forked from Codetector1374/lc3-intelliJ
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #2 from Pear0/speculative-execution
Add description and analysis write-up
- Loading branch information
Showing
6 changed files
with
121 additions
and
22 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
# Flow Analysis | ||
|
||
This page describes at a high level how this | ||
plugin analyzes code to symbolically trace execution. | ||
|
||
|
||
## Setup | ||
|
||
First, the full assembly file is analyzed to find all jump targets. This flow analysis | ||
does not currently support indirect jumps. Each jump target is used to split the assembly | ||
into basic blocks. Basic blocks are a commonly used in compilers, and they represent a | ||
block of code that always runs together. | ||
|
||
An important concept is that these basic blocks combined with jumps/branches form | ||
a directed graph. This fact is used in the next section. | ||
|
||
## Function Analysis | ||
|
||
For every function labeled with a `; pragma function prologue`, a virtual LC-3 is created | ||
and initialized with symbolic values for the registers and stack. The basic blocks for | ||
this function are traversed in a depth first search until a basic block that ends with a | ||
`RET` is found. | ||
|
||
Because this a directed graph and not a tree, sometimes a basic block will have multiple | ||
parents. When this happens, the virtual LC-3 states are merged and the graph is traversed | ||
again. This is done in a way that reaches a steady state after a few iterations because | ||
LC-3 is a fairly simple ISA. | ||
|
||
Because the code is not actually executed, it is guaranteed to converge at | ||
the cost of knowing exactly what the state of the LC-3 is. This is usually fine because | ||
the most important registers are R5 and R6 because they are used to keep track of the | ||
stack. R5 and R6 are usually not modified very much in hand-written assembly and are | ||
not branch dependent. | ||
|
||
Finally, at each `RET`, the LC-3 state is compared to the expected result following the | ||
LC-3 calling convention. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,13 +1,43 @@ | ||
<idea-plugin> | ||
<id>cn.codetector.lc3.lc3intellij</id> | ||
<name>LC-3 Assembly Support For IntelliJ Platform</name> | ||
<version>1.0.1</version> | ||
<version>1.1.1</version> | ||
<idea-version since-build="181.0"/> | ||
<depends>com.intellij.modules.lang</depends> | ||
<vendor email="[email protected]" url="https://blog.codetector.cn">Codetector</vendor> | ||
<vendor email="[email protected]" url="https://github.com/Pear0">Will Gulian</vendor> | ||
|
||
<description><![CDATA[ | ||
<p>Language support for LC-3 Assembly. Mainly targeting Georgia Tech CS-2110</p> | ||
<h2>Language support for LC-3 Assembly.</p> | ||
<ul> | ||
<li>Syntax Highlighting</li> | ||
<li>Code Completion on labels</li> | ||
<li>Track memory addresses in the sidebar</li> | ||
<li>Navigate labels to their declarations</li> | ||
<li>Verify instruction immediates are in range</li> | ||
<li><b>Symbolic Execution</b> of assembly to track stack and frame pointers and verify functions | ||
correctly implement the standard calling convention.</li> | ||
</ul> | ||
<h2>How do I use the symbolic execution checker?</h2> | ||
Place a comment after your label like so: | ||
<pre> | ||
FOO ; pragma function prologue | ||
ADD R6, R6, -4 | ||
... | ||
RET | ||
</pre> | ||
<p>After adding the pragma comment, whenever the cursor is in the function, the sidebar will | ||
show the current stack and the registers to the best of the symbolic execution engine's knowledge.</p> | ||
<p>Any calling convention issues will be listed as warnings on the <pre>RET</pre> instruction.</p> | ||
<h2>Notes</h2> | ||
<p>Mainly targeting Georgia Tech CS-2110</p> | ||
<p>The idea and original version of this plugin were made by <a href="https://blog.codetector.cn">Codetector</a>. | ||
]]></description> | ||
|
||
<!-- please see http://www.jetbrains.org/intellij/sdk/docs/basics/getting_started/plugin_compatibility.html | ||
|