From patchwork Wed Apr  3 03:43:33 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Richard Henderson <richard.henderson@linaro.org>
X-Patchwork-Id: 161651
Delivered-To: patch@linaro.org
Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp2512369jan;
 Tue, 2 Apr 2019 20:47:09 -0700 (PDT)
X-Google-Smtp-Source: APXvYqwMANLcF/8vSqYNuCa8k37G0paAZJcQs4wWXy7ZYUAPzKwsV+ioJeYOuzPA6jPUpe9Hm6pu
X-Received: by 2002:a25:5785:: with SMTP id
 l127mr60922383ybb.395.1554263229264; 
 Tue, 02 Apr 2019 20:47:09 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1554263229; cv=none;
 d=google.com; s=arc-20160816;
 b=UjbTW1x/wAlK072DIHFXtfFyJRhyYo6iUSpCw+Rym1m2/tsFIJtuyWGn1eH9ruYn/z
 n/06p6JpyzZlYurLk7TKISRXIQtG8jhFiqZDiWp0IKl3XGlweDljhKRtmEi1mLmwSKDK
 MMonD3FL2Vu+IdDyAUypLxSPqzk/WwfdhtiT60zZfGSOns2b0Yrf0JQLWmPIKh/9t4gX
 RLCLPNC7ngE6yMOj4JZUYuh27Tp84NF0qTRoFrgQAgeW7xBZgk1qfeOQn/92w7x495CH
 ig2ahJ5FI3hyiEHS1rWJQPWzrd8HMK0ino8XKXAxHjKh8qM2m57ZO2+O5ECJyP3JeKwB
 OXYQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:subject:references:in-reply-to
 :message-id:date:to:from:dkim-signature;
 bh=eEcb3jpHhBL5V4XKribm6nF4P3y4UD0GK5XfT/XCp8U=;
 b=CvbarCjNPxC+sVYk4vAwJt9kvj9jc6fMRVLiezKIjSq7esVMhpTKKf/mYtGuSfLKFv
 bETVmYl3xS7gqSPUDLrqu5yJ3+VzUofuk9H4XjBX0PBUn7U7uvsIyrIKQbiAaNpdRV2y
 MWNRFImHaegXa7Qr1zXC/l+sihJQZJOELYrf8wuu9CnoPmue2MgNzAM9QVREmhqhC/mw
 3F5S0g7I0Zvei+8ZK4DIeboHN/ZAYl/Afhidl/yvdXTjZw6+BiS+0lpnNI9YXHR11DUT
 fWpzTRBMtX2Bvy9D+5DwG0QysQSRK7UU6WasBAXjDyGVR8UF94wEtXoYtwpxZHhc26WX
 I4Ow==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=fail header.i=@linaro.org header.s=google header.b=B90uKOmq;
 spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates
 209.51.188.17 as permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org";
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17])
 by mx.google.com with ESMTPS id
 b71si7083202ywe.132.2019.04.02.20.47.09 for <patch@linaro.org>
 (version=TLS1 cipher=AES128-SHA bits=128/128);
 Tue, 02 Apr 2019 20:47:09 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates
 209.51.188.17 as permitted sender) client-ip=209.51.188.17; 
Authentication-Results: mx.google.com;
 dkim=fail header.i=@linaro.org header.s=google header.b=B90uKOmq;
 spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates
 209.51.188.17 as permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org";
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from localhost ([127.0.0.1]:51880 helo=lists.gnu.org)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <qemu-devel-bounces+patch=linaro.org@nongnu.org>)
 id 1hBWrk-0005Gi-Pq
 for patch@linaro.org; Tue, 02 Apr 2019 23:47:08 -0400
Received: from eggs.gnu.org ([209.51.188.92]:48452)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <richard.henderson@linaro.org>) id 1hBWoo-0002c4-P4
 for qemu-devel@nongnu.org; Tue, 02 Apr 2019 23:44:07 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <richard.henderson@linaro.org>) id 1hBWon-0007mW-SY
 for qemu-devel@nongnu.org; Tue, 02 Apr 2019 23:44:06 -0400
Received: from mail-pl1-x644.google.com ([2607:f8b0:4864:20::644]:37469)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <richard.henderson@linaro.org>)
 id 1hBWon-0007lf-Lo
 for qemu-devel@nongnu.org; Tue, 02 Apr 2019 23:44:05 -0400
