From c6a3512866d083a2a39a1bd94dce889d3e50b0eb Mon Sep 17 00:00:00 2001
From: billow <billow.fun@gmail.com>
Date: Sun, 3 Nov 2024 19:47:12 +0800
Subject: [PATCH] librz/arch/tricore: bump capstone and fix RzIL generation
 (#4696)

* bump capstone next f6f967961b913cf4fc1c6233f6cf42194a0938ca
* fix: tricore il and test
* Fix code scanning alert no. 1874: Multiplication result converted to larger type
---
 librz/arch/isa/tricore/tricore_il.c | 127 +++++++++++-----------------
 subprojects/capstone-next.wrap      |   2 +-
 test/db/analysis/tricore            |  10 +--
 test/db/asm/tricore                 |  38 ++++-----
 4 files changed, 74 insertions(+), 103 deletions(-)

diff --git a/librz/arch/isa/tricore/tricore_il.c b/librz/arch/isa/tricore/tricore_il.c
index 69bd4ba50dd..6a991c3d21d 100644
--- a/librz/arch/isa/tricore/tricore_il.c
+++ b/librz/arch/isa/tricore/tricore_il.c
@@ -1117,27 +1117,15 @@ static RzAnalysisLiftedILOp addr_circular_2(ut8 B, RzILOpPure *(*g)(RzILOpPure *
 		SETG(a, APPEND(LOADW(B, VARL("EA4")), LOADW(B, VARL("EA")))));
 }
 
-static RzAnalysisLiftedILOp ld_sc(RzAsmTriCoreContext *ctx, ut8 B, RzILOpPure *(*f)(RzILOpPure *, ut32), const char rprefx) {
-	if (rprefx == 'a') {
-		return SEQ2(
-			SETL("EA", ADD(VARG(/*a10*/ TriCoreREGs[10]), U32(I(0) * 4))),
-			SETG_EA("a15", B, f));
-	}
-	if (rprefx == 'd') {
-		return SEQ2(
-			SETL("EA", ADD(VARG(/*d10*/ TriCoreREGs[16 + 10]), U32(I(0) * 4))),
-			SETG_EA("d15", B, f));
-	}
-	rz_warn_if_reached();
-	return NULL;
+static RzAnalysisLiftedILOp ld_sc(RzAsmTriCoreContext *ctx, ut8 B, RzILOpPure *(*f)(RzILOpPure *, ut32)) {
+	TriCoreMem m = M(1);
+	return SEQ2(
+		SETL("EA", ADD(VARG(m.reg), U32(m.disp * 4))),
+		SETG_EA(R(0), B, f));
 }
-static RzAnalysisLiftedILOp st_sc(RzAsmTriCoreContext *ctx, ut8 B, const char rprefx) {
-	unsigned const8 = I(0);
-	if (rprefx == 'a' || rprefx == 'd') {
-		return STOREW(ADD(VARG("a10"), U32(B / 8 * const8)), UNSIGNED(B, VARG(rprefx == 'a' ? "a15" : "d15")));
-	}
-	rz_warn_if_reached();
-	return NULL;
+static RzAnalysisLiftedILOp st_sc(RzAsmTriCoreContext *ctx, ut8 B) {
+	TriCoreMem m = M(0);
+	return STOREW(ADD(VARG(m.reg), U32((ut64)B / 8 * m.disp)), UNSIGNED(B, VARG(R(1))));
 }
 
 static RzAnalysisLiftedILOp ld_slr(RzAsmTriCoreContext *ctx, ut8 B, RzILOpPure *(*f)(RzILOpPure *, ut32)) {
@@ -1154,23 +1142,23 @@ static RzAnalysisLiftedILOp ld_slr_post_increment(RzAsmTriCoreContext *ctx, ut8
 }
 
 static RzAnalysisLiftedILOp ld_slro(RzAsmTriCoreContext *ctx, ut8 B, RzILOpPure *(*f)(RzILOpPure *, ut32)) {
-	TriCoreMem m = M(0);
+	TriCoreMem m = M(1);
 	return SEQ2(
-		SETL("EA", ADD(VARG("a15"), U32(4 * m.disp))),
-		SETG_EA(m.reg, B, f));
+		SETL("EA", ADD(VARG(m.reg), U32(4 * m.disp))),
+		SETG_EA(R(0), B, f));
 }
 
 static RzAnalysisLiftedILOp ld_sro(RzAsmTriCoreContext *ctx, ut8 B, RzILOpPure *(*f)(RzILOpPure *, ut32)) {
-	TriCoreMem m = M(0);
+	TriCoreMem m = M(1);
 	return SEQ2(
 		SETL("EA", ADD(VARG(m.reg), U32(4 * m.disp))),
-		SETG_EA("a15", B, f));
+		SETG_EA(R(0), B, f));
 }
 static RzAnalysisLiftedILOp st_sro(RzAsmTriCoreContext *ctx, ut8 B) {
 	TriCoreMem m = M(0);
 	const char *b = m.reg;
 	unsigned const4 = m.disp;
-	return STOREW(ADD(VARG(b), U32(B / 8 * const4)), UNSIGNED(B, VARG("a15")));
+	return STOREW(ADD(VARG(b), U32((ut64)B / 8 * const4)), UNSIGNED(B, VARG("a15")));
 }
 
 static RzAnalysisLiftedILOp st_ssr(RzAsmTriCoreContext *ctx, ut8 B) {
@@ -1186,9 +1174,8 @@ static RzAnalysisLiftedILOp st_ssr_post_incr(RzAsmTriCoreContext *ctx, ut8 B) {
 		SETG(b, ADD(VARG(b), U32(B / 8))));
 }
 static RzAnalysisLiftedILOp st_ssro(RzAsmTriCoreContext *ctx, ut8 B) {
-	const char *a = R(1);
-	unsigned const4 = I(0);
-	return STOREW(ADD(VARG("a15"), U32(B / 8 * const4)), UNSIGNED(B, VARG(a)));
+	TriCoreMem m = M(0);
+	return STOREW(ADD(VARG(m.reg), U32((ut64)B / 8 * m.disp)), UNSIGNED(B, VARG(R(1))));
 }
 
 static RzAnalysisLiftedILOp load_lower_context() {
@@ -1376,7 +1363,7 @@ lift_ld_op(RzAsmTriCoreContext *ctx) {
 		break;
 	}
 	case /*LD.A BOL*/ 0x99: return ld_base_long_offset(ctx, Word_b, NULL);
-	case /*LD.A SC*/ 0xd8: return ld_sc(ctx, Word_b, NULL, 'a');
+	case /*LD.A SC*/ 0xd8: return ld_sc(ctx, Word_b, NULL);
 	case /*LD.A SLR*/ 0xd4: return ld_slr(ctx, Word_b, NULL);
 	case /*LD.A SLR*/ 0xc4: return ld_slr_post_increment(ctx, Word_b, NULL);
 	case /*LD.A SLRO*/ 0xc8: return ld_slro(ctx, Word_b, NULL);
@@ -1394,7 +1381,7 @@ lift_ld_op(RzAsmTriCoreContext *ctx) {
 	case /*LD.H SRO*/ 0x8c: return ld_sro(ctx, HalfWord_b, SEXT32);
 	case /*LD.HU BOL*/ 0xb9: return ld_base_long_offset(ctx, HalfWord_b, ZEXT32);
 	case /*LD.W BOL*/ 0x19: return ld_base_long_offset(ctx, Word_b, NULL);
-	case /*LD.W SC*/ 0x58: return ld_sc(ctx, Word_b, NULL, 'd');
+	case /*LD.W SC*/ 0x58: return ld_sc(ctx, Word_b, NULL);
 	case /*LD.W SLR*/ 0x54: return ld_slr(ctx, Word_b, NULL);
 	case /*LD.W SLR*/ 0x44: return ld_slr_post_increment(ctx, Word_b, NULL);
 	case /*LD.W SLRO*/ 0x48: return ld_slro(ctx, Word_b, NULL);
@@ -1510,7 +1497,7 @@ lift_st_op(RzAsmTriCoreContext *ctx) {
 		break;
 	}
 	case /*ST.A BOL*/ 0xb5: return st_base_long_offset(ctx, Word_b);
-	case /*ST.A SC*/ 0xf8: return st_sc(ctx, Word_b, 'a');
+	case /*ST.A SC*/ 0xf8: return st_sc(ctx, Word_b);
 	case /*ST.A SRO*/ 0xec: return st_sro(ctx, Word_b);
 	case /*ST.A SSR*/ 0xf4: return st_ssr(ctx, Word_b);
 	case /*ST.A SSR(post)*/ 0xe4: return st_ssr_post_incr(ctx, Word_b);
@@ -1529,7 +1516,7 @@ lift_st_op(RzAsmTriCoreContext *ctx) {
 	case /*ST.H SSRO*/ 0xa8: return st_ssro(ctx, Word_b);
 
 	case /*ST.W BOL*/ 0x59: return st_base_long_offset(ctx, Word_b);
-	case /*ST.W SC*/ 0x78: return st_sc(ctx, Word_b, 'd');
+	case /*ST.W SC*/ 0x78: return st_sc(ctx, Word_b);
 	case /*ST.W SRO*/ 0x6c: return st_sro(ctx, Word_b);
 	case /*ST.W SSR*/ 0x74: return st_ssr(ctx, Word_b);
 	case /*ST.W SSR(post)*/ 0x64: return st_ssr_post_incr(ctx, Word_b);
@@ -2100,11 +2087,11 @@ static RzAnalysisLiftedILOp lift_add(RzAsmTriCoreContext *ctx) {
 		break;
 	}
 	case 0xc2: return packed_op2_sov(R(0), VARG(R(0)), sign_ext32_bv(I(1), 4), Word_b, rz_il_op_new_add, NULL);
-	case 0x92: return packed_op2_sov(R(0), VARG("d15"), sign_ext32_bv(I(1), 4), Word_b, rz_il_op_new_add, NULL);
-	case 0x9a: return packed_op2_sov("d15", VARG(R(0)), sign_ext32_bv(I(1), 4), Word_b, rz_il_op_new_add, NULL);
+	case 0x92:
+	case 0x9a: return packed_op2_sov(R(0), VARG(R(1)), sign_ext32_bv(I(2), 4), Word_b, rz_il_op_new_add, NULL);
 	case 0x42: return packed_op2_sov(R(0), VARG(R(0)), VARG(R(1)), Word_b, rz_il_op_new_add, NULL);
-	case 0x12: return packed_op2_sov(R(0), VARG("d15"), VARG(R(1)), Word_b, rz_il_op_new_add, NULL);
-	case 0x1a: return packed_op2_sov("d15", VARG(R(0)), VARG(R(1)), Word_b, rz_il_op_new_add, NULL);
+	case 0x12:
+	case 0x1a: return packed_op2_sov(R(0), VARG(R(1)), VARG(R(2)), Word_b, rz_il_op_new_add, NULL);
 	case 0x22: return packed_op2_sov(R(0), VARG(R(0)), VARG(R(1)), Word_b, rz_il_op_new_add, ssov);
 	default: break;
 	}
@@ -2148,8 +2135,8 @@ static RzAnalysisLiftedILOp lift_cadd(RzAsmTriCoreContext *ctx) {
 		}
 		break;
 	}
-	case /*CADD (SRC)*/ 0x8a: return e_cadd(R(0), NON_ZERO(VARG("d15")), VARG(R(0)), sign_ext32_bv(I(1), 4));
-	case /*CADDN (SRC)*/ 0xca: return e_cadd(R(0), IS_ZERO(VARG("d15")), VARG(R(0)), sign_ext32_bv(I(1), 4));
+	case /*CADD (SRC)*/ 0x8a: return e_cadd(R(0), NON_ZERO(VARG(R(1))), VARG(R(0)), sign_ext32_bv(I(2), 4));
+	case /*CADDN (SRC)*/ 0xca: return e_cadd(R(0), IS_ZERO(VARG(R(1))), VARG(R(0)), sign_ext32_bv(I(2), 4));
 	default: break;
 	}
 	rz_warn_if_reached();
@@ -3346,9 +3333,9 @@ RZ_IPI RzAnalysisLiftedILOp tricore_il_op(RzAsmTriCoreContext *ctx, RzAnalysis *
 		case 0xdf: return BRANCH(NE(VARG(R(0)), sign_ext32_bv(I(1), 4)), JMP(U32(I(2))), NOP());
 		case 0x5f: return BRANCH(NE(VARG(R(0)), VARG(R(1))), JMP(U32(I(2))), NOP());
 		case 0x5e:
-		case 0xde: return BRANCH(NE(VARG("d15"), sign_ext32_bv(I(0), 4)), JMP(U32(I(1))), NOP());
+		case 0xde: return BRANCH(NE(VARG(R(0)), sign_ext32_bv(I(1), 4)), JMP(U32(I(2))), NOP());
 		case 0x7e:
-		case 0xfe: return BRANCH(NE(VARG("d15"), VARG(R(0))), JMP(U32(I(1))), NOP());
+		case 0xfe: return BRANCH(NE(VARG(R(0)), VARG(R(1))), JMP(U32(I(2))), NOP());
 		default: break;
 		}
 		break;
@@ -3387,28 +3374,19 @@ RZ_IPI RzAnalysisLiftedILOp tricore_il_op(RzAsmTriCoreContext *ctx, RzAnalysis *
 		}
 		break;
 	case TRICORE_INS_JNZ_T:
-		if (OPC1_BRN == 0x6f) {
-			return BRANCH(BIT32(VARG(R(0)), I(1)), JMP(U32(I(2))), NOP());
-		}
-		if (OPC1 == 0xae) {
-			return BRANCH(BIT32(VARG("d15"), I(0)), JMP(U32(I(1))), NOP());
-		}
+		return BRANCH(BIT32(VARG(R(0)), I(1)), JMP(U32(I(2))), NOP());
 		break;
 	case TRICORE_INS_JNZ:
-		switch (OPC1) {
