Switching from tracing syscalls to reading /proc/self/maps in #2 seems to have broken support for non-native binaries. The args to the syscalls we were tracing had addresses in terms of the guest's memory map which is what we want. For non-native binaries (e.g. arm32), these addresses don't correspond to the addresses in /proc/self/maps so arm32 doesn't work anymore.
Adding (or subtracting) QEMU's guest_base let's you go from guest to host addresses and seems to solve the issue. Implementing this fix requires two things
Find a way to get access to guest_base, probably by patching QEMU and modifying the plugin API. So far I've tested by adding extern uintptr_t guest_base to plugin.cpp but this probably isn't reliable.
Add guest_base where required in block_trans_handler and mark_indirect_branch. We should probably use newtypes instead of uint64_t for the different types of addresses to make things explicit and avoid breaking other use cases.
Switching from tracing syscalls to reading
/proc/self/mapsin #2 seems to have broken support for non-native binaries. The args to the syscalls we were tracing had addresses in terms of the guest's memory map which is what we want. For non-native binaries (e.g. arm32), these addresses don't correspond to the addresses in/proc/self/mapsso arm32 doesn't work anymore.Adding (or subtracting) QEMU's
guest_baselet's you go from guest to host addresses and seems to solve the issue. Implementing this fix requires two thingsguest_base, probably by patching QEMU and modifying the plugin API. So far I've tested by addingextern uintptr_t guest_basetoplugin.cppbut this probably isn't reliable.guest_basewhere required inblock_trans_handlerandmark_indirect_branch. We should probably use newtypes instead of uint64_t for the different types of addresses to make things explicit and avoid breaking other use cases.