diff mbox series

[RFC,7/7] linux-user: Reorg cpu_signal_handler

Message ID 20210913220552.604064-8-richard.henderson@linaro.org
State New
Headers show
Series linux-user: Streamline handling of SIGSEGV/SIGBUS | expand

Commit Message

Richard Henderson Sept. 13, 2021, 10:05 p.m. UTC
Split out two functions into linux-user/host/arch/host-signal.h.
Since linux-user requires a linux host, drop all of the BSD and
Solaris ifdefs.  These should be recreated under bsd-user/ when
the current blanks there are filled.

Fold the remnants of handle_cpu_signal into host_signal_handler.

Drop the call to cc->tcg_ops->tlb_fill.  This was simply an indirect
method to raise SIGSEGV; it is far easier to pass the host siginfo_t
along to the guest.  This fixes all of the guest cpu_loop code that
currently fails to properly fill in SEGV_MAPERR vs SEGV_ACCERR.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

---
 include/exec/exec-all.h               |  12 -
 linux-user/host/aarch64/host-signal.h |  73 +++
 linux-user/host/alpha/host-signal.h   |  41 ++
 linux-user/host/arm/host-signal.h     |  30 ++
 linux-user/host/i386/host-signal.h    |  24 +
 linux-user/host/mips/host-signal.h    |  61 +++
 linux-user/host/ppc/host-signal.h     |  24 +
 linux-user/host/ppc64/host-signal.h   |   1 +
 linux-user/host/riscv32/host-signal.h |  57 +++
 linux-user/host/riscv64/host-signal.h |   1 +
 linux-user/host/s390/host-signal.h    |  92 ++++
 linux-user/host/s390x/host-signal.h   |   1 +
 linux-user/host/sparc/host-signal.h   |  53 ++
 linux-user/host/sparc64/host-signal.h |   1 +
 linux-user/host/x86_64/host-signal.h  |  24 +
 accel/tcg/user-exec.c                 | 712 --------------------------
 linux-user/signal.c                   |  93 ++--
 17 files changed, 543 insertions(+), 757 deletions(-)
 create mode 100644 linux-user/host/aarch64/host-signal.h
 create mode 100644 linux-user/host/alpha/host-signal.h
 create mode 100644 linux-user/host/arm/host-signal.h
 create mode 100644 linux-user/host/i386/host-signal.h
 create mode 100644 linux-user/host/mips/host-signal.h
 create mode 100644 linux-user/host/ppc/host-signal.h
 create mode 100644 linux-user/host/ppc64/host-signal.h
 create mode 100644 linux-user/host/riscv32/host-signal.h
 create mode 100644 linux-user/host/riscv64/host-signal.h
 create mode 100644 linux-user/host/s390/host-signal.h
 create mode 100644 linux-user/host/s390x/host-signal.h
 create mode 100644 linux-user/host/sparc/host-signal.h
 create mode 100644 linux-user/host/sparc64/host-signal.h
 create mode 100644 linux-user/host/x86_64/host-signal.h

-- 
2.25.1

Comments

Warner Losh Sept. 15, 2021, 4:43 p.m. UTC | #1
On Mon, Sep 13, 2021 at 4:06 PM Richard Henderson <
richard.henderson@linaro.org> wrote:

> Split out two functions into linux-user/host/arch/host-signal.h.

> Since linux-user requires a linux host, drop all of the BSD and

> Solaris ifdefs.  These should be recreated under bsd-user/ when

> the current blanks there are filled.

>


For some architectures, this code will be small and host specific (I'm
thinking
arm, i386, ppc* and x86_64) but for others, there's common code that can be
shared
to parse the instruction (aarch64, mips*, riscv*). Do you see any value in
sharing that instruction parsing code in some way?

Otherwise, this is mostly just code shuffling and figuring out which of
the long legacy of ifdefs are still relevant in the *BSD world. At the
moment, we only build bsd-user on FreeBSD since the scaffolding
for the other BSDs is absent. I can cope when I merge this into the
bsd-user fork and loop things back when those bits are up for inclusion
in future patch trains.

Warner


> Fold the remnants of handle_cpu_signal into host_signal_handler.

>

> Drop the call to cc->tcg_ops->tlb_fill.  This was simply an indirect

> method to raise SIGSEGV; it is far easier to pass the host siginfo_t

> along to the guest.  This fixes all of the guest cpu_loop code that

> currently fails to properly fill in SEGV_MAPERR vs SEGV_ACCERR.

>

> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

> ---

>  include/exec/exec-all.h               |  12 -

>  linux-user/host/aarch64/host-signal.h |  73 +++

>  linux-user/host/alpha/host-signal.h   |  41 ++

>  linux-user/host/arm/host-signal.h     |  30 ++

>  linux-user/host/i386/host-signal.h    |  24 +

>  linux-user/host/mips/host-signal.h    |  61 +++

>  linux-user/host/ppc/host-signal.h     |  24 +

>  linux-user/host/ppc64/host-signal.h   |   1 +

>  linux-user/host/riscv32/host-signal.h |  57 +++

>  linux-user/host/riscv64/host-signal.h |   1 +

>  linux-user/host/s390/host-signal.h    |  92 ++++

>  linux-user/host/s390x/host-signal.h   |   1 +

>  linux-user/host/sparc/host-signal.h   |  53 ++

>  linux-user/host/sparc64/host-signal.h |   1 +

>  linux-user/host/x86_64/host-signal.h  |  24 +

>  accel/tcg/user-exec.c                 | 712 --------------------------

>  linux-user/signal.c                   |  93 ++--

>  17 files changed, 543 insertions(+), 757 deletions(-)

>  create mode 100644 linux-user/host/aarch64/host-signal.h

>  create mode 100644 linux-user/host/alpha/host-signal.h

>  create mode 100644 linux-user/host/arm/host-signal.h

>  create mode 100644 linux-user/host/i386/host-signal.h

>  create mode 100644 linux-user/host/mips/host-signal.h

>  create mode 100644 linux-user/host/ppc/host-signal.h

>  create mode 100644 linux-user/host/ppc64/host-signal.h

>  create mode 100644 linux-user/host/riscv32/host-signal.h

>  create mode 100644 linux-user/host/riscv64/host-signal.h

>  create mode 100644 linux-user/host/s390/host-signal.h

>  create mode 100644 linux-user/host/s390x/host-signal.h

>  create mode 100644 linux-user/host/sparc/host-signal.h

>  create mode 100644 linux-user/host/sparc64/host-signal.h

>  create mode 100644 linux-user/host/x86_64/host-signal.h

>

> diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h

> index f582d3e688..addcec6381 100644

> --- a/include/exec/exec-all.h

> +++ b/include/exec/exec-all.h

> @@ -683,18 +683,6 @@ uintptr_t adjust_signal_pc(uintptr_t pc);

>  bool handle_sigsegv_accerr_write(CPUState *cpu, sigset_t *old_set,

>                                   uintptr_t host_pc, uintptr_t host_addr);

>

> -/**

> - * cpu_signal_handler

> - * @signum: host signal number

> - * @pinfo: host siginfo_t

> - * @puc: host ucontext_t

> - *

> - * To be called from the SIGBUS and SIGSEGV signal handler to inform the

> - * virtual cpu of exceptions.  Returns true if the signal was handled by

> - * the virtual CPU.

> - */

> -int cpu_signal_handler(int signum, void *pinfo, void *puc);

> -

>  #else

>  static inline void mmap_lock(void) {}

>  static inline void mmap_unlock(void) {}

> diff --git a/linux-user/host/aarch64/host-signal.h

> b/linux-user/host/aarch64/host-signal.h

> new file mode 100644

> index 0000000000..818da17a21

> --- /dev/null

> +++ b/linux-user/host/aarch64/host-signal.h

> @@ -0,0 +1,73 @@

> +/*

> + * host-signal.h: signal info dependent on the host architecture

> + *

> + * Copyright (C) 2021 Linaro Limited

> + *

> + * This work is licensed under the terms of the GNU GPL, version 2 or

> later.

> + * See the COPYING file in the top-level directory.

> + */

> +

> +#ifndef AARCH64_HOST_SIGNAL_H

> +#define AARCH64_HOST_SIGNAL_H

> +

> +/* Pre-3.16 kernel headers don't have these, so provide fallback

> definitions */

> +#ifndef ESR_MAGIC

> +#define ESR_MAGIC 0x45535201

> +struct esr_context {

> +    struct _aarch64_ctx head;

> +    uint64_t esr;

> +};

> +#endif

> +

> +static inline struct _aarch64_ctx *first_ctx(ucontext_t *uc)

> +{

> +    return (struct _aarch64_ctx *)&uc->uc_mcontext.__reserved;

> +}

> +

> +static inline struct _aarch64_ctx *next_ctx(struct _aarch64_ctx *hdr)

> +{

> +    return (struct _aarch64_ctx *)((char *)hdr + hdr->size);

> +}

> +

> +static inline uintptr_t host_signal_pc(ucontext_t *uc)

> +{

> +    return uc->uc_mcontext.pc;

> +}

> +

> +static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)

> +{

> +    struct _aarch64_ctx *hdr;

> +    uint32_t insn;

> +

> +    /* Find the esr_context, which has the WnR bit in it */

> +    for (hdr = first_ctx(uc); hdr->magic; hdr = next_ctx(hdr)) {

> +        if (hdr->magic == ESR_MAGIC) {

> +            struct esr_context const *esrctx = (struct esr_context const

> *)hdr;

> +            uint64_t esr = esrctx->esr;

> +

> +            /* For data aborts ESR.EC is 0b10010x: then bit 6 is the WnR

> bit */

> +            return extract32(esr, 27, 5) == 0x12 && extract32(esr, 6, 1)

> == 1;

> +        }

> +    }

> +

> +    /*

> +     * Fall back to parsing instructions; will only be needed

> +     * for really ancient (pre-3.16) kernels.

> +     */

> +    insn = *(uint32_t *)host_signal_pc(uc);

> +

> +    return (insn & 0xbfff0000) == 0x0c000000   /* C3.3.1 */

> +        || (insn & 0xbfe00000) == 0x0c800000   /* C3.3.2 */

> +        || (insn & 0xbfdf0000) == 0x0d000000   /* C3.3.3 */

> +        || (insn & 0xbfc00000) == 0x0d800000   /* C3.3.4 */

> +        || (insn & 0x3f400000) == 0x08000000   /* C3.3.6 */

> +        || (insn & 0x3bc00000) == 0x39000000   /* C3.3.13 */

> +        || (insn & 0x3fc00000) == 0x3d800000   /* ... 128bit */

> +        /* Ignore bits 10, 11 & 21, controlling indexing.  */

> +        || (insn & 0x3bc00000) == 0x38000000   /* C3.3.8-12 */

> +        || (insn & 0x3fe00000) == 0x3c800000   /* ... 128bit */

> +        /* Ignore bits 23 & 24, controlling indexing.  */

> +        || (insn & 0x3a400000) == 0x28000000; /* C3.3.7,14-16 */

> +}

> +

> +#endif

> diff --git a/linux-user/host/alpha/host-signal.h

> b/linux-user/host/alpha/host-signal.h

> new file mode 100644

> index 0000000000..eaf83added

> --- /dev/null

> +++ b/linux-user/host/alpha/host-signal.h

> @@ -0,0 +1,41 @@

> +/*

> + * host-signal.h: signal info dependent on the host architecture

> + *

> + * Copyright (C) 2021 Linaro Limited

> + *

> + * This work is licensed under the terms of the GNU GPL, version 2 or

> later.

> + * See the COPYING file in the top-level directory.

> + */

> +

> +#ifndef ALPHA_HOST_SIGNAL_H

> +#define ALPHA_HOST_SIGNAL_H

> +

> +static inline uintptr_t host_signal_pc(ucontext_t *uc)

> +{

> +    return uc->uc_mcontext.sc_pc;

> +}

> +

> +static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)

> +{

> +    uint32_t *pc = uc->uc_mcontext.sc_pc;

> +    uint32_t insn = *pc;

> +

> +    /* XXX: need kernel patch to get write flag faster */

> +    switch (insn >> 26) {

> +    case 0x0d: /* stw */

> +    case 0x0e: /* stb */

> +    case 0x0f: /* stq_u */

> +    case 0x24: /* stf */

> +    case 0x25: /* stg */

> +    case 0x26: /* sts */

> +    case 0x27: /* stt */

> +    case 0x2c: /* stl */

> +    case 0x2d: /* stq */

> +    case 0x2e: /* stl_c */

> +    case 0x2f: /* stq_c */

> +        return true;

> +    }

> +    return false;

> +}

> +

> +#endif

> diff --git a/linux-user/host/arm/host-signal.h

> b/linux-user/host/arm/host-signal.h

> new file mode 100644

> index 0000000000..ae6bcde6c1

> --- /dev/null

> +++ b/linux-user/host/arm/host-signal.h

> @@ -0,0 +1,30 @@

> +/*

> + * host-signal.h: signal info dependent on the host architecture

> + *

> + * Copyright (C) 2021 Linaro Limited

> + *

> + * This work is licensed under the terms of the GNU GPL, version 2 or

> later.

> + * See the COPYING file in the top-level directory.

> + */

> +

> +#ifndef ARM_HOST_SIGNAL_H

> +#define ARM_HOST_SIGNAL_H

> +

> +static inline uintptr_t host_signal_pc(ucontext_t *uc)

> +{

> +    return uc->uc_mcontext.gregs[R15];

> +}

> +

> +static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc,

> +                                      uintptr_t pc)

> +{

> +    /*

> +     * In the FSR, bit 11 is WnR, assuming a v6 or

> +     * later processor.  On v5 we will always report

> +     * this as a read, which will fail later.

> +     */

> +    uint32_t fsr = uc->uc_mcontext.error_code;

> +    return extract32(fsr, 11, 1);

> +}

> +

> +#endif

> diff --git a/linux-user/host/i386/host-signal.h

> b/linux-user/host/i386/host-signal.h

> new file mode 100644

> index 0000000000..a8ca5e4a89

> --- /dev/null

> +++ b/linux-user/host/i386/host-signal.h

> @@ -0,0 +1,24 @@

> +/*

> + * host-signal.h: signal info dependent on the host architecture

> + *

> + * Copyright (C) 2021 Linaro Limited

> + *

> + * This work is licensed under the terms of the GNU GPL, version 2 or

> later.

> + * See the COPYING file in the top-level directory.

> + */

> +

> +#ifndef I386_HOST_SIGNAL_H

> +#define I386_HOST_SIGNAL_H

> +

> +static inline uintptr_t host_signal_pc(ucontext_t *uc)

> +{

> +    return uc->uc_mcontext.gregs[REG_EIP];

> +}

> +

> +static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)

> +{

> +    return uc->uc_mcontext.gregs[REG_TRAPNO] == 0xe

> +        && (uc->uc_mcontext.gregs[REG_ERR] & 0x2);

> +}

> +

> +#endif

> diff --git a/linux-user/host/mips/host-signal.h

> b/linux-user/host/mips/host-signal.h

> new file mode 100644

> index 0000000000..815bbd61fa

> --- /dev/null

> +++ b/linux-user/host/mips/host-signal.h

> @@ -0,0 +1,61 @@

> +/*

> + * host-signal.h: signal info dependent on the host architecture

> + *

> + * Copyright (C) 2021 Linaro Limited

> + *

> + * This work is licensed under the terms of the GNU GPL, version 2 or

> later.

> + * See the COPYING file in the top-level directory.

> + */

> +

> +#ifndef MIPS_HOST_SIGNAL_H

> +#define MIPS_HOST_SIGNAL_H

> +

> +static inline uintptr_t host_signal_pc(ucontext_t *uc)

> +{

> +    return uc->uc_mcontext.pc;

> +}

> +

> +#if defined(__misp16) || defined(__mips_micromips)

> +#error "Unsupported encoding"

> +#endif

> +

> +static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)

> +{

> +    uint32_t *insn = *(uint32_t *)host_signal_pc(uc);

> +

> +    /* Detect all store instructions at program counter. */

> +    switch ((insn >> 26) & 077) {

> +    case 050: /* SB */

> +    case 051: /* SH */

> +    case 052: /* SWL */

> +    case 053: /* SW */

> +    case 054: /* SDL */

> +    case 055: /* SDR */

> +    case 056: /* SWR */

> +    case 070: /* SC */

> +    case 071: /* SWC1 */

> +    case 074: /* SCD */

> +    case 075: /* SDC1 */

> +    case 077: /* SD */

> +#if !defined(__mips_isa_rev) || __mips_isa_rev < 6

> +    case 072: /* SWC2 */

> +    case 076: /* SDC2 */

> +#endif

> +        return true;

> +    case 023: /* COP1X */

> +        /*

> +         * Required in all versions of MIPS64 since

> +         * MIPS64r1 and subsequent versions of MIPS32r2.

> +         */

> +        switch (insn & 077) {

> +        case 010: /* SWXC1 */

> +        case 011: /* SDXC1 */

> +        case 015: /* SUXC1 */

> +            return true;

> +        }

> +        break;

> +    }

> +    return false;

> +}

> +

> +#endif

> diff --git a/linux-user/host/ppc/host-signal.h

> b/linux-user/host/ppc/host-signal.h

> new file mode 100644

> index 0000000000..b8dce622b4

> --- /dev/null

> +++ b/linux-user/host/ppc/host-signal.h

> @@ -0,0 +1,24 @@

> +/*

> + * host-signal.h: signal info dependent on the host architecture

> + *

> + * Copyright (C) 2021 Linaro Limited

> + *

> + * This work is licensed under the terms of the GNU GPL, version 2 or

> later.

> + * See the COPYING file in the top-level directory.

> + */

> +

> +#ifndef PPC_HOST_SIGNAL_H

> +#define PPC_HOST_SIGNAL_H

> +

> +static inline uintptr_t host_signal_pc(ucontext_t *uc)

> +{

> +    return uc->uc_mcontext.regs->nip;

> +}

> +

> +static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)

> +{

> +    return uc->uc_mcontext.regs->trap != 0x400

> +        && (uc->uc_mcontext.regs->dsisr & 0x02000000);

> +}

> +

> +#endif

> diff --git a/linux-user/host/ppc64/host-signal.h

> b/linux-user/host/ppc64/host-signal.h

> new file mode 100644

> index 0000000000..a353c22a90

> --- /dev/null

> +++ b/linux-user/host/ppc64/host-signal.h

> @@ -0,0 +1 @@

> +#include "../ppc/host-signal.h"

> diff --git a/linux-user/host/riscv32/host-signal.h

> b/linux-user/host/riscv32/host-signal.h

> new file mode 100644

> index 0000000000..f877412f96

> --- /dev/null

> +++ b/linux-user/host/riscv32/host-signal.h

> @@ -0,0 +1,57 @@

> +/*

> + * host-signal.h: signal info dependent on the host architecture

> + *

> + * Copyright (C) 2021 Linaro Limited

> + *

> + * This work is licensed under the terms of the GNU GPL, version 2 or

> later.

> + * See the COPYING file in the top-level directory.

> + */

> +

> +#ifndef RISCV_HOST_SIGNAL_H

> +#define RISCV_HOST_SIGNAL_H

> +

> +static inline uintptr_t host_signal_pc(ucontext_t *uc)

> +{

> +    return uc->uc_mcontext.__gregs[REG_PC];

> +}

> +

> +static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)

> +{

> +    /*

> +     * Detect store by reading the instruction at the program counter.

> +     * Do not read more than 16 bits, because we have not yet determined

> +     * the size of the instruction.

> +     */

> +    const uint16_t *pinsn = (const uint16_t *)host_signal_pc(uc);

> +    uint16_t insn = pinsn[0];

> +

> +    /* 16-bit instructions */

> +    switch (insn & 0xe003) {

> +    case 0xa000: /* c.fsd */

> +    case 0xc000: /* c.sw */

> +    case 0xe000: /* c.sd (rv64) / c.fsw (rv32) */

> +    case 0xa002: /* c.fsdsp */

> +    case 0xc002: /* c.swsp */

> +    case 0xe002: /* c.sdsp (rv64) / c.fswsp (rv32) */

> +        return true;

> +    }

> +

> +    /* 32-bit instructions, major opcodes */

> +    switch (insn & 0x7f) {

> +    case 0x23: /* store */

> +    case 0x27: /* store-fp */

> +        return true;

> +    case 0x2f: /* amo */

> +        /*

> +         * The AMO function code is in bits 25-31, unread as yet.

> +         * The AMO functions are LR (read), SC (write), and the

> +         * rest are all read-modify-write.

> +         */

> +        insn = pinsn[1];

> +        return (insn >> 11) != 2; /* LR */

> +    }

> +

> +    return false;

> +}

> +

> +#endif

> diff --git a/linux-user/host/riscv64/host-signal.h

> b/linux-user/host/riscv64/host-signal.h

> new file mode 100644

> index 0000000000..6e27f725ab

> --- /dev/null

> +++ b/linux-user/host/riscv64/host-signal.h

> @@ -0,0 +1 @@

> +#include "../riscv32/host-signal.h"

> diff --git a/linux-user/host/s390/host-signal.h

> b/linux-user/host/s390/host-signal.h

> new file mode 100644

> index 0000000000..8d34b32b9f

> --- /dev/null

> +++ b/linux-user/host/s390/host-signal.h

> @@ -0,0 +1,92 @@

> +/*

> + * host-signal.h: signal info dependent on the host architecture

> + *

> + * Copyright (C) 2021 Linaro Limited

> + *

> + * This work is licensed under the terms of the GNU GPL, version 2 or

> later.

> + * See the COPYING file in the top-level directory.

> + */

> +

> +#ifndef S390_HOST_SIGNAL_H

> +#define S390_HOST_SIGNAL_H

> +

> +static inline uintptr_t host_signal_pc(ucontext_t *uc)

> +{

> +    return uc->uc_mcontext.psw.addr;

> +}

> +

> +static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)

> +{

> +    uint16_t *pinsn = (uint16_t *)host_signal_pc(uc);

> +

> +    /*

> +     * ??? On linux, the non-rt signal handler has 4 (!) arguments instead

> +     * of the normal 2 arguments.  The 4th argument contains the

> "Translation-

> +     * Exception Identification for DAT Exceptions" from the hardware (aka

> +     * "int_parm_long"), which does in fact contain the is_write value.

> +     * The rt signal handler, as far as I can tell, does not give this

> value

> +     * at all.  Not that we could get to it from here even if it were.

> +     * So fall back to parsing instructions.  Treat read-modify-write

> ones as

> +     * writes, which is not fully correct, but for tracking

> self-modifying code

> +     * this is better than treating them as reads.  Checking si_addr page

> flags

> +     * might be a viable improvement, albeit a racy one.

> +     */

> +    /* ??? This is not even close to complete.  */

> +    switch (pinsn[0] >> 8) {

> +    case 0x50: /* ST */

> +    case 0x42: /* STC */

> +    case 0x40: /* STH */

> +    case 0xba: /* CS */

> +    case 0xbb: /* CDS */

> +        return true;

> +    case 0xc4: /* RIL format insns */

> +        switch (pinsn[0] & 0xf) {

> +        case 0xf: /* STRL */

> +        case 0xb: /* STGRL */

> +        case 0x7: /* STHRL */

> +            return true;

> +        }

> +        break;

> +    case 0xc8: /* SSF format insns */

> +        switch (pinsn[0] & 0xf) {

> +        case 0x2: /* CSST */

> +            return true;

> +        }

> +        break;

> +    case 0xe3: /* RXY format insns */

> +        switch (pinsn[2] & 0xff) {

> +        case 0x50: /* STY */

> +        case 0x24: /* STG */

> +        case 0x72: /* STCY */

> +        case 0x70: /* STHY */

> +        case 0x8e: /* STPQ */

> +        case 0x3f: /* STRVH */

> +        case 0x3e: /* STRV */

> +        case 0x2f: /* STRVG */

> +            return true;

> +        }

> +        break;

> +    case 0xeb: /* RSY format insns */

> +        switch (pinsn[2] & 0xff) {

> +        case 0x14: /* CSY */

> +        case 0x30: /* CSG */

> +        case 0x31: /* CDSY */

> +        case 0x3e: /* CDSG */

> +        case 0xe4: /* LANG */

> +        case 0xe6: /* LAOG */

> +        case 0xe7: /* LAXG */

> +        case 0xe8: /* LAAG */

> +        case 0xea: /* LAALG */

> +        case 0xf4: /* LAN */

> +        case 0xf6: /* LAO */

> +        case 0xf7: /* LAX */

> +        case 0xfa: /* LAAL */

> +        case 0xf8: /* LAA */

> +            return true;

> +        }

> +        break;

> +    }

> +    return false;

> +}

> +

> +#endif

> diff --git a/linux-user/host/s390x/host-signal.h

> b/linux-user/host/s390x/host-signal.h

> new file mode 100644

> index 0000000000..0e83f9358d

> --- /dev/null

> +++ b/linux-user/host/s390x/host-signal.h

> @@ -0,0 +1 @@

> +#include "../s390/host-signal.h"

> diff --git a/linux-user/host/sparc/host-signal.h

> b/linux-user/host/sparc/host-signal.h

> new file mode 100644

> index 0000000000..47d3b1512e

> --- /dev/null

> +++ b/linux-user/host/sparc/host-signal.h

> @@ -0,0 +1,53 @@

> +/*

> + * host-signal.h: signal info dependent on the host architecture

> + *

> + * Copyright (C) 2021 Linaro Limited

> + *

> + * This work is licensed under the terms of the GNU GPL, version 2 or

> later.

