remill icon indicating copy to clipboard operation
remill copied to clipboard

Published 20 hours ago verified publisher icon lifting-bits

Add TCG meta-architecture support

Open pgoodman opened this issue 7 years ago • 2 comments
trafficstars

Bringing up new architectures is challenging, and even for supported architectures, there remain many instructions that we don't model. QEMU's Tiny Code Generator (TCG) is a permissively licensed library used by QEMU for dynamic translation of machine code instructions to an intermediate form for later JIT-compiling. It should be possible to treat TCG as an architecture or meta-architecture of its own in Remill, defining the semantics of TCG instructions using DEF_SEM and DEF_ISEL. In theory, by supporting TCG, we could support the architectures that TCG supports, which are numerous.

pgoodman avatar Apr 18 '18 18:04 pgoodman

This is a greatl idea! Maybe you can check out what S2E and RevGen do and see if there are any useful ideas there. Yeah, shameless plug :)

adrianherrera avatar Apr 19 '18 10:04 adrianherrera

My understanding of the major complexity of this issue is that it's more than just "support TCG": it's about supporting the individual CPU implementations of QEMU which generate TCG.

pgoodman avatar Aug 30 '18 18:08 pgoodman