Skip to content

Issues with "lw" not consistently calling the "UC_HOOK_MEM_READ" on RISC-V #2229

New issue
New issue
Open
Open
Issues with "lw" not consistently calling the "UC_HOOK_MEM_READ" on RISC-V#2229
@LatinScribe

Description

@LatinScribe
LatinScribe
opened on Aug 15, 2025

As discussed in #2124 , I've been having issues with the RISC-V unicorn emulator not calling the "UC_HOOK_MEM_READ" with "lw" instructions (it works fine and calls UC_HOOK_MEM_WRITE for the same "sw" instruction, I haven't tested other instructions yet).

Below is what I'm doing and what I'm seeing. If there is anyway I can provide more helpful details, please let me know. I think there is a way to turn on a "debugging" mode on unicorn, but I'm not sure how to enable it when using unicorn as a Python package.

  1. Here is where we set up unicorn with the appropriate hooks:
Image

(this is what the hook should call, but it's not that important):

Image
  1. As a side note, I had issues when also trying to enable "UC_HOOK_MEM_READ_AFTER", it would raise an "Invalid argument" error (see below):
Image
  1. Executing the test case (emu_start):
Image
  1. First test case (just some loads and stores)
Image
  1. Result of running first test case:
[more stuff before this...]

[model] Instruction name: ADDI, operands: ['X28', 'X0', '3']
[model UnicornSeq] Tracing instruction: address=0xff600000800e0006, size=2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model PCTracer] Observing instruction: address=0xff600000800e0006, size=2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model UnicornTracer] Adding PC address 0xff600000800e0006 to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247810, 18401708079584247812]
[model UnicornTracer] Trace after adding PC address: [18401708079584247808, 18401708079584247810, 18401708079584247812, 18401708079584247814]
[model UnicornTracer] Observing instruction: address=0xff600000800e0006, size=2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>

[model] Instruction fetch successful! Current instruction: SW X5, [0(X27)] with adress key 8, address 0xff600000800e0008 and size 4

[model] Instruction name: SW, operands: ['X5', '0(X27)']
[model UnicornSeq] Tracing instruction: address=0xff600000800e0008, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model PCTracer] Observing instruction: address=0xff600000800e0008, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model UnicornTracer] Adding PC address 0xff600000800e0008 to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247810, 18401708079584247812, 18401708079584247814]
[model UnicornTracer] Trace after adding PC address: [18401708079584247808, 18401708079584247810, 18401708079584247812, 18401708079584247814, 18401708079584247816]
[model UnicornTracer] Observing instruction: address=0xff600000800e0008, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model UnicornSeq] Tracing memory access: access=17, address=0xff20000004612000, size=4, value=0x0, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model CTTracer] Observing memory access: access=17, address=0xff20000004612000, size=4, value=0x0, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model UnicornTracer] Adding memory address 0xff20000004612000 to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247810, 18401708079584247812, 18401708079584247814, 18401708079584247816]
[model UnicornTracer] Trace after adding address: [18401708079584247808, 18401708079584247810, 18401708079584247812, 18401708079584247814, 18401708079584247816, 18383693678999838720]
[model UnicornTracer] Observing memory access: access=17, address=0xff20000004612000, size=4, value=0x0, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model UnicornTracer] Checking access 17 against UC_MEM_READ: 16, (UC_MEM_WRITE: 17)

[model UnicornTracer] In execution tracing, observing memory access

[model UnicornTracer] Observed memory access: 0x0 = 0x0
[model UnicornTracer] Updated execution trace: [TracedInstruction(i_address=0, accesses=[]), TracedInstruction(i_address=2, accesses=[]), TracedInstruction(i_address=4, accesses=[]), TracedInstruction(i_address=6, accesses=[]), TracedInstruction(i_address=8, accesses=[TracedMemAccess(m_address=0, value=0, is_store=True)])]

[model] Instruction fetch successful! Current instruction: LW X10, [0(X27)] with adress key 12, address 0xff600000800e000c and size 4

[model] Instruction name: LW, operands: ['X10', '0(X27)']
[model UnicornSeq] Tracing instruction: address=0xff600000800e000c, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model PCTracer] Observing instruction: address=0xff600000800e000c, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model UnicornTracer] Adding PC address 0xff600000800e000c to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247810, 18401708079584247812, 18401708079584247814, 18401708079584247816, 18383693678999838720]
[model UnicornTracer] Trace after adding PC address: [18401708079584247808, 18401708079584247810, 18401708079584247812, 18401708079584247814, 18401708079584247816, 18383693678999838720, 18401708079584247820]
[model UnicornTracer] Observing instruction: address=0xff600000800e000c, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>

