aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Maydell <peter.maydell@linaro.org>2012-05-03 19:32:15 +0100
committerAnthony Liguori <aliguori@us.ibm.com>2012-05-08 11:15:18 -0500
commitc5954819b6ee601024c081635be0336ce0cb1115 (patch)
tree09eb4caba3e170ed336e43bbb479e57bc8c4a2e9
parent90f2cefb17f3e25272143f43cd00f6347e65987b (diff)
downloadqemu-c5954819b6ee601024c081635be0336ce0cb1115.zip
qemu-c5954819b6ee601024c081635be0336ce0cb1115.tar.gz
qemu-c5954819b6ee601024c081635be0336ce0cb1115.tar.bz2
user-exec.c: Don't assert on segfaults for non-valid addresses
h2g() will assert if passed an address that's not a valid guest address, so handle_cpu_signal() needs to check before passing "data address which caused a segfault" to it, since for a misbehaving guest that could be anything. If the address isn't a valid guest address then we can simply skip the attempt to unprotect a guest page which was made read-only to catch self-modifying code. This assertion probably fires more readily now than it used to do because of recent changes to default to reserving guest address space. Acked-by: Alexander Graf <agraf@suse.de> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
-rw-r--r--user-exec.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/user-exec.c b/user-exec.c
index be6bc4f..d8c2ad9 100644
--- a/user-exec.c
+++ b/user-exec.c
@@ -97,7 +97,8 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address,
pc, address, is_write, *(unsigned long *)old_set);
#endif
/* XXX: locking issue */
- if (is_write && page_unprotect(h2g(address), pc, puc)) {
+ if (is_write && h2g_valid(address)
+ && page_unprotect(h2g(address), pc, puc)) {
return 1;
}