diff --git a/bindings/gumjs/gumquickstalker.c b/bindings/gumjs/gumquickstalker.c index 7a3be77e2..b08cfb504 100644 --- a/bindings/gumjs/gumquickstalker.c +++ b/bindings/gumjs/gumquickstalker.c @@ -203,7 +203,7 @@ static const JSCFunctionListEntry gumjs_default_iterator_entries[] = JS_CFUNC_DEF ("keep", 0, gumjs_default_iterator_keep), JS_CFUNC_DEF ("putCallout", 0, gumjs_default_iterator_put_callout), JS_CFUNC_DEF ("putChainingReturn", 0, - gumjs_default_iterator_put_chaining_return), + gumjs_default_iterator_put_chaining_return), }; static const JSClassDef gumjs_special_iterator_def = @@ -220,7 +220,7 @@ static const JSCFunctionListEntry gumjs_special_iterator_entries[] = JS_CFUNC_DEF ("keep", 0, gumjs_special_iterator_keep), JS_CFUNC_DEF ("putCallout", 0, gumjs_special_iterator_put_callout), JS_CFUNC_DEF ("putChainingReturn", 0, - gumjs_special_iterator_put_chaining_return), + gumjs_special_iterator_put_chaining_return), }; static const JSClassExoticMethods gumjs_probe_args_exotic_methods = @@ -1024,8 +1024,7 @@ gum_quick_stalker_iterator_put_callout (GumQuickIterator * self, static JSValue gum_quick_stalker_iterator_put_chaining_return (GumQuickIterator * self, - JSContext * ctx, - GumQuickArgs * args) + JSContext * ctx) { gum_stalker_iterator_put_chaining_return (self->handle); @@ -1158,8 +1157,7 @@ GUMJS_DEFINE_FUNCTION (gumjs_default_iterator_put_chaining_return) if (!gum_quick_default_iterator_get (ctx, this_val, core, &self)) return JS_EXCEPTION; - return gum_quick_stalker_iterator_put_chaining_return ( - &self->iterator, ctx, args); + return gum_quick_stalker_iterator_put_chaining_return (&self->iterator, ctx); } static JSValue @@ -1288,8 +1286,7 @@ GUMJS_DEFINE_FUNCTION (gumjs_special_iterator_put_chaining_return) if (!gum_quick_special_iterator_get (ctx, this_val, core, &self)) return JS_EXCEPTION; - return gum_quick_stalker_iterator_put_chaining_return ( - &self->iterator, ctx, args); + return gum_quick_stalker_iterator_put_chaining_return (&self->iterator, ctx); } static void diff --git a/bindings/gumjs/gumv8stalker.cpp b/bindings/gumjs/gumv8stalker.cpp index d86891d14..0d5cee1b6 100644 --- a/bindings/gumjs/gumv8stalker.cpp +++ b/bindings/gumjs/gumv8stalker.cpp @@ -1089,7 +1089,6 @@ gum_v8_stalker_iterator_put_callout (GumV8StalkerIterator * self, static void gum_v8_stalker_iterator_put_chaining_return (GumV8StalkerIterator * self, - const GumV8Args * args, Isolate * isolate) { if (!gum_v8_stalker_iterator_check_valid (self, isolate)) @@ -1189,7 +1188,7 @@ GUMJS_DEFINE_DIRECT_SUBCLASS_METHOD ( gumjs_stalker_default_iterator_put_chaining_return, GumV8StalkerDefaultIterator) { - gum_v8_stalker_iterator_put_chaining_return (&self->iterator, args, isolate); + gum_v8_stalker_iterator_put_chaining_return (&self->iterator, isolate); } static GumV8StalkerSpecialIterator * @@ -1283,7 +1282,7 @@ GUMJS_DEFINE_DIRECT_SUBCLASS_METHOD ( gumjs_stalker_special_iterator_put_chaining_return, GumV8StalkerSpecialIterator) { - gum_v8_stalker_iterator_put_chaining_return (&self->iterator, args, isolate); + gum_v8_stalker_iterator_put_chaining_return (&self->iterator, isolate); } static void diff --git a/gum/backend-arm/gumstalker-arm.c b/gum/backend-arm/gumstalker-arm.c index c09da7854..175672d95 100644 --- a/gum/backend-arm/gumstalker-arm.c +++ b/gum/backend-arm/gumstalker-arm.c @@ -2511,16 +2511,14 @@ gum_stalker_iterator_arm_next (GumStalkerIterator * self, gc->continuation_real_address = instruction->end; return