Introduce libafl_breakpoint_cpu

2022-11-22 17:39:16 +01:00 · 2022-11-22 17:39:16 +01:00 · 6db12fe4df
commit 6db12fe4df
parent f26a5ca613
3 changed files with 24 additions and 1 deletions
--- a/accel/tcg/tcg-runtime.c
+++ b/accel/tcg/tcg-runtime.c
@ -128,13 +128,16 @@ void libafl_load_qemu_snapshot(char *name, bool sync)

 int libafl_qemu_break_asap = 0;

+CPUState* libafl_breakpoint_cpu;
+
 void libafl_qemu_trigger_breakpoint(CPUState* cpu);

 void libafl_qemu_trigger_breakpoint(CPUState* cpu)
 {
 #ifndef CONFIG_USER_ONLY
-    qemu_system_debug_request();
+    libafl_breakpoint_cpu = cpu;
    cpu->stopped = true;
+    qemu_system_debug_request();
 #else
    if (cpu->running) {
        cpu->exception_index = EXCP_LIBAFL_BP;
--- a/cpu.c
+++ b/cpu.c
@ -98,6 +98,8 @@ int libafl_qemu_remove_hook(size_t num, int invalidate);
 struct libafl_hook* libafl_search_hook(target_ulong addr);
 void libafl_flush_jit(void);

+extern CPUState* libafl_breakpoint_cpu;
+
 /*
 void* libafl_qemu_g2h(CPUState *cpu, target_ulong x);
 target_ulong libafl_qemu_h2g(CPUState *cpu, void* x);
@ -149,6 +151,11 @@ int libafl_qemu_num_cpus(void)

 CPUState* libafl_qemu_current_cpu(void)
 {
+#ifndef CONFIG_USER_ONLY
+    if (current_cpu == NULL) {
+        return libafl_breakpoint_cpu;
+    }
+#endif
    return current_cpu;
 }

--- a/softmmu/cpus.c
+++ b/softmmu/cpus.c
@ -717,8 +717,21 @@ int vm_prepare_start(bool step_pending)
    return 0;
 }

+//// --- Begin LibAFL code ---
+
+extern CPUState* libafl_breakpoint_cpu;
+
+//// --- End LibAFL code ---
+
 void vm_start(void)
 {
+
+//// --- Begin LibAFL code ---
+
+    libafl_breakpoint_cpu = NULL; // Rely on current_cpu in the hooks
+
+//// --- End LibAFL code ---
+
    if (!vm_prepare_start(false)) {
        resume_all_vcpus();
    }