* [PATCH] linux-user/host/s390: Treat EX and EXRL as writes
@ 2022-05-04 11:48 Ilya Leoshkevich
2022-05-04 13:46 ` Thomas Huth
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Ilya Leoshkevich @ 2022-05-04 11:48 UTC (permalink / raw)
To: Laurent Vivier
Cc: Richard Henderson, David Hildenbrand, qemu-s390x, qemu-devel,
Christian Borntraeger, Thomas Huth, Ilya Leoshkevich
clang-built s390x branch-relative-long test fails on clang-built s390x
QEMU due to the following sequence of events:
- The test zeroes out a code page, clang generates exrl+xc for this.
- do_helper_xc() is called. Clang generates exrl+xc there as well.
- Since there already exists a TB for the code in question, its page is
read-only and SIGSEGV is raised.
- host_signal_handler() calls host_signal_write() and the latter does
not recognize exrl as a write. Therefore page_unprotect() is not
called and the signal is forwarded to the test.
Fix by treating EXRL (and EX, just in case) as writes. There may be
false positives, but they will lead only to an extra page_unprotect()
call.
Reported-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
---
linux-user/include/host/s390/host-signal.h | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/linux-user/include/host/s390/host-signal.h b/linux-user/include/host/s390/host-signal.h
index 6f191e64d7..25fefa00bd 100644
--- a/linux-user/include/host/s390/host-signal.h
+++ b/linux-user/include/host/s390/host-signal.h
@@ -50,6 +50,7 @@ static inline bool host_signal_write(siginfo_t *info, host_sigcontext *uc)
case 0x50: /* ST */
case 0x42: /* STC */
case 0x40: /* STH */
+ case 0x44: /* EX */
case 0xba: /* CS */
case 0xbb: /* CDS */
return true;
@@ -61,6 +62,12 @@ static inline bool host_signal_write(siginfo_t *info, host_sigcontext *uc)
return true;
}
break;
+ case 0xc6: /* RIL-b format insns */
+ switch (pinsn[0] & 0xf) {
+ case 0x0: /* EXRL */
+ return true;
+ }
+ break;
case 0xc8: /* SSF format insns */
switch (pinsn[0] & 0xf) {
case 0x2: /* CSST */
--
2.35.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] linux-user/host/s390: Treat EX and EXRL as writes
2022-05-04 11:48 [PATCH] linux-user/host/s390: Treat EX and EXRL as writes Ilya Leoshkevich
@ 2022-05-04 13:46 ` Thomas Huth
2022-05-04 15:27 ` Richard Henderson
2022-05-23 20:54 ` Laurent Vivier
2 siblings, 0 replies; 4+ messages in thread
From: Thomas Huth @ 2022-05-04 13:46 UTC (permalink / raw)
To: Ilya Leoshkevich, Laurent Vivier
Cc: Richard Henderson, David Hildenbrand, qemu-s390x, qemu-devel,
Christian Borntraeger
On 04/05/2022 13.48, Ilya Leoshkevich wrote:
> clang-built s390x branch-relative-long test fails on clang-built s390x
> QEMU due to the following sequence of events:
>
> - The test zeroes out a code page, clang generates exrl+xc for this.
>
> - do_helper_xc() is called. Clang generates exrl+xc there as well.
>
> - Since there already exists a TB for the code in question, its page is
> read-only and SIGSEGV is raised.
>
> - host_signal_handler() calls host_signal_write() and the latter does
> not recognize exrl as a write. Therefore page_unprotect() is not
> called and the signal is forwarded to the test.
>
> Fix by treating EXRL (and EX, just in case) as writes. There may be
> false positives, but they will lead only to an extra page_unprotect()
> call.
>
> Reported-by: Thomas Huth <thuth@redhat.com>
> Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
> ---
> linux-user/include/host/s390/host-signal.h | 7 +++++++
> 1 file changed, 7 insertions(+)
Great, this fixes the crash for me, indeed! Thank you!
