This hack was introduced in issue#287 which later becomes endless maintainance pain.
=====
Our previous check_exit_request use `brcond` in the middle of a TranslationBlock which
breaks the assumptions and thus a hack to liveness_pass_1 is used for _all_ brcond instructions
which causes issues for MIPS and many other scenarios.
=====
This patch also resolves PC not sync-ed when no memory hooks are installed, finally. Now
Unicorn will always have correct PC no matter what happens.
* memory snapshots fix use after free on flatview copy
When restoring a snapshot with memory the flatview must be restored
before the memory reagions are filtered. Because the
AddressSpaceDispatcher also has pointer to the MemoryRegions and on copy
they need to be cleared. The memory_filter_subregions function frees
MemoryRegions which are not used at the time of the snapshot.
* fix some memleaks in tests
These tests has forgott to call uc_close(uc), which lead to memory
leaks. Found by the LeakSanitizer.
* memory snapshots correct clean up container memory regions
* Fix further stackoverflow in tests
---------
Co-authored-by: mio <mio@lazym.io>
* Support mips64 - write correct pc register width on uc_emu_start
* Convert to UC_MODE_MIPS64
* Correctly select MIPS64 CPU model
* Simple 64-bit test - check it doesn't crash
* lint
* Comment
* Comment
* Add offset when indexing cpu model, makes tests work on older python
* Move test
* add PC check to test
* Fix test - add python version check
* Use RegressTest method for assert
* Remove global variable from aarch64 tcg target
This obviously breaks trying to run two unicorn instances at once on
aarch64. It appears a similar variable had already been moved to the
state struct for i386 tcg target.
* Reenable writing to jit region while calling tb_add_jump
On arm macs, every place that writes to jit code needs to have
tb_exec_unlock called first. This is already in most necessary places,
but not this one.
* Don't forget to call restore_jit_state in uc_context_restore
Every time UC_INIT is used, restore_jit_state must be used on the return
path, or occasional assertion failures will pop up on arm macs.
* Restore pc before calling into tlb fill hook
In my application it is important to have correct pc values available
from this hook.
* enable notdirty_write for snapshots when possible
Snapshots only happens when the priority of the memory region is smaller
then the snapshot_level. After a snapshot notdirty can be set.
* disable notdirty_write for self modifying code
When SMC access the memory region more then once the
tb must be rebuild multible times.
fixes#2029
* notdirty_write better hook check
Check all relevant memory hooks before enabling notdirty write.
This also checks if the memory hook is registered for the affected
region. So it is possible to use notdirty write and have some hooks
on different addresses.
* notdirty_write check for addr_write in snapshot case
* self modifying code clear recursive mem access
when self modifying code does unaligned memory accese sometimes
uc->size_recur_mem is changed but for notdirty write not changed back.
This causes mem_hooks to be missed. To fix this uc->size_recur_mem is
set to 0 before each cpu_exec() call.
Some structs, specically CPUARMState is 16-bytes aligned.
This causes segment fault because gcc tends to vectorize
the assignment of the struct with infamous movaps tricks.
Without this patch, we fail on manylinux with 2.17 glibc
in release mode in i686.
qemu_memalign will ensure the alignment across platforms.
* optimize ram block handling
Save the last element of the ram_list. This allows to
faster find where to add new elements when they are not
bigger then page size.
* save ram_list freed
this keeps the optimization for find_ram_offset() intact after snapshot
restore.
* cow only clear the tlb of affected pages
* update flatview when possible
Building each flatview new when the memory has changed is quite
expensive when many MemoryRegions are used. This is an issue when using
snapshots.
* update benchmark for new api
* save flatview in context
this avoids rebuilding the flatview when restore a context.
* init context flatview with zero
* address_space_dispatch_clear remove subpage with higher priority
* docutemnt the options for UC_CTL_CONTEXT_MODE
Specialy stress that with UC_CTL_CONTEXT_MEMORY it is not possible to
use the context with a different unicorn object.
uc->target_page_align is a uint32_t. When the binary not will only
invert the 32 bit of the value. Used this in a binary and operator with
a uint64_t will case the upper 32bit of the address to be 0. Therefor
the bug only appears when the upper 32bit of the address are used.
Now a local uint64_t variable is used for the alignemend and the test
uses a not page alligned address which does not fit in 32bit.
Uses Copy on Write to make it posible to restore the memory state after a snapshot
was made. To restore all MemoryRegions created after the snapshot are removed.
These APIs take size parameters, which can be used to properly bounds-check the
inputs and outputs for various registers. Additionally, all backends now throw
UC_ERR_ARG if the input register numbers are invalid.
Completes #1831.
We still need this API because the virtual memory address space of
32 bits os is only 4GB and we default need 1G per instance
Credits to @ZehMatt for original idea
Co-authored-by: ζeh Matt <5415177+ZehMatt@users.noreply.github.com>
uc_ctl_flush_tlb implies that the tlb is flushed. This change adds
UC_CTL_TLB_FLUSH which clears the TLB and set the uc_ctl_flush_tlb
alias to UC_CTL_TLB_FLUSH. Also adds a uc_ctl_flush_tb alias for
UC_CTL_TB_FLUSH.
Unicorn has included some ugly hacks to provide a envirement where vaddr == paddr.
These hacks where to use the full 64 bit mappings on x86 without init the mmu
and some memory redirect for MIPS.
The UC_TLB_CPU mode defaults to vaddr == paddr, therfor these hacks aren't
required anymore.
quit_request is for internal use. This means the IP register was updated and
qemu needs to rebuild the translation blocks.
stop_request is set by the user (uc_emu_stop) to indecate that unicorn sould
stop emulating.
