Merge pull request #421 from DrChat/mmio_fix

Fix the MMIO handler picking up invalid accesses outside of the mapped range
2015-09-07 19:29:37 -07:00 · 2015-09-07 19:29:37 -07:00 · edef57065b
parent 3ac83b16c8 a2bc0443f2
commit edef57065b
3 changed files with 11 additions and 6 deletions
--- a/src/xenia/cpu/mmio_handler.cc
+++ b/src/xenia/cpu/mmio_handler.cc
@ -25,7 +25,8 @@ std::unique_ptr<MMIOHandler> CreateMMIOHandler(uint8_t* virtual_membase,
                                               uint8_t* physical_membase);

 std::unique_ptr<MMIOHandler> MMIOHandler::Install(uint8_t* virtual_membase,
-                                                  uint8_t* physical_membase) {
+                                                  uint8_t* physical_membase,
+                                                  uint8_t* memory_end) {
  // There can be only one handler at a time.
  assert_null(global_handler_);
  if (global_handler_) {
@ -40,6 +41,7 @@ std::unique_ptr<MMIOHandler> MMIOHandler::Install(uint8_t* virtual_membase,
    return nullptr;
  }

+  handler->memory_end_ = memory_end;
  global_handler_ = handler.get();
  return handler;
 }
@ -364,8 +366,9 @@ bool TryDecodeMov(const uint8_t* p, DecodedMov* mov) {

 bool MMIOHandler::HandleAccessFault(void* thread_state,
                                    uint64_t fault_address) {
-  if (fault_address < uint64_t(virtual_membase_)) {
-    // Quick kill anything below our mapping base.
+  if (fault_address < uint64_t(virtual_membase_) ||
+      fault_address > uint64_t(memory_end_)) {
+    // Quick kill anything outside our mapping.
    return false;
  }

--- a/src/xenia/cpu/mmio_handler.h
+++ b/src/xenia/cpu/mmio_handler.h
@ -42,7 +42,8 @@ class MMIOHandler {
  virtual ~MMIOHandler();

  static std::unique_ptr<MMIOHandler> Install(uint8_t* virtual_membase,
-                                              uint8_t* physical_membase);
+                                              uint8_t* physical_membase,
+                                              uint8_t* membase_end);
  static MMIOHandler* global_handler() { return global_handler_; }

  bool RegisterRange(uint32_t virtual_address, uint32_t mask, uint32_t size,
@ -86,6 +87,7 @@ class MMIOHandler {

  uint8_t* virtual_membase_;
  uint8_t* physical_membase_;
+  uint8_t* memory_end_;

  std::vector<MMIORange> mapped_ranges_;

--- a/src/xenia/memory.cc
+++ b/src/xenia/memory.cc
@ -184,8 +184,8 @@ int Memory::Initialize() {
      kMemoryProtectRead | kMemoryProtectWrite);

  // Add handlers for MMIO.
-  mmio_handler_ =
-      cpu::MMIOHandler::Install(virtual_membase_, physical_membase_);
+  mmio_handler_ = cpu::MMIOHandler::Install(virtual_membase_, physical_membase_,
+                                            physical_membase_ + 0x1FFFFFFF);
  if (!mmio_handler_) {
    XELOGE("Unable to install MMIO handlers");
    assert_always();