Update QEMU syshook ret value (#3092)

* update syshook ret value

Author: rmalmain

libafl_qemu/libafl_qemu_build/src/build.rs

@@ -11,7 +11,7 @@ use crate::cargo_add_rpath;
 
 pub const QEMU_URL: &str = "https://github.com/AFLplusplus/qemu-libafl-bridge";
 pub const QEMU_DIRNAME: &str = "qemu-libafl-bridge";
-pub const QEMU_REVISION: &str = "2a676d9cd8c474b5c0db1d77d2769e56e2ed8524";
+pub const QEMU_REVISION: &str = "97bef506eed24ee8d0eda4a07c4419c55dae4acb";
 
 pub struct BuildResult {
     pub qemu_path: PathBuf,

libafl_qemu/libafl_qemu_sys/src/bindings/x86_64_stub_bindings.rs

@@ -1,5 +1,5 @@
 /* 1.87.0-nightly */
-/* qemu git hash: 2a676d9cd8c474b5c0db1d77d2769e56e2ed8524 */
+/* qemu git hash: 97bef506eed24ee8d0eda4a07c4419c55dae4acb */
 /* automatically generated by rust-bindgen 0.71.1 */
 
 use libc::siginfo_t;
@@ -8687,37 +8687,131 @@ unsafe extern "C" {
 unsafe extern "C" {
     pub fn libafl_hook_new_thread_run(env: *mut CPUArchState, tid: u32) -> bool;
 }
+pub const libafl_syshook_ret_tag_LIBAFL_SYSHOOK_RUN: libafl_syshook_ret_tag =
+    libafl_syshook_ret_tag(0);
+pub const libafl_syshook_ret_tag_LIBAFL_SYSHOOK_SKIP: libafl_syshook_ret_tag =
+    libafl_syshook_ret_tag(1);
+impl ::std::ops::BitOr<libafl_syshook_ret_tag> for libafl_syshook_ret_tag {
+    type Output = Self;
+    #[inline]
+    fn bitor(self, other: Self) -> Self {
+        libafl_syshook_ret_tag(self.0 | other.0)
+    }
+}
+impl ::std::ops::BitOrAssign for libafl_syshook_ret_tag {
+    #[inline]
+    fn bitor_assign(&mut self, rhs: libafl_syshook_ret_tag) {
+        self.0 |= rhs.0;
+    }
+}
+impl ::std::ops::BitAnd<libafl_syshook_ret_tag> for libafl_syshook_ret_tag {
+    type Output = Self;
+    #[inline]
+    fn bitand(self, other: Self) -> Self {
+        libafl_syshook_ret_tag(self.0 & other.0)
+    }
+}
+impl ::std::ops::BitAndAssign for libafl_syshook_ret_tag {
+    #[inline]
+    fn bitand_assign(&mut self, rhs: libafl_syshook_ret_tag) {
+        self.0 &= rhs.0;
+    }
+}
+#[repr(transparent)]
+#[derive(Debug, Copy, Clone, Hash, PartialEq, Eq)]
+pub struct libafl_syshook_ret_tag(pub ::std::os::raw::c_uint);
 #[repr(C)]
-#[derive(Debug, Default, Copy, Clone)]
-pub struct syshook_ret {
-    pub retval: target_ulong,
-    pub skip_syscall: bool,
+#[derive(Copy, Clone)]
+pub struct libafl_syshook_ret {
+    pub tag: libafl_syshook_ret_tag,
+    pub __bindgen_anon_1: libafl_syshook_ret__bindgen_ty_1,
+}
+#[repr(C)]
+#[derive(Copy, Clone)]
+pub union libafl_syshook_ret__bindgen_ty_1 {
+    pub syshook_skip_retval: target_ulong,
 }
 #[allow(clippy::unnecessary_operation, clippy::identity_op)]
 const _: () = {
-    ["Size of syshook_ret"][::std::mem::size_of::<syshook_ret>() - 16usize];
-    ["Alignment of syshook_ret"][::std::mem::align_of::<syshook_ret>() - 8usize];
-    ["Offset of field: syshook_ret::retval"][::std::mem::offset_of!(syshook_ret, retval) - 0usize];
