On Wed, Oct 05, 2022 at 08:44:02PM -0700, Richard Henderson wrote:
> All callers pass s->pc_tmp.
>
> Reviewed-by: Philippe Mathieu-Daudé
> Signed-off-by: Richard Henderson
> ---
> target/s390x/tcg/translate.c | 10 ++
> 1 file changed, 6 insertions(+), 4 deletio
ged, 46 insertions(+), 23 deletions(-)
Reviewed-by: Ilya Leoshkevich
g/translate.c | 21 -
> 1 file changed, 12 insertions(+), 9 deletions(-)
Reviewed-by: Ilya Leoshkevich
tions(-)
Reviewed-by: Ilya Leoshkevich
t; TCGv_i64 t1 = tcg_temp_new_i64();
> TCGv_i64 t2 = tcg_temp_new_i64();
> TCGv_i64 t3 = tcg_temp_new_i64();
This also fixes a leak, right?
...
Reviewed-by: Ilya Leoshkevich
> 1 file changed, 1 insertion(+), 25 deletions(-)
Reviewed-by: Ilya Leoshkevich
--
> target/s390x/tcg/translate.c | 44 ++--
> 1 file changed, 22 insertions(+), 22 deletions(-)
I did not check all the code paths in the consumer, but if there is a
bug and a or b ends up being modified, one of the temp_readonly()
assertions will catc
tcg/translate.c | 408 +--
> 1 file changed, 145 insertions(+), 263 deletions(-)
Reviewed-by: Ilya Leoshkevich
On Wed, Nov 02, 2022 at 08:47:24PM +1100, Richard Henderson wrote:
> On 11/2/22 20:38, Ilya Leoshkevich wrote:
> > On Fri, Oct 21, 2022 at 05:30:06PM +1000, Richard Henderson wrote:
> > > Signed-off-by: Richard Henderson
> > > ---
> > >
It's RRE, not RXE.
Found by running valgrind's none/tests/s390x/bfp-2.
Fixes: 86b59624c4aa ("s390x/tcg: Implement LOAD LENGTHENED short HFP to long
HFP")
Signed-off-by: Ilya Leoshkevich
---
target/s390x/tcg/insn-data.def | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
On Fri, Oct 21, 2022 at 05:30:06PM +1000, Richard Henderson wrote:
> Signed-off-by: Richard Henderson
> ---
> target/s390x/helper.h | 32 ++---
> target/s390x/tcg/fpu_helper.c | 88 ++
> target/s390x/tcg/translate.c | 76
Add a basic test to prevent regressions.
Signed-off-by: Ilya Leoshkevich
---
tests/tcg/s390x/Makefile.target | 1 +
tests/tcg/s390x/div.c | 40 +
2 files changed, 41 insertions(+)
create mode 100644 tests/tcg/s390x/div.c
diff --git a/tests/tcg/s390x
On Fri, Oct 21, 2022 at 05:29:58PM +1000, Richard Henderson wrote:
> Pack the quotient and remainder into a single uint64_t.
>
> Signed-off-by: Richard Henderson
> ---
> target/s390x/helper.h | 2 +-
> target/s390x/tcg/int_helper.c | 26 +-
>
dex has been assigned.
>
> Fixes a problem with cross-cpu jump cache flushing, when the
> jump cache has not yet been allocated.
>
> Fixes: a976a99a2975 ("include/hw/core: Create struct CPUJumpCache")
> Reported-by: Ilya Leoshkevich
> Signed-off-by: Richard Henders
Add a test to detect races between munmap() and creating new threads.
