Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ding-Yong Hong.  Register movement: mov, movi  Logical: and, or, xor, shl, shr, …  Arithmetic: add, sub, mul, div, …  Memory Ops: qemu_ld, qemu_st.

Published by Modified over 10 years ago

Similar presentations

Presentation on theme: "Ding-Yong Hong.  Register movement: mov, movi  Logical: and, or, xor, shl, shr, …  Arithmetic: add, sub, mul, div, …  Memory Ops: qemu_ld, qemu_st."— Presentation transcript:

1 Ding-Yong Hong

2  Register movement: mov, movi  Logical: and, or, xor, shl, shr, …  Arithmetic: add, sub, mul, div, …  Memory Ops: qemu_ld, qemu_st ◦ Ex: mov %eax, 0x4(%ebx)  Internal memory Ops: ld, st ◦ Used to access entry of CPUState ◦ Ex: movi 0x8000000, 0x20(%r14)# env->eip = 0x8000000  Branch Ops: jmp, br, brcond  Helper function: call  Misc: exit_tb, end  Index to opcode: INDEX_op_XXX ◦ Ex: INDEX_op_add

3  gen_opc_buf: list of opcodes  gen_opparam_buf: list of opcode parameters Ex: mov %eax, %ebx add %ebx, %ecx mov 0x10, %edx... jmp 0x8000000...... gen_opc_buf gen_opparam_buf mov add moviend exit_tb

4  TCG-to-LLVM IR functions are contained in class IRFactory ◦ All functions are named op_XXX and have the same interface TCGArg *args ◦ The return value of a function is # parameters used in this op ◦ All IR function pointers are stored in a mapping table class IRFactory { int op_mov (const TCGArg *args); int op_add (const TCGArg *args); int op_call (const TCGArg *args); map OpcFn; };...... gen_opc_buf gen_opparam_buf mov add moviend exit_tb args = gen_opparam_buf; for (i = 0; I < num_opc; i++) { TCGOpcode opc = gen_opc_buf [i]; NumParam = (IF->*OpcFn[opc])(args); args += NumParam; }

5  Information about virtual registers allocated in TCG IR  We prepare the same # of LLVM virtual registers...... gen_opc_buf gen_opparam_buf mov add moviend exit_tb tmp1 tmp2tmp8 struct Register { int Type; int Base; int Size; llvm_offset Off; char *Name; Value *Data; bool Dirty; }; Register Reg[0] {.Type = I32;.Base = R14;.Size = 32;.Off = 0x4;.Name = “ecx”;.Data = NULL;.Dirty = false; }; tmp1 tmp2 tmp8..... Register eaxebx

6  LoadInput() is to load state from CPUState to LLVM virtual register  Return value if already loaded or load from memory..... Register Register Reg[8] {.Type = I32;.Base = R14;.Size = 32;.Off = 0x4;.Name = “ecx”;.Data = NULL;.Dirty = false; }; X llvm::Value Register Reg[8] {.Type = I32;.Base = R14;.Size = 32;.Off = 0x4;.Name = “ecx”;.Data = pointer to Value(X);.Dirty = false; };

7  Register movement: mov, movi int IRFactory::op_mov_i32(const TCGArg *args) { Register *Out = &Reg[args[0]]; Register *In = &Reg[args[1]]; Value *InData = LoadInput(In); # A = new LoadInst(addr); Out->setData(InData, true); return 2; } args[0]..... Register args[1] struct Register Reg[args[0]] Reg[args[1]] { int Type; int Base; int Size; llvm_offset Off; char *Name; Value *Data; A A bool Dirty; true false }; A llvm::Value opc args mov

8  Logical: and, or, xor, shl, shr, …  Arithmetic: add, sub, mul, div, … int IRFactory::op_add_i32(const TCGArg *args) { Register *Out = &Reg[args[0]]; Register *In1 = &Reg[args[1]]; Register *In2 = &Reg[args[2]]; Value *InData1 = LoadInput(In1); Value *InData2 = LoadInput(In2); Value *OutData; = ADD(InData1, InData2); Out->setData(OutData, true); return 3; } #define AND(a,b) BinaryOperator::Create(Instruction::And, a, b, "", InsertPos) #define OR(a,b) BinaryOperator::Create(Instruction::Or, a, b, "", InsertPos) #define ADD(a,b) BinaryOperator::Create(Instruction::Add, a, b, "", InsertPos) opc args add tmp1 tmp2

9  Memory Ops: qemu_ld, qemu_st ◦ Ex: mov 0x4(%ebx), %eax int IRFactory::op_qemu_ld32(const TCGArg *args) { Register *Out = &Reg[args[0]]; Register *In = &Reg[args[1]]; Value *InData = LoadInput(In); # load %ebx SaveGlobals(COHERENCE_GLOBAL, LastInst); InData = QEMULoad(InData, GUEST_BASE, 2, args[2]); Out->setData(InData, true); return 3; } opc args qemu_ld32 eaxebx0x4