-    ["Offset of field: syshook_ret::skip_syscall"]
-        [::std::mem::offset_of!(syshook_ret, skip_syscall) - 8usize];
+    ["Size of libafl_syshook_ret__bindgen_ty_1"]
+        [::std::mem::size_of::<libafl_syshook_ret__bindgen_ty_1>() - 8usize];
+    ["Alignment of libafl_syshook_ret__bindgen_ty_1"]
+        [::std::mem::align_of::<libafl_syshook_ret__bindgen_ty_1>() - 8usize];
+    ["Offset of field: libafl_syshook_ret__bindgen_ty_1::syshook_skip_retval"]
+        [::std::mem::offset_of!(libafl_syshook_ret__bindgen_ty_1, syshook_skip_retval) - 0usize];
 };
+impl Default for libafl_syshook_ret__bindgen_ty_1 {
+    fn default() -> Self {
+        let mut s = ::std::mem::MaybeUninit::<Self>::uninit();
+        unsafe {
+            ::std::ptr::write_bytes(s.as_mut_ptr(), 0, 1);
+            s.assume_init()
+        }
+    }
+}
+impl ::std::fmt::Debug for libafl_syshook_ret__bindgen_ty_1 {
+    fn fmt(&self, f: &mut ::std::fmt::Formatter<'_>) -> ::std::fmt::Result {
+        write!(f, "libafl_syshook_ret__bindgen_ty_1 {{ union }}")
+    }
+}
+#[allow(clippy::unnecessary_operation, clippy::identity_op)]
+const _: () = {
+    ["Size of libafl_syshook_ret"][::std::mem::size_of::<libafl_syshook_ret>() - 16usize];
+    ["Alignment of libafl_syshook_ret"][::std::mem::align_of::<libafl_syshook_ret>() - 8usize];
+    ["Offset of field: libafl_syshook_ret::tag"]
+        [::std::mem::offset_of!(libafl_syshook_ret, tag) - 0usize];
+};
+impl Default for libafl_syshook_ret {
+    fn default() -> Self {
+        let mut s = ::std::mem::MaybeUninit::<Self>::uninit();
+        unsafe {
+            ::std::ptr::write_bytes(s.as_mut_ptr(), 0, 1);
+            s.assume_init()
+        }
+    }
+}
+impl ::std::fmt::Debug for libafl_syshook_ret {
+    fn fmt(&self, f: &mut ::std::fmt::Formatter<'_>) -> ::std::fmt::Result {
+        write!(
+            f,
+            "libafl_syshook_ret {{ tag: {:?}, __bindgen_anon_1: {:?} }}",
+            self.tag, self.__bindgen_anon_1
+        )
+    }
+}
+pub type libafl_pre_syscall_cb = ::std::option::Option<
+    unsafe extern "C" fn(
+        data: u64,
+        sys_num: ::std::os::raw::c_int,
+        arg0: target_ulong,
+        arg1: target_ulong,
+        arg2: target_ulong,
+        arg3: target_ulong,
+        arg4: target_ulong,
+        arg5: target_ulong,
+        arg6: target_ulong,
+        arg7: target_ulong,
+    ) -> libafl_syshook_ret,
+>;
+pub type libafl_post_syscall_cb = ::std::option::Option<
+    unsafe extern "C" fn(
+        data: u64,
+        ret: target_ulong,
+        sys_num: ::std::os::raw::c_int,
+        arg0: target_ulong,
+        arg1: target_ulong,
+        arg2: target_ulong,
+        arg3: target_ulong,
+        arg4: target_ulong,
+        arg5: target_ulong,
+        arg6: target_ulong,
+        arg7: target_ulong,
+    ) -> target_ulong,
+>;
 #[repr(C)]
 #[derive(Debug, Copy, Clone)]
 pub struct libafl_pre_syscall_hook {
