From nobody Sat Apr 27 16:48:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1523377488235191.4806708807953; Tue, 10 Apr 2018 09:24:48 -0700 (PDT) Received: from localhost ([::1]:55183 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5w4d-0002qa-Eg for importer@patchew.org; Tue, 10 Apr 2018 12:24:47 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46180) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5vzs-0007Po-RP for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:54 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1f5vzp-0002z0-Ea for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:52 -0400 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:43703) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1f5vzp-0002yW-9l for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:49 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id B0065208B1; Tue, 10 Apr 2018 12:19:47 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Tue, 10 Apr 2018 12:19:47 -0400 Received: from localhost (flamenco.cs.columbia.edu [128.59.20.216]) by mail.messagingengine.com (Postfix) with ESMTPA id 758AEE4833; Tue, 10 Apr 2018 12:19:47 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=braap.org; h=cc :date:from:in-reply-to:message-id:references:subject:to :x-me-sender:x-me-sender:x-sasl-enc; s=mesmtp; bh=6TVaYVDnaVINIA RVFrFhaaWoM5bA3MmCdyeqM5QlhVw=; b=Ky4Dm6vR+jFEH0X0/lV0NQFQzLyKIl nSZdhrLfjkKigc3busnM8rm6ipZMbu3EKiEQbGg2fSvv4Nz+XP5+C8E6HFcTm9Fd 5+/5GwSYeQv+m+XNn5ssi1QFt2vY2HK9ldD1thBp6+OPZXFVs7dX0jsXMPmI5+T8 vCuUsLORtrTi4= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:date:from:in-reply-to:message-id :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=6TVaYVDnaVINIARVFrFhaaWoM5bA3MmCdyeqM5QlhVw=; b=KEurre/J 0TEZbmEoWZxIkxg4d9NQlP06Dwq3+PLcyh1b/oImPoFwkjtaXNTMda6RJAEXXibw qg1ZXLKcDiZGasUa5FJDOXuFTiGsAiUFCj/Cn9C/MtaNVBvi6xDcv+Uxo6I6urlj s3lgHshHsXXVuFW4ZLh3Lf8ttZVu+w9HNKgxWT6syX9BMfkVxb7UJjBaVFxU57JB iJMk6CHbh/pJr8P4v97aLdoCckFtA3h8pSnGXS+EgU86bJxvCOWJ5ujvp8S63EnA n3Q4uDblY5/LtKOkcJ09NOMAJrFKAF+7L2CsRNdN+1r4L/2ZxmU0p5bhxUfseTqE q3i/qwjGnowF1Q== X-ME-Sender: From: "Emilio G. Cota" To: qemu-devel@nongnu.org Date: Tue, 10 Apr 2018 12:19:37 -0400 Message-Id: <1523377186-32578-2-git-send-email-cota@braap.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1523377186-32578-1-git-send-email-cota@braap.org> References: <1523377186-32578-1-git-send-email-cota@braap.org> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.111.4.29 Subject: [Qemu-devel] [PATCH 01/10] target/riscv: avoid integer overflow in next_page PC check X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Bastian Koppelmann , Michael Clark , Richard Henderson , Sagar Karandikar , Palmer Dabbelt Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" If the PC is in the last page of the address space, next_page_start overflows to 0. Fix it. Reported-by: Richard Henderson Suggested-by: Richard Henderson Cc: Michael Clark Cc: Palmer Dabbelt Cc: Sagar Karandikar Cc: Bastian Koppelmann Signed-off-by: Emilio G. Cota Acked-by: Bastian Koppelmann Reviewed-by: Michael Clark Reviewed-by: Richard Henderson --- target/riscv/translate.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/target/riscv/translate.c b/target/riscv/translate.c index 808eab7..d2d2e5e 100644 --- a/target/riscv/translate.c +++ b/target/riscv/translate.c @@ -1849,11 +1849,11 @@ void gen_intermediate_code(CPUState *cs, Translatio= nBlock *tb) CPURISCVState *env =3D cs->env_ptr; DisasContext ctx; target_ulong pc_start; - target_ulong next_page_start; + target_ulong page_start; int num_insns; int max_insns; pc_start =3D tb->pc; - next_page_start =3D (pc_start & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE; + page_start =3D pc_start & TARGET_PAGE_MASK; ctx.pc =3D pc_start; =20 /* once we have GDB, the rest of the translate.c implementation should= be @@ -1903,7 +1903,7 @@ void gen_intermediate_code(CPUState *cs, TranslationB= lock *tb) if (cs->singlestep_enabled) { break; } - if (ctx.pc >=3D next_page_start) { + if (ctx.pc - page_start >=3D TARGET_PAGE_SIZE) { break; } if (tcg_op_buf_full()) { --=20 2.7.4 From nobody Sat Apr 27 16:48:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1523377487017554.0223066655199; Tue, 10 Apr 2018 09:24:47 -0700 (PDT) Received: from localhost ([::1]:55181 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5w4c-0002qV-1f for importer@patchew.org; Tue, 10 Apr 2018 12:24:46 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46194) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5vzs-0007Q2-UB for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:54 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1f5vzp-0002zE-IQ for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:52 -0400 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:41243) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1f5vzp-0002yZ-FE for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:49 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 0A60C20DA1; Tue, 10 Apr 2018 12:19:48 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Tue, 10 Apr 2018 12:19:48 -0400 Received: from localhost (flamenco.cs.columbia.edu [128.59.20.216]) by