> + * See the COPYING file in the top-level directory.

> + */

> +

> +#ifndef SPARC_HOST_SIGNAL_H

> +#define SPARC_HOST_SIGNAL_H

> +

> +static inline uintptr_t host_signal_pc(ucontext_t *uc)

> +{

> +#ifdef __arch64__

> +    return uc->uc_mcontext.mc_gregs[MC_PC];

> +#else

> +    return uc->uc_mcontext.gregs[REG_PC];

> +#endif

> +}

> +

> +static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)

> +{

> +    uint32_t insn = *(uint32_t *)host_signal_pc(uc);

> +

> +    if ((insn >> 30) == 3) {

> +        switch ((insn >> 19) & 0x3f) {

> +        case 0x05: /* stb */

> +        case 0x15: /* stba */

> +        case 0x06: /* sth */

> +        case 0x16: /* stha */

> +        case 0x04: /* st */

> +        case 0x14: /* sta */

> +        case 0x07: /* std */

> +        case 0x17: /* stda */

> +        case 0x0e: /* stx */

> +        case 0x1e: /* stxa */

> +        case 0x24: /* stf */

> +        case 0x34: /* stfa */

> +        case 0x27: /* stdf */

> +        case 0x37: /* stdfa */

> +        case 0x26: /* stqf */

> +        case 0x36: /* stqfa */

> +        case 0x25: /* stfsr */

> +        case 0x3c: /* casa */

> +        case 0x3e: /* casxa */

> +            return true;

> +        }

> +    }

> +    return false;

> +}

> +

> +#endif

> diff --git a/linux-user/host/sparc64/host-signal.h

> b/linux-user/host/sparc64/host-signal.h

> new file mode 100644

> index 0000000000..1191fe2d40

> --- /dev/null

> +++ b/linux-user/host/sparc64/host-signal.h

> @@ -0,0 +1 @@

> +#include "../sparc/host-signal.h"

> diff --git a/linux-user/host/x86_64/host-signal.h

> b/linux-user/host/x86_64/host-signal.h

> new file mode 100644

> index 0000000000..d5fb3e4484

> --- /dev/null

> +++ b/linux-user/host/x86_64/host-signal.h

> @@ -0,0 +1,24 @@

> +/*

> + * host-signal.h: signal info dependent on the host architecture

> + *

> + * Copyright (C) 2021 Linaro Limited

> + *

> + * This work is licensed under the terms of the GNU GPL, version 2 or

> later.

> + * See the COPYING file in the top-level directory.

> + */

> +

> +#ifndef X86_64_HOST_SIGNAL_H

> +#define X86_64_HOST_SIGNAL_H

> +

> +static inline uintptr_t host_signal_pc(ucontext_t *uc)

> +{

> +    return uc->uc_mcontext.gregs[REG_RIP];

> +}

> +

> +static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)

> +{

> +    return uc->uc_mcontext.gregs[REG_TRAPNO] == 0xe

> +        && (uc->uc_mcontext.gregs[REG_ERR] & 0x2);

> +}

> +

> +#endif

> diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c

> index ad6b4f6abf..39635cbea2 100644

> --- a/accel/tcg/user-exec.c

> +++ b/accel/tcg/user-exec.c

> @@ -29,23 +29,8 @@

>  #include "trace/trace-root.h"

>  #include "trace/mem.h"

>

> -#undef EAX

> -#undef ECX

> -#undef EDX

> -#undef EBX

> -#undef ESP

> -#undef EBP

> -#undef ESI

> -#undef EDI

> -#undef EIP

> -#ifdef __linux__

> -#include <sys/ucontext.h>

> -#endif

> -

>  __thread uintptr_t helper_retaddr;

>

> -//#define DEBUG_SIGNAL

> -

>  /**

>   * adjust_signal_pc:

>   * @pc: raw pc from the host signal ucontext_t.

> @@ -154,69 +139,6 @@ bool handle_sigsegv_accerr_write(CPUState *cpu,

> sigset_t *old_set,

>      }

>  }

>

> -/* 'pc' is the host PC at which the exception was raised. 'address' is

> -   the effective address of the memory exception. 'is_write' is 1 if a

> -   write caused the exception and otherwise 0'. 'old_set' is the

> -   signal set which should be restored */

> -static inline int handle_cpu_signal(uintptr_t pc, siginfo_t *info,

> -                                    int is_write, sigset_t *old_set)

> -{

> -    CPUState *cpu = current_cpu;

> -    CPUClass *cc;

> -    unsigned long address = (unsigned long)info->si_addr;

> -    MMUAccessType access_type;

> -

> -    if (is_write) {

> -        access_type = MMU_DATA_STORE;

> -    } else if (helper_retaddr == 1) {

> -        access_type = MMU_INST_FETCH;

> -    } else {

> -        access_type = MMU_DATA_LOAD;

> -    }

> -    pc = adjust_signal_pc(pc);

> -

> -    /* For synchronous signals we expect to be coming from the vCPU

> -     * thread (so current_cpu should be valid) and either from running

> -     * code or during translation which can fault as we cross pages.

> -     *

> -     * If neither is true then something has gone wrong and we should

> -     * abort rather than try and restart the vCPU execution.

> -     */

> -    if (!cpu || !cpu->running) {

> -        printf("qemu:%s received signal outside vCPU context @ pc=0x%"

> -               PRIxPTR "\n",  __func__, pc);

> -        abort();

> -    }

> -

> -#if defined(DEBUG_SIGNAL)

> -    printf("qemu: SIGSEGV pc=0x%08lx address=%08lx w=%d oldset=0x%08lx\n",

> -           pc, address, is_write, *(unsigned long *)old_set);

> -#endif

> -

> -    /* XXX: locking issue */

> -    if (is_write &&

> -        info->si_signo == SIGSEGV &&

> -        info->si_code == SEGV_ACCERR &&

> -        handle_sigsegv_accerr_write(cpu, old_set, pc, address)) {

> -        return 1;

> -    }

> -

> -    /* Convert forcefully to guest address space, invalid addresses

> -       are still valid segv ones */

> -    address = h2g_nocheck(address);

> -

> -    /*

> -     * There is no way the target can handle this other than raising

> -     * an exception.  Undo signal and retaddr state prior to longjmp.

> -     */

> -    sigprocmask(SIG_SETMASK, old_set, NULL);

> -

> -    cc = CPU_GET_CLASS(cpu);

> -    cc->tcg_ops->tlb_fill(cpu, address, 0, access_type,

> -                          MMU_USER_IDX, false, pc);

> -    g_assert_not_reached();

> -}

> -

>  static int probe_access_internal(CPUArchState *env, target_ulong addr,

>                                   int fault_size, MMUAccessType

> access_type,

>                                   bool nonfault, uintptr_t ra)

> @@ -275,640 +197,6 @@ void *probe_access(CPUArchState *env, target_ulong

> addr, int size,

>      return size ? g2h(env_cpu(env), addr) : NULL;

>  }

>

> -#if defined(__i386__)

> -

> -#if defined(__NetBSD__)

> -#include <ucontext.h>

> -#include <machine/trap.h>

> -

> -#define EIP_sig(context)     ((context)->uc_mcontext.__gregs[_REG_EIP])

> -#define TRAP_sig(context)    ((context)->uc_mcontext.__gregs[_REG_TRAPNO])

> -#define ERROR_sig(context)   ((context)->uc_mcontext.__gregs[_REG_ERR])

> -#define MASK_sig(context)    ((context)->uc_sigmask)

> -#define PAGE_FAULT_TRAP      T_PAGEFLT

> -#elif defined(__FreeBSD__) || defined(__DragonFly__)

> -#include <ucontext.h>

> -#include <machine/trap.h>

> -

> -#define EIP_sig(context)  (*((unsigned long

> *)&(context)->uc_mcontext.mc_eip))

> -#define TRAP_sig(context)    ((context)->uc_mcontext.mc_trapno)

> -#define ERROR_sig(context)   ((context)->uc_mcontext.mc_err)

> -#define MASK_sig(context)    ((context)->uc_sigmask)

> -#define PAGE_FAULT_TRAP      T_PAGEFLT

> -#elif defined(__OpenBSD__)

> -#include <machine/trap.h>

> -#define EIP_sig(context)     ((context)->sc_eip)

> -#define TRAP_sig(context)    ((context)->sc_trapno)

> -#define ERROR_sig(context)   ((context)->sc_err)

> -#define MASK_sig(context)    ((context)->sc_mask)

> -#define PAGE_FAULT_TRAP      T_PAGEFLT

> -#else

> -#define EIP_sig(context)     ((context)->uc_mcontext.gregs[REG_EIP])

> -#define TRAP_sig(context)    ((context)->uc_mcontext.gregs[REG_TRAPNO])

> -#define ERROR_sig(context)   ((context)->uc_mcontext.gregs[REG_ERR])

> -#define MASK_sig(context)    ((context)->uc_sigmask)

> -#define PAGE_FAULT_TRAP      0xe

> -#endif

> -

> -int cpu_signal_handler(int host_signum, void *pinfo,

> -                       void *puc)

> -{

> -    siginfo_t *info = pinfo;

> -#if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__DragonFly__)

> -    ucontext_t *uc = puc;

> -#elif defined(__OpenBSD__)

> -    struct sigcontext *uc = puc;

> -#else

> -    ucontext_t *uc = puc;

> -#endif

> -    unsigned long pc;

> -    int trapno;

> -

> -#ifndef REG_EIP

> -/* for glibc 2.1 */

> -#define REG_EIP    EIP

> -#define REG_ERR    ERR

> -#define REG_TRAPNO TRAPNO

> -#endif

> -    pc = EIP_sig(uc);

> -    trapno = TRAP_sig(uc);

> -    return handle_cpu_signal(pc, info,

> -                             trapno == PAGE_FAULT_TRAP ?

> -                             (ERROR_sig(uc) >> 1) & 1 : 0,

> -                             &MASK_sig(uc));

> -}

> -

> -#elif defined(__x86_64__)

> -

> -#ifdef __NetBSD__

> -#include <machine/trap.h>

> -#define PC_sig(context)       _UC_MACHINE_PC(context)

> -#define TRAP_sig(context)

>  ((context)->uc_mcontext.__gregs[_REG_TRAPNO])

> -#define ERROR_sig(context)    ((context)->uc_mcontext.__gregs[_REG_ERR])

> -#define MASK_sig(context)     ((context)->uc_sigmask)

> -#define PAGE_FAULT_TRAP       T_PAGEFLT

> -#elif defined(__OpenBSD__)

> -#include <machine/trap.h>

> -#define PC_sig(context)       ((context)->sc_rip)

> -#define TRAP_sig(context)     ((context)->sc_trapno)

> -#define ERROR_sig(context)    ((context)->sc_err)

> -#define MASK_sig(context)     ((context)->sc_mask)

> -#define PAGE_FAULT_TRAP       T_PAGEFLT

> -#elif defined(__FreeBSD__) || defined(__DragonFly__)

> -#include <ucontext.h>

> -#include <machine/trap.h>

> -

> -#define PC_sig(context)  (*((unsigned long

> *)&(context)->uc_mcontext.mc_rip))

> -#define TRAP_sig(context)     ((context)->uc_mcontext.mc_trapno)

> -#define ERROR_sig(context)    ((context)->uc_mcontext.mc_err)

> -#define MASK_sig(context)     ((context)->uc_sigmask)

> -#define PAGE_FAULT_TRAP       T_PAGEFLT

> -#else

> -#define PC_sig(context)       ((context)->uc_mcontext.gregs[REG_RIP])

> -#define TRAP_sig(context)     ((context)->uc_mcontext.gregs[REG_TRAPNO])

> -#define ERROR_sig(context)    ((context)->uc_mcontext.gregs[REG_ERR])

> -#define MASK_sig(context)     ((context)->uc_sigmask)

> -#define PAGE_FAULT_TRAP       0xe

> -#endif

> -

> -int cpu_signal_handler(int host_signum, void *pinfo,

> -                       void *puc)

> -{

> -    siginfo_t *info = pinfo;

> -    unsigned long pc;

> -#if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__DragonFly__)

> -    ucontext_t *uc = puc;

> -#elif defined(__OpenBSD__)

> -    struct sigcontext *uc = puc;

> -#else

> -    ucontext_t *uc = puc;

> -#endif

> -

> -    pc = PC_sig(uc);

> -    return handle_cpu_signal(pc, info,

> -                             TRAP_sig(uc) == PAGE_FAULT_TRAP ?

> -                             (ERROR_sig(uc) >> 1) & 1 : 0,

> -                             &MASK_sig(uc));

> -}

> -

> -#elif defined(_ARCH_PPC)

> -

> -/***********************************************************************

> - * signal context platform-specific definitions

> - * From Wine

> - */

> -#ifdef linux

> -/* All Registers access - only for local access */

> -#define REG_sig(reg_name, context)              \

> -    ((context)->uc_mcontext.regs->reg_name)

> -/* Gpr Registers access  */

> -#define GPR_sig(reg_num, context)              REG_sig(gpr[reg_num],

> context)

> -/* Program counter */

> -#define IAR_sig(context)                       REG_sig(nip, context)

> -/* Machine State Register (Supervisor) */

> -#define MSR_sig(context)                       REG_sig(msr, context)

> -/* Count register */

> -#define CTR_sig(context)                       REG_sig(ctr, context)

> -/* User's integer exception register */

> -#define XER_sig(context)                       REG_sig(xer, context)

> -/* Link register */

> -#define LR_sig(context)                        REG_sig(link, context)

> -/* Condition register */

> -#define CR_sig(context)                        REG_sig(ccr, context)

> -

> -/* Float Registers access  */

> -#define FLOAT_sig(reg_num, context)                                     \

> -    (((double *)((char *)((context)->uc_mcontext.regs + 48 *

> 4)))[reg_num])

> -#define FPSCR_sig(context) \

> -    (*(int *)((char *)((context)->uc_mcontext.regs + (48 + 32 * 2) * 4)))

> -/* Exception Registers access */

> -#define DAR_sig(context)                       REG_sig(dar, context)

> -#define DSISR_sig(context)                     REG_sig(dsisr, context)

> -#define TRAP_sig(context)                      REG_sig(trap, context)

> -#endif /* linux */

> -

> -#if defined(__FreeBSD__) || defined(__FreeBSD_kernel__)

> -#include <ucontext.h>

> -#define IAR_sig(context)               ((context)->uc_mcontext.mc_srr0)

> -#define MSR_sig(context)               ((context)->uc_mcontext.mc_srr1)

> -#define CTR_sig(context)               ((context)->uc_mcontext.mc_ctr)

> -#define XER_sig(context)               ((context)->uc_mcontext.mc_xer)

> -#define LR_sig(context)                ((context)->uc_mcontext.mc_lr)

> -#define CR_sig(context)                ((context)->uc_mcontext.mc_cr)

> -/* Exception Registers access */

> -#define DAR_sig(context)               ((context)->uc_mcontext.mc_dar)

> -#define DSISR_sig(context)             ((context)->uc_mcontext.mc_dsisr)

> -#define TRAP_sig(context)              ((context)->uc_mcontext.mc_exc)

> -#endif /* __FreeBSD__|| __FreeBSD_kernel__ */

> -

> -int cpu_signal_handler(int host_signum, void *pinfo,

> -                       void *puc)

> -{

> -    siginfo_t *info = pinfo;

> -#if defined(__FreeBSD__) || defined(__FreeBSD_kernel__)

> -    ucontext_t *uc = puc;

> -#else

> -    ucontext_t *uc = puc;

> -#endif

> -    unsigned long pc;

> -    int is_write;

> -

> -    pc = IAR_sig(uc);

> -    is_write = 0;

> -#if 0

> -    /* ppc 4xx case */

> -    if (DSISR_sig(uc) & 0x00800000) {

> -        is_write = 1;

> -    }

> -#else

> -    if (TRAP_sig(uc) != 0x400 && (DSISR_sig(uc) & 0x02000000)) {

> -        is_write = 1;

> -    }

> -#endif

> -    return handle_cpu_signal(pc, info, is_write, &uc->uc_sigmask);

> -}

> -

> -#elif defined(__alpha__)

> -

> -int cpu_signal_handler(int host_signum, void *pinfo,

> -                           void *puc)

> -{

> -    siginfo_t *info = pinfo;

> -    ucontext_t *uc = puc;

> -    uint32_t *pc = uc->uc_mcontext.sc_pc;

> -    uint32_t insn = *pc;

> -    int is_write = 0;

> -

> -    /* XXX: need kernel patch to get write flag faster */

> -    switch (insn >> 26) {

> -    case 0x0d: /* stw */

> -    case 0x0e: /* stb */

> -    case 0x0f: /* stq_u */

> -    case 0x24: /* stf */

> -    case 0x25: /* stg */

> -    case 0x26: /* sts */

> -    case 0x27: /* stt */

> -    case 0x2c: /* stl */

> -    case 0x2d: /* stq */

> -    case 0x2e: /* stl_c */

> -    case 0x2f: /* stq_c */

> -        is_write = 1;

> -    }

> -

> -    return handle_cpu_signal(pc, info, is_write, &uc->uc_sigmask);

> -}

> -#elif defined(__sparc__)

> -

> -int cpu_signal_handler(int host_signum, void *pinfo,

> -                       void *puc)

> -{

> -    siginfo_t *info = pinfo;

> -    int is_write;

> -    uint32_t insn;

> -#if !defined(__arch64__) || defined(CONFIG_SOLARIS)

> -    uint32_t *regs = (uint32_t *)(info + 1);

> -    void *sigmask = (regs + 20);

> -    /* XXX: is there a standard glibc define ? */

> -    unsigned long pc = regs[1];

> -#else

> -#ifdef __linux__

> -    struct sigcontext *sc = puc;

> -    unsigned long pc = sc->sigc_regs.tpc;

> -    void *sigmask = (void *)sc->sigc_mask;

> -#elif defined(__OpenBSD__)

> -    struct sigcontext *uc = puc;

> -    unsigned long pc = uc->sc_pc;

> -    void *sigmask = (void *)(long)uc->sc_mask;

> -#elif defined(__NetBSD__)

> -    ucontext_t *uc = puc;

> -    unsigned long pc = _UC_MACHINE_PC(uc);

> -    void *sigmask = (void *)&uc->uc_sigmask;

> -#endif

> -#endif

> -

> -    /* XXX: need kernel patch to get write flag faster */

> -    is_write = 0;

> -    insn = *(uint32_t *)pc;

> -    if ((insn >> 30) == 3) {

> -        switch ((insn >> 19) & 0x3f) {

> -        case 0x05: /* stb */

> -        case 0x15: /* stba */

> -        case 0x06: /* sth */

> -        case 0x16: /* stha */

> -        case 0x04: /* st */

> -        case 0x14: /* sta */

> -        case 0x07: /* std */

> -        case 0x17: /* stda */

> -        case 0x0e: /* stx */

> -        case 0x1e: /* stxa */

> -        case 0x24: /* stf */

> -        case 0x34: /* stfa */

> -        case 0x27: /* stdf */

> -        case 0x37: /* stdfa */

> -        case 0x26: /* stqf */

> -        case 0x36: /* stqfa */

> -        case 0x25: /* stfsr */

> -        case 0x3c: /* casa */

> -        case 0x3e: /* casxa */

> -            is_write = 1;

> -            break;

> -        }

> -    }

> -    return handle_cpu_signal(pc, info, is_write, sigmask);

> -}

> -

> -#elif defined(__arm__)

> -

> -#if defined(__NetBSD__)

> -#include <ucontext.h>

> -#include <sys/siginfo.h>

> -#endif

> -

> -int cpu_signal_handler(int host_signum, void *pinfo,

> -                       void *puc)

> -{

> -    siginfo_t *info = pinfo;

> -#if defined(__NetBSD__)

> -    ucontext_t *uc = puc;

> -    siginfo_t *si = pinfo;

> -#else

> -    ucontext_t *uc = puc;

> -#endif

> -    unsigned long pc;

> -    uint32_t fsr;

> -    int is_write;

> -

> -#if defined(__NetBSD__)

> -    pc = uc->uc_mcontext.__gregs[_REG_R15];

> -#elif defined(__GLIBC__) && (__GLIBC__ < 2 || (__GLIBC__ == 2 &&

> __GLIBC_MINOR__ <= 3))

> -    pc = uc->uc_mcontext.gregs[R15];

> -#else

> -    pc = uc->uc_mcontext.arm_pc;

> -#endif

> -

> -#ifdef __NetBSD__

> -    fsr = si->si_trap;

> -#else

> -    fsr = uc->uc_mcontext.error_code;

> -#endif

> -    /*

> -     * In the FSR, bit 11 is WnR, assuming a v6 or

> -     * later processor.  On v5 we will always report

> -     * this as a read, which will fail later.

> -     */

> -    is_write = extract32(fsr, 11, 1);

> -    return handle_cpu_signal(pc, info, is_write, &uc->uc_sigmask);

> -}

> -

> -#elif defined(__aarch64__)

> -

> -#if defined(__NetBSD__)

> -

> -#include <ucontext.h>

> -#include <sys/siginfo.h>

> -

> -int cpu_signal_handler(int host_signum, void *pinfo, void *puc)

> -{

> -    ucontext_t *uc = puc;

> -    siginfo_t *si = pinfo;

> -    unsigned long pc;

> -    int is_write;

> -    uint32_t esr;

> -

> -    pc = uc->uc_mcontext.__gregs[_REG_PC];

> -    esr = si->si_trap;

> -

> -    /*

> -     * siginfo_t::si_trap is the ESR value, for data aborts ESR.EC

> -     * is 0b10010x: then bit 6 is the WnR bit

> -     */

> -    is_write = extract32(esr, 27, 5) == 0x12 && extract32(esr, 6, 1) == 1;

> -    return handle_cpu_signal(pc, si, is_write, &uc->uc_sigmask);

> -}

> -

> -#else

> -

> -#ifndef ESR_MAGIC

> -/* Pre-3.16 kernel headers don't have these, so provide fallback

> definitions */

> -#define ESR_MAGIC 0x45535201

> -struct esr_context {

> -    struct _aarch64_ctx head;

> -    uint64_t esr;

> -};

> -#endif

> -

> -static inline struct _aarch64_ctx *first_ctx(ucontext_t *uc)

> -{

> -    return (struct _aarch64_ctx *)&uc->uc_mcontext.__reserved;

> -}

> -

> -static inline struct _aarch64_ctx *next_ctx(struct _aarch64_ctx *hdr)

> -{

> -    return (struct _aarch64_ctx *)((char *)hdr + hdr->size);

> -}

> -

> -int cpu_signal_handler(int host_signum, void *pinfo, void *puc)

> -{

> -    siginfo_t *info = pinfo;

> -    ucontext_t *uc = puc;

> -    uintptr_t pc = uc->uc_mcontext.pc;

> -    bool is_write;

> -    struct _aarch64_ctx *hdr;

> -    struct esr_context const *esrctx = NULL;

> -

> -    /* Find the esr_context, which has the WnR bit in it */

> -    for (hdr = first_ctx(uc); hdr->magic; hdr = next_ctx(hdr)) {

> -        if (hdr->magic == ESR_MAGIC) {

> -            esrctx = (struct esr_context const *)hdr;

> -            break;

> -        }

> -    }

> -

> -    if (esrctx) {

> -        /* For data aborts ESR.EC is 0b10010x: then bit 6 is the WnR bit

> */

> -        uint64_t esr = esrctx->esr;

> -        is_write = extract32(esr, 27, 5) == 0x12 && extract32(esr, 6, 1)

> == 1;

> -    } else {

> -        /*

> -         * Fall back to parsing instructions; will only be needed

> -         * for really ancient (pre-3.16) kernels.