-    pub callback: ::std::option::Option<
-        unsafe extern "C" fn(
-            data: u64,
-            sys_num: ::std::os::raw::c_int,
-            arg0: target_ulong,
-            arg1: target_ulong,
-            arg2: target_ulong,
-            arg3: target_ulong,
-            arg4: target_ulong,
-            arg5: target_ulong,
-            arg6: target_ulong,
-            arg7: target_ulong,
-        ) -> syshook_ret,
-    >,
+    pub callback: libafl_pre_syscall_cb,
     pub data: u64,
     pub num: usize,
     pub next: *mut libafl_pre_syscall_hook,
@@ -8748,21 +8842,7 @@ impl Default for libafl_pre_syscall_hook {
 #[repr(C)]
 #[derive(Debug, Copy, Clone)]
 pub struct libafl_post_syscall_hook {
-    pub callback: ::std::option::Option<
-        unsafe extern "C" fn(
-            data: u64,
-            ret: target_ulong,
-            sys_num: ::std::os::raw::c_int,
-            arg0: target_ulong,
-            arg1: target_ulong,
-            arg2: target_ulong,
-            arg3: target_ulong,
-            arg4: target_ulong,
-            arg5: target_ulong,
-            arg6: target_ulong,
-            arg7: target_ulong,
-        ) -> target_ulong,
-    >,
+    pub callback: libafl_post_syscall_cb,
     pub data: u64,
     pub num: usize,
     pub next: *mut libafl_post_syscall_hook,
@@ -8792,43 +8872,10 @@ impl Default for libafl_post_syscall_hook {
     }
 }
 unsafe extern "C" {
-    pub fn libafl_add_pre_syscall_hook(
-        callback: ::std::option::Option<
-            unsafe extern "C" fn(
-                data: u64,
-                sys_num: ::std::os::raw::c_int,
-                arg0: target_ulong,
-                arg1: target_ulong,
-                arg2: target_ulong,
-                arg3: target_ulong,
-                arg4: target_ulong,
-                arg5: target_ulong,
-                arg6: target_ulong,
-                arg7: target_ulong,
-            ) -> syshook_ret,
-        >,
-        data: u64,
-    ) -> usize;
+    pub fn libafl_add_pre_syscall_hook(callback: libafl_pre_syscall_cb, data: u64) -> usize;
 }
 unsafe extern "C" {
-    pub fn libafl_add_post_syscall_hook(
-        callback: ::std::option::Option<
-            unsafe extern "C" fn(
-                data: u64,
-                ret: target_ulong,
-                sys_num: ::std::os::raw::c_int,
-                arg0: target_ulong,
-                arg1: target_ulong,
-                arg2: target_ulong,
-                arg3: target_ulong,
-                arg4: target_ulong,
-                arg5: target_ulong,
-                arg6: target_ulong,
-                arg7: target_ulong,
-            ) -> target_ulong,
-        >,
-        data: u64,
-    ) -> usize;
+    pub fn libafl_add_post_syscall_hook(callback: libafl_post_syscall_cb, data: u64) -> usize;
 }
 unsafe extern "C" {
     pub fn libafl_qemu_remove_pre_syscall_hook(num: usize) -> ::std::os::raw::c_int;

