search

rizinorg / rizin

UNIX-like reverse engineering framework and command-line toolset.
https://rizin.re
GNU Lesser General Public License v3.0
2.71k stars 363 forks source link

PPC: `ca32` and `ov32` flags and `ppr32` missing #2900

Open Rot127 opened 2 years ago

Rot127 commented 2 years ago

Is your feature request related to a problem? Please describe.

The ISA v3 only ca32 and ov32 flags and register ppr32 are not implemented. While this is not a huge problem it prevents rz-tracetest to test mfxer instructions against QEMU traces binaries compiled for ISA v3.

mfxer copies a value from xer to a gpr register (and with it the ca32, ov32 flags).

QEMU and Rizin have a mismatch in register content here. QEMU will set and trace the flag bits whenever it runs a binary for ISAv3 (which is expected). But since Rizin does not support ISAv3 registers and flags the register content has a mismatch.

The rz-trace adapter has the possibility to change the register content for such cases but for the mfxer instruction it can only change the value of the xer register. Not the target gpr register. Hence this instruction fails in rz-tracetest because of the mismatch in the GPR register.

Describe the solution you'd like

Some kind of analysis.cpu = ISA300 option should be addded which uses a register profile with the ca32 and ov32 flags and ppr32.

Implementing the flags for all CPUs (also < v3 ones) will not work. BAPs QEMU does not add those flags to the trace for non v3 binaries.

Considered alternatives

None

Additional context rz-tracetest needs to be fixed as well after this is implemented: https://github.com/rizinorg/rz-tracetest/blob/a819756a5627105f59d445707a7d0877171c540d/rz-tracetest/adapter.cpp#L181 Some of this was already implemented before: https://github.com/Rot127/rizin/tree/Examples-ppc-rzil-isav3-regs

XVilka commented 2 years ago

Probably makes sense to open an issue in https://gitlab.com/qemu-project/qemu/-/issues

Rot127 commented 2 years ago

This is not an issue in QEMU so there is no need for it. Edited the issue above to make this clear.

XVilka commented 10 months ago

@Rot127 could you please review and address this since Capstone/Rizin support was improved since?

Rot127 commented 10 months ago

Yes, though I would give it pretty low priority. The emulation works perfectly fine without them. Rizin just doesn't implement the ca32, ov32 flags. Which shouldn't be a problem usually.