Mjo analysis - AtomCrafty/MajiroTools GitHub Wiki

Mjo analysis

Compiled .mjo scripts are very literal when translated into instructions. There are no optimizations (with one exception of the switch instruction).

Because of this, and also because of the line instructions, there are a lot of hints that make it easy to price back the original source code.

Line instruction

Lines are marked in every file, regardless of the #use_readflg preprocessor option. This is because they are also used by the Majiro debugger for handling breakpoints.

Line instructions appear when:

  • block closing (} brace)
  • case labels
  • Function signatures

They do not appear for:

  • Named labels
  • Anything in global scope (besides function signatures)
  • Empty/white space lines
  • Lines with only comments
  • Preprocessors (#if/#else/#endif/etc.)
  • setskip { block opening

Switch instructions

Switches can take two forms:

  • The actual switch instruction
  • Or the br.case instruction set:
    • switch: br.case
    • case: bne.case
    • range: blt.case, ble.case, bgt.case, bge.case

Unsorted notes

(These will eventually be moved to their own sections)

while and for loops use brfalse, do ... while loops use brtrue.

some notes:

  • If a block ends in brtrue, it must be the condition block of a do ... while loop. In this case the jump target must always be a dominator of the condition block (i.e. a block that is executed first on every path from the function entry to the condition block).
  • If a block ends in brfalse and contains anything except the condition evaluation, it must be the condition block of an if statement or a ?: expression. The condition block must be a dominator of the jump target. Whether it is part of a ?: expression can be determined by observing whether the merge block contains any phi nodes.
  • If a block ends in brfalse and has exactly one predecessor, it must also be an if or ?: condition.
  • If a block ends in brfalse and has exactly two predecessors, it could either be the condition of an if or condition immediately preceded by another if statement, or the condition of a while loop. In the case of a while loop there must exist a path from the fall-through block of the condition to one of the predecessors, which does not pass through the other predecessor.

Term: "dominates"

Block A "dominates" block B if A is always executed before B on every possible execution path.

That relationship is commonly used in all sorts of static analyses.