qilingframework
diff --git a/‎examples/mcu/gd32vf103_blink.py‎
Lines changed: 24 additions & 0 deletions b/‎examples/mcu/gd32vf103_blink.py‎
Lines changed: 24 additions & 0 deletions
diff --git a/‎examples/mcu/stm32f407_hack_lock.py‎
Lines changed: 3 additions & 1 deletion b/‎examples/mcu/stm32f407_hack_lock.py‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎examples/mcu/stm32f411_dma_logger.py‎
Lines changed: 2 additions & 2 deletions b/‎examples/mcu/stm32f411_dma_logger.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎examples/mcu/stm32f411_freertos.py‎
Lines changed: 2 additions & 1 deletion b/‎examples/mcu/stm32f411_freertos.py‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎examples/mcu/stm32f411_gpio_hook.py‎
Lines changed: 2 additions & 2 deletions b/‎examples/mcu/stm32f411_gpio_hook.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎examples/mcu/stm32f411_i2c_lcd.py‎
Lines changed: 2 additions & 2 deletions b/‎examples/mcu/stm32f411_i2c_lcd.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎examples/mcu/stm32f411_interact_usart.py‎
Lines changed: 3 additions & 1 deletion b/‎examples/mcu/stm32f411_interact_usart.py‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎qiling/arch/cortex_m.py‎
Lines changed: 1 addition & 1 deletion b/‎qiling/arch/cortex_m.py‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎qiling/arch/riscv.py‎
Lines changed: 34 additions & 5 deletions b/‎qiling/arch/riscv.py‎
Lines changed: 34 additions & 5 deletions
diff --git a/‎qiling/extensions/mcu/gd32vf1/__init__.py‎
Lines changed: 6 additions & 0 deletions b/‎qiling/extensions/mcu/gd32vf1/__init__.py‎
Lines changed: 6 additions & 0 deletions
@@ -0,0 +1,24 @@
+import sys
+sys.path.append("../..")
+
+from qiling.core import Qiling
+from qiling.const import QL_VERBOSE
+from qiling.extensions.mcu.gd32vf1 import gd32vf103
+
+ql = Qiling(['../rootfs/mcu/gd32vf103/blink.hex'], archtype="riscv64", 
+                    env=gd32vf103, verbose=QL_VERBOSE.DEBUG)
+
+ql.hw.create('rcu')
+ql.hw.create('gpioa').watch()
+ql.hw.create('gpioc').watch()
+
+delay_cycles_begin = 0x800015c
+delay_cycles_end = 0x800018c
+
+def skip_delay(ql):
+    ql.reg.pc = delay_cycles_end
+
+ql.hook_address(skip_delay, delay_cycles_begin)
+ql.hw.gpioc.hook_set(13, lambda : print('Set PC13'))
+
+ql.run(count=20000)
@@ -12,6 +12,8 @@
 
 from qiling.core import Qiling
 from qiling.const import QL_VERBOSE
+from qiling.extensions.mcu.stm32f4 import stm32f407
+
 
 def dicts():
     a = 0x79df7
@@ -25,7 +27,7 @@ def dicts():
 # Cracking the passwd of lock
 def crack(passwd):
     ql = Qiling(["../../examples/rootfs/mcu/stm32f407/backdoorlock.hex"],                    
-                        archtype="cortex_m", profile="stm32f407", verbose=QL_VERBOSE.OFF)
+                        archtype="cortex_m", env=stm32f407, verbose=QL_VERBOSE.OFF)
 
     ql.hw.create('spi2')
     ql.hw.create('gpioe')
 
@@ -3,11 +3,11 @@
 
 from qiling.core import Qiling
 from qiling.const import QL_VERBOSE
-
+from qiling.extensions.mcu.stm32f4 import stm32f411
 
 def stm32f411_dma():
     ql = Qiling(["../rootfs/mcu/stm32f411/dma-clock.hex"],                    
-        archtype="cortex_m", profile="stm32f411", verbose=QL_VERBOSE.DEBUG)
+        archtype="cortex_m", env=stm32f411, verbose=QL_VERBOSE.DEBUG)
 
     ql.hw.create('usart2').watch()
     ql.hw.create('dma1').watch()
 
@@ -3,11 +3,12 @@
 
 from qiling.core import Qiling
 from qiling.const import QL_VERBOSE
+from qiling.extensions.mcu.stm32f4 import stm32f411
 
 
 def stm32f411_freertos():
     ql = Qiling(["../rootfs/mcu/stm32f411/os-demo.hex"],                    
-        archtype="cortex_m", profile="stm32f411", verbose=QL_VERBOSE.DEBUG)
+        archtype="cortex_m", env=stm32f411, verbose=QL_VERBOSE.DEBUG)
 
     ql.hw.create('usart2').watch()
     ql.hw.create('gpioa').watch()
 
