From 7a1de17f37243b1f4712c1264d1962bd14c4bba1 Mon Sep 17 00:00:00 2001 From: lazymio Date: Tue, 23 Nov 2021 00:25:55 +0100 Subject: [PATCH] Fix UC_HOOK_EDGE_GENERATED to work with indirect jump For an indirect jump (lookup_tb_ptr), last_tb would be NULL --- include/uc_priv.h | 2 ++ qemu/accel/tcg/cpu-exec.c | 8 ++++---- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/include/uc_priv.h b/include/uc_priv.h index 4bd806cc..869cf685 100644 --- a/include/uc_priv.h +++ b/include/uc_priv.h @@ -357,6 +357,8 @@ struct uc_struct { sigjmp_buf jmp_bufs[UC_MAX_NESTED_LEVEL]; // To support nested uc_emu_start int nested_level; // Current nested_level + + struct TranslationBlock* last_tb; // The real last tb we executed. }; // Metadata stub for the variable-size cpu context used with uc_context_*() diff --git a/qemu/accel/tcg/cpu-exec.c b/qemu/accel/tcg/cpu-exec.c index 09cffc24..cb70582c 100644 --- a/qemu/accel/tcg/cpu-exec.c +++ b/qemu/accel/tcg/cpu-exec.c @@ -258,10 +258,9 @@ static inline TranslationBlock *tb_find(CPUState *cpu, /* We add the TB in the virtual pc hash table for the fast lookup */ cpu->tb_jmp_cache[tb_jmp_cache_hash_func(cpu->uc, pc)] = tb; - UC_TB_COPY(&cur_tb, tb); - - if (last_tb) { - UC_TB_COPY(&prev_tb, last_tb); + if (uc->last_tb) { + UC_TB_COPY(&cur_tb, tb); + UC_TB_COPY(&prev_tb, uc->last_tb); for (cur = uc->hook[UC_HOOK_EDGE_GENERATED_IDX].head; cur != NULL && (hook = (struct hook *)cur->data); cur = cur->next) { if (hook->to_delete) { @@ -494,6 +493,7 @@ static inline void cpu_loop_exec_tb(CPUState *cpu, TranslationBlock *tb, // trace_exec_tb(tb, tb->pc); ret = cpu_tb_exec(cpu, tb); + cpu->uc->last_tb = tb; // Trace the last tb we executed. tb = (TranslationBlock *)(ret & ~TB_EXIT_MASK); *tb_exit = ret & TB_EXIT_MASK; if (*tb_exit != TB_EXIT_REQUESTED) {