From nobody Sat Apr 11 21:30:44 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=none dis=none)  header.from=linaro.org
ARC-Seal: i=1; a=rsa-sha256; t=1772727422; cv=none;
	d=zohomail.com; s=zohoarc;
	b=a4591cLLUlIHyYqkl8nARnTin+DhU8J/dQoqTb7lBfTRDD12IhH0kPrQoM40sGuf77ZIBaw0Vc0HsGn7tPt1gNfFYKKC0qeD9gvnqH7GK3+OvV4ZBJ/BRE3AEVvC8L1y6ZKOMcqPB+2efBhMMB1XmlIMaXJjDS9iyRKrBuEROt4=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1772727422;
 h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=sFqivDor1d74CstpMnj+DHrBSaSDA8Y/O0yQwkVicTo=;
	b=DG51Lc48/RECFnFsYnehP8zH7VLfHxt9hWge1ZSlqGSfAoDg6muWSJIKPkFy5NwJ82ZUz6CkMgLPYXdcGjMUydSj3JP7N+28+I9hoeNETjbjBbc7PG2pYOqzGh/KpKjZ6bsyX6visspLOwdMNGcR47sJIPzNRe5uB2qgSWp4xO0=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<peter.maydell@linaro.org> (p=none dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1772727422484229.49528694370804;
 Thu, 5 Mar 2026 08:17:02 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vyBMX-00089C-Py; Thu, 05 Mar 2026 11:15:45 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <peter.maydell@linaro.org>)
 id 1vyBMQ-00088F-Fq
 for qemu-devel@nongnu.org; Thu, 05 Mar 2026 11:15:43 -0500
Received: from mail-wm1-x32a.google.com ([2a00:1450:4864:20::32a])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <peter.maydell@linaro.org>)
 id 1vyBMO-0004Wd-MB
 for qemu-devel@nongnu.org; Thu, 05 Mar 2026 11:15:38 -0500
Received: by mail-wm1-x32a.google.com with SMTP id
 5b1f17b1804b1-48329eb96a7so55113355e9.3
 for <qemu-devel@nongnu.org>; Thu, 05 Mar 2026 08:15:36 -0800 (PST)
Received: from lanath.. (wildly.archaic.org.uk. [81.2.115.145])
 by smtp.gmail.com with ESMTPSA id
 5b1f17b1804b1-4851fad01d2sm53466465e9.3.2026.03.05.08.15.33
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 05 Mar 2026 08:15:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1772727335; x=1773332135; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=sFqivDor1d74CstpMnj+DHrBSaSDA8Y/O0yQwkVicTo=;
 b=krsQJuN0NB+daVIsm3omDQtyzF7uy+MJwCMQbkhzvCQmWkD5xEKMEfmFh1CUMlBwmu
 JN1i6PIWToRCcQJKhr+qUxn5ybd2cETfTgRkPDCdB30QMQUbHxLkfvuYfsf6nsmExYRM
 0iIU5FWrY/rg3LUCGB+sqyjuYBx5g35G+NXEFWaDuZOxNOHPfjQhT7KNNOJxXZCv2WVZ
 sujRxkXu5mTwadkGnLy27Y80q4kxu7L1eCrBb/3wizMvqKHAQEocB8XvflqOEFfyHdpP
 LGyGvmhiFMiM3zpLv3SFISKC0LB8Ht3xxyecxZ1etc7Ddm7Gl2T33xEN2B5mU21EXfvs
 m+bg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1772727335; x=1773332135;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=sFqivDor1d74CstpMnj+DHrBSaSDA8Y/O0yQwkVicTo=;
 b=thC5466FTUH3YO1llQD2fUNOgE+J1wR3g+iBPTVjnjgTtsbSkjLtkOpvthBehluKA+
 ClzGOFuckKL4F2yuIxorVJOq1G+4UzSuRQM9EsJQ358xOkgZ+BGu5ztzQ04r3vk3bDUD
 m95pJJYGH2pUukJGWA8Ca2B2sIkTXZffWZtb7vYGPmm44mkkvemSUFi7bFnQhpXAc7Vt
 Zs9PAFR9nGb1egfriGHnNnekUO1XzH1J1U/ycq9wl8B4ImdQaLO800F37f4oepaptm5V
 9cGpEGp/3op+Db2WQm1LripXE21azrbqOhIhuT2CoF7OKVQ43LtEXMuefaU6HNKcMXKX
 2ppw==
X-Gm-Message-State: AOJu0YwwdZ8eD5J94UTnxmxmAssQlk+H2K8ZVRsDoyOjTGiNK+lYnI7Y
 AyQeB+qJV2lKuswbanmWachKypbqeShJUheuM4HHRAGIGPJGf4xEknRJy195u1t/LBpu9fnEz87
 fMeEr
X-Gm-Gg: ATEYQzxCSfe88vf1f7KSnszPDg7GDdx0NVV5dzTnOZg5eztJ3NcLghfrisa8DdIkFsk
 /B1Gn9Oz5/bpg+g1O8KKgxpto2lRPeb8/ZoKENPeUFhD4KXs4W4jtlTvRJPRgACr69MZCYKLQ3s
 ObqPpIJcY87sS99lxRo7ogGZrcppIos3uCL3f0/tKirC5Nj5GeZY0Kr5DxleODMysBAKN1cnFzd
 HpyckitL+Gukk31ZoW2fc/QRZ8wVqAXpdk98EmV3Dg1FEECLrpzNXZUGoTFjWkmHwiLOsgOpatA
 wneWmljkQNq31ZMhEa+jTybWJUpp7+o6ZAfzsYzjdJ5tj/8tceWOQY9khgbed1mCdhvl+0iDdKj
 2X0y+irwN/bX+Ce/TDHEPZq7NbGo6g02yCOqKHx0b8oiA41v8MvRMjunsUhLofQgllyeUlOW3j5
 EJ19XUN7AkO+XFtJ5OUk/g1PRd3IZfuHtien/Prdv2Nk9xe8zF3tP3QhB9xZg6C0kSxIuISip8u
 xgyy1bCXqBPIDcb84Uz52hazNVObKXfdJMysL9UMQ==
X-Received: by 2002:a05:600c:1f85:b0:47e:e4ff:e2ac with SMTP id
 5b1f17b1804b1-485198a3b5amr117961185e9.33.1772727334814;
 Thu, 05 Mar 2026 08:15:34 -0800 (PST)
From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-devel@nongnu.org
Cc: =?UTF-8?q?Alex=20Benn=C3=A9e?= <alex.bennee@linaro.org>,
 Pierrick Bouvier <pierrick.bouvier@linaro.org>,
 Alexandre Iooss <erdnaxe@crans.org>,
 Mahmoud Mandour <ma.mandourr@gmail.com>
Subject: [PATCH 1/3] tests/tcg/plugins/mem: Don't access unaligned memory
Date: Thu,  5 Mar 2026 16:15:29 +0000
Message-ID: <20260305161531.1774895-2-peter.maydell@linaro.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20260305161531.1774895-1-peter.maydell@linaro.org>
References: <20260305161531.1774895-1-peter.maydell@linaro.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=2a00:1450:4864:20::32a;
 envelope-from=peter.maydell@linaro.org; helo=mail-wm1-x32a.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @linaro.org)
X-ZM-MESSAGEID: 1772727424545158500

