Alex Bennée <alex.ben...@linaro.org> writes:
> Laurent Vivier <laur...@vivier.eu> writes: > >> On 15/05/2020 16:43, Alex Bennée wrote: >>> From: Richard Henderson <richard.hender...@linaro.org> >>> >>> We cannot at present limit a 64-bit guest to a virtual address >>> space smaller than the host. It will mostly work to ignore this >>> limitation, except if the guest uses high bits of the address >>> space for tags. But it will certainly work better, as presently >>> we can wind up failing to allocate the guest stack. >>> >>> Widen our user-only page tree to the host or abi pointer width. >>> Remove the workaround for this problem from target/alpha. >>> Always validate guest addresses vs reserved_va, as there we >>> control allocation ourselves. >>> >>> Signed-off-by: Richard Henderson <richard.hender...@linaro.org> >>> Signed-off-by: Alex Bennée <alex.ben...@linaro.org> >>> >>> Message-Id: <20200513175134.19619-7-alex.ben...@linaro.org> >>> >> >> This patch breaks a test case in LTP with 64bit targets on x86_64 host: >> >> sudo linux-user/mips64el-linux-user/qemu-mips64el \ >> -L chroot/mips64el/stretch/ \ >> chroot/mips64el/stretch/opt/ltp/testcases/bin/mmap15 >> >> qemu-mips64el: accel/tcg/translate-all.c:2533: page_set_flags: Assertion >> `start < end' failed. >> qemu:handle_cpu_signal received signal outside vCPU context @ >> pc=0x7f0015f6e7cb >> >> Could you have a look? > > Can confirm I've replicated: > > 18:30:20 [alex.bennee@hackbox2:~/l/q/b/user.static] next/various-fixes|✔ 32 > + > sudo ./mips64el-linux-user/qemu-mips64el -L > ~/lsrc/buildroot.git/builds/mips64el/target/ > ~/lsrc/buildroot.git/builds/mips64el/target/usr/lib/ltp-testsuite/testcases/bin/mmap > 15 > [sudo] password for alex.bennee: > qemu-mips64el: > /home/alex.bennee/lsrc/qemu.git/accel/tcg/translate-all.c:2533: > page_set_flags: Assertion `start < end' failed. > qemu:handle_cpu_signal received signal outside vCPU context @ pc=0x6c28c2 > > Also TIL you can use buildroot to build ltp ;-) I'm not sure how the change has tripped this failure but it seems to be a simple overflow. The following fixes it but I'm curious about the formulation of guest_addr_valid and why it's written that way: modified linux-user/mmap.c @@ -467,7 +467,7 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot, * It can fail only on 64-bit host with 32-bit target. * On any other target/host host mmap() handles this error correctly. */ - if (!guest_range_valid(start, len)) { + if (end < start || !guest_range_valid(start, len)) { errno = ENOMEM; goto fail; } > >> >> Thanks, >> Laurent -- Alex Bennée