Signed-off-by: Ilya Leoshkevich
---
tests/tcg/multiarch/Makefile.target | 3 ++
tests/tcg/multiarch/munmap-pthread.c | 71
2 files changed, 74 insertions(+)
create mode 100644 tests/tcg
/core: Create struct CPUJumpCache")
Signed-off-by: Ilya Leoshkevich
---
accel/tcg/tb-maint.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/accel/tcg/tb-maint.c b/accel/tcg/tb-maint.c
index c8e921089df..2a063f91aa6 100644
--- a/accel/tcg/tb-maint.c
+++ b/accel/tcg/tb-maint.c
@@ -241
] https://lists.gnu.org/archive/html/qemu-devel/2022-10/msg05181.html
Best regards,
Ilya
Ilya Leoshkevich (2):
accel/tcg: Fix concurrent pthread_create() and munmap()
tests/tcg/multiarch: Add munmap-pthread.c
accel/tcg/tb-maint.c | 5 ++
tests/tcg/multiarch/Makefile.target
On Thu, Oct 27, 2022 at 04:18:56PM +0200, Ilya Leoshkevich wrote:
> On Tue, Oct 04, 2022 at 12:52:36PM -0700, Richard Henderson wrote:
> > Wrap the bare TranslationBlock pointer into a structure.
> >
> > Reviewed-by: Alex Bennée
> > Reviewed-by: Philippe Mathieu-Daudé
On Tue, Oct 04, 2022 at 12:52:36PM -0700, Richard Henderson wrote:
> Wrap the bare TranslationBlock pointer into a structure.
>
> Reviewed-by: Alex Bennée
> Reviewed-by: Philippe Mathieu-Daudé
> Signed-off-by: Richard Henderson
> ---
> accel/tcg/tb-hash.h | 1 +
>
the ssh client
consider only the keys specified on the command line.
Signed-off-by: Ilya Leoshkevich
---
tests/vm/basevm.py | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tests/vm/basevm.py b/tests/vm/basevm.py
index 4fd9af10b7f..2276364c42f 100644
--- a/tests/vm/basevm.py
On Fri, Oct 21, 2022 at 05:30:05PM +1000, Richard Henderson wrote:
> Signed-off-by: Richard Henderson
> ---
> target/s390x/helper.h | 22 +++
> target/s390x/tcg/fpu_helper.c | 29 ++--
> target/s390x/tcg/translate.c | 49 +++---
sts/tcg/s390x/long-double.c
It might be better to do this in asm in order to be sure that a
compiler doesn't perform any magic. But at least as of today gcc
generates all the "interesting" instructions from this code.
Acked-by: Ilya Leoshkevich
chard Henderson
> ---
> target/s390x/tcg/translate.c | 8
> target/s390x/tcg/insn-data.def | 12 ++--
> 2 files changed, 14 insertions(+), 6 deletions(-)
Acked-by: Ilya Leoshkevich
eletions(-)
Acked-by: Ilya Leoshkevich
eletions(-)
Acked-by: Ilya Leoshkevich
I wanted to make sure that the pair elements were not mixed up and
wrote a small test. Feel free to add it to the series.
Ilya Leoshkevich (1):
tests/tcg/s390x: Add clst.c
tests/tcg/s390x/Makefile.target | 1 +
tests/tcg/s390x/clst.c | 82 +
2 files
Add a basic test to prevent regressions.
Signed-off-by: Ilya Leoshkevich
---
tests/tcg/s390x/Makefile.target | 1 +
tests/tcg/s390x/clst.c | 82 +
2 files changed, 83 insertions(+)
create mode 100644 tests/tcg/s390x/clst.c
diff --git a/tests/tcg/s390x
s(+), 10 deletions(-)
Acked-by: Ilya Leoshkevich
I wanted to make sure the ordering within a pair was right and wrote a
small test. Feel free to add it to the series:
From: Ilya Leoshkevich
Subject: [PATCH] tests/tcg/s390x: Add clst.c
Add a basic test to prevent regressions.
