yannick.naumann/RT-Task-Generator-QEMU
1
0
Fork 0
forked from alwin.berger/FRET-qemu
Code Pull Requests Activity

Handle PCREL

Browse Source
This commit is contained in:
Andrea Fioraldi 2023-06-02 16:40:34 +02:00
parent bd1f40e27e
commit ae9b1d73dd
4 changed files with 30 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
accel/tcg/cpu-exec.c
View File

@ -896,9 +896,12 @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
return false;
}
// LibAFL: Add last_tb_pc arg
static inline void cpu_loop_exec_tb(CPUState *cpu, TranslationBlock *tb,
target_ulong pc,
TranslationBlock **last_tb, int *tb_exit)
TranslationBlock **last_tb, int *tb_exit,
target_ulong *last_tb_pc)
{
int32_t insns_left;
@ -906,6 +909,10 @@ static inline void cpu_loop_exec_tb(CPUState *cpu, TranslationBlock *tb,
tb = cpu_tb_exec(cpu, tb, tb_exit);
if (*tb_exit != TB_EXIT_REQUESTED) {
*last_tb = tb;
//// --- Begin LibAFL code ---
*last_tb_pc = pc;
//// --- End LibAFL code ---
return;
}
@ -967,6 +974,10 @@ cpu_exec_loop(CPUState *cpu, SyncClocks *sc)
TranslationBlock *last_tb = NULL;
int tb_exit = 0;
//// --- Begin LibAFL code ---
target_ulong last_tb_pc = 0;
//// --- End LibAFL code ---
while (!cpu_handle_interrupt(cpu, &last_tb)) {
TranslationBlock *tb;
target_ulong cs_base, pc;
@ -1034,31 +1045,30 @@ cpu_exec_loop(CPUState *cpu, SyncClocks *sc)
//// --- Begin LibAFL code ---
#if !TARGET_TB_PCREL
if (last_tb->jmp_reset_offset[1] != TB_JMP_OFFSET_INVALID) {
mmap_lock();
TranslationBlock *edge = libafl_gen_edge(cpu, last_tb->pc, tb->pc,
tb_exit, cs_base, flags, cflags);
mmap_unlock();
if (cflags & CF_PCREL) {
// No party with PCREL
tb_add_jump(last_tb, tb_exit, tb);
} else {
if (last_tb->jmp_reset_offset[1] != TB_JMP_OFFSET_INVALID) {
mmap_lock();
TranslationBlock *edge = libafl_gen_edge(cpu, last_tb_pc, pc, tb_exit, cs_base, flags, cflags);
mmap_unlock();
if (edge) {
tb_add_jump(last_tb, tb_exit, edge);
tb_add_jump(edge, 0, tb);
if (edge) {
tb_add_jump(last_tb, tb_exit, edge);
tb_add_jump(edge, 0, tb);
} else {
tb_add_jump(last_tb, tb_exit, tb);
}
} else {
tb_add_jump(last_tb, tb_exit, tb);
}
} else {
tb_add_jump(last_tb, tb_exit, tb);
}
#else
// No party if TARGET_TB_PCREL is 1
tb_add_jump(last_tb, tb_exit, tb);
#endif
//// --- End LibAFL code ---
}
cpu_loop_exec_tb(cpu, tb, pc, &last_tb, &tb_exit);
cpu_loop_exec_tb(cpu, tb, pc, &last_tb, &tb_exit, &last_tb_pc);
/* Try to align the host and virtual clocks
if the guest is in advance */

6
accel/tcg/translate-all.c
View File

@ -994,9 +994,9 @@ TranslationBlock *libafl_gen_edge(CPUState *cpu, target_ulong src_block,
gen_code_buf = tcg_ctx->code_gen_ptr;
tb->tc.ptr = tcg_splitwx_to_rx(gen_code_buf);
#if !TARGET_TB_PCREL
tb->pc = pc;
#endif
if (!(cflags & CF_PCREL)) {
tb->pc = pc;
}
tb->cs_base = cs_base;
tb->flags = flags;
tb->cflags = cflags;

7
target/arm/cpu-param.h
View File

@ -45,11 +45,4 @@
bool guarded;
#endif
//// --- Begin LibAFL code ---
#undef TARGET_TB_PCREL
# define TARGET_TB_PCREL 0
//// --- End LibAFL code ---
#endif

7
target/i386/cpu-param.h
View File

@ -24,11 +24,4 @@
#endif
#define TARGET_PAGE_BITS 12
//// --- Begin LibAFL code ---
#undef TARGET_TB_PCREL
# define TARGET_TB_PCREL 0
//// --- End LibAFL code ---
#endif