10  SaveGlobals() is to store dirty states back to memory  Opcodes need to save states ◦ op_jmp ◦ op_br ◦ op_brcond ◦ op_call ◦ op_goto_tb ◦ op_exit_tb ◦ op_qemu_ld_XXX ◦ op_qemu_st_XXX D D..... Register A Register Reg[1] {.Type = I32;.Base = R14;.Size = 32;.Off = 0x4;.Name = “ecx”;.Data = pointer to X;.Dirty = true; }; X llvm::Value

11  QEMULoad() S1: mov %eax, %ebx S2: add %eax, %ecx S3: add %eax, %edx S4: mov (%eax), eax S5: mov %eax, %ebx S6: mov %eax, %ebx Guest code: S1’: … S2’: … S3’: … S4’: op_qemu_ld32 %1 = LoadInput ( %eax ) %2 = do_tlb_Lookup ( %r0 ) If %2 = HIT then mov (%eax), eax goto S5’ else # page fault call PageFaultHelper() endif S5’: … S6’: … Host code: translate

12  Internal memory Ops: ld, st ◦ Used to access entry of CPUState ◦ Ex: movi 0x8000000, 0x20(%r14)  Branch Ops: jmp, br, brcond  Helper function: call  Misc: exit_tb, end

Download ppt "Ding-Yong Hong.  Register movement: mov, movi  Logical: and, or, xor, shl, shr, …  Arithmetic: add, sub, mul, div, …  Memory Ops: qemu_ld, qemu_st."

Similar presentations

Practical Malware Analysis

Practical Malware Analysis
A simple register allocation optimization scheme.

A simple register allocation optimization scheme.
COMP 2003: Assembly Language and Digital Logic

COMP 2003: Assembly Language and Digital Logic
C Programming and Assembly Language Janakiraman V – NITK Surathkal 2 nd August 2014.

C Programming and Assembly Language Janakiraman V – NITK Surathkal 2 nd August 2014.
Introduction to Assembly Here we have a brief introduction to IBM PC Assembly Language –CISC instruction set –Special purpose register set –8 and 16 bit.

Introduction to Assembly Here we have a brief introduction to IBM PC Assembly Language –CISC instruction set –Special purpose register set –8 and 16 bit.
Lecture 11 – Code Generation Eran Yahav 1 Reference: Dragon 8. MCD 4.2.4 www.cs.technion.ac.il/~yahave/tocs2011/compilers-lec11.pptx.

Lecture 11 – Code Generation Eran Yahav 1 Reference: Dragon 8. MCD
PC hardware and x86 3/3/08 Frans Kaashoek MIT

PC hardware and x86 3/3/08 Frans Kaashoek MIT
Accessing parameters from the stack and calling functions.

Accessing parameters from the stack and calling functions.
Compiler Construction Activation records Code Generation Rina Zviel-Girshin and Ohad Shacham School of Computer Science Tel-Aviv University.

Compiler Construction Activation records Code Generation Rina Zviel-Girshin and Ohad Shacham School of Computer Science Tel-Aviv University.
Compiler Construction Code Generation I Ran Shaham and Ohad Shacham School of Computer Science Tel-Aviv University.

Compiler Construction Code Generation I Ran Shaham and Ohad Shacham School of Computer Science Tel-Aviv University.
Overview von Neumann Model Components of a Computer Some Computer Organization Models The Computer Bus An Example Organization: The LC-3.

Overview von Neumann Model Components of a Computer Some Computer Organization Models The Computer Bus An Example Organization: The LC-3.
Princess Sumaya Univ. Computer Engineering Dept. Chapter 2:

Princess Sumaya Univ. Computer Engineering Dept. Chapter 2:
Machine-Level Programming 3 Control Flow Topics Control Flow Switch Statements Jump Tables.

Machine-Level Programming 3 Control Flow Topics Control Flow Switch Statements Jump Tables.
6.828: PC hardware and x86 Frans Kaashoek

6.828: PC hardware and x86 Frans Kaashoek
University of Washington x86 Programming III The Hardware/Software Interface CSE351 Winter 2013.

University of Washington x86 Programming III The Hardware/Software Interface CSE351 Winter 2013.
Code Generation Gülfem Savrun Yeniçeri CS 142 (b) 02/26/2013.

Code Generation Gülfem Savrun Yeniçeri CS 142 (b) 02/26/2013.
Recitation 2: Outline Assembly programming Using gdb L2 practice stuff Minglong Shao Office hours: Thursdays 5-6PM Wean Hall.

Recitation 2: Outline Assembly programming Using gdb L2 practice stuff Minglong Shao Office hours: Thursdays 5-6PM Wean Hall.
5. Assembly Language. Basics of AL Program data Pseudo-ops Array Program structures Data, stack, code segments.

5. Assembly Language. Basics of AL Program data Pseudo-ops Array Program structures Data, stack, code segments.
Microprocessors The ia32 User Instruction Set Jan 31st, 2002.

Microprocessors The ia32 User Instruction Set Jan 31st, 2002.
1 Logic, Shift, and Rotate Instructions Read Sections 6.2, 7.2 and 7.3 of textbook.

1 Logic, Shift, and Rotate Instructions Read Sections 6.2, 7.2 and 7.3 of textbook.

Similar presentations

Ads by Google