search

AlexAltea / unicorn.js

Unicorn CPU emulator framework port for JavaScript
https://alexaltea.github.io/unicorn.js/
GNU General Public License v2.0
566 stars 36 forks source link

Invalid memory fetch error #11

Closed typoon closed 7 years ago

typoon commented 7 years ago

Hi!

I am playing around with Unicorn.js and it seems pretty cool. For some reason, the example from the demo website does not work for me. Whenever I try the example below, I am getting the following error:

unicorn-x86.min.js:316 Uncaught Unicorn.js: Function uc_emu_start failed with code 8:
Invalid memory fetch (UC_ERR_FETCH_UNMAPPED)

I tried on both latest Chrome and Firefox, same error. (just making sure it was not erroring because of the browser).

Anyways, here is the code to reproduce the issue:

<script src='unicorn-x86.min.js'></script>
<!-- <script src='libs/keystone-x86.min.js'></script> -->

<script>
function run() {

    var addr = 0x10000;
    var asm_code = ` mov eax,0 
                     mov edx,1 
                     mov ecx,30 
                     xadd eax,edx 
                     loop -3 
                     hlt`;

    //var my_ks = new ks.Keystone(ks.ARCH_X86, ks.MODE_32);
    var my_uc = new uc.Unicorn(uc.ARCH_X86, uc.MODE_32);
    //my_ks.option(ks.OPT_SYNTAX, ks.OPT_SYNTAX_INTEL);

    //var code = my_ks.asm(asm_code);
    // This array is the same as if I compiled the code above. Just removing
    // keystone to make sure it is not interfering with the results
    code = [184, 0, 0, 0, 0, 186, 1, 0, 0, 0, 185, 30, 0, 0, 0, 15, 193, 208, 226, 233, 244];

    console.log("------CODE----------");
    console.log(code);
    console.log("--------------------");

    // Write registers and memory
    // 4k of memory for now
    my_uc.mem_map(addr, 4*1024, uc.PROT_ALL);
    my_uc.mem_write(addr, code);

    //my_uc.hook_add(uc.HOOK_CODE, hook_code_2, "some data", 1, 0);

    // Start emulator
    var begin = addr;
    var until = addr + code.length;
    console.log("begin = 0x" + begin.toString(16) + "; until = 0x" + until.toString(16));

    my_uc.emu_start(begin, until, 0, 0);

    // Read registers
    //console.log(read_regs_x86(my_uc));
}

run();
</script>

Any ideas what could be causing this issue? I am using the latest release from here: https://github.com/AlexAltea/unicorn.js/releases/download/v1.0/unicorn-x86.min.js. It has a sha256sum equal to db98db852c14b2337315c4a4409819116bcc52817bdec34ccb06c52ba8fb2c12.

typoon commented 7 years ago

I figured this out. The 'loop -3' instruction was being compiled incorrectly and causing the code to jump to unmapped memory. Closing the issue...

AlexAltea commented 7 years ago

@typoon Sorry for the late reply, these were busy days for me. Indeed, the instruction was compiled incorrectly. Just in case, have you checked it's not a Keystone.js bug (i.e. does the issue also occur with Keystone)?

Correct version should be:

code = [184, 0, 0, 0, 0, 186, 1, 0, 0, 0, 185, 30, 0, 0, 0, 15, 193, 208, 226, 251, 244];

I will now check your other issue.