From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.6 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id EF6F6C433DB for ; Fri, 5 Mar 2021 20:22:57 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 561BE6509F for ; Fri, 5 Mar 2021 20:22:57 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 561BE6509F Authentication-Results: mail.kernel.org; dmarc=pass (p=none dis=none) header.from=nongnu.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Received: from localhost ([::1]:40082 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lIGyO-0000rR-BF for qemu-devel@archiver.kernel.org; Fri, 05 Mar 2021 15:22:56 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:52020) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lIGxi-0000D9-OI; Fri, 05 Mar 2021 15:22:14 -0500 Received: from home.keithp.com ([63.227.221.253]:33084 helo=elaine.keithp.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lIGxh-00031b-8y; Fri, 05 Mar 2021 15:22:14 -0500 Received: from localhost (localhost [127.0.0.1]) by elaine.keithp.com (Postfix) with ESMTP id CEC273F2EE3F; Fri, 5 Mar 2021 12:22:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=keithp.com; s=mail; t=1614975730; bh=M5sx0VQLPo9KnQno/BVZlGjB4AZ0Grv+jZJBHAAIizk=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=KHquymD8GClsMbPNelw3JIPoMhksxqrmPUd3cbEUgNEdL8SvwlY/JD1ZFNzazbFkH nGIcEhPoXWyZ6EbOP3cWkaDVWQLVG+I/9ZadO8UzOcDDDVNHyVl935Z0rMlvOMWJHT XZIH32I5wOZip5VoMlwETXixgIeMrpD/+SfE9d5R4MKsvQL2FH6ynzko+qzDn3b13+ ieBpebInP72NbfPvkqjdtW9aF9LnDN2CSDbo3rY8IdXfUB+Z77h9o1Oa4bg7dAGVuy /CZ+yxMogIIR3w52u30b0MHNAltm+Lc3v1Egi8gr5KytGNyOFmC+mkSpuCvAQG7Vh2 PFrguVst4Dejg== X-Virus-Scanned: Debian amavisd-new at keithp.com Received: from elaine.keithp.com ([127.0.0.1]) by localhost (elaine.keithp.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id sfMXdzvMypKq; Fri, 5 Mar 2021 12:22:10 -0800 (PST) Received: from keithp.com (koto.keithp.com [10.0.0.2]) by elaine.keithp.com (Postfix) with ESMTPSA id 569D63F2EE21; Fri, 5 Mar 2021 12:22:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=keithp.com; s=mail; t=1614975730; bh=M5sx0VQLPo9KnQno/BVZlGjB4AZ0Grv+jZJBHAAIizk=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=KHquymD8GClsMbPNelw3JIPoMhksxqrmPUd3cbEUgNEdL8SvwlY/JD1ZFNzazbFkH nGIcEhPoXWyZ6EbOP3cWkaDVWQLVG+I/9ZadO8UzOcDDDVNHyVl935Z0rMlvOMWJHT XZIH32I5wOZip5VoMlwETXixgIeMrpD/+SfE9d5R4MKsvQL2FH6ynzko+qzDn3b13+ ieBpebInP72NbfPvkqjdtW9aF9LnDN2CSDbo3rY8IdXfUB+Z77h9o1Oa4bg7dAGVuy /CZ+yxMogIIR3w52u30b0MHNAltm+Lc3v1Egi8gr5KytGNyOFmC+mkSpuCvAQG7Vh2 PFrguVst4Dejg== Received: by keithp.com (Postfix, from userid 1000) id 3B7E015821A3; Fri, 5 Mar 2021 12:22:10 -0800 (PST) To: Peter Maydell , Alex =?utf-8?Q?Benn=C3=A9e?= Cc: QEMU Developers , Bug 1915925 <1915925@bugs.launchpad.net>, "open list:ARM TCG CPUs" Subject: Re: [PATCH v1 3/3] semihosting/arg-compat: fix up handling of SYS_HEAPINFO In-Reply-To: References: <20210305135451.15427-1-alex.bennee@linaro.org> <20210305135451.15427-4-alex.bennee@linaro.org> Date: Fri, 05 Mar 2021 12:22:09 -0800 Message-ID: <87im65gxla.fsf@keithp.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" Received-SPF: pass client-ip=63.227.221.253; envelope-from=keithp@keithp.com; helo=elaine.keithp.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" Reply-to: Keith Packard From: Keith Packard via --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Peter Maydell writes: > Also, you don't seem to have the correct "is the CPU in > 32-bit or 64-bit mode" test here: you cannot rely on target_ulong > being the right size, you must make a runtime check. Do you mean whether a dual aarch64/arm core is in arm or aarch64 mode, or whether an aarch64 is running a 32-bit ABI? =2D-=20 =2Dkeith --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEw4O3eCVWE9/bQJ2R2yIaaQAAABEFAmBCkvIACgkQ2yIaaQAA ABEd/g/+O+tWkZiYe6wLv+EJByIAwxVAQWLgzjF5jXa6TkcmyFKHj1NqpzFZTL9e 6DhGN9UOOQTw7YYjFZu/s9QDDkdXV4k5BX+ELDAWuTVdGM4tAWnakrrX+dNCmCuB d6GEaehzDdB1Mu8KJyyKkMSFKSXV35X6fc7Mo1teqfa+cqLYPHwToreTzDpwt2MI XFFv/Ud8NAJSncfDyvdOaDXzWU4k22uOZ9EjAkrMO/7q2ii/aSDo5x9s4LHnF58n v1p+JhwiM/F9xkugkIh99r5OiYIP8K13MlS6VZONE/y89iNdhokG/BfKLjo9XHIu H/GqeGoo39dr4zEnWo9C/rZ+HVjjxHHh4aGOT37UM3tMoumGL1mVXCHKNXt9if07 0KuC6tvJQpKyAcbUobLLqKxKmZWRt/+AbYBwLN0L9PRINAqjHmPkj7EUw0V0okqa M8e4TPf13PmpmeOk1WPc39B4jdnzO4+7jkcqIHd1RSKWTH2P/tlKQC9Y4y2ypEDb fhgCELRRKFZT7d7TCtVSHO/yYMdHuY7AmIVlb8PouGYYIVKvnrDB5t4wVGuzClcv sf9Fn+yBUtG+MYr+KIgN1d9ZZaLFCHbBT44ZHmBQghHjvcTCa7bnttzOlph3AqPr 1WktDOc3MKFD/dTW+RInYoscou9zQZMXBttHSc57fN9Qo0Ke0Sc= =PmUx -----END PGP SIGNATURE----- --=-=-=-- From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,MENTIONS_GIT_HOSTING, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 99474C433DB for ; Fri, 5 Mar 2021 20:32:09 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id B772564F60 for ; Fri, 5 Mar 2021 20:32:08 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org B772564F60 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=bugs.launchpad.net Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Received: from localhost ([::1]:46898 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lIH7H-00040D-Mb for qemu-devel@archiver.kernel.org; Fri, 05 Mar 2021 15:32:07 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:53594) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lIH61-00037C-Kr for qemu-devel@nongnu.org; Fri, 05 Mar 2021 15:30:49 -0500 Received: from indium.canonical.com ([91.189.90.7]:38418) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lIH5y-0006ff-RU for qemu-devel@nongnu.org; Fri, 05 Mar 2021 15:30:49 -0500 Received: from loganberry.canonical.com ([91.189.90.37]) by indium.canonical.com with esmtp (Exim 4.86_2 #2 (Debian)) id 1lIH5t-0008SP-Ua for ; Fri, 05 Mar 2021 20:30:41 +0000 Received: from loganberry.canonical.com (localhost [127.0.0.1]) by loganberry.canonical.com (Postfix) with ESMTP id E5DB32E8041 for ; Fri, 5 Mar 2021 20:30:41 +0000 (UTC) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Date: Fri, 05 Mar 2021 20:22:09 -0000 From: Keith Packard <1915925@bugs.launchpad.net> To: qemu-devel@nongnu.org X-Launchpad-Notification-Type: bug X-Launchpad-Bug: product=qemu; status=Confirmed; importance=Undecided; assignee=alex.bennee@linaro.org; X-Launchpad-Bug-Tags: semihosting testcase X-Launchpad-Bug-Information-Type: Public X-Launchpad-Bug-Private: no X-Launchpad-Bug-Security-Vulnerability: no X-Launchpad-Bug-Commenters: ajbennee inver7 keithp pmaydell X-Launchpad-Bug-Reporter: iNvEr7 (inver7) X-Launchpad-Bug-Modifier: Keith Packard (keithp) References: <161356438332.24036.4652954745285513495.malonedeb@chaenomeles.canonical.com> <20210305135451.15427-4-alex.bennee@linaro.org> Message-ID: <87im65gxla.fsf@keithp.com> Subject: [Bug 1915925] Re: [PATCH v1 3/3] semihosting/arg-compat: fix up handling of SYS_HEAPINFO X-Launchpad-Message-Rationale: Subscriber (QEMU) @qemu-devel-ml X-Launchpad-Message-For: qemu-devel-ml Precedence: bulk X-Generated-By: Launchpad (canonical.com); Revision="fc09074b06b3b9178bd28175bdab646b3b5abfce"; Instance="production" X-Launchpad-Hash: c0f3910d0d5d76b4c28ebe7103d44d5f40790286 Received-SPF: none client-ip=91.189.90.7; envelope-from=bounces@canonical.com; helo=indium.canonical.com X-Spam_score_int: -65 X-Spam_score: -6.6 X-Spam_bar: ------ X-Spam_report: (-6.6 / 5.0 requ) BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Bug 1915925 <1915925@bugs.launchpad.net> Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" Message-ID: <20210305202209.l6Fnr0p1QH8hHUfBCteAO-RZ5L_-Q31r7rwahw-C4QI@z> Peter Maydell writes: > Also, you don't seem to have the correct "is the CPU in > 32-bit or 64-bit mode" test here: you cannot rely on target_ulong > being the right size, you must make a runtime check. Do you mean whether a dual aarch64/arm core is in arm or aarch64 mode, or whether an aarch64 is running a 32-bit ABI? -- = -keith -- = You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1915925 Title: ARM semihosting HEAPINFO results wrote to wrong address Status in QEMU: Confirmed Bug description: This affects latest development branch of QEMU. According to the ARM spec of the HEAPINFO semihosting call: https://developer.arm.com/documentation/100863/0300/Semihosting- operations/SYS-HEAPINFO--0x16-?lang=3Den > the PARAMETER REGISTER contains the address of a pointer to a four- field data block. However, QEMU treated the PARAMETER REGISTER as pointing to a four- field data block directly. Here is a simple program that can demonstrate this problem: https://github.com/iNvEr7/qemu-learn/tree/newlib-bug/semihosting- newlib This code links with newlib with semihosting mode, which will call the HEAPINFO SVC during crt0 routine. When running in QEMU (make run), it may crash the program either because of invalid write or memory curruption, depending on the compiled program structure. Also refer to my discussion with newlib folks: https://sourceware.org/pipermail/newlib/2021/018260.html To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1915925/+subscriptions