@@ -3,11 +3,11 @@
 
 from qiling.core import Qiling
 from qiling.const import QL_VERBOSE
-
+from qiling.extensions.mcu.stm32f4 import stm32f411
 
 def test_mcu_gpio_stm32f411():
     ql = Qiling(["../../examples/rootfs/mcu/stm32f411/hello_gpioA.hex"],                    
-                archtype="cortex_m", profile="stm32f411", verbose=QL_VERBOSE.DEBUG)
+                archtype="cortex_m", env=stm32f411, verbose=QL_VERBOSE.DEBUG)
 
     ql.hw.create('usart2').watch()
     ql.hw.create('rcc').watch()
 
@@ -5,10 +5,10 @@
 from qiling.core import Qiling
 from qiling.const import QL_VERBOSE
 from qiling.hw.external_device.lcd.lcd1602 import PyGameLCD1602
-
+from qiling.extensions.mcu.stm32f4 import stm32f411
 
 def create(path, lcd):
-    ql = Qiling([path], archtype="cortex_m", profile="stm32f411", verbose=QL_VERBOSE.DEBUG)
+    ql = Qiling([path], archtype="cortex_m", env=stm32f411, verbose=QL_VERBOSE.DEBUG)
 
     ql.hw.create('i2c1')
     ql.hw.create('rcc')
 
@@ -12,9 +12,11 @@
 
 from qiling.core import Qiling
 from qiling.const import QL_VERBOSE
+from qiling.extensions.mcu.stm32f4 import stm32f411
+
 
 ql = Qiling(["../../examples/rootfs/mcu/stm32f411/md5_server.hex"], 
-            archtype="cortex_m", profile="stm32f411", verbose=QL_VERBOSE.OFF)
+            archtype="cortex_m", env=stm32f411, verbose=QL_VERBOSE.OFF)
 
 ql.hw.create('usart2')
 ql.hw.create('rcc')
 
@@ -106,7 +106,7 @@ def is_handler_mode(self):
     def using_psp(self):
         return not self.is_handler_mode() and (self.ql.reg.read('control') & CONTROL.SPSEL) > 0
 
-    def reset_register(self):
+    def init_context(self):
         self.ql.reg.write('lr', 0xffffffff)
         self.ql.reg.write('msp', self.ql.mem.read_ptr(0x0))
         self.ql.reg.write('pc' , self.ql.mem.read_ptr(0x4))
 
@@ -34,8 +34,8 @@ def get_init_uc(self) -> Uc:
 
     def create_disassembler(self) -> Cs:
         try:
-            from capstone import CS_ARCH_RISCV, CS_MODE_RISCV32
-            return Cs(CS_ARCH_RISCV, CS_MODE_RISCV32)
+            from capstone import CS_ARCH_RISCV, CS_MODE_RISCV32, CS_MODE_RISCVC
+            return Cs(CS_ARCH_RISCV, CS_MODE_RISCV32 + CS_MODE_RISCVC)
         except ImportError:
             raise QlErrorNotImplemented("Capstone does not yet support riscv, upgrade to capstone 5.0")
 
@@ -45,8 +45,37 @@ def create_assembler(self) -> Ks:
     def enable_float(self):
         self.ql.reg.mstatus = self.ql.reg.mstatus | MSTATUS.FS_DIRTY
 
-    def reset_register(self):
-        self.enable_float()
+    def init_context(self):
+        self.ql.reg.pc = 0x08000000
 
     def soft_interrupt_handler(self, ql, intno):
-        raise QlErrorNotImplemented(f'Unhandled interrupt number ({intno})')
+        if intno == 2:            
+            try:
+                address, size = ql.reg.pc - 4, 4
+                tmp = ql.mem.read(address, size)
+                qd = ql.arch.create_disassembler()
+
+                insn = '\n> '.join(f'{insn.mnemonic} {insn.op_str}' for insn in qd.disasm(tmp, address))
+            except QlErrorNotImplemented:
+                insn = ''
+                
+            ql.log.warning(f'[{hex(address)}] Illegal instruction ({insn})')
+        else:
+            raise QlErrorNotImplemented(f'Unhandled interrupt number ({intno})')
+    
+    def step(self):
+        self.ql.emu_start(self.get_pc(), 0, count=1)
+        self.ql.hw.step()
+
+    def stop(self):
+        self.runable = False
+
+    def run(self, count=-1, end=None):
+        self.runable = True
+
+        while self.runable and count != 0:
+            if self.get_pc() == end:
+                break
+
+            self.step()
+            count -= 1
@@ -0,0 +1,6 @@
+#!/usr/bin/env python3
+#
+# Cross Platform and Multi Architecture Advanced Binary Emulation Framework
+#
+
+from .gd32vf103 import gd32vf103