Commit Graph

31 Commits

Author SHA1 Message Date
BAYET
881e08da01
Fix UAF when deleting hook while in hook callback #1127 (#1130)
* Handle the cpu context save in a more pythonic way, so the context can be serialized and reuse in an other process using the same emulator architecture and modes

* Fix type error ; mistakes a size_t uint64_t ; breaks in 32bit...

* Fix the UAF situation when deleting a hook while being in a hook callback. Added an attribute 'to_delete' to hooks, and a list hooks_to_del to delay the free of the hooks

* Minor fixes ; forgot return type of clear_deleted_hooks ; do not declare variable in for predicate
2020-05-07 14:24:48 +08:00
Charles Ferguson
b7e64f3c99
Fix block hooks being called twice after an early exit from execution. (#1194)
Ensure the TCG exit flag is cleared at the end of cpu_exec. This ensures
that subsequent calls are not polluted by the prior call to request an
early exit. The symptoms of the problem being addressed here are that
after a cpu_exit call triggered within a hook there may still be a
pending tcg_exit_req flag set. This then causes a block to start its
execution and then be aborted (from which point it'll continue because
there's no other condition to service). The start of the execution
causes the block hook to be called, no actual code to be run, and then
the block started again with another block hook call.

This change is discussed in ticket 1193:
    https://github.com/unicorn-engine/unicorn/issues/1193
2020-05-05 08:32:12 +08:00
Chen Huitao
8905ecd5e4
move some operations after hook callback (#1243)
* fix finding python path which only has python3.

* move some operations after hook callback.
2020-04-27 19:54:58 +08:00
Chen Huitao
c520307959
fix some oss-fuzz (#1206)
* fix oss-fuzz 18138.

* fix oss-fuzz 20079.

* fix oss-fuzz 20209.

* fix oss-fuzz 20210.

* fix oss-fuzz 20262.

* rollback.

* rollback.

* fix oss-fuzz 20079.

* fix oss-fuzz 20179.

* fix oss-fuzz 20195.

* fix oss-fuzz 20206.

* fix oss-fuzz 20207.

* fix oss-fuzz 20265.
2020-02-25 11:36:06 +08:00
Nguyen Anh Quynh
fc8a42aeb8 spacing 2020-01-01 09:56:55 +08:00
Charles Ferguson
b59632fb64 Ensure that PC is not fixed up when code tracing or timing. (#1179)
Under some circumstances, the PC is not fixed up properly when
returning from the execution of a block in cpu_tb_exec. This appears
to be caused by the resetting of the PC from the tb.

This change removes the additional fixup in the cases where there
is code tracing or timing active. Either of these cases would result
in the wrong PC being reported.

Closes unicorn-engine#1105.
2020-01-01 09:55:08 +08:00
w1tcher
83887b8193 Fix the error in the hook_code of the arm, calling emu_stop and causing the pc value to be incorrect after the end of the run. (#1157) 2019-10-25 14:47:29 +08:00
Azertinv
07f94ad1fc Added an invalid instruction hook (#1132)
* first draft for an invalid instruction hook