> -         */

> -        uint32_t insn = *(uint32_t *)pc;

> -

> -        is_write = ((insn & 0xbfff0000) == 0x0c000000   /* C3.3.1 */

> -                    || (insn & 0xbfe00000) == 0x0c800000   /* C3.3.2 */

> -                    || (insn & 0xbfdf0000) == 0x0d000000   /* C3.3.3 */

> -                    || (insn & 0xbfc00000) == 0x0d800000   /* C3.3.4 */

> -                    || (insn & 0x3f400000) == 0x08000000   /* C3.3.6 */

> -                    || (insn & 0x3bc00000) == 0x39000000   /* C3.3.13 */

> -                    || (insn & 0x3fc00000) == 0x3d800000   /* ... 128bit

> */

> -                    /* Ignore bits 10, 11 & 21, controlling indexing.  */

> -                    || (insn & 0x3bc00000) == 0x38000000   /* C3.3.8-12 */

> -                    || (insn & 0x3fe00000) == 0x3c800000   /* ... 128bit

> */

> -                    /* Ignore bits 23 & 24, controlling indexing.  */

> -                    || (insn & 0x3a400000) == 0x28000000); /*

> C3.3.7,14-16 */

> -    }

> -    return handle_cpu_signal(pc, info, is_write, &uc->uc_sigmask);

> -}

> -#endif

> -

> -#elif defined(__s390__)

> -

> -int cpu_signal_handler(int host_signum, void *pinfo,

> -                       void *puc)

> -{

> -    siginfo_t *info = pinfo;

> -    ucontext_t *uc = puc;

> -    unsigned long pc;

> -    uint16_t *pinsn;

> -    int is_write = 0;

> -

> -    pc = uc->uc_mcontext.psw.addr;

> -

> -    /*

> -     * ??? On linux, the non-rt signal handler has 4 (!) arguments instead

> -     * of the normal 2 arguments.  The 4th argument contains the

> "Translation-

> -     * Exception Identification for DAT Exceptions" from the hardware (aka

> -     * "int_parm_long"), which does in fact contain the is_write value.

> -     * The rt signal handler, as far as I can tell, does not give this

> value

> -     * at all.  Not that we could get to it from here even if it were.

> -     * So fall back to parsing instructions.  Treat read-modify-write

> ones as

> -     * writes, which is not fully correct, but for tracking

> self-modifying code

> -     * this is better than treating them as reads.  Checking si_addr page

> flags

> -     * might be a viable improvement, albeit a racy one.

> -     */

> -    /* ??? This is not even close to complete.  */

> -    pinsn = (uint16_t *)pc;

> -    switch (pinsn[0] >> 8) {

> -    case 0x50: /* ST */

> -    case 0x42: /* STC */

> -    case 0x40: /* STH */

> -    case 0xba: /* CS */

> -    case 0xbb: /* CDS */

> -        is_write = 1;

> -        break;

> -    case 0xc4: /* RIL format insns */

> -        switch (pinsn[0] & 0xf) {

> -        case 0xf: /* STRL */

> -        case 0xb: /* STGRL */

> -        case 0x7: /* STHRL */

> -            is_write = 1;

> -        }

> -        break;

> -    case 0xc8: /* SSF format insns */

> -        switch (pinsn[0] & 0xf) {

> -        case 0x2: /* CSST */

> -            is_write = 1;

> -        }

> -        break;

> -    case 0xe3: /* RXY format insns */

> -        switch (pinsn[2] & 0xff) {

> -        case 0x50: /* STY */

> -        case 0x24: /* STG */

> -        case 0x72: /* STCY */

> -        case 0x70: /* STHY */

> -        case 0x8e: /* STPQ */

> -        case 0x3f: /* STRVH */

> -        case 0x3e: /* STRV */

> -        case 0x2f: /* STRVG */

> -            is_write = 1;

> -        }

> -        break;

> -    case 0xeb: /* RSY format insns */

> -        switch (pinsn[2] & 0xff) {

> -        case 0x14: /* CSY */

> -        case 0x30: /* CSG */

> -        case 0x31: /* CDSY */

> -        case 0x3e: /* CDSG */

> -        case 0xe4: /* LANG */

> -        case 0xe6: /* LAOG */

> -        case 0xe7: /* LAXG */

> -        case 0xe8: /* LAAG */

> -        case 0xea: /* LAALG */

> -        case 0xf4: /* LAN */

> -        case 0xf6: /* LAO */

> -        case 0xf7: /* LAX */

> -        case 0xfa: /* LAAL */

> -        case 0xf8: /* LAA */

> -            is_write = 1;

> -        }

> -        break;

> -    }

> -

> -    return handle_cpu_signal(pc, info, is_write, &uc->uc_sigmask);

> -}

> -

> -#elif defined(__mips__)

> -

> -#if defined(__misp16) || defined(__mips_micromips)

> -#error "Unsupported encoding"

> -#endif

> -

> -int cpu_signal_handler(int host_signum, void *pinfo,

> -                       void *puc)

> -{

> -    siginfo_t *info = pinfo;

> -    ucontext_t *uc = puc;

> -    uintptr_t pc = uc->uc_mcontext.pc;

> -    uint32_t insn = *(uint32_t *)pc;

> -    int is_write = 0;

> -

> -    /* Detect all store instructions at program counter. */

> -    switch((insn >> 26) & 077) {

> -    case 050: /* SB */

> -    case 051: /* SH */

> -    case 052: /* SWL */

> -    case 053: /* SW */

> -    case 054: /* SDL */

> -    case 055: /* SDR */

> -    case 056: /* SWR */

> -    case 070: /* SC */

> -    case 071: /* SWC1 */

> -    case 074: /* SCD */

> -    case 075: /* SDC1 */

> -    case 077: /* SD */

> -#if !defined(__mips_isa_rev) || __mips_isa_rev < 6

> -    case 072: /* SWC2 */

> -    case 076: /* SDC2 */

> -#endif

> -        is_write = 1;

> -        break;

> -    case 023: /* COP1X */

> -        /* Required in all versions of MIPS64 since

> -           MIPS64r1 and subsequent versions of MIPS32r2. */

> -        switch (insn & 077) {

> -        case 010: /* SWXC1 */

> -        case 011: /* SDXC1 */

> -        case 015: /* SUXC1 */

> -            is_write = 1;

> -        }

> -        break;

> -    }

> -

> -    return handle_cpu_signal(pc, info, is_write, &uc->uc_sigmask);

> -}

> -

> -#elif defined(__riscv)

> -

> -int cpu_signal_handler(int host_signum, void *pinfo,

> -                       void *puc)

> -{

> -    siginfo_t *info = pinfo;

> -    ucontext_t *uc = puc;

> -    greg_t pc = uc->uc_mcontext.__gregs[REG_PC];

> -    uint32_t insn = *(uint32_t *)pc;

> -    int is_write = 0;

> -

> -    /* Detect store by reading the instruction at the program

> -       counter. Note: we currently only generate 32-bit

> -       instructions so we thus only detect 32-bit stores */

> -    switch (((insn >> 0) & 0b11)) {

> -    case 3:

> -        switch (((insn >> 2) & 0b11111)) {

> -        case 8:

> -            switch (((insn >> 12) & 0b111)) {

> -            case 0: /* sb */

> -            case 1: /* sh */

> -            case 2: /* sw */

> -            case 3: /* sd */

> -            case 4: /* sq */

> -                is_write = 1;

> -                break;

> -            default:

> -                break;

> -            }

> -            break;

> -        case 9:

> -            switch (((insn >> 12) & 0b111)) {

> -            case 2: /* fsw */

> -            case 3: /* fsd */

> -            case 4: /* fsq */

> -                is_write = 1;

> -                break;

> -            default:

> -                break;

> -            }

> -            break;

> -        default:

> -            break;

> -        }

> -    }

> -

> -    /* Check for compressed instructions */

> -    switch (((insn >> 13) & 0b111)) {

> -    case 7:

> -        switch (insn & 0b11) {

> -        case 0: /*c.sd */

> -        case 2: /* c.sdsp */

> -            is_write = 1;

> -            break;

> -        default:

> -            break;

> -        }

> -        break;

> -    case 6:

> -        switch (insn & 0b11) {

> -        case 0: /* c.sw */

> -        case 3: /* c.swsp */

> -            is_write = 1;

> -            break;

> -        default:

> -            break;

> -        }

> -        break;

> -    default:

> -        break;

> -    }

> -

> -    return handle_cpu_signal(pc, info, is_write, &uc->uc_sigmask);

> -}

> -

> -#else

> -

> -#error host CPU specific signal handler needed

> -

> -#endif

> -

>  /* The softmmu versions of these helpers are in cputlb.c.  */

>

>  uint32_t cpu_ldub_data(CPUArchState *env, abi_ptr ptr)

> diff --git a/linux-user/signal.c b/linux-user/signal.c

> index 73c0f9066b..509dad7850 100644

> --- a/linux-user/signal.c

> +++ b/linux-user/signal.c

> @@ -24,6 +24,7 @@

>  #include "qemu.h"

>  #include "trace.h"

>  #include "signal-common.h"

> +#include "host-signal.h"

>

>  static struct target_sigaction sigact_table[TARGET_NSIG];

>

> @@ -753,59 +754,85 @@ static inline void rewind_if_in_safe_syscall(void

> *puc)

>  }

>  #endif

>

> -static void host_signal_handler(int host_signum, siginfo_t *info,

> -                                void *puc)

> +static void host_signal_handler(int host_sig, siginfo_t *info, void *puc)

>  {

>      CPUArchState *env = thread_cpu->env_ptr;

>      CPUState *cpu = env_cpu(env);

>      TaskState *ts = cpu->opaque;

> -

> -    int sig;

> +    bool sync_sig = false;

>      target_siginfo_t tinfo;

>      ucontext_t *uc = puc;

>      struct emulated_sigtable *k;

> +    uintptr_t pc = 0;

> +    int guest_sig;

>

> -    /* the CPU emulator uses some host signals to detect exceptions,

> -       we forward to it some signals */

> -    if ((host_signum == SIGSEGV || host_signum == SIGBUS)

> -        && info->si_code > 0) {

> -        if (cpu_signal_handler(host_signum, info, puc))

> +    /*

> +     * Non-spoofed SIGSEGV and SIGBUS are synchronous, and need special

> +     * handling wrt signal blocking and unwinding.  SIGSEGV may need to

> +     * remove write-protection and restart the instruction.

> +     */

> +    if ((host_sig == SIGSEGV || host_sig == SIGBUS) && info->si_code > 0)

> {

> +        pc = adjust_signal_pc(host_signal_pc(uc));

> +        if (host_sig == SIGSEGV &&

> +            info->si_code == SEGV_ACCERR &&

> +            host_sigsegv_write(info, uc) &&

> +            handle_sigsegv_accerr_write(cpu, &uc->uc_sigmask, pc,

> +                                        (uintptr_t)info->si_addr)) {

>              return;

> +        }

> +        sync_sig = true;

> +    } else {

> +        rewind_if_in_safe_syscall(puc);

> +

> +        /*

> +         * Block host signals until target signal handler entered.

> +         * We can't block SIGSEGV or SIGBUS while we're executing

> +         * guest code in case the guest code provokes one in the

> +         * window between now and it getting out to the main loop.

> +         * Signals will be unblocked again in process_pending_signals().

> +         *

> +         * WARNING: we cannot use sigfillset() here because the uc_sigmask

> +         * field is a kernel sigset_t, which is much smaller than the

> +         * libc sigset_t which sigfillset() operates on. Using

> sigfillset()

> +         * would write 0xff bytes off the end of the structure and trash

> +         * data on the struct.

> +         * We can't use sizeof(uc->uc_sigmask) either, because the libc

> +         * headers define the struct field with the wrong (too large)

> type.

> +         */

> +        memset(&uc->uc_sigmask, 0xff, SIGSET_T_SIZE);

> +        sigdelset(&uc->uc_sigmask, SIGSEGV);

> +        sigdelset(&uc->uc_sigmask, SIGBUS);

>      }

>

>      /* get target signal number */

> -    sig = host_to_target_signal(host_signum);

> -    if (sig < 1 || sig > TARGET_NSIG)

> +    guest_sig = host_to_target_signal(host_sig);

> +    if (guest_sig < 1 || guest_sig > TARGET_NSIG) {

>          return;

> -    trace_user_host_signal(env, host_signum, sig);

> -

> -    rewind_if_in_safe_syscall(puc);

> +    }

> +    trace_user_host_signal(env, host_sig, guest_sig);

>

>      host_to_target_siginfo_noswap(&tinfo, info);

> -    k = &ts->sigtab[sig - 1];

> +    k = &ts->sigtab[guest_sig - 1];

>      k->info = tinfo;

> -    k->pending = sig;

> +    k->pending = guest_sig;

>      ts->signal_pending = 1;

>

> -    /* Block host signals until target signal handler entered. We

> -     * can't block SIGSEGV or SIGBUS while we're executing guest

> -     * code in case the guest code provokes one in the window between

> -     * now and it getting out to the main loop. Signals will be

> -     * unblocked again in process_pending_signals().

> -     *

> -     * WARNING: we cannot use sigfillset() here because the uc_sigmask

> -     * field is a kernel sigset_t, which is much smaller than the

> -     * libc sigset_t which sigfillset() operates on. Using sigfillset()

> -     * would write 0xff bytes off the end of the structure and trash

> -     * data on the struct.

> -     * We can't use sizeof(uc->uc_sigmask) either, because the libc

> -     * headers define the struct field with the wrong (too large) type.

> +    /*

> +     * For synchronous signals, unwind the cpu state to the faulting

> +     * insn and then exit back to the main loop so that the signal

> +     * is delivered immediately.

>       */

> -    memset(&uc->uc_sigmask, 0xff, SIGSET_T_SIZE);

> -    sigdelset(&uc->uc_sigmask, SIGSEGV);

> -    sigdelset(&uc->uc_sigmask, SIGBUS);

> +    if (sync_sig) {

> +        clear_helper_retaddr();

> +        sigprocmask(SIG_SETMASK, &uc->uc_sigmask, NULL);

> +        cpu->exception_index = EXCP_INTERRUPT;

> +        cpu_loop_exit_restore(cpu, pc);

> +    }

>

> -    /* interrupt the virtual CPU as soon as possible */

> +    /*

> +     * Interrupt the virtual CPU as soon as possible, but for now

> +     * return to continue with the current TB.

> +     */

>      cpu_exit(thread_cpu);

>  }

>

> --

> 2.25.1

>

>
<div dir="ltr"><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Sep 13, 2021 at 4:06 PM Richard Henderson &lt;<a href="mailto:richard.henderson@linaro.org">richard.henderson@linaro.org</a>&gt; wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Split out two functions into linux-user/host/arch/host-signal.h.<br>
Since linux-user requires a linux host, drop all of the BSD and<br>
Solaris ifdefs.  These should be recreated under bsd-user/ when<br>
the current blanks there are filled.<br></blockquote><div><br></div><div>For some architectures, this code will be small and host specific (I&#39;m thinking</div><div>arm, i386, ppc* and x86_64) but for others, there&#39;s common code that can be shared</div><div>to parse the instruction (aarch64, mips*, riscv*). Do you see any value in</div><div>sharing that instruction parsing code in some way?</div><div><br></div><div>Otherwise, this is mostly just code shuffling and figuring out which of</div><div>the long legacy of ifdefs are still relevant in the *BSD world. At the</div><div>moment, we only build bsd-user on FreeBSD since the scaffolding</div><div>for the other BSDs is absent. I can cope when I merge this into the</div><div>bsd-user fork and loop things back when those bits are up for inclusion</div><div>in future patch trains.</div><div><br></div><div>Warner</div><div> <br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
Fold the remnants of handle_cpu_signal into host_signal_handler.<br>
<br>
Drop the call to cc-&gt;tcg_ops-&gt;tlb_fill.  This was simply an indirect<br>
method to raise SIGSEGV; it is far easier to pass the host siginfo_t<br>
along to the guest.  This fixes all of the guest cpu_loop code that<br>
currently fails to properly fill in SEGV_MAPERR vs SEGV_ACCERR.<br>
<br>
Signed-off-by: Richard Henderson &lt;<a href="mailto:richard.henderson@linaro.org" target="_blank">richard.henderson@linaro.org</a>&gt;<br>

---<br>
 include/exec/exec-all.h               |  12 -<br>
 linux-user/host/aarch64/host-signal.h |  73 +++<br>
 linux-user/host/alpha/host-signal.h   |  41 ++<br>
 linux-user/host/arm/host-signal.h     |  30 ++<br>
 linux-user/host/i386/host-signal.h    |  24 +<br>
 linux-user/host/mips/host-signal.h    |  61 +++<br>
 linux-user/host/ppc/host-signal.h     |  24 +<br>
 linux-user/host/ppc64/host-signal.h   |   1 +<br>
 linux-user/host/riscv32/host-signal.h |  57 +++<br>
 linux-user/host/riscv64/host-signal.h |   1 +<br>
 linux-user/host/s390/host-signal.h    |  92 ++++<br>
 linux-user/host/s390x/host-signal.h   |   1 +<br>
 linux-user/host/sparc/host-signal.h   |  53 ++<br>
 linux-user/host/sparc64/host-signal.h |   1 +<br>
 linux-user/host/x86_64/host-signal.h  |  24 +<br>
 accel/tcg/user-exec.c                 | 712 --------------------------<br>
 linux-user/signal.c                   |  93 ++--<br>
 17 files changed, 543 insertions(+), 757 deletions(-)<br>
 create mode 100644 linux-user/host/aarch64/host-signal.h<br>
 create mode 100644 linux-user/host/alpha/host-signal.h<br>
 create mode 100644 linux-user/host/arm/host-signal.h<br>
 create mode 100644 linux-user/host/i386/host-signal.h<br>
 create mode 100644 linux-user/host/mips/host-signal.h<br>
 create mode 100644 linux-user/host/ppc/host-signal.h<br>
 create mode 100644 linux-user/host/ppc64/host-signal.h<br>
 create mode 100644 linux-user/host/riscv32/host-signal.h<br>
 create mode 100644 linux-user/host/riscv64/host-signal.h<br>
 create mode 100644 linux-user/host/s390/host-signal.h<br>
 create mode 100644 linux-user/host/s390x/host-signal.h<br>
 create mode 100644 linux-user/host/sparc/host-signal.h<br>
 create mode 100644 linux-user/host/sparc64/host-signal.h<br>
 create mode 100644 linux-user/host/x86_64/host-signal.h<br>
<br>
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h<br>
index f582d3e688..addcec6381 100644<br>
--- a/include/exec/exec-all.h<br>
+++ b/include/exec/exec-all.h<br>
@@ -683,18 +683,6 @@ uintptr_t adjust_signal_pc(uintptr_t pc);<br>
 bool handle_sigsegv_accerr_write(CPUState *cpu, sigset_t *old_set,<br>
                                  uintptr_t host_pc, uintptr_t host_addr);<br>
<br>
-/**<br>
- * cpu_signal_handler<br>
- * @signum: host signal number<br>
- * @pinfo: host siginfo_t<br>
- * @puc: host ucontext_t<br>
- *<br>
- * To be called from the SIGBUS and SIGSEGV signal handler to inform the<br>
- * virtual cpu of exceptions.  Returns true if the signal was handled by<br>
- * the virtual CPU.<br>
- */<br>
-int cpu_signal_handler(int signum, void *pinfo, void *puc);<br>
-<br>
 #else<br>
 static inline void mmap_lock(void) {}<br>
 static inline void mmap_unlock(void) {}<br>
diff --git a/linux-user/host/aarch64/host-signal.h b/linux-user/host/aarch64/host-signal.h<br>
new file mode 100644<br>
index 0000000000..818da17a21<br>
--- /dev/null<br>
+++ b/linux-user/host/aarch64/host-signal.h<br>
@@ -0,0 +1,73 @@<br>
+/*<br>
+ * host-signal.h: signal info dependent on the host architecture<br>
+ *<br>
+ * Copyright (C) 2021 Linaro Limited<br>
+ *<br>
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.<br>
+ * See the COPYING file in the top-level directory.<br>
+ */<br>
+<br>
+#ifndef AARCH64_HOST_SIGNAL_H<br>
+#define AARCH64_HOST_SIGNAL_H<br>
+<br>
+/* Pre-3.16 kernel headers don&#39;t have these, so provide fallback definitions */<br>
+#ifndef ESR_MAGIC<br>
+#define ESR_MAGIC 0x45535201<br>
+struct esr_context {<br>
+    struct _aarch64_ctx head;<br>
+    uint64_t esr;<br>
+};<br>
+#endif<br>
+<br>
+static inline struct _aarch64_ctx *first_ctx(ucontext_t *uc)<br>
+{<br>
+    return (struct _aarch64_ctx *)&amp;uc-&gt;uc_mcontext.__reserved;<br>
+}<br>
+<br>
+static inline struct _aarch64_ctx *next_ctx(struct _aarch64_ctx *hdr)<br>
+{<br>
+    return (struct _aarch64_ctx *)((char *)hdr + hdr-&gt;size);<br>
+}<br>
+<br>
+static inline uintptr_t host_signal_pc(ucontext_t *uc)<br>
+{<br>
+    return uc-&gt;uc_mcontext.pc;<br>
+}<br>
+<br>
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)<br>
+{<br>
+    struct _aarch64_ctx *hdr;<br>
+    uint32_t insn;<br>
+<br>
+    /* Find the esr_context, which has the WnR bit in it */<br>
+    for (hdr = first_ctx(uc); hdr-&gt;magic; hdr = next_ctx(hdr)) {<br>
+        if (hdr-&gt;magic == ESR_MAGIC) {<br>
+            struct esr_context const *esrctx = (struct esr_context const *)hdr;<br>
+            uint64_t esr = esrctx-&gt;esr;<br>
+<br>
+            /* For data aborts <a href="http://ESR.EC" rel="noreferrer" target="_blank">ESR.EC</a> is 0b10010x: then bit 6 is the WnR bit */<br>
+            return extract32(esr, 27, 5) == 0x12 &amp;&amp; extract32(esr, 6, 1) == 1;<br>
+        }<br>
+    }<br>
+<br>
+    /*<br>
+     * Fall back to parsing instructions; will only be needed<br>
+     * for really ancient (pre-3.16) kernels.<br>
+     */<br>
+    insn = *(uint32_t *)host_signal_pc(uc);<br>
+<br>
+    return (insn &amp; 0xbfff0000) == 0x0c000000   /* C3.3.1 */<br>
+        || (insn &amp; 0xbfe00000) == 0x0c800000   /* C3.3.2 */<br>
+        || (insn &amp; 0xbfdf0000) == 0x0d000000   /* C3.3.3 */<br>
+        || (insn &amp; 0xbfc00000) == 0x0d800000   /* C3.3.4 */<br>
+        || (insn &amp; 0x3f400000) == 0x08000000   /* C3.3.6 */<br>
+        || (insn &amp; 0x3bc00000) == 0x39000000   /* C3.3.13 */<br>
+        || (insn &amp; 0x3fc00000) == 0x3d800000   /* ... 128bit */<br>
+        /* Ignore bits 10, 11 &amp; 21, controlling indexing.  */<br>
+        || (insn &amp; 0x3bc00000) == 0x38000000   /* C3.3.8-12 */<br>
+        || (insn &amp; 0x3fe00000) == 0x3c800000   /* ... 128bit */<br>
+        /* Ignore bits 23 &amp; 24, controlling indexing.  */<br>
+        || (insn &amp; 0x3a400000) == 0x28000000; /* C3.3.7,14-16 */<br>
+}<br>
+<br>
+#endif<br>
diff --git a/linux-user/host/alpha/host-signal.h b/linux-user/host/alpha/host-signal.h<br>
new file mode 100644<br>
index 0000000000..eaf83added<br>
--- /dev/null<br>
+++ b/linux-user/host/alpha/host-signal.h<br>
@@ -0,0 +1,41 @@<br>
+/*<br>
+ * host-signal.h: signal info dependent on the host architecture<br>
+ *<br>
+ * Copyright (C) 2021 Linaro Limited<br>
+ *<br>
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.<br>
+ * See the COPYING file in the top-level directory.<br>
+ */<br>
+<br>
+#ifndef ALPHA_HOST_SIGNAL_H<br>
+#define ALPHA_HOST_SIGNAL_H<br>
+<br>
+static inline uintptr_t host_signal_pc(ucontext_t *uc)<br>
+{<br>
+    return uc-&gt;uc_mcontext.sc_pc;<br>
+}<br>
+<br>
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)<br>
+{<br>
+    uint32_t *pc = uc-&gt;uc_mcontext.sc_pc;<br>
+    uint32_t insn = *pc;<br>
+<br>
+    /* XXX: need kernel patch to get write flag faster */<br>
+    switch (insn &gt;&gt; 26) {<br>
+    case 0x0d: /* stw */<br>
+    case 0x0e: /* stb */<br>
+    case 0x0f: /* stq_u */<br>
+    case 0x24: /* stf */<br>
+    case 0x25: /* stg */<br>
+    case 0x26: /* sts */<br>
+    case 0x27: /* stt */<br>
+    case 0x2c: /* stl */<br>
+    case 0x2d: /* stq */<br>
+    case 0x2e: /* stl_c */<br>
+    case 0x2f: /* stq_c */<br>
+        return true;<br>
+    }<br>
+    return false;<br>
+}<br>
+<br>
+#endif<br>
diff --git a/linux-user/host/arm/host-signal.h b/linux-user/host/arm/host-signal.h<br>
new file mode 100644<br>
index 0000000000..ae6bcde6c1<br>
--- /dev/null<br>
+++ b/linux-user/host/arm/host-signal.h<br>
@@ -0,0 +1,30 @@<br>
+/*<br>
+ * host-signal.h: signal info dependent on the host architecture<br>
+ *<br>
+ * Copyright (C) 2021 Linaro Limited<br>
+ *<br>
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.<br>
+ * See the COPYING file in the top-level directory.<br>
+ */<br>
+<br>
+#ifndef ARM_HOST_SIGNAL_H<br>
+#define ARM_HOST_SIGNAL_H<br>
+<br>
+static inline uintptr_t host_signal_pc(ucontext_t *uc)<br>
+{<br>
+    return uc-&gt;uc_mcontext.gregs[R15];<br>
+}<br>
+<br>
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc,<br>
+                                      uintptr_t pc)<br>
+{<br>
+    /*<br>
+     * In the FSR, bit 11 is WnR, assuming a v6 or<br>
+     * later processor.  On v5 we will always report<br>
+     * this as a read, which will fail later.<br>
+     */<br>
+    uint32_t fsr = uc-&gt;uc_mcontext.error_code;<br>
+    return extract32(fsr, 11, 1);<br>
+}<br>
+<br>
+#endif<br>
diff --git a/linux-user/host/i386/host-signal.h b/linux-user/host/i386/host-signal.h<br>
new file mode 100644<br>
index 0000000000..a8ca5e4a89<br>
--- /dev/null<br>
+++ b/linux-user/host/i386/host-signal.h<br>
@@ -0,0 +1,24 @@<br>
+/*<br>
+ * host-signal.h: signal info dependent on the host architecture<br>
+ *<br>
+ * Copyright (C) 2021 Linaro Limited<br>
+ *<br>
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.<br>
+ * See the COPYING file in the top-level directory.<br>
+ */<br>
+<br>
+#ifndef I386_HOST_SIGNAL_H<br>
+#define I386_HOST_SIGNAL_H<br>
+<br>
+static inline uintptr_t host_signal_pc(ucontext_t *uc)<br>
+{<br>
+    return uc-&gt;uc_mcontext.gregs[REG_EIP];<br>
+}<br>
+<br>
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)<br>
+{<br>
+    return uc-&gt;uc_mcontext.gregs[REG_TRAPNO] == 0xe<br>
+        &amp;&amp; (uc-&gt;uc_mcontext.gregs[REG_ERR] &amp; 0x2);<br>
+}<br>
+<br>
+#endif<br>
diff --git a/linux-user/host/mips/host-signal.h b/linux-user/host/mips/host-signal.h<br>
new file mode 100644<br>
index 0000000000..815bbd61fa<br>
--- /dev/null<br>
+++ b/linux-user/host/mips/host-signal.h<br>
@@ -0,0 +1,61 @@<br>
+/*<br>
+ * host-signal.h: signal info dependent on the host architecture<br>
+ *<br>
+ * Copyright (C) 2021 Linaro Limited<br>
+ *<br>
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.<br>
+ * See the COPYING file in the top-level directory.<br>
+ */<br>
+<br>
+#ifndef MIPS_HOST_SIGNAL_H<br>
+#define MIPS_HOST_SIGNAL_H<br>
+<br>
+static inline uintptr_t host_signal_pc(ucontext_t *uc)<br>
+{<br>
+    return uc-&gt;uc_mcontext.pc;<br>
+}<br>
+<br>
+#if defined(__misp16) || defined(__mips_micromips)<br>
+#error &quot;Unsupported encoding&quot;<br>
+#endif<br>
+<br>
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)<br>
+{<br>
+    uint32_t *insn = *(uint32_t *)host_signal_pc(uc);<br>
+<br>
+    /* Detect all store instructions at program counter. */<br>
+    switch ((insn &gt;&gt; 26) &amp; 077) {<br>
+    case 050: /* SB */<br>
+    case 051: /* SH */<br>
+    case 052: /* SWL */<br>
+    case 053: /* SW */<br>
+    case 054: /* SDL */<br>
+    case 055: /* SDR */<br>
+    case 056: /* SWR */<br>
+    case 070: /* SC */<br>
+    case 071: /* SWC1 */<br>
+    case 074: /* SCD */<br>
+    case 075: /* SDC1 */<br>
+    case 077: /* SD */<br>
+#if !defined(__mips_isa_rev) || __mips_isa_rev &lt; 6<br>
+    case 072: /* SWC2 */<br>
+    case 076: /* SDC2 */<br>
+#endif<br>
+        return true;<br>
+    case 023: /* COP1X */<br>
+        /*<br>
+         * Required in all versions of MIPS64 since<br>
+         * MIPS64r1 and subsequent versions of MIPS32r2.<br>
+         */<br>
+        switch (insn &amp; 077) {<br>
+        case 010: /* SWXC1 */<br>
+        case 011: /* SDXC1 */<br>
+        case 015: /* SUXC1 */<br>
+            return true;<br>
+        }<br>
+        break;<br>
+    }<br>
+    return false;<br>
+}<br>
+<br>
+#endif<br>
diff --git a/linux-user/host/ppc/host-signal.h b/linux-user/host/ppc/host-signal.h<br>
new file mode 100644<br>
index 0000000000..b8dce622b4<br>
--- /dev/null<br>
+++ b/linux-user/host/ppc/host-signal.h<br>
@@ -0,0 +1,24 @@<br>
+/*<br>
+ * host-signal.h: signal info dependent on the host architecture<br>
+ *<br>
+ * Copyright (C) 2021 Linaro Limited<br>
+ *<br>
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.<br>
+ * See the COPYING file in the top-level directory.<br>
+ */<br>
+<br>
+#ifndef PPC_HOST_SIGNAL_H<br>
+#define PPC_HOST_SIGNAL_H<br>
+<br>
+static inline uintptr_t host_signal_pc(ucontext_t *uc)<br>
+{<br>
+    return uc-&gt;uc_mcontext.regs-&gt;nip;<br>
+}<br>
+<br>
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)<br>
+{<br>
+    return uc-&gt;uc_mcontext.regs-&gt;trap != 0x400<br>
+        &amp;&amp; (uc-&gt;uc_mcontext.regs-&gt;dsisr &amp; 0x02000000);<br>
+}<br>
+<br>
+#endif<br>
diff --git a/linux-user/host/ppc64/host-signal.h b/linux-user/host/ppc64/host-signal.h<br>
new file mode 100644<br>
index 0000000000..a353c22a90<br>
--- /dev/null<br>
+++ b/linux-user/host/ppc64/host-signal.h<br>
@@ -0,0 +1 @@<br>
+#include &quot;../ppc/host-signal.h&quot;<br>
diff --git a/linux-user/host/riscv32/host-signal.h b/linux-user/host/riscv32/host-signal.h<br>
new file mode 100644<br>
index 0000000000..f877412f96<br>
--- /dev/null<br>
+++ b/linux-user/host/riscv32/host-signal.h<br>
@@ -0,0 +1,57 @@<br>
+/*<br>
+ * host-signal.h: signal info dependent on the host architecture<br>
+ *<br>
+ * Copyright (C) 2021 Linaro Limited<br>
+ *<br>
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.<br>
+ * See the COPYING file in the top-level directory.<br>
+ */<br>
+<br>
+#ifndef RISCV_HOST_SIGNAL_H<br>
+#define RISCV_HOST_SIGNAL_H<br>
+<br>
+static inline uintptr_t host_signal_pc(ucontext_t *uc)<br>
+{<br>
+    return uc-&gt;uc_mcontext.__gregs[REG_PC];<br>
+}<br>
+<br>
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)<br>
+{<br>
+    /*<br>
+     * Detect store by reading the instruction at the program counter.<br>
+     * Do not read more than 16 bits, because we have not yet determined<br>
+     * the size of the instruction.<br>
+     */<br>
+    const uint16_t *pinsn = (const uint16_t *)host_signal_pc(uc);<br>
+    uint16_t insn = pinsn[0];<br>
+<br>
+    /* 16-bit instructions */<br>
+    switch (insn &amp; 0xe003) {<br>
+    case 0xa000: /* c.fsd */<br>
+    case 0xc000: /* c.sw */<br>
+    case 0xe000: /* <a href="http://c.sd" rel="noreferrer" target="_blank">c.sd</a> (rv64) / c.fsw (rv32) */<br>
+    case 0xa002: /* c.fsdsp */<br>
+    case 0xc002: /* c.swsp */<br>
+    case 0xe002: /* c.sdsp (rv64) / c.fswsp (rv32) */<br>
+        return true;<br>
+    }<br>
+<br>
+    /* 32-bit instructions, major opcodes */<br>
+    switch (insn &amp; 0x7f) {<br>
+    case 0x23: /* store */<br>
+    case 0x27: /* store-fp */<br>
+        return true;<br>
+    case 0x2f: /* amo */<br>
+        /*<br>
+         * The AMO function code is in bits 25-31, unread as yet.<br>
+         * The AMO functions are LR (read), SC (write), and the<br>
+         * rest are all read-modify-write.<br>
+         */<br>
+        insn = pinsn[1];<br>
+        return (insn &gt;&gt; 11) != 2; /* LR */<br>
+    }<br>
+<br>
+    return false;<br>
+}<br>
+<br>
+#endif<br>
diff --git a/linux-user/host/riscv64/host-signal.h b/linux-user/host/riscv64/host-signal.h<br>
new file mode 100644<br>
index 0000000000..6e27f725ab<br>
--- /dev/null<br>
+++ b/linux-user/host/riscv64/host-signal.h<br>
@@ -0,0 +1 @@<br>
+#include &quot;../riscv32/host-signal.h&quot;<br>
diff --git a/linux-user/host/s390/host-signal.h b/linux-user/host/s390/host-signal.h<br>
new file mode 100644<br>
index 0000000000..8d34b32b9f<br>
--- /dev/null<br>
+++ b/linux-user/host/s390/host-signal.h<br>
@@ -0,0 +1,92 @@<br>
+/*<br>
+ * host-signal.h: signal info dependent on the host architecture<br>
+ *<br>
+ * Copyright (C) 2021 Linaro Limited<br>
+ *<br>
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.<br>
+ * See the COPYING file in the top-level directory.<br>
+ */<br>
+<br>
+#ifndef S390_HOST_SIGNAL_H<br>
+#define S390_HOST_SIGNAL_H<br>
+<br>
+static inline uintptr_t host_signal_pc(ucontext_t *uc)<br>
+{<br>
+    return uc-&gt;uc_mcontext.psw.addr;<br>
+}<br>
+<br>
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)<br>
+{<br>
+    uint16_t *pinsn = (uint16_t *)host_signal_pc(uc);<br>
+<br>
+    /*<br>
+     * ??? On linux, the non-rt signal handler has 4 (!) arguments instead<br>
+     * of the normal 2 arguments.  The 4th argument contains the &quot;Translation-<br>
+     * Exception Identification for DAT Exceptions&quot; from the hardware (aka<br>
+     * &quot;int_parm_long&quot;), which does in fact contain the is_write value.<br>
+     * The rt signal handler, as far as I can tell, does not give this value<br>
+     * at all.  Not that we could get to it from here even if it were.<br>
+     * So fall back to parsing instructions.  Treat read-modify-write ones as<br>
+     * writes, which is not fully correct, but for tracking self-modifying code<br>
+     * this is better than treating them as reads.  Checking si_addr page flags<br>
+     * might be a viable improvement, albeit a racy one.<br>
+     */<br>
+    /* ??? This is not even close to complete.  */<br>
+    switch (pinsn[0] &gt;&gt; 8) {<br>
+    case 0x50: /* ST */<br>
+    case 0x42: /* STC */<br>
+    case 0x40: /* STH */<br>
+    case 0xba: /* CS */<br>
+    case 0xbb: /* CDS */<br>
+        return true;<br>
+    case 0xc4: /* RIL format insns */<br>
+        switch (pinsn[0] &amp; 0xf) {<br>
+        case 0xf: /* STRL */<br>
+        case 0xb: /* STGRL */<br>
+        case 0x7: /* STHRL */<br>
+            return true;<br>
+        }<br>
+        break;<br>
+    case 0xc8: /* SSF format insns */<br>
+        switch (pinsn[0] &amp; 0xf) {<br>
+        case 0x2: /* CSST */<br>
+            return true;<br>
+        }<br>
+        break;<br>
+    case 0xe3: /* RXY format insns */<br>
+        switch (pinsn[2] &amp; 0xff) {<br>
+        case 0x50: /* STY */<br>
+        case 0x24: /* STG */<br>
+        case 0x72: /* STCY */<br>
+        case 0x70: /* STHY */<br>
+        case 0x8e: /* STPQ */<br>
+        case 0x3f: /* STRVH */<br>
+        case 0x3e: /* STRV */<br>
+        case 0x2f: /* STRVG */<br>
+            return true;<br>
+        }<br>
+        break;<br>
+    case 0xeb: /* RSY format insns */<br>
+        switch (pinsn[2] &amp; 0xff) {<br>
+        case 0x14: /* CSY */<br>
+        case 0x30: /* CSG */<br>
+        case 0x31: /* CDSY */<br>
+        case 0x3e: /* CDSG */<br>
+        case 0xe4: /* LANG */<br>
+        case 0xe6: /* LAOG */<br>
+        case 0xe7: /* LAXG */<br>
+        case 0xe8: /* LAAG */<br>
+        case 0xea: /* LAALG */<br>
+        case 0xf4: /* LAN */<br>
+        case 0xf6: /* LAO */<br>
+        case 0xf7: /* LAX */<br>
+        case 0xfa: /* LAAL */<br>
+        case 0xf8: /* LAA */<br>
+            return true;<br>
+        }<br>
+        break;<br>
+    }<br>
+    return false;<br>
+}<br>
+<br>
+#endif<br>
diff --git a/linux-user/host/s390x/host-signal.h b/linux-user/host/s390x/host-signal.h<br>
new file mode 100644<br>
index 0000000000..0e83f9358d<br>
--- /dev/null<br>
+++ b/linux-user/host/s390x/host-signal.h<br>
@@ -0,0 +1 @@<br>
+#include &quot;../s390/host-signal.h&quot;<br>
diff --git a/linux-user/host/sparc/host-signal.h b/linux-user/host/sparc/host-signal.h<br>
new file mode 100644<br>
index 0000000000..47d3b1512e<br>
--- /dev/null<br>
+++ b/linux-user/host/sparc/host-signal.h<br>
@@ -0,0 +1,53 @@<br>
+/*<br>
+ * host-signal.h: signal info dependent on the host architecture<br>
+ *<br>
+ * Copyright (C) 2021 Linaro Limited<br>
+ *<br>
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.<br>
+ * See the COPYING file in the top-level directory.<br>
+ */<br>
+<br>
+#ifndef SPARC_HOST_SIGNAL_H<br>
+#define SPARC_HOST_SIGNAL_H<br>
+<br>
+static inline uintptr_t host_signal_pc(ucontext_t *uc)<br>
+{<br>
+#ifdef __arch64__<br>
+    return uc-&gt;uc_mcontext.mc_gregs[MC_PC];<br>
+#else<br>
+    return uc-&gt;uc_mcontext.gregs[REG_PC];<br>
+#endif<br>
+}<br>
+<br>
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)<br>
+{<br>
+    uint32_t insn = *(uint32_t *)host_signal_pc(uc);<br>
+<br>
+    if ((insn &gt;&gt; 30) == 3) {<br>
+        switch ((insn &gt;&gt; 19) &amp; 0x3f) {<br>
+        case 0x05: /* stb */<br>
+        case 0x15: /* stba */<br>
+        case 0x06: /* sth */<br>
+        case 0x16: /* stha */<br>
+        case 0x04: /* st */<br>
+        case 0x14: /* sta */<br>
+        case 0x07: /* std */<br>
+        case 0x17: /* stda */<br>
+        case 0x0e: /* stx */<br>
+        case 0x1e: /* stxa */<br>
+        case 0x24: /* stf */<br>
+        case 0x34: /* stfa */<br>
+        case 0x27: /* stdf */<br>
+        case 0x37: /* stdfa */<br>
+        case 0x26: /* stqf */<br>
+        case 0x36: /* stqfa */<br>
+        case 0x25: /* stfsr */<br>
+        case 0x3c: /* casa */<br>
+        case 0x3e: /* casxa */<br>
+            return true;<br>
+        }<br>
+    }<br>
+    return false;<br>
+}<br>
+<br>
+#endif<br>
diff --git a/linux-user/host/sparc64/host-signal.h b/linux-user/host/sparc64/host-signal.h<br>
new file mode 100644<br>
index 0000000000..1191fe2d40<br>
--- /dev/null<br>
+++ b/linux-user/host/sparc64/host-signal.h<br>
@@ -0,0 +1 @@<br>
+#include &quot;../sparc/host-signal.h&quot;<br>
diff --git a/linux-user/host/x86_64/host-signal.h b/linux-user/host/x86_64/host-signal.h<br>
new file mode 100644<br>
index 0000000000..d5fb3e4484<br>
--- /dev/null<br>
+++ b/linux-user/host/x86_64/host-signal.h<br>
@@ -0,0 +1,24 @@<br>
+/*<br>
+ * host-signal.h: signal info dependent on the host architecture<br>
+ *<br>
+ * Copyright (C) 2021 Linaro Limited<br>
+ *<br>
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.<br>
+ * See the COPYING file in the top-level directory.<br>
+ */<br>
+<br>
+#ifndef X86_64_HOST_SIGNAL_H<br>
+#define X86_64_HOST_SIGNAL_H<br>
+<br>
+static inline uintptr_t host_signal_pc(ucontext_t *uc)<br>
+{<br>
+    return uc-&gt;uc_mcontext.gregs[REG_RIP];<br>
+}<br>
+<br>
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)<br>
+{<br>
+    return uc-&gt;uc_mcontext.gregs[REG_TRAPNO] == 0xe<br>
+        &amp;&amp; (uc-&gt;uc_mcontext.gregs[REG_ERR] &amp; 0x2);<br>
+}<br>
+<br>
+#endif<br>
diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c<br>
index ad6b4f6abf..39635cbea2 100644<br>
--- a/accel/tcg/user-exec.c<br>
+++ b/accel/tcg/user-exec.c<br>
@@ -29,23 +29,8 @@<br>
 #include &quot;trace/trace-root.h&quot;<br>
 #include &quot;trace/mem.h&quot;<br>
<br>
-#undef EAX<br>
-#undef ECX<br>
-#undef EDX<br>
-#undef EBX<br>
-#undef ESP<br>
-#undef EBP<br>
-#undef ESI<br>
-#undef EDI<br>
-#undef EIP<br>
-#ifdef __linux__<br>
-#include &lt;sys/ucontext.h&gt;<br>
-#endif<br>
-<br>
 __thread uintptr_t helper_retaddr;<br>
<br>
-//#define DEBUG_SIGNAL<br>
-<br>
 /**<br>
  * adjust_signal_pc:<br>
  * @pc: raw pc from the host signal ucontext_t.<br>
@@ -154,69 +139,6 @@ bool handle_sigsegv_accerr_write(CPUState *cpu, sigset_t *old_set,<br>
     }<br>
 }<br>
<br>
-/* &#39;pc&#39; is the host PC at which the exception was raised. &#39;address&#39; is<br>
-   the effective address of the memory exception. &#39;is_write&#39; is 1 if a<br>
-   write caused the exception and otherwise 0&#39;. &#39;old_set&#39; is the<br>
-   signal set which should be restored */<br>
-static inline int handle_cpu_signal(uintptr_t pc, siginfo_t *info,<br>
-                                    int is_write, sigset_t *old_set)<br>
-{<br>
-    CPUState *cpu = current_cpu;<br>
-    CPUClass *cc;<br>
-    unsigned long address = (unsigned long)info-&gt;si_addr;<br>
-    MMUAccessType access_type;<br>
-<br>
-    if (is_write) {<br>
-        access_type = MMU_DATA_STORE;<br>
-    } else if (helper_retaddr == 1) {<br>
-        access_type = MMU_INST_FETCH;<br>
-    } else {<br>
-        access_type = MMU_DATA_LOAD;<br>
-    }<br>
-    pc = adjust_signal_pc(pc);<br>
-<br>
-    /* For synchronous signals we expect to be coming from the vCPU<br>
-     * thread (so current_cpu should be valid) and either from running<br>
-     * code or during translation which can fault as we cross pages.<br>
-     *<br>
-     * If neither is true then something has gone wrong and we should<br>
-     * abort rather than try and restart the vCPU execution.<br>
-     */<br>
-    if (!cpu || !cpu-&gt;running) {<br>
-        printf(&quot;qemu:%s received signal outside vCPU context @ pc=0x%&quot;<br>
-               PRIxPTR &quot;\n&quot;,  __func__, pc);<br>
-        abort();<br>
-    }<br>
-<br>
-#if defined(DEBUG_SIGNAL)<br>
-    printf(&quot;qemu: SIGSEGV pc=0x%08lx address=%08lx w=%d oldset=0x%08lx\n&quot;,<br>
-           pc, address, is_write, *(unsigned long *)old_set);<br>
-#endif<br>
-<br>
-    /* XXX: locking issue */<br>
-    if (is_write &amp;&amp;<br>
-        info-&gt;si_signo == SIGSEGV &amp;&amp;<br>
-        info-&gt;si_code == SEGV_ACCERR &amp;&amp;<br>
-        handle_sigsegv_accerr_write(cpu, old_set, pc, address)) {<br>
-        return 1;<br>
-    }<br>
-<br>
-    /* Convert forcefully to guest address space, invalid addresses<br>
-       are still valid segv ones */<br>
-    address = h2g_nocheck(address);<br>
-<br>
-    /*<br>
-     * There is no way the target can handle this other than raising<br>
-     * an exception.  Undo signal and retaddr state prior to longjmp.<br>
-     */<br>
-    sigprocmask(SIG_SETMASK, old_set, NULL);<br>
-<br>
-    cc = CPU_GET_CLASS(cpu);<br>
-    cc-&gt;tcg_ops-&gt;tlb_fill(cpu, address, 0, access_type,<br>
-                          MMU_USER_IDX, false, pc);<br>
-    g_assert_not_reached();<br>
-}<br>
-<br>
 static int probe_access_internal(CPUArchState *env, target_ulong addr,<br>
                                  int fault_size, MMUAccessType access_type,<br>
                                  bool nonfault, uintptr_t ra)<br>
@@ -275,640 +197,6 @@ void *probe_access(CPUArchState *env, target_ulong addr, int size,<br>
     return size ? g2h(env_cpu(env), addr) : NULL;<br>
 }<br>
<br>
-#if defined(__i386__)<br>
-<br>
-#if defined(__NetBSD__)<br>
-#include &lt;ucontext.h&gt;<br>
-#include &lt;machine/trap.h&gt;<br>
-<br>
-#define EIP_sig(context)     ((context)-&gt;uc_mcontext.__gregs[_REG_EIP])<br>
-#define TRAP_sig(context)    ((context)-&gt;uc_mcontext.__gregs[_REG_TRAPNO])<br>
-#define ERROR_sig(context)   ((context)-&gt;uc_mcontext.__gregs[_REG_ERR])<br>
-#define MASK_sig(context)    ((context)-&gt;uc_sigmask)<br>
-#define PAGE_FAULT_TRAP      T_PAGEFLT<br>
-#elif defined(__FreeBSD__) || defined(__DragonFly__)<br>
-#include &lt;ucontext.h&gt;<br>
-#include &lt;machine/trap.h&gt;<br>
-<br>
-#define EIP_sig(context)  (*((unsigned long *)&amp;(context)-&gt;uc_mcontext.mc_eip))<br>
-#define TRAP_sig(context)    ((context)-&gt;uc_mcontext.mc_trapno)<br>
-#define ERROR_sig(context)   ((context)-&gt;uc_mcontext.mc_err)<br>
-#define MASK_sig(context)    ((context)-&gt;uc_sigmask)<br>
-#define PAGE_FAULT_TRAP      T_PAGEFLT<br>
-#elif defined(__OpenBSD__)<br>
-#include &lt;machine/trap.h&gt;<br>
-#define EIP_sig(context)     ((context)-&gt;sc_eip)<br>
-#define TRAP_sig(context)    ((context)-&gt;sc_trapno)<br>
-#define ERROR_sig(context)   ((context)-&gt;sc_err)<br>
-#define MASK_sig(context)    ((context)-&gt;sc_mask)<br>
-#define PAGE_FAULT_TRAP      T_PAGEFLT<br>
-#else<br>
-#define EIP_sig(context)     ((context)-&gt;uc_mcontext.gregs[REG_EIP])<br>
-#define TRAP_sig(context)    ((context)-&gt;uc_mcontext.gregs[REG_TRAPNO])<br>
-#define ERROR_sig(context)   ((context)-&gt;uc_mcontext.gregs[REG_ERR])<br>
-#define MASK_sig(context)    ((context)-&gt;uc_sigmask)<br>
-#define PAGE_FAULT_TRAP      0xe<br>
-#endif<br>
-<br>
-int cpu_signal_handler(int host_signum, void *pinfo,<br>
-                       void *puc)<br>
-{<br>
-    siginfo_t *info = pinfo;<br>
-#if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__DragonFly__)<br>
-    ucontext_t *uc = puc;<br>
-#elif defined(__OpenBSD__)<br>
-    struct sigcontext *uc = puc;<br>
-#else<br>
