Hi! I'm wondering how would you approach binaries with targets memory layout being dynamically allocated?

I've been playing around trying to reverse some HMI+PLC -type of devices.
To be more exact, Exor eTOP50x-series devices. These utilize ARM core on SoC.
They run Exor's own "jMobile" generated project files to handle the HMI side and majority of anything else, anything not UI-related, are plain old CODESYS V2.3 binaries. Oh, and all this mess is running on top of WinCE6.
Those CODESYS files are compiled as armv7 binaries but only way to make any sense of the binaries is to manually identify allocated memory layout (codesys only tells that the memory is automatically allocated and nothing more). And most of the things ICSREF automatically identifies (such as function boundaries & header information) are there and mostly in such a way one would expect... but header addresses don't make any sense and those strings used as identifiers are different than the ones used in the PRG_analysis.py ... I made some progress by manually identifying forementioned addresses & strings... And by modifying the PRG_analysis.py accordingly, but never got the analysis to complete successfully.. most far I've gotten it to run was up to 'find static libraries' -routine... nevertheless, the generaterd work-in-progress HEX proved to be very useful.

Anyway, I believe this situation / class of devices are out of scope for ICSREF anyway - at least for now? And since I got satisfactory results anyway, this is query is mostly just out of curiosity.

Anyway, very impressive & interesting work! I sure hope this project has a future!