Use of `syx_snapshot_dirty_list_add_hostaddr` in cputlb.c

[enisrat]

I noticed that this access type check in cputlb.c has been commented out:

qemu-libafl-bridge/accel/tcg/cputlb.c

Lines 1750 to 1753 in a86bd6b

	// TODO: Does not work?
	// if (type == MMU_DATA_STORE) {
	syx_snapshot_dirty_list_add_hostaddr(l->page[0].haddr);
	// }

I don't see why this check would not work?

Also, pages with flags like TLB_MMIO and TLB_DISCARD_WRITE would not need to be considered for snapshot. Would it not make sense to check those as well?

[rmalmain]

it's true. i remember doing tests with complex targets and getting snapshotting errors if not commenting this out.
ideally, we should check for those flags. i can try to re-run a linux target and see if i still get those issues.

[enisrat]

Ok, would be great to be able to reproduce this with your command line.
I am on a debug branch with some additional HMP commands in monitor, trying to verify everything for my custom board.

[enisrat]

@rmalmain : Did you get some errors I could reproduce?

[enisrat]

Ok, found a fix (I think):

• Use memory_region_reset_dirty on each RAM region in syx_snapshot_new and syx_snapshot_root_restore
• This marks all RAM as notdirty, so a WRITE will not be missed
• Additionally CPUTLB should be flushed completely in syx_snapshot_new (it is implicitely flushed in syx_snapshot_root_restore)

[enisrat]

I created a PR for this (and other features):
#112

[rmalmain]

hey @enisrat, sorry for the late reply, very busy times.
thanks for the PR, I'll check now