From c852a58ee352ba01029f9411d0b27063118e0864 Mon Sep 17 00:00:00 2001 From: Billy Laws Date: Sun, 12 Jan 2025 17:52:58 +0000 Subject: [PATCH] JIT: Avoid OOB EC bitmap checks in ExitFunction --- FEXCore/Source/Interface/Core/ArchHelpers/Arm64Emitter.h | 2 ++ FEXCore/Source/Interface/Core/JIT/BranchOps.cpp | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/FEXCore/Source/Interface/Core/ArchHelpers/Arm64Emitter.h b/FEXCore/Source/Interface/Core/ArchHelpers/Arm64Emitter.h index b38df6ed0d..44266593da 100644 --- a/FEXCore/Source/Interface/Core/ArchHelpers/Arm64Emitter.h +++ b/FEXCore/Source/Interface/Core/ArchHelpers/Arm64Emitter.h @@ -74,6 +74,8 @@ constexpr size_t PEB_EC_CODE_BITMAP_OFFSET = 0x368; constexpr size_t CPU_AREA_IN_SYSCALL_CALLBACK_OFFSET = 0x1; constexpr size_t CPU_AREA_EMULATOR_STACK_BASE_OFFSET = 0x8; constexpr size_t CPU_AREA_EMULATOR_DATA_OFFSET = 0x30; + +constexpr uint64_t EC_CODE_BITMAP_MAX_ADDRESS = 1ULL << 47; #endif // Will force one single instruction block to be generated first if set when entering the JIT filling SRA. diff --git a/FEXCore/Source/Interface/Core/JIT/BranchOps.cpp b/FEXCore/Source/Interface/Core/JIT/BranchOps.cpp index 18d65b9d1f..56ab18729a 100644 --- a/FEXCore/Source/Interface/Core/JIT/BranchOps.cpp +++ b/FEXCore/Source/Interface/Core/JIT/BranchOps.cpp @@ -53,7 +53,7 @@ DEF_OP(ExitFunction) { if (IsInlineConstant(Op->NewRIP, &NewRIP) || IsInlineEntrypointOffset(Op->NewRIP, &NewRIP)) { #ifdef _M_ARM_64EC - if (RtlIsEcCode(NewRIP)) { + if (NewRIP < EC_CODE_BITMAP_MAX_ADDRESS && RtlIsEcCode(NewRIP)) { add(ARMEmitter::Size::i64Bit, ARMEmitter::Reg::rsp, StaticRegisters[X86State::REG_RSP], 0); LoadConstant(ARMEmitter::Size::i64Bit, EC_CALL_CHECKER_PC_REG, NewRIP); ldr(TMP2, STATE_PTR(CpuStateFrame, Pointers.Common.ExitFunctionEC));