From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:44408)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <peter.maydell@linaro.org>) id 1SRLK2-0002tW-Mo
	for qemu-devel@nongnu.org; Mon, 07 May 2012 06:37:48 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <peter.maydell@linaro.org>) id 1SRLJx-0003bR-V5
	for qemu-devel@nongnu.org; Mon, 07 May 2012 06:37:42 -0400
Received: from mail-ob0-f173.google.com ([209.85.214.173]:45773)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <peter.maydell@linaro.org>) id 1SRLJx-0003b5-Pz
	for qemu-devel@nongnu.org; Mon, 07 May 2012 06:37:37 -0400
Received: by obbwd20 with SMTP id wd20so9834998obb.4
	for <qemu-devel@nongnu.org>; Mon, 07 May 2012 03:37:34 -0700 (PDT)
MIME-Version: 1.0
In-Reply-To: <1336383010-28692-1-git-send-email-agraf@suse.de>
References: <1336383010-28692-1-git-send-email-agraf@suse.de>
Date: Mon, 7 May 2012 11:37:34 +0100
Message-ID: <CAFEAcA-u2Ty0iXNQumn7HY4MH-uVkZ616BZJUAUoC-k02v+WEA@mail.gmail.com>
From: Peter Maydell <peter.maydell@linaro.org>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] [PATCH] linux-user: Fix stale tbs after mmap
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Alexander Graf <agraf@suse.de>
Cc: Riku Voipio <riku.voipio@iki.fi>, qemu-devel Developers <qemu-devel@nongnu.org>

On 7 May 2012 10:30, Alexander Graf <agraf@suse.de> wrote:
> @@ -587,6 +587,7 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, =
int prot,
> =C2=A0 =C2=A0 page_dump(stdout);
> =C2=A0 =C2=A0 printf("\n");
> =C2=A0#endif
> + =C2=A0 =C2=A0tb_invalidate_phys_page_range(start, start + len, 0);
> =C2=A0 =C2=A0 mmap_unlock();
> =C2=A0 =C2=A0 return start;

The comment at the top of tb_invalidate_phys_page_range() says
"start and end must refer to the same physical page" -- is it
out of date or does that not apply to user-mode?

Do you need to also invalidate the range on munmap() and
mprotect-to-not-executable in order to correctly fault on
the case of:
  map something
  execute it
  unmap it
  try to execute it again

? (haven't tested that case but it seems like it might be an issue)

-- PMM