-    ucontext_t *uc = puc;<br>
-#endif<br>
-    unsigned long pc;<br>
-    int trapno;<br>
-<br>
-#ifndef REG_EIP<br>
-/* for glibc 2.1 */<br>
-#define REG_EIP    EIP<br>
-#define REG_ERR    ERR<br>
-#define REG_TRAPNO TRAPNO<br>
-#endif<br>
-    pc = EIP_sig(uc);<br>
-    trapno = TRAP_sig(uc);<br>
-    return handle_cpu_signal(pc, info,<br>
-                             trapno == PAGE_FAULT_TRAP ?<br>
-                             (ERROR_sig(uc) &gt;&gt; 1) &amp; 1 : 0,<br>
-                             &amp;MASK_sig(uc));<br>
-}<br>
-<br>
-#elif defined(__x86_64__)<br>
-<br>
-#ifdef __NetBSD__<br>
-#include &lt;machine/trap.h&gt;<br>
-#define PC_sig(context)       _UC_MACHINE_PC(context)<br>
-#define TRAP_sig(context)     ((context)-&gt;uc_mcontext.__gregs[_REG_TRAPNO])<br>
-#define ERROR_sig(context)    ((context)-&gt;uc_mcontext.__gregs[_REG_ERR])<br>
-#define MASK_sig(context)     ((context)-&gt;uc_sigmask)<br>
-#define PAGE_FAULT_TRAP       T_PAGEFLT<br>
-#elif defined(__OpenBSD__)<br>
-#include &lt;machine/trap.h&gt;<br>
-#define PC_sig(context)       ((context)-&gt;sc_rip)<br>
-#define TRAP_sig(context)     ((context)-&gt;sc_trapno)<br>
-#define ERROR_sig(context)    ((context)-&gt;sc_err)<br>
-#define MASK_sig(context)     ((context)-&gt;sc_mask)<br>
-#define PAGE_FAULT_TRAP       T_PAGEFLT<br>
-#elif defined(__FreeBSD__) || defined(__DragonFly__)<br>
-#include &lt;ucontext.h&gt;<br>
-#include &lt;machine/trap.h&gt;<br>
-<br>
-#define PC_sig(context)  (*((unsigned long *)&amp;(context)-&gt;uc_mcontext.mc_rip))<br>
-#define TRAP_sig(context)     ((context)-&gt;uc_mcontext.mc_trapno)<br>
-#define ERROR_sig(context)    ((context)-&gt;uc_mcontext.mc_err)<br>
-#define MASK_sig(context)     ((context)-&gt;uc_sigmask)<br>
-#define PAGE_FAULT_TRAP       T_PAGEFLT<br>
-#else<br>
-#define PC_sig(context)       ((context)-&gt;uc_mcontext.gregs[REG_RIP])<br>
-#define TRAP_sig(context)     ((context)-&gt;uc_mcontext.gregs[REG_TRAPNO])<br>
-#define ERROR_sig(context)    ((context)-&gt;uc_mcontext.gregs[REG_ERR])<br>
-#define MASK_sig(context)     ((context)-&gt;uc_sigmask)<br>
-#define PAGE_FAULT_TRAP       0xe<br>
-#endif<br>
-<br>
-int cpu_signal_handler(int host_signum, void *pinfo,<br>
-                       void *puc)<br>
-{<br>
-    siginfo_t *info = pinfo;<br>
-    unsigned long pc;<br>
-#if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__DragonFly__)<br>
-    ucontext_t *uc = puc;<br>
-#elif defined(__OpenBSD__)<br>
-    struct sigcontext *uc = puc;<br>
-#else<br>
-    ucontext_t *uc = puc;<br>
-#endif<br>
-<br>
-    pc = PC_sig(uc);<br>
-    return handle_cpu_signal(pc, info,<br>
-                             TRAP_sig(uc) == PAGE_FAULT_TRAP ?<br>
-                             (ERROR_sig(uc) &gt;&gt; 1) &amp; 1 : 0,<br>
-                             &amp;MASK_sig(uc));<br>
-}<br>
-<br>
-#elif defined(_ARCH_PPC)<br>
-<br>
-/***********************************************************************<br>
- * signal context platform-specific definitions<br>
- * From Wine<br>
- */<br>
-#ifdef linux<br>
-/* All Registers access - only for local access */<br>
-#define REG_sig(reg_name, context)              \<br>
-    ((context)-&gt;uc_mcontext.regs-&gt;reg_name)<br>
-/* Gpr Registers access  */<br>
-#define GPR_sig(reg_num, context)              REG_sig(gpr[reg_num], context)<br>
-/* Program counter */<br>
-#define IAR_sig(context)                       REG_sig(nip, context)<br>
-/* Machine State Register (Supervisor) */<br>
-#define MSR_sig(context)                       REG_sig(msr, context)<br>
-/* Count register */<br>
-#define CTR_sig(context)                       REG_sig(ctr, context)<br>
-/* User&#39;s integer exception register */<br>
-#define XER_sig(context)                       REG_sig(xer, context)<br>
-/* Link register */<br>
-#define LR_sig(context)                        REG_sig(link, context)<br>
-/* Condition register */<br>
-#define CR_sig(context)                        REG_sig(ccr, context)<br>
-<br>
-/* Float Registers access  */<br>
-#define FLOAT_sig(reg_num, context)                                     \<br>
-    (((double *)((char *)((context)-&gt;uc_mcontext.regs + 48 * 4)))[reg_num])<br>
-#define FPSCR_sig(context) \<br>
-    (*(int *)((char *)((context)-&gt;uc_mcontext.regs + (48 + 32 * 2) * 4)))<br>
-/* Exception Registers access */<br>
-#define DAR_sig(context)                       REG_sig(dar, context)<br>
-#define DSISR_sig(context)                     REG_sig(dsisr, context)<br>
-#define TRAP_sig(context)                      REG_sig(trap, context)<br>
-#endif /* linux */<br>
-<br>
-#if defined(__FreeBSD__) || defined(__FreeBSD_kernel__)<br>
-#include &lt;ucontext.h&gt;<br>
-#define IAR_sig(context)               ((context)-&gt;uc_mcontext.mc_srr0)<br>
-#define MSR_sig(context)               ((context)-&gt;uc_mcontext.mc_srr1)<br>
-#define CTR_sig(context)               ((context)-&gt;uc_mcontext.mc_ctr)<br>
-#define XER_sig(context)               ((context)-&gt;uc_mcontext.mc_xer)<br>
-#define LR_sig(context)                ((context)-&gt;uc_mcontext.mc_lr)<br>
-#define CR_sig(context)                ((context)-&gt;uc_mcontext.mc_cr)<br>
-/* Exception Registers access */<br>
-#define DAR_sig(context)               ((context)-&gt;uc_mcontext.mc_dar)<br>
-#define DSISR_sig(context)             ((context)-&gt;uc_mcontext.mc_dsisr)<br>
-#define TRAP_sig(context)              ((context)-&gt;uc_mcontext.mc_exc)<br>
-#endif /* __FreeBSD__|| __FreeBSD_kernel__ */<br>
-<br>
-int cpu_signal_handler(int host_signum, void *pinfo,<br>
-                       void *puc)<br>
-{<br>
-    siginfo_t *info = pinfo;<br>
-#if defined(__FreeBSD__) || defined(__FreeBSD_kernel__)<br>
-    ucontext_t *uc = puc;<br>
-#else<br>
-    ucontext_t *uc = puc;<br>
-#endif<br>
-    unsigned long pc;<br>
-    int is_write;<br>
-<br>
-    pc = IAR_sig(uc);<br>
-    is_write = 0;<br>
-#if 0<br>
-    /* ppc 4xx case */<br>
-    if (DSISR_sig(uc) &amp; 0x00800000) {<br>
-        is_write = 1;<br>
-    }<br>
-#else<br>
-    if (TRAP_sig(uc) != 0x400 &amp;&amp; (DSISR_sig(uc) &amp; 0x02000000)) {<br>
-        is_write = 1;<br>
-    }<br>
-#endif<br>
-    return handle_cpu_signal(pc, info, is_write, &amp;uc-&gt;uc_sigmask);<br>
-}<br>
-<br>
-#elif defined(__alpha__)<br>
-<br>
-int cpu_signal_handler(int host_signum, void *pinfo,<br>
-                           void *puc)<br>
-{<br>
-    siginfo_t *info = pinfo;<br>
-    ucontext_t *uc = puc;<br>
-    uint32_t *pc = uc-&gt;uc_mcontext.sc_pc;<br>
-    uint32_t insn = *pc;<br>
-    int is_write = 0;<br>
-<br>
-    /* XXX: need kernel patch to get write flag faster */<br>
-    switch (insn &gt;&gt; 26) {<br>
-    case 0x0d: /* stw */<br>
-    case 0x0e: /* stb */<br>
-    case 0x0f: /* stq_u */<br>
-    case 0x24: /* stf */<br>
-    case 0x25: /* stg */<br>
-    case 0x26: /* sts */<br>
-    case 0x27: /* stt */<br>
-    case 0x2c: /* stl */<br>
-    case 0x2d: /* stq */<br>
-    case 0x2e: /* stl_c */<br>
-    case 0x2f: /* stq_c */<br>
-        is_write = 1;<br>
-    }<br>
-<br>
-    return handle_cpu_signal(pc, info, is_write, &amp;uc-&gt;uc_sigmask);<br>
-}<br>
-#elif defined(__sparc__)<br>
-<br>
-int cpu_signal_handler(int host_signum, void *pinfo,<br>
-                       void *puc)<br>
-{<br>
-    siginfo_t *info = pinfo;<br>
-    int is_write;<br>
-    uint32_t insn;<br>
-#if !defined(__arch64__) || defined(CONFIG_SOLARIS)<br>
-    uint32_t *regs = (uint32_t *)(info + 1);<br>
-    void *sigmask = (regs + 20);<br>
-    /* XXX: is there a standard glibc define ? */<br>
-    unsigned long pc = regs[1];<br>
-#else<br>
-#ifdef __linux__<br>
-    struct sigcontext *sc = puc;<br>
-    unsigned long pc = sc-&gt;sigc_regs.tpc;<br>
-    void *sigmask = (void *)sc-&gt;sigc_mask;<br>
-#elif defined(__OpenBSD__)<br>
-    struct sigcontext *uc = puc;<br>
-    unsigned long pc = uc-&gt;sc_pc;<br>
-    void *sigmask = (void *)(long)uc-&gt;sc_mask;<br>
-#elif defined(__NetBSD__)<br>
-    ucontext_t *uc = puc;<br>
-    unsigned long pc = _UC_MACHINE_PC(uc);<br>
-    void *sigmask = (void *)&amp;uc-&gt;uc_sigmask;<br>
-#endif<br>
-#endif<br>
-<br>
-    /* XXX: need kernel patch to get write flag faster */<br>
-    is_write = 0;<br>
-    insn = *(uint32_t *)pc;<br>
-    if ((insn &gt;&gt; 30) == 3) {<br>
-        switch ((insn &gt;&gt; 19) &amp; 0x3f) {<br>
-        case 0x05: /* stb */<br>
-        case 0x15: /* stba */<br>
-        case 0x06: /* sth */<br>
-        case 0x16: /* stha */<br>
-        case 0x04: /* st */<br>
-        case 0x14: /* sta */<br>
-        case 0x07: /* std */<br>
-        case 0x17: /* stda */<br>
-        case 0x0e: /* stx */<br>
-        case 0x1e: /* stxa */<br>
-        case 0x24: /* stf */<br>
-        case 0x34: /* stfa */<br>
-        case 0x27: /* stdf */<br>
-        case 0x37: /* stdfa */<br>
-        case 0x26: /* stqf */<br>
-        case 0x36: /* stqfa */<br>
-        case 0x25: /* stfsr */<br>
-        case 0x3c: /* casa */<br>
-        case 0x3e: /* casxa */<br>
-            is_write = 1;<br>
-            break;<br>
-        }<br>
-    }<br>
-    return handle_cpu_signal(pc, info, is_write, sigmask);<br>
-}<br>
-<br>
-#elif defined(__arm__)<br>
-<br>
-#if defined(__NetBSD__)<br>
-#include &lt;ucontext.h&gt;<br>
-#include &lt;sys/siginfo.h&gt;<br>
-#endif<br>
-<br>
-int cpu_signal_handler(int host_signum, void *pinfo,<br>
-                       void *puc)<br>
-{<br>
-    siginfo_t *info = pinfo;<br>
-#if defined(__NetBSD__)<br>
-    ucontext_t *uc = puc;<br>
-    siginfo_t *si = pinfo;<br>
-#else<br>
-    ucontext_t *uc = puc;<br>
-#endif<br>
-    unsigned long pc;<br>
-    uint32_t fsr;<br>
-    int is_write;<br>
-<br>
-#if defined(__NetBSD__)<br>
-    pc = uc-&gt;uc_mcontext.__gregs[_REG_R15];<br>
-#elif defined(__GLIBC__) &amp;&amp; (__GLIBC__ &lt; 2 || (__GLIBC__ == 2 &amp;&amp; __GLIBC_MINOR__ &lt;= 3))<br>
-    pc = uc-&gt;uc_mcontext.gregs[R15];<br>
-#else<br>
-    pc = uc-&gt;uc_mcontext.arm_pc;<br>
-#endif<br>
-<br>
-#ifdef __NetBSD__<br>
-    fsr = si-&gt;si_trap;<br>
-#else<br>
-    fsr = uc-&gt;uc_mcontext.error_code;<br>
-#endif<br>
-    /*<br>
-     * In the FSR, bit 11 is WnR, assuming a v6 or<br>
-     * later processor.  On v5 we will always report<br>
-     * this as a read, which will fail later.<br>
-     */<br>
-    is_write = extract32(fsr, 11, 1);<br>
-    return handle_cpu_signal(pc, info, is_write, &amp;uc-&gt;uc_sigmask);<br>
-}<br>
-<br>
-#elif defined(__aarch64__)<br>
-<br>
-#if defined(__NetBSD__)<br>
-<br>
-#include &lt;ucontext.h&gt;<br>
-#include &lt;sys/siginfo.h&gt;<br>
-<br>
-int cpu_signal_handler(int host_signum, void *pinfo, void *puc)<br>
-{<br>
-    ucontext_t *uc = puc;<br>
-    siginfo_t *si = pinfo;<br>
-    unsigned long pc;<br>
-    int is_write;<br>
-    uint32_t esr;<br>
-<br>
-    pc = uc-&gt;uc_mcontext.__gregs[_REG_PC];<br>
-    esr = si-&gt;si_trap;<br>
-<br>
-    /*<br>
-     * siginfo_t::si_trap is the ESR value, for data aborts <a href="http://ESR.EC" rel="noreferrer" target="_blank">ESR.EC</a><br>
-     * is 0b10010x: then bit 6 is the WnR bit<br>
-     */<br>
-    is_write = extract32(esr, 27, 5) == 0x12 &amp;&amp; extract32(esr, 6, 1) == 1;<br>
-    return handle_cpu_signal(pc, si, is_write, &amp;uc-&gt;uc_sigmask);<br>
-}<br>
-<br>
-#else<br>
-<br>
-#ifndef ESR_MAGIC<br>
-/* Pre-3.16 kernel headers don&#39;t have these, so provide fallback definitions */<br>
-#define ESR_MAGIC 0x45535201<br>
-struct esr_context {<br>
-    struct _aarch64_ctx head;<br>
-    uint64_t esr;<br>
-};<br>
-#endif<br>
-<br>
-static inline struct _aarch64_ctx *first_ctx(ucontext_t *uc)<br>
-{<br>
-    return (struct _aarch64_ctx *)&amp;uc-&gt;uc_mcontext.__reserved;<br>
-}<br>
-<br>
-static inline struct _aarch64_ctx *next_ctx(struct _aarch64_ctx *hdr)<br>
-{<br>
-    return (struct _aarch64_ctx *)((char *)hdr + hdr-&gt;size);<br>
-}<br>
-<br>
-int cpu_signal_handler(int host_signum, void *pinfo, void *puc)<br>
-{<br>
-    siginfo_t *info = pinfo;<br>
-    ucontext_t *uc = puc;<br>
-    uintptr_t pc = uc-&gt;uc_mcontext.pc;<br>
-    bool is_write;<br>
-    struct _aarch64_ctx *hdr;<br>
-    struct esr_context const *esrctx = NULL;<br>
-<br>
-    /* Find the esr_context, which has the WnR bit in it */<br>
-    for (hdr = first_ctx(uc); hdr-&gt;magic; hdr = next_ctx(hdr)) {<br>
-        if (hdr-&gt;magic == ESR_MAGIC) {<br>
-            esrctx = (struct esr_context const *)hdr;<br>
-            break;<br>
-        }<br>
-    }<br>
-<br>
-    if (esrctx) {<br>
-        /* For data aborts <a href="http://ESR.EC" rel="noreferrer" target="_blank">ESR.EC</a> is 0b10010x: then bit 6 is the WnR bit */<br>
-        uint64_t esr = esrctx-&gt;esr;<br>
-        is_write = extract32(esr, 27, 5) == 0x12 &amp;&amp; extract32(esr, 6, 1) == 1;<br>
-    } else {<br>
-        /*<br>
-         * Fall back to parsing instructions; will only be needed<br>
-         * for really ancient (pre-3.16) kernels.<br>
-         */<br>
-        uint32_t insn = *(uint32_t *)pc;<br>
-<br>
-        is_write = ((insn &amp; 0xbfff0000) == 0x0c000000   /* C3.3.1 */<br>
-                    || (insn &amp; 0xbfe00000) == 0x0c800000   /* C3.3.2 */<br>
-                    || (insn &amp; 0xbfdf0000) == 0x0d000000   /* C3.3.3 */<br>
-                    || (insn &amp; 0xbfc00000) == 0x0d800000   /* C3.3.4 */<br>
-                    || (insn &amp; 0x3f400000) == 0x08000000   /* C3.3.6 */<br>
-                    || (insn &amp; 0x3bc00000) == 0x39000000   /* C3.3.13 */<br>
-                    || (insn &amp; 0x3fc00000) == 0x3d800000   /* ... 128bit */<br>
-                    /* Ignore bits 10, 11 &amp; 21, controlling indexing.  */<br>
-                    || (insn &amp; 0x3bc00000) == 0x38000000   /* C3.3.8-12 */<br>
-                    || (insn &amp; 0x3fe00000) == 0x3c800000   /* ... 128bit */<br>
-                    /* Ignore bits 23 &amp; 24, controlling indexing.  */<br>
-                    || (insn &amp; 0x3a400000) == 0x28000000); /* C3.3.7,14-16 */<br>
-    }<br>
-    return handle_cpu_signal(pc, info, is_write, &amp;uc-&gt;uc_sigmask);<br>
-}<br>
-#endif<br>
-<br>
-#elif defined(__s390__)<br>
-<br>
-int cpu_signal_handler(int host_signum, void *pinfo,<br>
-                       void *puc)<br>
-{<br>
-    siginfo_t *info = pinfo;<br>
-    ucontext_t *uc = puc;<br>
-    unsigned long pc;<br>
-    uint16_t *pinsn;<br>
-    int is_write = 0;<br>
-<br>
-    pc = uc-&gt;uc_mcontext.psw.addr;<br>
-<br>
-    /*<br>
-     * ??? On linux, the non-rt signal handler has 4 (!) arguments instead<br>
-     * of the normal 2 arguments.  The 4th argument contains the &quot;Translation-<br>
-     * Exception Identification for DAT Exceptions&quot; from the hardware (aka<br>
-     * &quot;int_parm_long&quot;), which does in fact contain the is_write value.<br>
-     * The rt signal handler, as far as I can tell, does not give this value<br>
-     * at all.  Not that we could get to it from here even if it were.<br>
-     * So fall back to parsing instructions.  Treat read-modify-write ones as<br>
-     * writes, which is not fully correct, but for tracking self-modifying code<br>
-     * this is better than treating them as reads.  Checking si_addr page flags<br>
-     * might be a viable improvement, albeit a racy one.<br>
-     */<br>
-    /* ??? This is not even close to complete.  */<br>
-    pinsn = (uint16_t *)pc;<br>
-    switch (pinsn[0] &gt;&gt; 8) {<br>
-    case 0x50: /* ST */<br>
-    case 0x42: /* STC */<br>
-    case 0x40: /* STH */<br>
-    case 0xba: /* CS */<br>
-    case 0xbb: /* CDS */<br>
-        is_write = 1;<br>
-        break;<br>
-    case 0xc4: /* RIL format insns */<br>
-        switch (pinsn[0] &amp; 0xf) {<br>
-        case 0xf: /* STRL */<br>
-        case 0xb: /* STGRL */<br>
-        case 0x7: /* STHRL */<br>
-            is_write = 1;<br>
-        }<br>
-        break;<br>
-    case 0xc8: /* SSF format insns */<br>
-        switch (pinsn[0] &amp; 0xf) {<br>
-        case 0x2: /* CSST */<br>
-            is_write = 1;<br>
-        }<br>
-        break;<br>
-    case 0xe3: /* RXY format insns */<br>
-        switch (pinsn[2] &amp; 0xff) {<br>
-        case 0x50: /* STY */<br>
-        case 0x24: /* STG */<br>
-        case 0x72: /* STCY */<br>
-        case 0x70: /* STHY */<br>
-        case 0x8e: /* STPQ */<br>
-        case 0x3f: /* STRVH */<br>
-        case 0x3e: /* STRV */<br>
-        case 0x2f: /* STRVG */<br>
-            is_write = 1;<br>
-        }<br>
-        break;<br>
-    case 0xeb: /* RSY format insns */<br>
-        switch (pinsn[2] &amp; 0xff) {<br>
-        case 0x14: /* CSY */<br>
-        case 0x30: /* CSG */<br>
-        case 0x31: /* CDSY */<br>
-        case 0x3e: /* CDSG */<br>
-        case 0xe4: /* LANG */<br>
-        case 0xe6: /* LAOG */<br>
-        case 0xe7: /* LAXG */<br>
-        case 0xe8: /* LAAG */<br>
-        case 0xea: /* LAALG */<br>
-        case 0xf4: /* LAN */<br>
-        case 0xf6: /* LAO */<br>
-        case 0xf7: /* LAX */<br>
-        case 0xfa: /* LAAL */<br>
-        case 0xf8: /* LAA */<br>
-            is_write = 1;<br>
-        }<br>
-        break;<br>
-    }<br>
-<br>
-    return handle_cpu_signal(pc, info, is_write, &amp;uc-&gt;uc_sigmask);<br>
-}<br>
-<br>
-#elif defined(__mips__)<br>
-<br>
-#if defined(__misp16) || defined(__mips_micromips)<br>
-#error &quot;Unsupported encoding&quot;<br>
-#endif<br>
-<br>
-int cpu_signal_handler(int host_signum, void *pinfo,<br>
-                       void *puc)<br>
-{<br>
-    siginfo_t *info = pinfo;<br>
-    ucontext_t *uc = puc;<br>
-    uintptr_t pc = uc-&gt;uc_mcontext.pc;<br>
-    uint32_t insn = *(uint32_t *)pc;<br>
-    int is_write = 0;<br>
-<br>
-    /* Detect all store instructions at program counter. */<br>
-    switch((insn &gt;&gt; 26) &amp; 077) {<br>
-    case 050: /* SB */<br>
-    case 051: /* SH */<br>
-    case 052: /* SWL */<br>
-    case 053: /* SW */<br>
-    case 054: /* SDL */<br>
-    case 055: /* SDR */<br>
-    case 056: /* SWR */<br>
-    case 070: /* SC */<br>
-    case 071: /* SWC1 */<br>
-    case 074: /* SCD */<br>
-    case 075: /* SDC1 */<br>
-    case 077: /* SD */<br>
-#if !defined(__mips_isa_rev) || __mips_isa_rev &lt; 6<br>
-    case 072: /* SWC2 */<br>
-    case 076: /* SDC2 */<br>
-#endif<br>
-        is_write = 1;<br>
-        break;<br>
-    case 023: /* COP1X */<br>
-        /* Required in all versions of MIPS64 since<br>
-           MIPS64r1 and subsequent versions of MIPS32r2. */<br>
-        switch (insn &amp; 077) {<br>
-        case 010: /* SWXC1 */<br>
-        case 011: /* SDXC1 */<br>
-        case 015: /* SUXC1 */<br>
-            is_write = 1;<br>
-        }<br>
-        break;<br>
-    }<br>
-<br>
-    return handle_cpu_signal(pc, info, is_write, &amp;uc-&gt;uc_sigmask);<br>
-}<br>
-<br>
-#elif defined(__riscv)<br>
-<br>
-int cpu_signal_handler(int host_signum, void *pinfo,<br>
-                       void *puc)<br>
-{<br>
-    siginfo_t *info = pinfo;<br>
-    ucontext_t *uc = puc;<br>
-    greg_t pc = uc-&gt;uc_mcontext.__gregs[REG_PC];<br>
-    uint32_t insn = *(uint32_t *)pc;<br>
-    int is_write = 0;<br>
-<br>
-    /* Detect store by reading the instruction at the program<br>
-       counter. Note: we currently only generate 32-bit<br>
-       instructions so we thus only detect 32-bit stores */<br>
-    switch (((insn &gt;&gt; 0) &amp; 0b11)) {<br>
-    case 3:<br>
-        switch (((insn &gt;&gt; 2) &amp; 0b11111)) {<br>
-        case 8:<br>
-            switch (((insn &gt;&gt; 12) &amp; 0b111)) {<br>
-            case 0: /* sb */<br>
-            case 1: /* sh */<br>
-            case 2: /* sw */<br>
-            case 3: /* sd */<br>
-            case 4: /* sq */<br>
-                is_write = 1;<br>
-                break;<br>
-            default:<br>
-                break;<br>
-            }<br>
-            break;<br>
-        case 9:<br>
-            switch (((insn &gt;&gt; 12) &amp; 0b111)) {<br>
-            case 2: /* fsw */<br>
-            case 3: /* fsd */<br>
-            case 4: /* fsq */<br>
-                is_write = 1;<br>
-                break;<br>
-            default:<br>
-                break;<br>
-            }<br>
-            break;<br>
-        default:<br>
-            break;<br>
-        }<br>
-    }<br>
-<br>
-    /* Check for compressed instructions */<br>
-    switch (((insn &gt;&gt; 13) &amp; 0b111)) {<br>
-    case 7:<br>
-        switch (insn &amp; 0b11) {<br>
-        case 0: /*<a href="http://c.sd" rel="noreferrer" target="_blank">c.sd</a> */<br>
-        case 2: /* c.sdsp */<br>
-            is_write = 1;<br>
-            break;<br>
-        default:<br>
-            break;<br>
-        }<br>
-        break;<br>
-    case 6:<br>
-        switch (insn &amp; 0b11) {<br>
-        case 0: /* c.sw */<br>
-        case 3: /* c.swsp */<br>
-            is_write = 1;<br>
-            break;<br>
-        default:<br>
-            break;<br>
-        }<br>
-        break;<br>
-    default:<br>
-        break;<br>
-    }<br>
-<br>
-    return handle_cpu_signal(pc, info, is_write, &amp;uc-&gt;uc_sigmask);<br>
-}<br>
-<br>
-#else<br>
-<br>
-#error host CPU specific signal handler needed<br>
-<br>
-#endif<br>
-<br>
 /* The softmmu versions of these helpers are in cputlb.c.  */<br>
<br>
 uint32_t cpu_ldub_data(CPUArchState *env, abi_ptr ptr)<br>
diff --git a/linux-user/signal.c b/linux-user/signal.c<br>
index 73c0f9066b..509dad7850 100644<br>
--- a/linux-user/signal.c<br>
+++ b/linux-user/signal.c<br>
@@ -24,6 +24,7 @@<br>
 #include &quot;qemu.h&quot;<br>
 #include &quot;trace.h&quot;<br>
 #include &quot;signal-common.h&quot;<br>
+#include &quot;host-signal.h&quot;<br>
<br>
 static struct target_sigaction sigact_table[TARGET_NSIG];<br>
<br>
@@ -753,59 +754,85 @@ static inline void rewind_if_in_safe_syscall(void *puc)<br>
 }<br>
 #endif<br>
<br>
-static void host_signal_handler(int host_signum, siginfo_t *info,<br>
-                                void *puc)<br>
+static void host_signal_handler(int host_sig, siginfo_t *info, void *puc)<br>
 {<br>
     CPUArchState *env = thread_cpu-&gt;env_ptr;<br>
     CPUState *cpu = env_cpu(env);<br>
     TaskState *ts = cpu-&gt;opaque;<br>
-<br>
-    int sig;<br>
+    bool sync_sig = false;<br>
     target_siginfo_t tinfo;<br>
     ucontext_t *uc = puc;<br>
     struct emulated_sigtable *k;<br>
+    uintptr_t pc = 0;<br>
+    int guest_sig;<br>
<br>
-    /* the CPU emulator uses some host signals to detect exceptions,<br>
-       we forward to it some signals */<br>
-    if ((host_signum == SIGSEGV || host_signum == SIGBUS)<br>
-        &amp;&amp; info-&gt;si_code &gt; 0) {<br>
-        if (cpu_signal_handler(host_signum, info, puc))<br>
+    /*<br>
+     * Non-spoofed SIGSEGV and SIGBUS are synchronous, and need special<br>
+     * handling wrt signal blocking and unwinding.  SIGSEGV may need to<br>
+     * remove write-protection and restart the instruction.<br>
+     */<br>
+    if ((host_sig == SIGSEGV || host_sig == SIGBUS) &amp;&amp; info-&gt;si_code &gt; 0) {<br>
+        pc = adjust_signal_pc(host_signal_pc(uc));<br>
+        if (host_sig == SIGSEGV &amp;&amp;<br>
+            info-&gt;si_code == SEGV_ACCERR &amp;&amp;<br>
+            host_sigsegv_write(info, uc) &amp;&amp;<br>
+            handle_sigsegv_accerr_write(cpu, &amp;uc-&gt;uc_sigmask, pc,<br>
+                                        (uintptr_t)info-&gt;si_addr)) {<br>
             return;<br>
+        }<br>
+        sync_sig = true;<br>
+    } else {<br>
+        rewind_if_in_safe_syscall(puc);<br>
+<br>
+        /*<br>
+         * Block host signals until target signal handler entered.<br>
+         * We can&#39;t block SIGSEGV or SIGBUS while we&#39;re executing<br>
+         * guest code in case the guest code provokes one in the<br>
+         * window between now and it getting out to the main loop.<br>
+         * Signals will be unblocked again in process_pending_signals().<br>
+         *<br>
+         * WARNING: we cannot use sigfillset() here because the uc_sigmask<br>
+         * field is a kernel sigset_t, which is much smaller than the<br>
+         * libc sigset_t which sigfillset() operates on. Using sigfillset()<br>
+         * would write 0xff bytes off the end of the structure and trash<br>
+         * data on the struct.<br>
+         * We can&#39;t use sizeof(uc-&gt;uc_sigmask) either, because the libc<br>
+         * headers define the struct field with the wrong (too large) type.<br>
+         */<br>
+        memset(&amp;uc-&gt;uc_sigmask, 0xff, SIGSET_T_SIZE);<br>
+        sigdelset(&amp;uc-&gt;uc_sigmask, SIGSEGV);<br>
+        sigdelset(&amp;uc-&gt;uc_sigmask, SIGBUS);<br>
     }<br>
<br>
     /* get target signal number */<br>
-    sig = host_to_target_signal(host_signum);<br>
-    if (sig &lt; 1 || sig &gt; TARGET_NSIG)<br>
+    guest_sig = host_to_target_signal(host_sig);<br>
+    if (guest_sig &lt; 1 || guest_sig &gt; TARGET_NSIG) {<br>
         return;<br>
-    trace_user_host_signal(env, host_signum, sig);<br>
-<br>
-    rewind_if_in_safe_syscall(puc);<br>
+    }<br>
+    trace_user_host_signal(env, host_sig, guest_sig);<br>
<br>
     host_to_target_siginfo_noswap(&amp;tinfo, info);<br>
-    k = &amp;ts-&gt;sigtab[sig - 1];<br>
+    k = &amp;ts-&gt;sigtab[guest_sig - 1];<br>
     k-&gt;info = tinfo;<br>
-    k-&gt;pending = sig;<br>
+    k-&gt;pending = guest_sig;<br>
     ts-&gt;signal_pending = 1;<br>
<br>
-    /* Block host signals until target signal handler entered. We<br>
-     * can&#39;t block SIGSEGV or SIGBUS while we&#39;re executing guest<br>
-     * code in case the guest code provokes one in the window between<br>
-     * now and it getting out to the main loop. Signals will be<br>
-     * unblocked again in process_pending_signals().<br>
-     *<br>
-     * WARNING: we cannot use sigfillset() here because the uc_sigmask<br>
-     * field is a kernel sigset_t, which is much smaller than the<br>
-     * libc sigset_t which sigfillset() operates on. Using sigfillset()<br>
-     * would write 0xff bytes off the end of the structure and trash<br>
-     * data on the struct.<br>
-     * We can&#39;t use sizeof(uc-&gt;uc_sigmask) either, because the libc<br>
-     * headers define the struct field with the wrong (too large) type.<br>
+    /*<br>
+     * For synchronous signals, unwind the cpu state to the faulting<br>
+     * insn and then exit back to the main loop so that the signal<br>
+     * is delivered immediately.<br>
      */<br>
-    memset(&amp;uc-&gt;uc_sigmask, 0xff, SIGSET_T_SIZE);<br>
-    sigdelset(&amp;uc-&gt;uc_sigmask, SIGSEGV);<br>
-    sigdelset(&amp;uc-&gt;uc_sigmask, SIGBUS);<br>
+    if (sync_sig) {<br>
+        clear_helper_retaddr();<br>
+        sigprocmask(SIG_SETMASK, &amp;uc-&gt;uc_sigmask, NULL);<br>
+        cpu-&gt;exception_index = EXCP_INTERRUPT;<br>
+        cpu_loop_exit_restore(cpu, pc);<br>
+    }<br>
<br>
-    /* interrupt the virtual CPU as soon as possible */<br>
+    /*<br>
+     * Interrupt the virtual CPU as soon as possible, but for now<br>
+     * return to continue with the current TB.<br>
+     */<br>
     cpu_exit(thread_cpu);<br>
 }<br>
<br>
-- <br>
2.25.1<br>
<br>
</blockquote></div></div>
Richard Henderson Sept. 15, 2021, 4:52 p.m. UTC | #2
On 9/15/21 9:43 AM, Warner Losh wrote:
>     Split out two functions into linux-user/host/arch/host-signal.h.

