X86 and MIPS targets support

README.md

@@ -54,7 +54,8 @@ $ git clone git@github.com:BinaryAnalysisPlatform/qemu.git -b tracewrap
 Change folder to qemu and build tracer with command
 ```bash
 $ ./configure --prefix=$HOME --with-tracewrap=`realpath ../bap-traces` \
---extra-ldflags=-Lprotobuf --target-list=arm-linux-user
+--extra-ldflags=-Lprotobuf --target-list="arm-linux-user i386-linux-user \
+mips-linux-user"
 $ make -C protobuf
 $ make
 $ make install
@@ -65,11 +66,14 @@ $ make install
 To run executable `exec` and to save the trace data to `exec.trace`, use
 
 ```bash
-$ qemu-arm -tracefile exec.trace exec
+$ qemu-arm -tracefile exec.trace exec # trace ARM target executable
+$ qemu-i386 -tracefile exec.trace exec # trace X86 target executable
+$ qemu-mips -tracefile exec.trace exec # trace MIPS target executable
 ```
 
 Hints: use option -L to set the elf interpreter prefix to 'path'. Use
-fetchlibs.sh to download arm libraries.
+[fetchlibs.sh](https://raw.githubusercontent.com/BinaryAnalysisPlatform/bap-traces/master/test/fetchlibs.sh)
+to download arm and x86 libraries.
 
 # Notes
-  Only ARM target is supported in this branch.
+  Only ARM, X86, MIPS targets are supported in this branch.

target-i386/helper.h

@@ -19,8 +19,8 @@ DEF_HELPER_2(idivq_EAX, void, env, tl)
 #endif
 
 #ifdef HAS_TRACEWRAP
-DEF_HELPER_1(trace_newframe, void, i32)
-DEF_HELPER_3(trace_endframe, void, env, i32, i32)
+DEF_HELPER_1(trace_newframe, void, tl)
+DEF_HELPER_3(trace_endframe, void, env, tl, i32)
 DEF_HELPER_2(trace_load_reg, void, i32, i32)
 DEF_HELPER_2(trace_store_reg, void, i32, i32)
 DEF_HELPER_3(trace_ld, void, env, i32, i32)

target-i386/trace_helper.c

@@ -15,13 +15,13 @@ void HELPER(trace_newframe)(target_ulong pc)
     qemu_trace_newframe(pc, 0);
 }
 
-void HELPER(trace_endframe)(CPUX86State *env, target_ulong old_pc, size_t size)
+void HELPER(trace_endframe)(CPUArchState *env, target_ulong old_pc, uint32_t size)
 {
     //qemu_trace_endframe(env, env->eip - size, size);
     qemu_trace_endframe(env, old_pc, size);
 }
 
-OperandInfo * load_store_reg(uint32_t reg, uint32_t val[4], int size, int ls)
+OperandInfo * load_store_reg(uint32_t reg, uint32_t val, int ls)
 {
         //fprintf(stderr, "load_store_reg: reg: (%s) 0x%d, val: 0x%08x, ls: %d\n", (reg < CPU_NB_REGS) ? regs[reg] : "EFLAGS", reg, val, ls);
         RegOperand * ro = (RegOperand *)malloc(sizeof(RegOperand));
@@ -52,12 +52,12 @@ OperandInfo * load_store_reg(uint32_t reg, uint32_t val[4], int size, int ls)
         }
         OperandInfo *oi = (OperandInfo *)malloc(sizeof(OperandInfo));
         operand_info__init(oi);
-        oi->bit_length = size * 8;
+        oi->bit_length = 0;
         oi->operand_info_specific = ois;
         oi->operand_usage = ou;
-        oi->value.len = size;
+        oi->value.len = 4;
         oi->value.data = malloc(oi->value.len);
-        memcpy(oi->value.data, val, size);
+        memcpy(oi->value.data, &val, 4);
 
         return oi;
 }
