mirror of
				https://github.com/yuzu-emu/unicorn.git
				synced 2025-10-25 21:27:14 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			103 lines
		
	
	
		
			2.5 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			103 lines
		
	
	
		
			2.5 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
| /*
 | |
|     refer to issue #575.
 | |
|     to run correctly unicorn needs to be compiled for AArch64.
 | |
| */
 | |
| 
 | |
| #include "unicorn_test.h"
 | |
| #include <stdio.h>
 | |
| #include "unicorn/unicorn.h"
 | |
| 
 | |
| uint64_t trunc_page(uint64_t addr)
 | |
| {
 | |
|     return (addr & ~(4095));
 | |
| }
 | |
| 
 | |
| /* Called before every test to set up a new instance */
 | |
| static int init(void **state)
 | |
| {
 | |
|     printf("[+] Initializing Unicorn...\n");
 | |
|     uc_engine *uc;
 | |
| 
 | |
|     if (uc_open(UC_ARCH_ARM64, UC_MODE_ARM, &uc) != UC_ERR_OK) {
 | |
|         printf("Error on open. Be sure that your unicorn library supports AArch64.\n");
 | |
|         return -1;
 | |
|     }
 | |
| 
 | |
|     *state = uc;
 | |
| 
 | |
|     return 0;
 | |
| }
 | |
| 
 | |
| /* Called after every test to clean up */
 | |
| static int teardown(void **state)
 | |
| {
 | |
|     printf("[+] Exiting...\n");
 | |
|     uc_engine *uc = *state;
 | |
| 
 | |
|     uc_close(uc);
 | |
| 
 | |
|     *state = NULL;
 | |
|     return 0;
 | |
| }
 | |
| 
 | |
| void test_hang(void **state)
 | |
| {
 | |
|     uint32_t code[] = {
 | |
|         0xd503201f, /* NOP */
 | |
|         0xd503201f, /* NOP */
 | |
|         0xd503201f, /* NOP */
 | |
|         0xaa0103e0  /* MOV X0, X1 */
 | |
|     };
 | |
| 
 | |
|     uc_engine *uc = *state;
 | |
| 
 | |
|     uint64_t x0 = 0;
 | |
|     uint64_t x1 = 1;
 | |
| 
 | |
|     /*
 | |
|      *	emulation will hang if some instruction hits every quarter of a page,
 | |
|      *	i.e. these offsets:
 | |
|      *	0x1400, 0x1800, 0x1c00, 0x2000
 | |
|      *
 | |
|      *	in this test, the code to be emulated is mapped just before the 0x1400
 | |
|      *	offset, so that the final instruction emulated (MOV X0, X1) hits the offset,
 | |
|      *	causing the hang.
 | |
|      *	If you try to write the code just four bytes behind, the hang doesn't occur.
 | |
|      *
 | |
|      *	So far, this strange behaviour has only been observed with AArch64 Unicorn APIs.
 | |
|     */
 | |
| 
 | |
|     uint64_t addr = 0x13f0; // try to map at (0x13f0 - 0x4) and the hang doesn't occur
 | |
|     uint64_t trunc_addr = trunc_page(addr);    // round down to nearest page
 | |
| 
 | |
|     uc_mem_map(uc, trunc_addr, 2 * 1024 * 1024, UC_PROT_ALL);
 | |
| 
 | |
|     if (uc_mem_write(uc, addr, &code, sizeof(code))) {
 | |
|         printf("error on write\n");
 | |
|         return;
 | |
|     }
 | |
| 
 | |
|     uc_reg_write(uc, UC_ARM64_REG_X0, &x0);
 | |
|     uc_reg_write(uc, UC_ARM64_REG_X1, &x1);
 | |
| 
 | |
|     if (uc_emu_start(uc, addr, addr + sizeof(code), 0, 0)) {
 | |
|         printf("error on start\n");
 | |
|         return;
 | |
|     }
 | |
| 
 | |
|     uc_reg_read(uc, UC_ARM64_REG_X0, &x0);
 | |
|     uc_reg_read(uc, UC_ARM64_REG_X1, &x1);
 | |
| 
 | |
|     printf("x0: %"PRIx64"\n", x0);
 | |
|     printf("x1: %"PRIx64"\n", x1);
 | |
| }
 | |
| 
 | |
| int main(int argc, const char * argv[]) {
 | |
| 
 | |
|     const struct CMUnitTest tests[] = {
 | |
|         cmocka_unit_test_setup_teardown(test_hang, init, teardown),
 | |
|     };
 | |
| 
 | |
|     return cmocka_run_group_tests(tests, NULL, NULL);;
 | |
| }
 |