From f76eb22a468c94a662babacf6b9535f88c80f975 Mon Sep 17 00:00:00 2001
From: Richard Henderson <richard.henderson@linaro.org>
Date: Mon, 5 Mar 2018 12:01:31 -0500
Subject: [PATCH] tcg: Record code_gen_buffer address for user-only memory
 helpers

When we handle a signal from a fault within a user-only memory helper,
we cannot cpu_restore_state with the PC found within the signal frame.
Use a TLS variable, helper_retaddr, to record the unwind start point
to find the faulting guest insn.

Backports commit ec603b5584fa71213ef8f324fe89e4b27cc9d2bc from qemu
---
 include/uc_priv.h | 3 +++
 qemu/cputlb.c     | 1 +
 2 files changed, 4 insertions(+)

diff --git a/include/uc_priv.h b/include/uc_priv.h
index 9264dfc5..c3a3e1c2 100644
--- a/include/uc_priv.h
+++ b/include/uc_priv.h
@@ -195,6 +195,9 @@ struct uc_struct {
     BounceBuffer bounce;
     CPUState *tcg_current_rr_cpu;
 
+    // qemu/user-exec.c
+    QEMU_THREAD_LOCAL_VAR helper_retaddr;
+
     // qemu/memory.c
     bool global_dirty_log;
 
diff --git a/qemu/cputlb.c b/qemu/cputlb.c
index 60f52900..cb2d926f 100644
--- a/qemu/cputlb.c
+++ b/qemu/cputlb.c
@@ -666,6 +666,7 @@ static void *atomic_mmu_lookup(CPUArchState *env, target_ulong addr,
 #define ATOMIC_NAME(X) \
     HELPER(glue(glue(glue(atomic_ ## X, SUFFIX), END), _mmu))
 #define ATOMIC_MMU_LOOKUP  atomic_mmu_lookup(env, addr, oi, retaddr)
+#define ATOMIC_MMU_CLEANUP do { } while (0)
 
 #define DATA_SIZE 1
 #include "atomic_template.h"