From b633b9a1813fcd715dce44659a89293f1c64ae8c Mon Sep 17 00:00:00 2001
From: Martin Jansa <martin.jansa@lge.com>
Date: Fri, 1 Jun 2018 08:41:07 +0000
Subject: [PATCH] Fix webkitgtk builds

This is a partial revert of "linux-user: fix mmap/munmap/mprotect/mremap/shmat".

This patch fixes qemu-i386 hangs during gobject-introspection in webkitgtk build
when musl is used on qemux86. This is the same issue that
0008-linux-user-Fix-webkitgtk-hangs-on-32-bit-x86-target.patch was
fixing in the 2.11 release.

This patch also fixes a build failure when building webkitgtk for
qemumips. A QEMU assert is seen while building webkitgtk:
page_check_range: Assertion `start < ((target_ulong)1 << L1_MAP_ADDR_SPACE_BITS)' failed.

This reverts commit ebf9a3630c911d0cfc9c20f7cafe9ba4f88cf583.

Upstream-Status: Pending
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
---
 include/exec/cpu-all.h  |  6 +-----
 include/exec/cpu_ldst.h |  5 ++++-
 linux-user/mmap.c       | 17 ++++-------------
 linux-user/syscall.c    |  5 +----
 4 files changed, 10 insertions(+), 23 deletions(-)

diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h
index 536ea58f81..4c63a6a2e4 100644
--- a/include/exec/cpu-all.h
+++ b/include/exec/cpu-all.h
@@ -162,12 +162,8 @@ extern unsigned long guest_base;
 extern int have_guest_base;
 extern unsigned long reserved_va;
 
-#if HOST_LONG_BITS <= TARGET_VIRT_ADDR_SPACE_BITS
-#define GUEST_ADDR_MAX (~0ul)
-#else
-#define GUEST_ADDR_MAX (reserved_va ? reserved_va - 1 : \
+#define GUEST_ADDR_MAX (reserved_va ? reserved_va : \
                                     (1ul << TARGET_VIRT_ADDR_SPACE_BITS) - 1)
-#endif
 #else
 
 #include "exec/hwaddr.h"
diff --git a/include/exec/cpu_ldst.h b/include/exec/cpu_ldst.h
index 9151fdb042..cb2b8f329f 100644
--- a/include/exec/cpu_ldst.h
+++ b/include/exec/cpu_ldst.h
@@ -65,7 +65,10 @@ typedef uint64_t abi_ptr;
 #if HOST_LONG_BITS <= TARGET_VIRT_ADDR_SPACE_BITS
 #define guest_addr_valid(x) (1)
 #else
-#define guest_addr_valid(x) ((x) <= GUEST_ADDR_MAX)
+#define guest_addr_valid(x) ({ \
+    ((x) < (1ul << TARGET_VIRT_ADDR_SPACE_BITS)) && \
+    (!reserved_va || ((x) < reserved_va)); \
+})
 #endif
 #define h2g_valid(x) guest_addr_valid((unsigned long)(x) - guest_base)
 
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 46a6e3a761..7735465462 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -78,7 +78,7 @@ int target_mprotect(abi_ulong start, abi_ulong len, int prot)
         return -TARGET_EINVAL;
     len = TARGET_PAGE_ALIGN(len);
     end = start + len;
-    if (!guest_range_valid(start, len)) {
+    if (end < start) {
         return -TARGET_ENOMEM;
     }
     prot &= PROT_READ | PROT_WRITE | PROT_EXEC;
@@ -495,8 +495,8 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
          * It can fail only on 64-bit host with 32-bit target.
          * On any other target/host host mmap() handles this error correctly.
          */
-        if (!guest_range_valid(start, len)) {
-            errno = ENOMEM;
+        if ((unsigned long)start + len - 1 > (abi_ulong) -1) {
+            errno = EINVAL;
             goto fail;
         }
 
@@ -636,10 +636,8 @@ int target_munmap(abi_ulong start, abi_ulong len)
     if (start & ~TARGET_PAGE_MASK)
         return -TARGET_EINVAL;
     len = TARGET_PAGE_ALIGN(len);
-    if (len == 0 || !guest_range_valid(start, len)) {
+    if (len == 0)
         return -TARGET_EINVAL;
-    }
-
     mmap_lock();
     end = start + len;
     real_start = start & qemu_host_page_mask;
@@ -694,13 +692,6 @@ abi_long target_mremap(abi_ulong old_addr, abi_ulong old_size,
     int prot;
     void *host_addr;
 
-    if (!guest_range_valid(old_addr, old_size) ||
-        ((flags & MREMAP_FIXED) &&
-         !guest_range_valid(new_addr, new_size))) {
-        errno = ENOMEM;
-        return -1;
-    }
-
     mmap_lock();
 
     if (flags & MREMAP_FIXED) {
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 8b41a03901..bc5d85de02 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -4031,9 +4031,6 @@ static inline abi_ulong do_shmat(CPUArchState *cpu_env,
             return -TARGET_EINVAL;
         }
     }
-    if (!guest_range_valid(shmaddr, shm_info.shm_segsz)) {
-        return -TARGET_EINVAL;
-    }
 
     mmap_lock();
 
@@ -6881,7 +6878,7 @@ static int open_self_maps(void *cpu_env, int fd)
         }
         if (h2g_valid(min)) {
             int flags = page_get_flags(h2g(min));
-            max = h2g_valid(max - 1) ? max : (uintptr_t)g2h(GUEST_ADDR_MAX) + 1;
+            max = h2g_valid(max - 1) ? max : (uintptr_t)g2h(GUEST_ADDR_MAX);
             if (page_check_range(h2g(min), max - min, flags) == -1) {
                 continue;
             }
-- 
2.22.0