Signed-off-by
ard Henderson
Acked-by: Ilya Leoshkevich
On Fri, Oct 21, 2022 at 05:15:32PM +1000, Richard Henderson wrote:
> Change 32-bit tci TCG_TARGET_CALL_ARG_I32 to TCG_CALL_ARG_EVEN, to
> force 32-bit values to be aligned to 64-bit. With a small reorg
> to the argument processing loop, this neatly replaces an ifdef for
> CONFIG_TCG_INTERPRETER.
gt; target/s390x/tcg/translate.c | 10 ++
> 3 files changed, 20 insertions(+), 18 deletions(-)
Acked-by: Ilya Leoshkevich
with translator so plugins work */
> + for (i = 0; i < ilen; i++) {
> + uint8_t byte = extract64(insn, 56 - (i * 8), 8);
> + translator_fake_ldb(byte, pc + i);
> + }
> op = insn >> 56;
> } else {
> insn = ld_code2(env, s, pc);
Acked-by: Ilya Leoshkevich
t;base.pc_next)) ||
> - dc->ex_value) {
> + if (dc->ex_value ||
> + !is_same_page(dcbase, dc->base.pc_next) ||
> + !is_same_page(dcbase, get_next_pc(env, dc, dc-
> >base.pc_next))) {
> dc->base.is_jmp = DISAS_TOO_MANY;
> }
> }
Acked-by: Ilya Leoshkevich
gt;
> return pc + get_ilen((insn >> 8) & 0xff);
> }
Acked-by: Ilya Leoshkevich
ERS
> index e3d5b7e09c46..ae5e8c8ecbb6 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -305,6 +305,7 @@ F: target/rx/
> S390 TCG CPUs
> M: Richard Henderson
> M: David Hildenbrand
> +R: Ilya Leoshkevich
> S: Maintained
> F: target/s390x/
> F: target/s390x/tcg
Acked-by: Ilya Leoshkevich
Thanks!
On Fri, 2022-10-14 at 07:35 +1100, Richard Henderson wrote:
> On 10/12/22 22:18, Ilya Leoshkevich wrote:
> > Add ability to dump /tmp/perf-.map and jit-.dump.
> > The first one allows the perf tool to map samples to each
> > individual
> > translation block. The
/msg04289.html
v4: https://lists.gnu.org/archive/html/qemu-devel/2015-08/msg00095.html
It addresses some of the feedback (among other things: symlink attacks,
Elf64_Ehdr on 32-bit hosts, flockfile, license headers, style) and adds
debuginfo support.
Best regards,
Ilya
Ilya Leoshkevich (1):
tcg
perf report
or
perf record -k 1 qemu-x86_64 -jitdump ./a.out
perf inject -j -i perf.data -o perf.data.jitted
perf report -i perf.data.jitted
Co-developed-by: Vanderson M. do Rosario
Co-developed-by: Alex Bennée
Signed-off-by: Ilya Leoshkevich
---
accel/tcg/debuginfo.c | 108
to memory to
host_signal_write().
Reported-by: Thomas Huth
Fixes: ab12c95d3f19 ("target/s390x: Make translator stop before the end of a
page")
Signed-off-by: Ilya Leoshkevich
---
linux-user/include/host/s390/host-signal.h | 25 ++
1 file changed, 25 insertions(+)
dif
04:26 +0100)
> >
> >
> > Respect PROT_EXEC in user-only mode.
> > Fix s390x, i386 and riscv for translations crossing a page.
> >
> > --
Add a test that checks madvise(MADV_DONTNEED) behavior with anonymous
and file mappings in order to prevent regressions.
Signed-off-by: Ilya Leoshkevich
---
tests/tcg/multiarch/linux/linux-madvise.c | 70 +++
1 file changed, 70 insertions(+)
create mode 100644 tests/tcg
The default implementation has several problems: the first argument is
not displayed as a pointer, making it harder to grep; the third
argument is not symbolized; and there are several extra unused
arguments.
Signed-off-by: Ilya Leoshkevich
---
linux-user/strace.c| 41
MADV_DONTNEED has a different value on alpha, compared to all the other
architectures. Fix by using TARGET_MADV_DONTNEED instead of
MADV_DONTNEED.
