Hitting an uretprobe in a s390x TCG guest causes a SIGSEGV. What
happens is:
* uretprobe maps a userspace page containing an invalid instruction.
* uretprobe replaces the target function's return address with the
address of that page.
* When tb_gen_code() is called on that page, tb->size ends up being 0
(because the page starts with the invalid instruction), which causes
virt_page2 to point to the previous page.
* The previous page is not mapped, so this causes a spurious
translation exception.
tb->size must never be 0: even if there is an illegal instruction, the
instruction bytes that have been looked at must count towards tb->size.
So adjust s390x's translate_one() to act this way for both illegal
instructions and instructions that are known to generate exceptions.
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210416154939.32404-2-iii@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
86131c71b1