Frontend: Disallow cross-page branches in multiblock #4270
Conversation
What are these issues?
Why is this needed for increasing the limit? Couldn't we equally well constrain to a neighborhood of N pages around the multiblock entrypoint or prevent following non-local jumps? |
The page after the entrypoint could be unmapped for example (ubisoft games hit this), limiting jumps to within a page means that doesn't end up causing issues as we don't start accidentally exploring code in the unmapped page. But if we had explicit handling for unmapped blocks this limit could safely be increased as then hitting an unmapped block could be safely handled and end the multiblock rather than crashing fex. |
This avoids both the generation of multiblocks that cover massive spans of guest code, which causes issues for both context reconstruction overflowing the RIP offset and attempting to decode branch targets in unmapped memory regions. Once support for querying mappings from the FEX frontend is in place this limit could be increased if necessary, but this seems fine for now.
This avoids both the generation of multiblocks that cover massive spans of guest code, which causes issues for both SMC and context reconstruction and attempting to decode branch targets in unmapped memory regions.
Once support for querying mappings from the FEX frontend is in place this limit could be increased if necessary, but this seems fine for now.