From nobody Mon Feb  9 08:31:17 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as
 permitted sender) client-ip=208.118.235.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Authentication-Results: mx.zohomail.com;
	dkim=fail;
	spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted
 sender)  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by
 mx.zohomail.com
	with SMTPS id 1524500840999844.095812974871;
 Mon, 23 Apr 2018 09:27:20 -0700 (PDT)
Received: from localhost ([::1]:54368 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <qemu-devel-bounces+importer=patchew.org@nongnu.org>)
	id 1fAeJE-0008SS-84
	for importer@patchew.org; Mon, 23 Apr 2018 12:27:20 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:41858)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <philippe.mathieu.daude@gmail.com>)
	id 1fAeHY-0007H3-7P
	for qemu-devel@nongnu.org; Mon, 23 Apr 2018 12:25:38 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <philippe.mathieu.daude@gmail.com>)
	id 1fAeHX-0000q7-Du
	for qemu-devel@nongnu.org; Mon, 23 Apr 2018 12:25:36 -0400
Received: from mail-qt0-x243.google.com ([2607:f8b0:400d:c0d::243]:34940)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <philippe.mathieu.daude@gmail.com>)
	id 1fAeHX-0000py-9y
	for qemu-devel@nongnu.org; Mon, 23 Apr 2018 12:25:35 -0400
Received: by mail-qt0-x243.google.com with SMTP id s2-v6so18369282qti.2
	for <qemu-devel@nongnu.org>; Mon, 23 Apr 2018 09:25:35 -0700 (PDT)
Received: from x1.local ([138.117.48.212]) by smtp.gmail.com with ESMTPSA id
	d188sm4108889qkb.9.2018.04.23.09.25.32
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Mon, 23 Apr 2018 09:25:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=sender:from:to:cc:subject:date:message-id:in-reply-to:references
	:mime-version:content-transfer-encoding;
	bh=sgsqkaYaz8ojnyt0iffSlWFg7ZGXUw4dke69q1DvGLM=;
	b=FgoRVabbAgtTcNEqj1rAx4laxQuKXkMx4ol0vZBX0HV6LEJPzzRZBVboxAABoc4Az8
	0ZeKiAb5Y8dkKNk4G0bqIWI6naQg5OuYCD1jrHCjnVZd7DaSgminCHMsT6m55y7Shay6
	ucclz6q5HbZFq+XCu0IKgO/NpnJMQu/gSctxniIZpxuJDPU+nikqYDmDwzTOcc79EKYA
	I2wn9JLxL+BcYunfK+FyGyCjUng5DAmcwk2y7nE4JF5ywzy4th+CNQqqBXOHvZq2+1rU
	YZwblHLq8IcLcpGCOfu8/S9Pe1t/2xbMocu/ZcttwVdFoYc2WPakMfkXNM1PJ8YtS4pw
	taGg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:sender:from:to:cc:subject:date:message-id
	:in-reply-to:references:mime-version:content-transfer-encoding;
	bh=sgsqkaYaz8ojnyt0iffSlWFg7ZGXUw4dke69q1DvGLM=;
	b=qPLlpUVtqJ92d/8fK3HSD+xaxD2cerp+jbHQXCY4ay0xWBzZBuB9+mWuzLgLXs4yPd
	JTZGSEKQTkJilweM8Gva3XSKVJIeEanCqJzCZj8uszQ7zjrEHqG0E1WO4657dAWItNWY
	PXfAjVpyJMsehzjQXZnV884urykqFQt5yGI1A9o2+q06/nnnYYgOl3WaKgBcoaZMGcmT
	1oArszBx4g5ZPLNtgbpni8cmjiAi/eYJjt47ku5H4RerIM223C0bvzoC54hhTf0b8GSH
	Tj16nkceXz22KsLbdAyvmlAlO7AVY3Y2LbUgoso9R+7M0fOOk29MTZmYmgpKEaIjvYdW
	vmIQ==
X-Gm-Message-State: ALQs6tCoHreWFTWzrcGz892DF1UgGY9Ueoy7+miDD3vXPJq0ye2NEtMB
	pM+Ux3k5FQHbIJ6FApatxQw=
X-Google-Smtp-Source: 
 AB8JxZqGgvumK1uSvAiWaBM19XyHZdxl03+EdlzJlYjec38f0gsM0PyElx+o4H0225X0stQVtN1fug==
X-Received: by 2002:ac8:4515:: with SMTP id
	q21-v6mr20205896qtn.227.1524500734831;
	Mon, 23 Apr 2018 09:25:34 -0700 (PDT)
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <f4bug@amsat.org>
To: David Gibson <david@gibson.dropbear.id.au>,
	Peter Maydell <peter.maydell@linaro.org>
Date: Mon, 23 Apr 2018 13:25:22 -0300
Message-Id: <20180423162523.6392-2-f4bug@amsat.org>
X-Mailer: git-send-email 2.17.0
In-Reply-To: <20180423162523.6392-1-f4bug@amsat.org>
References: <20180423162523.6392-1-f4bug@amsat.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 2607:f8b0:400d:c0d::243
Subject: [Qemu-devel] [PATCH v3 1/2] bswap.h: Fix ldl_he_p() signedness
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Richard Henderson <richard.henderson@linaro.org>,
	=?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <f4bug@amsat.org>,
	qemu-devel@nongnu.org
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+importer=patchew.org@nongnu.org>
X-ZohoMail-DKIM: fail (Header signature does not verify)
X-ZohoMail: RDKM_2  RSF_0  Z_629925259 SPT_0

