search

bdcht / amoco

yet another tool for analysing binaries
GNU General Public License v2.0
462 stars 65 forks source link

Signextend of memory symbol does not work #70

Closed sqall01 closed 8 years ago

sqall01 commented 8 years ago

Hi,

first of all, thanks for amoco. It is really a very nice project and very well designed.

I am adding the Infineon Tricore architecture to amoco for a project I am working on. I think I found a bug for memory symbols. I am currently adding the semantics of the instructions and have to extend a memory symbol with a 8 bit size to a 32 bit. This does not work.

The code looks something like this:

def i_ld_b(i, fmap):

    fmap[pc] = fmap[pc] + i.length

    # ld_b ABS encoding
    # "regs_D[s1_d] = sign_ext( BYTE [off] )"
    dest = i.operands[0]
    op1 = mem(i.operands[1])[0:8]

    print op1
    # TODO BUG in amoco, does not extend memory symbol
    # M8(0x622c9) after signextend 32 => M8(0x622c9) <- WRONG
    op1.signextend(32)

    print op1

    fmap[dest] = op1

A short description: In "dest" is a register object with a size of 32 bit ( reg('d15', 32) to be exact), in "i.operands[1]" is a cst object with size 32 bit and hence in "op1" is a mem object of size 8 in the beginning. I try to sign extend the memory object to 32 bit because the register has the size. Unfortunately, it does not work. I added the "print op1" instruction before and after the sign extend. This is the output I get:

M8(0x622c9) M8(0x622c9) Traceback (most recent call last): File "/home/sqall/work/tricore/amoco/playground.py", line 55, in main() File "/home/sqall/work/tricore/amoco/playground.py", line 44, in main print block.map File "/home/sqall/work/tricore/amoco/amoco/code.py", line 45, in map self._map = mapper(self.instr) File "/home/sqall/work/tricore/amoco/amoco/cas/mapper.py", line 44, in init if not instr.misc['delayed']: instr(self) File "/home/sqall/work/tricore/amoco/amoco/arch/core.py", line 67, in call i_xxx(self,map) File "/home/sqall/work/tricore/amoco/amoco/arch/tricore/asm.py", line 142, in i_ld_b fmap[dest] = op1 File "/home/sqall/work/tricore/amoco/amoco/cas/mapper.py", line 205, in setitem raise ValueError('size mismatch') ValueError: size mismatch

Hopefully, this is an easy to fix bug.

Cheers,

sqall

sqall01 commented 8 years ago

Ah never mind. I just realized that signextend() does not change the object itself, but returns a new object. Changing the line to:

op1 = op1.signextend(32)

works. But still, thanks.

bdcht commented 8 years ago

Hi, thanks for your interest in amoco, it's nice to ear about new archs! Almost all expressions related methods (including signextend) are not in-place modifications but rather return a new expression. So in you case you should consider::

v = op1.signextend(32)
print v

Also note that mem(i.operands[1])[0:8] is preferably written as mem(i.operands[1],8). Finally, you will want to write::

fmap[dest] = fmap(v)

which says: in fmap destination dest put the symbolic interpretation of v within fmap. Don't esitate to ask if it's not clear, getting used to these symbolic manipulation is a bit tricky.

Axel

Le lun. 5 sept. 2016 11:54, Andre Pawlowski notifications@github.com a écrit :

Hi,

first of all, thanks for amoco. It is really a very nice project and very well designed.

I am adding the Infineon Tricore architecture to amoco for a project I am working on. I think I found a bug for memory symbols. I am currently adding the semantics of the instructions and have to extend a memory symbol with a 8 bit size to a 32 bit. This does not work.

The code looks something like this:

def i_ld_b(i, fmap):

fmap[pc] = fmap[pc] + i.length

# ld_b ABS encoding
# "regs_D[s1_d] = sign_ext( BYTE [off] )"
dest = i.operands[0]
op1 = mem(i.operands[1])[0:8]

print op1
# TODO BUG in amoco, does not extend memory symbol
# M8(0x622c9) after signextend 32 => M8(0x622c9) <- WRONG
op1.signextend(32)

print op1

fmap[dest] = op1

A short description: In "dest" is a register object with a size of 32 bit ( reg('d15', 32) to be exact), in "i.operands[1]" is a cst object with size 32 bit and hence in "op1" is a mem object of size 8 in the beginning. I try to sign extend the memory object to 32 bit because the register has the size. Unfortunately, it does not work. I added the "print op1" instruction before and after the sign extend. This is the output I get:

M8(0x622c9) M8(0x622c9) Traceback (most recent call last): File "/home/sqall/work/tricore/amoco/playground.py", line 55, in main() File "/home/sqall/work/tricore/amoco/playground.py", line 44, in main print block.map File "/home/sqall/work/tricore/amoco/amoco/code.py", line 45, in map self. _map = mapper(self.instr) File "/home/sqall/work/tricore/amoco/amoco/cas/mapper.py", line 44, in init if not instr.misc['delayed']: instr(self) File "/home/sqall/work/tricore/amoco/amoco/arch/core.py", line 67, in call i_xxx(self,map) File "/home/sqall/work/tricore/amoco/amoco/arch/tricore/asm.py", line 142, in i_ld_b fmap[dest] = op1 File "/home/sqall/work/tricore/amoco/amoco/cas/mapper.py", line 205, in setitem raise ValueError('size mismatch') ValueError: size mismatch

Hopefully, this is an easy to fix bug.

Cheers,

sqall

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/bdcht/amoco/issues/70, or mute the thread https://github.com/notifications/unsubscribe-auth/AAuwNZLzZYbocbgb6twxNMi8KE6Z7puTks5qm-btgaJpZM4J06tF .