Skip to content

[lldb] Fix auto advance PC in EmulateInstructionARM64 if PC >= 4G #151460

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 7 commits into from
Aug 5, 2025
Merged

[lldb] Fix auto advance PC in EmulateInstructionARM64 if PC >= 4G #151460

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
e7ae06b
[lldb] Fix auto advance PC in 'EmulateInstructionARM64' if PC >= 4G
igorkudrin Jul 31, 2025
39092fd
fixup! formatting
igorkudrin Jul 31, 2025
536b183
fixup! x0 is a regular register
igorkudrin Jul 31, 2025
c04cfa3
fixup! add an assert() to WriteMemoryCallback()
igorkudrin Jul 31, 2025
21abebc
fixup! make PC even bigger
igorkudrin Jul 31, 2025
a09f584
Merge branch 'main' into lldb-arm64-autoadvancepc
igorkudrin Aug 5, 2025
ba2067e
fixup! assert -> llvm_unreachable
igorkudrin Aug 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions lldb/source/Plugins/Instruction/ARM64/EmulateInstructionARM64.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -404,7 +404,7 @@ bool EmulateInstructionARM64::EvaluateInstruction(uint32_t evaluate_options) {
if (!success && !m_ignore_conditions)
return false;

uint32_t orig_pc_value = 0;
uint64_t orig_pc_value = 0;
if (auto_advance_pc) {
orig_pc_value =
ReadRegisterUnsigned(eRegisterKindLLDB, gpr_pc_arm64, 0, &success);
Expand All @@ -418,7 +418,7 @@ bool EmulateInstructionARM64::EvaluateInstruction(uint32_t evaluate_options) {
return false;

if (auto_advance_pc) {
uint32_t new_pc_value =
uint64_t new_pc_value =
ReadRegisterUnsigned(eRegisterKindLLDB, gpr_pc_arm64, 0, &success);
if (!success)
return false;
Expand Down
126 changes: 125 additions & 1 deletion lldb/unittests/Instruction/ARM64/TestAArch64Emulator.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,15 +13,124 @@
#include "lldb/Core/Disassembler.h"
#include "lldb/Target/ExecutionContext.h"
#include "lldb/Utility/ArchSpec.h"
#include "lldb/Utility/RegisterValue.h"

#include "Plugins/Instruction/ARM64/EmulateInstructionARM64.h"
#include "Plugins/Process/Utility/RegisterInfoPOSIX_arm64.h"
#include "Plugins/Process/Utility/lldb-arm64-register-enums.h"

using namespace lldb;
using namespace lldb_private;

struct Arch64EmulatorTester : public EmulateInstructionARM64 {
RegisterInfoPOSIX_arm64::GPR gpr;
uint8_t memory[64] = {0};
uint64_t memory_offset = 0;

Arch64EmulatorTester()
: EmulateInstructionARM64(ArchSpec("arm64-apple-ios")) {}
: EmulateInstructionARM64(ArchSpec("arm64-apple-ios")) {
memset(&gpr, 0, sizeof(gpr));
EmulateInstruction::SetCallbacks(ReadMemoryCallback, WriteMemoryCallback,
ReadRegisterCallback,
WriteRegisterCallback);
}

static bool ReadRegisterCallback(EmulateInstruction *instruction, void *baton,
const RegisterInfo *reg_info,
RegisterValue &reg_value) {
auto *tester = static_cast<Arch64EmulatorTester *>(instruction);
uint32_t reg = reg_info->kinds[eRegisterKindLLDB];
if (reg >= gpr_x1_arm64 && reg <= gpr_x28_arm64) {
reg_value.SetUInt64(tester->gpr.x[reg - gpr_x0_arm64]);
return true;
}
if (reg >= gpr_w1_arm64 && reg <= gpr_w28_arm64) {
reg_value.SetUInt32(tester->gpr.x[reg - gpr_w0_arm64]);
return true;
}
switch (reg) {
case gpr_x0_arm64:
reg_value.SetUInt64(0);
return true;
case gpr_w0_arm64:
reg_value.SetUInt32(0);
return true;
Copy link
Collaborator

@DavidSpickett DavidSpickett Jul 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why are these tied to 0? AArch64's zero register is xzr and it's not the 0th register as it is for MIPS and RISC-V.

