SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

LibAFL_QEMU: Fix snapshots for large mappings (#3252)

Browse Source
This commit is contained in:
WorksButNotTested 2025-05-20 16:30:26 +01:00 committed by GitHub
parent e832e32d52
commit d7eb3bd234
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 13 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
libafl_qemu/src/modules/usermode/snapshot.rs
View File

@ -302,13 +302,12 @@ impl SnapshotModule {
} }
pub fn access(&mut self, addr: GuestAddr, size: usize) { pub fn access(&mut self, addr: GuestAddr, size: usize) {
// ASSUMPTION: the access can only cross 2 pages let start = addr & SNAPSHOT_PAGE_MASK;
debug_assert!(size <= SNAPSHOT_PAGE_SIZE); let end = (addr + size as GuestAddr - 1) & SNAPSHOT_PAGE_MASK;
let page = addr & SNAPSHOT_PAGE_MASK; /* Apparently there is a performance hit to using an inclusive range */
#[allow(clippy::range_plus_one)]
for page in (start..end + 1).step_by(SNAPSHOT_PAGE_SIZE) {
self.page_access(page); self.page_access(page);
let second_page = (addr + size as GuestAddr - 1) & SNAPSHOT_PAGE_MASK;
if page != second_page {
self.page_access(second_page);
} }
} }
@ -920,7 +919,13 @@ where
match i64::from(sys_num) { match i64::from(sys_num) {
SYS_read | SYS_pread64 => { SYS_read | SYS_pread64 => {
let h = emulator_modules.get_mut::<SnapshotModule>().unwrap(); let h = emulator_modules.get_mut::<SnapshotModule>().unwrap();
h.access(a1, a2 as usize); /*
* Only note the access if the call is successful. And only mark the
* portion of the buffer which has actually been modified.
*/
if result != GuestAddr::MAX {
h.access(a1, result as usize);
}
} }
SYS_readlinkat => { SYS_readlinkat => {
let h = emulator_modules.get_mut::<SnapshotModule>().unwrap(); let h = emulator_modules.get_mut::<SnapshotModule>().unwrap();