mail.messagingengine.com (Postfix) with ESMTPA id A03E91025A; Tue, 10 Apr 2018 12:19:47 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=braap.org; h=cc :date:from:in-reply-to:message-id:references:subject:to :x-me-sender:x-me-sender:x-sasl-enc; s=mesmtp; bh=g7h/LdAy8/Zvpn E2/JDQjRAjW6RnFoW3vT88JPTU5w0=; b=W4T02bE1TVW4ox6Cr2WFLjGvHK9IAQ V+TenaijHae1rXnLdIZmlcpvdDSbxP9MdbBmYMBbx9Sf/+qkc0HsZC7s1jhBhOZz Cju3lbHNMb+USiIwLt4Hc+sDnaHdf/BEwAVPMHjhMBIScYqIKNJBz3L1mo/iBauj uFFQ7cqcy7avg= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:date:from:in-reply-to:message-id :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=g7h/LdAy8/ZvpnE2/JDQjRAjW6RnFoW3vT88JPTU5w0=; b=Rz+Pi/zv CxNWIUs1Gg6j3uQDViyVf5T/NfpyHqLnuC6GICpgrT5Pe7B3arcsZ8kTo1T5k+s8 NZhkyoQhTbRm/ThYxUKXysct0eUuKTaWPSnOqmeVmh8RhFYY8vH9Hn/zsMNZL5Qj rFCzCynm4rvFMWGvwyGvp80rQ1k4w8/Ew69Dr469sNq/KWUIVW2SbN+cRbU0u6/j p9MY0SGjt9HAVCR9FN1WzOnoJMPP9WEMwLqN3bps5B0TN+Ec81FfZIee7h5Mi2Sz Y6IVwAmpMLB34gCZZykWEPjWXSVagf4q0QodmNSHIHqKCAVa8lIx1TIYqPCcpkrz w+kLG8oC2j5hRg== X-ME-Sender: From: "Emilio G. Cota" To: qemu-devel@nongnu.org Date: Tue, 10 Apr 2018 12:19:38 -0400 Message-Id: <1523377186-32578-3-git-send-email-cota@braap.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1523377186-32578-1-git-send-email-cota@braap.org> References: <1523377186-32578-1-git-send-email-cota@braap.org> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.111.4.29 Subject: [Qemu-devel] [PATCH 02/10] target/cris: avoid integer overflow in next_page PC check X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "Edgar E. Iglesias" , Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" If the PC is in the last page of the address space, next_page_start overflows to 0. Fix it. Cc: "Edgar E. Iglesias" Signed-off-by: Emilio G. Cota Reviewed-by: Richard Henderson --- target/cris/translate.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/target/cris/translate.c b/target/cris/translate.c index f51a731..64b9ec6 100644 --- a/target/cris/translate.c +++ b/target/cris/translate.c @@ -3091,7 +3091,7 @@ void gen_intermediate_code(CPUState *cs, struct Trans= lationBlock *tb) unsigned int insn_len; struct DisasContext ctx; struct DisasContext *dc =3D &ctx; - uint32_t next_page_start; + uint32_t page_start; target_ulong npc; int num_insns; int max_insns; @@ -3138,7 +3138,7 @@ void gen_intermediate_code(CPUState *cs, struct Trans= lationBlock *tb) =20 dc->cpustate_changed =3D 0; =20 - next_page_start =3D (pc_start & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE; + page_start =3D pc_start & TARGET_PAGE_MASK; num_insns =3D 0; max_insns =3D tb_cflags(tb) & CF_COUNT_MASK; if (max_insns =3D=3D 0) { @@ -3234,7 +3234,7 @@ void gen_intermediate_code(CPUState *cs, struct Trans= lationBlock *tb) } while (!dc->is_jmp && !dc->cpustate_changed && !tcg_op_buf_full() && !singlestep - && (dc->pc < next_page_start) + && (dc->pc - page_start < TARGET_PAGE_SIZE) && num_insns < max_insns); =20 if (dc->clear_locked_irq) { --=20 2.7.4 From nobody Sat Apr 27 16:48:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1523377333418778.3523703131383; Tue, 10 Apr 2018 09:22:13 -0700 (PDT) Received: from localhost ([::1]:55130 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5w20-0000Op-RP for importer@patchew.org; Tue, 10 Apr 2018 12:22:04 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46183) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5vzs-0007Pt-Rz for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:54 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1f5vzp-0002zq-Su for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:52 -0400 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:47281) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1f5vzp-0002yb-O1 for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:49 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 4BA0020E56; Tue, 10 Apr 2018 12:19:48 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Tue, 10 Apr 2018 12:19:48 -0400 Received: from localhost (flamenco.cs.columbia.edu [128.59.20.216]) by mail.messagingengine.com (Postfix) with ESMTPA id 01A99E4833; Tue, 10 Apr 2018 12:19:48 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=braap.org; h=cc :date:from:in-reply-to:message-id:references:subject:to :x-me-sender:x-me-sender:x-sasl-enc; s=mesmtp; bh=7Ml/vpUtG2nz8Z PAVxezgANt3gacuMH5UfOeQaKYc+o=; b=ukaXWd3aGi3GROCTIhuyL9fdh93kZK 3a4RzHC9aH01GyW6MYjsvdazQJ5rik8lKQNfmmosUl3+vl0EG9DhNMZhdvjTdb6t KDiNBkKHg4GG1YZi4JPyzQBxQGjAkG/BgPyWMBDuyVkbKi7ss+QDHhuExrrUrNH4 IZBx1u+NE3+nI= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:date:from:in-reply-to:message-id :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=7Ml/vpUtG2nz8ZPAVxezgANt3gacuMH5UfOeQaKYc+o=; b=MIo3OBc2 Fp6Zog2e2cWVFni6qXFxx7Xwr6Fon9krPjRplsfnlg7zQuJDPYcOi1C4eKkcNBQB s/IU/g1+/su2ZrgGItFIjgS2MJO+4YoFtqb2Q/XQ7e8QBalYxfN39+vZ8d8E07Cl SR2+ICJySTzKDLmU0jFrQW5KQzhHc95o0cMUQekn/sxcP5/t/02pguF448S5KFO0 awBWw5Vox7BRYhpCgXBurt6boL+Ud5yHPMJsPUZMYD/XSW9gHzFCLROQ6XrXQrhT eOrmUPNvPFoQFNhLuej+K5LEm8/A6MwZyGAL1cqfefeYJYrGSJg7F0shQY934Tfq p7IfkFMjawQreQ== X-ME-Sender: From: "Emilio G. Cota" To: qemu-devel@nongnu.org Date: Tue, 10 Apr 2018 12:19:39 -0400 Message-Id: <1523377186-32578-4-git-send-email-cota@braap.