From 8db5524416b52c999459f1fe3373846bdcb23ac1 Mon Sep 17 00:00:00 2001 From: Andrea Fioraldi Date: Tue, 21 Nov 2023 15:28:07 +0100 Subject: [PATCH] Remove unused and duplicate code --- accel/tcg/cpu-exec.c | 14 +++----------- accel/tcg/tcg-runtime.c | 8 -------- cpu-target.c | 2 -- libafl_extras/exit.c | 33 ++++++++++++++------------------- libafl_extras/exit.h | 3 ++- linux-user/aarch64/cpu_loop.c | 10 +++++++--- linux-user/arm/cpu_loop.c | 10 +++++++--- linux-user/cpu_loop-common.h | 2 +- linux-user/hexagon/cpu_loop.c | 10 +++++++--- linux-user/i386/cpu_loop.c | 8 ++++++-- linux-user/mips/cpu_loop.c | 8 ++++++-- linux-user/ppc/cpu_loop.c | 14 ++++++++++++-- 12 files changed, 65 insertions(+), 57 deletions(-) diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c index e6f175bb8f..b81702c471 100644 --- a/accel/tcg/cpu-exec.c +++ b/accel/tcg/cpu-exec.c @@ -715,7 +715,7 @@ static inline void cpu_handle_debug_exception(CPUState *cpu) //// --- Begin LibAFL code --- -void libafl_sync_exit_cpu(void); +#include "libafl_extras/exit.h" //// --- End LibAFL code --- @@ -723,8 +723,6 @@ static inline bool cpu_handle_exception(CPUState *cpu, int *ret) { //// --- Begin LibAFL code --- -#define EXCP_LIBAFL_EXIT 0xf4775747 - if (cpu->exception_index == EXCP_LIBAFL_EXIT) { *ret = cpu->exception_index; cpu->exception_index = -1; @@ -992,8 +990,6 @@ TranslationBlock *libafl_gen_edge(CPUState *cpu, target_ulong src_block, target_ulong dst_block, int exit_n, target_ulong cs_base, uint32_t flags, int cflags); -extern __thread int libafl_valid_current_cpu; - //// --- End LibAFL code --- /* main execution loop */ @@ -1102,6 +1098,8 @@ cpu_exec_loop(CPUState *cpu, SyncClocks *sc) } if (has_libafl_edge) { + // execute the edge to make sure to log it the first execution + // the edge will then jump to the translated block cpu_loop_exec_tb(cpu, edge, last_tb_pc, &last_tb, &tb_exit, &last_tb_pc); } else { cpu_loop_exec_tb(cpu, tb, pc, &last_tb, &tb_exit, &last_tb_pc); @@ -1135,12 +1133,6 @@ int cpu_exec(CPUState *cpu) /* replay_interrupt may need current_cpu */ current_cpu = cpu; -//// --- Begin LibAFL code --- - - libafl_valid_current_cpu = 1; - -//// --- End LibAFL code --- - if (cpu_handle_halt(cpu)) { return EXCP_HALTED; } diff --git a/accel/tcg/tcg-runtime.c b/accel/tcg/tcg-runtime.c index 216a325c4b..c55d3c2eec 100644 --- a/accel/tcg/tcg-runtime.c +++ b/accel/tcg/tcg-runtime.c @@ -132,14 +132,6 @@ void libafl_load_qemu_snapshot(char *name, bool sync) #endif -#define EXCP_LIBAFL_EXIT 0xf4775747 - -#ifdef CONFIG_USER_ONLY -extern __thread int libafl_qemu_break_asap; -#else -extern int libafl_qemu_break_asap; -#endif - void HELPER(libafl_qemu_handle_breakpoint)(CPUArchState *env, uint64_t pc) { CPUState* cpu = env_cpu(env); diff --git a/cpu-target.c b/cpu-target.c index 4aec51bbac..8b8c90327c 100644 --- a/cpu-target.c +++ b/cpu-target.c @@ -72,8 +72,6 @@ struct libafl_hook { struct libafl_hook* libafl_qemu_hooks[LIBAFL_TABLES_SIZE]; size_t libafl_qemu_hooks_num = 0; -__thread int libafl_valid_current_cpu = 0; - static __thread GByteArray *libafl_qemu_mem_buf = NULL; target_ulong libafl_page_from_addr(target_ulong addr); diff --git a/libafl_extras/exit.c b/libafl_extras/exit.c index 707dbe840e..d5e4549cac 100644 --- a/libafl_extras/exit.c +++ b/libafl_extras/exit.c @@ -3,40 +3,36 @@ #include "sysemu/runstate.h" #include "cpu.h" -// TODO: merge with definition in tcg-runtime.c -#define