From: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
To: Eduardo Habkost <ehabkost@redhat.com>, qemu-devel@nongnu.org
Cc: Igor Mammedov <imammedo@redhat.com>,
"Daniel P. Berrange" <berrange@redhat.com>,
Artyom Tarasenko <atar4qemu@gmail.com>,
Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: [PATCH 1/7] sparc: Fix property/field size mismatch for iu-version
Date: Tue, 10 Nov 2020 13:00:37 +0000 [thread overview]
Message-ID: <32bac169-baec-3620-0915-f2377e74985e@ilande.co.uk> (raw)
In-Reply-To: <20201104172512.2381656-2-ehabkost@redhat.com>
On 04/11/2020 17:25, Eduardo Habkost wrote:
> The "iu-version" property is declared as uint64_t but points to a
> target_ulong struct field. On the sparc 32-bit target, This
> makes every write of iu-version corrupt the 4 bytes after
> sparc_def_t.iu_version (where the fpu_version field is located).
>
> Change the type of the iu_version struct field to uint64_t,
> and just use DEFINE_PROP_UINT64.
>
> The only place where env.def.iu_version field is read is the
> env->version = env->def.iu_version;
> assignment at sparc_cpu_realizefn(). This means behavior will be
> kept exactly the same (except for the memory corruption bug fix).
>
> It would be nice to explicitly validate iu_version against
> target_ulong limits, but that would be a new feature (since the
> first version of this code, iu-version was parsed as 64-bit value
> value). It can be done later, once we have an appropriate API to
> define limits for integer properties.
>
> Fixes: de05005bf785 ("sparc: convert cpu features to qdev properties")
> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
> ---
> Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
> Cc: Artyom Tarasenko <atar4qemu@gmail.com>
> Cc: qemu-devel@nongnu.org
> ---
> target/sparc/cpu.h | 2 +-
> target/sparc/cpu.c | 5 ++---
> 2 files changed, 3 insertions(+), 4 deletions(-)
>
> diff --git a/target/sparc/cpu.h b/target/sparc/cpu.h
> index b9369398f2..8ed0f4fef3 100644
> --- a/target/sparc/cpu.h
> +++ b/target/sparc/cpu.h
> @@ -252,7 +252,7 @@ typedef struct trap_state {
>
> struct sparc_def_t {
> const char *name;
> - target_ulong iu_version;
> + uint64_t iu_version;
> uint32_t fpu_version;
> uint32_t mmu_version;
> uint32_t mmu_bm;
> diff --git a/target/sparc/cpu.c b/target/sparc/cpu.c
> index ec59a13eb8..5a9397f19a 100644
> --- a/target/sparc/cpu.c
> +++ b/target/sparc/cpu.c
> @@ -576,7 +576,7 @@ void sparc_cpu_list(void)
> unsigned int i;
>
> for (i = 0; i < ARRAY_SIZE(sparc_defs); i++) {
> - qemu_printf("Sparc %16s IU " TARGET_FMT_lx
> + qemu_printf("Sparc %16s IU %" PRIx64
> " FPU %08x MMU %08x NWINS %d ",
> sparc_defs[i].name,
> sparc_defs[i].iu_version,
> @@ -838,8 +838,7 @@ static Property sparc_cpu_properties[] = {
> DEFINE_PROP_BIT("hypv", SPARCCPU, env.def.features, 11, false),
> DEFINE_PROP_BIT("cmt", SPARCCPU, env.def.features, 12, false),
> DEFINE_PROP_BIT("gl", SPARCCPU, env.def.features, 13, false),
> - DEFINE_PROP_UNSIGNED("iu-version", SPARCCPU, env.def.iu_version, 0,
> - prop_info_uint64, target_ulong),
> + DEFINE_PROP_UINT64("iu-version", SPARCCPU, env.def.iu_version, 0),
> DEFINE_PROP_UINT32("fpu-version", SPARCCPU, env.def.fpu_version, 0),
> DEFINE_PROP_UINT32("mmu-version", SPARCCPU, env.def.mmu_version, 0),
> DEFINE_PROP("nwindows", SPARCCPU, env.def.nwindows,
Acked-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
ATB,
Mark.
next prev parent reply other threads:[~2020-11-10 13:02 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-04 17:25 [PATCH 0/7] qom: Field properties type safety Eduardo Habkost
2020-11-04 17:25 ` [PATCH 1/7] sparc: Fix property/field size mismatch for iu-version Eduardo Habkost
2020-11-10 13:00 ` Mark Cave-Ayland [this message]
2020-11-04 17:25 ` [PATCH 2/7] qom: Save size of struct field in Property struct Eduardo Habkost
2020-11-04 17:25 ` [PATCH 3/7] qdev: Don't register unreadable legacy properties Eduardo Habkost
2020-11-04 17:25 ` [PATCH 4/7] qom: Replace void* parameter with Property* on field getters/setters Eduardo Habkost
2020-11-04 17:25 ` Eduardo Habkost
2020-11-09 10:44 ` Cornelia Huck
2020-11-09 10:44 ` Cornelia Huck
2020-11-04 17:25 ` [PATCH 5/7] qom: Replace void* parameter with Property* on PropertyInfo.release Eduardo Habkost
2020-11-04 17:25 ` [PATCH 6/7] qom: Add FIELD_PTR, a type-safe wrapper for object_field_prop_ptr() Eduardo Habkost
2020-11-04 17:25 ` Eduardo Habkost
2020-11-09 10:47 ` Cornelia Huck
2020-11-09 10:47 ` Cornelia Huck
2020-11-04 17:25 ` [PATCH 7/7] sparc: Use FIELD_PTR at nwindows getter/setter Eduardo Habkost
2020-11-10 13:04 ` Mark Cave-Ayland
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=32bac169-baec-3620-0915-f2377e74985e@ilande.co.uk \
--to=mark.cave-ayland@ilande.co.uk \
--cc=atar4qemu@gmail.com \
--cc=berrange@redhat.com \
--cc=ehabkost@redhat.com \
--cc=imammedo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.