From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.6 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B7C5EC433DB for ; Fri, 12 Mar 2021 10:52:09 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 7837660C3D for ; Fri, 12 Mar 2021 10:52:09 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 7837660C3D Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Received: from localhost ([::1]:40710 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lKfOq-00044J-HP for qemu-devel@archiver.kernel.org; Fri, 12 Mar 2021 05:52:08 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:42972) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lKf5m-00026n-9z for qemu-devel@nongnu.org; Fri, 12 Mar 2021 05:32:26 -0500 Received: from mail-ej1-x62d.google.com ([2a00:1450:4864:20::62d]:41608) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lKf5j-00046f-Ep for qemu-devel@nongnu.org; Fri, 12 Mar 2021 05:32:26 -0500 Received: by mail-ej1-x62d.google.com with SMTP id lr13so52433919ejb.8 for ; Fri, 12 Mar 2021 02:32:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=xW/OLYeeQPD+vP4TJ82gujvOsb8Ulam83lpLmGem+1E=; b=OkcU6Biq9KP+qKqQXNfTMcf47LVfBYtq0gBS1r8EsoM5Qzdf/mLogJ5KkrCZAith4Q K7JNhhUzqkdNNHsmU0LexMortmi4nqplmyxDOzCp6ktjLTKyEB4uRao2A6Ev8/gYl63b e9683dv3LEneppvCuTPO7wdgBMExPorECy3oGjcz3DbOnIN4WwteORf2ZhZ/c9jjg7pw UwnU/iMMMxSia0SeI2rQZqm1Twk2xaDHPfoLcjhzljem++/YtJzoDi04Ty4vkIu6UvPg uDMiVz/TJJP2MMKOLysaMaXGEGw4o4pMo+3VrXTkfR0WrG7Mft5uVou/Tf+9uFGDwQIB hjPA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=xW/OLYeeQPD+vP4TJ82gujvOsb8Ulam83lpLmGem+1E=; b=JmLqYxvcmAPM7G81AJMVTzKc8038sz1DuEXgQWUl3W1V4L1zOFTlA1ZvgDv9ntYVcv RuRm5Nn00SNOgu1diIBEgaseJekEe+Po7EPTDHoZ7x2bJLh70zJDmKWiIPFVX/eKXF3d m0ATToh9lxQxYNRW1iXHdfEm+Da0VY+qIRAdSEI/iMbRytHsnAVkFfbuERM3Y5kfYI2p aPH1/9md29HWHhPfMJt1x+hlqtmBBRDiF59i3xfMByBoHRfSPKwDAVdizZlWOiE53Wn5 hLM2PB8Vm/J8y9lF3cYCYopDRga9+ahDGgNsnwa2FSdd85hpArJs1TgiyBLhdoQbJ24d oKeQ== X-Gm-Message-State: AOAM5339Fpa3x3FNMChFBENPybHoKUpEyEY5H0mtnFuOa9aUYzV0o6iG LCLRXjrhi8qCGT4wc9nADrRhvJ4OhUHDWWiN8PnLfg== X-Google-Smtp-Source: ABdhPJyJQlZwaqobrG5ig7GgkT2qsSjIKZ7zgSX7RqurfPYwA1FTsWJAdZX21rSBVOL7YVbMCgKYzqoqPouRTPophiQ= X-Received: by 2002:a17:906:16ca:: with SMTP id t10mr7885207ejd.85.1615545141929; Fri, 12 Mar 2021 02:32:21 -0800 (PST) MIME-Version: 1.0 References: <20210312102029.17017-1-alex.bennee@linaro.org> <20210312102029.17017-4-alex.bennee@linaro.org> In-Reply-To: <20210312102029.17017-4-alex.bennee@linaro.org> From: Peter Maydell Date: Fri, 12 Mar 2021 10:32:03 +0000 Message-ID: Subject: Re: [PATCH v5 3/5] semihosting/arm-compat-semi: don't use SET_ARG to report SYS_HEAPINFO To: =?UTF-8?B?QWxleCBCZW5uw6ll?= Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=2a00:1450:4864:20::62d; envelope-from=peter.maydell@linaro.org; helo=mail-ej1-x62d.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Bug 1915925 <1915925@bugs.launchpad.net>, Keith Packard , qemu-arm , "open list:RISC-V" , QEMU Developers Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" On Fri, 12 Mar 2021 at 10:29, Alex Benn=C3=A9e wro= te: > > As per the spec: > > the PARAMETER REGISTER contains the address of a pointer to a > four-field data block. > > So we need to follow arg0 and place the results of SYS_HEAPINFO there. > > Fixes: 3c37cfe0b1 ("semihosting: Change internal common-semi interfaces t= o use CPUState *") > Bug: https://bugs.launchpad.net/bugs/1915925 > Cc: Bug 1915925 <1915925@bugs.launchpad.net> > Cc: Keith Packard > Signed-off-by: Alex Benn=C3=A9e > > --- > v3 > - just revert the old behaviour Reviewed-by: Peter Maydell thanks -- PMM From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-13.