capstone-engine
diff --git a/‎diff-test/.gitignore‎
Lines changed: 2 additions & 0 deletions b/‎diff-test/.gitignore‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎diff-test/README.md‎
Lines changed: 186 additions & 0 deletions b/‎diff-test/README.md‎
Lines changed: 186 additions & 0 deletions
diff --git a/‎diff-test/arch_config.py‎
Lines changed: 209 additions & 0 deletions b/‎diff-test/arch_config.py‎
Lines changed: 209 additions & 0 deletions
@@ -0,0 +1,2 @@
+reports
+samples
@@ -0,0 +1,186 @@
+# M68K Differential Test — Capstone vs objdump
+
+Automated differential testing pipeline that compares Capstone's M68K disassembly output against `m68k-linux-gnu-objdump` as a reference implementation.
+
+## Prerequisites
+
+1. **Capstone build** — `libcapstone.so` must exist in `../build/` (the library path is auto-detected)
+2. **Python venv** — `../.venv/` with the Capstone Python bindings installed
+3. **m68k-linux-gnu-objdump** — M68K cross-binutils on `PATH`
+
+```Shell
+# from the repo root
+which m68k-linux-gnu-objdump   # must be on PATH
+ls build/libcapstone.so.6      # must exist
+ls .venv/bin/activate           # must exist
+```
+
+## Quick Start
+
+```Shell
+cd diff-test/
+
+# full pipeline: download 5 ROMs + test + report
+./run.sh
+
+# test-only (skip download, use existing ROMs)
+./run.sh --test-only --max-bytes 8192
+
+# download-only
+./run.sh --download-only --num-samples 10
+
+# test a specific m68k sub-architecture
+./run.sh --test-only --max-bytes 8192 --arch m68k:68000
+
+# test ColdFire variant
+./run.sh --test-only --max-bytes 8192 --arch m68k:cfv4e
+
+# list all 42 supported architecture variants
+./run.sh --list-archs
+```
+
+## File Structure
+
+```
+diff-test/
+├── run.sh               # entry point — sets up env vars, calls pipeline.py
+├── pipeline.py          # orchestrator — download → test → aggregate reports
+├── diff_test.py         # per-ROM diff test runner
+├── normalize.py         # normalization engine + comparison logic (13 rules)
+├── download_samples.py  # downloads ROMs from Myrient (No-Intro Genesis)
+├── test_normalize.py    # 144 unit tests
+├── samples/             # downloaded ROMs (auto-created)
+│   ├── zips/
+│   └── roms/
+├── reports/             # generated reports (auto-created)
+│   ├── aggregate_summary.<arch>.json
+│   ├── aggregate_summary.<arch>.txt
+│   └── <rom_name>.<arch>.report.{json,txt}
+└── README.md
+```
+
+## Usage
+
+### `run.sh` (recommended)
+
+Wrapper that activates the venv, sets `LIBCAPSTONE_PATH` / `LD_LIBRARY_PATH`, then calls `pipeline.py`.
+
+```Shell
+./run.sh [pipeline.py args...]
+```
+
+### `pipeline.py`
+
+```
+pipeline.py [-h] [--download-only] [--test-only]
+            [--samples-dir DIR] [--num-samples N] [--seed N]
+            [--max-bytes N] [--arch ARCH] [--list-archs]
+            [--report-dir DIR] [--report-format {json,text,both}] [-v]
+```
+
+| Flag              | Default    | Description                                       |
+| ----------------- | ---------- | ------------------------------------------------- |
+| `--download-only` |            | Download samples only, skip testing               |
+| `--test-only`     |            | Test existing samples, skip download              |
+| `--samples-dir`   | `samples/` | ROM storage directory (relative to script)        |
+| `--num-samples`   | `5`        | Number of ROMs to download                        |
+| `--seed`          | `42`       | Random seed for sample selection                  |
+| `--max-bytes`     | `0` (all)  | Max bytes per ROM to disassemble                  |
+| `--arch`          | `m68k`     | Architecture variant to test (see `--list-archs`) |
+| `--list-archs`    |            | Print all 42 supported arch variants and exit     |
+| `--report-dir`    | `reports/` | Report output directory (relative to script)      |
+| `--report-format` | `both`     | `json`, `text`, or `both`                         |
+| `-v`              |            | Verbose output                                    |
+
+### `diff_test.py` (single ROM)
+
+> **Note:** When running Python scripts directly (without `run.sh`), always `cd` into `diff-test/` first. The default paths (`./samples`, `./reports`) resolve relative to the script directory.
