Skip to content

Feature: Graal VM integration #48

New issue
New issue
Open
#49
Open
Feature: Graal VM integration#48
#49
Labels
difficulty: hardrequires knowing quite some background knowledge to resolve
@Escapingbug

Description

@Escapingbug
Escapingbug
opened on Aug 13, 2021

Graal VM provides good performance by adopting Java hotspot VM to do the actual JIT.

Levaraging GraalVM, sulong implemented a high performance JIT based LLVM bitcode interepreter.
Pcode is quite alike to LLVM as it also represents low level operations, but what differs is that, Pcode is even more low level.
However, the idea can be shared, as the core part is to resolve the unstructural control flow.

So, by leveraing Graal VM infrastructure, we are able to:

  • implement a JIT based emulator that performant better than current interpreting based emulation
  • reuse its instrumentation framework to implement dynamic taint analysis, emulation based debugger, even symbolic execution

Also, [graal VM] provides an AOT framework (used to compile Java into Native Binary) which we might reuse to do some static analysis such as pointer analysis.

This requires some work. A poc implementation of interpreting Pcode in Graal's Truffle Framework has been proposed in branch anciety-graalvm.

But to make it realistic, we still need:

  • breakpoint implementation
  • EmulateInstructionStateModifier implementation

I have already done some of the POC work, and was tring to refactor it myself in short time (checkout my attempt, but not finished).
The problem is, I found it really a big commit even if I don't care about the elegance of the refactored code.
Many places depend on the Emulate directly without any interface.
This has to be resolved before any other job or else the commit will be too huge to implement.

As a result, I decided to make this a multi-step job:

  • re-design the emulation API, refactor current implementation of Emulate, Emulator and EmulatorHelper to use the new API. It has to be interface based to allow arbitrary emulator implementation support. (This would introduce incompatibility with original ghidra.)
  • implement breakpoint by reusing current breakpoint implementation and graalvm instrumentation framework
  • implement EmulateInstructionStateModifier
  • write doc about how the emulation API should be used both under new implementation and classic implementation.
  • implement instrumentation framework upon native graalvm instrumentation framework to allow better experience of writing dynamic analysis

Metadata

Metadata

Assignees

No one assigned

    Labels

    difficulty: hardrequires knowing quite some background knowledge to resolve

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions