QEMU
Unicorn Engine
Our great sponsors
| QEMU | Unicorn Engine | |
|---|---|---|
| 190 | 14 | |
| 9,236 | 7,141 | |
| 2.4% | 1.9% | |
| 10.0 | 1.3 | |
| 7 days ago | 1 day ago | |
| C | C | |
| GNU General Public License v3.0 or later | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
QEMU
-
QEMU Version 9.0.0 Released
My most-wanted QEMU feature: https://github.com/qemu/qemu/commit/a2260983c6553
Using `gic-version=3` on macOS you can now use more than 8 cores on ARM chips.
-
Autoconf makes me think we stopped evolving too soon
A better solution is just to write a plain ass shell script that tests if various C snippets compile.
https://github.com/oilshell/oil/blob/master/configure
https://github.com/oilshell/oil/blob/master/build/detect-pwe...
Not an unholy mix of m4, shell, and C, all in the same file.
---
These are the same style as a the configure scripts that Fabrice Bellard wrote for tcc and QEMU.
They are plain ass shell scripts, because he actually understands the code he writes.
https://github.com/qemu/qemu/blob/master/configure
https://github.com/TinyCC/tinycc/blob/mob/configure
OCaml’s configure script is also “normal”.
You don’t have to copy and paste thousands of lines of GNU stuff that you don’t understand.
(copy of lobste.rs comment)
-
WASM Instructions
Related:
A fast Pascal (Delphi) WebAssembly interpreter:
https://github.com/marat1961/wasm
WASM-4:
https://github.com/aduros/wasm4
Curated list of awesome things regarding WebAssembly (wasm) ecosystem:
https://github.com/mbasso/awesome-wasm
Also, it would be nice if there was a WASM (soft) CPU for QEMU, which (if it existed!) would go here:
https://github.com/qemu/qemu/tree/master/target
-
Revng translates (i386, x86-64, MIPS, ARM, AArch64, s390x) binaries to LLVM IR
> architectural registers are always updated
In tiny code, the guest registers (global TCG variables) are stored in the host's registers until you either call an helper which can access the CPU state or you return (`git grep la_global_sync`). This is the reason why QEMU is not so terribly slow.
But after a check, this also happens when you access the guest memory address space! https://github.com/qemu/qemu/blob/master/include/tcg/tcg-opc... (TCG_OPF_SIDE_EFFECTS is what matters)
But still, in the end, it's the same problem. What QEMU does, can be done in LLVM too. You could probably be more efficient in LLVM by using the exception handling mechanism (invoke and friends) to only serialize back to memory when there's an actual exception, at the cost of higher register pressure. More or less what we do here: https://rev.ng/downloads/bar-2019-paper.pdf
-
State of x86-64 emulation of non-MacOS binaries
Um, in case you don't know, UTM (based on QEMU) is out for quite a while.
-
Multipass: Ubuntu Virtual Machines Made Easy
Some of these tools include Oracle VM VirtualBox (that I've used since before the acquisition of Sun Microsystems by Oracle), VMWare Workstation Player, and QEMU, but last year, I found out about Multipass.
-
Libsodium: A modern, portable, easy to use crypto library
For C/C++ projects that use meson as the build system, there is an excellent way to manage dependencies:
https://mesonbuild.com/Wrapdb-projects.html
https://mesonbuild.com/Wrap-dependency-system-manual.html
meson will download and build the libraries automatically and give you a variable which you pass as a regular dependency into the built target:
https://github.com/qemu/qemu/tree/005ad32358f12fe9313a4a0191...
https://github.com/harfbuzz/harfbuzz/tree/main/subprojects
https://github.com/harfbuzz/harfbuzz/blob/37457412b3212463c5...
Or, if you're using proper operating systems, they're managed by the usual package manager, just like everything else.
-
Top 6 Virtual Machine Software in 2023
For all the users of the Linux platform, QEMU is the VM that you should go for. This software comes without any price tag and works as an emulator of various machines with utmost ease and completion; the software uses dynamic translations to emulate hardware peripherals and enhances its overall performance. If you are using QEMU as a virtualizer, then it will function exactly like the host system (provided you have the right set of hardware).
- Show HN: I'm 17 and wrote this guide on how CPUs run programs
-
UTM for Developers
In this tutorial, we set up macOS and Windows virtual machines on UTM, a macOS application that provides a GUI wrapper for QEMU, a powerful open-source emulator and virtualizer. UTM allows you to easily manage and run virtual machines without memorizing complex commands. It also has special handling for macOS, making it simpler to install compared to other virtual machine software.
Unicorn Engine
- Unicorn: Lightweight multi-platform, multi-architecture CPU emulator framework
- 86Box v4.0
-
Show HN: Tetris, but the blocks are ARM instructions that execute in the browser
OFRAK Tetris is a project I started at work about two weeks ago. It's a web-based game that works on desktop and mobile. I made it for my company to bring to events like DEF CON, and to promote our binary analysis and patching framework called OFRAK.
In the game, 32-bit, little-endian ARM assembly instructions fall, and you can modify the operands before executing them on a CPU emulator. There are two segments mapped – one for instructions, and one for data (though both have read, write, and execute permissions). Your score is a four byte signed integer stored at the virtual address pointed to by the R12 register, and the goal is to use the instructions that fall to make the score value in memory as high as possible. When it's game over, you can download your game as an ELF to relive the glory in GDB on your favorite ARM device.
The CPU emulator is a version of Unicorn (https://www.unicorn-engine.org/) that has been cross-compiled to WebAssembly (https://alexaltea.github.io/unicorn.js/), so everything on the page runs in the browser without the need for any complicated infrastructure on the back end.
Since I've only been working on this for a short period of time leading up to its debut at DEF CON, there are still many more features I'd eventually like to implement. These include adding support for other ISAs besides ARM, adding an instruction reference manual, and lots of little cleanups, bug fixes, and adjustments.
My highest score is 509,644,979, but my average is about 131,378.
I look forward to feedback, bug reports, feature requests, and strategy discussions!
-
It Takes 6 Days to Change 1 Line of Code
Entails hundreds of hours of single-stepping through that opcode in Linux kernel using an indirect operand pointing toward its own opcode (self-modifying code).
Even the extraordinaire Fabrice Bellard (author of QEMU) admitted that it is broke and did a total rewrite, which fixed tons of other issues.
https://github.com/unicorn-engine/unicorn/issues/364
- FOSS Simulator for debugging C code (even better if it supports some MCUs)
- Unicorn: Lightweight multi-platform, multi-architecture CPU emulation framework
- Unicorn - CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)
-
Vita3K android running Tales of Hearts R - A Glimpse of What's to come
Macdu (Vita3K dev) also stated that this game is CPU bound so they used a CPU emulator known as unicorn2 , this is also the reason for the slow speed
-
QEMU Version 7.0.0 Released
This is how I found out a snippet of assembly code that can actually distinguished between a KVM hypervisor and most of today’s emulator.
https://github.com/unicorn-engine/unicorn/issues/364
-
Top Python Tools for Malware Analysis. – PythonStacks
Unicorn is missing from that list.
The python CPU emulator with full program counter (PC) and general (and other CPU-specific) register set controls.
I use it to catch fileless malware in the second fastest dynamic manner. Also good for detecting Rowhammer/SPECTRE behaviors.
Disclaimer: one of the contributors and a contractor that frequently deploy this.
https://github.com/unicorn-engine/unicorn
What are some alternatives?
UTM - Virtual machines for iOS and macOS
MicroPython - MicroPython - a lean and efficient Python implementation for microcontrollers and constrained systems
TermuxArch - Experience the pleasure of the Linux command prompt in Android, Chromebook, Fire OS and Windows on smartphone, smartTV, tablet and wearable https://termuxarch.github.io/TermuxArch/
capstone - Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings. [Moved to: https://github.com/capstone-engine/capstone]
Vagrant - Vagrant is a tool for building and distributing development environments.
Reverse-Engineering-Tutorial - A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
xemu - Original Xbox Emulator for Windows, macOS, and Linux (Active Development)
TinyVM - TinyVM is a small, fast, lightweight virtual machine written in pure ANSI C.
em-dosbox - An Emscripten port of DOSBox
box86 - Box86 - Linux Userspace x86 Emulator with a twist, targeted at ARM Linux devices
virt-manager - Desktop tool for managing virtual machines via libvirt
qemu-t8030 - iPhone 11 emulated on QEMU