wargio / libvle Goto Github PK
View Code? Open in Web Editor NEWPowerPC VLE disassembler library
License: GNU Lesser General Public License v3.0
PowerPC VLE disassembler library
License: GNU Lesser General Public License v3.0
Hi, seems the branch dest address decoding/calculation is incorrect(?)
====================================
libvle
====================================
.Bin:0009b7f0 78050C61 e_bl 0x50c60
.Bin:0009b7f4 79FACB5F e_bl 0xfdfacb5e
.Bin:0009b7f8 79F69BAF e_bl 0xfdf69bae
.Bin:0009b7fc 79FACB59 e_bl 0xfdfacb58
====================================
IDA
====================================
ROM:0009B7F0 # Segment type: Pure code
ROM:0009B7F0 .section "ROM",text_vle
ROM:0009B7F0 78 05 0C 61 e_bl 0xEC450
ROM:0009B7F4 79 FA CB 5F e_bl 0x48352
ROM:0009B7F8 79 F6 9B AF e_bl 0x53A6
ROM:0009B7FC 79 FA CB 59 e_bl 0x48354
ROM:0009B7FC
====================================
//Ghidra 0009b7f0
====================================
0009b7f0 78 05 0c 61 e_bl SUB_000ec450
0009b7f4 79 fa cb 5f e_bl SUB_00048352
0009b7f8 79 f6 9b af e_bl SUB_000053a6
0009b7fc 79 fa cb 59 e_bl SUB_00048354
thanks for this lib. I started playing with ppc32 arch and I noticed incorrect disassembly of instruction:
7A 20 FF F8 e_bgectr cr0 0xfffffff8
seems it should be e_bdnz at least that's what IDA prints (other tools like Ghidra failed to disasm this instr)
7A 20 FF F8 e_bdnz loc_4028E
hi, seems it's not possible to disasm bytes 7C 07 D8 EE
from IDA
ROM:00000000 # Segment type: Pure code
ROM:00000000 .section "ROM",text_vle
ROM:00000000 7C 07 D8 EE lbzux r0, r7, r27
It's not possible to disasm bytes 7C 00 22 78
seems only IDA can do it atm
seg000:000D9FB0 7C 00 22 78 xor r0, r0, r4
Hi,
I am developing yet another PPC disasm several month ago. Right now I compare codes of different authors (like qemu_ppc, etc). I reviewed and tried out your code already. Please see my findings, and accept the pull request. The first one is tst1 for test the actual code, the second one is fix1, which contains the fixes.
Findigs (E:error, C:cosmetic):
E: vle_next() can return one more se_* after end pos. (there's no range check)
C: vle_next() pos incremented after range check, multiple checks occures. Can be a better order of those.
E: some op filter masks are wrong (testcases will be inculded soon)
E: some ops are missing
C: compiler can make sign extension some cases, U suffix for constants may be a good idea.
C: header file isn't c++ compatible, use ifdef __cplusplus and extern "C" kind of thing...
E: some operand fields are handled wrong. (i.e. using of spr nr and extended register nr.) So, even if the op filter fixed or new rule added, the reported operands will be wrong.
E: one of the break is missing from a switch/case.
C: E_NONE is used instead of F_NONE around switch default cases.
Thanks, B.
{ "e_srwi." , 0x7C000471, 0x7C000471 | E_MASK_X , E_XRA , {TYPE_REG, TYPE_REG, TYPE_IMM, TYPE_NONE, TYPE_NONE}},
{ "e_stb" , 0x34000000, 0x34000000 | E_MASK_D , E_D , {TYPE_REG, TYPE_MEM, TYPE_IMM, TYPE_NONE, TYPE_NONE}},
{ "e_stbu" , 0x18000400, 0x18000400 | E_MASK_D8 , E_D8 , {TYPE_REG, TYPE_MEM, TYPE_REG, TYPE_NONE, TYPE_NONE}},
Shouldn't the third type in the list for e_stb be TYPE_REG?
Hi, would be great if you could implement floating-point instructions support..seems only IDA, objdump can disasm the FPU instructions e.g.
10 60 02 D1 efscfsi r3, r0
13 a3 02 c9 efsdiv r29,r3,r0
even the NSA baby (Ghidra 9.0.1) failed on this :(
hi, seems it's not possible to disasm bytes 13 16 00 06
Testing with IDA and Ghidra I get:
ROM:00000048 13 16 00 06 vcmpequb v24, v22, v0
hi, seems it's not possible to disasm bytes 32 e4 00 60
from IDA
.text:00000000 32 E4 00 60 e_lbz r23, 0x60(r4)
hi, seems it's not possible to disasm bytes 5b 86 00 58
from Ghidra I get:
00000038 5b 86 00 58 e_lhz r28 ,0x58 (r6)
I have compiled the project using make.exe and it gave me a static library (.a file extension)
Then i imported the static library into my Qt project.
I wanna paste the code that you have written in 'example' section in your README file but there is one argument 'buffer' is missed.
What is the 'buffer' argument in vle_init(...) and what should i pass ??
Hi!
I was considering basing a VLE architecture plugin for Binary Ninja around this library, but first I'd like to get some clarification about what software license I'd be subject to.
Could you add a software license to the repo? https://help.github.com/articles/licensing-a-repository/
Thanks!
edit
I see there's an LGPL reference at the top of vle_internal.h. I'd be happy to put together a pull request to include the LGPL in the project if that license was your intended one. :)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.