As per the "Load and Store APIs" documentation (docs/devel/loads-stores.rst=
),
"No signed load operations are provided."
Update lduw_he_p() to return as unsigned.

Signed-off-by: Philippe Mathieu-Daud=C3=A9 <f4bug@amsat.org>
---
 include/qemu/bswap.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/qemu/bswap.h b/include/qemu/bswap.h
index 3f28f661b1..613978f838 100644
--- a/include/qemu/bswap.h
+++ b/include/qemu/bswap.h
@@ -330,9 +330,9 @@ static inline void stw_he_p(void *ptr, uint16_t v)
     memcpy(ptr, &v, sizeof(v));
 }
=20
-static inline int ldl_he_p(const void *ptr)
+static inline uint32_t ldl_he_p(const void *ptr)
 {
-    int32_t r;
+    uint32_t r;
     memcpy(&r, ptr, sizeof(r));
     return r;
 }
--=20
2.17.0


From nobody Mon Feb  9 08:31:17 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as
 permitted sender) client-ip=208.118.235.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Authentication-Results: mx.zohomail.com;
	dkim=fail;
	spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted
 sender)  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by
 mx.zohomail.com
	with SMTPS id 152450093458672.63363185546132;
 Mon, 23 Apr 2018 09:28:54 -0700 (PDT)
Received: from localhost ([::1]:54373 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <qemu-devel-bounces+importer=patchew.org@nongnu.org>)
	id 1fAeKe-00019v-NB
	for importer@patchew.org; Mon, 23 Apr 2018 12:28:48 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:41885)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <philippe.mathieu.daude@gmail.com>)
	id 1fAeHa-0007Hn-Pc
	for qemu-devel@nongnu.org; Mon, 23 Apr 2018 12:25:39 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <philippe.mathieu.daude@gmail.com>)
	id 1fAeHZ-0000rK-RJ
	for qemu-devel@nongnu.org; Mon, 23 Apr 2018 12:25:38 -0400
Received: from mail-qt0-x243.google.com ([2607:f8b0:400d:c0d::243]:39089)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <philippe.mathieu.daude@gmail.com>)
	id 1fAeHZ-0000rE-MQ
	for qemu-devel@nongnu.org; Mon, 23 Apr 2018 12:25:37 -0400
Received: by mail-qt0-x243.google.com with SMTP id f1-v6so1189137qtj.6
	for <qemu-devel@nongnu.org>; Mon, 23 Apr 2018 09:25:37 -0700 (PDT)
Received: from x1.local ([138.117.48.212]) by smtp.gmail.com with ESMTPSA id
	d188sm4108889qkb.9.2018.04.23.09.25.35
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Mon, 23 Apr 2018 09:25:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=sender:from:to:cc:subject:date:message-id:in-reply-to:references
	:mime-version:content-transfer-encoding;
	bh=2D7TZqV4430a0dA8MCrQgXIuMRPdl1CXT9hUN9/aLiY=;
	b=q3R1WXxAozjz2Ijho3jyJVT6Dh1oJRZWFSgxvO9dMrrljmZz//NzWAGJ8gNjCyDQ91
	cWogiBGgEDU/GgrttOO4acbuG0EzTQ7ylFXfsM31rASK4dd0p9fO1h44Of4sS7Dsa4tA
	3uk2Fbt+bReDBmX5DujZdrBVnNP6lwk7kRdUjipjkevmttp8UBZesOKp7zpTwDC5ivBB
	zSgw8I5aZwvn0FaSI19lIRQjL3ryFadBWAQGQWKYgR+ryebsmw4FE98+tMMp3WalZE21
	/ZL1TqHajpFcTVdqj167mjlUchuBF4z2nCIirwdoA+RVl3HIo/SkMV8qtZFjVNEZC4Ib
	+mVQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:sender:from:to:cc:subject:date:message-id
	:in-reply-to:references:mime-version:content-transfer-encoding;
	bh=2D7TZqV4430a0dA8MCrQgXIuMRPdl1CXT9hUN9/aLiY=;
	b=ssV3Rb0He+hMdlTWzemCWPAqhFWRe66KFQbrlbuqt0CKI+xHcRXAF+oEKcGz3539WN
	D8SjFGTyxC9iOkIELQaviWK9WsateHt5uX3ErSE+0v8rxnUA11oVp6a6PDk5vZOwj31x
	ZLYSbltIqLje+zYq4ZLLOU8l2oITi0Wmqh7zMpd/V2XXJHS0/Fr2Nc1Oyw8c7zTVAtX6
	lajLlA6kOvzNDmXp/ug2BUhCAp+aV0YFOBICuGNKCeQUYculPIO7YQGTSlk8nCR0OwQy
	q0kialb5zl9qN3OFiEVHj+R3AQdcsjh2MgNkjm9UL/oavglSFa8fJ5efkPui+I18MlLe
	y2xA==
X-Gm-Message-State: ALQs6tCHvW8GLfbhnZ8YAA7xmyvMmXO5DGgIfkGib9bewIIA2D4DCgj2
	q1wS67yeljQrHjgSHkuEhg0=
X-Google-Smtp-Source: 
 AIpwx483QPLIB6FlVdwhCvD/M5e+mA3G4KD+adKnl6zTV5bbGQlei/ie7fe4sAG4VXRb3xUtWmeQSg==
X-Received: by 2002:aed:2962:: with SMTP id
	s89-v6mr23412831qtd.162.1524500737189;
	Mon, 23 Apr 2018 09:25:37 -0700 (PDT)
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <f4bug@amsat.org>
To: David Gibson <david@gibson.dropbear.id.au>,
	Peter Maydell <peter.maydell@linaro.org>
Date: Mon, 23 Apr 2018 13:25:23 -0300
Message-Id: <20180423162523.6392-3-f4bug@amsat.org>
X-Mailer: git-send-email 2.17.0
In-Reply-To: <20180423162523.6392-1-f4bug@amsat.org>
References: <20180423162523.6392-1-f4bug@amsat.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 2607:f8b0:400d:c0d::243
Subject: [Qemu-devel] [PATCH v3 2/2] loader: Fix 64-bit misaligned member
 access
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>,
	Paul Burton <paul.burton@mips.com>,
	=?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <f4bug@amsat.org>,
	qemu-devel@nongnu.org
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+importer=patchew.org@nongnu.org>
X-ZohoMail-DKIM: fail (Header signature does not verify)
X-ZohoMail: RDKM_2  RSF_0  Z_629925259 SPT_0