In commit eb3f69cac62670 we removed the dependency of this mem plugin
on the QEMU headers, but in doing that we introduced undefined
behaviour when the plugin accesses unaligned memory.  This shows up
if you build with the gcc or clang undefined behaviour sanitizer
(--enable-ubsan) and run 'make check-tcg', in numerous warnings like:

../../tests/tcg/plugins/mem.c:167:27: runtime error: load of misaligned add=
ress 0x7f1f300354b1 for type 'uint16_t' (aka 'unsigned short'), which requi=
res 2 byte alignment
0x7f1f300354b1: note: pointer points here
 00 00 00  00 01 02 03 04 05 06 07  08 09 0a 0b 0c 0d 0e 0f  10 11 12 13 14=
 15 16 17  18 19 1a 1b 1c
              ^
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../tests/tcg/plu=
gins/mem.c:167:27

Fix this by rearranging the data reads and writes to use
memcpy() instead.

Fixes: eb3f69cac62670 ("tests/tcg/plugins/mem.c: remove dependency on qemu =
headers")
Tested-by: Alex Benn=C3=A9e <alex.bennee@linaro.org>
Reviewed-by: Alex Benn=C3=A9e <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
---
 tests/tcg/plugins/mem.c | 71 +++++++++++++++++------------------------
 1 file changed, 30 insertions(+), 41 deletions(-)

diff --git a/tests/tcg/plugins/mem.c b/tests/tcg/plugins/mem.c
index 7d64e7018f..f3992abc8f 100644
--- a/tests/tcg/plugins/mem.c
+++ b/tests/tcg/plugins/mem.c
@@ -123,6 +123,9 @@ static void update_region_info(uint64_t region, uint64_=
t offset,
     bool is_store =3D qemu_plugin_mem_is_store(meminfo);
     RegionInfo *ri;
     bool unseen_data =3D false;
+    void *val_ptr;
+    unsigned int val_size;
+    qemu_plugin_mem_value swapped_value;
=20
     g_assert(offset + size <=3D region_size);
=20
@@ -144,61 +147,46 @@ static void update_region_info(uint64_t region, uint6=
4_t offset,
     }
=20
     void *ri_data =3D &ri->data[offset];
+
+    swapped_value.type =3D value.type;
     switch (value.type) {
     case QEMU_PLUGIN_MEM_VALUE_U8:
-    {
-        uint8_t val =3D value.data.u8;
-        uint8_t *p =3D ri_data;
-        if (is_store) {
-            *p =3D val;
-        } else {
-            unseen_data =3D *p !=3D val;
-        }
+        swapped_value.data.u8 =3D value.data.u8;
+        val_ptr =3D &swapped_value.data.u8;
+        val_size =3D 1;
         break;
-    }
     case QEMU_PLUGIN_MEM_VALUE_U16:
-    {
-        uint16_t val =3D be ? GUINT16_FROM_BE(value.data.u16) :
-                            GUINT16_FROM_LE(value.data.u16);
-        uint16_t *p =3D ri_data;
-        if (is_store) {
-            *p =3D val;
-        } else {
-            unseen_data =3D *p !=3D val;
-        }
+        swapped_value.data.u16 =3D be ? GUINT16_FROM_BE(value.data.u16) :
+            GUINT16_FROM_LE(value.data.u16);
+        val_ptr =3D &swapped_value.data.u16;
+        val_size =3D 2;
         break;
-    }
     case QEMU_PLUGIN_MEM_VALUE_U32:
-    {
-        uint32_t val =3D be ? GUINT32_FROM_BE(value.data.u32) :
-                            GUINT32_FROM_LE(value.data.u32);
-        uint32_t *p =3D ri_data;
-        if (is_store) {
-            *p =3D val;
-        } else {
-            unseen_data =3D *p !=3D val;
-        }
+        swapped_value.data.u32 =3D be ? GUINT32_FROM_BE(value.data.u32) :
+            GUINT32_FROM_LE(value.data.u32);
+        val_ptr =3D &swapped_value.data.u32;
+        val_size =3D 4;
         break;
-    }
     case QEMU_PLUGIN_MEM_VALUE_U64:
-    {
-        uint64_t val =3D be ? GUINT64_FROM_BE(value.data.u64) :
-                            GUINT64_FROM_LE(value.data.u64);
-        uint64_t *p =3D ri_data;
-        if (is_store) {
-            *p =3D val;
-        } else {
-            unseen_data =3D *p !=3D val;
-        }
+        swapped_value.data.u64 =3D be ? GUINT64_FROM_BE(value.data.u64) :
+            GUINT64_FROM_LE(value.data.u64);
+        val_ptr =3D &swapped_value.data.u64;
+        val_size =3D 8;
         break;
-    }
     case QEMU_PLUGIN_MEM_VALUE_U128:
-        /* non in test so skip */
-        break;
+        /* none in test so skip */
+        goto done;
     default:
         g_assert_not_reached();
     }
=20
+    /* ri_data may not be aligned, so we use memcpy/memcmp */
+    if (is_store) {
+        memcpy(ri_data, val_ptr, val_size);
+    } else {
+        unseen_data =3D memcmp(ri_data, val_ptr, val_size) !=3D 0;
+    }
+
     /*
      * This is expected for regions initialised by QEMU (.text etc) but we
      * expect to see all data read and written to the test_data region
@@ -213,6 +201,7 @@ static void update_region_info(uint64_t region, uint64_=
t offset,
         ri->seen_all =3D false;
     }
=20
+done:
     g_mutex_unlock(&lock);
 }
=20
--=20
2.43.0


