New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Disassemling ppc and systemz #730

Merged
merged 2 commits into from Jan 12, 2018

Conversation

Projects
None yet
2 participants
@gitoleg
Contributor

gitoleg commented Oct 13, 2017

This PR allow us to disassemble powerpc targets.
So what is new:

  1. slightly changed Arch.to_string function, so llvm-based disassembler could be created now for powerpc, powerpc64 and systemz arches without any problems;
  2. our llvm-based elf loader can deal with .opd section, so we can have some output when working with powerpc64 files.

Clarification.
We didn't observe any output when we called bap with a simple hello-world example for powerpc64:

bap hello -dsymbols --no-byteweight --no-cache --no-ida

The reason is that entry in symbol table contains an address to a function descriptor in .opd section, that in its turn contains an address of entry point of a function in .text. And what do we have now:

bap hello -dsymbols --no-byteweight --no-cache --no-ida
.__libc_csu_fini 
.__libc_csu_init 
._start 
.main 

Symbols in symbol table doesn't prefixed with dot, such names are reserved for the real functions in .text, so we have to repeat this behavior.

(may take a look at http://refspecs.linuxfoundation.org/ELF/ppc64/PPC-elf64abi.html#FUNC-DES)

@ivg ivg changed the title from Disassemling ppc to Disassemling ppc and systemz Oct 13, 2017

@ivg

The bap_arch.ml chunk is fine, that I approve, concerning the opd section, we shouldn't make our llvm loader powerpc specific, that breaks open/closed principal and drags our into the vertex of a code threaded with tons of if/then/else for each combination of ABI/Architecture/Moon phase).

So let's split this into two different taks - the first one for fixing the naming issue, the second one (that is of low priority) that will deal with the POD sections. And it will also give me some time to figure out what are they and how to deal with them.

@ivg

please update the Arch.of_string function so that it will match with the to_string function. The general rule is that the of_string domain should be a superset of to_string, in particular it means that of_string (to_string x) is defined for all x.

gitoleg added some commits Jan 12, 2018

updated Bap_arch
Those changes allow to disasemble powerpc targets
@ivg

ivg approved these changes Jan 12, 2018

@ivg ivg merged commit 53516b3 into BinaryAnalysisPlatform:master Jan 12, 2018

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details

@gitoleg gitoleg deleted the gitoleg:disasm-ppc branch Feb 11, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment