This line appears to be trying to undo the effect of adding 4 to pc above,
but does so incorrectly and so ends up returning with next_pc earlier than
it was prior to decoding.
This causes the translator to malfunction because it does not expect
pc_next to decrease during decoding: this is effectively reporting that
the invalid construction has a negative size, which is impossible. The
decoder uses the increase in next_pc to decide the translation block size,
but converts it to uint16_t thereby causing a block containing _only_ an
invalid instruction to be treated as having size 65532 (reinterpreted -4)
and therefore the translation loop tries to find the next translation block
at 65532 bytes after the invalid instruction, which can cause a spurious
instruction access/page fault if the page containing that address is not
mapped as executable.
In practice we don't need to readjust the pc at all here because it is
correct to report that the invalid instruction is four bytes long. This
allows the translation loop to correctly find the next instruction, and
to avoid producing spurious TLB fills that might cause incorrect exceptions.
* Add a quick test helper macro to test_x86.c
* Add regression tests for bswap and rex prefixes
* Properly ignore REX prefixes when appropriate
* Fix bswap ax emulator detection
Access to TB, DEC registers was lead to crash
spr_read_decr and others are changed to spr_read_generic
spr_write_decr and others are changed to spr_write_generic
target/i386: fix operand order for PDEP and PEXT
For PDEP and PEXT, the mask is provided in the memory (mod+r/m)
operand, and therefore is loaded in s->T0 by gen_ldst_modrm.
The source is provided in the second source operand (VEX.vvvv)
and therefore is loaded in s->T1. Fix the order in which
they are passed to the helpers.
target/i386: Verify memory operand for lcall and ljmp
These two opcodes only allow a memory operand.
Lacking the check for a register operand, we used the A0 temp
without initialization, which led to a tcg abort.
These APIs take size parameters, which can be used to properly bounds-check the
inputs and outputs for various registers. Additionally, all backends now throw
UC_ERR_ARG if the input register numbers are invalid.
Completes #1831.
Unicorn has included some ugly hacks to provide a envirement where vaddr == paddr.
These hacks where to use the full 64 bit mappings on x86 without init the mmu
and some memory redirect for MIPS.
The UC_TLB_CPU mode defaults to vaddr == paddr, therfor these hacks aren't
required anymore.
This basicaly mappes virtual addresses to physical addresses 1:1 when
the mmu is disabled in the cpu. So you can use the full 64 bit addressspace
without required to configure the mmu.
quit_request is for internal use. This means the IP register was updated and
qemu needs to rebuild the translation blocks.
stop_request is set by the user (uc_emu_stop) to indecate that unicorn sould
stop emulating.
