Empty string returned when disassembling the second block of the entry function in a RISC-V binary #5627
Description
Description
Background
I'm trying to utilize angr's cfg-building ability on riscv architecture, however I met errors.
- The 1st is CFGFast for RISC-V is showing AttributeError: 'NoneType' object has no attribute 'CALLER_SAVED_REGS' #5259, and I added riscv's calling convention in apollo600@d754259.
- The 2nd is Problems encountered when constructing RISC-V data flow graph #5564, and I'm just reporting that issue again because it do not provide reproducing steps.
Error details
When build cfg on riscv architechture, I got an error "ERROR | 2025-08-20 10:59:25,726 | angr.analyses.fcp.fcp.SimEngineFCPVEX | Unsupported Dirty riscv_dirtyhelper_CSR_s."
Maybe that's OK because it does not crash. However, when disassembling the second bb of the entry function, I got empty string.
Steps to reproduce the bug
TL;DR
- the fork of angr/binaries: https://github.com/apollo600/binaries
- the fork of angr/angr: https://github.com/apollo600/angr
Tested version
9.2.172.dev0
Steps
1. install angr package
pip install -e ./angr2. run script
cd binaries/tests/riscv64
python test_unsupport_riscv_dirtyhelper_CSR_s.pyEnvironment
Arch & OS
$ uname -a
Linux compute04 6.1.31 #1 SMP Thu Jun 15 01:30:00 CST 2023 riscv64 GNU/LinuxCompiler
$ gcc --version
gcc (GCC) 13.2.1 20230728 (Red Hat 13.2.1-1)
Copyright (C) 2023 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
libc
$ ldd --version
ldd (GNU libc) 2.37
Copyright (C) 2023 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.objdump
$ objdump --version
GNU objdump version 2.39-15.fc38
Copyright (C) 2022 Free Software Foundation, Inc.
This program is free software; you may redistribute it under the terms of
the GNU General Public License version 3 or (at your option) any later version.
This program has absolutely no warranty.Additional context
Disassembling result of entry_func by objdump -d
000000000001122c <_start>:
1122c: 022000ef jal ra,1124e <load_gp>
11230: 87aa mv a5,a0
11232: 00000517 auipc a0,0x0
11236: fde50513 addi a0,a0,-34 # 11210 <main>
1123a: 6582 ld a1,0(sp)
1123c: 0030 addi a2,sp,8
1123e: ff017113 andi sp,sp,-16
11242: 4681 li a3,0
11244: 4701 li a4,0
11246: 880a mv a6,sp
11248: 186000ef jal ra,113ce <__libc_start_main>
1124c: 9002 ebreak