libafl_qemu/runtime/libafl_qemu_stub_bindings.rs

@@ -1,5 +1,5 @@
 /* 1.87.0-nightly */
-/* qemu git hash: 2a676d9cd8c474b5c0db1d77d2769e56e2ed8524 */
+/* qemu git hash: 97bef506eed24ee8d0eda4a07c4419c55dae4acb */
 /* automatically generated by rust-bindgen 0.71.1 */
 
 #[repr(C)]

libafl_qemu/runtime/nyx_stub_bindings.rs

@@ -1,5 +1,5 @@
 /* 1.87.0-nightly */
-/* qemu git hash: 2a676d9cd8c474b5c0db1d77d2769e56e2ed8524 */
+/* qemu git hash: 97bef506eed24ee8d0eda4a07c4419c55dae4acb */
 /* automatically generated by rust-bindgen 0.71.1 */
 
 #[repr(C)]

libafl_qemu/src/lib.rs

@@ -98,7 +98,7 @@ pub fn python_module(m: &Bound<'_, PyModule>) -> PyResult<()> {
     #[cfg(feature = "usermode")]
     m.add_class::<GuestMaps>()?;
 
-    m.add_class::<SyscallHookResult>()?;
+    m.add_class::<pybind::SyscallHookResult>()?;
     m.add_class::<pybind::Qemu>()?;
 
     Ok(())

libafl_qemu/src/modules/usermode/asan.rs

@@ -578,9 +578,9 @@ impl AsanGiovese {
                 }
                 _ => (),
             }
-            SyscallHookResult::new(Some(r))
+            SyscallHookResult::Skip(r)
         } else {
-            SyscallHookResult::new(None)
+            SyscallHookResult::Run
         }
     }
 
@@ -1350,9 +1350,9 @@ where
             }
             _ => (),
         }
-        SyscallHookResult::new(Some(0))
+        SyscallHookResult::Skip(0)
     } else {
-        SyscallHookResult::new(None)
+        SyscallHookResult::Run
     }
 }
 

libafl_qemu/src/modules/usermode/injections.rs

@@ -400,13 +400,13 @@ where
 
             let first_parameter = unsafe {
                 if (*c_array.offset(1)).is_null() {
-                    return SyscallHookResult::new(None);
+                    return SyscallHookResult::Run;
                 }
                 CStr::from_ptr(*c_array.offset(1)).to_string_lossy()
             };
             let second_parameter = unsafe {
                 if (*c_array.offset(2)).is_null() {
-                    return SyscallHookResult::new(None);
+                    return SyscallHookResult::Run;
                 }
                 CStr::from_ptr(*c_array.offset(2)).to_string_lossy()
             };
@@ -419,9 +419,9 @@ where
 
             //println!("PARAMETERS First {} Second {}", first_parameter, second_
         }
-        SyscallHookResult::new(Some(0))
+        SyscallHookResult::Skip(0)
     } else {
-        SyscallHookResult::new(None)
+        SyscallHookResult::Run
     }
 }
 

libafl_qemu/src/modules/usermode/redirect_stdin.rs

@@ -114,7 +114,7 @@ where
 {
     let h = emulator_modules.get_mut::<RedirectStdinModule>().unwrap();
     if h.input_addr.is_null() {
-        return SyscallHookResult::new(None);
+        return SyscallHookResult::Run;
     }
     if syscall == SYS_read as i32 && x0 == 0 {
         /*
@@ -143,7 +143,7 @@ where
         };
         // println!("copied {}", size);
         h.read += size as usize;
-        return SyscallHookResult::new(Some(size));
+        return SyscallHookResult::Skip(size);
     }
-    SyscallHookResult::new(None)
+    SyscallHookResult::Run
 }

libafl_qemu/src/modules/usermode/snapshot.rs

@@ -888,11 +888,11 @@ where
     if i64::from(sys_num) == SYS_munmap {
         let h = emulator_modules.get_mut::<SnapshotModule>().unwrap();
         if !h.is_unmap_allowed(a0 as GuestAddr, a1 as usize) {
-            return SyscallHookResult::new(Some(0));
+            return SyscallHookResult::Skip(0);
         }
     }
 
-    SyscallHookResult::new(None)
+    SyscallHookResult::Run
 }
 
 #[expect(non_upper_case_globals, clippy::too_many_arguments)]