From 91375b22f9b29dcabe7fa474298266c6f431b5ad Mon Sep 17 00:00:00 2001 From: Maurice Heumann Date: Sun, 13 Jul 2025 19:30:29 +0200 Subject: [PATCH 1/4] Try upgrading unicorn --- deps/unicorn | 2 +- .../unicorn_x86_64_emulator.cpp | 44 ++++++++++++++----- src/windows-emulator/windows_emulator.cpp | 3 ++ 3 files changed, 38 insertions(+), 11 deletions(-) diff --git a/deps/unicorn b/deps/unicorn index 1cdd062a..2c320ce5 160000 --- a/deps/unicorn +++ b/deps/unicorn @@ -1 +1 @@ -Subproject commit 1cdd062a453c22c7bbd8dc9000efc29d4f3e4a38 +Subproject commit 2c320ce510d5a4279f2ed59de477a8bb0cf09f12 diff --git a/src/backends/unicorn-emulator/unicorn_x86_64_emulator.cpp b/src/backends/unicorn-emulator/unicorn_x86_64_emulator.cpp index 52629f76..cfbb2806 100644 --- a/src/backends/unicorn-emulator/unicorn_x86_64_emulator.cpp +++ b/src/backends/unicorn-emulator/unicorn_x86_64_emulator.cpp @@ -2,12 +2,13 @@ #include "unicorn_x86_64_emulator.hpp" #include +#include +#include #include "unicorn_memory_regions.hpp" #include "unicorn_hook.hpp" #include "function_wrapper.hpp" -#include namespace unicorn { @@ -212,8 +213,9 @@ namespace unicorn void start(const size_t count) override { - this->has_violation_ = false; - const auto start = this->read_instruction_pointer(); + const auto start = this->violation_ip_.value_or(this->read_instruction_pointer()); + this->violation_ip_ = std::nullopt; + constexpr auto end = std::numeric_limits::max(); const auto res = uc_emu_start(*this, start, end, 0, count); if (res == UC_ERR_OK) @@ -229,7 +231,7 @@ namespace unicorn res == UC_ERR_WRITE_PROT || // res == UC_ERR_FETCH_PROT; - if (!is_violation || !this->has_violation_) + if (!is_violation || !this->has_violation()) { uce(res); } @@ -381,8 +383,22 @@ namespace unicorn if (inst_type == x86_hookable_instructions::invalid) { - function_wrapper wrapper([c = std::move(callback)](uc_engine*) { - return (c() == instruction_hook_continuation::skip_instruction) ? 1 : 0; + function_wrapper wrapper([this, c = std::move(callback)](uc_engine*) { + const auto ip = this->read_instruction_pointer(); + const auto skip = c() == instruction_hook_continuation::skip_instruction; + const auto new_ip = this->read_instruction_pointer(); + const auto has_ip_changed = ip != new_ip; + + if (skip && has_ip_changed) + { + // this->violation_ip_ = new_ip; + } + else + { + this->violation_ip_ = std::nullopt; + } + + return skip ? 1 : 0; }); uce(uc_hook_add(*this, hook.make_reference(), UC_HOOK_INSN_INVALID, wrapper.get_function(), @@ -477,14 +493,22 @@ namespace unicorn const auto resume = c(address, static_cast(size), operation, violation) == memory_violation_continuation::resume; - const auto has_ip_changed = ip != this->read_instruction_pointer(); + const auto new_ip = this->read_instruction_pointer(); + const auto has_ip_changed = ip != new_ip; if (!resume) { return false; } - this->has_violation_ = resume && has_ip_changed; + if (resume && has_ip_changed) + { + this->violation_ip_ = new_ip; + } + else + { + this->violation_ip_ = std::nullopt; + } if (has_ip_changed) { @@ -657,7 +681,7 @@ namespace unicorn bool has_violation() const override { - return this->has_violation_; + return this->violation_ip_.has_value(); } std::string get_name() const override @@ -668,7 +692,7 @@ namespace unicorn private: mutable bool has_snapshots_{false}; uc_engine* uc_{}; - bool has_violation_{false}; + std::optional violation_ip_{}; std::vector> hooks_{}; std::unordered_map mmio_{}; }; diff --git a/src/windows-emulator/windows_emulator.cpp b/src/windows-emulator/windows_emulator.cpp index b384c576..a8eafde4 100644 --- a/src/windows-emulator/windows_emulator.cpp +++ b/src/windows-emulator/windows_emulator.cpp @@ -451,11 +451,14 @@ void windows_emulator::setup_hooks() const auto ticks = this->clock_->timestamp_counter(); this->emu().reg(x86_register::rax, ticks & 0xFFFFFFFF); this->emu().reg(x86_register::rdx, (ticks >> 32) & 0xFFFFFFFF); + return instruction_hook_continuation::skip_instruction; }); // TODO: Unicorn needs this - This should be handled in the backend this->emu().hook_instruction(x86_hookable_instructions::invalid, [&] { + // TODO: Unify icicle & unicorn handling + dispatch_illegal_instruction_violation(this->emu(), this->process); return instruction_hook_continuation::skip_instruction; // }); From 2185d00ec02518ae106c9573c379271226dfbf9f Mon Sep 17 00:00:00 2001 From: Maurice Heumann Date: Sun, 13 Jul 2025 19:43:13 +0200 Subject: [PATCH 2/4] Revert invalid instruction changes --- .../unicorn_x86_64_emulator.cpp | 18 ++---------------- 1 file changed, 2 insertions(+), 16 deletions(-) diff --git a/src/backends/unicorn-emulator/unicorn_x86_64_emulator.cpp b/src/backends/unicorn-emulator/unicorn_x86_64_emulator.cpp index cfbb2806..4cfd99b7 100644 --- a/src/backends/unicorn-emulator/unicorn_x86_64_emulator.cpp +++ b/src/backends/unicorn-emulator/unicorn_x86_64_emulator.cpp @@ -383,22 +383,8 @@ namespace unicorn if (inst_type == x86_hookable_instructions::invalid) { - function_wrapper wrapper([this, c = std::move(callback)](uc_engine*) { - const auto ip = this->read_instruction_pointer(); - const auto skip = c() == instruction_hook_continuation::skip_instruction; - const auto new_ip = this->read_instruction_pointer(); - const auto has_ip_changed = ip != new_ip; - - if (skip && has_ip_changed) - { - // this->violation_ip_ = new_ip; - } - else - { - this->violation_ip_ = std::nullopt; - } - - return skip ? 1 : 0; + function_wrapper wrapper([c = std::move(callback)](uc_engine*) { + return (c() == instruction_hook_continuation::skip_instruction) ? 1 : 0; }); uce(uc_hook_add(*this, hook.make_reference(), UC_HOOK_INSN_INVALID, wrapper.get_function(), From cb32bef085432c4b84c94868ecbe0b71f34733ee Mon Sep 17 00:00:00 2001 From: Maurice Heumann Date: Sun, 13 Jul 2025 20:03:33 +0200 Subject: [PATCH 3/4] Update unicorn --- .gitmodules | 2 +- deps/unicorn | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitmodules b/.gitmodules index aa39392f..b6c86422 100644 --- a/.gitmodules +++ b/.gitmodules @@ -2,7 +2,7 @@ path = deps/unicorn url = https://github.com/momo5502/unicorn.git shallow = true - branch = wasm + branch = dev [submodule "deps/reflect"] path = deps/reflect url = https://github.com/qlibs/reflect.git diff --git a/deps/unicorn b/deps/unicorn index 2c320ce5..4b7b8943 160000 --- a/deps/unicorn +++ b/deps/unicorn @@ -1 +1 @@ -Subproject commit 2c320ce510d5a4279f2ed59de477a8bb0cf09f12 +Subproject commit 4b7b89432fd02cdbaabe84ec672ad4804acc0d6e From da6be67bbee14b04920f3ff9b3554a31e6db2609 Mon Sep 17 00:00:00 2001 From: momo5502 Date: Sun, 24 Aug 2025 12:07:39 +0200 Subject: [PATCH 4/4] Update unicorn --- deps/unicorn | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deps/unicorn b/deps/unicorn index f5108b33..79f4f7a5 160000 --- a/deps/unicorn +++ b/deps/unicorn @@ -1 +1 @@ -Subproject commit f5108b33a55db0dee2285cf0cc600e7e71240be0 +Subproject commit 79f4f7a51eb4e8360ab08a51ce6d68b8ae24cd1b