Commit 67d6abff605064317d1922745b2e99ffc57b4a77
1 parent
89dfe898
Fix off-by-one address checks in MIPS64 MMU, by Aurelien Jarno.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3718 c046a42c-6fe2-441c-8c8c-71466251a162
Showing
1 changed file
with
4 additions
and
4 deletions
target-mips/helper.c
| @@ -133,7 +133,7 @@ static int get_physical_address (CPUState *env, target_ulong *physical, | @@ -133,7 +133,7 @@ static int get_physical_address (CPUState *env, target_ulong *physical, | ||
| 133 | #if defined(TARGET_MIPS64) | 133 | #if defined(TARGET_MIPS64) |
| 134 | } else if (address < 0x4000000000000000ULL) { | 134 | } else if (address < 0x4000000000000000ULL) { |
| 135 | /* xuseg */ | 135 | /* xuseg */ |
| 136 | - if (UX && address < (0x3FFFFFFFFFFFFFFFULL & env->SEGMask)) { | 136 | + if (UX && address <= (0x3FFFFFFFFFFFFFFFULL & env->SEGMask)) { |
| 137 | ret = env->tlb->map_address(env, physical, prot, address, rw, access_type); | 137 | ret = env->tlb->map_address(env, physical, prot, address, rw, access_type); |
| 138 | } else { | 138 | } else { |
| 139 | ret = TLBRET_BADADDR; | 139 | ret = TLBRET_BADADDR; |
| @@ -141,7 +141,7 @@ static int get_physical_address (CPUState *env, target_ulong *physical, | @@ -141,7 +141,7 @@ static int get_physical_address (CPUState *env, target_ulong *physical, | ||
| 141 | } else if (address < 0x8000000000000000ULL) { | 141 | } else if (address < 0x8000000000000000ULL) { |
| 142 | /* xsseg */ | 142 | /* xsseg */ |
| 143 | if ((supervisor_mode || kernel_mode) && | 143 | if ((supervisor_mode || kernel_mode) && |
| 144 | - SX && address < (0x7FFFFFFFFFFFFFFFULL & env->SEGMask)) { | 144 | + SX && address <= (0x7FFFFFFFFFFFFFFFULL & env->SEGMask)) { |
| 145 | ret = env->tlb->map_address(env, physical, prot, address, rw, access_type); | 145 | ret = env->tlb->map_address(env, physical, prot, address, rw, access_type); |
| 146 | } else { | 146 | } else { |
| 147 | ret = TLBRET_BADADDR; | 147 | ret = TLBRET_BADADDR; |
| @@ -150,7 +150,7 @@ static int get_physical_address (CPUState *env, target_ulong *physical, | @@ -150,7 +150,7 @@ static int get_physical_address (CPUState *env, target_ulong *physical, | ||
| 150 | /* xkphys */ | 150 | /* xkphys */ |
| 151 | /* XXX: Assumes PABITS = 36 (correct for MIPS64R1) */ | 151 | /* XXX: Assumes PABITS = 36 (correct for MIPS64R1) */ |
| 152 | if (kernel_mode && KX && | 152 | if (kernel_mode && KX && |
| 153 | - (address & 0x07FFFFFFFFFFFFFFULL) < 0x0000000FFFFFFFFFULL) { | 153 | + (address & 0x07FFFFFFFFFFFFFFULL) <= 0x0000000FFFFFFFFFULL) { |
| 154 | *physical = address & 0x0000000FFFFFFFFFULL; | 154 | *physical = address & 0x0000000FFFFFFFFFULL; |
| 155 | *prot = PAGE_READ | PAGE_WRITE; | 155 | *prot = PAGE_READ | PAGE_WRITE; |
| 156 | } else { | 156 | } else { |
| @@ -159,7 +159,7 @@ static int get_physical_address (CPUState *env, target_ulong *physical, | @@ -159,7 +159,7 @@ static int get_physical_address (CPUState *env, target_ulong *physical, | ||
| 159 | } else if (address < 0xFFFFFFFF80000000ULL) { | 159 | } else if (address < 0xFFFFFFFF80000000ULL) { |
| 160 | /* xkseg */ | 160 | /* xkseg */ |
| 161 | if (kernel_mode && KX && | 161 | if (kernel_mode && KX && |
| 162 | - address < (0xFFFFFFFF7FFFFFFFULL & env->SEGMask)) { | 162 | + address <= (0xFFFFFFFF7FFFFFFFULL & env->SEGMask)) { |
| 163 | ret = env->tlb->map_address(env, physical, prot, address, rw, access_type); | 163 | ret = env->tlb->map_address(env, physical, prot, address, rw, access_type); |
| 164 | } else { | 164 | } else { |
| 165 | ret = TLBRET_BADADDR; | 165 | ret = TLBRET_BADADDR; |