Received: by mail-pl1-x644.google.com with SMTP id w23so4370461ply.4
 for <qemu-devel@nongnu.org>; Tue, 02 Apr 2019 20:44:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; 
 h=from:to:subject:date:message-id:in-reply-to:references;
 bh=eEcb3jpHhBL5V4XKribm6nF4P3y4UD0GK5XfT/XCp8U=;
 b=B90uKOmqgF7EsJHr8jSCfUoZlwOmSDsOZZtu6n0roECm9uhF5MwZQEW/64NwI9+LU8
 e0+YUXJh2N9qzqCCZEZyZXmtjw601kvBv43pZM1CiepuZAm2C2LT/QLuglE9g6r93275
 pp5tsptbbK8+x5KHBosJhGSZE8IFY6Lq0tyCOQkw5DbffPsnH4JtSaJ5PMA0NzXrZ6Al
 F2Bmw/HCk2t9O2Kb14udtmaK1ydmxcf+9uKvjQTE7Tov2uKjgocLkNPxeV8d3sqrjuan
 QN1VjGYe5n0mCia7Gxa1Z/zJPt9w8gu0H36NtYc5Kl+N7yWsD5E03oUhXUBiFLbmd6pZ
 fHqA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
 :references;
 bh=eEcb3jpHhBL5V4XKribm6nF4P3y4UD0GK5XfT/XCp8U=;
 b=ZNoMOUXfjVT3HPQ2eEViaRA2/9wm1NR1QSKsNP3c/4rneac50td0R1KJTICAQGiRqn
 YyhNswATuQaXuMiYqDDgbpzG6Ty9IX/sn0f1yxL+OQ43/Sk25ubfdhPSEbOAuRbviuQf
 EFkD+MMmiJ5GMsUMHVCJJYZ+n1+kWUHHrhE54Q4GqCnnKma8Jdd1Dco6ywROpqREixj2
 +UGI/N8h14mNRUYVDd3lJ8GFvaHIRWdF1hzcF08bTs5/u1WNA1AViBc/76Ee3T4NNdUp
 g1wqICkFMFCG34KeH9ToO3lJRu2ONleK/lR24oQbIY1DNdMVEn0kEbDk3Sgy5xWNt1OE
 KbmA==
X-Gm-Message-State: APjAAAWHtveauEHGUpyGZm9q0JG17jQxsHlJDkbN6XH2h9VmI+TdsFQ/
 1rgxnxGskEffLFXglVjYf0FpPt7u8DuH1g==
X-Received: by 2002:a17:902:2bab:: with SMTP id
 l40mr74190163plb.273.1554263044391; 
 Tue, 02 Apr 2019 20:44:04 -0700 (PDT)
Received: from cloudburst.imgcgcw.net ([147.50.13.10])
 by smtp.gmail.com with ESMTPSA id
 z6sm26753214pgo.31.2019.04.02.20.44.02 for <qemu-devel@nongnu.org>
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Tue, 02 Apr 2019 20:44:03 -0700 (PDT)
From: Richard Henderson <richard.henderson@linaro.org>
To: qemu-devel@nongnu.org
Date: Wed,  3 Apr 2019 10:43:33 +0700
Message-Id: <20190403034358.21999-2-richard.henderson@linaro.org>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20190403034358.21999-1-richard.henderson@linaro.org>
References: <20190403034358.21999-1-richard.henderson@linaro.org>
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
 recognized.
X-Received-From: 2607:f8b0:4864:20::644
Subject: [Qemu-devel] [PATCH 01/26] tcg: Assert h2g_valid for 32-bit guest
 on 64-bit host
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+patch=linaro.org@nongnu.org>

For this combination, we can tell whether or not the address
being accessed is within the 4GB range that is accessible by
the guest.  Otherwise the fault must be elsewhere in qemu,
accessing qemu data structures.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 accel/tcg/user-exec.c | 9 +++++++++
 1 file changed, 9 insertions(+)

-- 
2.17.1

diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
index 0789984fe6..fa9380a380 100644
--- a/accel/tcg/user-exec.c
+++ b/accel/tcg/user-exec.c
@@ -143,6 +143,15 @@ static inline int handle_cpu_signal(uintptr_t pc, siginfo_t *info,
         }
     }
 
+    /*
+     * For a 32-bit guest on a 64-bit host, the set of addresses that we
+     * access on behalf of the guest is constrained.  Anything outside
+     * that range is a bug elsewhere in QEMU.
+     */
+#if TARGET_LONG_BITS == 32 && HOST_LONG_BITS == 64
+    g_assert(h2g_valid(address));
+#endif
+
     /* Convert forcefully to guest address space, invalid addresses
        are still valid segv ones */
     address = h2g_nocheck(address);