From nobody Sat Apr 11 21:30:44 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=none dis=none)  header.from=linaro.org
ARC-Seal: i=1; a=rsa-sha256; t=1772727405; cv=none;
	d=zohomail.com; s=zohoarc;
	b=hr/zA/wlb2tROJeJ3hOs5goXSmDsXRdPtOdJrPcGcx5hO41uWLkan0TYZCyHU7eLMjw+JRCedOHuypt5AfUL8b2pf2EJskgBfwOeD03Krb2q3vwx3ynSnwRsxxf9g7NVawZj5TBHbp5cidkfGBHPgrWi/KT2UiL17JpEZMpTckA=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1772727405;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=66f14nHgF3hsPxrBBUn4yi70/4pZ5+fvKw9BgRnowjE=;
	b=Nsi7BZp0UnMhfZy6NWyp+zLiL8vFwlGvfdJh2gF/WgHoCydSjMD43EiHFua6RvjL3GKMhjKXhQzMH80Q2zUGfcoWNzXekLSLveIE5NFtvl2t64i07itQ+3v9VUK93su0jkG7uoPjlovz/Pjs7YuPVzo4KcAfB/zgSOt66MCTe0w=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<peter.maydell@linaro.org> (p=none dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1772727405392766.7744029656016;
 Thu, 5 Mar 2026 08:16:45 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vyBMb-00089n-LP; Thu, 05 Mar 2026 11:15:49 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <peter.maydell@linaro.org>)
 id 1vyBMS-00088Q-Nc
 for qemu-devel@nongnu.org; Thu, 05 Mar 2026 11:15:43 -0500
Received: from mail-wm1-x32b.google.com ([2a00:1450:4864:20::32b])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <peter.maydell@linaro.org>)
 id 1vyBMP-0004Wi-Kh
 for qemu-devel@nongnu.org; Thu, 05 Mar 2026 11:15:39 -0500
Received: by mail-wm1-x32b.google.com with SMTP id
 5b1f17b1804b1-4836e3288cdso55302155e9.0
 for <qemu-devel@nongnu.org>; Thu, 05 Mar 2026 08:15:37 -0800 (PST)
Received: from lanath.. (wildly.archaic.org.uk. [81.2.115.145])
 by smtp.gmail.com with ESMTPSA id
 5b1f17b1804b1-4851fad01d2sm53466465e9.3.2026.03.05.08.15.34
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 05 Mar 2026 08:15:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1772727336; x=1773332136; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=66f14nHgF3hsPxrBBUn4yi70/4pZ5+fvKw9BgRnowjE=;
 b=yh5M28cbnQVrp/wkm1WVb4mY9i+CuZAbREB35P/j8sDWPevq2itKkCc1IV6e1hYh4/
 93U3mS1DmUWLwLNth7xc1WDTBtlPqOn9Fwxf/11yNgfjWOVBX51HA9JlsEb80Ou84fHP
 5r4/v7g5paGlGz7mw6KlPySbWN+uD3JDpzODPc5g12Mi3TQfWVvQQNG+1q5qx9LmYcCt
 TTX2PyHiTcqgYjnECF6JaOx2vHDBKRr3qiNv3lTHAdT1EAc/LZpzf1ldw7VWZEn9nurj
 bFqh+/LfudU5O12T/OClxaHIMxz6mr4qm8ArX7Y+xBIAlUrdHMqdJoLe0KZjeU+cCFtT
