1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
diff --git a/target/i386/ops_sse.h b/target/i386/ops_sse.h
index ed059897..a5296caa 100644
--- a/target/i386/ops_sse.h
+++ b/target/i386/ops_sse.h
@@ -997,6 +997,8 @@ SSE_HELPER_CMP(cmpord, FPU_CMPORD)
static const int comis_eflags[4] = {CC_C, CC_Z, 0, CC_Z | CC_P | CC_C};
+#include "../patches/afl-qemu-common.h"
+
void helper_ucomiss(CPUX86State *env, Reg *d, Reg *s)
{
int ret;
@@ -1004,6 +1006,11 @@ void helper_ucomiss(CPUX86State *env, Reg *d, Reg *s)
s0 = d->ZMM_S(0);
s1 = s->ZMM_S(0);
+
+ if (afl_compcov_level > 2 && env->eip < afl_end_code &&
+ env->eip >= afl_start_code)
+ afl_float_compcov_log_32(env->eip, s0, s1, &env->sse_status);
+
ret = float32_compare_quiet(s0, s1, &env->sse_status);
CC_SRC = comis_eflags[ret + 1];
}
@@ -1015,6 +1022,11 @@ void helper_comiss(CPUX86State *env, Reg *d, Reg *s)
s0 = d->ZMM_S(0);
s1 = s->ZMM_S(0);
+
+ if (afl_compcov_level > 2 && env->eip < afl_end_code &&
+ env->eip >= afl_start_code)
+ afl_float_compcov_log_32(env->eip, s0, s1, &env->sse_status);
+
ret = float32_compare(s0, s1, &env->sse_status);
CC_SRC = comis_eflags[ret + 1];
}
@@ -1026,6 +1038,11 @@ void helper_ucomisd(CPUX86State *env, Reg *d, Reg *s)
d0 = d->ZMM_D(0);
d1 = s->ZMM_D(0);
+
+ if (afl_compcov_level > 2 && env->eip < afl_end_code &&
+ env->eip >= afl_start_code)
+ afl_float_compcov_log_64(env->eip, d0, d1, &env->sse_status);
+
ret = float64_compare_quiet(d0, d1, &env->sse_status);
CC_SRC = comis_eflags[ret + 1];
}
@@ -1037,6 +1054,11 @@ void helper_comisd(CPUX86State *env, Reg *d, Reg *s)
d0 = d->ZMM_D(0);
d1 = s->ZMM_D(0);
+
+ if (afl_compcov_level > 2 && env->eip < afl_end_code &&
+ env->eip >= afl_start_code)
+ afl_float_compcov_log_64(env->eip, d0, d1, &env->sse_status);
+
ret = float64_compare(d0, d1, &env->sse_status);
CC_SRC = comis_eflags[ret + 1];
}
|