Fixes: 892a4f6a750a ("linux-user: Add partial support for MADV_DONTNEED")
Signed-off-by: Ilya Leoshkevich
---
linux-user/mmap.c | 3 +
ASSTHROUGH, and then allow madvise() passthrough for these
pages. Drop the explicit PAGE_ANON check, since anonymous mappings are
expected to have PAGE_PASSTHROUGH anyway.
Add PAGE_PASSTHROUGH to PAGE_STICKY in order to keep it on mprotect().
Signed-off-by: Ilya Leoshkevich
Message-Id: <202207251
Provide MADV_* definitions using target_mman.h header, similar to what
kernel does. Most architectures use the same values, with the exception
of alpha and hppa.
Signed-off-by: Ilya Leoshkevich
---
linux-user/aarch64/target_mman.h | 1 +
linux-user/alpha/target_mman.h | 8 +++
linux
* constants for all architectures.
Patch 2 fixes the alpha bug.
Patch 3 adds madvise() support to strace.
Patch 4 adds MADV_DONTNEED support for file mappings.
Patch 5 adds a test.
Best regards,
Ilya
[1] https://lists.gnu.org/archive/html/qemu-devel/2022-09/msg00710.html
Ilya Leoshkevich (5
On Mon, 2022-09-05 at 23:40 +0200, Ilya Leoshkevich wrote:
> The default implementation has several problems: the first argument
> is
> not displayed as a pointer, making it harder to grep; the third
> argument is not symbolized; and there are several extra unused
> arguments.
The default implementation has several problems: the first argument is
not displayed as a pointer, making it harder to grep; the third
argument is not symbolized; and there are several extra unused
arguments.
Signed-off-by: Ilya Leoshkevich
---
v1: https://lists.gnu.org/archive/html/qemu-devel
make sure there are no regressions.
[1] https://lists.gnu.org/archive/html/qemu-devel/2022-09/msg00034.html
Signed-off-by: Ilya Leoshkevich
---
v1: https://lists.gnu.org/archive/html/qemu-devel/2022-09/msg00455.html
v1 -> v2: Fix tweaking the flags (Alex).
Keep the custom build rule for
On Sat, 2022-09-03 at 10:13 +0100, Alex Bennée wrote:
>
> Ilya Leoshkevich writes:
>
> > commit f025692c992c ("accel/tcg: Clear PAGE_WRITE before
> > translation")
> > fixed cross-modifying code handling, but did not add a test. The
> > changed co
make sure there are no regressions.
[1] https://lists.gnu.org/archive/html/qemu-devel/2022-09/msg00034.html
Signed-off-by: Ilya Leoshkevich
---
tests/tcg/x86_64/Makefile.target| 6 +-
tests/tcg/x86_64/cross-modifying-code.c | 80 +
2 files changed, 85 insertions(+),
On Mon, 2022-07-25 at 14:50 +0200, Ilya Leoshkevich wrote:
> This is a follow-up for commit 892a4f6a750a ("linux-user: Add partial
> support for MADV_DONTNEED"), which added passthrough for anonymous
> mappings. File mappings can be handled in a similar manner.
