[Qemu-devel] [PULL 17/21] linux-user: fix segmentation fault passing with h2g(x) != x

[riku . voipio]

From: Alexander Graf <address@hidden>

When forwarding a segmentation fault into the guest process, we were passing
the host's address directly into the guest process's signal descriptor.

That obviously confused the guest process, since it didn't know what to make
of the (usually 32-bit truncated) address. Passing in h2g(address) makes the
guest process a lot happier.

To make the code more obvious, introduce a h2g_nocheck() macro that does the
same as h2g(), but allows us to convert addresses that may be outside of guest
mapped range into the guest's view of address space.

This fixes java running in arm-linux-user for me.

Signed-off-by: Alexander Graf <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>
---
 include/exec/cpu-all.h | 8 ++++++--
 user-exec.c            | 4 ++++
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h
index 5084202..f1cde97 100644
--- a/include/exec/cpu-all.h
+++ b/include/exec/cpu-all.h
@@ -209,11 +209,15 @@ extern unsigned long reserved_va;
 })
 #endif
 
-#define h2g(x) ({ \
+#define h2g_nocheck(x) ({ \
     unsigned long __ret = (unsigned long)(x) - GUEST_BASE; \
+    (abi_ulong)__ret; \
+})
+
+#define h2g(x) ({ \
     /* Check if given address fits target address space */ \
     assert(h2g_valid(x)); \
-    (abi_ulong)__ret; \
+    h2g_nocheck(x); \
 })
 
 #define saddr(x) g2h(x)
diff --git a/user-exec.c b/user-exec.c
index d45ca8e..82bfa66 100644
--- a/user-exec.c
+++ b/user-exec.c
@@ -95,6 +95,10 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned 
long address,
         return 1;
     }
 
+    /* Convert forcefully to guest address space, invalid addresses
+       are still valid segv ones */
+    address = h2g_nocheck(address);
+
     env = current_cpu->env_ptr;
     /* see if it is an MMU fault */
     ret = cpu_handle_mmu_fault(env, address, is_write, MMU_USER_IDX);
-- 
1.8.1.2