 44vA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1772727336; x=1773332136;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=66f14nHgF3hsPxrBBUn4yi70/4pZ5+fvKw9BgRnowjE=;
 b=flb9CQ1J+Vnd5QFHsVor1H39pPtGR6272cnqtsMNLPdLX21g+Bv0/3eUZzrx5w3nn9
 yxOmEgDo2Sw7KXa2MPkbsqPSFohgey05XZk5IVQ0hvo84HII8nzUBmjbo8T26xhsg5xb
 PKGMcbzWeqV3S8H0Zxy+MXqIuBPxw+MlV1q0rGbh2arNvJAnWGN3WN6ImFGrG6ykeShV
 eVSBbvh2tiIMnisKstV+aM/fOC2rT+tQL1RrfWCg2jML3QADrypXGQZHgQ1cXCYrvshX
 n694xO82p6DJDOu84KgI9L2xO0xbIsYUriPM+6fzllZmDOilzJEDq5yemsnFbZrdlMyH
 Vbkg==
X-Gm-Message-State: AOJu0YwT7GZ3aTVpUR87Mle5rz7dw350BU9b/4MkQdiFExmNsJvrV+q0
 2LgQsaxHLqUINhplt5kUXgkIwAWJpFYlKv0C1JPaOyX25tFCFvKUx2D358DzdSJHQ4rmOJZHc2l
 oxybH
X-Gm-Gg: ATEYQzw4F4SMI3/7rBFXgMfGGGHJJlZMRimzFqBtSZ/HWEZTrWwYMIcybSFv+PWrELu
 IvhJfWE/+qFeWx7EqxMoxfdW/XSmTQJ6yE0ATBQWvRCr0jOPpFu2LweQkT16ye4GH1H92vgKIq1
 PSENFdb4rvg+yfe07+YwCH6TYt3FPBOU/jR6k2rSOrTQuECNFGtZeCs4MlVfk3uIcHMdNd5yIwK
 5OKJAsW1XDB2lkYRrnDh5BiftrC+DsGtuaaAYfcaE3X8OE/DJO0w88PkWuTOI5EIKbY3KyRh1xD
 Xne0PrJB/V+cJ3GY+wbOe4ygkyea9z/zxX5u+2LBgp4btAWy4c5NhC70tuMEnztmIjhepzLp+bN
 w7wxoi2XsO/RYDdzLqbNK6CBSgjNNFE/frSap8yXBb4Bl9tpvgtx8+6kdran39dsExulhx7Czks
 py8lqmfYCUgLx4hlayObHQl8r0uH1/XnqGek1fU5UgLP3yjOAZVfeZxmy3skN0IRLQ9Z5cy7BHE
 rENdlsoeIBQyeIdr/RK1h3RulN6AwQ=
X-Received: by 2002:a05:600c:8189:b0:483:4b37:8620 with SMTP id
 5b1f17b1804b1-4851ee91f1emr45938655e9.10.1772727335989;
 Thu, 05 Mar 2026 08:15:35 -0800 (PST)
From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-devel@nongnu.org
Cc: =?UTF-8?q?Alex=20Benn=C3=A9e?= <alex.bennee@linaro.org>,
 Pierrick Bouvier <pierrick.bouvier@linaro.org>,
 Alexandre Iooss <erdnaxe@crans.org>,
 Mahmoud Mandour <ma.mandourr@gmail.com>
Subject: [PATCH 2/3] tests/tcg/plugins/mem: Correct hash iteration code in
 plugin_exit()
Date: Thu,  5 Mar 2026 16:15:30 +0000
Message-ID: <20260305161531.1774895-3-peter.maydell@linaro.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20260305161531.1774895-1-peter.maydell@linaro.org>
References: <20260305161531.1774895-1-peter.maydell@linaro.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=2a00:1450:4864:20::32b;
 envelope-from=peter.maydell@linaro.org; helo=mail-wm1-x32b.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @linaro.org)
X-ZM-MESSAGEID: 1772727406289158500
Content-Type: text/plain; charset="utf-8"

In plugin_exit() we call g_hash_table_get_values() to get a GList
which we look at to print some information. This code has
multiple issues:
 * it names the local variable for the GList "count", which
   shadows the "qemu_plugin_scoreboard *count". This isn't
   incorrect, but it is unnecessarily confusing
 * it doesn't free the list, and the leak sanitizer complains:

   Indirect leak of 2328 byte(s) in 97 object(s) allocated from:
    #0 0x5589b0b72293 in malloc (/home/pm215/qemu/build/x86-tgt-san/qemu-sy=
stem-i386+0x1a2f293) (BuildId: 26964cad9e3f81d35fc144d7cc88b53adf6f60c7)
    #1 0x78fd8cfa1ac9 in g_malloc (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0=
x62ac9) (BuildId: 116e142b9b52c8a4dfd403e759e71ab8f95d8bb3)
    #2 0x78fd8cf96e4a in g_list_prepend (/lib/x86_64-linux-gnu/libglib-2.0.=
so.0+0x57e4a) (BuildId: 116e142b9b52c8a4dfd403e759e71ab8f95d8bb3)
    #3 0x78fd8cf8b318 in g_hash_table_get_values (/lib/x86_64-linux-gnu/lib=
glib-2.0.so.0+0x4c318) (BuildId: 116e142b9b52c8a4dfd403e759e71ab8f95d8bb3)
    #4 0x78fd84d1a90c in plugin_exit /home/pm215/qemu/build/x86-tgt-san/../=
../tests/tcg/plugins/mem.c:87:25
 * in iterating through the list it updates "count", so by the
   time we get to the end of the loop we no longer have a pointer
   to the head of the list that we could use to free it
 * it checks for the list being NULL twice (once in an if()
   and once in the for() loop's "while" condition), which is
   redundant
 * it skips the loop if g_list_next(counts) is NULL, which means
   it will wrongly skip the loop if the list has only one entry