* Fixed documentation on return value of invalid insn hook
2019-09-23 01:53:06 +08:00
naq
9208a6f317 initialize ret=0 in cpu_exec(). issue #1115 2019-08-05 23:00:01 +08:00
Andrew Dutcher
363cbacee4 Only set eip to the instruction pointer after an interrupt if the interrupt was user-generated (#875) 2017-08-29 17:14:36 +07:00
xorstream
b0ae2138fb Merge remote-tracking branch 'unicorn-engine/master' into msvc_native 2017-01-20 22:37:51 +11:00
Nguyen Anh Quynh
42771848d6 no more spinlock 2017-01-20 14:57:33 +08:00
xorstream
1aeaf5c40d This code should now build the x86_x64-softmmu part 2. 2017-01-19 22:50:28 +11:00
Hoang-Vu Dang
9a2a5b15d8 Rename unhandled CPU exception 2016-07-05 11:10:39 -05:00
Hoang-Vu Dang
9cdca5a32b Unhandled interrupt will halt execution 2016-07-04 17:07:57 -05:00
Nguyen Anh Quynh
c8569d8128 arm: fix change PC feature. now tests/regress/callback-pc.py passes 2016-01-28 16:03:19 +08:00
Nguyen Anh Quynh
5a04bcb115 allow to change PC during callback. this solves issue #210 2016-01-28 14:06:17 +08:00
Ryan Hileman
93052f6566 refactor to allow multiple hooks for one type 2016-01-22 18:41:43 -08:00
farmdve
c9f4bd27cc Reset env->invalid_error before executing a translation block. 2016-01-11 18:12:57 +02:00
Nguyen Anh Quynh
9099755ca1 flush JIT cache before finishing emulation. this fixes issue #263. TODO: optimize this for better performance 2015-11-13 23:57:03 +08:00
Nguyen Anh Quynh
938d0b89eb x86: check for exit request after every hooked instruction. this should fix issue #232 2015-11-07 01:02:45 +08:00
Nguyen Anh Quynh
9e64cba6ec Rename some hook related enums:
- UC_ERR_READ_INVALID -> UC_ERR_READ_UNMAPPED
 - UC_ERR_WRITE_INVALID -> UC_ERR_WRITE_UNMAPPED
 - UC_ERR_FETCH_INVALID -> UC_ERR_FETCH_UNMAPPED
 - UC_MEM_READ_INVALID -> UC_MEM_READ_UNMAPPED
 - UC_MEM_WRITE_INVALID -> UC_MEM_WRITE_UNMAPPED
 - UC_MEM_FETCH_INVALID -> UC_MEM_FETCH_UNMAPPED
 - UC_HOOK_MEM_READ_INVALID -> UC_HOOK_MEM_READ_UNMAPPED
 - UC_HOOK_MEM_WRITE_INVALID -> UC_HOOK_MEM_WRITE_UNMAPPED
 - UC_HOOK_MEM_FETCH_INVALID -> UC_HOOK_MEM_FETCH_UNMAPPED
 - UC_HOOK_MEM_INVALID -> UC_HOOK_MEM_UNMAPPED

This also renames some newly added macros to use _INVALID postfix:

 - UC_HOOK_MEM_READ_ERR -> UC_HOOK_MEM_READ_INVALID
 - UC_HOOK_MEM_WRITE_ERR -> UC_HOOK_MEM_WRITE_INVALID
 - UC_HOOK_MEM_FETCH_ERR -> UC_HOOK_MEM_FETCH_INVALID
 - UC_HOOK_MEM_ERR -> UC_HOOK_MEM_INVALID

Fixed all the bindings Java, Go & Python.
2015-09-30 14:46:55 +08:00
Nguyen Anh Quynh
2b0b4169bc mips: advance PC for SYSCALL instruction. this fixes issue #157 2015-09-28 10:58:43 +08:00
Nguyen Anh Quynh
886946dcf4 do not use syscall to quit emulation. this can fix issues #147 & #148 2015-09-26 16:49:00 +08:00
Nguyen Anh Quynh
a166c24f8e x86: correct EIP of INT instruction by updating it only after calling interrupt handler 2015-09-06 14:58:11 +08:00
Jonathon Reinhart
2c802a3e4b Merge remote-tracking branch 'upstream/master' into change-handle-based-api
# Conflicts:
#	qemu/target-i386/unicorn.c
2015-09-01 13:17:03 -04:00
Nguyen Anh Quynh
bea73ef213 stop emulation when hitting invalid code address. this fixes issue #82 2015-09-01 00:17:55 +08:00
Jonathon Reinhart
3bd705a060 Merge remote-tracking branch 'upstream/master' into change-handle-based-api 2015-08-30 00:23:51 -04:00
Nguyen Anh Quynh
4a1c5ff071 x86: verify until address early when translating block in frontend. this should fix issue #63 2015-08-28 16:06:06 +08:00
Jonathon Reinhart
fcb099805f change uch to uc_struct (qemu) 2015-08-26 09:02:16 -04:00
Nguyen Anh Quynh
344d016104 import 2015-08-21 15:04:50 +08:00