Handle PCREL

This commit is contained in:
Andrea Fioraldi 2023-06-02 16:40:34 +02:00
parent bd1f40e27e
commit ae9b1d73dd
4 changed files with 30 additions and 34 deletions

View File

@ -896,9 +896,12 @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
return false; return false;
} }
// LibAFL: Add last_tb_pc arg
static inline void cpu_loop_exec_tb(CPUState *cpu, TranslationBlock *tb, static inline void cpu_loop_exec_tb(CPUState *cpu, TranslationBlock *tb,
target_ulong pc, target_ulong pc,
TranslationBlock **last_tb, int *tb_exit) TranslationBlock **last_tb, int *tb_exit,
target_ulong *last_tb_pc)
{ {
int32_t insns_left; int32_t insns_left;
@ -906,6 +909,10 @@ static inline void cpu_loop_exec_tb(CPUState *cpu, TranslationBlock *tb,
tb = cpu_tb_exec(cpu, tb, tb_exit); tb = cpu_tb_exec(cpu, tb, tb_exit);
if (*tb_exit != TB_EXIT_REQUESTED) { if (*tb_exit != TB_EXIT_REQUESTED) {
*last_tb = tb; *last_tb = tb;
//// --- Begin LibAFL code ---
*last_tb_pc = pc;
//// --- End LibAFL code ---
return; return;
} }
@ -967,6 +974,10 @@ cpu_exec_loop(CPUState *cpu, SyncClocks *sc)
TranslationBlock *last_tb = NULL; TranslationBlock *last_tb = NULL;
int tb_exit = 0; int tb_exit = 0;
//// --- Begin LibAFL code ---
target_ulong last_tb_pc = 0;
//// --- End LibAFL code ---
while (!cpu_handle_interrupt(cpu, &last_tb)) { while (!cpu_handle_interrupt(cpu, &last_tb)) {
TranslationBlock *tb; TranslationBlock *tb;
target_ulong cs_base, pc; target_ulong cs_base, pc;
@ -1034,11 +1045,13 @@ cpu_exec_loop(CPUState *cpu, SyncClocks *sc)
//// --- Begin LibAFL code --- //// --- Begin LibAFL code ---
#if !TARGET_TB_PCREL if (cflags & CF_PCREL) {
// No party with PCREL
tb_add_jump(last_tb, tb_exit, tb);
} else {
if (last_tb->jmp_reset_offset[1] != TB_JMP_OFFSET_INVALID) { if (last_tb->jmp_reset_offset[1] != TB_JMP_OFFSET_INVALID) {
mmap_lock(); mmap_lock();
TranslationBlock *edge = libafl_gen_edge(cpu, last_tb->pc, tb->pc, TranslationBlock *edge = libafl_gen_edge(cpu, last_tb_pc, pc, tb_exit, cs_base, flags, cflags);
tb_exit, cs_base, flags, cflags);
mmap_unlock(); mmap_unlock();
if (edge) { if (edge) {
@ -1050,15 +1063,12 @@ cpu_exec_loop(CPUState *cpu, SyncClocks *sc)
} else { } else {
tb_add_jump(last_tb, tb_exit, tb); tb_add_jump(last_tb, tb_exit, tb);
} }
#else }
// No party if TARGET_TB_PCREL is 1
tb_add_jump(last_tb, tb_exit, tb);
#endif
//// --- End LibAFL code --- //// --- End LibAFL code ---
} }
cpu_loop_exec_tb(cpu, tb, pc, &last_tb, &tb_exit); cpu_loop_exec_tb(cpu, tb, pc, &last_tb, &tb_exit, &last_tb_pc);
/* Try to align the host and virtual clocks /* Try to align the host and virtual clocks
if the guest is in advance */ if the guest is in advance */

View File

@ -994,9 +994,9 @@ TranslationBlock *libafl_gen_edge(CPUState *cpu, target_ulong src_block,
gen_code_buf = tcg_ctx->code_gen_ptr; gen_code_buf = tcg_ctx->code_gen_ptr;
tb->tc.ptr = tcg_splitwx_to_rx(gen_code_buf); tb->tc.ptr = tcg_splitwx_to_rx(gen_code_buf);
#if !TARGET_TB_PCREL if (!(cflags & CF_PCREL)) {
tb->pc = pc; tb->pc = pc;
#endif }
tb->cs_base = cs_base; tb->cs_base = cs_base;
tb->flags = flags; tb->flags = flags;
tb->cflags = cflags; tb->cflags = cflags;

View File

@ -45,11 +45,4 @@
bool guarded; bool guarded;
#endif #endif
//// --- Begin LibAFL code ---
#undef TARGET_TB_PCREL
# define TARGET_TB_PCREL 0
//// --- End LibAFL code ---
#endif #endif

View File

@ -24,11 +24,4 @@
#endif #endif
#define TARGET_PAGE_BITS 12 #define TARGET_PAGE_BITS 12
//// --- Begin LibAFL code ---
#undef TARGET_TB_PCREL
# define TARGET_TB_PCREL 0
//// --- End LibAFL code ---
#endif #endif