The libfdt does not guarantee than fdt_getprop() returns a pointer
aligned to the property size.

Assuming the base of the fdt is aligned, a 32-bit property returns
a 32-bit aligned pointer. This is however not guaranteed for 64-bit
properties, where 64-bit loads might trigger unaligned access.

Fix this issue by using the ldst (host) API, which does a local copy
on the stack, thus guaranteeing a safe aligned access.

This fixes the following ASan warning:

  $ mips64el-softmmu/qemu-system-mips64el -M boston -kernel vmlinux.gz.itb =
-nographic
  hw/core/loader-fit.c:108:17: runtime error: load of misaligned address 0x=
7f95cd7e4264 for type 'fdt64_t', which requires 8 byte alignment
  0x7f95cd7e4264: note: pointer points here
    00 00 00 3e ff ff ff ff  80 7d 2a c0 00 00 00 01  68 61 73 68 40 30 00 =
00  00 00 00 03 00 00 00 14
                ^

Reported-by: AddressSanitizer
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daud=C3=A9 <f4bug@amsat.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
---
 hw/core/loader-fit.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/core/loader-fit.c b/hw/core/loader-fit.c
index 0c4a7207f4..628f854636 100644
--- a/hw/core/loader-fit.c
+++ b/hw/core/loader-fit.c
@@ -102,10 +102,10 @@ static int fit_image_addr(const void *itb, int img, c=
onst char *name,
=20
     switch (len) {
     case 4:
-        *addr =3D fdt32_to_cpu(*(fdt32_t *)prop);
+        *addr =3D fdt32_to_cpu(ldl_he_p(prop));
         return 0;
     case 8:
-        *addr =3D fdt64_to_cpu(*(fdt64_t *)prop);
+        *addr =3D fdt64_to_cpu(ldq_he_p(prop));
         return 0;
     default:
         error_printf("invalid %s address length %d\n", name, len);
--=20
2.17.0