yannick.naumann/RT-Task-Generator-QEMU
1
0
Fork 0
forked from alwin.berger/FRET-qemu
Code Pull Requests Activity

Fix wrong dirty address tracking for MMIO accesses. Assert is only triggered for debug builds.

Browse Source
This commit is contained in:
Romain Malmain 2023-10-30 17:37:07 +01:00
parent e42124c0c8
commit bbd52db5f6
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
accel/tcg/cputlb.c
View File

@ -1830,7 +1830,8 @@ static bool mmu_lookup(CPUState *cpu, vaddr addr, MemOpIdx oi,
//// --- Begin LibAFL code --- //// --- Begin LibAFL code ---
if (type == MMU_DATA_STORE) { // TODO: check if the second condition solves faulty dirty address report
if (type == MMU_DATA_STORE && !(flags & (TLB_INVALID_MASK | TLB_MMIO))) {
syx_snapshot_dirty_list_add_hostaddr(l->page[0].haddr); syx_snapshot_dirty_list_add_hostaddr(l->page[0].haddr);
} }

2
libafl_extras/syx-snapshot/syx-snapshot.c
View File

@ -393,7 +393,9 @@ void syx_snapshot_dirty_list_add_hostaddr(void* host_addr) {
ram_addr_t offset; ram_addr_t offset;
RAMBlock* rb = qemu_ram_block_from_host((void*) host_addr, true, &offset); RAMBlock* rb = qemu_ram_block_from_host((void*) host_addr, true, &offset);
#ifdef CONFIG_DEBUG_TCG
assert(rb); assert(rb);
#endif
hwaddr paddr = rb->mr->addr + offset; hwaddr paddr = rb->mr->addr + offset;
// If this assert is ever false, please understand why // If this assert is ever false, please understand why