From: David Hildenbrand <david@redhat.com>
To: qemu-devel@nongnu.org
Cc: Florian Weimer <fweimer@redhat.com>,
Thomas Huth <thuth@redhat.com>,
David Hildenbrand <david@redhat.com>,
Cornelia Huck <cohuck@redhat.com>,
Stefano Brivio <sbrivio@redhat.com>,
qemu-s390x@nongnu.org, Richard Henderson <rth@twiddle.net>
Subject: [Qemu-devel] [PATCH v1 0/4] s390x/tcg: MOVE (MVC): Fault-safe handling
Date: Wed, 21 Aug 2019 11:22:48 +0200 [thread overview]
Message-ID: <20190821092252.26541-1-david@redhat.com> (raw)
Newer versions of glibc use memcpy() in memmove() for forward moves. The
implementation makese use of MVC. The TCG implementation of MVC is
currently not able to handle faults reliably when crossing pages. MVC
can cross with 256 bytes at most two pages.
In case we get a fault on the second page, we already moved data. When
continuing after the fault we might try to move already overwritten data,
which is very bad in case we have overlapping data on a forward move.
Triggered for now only by rpmbuild (crashes when checking the spec file)
and rpm (database corruptions). This fixes installing Fedora rawhide (31)
under TCG.
I can see similar issues with other MEM helpers, but there is more to clean
up and fix, so fix the obvious first.
This was horrible to debug as it barely triggers and we fail at completely
different places. :)
Cc: Stefano Brivio <sbrivio@redhat.com>
Cc: Florian Weimer <fweimer@redhat.com>
David Hildenbrand (4):
s390x/tcg: Use guest_addr_valid() instead of h2g_valid() in
probe_write_access()
s390x/tcg: Introduce probe_read_access()
s390x/tcg: MOVE (MVC): Increment the length once
s390x/tcg: MOVE (MVC): Fault-safe handling
target/s390x/internal.h | 2 ++
target/s390x/mem_helper.c | 72 ++++++++++++++++++++++++++++++++++-----
2 files changed, 65 insertions(+), 9 deletions(-)
--
2.21.0
next reply other threads:[~2019-08-21 9:24 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-21 9:22 David Hildenbrand [this message]
2019-08-21 9:22 ` [Qemu-devel] [PATCH v1 1/4] s390x/tcg: Use guest_addr_valid() instead of h2g_valid() in probe_write_access() David Hildenbrand
2019-08-21 9:22 ` [Qemu-devel] [PATCH v1 2/4] s390x/tcg: Introduce probe_read_access() David Hildenbrand
2019-08-21 17:26 ` Richard Henderson
2019-08-21 17:37 ` David Hildenbrand
2019-08-21 19:19 ` Richard Henderson
2019-08-21 19:36 ` David Hildenbrand
2019-08-21 20:38 ` Richard Henderson
2019-08-21 21:33 ` David Hildenbrand
2019-08-21 22:31 ` Richard Henderson
2019-08-21 22:43 ` Richard Henderson
2019-08-22 6:42 ` David Hildenbrand
2019-08-22 7:01 ` David Hildenbrand
2019-08-26 9:31 ` David Hildenbrand
2019-08-21 18:48 ` David Hildenbrand
2019-08-21 9:22 ` [Qemu-devel] [PATCH v1 3/4] s390x/tcg: MOVE (MVC): Increment the length once David Hildenbrand
2019-08-21 15:47 ` Richard Henderson
2019-08-21 9:22 ` [Qemu-devel] [PATCH v1 4/4] s390x/tcg: MOVE (MVC): Fault-safe handling David Hildenbrand
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190821092252.26541-1-david@redhat.com \
--to=david@redhat.com \
--cc=cohuck@redhat.com \
--cc=fweimer@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-s390x@nongnu.org \
--cc=rth@twiddle.net \
--cc=sbrivio@redhat.com \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).