diff --git a/accel/tcg/tcg-accel-ops-mttcg.c b/accel/tcg/tcg-accel-ops-mttcg.c index 49814ec4af..928dd6fdf0 100644 --- a/accel/tcg/tcg-accel-ops-mttcg.c +++ b/accel/tcg/tcg-accel-ops-mttcg.c @@ -56,6 +56,12 @@ static void mttcg_force_rcu(Notifier *notify, void *data) async_run_on_cpu(cpu, do_nothing, RUN_ON_CPU_NULL); } +//// --- Begin LibAFL code --- + +#include "libafl/exit.h" + +//// --- End LibAFL code --- + /* * In the multi-threaded case each vCPU has its own thread. The TLS * variable current_cpu can be used deep in the code to find the @@ -104,6 +110,11 @@ static void *mttcg_cpu_thread_fn(void *arg) * reset by another thread by the time we arrive here. */ break; +//// --- Begin LibAFL code --- + case EXCP_LIBAFL_EXIT: + cpu->stopped = true; + break; +//// --- End LibAFL code --- case EXCP_ATOMIC: bql_unlock(); cpu_exec_step_atomic(cpu); diff --git a/accel/tcg/tcg-accel-ops-rr.c b/accel/tcg/tcg-accel-ops-rr.c index c59c77da4b..5ce6b4596a 100644 --- a/accel/tcg/tcg-accel-ops-rr.c +++ b/accel/tcg/tcg-accel-ops-rr.c @@ -169,6 +169,12 @@ static int rr_cpu_count(void) return cpu_count; } +//// --- Begin LibAFL code --- + +#include "libafl/exit.h" + +//// --- End LibAFL code --- + /* * In the single-threaded case each vCPU is simulated in turn. If * there is more than a single vCPU we create a simple timer to kick @@ -273,6 +279,12 @@ static void *rr_cpu_thread_fn(void *arg) bql_lock(); break; } +//// --- Begin LibAFL code --- + else if (r == EXCP_LIBAFL_EXIT) { + cpu->stopped = true; + break; + } +//// --- End LibAFL code --- } else if (cpu->stop) { if (cpu->unplug) { cpu = CPU_NEXT(cpu); diff --git a/libafl/exit.c b/libafl/exit.c index 4748bba6f9..28464b3715 100644 --- a/libafl/exit.c +++ b/libafl/exit.c @@ -78,7 +78,6 @@ static void prepare_qemu_exit(CPUState* cpu, target_ulong next_pc) #ifndef CONFIG_USER_ONLY qemu_system_debug_request(); - cpu->stopped = true; // TODO check if still needed #endif // in usermode, this may be called from the syscall hook, thus already out