@@ -66,56 +66,43 @@ void HELPER(trace_load_reg)(uint32_t reg, uint32_t val)
 {
         qemu_log("This register (r%d) was read. Value 0x%x\n", reg, val);
 
-        uint32_t vals[4];
-
-        vals[0] = val;
-
-        OperandInfo *oi = load_store_reg(reg, vals, 4, 0);
+        OperandInfo *oi = load_store_reg(reg, val, 0);
 
         qemu_trace_add_operand(oi, 0x1);
 }
 
 void HELPER(trace_store_reg)(uint32_t reg, uint32_t val)
 {
-
-        uint32_t vals[4];
-
-        vals[0] = val;
-
         qemu_log("This register (r%d) was written. Value: 0x%x\n", reg, val);
 
-        OperandInfo *oi = load_store_reg(reg, vals, 4, 1);
+        OperandInfo *oi = load_store_reg(reg, val, 1);
 
         qemu_trace_add_operand(oi, 0x2);
 }
 
-void HELPER(trace_load_eflags)(CPUX86State *env)
+void HELPER(trace_load_eflags)(CPUArchState *env)
 {
-        uint32_t vals[4];
-
-        vals[0] = cpu_compute_eflags(env);
+        uint32_t val = cpu_compute_eflags(env);
 
-        OperandInfo *oi = load_store_reg(REG_EFLAGS, vals, 4, 0);
+        OperandInfo *oi = load_store_reg(REG_EFLAGS, val, 0);
 
         //OperandInfo *oi = load_store_reg(REG_EFLAGS, cpu_compute_eflags(env), 0);
 
         qemu_trace_add_operand(oi, 0x1);
 }
 
-void HELPER(trace_store_eflags)(CPUX86State *env)
+void HELPER(trace_store_eflags)(CPUArchState *env)
 {
-        uint32_t vals[4];
-
-        vals[0] = cpu_compute_eflags(env);
+        uint32_t val = cpu_compute_eflags(env);
 
-        OperandInfo *oi = load_store_reg(REG_EFLAGS, vals, 4, 1);
+        OperandInfo *oi = load_store_reg(REG_EFLAGS, val, 1);
 
         //OperandInfo *oi = load_store_reg(REG_EFLAGS, cpu_compute_eflags(env), 1);
 
         qemu_trace_add_operand(oi, 0x2);
 }
 
-OperandInfo * load_store_mem(uint32_t addr, uint32_t val, int ls)
+OperandInfo * load_store_mem(uint32_t addr, uint32_t val, int ls, int len)
 {
         //fprintf(stderr, "load_store_mem: addr: 0x%08x, val: 0x%08x, ls: %d\n", addr, val, ls);
         MemOperand * mo = (MemOperand *)malloc(sizeof(MemOperand));
@@ -137,30 +124,30 @@ OperandInfo * load_store_mem(uint32_t addr, uint32_t val, int ls)
         }
         OperandInfo *oi = (OperandInfo *)malloc(sizeof(OperandInfo));
         operand_info__init(oi);
-        oi->bit_length = 32;
+        oi->bit_length = len*8;
         oi->operand_info_specific = ois;
         oi->operand_usage = ou;
-        oi->value.len = 4;
+        oi->value.len = len;
         oi->value.data = malloc(oi->value.len);
-        memcpy(oi->value.data, &val, 4);
+        memcpy(oi->value.data, &val, len);
 
         return oi;
 }
 
-void HELPER(trace_ld)(CPUX86State *env, uint32_t val, uint32_t addr)
+void HELPER(trace_ld)(CPUArchState *env, uint32_t val, uint32_t addr)
 {
-        qemu_log("This was a read 0x%x addr:0x%x value:0x%x\n", env->eip, addr, val);
+        qemu_log("This was a read 0x" TARGET_FMT_lx " addr:0x%x value:0x%x\n", env->eip, addr, val);
 
-        OperandInfo *oi = load_store_mem(addr, val, 0);
