yuzu-emu/unicorn
1
0
Fork 0
mirror of https://github.com/yuzu-emu/unicorn.git synced 2024-10-19 23:38:23 +02:00
Code Issues Packages Projects Releases Wiki Activity
Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, X86)
3,814 Commits 7 Branches 6 Tags 35 MiB
C 90%
Python 3.9%
Java 1.5%
Visual Basic 6.0 0.8%
Pascal 0.8%
Other 2.9%
f66e74d65b
Go to file
Emilio G. Cota f66e74d65b
tcg: consistently access cpu->tb_jmp_cache atomically 
Some code paths can lead to atomic accesses racing with memset()
on cpu->tb_jmp_cache, which can result in torn reads/writes
and is undefined behaviour in C11.

These torn accesses are unlikely to show up as bugs, but from code
inspection they seem possible. For example, tb_phys_invalidate does:
/* remove the TB from the hash list */
h = tb_jmp_cache_hash_func(tb->pc);
CPU_FOREACH(cpu) {
if (atomic_read(&cpu->tb_jmp_cache[h]) == tb) {
atomic_set(&cpu->tb_jmp_cache[h], NULL);
}
}
Here atomic_set might race with a concurrent memset (such as the
ones scheduled via "unsafe" async work, e.g. tlb_flush_page) and
therefore we might end up with a torn pointer (or who knows what,
because we are under undefined behaviour).

This patch converts parallel accesses to cpu->tb_jmp_cache to use
atomic primitives, thereby bringing these accesses back to defined
behaviour. The price to pay is to potentially execute more instructions
when clearing cpu->tb_jmp_cache, but given how infrequently they happen
and the small size of the cache, the performance impact I have measured
is within noise range when booting debian-arm.

Note that under "safe async" work (e.g. do_tb_flush) we could use memset
because no other vcpus are running. However I'm keeping these accesses
atomic as well to keep things simple and to avoid confusing analysis
tools such as ThreadSanitizer.

Backports commit f3ced3c59287dabc253f83f0c70aa4934470c15e from qemu
2018-03-03 21:12:36 -05:00
bindings
docs
include util: add cacheinfo 2018-03-03 16:58:28 -05:00
msvc qapi: Update scripts to commit 01b2ffcedd94ad7b42bc870e4c6936c87ad03429 2018-03-03 18:32:12 -05:00
qemu tcg: consistently access cpu->tb_jmp_cache atomically 2018-03-03 21:12:36 -05:00
samples
tests
.appveyor.yml
.gitignore
.travis.yml
AUTHORS.TXT
Brewfile
ChangeLog
config.mk
COPYING
COPYING_GLIB
COPYING.LGPL2
CREDITS.TXT
install-cmocka-linux.sh
list.c
make.sh
Makefile
msvc.bat
pkgconfig.mk
README.md
uc.c Move target-* CPU file into a target/ folder 2018-03-01 22:50:58 -05:00
windows_export.bat

README.md

Unicorn Engine

Join the chat at https://gitter.im/unicorn-engine/chat

Build Status Build status

Unicorn is a lightweight, multi-platform, multi-architecture CPU emulator framework based on QEMU.

Unicorn offers some unparalleled features:

  • Multi-architecture: ARM, ARM64 (ARMv8), M68K, MIPS, SPARC, and X86 (16, 32, 64-bit)
  • Clean/simple/lightweight/intuitive architecture-neutral API
  • Implemented in pure C language, with bindings for Crystal, Clojure, Visual Basic, Perl, Rust, Ruby, Python, Java, .NET, Go, Delphi/Free Pascal and Haskell.
  • Native support for Windows & *nix (with Mac OSX, Linux, *BSD & Solaris confirmed)
  • High performance via Just-In-Time compilation
  • Support for fine-grained instrumentation at various levels
  • Thread-safety by design
  • Distributed under free software license GPLv2

Further information is available at http://www.unicorn-engine.org

License

This project is released under the GPL license.

Compilation & Docs

See docs/COMPILE.md file for how to compile and install Unicorn.

More documentation is available in docs/README.md.

Contact

Contact us via mailing list, email or twitter for any questions.

Contribute

If you want to contribute, please pick up something from our Github issues.

We also maintain a list of more challenged problems in a TODO list.

CREDITS.TXT records important contributors of our project.