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1523377186-32578-1-git-send-email-cota@braap.org> References: <1523377186-32578-1-git-send-email-cota@braap.org> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.111.4.29 Subject: [Qemu-devel] [PATCH 03/10] target/lm32: avoid integer overflow in next_page PC check X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael Walle , Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" If the PC is in the last page of the address space, next_page_start overflows to 0. Fix it. Cc: Michael Walle Signed-off-by: Emilio G. Cota Acked-by: Michael Walle Reviewed-by: Richard Henderson --- target/lm32/translate.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/target/lm32/translate.c b/target/lm32/translate.c index 2e1c5e6..fdd206a 100644 --- a/target/lm32/translate.c +++ b/target/lm32/translate.c @@ -1055,7 +1055,7 @@ void gen_intermediate_code(CPUState *cs, struct Trans= lationBlock *tb) LM32CPU *cpu =3D lm32_env_get_cpu(env); struct DisasContext ctx, *dc =3D &ctx; uint32_t pc_start; - uint32_t next_page_start; + uint32_t page_start; int num_insns; int max_insns; =20 @@ -1075,7 +1075,7 @@ void gen_intermediate_code(CPUState *cs, struct Trans= lationBlock *tb) pc_start &=3D ~3; } =20 - next_page_start =3D (pc_start & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE; + page_start =3D pc_start & TARGET_PAGE_MASK; num_insns =3D 0; max_insns =3D tb_cflags(tb) & CF_COUNT_MASK; if (max_insns =3D=3D 0) { @@ -1115,7 +1115,7 @@ void gen_intermediate_code(CPUState *cs, struct Trans= lationBlock *tb) && !tcg_op_buf_full() && !cs->singlestep_enabled && !singlestep - && (dc->pc < next_page_start) + && (dc->pc - page_start < TARGET_PAGE_SIZE) && num_insns < max_insns); =20 if (tb_cflags(tb) & CF_LAST_IO) { --=20 2.7.4 From nobody Sat Apr 27 16:48:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1523377326432866.520993458604; Tue, 10 Apr 2018 09:22:06 -0700 (PDT) Received: from localhost ([::1]:55129 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5w21-0000On-In for importer@patchew.org; Tue, 10 Apr 2018 12:22:05 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46188) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5vzs-0007Py-Tb for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:54 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1f5vzq-000307-1x for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:52 -0400 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:44229) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1f5vzp-0002yh-Tr for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:49 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 7C90C20D6B; Tue, 10 Apr 2018 12:19:48 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Tue, 10 Apr 2018 12:19:48 -0400 Received: from localhost (flamenco.cs.columbia.edu [128.59.20.216]) by mail.messagingengine.com (Postfix) with ESMTPA id 38A251025E; Tue, 10 Apr 2018 12:19:48 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=braap.org; h=cc :date:from:in-reply-to:message-id:references:subject:to :x-me-sender:x-me-sender:x-sasl-enc; s=mesmtp; bh=EAGsXOSmV4nfAs JCUr7d6BC6FGN2U7dWKlD56PmwpHA=; b=fyMxRWM9+DdT/wf387rHaHVBYweG6l Lr5zZ/gkqkinVWMynYho3M0JXYmL/zqc1to1mewxf5v5KIBc+0gc7zrxdlpanAR1 VlnjbvWmqwkWeCm56MJ94URLHaVjgU7BjeS/YV6YHp/t7hkUmEzFB1Dc3tFM9uJr 7gca2zuN2kREc= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:date:from:in-reply-to:message-id :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=EAGsXOSmV4nfAsJCUr7d6BC6FGN2U7dWKlD56PmwpHA=; b=gaS1uyxq ibQr3YI3czQU0XbRm88fWykiLNwhqY/dnsHLmnZAXmCQEIZA3/K8UzT/ZELcnJ0A +rE06mFpoqxDF/Inh0KLnoY+LeVV11TfCPt3tC+ob9Ptk36imR6BmRrR9jvCfTaQ 3QdO1erCBhWi/HFGr+rIRXjnql4xt5f0XvbX3qLt0IdwxKheOhmoDqsAtNZ6m4ga PGYrYlhKxzzQSuuUSZiBiysDMElfZlcHuziObdGdlazyooTjKYXju/f48vDF3DVk LFJkybvmYX2tl2t1oVguNhSwIhSnMgSVC29u1GtqIQR/jehm81lH0qDYKa9G3m9n RB/kceK/RU8Bsw== X-ME-Sender: From: "Emilio G. Cota" To: qemu-devel@nongnu.org Date: Tue, 10 Apr 2018 12:19:40 -0400 Message-Id: <1523377186-32578-5-git-send-email-cota@braap.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1523377186-32578-1-git-send-email-cota@braap.org> References: <1523377186-32578-1-git-send-email-cota@braap.org> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.111.4.29 Subject: [Qemu-devel] [PATCH 04/10] target/xtensa: avoid integer overflow in next_page PC check X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Max Filippov , Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" If the PC is in the last page of the address space, next_page_start overflows to 0. Fix it. Cc: Max Filippov Signed-off-by: Emilio G. Cota Acked-by: Max Filippov Reviewed-by: Richard Henderson --- target/xtensa/translate.