Tested-by: Thomas Huth <thuth@redhat.com>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] linux-user/host/s390: Treat EX and EXRL as writes
2022-05-04 11:48 [PATCH] linux-user/host/s390: Treat EX and EXRL as writes Ilya Leoshkevich
2022-05-04 13:46 ` Thomas Huth
@ 2022-05-04 15:27 ` Richard Henderson
2022-05-23 20:54 ` Laurent Vivier
2 siblings, 0 replies; 4+ messages in thread
From: Richard Henderson @ 2022-05-04 15:27 UTC (permalink / raw)
To: Ilya Leoshkevich, Laurent Vivier
Cc: David Hildenbrand, qemu-s390x, qemu-devel, Christian Borntraeger,
Thomas Huth
On 5/4/22 04:48, Ilya Leoshkevich wrote:
> clang-built s390x branch-relative-long test fails on clang-built s390x
> QEMU due to the following sequence of events:
>
> - The test zeroes out a code page, clang generates exrl+xc for this.
>
> - do_helper_xc() is called. Clang generates exrl+xc there as well.
>
> - Since there already exists a TB for the code in question, its page is
> read-only and SIGSEGV is raised.
>
> - host_signal_handler() calls host_signal_write() and the latter does
> not recognize exrl as a write. Therefore page_unprotect() is not
> called and the signal is forwarded to the test.
>
> Fix by treating EXRL (and EX, just in case) as writes. There may be
> false positives, but they will lead only to an extra page_unprotect()
> call.
>
> Reported-by: Thomas Huth<thuth@redhat.com>
> Signed-off-by: Ilya Leoshkevich<iii@linux.ibm.com>
> ---
> linux-user/include/host/s390/host-signal.h | 7 +++++++
> 1 file changed, 7 insertions(+)
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] linux-user/host/s390: Treat EX and EXRL as writes
2022-05-04 11:48 [PATCH] linux-user/host/s390: Treat EX and EXRL as writes Ilya Leoshkevich
2022-05-04 13:46 ` Thomas Huth
2022-05-04 15:27 ` Richard Henderson
@ 2022-05-23 20:54 ` Laurent Vivier
2 siblings, 0 replies; 4+ messages in thread
From: Laurent Vivier @ 2022-05-23 20:54 UTC (permalink / raw)
To: Ilya Leoshkevich
Cc: Richard Henderson, David Hildenbrand, qemu-s390x, qemu-devel,
Christian Borntraeger, Thomas Huth
Le 04/05/2022 à 13:48, Ilya Leoshkevich a écrit :
> clang-built s390x branch-relative-long test fails on clang-built s390x
> QEMU due to the following sequence of events:
>
> - The test zeroes out a code page, clang generates exrl+xc for this.
>
> - do_helper_xc() is called. Clang generates exrl+xc there as well.
>
> - Since there already exists a TB for the code in question, its page is
> read-only and SIGSEGV is raised.
>
> - host_signal_handler() calls host_signal_write() and the latter does
> not recognize exrl as a write. Therefore page_unprotect() is not
> called and the signal is forwarded to the test.
>
> Fix by treating EXRL (and EX, just in case) as writes. There may be
> false positives, but they will lead only to an extra page_unprotect()
> call.
>
> Reported-by: Thomas Huth <thuth@redhat.com>
> Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
> ---
> linux-user/include/host/s390/host-signal.h | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/linux-user/include/host/s390/host-signal.h b/linux-user/include/host/s390/host-signal.h
> index 6f191e64d7..25fefa00bd 100644
> --- a/linux-user/include/host/s390/host-signal.h
> +++ b/linux-user/include/host/s390/host-signal.h
> @@ -50,6 +50,7 @@ static inline bool host_signal_write(siginfo_t *info, host_sigcontext *uc)
> case 0x50: /* ST */
> case 0x42: /* STC */
> case 0x40: /* STH */
> + case 0x44: /* EX */
> case 0xba: /* CS */
> case 0xbb: /* CDS */
> return true;
> @@ -61,6 +62,12 @@ static inline bool host_signal_write(siginfo_t *info, host_sigcontext *uc)
> return true;
> }
> break;
> + case 0xc6: /* RIL-b format insns */
> + switch (pinsn[0] & 0xf) {
> + case 0x0: /* EXRL */
> + return true;
> + }
> + break;
> case 0xc8: /* SSF format insns */
> switch (pinsn[0] & 0xf) {
> case 0x2: /* CSST */
Applied to my linux-user-for-7.1 branch.
Thanks,
Laurent
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-05-23 21:28 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-05-04 11:48 [PATCH] linux-user/host/s390: Treat EX and EXRL as writes Ilya Leoshkevich
2022-05-04 13:46 ` Thomas Huth
2022-05-04 15:27 ` Richard Henderson
2022-05-23 20:54 ` Laurent Vivier
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.