def test_ldrd_register_a1(arm_v6_without_fetch, instruction, index, mem_offset):
arm = arm_v6_without_fetch
arm.opcode = instruction
arm.opcode_len = 32
# setting Data Region registers
arm.registers.drsrs[0].en = 1 # enabling memory region
arm.registers.drsrs[0].rsize = 0b00011 # setting region size
arm.registers.drbars[0] = 0x0F000000 # setting region base address
arm.registers.dracrs[0].ap = 0b011 # setting access permissions
arm.registers.mpuir.iregion = 0x01 # declaring the region
arm.registers.mpuir.dregion = 0x01 # declaring the region
ram_memory = RAM(0x100)
ram_memory.write(mem_offset, 8, b'\x44\x33\x22\x11\x88\x77\x66\x55')
mc = MemoryController(ram_memory, 0x0F000000, 0x0F000100)
arm.mem.memories.append(mc)
opcode = arm.decode_instruction(arm.opcode)
opcode = opcode.from_bitarray(arm.opcode, arm)
assert isinstance(opcode, LdrdRegisterA1)
assert opcode.wback
assert opcode.n == 1
assert opcode.index == index
assert opcode.add
assert opcode.m == 0
assert opcode.t == 2
assert opcode.t2 == 3
arm.registers.set(opcode.n, 0x0F000000)
arm.registers.set(opcode.m, 4)
arm.emulate_cycle()
assert arm.registers.get(opcode.t) == 0x11223344
assert arm.registers.get(opcode.t2) == 0x55667788
assert arm.registers.get(opcode.n) == 0x0F000004
def test_tbb_tbh_t1(thumb_v6_without_fetch, instruction, is_tbh, pc):
arm = thumb_v6_without_fetch
arm.opcode = instruction
arm.opcode_len = 32
# setting Data Region registers
arm.registers.drsrs[0].en = 1 # enabling memory region
arm.registers.drsrs[0].rsize = 0b00011 # setting region size
arm.registers.drbars[0] = 0x0F000000 # setting region base address
arm.registers.dracrs[0].ap = 0b011 # setting access permissions
arm.registers.mpuir.iregion = 0x01 # declaring the region
arm.registers.mpuir.dregion = 0x01 # declaring the region
ram_memory = RAM(0x100)
ram_memory.write(0, 4, b'\x10\x20\x30\x40')
mc = MemoryController(ram_memory, 0x0F000000, 0x0F000100)
arm.mem.memories.append(mc)
opcode = arm.decode_instruction(arm.opcode)
opcode = opcode.from_bitarray(arm.opcode, arm)
assert type(opcode) == TbbTbhT1
assert opcode.is_tbh == is_tbh
assert opcode.instruction == arm.opcode
assert opcode.n == 0
assert opcode.m == 1
arm.registers.set(opcode.n, 0x0F000000)
arm.registers.set(opcode.m, 1)
arm.emulate_cycle()
assert arm.registers.pc_store_value() == pc
def test_ldr_register_arm_a1(arm_v6_without_fetch):
arm = arm_v6_without_fetch
arm.opcode = 0b11100111100100010010000000000000
arm.opcode_len = 32
# setting Data Region registers
arm.registers.drsrs[0].en = 1 # enabling memory region
arm.registers.drsrs[0].rsize = 0b00011 # setting region size
arm.registers.drbars[0] = 0x0F000000 # setting region base address
arm.registers.dracrs[0].ap = 0b011 # setting access permissions
arm.registers.mpuir.iregion = 0x01 # declaring the region
arm.registers.mpuir.dregion = 0x01 # declaring the region
ram_memory = RAM(0x100)
ram_memory.write(0x4, 4, b'\x11\x22\x33\x44')
mc = MemoryController(ram_memory, 0x0F000000, 0x0F000100)
arm.mem.memories.append(mc)
opcode = arm.decode_instruction(arm.opcode)
opcode = opcode.from_bitarray(arm.opcode, arm)
assert isinstance(opcode, LdrRegisterArmA1)
assert opcode.m == 0
assert opcode.n == 1
assert opcode.t == 2
assert opcode.shift_n == 0