>
> In ord
On Tue, 2022-08-23 at 15:05 -0700, Richard Henderson wrote:
> From: Ilya Leoshkevich
>
> Currently it's possible to execute pages that do not have PAGE_EXEC
> if there is an existing translation block. Fix by clearing
> tb_jmp_cache
> and invalidating TBs, which forces recheck
virt_page2 = TARGET_PAGE_ALIGN(desc->pc);
> phys_page2 = get_page_addr_code(desc->env, virt_page2);
> if (tb->page_addr[1] == phys_page2) {
> return true;
Acked-by: Ilya Leoshkevich
l(CPUArchState *env, DisasContextBase *db,
> abi_ptr pc)
> +{
> +uint32_t ret, plug;
> +void *p = translator_access(env, db, pc, sizeof(ret));
> +
> +if (p) {
> + plugin_insn_append(pc, p, sizeof(ret));
> +return ldl_p(p);
> +}
> +ret = cpu_ldl_code(env, pc);
> +plug = tswap32(ret);
> +plugin_insn_append(pc, , sizeof(ret));
> +return ret;
> +}
> +
> +uint64_t translator_ldq(CPUArchState *env, DisasContextBase *db,
> abi_ptr pc)
> +{
> +uint64_t ret, plug;
> +void *p = translator_access(env, db, pc, sizeof(ret));
> +
> +if (p) {
> +plugin_insn_append(pc, p, sizeof(ret));
> +return ldq_p(p);
> +}
> +ret = cpu_ldq_code(env, pc);
> +plug = tswap64(ret);
> +plugin_insn_append(pc, , sizeof(ret));
> +return ret;
> +}
Hi,
I think you need the following fixup here:
--- a/tests/tcg/multiarch/noexec.c.inc
+++ b/tests/tcg/multiarch/noexec.c.inc
@@ -1,8 +1,5 @@
/*
* Common code for arch-specific MMU_INST_FETCH fault testing.
- *
- * Declare struct arch_noexec_test before including this file and
define
- * arch_check_mcontext() after that.
*/
#define _GNU_SOURCE
@@ -13,6 +10,7 @@
#include
#include
#include
+#include
#include
#include
After the simplifications the comment is no longer true or useful;
unistd.h is needed for getpagesize().
With that:
Acked-by: Ilya Leoshkevich
Tested-by: Ilya Leoshkevich
for the series.
Best regards,
Ilya
On Fri, 2022-08-19 at 00:55 +0800, Vivian Wang wrote:
> Hi,
> Could this be related to issue 1155 [1]? On RISC-V, I'm getting
> incorrect [m|s]tval/[m|s]epc combinations for page faults in system
> emulation and incorrect si_addr and program counter on SIGSEGV in
> user emulation. Since it seems
On Wed, 2022-08-17 at 11:23 -0500, Richard Henderson wrote:
> On 8/17/22 10:05, Ilya Leoshkevich wrote:
> > Hi,
> >
> > I noticed that when we get a SEGV due to jumping to non-readable
> > memory, sometimes si_addr and program counter in siginfo_t are
> > slig
I2 is 16 bits, not 32.
Found by running valgrind's none/tests/s390x/traps.
Fixes: 1c2687518235 ("target-s390: Implement COMPARE AND TRAP")
Signed-off-by: Ilya Leoshkevich
---
target/s390x/tcg/insn-data.def | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/target
Currently it's possible to execute pages that do not have PAGE_EXEC if
there is an existing translation block. Fix by clearing tb_jmp_cache,
which forces HELPER(lookup_tb_ptr)() to recheck permission bits the
next time.
Signed-off-by: Ilya Leoshkevich
---
linux-user/mmap.c | 14
.
Signed-off-by: Ilya Leoshkevich
Reviewed-by: Richard Henderson
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1143
---
target/i386/tcg/translate.c | 25 -
1 file changed, 24 insertions(+), 1 deletion(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg
Add x86_64 and s390x tests to prevent regressions.
Signed-off-by: Ilya Leoshkevich
---
tests/tcg/multiarch/noexec.h | 114
tests/tcg/s390x/Makefile.target | 1 +
tests/tcg/s390x/noexec.c | 145 +++
tests/tcg/x86_64
ists.gnu.org/archive/html/qemu-devel/2022-08/msg02472.html
[2] https://lists.gnu.org/archive/html/qemu-devel/2022-08/msg02556.html
Ilya Leoshkevich (4):
linux-user: Clear tb_jmp_cache on mprotect()
target/s390x: Make translator stop before the end of a page
target/i386: Make translator stop be
Right now translator stops right *after* the end of a page, which
breaks reporting of fault locations when the last instruction of a
multi-insn translation block crosses a page boundary.
