From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Original-To: caml-list@sympa.inria.fr Delivered-To: caml-list@sympa.inria.fr Received: from mail2-relais-roc.national.inria.fr (mail2-relais-roc.national.inria.fr [192.134.164.83]) by sympa.inria.fr (Postfix) with ESMTPS id 09CDA7EEE0 for ; Sat, 7 Mar 2015 06:56:14 +0100 (CET) Received-SPF: None (mail2-smtp-roc.national.inria.fr: no sender authenticity information available from domain of ivg@ieee.org) identity=pra; client-ip=209.85.213.173; receiver=mail2-smtp-roc.national.inria.fr; envelope-from="ivg@ieee.org"; x-sender="ivg@ieee.org"; x-conformance=sidf_compatible Received-SPF: Pass (mail2-smtp-roc.national.inria.fr: domain of ivg@ieee.org designates 209.85.213.173 as permitted sender) identity=mailfrom; client-ip=209.85.213.173; receiver=mail2-smtp-roc.national.inria.fr; envelope-from="ivg@ieee.org"; x-sender="ivg@ieee.org"; x-conformance=sidf_compatible; x-record-type="v=spf1" Received-SPF: None (mail2-smtp-roc.national.inria.fr: no sender authenticity information available from domain of postmaster@mail-ig0-f173.google.com) identity=helo; client-ip=209.85.213.173; receiver=mail2-smtp-roc.national.inria.fr; envelope-from="ivg@ieee.org"; x-sender="postmaster@mail-ig0-f173.google.com"; x-conformance=sidf_compatible X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A0C7AAAUkvpUm63VVdFcg1harwcGkm6FbgKBNE0BAQEBAQEQAQEBAQEGCwsJFC6EEAEBAwESZwULCxI0IRMBBQEODgYTIod5AwkIBQioFz4xoCoNhTQBAQEBAQEBAwEBAQEBAQEBAQEBFwqGAIUNgkQdggkEB4MXgRQFimWJBYQigUiBGjmCbYIzhh5MglCBeDWBFYIiH4FuUYJDAQEB X-IPAS-Result: A0C7AAAUkvpUm63VVdFcg1harwcGkm6FbgKBNE0BAQEBAQEQAQEBAQEGCwsJFC6EEAEBAwESZwULCxI0IRMBBQEODgYTIod5AwkIBQioFz4xoCoNhTQBAQEBAQEBAwEBAQEBAQEBAQEBFwqGAIUNgkQdggkEB4MXgRQFimWJBYQigUiBGjmCbYIzhh5MglCBeDWBFYIiH4FuUYJDAQEB X-IronPort-AV: E=Sophos;i="5.11,356,1422918000"; d="scan'208,217";a="124812357" Received: from mail-ig0-f173.google.com ([209.85.213.173]) by mail2-smtp-roc.national.inria.fr with ESMTP/TLS/RC4-SHA; 07 Mar 2015 06:56:12 +0100 Received: by igkb16 with SMTP id b16so9198099igk.1 for ; Fri, 06 Mar 2015 21:56:11 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:cc:message-id:references:to; bh=/FABNFwVz3+1NZheWEHv3QiF2oeqz+h+tiOl3Cf6mRk=; b=BMR8Cflvl936sLG2AS0wYYtnI8kVsTHNtRudE8NUk49vZ4KRS3JNKJxCIHqyaHWx2U LWVbJv/XoWmSRUflupLqDcvXNq2StSNIkeajnqq4cHI6XHZHOHSkJvlLbs+DTWEVslqR 4lPCzmmtsRFBCkKMbqDJbSrT/Qzg4AMH+iFzOwDZf4cMc7bEtrRlw7lm5PCNaPkiXI+A 4O5k8gnzyq2LoseAxFhc5lSDkl+Hr2ut7ESZxwnb8BSd8bt2ajVNhgtt9JpYo2zRU3NT Z10rEFluU2iM7i0jE/Q8ESoA0a1zPsNcP3p85c8N1oE0i2DbVJNGopnu+ZG5lsaSoCG9 FoFA== X-Gm-Message-State: ALoCoQkv39NH8NcYybueKVMKIy6vmAqYuIpiMTLmYCjL0NkuFWijImSy54lRWbT+yEheRbz6XQPb X-Received: by 10.107.135.212 with SMTP id r81mr7411323ioi.38.1425707771393; Fri, 06 Mar 2015 21:56:11 -0800 (PST) Received: from [10.4.40.108] (host-69-95-110-205.cwon.choiceone.net. [69.95.110.205]) by mx.google.com with ESMTPSA id e196sm8234622ioe.40.2015.03.06.21.56.10 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 06 Mar 2015 21:56:10 -0800 (PST) Content-Type: multipart/alternative; boundary="Apple-Mail=_FA81470B-2CDC-419F-B05B-352B4C66FF4B" Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) From: Ivan Gotovchits In-Reply-To: Date: Sat, 7 Mar 2015 00:56:11 -0500 Cc: caml users Message-Id: <9C7D03E3-FC7C-4C09-92FA-232731E53263@ieee.org> References: To: Kenneth Adam Miller X-Mailer: Apple Mail (2.1878.6) Subject: Re: [Caml-list] Error with and Proper Library Usage --Apple-Mail=_FA81470B-2CDC-419F-B05B-352B4C66FF4B Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=windows-1252 On Mar 7, 2015, at 12:28 AM, Kenneth Adam Miller wrote: > So, I want to use CMU's BAP to do some internal processing for a task tha= t I have been assigned. One of the pertinent parts is transforming assemble= r representations of CPU instructions into the BAP Intermediate Language, o= r BIL.=20 BAP is more about disassembling. So it can easily lift binary string into t= he BIL. But if you have assembly you need to compile it into machine code f= irst. So, you need to find assembler. (For example, you can use `llvm-mc` f= rom llvm toolkit)=20 > It's kind of difficult, because there's only so much documentation that i= s really anything more than just the MLI interface and the OCaml Doc genera= ted stuff. I have a lot of questions about how to proceed, but before I beg= in eliciting the problem and all, let me explain about how I got where I am. Yes, unfortunately that=92s true. First off all BAP is currently under acti= ve development. Next, there is no properly working doc generator for OCaml = right now, that will handle complex project containing many modules and sub= libraries. I=92m looking at odoc with a great hope. =20 >=20 > You can install BAP through opam, but you don't get the documentation I d= on't think. So, >=20 > git clone github.com/BinaryAnalysisPlatform/bap/ >=20 > and then just follow the instructions on how to build it, it's not hard a= t all, I got it going on Ubuntu 14.04. The only thing I ran into was an err= or on a llvm dependency, which required that I edit the opam file so that I= do "--with-llvm-version=3D3.4" on the configure command line as an option.