[model] Instruction fetch successful! Current instruction: SW X6, [64(X27)] with adress key 16, address 0xff600000800e0010 and size 4

[model] Instruction name: SW, operands: ['X6', '64(X27)']
[model UnicornSeq] Tracing instruction: address=0xff600000800e0010, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model PCTracer] Observing instruction: address=0xff600000800e0010, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model UnicornTracer] Adding PC address 0xff600000800e0010 to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247810, 18401708079584247812, 18401708079584247814, 18401708079584247816, 18383693678999838720, 18401708079584247820]
[model UnicornTracer] Trace after adding PC address: [18401708079584247808, 18401708079584247810, 18401708079584247812, 18401708079584247814, 18401708079584247816, 18383693678999838720, 18401708079584247820, 18401708079584247824]
[model UnicornTracer] Observing instruction: address=0xff600000800e0010, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model UnicornSeq] Tracing memory access: access=17, address=0xff20000004612040, size=4, value=0x1, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model CTTracer] Observing memory access: access=17, address=0xff20000004612040, size=4, value=0x1, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model UnicornTracer] Adding memory address 0xff20000004612040 to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247810, 18401708079584247812, 18401708079584247814, 18401708079584247816, 18383693678999838720, 18401708079584247820, 18401708079584247824]
[model UnicornTracer] Trace after adding address: [18401708079584247808, 18401708079584247810, 18401708079584247812, 18401708079584247814, 18401708079584247816, 18383693678999838720, 18401708079584247820, 18401708079584247824, 18383693678999838784]
[model UnicornTracer] Observing memory access: access=17, address=0xff20000004612040, size=4, value=0x1, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model UnicornTracer] Checking access 17 against UC_MEM_READ: 16, (UC_MEM_WRITE: 17)

[model UnicornTracer] In execution tracing, observing memory access

[model UnicornTracer] Observed memory access: 0x40 = 0x1
[model UnicornTracer] Updated execution trace: [TracedInstruction(i_address=0, accesses=[]), TracedInstruction(i_address=2, accesses=[]), TracedInstruction(i_address=4, accesses=[]), TracedInstruction(i_address=6, accesses=[]), TracedInstruction(i_address=8, accesses=[TracedMemAccess(m_address=0, value=0, is_store=True)]), TracedInstruction(i_address=12, accesses=[]), TracedInstruction(i_address=16, accesses=[TracedMemAccess(m_address=64, value=1, is_store=True)])]

[model] Instruction fetch successful! Current instruction: LW X11, [64(X27)] with adress key 20, address 0xff600000800e0014 and size 4

[model] Instruction name: LW, operands: ['X11', '64(X27)']
[model UnicornSeq] Tracing instruction: address=0xff600000800e0014, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model PCTracer] Observing instruction: address=0xff600000800e0014, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model UnicornTracer] Adding PC address 0xff600000800e0014 to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247810, 18401708079584247812, 18401708079584247814, 18401708079584247816, 18383693678999838720, 18401708079584247820, 18401708079584247824, 18383693678999838784]
[model UnicornTracer] Trace after adding PC address: [18401708079584247808, 18401708079584247810, 18401708079584247812, 18401708079584247814, 18401708079584247816, 18383693678999838720, 18401708079584247820, 18401708079584247824, 18383693678999838784, 18401708079584247828]
[model UnicornTracer] Observing instruction: address=0xff600000800e0014, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>

[model] Instruction fetch successful! Current instruction: SW X7, [0(X27)] with adress key 24, address 0xff600000800e0018 and size 4

[model] Instruction name: SW, operands: ['X7', '0(X27)']
[model UnicornSeq] Tracing instruction: address=0xff600000800e0018, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model PCTracer] Observing instruction: address=0xff600000800e0018, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model UnicornTracer] Adding PC address 0xff600000800e0018 to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247810, 18401708079584247812, 18401708079584247814, 18401708079584247816, 18383693678999838720, 18401708079584247820, 18401708079584247824, 18383693678999838784, 18401708079584247828]
[model UnicornTracer] Trace after adding PC address: [18401708079584247808, 18401708079584247810, 18401708079584247812, 18401708079584247814, 18401708079584247816, 18383693678999838720, 18401708079584247820, 18401708079584247824, 18383693678999838784, 18401708079584247828, 18401708079584247832]
[model UnicornTracer] Observing instruction: address=0xff600000800e0018, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model UnicornSeq] Tracing memory access: access=17, address=0xff20000004612000, size=4, value=0x2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model CTTracer] Observing memory access: access=17, address=0xff20000004612000, size=4, value=0x2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model UnicornTracer] Adding memory address 0xff20000004612000 to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247810, 18401708079584247812, 18401708079584247814, 18401708079584247816, 18383693678999838720, 18401708079584247820, 18401708079584247824, 18383693678999838784, 18401708079584247828, 18401708079584247832]
[model UnicornTracer] Trace after adding address: [18401708079584247808, 18401708079584247810, 18401708079584247812, 18401708079584247814, 18401708079584247816, 18383693678999838720, 18401708079584247820, 18401708079584247824, 18383693678999838784, 18401708079584247828, 18401708079584247832, 18383693678999838720]
[model UnicornTracer] Observing memory access: access=17, address=0xff20000004612000, size=4, value=0x2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffa249c7d0>
[model UnicornTracer] Checking access 17 against UC_MEM_READ: 16, (UC_MEM_WRITE: 17)

[model UnicornTracer] In execution tracing, observing memory access

[model UnicornTracer] Observed memory access: 0x0 = 0x2
[model UnicornTracer] Updated execution trace: [TracedInstruction(i_address=0, accesses=[]), TracedInstruction(i_address=2, accesses=[]), TracedInstruction(i_address=4, accesses=[]), TracedInstruction(i_address=6, accesses=[]), TracedInstruction(i_address=8, accesses=[TracedMemAccess(m_address=0, value=0, is_store=True)]), TracedInstruction(i_address=12, accesses=[]), TracedInstruction(i_address=16, accesses=[TracedMemAccess(m_address=64, value=1, is_store=True)]), TracedInstruction(i_address=20, accesses=[]), TracedInstruction(i_address=24, accesses=[TracedMemAccess(m_address=0, value=2, is_store=True)])]

[model] Instruction fetch successful! Current instruction: LW X12, [0(X27)] with adress key 28, address 0xff600000800e001c and size 4

[continues...]

I can give you the full log if you would like, although I'm not sure how helpful it will be. In summary, we can see that the first "sw" correctly invokes the UC_HOOK_MEM_WRITE hook which causes the memory access to be traced, but the subsequent "lw" to the same address does not call the UC_HOOK_MEM_READ hook.

  1. Running another test case (supposed to be a flavor of spectre v1):
Image
  1. result of run :

Iteration one (UC_HOOK_MEM_READ called twice????)


[model] Instruction fetch successful! Current instruction: C.BEQZ X11, .L_L1 with adress key 64, address 0xff600000800e0040 and size 2

[model] Instruction name: C.BEQZ, operands: ['X11', '.L_L1']
[model UnicornSeq] Tracing instruction: address=0xff600000800e0040, size=2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model PCTracer] Observing instruction: address=0xff600000800e0040, size=2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model UnicornTracer] Adding PC address 0xff600000800e0040 to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868]
[model UnicornTracer] Trace after adding PC address: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872]
[model UnicornTracer] Observing instruction: address=0xff600000800e0040, size=2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>

[model] Instruction fetch successful! Current instruction: ADD X5, X10, X27 with adress key 66, address 0xff600000800e0042 and size 4

[model] Instruction name: ADD, operands: ['X5', 'X10', 'X27']
[model UnicornSeq] Tracing instruction: address=0xff600000800e0042, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model PCTracer] Observing instruction: address=0xff600000800e0042, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model UnicornTracer] Adding PC address 0xff600000800e0042 to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872]
[model UnicornTracer] Trace after adding PC address: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872, 18401708079584247874]
[model UnicornTracer] Observing instruction: address=0xff600000800e0042, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>

[model] Instruction fetch successful! Current instruction: LW X10, [0X5] with adress key 70, address 0xff600000800e0046 and size 4

[model] Instruction name: LW, operands: ['X10', '0X5']
[model UnicornSeq] Tracing instruction: address=0xff600000800e0046, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model PCTracer] Observing instruction: address=0xff600000800e0046, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model UnicornTracer] Adding PC address 0xff600000800e0046 to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872, 18401708079584247874]
[model UnicornTracer] Trace after adding PC address: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872, 18401708079584247874, 18401708079584247878]
[model UnicornTracer] Observing instruction: address=0xff600000800e0046, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model UnicornSeq] Tracing memory access: access=16, address=0xff200000046126c0, size=4, value=0x0, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model CTTracer] Observing memory access: access=16, address=0xff200000046126c0, size=4, value=0x0, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model UnicornTracer] Adding memory address 0xff200000046126c0 to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872, 18401708079584247874, 18401708079584247878]
[model UnicornTracer] Trace after adding address: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872, 18401708079584247874, 18401708079584247878, 18383693678999840448]
[model UnicornTracer] Observing memory access: access=16, address=0xff200000046126c0, size=4, value=0x0, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model UnicornTracer] Checking access 16 against UC_MEM_READ: 16, (UC_MEM_WRITE: 17)