Signed-off-by: Ilya Leoshkevich
Reviewed-by: Richard Henderson
---
target/s390x/tcg/translate.c | 15
On Wed, 2022-08-17 at 08:38 -0500, Richard Henderson wrote:
> On 8/17/22 08:27, Ilya Leoshkevich wrote:
> > On Wed, 2022-08-17 at 08:15 -0500, Richard Henderson wrote:
> > > On 8/17/22 06:08, Ilya Leoshkevich wrote:
> > > > @@ -2243,6 +2250,13 @@ void pag
On Wed, 2022-08-17 at 08:15 -0500, Richard Henderson wrote:
> On 8/17/22 06:08, Ilya Leoshkevich wrote:
> > @@ -2243,6 +2250,13 @@ void page_set_flags(target_ulong start,
> > target_ulong end, int flags)
> > (flags & PAGE_WRITE) &&a
Linux kernel does this in fpregs_store() and fpregs_load(), so
qemu-user should do this as well.
Found by running valgrind's none/tests/s390x/test_sig.
Signed-off-by: Ilya Leoshkevich
---
linux-user/s390x/signal.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/linux-user/s390x/signal.c
On Tue, 2022-08-16 at 15:33 -0500, Richard Henderson wrote:
> We're about to start validating PAGE_EXEC, which means that we've
> got to the vsyscall page executable. We had been special casing
> this entirely within translate.
>
> Signed-off-by: Richard Henderson
> ---
> linux-user/elfload.c
On Tue, 2022-08-16 at 20:42 -0500, Richard Henderson wrote:
> On 8/16/22 18:43, Ilya Leoshkevich wrote:
> > On Fri, 2022-08-12 at 11:07 -0700, Richard Henderson wrote:
> > > We will want to re-use the result of get_page_addr_code
> > > beyond the scope of tb_look
On Fri, 2022-08-12 at 11:07 -0700, Richard Henderson wrote:
> We will want to re-use the result of get_page_addr_code
> beyond the scope of tb_lookup.
>
> Signed-off-by: Richard Henderson
> ---
> accel/tcg/cpu-exec.c | 34 --
> 1 file changed, 24 insertions(+),
ought I'd go ahead and post this part.
>
>
> r~
>
>
> Ilya Leoshkevich (1):
> accel/tcg: Introduce is_same_page()
>
> Richard Henderson (20):
> linux-user/arm: Mark the commpage executable
> linux-user/hppa: Allocate page zero as a commpage
> linux-u
On Thu, 2022-08-11 at 08:42 -0700, Richard Henderson wrote:
> On 8/11/22 02:28, Ilya Leoshkevich wrote:
> > How is qemu-user's get_page_addr_code() involved here?
> >
> > I tried to experiment with it, and while I agree that it looks
> > buggy,
> > it's called
On Mon, 2022-07-25 at 14:50 +0200, Ilya Leoshkevich wrote:
> This is a follow-up for commit 892a4f6a750a ("linux-user: Add partial
> support for MADV_DONTNEED"), which added passthrough for anonymous
> mappings. File mappings can be handled in a similar manner.
>
> In ord
In the following sequence:
addr();
mprotect(addr, 0x1000, PROT_NONE);
addr();
the second call must cause a SEGV, but it doesn't, because there is a
cached translation. Drop it.
Signed-off-by: Ilya Leoshkevich
---
accel/tcg/translate-all.c | 17 -
1 file changed, 12
.
Signed-off-by: Ilya Leoshkevich
---
target/i386/tcg/translate.c | 25 -
1 file changed, 24 insertions(+), 1 deletion(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index b7972f0ff5..2287d22c3a 100644
--- a/target/i386/tcg/translate.c
+++ b/target
Add x86_64 and s390x tests to prevent regressions.
