From patchwork Tue Nov 7 16:52:26 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Alex_Benn=C3=A9e?= X-Patchwork-Id: 118200 Delivered-To: patch@linaro.org Received: by 10.140.22.164 with SMTP id 33csp4210947qgn; Tue, 7 Nov 2017 08:54:33 -0800 (PST) X-Google-Smtp-Source: ABhQp+SAvYfgj5gvkOfGxvj2oRKiqKfOzrdkObYX8LiLhOGpAjIOfOJOP3tnUl2EY8m7u42cQtIC X-Received: by 10.129.90.8 with SMTP id o8mr12691444ywb.384.1510073673614; Tue, 07 Nov 2017 08:54:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1510073673; cv=none; d=google.com; s=arc-20160816; b=dGjuhbNyuDgXV4Tw9tehkiUjVC2Vld6Sz7DFgOKnkUd8ZmmXE4A5qASqGi6GdVQrgM h9ab0eW9Zp6kxmcUqc68r4vNkR9F03xdqbyFRfXvKpiIEZC3x+mIVcqyCDUHBKWN59d0 2yAC8JHrUYxXn61tTCGG4cKzYFyCRW+cZORLzoJGu7XNM5Bc0iyALtrzxzDWJgg9vpHC GQ0MGMhPtKJK/HfodXTJ+G6R6TTPsNgMS97VwfgSR8Krtqd4QC6fqKUkZd0hvxHQyavm vUjaaY3c0kGjZ9EFEgQHDu9seUNVMr3/UFazt79nn8Rc7XXZu0q4cpww2ICgvZ+otD/6 8Ogg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject :content-transfer-encoding:mime-version:message-id:date:to:from :dkim-signature:arc-authentication-results; bh=yQPLS0Yp8EaEvd9MLLrao7I8WlWsiEBK9K43yQKgXNA=; b=OZ8g1lU19RqFCcES/SWCtv+UXT3R59WK10V0oLrkDc+LGtPf+P2LQII/EhaWVHhLgJ NZ6eaMdjHhjEm5MJOK04GuSpjcPqMYXqVmViVcNYdZ69Jw7FtCTFe5gCTAm2U4gNkj17 hsYW7ll4ZHRvDSXs6Tk/HscVQgPrUpJKrihiL6y8y/iaqcCATM9zAFz0eg/fi93oOMdJ ZLmgXq6Nx8qpTDWabzqS7khhY5L0r7T930IXR4Wb1P2Mvl6TqqlMaEL8qHToO7qTHIqg 8K0XpB8IPXOTNFD119MqrpfTdid/xq3zrxGQfL8DLrlUgJbmWin8LRbb9/WsBgFjov76 ImGQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=NkoS3Z3B; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id f38si380033ybi.777.2017.11.07.08.54.33 for (version=TLS1 cipher=AES128-SHA bits=128/128); Tue, 07 Nov 2017 08:54:33 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=NkoS3Z3B; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:54382 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eC78z-0002Nm-3D for patch@linaro.org; Tue, 07 Nov 2017 11:54:33 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:41041) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eC77A-0001yR-0Y for qemu-devel@nongnu.org; Tue, 07 Nov 2017 11:52:41 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eC775-0005az-C2 for qemu-devel@nongnu.org; Tue, 07 Nov 2017 11:52:40 -0500 Received: from mail-wm0-x242.google.com ([2a00:1450:400c:c09::242]:44059) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1eC775-0005Z3-49 for qemu-devel@nongnu.org; Tue, 07 Nov 2017 11:52:35 -0500 Received: by mail-wm0-x242.google.com with SMTP id n74so15071207wmi.1 for ; Tue, 07 Nov 2017 08:52:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=yQPLS0Yp8EaEvd9MLLrao7I8WlWsiEBK9K43yQKgXNA=; b=NkoS3Z3BuoIv0HHvr23e+wQTm2BWRxF4XVYu6I7dkWZjXqhToIQYShr6oV9zfndrEp sswlxAz6TevUmVq+DA6F9tUMVnzbHjBYnunGt+DDRBSvqW85A2FJ1B9+YEx4WhMaQDLI HZZLaDgKeW7MaL1y7Gsn6zjt2GdzRqfrho6Vo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=yQPLS0Yp8EaEvd9MLLrao7I8WlWsiEBK9K43yQKgXNA=; b=fQePRZuM3XEBPQ4I71kPXa2J4pnBBRgRhxaFEDpE0RqU2uW9kTRX1rpM+wZe9EFoFy dxWEt2dZDoIRQSdo/7msVqaEqaB5lAYR/ALF+yKLOq2I3OgRGw8uVBYlA5fFWM+CMCSp itsc2v4nEJl9PNAQknRuGPtNh2+3EbCIHIJVAK6hUPcbbFbUPRllRwgPQ2ti/WYwXM1s YBhR6Yh6ZRlSekgTWPIPOTMHlFOlWBnnFi41vxm8wpu2MtdtrGfS9qDOlXyemxJaCkwV MQm3tNo24vLI7nRjBm5/pA70865sPDFtDm60IApTX5JzfrVyWseDe/YVj4Exmo+GifU1 YHcg== X-Gm-Message-State: AJaThX5KyWoYGJ2wcyQz4Xwf/7OXNOWKhd0O6ifBKxGTpWBFkb6EL93o QItbSxK1Y3gmqojhOBzeyNWtbw== X-Received: by 10.28.113.196 with SMTP id d65mr1812103wmi.151.1510073553408; Tue, 07 Nov 2017 08:52:33 -0800 (PST) Received: from zen.linaro.local ([81.128.185.34]) by smtp.gmail.com with ESMTPSA id c67sm1041147wmd.25.2017.11.07.08.52.