Richard pointed out in another thread that when computing
next_page_start we can break checks for the last page in the
address space due to integer overflow. This affects several targets;
the appended fixes them.

You can fetch the patches from:
  https://github.com/cota/qemu/tree/next_page_overflow

Thanks,

		Emilio
---
 target/arm/translate.c        | 11 +++++------
 target/arm/translate.h        |  2 +-
 target/cris/translate.c       |  6 +++---
 target/lm32/translate.c       |  6 +++---
 target/microblaze/translate.c |  6 +++---
 target/mips/translate.c       |  6 +++---
 target/riscv/translate.c      |  6 +++---
 target/s390x/translate.c      |  6 +++---
 target/tilegx/translate.c     |  4 ++--
 target/unicore32/translate.c  |  6 +++---
 target/xtensa/translate.c     |  9 ++++-----
 11 files changed, 33 insertions(+), 35 deletions(-)

On 04/11/2018 02:19 AM, Emilio G. Cota wrote:
> Richard pointed out in another thread that when computing
> next_page_start we can break checks for the last page in the
> address space due to integer overflow. This affects several targets;
> the appended fixes them.
> 
> You can fetch the patches from:
>   https://github.com/cota/qemu/tree/next_page_overflow

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>


r~

On Wed, Apr 11, 2018 at 10:08:58 +1000, Richard Henderson wrote:
> On 04/11/2018 02:19 AM, Emilio G. Cota wrote:
> > Richard pointed out in another thread that when computing
> > next_page_start we can break checks for the last page in the
> > address space due to integer overflow. This affects several targets;
> > the appended fixes them.
> > 
> > You can fetch the patches from:
> >   https://github.com/cota/qemu/tree/next_page_overflow
> 
> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>

Thanks!

To ease an eventual merge I'll be updating the patches' R-b tags as
they come in this branch:
  https://github.com/cota/qemu/tree/next_page_overflow-r-b

BTW to avoid conflicts we should merge this before the translator loop
conversion series; I'll make that clear when I send a new version
of that patch set.

		Emilio

On Wed, 11 Apr 2018 11:29:42 -0400
"Emilio G. Cota" <cota@braap.org> wrote:

> On Wed, Apr 11, 2018 at 10:08:58 +1000, Richard Henderson wrote:
> > On 04/11/2018 02:19 AM, Emilio G. Cota wrote:  
> > > Richard pointed out in another thread that when computing
> > > next_page_start we can break checks for the last page in the
> > > address space due to integer overflow. This affects several targets;
> > > the appended fixes them.
> > > 
> > > You can fetch the patches from:
> > >   https://github.com/cota/qemu/tree/next_page_overflow  
> > 
> > Reviewed-by: Richard Henderson <richard.henderson@linaro.org>  
> 
> Thanks!
> 
> To ease an eventual merge I'll be updating the patches' R-b tags as
> they come in this branch:
>   https://github.com/cota/qemu/tree/next_page_overflow-r-b
> 
> BTW to avoid conflicts we should merge this before the translator loop
> conversion series; I'll make that clear when I send a new version
> of that patch set.
> 
> 		Emilio

So, this series will be merged in one go, then? I'll ack the s390x
patch.

On 04/12/2018 01:29 AM, Emilio G. Cota wrote:
> To ease an eventual merge I'll be updating the patches' R-b tags as
> they come in this branch:
>   https://github.com/cota/qemu/tree/next_page_overflow-r-b
> 
> BTW to avoid conflicts we should merge this before the translator loop
> conversion series; I'll make that clear when I send a new version
> of that patch set.

Right-o.  Thanks.  We'll get these in right away once development starts again
so that you don't have to carry it long.


r~

On Thu, Apr 12, 2018 at 11:56 AM, Richard Henderson <
richard.henderson@linaro.org> wrote:

> On 04/12/2018 01:29 AM, Emilio G. Cota wrote:
> > To ease an eventual merge I'll be updating the patches' R-b tags as
> > they come in this branch:
> >   https://github.com/cota/qemu/tree/next_page_overflow-r-b
> >
> > BTW to avoid conflicts we should merge this before the translator loop
> > conversion series; I'll make that clear when I send a new version
> > of that patch set.
>
> Right-o.  Thanks.  We'll get these in right away once development starts
> again
> so that you don't have to carry it long.


Emilio,

Is this your latest branch for these changes?

- https://github.com/cota/qemu/tree/trloop-conv-v3

I see that this branch has this change "target/riscv: avoid integer
overflow in next_page PC check"

I have some changes for target/riscv/translate.c and was thinking of basing
them on your patches so we don't have conflicts.

Thanks,
Michael

On Wed, May 09, 2018 at 12:51:14 +1200, Michael Clark wrote:
> Emilio,
> 
> Is this your latest branch for these changes?
> 
> - https://github.com/cota/qemu/tree/trloop-conv-v3
> 
> I see that this branch has this change "target/riscv: avoid integer
> overflow in next_page PC check"
> 
> I have some changes for target/riscv/translate.c and was thinking of basing
> them on your patches so we don't have conflicts.

Yes that's the latest branch. Richard is currently working
on a pull request to get that branch merged, so you'll soon
be able to rebase your changes on top of master.

Thanks,

		Emilio