Skip to content

idaholab/bn-v850-arch

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
test/rosetta
test/rosetta
 
 
.clang-format
.clang-format
 
 
.gitignore
.gitignore
 
 
CMakeLists.txt
CMakeLists.txt
 
 
LICENSE
LICENSE
 
 
NOTICE.txt
NOTICE.txt
 
 
README.md
README.md
 
 

Repository files navigation

V850 Architecture Plugin for Binary Ninja

A Binary Ninja architecture plugin providing support for the V850 family of instructions.

Overview

This architecture plugin provides support for the disassembling and lifting of V850 instructions.

Features

  • Disassembly support for V850, V850E1, V850E2, and V850E3/RH850 G3MH instruction sets
  • Near-complete lifting to Binary Ninja's Low Level IL, including FPU, saturated arithmetic, synchronization barriers, 64-bit load/store, and banked system registers
  • Correct CC-RH ABI calling convention (argument, caller-saved, and callee-saved registers)
  • ELF loader support for EM_V800 binaries

Installation

Binary Download

The easiest way to use this plugin is to download and install a pre-compiled release binary.

  1. Dowload the shared library corresponding to your OS/arch from the latest GitHub Release
  2. Copy the downloaded binary to your Binary Ninja plugin directory (e.g. ~/.binaryninja/plugins/)
  3. Start Binary Ninja

Manual Build and Installation

Prerequisites

  • Binary Ninja (minimum version: 5.1.8104)
  • CMake 3.15 or higher
  • C++20 compatible compiler

Building from Source & Install

# Clone the binja API
git clone https://github.com/Vector35/binaryninja-api.git
cd binaryninja-api

# Set up CMake files
echo -e "\nadd_subdirectory(plugins)" >> CMakeLists.txt
echo -e "\nadd_subdirectory(bn-v850-arch)" >> plugins/CMakeLists.txt

# Download V850 architecture source
cd plugins
git clone https://github.com/idaholab/bn-v850-arch.git
cd ..

# Build
cmake -DCMAKE_BUILD_TYPE=release -DHEADLESS=yes -DBN_ALLOW_STUBS=ON -B build .
cmake --build build -j --target bn-v850-arch

# Install
cp build/out/bin/libbn-v850-arch.so ~/.binaryninja/plugins/

Usage

Opening Files

  1. Open Binary Ninja and select "Open with Options..."
  2. Under "Load Options", set your entry point offset and image base
  3. Choose "V850" from the "Platform" dropdown menu
  4. Open the binary file and wait for auto-analysis to complete

Note that you may need to manually define functions or customize your binary view for the file to load properly

Development

Building for Development

To build with debug symbols, follow the instructions above to build from source but change the build type to debug:

cmake -DCMAKE_BUILD_TYPE=debug -DHEADLESS=yes .

Standalone Build

The plugin can be built without modifying the binaryninja-api tree by pointing BN_API_PATH at an existing checkout:

cmake -DBN_API_PATH=/path/to/binaryninja-api \
      -DCMAKE_BUILD_TYPE=release -DHEADLESS=yes -DBN_ALLOW_STUBS=ON \
      -B build .
cmake --build build -j --target bn-v850-arch

Rosetta Test Harness

A side-by-side disassembly comparison harness lives under test/rosetta/. It compiles C fixtures with the Renesas CC-RH compiler (requires a CC-RH Docker image), extracts instruction bytes from the resulting object, and diffs the plugin's disassembly output against the compiler's own assembly listing.

To build the harness binary alongside the plugin:

cmake -DBN_API_PATH=/path/to/binaryninja-api \
      -DBN_V850_BUILD_HARNESS=ON \
      -DCMAKE_BUILD_TYPE=release -DHEADLESS=yes -DBN_ALLOW_STUBS=ON \
      -B build .
cmake --build build -j

To run against a fixture:

test/rosetta/run.sh test/rosetta/fixtures/smoke.c

Contributing

Contributions are welcome! Please:

  1. Fork the repository
  2. Create a feature branch (git checkout -b feature/amazing-feature)
  3. Commit your changes (git commit -m 'Add amazing feature')
  4. Push to the branch (git push origin feature/amazing-feature)
  5. Open a Pull Request

Limitations

While every effort was made to ensure the accuracy of this plugin, you may still encounter bugs such as:

  • Improperly disassembled instructions
  • Missing instructions
  • Typos

If you encounter a bug, please consider opening an issue or pull request!

Additionally, not all instructions have been lifted to LLIL. We welcome pull requests to help complete this task!

Resources

License

Licensed under MIT.

See LICENSE file for details.

Credits

Please see the NOTICE file for details.

Contributors

  • ghostdev137 — V850E3/RH850 G3MH lifter uplift: comprehensive overhaul bringing instruction coverage from ~8% to near-complete; SLEIGH parity pass porting ~43 opcodes from Ghidra's V850 SLEIGH spec; bug fixes for SAT flag stickiness, SCH/FPU intrinsics, MUL-imm, divide remainder ordering, and calling convention (CC-RH ABI); LD.DW/ST.DW 64-bit load/store lifting; rosetta test harness.

Support

If you encounter issues with this repository, please create an issue.

About

Binary Ninja plugin adding V850 architecture support for embedded firmware. Enables accurate disassembly and decompilation of V850 binaries for security analysis and reverse engineering.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

2 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases 3

bn-v850-arch for Binary Ninja stable/5.3.9434 Latest
Apr 15, 2026
+ 2 releases

Packages

 
 
 

Contributors

Languages