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/target/xtensa/translate.c b/target/xtensa/translate.c index 4f6d030..aad4963 100644 --- a/target/xtensa/translate.c +++ b/target/xtensa/translate.c @@ -1061,8 +1061,7 @@ void gen_intermediate_code(CPUState *cs, TranslationB= lock *tb) int insn_count =3D 0; int max_insns =3D tb_cflags(tb) & CF_COUNT_MASK; uint32_t pc_start =3D tb->pc; - uint32_t next_page_start =3D - (pc_start & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE; + uint32_t page_start =3D pc_start & TARGET_PAGE_MASK; =20 if (max_insns =3D=3D 0) { max_insns =3D CF_COUNT_MASK; @@ -1162,9 +1161,9 @@ void gen_intermediate_code(CPUState *cs, TranslationB= lock *tb) } } while (dc.is_jmp =3D=3D DISAS_NEXT && insn_count < max_insns && - dc.pc < next_page_start && - dc.pc + xtensa_insn_len(env, &dc) <=3D next_page_start && - !tcg_op_buf_full()); + dc.pc - page_start < TARGET_PAGE_SIZE && + dc.pc - page_start + xtensa_insn_len(env, &dc) <=3D TARGET_PAG= E_SIZE + && !tcg_op_buf_full()); done: reset_sar_tracker(&dc); if (dc.icount) { --=20 2.7.4 From nobody Sat Apr 27 16:48:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1523377639047642.6507898096811; Tue, 10 Apr 2018 09:27:19 -0700 (PDT) Received: from localhost ([::1]:55235 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5w74-0004uk-7A for importer@patchew.org; Tue, 10 Apr 2018 12:27:18 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46184) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5vzs-0007Pu-S7 for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:54 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1f5vzp-0002zT-Ok for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:52 -0400 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:41011) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1f5vzp-0002yx-Kp for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:49 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id B2E7920E9C; Tue, 10 Apr 2018 12:19:48 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Tue, 10 Apr 2018 12:19:48 -0400 Received: from localhost (flamenco.cs.columbia.edu [128.59.20.216]) by mail.messagingengine.com (Postfix) with ESMTPA id 6D5DCE4472; Tue, 10 Apr 2018 12:19:48 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=braap.org; h=cc :date:from:in-reply-to:message-id:references:subject:to :x-me-sender:x-me-sender:x-sasl-enc; s=mesmtp; bh=1kS8sVxTH4c5JA 3UxoJzB6eUXkvbzkgtDJPK57yGlss=; b=MXPSd5EnWqghaPR/X19cp9/hfj8Pi/ EwFXJiczdkpj0Dr7Dqk3SDnn4lFCycoFj5k5kwLcd1uiNSofKoKgXAZD11sjhw9J 2QRJ/DsIB/Y8CbfPbVQ+1xGrSAQzVt7EcwVIJKkL+xy9VI38YQ8MK1gYxEie2PYz Jj74xZptgsqYM= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:date:from:in-reply-to:message-id :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=1kS8sVxTH4c5JA3UxoJzB6eUXkvbzkgtDJPK57yGlss=; b=GGj2tlLY lDOnM8/P1lXzZWNvDXpouwWc1KUZjF/M9NuYIo2XmtdKIWJUUkmEnt3Hi0/Ziuts LPPwpB3Z81qgZ0ELJOcnaqt2rO202ztS0/CrYHQDCQlR+3woowYY88FbIAAhrldl AHOsN/8oearlogVVkwDIpSOYRYKfC4IwRv2p2PfOV0HyBhgGcQVdoBZQkdCt7PlG mGQr2msXAfQPwEWMEbO4pWrdT7u+u+W1TCGX7UGR8OYnSSc0oB5phj337UXxafBA veMurVRLVbPD0mIhble+jW3uHAvaPgKJRlulv5tyS5jbb08LLzjSD3EgfkW351ZM vnoU4xBJOWVxnw== X-ME-Sender: From: "Emilio G. Cota" To: qemu-devel@nongnu.org Date: Tue, 10 Apr 2018 12:19:41 -0400 Message-Id: <1523377186-32578-6-git-send-email-cota@braap.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1523377186-32578-1-git-send-email-cota@braap.org> References: <1523377186-32578-1-git-send-email-cota@braap.org> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.111.4.29 Subject: [Qemu-devel] [PATCH 05/10] target/unicore32: avoid integer overflow in next_page PC check X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Guan Xuetao , Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" If the PC is in the last page of the address space, next_page_start overflows to 0. Fix it. Cc: Guan Xuetao Signed-off-by: Emilio G. Cota Reviewed-by: Richard Henderson --- target/unicore32/translate.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/target/unicore32/translate.c b/target/unicore32/translate.c index 5b51f21..abe2ea8 100644 --- a/target/unicore32/translate.c +++ b/target/unicore32/translate.c @@ -1875,7 +1875,7 @@ void gen_intermediate_code(CPUState *cs, TranslationB= lock *tb) CPUUniCore32State *env =3D cs->env_ptr; DisasContext dc1, *dc =3D &dc1; target_ulong pc_start; - uint32_t next_page_start; + uint32_t page_start; int num_insns; int max_insns; =20 @@ -1894,7 +1894,7 @@ void gen_intermediate_code(CPUState *cs, TranslationB= lock *tb) cpu_F1s =3D tcg_temp_new_i32(); cpu_F0d =3D tcg_temp_new_i64(); cpu_F1d =3D tcg_temp_new_i64(); - next_page_start =3D (pc_start & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE; + page_start =3D pc_start & TARGET_PAGE_MASK; num_insns =3D 0; max_insns =3D tb_cflags(tb) & CF_COUNT_MASK; if (max_insns =3D=3D 0) { @@ -1951,7 +1951,7 @@ void gen_intermediate_code(CPUState *cs, TranslationB= lock *tb) } while (!dc->is_jmp && !tcg_op_buf_full() && !cs->singlestep_enabled && !singlestep && - dc->pc < next_page_start && + dc->pc - page_start < TARGET_PAGE_SIZE && num_insns < max_insns); =20 if (tb_cflags(tb) & CF_LAST_IO) { --=20 2.7.4 From nobody Sat Apr 27 16:48:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1523377332314105.50894566888223; Tue, 10 Apr 2018 09:22:12 -0700 (PDT) Received: from localhost ([::1]:55131 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5w27-0000UH-Fp for importer@patchew.org; Tue, 10 Apr 2018 12:22:11 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46186) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5vzs-0007Pw-Se