assert opcode.shift_t == SRType.LSL
assert opcode.add
assert not opcode.wback
assert opcode.index
arm.registers.set(opcode.n, 0x0F000000)
arm.registers.set(opcode.m, 4)
arm.emulate_cycle()
assert arm.registers.get(opcode.t) == 0x44332211
def test_ldr_immediate_thumb_t2(thumb_v6_without_fetch):
arm = thumb_v6_without_fetch
arm.opcode = 0b1001100000000001
arm.opcode_len = 16
# setting Data Region registers
arm.registers.drsrs[0].en = 1 # enabling memory region
arm.registers.drsrs[0].rsize = 0b00011 # setting region size
arm.registers.drbars[0] = 0x0F000000 # setting region base address
arm.registers.dracrs[0].ap = 0b011 # setting access permissions
arm.registers.mpuir.iregion = 0x01 # declaring the region
arm.registers.mpuir.dregion = 0x01 # declaring the region
ram_memory = RAM(0x100)
ram_memory.write(0x4, 4, b'ECIN')
mc = MemoryController(ram_memory, 0x0F000000, 0x0F000100)
arm.mem.memories.append(mc)
opcode = arm.decode_instruction(arm.opcode)
opcode = opcode.from_bitarray(arm.opcode, arm)
assert type(opcode) == LdrImmediateThumbT2
assert opcode.imm32 == 4
assert opcode.n == 13
assert opcode.t == 0
assert opcode.add
assert not opcode.wback
assert opcode.index
arm.registers.set(opcode.n, 0x0F000000)
arm.emulate_cycle()
assert arm.registers.get(opcode.t) == struct.unpack('>I', b'NICE')[0]
def test_ldrsh_register_t1(thumb_v6_without_fetch):
arm = thumb_v6_without_fetch
arm.opcode = 0b0101111000001010
arm.opcode_len = 16
# setting Data Region registers
arm.registers.drsrs[0].en = 1 # enabling memory region
arm.registers.drsrs[0].rsize = 0b00011 # setting region size
arm.registers.drbars[0] = 0x0F000000 # setting region base address
arm.registers.dracrs[0].ap = 0b011 # setting access permissions
arm.registers.mpuir.iregion = 0x01 # declaring the region
arm.registers.mpuir.dregion = 0x01 # declaring the region
ram_memory = RAM(0x100)
ram_memory.write(0x4, 4, b'\x30\x91IN')
mc = MemoryController(ram_memory, 0x0F000000, 0x0F000100)
arm.mem.memories.append(mc)
opcode = arm.decode_instruction(arm.opcode)
opcode = opcode.from_bitarray(arm.opcode, arm)
assert type(opcode) == LdrshRegisterT1
assert opcode.m == 0
assert opcode.n == 1
assert opcode.t == 2
assert opcode.shift_n == 0
assert opcode.shift_t == SRType.LSL
assert opcode.add
assert opcode.index
assert not opcode.wback
arm.registers.set(opcode.n, 0x0F000000)
arm.registers.set(opcode.m, 4)
arm.emulate_cycle()
assert arm.registers.get(opcode.t) == 0xffff9130
def test_ldmdb_a1(arm_v6_without_fetch):
arm = arm_v6_without_fetch
arm.opcode = 0b11101000001100000100000000100100
arm.opcode_len = 32
arm.registers.drsrs[0].en = 1 # enabling memory region
arm.registers.drsrs[0].rsize = 0b01000 # setting region size
arm.registers.drbars[0] = 0x0F000000 # setting region base address
arm.registers.dracrs[0].ap = 0b011 # setting access permissions
arm.registers.mpuir.iregion = 0x01 # declaring the region
arm.registers.mpuir.dregion = 0x01 # declaring the region
ram_memory = RAM(0x100)
ram_memory.write(0x4, 0xc,
b'\x44\x33\x22\x11\x88\x77\x66\x55\xDD\xCC\xBB\xAA')
mc = MemoryController(ram_memory, 0x0F000000, 0x0F000100)
arm.mem.memories.append(mc)
opcode = arm.decode_instruction(arm.opcode)
opcode = opcode.from_bitarray(arm.opcode, arm)
assert isinstance(opcode, LdmdaA1)
