From 2bc3843fe32e9f32d118379a43fce4a274c3876a Mon Sep 17 00:00:00 2001 From: David Hildenbrand Date: Tue, 14 Jan 2020 07:02:13 -0500 Subject: [PATCH] tcg: Enforce single page access in probe_write() Let's enforce the interface restriction. Backports commit ca86cf328ce216bb304bbf09a43614613f945d86 from qemu --- qemu/accel/tcg/cputlb.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/qemu/accel/tcg/cputlb.c b/qemu/accel/tcg/cputlb.c index 54bf1920..3aab7432 100644 --- a/qemu/accel/tcg/cputlb.c +++ b/qemu/accel/tcg/cputlb.c @@ -716,6 +716,8 @@ void probe_write(CPUArchState *env, target_ulong addr, int size, int mmu_idx, CPUTLBEntry *entry = tlb_entry(env, mmu_idx, addr); target_ulong tlb_addr = tlb_addr_write(entry); + g_assert(-(addr | TARGET_PAGE_MASK) >= size); + if (unlikely(!tlb_hit(tlb_addr, addr))) { if (!VICTIM_TLB_HIT(addr_write, addr)) { tlb_fill(env_cpu(env), addr, size, MMU_DATA_STORE,