Rewrite the iteration code to fix these problems.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
---
I am assuming that not printing the region info when there is
exactly one region is a mistake, but perhaps it is intentional?

 tests/tcg/plugins/mem.c | 24 +++++++++++-------------
 1 file changed, 11 insertions(+), 13 deletions(-)

diff --git a/tests/tcg/plugins/mem.c b/tests/tcg/plugins/mem.c
index f3992abc8f..1ee257f855 100644
--- a/tests/tcg/plugins/mem.c
+++ b/tests/tcg/plugins/mem.c
@@ -84,24 +84,22 @@ static void plugin_exit(qemu_plugin_id_t id, void *p)
=20
=20
     if (do_region_summary) {
-        GList *counts =3D g_hash_table_get_values(regions);
+        g_autoptr(GList) regionlist =3D g_hash_table_get_values(regions);
=20
-        counts =3D g_list_sort_with_data(counts, addr_order, NULL);
+        regionlist =3D g_list_sort_with_data(regionlist, addr_order, NULL);
=20
         g_string_printf(out, "Region Base, Reads, Writes, Seen all\n");
=20
-        if (counts && g_list_next(counts)) {
-            for (/* counts */; counts; counts =3D counts->next) {
-                RegionInfo *ri =3D (RegionInfo *) counts->data;
+        for (GList *l =3D regionlist; l; l =3D g_list_next(l)) {
+            RegionInfo *ri =3D (RegionInfo *) l->data;
=20
-                g_string_append_printf(out,
-                                       "0x%016"PRIx64", "
-                                       "%"PRId64", %"PRId64", %s\n",
-                                       ri->region_address,
-                                       ri->reads,
-                                       ri->writes,
-                                       ri->seen_all ? "true" : "false");
-            }
+            g_string_append_printf(out,
+                                   "0x%016"PRIx64", "
+                                   "%"PRId64", %"PRId64", %s\n",
+                                   ri->region_address,
+                                   ri->reads,
+                                   ri->writes,
+                                   ri->seen_all ? "true" : "false");
         }
         qemu_plugin_outs(out->str);
     }
--=20
2.43.0
From nobody Sat Apr 11 21:30:44 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=none dis=none)  header.from=linaro.org
ARC-Seal: i=1; a=rsa-sha256; t=1772727405; cv=none;
	d=zohomail.com; s=zohoarc;
	b=R4ASn/B0VY0YwaHgaELDTPCrr9yZJRJtVFUMiIP+wS43OUC56MNrJovEQTsZmPsFFOW5ZdQ1b2b1mRbNvNwuouuOTTBJykuM6raUy/KOMf8tkd2PS2mSboIbcLOFCTlgfbH7nDzBR3kZsF/ULBjrMzn4KnoVxwpYyWq+EO9Lw/A=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1772727405;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=V8KBWRCcpWPZCflOJSP2HFyrcMLOOxIFcS3rL5FNkAc=;
	b=SJn7N/Nr/FF9wTScz2a7PDyxOe2L94K7ZURPrTsQ5Ir/N556qJUJJormb8/HFAzhcDnzarYcAbqanzyqrVZDExU+VEl0vBOAPZK0ZKQ5xsjAh+/iPndqG8MSmwKbrHZyFM+Abu1MdTd2SwaX91BDiwuSQs0TwkmHEnUCfN5SLjw=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<peter.maydell@linaro.org> (p=none dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1772727404991270.32447235068923;
 Thu, 5 Mar 2026 08:16:44 -0800 (PST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1vyBMY-00089D-GT; Thu, 05 Mar 2026 11:15:46 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <peter.maydell@linaro.org>)
 id 1vyBMV-00088X-NG
 for qemu-devel@nongnu.org; Thu, 05 Mar 2026 11:15:43 -0500
Received: from mail-wm1-x334.google.com ([2a00:1450:4864:20::334])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <peter.maydell@linaro.org>)
 id 1vyBMS-0004Wt-CJ
 for qemu-devel@nongnu.org; Thu, 05 Mar 2026 11:15:41 -0500
Received: by mail-wm1-x334.google.com with SMTP id
 5b1f17b1804b1-48372efa020so73420645e9.2
 for <qemu-devel@nongnu.org>; Thu, 05 Mar 2026 08:15:38 -0800 (PST)
Received: from lanath.. (wildly.archaic.org.uk. [81.2.115.145])
 by smtp.gmail.com with ESMTPSA id
 5b1f17b1804b1-4851fad01d2sm53466465e9.3.2026.03.05.08.15.36
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 05 Mar 2026 08:15:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1772727337; x=1773332137; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=V8KBWRCcpWPZCflOJSP2HFyrcMLOOxIFcS3rL5FNkAc=;
 b=E+u13mZs0X9zqlC8dCJqSKDhNSNYsBG6jhOVYNy1PRaJr3u2cVa8RypCzGYOHR9CyB
 fxoFrFAHBepe0f7Y/TwnPm+5ZLf6e4v0JhiKLj6y2JWC6AlNeKMXExEUEV8O44m0WfOV
 qU99UreYz0SJAJQiYw/hoiMKxaCMwpifGHOOWXJlN56Sj9U8+KdqG6v25bVxBOGdVEX9
 Zd9Xu6I/8MRZIDm3V7qZNXsK+R5+qrOTGrHGcZ9E9lw8FTRq4AS+WwVkCiiabEpX3gC9
 JMymb7XUNY1Akt/hwtlqcT75+d6rLxUcI1URbJmULH9ZWXcf9y52C7YcaQ6sAlIhHYD/
 XKVQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1772727337; x=1773332137;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=V8KBWRCcpWPZCflOJSP2HFyrcMLOOxIFcS3rL5FNkAc=;
 b=dRQmLvt+O0/pRFZKeoOWkkeFqrXbVEwN9CmbDARh7IVEzye8T8prm+Cz0fVUm6aj+R
 jau+PXdOM7NdrfnzCmnJNfNhWRlIhIclCnnG9uTneMdQ/iqv1A3yhL1EgtZ3d4sHgOWQ
 yWenswwzgJsdNkXlJPk34elZ98uts/SPoTLvr+iuJwiHEHA/byxydFxpE6CtN+fzikdQ
 7KXMG0iW2B5ZFqTBA2KrujflH+j0Yn1Jq2bNTLSPDv6YhhQ4yHuaon5kF9TZuepOc/JJ
 gbHuVuvRU6edk9UH2d4jHu8q5hVRg+JQACaWha2insv7rJF9pTaVMlyqLhROnvXElf/a
 K5NA==
X-Gm-Message-State: AOJu0Yx6Gdh/jgBwQaPJu2ItEtLOuQXusg8adIv608Uy79ndod4JjIHY
 TG9Bu3nXnpC/A6mkgRWmFZB1P/w4+1PtxkCzZvEW7a7uNlvIsXmgDeFC9GlJfq058RFEfLRDTZy
 IFmhr
X-Gm-Gg: ATEYQzwDNXiel1XTdIiqx9X279IfWdmXFNEAk0FU1PmIejA9Ahi/xwSrTSFAs1GUtFY
 73uHJeUMggN9tq12eTPyocAZCLUTp5C36f7aLvUjvmsYWImFgBPBq8LeN7QqtYNe/3NqjSH+GRQ
 NFl7czk4BQpriLs44NOBNTghTywCk2AxpVSrOLgJ4v861s+gnrUoCtF+n9Tnyj06LtfeuwqafxZ
 A5rTPEq68Zy3ihNA1Jpt2RLdg1zXfVJmSmxtjYzIOGCeotJCFuEaaWcSjp7M0Y2T5Zh7dsfKVV6
 VVVq+4OEs01RolOC0qAJL8CL1ONLBSpVQ1Un04SMr6kc5ic7GODmDeLv7xFOXXjQ8JyXkc+swlI
 T+06xlIiqUw6aIjQSi/raJJ+kIVWtFlwHQgchNLnmj4D2UDnGTxuWv28k94affoaWpJ9ZlvtO15
 jagd89zhXncoM/SJUGrdJ/H+EsDp7bb8W5fZluRz5ecyrJX2FunmF6nHqtUf9+MNem5+7R0/qTk
 XlyV0v/Yan9BWosOHtBlLW0SNK9kV8=
X-Received: by 2002:a05:600c:5252:b0:477:63a4:88fe with SMTP id
 5b1f17b1804b1-48519837bc8mr118919095e9.2.1772727337255;
 Thu, 05 Mar 2026 08:15:37 -0800 (PST)
From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-devel@nongnu.org
Cc: =?UTF-8?q?Alex=20Benn=C3=A9e?= <alex.bennee@linaro.org>,
 Pierrick Bouvier <pierrick.bouvier@linaro.org>,
 Alexandre Iooss <erdnaxe@crans.org>,
 Mahmoud Mandour <ma.mandourr@gmail.com>
Subject: [PATCH 3/3] tests/tcg/plugins/patch: Free read_data in patch_hwaddr()
Date: Thu,  5 Mar 2026 16:15:31 +0000
Message-ID: <20260305161531.1774895-4-peter.maydell@linaro.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20260305161531.1774895-1-peter.maydell@linaro.org>
References: <20260305161531.1774895-1-peter.maydell@linaro.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=2a00:1450:4864:20::334;
 envelope-from=peter.maydell@linaro.org; helo=mail-wm1-x334.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @linaro.org)
X-ZM-MESSAGEID: 1772727406369154100
Content-Type: text/plain; charset="utf-8"