assert opcode.wback
assert opcode.n == 0
assert opcode.registers == 0b0100000000100100
arm.registers.set(opcode.n, 0x0F00000C)
arm.emulate_cycle()
assert arm.registers.get(2) == 0x11223344
assert arm.registers.get(5) == 0x55667788
assert arm.registers.get_lr() == 0xAABBCCDD
assert arm.registers.get(opcode.n) == 0x0F000000
def test_ldmdb_t1(thumb_v6_without_fetch):
arm = thumb_v6_without_fetch
arm.opcode = 0b11101001001100001000000000000010
arm.opcode_len = 32
arm.registers.drsrs[0].en = 1 # enabling memory region
arm.registers.drsrs[0].rsize = 0b01000 # setting region size
arm.registers.drbars[0] = 0x0F000000 # setting region base address
arm.registers.dracrs[0].ap = 0b011 # setting access permissions
arm.registers.mpuir.iregion = 0x01 # declaring the region
arm.registers.mpuir.dregion = 0x01 # declaring the region
ram_memory = RAM(0x100)
ram_memory.write(0x4, 8, b'\xAA\xBB\xCC\xDD\x55\x44\x33\x22')
mc = MemoryController(ram_memory, 0x0F000000, 0x0F000100)
arm.mem.memories.append(mc)
opcode = arm.decode_instruction(arm.opcode)
opcode = opcode.from_bitarray(arm.opcode, arm)
assert isinstance(opcode, LdmdbT1)
assert opcode.wback
assert opcode.n == 0
assert opcode.registers == 0b1000000000000010
arm.registers.set(opcode.n, 0x0F00000C)
arm.emulate_cycle()
assert arm.registers.get(1) == 0xDDCCBBAA
assert arm.registers.get(0) == 0x0F000004
assert arm.registers.pc_store_value() == 0x22334454
def test_ldrbt_t1(thumb_v6_without_fetch):
arm = thumb_v6_without_fetch
arm.opcode = 0b11111000000100000001111000000100
arm.opcode_len = 32
# setting Data Region registers
arm.registers.drsrs[0].en = 1 # enabling memory region
arm.registers.drsrs[0].rsize = 0b00011 # setting region size
arm.registers.drbars[0] = 0x0F000000 # setting region base address
arm.registers.dracrs[0].ap = 0b011 # setting access permissions
arm.registers.mpuir.iregion = 0x01 # declaring the region
arm.registers.mpuir.dregion = 0x01 # declaring the region
ram_memory = RAM(0x100)
ram_memory.write(0x4, 4, b'\x44\x33\x22\x11')
mc = MemoryController(ram_memory, 0x0F000000, 0x0F000100)
arm.mem.memories.append(mc)
opcode = arm.decode_instruction(arm.opcode)
opcode = opcode.from_bitarray(arm.opcode, arm)
assert isinstance(opcode, LdrbtT1)
assert opcode.instruction == arm.opcode
assert not opcode.register_form
assert opcode.add
assert not opcode.post_index
assert opcode.t == 1
assert opcode.n == 0
assert opcode.imm32 == 4
arm.registers.set(opcode.n, 0x0F000000)
arm.emulate_cycle()
assert arm.registers.get(opcode.t) == 0x44
def test_ldm_user_registers_a1(arm_v6_without_fetch):
arm = arm_v6_without_fetch
arm.opcode = 0b11101001110100000100000000000010
arm.opcode_len = 32
arm.registers.drsrs[0].en = 1 # enabling memory region
arm.registers.drsrs[0].rsize = 0b01000 # setting region size
arm.registers.drbars[0] = 0x0F000000 # setting region base address
arm.registers.dracrs[0].ap = 0b011 # setting access permissions
arm.registers.mpuir.iregion = 0x01 # declaring the region
arm.registers.mpuir.dregion = 0x01 # declaring the region
ram_memory = RAM(0x100)
ram_memory.write(0x4, 8, b'\xAA\xBB\xCC\xDD\x54\x44\x33\x22')
mc = MemoryController(ram_memory, 0x0F000000, 0x0F000100)
arm.mem.memories.append(mc)
opcode = arm.decode_instruction(arm.opcode)
