diff options
| -rw-r--r-- | src/focaccia/qemu/_qemu_tool.py | 5 | ||||
| -rw-r--r-- | src/focaccia/qemu/target.py | 3 |
2 files changed, 6 insertions, 2 deletions
diff --git a/src/focaccia/qemu/_qemu_tool.py b/src/focaccia/qemu/_qemu_tool.py index 984de08..5a59e15 100644 --- a/src/focaccia/qemu/_qemu_tool.py +++ b/src/focaccia/qemu/_qemu_tool.py @@ -164,6 +164,7 @@ def collect_conc_trace(gdb: GDBServerStateIterator, strace: Trace) \ # An online trace matching algorithm. info(f'Tracing QEMU between {hex(start_addr)}:{hex(strace.env.stop_address) if strace.env.stop_address else "end"}') + traced_address_set = frozenset(strace.addresses) transform: Optional[SymbolicTransform] = None while True: @@ -181,7 +182,9 @@ def collect_conc_trace(gdb: GDBServerStateIterator, strace: Trace) \ while pc != transform.addr: warn(f'PC {hex(pc)} does not match next symbolic reference {hex(transform.addr)}') - next_i = find_index(strace.addresses[symb_i:], pc) + next_i = None + if pc in traced_address_set: + next_i = find_index(strace.addresses[symb_i:], pc) # Drop the concrete state if no address in the symbolic trace # matches diff --git a/src/focaccia/qemu/target.py b/src/focaccia/qemu/target.py index f324cdf..28fe805 100644 --- a/src/focaccia/qemu/target.py +++ b/src/focaccia/qemu/target.py @@ -279,7 +279,8 @@ class GDBServerStateIterator(GDBServerConnector): for mem in post_event.mem_writes: addr, data = mem.address, mem.data - for reg, value in post_event.registers.items(): + for reg in syscall.patchup_address_registers: + value = post_event.registers[reg] if value == addr: addr = next_state.read_register(reg) break |