mips64 support

Author: Dil4rd

qemuafl/api.h

@@ -3,6 +3,26 @@
 
 #include <stdint.h>
 
+#if defined(TARGET_MIPS64) || defined(TARGET_AARCH64) || defined(TARGET_X86_64)
+# define TARGET_LONG_BITS 64
+#else
+# define TARGET_LONG_BITS 32
+#endif
+
+/* see include/exec/cpu-defs.h */
+#define TARGET_LONG_SIZE (TARGET_LONG_BITS / 8)
+
+#if TARGET_LONG_SIZE == 4
+typedef int32_t target_long;
+typedef uint32_t target_ulong;
+#elif TARGET_LONG_SIZE == 8
+typedef int64_t target_long;
+typedef uint64_t target_ulong;
+#else
+#error TARGET_LONG_SIZE undefined
+#endif
+
+
 struct x86_regs {
 
   uint32_t eax, ebx, ecx, edx, edi, esi, ebp;
@@ -138,13 +158,49 @@ struct arm64_regs {
 };
 
 /* MIPS_PATCH */
-#if defined(TARGET_MIPS)
+#if defined(TARGET_MIPS) || defined(TARGET_MIPS64)
+
+// check standalone usage
+//     if smth in pers hook goes wrong, check constants below with target/mips/cpu.h
+#ifndef MIPS_CPU_H
+#include <stdbool.h>
+#include "../include/fpu/softfloat-types.h"
+
+/* MSA Context */
+#define MSA_WRLEN (128)
+typedef union wr_t wr_t;
+union wr_t {
+    int8_t  b[MSA_WRLEN / 8];
+    int16_t h[MSA_WRLEN / 16];
+    int32_t w[MSA_WRLEN / 32];
+    int64_t d[MSA_WRLEN / 64];
+};
+typedef union fpr_t fpr_t;
+union fpr_t {
+    float64  fd;   /* ieee double precision */
+    float32  fs[2];/* ieee single precision */
+    uint64_t d;    /* binary double fixed-point */
+    uint32_t w[2]; /* binary single fixed-point */
+/* FPU/MSA register mapping is not tested on big-endian hosts. */
+    wr_t     wr;   /* vector data */
+};
+#define MIPS_DSP_ACC 4
+#endif
+
 struct mips_regs {
-  uint32_t r0, at, v0, v1, a0, a1, a2, a3, t0, t1, t2, t3, t4, t5, t6, t7, s0,
+  target_ulong r0, at, v0, v1, a0, a1, a2, a3, t0, t1, t2, t3, t4, t5, t6, t7, s0,
       s1, s2, s3, s4, s5, s6, s7, t8, t9, k0, k1, gp, sp, fp, ra;
-  uint32_t HI[4];
-  uint32_t LO[4];
-  uint32_t PC;
+  #if defined(TARGET_MIPS64)
+    /*
+     * For CPUs using 128-bit GPR registers, we put the lower halves in gpr[])
+     * and the upper halves in gpr_hi[].
+     */
+    uint64_t gpr_hi[32];
+  #endif /* TARGET_MIPS64 */
+  target_ulong HI[MIPS_DSP_ACC];
+  target_ulong LO[MIPS_DSP_ACC];
+  target_ulong ACX[MIPS_DSP_ACC];
+  target_ulong PC;
   fpr_t    fpr[32];
 };
 #endif

qemuafl/common.h

@@ -51,7 +51,7 @@
 #elif defined(TARGET_ARM)
 #define api_regs arm_regs
 /* MIPS_PATCH */
-#elif defined(TARGET_MIPS)
+#elif defined(TARGET_MIPS) || defined(TARGET_MIPS64)
 #define api_regs mips_regs
 #else
 struct generic_api_regs { int v; };
@@ -137,7 +137,7 @@ void afl_float_compcov_log_80(target_ulong cur_loc, floatx80 arg1,
 abi_ulong afl_get_brk(void);
 abi_ulong afl_set_brk(abi_ulong new_brk);
 
-#if defined(TARGET_X86_64) || defined(TARGET_I386) || defined(TARGET_AARCH64) || defined(TARGET_ARM) || defined(TARGET_MIPS)
+#if defined(TARGET_X86_64) || defined(TARGET_I386) || defined(TARGET_AARCH64) || defined(TARGET_ARM) || defined(TARGET_MIPS) || defined(TARGET_MIPS64)
 void afl_save_regs(struct api_regs* regs, CPUArchState* env);
 void afl_restore_regs(struct api_regs* regs, CPUArchState* env);
 #else

qemuafl/qasan-qemu.h

@@ -84,7 +84,7 @@ extern __thread struct shadow_stack qasan_shadow_stack;
 #define SP_GET(env) ((env)->aarch64 ? (env)->xregs[31] : (env)->regs[13])
 