EXCP_LIBAFL_EXIT 0xf4775747 - #ifdef CONFIG_USER_ONLY -__thread int libafl_qemu_break_asap = 0; -__thread CPUState* libafl_breakpoint_cpu; -__thread vaddr libafl_breakpoint_pc; -static __thread struct libafl_exit_reason last_exit_reason; +#define THREAD_MODIFIER __thread #else -static struct libafl_exit_reason last_exit_reason; +#define THREAD_MODIFIER #endif +static THREAD_MODIFIER struct libafl_exit_reason last_exit_reason; +static THREAD_MODIFIER bool expected_exit = false; + #if defined(TARGET_ARM) && !defined(TARGET_AARCH64) -#define THUMB_MASK(value) (value | cpu_env(libafl_breakpoint_cpu)->thumb) +#define THUMB_MASK(cpu, value) (value | cpu_env(cpu)->thumb) #else -#define THUMB_MASK(value) value +#define THUMB_MASK(cpu, value) value #endif -static bool expected_exit = false; - +// called before exiting the cpu exec with the custom exception void libafl_sync_exit_cpu(void) { if (last_exit_reason.next_pc) { CPUClass* cc = CPU_GET_CLASS(last_exit_reason.cpu); - cc->set_pc(last_exit_reason.cpu, THUMB_MASK(last_exit_reason.next_pc)); + cc->set_pc(last_exit_reason.cpu, THUMB_MASK(last_exit_reason.cpu, last_exit_reason.next_pc)); } last_exit_reason.next_pc = 0; } -bool libafl_exit_asap(void){ - return last_exit_reason.exit_asap; +bool libafl_exit_asap(void) { + return expected_exit; } -static void prepare_qemu_exit(CPUState* cpu, ulong next_pc) +static void prepare_qemu_exit(CPUState* cpu, target_ulong next_pc) { expected_exit = true; last_exit_reason.cpu = cpu; @@ -44,13 +40,12 @@ static void prepare_qemu_exit(CPUState* cpu, ulong next_pc) #ifndef CONFIG_USER_ONLY qemu_system_debug_request(); - cpu->stopped = true; + cpu->stopped = true; // TODO check if still needed #endif + // in usermode, this may be called from the syscall hook, thus already out of the cpu_exec but still in the cpu_loop if (cpu->running) { cpu->exception_index = EXCP_LIBAFL_EXIT; cpu_loop_exit(cpu); - } else { - last_exit_reason.exit_asap = 1; } } diff --git a/libafl_extras/exit.h b/libafl_extras/exit.h index bcf9ae4e60..af72d9b2b6 100644 --- a/libafl_extras/exit.h +++ b/libafl_extras/exit.h @@ -3,6 +3,8 @@ #include "qemu/osdep.h" #include "exec/cpu-defs.h" +#define EXCP_LIBAFL_EXIT 0xf4775747 + enum libafl_exit_reason_kind { BREAKPOINT = 0, SYNC_BACKDOOR = 1 @@ -18,7 +20,6 @@ struct libafl_exit_reason { enum libafl_exit_reason_kind kind; CPUState* cpu; // CPU that triggered an exit. vaddr next_pc; // The PC that should be stored in the CPU when re-entering. - int exit_asap; // TODO: add a field to CPU union { struct libafl_exit_reason_breakpoint breakpoint; // kind == BREAKPOINT struct libafl_exit_reason_sync_backdoor backdoor; // kind == SYNC_BACKDOOR diff --git a/linux-user/aarch64/cpu_loop.c b/linux-user/aarch64/cpu_loop.c index 0c1d940fca..9cb4ce02b4 100644 --- a/linux-user/aarch64/cpu_loop.c +++ b/linux-user/aarch64/cpu_loop.c @@ -82,11 +82,17 @@ void cpu_loop(CPUARMState *env) int trapnr, ec, fsc, si_code, si_signo; abi_long ret; +//// --- Begin LibAFL code --- + + libafl_exit_signal_vm_start(); + +//// --- End LibAFL code --- + for (;;) { //// --- Begin LibAFL code --- - if (libafl_qemu_break_asap) return; + if (libafl_exit_asap()) return; //// --- End LibAFL code --- @@ -99,8 +105,6 @@ void cpu_loop(CPUARMState *env) //// --- Begin LibAFL code --- -#define EXCP_LIBAFL_EXIT 0xf4775747 - case EXCP_LIBAFL_EXIT: return; diff --git a/linux-user/arm/cpu_loop.c b/linux-user/arm/cpu_loop.c