AFLplusplus · rmalmain · Apr 26, 2024 · Mar 13, 2024 · Apr 4, 2024 · Apr 26, 2024
diff --git a/accel/tcg/tb-maint.c b/accel/tcg/tb-maint.c
@@ -866,6 +866,11 @@ static inline void tb_jmp_unlink(TranslationBlock *dest)
 
     TB_FOR_EACH_JMP(dest, tb, n) {
         tb_reset_jump(tb, n);
+//// --- Begin LibAFL code ---
+        if (tb->cflags & CF_IS_EDGE) {
+            tb_phys_invalidate(tb, -1);
+        }
+//// --- End LibAFL code ---
         qatomic_and(&tb->jmp_dest[n], (uintptr_t)NULL | 1);
         /* No need to clear the list entry; setting the dest ptr is enough */
     }

diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
@@ -403,7 +403,7 @@ TranslationBlock *libafl_gen_edge(CPUState *cpu, target_ulong src_block,
     }
     tb->cs_base = cs_base;
     tb->flags = flags;
-    tb->cflags = cflags;
+    tb->cflags = cflags | CF_IS_EDGE;
     //tb_set_page_addr0(tb, phys_pc);
     //tb_set_page_addr1(tb, -1);
     tcg_ctx->gen_tb = tb;

diff --git a/include/exec/translation-block.h b/include/exec/translation-block.h
@@ -77,6 +77,9 @@ struct TranslationBlock {
 #define CF_PARALLEL      0x00008000 /* Generate code for a parallel context */
 #define CF_NOIRQ         0x00010000 /* Generate an uninterruptible TB */
 #define CF_PCREL         0x00020000 /* Opcodes in TB are PC-relative */
+//// --- Begin LibAFL code ---
+#define CF_IS_EDGE       0x00800000 /* The current TB is an edge */
+//// --- End LibAFL code ---
 #define CF_CLUSTER_MASK  0xff000000 /* Top 8 bits are cluster ID */
 #define CF_CLUSTER_SHIFT 24