>     Since linux-user requires a linux host, drop all of the BSD and

>     Solaris ifdefs.  These should be recreated under bsd-user/ when

>     the current blanks there are filled.

> 

> For some architectures, this code will be small and host specific (I'm thinking

> arm, i386, ppc* and x86_64) but for others, there's common code that can be shared

> to parse the instruction (aarch64, mips*, riscv*). Do you see any value in

> sharing that instruction parsing code in some way?


Yes, that would be ideal.  Although even more ideal would be for all kernels to actually 
provide detail to the signal handler so that we don't need to parse instructions. 
(AArch64 being the example where they did finally fix that, though we've still got for for 
pre-3.16 kernels still hanging about.)  How are the BSDs in this respect?

Anyway, I'm not sure how to organize such sharing, but I'm open to suggestion.


r~
Philippe Mathieu-Daudé Sept. 16, 2021, 8:51 a.m. UTC | #3
Hi Richard,

On 9/14/21 12:05 AM, Richard Henderson wrote:
> Split out two functions into linux-user/host/arch/host-signal.h.

> Since linux-user requires a linux host, drop all of the BSD and

> Solaris ifdefs.  These should be recreated under bsd-user/ when

> the current blanks there are filled.

> 

> Fold the remnants of handle_cpu_signal into host_signal_handler.

> 

> Drop the call to cc->tcg_ops->tlb_fill.  This was simply an indirect

> method to raise SIGSEGV; it is far easier to pass the host siginfo_t

> along to the guest.  This fixes all of the guest cpu_loop code that

> currently fails to properly fill in SEGV_MAPERR vs SEGV_ACCERR.

> 

> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

> ---

>  include/exec/exec-all.h               |  12 -

>  linux-user/host/aarch64/host-signal.h |  73 +++

>  linux-user/host/alpha/host-signal.h   |  41 ++

>  linux-user/host/arm/host-signal.h     |  30 ++

>  linux-user/host/i386/host-signal.h    |  24 +

>  linux-user/host/mips/host-signal.h    |  61 +++

>  linux-user/host/ppc/host-signal.h     |  24 +

>  linux-user/host/ppc64/host-signal.h   |   1 +

>  linux-user/host/riscv32/host-signal.h |  57 +++

>  linux-user/host/riscv64/host-signal.h |   1 +

>  linux-user/host/s390/host-signal.h    |  92 ++++

>  linux-user/host/s390x/host-signal.h   |   1 +

>  linux-user/host/sparc/host-signal.h   |  53 ++

>  linux-user/host/sparc64/host-signal.h |   1 +

>  linux-user/host/x86_64/host-signal.h  |  24 +

>  accel/tcg/user-exec.c                 | 712 --------------------------

>  linux-user/signal.c                   |  93 ++--

>  17 files changed, 543 insertions(+), 757 deletions(-)

>  create mode 100644 linux-user/host/aarch64/host-signal.h

>  create mode 100644 linux-user/host/alpha/host-signal.h

>  create mode 100644 linux-user/host/arm/host-signal.h

>  create mode 100644 linux-user/host/i386/host-signal.h

>  create mode 100644 linux-user/host/mips/host-signal.h

>  create mode 100644 linux-user/host/ppc/host-signal.h

>  create mode 100644 linux-user/host/ppc64/host-signal.h

>  create mode 100644 linux-user/host/riscv32/host-signal.h

>  create mode 100644 linux-user/host/riscv64/host-signal.h

>  create mode 100644 linux-user/host/s390/host-signal.h

>  create mode 100644 linux-user/host/s390x/host-signal.h

>  create mode 100644 linux-user/host/sparc/host-signal.h

>  create mode 100644 linux-user/host/sparc64/host-signal.h

>  create mode 100644 linux-user/host/x86_64/host-signal.h


> diff --git a/linux-user/signal.c b/linux-user/signal.c

> index 73c0f9066b..509dad7850 100644

> --- a/linux-user/signal.c

> +++ b/linux-user/signal.c


> -static void host_signal_handler(int host_signum, siginfo_t *info,

> -                                void *puc)

> +static void host_signal_handler(int host_sig, siginfo_t *info, void *puc)

>  {

>      CPUArchState *env = thread_cpu->env_ptr;

>      CPUState *cpu = env_cpu(env);

>      TaskState *ts = cpu->opaque;

> -

> -    int sig;

> +    bool sync_sig = false;

>      target_siginfo_t tinfo;

>      ucontext_t *uc = puc;

>      struct emulated_sigtable *k;

> +    uintptr_t pc = 0;

> +    int guest_sig;

>  

> -    /* the CPU emulator uses some host signals to detect exceptions,

> -       we forward to it some signals */

> -    if ((host_signum == SIGSEGV || host_signum == SIGBUS)

> -        && info->si_code > 0) {

> -        if (cpu_signal_handler(host_signum, info, puc))

> +    /*

> +     * Non-spoofed SIGSEGV and SIGBUS are synchronous, and need special

> +     * handling wrt signal blocking and unwinding.  SIGSEGV may need to

> +     * remove write-protection and restart the instruction.

> +     */

> +    if ((host_sig == SIGSEGV || host_sig == SIGBUS) && info->si_code > 0) {

> +        pc = adjust_signal_pc(host_signal_pc(uc));

> +        if (host_sig == SIGSEGV &&

> +            info->si_code == SEGV_ACCERR &&

> +            host_sigsegv_write(info, uc) &&

> +            handle_sigsegv_accerr_write(cpu, &uc->uc_sigmask, pc,

> +                                        (uintptr_t)info->si_addr)) {

>              return;

> +        }

> +        sync_sig = true;

> +    } else {

> +        rewind_if_in_safe_syscall(puc);

> +

> +        /*

> +         * Block host signals until target signal handler entered.

> +         * We can't block SIGSEGV or SIGBUS while we're executing

> +         * guest code in case the guest code provokes one in the

> +         * window between now and it getting out to the main loop.

> +         * Signals will be unblocked again in process_pending_signals().

> +         *

> +         * WARNING: we cannot use sigfillset() here because the uc_sigmask

> +         * field is a kernel sigset_t, which is much smaller than the

> +         * libc sigset_t which sigfillset() operates on. Using sigfillset()

> +         * would write 0xff bytes off the end of the structure and trash

> +         * data on the struct.

> +         * We can't use sizeof(uc->uc_sigmask) either, because the libc

> +         * headers define the struct field with the wrong (too large) type.

> +         */

> +        memset(&uc->uc_sigmask, 0xff, SIGSET_T_SIZE);

> +        sigdelset(&uc->uc_sigmask, SIGSEGV);

> +        sigdelset(&uc->uc_sigmask, SIGBUS);

>      }

>  

>      /* get target signal number */

> -    sig = host_to_target_signal(host_signum);

> -    if (sig < 1 || sig > TARGET_NSIG)

> +    guest_sig = host_to_target_signal(host_sig);

> +    if (guest_sig < 1 || guest_sig > TARGET_NSIG) {

>          return;

> -    trace_user_host_signal(env, host_signum, sig);

> -

> -    rewind_if_in_safe_syscall(puc);

> +    }

> +    trace_user_host_signal(env, host_sig, guest_sig);

>  

>      host_to_target_siginfo_noswap(&tinfo, info);

> -    k = &ts->sigtab[sig - 1];

> +    k = &ts->sigtab[guest_sig - 1];

>      k->info = tinfo;

> -    k->pending = sig;

> +    k->pending = guest_sig;

>      ts->signal_pending = 1;

>  

> -    /* Block host signals until target signal handler entered. We

> -     * can't block SIGSEGV or SIGBUS while we're executing guest

> -     * code in case the guest code provokes one in the window between

> -     * now and it getting out to the main loop. Signals will be

> -     * unblocked again in process_pending_signals().

> -     *

> -     * WARNING: we cannot use sigfillset() here because the uc_sigmask

> -     * field is a kernel sigset_t, which is much smaller than the

> -     * libc sigset_t which sigfillset() operates on. Using sigfillset()

> -     * would write 0xff bytes off the end of the structure and trash

> -     * data on the struct.

> -     * We can't use sizeof(uc->uc_sigmask) either, because the libc

> -     * headers define the struct field with the wrong (too large) type.

> +    /*

> +     * For synchronous signals, unwind the cpu state to the faulting

> +     * insn and then exit back to the main loop so that the signal

> +     * is delivered immediately.

>       */

> -    memset(&uc->uc_sigmask, 0xff, SIGSET_T_SIZE);

> -    sigdelset(&uc->uc_sigmask, SIGSEGV);

> -    sigdelset(&uc->uc_sigmask, SIGBUS);

> +    if (sync_sig) {

> +        clear_helper_retaddr();

> +        sigprocmask(SIG_SETMASK, &uc->uc_sigmask, NULL);

> +        cpu->exception_index = EXCP_INTERRUPT;

> +        cpu_loop_exit_restore(cpu, pc);

> +    }

>  

> -    /* interrupt the virtual CPU as soon as possible */

> +    /*

> +     * Interrupt the virtual CPU as soon as possible, but for now

> +     * return to continue with the current TB.

