LLVM and dynamic binary translator

Project Infrastructure LLVM Dev List Archives
1

Hello List,

I am a newbie regarding LLVM and need some information on LLVM.

I am working on dynamic binary translation and I am looking into if LLVM can be used for the purpose.

The goal here is to generate highly optimized translated (host) code from target code.

I have following questions.

1. Can LLVM be used in a dynamic binary translator? Dynamic translator translators target code for an architecture (say PPC) to host code (say x86) and execute it.
2. Can LLVM understand disassembled target code and generate optimized host code?
3. If yes to (1) and (2), where I can find more information?
4. How complex the task would be? (any idea!!)

I appreciate your help.

Thanks and regards
Arabinda

2

Hi Arabinda,

1. Can LLVM be used in a dynamic binary translator? Dynamic translator
translators target code for an architecture (say PPC) to host code (say x86)
and execute it.

There has been some discussion about this within the past two months on this
list, IIRC. You should try searching the archives for that discussion.

IIRC, the outcome is that transforming binary code into LLVM IR is very, very
tricky, and almost impossible to do right for any possible input binary.

Others can problem comment a bit more on the topic, I'm just repeating what I
heard other people say on this list :slight_smile:

Gr.

Matthijs

3

1. Can LLVM be used in a dynamic binary translator? Dynamic translator
translators target code for an architecture (say PPC) to host code (say x86)
and execute it.

There has been some discussion about this within the past two months on this
list, IIRC. You should try searching the archives for that discussion.

Yes, dynamic binary translation with LLVM is absolutely possible, for
more information I suggest taking a look at the thread at
http://lists.cs.uiuc.edu/pipermail/llvmdev/2008-April/013689.html

IIRC, the outcome is that transforming binary code into LLVM IR is very, very
tricky, and almost impossible to do right for any possible input binary.

Others can problem comment a bit more on the topic, I'm just repeating what I
heard other people say on this list :slight_smile:

Actually if you have a "frontend" which converts from source machine
code to some IR which can be easily mapped to LLVM IR, then it's not
too difficult (IIRC I had the first running version of llvm-qemu in
about 3 weeks, without any prior LLVM knowledge and only minor
knowledge about qemu).

AFAIK someone else is working on a translator which directly goes from
x86 to LLVM IR, not sure about the current state though.

Greetings,

Tilmann