Write a program that can convert convert x86 to LLVM IR, otherwise known as static binary translation.
Points to ponder
- Q: Is it possible?
- A: It should be of course; they are both Turing-complete
- Longer Answer: It might be more difficult than it sounds; it hasn't been done yet AFAIK
- Translate x86 to Vine, then Vine to LLVM IR
- Vine has about a dozen instructions, should be simple to translate
- Seems that Vine only translates from a TEMU trace, I wonder if this includes the entire program, or just the execution path (or perhaps it just marks the path as tainted for Vine's SMT solver, which also happens to be STP). Incidentally, TEMU is based on QEMU.
- Use llvm-qemu to dynamically translate x86 to LLVM IR
- By dynamically translate, I think it means function by function during execution, as there are some things that need to be evaluated at runtime before it can be translated correctly
- A paper describing some ugly (I think) mutant of QEMU and LLVM
- A mailing list post by the author of llvm-qemu regarding the methods used and the feasibility of static translation
- BSD-style license, by Sun
- Stopped in 2001
- RISC-like backends