[model UnicornTracer] In execution tracing, observing memory access

[model UnicornTracer] Observed memory access: 0x6c0 = 0x55a3
[model UnicornTracer] Updated execution trace: [TracedInstruction(i_address=0, accesses=[]), TracedInstruction(i_address=4, accesses=[]), TracedInstruction(i_address=8, accesses=[]), TracedInstruction(i_address=12, accesses=[]), TracedInstruction(i_address=16, accesses=[]), TracedInstruction(i_address=20, accesses=[]), TracedInstruction(i_address=22, accesses=[]), TracedInstruction(i_address=24, accesses=[]), TracedInstruction(i_address=26, accesses=[]), TracedInstruction(i_address=28, accesses=[]), TracedInstruction(i_address=30, accesses=[]), TracedInstruction(i_address=32, accesses=[]), TracedInstruction(i_address=34, accesses=[]), TracedInstruction(i_address=36, accesses=[]), TracedInstruction(i_address=38, accesses=[]), TracedInstruction(i_address=40, accesses=[]), TracedInstruction(i_address=42, accesses=[]), TracedInstruction(i_address=44, accesses=[]), TracedInstruction(i_address=46, accesses=[]), TracedInstruction(i_address=48, accesses=[]), TracedInstruction(i_address=50, accesses=[]), TracedInstruction(i_address=52, accesses=[]), TracedInstruction(i_address=54, accesses=[]), TracedInstruction(i_address=56, accesses=[]), TracedInstruction(i_address=58, accesses=[]), TracedInstruction(i_address=60, accesses=[]), TracedInstruction(i_address=64, accesses=[]), TracedInstruction(i_address=66, accesses=[]), TracedInstruction(i_address=70, accesses=[TracedMemAccess(m_address=1728, value=21923, is_store=False)])]
[model UnicornSeq] Tracing memory access: access=16, address=0xff200000046126c0, size=4, value=0x0, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model CTTracer] Observing memory access: access=16, address=0xff200000046126c0, size=4, value=0x0, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model UnicornTracer] Adding memory address 0xff200000046126c0 to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872, 18401708079584247874, 18401708079584247878, 18383693678999840448]
[model UnicornTracer] Trace after adding address: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872, 18401708079584247874, 18401708079584247878, 18383693678999840448, 18383693678999840448]
[model UnicornTracer] Observing memory access: access=16, address=0xff200000046126c0, size=4, value=0x0, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model UnicornTracer] Checking access 16 against UC_MEM_READ: 16, (UC_MEM_WRITE: 17)

[model UnicornTracer] In execution tracing, observing memory access

[model UnicornTracer] Observed memory access: 0x6c0 = 0x55a3
[model UnicornTracer] Updated execution trace: [TracedInstruction(i_address=0, accesses=[]), TracedInstruction(i_address=4, accesses=[]), TracedInstruction(i_address=8, accesses=[]), TracedInstruction(i_address=12, accesses=[]), TracedInstruction(i_address=16, accesses=[]), TracedInstruction(i_address=20, accesses=[]), TracedInstruction(i_address=22, accesses=[]), TracedInstruction(i_address=24, accesses=[]), TracedInstruction(i_address=26, accesses=[]), TracedInstruction(i_address=28, accesses=[]), TracedInstruction(i_address=30, accesses=[]), TracedInstruction(i_address=32, accesses=[]), TracedInstruction(i_address=34, accesses=[]), TracedInstruction(i_address=36, accesses=[]), TracedInstruction(i_address=38, accesses=[]), TracedInstruction(i_address=40, accesses=[]), TracedInstruction(i_address=42, accesses=[]), TracedInstruction(i_address=44, accesses=[]), TracedInstruction(i_address=46, accesses=[]), TracedInstruction(i_address=48, accesses=[]), TracedInstruction(i_address=50, accesses=[]), TracedInstruction(i_address=52, accesses=[]), TracedInstruction(i_address=54, accesses=[]), TracedInstruction(i_address=56, accesses=[]), TracedInstruction(i_address=58, accesses=[]), TracedInstruction(i_address=60, accesses=[]), TracedInstruction(i_address=64, accesses=[]), TracedInstruction(i_address=66, accesses=[]), TracedInstruction(i_address=70, accesses=[TracedMemAccess(m_address=1728, value=21923, is_store=False), TracedMemAccess(m_address=1728, value=21923, is_store=False)])]