opcode = opcode.from_bitarray(arm.opcode, arm)
assert isinstance(opcode, LdmUserRegistersA1)
assert opcode.increment
assert opcode.word_higher
assert opcode.n == 0
assert opcode.registers == 0b100000000000010
arm.registers.set(opcode.n, 0x0F000000)
arm.emulate_cycle()
assert arm.registers.get(1) == 0xDDCCBBAA
arm.registers.cpsr.m = 0b10000
assert arm.registers.get_lr() == 0x22334454
def test_ldrexd_t1(thumb_v6_without_fetch):
arm = thumb_v6_without_fetch
arm.opcode = 0b11101000110100100001001101111111
arm.opcode_len = 32
# setting Data Region registers
arm.registers.drsrs[0].en = 1 # enabling memory region
arm.registers.drsrs[0].rsize = 0b00011 # setting region size
arm.registers.drbars[0] = 0x0F000000 # setting region base address
arm.registers.dracrs[0].ap = 0b011 # setting access permissions
arm.registers.mpuir.iregion = 0x01 # declaring the region
arm.registers.mpuir.dregion = 0x01 # declaring the region
ram_memory = RAM(0x100)
ram_memory.write(0, 8, b'\xaa\xbb\xcc\xdd\x11\x22\x33\x44')
mc = MemoryController(ram_memory, 0x0F000000, 0x0F000100)
arm.mem.memories.append(mc)
opcode = arm.decode_instruction(arm.opcode)
opcode = opcode.from_bitarray(arm.opcode, arm)
assert type(opcode) == LdrexdT1
assert opcode.n == 2
assert opcode.t == 1
assert opcode.t2 == 3
arm.registers.set(opcode.n, 0x0F000000)
arm.emulate_cycle()
assert arm.registers.get(opcode.t) == 0xDDCCBBAA
assert arm.registers.get(opcode.t2) == 0x44332211
def call_function_without_stack(proc, function_binary, register_params):
function_memory = RAM(len(function_binary))
function_memory.write(0, len(function_binary), function_binary)
mc = MemoryController(function_memory, FUNCTION_BASE, FUNCTION_BASE + len(function_binary))
proc.mem.memories.append(mc)
for register_index in register_params:
proc.registers.set(register_index, register_params[register_index])
curr_pc = 0xF0000000
proc.registers.branch_to(curr_pc)
while proc.registers.pc_store_value() != 0:
proc.emulate_cycle()
def prepare_emulator():
arm = ArmV6()
arm.registers.sctlr.m = 0
# Add eloop in the IRQ vector
arm.mem.memories[0].mem.write(0x18, len(ELOOP), ELOOP)
# Add eloop in the desired addr
mem = RAM(len(ELOOP))
mem.write(0, len(ELOOP), ELOOP)
mc = MemoryController(mem, ADDR, ADDR + len(ELOOP))
arm.mem.memories.append(mc)
# Reboot with new settings
arm.take_reset()
# Jump to the eloop
arm.registers.branch_to(ADDR)
return arm
def test_ldrexh_a1(arm_v6_without_fetch):
arm = arm_v6_without_fetch
arm.opcode = 0b11100001111100000010111110011111
arm.opcode_len = 32
# setting Data Region registers
arm.registers.drsrs[0].en = 1 # enabling memory region
arm.registers.drsrs[0].rsize = 0b00011 # setting region size
arm.registers.drbars[0] = 0x0F000000 # setting region base address
arm.registers.dracrs[0].ap = 0b011 # setting access permissions
arm.registers.mpuir.iregion = 0x01 # declaring the region
arm.registers.mpuir.dregion = 0x01 # declaring the region
ram_memory = RAM(0x100)
ram_memory.write(0, 4, b'\xaa\xbb\xcc\xdd')
mc = MemoryController(ram_memory, 0x0F000000, 0x0F000100)
arm.mem.memories.append(mc)
opcode = arm.decode_instruction(arm.opcode)
opcode = opcode.from_bitarray(arm.opcode, arm)
assert isinstance(opcode, LdrexhA1)
assert opcode.n == 0
assert opcode.t == 2
arm.registers.set(opcode.n, 0x0F000000)
arm.emulate_cycle()
assert arm.registers.get(opcode.t) == 0xBBAA
def test_pop_arm_a2(arm_v6_without_fetch):
arm = arm_v6_without_fetch
arm.opcode = 0b11100100100111010000000000000100
arm.opcode_len = 32
arm.registers.drsrs[0].en = 1 # enabling memory region
arm.registers.drsrs[0].rsize = 0b01000 # setting region size
arm.registers.drbars[0] = 0x0F000000 # setting region base address
arm.registers.dracrs[0].ap = 0b011 # setting access permissions
arm.registers.mpuir.iregion = 0x01 # declaring the region
arm.registers.mpuir.dregion = 0x01 # declaring the region
ram_memory = RAM(0x100)
ram_memory.write(0x0, 4, b'\x44\x33\x22\x11')
mc = MemoryController(ram_memory, 0x0F000000, 0x0F000100)
arm.mem.memories.append(mc)
opcode = arm.decode_instruction(arm.opcode)
opcode = opcode.from_bitarray(arm.opcode, arm)
assert isinstance(opcode, PopArmA2)
assert opcode.registers == 0b0000000000000001
assert opcode.unaligned_allowed
arm.registers.set_sp(0x0F000000)
arm.emulate_cycle()
assert arm.registers.get_sp() == 0x0F000004
assert arm.registers.get(0) == 0x11223344
def test_pop_thumb_t2(thumb_v6_without_fetch):
arm = thumb_v6_without_fetch
arm.opcode = 0b11101000101111011000000000000001
arm.opcode_len = 32
arm.registers.drsrs[0].en = 1 # enabling memory region
arm.registers.drsrs[0].rsize = 0b01000 # setting region size
arm.registers.drbars[0] = 0x0F000000 # setting region base address
arm.registers.dracrs[0].ap = 0b011 # setting access permissions
arm.registers.mpuir.iregion = 0x01 # declaring the region
arm.registers.mpuir.dregion = 0x01 # declaring the region
ram_memory = RAM(0x100)
ram_memory.write(0x0, 8, b'VERY\xffICE')
mc = MemoryController(ram_memory, 0x0F000000, 0x0F000100)
arm.mem.memories.append(mc)
opcode = arm.decode_instruction(arm.opcode)
opcode = opcode.from_bitarray(arm.opcode, arm)
assert isinstance(opcode, PopThumbT2)
assert opcode.registers == 0b1000000000000001
assert not opcode.unaligned_allowed
arm.registers.set_sp(0x0F000000)
arm.emulate_cycle()
assert arm.registers.get_sp() == 0x0F000008
assert arm.registers.get(0) == struct.unpack('>I', b'YREV')[0]
assert arm.registers.get_pc() == struct.unpack('>I', b'ECI\xfe')[0] + 4
def test_ldm_thumb_t1(thumb_v6_without_fetch):
arm = thumb_v6_without_fetch
arm.opcode = 0b1100100000000010
arm.opcode_len = 16
arm.registers.drsrs[0].en = 1 # enabling memory region
arm.registers.drsrs[0].rsize = 0b01000 # setting region size
arm.registers.drbars[0] = 0x0F000000 # setting region base address
arm.registers.dracrs[0].ap = 0b011 # setting access permissions
arm.registers.mpuir.iregion = 0x01 # declaring the region
arm.registers.mpuir.dregion = 0x01 # declaring the region
ram_memory = RAM(0x100)
ram_memory.write(0x4, 4, b'NICE')
mc = MemoryController(ram_memory, 0x0F000000, 0x0F000100)
arm.mem.memories.append(mc)
opcode = arm.decode_instruction(arm.opcode)
opcode = opcode.from_bitarray(arm.opcode, arm)
assert isinstance(opcode, LdmThumbT1)
assert opcode.wback
assert opcode.n == 0
assert opcode.registers == 0b0000000000000010
arm.registers.set(opcode.n, 0x0F000004)
arm.emulate_cycle()
assert arm.registers.get(1) == struct.unpack('>I', b'ECIN')[0]
assert arm.registers.get(0) == 0x0F000008
