From nobody Tue Feb 10 03:36:55 2026
Delivered-To: importer@patchew.org
Received-SPF: temperror (zoho.com: Error in retrieving data from DNS)
 client-ip=208.118.235.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Authentication-Results: mx.zohomail.com;
	dkim=fail;
	spf=temperror (zoho.com: Error in retrieving data from DNS)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by
 mx.zohomail.com
	with SMTPS id 1510155314164148.4744657473002;
 Wed, 8 Nov 2017 07:35:14 -0800 (PST)
Received: from localhost ([::1]:60468 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <qemu-devel-bounces+importer=patchew.org@nongnu.org>)
	id 1eCSNU-0001WY-SB
	for importer@patchew.org; Wed, 08 Nov 2017 10:34:56 -0500
Received: from eggs.gnu.org ([2001:4830:134:3::10]:34279)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <alex.bennee@linaro.org>) id 1eCSLX-0000PI-Ku
	for qemu-devel@nongnu.org; Wed, 08 Nov 2017 10:32:57 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <alex.bennee@linaro.org>) id 1eCSLR-00026U-F4
	for qemu-devel@nongnu.org; Wed, 08 Nov 2017 10:32:55 -0500
Received: from mail-wm0-x244.google.com ([2a00:1450:400c:c09::244]:54596)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <alex.bennee@linaro.org>)
	id 1eCSLR-00025i-70
	for qemu-devel@nongnu.org; Wed, 08 Nov 2017 10:32:49 -0500
Received: by mail-wm0-x244.google.com with SMTP id r68so11663995wmr.3
	for <qemu-devel@nongnu.org>; Wed, 08 Nov 2017 07:32:49 -0800 (PST)
Received: from zen.linaro.local ([81.128.185.34])
	by smtp.gmail.com with ESMTPSA id 89sm1383472wri.79.2017.11.08.07.32.46
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Wed, 08 Nov 2017 07:32:46 -0800 (PST)
Received: from zen.linaroharston (localhost [127.0.0.1])
	by zen.linaro.local (Postfix) with ESMTP id B5F8F3E03B5;
	Wed,  8 Nov 2017 15:32:45 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
	h=from:to:cc:subject:date:message-id:in-reply-to:references
	:mime-version:content-transfer-encoding;
	bh=RdjZVKDXF1lYZFRSoSg7iXRmw6zd1GpA/QRInYksgwQ=;
	b=cqhKza+XajA6MQu/EHGcDb6OkLDkFo3U/kL/BFyABy020R0YlDKbzMj2f9VwfDvnvg
	DdTzzfzzbIuVpi5fGAnUeYejLr+Q6IbSu3dtoGJQxM5tCosNNM1/HA4FdPYc/JRT4qYF
	Z8lT9OVJrbyonmbTYv5Sn1wZ+fgnyhOtUx++c=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references:mime-version:content-transfer-encoding;
	bh=RdjZVKDXF1lYZFRSoSg7iXRmw6zd1GpA/QRInYksgwQ=;
	b=XJu1bR9PYuD/44MtI7ch2Pc2159ph2ylLxqDJmKeybcmFtAc2IjCrUefSI1vwSdDnu
	wWknV0C4MO1dZtRJyFDKDUsN44mePNjz5e/gax+jWQESdz6zJBaFwitSHI4cJ9zHDtWq
	rkw2zlMKbtPVtCtbB6f2cz7te6ODRMDVbpeiyF9FtF4gTrLTfs30Qpmxd4J954f0NJbD
	6daRNSSH+k2hd/oOJlXp3FX4w+HUolIHAbYGTo0tGb7kcuVigd5NvOl6EVylPnDj+LzW
	kVULM7huQnlp4fd4Y+1xpxFtRYzNDONVoMveZt2/Rd3szIsuUuIwyq0SPy3dFrq/cbV6
	nMww==
X-Gm-Message-State: AJaThX7hJC1G0xIokjWXhkttlcrr7jjFHyZsEyCfXCgIWdp6T2g8+qaE
	MD9RGUdGN/akx0RxELXT/rczMA==
X-Google-Smtp-Source: 
 ABhQp+TnVHBglIzw2y527FYvzKqKw661d5LlVjFlyA3Jclk2PVfSKMgWBPxTrLb8tnEcv7IUjQRufg==
X-Received: by 10.28.131.200 with SMTP id f191mr775322wmd.39.1510155167897;
	Wed, 08 Nov 2017 07:32:47 -0800 (PST)
From: =?UTF-8?q?Alex=20Benn=C3=A9e?= <alex.bennee@linaro.org>
To: peter.maydell@linaro.org
Date: Wed,  8 Nov 2017 15:32:44 +0000
Message-Id: <20171108153245.20740-2-alex.bennee@linaro.org>
X-Mailer: git-send-email 2.14.2
In-Reply-To: <20171108153245.20740-1-alex.bennee@linaro.org>
References: <20171108153245.20740-1-alex.bennee@linaro.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 2a00:1450:400c:c09::244
Subject: [Qemu-devel] [PATCH v2 1/2] accel/tcg/translate-all: expand
 cpu_restore_state addr check
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Peter Crosthwaite <crosthwaite.peter@gmail.com>, qemu-devel@nongnu.org,
	qemu-arm@nongnu.org, Paolo Bonzini <pbonzini@redhat.com>,
	=?UTF-8?q?Alex=20Benn=C3=A9e?= <alex.bennee@linaro.org>,
	Richard Henderson <rth@twiddle.net>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+importer=patchew.org@nongnu.org>
X-ZohoMail-DKIM: fail (Header signature does not verify)
X-ZohoMail: RDKM_2  RSF_6  Z_629925259 SPT_0