Copy link
Collaborator Author

@igorkudrin igorkudrin Jul 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! Fixed.

case gpr_fp_arm64:
reg_value.SetUInt64(tester->gpr.fp);
return true;
case gpr_lr_arm64:
reg_value.SetUInt64(tester->gpr.lr);
return true;
case gpr_sp_arm64:
reg_value.SetUInt64(tester->gpr.sp);
return true;
case gpr_pc_arm64:
reg_value.SetUInt64(tester->gpr.pc);
return true;
case gpr_cpsr_arm64:
reg_value.SetUInt64(tester->gpr.cpsr);
return true;
default:
return false;
}
}

static bool WriteRegisterCallback(EmulateInstruction *instruction,
void *baton, const Context &context,
const RegisterInfo *reg_info,
const RegisterValue &reg_value) {
auto *tester = static_cast<Arch64EmulatorTester *>(instruction);
uint32_t reg = reg_info->kinds[eRegisterKindLLDB];
if (reg >= gpr_x1_arm64 && reg <= gpr_x28_arm64) {
tester->gpr.x[reg - gpr_x0_arm64] = reg_value.GetAsUInt64();
return true;
}
if (reg >= gpr_w1_arm64 && reg <= gpr_w28_arm64) {
tester->gpr.x[reg - gpr_w0_arm64] = reg_value.GetAsUInt32();
return true;
}
switch (reg) {
case gpr_fp_arm64:
tester->gpr.fp = reg_value.GetAsUInt64();
return true;
case gpr_lr_arm64:
tester->gpr.lr = reg_value.GetAsUInt64();
return true;
case gpr_sp_arm64:
tester->gpr.sp = reg_value.GetAsUInt64();
return true;
case gpr_pc_arm64:
tester->gpr.pc = reg_value.GetAsUInt64();
return true;
case gpr_cpsr_arm64:
tester->gpr.cpsr = reg_value.GetAsUInt64();
return true;
default:
return false;
}
}

static size_t ReadMemoryCallback(EmulateInstruction *instruction, void *baton,
const Context &context, addr_t addr,
void *dst, size_t length) {
auto *tester = static_cast<Arch64EmulatorTester *>(instruction);
assert(addr >= tester->memory_offset);
assert(addr - tester->memory_offset + length <= sizeof(tester->memory));
if (addr >= tester->memory_offset &&
addr - tester->memory_offset + length <= sizeof(tester->memory)) {
memcpy(dst, tester->memory + addr - tester->memory_offset, length);
return length;
}
return 0;
};

static size_t WriteMemoryCallback(EmulateInstruction *instruction,
void *baton, const Context &context,
addr_t addr, const void *dst,
size_t length) {
// TODO: implement when required
Copy link
Collaborator

@DavidSpickett DavidSpickett Jul 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this ever get called? If not you could add an assert here too.

Copy link
Collaborator

@labath labath Aug 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

or even llvm_unreachable

return 0;
};

static uint64_t AddWithCarry(uint32_t N, uint64_t x, uint64_t y, bool carry_in,
EmulateInstructionARM64::ProcState &proc_state) {
Expand Down Expand Up @@ -60,3 +169,18 @@ TEST_F(TestAArch64Emulator, TestOverflow) {
ASSERT_EQ(pstate.V, 1ULL);
ASSERT_EQ(pstate.C, 0ULL);
}

TEST_F(TestAArch64Emulator, TestAutoAdvancePC) {
Arch64EmulatorTester emu;
emu.memory_offset = 0x1234567800;
emu.gpr.pc = 0x1234567800;
Copy link
Collaborator

@DavidSpickett DavidSpickett Jul 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see that this would be truncated if not for this fix, but please make it a full 64-bit value so that it is as obvious as it can be.

emu.gpr.x[8] = 0x1234567820;
memcpy(emu.memory, "\x08\x01\x40\xb9", 4); // ldr w8, [x8]
memcpy(emu.memory + 0x20, "\x11\x22\x33\x44", 4); // 0x44332211
ASSERT_TRUE(emu.ReadInstruction());
ASSERT_TRUE(
emu.EvaluateInstruction(eEmulateInstructionOptionAutoAdvancePC |
eEmulateInstructionOptionIgnoreConditions));
ASSERT_EQ(emu.gpr.pc, 0x1234567804);
ASSERT_EQ(emu.gpr.x[8], 0x44332211);
}
Loading