FALSE; } - else if (!skip_implicitly_requested && gum_arm_relocator_eob (rl)) - { + + if (!skip_implicitly_requested && gum_arm_relocator_eob (rl)) return FALSE; - } } instruction = &self->instruction; n_read = gum_arm_relocator_read_one (rl, &instruction->ci); - if (n_read == 0) return FALSE; @@ -2572,10 +2570,9 @@ gum_stalker_iterator_thumb_next (GumStalkerIterator * self, gc->continuation_real_address = instruction->end; return FALSE; } - else if (!skip_implicitly_requested && gum_thumb_relocator_eob (rl)) - { + + if (!skip_implicitly_requested && gum_thumb_relocator_eob (rl)) return FALSE; - } } instruction = &self->instruction; @@ -2643,30 +2640,6 @@ gum_stalker_iterator_keep (GumStalkerIterator * self) gum_stalker_iterator_arm_keep (self); } -void -gum_stalker_iterator_put_chaining_return (GumStalkerIterator * self) -{ - GumExecBlock * block = self->exec_block; - GumGeneratorContext * gc = self->generator_context; - GumBranchTarget target; - - target.type = GUM_TARGET_DIRECT_REG_OFFSET; - GumBranchDirectRegOffset * value = &target.value.direct_reg_offset; - value->reg = ARM_REG_LR; - value->offset = 0; - value->mode = GUM_ARM_MODE_CURRENT; - - if (gc->is_thumb) - { - gum_exec_block_virtualize_thumb_ret_insn (block, &target, false, 0, gc); - } - else - { - gum_exec_block_virtualize_arm_ret_insn (block, &target, ARM_CC_AL, false, - 0, gc); - } -} - GumMemoryAccess gum_stalker_iterator_get_memory_access (GumStalkerIterator * self) { @@ -3440,6 +3413,31 @@ gum_stalker_invoke_callout (GumCalloutEntry * entry, ec->pending_calls--; } +void +gum_stalker_iterator_put_chaining_return (GumStalkerIterator * self) +{ + GumExecBlock * block = self->exec_block; + GumGeneratorContext * gc = self->generator_context; + GumBranchTarget target; + GumBranchDirectRegOffset * value; + + target.type = GUM_TARGET_DIRECT_REG_OFFSET; + value = &target.value.direct_reg_offset; + value->reg = ARM_REG_LR; + value->offset = 0; + value->mode = GUM_ARM_MODE_CURRENT; + + if (gc->is_thumb) + { + gum_exec_block_virtualize_thumb_ret_insn (block, &target, FALSE, 0, gc); + } + else + { + gum_exec_block_virtualize_arm_ret_insn (block, &target, ARM_CC_AL, FALSE, 0, + gc); + } +} + csh gum_stalker_iterator_get_capstone (GumStalkerIterator * self) { @@ -4595,11 +4593,11 @@ gum_exec_block_virtualize_thumb_branch_insn (GumExecBlock * block, gum_exec_block_write_thumb_exec_generated_code (cw, block->ctx); /* - * We MUST do this last to account for IT blocks. gum_thumb_relocator_skip_one will complete - * the IT branch, so if we do this early (like in arm), then the end branch will be relocated into the - * middle of the relocated branch - */ - + * We MUST do this last to account for IT blocks. + * gum_thumb_relocator_skip_one() will complete the IT branch, so if we do + * this early (like on ARM), then the end branch will be relocated into the + * middle of the relocated branch. + */ gum_thumb_relocator_skip_one (gc->thumb_relocator); } @@ -4660,11 +4658,11 @@ gum_exec_block_virtualize_thumb_call_insn (GumExecBlock * block, gum_exec_block_write_thumb_exec_generated_code (gc->thumb_writer, block->ctx); /* - * We MUST do this last to account for IT blocks. gum_thumb_relocator_skip_one will complete - * the IT branch, so if we do this early (like in arm), then the end branch will be relocated into the middle - * of the relocated branch - */ - + * We MUST do this last to account for IT blocks. + * gum_thumb_relocator_skip_one() will