= After that everything ran smoothly. Actually when you install BAP with opam you will have the documentation ins= talled also. It is automatically installed at `~/.opam/???/doc/bap`. You ca= n query the path to the documentation with the following command:=20 opam config var gap:doc Moreover, we provide a compiled API documentation on github pages. I will u= pdate the main site with the link.=20 Also, you may find this [1] page interesting. [1]: https://github.com/BinaryAnalysisPlatform/bap/wiki/Build-tips-and-tric= ks > Once you run bapbuild and make and all that=85. You don=92t need to run bapbuild at all, this is not a tool to build BAP, t= his is a tool to build applications and plugins that use BAP.=20 > Opening up the index file at _build/bap.docdir/index.html, you can see th= at the documentation starts off with a note about using Bap.Std as everythi= ng else is interface files. What confused me is the seeming repetition of t= he documentation that is generated. It seems that some of the documentation= on some of the very same pages is duplicated for certain sections. Why doe= s it do so much duplication? Thats how ocamldoc works. Actually, the auto generated documentation is of = very low quality. I personally suggest you to setup your Emacs environment,= with merlin and everything else. Then you can navigate through the projec= t using `C-c C-l` (jump to definition). Look here [2] for instructions abou= t how to configure Emacs [2]: https://github.com/BinaryAnalysisPlatform/bap/wiki/Emacs >=20 > First, using the toplevel I tried to construct a BIL set of statements. B= ut the way the code works, you actually have to compose a disassembler that= is specific to your architecture (x32/64 and ARM vs Intel or whatever). Yo= u then have to construct memory, and from that memory construct an Insn typ= e, which is meant to be the canonical, cross disassembler type representati= on of an instruction. I can see how module use makes for great reusability = of code. Problem is, the type definitions that the toplevel reports (baptop= ) and those of which are reported in the documentation seem to differ often= . TL;DR here, I tried to get as close to the front page mention of how to u= se module Disasm, which meant Disasm.insn_at_mem function, but I had a hard= time navigating the modules to create what I wanted. It seems like each on= e thing depends on some other portion of the library, and at one point I hi= t a dead end. The documentation mentions the same functions being exposed c= opiously, but that's when the type definitions wouldn't match up or somethi= ng. I=92m not sure that I understand you correctly. If you have just bytes, the= use function `disassemble` that accepts memory and arch. You can use `Mem= ory.create` to make memory, and `Bigstring.of_string` to create a bigstring= of string/ > Lastly, and ultimately even more confusing is that of bap_mc.ml, which I = saw as my second easiest avenue for usage of the BAP library. I saw bap_mc.= ml line 55 as my chance; >=20 > https://github.com/BinaryAnalysisPlatform/bap/blob/master/src/bap_mc/bap_= mc.ml#L55 >=20 > If I just were to modify it so that it, instead of watering down the stri= ng constructed, were to just pipe the insn object to a BIL constructor, and= then use the sexp_of_bil transformer, then I could just drop it from there= to be printed or converted to string and then printed. >=20 > Naturally, I tried with several different module's bil constructor. But m= ost notably I think that the Std bil constructor blew up, so here's what I = replaced that line with: Oh, please, don=92t use bap_mc as an example, as it is very low level. It i= s intended for debugging the underlying disassembly and uses very low-level= interface, with lots of hard to understand phantom types. Please, try to s= tay with convenient Disasm module. --Apple-Mail=_FA81470B-2CDC-419F-B05B-352B4C66FF4B Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=windows-1252


