Hi all, I have been trying to modify the execution flow in QEMU. Briefly, at certain points in my program, I have tried to reverse the direction of the branch i.e. if the branch was taken, I have forced the branch to not be taken or if the branch was not-taken, I have forced the branch to be taken.
I am trying to make this work so that eventually QEMU follows this modified path and ends up finishing the execution of the application. To make this work, I have disabled hardware interrupts as well and am using the -icount auto flags. After a while, I seem to get page-faults in the kernel code itself. I see that the page-fault handler executes the below function https://github.com/qemu/qemu/blob/67b9c5d4f37ea373ebf9aad251883886e34bf2e1/target/i386/seg_helper.c#L847 This directs to the async_page_fault handler in the kernel and eventually stops because page faults in the kernel are not expected. I wanted to disable the page faults so that the execution does not get stuck and eventually finish. Are there any mechanisms to disable the page faults without affecting the "modified" execution ? Regards, Arnab