-		case 0xee: return BRANCH(NE(VARG("d15"), U32(0)), JMP(U32(I(0))), NOP());
-		case 0xf6: return BRANCH(NE(VARG(R(0)), U32(0)), JMP(U32(I(1))), NOP());
-		default: break;
-		}
+		return BRANCH(NE(VARG(R(0)), U32(0)), JMP(U32(I(1))), NOP());
 		break;
 	case TRICORE_INS_JEQ:
 		switch (OPC1) {
 		case 0xdf: return BRANCH(EQ(VARG(R(0)), sign_ext32_bv(I(1), 4)), JMP(U32(I(2))), NOP());
 		case 0x5f: return BRANCH(EQ(VARG(R(0)), VARG(R(1))), JMP(U32(I(2))), NOP());
 		case 0x1e:
-		case 0x9e: return BRANCH(EQ(VARG("d15"), sign_ext32_bv(I(0), 4)), JMP(U32(I(1))), NOP());
+		case 0x9e: return BRANCH(EQ(VARG(R(0)), sign_ext32_bv(I(1), 4)), JMP(U32(I(2))), NOP());
 		case 0x3e:
-		case 0xbe: return BRANCH(EQ(VARG("d15"), VARG(R(0))), JMP(U32(I(1))), NOP());
+		case 0xbe: return BRANCH(EQ(VARG(R(0)), VARG(R(1))), JMP(U32(I(2))), NOP());
 		default: break;
 		}
 		break;
@@ -3431,7 +3409,7 @@ RZ_IPI RzAnalysisLiftedILOp tricore_il_op(RzAsmTriCoreContext *ctx, RzAnalysis *
 	case TRICORE_INS_JGTZ: return BRANCH(UGT(VARG(R(0)), U32(0)), JMP(U32(I(1))), NOP());
 	case TRICORE_INS_JZ:
 		switch (OPC1) {
-		case 0x6e: return BRANCH(EQ(VARG("d15"), U32(0)), JMP(U32(I(0))), NOP());
+		case 0x6e: return BRANCH(EQ(VARG(R(0)), U32(0)), JMP(U32(I(1))), NOP());
 		case 0x76: return BRANCH(IS_ZERO(VARG(R(0))), JMP(U32(I(1))), NOP());
 		default: break;
 		}
@@ -3444,12 +3422,7 @@ RZ_IPI RzAnalysisLiftedILOp tricore_il_op(RzAsmTriCoreContext *ctx, RzAnalysis *
 		}
 		break;
 	case TRICORE_INS_JZ_T: {
-		if (OPC1_BRN == 0x6f) {
-			return BRANCH(INV(BIT32(VARG(R(0)), I(1))), JMP(U32(I(2))), NOP());
-		}
-		if (OPC1 == 0x2e) {
-			return BRANCH(INV(BIT32(VARG("d15"), I(0))), JMP(U32(I(1))), NOP());
-		}
+		return BRANCH(INV(BIT32(VARG(R(0)), I(1))), JMP(U32(I(2))), NOP());
 		break;
 	}
 	case TRICORE_INS_LDLCX:
@@ -3511,11 +3484,11 @@ RZ_IPI RzAnalysisLiftedILOp tricore_il_op(RzAsmTriCoreContext *ctx, RzAnalysis *
 		case /*MOV.D SRR*/ 0x80: return SETG(R(0), VARG(R(1)));
 		case /*ADD.A SRC*/ 0xb0: return SETG(R(0), ADD(VARG(R(0)), U32(I(1))));
 		case /*ADD.A SRR*/ 0x30: return SETG(R(0), ADD(VARG(R(0)), VARG(R(1))));
-		case /*SUB.A SC*/ 0x20: return SETG("a10", SUB(VARG("a10"), U32(I(0))));
+		case /*SUB.A SC*/ 0x20: return SETG(R(0), SUB(VARG(R(0)), U32(I(1))));
 		default:
 			if (extract32(ctx->word, 0, 6) == 0x10) {
 				/*ADDSC.A SRRS*/
-				return SETG(R(0), ADD(VARG(R(1)), SHL0(VARG("d15"), I(2))));
+				return SETG(R(0), ADD(VARG(R(1)), SHL0(VARG(R(2)), I(3))));
 			}
 			break;
 		}
@@ -3534,7 +3507,7 @@ RZ_IPI RzAnalysisLiftedILOp tricore_il_op(RzAsmTriCoreContext *ctx, RzAnalysis *
 			}
 			break;
 		}
-		case 0xda: return SETG("d15", U32(I(0)));
+		case 0xda: return SETG(R(0), U32(I(1)));
 		case 0x82: return SETG(R(0), sign_ext32_bv(I(1), 4));
 		case 0xd2: return SETG(R(0), sign_ext64_bv(I(1), 4));
 		case 0x02: return SETG(R(0), VARG(R(1)));
@@ -3712,10 +3685,10 @@ RZ_IPI RzAnalysisLiftedILOp tricore_il_op(RzAsmTriCoreContext *ctx, RzAnalysis *
 			default: break;
 			}
 			break;
-		case /*LT(SRC)*/ 0xfa: return SETG("d15", BOOL_TO_BV32(SLT(VARG(R(0)), sign_ext32_bv(I(1), 4))));
-		case /*LT(SRR)*/ 0x7a: return SETG("d15", BOOL_TO_BV32(SLT(VARG(R(0)), VARG(R(1)))));
-		case /*EQ(SRC)*/ 0xba: return SETG("d15", BOOL_TO_BV32(EQ(VARG(R(0)), sign_ext32_bv(I(1), 4))));
-		case /*EQ(SRR)*/ 0x3a: return SETG("d15", BOOL_TO_BV32(EQ(VARG(R(0)), VARG(R(1)))));
+		case /*LT(SRC)*/ 0xfa: return SETG(R(0), BOOL_TO_BV32(SLT(VARG(R(1)), sign_ext32_bv(I(2), 4))));
+		case /*LT(SRR)*/ 0x7a: return SETG(R(0), BOOL_TO_BV32(SLT(VARG(R(1)), VARG(R(2)))));
+		case /*EQ(SRC)*/ 0xba: return SETG(R(0), BOOL_TO_BV32(EQ(VARG(R(1)), sign_ext32_bv(I(2), 4))));
+		case /*EQ(SRR)*/ 0x3a: return SETG(R(0), BOOL_TO_BV32(EQ(VARG(R(1)), VARG(R(2)))));
 		case /*RSUB(SR)*/ 0x08: SETG(R(0), SUB(S32(0), VARG(R(1))));
 		default: break;
 		}
@@ -3960,10 +3933,10 @@ RZ_IPI RzAnalysisLiftedILOp tricore_il_op(RzAsmTriCoreContext *ctx, RzAnalysis *
 	case TRICORE_INS_CMOVN:
 	case TRICORE_INS_CMOV: {
 		switch (OPC1) {
-		case 0xaa: return SETG(R(0), ITE(NON_ZERO(VARG("d15")), sign_ext32_bv(I(1), 4), VARG(R(0))));
-		case 0x2a: return SETG(R(0), ITE(NON_ZERO(VARG("d15")), VARG(R(1)), VARG(R(0))));
-		case 0xea: return SETG(R(0), ITE(IS_ZERO(VARG("d15")), sign_ext32_bv(I(1), 4), VARG(R(0))));
-		case 0x6a: return SETG(R(0), ITE(IS_ZERO(VARG("d15")), VARG(R(1)), VARG(R(0))));
+		case 0xaa: return SETG(R(0), ITE(NON_ZERO(VARG(R(1))), sign_ext32_bv(I(2), 4), VARG(R(0))));
+		case 0x2a: return SETG(R(0), ITE(NON_ZERO(VARG(R(1))), VARG(R(2)), VARG(R(0))));
+		case 0xea: return SETG(R(0), ITE(IS_ZERO(VARG(R(1))), sign_ext32_bv(I(2), 4), VARG(R(0))));
+		case 0x6a: return SETG(R(0), ITE(IS_ZERO(VARG(R(1))), VARG(R(2)), VARG(R(0))));
 		default: break;
 		}
 		break;
@@ -4275,8 +4248,8 @@ RZ_IPI RzAnalysisLiftedILOp tricore_il_op(RzAsmTriCoreContext *ctx, RzAnalysis *
 			break;
 		// SUB
 		case 0xa2: return packed_op2_sov(R(0), VARG(R(0)), VARG(R(1)), Word_b, rz_il_op_new_sub, NULL);
-		case 0x52: return packed_op2_sov(R(0), VARG("d15"), VARG(R(1)), Word_b, rz_il_op_new_sub, NULL);
-		case 0x5a: return packed_op2_sov("d15", VARG(R(0)), VARG(R(1)), Word_b, rz_il_op_new_sub, NULL);
+		case 0x52:
+		case 0x5a: return packed_op2_sov(R(0), VARG(R(1)), VARG(R(2)), Word_b, rz_il_op_new_sub, NULL);
 		case 0x01:
 			switch (extract32(ctx->word, 20, 8)) {
 			// SUB.A
@@ -4285,7 +4258,7 @@ RZ_IPI RzAnalysisLiftedILOp tricore_il_op(RzAsmTriCoreContext *ctx, RzAnalysis *
 			}
 			break;
 		// SUB.A
-		case 0x20: return packed_op2_s("a10", VARG("a10"), VARG(R(0)), Word_b, rz_il_op_new_sub, NULL, false);
+		case 0x20: return packed_op2_s(R(0), VARG(R(0)), VARG(R(1)), Word_b, rz_il_op_new_sub, NULL, false);
 		// SUBS
 		case 0x62: return packed_op2_sov(R(0), VARG(R(0)), VARG(R(1)), Word_b, rz_il_op_new_sub, ssov);
 		default: break;
@@ -4672,10 +4645,10 @@ RZ_IPI RzAnalysisLiftedILOp tricore_il_op(RzAsmTriCoreContext *ctx, RzAnalysis *
 			}
 			break;
 		}
-		case /*AND(SC)*/ 0x16: return e_op2("d15", VARG("d15"), U32(I(0)), rz_il_op_new_log_and);
+		case /*AND(SC)*/ 0x16: return e_op2(R(0), VARG(R(0)), U32(I(1)), rz_il_op_new_log_and);
 		case /*AND(SRR)*/ 0x26: return e_op2(R(0), VARG(R(0)), VARG(R(1)), rz_il_op_new_log_and);
 		case /*NOT(SR)*/ 0x46: return SETG(R(0), LOGNOT(VARG(R(0))));
-		case /*OR(SC)*/ 0x96: return e_op2("d15", VARG("d15"), U32(I(0)), rz_il_op_new_log_or);
+		case /*OR(SC)*/ 0x96: return e_op2(R(0), VARG(R(0)), U32(I(1)), rz_il_op_new_log_or);
 		case /*OR(SRR)*/ 0xa6: return e_op2(R(0), VARG(R(0)), VARG(R(1)), rz_il_op_new_log_or);
 		case /*XOR(SRR)*/ 0xc6: return e_op2(R(0), VARG(R(0)), VARG(R(1)), rz_il_op_new_log_xor);
 		default: break;
diff --git a/subprojects/capstone-next.wrap b/subprojects/capstone-next.wrap
index a22983b02d3..002f8f9a571 100644
--- a/subprojects/capstone-next.wrap
+++ b/subprojects/capstone-next.wrap
@@ -1,6 +1,6 @@
 [wrap-git]
 url = https://github.com/capstone-engine/capstone.git
-revision = 09f35961cb578cecfc4aee96a1e45bc2abc2d094
+revision = f6f967961b913cf4fc1c6233f6cf42194a0938ca
 directory = capstone-next
 patch_directory = capstone-next
 depth = 1
diff --git a/test/db/analysis/tricore b/test/db/analysis/tricore
index 37d65478aa1..6c08958f410 100644
--- a/test/db/analysis/tricore
+++ b/test/db/analysis/tricore
@@ -540,7 +540,7 @@ EXPECT=<<EOF
 |           0x800843a4      ld.w  d15, [a14]#-0x64
 |           0x800843a8      mov   d3, d2
 |           0x800843aa      mov.a a15, d15
-|           0x800843ac      st.w  [a15]#0x14, d3                       ; 20
+|           0x800843ac      st.w  [a15]#0x14, d3
 |           0x800843ae      ld.w  d15, [a14]#-0x64
 |           0x800843b2      mov.a a15, d15
 |           0x800843b4      ld.w  d15, [a15]#4
@@ -642,7 +642,7 @@ EXPECT=<<EOF
 |    || `-> 0x800844ca      ld.w  d15, [a14]#-0x64
 |    ||     0x800844ce      mov   d2, #0
 |    ||     0x800844d0      mov.a a15, d15
-|    ||     0x800844d2      st.b  [a15]#0xc, d2                        ; 12
+|    ||     0x800844d2      st.b  [a15]#0xc, d2
 |    ||     ; CODE XREFS from fcn.800842f0 @ 0x800843de, 0x800844c8
 \    ``---> 0x800844d4      ret
 EOF
@@ -893,12 +893,10 @@ EXPECT=<<EOF
 | ; SFtype __truncdfsf2(DFtype arg_a)                         |       |
 | call dbg.__truncdfsf2                                       |       |
 | mov d15, d2                                                 |       |
-| ; 12                                                        |       |
 | st.w [a15]#0xc, d15                                         |       |
 | ld.a a15, [a14]#-0x18                                       |       |
 | ld.a a15, [a15]#0                                           |       |
 | ld.w d15, [a14]#-0x14                                       |       |
-| ; 16                                                        |       |
 | st.w [a15]#0x10, d15                                        |       |
 | mov d15, #1                                                 |       |
 `-------------------------------------------------------------'       |
@@ -974,11 +972,11 @@ EXPECT=<<EOF
 | 0x80000532      ld.d  e4, [a14]#-0x10
 | 0x80000536      call  dbg.__truncdfsf2                               ; SFtype __truncdfsf2(DFtype arg_a)
 | 0x8000053a      mov   d15, d2
-| 0x8000053c      st.w  [a15]#0xc, d15                                 ; 12
+| 0x8000053c      st.w  [a15]#0xc, d15
 | 0x8000053e      ld.a  a15, [a14]#-0x18
 | 0x80000542      ld.a  a15, [a15]#0
 | 0x80000544      ld.w  d15, [a14]#-0x14
-| 0x80000548      st.w  [a15]#0x10, d15                                ; 16
+| 0x80000548      st.w  [a15]#0x10, d15
 | 0x8000054a      mov   d15, #1
 | ----------- true: 0x8000054c
 | ; CODE XREF from sym.fn1 @ 0x800004f4
diff --git a/test/db/asm/tricore b/test/db/asm/tricore
index dc6e189055d..c1cb482efe4 100644
--- a/test/db/asm/tricore
+++ b/test/db/asm/tricore
@@ -777,9 +777,9 @@ d "ld.bu d14, [a1]#-0x3ed8" 391e284c 0x000000 (seq (set EA (+ (var a1) (bv 32 0x
 d "ld.bu d15, [a11]#0x332" 39bf32c0 0x000000 (seq (set EA (+ (var a11) (bv 32 0x332))) (set d15 (cast 32 false (loadw 0 8 (var EA)))))
 d "ld.bu d7, [a14]#0x3fe0" 39e7e0f3 0x000000 (seq (set EA (+ (var a14) (bv 32 0x3fe0))) (set d7 (cast 32 false (loadw 0 8 (var EA)))))
 d "ld.bu d8, [a7]#0x6916" 39789646 0x000000 (seq (set EA (+ (var a7) (bv 32 0x6916))) (set d8 (cast 32 false (loadw 0 8 (var EA)))))
-d "ld.bu d15, [sp]#7" 0ca7 0x000000 (seq (set EA (+ (var a10) (bv 32 0x1c))) (set a15 (cast 32 false (loadw 0 8 (var EA)))))
-d "ld.bu d15, [sp]#2" 0ca2 0x000000 (seq (set EA (+ (var a10) (bv 32 0x8))) (set a15 (cast 32 false (loadw 0 8 (var EA)))))
-d "ld.bu d15, [sp]#0xf" 0caf 0x000000 (seq (set EA (+ (var a10) (bv 32 0x3c))) (set a15 (cast 32 false (loadw 0 8 (var EA)))))
+d "ld.bu d15, [sp]#7" 0ca7 0x0 (seq (set EA (+ (var a10) (bv 32 0x1c))) (set d15 (cast 32 false (loadw 0 8 (var EA)))))
+d "ld.bu d15, [sp]#2" 0ca2 0x0 (seq (set EA (+ (var a10) (bv 32 0x8))) (set d15 (cast 32 false (loadw 0 8 (var EA)))))
+d "ld.bu d15, [sp]#0xf" 0caf 0x0 (seq (set EA (+ (var a10) (bv 32 0x3c))) (set d15 (cast 32 false (loadw 0 8 (var EA)))))
 d "ld.bu d13, [a15]#1" 081d 0x000000 (seq (set EA (+ (var a15) (bv 32 0x4))) (set d13 (cast 32 false (loadw 0 8 (var EA)))))
 d "ld.bu d13, [a15]#4" 084d 0x000000 (seq (set EA (+ (var a15) (bv 32 0x10))) (set d13 (cast 32 false (loadw 0 8 (var EA)))))
 d "ld.bu d8, [a15]#0" 0808 0x000000 (seq (set EA (+ (var a15) (bv 32 0x0))) (set d8 (cast 32 false (loadw 0 8 (var EA)))))
@@ -791,7 +791,7 @@ d "ld.bu d5, [p12+c]#0x122" 29d56244 0x000000 (seq (set index (& (>> (var a12) (
 d "ld.bu d13, [p14+c]#0xd5" 29fd5534 0x000000 (seq (set index (& (>> (var a14) (bv 32 0x0) false) (bv 32 0xffff))) (set length (& (>> (var a14) (bv 32 0x10) false) (bv 32 0xffff))) (set EA (+ (var a15) (var index))) (set d13 (cast 32 false (loadw 0 8 (var EA)))) (set new_index (+ (var index) (bv 32 0xd5))) (set new_index (ite (sle (var new_index) (bv 32 0x0)) (+ (var new_index) (var length)) (mod (var new_index) (var length)))) (set a14 (append (cast 16 false (var length)) (cast 16 false (var new_index)))))
 d "ld.bu d10, [a15]#0xa" 08aa 0x000000 (seq (set EA (+ (var a15) (bv 32 0x28))) (set d10 (cast 32 false (loadw 0 8 (var EA)))))
 d "ld.bu d6, [a13]#0x4fb2" 39d6f2e4 0x000000 (seq (set EA (+ (var a13) (bv 32 0x4fb2))) (set d6 (cast 32 false (loadw 0 8 (var EA)))))
-d "ld.bu d15, [a6]#4" 0c64 0x000000 (seq (set EA (+ (var a6) (bv 32 0x10))) (set a15 (cast 32 false (loadw 0 8 (var EA)))))
+d "ld.bu d15, [a6]#4" 0c64 0x0 (seq (set EA (+ (var a6) (bv 32 0x10))) (set d15 (cast 32 false (loadw 0 8 (var EA)))))
 d "ld.bu d9, [a8+]" 0489 0x000000 (seq (set EA (var a8)) (set d9 (cast 32 false (loadw 0 8 (var EA)))) (set a8 (+ (var a8) (bv 32 0x1))))
 d "ld.bu d1, [a7]" 1471 0x000000 (seq (set EA (var a7)) (set d1 (cast 32 false (loadw 0 8 (var EA)))))
 d "ld.d e4, #0xe0002d32" 85e5f246 0x000000 (seq (set temp (loadw 0 64 (bv 32 0xe0002d32))) (set d4 (cast 32 false (var temp))) (set d5 (cast 32 false (& (>> (var temp) (bv 64 0x20) false) (bv 64 0xffffffff)))))
@@ -809,11 +809,11 @@ d "ld.da p0, #0x10003713" 851153cf 0x000000 (seq (set temp (loadw 0 64 (bv 32 0x
 d "ld.h d0, [a1]" 9410 0x000000 (seq (set EA (var a1)) (set d0 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
 d "ld.h d0, [a15]#0" 8800 0x000000 (seq (set EA (+ (var a15) (bv 32 0x0))) (set d0 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
 d "ld.h d0, [a0+]" 8400 0x000000 (seq (set EA (var a0)) (set d0 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))) (set a0 (+ (var a0) (bv 32 0x2))))
-d "ld.h d15, [a7]#0" 8c70 0x000000 (seq (set EA (+ (var a7) (bv 32 0x0))) (set a15 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
+d "ld.h d15, [a7]#0" 8c70 0x0 (seq (set EA (+ (var a7) (bv 32 0x0))) (set d15 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
 d "ld.h d0, [a1+]" 8410 0x000000 (seq (set EA (var a1)) (set d0 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))) (set a1 (+ (var a1) (bv 32 0x2))))
-d "ld.h d15, [a12]#8" 8cc4 0x000000 (seq (set EA (+ (var a12) (bv 32 0x20))) (set a15 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
-d "ld.h d15, [a14]#0x1c" 8cee 0x000000 (seq (set EA (+ (var a14) (bv 32 0x70))) (set a15 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
-d "ld.h d15, [a12]#0x14" 8cca 0x000000 (seq (set EA (+ (var a12) (bv 32 0x50))) (set a15 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
+d "ld.h d15, [a12]#8" 8cc4 0x0 (seq (set EA (+ (var a12) (bv 32 0x20))) (set d15 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
+d "ld.h d15, [a14]#0x1c" 8cee 0x0 (seq (set EA (+ (var a14) (bv 32 0x70))) (set d15 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
+d "ld.h d15, [a12]#0x14" 8cca 0x0 (seq (set EA (+ (var a12) (bv 32 0x50))) (set d15 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
 d "ld.h d11, [a15]#0x14" 88ab 0x000000 (seq (set EA (+ (var a15) (bv 32 0x50))) (set d11 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
 d "ld.h d2, [a15]#0x18" 88c2 0x000000 (seq (set EA (+ (var a15) (bv 32 0x60))) (set d2 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
 d "ld.h d8, [a15]#0" 8808 0x000000 (seq (set EA (+ (var a15) (bv 32 0x0))) (set d8 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
@@ -826,13 +826,13 @@ d "ld.h d15, [p8+c]#-0x13d" 298f83b4 0x000000 (seq (set index (& (>> (var a8) (b
 d "ld.h d11, #0x80000f13" 058bd3c8 0x000000 (seq (set EA (bv 32 0x80000f13)) (set d11 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
 d "ld.h d10, #0xf0000bf0" 05fab0f8 0x000000 (seq (set EA (bv 32 0xf0000bf0)) (set d10 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
 d "ld.h d2, #0x50001362" 055222d9 0x000000 (seq (set EA (bv 32 0x50001362)) (set d2 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
-d "ld.h d15, [a5]#0xc" 8c56 0x000000 (seq (set EA (+ (var a5) (bv 32 0x30))) (set a15 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
+d "ld.h d15, [a5]#0xc" 8c56 0x0 (seq (set EA (+ (var a5) (bv 32 0x30))) (set d15 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
 d "ld.h d8, [a1+]" 8418 0x000000 (seq (set EA (var a1)) (set d8 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))) (set a1 (+ (var a1) (bv 32 0x2))))
-d "ld.h d15, [a9]#0xc" 8c96 0x000000 (seq (set EA (+ (var a9) (bv 32 0x30))) (set a15 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
+d "ld.h d15, [a9]#0xc" 8c96 0x0 (seq (set EA (+ (var a9) (bv 32 0x30))) (set d15 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
 d "ld.h d1, [a15]#0x18" 88c1 0x000000 (seq (set EA (+ (var a15) (bv 32 0x60))) (set d1 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
 d "ld.h d1, [a15]#2" 8811 0x000000 (seq (set EA (+ (var a15) (bv 32 0x8))) (set d1 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
 d "ld.h d7, [a15]#2" 8817 0x000000 (seq (set EA (+ (var a15) (bv 32 0x8))) (set d7 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
-d "ld.h d15, [a1]#0" 8c10 0x000000 (seq (set EA (+ (var a1) (bv 32 0x0))) (set a15 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
+d "ld.h d15, [a1]#0" 8c10 0x0 (seq (set EA (+ (var a1) (bv 32 0x0))) (set d15 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
 d "ld.h d7, [a14]" 94e7 0x000000 (seq (set EA (var a14)) (set d7 (cast 32 false (let _sext_val (cast 32 (msb (loadw 0 16 (var EA))) (loadw 0 16 (var EA))) (>> (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var _sext_val) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))))))