index 812317d71b..5f9d727420 100644 --- a/linux-user/arm/cpu_loop.c +++ b/linux-user/arm/cpu_loop.c @@ -323,11 +323,17 @@ void cpu_loop(CPUARMState *env) unsigned int n, insn; abi_ulong ret; +//// --- Begin LibAFL code --- + + libafl_exit_signal_vm_start(); + +//// --- End LibAFL code --- + for(;;) { //// --- Begin LibAFL code --- - if (libafl_qemu_break_asap) return; + if (libafl_exit_asap()) return; //// --- End LibAFL code --- @@ -340,8 +346,6 @@ void cpu_loop(CPUARMState *env) //// --- Begin LibAFL code --- -#define EXCP_LIBAFL_EXIT 0xf4775747 - case EXCP_LIBAFL_EXIT: return; diff --git a/linux-user/cpu_loop-common.h b/linux-user/cpu_loop-common.h index 34ec83e407..d49e431660 100644 --- a/linux-user/cpu_loop-common.h +++ b/linux-user/cpu_loop-common.h @@ -25,7 +25,7 @@ //// --- Begin LibAFL code --- -extern __thread int libafl_qemu_break_asap; +#include "libafl_extras/exit.h" //// --- End LibAFL code --- diff --git a/linux-user/hexagon/cpu_loop.c b/linux-user/hexagon/cpu_loop.c index 0fe37e1865..ecc80a2bee 100644 --- a/linux-user/hexagon/cpu_loop.c +++ b/linux-user/hexagon/cpu_loop.c @@ -32,11 +32,17 @@ void cpu_loop(CPUHexagonState *env) target_ulong syscallnum; target_ulong ret; +//// --- Begin LibAFL code --- + + libafl_exit_signal_vm_start(); + +//// --- End LibAFL code --- + for (;;) { //// --- Begin LibAFL code --- - if (libafl_qemu_break_asap) return; + if (libafl_exit_asap()) return; //// --- End LibAFL code --- @@ -49,8 +55,6 @@ void cpu_loop(CPUHexagonState *env) //// --- Begin LibAFL code --- -#define EXCP_LIBAFL_EXIT 0xf4775747 - case EXCP_LIBAFL_EXIT: return; diff --git a/linux-user/i386/cpu_loop.c b/linux-user/i386/cpu_loop.c index 4a5578c59a..c54ff69275 100644 --- a/linux-user/i386/cpu_loop.c +++ b/linux-user/i386/cpu_loop.c @@ -209,6 +209,12 @@ void cpu_loop(CPUX86State *env) int trapnr; abi_ulong ret; +//// --- Begin LibAFL code --- + + libafl_exit_signal_vm_start(); + +//// --- End LibAFL code --- + for(;;) { //// --- Begin LibAFL code --- @@ -226,8 +232,6 @@ void cpu_loop(CPUX86State *env) //// --- Begin LibAFL code --- -#define EXCP_LIBAFL_EXIT 0xf4775747 - case EXCP_LIBAFL_EXIT: return; diff --git a/linux-user/mips/cpu_loop.c b/linux-user/mips/cpu_loop.c index 0f32413402..daa9607761 100644 --- a/linux-user/mips/cpu_loop.c +++ b/linux-user/mips/cpu_loop.c @@ -70,6 +70,12 @@ void cpu_loop(CPUMIPSState *env) unsigned int syscall_num; # endif +//// --- Begin LibAFL code --- + + libafl_exit_signal_vm_start(); + +//// --- End LibAFL code --- + for(;;) { //// --- Begin LibAFL code --- @@ -87,8 +93,6 @@ void cpu_loop(CPUMIPSState *env) //// --- Begin LibAFL code --- -#define EXCP_LIBAFL_EXIT 0xf4775747 - case EXCP_LIBAFL_EXIT: return; diff --git a/linux-user/ppc/cpu_loop.c b/linux-user/ppc/cpu_loop.c index a9cd9c5d42..8f81001cfb 100644 --- a/linux-user/ppc/cpu_loop.c +++ b/linux-user/ppc/cpu_loop.c @@ -71,9 +71,21 @@ void cpu_loop(CPUPPCState *env) int trapnr, si_signo, si_code; target_ulong ret; +//// --- Begin LibAFL code --- + + libafl_exit_signal_vm_start(); + +//// --- End LibAFL code --- + for(;;) { bool arch_interrupt; +//// --- Begin LibAFL code --- + + if (libafl_exit_asap()) return; + +//// --- End LibAFL code --- + cpu_exec_start(cs); trapnr = cpu_exec(cs); cpu_exec_end(cs); @@ -84,8 +96,6 @@ void cpu_loop(CPUPPCState *env) //// --- Begin LibAFL code --- -#define EXCP_LIBAFL_EXIT 0xf4775747 - case EXCP_LIBAFL_EXIT: return;