target/arm: Stop using variable length array in dc_zva

Currently the dc_zva helper function uses a variable length
array. In fact we know (as the comment above remarks) that
the length of this array is bounded because the architecture
limits the block size and QEMU limits the target page size.
Use a fixed array size and assert that we don't run off it.

Backports commit 63159601fb3e396b28da14cbb71e50ed3f5a0331 from qemu
This commit is contained in:
Peter Maydell 2019-05-09 17:48:23 -04:00 committed by Lioncash
parent 7861820e94
commit 26cb1b8767
No known key found for this signature in database
GPG key ID: 4E3C3CC1031BA9C7

View file

@ -1,4 +1,5 @@
#include "qemu/osdep.h" #include "qemu/osdep.h"
#include "qemu/units.h"
#include "cpu.h" #include "cpu.h"
#include "internals.h" #include "internals.h"
#include "exec/helper-proto.h" #include "exec/helper-proto.h"
@ -12893,7 +12894,8 @@ void HELPER(dc_zva)(CPUARMState *env, uint64_t vaddr_in)
* We know that in fact for any v8 CPU the page size is at least 4K * We know that in fact for any v8 CPU the page size is at least 4K
* and the block size must be 2K or less, but TARGET_PAGE_SIZE is only * and the block size must be 2K or less, but TARGET_PAGE_SIZE is only
* 1K as an artefact of legacy v5 subpage support being present in the * 1K as an artefact of legacy v5 subpage support being present in the
* same QEMU executable. * same QEMU executable. So in practice the hostaddr[] array has
* two entries, given the current setting of TARGET_PAGE_BITS_MIN.
*/ */
int maxidx = DIV_ROUND_UP(blocklen, TARGET_PAGE_SIZE); int maxidx = DIV_ROUND_UP(blocklen, TARGET_PAGE_SIZE);
// msvc doesnt allow non-constant array sizes, so we work out the size it would be // msvc doesnt allow non-constant array sizes, so we work out the size it would be
@ -12905,12 +12907,14 @@ void HELPER(dc_zva)(CPUARMState *env, uint64_t vaddr_in)
#ifdef _MSC_VER #ifdef _MSC_VER
void *hostaddr[1]; void *hostaddr[1];
#else #else
void *hostaddr[maxidx]; void *hostaddr[DIV_ROUND_UP(2 * KiB, 1 << TARGET_PAGE_BITS_MIN)];
#endif #endif
int try, i; int try, i;
unsigned mmu_idx = cpu_mmu_index(env, false); unsigned mmu_idx = cpu_mmu_index(env, false);
TCGMemOpIdx oi = make_memop_idx(MO_UB, mmu_idx); TCGMemOpIdx oi = make_memop_idx(MO_UB, mmu_idx);
assert(maxidx <= ARRAY_SIZE(hostaddr));
for (try = 0; try < 2; try++) { for (try = 0; try < 2; try++) {
for (i = 0; i < maxidx; i++) { for (i = 0; i < maxidx; i++) {