Signed-off-by: Ilya Leoshkevich
---
tests/tcg/multiarch/noexec.h | 114
tests/tcg/s390x/Makefile.target | 1 +
tests/tcg/s390x/noexec.c | 145 +++
tests/tcg/x86_64
Right now translator stops right *after* the end of a page, which
breaks reporting of fault locations when the last instruction of a
multi-insn translation block crosses a page boundary.
Signed-off-by: Ilya Leoshkevich
---
target/s390x/tcg/translate.c | 15 +++
1 file changed, 11
e() patch (Richard).
Do not touch the common code in the i386 fix (Richard).
Ilya Leoshkevich (5):
accel/tcg: Invalidate translations when clearing PAGE_EXEC
accel/tcg: Introduce is_same_page()
target/s390x: Make translator stop before the end of a page
target/i386: Make translator st
Introduce a function that checks whether a given address is on the same
page as where disassembly started. Having it improves readability of
the following patches.
Signed-off-by: Ilya Leoshkevich
---
include/exec/translator.h | 10 ++
1 file changed, 10 insertions(+)
diff --git
On Wed, 2022-08-10 at 13:29 -0700, Richard Henderson wrote:
> On 8/8/22 10:10, Ilya Leoshkevich wrote:
> > After mprotect(addr, PROT_NONE), addr can still be executed if
> > there
> > are cached translations. Drop them.
> >
> > Signed-off-by: Ilya Leoshkevich
. Even though i386 is the only architecture that
does rollback, split it into common and architecture-dependent parts to
improve readability.
Signed-off-by: Ilya Leoshkevich
---
accel/tcg/translator.c | 8
include/exec/translator.h | 3 +++
target/i386/tcg/translate.c | 21
Right now translator stops right *after* the end of a page, which
breaks reporting of fault locations when the last instruction of a
multi-insn translation block crosses a page boundary.
Signed-off-by: Ilya Leoshkevich
---
include/exec/translator.h| 10 ++
target/s390x/tcg
Add x86_64 and s390x tests to prevent regressions.
Signed-off-by: Ilya Leoshkevich
---
tests/tcg/multiarch/noexec.h | 114
tests/tcg/s390x/Makefile.target | 1 +
tests/tcg/s390x/noexec.c | 145 +++
tests/tcg/x86_64
E_EXEC, not PAGE_READ (Peter, Richard).
Ilya Leoshkevich (4):
accel/tcg: Invalidate translations when clearing PAGE_EXEC
target/s390x: Make translator stop before the end of a page
target/i386: Make translator stop before the end of a page
tests/tcg: Test siginfo_t contents when jumping
After mprotect(addr, PROT_NONE), addr can still be executed if there
are cached translations. Drop them.
Signed-off-by: Ilya Leoshkevich
---
accel/tcg/translate-all.c | 17 -
1 file changed, 12 insertions(+), 5 deletions(-)
diff --git a/accel/tcg/translate-all.c b/accel/tcg
Right now translator stops right *after* the end of a page, which
breaks reporting of fault locations when the last instruction of a
multi-insn translation block crosses a page boundary.
Signed-off-by: Ilya Leoshkevich
---
include/exec/translator.h| 10 ++
target/s390x/tcg
-08/msg00822.html
v1 -> v2: Fix individual translators instead of translator_loop
(Peter).
Ilya Leoshkevich (4):
accel/tcg: Invalidate translations when clearing PAGE_READ
target/s390x: Make translator stop before the end of a page
target/i386: Make translator stop before the
it might be possible to
rearrange the code to disassemble first, but this is too error-prone.
Simply snapshot and restore the disassembly state instead.
Signed-off-by: Ilya Leoshkevich
---
target/i386/tcg/translate.c | 42 -
1 file changed, 41 insertions(+), 1
After mprotect(addr, PROT_NONE), addr can still be executed if there
are cached translations. Drop them.