for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:54 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1f5vzp-0002ze-Po for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:52 -0400 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:50607) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1f5vzp-0002yw-Lh for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:49 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id E4A3020F2C; Tue, 10 Apr 2018 12:19:48 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Tue, 10 Apr 2018 12:19:48 -0400 Received: from localhost (flamenco.cs.columbia.edu [128.59.20.216]) by mail.messagingengine.com (Postfix) with ESMTPA id 9C38E1025E; Tue, 10 Apr 2018 12:19:48 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=braap.org; h=cc :date:from:in-reply-to:message-id:references:subject:to :x-me-sender:x-me-sender:x-sasl-enc; s=mesmtp; bh=z55d2/oxwr1EOf UK+PPkwg0SmIqngGCwpyicjO2n6kw=; b=R4HoRNg4jPJWrVXS7CwzNe3rlLOlrM xGwh/eay0ykkvxaWCQlyXj1vB5Vur2yGMANpOYanSlU8+y67kjKCiy8BAVJB28mp odrXscQreF3uiOqSGLTTsBtf3eZHNbFTcuNurkIeyI6spVRPTlw/65th3LebMyG6 qRw26GekgJdG8= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:date:from:in-reply-to:message-id :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=z55d2/oxwr1EOfUK+PPkwg0SmIqngGCwpyicjO2n6kw=; b=YxG+E6o3 pEvykb4lgKbee+Z6GC4KZRpvzKqCvbtIqn1iwMu8tKa8wQnGUukZ9aFDxYt881TS xSaqkTzVgb5xcFMkU1LXRUrCgVMhHfHQitFlA8SpqKbr2wI/UutAwX++Q8Kxck3W r5n1s4bM5m2IpJFqmdRxa1KH/x1gYjuYKmm6rudsIEcwYFSE9mXWyFxverm5HTSV VdVz7nCpZzHGtMsjnN4SdAaYxbBPy/QuxcMjIUViS90/m6FqWXrffXqJezWsOwMs fPLUWDf88Tcz0b30wupiBGlM2PZkOhX1L1wiET90bM97w5XQdLeKJA3+1zLQnzh5 WhQBo3nOzQ2wHA== X-ME-Sender: From: "Emilio G. Cota" To: qemu-devel@nongnu.org Date: Tue, 10 Apr 2018 12:19:42 -0400 Message-Id: <1523377186-32578-7-git-send-email-cota@braap.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1523377186-32578-1-git-send-email-cota@braap.org> References: <1523377186-32578-1-git-send-email-cota@braap.org> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.111.4.29 Subject: [Qemu-devel] [PATCH 06/10] target/tilegx: avoid integer overflow in next_page PC check X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" If the PC is in the last page of the address space, next_page_start overflows to 0. Fix it. Signed-off-by: Emilio G. Cota Reviewed-by: Richard Henderson --- target/tilegx/translate.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/target/tilegx/translate.c b/target/tilegx/translate.c index d63bf5b..6c53c5e 100644 --- a/target/tilegx/translate.c +++ b/target/tilegx/translate.c @@ -2375,7 +2375,7 @@ void gen_intermediate_code(CPUState *cs, struct Trans= lationBlock *tb) DisasContext ctx; DisasContext *dc =3D &ctx; uint64_t pc_start =3D tb->pc; - uint64_t next_page_start =3D (pc_start & TARGET_PAGE_MASK) + TARGET_PA= GE_SIZE; + uint64_t page_start =3D pc_start & TARGET_PAGE_MASK; int num_insns =3D 0; int max_insns =3D tb_cflags(tb) & CF_COUNT_MASK; =20 @@ -2415,7 +2415,7 @@ void gen_intermediate_code(CPUState *cs, struct Trans= lationBlock *tb) } dc->pc +=3D TILEGX_BUNDLE_SIZE_IN_BYTES; if (num_insns >=3D max_insns - || dc->pc >=3D next_page_start + || (dc->pc - page_start >=3D TARGET_PAGE_SIZE) || tcg_op_buf_full()) { /* Ending the TB due to TB size or page boundary. Set PC. */ tcg_gen_movi_tl(cpu_pc, dc->pc); --=20 2.7.4 From nobody Sat Apr 27 16:48:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1523377643325183.61490743636966; Tue, 10 Apr 2018 09:27:23 -0700 (PDT) Received: from localhost ([::1]:55236 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5w74-0004w3-Fz for importer@patchew.org; Tue, 10 Apr 2018 12:27:18 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46193) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5vzs-0007Q1-Tc for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:54 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1f5vzp-0002zZ-PV for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:52 -0400 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:43043) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1f5vzp-0002z5-Lg for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:49 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 24ED420E24; Tue, 10 Apr 2018 12:19:49 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Tue, 10 Apr 2018 12:19:49 -0400 Received: from localhost (flamenco.cs.columbia.edu [128.59.20.216]) by mail.messagingengine.com (Postfix) with ESMTPA id D4F8FE4394; Tue, 10 Apr 2018 12:19:48 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=braap.org; h=cc :date:from:in-reply-to:message-id:references:subject:to :x-me-sender:x-me-sender:x-sasl-enc; s=mesmtp; bh=n+5tfJ+4z017gC guogLKIyRIajRDRn1bQR8e+G9GHj4=; b=o+FfnOjftgCdLnTWANj5hpkYiC1NjU TZkJnkTa+7ca3EN1gERJhkiyB8CHuAGatvFhw0P+IzhsEf3jhzTonJ7wyACOgoyj Rb/IPiTORgUkhKJ6kHLWlYpoCQJTir7I2MwceHeqQou+gJdxzaiCoLuxXuNSjtRa UCYqsOqa1nYSw= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:date:from:in-reply-to:message-id :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=n+5tfJ+4z017gCguogLKIyRIajRDRn1bQR8e+G9GHj4=; b=A3bmAxCg gqWC9EEkGFLhaV8PTsxewHumI9bs7Vh/w7ehmiuv+7SgXPNRzDu5AQdIY/nipYnJ d0FnLfAsTqevtd05YsyDOmgpQLN7OA/blzrJLcRLfWjT4LpTrgPwDVInsQcOgCDR Xb8H6JMc4AIZAcZZEkFziiwsPoMWlkr09ADwPdKIN+apM2YBysFU9jOruaIsN4QF q8RhkIhs13KTJjWs/1z33aKocaMCYd8A9EJ1Vu93nn4lvQY+beSB+qfAfasJlHaK CzllsZoVhuFPMVG8w6R3QzFikYVwTeZZhtXvnnrEvkF6MCCj4WYJR0tgNL/e9thV coBg36c++mv/cQ== X-ME-Sender: From: "Emilio G. Cota" To: qemu-devel@nongnu.org Date: Tue, 10 Apr 2018 12:19:43 -0400 Message-Id: <1523377186-32578-8-git-send-email-cota@braap.