| commit | 565a84c1e61acb6e2bce03e5ca88b5ce400231ca | |
| author | Ilya Leoshkevich <iii@linux.ibm.com> | |
| Wed, 4 May 2022 11:48:19 +0000 (4 13:48 +0200) | ||
| committer | Laurent Vivier <laurent@vivier.eu> | |
| Mon, 23 May 2022 20:54:02 +0000 (23 22:54 +0200) | ||
| tree | 2282a994ad77b9e80f0a75a2932c2f6e8e61b13d | treesnapshot (tar.gz zip) |
| parent | 1a75b14038bd77b0af7d2ddb0cf230b31f75623e | commitdiff |
linux-user/host/s390: Treat EX and EXRL as writes
clang-built s390x branch-relative-long test fails on clang-built s390x
QEMU due to the following sequence of events:
- The test zeroes out a code page, clang generates exrl+xc for this.
- do_helper_xc() is called. Clang generates exrl+xc there as well.
- Since there already exists a TB for the code in question, its page is
read-only and SIGSEGV is raised.
- host_signal_handler() calls host_signal_write() and the latter does
not recognize exrl as a write. Therefore page_unprotect() is not
called and the signal is forwarded to the test.
Fix by treating EXRL (and EX, just in case) as writes. There may be
false positives, but they will lead only to an extra page_unprotect()
call.
Reported-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220504114819.1729737-1-iii@linux.ibm.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
clang-built s390x branch-relative-long test fails on clang-built s390x
QEMU due to the following sequence of events:
- The test zeroes out a code page, clang generates exrl+xc for this.
- do_helper_xc() is called. Clang generates exrl+xc there as well.
- Since there already exists a TB for the code in question, its page is
read-only and SIGSEGV is raised.
- host_signal_handler() calls host_signal_write() and the latter does
not recognize exrl as a write. Therefore page_unprotect() is not
called and the signal is forwarded to the test.
Fix by treating EXRL (and EX, just in case) as writes. There may be
false positives, but they will lead only to an extra page_unprotect()
call.
Reported-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220504114819.1729737-1-iii@linux.ibm.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
| linux-user/include/host/s390/host-signal.h | diffblobblamehistory |