#+OPTIONS: html-link-use-abs-url:nil html-postamble:auto #+OPTIONS: html-preamble:t html-scripts:t html-style:t #+OPTIONS: html5-fancy:nil tex:t toc:2 #+CREATOR: Emacs 24.4.1 (Org mode 8.2.10) #+HTML_CONTAINER: div #+HTML_DOCTYPE: xhtml-strict #+HTML_HEAD: #+HTML_HEAD_EXTRA: #+HTML_LINK_HOME: #+HTML_LINK_UP: #+HTML_MATHJAX: #+INFOJS_OPT: #+LATEX_HEADER: * Doable ** robust binary support *** TODO understanding _start If we do not have symbols, the only known entry point is _start and that does only call a library function. However it has a regular structure and one can find the address if main by being smart. Unfortunately it's not necessarily possible to do that portably so I kind of want to move it out of the core. http://dbp-consulting.com/tutorials/debugging/linuxProgramStartup.html *** TODO finding _start for !ELF COFF / MacO has an entry point. unfortunately LLVM doesn't directly let me access this information so currently it does some magic for ELF but not others. Might be possible to find something in LLDB which we might want to have long-term anyway to add debugging capabilities *** TODO finding plausible function prologs Some nice heuristices (implemented as plugins) to get something even if we can't properly find function calls. ** serializing *** TODO routing data through serializing point Send all relevant data to some management instance. The management instance then notifies all stakeholders of the update. This would make sure the resulting state of the system is reproducible from the serialized stream and is network-streamable. One will need to take care of potential performance issues. *** TODO read/write files What we actually want is a bag of transactions and a logical (semi) order on them. Idea is to mostly store xml in a zip container. *** TODO network stuff If we can serialize to zip containers we can stream them over the network. Idea is to use XMPP as transport, a central instance that supplies new participants with all past information and a MUC where updates are sent to. Master/slave setups should be easy. Also normal editing should be almost conflict free. Probably needs some locking to not cause conflicts when scripts runn over the whole binary and add information everywhere. ** graph layouting *** TODO special entry (exits?) points B0 with metainformation about the function. also gives a ⊤ and ⊥ for the graph which is nice for all kind of algorithms *** TODO routing edges Edges skipping on layer of blocks sometimes get through (below) other blocks. Fixing that makes the whole thing a complex problem while currently it's a set of rather simple heuristics *** TODO Dominator -> anordnung untereinander falls total dominiert Currently blocks are ordered by address. Sometimes blocks are semantically strictly after another but seen before in the address space. Would be visually nicer to have a semantical order so backward (upward) edges really only happen in loops ** Scripting *** TODO design reasonable API SWIG? We really want a API that looks native for all supported scripting languages and we want a API that is semantically the same for all languages *** TODO python We have guile implemented and working. Python seems to be highly popular so we will want to have it as well some time not to distant in the future. ** Non-.text stuff *** TODO finding data and strings identify data types by interpreting the instruction sequence referencing a datum. Probably we want to have all instructions referencing a address in data segments and do some type narrowing based on that. Probably also function calls ** Anotating stuff *** TODO notification of annotations to stakeholders ** TODO Configuration stuff ** Bugfixes *** TODO build up instruction analysis for !arm !x86 *** TODO instruction alignment on RISC *** TODO stop on decoding error? *** TODO hlt in _start / general *** TODO do not create functions for plt entries *** TODO blocks not displayed in i4/cip * Advanced ** Deduce structure *** TODO Natural loops *** TODO trivial control-flow-split ** Non-.text stuff *** TODO plt stuff and finding API via parsing /usr/include We already have a C parser (clang) so if we see a call to function@plt we can see for potential prototypes for that function in /usr/include which would give nice type information for C libraries. We also want to display manpage for that function if available