diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c index b770c633d7..7afd06d468 100644 --- a/accel/tcg/translator.c +++ b/accel/tcg/translator.c @@ -178,22 +178,22 @@ void translator_loop(CPUState *cpu, TranslationBlock *tb, int *max_insns, struct libafl_hook* hk = libafl_search_hook(db->pc_next); if (hk) { - TCGv_i64 tmp1 = tcg_constant_i64(hk->data); + TCGv_i64 tmp0 = tcg_constant_i64(hk->data); #if TARGET_LONG_BITS == 32 - TCGv_i32 tmp0 = tcg_constant_i32(db->pc_next); - TCGTemp *tmp2[2] = { tcgv_i32_temp(tmp0), tcgv_i64_temp(tmp1) }; + TCGv_i32 tmp1 = tcg_constant_i32(db->pc_next); + TCGTemp *tmp2[2] = { tcgv_i64_temp(tmp0), tcgv_i32_temp(tmp1) }; #else - TCGv_i64 tmp0 = tcg_constant_i64(db->pc_next); + TCGv_i64 tmp1 = tcg_constant_i64(db->pc_next); TCGTemp *tmp2[2] = { tcgv_i64_temp(tmp0), tcgv_i64_temp(tmp1) }; #endif // tcg_gen_callN(hk->callback, NULL, 2, tmp2); tcg_gen_callN(&hk->helper_info, NULL, tmp2); #if TARGET_LONG_BITS == 32 - tcg_temp_free_i32(tmp0); + tcg_temp_free_i32(tmp1); #else - tcg_temp_free_i64(tmp0); -#endif tcg_temp_free_i64(tmp1); +#endif + tcg_temp_free_i64(tmp0); } struct libafl_breakpoint* bp = libafl_qemu_breakpoints; diff --git a/libafl_extras/hook.c b/libafl_extras/hook.c index 74d9b4e000..99534b4275 100644 --- a/libafl_extras/hook.c +++ b/libafl_extras/hook.c @@ -36,7 +36,7 @@ size_t libafl_qemu_set_hook(target_ulong pc, void (*callback)(uint64_t data, tar hk->helper_info.func = callback; hk->helper_info.name = "libafl_hook"; hk->helper_info.flags = dh_callflag(void); - hk->helper_info.typemask = dh_typemask(void, 0) | dh_typemask(tl, 1) | dh_typemask(i64, 2); + hk->helper_info.typemask = dh_typemask(void, 0) | dh_typemask(i64, 1) | dh_typemask(tl, 2); // TODO check for overflow hk->num = libafl_qemu_hooks_num++; hk->next = libafl_qemu_hooks[idx];