diff --git a/include/libafl/user.h b/include/libafl/user.h index 2ba171b388..9d942e759e 100644 --- a/include/libafl/user.h +++ b/include/libafl/user.h @@ -10,6 +10,7 @@ struct libafl_mapinfo { const char* path; int flags; int is_priv; + bool is_valid; }; IntervalTreeNode * libafl_maps_first(IntervalTreeRoot * map_info); diff --git a/linux-user/syscall.c b/linux-user/syscall.c index eb86cf0aa1..aa67afded2 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -13679,6 +13679,8 @@ IntervalTreeNode * libafl_maps_first(IntervalTreeRoot * map_info) { } IntervalTreeNode * libafl_maps_next(IntervalTreeNode *node, struct libafl_mapinfo* ret) { + ret->is_valid = false; + if (!node || !ret) { return NULL; } @@ -13702,6 +13704,7 @@ IntervalTreeNode * libafl_maps_next(IntervalTreeNode *node, struct libafl_mapinf if (flags & PAGE_WRITE_ORG) libafl_flags |= PROT_WRITE; if (flags & PAGE_EXEC) libafl_flags |= PROT_EXEC; + ret->is_valid = true; ret->start = (target_ulong)h2g_nocheck(min); ret->end = (target_ulong)h2g_nocheck(max); ret->offset = (target_ulong)e->offset; diff --git a/tcg/tcg-op-ldst.c b/tcg/tcg-op-ldst.c index 03be92f9d0..1417890f63 100644 --- a/tcg/tcg-op-ldst.c +++ b/tcg/tcg-op-ldst.c @@ -636,6 +636,12 @@ static void tcg_gen_qemu_ld_i128_int(TCGv_i128 val, TCGTemp *addr, tcg_constant_i32(orig_oi)); } +//// --- Start LibAFL code --- + + libafl_gen_read(addr, orig_oi); + +//// --- End LibAFL code --- + plugin_gen_mem_callbacks(ext_addr, addr, orig_oi, QEMU_PLUGIN_MEM_R); } @@ -752,6 +758,12 @@ static void tcg_gen_qemu_st_i128_int(TCGv_i128 val, TCGTemp *addr, tcg_constant_i32(orig_oi)); } +//// --- Start LibAFL code --- + + libafl_gen_write(addr, orig_oi); + +//// --- End LibAFL code --- + plugin_gen_mem_callbacks(ext_addr, addr, orig_oi, QEMU_PLUGIN_MEM_W); } @@ -1245,7 +1257,13 @@ void tcg_gen_atomic_##NAME##_i32_chk(TCGv_i32 ret, TCGTemp *addr, \ tcg_debug_assert(addr_type == tcg_ctx->addr_type); \ tcg_debug_assert((memop & MO_SIZE) <= MO_32); \ if (tcg_ctx->gen_tb->cflags & CF_PARALLEL) { \ +/* --- Start LibAFL code --- */ \ + libafl_gen_read(addr, make_memop_idx(memop, 0)); \ +/* --- End LibAFL code --- */ \ do_atomic_op_i32(ret, addr, val, idx, memop, table_##NAME); \ +/* --- Start LibAFL code --- */ \ + libafl_gen_write(addr, make_memop_idx(memop, 0)); \ +/* --- End LibAFL code --- */ \ } else { \ do_nonatomic_op_i32(ret, addr, val, idx, memop, NEW, \ tcg_gen_##OP##_i32); \ @@ -1258,7 +1276,13 @@ void tcg_gen_atomic_##NAME##_i64_chk(TCGv_i64 ret, TCGTemp *addr, \ tcg_debug_assert(addr_type == tcg_ctx->addr_type); \ tcg_debug_assert((memop & MO_SIZE) <= MO_64); \ if (tcg_ctx->gen_tb->cflags & CF_PARALLEL) { \ +/* --- Start LibAFL code --- */ \ + libafl_gen_read(addr, make_memop_idx(memop, 0)); \ +/* --- End LibAFL code --- */ \ do_atomic_op_i64(ret, addr, val, idx, memop, table_##NAME); \ +/* --- Start LibAFL code --- */ \ + libafl_gen_write(addr, make_memop_idx(memop, 0)); \ +/* --- End LibAFL code --- */ \ } else { \ do_nonatomic_op_i64(ret, addr, val, idx, memop, NEW, \ tcg_gen_##OP##_i64); \ diff --git a/tcg/tcg-op-vec.c b/tcg/tcg-op-vec.c index bcbb1e5139..fbfb1e5826 100644 --- a/tcg/tcg-op-vec.c +++ b/tcg/tcg-op-vec.c @@ -319,10 +319,17 @@ void tcg_gen_stl_vec(TCGv_vec r, TCGv_ptr b, TCGArg o, TCGType low_type) TCGArg bi = tcgv_ptr_arg(b); TCGTemp *rt = arg_temp(ri); TCGType type = rt->base_type; +//// --- Begin LibAFL code --- + MemOpIdx oi = make_memop_idx((type - TCG_TYPE_V64) + MO_64, 0); +//// --- End LibAFL code --- tcg_debug_assert(low_type >= TCG_TYPE_V64); tcg_debug_assert(low_type <= type); vec_gen_3(INDEX_op_st_vec, low_type, 0, ri, bi, o); + +//// --- Begin LibAFL code --- + libafl_gen_write(tcgv_ptr_temp(b), oi); +//// --- End LibAFL code --- } void tcg_gen_and_vec(unsigned vece, TCGv_vec r, TCGv_vec a, TCGv_vec b)