[Vm-dev] [GSoC] ARM JIT Progress

Lars lars.wassermann at googlemail.com
Sun Jun 17 12:52:36 UTC 2012


Hello,
while I didn't work so much for GSoC after my last mail, because it were 
the last weeks of my semester and everybody wanted a project finished 
and exam written, I started diving into different ARM emulators and 
disassemblers last week.

QEMU I just inspected briefly. While they do have the user mode for 
emulating single processes and a mechanic to invalidate entries in their 
code cache, the sheer amount of options and code seems like an 
unnecessary obstacle, given that the goal is to emulate single 
instructions, up to some dozens, and inspect the processor state afterwards.
I wasn't able to build skyeye on my system (Win7), so I didn't look 
further into that.

The GNU Armulator is quite badly documented, but small. You can find it 
in the gdb code base (/sim/arm). All the HowTos mention that it can be 
called with 'target sim', but that didn't work for me, neither in 
Windows nor in Linux. I managed to build it as a stand-alone program, 
but it didn't give meaningful output using a practically empty 
ARM-binary. It just finished after quite some computation time (~1min).
Nevertheless, the code is well structured and I'm optimistic that I will 
be able to emulate some binary chunks tomorrow evening. I already 
succeeded in writing a printcpu.c for their processor data-structure.

As a disassembler, we decided to use the one which is shipped with gdb. 
That is the libopcodes[1] library which is also used in GNU binutils. 
Just like the emulator, it suffers from lack of documentation. For 
configuring it with different architectures, use e.g. './configure 
--enable-targets=arm-linux,i386-linux', the compile it. I extracted an 
example code snippet showing how to use it from another library, which 
tries to build an interface for libopcodes[2].

Once I am able to execute some code on the emulator, I will start 
writing the VM-plugin.

Enjoy your Sunday,
Lars

[1] 
http://sourceware.org/gdb/onlinedocs/gdbint/Support-Libraries.html#Support-Libraries
[2] http://mkfs.github.com/content/opdis/
-------------- next part --------------
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>

#include <bfd.h> //is also done in dis-asm.h

#include <dis-asm.h>

int
my_fprintf(void* stream, const char * format, ...)
  {
    va_list arg;

    va_start(arg,format);
    vfprintf(stdout, format, arg);
    return 0;
  }

int
main ()
  {
    char data[8] = {0xE3, 0xA0, 0x10, 0x80, 
    		    0xE2, 0x81, 0x00, 0x01};
    bfd_byte* buf = (bfd_byte*) &data[0];
    
    disassemble_info* c = (disassemble_info*) calloc(1, sizeof(disassemble_info));
    // void init_disassemble_info (struct disassemble_info *dinfo, void *stream, fprintf_ftype fprintf_func)
    init_disassemble_info ( c, stdout, my_fprintf);
    
    //c->application_data
    //c->memory_error_func
    
    // set architecture
    c->arch = bfd_arch_arm;
    // set the specific machine: unknown allows all instructions in the libraries database
    c->mach = bfd_mach_arm_unknown;
    
    // should set the disassembler field of c to the right function
    disassemble_init_for_target( c );
    // given a bfd, the disassembler can find the arch by itself.
    //disassemble = disassembler( c );
    
    c->buffer_vma = 0;
    c->buffer = buf;
    c->buffer_length = 8;
    
    // while-loop for calling single instruction decoding:
    unsigned int count = 0;
    size_t pos = 0;
    size_t length = c->buffer_length;
    size_t max_pos = c->buffer_vma+length;
    
    while(pos < max_pos)
      {
      	//disassembler-function: print_insn_big_arm
      	//other possible functions are listed in opcodes/dissassemble.c
      	unsigned int size = print_insn_big_arm((bfd_vma) pos, c);
      	pos += size;
      	count++;
      	fprintf(stdout, "\n");
      }
    return 0;
  }


More information about the Vm-dev mailing list