We are still seeing signals during translation time when we walk over
a page protection boundary. This expands the check to ensure the host
PC is inside the code generation buffer. The original suggestion was
to check versus tcg_ctx.code_gen_ptr but as we now segment the
translation buffer we have to settle for just a general check for
being inside.

I've also fixed up the declaration to make it clear it can deal with
invalid addresses. A later patch will fix up the call sites.

Signed-off-by: Alex Benn=C3=A9e <alex.bennee@linaro.org>
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>

Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
v2:
  - add doc comment to exec-all.h
  - retaddr->host_pc
  - re-word comments on host_pc
  - simplify logic as per rth suggestion
---
 accel/tcg/translate-all.c | 52 ++++++++++++++++++++++++++-----------------=
----
 include/exec/exec-all.h   | 11 ++++++++++
 2 files changed, 40 insertions(+), 23 deletions(-)

diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index 34c5e28d07..e7f0329a52 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -352,36 +352,42 @@ static int cpu_restore_state_from_tb(CPUState *cpu, T=
ranslationBlock *tb,
     return 0;
 }
=20
-bool cpu_restore_state(CPUState *cpu, uintptr_t retaddr)
+bool cpu_restore_state(CPUState *cpu, uintptr_t host_pc)
 {
     TranslationBlock *tb;
     bool r =3D false;
+    uintptr_t check_offset;
=20
-    /* A retaddr of zero is invalid so we really shouldn't have ended
-     * up here. The target code has likely forgotten to check retaddr
-     * !=3D 0 before attempting to restore state. We return early to
-     * avoid blowing up on a recursive tb_lock(). The target must have
-     * previously survived a failed cpu_restore_state because
-     * tb_find_pc(0) would have failed anyway. It still should be
-     * fixed though.
+    /* The host_pc has to be in the region of current code buffer. If
+     * it is not we will not be able to resolve it here. The two cases
+     * where host_pc will not be correct are:
+     *
+     *  - fault during translation (instruction fetch)
+     *  - fault from helper (not using GETPC() macro)
+     *
+     * Either way we need return early to avoid blowing up on a
+     * recursive tb_lock() as we can't resolve it here.
+     *
+     * We are using unsigned arithmetic so if host_pc <
+     * tcg_init_ctx.code_gen_buffer check_offset will wrap to way
+     * above the code_gen_buffer_size
      */
-
-    if (!retaddr) {
-        return r;
-    }
-
-    tb_lock();
-    tb =3D tb_find_pc(retaddr);
-    if (tb) {
-        cpu_restore_state_from_tb(cpu, tb, retaddr);
-        if (tb->cflags & CF_NOCACHE) {
-            /* one-shot translation, invalidate it immediately */
-            tb_phys_invalidate(tb, -1);
-            tb_remove(tb);
+    check_offset =3D host_pc - (uintptr_t) tcg_init_ctx.code_gen_buffer;
+
+    if (check_offset < tcg_init_ctx.code_gen_buffer_size) {
+        tb_lock();
+        tb =3D tb_find_pc(host_pc);
+        if (tb) {
+            cpu_restore_state_from_tb(cpu, tb, host_pc);
+            if (tb->cflags & CF_NOCACHE) {
+                /* one-shot translation, invalidate it immediately */
+                tb_phys_invalidate(tb, -1);
+                tb_remove(tb);
+            }
+            r =3D true;
         }
-        r =3D true;
+        tb_unlock();
     }
-    tb_unlock();
=20
     return r;
 }
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index 923ece3e9b..0f51c92adb 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -45,6 +45,17 @@ void restore_state_to_opc(CPUArchState *env, struct Tran=
slationBlock *tb,
                           target_ulong *data);
=20
 void cpu_gen_init(void);
+
+/**
+ * cpu_restore_state:
+ * @cpu: the vCPU state is to be restore to
+ * @searched_pc: the host PC the fault occurred at
+ * @return: true if state was restored, false otherwise
+ *
+ * Attempt to restore the state for a fault occurring in translated
+ * code. If the searched_pc is not in translated code no state is
+ * restored and the function returns false.
+ */
 bool cpu_restore_state(CPUState *cpu, uintptr_t searched_pc);
=20
 void QEMU_NORETURN cpu_loop_exit_noexc(CPUState *cpu);
--=20
2.14.2