+
+```Shell
+cd diff-test/
+source ../.venv/bin/activate
+export LIBCAPSTONE_PATH=../build LD_LIBRARY_PATH=../build
+
+python diff_test.py samples/roms/some_rom.md --max-bytes 8192
+
+# diff_test.py is invoked programmatically by pipeline.py; use pipeline.py --arch for arch selection
+```
+
+## Architecture Support
+
+The pipeline supports all 42 m68k sub-architecture variants via the `--arch` flag.
+Variants are mapped to the closest available Capstone mode; ColdFire/ISA variants
+use M68K 040 as the nearest equivalent.
+
+```Shell
+./run.sh --list-archs
+```
+
+| Category      | Variants                                                                 |
+| ------------- | ------------------------------------------------------------------------ |
+| Classic M68K  | `m68k` (default), `m68k:68000`, `m68k:68008`, `m68k:68010`, `m68k:68020`, `m68k:68030`, `m68k:68040`, `m68k:68060`, `m68k:cpu32`, `m68k:fido` |
+| ISA-A         | `m68k:isa-a`, `m68k:isa-a:nodiv`, `m68k:isa-a:mac`, `m68k:isa-a:emac`  |
+| ISA-A+        | `m68k:isa-aplus`, `m68k:isa-aplus:mac`, `m68k:isa-aplus:emac`           |
+| ISA-B         | `m68k:isa-b`, `m68k:isa-b:nousp`, `m68k:isa-b:nousp:mac`, `m68k:isa-b:nousp:emac`, `m68k:isa-b:mac`, `m68k:isa-b:emac`, `m68k:isa-b:float`, `m68k:isa-b:float:mac`, `m68k:isa-b:float:emac` |
+| ISA-C         | `m68k:isa-c`, `m68k:isa-c:mac`, `m68k:isa-c:emac`, `m68k:isa-c:nodiv`, `m68k:isa-c:nodiv:mac`, `m68k:isa-c:nodiv:emac` |
+| ColdFire      | `m68k:5200`, `m68k:5206e`, `m68k:5307`, `m68k:5407`, `m68k:528x`, `m68k:521x`, `m68k:5249`, `m68k:547x`, `m68k:548x`, `m68k:cfv4e` |
+
+## Running Tests
+
+```Shell
+cd diff-test/
+source ../.venv/bin/activate
+python -m pytest test_normalize.py -v
+```
+
+## How It Works
+
+1. **Download** — `download_samples.py` fetches Sega Genesis ROMs from [Myrient No-Intro](https://myrient.erista.me/files/No-Intro/Sega%20-%20Mega%20Drive%20-%20Genesis/). Genesis is cartridge-based (No-Intro), not disc-based (Redump).
+
+2. **Disassemble** — Each ROM is fed to both:
+   * Capstone Python bindings (`CS_ARCH_M68K`, `CS_MODE_M68K_040`, skipdata enabled)
+   * `m68k-linux-gnu-objdump -b binary -m m68k -M motorola -D`
+
+3. **Normalize** — 13 rules transform both outputs into a canonical form:
+   * Case, mnemonic format (`movel` → `move.l`), register prefix (`%d0` → `d0`)
+   * Register aliases (`sp` → `a7`), hex prefix (`$1a` → `0x1a`)
+   * Addressing mode syntax, immediate values, operand size suffixes
+   * Register list compaction (`d0/d1/d2` → `d0-d2`)
+   * Branch suffix normalization (`.b` → `.s` for Bcc only)
+   * Implied-size stripping (`lea.l` → `lea`), mnemonic aliases (`dbra` → `dbf`)
+
+4. **Compare** — Instruction-by-instruction with 7 classification categories:
+
+| Category                | Meaning                                                        |
+| ----------------------- | -------------------------------------------------------------- |
+| **match**               | Identical normalized text and size                             |
+| **cosmetic\_diff**      | Same size, different text after normalization                  |
+| **size\_mismatch**      | Same text, different consumed bytes                            |
+| **known\_decode\_diff** | One side `dc.w`, other side ISA extension mnemonic             |
+| **cascade**             | Artifact in shadow range of prior size disagreement            |
+| **tail\_data**          | One-sided entries beyond the other disassembler's last address |
+| **failure**             | Genuine disagreement                                           |
+
+1. **Report** — Per-ROM and aggregate reports in JSON + text.
+
+## Metrics
+
+* **match\_rate** = `matches / total`
+* **effective\_match\_rate** = `(matches + cosmetic_diffs + size_mismatches + known_decode_diffs) / total`
+* **tail\_data\_rate** = `tail_data / total` (reported separately, not in effective rate)
+* **failure\_rate** = `failures / total`
+
+## Example Output
+
+```
+================================================================================
+Aggregate Differential Test Summary
+================================================================================
+Total ROMs tested:          5
+Total instructions compared:12494
+Overall match rate:         82.19%
+Overall effective rate:     88.60%
+Overall tail data rate:    6.49%
+Overall failure rate:       2.49%
+```
+
@@ -0,0 +1,209 @@
+"""Architecture configuration registry for diff-test.
