfa.rs
index 04fbd04..349bcaf 100644
--- a/src/analysis/cfa.rs
+++ b/src/analysis/cfa.rs
@@ -597,12 +597,11 @@ pub fn locate_bss_memsets(obj: &mut ObjInfo) -> Result<Vec<(u32, u32)>> {
                 StepResult::Branch(branches) => {
                     for branch in branches {
                         if branch.link {
-                            // ProDG bug? Registers are supposed to start at r3
                             if let (
                                 GprValue::Constant(addr),
                                 GprValue::Constant(value),
                                 GprValue::Constant(size),
-                            ) = (vm.gpr_value(4), vm.gpr_value(5), vm.gpr_value(6))
+                            ) = (vm.gpr_value(3), vm.gpr_value(4), vm.gpr_value(5))
                             {
                                 if value == 0 && size > 0 {
                                     bss_sections.push((addr, size));
@@ -610,6 +609,9 @@ pub fn locate_bss_memsets(obj: &mut ObjInfo) -> Result<Vec<(u32, u32)>> {
                             }
                         }
                     }
+                    if bss_sections.len() >= 2 {
+                        return Ok(ExecCbResult::End(()));
+                    }
                     Ok(ExecCbResult::Continue)
                 }
             }

From f8fcb68a9e950741a88d1d9a620a5fae955cc1df Mon Sep 17 00:00:00 2001
From: First Last <69217234+ieee802dot11ac@users.noreply.github.com>
Date: Mon, 15 Jul 2024 17:17:39 -0700
Subject: [PATCH 2/2] Support both correct and incorrect memset calls

---
 src/analysis/cfa.rs | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/analysis/cfa.rs b/src/analysis/cfa.rs
index 349bcaf..8f7f4f3 100644
--- a/src/analysis/cfa.rs
+++ b/src/analysis/cfa.rs
@@ -597,12 +597,18 @@ pub fn locate_bss_memsets(obj: &mut ObjInfo) -> Result<Vec<(u32, u32)>> {
                 StepResult::Branch(branches) => {
                     for branch in branches {
                         if branch.link {
+                            // Some ProDG crt0.s versions use the wrong registers, some don't
                             if let (
                                 GprValue::Constant(addr),
                                 GprValue::Constant(value),
                                 GprValue::Constant(size),
-                            ) = (vm.gpr_value(3), vm.gpr_value(4), vm.gpr_value(5))
-                            {
+                            ) = {
+                                if vm.gpr_value(4) == GprValue::Constant(0) {
+                                    (vm.gpr_value(3), vm.gpr_value(4), vm.gpr_value(5))
+                                } else {
+                                    (vm.gpr_value(4), vm.gpr_value(5), vm.gpr_value(6))
+                                }
+                            } {
                                 if value == 0 && size > 0 {
                                     bss_sections.push((addr, size));
                                 }