[model] Instruction fetch successful! Current instruction: C.J .L_L2 with adress key 74, address 0xff600000800e004a and size 2

[model] Instruction name: C.J, operands: ['.L_L2']
[model UnicornSeq] Tracing instruction: address=0xff600000800e004a, size=2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model PCTracer] Observing instruction: address=0xff600000800e004a, size=2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model UnicornTracer] Adding PC address 0xff600000800e004a to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872, 18401708079584247874, 18401708079584247878, 18383693678999840448, 18383693678999840448]
[model UnicornTracer] Trace after adding PC address: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872, 18401708079584247874, 18401708079584247878, 18383693678999840448, 18383693678999840448, 18401708079584247882]
[model UnicornTracer] Observing instruction: address=0xff600000800e004a, size=2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>

[model] Instruction fetch successful! Current instruction: FENCE  with adress key 80, address 0xff600000800e0050 and size 4

Subsequent iterations (hook not invoked):

[model] Instruction name: C.BEQZ, operands: ['X11', '.L_L1']
[model UnicornSeq] Tracing instruction: address=0xff600000800e0040, size=2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model PCTracer] Observing instruction: address=0xff600000800e0040, size=2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model UnicornTracer] Adding PC address 0xff600000800e0040 to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868]
[model UnicornTracer] Trace after adding PC address: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872]
[model UnicornTracer] Observing instruction: address=0xff600000800e0040, size=2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>

[model] Instruction fetch successful! Current instruction: ADD X5, X10, X27 with adress key 66, address 0xff600000800e0042 and size 4

[model] Instruction name: ADD, operands: ['X5', 'X10', 'X27']
[model UnicornSeq] Tracing instruction: address=0xff600000800e0042, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model PCTracer] Observing instruction: address=0xff600000800e0042, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model UnicornTracer] Adding PC address 0xff600000800e0042 to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872]
[model UnicornTracer] Trace after adding PC address: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872, 18401708079584247874]
[model UnicornTracer] Observing instruction: address=0xff600000800e0042, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>

[model] Instruction fetch successful! Current instruction: LW X10, [0X5] with adress key 70, address 0xff600000800e0046 and size 4

[model] Instruction name: LW, operands: ['X10', '0X5']
[model UnicornSeq] Tracing instruction: address=0xff600000800e0046, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model PCTracer] Observing instruction: address=0xff600000800e0046, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model UnicornTracer] Adding PC address 0xff600000800e0046 to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872, 18401708079584247874]
[model UnicornTracer] Trace after adding PC address: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872, 18401708079584247874, 18401708079584247878]
[model UnicornTracer] Observing instruction: address=0xff600000800e0046, size=4, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>

[model] Instruction fetch successful! Current instruction: C.J .L_L2 with adress key 74, address 0xff600000800e004a and size 2

[model] Instruction name: C.J, operands: ['.L_L2']
[model UnicornSeq] Tracing instruction: address=0xff600000800e004a, size=2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model PCTracer] Observing instruction: address=0xff600000800e004a, size=2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>
[model UnicornTracer] Adding PC address 0xff600000800e004a to trace
[model UnicornTracer] Current trace: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872, 18401708079584247874, 18401708079584247878]
[model UnicornTracer] Trace after adding PC address: [18401708079584247808, 18401708079584247812, 18401708079584247816, 18401708079584247820, 18401708079584247824, 18401708079584247828, 18401708079584247830, 18401708079584247832, 18401708079584247834, 18401708079584247836, 18401708079584247838, 18401708079584247840, 18401708079584247842, 18401708079584247844, 18401708079584247846, 18401708079584247848, 18401708079584247850, 18401708079584247852, 18401708079584247854, 18401708079584247856, 18401708079584247858, 18401708079584247860, 18401708079584247862, 18401708079584247864, 18401708079584247866, 18401708079584247868, 18401708079584247872, 18401708079584247874, 18401708079584247878, 18401708079584247882]
[model UnicornTracer] Observing instruction: address=0xff600000800e004a, size=2, model=<src.riscv.riscv_model.RISCVUnicornSeq object at 0xffffffbc588560>

[model] Instruction fetch successful! Current instruction: FENCE  with adress key 80, address 0xff600000800e0050 and size 4

I'm really not sure what is going with this test case. Sometimes the hook is called multiple times, sometimes not at all (this has happened with other test cases as well).

Most runs I have tested now have been using the latest dev branch on this Github:

Image

I hope this info helps! I know that the RISC-V port is still in development, so bugs are to be expected. Let me know if there's anything I can do to help.

Best,
Henry

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions