mirror of
https://github.com/yuzu-emu/unicorn
synced 2024-11-24 23:48:27 +00:00
No description
670d81367b
As it currently stands, QEMU does not properly handle self-modifying code when the write is unaligned and crosses a page boundary. The procedure for handling a write to the current translation block is to write-protect the current translation block, catch the write, split up the translation block into the current instruction (which remains write-protected so that the current instruction is not modified) and the remaining instructions in the translation block, and then restore the CPU state to before the write occurred so the write will be retried and successfully executed. However, since unaligned writes across pages are split into one-byte writes for simplicity, writes to the second page (which is not the current TB) may succeed before a write to the current TB is attempted, and since these writes are not invalidated before resuming state after splitting the TB, these writes will be performed a second time, thus corrupting the second page. Credit goes to Patrick Hulin for discovering this. In recent 64-bit versions of Windows running in emulated mode, this results in either being very unstable (a BSOD after a couple minutes of uptime), or being entirely unable to boot. Windows performs one or more 8-byte unaligned self-modifying writes (xors) which intersect the end of the current TB and the beginning of the next TB, which runs into the aforementioned issue. This commit fixes that issue by making the unaligned write loop perform the writes in forwards order, instead of reverse order. This way, QEMU immediately tries to write to the current TB, and splits the TB before any write to the second page is executed. The write then proceeds as intended. With this patch applied, I am able to boot and use Windows 7 64-bit and Windows 10 64-bit in QEMU without KVM. Per Richard Henderson's input, this patch also ensures the second page is in the TLB before executing the write loop, to ensure the second page is mapped. The original discussion of the issue is located at http://lists.nongnu.org/archive/html/qemu-devel/2014-08/msg02161.html. Backports commit 81daabaf7a572f138a8b88ba6eea556bdb0cce46 from qemu |
||
|---|---|---|
| bindings | ||
| docs | ||
| include | ||
| msvc | ||
| qemu | ||
| samples | ||
| tests | ||
| .appveyor.yml | ||
| .gitignore | ||
| .travis.yml | ||
| AUTHORS.TXT | ||
| Brewfile | ||
| ChangeLog | ||
| config.mk | ||
| COPYING | ||
| COPYING.LGPL2 | ||
| COPYING_GLIB | ||
| CREDITS.TXT | ||
| install-cmocka-linux.sh | ||
| list.c | ||
| make.sh | ||
| Makefile | ||
| msvc.bat | ||
| pkgconfig.mk | ||
| README.md | ||
| uc.c | ||
| windows_export.bat | ||
Unicorn Engine
Unicorn is a lightweight, multi-platform, multi-architecture CPU emulator framework based on QEMU.
Unicorn offers some unparalleled features:
- Multi-architecture: ARM, ARM64 (ARMv8), M68K, MIPS, SPARC, and X86 (16, 32, 64-bit)
- Clean/simple/lightweight/intuitive architecture-neutral API
- Implemented in pure C language, with bindings for Crystal, Clojure, Visual Basic, Perl, Rust, Ruby, Python, Java, .NET, Go, Delphi/Free Pascal and Haskell.
- Native support for Windows & *nix (with Mac OSX, Linux, *BSD & Solaris confirmed)
- High performance via Just-In-Time compilation
- Support for fine-grained instrumentation at various levels
- Thread-safety by design
- Distributed under free software license GPLv2
Further information is available at http://www.unicorn-engine.org
License
This project is released under the GPL license.
Compilation & Docs
See docs/COMPILE.md file for how to compile and install Unicorn.
More documentation is available in docs/README.md.
Contact
Contact us via mailing list, email or twitter for any questions.
Contribute
If you want to contribute, please pick up something from our Github issues.
We also maintain a list of more challenged problems in a TODO list.
CREDITS.TXT records important contributors of our project.