Commit 67d6abff605064317d1922745b2e99ffc57b4a77
1 parent
89dfe898
Fix off-by-one address checks in MIPS64 MMU, by Aurelien Jarno.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3718 c046a42c-6fe2-441c-8c8c-71466251a162
Showing
1 changed file
with
4 additions
and
4 deletions
target-mips/helper.c
| ... | ... | @@ -133,7 +133,7 @@ static int get_physical_address (CPUState *env, target_ulong *physical, |
| 133 | 133 | #if defined(TARGET_MIPS64) |
| 134 | 134 | } else if (address < 0x4000000000000000ULL) { |
| 135 | 135 | /* xuseg */ |
| 136 | - if (UX && address < (0x3FFFFFFFFFFFFFFFULL & env->SEGMask)) { | |
| 136 | + if (UX && address <= (0x3FFFFFFFFFFFFFFFULL & env->SEGMask)) { | |
| 137 | 137 | ret = env->tlb->map_address(env, physical, prot, address, rw, access_type); |
| 138 | 138 | } else { |
| 139 | 139 | ret = TLBRET_BADADDR; |
| ... | ... | @@ -141,7 +141,7 @@ static int get_physical_address (CPUState *env, target_ulong *physical, |
| 141 | 141 | } else if (address < 0x8000000000000000ULL) { |
| 142 | 142 | /* xsseg */ |
| 143 | 143 | if ((supervisor_mode || kernel_mode) && |
| 144 | - SX && address < (0x7FFFFFFFFFFFFFFFULL & env->SEGMask)) { | |
| 144 | + SX && address <= (0x7FFFFFFFFFFFFFFFULL & env->SEGMask)) { | |
| 145 | 145 | ret = env->tlb->map_address(env, physical, prot, address, rw, access_type); |
| 146 | 146 | } else { |
| 147 | 147 | ret = TLBRET_BADADDR; |
| ... | ... | @@ -150,7 +150,7 @@ static int get_physical_address (CPUState *env, target_ulong *physical, |
| 150 | 150 | /* xkphys */ |
| 151 | 151 | /* XXX: Assumes PABITS = 36 (correct for MIPS64R1) */ |
| 152 | 152 | if (kernel_mode && KX && |
| 153 | - (address & 0x07FFFFFFFFFFFFFFULL) < 0x0000000FFFFFFFFFULL) { | |
| 153 | + (address & 0x07FFFFFFFFFFFFFFULL) <= 0x0000000FFFFFFFFFULL) { | |
| 154 | 154 | *physical = address & 0x0000000FFFFFFFFFULL; |
| 155 | 155 | *prot = PAGE_READ | PAGE_WRITE; |
| 156 | 156 | } else { |
| ... | ... | @@ -159,7 +159,7 @@ static int get_physical_address (CPUState *env, target_ulong *physical, |
| 159 | 159 | } else if (address < 0xFFFFFFFF80000000ULL) { |
| 160 | 160 | /* xkseg */ |
| 161 | 161 | if (kernel_mode && KX && |
| 162 | - address < (0xFFFFFFFF7FFFFFFFULL & env->SEGMask)) { | |
| 162 | + address <= (0xFFFFFFFF7FFFFFFFULL & env->SEGMask)) { | |
| 163 | 163 | ret = env->tlb->map_address(env, physical, prot, address, rw, access_type); |
| 164 | 164 | } else { |
| 165 | 165 | ret = TLBRET_BADADDR; | ... | ... |