+        OperandInfo *oi = load_store_mem(addr, val, 0, 4);
 
         qemu_trace_add_operand(oi, 0x1);
 }
 
-void HELPER(trace_st)(CPUX86State *env, uint32_t val, uint32_t addr)
+void HELPER(trace_st)(CPUArchState *env, uint32_t val, uint32_t addr)
 {
-        qemu_log("This was a store 0x%x addr:0x%x value:0x%x\n", env->eip, addr, val);
+        qemu_log("This was a store 0x" TARGET_FMT_lx " addr:0x%x value:0x%x\n", env->eip, addr, val);
 
-        OperandInfo *oi = load_store_mem(addr, val, 1);
+        OperandInfo *oi = load_store_mem(addr, val, 1, 4);
 
         qemu_trace_add_operand(oi, 0x2);
 }

target-mips/helper.h

@@ -27,8 +27,8 @@ DEF_HELPER_FLAGS_1(dclz, TCG_CALL_NO_RWG_SE, tl, tl)
 #endif
 
 #ifdef HAS_TRACEWRAP
-DEF_HELPER_1(trace_newframe, void, i32)
-DEF_HELPER_3(trace_endframe, void, env, i32, i32)
+DEF_HELPER_1(trace_newframe, void, tl)
+DEF_HELPER_3(trace_endframe, void, env, tl, i32)
 DEF_HELPER_2(trace_load_reg, void, i32, i32)
 DEF_HELPER_2(trace_store_reg, void, i32, i32)
 DEF_HELPER_3(trace_ld, void, env, i32, i32)

target-mips/trace_helper.c

@@ -12,7 +12,7 @@ void HELPER(trace_newframe)(target_ulong pc)
 	qemu_trace_newframe(pc, 0);
 }
 
-void HELPER(trace_endframe)(CPUMIPSState *env, target_ulong old_pc, size_t size)
+void HELPER(trace_endframe)(CPUMIPSState *env, target_ulong old_pc, uint32_t size)
 {
 	qemu_trace_endframe(env, old_pc, size);
 }
@@ -84,7 +84,7 @@ void HELPER(trace_store_reg)(uint32_t reg, uint32_t val)
 //}
 //
 
-OperandInfo * load_store_mem(uint32_t addr, uint32_t val, int ls)
+OperandInfo * load_store_mem(uint32_t addr, uint32_t val, int ls, int len)
 {
         MemOperand * mo = (MemOperand *)malloc(sizeof(MemOperand));
         mem_operand__init(mo);
@@ -105,12 +105,12 @@ OperandInfo * load_store_mem(uint32_t addr, uint32_t val, int ls)
         }
         OperandInfo *oi = (OperandInfo *)malloc(sizeof(OperandInfo));
         operand_info__init(oi);
-        oi->bit_length = 0;
+        oi->bit_length = len*8;
         oi->operand_info_specific = ois;
         oi->operand_usage = ou;
-        oi->value.len = 4;
+        oi->value.len = len;
         oi->value.data = malloc(oi->value.len);
-        memcpy(oi->value.data, &val, 4);
+        memcpy(oi->value.data, &val, len);
 
         return oi;
 }
@@ -119,7 +119,7 @@ void HELPER(trace_ld)(CPUMIPSState *env, uint32_t val, uint32_t addr)
 {
         qemu_log("This was a read 0x%x addr:0x%x value:0x%x\n", env->active_tc.PC, addr, val);
 
-        OperandInfo *oi = load_store_mem(addr, val, 0);
+        OperandInfo *oi = load_store_mem(addr, val, 0, 4);
 
         qemu_trace_add_operand(oi, 0x1);
 }
@@ -128,7 +128,7 @@ void HELPER(trace_st)(CPUMIPSState *env, uint32_t val, uint32_t addr)
 {
         qemu_log("This was a store 0x%x addr:0x%x value:0x%x\n", env->active_tc.PC, addr, val);
 
-        OperandInfo *oi = load_store_mem(addr, val, 1);
+        OperandInfo *oi = load_store_mem(addr, val, 1, 4);
 
         qemu_trace_add_operand(oi, 0x2);
 }