 /* MIPS_PATCH */
-#elif defined(TARGET_MIPS)
+#elif defined(TARGET_MIPS) || defined(TARGET_MIPS64)
 
 #define PC_GET(env) ((env)->active_tc.PC)
 #define BP_GET(env) ((env)->active_tc.gpr[29])

target/mips/translate.c

@@ -2296,7 +2296,7 @@ static const char * const mxuregnames[] = {
 #endif
 
 /* MIPS_PATCH */
-void afl_save_regs(struct api_regs *r, CPUArchState *env) {
+void afl_save_regs(struct api_regs* r, CPUArchState *env) {
     int i = 0;
     int j = 0;
     /* GP registers saving */
@@ -2333,7 +2333,10 @@ void afl_save_regs(struct api_regs *r, CPUArchState *env) {
     r->fp = env->active_tc.gpr[30];
     r->ra = env->active_tc.gpr[31];
     r->PC = env->active_tc.PC;
-    for (i = 0; i < 4; i++) {
+#if defined(TARGET_MIPS64)
+    memcpy(r->gpr_hi, env->active_tc.gpr_hi, sizeof(r->gpr_hi));
+#endif
+    for (i = 0; i < MIPS_DSP_ACC; i++) {
         r->HI[i] = env->active_tc.HI[i];
         r->LO[i] = env->active_tc.LO[i];
     }
@@ -2350,20 +2353,11 @@ void afl_save_regs(struct api_regs *r, CPUArchState *env) {
         for (j = 0; j < MSA_WRLEN / 8; j++) {
             r->fpr[i].wr.b[j] = env->active_fpu.fpr[i].wr.b[j];
         }
-        for (j = 0; j < MSA_WRLEN / 16; j++) {
-            r->fpr[i].wr.h[j] = env->active_fpu.fpr[i].wr.h[j];
-        }
-        for (j = 0; j < MSA_WRLEN / 32; j++) {
-            r->fpr[i].wr.w[j] = env->active_fpu.fpr[i].wr.w[j];
-        }
-        for (j = 0; j < MSA_WRLEN / 64; j++) {
-            r->fpr[i].wr.d[j] = env->active_fpu.fpr[i].wr.d[j];
-        }
     }
 }
 
 /* MIPS_PATCH */
-void afl_restore_regs(struct api_regs *r, CPUArchState *env) {
+void afl_restore_regs(struct api_regs* r, CPUArchState *env) {
     int i = 0;
     int j = 0;
     /* GP registers restoring */
@@ -2400,7 +2394,10 @@ void afl_restore_regs(struct api_regs *r, CPUArchState *env) {
     env->active_tc.gpr[30] = r->fp;
     env->active_tc.gpr[31] = r->ra;
     env->active_tc.PC = r->PC;
-    for (i = 0; i < 4; i++) {
+#if defined(TARGET_MIPS64)
+    memcpy(env->active_tc.gpr_hi, r->gpr_hi, sizeof(r->gpr_hi));
+#endif
+    for (i = 0; i < MIPS_DSP_ACC; i++) {
         env->active_tc.HI[i] = r->HI[i];
         env->active_tc.LO[i] = r->LO[i];
     }
@@ -2417,15 +2414,6 @@ void afl_restore_regs(struct api_regs *r, CPUArchState *env) {
         for (j = 0; j < MSA_WRLEN / 8; j++) {
             env->active_fpu.fpr[i].wr.b[j] = r->fpr[i].wr.b[j];
         }
-        for (j = 0; j < MSA_WRLEN / 16; j++) {
-            env->active_fpu.fpr[i].wr.h[j] = r->fpr[i].wr.h[j];
-        }
-        for (j = 0; j < MSA_WRLEN / 32; j++) {
-            env->active_fpu.fpr[i].wr.w[j] = r->fpr[i].wr.w[j];
-        }
-        for (j = 0; j < MSA_WRLEN / 64; j++) {
-            env->active_fpu.fpr[i].wr.d[j] = r->fpr[i].wr.d[j];
-        }
     }
 }