If we execute linux-user code that does the following:
* A = mmap()
* execute code in A
* munmap(A)
* B = mmap(), but mmap returns the same address as A
* execute code in B
we end up executing a stale cached tb that contains translated code
from A, while we want new code from B.
This patch adds a TB flush for mmap'ed regions, before we return them,
avoiding the whole issue. It also adds a flush for munmap, so that we
don't execute stale TBs instead of getting a segfault.
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
After consulting with Paul Brook, we concluded that it's best to search
the VMA space downwards, so that we don't even get the chance to conflict
with the brk range.
This patch resolves a bunch of allocation conflicts when using -R.
Signed-off-by: Alexander Graf <agraf@suse.de>
[minor changes to get it to apply -- PMM]
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
If CONFIG_USE_GUEST_BASE is not defined, gcc complains:
linux-user/mmap.c:235: error: comparison of unsigned expression >= 0 is always true
because RESERVED_VA is #defined to 0. Since mmap_find_vma_reserved()
will never be called anyway if RESERVED_VA is always 0, fix this by
simply #ifdef'ing away the function and its callsite.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
mmap_reserve() should be called only when RESERVED_VA is enabled.
Otherwise, unmaped virtual address space will never be reusable. This
bug will exhaust virtual address space in extreme conditions.
Signed-off-by: Riku Voipio <riku.voipio@nokia.com>
-1ul is unsigned long, which does not necessarily match abi_ulong
type.
Fix by using abi_long instead.
This also avoids a warning with GCC flag -Wtype-limits.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Commit 68a1c81686 broke qemu on hosts not
using guest base. It uses reserved_va unconditionally in mmap.c. To
avoid to many #ifdef #endif blocks, define RESERVED_VA as either
reserved_va or 0ul, and use it instead of reserved_va, similarly to what
has been done with guest_base/GUEST_BASE.
Since we're no longer setting PAGE_RESERVED, there's no need to
implement qemu_malloc via mmap.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The usermode PAGE_RESERVED code is not required by the current mmap
implementation, and is already broken when guest_base != 0.
Unfortunately the bsd emulation still uses the old mmap implementation,
so we can't rip it out altogether.
Signed-off-by: Paul Brook <paul@codesourcery.com>
Don't return addresses that aren't properly aligned for the guest,
e.g. when the guest has a larger page size than the host. Don't
return addresses that are outside the virtual address space for the
target, by paying proper attention to the h2g/g2h macros.
At the same time, place the default mapping base for 64-bit guests
(on 64-bit hosts) outside the low 4G. Consistently interpret
mmap_next_start in the guest address space.
Signed-off-by: Richard Henderson <rth@twiddle.net>
CC i386-linux-user/mmap.o
cc1: warnings being treated as errors
/usr/src/RPM/BUILD/qemu-0.11.92/linux-user/mmap.c: In function 'mmap_frag':
/usr/src/RPM/BUILD/qemu-0.11.92/linux-user/mmap.c:253: error: ignoring return value of 'pread', declared with attribute warn_unused_result
/usr/src/RPM/BUILD/qemu-0.11.92/linux-user/mmap.c: In function 'target_mmap':
/usr/src/RPM/BUILD/qemu-0.11.92/linux-user/mmap.c:477: error: ignoring return value of 'pread', declared with attribute warn_unused_result
make[1]: *** [mmap.o] Error 1
Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
qemu's page table can be incomple if /proc/self/maps is unavailable or
host allocating a memory with mmap(), so we can't use it to find free
memory area.
New version mmap_find_vma() uses mmap() without MAP_FIXED to find free
memory.
Tested-by: Martin Mohring <martin.mohring@opensuse.org> :
quite some time ago this patch had been sent by Kirill to the QEMU ml.
At that time, the patch was rejected. Now we found out why the current
user mode memory allocator sometimes fails:
- Kernel Bug linux/fs/proc/task_mmu.c (fixed after 2.6.27)
http://bugzilla.kernel.org/attachment.cgi?id=17219
- use of proc file system to find memory mappings => bad idea
So I please apply the attached patch from Kirill to qemu to fix this
longstanding bug, because it causes all older linux distros (using
kernel 2.6.26 or older) to fail the QEMU memory allocator in user mode.
Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
I used the following command to enable debugging:
perl -p -i -e 's/^\/\/#define DEBUG/#define DEBUG/g' * */* */*/*
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
We initialize mmap_mutex in any child threads/processes, but we need to
correctly statically initialize it for the original process.
Signed-off-by: Nathan Froyd <froydnj@codesourcery.com>
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6510 c046a42c-6fe2-441c-8c8c-71466251a162
that may make some program crash at startup.
Fix unsigned long / target_ulong confusion (more to do).
Fix missing g2h macros.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3249 c046a42c-6fe2-441c-8c8c-71466251a162