yuzu/unicorn
1
0
Fork 0
mirror of https://github.com/yuzu-emu/unicorn.git synced 2025-06-01 03:10:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

memory: Use a uint64_t instead of target_ulong for representing the incremented address

Browse source 
Prevents an infinite loop case if mapping near the upper boundary of an
address space on 32-bit emulated targets. i.e. mapping at 0xFFFFF000
with a size of 4096 won't overflow back to zero.

While we're at it, also tidy up the unicorn-specific functions.
This commit is contained in:
Lioncash 2019-04-19 18:17:12 -04:00
parent 5968b3d96f
commit 7de690e87c
No known key found for this signature in database
GPG key ID: 4E3C3CC1031BA9C7
1 changed files with 10 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
qemu/memory.c
View file

@ -78,29 +78,27 @@ static void memory_region_update_container_subregions(MemoryRegion *subregion);
void memory_unmap(struct uc_struct *uc, MemoryRegion *mr) void memory_unmap(struct uc_struct *uc, MemoryRegion *mr)
{ {
int i;
target_ulong addr;
Object *obj;
// Make sure all pages associated with the MemoryRegion are flushed // Make sure all pages associated with the MemoryRegion are flushed
// Only need to do this if we are in a running state // Only need to do this if we are in a running state
if (uc->current_cpu) { if (uc->current_cpu) {
for (addr = mr->addr; addr < mr->end; addr += uc->target_page_size) { for (hwaddr addr = mr->addr; addr < mr->end; addr += uc->target_page_size) {
tlb_flush_page(uc->current_cpu, addr); tlb_flush_page(uc->current_cpu, (target_ulong)addr);
} }
} }
memory_region_del_subregion(get_system_memory(uc), mr); memory_region_del_subregion(get_system_memory(uc), mr);
for (i = 0; i < uc->mapped_block_count; i++) { for (size_t i = 0; i < uc->mapped_block_count; i++) {
if (uc->mapped_blocks[i] == mr) { if (uc->mapped_blocks[i] == mr) {
uc->mapped_block_count--; uc->mapped_block_count--;
//shift remainder of array down over deleted pointer //shift remainder of array down over deleted pointer
memmove(&uc->mapped_blocks[i], &uc->mapped_blocks[i + 1], sizeof(MemoryRegion*) * (uc->mapped_block_count - i)); memmove(&uc->mapped_blocks[i], &uc->mapped_blocks[i + 1], sizeof(MemoryRegion*) * (uc->mapped_block_count - i));
mr->destructor(mr); mr->destructor(mr);
mr->ram_block = NULL; mr->ram_block = NULL;
obj = OBJECT(mr);
Object *obj = OBJECT(mr);
obj->ref = 1; obj->ref = 1;
obj->free = g_free; obj->free = g_free;
g_free((char *)mr->name); g_free((char *)mr->name);
mr->name = NULL; mr->name = NULL;
object_property_del_child(mr->uc, qdev_get_machine(mr->uc), obj, &error_abort); object_property_del_child(mr->uc, qdev_get_machine(mr->uc), obj, &error_abort);
@ -111,17 +109,14 @@ void memory_unmap(struct uc_struct *uc, MemoryRegion *mr)
int memory_free(struct uc_struct *uc) int memory_free(struct uc_struct *uc)
{ {
MemoryRegion *mr; for (size_t i = 0; i < uc->mapped_block_count; i++) {
Object *obj; MemoryRegion *mr = uc->mapped_blocks[i];
int i;
for (i = 0; i < uc->mapped_block_count; i++) {
mr = uc->mapped_blocks[i];
mr->enabled = false; mr->enabled = false;
memory_region_del_subregion(get_system_memory(uc), mr); memory_region_del_subregion(get_system_memory(uc), mr);
mr->destructor(mr); mr->destructor(mr);
mr->ram_block = NULL; mr->ram_block = NULL;
obj = OBJECT(mr);
Object *obj = OBJECT(mr);
obj->ref = 1; obj->ref = 1;
obj->free = g_free; obj->free = g_free;
object_property_del_child(mr->uc, qdev_get_machine(mr->uc), obj, &error_abort); object_property_del_child(mr->uc, qdev_get_machine(mr->uc), obj, &error_abort);