complete the IT branch, so if we do + * this early (like on ARM), then the end branch will be relocated into the + * middle of the relocated branch. + */ gum_thumb_relocator_skip_one (gc->thumb_relocator); } @@ -5229,9 +5227,7 @@ gum_exec_block_write_thumb_handle_excluded (GumExecBlock * block, if (target->type == GUM_TARGET_DIRECT_ADDRESS) { if (!check (block->ctx, target->value.direct_address.address)) - { return; - } } if (target->type != GUM_TARGET_DIRECT_ADDRESS) diff --git a/gum/backend-arm64/gumstalker-arm64.c b/gum/backend-arm64/gumstalker-arm64.c index 49d856d9b..823ea4eea 100644 --- a/gum/backend-arm64/gumstalker-arm64.c +++ b/gum/backend-arm64/gumstalker-arm64.c @@ -3021,18 +3021,6 @@ gum_stalker_iterator_keep (GumStalkerIterator * self) self->requirements = requirements; } -void -gum_stalker_iterator_put_chaining_return (GumStalkerIterator * self) -{ - GumExecBlock * block = self->exec_block; - GumGeneratorContext * gc = self->generator_context; - - if ((block->ctx->sink_mask & GUM_RET) != 0) - gum_exec_block_write_ret_event_code (block, gc, GUM_CODE_INTERRUPTIBLE); - - gum_exec_block_write_chaining_return_code (block, gc, ARM64_REG_X30); -} - GumMemoryAccess gum_stalker_iterator_get_memory_access (GumStalkerIterator * self) { @@ -3160,6 +3148,18 @@ gum_stalker_invoke_callout (GumCalloutEntry * entry, ec->pending_calls--; } +void +gum_stalker_iterator_put_chaining_return (GumStalkerIterator * self) +{ + GumExecBlock * block = self->exec_block; + GumGeneratorContext * gc = self->generator_context; + + if ((block->ctx->sink_mask & GUM_RET) != 0) + gum_exec_block_write_ret_event_code (block, gc, GUM_CODE_INTERRUPTIBLE); + + gum_exec_block_write_chaining_return_code (block, gc, ARM64_REG_X30); +} + csh gum_stalker_iterator_get_capstone (GumStalkerIterator * self) { diff --git a/gum/backend-mips/gumstalker-mips.c b/gum/backend-mips/gumstalker-mips.c index 9d4521951..8e3517cdf 100644 --- a/gum/backend-mips/gumstalker-mips.c +++ b/gum/backend-mips/gumstalker-mips.c @@ -206,11 +206,6 @@ gum_stalker_iterator_keep (GumStalkerIterator * self) { } -void -gum_stalker_iterator_put_chaining_return (GumStalkerIterator * self) -{ -} - GumMemoryAccess gum_stalker_iterator_get_memory_access (GumStalkerIterator * self) { @@ -225,6 +220,11 @@ gum_stalker_iterator_put_callout (GumStalkerIterator * self, { } +void +gum_stalker_iterator_put_chaining_return (GumStalkerIterator * self) +{ +} + csh gum_stalker_iterator_get_capstone (GumStalkerIterator * self) { diff --git a/gum/backend-x86/gumstalker-x86.c b/gum/backend-x86/gumstalker-x86.c index 9f1bc4c0c..f8595d836 100644 --- a/gum/backend-x86/gumstalker-x86.c +++ b/gum/backend-x86/gumstalker-x86.c @@ -3245,20 +3245,6 @@ gum_stalker_iterator_keep (GumStalkerIterator * self) self->requirements = requirements; } -void -gum_stalker_iterator_put_chaining_return (GumStalkerIterator * self) -{ - GumExecBlock * block = self->exec_block; - GumGeneratorContext * gc = self->generator_context; - - if ((block->ctx->sink_mask & GUM_RET) != 0) - gum_exec_block_write_ret_event_code (block, gc, GUM_CODE_INTERRUPTIBLE); - - gum_exec_block_write_adjust_depth (block, gc->code_writer, -1); - - gum_exec_block_write_chaining_return_code (block, gc, 0); -} - GumMemoryAccess gum_stalker_iterator_get_memory_access (GumStalkerIterator * self) { @@ -3383,6 +3369,20 @@ gum_stalker_invoke_callout (GumCalloutEntry * entry, ec->pending_calls--; } +void +gum_stalker_iterator_put_chaining_return (GumStalkerIterator * self) +{ + GumExecBlock * block = self->exec_block; + GumGeneratorContext * gc = self->generator_context; + + if ((block->ctx->sink_mask & GUM_RET) != 0) + gum_exec_block_write_ret_event_code (block, gc, GUM_CODE_INTERRUPTIBLE); + + gum_exec_block_write_adjust_depth (block, gc->code_writer, -1); + + gum_exec_block_write_chaining_return_code (block, gc, 0); +} + csh gum_stalker_iterator_get_capstone (GumStalkerIterator * self) { diff --git a/tests/core/arch-arm/stalker-arm.c b/tests/core/arch-arm/stalker-arm.c index 17943c6b1..f100bfb2d 100644 --- a/tests/core/arch-arm/stalker-arm.c +++ b/tests/core/arch-arm/stalker-arm.c @@ -98,10 +98,10 @@ TESTLIST_BEGIN (stalker) TESTENTRY (performance) TESTENTRY (custom_transformer) - TESTENTRY (arm_transformer_should_be_able_to_replace_call_with_callout) - TESTENTRY (arm_transformer_should_be_able_to_replace_jumpout_with_callout) TESTENTRY (arm_callout) TESTENTRY (thumb_callout) + TESTENTRY (arm_transformer_should_be_able_to_replace_call_with_callout) + TESTENTRY (arm_transformer_should_be_able_to_replace_jumpout_with_callout) TESTENTRY (unfollow_should_be_allowed_before_first_transform) TESTENTRY (unfollow_should_be_allowed_mid_first_transform) TESTENTRY (unfollow_should_be_allowed_after_first_transform) @@ -165,11 +165,6 @@ static GLogWriterOutput test_log_writer_func (GLogLevelFlags log_level, const GLogField * fields, gsize n_fields, gpointer user_data); static void duplicate_adds (GumStalkerIterator * iterator, GumStalkerOutput * output, gpointer user_data); -static void replace_call_with_callout (GumStalkerIterator * iterator, - GumStalkerOutput * output, gpointer user_data); -static void replace_jumpout_with_callout (GumStalkerIterator * iterator, - GumStalkerOutput * output, gpointer user_data); -static void callout_set_cool (GumCpuContext * cpu_context, gpointer user_data); static void transform_arm_return_value (GumStalkerIterator * iterator, GumStalkerOutput * output, gpointer user_data); static void on_arm_ret (GumCpuContext * cpu_context, gpointer user_data); @@ -179,6 +174,11 @@ static void transform_thumb_return_value (GumStalkerIterator * iterator, static void on_thumb_ret (GumCpuContext * cpu_context, gpointer user_data); static gboolean is_thumb_pop_pc (const guint8 * bytes, gsize size); +static void replace_call_with_callout (GumStalkerIterator * iterator, + GumStalkerOutput * output, gpointer user_data); +static void replace_jumpout_with_callout (GumStalkerIterator * iterator, + GumStalkerOutput * output, gpointer user_data); +static void callout_set_cool (GumCpuContext * cpu_context, gpointer user_data); static void unfollow_during_transform (GumStalkerIterator * iterator, GumStalkerOutput * output, gpointer user_data); static void test_invalidation_for_current_thread_with_target (GumAddress target, @@ -2780,6 +2780,85 @@ is_thumb_pop_pc (const guint8 * bytes, return memcmp (bytes, pop_pc, size) == 0; } +TESTCODE (arm_simple_call, + 0x04, 0xe0, 0x2d, 0xe5, /* push {lr} */ + 0x0d, 0x00, 0x00, 0xe3, /* mov r0, 13 */ + 0x00, 0x00, 0x00, 0xeb, /* bl bump_number */ + 0x04, 0xf0, 0x9d, 0xe4, /* pop {pc} */ + /* bump_number: */ + 0x25, 0x00, 0x80, 0xe2, /* add r0, 37 */ + 0x1e, 0xff, 0x2f, 0xe1, /* bx lr */ +); + +TESTCASE (arm_transformer_should_be_able_to_replace_call_with_callout) +{ + fixture->transformer = gum_stalker_transformer_make_from_callback ( + replace_call_with_callout, NULL, NULL); + + INVOKE_ARM_EXPECTING (GUM_NOTHING, arm_simple_call, 0xc001); +} + +static void +replace_call_with_callout (GumStalkerIterator * iterator, + GumStalkerOutput * output, + gpointer user_data) +{ + const cs_insn * insn; + static int insn_num = 0; + + while (gum_stalker_iterator_next (iterator, &insn)) + { + if (insn_num == 4) + gum_stalker_iterator_put_callout (iterator, callout_set_cool, NULL, NULL); + else + gum_stalker_iterator_keep (iterator); + insn_num++; + } +} + +TESTCODE (arm_simple_jumpout, + 0x0d, 0x00, 0x00, 0xe3, /* mov r0, 13 */ + 0xff, 0xff, 0xff, 0xea, /* b bump_number */ + /* bump_number: */ + 0x25, 0x00, 0x80, 0xe2, /* add r0, 37 */ + 0x1e, 0xff, 0x2f, 0xe1, /* bx lr */ +); + +TESTCASE (arm_transformer_should_be_able_to_replace_jumpout_with_callout) +{ + fixture->transformer = gum_stalker_transformer_make_from_callback ( + replace_jumpout_with_callout, NULL, NULL); + + INVOKE_ARM_EXPECTING (GUM_EXEC, arm_simple_jumpout, 0xc001); +} + +static void +replace_jumpout_with_callout (GumStalkerIterator * iterator, + GumStalkerOutput * output, + gpointer user_data) +{ + const cs_insn * insn; + + while (gum_stalker_iterator_next (iterator, &insn)) + { + if (insn->id == ARM_INS_B) + { + gum_stalker_iterator_put_callout (iterator, callout_set_cool, NULL, NULL); + gum_stalker_iterator_put_chaining_return (iterator); + continue; + } + + gum_stalker_iterator_keep (iterator); + } +} + +static void +callout_set_cool (GumCpuContext * cpu_context, + gpointer user_data) +{ + cpu_context->r[0] = 0xc001; +} + TESTCASE (unfollow_should_be_allowed_before_first_transform) { UnfollowTransformContext ctx; @@ -3256,89 +3335,6 @@ add_n_return_value_increments (GumStalkerIterator * iterator, } } -TESTCODE (arm_simple_call, - 0x04, 0xe0, 0x2d, 0xe5, /* push {lr} */ - 0x0d, 0x00, 0x00, 0xe3, /* mov r0, 13 */ - 0x00, 0x00, 0x00, 0xeb, /* bl bump_number */ - 0x04, 0xf0, 0x9d, 0xe4, /* pop {pc} */ - /* bump_number: */ - 0x25, 0x00, 0x80, 0xe2, /* add r0, 37 */ - 0x1e, 0xff, 0x2f, 0xe1, /* bx lr */ -); - -TESTCASE (arm_transformer_should_be_able_to_replace_call_with_callout) -{ - fixture->transformer = gum_stalker_transformer_make_from_callback ( - replace_call_with_callout, NULL, NULL); - - INVOKE_ARM_EXPECTING (GUM_NOTHING, arm_simple_call, 0xc001); -} - -static void -replace_call_with_callout (GumStalkerIterator * iterator, - GumStalkerOutput * output, - gpointer user_data) -{ - const cs_insn * insn; - static int insn_num = 0; - while (gum_stalker_iterator_next (iterator, &insn)) - { - if (insn_num == 4) - { - gum_stalker_iterator_put_callout (iterator, callout_set_cool, - NULL, NULL); - } - else - { - gum_stalker_iterator_keep (iterator); - } - insn_num++; - } -} - -TESTCODE (arm_simple_jumpout, - 0x0d, 0x00, 0x00, 0xe3, /* mov r0, 13 */ - 0xff, 0xff, 0xff, 0xea, /* b bump_number */ - /* bump_number: */ - 0x25, 0x00, 0x80, 0xe2, /* add r0, 37 */ - 0x1e, 0xff, 0x2f, 0xe1, /* bx lr */ -); - -TESTCASE (arm_transformer_should_be_able_to_replace_jumpout_with_callout) -{ - fixture->transformer = gum_stalker_transformer_make_from_callback ( - replace_jumpout_with_callout, NULL, NULL); - - INVOKE_ARM_EXPECTING (GUM_EXEC, arm_simple_jumpout, 0xc001); -} - -static void -replace_jumpout_with_callout (GumStalkerIterator * iterator, - GumStalkerOutput * output, - gpointer user_data) -{ - const cs_insn * insn; - - while (gum_stalker_iterator_next (iterator, &insn)) - { - if (insn->id == ARM_INS_B) - { - gum_stalker_iterator_put_callout (iterator, callout_set_cool, - NULL, NULL); - gum_stalker_iterator_put_chaining_return (iterator); - continue; - } - gum_stalker_iterator_keep (iterator); - } -} - -static void -callout_set_cool (GumCpuContext * cpu_context, - gpointer user_data) -{ - cpu_context->r[0] = 0xc001; -} - TESTCODE (arm_ldrex_strex, 0x44, 0x00, 0x9f, 0xe5, /* ldr r0, [pointer_to_value] */ /* retry: */ diff --git a/tests/core/arch-arm64/stalker-arm64.c b/tests/core/arch-arm64/stalker-arm64.c index ba3526a5d..abfa20e41 100644 --- a/tests/core/arch-arm64/stalker-arm64.c +++ b/tests/core/arch-arm64/stalker-arm64.c @@ -571,7 +571,7 @@ TESTCASE (transformer_should_be_able_to_replace_call_with_callout) code_template, sizeof (code_template)); fixture->transformer = gum_stalker_transformer_make_from_callback ( - replace_call_with_callout, func, NULL); + replace_call_with_callout, func, NULL); ret = test_arm64_stalker_fixture_follow_and_invoke (fixture, func, 0); g_assert_cmpuint (ret, ==, 0xc001); @@ -602,7 +602,7 @@ TESTCASE (transformer_should_be_able_to_replace_tailjump_with_callout) guint32 code_template[] = { 0xd280a280, /* mov x0, #1300 */ - 0x14000001, /* b bump_number */ + 0x14000001, /* b bump_number */ /* bump_number: */ 0x91009400, /* add x0, x0, #37 */ 0xd65f03c0, /* ret */ @@ -614,7 +614,7 @@ TESTCASE (transformer_should_be_able_to_replace_tailjump_with_callout) code_template, sizeof (code_template)); fixture->transformer = gum_stalker_transformer_make_from_callback ( - replace_jmp_with_callout, func, NULL); + replace_jmp_with_callout, func, NULL); ret = test_arm64_stalker_fixture_follow_and_invoke (fixture, func, 0); g_assert_cmpuint (ret, ==, 0xc001); diff --git a/tests/core/arch-x86/stalker-x86.c b/tests/core/arch-x86/stalker-x86.c index 790dfea5a..82849e6b2 100644 --- a/tests/core/arch-x86/stalker-x86.c +++ b/tests/core/arch-x86/stalker-x86.c @@ -1030,7 +1030,7 @@ TESTCASE (transformer_should_be_able_to_replace_call_with_callout) code_template, sizeof (code_template)); fixture->transformer = gum_stalker_transformer_make_from_callback ( - replace_call_with_callout, func, NULL); + replace_call_with_callout, func, NULL); ret = test_stalker_fixture_follow_and_invoke (fixture, func, 0); g_assert_cmpuint (ret, ==, 0xc001); @@ -1060,12 +1060,12 @@ TESTCASE (transformer_should_be_able_to_replace_tailjump_with_callout) { guint8 code_template[] = { - 0xb8, 0x14, 0x05, 0x00, 0x00, /* mov eax, 1300 */ - 0xeb, 0x01, /* jmp bump_number */ - 0x90, /* nop */ - /* bump_number: */ - 0x83, 0xc0, 0x25, /* add eax, 37 */ - 0xc3, /* ret */ + 0xb8, 0x14, 0x05, 0x00, 0x00, /* mov eax, 1300 */ + 0xeb, 0x01, /* jmp bump_number */ + 0x90, /* nop */ + /* bump_number: */ + 0x83, 0xc0, 0x25, /* add eax, 37 */ + 0xc3, /* ret */ }; StalkerTestFunc func; gint ret; @@ -1074,7 +1074,7 @@ TESTCASE (transformer_should_be_able_to_replace_tailjump_with_callout) code_template, sizeof (code_template)); fixture->transformer = gum_stalker_transformer_make_from_callback ( - replace_jmp_with_callout, func, NULL); + replace_jmp_with_callout, func, NULL); ret = test_stalker_fixture_follow_and_invoke (fixture, func, 0); g_assert_cmpuint (ret, ==, 0xc001); @@ -1105,11 +1105,7 @@ static void callout_set_cool (GumCpuContext * cpu_context, gpointer user_data) { -#if GLIB_SIZEOF_VOID_P == 8 - cpu_context->rax = 0xc001; -#else - cpu_context->eax = 0xc001; -#endif + GUM_CPU_CONTEXT_XAX (cpu_context) = 0xc001; } TESTCASE (unfollow_should_be_allowed_before_first_transform)