diff --git a/include/fxos/passes/cfg.h b/include/fxos/passes/cfg.h
index 561e6c9..a3b9953 100644
--- a/include/fxos/passes/cfg.h
+++ b/include/fxos/passes/cfg.h
@@ -45,6 +45,7 @@
 #define FXOS_PASSES_CFG_H
 
 #include <fxos/disassembly.h>
+#include <fxos/passes/pcrel.h>
 #include <set>
 
 namespace FxOS {
@@ -69,6 +70,8 @@ private:
     uint32_t m_lastFunction;
     /* Set of instructions in a function, used to generate new claims */
     std::set<uint32_t> m_claimedInstructions;
+    /* pcrel pass used to find call to other functions */
+    PcrelPass m_pcrel;
 };
 
 } /* namespace FxOS */
diff --git a/lib/passes/cfg.cpp b/lib/passes/cfg.cpp
index 73d9b33..eeb7942 100644
--- a/lib/passes/cfg.cpp
+++ b/lib/passes/cfg.cpp
@@ -13,7 +13,7 @@
 namespace FxOS {
 
 CfgPass::CfgPass(Disassembly &disasm):
-    InstructionPass(disasm), m_claimedInstructions {}
+    InstructionPass(disasm), m_claimedInstructions {}, m_pcrel {disasm}
 {
     this->setAllowDiscovery(true);
 }
@@ -94,6 +94,7 @@ bool CfgPass::analyzeInstruction(uint32_t pc, Instruction &i)
         i.jmptarget = jmptarget;
     }
 
+    m_pcrel.analyzeInstruction(pc, i);
     return true;
 }
 
diff --git a/shell/a.cpp b/shell/a.cpp
index 404479e..39ec594 100644
--- a/shell/a.cpp
+++ b/shell/a.cpp
@@ -50,20 +50,6 @@ static void ad_disassemble_all(
     printf("\n");
     FxOS_log(LOG, "Finished pass <cfg> in %s", timer.format_time());
 
-    /* Annotate all decoded instructions with pcrel/syscall
-	   TODO: analyze only the functions, if possible */
-    printr("[pcrel] Resolving PC-relative addressing modes...");
-    timer.restart();
-    PcrelPass pcrel_pass(space.disasm);
-    if(!pcrel_pass.analyzeAllInstructions()) {
-        errors++;
-        if(!force)
-            return;
-    }
-    timer.stop();
-    printf("\n");
-    FxOS_log(LOG, "Finished pass <pcrel> in %s", timer.format_time());
-
     printr("[syscall] Finding syscall references...");
     timer.restart();
     OS *os = space.os_analysis();
@@ -207,7 +193,7 @@ static void _am_cg_main_menu_function(VirtualSpace &vspace)
             continue;
 
         /* Return the target of the bsr instruction */
-        uint32_t fun_addr = sc_addr + 2*(i+2) + 4 + disp * 2;
+        uint32_t fun_addr = sc_addr + 2 * (i + 2) + 4 + disp * 2;
 
         fmt::print("found widget at 0x{:08x}\n", sc_addr + 2 * i);
         fmt::print("rX = r{}, rY = r{}, disp = {}\n", rX, rY, disp);
@@ -278,8 +264,8 @@ static ShellCommand _am_cmd(
         auto name = parse_am(s, p);
         _am(s, name);
     },
-    [](Session &s, Parser &p) { parse_am(s, p); },
-    "Analysis: Misc functions", R"(
+    [](Session &s, Parser &p) { parse_am(s, p); }, "Analysis: Misc functions",
+    R"(
 am <name>
 
 Runs miscellaneous analysis functions; commonly used for prototyping.
diff --git a/shell/d.cpp b/shell/d.cpp
index d892089..a3577bb 100644
--- a/shell/d.cpp
+++ b/shell/d.cpp
@@ -128,8 +128,9 @@ void _d(Session &session, std::variant<long, Range> location)
             address++;
         }
 
+        /* cfg implicitly does pcrel */
         disassemble(session, disasm,
-            {"cfg", "pcrel", /*"constprop",*/ "syscall", "print"}, address);
+            {"cfg", /*"constprop",*/ "syscall", "print"}, address);
     }
 }