From: Richard Henderson <richard.henderson@linaro.org>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-devel@nongnu.org, qemu-arm@nongnu.org
Subject: Re: [PATCH v4 02/16] accel/tcg: Fix check for page writeability in load_atomic16_or_exit
Date: Tue, 30 May 2023 06:58:26 -0700 [thread overview]
Message-ID: <5192c74b-38fb-7f2e-7b27-58d210c1b087@linaro.org> (raw)
In-Reply-To: <CAFEAcA8E_wbiL=xxc=qzfbhBjTsGVxpMGYex_Ezsn_=47DJP3w@mail.gmail.com>
On 5/30/23 06:44, Peter Maydell wrote:
> On Fri, 26 May 2023 at 01:24, Richard Henderson
> <richard.henderson@linaro.org> wrote:
>>
>> PAGE_WRITE is current writability, as modified by TB protection;
>> PAGE_WRITE_ORG is the original page writability.
>>
>> Fixes: cdfac37be0d ("accel/tcg: Honor atomicity of loads")
>> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
>> ---
>> accel/tcg/ldst_atomicity.c.inc | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/accel/tcg/ldst_atomicity.c.inc b/accel/tcg/ldst_atomicity.c.inc
>> index 0f6b3f8ab6..57163f5ca2 100644
>> --- a/accel/tcg/ldst_atomicity.c.inc
>> +++ b/accel/tcg/ldst_atomicity.c.inc
>> @@ -191,7 +191,7 @@ static Int128 load_atomic16_or_exit(CPUArchState *env, uintptr_t ra, void *pv)
>> * another process, because the fallback start_exclusive solution
>> * provides no protection across processes.
>> */
>> - if (!page_check_range(h2g(p), 16, PAGE_WRITE)) {
>> + if (!page_check_range(h2g(p), 16, PAGE_WRITE_ORG)) {
>> return *p;
>> }
>> #endif
>> --
>> 2.34.1
>
> load_atomic8_or_exit() has a similar condition, so
> we should change either both or neither.
>
> So, if I understand this correctly, !PAGE_WRITE_ORG is a
> stricter test than !PAGE_WRITE, so we're saying "don't
> do a simple non-atomic load if the page was only read-only
> because we've translated code out of it". Why is it
> not OK to do the non-atomic load in that case? I guess
> because we don't have the mmap lock, so some other thread
> might nip in and do an access that causes us to invalidate
> the TBs and move the page back to writeable?
This is about falling through to the cmpxchg below: if !PAGE_WRITE_ORG, then the page is
really not writable, we will SIGSEGV, and handle_sigsegv_accerr_write will kill the process.
r~
next prev parent reply other threads:[~2023-05-30 13:59 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-26 0:23 [PATCH v4 00/16] tcg: Improvements to atomic128 Richard Henderson
2023-05-26 0:23 ` [PATCH v4 01/16] tcg: Fix register move type in tcg_out_ld_helper_ret Richard Henderson
2023-05-30 13:36 ` Peter Maydell
2023-05-26 0:23 ` [PATCH v4 02/16] accel/tcg: Fix check for page writeability in load_atomic16_or_exit Richard Henderson
2023-05-30 13:44 ` Peter Maydell
2023-05-30 13:58 ` Richard Henderson [this message]
2023-05-30 14:06 ` Peter Maydell
2023-05-30 14:29 ` Richard Henderson
2023-05-30 14:48 ` Peter Maydell
2023-05-30 15:09 ` Richard Henderson
2023-05-30 15:18 ` Peter Maydell
2023-05-26 0:23 ` [PATCH v4 03/16] meson: Split test for __int128_t type from __int128_t arithmetic Richard Henderson
2023-05-30 13:47 ` Peter Maydell
2023-05-26 0:23 ` [PATCH v4 04/16] qemu/atomic128: Add x86_64 atomic128-ldst.h Richard Henderson
2023-05-26 0:23 ` [PATCH v4 05/16] tcg/i386: Support 128-bit load/store Richard Henderson
2023-05-30 15:02 ` Peter Maydell
2023-05-26 0:23 ` [PATCH v4 06/16] tcg/aarch64: Rename temporaries Richard Henderson
2023-05-26 0:23 ` [PATCH v4 07/16] tcg/aarch64: Reserve TCG_REG_TMP1, TCG_REG_TMP2 Richard Henderson
2023-05-30 13:52 ` Peter Maydell
2023-05-26 0:23 ` [PATCH v4 08/16] tcg/aarch64: Simplify constraints on qemu_ld/st Richard Henderson
2023-05-30 13:55 ` Peter Maydell
2023-05-26 0:23 ` [PATCH v4 09/16] tcg/aarch64: Support 128-bit load/store Richard Henderson
2023-05-26 0:23 ` [PATCH v4 10/16] tcg/ppc: " Richard Henderson
2023-05-26 0:23 ` [PATCH v4 11/16] tcg/s390x: " Richard Henderson
2023-05-26 0:23 ` [PATCH v4 12/16] accel/tcg: Extract load_atom_extract_al16_or_al8 to host header Richard Henderson
2023-05-30 13:58 ` Peter Maydell
2023-05-26 0:23 ` [PATCH v4 13/16] accel/tcg: Extract store_atom_insert_al16 " Richard Henderson
2023-05-30 13:59 ` Peter Maydell
2023-05-26 0:23 ` [PATCH v4 14/16] accel/tcg: Add x86_64 load_atom_extract_al16_or_al8 Richard Henderson
2023-05-30 14:01 ` Peter Maydell
2023-05-26 0:23 ` [PATCH v4 15/16] accel/tcg: Add aarch64 lse2 load_atom_extract_al16_or_al8 Richard Henderson
2023-05-30 14:02 ` Peter Maydell
2023-05-26 0:23 ` [PATCH v4 16/16] accel/tcg: Add aarch64 store_atom_insert_al16 Richard Henderson
2023-05-30 14:04 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5192c74b-38fb-7f2e-7b27-58d210c1b087@linaro.org \
--to=richard.henderson@linaro.org \
--cc=peter.maydell@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.