Newer versions of glibc use memcpy() in memmove() for forward moves. The
implementation makese use of MVC. The TCG implementation of MVC is
currently not able to handle faults reliably when crossing pages. MVC
can cross with 256 bytes at most two pages.

In case we get a fault on the second page, we already moved data. When
continuing after the fault we might try to move already overwritten data,
which is very bad in case we have overlapping data on a forward move.

Triggered for now only by rpmbuild (crashes when checking the spec file)
and rpm (database corruptions). This fixes installing Fedora rawhide (31)
under TCG.

I can see similar issues with other MEM helpers, but there is more to clean
up and fix, so fix the obvious first.

This was horrible to debug as it barely triggers and we fail at completely
different places. :)

Cc: Stefano Brivio <sbrivio@redhat.com>
Cc: Florian Weimer <fweimer@redhat.com>

David Hildenbrand (4):
  s390x/tcg: Use guest_addr_valid() instead of h2g_valid() in
    probe_write_access()
  s390x/tcg: Introduce probe_read_access()
  s390x/tcg: MOVE (MVC): Increment the length once
  s390x/tcg: MOVE (MVC): Fault-safe handling

 target/s390x/internal.h   |  2 ++
 target/s390x/mem_helper.c | 72 ++++++++++++++++++++++++++++++++++-----
 2 files changed, 65 insertions(+), 9 deletions(-)

-- 
2.21.0