yizhi-js-lib/favicon-trap
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

A stronger test and handle addr_end = 0

Browse Source
This commit is contained in:
lazymio
2021-10-31 21:01:55 +01:00
parent 4bcf1c4a7c
commit 84abf1d3a4
4 changed files with 27 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
qemu/accel/tcg/translate-all.c
View File

@ -1753,7 +1753,8 @@ void tb_invalidate_phys_range(struct uc_struct *uc, ram_addr_t start, ram_addr_t
pages = page_collection_lock(uc, start, end);
for (next = (start & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE;
start < end;
//start < end; Unicorn: Fix possible wrap around
(intptr_t)(end - start) > 0;
start = next, next += TARGET_PAGE_SIZE) {
PageDesc *pd = page_find(uc, start >> TARGET_PAGE_BITS);
tb_page_addr_t bound = MIN(next, end);

23
qemu/softmmu/cpus.c
View File

@ -174,7 +174,7 @@ void cpu_stop_current(struct uc_struct *uc)
void resume_all_vcpus(struct uc_struct* uc)
{
CPUState *cpu = uc->cpu;
tb_page_addr_t addr;
tb_page_addr_t start, end;
cpu->halted = 0;
cpu->exit_request = 0;
cpu->exception_index = -1;
@ -190,15 +190,20 @@ void resume_all_vcpus(struct uc_struct* uc)
// clear the cache of the addr_end address, since the generated code
// at that address is to exit emulation, but not for the instruction there.
// if we dont do this, next time we cannot emulate at that address
if (uc->addr_end != 0) {
// GVA to GPA (GPA -> HVA via page_find, HVA->HPA via host mmu)
end = get_page_addr_code(uc->cpu->env_ptr, uc->addr_end);
// GVA to GPA (GPA -> HVA via page_find, HVA->HPA via host mmu)
addr = get_page_addr_code(uc->cpu->env_ptr, uc->addr_end);
// Unicorn: Why addr - 1?
// 0: INC ecx
// 1: DEC edx <--- We put exit here, then the range of TB is [0, 1)
//
// While tb_invalidate_phys_range invalides [start, end)
tb_invalidate_phys_range(uc, addr - 1, addr - 1 + 8);
// For 32bit target.
start = (end - 1) & (target_ulong)(-1);
end = end & (target_ulong)(-1);
// Unicorn: Why start - 1?
// 0: INC ecx
// 1: DEC edx <--- We put exit here, then the range of TB is [0, 1)
//
// While tb_invalidate_phys_range invalides [start, end)
tb_invalidate_phys_range(uc, start, end);
}
cpu->created = false;
}