+
+Defines ArchConfig dataclass and a complete registry of all m68k sub-architecture
+variants, mapping each to its Capstone mode and objdump machine string.
+
+No capstone imports at module level — cs_arch and cs_mode are stored as plain
+integers so this module can be imported without capstone installed.
+"""
+
+from __future__ import annotations
+
+from dataclasses import dataclass, field
+
+# ---------------------------------------------------------------------------
+# Capstone mode constants (integer literals — no imports needed)
+# ---------------------------------------------------------------------------
+_BE = 1 << 31       # CS_MODE_BIG_ENDIAN  = 0x80000000
+_M000 = 1 << 1      # CS_MODE_M68K_000
+_M010 = 1 << 2      # CS_MODE_M68K_010
+_M020 = 1 << 3      # CS_MODE_M68K_020
+_M030 = 1 << 4      # CS_MODE_M68K_030
+_M040 = 1 << 5      # CS_MODE_M68K_040
+_M060 = 1 << 6      # CS_MODE_M68K_060
+_MCPU32 = 1 << 7    # CS_MODE_M68K_CPU32
+
+_CS_ARCH_M68K = 8   # CS_ARCH_M68K
+
+
+# ---------------------------------------------------------------------------
+# ArchConfig dataclass
+# ---------------------------------------------------------------------------
+@dataclass(frozen=True)
+class ArchConfig:
+    """Configuration for a single architecture variant."""
+
+    name: str
+    cs_arch: int
+    cs_mode: int
+    objdump_machine: str
+    objdump_mflags: list[str] = field(default_factory=lambda: ["motorola"])
+    display_name: str = ""
+    capstone_note: str = ""
+
+    def __post_init__(self) -> None:
+        # Default display_name to name if not provided.
+        if not self.display_name:
+            object.__setattr__(self, "display_name", self.name)
+
+
+# ---------------------------------------------------------------------------
+# Helpers for building the registry
+# ---------------------------------------------------------------------------
+def _cfg(
+    name: str,
+    cs_mode: int,
+    *,
+    objdump_machine: str | None = None,
+    display_name: str = "",
+    capstone_note: str = "",
+) -> ArchConfig:
+    """Shorthand factory — all entries share cs_arch=8, mflags=["motorola"]."""
+    return ArchConfig(
+        name=name,
+        cs_arch=_CS_ARCH_M68K,
+        cs_mode=cs_mode,
+        objdump_machine=objdump_machine if objdump_machine is not None else name,
+        display_name=display_name or name,
+        capstone_note=capstone_note,
+    )
+
+
+_CF_NOTE_040 = "ColdFire: using CS_MODE_M68K_040 as closest match"
+_CF_NOTE_000 = "ColdFire ISA-A: using CS_MODE_M68K_000 as closest match"
+_CF_NOTE_020 = "ColdFire ISA-A+: using CS_MODE_M68K_020 as closest match"
+
+
+# ---------------------------------------------------------------------------
+# Architecture registry
+# ---------------------------------------------------------------------------
+ARCH_REGISTRY: dict[str, ArchConfig] = {}
+
+
+def _register(*configs: ArchConfig) -> None:
+    for c in configs:
+        ARCH_REGISTRY[c.name] = c
+
+
+# --- Classic 68k family (exact matches) -----------------------------------
+_register(
+    _cfg("m68k",        _BE | _M040, display_name="M68K (default/68040)"),
+    _cfg("m68k:68000",  _BE | _M000, display_name="M68K 68000"),
+    _cfg("m68k:68008",  _BE | _M000, display_name="M68K 68008",
+         capstone_note="68008 is 68000-class"),
+    _cfg("m68k:68010",  _BE | _M010, display_name="M68K 68010"),
+    _cfg("m68k:68020",  _BE | _M020, display_name="M68K 68020"),
+    _cfg("m68k:68030",  _BE | _M030, display_name="M68K 68030"),
+    _cfg("m68k:68040",  _BE | _M040, display_name="M68K 68040"),
+    _cfg("m68k:68060",  _BE | _M060, display_name="M68K 68060"),
+    _cfg("m68k:cpu32",  _BE | _MCPU32, display_name="M68K CPU32"),
+    _cfg("m68k:fido",   _BE | _MCPU32, display_name="M68K Fido",
+         capstone_note="Fido: using CS_MODE_M68K_CPU32 as closest match"),
+)
+
+# --- ISA-A variants (68000-class ISA A) -----------------------------------
+_register(
+    _cfg("m68k:isa-a:nodiv",  _BE | _M000, capstone_note=_CF_NOTE_000),
+    _cfg("m68k:isa-a",        _BE | _M000, capstone_note=_CF_NOTE_000),
+    _cfg("m68k:isa-a:mac",    _BE | _M000, capstone_note=_CF_NOTE_000),
+    _cfg("m68k:isa-a:emac",   _BE | _M000, capstone_note=_CF_NOTE_000),
+)
+
+# --- ISA-A+ variants (some 020 features) ----------------------------------
