950936681f
Right now translator stops right *after* the end of a page, which breaks reporting of fault locations when the last instruction of a multi-insn translation block crosses a page boundary. An implementation, like the one arm and s390x have, would require an i386 length disassembler, which is burdensome to maintain. Another alternative would be to single-step at the end of a guest page, but this may come with a performance impact. Fix by snapshotting disassembly state and restoring it after we figure out we crossed a page boundary. This includes rolling back cc_op updates and emitted ops. Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1143 Message-Id: <20220817150506.592862-4-iii@linux.ibm.com> [rth: Simplify end-of-insn cross-page checks.] Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
76 lines
2.0 KiB
C
76 lines
2.0 KiB
C
#include "../multiarch/noexec.c.inc"
|
|
|
|
static void *arch_mcontext_pc(const mcontext_t *ctx)
|
|
{
|
|
return (void *)ctx->gregs[REG_RIP];
|
|
}
|
|
|
|
int arch_mcontext_arg(const mcontext_t *ctx)
|
|
{
|
|
return ctx->gregs[REG_RDI];
|
|
}
|
|
|
|
static void arch_flush(void *p, int len)
|
|
{
|
|
}
|
|
|
|
extern char noexec_1[];
|
|
extern char noexec_2[];
|
|
extern char noexec_end[];
|
|
|
|
asm("noexec_1:\n"
|
|
" movq $1,%rdi\n" /* %rdi is 0 on entry, set 1. */
|
|
"noexec_2:\n"
|
|
" movq $2,%rdi\n" /* %rdi is 0/1; set 2. */
|
|
" ret\n"
|
|
"noexec_end:");
|
|
|
|
int main(void)
|
|
{
|
|
struct noexec_test noexec_tests[] = {
|
|
{
|
|
.name = "fallthrough",
|
|
.test_code = noexec_1,
|
|
.test_len = noexec_end - noexec_1,
|
|
.page_ofs = noexec_1 - noexec_2,
|
|
.entry_ofs = noexec_1 - noexec_2,
|
|
.expected_si_ofs = 0,
|
|
.expected_pc_ofs = 0,
|
|
.expected_arg = 1,
|
|
},
|
|
{
|
|
.name = "jump",
|
|
.test_code = noexec_1,
|
|
.test_len = noexec_end - noexec_1,
|
|
.page_ofs = noexec_1 - noexec_2,
|
|
.entry_ofs = 0,
|
|
.expected_si_ofs = 0,
|
|
.expected_pc_ofs = 0,
|
|
.expected_arg = 0,
|
|
},
|
|
{
|
|
.name = "fallthrough [cross]",
|
|
.test_code = noexec_1,
|
|
.test_len = noexec_end - noexec_1,
|
|
.page_ofs = noexec_1 - noexec_2 - 2,
|
|
.entry_ofs = noexec_1 - noexec_2 - 2,
|
|
.expected_si_ofs = 0,
|
|
.expected_pc_ofs = -2,
|
|
.expected_arg = 1,
|
|
},
|
|
{
|
|
.name = "jump [cross]",
|
|
.test_code = noexec_1,
|
|
.test_len = noexec_end - noexec_1,
|
|
.page_ofs = noexec_1 - noexec_2 - 2,
|
|
.entry_ofs = -2,
|
|
.expected_si_ofs = 0,
|
|
.expected_pc_ofs = -2,
|
|
.expected_arg = 0,
|
|
},
|
|
};
|
|
|
|
return test_noexec(noexec_tests,
|
|
sizeof(noexec_tests) / sizeof(noexec_tests[0]));
|
|
}
|