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1523377186-32578-1-git-send-email-cota@braap.org> References: <1523377186-32578-1-git-send-email-cota@braap.org> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.111.4.29 Subject: [Qemu-devel] [PATCH 07/10] target/microblaze: avoid integer overflow in next_page PC check X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "Edgar E. Iglesias" , Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" If the PC is in the last page of the address space, next_page_start overflows to 0. Fix it. Cc: "Edgar E. Iglesias" Signed-off-by: Emilio G. Cota Reviewed-by: Richard Henderson --- target/microblaze/translate.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/target/microblaze/translate.c b/target/microblaze/translate.c index 7628b0e..401dbe6 100644 --- a/target/microblaze/translate.c +++ b/target/microblaze/translate.c @@ -1637,7 +1637,7 @@ void gen_intermediate_code(CPUState *cs, struct Trans= lationBlock *tb) uint32_t pc_start; struct DisasContext ctx; struct DisasContext *dc =3D &ctx; - uint32_t next_page_start, org_flags; + uint32_t page_start, org_flags; target_ulong npc; int num_insns; int max_insns; @@ -1663,7 +1663,7 @@ void gen_intermediate_code(CPUState *cs, struct Trans= lationBlock *tb) cpu_abort(cs, "Microblaze: unaligned PC=3D%x\n", pc_start); } =20 - next_page_start =3D (pc_start & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE; + page_start =3D pc_start & TARGET_PAGE_MASK; num_insns =3D 0; max_insns =3D tb_cflags(tb) & CF_COUNT_MASK; if (max_insns =3D=3D 0) { @@ -1749,7 +1749,7 @@ void gen_intermediate_code(CPUState *cs, struct Trans= lationBlock *tb) } while (!dc->is_jmp && !dc->cpustate_changed && !tcg_op_buf_full() && !singlestep - && (dc->pc < next_page_start) + && (dc->pc - page_start < TARGET_PAGE_SIZE) && num_insns < max_insns); =20 npc =3D dc->pc; --=20 2.7.4 From nobody Sat Apr 27 16:48:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1523377705426110.40937297783955; Tue, 10 Apr 2018 09:28:25 -0700 (PDT) Received: from localhost ([::1]:55256 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5w88-0005q8-G9 for importer@patchew.org; Tue, 10 Apr 2018 12:28:24 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46190) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5vzs-0007Pz-TJ for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:54 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1f5vzp-0002zj-R6 for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:52 -0400 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:51741) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1f5vzp-0002zA-M5 for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:49 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 67D6620F67; Tue, 10 Apr 2018 12:19:49 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Tue, 10 Apr 2018 12:19:49 -0400 Received: from localhost (flamenco.cs.columbia.edu [128.59.20.216]) by mail.messagingengine.com (Postfix) with ESMTPA id 13F5E1025E; Tue, 10 Apr 2018 12:19:49 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=braap.org; h=cc :date:from:in-reply-to:message-id:references:subject:to :x-me-sender:x-me-sender:x-sasl-enc; s=mesmtp; bh=pR29p4TUiK3sa4 dp2LyW2CpD3qS0ZeFqUNSBHgC+jZw=; b=iqsYcJoi7tRn2r1xDPn0b04PeUvSoM epRKF+IvQbHWy/eH3jhAnsLd1zkFt7f16tFzMzCtxU7RmqMOU48lCoEErvYht+MH W7ryp3wLrxb29CBlvc6O7udCaahZV4ay+X7oktd+CSmXsVmyyiCW4LJVvwp15rHu vfsBaDNCwSGpM= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:date:from:in-reply-to:message-id :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=pR29p4TUiK3sa4dp2LyW2CpD3qS0ZeFqUNSBHgC+jZw=; b=TqMaEwMU 6Jdc2Z1am6CypZntBSDAmUhsFDJtO5UFN+OJrNL7GlIgrsndx77tg8XPNHgqnK3u vXCs1p7Euh1dbtgM103qWGcY3uTaQWp4Qen54RnVJTi6jGLohXcujhqknmAohgsk OS8vrQ6f/oAXkhrGoCwhlEjZls2E2//3lUv85nSuniwS8ZZ/MU/gAkw8nOlHYJ91 Iz3oz2M5TMQXp6bNKxOudy8/zRbjU15PJdck2X8kIzJ/wy1nfekdmWRjWba/O66E hhMneKokpG2Xelh/r1LLzM0VLsNquII+XyvKKpkknvgy14fHxAd0ID2wOUzsWrx9 B8WZGa4GHHMSEg== X-ME-Sender: From: "Emilio G. Cota" To: qemu-devel@nongnu.org Date: Tue, 10 Apr 2018 12:19:44 -0400 Message-Id: <1523377186-32578-9-git-send-email-cota@braap.