[Hexagon] RzIL uplifiting

[Rot127]

SQUASH ME

commit message: Uplift Hexagon architecture to RzIL

The general structure is, that every (sub-)instruction has a getter for it's RzIL code.
Calling the getter will return the RzIL operation.
If RzIL for an instruction is requested, the plugin makes a decision. Because Hexagon only executes whole instruction packets. If the instruction is not the last instruction in a packet, it will simply return EMPTY(). If the RzIL for the last instruction in a packet is requested, it will get the RzIL operations for all instructions in the packet, shuffles them into the correct execution order (according to some rules) and returns the complete operation for the packet.

The RzIL code was entirely generated with the rzil-compiler, using the semantic definition of the QEMU Hexagon module.

Currently successful compile instructions (and tested):

[*] 1581/1733 standard instructions compiled.
[*] 431/643 HVX instructions compiled.
[*] In total: 2012/2376 instructions compiled.

It was tested with:

• (Semantic tests) rz-tracetest against the execution trace of the QEMU Hexagon test binaries.
• (Bug free and semi-semtantic test) Adding tests which simply execute the test binaries to ensure leak and segfault free execution. Also it is executed until a certain instruction is reached (end of main or loc.pass symbol), partially testing it executes correctly.

For the uplifting several changes and modernization had to be made:

• Enhance consistency of decoding
  • Allow to disassemble an instruction without copying the result. This is used if the given buffer of instruction bytes is larger than one instruction width. In this case, as many instructions as the buffer can hold are disassembled and buffered for later.
  • Generally enhance buffering of instructions.
  • Allow to mark a packet as valid before it is completely decoded (in case we know it must be valid, e.g. if it is a jump target of a valid packet).
• Fix (hopefully) all memory leaks of the Hexagon plugin.
• Changes to register getters, because RzIL needs finer control to translate alias or explicit register names to their real register.
  • Getter for register name is now done by table, so for future distinction between DSP version we can just select another table.
  • Translation functions from register alias or explicit name to their real register.
  • Each operand contains now it's variable ID (e.g. d for register Rd) as in the ISA (for mapping in the RzIL code).
• Ease debugging by tracking in more precision, if an instruction is added to a stale, active or new packet.
• Add registers C20 - C29 (not yet present in LLVM)
• Some renaming to make the code more readable.

Your checklist for this pull request

• I've read the guidelines for contributing to this repository
• I made sure to follow the project's coding style
• I've documented or updated the documentation of every function and struct this PR changes. If not so I've explained why.
• I've added tests that prove my fix is effective or that my feature works (if possible)
• I've updated the rizin book with the relevant information (if needed)

Detailed description

Hexagon uplifting PR.

TODO after merge

• rz-rzilcompiler
  • Transfer ownership to RizinOrg
  • Tag rz-rzilcompile as v1.0
• rz-hexagon
  • Change submodule to use RizinOrg repo
  • Use tag of rz-rzilcompiler
  • Refactor rz-hexagon to build as proper python package.
  • Tag rz-hexagon as v1.1

Test plan

Added, all green

[Rot127]

Open this for the first round of review now.

There are still the rz-test cases missing. Due to inner working of the RzIL generation it is not really possible to add the asm style tests (so I check it again to be sure). Instead I would simply execute most test bins to the address where they can be considered passed.

Currently the tests fail due to missing #3973

[XVilka]

The code looks great. Amazing job!

[XVilka]

We should have general API for that, inside RzTable.

[Rot127]

Couldn't do the last column which is split into 4, which makes it easier to read IMHO. Do you think it is still better? Then I change it. Though it is only debug printing.

[XVilka]

It was just a remark, not a requirement. But it would be nice to figure out what's missing in RzTable.

[Rot127]

In order that the tests succeed we need rizinorg/rizin-testbins#127 merged though.
Before that maybe look at https://github.com/rizinorg/rizin/pull/3837/files#diff-a1583f59ca1cc7b3c25cde35c24fade6df510112bcf21174d5d2995a5baa14e2

[Rot127]

@thestr4ng3r To your notice: 722e5c0

[wargio]

mostly is ok. just a stupid detail for me.

[XVilka]

LGTM but it would be nice to extract non-Hexagon changes in a separate PR and merge it first.

[Rot127]

Please let me run all rz-tracetest tests after #4373. Just to be sure.

[Rot127]

Ok, all good now:

./run-test-sets.sh -i -t essentials,float
test_vspliceb [PASS]
test_vpmpyh [PASS]
test_vminh [PASS]
test_vmaxh [PASS]
test_vlsrw [PASS]
test_vcmpw [PASS]
test_vcmpb [PASS]
test_vavgw [PASS]
test_round [PASS]
test_reorder [PASS]
test_packet [PASS]
test_mpyi [PASS]
test_lsr [PASS]
test_jmp [PASS]
test_hwloops [PASS]
test_hl [PASS]
test_fibonacci [PASS]
test_ext [PASS]
test_dotnew [PASS]
test_cmp [PASS]
test_clobber [PASS]
test_call [PASS]
test_bitsplit [PASS]
test_bitcnt [PASS]
test_abs [PASS]
usr [PASS]
v68_scalar [PASS]
v73_scalar [PASS]
test-vma [PASS]
load_align [PASS]
multi_result [PASS]
overflow [PASS]
first [PASS]
mem_noshuf [PASS]
preg_alias [PASS]
dual_stores [PASS]
mem_noshuf_exception [PASS]
read_write_overlap [PASS]
reg_mut [PASS]
misc [PASS]
fpstuff [PASS]

[Matheus-Garbelini]

Hi, just a question. Is the curent dev branch of rizin using latest changes from https://github.com/rizinorg/rz-hexagon and https://github.com/rizinorg/rz-rzilcompiler ?

[Rot127]

@Matheus-Garbelini Yes. If you plan doing research on Hexagon firmware you can ping me on our Mattermost as well.