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,MAILING_LIST_MULTI, MENTIONS_GIT_HOSTING,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B5F44C433DB for ; Fri, 12 Mar 2021 10:55:49 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 375A564FE0 for ; Fri, 12 Mar 2021 10:55:49 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 375A564FE0 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=bugs.launchpad.net Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Received: from localhost ([::1]:47306 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lKfSO-0007Vs-8B for qemu-devel@archiver.kernel.org; Fri, 12 Mar 2021 05:55:48 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:45614) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lKfE2-0007on-Jh for qemu-devel@nongnu.org; Fri, 12 Mar 2021 05:40:58 -0500 Received: from indium.canonical.com ([91.189.90.7]:42886) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lKfDz-0001AL-MS for qemu-devel@nongnu.org; Fri, 12 Mar 2021 05:40:58 -0500 Received: from loganberry.canonical.com ([91.189.90.37]) by indium.canonical.com with esmtp (Exim 4.86_2 #2 (Debian)) id 1lKfDx-0004NJ-Nm for ; Fri, 12 Mar 2021 10:40:53 +0000 Received: from loganberry.canonical.com (localhost [127.0.0.1]) by loganberry.canonical.com (Postfix) with ESMTP id B17DD2E815A for ; Fri, 12 Mar 2021 10:40:53 +0000 (UTC) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Date: Fri, 12 Mar 2021 10:32:03 -0000 From: Peter Maydell <1915925@bugs.launchpad.net> To: qemu-devel@nongnu.org X-Launchpad-Notification-Type: bug X-Launchpad-Bug: product=qemu; status=Confirmed; importance=Undecided; assignee=alex.bennee@linaro.org; X-Launchpad-Bug-Tags: semihosting testcase X-Launchpad-Bug-Information-Type: Public X-Launchpad-Bug-Private: no X-Launchpad-Bug-Security-Vulnerability: no X-Launchpad-Bug-Commenters: ajbennee inver7 keithp pmaydell X-Launchpad-Bug-Reporter: iNvEr7 (inver7) X-Launchpad-Bug-Modifier: Peter Maydell (pmaydell) References: <161356438332.24036.4652954745285513495.malonedeb@chaenomeles.canonical.com> <20210312102029.17017-4-alex.bennee@linaro.org> Message-ID: Subject: [Bug 1915925] Re: [PATCH v5 3/5] semihosting/arm-compat-semi: don't use SET_ARG to report SYS_HEAPINFO X-Launchpad-Message-Rationale: Subscriber (QEMU) @qemu-devel-ml X-Launchpad-Message-For: qemu-devel-ml Precedence: bulk X-Generated-By: Launchpad (canonical.com); Revision="d4fcb062545ed29d3cd7773e52e43615e042623f"; Instance="production" X-Launchpad-Hash: 1b7fd74d76462a1ac8c7ec3c886f672d55be36ea Received-SPF: none client-ip=91.189.90.7; envelope-from=bounces@canonical.com; helo=indium.canonical.com X-Spam_score_int: -65 X-Spam_score: -6.6 X-Spam_bar: ------ X-Spam_report: (-6.6 / 5.0 requ) BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Bug 1915925 <1915925@bugs.launchpad.net> Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" Message-ID: <20210312103203.rBm1i6sW0E0u1DYeRhXFp2oxPYNcLHnD81eSWqfOAsg@z> On Fri, 12 Mar 2021 at 10:29, Alex Benn=C3=A9e wro= te: > > As per the spec: > > the PARAMETER REGISTER contains the address of a pointer to a > four-field data block. > > So we need to follow arg0 and place the results of SYS_HEAPINFO there. > > Fixes: 3c37cfe0b1 ("semihosting: Change internal common-semi interfaces t= o use CPUState *") > Bug: https://bugs.launchpad.net/bugs/1915925 > Cc: Bug 1915925 <1915925@bugs.launchpad.net> > Cc: Keith Packard > Signed-off-by: Alex Benn=C3=A9e > > --- > v3 > - just revert the old behaviour Reviewed-by: Peter Maydell thanks -- PMM -- = You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1915925 Title: ARM semihosting HEAPINFO results wrote to wrong address Status in QEMU: Confirmed Bug description: This affects latest development branch of QEMU. According to the ARM spec of the HEAPINFO semihosting call: https://developer.arm.com/documentation/100863/0300/Semihosting- operations/SYS-HEAPINFO--0x16-?lang=3Den > the PARAMETER REGISTER contains the address of a pointer to a four- field data block. However, QEMU treated the PARAMETER REGISTER as pointing to a four- field data block directly. Here is a simple program that can demonstrate this problem: https://github.com/iNvEr7/qemu-learn/tree/newlib-bug/semihosting- newlib This code links with newlib with semihosting mode, which will call the HEAPINFO SVC during crt0 routine. When running in QEMU (make run), it may crash the program either because of invalid write or memory curruption, depending on the compiled program structure. Also refer to my discussion with newlib folks: https://sourceware.org/pipermail/newlib/2021/018260.html To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1915925/+subscriptions From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1lKf5n-00028t-Dw for mharc-qemu-riscv@gnu.org; Fri, 12 Mar 2021 05:32:27 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:42954) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lKf5l-00024X-Gy for qemu-riscv@nongnu.org; Fri, 12 Mar 2021 05:32:25 -0500 Received: from mail-ej1-x635.google.com ([2a00:1450:4864:20::635]:38155) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lKf5j-00046b-H5 for qemu-riscv@nongnu.org; Fri, 12 Mar 2021 05:32:25 -0500 Received: by mail-ej1-x635.google.com with SMTP id mj10so52375917ejb.5 for ; Fri, 12 Mar 2021 02:32:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=xW/OLYeeQPD+vP4TJ82gujvOsb8Ulam83lpLmGem+1E=; b=OkcU6Biq9KP+qKqQXNfTMcf47LVfBYtq0gBS1r8EsoM5Qzdf/mLogJ5KkrCZAith4Q K7JNhhUzqkdNNHsmU0LexMortmi4nqplmyxDOzCp6ktjLTKyEB4uRao2A6Ev8/gYl63b e9683dv3LEneppvCuTPO7wdgBMExPorECy3oGjcz3DbOnIN4WwteORf2ZhZ/c9jjg7pw UwnU/iMMMxSia0SeI2rQZqm1Twk2xaDHPfoLcjhzljem++/YtJzoDi04Ty4vkIu6UvPg uDMiVz/TJJP2MMKOLysaMaXGEGw4o4pMo+3VrXTkfR0WrG7Mft5uVou/Tf+9uFGDwQIB hjPA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=xW/OLYeeQPD+vP4TJ82gujvOsb8Ulam83lpLmGem+1E=; b=PCmAsH9bBWCh3q8NT+NHrqO5ko554njOk4/HQEaQvKijLSCjwoig0PonnSbCVjLsjZ mTrkfF1RG3tFv9xJLVqXjAjNJykWpEbFdc967DlQZKv2gWG0ceF7eN6iTuhq4dTK+HUU CCHJ9DSJrFfdEx/qNEJw0F7zcL/CEfblcYW1JOw5EtTLTSs7jJZY9CLeQz5hLIQHWxps XXds2jSTQMluQl//1CCmNu5ha4pe5J1lSN+bNkLe6FvVRO8kteigx4VFTldtLFMBfESQ QYl84v2KtHJ7pE2FxhhxLMlzpLaSUzh5kwfAgjkmDvxMGedYIk2CFoK395qHYcEtOsZx 80Zg== X-Gm-Message-State: AOAM531nVSd13Slq45YeN/6xXOEaGDW1AV23y/uW4ppSLxNBe1UdR6z3 ftQ0wgZX4Cws3+ukUflbwhf2PJi9XTc9iuI43XFMKw== X-Google-Smtp-Source: ABdhPJyJQlZwaqobrG5ig7GgkT2qsSjIKZ7zgSX7RqurfPYwA1FTsWJAdZX21rSBVOL7YVbMCgKYzqoqPouRTPophiQ= X-Received: by 2002:a17:906:16ca:: with SMTP id t10mr7885207ejd.85.1615545141929; Fri, 12 Mar 2021 02:32:21 -0800 (PST) MIME-Version: 1.0 References: <20210312102029.17017-1-alex.bennee@linaro.org> <20210312102029.17017-4-alex.bennee@linaro.org> In-Reply-To: <20210312102029.17017-4-alex.bennee@linaro.org> From: Peter Maydell Date: Fri, 12 Mar 2021 10:32:03 +0000 Message-ID: Subject: Re: [PATCH v5 3/5] semihosting/arm-compat-semi: don't use SET_ARG to report SYS_HEAPINFO To: =?UTF-8?B?QWxleCBCZW5uw6ll?= Cc: QEMU Developers , Keith Packard , qemu-arm , "open list:RISC-V" , Bug 1915925 <1915925@bugs.launchpad.net> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=2a00:1450:4864:20::635; envelope-from=peter.maydell@linaro.org; helo=mail-ej1-x635.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-riscv@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Mar 2021 10:32:25 -0000 On Fri, 12 Mar 2021 at 10:29, Alex Benn=C3=A9e wro= te: > > As per the spec: > > the PARAMETER REGISTER contains the address of a pointer to a > four-field data block. > > So we need to follow arg0 and place the results of SYS_HEAPINFO there. > > Fixes: 3c37cfe0b1 ("semihosting: Change internal common-semi interfaces t= o use CPUState *") > Bug: https://bugs.launchpad.net/bugs/1915925 > Cc: Bug 1915925 <1915925@bugs.launchpad.net> > Cc: Keith Packard > Signed-off-by: Alex Benn=C3=A9e > > --- > v3 > - just revert the old behaviour Reviewed-by: Peter Maydell thanks -- PMM