+_register(
+    _cfg("m68k:isa-aplus",      _BE | _M020, capstone_note=_CF_NOTE_020),
+    _cfg("m68k:isa-aplus:mac",  _BE | _M020, capstone_note=_CF_NOTE_020),
+    _cfg("m68k:isa-aplus:emac", _BE | _M020, capstone_note=_CF_NOTE_020),
+)
+
+# --- ISA-B variants (ColdFire ISA B, use 040 as closest) ------------------
+_register(
+    _cfg("m68k:isa-b:nousp",       _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:isa-b:nousp:mac",   _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:isa-b:nousp:emac",  _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:isa-b",             _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:isa-b:mac",         _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:isa-b:emac",        _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:isa-b:float",       _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:isa-b:float:mac",   _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:isa-b:float:emac",  _BE | _M040, capstone_note=_CF_NOTE_040),
+)
+
+# --- ISA-C variants (ColdFire ISA C, use 040 as closest) ------------------
+_register(
+    _cfg("m68k:isa-c",             _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:isa-c:mac",         _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:isa-c:emac",        _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:isa-c:nodiv",       _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:isa-c:nodiv:mac",   _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:isa-c:nodiv:emac",  _BE | _M040, capstone_note=_CF_NOTE_040),
+)
+
+# --- ColdFire numeric variants (all use 040 as closest) -------------------
+_register(
+    _cfg("m68k:5200",   _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:5206e",  _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:5307",   _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:5407",   _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:528x",   _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:521x",   _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:5249",   _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:547x",   _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:548x",   _BE | _M040, capstone_note=_CF_NOTE_040),
+    _cfg("m68k:cfv4e",  _BE | _M040, capstone_note=_CF_NOTE_040),
+)
+
+
+# ---------------------------------------------------------------------------
+# Default architecture
+# ---------------------------------------------------------------------------
+DEFAULT_ARCH = "m68k"
+
+
+# ---------------------------------------------------------------------------
+# Public API
+# ---------------------------------------------------------------------------
+def get_arch(name: str) -> ArchConfig:
+    """Look up an architecture by name.
+
+    Raises ``ValueError`` if *name* is not in the registry.
+    """
+    try:
+        return ARCH_REGISTRY[name]
+    except KeyError:
+        raise ValueError(
+            f"Unknown architecture: {name!r}. "
+            "Use list_archs() to see supported architectures."
+        ) from None
+
+
+def list_archs() -> list[str]:
+    """Return all supported architecture names, sorted."""
+    return sorted(ARCH_REGISTRY)
+
+
+# ---------------------------------------------------------------------------
+# CLI: print a nice table when run directly
+# ---------------------------------------------------------------------------
+if __name__ == "__main__":
+    hdr_name = "Architecture"
+    hdr_mode = "cs_mode"
+    hdr_mach = "objdump -m"
+    hdr_note = "Note"
+
+    entries = [ARCH_REGISTRY[k] for k in list_archs()]
+
+    w_name = max(len(hdr_name), *(len(e.name) for e in entries))
+    w_mode = max(len(hdr_mode), 12)  # "0x80000020" is 10 chars, pad a bit
+    w_mach = max(len(hdr_mach), *(len(e.objdump_machine) for e in entries))
+    w_note = max(len(hdr_note), *(len(e.capstone_note) for e in entries))
+
+    fmt = f"  {{:<{w_name}}}  {{:<{w_mode}}}  {{:<{w_mach}}}  {{}}"
+    sep = fmt.format("-" * w_name, "-" * w_mode, "-" * w_mach, "-" * w_note)
+
+    print(f"\nRegistered architectures ({len(entries)}):\n")
+    print(fmt.format(hdr_name, hdr_mode, hdr_mach, hdr_note))
+    print(sep)
+    for e in entries:
+        print(fmt.format(e.name, f"0x{e.cs_mode:08x}", e.objdump_machine, e.capstone_note))
+    print()