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 07 Nov 2017 08:52:32 -0800 (PST) Received: from zen.linaroharston (localhost [127.0.0.1]) by zen.linaro.local (Postfix) with ESMTP id E86993E03B5; Tue, 7 Nov 2017 16:52:31 +0000 (GMT) From: =?utf-8?q?Alex_Benn=C3=A9e?= To: peter.maydell@linaro.org Date: Tue, 7 Nov 2017 16:52:26 +0000 Message-Id: <20171107165226.22546-1-alex.bennee@linaro.org> X-Mailer: git-send-email 2.14.2 MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:400c:c09::242 Subject: [Qemu-devel] [PATCH] accel/tcg/translate-all: expand cpu_restore_state retaddr check X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Crosthwaite , qemu-devel@nongnu.org, qemu-arm@nongnu.org, Paolo Bonzini , =?utf-8?q?A?= =?utf-8?q?lex_Benn=C3=A9e?= , Richard Henderson Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" We are still seeing signals during translation time when we walk over a page protection boundary. This expands the check to ensure the retaddr is inside the code generation buffer. The original suggestion was to check versus tcg_ctx.code_gen_ptr but as we now segment the translation buffer we have to settle for just a general check for being inside. Signed-off-by: Alex Bennée Reported-by: Peter Maydell Suggested-by: Paolo Bonzini Cc: Richard Henderson --- accel/tcg/translate-all.c | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) -- 2.14.2 diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c index 34c5e28d07..eb255af402 100644 --- a/accel/tcg/translate-all.c +++ b/accel/tcg/translate-all.c @@ -357,16 +357,20 @@ bool cpu_restore_state(CPUState *cpu, uintptr_t retaddr) TranslationBlock *tb; bool r = false; - /* A retaddr of zero is invalid so we really shouldn't have ended - * up here. The target code has likely forgotten to check retaddr - * != 0 before attempting to restore state. We return early to - * avoid blowing up on a recursive tb_lock(). The target must have - * previously survived a failed cpu_restore_state because - * tb_find_pc(0) would have failed anyway. It still should be - * fixed though. + /* The retaddr has to be in the region of current code buffer. If + * it's not we will not be able to resolve it here. If it is zero + * the calling code has likely forgotten to check retaddr before + * calling here. If it is not in the translated code we could be + * faulting during translation itself. + * + * Either way we need return early to avoid blowing up on a + * recursive tb_lock() as we can't resolve it here. */ - if (!retaddr) { + if (!retaddr || + (retaddr < (uintptr_t) tcg_init_ctx.code_gen_buffer) || + (retaddr > (uintptr_t) (tcg_init_ctx.code_gen_buffer + + tcg_init_ctx.code_gen_buffer_size))) { return r; }