On Mar 7, 2015, at 12:28 AM, Kenneth Adam Miller <kennethadammiller@gmail.com> wrote:<= /div>
So, I want to use CMU's BAP to do some internal processin= g for a task that I have been assigned. One of the pertinent parts is trans= forming assembler representations of CPU instructions into the BAP Intermed= iate Language, or BIL. 

BAP is m= ore about disassembling. So it can easily lift binary string into the BIL. = But if you have assembly you need to compile it into machine code first. So= , you need to find assembler. (For example, you can use `llvm-mc` from llvm= toolkit) 


It's kind of difficult, because there's only so much doc= umentation that is really anything more than just the MLI interface and the= OCaml Doc generated stuff. I have a lot of questions about how to proceed,= but before I begin eliciting the problem and all, let me explain about how= I got where I am.

Yes, unfortu= nately that=92s true. First off all BAP is currently under active developme= nt. Next, there is no properly working doc generator for OCaml right now, t= hat will handle complex project containing many modules and sub libraries. = I=92m looking at odoc with a great hope.

 

You can i= nstall BAP through opam, but you don't get the documentation I don't think.= So,

git clone github.com/BinaryAnalysisPlatform/bap/

and then just follow the instructions on how to build = it, it's not hard at all, I got it going on Ubuntu 14.04. The only thing I = ran into was an error on a llvm dependency, which required that I edit the = opam file so that I do "--with-llvm-version=3D3.4" on the configure command= line as an option. After that everything ran smoothly.

Actually when you install BAP with opam you will have t= he documentation installed also. It is automatically installed at `~/.opam/= ???/doc/bap`. You can query the path to the documentation with the followin= g command: 

     opam config v= ar gap:doc

Moreover, we provide a compiled API documentation on gith= ub pages. I will update the main site with the link. 
Also, = you may find this [1] page interesting.



Once you run bapbuild and make and all that=85.
=

You don=92t need to run bapbuild at all, this is not a = tool to build BAP, this is a tool to build applications and plugins that us= e BAP. 

Openi= ng up the index file at _build/bap.docdir/index.html, you can see that the = documentation starts off with a note about using Bap.Std as everything else= is interface files. What confused me is the seeming repetition of the docu= mentation that is generated. It seems that some of the documentation on som= e of the very same pages is duplicated for certain sections. Why does it do= so much duplication?

Thats how= ocamldoc works. Actually, the auto generated documentation is of very low = quality. I personally suggest you to setup your Emacs environment, with mer= lin and everything else.  Then you can navigate through the project us= ing `C-c C-l` (jump to definition). Look here [2] for instructions about ho= w to configure Emacs



First, using the toplevel I tri= ed to construct a BIL set of statements. But the way the code works, you ac= tually have to compose a disassembler that is specific to your architecture= (x32/64 and ARM vs Intel or whatever). You then have to construct memory, = and from that memory construct an Insn type, which is meant to be the canon= ical, cross disassembler type representation of an instruction. I can see h= ow module use makes for great reusability of code. Problem is, the type def= initions that the toplevel reports (baptop) and those of which are reported= in the documentation seem to differ often. TL;DR here, I tried to get as c= lose to the front page mention of how to use module Disasm, which meant Dis= asm.insn_at_mem function, but I had a hard time navigating the modules to c= reate what I wanted. It seems like each one thing depends on some other por= tion of the library, and at one point I hit a dead end. The documentation m= entions the same functions being exposed copiously, but that's when the typ= e definitions wouldn't match up or something.
=
I=92m not sure that I understand you correctly. If you have = just bytes, the use function `disassemble` that accepts memory and arch. &n= bsp;You can use `Memory.create` to make memory, and `Bigstring.of_string` t= o create a bigstring of string/



Lastly, and ultimately even mor= e confusing is that of bap_mc.ml, which I= saw as my second easiest avenue for usage of the BAP library. I saw bap_mc.ml line 55 as my chance;

<= /div>https://github.com/BinaryAnalysisPlatform/bap/blob= /master/src/bap_mc/bap_mc.ml#L55

If I just were = to modify it so that it, instead of watering down the string constructed, w= ere to just pipe the insn object to a BIL constructor, and then use the sex= p_of_bil transformer, then I could just drop it from there to be printed or= converted to string and then printed.

Naturally, = I tried with several different module's bil constructor. But most notably I= think that the Std bil constructor blew up, so here's what I replaced that= line with:

Oh, please, don=92t= use bap_mc as an example, as it is very low level. It is intended for debu= gging the underlying disassembly and uses very low-level interface, with lo= ts of hard to understand phantom types. Please, try to stay with convenient= Disasm module.


= --Apple-Mail=_FA81470B-2CDC-419F-B05B-352B4C66FF4B--