From fead70c87bb718728847ce2d4ef081f34b57656f Mon Sep 17 00:00:00 2001
From: Alwin Berger <alwin.berger@tu-dortmund.de>
Date: Wed, 26 Feb 2025 10:55:34 +0100
Subject: [PATCH] clear ptimers before each run

---
 hw/timer/armv7m_systick.c            | 20 +++++++++++++++++++-
 include/libafl/interrupt_injection.h |  1 +
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/hw/timer/armv7m_systick.c b/hw/timer/armv7m_systick.c
index b237a97193..a8c9952afd 100644
--- a/hw/timer/armv7m_systick.c
+++ b/hw/timer/armv7m_systick.c
@@ -325,13 +325,31 @@ static void libafl_timed_int_hook(void* arg)
 {
     libafl_send_irq((int)arg);
 }
+/* The state after snapshot reloads is unlcear, try every possible option to disable existing timers */
+void libafl_clear_int_timer( void ) {
+    for (int source=0; source<LIBAFL_MAX_INTERRUPT_SOURCES; source++) {
+        for (int i=0; i<LIBAFL_MAX_INTERRUPTS; i++) {
+            if (libafl_interrupt_timers[source][i]) {
+                // Try stopping the existing timer
+                ptimer_transaction_begin(libafl_interrupt_timers[source][i]);
+                ptimer_stop(libafl_interrupt_timers[source][i]);
+                ptimer_transaction_commit(libafl_interrupt_timers[source][i]);
+                // Try freeing the existing timer
+                ptimer_free(libafl_interrupt_timers[source][i]);
+                libafl_interrupt_timers[source][i] = NULL;
+            }
+        }
+    }
+}
+
 void libafl_start_int_timer( void ) {
+    libafl_clear_int_timer();
     for (int source=0; source<LIBAFL_MAX_INTERRUPT_SOURCES; source++) {
         if (libafl_num_interrupts[source] == 0) {continue;}
         for (int i=0; i<libafl_num_interrupts[source] && i<LIBAFL_MAX_INTERRUPTS; i++) {
             if (libafl_interrupt_offsets[source][i] == 0) {continue;}
             if (!libafl_interrupt_timers[source][i]) {
-                libafl_interrupt_timers[source][i] = ptimer_init(&libafl_timed_int_hook, (void*)source, 0);
+                libafl_interrupt_timers[source][i] = ptimer_init(&libafl_timed_int_hook, (void*)source, PTIMER_POLICY_LEGACY);
             }
             ptimer_transaction_begin(libafl_interrupt_timers[source][i]);
             ptimer_stop(libafl_interrupt_timers[source][i]);
diff --git a/include/libafl/interrupt_injection.h b/include/libafl/interrupt_injection.h
index 9a00f09c65..abcea70522 100644
--- a/include/libafl/interrupt_injection.h
+++ b/include/libafl/interrupt_injection.h
@@ -5,5 +5,6 @@ extern volatile uint32_t libafl_interrupt_offsets[LIBAFL_MAX_INTERRUPT_SOURCES][
 extern volatile uint64_t libafl_num_interrupts[LIBAFL_MAX_INTERRUPT_SOURCES];
 
 static void libafl_timed_int_hook(void*);
+void libafl_clear_int_timer( void );
 void libafl_start_int_timer( void );
 void libafl_send_irq(int irqn);
\ No newline at end of file