> +     */

>      cpu_exit(thread_cpu);

>  }


Is it possible to split this patch per architectures,
doing for the first arch:

  #if ARCH1

  new host_signal_handler() {}

  #else

  old unmodified host_signal_handler() {}

  #endif

Then for the second:

  #if ARCH1 || ARCH2

  new host_signal_handler() {}

  #else

  old unmodified host_signal_handler() {}

  #endif

Last patch being cleaning the transition:

- #if ARCH1 || ARCH2 || ...

  new host_signal_handler() {}

- #else
-
- old unmodified host_signal_handler() {}
-
- #endif

?
diff mbox series

Patch

diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index f582d3e688..addcec6381 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -683,18 +683,6 @@  uintptr_t adjust_signal_pc(uintptr_t pc);
 bool handle_sigsegv_accerr_write(CPUState *cpu, sigset_t *old_set,
                                  uintptr_t host_pc, uintptr_t host_addr);
 
-/**
- * cpu_signal_handler
- * @signum: host signal number
- * @pinfo: host siginfo_t
- * @puc: host ucontext_t
- *
- * To be called from the SIGBUS and SIGSEGV signal handler to inform the
- * virtual cpu of exceptions.  Returns true if the signal was handled by
- * the virtual CPU.
- */
-int cpu_signal_handler(int signum, void *pinfo, void *puc);
-
 #else
 static inline void mmap_lock(void) {}
 static inline void mmap_unlock(void) {}
diff --git a/linux-user/host/aarch64/host-signal.h b/linux-user/host/aarch64/host-signal.h
new file mode 100644
index 0000000000..818da17a21
--- /dev/null
+++ b/linux-user/host/aarch64/host-signal.h
@@ -0,0 +1,73 @@ 
+/*
+ * host-signal.h: signal info dependent on the host architecture
+ *
+ * Copyright (C) 2021 Linaro Limited
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#ifndef AARCH64_HOST_SIGNAL_H
+#define AARCH64_HOST_SIGNAL_H
+
+/* Pre-3.16 kernel headers don't have these, so provide fallback definitions */
+#ifndef ESR_MAGIC
+#define ESR_MAGIC 0x45535201
+struct esr_context {
+    struct _aarch64_ctx head;
+    uint64_t esr;
+};
+#endif
+
+static inline struct _aarch64_ctx *first_ctx(ucontext_t *uc)
+{
+    return (struct _aarch64_ctx *)&uc->uc_mcontext.__reserved;
+}
+
+static inline struct _aarch64_ctx *next_ctx(struct _aarch64_ctx *hdr)
+{
+    return (struct _aarch64_ctx *)((char *)hdr + hdr->size);
+}
+
+static inline uintptr_t host_signal_pc(ucontext_t *uc)
+{
+    return uc->uc_mcontext.pc;
+}
+
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)
+{
+    struct _aarch64_ctx *hdr;
+    uint32_t insn;
+
+    /* Find the esr_context, which has the WnR bit in it */
+    for (hdr = first_ctx(uc); hdr->magic; hdr = next_ctx(hdr)) {
+        if (hdr->magic == ESR_MAGIC) {
+            struct esr_context const *esrctx = (struct esr_context const *)hdr;
+            uint64_t esr = esrctx->esr;
+
+            /* For data aborts ESR.EC is 0b10010x: then bit 6 is the WnR bit */
+            return extract32(esr, 27, 5) == 0x12 && extract32(esr, 6, 1) == 1;
+        }
+    }
+
+    /*
+     * Fall back to parsing instructions; will only be needed
+     * for really ancient (pre-3.16) kernels.
+     */
+    insn = *(uint32_t *)host_signal_pc(uc);
+
+    return (insn & 0xbfff0000) == 0x0c000000   /* C3.3.1 */
+        || (insn & 0xbfe00000) == 0x0c800000   /* C3.3.2 */
+        || (insn & 0xbfdf0000) == 0x0d000000   /* C3.3.3 */
+        || (insn & 0xbfc00000) == 0x0d800000   /* C3.3.4 */
+        || (insn & 0x3f400000) == 0x08000000   /* C3.3.6 */
+        || (insn & 0x3bc00000) == 0x39000000   /* C3.3.13 */
+        || (insn & 0x3fc00000) == 0x3d800000   /* ... 128bit */
+        /* Ignore bits 10, 11 & 21, controlling indexing.  */
+        || (insn & 0x3bc00000) == 0x38000000   /* C3.3.8-12 */
+        || (insn & 0x3fe00000) == 0x3c800000   /* ... 128bit */
+        /* Ignore bits 23 & 24, controlling indexing.  */
+        || (insn & 0x3a400000) == 0x28000000; /* C3.3.7,14-16 */
+}
+
+#endif
diff --git a/linux-user/host/alpha/host-signal.h b/linux-user/host/alpha/host-signal.h
new file mode 100644
index 0000000000..eaf83added
--- /dev/null
+++ b/linux-user/host/alpha/host-signal.h
@@ -0,0 +1,41 @@ 
+/*
+ * host-signal.h: signal info dependent on the host architecture
+ *
+ * Copyright (C) 2021 Linaro Limited
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#ifndef ALPHA_HOST_SIGNAL_H
+#define ALPHA_HOST_SIGNAL_H
+
+static inline uintptr_t host_signal_pc(ucontext_t *uc)
+{
+    return uc->uc_mcontext.sc_pc;
+}
+
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)
+{
+    uint32_t *pc = uc->uc_mcontext.sc_pc;
+    uint32_t insn = *pc;
+
+    /* XXX: need kernel patch to get write flag faster */
+    switch (insn >> 26) {
+    case 0x0d: /* stw */
+    case 0x0e: /* stb */
+    case 0x0f: /* stq_u */
+    case 0x24: /* stf */
+    case 0x25: /* stg */
+    case 0x26: /* sts */
+    case 0x27: /* stt */
+    case 0x2c: /* stl */
+    case 0x2d: /* stq */
+    case 0x2e: /* stl_c */
+    case 0x2f: /* stq_c */
+        return true;
+    }
+    return false;
+}
+
+#endif
diff --git a/linux-user/host/arm/host-signal.h b/linux-user/host/arm/host-signal.h
new file mode 100644
index 0000000000..ae6bcde6c1
--- /dev/null
+++ b/linux-user/host/arm/host-signal.h
@@ -0,0 +1,30 @@ 
+/*
+ * host-signal.h: signal info dependent on the host architecture
+ *
+ * Copyright (C) 2021 Linaro Limited
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#ifndef ARM_HOST_SIGNAL_H
+#define ARM_HOST_SIGNAL_H
+
+static inline uintptr_t host_signal_pc(ucontext_t *uc)
+{
+    return uc->uc_mcontext.gregs[R15];
+}
+
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc,
+                                      uintptr_t pc)
+{
+    /*
+     * In the FSR, bit 11 is WnR, assuming a v6 or
+     * later processor.  On v5 we will always report
+     * this as a read, which will fail later.
+     */
+    uint32_t fsr = uc->uc_mcontext.error_code;
+    return extract32(fsr, 11, 1);
+}
+
+#endif
diff --git a/linux-user/host/i386/host-signal.h b/linux-user/host/i386/host-signal.h
new file mode 100644
index 0000000000..a8ca5e4a89
--- /dev/null
+++ b/linux-user/host/i386/host-signal.h
@@ -0,0 +1,24 @@ 
+/*
+ * host-signal.h: signal info dependent on the host architecture
+ *
+ * Copyright (C) 2021 Linaro Limited
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#ifndef I386_HOST_SIGNAL_H
+#define I386_HOST_SIGNAL_H
+
+static inline uintptr_t host_signal_pc(ucontext_t *uc)
+{
+    return uc->uc_mcontext.gregs[REG_EIP];
+}
+
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)
+{
+    return uc->uc_mcontext.gregs[REG_TRAPNO] == 0xe
+        && (uc->uc_mcontext.gregs[REG_ERR] & 0x2);
+}
+
+#endif
diff --git a/linux-user/host/mips/host-signal.h b/linux-user/host/mips/host-signal.h
new file mode 100644
index 0000000000..815bbd61fa
--- /dev/null
+++ b/linux-user/host/mips/host-signal.h
@@ -0,0 +1,61 @@ 
+/*
+ * host-signal.h: signal info dependent on the host architecture
+ *
+ * Copyright (C) 2021 Linaro Limited
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#ifndef MIPS_HOST_SIGNAL_H
+#define MIPS_HOST_SIGNAL_H
+
+static inline uintptr_t host_signal_pc(ucontext_t *uc)
+{
+    return uc->uc_mcontext.pc;
+}
+
+#if defined(__misp16) || defined(__mips_micromips)
+#error "Unsupported encoding"
+#endif
+
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)
+{
+    uint32_t *insn = *(uint32_t *)host_signal_pc(uc);
+
+    /* Detect all store instructions at program counter. */
+    switch ((insn >> 26) & 077) {
+    case 050: /* SB */
+    case 051: /* SH */
+    case 052: /* SWL */
+    case 053: /* SW */
+    case 054: /* SDL */
+    case 055: /* SDR */
+    case 056: /* SWR */
+    case 070: /* SC */
+    case 071: /* SWC1 */
+    case 074: /* SCD */
+    case 075: /* SDC1 */
+    case 077: /* SD */
+#if !defined(__mips_isa_rev) || __mips_isa_rev < 6
+    case 072: /* SWC2 */
+    case 076: /* SDC2 */
+#endif
+        return true;
+    case 023: /* COP1X */
+        /*
+         * Required in all versions of MIPS64 since
+         * MIPS64r1 and subsequent versions of MIPS32r2.
+         */
+        switch (insn & 077) {
+        case 010: /* SWXC1 */
+        case 011: /* SDXC1 */
+        case 015: /* SUXC1 */
+            return true;
+        }
+        break;
+    }
+    return false;
+}
+
+#endif
diff --git a/linux-user/host/ppc/host-signal.h b/linux-user/host/ppc/host-signal.h
new file mode 100644
index 0000000000..b8dce622b4
--- /dev/null
+++ b/linux-user/host/ppc/host-signal.h
@@ -0,0 +1,24 @@ 
+/*
+ * host-signal.h: signal info dependent on the host architecture
+ *
+ * Copyright (C) 2021 Linaro Limited
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#ifndef PPC_HOST_SIGNAL_H
+#define PPC_HOST_SIGNAL_H
+
+static inline uintptr_t host_signal_pc(ucontext_t *uc)
+{
+    return uc->uc_mcontext.regs->nip;
+}
+
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)
+{
+    return uc->uc_mcontext.regs->trap != 0x400
+        && (uc->uc_mcontext.regs->dsisr & 0x02000000);
+}
+
+#endif
diff --git a/linux-user/host/ppc64/host-signal.h b/linux-user/host/ppc64/host-signal.h
new file mode 100644
index 0000000000..a353c22a90
--- /dev/null
+++ b/linux-user/host/ppc64/host-signal.h
@@ -0,0 +1 @@ 
+#include "../ppc/host-signal.h"
diff --git a/linux-user/host/riscv32/host-signal.h b/linux-user/host/riscv32/host-signal.h
new file mode 100644
index 0000000000..f877412f96
--- /dev/null
+++ b/linux-user/host/riscv32/host-signal.h
@@ -0,0 +1,57 @@ 
+/*
+ * host-signal.h: signal info dependent on the host architecture
+ *
+ * Copyright (C) 2021 Linaro Limited
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#ifndef RISCV_HOST_SIGNAL_H
+#define RISCV_HOST_SIGNAL_H
+
+static inline uintptr_t host_signal_pc(ucontext_t *uc)
+{
+    return uc->uc_mcontext.__gregs[REG_PC];
+}
+
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)
+{
+    /*
+     * Detect store by reading the instruction at the program counter.
+     * Do not read more than 16 bits, because we have not yet determined
+     * the size of the instruction.
+     */
+    const uint16_t *pinsn = (const uint16_t *)host_signal_pc(uc);
+    uint16_t insn = pinsn[0];
+
+    /* 16-bit instructions */
+    switch (insn & 0xe003) {
+    case 0xa000: /* c.fsd */
+    case 0xc000: /* c.sw */
+    case 0xe000: /* c.sd (rv64) / c.fsw (rv32) */
+    case 0xa002: /* c.fsdsp */
+    case 0xc002: /* c.swsp */
+    case 0xe002: /* c.sdsp (rv64) / c.fswsp (rv32) */
+        return true;
+    }
+
+    /* 32-bit instructions, major opcodes */
+    switch (insn & 0x7f) {
+    case 0x23: /* store */
+    case 0x27: /* store-fp */
+        return true;
+    case 0x2f: /* amo */
+        /*
+         * The AMO function code is in bits 25-31, unread as yet.
+         * The AMO functions are LR (read), SC (write), and the
+         * rest are all read-modify-write.
+         */
+        insn = pinsn[1];
+        return (insn >> 11) != 2; /* LR */
+    }
+
+    return false;
+}
+
+#endif
diff --git a/linux-user/host/riscv64/host-signal.h b/linux-user/host/riscv64/host-signal.h
new file mode 100644
index 0000000000..6e27f725ab
--- /dev/null
+++ b/linux-user/host/riscv64/host-signal.h
@@ -0,0 +1 @@ 
+#include "../riscv32/host-signal.h"
diff --git a/linux-user/host/s390/host-signal.h b/linux-user/host/s390/host-signal.h
new file mode 100644
index 0000000000..8d34b32b9f
--- /dev/null
+++ b/linux-user/host/s390/host-signal.h
@@ -0,0 +1,92 @@ 
+/*
+ * host-signal.h: signal info dependent on the host architecture
+ *
+ * Copyright (C) 2021 Linaro Limited
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#ifndef S390_HOST_SIGNAL_H
+#define S390_HOST_SIGNAL_H
+
+static inline uintptr_t host_signal_pc(ucontext_t *uc)
+{
+    return uc->uc_mcontext.psw.addr;
+}
+
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)
+{
+    uint16_t *pinsn = (uint16_t *)host_signal_pc(uc);
+
+    /*
+     * ??? On linux, the non-rt signal handler has 4 (!) arguments instead
+     * of the normal 2 arguments.  The 4th argument contains the "Translation-
+     * Exception Identification for DAT Exceptions" from the hardware (aka
+     * "int_parm_long"), which does in fact contain the is_write value.
+     * The rt signal handler, as far as I can tell, does not give this value
+     * at all.  Not that we could get to it from here even if it were.
+     * So fall back to parsing instructions.  Treat read-modify-write ones as
+     * writes, which is not fully correct, but for tracking self-modifying code
+     * this is better than treating them as reads.  Checking si_addr page flags
+     * might be a viable improvement, albeit a racy one.
+     */
+    /* ??? This is not even close to complete.  */
+    switch (pinsn[0] >> 8) {
+    case 0x50: /* ST */
+    case 0x42: /* STC */
+    case 0x40: /* STH */
+    case 0xba: /* CS */
+    case 0xbb: /* CDS */
+        return true;
+    case 0xc4: /* RIL format insns */
+        switch (pinsn[0] & 0xf) {
+        case 0xf: /* STRL */
+        case 0xb: /* STGRL */
+        case 0x7: /* STHRL */
+            return true;
+        }
+        break;
+    case 0xc8: /* SSF format insns */
+        switch (pinsn[0] & 0xf) {
+        case 0x2: /* CSST */
+            return true;
+        }
+        break;
+    case 0xe3: /* RXY format insns */
+        switch (pinsn[2] & 0xff) {
+        case 0x50: /* STY */
+        case 0x24: /* STG */
+        case 0x72: /* STCY */
+        case 0x70: /* STHY */
+        case 0x8e: /* STPQ */
+        case 0x3f: /* STRVH */
+        case 0x3e: /* STRV */
+        case 0x2f: /* STRVG */
+            return true;
+        }
+        break;
+    case 0xeb: /* RSY format insns */
+        switch (pinsn[2] & 0xff) {
+        case 0x14: /* CSY */
+        case 0x30: /* CSG */
+        case 0x31: /* CDSY */
+        case 0x3e: /* CDSG */
+        case 0xe4: /* LANG */
+        case 0xe6: /* LAOG */
+        case 0xe7: /* LAXG */
+        case 0xe8: /* LAAG */
+        case 0xea: /* LAALG */
+        case 0xf4: /* LAN */
+        case 0xf6: /* LAO */
+        case 0xf7: /* LAX */
+        case 0xfa: /* LAAL */
+        case 0xf8: /* LAA */
+            return true;
+        }
+        break;
+    }
+    return false;
+}
+
+#endif
diff --git a/linux-user/host/s390x/host-signal.h b/linux-user/host/s390x/host-signal.h
new file mode 100644
index 0000000000..0e83f9358d
--- /dev/null
+++ b/linux-user/host/s390x/host-signal.h
@@ -0,0 +1 @@ 
+#include "../s390/host-signal.h"
diff --git a/linux-user/host/sparc/host-signal.h b/linux-user/host/sparc/host-signal.h
new file mode 100644
index 0000000000..47d3b1512e
--- /dev/null
+++ b/linux-user/host/sparc/host-signal.h
@@ -0,0 +1,53 @@ 
+/*
+ * host-signal.h: signal info dependent on the host architecture
+ *
+ * Copyright (C) 2021 Linaro Limited
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#ifndef SPARC_HOST_SIGNAL_H
+#define SPARC_HOST_SIGNAL_H
+
+static inline uintptr_t host_signal_pc(ucontext_t *uc)
+{
+#ifdef __arch64__
+    return uc->uc_mcontext.mc_gregs[MC_PC];
+#else
+    return uc->uc_mcontext.gregs[REG_PC];
+#endif
+}
+
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)
+{
+    uint32_t insn = *(uint32_t *)host_signal_pc(uc);
+
+    if ((insn >> 30) == 3) {
+        switch ((insn >> 19) & 0x3f) {
+        case 0x05: /* stb */
+        case 0x15: /* stba */
+        case 0x06: /* sth */
+        case 0x16: /* stha */
+        case 0x04: /* st */
+        case 0x14: /* sta */
+        case 0x07: /* std */
+        case 0x17: /* stda */
+        case 0x0e: /* stx */
+        case 0x1e: /* stxa */
+        case 0x24: /* stf */
+        case 0x34: /* stfa */
+        case 0x27: /* stdf */
+        case 0x37: /* stdfa */
+        case 0x26: /* stqf */
+        case 0x36: /* stqfa */
+        case 0x25: /* stfsr */
+        case 0x3c: /* casa */
+        case 0x3e: /* casxa */
+            return true;
+        }
+    }
+    return false;
+}
+
+#endif
diff --git a/linux-user/host/sparc64/host-signal.h b/linux-user/host/sparc64/host-signal.h
new file mode 100644
index 0000000000..1191fe2d40
--- /dev/null
+++ b/linux-user/host/sparc64/host-signal.h
@@ -0,0 +1 @@ 
+#include "../sparc/host-signal.h"
diff --git a/linux-user/host/x86_64/host-signal.h b/linux-user/host/x86_64/host-signal.h
new file mode 100644
index 0000000000..d5fb3e4484
--- /dev/null
+++ b/linux-user/host/x86_64/host-signal.h
@@ -0,0 +1,24 @@ 
+/*
+ * host-signal.h: signal info dependent on the host architecture
+ *
+ * Copyright (C) 2021 Linaro Limited
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#ifndef X86_64_HOST_SIGNAL_H
+#define X86_64_HOST_SIGNAL_H
+
+static inline uintptr_t host_signal_pc(ucontext_t *uc)
+{
+    return uc->uc_mcontext.gregs[REG_RIP];
+}
+
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)
+{
+    return uc->uc_mcontext.gregs[REG_TRAPNO] == 0xe
+        && (uc->uc_mcontext.gregs[REG_ERR] & 0x2);
+}
+
+#endif
diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
index ad6b4f6abf..39635cbea2 100644
--- a/accel/tcg/user-exec.c
+++ b/accel/tcg/user-exec.c
@@ -29,23 +29,8 @@ 
 #include "trace/trace-root.h"
 #include "trace/mem.h"
 
-#undef EAX
-#undef ECX
-#undef EDX
-#undef EBX
-#undef ESP
-#undef EBP
-#undef ESI
-#undef EDI
-#undef EIP
-#ifdef __linux__
-#include <sys/ucontext.h>
-#endif
-
 __thread uintptr_t helper_retaddr;
 
-//#define DEBUG_SIGNAL
-
 /**
  * adjust_signal_pc:
  * @pc: raw pc from the host signal ucontext_t.
@@ -154,69 +139,6 @@  bool handle_sigsegv_accerr_write(CPUState *cpu, sigset_t *old_set,
     }
 }
 
-/* 'pc' is the host PC at which the exception was raised. 'address' is
-   the effective address of the memory exception. 'is_write' is 1 if a
-   write caused the exception and otherwise 0'. 'old_set' is the
-   signal set which should be restored */
-static inline int handle_cpu_signal(uintptr_t pc, siginfo_t *info,
-                                    int is_write, sigset_t *old_set)
-{
-    CPUState *cpu = current_cpu;
-    CPUClass *cc;
-    unsigned long address = (unsigned long)info->si_addr;
-    MMUAccessType access_type;
-
-    if (is_write) {
-        access_type = MMU_DATA_STORE;
-    } else if (helper_retaddr == 1) {
-        access_type = MMU_INST_FETCH;
-    } else {
-        access_type = MMU_DATA_LOAD;
-    }
-    pc = adjust_signal_pc(pc);
-
-    /* For synchronous signals we expect to be coming from the vCPU
-     * thread (so current_cpu should be valid) and either from running
-     * code or during translation which can fault as we cross pages.
-     *
-     * If neither is true then something has gone wrong and we should
-     * abort rather than try and restart the vCPU execution.
-     */
-    if (!cpu || !cpu->running) {
-        printf("qemu:%s received signal outside vCPU context @ pc=0x%"
-               PRIxPTR "\n",  __func__, pc);
-        abort();
-    }
-
-#if defined(DEBUG_SIGNAL)
-    printf("qemu: SIGSEGV pc=0x%08lx address=%08lx w=%d oldset=0x%08lx\n",
-           pc, address, is_write, *(unsigned long *)old_set);
-#endif
-
-    /* XXX: locking issue */
-    if (is_write &&
-        info->si_signo == SIGSEGV &&
-        info->si_code == SEGV_ACCERR &&
-        handle_sigsegv_accerr_write(cpu, old_set, pc, address)) {
-        return 1;
-    }
-
-    /* Convert forcefully to guest address space, invalid addresses
-       are still valid segv ones */
-    address = h2g_nocheck(address);
-
-    /*
-     * There is no way the target can handle this other than raising
-     * an exception.  Undo signal and retaddr state prior to longjmp.
-     */
-    sigprocmask(SIG_SETMASK, old_set, NULL);
-
-    cc = CPU_GET_CLASS(cpu);
-    cc->tcg_ops->tlb_fill(cpu, address, 0, access_type,
-                          MMU_USER_IDX, false, pc);
-    g_assert_not_reached();
-}
-
 static int probe_access_internal(CPUArchState *env, target_ulong addr,
                                  int fault_size, MMUAccessType access_type,
                                  bool nonfault, uintptr_t ra)
@@ -275,640 +197,6 @@  void *probe_access(CPUArchState *env, target_ulong addr, int size,
     return size ? g2h(env_cpu(env), addr) : NULL;
 }
 
