Remove the size limit for memory read and write #1799
Conversation
|
Your change will make the situation worse. Your change will silently truncate the len to I'm currently look at the implementation of |
Thank you for reviewing! I am confused by your words, in my unit tests, this patch works as expected with memory blocks that are bigger than INT_MAX. Note that the Here's the key snippet of code from // memory area can overlap adjacent memory blocks
while (count < size) {
MemoryRegion *mr = memory_mapping(uc, address);
if (mr) {
len = (size_t)MIN(size - count, mr->end - address);
len = (size_t)MIN(len, MAX_RW_LENGTH);
if (uc->read_mem(&uc->address_space_memory, address, bytes, len) ==
false) {
break;
}
count += len;
address += len;
bytes += len;
} else { // this address is not mapped in yet
break;
}
} We can see if the memory block is bigger than INT_MAX, the loop will read multiple times until error occurs or count == size. We can use the following code to test the patch: Please be aware this program is intended to be compiled on a 64-bit platform. It will first write 0x9f000000 bytes to the virtual process, and then read it out to verify the data integrity. I picked the size at random, you can use another size that is bigger than INT_MAX. You can use the command as follows for compiling it: gcc -o main main.c -lunicornIt verified that the patch could work as expected. The patch has also been tested with unicorn-1.0.3. |
I am not sure what I have missed after reading the discussion, could you explain a bit more on this? In #219 and #132, I can see clearly why the limit was introduced. I guessed you were referring to @fabsx00's comment #132 (comment), am I right? |
Hmm, you are right, the upstream has changed the type of the In hwaddr.h, we can see that typedef uint64_t hwaddr;So that it appears we can refactor the |
secretnonempty
force-pushed
the
master
branch
2 times, most recently
from
f11b153
to
65ea637
Compare
|
I have updated the patch to utilize the update from Qemu, would very appreciate it if you can help review at your convenience. The latest patch works fine with the test program aforementioned. Be aware that the original patch can work with Unicorn 1.x while the latest one can't. |
Your changes are overall correct but this will involve more complex things as we are changing both API and ABI implicitly. Somethings you leave out:
Also note that uc1 will only accept really severe security patches and these breaking changes won't go to uc1 so don't worry about uc1. |
secretnonempty
force-pushed
the
master
branch
2 times, most recently
from
ad492d4
to
fc7512e
Compare
Eliminate the maximum size restriction for uc_mem_read and uc_mem_write. This change is required to support applications, such as LLVM CFI, that map or unmap memory blocks with sizes equal to or greater than INT_MAX.
Thank you, I think the commit now is ready for review. I have updated the language bindings. |
This change eliminate the maximum size restriction for uc_mem_read and uc_mem_write. Which is required to support applications, such as LLVM CFI, that map or unmap memory blocks with sizes equal to or greater than INT_MAX.
uc_mem_unmapanduc_mem_protectwould need to split the memory if they only operate on a portion of a memory block. The splitting procedure can be broken into several steps as follows:If the memory block is equal or larger than INT_MAX, then the first step would fail, which would eventually make
uc_mem_unmaporuc_mem_protectfail.linker_cfi.cpp is a specific example that would use memory block with a size equal to 2G(0x80000000 bytes) on a 64-bit platform.
Removing the restriction would allow us to emulate these applications with less pain.
I chose the
MAX_RW_LENGTHpurely out of my gut feeling, the macro would zero-out the least significant half of an INT_MAX:Technically, using INT_MAX directly should be fine.