Merge pull request #1236 from AFLplusplus/dev

push to stable

1 files changed, 11 insertions, 6 deletions

diff --git a/frida_mode/src/persistent/persistent_arm64.c b/frida_mode/src/persistent/persistent_arm64.c
index c9159ca1..16ecf39c 100644
--- a/frida_mode/src/persistent/persistent_arm64.c
+++ b/frida_mode/src/persistent/persistent_arm64.c
@@ -89,7 +89,7 @@ static void instrument_persitent_save_regs(GumArm64Writer *  cw,
 
   /* LR (x30) */
   gum_arm64_writer_put_str_reg_reg_offset(cw, ARM64_REG_X30, ARM64_REG_X0,
-                                          offsetof(GumCpuContext, x[30]));
+                                          offsetof(GumCpuContext, lr));
 
   /* PC & Adjusted SP (31) */
   gum_arm64_writer_put_ldr_reg_address(cw, ARM64_REG_X2,
@@ -189,7 +189,7 @@ static void instrument_persitent_restore_regs(GumArm64Writer *  cw,
 
   /* LR (x30) */
   gum_arm64_writer_put_ldr_reg_reg_offset(cw, ARM64_REG_X30, ARM64_REG_X0,
-                                          offsetof(GumCpuContext, x[30]));
+                                          offsetof(GumCpuContext, lr));
 
   /* Adjusted SP (31) (use x1 as clobber)*/
   gum_arm64_writer_put_ldr_reg_reg_offset(cw, ARM64_REG_X1, ARM64_REG_X0,
@@ -236,7 +236,13 @@ static void instrument_exit(GumArm64Writer *cw) {
 static int instrument_afl_persistent_loop_func(void) {
 
   int ret = __afl_persistent_loop(persistent_count);
-  instrument_previous_pc = instrument_hash_zero;
+  if (instrument_previous_pc_addr == NULL) {
+
+    FATAL("instrument_previous_pc_addr uninitialized");
+
+  }
+
+  *instrument_previous_pc_addr = instrument_hash_zero;
   return ret;
 
 }
@@ -264,8 +270,7 @@ static void persistent_prologue_hook(GumArm64Writer *  cw,
   gum_arm64_writer_put_ldr_reg_reg_offset(cw, ARM64_REG_X2, ARM64_REG_X2, 0);
   gum_arm64_writer_put_ldr_reg_reg_offset(cw, ARM64_REG_X2, ARM64_REG_X2, 0);
 
-  gum_arm64_writer_put_and_reg_reg_imm(cw, ARM64_REG_X2, ARM64_REG_X2,
-                                       G_MAXULONG);
+  gum_arm64_writer_put_mov_reg_reg(cw, ARM64_REG_W2, ARM64_REG_W2);
 
   gum_arm64_writer_put_ldr_reg_address(cw, ARM64_REG_X1,
                                        GUM_ADDRESS(&__afl_fuzz_ptr));
@@ -324,7 +329,7 @@ void persistent_prologue_arch(GumStalkerOutput *output) {
 
   gconstpointer loop = cw->code + 1;
 
-  FOKF("Persistent loop reached");
+  FVERBOSE("Persistent loop reached");
 
   instrument_persitent_save_regs(cw, &saved_regs);