user-exec.c: Don't assert on segfaults for non-valid addresses

h2g() will assert if passed an address that's not a valid guest address,
so handle_cpu_signal() needs to check before passing "data address
which caused a segfault" to it, since for a misbehaving guest
that could be anything. If the address isn't a valid guest address
then we can simply skip the attempt to unprotect a guest page
which was made read-only to catch self-modifying code.

This assertion probably fires more readily now than it used to
do because of recent changes to default to reserving guest address
space.

Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This commit is contained in:
Peter Maydell 2012-05-03 19:32:15 +01:00 committed by Anthony Liguori
parent 90f2cefb17
commit c5954819b6

View File

@ -97,7 +97,8 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address,
pc, address, is_write, *(unsigned long *)old_set); pc, address, is_write, *(unsigned long *)old_set);
#endif #endif
/* XXX: locking issue */ /* XXX: locking issue */
if (is_write && page_unprotect(h2g(address), pc, puc)) { if (is_write && h2g_valid(address)
&& page_unprotect(h2g(address), pc, puc)) {
return 1; return 1;
} }