Uplifting 8051 architecture to new IL #1609
Conversation
Heersin
force-pushed
the
asan_integrate_new_il
branch
from
ce05b8c
to
bb72753
Compare
|
Please rebase on top of the latest IL branch, there are way too many conflicts. |
Basstorm
force-pushed
the
asan-fuzz-uplifting-8051
branch
3 times, most recently
from
f541f68
to
7b22784
Compare
Heersin
force-pushed
the
asan_integrate_new_il
branch
3 times, most recently
from
32f7093
to
f0fc2f0
Compare
Heersin
force-pushed
the
asan_integrate_new_il
branch
from
f0fc2f0
to
6f1372a
Compare
Heersin
force-pushed
the
asan_integrate_new_il
branch
from
6f1372a
to
7da8ec3
Compare
Heersin
force-pushed
the
asan_integrate_new_il
branch
2 times, most recently
from
343cc78
to
570cffc
Compare
|
@Basstorm please rebase on top of the latest |
Basstorm
force-pushed
the
asan-fuzz-uplifting-8051
branch
2 times, most recently
from
c47b6c7
to
c147ae5
Compare
|
There are many failing tests. I recommend to start addressing them one by one |
| return oplist; | ||
| } | ||
|
|
||
| RzPVector *i8051_movx(RzILVM *vm, ut64 id, const ut8 *buf, _8051_op_t op) { |
| @@ -1257,7 +3613,7 @@ static int i8051_op(RzAnalysis *analysis, RzAnalysisOp *op, ut64 addr, const ut8 | |||
| if (mask & RZ_ANALYSIS_OP_MASK_ESIL) { | |||
There was a problem hiding this comment.
I think ESIL here can be removed completely.
There was a problem hiding this comment.
yes, will remove that when the uplifing work is done
| return true; | ||
| } | ||
|
|
||
| // create core theory VM |
There was a problem hiding this comment.
Better to refer to it as RZIL VM outside of the RZIL module.
librz/analysis/p/analysis_8051.c
Outdated
| RzAnalysisRzil *rzil = analysis->rzil; | ||
|
|
||
| if (rzil->inited) { | ||
| eprintf("Already init\n"); |
librz/analysis/p/analysis_8051.c
Outdated
| RzILOp *var_c = rz_il_new_op(RZIL_OP_VAR); | ||
| var_c->op.var->v = "PSW"; | ||
|
|
||
| RzILOp *int_ = rz_il_new_op(RZIL_OP_INT); |
There was a problem hiding this comment.
I wonder if we can shorten this pattern of:
RzILOp *op = rz_il_new_op(RZIL_OP_TYPE);
op->op.something = x;
op->op.another = y;@ret2libc @thestr4ng3r @wargio any ideas?
There was a problem hiding this comment.
static inline RzILOp *rz_il_new_op_int(ut64 /* or what the actual type is */ value, size_t length) {
RzILOp *r = rz_il_new_op(RZIL_OP_INT);
if (!r) {
return NULL;
}
r->op.int_->value = value;
r->op.int_->length = length;
return r;
}and add that for all op types
There was a problem hiding this comment.
I guess you mean to have this function for each type of il_op, right? If so, I agree with that.
So you'd have rz_il_new_op_int, rz_il_new_op_logand, rz_il_new_op_shiftl, rz_il_new_op_shiftr, etc.
There was a problem hiding this comment.
Yes. You could also compose them like rz_il_new_op_shiftl(stuff, rz_il_new_op_int(42, 8)).
There was a problem hiding this comment.
Agree, add family functions of new_op
There was a problem hiding this comment.
just add the family functons in this 8051? or add them into RZIL module?
| RzILOp *perform_b = rz_il_new_op(RZIL_OP_PERFORM); | ||
| perform_b->op.perform->eff = set_b; | ||
|
|
||
| RzPVector *oplist = rz_il_make_oplist(id, 8, var_a, var_b, div, mod, set_a, perform_a, set_b, perform_b); |
There was a problem hiding this comment.
I wonder if we want to add also the rz_il_oplist_push() that will allow to add the ops one by one. cc @Heersin @thestr4ng3r @ret2libc
There was a problem hiding this comment.
Wouldn't that be just rz_pvector_push()?
There was a problem hiding this comment.
Yes, but I think it would be nice to have a semantically-linked wrapper.
| RzILOp *var_a = rz_il_new_op(RZIL_OP_VAR); | ||
| var_a->op.var->v = "ACC"; | ||
|
|
||
| char *regname = get_regname_bybase(buf[0], 0xE2); |
There was a problem hiding this comment.
where is this 0xE2 coming from?
There was a problem hiding this comment.
from the Opcode table in the description of this PR.
There was a problem hiding this comment.
Few things:
- how are we testing these conversions? As said in the past, I think we should configure a system to compare a piece of assembly code executed under the debugger and one executed with RzIL(generated from the original code) to make sure that the IL actually applies operation in the right way. Until we have such a system, these conversion will be hard/impossible to really review.
- shall we have all these lifters somewhere else instead of p/analysis_x.c? I expect they will be quite big...
|
@ret2libc full testing can be done once whole architecture converted, then we can compare the debugger results with the emulated results of some trace. |
Not really necessary to convert a whole arch to start testing. The idea is to have things like: This would be a test. You can start by converting just the Then you could have another test: And so on and so on. This way you have a very good way to develop without having to "hope" that everything will be alright at the end of the day. Until we have something like that that allows us to test pieces of assemblies, we are just blindly writing code hoping that it will work well. I'm not saying this PR is not ok, but before we move too much forward with the IL I think testing is foundamental. |
I agree with @ret2libc that there should be a way to uplift progressively. Otherwise the uplifting of big, complex arches like x86 might become non-starters. |
Basstorm
force-pushed
the
asan-fuzz-uplifting-8051
branch
from
c147ae5
to
4b3c7b4
Compare
Basstorm
force-pushed
the
asan-fuzz-uplifting-8051
branch
from
4b3c7b4
to
1dc6426
Compare
Basstorm
force-pushed
the
asan-fuzz-uplifting-8051
branch
from
6d7537f
to
f64f917
Compare
|
to test the code, please use example: |
|
@Basstorm do you have plans to finish this? |
|
@imbillow assigned you, but I think it's probably better to start a new PR when you will work on it. Once you open a new one, feel free to close this. |
|
Will start a new one later. |
Your checklist for this pull request
Detailed description
Instrunction set: https://www.win.tue.nl/~aeb/comp/8051/set8051.html
Test plan
...
Closing issues
...