From: ths Date: Thu, 22 Nov 2007 00:34:36 +0000 (+0000) Subject: Fix off-by-one address checks in MIPS64 MMU, by Aurelien Jarno. X-Git-Tag: TizenStudio_2.0_p2.3~12503 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=67d6abff605064317d1922745b2e99ffc57b4a77;p=sdk%2Femulator%2Fqemu.git Fix off-by-one address checks in MIPS64 MMU, by Aurelien Jarno. git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3718 c046a42c-6fe2-441c-8c8c-71466251a162 --- diff --git a/target-mips/helper.c b/target-mips/helper.c index 6cdcd7f..e7d7887 100644 --- a/target-mips/helper.c +++ b/target-mips/helper.c @@ -133,7 +133,7 @@ static int get_physical_address (CPUState *env, target_ulong *physical, #if defined(TARGET_MIPS64) } else if (address < 0x4000000000000000ULL) { /* xuseg */ - if (UX && address < (0x3FFFFFFFFFFFFFFFULL & env->SEGMask)) { + if (UX && address <= (0x3FFFFFFFFFFFFFFFULL & env->SEGMask)) { ret = env->tlb->map_address(env, physical, prot, address, rw, access_type); } else { ret = TLBRET_BADADDR; @@ -141,7 +141,7 @@ static int get_physical_address (CPUState *env, target_ulong *physical, } else if (address < 0x8000000000000000ULL) { /* xsseg */ if ((supervisor_mode || kernel_mode) && - SX && address < (0x7FFFFFFFFFFFFFFFULL & env->SEGMask)) { + SX && address <= (0x7FFFFFFFFFFFFFFFULL & env->SEGMask)) { ret = env->tlb->map_address(env, physical, prot, address, rw, access_type); } else { ret = TLBRET_BADADDR; @@ -150,7 +150,7 @@ static int get_physical_address (CPUState *env, target_ulong *physical, /* xkphys */ /* XXX: Assumes PABITS = 36 (correct for MIPS64R1) */ if (kernel_mode && KX && - (address & 0x07FFFFFFFFFFFFFFULL) < 0x0000000FFFFFFFFFULL) { + (address & 0x07FFFFFFFFFFFFFFULL) <= 0x0000000FFFFFFFFFULL) { *physical = address & 0x0000000FFFFFFFFFULL; *prot = PAGE_READ | PAGE_WRITE; } else { @@ -159,7 +159,7 @@ static int get_physical_address (CPUState *env, target_ulong *physical, } else if (address < 0xFFFFFFFF80000000ULL) { /* xkseg */ if (kernel_mode && KX && - address < (0xFFFFFFFF7FFFFFFFULL & env->SEGMask)) { + address <= (0xFFFFFFFF7FFFFFFFULL & env->SEGMask)) { ret = env->tlb->map_address(env, physical, prot, address, rw, access_type); } else { ret = TLBRET_BADADDR;