In patch_hwaddr() we allocate a GByteArray for the data we read back
from the guest; however we forget to free it, and the leak sanitizer
complains:

Direct leak of 40 byte(s) in 1 object(s) allocated from:
    #0 0x56c00ad48293 in malloc (/home/pm215/qemu/build/x86-tgt-san/qemu-sy=
stem-x86_64+0x1a9f293) (BuildId: 62e2a7dbe5ff146b2fa14d26e24e443f1967edd9)
    #1 0x7b3e4cc91ac9 in g_malloc (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0=
x62ac9) (BuildId: 116e142b9b52c8a4dfd403e759e71ab8f95d8bb3)
    #2 0x7b3e4cc54c12 in g_array_sized_new (/lib/x86_64-linux-gnu/libglib-2=
.0.so.0+0x25c12) (BuildId: 116e142b9b52c8a4dfd403e759e71ab8f95d8bb3)
    #3 0x7b3e44b06b49 in patch_hwaddr /home/pm215/qemu/build/x86-tgt-san/..=
/../tests/tcg/plugins/patch.c:68:29

Indirect leak of 16 byte(s) in 1 object(s) allocated from:
    #0 0x56c00ad486b0 in realloc (/home/pm215/qemu/build/x86-tgt-san/qemu-s=
ystem-x86_64+0x1a9f6b0) (BuildId: 62e2a7dbe5ff146b2fa14d26e24e443f1967edd9)
    #1 0x7b3e4cc92819 in g_realloc (/lib/x86_64-linux-gnu/libglib-2.0.so.0+=
0x63819) (BuildId: 116e142b9b52c8a4dfd403e759e71ab8f95d8bb3)
    #2 0x7b3e4cc54b36  (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x25b36) (Bu=
ildId: 116e142b9b52c8a4dfd403e759e71ab8f95d8bb3)
    #3 0x7b3e4cc55276 in g_array_set_size (/lib/x86_64-linux-gnu/libglib-2.=
0.so.0+0x26276) (BuildId: 116e142b9b52c8a4dfd403e759e71ab8f95d8bb3)
    #4 0x7b3e4cc55574 in g_byte_array_set_size (/lib/x86_64-linux-gnu/libgl=
ib-2.0.so.0+0x26574) (BuildId: 116e142b9b52c8a4dfd403e759e71ab8f95d8bb3)
    #5 0x56c00be2ccc1 in qemu_plugin_read_memory_hwaddr /home/pm215/qemu/bu=
ild/x86-tgt-san/../../plugins/api.c:524:5

Mark the variable as g_autoptr(), as we already do in the equivalent
code in patch_vaddr().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
---
 tests/tcg/plugins/patch.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/tcg/plugins/patch.c b/tests/tcg/plugins/patch.c
index 111c5c1f16..eba2f8b8d6 100644
--- a/tests/tcg/plugins/patch.c
+++ b/tests/tcg/plugins/patch.c
@@ -65,7 +65,7 @@ static void patch_hwaddr(unsigned int vcpu_index, void *u=
serdata)
         return;
     }
=20
-    GByteArray *read_data =3D g_byte_array_new();
+    g_autoptr(GByteArray) read_data =3D g_byte_array_new();
=20
     result =3D qemu_plugin_read_memory_hwaddr(addr, read_data,
                                             patch_data->len);
--=20
2.43.0