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1523377186-32578-1-git-send-email-cota@braap.org> References: <1523377186-32578-1-git-send-email-cota@braap.org> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.111.4.29 Subject: [Qemu-devel] [PATCH 08/10] target/arm: avoid integer overflow in next_page PC check X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" If the PC is in the last page of the address space, next_page_start overflows to 0. Fix it. Cc: Peter Maydell Signed-off-by: Emilio G. Cota Reviewed-by: Richard Henderson --- target/arm/translate.h | 2 +- target/arm/translate.c | 11 +++++------ 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/target/arm/translate.h b/target/arm/translate.h index c47febf..2287894 100644 --- a/target/arm/translate.h +++ b/target/arm/translate.h @@ -9,7 +9,7 @@ typedef struct DisasContext { DisasContextBase base; =20 target_ulong pc; - target_ulong next_page_start; + target_ulong page_start; uint32_t insn; /* Nonzero if this instruction has been conditionally skipped. */ int condjmp; diff --git a/target/arm/translate.c b/target/arm/translate.c index fc03b5b..ade8d2d 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -9913,7 +9913,7 @@ static bool thumb_insn_is_16bit(DisasContext *s, uint= 32_t insn) return false; } =20 - if ((insn >> 11) =3D=3D 0x1e && (s->pc < s->next_page_start - 3)) { + if ((insn >> 11) =3D=3D 0x1e && s->pc - s->page_start < TARGET_PAGE_SI= ZE - 3) { /* 0b1111_0xxx_xxxx_xxxx : BL/BLX prefix, and the suffix * is not on the next page; we merge this into a 32-bit * insn. @@ -12269,8 +12269,7 @@ static int arm_tr_init_disas_context(DisasContextBa= se *dcbase, dc->is_ldex =3D false; dc->ss_same_el =3D false; /* Can't be true since EL_d must be AArch64 = */ =20 - dc->next_page_start =3D - (dc->base.pc_first & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE; + dc->page_start =3D dc->base.pc_first & TARGET_PAGE_MASK; =20 /* If architectural single step active, limit to 1. */ if (is_singlestepping(dc)) { @@ -12280,7 +12279,7 @@ static int arm_tr_init_disas_context(DisasContextBa= se *dcbase, /* ARM is a fixed-length ISA. Bound the number of insns to execute to those left on the page. */ if (!dc->thumb) { - int bound =3D (dc->next_page_start - dc->base.pc_first) / 4; + int bound =3D -(dc->base.pc_first | TARGET_PAGE_MASK) / 4; max_insns =3D MIN(max_insns, bound); } =20 @@ -12552,8 +12551,8 @@ static void thumb_tr_translate_insn(DisasContextBas= e *dcbase, CPUState *cpu) * but isn't very efficient). */ if (dc->base.is_jmp =3D=3D DISAS_NEXT - && (dc->pc >=3D dc->next_page_start - || (dc->pc >=3D dc->next_page_start - 3 + && (dc->pc - dc->page_start >=3D TARGET_PAGE_SIZE + || (dc->pc - dc->page_start >=3D TARGET_PAGE_SIZE - 3 && insn_crosses_page(env, dc)))) { dc->base.is_jmp =3D DISAS_TOO_MANY; } --=20 2.7.4 From nobody Sat Apr 27 16:48:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1523377558203536.3480702058148; Tue, 10 Apr 2018 09:25:58 -0700 (PDT) Received: from localhost ([::1]:55208 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5w5l-0003mr-96 for importer@patchew.org; Tue, 10 Apr 2018 12:25:57 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46185) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5vzs-0007Pv-SJ for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:54 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1f5vzq-000302-0w for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:52 -0400 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:59271) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1f5vzp-0002zM-Sn; Tue, 10 Apr 2018 12:19:49 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 8C9C520DA1; Tue, 10 Apr 2018 12:19:49 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Tue, 10 Apr 2018 12:19:49 -0400 Received: from localhost (flamenco.cs.columbia.edu [128.59.20.216]) by mail.messagingengine.com (Postfix) with ESMTPA id 489C2E4472; Tue, 10 Apr 2018 12:19:49 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=braap.org; h=cc :date:from:in-reply-to:message-id:references:subject:to :x-me-sender:x-me-sender:x-sasl-enc; s=mesmtp; bh=QyPj3Q9V2BqNnE 85CVcCpn57ztJ7/61qMBV/RmNT/OM=; b=kHE9AMm3p+1vJs/CXzwzLmsifRECry mdRUtLUMKIlYDr+/kDhJxnZX+7IsFLO6ZPMUTqALD8sSvd16uDENP53HCByGZFDc NjSWQ9q8h+9fjy533qEkStaOIi1odDTTHoD+TIX9RccvF/8+5n4NDI2sOaccAWEd 9gFvGxupYbLEA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:date:from:in-reply-to:message-id :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=QyPj3Q9V2BqNnE85CVcCpn57ztJ7/61qMBV/RmNT/OM=; b=BK4E7ePG 5gUyEdHNCtnMtJdpNZ3W8cZXIOncQJapmtXlaun4rJBOJY+JKQB8RTRX0oigz8D/ Vz8MSJESAYgPY/GrKiij61Igc73jnrNbi+IvllEaVs9lURSASLMGmn4/BrW/UGTt sYY8E3/BFkrU40rWp/qFc2N8+Zs5twYYpyog06sK1+84ccqiOeNGu/1mSAGqhobJ gjwwbIFbh8FdyTp4nxmEqBuuINxxLlIKtWiUATHHGqtGhT8PTajEDUKqB/5qUIPt DBUKn9m8pXB2W7BjNZIV2agj95BFgJxqQNK67fPSV+eAyy50aoSIqhP5PhsEB1xG fCMy/S6HatYLdQ== X-ME-Sender: From: "Emilio G. Cota" To: qemu-devel@nongnu.org Date: Tue, 10 Apr 2018 12:19:45 -0400 Message-Id: <1523377186-32578-10-git-send-email-cota@braap.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1523377186-32578-1-git-send-email-cota@braap.org> References: <1523377186-32578-1-git-send-email-cota@braap.org> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.111.4.29 Subject: [Qemu-devel] [PATCH 09/10] target/s390x: avoid integer overflow in next_page PC check X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: qemu-s390x@nongnu.org, Cornelia Huck , Richard Henderson , Alexander Graf , David Hildenbrand Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" If the PC is in the last page of the address space, next_page_start overflows to 0. Fix it. Cc: Cornelia Huck Cc: Alexander Graf Cc: David Hildenbrand Cc: qemu-s390x@nongnu.org Signed-off-by: Emilio G. Cota Acked-by: Cornelia Huck Reviewed-by: David Hildenbrand Reviewed-by: Richard Henderson Reviewed-by: Thomas Huth --- target/s390x/translate.