Signed-off-by: Ilya Leoshkevich
---
accel/tcg/translate-all.c | 17 -
1 file changed, 12 insertions(+), 5 deletions(-)
diff --git a/accel/tcg/translate-all.c b/accel/tcg
Add x86_64 and s390x tests to prevent regressions.
Signed-off-by: Ilya Leoshkevich
---
tests/tcg/multiarch/noexec.h | 114
tests/tcg/s390x/Makefile.target | 1 +
tests/tcg/s390x/noexec.c | 145 +++
tests/tcg/x86_64
On Fri, 2022-08-05 at 09:50 +0100, Peter Maydell wrote:
> On Thu, 4 Aug 2022 at 19:50, Ilya Leoshkevich
> wrote:
> >
> > When the first instruction of a translation block is located in a
> > non-readable page, qemu-user fills siginfo_t correctly. For the
> > oth
detection when only bytes on the second page
are modified, but this is outside of the scope of this patch.
Instead of chaning all the translators, do a much simpler thing: when
such a situation is detected, start from scratch and stop right before
the problematic instruction.
Signed-off-by: Ilya
the issue, patch 2 adds tests.
Best regards,
Ilya
Ilya Leoshkevich (2):
linux-user: Fix siginfo_t contents when jumping to non-readable pages
tests/tcg: Test siginfo_t contents when jumping to non-readable pages
accel/tcg/translate-all.c| 16 ++--
accel/tcg/translator.c | 25
Add x86_64 and s390x tests to prevent regressions.
Signed-off-by: Ilya Leoshkevich
---
tests/tcg/multiarch/noexec.h | 114
tests/tcg/s390x/Makefile.target | 1 +
tests/tcg/s390x/noexec.c | 145 +++
tests/tcg/x86_64
Add a small test to avoid regressions.
Signed-off-by: Ilya Leoshkevich
Acked-by: Richard Henderson
Acked-by: Thomas Huth
---
tests/tcg/s390x/Makefile.softmmu-target | 9 +
tests/tcg/s390x/unaligned-lowcore.S | 19 +++
2 files changed, 28 insertions(+)
create mode
Fix a small style issue in the test.
Ilya Leoshkevich (2):
qapi: Add exit-failure PanicAction
tests/tcg/s390x: Test unaligned accesses to lowcore
include/sysemu/sysemu.h | 2 +-
qapi/run-state.json | 5 -
qemu-options.hx |
.
Signed-off-by: Ilya Leoshkevich
Reviewed-by: Richard Henderson
Reviewed-by: David Hildenbrand
---
include/sysemu/sysemu.h | 2 +-
qapi/run-state.json | 5 -
qemu-options.hx | 2 +-
softmmu/main.c | 6 --
softmmu/runstate.c | 17 +
5 files
test_socket hangs randomly in connect(), especially when run without
qemu. Apparently the reason is that linux started treating backlog
value of 0 literally instead of rounding it up since v4.4 (commit
ef547f2ac16b).
So set it to 1 instead.
Signed-off-by: Ilya Leoshkevich
---
This is a rebase
When using QEMU_LOG=cpu on sh4, QEMU_LOG_FILENAME is partially ignored.
Fix by using qemu_fprintf() instead of qemu_printf() in the respective
places.
Fixes: 90c84c560067 ("qom/cpu: Simplify how CPUClass:cpu_dump_state() prints")
Signed-off-by: Ilya Leoshkevich
---
target/sh4/transl
The default implementation has several problems: the first argument is
not displayed as a pointer, making it harder to grep; the third
argument is not symbolized; and there are several extra unused
arguments.
Signed-off-by: Ilya Leoshkevich
---
linux-user/strace.c| 29
Advice is enum, not flags. Doing (advice & MADV_DONTNEED) also matches
e.g. MADV_MERGEABLE.
Signed-off-by: Ilya Leoshkevich
---
linux-user/mmap.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 4e7a6be6ee..edceaca4a8 10
701 - 800 of 967 matches
Mail list logo