Merge pull request #1521 from unicorn-engine/s390x

S390X Support

tests/fuzz/fuzz_emu_s390x_be.c

@@ -0,0 +1,56 @@
+#include <unicorn/unicorn.h>
+
+
+// memory address where emulation starts
+#define ADDRESS 0x1000000
+
+uc_engine *uc;
+int initialized = 0;
+FILE * outfile = NULL;
+
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+    uc_err err;
+
+    if (initialized == 0) {
+        if (outfile == NULL) {
+            // we compute the output
+            outfile = fopen("/dev/null", "w");
+            if (outfile == NULL) {
+                printf("failed opening /dev/null\n");
+                abort();
+                return 0;
+            }
+        }
+
+        initialized = 1;
+    }
+
+    // Not global as we must reset this structure
+    // Initialize emulator in supplied mode
+    err = uc_open(UC_ARCH_S390X, UC_MODE_BIG_ENDIAN, &uc);
+    if (err != UC_ERR_OK) {
+        printf("Failed on uc_open() with error returned: %u\n", err);
+        abort();
+    }
+
+    // map 4MB memory for this emulation
+    uc_mem_map(uc, ADDRESS, 4 * 1024 * 1024, UC_PROT_ALL);
+
+    // write machine code to be emulated to memory
+    if (uc_mem_write(uc, ADDRESS, Data, Size)) {
+        printf("Failed to write emulation code to memory, quit!\n");
+        abort();
+    }
+
+    // emulate code in infinite time & 4096 instructions
+    // avoid timeouts with infinite loops
+    err=uc_emu_start(uc, ADDRESS, ADDRESS + Size, 0, 0x1000);
+    if (err) {
+        fprintf(outfile, "Failed on uc_emu_start() with error returned %u: %s\n", err, uc_strerror(err));
+    }
+
+    uc_close(uc);
+
+    return 0;
+}

tests/fuzz/gentargets.sh

@@ -19,3 +19,5 @@ sed 's/UC_ARCH_X86/UC_ARCH_ARM/' fuzz_emu_x86_32.c | sed 's/UC_MODE_32/UC_MODE_A
 sed 's/UC_ARCH_X86/UC_ARCH_ARM/' fuzz_emu_x86_32.c | sed 's/UC_MODE_32/UC_MODE_THUMB/' > fuzz_emu_arm_thumb.c
 sed 's/UC_ARCH_X86/UC_ARCH_ARM/' fuzz_emu_x86_32.c | sed 's/UC_MODE_32/UC_MODE_ARM + UC_MODE_BIG_ENDIAN/' > fuzz_emu_arm_armbe.c
 #sed 's/UC_ARCH_X86/UC_ARCH_ARM/' fuzz_emu_x86_32.c | sed 's/UC_MODE_32/UC_MODE_THUMB + UC_MODE_BIG_ENDIAN/' > fuzz_emu_arm_thumbbe.c
+
+sed 's/UC_ARCH_X86/UC_ARCH_S390X/' fuzz_emu_x86_32.c | sed 's/UC_MODE_32/UC_MODE_BIG_ENDIAN/' > fuzz_emu_s390x_be.c

tests/unit/test_s390x.c

@@ -0,0 +1,36 @@
+#include "unicorn_test.h"
+
+const uint64_t code_start = 0x1000;
+const uint64_t code_len = 0x4000;
+
+static void uc_common_setup(uc_engine **uc, uc_arch arch, uc_mode mode,
+                            const char *code, uint64_t size)
+{
+    OK(uc_open(arch, mode, uc));
+    OK(uc_mem_map(*uc, code_start, code_len, UC_PROT_ALL));
+    OK(uc_mem_write(*uc, code_start, code, size));
+}
+
+static void test_s390x_lr()
+{
+    char code[] = "\x18\x23"; // lr %r2, %r3
+    uint64_t r_pc, r_r2, r_r3 = 0x114514;
+    uc_engine *uc;
+
+    uc_common_setup(&uc, UC_ARCH_S390X, UC_MODE_BIG_ENDIAN, code,
+                    sizeof(code) - 1);
+
+    OK(uc_reg_write(uc, UC_S390X_REG_R3, &r_r3));
+
+    OK(uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0));
+
+    OK(uc_reg_read(uc, UC_S390X_REG_R2, &r_r2));
+    OK(uc_reg_read(uc, UC_S390X_REG_PC, &r_pc));
+
+    TEST_CHECK(r_r2 == 0x114514);
+    TEST_CHECK(r_pc == code_start + sizeof(code) - 1);
+
+    OK(uc_close(uc));
+}
+
+TEST_LIST = {{"test_s390x_lr", test_s390x_lr}, {NULL, NULL}};