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/target/s390x/translate.c b/target/s390x/translate.c index 7d39ab3..44449f1 100644 --- a/target/s390x/translate.c +++ b/target/s390x/translate.c @@ -6163,7 +6163,7 @@ void gen_intermediate_code(CPUState *cs, struct Trans= lationBlock *tb) CPUS390XState *env =3D cs->env_ptr; DisasContext dc; target_ulong pc_start; - uint64_t next_page_start; + uint64_t page_start; int num_insns, max_insns; ExitStatus status; bool do_debug; @@ -6181,7 +6181,7 @@ void gen_intermediate_code(CPUState *cs, struct Trans= lationBlock *tb) dc.ex_value =3D tb->cs_base; do_debug =3D dc.singlestep_enabled =3D cs->singlestep_enabled; =20 - next_page_start =3D (pc_start & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE; + page_start =3D pc_start & TARGET_PAGE_MASK; =20 num_insns =3D 0; max_insns =3D tb_cflags(tb) & CF_COUNT_MASK; @@ -6218,7 +6218,7 @@ void gen_intermediate_code(CPUState *cs, struct Trans= lationBlock *tb) /* If we reach a page boundary, are single stepping, or exhaust instruction count, stop generation. */ if (status =3D=3D NO_EXIT - && (dc.pc >=3D next_page_start + && (dc.pc - page_start >=3D TARGET_PAGE_SIZE || tcg_op_buf_full() || num_insns >=3D max_insns || singlestep --=20 2.7.4 From nobody Sat Apr 27 16:48:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1523377824842630.0985832843274; Tue, 10 Apr 2018 09:30:24 -0700 (PDT) Received: from localhost ([::1]:55466 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5w9z-0007f3-T7 for importer@patchew.org; Tue, 10 Apr 2018 12:30:19 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46255) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5vzu-0007Qy-AP for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:55 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1f5vzq-00030D-5R for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:54 -0400 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:44943) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1f5vzq-0002zo-21 for qemu-devel@nongnu.org; Tue, 10 Apr 2018 12:19:50 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id BA05120ABC; Tue, 10 Apr 2018 12:19:49 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Tue, 10 Apr 2018 12:19:49 -0400 Received: from localhost (flamenco.cs.columbia.edu [128.59.20.216]) by mail.messagingengine.com (Postfix) with ESMTPA id 7842A1025E; Tue, 10 Apr 2018 12:19:49 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=braap.org; h=cc :date:from:in-reply-to:message-id:references:subject:to :x-me-sender:x-me-sender:x-sasl-enc; s=mesmtp; bh=8KJPRuS4bH408c 0Xm79xevv+JdqXLM89Dd6E51Ybmbg=; b=Xkt822viZuhrcJee/pcDXB+1ulz4hY nizwyZNBEtTrd9QPSbXxRIEZ0HW8nrdm9wOEUpDQAqGmZ6jqFtJqaS0kNyaHeJcr ZoUY2A8pJx/iEZ867xWC0PVFGkr9zMLqrOu8i80y/syYOfcLi2Ou3gEV0Qulc3y5 lKndPdjwO94Io= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:date:from:in-reply-to:message-id :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=8KJPRuS4bH408c0Xm79xevv+JdqXLM89Dd6E51Ybmbg=; b=OqxuZlqj S/u/MTletS97eHAWfbHFm7oLwyVhDdFY7safbd9Oz+9UBCNjjCl2uoYxCY8T8WZi tLIHJ5Bvz/cNguyL4NdILHUhX4cyxW09S+DoHhgOW/9JSB2D5FTtKvEjw4eyPERm gw7yUVo2scX6Uot1ivF7PZEm3g2LGzvQ3AlNck2RmATtSIGANlMvgKb/WXpUde30 frlKS8DoverEH9n0dgSIBWJS4YwdZ6fbGdOT/qFYKm5wLLe9DhC6PlVb+wiusTyE /MNfDwI3VdqCNW74frzxLL+mlE3zvMdUiRi96NMnSILdbpgLjNIQkAsKaUVLp+nc oNiYrW0z5wyndw== X-ME-Sender: From: "Emilio G. Cota" To: qemu-devel@nongnu.org Date: Tue, 10 Apr 2018 12:19:46 -0400 Message-Id: <1523377186-32578-11-git-send-email-cota@braap.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1523377186-32578-1-git-send-email-cota@braap.org> References: <1523377186-32578-1-git-send-email-cota@braap.org> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.111.4.29 Subject: [Qemu-devel] [PATCH 10/10] target/mips: avoid integer overflow in next_page PC check X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Yongbok Kim , Richard Henderson , Aurelien Jarno Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" If the PC is in the last page of the address space, next_page_start overflows to 0. Fix it. Cc: Aurelien Jarno Cc: Yongbok Kim Signed-off-by: Emilio G. Cota Reviewed-by: Richard Henderson --- target/mips/translate.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/target/mips/translate.c b/target/mips/translate.c index d05ee67..d8e717d 100644 --- a/target/mips/translate.c +++ b/target/mips/translate.c @@ -20202,14 +20202,14 @@ void gen_intermediate_code(CPUState *cs, struct T= ranslationBlock *tb) CPUMIPSState *env =3D cs->env_ptr; DisasContext ctx; target_ulong pc_start; - target_ulong next_page_start; + target_ulong page_start; int num_insns; int max_insns; int insn_bytes; int is_slot; =20 pc_start =3D tb->pc; - next_page_start =3D (pc_start & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE; + page_start =3D pc_start & TARGET_PAGE_MASK; ctx.pc =3D pc_start; ctx.saved_pc =3D -1; ctx.singlestep_enabled =3D cs->singlestep_enabled; @@ -20320,7 +20320,7 @@ void gen_intermediate_code(CPUState *cs, struct Tra= nslationBlock *tb) break; } =20 - if (ctx.pc >=3D next_page_start) { + if (ctx.pc - page_start >=3D TARGET_PAGE_SIZE) { break; } =20 --=20 2.7.4