 d "ld.hu d7, [p4+c]#0x1a4" 2947e464 0x000000 (seq (set index (& (>> (var a4) (bv 32 0x0) false) (bv 32 0xffff))) (set length (& (>> (var a4) (bv 32 0x10) false) (bv 32 0xffff))) (set EA (+ (var a5) (var index))) (set d7 (cast 32 false (loadw 0 16 (var EA)))) (set new_index (+ (var index) (bv 32 0x1a4))) (set new_index (ite (sle (var new_index) (bv 32 0x0)) (+ (var new_index) (var length)) (mod (var new_index) (var length)))) (set a4 (append (cast 16 false (var length)) (cast 16 false (var new_index)))))
 d "ld.hu d1, [p4+c]#0x141" 2941c154 0x000000 (seq (set index (& (>> (var a4) (bv 32 0x0) false) (bv 32 0xffff))) (set length (& (>> (var a4) (bv 32 0x10) false) (bv 32 0xffff))) (set EA (+ (var a5) (var index))) (set d1 (cast 32 false (loadw 0 16 (var EA)))) (set new_index (+ (var index) (bv 32 0x141))) (set new_index (ite (sle (var new_index) (bv 32 0x0)) (+ (var new_index) (var length)) (mod (var new_index) (var length)))) (set a4 (append (cast 16 false (var length)) (cast 16 false (var new_index)))))
@@ -850,12 +850,12 @@ d "ld.q d13, #0x40001e28" 454de881 0x000000 (seq (set EA (bv 32 0x40001e28)) (se
 d "ld.q d6, [p10+c]#0x74" 29a63416 0x000000 (seq (set index (& (>> (var a10) (bv 32 0x0) false) (bv 32 0xffff))) (set length (& (>> (var a10) (bv 32 0x10) false) (bv 32 0xffff))) (set EA (+ (var a11) (var index))) (set d6 (cast 32 false (<< (loadw 0 16 (var EA)) (bv 32 0x10) false))) (set new_index (+ (var index) (bv 32 0x74))) (set new_index (ite (sle (var new_index) (bv 32 0x0)) (+ (var new_index) (var length)) (mod (var new_index) (var length)))) (set a10 (append (cast 16 false (var length)) (cast 16 false (var new_index)))))
 d "ld.q d6, [p12+c]#0x14b" 29c60b56 0x000000 (seq (set index (& (>> (var a12) (bv 32 0x0) false) (bv 32 0xffff))) (set length (& (>> (var a12) (bv 32 0x10) false) (bv 32 0xffff))) (set EA (+ (var a13) (var index))) (set d6 (cast 32 false (<< (loadw 0 16 (var EA)) (bv 32 0x10) false))) (set new_index (+ (var index) (bv 32 0x14b))) (set new_index (ite (sle (var new_index) (bv 32 0x0)) (+ (var new_index) (var length)) (mod (var new_index) (var length)))) (set a12 (append (cast 16 false (var length)) (cast 16 false (var new_index)))))
 d "ld.q d7, [p4+c]#0x36" 29473606 0x000000 (seq (set index (& (>> (var a4) (bv 32 0x0) false) (bv 32 0xffff))) (set length (& (>> (var a4) (bv 32 0x10) false) (bv 32 0xffff))) (set EA (+ (var a5) (var index))) (set d7 (cast 32 false (<< (loadw 0 16 (var EA)) (bv 32 0x10) false))) (set new_index (+ (var index) (bv 32 0x36))) (set new_index (ite (sle (var new_index) (bv 32 0x0)) (+ (var new_index) (var length)) (mod (var new_index) (var length)))) (set a4 (append (cast 16 false (var length)) (cast 16 false (var new_index)))))
-d "ld.w d15, [sp]#0x158" 5856 0x000000 (seq (set EA (+ (var d10) (bv 32 0x560))) (set d15 (loadw 0 32 (var EA))))
-d "ld.w d15, [sp]#0x210" 5884 0x000000 (seq (set EA (+ (var d10) (bv 32 0x840))) (set d15 (loadw 0 32 (var EA))))
-d "ld.w d15, [sp]#0xf0" 583c 0x000000 (seq (set EA (+ (var d10) (bv 32 0x3c0))) (set d15 (loadw 0 32 (var EA))))
-d "ld.w d15, [a12]#0x38" 4cce 0x000000 (seq (set EA (+ (var a12) (bv 32 0xe0))) (set a15 (loadw 0 32 (var EA))))
-d "ld.w d15, [a5]#0x38" 4c5e 0x000000 (seq (set EA (+ (var a5) (bv 32 0xe0))) (set a15 (loadw 0 32 (var EA))))
-d "ld.w d15, [a7]#0x14" 4c75 0x000000 (seq (set EA (+ (var a7) (bv 32 0x50))) (set a15 (loadw 0 32 (var EA))))
+d "ld.w d15, [sp]#0x158" 5856 0x0 (seq (set EA (+ (var a10) (bv 32 0x560))) (set d15 (loadw 0 32 (var EA))))
+d "ld.w d15, [sp]#0x210" 5884 0x0 (seq (set EA (+ (var a10) (bv 32 0x840))) (set d15 (loadw 0 32 (var EA))))
+d "ld.w d15, [sp]#0xf0" 583c 0x0 (seq (set EA (+ (var a10) (bv 32 0x3c0))) (set d15 (loadw 0 32 (var EA))))
+d "ld.w d15, [a12]#0x38" 4cce 0x0 (seq (set EA (+ (var a12) (bv 32 0xe0))) (set d15 (loadw 0 32 (var EA))))
+d "ld.w d15, [a5]#0x38" 4c5e 0x0 (seq (set EA (+ (var a5) (bv 32 0xe0))) (set d15 (loadw 0 32 (var EA))))
+d "ld.w d15, [a7]#0x14" 4c75 0x0 (seq (set EA (+ (var a7) (bv 32 0x50))) (set d15 (loadw 0 32 (var EA))))
 d "ld.w d0, [a15]#0xc" 4830 0x000000 (seq (set EA (+ (var a15) (bv 32 0x30))) (set d0 (loadw 0 32 (var EA))))
 d "ld.w d6, [a15]#0x28" 48a6 0x000000 (seq (set EA (+ (var a15) (bv 32 0xa0))) (set d6 (loadw 0 32 (var EA))))