-#if defined(__i386__)
-
-#if defined(__NetBSD__)
-#include <ucontext.h>
-#include <machine/trap.h>
-
-#define EIP_sig(context)     ((context)->uc_mcontext.__gregs[_REG_EIP])
-#define TRAP_sig(context)    ((context)->uc_mcontext.__gregs[_REG_TRAPNO])
-#define ERROR_sig(context)   ((context)->uc_mcontext.__gregs[_REG_ERR])
-#define MASK_sig(context)    ((context)->uc_sigmask)
-#define PAGE_FAULT_TRAP      T_PAGEFLT
-#elif defined(__FreeBSD__) || defined(__DragonFly__)
-#include <ucontext.h>
-#include <machine/trap.h>
-
-#define EIP_sig(context)  (*((unsigned long *)&(context)->uc_mcontext.mc_eip))
-#define TRAP_sig(context)    ((context)->uc_mcontext.mc_trapno)
-#define ERROR_sig(context)   ((context)->uc_mcontext.mc_err)
-#define MASK_sig(context)    ((context)->uc_sigmask)
-#define PAGE_FAULT_TRAP      T_PAGEFLT
-#elif defined(__OpenBSD__)
-#include <machine/trap.h>
-#define EIP_sig(context)     ((context)->sc_eip)
-#define TRAP_sig(context)    ((context)->sc_trapno)
-#define ERROR_sig(context)   ((context)->sc_err)
-#define MASK_sig(context)    ((context)->sc_mask)
-#define PAGE_FAULT_TRAP      T_PAGEFLT
-#else
-#define EIP_sig(context)     ((context)->uc_mcontext.gregs[REG_EIP])
-#define TRAP_sig(context)    ((context)->uc_mcontext.gregs[REG_TRAPNO])
-#define ERROR_sig(context)   ((context)->uc_mcontext.gregs[REG_ERR])
-#define MASK_sig(context)    ((context)->uc_sigmask)
-#define PAGE_FAULT_TRAP      0xe
-#endif
-
-int cpu_signal_handler(int host_signum, void *pinfo,
-                       void *puc)
-{
-    siginfo_t *info = pinfo;
-#if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__DragonFly__)
-    ucontext_t *uc = puc;
-#elif defined(__OpenBSD__)
-    struct sigcontext *uc = puc;
-#else
-    ucontext_t *uc = puc;
-#endif
-    unsigned long pc;
-    int trapno;
-
-#ifndef REG_EIP
-/* for glibc 2.1 */
-#define REG_EIP    EIP
-#define REG_ERR    ERR
-#define REG_TRAPNO TRAPNO
-#endif
-    pc = EIP_sig(uc);
-    trapno = TRAP_sig(uc);
-    return handle_cpu_signal(pc, info,
-                             trapno == PAGE_FAULT_TRAP ?
-                             (ERROR_sig(uc) >> 1) & 1 : 0,
-                             &MASK_sig(uc));
-}
-
-#elif defined(__x86_64__)
-
-#ifdef __NetBSD__
-#include <machine/trap.h>
-#define PC_sig(context)       _UC_MACHINE_PC(context)
-#define TRAP_sig(context)     ((context)->uc_mcontext.__gregs[_REG_TRAPNO])
-#define ERROR_sig(context)    ((context)->uc_mcontext.__gregs[_REG_ERR])
-#define MASK_sig(context)     ((context)->uc_sigmask)
-#define PAGE_FAULT_TRAP       T_PAGEFLT
-#elif defined(__OpenBSD__)
-#include <machine/trap.h>
-#define PC_sig(context)       ((context)->sc_rip)
-#define TRAP_sig(context)     ((context)->sc_trapno)
-#define ERROR_sig(context)    ((context)->sc_err)
-#define MASK_sig(context)     ((context)->sc_mask)
-#define PAGE_FAULT_TRAP       T_PAGEFLT
-#elif defined(__FreeBSD__) || defined(__DragonFly__)
-#include <ucontext.h>
-#include <machine/trap.h>
-
-#define PC_sig(context)  (*((unsigned long *)&(context)->uc_mcontext.mc_rip))
-#define TRAP_sig(context)     ((context)->uc_mcontext.mc_trapno)
-#define ERROR_sig(context)    ((context)->uc_mcontext.mc_err)
-#define MASK_sig(context)     ((context)->uc_sigmask)
-#define PAGE_FAULT_TRAP       T_PAGEFLT
-#else
-#define PC_sig(context)       ((context)->uc_mcontext.gregs[REG_RIP])
-#define TRAP_sig(context)     ((context)->uc_mcontext.gregs[REG_TRAPNO])
-#define ERROR_sig(context)    ((context)->uc_mcontext.gregs[REG_ERR])
-#define MASK_sig(context)     ((context)->uc_sigmask)
-#define PAGE_FAULT_TRAP       0xe
-#endif
-
-int cpu_signal_handler(int host_signum, void *pinfo,
-                       void *puc)
-{
-    siginfo_t *info = pinfo;
-    unsigned long pc;
-#if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__DragonFly__)
-    ucontext_t *uc = puc;
-#elif defined(__OpenBSD__)
-    struct sigcontext *uc = puc;
-#else
-    ucontext_t *uc = puc;
-#endif
-
-    pc = PC_sig(uc);
-    return handle_cpu_signal(pc, info,
-                             TRAP_sig(uc) == PAGE_FAULT_TRAP ?
-                             (ERROR_sig(uc) >> 1) & 1 : 0,
-                             &MASK_sig(uc));
-}
-
-#elif defined(_ARCH_PPC)
-
-/***********************************************************************
- * signal context platform-specific definitions
- * From Wine
- */
-#ifdef linux
-/* All Registers access - only for local access */
-#define REG_sig(reg_name, context)              \
-    ((context)->uc_mcontext.regs->reg_name)
-/* Gpr Registers access  */
-#define GPR_sig(reg_num, context)              REG_sig(gpr[reg_num], context)
-/* Program counter */
-#define IAR_sig(context)                       REG_sig(nip, context)
-/* Machine State Register (Supervisor) */
-#define MSR_sig(context)                       REG_sig(msr, context)
-/* Count register */
-#define CTR_sig(context)                       REG_sig(ctr, context)
-/* User's integer exception register */
-#define XER_sig(context)                       REG_sig(xer, context)
-/* Link register */
-#define LR_sig(context)                        REG_sig(link, context)
-/* Condition register */
-#define CR_sig(context)                        REG_sig(ccr, context)
-
-/* Float Registers access  */
-#define FLOAT_sig(reg_num, context)                                     \
-    (((double *)((char *)((context)->uc_mcontext.regs + 48 * 4)))[reg_num])
-#define FPSCR_sig(context) \
-    (*(int *)((char *)((context)->uc_mcontext.regs + (48 + 32 * 2) * 4)))
-/* Exception Registers access */
-#define DAR_sig(context)                       REG_sig(dar, context)
-#define DSISR_sig(context)                     REG_sig(dsisr, context)
-#define TRAP_sig(context)                      REG_sig(trap, context)
-#endif /* linux */
-
-#if defined(__FreeBSD__) || defined(__FreeBSD_kernel__)
-#include <ucontext.h>
-#define IAR_sig(context)               ((context)->uc_mcontext.mc_srr0)
-#define MSR_sig(context)               ((context)->uc_mcontext.mc_srr1)
-#define CTR_sig(context)               ((context)->uc_mcontext.mc_ctr)
-#define XER_sig(context)               ((context)->uc_mcontext.mc_xer)
-#define LR_sig(context)                ((context)->uc_mcontext.mc_lr)
-#define CR_sig(context)                ((context)->uc_mcontext.mc_cr)
-/* Exception Registers access */
-#define DAR_sig(context)               ((context)->uc_mcontext.mc_dar)
-#define DSISR_sig(context)             ((context)->uc_mcontext.mc_dsisr)
-#define TRAP_sig(context)              ((context)->uc_mcontext.mc_exc)
-#endif /* __FreeBSD__|| __FreeBSD_kernel__ */
-
-int cpu_signal_handler(int host_signum, void *pinfo,
-                       void *puc)
-{
-    siginfo_t *info = pinfo;
-#if defined(__FreeBSD__) || defined(__FreeBSD_kernel__)
-    ucontext_t *uc = puc;
-#else
-    ucontext_t *uc = puc;
-#endif
-    unsigned long pc;
-    int is_write;
-
-    pc = IAR_sig(uc);
-    is_write = 0;
-#if 0
-    /* ppc 4xx case */
-    if (DSISR_sig(uc) & 0x00800000) {
-        is_write = 1;
-    }
-#else
-    if (TRAP_sig(uc) != 0x400 && (DSISR_sig(uc) & 0x02000000)) {
-        is_write = 1;
-    }
-#endif
-    return handle_cpu_signal(pc, info, is_write, &uc->uc_sigmask);
-}
-
-#elif defined(__alpha__)
-
-int cpu_signal_handler(int host_signum, void *pinfo,
-                           void *puc)
-{
-    siginfo_t *info = pinfo;
-    ucontext_t *uc = puc;
-    uint32_t *pc = uc->uc_mcontext.sc_pc;
-    uint32_t insn = *pc;
-    int is_write = 0;
-
-    /* XXX: need kernel patch to get write flag faster */
-    switch (insn >> 26) {
-    case 0x0d: /* stw */
-    case 0x0e: /* stb */
-    case 0x0f: /* stq_u */
-    case 0x24: /* stf */
-    case 0x25: /* stg */
-    case 0x26: /* sts */
-    case 0x27: /* stt */
-    case 0x2c: /* stl */
-    case 0x2d: /* stq */
-    case 0x2e: /* stl_c */
-    case 0x2f: /* stq_c */
-        is_write = 1;
-    }
-
-    return handle_cpu_signal(pc, info, is_write, &uc->uc_sigmask);
-}
-#elif defined(__sparc__)
-
-int cpu_signal_handler(int host_signum, void *pinfo,
-                       void *puc)
-{
-    siginfo_t *info = pinfo;
-    int is_write;
-    uint32_t insn;
-#if !defined(__arch64__) || defined(CONFIG_SOLARIS)
-    uint32_t *regs = (uint32_t *)(info + 1);
-    void *sigmask = (regs + 20);
-    /* XXX: is there a standard glibc define ? */
-    unsigned long pc = regs[1];
-#else
-#ifdef __linux__
-    struct sigcontext *sc = puc;
-    unsigned long pc = sc->sigc_regs.tpc;
-    void *sigmask = (void *)sc->sigc_mask;
-#elif defined(__OpenBSD__)
-    struct sigcontext *uc = puc;
-    unsigned long pc = uc->sc_pc;
-    void *sigmask = (void *)(long)uc->sc_mask;
-#elif defined(__NetBSD__)
-    ucontext_t *uc = puc;
-    unsigned long pc = _UC_MACHINE_PC(uc);
-    void *sigmask = (void *)&uc->uc_sigmask;
-#endif
-#endif
-
-    /* XXX: need kernel patch to get write flag faster */
-    is_write = 0;
-    insn = *(uint32_t *)pc;
-    if ((insn >> 30) == 3) {
-        switch ((insn >> 19) & 0x3f) {
-        case 0x05: /* stb */
-        case 0x15: /* stba */
-        case 0x06: /* sth */
-        case 0x16: /* stha */
-        case 0x04: /* st */
-        case 0x14: /* sta */
-        case 0x07: /* std */
-        case 0x17: /* stda */
-        case 0x0e: /* stx */
-        case 0x1e: /* stxa */
-        case 0x24: /* stf */
-        case 0x34: /* stfa */
-        case 0x27: /* stdf */
-        case 0x37: /* stdfa */
-        case 0x26: /* stqf */
-        case 0x36: /* stqfa */
-        case 0x25: /* stfsr */
-        case 0x3c: /* casa */
-        case 0x3e: /* casxa */
-            is_write = 1;
-            break;
-        }
-    }
-    return handle_cpu_signal(pc, info, is_write, sigmask);
-}
-
-#elif defined(__arm__)
-
-#if defined(__NetBSD__)
-#include <ucontext.h>
-#include <sys/siginfo.h>
-#endif
-
-int cpu_signal_handler(int host_signum, void *pinfo,
-                       void *puc)
-{
-    siginfo_t *info = pinfo;
-#if defined(__NetBSD__)
-    ucontext_t *uc = puc;
-    siginfo_t *si = pinfo;
-#else
-    ucontext_t *uc = puc;
-#endif
-    unsigned long pc;
-    uint32_t fsr;
-    int is_write;
-
-#if defined(__NetBSD__)
-    pc = uc->uc_mcontext.__gregs[_REG_R15];
-#elif defined(__GLIBC__) && (__GLIBC__ < 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ <= 3))
-    pc = uc->uc_mcontext.gregs[R15];
-#else
-    pc = uc->uc_mcontext.arm_pc;
-#endif
-
-#ifdef __NetBSD__
-    fsr = si->si_trap;
-#else
-    fsr = uc->uc_mcontext.error_code;
-#endif
-    /*
-     * In the FSR, bit 11 is WnR, assuming a v6 or
-     * later processor.  On v5 we will always report
-     * this as a read, which will fail later.
-     */
-    is_write = extract32(fsr, 11, 1);
-    return handle_cpu_signal(pc, info, is_write, &uc->uc_sigmask);
-}
-
-#elif defined(__aarch64__)
-
-#if defined(__NetBSD__)
-
-#include <ucontext.h>
-#include <sys/siginfo.h>
-
-int cpu_signal_handler(int host_signum, void *pinfo, void *puc)
-{
-    ucontext_t *uc = puc;
-    siginfo_t *si = pinfo;
-    unsigned long pc;
-    int is_write;
-    uint32_t esr;
-
-    pc = uc->uc_mcontext.__gregs[_REG_PC];
-    esr = si->si_trap;
-
-    /*
-     * siginfo_t::si_trap is the ESR value, for data aborts ESR.EC
-     * is 0b10010x: then bit 6 is the WnR bit
-     */
-    is_write = extract32(esr, 27, 5) == 0x12 && extract32(esr, 6, 1) == 1;
-    return handle_cpu_signal(pc, si, is_write, &uc->uc_sigmask);
-}
-
-#else
-
-#ifndef ESR_MAGIC
-/* Pre-3.16 kernel headers don't have these, so provide fallback definitions */
-#define ESR_MAGIC 0x45535201
-struct esr_context {
-    struct _aarch64_ctx head;
-    uint64_t esr;
-};
-#endif
-
-static inline struct _aarch64_ctx *first_ctx(ucontext_t *uc)
-{
-    return (struct _aarch64_ctx *)&uc->uc_mcontext.__reserved;
-}
-
-static inline struct _aarch64_ctx *next_ctx(struct _aarch64_ctx *hdr)
-{
-    return (struct _aarch64_ctx *)((char *)hdr + hdr->size);
-}
-
-int cpu_signal_handler(int host_signum, void *pinfo, void *puc)
-{
-    siginfo_t *info = pinfo;
-    ucontext_t *uc = puc;
-    uintptr_t pc = uc->uc_mcontext.pc;
-    bool is_write;
-    struct _aarch64_ctx *hdr;
-    struct esr_context const *esrctx = NULL;
-
-    /* Find the esr_context, which has the WnR bit in it */
-    for (hdr = first_ctx(uc); hdr->magic; hdr = next_ctx(hdr)) {
-        if (hdr->magic == ESR_MAGIC) {
-            esrctx = (struct esr_context const *)hdr;
-            break;
-        }
-    }
-
-    if (esrctx) {
-        /* For data aborts ESR.EC is 0b10010x: then bit 6 is the WnR bit */
-        uint64_t esr = esrctx->esr;
-        is_write = extract32(esr, 27, 5) == 0x12 && extract32(esr, 6, 1) == 1;
-    } else {
-        /*
-         * Fall back to parsing instructions; will only be needed
-         * for really ancient (pre-3.16) kernels.
-         */
-        uint32_t insn = *(uint32_t *)pc;
-
-        is_write = ((insn & 0xbfff0000) == 0x0c000000   /* C3.3.1 */
-                    || (insn & 0xbfe00000) == 0x0c800000   /* C3.3.2 */
-                    || (insn & 0xbfdf0000) == 0x0d000000   /* C3.3.3 */
-                    || (insn & 0xbfc00000) == 0x0d800000   /* C3.3.4 */
-                    || (insn & 0x3f400000) == 0x08000000   /* C3.3.6 */
-                    || (insn & 0x3bc00000) == 0x39000000   /* C3.3.13 */
-                    || (insn & 0x3fc00000) == 0x3d800000   /* ... 128bit */
-                    /* Ignore bits 10, 11 & 21, controlling indexing.  */
-                    || (insn & 0x3bc00000) == 0x38000000   /* C3.3.8-12 */
-                    || (insn & 0x3fe00000) == 0x3c800000   /* ... 128bit */
-                    /* Ignore bits 23 & 24, controlling indexing.  */
-                    || (insn & 0x3a400000) == 0x28000000); /* C3.3.7,14-16 */
-    }
-    return handle_cpu_signal(pc, info, is_write, &uc->uc_sigmask);
-}
-#endif
-
-#elif defined(__s390__)
-
-int cpu_signal_handler(int host_signum, void *pinfo,
-                       void *puc)
-{
-    siginfo_t *info = pinfo;
-    ucontext_t *uc = puc;
-    unsigned long pc;
-    uint16_t *pinsn;
-    int is_write = 0;
-
-    pc = uc->uc_mcontext.psw.addr;
-
-    /*
-     * ??? On linux, the non-rt signal handler has 4 (!) arguments instead
-     * of the normal 2 arguments.  The 4th argument contains the "Translation-
-     * Exception Identification for DAT Exceptions" from the hardware (aka
-     * "int_parm_long"), which does in fact contain the is_write value.
-     * The rt signal handler, as far as I can tell, does not give this value
-     * at all.  Not that we could get to it from here even if it were.
-     * So fall back to parsing instructions.  Treat read-modify-write ones as
-     * writes, which is not fully correct, but for tracking self-modifying code
-     * this is better than treating them as reads.  Checking si_addr page flags
-     * might be a viable improvement, albeit a racy one.
-     */
-    /* ??? This is not even close to complete.  */
-    pinsn = (uint16_t *)pc;
-    switch (pinsn[0] >> 8) {
-    case 0x50: /* ST */
-    case 0x42: /* STC */
-    case 0x40: /* STH */
-    case 0xba: /* CS */
-    case 0xbb: /* CDS */
-        is_write = 1;
-        break;
-    case 0xc4: /* RIL format insns */
-        switch (pinsn[0] & 0xf) {
-        case 0xf: /* STRL */
-        case 0xb: /* STGRL */
-        case 0x7: /* STHRL */
-            is_write = 1;
-        }
-        break;
-    case 0xc8: /* SSF format insns */
-        switch (pinsn[0] & 0xf) {
-        case 0x2: /* CSST */
-            is_write = 1;
-        }
-        break;
-    case 0xe3: /* RXY format insns */
-        switch (pinsn[2] & 0xff) {
-        case 0x50: /* STY */
-        case 0x24: /* STG */
-        case 0x72: /* STCY */
-        case 0x70: /* STHY */
-        case 0x8e: /* STPQ */
-        case 0x3f: /* STRVH */
-        case 0x3e: /* STRV */
-        case 0x2f: /* STRVG */
-            is_write = 1;
-        }
-        break;
-    case 0xeb: /* RSY format insns */
-        switch (pinsn[2] & 0xff) {
-        case 0x14: /* CSY */
-        case 0x30: /* CSG */
-        case 0x31: /* CDSY */
-        case 0x3e: /* CDSG */
-        case 0xe4: /* LANG */
-        case 0xe6: /* LAOG */
-        case 0xe7: /* LAXG */
-        case 0xe8: /* LAAG */
-        case 0xea: /* LAALG */
-        case 0xf4: /* LAN */
-        case 0xf6: /* LAO */
-        case 0xf7: /* LAX */
-        case 0xfa: /* LAAL */
-        case 0xf8: /* LAA */
-            is_write = 1;
-        }
-        break;
-    }
-
-    return handle_cpu_signal(pc, info, is_write, &uc->uc_sigmask);
-}
-
-#elif defined(__mips__)
-
-#if defined(__misp16) || defined(__mips_micromips)
-#error "Unsupported encoding"
-#endif
-
-int cpu_signal_handler(int host_signum, void *pinfo,
-                       void *puc)
-{
-    siginfo_t *info = pinfo;
-    ucontext_t *uc = puc;
-    uintptr_t pc = uc->uc_mcontext.pc;
-    uint32_t insn = *(uint32_t *)pc;
-    int is_write = 0;
-
-    /* Detect all store instructions at program counter. */
-    switch((insn >> 26) & 077) {
-    case 050: /* SB */
-    case 051: /* SH */
-    case 052: /* SWL */
-    case 053: /* SW */
-    case 054: /* SDL */
-    case 055: /* SDR */
-    case 056: /* SWR */
-    case 070: /* SC */
-    case 071: /* SWC1 */
-    case 074: /* SCD */
-    case 075: /* SDC1 */
-    case 077: /* SD */
-#if !defined(__mips_isa_rev) || __mips_isa_rev < 6
-    case 072: /* SWC2 */
-    case 076: /* SDC2 */
-#endif
-        is_write = 1;
-        break;
-    case 023: /* COP1X */
-        /* Required in all versions of MIPS64 since
-           MIPS64r1 and subsequent versions of MIPS32r2. */
-        switch (insn & 077) {
-        case 010: /* SWXC1 */
-        case 011: /* SDXC1 */
-        case 015: /* SUXC1 */
-            is_write = 1;
-        }
-        break;
-    }
-
-    return handle_cpu_signal(pc, info, is_write, &uc->uc_sigmask);
-}
-
-#elif defined(__riscv)
-
-int cpu_signal_handler(int host_signum, void *pinfo,
-                       void *puc)
-{
-    siginfo_t *info = pinfo;
-    ucontext_t *uc = puc;
-    greg_t pc = uc->uc_mcontext.__gregs[REG_PC];
-    uint32_t insn = *(uint32_t *)pc;
-    int is_write = 0;
-
-    /* Detect store by reading the instruction at the program
-       counter. Note: we currently only generate 32-bit
-       instructions so we thus only detect 32-bit stores */
-    switch (((insn >> 0) & 0b11)) {
-    case 3:
-        switch (((insn >> 2) & 0b11111)) {
-        case 8:
-            switch (((insn >> 12) & 0b111)) {
-            case 0: /* sb */
-            case 1: /* sh */
-            case 2: /* sw */
-            case 3: /* sd */
-            case 4: /* sq */
-                is_write = 1;
-                break;
-            default:
-                break;
-            }
-            break;
-        case 9:
-            switch (((insn >> 12) & 0b111)) {
-            case 2: /* fsw */
-            case 3: /* fsd */
-            case 4: /* fsq */
-                is_write = 1;
-                break;
-            default:
-                break;
-            }
-            break;
-        default:
-            break;
-        }
-    }
-
-    /* Check for compressed instructions */
-    switch (((insn >> 13) & 0b111)) {
-    case 7:
-        switch (insn & 0b11) {
-        case 0: /*c.sd */
-        case 2: /* c.sdsp */
-            is_write = 1;
-            break;
-        default:
-            break;
-        }
-        break;
-    case 6:
-        switch (insn & 0b11) {
-        case 0: /* c.sw */
-        case 3: /* c.swsp */
-            is_write = 1;
-            break;
-        default:
-            break;
-        }
-        break;
-    default:
-        break;
-    }
-
-    return handle_cpu_signal(pc, info, is_write, &uc->uc_sigmask);
-}
-
-#else
-
-#error host CPU specific signal handler needed
-
-#endif
-
 /* The softmmu versions of these helpers are in cputlb.c.  */
 
 uint32_t cpu_ldub_data(CPUArchState *env, abi_ptr ptr)
diff --git a/linux-user/signal.c b/linux-user/signal.c
index 73c0f9066b..509dad7850 100644
--- a/linux-user/signal.c
+++ b/linux-user/signal.c
@@ -24,6 +24,7 @@ 
 #include "qemu.h"
 #include "trace.h"
 #include "signal-common.h"
+#include "host-signal.h"
 
 static struct target_sigaction sigact_table[TARGET_NSIG];
 
@@ -753,59 +754,85 @@  static inline void rewind_if_in_safe_syscall(void *puc)
 }
 #endif
 
-static void host_signal_handler(int host_signum, siginfo_t *info,
-                                void *puc)
+static void host_signal_handler(int host_sig, siginfo_t *info, void *puc)
 {
     CPUArchState *env = thread_cpu->env_ptr;
     CPUState *cpu = env_cpu(env);
     TaskState *ts = cpu->opaque;
-
-    int sig;
+    bool sync_sig = false;
     target_siginfo_t tinfo;
     ucontext_t *uc = puc;
     struct emulated_sigtable *k;
+    uintptr_t pc = 0;
+    int guest_sig;
 
-    /* the CPU emulator uses some host signals to detect exceptions,
-       we forward to it some signals */
-    if ((host_signum == SIGSEGV || host_signum == SIGBUS)
-        && info->si_code > 0) {
-        if (cpu_signal_handler(host_signum, info, puc))
+    /*
+     * Non-spoofed SIGSEGV and SIGBUS are synchronous, and need special
+     * handling wrt signal blocking and unwinding.  SIGSEGV may need to
+     * remove write-protection and restart the instruction.
+     */
+    if ((host_sig == SIGSEGV || host_sig == SIGBUS) && info->si_code > 0) {
+        pc = adjust_signal_pc(host_signal_pc(uc));
+        if (host_sig == SIGSEGV &&
+            info->si_code == SEGV_ACCERR &&
+            host_sigsegv_write(info, uc) &&
+            handle_sigsegv_accerr_write(cpu, &uc->uc_sigmask, pc,
+                                        (uintptr_t)info->si_addr)) {
             return;
+        }
+        sync_sig = true;
+    } else {
+        rewind_if_in_safe_syscall(puc);
+
+        /*
+         * Block host signals until target signal handler entered.
+         * We can't block SIGSEGV or SIGBUS while we're executing
+         * guest code in case the guest code provokes one in the
+         * window between now and it getting out to the main loop.
+         * Signals will be unblocked again in process_pending_signals().
+         *
+         * WARNING: we cannot use sigfillset() here because the uc_sigmask
+         * field is a kernel sigset_t, which is much smaller than the
+         * libc sigset_t which sigfillset() operates on. Using sigfillset()
+         * would write 0xff bytes off the end of the structure and trash
+         * data on the struct.
+         * We can't use sizeof(uc->uc_sigmask) either, because the libc
+         * headers define the struct field with the wrong (too large) type.
+         */
+        memset(&uc->uc_sigmask, 0xff, SIGSET_T_SIZE);
+        sigdelset(&uc->uc_sigmask, SIGSEGV);
+        sigdelset(&uc->uc_sigmask, SIGBUS);
     }
 
     /* get target signal number */
-    sig = host_to_target_signal(host_signum);
-    if (sig < 1 || sig > TARGET_NSIG)
+    guest_sig = host_to_target_signal(host_sig);
+    if (guest_sig < 1 || guest_sig > TARGET_NSIG) {
         return;
-    trace_user_host_signal(env, host_signum, sig);
-
-    rewind_if_in_safe_syscall(puc);
+    }
+    trace_user_host_signal(env, host_sig, guest_sig);
 
     host_to_target_siginfo_noswap(&tinfo, info);
-    k = &ts->sigtab[sig - 1];
+    k = &ts->sigtab[guest_sig - 1];
     k->info = tinfo;
-    k->pending = sig;
+    k->pending = guest_sig;
     ts->signal_pending = 1;
 
-    /* Block host signals until target signal handler entered. We
-     * can't block SIGSEGV or SIGBUS while we're executing guest
-     * code in case the guest code provokes one in the window between
-     * now and it getting out to the main loop. Signals will be
-     * unblocked again in process_pending_signals().
-     *
-     * WARNING: we cannot use sigfillset() here because the uc_sigmask
-     * field is a kernel sigset_t, which is much smaller than the
-     * libc sigset_t which sigfillset() operates on. Using sigfillset()
-     * would write 0xff bytes off the end of the structure and trash
-     * data on the struct.
-     * We can't use sizeof(uc->uc_sigmask) either, because the libc
-     * headers define the struct field with the wrong (too large) type.
+    /*
+     * For synchronous signals, unwind the cpu state to the faulting
+     * insn and then exit back to the main loop so that the signal
+     * is delivered immediately.
      */
-    memset(&uc->uc_sigmask, 0xff, SIGSET_T_SIZE);
-    sigdelset(&uc->uc_sigmask, SIGSEGV);
-    sigdelset(&uc->uc_sigmask, SIGBUS);
+    if (sync_sig) {
+        clear_helper_retaddr();
+        sigprocmask(SIG_SETMASK, &uc->uc_sigmask, NULL);
+        cpu->exception_index = EXCP_INTERRUPT;
+        cpu_loop_exit_restore(cpu, pc);
+    }
 
-    /* interrupt the virtual CPU as soon as possible */
+    /*
+     * Interrupt the virtual CPU as soon as possible, but for now
+     * return to continue with the current TB.
+     */
     cpu_exit(thread_cpu);
 }