 d "ld.w d14, [a15]#0x1c" 487e 0x000000 (seq (set EA (+ (var a15) (bv 32 0x70))) (set d14 (loadw 0 32 (var EA))))
@@ -869,10 +869,10 @@ d "ld.w d15, [p0+c]#0x17a" 291f3a55 0x000000 (seq (set index (& (>> (var a0) (bv
 d "ld.w d11, [p12+c]#-0x75" 29cb0be5 0x000000 (seq (set index (& (>> (var a12) (bv 32 0x0) false) (bv 32 0xffff))) (set length (& (>> (var a12) (bv 32 0x10) false) (bv 32 0xffff))) (set EA (+ (var a13) (var index))) (set EA4 (+ (var a13) (mod (+ (var index) (bv 32 0x2)) (var length)))) (set d11 (append (loadw 0 16 (var EA4)) (loadw 0 16 (var EA)))) (set new_index (+ (var index) (bv 32 0xffffff8b))) (set new_index (ite (sle (var new_index) (bv 32 0x0)) (+ (var new_index) (var length)) (mod (var new_index) (var length)))) (set a12 (append (cast 16 false (var length)) (cast 16 false (var new_index)))))
 d "ld.w d2, [p2+c]#0xf9" 29323935 0x000000 (seq (set index (& (>> (var a2) (bv 32 0x0) false) (bv 32 0xffff))) (set length (& (>> (var a2) (bv 32 0x10) false) (bv 32 0xffff))) (set EA (+ (var a3) (var index))) (set EA4 (+ (var a3) (mod (+ (var index) (bv 32 0x2)) (var length)))) (set d2 (append (loadw 0 16 (var EA4)) (loadw 0 16 (var EA)))) (set new_index (+ (var index) (bv 32 0xf9))) (set new_index (ite (sle (var new_index) (bv 32 0x0)) (+ (var new_index) (var length)) (mod (var new_index) (var length)))) (set a2 (append (cast 16 false (var length)) (cast 16 false (var new_index)))))
 d "ld.w d7, [a9]" 5497 0x000000 (seq (set EA (var a9)) (set d7 (loadw 0 32 (var EA))))
-d "ld.w d15, [sp]#0x300" 58c0 0x000000 (seq (set EA (+ (var d10) (bv 32 0xc00))) (set d15 (loadw 0 32 (var EA))))
+d "ld.w d15, [sp]#0x300" 58c0 0x0 (seq (set EA (+ (var a10) (bv 32 0xc00))) (set d15 (loadw 0 32 (var EA))))
 d "ld.w d10, [a8+]" 448a 0x000000 (seq (set EA (var a8)) (set d10 (loadw 0 32 (var EA))) (set a8 (+ (var a8) (bv 32 0x4))))
 d "ld.w d8, [a15]#0x20" 4888 0x000000 (seq (set EA (+ (var a15) (bv 32 0x80))) (set d8 (loadw 0 32 (var EA))))
-d "ld.w d15, [sp]#0xd4" 5835 0x000000 (seq (set EA (+ (var d10) (bv 32 0x350))) (set d15 (loadw 0 32 (var EA))))
+d "ld.w d15, [sp]#0xd4" 5835 0x0 (seq (set EA (+ (var a10) (bv 32 0x350))) (set d15 (loadw 0 32 (var EA))))
 d "ldlcx #0xb0000450" 15b05018 0x000000 (seq (set EA (bv 32 0xb0000450)) (set d4 (loadw 0 32 (var EA))) (set d5 (loadw 0 32 (+ (var EA) (bv 32 0x4)))) (set d6 (loadw 0 32 (+ (var EA) (bv 32 0x8)))) (set d7 (loadw 0 32 (+ (var EA) (bv 32 0xc)))) (set a4 (loadw 0 32 (+ (var EA) (bv 32 0x10)))) (set a5 (loadw 0 32 (+ (var EA) (bv 32 0x14)))) (set a6 (loadw 0 32 (+ (var EA) (bv 32 0x18)))) (set a7 (loadw 0 32 (+ (var EA) (bv 32 0x1c)))) (set d0 (loadw 0 32 (+ (var EA) (bv 32 0x20)))) (set d1 (loadw 0 32 (+ (var EA) (bv 32 0x24)))) (set d2 (loadw 0 32 (+ (var EA) (bv 32 0x28)))) (set d3 (loadw 0 32 (+ (var EA) (bv 32 0x2c)))) (set a2 (loadw 0 32 (+ (var EA) (bv 32 0x30)))) (set a3 (loadw 0 32 (+ (var EA) (bv 32 0x34)))))
 d "ldlcx #0x10003931" 1510b14b 0x000000 (seq (set EA (bv 32 0x10003931)) (set d4 (loadw 0 32 (var EA))) (set d5 (loadw 0 32 (+ (var EA) (bv 32 0x4)))) (set d6 (loadw 0 32 (+ (var EA) (bv 32 0x8)))) (set d7 (loadw 0 32 (+ (var EA) (bv 32 0xc)))) (set a4 (loadw 0 32 (+ (var EA) (bv 32 0x10)))) (set a5 (loadw 0 32 (+ (var EA) (bv 32 0x14)))) (set a6 (loadw 0 32 (+ (var EA) (bv 32 0x18)))) (set a7 (loadw 0 32 (+ (var EA) (bv 32 0x1c)))) (set d0 (loadw 0 32 (+ (var EA) (bv 32 0x20)))) (set d1 (loadw 0 32 (+ (var EA) (bv 32 0x24)))) (set d2 (loadw 0 32 (+ (var EA) (bv 32 0x28)))) (set d3 (loadw 0 32 (+ (var EA) (bv 32 0x2c)))) (set a2 (loadw 0 32 (+ (var EA) (bv 32 0x30)))) (set a3 (loadw 0 32 (+ (var EA) (bv 32 0x34)))))
 d "ldlcx #0xa0003984" 15a0846b 0x000000 (seq (set EA (bv 32 0xa0003984)) (set d4 (loadw 0 32 (var EA))) (set d5 (loadw 0 32 (+ (var EA) (bv 32 0x4)))) (set d6 (loadw 0 32 (+ (var EA) (bv 32 0x8)))) (set d7 (loadw 0 32 (+ (var EA) (bv 32 0xc)))) (set a4 (loadw 0 32 (+ (var EA) (bv 32 0x10)))) (set a5 (loadw 0 32 (+ (var EA) (bv 32 0x14)))) (set a6 (loadw 0 32 (+ (var EA) (bv 32 0x18)))) (set a7 (loadw 0 32 (+ (var EA) (bv 32 0x1c)))) (set d0 (loadw 0 32 (+ (var EA) (bv 32 0x20)))) (set d1 (loadw 0 32 (+ (var EA) (bv 32 0x24)))) (set d2 (loadw 0 32 (+ (var EA) (bv 32 0x28)))) (set d3 (loadw 0 32 (+ (var EA) (bv 32 0x2c)))) (set a2 (loadw 0 32 (+ (var EA) (bv 32 0x30)))) (set a3 (loadw 0 32 (+ (var EA) (bv 32 0x34)))))